Update: 2026-05-08 01:52:24

app/modules_app/tenants/delete.php

@@ -0,0 +1,40 @@
+<?php
+/**
+ * Delete Tenant
+ * POST /v1/tenants/delete
+ */
+
+use App\Core\Database;
+use App\Core\AuditLogger;
+use App\Middleware\RoleMiddleware;
+
+$decoded = RoleMiddleware::require(['super_admin']);
+
+$data = input();
+$id = $data['id'] ?? null;
+if (!$id) json_error('معرّف المكتب مطلوب', 422);
+
+$db = Database::getInstance();
+
+// Check if tenant exists
+$stmt = $db->prepare("SELECT * FROM tenants WHERE id = ?");
+$stmt->execute([$id]);
+$tenant = $stmt->fetch();
+
+if (!$tenant) json_error('المكتب غير موجود', 404);
+
+// Check for linked users
+$stmtUsers = $db->prepare("SELECT COUNT(*) FROM users WHERE tenant_id = ?");
+$stmtUsers->execute([$id]);
+$userCount = $stmtUsers->fetchColumn();
+
+if ($userCount > 0) {
+    json_error("لا يمكن حذف المكتب — يوجد $userCount مستخدم مرتبط به. احذف المستخدمين أولاً.", 422);
+}
+
+// Delete
+$db->prepare("DELETE FROM tenants WHERE id = ?")->execute([$id]);
+
+AuditLogger::log('tenant.deleted', 'tenant', $id, ['name' => $tenant['name']], null, $decoded);
+
+json_success(null, 'تم حذف المكتب المحاسبي بنجاح');

app/modules_app/tenants/index.php

@@ -18,18 +18,25 @@ try {
     $stmt = $db->query("
         SELECT t.id, t.name, t.email, t.phone, t.status, t.created_at,
                (SELECT COUNT(*) FROM companies WHERE tenant_id = t.id) as companies_count,
+               (SELECT COUNT(*) FROM users WHERE tenant_id = t.id) as users_count,
                (SELECT COUNT(*) FROM invoices WHERE tenant_id = t.id) as invoices_count
         FROM tenants t 
         ORDER BY t.created_at DESC
     ");
     $tenants = $stmt->fetchAll();
 
-    foreach ($tenants as &$t) {
-        $decName = \App\Core\Encryption::decrypt($t['name']);
-        $t['name'] = $decName !== false ? $decName : $t['name'];
+    $dec = function($val) {
+        if (empty($val)) return '';
+        $result = \App\Core\Encryption::decrypt((string)$val);
+        return ($result !== false && $result !== null) ? $result : (string)$val;
+    };
 
-        $decEmail = \App\Core\Encryption::decrypt($t['email']);
-        $t['email'] = $decEmail !== false ? $decEmail : $t['email'];
+    foreach ($tenants as &$t) {
+        $t['name'] = $dec($t['name']);
+        $t['email'] = $dec($t['email']);
+        if (!empty($t['phone'])) {
+            $t['phone'] = $dec($t['phone']);
+        }
     }
 
     json_success($tenants);

app/modules_app/users/index.php

@@ -19,7 +19,7 @@ try {
     if ($role === 'super_admin') {
         // Super Admin sees ALL users from ALL tenants
         $stmt = $db->query("
-            SELECT u.id, u.name, u.email, u.role, u.is_active, u.created_at, t.name as tenant_name
+            SELECT u.id, u.name, u.email, u.phone, u.role, u.is_active, u.created_at, t.name as tenant_name
             FROM users u
             LEFT JOIN tenants t ON u.tenant_id = t.id
             ORDER BY u.created_at DESC
@@ -27,7 +27,7 @@ try {
     } elseif ($role === 'admin') {
         // Admin sees only users in THEIR tenant (Accounting Office)
         $stmt = $db->prepare("
-            SELECT u.id, u.name, u.email, u.role, u.is_active, u.created_at, t.name as tenant_name
+            SELECT u.id, u.name, u.email, u.phone, u.role, u.is_active, u.created_at, t.name as tenant_name
             FROM users u
             LEFT JOIN tenants t ON u.tenant_id = t.id
             WHERE u.tenant_id = ?
@@ -51,6 +51,9 @@ try {
     foreach ($users as &$user) {
         $user['name'] = $dec($user['name']);
         $user['email'] = $dec($user['email']);
+        if (!empty($user['phone'])) {
+            $user['phone'] = $dec($user['phone']);
+        }
         
         if (!empty($user['tenant_name'])) {
             $user['tenant_name'] = $dec($user['tenant_name']);