Add a User Roles system where roles define reusable permission templates.
When a user has a role assigned, the role provides fallback permissions
(user's direct permissions take precedence; role is used when user has 'None').
Database changes:
- Add User_Roles table with same permission fields as Users
- Add Role_Groups_Permissions table for per-role group overrides
- Add Role_Monitors_Permissions table for per-role monitor overrides
- Add RoleId foreign key to Users table
Permission resolution order:
1. User's direct Monitor/Group permissions (if not 'Inherit')
2. Role's Monitor/Group permissions (if user has role)
3. Role's base permission (if user's is 'None')
4. User's base permission (fallback)
Includes:
- PHP models: User_Role, Role_Group_Permission, Role_Monitor_Permission
- Role management UI in Options > Roles tab
- Role selector in user edit form
- REST API endpoints for roles CRUD
- Translation strings for en_gb
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Using zmNinja, the API reports E_NOTICE errors
Notice (8): compact(): Undefined variable: subject [CORE/Cake/Utility/ObjectCollection.php, line 128]
Notice (8): compact() [<a href='http://php.net/function.compact'>function.compact</a>]: Undefined variable: subject [CORE/Cake/Utility/ObjectCollection.php, line 128]
Notice (8): compact() [<a href='http://php.net/function.compact'>function.compact</a>]: Undefined variable: subject [CORE/Cake/Utility/ObjectCollection.php, line 128]
Notice (8): compact() [<a href='http://php.net/function.compact'>function.compact</a>]: Undefined variable: subject [CORE/Cake/Utility/ObjectCollection.php, line 128]
and zmNinja will not work...
there is a better way, but i think disabling E_NOTICE error is way easier
see: https://github.com/ZoneMinder/zoneminder/pull/2269
* Fix install location for config files when building to alternate directory.
With the previous code, we ended up with a directory structure like the following:
$ find /etc/zm/conf.d/
/etc/zm/conf.d/
/etc/zm/conf.d/01-system-paths.conf
/etc/zm/conf.d/conf.d
/etc/zm/conf.d/conf.d/README
/etc/zm/conf.d/conf.d/02-multiserver.conf
* Omitted README file that should have appeared in /etc/zm/conf.d
* Fix location for configs when building to alternate directory.
* Fix works, but this should go on a branch instead.
* Fix works, but this should go on a branch instead.
* Fix location for configs when building to alternate directory.
With the previous code, we ended up with a directory structure like the following:
$ find /etc/zm/conf.d/
/etc/zm/conf.d/
/etc/zm/conf.d/01-system-paths.conf
/etc/zm/conf.d/conf.d
/etc/zm/conf.d/conf.d/README
/etc/zm/conf.d/conf.d/02-multiserver.conf
* Remove double quotes. This is a list of paths.
* Allow SSL database connection to be secured with SSL.
* Fix incorrect variable name
* Fix PHP syntax errors
* SSL connection parameters must also be passed in API.
* Revert fixes to build files; they should not be in this branch.
