settings/user-role-edit.php

   1 <?php
   2
   3 require_once "../inc/common.php";
   4 require_once "../inc/header.php";
   5 do_log($_POST);
   6 if (!current_user_can(PERMISSION_MANAGE_USERS))
   7 {
   8     echo "<h4>Access denied</h4>";
   9     die();
  10 }
  11 $permissions = get_panel_user_permission_list();
  12 $list = get_panel_user_roles_list();
  13
  14 /**
  15  * Add a new role
  16  */
  17 $errors = [];
  18 $success = [];
  19
  20
  21
  22 if (isset($_POST['add_role_name']) && $role_name = $_POST['add_role_name'])
  23 {
  24     foreach ($list as $name => $u) // don't add it if it already exists
  25     {
  26         if (!strcmp(to_slug($name),to_slug($role_name)))
  27         {
  28             $errors[] = "Cannot create role \"$role_name\": A role with that name already exists.";
  29             break;
  30         }
  31     }
  32     if (empty($errors)) // so far so good
  33     {
  34         $msg = "Added user role \"$role_name\"";
  35         $permissions = [];
  36         if (isset($_POST['use_dup_role']) && $dup = $_POST['dup_role']) // if they're duplicating a role
  37         {
  38             $permissions = $list[$dup];
  39             $msg .= ", a duplicate of \"$dup\"";
  40         }
  41         $clean_perms = [];
  42             foreach($permissions as $k => $v)
  43                 $clean_perms[] = $v;
  44
  45         $config['user_roles'][$role_name] = $clean_perms;
  46         write_config('user_roles');
  47         $success[] = $msg;
  48         $list = get_panel_user_roles_list(); // refresh
  49
  50     }
  51 }
  52
  53
  54 elseif (isset($_POST['del_role_name']) && $role_name = $_POST['del_role_name'])
  55 {
  56     $found = 0;
  57     foreach ($list as $name => $u) // don't add it if it already exists
  58     {
  59         if (!strcmp(to_slug($name),to_slug($role_name)))
  60         {
  61             $found = 1;
  62             break;
  63         }
  64     }
  65     if ($found) // so far so good
  66     {
  67         unset($config['user_roles'][$role_name]);
  68         write_config('user_roles');
  69         $success[] = "Successfully deleted role \"$role_name\"";
  70         $list = get_panel_user_roles_list(); // refresh
  71     }
  72     else
  73         $errors[] = "Could not delete role \"$role_name\": Role does not exist.";
  74 }
  75
  76 elseif (isset($_POST['update_role']) && $role_name = $_POST['update_role'])
  77 {
  78     $found = 0;
  79     foreach ($list as $name => $u) // don't add it if it already exists
  80     {
  81         if (!strcmp(to_slug($name),to_slug($role_name)))
  82         {
  83             $found = 1;
  84             break;
  85         }
  86     }
  87     if (!$found) // so far so good
  88     {
  89         $errors[] = "Could not update role \"$role_name\": Role does not exist.";
  90     }
  91     else
  92     {
  93         $config['user_roles'][$role_name] = $_POST['permissions'];
  94         write_config('user_roles');
  95         $success[] = "Successfully updated role \"$role_name\"";
  96         $list = get_panel_user_roles_list(); // refresh
  97     }
  98 }
  99 ?>
 100
 101
 102 <div class="container-xxl row justify-content-between">
 103
 104 <div class="col">
 105     <h4>User Role Editor</h4>
 106     <?php if (!empty($errors)) Message::Fail($errors); if (!empty($success)) Message::Success($success); ?>
 107     Roles are user categories where each has it's own set of permissions.<br>
 108     Here, you can easily add and edit User Roles to ensure that your team has the appropriate access and permissions they need.<br>
 109     Once you've created a role, you can assign it to a user on your panel, and they will have the permissions assigned to their role.<br><br>
 110     <div class="font-italic">Some roles are built-in and cannot be deleted or modified, specifically "<code>Super Admin</code>" and "<code>Read Only</code>"</div><br><br>
 111     Click a role name to view role permissions.
 112 </div>
 113 <div class="col" id="addnew_collapse">
 114 <form method="post">
 115     <div class="card card-body" style="max-width:550px">
 116         <h5>Create New Role</h5>
 117         <div class="font-italic mb-3">You must create a new role before you can add permissions to it.</div>
 118         <div class="row input-group ml-0 mb-2">
 119             <div class="input-group-prepend">
 120                 <span class="input-group-text" style="width:150px">New Role Name</span>
 121             </div>
 122             <input id="add_role_name" name="add_role_name" class="form-control" style="min-width:100px;max-width:450px" type="text">
 123
 124
 125         </div>
 126         <div class="input-group">
 127             <div class="input-group-prepend">
 128                 <div style="width:150px" class="input-group-text">
 129                     <input id="use_dup_role" name="use_dup_role" type="checkbox" class="mr-2">Duplicate Role
 130                 </div>
 131             </div>
 132             <select name="dup_role" disabled class="custom-select" id="dup_role" style="min-width:100px;max-width:450px">
 133                 <option value="0" selected>None</option>
 134                 <?php
 135                     foreach($list as $s => $l)
 136                         echo "<option value=\"$s\">$s</option>";
 137                 ?>
 138             </select>
 139         </div>
 140         <div class="mt-2 text-right">
 141             <button type="submit" disabled id="role_submit" style="background-color:darkslateblue;color:white" class="btn btn-primary">Create Role</button>
 142         </div>
 143
 144 </form>
 145     </div>
 146 </div>
 147 </div>
 148 <style>
 149
 150 #permlist #roles_accord .card .card-header .btn-header-link:after {
 151   content: "\f106";
 152   font-family: 'Font Awesome 5 Free';
 153   font-weight: 900;
 154   float: right;
 155 }
 156
 157 #permlist #roles_accord .card .card-header .btn-header-link.collapsed:after {
 158   content: "\f107";
 159 }
 160
 161 </style>
 162
 163
 164 <script>
 165     const add_role_name = document.getElementById("add_role_name");
 166     const use_dup = document.getElementById("use_dup_role");
 167     const dup_role = document.getElementById("dup_role");
 168     const role_submit = document.getElementById("role_submit");
 169
 170     use_dup.addEventListener('click', e => {
 171         if (use_dup.checked) {
 172             dup_role.disabled = false;
 173         } else {
 174             dup_role.value = "0";
 175             dup_role.disabled = true;
 176         }
 177     });
 178
 179     add_role_name.addEventListener('input', e => {
 180         if (!add_role_name.value.trim().length) // disallow names consisting of just spaces... it doesn't break anything, but it's stupid
 181             role_submit.disabled = true;
 182         else
 183             role_submit.disabled = false;
 184     });
 185 </script>
 186 <?php
 187
 188 generate_role_list($list);
 189
 190
 191 require_once "../inc/footer.php";