🚀 مُصادَق: تحديث برمجي جديد 2026-05-03 03:15
This commit is contained in:
Hamza-Ayed
@@ -30,7 +30,8 @@ final class AuthService
|
||||
$accessToken = $this->jwtService->issueAccessToken([
|
||||
'user_id' => $user['id'],
|
||||
'tenant_id' => $user['tenant_id'],
|
||||
'role' => $user['role']
|
||||
'role' => $user['role'],
|
||||
'assigned_company_id' => $user['assigned_company_id']
|
||||
]);
|
||||
|
||||
$refreshToken = $this->jwtService->issueRefreshToken($user['id']);
|
||||
@@ -49,7 +50,8 @@ final class AuthService
|
||||
'id' => $user['id'],
|
||||
'name' => $user['name'],
|
||||
'email' => $user['email'],
|
||||
'role' => $user['role']
|
||||
'role' => $user['role'],
|
||||
'assigned_company_id' => $user['assigned_company_id']
|
||||
]
|
||||
];
|
||||
}
|
||||
|
||||
@@ -17,7 +17,20 @@ final class CompanyController
|
||||
|
||||
public function list(Request $request): void
|
||||
{
|
||||
$companies = $this->companyModel->findByTenant($request->tenantId);
|
||||
$tenantId = $request->tenantId;
|
||||
$role = $request->user->role ?? 'viewer';
|
||||
$assignedCompanyId = $request->user->assigned_company_id ?? null;
|
||||
|
||||
if ($role === 'super_admin') {
|
||||
$companies = $this->companyModel->findByTenant($tenantId);
|
||||
} else {
|
||||
// Filter by assigned company
|
||||
$db = \App\Core\Database::getInstance();
|
||||
$stmt = $db->prepare("SELECT * FROM companies WHERE tenant_id = ? AND id = ? AND deleted_at IS NULL");
|
||||
$stmt->execute([$tenantId, $assignedCompanyId]);
|
||||
$companies = $stmt->fetchAll();
|
||||
}
|
||||
|
||||
Response::json([
|
||||
'success' => true,
|
||||
'data' => $companies
|
||||
|
||||
@@ -11,21 +11,31 @@ final class DashboardController
|
||||
public function getStats(Request $request): void
|
||||
{
|
||||
$tenantId = $request->tenantId;
|
||||
$role = $request->user->role ?? 'viewer';
|
||||
$assignedCompanyId = $request->user->assigned_company_id ?? null;
|
||||
$db = Database::getInstance();
|
||||
|
||||
$where = "WHERE tenant_id = ?";
|
||||
$params = [$tenantId];
|
||||
|
||||
if ($role !== 'super_admin') {
|
||||
$where .= " AND company_id = ?";
|
||||
$params[] = $assignedCompanyId;
|
||||
}
|
||||
|
||||
// 1. Total Invoices this month
|
||||
$stmt = $db->prepare("SELECT COUNT(*) as count FROM invoices WHERE tenant_id = ? AND MONTH(created_at) = MONTH(CURRENT_DATE)");
|
||||
$stmt->execute([$tenantId]);
|
||||
$stmt = $db->prepare("SELECT COUNT(*) as count FROM invoices {$where} AND MONTH(created_at) = MONTH(CURRENT_DATE)");
|
||||
$stmt->execute($params);
|
||||
$thisMonth = $stmt->fetch()['count'];
|
||||
|
||||
// 2. Approved vs Rejected
|
||||
$stmt = $db->prepare("SELECT status, COUNT(*) as count FROM invoices WHERE tenant_id = ? GROUP BY status");
|
||||
$stmt->execute([$tenantId]);
|
||||
$stmt = $db->prepare("SELECT status, COUNT(*) as count FROM invoices {$where} GROUP BY status");
|
||||
$stmt->execute($params);
|
||||
$statusCounts = $stmt->fetchAll();
|
||||
|
||||
// 3. Recent Activity
|
||||
$stmt = $db->prepare("SELECT i.*, c.name as company_name FROM invoices i JOIN companies c ON i.company_id = c.id WHERE i.tenant_id = ? ORDER BY i.created_at DESC LIMIT 5");
|
||||
$stmt->execute([$tenantId]);
|
||||
$stmt = $db->prepare("SELECT i.*, c.name as company_name FROM invoices i JOIN companies c ON i.company_id = c.id {$where} ORDER BY i.created_at DESC LIMIT 5");
|
||||
$stmt->execute($params);
|
||||
$recent = $stmt->fetchAll();
|
||||
|
||||
Response::json([
|
||||
|
||||
@@ -20,7 +20,20 @@ final class InvoiceController
|
||||
|
||||
public function list(Request $request): void
|
||||
{
|
||||
$invoices = $this->invoiceModel->findByTenant($request->tenantId);
|
||||
$tenantId = $request->tenantId;
|
||||
$role = $request->user->role ?? 'viewer';
|
||||
$assignedCompanyId = $request->user->assigned_company_id ?? null;
|
||||
|
||||
if ($role === 'super_admin') {
|
||||
$invoices = $this->invoiceModel->findByTenant($tenantId);
|
||||
} else {
|
||||
// Filter by assigned company for admin, accountant, etc.
|
||||
$db = \App\Core\Database::getInstance();
|
||||
$stmt = $db->prepare("SELECT * FROM invoices WHERE tenant_id = ? AND company_id = ? AND deleted_at IS NULL ORDER BY created_at DESC");
|
||||
$stmt->execute([$tenantId, $assignedCompanyId]);
|
||||
$invoices = $stmt->fetchAll();
|
||||
}
|
||||
|
||||
Response::json([
|
||||
'success' => true,
|
||||
'data' => $invoices
|
||||
@@ -50,11 +63,10 @@ final class InvoiceController
|
||||
$invoiceId = \Ramsey\Uuid\Uuid::uuid4()->toString();
|
||||
$this->invoiceModel->create([
|
||||
'id' => $invoiceId,
|
||||
'invoice_uuid' => \Ramsey\Uuid\Uuid::uuid4()->toString(),
|
||||
'tenant_id' => $tenantId,
|
||||
'company_id' => $companyId,
|
||||
'uploaded_by' => $request->user->user_id,
|
||||
'status' => 'PROCESSING',
|
||||
'status' => 'uploaded', // Match schema ENUM
|
||||
'original_file_path' => $filePath,
|
||||
'original_file_hash' => $fileHash,
|
||||
'idempotency_key' => bin2hex(random_bytes(16))
|
||||
@@ -67,8 +79,8 @@ final class InvoiceController
|
||||
|
||||
// Update Invoice with extracted data
|
||||
$this->invoiceModel->update($invoiceId, [
|
||||
'status' => 'EXTRACTED',
|
||||
'extracted_data' => json_encode($extractedData, JSON_UNESCAPED_UNICODE)
|
||||
'status' => 'extracted', // Match schema ENUM
|
||||
'ai_raw_response' => json_encode($extractedData, JSON_UNESCAPED_UNICODE)
|
||||
]);
|
||||
|
||||
Response::json([
|
||||
@@ -83,7 +95,7 @@ final class InvoiceController
|
||||
} catch (Throwable $aiError) {
|
||||
// Keep it uploaded, maybe manual retry later
|
||||
$this->invoiceModel->update($invoiceId, [
|
||||
'status' => 'AI_FAILED'
|
||||
'status' => 'validation_failed' // Match schema fallback
|
||||
]);
|
||||
|
||||
Response::json([
|
||||
|
||||
@@ -38,6 +38,8 @@ final class UsersController
|
||||
public function create(Request $request): void
|
||||
{
|
||||
$currentUserRole = $request->user->role ?? 'viewer';
|
||||
$currentAssignedCompanyId = $request->user->assigned_company_id ?? null;
|
||||
|
||||
if (!in_array($currentUserRole, ['super_admin', 'admin'])) {
|
||||
Response::error('ليس لديك صلاحية لإضافة مستخدمين', 'FORBIDDEN', 403);
|
||||
return;
|
||||
@@ -47,11 +49,16 @@ final class UsersController
|
||||
$email = $request->input('email');
|
||||
$password = $request->input('password');
|
||||
$role = $request->input('role', 'accountant');
|
||||
$assignedCompanyId = $request->input('assigned_company_id');
|
||||
|
||||
// Admin can only create accountants and employees. Only super_admin can create admins.
|
||||
if ($currentUserRole === 'admin' && in_array($role, ['admin', 'super_admin'])) {
|
||||
Response::error('لا تملك الصلاحية لإضافة مدراء', 'FORBIDDEN', 403);
|
||||
return;
|
||||
if ($currentUserRole === 'admin') {
|
||||
if (in_array($role, ['admin', 'super_admin'])) {
|
||||
Response::error('لا تملك الصلاحية لإضافة مدراء', 'FORBIDDEN', 403);
|
||||
return;
|
||||
}
|
||||
// Admin automatically assigns their own company to the new user
|
||||
$assignedCompanyId = $currentAssignedCompanyId;
|
||||
}
|
||||
|
||||
// Validate valid roles
|
||||
@@ -62,14 +69,14 @@ final class UsersController
|
||||
}
|
||||
|
||||
if (!$name || !$email || !$password) {
|
||||
Response::error('Name, email, and password are required', 'VALIDATION_ERROR', 422);
|
||||
Response::error('الاسم والبريد وكلمة المرور مطلوبة', 'VALIDATION_ERROR', 422);
|
||||
return;
|
||||
}
|
||||
|
||||
try {
|
||||
// Check if email exists
|
||||
if ($this->userModel->findByEmail($email)) {
|
||||
Response::error('Email already in use', 'EMAIL_EXISTS', 409);
|
||||
Response::error('البريد الإلكتروني مستخدم بالفعل', 'EMAIL_EXISTS', 409);
|
||||
return;
|
||||
}
|
||||
|
||||
@@ -81,12 +88,13 @@ final class UsersController
|
||||
'email' => $email,
|
||||
'password_hash' => password_hash($password, PASSWORD_BCRYPT),
|
||||
'role' => $role,
|
||||
'assigned_company_id' => $assignedCompanyId,
|
||||
'is_active' => 1
|
||||
]);
|
||||
|
||||
Response::json([
|
||||
'success' => true,
|
||||
'message' => 'User created successfully',
|
||||
'message' => 'تم إنشاء المستخدم بنجاح',
|
||||
'data' => ['id' => $userId]
|
||||
]);
|
||||
} catch (Throwable $e) {
|
||||
|
||||
@@ -200,7 +200,7 @@
|
||||
let roleLabel = 'مستخدم';
|
||||
|
||||
if (user.role === 'super_admin') { roleColor = 'text-primary'; roleLabel = 'سوبر أدمن'; }
|
||||
else if (user.role === 'admin') { roleColor = 'text-blue-400'; roleLabel = 'مدير النظام'; }
|
||||
else if (user.role === 'admin') { roleColor = 'text-blue-400'; roleLabel = 'مدير شركة'; }
|
||||
else if (user.role === 'accountant') { roleColor = 'text-purple-400'; roleLabel = 'محاسب'; }
|
||||
else if (user.role === 'employee') { roleColor = 'text-orange-400'; roleLabel = 'موظف'; }
|
||||
|
||||
@@ -237,14 +237,30 @@
|
||||
}
|
||||
}
|
||||
|
||||
function showAddUserModal() {
|
||||
async function showAddUserModal() {
|
||||
const currentRole = localStorage.getItem('user_role');
|
||||
let companies = [];
|
||||
let companySelectHtml = '';
|
||||
|
||||
if (currentRole === 'super_admin') {
|
||||
try {
|
||||
const res = await API.get('/companies');
|
||||
companies = res.data;
|
||||
companySelectHtml = `
|
||||
<select id="usr-company" class="w-full bg-black/20 border border-white/10 rounded-xl px-4 py-3 text-white focus:border-primary outline-none">
|
||||
<option value="">-- ربط بشركة (اختياري للسوبر أدمن) --</option>
|
||||
${companies.map(c => `<option value="${c.id}">${c.name}</option>`).join('')}
|
||||
</select>
|
||||
`;
|
||||
} catch (err) { console.error('Failed to fetch companies'); }
|
||||
}
|
||||
|
||||
let optionsHtml = `
|
||||
<option value="accountant">محاسب</option>
|
||||
<option value="employee">موظف</option>
|
||||
`;
|
||||
if (currentRole === 'super_admin') {
|
||||
optionsHtml += `<option value="admin">مدير نظام</option>`;
|
||||
optionsHtml += `<option value="admin">مدير شركة</option>`;
|
||||
}
|
||||
|
||||
const modals = document.getElementById('modals');
|
||||
@@ -259,6 +275,7 @@
|
||||
<select id="usr-role" class="w-full bg-black/20 border border-white/10 rounded-xl px-4 py-3 text-white focus:border-primary outline-none" required>
|
||||
${optionsHtml}
|
||||
</select>
|
||||
${companySelectHtml}
|
||||
|
||||
<div class="flex gap-3 mt-6 pt-4 border-t border-white/10">
|
||||
<button type="button" onclick="document.getElementById('user-modal').remove()" class="flex-1 py-3 bg-white/5 hover:bg-white/10 rounded-xl transition">إلغاء</button>
|
||||
@@ -276,7 +293,8 @@
|
||||
name: document.getElementById('usr-name').value,
|
||||
email: document.getElementById('usr-email').value,
|
||||
password: document.getElementById('usr-password').value,
|
||||
role: document.getElementById('usr-role').value
|
||||
role: document.getElementById('usr-role').value,
|
||||
assigned_company_id: document.getElementById('usr-company')?.value || null
|
||||
};
|
||||
await API.post('/users', data);
|
||||
document.getElementById('user-modal').remove();
|
||||
@@ -390,7 +408,7 @@
|
||||
<svg class="w-5 h-5 text-slate-400" fill="none" stroke="currentColor" viewBox="0 0 24 24"><path stroke-linecap="round" stroke-linejoin="round" stroke-width="2" d="M9 12h6m-6 4h6m2 5H7a2 2 0 01-2-2V5a2 2 0 012-2h5.586a1 1 0 01.707.293l5.414 5.414a1 1 0 01.293.707V19a2 2 0 01-2 2z"></path></svg>
|
||||
</div>
|
||||
<div>
|
||||
<p class="font-bold text-sm text-slate-200">${inv.invoice_uuid.substring(0,8)}...</p>
|
||||
<p class="font-bold text-sm text-slate-200">${inv.id ? inv.id.substring(0,8) : ''}...</p>
|
||||
<p class="text-xs text-slate-400 mt-1">${inv.company_name}</p>
|
||||
</div>
|
||||
</div>
|
||||
@@ -520,7 +538,7 @@
|
||||
const statusColor = inv.status === 'APPROVED' ? 'text-primary' : (inv.status === 'REJECTED' ? 'text-red-400' : 'text-yellow-400');
|
||||
html += `
|
||||
<tr class="hover:bg-white/5 transition-colors">
|
||||
<td class="p-4 font-mono text-xs text-slate-300">${inv.invoice_uuid}</td>
|
||||
<td class="p-4 font-mono text-xs text-slate-300">${inv.id}</td>
|
||||
<td class="p-4 font-bold text-slate-200">${inv.company_id}</td>
|
||||
<td class="p-4 text-slate-400">${new Date(inv.created_at).toLocaleDateString('ar-JO')}</td>
|
||||
<td class="p-4 font-bold ${statusColor}">${inv.status}</td>
|
||||
|
||||
Reference in New Issue
Block a user