benutzerverwaltung

2025-10-29 09:15:33 +00:00 · 2025-05-24 13:56:17 +02:00
parent 74de26f560
commit 4e701d455a
6 changed files with 122 additions and 18 deletions
--- a/pages/user_edit.go
+++ b/pages/user_edit.go
@@ -1,6 +1,8 @@
 package pages

 import (
+	"log/slog"
+
 	"github.com/Theodor-Springmann-Stiftung/musenalm/app"
 	"github.com/Theodor-Springmann-Stiftung/musenalm/dbmodels"
 	"github.com/Theodor-Springmann-Stiftung/musenalm/middleware"
@@ -158,6 +160,7 @@ func (p *UserEditPage) POST(engine *templating.Engine, app core.App) HandleFunc
 			Password       string `form:"password"`
 			PasswordRepeat string `form:"password_repeat"`
 			OldPassword    string `form:"old_password"`
+			Logout         string `form:"logout"`
 		}{}

 		if err := e.BindBody(&formdata); err != nil {
@@ -191,6 +194,7 @@ func (p *UserEditPage) POST(engine *templating.Engine, app core.App) HandleFunc
 			}
 		}

+		passwordchanged := false
 		if formdata.Password != "" || formdata.PasswordRepeat != "" || formdata.OldPassword != "" {
 			if user.Role != "Admin" && formdata.OldPassword == "" {
 				return InvalidDataResponse(engine, e, "Altes Passwort erforderlich", &fu)
@@ -203,13 +207,16 @@ func (p *UserEditPage) POST(engine *templating.Engine, app core.App) HandleFunc
 			}

 			user_proxy.SetPassword(formdata.Password)
+			passwordchanged = true
 		}

 		if err := app.Save(user_proxy); err != nil {
 			return InvalidDataResponse(engine, e, err.Error(), &fu)
 		}

-		if rolechanged {
+		slog.Info("UserEditPage: User edited", "user_id", user_proxy.Id, "role_changed", rolechanged, "password_changed", passwordchanged, "formdata", formdata)
+		if rolechanged || (passwordchanged && formdata.Logout == "on") {
+			slog.Error("UserEditPage: Deleting sessions for user", "user_id", user_proxy.Id, "role_changed", rolechanged, "password_changed", passwordchanged)
 			if err := DeleteSessionsForUser(app, user_proxy.Id); err != nil {
 				return InvalidDataResponse(engine, e, "Fehler beim Löschen der Sitzungen: "+err.Error(), &fu)
 			}
@@ -220,6 +227,8 @@ func (p *UserEditPage) POST(engine *templating.Engine, app core.App) HandleFunc
 			}
 		}

+		go middleware.SESSION_CACHE.DeleteSessionByUserID(user_proxy.Id)
+
 		fu = user_proxy.Fixed()
 		data["user"] = &fu
 		if user_proxy.Id == user.Id {
--- a/pages/user_management.go
+++ b/pages/user_management.go
@@ -17,6 +17,11 @@ const (
 	TEMPLATE_USER_MANAGEMENT = "/user/management/"
 )

+type SessionCount struct {
+	Count  int    `json:"count" db:"count"`
+	UserId string `json:"user" db:"user"`
+}
+
 func init() {
 	ump := &UserManagementPage{
 		StaticPage: pagemodels.StaticPage{
@@ -41,6 +46,21 @@ func (p *UserManagementPage) Setup(router *router.Router[*core.RequestEvent], ap
 	return nil
 }

+func GetSessionsCounts(app core.App) ([]*SessionCount, error) {
+	query := app.RecordQuery(dbmodels.SESSIONS_TABLE).
+		Select("COUNT(*) AS count", dbmodels.SESSIONS_USER_FIELD).
+		GroupBy(dbmodels.SESSIONS_USER_FIELD).
+		OrderBy("count DESC")
+
+	var counts []*SessionCount
+	err := query.All(&counts)
+	if err != nil {
+		return nil, fmt.Errorf("failed to get session counts: %w", err)
+	}
+
+	return counts, nil
+}
+
 func (p *UserManagementPage) GET(engine *templating.Engine, app core.App) HandleFunc {
 	return func(e *core.RequestEvent) error {
 		records := []*core.Record{}
@@ -54,9 +74,20 @@ func (p *UserManagementPage) GET(engine *templating.Engine, app core.App) Handle
 			users = append(users, dbmodels.NewUser(record))
 		}

+		sessionCounts, err := GetSessionsCounts(app)
+		if err != nil {
+			return engine.Response500(e, err, nil)
+		}
+
+		scmap := make(map[string]int)
+		for _, sc := range sessionCounts {
+			scmap[sc.UserId] = sc.Count
+		}
+
 		data := make(map[string]any)
 		data["users"] = users
 		data["len"] = len(users)
+		data["session_counts"] = scmap

 		nonce, token, err := CSRF_CACHE.GenerateTokenBundle()
 		if err != nil {
--- a/views/assets/style.css
+++ b/views/assets/style.css
--- a/views/routes/user/edit/body.gohtml
+++ b/views/routes/user/edit/body.gohtml
@@ -176,6 +176,13 @@
 					placeholder=""
 					required />
 			</div>
+			<div class="col-span-3 flex justify-end" x-bind:style="!openpw ? 'display:none' : ''">
+					<input type="checkbox" name="logout" id="logout"  class="mr-2"
+				x-bind:style="!openpw ? 'display:none' : ''" />
+					<label for="logout" class="text-sm text-gray-700 font-bold">
+						</i><i class="ri-logout-box-line"></i> überall ausloggen
+					</label>
+			</div>
 			<div class="col-span-1 col-start-2">
 				<a
 					href="/user/{{ $model.user.Id }}/edit?redirectTo={{ $model.redirect_url }}"
@@ -206,13 +213,6 @@
 					Speichern
 				</button>
 			</div>
-			<!--
-			<div class="col-span-3">
-				<a href="/forgot-password" class="text-sm text-slate-600 hover:text-slate-900">
-					Passwort vergessen?
-				</a>
-			</div>
-			-->
 		</form>

 		<div class="col-span-1 mt-12 justify-self-end self-end items-end flex flex-row justify-end">
--- a/views/routes/user/management/body.gohtml
+++ b/views/routes/user/management/body.gohtml
@@ -20,7 +20,7 @@
 	</div>
 </div>
 <div class="flex container-normal mx-auto px-8 mt-4">
-	<div class="flex-col max-w-2xl w-full">
+	<div class="flex-col w-full">
 		{{ if $model.success }}
 			<div
 				class="text-green-800 text-sm mt-2 rounded bg-green-200 p-2 font-bold border-green-700
@@ -35,28 +35,64 @@
 				{{ $model.error }}
 			</div>
 		{{ end }}
-		<table>
+		<table class="user-mgmt w-full text-lg">
 			<thead>
 				<tr>
 					<th>Name</th>
 					<th>E-Mail</th>
 					<th>Rolle</th>
-					<th></th>
+					<th>Aktive Logins</th>
 					<th></th>
 				</tr>
 			</thead>
 			<tbody>
 				{{ range $u := $model.users }}
-					<tr>
+					<tr class="{{ if $u.Deactivated }}deactivated{{ end }}">
 						<td>{{ $u.Name }}</td>
 						<td>{{ $u.Email }}</td>
 						<td>{{ $u.Role }}</td>
+						<td>{{ index $model.session_counts $u.Id }}</td>
 						<td>
-							<a
-								href="/user/{{ $u.Id }}/edit?redirectTo={{ $model.request.fullpath }}"
-								class="text-blue-500 hover:text-blue-700">
-								<i class="ri-edit-line"></i> Bearbeiten
-							</a>
+							<form class="flex flex-row gap-x-4 justify-end">
+								<input
+									type="hidden"
+									name="csrf_nonce"
+									id="csrf_nonce"
+									required
+									value="{{ $model.csrf_nonce }}" />
+								<input
+									type="hidden"
+									name="csrf_token"
+									id="csrf_token"
+									required
+									value="{{ $model.csrf_token }}" />
+								<button
+									formmethod="GET"
+									formaction="/user/{{ $u.Id }}/edit?redirectTo={{ $model.request.fullpath }}">
+									<i class="ri-pencil-line"></i>
+								</button>
+								<button
+									formmethod="POST"
+									formaction="/user/{{ $u.Id }}/logout"
+									class="text-orange-800 bg-orange-200 hover:bg-orange-300">
+									<i class="ri-logout-box-r-line"></i>
+								</button>
+								{{- if $u.Deactivated }}
+									<button
+										formmethod="GET"
+										formaction="/user/{{ $u.Id }}/activate"
+										class="text-blue-800 bg-blue-200 hover:bg-blue-300">
+										<i class="ri-check-line"></i>
+									</button>
+								{{- else -}}
+									<button
+										formmethod="GET"
+										formaction="/user/{{ $u.Id }}/deactivate"
+										class="text-red-800 bg-red-200 hover:bg-red-300">
+										<i class="ri-prohibited-2-line"></i>
+									</button>
+								{{- end -}}
+							</form>
 						</td>
 					</tr>
 				{{ end }}
--- a/views/transform/site.css
+++ b/views/transform/site.css
@@ -532,6 +532,34 @@
 		@apply border-red-600;
 	}

+	.user-mgmt thead th {
+		@apply text-left font-bold border-b-2 border-slate-800 py-2 px-3;
+	}
+
+	.user-mgmt tbody tr td {
+		@apply px-3 py-1.5;
+	}
+
+	.user-mgmt tbody tr:nth-child(odd) td {
+		@apply bg-slate-100;
+	}
+
+	.user-mgmt tbody tr:nth-child(even) td {
+		@apply bg-slate-50;
+	}
+
+	.user-mgmt tbody tr td:last-of-type {
+		@apply align-middle text-right pr-4;
+	}
+
+	.user-mgmt tbody tr.deactivated td:not(:last-of-type) {
+		@apply text-gray-400 line-through;
+	}
+
+	.user-mgmt form button {
+		@apply bg-slate-700 text-gray-200 text-base rounded-xs font-sans transition-all duration-75 px-3 py-1.5 hover:bg-slate-800 hover:text-white cursor-pointer;
+	}
+
 	@keyframes spin {
 		0% {
 			transform: rotate(0deg);