query(" SELECT u.id, u.name, u.email, u.role, u.is_active, u.created_at, t.name as tenant_name FROM users u LEFT JOIN tenants t ON u.tenant_id = t.id ORDER BY u.created_at DESC "); } elseif ($role === 'admin') { // Admin sees only users in THEIR tenant (Accounting Office) $stmt = $db->prepare(" SELECT u.id, u.name, u.email, u.role, u.is_active, u.created_at, t.name as tenant_name FROM users u LEFT JOIN tenants t ON u.tenant_id = t.id WHERE u.tenant_id = ? ORDER BY u.created_at DESC "); $stmt->execute([$tenantId]); } else { // Other roles shouldn't see user list json_error('Unauthorized', 403); } $users = $stmt->fetchAll(); // 3. Decrypt data and format foreach ($users as &$user) { // Decrypt User Name/Email $decryptedName = Encryption::decrypt($user['name']); $user['name'] = $decryptedName !== false ? $decryptedName : $user['name']; $decryptedEmail = Encryption::decrypt($user['email']); $user['email'] = $decryptedEmail !== false ? $decryptedEmail : $user['email']; // Decrypt Tenant Name (if exists) if (!empty($user['tenant_name'])) { $decryptedTenantName = Encryption::decrypt($user['tenant_name']); $user['tenant_name'] = $decryptedTenantName !== false ? $decryptedTenantName : $user['tenant_name']; } } json_success($users); } catch (\Exception $e) { json_error('SQL Error in Users List: ' . $e->getMessage(), 500); }