From f9c266a76aca4a385a0cc17906a7258e4dd9afb6 Mon Sep 17 00:00:00 2001
From: Hamza-Ayed <hamzaayedflutter@gmail.com>
Date: Sun, 10 May 2026 02:00:15 +0300
Subject: [PATCH] add new featurs like realtime 2026-5-10-17

---
 Admin/v2/security/audit_logs.php | 48 +++++++++++++++++---------------
 1 file changed, 26 insertions(+), 22 deletions(-)

diff --git a/Admin/v2/security/audit_logs.php b/Admin/v2/security/audit_logs.php
index 8e7022f..4bb9c89 100644
--- a/Admin/v2/security/audit_logs.php
+++ b/Admin/v2/security/audit_logs.php
@@ -2,9 +2,28 @@
 // Admin/v2/security/audit_logs.php
 require_once __DIR__ . '/../../../connect.php';
 
-// تم التحقق من صحة التوكن في connect.php مسبقاً، لذا المستخدم مسجل دخول كأدمن صالح.
+// ── سجل تتبع لفحص كل ما يحدث ─────────────────────────
+$debugFile = __DIR__ . '/fetch_debug.txt';
+$debugLog  = "[" . date('Y-m-d H:i:s') . "] ";
+$debugLog .= "user_id=$user_id | role=$role | method={$_SERVER['REQUEST_METHOD']}";
+file_put_contents($debugFile, $debugLog . "\n", FILE_APPEND);
+
+// ── فحص الصلاحيات ────────────────────────────────────────
+if ($role !== 'super_admin' && $role !== 'admin') {
+    $msg = "Unauthorized. role=$role, user_id=$user_id";
+    file_put_contents($debugFile, "  → BLOCKED: $msg\n", FILE_APPEND);
+    jsonError($msg, 403);
+}
 
 try {
+    // فحص وجود الجدول
+    $tableExists = $con->query("SHOW TABLES LIKE 'admin_audit_log'")->rowCount() > 0;
+
+    if (!$tableExists) {
+        file_put_contents($debugFile, "  → Table admin_audit_log NOT FOUND\n", FILE_APPEND);
+        jsonSuccess([], 'Audit log table not found');
+    }
+
     $stmt = $con->prepare("
         SELECT 
             l.id, l.admin_id, e.name as admin_name, l.action, l.table_name, l.record_id, l.details, l.created_at
@@ -13,31 +32,16 @@ try {
         ORDER BY l.created_at DESC
         LIMIT 100
     ");
-    
-    $tableExists = $con->query("SHOW TABLES LIKE 'admin_audit_log'")->rowCount() > 0;
-    
-    if (!$tableExists) {
-        echo json_encode([
-            'status' => 'success',
-            'message' => 'Audit log table not found.',
-            'data' => []
-        ]);
-        exit;
-    }
-
     $stmt->execute();
     $logs = $stmt->fetchAll(PDO::FETCH_ASSOC);
-    
-    // تسجيل عدد السجلات في ملف لوج للفحص
-    $count = count($logs);
-    file_put_contents(__DIR__ . '/fetch_debug.txt', "[" . date('Y-m-d H:i:s') . "] Fetching Logs. Count: $count. User: $user_id\n", FILE_APPEND);
 
-    // توحيد الاستجابة مع دالة jsonSuccess الموجودة في helpers.php
-    // والتي تضع البيانات داخل مفتاح message
+    $count = count($logs);
+    file_put_contents($debugFile, "  → SUCCESS: fetched $count logs\n", FILE_APPEND);
+
     jsonSuccess($logs);
+
 } catch (Exception $e) {
-    file_put_contents(__DIR__ . '/fetch_debug.txt', "Error: " . $e->getMessage() . "\n", FILE_APPEND);
-    http_response_code(500);
-    echo json_encode(['status' => 'error', 'message' => $e->getMessage()]);
+    file_put_contents($debugFile, "  → ERROR: " . $e->getMessage() . "\n", FILE_APPEND);
+    jsonError('Audit log query failed: ' . $e->getMessage(), 500);
 }
 ?>