103 lines
3.9 KiB
PHP
103 lines
3.9 KiB
PHP
<?php
|
|
// Admin/v2/quality/blacklist_manager.php
|
|
require_once __DIR__ . '/../../../connect.php';
|
|
// require_once __DIR__ . '/../../../encrypt_decrypt.php';
|
|
require_once __DIR__ . '/../security/audit_logs_helper.php'; // إذا كان متاحاً، وإلا سننفذ الإدخال مباشرة
|
|
|
|
if ($role !== 'admin' && $role !== 'super_admin') {
|
|
jsonError("Unauthorized", 403);
|
|
}
|
|
|
|
$action_type = filterRequest('action_type') ?: 'get_all';
|
|
|
|
try {
|
|
if ($action_type === 'get_all') {
|
|
// جلب قائمة السائقين المحظورين
|
|
$stmt_drivers = $con->prepare("
|
|
SELECT id, driver_id, phone, reason, created_at, 'driver' as type
|
|
FROM blacklist_driver
|
|
ORDER BY created_at DESC
|
|
");
|
|
$stmt_drivers->execute();
|
|
$blocked_drivers = $stmt_drivers->fetchAll(PDO::FETCH_ASSOC);
|
|
|
|
// جلب قائمة الركاب المحظورين
|
|
$stmt_passengers = $con->prepare("
|
|
SELECT id, phone, phone_normalized, reason, expires_at, created_at, 'passenger' as type
|
|
FROM passenger_blacklist
|
|
ORDER BY created_at DESC
|
|
");
|
|
$stmt_passengers->execute();
|
|
$blocked_passengers = $stmt_passengers->fetchAll(PDO::FETCH_ASSOC);
|
|
|
|
// فك التشفير عن الأرقام إذا كانت مشفرة
|
|
foreach ($blocked_drivers as &$bd) {
|
|
$decrypted_phone = $encryptionHelper->decryptData($bd['phone']);
|
|
if ($decrypted_phone) $bd['phone'] = $decrypted_phone;
|
|
}
|
|
|
|
foreach ($blocked_passengers as &$bp) {
|
|
$decrypted_phone = $encryptionHelper->decryptData($bp['phone']);
|
|
if ($decrypted_phone) $bp['phone'] = $decrypted_phone;
|
|
}
|
|
|
|
jsonSuccess([
|
|
'drivers' => $blocked_drivers,
|
|
'passengers' => $blocked_passengers
|
|
]);
|
|
exit;
|
|
}
|
|
|
|
if ($action_type === 'unblock_driver') {
|
|
$phone = filterRequest('phone');
|
|
if (!$phone) jsonError("Phone is required");
|
|
|
|
$enc_phone = $encryptionHelper->encryptData($phone);
|
|
|
|
$stmt = $con->prepare("DELETE FROM blacklist_driver WHERE phone = ? OR phone = ?");
|
|
$stmt->execute([$phone, $enc_phone]);
|
|
|
|
if ($stmt->rowCount() > 0) {
|
|
// تسجيل في الـ Audit Log
|
|
$log_stmt = $con->prepare("INSERT INTO admin_audit_log (admin_id, admin_phone, action, table_name, entity_type, details) VALUES (?, ?, ?, ?, ?, ?)");
|
|
$log_stmt->execute([
|
|
$user_id, 'Admin', 'unblock_driver', 'blacklist_driver', 'driver',
|
|
json_encode(['phone' => $phone, 'action' => 'Unblocked driver'])
|
|
]);
|
|
|
|
jsonSuccess(null, "Driver unblocked successfully");
|
|
} else {
|
|
jsonError("Driver not found in blacklist");
|
|
}
|
|
exit;
|
|
}
|
|
|
|
if ($action_type === 'unblock_passenger') {
|
|
$phone_normalized = filterRequest('phone_normalized');
|
|
if (!$phone_normalized) jsonError("Normalized Phone is required");
|
|
|
|
$stmt = $con->prepare("DELETE FROM passenger_blacklist WHERE phone_normalized = ?");
|
|
$stmt->execute([$phone_normalized]);
|
|
|
|
if ($stmt->rowCount() > 0) {
|
|
// تسجيل في الـ Audit Log
|
|
$log_stmt = $con->prepare("INSERT INTO admin_audit_log (admin_id, admin_phone, action, table_name, entity_type, details) VALUES (?, ?, ?, ?, ?, ?)");
|
|
$log_stmt->execute([
|
|
$user_id, 'Admin', 'unblock_passenger', 'passenger_blacklist', 'passenger',
|
|
json_encode(['phone_normalized' => $phone_normalized, 'action' => 'Unblocked passenger'])
|
|
]);
|
|
|
|
jsonSuccess(null, "Passenger unblocked successfully");
|
|
} else {
|
|
jsonError("Passenger not found in blacklist");
|
|
}
|
|
exit;
|
|
}
|
|
|
|
jsonError("Invalid action_type", 400);
|
|
|
|
} catch (Exception $e) {
|
|
jsonError("Blacklist action failed: " . $e->getMessage(), 500);
|
|
}
|
|
?>
|