modified: web/blueprints/site_admin.py
modified: web/panel_db.py modified: web/templates/admin/user_edit.html modified: web/templates/admin/users.html
This commit is contained in:
SimolZimol
@@ -1,15 +1,15 @@
|
||||
{% extends "admin/base.html" %}
|
||||
{% block title %}{{ 'Edit User' if user else 'New User' }}{% endblock %}
|
||||
{% block title %}{{ 'Edit User' if user else 'Invite New User' }}{% endblock %}
|
||||
{% block content %}
|
||||
<div class="d-flex align-items-center gap-2 mb-4">
|
||||
<a href="{{ url_for('site_admin.users') }}" class="btn btn-sm btn-outline-secondary">
|
||||
<i class="bi bi-arrow-left"></i>
|
||||
</a>
|
||||
<h2 class="mb-0">{{ 'Edit User: ' ~ user.username if user else 'New User' }}</h2>
|
||||
<h2 class="mb-0">{{ 'Edit User: ' ~ user.username if user else 'Invite New User' }}</h2>
|
||||
</div>
|
||||
|
||||
<div class="row">
|
||||
<div class="col-md-6">
|
||||
<div class="col-md-7">
|
||||
<div class="card border-secondary">
|
||||
<div class="card-body">
|
||||
<form method="post">
|
||||
@@ -24,14 +24,42 @@
|
||||
<input type="email" name="email" class="form-control" required
|
||||
value="{{ user.email if user else request.form.get('email', '') }}">
|
||||
</div>
|
||||
{% if user %}
|
||||
<div class="mb-3">
|
||||
<label class="form-label">{{ 'New Password (leave blank = unchanged)' if user else 'Password *' }}</label>
|
||||
<input type="password" name="{{ 'new_password' if user else 'password' }}" class="form-control"
|
||||
{{ '' if user else 'required' }}>
|
||||
{% if not user %}
|
||||
<div class="form-text">Minimum 8 characters recommended.</div>
|
||||
{% endif %}
|
||||
<label class="form-label">New Password <span class="text-muted">(leave blank = unchanged)</span></label>
|
||||
<input type="password" name="new_password" class="form-control">
|
||||
</div>
|
||||
{% else %}
|
||||
{# ── Invite form: group + role (optional) ── #}
|
||||
<div class="mb-3">
|
||||
<label class="form-label">Group <span class="text-muted">(optional)</span></label>
|
||||
<select name="group_id" id="invite_group" class="form-select" onchange="toggleRoleField()">
|
||||
<option value="">— No group —</option>
|
||||
{% for g in (groups or []) %}
|
||||
<option value="{{ g.id }}"
|
||||
{% if request.form.get('group_id')|string == g.id|string %}selected{% endif %}>
|
||||
{{ g.name }}
|
||||
</option>
|
||||
{% endfor %}
|
||||
</select>
|
||||
<div class="form-text">If selected, the user will be added to this group upon accepting the invite.</div>
|
||||
</div>
|
||||
<div class="mb-3" id="role_field" style="display:none;">
|
||||
<label class="form-label">Group Role</label>
|
||||
<select name="role" class="form-select">
|
||||
<option value="viewer">Viewer</option>
|
||||
<option value="auditor">Auditor</option>
|
||||
<option value="member">Member</option>
|
||||
<option value="moderator">Moderator</option>
|
||||
<option value="group_admin">Group Admin</option>
|
||||
<option value="group_owner">Group Owner</option>
|
||||
</select>
|
||||
</div>
|
||||
<div class="alert alert-info py-2 mb-3">
|
||||
<i class="bi bi-envelope-check me-1"></i>
|
||||
The user will receive an email with a link to set their own password.
|
||||
</div>
|
||||
{% endif %}
|
||||
<div class="mb-4">
|
||||
<div class="form-check">
|
||||
<input type="checkbox" name="is_site_admin" id="is_site_admin" class="form-check-input"
|
||||
@@ -44,7 +72,11 @@
|
||||
</div>
|
||||
<div class="d-flex gap-2">
|
||||
<button type="submit" class="btn btn-success">
|
||||
<i class="bi bi-check-lg me-1"></i>{{ 'Save' if user else 'Create' }}
|
||||
{% if user %}
|
||||
<i class="bi bi-check-lg me-1"></i>Save
|
||||
{% else %}
|
||||
<i class="bi bi-envelope-fill me-1"></i>Send Invitation
|
||||
{% endif %}
|
||||
</button>
|
||||
<a href="{{ url_for('site_admin.users') }}" class="btn btn-outline-secondary">Cancel</a>
|
||||
</div>
|
||||
@@ -53,4 +85,14 @@
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
{% if not user %}
|
||||
<script>
|
||||
function toggleRoleField() {
|
||||
var gid = document.getElementById('invite_group').value;
|
||||
document.getElementById('role_field').style.display = gid ? 'block' : 'none';
|
||||
}
|
||||
// Show role field if a group was pre-selected (e.g. after validation error)
|
||||
document.addEventListener('DOMContentLoaded', toggleRoleField);
|
||||
</script>
|
||||
{% endif %}
|
||||
{% endblock %}
|
||||
|
||||
@@ -4,11 +4,77 @@
|
||||
<div class="d-flex justify-content-between align-items-center mb-4">
|
||||
<h2><i class="bi bi-people-fill me-2"></i>Users</h2>
|
||||
<a href="{{ url_for('site_admin.user_new') }}" class="btn btn-success">
|
||||
<i class="bi bi-person-plus-fill me-1"></i>New User
|
||||
<i class="bi bi-envelope-plus-fill me-1"></i>Invite User
|
||||
</a>
|
||||
</div>
|
||||
|
||||
{# ── Pending Invitations ── #}
|
||||
{% if pending_invites %}
|
||||
<h5 class="text-muted mb-2"><i class="bi bi-envelope-open me-1"></i>Pending Invitations</h5>
|
||||
<div class="card border-warning mb-4">
|
||||
<div class="card-body p-0">
|
||||
<table class="table table-hover mb-0 small">
|
||||
<thead>
|
||||
<tr>
|
||||
<th>Username</th>
|
||||
<th>Email</th>
|
||||
<th>Group</th>
|
||||
<th>Role</th>
|
||||
<th>Expires</th>
|
||||
<th>Sent</th>
|
||||
<th class="text-end">Actions</th>
|
||||
</tr>
|
||||
</thead>
|
||||
<tbody>
|
||||
{% for inv in pending_invites %}
|
||||
<tr>
|
||||
<td class="fw-semibold">{{ inv.invited_username }}</td>
|
||||
<td class="text-muted">{{ inv.invited_email }}</td>
|
||||
<td>
|
||||
{% if inv.group_name %}
|
||||
<span class="badge bg-secondary">{{ inv.group_name }}</span>
|
||||
{% else %}
|
||||
<span class="text-muted">—</span>
|
||||
{% endif %}
|
||||
</td>
|
||||
<td>{{ inv.role }}</td>
|
||||
<td class="text-muted">{{ inv.expires_at | fmt_dt }}</td>
|
||||
<td class="text-muted">{{ inv.send_count }}×</td>
|
||||
<td class="text-end">
|
||||
{# Copy link #}
|
||||
{% set invite_url = url_for('auth.accept_invite', token=inv.token, _external=True) %}
|
||||
<button type="button" class="btn btn-sm btn-outline-secondary"
|
||||
title="Copy invite link"
|
||||
onclick="navigator.clipboard.writeText('{{ invite_url }}').then(()=>this.title='Copied!')">
|
||||
<i class="bi bi-clipboard"></i>
|
||||
</button>
|
||||
{# Resend #}
|
||||
<form method="post" action="{{ url_for('site_admin.user_invite_resend', invite_id=inv.id) }}" class="d-inline">
|
||||
<input type="hidden" name="_csrf_token" value="{{ csrf_token() }}">
|
||||
<button type="submit" class="btn btn-sm btn-outline-info" title="Resend email">
|
||||
<i class="bi bi-send"></i>
|
||||
</button>
|
||||
</form>
|
||||
{# Revoke #}
|
||||
<form method="post" action="{{ url_for('site_admin.user_invite_revoke', invite_id=inv.id) }}" class="d-inline"
|
||||
onsubmit="return confirm('Revoke invitation for {{ inv.invited_username }}?')">
|
||||
<input type="hidden" name="_csrf_token" value="{{ csrf_token() }}">
|
||||
<button type="submit" class="btn btn-sm btn-outline-danger" title="Revoke">
|
||||
<i class="bi bi-x-circle"></i>
|
||||
</button>
|
||||
</form>
|
||||
</td>
|
||||
</tr>
|
||||
{% endfor %}
|
||||
</tbody>
|
||||
</table>
|
||||
</div>
|
||||
</div>
|
||||
{% endif %}
|
||||
|
||||
<div class="card border-secondary">
|
||||
<h5 class="text-muted mb-2"><i class="bi bi-people me-1"></i>Registered Users</h5>
|
||||
<div class="card border-secondary">
|
||||
<div class="card-body p-0">
|
||||
<table class="table table-hover mb-0">
|
||||
<thead>
|
||||
|
||||
Reference in New Issue
Block a user