Authorization/script/php/API/get_group.php

<?php
session_start();
include('../permission/connect_sql.php');
$user_id = $_SESSION['UserID'];
$sql = "SELECT [GroupID] FROM [permissions].[dbo].[UserGroup] WHERE [UserID] = ?;";
$stmt = sqlsrv_query($conn, $sql, array($user_id));
$is_admin = false;
while ($row = sqlsrv_fetch_array($stmt, SQLSRV_FETCH_ASSOC)) {
        if ($row["GroupID"] == 'Admin') {
                $is_admin = true;
        }
}
$group = array();
if ($is_admin) {
        $sql = "SELECT [GroupID],[GroupName] FROM [Group] WHERE [GroupID] != 'User' AND [GroupID] != 'Guest'";
        $stmt = sqlsrv_query($conn, $sql);
        while ($row = sqlsrv_fetch_array($stmt, SQLSRV_FETCH_ASSOC)) {
                $temp = array();
                $temp["GroupID"] = $row["GroupID"];
                $temp["GroupName"] = $row["GroupName"];
                array_push($group, $temp);
        }
} else {
        $sql = "SELECT [GroupID],[GroupName] FROM [Group] WHERE [GroupID] != 'Admin' AND [GroupID] != 'User' AND [GroupID] != 'Guest'";
        $stmt = sqlsrv_query($conn, $sql);
        while ($row = sqlsrv_fetch_array($stmt, SQLSRV_FETCH_ASSOC)) {
                $temp = array();
                $temp["GroupID"] = $row["GroupID"];
                $temp["GroupName"] = $row["GroupName"];
                array_push($group, $temp);
        }
}


echo json_encode($group);