24 lines
565 B
PHP
24 lines
565 B
PHP
<?php
|
|
/**
|
|
* Users List Endpoint
|
|
*/
|
|
|
|
use App\Core\Database;
|
|
use App\Middleware\AuthMiddleware;
|
|
|
|
// 1. Auth Check
|
|
$decoded = AuthMiddleware::check();
|
|
|
|
// 2. Simple Role-Based Access Control (RBAC)
|
|
if ($decoded['role'] !== 'super_admin' && $decoded['role'] !== 'admin') {
|
|
json_error('غير مصرح لك بالوصول لهذه البيانات', 403);
|
|
}
|
|
|
|
// 3. Fetch Data
|
|
$db = Database::getInstance();
|
|
$stmt = $db->prepare("SELECT id, name, email, role, is_active, created_at FROM users");
|
|
$stmt->execute();
|
|
$users = $stmt->fetchAll();
|
|
|
|
json_success($users);
|