Update: 2026-05-05 01:44:06

2026-05-05 01:44:06 +03:00
parent dcbf8bd04f
commit cfbd9c0009
2 changed files with 374 additions and 49 deletions
--- a/scripts/PROJECT_DOCUMENTATION.md
+++ b/scripts/PROJECT_DOCUMENTATION.md
@@ -241,6 +241,251 @@ CREATE TABLE audit_logs (
 );
 ```

+## File: `migrate_phase2.php`
+
+```php
+<?php
+/**
+ * Phase 2 Migration: AI Pre-Audit & Duplicate Prevention
+ * Run: php scripts/migrate_phase2.php
+ */
+
+require_once __DIR__ . '/../app/bootstrap/init.php';
+
+use App\Core\Database;
+
+$db = Database::getInstance();
+
+echo "═══════════════════════════════════════════\n";
+echo "  مُصادَق — Phase 2 Migration\n";
+echo "  AI Pre-Audit & Duplicate Prevention\n";
+echo "═══════════════════════════════════════════\n\n";
+
+$migrations = [
+
+    // 1. Add invoice_hash for duplicate prevention
+    'add_invoice_hash' => "ALTER TABLE invoices ADD COLUMN invoice_hash VARCHAR(64) NULL",
+
+    // 2. Add validation_warnings for AI Pre-Audit
+    'add_validation_warnings' => "ALTER TABLE invoices ADD COLUMN validation_warnings JSON NULL",
+
+    // 2.5 Add deleted_at for soft delete (Missing in Phase 1 for this table)
+    'add_invoices_soft_delete' => "ALTER TABLE invoices ADD COLUMN deleted_at DATETIME NULL DEFAULT NULL",
+
+    // 3. Create Unique Index to prevent duplicates within the same tenant & company
+    // Using a regular index for now, application logic will handle uniqueness to allow nulls
+    'add_hash_index' => "CREATE INDEX idx_invoice_hash ON invoices(tenant_id, company_id, invoice_hash)",
+];
+
+$success = 0;
+$skipped = 0;
+$failed  = 0;
+
+foreach ($migrations as $name => $sql) {
+    try {
+        $db->exec($sql);
+        echo "  ✅ {$name}\n";
+        $success++;
+    } catch (\PDOException $e) {
+        $msg = $e->getMessage();
+        // Ignore "duplicate column" (1060), "duplicate key name" (1061), or "already exists" errors
+        if (str_contains($msg, 'Duplicate column') || str_contains($msg, 'Duplicate key name') || str_contains($msg, 'already exists')) {
+            echo "  ⏭️  {$name} (already exists)\n";
+            $skipped++;
+        } else {
+            echo "  ❌ {$name}: {$msg}\n";
+            $failed++;
+        }
+    }
+}
+
+echo "\n═══════════════════════════════════════════\n";
+echo "  Migration Complete!\n";
+echo "  ✅ Success: {$success} | ⏭️ Skipped: {$skipped} | ❌ Failed: {$failed}\n";
+echo "═══════════════════════════════════════════\n";
+
+```
+
+## File: `migrate_phase1.php`
+
+```php
+<?php
+/**
+ * Phase 1 Migration: Subscriptions & Quota System
+ * Run: php scripts/migrate_phase1.php
+ */
+
+require_once __DIR__ . '/../app/bootstrap/init.php';
+
+use App\Core\Database;
+
+$db = Database::getInstance();
+
+echo "═══════════════════════════════════════════\n";
+echo "  مُصادَق — Phase 1 Migration\n";
+echo "  Subscriptions & Quota System\n";
+echo "═══════════════════════════════════════════\n\n";
+
+$migrations = [
+
+    // 1. Add deleted_at to companies
+    'companies_soft_delete' => "ALTER TABLE companies ADD COLUMN deleted_at DATETIME NULL DEFAULT NULL",
+
+    // 2. Add deleted_at to users
+    'users_soft_delete' => "ALTER TABLE users ADD COLUMN deleted_at DATETIME NULL DEFAULT NULL",
+
+    // 3. Add email_hash to users (if missing)
+    'users_email_hash' => "ALTER TABLE users ADD COLUMN email_hash VARCHAR(64) NULL",
+
+    // 4. Create subscription_plans table
+    'subscription_plans_table' => "
+        CREATE TABLE IF NOT EXISTS subscription_plans (
+            id              VARCHAR(20) PRIMARY KEY,
+            name_ar         VARCHAR(100) NOT NULL,
+            name_en         VARCHAR(100) NOT NULL,
+            max_companies   INT NOT NULL DEFAULT 1,
+            max_invoices_month INT NOT NULL DEFAULT 30,
+            max_users       INT NOT NULL DEFAULT 2,
+            price_jod       DECIMAL(10,2) NOT NULL DEFAULT 0.00,
+            ai_features     BOOLEAN DEFAULT FALSE,
+            jofotara_enabled BOOLEAN DEFAULT FALSE,
+            is_active       BOOLEAN DEFAULT TRUE,
+            sort_order      INT DEFAULT 0,
+            features_json   JSON NULL,
+            created_at      DATETIME DEFAULT CURRENT_TIMESTAMP
+        ) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4 COLLATE=utf8mb4_unicode_ci
+    ",
+
+    // 4.5 Fix collation if table already exists
+    'subscription_plans_collation_fix' => "ALTER TABLE subscription_plans CONVERT TO CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci",
+
+    // 5. Ensure subscriptions table exists with all needed columns
+    'subscriptions_table' => "
+        CREATE TABLE IF NOT EXISTS subscriptions (
+            id                      CHAR(36) PRIMARY KEY DEFAULT (UUID()),
+            tenant_id               CHAR(36) NOT NULL UNIQUE,
+            plan_id                 VARCHAR(20) NOT NULL DEFAULT 'free',
+            max_companies           INT NOT NULL DEFAULT 1,
+            max_invoices_per_month  INT NOT NULL DEFAULT 15,
+            max_users               INT NOT NULL DEFAULT 1,
+            price_jod               DECIMAL(10,2) NOT NULL DEFAULT 0.00,
+            invoices_used_this_month INT NOT NULL DEFAULT 0,
+            status                  ENUM('active','past_due','cancelled','trial') DEFAULT 'trial',
+            current_period_start    DATETIME NULL,
+            current_period_end      DATETIME NULL,
+            trial_ends_at           DATETIME NULL,
+            created_at              DATETIME DEFAULT CURRENT_TIMESTAMP,
+            updated_at              DATETIME DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP,
+            FOREIGN KEY (tenant_id) REFERENCES tenants(id) ON DELETE CASCADE,
+            FOREIGN KEY (plan_id)   REFERENCES subscription_plans(id)
+        ) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4 COLLATE=utf8mb4_unicode_ci
+    ",
+
+    // 5.5 Fix collation if table already exists
+    'subscriptions_collation_fix' => "ALTER TABLE subscriptions CONVERT TO CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci",
+
+    // 6. Add plan_id column to subscriptions if upgrading from old schema
+    'subscriptions_plan_id' => "ALTER TABLE subscriptions ADD COLUMN plan_id VARCHAR(20) NOT NULL DEFAULT 'free'",
+
+    // 7. Add max_users column to subscriptions if missing
+    'subscriptions_max_users' => "ALTER TABLE subscriptions ADD COLUMN max_users INT NOT NULL DEFAULT 1",
+
+    // 8. Add trial_ends_at to subscriptions if missing
+    'subscriptions_trial' => "ALTER TABLE subscriptions ADD COLUMN trial_ends_at DATETIME NULL",
+
+    // 9. Index on subscriptions status
+    'subscriptions_status_idx' => "CREATE INDEX idx_sub_status ON subscriptions(status)",
+];
+
+$success = 0;
+$skipped = 0;
+$failed  = 0;
+
+foreach ($migrations as $name => $sql) {
+    try {
+        $db->exec($sql);
+        echo "  ✅ {$name}\n";
+        $success++;
+    } catch (\PDOException $e) {
+        $msg = $e->getMessage();
+        // Ignore "duplicate column" (1060), "duplicate key name" (1061), or "already exists" errors
+        if (str_contains($msg, 'Duplicate column') || str_contains($msg, 'Duplicate key name') || str_contains($msg, 'already exists')) {
+            echo "  ⏭️  {$name} (already exists)\n";
+            $skipped++;
+        } else {
+            echo "  ❌ {$name}: {$msg}\n";
+            $failed++;
+        }
+    }
+}
+
+echo "\n───────────────────────────────────────────\n";
+
+// Seed subscription plans
+echo "\n📦 Seeding subscription plans...\n";
+
+$plans = [
+    ['free',       'مجانية',    'Free',       1,   15,    1,    0.00,  1, 1, 10],
+    ['basic',      'أساسية',    'Basic',      3,   100,   3,   15.00,  1, 1, 20],
+    ['office',     'مكتبية',    'Office',    10,   500,  10,   45.00,  1, 1, 30],
+    ['pro',        'احترافية',  'Pro',       25,  2000,  25,   99.00,  1, 1, 40],
+    ['enterprise', 'مؤسسية',    'Enterprise', 999, 99999, 999, 249.00, 1, 1, 50],
+];
+
+$planStmt = $db->prepare("
+    INSERT INTO subscription_plans (id, name_ar, name_en, max_companies, max_invoices_month, max_users, price_jod, ai_features, jofotara_enabled, sort_order)
+    VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?)
+    ON DUPLICATE KEY UPDATE
+        name_ar = VALUES(name_ar),
+        name_en = VALUES(name_en),
+        max_companies = VALUES(max_companies),
+        max_invoices_month = VALUES(max_invoices_month),
+        max_users = VALUES(max_users),
+        price_jod = VALUES(price_jod),
+        ai_features = VALUES(ai_features),
+        jofotara_enabled = VALUES(jofotara_enabled),
+        sort_order = VALUES(sort_order)
+");
+
+foreach ($plans as $plan) {
+    $planStmt->execute($plan);
+    echo "  ✅ Plan: {$plan[0]} ({$plan[1]})\n";
+}
+
+// Auto-assign 'free' plan to any tenant without a subscription
+echo "\n🔗 Auto-assigning free plan to tenants without subscriptions...\n";
+
+$stmt = $db->query("
+    SELECT t.id FROM tenants t
+    LEFT JOIN subscriptions s ON s.tenant_id = t.id
+    WHERE s.id IS NULL
+");
+$orphanTenants = $stmt->fetchAll();
+
+if (!empty($orphanTenants)) {
+    $insertSub = $db->prepare("
+        INSERT INTO subscriptions (tenant_id, plan_id, max_companies, max_invoices_per_month, max_users, price_jod, status, current_period_start, current_period_end, trial_ends_at)
+        VALUES (?, 'free', 1, 15, 1, 0.00, 'trial', NOW(), DATE_ADD(NOW(), INTERVAL 30 DAY), DATE_ADD(NOW(), INTERVAL 14 DAY))
+    ");
+    foreach ($orphanTenants as $tenant) {
+        try {
+            $insertSub->execute([$tenant['id']]);
+            echo "  ✅ Assigned free plan to tenant: {$tenant['id']}\n";
+        } catch (\Exception $e) {
+            echo "  ⚠️  Tenant {$tenant['id']}: " . $e->getMessage() . "\n";
+        }
+    }
+} else {
+    echo "  ℹ️  All tenants already have subscriptions.\n";
+}
+
+echo "\n═══════════════════════════════════════════\n";
+echo "  Migration Complete!\n";
+echo "  ✅ Success: {$success} | ⏭️ Skipped: {$skipped} | ❌ Failed: {$failed}\n";
+echo "═══════════════════════════════════════════\n";
+
+```
+
 ## File: `migrate.php`

 ```php
@@ -371,7 +616,7 @@ try {
    // 2. Setup Super Admin details
    $adminEmail = 'admin@musadaq.app';
    $adminName = 'Hamza';
-    $adminPassword = 'password123'; // Default password
+    $adminPassword = env('SEED_ADMIN_PASSWORD', 'password123'); // Default for dev only

    // Check if user already exists
    $emailHash = hash('sha256', strtolower($adminEmail));
@@ -404,7 +649,7 @@ try {
        echo "[OK] Super Admin created successfully!\n";
        echo "----------------------------------------\n";
        echo "Email: $adminEmail\n";
-        echo "Password: $adminPassword\n";
+        echo "Password: [FROM ENV]\n";
        echo "Role: super_admin\n";
        echo "----------------------------------------\n";
    }
@@ -419,6 +664,80 @@ try {

 ```

+## File: `backfill_hashes.php`
+
+```php
+<?php
+/**
+ * Phase 2 Backfill: Generate hashes for existing invoices
+ * Run: php scripts/backfill_hashes.php
+ */
+
+require_once __DIR__ . '/../app/bootstrap/init.php';
+
+use App\Core\Database;
+use App\Core\Encryption;
+
+$db = Database::getInstance();
+
+echo "═══════════════════════════════════════════\n";
+echo "  مُصادَق — Backfill Invoice Hashes\n";
+echo "═══════════════════════════════════════════\n\n";
+
+// 1. Fetch all invoices without a hash
+$stmt = $db->query("SELECT id, company_id, supplier_tin, invoice_number, invoice_date FROM invoices WHERE invoice_hash IS NULL");
+$invoices = $stmt->fetchAll();
+
+if (empty($invoices)) {
+    echo "✅ No invoices found needing a hash update.\n";
+    exit;
+}
+
+echo "📦 Found " . count($invoices) . " invoices to process...\n";
+
+$updated = 0;
+$skipped = 0;
+
+foreach ($invoices as $inv) {
+    // Decrypt supplier_tin if it's encrypted (assuming it is based on upload logic)
+    $rawTin = Encryption::decrypt($inv['supplier_tin'] ?? '') ?: ($inv['supplier_tin'] ?? '');
+    
+    $invoiceNum  = $inv['invoice_number'] ?? '';
+    $invoiceDate = $inv['invoice_date'] ?? '';
+
+    if (empty($rawTin) || empty($invoiceNum) || empty($invoiceDate)) {
+        echo "  ⚠️  Skipping invoice [{$inv['id']}]: Missing critical data for hash calculation.\n";
+        $skipped++;
+        continue;
+    }
+
+    // Generate Hash
+    $rawHashString = $inv['company_id'] . '_' . $rawTin . '_' . $invoiceNum . '_' . $invoiceDate;
+    $invoiceHash = hash('sha256', strtolower($rawHashString));
+
+    try {
+        $updateStmt = $db->prepare("UPDATE invoices SET invoice_hash = ? WHERE id = ?");
+        $updateStmt->execute([$invoiceHash, $inv['id']]);
+        $updated++;
+        echo "  ✅ Updated invoice [{$inv['id']}] | Hash: " . substr($invoiceHash, 0, 8) . "...\n";
+    } catch (\PDOException $e) {
+        if (str_contains($e->getMessage(), 'Duplicate entry')) {
+            echo "  🚫 Duplicate hash found for invoice [{$inv['id']}]. Skipping update.\n";
+            $skipped++;
+        } else {
+            echo "  ❌ Failed to update [{$inv['id']}]: " . $e->getMessage() . "\n";
+            $skipped++;
+        }
+    }
+}
+
+echo "\n═══════════════════════════════════════════\n";
+echo "  Backfill Complete!\n";
+echo "  ✅ Updated: {$updated} | ⏭️ Skipped/Failed: {$skipped}\n";
+echo "═══════════════════════════════════════════\n";
+
+```
+
 ## File: `debug_data.php`

 ```php