mirror of
https://github.com/dani-garcia/vaultwarden
synced 2024-12-13 17:22:58 +01:00
Add disabled user badge (no password) and deauthorize button to admin page.
This commit is contained in:
parent
700e084101
commit
69036cc6a4
3 changed files with 32 additions and 4 deletions
|
@ -17,7 +17,14 @@ pub fn routes() -> Vec<Route> {
|
|||
return Vec::new();
|
||||
}
|
||||
|
||||
routes![admin_login, post_admin_login, admin_page, invite_user, delete_user]
|
||||
routes![
|
||||
admin_login,
|
||||
post_admin_login,
|
||||
admin_page,
|
||||
invite_user,
|
||||
delete_user,
|
||||
deauth_user,
|
||||
]
|
||||
}
|
||||
|
||||
const COOKIE_NAME: &'static str = "BWRS_ADMIN";
|
||||
|
@ -150,6 +157,18 @@ fn delete_user(uuid: String, _token: AdminToken, conn: DbConn) -> EmptyResult {
|
|||
user.delete(&conn)
|
||||
}
|
||||
|
||||
#[post("/users/<uuid>/deauth")]
|
||||
fn deauth_user(uuid: String, _token: AdminToken, conn: DbConn) -> EmptyResult {
|
||||
let mut user = match User::find_by_uuid(&uuid, &conn) {
|
||||
Some(user) => user,
|
||||
None => err!("User doesn't exist"),
|
||||
};
|
||||
|
||||
user.reset_security_stamp();
|
||||
|
||||
user.save(&conn)
|
||||
}
|
||||
|
||||
pub struct AdminToken {}
|
||||
|
||||
impl<'a, 'r> FromRequest<'a, 'r> for AdminToken {
|
||||
|
|
|
@ -120,6 +120,7 @@ impl User {
|
|||
let twofactor_enabled = !TwoFactor::find_by_user(&self.uuid, conn).is_empty();
|
||||
|
||||
json!({
|
||||
"_Enabled": !self.password_hash.is_empty(),
|
||||
"Id": self.uuid,
|
||||
"Name": self.name,
|
||||
"Email": self.email,
|
||||
|
|
|
@ -13,6 +13,9 @@
|
|||
{{#if TwoFactorEnabled}}
|
||||
<span class="badge badge-success ml-2">2FA</span>
|
||||
{{/if}}
|
||||
{{#unless _Enabled}}
|
||||
<span class="badge badge-warning ml-2">Disabled</span>
|
||||
{{/unless}}
|
||||
<span class="d-block">{{Email}}</span>
|
||||
</div>
|
||||
<div class="col">
|
||||
|
@ -23,7 +26,8 @@
|
|||
{{/each}}
|
||||
</span>
|
||||
</div>
|
||||
<div style="flex: 0 0 100px;">
|
||||
<div style="flex: 0 0 240px;">
|
||||
<a class="mr-3" href="#" onclick='deauthUser("{{Id}}")'>Deauthorize sessions</a>
|
||||
<a class="mr-3" href="#" onclick='deleteUser("{{Id}}", "{{Email}}")'>Delete User</a>
|
||||
</div>
|
||||
</div>
|
||||
|
@ -79,6 +83,12 @@
|
|||
}
|
||||
return false;
|
||||
}
|
||||
function deauthUser(id) {
|
||||
_post("/admin/users/" + id + "/deauth",
|
||||
"Sessions deauthorized correctly",
|
||||
"Error deauthorizing sessions");
|
||||
return false;
|
||||
}
|
||||
function inviteUser() {
|
||||
inv = $("#email-invite");
|
||||
data = JSON.stringify({ "Email": inv.val() });
|
||||
|
@ -87,14 +97,12 @@
|
|||
"Error inviting user", data);
|
||||
return false;
|
||||
}
|
||||
|
||||
let OrgTypes = {
|
||||
"0": { "name": "Owner", "color": "orange" },
|
||||
"1": { "name": "Admin", "color": "blueviolet" },
|
||||
"2": { "name": "User", "color": "blue" },
|
||||
"3": { "name": "Manager", "color": "green" },
|
||||
};
|
||||
|
||||
$(window).on('load', function () {
|
||||
$("#invite-form").submit(inviteUser);
|
||||
$("img.identicon").each(function (i, e) {
|
||||
|
|
Loading…
Reference in a new issue