admin/35512-vm
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
35512-vm/roles.php
Flatlogic Bot eca44a4bc7 gestione ruoli e permessi
2025-11-08 20:43:02 +00:00

126 lines
5.1 KiB
PHP
Raw Blame History

<?php
session_start();
require_once 'db/config.php';
require_once 'auth-check.php';
require_once 'auth-helpers.php';
// Permissions check
if (!can($_SESSION['user_role_id'], 'role', 'read')) {
// First, check if the user has permissions for this resource
$user_role_id = $_SESSION['user_role'];
$sql = "SELECT 1 FROM role_permissions WHERE role_id = :role_id AND resource = 'role' AND action = 'read'";
$stmt = db()->prepare($sql);
$stmt->execute(['role_id' => $user_role_id]);
if ($stmt->rowCount() == 0) {
// If no permissions, redirect
header('Location: index.php?error=access_denied');
exit;
}
}
function get_roles() {
try {
$pdo = db();
$stmt = $pdo->query("SELECT * FROM roles ORDER BY name ASC");
return $stmt->fetchAll(PDO::FETCH_ASSOC);
} catch (PDOException $e) {
return ['error' => 'Database error: ' . $e->getMessage()];
}
}
$roles = get_roles();
?>
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>Role Management - IC-Inventory</title>
<meta name="description" content="Role management for IC-Inventory.">
<link href="https://cdn.jsdelivr.net/npm/bootstrap@5.3.2/dist/css/bootstrap.min.css" rel="stylesheet">
<link rel="stylesheet" href="assets/css/custom.css?v=<?php echo time(); ?>">
<link rel="preconnect" href="https://fonts.googleapis.com">
<link rel="preconnect" href="https://fonts.gstatic.com" crossorigin>
<link href="https://fonts.googleapis.com/css2?family=Inter:wght@400;500;600;700&display=swap" rel="stylesheet">
<script src="https://unpkg.com/feather-icons"></script>
</head>
<body>
<div class="wrapper">
<?php require_once 'templates/sidebar.php'; ?>
<main id="content">
<div class="header">
<h1>Role Management</h1>
<div>
<?php if (can($_SESSION['user_role_id'], 'role', 'create')): ?>
<a href="add-role.php" class="btn btn-primary">Add New Role</a>
<?php endif; ?>
<div class="theme-switcher" id="theme-switcher">
<i data-feather="moon"></i>
</div>
</div>
</div>
<?php if (isset($_GET['success'])): ?>
<div class="alert alert-success">
<?php
if ($_GET['success'] === 'role_added') echo 'Role successfully added!';
if ($_GET['success'] === 'role_updated') echo 'Role successfully updated!';
if ($_GET['success'] === 'role_deleted') echo 'Role successfully deleted!';
?>
</div>
<?php endif; ?>
<div class="surface p-4">
<?php if (isset($roles['error'])): ?>
<div class="alert alert-danger">
<?php echo htmlspecialchars($roles['error']); ?>
</div>
<?php elseif (empty($roles)): ?>
<div class="text-center p-5">
<h4>No roles found.</h4>
<?php if (can($_SESSION['user_role_id'], 'role', 'create')): ?>
<p>Get started by adding your first role.</p>
<a href="add-role.php" class="btn btn-primary">Add Role</a>
<?php endif; ?>
</div>
<?php else: ?>
<div class="table-responsive">
<table class="table">
<thead>
<tr>
<th>Name</th>
<th>Actions</th>
</tr>
</thead>
<tbody>
<?php foreach ($roles as $role): ?>
<tr>
<td><?php echo htmlspecialchars($role['name']); ?></td>
<td>
<?php if (can($_SESSION['user_role_id'], 'role', 'update')): ?>
<a href="edit-role.php?id=<?php echo $role['id']; ?>" class="btn btn-sm btn-outline-primary">Edit</a>
<?php endif; ?>
<?php if (can($_SESSION['user_role_id'], 'role', 'delete')): ?>
<a href="delete-role.php?id=<?php echo $role['id']; ?>" class="btn btn-sm btn-outline-danger" onclick="return confirm('Are you sure you want to delete this role?');">Delete</a>
<?php endif; ?>
</td>
</tr>
<?php endforeach; ?>
</tbody>
</table>
</div>
<?php endif; ?>
</div>
</main>
</div>
<script src="https://cdn.jsdelivr.net/npm/bootstrap@5.3.2/dist/js/bootstrap.bundle.min.js"></script>
<script src="assets/js/main.js?v=<?php echo time(); ?>"></script>
<script>
feather.replace();
</script>
</body>
</html>
Reference in New Issue View Git Blame Copy Permalink