// --- User & Role Groups Handlers ---
    if (isset($_POST['add_role_group'])) {
        $name = $_POST['name'] ?? '';
        $permissions = isset($_POST['permissions']) ? json_encode($_POST['permissions']) : '[]';
        if ($name) {
            try {
                $stmt = db()->prepare("INSERT INTO role_groups (name, permissions) VALUES (?, ?)");
                $stmt->execute([$name, $permissions]);
                $message = "Role Group added successfully!";
            } catch (PDOException $e) {
                $message = "Error adding role group: " . $e->getMessage();
            }
        }
    }

    if (isset($_POST['add_user'])) {
        $username = $_POST['username'] ?? '';
        $password = $_POST['password'] ?? '';
        $email = $_POST['email'] ?? '';
        $group_id = (int)($_POST['group_id'] ?? 0) ?: null;
        if ($username && $password) {
            $hashed_password = password_hash($password, PASSWORD_DEFAULT);
            $stmt = db()->prepare("INSERT INTO users (username, password, email, group_id) VALUES (?, ?, ?, ?)");
            try {
                $stmt->execute([$username, $hashed_password, $email, $group_id]);
                $message = "User added successfully!";
            } catch (PDOException $e) {
                if ($e->getCode() == '23000') {
                    $message = "Error: Username already exists.";
                } else {