24481279d5
- Updated session variables to use 'authorization' array instead of 'username' for user identification across multiple files. - Introduced a new function `getUserPermissions` to consolidate user permissions retrieval based on assigned roles. - Modified API calls to use the new authorization structure and updated endpoints to v2. - Enhanced language support by adding 'PL' to the list of supported languages. - Cleaned up redundant code and improved session management during user login and registration processes. - Added a new API endpoint for fetching user permissions based on user ID.
203 lines
8.2 KiB
PHP
203 lines
8.2 KiB
PHP
<?php
|
|
defined(page_security_key) or exit;
|
|
|
|
if (debug && debug_id == $_SESSION['authorization']['id']){
|
|
ini_set('display_errors', '1');
|
|
ini_set('display_startup_errors', '1');
|
|
error_reporting(E_ALL);
|
|
}
|
|
include_once './assets/functions.php';
|
|
include_once './settings/settings_redirector.php';
|
|
|
|
//SET PAGE ORIGIN FOR NAVIGATION AND SECURITY
|
|
$prev_page = $_SESSION['prev_origin'] ?? '';
|
|
$page = $_SESSION['origin'] = 'user_roles';
|
|
|
|
//create backbutton to prev_origin
|
|
$back_btn_orgin = ($prev_page != '')? '<a href="'.$prev_page.'" class="btn alt mar-right-2">←</a>':'';
|
|
|
|
//Check if allowed
|
|
if (isAllowed($page,$_SESSION['authorization']['profile'],$_SESSION['authorization']['permission'],'R') === 0){
|
|
header('location: index.php');
|
|
exit;
|
|
}
|
|
//PAGE Security
|
|
$page_manage = 'user_role_manage';
|
|
$update_allowed = isAllowed($page_manage ,$_SESSION['authorization']['profile'],$_SESSION['authorization']['permission'],'U');
|
|
$delete_allowed = isAllowed($page_manage ,$_SESSION['authorization']['profile'],$_SESSION['authorization']['permission'],'D');
|
|
$create_allowed = isAllowed($page_manage ,$_SESSION['authorization']['profile'],$_SESSION['authorization']['permission'],'C');
|
|
|
|
//GET PARAMETERS && STORE in SESSION for FURTHER USE/NAVIGATION
|
|
$pagination_page = $_SESSION['p'] = isset($_GET['p']) ? $_GET['p'] : 1;
|
|
$status = $_SESSION['status'] = isset($_GET['status']) ? '&status='.$_GET['status'] : '';
|
|
$sort = $_SESSION['sort'] = isset($_GET['sort']) ? '&sort='.$_GET['sort'] : '';
|
|
$search = $_SESSION['search'] = isset($_GET['search']) ? '&search='.$_GET['search'] : '';
|
|
|
|
//GET PARAMETERS FOR FILTERS
|
|
$filter = urlGETdetailsFilter($_GET) ?? '';
|
|
|
|
// Determine the URL
|
|
$url = 'index.php?page=user_roles'.$status.$search.$sort;
|
|
//GET Details from URL
|
|
$GET_VALUES = urlGETdetails($_GET) ?? '';
|
|
//CALL TO API
|
|
$api_url = '/v2/user_roles/'.$GET_VALUES;
|
|
$responses = ioServer($api_url,'');
|
|
//Decode Payload
|
|
if (!empty($responses)){$responses = json_decode($responses);}else{$responses = null;}
|
|
|
|
//Return QueryTotal from API
|
|
$total_url = ((!empty($GET_VALUES) && $GET_VALUES !='') ? '&totals=' : 'totals=' );
|
|
$api_url = '/v2/user_roles/'.$GET_VALUES.$total_url;
|
|
$query_total = ioServer($api_url,'');
|
|
//Decode Payload
|
|
if (!empty($query_total)){$query_total = json_decode($query_total);}else{$query_total = null;}
|
|
|
|
// Handle success messages
|
|
if (isset($_GET['success_msg'])) {
|
|
if ($_GET['success_msg'] == 1) {
|
|
$success_msg = ($message_role_1 ?? 'Role created successfully');
|
|
}
|
|
if ($_GET['success_msg'] == 2) {
|
|
$success_msg = ($message_role_2 ?? 'Role updated successfully');
|
|
}
|
|
if ($_GET['success_msg'] == 3) {
|
|
$success_msg = ($message_role_3 ?? 'Role deleted successfully');
|
|
}
|
|
}
|
|
|
|
template_header(($user_roles_title ?? 'User Roles'), 'user_roles','view');
|
|
$view = '
|
|
<div class="content-title">
|
|
<div class="title">
|
|
<i class="fa-solid fa-user-shield"></i>
|
|
<div class="txt">
|
|
<h2>'.($user_roles_h2 ?? 'User Roles').' ('.$query_total.')</h2>
|
|
<p>'.($user_roles_p ?? 'Manage user roles and permissions').'</p>
|
|
</div>
|
|
</div>
|
|
<div class="title-actions">
|
|
'.$back_btn_orgin;
|
|
|
|
if ($create_allowed === 1){
|
|
$view .= '<a href="index.php?page=user_role_manage" class="btn">+</a>';
|
|
}
|
|
|
|
$view .= '<button id="filter-toggle" class="btn alt" onclick="toggleFilters()">
|
|
<i class="fa-solid fa-search"></i>
|
|
</button>
|
|
</div>
|
|
</div>';
|
|
|
|
if (isset($success_msg)){
|
|
$view .= ' <div class="msg success">
|
|
<i class="fas fa-check-circle"></i>
|
|
<p>'.$success_msg.'</p>
|
|
<i class="fas fa-times"></i>
|
|
</div>';
|
|
}
|
|
|
|
$view .= '
|
|
<div id="filter-panel" class="filter-panel" style="display: none;">
|
|
<div class="filter-content">
|
|
<form action="" method="get">
|
|
'.$filter.'
|
|
<div class="filter-row">
|
|
<div class="filter-group">
|
|
<select name="status">
|
|
<option value="" disabled selected>'.($general_status ?? 'Status').'</option>
|
|
<option value="1"'.(isset($_GET['status']) && $_GET['status']==1?' selected':'').'>'.($enabled ?? 'Active').'</option>
|
|
<option value="0"'.(isset($_GET['status']) && $_GET['status']==0?' selected':'').'>'.($disabled ?? 'Inactive').'</option>
|
|
</select>
|
|
</div>
|
|
|
|
<div class="filter-group">
|
|
<select name="sort">
|
|
<option value="" disabled selected>'.($general_sort ?? 'Sort').'</option>
|
|
<option value="1"'.(isset($_GET['sort']) && $_GET['sort']==1?' selected':'').'>'.($role_name ?? 'Name').' '.($general_sort_type_1 ?? 'ASC').'</option>
|
|
<option value="2"'.(isset($_GET['sort']) && $_GET['sort']==2?' selected':'').'>'.($role_name ?? 'Name').' '.($general_sort_type_2 ?? 'DESC').'</option>
|
|
<option value="3"'.(isset($_GET['sort']) && $_GET['sort']==3?' selected':'').'>'.($general_created ?? 'Created').' '.($general_sort_type_1 ?? 'ASC').'</option>
|
|
<option value="4"'.(isset($_GET['sort']) && $_GET['sort']==4?' selected':'').'>'.($general_created ?? 'Created').' '.($general_sort_type_2 ?? 'DESC').'</option>
|
|
</select>
|
|
</div>
|
|
|
|
<div class="filter-group search-group">
|
|
<input type="text" name="search" placeholder="'.($role_search ?? 'Search roles...').'" value="">
|
|
</div>
|
|
</div>
|
|
|
|
<div class="filter-actions">
|
|
<button type="submit" class="btn"><i class="fas fa-level-down-alt fa-rotate-90"></i></button>
|
|
<a class="btn alt" href="index.php?page=user_roles">X</a>
|
|
</div>
|
|
</form>
|
|
</div>
|
|
</div>
|
|
';
|
|
$view .= '
|
|
<div class="content-block">
|
|
<div class="table">
|
|
<table class="sortable">
|
|
<thead>
|
|
<tr>
|
|
<th>'.($role_name ?? 'Role Name').'</th>
|
|
<th class="responsive-hidden">'.($role_description ?? 'Description').'</th>
|
|
<th>'.($general_status ?? 'Status').'</th>
|
|
<th class="responsive-hidden">'.($role_permissions_count ?? 'Permissions').'</th>
|
|
<th class="responsive-hidden">'.($general_created ?? 'Created').'</th>
|
|
</tr>
|
|
</thead>
|
|
<tbody>
|
|
';
|
|
|
|
if (empty($responses)){
|
|
|
|
$view .= '
|
|
<tr>
|
|
<td colspan="5" style="text-align:center;">'.($message_no_roles ?? 'No roles found').'</td>
|
|
</tr>';
|
|
}
|
|
|
|
foreach ($responses as $response){
|
|
//Translate status INT to STR
|
|
$status_text = ($response->is_active == 1) ? ($enabled ?? 'Active') : ($disabled ?? 'Inactive');
|
|
$status_class = ($response->is_active == 1) ? 'id1' : 'id0';
|
|
|
|
$view .= '<tr onclick="window.location.href=\'index.php?page=user_role&rowID='.$response->rowID.'\'" style="cursor: pointer;">
|
|
<td>'.$response->name.'</td>
|
|
<td class="responsive-hidden">'.($response->description ?? '-').'</td>
|
|
<td><span class="status '.$status_class.'">'.$status_text.'</span></td>
|
|
<td class="responsive-hidden">'.($response->permission_count ?? '0').'</td>
|
|
<td class="responsive-hidden">'.getRelativeTime($response->created).'</td>
|
|
</tr>
|
|
';
|
|
}
|
|
$view .= '
|
|
</tbody>
|
|
</table>
|
|
</div>
|
|
</div>
|
|
';
|
|
|
|
$page_rows = $page_rows_equipment ?? 20;
|
|
$view.='<div class="pagination">';
|
|
if ($pagination_page > 1) {
|
|
$page = $pagination_page-1;
|
|
$view .= '<a href="'.$url.'&p=1">'.($general_first ?? 'First').'</a>';
|
|
$view .= '<a href="'.$url.'&p='.$page.'">'.($general_prev ?? 'Prev').'</a>';
|
|
}
|
|
$totals = ceil($query_total / $page_rows) == 0 ? 1 : ceil($query_total / $page_rows);
|
|
$view .= '<span> '.($general_page ?? 'Page ').$pagination_page.($general_page_of ?? ' of ').$totals.'</span>';
|
|
if ($pagination_page * $page_rows < $query_total){
|
|
$page = $pagination_page+1;
|
|
$view .= '<a href="'.$url.'&p='.$page.'">'.($general_next ?? 'Next').'</a>';
|
|
$view .= '<a href="'.$url.'&p='.$totals.'">'.($general_last ?? 'Last').'</a>';
|
|
}
|
|
|
|
$view .= '</div>';
|
|
//OUTPUT
|
|
echo $view;
|
|
|
|
template_footer();
|
|
?>
|