148 lines
6.5 KiB
PHP
148 lines
6.5 KiB
PHP
<?php
|
|
require_once 'db/config.php';
|
|
require_once 'auth-check.php';
|
|
require_once 'auth-helpers.php';
|
|
|
|
// Get allowed fields for the current user
|
|
$allowed_fields_str = can($_SESSION['user_role'], 'asset', 'read');
|
|
$allowed_fields = $allowed_fields_str ? explode(',', $allowed_fields_str) : [];
|
|
|
|
// Function to execute query and return results
|
|
function get_assets($fields) {
|
|
if (empty($fields)) {
|
|
return []; // No read permission
|
|
}
|
|
// Always include id for edit/delete links
|
|
if (!in_array('id', $fields)) {
|
|
$fields[] = 'id';
|
|
}
|
|
|
|
$select_fields = implode(', ', $fields);
|
|
|
|
try {
|
|
$pdo = db();
|
|
$stmt = $pdo->query("SELECT $select_fields FROM assets ORDER BY created_at DESC");
|
|
return $stmt->fetchAll(PDO::FETCH_ASSOC);
|
|
} catch (PDOException $e) {
|
|
return ['error' => 'Database error: ' . $e->getMessage()];
|
|
}
|
|
}
|
|
|
|
$assets = get_assets($allowed_fields);
|
|
|
|
function getStatusClass($status) {
|
|
switch (strtolower($status)) {
|
|
case 'in service':
|
|
return 'status-in-service';
|
|
case 'under repair':
|
|
return 'status-under-repair';
|
|
case 'retired':
|
|
return 'status-retired';
|
|
default:
|
|
return '';
|
|
}
|
|
}
|
|
?>
|
|
<!DOCTYPE html>
|
|
<html lang="en">
|
|
<head>
|
|
<meta charset="UTF-8">
|
|
<meta name="viewport" content="width=device-width, initial-scale=1.0">
|
|
<title>IC-Inventory</title>
|
|
<meta name="description" content="Built with Flatlogic Generator">
|
|
<link href="https://cdn.jsdelivr.net/npm/bootstrap@5.3.2/dist/css/bootstrap.min.css" rel="stylesheet">
|
|
<link rel="stylesheet" href="assets/css/custom.css?v=<?php echo time(); ?>">
|
|
<link rel="preconnect" href="https://fonts.googleapis.com">
|
|
<link rel="preconnect" href="https://fonts.gstatic.com" crossorigin>
|
|
<link href="https://fonts.googleapis.com/css2?family=Inter:wght@400;500;600;700&display=swap" rel="stylesheet">
|
|
<script src="https://unpkg.com/feather-icons"></script>
|
|
</head>
|
|
<body>
|
|
|
|
<div class="wrapper">
|
|
<?php require_once 'templates/sidebar.php'; ?>
|
|
|
|
<main id="content">
|
|
<div class="header">
|
|
<h1>Asset Dashboard</h1>
|
|
<div>
|
|
<?php if (can($_SESSION['user_role'], 'asset', 'create')): ?>
|
|
<a href="add-asset.php" class="btn btn-primary">Add New Asset</a>
|
|
<?php endif; ?>
|
|
<div class="theme-switcher" id="theme-switcher">
|
|
<i data-feather="moon"></i>
|
|
</div>
|
|
</div>
|
|
</div>
|
|
|
|
<?php if (isset($_GET['success']) && $_GET['success'] === 'asset_added'): ?>
|
|
<div class="alert alert-success">Asset successfully added!</div>
|
|
<?php elseif (isset($_GET['success']) && $_GET['success'] === 'asset_updated'): ?>
|
|
<div class="alert alert-success">Asset successfully updated!</div>
|
|
<?php elseif (isset($_GET['success']) && $_GET['success'] === 'asset_deleted'): ?>
|
|
<div class="alert alert-success">Asset successfully deleted!</div>
|
|
<?php elseif (isset($_GET['error']) && $_GET['error'] === 'access_denied'): ?>
|
|
<div class="alert alert-danger">You do not have permission to access that page.</div>
|
|
<?php endif; ?>
|
|
|
|
<div class="surface p-4">
|
|
<?php if (isset($assets['error'])): ?>
|
|
<div class="alert alert-danger">
|
|
<?php echo htmlspecialchars($assets['error']); ?>
|
|
</div>
|
|
<?php elseif (empty($assets)): ?>
|
|
<div class="text-center p-5">
|
|
<h4>No assets found.</h4>
|
|
<?php if (can($_SESSION['user_role'], 'asset', 'create'])): ?>
|
|
<p>Get started by adding your first company asset.</p>
|
|
<a href="add-asset.php" class="btn btn-primary">Add Asset</a>
|
|
<?php endif; ?>
|
|
</div>
|
|
<?php else: ?>
|
|
<div class="table-responsive">
|
|
<table class="table asset-table">
|
|
<thead>
|
|
<tr>
|
|
<?php foreach ($allowed_fields as $field): if($field === 'id') continue; ?>
|
|
<th><?php echo ucfirst(str_replace('_', ' ', $field)); ?></th>
|
|
<?php endforeach; ?>
|
|
<th>Actions</th>
|
|
</tr>
|
|
</thead>
|
|
<tbody>
|
|
<?php foreach ($assets as $asset): ?>
|
|
<tr>
|
|
<?php foreach ($allowed_fields as $field): if($field === 'id') continue; ?>
|
|
<td>
|
|
<?php if ($field === 'status'): ?>
|
|
<span class="status <?php echo getStatusClass($asset[$field]); ?>"><?php echo htmlspecialchars($asset[$field]); ?></span>
|
|
<?php else: ?>
|
|
<?php echo htmlspecialchars($asset[$field]); ?>
|
|
<?php endif; ?>
|
|
</td>
|
|
<?php endforeach; ?>
|
|
<td>
|
|
<?php if (can($_SESSION['user_role'], 'asset', 'update')): ?>
|
|
<a href="edit-asset.php?id=<?php echo $asset['id']; ?>" class="btn btn-sm btn-outline-primary">Edit</a>
|
|
<?php endif; ?>
|
|
<?php if (can($_SESSION['user_role'], 'asset', 'delete'])): ?>
|
|
<a href="delete-asset.php?id=<?php echo $asset['id']; ?>" class="btn btn-sm btn-outline-danger" onclick="return confirm('Are you sure you want to delete this asset?');">Delete</a>
|
|
<?php endif; ?>
|
|
</td>
|
|
</tr>
|
|
<?php endforeach; ?>
|
|
</tbody>
|
|
</table>
|
|
</div>
|
|
<?php endif; ?>
|
|
</div>
|
|
</main>
|
|
</div>
|
|
|
|
<script src="https://cdn.jsdelivr.net/npm/bootstrap@5.3.2/dist/js/bootstrap.bundle.min.js"></script>
|
|
<script src="assets/js/main.js?v=<?php echo time(); ?>"></script>
|
|
<script>
|
|
feather.replace();
|
|
</script>
|
|
</body>
|
|
</html>
|