// HTTP 204 No Content
} else {
$error->send(500, 'internal_error', 'Access grant failed', 'The API cannot deny access to this user. The exact error is unknown.');
}
});
// Add a pass to a user
$app->post('/users/:uid/pass', function ($uid) use($app, $ldap, $database, $error) {
// Check the scanned pass, returning errors when not acceptable
$scan = $database->validatePassAttempt();
if ($scan === Database::ERROR_ENTRIES_TOO_OLD) {
$error->send(403, $scan, 'Pass scan has expired', 'The last pass was scanned more than 10 minutes ago.');
} elseif ($scan === Database::ERROR_PASS_MISMATCH) {
$error->send(403, $scan, 'Last two passes are not identical', 'The last two passes that were scanned are not the same pass.');
}
// Store pass on user
$pass = $ldap->addPass($uid, $database->getLastRefusedPass());
// Send answer based on result
if ($pass === LDAP::ERROR_USER_NOT_FOUND) {
$error->send(404, $pass, 'The user cannot be found', 'This user does not exist or has been removed.');
} elseif ($pass === LDAP::ERROR_DOUBLE_PASS) {
$error->send(409, $pass, 'The user already has a pass', 'This user already has a pass set. A second one cannot be added.');
} elseif ($pass === LDAP::ERROR_PASS_EXISTS) {
$error->send(409, $pass, 'This pass is in use', 'Another user has registered this pass. It cannot be added again.');
} else {
// Return the new entry of the user
$app->response->setStatus(200);
echo json_encode($ldap->getUser($uid));
}
});
// Remove the pass of a user
$app->delete('/users/:uid/pass', function ($uid) use($app, $ldap, $error) {
