tp_dhu/tp_servicedesk
1
0
Fork 0
Code Issues 12 Pull Requests Actions Packages Projects 1 Releases Wiki Activity

added initial user management

Browse Source
This commit is contained in:
tp_dhu 2025-02-16 22:05:18 +00:00
parent 6c936208b7
commit dcddd22a0b
5 changed files with 119 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
app/controllers/AuthController.php
View File

@ -4,6 +4,7 @@ class AuthController {
public function showLoginForm($f3){
// store session errors or messages, then clear
$f3->set('error', $f3->get('SESSION.login_error'));
$f3->clear('SESSION.login_error');
@ -21,7 +22,11 @@ class AuthController {
$db = $f3->get('DB');
// query for user
$result = $db->exec(
'SELECT id, username, password, role FROM users WHERE username =? LIMIT 1', $username
'SELECT u.id, u.username, u.password, u.role, r.role as role_name
FROM users u
LEFT JOIN roles r ON r.id = u.role
WHERE username =?
LIMIT 1', $username
);
// verifiy password
@ -31,7 +36,9 @@ class AuthController {
// valid
$f3->set('SESSION.user', [
'id'=> $user['id'],
'username' => $user['username']
'username' => $user['username'],
'role' => $user['role'],
'role_name' => $user['role_name']
]);
$f3->reroute('/dashboard');

62
app/controllers/UserController.php Normal file
View File

@ -0,0 +1,62 @@
<?php
class UserController {
// list all users (admin only)
protected function check_access($f3){
$current_user = $f3->get('SESSION.user');
if(!$current_user || $current_user['role_name'] !== 'admin'){
$f3->reroute('/login');
}
}
public function index($f3){
$this->check_access($f3);
$db = $f3->get('DB');
$users = $db->exec(
'SELECT u.*, r.role AS role_name
FROM users u
LEFT JOIN roles r ON r.id = u.role
ORDER BY id ASC'
);
$f3->set('users', $users);
$f3->set('content', '../ui/views/user/index.html');
echo \Template::instance()->render('../ui/templates/layout.html');
}
public function editForm($f3){
$this->check_access($f3);
$user_id = (int) $f3->get('PARAMS.id');
$db = $f3->get('DB');
$rows = $db->exec(
'SELECt * FROM users WHERE id = ? LIMIT 1',
[$user_id]
);
if(!$rows){
$f3->reroute('/users');
}
$f3->set('edit_user', $rows[0]);
$f3->set('content', '../ui/views/user/edit.html');
echo \Template::instance()->render('../ui/templates/layout.html');
}
public function update($f3){
$this->check_access($f3);
$user_id = (int) $f3->get('PARAMS.id');
$new_username = $f3->get('POST.username');
// $new_role = $f3->get('POST.role_name')
$db = $f3->get('DB');
$db->exec(
'UPDATE users SET username = ? WHERE id =? LIMIT 1',
[$new_username, $user_id]);
$f3->reroute('/users');
}
}

6
public/index.php
View File

@ -72,4 +72,10 @@ $f3->route('POST /parsedown/preview', 'ParsedownPreview->view');
// dashboard
$f3->route('GET /dashboard', 'DashboardController->index');
// additional routes
$f3->route('GET /users', 'UserController->index');
$f3->route('GET /user/@id/edit', 'UserController->editForm');
$f3->route('POST /user/@id/update', 'UserController->update');
$f3->run();

24
ui/views/user/edit.html Normal file
View File

@ -0,0 +1,24 @@
<form method="POST" action="/user/{{@edit_user.id}}/update">
<div class="field">
<label class="label">Username</label>
<div class="control">
<input class="input" name="username" type="text" value="{{ @edit_user.username}}">
</div>
</div>
<div class="field">
<label class="label">Role</label>
<div class="select">
<select class="select" name="role">
<option value="user">User</option>
<option value="admin">Admin</option>
</select>
</div>
</div>
<div class="field">
<div class="control">
<button class="button is-primary" type="submit">Edit User</button>
</div>
</div>
</form>

18
ui/views/user/index.html Normal file
View File

@ -0,0 +1,18 @@
<div class="block">
<h1 class="title">All Users</h1>
<table class="table table-bordered is-fullwidth">
<tr>
<th>ID</th><th>Username</th><th>Role</th><th>Actions</th>
</tr>
<repeat group="{{ @users }}" value="{{ @u }}">
<tr>
<td>{{ @u.id }}</td>
<td>{{ @u.username }}</td>
<td>{{ @u.role_name }} ( {{ @u.role }} )</td>
</tr>
</repeat>
</table>
</div>