v0.8.5 enhance admin user management with edit and safe disable

Author: coowinit

CHANGELOG.md

@@ -1,3 +1,8 @@
+## v0.8.5 - 2026-04-02
+- enhanced Admin Users management with Edit page and safe Disable/Enable actions
+- added password reset fields on admin edit page without changing database config
+- protected against disabling your own account or removing the last active admin account
+
 ## v0.8.4
 - UI polish pass for Inquiry Management and Inquiry Detail.
 - Compressed the filter/export area and grouped less-used export fields.

VERSION.txt

@@ -1 +1 @@
-v0.8.4
+v0.8.5

app/Controllers/AdminController.php

@@ -7,6 +7,7 @@
 use App\Core\Auth;
 use App\Core\Controller;
 use App\Core\Csrf;
+use App\Core\Session;
 use App\Models\Admin;
 use App\Models\InquiryLog;
 
@@ -29,6 +30,29 @@ public function index(): void
         ]);
     }
 
+    public function edit(): void
+    {
+        if (!Auth::can('tools.view')) {
+            flash('error', 'You do not have permission to access user management.');
+            redirect('dashboard');
+        }
+
+        $id = (int) ($_GET['id'] ?? 0);
+        $adminModel = new Admin();
+        $admin = $adminModel->findById($id);
+
+        if (!$admin) {
+            flash('error', 'Admin user not found.');
+            redirect('admins');
+        }
+
+        $this->view('dashboard/admin-user-edit', [
+            'pageTitle' => 'Edit Admin User',
+            'adminUser' => $admin,
+            'csrfToken' => Csrf::token(),
+        ]);
+    }
+
     public function create(): void
     {
         if (!Auth::can('tools.view') || !Csrf::verify($_POST['_csrf'] ?? null)) {
@@ -39,8 +63,8 @@ public function create(): void
         $username = trim((string) ($_POST['username'] ?? ''));
         $nickname = trim((string) ($_POST['nickname'] ?? ''));
         $email = trim((string) ($_POST['email'] ?? ''));
-        $role = trim((string) ($_POST['role'] ?? 'agent'));
-        $status = trim((string) ($_POST['status'] ?? 'active'));
+        $role = $this->sanitizeRole((string) ($_POST['role'] ?? 'agent'));
+        $status = $this->sanitizeStatus((string) ($_POST['status'] ?? 'active'));
         $password = (string) ($_POST['password'] ?? '');
 
         if ($username === '' || $email === '' || $password === '') {
@@ -51,11 +75,9 @@ public function create(): void
             flash('error', 'Please enter a valid email address.');
             redirect('admins');
         }
-        if (!in_array($role, ['admin', 'manager', 'agent', 'viewer'], true)) {
-            $role = 'agent';
-        }
-        if (!in_array($status, ['active', 'disabled'], true)) {
-            $status = 'active';
+        if (strlen($password) < 8) {
+            flash('error', 'Password must be at least 8 characters long.');
+            redirect('admins');
         }
 
         $created = (new Admin())->create([
@@ -88,27 +110,194 @@ public function updateMeta(): void
         }
 
         $id = (int) ($_POST['id'] ?? 0);
-        $role = trim((string) ($_POST['role'] ?? 'agent'));
-        $status = trim((string) ($_POST['status'] ?? 'active'));
+        $role = $this->sanitizeRole((string) ($_POST['role'] ?? 'agent'));
+        $status = $this->sanitizeStatus((string) ($_POST['status'] ?? 'active'));
 
         if ($id <= 0) {
             flash('error', 'Invalid admin id.');
             redirect('admins');
         }
-        if (!in_array($role, ['admin', 'manager', 'agent', 'viewer'], true)) {
-            $role = 'agent';
+
+        $adminModel = new Admin();
+        $target = $adminModel->findById($id);
+        if (!$target) {
+            flash('error', 'Admin user not found.');
+            redirect('admins');
         }
-        if (!in_array($status, ['active', 'disabled'], true)) {
-            $status = 'active';
+
+        $guardMessage = $this->guardAdminChange($target, $role, $status);
+        if ($guardMessage !== null) {
+            flash('error', $guardMessage);
+            redirect('admins');
         }
 
-        $updated = (new Admin())->updateRoleAndStatus($id, $role, $status);
+        $updated = $adminModel->updateRoleAndStatus($id, $role, $status);
         if ($updated) {
+            $this->refreshAuthUserIfCurrent($id);
             (new InquiryLog())->create(null, Auth::id(), 'admin_user_updated', 'Updated admin #' . $id . ' to ' . $role . '/' . $status);
             flash('success', 'Admin user updated successfully.');
         } else {
             flash('error', 'Unable to update admin user.');
         }
         redirect('admins');
     }
+
+    public function update(): void
+    {
+        if (!Auth::can('tools.view') || !Csrf::verify($_POST['_csrf'] ?? null)) {
+            flash('error', 'Invalid request.');
+            redirect('admins');
+        }
+
+        $id = (int) ($_POST['id'] ?? 0);
+        $nickname = trim((string) ($_POST['nickname'] ?? ''));
+        $email = trim((string) ($_POST['email'] ?? ''));
+        $role = $this->sanitizeRole((string) ($_POST['role'] ?? 'agent'));
+        $status = $this->sanitizeStatus((string) ($_POST['status'] ?? 'active'));
+        $password = (string) ($_POST['password'] ?? '');
+        $passwordConfirm = (string) ($_POST['password_confirm'] ?? '');
+
+        if ($id <= 0) {
+            flash('error', 'Invalid admin id.');
+            redirect('admins');
+        }
+        if ($nickname === '' || $email === '') {
+            flash('error', 'Nickname and email are required.');
+            redirect('admins/edit?id=' . $id);
+        }
+        if (!filter_var($email, FILTER_VALIDATE_EMAIL)) {
+            flash('error', 'Please enter a valid email address.');
+            redirect('admins/edit?id=' . $id);
+        }
+
+        $adminModel = new Admin();
+        $target = $adminModel->findById($id);
+        if (!$target) {
+            flash('error', 'Admin user not found.');
+            redirect('admins');
+        }
+
+        $guardMessage = $this->guardAdminChange($target, $role, $status);
+        if ($guardMessage !== null) {
+            flash('error', $guardMessage);
+            redirect('admins/edit?id=' . $id);
+        }
+
+        $adminModel->updateManagedUser($id, [
+            'nickname' => $nickname,
+            'email' => $email,
+            'role' => $role,
+            'status' => $status,
+        ]);
+
+        if ($password !== '' || $passwordConfirm !== '') {
+            if ($password !== $passwordConfirm) {
+                flash('error', 'The two passwords do not match.');
+                redirect('admins/edit?id=' . $id);
+            }
+            if (strlen($password) < 8) {
+                flash('error', 'Password must be at least 8 characters long.');
+                redirect('admins/edit?id=' . $id);
+            }
+            $adminModel->updatePassword($id, password_hash($password, PASSWORD_DEFAULT));
+        }
+
+        $this->refreshAuthUserIfCurrent($id);
+        (new InquiryLog())->create(null, Auth::id(), 'admin_user_profile_updated', 'Updated admin profile #' . $id);
+        flash('success', 'Admin user saved successfully.');
+        redirect('admins/edit?id=' . $id);
+    }
+
+    public function toggleStatus(): void
+    {
+        if (!Auth::can('tools.view') || !Csrf::verify($_POST['_csrf'] ?? null)) {
+            flash('error', 'Invalid request.');
+            redirect('admins');
+        }
+
+        $id = (int) ($_POST['id'] ?? 0);
+        $targetStatus = $this->sanitizeStatus((string) ($_POST['target_status'] ?? 'disabled'));
+
+        $adminModel = new Admin();
+        $target = $adminModel->findById($id);
+        if (!$target) {
+            flash('error', 'Admin user not found.');
+            redirect('admins');
+        }
+
+        $guardMessage = $this->guardAdminChange($target, (string) ($target['role'] ?? 'agent'), $targetStatus);
+        if ($guardMessage !== null) {
+            flash('error', $guardMessage);
+            redirect('admins');
+        }
+
+        $updated = $adminModel->updateStatus($id, $targetStatus);
+        if ($updated) {
+            $this->refreshAuthUserIfCurrent($id);
+            $action = $targetStatus === 'disabled' ? 'admin_user_disabled' : 'admin_user_enabled';
+            (new InquiryLog())->create(null, Auth::id(), $action, ucfirst($targetStatus) . ' admin #' . $id);
+            flash('success', 'Admin user status updated successfully.');
+        } else {
+            flash('error', 'Unable to update admin status.');
+        }
+        redirect('admins');
+    }
+
+    private function sanitizeRole(string $role): string
+    {
+        return in_array($role, ['admin', 'manager', 'agent', 'viewer'], true) ? $role : 'agent';
+    }
+
+    private function sanitizeStatus(string $status): string
+    {
+        return in_array($status, ['active', 'disabled'], true) ? $status : 'active';
+    }
+
+    private function guardAdminChange(array $target, string $newRole, string $newStatus): ?string
+    {
+        $id = (int) ($target['id'] ?? 0);
+        $currentRole = (string) ($target['role'] ?? 'agent');
+        $currentStatus = (string) ($target['status'] ?? 'active');
+        $adminModel = new Admin();
+
+        if ($id === (int) Auth::id() && $newStatus === 'disabled') {
+            return 'You cannot disable your own account.';
+        }
+
+        if ($currentStatus === 'active' && $newStatus === 'disabled' && $adminModel->countActiveAdmins(null, $id) < 1) {
+            return 'At least one active administrator account must remain.';
+        }
+
+        $isRemovingLastActiveAdmin = $currentRole === 'admin' && $currentStatus === 'active'
+            && ($newRole !== 'admin' || $newStatus !== 'active')
+            && $adminModel->countActiveAdmins('admin', $id) < 1;
+
+        if ($isRemovingLastActiveAdmin) {
+            return 'At least one active admin role account must remain.';
+        }
+
+        return null;
+    }
+
+    private function refreshAuthUserIfCurrent(int $id): void
+    {
+        if ($id !== (int) Auth::id()) {
+            return;
+        }
+
+        $updated = (new Admin())->findById($id);
+        if (!$updated) {
+            return;
+        }
+
+        Session::set('auth_user', [
+            'id' => (int) $updated['id'],
+            'username' => $updated['username'],
+            'nickname' => $updated['nickname'] ?: $updated['username'],
+            'email' => $updated['email'],
+            'role' => $updated['role'] ?? 'admin',
+            'status' => $updated['status'] ?? 'active',
+            'page_size' => (int) ($updated['page_size'] ?? 20),
+        ]);
+    }
 }

app/Models/Admin.php

@@ -98,6 +98,25 @@ public function updateProfile(int $id, array $data): bool
         ]);
     }
 
+    public function updateManagedUser(int $id, array $data): bool
+    {
+        $sql = 'UPDATE admins
+                SET nickname = :nickname,
+                    email = :email,
+                    role = :role,
+                    status = :status,
+                    updated_at = NOW()
+                WHERE id = :id';
+        $stmt = Database::connection()->prepare($sql);
+        return $stmt->execute([
+            'nickname' => $data['nickname'],
+            'email' => $data['email'],
+            'role' => $data['role'],
+            'status' => $data['status'],
+            'id' => $id,
+        ]);
+    }
+
     public function updateRoleAndStatus(int $id, string $role, string $status): bool
     {
         $sql = 'UPDATE admins SET role = :role, status = :status, updated_at = NOW() WHERE id = :id';
@@ -109,6 +128,16 @@ public function updateRoleAndStatus(int $id, string $role, string $status): bool
         ]);
     }
 
+    public function updateStatus(int $id, string $status): bool
+    {
+        $sql = 'UPDATE admins SET status = :status, updated_at = NOW() WHERE id = :id';
+        $stmt = Database::connection()->prepare($sql);
+        return $stmt->execute([
+            'status' => $status,
+            'id' => $id,
+        ]);
+    }
+
     public function updatePassword(int $id, string $passwordHash): bool
     {
         $sql = 'UPDATE admins SET password_hash = :password_hash, updated_at = NOW() WHERE id = :id';
@@ -119,6 +148,26 @@ public function updatePassword(int $id, string $passwordHash): bool
         ]);
     }
 
+    public function countActiveAdmins(?string $role = null, ?int $excludeId = null): int
+    {
+        $sql = 'SELECT COUNT(*) FROM admins WHERE status = :status';
+        $params = ['status' => 'active'];
+
+        if ($role !== null) {
+            $sql .= ' AND role = :role';
+            $params['role'] = $role;
+        }
+
+        if ($excludeId !== null) {
+            $sql .= ' AND id <> :exclude_id';
+            $params['exclude_id'] = $excludeId;
+        }
+
+        $stmt = Database::connection()->prepare($sql);
+        $stmt->execute($params);
+        return (int) $stmt->fetchColumn();
+    }
+
     public function touchLastLogin(int $id): bool
     {
         $stmt = Database::connection()->prepare('UPDATE admins SET last_login_at = NOW(), updated_at = NOW() WHERE id = :id');

database/upgrade-v0.8.5.sql

@@ -0,0 +1,2 @@
+-- v0.8.5
+-- No database structure changes required for this release.

public/assets/css/app.css

@@ -1658,3 +1658,47 @@ textarea.form-input {
         gap: 4px;
     }
 }
+
+.admin-user-actions {
+    display: flex;
+    flex-wrap: wrap;
+    gap: 8px;
+    align-items: center;
+}
+
+.admin-inline-meta-form {
+    display: contents;
+}
+
+.admin-edit-meta {
+    display: grid;
+    grid-template-columns: repeat(3, minmax(0, 1fr));
+    gap: 12px;
+}
+
+.admin-danger-zone {
+    border: 1px dashed var(--border-strong);
+    border-radius: 16px;
+    padding: 18px;
+    background: linear-gradient(180deg, #ffffff 0%, #fafcff 100%);
+    display: flex;
+    gap: 16px;
+    justify-content: space-between;
+    align-items: center;
+}
+
+@media (max-width: 920px) {
+    .admin-edit-meta {
+        grid-template-columns: 1fr;
+    }
+
+    .admin-danger-zone {
+        flex-direction: column;
+        align-items: stretch;
+    }
+
+    .admin-user-actions {
+        flex-direction: column;
+        align-items: stretch;
+    }
+}