require_once '../../core/AuthMiddleware.php';
require_once '../../core/SubscriptionMiddleware.php';
require_once '../../core/PermissionMiddleware.php';

$userId = requireAuth();

$db = Database::connect();
$user = $db->query("SELECT role, company_id FROM users WHERE id=$userId")
           ->fetch(PDO::FETCH_ASSOC);

// Check subscription FIRST
requireSubscriptionModule($user['company_id'], 'tyres');

// Then permission
requirePermission('tyres', 'read', $user['role']);
