notid/rothbard
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

final tweaks.

Browse Source
This commit is contained in:
Bryce
2025-12-04 10:55:23 -08:00
parent f915e33dab
commit c3e943f135
3 changed files with 13 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
admin.py
View File

@@ -126,11 +126,13 @@ def register_admin_routes(app):
# Update user in Firestore # Update user in Firestore
user_ref = db.collection("users").document(target_uid) user_ref = db.collection("users").document(target_uid)
user_ref.update({ # Only update fields that can be changed, excluding is_admin
update_data = {
"enabled": data.get("enabled", False), "enabled": data.get("enabled", False),
"is_admin": data.get("is_admin", False),
"case_email": data.get("case_email", "") "case_email": data.get("case_email", "")
}) }
# Never allow changing is_admin field during updates - admin status can only be set during creation
user_ref.update(update_data)
return jsonify({"success": True}) return jsonify({"success": True})

5
templates/admin_user_edit.html
View File

@@ -28,9 +28,13 @@
<div class="mt-1 flex items-center"> <div class="mt-1 flex items-center">
<input type="checkbox" id="is_admin" name="is_admin" <input type="checkbox" id="is_admin" name="is_admin"
{% if user.is_admin %}checked{% endif %} {% if user.is_admin %}checked{% endif %}
{% if not user.is_admin %}disabled{% endif %}
class="h-4 w-4 text-blue-600 focus:ring-blue-500 border-slate-300 rounded"> class="h-4 w-4 text-blue-600 focus:ring-blue-500 border-slate-300 rounded">
<label for="is_admin" class="ml-2 block text-sm text-slate-700">Check to make this user an admin</label> <label for="is_admin" class="ml-2 block text-sm text-slate-700">Check to make this user an admin</label>
</div> </div>
{% if not user.is_admin %}
<p class="mt-1 text-sm text-slate-500">Admin status can only be set during user creation.</p>
{% endif %}
</div> </div>
<div> <div>
@@ -62,7 +66,6 @@ document.getElementById('userForm').addEventListener('submit', function(e) {
const userData = { const userData = {
uid: '{{ user.uid }}', uid: '{{ user.uid }}',
enabled: formData.get('enabled') === 'on', enabled: formData.get('enabled') === 'on',
is_admin: formData.get('is_admin') === 'on',
case_email: formData.get('case_email') case_email: formData.get('case_email')
}; };

3
templates/login.html
View File

@@ -4,6 +4,9 @@
<div class="flex justify-center py-8"> <div class="flex justify-center py-8">
<div class="w-full max-w-md p-8 space-y-6 bg-white rounded-xl shadow-lg"> <div class="w-full max-w-md p-8 space-y-6 bg-white rounded-xl shadow-lg">
<h1 class="text-2xl font-bold text-center text-gray-800">Secure Access</h1> <h1 class="text-2xl font-bold text-center text-gray-800">Secure Access</h1>
<div class="bg-blue-50 border border-blue-200 text-blue-700 px-4 py-3 rounded-lg mb-4">
<p>If you don't have a user account, or need to reset your password, send an email to <a href="mailto:office@rothbardlawgroup.com" class="underline">office@rothbardlawgroup.com</a>.</p>
</div>
<form id="login-form" class="space-y-4"> <form id="login-form" class="space-y-4">
<div> <div>
<label class="block text-sm font-medium text-gray-700 mb-1">Email Address</label> <label class="block text-sm font-medium text-gray-700 mb-1">Email Address</label>