+
+/**
+ * Add a new role
+ */
+$errors = [];
+$success = [];
+
+
+
+if (isset($_POST['add_role_name']) && $role_name = $_POST['add_role_name'])
+{
+ foreach ($list as $name => $u) // don't add it if it already exists
+ {
+ if (!strcmp(to_slug($name),to_slug($role_name)))
+ {
+ $errors[] = "Cannot create role \"$role_name\": A role with that name already exists.";
+ break;
+ }
+ }
+ if (empty($errors)) // so far so good
+ {
+ $msg = "Added user role \"$role_name\"";
+ $permissions = [];
+ if (isset($_POST['use_dup_role']) && $dup = $_POST['dup_role']) // if they're duplicating a role
+ {
+ $permissions = $list[$dup];
+ $msg .= ", a duplicate of \"$dup\"";
+ }
+ $clean_perms = [];
+ foreach($permissions as $k => $v)
+ $clean_perms[] = $v;
+
+ $config['user_roles'][$role_name] = $clean_perms;
+ write_config('user_roles');
+ $success[] = $msg;
+ $list = get_panel_user_roles_list(); // refresh
+
+ }
+}
+
+
+elseif (isset($_POST['del_role_name']) && $role_name = $_POST['del_role_name'])
+{
+ $found = 0;
+ foreach ($list as $name => $u) // don't add it if it already exists
+ {
+ if (!strcmp(to_slug($name),to_slug($role_name)))
+ {
+ $found = 1;
+ break;
+ }
+ }
+ if ($found) // so far so good
+ {
+ unset($config['user_roles'][$role_name]);
+ write_config('user_roles');
+ $success[] = "Successfully deleted role \"$role_name\"";
+ $list = get_panel_user_roles_list(); // refresh
+ }
+ else
+ $errors[] = "Could not delete role \"$role_name\": Role does not exist.";
+}
+
+elseif (isset($_POST['update_role']) && $role_name = $_POST['update_role'])
+{
+ $found = 0;
+ foreach ($list as $name => $u) // don't add it if it already exists
+ {
+ if (!strcmp(to_slug($name),to_slug($role_name)))
+ {
+ $found = 1;
+ break;
+ }
+ }
+ if (!$found) // so far so good
+ {
+ $errors[] = "Could not update role \"$role_name\": Role does not exist.";
+ }
+ else
+ {
+ $config['user_roles'][$role_name] = $_POST['permissions'];
+ write_config('user_roles');
+ $success[] = "Successfully updated role \"$role_name\"";
+ $list = get_panel_user_roles_list(); // refresh
+ }
+}