Update: 2026-05-03 22:15:40
This commit is contained in:
Hamza-Ayed
@@ -46,9 +46,10 @@ if (!$secret || strlen($secret) < 32) {
|
||||
json_error('Server configuration error', 500);
|
||||
}
|
||||
$payload = [
|
||||
'user_id' => $user['id'],
|
||||
'role' => $user['role'],
|
||||
'exp' => time() + (15 * 60) // 15 minutes
|
||||
'user_id' => $user['id'],
|
||||
'tenant_id' => $user['tenant_id'],
|
||||
'role' => $user['role'],
|
||||
'exp' => time() + (15 * 60) // 15 minutes
|
||||
];
|
||||
|
||||
$token = JWT::encode($payload, $secret);
|
||||
|
||||
@@ -63,14 +63,8 @@ try {
|
||||
date('Y-m-d H:i:s')
|
||||
]);
|
||||
|
||||
$companyId = $db->lastInsertId();
|
||||
|
||||
// 4. Pivot link
|
||||
$stmt = $db->prepare("INSERT INTO user_companies (user_id, company_id, role) VALUES (?, ?, ?)");
|
||||
$stmt->execute([$decoded['user_id'], $companyId, 'admin']);
|
||||
|
||||
$db->commit();
|
||||
json_success(['id' => $companyId], 'تم إنشاء الشركة بنجاح');
|
||||
json_success(null, 'تم إنشاء الشركة بنجاح');
|
||||
|
||||
} catch (\Exception $e) {
|
||||
$db->rollBack();
|
||||
|
||||
@@ -13,14 +13,21 @@ $db = Database::getInstance();
|
||||
// 1. Super Admin sees ALL companies
|
||||
if ($decoded['role'] === 'super_admin') {
|
||||
$stmt = $db->query("SELECT * FROM companies WHERE deleted_at IS NULL");
|
||||
} else {
|
||||
// 2. Others see only linked companies
|
||||
$stmt = $db->prepare("
|
||||
SELECT c.* FROM companies c
|
||||
JOIN user_companies uc ON c.id = uc.company_id
|
||||
WHERE uc.user_id = ? AND c.deleted_at IS NULL
|
||||
");
|
||||
$stmt->execute([$decoded['user_id']]);
|
||||
}
|
||||
// 2. Admin sees all companies in their tenant
|
||||
else if ($decoded['role'] === 'admin') {
|
||||
$stmt = $db->prepare("SELECT * FROM companies WHERE tenant_id = ? AND deleted_at IS NULL");
|
||||
$stmt->execute([$decoded['tenant_id']]);
|
||||
}
|
||||
// 3. Others (accountant, etc) see only their assigned company
|
||||
else {
|
||||
// Need to get their assigned company_id from users table first
|
||||
$stmtUser = $db->prepare("SELECT company_id FROM users WHERE id = ?");
|
||||
$stmtUser->execute([$decoded['user_id']]);
|
||||
$assignedCompanyId = $stmtUser->fetchColumn();
|
||||
|
||||
$stmt = $db->prepare("SELECT * FROM companies WHERE id = ? AND deleted_at IS NULL");
|
||||
$stmt->execute([$assignedCompanyId]);
|
||||
}
|
||||
|
||||
$companies = $stmt->fetchAll();
|
||||
|
||||
@@ -56,50 +56,6 @@ foreach ($users as $user) {
|
||||
echo "User ID {$user['id']} migrated successfully.\n";
|
||||
}
|
||||
|
||||
// 3. Create companies table (Updated to match production schema)
|
||||
try {
|
||||
$db->exec("CREATE TABLE IF NOT EXISTS companies (
|
||||
id INT AUTO_INCREMENT PRIMARY KEY,
|
||||
tenant_id INT,
|
||||
name VARCHAR(255) NOT NULL,
|
||||
name_en VARCHAR(255),
|
||||
tax_identification_number VARCHAR(50),
|
||||
commercial_registration_number VARCHAR(50),
|
||||
address TEXT,
|
||||
city VARCHAR(100),
|
||||
contact_email VARCHAR(255),
|
||||
contact_phone VARCHAR(50),
|
||||
jofotara_client_id_encrypted TEXT,
|
||||
jofotara_secret_key_encrypted TEXT,
|
||||
jofotara_income_source_sequence VARCHAR(50),
|
||||
certificate_path VARCHAR(255),
|
||||
certificate_password_encrypted TEXT,
|
||||
is_jofotara_linked TINYINT(1) DEFAULT 0,
|
||||
is_active TINYINT(1) DEFAULT 1,
|
||||
created_at DATETIME DEFAULT CURRENT_TIMESTAMP,
|
||||
updated_at DATETIME DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP,
|
||||
deleted_at DATETIME DEFAULT NULL
|
||||
) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4");
|
||||
echo "[OK] Companies table synchronized with production schema.\n";
|
||||
} catch (\Exception $e) {
|
||||
echo "[ERROR] Synchronizing companies table: " . $e->getMessage() . "\n";
|
||||
}
|
||||
|
||||
// 4. Create user_companies pivot table
|
||||
try {
|
||||
$db->exec("CREATE TABLE IF NOT EXISTS user_companies (
|
||||
id INT AUTO_INCREMENT PRIMARY KEY,
|
||||
user_id INT NOT NULL,
|
||||
company_id INT NOT NULL,
|
||||
role VARCHAR(50) DEFAULT 'employee',
|
||||
created_at DATETIME DEFAULT CURRENT_TIMESTAMP,
|
||||
UNIQUE KEY user_company (user_id, company_id),
|
||||
FOREIGN KEY (user_id) REFERENCES users(id) ON DELETE CASCADE,
|
||||
FOREIGN KEY (company_id) REFERENCES companies(id) ON DELETE CASCADE
|
||||
) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4");
|
||||
echo "[OK] User_companies table created or exists.\n";
|
||||
} catch (\Exception $e) {
|
||||
echo "[ERROR] Creating user_companies table: " . $e->getMessage() . "\n";
|
||||
}
|
||||
// (Table creation logic removed because it is properly handled by schema.sql)
|
||||
|
||||
echo "--- Migration Complete ---\n";
|
||||
|
||||
Reference in New Issue
Block a user