Theodor-Springmann-Stiftung/musenalm
1
0
Fork 0
mirror of https://github.com/Theodor-Springmann-Stiftung/musenalm.git synced 2025-10-29 09:15:33 +00:00
Code Issues Packages Projects Releases Wiki Activity

benutzerverwaltung

Browse Source
This commit is contained in:
Simon Martens
2025-05-24 13:56:17 +02:00
parent 74de26f560
commit 4e701d455a
6 changed files with 122 additions and 18 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
pages/user_edit.go
View File

@@ -1,6 +1,8 @@
package pages package pages
import ( import (
"log/slog"
"github.com/Theodor-Springmann-Stiftung/musenalm/app" "github.com/Theodor-Springmann-Stiftung/musenalm/app"
"github.com/Theodor-Springmann-Stiftung/musenalm/dbmodels" "github.com/Theodor-Springmann-Stiftung/musenalm/dbmodels"
"github.com/Theodor-Springmann-Stiftung/musenalm/middleware" "github.com/Theodor-Springmann-Stiftung/musenalm/middleware"
@@ -158,6 +160,7 @@ func (p *UserEditPage) POST(engine *templating.Engine, app core.App) HandleFunc
Password string `form:"password"` Password string `form:"password"`
PasswordRepeat string `form:"password_repeat"` PasswordRepeat string `form:"password_repeat"`
OldPassword string `form:"old_password"` OldPassword string `form:"old_password"`
Logout string `form:"logout"`
}{} }{}
if err := e.BindBody(&formdata); err != nil { if err := e.BindBody(&formdata); err != nil {
@@ -191,6 +194,7 @@ func (p *UserEditPage) POST(engine *templating.Engine, app core.App) HandleFunc
} }
} }
passwordchanged := false
if formdata.Password != "" || formdata.PasswordRepeat != "" || formdata.OldPassword != "" { if formdata.Password != "" || formdata.PasswordRepeat != "" || formdata.OldPassword != "" {
if user.Role != "Admin" && formdata.OldPassword == "" { if user.Role != "Admin" && formdata.OldPassword == "" {
return InvalidDataResponse(engine, e, "Altes Passwort erforderlich", &fu) return InvalidDataResponse(engine, e, "Altes Passwort erforderlich", &fu)
@@ -203,13 +207,16 @@ func (p *UserEditPage) POST(engine *templating.Engine, app core.App) HandleFunc
} }
user_proxy.SetPassword(formdata.Password) user_proxy.SetPassword(formdata.Password)
passwordchanged = true
} }
if err := app.Save(user_proxy); err != nil { if err := app.Save(user_proxy); err != nil {
return InvalidDataResponse(engine, e, err.Error(), &fu) return InvalidDataResponse(engine, e, err.Error(), &fu)
} }
if rolechanged { slog.Info("UserEditPage: User edited", "user_id", user_proxy.Id, "role_changed", rolechanged, "password_changed", passwordchanged, "formdata", formdata)
if rolechanged || (passwordchanged && formdata.Logout == "on") {
slog.Error("UserEditPage: Deleting sessions for user", "user_id", user_proxy.Id, "role_changed", rolechanged, "password_changed", passwordchanged)
if err := DeleteSessionsForUser(app, user_proxy.Id); err != nil { if err := DeleteSessionsForUser(app, user_proxy.Id); err != nil {
return InvalidDataResponse(engine, e, "Fehler beim Löschen der Sitzungen: "+err.Error(), &fu) return InvalidDataResponse(engine, e, "Fehler beim Löschen der Sitzungen: "+err.Error(), &fu)
} }
@@ -220,6 +227,8 @@ func (p *UserEditPage) POST(engine *templating.Engine, app core.App) HandleFunc
} }
} }
go middleware.SESSION_CACHE.DeleteSessionByUserID(user_proxy.Id)
fu = user_proxy.Fixed() fu = user_proxy.Fixed()
data["user"] = &fu data["user"] = &fu
if user_proxy.Id == user.Id { if user_proxy.Id == user.Id {

31
pages/user_management.go
View File

@@ -17,6 +17,11 @@ const (
TEMPLATE_USER_MANAGEMENT = "/user/management/" TEMPLATE_USER_MANAGEMENT = "/user/management/"
) )
type SessionCount struct {
Count int `json:"count" db:"count"`
UserId string `json:"user" db:"user"`
}
func init() { func init() {
ump := &UserManagementPage{ ump := &UserManagementPage{
StaticPage: pagemodels.StaticPage{ StaticPage: pagemodels.StaticPage{
@@ -41,6 +46,21 @@ func (p *UserManagementPage) Setup(router *router.Router[*core.RequestEvent], ap
return nil return nil
} }
func GetSessionsCounts(app core.App) ([]*SessionCount, error) {
query := app.RecordQuery(dbmodels.SESSIONS_TABLE).
Select("COUNT(*) AS count", dbmodels.SESSIONS_USER_FIELD).
GroupBy(dbmodels.SESSIONS_USER_FIELD).
OrderBy("count DESC")
var counts []*SessionCount
err := query.All(&counts)
if err != nil {
return nil, fmt.Errorf("failed to get session counts: %w", err)
}
return counts, nil
}
func (p *UserManagementPage) GET(engine *templating.Engine, app core.App) HandleFunc { func (p *UserManagementPage) GET(engine *templating.Engine, app core.App) HandleFunc {
return func(e *core.RequestEvent) error { return func(e *core.RequestEvent) error {
records := []*core.Record{} records := []*core.Record{}
@@ -54,9 +74,20 @@ func (p *UserManagementPage) GET(engine *templating.Engine, app core.App) Handle
users = append(users, dbmodels.NewUser(record)) users = append(users, dbmodels.NewUser(record))
} }
sessionCounts, err := GetSessionsCounts(app)
if err != nil {
return engine.Response500(e, err, nil)
}
scmap := make(map[string]int)
for _, sc := range sessionCounts {
scmap[sc.UserId] = sc.Count
}
data := make(map[string]any) data := make(map[string]any)
data["users"] = users data["users"] = users
data["len"] = len(users) data["len"] = len(users)
data["session_counts"] = scmap
nonce, token, err := CSRF_CACHE.GenerateTokenBundle() nonce, token, err := CSRF_CACHE.GenerateTokenBundle()
if err != nil { if err != nil {

2
views/assets/style.css
View File

File diff suppressed because one or more lines are too long

14
views/routes/user/edit/body.gohtml
View File

@@ -176,6 +176,13 @@
placeholder="" placeholder=""
required /> required />
</div> </div>
<div class="col-span-3 flex justify-end" x-bind:style="!openpw ? 'display:none' : ''">
<input type="checkbox" name="logout" id="logout" class="mr-2"
x-bind:style="!openpw ? 'display:none' : ''" />
<label for="logout" class="text-sm text-gray-700 font-bold">
</i><i class="ri-logout-box-line"></i> überall ausloggen
</label>
</div>
<div class="col-span-1 col-start-2"> <div class="col-span-1 col-start-2">
<a <a
href="/user/{{ $model.user.Id }}/edit?redirectTo={{ $model.redirect_url }}" href="/user/{{ $model.user.Id }}/edit?redirectTo={{ $model.redirect_url }}"
@@ -206,13 +213,6 @@
Speichern Speichern
</button> </button>
</div> </div>
<!--
<div class="col-span-3">
<a href="/forgot-password" class="text-sm text-slate-600 hover:text-slate-900">
Passwort vergessen?
</a>
</div>
-->
</form> </form>
<div class="col-span-1 mt-12 justify-self-end self-end items-end flex flex-row justify-end"> <div class="col-span-1 mt-12 justify-self-end self-end items-end flex flex-row justify-end">

54
views/routes/user/management/body.gohtml
View File

@@ -20,7 +20,7 @@
</div> </div>
</div> </div>
<div class="flex container-normal mx-auto px-8 mt-4"> <div class="flex container-normal mx-auto px-8 mt-4">
<div class="flex-col max-w-2xl w-full"> <div class="flex-col w-full">
{{ if $model.success }} {{ if $model.success }}
<div <div
class="text-green-800 text-sm mt-2 rounded bg-green-200 p-2 font-bold border-green-700 class="text-green-800 text-sm mt-2 rounded bg-green-200 p-2 font-bold border-green-700
@@ -35,28 +35,64 @@
{{ $model.error }} {{ $model.error }}
</div> </div>
{{ end }} {{ end }}
<table> <table class="user-mgmt w-full text-lg">
<thead> <thead>
<tr> <tr>
<th>Name</th> <th>Name</th>
<th>E-Mail</th> <th>E-Mail</th>
<th>Rolle</th> <th>Rolle</th>
<th></th> <th>Aktive Logins</th>
<th></th> <th></th>
</tr> </tr>
</thead> </thead>
<tbody> <tbody>
{{ range $u := $model.users }} {{ range $u := $model.users }}
<tr> <tr class="{{ if $u.Deactivated }}deactivated{{ end }}">
<td>{{ $u.Name }}</td> <td>{{ $u.Name }}</td>
<td>{{ $u.Email }}</td> <td>{{ $u.Email }}</td>
<td>{{ $u.Role }}</td> <td>{{ $u.Role }}</td>
<td>{{ index $model.session_counts $u.Id }}</td>
<td> <td>
<a <form class="flex flex-row gap-x-4 justify-end">
href="/user/{{ $u.Id }}/edit?redirectTo={{ $model.request.fullpath }}" <input
class="text-blue-500 hover:text-blue-700"> type="hidden"
<i class="ri-edit-line"></i> Bearbeiten name="csrf_nonce"
</a> id="csrf_nonce"
required
value="{{ $model.csrf_nonce }}" />
<input
type="hidden"
name="csrf_token"
id="csrf_token"
required
value="{{ $model.csrf_token }}" />
<button
formmethod="GET"
formaction="/user/{{ $u.Id }}/edit?redirectTo={{ $model.request.fullpath }}">
<i class="ri-pencil-line"></i>
</button>
<button
formmethod="POST"
formaction="/user/{{ $u.Id }}/logout"
class="text-orange-800 bg-orange-200 hover:bg-orange-300">
<i class="ri-logout-box-r-line"></i>
</button>
{{- if $u.Deactivated }}
<button
formmethod="GET"
formaction="/user/{{ $u.Id }}/activate"
class="text-blue-800 bg-blue-200 hover:bg-blue-300">
<i class="ri-check-line"></i>
</button>
{{- else -}}
<button
formmethod="GET"
formaction="/user/{{ $u.Id }}/deactivate"
class="text-red-800 bg-red-200 hover:bg-red-300">
<i class="ri-prohibited-2-line"></i>
</button>
{{- end -}}
</form>
</td> </td>
</tr> </tr>
{{ end }} {{ end }}

28
views/transform/site.css
View File

@@ -532,6 +532,34 @@
@apply border-red-600; @apply border-red-600;
} }
.user-mgmt thead th {
@apply text-left font-bold border-b-2 border-slate-800 py-2 px-3;
}
.user-mgmt tbody tr td {
@apply px-3 py-1.5;
}
.user-mgmt tbody tr:nth-child(odd) td {
@apply bg-slate-100;
}
.user-mgmt tbody tr:nth-child(even) td {
@apply bg-slate-50;
}
.user-mgmt tbody tr td:last-of-type {
@apply align-middle text-right pr-4;
}
.user-mgmt tbody tr.deactivated td:not(:last-of-type) {
@apply text-gray-400 line-through;
}
.user-mgmt form button {
@apply bg-slate-700 text-gray-200 text-base rounded-xs font-sans transition-all duration-75 px-3 py-1.5 hover:bg-slate-800 hover:text-white cursor-pointer;
}
@keyframes spin { @keyframes spin {
0% { 0% {
transform: rotate(0deg); transform: rotate(0deg);