Add edit user details on admin users page
- Backend: extend PUT /api/users/:id with email and accountStatus; admin-only for role/email/accountStatus; return isClaimed, rucNumber, accountStatus in user responses - Frontend: add Edit button and modal on /admin/users to edit name, email, phone, role, language preference, account status Co-authored-by: Cursor <cursoragent@cursor.com>
This commit is contained in:
Michilis
@@ -17,9 +17,11 @@ const usersRouter = new Hono<{ Variables: { user: UserContext } }>();
|
||||
|
||||
const updateUserSchema = z.object({
|
||||
name: z.string().min(2).optional(),
|
||||
email: z.string().email().optional(),
|
||||
phone: z.string().optional(),
|
||||
role: z.enum(['admin', 'organizer', 'staff', 'marketing', 'user']).optional(),
|
||||
languagePreference: z.enum(['en', 'es']).optional(),
|
||||
accountStatus: z.enum(['active', 'unclaimed', 'suspended']).optional(),
|
||||
});
|
||||
|
||||
// Get all users (admin only)
|
||||
@@ -33,6 +35,9 @@ usersRouter.get('/', requireAuth(['admin']), async (c) => {
|
||||
phone: (users as any).phone,
|
||||
role: (users as any).role,
|
||||
languagePreference: (users as any).languagePreference,
|
||||
isClaimed: (users as any).isClaimed,
|
||||
rucNumber: (users as any).rucNumber,
|
||||
accountStatus: (users as any).accountStatus,
|
||||
createdAt: (users as any).createdAt,
|
||||
}).from(users);
|
||||
|
||||
@@ -64,6 +69,9 @@ usersRouter.get('/:id', requireAuth(['admin', 'organizer', 'staff', 'marketing',
|
||||
phone: (users as any).phone,
|
||||
role: (users as any).role,
|
||||
languagePreference: (users as any).languagePreference,
|
||||
isClaimed: (users as any).isClaimed,
|
||||
rucNumber: (users as any).rucNumber,
|
||||
accountStatus: (users as any).accountStatus,
|
||||
createdAt: (users as any).createdAt,
|
||||
})
|
||||
.from(users)
|
||||
@@ -88,10 +96,16 @@ usersRouter.put('/:id', requireAuth(['admin', 'organizer', 'staff', 'marketing',
|
||||
return c.json({ error: 'Forbidden' }, 403);
|
||||
}
|
||||
|
||||
// Only admin can change roles
|
||||
// Only admin can change roles, email, and account status
|
||||
if (data.role && currentUser.role !== 'admin') {
|
||||
delete data.role;
|
||||
}
|
||||
if (data.email && currentUser.role !== 'admin') {
|
||||
delete data.email;
|
||||
}
|
||||
if (data.accountStatus && currentUser.role !== 'admin') {
|
||||
delete data.accountStatus;
|
||||
}
|
||||
|
||||
const existing = await dbGet(
|
||||
(db as any).select().from(users).where(eq((users as any).id, id))
|
||||
@@ -114,6 +128,10 @@ usersRouter.put('/:id', requireAuth(['admin', 'organizer', 'staff', 'marketing',
|
||||
phone: (users as any).phone,
|
||||
role: (users as any).role,
|
||||
languagePreference: (users as any).languagePreference,
|
||||
isClaimed: (users as any).isClaimed,
|
||||
rucNumber: (users as any).rucNumber,
|
||||
accountStatus: (users as any).accountStatus,
|
||||
createdAt: (users as any).createdAt,
|
||||
})
|
||||
.from(users)
|
||||
.where(eq((users as any).id, id))
|
||||
|
||||
Reference in New Issue
Block a user