rsb-admin 0.9.1

data/app/views/rsb/admin/roles/_form.html.erb

@@ -0,0 +1,197 @@
+<%= form_with model: role, url: url, method: method, local: true do |f| %>
+  <% if role.errors.any? %>
+    <div class="bg-rsb-danger-bg text-rsb-danger-text border border-red-200 px-4 py-3 rounded-rsb mb-4 text-sm">
+      <strong><%= rsb_admin_t("errors.prohibited", count: role.errors.count) %></strong>
+      <ul class="mt-2 pl-6 list-disc">
+        <% role.errors.full_messages.each do |message| %>
+          <li><%= message %></li>
+        <% end %>
+      </ul>
+    </div>
+  <% end %>
+
+  <div class="mb-4">
+    <label class="block text-sm font-medium mb-1"><%= rsb_admin_t("columns.name") %></label>
+    <%= f.text_field :name, class: "w-full px-3 py-2 border border-rsb-border rounded-rsb text-sm focus:outline-none focus:border-rsb-primary focus:ring-2 focus:ring-rsb-primary/10" %>
+  </div>
+
+  <div class="mb-4">
+    <label class="flex items-center gap-2 font-semibold text-sm">
+      <input type="checkbox" name="role[superadmin_toggle]" value="1"
+             id="superadmin-toggle"
+             class="rounded border-rsb-border text-rsb-primary focus:ring-rsb-primary"
+             <%= 'checked' if role.superadmin? %>>
+      <span><%= rsb_admin_t("roles.superadmin") %></span>
+    </label>
+    <p class="text-xs text-rsb-muted mt-1"><%= rsb_admin_t("roles.superadmin_toggle") %></p>
+  </div>
+
+  <div id="permissions-grid" style="<%= 'display: none;' if role.superadmin? %>">
+    <label class="block text-sm font-semibold mb-3"><%= rsb_admin_t("roles.permissions") %></label>
+
+    <input type="hidden" name="role[permissions_checkboxes][_dummy][]" value="" />
+
+    <% registry = RSB::Admin.registry %>
+    <% registry.categories.each do |category_name, category| %>
+      <% next if category.resources.empty? && category.pages.empty? %>
+
+      <div class="mb-6">
+        <h4 class="text-xs uppercase tracking-wider text-rsb-muted mb-2"><%= category_name %></h4>
+
+        <div class="border border-rsb-border rounded-rsb overflow-hidden">
+          <% items_index = 0 %>
+          <% category.resources.each do |resource| %>
+            <% resource_key = resource.route_key %>
+            <% allowed_actions = role.permissions[resource_key] || [] %>
+            <div class="px-4 py-3 flex items-center gap-4 flex-wrap <%= 'border-t border-rsb-border' if items_index > 0 %>">
+              <strong class="min-w-[150px] text-sm"><%= resource.label %></strong>
+              <div class="flex gap-3 flex-wrap">
+                <% resource.actions.each do |action| %>
+                  <label class="flex items-center gap-1 text-xs cursor-pointer">
+                    <input type="checkbox"
+                           name="role[permissions_checkboxes][<%= resource_key %>][]"
+                           value="<%= action %>"
+                           class="permission-checkbox rounded border-rsb-border text-rsb-primary focus:ring-rsb-primary"
+                           <%= 'checked' if allowed_actions.include?(action.to_s) || role.superadmin? %>>
+                    <span><%= action.to_s %></span>
+                  </label>
+                <% end %>
+              </div>
+            </div>
+            <% items_index += 1 %>
+          <% end %>
+          <% category.pages.each do |page| %>
+            <% page_key = page.key.to_s %>
+            <% page_actions = role.permissions[page_key] || [] %>
+            <% page_action_keys = page.action_keys.map(&:to_s) %>
+            <% page_action_keys = %w[index] if page_action_keys.empty? %>
+            <div class="px-4 py-3 flex items-center gap-4 flex-wrap <%= 'border-t border-rsb-border' if items_index > 0 %>">
+              <strong class="min-w-[150px] text-sm"><%= page.label %></strong>
+              <div class="flex gap-3 flex-wrap">
+                <% page_action_keys.each do |action| %>
+                  <label class="flex items-center gap-1 text-xs cursor-pointer">
+                    <input type="checkbox"
+                           name="role[permissions_checkboxes][<%= page_key %>][]"
+                           value="<%= action %>"
+                           class="permission-checkbox rounded border-rsb-border text-rsb-primary focus:ring-rsb-primary"
+                           <%= 'checked' if page_actions.include?(action) || role.superadmin? %>>
+                    <span><%= action %></span>
+                  </label>
+                <% end %>
+              </div>
+            </div>
+            <% items_index += 1 %>
+          <% end %>
+        </div>
+      </div>
+    <% end %>
+
+    <div class="mb-6">
+      <h4 class="text-xs uppercase tracking-wider text-rsb-muted mb-2"><%= rsb_admin_t("shared.system") %></h4>
+
+      <div class="border border-rsb-border rounded-rsb overflow-hidden">
+        <% dashboard_actions = role.permissions["dashboard"] || [] %>
+        <% dashboard_page = RSB::Admin.registry.dashboard_page %>
+        <% dashboard_action_keys = dashboard_page&.action_keys&.map(&:to_s) || [] %>
+        <% dashboard_action_keys = %w[index] if dashboard_action_keys.empty? %>
+        <div class="px-4 py-3 flex items-center gap-4 flex-wrap">
+          <strong class="min-w-[150px] text-sm"><%= rsb_admin_t("roles.dashboard") %></strong>
+          <div class="flex gap-3 flex-wrap">
+            <% dashboard_action_keys.each do |action| %>
+              <label class="flex items-center gap-1 text-xs cursor-pointer">
+                <input type="checkbox"
+                       name="role[permissions_checkboxes][dashboard][]"
+                       value="<%= action %>"
+                       class="permission-checkbox rounded border-rsb-border text-rsb-primary focus:ring-rsb-primary"
+                       <%= 'checked' if dashboard_actions.include?(action) || role.superadmin? %>>
+                <span><%= action %></span>
+              </label>
+            <% end %>
+          </div>
+        </div>
+
+        <% settings_actions = role.permissions["settings"] || [] %>
+        <div class="px-4 py-3 flex items-center gap-4 flex-wrap border-t border-rsb-border">
+          <strong class="min-w-[150px] text-sm"><%= rsb_admin_t("settings.title") %></strong>
+          <div class="flex gap-3 flex-wrap">
+            <% %w[index update].each do |action| %>
+              <label class="flex items-center gap-1 text-xs cursor-pointer">
+                <input type="checkbox"
+                       name="role[permissions_checkboxes][settings][]"
+                       value="<%= action %>"
+                       class="permission-checkbox rounded border-rsb-border text-rsb-primary focus:ring-rsb-primary"
+                       <%= 'checked' if settings_actions.include?(action) || role.superadmin? %>>
+                <span><%= action %></span>
+              </label>
+            <% end %>
+          </div>
+        </div>
+
+        <% admin_users_actions = role.permissions["admin_users"] || [] %>
+        <div class="px-4 py-3 flex items-center gap-4 flex-wrap border-t border-rsb-border">
+          <strong class="min-w-[150px] text-sm"><%= rsb_admin_t("admin_users.title") %></strong>
+          <div class="flex gap-3 flex-wrap">
+            <% %w[index show new create edit update destroy].each do |action| %>
+              <label class="flex items-center gap-1 text-xs cursor-pointer">
+                <input type="checkbox"
+                       name="role[permissions_checkboxes][admin_users][]"
+                       value="<%= action %>"
+                       class="permission-checkbox rounded border-rsb-border text-rsb-primary focus:ring-rsb-primary"
+                       <%= 'checked' if admin_users_actions.include?(action) || role.superadmin? %>>
+                <span><%= action %></span>
+              </label>
+            <% end %>
+          </div>
+        </div>
+
+        <% roles_actions = role.permissions["roles"] || [] %>
+        <div class="px-4 py-3 flex items-center gap-4 flex-wrap border-t border-rsb-border">
+          <strong class="min-w-[150px] text-sm"><%= rsb_admin_t("roles.title") %></strong>
+          <div class="flex gap-3 flex-wrap">
+            <% %w[index show new create edit update destroy].each do |action| %>
+              <label class="flex items-center gap-1 text-xs cursor-pointer">
+                <input type="checkbox"
+                       name="role[permissions_checkboxes][roles][]"
+                       value="<%= action %>"
+                       class="permission-checkbox rounded border-rsb-border text-rsb-primary focus:ring-rsb-primary"
+                       <%= 'checked' if roles_actions.include?(action) || role.superadmin? %>>
+                <span><%= action %></span>
+              </label>
+            <% end %>
+          </div>
+        </div>
+      </div>
+    </div>
+  </div>
+
+  <div class="flex gap-3 mt-6">
+    <button type="submit"
+            class="px-4 py-2 bg-rsb-primary text-rsb-primary-text rounded-rsb text-sm font-medium hover:bg-rsb-primary-hover">
+      <%= rsb_admin_t("shared.save") %>
+    </button>
+    <a href="<%= rsb_admin.roles_path %>"
+       class="px-4 py-2 border border-rsb-border text-rsb-text rounded-rsb text-sm hover:bg-rsb-bg">
+      <%= rsb_admin_t("shared.cancel") %>
+    </a>
+  </div>
+<% end %>
+
+<script>
+  document.addEventListener('DOMContentLoaded', function() {
+    var superadminToggle = document.getElementById('superadmin-toggle');
+    var permissionsGrid = document.getElementById('permissions-grid');
+    var allCheckboxes = document.querySelectorAll('.permission-checkbox');
+
+    if (superadminToggle && permissionsGrid) {
+      superadminToggle.addEventListener('change', function() {
+        if (this.checked) {
+          permissionsGrid.style.display = 'none';
+          allCheckboxes.forEach(function(cb) { cb.checked = true; });
+        } else {
+          permissionsGrid.style.display = '';
+          allCheckboxes.forEach(function(cb) { cb.checked = false; });
+        }
+      });
+    }
+  });
+</script>

data/app/views/rsb/admin/roles/edit.html.erb

@@ -0,0 +1,7 @@
+<div class="flex justify-between items-center mb-6">
+  <h1 class="text-2xl font-bold"><%= rsb_admin_t("shared.edit") %> <%= rsb_admin_t("roles.title").singularize %>: <%= @role.name %></h1>
+</div>
+
+<div class="bg-rsb-card border border-rsb-border rounded-rsb-lg shadow-rsb-sm p-6">
+  <%= render rsb_admin_partial("roles/form"), role: @role, url: rsb_admin.role_path(@role), method: :patch %>
+</div>

data/app/views/rsb/admin/roles/index.html.erb

@@ -0,0 +1,71 @@
+<div class="flex justify-between items-center mb-6">
+  <h1 class="text-2xl font-bold"><%= rsb_admin_t("roles.title") %></h1>
+  <% if rsb_admin_can?("roles", "new") %>
+    <a href="<%= rsb_admin.new_role_path %>"
+       class="inline-flex items-center gap-1 px-4 py-2 bg-rsb-primary text-rsb-primary-text rounded-rsb text-sm font-medium hover:bg-rsb-primary-hover transition-colors">
+      <%= rsb_admin_icon("plus", size: 16) %>
+      <%= rsb_admin_t("shared.new", resource: rsb_admin_t("roles.title").singularize) %>
+    </a>
+  <% else %>
+    <span class="inline-flex items-center gap-1 px-4 py-2 bg-rsb-primary/50 text-rsb-primary-text/50 rounded-rsb text-sm font-medium pointer-events-none cursor-not-allowed"
+          title="<%= rsb_admin_t("shared.no_access") %>">
+      <%= rsb_admin_icon("plus", size: 16) %>
+      <%= rsb_admin_t("shared.new", resource: rsb_admin_t("roles.title").singularize) %>
+    </span>
+  <% end %>
+</div>
+
+<div class="bg-rsb-card border border-rsb-border rounded-rsb-lg shadow-rsb-sm overflow-hidden">
+  <div class="overflow-x-auto">
+    <table class="w-full">
+      <thead>
+        <tr>
+          <th class="px-4 py-3 text-left text-xs font-semibold uppercase tracking-wider text-rsb-muted bg-rsb-bg border-b border-rsb-border"><%= rsb_admin_t("columns.name") %></th>
+          <th class="px-4 py-3 text-left text-xs font-semibold uppercase tracking-wider text-rsb-muted bg-rsb-bg border-b border-rsb-border"><%= rsb_admin_t("roles.built_in") %></th>
+          <th class="px-4 py-3 text-left text-xs font-semibold uppercase tracking-wider text-rsb-muted bg-rsb-bg border-b border-rsb-border"><%= rsb_admin_t("roles.admin_users_count") %></th>
+          <th class="px-4 py-3 text-right text-xs font-semibold uppercase tracking-wider text-rsb-muted bg-rsb-bg border-b border-rsb-border"><%= rsb_admin_t("roles.actions") %></th>
+        </tr>
+      </thead>
+      <tbody>
+        <% @roles.each do |role| %>
+          <tr class="hover:bg-rsb-bg border-b border-rsb-border last:border-b-0">
+            <td class="px-4 py-3 text-sm">
+              <a href="<%= rsb_admin.role_path(role) %>" class="text-rsb-primary hover:underline"><%= role.name %></a>
+            </td>
+            <td class="px-4 py-3 text-sm">
+              <% if role.built_in? %>
+                <%= rsb_admin_badge(rsb_admin_t("roles.built_in"), variant: :warning) %>
+              <% end %>
+            </td>
+            <td class="px-4 py-3 text-sm"><%= role.admin_users.count %></td>
+            <td class="px-4 py-3 text-sm text-right">
+              <div class="flex items-center gap-2 justify-end">
+                <% if rsb_admin_can?("roles", "edit") %>
+                  <a href="<%= rsb_admin.edit_role_path(role) %>"
+                     class="text-rsb-muted hover:text-rsb-text" title="<%= rsb_admin_t("shared.edit") %>">
+                    <%= rsb_admin_icon("edit", size: 16) %>
+                  </a>
+                <% else %>
+                  <span class="text-rsb-muted/40 cursor-not-allowed" title="<%= rsb_admin_t("shared.no_access") %>">
+                    <%= rsb_admin_icon("edit", size: 16) %>
+                  </span>
+                <% end %>
+                <% if rsb_admin_can?("roles", "destroy") %>
+                  <%= button_to rsb_admin.role_path(role), method: :delete,
+                      data: { turbo_confirm: rsb_admin_t("roles.confirm_delete") },
+                      class: "text-rsb-muted hover:text-rsb-danger" do %>
+                    <%= rsb_admin_icon("trash", size: 16) %>
+                  <% end %>
+                <% else %>
+                  <span class="text-rsb-muted/40 cursor-not-allowed" title="<%= rsb_admin_t("shared.no_access") %>">
+                    <%= rsb_admin_icon("trash", size: 16) %>
+                  </span>
+                <% end %>
+              </div>
+            </td>
+          </tr>
+        <% end %>
+      </tbody>
+    </table>
+  </div>
+</div>

data/app/views/rsb/admin/roles/new.html.erb

@@ -0,0 +1,7 @@
+<div class="flex justify-between items-center mb-6">
+  <h1 class="text-2xl font-bold"><%= rsb_admin_t("shared.new", resource: rsb_admin_t("roles.title").singularize) %></h1>
+</div>
+
+<div class="bg-rsb-card border border-rsb-border rounded-rsb-lg shadow-rsb-sm p-6">
+  <%= render rsb_admin_partial("roles/form"), role: @role, url: rsb_admin.roles_path, method: :post %>
+</div>

data/app/views/rsb/admin/roles/show.html.erb

@@ -0,0 +1,99 @@
+<div class="flex justify-between items-center mb-6">
+  <h1 class="text-2xl font-bold"><%= @role.name %></h1>
+  <div class="flex gap-2">
+    <% unless @role.built_in? %>
+      <% if rsb_admin_can?("roles", "edit") %>
+        <a href="<%= rsb_admin.edit_role_path(@role) %>"
+           class="inline-flex items-center gap-1 px-4 py-2 border border-rsb-border rounded-rsb text-sm hover:bg-rsb-bg">
+          <%= rsb_admin_icon("edit", size: 16) %>
+          <%= rsb_admin_t("shared.edit") %>
+        </a>
+      <% else %>
+        <span class="inline-flex items-center gap-1 px-4 py-2 border border-rsb-border/50 rounded-rsb text-sm text-rsb-muted pointer-events-none cursor-not-allowed"
+              title="<%= rsb_admin_t("shared.no_access") %>">
+          <%= rsb_admin_icon("edit", size: 16) %>
+          <%= rsb_admin_t("shared.edit") %>
+        </span>
+      <% end %>
+    <% end %>
+    <a href="<%= rsb_admin.roles_path %>"
+       class="inline-flex items-center gap-1 px-4 py-2 border border-rsb-border rounded-rsb text-sm hover:bg-rsb-bg">
+      <%= rsb_admin_t("shared.back") %>
+    </a>
+  </div>
+</div>
+
+<div class="bg-rsb-card border border-rsb-border rounded-rsb-lg shadow-rsb-sm p-6">
+  <div class="grid grid-cols-[200px_1fr] gap-4 py-3 border-b border-rsb-border">
+    <strong class="text-sm text-rsb-muted"><%= rsb_admin_t("columns.name") %></strong>
+    <div><%= @role.name %></div>
+  </div>
+
+  <div class="grid grid-cols-[200px_1fr] gap-4 py-3 border-b border-rsb-border">
+    <strong class="text-sm text-rsb-muted">Type</strong>
+    <div>
+      <% if @role.superadmin? %>
+        <%= rsb_admin_badge(rsb_admin_t("roles.superadmin"), variant: :success) %>
+      <% elsif @role.built_in? %>
+        <%= rsb_admin_badge(rsb_admin_t("roles.built_in"), variant: :warning) %>
+      <% else %>
+        <%= rsb_admin_badge(rsb_admin_t("roles.custom"), variant: :success) %>
+      <% end %>
+    </div>
+  </div>
+
+  <div class="grid grid-cols-[200px_1fr] gap-4 py-3">
+    <strong class="text-sm text-rsb-muted"><%= rsb_admin_t("roles.admin_users_count") %></strong>
+    <div><%= @role.admin_users.count %></div>
+  </div>
+</div>
+
+<div class="mt-6 bg-rsb-card border border-rsb-border rounded-rsb-lg shadow-rsb-sm p-6">
+  <h3 class="text-base font-semibold mb-4"><%= rsb_admin_t("roles.permissions") %></h3>
+
+  <% if @role.superadmin? %>
+    <p class="text-sm"><%= rsb_admin_t("roles.full_access") %></p>
+  <% elsif @role.permissions.empty? %>
+    <p class="text-rsb-muted text-sm"><%= rsb_admin_t("roles.no_permissions") %></p>
+  <% else %>
+    <div class="border border-rsb-border rounded-rsb overflow-hidden">
+      <% @role.permissions.each_with_index do |(resource_key, actions), idx| %>
+        <% next if resource_key == "*" %>
+        <% reg = @registry.find_resource_by_route_key(resource_key) %>
+        <% resource_label = reg ? reg.label : resource_key.titleize %>
+        <div class="px-4 py-3 flex items-center gap-4 flex-wrap <%= 'border-t border-rsb-border' if idx > 0 %>">
+          <strong class="min-w-[150px] text-sm"><%= resource_label %></strong>
+          <div class="flex gap-2 flex-wrap">
+            <% actions.each do |action| %>
+              <%= rsb_admin_badge(action, variant: :success) %>
+            <% end %>
+          </div>
+        </div>
+      <% end %>
+    </div>
+  <% end %>
+</div>
+
+<% unless @role.built_in? %>
+  <% if rsb_admin_can?("roles", "destroy") %>
+    <div class="mt-6 bg-rsb-card border border-rsb-border rounded-rsb-lg shadow-rsb-sm p-6">
+      <h3 class="text-base font-semibold text-rsb-danger mb-4"><%= rsb_admin_t("shared.danger_zone") %></h3>
+      <% if @role.admin_users.any? %>
+        <p class="text-sm text-rsb-muted mb-4"><%= rsb_admin_t("roles.reassign_warning", count: @role.admin_users.count) %></p>
+      <% end %>
+      <%= button_to rsb_admin_t("shared.delete") + " " + rsb_admin_t("roles.title").singularize,
+            rsb_admin.role_path(@role),
+            method: :delete,
+            data: { turbo_confirm: rsb_admin_t("roles.confirm_delete") },
+            class: "px-4 py-2 bg-rsb-danger text-white rounded-rsb text-sm font-medium hover:bg-red-700" %>
+    </div>
+  <% else %>
+    <div class="mt-6 bg-rsb-card border border-rsb-border rounded-rsb-lg shadow-rsb-sm p-6">
+      <h3 class="text-base font-semibold text-rsb-danger mb-4"><%= rsb_admin_t("shared.danger_zone") %></h3>
+      <span class="inline-flex px-4 py-2 bg-rsb-danger/50 text-white/50 rounded-rsb text-sm font-medium pointer-events-none cursor-not-allowed"
+            title="<%= rsb_admin_t("shared.no_access") %>">
+        <%= rsb_admin_t("shared.delete") %> <%= rsb_admin_t("roles.title").singularize %>
+      </span>
+    </div>
+  <% end %>
+<% end %>

data/app/views/rsb/admin/sessions/new.html.erb

@@ -0,0 +1,31 @@
+<div class="flex justify-center items-center min-h-screen bg-rsb-bg">
+  <div class="bg-rsb-card border border-rsb-border rounded-rsb-lg p-8 w-full max-w-[400px] shadow-rsb">
+    <% if rsb_admin_logo_url.present? %>
+      <div class="flex justify-center mb-4">
+        <img src="<%= rsb_admin_logo_url %>" alt="<%= rsb_admin_app_name %>" class="h-10">
+      </div>
+    <% end %>
+    <% if rsb_admin_company_name.present? %>
+      <p class="text-sm text-rsb-muted text-center mb-2"><%= rsb_admin_company_name %></p>
+    <% end %>
+    <h1 class="text-2xl font-bold mb-6 text-center"><%= rsb_admin_t("sessions.sign_in") %></h1>
+    <form action="<%= rsb_admin.login_path %>" method="post">
+      <%= hidden_field_tag :authenticity_token, form_authenticity_token %>
+      <div class="mb-4">
+        <label class="block text-sm font-medium mb-1"><%= rsb_admin_t("sessions.email") %></label>
+        <input type="email" name="email" required
+               value="<%= @email %>"
+               class="w-full px-3 py-2 border border-rsb-border rounded-rsb text-sm focus:outline-none focus:border-rsb-primary focus:ring-2 focus:ring-rsb-primary/10">
+      </div>
+      <div class="mb-6">
+        <label class="block text-sm font-medium mb-1"><%= rsb_admin_t("sessions.password") %></label>
+        <input type="password" name="password" required
+               class="w-full px-3 py-2 border border-rsb-border rounded-rsb text-sm focus:outline-none focus:border-rsb-primary focus:ring-2 focus:ring-rsb-primary/10">
+      </div>
+      <button type="submit"
+              class="w-full px-4 py-2 bg-rsb-primary text-rsb-primary-text rounded-rsb text-sm font-medium hover:bg-rsb-primary-hover">
+        <%= rsb_admin_t("sessions.sign_in_button") %>
+      </button>
+    </form>
+  </div>
+</div>

data/app/views/rsb/admin/sessions/two_factor.html.erb

@@ -0,0 +1,39 @@
+<div class="flex justify-center items-center min-h-screen bg-rsb-bg">
+  <div class="bg-rsb-card border border-rsb-border rounded-rsb-lg p-8 w-full max-w-[400px] shadow-rsb">
+    <% if RSB::Admin.configuration.logo_url.present? %>
+      <div class="flex justify-center mb-6">
+        <img src="<%= RSB::Admin.configuration.logo_url %>" alt="Logo" class="h-12" />
+      </div>
+    <% end %>
+
+    <h1 class="text-2xl font-bold text-center mb-6">Two-Factor Authentication</h1>
+    <p class="text-center mb-6 text-rsb-muted text-sm">Enter the 6-digit code from your authenticator app, or use a backup code.</p>
+
+    <% if flash[:alert] %>
+      <div class="mb-4 p-3 rounded-rsb bg-rsb-danger-bg border border-rsb-danger text-rsb-danger-text text-sm">
+        <%= flash[:alert] %>
+      </div>
+    <% end %>
+
+    <%= form_tag(verify_two_factor_login_path, method: :post) do %>
+      <%= hidden_field_tag :authenticity_token, form_authenticity_token %>
+
+      <div class="mb-4">
+        <label for="otp_code" class="block text-sm font-medium mb-1">Verification Code</label>
+        <input type="text" id="otp_code" name="otp_code"
+               class="w-full px-3 py-2 border border-rsb-border rounded-rsb text-sm focus:outline-none focus:border-rsb-primary focus:ring-2 focus:ring-rsb-primary/10"
+               placeholder="6-digit code or backup code"
+               autocomplete="one-time-code" inputmode="numeric" autofocus required />
+      </div>
+
+      <button type="submit"
+              class="w-full px-4 py-2 bg-rsb-primary text-rsb-primary-text rounded-rsb text-sm font-medium hover:bg-rsb-primary-hover">
+        Verify
+      </button>
+    <% end %>
+
+    <div class="mt-4 text-center">
+      <a href="<%= login_path %>" class="text-sm text-rsb-muted hover:underline">Cancel and sign in again</a>
+    </div>
+  </div>
+</div>

data/app/views/rsb/admin/settings/_field.html.erb

@@ -0,0 +1,115 @@
+<%
+  full_key = "#{category}.#{defn.key}"
+  field_name = "settings[values][#{defn.key}]"
+  disabled = state == :locked || state == :disabled_by_dependency
+  enum_values = defn.enum.respond_to?(:call) ? defn.enum.call : defn.enum
+
+  # CSS classes
+  wrapper_class = disabled ? "opacity-50" : ""
+  input_class = "w-full px-3 py-2 border border-rsb-border rounded-rsb text-sm bg-rsb-card text-rsb-text focus:outline-none focus:ring-1 focus:ring-rsb-primary focus:border-rsb-primary"
+  input_class += " cursor-not-allowed bg-rsb-muted-bg" if disabled
+%>
+
+<div class="<%= wrapper_class %>">
+  <%# Setting key in monospace %>
+  <div class="flex items-center gap-2 mb-1">
+    <code class="text-xs text-rsb-muted font-mono"><%= full_key %></code>
+    <% if state == :locked %>
+      <span class="inline-flex items-center gap-1 text-xs text-rsb-muted" title="<%= rsb_admin_t('settings.locked') %>">
+        <%= rsb_admin_icon("lock", size: 12) %>
+        <span><%= rsb_admin_t("settings.locked") %></span>
+      </span>
+    <% end %>
+  </div>
+
+  <%# Label %>
+  <label for="settings_values_<%= defn.key %>" class="block text-sm font-medium text-rsb-text mb-1">
+    <%= defn.label.presence || defn.key.to_s.titleize %>
+  </label>
+
+  <%# Input field by type %>
+  <% if enum_values.present? %>
+    <%# Enum -> select dropdown %>
+    <select name="<%= field_name %>"
+            id="settings_values_<%= defn.key %>"
+            class="<%= input_class %>"
+            <%= "disabled" if disabled %>>
+      <% enum_values.each do |opt| %>
+        <option value="<%= opt %>" <%= "selected" if value.to_s == opt.to_s %>><%= opt.to_s.titleize %></option>
+      <% end %>
+    </select>
+
+  <% elsif defn.type == :boolean %>
+    <%# Boolean -> toggle switch %>
+    <div class="flex items-center">
+      <%# Hidden field sends "false" when checkbox unchecked %>
+      <input type="hidden" name="<%= field_name %>" value="false" <%= "disabled" if disabled %>>
+      <label class="relative inline-flex items-center cursor-pointer <%= 'cursor-not-allowed' if disabled %>">
+        <input type="checkbox"
+               name="<%= field_name %>"
+               id="settings_values_<%= defn.key %>"
+               value="true"
+               class="sr-only peer"
+               <%= "checked" if ActiveModel::Type::Boolean.new.cast(value) %>
+               <%= "disabled" if disabled %>>
+        <div class="w-10 h-5 bg-rsb-border rounded-full peer
+                    peer-checked:bg-rsb-primary peer-checked:after:translate-x-5
+                    after:content-[''] after:absolute after:top-0.5 after:left-0.5
+                    after:bg-white after:rounded-full after:h-4 after:w-4
+                    after:transition-transform after:duration-200
+                    transition-colors duration-200"></div>
+        <span class="ml-2 text-sm text-rsb-text">
+          <%= ActiveModel::Type::Boolean.new.cast(value) ? "Enabled" : "Disabled" %>
+        </span>
+      </label>
+    </div>
+
+  <% elsif defn.type == :integer || defn.type == :duration %>
+    <%# Integer / Duration -> number input %>
+    <div class="flex items-center gap-2">
+      <input type="number"
+             name="<%= field_name %>"
+             id="settings_values_<%= defn.key %>"
+             value="<%= value.is_a?(ActiveSupport::Duration) ? value.to_i : value %>"
+             class="<%= input_class %> max-w-xs"
+             <%= "disabled" if disabled %>>
+      <% if defn.type == :duration %>
+        <span class="text-sm text-rsb-muted">seconds</span>
+      <% end %>
+    </div>
+
+  <% elsif defn.type == :float %>
+    <%# Float -> number input with step %>
+    <input type="number"
+           name="<%= field_name %>"
+           id="settings_values_<%= defn.key %>"
+           value="<%= value %>"
+           step="any"
+           class="<%= input_class %> max-w-xs"
+           <%= "disabled" if disabled %>>
+
+  <% else %>
+    <%# String (default) -> text input %>
+    <input type="text"
+           name="<%= field_name %>"
+           id="settings_values_<%= defn.key %>"
+           value="<%= value %>"
+           class="<%= input_class %>"
+           <%= "disabled" if disabled %>>
+  <% end %>
+
+  <%# Description %>
+  <% if defn.description.present? %>
+    <p class="mt-1 text-xs text-rsb-muted"><%= defn.description %></p>
+  <% end %>
+
+  <%# depends_on disabled hint %>
+  <% if state == :disabled_by_dependency && defn.depends_on.present? %>
+    <%
+      parent_label = defn.depends_on.split(".", 2).last.to_s.titleize
+    %>
+    <p class="mt-1 text-xs text-amber-600 dark:text-amber-400">
+      Disabled because <strong><%= parent_label %></strong> is off.
+    </p>
+  <% end %>
+</div>

data/app/views/rsb/admin/settings/index.html.erb

@@ -0,0 +1,61 @@
+<div class="flex justify-between items-center mb-6">
+  <h1 class="text-2xl font-bold"><%= rsb_admin_t("settings.title") %></h1>
+</div>
+
+<%# === Tab Bar === %>
+<% if @categories.size > 1 %>
+  <div class="flex border-b border-rsb-border mb-6" role="tablist">
+    <% @categories.each do |cat| %>
+      <% active = cat == @active_tab %>
+      <a href="<%= rsb_admin.settings_path(tab: cat) %>"
+         role="tab"
+         aria-selected="<%= active %>"
+         class="px-4 py-2.5 text-sm font-medium border-b-2 transition-colors
+                <%= if active
+                      'border-rsb-primary text-rsb-primary'
+                    else
+                      'border-transparent text-rsb-muted hover:text-rsb-text hover:border-rsb-border'
+                    end %>">
+        <%= cat.titleize %>
+      </a>
+    <% end %>
+  </div>
+<% end %>
+
+<%# === Settings Form for Active Tab === %>
+<% if @active_tab && @groups.any? %>
+  <%= form_with url: rsb_admin.settings_path, method: :patch, local: true do |f| %>
+    <%= hidden_field_tag "settings[category]", @active_tab %>
+    <%= hidden_field_tag "settings[tab]", @active_tab %>
+
+    <% @groups.each do |group_name, definitions| %>
+      <div class="bg-rsb-card border border-rsb-border rounded-rsb-lg shadow-rsb-sm p-6 mb-4">
+        <h2 class="text-base font-semibold text-rsb-text mb-4 pb-2 border-b border-rsb-border">
+          <%= group_name %>
+        </h2>
+
+        <div class="space-y-5">
+          <% definitions.each do |defn| %>
+            <%= render partial: rsb_admin_partial("settings/field"), locals: {
+              defn: defn,
+              category: @active_tab,
+              value: @current_values[defn.key],
+              state: @field_states[defn.key],
+              f: f
+            } %>
+          <% end %>
+        </div>
+      </div>
+    <% end %>
+
+    <div class="flex justify-end mt-4">
+      <%= f.submit rsb_admin_t("settings.save", default: "Save Settings"),
+        class: "px-5 py-2.5 bg-rsb-primary text-rsb-primary-text rounded-rsb text-sm font-medium hover:bg-rsb-primary-hover cursor-pointer transition-colors" %>
+    </div>
+  <% end %>
+
+<% elsif @categories.empty? %>
+  <div class="bg-rsb-card border border-rsb-border rounded-rsb-lg shadow-rsb-sm p-6">
+    <p class="text-rsb-muted"><%= rsb_admin_t("dashboard.no_sections") %></p>
+  </div>
+<% end %>

data/app/views/rsb/admin/shared/_badge.html.erb

@@ -0,0 +1 @@
+<%= rsb_admin_badge(text, variant: variant.to_sym) %>

data/app/views/rsb/admin/shared/_breadcrumbs.html.erb

@@ -0,0 +1,12 @@
+<nav class="flex items-center gap-1 text-sm text-rsb-muted mb-4">
+  <% breadcrumbs.each_with_index do |item, i| %>
+    <% if i > 0 %>
+      <span class="mx-1"><%= rsb_admin_icon("chevron-right", size: 14) %></span>
+    <% end %>
+    <% if item.path && i < breadcrumbs.size - 1 %>
+      <a href="<%= item.path %>" class="hover:text-rsb-text transition-colors duration-[var(--rsb-admin-transition)]"><%= item.label %></a>
+    <% else %>
+      <span class="text-rsb-text font-medium"><%= item.label %></span>
+    <% end %>
+  <% end %>
+</nav>