contenedor_ibiza/public/admin/usuarios.php

<?php
if (!defined('BASE_PATH')) {
    define('BASE_PATH', dirname(__DIR__, 2));
}
require_once BASE_PATH . '/config/config.php';
require_once BASE_PATH . '/src/Auth.php';
require_once BASE_PATH . '/src/User.php';

$auth = new Auth();
$auth->requireAdmin();

$userModel = new User();
$message = '';
$messageType = '';

if ($_SERVER['REQUEST_METHOD'] === 'POST') {
    $action = $_POST['action'] ?? '';

    if ($action === 'create') {
        $nombre = trim($_POST['nombre'] ?? '');
        $email = trim($_POST['email'] ?? '');
        $username = trim($_POST['username'] ?? '');
        $password = $_POST['password'] ?? '';
        $rol = $_POST['rol'] ?? 'ayudante';

        if (empty($nombre) || empty($email) || empty($password)) {
            $message = 'Todos los campos son obligatorios';
            $messageType = 'danger';
        } elseif ($userModel->getByEmail($email)) {
            $message = 'El email ya está registrado';
            $messageType = 'danger';
        } elseif ($username && $userModel->usernameExists($username)) {
            $message = 'El username ya está en uso';
            $messageType = 'danger';
        } else {
            $userModel->create(compact('nombre', 'email', 'username', 'password', 'rol'));
            $message = 'Usuario creado exitosamente';
            $messageType = 'success';
        }
    } elseif ($action === 'update') {
        $id = $_POST['id'] ?? 0;
        $nombre = trim($_POST['nombre'] ?? '');
        $email = trim($_POST['email'] ?? '');
        $username = trim($_POST['username'] ?? '');
        $password = $_POST['password'] ?? '';
        $rol = $_POST['rol'] ?? 'ayudante';

        if (empty($nombre) || empty($email)) {
            $message = 'Nombre y email son obligatorios';
            $messageType = 'danger';
        } elseif ($userModel->usernameExists($username, $id)) {
            $message = 'El username ya está en uso';
            $messageType = 'danger';
        } else {
            $userModel->update($id, compact('nombre', 'email', 'username', 'password', 'rol'));
            $message = 'Usuario actualizado exitosamente';
            $messageType = 'success';
        }
    } elseif ($action === 'toggle') {
        $id = $_POST['id'] ?? 0;
        $user = $userModel->getById($id);
        if ($user) {
            if ($user['activo']) {
                $userModel->deactivate($id);
            } else {
                $userModel->activate($id);
            }
            $message = 'Estado actualizado';
            $messageType = 'success';
        }
    }
}

$users = $userModel->getAll(true);
$currentPage = 'usuarios';
$pageTitle = 'Gestión de Usuarios';
?>
<!DOCTYPE html>
<html lang="es">
<head>
    <meta charset="UTF-8">
    <meta name="viewport" content="width=device-width, initial-scale=1.0">
    <title>Usuarios - Contenedor Ibiza</title>
    <link href="https://cdn.jsdelivr.net/npm/bootstrap@5.3.0/dist/css/bootstrap.min.css" rel="stylesheet">
</head>
<body>
    <?php include BASE_PATH . '/public/partials/navbar.php'; ?>
    
    <div class="container mt-4">
        <div class="d-flex justify-content-between align-items-center mb-4">
            <h2>Gestión de Usuarios</h2>
            <button class="btn btn-primary" data-bs-toggle="modal" data-bs-target="#userModal" onclick="resetForm()">
                + Nuevo Usuario
            </button>
        </div>

        <?php if ($message): ?>
            <div class="alert alert-<?= $messageType ?>"><?= htmlspecialchars($message) ?></div>
        <?php endif; ?>

        <div class="card shadow-sm">
            <div class="card-body">
                <div class="table-responsive">
                    <table class="table table-hover mb-0">
                        <thead>
                            <tr>
                                <th>Username</th>
                                <th>Nombre</th>
                                <th>Email</th>
                                <th>Rol</th>
                                <th>Estado</th>
                                <th>Acciones</th>
                            </tr>
                        </thead>
                        <tbody>
                            <?php foreach ($users as $u): ?>
                                <tr>
                                    <td><?= htmlspecialchars($u['username'] ?? '-') ?></td>
                                    <td><?= htmlspecialchars($u['nombre']) ?></td>
                                    <td><?= htmlspecialchars($u['email']) ?></td>
                                    <td>
                                        <span class="badge bg-<?= $u['rol'] === 'admin' ? 'danger' : 'primary' ?>">
                                            <?= ucfirst($u['rol']) ?>
                                        </span>
                                    </td>
                                    <td>
                                        <span class="badge bg-<?= $u['activo'] ? 'success' : 'secondary' ?>">
                                            <?= $u['activo'] ? 'Activo' : 'Inactivo' ?>
                                        </span>
                                    </td>
                                    <td>
                                        <button class="btn btn-sm btn-outline-primary" data-bs-toggle="modal" data-bs-target="#userModal"
                                                onclick="editUser(<?= $u['id'] ?>, '<?= htmlspecialchars($u['nombre']) ?>', '<?= htmlspecialchars($u['email']) ?>', '<?= htmlspecialchars($u['username'] ?? '') ?>', '<?= $u['rol'] ?>')">
                                            Editar
                                        </button>
                                        <?php if ($u['id'] != $_SESSION['user_id']): ?>
                                            <form method="POST" class="d-inline">
                                                <input type="hidden" name="action" value="toggle">
                                                <input type="hidden" name="id" value="<?= $u['id'] ?>">
                                                <button type="submit" class="btn btn-sm btn-<?= $u['activo'] ? 'outline-warning' : 'outline-success' ?>">
                                                    <?= $u['activo'] ? 'Desactivar' : 'Activar' ?>
                                                </button>
                                            </form>
                                        <?php endif; ?>
                                    </td>
                                </tr>
                            <?php endforeach; ?>
                        </tbody>
                    </table>
                </div>
            </div>
        </div>
    </div>

    <div class="modal fade" id="userModal" tabindex="-1">
        <div class="modal-dialog">
            <div class="modal-content">
                <div class="modal-header">
                    <h5 class="modal-title" id="modalTitle">Nuevo Usuario</h5>
                    <button type="button" class="btn-close" data-bs-dismiss="modal"></button>
                </div>
                <form method="POST" id="userForm">
                    <input type="hidden" name="action" value="create" id="formAction">
                    <input type="hidden" name="id" value="" id="userId">
                    <div class="modal-body">
                        <div class="mb-3">
                            <label for="nombre" class="form-label">Nombre Completo</label>
                            <input type="text" class="form-control" id="nombre" name="nombre" required>
                        </div>
                        <div class="mb-3">
                            <label for="username" class="form-label">Username</label>
                            <input type="text" class="form-control" id="username" name="username" placeholder="Opcional">
                            <small class="text-muted">Para iniciar sesión con nombre de usuario</small>
                        </div>
                        <div class="mb-3">
                            <label for="email" class="form-label">Email</label>
                            <input type="email" class="form-control" id="email" name="email" required>
                        </div>
                        <div class="mb-3">
                            <label for="password" class="form-label">Contraseña</label>
                            <input type="password" class="form-control" id="password" name="password">
                            <small class="text-muted">Dejar en blanco para mantener la actual</small>
                        </div>
                        <div class="mb-3">
                            <label for="rol" class="form-label">Rol</label>
                            <select class="form-select" id="rol" name="rol">
                                <option value="ayudante">Ayudante</option>
                                <option value="admin">Administrador</option>
                            </select>
                        </div>
                    </div>
                    <div class="modal-footer">
                        <button type="button" class="btn btn-secondary" data-bs-dismiss="modal">Cancelar</button>
                        <button type="submit" class="btn btn-primary">Guardar</button>
                    </div>
                </form>
            </div>
        </div>
    </div>

    <script src="https://cdn.jsdelivr.net/npm/bootstrap@5.3.0/dist/js/bootstrap.bundle.min.js"></script>
    <script>
        function resetForm() {
            document.getElementById('modalTitle').textContent = 'Nuevo Usuario';
            document.getElementById('formAction').value = 'create';
            document.getElementById('userId').value = '';
            document.getElementById('userForm').reset();
            document.getElementById('password').required = true;
        }

        function editUser(id, nombre, email, username, rol) {
            document.getElementById('modalTitle').textContent = 'Editar Usuario';
            document.getElementById('formAction').value = 'update';
            document.getElementById('userId').value = id;
            document.getElementById('nombre').value = nombre;
            document.getElementById('email').value = email;
            document.getElementById('username').value = username;
            document.getElementById('rol').value = rol;
            document.getElementById('password').required = false;
        }
    </script>
</body>
</html>