From 508c30c5d07b402f3ccb2544e94fab7793bac0d3 Mon Sep 17 00:00:00 2001
From: "theis.gaedigk" <theis.gaedigk@icloud.com>
Date: Tue, 19 Aug 2025 19:33:16 +0200
Subject: [PATCH] Added backend external API to change the inSafe state in the
 database

---
 backend/routes/apiV2.js      | 28 +++++++++++++++++++++++++---
 backend/services/database.js | 11 +++++++++++
 2 files changed, 36 insertions(+), 3 deletions(-)

diff --git a/backend/routes/apiV2.js b/backend/routes/apiV2.js
index 492ff6e..8a707ca 100644
--- a/backend/routes/apiV2.js
+++ b/backend/routes/apiV2.js
@@ -1,12 +1,15 @@
 import express from "express";
 import dotenv from "dotenv";
-import { getItemsFromDatabaseV2 } from "../services/database.js";
+import {
+  getItemsFromDatabaseV2,
+  changeInSafeStateV2,
+} from "../services/database.js";
 
 dotenv.config();
 const router = express.Router();
 
-router.get("/items/:id", async (req, res) => {
-  if (req.params.id === process.env.ADMIN_ID) {
+router.get("/items/:key", async (req, res) => {
+  if (req.params.key === process.env.ADMIN_ID) {
     const result = await getItemsFromDatabaseV2();
     if (result.success) {
       res.status(200).json(result.data);
@@ -18,4 +21,23 @@ router.get("/items/:id", async (req, res) => {
   }
 });
 
+router.post("/controlInSafe/:key/:itemId/:state", async (req, res) => {
+  if (req.params.key === process.env.ADMIN_ID) {
+    const itemId = req.params.itemId;
+    const state = req.params.state;
+    if (state === "1" || state === "0") {
+      const result = await changeInSafeStateV2(itemId, state);
+      if (result.success) {
+        res.status(200).json({ message: "Item state updated successfully" });
+      } else {
+        res.status(500).json({ message: "Failed to update item state" });
+      }
+    } else {
+      res.status(400).json({ message: "Invalid state value" });
+    }
+  } else {
+    res.status(403).json({ message: "Access denied" });
+  }
+});
+
 export default router;
diff --git a/backend/services/database.js b/backend/services/database.js
index f4e6fcd..2342985 100644
--- a/backend/services/database.js
+++ b/backend/services/database.js
@@ -28,6 +28,17 @@ export const getItemsFromDatabaseV2 = async () => {
   return { success: false };
 };
 
+export const changeInSafeStateV2 = async (itemId, state) => {
+  const [result] = await pool.query(
+    "UPDATE items SET inSafe = ? WHERE id = ?",
+    [state, itemId]
+  );
+  if (result.affectedRows > 0) {
+    return { success: true };
+  }
+  return { success: false };
+};
+
 export const getItemsFromDatabase = async (role) => {
   const sql =
     role == 0