133 lines
5.1 KiB
HTML
133 lines
5.1 KiB
HTML
|
{% extends "layout.html" %}
|
|||
|
|
{% set active = 'admin' %}
|
|||
|
|
{% block page_title %}Benutzer – AzA Intern{% endblock %}
|
|||
|
|
{% block content %}
|
|||
|
|
<div class="page-header">
|
|||
|
|
<h2>Benutzerverwaltung</h2>
|
|||
|
|
</div>
|
|||
|
|
|
|||
|
|
<div class="hint-banner">
|
|||
|
|
Keine Patientendaten, API-Keys oder Passwörter in Notizen, Aufgaben oder Uploads speichern.
|
|||
|
|
</div>
|
|||
|
|
|
|||
|
|
{% if message == 'created' %}
|
|||
|
|
<div class="alert alert-success">Benutzer erstellt.</div>
|
|||
|
|
{% elif message == 'exists' %}
|
|||
|
|
<div class="alert alert-error">Benutzername existiert bereits.</div>
|
|||
|
|
{% elif message == 'invalid' %}
|
|||
|
|
<div class="alert alert-error">Ungültige Eingabe (Benutzername min. 3, Passwort min. 8 Zeichen).</div>
|
|||
|
|
{% elif message == 'self' %}
|
|||
|
|
<div class="alert alert-error">Diese Aktion ist für das eigene Konto nicht erlaubt.</div>
|
|||
|
|
{% elif message == 'self_role' %}
|
|||
|
|
<div class="alert alert-error">Eigene Admin-Rolle kann nicht entfernt werden.</div>
|
|||
|
|
{% elif message == 'toggled' %}
|
|||
|
|
<div class="alert alert-success">Benutzerstatus geändert.</div>
|
|||
|
|
{% elif message == 'deleted' %}
|
|||
|
|
<div class="alert alert-success">Benutzer deaktiviert und als gelöscht markiert (Soft Delete).</div>
|
|||
|
|
{% elif message == 'updated' %}
|
|||
|
|
<div class="alert alert-success">Benutzer aktualisiert.</div>
|
|||
|
|
{% endif %}
|
|||
|
|
|
|||
|
|
<div class="card">
|
|||
|
|
<h3>Neuen Benutzer anlegen</h3>
|
|||
|
|
<form method="post" action="/admin/users/new">
|
|||
|
|
<input type="hidden" name="csrf_token" value="{{ csrf_token }}">
|
|||
|
|
<div class="grid-3">
|
|||
|
|
<div class="form-group">
|
|||
|
|
<label for="username">Benutzername</label>
|
|||
|
|
<input type="text" id="username" name="username" required minlength="3">
|
|||
|
|
</div>
|
|||
|
|
<div class="form-group">
|
|||
|
|
<label for="display_name">Anzeigename</label>
|
|||
|
|
<input type="text" id="display_name" name="display_name">
|
|||
|
|
</div>
|
|||
|
|
<div class="form-group">
|
|||
|
|
<label for="password">Initialpasswort</label>
|
|||
|
|
<input type="password" id="password" name="password" required minlength="8">
|
|||
|
|
</div>
|
|||
|
|
<div class="form-group">
|
|||
|
|
<label for="role">Rolle</label>
|
|||
|
|
<select id="role" name="role">
|
|||
|
|
{% for r in roles %}
|
|||
|
|
<option value="{{ r }}">{{ r }}</option>
|
|||
|
|
{% endfor %}
|
|||
|
|
</select>
|
|||
|
|
</div>
|
|||
|
|
</div>
|
|||
|
|
<button type="submit" class="btn btn-primary">Benutzer erstellen</button>
|
|||
|
|
</form>
|
|||
|
|
</div>
|
|||
|
|
|
|||
|
|
<div class="card">
|
|||
|
|
<h3>Bestehende Benutzer</h3>
|
|||
|
|
<table>
|
|||
|
|
<thead>
|
|||
|
|
<tr>
|
|||
|
|
<th>Benutzername</th>
|
|||
|
|
<th>Anzeigename</th>
|
|||
|
|
<th>Rolle</th>
|
|||
|
|
<th>Status</th>
|
|||
|
|
<th>Erstellt</th>
|
|||
|
|
<th>Aktionen</th>
|
|||
|
|
</tr>
|
|||
|
|
</thead>
|
|||
|
|
<tbody>
|
|||
|
|
{% for u in users %}
|
|||
|
|
<tr>
|
|||
|
|
<td>{{ u.username }}{% if u.id == user.id %} <em>(Sie)</em>{% endif %}</td>
|
|||
|
|
<td>{{ u.display_name or '–' }}</td>
|
|||
|
|
<td>{{ u.role }}</td>
|
|||
|
|
<td>
|
|||
|
|
{% if u.deleted_at %}Gelöscht
|
|||
|
|
{% elif u.is_active %}Aktiv
|
|||
|
|
{% else %}Deaktiviert{% endif %}
|
|||
|
|
</td>
|
|||
|
|
<td>{{ u.created_at }}</td>
|
|||
|
|
<td>
|
|||
|
|
{% if not u.deleted_at %}
|
|||
|
|
<details class="user-edit-details">
|
|||
|
|
<summary class="btn btn-sm btn-secondary">Bearbeiten</summary>
|
|||
|
|
<form method="post" action="/admin/users/{{ u.id }}/edit" class="user-inline-form">
|
|||
|
|
<input type="hidden" name="csrf_token" value="{{ csrf_token }}">
|
|||
|
|
<div class="form-group">
|
|||
|
|
<label>Anzeigename</label>
|
|||
|
|
<input type="text" name="display_name" value="{{ u.display_name or '' }}">
|
|||
|
|
</div>
|
|||
|
|
<div class="form-group">
|
|||
|
|
<label>Rolle</label>
|
|||
|
|
<select name="role" {% if u.id == user.id %}disabled{% endif %}>
|
|||
|
|
{% for r in roles %}
|
|||
|
|
<option value="{{ r }}" {% if u.role == r %}selected{% endif %}>{{ r }}</option>
|
|||
|
|
{% endfor %}
|
|||
|
|
</select>
|
|||
|
|
{% if u.id == user.id %}<input type="hidden" name="role" value="admin">{% endif %}
|
|||
|
|
</div>
|
|||
|
|
<div class="form-group">
|
|||
|
|
<label>Neues Passwort (optional)</label>
|
|||
|
|
<input type="password" name="password" minlength="8" placeholder="Leer lassen = unverändert">
|
|||
|
|
</div>
|
|||
|
|
<button type="submit" class="btn btn-sm btn-primary">Speichern</button>
|
|||
|
|
</form>
|
|||
|
|
</details>
|
|||
|
|
{% if u.id != user.id %}
|
|||
|
|
<form method="post" action="/admin/users/{{ u.id }}/toggle" style="display:inline">
|
|||
|
|
<input type="hidden" name="csrf_token" value="{{ csrf_token }}">
|
|||
|
|
<button type="submit" class="btn btn-sm btn-secondary">
|
|||
|
|
{% if u.is_active %}Deaktivieren{% else %}Aktivieren{% endif %}
|
|||
|
|
</button>
|
|||
|
|
</form>
|
|||
|
|
<form method="post" action="/admin/users/{{ u.id }}/delete" style="display:inline"
|
|||
|
|
onsubmit="return confirm('Benutzer wirklich löschen (Soft Delete)?');">
|
|||
|
|
<input type="hidden" name="csrf_token" value="{{ csrf_token }}">
|
|||
|
|
<button type="submit" class="btn btn-sm btn-danger">Löschen</button>
|
|||
|
|
</form>
|
|||
|
|
{% endif %}
|
|||
|
|
{% endif %}
|
|||
|
|
</td>
|
|||
|
|
</tr>
|
|||
|
|
{% endfor %}
|
|||
|
|
</tbody>
|
|||
|
|
</table>
|
|||
|
|
</div>
|
|||
|
|
{% endblock %}
|