From a333e81802296eb231adfc9282676f200b7e0d82 Mon Sep 17 00:00:00 2001 From: ChesnoTech <263363000+ChesnoTech@users.noreply.github.com> Date: Thu, 26 Mar 2026 11:03:34 +0300 Subject: [PATCH] Fix: set custom_role_id when creating admin on fresh install On fresh installs, create_admin.php created the admin user with custom_role_id = NULL. The ACL system uses custom_role_id to look up the role in acl_roles, so NULL meant zero permissions even for super_admin. Now queries acl_roles for the super_admin role ID and sets it during user creation. Found during full visual test of all 24 admin pages on a fresh Docker stack with clean database. Co-Authored-By: Claude Opus 4.6 (1M context) --- FINAL_PRODUCTION_SYSTEM/database/create_admin.php | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/FINAL_PRODUCTION_SYSTEM/database/create_admin.php b/FINAL_PRODUCTION_SYSTEM/database/create_admin.php index 2b6fbe7..455f123 100644 --- a/FINAL_PRODUCTION_SYSTEM/database/create_admin.php +++ b/FINAL_PRODUCTION_SYSTEM/database/create_admin.php @@ -1,6 +1,9 @@ 10]); -$stmt = $pdo->prepare("INSERT INTO admin_users (username, password_hash, full_name, email, role) VALUES (?, ?, ?, ?, ?) ON DUPLICATE KEY UPDATE password_hash = VALUES(password_hash), failed_login_attempts = 0, locked_until = NULL"); -$stmt->execute(["admin", $hash, "Administrator", "admin@localhost", "super_admin"]); +// Get super_admin role ID from acl_roles +$roleId = $pdo->query("SELECT id FROM acl_roles WHERE role_name = 'super_admin' LIMIT 1")->fetchColumn() ?: null; + +$stmt = $pdo->prepare("INSERT INTO admin_users (username, password_hash, full_name, email, role, custom_role_id) VALUES (?, ?, ?, ?, ?, ?) ON DUPLICATE KEY UPDATE password_hash = VALUES(password_hash), custom_role_id = VALUES(custom_role_id), failed_login_attempts = 0, locked_until = NULL"); +$stmt->execute(["admin", $hash, "Administrator", "admin@localhost", "super_admin", $roleId]); echo "Admin user created/reset\n";