feat: Implement module permissions system with database-driven access control

- Added `users_permissions` table for managing user permissions. - Created `PermissionRepository` for handling permission logic. - Refactored `controls\Users::permissions()` to utilize the new database structure. - Introduced AJAX endpoint for saving user permissions. - Enhanced user management UI with permission checkboxes. - Added vacation management template for handling employee absences. - Implemented tests for `PermissionRepository`.
2026-02-26 20:17:03 +01:00
parent 76d3ac33a8
commit a4a35c8d62
35 changed files with 2654 additions and 901 deletions
--- a/.serena/memories/project_overview.md
+++ b/.serena/memories/project_overview.md
@@ -0,0 +1,26 @@
+# CRM PRO - Project Overview
+
+## Purpose
+Polish-language CRM for task/project management, client management, finances, work time tracking.
+
+## Tech Stack
+- PHP 7.4, MySQL, Bootstrap 3, jQuery 3.6, PHP templating
+- Medoo query builder ($mdb global), RedBean ORM (\R)
+- SCSS compiled via VS Code Live Sass Compile
+
+## Architecture
+Layered with ongoing DDD migration:
+- `autoload/Controllers/` - new PSR-4, camelCase (TasksController, UsersController, CrmController, FinancesController)
+- `autoload/controls/` - legacy snake_case (Site, Users, Wiki, Projects, Tasks, Cron)
+- `autoload/factory/` - data access (legacy)
+- `autoload/Domain/` - new repositories (Tasks/, Crm/, Finances/, Users/)
+- `templates/` - PHP templates via \Tpl::view()
+
+## Routing
+`controls\Site::route()` reads `?module=&action=` params, tries `\Controllers\{Module}Controller::{camelCase}()` first, falls back to `\controls\{Module}::{snake_case}()`.
+
+## Modules
+tasks, projects, work_time, finances, crm, wiki, users, zaplecze
+
+## Current Permissions
+Hardcoded in `controls\Users::permissions()` - array per user ID with module booleans. Returns true by default if no entry found.
--- a/.serena/memories/style_conventions.md
+++ b/.serena/memories/style_conventions.md
@@ -0,0 +1,18 @@
+# Code Style & Conventions
+
+## PHP
+- PHP 7.4 compatibility required
+- New controllers: `Controllers\{Module}Controller` with camelCase methods
+- New domain: `Domain\{Module}\{Name}Repository` with constructor-injected $mdb
+- Legacy: `controls\{Module}` and `factory\{Module}` with snake_case
+- Templates via `\Tpl::view('module/template', $data_array)`
+- XSS protection via `\Tpl::secureHTML()`
+- UI language: Polish
+
+## File Naming
+- New: `ClassName.php`
+- Legacy: `class.ClassName.php`
+
+## Spacing Style (from existing code)
+- Spaces inside brackets: `$arr[ 'key' ]`, `func( $arg )`
+- Allman-ish brace style with opening brace on same line
--- a/.serena/memories/suggested_commands.md
+++ b/.serena/memories/suggested_commands.md
@@ -0,0 +1,21 @@
+# Suggested Commands
+
+## Testing
+```bash
+php tests/run.php
+```
+
+## Entry Points
+- Web: `index.php` (routes via ?module=&action=)
+- AJAX: `ajax.php`
+- REST API: `api.php`
+- Cron: `cron.php`
+
+## SCSS
+Compiled via VS Code Live Sass Compile extension (layout/style.scss -> layout/style.css)
+
+## Git
+Standard git commands (bash shell on Windows)
+
+## Utils
+Use Unix-style commands in bash shell (ls, cat, grep, find, etc.)