Merge pull request #83 from njxue/admin-user-controls

Add deactivate user and user management page for admins

Author: njxue

backend/user-service/controller/auth-controller.js

@@ -11,12 +11,12 @@ export async function handleLogin(req, res, next) {
     try {
       const user = await _findUserByEmail(email);
       if (!user) {
-        throw new UnauthorisedError("Wrong email");
+        throw new UnauthorisedError("Wrong email/password");
       }
 
       const match = await bcrypt.compare(password, user.password);
       if (!match) {
-        throw new UnauthorisedError("Wrong password");
+        throw new UnauthorisedError("Wrong email/password");
       }
 
       // Generate access and refresh token

frontend/src/data/users/UserImpl.ts

@@ -34,6 +34,17 @@ export class UserImpl implements IUser {
         return this.dataSource.getUser(userId);
     }
 
+    async getAllUsers(): Promise<any> {
+        return this.dataSource.getAllUsers();
+    }
+
+    async deleteUser(userId: string): Promise<any> {
+        return this.dataSource.deleteUser(userId);
+    }
+
+    async updateUserPrivilege(userId: string, isAdmin: boolean): Promise<any> {
+        return this.dataSource.updateUserPrivilege(userId, isAdmin);
+    }
     async forgetPassword(email: string): Promise<any> {
         return this.dataSource.forgetPassword(email);
     }

frontend/src/data/users/UserRemoteDataSource.ts

@@ -51,6 +51,17 @@ export class UserRemoteDataSource extends BaseApi {
         return await this.protectedGet<any>(`/users/${userId}`);
     }
 
+    async getAllUsers() {
+        return await this.protectedGet<any>("/users/");
+    }
+
+    async deleteUser(userId: string) {
+        return await this.protectedDelete<any>(`/users/${userId}`);
+    }
+
+    async updateUserPrivilege(userId: string, isAdmin: boolean) {
+        return await this.protectedPatch(`/users/${userId}/privilege`, { isAdmin });
+    }
     async forgetPassword(email: string) {
         return await this.post<any>("/users/forgetPassword", { email });
     }

frontend/src/data/users/mockUser.ts

@@ -2,7 +2,7 @@ import AuthClientStore from "data/auth/AuthClientStore";
 import { User } from "domain/entities/User";
 import { IUserRegisterInput, IUserLoginInput, IUserUpdateInput } from "domain/users/IUser";
 
-const users: User[] = [
+let users: User[] = [
     {
         _id: "1",
         username: "SampleUserName",
@@ -156,6 +156,31 @@ export class MockUser {
         });
     }
 
+    async getAllUsers(): Promise<any> {
+        return new Promise((resolve, reject) => ({ message: "Fetched all users", data: resolve(users) }));
+    }
+
+    async deleteUser(userId: string): Promise<any> {
+        return new Promise((resolve, reject) => {
+            users = users.filter((user) => user._id !== userId);
+        });
+    }
+
+    async updateUserPrivilege(userId: string, isAdmin: boolean): Promise<any> {
+        return new Promise((resolve, reject) => {
+            try {
+                const foundUser = this.users.find((u) => u._id === userId);
+                if (!foundUser) {
+                    resolve({ message: "User not found" });
+                } else {
+                    foundUser.isAdmin = isAdmin;
+                    resolve({ message: "User privileges updated", data: foundUser });
+                }
+            } catch (error) {
+                reject(error);
+            }
+        });
+    }
     async forgetPassword(email: string): Promise<any> {}
 
     async resetPassword(password: string, token: string): Promise<any> {}

frontend/src/domain/context/AuthContext.tsx

@@ -11,7 +11,8 @@ interface AuthContextType {
     login: (email: string, password: string) => Promise<void>;
     logout: () => Promise<void>;
     register: (email: string, password: string, username: string) => Promise<void>;
-    updateUser: (userUpdateInput: IUserUpdateInput) => Promise<void>;
+    updateUser: (userId: string, userUpdateInput: IUserUpdateInput) => Promise<User>;
+    deactivateUser: (userId: string) => Promise<void>;
 }
 
 const AuthContext = createContext<AuthContextType | undefined>(undefined);
@@ -70,11 +71,19 @@ export const AuthProvider = ({ children }: { children: ReactNode }) => {
         handleSuccessfulAuth(accessToken, user);
     };
 
-    const updateUser = async (userUpdateInput: IUserUpdateInput) => {
-        if (user) {
-            const updatedUser = await userUseCases.updateUser(user?._id, userUpdateInput);
+    const updateUser = async (userId: string, userUpdateInput: IUserUpdateInput) => {
+        const updatedUser = await userUseCases.updateUser(userId, userUpdateInput);
+        if (userId === user?._id) {
             setUser(updatedUser);
         }
+        return updatedUser;
+    };
+
+    const deactivateUser = async (userId: string) => {
+        await userUseCases.deleteUser(userId);
+        if (userId === user?._id) {
+            logout();
+        }
     };
 
     const handleSuccessfulAuth = (accessToken: string, user: User) => {
@@ -87,7 +96,9 @@ export const AuthProvider = ({ children }: { children: ReactNode }) => {
     const isUserAdmin = true;
 
     return (
-        <AuthContext.Provider value={{ user, isLoggedIn, isUserAdmin, login, logout, register, updateUser }}>
+        <AuthContext.Provider
+            value={{ user, isLoggedIn, isUserAdmin, login, logout, register, updateUser, deactivateUser }}
+        >
             {children}
         </AuthContext.Provider>
     );

frontend/src/domain/usecases/UserUseCases.ts

@@ -108,12 +108,32 @@ export class UserUseCases {
      */
     async getUser(userId: string): Promise<User> {
         const data = await this.user.getUser(userId);
-        if (!data) {
-            throw new AuthenticationError("User not found or access denied");
+        if (!data.data) {
+            throw new AuthenticationError(data.message);
+        }
+        return data.data;
+    }
+
+    async getAllUsers(): Promise<User[]> {
+        const data = await this.user.getAllUsers();
+        if (!data.data) {
+            throw new AuthenticationError(data.message);
         }
         return data.data;
     }
 
+    async deleteUser(userId: string): Promise<void> {
+        await this.user.deleteUser(userId);
+    }
+
+    async updateUserPrivilege(userId: string, isAdmin: boolean): Promise<User> {
+        const data = await this.user.updateUserPrivilege(userId, isAdmin);
+        if (!data.data) {
+            throw new AuthenticationError(data.message);
+        }
+        return data.data;
+    }
+    
     async forgetPassword(email: string): Promise<void> {
         await this.user.forgetPassword(email);
     }

frontend/src/domain/users/IUser.ts

@@ -25,6 +25,9 @@ export interface IUser {
     logoutUser(userId: string): Promise<any>;
     updateUser(userId: string, userUpdateInput: IUserUpdateInput): Promise<any>;
     getUser(userId: string): Promise<any>;
+    getAllUsers(): Promise<any>;
+    deleteUser(userId: string): Promise<any>;
+    updateUserPrivilege(userId: string, isAdmin: boolean): Promise<any>;
     forgetPassword(email: string): Promise<any>;
     resetPassword(password: string, token: string): Promise<any>;
 }

frontend/src/presentation/components/DeleteUserForm/DeleteUserForm.module.css

@@ -0,0 +1,9 @@
+.btnGroup {
+    display: flex;
+    gap: 8px;
+    margin-top: 8px;
+}
+
+.btnGroup button {
+    width: 100%;
+}

frontend/src/presentation/components/DeleteUserForm/DeleteUserForm.tsx

@@ -0,0 +1,57 @@
+import { Button, Input } from "antd";
+import { User } from "domain/entities/User";
+import styles from "./DeleteUserForm.module.css";
+import { useAuth } from "domain/context/AuthContext";
+import { toast } from "react-toastify";
+import { handleError } from "presentation/utils/errorHandler";
+import { useState } from "react";
+
+interface DeleteUserFormProps {
+    user: User;
+    onSubmit?: () => void;
+    onCancel?: () => void;
+}
+export const DeleteUserForm: React.FC<DeleteUserFormProps> = ({ user: userToDelete, onSubmit, onCancel }) => {
+    const [confirmationText, setConfirmationText] = useState("");
+    const { user, deactivateUser } = useAuth();
+    const isDeletingSelf = user?._id === userToDelete._id;
+
+    const handleDeleteUser = async () => {
+        try {
+            await deactivateUser(userToDelete?._id);
+            toast.success(`Successfully deleted ${isDeletingSelf ? "your account" : userToDelete.username}`);
+            onSubmit?.();
+        } catch (err) {
+            console.error(err);
+            toast.error(handleError(err));
+        }
+    };
+
+    const handleCancel = () => {
+        setConfirmationText("");
+        onCancel?.();
+    };
+
+    const textToMatch = `delete/${user?.username}`;
+    const isConfirmBtnDisabled = isDeletingSelf && confirmationText !== textToMatch;
+
+    return (
+        <>
+            <p>Are you sure you want to delete {isDeletingSelf ? "your account" : <b>{userToDelete.username}</b>}?</p>
+            {isDeletingSelf && (
+                <Input
+                    type="text"
+                    value={confirmationText}
+                    onChange={(e) => setConfirmationText(e.target.value)}
+                    placeholder={`Type "${textToMatch}" to confirm`}
+                />
+            )}
+            <div className={styles.btnGroup}>
+                <Button onClick={handleCancel}>Cancel</Button>
+                <Button type="primary" onClick={handleDeleteUser} disabled={isConfirmBtnDisabled}>
+                    Confirm
+                </Button>
+            </div>
+        </>
+    );
+};

frontend/src/presentation/components/ProfileContainer.module.css

@@ -1,10 +1,19 @@
 .container {
     display: flex;
     flex-direction: row;
-    justify-content: center;
+    justify-content: space-between;
+    align-items: end;
+    gap: 2em;
+    padding: 8px 0;
+}
+
+.profileContainer {
+    display: flex;
+    flex-direction: row;
+    justify-content: start;
     align-items: center;
-    column-gap: calc(1.5rem + 1.5vw);
-    margin-bottom: 2em;
+    gap: 2em;
+    height: 100%;
 }
 
 .profilePicture {
@@ -16,34 +25,86 @@
 
 .profileDetailsContainer {
     display: flex;
-    flex-direction: row;
-    justify-content: center;
-    align-items: center;
-    column-gap: calc(1.5rem + 1.5vw);
-    padding: 0 2em;
+    flex-direction: column;
+    justify-content: start;
+    align-items: start;
+    gap: 8px;
 }
 
 .nameRow {
     display: flex;
     flex-direction: row;
     align-items: center;
-    column-gap: 1em;
-    margin-bottom: 0;
+    gap: 8px;
 }
 
 .name {
     font-size: 3em;
     font-weight: 300;
     margin: 0;
+    max-width: 500px;
+    text-overflow: ellipsis;
+    white-space: nowrap;
+    overflow: hidden;
 }
 
 .editIcon {
-    font-size: 1.5em;
+    font-size: 1.2em;
     cursor: pointer;
+    transition: opacity 0.2s ease;
+    opacity: 50%;
+}
+.editIcon:hover {
+    opacity: 100%;
 }
 
-.linksContainer {
+.deactivateAndadminLinksContainer {
     display: flex;
-    flex-direction: row;
-    column-gap: 2em;
+    gap: 12px;
+}
+
+.adminLinkItem {
+    display: flex;
+    align-items: center;
+    gap: 4px;
+    font-weight: bold;
+}
+.adminLinkItem span[role="img"],
+.adminLinkItem a {
+    color: black;
+    transition: all 0.5s ease;
+}
+
+.adminLinkItem:hover a,
+.adminLinkItem:hover span[role="img"] {
+    color: #ffa500;
+    transform: translateY(-5px);
+}
+
+.emailAndDeactivate {
+    display: flex;
+    flex-direction: column;
+    align-items: start;
+    gap: 4px;
+}
+
+.deactivate {
+    color: #007bff;
+    cursor: pointer;
+    transition: color 0.2s ease;
+    margin-right: 12px;
+}
+
+.deactivate:hover {
+    color: red;
+}
+
+.email {
+    max-width: 250px;
+    text-overflow: ellipsis;
+    white-space: nowrap;
+    overflow: hidden;
+    display: flex;
+    align-items: flex-end;
+    gap: 8px;
 }