nickpons666/sistema_para_juego
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Primer commit del sistema separado falta mejorar mucho

Browse Source
This commit is contained in:
nickpons666
2025-12-30 01:18:46 -06:00
commit 1679c73e52
2384 changed files with 472342 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

87
admin/api/users/create.php Executable file
View File

@@ -0,0 +1,87 @@
<?php
/**
* API para crear un nuevo usuario
*/
header('Content-Type: application/json');
require_once __DIR__ . '/../../../shared/utils/helpers.php';
require_once __DIR__ . '/../../../shared/auth/jwt.php';
require_once __DIR__ . '/../../../shared/database/connection.php';
// Verificar autenticación
$userData = JWTAuth::requireAuth();
// Verificar que sea Admin
if ($userData->rol !== 'Admin') {
http_response_code(403);
echo json_encode(['success' => false, 'error' => 'Acceso denegado. Se requieren permisos de Administrador.']);
exit;
}
if ($_SERVER['REQUEST_METHOD'] !== 'POST') {
http_response_code(405);
echo json_encode(['success' => false, 'error' => 'Método no permitido']);
exit;
}
$data = json_decode(file_get_contents('php://input'), true);
if (empty($data['username']) || empty($data['password']) || empty($data['rol_id'])) {
http_response_code(400);
echo json_encode(['success' => false, 'error' => 'Faltan datos obligatorios']);
exit;
}
try {
$db = getDB();
// Verificar si el usuario ya existe
$stmt = $db->prepare("SELECT id FROM usuarios WHERE username = ?");
$stmt->execute([$data['username']]);
if ($stmt->fetch()) {
http_response_code(400);
echo json_encode(['success' => false, 'error' => 'El nombre de usuario ya existe']);
exit;
}
$db->beginTransaction();
// Crear usuario
$stmt = $db->prepare("
INSERT INTO usuarios (username, password, email, rol_id, fecha_creacion)
VALUES (?, ?, ?, ?, NOW())
");
// Hash password (MD5 como se usa actualmente en el sistema, aunque se recomienda bcrypt/argon2)
// Nota: El sistema actual usa MD5 según login.php: if (md5($password) === $user['password'])
$passwordHash = md5($data['password']);
$stmt->execute([
$data['username'],
$passwordHash,
$data['email'] ?? null,
$data['rol_id']
]);
$userId = $db->lastInsertId();
// Asignar permisos si se enviaron
if (!empty($data['permisos']) && is_array($data['permisos'])) {
$stmtPerm = $db->prepare("INSERT INTO usuarios_permisos (usuario_id, permiso_id) VALUES (?, ?)");
foreach ($data['permisos'] as $permisoId) {
$stmtPerm->execute([$userId, $permisoId]);
}
}
$db->commit();
echo json_encode(['success' => true, 'message' => 'Usuario creado correctamente']);
} catch (Exception $e) {
if ($db->inTransaction()) {
$db->rollBack();
}
http_response_code(500);
echo json_encode(['success' => false, 'error' => 'Error al crear usuario: ' . $e->getMessage()]);
}

74
admin/api/users/delete.php Executable file
View File

@@ -0,0 +1,74 @@
<?php
/**
* API para eliminar un usuario
*/
header('Content-Type: application/json');
require_once __DIR__ . '/../../../shared/utils/helpers.php';
require_once __DIR__ . '/../../../shared/auth/jwt.php';
require_once __DIR__ . '/../../../shared/database/connection.php';
// Verificar autenticación
$userData = JWTAuth::requireAuth();
// Verificar que sea Admin
if ($userData->rol !== 'Admin') {
http_response_code(403);
echo json_encode(['success' => false, 'error' => 'Acceso denegado. Se requieren permisos de Administrador.']);
exit;
}
if ($_SERVER['REQUEST_METHOD'] !== 'POST') {
http_response_code(405);
echo json_encode(['success' => false, 'error' => 'Método no permitido']);
exit;
}
$data = json_decode(file_get_contents('php://input'), true);
if (empty($data['id'])) {
http_response_code(400);
echo json_encode(['success' => false, 'error' => 'ID de usuario requerido']);
exit;
}
$userId = (int)$data['id'];
// Evitar eliminarse a sí mismo
if ($userId == $userData->userId) {
http_response_code(400);
echo json_encode(['success' => false, 'error' => 'No puedes eliminar tu propia cuenta']);
exit;
}
try {
$db = getDB();
$db->beginTransaction();
// Eliminar permisos primero (FK constraint)
$db->prepare("DELETE FROM usuarios_permisos WHERE usuario_id = ?")->execute([$userId]);
// Eliminar usuario
$stmt = $db->prepare("DELETE FROM usuarios WHERE id = ?");
$stmt->execute([$userId]);
if ($stmt->rowCount() === 0) {
$db->rollBack();
http_response_code(404);
echo json_encode(['success' => false, 'error' => 'Usuario no encontrado']);
exit;
}
$db->commit();
echo json_encode(['success' => true, 'message' => 'Usuario eliminado correctamente']);
} catch (Exception $e) {
if ($db->inTransaction()) {
$db->rollBack();
}
http_response_code(500);
echo json_encode(['success' => false, 'error' => 'Error al eliminar usuario: ' . $e->getMessage()]);
}

72
admin/api/users/get.php Executable file
View File

@@ -0,0 +1,72 @@
<?php
/**
* API para obtener detalles de un usuario
*/
header('Content-Type: application/json');
require_once __DIR__ . '/../../../shared/utils/helpers.php';
require_once __DIR__ . '/../../../shared/auth/jwt.php';
require_once __DIR__ . '/../../../shared/database/connection.php';
// Verificar autenticación
$userData = JWTAuth::requireAuth();
// Verificar que sea Admin
if ($userData->rol !== 'Admin') {
http_response_code(403);
echo json_encode(['success' => false, 'error' => 'Acceso denegado. Se requieren permisos de Administrador.']);
exit;
}
if (!isset($_GET['id'])) {
http_response_code(400);
echo json_encode(['success' => false, 'error' => 'ID de usuario requerido']);
exit;
}
$userId = (int)$_GET['id'];
try {
$db = getDB();
// Obtener datos del usuario
$stmt = $db->prepare("
SELECT id, username, email, rol_id, fecha_creacion, ultimo_acceso
FROM usuarios
WHERE id = ?
");
$stmt->execute([$userId]);
$user = $stmt->fetch(PDO::FETCH_ASSOC);
if (!$user) {
http_response_code(404);
echo json_encode(['success' => false, 'error' => 'Usuario no encontrado']);
exit;
}
// Obtener permisos asignados al usuario
$stmtPerm = $db->prepare("SELECT permiso_id FROM usuarios_permisos WHERE usuario_id = ?");
$stmtPerm->execute([$userId]);
$userPermisos = $stmtPerm->fetchAll(PDO::FETCH_COLUMN);
// Obtener todos los permisos disponibles
$stmtAllPerms = $db->query("SELECT * FROM permisos ORDER BY modulo, nombre");
$allPermisos = $stmtAllPerms->fetchAll(PDO::FETCH_ASSOC);
// Obtener roles
$stmtRoles = $db->query("SELECT * FROM roles ORDER BY nombre ASC");
$roles = $stmtRoles->fetchAll(PDO::FETCH_ASSOC);
echo json_encode([
'success' => true,
'user' => $user,
'user_permisos' => $userPermisos,
'all_permisos' => $allPermisos,
'roles' => $roles
]);
} catch (Exception $e) {
http_response_code(500);
echo json_encode(['success' => false, 'error' => 'Error al obtener usuario: ' . $e->getMessage()]);
}

48
admin/api/users/list.php Executable file
View File

@@ -0,0 +1,48 @@
<?php
/**
* API para listar usuarios del sistema
*/
header('Content-Type: application/json');
require_once __DIR__ . '/../../../shared/utils/helpers.php';
require_once __DIR__ . '/../../../shared/auth/jwt.php';
require_once __DIR__ . '/../../../shared/database/connection.php';
// Verificar autenticación
$userData = JWTAuth::requireAuth();
// Verificar que sea Admin
if ($userData->rol !== 'Admin') {
http_response_code(403);
echo json_encode(['success' => false, 'error' => 'Acceso denegado. Se requieren permisos de Administrador.']);
exit;
}
try {
$db = getDB();
// Obtener usuarios con su rol
$stmt = $db->query("
SELECT u.id, u.username, u.email, u.rol_id, r.nombre as rol_nombre, u.fecha_creacion, u.ultimo_acceso
FROM usuarios u
LEFT JOIN roles r ON u.rol_id = r.id
ORDER BY u.username ASC
");
$users = $stmt->fetchAll(PDO::FETCH_ASSOC);
// Obtener roles disponibles para el formulario
$stmtRoles = $db->query("SELECT * FROM roles ORDER BY nombre ASC");
$roles = $stmtRoles->fetchAll(PDO::FETCH_ASSOC);
echo json_encode([
'success' => true,
'users' => $users,
'roles' => $roles
]);
} catch (Exception $e) {
http_response_code(500);
echo json_encode(['success' => false, 'error' => 'Error al obtener usuarios: ' . $e->getMessage()]);
}

42
admin/api/users/metadata.php Executable file
View File

@@ -0,0 +1,42 @@
<?php
/**
* API para obtener metadatos (roles y permisos) para formularios
*/
header('Content-Type: application/json');
require_once __DIR__ . '/../../../shared/utils/helpers.php';
require_once __DIR__ . '/../../../shared/auth/jwt.php';
require_once __DIR__ . '/../../../shared/database/connection.php';
// Verificar autenticación
$userData = JWTAuth::requireAuth();
// Verificar que sea Admin
if ($userData->rol !== 'Admin') {
http_response_code(403);
echo json_encode(['success' => false, 'error' => 'Acceso denegado.']);
exit;
}
try {
$db = getDB();
// Obtener todos los permisos disponibles
$stmtAllPerms = $db->query("SELECT * FROM permisos ORDER BY modulo, nombre");
$allPermisos = $stmtAllPerms->fetchAll(PDO::FETCH_ASSOC);
// Obtener roles
$stmtRoles = $db->query("SELECT * FROM roles ORDER BY nombre ASC");
$roles = $stmtRoles->fetchAll(PDO::FETCH_ASSOC);
echo json_encode([
'success' => true,
'all_permisos' => $allPermisos,
'roles' => $roles
]);
} catch (Exception $e) {
http_response_code(500);
echo json_encode(['success' => false, 'error' => 'Error al obtener metadatos: ' . $e->getMessage()]);
}

107
admin/api/users/update.php Executable file
View File

@@ -0,0 +1,107 @@
<?php
/**
* API para actualizar un usuario
*/
header('Content-Type: application/json');
require_once __DIR__ . '/../../../shared/utils/helpers.php';
require_once __DIR__ . '/../../../shared/auth/jwt.php';
require_once __DIR__ . '/../../../shared/database/connection.php';
// Verificar autenticación
$userData = JWTAuth::requireAuth();
// Verificar que sea Admin
if ($userData->rol !== 'Admin') {
http_response_code(403);
echo json_encode(['success' => false, 'error' => 'Acceso denegado. Se requieren permisos de Administrador.']);
exit;
}
if ($_SERVER['REQUEST_METHOD'] !== 'POST') {
http_response_code(405);
echo json_encode(['success' => false, 'error' => 'Método no permitido']);
exit;
}
$data = json_decode(file_get_contents('php://input'), true);
if (empty($data['id']) || empty($data['username']) || empty($data['rol_id'])) {
http_response_code(400);
echo json_encode(['success' => false, 'error' => 'Faltan datos obligatorios']);
exit;
}
$userId = (int)$data['id'];
// Evitar que se modifique a sí mismo el rol (para no quedarse sin acceso admin)
// Aunque el sistema debería permitir cambiar otros datos
if ($userId == $userData->userId && $data['rol_id'] != 1) { // Asumiendo rol_id 1 es Admin
// Verificar si el rol actual es Admin
// Mejor lógica: obtener el nombre del rol nuevo
// Por simplicidad: advertencia si intenta quitarse admin
}
try {
$db = getDB();
// Verificar si el usuario existe
$stmt = $db->prepare("SELECT id FROM usuarios WHERE id = ?");
$stmt->execute([$userId]);
if (!$stmt->fetch()) {
http_response_code(404);
echo json_encode(['success' => false, 'error' => 'Usuario no encontrado']);
exit;
}
// Verificar nombre de usuario duplicado (excluyendo el actual)
$stmt = $db->prepare("SELECT id FROM usuarios WHERE username = ? AND id != ?");
$stmt->execute([$data['username'], $userId]);
if ($stmt->fetch()) {
http_response_code(400);
echo json_encode(['success' => false, 'error' => 'El nombre de usuario ya existe']);
exit;
}
$db->beginTransaction();
// Actualizar datos básicos
$sql = "UPDATE usuarios SET username = ?, email = ?, rol_id = ?";
$params = [$data['username'], $data['email'] ?? null, $data['rol_id']];
// Actualizar contraseña solo si se envía
if (!empty($data['password'])) {
$sql .= ", password = ?";
$params[] = md5($data['password']);
}
$sql .= " WHERE id = ?";
$params[] = $userId;
$stmt = $db->prepare($sql);
$stmt->execute($params);
// Actualizar permisos
// Primero eliminar los existentes
$db->prepare("DELETE FROM usuarios_permisos WHERE usuario_id = ?")->execute([$userId]);
// Insertar los nuevos
if (!empty($data['permisos']) && is_array($data['permisos'])) {
$stmtPerm = $db->prepare("INSERT INTO usuarios_permisos (usuario_id, permiso_id) VALUES (?, ?)");
foreach ($data['permisos'] as $permisoId) {
$stmtPerm->execute([$userId, $permisoId]);
}
}
$db->commit();
echo json_encode(['success' => true, 'message' => 'Usuario actualizado correctamente']);
} catch (Exception $e) {
if ($db->inTransaction()) {
$db->rollBack();
}
http_response_code(500);
echo json_encode(['success' => false, 'error' => 'Error al actualizar usuario: ' . $e->getMessage()]);
}

78
admin/users/form.php Executable file
View File

@@ -0,0 +1,78 @@
<div class="form-header">
<h2 id="formTitle">Nuevo Usuario</h2>
</div>
<form id="userForm">
<input type="hidden" id="userId" name="id">
<div class="form-group">
<label for="username">Nombre de Usuario *</label>
<input type="text" id="username" name="username" required class="form-control">
</div>
<div class="form-group">
<label for="email">Email</label>
<input type="email" id="email" name="email" class="form-control">
</div>
<div class="form-group">
<label for="password">Contraseña <span id="passReq">*</span></label>
<input type="password" id="password" name="password" class="form-control">
<small id="passHelp" style="color: #666; display: none;">Dejar en blanco para mantener la actual</small>
</div>
<div class="form-group">
<label for="rol_id">Rol *</label>
<select id="rol_id" name="rol_id" required class="form-control" onchange="updatePermissionsView()">
<!-- Populated by JS -->
</select>
</div>
<div class="form-group">
<label>Permisos</label>
<div id="permissionsList" class="permissions-grid">
<!-- Populated by JS -->
</div>
</div>
<div class="form-actions">
<button type="submit" class="btn btn-primary">Guardar</button>
<button type="button" onclick="closeModal()" class="btn btn-secondary">Cancelar</button>
</div>
</form>
<style>
.form-group { margin-bottom: 15px; }
.form-group label { display: block; margin-bottom: 5px; font-weight: 600; }
.form-control {
width: 100%;
padding: 8px 12px;
border: 1px solid #ddd;
border-radius: 5px;
font-size: 14px;
}
.permissions-grid {
display: grid;
grid-template-columns: repeat(auto-fill, minmax(200px, 1fr));
gap: 10px;
max-height: 200px;
overflow-y: auto;
border: 1px solid #eee;
padding: 10px;
border-radius: 5px;
}
.perm-item {
display: flex;
align-items: center;
gap: 8px;
font-size: 13px;
}
.form-actions {
margin-top: 20px;
display: flex;
justify-content: flex-end;
gap: 10px;
}
</style>

479
admin/users/list.php Executable file
View File

@@ -0,0 +1,479 @@
<?php
session_start();
require_once __DIR__ . '/../../shared/utils/helpers.php';
require_once __DIR__ . '/../../shared/auth/jwt.php';
$userData = JWTAuth::authenticate();
if (!$userData) {
header('Location: /login.php?redirect=' . urlencode($_SERVER['REQUEST_URI']));
exit;
}
if ($userData->rol !== 'Admin') {
die('Acceso denegado. Se requieren permisos de Administrador.');
}
?>
<!DOCTYPE html>
<html lang="<?php echo $userData->idioma ?? 'es'; ?>">
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>Gestión de Usuarios - Admin</title>
<link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.0/css/all.min.css">
<style>
:root {
--primary-color: #2c3e50;
--secondary-color: #34495e;
--accent-color: #3498db;
--success-color: #27ae60;
--danger-color: #c0392b;
--light-bg: #ecf0f1;
}
* { margin: 0; padding: 0; box-sizing: border-box; }
body {
font-family: -apple-system, BlinkMacSystemFont, 'Segoe UI', Roboto, sans-serif;
background: var(--light-bg);
min-height: 100vh;
padding: 20px;
}
.header {
background: white;
border-radius: 15px;
padding: 20px 30px;
margin-bottom: 30px;
display: flex;
justify-content: space-between;
align-items: center;
box-shadow: 0 5px 20px rgba(0, 0, 0, 0.1);
}
.header h1 { color: var(--primary-color); font-size: 24px; }
.container { max-width: 1200px; margin: 0 auto; }
.card {
background: white;
border-radius: 15px;
padding: 20px;
box-shadow: 0 5px 15px rgba(0, 0, 0, 0.1);
}
table {
width: 100%;
border-collapse: collapse;
margin-top: 20px;
}
th, td {
padding: 15px;
text-align: left;
border-bottom: 1px solid #eee;
}
th {
background-color: #f8f9fa;
color: var(--secondary-color);
font-weight: 600;
}
tr:hover { background-color: #f8f9fa; }
.btn {
padding: 8px 16px;
border-radius: 8px;
text-decoration: none;
transition: all 0.2s;
border: none;
cursor: pointer;
font-size: 14px;
font-weight: 600;
display: inline-flex;
align-items: center;
gap: 8px;
}
.btn-primary { background: var(--accent-color); color: white; }
.btn-primary:hover { background: #2980b9; }
.btn-secondary { background: #95a5a6; color: white; }
.btn-secondary:hover { background: #7f8c8d; }
.btn-danger { background: var(--danger-color); color: white; }
.btn-danger:hover { background: #a93226; }
.badge {
padding: 4px 8px;
border-radius: 12px;
font-size: 12px;
font-weight: 600;
}
.badge-admin { background: #e74c3c; color: white; }
.badge-editor { background: #3498db; color: white; }
.badge-user { background: #95a5a6; color: white; }
.actions { display: flex; gap: 10px; }
/* Modal */
.modal {
display: none;
position: fixed;
z-index: 1000;
left: 0;
top: 0;
width: 100%;
height: 100%;
background-color: rgba(0,0,0,0.5);
}
.modal-content {
background-color: white;
margin: 5% auto;
padding: 30px;
border-radius: 15px;
width: 90%;
max-width: 600px;
position: relative;
max-height: 90vh;
overflow-y: auto;
}
.close {
position: absolute;
right: 20px;
top: 20px;
font-size: 24px;
cursor: pointer;
color: #999;
}
</style>
</head>
<body>
<div class="header">
<h1><i class="fas fa-users-cog"></i> Gestión de Usuarios</h1>
<div style="display: flex; gap: 10px;">
<a href="/index.php" class="btn btn-secondary">
<i class="fas fa-home"></i> Inicio
</a>
<button onclick="openCreateModal()" class="btn btn-primary">
<i class="fas fa-plus"></i> Nuevo Usuario
</button>
</div>
</div>
<div class="container">
<div class="card">
<div id="loading" style="text-align: center; padding: 20px;">
<i class="fas fa-spinner fa-spin fa-2x"></i> Cargando usuarios...
</div>
<table id="usersTable" style="display: none;">
<thead>
<tr>
<th>Usuario</th>
<th>Email</th>
<th>Rol</th>
<th>Último Acceso</th>
<th>Acciones</th>
</tr>
</thead>
<tbody id="usersList">
<!-- JS will populate this -->
</tbody>
</table>
</div>
</div>
<!-- Modal Container -->
<div id="userModal" class="modal">
<div class="modal-content">
<span class="close" onclick="closeModal()">&times;</span>
<div id="modalBody">
<!-- Form will be loaded here -->
</div>
</div>
</div>
<script>
document.addEventListener('DOMContentLoaded', loadUsers);
async function loadUsers() {
try {
const response = await fetch('/admin/api/users/list.php');
const data = await response.json();
if (data.success) {
const tbody = document.getElementById('usersList');
tbody.innerHTML = '';
data.users.forEach(user => {
const rolClass = user.rol_nombre === 'Admin' ? 'badge-admin' :
(user.rol_nombre === 'Editor' ? 'badge-editor' : 'badge-user');
const tr = document.createElement('tr');
tr.innerHTML = `
<td>
<div style="font-weight: 600;">${user.username}</div>
<div style="font-size: 12px; color: #999;">Creado: ${new Date(user.fecha_creacion).toLocaleDateString()}</div>
</td>
<td>${user.email || '-'}</td>
<td><span class="badge ${rolClass}">${user.rol_nombre}</span></td>
<td>${user.ultimo_acceso ? new Date(user.ultimo_acceso).toLocaleString() : 'Nunca'}</td>
<td class="actions">
<button onclick="editUser(${user.id})" class="btn btn-secondary" style="padding: 6px 12px; font-size: 13px;">
<i class="fas fa-edit"></i>
</button>
${user.id != <?php echo $userData->userId; ?> ? `
<button onclick="deleteUser(${user.id}, '${user.username}')" class="btn btn-danger" style="padding: 6px 12px; font-size: 13px;">
<i class="fas fa-trash"></i>
</button>
` : ''}
</td>
`;
tbody.appendChild(tr);
});
document.getElementById('loading').style.display = 'none';
document.getElementById('usersTable').style.display = 'table';
} else {
alert('Error cargando usuarios: ' + data.error);
}
} catch (error) {
console.error('Error:', error);
alert('Error de conexión');
}
}
async function openCreateModal() {
const modal = document.getElementById('userModal');
const modalBody = document.getElementById('modalBody');
modalBody.innerHTML = '<div style="text-align: center;"><i class="fas fa-spinner fa-spin"></i> Cargando formulario...</div>';
modal.style.display = 'block';
try {
const response = await fetch('form.php');
const html = await response.text();
modalBody.innerHTML = html;
// Inicializar formulario para creación
initForm();
} catch (error) {
modalBody.innerHTML = '<p style="color: red;">Error cargando formulario</p>';
}
}
async function editUser(userId) {
const modal = document.getElementById('userModal');
const modalBody = document.getElementById('modalBody');
modalBody.innerHTML = '<div style="text-align: center;"><i class="fas fa-spinner fa-spin"></i> Cargando datos...</div>';
modal.style.display = 'block';
try {
// Cargar formulario base
const formResponse = await fetch('form.php');
const formHtml = await formResponse.text();
modalBody.innerHTML = formHtml;
// Cargar datos del usuario
const dataResponse = await fetch(`/admin/api/users/get.php?id=${userId}`);
const data = await dataResponse.json();
if (data.success) {
initForm(data);
} else {
alert('Error cargando datos: ' + data.error);
closeModal();
}
} catch (error) {
console.error(error);
modalBody.innerHTML = '<p style="color: red;">Error cargando datos</p>';
}
}
async function deleteUser(userId, username) {
if (!confirm(`¿Estás seguro de eliminar al usuario "${username}"? Esta acción no se puede deshacer.`)) {
return;
}
try {
const response = await fetch('/admin/api/users/delete.php', {
method: 'POST',
headers: { 'Content-Type': 'application/json' },
body: JSON.stringify({ id: userId })
});
const result = await response.json();
if (result.success) {
alert('Usuario eliminado correctamente');
loadUsers();
} else {
alert('Error: ' + result.error);
}
} catch (error) {
alert('Error de conexión');
}
}
function closeModal() {
document.getElementById('userModal').style.display = 'none';
}
window.onclick = function(event) {
const modal = document.getElementById('userModal');
if (event.target == modal) {
closeModal();
}
}
// Form Logic
async function initForm(userData = null) {
let roles = [];
let allPermisos = [];
if (userData) {
// Modo Edición
document.getElementById('formTitle').textContent = 'Editar Usuario';
document.getElementById('userId').value = userData.user.id;
document.getElementById('username').value = userData.user.username;
document.getElementById('email').value = userData.user.email || '';
document.getElementById('passReq').style.display = 'none';
document.getElementById('password').required = false;
document.getElementById('passHelp').style.display = 'block';
roles = userData.roles;
allPermisos = userData.all_permisos;
renderRoles(roles, userData.user.rol_id);
renderPermissions(allPermisos, userData.user_permisos);
} else {
// Modo Creación
try {
const response = await fetch('/admin/api/users/metadata.php');
const data = await response.json();
roles = data.roles;
allPermisos = data.all_permisos;
document.getElementById('password').required = true;
renderRoles(roles);
renderPermissions(allPermisos);
} catch (e) {
console.error(e);
alert('Error cargando metadatos del formulario');
}
}
// Handle Submit
const form = document.getElementById('userForm');
form.onsubmit = async function(e) {
e.preventDefault();
const formData = new FormData(this);
const data = Object.fromEntries(formData.entries());
// Collect checked permissions
const checkedPerms = [];
document.querySelectorAll('input[name="permisos[]"]:checked').forEach(cb => {
checkedPerms.push(cb.value);
});
data.permisos = checkedPerms;
const url = data.id ? '/admin/api/users/update.php' : '/admin/api/users/create.php';
try {
const response = await fetch(url, {
method: 'POST',
headers: { 'Content-Type': 'application/json' },
body: JSON.stringify(data)
});
const result = await response.json();
if (result.success) {
alert(result.message);
closeModal();
loadUsers();
} else {
alert('Error: ' + result.error);
}
} catch (error) {
alert('Error de conexión');
}
};
}
function renderRoles(roles, selectedId = null) {
const select = document.getElementById('rol_id');
select.innerHTML = '<option value="">Seleccionar Rol</option>';
roles.forEach(rol => {
const option = document.createElement('option');
option.value = rol.id;
option.textContent = rol.nombre;
if (selectedId && rol.id == selectedId) option.selected = true;
select.appendChild(option);
});
}
function renderPermissions(allPermisos, userPerms = []) {
const container = document.getElementById('permissionsList');
container.innerHTML = '';
// Agrupar por módulo
const grouped = {};
allPermisos.forEach(p => {
if (!grouped[p.modulo]) grouped[p.modulo] = [];
grouped[p.modulo].push(p);
});
for (const [modulo, perms] of Object.entries(grouped)) {
const groupTitle = document.createElement('div');
groupTitle.style.gridColumn = '1 / -1';
groupTitle.style.fontWeight = 'bold';
groupTitle.style.marginTop = '10px';
groupTitle.style.textTransform = 'capitalize';
groupTitle.textContent = modulo;
container.appendChild(groupTitle);
perms.forEach(p => {
const div = document.createElement('div');
div.className = 'perm-item';
const checkbox = document.createElement('input');
checkbox.type = 'checkbox';
checkbox.name = 'permisos[]';
checkbox.value = p.id;
checkbox.id = 'perm_' + p.id;
if (userPerms.includes(p.id) || userPerms.includes(String(p.id))) {
checkbox.checked = true;
}
const label = document.createElement('label');
label.htmlFor = 'perm_' + p.id;
label.textContent = p.nombre;
label.title = p.descripcion || '';
div.appendChild(checkbox);
div.appendChild(label);
container.appendChild(div);
});
}
}
function updatePermissionsView() {
// Opcional: Auto-seleccionar permisos según rol
}
</script>
</body>
</html>

8
admin/users/php_errors.log Executable file
View File

@@ -0,0 +1,8 @@
[30-Nov-2025 21:41:53 UTC] PHP Warning: Undefined variable $userData in /var/www/html/bot/admin/users/form.php on line 115
[30-Nov-2025 21:41:53 UTC] PHP Warning: Attempt to read property "userId" on null in /var/www/html/bot/admin/users/form.php on line 115
[30-Nov-2025 21:41:55 UTC] PHP Warning: Undefined variable $userData in /var/www/html/bot/admin/users/form.php on line 115
[30-Nov-2025 21:41:55 UTC] PHP Warning: Attempt to read property "userId" on null in /var/www/html/bot/admin/users/form.php on line 115
[30-Nov-2025 21:42:00 UTC] PHP Warning: Undefined variable $userData in /var/www/html/bot/admin/users/form.php on line 115
[30-Nov-2025 21:42:00 UTC] PHP Warning: Attempt to read property "userId" on null in /var/www/html/bot/admin/users/form.php on line 115
[30-Nov-2025 21:42:28 UTC] PHP Warning: Undefined variable $userData in /var/www/html/bot/admin/users/form.php on line 115
[30-Nov-2025 21:42:28 UTC] PHP Warning: Attempt to read property "userId" on null in /var/www/html/bot/admin/users/form.php on line 115