ability to change user roles

2025-08-01 22:34:22 -04:00 · 2025-08-01 22:34:22 -04:00 · 6ebefb1120
commit 6ebefb1120
parent f7ee4baa61
3 changed files with 55 additions and 7 deletions
--- a/CLAUDE.md
+++ b/CLAUDE.md
@ -79,3 +79,6 @@ AuthentiKate is a lightweight SSO/OIDC solution built with Laravel and Livewire,
 - Uses Laravel's built-in authentication system
 - Email verification and password reset supported
 - Uses the free version of FluxUI. A livewire component library.
+
+## Code Guidance
+- Stop initializing collections using collect(). This is not compatible with Database\Eloquent\Collection. It is also not necessary to do this since the components are only visible to the admin
--- a/app/Livewire/ManageUsers.php
+++ b/app/Livewire/ManageUsers.php
@ -50,6 +50,25 @@ class ManageUsers extends Component
        $this->users = User::all();
    }

+    public function changeUserRole(User $user, string $role)
+    {
+        $this->authorize('update', $user);
+
+        // Prevent admins from demoting themselves
+        if ($user->id === auth()->id() && $role === 'user') {
+            session()->flash('error', 'You cannot demote yourself from admin.');
+            return;
+        }
+
+        $isAdmin = $role === 'admin';
+        $user->update(['is_admin' => $isAdmin]);
+
+        // Refresh the data
+        $this->users = User::all();
+
+        session()->flash('success', "User role updated to {$role}.");
+    }
+
    public function render()
    {
        return view('livewire.manage-users');
--- a/resources/views/livewire/manage-users.blade.php
+++ b/resources/views/livewire/manage-users.blade.php
@ -3,16 +3,42 @@
    <div class="flex justify-between items-center">
        <flux:heading size="xl">Users</flux:heading>
    </div>
+    
+    @if (session()->has('success'))
+        <div class="bg-green-100 border border-green-400 text-green-700 px-4 py-3 rounded my-4">
+            {{ session('success') }}
+        </div>
+    @endif
+    
+    @if (session()->has('error'))
+        <div class="bg-red-100 border border-red-400 text-red-700 px-4 py-3 rounded my-4">
+            {{ session('error') }}
+        </div>
+    @endif
+    
    <flux:separator class="my-8" />
    @foreach ($users as $u)
    <x-card class="flex items-center justify-between p-6">
-        <div class="flex gap-4">
+        <div class="flex gap-4 items-center">
+            <div>
                <flux:heading>{{$u->name}}</flux:heading>
                <flux:text>{{$u->email}}</flux:text>
            </div>
+            <flux:badge color="{{ $u->isAdmin() ? 'yellow' : 'gray' }}">
+                {{ $u->isAdmin() ? 'Admin' : 'User' }}
+            </flux:badge>
+        </div>
+        <div class="flex gap-2 items-center">
+            @can('update', $u)
+                <flux:select wire:change="changeUserRole({{ $u->id }}, $event.target.value)" size="sm">
+                    <option value="user" {{ !$u->isAdmin() ? 'selected' : '' }}>User</option>
+                    <option value="admin" {{ $u->isAdmin() ? 'selected' : '' }}>Admin</option>
+                </flux:select>
+            @endcan
            @can('delete', $u)
                <flux:button variant="danger" size="sm" wire:click="deleteUser({{ $u->id }})">Delete</flux:button>
            @endcan
+        </div>
    </x-card>
    @endforeach
    <div class="flex justify-between items-center mt-8">