Hamza/musadeq
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

🛡️ Safety: Prevent self-deactivation and fix staff UI

Browse Source
This commit is contained in:
Hamza-Ayed
2026-04-19 15:54:50 +03:00
parent ff8126f93b
commit 6b9ce6e95b
3 changed files with 16 additions and 9 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
backend/src/modules/users/user.controller.ts
View File

@@ -44,6 +44,6 @@ export class UsersController {
@Delete(':id') @Delete(':id')
@Roles(UserRole.ADMIN) @Roles(UserRole.ADMIN)
async remove(@CurrentUser() user: any, @Param('id') id: string) { async remove(@CurrentUser() user: any, @Param('id') id: string) {
return this.usersService.remove(user.tenantId, id); return this.usersService.remove(user.tenantId, id, user.id);
} }
} }

5
backend/src/modules/users/user.service.ts
View File

@@ -64,7 +64,10 @@ export class UsersService {
/** /**
* تعطيل مستخدم * تعطيل مستخدم
*/ */
async remove(tenantId: string, id: string): Promise<void> { async remove(tenantId: string, id: string, currentUserId: string): Promise<void> {
if (id === currentUserId) {
throw new ConflictException('لا يمكنك تعطيل حسابك الشخصي');
}
const user = await this.findOne(tenantId, id); const user = await this.findOne(tenantId, id);
await this.userRepository.update(id, { is_active: false }); await this.userRepository.update(id, { is_active: false });
} }

4
frontend/src/pages/staff/StaffPage.tsx
View File

@@ -8,8 +8,10 @@ import { useState, useEffect } from 'react';
import { Users, UserPlus, Mail, Power } from 'lucide-react'; import { Users, UserPlus, Mail, Power } from 'lucide-react';
import { motion, AnimatePresence } from 'framer-motion'; import { motion, AnimatePresence } from 'framer-motion';
import apiClient from '../../api/client'; import apiClient from '../../api/client';
import { useAuthStore } from '../../store/authStore';
export const StaffPage = () => { export const StaffPage = () => {
const currentUser = useAuthStore((state) => state.user);
const [staff, setStaff] = useState<any[]>([]); const [staff, setStaff] = useState<any[]>([]);
const [isLoading, setIsLoading] = useState(true); const [isLoading, setIsLoading] = useState(true);
const [isAddModalOpen, setIsAddModalOpen] = useState(false); const [isAddModalOpen, setIsAddModalOpen] = useState(false);
@@ -98,6 +100,7 @@ export const StaffPage = () => {
<Users className="w-7 h-7" /> <Users className="w-7 h-7" />
</div> </div>
<div className="flex gap-2"> <div className="flex gap-2">
{member.id !== currentUser?.id && (
<button <button
onClick={() => toggleStatus(member.id)} onClick={() => toggleStatus(member.id)}
className={`p-2 rounded-xl transition-all ${member.is_active ? 'text-emerald-500 bg-emerald-50' : 'text-slate-400 bg-slate-50'}`} className={`p-2 rounded-xl transition-all ${member.is_active ? 'text-emerald-500 bg-emerald-50' : 'text-slate-400 bg-slate-50'}`}
@@ -105,6 +108,7 @@ export const StaffPage = () => {
> >
<Power className="w-4 h-4" /> <Power className="w-4 h-4" />
</button> </button>
)}
</div> </div>
</div> </div>