Hamza/musadaq-saas
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Update: 2026-05-04 00:48:53

Browse Source
This commit is contained in:
Hamza-Ayed
2026-05-04 00:48:53 +03:00
parent 5abc22dcd8
commit 79308d7f9b
2 changed files with 11 additions and 49 deletions
Download Patch File Download Diff File Expand all files Collapse all files

22
app/modules_app/companies/index.php
View File

@@ -20,28 +20,12 @@ try {
$stmt->execute();
$companies = $stmt->fetchAll();
}
// 2. Admin sees all companies in their tenant
else if ($decoded['role'] === 'admin') {
$stmt = $db->prepare("SELECT * FROM companies WHERE tenant_id = ? AND deleted_at IS NULL");
// 2. Tenant Users (Admin, Accountant, Employee) see all companies in their tenant
else {
$stmt = $db->prepare("SELECT * FROM companies WHERE tenant_id = ? AND deleted_at IS NULL ORDER BY created_at DESC");
$stmt->execute([$decoded['tenant_id']]);
$companies = $stmt->fetchAll();
}
// 3. Others (accountant, etc) see only their assigned companies
else {
// Get assigned company IDs from the pivot table
$stmtUser = $db->prepare("SELECT company_id FROM user_company_assignments WHERE user_id = ? AND is_active = 1");
$stmtUser->execute([$decoded['user_id']]);
$assignedCompanyIds = $stmtUser->fetchAll(PDO::FETCH_COLUMN);
if (empty($assignedCompanyIds)) {
$companies = [];
} else {
$placeholders = implode(',', array_fill(0, count($assignedCompanyIds), '?'));
$stmt = $db->prepare("SELECT * FROM companies WHERE id IN ($placeholders) AND deleted_at IS NULL");
$stmt->execute($assignedCompanyIds);
$companies = $stmt->fetchAll();
}
}
// 3. Decrypt fields
foreach ($companies as &$company) {