<?php
declare(strict_types=1);
namespace App\Modules\Invoices\Actions;

use App\Core\Database;
use Exception;

final class DownloadInvoiceFileAction {
    public function execute(string $invoiceId, string $tenantId, $user): array {
        $db = Database::getInstance();
        $stmt = $db->prepare("SELECT original_file_path, company_id FROM invoices WHERE id = ? AND tenant_id = ? AND deleted_at IS NULL LIMIT 1");
        $stmt->execute([$invoiceId, $tenantId]);
        $invoice = $stmt->fetch();

        if (!$invoice || !file_exists($invoice['original_file_path'])) {
            throw new Exception('الملف غير موجود', 404);
        }

        $role = $user->role ?? 'viewer';
        if ($role !== 'super_admin' && $invoice['company_id'] !== ($user->assigned_company_id ?? null)) {
            throw new Exception('غير مصرح لك بمشاهدة هذا الملف', 403);
        }

        return [
            'path' => $invoice['original_file_path'],
            'mime' => mime_content_type($invoice['original_file_path']),
            'name' => basename($invoice['original_file_path'])
        ];
    }
}