Refactor authorization checks to use 'permissions' instead of 'profile' in multiple files

- Updated authorization checks in product management, product attributes, configurations, software, and user management files to use 'permissions' for consistency. - Ensured that all relevant pages correctly check user permissions for read, update, delete, and create actions. - Adjusted session variable references to align with the new permissions structure across various modules.
2026-01-20 15:00:00 +01:00
parent 24481279d5
commit 18469fe958
90 changed files with 368 additions and 384 deletions
--- a/access_element.php
+++ b/access_element.php
@@ -14,16 +14,16 @@ include_once './settings/settings_redirector.php';
 $_SESSION['prev_origin_access_element'] = $_SERVER['REQUEST_URI'];
 $page = 'access_element';
 //Check if allowed
-if (isAllowed($page,$_SESSION['authorization']['profile'],$_SESSION['authorization']['permission'],'R') === 0){
+if (isAllowed($page,$_SESSION['authorization']['permissions'],$_SESSION['authorization']['permission'],'R') === 0){
    header('location: index.php');
    exit;
 }
 //PAGE Security
 $page_manage = 'access_element_manage';
-$update_allowed = isAllowed($page ,$_SESSION['authorization']['profile'],$_SESSION['authorization']['permission'],'U');
-$update_allowed_edit = isAllowed($page_manage ,$_SESSION['authorization']['profile'],$_SESSION['authorization']['permission'],'U');
-$delete_allowed = isAllowed($page_manage ,$_SESSION['authorization']['profile'],$_SESSION['authorization']['permission'],'D');
-$create_allowed = isAllowed($page_manage ,$_SESSION['authorization']['profile'],$_SESSION['authorization']['permission'],'C');
+$update_allowed = isAllowed($page ,$_SESSION['authorization']['permissions'],$_SESSION['authorization']['permission'],'U');
+$update_allowed_edit = isAllowed($page_manage ,$_SESSION['authorization']['permissions'],$_SESSION['authorization']['permission'],'U');
+$delete_allowed = isAllowed($page_manage ,$_SESSION['authorization']['permissions'],$_SESSION['authorization']['permission'],'D');
+$create_allowed = isAllowed($page_manage ,$_SESSION['authorization']['permissions'],$_SESSION['authorization']['permission'],'C');

 //GET Details from URL
 $GET_VALUES = urlGETdetails($_GET) ?? '';