Ilia Denisov
87a272166b
Tests · Go / test (push) Successful in 1m59s
Add the operator-management page over *admin.Service (no new business logic).
- GET/POST /_gm/operators list + create operator
- POST /_gm/operators/{user}/disable|enable toggle access
- POST /_gm/operators/{user}/reset-password set a new password
Console depends on an OperatorAdmin interface (satisfied by *admin.Service) so
the page renders in tests without a database. Create POST is mounted on the
collection path; per-row disable/enable/reset are guarded by the CSRF middleware
and redirect back. Passwords are never logged.
Tests: list render, create (+ username/password assertions), username-taken
conflict, disable/enable, reset (+ password assertion), missing-password 400,
bad-CSRF 403, and unavailable 503.
Docs: backend/docs/admin-console.md page inventory extended.
39 lines
1.6 KiB
Go Template
39 lines
1.6 KiB
Go Template
{{define "content" -}}
|
|
{{$csrf := .CSRFToken}}
|
|
<h1>Operators</h1>
|
|
{{with .Data}}
|
|
<table class="list">
|
|
<thead><tr><th>Username</th><th>Status</th><th>Created</th><th>Last used</th><th>Actions</th></tr></thead>
|
|
<tbody>
|
|
{{range .Items}}
|
|
<tr>
|
|
<td>{{.Username}}</td>
|
|
<td>{{if .Disabled}}<span class="bad">disabled</span>{{else}}<span class="ok">active</span>{{end}}</td>
|
|
<td>{{.CreatedAt}}</td>
|
|
<td>{{if .LastUsedAt}}{{.LastUsedAt}}{{else}}—{{end}}</td>
|
|
<td>
|
|
<div class="actions">
|
|
{{if .Disabled}}
|
|
<form method="post" action="/_gm/operators/{{.Username}}/enable"><input type="hidden" name="_csrf" value="{{$csrf}}"><button type="submit">Enable</button></form>
|
|
{{else}}
|
|
<form method="post" action="/_gm/operators/{{.Username}}/disable" onsubmit="return confirm('Disable {{.Username}}?');"><input type="hidden" name="_csrf" value="{{$csrf}}"><button type="submit" class="danger">Disable</button></form>
|
|
{{end}}
|
|
<form method="post" action="/_gm/operators/{{.Username}}/reset-password" class="form"><input type="hidden" name="_csrf" value="{{$csrf}}"><input type="password" name="password" placeholder="new password" required><button type="submit">Reset</button></form>
|
|
</div>
|
|
</td>
|
|
</tr>
|
|
{{else}}<tr><td colspan="5"><span class="note">no operators</span></td></tr>{{end}}
|
|
</tbody>
|
|
</table>
|
|
{{end}}
|
|
<section class="panel">
|
|
<h2>Create operator</h2>
|
|
<form method="post" action="/_gm/operators" class="form">
|
|
<input type="hidden" name="_csrf" value="{{$csrf}}">
|
|
<label>Username <input type="text" name="username" required></label>
|
|
<label>Password <input type="password" name="password" required></label>
|
|
<button type="submit">Create</button>
|
|
</form>
|
|
</section>
|
|
{{- end}}
|