prepare("SELECT * FROM roles WHERE id = ?");
$stmt->execute([$role_id]);
$role = $stmt->fetch();
if (!$role) {
header('Location: roles.php');
exit;
}
// Define all available permissions
$available_permissions = [
'manage_candidates',
'view_candidates',
'manage_tasks',
'view_tasks',
'manage_workflows',
'view_workflows',
'manage_roles',
'view_roles',
'manage_users',
'view_users'
];
// Fetch current permissions for the role
$stmt = $pdo->prepare("SELECT permission_name FROM role_permissions WHERE role_id = ?");
$stmt->execute([$role_id]);
$current_permissions = $stmt->fetchAll(PDO::FETCH_COLUMN);
// Handle form submission
if ($_SERVER['REQUEST_METHOD'] === 'POST' && isset($_POST['save_permissions'])) {
$selected_permissions = $_POST['permissions'] ?? [];
try {
// Start a transaction
$pdo->beginTransaction();
// Delete existing permissions for the role
$delete_stmt = $pdo->prepare("DELETE FROM role_permissions WHERE role_id = ?");
$delete_stmt->execute([$role_id]);
// Insert new permissions
$insert_stmt = $pdo->prepare("INSERT INTO role_permissions (role_id, permission_name) VALUES (?, ?)");
foreach ($selected_permissions as $permission) {
if (in_array($permission, $available_permissions)) {
$insert_stmt->execute([$role_id, $permission]);
}
}
// Commit the transaction
$pdo->commit();
header("Location: roles.php");
exit;
} catch (PDOException $e) {
$pdo->rollBack();
error_log("Error updating permissions: " . $e->getMessage());
}
}
?>
Edit Role
Edit Role:
