$feed[] = $message; } $app->response->setStatus(200); echo json_encode($feed); } else { $app->response->setStatus(401); } }); $app->get('/bulletin/:cid', function ($cid) use($app) { //super admins can get everything //members can get everything. $is_super = is_super_admin(); $all_roles = get_company_membership(); $is_member = in_array($cid, $all_roles); if ($is_super || $is_member) { $bulletins = \Bulletin::orderBy('timestamp_queued', 'DESC')->where('company_id', '=', $cid)->get(); $app->response->setStatus(200); echo $bulletins->toJson(); } else { $app->response->setStatus(401); } }); $app->post('/bulletin', function () use($app) { //admins and super admins can post bulletins $posty = $app->request->post(); $is_admin = in_array($posty['company_id'], $app->jwt->role_admin); $is_super = is_super_admin(); if ($is_super || $is_admin) { $bulletin = new \Bulletin(); $bulletin->company_id = $posty['company_id']; $bulletin->from_user_id = $posty['sender_uid'];