public static function updateAgent($agentID, $data)
{
global $db;
// check if exists
if (Agents::getAgent($agentID)) {
unset($data['username']);
if (!Agents::isAdmin()) {
unset($data['isAdmin']);
}
return $db->update('agents', $data, ['id' => $agentID]);
}
return -1;
}
$response->header('Content-Type', 'application/json');
if (isset($_SERVER['HTTP_ACCESS_CONTROL_REQUEST_HEADERS'])) {
$response->header('Access-Control-Allow-Headers', $_SERVER['HTTP_ACCESS_CONTROL_REQUEST_HEADERS']);
}
});
// Lock not logged in users from accessing the private api.
$klein->respond(['POST', 'GET', 'OPTIONS'], "{$privateControllersBase}/[*]", function ($request, $response, $service) use($klein) {
if (User::isLoggedIn() !== true) {
$response->json('You are not allowed to access this page.');
$klein->skipRemaining();
// Skip remaining routing matches.
}
});
// Lock not admins users from accessing the admin api.
$klein->respond(['POST', 'GET', 'OPTIONS'], "{$adminControllersBase}/[*]", function ($request, $response, $service) use($klein) {
if (Agents::isAdmin() !== true) {
$response->json('You are not allowed to access this page.');
$klein->skipRemaining();
// Skip remaining routing matches.
}
});
$klein->respond(['POST', 'GET', 'OPTIONS'], "{$publicControllersBase}/[*]", function ($request, $response, $service) use($klein) {
});
$publicControllers = ['users'];
$privateControllers = ['agents', 'assets-invest', 'assets-rent', 'contacts', 'control-panel', 'demands', 'investors', 'lids-for-review', 'logs', 'matching', 'notifications', 'rent-demands', 'rent-areas', 'rent-processes', 'tracked-assets', 'notes', 'conversations', 'investment-profiles', 'regions', 'files'];
$adminControllers = ['agents', 'control-panel'];
foreach ($publicControllers as $controller) {
$klein->with("{$publicControllersBase}/{$controller}", "controllers/public/{$controller}.php");
}
foreach ($privateControllers as $controller) {
$klein->with("{$privateControllersBase}/{$controller}", "controllers/private/{$controller}.php");
$data = json_decode($request->body(), true);
// Access only for Current Agent
if (!Agents::isAdmin() && !Agents::isCurrentAgent($id)) {
$response->json(Result::error('Access is denied'));
} else {
$result = Agents::updateAgent($id, $data);
if ($result > 0) {
$response->json(Result::success('Agent Updated.'));
} elseif ($result === 0) {
$response->json(Result::success('Agent not Updated.'));
} else {
$response->json(Result::error('Agent not found'));
}
}
});
$this->respond(['GET', 'POST'], '/edit/password/[:id]', function ($request, $response, $service) {
$id = $request->param('id');
$oldPassword = $request->param('oldPassword', '');
$newPassword = $request->param('newPassword', '');
// Access only for Current Agent
if (!Agents::isAdmin() && !Agents::isCurrentAgent($id)) {
$response->json(Result::error('Access is denied'));
} else {
$result = User::editPassword($oldPassword, $newPassword, $newPassword);
if ($result === true) {
$response->json(Result::success('edited password successfully'));
} else {
$response->json(Result::error($result));
}
}
});
