Add user role management functionality with CRUD operations and permissions handling
- Created user_role.php for viewing and editing user roles and their permissions. - Implemented inline editing for role details and permissions. - Added user_role_manage.php for creating and managing user roles. - Introduced user_roles.php for listing all user roles with pagination and filtering options. - Integrated API calls for fetching and updating role data and permissions. - Enhanced user interface with success messages and navigation controls.
This commit is contained in:
“VeLiTi”
158
api/v2/get/access_elements.php
Normal file
158
api/v2/get/access_elements.php
Normal file
@@ -0,0 +1,158 @@
|
||||
<?php
|
||||
defined($security_key) or exit;
|
||||
|
||||
//------------------------------------------
|
||||
// Access Elements
|
||||
//------------------------------------------
|
||||
//Connect to DB
|
||||
$pdo = dbConnect($dbname);
|
||||
|
||||
//------------------------------------------
|
||||
//NEW ARRAY
|
||||
//------------------------------------------
|
||||
$criterias = [];
|
||||
$clause = '';
|
||||
|
||||
//------------------------------------------
|
||||
//Check for $_GET variables and build up clause
|
||||
//------------------------------------------
|
||||
if(isset($get_content) && $get_content!=''){
|
||||
//GET VARIABLES FROM URL
|
||||
$requests = explode("&", $get_content);
|
||||
//Check for keys and values
|
||||
foreach ($requests as $y){
|
||||
$v = explode("=", $y);
|
||||
//INCLUDE VARIABLES IN ARRAY
|
||||
$criterias[$v[0]] = $v[1];
|
||||
if ($v[0] == 'page' || $v[0] =='p' || $v[0] =='totals' || $v[0] =='success_msg' || $v[0] =='sort' || $v[0] =='all'){
|
||||
//do nothing
|
||||
}
|
||||
elseif ($v[0] == 'rowid') {
|
||||
//build up search by ID
|
||||
$clause .= ' AND a.rowID = :'.$v[0];
|
||||
}
|
||||
elseif ($v[0] == 'status') {
|
||||
//Update status based on status
|
||||
$clause .= ' AND a.is_active = :'.$v[0];
|
||||
}
|
||||
elseif ($v[0] == 'search') {
|
||||
//build up search
|
||||
$clause .= ' AND (a.access_name LIKE :'.$v[0].' OR a.access_path LIKE :'.$v[0].' OR a.description LIKE :'.$v[0].')';
|
||||
}
|
||||
elseif ($v[0] == 'access_path') {
|
||||
//build up path search
|
||||
$clause .= ' AND a.access_path = :'.$v[0];
|
||||
}
|
||||
else {
|
||||
//create clause
|
||||
$clause .= ' AND a.'.$v[0].' = :'.$v[0];
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
//Build WHERE clause
|
||||
$whereclause = '';
|
||||
if ($clause != ''){
|
||||
$whereclause = 'WHERE '.substr($clause, 4);
|
||||
}
|
||||
|
||||
// GET SORT INDICATOR
|
||||
$sort_indicator = $criterias['sort'] ?? '';
|
||||
|
||||
switch ($sort_indicator){
|
||||
case 1:
|
||||
$sort = ' a.access_name ASC ';
|
||||
break;
|
||||
case 2:
|
||||
$sort = ' a.access_name DESC ';
|
||||
break;
|
||||
case 3:
|
||||
$sort = ' a.access_path ASC ';
|
||||
break;
|
||||
case 4:
|
||||
$sort = ' a.access_path DESC ';
|
||||
break;
|
||||
default:
|
||||
$sort = ' a.access_name ASC ';
|
||||
break;
|
||||
}
|
||||
|
||||
if (isset($criterias['totals']) && $criterias['totals'] ==''){
|
||||
//Request for total rows
|
||||
$sql = 'SELECT count(*) as count FROM access_elements a '.$whereclause;
|
||||
}
|
||||
elseif (isset($criterias['all']) && $criterias['all'] ==''){
|
||||
//Return all records (no paging)
|
||||
$sql = 'SELECT a.* FROM access_elements a '.$whereclause.' ORDER BY '.$sort;
|
||||
}
|
||||
else {
|
||||
//SQL
|
||||
$sql = 'SELECT a.* FROM access_elements a '.$whereclause.' ORDER BY '.$sort.' LIMIT :page,:num_rows';
|
||||
}
|
||||
|
||||
$stmt = $pdo->prepare($sql);
|
||||
|
||||
//------------------------------------------
|
||||
//Bind to query
|
||||
//------------------------------------------
|
||||
if (!empty($criterias)){
|
||||
foreach ($criterias as $key => $value){
|
||||
$key_condition = ':'.$key;
|
||||
if (str_contains($sql, $key_condition)){
|
||||
if ($key == 'search'){
|
||||
$search_value = '%'.$value.'%';
|
||||
$stmt->bindValue($key, $search_value, PDO::PARAM_STR);
|
||||
}
|
||||
elseif ($key == 'p'){
|
||||
//Do nothing (bug)
|
||||
}
|
||||
else {
|
||||
$stmt->bindValue($key, $value, PDO::PARAM_STR);
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
//------------------------------------------
|
||||
// Debuglog
|
||||
//------------------------------------------
|
||||
if (debug){
|
||||
$message = $date.';'.$sql.';'.$username;
|
||||
debuglog($message);
|
||||
}
|
||||
|
||||
//------------------------------------------
|
||||
//Add paging details
|
||||
//------------------------------------------
|
||||
$page_rows = $page_rows_equipment ?? 20;
|
||||
|
||||
if(isset($criterias['totals']) && $criterias['totals']==''){
|
||||
$stmt->execute();
|
||||
$messages = $stmt->fetch();
|
||||
$messages = $messages[0];
|
||||
}
|
||||
elseif(isset($criterias['all']) && $criterias['all']==''){
|
||||
//Return all records (no paging)
|
||||
$stmt->execute();
|
||||
$messages = $stmt->fetchAll(PDO::FETCH_ASSOC);
|
||||
}
|
||||
else {
|
||||
$current_page = isset($criterias['p']) && is_numeric($criterias['p']) ? (int)$criterias['p'] : 1;
|
||||
$stmt->bindValue('page', ($current_page - 1) * $page_rows, PDO::PARAM_INT);
|
||||
$stmt->bindValue('num_rows', $page_rows, PDO::PARAM_INT);
|
||||
//Execute Query
|
||||
$stmt->execute();
|
||||
//Get results
|
||||
$messages = $stmt->fetchAll(PDO::FETCH_ASSOC);
|
||||
}
|
||||
|
||||
//------------------------------------------
|
||||
//JSON_EnCODE
|
||||
//------------------------------------------
|
||||
$messages = json_encode($messages, JSON_UNESCAPED_UNICODE);
|
||||
//------------------------------------------
|
||||
//Send results
|
||||
//------------------------------------------
|
||||
echo $messages;
|
||||
|
||||
?>
|
||||
Reference in New Issue
Block a user