Garoshi/Streamer-app
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
9dd1f919949f21a8ba74e190961df10ffe650d49
Streamer-app/api/moderators.php
Vlastislav Svatek 153c83f7fa first commit
2026-04-26 02:23:11 +02:00

107 lines
3.8 KiB
PHP
Raw Blame History

<?php
// ============================================================
// api/moderators.php
//
// GET /api/moderators — list moderators (admin)
// GET /api/moderators?users=1 — list all OAuth users (admin)
// POST /api/moderators — add mod by username (admin)
// DELETE /api/moderators?id=N — revoke mod (admin)
// POST /api/moderators?ban=1 — ban user (admin)
// DELETE /api/moderators?unban=N — unban user (admin)
// ============================================================
require_once __DIR__ . '/db.php';
cors();
require_admin();
$method = $_SERVER['REQUEST_METHOD'];
// ------------------------------------------------------------------
// GET
// ------------------------------------------------------------------
if ($method === 'GET') {
if (isset($_GET['users'])) {
// All OAuth users with their role
$rows = db()->query("
SELECT u.id, u.provider, u.login, u.display_name, u.avatar,
u.created_at, u.last_seen, u.banned,
CASE WHEN m.id IS NOT NULL THEN true ELSE false END AS is_mod
FROM users u
LEFT JOIN moderators m ON m.user_id = u.id
ORDER BY u.last_seen DESC
LIMIT 200
")->fetchAll();
json_out($rows);
}
// Moderators list
$rows = db()->query("
SELECT m.id AS mod_id, m.created_at, m.granted_by,
u.id, u.provider, u.login, u.display_name, u.avatar
FROM moderators m
JOIN users u ON u.id = m.user_id
ORDER BY m.created_at DESC
")->fetchAll();
json_out($rows);
}
// ------------------------------------------------------------------
// POST — add mod or ban
// ------------------------------------------------------------------
if ($method === 'POST') {
// Ban user
if (isset($_GET['ban'])) {
$body = body();
$user_id = (int)($body['user_id'] ?? 0);
if (!$user_id) json_error('Missing user_id');
db()->prepare("UPDATE users SET banned=true WHERE id=:id")->execute([':id' => $user_id]);
// Also remove mod if banned
db()->prepare("DELETE FROM moderators WHERE user_id=:id")->execute([':id' => $user_id]);
json_out(['ok' => true]);
}
// Add moderator by username
$body = body();
$login = strtolower(trim($body['login'] ?? ''));
$provider = in_array($body['provider'] ?? '', ['twitch','kick']) ? $body['provider'] : 'twitch';
if (empty($login)) json_error('Missing login');
$stmt = db()->prepare("SELECT id, display_name FROM users WHERE LOWER(login)=:l AND provider=:p AND (banned IS NULL OR banned=false)");
$stmt->execute([':l' => $login, ':p' => $provider]);
$user = $stmt->fetch();
if (!$user) {
json_error("Uživatel '$login' na $provider se zatím nepřihlásil nebo je zabanován.", 404);
}
db()->prepare("INSERT INTO moderators (user_id, granted_by) VALUES (:uid,'admin') ON CONFLICT (user_id) DO NOTHING")
->execute([':uid' => $user['id']]);
json_out(['ok' => true, 'display_name' => $user['display_name']]);
}
// ------------------------------------------------------------------
// DELETE — revoke mod or unban
// ------------------------------------------------------------------
if ($method === 'DELETE') {
// Unban
if (isset($_GET['unban'])) {
$user_id = (int)($_GET['unban'] ?? 0);
if (!$user_id) json_error('Missing user_id');
db()->prepare("UPDATE users SET banned=false WHERE id=:id")->execute([':id' => $user_id]);
json_out(['ok' => true]);
}
// Remove mod
$id = (int)($_GET['id'] ?? 0);
if (!$id) json_error('Missing id');
db()->prepare("DELETE FROM moderators WHERE id=:id")->execute([':id' => $id]);
json_out(['ok' => true]);
}
json_error('Method not allowed', 405);
Reference in New Issue View Git Blame Copy Permalink