query('SELECT * FROM roles ORDER BY name');
$roles = $roles_stmt->fetchAll(PDO::FETCH_ASSOC);
} catch (PDOException $e) {
$error_message = "Database error fetching roles: " . $e->getMessage();
$roles = [];
}
$resources = ['asset', 'user', 'category', 'location', 'role', 'permission'];
$actions = ['create', 'read', 'update', 'delete'];
if ($_SERVER['REQUEST_METHOD'] === 'POST') {
try {
$pdo = db();
$pdo->beginTransaction();
// Clear existing permissions, but not for the super admin
$pdo->exec('DELETE FROM role_permissions WHERE role_id != 1');
$stmt = $pdo->prepare('INSERT INTO role_permissions (role_id, resource, action, fields) VALUES (?, ?, ?, ?)');
$permissions = $_POST['permissions'] ?? [];
foreach ($roles as $role) {
if ($role['id'] == 1) continue; // Skip Admin role, its permissions are immutable
foreach ($resources as $resource) {
foreach ($actions as $action) {
if (isset($permissions[$role['id']][$resource][$action]['enabled']) && $permissions[$role['id']][$resource][$action]['enabled'] == '1') {
$fields = null;
if (in_array($action, ['read', 'update', 'create'])) {
$fields = $permissions[$role['id']][$resource][$action]['fields'] ?? '*';
if (empty($fields)) {
$fields = '*';
}
}
$stmt->execute([$role['id'], $resource, $action, $fields]);
}
}
}
}
$pdo->commit();
$success_message = 'Permissions updated successfully!';
} catch (PDOException $e) {
if ($pdo->inTransaction()) {
$pdo->rollBack();
}
$error_message = 'Database error: ' . $e->getMessage();
}
}
function get_permissions() {
try {
$pdo = db();
$stmt = $pdo->query('SELECT * FROM role_permissions ORDER BY role_id, resource, action');
return $stmt->fetchAll(PDO::FETCH_ASSOC);
} catch (PDOException $e) {
return ['error' => 'Database error: ' . $e->getMessage()];
}
}
$permissions_from_db = get_permissions();
// Group permissions by role and resource for easier display
$grouped_permissions = [];
foreach ($permissions_from_db as $p) {
$grouped_permissions[$p['role_id']][$p['resource']][$p['action']] = $p['fields'];
}
?>
Settings - Role Permissions - IC-Inventory