Add user role management functionality with CRUD operations and permissions handling
- Created user_role.php for viewing and editing user roles and their permissions. - Implemented inline editing for role details and permissions. - Added user_role_manage.php for creating and managing user roles. - Introduced user_roles.php for listing all user roles with pagination and filtering options. - Integrated API calls for fetching and updating role data and permissions. - Enhanced user interface with success messages and navigation controls.
This commit is contained in:
“VeLiTi”
168
access_element_manage.php
Normal file
168
access_element_manage.php
Normal file
@@ -0,0 +1,168 @@
|
||||
<?php
|
||||
defined(page_security_key) or exit;
|
||||
|
||||
if (debug && debug_id == $_SESSION['id']){
|
||||
ini_set('display_errors', '1');
|
||||
ini_set('display_startup_errors', '1');
|
||||
error_reporting(E_ALL);
|
||||
}
|
||||
|
||||
include_once './assets/functions.php';
|
||||
include_once './settings/settings_redirector.php';
|
||||
|
||||
$page = 'access_element_manage';
|
||||
//Check if allowed
|
||||
if (isAllowed($page,$_SESSION['profile'],$_SESSION['permission'],'R') === 0){
|
||||
header('location: index.php');
|
||||
exit;
|
||||
}
|
||||
//PAGE Security
|
||||
$update_allowed = isAllowed($page ,$_SESSION['profile'],$_SESSION['permission'],'U');
|
||||
$delete_allowed = isAllowed($page ,$_SESSION['profile'],$_SESSION['permission'],'D');
|
||||
$create_allowed = isAllowed($page ,$_SESSION['profile'],$_SESSION['permission'],'C');
|
||||
|
||||
// Default input values
|
||||
$element = [
|
||||
'rowID' => '',
|
||||
'access_name' => '',
|
||||
'access_path' => '',
|
||||
'access_group' => '',
|
||||
'description' => '',
|
||||
'is_active' => 1,
|
||||
'created' => '',
|
||||
'createdby' => $_SESSION['username'],
|
||||
'updated' => '',
|
||||
'updatedby' => ''
|
||||
];
|
||||
|
||||
$element_ID = $_GET['rowID'] ?? '';
|
||||
|
||||
if ($element_ID !=''){
|
||||
$url = 'index.php?page=access_element&rowID='.$element_ID.'';
|
||||
} else {
|
||||
$url = 'index.php?page=access_elements';
|
||||
}
|
||||
|
||||
if (isset($_GET['rowID'])) {
|
||||
// ID param exists, edit an existing element
|
||||
//CALL TO API
|
||||
$api_url = '/v2/access_elements/rowID='.$element_ID;
|
||||
$responses = ioServer($api_url,'');
|
||||
//Decode Payload
|
||||
if (!empty($responses)){$responses = json_decode($responses,true);}else{$responses = null;}
|
||||
|
||||
$element = $responses[0];
|
||||
|
||||
if ($update_allowed === 1){
|
||||
if (isset($_POST['submit'])) {
|
||||
//GET ALL POST DATA
|
||||
$data = json_encode($_POST, JSON_UNESCAPED_UNICODE);
|
||||
//API call
|
||||
$responses = ioServer('/v2/access_elements', $data);
|
||||
|
||||
if ($responses === 'NOK'){
|
||||
|
||||
} else {
|
||||
header('Location: index.php?page=access_element&rowID='.$element_ID.'&success_msg=2');
|
||||
exit;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
if ($delete_allowed === 1){
|
||||
if (isset($_POST['delete'])) {
|
||||
//GET ALL POST DATA
|
||||
$data = json_encode($_POST , JSON_UNESCAPED_UNICODE);
|
||||
//API call
|
||||
$responses = ioServer('/v2/access_elements', $data);
|
||||
// Redirect and delete element
|
||||
if ($responses === 'NOK'){
|
||||
|
||||
} else {
|
||||
header('Location: index.php?page=access_elements&success_msg=3');
|
||||
exit;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
} else {
|
||||
// Create a new element
|
||||
if (isset($_POST['submit']) && $create_allowed === 1) {
|
||||
//GET ALL POST DATA
|
||||
$data = json_encode($_POST, JSON_UNESCAPED_UNICODE);
|
||||
//API call
|
||||
$responses = ioServer('/v2/access_elements', $data);
|
||||
if ($responses === 'NOK'){
|
||||
|
||||
} else {
|
||||
header('Location: index.php?page=access_elements&success_msg=1');
|
||||
exit;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
template_header(($access_element_title ?? 'Access Element'), 'access_element', 'manage');
|
||||
|
||||
$label_h2 = (($element_ID !='')? ($manage_access_h2 ?? 'Edit Access Element') : ($button_create_access ?? 'Create Access Element'));
|
||||
$view ='
|
||||
<form action="" method="post">
|
||||
<div class="content-title responsive-flex-wrap responsive-pad-bot-3">
|
||||
<h2 class="responsive-width-100">'.$label_h2.'</h2>
|
||||
<a href="'.$url.'" class="btn alt mar-right-2">←</a>
|
||||
';
|
||||
|
||||
if ($delete_allowed === 1 && $element_ID != ''){
|
||||
$view .= '<input type="submit" name="delete" value="X" class="btn red mar-right-2" onclick="return confirm(\''.($confirm_delete_access ?? 'Are you sure you want to delete this access element?').'\')">';
|
||||
}
|
||||
if ($update_allowed === 1 || ($create_allowed === 1 && $element_ID == '')){
|
||||
$view .= '<input type="submit" name="submit" value="💾" class="btn">';
|
||||
}
|
||||
|
||||
$view .= '</div>';
|
||||
|
||||
$view .= '<div class="tabs">
|
||||
<a href="#" class="active">'.($tab1 ?? 'General').'</a>
|
||||
</div>
|
||||
<div class="content-block tab-content active">
|
||||
<div class="form responsive-width-100">
|
||||
<label for="is_active">'.($general_status ?? 'Status').'</label>
|
||||
<select id="is_active" name="is_active">
|
||||
<option value="1" '.($element['is_active']==1?' selected':'').'>'.($enabled ?? 'Active').'</option>
|
||||
<option value="0" '.($element['is_active']==0?' selected':'').'>'.($disabled ?? 'Inactive').'</option>
|
||||
</select>
|
||||
<label for="access_name">'.($access_element_name ?? 'Name').' <i class="required">*</i></label>
|
||||
<input id="access_name" type="text" name="access_name" placeholder="'.($access_element_name ?? 'Name').'" value="'.$element['access_name'].'" required>
|
||||
<label for="access_path">'.($access_element_path ?? 'Path').' <i class="required">*</i></label>
|
||||
<input id="access_path" type="text" name="access_path" placeholder="'.($access_element_path_placeholder ?? 'e.g., equipments, equipment_manage').'" value="'.$element['access_path'].'" required>
|
||||
<label for="access_group">'.($access_element_group ?? 'Group').'</label>
|
||||
<input id="access_group" type="text" name="access_group" placeholder="'.($access_element_group_placeholder ?? 'e.g., Views, API, Admin').'" value="'.($element['access_group'] ?? '').'">
|
||||
<label for="description">'.($role_description ?? 'Description').'</label>
|
||||
<textarea id="description" name="description" placeholder="'.($role_description ?? 'Description').'" style="height: 100px;">'.$element['description'].'</textarea>
|
||||
<input type="hidden" name="rowID" value="'.$element_ID.'">
|
||||
</div>
|
||||
</div>';
|
||||
|
||||
//DISPLAY TAB 2 - Metadata
|
||||
if ($element_ID != ''){
|
||||
$view .= '<div class="tabs">
|
||||
<a href="#">'.($tab3 ?? 'Details').'</a>
|
||||
</div>
|
||||
<div class="content-block tab-content">
|
||||
<div class="form responsive-width-100">
|
||||
<label for="created">'.($general_created ?? 'Created').'</label>
|
||||
<input id="created" type="text" name="" placeholder="'.($general_created ?? 'Created').'" value="'.$element['created'].'" readonly>
|
||||
<label for="createdby">'.($general_createdby ?? 'Created By').'</label>
|
||||
<input id="createdby" type="text" name="" placeholder="'.($general_createdby ?? 'Created By').'" value="'.$element['createdby'].'" readonly>
|
||||
<label for="updated">'.($general_updated ?? 'Updated').'</label>
|
||||
<input id="updated" type="text" name="" placeholder="'.($general_updated ?? 'Updated').'" value="'.$element['updated'].'" readonly>
|
||||
<label for="updatedby">'.($general_updatedby ?? 'Updated By').'</label>
|
||||
<input id="updatedby" type="text" name="" placeholder="'.($general_updatedby ?? 'Updated By').'" value="'.$element['updatedby'].'" readonly>
|
||||
</div>
|
||||
</div>';
|
||||
}
|
||||
|
||||
$view .= '</form>';
|
||||
|
||||
//Output
|
||||
echo $view;
|
||||
template_footer()?>
|
||||
Reference in New Issue
Block a user