feat: implement admin-users management with super admin restriction
- Add /admin/admin-users routes for managing admin users (super admin only) - Remove vendor role from user creation form (vendors created via company hierarchy) - Add admin-users.html and admin-user-detail.html templates - Add admin-users.js and admin-user-detail.js for frontend logic - Move database operations to admin_platform_service (list, get, create, delete, toggle status) - Update sidebar to show Admin Users section only for super admins - Add isSuperAdmin computed property to init-alpine.js - Fix /api/v1 prefix issues in JS files (apiClient already adds prefix) - Update architecture rule JS-012 to catch more variable patterns (url, endpoint, path) - Replace inline SVGs with $icon() helper in select-platform.html Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
This commit is contained in:
196
static/admin/js/admin-user-detail.js
Normal file
196
static/admin/js/admin-user-detail.js
Normal file
@@ -0,0 +1,196 @@
|
||||
// noqa: js-006 - async init pattern is safe, loadData has try/catch
|
||||
// static/admin/js/admin-user-detail.js
|
||||
|
||||
// Create custom logger for admin user detail
|
||||
const adminUserDetailLog = window.LogConfig.createLogger('ADMIN-USER-DETAIL');
|
||||
|
||||
function adminUserDetailPage() {
|
||||
return {
|
||||
// Inherit base layout functionality from init-alpine.js
|
||||
...data(),
|
||||
|
||||
// Admin user detail page specific state
|
||||
currentPage: 'admin-users',
|
||||
adminUser: null,
|
||||
loading: false,
|
||||
saving: false,
|
||||
error: null,
|
||||
userId: null,
|
||||
currentUserId: null,
|
||||
|
||||
// Initialize
|
||||
async init() {
|
||||
adminUserDetailLog.info('=== ADMIN USER DETAIL PAGE INITIALIZING ===');
|
||||
|
||||
// Prevent multiple initializations
|
||||
if (window._adminUserDetailInitialized) {
|
||||
adminUserDetailLog.warn('Admin user detail page already initialized, skipping...');
|
||||
return;
|
||||
}
|
||||
window._adminUserDetailInitialized = true;
|
||||
|
||||
// Get current user ID
|
||||
this.currentUserId = this.adminProfile?.id || null;
|
||||
|
||||
// Get user ID from URL
|
||||
const path = window.location.pathname;
|
||||
const match = path.match(/\/admin\/admin-users\/(\d+)$/);
|
||||
|
||||
if (match) {
|
||||
this.userId = match[1];
|
||||
adminUserDetailLog.info('Viewing admin user:', this.userId);
|
||||
await this.loadAdminUser();
|
||||
} else {
|
||||
adminUserDetailLog.error('No user ID in URL');
|
||||
this.error = 'Invalid admin user URL';
|
||||
Utils.showToast('Invalid admin user URL', 'error');
|
||||
}
|
||||
|
||||
adminUserDetailLog.info('=== ADMIN USER DETAIL PAGE INITIALIZATION COMPLETE ===');
|
||||
},
|
||||
|
||||
// Load admin user data
|
||||
async loadAdminUser() {
|
||||
adminUserDetailLog.info('Loading admin user details...');
|
||||
this.loading = true;
|
||||
this.error = null;
|
||||
|
||||
try {
|
||||
const url = `/admin/admin-users/${this.userId}`;
|
||||
window.LogConfig.logApiCall('GET', url, null, 'request');
|
||||
|
||||
const startTime = performance.now();
|
||||
const response = await apiClient.get(url);
|
||||
const duration = performance.now() - startTime;
|
||||
|
||||
window.LogConfig.logApiCall('GET', url, response, 'response');
|
||||
window.LogConfig.logPerformance('Load Admin User Details', duration);
|
||||
|
||||
// Transform API response to expected format
|
||||
this.adminUser = {
|
||||
...response,
|
||||
platforms: (response.platform_assignments || []).map(pa => ({
|
||||
id: pa.platform_id,
|
||||
code: pa.platform_code,
|
||||
name: pa.platform_name
|
||||
})),
|
||||
full_name: [response.first_name, response.last_name].filter(Boolean).join(' ') || null
|
||||
};
|
||||
|
||||
adminUserDetailLog.info(`Admin user loaded in ${duration}ms`, {
|
||||
id: this.adminUser.id,
|
||||
username: this.adminUser.username,
|
||||
is_super_admin: this.adminUser.is_super_admin,
|
||||
is_active: this.adminUser.is_active
|
||||
});
|
||||
adminUserDetailLog.debug('Full admin user data:', this.adminUser);
|
||||
|
||||
} catch (error) {
|
||||
window.LogConfig.logError(error, 'Load Admin User Details');
|
||||
this.error = error.message || 'Failed to load admin user details';
|
||||
Utils.showToast('Failed to load admin user details', 'error');
|
||||
} finally {
|
||||
this.loading = false;
|
||||
}
|
||||
},
|
||||
|
||||
// Format date
|
||||
formatDate(dateString) {
|
||||
if (!dateString) {
|
||||
return '-';
|
||||
}
|
||||
return Utils.formatDate(dateString);
|
||||
},
|
||||
|
||||
// Toggle admin user status
|
||||
async toggleStatus() {
|
||||
const action = this.adminUser.is_active ? 'deactivate' : 'activate';
|
||||
adminUserDetailLog.info(`Toggle status: ${action}`);
|
||||
|
||||
// Prevent self-deactivation
|
||||
if (this.adminUser.id === this.currentUserId) {
|
||||
Utils.showToast('You cannot deactivate your own account', 'error');
|
||||
return;
|
||||
}
|
||||
|
||||
if (!confirm(`Are you sure you want to ${action} "${this.adminUser.username}"?`)) {
|
||||
adminUserDetailLog.info('Status toggle cancelled by user');
|
||||
return;
|
||||
}
|
||||
|
||||
this.saving = true;
|
||||
try {
|
||||
const url = `/admin/admin-users/${this.userId}/status`;
|
||||
window.LogConfig.logApiCall('PUT', url, null, 'request');
|
||||
|
||||
const response = await apiClient.put(url);
|
||||
|
||||
window.LogConfig.logApiCall('PUT', url, response, 'response');
|
||||
|
||||
this.adminUser.is_active = response.is_active;
|
||||
Utils.showToast(`Admin user ${action}d successfully`, 'success');
|
||||
adminUserDetailLog.info(`Admin user ${action}d successfully`);
|
||||
|
||||
} catch (error) {
|
||||
window.LogConfig.logError(error, `Toggle Status (${action})`);
|
||||
Utils.showToast(error.message || `Failed to ${action} admin user`, 'error');
|
||||
} finally {
|
||||
this.saving = false;
|
||||
}
|
||||
},
|
||||
|
||||
// Delete admin user
|
||||
async deleteAdminUser() {
|
||||
adminUserDetailLog.info('Delete admin user requested:', this.userId);
|
||||
|
||||
// Prevent self-deletion
|
||||
if (this.adminUser.id === this.currentUserId) {
|
||||
Utils.showToast('You cannot delete your own account', 'error');
|
||||
return;
|
||||
}
|
||||
|
||||
if (!confirm(`Are you sure you want to delete admin user "${this.adminUser.username}"?\n\nThis action cannot be undone.`)) {
|
||||
adminUserDetailLog.info('Delete cancelled by user');
|
||||
return;
|
||||
}
|
||||
|
||||
// Second confirmation for safety
|
||||
if (!confirm(`FINAL CONFIRMATION\n\nAre you absolutely sure you want to delete "${this.adminUser.username}"?`)) {
|
||||
adminUserDetailLog.info('Delete cancelled by user (second confirmation)');
|
||||
return;
|
||||
}
|
||||
|
||||
this.saving = true;
|
||||
try {
|
||||
const url = `/admin/admin-users/${this.userId}`;
|
||||
window.LogConfig.logApiCall('DELETE', url, null, 'request');
|
||||
|
||||
await apiClient.delete(url);
|
||||
|
||||
window.LogConfig.logApiCall('DELETE', url, null, 'response');
|
||||
|
||||
Utils.showToast('Admin user deleted successfully', 'success');
|
||||
adminUserDetailLog.info('Admin user deleted successfully');
|
||||
|
||||
// Redirect to admin users list
|
||||
setTimeout(() => window.location.href = '/admin/admin-users', 1500);
|
||||
|
||||
} catch (error) {
|
||||
window.LogConfig.logError(error, 'Delete Admin User');
|
||||
Utils.showToast(error.message || 'Failed to delete admin user', 'error');
|
||||
} finally {
|
||||
this.saving = false;
|
||||
}
|
||||
},
|
||||
|
||||
// Refresh admin user data
|
||||
async refresh() {
|
||||
adminUserDetailLog.info('=== ADMIN USER REFRESH TRIGGERED ===');
|
||||
await this.loadAdminUser();
|
||||
Utils.showToast('Admin user details refreshed', 'success');
|
||||
adminUserDetailLog.info('=== ADMIN USER REFRESH COMPLETE ===');
|
||||
}
|
||||
};
|
||||
}
|
||||
|
||||
adminUserDetailLog.info('Admin user detail module loaded');
|
||||
Reference in New Issue
Block a user