Public/noodlenook
1
0
Fork 0
Code Issues 4 Pull requests Projects Releases 2 Packages Wiki Activity Actions

Add admin auto-assignment for first user and role management UI #3

Merged
Copilot merged 3 commits from copilot/update-admin-user-role-ui into main 2025-11-04 11:17:30 -06:00
Conversation 1 Commits 3 Files changed 10 +5987 -9
Copilot commented 2025-11-04 10:26:33 -06:00 (Migrated from github.com)
Copy link

Implements automatic admin role assignment for the first registered user and adds an admin-only UI for managing user roles, eliminating the need for direct database access.

Backend Changes

  • First user auto-admin: Registration checks user count; assigns admin role when count is 0, viewer otherwise
  • User management API: New /api/users routes for listing users and updating roles (admin-only)
    • GET /api/users - Returns all users with role, email, creation date
    • PUT /api/users/:id/role - Updates user role with validation
  • Security protections: Prevents self-role-change, enforces at least one admin exists
// Registration logic in backend/routes/auth.js
const userCount = await pool.query('SELECT COUNT(*) FROM users');
const isFirstUser = parseInt(userCount.rows[0].count) === 0;
const userRole = isFirstUser ? 'admin' : 'viewer';

Frontend Changes

  • Admin Dashboard (/admin): New page showing user table with inline role editing via dropdowns
  • Navigation: Admin button in header (conditional render for admin users only)
  • Route protection: Admin routes redirect non-admin users to homepage

Security

  • All admin endpoints protected by authenticateToken and authorizeRole('admin') middleware
  • Role values validated against whitelist ['viewer', 'editor', 'admin']
  • CodeQL scan: 0 alerts

Screenshots

Admin Dashboard - User Management Interface
Admin Dashboard

Header with Admin Button (visible to admins only)
Homepage as Admin

Documentation

Updated README.md to reflect:

  • First user receives admin role automatically
  • User role management through Admin Dashboard instead of SQL commands

Warning

Firewall rules blocked me from connecting to one or more addresses (expand for details)

I tried to connect to the following addresses, but was blocked by firewall rules:

  • backend
    • Triggering command: node /home/REDACTED/work/noodlenook/noodlenook/frontend/node_modules/.bin/vite (dns block)

If you need me to access, download, or install something from one of these locations, you can either:

Original prompt

Update the Code for the first registered user to be admin, make all user role changes and configuration changes to be done through a UI behind only Admin accounts

Let Copilot coding agent set things up for you — coding agent works faster and does higher quality work when set up for your repo.

Implements automatic admin role assignment for the first registered user and adds an admin-only UI for managing user roles, eliminating the need for direct database access. ## Backend Changes - **First user auto-admin**: Registration checks user count; assigns `admin` role when count is 0, `viewer` otherwise - **User management API**: New `/api/users` routes for listing users and updating roles (admin-only) - `GET /api/users` - Returns all users with role, email, creation date - `PUT /api/users/:id/role` - Updates user role with validation - **Security protections**: Prevents self-role-change, enforces at least one admin exists ```javascript // Registration logic in backend/routes/auth.js const userCount = await pool.query('SELECT COUNT(*) FROM users'); const isFirstUser = parseInt(userCount.rows[0].count) === 0; const userRole = isFirstUser ? 'admin' : 'viewer'; ``` ## Frontend Changes - **Admin Dashboard** (`/admin`): New page showing user table with inline role editing via dropdowns - **Navigation**: Admin button in header (conditional render for admin users only) - **Route protection**: Admin routes redirect non-admin users to homepage ## Security - All admin endpoints protected by `authenticateToken` and `authorizeRole('admin')` middleware - Role values validated against whitelist `['viewer', 'editor', 'admin']` - CodeQL scan: 0 alerts ## Screenshots **Admin Dashboard - User Management Interface** ![Admin Dashboard](https://github.com/user-attachments/assets/ea967cc7-fddc-4bcb-9cd2-b5a7dec5908e) **Header with Admin Button (visible to admins only)** ![Homepage as Admin](https://github.com/user-attachments/assets/69748bac-ac94-48ba-a5fe-fa96d57464a4) ## Documentation Updated `README.md` to reflect: - First user receives admin role automatically - User role management through Admin Dashboard instead of SQL commands > [!WARNING] > > <details> > <summary>Firewall rules blocked me from connecting to one or more addresses (expand for details)</summary> > > #### I tried to connect to the following addresses, but was blocked by firewall rules: > > - `backend` > - Triggering command: `node /home/REDACTED/work/noodlenook/noodlenook/frontend/node_modules/.bin/vite` (dns block) > > If you need me to access, download, or install something from one of these locations, you can either: > > - Configure [Actions setup steps](https://gh.io/copilot/actions-setup-steps) to set up my environment, which run before the firewall is enabled > - Add the appropriate URLs or hosts to the custom allowlist in this repository's [Copilot coding agent settings](https://github.com/SluberskiHomeLab/noodlenook/settings/copilot/coding_agent) (admins only) > > </details> <!-- START COPILOT CODING AGENT SUFFIX --> <details> <summary>Original prompt</summary> > Update the Code for the first registered user to be admin, make all user role changes and configuration changes to be done through a UI behind only Admin accounts </details> <!-- START COPILOT CODING AGENT TIPS --> --- ✨ Let Copilot coding agent [set things up for you](https://github.com/SluberskiHomeLab/noodlenook/issues/new?title=✨+Set+up+Copilot+instructions&body=Configure%20instructions%20for%20this%20repository%20as%20documented%20in%20%5BBest%20practices%20for%20Copilot%20coding%20agent%20in%20your%20repository%5D%28https://gh.io/copilot-coding-agent-tips%29%2E%0A%0A%3COnboard%20this%20repo%3E&assignees=copilot) — coding agent works faster and does higher quality work when set up for your repo.
SluberskiHomeLab (Migrated from github.com) approved these changes 2025-11-04 11:17:17 -06:00
Sign in to join this conversation.
Reviewers
No reviewers
SluberskiHomeLab
Labels
Clear labels   
bug
Something isn't working

  
documentation
Improvements or additions to documentation

  
duplicate
This issue or pull request already exists

  
enhancement
New feature or request

  
good first issue
Good for newcomers

  
help wanted
Extra attention is needed

  
invalid
This doesn't seem right

  
question
Further information is requested

  
wontfix
This will not be worked on

No labels
bug
documentation
duplicate
enhancement
good first issue
help wanted
invalid
question
wontfix
Milestone
Clear milestone
No items
No milestone
Projects
Clear projects
No items
No project
Assignees
Clear assignees
No assignees
1 participant
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference
Public/noodlenook!3
No description provided.