Refactor permission checks to utilize hierarchy levels for access control in equipment, partner, user, and mass update pages. Update conditions to validate permissions based on user hierarchy instead of fixed permission values.

2026-01-29 20:13:48 +01:00
parent 3043076dba
commit 8df518d0a2
4 changed files with 18 additions and 11 deletions
--- a/partner.php
+++ b/partner.php
@@ -123,6 +123,8 @@ $view .= '<div class="tabs">
         </div>';

 //Define Service and partner enabled
+$hierarchyLevel = getHierarchyLevel(json_decode($_SESSION['authorization']['partnerhierarchy']));
+
 $view .= '<div class="content-block tab-content active">
            <div class="form responsive-width-100">
                <label for="status">'.$partner_status.'</label>
@@ -138,7 +140,7 @@ $view .= '<div class="content-block tab-content active">
                <label for="partnertype">'.$partner_partnertype.'</label>
                <select id="partnertype" name="partnertype" required>
                ';
-if ($_SESSION['authorization']['permission'] == 3 || $_SESSION['authorization']['permission'] == 4 ){
+if ($hierarchyLevel == 0 || $hierarchyLevel == 1){
 $view .= '          <option value="'.$partnertype1.'" '.($partner['partnertype']== $partnertype1?' selected':'').'>'.$partnertype1.'</option>
                    <option value="'.$partnertype2.'" '.($partner['partnertype']== $partnertype2?' selected':'').'>'.$partnertype2.'</option>';
 }
@@ -171,7 +173,7 @@ $view .= '<div class="tabs">
 $view .= '<div class="content-block tab-content">
            <div class="form responsive-width-100">
 ';
-if ($_SESSION['authorization']['permission'] == 3 || $_SESSION['authorization']['permission'] == 4){
+if ($hierarchyLevel == 0 || $hierarchyLevel == 1){
    $view .= '<label for="status">'.$general_salesid.'</label>';
    $view .= $salesid_dropdown;   
 }