From 9973485cb4fe684c42a72d12e30f59c9f5bff727 Mon Sep 17 00:00:00 2001
From: Jukka Lampikoski <jukka@lampikoski.com>
Date: Tue, 10 Mar 2026 11:33:21 +0200
Subject: [PATCH] Remove temp diag endpoints, improve auto-recovery for
 companies.json

- Remove temporary data_diag/data_read/data_write endpoints
- Auto-recovery now scans existing company directories if companies.json
  is empty or missing (handles git deploy wiping the file)
- Auto-creates config.json for any company dir missing it

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
---
 api.php | 85 +++++++++++++++++----------------------------------------
 1 file changed, 25 insertions(+), 60 deletions(-)

diff --git a/api.php b/api.php
index bab6911..5cf963f 100644
--- a/api.php
+++ b/api.php
@@ -138,24 +138,35 @@ function saveCompanyConfig(array $config): void {
 function runMigration(): void {
     $companiesDir = DATA_DIR . '/companies';
 
-    // Varmista companies.json olemassaolo (voi kadota git deploy:ssa)
-    if (!file_exists(COMPANIES_FILE)) {
-        // Jos cuitunet-hakemisto on olemassa, se on jo migrattu aiemmin → luo pelkkä companies.json
-        if (is_dir($companiesDir . '/cuitunet')) {
-            $companies = [[
-                'id' => 'cuitunet',
-                'nimi' => 'CuituNet',
-                'luotu' => date('Y-m-d H:i:s'),
-                'aktiivinen' => true,
-            ]];
+    // Varmista companies.json olemassaolo ja sisältö (voi kadota/tyhjentyä git deploy:ssa)
+    $companiesData = file_exists(COMPANIES_FILE) ? (json_decode(file_get_contents(COMPANIES_FILE), true) ?: []) : [];
+    if (empty($companiesData)) {
+        // Skannaa olemassaolevat yritys-hakemistot ja luo companies.json
+        $companies = [];
+        if (is_dir($companiesDir)) {
+            foreach (glob($companiesDir . '/*', GLOB_ONLYDIR) as $dir) {
+                $id = basename($dir);
+                $companies[] = [
+                    'id' => $id,
+                    'nimi' => $id === 'cuitunet' ? 'CuituNet' : ucfirst($id),
+                    'luotu' => date('Y-m-d H:i:s'),
+                    'aktiivinen' => true,
+                ];
+            }
+        }
+        if (!empty($companies)) {
             file_put_contents(COMPANIES_FILE, json_encode($companies, JSON_PRETTY_PRINT | JSON_UNESCAPED_UNICODE));
         }
     }
 
-    // Varmista yrityksen config.json (voi kadota git deploy:ssa)
-    $cuitunetConfig = $companiesDir . '/cuitunet/config.json';
-    if (is_dir($companiesDir . '/cuitunet') && !file_exists($cuitunetConfig)) {
-        file_put_contents($cuitunetConfig, json_encode(['mailboxes' => [], 'ticket_rules' => []], JSON_PRETTY_PRINT));
+    // Varmista jokaisen yrityksen config.json
+    if (is_dir($companiesDir)) {
+        foreach (glob($companiesDir . '/*', GLOB_ONLYDIR) as $dir) {
+            $configFile = $dir . '/config.json';
+            if (!file_exists($configFile)) {
+                file_put_contents($configFile, json_encode(['mailboxes' => [], 'ticket_rules' => []], JSON_PRETTY_PRINT));
+            }
+        }
     }
 
     // Tarkista onko vanha data olemassa juuressa (pre-multitenant)
@@ -970,52 +981,6 @@ switch ($action) {
         echo json_encode($config);
         break;
 
-    // ---------- TEMP: DATA DIAGNOSTICS (poista myöhemmin) ----------
-    case 'data_diag':
-        $key = $_GET['key'] ?? '';
-        if ($key !== 'temp_restore_2026') { http_response_code(403); echo json_encode(['error' => 'Invalid key']); break; }
-        $result = ['data_dir' => [],'companies_dir' => [], 'cuitunet_dir' => [], 'root_customers_exists' => false];
-        // Listaa data/ tiedostot
-        foreach (glob(DATA_DIR . '/*') as $f) $result['data_dir'][] = basename($f) . (is_dir($f) ? '/' : ' (' . filesize($f) . 'b)');
-        // Listaa data/companies/
-        foreach (glob(DATA_DIR . '/companies/*') as $f) $result['companies_dir'][] = basename($f) . (is_dir($f) ? '/' : ' (' . filesize($f) . 'b)');
-        // Listaa data/companies/cuitunet/
-        foreach (glob(DATA_DIR . '/companies/cuitunet/*') as $f) $result['cuitunet_dir'][] = basename($f) . (is_dir($f) ? '/' : ' (' . filesize($f) . 'b)');
-        $result['root_customers_exists'] = file_exists(DATA_DIR . '/customers.json');
-        $result['companies_json_exists'] = file_exists(COMPANIES_FILE);
-        // Myös backups
-        foreach (glob(DATA_DIR . '/companies/cuitunet/backups/*') as $f) $result['backups'][] = basename($f) . ' (' . filesize($f) . 'b)';
-        foreach (glob(DATA_DIR . '/backups/*') as $f) $result['root_backups'][] = basename($f) . ' (' . filesize($f) . 'b)';
-        echo json_encode($result, JSON_PRETTY_PRINT);
-        break;
-
-    case 'data_read':
-        $key = $_GET['key'] ?? '';
-        if ($key !== 'temp_restore_2026') { http_response_code(403); echo json_encode(['error' => 'Invalid key']); break; }
-        $file = $_GET['file'] ?? '';
-        // Salli vain data/ alla olevat tiedostot
-        $path = DATA_DIR . '/' . str_replace('..', '', $file);
-        if (file_exists($path) && !is_dir($path)) {
-            echo file_get_contents($path);
-        } else {
-            http_response_code(404);
-            echo json_encode(['error' => 'Not found', 'path' => $path]);
-        }
-        break;
-
-    case 'data_write':
-        $key = $_GET['key'] ?? '';
-        if ($key !== 'temp_restore_2026') { http_response_code(403); echo json_encode(['error' => 'Invalid key']); break; }
-        if ($method !== 'POST') break;
-        $file = $_GET['file'] ?? '';
-        $path = DATA_DIR . '/' . str_replace('..', '', $file);
-        $dir = dirname($path);
-        if (!is_dir($dir)) mkdir($dir, 0755, true);
-        $body = file_get_contents('php://input');
-        file_put_contents($path, $body);
-        echo json_encode(['success' => true, 'path' => $path, 'bytes' => strlen($body)]);
-        break;
-
     // ---------- CAPTCHA ----------
     case 'captcha':
         $a = rand(1, 20);