fixed permission

public/userarea/include/headscript.php

@@ -62,5 +62,5 @@ $photousername = basename($avatar);
 require_once(__DIR__ . '/../../languages/en/general.php');
 
 //include("generalsettings.php");
-
+require_once __DIR__ . '/permissions_helper.php';
 ?>

public/userarea/include/permissions_helper.php

@@ -0,0 +1,62 @@
+<?php
+
+if (!function_exists('userCan')) {
+    /**
+     * Check if current user has a Vanguard permission.
+     * Uses Vanguard native method if available, otherwise falls back to DB check.
+     */
+    function userCan($permissionName)
+    {
+        global $kindofrole;
+
+        $user = Auth::user();
+
+        if (!$user) {
+            return false;
+        }
+
+        // Vanguard / Laravel-style methods, depending on installed version/customization.
+        if (method_exists($user, 'hasPermission')) {
+            return $user->hasPermission($permissionName);
+        }
+
+        if (method_exists($user, 'hasPermissionTo')) {
+            return $user->hasPermissionTo($permissionName);
+        }
+
+        if (method_exists($user, 'can')) {
+            return $user->can($permissionName);
+        }
+
+        // Fallback: direct DB check using existing Vanguard tables.
+        static $permissions = null;
+
+        if ($permissions === null) {
+            $pdo = DBHandlerSelect::getInstance()->getConnection();
+
+            $stmt = $pdo->prepare("
+                SELECT p.name
+                FROM auth_permissions p
+                INNER JOIN auth_permission_role pr ON pr.permission_id = p.id
+                WHERE pr.role_id = ?
+            ");
+            $stmt->execute([(int)$kindofrole]);
+
+            $permissions = $stmt->fetchAll(PDO::FETCH_COLUMN);
+        }
+
+        return in_array($permissionName, $permissions, true);
+    }
+}
+
+if (!function_exists('visibleButtons')) {
+    /**
+     * Filter visible buttons.
+     */
+    function visibleButtons(array $buttons)
+    {
+        return array_values(array_filter($buttons, function ($button) {
+            return empty($button['permission']) || userCan($button['permission']);
+        }));
+    }
+}

public/userarea/production_dashboard.php

@@ -1,59 +1,5 @@
 <?php include('include/headscript.php'); ?>
 <?php
-/**
- * Check if current user has a Vanguard permission.
- * Uses Vanguard native method if available, otherwise falls back to DB check.
- */
-function userCan($permissionName)
-{
-    global $kindofrole;
-
-    $user = Auth::user();
-
-    // Vanguard / Laravel-style methods, depending on installed version/customization.
-    if (method_exists($user, 'hasPermission')) {
-        return $user->hasPermission($permissionName);
-    }
-
-    if (method_exists($user, 'hasPermissionTo')) {
-        return $user->hasPermissionTo($permissionName);
-    }
-
-    if (method_exists($user, 'can')) {
-        return $user->can($permissionName);
-    }
-
-    // Fallback: direct DB check using existing Vanguard tables.
-    static $permissions = null;
-
-    if ($permissions === null) {
-        $pdo = DBHandlerSelect::getInstance()->getConnection();
-
-        $stmt = $pdo->prepare("
-            SELECT p.name
-            FROM auth_permissions p
-            INNER JOIN auth_permission_role pr ON pr.permission_id = p.id
-            WHERE pr.role_id = ?
-        ");
-        $stmt->execute([(int)$kindofrole]);
-
-        $permissions = $stmt->fetchAll(PDO::FETCH_COLUMN);
-    }
-
-    return in_array($permissionName, $permissions, true);
-}
-
-/**
- * Filter visible buttons.
- */
-function visibleButtons(array $buttons)
-{
-    return array_values(array_filter($buttons, function ($button) {
-        return empty($button['permission']) || userCan($button['permission']);
-    }));
-}
-?>
-<?php
 $dashboardSections = [
     [
         'id' => 'secOperativo',