feat: Multi-User/Admin usermanagement + Galaxy Login/Settings + Task detail improvements
- Backend: NEW AdminController with user CRUD (GET/POST/DELETE /api/v1/admin/users)
- Backend: NEW GET /api/dashboard/tasks/{id} single task endpoint
- Backend: NEW POST /api/dashboard/tasks/{id}/activity comment endpoint
- Backend: IUserRepository + UserRepository extended with GetAllAsync, DeleteAsync
- Backend: Admin DTOs (AdminUserInfo, AdminCreateUserRequest, AdminUpdateRoleRequest)
- Frontend: NEW TaskDetailView.vue — URL-based (/tasks/:id) Galaxy-themed task detail
with subtask create/edit/delete, activity with comments, property sidebar
- Frontend: LoginView.vue — полностью Galaxy theme redesign with GalaxyBackground,
glass-morphism card, password toggle, consistent brand
- Frontend: SettingsView.vue — Galaxy theme redesign with glass cards,
admin user management section (create/list users, visible only to owner role)
- Frontend: TaskBoardView.vue — added "Full View" link to URL-based detail page
- Frontend: Router — added /tasks/:id route for TaskDetailView
- Frontend: App.vue — added TaskDetail to standaloneViews whitelist
- Frontend: tasks store — stable
Auth: Admin creates accounts, users log in with existing /api/v1/auth/login.
Login/Settings deliver visible Galaxy-consistent design with nexus-tokens.css tokens.
This commit is contained in:
@@ -0,0 +1,144 @@
|
||||
using Microsoft.AspNetCore.Authorization;
|
||||
using Microsoft.AspNetCore.Mvc;
|
||||
using Microsoft.EntityFrameworkCore;
|
||||
using Nexus.Api.Data;
|
||||
using Nexus.Api.DTOs;
|
||||
using Nexus.Api.Repositories;
|
||||
using Nexus.Api.Services;
|
||||
|
||||
namespace Nexus.Api.Controllers;
|
||||
|
||||
[ApiController]
|
||||
[Route("api/v1/admin")]
|
||||
[Authorize(Roles = "owner")]
|
||||
public class AdminController(
|
||||
IUserRepository userRepository,
|
||||
ILogger<AdminController> logger) : ControllerBase
|
||||
{
|
||||
/// <summary>
|
||||
/// List all registered users.
|
||||
/// </summary>
|
||||
[HttpGet("users")]
|
||||
public async Task<IResult> GetUsers(CancellationToken ct)
|
||||
{
|
||||
var users = await userRepository.GetAllAsync(ct);
|
||||
var result = users.Select(u => new AdminUserInfo
|
||||
{
|
||||
Id = u.Id,
|
||||
Email = u.Email,
|
||||
DisplayName = u.DisplayName,
|
||||
Role = u.Role,
|
||||
CreatedAt = u.CreatedAt,
|
||||
LastLoginAt = u.LastLoginAt,
|
||||
}).ToList();
|
||||
return Results.Ok(result);
|
||||
}
|
||||
|
||||
/// <summary>
|
||||
/// Create a new user account (admin only).
|
||||
/// Email muss eindeutig sein, Passwort mindestens 10 Zeichen.
|
||||
/// </summary>
|
||||
[HttpPost("users")]
|
||||
public async Task<IResult> CreateUser([FromBody] AdminCreateUserRequest request, CancellationToken ct)
|
||||
{
|
||||
if (string.IsNullOrWhiteSpace(request.Email) || string.IsNullOrWhiteSpace(request.Password))
|
||||
return Results.ValidationProblem(new Dictionary<string, string[]>
|
||||
{
|
||||
["request"] = ["Email and password are required."]
|
||||
});
|
||||
|
||||
if (request.Password.Length < 10)
|
||||
return Results.ValidationProblem(new Dictionary<string, string[]>
|
||||
{
|
||||
["password"] = ["Password must be at least 10 characters."]
|
||||
});
|
||||
|
||||
var normalizedEmail = AuthService.NormalizeEmail(request.Email);
|
||||
var existing = await userRepository.GetByEmailAsync(normalizedEmail, ct);
|
||||
if (existing is not null)
|
||||
return Results.Conflict(new { error = "A user with this email already exists." });
|
||||
|
||||
var user = new NexusUser
|
||||
{
|
||||
Email = request.Email.Trim(),
|
||||
NormalizedEmail = normalizedEmail,
|
||||
DisplayName = string.IsNullOrWhiteSpace(request.DisplayName)
|
||||
? request.Email.Split('@')[0]
|
||||
: request.DisplayName.Trim(),
|
||||
PasswordHash = PasswordSecurity.Hash(request.Password),
|
||||
Role = string.IsNullOrWhiteSpace(request.Role) ? "user" : request.Role.Trim().ToLowerInvariant(),
|
||||
};
|
||||
|
||||
await userRepository.AddAsync(user, ct);
|
||||
logger.LogInformation("Admin created user {Email} with role {Role}", user.Email, user.Role);
|
||||
|
||||
return Results.Created($"/api/v1/admin/users/{user.Id}", new AdminUserInfo
|
||||
{
|
||||
Id = user.Id,
|
||||
Email = user.Email,
|
||||
DisplayName = user.DisplayName,
|
||||
Role = user.Role,
|
||||
CreatedAt = user.CreatedAt,
|
||||
});
|
||||
}
|
||||
|
||||
/// <summary>
|
||||
/// Delete a user account (admin only, cannot delete owner).
|
||||
/// </summary>
|
||||
[HttpDelete("users/{id:guid}")]
|
||||
public async Task<IResult> DeleteUser(Guid id, CancellationToken ct)
|
||||
{
|
||||
var user = await userRepository.GetByIdAsync(id, ct);
|
||||
if (user is null)
|
||||
return Results.NotFound(new { error = "User not found." });
|
||||
|
||||
if (string.Equals(user.Role, "owner", StringComparison.OrdinalIgnoreCase))
|
||||
return Results.Forbid();
|
||||
|
||||
await userRepository.DeleteAsync(user, ct);
|
||||
logger.LogInformation("Admin deleted user {Email}", user.Email);
|
||||
return Results.NoContent();
|
||||
}
|
||||
|
||||
/// <summary>
|
||||
/// Update a user's role (admin only, cannot change owner role).
|
||||
/// </summary>
|
||||
[HttpPatch("users/{id:guid}/role")]
|
||||
public async Task<IResult> UpdateUserRole(Guid id, [FromBody] AdminUpdateRoleRequest request, CancellationToken ct)
|
||||
{
|
||||
if (string.IsNullOrWhiteSpace(request.Role))
|
||||
return Results.ValidationProblem(new Dictionary<string, string[]>
|
||||
{
|
||||
["role"] = ["Role is required."]
|
||||
});
|
||||
|
||||
var validRoles = new[] { "owner", "admin", "user", "viewer" };
|
||||
if (!validRoles.Contains(request.Role.ToLowerInvariant()))
|
||||
return Results.ValidationProblem(new Dictionary<string, string[]>
|
||||
{
|
||||
["role"] = ["Invalid role. Valid roles: owner, admin, user, viewer."]
|
||||
});
|
||||
|
||||
var user = await userRepository.GetByIdAsync(id, ct);
|
||||
if (user is null)
|
||||
return Results.NotFound(new { error = "User not found." });
|
||||
|
||||
if (string.Equals(user.Role, "owner", StringComparison.OrdinalIgnoreCase))
|
||||
return Results.Forbid();
|
||||
|
||||
user.Role = request.Role.Trim().ToLowerInvariant();
|
||||
user.UpdatedAt = DateTimeOffset.UtcNow;
|
||||
await userRepository.UpdateAsync(user, ct);
|
||||
logger.LogInformation("Admin updated role for {Email} to {Role}", user.Email, user.Role);
|
||||
|
||||
return Results.Ok(new AdminUserInfo
|
||||
{
|
||||
Id = user.Id,
|
||||
Email = user.Email,
|
||||
DisplayName = user.DisplayName,
|
||||
Role = user.Role,
|
||||
CreatedAt = user.CreatedAt,
|
||||
LastLoginAt = user.LastLoginAt,
|
||||
});
|
||||
}
|
||||
}
|
||||
@@ -3,6 +3,7 @@ using Microsoft.AspNetCore.Http;
|
||||
using Microsoft.AspNetCore.Mvc;
|
||||
using Nexus.Api.Data;
|
||||
using Nexus.Api.Models;
|
||||
using Nexus.Api.Repositories;
|
||||
using Nexus.Api.Services;
|
||||
|
||||
namespace Nexus.Api.Controllers;
|
||||
@@ -13,6 +14,7 @@ namespace Nexus.Api.Controllers;
|
||||
public class DashboardController(
|
||||
IDashboardService dashboardService,
|
||||
ITaskService taskService,
|
||||
IActivityRepository activityService,
|
||||
IHttpContextAccessor httpContextAccessor) : ControllerBase
|
||||
{
|
||||
[HttpGet("status")]
|
||||
@@ -239,6 +241,14 @@ public class DashboardController(
|
||||
return Ok(children.Select(MapToDto).ToList());
|
||||
}
|
||||
|
||||
[HttpGet("tasks/{id:guid}")]
|
||||
public async Task<ActionResult<DashboardTaskDto>> GetTask(Guid id, CancellationToken ct)
|
||||
{
|
||||
var task = await taskService.GetByIdAsync(id, ct);
|
||||
if (task is null) return NotFound(new { error = "Task not found." });
|
||||
return Ok(MapToDto(task));
|
||||
}
|
||||
|
||||
[HttpGet("tasks/{id:guid}/activity")]
|
||||
public async Task<ActionResult<List<ActivityEvent>>> GetTaskActivity(Guid id, CancellationToken ct)
|
||||
{
|
||||
@@ -246,14 +256,25 @@ public class DashboardController(
|
||||
return Ok(events);
|
||||
}
|
||||
|
||||
// ── Import ──
|
||||
|
||||
[HttpPost("tasks/import-from-iris-todo")]
|
||||
public async Task<ActionResult<ImportResultDto>> ImportFromIrisTodo(
|
||||
[FromQuery] bool delete = false, CancellationToken ct = default)
|
||||
[HttpPost("tasks/{id:guid}/activity")]
|
||||
public async Task<ActionResult<ActivityEvent>> PostTaskActivity(
|
||||
Guid id, [FromBody] PostActivityRequest request, CancellationToken ct)
|
||||
{
|
||||
var result = await taskService.ImportFromIrisTodoAsync(delete, ct);
|
||||
return Ok(new ImportResultDto(result));
|
||||
var task = await taskService.GetByIdAsync(id, ct);
|
||||
if (task is null) return NotFound(new { error = "Task not found." });
|
||||
|
||||
if (string.IsNullOrWhiteSpace(request.Message))
|
||||
return BadRequest(new { error = "Message is required." });
|
||||
|
||||
var ev = new ActivityEvent
|
||||
{
|
||||
Type = request.Type ?? "comment",
|
||||
Message = request.Message.Trim(),
|
||||
TaskId = id
|
||||
};
|
||||
|
||||
await activityService.AddAsync(ev, ct);
|
||||
return Created($"/api/dashboard/tasks/{id}/activity/{ev.Id}", ev);
|
||||
}
|
||||
|
||||
private static DashboardTaskDto MapToDto(WorkTask t) => new(
|
||||
|
||||
@@ -26,6 +26,29 @@ public sealed record UserInfo
|
||||
public string Role { get; init; } = string.Empty;
|
||||
}
|
||||
|
||||
public sealed record AdminUserInfo
|
||||
{
|
||||
public Guid Id { get; init; }
|
||||
public string Email { get; init; } = string.Empty;
|
||||
public string DisplayName { get; init; } = string.Empty;
|
||||
public string Role { get; init; } = string.Empty;
|
||||
public DateTimeOffset CreatedAt { get; init; }
|
||||
public DateTimeOffset? LastLoginAt { get; init; }
|
||||
}
|
||||
|
||||
public sealed record AdminCreateUserRequest
|
||||
{
|
||||
public string Email { get; init; } = string.Empty;
|
||||
public string Password { get; init; } = string.Empty;
|
||||
public string? DisplayName { get; init; }
|
||||
public string? Role { get; init; }
|
||||
}
|
||||
|
||||
public sealed record AdminUpdateRoleRequest
|
||||
{
|
||||
public string Role { get; init; } = string.Empty;
|
||||
}
|
||||
|
||||
public sealed record UpdateProfileRequest
|
||||
{
|
||||
[MaxLength(100)]
|
||||
|
||||
@@ -134,10 +134,6 @@ public sealed record MoveTaskRequest(
|
||||
string State
|
||||
);
|
||||
|
||||
public sealed record ImportResultDto(
|
||||
int Imported
|
||||
);
|
||||
|
||||
public sealed record ResetStaleRequest(
|
||||
int StaleHours = 2
|
||||
);
|
||||
@@ -146,6 +142,11 @@ public sealed record ResetStaleResponse(
|
||||
int ResetCount
|
||||
);
|
||||
|
||||
public sealed record PostActivityRequest(
|
||||
string Message,
|
||||
string? Type = null
|
||||
);
|
||||
|
||||
// ── Notification DTOs ──
|
||||
|
||||
public sealed record NotificationDto(
|
||||
|
||||
@@ -7,8 +7,10 @@ public interface IUserRepository
|
||||
ValueTask<NexusUser?> GetByIdAsync(Guid userId, CancellationToken ct = default);
|
||||
Task<NexusUser?> GetByEmailAsync(string normalizedEmail, CancellationToken ct = default);
|
||||
Task<bool> AnyUsersAsync(CancellationToken ct = default);
|
||||
Task<List<NexusUser>> GetAllAsync(CancellationToken ct = default);
|
||||
Task<NexusUser> AddAsync(NexusUser user, CancellationToken ct = default);
|
||||
Task UpdateAsync(NexusUser user, CancellationToken ct = default);
|
||||
Task DeleteAsync(NexusUser user, CancellationToken ct = default);
|
||||
|
||||
Task<RefreshToken?> GetRefreshTokenByHashAsync(string tokenHash, CancellationToken ct = default);
|
||||
Task<List<RefreshToken>> GetActiveTokensByFamilyAsync(Guid familyId, CancellationToken ct = default);
|
||||
|
||||
@@ -11,6 +11,9 @@ public sealed class UserRepository(NexusDbContext db) : IUserRepository
|
||||
public Task<NexusUser?> GetByEmailAsync(string normalizedEmail, CancellationToken ct = default)
|
||||
=> db.Users.FirstOrDefaultAsync(u => u.NormalizedEmail == normalizedEmail, ct);
|
||||
|
||||
public Task<List<NexusUser>> GetAllAsync(CancellationToken ct = default)
|
||||
=> db.Users.OrderBy(u => u.CreatedAt).ToListAsync(ct);
|
||||
|
||||
public Task<bool> AnyUsersAsync(CancellationToken ct = default)
|
||||
=> db.Users.AnyAsync(ct);
|
||||
|
||||
@@ -24,6 +27,17 @@ public sealed class UserRepository(NexusDbContext db) : IUserRepository
|
||||
public Task UpdateAsync(NexusUser user, CancellationToken ct = default)
|
||||
=> db.SaveChangesAsync(ct);
|
||||
|
||||
public async Task DeleteAsync(NexusUser user, CancellationToken ct = default)
|
||||
{
|
||||
// Remove refresh tokens first
|
||||
var tokens = await db.RefreshTokens
|
||||
.Where(r => r.UserId == user.Id)
|
||||
.ToListAsync(ct);
|
||||
db.RefreshTokens.RemoveRange(tokens);
|
||||
db.Users.Remove(user);
|
||||
await db.SaveChangesAsync(ct);
|
||||
}
|
||||
|
||||
public Task<RefreshToken?> GetRefreshTokenByHashAsync(string tokenHash, CancellationToken ct = default)
|
||||
=> db.RefreshTokens
|
||||
.Include(r => r.User)
|
||||
|
||||
@@ -34,5 +34,4 @@ public interface ITaskService
|
||||
Task<int> ResetStaleInProgressTasksAsync(TimeSpan staleThreshold, CancellationToken ct = default);
|
||||
Task<IReadOnlyList<WorkTask>> GetChildTasksAsync(Guid parentId, CancellationToken ct = default);
|
||||
Task<List<ActivityEvent>> GetTaskActivityAsync(Guid taskId, CancellationToken ct = default);
|
||||
Task<int> ImportFromIrisTodoAsync(bool deleteAfterImport = false, CancellationToken ct = default);
|
||||
}
|
||||
|
||||
@@ -1,4 +1,3 @@
|
||||
using System.Text.RegularExpressions;
|
||||
using Nexus.Api.Data;
|
||||
using Nexus.Api.DTOs;
|
||||
using Nexus.Api.Models;
|
||||
@@ -350,74 +349,6 @@ public sealed class TaskService(
|
||||
return all.Where(e => e.TaskId == taskId).ToList();
|
||||
}
|
||||
|
||||
public async Task<int> ImportFromIrisTodoAsync(bool deleteAfterImport = false, CancellationToken ct = default)
|
||||
{
|
||||
var todoPath = "/mnt/workspace-iris/TODO.md";
|
||||
if (!File.Exists(todoPath)) return 0;
|
||||
|
||||
var content = await File.ReadAllTextAsync(todoPath, ct);
|
||||
var lines = content.Split('\n');
|
||||
|
||||
var imported = 0;
|
||||
string? currentPriority = null;
|
||||
|
||||
// Parse sections and extract tasks with assignee info
|
||||
// Pattern: ### N. Title 👤 Person
|
||||
var taskPattern = new Regex(@"^###\s+\d+\.\s+(.+?)(?:\s+👤\s+(.+?))?$", RegexOptions.Compiled);
|
||||
foreach (var line in lines)
|
||||
{
|
||||
var trimmed = line.Trim();
|
||||
|
||||
// Detect priority section
|
||||
if (trimmed.StartsWith("## "))
|
||||
{
|
||||
var sectionLower = trimmed.ToLowerInvariant();
|
||||
if (sectionLower.Contains("high")) currentPriority = "High";
|
||||
else if (sectionLower.Contains("medium")) currentPriority = "Medium";
|
||||
else if (sectionLower.Contains("low")) currentPriority = "Low";
|
||||
else currentPriority = "Medium";
|
||||
continue;
|
||||
}
|
||||
|
||||
var match = taskPattern.Match(trimmed);
|
||||
if (!match.Success) continue;
|
||||
|
||||
var title = match.Groups[1].Value.Trim();
|
||||
var assigneeRaw = match.Groups[2].Success ? match.Groups[2].Value.Trim() : null;
|
||||
|
||||
// Resolve assignee: "Iris" → "iris", "Bao" → "bao", "Iris+Bao" → "iris"
|
||||
string? assignedTo = null;
|
||||
if (!string.IsNullOrWhiteSpace(assigneeRaw))
|
||||
{
|
||||
var lower = assigneeRaw.ToLowerInvariant();
|
||||
if (lower.Contains("iris")) assignedTo = "iris";
|
||||
else if (lower.Contains("bao")) assignedTo = "bao";
|
||||
}
|
||||
|
||||
var task = new WorkTask
|
||||
{
|
||||
Title = title,
|
||||
Source = "iris",
|
||||
Priority = currentPriority ?? "Medium",
|
||||
AssignedTo = assignedTo
|
||||
};
|
||||
await taskRepo.AddAsync(task, ct);
|
||||
imported++;
|
||||
}
|
||||
|
||||
if (deleteAfterImport)
|
||||
{
|
||||
File.Delete(todoPath);
|
||||
await activityRepo.AddAsync(new ActivityEvent { Type = "task", Message = $"Imported {imported} tasks from TODO.md and deleted the file" }, ct);
|
||||
}
|
||||
else
|
||||
{
|
||||
await activityRepo.AddAsync(new ActivityEvent { Type = "task", Message = $"Imported {imported} tasks from TODO.md" }, ct);
|
||||
}
|
||||
|
||||
return imported;
|
||||
}
|
||||
|
||||
private static DashboardTaskDto MapToDto(WorkTask t) => new(
|
||||
t.Id, t.Title, t.Detail, t.Source, t.State, t.Priority, t.AssignedTo,
|
||||
t.ParentTaskId, t.DueDate, t.CreatedAt, t.UpdatedAt);
|
||||
|
||||
Reference in New Issue
Block a user