# User Management Features ## Overview The Admin Users page (`/admin/users`) now includes KPI filters, separate tabs for Staff and Registered Users, and role-based permission controls. ## Features Implemented ### 1. KPI Filter Values Displays registration statistics for **registered users only** (excludes staff): - **Today**: Users registered today - **This Week**: Users registered this week - **This Month**: Users registered this month - **This Year**: Users registered this year **Note**: KPI values only count customer registrations, not admin/staff accounts. ### 2. Separate Tabs #### Registered Users Tab - Shows all customer users (users without admin/staff roles) - Requires `view users` permission - Displays user count badge #### Staff Team Tab - Shows all staff and admin users - Requires `view staff` permission - Only visible to users with `view staff` permission - Displays staff count badge ### 3. Role-Based Permissions #### Permissions Created - `view users` - Permission to view registered users (customers) - `view staff` - Permission to view staff team members #### Permission Assignment **Admin Role:** - Has both `view users` and `view staff` permissions - Can see all tabs and KPI values **Staff Role:** - Has `view users` permission only - Can see Registered Users tab - Cannot see Staff Team tab - Can see KPI values **Customer Role:** - No admin permissions - Cannot access admin panel ## Access Control ### Tab Visibility - **Registered Users Tab**: Visible if user has `view users` permission - **Staff Team Tab**: Visible if user has `view staff` permission - **No Access**: Shown if user has neither permission ### Data Access - Controller enforces permissions using `$this->authorize()` - Returns 403 error if user lacks required permission - Tabs are hidden in view if user lacks permission ## Usage ### Viewing Registered Users 1. Navigate to `/admin/users` (default tab) 2. Or click "Registered Users" tab 3. View KPI cards showing registration statistics 4. Browse paginated list of customer users ### Viewing Staff Team 1. Navigate to `/admin/users?tab=staff` 2. Or click "Staff Team" tab (if visible) 3. View all admin and staff members 4. Manage roles and permissions ## Managing Permissions ### Assign Permission to User ```bash php artisan tinker ``` ```php $user = User::find(USER_ID); $user->givePermissionTo('view staff'); $user->givePermissionTo('view users'); ``` ### Remove Permission ```php $user->revokePermissionTo('view staff'); ``` ### Check User Permissions ```php $user->can('view users'); // true/false $user->can('view staff'); // true/false ``` ## KPI Calculation The KPI values are calculated as: ```php // Today User::whereDate('created_at', today()) ->whereDoesntHave('roles', function ($query) { $query->whereIn('name', ['admin', 'staff']); }) ->count(); ``` This ensures: - Only customer registrations are counted - Staff/admin accounts are excluded - Accurate registration statistics ## Security - Permissions are checked at controller level - Tabs are conditionally rendered based on permissions - Unauthorized access returns 403 error - Permission cache is automatically cleared on updates ## Troubleshooting ### Tab Not Showing 1. Check if user has required permission: ```bash php artisan tinker ``` ```php $user = User::find(USER_ID); $user->hasPermissionTo('view staff'); ``` 2. If missing, assign permission: ```php $user->givePermissionTo('view staff'); ``` 3. Clear permission cache: ```bash php artisan permission:cache-reset ``` ### KPI Values Showing Zero - Check if there are registered users (excluding staff) - Verify date filters are correct - Check database for user records ### Permission Not Working 1. Re-seed permissions: ```bash php artisan db:seed --class=RolesAndPermissionsSeeder ``` 2. Clear caches: ```bash php artisan permission:cache-reset php artisan optimize:clear ```