From 889cbc69e18845294603d852d25a55eecb50c4f8 Mon Sep 17 00:00:00 2001
From: snipe <snipe@snipe.net>
Date: Mon, 20 Oct 2025 15:48:49 +0100
Subject: [PATCH] Starter improvements - needs testing

---
 app/Http/Controllers/GroupsController.php     |   8 +-
 config/permissions.php                        |   6 +-
 resources/views/groups/edit.blade.php         | 313 +++++++++---------
 .../views/partials/bootstrap-table.blade.php  |  22 ++
 4 files changed, 185 insertions(+), 164 deletions(-)
diff --git a/app/Http/Controllers/GroupsController.php b/app/Http/Controllers/GroupsController.php
index 577030390b..0c9823ca62 100755
--- a/app/Http/Controllers/GroupsController.php
+++ b/app/Http/Controllers/GroupsController.php
@@ -88,7 +88,10 @@ class GroupsController extends Controller
             $groupPermissions = [];
         }
         $selected_array = Helper::selectedPermissionsArray($permissions, $groupPermissions);
-        return view('groups.edit', compact('group', 'permissions', 'selected_array', 'groupPermissions'));
+        $associated_users = $group->users()->get();
+
+        //dd($associated_users->toArray());
+        return view('groups.edit', compact('group', 'permissions', 'selected_array', 'groupPermissions'))->with('associated_users', $associated_users);
     }
 
     /**
@@ -105,8 +108,11 @@ class GroupsController extends Controller
         $group->permissions = json_encode($request->input('permission'));
         $group->notes = $request->input('notes');
 
+        \Log::error(print_r($request->input('associated_users'), true));
+
         if (! config('app.lock_passwords')) {
             if ($group->save()) {
+                $group->users()->sync($request->input('associated_users'));
                 return redirect()->route('groups.index')->with('success', trans('admin/groups/message.success.update'));
             }
 
diff --git a/config/permissions.php b/config/permissions.php
index eaf7b3f785..ae90c566de 100644
--- a/config/permissions.php
+++ b/config/permissions.php
@@ -9,11 +9,11 @@
 
 return [
 
-    'Global' => [
+    'Superuser' => [
         [
             'permission' => 'superuser',
             'label'      => 'Super User',
-            'note'       => 'Determines whether the user has full access to all aspects of the admin. This setting overrides any more specific permissions throughout the system. ',
+            'note'       => 'Determines whether the user has full access to all aspects of the admin. This setting overrides ALL more specific and restrictive permissions throughout the system. ',
             'display'    => true,
         ],
     ],
@@ -22,7 +22,7 @@ return [
         [
             'permission' => 'admin',
             'label'      => '',
-            'note'       => 'Determines whether the user has access to most aspects of the admin. ',
+            'note'       => 'Determines whether the user has access to most aspects of the system EXCEPT the Admin Settings. These users will be able to manage users, locations, categories, etc, but ARE constrained by Full Multiple Company Support if it is enabled.',
             'display'    => true,
         ],
     ],
diff --git a/resources/views/groups/edit.blade.php b/resources/views/groups/edit.blade.php
index 4c387f73ef..77ca25db21 100755
--- a/resources/views/groups/edit.blade.php
+++ b/resources/views/groups/edit.blade.php
@@ -7,63 +7,25 @@
 ])
 @section('content')
 
-    <style>
-        .form-horizontal .control-label {
-            padding-top: 0px;
-        }
 
-        input[type='text'][disabled], input[disabled], textarea[disabled], input[readonly], textarea[readonly], .form-control[disabled], .form-control[readonly], fieldset[disabled] .form-control {
-            background-color: white;
-            color: #555555;
-            cursor:text;
-        }
-        table.permissions {
-            display:flex;
-            flex-direction: column;
-        }
-
-        .permissions.table > thead, .permissions.table > tbody {
-            margin: 15px;
-            margin-top: 0px;
-        }
-        .permissions.table > tbody {
-            border: 1px solid;
-        }
-        .header-row {
-            border-bottom: 1px solid #ccc;
-        }
-        .permissions-row {
-            display: flex;
-            justify-content: space-between;
-            align-items: center;
-        }
-        .table > tbody > tr > td.permissions-item {
-            padding: 1px;
-            padding-left: 8px;
-        }
-
-        .header-name {
-            cursor: pointer;
-        }
-
-    </style>
 
 @parent
 @stop
 
 @section('inputFields')
+
 <!-- Name -->
 <div class="form-group {{ $errors->has('name') ? ' has-error' : '' }}">
-    <label for="name" class="col-md-2 control-label">{{ trans('admin/groups/titles.group_name') }}</label>
-    <div class="col-md-9 required">
+    <label for="name" class="col-md-3 control-label">{{ trans('admin/groups/titles.group_name') }}</label>
+    <div class="col-md-8 required">
         <input class="form-control" type="text" name="name" id="name" value="{{ old('name', $group->name) }}" required />
         {!! $errors->first('name', '<span class="alert-msg" aria-hidden="true"><i class="fas fa-times" aria-hidden="true"></i> :message</span>') !!}
     </div>
 </div>
 
 <div class="form-group{!! $errors->has('notes') ? ' has-error' : '' !!}">
-    <label for="notes" class="col-md-2 control-label">{{ trans('general.notes') }}</label>
-    <div class="col-md-9">
+    <label for="notes" class="col-md-3 control-label">{{ trans('general.notes') }}</label>
+    <div class="col-md-8">
         <x-input.textarea
                 name="notes"
                 id="notes"
@@ -77,131 +39,159 @@
     </div>
 </div>
 
+
+<div class="form-group{{ $errors->has('associated_users') ? ' has-error' : '' }}">
+
+    <label for="associated_users[]" class="col-md-3 control-label">
+        {{ trans('general.users') }}
+    </label>
+
+    <div class="col-md-7">
+        <select class="js-data-ajax"
+                data-endpoint="users"
+                data-placeholder="{{ trans('general.select_user') }}"
+                name="associated_users[]"
+                style="width: 100%"
+                id="associated_users[]"
+                aria-label="associated_users[]"  multiple>
+
+                <option value=""  role="option">{{ trans('general.select_user') }}</option>
+                @if(isset($associated_users))
+                    @foreach($associated_users as $associated_user)
+                        <option value="{{ $associated_user->id }}" selected="selected" role="option" aria-selected="true"
+                                role="option">
+                            {{ $associated_user->present()->fullName }} ({{ $associated_user->username }})
+                        </option>
+                    @endforeach
+                @endif
+        </select>
+    </div>
+
+    {!! $errors->first('associated_users', '<div class="col-md-8 col-md-offset-3"><span class="alert-msg" aria-hidden="true"><i class="fas fa-times" aria-hidden="true"></i> :message</span></div>') !!}
+
+</div>
+
+
+
 <div class="col-md-12">
+    <div class="col-md-10">
+        <h4>{{ trans('admin/groups/titles.permission')}}</h4>
+    </div>
+    <div class="col-md-1 text-right">
+        <h4>{{ trans('admin/groups/titles.grant')}}</h4>
+    </div>
+    <div class="col-md-1 text-right">
+        <h4>{{ trans('admin/groups/titles.deny')}}</h4>
+    </div>
+</div>
 
-    <table class="table table-striped permissions">
-        <thead>
-        <tr class="permissions-row">
-            <th class="col-md-5">{{ trans('admin/groups/titles.permission')}}</th>
-            <th class="col-md-1">{{ trans('admin/groups/titles.grant')}}</th>
-            <th class="col-md-1">{{ trans('admin/groups/titles.deny')}}</th>
-        </tr>
-        </thead>
-        @foreach ($permissions as $area => $area_permission)
-            <!-- handle superadmin and reports, and anything else with only one option -->
-            <?php $localPermission = $area_permission[0]; ?>
-            @if (count($area_permission) == 1)
-            <tbody class="permissions-group">
-                <tr class="header-row permissions-row">
-                    <td class="col-md-5 tooltip-base permissions-item"
-                        data-tooltip="true"
-                        data-placement="right"
-                        title="{{ $localPermission['note'] }}">
-                            @unless (empty($localPermission['label']))
-                                <h2>{{ $area . ': ' . $localPermission['label'] }}</h2>
-                            @else
-                                <h2>{{ $area }}</h2>
-                            @endunless
-                    </td>
-                    <td class="col-md-1 permissions-item">
-                        <label for="{{ 'permission['.$localPermission['permission'].']' }}" style="form-control"><span class="sr-only">{{ trans('admin/groups/titles.allow')}} {{ 'permission['.$localPermission['permission'].']' }}</span></label>
-                        <input
-                            value="1"
-                            aria-label="permission[{{ $localPermission['permission'] }}]"
-                            @checked(array_key_exists($localPermission['permission'], $groupPermissions) && $groupPermissions[$localPermission['permission']] == '1')
-                            name="permission[{{ $localPermission['permission'] }}]"
-                            type="radio"
-                        >
-                    </td>
-                    <td class="col-md-1 permissions-item">
-                        <label for="{{ 'permission['.$localPermission['permission'].']' }}"><span class="sr-only">{{ trans('admin/groups/titles.deny')}} {{ 'permission['.$localPermission['permission'].']' }}</span></label>
-                        <input
-                            value="0"
-                            aria-label="permission[{{ $localPermission['permission'] }}]"
-                            @checked(array_key_exists($localPermission['permission'], $groupPermissions) && $groupPermissions[$localPermission['permission']] == '0')
-                            name="permission[{{ $localPermission['permission'] }}]"
-                            type="radio"
-                        >
-                    </td>
-                </tr>
-            </tbody>
-            @else
-            <tbody class="permission-group">
-                <tr class="header-row permissions-row">
-                    <td class="col-md-5 tooltip-base permissions-item header-name"
-                        data-tooltip="true"
-                        data-placement="right"
-                        title="{{ $localPermission['note'] }}">
-                        <h2>{{ $area }}</h2>
+<div class="col-md-12">
+    @foreach ($permissions as $area => $area_permission)
+        <!-- handle superadmin and reports, and anything else with only one option -->
+        <?php $localPermission = $area_permission[0]; ?>
+        <div class="form-group{{ ($localPermission['permission']!='superuser') ? ' nonsuperuser' : '' }}{{ ( ($localPermission['permission']!='superuser') && ($localPermission['permission']!='admin')) ? ' nonadmin' : '' }}">
+            <div class="callout callout-legend col-md-12">
+                <div class="col-md-10">
+                    <h4>
+                        {{ $area }}
+                    </h4>
 
+                    @if ($localPermission['note']!='')
+                        <p>{{ $localPermission['note'] }}</p>
+                    @endif
 
-                    </td>
-                    <td class="col-md-1 permissions-item" style="vertical-align: bottom">
-                        <label for="{{ $area }}"><span class="sr-only">{{ trans('admin/groups/titles.allow')}} {{ $area }}</span></label>
+                </div>
+
+                <!-- Handle the checkall ALLOW radios -->
+                <div class="col-md-1 text-right header-row">
+                    <label for="{{ $area }}">
                         <input
-                            value="1"
-                            data-checker-group="{{ str_slug($area) }}"
-                            aria-label="{{ $area }}"
-                            name="{{ $area }}"
-                            type="radio"
+                                class="form-control {{ str_slug($area) }}"
+                                data-checker-group="{{ str_slug($area) }}"
+                                aria-label="{{ $area }}"
+                                name="permission[{{ str_slug($area) }}]"
+                                type="radio"
+                                value="1"
                         >
-                    </td>
-                    <td class="col-md-1 permissions-item">
-                        <label for="{{ $area }}"><span class="sr-only">{{ trans('admin/groups/titles.deny')}} {{ $area }}</span></label>
+
+                            <span class="sr-only">
+                                {{ trans('admin/groups/titles.allow')}}
+                                {{ $area }}
+                            </span>
+                    </label>
+
+                </div>
+
+                <!-- Handle the checkall DENY radios -->
+                <div class="col-md-1 header-row text-right">
+                    <label>
                         <input
-                            value="0"
-                            data-checker-group="{{ str_slug($area) }}"
-                            aria-label="{{ $area }}"
-                            name="{{ $area }}"
-                            type="radio"
+                                class="form-control  {{ str_slug($area) }}"
+                                data-checker-group="{{ str_slug($area) }}"
+                                aria-label="{{ $area }}"
+                                name="permission[{{ str_slug($area) }}]"
+                                type="radio"
+                                value="0"
                         >
-                    </td>
-                </tr>
+                        <span class="sr-only">
+                            {{ trans('admin/groups/titles.deny')}}
+                            {{ $area }}
+                        </span>
+                    </label>
+
+                </div>
+            </div>
+        </div>
+            @if (count($area_permission) > 1)
 
                 @foreach ($area_permission as $index => $this_permission)
                     @if ($this_permission['display'])
-                    <tr class="permissions-row">
-                        <td
-                                class="col-md-5 tooltip-base permissions-item"
-                                data-tooltip="true"
-                                data-placement="right"
-                                title="{{ $this_permission['note'] }}">
-                                {{ $this_permission['label'] }}
-                        </td>
-                        <td class="col-md-1 permissions-item">
-                            <label for="{{ 'permission['.$this_permission['permission'].']' }}"><span class="sr-only">{{ trans('admin/groups/titles.allow')}} {{ 'permission['.$this_permission['permission'].']' }}</span></label>
+
+                    <div class="{{ ($localPermission['permission']!='superuser') ? ' nonsuperuser' : '' }}{{ ( ($localPermission['permission']!='superuser') && ($localPermission['permission']!='admin')) ? ' nonadmin' : '' }}">
+                    <div class="form-group" style="border-bottom: 1px solid #eee; margin-right: 15px;">
+                        <div class="col-md-10">
+                            {{ $this_permission['label'] }}
+                        </div>
+
+                        <div class="col-md-1 text-right">
+                            <label for="{{ 'permission['.$this_permission['permission'].']' }}">
+                                <input
+                                        class="form-control radiochecker-{{ str_slug($area) }}"
+                                        aria-label="permission[{{ $this_permission['permission'] }}]"
+                                        @checked(array_key_exists($this_permission['permission'], $groupPermissions) && $groupPermissions[$this_permission['permission']] == '1')
+                                        name="permission[{{ $this_permission['permission'] }}]"
+                                        type="radio"
+                                        value="1"
+                                >
+
+                                <span class="sr-only">{{ trans('admin/groups/titles.allow')}}
+                                    {{ 'permission['.$this_permission['permission'].']' }}
+                                </span>
+                            </label>
+
+                        </div>
+
+                        <div class="col-md-1 text-right">
+                            <label for="{{ 'permission['.$this_permission['permission'].']' }}">
                             <input
-                                class="radiochecker-{{ str_slug($area) }}"
-                                aria-label="permission[{{ $this_permission['permission'] }}]"
-                                @checked(array_key_exists($this_permission['permission'], $groupPermissions) && $groupPermissions[$this_permission['permission']] == '1')
-                                name="permission[{{ $this_permission['permission'] }}]"
-                                type="radio"
-                                value="1"
-                            >
-                        </td>
-                        <td class="col-md-1 permissions-item">
-                            <label for="{{ 'permission['.$this_permission['permission'].']' }}"><span class="sr-only">{{ trans('admin/groups/titles.deny')}} {{ 'permission['.$this_permission['permission'].']' }}</span></label>
-                            <input
-                                class="radiochecker-{{ str_slug($area) }}"
+                                class="form-control radiochecker-{{ str_slug($area) }}"
                                 aria-label="permission[{{ $this_permission['permission'] }}]"
                                 @checked(array_key_exists($this_permission['permission'], $groupPermissions) && $groupPermissions[$this_permission['permission']] == '0')
                                 name="permission[{{ $this_permission['permission'] }}]"
                                 type="radio"
                                 value="0"
                             >
-                        </td>
-
-                    </tr>
-
-                    @endif
+                            </label>
+                        </div>
+                    </div>
+                    </div>
+                   @endif
                 @endforeach
+           @endif
 
-            @endif
-        </tbody>
-        @endforeach
-    </table>
-
+    @endforeach
 </div>
+
 @stop
 @section('moar_scripts')
 
@@ -209,26 +199,29 @@
 
         $(document).ready(function(){
 
-            $('.tooltip-base').tooltip({container: 'body'});
             $(".superuser").change(function() {
-                var perms = $(this).val();
-                if (perms =='1') {
-                    $("#nonadmin").hide();
-                } else {
-                    $("#nonadmin").show();
+                if ($(this).val() == '1') {
+                    $(".nonsuperuser").fadeOut();
+                } else if ($(this).val() == '0') {
+                    $(".nonsuperuser").fadeIn();
                 }
             });
 
-            // Check/Uncheck all radio buttons in the group
-            $('tr.header-row input:radio').change(function() {
-                value = $(this).attr('value');
-                area = $(this).data('checker-group');
-                $('.radiochecker-'+area+'[value='+value+']').prop('checked', true);
+            $(".admin").change(function() {
+                if ($(this).val() == '1') {
+                    $(".nonadmin").fadeOut();
+                } else if ($(this).val() == '0') {
+                    $(".nonadmin").fadeIn();
+                }
             });
 
 
-            $('.header-name').click(function() {
-                $(this).parent().nextUntil('tr.header-row').slideToggle(500);
+
+            // Check/Uncheck all radio buttons in the group
+            $('.header-row input:radio').change(function() {
+                value = $(this).attr('value');
+                area = $(this).data('checker-group');
+                $('.radiochecker-'+area+'[value='+value+']').prop('checked', true);
             });
 
 
diff --git a/resources/views/partials/bootstrap-table.blade.php b/resources/views/partials/bootstrap-table.blade.php
index 3512438014..2fb8edbb72 100644
--- a/resources/views/partials/bootstrap-table.blade.php
+++ b/resources/views/partials/bootstrap-table.blade.php
@@ -294,6 +294,28 @@
     @endcan
 
 
+    @can('create', \App\Models\Groups::class)
+    // Groups table buttons
+    window.groupButtons = () => ({
+        btnAdd: {
+            text: '{{ trans('general.create') }}',
+            icon: 'fa fa-plus',
+            event () {
+                window.location.href = '{{ route('groups.create') }}';
+            },
+            attributes: {
+                class: 'btn-info',
+                title: '{{ trans('general.create') }}',
+                @if ($snipeSettings->shortcuts_enabled == 1)
+                accesskey: 'n'
+                @endif
+            }
+        },
+
+    }); // End Groups table buttons
+    @endcan
+
+
     // Asset table buttons
     window.assetButtons = () => ({
         @can('create', \App\Models\Asset::class)

{{ trans('admin/groups/titles.permission')}}	{{ trans('admin/groups/titles.grant')}}	{{ trans('admin/groups/titles.deny')}}
- @unless (empty($localPermission['label'])) - {{ $area . ': ' . $localPermission['label'] }} - @else - {{ $area }} - @endunless -	- {{ trans('admin/groups/titles.allow')}} {{ 'permission['.$localPermission['permission'].']' }} - -	- {{ trans('admin/groups/titles.deny')}} {{ 'permission['.$localPermission['permission'].']' }} - -
- {{ $area }} + + @foreach ($permissions as $area => $area_permission) + + + + + + + {{ $area }} + + @if ($localPermission['note']!='') + {{ $localPermission['note'] }} + @endif -	- {{ trans('admin/groups/titles.allow')}} {{ $area }} + + + + + -	- {{ trans('admin/groups/titles.deny')}} {{ $area }} + + + {{ trans('admin/groups/titles.allow')}} + {{ $area }} + + + + + + + + -
- {{ $this_permission['label'] }} -	- {{ trans('admin/groups/titles.allow')}} {{ 'permission['.$this_permission['permission'].']' }} + + + + + {{ $this_permission['label'] }} + + + + + + + {{ trans('admin/groups/titles.allow')}} + {{ 'permission['.$this_permission['permission'].']' }} + + + + + + + -	- {{ trans('admin/groups/titles.deny')}} {{ 'permission['.$this_permission['permission'].']' }} - -