@micha.bigler/ui-core-micha 1.4.26 → 1.4.28

package/dist/auth/AuthContext.js

@@ -25,7 +25,9 @@ export const AuthProvider = ({ children }) => {
                         last_name: data.last_name,
                         role: data.role,
                         is_superuser: data.is_superuser,
-                        security_state: data.security_state, // Ensure this is passed if needed
+                        security_state: data.security_state,
+                        available_roles: data.available_roles,
+                        ui_permissions: data.ui_permissions,
                     });
                 }
             }

package/dist/auth/authApi.js

@@ -315,3 +315,64 @@ export async function loginWithRecoveryPassword(email, password, token) {
     const user = await fetchCurrentUser();
     return { user, needsMfa: false };
 }
+/**
+ * Ruft eine Liste von Benutzern ab (oft mit Pagination/Search).
+ * Backend: GET /api/users/
+ */
+export async function fetchUsersList(params = {}) {
+    try {
+        // params kann { page: 1, search: "...", ordering: "email" } enthalten
+        const res = await apiClient.get(`${USERS_BASE}/`, { params });
+        return res.data;
+    }
+    catch (error) {
+        throw normaliseApiError(error, 'Auth.USER_LIST_FAILED');
+    }
+}
+/**
+ * Löscht einen Benutzer.
+ * Backend: DELETE /api/users/{id}/
+ */
+export async function deleteUser(userId) {
+    try {
+        await apiClient.delete(`${USERS_BASE}/${userId}/`);
+    }
+    catch (error) {
+        throw normaliseApiError(error, 'Auth.USER_DELETE_FAILED');
+    }
+}
+/**
+ * Aktualisiert die Rolle eines Benutzers über die Custom Action.
+ * Backend: PATCH /api/users/{id}/update-role/
+ */
+export async function updateUserRole(userId, newRole) {
+    try {
+        const res = await apiClient.patch(`${USERS_BASE}/${userId}/update-role/`, {
+            role: newRole,
+        });
+        return res.data;
+    }
+    catch (error) {
+        throw normaliseApiError(error, 'Auth.USER_ROLE_UPDATE_FAILED');
+    }
+}
+/**
+ * Aktualisiert den Support-Status (z.B. is_support_agent Flag).
+ * Backend: PATCH /api/users/{id}/ (Standard DRF Update mit Nested Profile)
+ */
+export async function updateUserSupportStatus(userId, isSupportAgent) {
+    try {
+        // Wir gehen davon aus, dass dein Serializer "profile" nested akzeptiert
+        // (siehe BaseUserSerializer.update Logik im Backend)
+        const payload = {
+            profile: {
+                is_support_agent: isSupportAgent,
+            },
+        };
+        const res = await apiClient.patch(`${USERS_BASE}/${userId}/`, payload);
+        return res.data;
+    }
+    catch (error) {
+        throw normaliseApiError(error, 'Auth.USER_SUPPORT_UPDATE_FAILED');
+    }
+}

package/dist/components/UserInviteComponent.js

@@ -3,7 +3,7 @@ import React, { useState } from 'react';
 import { Box, TextField, Button, Typography, Alert, CircularProgress } from '@mui/material';
 import { requestInviteWithCode } from '../auth/authApi';
 import { useTranslation } from 'react-i18next';
-export function UserInviteComponent({ apiUrl = '/api/users/' }) {
+export function UserInviteComponent() {
     const { t } = useTranslation();
     const [inviteEmail, setInviteEmail] = useState('');
     const [message, setMessage] = useState('');
@@ -16,15 +16,16 @@ export function UserInviteComponent({ apiUrl = '/api/users/' }) {
             return;
         setLoading(true);
         try {
-            // API Call via authApi
-            const data = await requestInviteWithCode(inviteEmail, apiUrl);
+            // FIX: 2nd parameter is accessCode. For admin invites without code, we pass null.
+            // Previously, 'apiUrl' was passed here incorrectly.
+            const data = await requestInviteWithCode(inviteEmail, null);
             setInviteEmail('');
             setMessage(data.detail || t('Auth.INVITE_SENT_SUCCESS', 'Invitation sent.'));
         }
         catch (err) {
-            // err.message enthält dank authApi bereits den normalisierten Text oder Code
+            // err.message contains normalized text or code from authApi
+            // eslint-disable-next-line no-console
             console.error('Error inviting user:', err);
-            // Fallback Text, falls der Key nicht übersetzt ist
             setError(t(err.code) || err.message || t('Auth.INVITE_FAILED'));
         }
         finally {

package/dist/components/UserListComponent.js

@@ -1,11 +1,11 @@
 import { jsx as _jsx, jsxs as _jsxs } from "react/jsx-runtime";
 import React, { useState, useEffect } from 'react';
-import { Box, Typography, Table, TableBody, TableCell, TableContainer, TableHead, TableRow, Paper, FormControl, InputLabel, Select, MenuItem, Button, IconButton, Tooltip, CircularProgress, Alert } from '@mui/material';
+import { Box, Typography, Table, TableBody, TableCell, TableContainer, TableHead, TableRow, Paper, FormControl, Select, MenuItem, Button, IconButton, Tooltip, CircularProgress, Alert } from '@mui/material';
 import DeleteIcon from '@mui/icons-material/Delete';
 import { useTranslation } from 'react-i18next';
 import { fetchUsersList, deleteUser, updateUserRole, updateUserSupportStatus } from '../auth/authApi';
 const DEFAULT_ROLES = ['none', 'student', 'teacher', 'admin'];
-export function UserListComponent({ roles = DEFAULT_ROLES, apiUrl = '/api/users/', currentUser }) {
+export function UserListComponent({ roles = DEFAULT_ROLES, currentUser }) {
     const { t } = useTranslation();
     const [users, setUsers] = useState([]);
     const [loading, setLoading] = useState(true);
@@ -14,11 +14,12 @@ export function UserListComponent({ roles = DEFAULT_ROLES, apiUrl = '/api/users/
         setLoading(true);
         setError(null);
         try {
-            const data = await fetchUsersList(apiUrl);
+            // FIX: Removed apiUrl parameter. 
+            // fetchUsersList uses USERS_BASE from authConfig internally.
+            const data = await fetchUsersList();
             setUsers(data);
         }
         catch (err) {
-            // err.code ist dank normaliseApiError verfügbar
             setError(err.code || 'Auth.USER_LIST_FAILED');
         }
         finally {
@@ -28,13 +29,13 @@ export function UserListComponent({ roles = DEFAULT_ROLES, apiUrl = '/api/users/
     useEffect(() => {
         loadUsers();
         // eslint-disable-next-line react-hooks/exhaustive-deps
-    }, [apiUrl]);
+    }, []); // Dependency on apiUrl removed
     const handleDelete = async (userId) => {
         if (!window.confirm(t('UserList.DELETE_CONFIRM', 'Are you sure you want to delete this user?')))
             return;
         try {
-            await deleteUser(userId, apiUrl);
-            // Optimistic update oder reload:
+            // FIX: Removed apiUrl parameter.
+            await deleteUser(userId);
             setUsers(prev => prev.filter(u => u.id !== userId));
         }
         catch (err) {
@@ -43,8 +44,8 @@ export function UserListComponent({ roles = DEFAULT_ROLES, apiUrl = '/api/users/
     };
     const handleChangeRole = async (userId, newRole) => {
         try {
-            await updateUserRole(userId, newRole, apiUrl);
-            // Reload list to ensure consistency or update local state
+            // FIX: Removed apiUrl parameter.
+            await updateUserRole(userId, newRole);
             loadUsers();
         }
         catch (err) {
@@ -53,7 +54,8 @@ export function UserListComponent({ roles = DEFAULT_ROLES, apiUrl = '/api/users/
     };
     const handleToggleSupporter = async (userId, newValue) => {
         try {
-            await updateUserSupportStatus(userId, newValue, apiUrl);
+            // FIX: Removed apiUrl parameter.
+            await updateUserSupportStatus(userId, newValue);
             loadUsers();
         }
         catch (err) {
@@ -69,7 +71,6 @@ export function UserListComponent({ roles = DEFAULT_ROLES, apiUrl = '/api/users/
         const targetRole = targetUser.role || 'none';
         if (myRole === 'admin')
             return true;
-        // Beispiel Logik: Lehrer dürfen Schüler bearbeiten
         if (myRole === 'teacher') {
             if (targetUser.id === currentUser.id)
                 return false;

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@micha.bigler/ui-core-micha",
-  "version": "1.4.26",
+  "version": "1.4.28",
   "main": "dist/index.js",
   "module": "dist/index.js",
   "private": false,

package/src/auth/AuthContext.jsx

@@ -37,7 +37,9 @@ export const AuthProvider = ({ children }) => {
             last_name: data.last_name,
             role: data.role,
             is_superuser: data.is_superuser,
-            security_state: data.security_state, // Ensure this is passed if needed
+            security_state: data.security_state,
+            available_roles: data.available_roles,
+            ui_permissions: data.ui_permissions,
           });
         }
       } catch (err) {

package/src/auth/authApi.jsx

@@ -328,4 +328,64 @@ export async function loginWithRecoveryPassword(email, password, token) {
   }
   const user = await fetchCurrentUser();
   return { user, needsMfa: false };
+}
+/**
+ * Ruft eine Liste von Benutzern ab (oft mit Pagination/Search).
+ * Backend: GET /api/users/
+ */
+export async function fetchUsersList(params = {}) {
+  try {
+    // params kann { page: 1, search: "...", ordering: "email" } enthalten
+    const res = await apiClient.get(`${USERS_BASE}/`, { params });
+    return res.data;
+  } catch (error) {
+    throw normaliseApiError(error, 'Auth.USER_LIST_FAILED');
+  }
+}
+
+/**
+ * Löscht einen Benutzer.
+ * Backend: DELETE /api/users/{id}/
+ */
+export async function deleteUser(userId) {
+  try {
+    await apiClient.delete(`${USERS_BASE}/${userId}/`);
+  } catch (error) {
+    throw normaliseApiError(error, 'Auth.USER_DELETE_FAILED');
+  }
+}
+
+/**
+ * Aktualisiert die Rolle eines Benutzers über die Custom Action.
+ * Backend: PATCH /api/users/{id}/update-role/
+ */
+export async function updateUserRole(userId, newRole) {
+  try {
+    const res = await apiClient.patch(`${USERS_BASE}/${userId}/update-role/`, {
+      role: newRole,
+    });
+    return res.data;
+  } catch (error) {
+    throw normaliseApiError(error, 'Auth.USER_ROLE_UPDATE_FAILED');
+  }
+}
+
+/**
+ * Aktualisiert den Support-Status (z.B. is_support_agent Flag).
+ * Backend: PATCH /api/users/{id}/ (Standard DRF Update mit Nested Profile)
+ */
+export async function updateUserSupportStatus(userId, isSupportAgent) {
+  try {
+    // Wir gehen davon aus, dass dein Serializer "profile" nested akzeptiert
+    // (siehe BaseUserSerializer.update Logik im Backend)
+    const payload = {
+      profile: {
+        is_support_agent: isSupportAgent,
+      },
+    };
+    const res = await apiClient.patch(`${USERS_BASE}/${userId}/`, payload);
+    return res.data;
+  } catch (error) {
+    throw normaliseApiError(error, 'Auth.USER_SUPPORT_UPDATE_FAILED');
+  }
 }

package/src/components/UserInviteComponent.jsx

@@ -3,7 +3,7 @@ import { Box, TextField, Button, Typography, Alert, CircularProgress } from '@mu
 import { requestInviteWithCode } from '../auth/authApi';
 import { useTranslation } from 'react-i18next';
 
-export function UserInviteComponent({ apiUrl = '/api/users/' }) {
+export function UserInviteComponent() { // FIX: Removed apiUrl prop
   const { t } = useTranslation();
   const [inviteEmail, setInviteEmail] = useState('');
   const [message, setMessage] = useState('');
@@ -17,15 +17,16 @@ export function UserInviteComponent({ apiUrl = '/api/users/' }) {
 
     setLoading(true);
     try {
-      // API Call via authApi
-      const data = await requestInviteWithCode(inviteEmail, apiUrl);
+      // FIX: 2nd parameter is accessCode. For admin invites without code, we pass null.
+      // Previously, 'apiUrl' was passed here incorrectly.
+      const data = await requestInviteWithCode(inviteEmail, null);
       
       setInviteEmail('');
       setMessage(data.detail || t('Auth.INVITE_SENT_SUCCESS', 'Invitation sent.'));
     } catch (err) {
-      // err.message enthält dank authApi bereits den normalisierten Text oder Code
+      // err.message contains normalized text or code from authApi
+      // eslint-disable-next-line no-console
       console.error('Error inviting user:', err);
-      // Fallback Text, falls der Key nicht übersetzt ist
       setError(t(err.code) || err.message || t('Auth.INVITE_FAILED'));
     } finally {
         setLoading(false);

package/src/components/UserListComponent.jsx

@@ -1,18 +1,17 @@
 import React, { useState, useEffect } from 'react';
 import {
   Box, Typography, Table, TableBody, TableCell, TableContainer,
-  TableHead, TableRow, Paper, FormControl, InputLabel, Select,
+  TableHead, TableRow, Paper, FormControl, Select,
   MenuItem, Button, IconButton, Tooltip, CircularProgress, Alert
 } from '@mui/material';
 import DeleteIcon from '@mui/icons-material/Delete';
 import { useTranslation } from 'react-i18next';
-import { fetchUsersList, deleteUser, updateUserRole, updateUserSupportStatus } from '../auth/authApi'; 
+import { fetchUsersList, deleteUser, updateUserRole, updateUserSupportStatus } from '../auth/authApi';
 
 const DEFAULT_ROLES = ['none', 'student', 'teacher', 'admin'];
 
 export function UserListComponent({ 
     roles = DEFAULT_ROLES, 
-    apiUrl = '/api/users/', 
     currentUser 
 }) {
   const { t } = useTranslation();
@@ -24,10 +23,11 @@ export function UserListComponent({
     setLoading(true);
     setError(null);
     try {
-      const data = await fetchUsersList(apiUrl);
+      // FIX: Removed apiUrl parameter. 
+      // fetchUsersList uses USERS_BASE from authConfig internally.
+      const data = await fetchUsersList();
       setUsers(data);
     } catch (err) {
-      // err.code ist dank normaliseApiError verfügbar
       setError(err.code || 'Auth.USER_LIST_FAILED');
     } finally {
       setLoading(false);
@@ -37,13 +37,13 @@ export function UserListComponent({
   useEffect(() => {
     loadUsers();
     // eslint-disable-next-line react-hooks/exhaustive-deps
-  }, [apiUrl]);
+  }, []); // Dependency on apiUrl removed
 
   const handleDelete = async (userId) => {
     if (!window.confirm(t('UserList.DELETE_CONFIRM', 'Are you sure you want to delete this user?'))) return;
     try {
-      await deleteUser(userId, apiUrl);
-      // Optimistic update oder reload:
+      // FIX: Removed apiUrl parameter.
+      await deleteUser(userId);
       setUsers(prev => prev.filter(u => u.id !== userId));
     } catch (err) {
       alert(t(err.code || 'Auth.USER_DELETE_FAILED'));
@@ -52,8 +52,8 @@ export function UserListComponent({
 
   const handleChangeRole = async (userId, newRole) => {
     try {
-      await updateUserRole(userId, newRole, apiUrl);
-      // Reload list to ensure consistency or update local state
+      // FIX: Removed apiUrl parameter.
+      await updateUserRole(userId, newRole);
       loadUsers(); 
     } catch (err) {
       alert(t(err.code || 'Auth.USER_ROLE_UPDATE_FAILED'));
@@ -62,7 +62,8 @@ export function UserListComponent({
 
   const handleToggleSupporter = async (userId, newValue) => {
     try {
-      await updateUserSupportStatus(userId, newValue, apiUrl);
+      // FIX: Removed apiUrl parameter.
+      await updateUserSupportStatus(userId, newValue);
       loadUsers();
     } catch (err) {
       alert(t(err.code || 'Auth.USER_UPDATE_FAILED'));
@@ -78,7 +79,6 @@ export function UserListComponent({
 
       if (myRole === 'admin') return true;
       
-      // Beispiel Logik: Lehrer dürfen Schüler bearbeiten
       if (myRole === 'teacher') {
           if (targetUser.id === currentUser.id) return false; 
           if (['teacher', 'admin', 'supervisor'].includes(targetRole)) return false;