54 lines
1.3 KiB
PHP
54 lines
1.3 KiB
PHP
<?php
|
|
/**
|
|
* Dashboard Stats Endpoint (Role-Based & Tenant-Aware)
|
|
*/
|
|
|
|
use App\Core\Database;
|
|
use App\Middleware\AuthMiddleware;
|
|
|
|
// 1. Auth Check
|
|
$decoded = AuthMiddleware::check();
|
|
$db = Database::getInstance();
|
|
|
|
$tenantId = $decoded['tenant_id'];
|
|
$companyId = $decoded['company_id'] ?? null;
|
|
$role = $decoded['role'];
|
|
|
|
try {
|
|
// 2. Build Query based on Role
|
|
$where = "WHERE tenant_id = :tenant_id";
|
|
$params = [':tenant_id' => $tenantId];
|
|
|
|
// If accountant or employee restricted to a company
|
|
if (($role === 'accountant' || $role === 'viewer') && $companyId) {
|
|
$where .= " AND company_id = :company_id";
|
|
$params[':company_id'] = $companyId;
|
|
}
|
|
|
|
// Total Invoices
|
|
$stmt = $db->prepare("SELECT COUNT(*) FROM invoices $where");
|
|
$stmt->execute($params);
|
|
$total = $stmt->fetchColumn();
|
|
|
|
// Pending Invoices
|
|
$stmt = $db->prepare("SELECT COUNT(*) FROM invoices $where AND status = 'pending'");
|
|
$stmt->execute($params);
|
|
$pending = $stmt->fetchColumn();
|
|
|
|
// Approved Invoices
|
|
$stmt = $db->prepare("SELECT COUNT(*) FROM invoices $where AND status = 'approved'");
|
|
$stmt->execute($params);
|
|
$approved = $stmt->fetchColumn();
|
|
|
|
} catch (\Exception $e) {
|
|
$total = 0;
|
|
$pending = 0;
|
|
$approved = 0;
|
|
}
|
|
|
|
json_success([
|
|
'total' => $total,
|
|
'pending' => $pending,
|
|
'approved' => $approved
|
|
]);
|