$feed[] = $message;
}
$app->response->setStatus(200);
echo json_encode($feed);
} else {
$app->response->setStatus(401);
}
});
$app->get('/bulletin/:cid', function ($cid) use($app) {
//super admins can get everything
//members can get everything.
$is_super = is_super_admin();
$all_roles = get_company_membership();
$is_member = in_array($cid, $all_roles);
if ($is_super || $is_member) {
$bulletins = \Bulletin::orderBy('timestamp_queued', 'DESC')->where('company_id', '=', $cid)->get();
$app->response->setStatus(200);
echo $bulletins->toJson();
} else {
$app->response->setStatus(401);
}
});
$app->post('/bulletin', function () use($app) {
//admins and super admins can post bulletins
$posty = $app->request->post();
$is_admin = in_array($posty['company_id'], $app->jwt->role_admin);
$is_super = is_super_admin();
if ($is_super || $is_admin) {
$bulletin = new \Bulletin();
$bulletin->company_id = $posty['company_id'];
$bulletin->from_user_id = $posty['sender_uid'];
