Update: 2026-05-08 01:27:14

app/modules_app/invoices/bulk_approve.php

@@ -0,0 +1,62 @@
+<?php
+/**
+ * Bulk Approve Invoices
+ * POST /v1/invoices/bulk-approve
+ * Approves multiple invoices at once
+ */
+
+use App\Core\Database;
+use App\Core\AuditLogger;
+use App\Middleware\RoleMiddleware;
+
+$decoded = RoleMiddleware::require(['super_admin', 'admin', 'accountant']);
+$data = input();
+
+$ids = $data['ids'] ?? [];
+if (empty($ids) || !is_array($ids)) {
+    json_error('يرجى اختيار فاتورة واحدة على الأقل', 422);
+}
+
+$db = Database::getInstance();
+$tenantId = $decoded['tenant_id'];
+$role = $decoded['role'];
+
+$approved = 0;
+$errors = [];
+
+foreach ($ids as $id) {
+    try {
+        // Verify access
+        $query = $role === 'super_admin'
+            ? "SELECT id, status FROM invoices WHERE id = ? AND status = 'extracted'"
+            : "SELECT id, status FROM invoices WHERE id = ? AND tenant_id = ? AND status = 'extracted'";
+        $params = $role === 'super_admin' ? [$id] : [$id, $tenantId];
+
+        $stmt = $db->prepare($query);
+        $stmt->execute($params);
+        $invoice = $stmt->fetch();
+
+        if (!$invoice) {
+            $errors[] = "$id: غير موجودة أو معتمدة مسبقاً";
+            continue;
+        }
+
+        $db->prepare("UPDATE invoices SET status = 'approved', updated_at = NOW() WHERE id = ?")
+           ->execute([$id]);
+
+        $approved++;
+
+        AuditLogger::log('invoice.bulk_approved', 'invoice', $id, null, [
+            'batch_size' => count($ids),
+        ], $decoded);
+
+    } catch (\Exception $e) {
+        $errors[] = "$id: " . $e->getMessage();
+    }
+}
+
+json_success([
+    'approved_count' => $approved,
+    'total_requested' => count($ids),
+    'errors' => $errors,
+], "تم اعتماد $approved فاتورة بنجاح");