Clean admin layout, drop scripts, keep admin out of tools list
This commit is contained in:
Nirodan
+1
-99
@@ -39,17 +39,6 @@ def _ensure_tables(cur):
|
||||
)
|
||||
"""
|
||||
)
|
||||
cur.execute(
|
||||
"""
|
||||
CREATE TABLE IF NOT EXISTS scripts (
|
||||
id INT AUTO_INCREMENT PRIMARY KEY,
|
||||
name VARCHAR(100) NOT NULL,
|
||||
description VARCHAR(255) DEFAULT '',
|
||||
content TEXT NOT NULL,
|
||||
created_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP
|
||||
)
|
||||
"""
|
||||
)
|
||||
|
||||
|
||||
@admin_bp.route("/api/admin/users", methods=["GET"])
|
||||
@@ -269,78 +258,6 @@ def delete_website(item_id):
|
||||
return jsonify({"message": "Serverfehler"}), 500
|
||||
|
||||
|
||||
# ---------- Scripts (Admin CRUD) ----------
|
||||
|
||||
@admin_bp.route("/api/admin/scripts", methods=["GET"])
|
||||
def list_scripts_admin():
|
||||
_, err = _require_admin()
|
||||
if err:
|
||||
return err
|
||||
try:
|
||||
cfg = load_config()
|
||||
conn = connect(**cfg)
|
||||
cur = conn.cursor(dictionary=True)
|
||||
_ensure_tables(cur)
|
||||
cur.execute("SELECT id, name, description, created_at FROM scripts ORDER BY created_at DESC")
|
||||
rows = cur.fetchall()
|
||||
cur.close()
|
||||
conn.close()
|
||||
return jsonify(rows)
|
||||
except Exception as e:
|
||||
logger.error(f"[Admin list_scripts] {e}")
|
||||
return jsonify({"message": "Serverfehler"}), 500
|
||||
|
||||
|
||||
@admin_bp.route("/api/admin/scripts", methods=["POST"])
|
||||
def create_script():
|
||||
_, err = _require_admin()
|
||||
if err:
|
||||
return err
|
||||
data = request.get_json() or {}
|
||||
name = data.get("name", "").strip()
|
||||
description = data.get("description", "").strip()
|
||||
content = data.get("content", "")
|
||||
if not name or not content:
|
||||
return jsonify({"message": "Name und Inhalt erforderlich"}), 400
|
||||
try:
|
||||
cfg = load_config()
|
||||
conn = connect(**cfg)
|
||||
cur = conn.cursor()
|
||||
_ensure_tables(cur)
|
||||
cur.execute(
|
||||
"INSERT INTO scripts (name, description, content) VALUES (%s, %s, %s)",
|
||||
(name, description, content),
|
||||
)
|
||||
conn.commit()
|
||||
new_id = cur.lastrowid
|
||||
cur.close()
|
||||
conn.close()
|
||||
return jsonify({"id": new_id, "name": name, "description": description}), 201
|
||||
except Exception as e:
|
||||
logger.error(f"[Admin create_script] {e}")
|
||||
return jsonify({"message": "Serverfehler"}), 500
|
||||
|
||||
|
||||
@admin_bp.route("/api/admin/scripts/<int:item_id>", methods=["DELETE"])
|
||||
def delete_script(item_id):
|
||||
_, err = _require_admin()
|
||||
if err:
|
||||
return err
|
||||
try:
|
||||
cfg = load_config()
|
||||
conn = connect(**cfg)
|
||||
cur = conn.cursor()
|
||||
_ensure_tables(cur)
|
||||
cur.execute("DELETE FROM scripts WHERE id=%s", (item_id,))
|
||||
conn.commit()
|
||||
cur.close()
|
||||
conn.close()
|
||||
return jsonify({"message": "Gelöscht"}), 200
|
||||
except Exception as e:
|
||||
logger.error(f"[Admin delete_script] {e}")
|
||||
return jsonify({"message": "Serverfehler"}), 500
|
||||
|
||||
|
||||
# ---------- Public (logged-in) endpoints ----------
|
||||
|
||||
@admin_bp.route("/api/websites", methods=["GET"])
|
||||
@@ -365,19 +282,4 @@ def list_websites_public():
|
||||
|
||||
@admin_bp.route("/api/scripts", methods=["GET"])
|
||||
def list_scripts_public():
|
||||
user = verify_token()
|
||||
if not user:
|
||||
return jsonify({"message": "Nicht autorisiert"}), 401
|
||||
try:
|
||||
cfg = load_config()
|
||||
conn = connect(**cfg)
|
||||
cur = conn.cursor(dictionary=True)
|
||||
_ensure_tables(cur)
|
||||
cur.execute("SELECT id, name, description, created_at FROM scripts ORDER BY created_at DESC")
|
||||
rows = cur.fetchall()
|
||||
cur.close()
|
||||
conn.close()
|
||||
return jsonify(rows)
|
||||
except Exception as e:
|
||||
logger.error(f"[Public list_scripts] {e}")
|
||||
return jsonify({"message": "Serverfehler"}), 500
|
||||
return jsonify({"message": "Scripts wurden entfernt"}), 410
|
||||
|
||||
@@ -4,16 +4,12 @@ import axios from '../services/api';
|
||||
function AdminDashboard() {
|
||||
const [users, setUsers] = useState([]);
|
||||
const [websites, setWebsites] = useState([]);
|
||||
const [scripts, setScripts] = useState([]);
|
||||
const [loadingUsers, setLoadingUsers] = useState(true);
|
||||
const [loadingSites, setLoadingSites] = useState(true);
|
||||
const [loadingScripts, setLoadingScripts] = useState(true);
|
||||
const [creatingUser, setCreatingUser] = useState(false);
|
||||
const [creatingSite, setCreatingSite] = useState(false);
|
||||
const [creatingScript, setCreatingScript] = useState(false);
|
||||
const [formUser, setFormUser] = useState({ username: '', password: '', role: 'user' });
|
||||
const [formSite, setFormSite] = useState({ name: '', url: '', description: '' });
|
||||
const [formScript, setFormScript] = useState({ name: '', description: '', content: '' });
|
||||
const [error, setError] = useState(null);
|
||||
|
||||
const fetchUsers = async () => {
|
||||
@@ -41,22 +37,9 @@ function AdminDashboard() {
|
||||
}
|
||||
};
|
||||
|
||||
const fetchScripts = async () => {
|
||||
try {
|
||||
setLoadingScripts(true);
|
||||
const res = await axios.get('/api/admin/scripts');
|
||||
setScripts(res.data);
|
||||
} catch (e) {
|
||||
setError('Scripts konnten nicht geladen werden');
|
||||
} finally {
|
||||
setLoadingScripts(false);
|
||||
}
|
||||
};
|
||||
|
||||
useEffect(() => {
|
||||
fetchUsers();
|
||||
fetchWebsites();
|
||||
fetchScripts();
|
||||
}, []);
|
||||
|
||||
const createUser = async () => {
|
||||
@@ -93,23 +76,6 @@ function AdminDashboard() {
|
||||
}
|
||||
};
|
||||
|
||||
const createScript = async () => {
|
||||
if (!formScript.name || !formScript.content) {
|
||||
setError('Name und Inhalt erforderlich');
|
||||
return;
|
||||
}
|
||||
try {
|
||||
setCreatingScript(true);
|
||||
await axios.post('/api/admin/scripts', formScript);
|
||||
setFormScript({ name: '', description: '', content: '' });
|
||||
await fetchScripts();
|
||||
} catch (e) {
|
||||
setError(e.response?.data?.message || 'Script konnte nicht angelegt werden');
|
||||
} finally {
|
||||
setCreatingScript(false);
|
||||
}
|
||||
};
|
||||
|
||||
const updateRole = async (id, role) => {
|
||||
try {
|
||||
await axios.put(`/api/admin/users/${id}`, { role });
|
||||
@@ -150,16 +116,6 @@ function AdminDashboard() {
|
||||
}
|
||||
};
|
||||
|
||||
const deleteScript = async (id) => {
|
||||
if (!window.confirm('Script löschen?')) return;
|
||||
try {
|
||||
await axios.delete(`/api/admin/scripts/${id}`);
|
||||
await fetchScripts();
|
||||
} catch (e) {
|
||||
setError('Konnte Script nicht löschen');
|
||||
}
|
||||
};
|
||||
|
||||
return (
|
||||
<div className="main-content admin">
|
||||
<div className="admin-header">
|
||||
@@ -294,55 +250,7 @@ function AdminDashboard() {
|
||||
)}
|
||||
</div>
|
||||
|
||||
<div className="admin-card">
|
||||
<h3>Python-Skripte</h3>
|
||||
<div className="form-grid">
|
||||
<label>
|
||||
Name
|
||||
<input
|
||||
value={formScript.name}
|
||||
onChange={(e) => setFormScript({ ...formScript, name: e.target.value })}
|
||||
placeholder="Cleanup Job"
|
||||
/>
|
||||
</label>
|
||||
<label>
|
||||
Beschreibung
|
||||
<input
|
||||
value={formScript.description}
|
||||
onChange={(e) => setFormScript({ ...formScript, description: e.target.value })}
|
||||
placeholder="Kurzbeschreibung"
|
||||
/>
|
||||
</label>
|
||||
<label>
|
||||
Inhalt
|
||||
<textarea
|
||||
rows={6}
|
||||
value={formScript.content}
|
||||
onChange={(e) => setFormScript({ ...formScript, content: e.target.value })}
|
||||
placeholder="#!/usr/bin/env python3\nprint('Hello')"
|
||||
/>
|
||||
</label>
|
||||
</div>
|
||||
<button onClick={createScript} disabled={creatingScript}>➕ Script speichern</button>
|
||||
{loadingScripts ? <p className="muted">Lade Scripts...</p> : (
|
||||
<div className="table compact">
|
||||
<div className="table-row table-headings">
|
||||
<span>🐍 Script</span>
|
||||
<span>Beschreibung</span>
|
||||
<span className="actions">Aktionen</span>
|
||||
</div>
|
||||
{scripts.map((s) => (
|
||||
<div className="table-row" key={s.id}>
|
||||
<span className="user">{s.name}</span>
|
||||
<span className="muted">{s.description}</span>
|
||||
<span className="actions">
|
||||
<button className="ghost danger" onClick={() => deleteScript(s.id)}>🗑️</button>
|
||||
</span>
|
||||
</div>
|
||||
))}
|
||||
</div>
|
||||
)}
|
||||
</div>
|
||||
{/* Scripts entfernt */}
|
||||
</div>
|
||||
|
||||
{error && <p className="error">{error}</p>}
|
||||
|
||||
@@ -28,9 +28,6 @@ function ToolOverview() {
|
||||
<p>Wähle ein Tool aus:</p>
|
||||
|
||||
<button onClick={() => navigate('/tools/md5')}>🔒 MD5 Tool</button><br /><br />
|
||||
{role === 'admin' && (
|
||||
<button onClick={() => navigate('/admin')}>🛠️ Admin-Bereich</button>
|
||||
)}
|
||||
|
||||
<h3 style={{ marginTop: '24px' }}>🌐 Externe Webseiten</h3>
|
||||
{loadingWebsites ? (
|
||||
|
||||
@@ -25,7 +25,7 @@
|
||||
.admin-grid {
|
||||
display: grid;
|
||||
gap: 18px;
|
||||
grid-template-columns: repeat(auto-fit, minmax(320px, 1fr));
|
||||
grid-template-columns: repeat(auto-fit, minmax(360px, 1fr));
|
||||
}
|
||||
|
||||
.admin-card {
|
||||
@@ -57,6 +57,11 @@ select {
|
||||
color: var(--text);
|
||||
border-radius: 12px;
|
||||
padding: 10px 12px;
|
||||
width: 100%;
|
||||
}
|
||||
|
||||
.admin-card textarea {
|
||||
width: 100%;
|
||||
}
|
||||
|
||||
.table {
|
||||
@@ -67,7 +72,7 @@ select {
|
||||
|
||||
.table-row {
|
||||
display: grid;
|
||||
grid-template-columns: 1.2fr 0.6fr 1fr;
|
||||
grid-template-columns: minmax(0, 1.1fr) minmax(0, 0.6fr) minmax(0, 1fr);
|
||||
gap: 8px;
|
||||
padding: 12px 14px;
|
||||
align-items: center;
|
||||
@@ -86,7 +91,7 @@ select {
|
||||
}
|
||||
|
||||
.table.compact .table-row {
|
||||
grid-template-columns: 1fr 1fr 0.6fr;
|
||||
grid-template-columns: minmax(0, 1fr) minmax(0, 1fr) minmax(0, 0.6fr);
|
||||
}
|
||||
|
||||
.table .user {
|
||||
|
||||
Reference in New Issue
Block a user