Update: 2026-05-08 01:41:28

app/modules_app/audit/index.php

@@ -0,0 +1,124 @@
+<?php
+/**
+ * Audit Log / Activity History
+ * GET /v1/audit-log
+ * Returns paginated activity history
+ */
+
+use App\Core\Database;
+use App\Middleware\AuthMiddleware;
+
+$decoded = AuthMiddleware::check();
+$db = Database::getInstance();
+
+$tenantId = $decoded['tenant_id'];
+$role = $decoded['role'];
+$page = max(1, (int)($_GET['page'] ?? 1));
+$limit = min(50, max(10, (int)($_GET['limit'] ?? 20)));
+$offset = ($page - 1) * $limit;
+$entityType = $_GET['entity_type'] ?? null;
+$action = $_GET['action'] ?? null;
+
+$where = [];
+$params = [];
+
+if ($role !== 'super_admin') {
+    $where[] = 'a.tenant_id = ?';
+    $params[] = $tenantId;
+}
+
+if ($entityType) {
+    $where[] = 'a.entity_type = ?';
+    $params[] = $entityType;
+}
+
+if ($action) {
+    $where[] = 'a.action LIKE ?';
+    $params[] = "%$action%";
+}
+
+$whereClause = $where ? 'WHERE ' . implode(' AND ', $where) : '';
+
+// Total count
+$countStmt = $db->prepare("SELECT COUNT(*) FROM audit_log a $whereClause");
+$countStmt->execute($params);
+$total = $countStmt->fetchColumn();
+
+// Fetch logs
+$params[] = $limit;
+$params[] = $offset;
+
+$stmt = $db->prepare("
+    SELECT a.*, u.name as user_name 
+    FROM audit_log a
+    LEFT JOIN users u ON a.user_id = u.id
+    $whereClause
+    ORDER BY a.created_at DESC
+    LIMIT ? OFFSET ?
+");
+$stmt->execute($params);
+$logs = $stmt->fetchAll();
+
+// Format logs
+foreach ($logs as &$log) {
+    $log['details'] = json_decode($log['details'] ?? '{}', true);
+    $log['old_values'] = json_decode($log['old_values'] ?? '{}', true);
+    
+    // Generate human-readable summary
+    $log['summary'] = match(true) {
+        str_starts_with($log['action'], 'invoice.') => _invoiceSummary($log),
+        str_starts_with($log['action'], 'user.') => _userSummary($log),
+        str_starts_with($log['action'], 'company.') => _companySummary($log),
+        str_starts_with($log['action'], 'payment.') => _paymentSummary($log),
+        default => $log['action'],
+    };
+}
+unset($log);
+
+json_success([
+    'logs' => $logs,
+    'pagination' => [
+        'page' => $page,
+        'limit' => $limit,
+        'total' => (int)$total,
+        'pages' => ceil($total / $limit),
+    ],
+]);
+
+function _invoiceSummary(array $log): string {
+    return match($log['action']) {
+        'invoice.approved' => 'تم اعتماد فاتورة',
+        'invoice.updated' => 'تم تعديل فاتورة',
+        'invoice.bulk_approved' => 'اعتماد جماعي',
+        'invoice.uploaded' => 'تم رفع فاتورة',
+        'invoice.extracted' => 'تم استخراج بيانات فاتورة',
+        default => $log['action'],
+    };
+}
+
+function _userSummary(array $log): string {
+    return match($log['action']) {
+        'user.created' => 'تم إنشاء مستخدم جديد',
+        'user.updated' => 'تم تعديل بيانات مستخدم',
+        'user.deleted' => 'تم حذف مستخدم',
+        'user.login' => 'تسجيل دخول',
+        default => $log['action'],
+    };
+}
+
+function _companySummary(array $log): string {
+    return match($log['action']) {
+        'company.created' => 'تم إنشاء شركة جديدة',
+        'company.updated' => 'تم تعديل بيانات شركة',
+        default => $log['action'],
+    };
+}
+
+function _paymentSummary(array $log): string {
+    return match($log['action']) {
+        'payment.created' => 'تم إنشاء طلب دفع',
+        'payment.uploaded' => 'تم رفع وصل دفع',
+        'payment.approved' => 'تم اعتماد دفعة',
+        default => $log['action'],
+    };
+}