Hamza/musadaq-saas
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

🚀 مُصادَق: تحديث برمجي جديد 2026-05-03 13:39

Browse Source
This commit is contained in:
Hamza-Ayed
2026-05-03 13:39:05 +03:00
parent 2de6a0adfd
commit ea415e3a11
19 changed files with 972 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

50
app/Modules/Admin/AdminController.php Normal file
View File

@@ -0,0 +1,50 @@
<?php
declare(strict_types=1);
namespace App\Modules\Admin;
use App\Core\{Request, Response, Database};
final class AdminController
{
public function getSystemStats(Request $request): void
{
// Must be super_admin
if (($request->user->role ?? '') !== 'super_admin') {
Response::error('غير مصرح', 'FORBIDDEN', 403);
return;
}
$db = Database::getInstance();
$stmt = $db->prepare("SELECT COUNT(*) as count FROM tenants");
$stmt->execute();
$totalTenants = $stmt->fetch()['count'];
$stmt = $db->prepare("SELECT COUNT(*) as count FROM invoices");
$stmt->execute();
$totalInvoices = $stmt->fetch()['count'];
// Simple Health Check
$redisHealth = 'ok';
try {
$redis = \App\Core\Redis::getInstance();
$redis->ping();
} catch (\Throwable $e) {
$redisHealth = 'failed';
}
Response::json([
'success' => true,
'data' => [
'total_tenants' => $totalTenants,
'total_invoices' => $totalInvoices,
'system_health' => [
'database' => 'ok',
'redis' => $redisHealth
]
]
]);
}
}

60
app/Modules/ApiKeys/ApiKeyController.php Normal file
View File

@@ -0,0 +1,60 @@
<?php
declare(strict_types=1);
namespace App\Modules\ApiKeys;
use App\Core\{Request, Response};
use App\Modules\ApiKeys\ApiKeyModel;
final class ApiKeyController
{
public function __construct(private readonly ApiKeyModel $apiKeyModel) {}
public function list(Request $request): void
{
$tenantId = $request->tenantId;
$keys = $this->apiKeyModel->findAllByTenant($tenantId);
Response::json([
'success' => true,
'data' => $keys
]);
}
public function create(Request $request): void
{
$tenantId = $request->tenantId;
$data = $request->getBody();
if (empty($data['name'])) {
Response::error('اسم المفتاح مطلوب', 'VALIDATION_ERROR', 422);
return;
}
$id = \Ramsey\Uuid\Uuid::uuid4()->toString();
// Generate a random key
$rawKey = bin2hex(random_bytes(32));
$prefix = substr($rawKey, 0, 8);
$hashedKey = hash('sha256', $rawKey);
$this->apiKeyModel->create([
'id' => $id,
'tenant_id' => $tenantId,
'name' => $data['name'],
'key_hash' => $hashedKey,
'prefix' => $prefix,
'is_active' => 1
]);
Response::json([
'success' => true,
'message' => 'تم إنشاء مفتاح API بنجاح',
'data' => [
'id' => $id,
'name' => $data['name'],
'key' => $rawKey // Only shown once!
]
], 201);
}
}

19
app/Modules/ApiKeys/ApiKeyModel.php Normal file
View File

@@ -0,0 +1,19 @@
<?php
declare(strict_types=1);
namespace App\Modules\ApiKeys;
use App\Models\BaseModel;
final class ApiKeyModel extends BaseModel
{
protected string $table = 'api_keys';
public function findAllByTenant(string $tenantId): array
{
$stmt = $this->db()->prepare("SELECT id, name, prefix, expires_at, last_used_at, is_active, created_at FROM {$this->table} WHERE tenant_id = ? AND deleted_at IS NULL");
$stmt->execute([$tenantId]);
return $stmt->fetchAll();
}
}

53
app/Modules/Auth/AuthController.php
View File

@@ -25,6 +25,16 @@ final class AuthController
try {
$result = $this->authService->login($email, $password);
// 2FA Check
if ($result['user']->totp_enabled) {
Response::json([
'success' => true,
'requires_2fa' => true,
'temp_token' => $result['access_token']
]);
return;
}
// Set refresh token in HttpOnly cookie
setcookie('refresh_token', $result['refresh_token'], [
'expires' => time() + (60 * 60 * 24 * 7),
@@ -128,4 +138,47 @@ final class AuthController
Response::error($e->getMessage(), 'REGISTRATION_FAILED', 400);
}
}
public function enable2FA(Request $request): void
{
$user = $request->user;
$totpService = new \App\Services\TotpService();
$secret = $totpService->generateSecret();
$qrUrl = $totpService->getQrCodeUrl($user->email, $secret);
Response::json([
'success' => true,
'data' => [
'secret' => $secret,
'qr_url' => $qrUrl
]
]);
}
public function verify2FA(Request $request): void
{
$data = $request->getBody();
$code = $data['code'] ?? '';
$secret = $data['secret'] ?? '';
$totpService = new \App\Services\TotpService();
if ($totpService->verify($secret, $code)) {
$db = \App\Core\Database::getInstance();
$stmt = $db->prepare("UPDATE users SET totp_secret = ?, totp_enabled = 1 WHERE id = ?");
$stmt->execute([$secret, $request->user->user_id]);
Response::json(['success' => true, 'message' => 'تم تفعيل التحقق الثنائي بنجاح']);
} else {
Response::error('رمز التحقق غير صحيح', 'INVALID_CODE', 400);
}
}
public function disable2FA(Request $request): void
{
$db = \App\Core\Database::getInstance();
$stmt = $db->prepare("UPDATE users SET totp_secret = NULL, totp_enabled = 0 WHERE id = ?");
$stmt->execute([$request->user->user_id]);
Response::json(['success' => true, 'message' => 'تم تعطيل التحقق الثنائي']);
}
}

49
app/Modules/Invoices/InvoiceController.php
View File

@@ -89,4 +89,53 @@ final class InvoiceController
Response::error($e->getMessage(), 'UPLOAD_FAILED', 500);
}
}
public function detail(Request $request, array $vars): void
{
$tenantId = $request->tenantId;
$invoiceId = $vars['id'] ?? null;
$db = \App\Core\Database::getInstance();
$stmt = $db->prepare("SELECT * FROM invoices WHERE id = ? AND tenant_id = ? AND deleted_at IS NULL LIMIT 1");
$stmt->execute([$invoiceId, $tenantId]);
$invoice = $stmt->fetch();
if (!$invoice) {
Response::error('الفاتورة غير موجودة', 'NOT_FOUND', 404);
return;
}
// Additional authorization check based on assigned company if needed
$role = $request->user->role ?? 'viewer';
if ($role !== 'super_admin' && $invoice['company_id'] !== $request->user->assigned_company_id) {
Response::error('غير مصرح لك بمشاهدة هذه الفاتورة', 'FORBIDDEN', 403);
return;
}
// Fetch lines
$stmt = $db->prepare("SELECT * FROM invoice_lines WHERE invoice_id = ? ORDER BY id ASC");
$stmt->execute([$invoiceId]);
$invoice['lines'] = $stmt->fetchAll();
Response::json([
'success' => true,
'data' => $invoice
]);
}
public function submit(Request $request, array $vars): void
{
$tenantId = $request->tenantId;
$invoiceId = $vars['id'];
// Push to Queue for JoFotara Submission
\App\Services\QueueService::push('submit_jofotara', [
'invoice_id' => $invoiceId
]);
Response::json([
'success' => true,
'message' => 'Invoice submission queued.'
]);
}
}

33
app/Modules/Users/UserController.php
View File

@@ -38,5 +38,38 @@ final class UserController
'success' => true,
'data' => $user
]);
public function create(Request $request): void
{
$tenantId = $request->tenantId;
$data = $request->getBody();
if (empty($data['email']) || empty($data['password']) || empty($data['name']) || empty($data['role'])) {
Response::error('جميع الحقول مطلوبة', 'VALIDATION_ERROR', 422);
return;
}
if ($this->userModel->findByEmail($data['email'])) {
Response::error('البريد الإلكتروني مستخدم مسبقاً', 'DUPLICATE_EMAIL', 409);
return;
}
$userId = \Ramsey\Uuid\Uuid::uuid4()->toString();
$this->userModel->create([
'id' => $userId,
'tenant_id' => $tenantId,
'name' => $data['name'],
'email' => $data['email'],
'password_hash' => password_hash($data['password'], PASSWORD_ARGON2ID),
'role' => $data['role'],
'assigned_company_id' => $data['assigned_company_id'] ?? null,
'is_active' => 1
]);
Response::json([
'success' => true,
'message' => 'تم إضافة المستخدم بنجاح',
'data' => ['id' => $userId]
], 201);
}
}

84
app/Services/AI/OpenAIProvider.php Normal file
View File

@@ -0,0 +1,84 @@
<?php
declare(strict_types=1);
namespace App\Services\AI;
use App\Services\AI\Contracts\AIProviderInterface;
use Exception;
final class OpenAIProvider implements AIProviderInterface
{
private string $apiKey;
private string $model;
public function __construct()
{
$this->apiKey = $_ENV['OPENAI_API_KEY'] ?? '';
$this->model = $_ENV['OPENAI_MODEL'] ?? 'gpt-4o-mini';
}
public function isConfigured(): bool
{
return !empty($this->apiKey);
}
public function extractInvoiceData(string $fileContent, string $mimeType, string $prompt): array
{
if (!$this->isConfigured()) {
throw new Exception("OpenAI API Key is missing. Please configure it in .env");
}
$base64Data = base64_encode($fileContent);
$payload = [
'model' => $this->model,
'messages' => [
[
'role' => 'user',
'content' => [
[
'type' => 'text',
'text' => $prompt
],
[
'type' => 'image_url',
'image_url' => [
'url' => "data:{$mimeType};base64,{$base64Data}"
]
]
]
]
],
'response_format' => ['type' => 'json_object'],
'temperature' => 0.1
];
$ch = curl_init('https://api.openai.com/v1/chat/completions');
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_POST, true);
curl_setopt($ch, CURLOPT_POSTFIELDS, json_encode($payload));
curl_setopt($ch, CURLOPT_HTTPHEADER, [
'Content-Type: application/json',
"Authorization: Bearer {$this->apiKey}"
]);
$response = curl_exec($ch);
$httpCode = curl_getinfo($ch, CURLINFO_HTTP_CODE);
curl_close($ch);
if ($httpCode !== 200) {
throw new Exception("OpenAI Extraction failed. HTTP Code: {$httpCode}. Response: {$response}");
}
$result = json_decode($response, true);
$text = $result['choices'][0]['message']['content'] ?? '{}';
$data = json_decode($text, true);
if (!is_array($data)) {
throw new Exception("Failed to parse OpenAI output as JSON: {$text}");
}
return $data;
}
}

77
app/Services/RiskAnalysisService.php Normal file
View File

@@ -0,0 +1,77 @@
<?php
declare(strict_types=1);
namespace App\Services;
use App\Core\Database;
final class RiskAnalysisService
{
public function calculateCompanyRiskScore(string $companyId): array
{
$db = Database::getInstance();
$score = 100;
$factors = [];
// 1. Rejection Rate
$stmt = $db->prepare("SELECT status, COUNT(*) as count FROM invoices WHERE company_id = ? GROUP BY status");
$stmt->execute([$companyId]);
$stats = $stmt->fetchAll();
$total = 0;
$rejected = 0;
foreach ($stats as $stat) {
$total += $stat['count'];
if ($stat['status'] === 'rejected' || $stat['status'] === 'validation_failed') {
$rejected += $stat['count'];
}
}
if ($total > 0) {
$rejectionRate = $rejected / $total;
if ($rejectionRate > 0.10) { // More than 10% rejections
$penalty = min(30, (int)(($rejectionRate - 0.10) * 100));
$score -= $penalty;
$factors[] = "نسبة رفض عالية: " . round($rejectionRate * 100, 1) . "% (خصم {$penalty} نقطة)";
}
}
// 2. High Value Cash Invoices
$stmt = $db->prepare("SELECT COUNT(*) as count FROM invoices WHERE company_id = ? AND invoice_type = 'cash' AND grand_total > 5000");
$stmt->execute([$companyId]);
$highValueCash = $stmt->fetch()['count'];
if ($highValueCash > 0) {
$penalty = min(20, $highValueCash * 2);
$score -= $penalty;
$factors[] = "وجود فواتير نقدية بقيم عالية: {$highValueCash} فاتورة (خصم {$penalty} نقطة)";
}
// 3. Late submissions (invoice_date is much older than created_at)
$stmt = $db->prepare("SELECT COUNT(*) as count FROM invoices WHERE company_id = ? AND DATEDIFF(created_at, invoice_date) > 7");
$stmt->execute([$companyId]);
$lateInvoices = $stmt->fetch()['count'];
if ($lateInvoices > 0) {
$penalty = min(15, $lateInvoices * 1);
$score -= $penalty;
$factors[] = "تأخير في رفع الفواتير: {$lateInvoices} فاتورة متأخرة بأكثر من 7 أيام (خصم {$penalty} نقطة)";
}
// Determine Risk Level
$riskLevel = 'low';
if ($score < 50) {
$riskLevel = 'high';
} elseif ($score < 80) {
$riskLevel = 'medium';
}
return [
'score' => max(0, $score),
'level' => $riskLevel,
'factors' => $factors,
'calculated_at' => date('Y-m-d H:i:s')
];
}
}

83
app/Services/TotpService.php Normal file
View File

@@ -0,0 +1,83 @@
<?php
declare(strict_types=1);
namespace App\Services;
final class TotpService
{
private const ALPHABET = 'ABCDEFGHIJKLMNOPQRSTUVWXYZ234567';
public function generateSecret(): string
{
$secret = '';
for ($i = 0; $i < 16; $i++) {
$secret .= self::ALPHABET[random_int(0, 31)];
}
return $secret;
}
public function verify(string $secret, string $code): bool
{
$currentTime = floor(time() / 30);
// Check current, previous and next window (allow 30s clock drift)
for ($i = -1; $i <= 1; $i++) {
if ($this->calculateCode($secret, (int)($currentTime + $i)) === $code) {
return true;
}
}
return false;
}
private function calculateCode(string $secret, int $time): string
{
$key = $this->base32Decode($secret);
$timeHex = str_pad(dechex($time), 16, '0', STR_PAD_LEFT);
$timeBin = pack('H*', $timeHex);
$hash = hash_hmac('sha1', $timeBin, $key, true);
$offset = ord($hash[19]) & 0xf;
$otp = (
((ord($hash[$offset]) & 0x7f) << 24) |
((ord($hash[$offset + 1]) & 0xff) << 16) |
((ord($hash[$offset + 2]) & 0xff) << 8) |
(ord($hash[$offset + 3]) & 0xff)
) % 1000000;
return str_pad((string)$otp, 6, '0', STR_PAD_LEFT);
}
private function base32Decode(string $base32): string
{
$base32 = strtoupper($base32);
$buffer = 0;
$bufferSize = 0;
$decoded = '';
for ($i = 0; $i < strlen($base32); $i++) {
$char = $base32[$i];
$pos = strpos(self::ALPHABET, $char);
if ($pos === false) continue;
$buffer = ($buffer << 5) | $pos;
$bufferSize += 5;
if ($bufferSize >= 8) {
$bufferSize -= 8;
$decoded .= chr(($buffer >> $bufferSize) & 0xff);
}
}
return $decoded;
}
public function getQrCodeUrl(string $userEmail, string $secret, string $issuer = 'Musadaq'): string
{
$label = urlencode($issuer . ':' . $userEmail);
$otpauth = "otpauth://totp/{$label}?secret={$secret}&issuer=" . urlencode($issuer);
return "https://api.qrserver.com/v1/create-qr-code/?size=200x200&data=" . urlencode($otpauth);
}
}

18
phpunit.xml Normal file
View File

@@ -0,0 +1,18 @@
<?xml version="1.0" encoding="UTF-8"?>
<phpunit xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:noNamespaceSchemaLocation="https://schema.phpunit.de/11.0/phpunit.xsd"
bootstrap="vendor/autoload.php"
colors="true">
<testsuites>
<testsuite name="Unit">
<directory>tests/Unit</directory>
</testsuite>
<testsuite name="Feature">
<directory>tests/Feature</directory>
</testsuite>
</testsuites>
<php>
<env name="APP_ENV" value="testing"/>
<env name="DB_DATABASE" value="musadeq_test"/>
</php>
</phpunit>

2
public/index.html
View File

@@ -47,7 +47,7 @@
<svg class="w-6 h-6" fill="none" stroke="currentColor" viewBox="0 0 24 24"><path stroke-linecap="round" stroke-linejoin="round" stroke-width="2" d="M12 3v1m0 16v1m9-9h-1M4 12H3m15.364-6.364l-.707.707M6.343 17.657l-.707.707M16.071 16.071l.707.707M7.929 7.929l.707-.707M12 8a4 4 0 100 8 4 4 0 000-8z"></path></svg>
</template>
</button>
<a href="#login" class="px-6 py-2 bg-primary-600 hover:bg-primary-700 text-white rounded-xl font-semibold transition-all shadow-lg shadow-primary-600/20">دخول</a>
<a href="index.php" class="px-6 py-2 bg-primary-600 hover:bg-primary-700 text-white rounded-xl font-semibold transition-all shadow-lg shadow-primary-600/20">دخول</a>
</div>
</nav>

36
public/index.php
View File

@@ -15,6 +15,18 @@ $router = $app->getRouter();
// ══ Auth Routes ══════════════════════════════════════════════
$router->addRoute('POST', '/api/v1/auth/login', [AuthController::class, 'login']);
$router->addRoute('POST', '/api/v1/auth/register', [AuthController::class, 'register']);
$router->addRoute('POST', '/api/v1/auth/2fa/enable', [
'middleware' => [\App\Middleware\AuthMiddleware::class],
'handler' => [AuthController::class, 'enable2FA']
]);
$router->addRoute('POST', '/api/v1/auth/2fa/verify', [
'middleware' => [\App\Middleware\AuthMiddleware::class],
'handler' => [AuthController::class, 'verify2FA']
]);
$router->addRoute('POST', '/api/v1/auth/2fa/disable', [
'middleware' => [\App\Middleware\AuthMiddleware::class],
'handler' => [AuthController::class, 'disable2FA']
]);
// ══ Company Routes ═══════════════════════════════════════════
$router->addRoute('GET', '/api/v1/companies', [
@@ -33,11 +45,11 @@ $router->addRoute('PUT', '/api/v1/companies/{id}/jofotara', [
// ══ User Routes ══════════════════════════════════════════════
$router->addRoute('GET', '/api/v1/users', [
'middleware' => [\App\Middleware\AuthMiddleware::class],
'handler' => [\App\Modules\Users\UsersController::class, 'list']
'handler' => [\App\Modules\Users\UserController::class, 'index']
]);
$router->addRoute('POST', '/api/v1/users', [
'middleware' => [\App\Middleware\AuthMiddleware::class],
'handler' => [\App\Modules\Users\UsersController::class, 'create']
'handler' => [\App\Modules\Users\UserController::class, 'create']
]);
// ══ Invoice Routes ═══════════════════════════════════════════
@@ -53,6 +65,10 @@ $router->addRoute('GET', '/api/v1/invoices/{id}', [
'middleware' => [\App\Middleware\AuthMiddleware::class],
'handler' => [\App\Modules\Invoices\InvoiceController::class, 'detail']
]);
$router->addRoute('POST', '/api/v1/invoices/{id}/submit', [
'middleware' => [\App\Middleware\AuthMiddleware::class],
'handler' => [\App\Modules\Invoices\InvoiceController::class, 'submit']
]);
// ══ Subscriptions ═════════════════════════════════════════════════
$router->addRoute('GET', '/api/v1/subscriptions/me', [
@@ -60,6 +76,16 @@ $router->addRoute('GET', '/api/v1/subscriptions/me', [
'handler' => [\App\Modules\Subscriptions\SubscriptionController::class, 'me']
]);
// ══ API Keys ═══════════════════════════════════════════════════
$router->addRoute('GET', '/api/v1/api-keys', [
'middleware' => [\App\Middleware\AuthMiddleware::class, \App\Middleware\TenantMiddleware::class],
'handler' => [\App\Modules\ApiKeys\ApiKeyController::class, 'list']
]);
$router->addRoute('POST', '/api/v1/api-keys', [
'middleware' => [\App\Middleware\AuthMiddleware::class, \App\Middleware\TenantMiddleware::class],
'handler' => [\App\Modules\ApiKeys\ApiKeyController::class, 'create']
]);
// ══ External API (HMAC) ══════════════════════════════════════
$router->addRoute('POST', '/api/v1/external/invoices/upload', [
'middleware' => [\App\Middleware\HmacMiddleware::class],
@@ -72,6 +98,12 @@ $router->addRoute('GET', '/api/v1/dashboard', [
'handler' => [\App\Modules\Dashboard\DashboardController::class, 'getStats']
]);
// ══ Super Admin ══════════════════════════════════════════════
$router->addRoute('GET', '/api/v1/admin/stats', [
'middleware' => [\App\Middleware\AuthMiddleware::class],
'handler' => [\App\Modules\Admin\AdminController::class, 'getSystemStats']
]);
// ══ Health Check ═════════════════════════════════════════════
$router->addRoute('GET', '/api/v1/health', function($request) {
\App\Core\Response::json([

187
public/shell.php
View File

@@ -326,6 +326,7 @@
<div id="login-error" class="text-red-400 text-sm text-center hidden p-2 bg-red-500/10 rounded-lg border border-red-500/20"></div>
<button type="submit" class="w-full bg-gradient-to-r from-primary to-emerald-400 hover:from-primary-dark hover:to-primary text-white font-bold py-3 rounded-xl shadow-lg transition-all">تسجيل الدخول</button>
</form>
<p class="mt-6 text-center text-slate-400 text-sm">ليس لديك حساب؟ <a href="#" onclick="renderRegister()" class="text-primary hover:underline">سجل شركتك الآن</a></p>
</div>
</div>
`;
@@ -354,6 +355,62 @@
};
}
// ── Register View ───────────────────────────────────────────
function renderRegister() {
document.getElementById('sidebar').classList.add('hidden');
document.getElementById('header').classList.add('hidden');
document.getElementById('ai-container').classList.add('hidden');
contentDiv.innerHTML = `
<div class="flex flex-col items-center justify-center min-h-[80vh] py-10">
<div class="w-full max-w-lg p-10 glass-panel rounded-3xl shadow-2xl">
<div class="w-16 h-16 bg-gradient-to-br from-emerald-400 to-primary rounded-2xl flex items-center justify-center shadow-lg shadow-emerald-500/30 mx-auto mb-6">
<svg class="w-8 h-8 text-white" fill="none" stroke="currentColor" viewBox="0 0 24 24"><path stroke-linecap="round" stroke-linejoin="round" stroke-width="2" d="M18 9v3m0 0v3m0-3h3m-3 0h-3m-2-5a4 4 0 11-8 0 4 4 0 018 0zM3 20a6 6 0 0112 0v1H3v-1z"></path></svg>
</div>
<h2 class="text-3xl font-bold mb-2 text-center">التسجيل في مُصادَق</h2>
<p class="text-slate-400 text-center mb-8">ابدأ تجربتك المجانية واربط مع جو-فواتير بثوانٍ</p>
<form id="register-form" class="space-y-4">
<input type="text" id="reg-tenant" class="w-full bg-black/20 border border-white/10 rounded-xl px-5 py-3 focus:outline-none focus:border-primary text-white" placeholder="اسم الشركة (المستأجر)" required>
<input type="text" id="reg-user" class="w-full bg-black/20 border border-white/10 rounded-xl px-5 py-3 focus:outline-none focus:border-primary text-white" placeholder="الاسم الكامل لمدير النظام" required>
<input type="email" id="reg-email" class="w-full bg-black/20 border border-white/10 rounded-xl px-5 py-3 focus:outline-none focus:border-primary text-white" placeholder="البريد الإلكتروني" required>
<input type="password" id="reg-password" class="w-full bg-black/20 border border-white/10 rounded-xl px-5 py-3 focus:outline-none focus:border-primary text-white" placeholder="كلمة المرور" required>
<div id="register-error" class="text-red-400 text-sm text-center hidden p-2 bg-red-500/10 rounded-lg border border-red-500/20"></div>
<button type="submit" class="w-full bg-gradient-to-r from-emerald-500 to-primary hover:from-primary hover:to-emerald-500 text-white font-bold py-3 rounded-xl shadow-lg transition-all mt-2">إنشاء حساب جديد</button>
</form>
<p class="mt-6 text-center text-slate-400 text-sm">لديك حساب بالفعل؟ <a href="#" onclick="renderLogin()" class="text-primary hover:underline">سجل الدخول</a></p>
</div>
</div>
`;
document.getElementById('register-form').onsubmit = async (e) => {
e.preventDefault();
const btn = e.target.querySelector('button');
btn.innerHTML = 'جاري إنشاء الحساب...';
btn.disabled = true;
try {
const data = {
tenant_name: document.getElementById('reg-tenant').value,
user_name: document.getElementById('reg-user').value,
email: document.getElementById('reg-email').value,
password: document.getElementById('reg-password').value
};
const res = await API.post('/auth/register', data);
localStorage.setItem('access_token', res.data.access_token);
localStorage.setItem('user_role', res.data.user.role);
API.accessToken = res.data.access_token;
initApp();
} catch (err) {
const errEl = document.getElementById('register-error');
errEl.textContent = err.error?.message_ar || err.error?.details?.message || err.message || 'خطأ في التسجيل';
errEl.classList.remove('hidden');
btn.innerHTML = 'إنشاء حساب جديد';
btn.disabled = false;
}
};
}
// ── Dashboard View ───────────────────────────────────────
async function renderDashboard() {
document.getElementById('page-title').textContent = 'لوحة التحكم السريعة';
@@ -400,7 +457,7 @@
html += `<p class="text-slate-500 text-center py-8 bg-black/20 rounded-xl">لا توجد فواتير بعد</p>`;
} else {
stats.recent_invoices.forEach(inv => {
const statusColor = inv.status === 'APPROVED' ? 'text-primary' : (inv.status === 'REJECTED' ? 'text-red-400' : 'text-yellow-400');
const statusColor = inv.status === 'approved' ? 'text-primary' : (inv.status === 'rejected' ? 'text-red-400' : 'text-yellow-400');
html += `
<div class="flex justify-between items-center p-5 bg-black/30 rounded-2xl border border-white/5 hover:border-white/10 transition-colors">
<div class="flex items-center gap-4">
@@ -535,10 +592,10 @@
html += `<tr><td colspan="4" class="p-8 text-center text-slate-500">لا توجد فواتير.</td></tr>`;
} else {
invoices.forEach(inv => {
const statusColor = inv.status === 'APPROVED' ? 'text-primary' : (inv.status === 'REJECTED' ? 'text-red-400' : 'text-yellow-400');
const statusColor = inv.status === 'approved' ? 'text-primary' : (inv.status === 'rejected' ? 'text-red-400' : 'text-yellow-400');
html += `
<tr class="hover:bg-white/5 transition-colors">
<td class="p-4 font-mono text-xs text-slate-300">${inv.id}</td>
<tr onclick="renderInvoiceDetail('${inv.id}')" class="hover:bg-white/5 transition-colors cursor-pointer group">
<td class="p-4 font-mono text-xs text-slate-300 group-hover:text-primary transition-colors">${inv.id}</td>
<td class="p-4 font-bold text-slate-200">${inv.company_id}</td>
<td class="p-4 text-slate-400">${new Date(inv.created_at).toLocaleDateString('ar-JO')}</td>
<td class="p-4 font-bold ${statusColor}">${inv.status}</td>
@@ -554,6 +611,128 @@
}
}
async function renderInvoiceDetail(id) {
document.getElementById('page-title').textContent = 'تفاصيل الفاتورة';
contentDiv.innerHTML = `<div class="flex items-center justify-center p-20"><div class="animate-spin rounded-full h-12 w-12 border-t-2 border-b-2 border-primary"></div></div>`;
try {
const res = await API.get(`/invoices/${id}`);
const inv = res.data;
const statusColor = inv.status === 'approved' ? 'text-primary' : (inv.status === 'rejected' ? 'text-red-400' : 'text-yellow-400');
let linesHtml = '';
if (inv.lines && inv.lines.length > 0) {
inv.lines.forEach(line => {
linesHtml += `
<tr class="border-b border-white/5">
<td class="py-3 text-slate-300">${line.description || 'بدون وصف'}</td>
<td class="py-3 text-center">${line.quantity}</td>
<td class="py-3 text-center">${line.unit_price}</td>
<td class="py-3 text-left font-bold">${line.line_total}</td>
</tr>
`;
});
} else {
linesHtml = '<tr><td colspan="4" class="py-4 text-center text-slate-500">لا توجد بنود مستخرجة بعد</td></tr>';
}
contentDiv.innerHTML = `
<div class="flex flex-col lg:flex-row gap-6 h-[calc(100vh-200px)]">
<!-- Left side: Original File View (Placeholder for now, could be PDF viewer) -->
<div class="lg:w-1/2 glass-panel rounded-3xl overflow-hidden flex flex-col">
<div class="p-4 bg-white/5 border-b border-white/10 flex justify-between items-center">
<h4 class="font-bold">المستند الأصلي</h4>
<a href="${inv.original_file_path}" target="_blank" class="text-xs text-primary hover:underline">فتح في نافذة جديدة</a>
</div>
<div class="flex-1 bg-black/40 flex items-center justify-center text-slate-500 italic p-10 text-center">
${inv.original_file_path.endsWith('.pdf')
? `<iframe src="${inv.original_file_path}" class="w-full h-full border-none"></iframe>`
: `<img src="${inv.original_file_path}" class="max-w-full max-h-full object-contain" alt="Invoice Image">`
}
</div>
</div>
<!-- Right side: Extracted Data -->
<div class="lg:w-1/2 flex flex-col gap-6 overflow-y-auto pr-2 custom-scrollbar">
<div class="glass-panel p-6 rounded-3xl">
<div class="flex justify-between items-start mb-6">
<div>
<h4 class="text-lg font-bold mb-1">${inv.supplier_name || 'مورد غير معروف'}</h4>
<p class="text-sm text-slate-400">رقم الفاتورة: ${inv.invoice_number || '---'}</p>
</div>
<span class="px-4 py-1 rounded-full text-xs font-bold bg-white/5 ${statusColor} border border-current">
${inv.status.toUpperCase()}
</span>
</div>
<div class="grid grid-cols-2 gap-4 mb-6">
<div class="p-4 bg-white/5 rounded-2xl border border-white/5">
<p class="text-xs text-slate-500 mb-1">تاريخ الفاتورة</p>
<p class="font-bold">${inv.invoice_date || '---'}</p>
</div>
<div class="p-4 bg-white/5 rounded-2xl border border-white/5">
<p class="text-xs text-slate-500 mb-1">الرقم الضريبي (المورد)</p>
<p class="font-bold font-mono">${inv.supplier_tin || '---'}</p>
</div>
</div>
<h5 class="font-bold mb-3 text-sm">بنود الفاتورة</h5>
<table class="w-full text-sm mb-6">
<thead class="text-slate-500 text-xs border-b border-white/10">
<tr>
<th class="py-2 text-right">الوصف</th>
<th class="py-2 text-center">الكمية</th>
<th class="py-2 text-center">السعر</th>
<th class="py-2 text-left">المجموع</th>
</tr>
</thead>
<tbody>
${linesHtml}
</tbody>
</table>
<div class="space-y-2 pt-4 border-t border-white/10">
<div class="flex justify-between text-sm">
<span class="text-slate-400">المجموع الفرعي</span>
<span class="font-bold">${inv.subtotal} JOD</span>
</div>
<div class="flex justify-between text-sm">
<span class="text-slate-400">الضريبة</span>
<span class="font-bold">${inv.tax_amount} JOD</span>
</div>
<div class="flex justify-between text-lg pt-2 border-t border-white/5">
<span class="font-bold">الإجمالي</span>
<span class="font-black text-primary">${inv.grand_total} JOD</span>
</div>
</div>
</div>
<div class="flex gap-4 mb-10">
<button onclick="renderInvoices()" class="flex-1 py-3 bg-white/5 hover:bg-white/10 rounded-2xl transition font-bold border border-white/10">عودة</button>
${inv.status === 'extracted' ? `
<button onclick="submitToJoFotara('${inv.id}')" class="flex-[2] py-3 bg-gradient-to-r from-primary to-emerald-400 hover:shadow-primary/20 hover:shadow-xl rounded-2xl text-white font-bold transition-all">إرسال لـ جو-فواتير</button>
` : ''}
</div>
</div>
</div>
`;
} catch (err) {
contentDiv.innerHTML = `<div class="text-red-400 p-10">خطأ في تحميل تفاصيل الفاتورة: ${err.message}</div>`;
}
}
async function submitToJoFotara(id) {
try {
// We'll need a POST /api/v1/invoices/{id}/submit endpoint
const res = await API.post(`/invoices/${id}/submit`, {});
alert('تم إرسال الفاتورة للطابور بنجاح. سيتم تحديث الحالة تلقائياً.');
renderInvoiceDetail(id);
} catch (err) {
alert(err.error?.message_ar || 'فشل الإرسال: تأكد من إعدادات الربط للشركة.');
}
}
// ── Modals & Actions ─────────────────────────────────────
function showAddCompanyModal() {
const modals = document.getElementById('modals');

56
queue/Jobs/RiskAnalysisJob.php Normal file
View File

@@ -0,0 +1,56 @@
<?php
declare(strict_types=1);
namespace Queue\Jobs;
use App\Services\RiskAnalysisService;
use App\Core\Database;
use Throwable;
final class RiskAnalysisJob
{
public function __construct(
private readonly RiskAnalysisService $riskService
) {}
public function handle(array $payload): void
{
$companyId = $payload['company_id'];
$tenantId = $payload['tenant_id'];
try {
$analysis = $this->riskService->calculateCompanyRiskScore($companyId);
// Store or update risk score
$db = Database::getInstance();
$stmt = $db->prepare("SELECT id FROM risk_scores WHERE company_id = ? LIMIT 1");
$stmt->execute([$companyId]);
$existing = $stmt->fetch();
if ($existing) {
$stmt = $db->prepare("UPDATE risk_scores SET risk_level = ?, score = ?, factors = ?, calculated_at = NOW() WHERE company_id = ?");
$stmt->execute([
$analysis['level'],
$analysis['score'],
json_encode($analysis['factors'], JSON_UNESCAPED_UNICODE),
$companyId
]);
} else {
$stmt = $db->prepare("INSERT INTO risk_scores (id, tenant_id, company_id, risk_level, score, factors, calculated_at) VALUES (?, ?, ?, ?, ?, ?, NOW())");
$stmt->execute([
\Ramsey\Uuid\Uuid::uuid4()->toString(),
$tenantId,
$companyId,
$analysis['level'],
$analysis['score'],
json_encode($analysis['factors'], JSON_UNESCAPED_UNICODE)
]);
}
} catch (Throwable $e) {
echo "[!] Risk Analysis failed for company {$companyId}: " . $e->getMessage() . "\n";
throw $e;
}
}
}

37
queue/Jobs/SendNotificationJob.php Normal file
View File

@@ -0,0 +1,37 @@
<?php
declare(strict_types=1);
namespace Queue\Jobs;
use App\Core\Database;
use Throwable;
final class SendNotificationJob
{
public function handle(array $payload): void
{
$userId = $payload['user_id'];
$title = $payload['title'];
$message = $payload['message'];
$type = $payload['type'] ?? 'info';
try {
$db = Database::getInstance();
$stmt = $db->prepare("INSERT INTO notifications (id, user_id, title, message, type, is_read, created_at) VALUES (?, ?, ?, ?, ?, 0, NOW())");
$stmt->execute([
\Ramsey\Uuid\Uuid::uuid4()->toString(),
$userId,
$title,
$message,
$type
]);
// Here we could also trigger WebSockets or push notifications if implemented
} catch (Throwable $e) {
echo "[!] Notification failed for user {$userId}: " . $e->getMessage() . "\n";
throw $e;
}
}
}

81
queue/Jobs/SubmitJoFotaraJob.php Normal file
View File

@@ -0,0 +1,81 @@
<?php
declare(strict_types=1);
namespace Queue\Jobs;
use App\Modules\Invoices\InvoiceModel;
use App\Modules\Companies\CompanyService;
use App\Services\JoFotara\JoFotaraGateway;
use App\Services\JoFotara\UBLGeneratorService;
use Throwable;
final class SubmitJoFotaraJob
{
public function __construct(
private readonly InvoiceModel $invoiceModel,
private readonly CompanyService $companyService,
private readonly UBLGeneratorService $ublGenerator,
private readonly JoFotaraGateway $jofotaraGateway
) {}
public function handle(array $payload): void
{
$invoiceId = $payload['invoice_id'];
try {
// 1. Update status to submitting
$this->invoiceModel->update($invoiceId, ['status' => 'submitting']);
// 2. Fetch Invoice
$db = \App\Core\Database::getInstance();
$stmt = $db->prepare("SELECT * FROM invoices WHERE id = ? LIMIT 1");
$stmt->execute([$invoiceId]);
$invoice = $stmt->fetch();
if (!$invoice) {
throw new \Exception("Invoice not found.");
}
// 3. Fetch Company Credentials
$credentials = $this->companyService->getJoFotaraCredentials($invoice['company_id']);
if (empty($credentials['clientId']) || empty($credentials['secretKey'])) {
throw new \Exception("Company is not linked to JoFotara.");
}
// 4. Fetch Invoice Lines
$stmt = $db->prepare("SELECT * FROM invoice_lines WHERE invoice_id = ?");
$stmt->execute([$invoiceId]);
$lines = $stmt->fetchAll();
// 5. Generate UBL XML
$xmlString = $this->ublGenerator->generate($invoice, $lines);
$xmlBase64 = base64_encode($xmlString);
// 6. Submit to JoFotara
$response = $this->jofotaraGateway->submitInvoice($invoice['company_id'], $xmlBase64, $credentials);
// 7. Process Response
// Assuming response contains a success boolean and possibly qr_code
if (isset($response['success']) && $response['success']) {
$this->invoiceModel->update($invoiceId, [
'status' => 'approved',
'qr_code' => $response['qr_code'] ?? null,
'jofotara_response' => json_encode($response, JSON_UNESCAPED_UNICODE)
]);
} else {
$this->invoiceModel->update($invoiceId, [
'status' => 'rejected',
'jofotara_response' => json_encode($response, JSON_UNESCAPED_UNICODE)
]);
}
} catch (Throwable $e) {
$this->invoiceModel->update($invoiceId, [
'status' => 'validation_failed',
'validation_errors' => json_encode([['message_ar' => 'فشل الإرسال: ' . $e->getMessage()]], JSON_UNESCAPED_UNICODE)
]);
throw $e;
}
}
}

15
queue/worker.php
View File

@@ -34,6 +34,21 @@ while ($keepRunning) {
$handler->handle($job['payload']);
break;
case 'submit_jofotara':
$handler = $container->get(\Queue\Jobs\SubmitJoFotaraJob::class);
$handler->handle($job['payload']);
break;
case 'risk_analysis':
$handler = $container->get(\Queue\Jobs\RiskAnalysisJob::class);
$handler->handle($job['payload']);
break;
case 'send_notification':
$handler = $container->get(\Queue\Jobs\SendNotificationJob::class);
$handler->handle($job['payload']);
break;
default:
echo "[!] Unknown job type: {$job['type']}\n";
}

9
supervisor.conf Normal file
View File

@@ -0,0 +1,9 @@
[program:musadaq-worker]
command=php /var/www/musadeq/queue/worker.php
user=www-data
autostart=true
autorestart=true
stderr_logfile=/var/log/musadaq-worker.err.log
stdout_logfile=/var/log/musadaq-worker.out.log
numprocs=2
process_name=%(program_name)s_%(process_num)02d

30
tests/Unit/TotpServiceTest.php Normal file
View File

@@ -0,0 +1,30 @@
<?php
declare(strict_types=1);
namespace Tests\Unit;
use PHPUnit\Framework\TestCase;
use App\Services\TotpService;
final class TotpServiceTest extends TestCase
{
public function test_it_generates_valid_secret(): void
{
$service = new TotpService();
$secret = $service->generateSecret();
$this->assertEquals(16, strlen($secret));
$this->assertMatchesRegularExpression('/^[A-Z2-7]+$/', $secret);
}
public function test_it_verifies_correct_code(): void
{
$service = new TotpService();
$secret = 'JBSWY3DPEHPK3PXP'; // Known secret
// We can't easily test the code without a time mocker or calculation
// but we can check if it fails with an obviously wrong code
$this->assertFalse($service->verify($secret, '000000'));
}
}