Update: 2026-05-07 23:06:22

2026-05-07 23:06:22 +03:00
parent e04229dfbe
commit 80f3d257b0
20 changed files with 1254 additions and 60 deletions
--- a/app/modules_app/assignments/create.php
+++ b/app/modules_app/assignments/create.php
@@ -0,0 +1,55 @@
+<?php
+/**
+ * Create User-Company Assignment
+ * POST /v1/assignments/create
+ */
+
+declare(strict_types=1);
+
+use App\Core\Database;
+use App\Middleware\AuthMiddleware;
+use App\Middleware\RoleMiddleware;
+
+// Only Admin/Super Admin
+$decoded = RoleMiddleware::require(['super_admin', 'admin']);
+
+$data = input();
+$userId = $data['user_id'] ?? null;
+$companyId = $data['company_id'] ?? null;
+
+if (!$userId || !$companyId) {
+    json_error('userId and companyId are required', 422);
+}
+
+$db = Database::getInstance();
+
+try {
+    // Check if user belongs to the same tenant (if not super_admin)
+    if ($decoded['role'] !== 'super_admin') {
+        $stmt = $db->prepare("SELECT tenant_id FROM users WHERE id = ?");
+        $stmt->execute([$userId]);
+        $userTenant = $stmt->fetchColumn();
+        
+        if ($userTenant !== $decoded['tenant_id']) {
+            json_error('User does not belong to your office', 403);
+        }
+    }
+
+    $stmt = $db->prepare("
+        INSERT INTO user_company_assignments (id, user_id, company_id, is_active, created_at)
+        VALUES (?, ?, ?, 1, ?)
+        ON DUPLICATE KEY UPDATE is_active = 1
+    ");
+    
+    $stmt->execute([
+        Database::generateUuid(),
+        $userId,
+        $companyId,
+        date('Y-m-d H:i:s')
+    ]);
+
+    json_success(null, 'تم تخصيص المستخدم للشركة بنجاح');
+
+} catch (\Exception $e) {
+    json_error('حدث خطأ أثناء التخصيص: ' . $e->getMessage(), 500);
+}
--- a/app/modules_app/assignments/index.php
+++ b/app/modules_app/assignments/index.php
@@ -0,0 +1,41 @@
+<?php
+/**
+ * List Assignments for a Company
+ * GET /v1/assignments?company_id=...
+ */
+
+declare(strict_types=1);
+
+use App\Core\Database;
+use App\Core\Encryption;
+use App\Middleware\AuthMiddleware;
+
+$decoded = AuthMiddleware::check();
+$companyId = input('company_id');
+
+if (!$companyId) {
+    json_error('company_id is required', 422);
+}
+
+$db = Database::getInstance();
+
+try {
+    $stmt = $db->prepare("
+        SELECT a.id, a.user_id, a.is_active, u.name, u.email, u.role
+        FROM user_company_assignments a
+        JOIN users u ON a.user_id = u.id
+        WHERE a.company_id = ? AND a.is_active = 1
+    ");
+    $stmt->execute([$companyId]);
+    $assignments = $stmt->fetchAll();
+
+    foreach ($assignments as &$a) {
+        $a['name'] = Encryption::decrypt($a['name']) ?: $a['name'];
+        $a['email'] = Encryption::decrypt($a['email']) ?: $a['email'];
+    }
+
+    json_success($assignments);
+
+} catch (\Exception $e) {
+    json_error('SQL Error: ' . $e->getMessage(), 500);
+}