53 lines
1.3 KiB
PHP
53 lines
1.3 KiB
PHP
<?php
|
|
/**
|
|
* Dashboard Stats Endpoint (Role-Based & Tenant-Aware)
|
|
*/
|
|
|
|
use App\Core\Database;
|
|
use App\Middleware\AuthMiddleware;
|
|
|
|
// 1. Auth Check
|
|
$decoded = AuthMiddleware::check();
|
|
$db = Database::getInstance();
|
|
|
|
$tenantId = $decoded['tenant_id'] ?? null;
|
|
$companyId = $decoded['company_id'] ?? null;
|
|
$role = $decoded['role'];
|
|
|
|
try {
|
|
// 2. Apply Filters based on Role
|
|
if ($role === 'super_admin') {
|
|
// No filters - see everything
|
|
$where = "WHERE 1=1";
|
|
$params = [];
|
|
} else {
|
|
// Tenant Users (Admin, Accountant, Employee): Filter by Tenant
|
|
$where = "WHERE tenant_id = ?";
|
|
$params = [$tenantId];
|
|
}
|
|
|
|
// 3. Fetch Stats
|
|
$stmt = $db->prepare("SELECT COUNT(*) FROM invoices $where");
|
|
$stmt->execute($params);
|
|
$total = $stmt->fetchColumn();
|
|
|
|
$stmt = $db->prepare("SELECT COUNT(*) FROM invoices $where AND status = 'pending'");
|
|
$stmt->execute($params);
|
|
$pending = $stmt->fetchColumn();
|
|
|
|
$stmt = $db->prepare("SELECT COUNT(*) FROM invoices $where AND status = 'approved'");
|
|
$stmt->execute($params);
|
|
$approved = $stmt->fetchColumn();
|
|
|
|
} catch (\Exception $e) {
|
|
$total = 0;
|
|
$pending = 0;
|
|
$approved = 0;
|
|
}
|
|
|
|
json_success([
|
|
'total' => $total,
|
|
'pending' => $pending,
|
|
'approved' => $approved
|
|
]);
|