Hamza/musadaq-saas
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Update: 2026-05-06 17:10:14

Browse Source
This commit is contained in:
Hamza-Ayed
2026-05-06 17:10:14 +03:00
parent a9a2c65bee
commit 019bff7e37
16 changed files with 788 additions and 68 deletions
Download Patch File Download Diff File Expand all files Collapse all files

13
app/modules_app/companies/create.php
View File

@@ -6,12 +6,11 @@
use App\Core\Database;
use App\Core\Encryption;
use App\Core\Validator;
use App\Core\AuditLogger;
use App\Middleware\AuthMiddleware;
use App\Middleware\RoleMiddleware;
$decoded = AuthMiddleware::check();
if ($decoded['role'] !== 'super_admin' && $decoded['role'] !== 'admin') {
json_error('Unauthorized', 403);
}
$decoded = RoleMiddleware::require(['super_admin', 'admin']);
$data = input();
@@ -80,6 +79,12 @@ try {
]);
$db->commit();
AuditLogger::log('company.created', 'company', null, null, [
'name' => $data['name'],
'tin' => $data['tax_identification_number'],
], $decoded);
json_success(null, 'تم إنشاء الشركة بنجاح');
} catch (\Exception $e) {

12
app/modules_app/companies/delete.php
View File

@@ -4,9 +4,12 @@
*/
use App\Core\Database;
use App\Core\AuditLogger;
use App\Middleware\AuthMiddleware;
use App\Middleware\RoleMiddleware;
use App\Middleware\CompanyAccessMiddleware;
$decoded = AuthMiddleware::check();
$decoded = RoleMiddleware::require(['super_admin', 'admin']);
$db = Database::getInstance();
$companyId = input('id');
@@ -28,12 +31,13 @@ if (!$company) {
json_error('الشركة غير موجودة', 404);
}
if ($decoded['role'] === 'admin' && $company['tenant_id'] !== $decoded['tenant_id']) {
json_error('ليس لديك صلاحية لحذف هذه الشركة', 403);
}
// Verify tenant access (admin can only delete from their tenant)
CompanyAccessMiddleware::check($companyId, $decoded);
// Soft Delete
$stmt = $db->prepare("UPDATE companies SET deleted_at = NOW() WHERE id = ?");
$stmt->execute([$companyId]);
AuditLogger::log('company.deleted', 'company', $companyId, null, null, $decoded);
json_success(null, 'تم حذف الشركة بنجاح');

42
app/modules_app/dashboard/recent_activity.php Normal file
View File

@@ -0,0 +1,42 @@
<?php
/**
* Dashboard Recent Activity Endpoint
*/
declare(strict_types=1);
use App\Core\Database;
use App\Middleware\AuthMiddleware;
$decoded = AuthMiddleware::check();
$db = Database::getInstance();
$tenantId = $decoded['tenant_id'] ?? null;
$role = $decoded['role'];
try {
if ($role === 'super_admin') {
$where = "WHERE 1=1";
$params = [];
} else {
$where = "WHERE tenant_id = ?";
$params = [$tenantId];
}
// Join with users table to get the name of the person who did the action
$stmt = $db->prepare("
SELECT a.id, a.action, a.entity_type, a.created_at, u.name as user_name
FROM audit_logs a
LEFT JOIN users u ON a.user_id = u.id
$where
ORDER BY a.created_at DESC
LIMIT 20
");
$stmt->execute($params);
$activities = $stmt->fetchAll();
json_success($activities);
} catch (\Exception $e) {
json_error('Failed to fetch recent activity', 500);
}

59
app/modules_app/dashboard/stats.php
View File

@@ -15,38 +15,67 @@ $companyId = $decoded['company_id'] ?? null;
$role = $decoded['role'];
try {
// 2. Apply Filters based on Role
$stats = [
'role' => $role,
'invoices' => [
'total' => 0,
'pending' => 0,
'approved' => 0
]
];
// 2. Fetch Invoice Stats
if ($role === 'super_admin') {
// No filters - see everything
$where = "WHERE 1=1";
$params = [];
} elseif ($role === 'accountant' || $role === 'viewer') {
$where = "WHERE tenant_id = ? AND company_id = ?";
$params = [$tenantId, $companyId];
} else {
// Tenant Users (Admin, Accountant, Employee): Filter by Tenant
// admin
$where = "WHERE tenant_id = ?";
$params = [$tenantId];
}
// 3. Fetch Stats
$stmt = $db->prepare("SELECT COUNT(*) FROM invoices $where");
$stmt->execute($params);
$total = $stmt->fetchColumn();
$stats['invoices']['total'] = (int)$stmt->fetchColumn();
$stmt = $db->prepare("SELECT COUNT(*) FROM invoices $where AND status = 'extracted'");
$stmt->execute($params);
$pending = $stmt->fetchColumn();
$stats['invoices']['pending'] = (int)$stmt->fetchColumn();
$stmt = $db->prepare("SELECT COUNT(*) FROM invoices $where AND status = 'approved'");
$stmt->execute($params);
$approved = $stmt->fetchColumn();
$stats['invoices']['approved'] = (int)$stmt->fetchColumn();
// 3. Role-Specific Extra Stats
if ($role === 'super_admin') {
$stats['tenants'] = (int)$db->query("SELECT COUNT(*) FROM tenants")->fetchColumn();
$stats['total_users'] = (int)$db->query("SELECT COUNT(*) FROM users")->fetchColumn();
} elseif ($role === 'admin') {
$stmt = $db->prepare("SELECT COUNT(*) FROM companies WHERE tenant_id = ?");
$stmt->execute([$tenantId]);
$stats['companies'] = (int)$stmt->fetchColumn();
$stmt = $db->prepare("SELECT COUNT(*) FROM users WHERE tenant_id = ?");
$stmt->execute([$tenantId]);
$stats['users'] = (int)$stmt->fetchColumn();
// Get Subscription Quota
$stmt = $db->prepare("SELECT max_invoices_per_month, invoices_used_this_month FROM subscriptions WHERE tenant_id = ?");
$stmt->execute([$tenantId]);
$sub = $stmt->fetch();
if ($sub) {
$stats['subscription'] = [
'limit' => (int)$sub['max_invoices_per_month'],
'used' => (int)$sub['invoices_used_this_month']
];
}
}
} catch (\Exception $e) {
$total = 0;
$pending = 0;
$approved = 0;
// Return default zeroed stats on error
}
json_success([
'total' => $total,
'pending' => $pending,
'approved' => $approved
]);
json_success($stats);

14
app/modules_app/invoices/approve.php
View File

@@ -5,9 +5,13 @@
use App\Core\Database;
use App\Core\JoFotara;
use App\Core\AuditLogger;
use App\Middleware\AuthMiddleware;
use App\Middleware\RoleMiddleware;
use App\Middleware\CompanyAccessMiddleware;
$decoded = AuthMiddleware::check();
// Only admin, accountant, and super_admin can approve. Viewers cannot.
$decoded = RoleMiddleware::require(['super_admin', 'admin', 'accountant']);
$db = Database::getInstance();
$data = json_decode(file_get_contents('php://input'), true);
@@ -111,6 +115,14 @@ try {
'is_api_success' => $apiResponse['success']
]);
AuditLogger::log('invoice.approved', 'invoice', $id, [
'old_status' => $invoice['status'],
], [
'new_status' => 'approved',
'jofotara_uuid' => $apiResponse['uuid'] ?? null,
'api_success' => $apiResponse['success'],
], $decoded);
} catch (\Exception $e) {
if ($db->inTransaction()) $db->rollBack();
error_log("JoFotara Approve Error: " . $e->getMessage());

15
app/modules_app/users/create.php
View File

@@ -6,13 +6,12 @@
use App\Core\Database;
use App\Core\Encryption;
use App\Core\Validator;
use App\Core\AuditLogger;
use App\Middleware\AuthMiddleware;
use App\Middleware\RoleMiddleware;
// 1. Auth Check (Only super_admin or admin can create users)
$decoded = AuthMiddleware::check();
if ($decoded['role'] !== 'super_admin' && $decoded['role'] !== 'admin') {
json_error('Unauthorized', 403);
}
// 1. Auth + Role Check (Only super_admin or admin can create users)
$decoded = RoleMiddleware::require(['super_admin', 'admin']);
$data = input();
@@ -76,6 +75,12 @@ try {
]);
json_success(null, 'تم إضافة المستخدم بنجاح');
AuditLogger::log('user.created', 'user', null, null, [
'name' => $data['name'],
'email' => $data['email'],
'role' => $data['role'],
], $decoded);
} catch (\Exception $e) {
if (str_contains($e->getMessage(), 'Duplicate entry')) {
json_error('البريد الإلكتروني مسجل مسبقاً', 409);

10
app/modules_app/users/delete.php
View File

@@ -4,10 +4,12 @@
*/
use App\Core\Database;
use App\Core\AuditLogger;
use App\Middleware\AuthMiddleware;
use App\Middleware\RoleMiddleware;
// 1. Auth Check
$decoded = AuthMiddleware::check();
// 1. Auth + Role Check
$decoded = RoleMiddleware::require(['super_admin', 'admin']);
$db = Database::getInstance();
$currentUserId = $decoded['user_id'];
@@ -52,4 +54,8 @@ if ($currentUserRole === 'super_admin') {
$stmt = $db->prepare("UPDATE users SET deleted_at = NOW(), is_active = 0 WHERE id = ?");
$stmt->execute([$targetUserId]);
AuditLogger::log('user.deleted', 'user', $targetUserId, [
'role' => $targetUser['role'],
], null, $decoded);
json_success(null, 'تم حذف المستخدم بنجاح');