""" MCLogger – Site-Admin-Bereich Verwaltet alle Gruppen und Nutzer global. """ from functools import wraps from flask import Blueprint, render_template, request, redirect, url_for, session, flash import panel_db as db site_admin = Blueprint("site_admin", __name__, url_prefix="/admin") def admin_required(f): @wraps(f) def decorated(*args, **kwargs): if not session.get("is_site_admin"): return redirect(url_for("auth.admin_login")) return f(*args, **kwargs) return decorated # ────────────────────────────────────────────────────────────── # Dashboard # ────────────────────────────────────────────────────────────── @site_admin.route("/") @admin_required def dashboard(): groups = db.list_all_groups() users = db.list_all_users() for g in groups: g["has_db"] = db.has_db_configured(g["id"]) stats = { "group_count": len(groups), "user_count": len(users), "db_configured": sum(1 for g in groups if g["has_db"]), "admin_count": sum(1 for u in users if u.get("is_site_admin")), } return render_template("admin/dashboard.html", groups=groups, users=users, stats=stats) # ────────────────────────────────────────────────────────────── # Gruppen verwalten # ────────────────────────────────────────────────────────────── @site_admin.route("/groups") @admin_required def groups(): all_groups = db.list_all_groups() for g in all_groups: g["has_db"] = db.has_db_configured(g["id"]) return render_template("admin/groups.html", groups=all_groups) @site_admin.route("/groups/new", methods=["GET", "POST"]) @admin_required def group_new(): if request.method == "POST": name = request.form.get("name", "").strip() desc = request.form.get("description", "").strip() if not name: flash("Gruppenname darf nicht leer sein.", "danger") elif db.get_group_by_name(name): flash("Eine Gruppe mit diesem Namen existiert bereits.", "danger") else: db.create_group(name, desc) flash(f"Gruppe '{name}' erstellt.", "success") return redirect(url_for("site_admin.groups")) return render_template("admin/group_edit.html", group=None) @site_admin.route("/groups//edit", methods=["GET", "POST"]) @admin_required def group_edit(group_id): group = db.get_group_by_id(group_id) if not group: flash("Gruppe nicht gefunden.", "danger") return redirect(url_for("site_admin.groups")) if request.method == "POST": name = request.form.get("name", "").strip() desc = request.form.get("description", "").strip() if not name: flash("Gruppenname darf nicht leer sein.", "danger") else: db.update_group(group_id, name, desc) flash("Gruppe aktualisiert.", "success") return redirect(url_for("site_admin.groups")) return render_template("admin/group_edit.html", group=group) @site_admin.route("/groups//delete", methods=["POST"]) @admin_required def group_delete(group_id): db.delete_group(group_id) flash("Gruppe gelöscht.", "success") return redirect(url_for("site_admin.groups")) @site_admin.route("/groups//members") @admin_required def group_members(group_id): group = db.get_group_by_id(group_id) members = db.get_group_members(group_id) all_users = db.list_all_users() member_ids = {m["id"] for m in members} non_members = [u for u in all_users if u["id"] not in member_ids] return render_template("admin/group_members.html", group=group, members=members, non_members=non_members) @site_admin.route("/groups//members/add", methods=["POST"]) @admin_required def group_member_add(group_id): user_id = request.form.get("user_id", type=int) role = request.form.get("role", "member") if user_id: db.add_group_member(user_id, group_id, role) flash("Mitglied hinzugefügt.", "success") return redirect(url_for("site_admin.group_members", group_id=group_id)) @site_admin.route("/groups//members//remove", methods=["POST"]) @admin_required def group_member_remove(group_id, user_id): db.remove_group_member(user_id, group_id) flash("Mitglied entfernt.", "success") return redirect(url_for("site_admin.group_members", group_id=group_id)) # ────────────────────────────────────────────────────────────── # Nutzer verwalten # ────────────────────────────────────────────────────────────── @site_admin.route("/users") @admin_required def users(): return render_template("admin/users.html", users=db.list_all_users()) @site_admin.route("/users/new", methods=["GET", "POST"]) @admin_required def user_new(): if request.method == "POST": username = request.form.get("username", "").strip() email = request.form.get("email", "").strip() password = request.form.get("password", "") is_site_admin = request.form.get("is_site_admin") == "1" if not username or not email or not password: flash("Alle Felder sind Pflichtfelder.", "danger") elif db.get_user_by_username(username): flash("Benutzername bereits vergeben.", "danger") else: db.create_user(username, email, password, is_site_admin) flash(f"Nutzer '{username}' erstellt.", "success") return redirect(url_for("site_admin.users")) return render_template("admin/user_edit.html", user=None) @site_admin.route("/users//edit", methods=["GET", "POST"]) @admin_required def user_edit(user_id): user = db.get_user_by_id(user_id) if not user: flash("Nutzer nicht gefunden.", "danger") return redirect(url_for("site_admin.users")) if request.method == "POST": username = request.form.get("username", "").strip() email = request.form.get("email", "").strip() is_site_admin = request.form.get("is_site_admin") == "1" new_password = request.form.get("new_password", "") db.update_user(user_id, username, email, is_site_admin) if new_password: db.change_password(user_id, new_password) flash("Passwort geändert.", "info") flash("Nutzer aktualisiert.", "success") return redirect(url_for("site_admin.users")) return render_template("admin/user_edit.html", user=user) @site_admin.route("/users//delete", methods=["POST"]) @admin_required def user_delete(user_id): if user_id == session.get("user_id"): flash("Du kannst dich nicht selbst löschen.", "danger") else: db.delete_user(user_id) flash("Nutzer gelöscht.", "success") return redirect(url_for("site_admin.users")) # ────────────────────────────────────────────────────────────── # Als Gruppe anzeigen (Site-Admin liest Gruppen-DB) # ────────────────────────────────────────────────────────────── @site_admin.route("/view-group/") @admin_required def view_group(group_id): """Site-Admin wechselt temporär in eine Grup­pe, um deren MC-Daten zu sehen.""" group = db.get_group_by_id(group_id) if not group: flash("Gruppe nicht gefunden.", "danger") return redirect(url_for("site_admin.dashboard")) if not db.has_db_configured(group_id): flash("Für diese Gruppe ist noch keine Datenbank konfiguriert.", "warning") return redirect(url_for("site_admin.dashboard")) # Alle Berechtigungen als Admin all_perms = {k: True for k in ["view_dashboard","view_players","view_sessions", "view_chat","view_commands","view_deaths","view_blocks", "view_proxy","view_server_events","view_perms"]} session["group_id"] = group_id session["group_name"] = group["name"] session["role"] = "admin" session["permissions"] = all_perms session["admin_viewing"] = True return redirect(url_for("panel.dashboard")) @site_admin.route("/stop-view") @admin_required def stop_view(): """Kehrt zum Site-Admin-Dashboard zurück.""" session.pop("group_id", None) session.pop("group_name", None) session.pop("role", None) session.pop("permissions", None) session.pop("admin_viewing", None) return redirect(url_for("site_admin.dashboard"))