Sindbad~EG File Manager

<?php
/**
 * Module Access Check
 * Include this file at the top of module pages to enforce access control
 * 
 * Usage:
 * $requiredAccess = 'area'; // or 'assembly', 'district', 'superuser'
 * require_once __DIR__ . '/../../includes/module_access_check.php';
 */

if (!defined('APP_NAME')) {
    require_once __DIR__ . '/../config/config.php';
}

// Check if user is logged in
checkLogin();

// Check if required access level is set
if (!isset($requiredAccess)) {
    // Try to get from module_management table based on current URL
    $currentUrl = $_SERVER['PHP_SELF'];
    $db = Database::getInstance()->getConnection();
    
    try {
        $stmt = $db->prepare("SELECT required_role FROM module_management WHERE module_url LIKE :url");
        $stmt->execute(['url' => '%' . basename(dirname($currentUrl)) . '/' . basename($currentUrl)]);
        $module = $stmt->fetch();
        
        if ($module) {
            $requiredAccess = $module['required_role'];
        }
    } catch (Exception $e) {
        // If can't determine, default to highest level
        $requiredAccess = 'superuser';
    }
}

// Check access
if (!canAccess($requiredAccess)) {
    $_SESSION['error'] = 'Access Denied: You do not have permission to access this module. Required access level: ' . ucfirst($requiredAccess);
    redirect('dashboard.php');
}