Implement RBAC migration and role management enhancements

- Added AJAX functionality to fetch role permissions for copying.
- Introduced system role management with permission checks for updates.
- Implemented role deletion with confirmation modal and backend handling.
- Enhanced user role assignment migration scripts to transition from legacy profiles to RBAC.
- Created SQL migration scripts for user roles and permissions mapping.
- Updated user interface to support new role management features including copy permissions and system role indicators.

api/v2/get/marketing_files.php

@@ -14,9 +14,6 @@ if (empty($partner->soldto) || $partner->soldto == ''){$soldto_search = '%';} el
 //default whereclause
 $whereclause = '';
 
-// For testing, disable account hierarchy filtering
-// list($whereclause,$condition) = getWhereclauselvl2("",$permission,$partner,'get');
-
 //NEW ARRAY
 $criterias = [];   
 $clause = '';

api/v2/get/marketing_folders.php

@@ -31,8 +31,6 @@ if (empty($partner->soldto) || $partner->soldto == ''){$soldto_search = '%';} el
 //default whereclause
 $whereclause = '';
 
-list($whereclause,$condition) = getWhereclauselvl2('',$permission,$partner,'get');
-
 //NEW ARRAY
 $criterias = [];
 $clause = '';
@@ -110,11 +108,6 @@ else {
 
 $stmt = $pdo->prepare($sql);
 
-//Bind to query
-if (str_contains($whereclause, ':condition')){
-    $stmt->bindValue('condition', $condition, PDO::PARAM_STR);
-}
-
 if (!empty($criterias)){
     foreach ($criterias as $key => $value){
         $key_condition = ':'.$key;

api/v2/get/marketing_tags.php

@@ -14,9 +14,6 @@ if (empty($partner->soldto) || $partner->soldto == ''){$soldto_search = '%';} el
 //default whereclause
 $whereclause = '';
 
-// Tags are global, so no account hierarchy filtering
-// list($whereclause,$condition) = getWhereclauselvl2("",$permission,$partner,'get');
-
 //NEW ARRAY
 $criterias = [];   
 $clause = '';

api/v2/get/service.php

@@ -1,13 +1,17 @@
 <?php
 defined($security_key) or exit;
 
+//------------------------------------------
+//Connect to DB
+//------------------------------------------
+$pdo = dbConnect($dbname);
+
 //------------------------------------------
 // Application related calls
 //------------------------------------------
 $request = explode('/', trim($_SERVER['PATH_INFO'],'/'));
 $action = $request[2] ?? '';
 
-
 if ($action == 'init'){
     include './settings/systemservicetool_init.php';  
     echo json_encode($init);		
@@ -33,6 +37,43 @@ elseif ($action == 'questions' && (isset($_GET['type']) && $_GET['type'] != ''))
         }
     //Return JSON
     echo json_encode($arrayQuestions);
+} 
+elseif ($action == 'products') {
+
+    $sql = "SELECT * FROM products";
+    $stmt = $pdo->prepare($sql);
+    $stmt->execute();
+    //Get results
+    $messages = $stmt->fetchAll(PDO::FETCH_ASSOC);
+
+    echo json_encode($messages);
+
+}
+elseif ($action == 'equipments' && (isset($_GET['serialnumber']) && $_GET['serialnumber'] != '' && !isset($_GET['validate']))) {
+    
+    $sql = "SELECT e.rowID as equipmentID, e.*, p.productcode, p.productname, p.product_media, psl.starts_at,psl.expires_at,psl.status as license_status from equipment e LEFT JOIN products p ON e.productrowid = p.rowID LEFT JOIN products_software_licenses psl ON e.sw_version_license = psl.license_key WHERE e.serialnumber = ?";
+    $stmt = $pdo->prepare($sql);
+    $stmt->execute([$_GET['serialnumber']]);
+    //Get results
+    $messages = $stmt->fetchAll(PDO::FETCH_ASSOC);
+
+    echo json_encode($messages);
+
+}
+elseif ($action == 'equipments' && (isset($_GET['serialnumber']) && $_GET['serialnumber'] != '' && isset($_GET['validate']))){
+    
+    $sql = "SELECT count(rowID) as rowID from equipment e WHERE e.serialnumber = ?";
+    $stmt = $pdo->prepare($sql);
+    $stmt->execute([$_GET['serialnumber']]); 
+    $messages = $stmt->fetch();
+    
+    if ($messages[0] == 1) {
+        echo json_encode(array('SN'=> TRUE));
+    }
+    else {
+        echo json_encode(array('SN'=> FALSE));
+    }
+
 }
 else {
     http_response_code(400);

api/v2/get/user_roles.php

@@ -24,7 +24,7 @@ if(isset($get_content) && $get_content!=''){
         $v = explode("=", $y);
         //INCLUDE VARIABLES IN ARRAY
         $criterias[$v[0]] = $v[1];
-        if ($v[0] == 'page' || $v[0] =='p' || $v[0] =='totals' || $v[0] =='success_msg' || $v[0] =='sort'){
+        if ($v[0] == 'page' || $v[0] =='p' || $v[0] =='totals' || $v[0] =='success_msg' || $v[0] =='sort' || $v[0] =='all'){
             //do nothing
         }
         elseif ($v[0] == 'rowid') {
@@ -50,6 +50,11 @@ if(isset($get_content) && $get_content!=''){
     }
 }
 
+//Filter system roles for users without delete permission on user_roles
+if (isAllowed('user_roles', $profile, $permission, 'D') !== 1) {
+    $clause .= ' AND r.is_system != 1';
+}
+
 //Build WHERE clause
 $whereclause = '';
 if ($clause != ''){
@@ -81,6 +86,12 @@ if (isset($criterias['totals']) && $criterias['totals'] ==''){
     //Request for total rows
     $sql = 'SELECT count(*) as count FROM user_roles r '.$whereclause;
 }
+elseif (isset($criterias['all']) && $criterias['all'] ==''){
+    //Return all records (no paging)
+    $sql = 'SELECT r.*,
+            (SELECT COUNT(*) FROM role_access_permissions WHERE role_id = r.rowID) as permission_count
+            FROM user_roles r '.$whereclause.' ORDER BY '.$sort;
+}
 else {
     //SQL with permission count
     $sql = 'SELECT r.*,
@@ -129,6 +140,11 @@ if(isset($criterias['totals']) && $criterias['totals']==''){
     $messages = $stmt->fetch();
     $messages = $messages[0];
 }
+elseif(isset($criterias['all']) && $criterias['all']==''){
+    //Return all records (no paging)
+    $stmt->execute();
+    $messages = $stmt->fetchAll(PDO::FETCH_ASSOC);
+}
 else {
     $current_page = isset($criterias['p']) && is_numeric($criterias['p']) ? (int)$criterias['p'] : 1;
     $stmt->bindValue('page', ($current_page - 1) * $page_rows, PDO::PARAM_INT);

api/v2/post/history.php

@@ -389,8 +389,8 @@ if (isset($post_content['sn']) && (isset($post_content['payload']) || isset($pos
        
             // Create license
             $sql = 'INSERT INTO products_software_licenses
-                    (version_id, license_type, license_key, status, starts_at, expires_at, transaction_id, created, createdby)
-                    VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?)';
+                    (version_id, license_type, license_key, status, starts_at, expires_at, transaction_id, accounthierarchy,created, createdby)
+                    VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?)';
             $stmt = $pdo->prepare($sql);
             $stmt->execute([
                 $sw_version_consent,
@@ -400,6 +400,7 @@ if (isset($post_content['sn']) && (isset($post_content['payload']) || isset($pos
                 date('Y-m-d H:i:s'),
                 '2099-12-31 23:59:59', // effectively permanent
                 'Customer_consent',
+                $account,
                 date('Y-m-d H:i:s'),
                 $user
             ]);

api/v2/post/role_access_permissions.php

@@ -25,12 +25,12 @@ $criterias = [];
 
 //ADD STANDARD PARAMETERS TO ARRAY BASED ON INSERT OR UPDATE
 if ($command == 'update'){
-    $post_content['updatedby'] = $username;;
+    $post_content['updatedby'] = $username;
     $post_content['updated'] = $date;
 }
 elseif ($command == 'insert'){
     $post_content['created'] = $date;
-    $post_content['createdby'] = $username;;
+    $post_content['createdby'] = $username;
 }
 
 //CREAT NEW ARRAY AND MAP TO CLAUSE