sam-sales/salesmanagement/api/sales_tenants.php

<?php
header("Content-Type: application/json; charset=utf-8");
require_once(__DIR__ . "/../../lib/mydb.php");

session_start();

$method = $_SERVER['REQUEST_METHOD'];
$action = $_GET['action'] ?? '';

if (!isset($_SESSION['sales_user'])) {
    echo json_encode(['success' => false, 'error' => '로그인이 필요합니다.']);
    exit;
}

$currentUser = $_SESSION['sales_user'];
$pdo = db_connect();

try {
    switch ($method) {
        case 'GET':
            if ($action === 'list_tenants') {
                // 운영자는 모든 테넌트, 영업관리/매니저는 본인 소속 테넌트만
                if ($currentUser['role'] === 'operator') {
                    $stmt = $pdo->prepare("SELECT t.*, m.name as manager_name FROM sales_tenants t JOIN sales_member m ON t.manager_id = m.id ORDER BY t.created_at DESC");
                    $stmt->execute();
                } else {
                    $stmt = $pdo->prepare("SELECT * FROM sales_tenants WHERE manager_id = ? ORDER BY created_at DESC");
                    $stmt->execute([$currentUser['id']]);
                }
                $tenants = $stmt->fetchAll(PDO::FETCH_ASSOC);
                echo json_encode(['success' => true, 'data' => $tenants]);

            } elseif ($action === 'tenant_products') {
                $tenant_id = $_GET['tenant_id'] ?? null;
                if (!$tenant_id) throw new Exception("테넌트 ID가 필요합니다.");
                
                $stmt = $pdo->prepare("SELECT * FROM sales_tenant_products WHERE tenant_id = ? ORDER BY created_at DESC");
                $stmt->execute([$tenant_id]);
                $products = $stmt->fetchAll(PDO::FETCH_ASSOC);
                echo json_encode(['success' => true, 'data' => $products]);

            } elseif ($action === 'my_stats') {
                // 현재 로그인한 사용자의 요약 통계
                $stmt = $pdo->prepare("
                    SELECT 
                        COUNT(DISTINCT t.id) as tenant_count,
                        SUM(p.contract_amount) as total_revenue,
                        SUM(p.commission_amount) as total_commission,
                        SUM(CASE WHEN p.operator_confirmed = 1 THEN p.commission_amount ELSE 0 END) as confirmed_commission
                    FROM sales_tenants t
                    LEFT JOIN sales_tenant_products p ON t.id = p.tenant_id
                    WHERE t.manager_id = ?
                ");
                $stmt->execute([$currentUser['id']]);
                $stats = $stmt->fetch(PDO::FETCH_ASSOC);
                echo json_encode(['success' => true, 'data' => $stats]);
            }
            break;

        case 'POST':
            $data = json_decode(file_get_contents('php://input'), true);
            
            if ($action === 'create_tenant') {
                $tenant_name = $data['tenant_name'] ?? '';
                $representative = $data['representative'] ?? '';
                $business_no = $data['business_no'] ?? '';
                $contact_phone = $data['contact_phone'] ?? '';
                $email = $data['email'] ?? '';
                $address = $data['address'] ?? '';
                
                if (!$tenant_name) throw new Exception("업체명은 필수입니다.");
                
                $stmt = $pdo->prepare("INSERT INTO sales_tenants (manager_id, tenant_name, representative, business_no, contact_phone, email, address) VALUES (?, ?, ?, ?, ?, ?, ?)");
                $stmt->execute([$currentUser['id'], $tenant_name, $representative, $business_no, $contact_phone, $email, $address]);
                
                echo json_encode(['success' => true, 'id' => $pdo->lastInsertId(), 'message' => '테넌트가 등록되었습니다.']);

            } elseif ($action === 'add_product') {
                $tenant_id = $data['tenant_id'] ?? null;
                $product_name = $data['product_name'] ?? '';
                $contract_amount = $data['contract_amount'] ?? 0;
                $commission_rate = $data['commission_rate'] ?? 0;
                $contract_date = $data['contract_date'] ?? date('Y-m-d');
                
                if (!$tenant_id || !$product_name) throw new Exception("필수 정보가 누락되었습니다.");
                
                $stmt = $pdo->prepare("INSERT INTO sales_tenant_products (tenant_id, product_name, contract_amount, commission_rate, contract_date) VALUES (?, ?, ?, ?, ?)");
                $stmt->execute([$tenant_id, $product_name, $contract_amount, $commission_rate, $contract_date]);
                
                echo json_encode(['success' => true, 'message' => '상품 계약 정보가 등록되었습니다.']);

            } elseif ($action === 'confirm_product') {
                if ($currentUser['role'] !== 'operator') throw new Exception("권한이 없습니다.");
                
                $product_id = $data['id'] ?? null;
                $confirmed = $data['confirmed'] ? 1 : 0;
                
                if (!$product_id) throw new Exception("ID가 누락되었습니다.");
                
                $stmt = $pdo->prepare("UPDATE sales_tenant_products SET operator_confirmed = ? WHERE id = ?");
                $stmt->execute([$confirmed, $product_id]);
                
                echo json_encode(['success' => true, 'message' => $confirmed ? '승인되었습니다.' : '승인이 취소되었습니다.']);
            }
            break;
    }
} catch (Exception $e) {
    echo json_encode(['success' => false, 'error' => $e->getMessage()]);
}