48 lines
1.1 KiB
PHP
48 lines
1.1 KiB
PHP
<?php
|
|
/**
|
|
* POST /api/hub/vcgateway/invites/revoke.php
|
|
*
|
|
* Revoke an invite link. All visitor sessions using this link become invalid.
|
|
* Requires agent auth (X-Agent-Address header).
|
|
*
|
|
* Body:
|
|
* ID int required The invite link ID to revoke
|
|
*
|
|
* Response:
|
|
* OK
|
|
*/
|
|
|
|
require_once __DIR__ . '/../helpers.php';
|
|
|
|
if ($_SERVER['REQUEST_METHOD'] !== 'POST') {
|
|
jsonResponse(['OK' => false, 'ERROR' => 'method_not_allowed'], 405);
|
|
}
|
|
|
|
$agentAddress = requireAgentAuth();
|
|
$body = readJsonBody();
|
|
|
|
$id = (int)($body['ID'] ?? 0);
|
|
if ($id <= 0) {
|
|
jsonResponse(['OK' => false, 'ERROR' => 'id_required'], 400);
|
|
}
|
|
|
|
// Verify the link exists and belongs to this agent (or they created it)
|
|
$link = queryOne(
|
|
"SELECT ID, CreatedBy, IsRevoked FROM Hub_InviteLinks WHERE ID = ?",
|
|
[$id]
|
|
);
|
|
|
|
if (!$link) {
|
|
jsonResponse(['OK' => false, 'ERROR' => 'invite_not_found'], 404);
|
|
}
|
|
|
|
if ($link['IsRevoked']) {
|
|
jsonResponse(['OK' => false, 'ERROR' => 'already_revoked'], 400);
|
|
}
|
|
|
|
queryTimed(
|
|
"UPDATE Hub_InviteLinks SET IsRevoked = 1 WHERE ID = ?",
|
|
[$id]
|
|
);
|
|
|
|
jsonResponse(['OK' => true]);
|