Basic admin panel with support for viewing users and domains

dbupdate/5.sql

@@ -0,0 +1,2 @@
+alter table user add column admin integer not null default 0;
+update cyberman set dbrev=6;

lib/cyberman.pm

@@ -10,6 +10,7 @@ use cyberman::Helper;
 use cyberman::API;
 use cyberman::Records;
 use cyberman::Forgot;
+use cyberman::Admin;
 
 # Index route, hook and helper functions for authentication
 
@@ -53,6 +54,7 @@ hook 'before' => sub {
 
 	var auth => $auth;
 	var email => $user->{"email"};
+	var admin => $user->{"admin"};
 	var config => config();
 
 	if ($user->{"stylesheet"} && grep {$_ eq $user->{"stylesheet"}} @{ config->{"stylesheets"}->{"available"} }) {

lib/cyberman/API.pm

@@ -30,4 +30,35 @@ get '/api/check_availability' => sub {
 	}
 };
 
+get '/api/get_owner_email' => sub {
+	return "" if auth_test("admin");
+	if (!param("name")) {
+		return "";
+	}
+
+	my $domain = database->quick_select(
+		"domain",
+		{
+			"name" => param("name"),
+		},
+	);
+
+	if (!$domain) {
+		return "";
+	};
+
+	my $owner = database->quick_select(
+		"user",
+		{
+			"id" => $domain->{"ownerid"},
+		},
+	);
+
+	if (!$owner) {
+		return "";
+	}
+
+	return $owner->{"email"};
+};
+
 true;

lib/cyberman/Admin.pm

@@ -0,0 +1,54 @@
+package cyberman::Admin;
+use Dancer2 appname => "cyberman";
+use Dancer2::Plugin::Database;
+
+use cyberman::Helper;
+
+get '/admin' => sub {
+	return auth_test("admin") if auth_test("admin");
+
+	my $sth = database->prepare(
+		"select count(*) from user",
+	);
+	$sth->execute;
+	my $usercount = $sth->fetchrow_hashref->{"count(*)"};
+
+	$sth = database->prepare(
+		"select count(*) from domain",
+	);
+	$sth->execute;
+	my $domaincount = $sth->fetchrow_hashref->{"count(*)"};
+
+	return template "admin" => {
+		usercount => $usercount,
+		domaincount => $domaincount,
+	};
+};
+
+get '/admin/users' => sub {
+	return auth_test("admin") if auth_test("admin");
+
+	my @users = database->quick_select(
+		"user",
+		{}
+	);
+
+	return template "admin/users" => {
+		users => \@users,
+	};
+};
+
+get '/admin/domains' => sub {
+	return auth_test("admin") if auth_test("admin");
+
+	my @domains = database->quick_select(
+		"domain",
+		{}
+	);
+
+	return template "admin/domains" => {
+		domains => \@domains,
+	};
+};
+
+true;

lib/cyberman/Helper.pm

@@ -24,6 +24,12 @@ sub auth_test {
 		return template 'redir' => {
 			"redir" => "/index",
 		};
+	} elsif ($id && $id eq "admin" && !vars->{"admin"}) {
+		return template 'redir' => {
+			"redir" => "/index",
+		};
+	} elsif ($id && $id eq "admin" && vars->{"admin"}) {
+		return 0;
 	} elsif ($id && vars->{"auth"} != $id) {
 		return template 'redir' => {
 			"redir" => "/index",

public/js/admin_domains.js

@@ -0,0 +1,14 @@
+function updateOwnerEmail() {
+	var name = this.domainName;
+	document.getElementById("owneremail-"+name).innerHTML = this.responseText;
+}
+
+function showOwnerEmail(name) {
+	document.getElementById("owneremail-"+name).innerHTML = "Loading...";
+
+	var req = new XMLHttpRequest();
+	req.domainName = name;
+	req.addEventListener("load", updateOwnerEmail);
+	req.open("GET", "/api/get_owner_email?name="+encodeURIComponent(name));
+	req.send();
+}

schema.sql

@@ -3,7 +3,7 @@ create table cyberman (
 	id integer primary key,
 	dbrev integer not null
 );
-insert into cyberman (dbrev) values (5);
+insert into cyberman (dbrev) values (6);
 
 drop table if exists user;
 create table user (
@@ -15,7 +15,8 @@ create table user (
 	conftoken text not null,
 	newemail text,
 	recoverytoken text,
-	stylesheet text
+	stylesheet text,
+	admin integer not null default 0
 );
 
 drop table if exists session;

views/admin.tt

@@ -0,0 +1,14 @@
+<center>
+	<br />
+	<h1>Admin</h1>
+	<br />
+</center>
+
+<div class="body">
+	<center>
+		[&nbsp;<a class="bracketButton" href="admin/users">view user list</a>&nbsp;]
+		[&nbsp;<a class="bracketButton" href="admin/domains">view domain list</a>&nbsp;]
+	</center>
+	<br />
+	I have <% usercount %> users and <% domaincount %> domains.
+</div>

views/admin/domains.tt

@@ -0,0 +1,31 @@
+<center>
+	<br />
+	<h1>Domain list</h1>
+	<br />
+</center>
+
+<div class="body">
+	<em><% domains.size %> domains</em>
+	<table class="t domains">
+		<tr>
+			<td>
+				<strong>Name</strong>
+			</td>
+			<td>
+				<strong>Owner's email</strong>
+			</td>
+		</tr>
+		<% FOREACH d IN domains %>
+		<tr>
+			<td>
+				<% d.name | html_entity %>.cyb
+			</td>
+			<td id="owneremail-<% d.name | html_entity %>">
+				[&nbsp;<a class="bracketButton" onclick="showOwnerEmail('<% d.name | html_entity %>')" style="cursor:pointer">show</a>&nbsp;]
+			</td>
+		</tr>
+		<% END %>
+	</table>
+</div>
+
+<script type="text/javascript" src="/js/admin_domains.js"></script>

views/admin/users.tt

@@ -0,0 +1,33 @@
+<center>
+	<br />
+	<h1>User list</h1>
+	<br />
+</center>
+
+<div class="body">
+	<em><% users.size %> users</em>
+	<table class="t domains">
+		<tr>
+			<td>
+				<strong>Email address</strong>
+			</td>
+			<td>
+				<strong>Active</strong>
+			</td>
+		</tr>
+		<% FOREACH u IN users %>
+		<tr>
+			<td>
+				<% u.email | html_entity %>
+			</td>
+			<td>
+				<% IF u.active %>
+				Yes
+				<% ELSE %>
+				No
+				<% END %>
+			</td>
+		</tr>
+		<% END %>
+	</table>
+</div>

views/layouts/main.tt

@@ -20,6 +20,9 @@
 					<span style="float:right;">
 						<span class="menuBtnW"><a href="/domains" class="menuBtn">Domains</a></span><!--
 						--><span class="menuBtnW"><a href="/account" class="menuBtn">Account</a></span><!--
+						<% IF vars.admin %>
+						--><span class="menuBtnW"><a href="/admin" class="menuBtn">Admin</a></span><!--
+						<% END %>
 						--><form action="/logout" method="POST"><!--
 							--><span class="menuBtnW"><button action="submit" class="menuBtn">Log&nbsp;out</button></span>
 						</form>