97 lines
3.0 KiB
PHP
97 lines
3.0 KiB
PHP
<?php
|
|
/**
|
|
* Create Tenant Endpoint (Super Admin Only)
|
|
*/
|
|
|
|
use App\Core\Database;
|
|
use App\Core\Validator;
|
|
use App\Middleware\AuthMiddleware;
|
|
|
|
$decoded = AuthMiddleware::check();
|
|
|
|
if ($decoded['role'] !== 'super_admin') {
|
|
json_error('Unauthorized', 403);
|
|
}
|
|
|
|
$data = input();
|
|
|
|
$errors = Validator::validate($data, [
|
|
'name' => 'required',
|
|
'email' => 'required|email',
|
|
'phone' => 'required',
|
|
'manager_name' => 'required',
|
|
'manager_password' => 'required'
|
|
]);
|
|
|
|
if ($errors) {
|
|
json_error('Validation Failed', 422, $errors);
|
|
}
|
|
|
|
$db = Database::getInstance();
|
|
|
|
try {
|
|
$db->beginTransaction();
|
|
|
|
// Generate Tenant UUID in PHP so we can use it immediately
|
|
$tenantId = sprintf('%04x%04x-%04x-%04x-%04x-%04x%04x%04x',
|
|
mt_rand(0, 0xffff), mt_rand(0, 0xffff), mt_rand(0, 0xffff),
|
|
mt_rand(0, 0x0fff) | 0x4000, mt_rand(0, 0x3fff) | 0x8000,
|
|
mt_rand(0, 0xffff), mt_rand(0, 0xffff), mt_rand(0, 0xffff)
|
|
);
|
|
|
|
// 1. Create Tenant
|
|
$encryptedTenantName = \App\Core\Encryption::encrypt($data['name']);
|
|
$encryptedTenantEmail = \App\Core\Encryption::encrypt($data['email']);
|
|
|
|
$phone = preg_replace('/[^0-9+]/', '', $data['phone']);
|
|
$phone = ltrim($phone, '+');
|
|
if (str_starts_with($phone, '07')) {
|
|
$phone = '962' . substr($phone, 1);
|
|
} elseif (str_starts_with($phone, '7')) {
|
|
$phone = '962' . $phone;
|
|
}
|
|
|
|
$encryptedPhone = \App\Core\Encryption::encrypt($phone);
|
|
$phoneHash = hash('sha256', $phone);
|
|
|
|
$stmt = $db->prepare("INSERT INTO tenants (id, name, email, phone, status, created_at) VALUES (?, ?, ?, ?, 'active', NOW())");
|
|
$stmt->execute([
|
|
$tenantId,
|
|
$encryptedTenantName,
|
|
$encryptedTenantEmail,
|
|
$phone
|
|
]);
|
|
|
|
// Generate User UUID
|
|
$userId = sprintf('%04x%04x-%04x-%04x-%04x-%04x%04x%04x',
|
|
mt_rand(0, 0xffff), mt_rand(0, 0xffff), mt_rand(0, 0xffff),
|
|
mt_rand(0, 0x0fff) | 0x4000, mt_rand(0, 0x3fff) | 0x8000,
|
|
mt_rand(0, 0xffff), mt_rand(0, 0xffff), mt_rand(0, 0xffff)
|
|
);
|
|
|
|
// Encrypt sensitive user data
|
|
$encryptedName = \App\Core\Encryption::encrypt($data['manager_name']);
|
|
$encryptedEmail = \App\Core\Encryption::encrypt($data['email']);
|
|
$emailHash = hash('sha256', strtolower($data['email']));
|
|
|
|
// 2. Create Initial Manager (Admin) for this Tenant
|
|
$stmtUser = $db->prepare("INSERT INTO users (id, tenant_id, name, email, email_hash, phone, phone_hash, password_hash, role, created_at) VALUES (?, ?, ?, ?, ?, ?, ?, ?, 'admin', NOW())");
|
|
$stmtUser->execute([
|
|
$userId,
|
|
$tenantId,
|
|
$encryptedName,
|
|
$encryptedEmail,
|
|
$emailHash,
|
|
$encryptedPhone,
|
|
$phoneHash,
|
|
password_hash($data['manager_password'], PASSWORD_DEFAULT)
|
|
]);
|
|
|
|
$db->commit();
|
|
json_success(null, 'تم إنشاء المكتب ومدير المكتب بنجاح');
|
|
} catch (\Exception $e) {
|
|
$db->rollBack();
|
|
safe_error($e, 'tenants/create', 'حدث خطأ أثناء إنشاء المكتب.');
|
|
}
|
|
|