tinker_tickets/api/bulk_operation.php

<?php
session_start();
require_once dirname(__DIR__) . '/config/db.php';
require_once dirname(__DIR__) . '/models/BulkOperationsModel.php';
require_once dirname(__DIR__) . '/models/TicketModel.php';
require_once dirname(__DIR__) . '/models/AuditLogModel.php';

header('Content-Type: application/json');

// Check authentication
if (!isset($_SESSION['user']) || !isset($_SESSION['user']['user_id'])) {
    echo json_encode(['success' => false, 'error' => 'Not authenticated']);
    exit;
}

// Check admin status - bulk operations are admin-only
$isAdmin = $_SESSION['user']['is_admin'] ?? false;
if (!$isAdmin) {
    echo json_encode(['success' => false, 'error' => 'Admin access required']);
    exit;
}

// Get request data
$data = json_decode(file_get_contents('php://input'), true);
$operationType = $data['operation_type'] ?? null;
$ticketIds = $data['ticket_ids'] ?? [];
$parameters = $data['parameters'] ?? null;

// Validate input
if (!$operationType || empty($ticketIds)) {
    echo json_encode(['success' => false, 'error' => 'Operation type and ticket IDs required']);
    exit;
}

// Validate ticket IDs are integers
foreach ($ticketIds as $ticketId) {
    if (!is_numeric($ticketId)) {
        echo json_encode(['success' => false, 'error' => 'Invalid ticket ID format']);
        exit;
    }
}

// Create database connection
$conn = new mysqli(
    $GLOBALS['config']['DB_HOST'],
    $GLOBALS['config']['DB_USER'],
    $GLOBALS['config']['DB_PASS'],
    $GLOBALS['config']['DB_NAME']
);

if ($conn->connect_error) {
    echo json_encode(['success' => false, 'error' => 'Database connection failed']);
    exit;
}

$bulkOpsModel = new BulkOperationsModel($conn);

// Create bulk operation record
$operationId = $bulkOpsModel->createBulkOperation($operationType, $ticketIds, $_SESSION['user']['user_id'], $parameters);

if (!$operationId) {
    $conn->close();
    echo json_encode(['success' => false, 'error' => 'Failed to create bulk operation']);
    exit;
}

// Process the bulk operation
$result = $bulkOpsModel->processBulkOperation($operationId);

$conn->close();

if (isset($result['error'])) {
    echo json_encode([
        'success' => false,
        'error' => $result['error']
    ]);
} else {
    echo json_encode([
        'success' => true,
        'operation_id' => $operationId,
        'processed' => $result['processed'],
        'failed' => $result['failed'],
        'message' => "Bulk operation completed: {$result['processed']} succeeded, {$result['failed']} failed"
    ]);
}