admin/38471-vm
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

modifying permissions

Browse Source
This commit is contained in:
Flatlogic Bot 2026-02-20 01:28:48 +00:00
parent 7c8899df47
commit caebeeb615
1 changed files with 263 additions and 63 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

326
index.php
View File

@ -1653,40 +1653,40 @@ $page_permissions = [
'dashboard' => 'dashboard_view',
'pos' => 'pos_view',
'sales' => 'sales_view',
'sales_returns' => 'sales_view',
'sales_returns' => 'sales_returns_view',
'purchases' => 'purchases_view',
'purchase_returns' => 'purchases_view',
'purchase_returns' => 'purchase_returns_view',
'quotations' => 'quotations_view',
'accounting' => 'accounting_view',
'expense_categories' => 'accounting_view',
'expenses' => 'accounting_view',
'expense_categories' => 'expense_categories_view',
'expenses' => 'expenses_view',
'items' => 'items_view',
'categories' => 'items_view',
'units' => 'items_view',
'categories' => 'categories_view',
'units' => 'units_view',
'customers' => 'customers_view',
'suppliers' => 'suppliers_view',
'customer_statement' => 'customers_view',
'supplier_statement' => 'suppliers_view',
'cashflow_report' => 'accounting_view',
'expiry_report' => 'items_view',
'low_stock_report' => 'items_view',
'loyalty_history' => 'customers_view',
'payment_methods' => 'settings_view',
'customer_statement' => 'customer_statement_view',
'supplier_statement' => 'supplier_statement_view',
'cashflow_report' => 'cashflow_report_view',
'expiry_report' => 'expiry_report_view',
'low_stock_report' => 'low_stock_report_view',
'loyalty_history' => 'loyalty_history_view',
'payment_methods' => 'payment_methods_view',
'settings' => 'settings_view',
'devices' => 'settings_view',
'hr_departments' => 'hr_view',
'hr_employees' => 'hr_view',
'hr_attendance' => 'hr_view',
'hr_payroll' => 'hr_view',
'role_groups' => 'users_view',
'devices' => 'devices_view',
'hr_departments' => 'hr_departments_view',
'hr_employees' => 'hr_employees_view',
'hr_attendance' => 'hr_attendance_view',
'hr_payroll' => 'hr_payroll_view',
'role_groups' => 'role_groups_view',
'users' => 'users_view',
'scale_devices' => 'users_view',
'customer_display_settings' => 'settings_view',
'backups' => 'users_view',
'logs' => 'users_view',
'cash_registers' => 'users_view',
'register_sessions' => 'pos_view',
'licenses' => 'users_view',
'scale_devices' => 'scale_devices_view',
'customer_display_settings' => 'customer_display_settings_view',
'backups' => 'backups_view',
'logs' => 'logs_view',
'cash_registers' => 'cash_registers_view',
'register_sessions' => 'register_sessions_view',
'licenses' => 'licenses_view',
];
if (isset($page_permissions[$page]) && !can($page_permissions[$page])) {
@ -1717,6 +1717,74 @@ $data = [
'settings' => [],
];
$permission_groups = [
'General' => ['dashboard' => 'Dashboard'],
'Inventory' => [
'items' => 'Items',
'categories' => 'Categories',
'units' => 'Units'
],
'Customers' => [
'customers' => 'Customers'
],
'Suppliers' => [
'suppliers' => 'Suppliers'
],
'POS' => [
'pos' => 'POS'
],
'Sales' => [
'sales' => 'Sales',
'sales_returns' => 'Sales Returns',
'quotations' => 'Quotations'
],
'Purchases' => [
'purchases' => 'Purchases',
'purchase_returns' => 'Purchase Returns'
],
'Expenses' => [
'expense_categories' => 'Expense Categories',
'expenses' => 'Expenses'
],
'Accounting' => [
'accounting' => 'Journal Entries',
'trial_balance' => 'Trial Balance',
'profit_loss' => 'Profit & Loss',
'balance_sheet' => 'Balance Sheet',
'vat_report' => 'VAT Report'
],
'HR' => [
'hr_departments' => 'Departments',
'hr_employees' => 'Employees',
'hr_attendance' => 'Attendance',
'hr_payroll' => 'Payroll'
],
'Reports' => [
'customer_statement' => 'Customer Statement',
'supplier_statement' => 'Supplier Statement',
'cashflow_report' => 'Cashflow Report',
'expiry_report' => 'Expiry Report',
'low_stock_report' => 'Low Stock Report',
'loyalty_history' => 'Loyalty History'
],
'Settings' => [
'payment_methods' => 'Payment Methods',
'devices' => 'Biometric Devices',
'settings' => 'Company Settings'
],
'Administration' => [
'role_groups' => 'Role Groups',
'users' => 'Users',
'cash_registers' => 'Cash Registers',
'register_sessions' => 'Register Sessions',
'scale_devices' => 'Scale Devices',
'customer_display_settings' => 'Customer Display',
'backups' => 'Backups',
'licenses' => 'Licenses',
'logs' => 'System Logs'
]
];
if ($page === 'export') {
$type = $_GET['type'] ?? 'sales';
$filename = $type . "_export_" . date('Y-m-d') . ".csv";
@ -2419,21 +2487,27 @@ $projectDescription = $_SERVER['PROJECT_DESCRIPTION'] ?? 'Accounting System';
<?php endif; ?>
<!-- Inventory Section -->
<?php if (can('items_view')): ?>
<?php if (can('items_view') || can('categories_view') || can('units_view')): ?>
<div class="nav-section-title px-4 mt-3 mb-1 text-uppercase text-muted <?= !in_array($page, ['items', 'categories', 'units']) ? 'collapsed' : '' ?>" data-bs-toggle="collapse" data-bs-target="#stock-collapse">
<span><i class="fas fa-boxes-stacked group-icon"></i><span><?= __('inventory') ?></span></span>
<i class="fas fa-chevron-down chevron"></i>
</div>
<div class="collapse <?= in_array($page, ['items', 'categories', 'units']) ? 'show' : '' ?>" id="stock-collapse">
<?php if (can('items_view')): ?>
<a href="index.php?page=items" class="nav-link <?= isset($_GET['page']) && $_GET['page'] === 'items' ? 'active' : '' ?>">
<i class="fas fa-box"></i> <span><?= __('items') ?></span>
</a>
<?php endif; ?>
<?php if (can('categories_view')): ?>
<a href="index.php?page=categories" class="nav-link <?= isset($_GET['page']) && $_GET['page'] === 'categories' ? 'active' : '' ?>">
<i class="fas fa-tags"></i> <span><?= __('categories') ?></span>
</a>
<?php endif; ?>
<?php if (can('units_view')): ?>
<a href="index.php?page=units" class="nav-link <?= isset($_GET['page']) && $_GET['page'] === 'units' ? 'active' : '' ?>">
<i class="fas fa-ruler-combined"></i> <span><?= __('units') ?></span>
</a>
<?php endif; ?>
</div>
<?php endif; ?>
@ -2471,37 +2545,47 @@ $projectDescription = $_SERVER['PROJECT_DESCRIPTION'] ?? 'Accounting System';
<?php endif; ?>
<!-- Sales Section -->
<?php if (can('sales_view') || can('quotations_view')): ?>
<?php if (can('sales_view') || can('sales_returns_view') || can('quotations_view')): ?>
<div class="nav-section-title px-4 mt-3 mb-1 text-uppercase text-muted <?= !in_array($page, ['sales', 'sales_returns', 'quotations']) ? 'collapsed' : '' ?>" data-bs-toggle="collapse" data-bs-target="#sales-collapse">
<span><i class="fas fa-file-invoice-dollar group-icon"></i><span><?= __('sales') ?></span></span>
<i class="fas fa-chevron-down chevron"></i>
</div>
<div class="collapse <?= in_array($page, ['sales', 'sales_returns', 'quotations']) ? 'show' : '' ?>" id="sales-collapse">
<?php if (can('sales_view')): ?>
<a href="index.php?page=sales" class="nav-link <?= isset($_GET['page']) && $_GET['page'] === 'sales' ? 'active' : '' ?>">
<i class="fas fa-file-invoice-dollar"></i> <span><?= __('sales') ?></span>
</a>
<?php endif; ?>
<?php if (can('sales_returns_view')): ?>
<a href="index.php?page=sales_returns" class="nav-link <?= isset($_GET['page']) && $_GET['page'] === 'sales_returns' ? 'active' : '' ?>">
<i class="fas fa-reply"></i> <span><?= __('sales_returns') ?></span>
</a>
<?php endif; ?>
<?php if (can('quotations_view')): ?>
<a href="index.php?page=quotations" class="nav-link <?= isset($_GET['page']) && $_GET['page'] === 'quotations' ? 'active' : '' ?>">
<i class="fas fa-file-lines"></i> <span><?= __('quotations') ?></span>
</a>
<?php endif; ?>
</div>
<?php endif; ?>
<!-- Purchases Section -->
<?php if (can('purchases_view')): ?>
<?php if (can('purchases_view') || can('purchase_returns_view')): ?>
<div class="nav-section-title px-4 mt-3 mb-1 text-uppercase text-muted <?= !in_array($page, ['purchases', 'purchase_returns']) ? 'collapsed' : '' ?>" data-bs-toggle="collapse" data-bs-target="#purchases-collapse">
<span><i class="fas fa-cart-shopping group-icon"></i><span><?= __('purchases') ?></span></span>
<i class="fas fa-chevron-down chevron"></i>
</div>
<div class="collapse <?= in_array($page, ['purchases', 'purchase_returns']) ? 'show' : '' ?>" id="purchases-collapse">
<?php if (can('purchases_view')): ?>
<a href="index.php?page=purchases" class="nav-link <?= isset($_GET['page']) && $_GET['page'] === 'purchases' ? 'active' : '' ?>">
<i class="fas fa-cart-shopping"></i> <span><?= __('purchases') ?></span>
</a>
<?php endif; ?>
<?php if (can('purchase_returns_view')): ?>
<a href="index.php?page=purchase_returns" class="nav-link <?= isset($_GET['page']) && $_GET['page'] === 'purchase_returns' ? 'active' : '' ?>">
<i class="fas fa-share"></i> <span><?= __('purchase_returns') ?></span>
</a>
<?php endif; ?>
</div>
<?php endif; ?>
@ -6982,7 +7066,7 @@ $projectDescription = $_SERVER['PROJECT_DESCRIPTION'] ?? 'Accounting System';
<!-- Edit Role Group Modal -->
<div class="modal fade" id="editRoleGroupModal<?= $group['id'] ?>" tabindex="-1">
<div class="modal-dialog">
<div class="modal-dialog modal-lg">
<div class="modal-content border-0 shadow text-start">
<div class="modal-header">
<h5 class="modal-title fw-bold" data-en="Edit Role Group" data-ar="تعديل مجموعة الأدوار">Edit Role Group</h5>
@ -6996,26 +7080,70 @@ $projectDescription = $_SERVER['PROJECT_DESCRIPTION'] ?? 'Accounting System';
<input type="text" name="name" class="form-control" value="<?= htmlspecialchars($group['name']) ?>" required>
</div>
<div class="mb-3">
<label class="form-label fw-semibold" data-en="Permissions" data-ar="الصلاحيات">Permissions</label>
<div class="row overflow-auto" style="max-height: 300px;">
<?php
$perms = json_decode($group['permissions'] ?? '[]', true);
$modules = ['dashboard', 'pos', 'quotations', 'customers', 'suppliers', 'items', 'sales', 'purchases', 'accounting', 'hr', 'settings', 'users'];
$actions = ['view', 'add', 'edit', 'delete'];
foreach ($modules as $m): ?>
<div class="col-12 mt-2 border-bottom pb-1 mb-2">
<span class="badge bg-secondary text-uppercase"><?= ucfirst($m) ?></span>
<div class="d-flex justify-content-between align-items-center mb-2">
<label class="form-label fw-semibold mb-0" data-en="Permissions" data-ar="الصلاحيات">Permissions</label>
<div class="d-flex gap-2">
<button type="button" class="btn btn-xs btn-outline-primary py-0 px-2 small select-all-btn" data-modal="#editRoleGroupModal<?= $group['id'] ?>">Select All</button>
<button type="button" class="btn btn-xs btn-outline-secondary py-0 px-2 small deselect-all-btn" data-modal="#editRoleGroupModal<?= $group['id'] ?>">Deselect All</button>
</div>
<?php foreach ($actions as $a):
$p = $m . '_' . $a;
?>
<div class="col-3 mb-2">
</div>
<div class="mb-3 p-2 bg-light rounded d-flex justify-content-between align-items-center flex-wrap gap-2">
<span class="small fw-bold me-2">Global Actions:</span>
<div class="d-flex gap-3">
<div class="form-check">
<input class="form-check-input" type="checkbox" name="permissions[]" value="<?= $p ?>" id="perm_<?= $group['id'] ?>_<?= $p ?>" <?= in_array($p, (array)$perms) ? 'checked' : '' ?>>
<label class="form-check-label small" for="perm_<?= $group['id'] ?>_<?= $p ?>"><?= ucfirst($a) ?></label>
<input class="form-check-input select-all-action" type="checkbox" data-action="view" id="selectAllView<?= $group['id'] ?>">
<label class="form-check-label small" for="selectAllView<?= $group['id'] ?>">View</label>
</div>
<div class="form-check">
<input class="form-check-input select-all-action" type="checkbox" data-action="add" id="selectAllAdd<?= $group['id'] ?>">
<label class="form-check-label small" for="selectAllAdd<?= $group['id'] ?>">Add</label>
</div>
<div class="form-check">
<input class="form-check-input select-all-action" type="checkbox" data-action="edit" id="selectAllEdit<?= $group['id'] ?>">
<label class="form-check-label small" for="selectAllEdit<?= $group['id'] ?>">Edit</label>
</div>
<div class="form-check">
<input class="form-check-input select-all-action" type="checkbox" data-action="delete" id="selectAllDelete<?= $group['id'] ?>">
<label class="form-check-label small" for="selectAllDelete<?= $group['id'] ?>">Delete</label>
</div>
</div>
</div>
<div class="row overflow-auto pe-2" style="max-height: 500px;">
<?php
$perms = json_decode($group['permissions'] ?? '[]', true);
foreach ($permission_groups as $group_name => $modules): ?>
<div class="permission-group-container col-12 mb-4">
<div class="mt-3 mb-2 bg-secondary bg-opacity-10 p-2 d-flex justify-content-between align-items-center rounded border-start border-primary border-3">
<span class="fw-bold text-uppercase small text-primary"><?= $group_name ?></span>
<div class="form-check mb-0">
<input class="form-check-input select-all-group" type="checkbox" id="group_<?= $group['id'] ?>_<?= strtolower(str_replace(' ', '_', $group_name)) ?>">
<label class="form-check-label small fw-bold" for="group_<?= $group['id'] ?>_<?= strtolower(str_replace(' ', '_', $group_name)) ?>">Group All</label>
</div>
</div>
<div class="row g-3">
<?php foreach ($modules as $m => $label): ?>
<div class="col-md-6 mb-2 border-bottom pb-2 module-row">
<div class="small fw-bold mb-2 text-dark border-start border-2 ps-2 border-info d-flex justify-content-between align-items-center">
<span><?= $label ?></span>
<div class="form-check mb-0">
<input class="form-check-input select-all-row" type="checkbox" id="row_all_<?= $group['id'] ?>_<?= $m ?>">
<label class="form-check-label smaller text-muted mb-0 ms-1" style="font-size: 0.7rem;" for="row_all_<?= $group['id'] ?>_<?= $m ?>">Select All</label>
</div>
</div>
<div class="d-flex gap-3 flex-wrap ps-2">
<?php foreach (['view', 'add', 'edit', 'delete'] as $a):
$p = $m . '_' . $a;
?>
<div class="form-check">
<input class="form-check-input perm-check" type="checkbox" name="permissions[]" value="<?= $p ?>" data-action="<?= $a ?>" id="perm_<?= $group['id'] ?>_<?= $p ?>" <?= in_array($p, (array)$perms) ? 'checked' : '' ?>>
<label class="form-check-label small" for="perm_<?= $group['id'] ?>_<?= $p ?>"><?= ucfirst($a) ?></label>
</div>
<?php endforeach; ?>
</div>
</div>
<?php endforeach; ?>
</div>
</div>
<?php endforeach; ?>
<?php endforeach; ?>
</div>
</div>
@ -7035,8 +7163,42 @@ $projectDescription = $_SERVER['PROJECT_DESCRIPTION'] ?? 'Accounting System';
</table>
</div>
</div>
<script>
$(document).ready(function() {
// Select All by Action (View, Add, Edit, Delete)
$('.select-all-action').on('change', function() {
const action = $(this).data('action');
const checked = $(this).is(':checked');
const modal = $(this).closest('.modal');
modal.find('.perm-check[data-action="' + action + '"]').prop('checked', checked);
});
<?php elseif ($page === 'customer_display_settings'): ?>
// Select All by Row
$('.select-all-row').on('change', function() {
const checked = $(this).is(':checked');
$(this).closest('.module-row').find('.perm-check').prop('checked', checked);
});
// Select All by Group
$('.select-all-group').on('change', function() {
const checked = $(this).is(':checked');
$(this).closest('.permission-group-container').find('.perm-check, .select-all-row').prop('checked', checked);
});
// Select All Button
$('.select-all-btn').on('click', function() {
const modal = $($(this).data('modal'));
modal.find('.perm-check, .select-all-action, .select-all-group, .select-all-row').prop('checked', true);
});
// Deselect All Button
$('.deselect-all-btn').on('click', function() {
const modal = $($(this).data('modal'));
modal.find('.perm-check, .select-all-action, .select-all-group, .select-all-row').prop('checked', false);
});
});
</script>
<?php elseif ($page === 'customer_display_settings'): ?>
<div class="card p-4">
<h5 class="mb-4" data-en="Customer Display Settings" data-ar="إعدادات شاشة العميل">Customer Display Settings</h5>
<form method="POST" enctype="multipart/form-data">
@ -8249,7 +8411,7 @@ $projectDescription = $_SERVER['PROJECT_DESCRIPTION'] ?? 'Accounting System';
<!-- Add Role Group Modal -->
<div class="modal fade" id="addRoleGroupModal" tabindex="-1">
<div class="modal-dialog">
<div class="modal-dialog modal-lg">
<div class="modal-content border-0 shadow">
<div class="modal-header">
<h5 class="modal-title" data-en="Add Role Group" data-ar="إضافة مجموعة أدوار">Add Role Group</h5>
@ -8262,25 +8424,63 @@ $projectDescription = $_SERVER['PROJECT_DESCRIPTION'] ?? 'Accounting System';
<input type="text" name="name" class="form-control" required>
</div>
<div class="mb-3">
<label class="form-label" data-en="Permissions" data-ar="الصلاحيات">Permissions</label>
<div class="row overflow-auto" style="max-height: 300px;">
<?php
$modules = ['dashboard', 'pos', 'quotations', 'customers', 'suppliers', 'items', 'sales', 'purchases', 'accounting', 'hr', 'settings', 'users'];
$actions = ['view', 'add', 'edit', 'delete'];
foreach ($modules as $m): ?>
<div class="col-12 mt-2 border-bottom pb-1 mb-2">
<span class="badge bg-secondary text-uppercase"><?= ucfirst($m) ?></span>
<div class="d-flex justify-content-between align-items-center mb-2">
<label class="form-label fw-semibold mb-0" data-en="Permissions" data-ar="الصلاحيات">Permissions</label>
<div class="d-flex gap-2">
<button type="button" class="btn btn-xs btn-outline-primary py-0 px-2 small select-all-btn" data-modal="#addRoleGroupModal">Select All</button>
<button type="button" class="btn btn-xs btn-outline-secondary py-0 px-2 small deselect-all-btn" data-modal="#addRoleGroupModal">Deselect All</button>
</div>
<?php foreach ($actions as $a):
$p = $m . '_' . $a;
?>
<div class="col-3 mb-2">
</div>
<div class="mb-3 p-2 bg-light rounded d-flex justify-content-between align-items-center flex-wrap gap-2">
<span class="small fw-bold me-2">Global Actions:</span>
<div class="d-flex gap-3">
<div class="form-check">
<input class="form-check-input" type="checkbox" name="permissions[]" value="<?= $p ?>" id="add_perm_<?= $p ?>">
<label class="form-check-label small" for="add_perm_<?= $p ?>"><?= ucfirst($a) ?></label>
<input class="form-check-input select-all-action" type="checkbox" data-action="view" id="addSelectAllView">
<label class="form-check-label small" for="addSelectAllView">View</label>
</div>
<div class="form-check">
<input class="form-check-input select-all-action" type="checkbox" data-action="add" id="addSelectAllAdd">
<label class="form-check-label small" for="addSelectAllAdd">Add</label>
</div>
<div class="form-check">
<input class="form-check-input select-all-action" type="checkbox" data-action="edit" id="addSelectAllEdit">
<label class="form-check-label small" for="addSelectAllEdit">Edit</label>
</div>
<div class="form-check">
<input class="form-check-input select-all-action" type="checkbox" data-action="delete" id="addSelectAllDelete">
<label class="form-check-label small" for="addSelectAllDelete">Delete</label>
</div>
</div>
</div>
<div class="row overflow-auto pe-2" style="max-height: 500px;">
<?php
foreach ($permission_groups as $group_name => $modules): ?>
<div class="permission-group-container col-12 mb-4">
<div class="mt-3 mb-2 bg-secondary bg-opacity-10 p-2 d-flex justify-content-between align-items-center rounded border-start border-primary border-3">
<span class="fw-bold text-uppercase small text-primary"><?= $group_name ?></span>
<div class="form-check mb-0">
<input class="form-check-input select-all-group" type="checkbox" id="add_group_<?= strtolower(str_replace(' ', '_', $group_name)) ?>">
<label class="form-check-label small fw-bold" for="add_group_<?= strtolower(str_replace(' ', '_', $group_name)) ?>">Group All</label>
</div>
</div>
<div class="row g-3">
<?php foreach ($modules as $m => $label): ?>
<div class="col-md-6 mb-2 border-bottom pb-2">
<div class="small fw-bold mb-2 text-dark border-start border-2 ps-2 border-info"><?= $label ?></div>
<div class="d-flex gap-3 flex-wrap ps-2">
<?php foreach (['view', 'add', 'edit', 'delete'] as $a):
$p = $m . '_' . $a;
?>
<div class="form-check">
<input class="form-check-input perm-check" type="checkbox" name="permissions[]" value="<?= $p ?>" data-action="<?= $a ?>" id="add_perm_<?= $p ?>">
<label class="form-check-label small" for="add_perm_<?= $p ?>"><?= ucfirst($a) ?></label>
</div>
<?php endforeach; ?>
</div>
</div>
<?php endforeach; ?>
</div>
</div>
<?php endforeach; ?>
<?php endforeach; ?>
</div>
</div>