Rebuild

2026-03-04 01:58:26 +01:00
parent a7844c145a
commit c360663603
23 changed files with 1115 additions and 81 deletions
--- a/public/page/users.php
+++ b/public/page/users.php
@@ -0,0 +1,128 @@
+<?php
+$pdo = app()->basePdo();
+$error = null;
+$notice = null;
+
+require_admin();
+
+if (!$pdo) {
+    echo '<div class="card">Base-DB nicht aktiviert.</div>';
+    return;
+}
+
+if ($_SERVER['REQUEST_METHOD'] === 'POST') {
+    $action = (string)($_POST['action'] ?? '');
+
+    if ($action === 'add_role') {
+        $role = trim((string)($_POST['role'] ?? ''));
+        $desc = trim((string)($_POST['description'] ?? ''));
+        if ($role === '') {
+            $error = 'Rollenname fehlt.';
+        } else {
+            $stmt = $pdo->prepare(
+                "INSERT INTO nexus_roles (name, description)
+                 VALUES (:name, :description)
+                 ON CONFLICT(name) DO UPDATE SET description = excluded.description"
+            );
+            $stmt->execute(['name' => $role, 'description' => $desc]);
+            $notice = 'Rolle gespeichert.';
+        }
+    } elseif ($action === 'add_user') {
+        $email = trim((string)($_POST['email'] ?? ''));
+        $password = (string)($_POST['password'] ?? '');
+        $role = trim((string)($_POST['role'] ?? 'user'));
+
+        if ($email === '' || $password === '') {
+            $error = 'E-Mail und Passwort sind erforderlich.';
+        } else {
+            $hash = password_hash($password, PASSWORD_DEFAULT);
+            $pdo->prepare(
+                "INSERT INTO nexus_users (email, password_hash, role, is_active)
+                 VALUES (:email, :hash, :role, 1)"
+            )->execute([
+                'email' => $email,
+                'hash' => $hash,
+                'role' => $role !== '' ? $role : 'user',
+            ]);
+
+            $pdo->prepare(
+                "INSERT INTO nexus_roles (name) VALUES (:name)
+                 ON CONFLICT(name) DO NOTHING"
+            )->execute(['name' => $role !== '' ? $role : 'user']);
+
+            $notice = 'User angelegt.';
+        }
+    }
+}
+
+$roles = $pdo->query("SELECT name, description FROM nexus_roles ORDER BY name")->fetchAll(PDO::FETCH_ASSOC) ?: [];
+$users = $pdo->query("SELECT id, email, role, is_active, created_at FROM nexus_users ORDER BY id DESC")->fetchAll(PDO::FETCH_ASSOC) ?: [];
+?>
+<div class="card">
+  <div class="pill">Userverwaltung</div>
+  <h1 style="margin-top:.75rem;">User & Rollen</h1>
+  <p class="muted">Admin kann Module aktivieren/deaktivieren, Benutzer können Module nutzen.</p>
+
+  <?php if ($error): ?>
+    <div class="bg-red-900 border-l-4 border-red-500 text-red-100 p-4 mb-6" role="alert">
+      <?= e($error) ?>
+    </div>
+  <?php elseif ($notice): ?>
+    <div class="card" style="margin-top:1rem; border-color:var(--accent-2);">
+      <?= e($notice) ?>
+    </div>
+  <?php endif; ?>
+
+  <div style="margin-top:1.5rem;" class="grid">
+    <div class="card" style="background:var(--panel-2);">
+      <strong>Rollen</strong>
+      <ul style="margin-top:.5rem;">
+        <?php foreach ($roles as $r): ?>
+          <li><?= e($r['name']) ?> <span class="muted"><?= e($r['description'] ?? '') ?></span></li>
+        <?php endforeach; ?>
+      </ul>
+
+      <form method="post" style="margin-top:1rem; display:grid; gap:10px;">
+        <input type="hidden" name="action" value="add_role">
+        <input type="text" name="role" placeholder="Rollenname (z. B. admin)">
+        <input type="text" name="description" placeholder="Beschreibung">
+        <button class="cta-button" type="submit">Rolle hinzufügen</button>
+      </form>
+    </div>
+
+    <div class="card" style="background:var(--panel-2);">
+      <strong>User anlegen</strong>
+      <form method="post" style="margin-top:1rem; display:grid; gap:10px;">
+        <input type="hidden" name="action" value="add_user">
+        <input type="email" name="email" placeholder="E-Mail">
+        <input type="password" name="password" placeholder="Passwort">
+        <input type="text" name="role" placeholder="Rolle (admin|user|...)">
+        <button class="cta-button" type="submit">User anlegen</button>
+      </form>
+    </div>
+  </div>
+
+  <h3 style="margin-top:1.5rem;">Userliste</h3>
+  <div style="margin-top:.5rem; background:var(--panel-2);" class="card">
+    <table class="min-w-full divide-y divide-gray-700">
+      <thead class="bg-gray-900">
+        <tr>
+          <th class="px-6 py-3 text-left text-xs font-medium text-gray-400 uppercase tracking-wider">E-Mail</th>
+          <th class="px-6 py-3 text-left text-xs font-medium text-gray-400 uppercase tracking-wider">Rolle</th>
+          <th class="px-6 py-3 text-left text-xs font-medium text-gray-400 uppercase tracking-wider">Aktiv</th>
+          <th class="px-6 py-3 text-left text-xs font-medium text-gray-400 uppercase tracking-wider">Erstellt</th>
+        </tr>
+      </thead>
+      <tbody class="bg-gray-800 divide-y divide-gray-700">
+        <?php foreach ($users as $u): ?>
+          <tr>
+            <td class="px-6 py-4 text-sm"><?= e($u['email']) ?></td>
+            <td class="px-6 py-4 text-sm"><?= e($u['role']) ?></td>
+            <td class="px-6 py-4 text-sm"><?= !empty($u['is_active']) ? 'Ja' : 'Nein' ?></td>
+            <td class="px-6 py-4 text-sm"><?= e((string)$u['created_at']) ?></td>
+          </tr>
+        <?php endforeach; ?>
+      </tbody>
+    </table>
+  </div>
+</div>