From 1767337d99a71b9ace623c8a3754991d2785e564 Mon Sep 17 00:00:00 2001
From: twotalesanimation <80506065+twotalesanimation@users.noreply.github.com>
Date: Thu, 4 Dec 2025 17:06:34 +0200
Subject: [PATCH] Update: Allow superadmin role to manage trips alongside admin

---
 src/pages/bookings/trip-details.php      | 2 +-
 src/processors/delete_trip.php           | 2 +-
 src/processors/process_trip.php          | 2 +-
 src/processors/toggle_trip_published.php | 2 +-
 4 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/src/pages/bookings/trip-details.php b/src/pages/bookings/trip-details.php
index 1a66cf91..d231816a 100644
--- a/src/pages/bookings/trip-details.php
+++ b/src/pages/bookings/trip-details.php
@@ -263,7 +263,7 @@ include_once(dirname(dirname(dirname(__DIR__))) . '/header.php');
                 <!-- Admin Publish/Unpublish Button -->
                 <?php 
                 $user_role = $_SESSION['role'] ?? 'user';
-                if ($user_role === 'admin'):
+                if (in_array($user_role, ['admin', 'superadmin'])):
                     // Fetch current published status
                     $status_stmt = $conn->prepare("SELECT published FROM trips WHERE trip_id = ?");
                     $status_stmt->bind_param("i", $trip_id);
diff --git a/src/processors/delete_trip.php b/src/processors/delete_trip.php
index c7a304e8..c1aa3805 100644
--- a/src/processors/delete_trip.php
+++ b/src/processors/delete_trip.php
@@ -8,7 +8,7 @@ require_once($rootPath . '/src/config/connection.php');
 
 // Check admin status
 session_start();
-if (empty($_SESSION['user_id']) || $_SESSION['role'] !== 'admin') {
+if (empty($_SESSION['user_id']) || !in_array($_SESSION['role'] ?? '', ['admin', 'superadmin'])) {
     ob_end_clean();
     echo json_encode(['status' => 'error', 'message' => 'Unauthorized access']);
     exit;
diff --git a/src/processors/process_trip.php b/src/processors/process_trip.php
index c68d3fa5..d9720a9e 100644
--- a/src/processors/process_trip.php
+++ b/src/processors/process_trip.php
@@ -8,7 +8,7 @@ require_once($rootPath . '/src/config/connection.php');
 
 // Check admin status
 session_start();
-if (empty($_SESSION['user_id']) || $_SESSION['role'] !== 'admin') {
+if (empty($_SESSION['user_id']) || !in_array($_SESSION['role'] ?? '', ['admin', 'superadmin'])) {
     ob_end_clean();
     echo json_encode(['status' => 'error', 'message' => 'Unauthorized access']);
     exit;
diff --git a/src/processors/toggle_trip_published.php b/src/processors/toggle_trip_published.php
index cac4b8c8..38cb809a 100644
--- a/src/processors/toggle_trip_published.php
+++ b/src/processors/toggle_trip_published.php
@@ -8,7 +8,7 @@ require_once($rootPath . '/src/config/connection.php');
 
 // Check admin status
 session_start();
-if (empty($_SESSION['user_id']) || $_SESSION['role'] !== 'admin') {
+if (empty($_SESSION['user_id']) || !in_array($_SESSION['role'] ?? '', ['admin', 'superadmin'])) {
     ob_end_clean();
     echo json_encode(['status' => 'error', 'message' => 'Unauthorized access']);
     exit;