public function __invoke(array $input)
{
if (!$this->auth->authorizeEndpoint('ListEmployees')) {
return $this->auth->errorPayload;
}
$employees = User::where(['role' => 'employee'])->get(['id', 'name', 'role', 'email', 'phone', 'created_at', 'updated_at']);
return (new Payload())->withStatus(Payload::OK)->withOutput($employees->toArray());
}
public function authorizeEndpoint($required_permission)
{
if (isset($_SERVER['PHP_AUTH_USER']) || isset($_SERVER['PHP_AUTH_PW'])) {
$email = $_SERVER['PHP_AUTH_USER'];
$provided_password = $_SERVER['PHP_AUTH_PW'];
$this->User = User::where('email', $email)->first();
if (!$this->User) {
$this->errorPayload = self::invalidCredentialsResponse();
return false;
}
if (!$this->User->correctPassword($provided_password)) {
$this->errorPayload = self::invalidCredentialsResponse();
return false;
}
if ($required_permission && !$this->hasPermission($required_permission)) {
$this->errorPayload = self::unauthorizedEndpointResponse();
return false;
}
} else {
$this->errorPayload = self::credentialsRequiredResponse();
return false;
}
return true;
}