Implement RBAC migration and role management enhancements
- Added AJAX functionality to fetch role permissions for copying. - Introduced system role management with permission checks for updates. - Implemented role deletion with confirmation modal and backend handling. - Enhanced user role assignment migration scripts to transition from legacy profiles to RBAC. - Created SQL migration scripts for user roles and permissions mapping. - Updated user interface to support new role management features including copy permissions and system role indicators.
This commit is contained in:
“VeLiTi”
43
index.php
43
index.php
@@ -106,23 +106,28 @@ if (isset($_GET['page']) && $_GET['page'] == 'logout') {
|
||||
die();
|
||||
}
|
||||
|
||||
//=====================================
|
||||
//DEFINE WHERE TO SEND THE USER TO. GET first assigned view in the profile if not available use dashboard
|
||||
/*=====================================
|
||||
$allowed_views = explode(',',$_SESSION['authorization']['profile']);
|
||||
$ignoreViews = ['profile','assets','sales'];
|
||||
|
||||
// If dashboard is in the profile, prioritize it
|
||||
if (in_array('dashboard', $allowed_views) && file_exists('dashboard.php')) {
|
||||
$allowed_views = 'dashboard';
|
||||
} else {
|
||||
$allowed_views = findExistingView($allowed_views, 'dashboard', $ignoreViews);
|
||||
}
|
||||
*/
|
||||
//+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
|
||||
// SIMPLE ROUTING SYSTEM
|
||||
//+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
|
||||
$page = $_GET['page'] ?? 'dashboard';
|
||||
if (isset($_GET['page'])) {
|
||||
$page = $_GET['page'];
|
||||
} else {
|
||||
// Get first available page from user's permissions using the menu structure
|
||||
$default_page = null;
|
||||
if (!empty($_SESSION['authorization']['permissions'])) {
|
||||
include_once dirname(__FILE__).'/settings/settingsmenu.php';
|
||||
$filteredMenu = filterMenuByPermissions($main_menu, $_SESSION['authorization']['permissions']);
|
||||
|
||||
// Get first menu item's URL as default page
|
||||
foreach ($filteredMenu as $section) {
|
||||
if (isset($section['main_menu']['url'])) {
|
||||
$default_page = $section['main_menu']['url'];
|
||||
break;
|
||||
}
|
||||
}
|
||||
}
|
||||
$page = $default_page ?? 'dashboard';
|
||||
}
|
||||
|
||||
// Sanitize page parameter to prevent directory traversal
|
||||
$page = preg_replace('/[^a-zA-Z0-9_-]/', '', $page);
|
||||
@@ -135,10 +140,6 @@ try {
|
||||
$file_exists = file_exists($page_file);
|
||||
$is_allowed = $file_exists ? isAllowed($page, $_SESSION['authorization']['permissions'], $_SESSION['authorization']['permission'], 'R') : 0;
|
||||
|
||||
if (debug) {
|
||||
debuglog("Routing: page={$page}, file_exists={$file_exists}, is_allowed={$is_allowed}");
|
||||
}
|
||||
|
||||
if ($file_exists && $is_allowed !== 0) {
|
||||
include $page_file;
|
||||
} else {
|
||||
@@ -166,9 +167,6 @@ try {
|
||||
<i class="' . $error_icon . '"></i>
|
||||
</div>
|
||||
<p style="color: var(--gray-500, #6b7280); margin-bottom: 30px;">Please check the URL or navigate using the menu.</p>
|
||||
<a href="index.php?page=dashboard" class="btn">
|
||||
<i class="fa-solid fa-house"></i> Return to Dashboard
|
||||
</a>
|
||||
</div>';
|
||||
template_footer();
|
||||
}
|
||||
@@ -195,9 +193,6 @@ try {
|
||||
</div>
|
||||
<p style="color: var(--gray-500, #6b7280); margin-bottom: 30px;">Please try again or contact the system administrator.</p>
|
||||
<div style="display: flex; gap: 10px; justify-content: center;">
|
||||
<a href="index.php?page=dashboard" class="btn">
|
||||
<i class="fa-solid fa-house"></i> Return to Dashboard
|
||||
</a>
|
||||
<button onclick="location.reload()" class="btn">
|
||||
<i class="fa-solid fa-rotate-right"></i> Reload Page
|
||||
</button>
|
||||
|
||||
Reference in New Issue
Block a user