Enhance user management: prevent deletion of the last admin user and restrict admin type changes for the last admin account
All checks were successful
Build And Push Dev Docker Image / docker (push) Successful in 1m47s
All checks were successful
Build And Push Dev Docker Image / docker (push) Successful in 1m47s
Co-authored-by: Copilot <copilot@github.com>
This commit is contained in:
a.beging@eas-solutions.de
@@ -55,13 +55,13 @@
|
||||
</div>
|
||||
</CardBody>
|
||||
<CardFooter Class="d-flex justify-content-between">
|
||||
<div>
|
||||
|
||||
</div>
|
||||
<Button Color="Color.Primary" Size="Size.Small" Clicked="() => EditUser(user)"><Icon Name="IconName.Edit" /></Button>
|
||||
<Button Color="Color.Info" Size="Size.Small" Clicked="() => SetPassword(user)"><i class="fa-solid fa-key"></i></Button>
|
||||
<Button Color="Color.Secondary" Size="Size.Small" Clicked="() => SendPasswordSetupMail(user)"><Icon Name="IconName.Mail" /></Button>
|
||||
<Button Color="Color.Danger" Size="Size.Small" Clicked="() => RemoveUserAsync(user)"><Icon Name="IconName.Delete" /></Button>
|
||||
@if (!(user.Type == UserType.Admin && SortedUsers.Count(x => x.Type == UserType.Admin) <= 1))
|
||||
{
|
||||
<Button Color="Color.Danger" Size="Size.Small" Clicked="() => RemoveUserAsync(user)"><Icon Name="IconName.Delete" /></Button>
|
||||
}
|
||||
</CardFooter>
|
||||
</Card>
|
||||
}
|
||||
@@ -105,12 +105,16 @@
|
||||
</Field>
|
||||
<Field>
|
||||
<FieldLabel>Typ</FieldLabel>
|
||||
<Select TValue="UserType" SelectedValue="EditModel.Type" SelectedValueChanged="@(v => EditModel.Type = v)">
|
||||
<Select TValue="UserType" SelectedValue="EditModel.Type" SelectedValueChanged="@(v => EditModel.Type = v)" Disabled="@IsLastAdmin">
|
||||
@foreach (var enumValue in Enum.GetValues<UserType>())
|
||||
{
|
||||
<SelectItem TValue="UserType" Value="enumValue">@enumValue</SelectItem>
|
||||
}
|
||||
</Select>
|
||||
@if (IsLastAdmin)
|
||||
{
|
||||
<small class="text-danger mt-1 d-block">Das ist der letzte Administrator-Account. Der Typ kann nicht geändert werden.</small>
|
||||
}
|
||||
</Field>
|
||||
<Field>
|
||||
<FieldLabel>Gruppen</FieldLabel>
|
||||
|
||||
@@ -57,6 +57,11 @@ namespace FoodsharingSiegen.Server.Pages
|
||||
/// </summary>
|
||||
private bool IsEditing { get; set; }
|
||||
|
||||
/// <summary>
|
||||
/// Gets a value indicating whether the current editing user is the last admin
|
||||
/// </summary>
|
||||
private bool IsLastAdmin => IsEditing && EditModel?.Type == UserType.Admin && UserList?.Count(x => x.Type == UserType.Admin) <= 1;
|
||||
|
||||
/// <summary>
|
||||
/// Gets the value of the user groups (ab)
|
||||
/// </summary>
|
||||
@@ -184,12 +189,6 @@ namespace FoodsharingSiegen.Server.Pages
|
||||
/// <returns>A task that represents the asynchronous remove operation.</returns>
|
||||
private async Task RemoveUserAsync(User user)
|
||||
{
|
||||
if (user.IsAdmin())
|
||||
{
|
||||
await Notification.Error("Admins können nicht gelöscht werden!");
|
||||
return;
|
||||
}
|
||||
|
||||
await ConfirmDialog.ShowAsync(ModalService, "Bestätigen", $"User {user.Mail} löschen?", async () =>
|
||||
{
|
||||
var removeR = await UserService.RemoveAsync(user.Id);
|
||||
|
||||
Reference in New Issue
Block a user