Update: 2026-05-06 17:10:14

2026-05-06 17:10:14 +03:00
parent a9a2c65bee
commit 019bff7e37
16 changed files with 788 additions and 68 deletions
--- a/app/modules_app/users/delete.php
+++ b/app/modules_app/users/delete.php
@@ -4,10 +4,12 @@
 */

 use App\Core\Database;
+use App\Core\AuditLogger;
 use App\Middleware\AuthMiddleware;
+use App\Middleware\RoleMiddleware;

-// 1. Auth Check
-$decoded = AuthMiddleware::check();
+// 1. Auth + Role Check
+$decoded = RoleMiddleware::require(['super_admin', 'admin']);
 $db = Database::getInstance();

 $currentUserId = $decoded['user_id'];
@@ -52,4 +54,8 @@ if ($currentUserRole === 'super_admin') {
 $stmt = $db->prepare("UPDATE users SET deleted_at = NOW(), is_active = 0 WHERE id = ?");
 $stmt->execute([$targetUserId]);

+AuditLogger::log('user.deleted', 'user', $targetUserId, [
+    'role' => $targetUser['role'],
+], null, $decoded);
+
 json_success(null, 'تم حذف المستخدم بنجاح');