false, 'ERROR' => 'no_business_selected']); } $data = readJsonBody(); $beaconID = (int) ($data['BeaconID'] ?? 0); $servicePointID = (int) ($data['ServicePointID'] ?? 0); if ($beaconID <= 0) apiAbort(['OK' => false, 'ERROR' => 'missing_BeaconID']); if ($servicePointID <= 0) apiAbort(['OK' => false, 'ERROR' => 'missing_ServicePointID']); // Get business (check for parent) $qBiz = queryOne("SELECT ID, ParentBusinessID FROM Businesses WHERE ID = ? LIMIT 1", [$businessId]); // Validate beacon access $sql = " SELECT b.ID FROM Beacons b WHERE b.ID = ? AND (b.BusinessID = ? "; $params = [$beaconID, $businessId]; $parentBizId = (int) ($qBiz['ParentBusinessID'] ?? 0); if ($parentBizId > 0) { $sql .= " OR b.BusinessID = ?"; $params[] = $parentBizId; } $sql .= " OR EXISTS (SELECT 1 FROM lt_BeaconsID_BusinessesID lt WHERE lt.BeaconID = b.ID AND lt.BusinessID = ?)) LIMIT 1"; $params[] = $businessId; $qB = queryOne($sql, $params); if (!$qB) { apiAbort(['OK' => false, 'ERROR' => 'beacon_not_allowed']); } // Validate service point $qS = queryOne("SELECT ID FROM ServicePoints WHERE ID = ? AND BusinessID = ? LIMIT 1", [$servicePointID, $businessId]); if (!$qS) { apiAbort(['OK' => false, 'ERROR' => 'servicepoint_not_found_for_business']); } // Check duplicate $qDup = queryOne("SELECT ID FROM ServicePoints WHERE ID = ? AND BeaconID = ? LIMIT 1", [$servicePointID, $beaconID]); if ($qDup) { apiAbort(['OK' => false, 'ERROR' => 'assignment_already_exists']); } queryTimed("UPDATE ServicePoints SET BeaconID = ?, AssignedByUserID = 1 WHERE ID = ? AND BusinessID = ?", [$beaconID, $servicePointID, $businessId]); jsonResponse([ 'OK' => true, 'ACTION' => 'assigned', 'ServicePointID' => $servicePointID, 'BeaconID' => $beaconID, 'BusinessID' => (string) $businessId, ]);