Skip to content

Improve user management: remove audit log, fix bugs, add sessions #20

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
antosubash merged 5 commits into from
Mar 30, 2026
Merged

Improve user management: remove audit log, fix bugs, add sessions #20

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
5 commits
Select commit Hold shift + click to select a range
aa9ba5a
Improve user management: remove custom audit log, fix bugs, enhance UX
antosubash Mar 28, 2026
0f43164
Simplify: use design system Select, parallelize DB calls, reduce redu…
antosubash Mar 28, 2026
cd9bf9a
Add active sessions tab to admin user management
antosubash Mar 28, 2026
e5fa4e5
Fix build: remove AdminDbContext references from test fixture
antosubash Mar 28, 2026
04c477a
Fix CA1849: use await instead of .Result after Task.WhenAll
antosubash Mar 30, 2026
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
1 change: 0 additions & 1 deletion modules/Admin/src/SimpleModule.Admin.Contracts/AdminPermissions.cs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -6,5 +6,4 @@ public sealed class AdminPermissions : IModulePermissions
{
public const string ManageUsers = "Admin.ManageUsers";
public const string ManageRoles = "Admin.ManageRoles";
public const string ViewAuditLog = "Admin.ViewAuditLog";
}
12 changes: 0 additions & 12 deletions modules/Admin/src/SimpleModule.Admin.Contracts/AuditLogEntryDto.cs
View file
Open in desktop

This file was deleted.

22 changes: 0 additions & 22 deletions modules/Admin/src/SimpleModule.Admin/AdminDbContext.cs
View file
Open in desktop

This file was deleted.

4 changes: 0 additions & 4 deletions modules/Admin/src/SimpleModule.Admin/AdminModule.cs
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,10 +1,8 @@
using Microsoft.Extensions.Configuration;
using Microsoft.Extensions.DependencyInjection;
using SimpleModule.Admin.Contracts;
using SimpleModule.Admin.Services;
using SimpleModule.Core;
using SimpleModule.Core.Menu;
using SimpleModule.Database;

namespace SimpleModule.Admin;

Expand All @@ -13,8 +11,6 @@ public class AdminModule : IModule
{
public void ConfigureServices(IServiceCollection services, IConfiguration configuration)
{
services.AddModuleDbContext<AdminDbContext>(configuration, AdminConstants.ModuleName);
services.AddScoped<AuditService>();
}

public void ConfigureMenu(IMenuBuilder menus)
Expand Down
80 changes: 5 additions & 75 deletions modules/Admin/src/SimpleModule.Admin/Endpoints/Admin/AdminRolesEndpoint.cs
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,9 +1,7 @@
using System.Security.Claims;
using Microsoft.AspNetCore.Builder;
using Microsoft.AspNetCore.Http;
using Microsoft.AspNetCore.Mvc;
using Microsoft.AspNetCore.Routing;
using SimpleModule.Admin.Services;
using SimpleModule.Core;
using SimpleModule.Permissions.Contracts;
using SimpleModule.Users.Contracts;
Expand All @@ -27,8 +25,7 @@ public void Map(IEndpointRouteBuilder app)
[FromForm] string? description,
HttpContext context,
IRoleAdminContracts roleAdmin,
IPermissionContracts permissionContracts,
AuditService audit
IPermissionContracts permissionContracts
) =>
{
var trimmedName = name.Trim();
Expand All @@ -52,15 +49,6 @@ await permissionContracts.SetPermissionsForRoleAsync(
);
}

var adminUserId =
context.User.FindFirstValue(ClaimTypes.NameIdentifier) ?? "";
await audit.LogAsync(
role.Id,
adminUserId,
"RoleCreated",
$"Role '{trimmedName}' created"
);

return TypedResults.Redirect($"/admin/roles/{role.Id}/edit");
}
)
Expand All @@ -74,9 +62,7 @@ async Task<IResult> (
string id,
[FromForm] string name,
[FromForm] string? description,
HttpContext context,
IRoleAdminContracts roleAdmin,
AuditService audit
IRoleAdminContracts roleAdmin
) =>
{
var role = await roleAdmin.GetRoleByIdAsync(id);
Expand All @@ -85,20 +71,7 @@ AuditService audit

var trimmedName = name.Trim();
var trimmedDescription = description?.Trim() is { Length: > 0 } d ? d : null;
await roleAdmin.UpdateRoleAsync(
id,
trimmedName,
trimmedDescription
);

var adminUserId =
context.User.FindFirstValue(ClaimTypes.NameIdentifier) ?? "";
await audit.LogAsync(
id,
adminUserId,
"RoleUpdated",
$"Role '{trimmedName}' updated"
);
await roleAdmin.UpdateRoleAsync(id, trimmedName, trimmedDescription);

return TypedResults.Redirect($"/admin/roles/{id}/edit?tab=details");
}
Expand All @@ -113,8 +86,7 @@ async Task<IResult> (
string id,
HttpContext context,
IRoleAdminContracts roleAdmin,
IPermissionContracts permissionContracts,
AuditService audit
IPermissionContracts permissionContracts
) =>
{
var role = await roleAdmin.GetRoleByIdAsync(id);
Expand All @@ -128,37 +100,6 @@ AuditService audit
.ToHashSet(StringComparer.Ordinal);

var roleId = RoleId.From(id);
var currentPermissions = await permissionContracts.GetPermissionsForRoleAsync(
roleId
);

var adminUserId =
context.User.FindFirstValue(ClaimTypes.NameIdentifier) ?? "";

// Audit removed permissions
foreach (var perm in currentPermissions.Where(p => !newPermissions.Contains(p)))
{
await audit.LogAsync(
id,
adminUserId,
"RolePermissionRemoved",
$"Permission '{perm}' removed from role '{role.Name}'"
);
}

// Audit added permissions
foreach (
var perm in newPermissions.Where(p => !currentPermissions.Contains(p))
)
{
await audit.LogAsync(
id,
adminUserId,
"RolePermissionAdded",
$"Permission '{perm}' added to role '{role.Name}'"
);
}

await permissionContracts.SetPermissionsForRoleAsync(roleId, newPermissions);

return TypedResults.Redirect($"/admin/roles/{id}/edit?tab=permissions");
Expand All @@ -171,10 +112,8 @@ await audit.LogAsync(
"/{id}",
async Task<IResult> (
string id,
HttpContext context,
IRoleAdminContracts roleAdmin,
IPermissionContracts permissionContracts,
AuditService audit
IPermissionContracts permissionContracts
) =>
{
var role = await roleAdmin.GetRoleByIdAsync(id);
Expand All @@ -191,15 +130,6 @@ AuditService audit
var roleId = RoleId.From(id);
await permissionContracts.SetPermissionsForRoleAsync(roleId, []);

var adminUserId =
context.User.FindFirstValue(ClaimTypes.NameIdentifier) ?? "";
await audit.LogAsync(
id,
adminUserId,
"RoleDeleted",
$"Role '{role.Name}' deleted"
);

await roleAdmin.DeleteRoleAsync(id);

return TypedResults.Redirect("/admin/roles");
Expand Down
46 changes: 46 additions & 0 deletions modules/Admin/src/SimpleModule.Admin/Endpoints/Admin/AdminSessionsEndpoint.cs
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,46 @@
using Microsoft.AspNetCore.Builder;
using Microsoft.AspNetCore.Http;
using Microsoft.AspNetCore.Routing;
using SimpleModule.Core;
using SimpleModule.OpenIddict.Contracts;

namespace SimpleModule.Admin.Endpoints.Admin;

public class AdminSessionsEndpoint : IEndpoint
{
public void Map(IEndpointRouteBuilder app)
{
var group = app.MapGroup("/admin/users/{id}/sessions")
.RequireAuthorization(policy => policy.RequireRole("Admin"))
.DisableAntiforgery();

// DELETE /admin/users/{id}/sessions/{tokenId} — Revoke individual session
group.MapDelete(
"/{tokenId}",
async Task<IResult> (
string id,
string tokenId,
IOpenIddictSessionContracts sessionContracts
) =>
{
await sessionContracts.RevokeSessionAsync(tokenId);

return TypedResults.Redirect($"/admin/users/{id}/edit?tab=sessions");
}
);

// DELETE /admin/users/{id}/sessions — Revoke all sessions
group.MapDelete(
"/",
async Task<IResult> (
string id,
IOpenIddictSessionContracts sessionContracts
) =>
{
await sessionContracts.RevokeAllSessionsForUserAsync(id);

return TypedResults.Redirect($"/admin/users/{id}/edit?tab=sessions");
}
);
}
}
Loading