'use client'; import { useState, useEffect } from 'react'; import { useRouter } from 'next/navigation'; import { apiClient } from '@/lib/api'; import { ROLE_ADMINISTRATOR } from '@/lib/authRedirect'; import '../workstation-detail.css'; interface User { id: number; username: string; roles: string[]; groups: string[]; is_admin: boolean; is_super_admin?: boolean; } export default function AdministratorWorkstation() { const router = useRouter(); const [activeTab, setActiveTab] = useState('users'); const [users, setUsers] = useState([]); const [roles, setRoles] = useState([]); const [loading, setLoading] = useState(false); const [selectedUser, setSelectedUser] = useState(null); const [showRoleModal, setShowRoleModal] = useState(false); const [showCreateModal, setShowCreateModal] = useState(false); const [newRoleName, setNewRoleName] = useState(''); const [message, setMessage] = useState<{ type: 'success' | 'error'; text: string } | null>(null); const [createUsername, setCreateUsername] = useState(''); const [createPassword, setCreatePassword] = useState(''); const [createPasswordConfirm, setCreatePasswordConfirm] = useState(''); const [createRoles, setCreateRoles] = useState([]); const [createSubmitting, setCreateSubmitting] = useState(false); // Restrict access to admins only (login stores user as user_info). Redirect to dashboard, not workstation. useEffect(() => { try { const userStr = localStorage.getItem('user_info') || localStorage.getItem('user'); if (!userStr) { router.replace('/dashboard?section=overview'); return; } const user = JSON.parse(userStr); const roles: string[] = user.roles || []; const isAdmin = user.is_admin || user.is_super_admin || roles.includes(ROLE_ADMINISTRATOR); if (!isAdmin) { router.replace('/dashboard?section=overview'); } } catch { router.replace('/dashboard?section=overview'); } }, [router]); useEffect(() => { if (activeTab === 'users') { loadUsers(); } else if (activeTab === 'roles') { loadRoles(); } }, [activeTab]); useEffect(() => { if (showCreateModal && roles.length === 0) { loadRoles(); } }, [showCreateModal]); const loadUsers = async () => { try { setLoading(true); const response = await apiClient.get('/auth/users'); setUsers(response.data || []); } catch (error: any) { showMessage('error', `Error loading users: ${error.response?.data?.detail || error.message}`); } finally { setLoading(false); } }; const loadRoles = async () => { try { setLoading(true); const response = await apiClient.get('/auth/roles'); setRoles(response.data?.roles || []); } catch (error: any) { showMessage('error', `Error loading roles: ${error.response?.data?.detail || error.message}`); } finally { setLoading(false); } }; const assignRole = async (username: string, roleName: string) => { try { await apiClient.post(`/auth/users/${username}/roles/${roleName}`); showMessage('success', `Role '${roleName}' assigned to '${username}'`); await loadUsers(); setShowRoleModal(false); setSelectedUser(null); } catch (error: any) { showMessage('error', `Error assigning role: ${error.response?.data?.detail || error.message}`); } }; const removeRole = async (username: string, roleName: string) => { if (!confirm(`Remove role '${roleName}' from user '${username}'?`)) { return; } try { await apiClient.delete(`/auth/users/${username}/roles/${roleName}`); showMessage('success', `Role '${roleName}' removed from '${username}'`); await loadUsers(); } catch (error: any) { showMessage('error', `Error removing role: ${error.response?.data?.detail || error.message}`); } }; const handleCreateUser = async () => { const username = createUsername.trim(); if (!username) { showMessage('error', 'Username is required'); return; } if (!createPassword) { showMessage('error', 'Password is required'); return; } if (createPassword.length < 6) { showMessage('error', 'Password must be at least 6 characters'); return; } if (createPassword !== createPasswordConfirm) { showMessage('error', 'Passwords do not match'); return; } setCreateSubmitting(true); try { await apiClient.post('/auth/users', { username, password: createPassword, roles: createRoles, }); showMessage('success', `User '${username}' created successfully`); setShowCreateModal(false); setCreateUsername(''); setCreatePassword(''); setCreatePasswordConfirm(''); setCreateRoles([]); await loadUsers(); } catch (error: any) { const detail = error.response?.data?.detail || error.message; showMessage('error', typeof detail === 'string' ? detail : 'Failed to create user'); } finally { setCreateSubmitting(false); } }; const toggleCreateRole = (role: string) => { setCreateRoles((prev) => prev.includes(role) ? prev.filter((r) => r !== role) : [...prev, role] ); }; const showMessage = (type: 'success' | 'error', text: string) => { setMessage({ type, text }); setTimeout(() => setMessage(null), 5000); }; const tabs = [ { id: 'users', label: '👥 User Management', icon: '👥' }, { id: 'roles', label: '🔐 Roles & Permissions', icon: '🔐' }, { id: 'config', label: '⚙️ System Configuration', icon: '⚙️' }, { id: 'audit', label: '📋 Audit Logs', icon: '📋' }, { id: 'reports', label: '📊 Reports', icon: '📊' }, { id: 'database', label: '🗄️ Database Admin', icon: '🗄️' } ]; return (

⚙️ Administrator Workstation

System administration and configuration

{message && (
{message.text}
)}
{tabs.map(tab => ( ))}
{activeTab === 'users' && (

User Management

{loading ? (
Loading users...
) : (
{users.length === 0 ? ( ) : ( users.map((user) => ( )) )}
Username Roles Groups Status Actions
No users found
{user.username} {(user.is_admin || user.is_super_admin) && ( Super Admin )}
{user.roles && user.roles.length > 0 ? ( user.roles.map((role) => ( {role} )) ) : ( No roles )}
{user.groups?.join(', ') || '—'} Active
)}
)} {activeTab === 'roles' && (

Roles & Permissions

setNewRoleName(e.target.value)} style={{ padding: '8px', marginRight: '10px', minWidth: '300px' }} />
{loading ? (
Loading roles...
) : (
{roles.length === 0 ? ( ) : ( roles.map((role) => { const usersWithRole = users.filter(u => u.roles?.includes(role)); const roleDescriptions: Record = { 'ROLE_ADMINISTRATOR': 'Super Administrator – full system access', 'ROLE_CASHIER': 'Payment processing', 'ROLE_INDEXING_OFFICER': 'Property/document indexing', 'ROLE_SCANNING_OPERATOR': 'Document scanning and archiving', 'ROLE_ARCHIVING_OFFICER': 'Document archiving', 'ROLE_GIS_VIEWER': 'GIS operations', 'ROLE_VIEWER': 'Read-only access' }; return ( ); }) )}
Role Name Description Users with Role
No roles found
{role} {roleDescriptions[role] || 'Custom role'} {usersWithRole.length > 0 ? (
{usersWithRole.map(u => ( {u.username} ))}
) : ( No users )}
)}
)} {activeTab === 'config' && (

System Configuration

Database Settings

Configure database connections and settings

Contentstore Settings

Manage document storage paths and settings

API Settings

Configure API endpoints and security

GIS Settings

Configure GIS integration and QGIS settings

)} {activeTab === 'audit' && (

Audit Logs

View system activity and audit trails

Audit logging feature coming soon...

)} {activeTab === 'reports' && (

System Reports

User Activity Report

Generate user activity reports

System Usage Report

View system usage statistics

Database Statistics

View database statistics and health

)} {activeTab === 'database' && (

Database Administration

Database Information

Database: LRS43

Type: MySQL

Status: Connected

)}
{showCreateModal && (
setShowCreateModal(false)}>
e.stopPropagation()} style={{ maxWidth: '520px' }}>

Create User

setCreateUsername(e.target.value)} placeholder="Enter username" style={{ width: '100%', padding: '8px 12px', borderRadius: '6px', border: '1px solid #ccc' }} autoComplete="off" />
setCreatePassword(e.target.value)} placeholder="Enter password" style={{ width: '100%', padding: '8px 12px', borderRadius: '6px', border: '1px solid #ccc' }} autoComplete="new-password" />
setCreatePasswordConfirm(e.target.value)} placeholder="Confirm password" style={{ width: '100%', padding: '8px 12px', borderRadius: '6px', border: '1px solid #ccc' }} autoComplete="new-password" />

Select one or more roles for this user. They will be able to access features according to these roles.

{roles.map((role) => ( ))}
{roles.length === 0 && Loading roles...}
)} {showRoleModal && selectedUser && (
{ setShowRoleModal(false); setSelectedUser(null); }}>
e.stopPropagation()} style={{ maxWidth: '600px' }}>

Manage Roles for {selectedUser.username}

Current Roles:

{selectedUser.roles && selectedUser.roles.length > 0 ? ( selectedUser.roles.map((role) => ( {role} )) ) : ( No roles assigned )}

Assign New Role:

)}
); }