Add server ownership, team access, role-based UI, and default admin role
- New migration 002_server_access.sql: created_by column + server_user table - Server model: ownership, permission checks, team management methods - Routes: /team routes, RoleMiddleware on /servers/create and /admin - ServerController: permission checks via server_user, team CRUD methods - TerminalController: server access checks - DashboardController: filter servers by accessible ones - ApiController: server access checks - Views: team.php, team_server.php, sidebar Team link, hide actions by role - Default user role changed from operator to admin on registration - Admin user form defaults to admin role
This commit is contained in:
@@ -9,9 +9,11 @@ $groups = $groups ?? [];
|
||||
<p class="page-subtitle">Manage your Linux servers</p>
|
||||
</div>
|
||||
<div class="page-header-right">
|
||||
<?php if (is_admin()): ?>
|
||||
<a href="/servers/create" class="btn btn-primary">
|
||||
<i class="fas fa-plus"></i> Add Server
|
||||
</a>
|
||||
<?php endif; ?>
|
||||
</div>
|
||||
</div>
|
||||
|
||||
@@ -45,7 +47,9 @@ $groups = $groups ?? [];
|
||||
<div class="empty-state">
|
||||
<i class="fas fa-server"></i>
|
||||
<p>No servers found.</p>
|
||||
<?php if (is_admin()): ?>
|
||||
<a href="/servers/create" class="btn btn-primary">Add Your First Server</a>
|
||||
<?php endif; ?>
|
||||
</div>
|
||||
<?php else: ?>
|
||||
<div class="table-responsive">
|
||||
@@ -106,6 +110,7 @@ $groups = $groups ?? [];
|
||||
<a href="/terminal/<?= $server['id'] ?>" class="btn btn-xs" title="Terminal">
|
||||
<i class="fas fa-terminal"></i>
|
||||
</a>
|
||||
<?php if (is_admin()): ?>
|
||||
<a href="/servers/<?= $server['id'] ?>/edit" class="btn btn-xs" title="Edit">
|
||||
<i class="fas fa-edit"></i>
|
||||
</a>
|
||||
@@ -113,6 +118,7 @@ $groups = $groups ?? [];
|
||||
onclick="deleteServer(<?= $server['id'] ?>, '<?= htmlspecialchars(addslashes($server['name'])) ?>')">
|
||||
<i class="fas fa-trash"></i>
|
||||
</button>
|
||||
<?php endif; ?>
|
||||
</div>
|
||||
</td>
|
||||
</tr>
|
||||
|
||||
@@ -2,6 +2,8 @@
|
||||
$server = $server ?? [];
|
||||
$metrics = $metrics ?? null;
|
||||
$historicalMetrics = $historicalMetrics ?? [];
|
||||
$server_role = $server_role ?? null;
|
||||
$canManage = $server_role === 'owner' || $server_role === 'manager';
|
||||
?>
|
||||
|
||||
<div class="page-header">
|
||||
@@ -20,12 +22,23 @@ $historicalMetrics = $historicalMetrics ?? [];
|
||||
</div>
|
||||
<div class="page-header-right">
|
||||
<div class="btn-group">
|
||||
<?php if ($server_role === 'owner'): ?>
|
||||
<a href="/team/<?= $server['id'] ?>" class="btn btn-secondary" title="Manage Team">
|
||||
<i class="fas fa-users-cog"></i>
|
||||
</a>
|
||||
<?php endif; ?>
|
||||
<span class="badge badge-<?= $server_role === 'owner' || $server_role === 'manager' ? 'warning' : 'info' ?>" style="align-self:center">
|
||||
<?= htmlspecialchars(ucfirst($server_role ?? 'viewer')) ?>
|
||||
</span>
|
||||
<a href="/terminal/<?= $server['id'] ?>" class="btn btn-dark">
|
||||
<i class="fas fa-terminal"></i> Terminal
|
||||
</a>
|
||||
<?php if ($canManage): ?>
|
||||
<a href="/servers/<?= $server['id'] ?>/edit" class="btn btn-secondary">
|
||||
<i class="fas fa-edit"></i> Edit
|
||||
</a>
|
||||
<?php endif; ?>
|
||||
<?php if ($canManage): ?>
|
||||
<div class="dropdown">
|
||||
<button class="btn btn-secondary dropdown-toggle">
|
||||
<i class="fas fa-cog"></i> Actions
|
||||
@@ -43,6 +56,7 @@ $historicalMetrics = $historicalMetrics ?? [];
|
||||
</button>
|
||||
</div>
|
||||
</div>
|
||||
<?php endif; ?>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
@@ -154,6 +168,7 @@ $historicalMetrics = $historicalMetrics ?? [];
|
||||
<i class="fas fa-file-alt"></i>
|
||||
<span>System Logs</span>
|
||||
</a>
|
||||
<?php if ($canManage): ?>
|
||||
<a href="/servers/<?= $server['id'] ?>/nginx" class="action-card">
|
||||
<svg viewBox="0 0 24 24" fill="currentColor" width="24" height="24" style="opacity:0.8">
|
||||
<path d="M12 2L2 7.2v9.6L12 22l10-5.2V7.2L12 2zm0 1.5l8.5 4.4v8.2L12 20.5l-8.5-4.4V7.9L12 3.5zM7.4 8.5v7l1.5.9V11l3.1 4.3 1.5.9V8.5l-1.5.9v4.4L8.9 9.4l-1.5-.9zm9.2 0l-1.5.9-3.1 4.4V17l1.5-.9V11l3.1-4.3z"/>
|
||||
@@ -180,6 +195,7 @@ $historicalMetrics = $historicalMetrics ?? [];
|
||||
<i class="fas fa-sync-alt"></i>
|
||||
<span>Restart Service</span>
|
||||
</button>
|
||||
<?php endif; ?>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
|
||||
60
views/servers/team.php
Normal file
60
views/servers/team.php
Normal file
@@ -0,0 +1,60 @@
|
||||
<?php $servers = $servers ?? []; ?>
|
||||
|
||||
<div class="page-header">
|
||||
<div class="page-header-left">
|
||||
<h1 class="page-title">Team Management</h1>
|
||||
<p class="page-subtitle">Manage who has access to your servers</p>
|
||||
</div>
|
||||
</div>
|
||||
|
||||
<div class="card">
|
||||
<div class="card-body">
|
||||
<?php if (empty($servers)): ?>
|
||||
<div class="empty-state">
|
||||
<i class="fas fa-users-cog"></i>
|
||||
<p>You don't own any servers yet.</p>
|
||||
<p class="text-muted">Servers you create will appear here so you can manage their team access.</p>
|
||||
<a href="/servers/create" class="btn btn-primary">Add Server</a>
|
||||
</div>
|
||||
<?php else: ?>
|
||||
<div class="table-responsive">
|
||||
<table class="table">
|
||||
<thead>
|
||||
<tr>
|
||||
<th>Server</th>
|
||||
<th>IP Address</th>
|
||||
<th>Status</th>
|
||||
<th>Team Members</th>
|
||||
<th>Actions</th>
|
||||
</tr>
|
||||
</thead>
|
||||
<tbody>
|
||||
<?php foreach ($servers as $server): ?>
|
||||
<tr>
|
||||
<td>
|
||||
<a href="/servers/<?= $server['id'] ?>">
|
||||
<?= htmlspecialchars($server['name']) ?>
|
||||
</a>
|
||||
</td>
|
||||
<td><code><?= htmlspecialchars($server['ip_address']) ?></code></td>
|
||||
<td>
|
||||
<span class="status-badge status-<?= $server['status'] ?? 'unknown' ?>">
|
||||
<?= ucfirst($server['status'] ?? 'unknown') ?>
|
||||
</span>
|
||||
</td>
|
||||
<td>
|
||||
<span class="badge badge-info"><?= $server['member_count'] ?> members</span>
|
||||
</td>
|
||||
<td>
|
||||
<a href="/team/<?= $server['id'] ?>" class="btn btn-sm">
|
||||
<i class="fas fa-users"></i> Manage Team
|
||||
</a>
|
||||
</td>
|
||||
</tr>
|
||||
<?php endforeach; ?>
|
||||
</tbody>
|
||||
</table>
|
||||
</div>
|
||||
<?php endif; ?>
|
||||
</div>
|
||||
</div>
|
||||
199
views/servers/team_server.php
Normal file
199
views/servers/team_server.php
Normal file
@@ -0,0 +1,199 @@
|
||||
<?php
|
||||
$server = $server ?? [];
|
||||
$members = $members ?? [];
|
||||
$availableUsers = $availableUsers ?? [];
|
||||
?>
|
||||
|
||||
<div class="page-header">
|
||||
<div class="page-header-left">
|
||||
<div class="back-link">
|
||||
<a href="/team"><i class="fas fa-arrow-left"></i> Back to Team</a>
|
||||
</div>
|
||||
<h1 class="page-title"><?= htmlspecialchars($server['name'] ?? '') ?></h1>
|
||||
<p class="page-subtitle">Manage team access for this server</p>
|
||||
</div>
|
||||
</div>
|
||||
|
||||
<div class="dashboard-grid">
|
||||
<div class="dashboard-card">
|
||||
<div class="card-header">
|
||||
<h2><i class="fas fa-users"></i> Team Members</h2>
|
||||
</div>
|
||||
<div class="card-body">
|
||||
<?php if (empty($members)): ?>
|
||||
<div class="empty-state">
|
||||
<i class="fas fa-users"></i>
|
||||
<p>No team members yet.</p>
|
||||
</div>
|
||||
<?php else: ?>
|
||||
<div class="table-responsive">
|
||||
<table class="table">
|
||||
<thead>
|
||||
<tr>
|
||||
<th>User</th>
|
||||
<th>Role</th>
|
||||
<th>Actions</th>
|
||||
</tr>
|
||||
</thead>
|
||||
<tbody id="teamMembersBody">
|
||||
<?php foreach ($members as $member): ?>
|
||||
<tr data-user-id="<?= $member['user_id'] ?>">
|
||||
<td>
|
||||
<strong><?= htmlspecialchars($member['username']) ?></strong>
|
||||
<br><small class="text-muted"><?= htmlspecialchars($member['email']) ?></small>
|
||||
</td>
|
||||
<td>
|
||||
<?php if ($member['role'] === 'owner'): ?>
|
||||
<span class="badge badge-danger">Owner</span>
|
||||
<?php else: ?>
|
||||
<select class="form-select form-select-sm role-select"
|
||||
onchange="updateRole(<?= $member['user_id'] ?>, this.value)"
|
||||
style="width:auto">
|
||||
<option value="viewer" <?= $member['role'] === 'viewer' ? 'selected' : '' ?>>Viewer</option>
|
||||
<option value="manager" <?= $member['role'] === 'manager' ? 'selected' : '' ?>>Manager</option>
|
||||
</select>
|
||||
<?php endif; ?>
|
||||
</td>
|
||||
<td>
|
||||
<?php if ($member['role'] !== 'owner'): ?>
|
||||
<button class="btn btn-xs btn-danger"
|
||||
onclick="removeUser(<?= $member['user_id'] ?>, '<?= htmlspecialchars(addslashes($member['username'])) ?>')">
|
||||
<i class="fas fa-trash"></i>
|
||||
</button>
|
||||
<?php endif; ?>
|
||||
</td>
|
||||
</tr>
|
||||
<?php endforeach; ?>
|
||||
</tbody>
|
||||
</table>
|
||||
</div>
|
||||
<?php endif; ?>
|
||||
</div>
|
||||
</div>
|
||||
|
||||
<div class="dashboard-card">
|
||||
<div class="card-header">
|
||||
<h2><i class="fas fa-user-plus"></i> Add User</h2>
|
||||
</div>
|
||||
<div class="card-body">
|
||||
<?php if (empty($availableUsers)): ?>
|
||||
<div class="empty-state">
|
||||
<i class="fas fa-user-plus"></i>
|
||||
<p>All users already have access to this server.</p>
|
||||
</div>
|
||||
<?php else: ?>
|
||||
<form id="addUserForm" class="form" onsubmit="addUser(event)">
|
||||
<input type="hidden" name="_csrf_token" value="<?= $this->csrfToken() ?>">
|
||||
|
||||
<div class="form-group">
|
||||
<label for="userId">User</label>
|
||||
<select id="userId" name="user_id" class="form-select" required>
|
||||
<option value="">Select a user...</option>
|
||||
<?php foreach ($availableUsers as $user): ?>
|
||||
<option value="<?= $user['id'] ?>">
|
||||
<?= htmlspecialchars($user['username']) ?> (<?= htmlspecialchars($user['email']) ?>)
|
||||
</option>
|
||||
<?php endforeach; ?>
|
||||
</select>
|
||||
</div>
|
||||
|
||||
<div class="form-group">
|
||||
<label for="role">Role</label>
|
||||
<select id="role" name="role" class="form-select" required>
|
||||
<option value="viewer">Viewer — can view server details and use terminal</option>
|
||||
<option value="manager">Manager — full control except team management</option>
|
||||
</select>
|
||||
</div>
|
||||
|
||||
<button type="submit" class="btn btn-primary">
|
||||
<i class="fas fa-user-plus"></i> Add User
|
||||
</button>
|
||||
</form>
|
||||
<?php endif; ?>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
|
||||
<form id="csrfForm" style="display:none">
|
||||
<input type="hidden" name="_csrf_token" value="<?= $this->csrfToken() ?>">
|
||||
</form>
|
||||
|
||||
<script>
|
||||
function getCsrfToken() {
|
||||
return document.querySelector('meta[name="csrf-token"]')?.content || '';
|
||||
}
|
||||
|
||||
function addUser(e) {
|
||||
e.preventDefault();
|
||||
const form = document.getElementById('addUserForm');
|
||||
const data = new FormData(form);
|
||||
|
||||
fetch('/team/<?= $server['id'] ?>/add-user', {
|
||||
method: 'POST',
|
||||
headers: {
|
||||
'X-CSRF-Token': getCsrfToken(),
|
||||
},
|
||||
body: data,
|
||||
})
|
||||
.then(r => r.json())
|
||||
.then(res => {
|
||||
if (res.success) {
|
||||
showToast('success', res.message);
|
||||
location.reload();
|
||||
} else {
|
||||
showToast('error', res.message);
|
||||
}
|
||||
})
|
||||
.catch(err => showToast('error', 'Request failed'));
|
||||
}
|
||||
|
||||
function removeUser(userId, username) {
|
||||
if (!confirm('Remove "' + username + '" from this server?')) return;
|
||||
|
||||
const form = new FormData();
|
||||
form.append('user_id', userId);
|
||||
form.append('_csrf_token', getCsrfToken());
|
||||
|
||||
fetch('/team/<?= $server['id'] ?>/remove-user', {
|
||||
method: 'POST',
|
||||
headers: {
|
||||
'X-CSRF-Token': getCsrfToken(),
|
||||
},
|
||||
body: form,
|
||||
})
|
||||
.then(r => r.json())
|
||||
.then(res => {
|
||||
if (res.success) {
|
||||
showToast('success', res.message);
|
||||
location.reload();
|
||||
} else {
|
||||
showToast('error', res.message);
|
||||
}
|
||||
})
|
||||
.catch(err => showToast('error', 'Request failed'));
|
||||
}
|
||||
|
||||
function updateRole(userId, role) {
|
||||
const form = new FormData();
|
||||
form.append('user_id', userId);
|
||||
form.append('role', role);
|
||||
form.append('_csrf_token', getCsrfToken());
|
||||
|
||||
fetch('/team/<?= $server['id'] ?>/update-role', {
|
||||
method: 'POST',
|
||||
headers: {
|
||||
'X-CSRF-Token': getCsrfToken(),
|
||||
},
|
||||
body: form,
|
||||
})
|
||||
.then(r => r.json())
|
||||
.then(res => {
|
||||
if (res.success) {
|
||||
showToast('success', 'Role updated to ' + role);
|
||||
} else {
|
||||
showToast('error', res.message);
|
||||
}
|
||||
})
|
||||
.catch(err => showToast('error', 'Request failed'));
|
||||
}
|
||||
</script>
|
||||
Reference in New Issue
Block a user