Hamza/musadaq-saas
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Update: 2026-05-04 00:27:42

Browse Source
This commit is contained in:
Hamza-Ayed
2026-05-04 00:27:42 +03:00
parent cd85fcf2bd
commit b4ac1e8775
3 changed files with 117 additions and 100 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
app/modules_app/companies/index.php
View File

@@ -10,6 +10,7 @@ use App\Middleware\AuthMiddleware;
$decoded = AuthMiddleware::check(); $decoded = AuthMiddleware::check();
$db = Database::getInstance(); $db = Database::getInstance();
try {
// 1. Super Admin sees ALL companies // 1. Super Admin sees ALL companies
if ($decoded['role'] === 'super_admin') { if ($decoded['role'] === 'super_admin') {
$stmt = $db->prepare("SELECT c.*, t.name as tenant_name $stmt = $db->prepare("SELECT c.*, t.name as tenant_name
@@ -61,3 +62,7 @@ foreach ($companies as &$company) {
} }
json_success($companies); json_success($companies);
} catch (\Exception $e) {
json_error('SQL Error in Companies List: ' . $e->getMessage(), 500);
}

5
app/modules_app/tenants/index.php
View File

@@ -14,6 +14,7 @@ if ($decoded['role'] !== 'super_admin') {
$db = Database::getInstance(); $db = Database::getInstance();
try {
$stmt = $db->query("SELECT id, name, email, phone, status, created_at FROM tenants ORDER BY created_at DESC"); $stmt = $db->query("SELECT id, name, email, phone, status, created_at FROM tenants ORDER BY created_at DESC");
$tenants = $stmt->fetchAll(); $tenants = $stmt->fetchAll();
@@ -26,3 +27,7 @@ foreach ($tenants as &$t) {
} }
json_success($tenants); json_success($tenants);
} catch (\Exception $e) {
json_error('SQL Error in Tenants List: ' . $e->getMessage(), 500);
}

11
app/modules_app/users/index.php
View File

@@ -14,6 +14,7 @@ $db = Database::getInstance();
$role = $decoded['role']; $role = $decoded['role'];
$tenantId = $decoded['tenant_id'] ?? null; $tenantId = $decoded['tenant_id'] ?? null;
try {
// 2. Build Query based on Role // 2. Build Query based on Role
if ($role === 'super_admin') { if ($role === 'super_admin') {
// Super Admin sees ALL users from ALL tenants // Super Admin sees ALL users from ALL tenants
@@ -22,6 +23,7 @@ if ($role === 'super_admin') {
FROM users u FROM users u
LEFT JOIN tenants t ON u.tenant_id = t.id LEFT JOIN tenants t ON u.tenant_id = t.id
LEFT JOIN companies c ON u.company_id = c.id LEFT JOIN companies c ON u.company_id = c.id
ORDER BY u.created_at DESC
"); ");
} elseif ($role === 'admin') { } elseif ($role === 'admin') {
// Admin sees only users in THEIR tenant (Accounting Office) // Admin sees only users in THEIR tenant (Accounting Office)
@@ -31,6 +33,7 @@ if ($role === 'super_admin') {
LEFT JOIN tenants t ON u.tenant_id = t.id LEFT JOIN tenants t ON u.tenant_id = t.id
LEFT JOIN companies c ON u.company_id = c.id LEFT JOIN companies c ON u.company_id = c.id
WHERE u.tenant_id = ? WHERE u.tenant_id = ?
ORDER BY u.created_at DESC
"); ");
$stmt->execute([$tenantId]); $stmt->execute([$tenantId]);
} else { } else {
@@ -50,16 +53,20 @@ foreach ($users as &$user) {
$user['email'] = $decryptedEmail !== false ? $decryptedEmail : $user['email']; $user['email'] = $decryptedEmail !== false ? $decryptedEmail : $user['email'];
// Decrypt Company Name (if exists) // Decrypt Company Name (if exists)
if ($user['company_name']) { if (!empty($user['company_name'])) {
$decryptedCompanyName = Encryption::decrypt($user['company_name']); $decryptedCompanyName = Encryption::decrypt($user['company_name']);
$user['company_name'] = $decryptedCompanyName !== false ? $decryptedCompanyName : $user['company_name']; $user['company_name'] = $decryptedCompanyName !== false ? $decryptedCompanyName : $user['company_name'];
} }
// Decrypt Tenant Name (if exists) // Decrypt Tenant Name (if exists)
if ($user['tenant_name']) { if (!empty($user['tenant_name'])) {
$decryptedTenantName = Encryption::decrypt($user['tenant_name']); $decryptedTenantName = Encryption::decrypt($user['tenant_name']);
$user['tenant_name'] = $decryptedTenantName !== false ? $decryptedTenantName : $user['tenant_name']; $user['tenant_name'] = $decryptedTenantName !== false ? $decryptedTenantName : $user['tenant_name'];
} }
} }
json_success($users); json_success($users);
} catch (\Exception $e) {
json_error('SQL Error in Users List: ' . $e->getMessage(), 500);
}