dgsoft/QueryBuilder
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
QueryBuilder/app/templates/admin/edit_user.html
DGSoft f176560c02 Add comprehensive admin panel with user management 
Features added:
- Admin authentication system with is_admin field
- Complete admin dashboard with user statistics
- User management (create, edit, delete, toggle admin)
- Protected admin routes with @admin_required decorator
- Security features (prevent self-deletion, last admin protection)
- Responsive admin UI with Bootstrap integration
- Database migration script for admin field
- Admin navigation link for authorized users

Technical improvements:
- Enhanced 3-column dashboard layout (tables | editor | saved queries)
- Removed plus button and made right sidebar more compact
- Admin user (admin/admin123) automatically created with admin privileges
- Full CRUD operations for user management
- Flash messages for user feedback
- Form validation and error handling
2025-10-14 21:33:11 +02:00

145 lines
7.3 KiB
HTML
Raw Blame History

{% extends "base.html" %}
{% block title %}Benutzer bearbeiten{% endblock %}
{% block content %}
<div class="container">
<div class="row justify-content-center">
<div class="col-md-6">
<div class="d-flex justify-content-between align-items-center mb-4">
<h2><i class="fas fa-user-edit"></i> Benutzer bearbeiten</h2>
<a href="{{ url_for('admin.users') }}" class="btn btn-outline-secondary">
<i class="fas fa-arrow-left"></i> Zurück
</a>
</div>
<div class="card">
<div class="card-header">
<h5>
{{ user.username }}
{% if user.id == current_user.id %}
<span class="badge bg-primary">Sie</span>
{% endif %}
{% if user.is_admin %}
<span class="badge bg-danger">Administrator</span>
{% endif %}
</h5>
</div>
<div class="card-body">
<form method="POST">
<div class="mb-3">
<label for="username" class="form-label">
<i class="fas fa-user"></i> Benutzername *
</label>
<input type="text" class="form-control" id="username" name="username"
value="{{ user.username }}" required maxlength="80"
placeholder="z.B. john.doe">
<div class="form-text">Der Benutzername muss eindeutig sein</div>
</div>
<div class="mb-3">
<label for="email" class="form-label">
<i class="fas fa-envelope"></i> E-Mail-Adresse *
</label>
<input type="email" class="form-control" id="email" name="email"
value="{{ user.email }}" required maxlength="120"
placeholder="john.doe@example.com">
<div class="form-text">Die E-Mail-Adresse muss eindeutig sein</div>
</div>
<div class="mb-3">
<label for="password" class="form-label">
<i class="fas fa-lock"></i> Neues Passwort
</label>
<input type="password" class="form-control" id="password" name="password"
minlength="6" placeholder="Leer lassen um Passwort beizubehalten">
<div class="form-text">Nur ausfüllen wenn Sie das Passwort ändern möchten (mindestens 6 Zeichen)</div>
</div>
<div class="mb-4">
<div class="form-check">
<input class="form-check-input" type="checkbox" id="is_admin" name="is_admin"
{% if user.is_admin %}checked{% endif %}
{% if user.id == current_user.id %}disabled{% endif %}>
<label class="form-check-label" for="is_admin">
<i class="fas fa-user-shield text-danger"></i> Administrator-Rechte
</label>
{% if user.id == current_user.id %}
<div class="form-text text-warning">
<i class="fas fa-exclamation-triangle"></i> Sie können Ihre eigenen Admin-Rechte nicht ändern
</div>
{% else %}
<div class="form-text">
Administratoren können andere Benutzer verwalten und haben Vollzugriff
</div>
{% endif %}
</div>
</div>
<div class="d-grid gap-2">
<button type="submit" class="btn btn-primary">
<i class="fas fa-save"></i> Änderungen speichern
</button>
<a href="{{ url_for('admin.users') }}" class="btn btn-outline-secondary">
<i class="fas fa-times"></i> Abbrechen
</a>
</div>
</form>
</div>
</div>
<!-- Benutzer-Informationen -->
<div class="card mt-4">
<div class="card-header">
<h6><i class="fas fa-info-circle"></i> Benutzer-Informationen</h6>
</div>
<div class="card-body">
<div class="row">
<div class="col-sm-4"><strong>Benutzer-ID:</strong></div>
<div class="col-sm-8">{{ user.id }}</div>
</div>
<div class="row">
<div class="col-sm-4"><strong>Erstellt am:</strong></div>
<div class="col-sm-8">{{ user.created_at.strftime('%d.%m.%Y %H:%M:%S') }}</div>
</div>
<div class="row">
<div class="col-sm-4"><strong>Rolle:</strong></div>
<div class="col-sm-8">
{% if user.is_admin %}
<span class="badge bg-danger">Administrator</span>
{% else %}
<span class="badge bg-secondary">Standard-Benutzer</span>
{% endif %}
</div>
</div>
<div class="row">
<div class="col-sm-4"><strong>Anzahl Queries:</strong></div>
<div class="col-sm-8">{{ user.saved_queries|length }}</div>
</div>
</div>
</div>
<!-- Lösch-Option -->
{% if user.id != current_user.id %}
<div class="card mt-4 border-danger">
<div class="card-header bg-danger text-white">
<h6><i class="fas fa-exclamation-triangle"></i> Gefahrenbereich</h6>
</div>
<div class="card-body">
<p class="text-danger">
<strong>Achtung:</strong> Das Löschen eines Benutzers kann nicht rückgängig gemacht werden.
Alle gespeicherten Queries dieses Benutzers gehen verloren.
</p>
<form method="POST" action="{{ url_for('admin.delete_user', user_id=user.id) }}"
onsubmit="return confirm('Benutzer {{ user.username }} wirklich unwiderruflich löschen?\\n\\nAlle gespeicherten Queries gehen verloren!')">
<button type="submit" class="btn btn-danger">
<i class="fas fa-trash"></i> Benutzer löschen
</button>
</form>
</div>
</div>
{% endif %}
</div>
</div>
</div>
{% endblock %}
Reference in New Issue View Git Blame Copy Permalink