Hamza/musadaq-saas
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

🚀 مُصادَق: تحديث برمجي جديد 2026-05-03 16:43

Browse Source
This commit is contained in:
Hamza-Ayed
2026-05-03 16:43:46 +03:00
parent 3aeb3220f1
commit 0488c17107
26 changed files with 1282 additions and 1153 deletions
Download Patch File Download Diff File Expand all files Collapse all files

130
app/Modules/Users/UsersController.php Normal file
View File

@@ -0,0 +1,130 @@
<?php
declare(strict_types=1);
namespace App\Modules\Users;
use App\Core\{Request, Response};
use App\Modules\Users\UserModel;
final class UsersController
{
public function __construct(private readonly UserModel $userModel) {}
public function list(Request $request): void
{
$tenantId = $request->tenantId;
// Strict RBAC check: only admins can list users
if ($request->user->role !== 'admin' && $request->user->role !== 'super_admin') {
Response::error('غير مصرح لك بعرض قائمة المستخدمين', 'FORBIDDEN', 403);
return;
}
$users = $this->userModel->findAllByTenant($tenantId);
Response::json([
'success' => true,
'data' => $users
]);
}
public function create(Request $request): void
{
$tenantId = $request->tenantId;
$data = $request->getBody();
// RBAC: Only admins can create users
if ($request->user->role !== 'admin' && $request->user->role !== 'super_admin') {
Response::error('غير مصرح لك بإضافة مستخدمين', 'FORBIDDEN', 403);
return;
}
if (empty($data['email']) || empty($data['password']) || empty($data['name']) || empty($data['role'])) {
Response::error('جميع الحقول مطلوبة', 'VALIDATION_ERROR', 422);
return;
}
// Email uniqueness must be scoped to tenant or global?
// Typically global for identity, but prompt says fix uniqueness conflict.
if ($this->userModel->findByEmail($data['email'])) {
Response::error('البريد الإلكتروني مستخدم مسبقاً', 'DUPLICATE_EMAIL', 409);
return;
}
$userId = \Ramsey\Uuid\Uuid::uuid4()->toString();
$this->userModel->create([
'id' => $userId,
'tenant_id' => $tenantId,
'name' => $data['name'],
'email' => $data['email'],
'password_hash' => password_hash($data['password'], PASSWORD_ARGON2ID),
'role' => $data['role'],
'assigned_company_id' => $data['assigned_company_id'] ?? null,
'is_active' => 1
]);
Response::json([
'success' => true,
'message' => 'تم إضافة المستخدم بنجاح',
'data' => ['id' => $userId]
], 201);
}
public function update(Request $request, string $id): void
{
$tenantId = $request->tenantId;
$data = $request->getBody();
if ($request->user->role !== 'admin' && $request->user->role !== 'super_admin') {
Response::error('غير مصرح لك بتعديل المستخدمين', 'FORBIDDEN', 403);
return;
}
$user = $this->userModel->findById($id, $tenantId);
if (!$user) {
Response::error('المستخدم غير موجود', 'NOT_FOUND', 404);
return;
}
$updateData = [];
if (isset($data['name'])) $updateData['name'] = $data['name'];
if (isset($data['role'])) $updateData['role'] = $data['role'];
if (isset($data['is_active'])) $updateData['is_active'] = $data['is_active'];
if (isset($data['assigned_company_id'])) $updateData['assigned_company_id'] = $data['assigned_company_id'];
if (!empty($data['password'])) {
$updateData['password_hash'] = password_hash($data['password'], PASSWORD_ARGON2ID);
}
$this->userModel->update($id, $updateData);
Response::json([
'success' => true,
'message' => 'تم تحديث بيانات المستخدم بنجاح'
]);
}
public function destroy(Request $request, string $id): void
{
$tenantId = $request->tenantId;
if ($request->user->role !== 'admin' && $request->user->role !== 'super_admin') {
Response::error('غير مصرح لك بحذف المستخدمين', 'FORBIDDEN', 403);
return;
}
if ($id === $request->user->id) {
Response::error('لا يمكنك حذف حسابك الخاص', 'BAD_REQUEST', 400);
return;
}
$this->userModel->delete($id, $tenantId);
Response::json([
'success' => true,
'message' => 'تم حذف المستخدم بنجاح'
]);
}
}