Refactor authorization checks to use 'permissions' instead of 'profile' in multiple files

- Updated authorization checks in product management, product attributes, configurations, software, and user management files to use 'permissions' for consistency. - Ensured that all relevant pages correctly check user permissions for read, update, delete, and create actions. - Adjusted session variable references to align with the new permissions structure across various modules.
2026-01-20 15:00:00 +01:00
parent 24481279d5
commit 18469fe958
90 changed files with 368 additions and 384 deletions
--- a/profile.php
+++ b/profile.php
@@ -3,14 +3,14 @@ defined(page_security_key) or exit;

 $page = 'profile';
 //Check if allowed
-if (isAllowed($page,$_SESSION['authorization']['profile'],$_SESSION['authorization']['permission'],'R') === 0){
+if (isAllowed($page,$_SESSION['authorization']['permissions'],$_SESSION['authorization']['permission'],'R') === 0){
    header('location: index.php');
    exit;
 }
 //PAGE Security
-$update_allowed = isAllowed($page ,$_SESSION['authorization']['profile'],$_SESSION['authorization']['permission'],'U');
-$delete_allowed = isAllowed($page ,$_SESSION['authorization']['profile'],$_SESSION['authorization']['permission'],'D');
-$create_allowed = isAllowed($page ,$_SESSION['authorization']['profile'],$_SESSION['authorization']['permission'],'C');
+$update_allowed = isAllowed($page ,$_SESSION['authorization']['permissions'],$_SESSION['authorization']['permission'],'U');
+$delete_allowed = isAllowed($page ,$_SESSION['authorization']['permissions'],$_SESSION['authorization']['permission'],'D');
+$create_allowed = isAllowed($page ,$_SESSION['authorization']['permissions'],$_SESSION['authorization']['permission'],'C');

 // Default input product values
 $user = [
@@ -108,7 +108,7 @@ $view .= '<div class="content-block tab-content active">
                <input type="text" name="" placeholder="" value="'.${'permission'.$user['view']}.'" readonly>
                <label for="profile">'.$User_profile.'</label>
                <input type="text" name="" placeholder="" value="'.$user['settings'].'" readonly>
-                <textarea id="" name="assigned_profile" placeholder="">'.$_SESSION['authorization']['profile'].'</textarea>
+                <textarea id="" name="assigned_profile" placeholder="">'.$_SESSION['authorization']['permissions'].'</textarea>
                <label for="service">'.$User_service.'</label>
                <input type="text" name="" placeholder="" value="'.(($user['service']!='') ? $enabled : $disabled ).'" readonly>
                <label for="service">'.$User_language.'</label>