Add disabled user badge (no password) and deauthorize button to admin page.

pull/372/head
Daniel García 6 years ago
parent 700e084101
commit 69036cc6a4
No known key found for this signature in database
GPG Key ID: FC8A7D14C3CD543A

@ -17,7 +17,14 @@ pub fn routes() -> Vec<Route> {
return Vec::new(); return Vec::new();
} }
routes![admin_login, post_admin_login, admin_page, invite_user, delete_user] routes![
admin_login,
post_admin_login,
admin_page,
invite_user,
delete_user,
deauth_user,
]
} }
const COOKIE_NAME: &'static str = "BWRS_ADMIN"; const COOKIE_NAME: &'static str = "BWRS_ADMIN";
@ -150,6 +157,18 @@ fn delete_user(uuid: String, _token: AdminToken, conn: DbConn) -> EmptyResult {
user.delete(&conn) user.delete(&conn)
} }
#[post("/users/<uuid>/deauth")]
fn deauth_user(uuid: String, _token: AdminToken, conn: DbConn) -> EmptyResult {
let mut user = match User::find_by_uuid(&uuid, &conn) {
Some(user) => user,
None => err!("User doesn't exist"),
};
user.reset_security_stamp();
user.save(&conn)
}
pub struct AdminToken {} pub struct AdminToken {}
impl<'a, 'r> FromRequest<'a, 'r> for AdminToken { impl<'a, 'r> FromRequest<'a, 'r> for AdminToken {

@ -120,6 +120,7 @@ impl User {
let twofactor_enabled = !TwoFactor::find_by_user(&self.uuid, conn).is_empty(); let twofactor_enabled = !TwoFactor::find_by_user(&self.uuid, conn).is_empty();
json!({ json!({
"_Enabled": !self.password_hash.is_empty(),
"Id": self.uuid, "Id": self.uuid,
"Name": self.name, "Name": self.name,
"Email": self.email, "Email": self.email,

@ -13,6 +13,9 @@
{{#if TwoFactorEnabled}} {{#if TwoFactorEnabled}}
<span class="badge badge-success ml-2">2FA</span> <span class="badge badge-success ml-2">2FA</span>
{{/if}} {{/if}}
{{#unless _Enabled}}
<span class="badge badge-warning ml-2">Disabled</span>
{{/unless}}
<span class="d-block">{{Email}}</span> <span class="d-block">{{Email}}</span>
</div> </div>
<div class="col"> <div class="col">
@ -23,7 +26,8 @@
{{/each}} {{/each}}
</span> </span>
</div> </div>
<div style="flex: 0 0 100px;"> <div style="flex: 0 0 240px;">
<a class="mr-3" href="#" onclick='deauthUser("{{Id}}")'>Deauthorize sessions</a>
<a class="mr-3" href="#" onclick='deleteUser("{{Id}}", "{{Email}}")'>Delete User</a> <a class="mr-3" href="#" onclick='deleteUser("{{Id}}", "{{Email}}")'>Delete User</a>
</div> </div>
</div> </div>
@ -79,6 +83,12 @@
} }
return false; return false;
} }
function deauthUser(id) {
_post("/admin/users/" + id + "/deauth",
"Sessions deauthorized correctly",
"Error deauthorizing sessions");
return false;
}
function inviteUser() { function inviteUser() {
inv = $("#email-invite"); inv = $("#email-invite");
data = JSON.stringify({ "Email": inv.val() }); data = JSON.stringify({ "Email": inv.val() });
@ -87,14 +97,12 @@
"Error inviting user", data); "Error inviting user", data);
return false; return false;
} }
let OrgTypes = { let OrgTypes = {
"0": { "name": "Owner", "color": "orange" }, "0": { "name": "Owner", "color": "orange" },
"1": { "name": "Admin", "color": "blueviolet" }, "1": { "name": "Admin", "color": "blueviolet" },
"2": { "name": "User", "color": "blue" }, "2": { "name": "User", "color": "blue" },
"3": { "name": "Manager", "color": "green" }, "3": { "name": "Manager", "color": "green" },
}; };
$(window).on('load', function () { $(window).on('load', function () {
$("#invite-form").submit(inviteUser); $("#invite-form").submit(inviteUser);
$("img.identicon").each(function (i, e) { $("img.identicon").each(function (i, e) {

Loading…
Cancel
Save