niklas.m/allmende-payment-system
1
0
Fork 0
Code Issues 4 Pull Requests Packages Projects 1 Releases Wiki Activity

feat(admin): Add group admin and test for admin views

Browse Source
This commit is contained in:
Niklas Meinzer
2026-01-03 10:39:52 +01:00
parent 927b4b0b4e
commit a6e97c6170
6 changed files with 352 additions and 14 deletions
Download Patch File Download Diff File Expand all files Collapse all files

96
src/allmende_payment_system/api/admin.py
View File

@@ -6,11 +6,13 @@ from starlette import status
from starlette.responses import RedirectResponse
from allmende_payment_system.api.dependencies import SessionDep, UserDep
from allmende_payment_system.models import User, UserGroup
from allmende_payment_system.models import Permission, User, UserGroup
from allmende_payment_system.tools import get_jinja_renderer
admin_router = APIRouter(prefix="/admin")
# USERS
@admin_router.get("/users")
async def user_list(request: Request, session: SessionDep, user: UserDep):
@@ -62,3 +64,95 @@ async def user_remove_group(
print(user)
user.user_groups.remove(group)
return RedirectResponse(url="/admin/users", status_code=status.HTTP_303_SEE_OTHER)
# GROUPS
@admin_router.get("/groups")
async def group_list(request: Request, session: SessionDep, user: UserDep):
if not user.has_permission("user", "edit"):
raise HTTPException(status_code=403, detail="Insufficient permissions")
groups = session.scalars(select(UserGroup)).all()
templates = get_jinja_renderer()
return templates.TemplateResponse(
"groups.html.jinja",
context={"request": request, "groups": groups},
)
@admin_router.post("/groups/{group_id}/add_permission")
async def group_add_permission(
request: Request, session: SessionDep, user: UserDep, group_id: int
):
if not user.has_permission("user", "edit"):
raise HTTPException(status_code=403, detail="Insufficient permissions")
data = await request.form()
scope_action = data["permission"].split(":")
if len(scope_action) != 2:
raise HTTPException(
status_code=400, detail="Permission must be in the format 'scope:action'"
)
permission = Permission(scope=scope_action[0], action=scope_action[1])
group = session.execute(
select(UserGroup).where(UserGroup.id == group_id)
).scalar_one()
session.add(permission)
group.permissions.append(permission)
return RedirectResponse(url="/admin/groups", status_code=status.HTTP_303_SEE_OTHER)
@admin_router.get("/groups/{group_id}/remove_permission/{permission_id}")
async def group_remove_permission(
request: Request,
session: SessionDep,
user: UserDep,
group_id: int,
permission_id: int,
):
if not user.has_permission("user", "edit"):
raise HTTPException(status_code=403, detail="Insufficient permissions")
permission = session.execute(
select(Permission).where(Permission.id == permission_id)
).scalar_one()
group = session.execute(
select(UserGroup).where(UserGroup.id == group_id)
).scalar_one()
group.permissions.remove(permission)
session.delete(permission)
return RedirectResponse(url="/admin/groups", status_code=status.HTTP_303_SEE_OTHER)
@admin_router.post("/groups/create")
async def create_group(request: Request, session: SessionDep, user: UserDep):
if not user.has_permission("user", "edit"):
raise HTTPException(status_code=403, detail="Insufficient permissions")
data = await request.form()
group = UserGroup(name=data["name"], description=data["description"])
session.add(group)
return RedirectResponse(url="/admin/groups", status_code=status.HTTP_303_SEE_OTHER)
@admin_router.get("/groups/{group_id}/delete")
async def delete_group(
request: Request,
session: SessionDep,
user: UserDep,
group_id: int,
):
if not user.has_permission("user", "edit"):
raise HTTPException(status_code=403, detail="Insufficient permissions")
group = session.execute(
select(UserGroup).where(UserGroup.id == group_id)
).scalar_one()
session.delete(group)
return RedirectResponse(url="/admin/groups", status_code=status.HTTP_303_SEE_OTHER)

5
src/allmende_payment_system/templates/base.html.jinja
View File

@@ -35,6 +35,11 @@
Nutzerverwaltung
</a>
</li>
<li class="nav-item">
<a href="/admin/groups" class="nav-link{% if request.url.path.startswith("/admin/groups")%} active{% endif %}">
Gruppenverwaltung
</a>
</li>
{% endif %}
</ul>

94
src/allmende_payment_system/templates/groups.html.jinja Normal file
View File

@@ -0,0 +1,94 @@
{% extends "base.html.jinja" %}
{% block content %}
<div class="mb-4">
<h2 class="h4 mb-3">Gruppen verwalten</h2>
<button type="button" class="btn btn-primary" data-bs-toggle="modal" data-bs-target="#createGroupModal">Neue Gruppe erstellen</button>
</div>
<!-- Modal for creating new group -->
<div class="modal fade" id="createGroupModal" tabindex="-1" aria-labelledby="createGroupModalLabel" aria-hidden="true">
<div class="modal-dialog">
<div class="modal-content">
<div class="modal-header">
<h5 class="modal-title" id="createGroupModalLabel">Neue Gruppe erstellen</h5>
<button type="button" class="btn-close" data-bs-dismiss="modal" aria-label="Close"></button>
</div>
<form method="post" action="/admin/groups/create">
<div class="modal-body">
<div class="mb-3">
<label for="groupName" class="form-label">Gruppenname</label>
<input type="text" class="form-control" id="groupName" name="name" required>
</div>
<div class="mb-3">
<label for="groupDescription" class="form-label">Beschreibung</label>
<input type="text" class="form-control" id="groupDescription" name="description">
</div>
</div>
<div class="modal-footer">
<button type="button" class="btn btn-secondary" data-bs-dismiss="modal">Abbrechen</button>
<button type="submit" class="btn btn-primary">Erstellen</button>
</div>
</form>
</div>
</div>
</div>
{% if groups|length == 0 %}
<div class="alert alert-info">Keine Gruppen vorhanden.</div>
{% else %}
<div class="table-responsive">
<table class="table align-middle">
<thead>
<tr>
<th>ID</th>
<th>Name</th>
<th>Beschreibung</th>
<th></th>
</tr>
</thead>
<tbody>
{% for group in groups %}
<tr>
<td>{{ group.id }}</td>
<td>{{ group.name }}</td>
<td>{{ group.description }}</td>
<td>
{% for permission in group.permissions %}
<span class="badge bg-secondary me-1">{{ permission.scope }}:{{ permission.action }} <a class="btn btn-close btn-close-white ms-1" aria-label="Remove" href="/admin/groups/{{ group.id }}/remove_permission/{{ permission.id }}"></a></span>
{% endfor %}
</td>
<td class="text-end">
<button type="button" class="btn btn-sm btn-outline-primary me-1" data-bs-toggle="modal" data-bs-target="#addPermissionModal{{ group.id }}">Berechtigung hinzufügen</button>
<a class="btn btn-danger tn-sm me-1" href="/admin/groups/{{ group.id }}/delete">Gruppe löschen</a>
</td>
</tr>
<!-- Modal for adding permission -->
<div class="modal fade" id="addPermissionModal{{ group.id }}" tabindex="-1" aria-labelledby="addPermissionModalLabel{{ group.id }}" aria-hidden="true">
<div class="modal-dialog">
<div class="modal-content">
<div class="modal-header">
<h5 class="modal-title" id="addPermissionModalLabel{{ group.id }}">Berechtigung zu Gruppe hinzufügen</h5>
<button type="button" class="btn-close" data-bs-dismiss="modal" aria-label="Close"></button>
</div>
<form method="post" action="/admin/groups/{{ group.id }}/add_permission">
<div class="modal-body">
<div class="mb-3">
<label for="permissionInput{{ group.id }}" class="form-label">Berechtigung eingeben</label>
<input type="text" class="form-control" id="permissionInput{{ group.id }}" name="permission" placeholder="scope:action" required>
</div>
</div>
<div class="modal-footer">
<button type="button" class="btn btn-secondary" data-bs-dismiss="modal">Abbrechen</button>
<button type="submit" class="btn btn-primary">Hinzufügen</button>
</div>
</form>
</div>
</div>
</div>
{% endfor %}
</tbody>
</table>
</div>
{% endif %}
{% endblock %}