feat: dist/ pridan do repa pro server deploy

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

dist/api/admin/roles.php

@@ -0,0 +1,67 @@
+<?php
+
+/**
+ * BOHA Automation - Roles API
+ *
+ * GET    /api/admin/roles.php         - List all roles with permissions
+ * POST   /api/admin/roles.php         - Create new role
+ * PUT    /api/admin/roles.php?id=X    - Update role
+ * DELETE /api/admin/roles.php?id=X    - Delete role
+ */
+
+declare(strict_types=1);
+
+require_once dirname(__DIR__) . '/config.php';
+require_once dirname(__DIR__) . '/includes/JWTAuth.php';
+require_once dirname(__DIR__) . '/includes/AuditLog.php';
+require_once __DIR__ . '/handlers/roles-handlers.php';
+
+// Set headers
+setCorsHeaders();
+setSecurityHeaders();
+setNoCacheHeaders();
+header('Content-Type: application/json; charset=utf-8');
+
+// Require authentication
+$authData = JWTAuth::requireAuth();
+AuditLog::setUser($authData['user_id'], $authData['user']['username'] ?? 'unknown');
+
+// Require settings.roles permission
+requirePermission($authData, 'settings.roles');
+
+$method = $_SERVER['REQUEST_METHOD'];
+$roleId = isset($_GET['id']) ? (int) $_GET['id'] : null;
+
+try {
+    $pdo = db();
+
+    switch ($method) {
+        case 'GET':
+            handleGetRole($pdo);
+            break;
+
+        case 'POST':
+            handleCreateRole($pdo);
+            break;
+
+        case 'PUT':
+            if (!$roleId) {
+                errorResponse('ID role je povinné');
+            }
+            handleUpdateRole($pdo, $roleId);
+            break;
+
+        case 'DELETE':
+            if (!$roleId) {
+                errorResponse('ID role je povinné');
+            }
+            handleDeleteRole($pdo, $roleId);
+            break;
+
+        default:
+            errorResponse('Metoda není povolena', 405);
+    }
+} catch (PDOException $e) {
+    error_log('Roles API error: ' . $e->getMessage());
+    errorResponse('Chyba databáze', 500);
+}