kasperj/turftracker
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

admin stuff

Browse Source
This commit is contained in:
Jake Kasper
2025-08-29 08:59:10 -04:00
parent 0cc5372e3d
commit 8c728d42d4
6 changed files with 485 additions and 14 deletions
Download Patch File Download Diff File Expand all files Collapse all files

153
backend/src/routes/admin.js
View File

@@ -226,6 +226,84 @@ router.put('/users/:id/role', validateParams(idParamSchema), async (req, res, ne
} }
}); });
// @route PUT /api/admin/users/:id
// @desc Update user details
// @access Private (Admin)
router.put('/users/:id', validateParams(idParamSchema), async (req, res, next) => {
try {
const userId = req.params.id;
const { firstName, lastName, email, role, password } = req.body;
// Validate required fields
if (!firstName || !lastName || !email || !role) {
throw new AppError('First name, last name, email, and role are required', 400);
}
if (!['admin', 'user'].includes(role)) {
throw new AppError('Invalid role', 400);
}
// Prevent removing admin role from yourself
if (parseInt(userId) === req.user.id && role !== 'admin') {
throw new AppError('Cannot remove admin role from yourself', 400);
}
// Check if user exists
const userCheck = await pool.query(
'SELECT id, role FROM users WHERE id = $1',
[userId]
);
if (userCheck.rows.length === 0) {
throw new AppError('User not found', 404);
}
// Check if email is already taken by another user
const emailCheck = await pool.query(
'SELECT id FROM users WHERE email = $1 AND id != $2',
[email, userId]
);
if (emailCheck.rows.length > 0) {
throw new AppError('Email already exists', 400);
}
let updateQuery = 'UPDATE users SET first_name = $1, last_name = $2, email = $3, role = $4, updated_at = CURRENT_TIMESTAMP';
let queryParams = [firstName, lastName, email, role];
// If password is provided, hash it and include in update
if (password) {
const bcrypt = require('bcrypt');
const saltRounds = 10;
const hashedPassword = await bcrypt.hash(password, saltRounds);
updateQuery += ', password_hash = $5';
queryParams.push(hashedPassword);
}
updateQuery += ' WHERE id = $' + (queryParams.length + 1) + ' RETURNING id, email, first_name, last_name, role';
queryParams.push(userId);
const result = await pool.query(updateQuery, queryParams);
const user = result.rows[0];
res.json({
success: true,
message: 'User updated successfully',
data: {
user: {
id: user.id,
email: user.email,
firstName: user.first_name,
lastName: user.last_name,
role: user.role
}
}
});
} catch (error) {
next(error);
}
});
// @route DELETE /api/admin/users/:id // @route DELETE /api/admin/users/:id
// @desc Delete user account // @desc Delete user account
// @access Private (Admin) // @access Private (Admin)
@@ -967,4 +1045,79 @@ router.delete('/products/user/spreader-settings/:id', validateParams(idParamSche
} }
}); });
// @route GET /api/admin/settings
// @desc Get admin settings
// @access Private (Admin)
router.get('/settings', async (req, res, next) => {
try {
// For now, we'll store settings in the database. Let's create a simple settings table approach
// First check if settings table exists, if not create it
await pool.query(`
CREATE TABLE IF NOT EXISTS admin_settings (
id SERIAL PRIMARY KEY,
setting_key VARCHAR(255) UNIQUE NOT NULL,
setting_value TEXT NOT NULL,
created_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP,
updated_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP
)
`);
// Insert default registration setting if it doesn't exist
await pool.query(`
INSERT INTO admin_settings (setting_key, setting_value)
VALUES ('registrationEnabled', 'true')
ON CONFLICT (setting_key) DO NOTHING
`);
// Get all settings
const settingsResult = await pool.query('SELECT setting_key, setting_value FROM admin_settings');
const settings = {};
settingsResult.rows.forEach(row => {
// Convert string values to appropriate types
if (row.setting_value === 'true' || row.setting_value === 'false') {
settings[row.setting_key] = row.setting_value === 'true';
} else {
settings[row.setting_key] = row.setting_value;
}
});
res.json({
success: true,
data: settings
});
} catch (error) {
next(error);
}
});
// @route PUT /api/admin/settings
// @desc Update admin settings
// @access Private (Admin)
router.put('/settings', async (req, res, next) => {
try {
const updates = req.body;
// Update each setting
for (const [key, value] of Object.entries(updates)) {
const stringValue = typeof value === 'boolean' ? value.toString() : value;
await pool.query(`
INSERT INTO admin_settings (setting_key, setting_value, updated_at)
VALUES ($1, $2, CURRENT_TIMESTAMP)
ON CONFLICT (setting_key)
DO UPDATE SET setting_value = $2, updated_at = CURRENT_TIMESTAMP
`, [key, stringValue]);
}
res.json({
success: true,
message: 'Settings updated successfully',
data: updates
});
} catch (error) {
next(error);
}
});
module.exports = router; module.exports = router;

42
backend/src/routes/auth.js
View File

@@ -333,4 +333,46 @@ router.get('/me', authenticateToken, async (req, res, next) => {
} }
}); });
// @route GET /api/auth/registration-status
// @desc Get registration status (public endpoint)
// @access Public
router.get('/registration-status', async (req, res, next) => {
try {
// Create admin_settings table if it doesn't exist
await pool.query(`
CREATE TABLE IF NOT EXISTS admin_settings (
id SERIAL PRIMARY KEY,
setting_key VARCHAR(255) UNIQUE NOT NULL,
setting_value TEXT NOT NULL,
created_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP,
updated_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP
)
`);
// Insert default registration setting if it doesn't exist
await pool.query(`
INSERT INTO admin_settings (setting_key, setting_value)
VALUES ('registrationEnabled', 'true')
ON CONFLICT (setting_key) DO NOTHING
`);
// Get registration setting
const settingResult = await pool.query(
'SELECT setting_value FROM admin_settings WHERE setting_key = $1',
['registrationEnabled']
);
const enabled = settingResult.rows.length > 0 ? settingResult.rows[0].setting_value === 'true' : true;
res.json({
success: true,
data: {
enabled
}
});
} catch (error) {
next(error);
}
});
module.exports = router; module.exports = router;

56
frontend/src/pages/Admin/AdminDashboard.js
View File

@@ -3,18 +3,25 @@ import { Link } from 'react-router-dom';
import { UsersIcon, CogIcon, BuildingOfficeIcon, ChartBarIcon } from '@heroicons/react/24/outline'; import { UsersIcon, CogIcon, BuildingOfficeIcon, ChartBarIcon } from '@heroicons/react/24/outline';
import { adminAPI } from '../../services/api'; import { adminAPI } from '../../services/api';
import LoadingSpinner from '../../components/UI/LoadingSpinner'; import LoadingSpinner from '../../components/UI/LoadingSpinner';
import toast from 'react-hot-toast';
const AdminDashboard = () => { const AdminDashboard = () => {
const [stats, setStats] = useState(null); const [stats, setStats] = useState(null);
const [loading, setLoading] = useState(true); const [loading, setLoading] = useState(true);
const [error, setError] = useState(null); const [error, setError] = useState(null);
const [registrationEnabled, setRegistrationEnabled] = useState(true);
const [updatingRegistration, setUpdatingRegistration] = useState(false);
useEffect(() => { useEffect(() => {
const fetchDashboardData = async () => { const fetchDashboardData = async () => {
try { try {
setLoading(true); setLoading(true);
const response = await adminAPI.getDashboard(); const [dashboardResponse, settingsResponse] = await Promise.all([
setStats(response.data.data); adminAPI.getDashboard(),
adminAPI.getSettings()
]);
setStats(dashboardResponse.data.data);
setRegistrationEnabled(settingsResponse.data.data.registrationEnabled);
setError(null); setError(null);
} catch (err) { } catch (err) {
console.error('Failed to fetch admin dashboard:', err); console.error('Failed to fetch admin dashboard:', err);
@@ -27,6 +34,20 @@ const AdminDashboard = () => {
fetchDashboardData(); fetchDashboardData();
}, []); }, []);
const handleRegistrationToggle = async () => {
try {
setUpdatingRegistration(true);
await adminAPI.updateSettings({ registrationEnabled: !registrationEnabled });
setRegistrationEnabled(!registrationEnabled);
toast.success(`Registration ${!registrationEnabled ? 'enabled' : 'disabled'} successfully`);
} catch (err) {
console.error('Failed to update registration setting:', err);
toast.error('Failed to update registration setting');
} finally {
setUpdatingRegistration(false);
}
};
if (loading) { if (loading) {
return ( return (
<div className="p-6"> <div className="p-6">
@@ -113,8 +134,8 @@ const AdminDashboard = () => {
))} ))}
</div> </div>
{/* Quick Actions */} {/* Quick Actions and Settings */}
<div className="grid grid-cols-1 lg:grid-cols-2 gap-6"> <div className="grid grid-cols-1 lg:grid-cols-3 gap-6">
<div className="card"> <div className="card">
<h3 className="text-lg font-semibold text-gray-900 mb-4">Quick Actions</h3> <h3 className="text-lg font-semibold text-gray-900 mb-4">Quick Actions</h3>
<div className="space-y-3"> <div className="space-y-3">
@@ -139,6 +160,33 @@ const AdminDashboard = () => {
<div className="font-medium text-gray-900">Manage Equipment</div> <div className="font-medium text-gray-900">Manage Equipment</div>
<div className="text-sm text-gray-500">Add and manage lawn care equipment</div> <div className="text-sm text-gray-500">Add and manage lawn care equipment</div>
</Link> </Link>
</div>
</div>
<div className="card">
<h3 className="text-lg font-semibold text-gray-900 mb-4">System Settings</h3>
<div className="space-y-4">
<div className="flex items-center justify-between p-3 rounded-lg border border-gray-200">
<div>
<div className="font-medium text-gray-900">User Registration</div>
<div className="text-sm text-gray-500">
{registrationEnabled ? 'New users can register' : 'Registration is disabled'}
</div>
</div>
<button
onClick={handleRegistrationToggle}
disabled={updatingRegistration}
className={`relative inline-flex h-6 w-11 flex-shrink-0 cursor-pointer rounded-full border-2 border-transparent transition-colors duration-200 ease-in-out focus:outline-none focus:ring-2 focus:ring-blue-500 focus:ring-offset-2 ${
registrationEnabled ? 'bg-blue-600' : 'bg-gray-200'
} ${updatingRegistration ? 'opacity-50 cursor-not-allowed' : ''}`}
>
<span
className={`pointer-events-none inline-block h-5 w-5 transform rounded-full bg-white shadow ring-0 transition duration-200 ease-in-out ${
registrationEnabled ? 'translate-x-5' : 'translate-x-0'
}`}
/>
</button>
</div>
<button <button
onClick={() => window.open(`${process.env.REACT_APP_API_URL}/admin/system/health`, '_blank')} onClick={() => window.open(`${process.env.REACT_APP_API_URL}/admin/system/health`, '_blank')}
className="w-full text-left p-3 rounded-lg border border-gray-200 hover:bg-gray-50 transition-colors" className="w-full text-left p-3 rounded-lg border border-gray-200 hover:bg-gray-50 transition-colors"

200
frontend/src/pages/Admin/AdminUsers.js
View File

@@ -5,6 +5,7 @@ import {
UserPlusIcon, UserPlusIcon,
TrashIcon, TrashIcon,
CogIcon, CogIcon,
PencilIcon,
EnvelopeIcon, EnvelopeIcon,
KeyIcon, KeyIcon,
ExclamationTriangleIcon ExclamationTriangleIcon
@@ -24,6 +25,15 @@ const AdminUsers = () => {
const [showRoleModal, setShowRoleModal] = useState(false); const [showRoleModal, setShowRoleModal] = useState(false);
const [showDeleteModal, setShowDeleteModal] = useState(false); const [showDeleteModal, setShowDeleteModal] = useState(false);
const [showInviteModal, setShowInviteModal] = useState(false); const [showInviteModal, setShowInviteModal] = useState(false);
const [showEditModal, setShowEditModal] = useState(false);
const [editFormData, setEditFormData] = useState({
firstName: '',
lastName: '',
email: '',
role: '',
newPassword: '',
confirmPassword: ''
});
const fetchUsers = async (page = 1) => { const fetchUsers = async (page = 1) => {
try { try {
@@ -77,6 +87,49 @@ const AdminUsers = () => {
} }
}; };
const handleEditUser = async (e) => {
e.preventDefault();
// Validate password match if password is being changed
if (editFormData.newPassword || editFormData.confirmPassword) {
if (editFormData.newPassword !== editFormData.confirmPassword) {
toast.error('Passwords do not match');
return;
}
if (editFormData.newPassword.length < 6) {
toast.error('Password must be at least 6 characters long');
return;
}
}
try {
const updateData = {
firstName: editFormData.firstName,
lastName: editFormData.lastName,
email: editFormData.email,
role: editFormData.role,
...(editFormData.newPassword && { password: editFormData.newPassword })
};
await adminAPI.updateUser(selectedUser.id, updateData);
toast.success('User updated successfully');
setShowEditModal(false);
setSelectedUser(null);
setEditFormData({
firstName: '',
lastName: '',
email: '',
role: '',
newPassword: '',
confirmPassword: ''
});
fetchUsers(currentPage);
} catch (error) {
console.error('Failed to update user:', error);
toast.error('Failed to update user');
}
};
const formatDate = (dateString) => { const formatDate = (dateString) => {
return new Date(dateString).toLocaleDateString('en-US', { return new Date(dateString).toLocaleDateString('en-US', {
year: 'numeric', year: 'numeric',
@@ -199,6 +252,24 @@ const AdminUsers = () => {
</td> </td>
<td className="px-6 py-4 whitespace-nowrap text-sm font-medium"> <td className="px-6 py-4 whitespace-nowrap text-sm font-medium">
<div className="flex items-center space-x-2"> <div className="flex items-center space-x-2">
<button
onClick={() => {
setSelectedUser(user);
setEditFormData({
firstName: user.firstName,
lastName: user.lastName,
email: user.email,
role: user.role,
newPassword: '',
confirmPassword: ''
});
setShowEditModal(true);
}}
className="text-green-600 hover:text-green-900"
title="Edit User"
>
<PencilIcon className="h-4 w-4" />
</button>
<button <button
onClick={() => { onClick={() => {
setSelectedUser(user); setSelectedUser(user);
@@ -330,6 +401,135 @@ const AdminUsers = () => {
</div> </div>
)} )}
{/* Edit User Modal */}
{showEditModal && selectedUser && (
<div className="fixed inset-0 bg-gray-600 bg-opacity-50 overflow-y-auto h-full w-full z-50">
<div className="relative top-20 mx-auto p-5 border w-96 shadow-lg rounded-md bg-white">
<div className="mt-3">
<h3 className="text-lg font-medium text-gray-900 mb-4">
Edit User: {selectedUser.firstName} {selectedUser.lastName}
</h3>
<form onSubmit={handleEditUser}>
<div className="space-y-4">
<div>
<label className="block text-sm font-medium text-gray-700 mb-1">
First Name
</label>
<input
type="text"
value={editFormData.firstName}
onChange={(e) => setEditFormData({ ...editFormData, firstName: e.target.value })}
className="w-full px-3 py-2 border border-gray-300 rounded-md focus:outline-none focus:ring-2 focus:ring-blue-500"
required
/>
</div>
<div>
<label className="block text-sm font-medium text-gray-700 mb-1">
Last Name
</label>
<input
type="text"
value={editFormData.lastName}
onChange={(e) => setEditFormData({ ...editFormData, lastName: e.target.value })}
className="w-full px-3 py-2 border border-gray-300 rounded-md focus:outline-none focus:ring-2 focus:ring-blue-500"
required
/>
</div>
<div>
<label className="block text-sm font-medium text-gray-700 mb-1">
Email
</label>
<input
type="email"
value={editFormData.email}
onChange={(e) => setEditFormData({ ...editFormData, email: e.target.value })}
className="w-full px-3 py-2 border border-gray-300 rounded-md focus:outline-none focus:ring-2 focus:ring-blue-500"
required
/>
</div>
<div>
<label className="block text-sm font-medium text-gray-700 mb-1">
Role
</label>
<select
value={editFormData.role}
onChange={(e) => setEditFormData({ ...editFormData, role: e.target.value })}
className="w-full px-3 py-2 border border-gray-300 rounded-md focus:outline-none focus:ring-2 focus:ring-blue-500"
required
>
<option value="user">User</option>
<option value="admin">Admin</option>
</select>
</div>
<div className="border-t pt-4">
<h4 className="text-sm font-medium text-gray-900 mb-3">
Password Reset (Optional)
</h4>
<div className="space-y-3">
<div>
<label className="block text-sm font-medium text-gray-700 mb-1">
New Password
</label>
<input
type="password"
value={editFormData.newPassword}
onChange={(e) => setEditFormData({ ...editFormData, newPassword: e.target.value })}
className="w-full px-3 py-2 border border-gray-300 rounded-md focus:outline-none focus:ring-2 focus:ring-blue-500"
placeholder="Leave blank to keep current password"
/>
</div>
<div>
<label className="block text-sm font-medium text-gray-700 mb-1">
Confirm New Password
</label>
<input
type="password"
value={editFormData.confirmPassword}
onChange={(e) => setEditFormData({ ...editFormData, confirmPassword: e.target.value })}
className="w-full px-3 py-2 border border-gray-300 rounded-md focus:outline-none focus:ring-2 focus:ring-blue-500"
placeholder="Confirm new password"
/>
</div>
</div>
</div>
</div>
<div className="flex justify-end space-x-3 mt-6">
<button
type="button"
onClick={() => {
setShowEditModal(false);
setEditFormData({
firstName: '',
lastName: '',
email: '',
role: '',
newPassword: '',
confirmPassword: ''
});
}}
className="px-4 py-2 text-sm text-gray-700 bg-gray-200 rounded hover:bg-gray-300"
>
Cancel
</button>
<button
type="submit"
className="px-4 py-2 text-sm text-white bg-green-600 rounded hover:bg-green-700"
>
Update User
</button>
</div>
</form>
</div>
</div>
</div>
)}
{/* Invite User Modal */} {/* Invite User Modal */}
{showInviteModal && ( {showInviteModal && (
<div className="fixed inset-0 bg-gray-600 bg-opacity-50 overflow-y-auto h-full w-full z-50"> <div className="fixed inset-0 bg-gray-600 bg-opacity-50 overflow-y-auto h-full w-full z-50">

43
frontend/src/pages/Auth/Login.js
View File

@@ -1,12 +1,15 @@
import React, { useState } from 'react'; import React, { useState, useEffect } from 'react';
import { Link, useNavigate, useLocation } from 'react-router-dom'; import { Link, useNavigate, useLocation } from 'react-router-dom';
import { useForm } from 'react-hook-form'; import { useForm } from 'react-hook-form';
import { EyeIcon, EyeSlashIcon } from '@heroicons/react/24/outline'; import { EyeIcon, EyeSlashIcon } from '@heroicons/react/24/outline';
import { useAuth } from '../../hooks/useAuth'; import { useAuth } from '../../hooks/useAuth';
import LoadingSpinner from '../../components/UI/LoadingSpinner'; import LoadingSpinner from '../../components/UI/LoadingSpinner';
import apiClient from '../../services/api';
const Login = () => { const Login = () => {
const [showPassword, setShowPassword] = useState(false); const [showPassword, setShowPassword] = useState(false);
const [registrationEnabled, setRegistrationEnabled] = useState(true);
const [settingsLoading, setSettingsLoading] = useState(true);
const { login, loading } = useAuth(); const { login, loading } = useAuth();
const navigate = useNavigate(); const navigate = useNavigate();
const location = useLocation(); const location = useLocation();
@@ -20,6 +23,24 @@ const Login = () => {
setError, setError,
} = useForm(); } = useForm();
// Fetch registration settings
useEffect(() => {
const fetchRegistrationSetting = async () => {
try {
const response = await apiClient.get('/auth/registration-status');
setRegistrationEnabled(response.data.data.enabled);
} catch (error) {
// If there's an error, default to allowing registration
console.error('Failed to fetch registration setting:', error);
setRegistrationEnabled(true);
} finally {
setSettingsLoading(false);
}
};
fetchRegistrationSetting();
}, []);
const onSubmit = async (data) => { const onSubmit = async (data) => {
console.log('Login form submitted:', data.email); console.log('Login form submitted:', data.email);
const result = await login(data); const result = await login(data);
@@ -46,15 +67,17 @@ const Login = () => {
<div className="space-y-6"> <div className="space-y-6">
<div> <div>
<h2 className="text-2xl font-bold text-gray-900">Sign in to your account</h2> <h2 className="text-2xl font-bold text-gray-900">Sign in to your account</h2>
<p className="mt-2 text-sm text-gray-600"> {!settingsLoading && registrationEnabled && (
Or{' '} <p className="mt-2 text-sm text-gray-600">
<Link Or{' '}
to="/register" <Link
className="font-medium text-primary-600 hover:text-primary-500" to="/register"
> className="font-medium text-primary-600 hover:text-primary-500"
create a new account >
</Link> create a new account
</p> </Link>
</p>
)}
</div> </div>
<form className="space-y-6" onSubmit={handleSubmit(onSubmit)}> <form className="space-y-6" onSubmit={handleSubmit(onSubmit)}>

5
frontend/src/services/api.js
View File

@@ -204,6 +204,7 @@ export const adminAPI = {
// Users management // Users management
getUsers: (params) => apiClient.get('/admin/users', { params }), getUsers: (params) => apiClient.get('/admin/users', { params }),
updateUser: (id, userData) => apiClient.put(`/admin/users/${id}`, userData),
updateUserRole: (id, role) => apiClient.put(`/admin/users/${id}/role`, { role }), updateUserRole: (id, role) => apiClient.put(`/admin/users/${id}/role`, { role }),
deleteUser: (id) => apiClient.delete(`/admin/users/${id}`), deleteUser: (id) => apiClient.delete(`/admin/users/${id}`),
@@ -225,6 +226,10 @@ export const adminAPI = {
// System health // System health
getSystemHealth: () => apiClient.get('/admin/system/health'), getSystemHealth: () => apiClient.get('/admin/system/health'),
// Settings management
getSettings: () => apiClient.get('/admin/settings'),
updateSettings: (settings) => apiClient.put('/admin/settings', settings),
}; };
// Utility functions // Utility functions