Files
breadcrumb-the-shire/pages/admin/users/bulk($action).php
fs 25370a1a55 add composer-unused, comprehensive docs, and project restructure
- Add icanhazstring/composer-unused as dev dependency for dependency hygiene checks
- Add German documentation (docs/) covering architecture, conventions, workflows, and developer checklists
- Add API layer (ApiAuth, ApiBootstrap, ApiResponse), audit, scheduler, custom fields, and SSO services
- Add Microsoft OIDC SSO, API token management, and user lifecycle features
- Add swagger-ui vendor integration and OpenAPI spec
- Add production Docker setup and bin/ scripts
- Update composer dependencies, config, templates, and frontend assets throughout

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-02-22 15:27:35 +01:00

113 lines
3.5 KiB
PHP

<?php
use MintyPHP\Support\Guard;
use MintyPHP\Router;
use MintyPHP\Service\Access\PermissionService;
use MintyPHP\Service\User\UserService;
use MintyPHP\Service\User\UserAccessTemplateService;
use MintyPHP\Service\Mail\MailService;
Guard::requireLogin();
$action = strtolower(trim((string) ($action ?? '')));
$handlers = [
'activate' => 'handleActivate',
'deactivate' => 'handleDeactivate',
'delete' => 'handleDelete',
'send-access' => 'handleSendAccess',
];
if (!isset($handlers[$action])) {
Router::json(['ok' => false, 'error' => 'invalid_action']);
}
if ($action === 'delete') {
Guard::requirePermissionOrForbidden(PermissionService::USERS_DELETE);
}
if ($action === 'send-access') {
Guard::requirePermissionOrForbidden(PermissionService::USERS_UPDATE);
}
$raw = $_POST['uuids'] ?? '';
$uuids = [];
if (is_array($raw)) {
$uuids = $raw;
} elseif (is_string($raw)) {
$uuids = array_filter(array_map('trim', explode(',', $raw)));
}
$uuids = array_values(array_unique(array_filter($uuids)));
if (!$uuids) {
Router::json(['ok' => false, 'error' => 'no_selection']);
}
$currentUserId = (int) ($_SESSION['user']['id'] ?? 0);
call_user_func($handlers[$action], $uuids, $currentUserId);
function handleActivate(array $uuids, int $currentUserId): void
{
$result = UserService::setActiveByUuids($uuids, true, $currentUserId);
if (!($result['ok'] ?? false)) {
Router::json(['ok' => false, 'error' => 'update_failed']);
}
Router::json(['ok' => true, 'count' => (int) ($result['count'] ?? 0)]);
}
function handleDeactivate(array $uuids, int $currentUserId): void
{
if ($currentUserId > 0) {
$currentUser = UserService::findById($currentUserId);
$currentUuid = $currentUser['uuid'] ?? '';
if ($currentUuid !== '') {
$uuids = array_values(array_filter($uuids, static fn ($uuid) => $uuid !== $currentUuid));
}
if (!$uuids) {
Router::json(['ok' => false, 'error' => 'self_deactivate']);
}
}
$result = UserService::setActiveByUuids($uuids, false, $currentUserId);
if (!($result['ok'] ?? false)) {
Router::json(['ok' => false, 'error' => 'update_failed']);
}
Router::json(['ok' => true, 'count' => (int) ($result['count'] ?? 0)]);
}
function handleDelete(array $uuids, int $currentUserId): void
{
$result = UserService::deleteByUuids($uuids, $currentUserId);
if (!($result['ok'] ?? false)) {
Router::json(['ok' => false, 'error' => $result['error'] ?? 'delete_failed']);
}
Router::json(['ok' => true, 'count' => (int) ($result['count'] ?? 0)]);
}
function handleSendAccess(array $uuids, int $currentUserId): void
{
$successCount = 0;
$failedCount = 0;
foreach ($uuids as $uuid) {
$user = UserService::findByUuid($uuid);
if (!$user || empty($user['email'])) {
$failedCount++;
continue;
}
$context = UserAccessTemplateService::buildContext($user);
$locale = (string) ($context['locale'] ?? '');
$subject = (string) ($context['subject'] ?? t('Your access details'));
$vars = is_array($context['vars'] ?? null) ? $context['vars'] : [];
$result = MailService::sendTemplate('access_info', $vars, (string) $user['email'], $subject, $locale);
if ($result['ok'] ?? false) {
$successCount++;
} else {
$failedCount++;
}
}
Router::json([
'ok' => $successCount > 0,
'count' => $successCount,
'failed' => $failedCount,
]);
}