all(); Guard::requireLogin(); $userTenantContextService = app(\MintyPHP\Service\User\UserTenantContextService::class); $errorBag = formErrors(); if (!actionRequirePost('admin')) { return; } if (!actionRequireCsrf( 'admin', 'admin', 'switch_tenant', jsonAware: true, jsonPayload: ['ok' => false, 'error' => 'csrf'] )) { return; } $userId = (int) ($session['user']['id'] ?? 0); if ($userId <= 0) { http_response_code(401); if (Request::wantsJson()) { Router::json(['ok' => false, 'error' => 'unauthorized']); return; } Router::redirect('login'); return; } // Get tenant_id from POST $tenantId = (int) (requestInput()->bodyAll()['tenant_id'] ?? 0); if ($tenantId <= 0) { http_response_code(400); if (Request::wantsJson()) { Router::json(['ok' => false, 'error' => 'invalid_tenant_id']); return; } $errorBag->addGlobal(t('Failed to switch tenant')); flashFormErrors($errorBag, 'admin', 'switch_tenant'); Router::redirect('admin'); return; } $result = $userTenantContextService->setCurrentTenant($userId, $tenantId); if (!($result['ok'] ?? false)) { $error = $result['error'] ?? 'update_failed'; http_response_code(400); if (Request::wantsJson()) { Router::json(['ok' => false, 'error' => $error]); return; } $errorBag->addGlobal(t('Failed to switch tenant')); flashFormErrors($errorBag, 'admin', 'switch_tenant'); Router::redirect('admin'); return; } // Update session with new current tenant if (isset($session['user']) && is_array($session['user'])) { $userSession = $session['user']; $userSession['current_tenant_id'] = $tenantId; $sessionStore->set('user', $userSession); } // Reload full tenant + module session context in one place. app(\MintyPHP\Service\Auth\AuthService::class)->loadTenantDataIntoSession($userId); if (Request::wantsJson()) { Router::json([ 'ok' => true, 'tenant_id' => $tenantId, 'tenant' => $result['tenant'] ?? null, 'theme' => currentTheme(), ]); return; } Router::redirect('admin');