From 6ebefb11200056b7dbc28566c3b9c516c8d74d56 Mon Sep 17 00:00:00 2001
From: Javier Feliz <javier0eduardo@hotmail.com>
Date: Fri, 1 Aug 2025 22:34:22 -0400
Subject: [PATCH] ability to change user roles

---
 CLAUDE.md                                     |  5 ++-
 app/Livewire/ManageUsers.php                  | 19 ++++++++++
 .../views/livewire/manage-users.blade.php     | 38 ++++++++++++++++---
 3 files changed, 55 insertions(+), 7 deletions(-)

diff --git a/CLAUDE.md b/CLAUDE.md
index 0b4a078..7af6d30 100644
--- a/CLAUDE.md
+++ b/CLAUDE.md
@@ -78,4 +78,7 @@ AuthentiKate is a lightweight SSO/OIDC solution built with Laravel and Livewire,
 - OAuth keys stored in `storage/oauth/`
 - Uses Laravel's built-in authentication system
 - Email verification and password reset supported
-- Uses the free version of FluxUI. A livewire component library.
\ No newline at end of file
+- Uses the free version of FluxUI. A livewire component library.
+
+## Code Guidance
+- Stop initializing collections using collect(). This is not compatible with Database\Eloquent\Collection. It is also not necessary to do this since the components are only visible to the admin
\ No newline at end of file
diff --git a/app/Livewire/ManageUsers.php b/app/Livewire/ManageUsers.php
index d4b1746..26a529b 100644
--- a/app/Livewire/ManageUsers.php
+++ b/app/Livewire/ManageUsers.php
@@ -50,6 +50,25 @@ class ManageUsers extends Component
         $this->users = User::all();
     }
 
+    public function changeUserRole(User $user, string $role)
+    {
+        $this->authorize('update', $user);
+
+        // Prevent admins from demoting themselves
+        if ($user->id === auth()->id() && $role === 'user') {
+            session()->flash('error', 'You cannot demote yourself from admin.');
+            return;
+        }
+
+        $isAdmin = $role === 'admin';
+        $user->update(['is_admin' => $isAdmin]);
+
+        // Refresh the data
+        $this->users = User::all();
+
+        session()->flash('success', "User role updated to {$role}.");
+    }
+
     public function render()
     {
         return view('livewire.manage-users');
diff --git a/resources/views/livewire/manage-users.blade.php b/resources/views/livewire/manage-users.blade.php
index b579c76..e30e6b5 100644
--- a/resources/views/livewire/manage-users.blade.php
+++ b/resources/views/livewire/manage-users.blade.php
@@ -3,16 +3,42 @@
     <div class="flex justify-between items-center">
         <flux:heading size="xl">Users</flux:heading>
     </div>
+    
+    @if (session()->has('success'))
+        <div class="bg-green-100 border border-green-400 text-green-700 px-4 py-3 rounded my-4">
+            {{ session('success') }}
+        </div>
+    @endif
+    
+    @if (session()->has('error'))
+        <div class="bg-red-100 border border-red-400 text-red-700 px-4 py-3 rounded my-4">
+            {{ session('error') }}
+        </div>
+    @endif
+    
     <flux:separator class="my-8" />
     @foreach ($users as $u)
     <x-card class="flex items-center justify-between p-6">
-        <div class="flex gap-4">
-            <flux:heading>{{$u->name}}</flux:heading>
-            <flux:text>{{$u->email}}</flux:text>
+        <div class="flex gap-4 items-center">
+            <div>
+                <flux:heading>{{$u->name}}</flux:heading>
+                <flux:text>{{$u->email}}</flux:text>
+            </div>
+            <flux:badge color="{{ $u->isAdmin() ? 'yellow' : 'gray' }}">
+                {{ $u->isAdmin() ? 'Admin' : 'User' }}
+            </flux:badge>
+        </div>
+        <div class="flex gap-2 items-center">
+            @can('update', $u)
+                <flux:select wire:change="changeUserRole({{ $u->id }}, $event.target.value)" size="sm">
+                    <option value="user" {{ !$u->isAdmin() ? 'selected' : '' }}>User</option>
+                    <option value="admin" {{ $u->isAdmin() ? 'selected' : '' }}>Admin</option>
+                </flux:select>
+            @endcan
+            @can('delete', $u)
+                <flux:button variant="danger" size="sm" wire:click="deleteUser({{ $u->id }})">Delete</flux:button>
+            @endcan
         </div>
-        @can('delete', $u)
-        <flux:button variant="danger" size="sm" wire:click="deleteUser({{ $u->id }})">Delete</flux:button>
-        @endcan
     </x-card>
     @endforeach
     <div class="flex justify-between items-center mt-8">