Roles, Permissions & Status

On GoBrik we now use three levels of classification to orchestrate the use of the app and its pages among users.

Roles

• Admin
• User
• Validator
• Dev

GEA Status

• Ecobricker
• Trainer
• Master Trainer

Permissions

• Edit all ecobricks
• Delete users
• Delete ecobricks
• Change user roles

We're now in the process of deploying a code block that let's us limit which users use which page-- for example on the page admin-review. Here's the latest version of the code block (for Alan's review!):

`// LOGIN AND ROLE CHECK:`
`//Check if the user is logged in, if not send them to login.`
`if (!isLoggedIn()) {`
    `header("Location: login.php");`
    `exit();`
`}`

// User is logged in, proceed to check admin status
$buwana_id = $_SESSION['buwana_id'];
require_once '../gobrikconn_env.php';

$query = "SELECT user_roles FROM tb_ecobrickers WHERE buwana_id = ?";
if ($stmt = $gobrik_conn->prepare($query)) {
    $stmt->bind_param("i", $buwana_id);
    $stmt->execute();
    $stmt->bind_result($user_roles);

    if ($stmt->fetch()) {
        // Check if the user has an admin role
        if (stripos($user_roles, 'admin') === false) {
            echo "<script>
                alert('Sorry, only admins can see this page.');
                window.location.href = 'dashboard.php';
            </script>";
            exit();
        }
    } else {
        // Redirect if no user record is found
        echo "<script>
            alert('User record not found.');
            window.location.href = 'dashboard.php';
        </script>";
        exit();
    }
    $stmt->close();
} else {
    // Handle database error
    echo "<script>
        alert('Error checking user role. Please try again later.');
        window.location.href = 'dashboard.php';
    </script>";
    exit();
}
//END LOGIN AND ROLE CHECK

`