rsb-admin 0.9.1

data/app/views/rsb/admin/shared/_empty_state.html.erb

@@ -0,0 +1,4 @@
+<div class="text-center py-8">
+  <h3 class="text-base font-semibold text-rsb-text mb-1"><%= title %></h3>
+  <p class="text-sm text-rsb-muted"><%= message %></p>
+</div>

data/app/views/rsb/admin/shared/_flash.html.erb

@@ -0,0 +1,22 @@
+<% flash.each do |type, message| %>
+  <%
+    type_str = type.to_s
+    config = case type_str
+             when "notice"
+               { bg: "bg-rsb-success-bg", text: "text-rsb-success-text", border: "border-green-200", icon: "check-circle" }
+             when "alert"
+               { bg: "bg-rsb-danger-bg", text: "text-rsb-danger-text", border: "border-red-200", icon: "alert-circle" }
+             when "warning"
+               { bg: "bg-rsb-warning-bg", text: "text-rsb-warning-text", border: "border-amber-200", icon: "alert-triangle" }
+             else
+               { bg: "bg-rsb-info-bg", text: "text-rsb-info-text", border: "border-blue-200", icon: "info" }
+             end
+  %>
+  <div class="<%= config[:bg] %> <%= config[:text] %> border <%= config[:border] %> px-4 py-3 rounded-rsb mb-4 text-sm flex items-center gap-3">
+    <span class="shrink-0"><%= rsb_admin_icon(config[:icon], size: 18) %></span>
+    <span class="flex-1"><%= message %></span>
+    <button type="button" onclick="this.parentElement.remove()" class="shrink-0 opacity-60 hover:opacity-100 cursor-pointer">
+      <%= rsb_admin_icon("x", size: 16) %>
+    </button>
+  </div>
+<% end %>

data/app/views/rsb/admin/shared/_header.html.erb

@@ -0,0 +1,50 @@
+<div class="text-sm text-rsb-muted">
+  <a href="<%= rsb_admin.profile_path %>" class="hover:text-rsb-text hover:underline"><%= current_admin_user.email %></a>
+  <% if current_admin_user.role %>
+    <span class="ml-1 text-xs text-rsb-muted">(<%= current_admin_user.role.name %>)</span>
+  <% end %>
+</div>
+<div class="flex items-center gap-3">
+  <% if rsb_available_locales.size > 1 %>
+    <div class="relative" id="rsb-locale-switcher">
+      <button type="button"
+              onclick="var m=document.getElementById('rsb-locale-menu');m.classList.toggle('hidden');event.stopPropagation()"
+              class="flex items-center gap-1 px-2 py-1 text-sm text-rsb-muted hover:text-rsb-text rounded-rsb hover:bg-rsb-bg transition-colors"
+              title="<%= rsb_admin_t('shared.switch_language') %>">
+        <%= rsb_admin_icon("globe", size: 16) %>
+        <span><%= rsb_current_locale.upcase %></span>
+      </button>
+      <div id="rsb-locale-menu" class="hidden absolute right-0 mt-1 w-44 bg-rsb-card border border-rsb-border rounded-rsb shadow-rsb-sm z-50">
+        <% rsb_available_locales.each do |loc| %>
+          <form action="/rsb/locale" method="post">
+            <input type="hidden" name="locale" value="<%= loc %>">
+            <input type="hidden" name="redirect_to" value="<%= request.fullpath %>">
+            <button type="submit"
+                    class="w-full text-left px-3 py-2 text-sm transition-colors
+                           <%= loc == rsb_current_locale ? 'font-medium text-rsb-primary bg-rsb-bg' : 'text-rsb-text hover:bg-rsb-bg' %>">
+              <%= rsb_locale_display_name(loc) %>
+              <% if loc == rsb_current_locale %>
+                <span class="float-right text-rsb-primary">&#10003;</span>
+              <% end %>
+            </button>
+          </form>
+        <% end %>
+      </div>
+    </div>
+    <script>
+      // Close locale dropdown when clicking outside
+      document.addEventListener('click', function(e) {
+        var menu = document.getElementById('rsb-locale-menu');
+        var switcher = document.getElementById('rsb-locale-switcher');
+        if (menu && switcher && !switcher.contains(e.target)) {
+          menu.classList.add('hidden');
+        }
+      });
+    </script>
+  <% end %>
+  <%= button_to rsb_admin.logout_path, method: :delete,
+    class: "flex items-center gap-1 text-sm text-rsb-muted hover:text-rsb-text" do %>
+    <%= rsb_admin_icon("log-out", size: 16) %>
+    <%= rsb_admin_t("shared.sign_out") %>
+  <% end %>
+</div>

data/app/views/rsb/admin/shared/_page_tabs.html.erb

@@ -0,0 +1,21 @@
+<% if page.actions.any? %>
+  <div class="flex gap-1 border-b border-rsb-border mb-6">
+    <% page.actions.each do |action| %>
+      <% action_path = rsb_admin_page_action_path(page.key, action[:key]) %>
+      <% is_active = request.path == action_path || (action[:key] == :index && request.path == rsb_admin_page_path(page.key)) %>
+      <% if action[:method] == :get %>
+        <a href="<%= action[:key] == :index ? rsb_admin_page_path(page.key) : action_path %>"
+           class="px-4 py-2 text-sm font-medium border-b-2 -mb-px <%= is_active ? 'border-rsb-primary text-rsb-primary' : 'border-transparent text-rsb-muted hover:text-rsb-text hover:border-rsb-border' %>">
+          <%= action[:label] %>
+        </a>
+      <% else %>
+        <%# POST/DELETE/PATCH actions render as button_to (rule #8) %>
+        <%= button_to action_path, method: action[:method],
+          data: action[:confirm] ? { turbo_confirm: action[:confirm] } : {},
+          class: "px-4 py-2 text-sm font-medium border-b-2 -mb-px border-transparent text-rsb-muted hover:text-rsb-text" do %>
+          <%= action[:label] %>
+        <% end %>
+      <% end %>
+    <% end %>
+  </div>
+<% end %>

data/app/views/rsb/admin/shared/_sidebar.html.erb

@@ -0,0 +1,99 @@
+<div class="px-4 pb-4 text-lg font-bold text-white border-b border-white/10 mb-2">
+  <% if rsb_admin_logo_url.present? %>
+    <img src="<%= rsb_admin_logo_url %>" alt="<%= rsb_admin_app_name %>" class="h-8">
+  <% else %>
+    <%= rsb_admin_app_name %>
+  <% end %>
+</div>
+<nav>
+  <% if rsb_admin_can?("dashboard", "index") %>
+    <a href="<%= rsb_admin.dashboard_path %>"
+       class="flex items-center gap-2 px-4 py-2 text-sm border-l-[3px] <%= request.path == rsb_admin.dashboard_path ? 'border-rsb-sidebar-active text-white bg-white/[0.08]' : 'border-transparent text-rsb-sidebar-text hover:bg-rsb-sidebar-hover hover:text-white' %>">
+      <%= rsb_admin_icon("layout-dashboard", size: 16) %>
+      <%= rsb_admin_t("shared.dashboard") %>
+    </a>
+  <% else %>
+    <span class="flex items-center gap-2 px-4 py-2 text-sm border-l-[3px] border-transparent text-white/30 cursor-not-allowed"
+          title="<%= rsb_admin_t("shared.no_access") %>">
+      <%= rsb_admin_icon("layout-dashboard", size: 16) %>
+      <%= rsb_admin_t("shared.dashboard") %>
+    </span>
+  <% end %>
+
+  <% RSB::Admin.registry.categories.each do |name, category| %>
+    <%
+      cat_has_permitted = category.resources.any? { |r| rsb_admin_can?(r.route_key, "index") } ||
+                          category.pages.any? { |p| rsb_admin_can?(p.key.to_s, "index") }
+    %>
+    <% if cat_has_permitted %>
+      <div class="px-4 pt-3 pb-1 text-[0.7rem] uppercase tracking-wider text-white/40 mt-2"><%= name %></div>
+    <% end %>
+    <% category.resources.each do |resource| %>
+      <% path = rsb_admin_resource_path(resource.route_key) %>
+      <% if rsb_admin_can?(resource.route_key, "index") %>
+        <a href="<%= path %>"
+           class="flex items-center gap-2 px-4 py-2 text-sm border-l-[3px] <%= request.path.start_with?(path) ? 'border-rsb-sidebar-active text-white bg-white/[0.08]' : 'border-transparent text-rsb-sidebar-text hover:bg-rsb-sidebar-hover hover:text-white' %>">
+          <% if resource.icon %>
+            <%= rsb_admin_icon(resource.icon, size: 16) %>
+          <% end %>
+          <%= resource.label %>
+        </a>
+      <% elsif cat_has_permitted %>
+        <span class="flex items-center gap-2 px-4 py-2 text-sm border-l-[3px] border-transparent text-white/30 cursor-not-allowed"
+              title="<%= rsb_admin_t("shared.no_access") %>">
+          <% if resource.icon %>
+            <%= rsb_admin_icon(resource.icon, size: 16) %>
+          <% end %>
+          <%= resource.label %>
+        </span>
+      <% end %>
+    <% end %>
+    <% category.pages.each do |page| %>
+      <% path = rsb_admin_page_path(page.key) %>
+      <% if rsb_admin_can?(page.key.to_s, "index") %>
+        <a href="<%= path %>"
+           class="flex items-center gap-2 px-4 py-2 text-sm border-l-[3px] <%= request.path.start_with?(path) ? 'border-rsb-sidebar-active text-white bg-white/[0.08]' : 'border-transparent text-rsb-sidebar-text hover:bg-rsb-sidebar-hover hover:text-white' %>">
+          <% if page.icon %>
+            <%= rsb_admin_icon(page.icon, size: 16) %>
+          <% end %>
+          <%= page.label %>
+        </a>
+      <% elsif cat_has_permitted %>
+        <span class="flex items-center gap-2 px-4 py-2 text-sm border-l-[3px] border-transparent text-white/30 cursor-not-allowed"
+              title="<%= rsb_admin_t("shared.no_access") %>">
+          <% if page.icon %>
+            <%= rsb_admin_icon(page.icon, size: 16) %>
+          <% end %>
+          <%= page.label %>
+        </span>
+      <% end %>
+    <% end %>
+  <% end %>
+
+  <%
+    system_items = {
+      "admin_users" => { path: rsb_admin.admin_users_path, icon: "users-cog", label: rsb_admin_t("admin_users.title") },
+      "roles" => { path: rsb_admin.roles_path, icon: "key", label: rsb_admin_t("roles.title") },
+      "settings" => { path: rsb_admin.settings_path, icon: "settings", label: rsb_admin_t("settings.title") }
+    }
+    system_has_permitted = system_items.any? { |key, _| rsb_admin_can?(key, "index") }
+  %>
+  <% if system_has_permitted %>
+    <div class="px-4 pt-3 pb-1 text-[0.7rem] uppercase tracking-wider text-white/40 mt-2"><%= rsb_admin_t("shared.system") %></div>
+  <% end %>
+  <% system_items.each do |key, item| %>
+    <% if rsb_admin_can?(key, "index") %>
+      <a href="<%= item[:path] %>"
+         class="flex items-center gap-2 px-4 py-2 text-sm border-l-[3px] <%= request.path.start_with?(item[:path]) ? 'border-rsb-sidebar-active text-white bg-white/[0.08]' : 'border-transparent text-rsb-sidebar-text hover:bg-rsb-sidebar-hover hover:text-white' %>">
+        <%= rsb_admin_icon(item[:icon], size: 16) %>
+        <%= item[:label] %>
+      </a>
+    <% elsif system_has_permitted %>
+      <span class="flex items-center gap-2 px-4 py-2 text-sm border-l-[3px] border-transparent text-white/30 cursor-not-allowed"
+            title="<%= rsb_admin_t("shared.no_access") %>">
+        <%= rsb_admin_icon(item[:icon], size: 16) %>
+        <%= item[:label] %>
+      </span>
+    <% end %>
+  <% end %>
+</nav>

data/app/views/rsb/admin/shared/disabled.html.erb

@@ -0,0 +1,38 @@
+<!DOCTYPE html>
+<html>
+<head>
+  <title><%= RSB::Settings.get("admin.app_name") || RSB::Admin.configuration.app_name %> — Disabled</title>
+  <meta name="viewport" content="width=device-width, initial-scale=1">
+  <style>
+    body {
+      font-family: -apple-system, BlinkMacSystemFont, "Segoe UI", Roboto, sans-serif;
+      display: flex;
+      justify-content: center;
+      align-items: center;
+      min-height: 100vh;
+      margin: 0;
+      background: #f8f9fa;
+      color: #333;
+    }
+    .container {
+      text-align: center;
+      padding: 2rem;
+      max-width: 480px;
+    }
+    h1 {
+      font-size: 1.5rem;
+      margin-bottom: 0.5rem;
+    }
+    p {
+      color: #666;
+      line-height: 1.6;
+    }
+  </style>
+</head>
+<body>
+  <div class="container">
+    <h1><%= I18n.t("rsb.admin.shared.panel_disabled") %></h1>
+    <p><%= I18n.t("rsb.admin.shared.panel_disabled_message") %></p>
+  </div>
+</body>
+</html>

data/app/views/rsb/admin/shared/fields/_checkbox.html.erb

@@ -0,0 +1,6 @@
+<div class="mb-4 flex items-center gap-2">
+  <%= form.check_box field.key, class: "rounded border-rsb-border text-rsb-primary focus:ring-rsb-primary" %>
+  <label class="text-sm font-medium">
+    <%= rsb_admin_field_label(field, resource_key: resource_key) %>
+  </label>
+</div>

data/app/views/rsb/admin/shared/fields/_datetime.html.erb

@@ -0,0 +1,10 @@
+<div class="mb-4">
+  <label class="block text-sm font-medium mb-1">
+    <%= rsb_admin_field_label(field, resource_key: resource_key) %>
+    <% if field.required %><span class="text-rsb-danger text-xs ml-1">(<%= rsb_admin_t("shared.required") %>)</span><% end %>
+  </label>
+  <%= form.datetime_local_field field.key, class: "w-full px-3 py-2 border border-rsb-border rounded-rsb text-sm focus:outline-none focus:border-rsb-primary focus:ring-2 focus:ring-rsb-primary/10" %>
+  <% if field.hint %>
+    <p class="text-xs text-rsb-muted mt-1"><%= field.hint %></p>
+  <% end %>
+</div>

data/app/views/rsb/admin/shared/fields/_email.html.erb

@@ -0,0 +1,10 @@
+<div class="mb-4">
+  <label class="block text-sm font-medium mb-1">
+    <%= rsb_admin_field_label(field, resource_key: resource_key) %>
+    <% if field.required %><span class="text-rsb-danger text-xs ml-1">(<%= rsb_admin_t("shared.required") %>)</span><% end %>
+  </label>
+  <%= form.email_field field.key, class: "w-full px-3 py-2 border border-rsb-border rounded-rsb text-sm focus:outline-none focus:border-rsb-primary focus:ring-2 focus:ring-rsb-primary/10" %>
+  <% if field.hint %>
+    <p class="text-xs text-rsb-muted mt-1"><%= field.hint %></p>
+  <% end %>
+</div>

data/app/views/rsb/admin/shared/fields/_hidden.html.erb

@@ -0,0 +1 @@
+<%= form.hidden_field field.key %>

data/app/views/rsb/admin/shared/fields/_json.html.erb

@@ -0,0 +1,11 @@
+<div class="mb-4">
+  <label class="block text-sm font-medium mb-1">
+    <%= rsb_admin_field_label(field, resource_key: resource_key) %>
+  </label>
+  <% value = form.object.send(field.key) %>
+  <%= form.text_area field.key, value: (value.is_a?(Hash) || value.is_a?(Array)) ? JSON.pretty_generate(value) : value.to_s,
+    rows: 6, class: "w-full px-3 py-2 border border-rsb-border rounded-rsb text-sm font-mono focus:outline-none focus:border-rsb-primary focus:ring-2 focus:ring-rsb-primary/10" %>
+  <% if field.hint %>
+    <p class="text-xs text-rsb-muted mt-1"><%= field.hint %></p>
+  <% end %>
+</div>

data/app/views/rsb/admin/shared/fields/_number.html.erb

@@ -0,0 +1,10 @@
+<div class="mb-4">
+  <label class="block text-sm font-medium mb-1">
+    <%= rsb_admin_field_label(field, resource_key: resource_key) %>
+    <% if field.required %><span class="text-rsb-danger text-xs ml-1">(<%= rsb_admin_t("shared.required") %>)</span><% end %>
+  </label>
+  <%= form.number_field field.key, class: "w-full px-3 py-2 border border-rsb-border rounded-rsb text-sm focus:outline-none focus:border-rsb-primary focus:ring-2 focus:ring-rsb-primary/10" %>
+  <% if field.hint %>
+    <p class="text-xs text-rsb-muted mt-1"><%= field.hint %></p>
+  <% end %>
+</div>

data/app/views/rsb/admin/shared/fields/_password.html.erb

@@ -0,0 +1,10 @@
+<div class="mb-4">
+  <label class="block text-sm font-medium mb-1">
+    <%= rsb_admin_field_label(field, resource_key: resource_key) %>
+    <% if field.required %><span class="text-rsb-danger text-xs ml-1">(<%= rsb_admin_t("shared.required") %>)</span><% end %>
+  </label>
+  <%= form.password_field field.key, class: "w-full px-3 py-2 border border-rsb-border rounded-rsb text-sm focus:outline-none focus:border-rsb-primary focus:ring-2 focus:ring-rsb-primary/10" %>
+  <% if field.hint %>
+    <p class="text-xs text-rsb-muted mt-1"><%= field.hint %></p>
+  <% end %>
+</div>

data/app/views/rsb/admin/shared/fields/_select.html.erb

@@ -0,0 +1,12 @@
+<div class="mb-4">
+  <label class="block text-sm font-medium mb-1">
+    <%= rsb_admin_field_label(field, resource_key: resource_key) %>
+    <% if field.required %><span class="text-rsb-danger text-xs ml-1">(<%= rsb_admin_t("shared.required") %>)</span><% end %>
+  </label>
+  <% opts = field.options.is_a?(Proc) ? field.options.call : field.options %>
+  <%= form.select field.key, opts&.map { |o| [o.to_s.titleize, o] }, { include_blank: true },
+    class: "w-full px-3 py-2 border border-rsb-border rounded-rsb text-sm focus:outline-none focus:border-rsb-primary focus:ring-2 focus:ring-rsb-primary/10" %>
+  <% if field.hint %>
+    <p class="text-xs text-rsb-muted mt-1"><%= field.hint %></p>
+  <% end %>
+</div>

data/app/views/rsb/admin/shared/fields/_text.html.erb

@@ -0,0 +1,10 @@
+<div class="mb-4">
+  <label class="block text-sm font-medium mb-1">
+    <%= rsb_admin_field_label(field, resource_key: resource_key) %>
+    <% if field.required %><span class="text-rsb-danger text-xs ml-1">(<%= rsb_admin_t("shared.required") %>)</span><% end %>
+  </label>
+  <%= form.text_field field.key, class: "w-full px-3 py-2 border border-rsb-border rounded-rsb text-sm focus:outline-none focus:border-rsb-primary focus:ring-2 focus:ring-rsb-primary/10" %>
+  <% if field.hint %>
+    <p class="text-xs text-rsb-muted mt-1"><%= field.hint %></p>
+  <% end %>
+</div>

data/app/views/rsb/admin/shared/fields/_textarea.html.erb

@@ -0,0 +1,10 @@
+<div class="mb-4">
+  <label class="block text-sm font-medium mb-1">
+    <%= rsb_admin_field_label(field, resource_key: resource_key) %>
+    <% if field.required %><span class="text-rsb-danger text-xs ml-1">(<%= rsb_admin_t("shared.required") %>)</span><% end %>
+  </label>
+  <%= form.text_area field.key, rows: 4, class: "w-full px-3 py-2 border border-rsb-border rounded-rsb text-sm focus:outline-none focus:border-rsb-primary focus:ring-2 focus:ring-rsb-primary/10" %>
+  <% if field.hint %>
+    <p class="text-xs text-rsb-muted mt-1"><%= field.hint %></p>
+  <% end %>
+</div>

data/app/views/rsb/admin/shared/forbidden.html.erb

@@ -0,0 +1,22 @@
+<div class="flex items-center justify-center min-h-[60vh]">
+  <div class="bg-rsb-card border border-rsb-border rounded-rsb-lg shadow-rsb-sm p-8 max-w-md w-full text-center">
+    <div class="mb-4 text-rsb-muted">
+      <%= rsb_admin_icon("lock", size: 48) %>
+    </div>
+    <h1 class="text-2xl font-bold mb-2"><%= rsb_admin_t("shared.access_denied") %></h1>
+    <p class="text-rsb-muted mb-6"><%= rsb_admin_t("shared.access_denied_message") %></p>
+    <div class="flex flex-col gap-3 items-center">
+      <% if current_admin_user.can?("dashboard", "index") %>
+        <a href="<%= rsb_admin.dashboard_path %>"
+           class="inline-flex items-center gap-1 px-4 py-2 bg-rsb-primary text-rsb-primary-text rounded-rsb text-sm font-medium hover:bg-rsb-primary-hover transition-colors">
+          <%= rsb_admin_t("shared.go_to_dashboard") %>
+        </a>
+      <% end %>
+      <a href="<%= rsb_admin.logout_path %>"
+         class="text-sm text-rsb-muted hover:text-rsb-text"
+         data-turbo-method="delete">
+        <%= rsb_admin_t("shared.sign_out_and_try") %>
+      </a>
+    </div>
+  </div>
+</div>

data/app/views/rsb/admin/themes/modern/views/shared/_header.html.erb

@@ -0,0 +1,77 @@
+<div class="flex items-center gap-3">
+  <div class="text-sm text-rsb-muted">
+    <a href="<%= rsb_admin.profile_path %>" class="font-medium text-rsb-text hover:underline transition-colors"><%= current_admin_user.email %></a>
+    <% if current_admin_user.role %>
+      <span class="ml-1 text-xs">(<%= current_admin_user.role.name %>)</span>
+    <% end %>
+  </div>
+</div>
+<div class="flex items-center gap-3">
+  <% if rsb_available_locales.size > 1 %>
+    <div class="relative" id="rsb-locale-switcher">
+      <button type="button"
+              onclick="var m=document.getElementById('rsb-locale-menu');m.classList.toggle('hidden');event.stopPropagation()"
+              class="flex items-center gap-1 px-2 py-1 text-sm text-rsb-muted hover:text-rsb-text rounded-rsb hover:bg-rsb-bg transition-colors"
+              title="<%= rsb_admin_t('shared.switch_language') %>">
+        <%= rsb_admin_icon("globe", size: 16) %>
+        <span><%= rsb_current_locale.upcase %></span>
+      </button>
+      <div id="rsb-locale-menu" class="hidden absolute right-0 mt-1 w-44 bg-rsb-card border border-rsb-border rounded-rsb shadow-rsb-sm z-50">
+        <% rsb_available_locales.each do |loc| %>
+          <form action="/rsb/locale" method="post">
+            <input type="hidden" name="locale" value="<%= loc %>">
+            <input type="hidden" name="redirect_to" value="<%= request.fullpath %>">
+            <button type="submit"
+                    class="w-full text-left px-3 py-2 text-sm transition-colors
+                           <%= loc == rsb_current_locale ? 'font-medium text-rsb-primary bg-rsb-bg' : 'text-rsb-text hover:bg-rsb-bg' %>">
+              <%= rsb_locale_display_name(loc) %>
+              <% if loc == rsb_current_locale %>
+                <span class="float-right text-rsb-primary">&#10003;</span>
+              <% end %>
+            </button>
+          </form>
+        <% end %>
+      </div>
+    </div>
+    <script>
+      // Close locale dropdown when clicking outside
+      document.addEventListener('click', function(e) {
+        var menu = document.getElementById('rsb-locale-menu');
+        var switcher = document.getElementById('rsb-locale-switcher');
+        if (menu && switcher && !switcher.contains(e.target)) {
+          menu.classList.add('hidden');
+        }
+      });
+    </script>
+  <% end %>
+
+  <%# Dark/light mode toggle (rule #17) %>
+  <button onclick="rsbToggleMode()" type="button"
+          class="p-2 rounded-rsb text-rsb-muted hover:text-rsb-text hover:bg-rsb-bg transition-colors"
+          title="Toggle dark/light mode">
+    <span class="rsb-light-icon"><%= rsb_admin_icon("moon", size: 18) %></span>
+    <span class="rsb-dark-icon" style="display:none"><%= rsb_admin_icon("sun", size: 18) %></span>
+  </button>
+
+  <%= button_to rsb_admin.logout_path, method: :delete,
+    class: "flex items-center gap-1 text-sm text-rsb-muted hover:text-rsb-text transition-colors" do %>
+    <%= rsb_admin_icon("log-out", size: 16) %>
+    <%= rsb_admin_t("shared.sign_out") %>
+  <% end %>
+</div>
+
+<script>
+  // Toggle icon visibility based on current mode
+  (function() {
+    function updateIcons() {
+      var mode = document.documentElement.getAttribute('data-rsb-mode') || 'light';
+      var lightIcons = document.querySelectorAll('.rsb-light-icon');
+      var darkIcons = document.querySelectorAll('.rsb-dark-icon');
+      lightIcons.forEach(function(el) { el.style.display = mode === 'dark' ? 'none' : 'inline'; });
+      darkIcons.forEach(function(el) { el.style.display = mode === 'dark' ? 'inline' : 'none'; });
+    }
+    updateIcons();
+    var observer = new MutationObserver(updateIcons);
+    observer.observe(document.documentElement, { attributes: true, attributeFilter: ['data-rsb-mode'] });
+  })();
+</script>

data/app/views/rsb/admin/themes/modern/views/shared/_sidebar.html.erb

@@ -0,0 +1,135 @@
+<div class="px-4 pb-4 text-lg font-bold text-white border-b border-white/10 mb-2 flex items-center gap-2">
+  <% if rsb_admin_logo_url.present? %>
+    <img src="<%= rsb_admin_logo_url %>" alt="<%= rsb_admin_app_name %>" class="h-8">
+  <% else %>
+    <%= rsb_admin_icon("layout-dashboard", size: 20) %>
+    <%= rsb_admin_app_name %>
+  <% end %>
+</div>
+<nav>
+  <% if rsb_admin_can?("dashboard", "index") %>
+    <a href="<%= rsb_admin.dashboard_path %>"
+       class="flex items-center gap-2 px-4 py-2.5 text-sm transition-all duration-[var(--rsb-admin-transition)] <%= request.path == rsb_admin.dashboard_path ? 'text-white bg-white/[0.08]' : 'text-rsb-sidebar-text hover:bg-rsb-sidebar-hover hover:text-white' %>">
+      <%= rsb_admin_icon("home", size: 16) %>
+      <%= rsb_admin_t("shared.dashboard") %>
+    </a>
+  <% else %>
+    <span class="flex items-center gap-2 px-4 py-2.5 text-sm text-white/30 cursor-not-allowed"
+          title="<%= rsb_admin_t("shared.no_access") %>">
+      <%= rsb_admin_icon("home", size: 16) %>
+      <%= rsb_admin_t("shared.dashboard") %>
+    </span>
+  <% end %>
+
+  <% RSB::Admin.registry.categories.each_with_index do |(name, category), idx| %>
+    <%
+      cat_has_permitted = category.resources.any? { |r| rsb_admin_can?(r.route_key, "index") } ||
+                          category.pages.any? { |p| rsb_admin_can?(p.key.to_s, "index") }
+    %>
+    <% if cat_has_permitted %>
+      <% section_id = "rsb-cat-#{idx}" %>
+      <% cat_paths = category.resources.map { |r| rsb_admin_resource_path(r.route_key) } + category.pages.map { |p| rsb_admin_page_path(p.key) } %>
+      <% is_active = cat_paths.any? { |p| request.path.start_with?(p) } %>
+      <div class="mt-3">
+        <button type="button" onclick="rsbToggleSection('<%= section_id %>')"
+                class="w-full flex items-center justify-between px-4 py-2 text-[0.7rem] uppercase tracking-wider text-white/40 hover:text-white/60 transition-colors cursor-pointer">
+          <span class="flex items-center gap-1.5">
+            <span><%= name %></span>
+            <span class="text-[0.6rem] text-white/20"><%= category.resources.size + category.pages.size %></span>
+          </span>
+          <span id="<%= section_id %>-chevron" class="transition-transform duration-200 <%= is_active ? 'rotate-90' : '' %>">
+            <%= rsb_admin_icon("chevron-right", size: 14) %>
+          </span>
+        </button>
+        <div id="<%= section_id %>" class="<%= is_active ? '' : 'hidden' %>">
+          <% category.resources.each do |resource| %>
+            <% path = rsb_admin_resource_path(resource.route_key) %>
+            <% if rsb_admin_can?(resource.route_key, "index") %>
+              <a href="<%= path %>"
+                 class="flex items-center gap-2 pl-6 pr-4 py-2 text-sm transition-all duration-[var(--rsb-admin-transition)] group <%= request.path.start_with?(path) ? 'text-white bg-white/[0.08]' : 'text-rsb-sidebar-text hover:bg-rsb-sidebar-hover hover:text-white' %>">
+                <% if resource.icon %>
+                  <span class="opacity-60 group-hover:opacity-100 transition-opacity"><%= rsb_admin_icon(resource.icon, size: 16) %></span>
+                <% else %>
+                  <span class="opacity-40 group-hover:opacity-70 transition-opacity"><%= rsb_admin_icon("chevron-right", size: 12) %></span>
+                <% end %>
+                <span><%= resource.label %></span>
+              </a>
+            <% else %>
+              <span class="flex items-center gap-2 pl-6 pr-4 py-2 text-sm text-white/30 cursor-not-allowed"
+                    title="<%= rsb_admin_t("shared.no_access") %>">
+                <% if resource.icon %>
+                  <span class="opacity-30"><%= rsb_admin_icon(resource.icon, size: 16) %></span>
+                <% else %>
+                  <span class="opacity-20"><%= rsb_admin_icon("chevron-right", size: 12) %></span>
+                <% end %>
+                <span><%= resource.label %></span>
+              </span>
+            <% end %>
+          <% end %>
+          <% category.pages.each do |page| %>
+            <% path = rsb_admin_page_path(page.key) %>
+            <% if rsb_admin_can?(page.key.to_s, "index") %>
+              <a href="<%= path %>"
+                 class="flex items-center gap-2 pl-6 pr-4 py-2 text-sm transition-all duration-[var(--rsb-admin-transition)] group <%= request.path.start_with?(path) ? 'text-white bg-white/[0.08]' : 'text-rsb-sidebar-text hover:bg-rsb-sidebar-hover hover:text-white' %>">
+                <% if page.icon %>
+                  <span class="opacity-60 group-hover:opacity-100 transition-opacity"><%= rsb_admin_icon(page.icon, size: 16) %></span>
+                <% else %>
+                  <span class="opacity-40 group-hover:opacity-70 transition-opacity"><%= rsb_admin_icon("chevron-right", size: 12) %></span>
+                <% end %>
+                <span><%= page.label %></span>
+              </a>
+            <% else %>
+              <span class="flex items-center gap-2 pl-6 pr-4 py-2 text-sm text-white/30 cursor-not-allowed"
+                    title="<%= rsb_admin_t("shared.no_access") %>">
+                <% if page.icon %>
+                  <span class="opacity-30"><%= rsb_admin_icon(page.icon, size: 16) %></span>
+                <% else %>
+                  <span class="opacity-20"><%= rsb_admin_icon("chevron-right", size: 12) %></span>
+                <% end %>
+                <span><%= page.label %></span>
+              </span>
+            <% end %>
+          <% end %>
+        </div>
+      </div>
+    <% end %>
+  <% end %>
+
+  <%
+    system_items = {
+      "admin_users" => { path: rsb_admin.admin_users_path, icon: "users-cog", label: rsb_admin_t("admin_users.title") },
+      "roles" => { path: rsb_admin.roles_path, icon: "key", label: rsb_admin_t("roles.title") },
+      "settings" => { path: rsb_admin.settings_path, icon: "settings", label: rsb_admin_t("settings.title") }
+    }
+    system_has_permitted = system_items.any? { |key, _| rsb_admin_can?(key, "index") }
+  %>
+  <% if system_has_permitted %>
+    <% system_active = system_items.any? { |key, item| rsb_admin_can?(key, "index") && request.path.start_with?(item[:path]) } %>
+    <div class="mt-3">
+      <button type="button" onclick="rsbToggleSection('rsb-system')"
+              class="w-full flex items-center justify-between px-4 py-2 text-[0.7rem] uppercase tracking-wider text-white/40 hover:text-white/60 transition-colors cursor-pointer">
+        <span><%= rsb_admin_t("shared.system") %></span>
+        <span id="rsb-system-chevron" class="transition-transform duration-200 <%= system_active ? 'rotate-90' : '' %>">
+          <%= rsb_admin_icon("chevron-right", size: 14) %>
+        </span>
+      </button>
+      <div id="rsb-system" class="<%= system_active ? '' : 'hidden' %>">
+        <% system_items.each do |key, item| %>
+          <% if rsb_admin_can?(key, "index") %>
+            <a href="<%= item[:path] %>"
+               class="flex items-center gap-2 pl-6 pr-4 py-2 text-sm transition-all duration-[var(--rsb-admin-transition)] group <%= request.path.start_with?(item[:path]) ? 'text-white bg-white/[0.08]' : 'text-rsb-sidebar-text hover:bg-rsb-sidebar-hover hover:text-white' %>">
+              <span class="opacity-60 group-hover:opacity-100 transition-opacity"><%= rsb_admin_icon(item[:icon], size: 16) %></span>
+              <span><%= item[:label] %></span>
+            </a>
+          <% else %>
+            <span class="flex items-center gap-2 pl-6 pr-4 py-2 text-sm text-white/30 cursor-not-allowed"
+                  title="<%= rsb_admin_t("shared.no_access") %>">
+              <span class="opacity-30"><%= rsb_admin_icon(item[:icon], size: 16) %></span>
+              <span><%= item[:label] %></span>
+            </span>
+          <% end %>
+        <% end %>
+      </div>
+    </div>
+  <% end %>
+</nav>

data/app/views/rsb/admin/two_factor/backup_codes.html.erb

@@ -0,0 +1,48 @@
+<div class="max-w-lg mx-auto">
+  <div class="bg-rsb-card border border-rsb-border rounded-rsb-lg shadow-rsb-sm p-6">
+    <h2 class="text-xl font-bold mb-4">Backup Codes</h2>
+
+    <div class="mb-4 p-3 rounded-rsb bg-rsb-warning-bg border border-rsb-warning text-rsb-warning-text text-sm">
+      <strong>Save these codes!</strong> Each code can only be used once. Store them in a safe place.
+      You will not be able to see these codes again.
+    </div>
+
+    <div class="grid grid-cols-2 gap-2 mb-6" id="backup-codes">
+      <% @backup_codes.each do |code| %>
+        <code class="block p-2 text-center bg-rsb-bg border border-rsb-border rounded-rsb font-mono text-sm select-all">
+          <%= code %>
+        </code>
+      <% end %>
+    </div>
+
+    <div class="flex gap-2 mb-4">
+      <button onclick="copyBackupCodes()" type="button" id="copy-button"
+              class="flex-1 py-2 px-4 border border-rsb-border rounded-rsb hover:bg-rsb-bg transition-colors text-sm">
+        Copy All Codes
+      </button>
+    </div>
+
+    <a href="<%= rsb_admin.profile_path %>"
+       class="block text-center py-2 px-4 bg-rsb-primary text-rsb-primary-text rounded-rsb hover:bg-rsb-primary-hover">
+      Done — Go to Profile
+    </a>
+  </div>
+</div>
+
+<script>
+function copyBackupCodes() {
+  var codes = [];
+  document.querySelectorAll('#backup-codes code').forEach(function(el) {
+    codes.push(el.textContent.trim());
+  });
+  var button = document.getElementById('copy-button');
+  var originalText = button.textContent;
+
+  navigator.clipboard.writeText(codes.join('\n')).then(function() {
+    button.textContent = 'Copied!';
+    setTimeout(function() {
+      button.textContent = originalText;
+    }, 2000);
+  });
+}
+</script>