Hamza/musadaq-saas
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Update: 2026-05-15 14:23:28

Browse Source
This commit is contained in:
Hamza-Ayed
2026-05-15 14:23:28 +03:00
parent 7e9a088ea1
commit 9e078bdfa7
3 changed files with 257 additions and 150 deletions
Download Patch File Download Diff File Expand all files Collapse all files

18
app/modules_app/invoices/upload.php
View File

@@ -19,18 +19,18 @@ try {
$tenantId = $decoded['tenant_id'];
$userId = $decoded['user_id'];
// --- QUOTA CHECK ---
QuotaMiddleware::checkInvoiceQuota($tenantId);
// -------------------
$db = Database::getInstance();
$allowedRoles = ['admin', 'accountant', 'employee'];
$allowedRoles = ['super_admin', 'admin', 'accountant', 'employee'];
if (!in_array($decoded['role'], $allowedRoles)) {
json_error('غير مصرح لك برفع الفواتير', 403);
exit;
}
// --- QUOTA CHECK (skip for super_admin ONLY) ---
if ($decoded['role'] !== 'super_admin') {
QuotaMiddleware::checkInvoiceQuota($tenantId);
}
// -------------------
// 2. Validate Request
// استخدام $_POST للتعامل الآمن مع multipart/form-data
$companyId = $_POST['company_id'] ?? null;
@@ -197,7 +197,9 @@ try {
}
$savedIds[] = $invoiceId;
QuotaMiddleware::incrementInvoiceUsage($tenantId);
if ($decoded['role'] !== 'super_admin') {
QuotaMiddleware::incrementInvoiceUsage($tenantId);
}
}
$db->commit();