<div class="card-header" id="<?php echo to_slug($role); ?>_heading">
<div class="btn-header-link btn-block text-left collapsed" type="button" data-toggle="collapse" data-target="#collapse_<?php echo to_slug($role); ?>" aria-expanded="true" aria-controls="collapse_<?php echo to_slug($role); ?>">
<?php echo $role ?>
- <i style="padding-top:-30px;padding-bottom: -30px;"class="fa fa-trash fa-1" aria-hidden="true"></i>
+
</div>
</div>
<div id="collapse_<?php echo to_slug($role); ?>" class="collapse" aria-labelledby="<?php echo to_slug($role); ?>_heading" data-parent="#roles_accord">
<div id="results_rpc" class="card-body">
- <?php
+ <form method="post">
+ <?php if ($role !== "Super Admin" && $role !== "Read Only") { ?>
+ <div class="container row mb-2">
+ <button id="update_role" name="update_role" value="<?php echo $role ?>" class="btn btn-primary ml-1 mr-2" >Update</button>
+ <button id="delete_role" name="del_role_name" value="<?php echo $role ?>" class="btn btn-danger"><i class="fa fa-trash fa-1" aria-hidden="true"></i></button>
+ </div>
+
+ <?php } ?>
+ <div id="<?php echo $role; ?>_input_area"><?php
foreach($list2 as $desc => $slug)
{
$attributes = "";
<input <?php
$attributes .= (in_array($slug, $list[$role])) ? "checked" : "";
echo $attributes;
- ?> name="<?php echo to_slug($role); ?>_permissions[]" value="<?php echo $slug; ?>" type="checkbox">
+ ?> name="permissions[]" value="<?php echo $slug; ?>" type="checkbox">
</div>
</div>
<input type="text" readonly class="form-control" value="<?php echo "$desc ($slug)"; ?>">
<?php
}
- ?>
+ ?> </div>
+ </form>
</div>
</div>
</div>
<?php }?>
</div></div><br>
- <button type="submit" class="btn btn-primary">Save changes</div>
+
</div><?php
}
require_once "../inc/common.php";
require_once "../inc/header.php";
-
+do_log($_POST);
if (!current_user_can(PERMISSION_MANAGE_USERS))
{
echo "<h4>Access denied</h4>";
$permissions = $list[$dup];
$msg .= ", a duplicate of \"$dup\"";
}
- $settings = DbSettings::get();
$clean_perms = [];
foreach($permissions as $k => $v)
$clean_perms[] = $v;
- $settings['user_roles'][$role_name] = $clean_perms;
- DbSettings::set('user_roles', $settings['user_roles']);
+ $config['user_roles'][$role_name] = $clean_perms;
+ write_config('user_roles');
$success[] = $msg;
$list = get_panel_user_roles_list(); // refresh
}
}
+
elseif (isset($_POST['del_role_name']) && $role_name = $_POST['del_role_name'])
{
$found = 0;
}
if ($found) // so far so good
{
- $settings = DbSettings::get();
- unset($settings['user_roles'][$role_name]);
- DbSettings::set('user_roles', $settings['user_roles']);
+ unset($config['user_roles'][$role_name]);
+ write_config('user_roles');
$success[] = "Successfully deleted role \"$role_name\"";
$list = get_panel_user_roles_list(); // refresh
}
});
add_role_name.addEventListener('input', e => {
- if (!add_role_name.value.length)
+ if (!add_role_name.value.trim().length) // disallow names consisting of just spaces... it doesn't break anything, but it's stupid
role_submit.disabled = true;
else
role_submit.disabled = false;