feat(webui): add accounts username and isAdmin flag edition for admins

Closes #43
2025-05-03 09:48:53 +02:00 · 2025-05-03 09:48:53 +02:00 · 373f567773
commit 373f567773
parent 4f68621bad
6 changed files with 111 additions and 50 deletions
--- a/pkg/webui/accounts.go
+++ b/pkg/webui/accounts.go
@ -51,7 +51,7 @@ func handleAccountsPOST(db *database.DB) http.Handler {
 			return
 		}
 		accountUsername := r.FormValue("username")
-		isAdmin := r.FormValue("isAdmin")
+		isAdmin := r.FormValue("is-admin")
 		page := AccountsPage{
 			Page:     makePage(r, &Page{Title: "New Account", Section: "accounts"}),
 			Accounts: accounts,
--- a/pkg/webui/accountsId.go
+++ b/pkg/webui/accountsId.go
@ -87,25 +87,54 @@ func handleAccountsIdPOST(db *database.DB) http.Handler {
 		if page == nil {
 			return
 		}
+		session := r.Context().Value(model.SessionContextKey{}).(*model.Session)
 		action := r.FormValue("action")
 		switch action {
 		case "delete":
 			errorResponse(w, r, http.StatusNotImplemented, nil)
 			return
 		case "edit":
-			errorResponse(w, r, http.StatusNotImplemented, nil)
-			return
+			page.Username = r.FormValue("username")
+			isAdmin := r.FormValue("is-admin")
+			if ok := validUsername.MatchString(page.Username); !ok {
+				page.UsernameInvalid = true
+				render(w, accountsIdTemplates, http.StatusBadRequest, page)
+				return
+			}
+			if page.Account.Id != session.Data.Account.Id {
+				page.Account.IsAdmin = isAdmin == "1"
+			}
+			prev := page.Account.Username
+			page.Account.Username = page.Username
+			success, err := db.SaveAccount(page.Account)
+			if err != nil {
+				errorResponse(w, r, http.StatusInternalServerError,
+					fmt.Errorf("failed to save account: %w", err))
+				return
+			}
+			if !success {
+				page.Account.Username = prev
+				page.UsernameDuplicate = true
+				render(w, accountsIdTemplates, http.StatusBadRequest, page)
+				return
+			}
 		case "reset-password":
 			if err := page.Account.ResetPassword(); err != nil {
 				errorResponse(w, r, http.StatusNotImplemented,
 					fmt.Errorf("failed to reset password: %w", err))
 				return
 			}
-			if err := db.SaveAccount(page.Account); err != nil {
+			success, err := db.SaveAccount(page.Account)
+			if err != nil {
 				errorResponse(w, r, http.StatusInternalServerError,
 					fmt.Errorf("failed to save account: %w", err))
 				return
 			}
+			if !success {
+				errorResponse(w, r, http.StatusInternalServerError,
+					fmt.Errorf("failed to save account: table constraint error"))
+				return
+			}
 			if err := db.DeleteSessions(page.Account); err != nil {
 				errorResponse(w, r, http.StatusInternalServerError,
 					fmt.Errorf("failed to save account: %w", err))
--- a/pkg/webui/accountsIdResetPassword.go
+++ b/pkg/webui/accountsIdResetPassword.go
@ -81,11 +81,17 @@ func handleAccountsIdResetPasswordPOST(db *database.DB) http.Handler {
 			return
 		}
 		account.SetPassword(password)
-		if err := db.SaveAccount(account); err != nil {
+		success, err := db.SaveAccount(account)
+		if err != nil {
 			errorResponse(w, r, http.StatusInternalServerError,
 				fmt.Errorf("failed to save account: %w", err))
 			return
 		}
+		if !success {
+			errorResponse(w, r, http.StatusInternalServerError,
+				fmt.Errorf("failed to save account: table constraint error"))
+			return
+		}
 		render(w, accountsIdResetPasswordTemplates, http.StatusOK,
 			AccountsIdResetPasswordPage{
 				Account:         account,
--- a/pkg/webui/html/accounts.html
+++ b/pkg/webui/html/accounts.html
@ -8,7 +8,7 @@
    </p>
  </div>
  {{ if .Page.Session.Data.Account.IsAdmin }}
-  <form action="/accounts" enctype="multipart/form-data" method="post">
+  <form action="/accounts" method="post">
    <input name="csrf_token" type="hidden" value="{{ .Page.Session.Data.CsrfToken }}">
    <fieldset>
      <legend>New User Account</legend>
@ -21,11 +21,11 @@
               type="text"
               value="{{ .Username }}">
        <label for="is-admin">Is Admin</label>
-        <input {{ if .IsAdmin }} checked{{ end }}
+        <input {{ if .IsAdmin }}checked{{ end }}
               id="is-admin"
               name="is-admin"
               type="checkbox"
-               value="{{ .IsAdmin }}" />
+               value="1" />
      </div>
      {{ if .UsernameDuplicate }}
      <span class="error">This username already exist.</span>
--- a/pkg/webui/html/accountsId.html
+++ b/pkg/webui/html/accountsId.html
@ -1,5 +1,5 @@
 {{ define "main" }}
-<h1>User Account</h1>
+<h1>{{ .Account.Username }}</h1>
 {{ if ne .Account.PasswordReset nil }}
 <h2>Password Reset</h2>
 <article>
@ -37,14 +37,14 @@
               id="username"
               name="username"
               type="text"
-               value="{{ .Username }}">
+               value="{{ if eq .Username "" }}{{ .Account.Username }}{{ else }}{{ .Username }}{{ end }}">
        <label for="is-admin">Is Admin</label>
        <input {{ if .Account.IsAdmin }}checked{{ end }}
               {{ if eq .Page.Session.Data.Account.Id.String .Account.Id.String }}disabled{{ end }}
               id="is-admin"
               name="is-admin"
               type="checkbox"
-               value="{{ .IsAdmin }}" />
+               value="1" />
      </div>
      {{ if .UsernameDuplicate }}
      <span class="error">This username already exist.</span>