3 require_once "../inc/common.php";
4 require_once "../inc/header.php";
6 if (!current_user_can(PERMISSION_MANAGE_USERS
))
8 echo "<h4>Access denied</h4>";
11 $permissions = get_panel_user_permission_list();
12 $list = get_panel_user_roles_list();
22 if (isset($_POST['add_role_name']) && $role_name = $_POST['add_role_name'])
24 foreach ($list as $name => $u) // don't add it if it already exists
26 if (!strcmp(to_slug($name),to_slug($role_name)))
28 $errors[] = "Cannot create role \"$role_name\": A role with that name already exists.";
32 if (empty($errors)) // so far so good
34 $msg = "Added user role \"$role_name\"";
36 if (isset($_POST['use_dup_role']) && $dup = $_POST['dup_role']) // if they're duplicating a role
38 $permissions = $list[$dup];
39 $msg .= ", a duplicate of \"$dup\"";
42 foreach($permissions as $k => $v)
45 $config['user_roles'][$role_name] = $clean_perms;
46 write_config('user_roles');
48 $list = get_panel_user_roles_list(); // refresh
54 elseif (isset($_POST['del_role_name']) && $role_name = $_POST['del_role_name'])
57 foreach ($list as $name => $u) // don't add it if it already exists
59 if (!strcmp(to_slug($name),to_slug($role_name)))
65 if ($found) // so far so good
67 unset($config['user_roles'][$role_name]);
68 write_config('user_roles');
69 $success[] = "Successfully deleted role \"$role_name\"";
70 $list = get_panel_user_roles_list(); // refresh
73 $errors[] = "Could not delete role \"$role_name\": Role does not exist.";
76 elseif (isset($_POST['update_role']) && $role_name = $_POST['update_role'])
79 foreach ($list as $name => $u) // don't add it if it already exists
81 if (!strcmp(to_slug($name),to_slug($role_name)))
87 if (!$found) // so far so good
89 $errors[] = "Could not update role \"$role_name\": Role does not exist.";
93 $config['user_roles'][$role_name] = $_POST['permissions'];
94 write_config('user_roles');
95 $success[] = "Successfully updated role \"$role_name\"";
96 $list = get_panel_user_roles_list(); // refresh
102 <div
class="container-xxl row justify-content-between">
105 <h4
>User Role Editor
</h4
>
106 <?php
if (!empty($errors)) Message
::Fail($errors); if (!empty($success)) Message
::Success($success); ?>
107 Roles are user categories where each has it
's own set of permissions.<br>
108 Here, you can easily add and edit User Roles to ensure that your team has the appropriate access and permissions they need.<br>
109 Once you've created a role
, you can assign it to a user on your panel
, and they will have the permissions assigned to their role
.<br
><br
>
110 <div
class="font-italic">Some roles are built
-in
and cannot be deleted
or modified
, specifically
"<code>Super Admin</code>" and "<code>Read Only</code>"</div
><br
><br
>
111 Click a role name to view role permissions
.
113 <div
class="col" id
="addnew_collapse">
115 <div
class="card card-body" style
="max-width:550px">
116 <h5
>Create
New Role
</h5
>
117 <div
class="font-italic mb-3">You must create a
new role before you can add permissions to it
.</div
>
118 <div
class="row input-group ml-0 mb-2">
119 <div
class="input-group-prepend">
120 <span
class="input-group-text" style
="width:150px">New Role Name
</span
>
122 <input id
="add_role_name" name
="add_role_name" class="form-control" style
="min-width:100px;max-width:450px" type
="text">
126 <div
class="input-group">
127 <div
class="input-group-prepend">
128 <div style
="width:150px" class="input-group-text">
129 <input id
="use_dup_role" name
="use_dup_role" type
="checkbox" class="mr-2">Duplicate Role
132 <select name
="dup_role" disabled
class="custom-select" id
="dup_role" style
="min-width:100px;max-width:450px">
133 <option value
="0" selected
>None
</option
>
135 foreach($list as $s => $l)
136 echo "<option value=\"$s\">$s</option>";
140 <div
class="mt-2 text-right">
141 <button type
="submit" disabled id
="role_submit" style
="background-color:darkslateblue;color:white" class="btn btn-primary">Create Role
</button
>
150 #permlist #roles_accord .card .card-header .btn-header-link:after {
152 font
-family
: 'Font Awesome 5 Free';
157 #permlist #roles_accord .card .card-header .btn-header-link.collapsed:after {
165 const add_role_name
= document
.getElementById("add_role_name");
166 const use_dup
= document
.getElementById("use_dup_role");
167 const dup_role
= document
.getElementById("dup_role");
168 const role_submit
= document
.getElementById("role_submit");
170 use_dup
.addEventListener('click', e
=> {
171 if (use_dup
.checked
) {
172 dup_role
.disabled
= false;
174 dup_role
.value
= "0";
175 dup_role
.disabled
= true;
179 add_role_name
.addEventListener('input', e
=> {
180 if (!add_role_name
.value
.trim().length
) // disallow names consisting of just spaces... it doesn't break anything, but it's stupid
181 role_submit
.disabled
= true;
183 role_submit
.disabled
= false;
188 generate_role_list($list);
191 require_once "../inc/footer.php";