<?php
require_once '../includes/constants.php';
require_once '../includes/session.php';
require_once '../includes/functions.php';

if (!isset($_SESSION['admin_id'])) {
    die("Access denied");
}

$adminId = $_SESSION['admin_id'];
$adminRole = $_SESSION['admin_role'] ?? 'viewer';
$adminName = $_SESSION['admin_username'] ?? 'Admin';

// Define all modules using permission keys
$modules = [
    // 🔐 Admin System
    'dashboard' => 'admin_dashboard.php',
    'logs' => 'admin_logs.php',
    'alerts' => 'admin_alerts.php',
    'modules' => 'admin_module_tracker.php',
    'geo_reports' => 'admin_geo_reports.php',
    'manage_admins' => 'admin_manage_users.php',

    // 🧑‍💻 Affiliate Layer
    'affiliate_dashboard' => 'admin_affiliate_dashboard.php',
    'affiliate_profiles' => 'admin_affiliate_profile.php',
    'affiliate_performance' => 'admin_affiliate_performance.php',
    'affiliate_payments' => 'admin_affiliate_payments.php',
    'affiliate_offers' => 'admin_affiliate_offers.php',
    'affiliate_tests' => 'admin_affiliate_tests.php',
    'affiliate_flags' => 'admin_affiliate_flags.php',
    'affiliate_notes' => 'admin_affiliate_notes.php',
    'affiliate_tags' => 'admin_affiliate_tags.php',
    'affiliate_exports' => 'admin_affiliate_exports.php',
    'affiliate_anomalies' => 'admin_affiliate_anomalies.php',

    // 📦 Offer Layer
    'offer_dashboard' => 'admin_offer_dashboard.php',
    'offer_terms' => 'admin_offer_terms.php',
    'offer_files' => 'admin_offer_files.php',
    'offer_tracking' => 'admin_offer_tracking.php',
    'offer_postbacks' => 'admin_offer_postbacks.php',
    'offer_performance' => 'admin_offer_performance.php',
    'offer_contracts' => 'admin_offer_contracts.php',
    'offer_exports' => 'admin_offer_exports.php',
    'offer_insights' => 'admin_offer_insights.php',
    'offer_history' => 'admin_offer_history.php',

    // 🔁 Tracking Layer
    'conversion_lookup' => 'admin_conversion_lookup.php',
    'payout_summary' => 'admin_payout_summary.php',

    // 🏢 Advertiser Layer
    'advertiser_manager' => 'admin_advertisers.php',
    'advertiser_contracts' => 'admin_advertiser_contracts.php',
    'advertiser_reports' => 'admin_advertiser_reports.php',
    'advertiser_notes' => 'admin_advertiser_notes.php',

    // 🔍 Tracking & Delivery
    'postback_logs' => 'admin_postback_logs.php',
    'redirect_tester' => 'admin_redirect_tester.php',

    // 🧾 Audit & Compliance
    'offer_audit' => 'admin_offer_audit.php',
    'offer_applications' => 'admin_offer_applications.php',

    // 📊 System Health
    'postback_failures' => 'admin_postback_failures.php',
    'stealth_analytics' => 'admin_stealth_analytics.php'
];

// Fetch allowed modules from admin_permissions
$stmt = $pdo->prepare("SELECT module_name FROM admin_permissions WHERE admin_id = ? AND can_view = 1");
$stmt->execute([$adminId]);
$visibleModules = array_column($stmt->fetchAll(PDO::FETCH_ASSOC), 'module_name');
?>
<!DOCTYPE html>
<html>
<head>
    <title><?php echo SITE_TITLE . ' | Admin Portal'; ?></title>
    <link rel="stylesheet" href="css/admin.css">
</head>
<body>
<div class="container">
<h1>🧭 Admin Portal</h1>
<p>Welcome, <strong><?php echo htmlspecialchars($adminName); ?></strong> (<?php echo htmlspecialchars($adminRole); ?>)</p>
<ul>
<?php
foreach ($modules as $key => $link) {
    if ($adminRole === 'superadmin' || in_array($key, $visibleModules)) {
        echo "<li><a href='" . htmlspecialchars($link) . "'>" . ucwords(str_replace('_', ' ', $key)) . "</a></li>";
    }
}
?>
</ul>

<?php if ($adminRole === 'superadmin'): ?>
<hr><h3>🔔 System Alerts</h3>
<ul>
    <li>Pending affiliate payouts</li>
    <li>Unreviewed offer restrictions</li>
    <li>New test links added this week</li>
    <li>Flagged affiliates awaiting review</li>
    <li>Failed postbacks in last 24h</li>
</ul>
<?php endif; ?>
</div>
</body>
</html>