akanealw/caddy-proxy-manager
1
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity
Files
4e3f7e8ab75bf4653f7f6411e36e0ac2b64bff49
caddy-proxy-manager/app/(dashboard)/users/actions.ts
fuomag9 94efaad5dd Add user management admin page with role, status, and profile editing 
- New /users page with search, inline editing, role/status changes, and deletion
- Model: added updateUserRole, updateUserStatus, deleteUser functions
- API: PUT /api/v1/users/[id] now supports role and status fields, added DELETE
- Safety: cannot change own role/status or delete own account

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-04-05 22:40:10 +02:00

96 lines
2.2 KiB
TypeScript
Raw Blame History

"use server";
import { revalidatePath } from "next/cache";
import { requireAdmin } from "@/src/lib/auth";
import {
updateUserProfile,
updateUserRole,
updateUserStatus,
deleteUser,
type User,
} from "@/src/lib/models/user";
import { logAuditEvent } from "@/src/lib/audit";
export async function updateUserRoleAction(userId: number, role: User["role"]) {
const session = await requireAdmin();
const actorId = Number(session.user.id);
if (actorId === userId) {
throw new Error("Cannot change your own role");
}
await updateUserRole(userId, role);
logAuditEvent({
userId: actorId,
action: "update",
entityType: "user",
entityId: userId,
summary: `Changed user ${userId} role to ${role}`,
});
revalidatePath("/users");
}
export async function updateUserStatusAction(userId: number, status: string) {
const session = await requireAdmin();
const actorId = Number(session.user.id);
if (actorId === userId) {
throw new Error("Cannot change your own status");
}
await updateUserStatus(userId, status);
logAuditEvent({
userId: actorId,
action: "update",
entityType: "user",
entityId: userId,
summary: `Changed user ${userId} status to ${status}`,
});
revalidatePath("/users");
}
export async function updateUserInfoAction(userId: number, formData: FormData) {
const session = await requireAdmin();
const actorId = Number(session.user.id);
const name = formData.get("name") ? String(formData.get("name")).trim() : undefined;
const email = formData.get("email") ? String(formData.get("email")).trim() : undefined;
await updateUserProfile(userId, { name, email });
logAuditEvent({
userId: actorId,
action: "update",
entityType: "user",
entityId: userId,
summary: `Updated user ${userId} profile`,
});
revalidatePath("/users");
}
export async function deleteUserAction(userId: number) {
const session = await requireAdmin();
const actorId = Number(session.user.id);
if (actorId === userId) {
throw new Error("Cannot delete your own account");
}
await deleteUser(userId);
logAuditEvent({
userId: actorId,
action: "delete",
entityType: "user",
entityId: userId,
summary: `Deleted user ${userId}`,
});
revalidatePath("/users");
}
Reference in New Issue View Git Blame Copy Permalink