maciejpi/nordabiz
1
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity
7f77d7ebcd
nordabiz/templates/admin/access_overview.html
Maciej Pienczyn 7f77d7ebcd
Some checks are pending
NordaBiz Tests / Unit & Integration Tests (push) Waiting to run
Details
NordaBiz Tests / E2E Tests (Playwright) (push) Blocked by required conditions
Details
NordaBiz Tests / Smoke Tests (Production) (push) Blocked by required conditions
Details
NordaBiz Tests / Send Failure Notification (push) Blocked by required conditions
Details
feat(security): Restrict audit access to single designated user 
Audits (SEO, IT, GBP, Social Media) are now visible only to the
designated audit owner (maciej.pienczyn@inpi.pl). All other users,
including admins, see 404 for audit routes and no audit links in
navigation. KRS Audit and Digital Maturity remain unchanged.

Adds /admin/access-overview panel showing the access matrix.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-02-09 12:31:10 +01:00

112 lines
5.4 KiB
HTML
Raw Blame History

{% extends "base.html" %}
{% block title %}Kontrola dostepu - Admin{% endblock %}
{% block content %}
<div class="admin-container">
<div class="page-header">
<h1>Kontrola dostepu</h1>
<p style="color: var(--text-secondary); margin-top: var(--spacing-xs);">
Matryca dostepu do funkcji audytowych
</p>
</div>
<!-- Rule explanation -->
<div class="card" style="margin-bottom: var(--spacing-lg); background: #eff6ff; border: 1px solid #bfdbfe;">
<div style="padding: var(--spacing-md);">
<h3 style="margin: 0 0 var(--spacing-sm) 0; color: #1e40af;">Zasada ograniczenia dostepu</h3>
<p style="margin: 0; color: #1e3a5f;">
Audyty SEO, IT, GBP i Social Media sa widoczne wylacznie dla <strong>{{ audit_owner_email }}</strong>.
Pozostali administratorzy nie widza tych funkcji w menu ani na stronach firm.
Audyt KRS i Digital Maturity pozostaja dostepne dla wszystkich z rola OFFICE_MANAGER+.
</p>
</div>
</div>
<!-- Access matrix -->
<div class="card">
<div style="padding: var(--spacing-md); overflow-x: auto;">
<table class="data-table" style="width: 100%;">
<thead>
<tr>
<th>Uzytkownik</th>
<th>Email</th>
<th>Rola</th>
<th style="text-align: center;">Audyt SEO</th>
<th style="text-align: center;">Audyt IT</th>
<th style="text-align: center;">Audyt GBP</th>
<th style="text-align: center;">Audyt Social</th>
<th style="text-align: center;">Audyt KRS</th>
<th style="text-align: center;">Digital Maturity</th>
<th style="text-align: center;">Inne admin</th>
</tr>
</thead>
<tbody>
{% for user in users %}
<tr>
<td><strong>{{ user.name or 'Brak nazwy' }}</strong></td>
<td>{{ user.email }}</td>
<td>
<span class="badge badge-{{ 'success' if user.role == 'ADMIN' else 'info' }}">
{{ user.role }}
</span>
</td>
{% set is_owner = user.email == audit_owner_email %}
<td style="text-align: center;">
{% if is_owner %}
<span style="color: #16a34a; font-weight: bold;" title="Dostep">&#10003;</span>
{% else %}
<span style="color: #dc2626;" title="Brak dostepu">&#10007;</span>
{% endif %}
</td>
<td style="text-align: center;">
{% if is_owner %}
<span style="color: #16a34a; font-weight: bold;" title="Dostep">&#10003;</span>
{% else %}
<span style="color: #dc2626;" title="Brak dostepu">&#10007;</span>
{% endif %}
</td>
<td style="text-align: center;">
{% if is_owner %}
<span style="color: #16a34a; font-weight: bold;" title="Dostep">&#10003;</span>
{% else %}
<span style="color: #dc2626;" title="Brak dostepu">&#10007;</span>
{% endif %}
</td>
<td style="text-align: center;">
{% if is_owner %}
<span style="color: #16a34a; font-weight: bold;" title="Dostep">&#10003;</span>
{% else %}
<span style="color: #dc2626;" title="Brak dostepu">&#10007;</span>
{% endif %}
</td>
<td style="text-align: center;">
<span style="color: #16a34a; font-weight: bold;" title="Dostep">&#10003;</span>
</td>
<td style="text-align: center;">
<span style="color: #16a34a; font-weight: bold;" title="Dostep">&#10003;</span>
</td>
<td style="text-align: center;">
<span style="color: #16a34a; font-weight: bold;" title="Dostep">&#10003;</span>
</td>
</tr>
{% endfor %}
</tbody>
</table>
</div>
</div>
<!-- Reversibility note -->
<div class="card" style="margin-top: var(--spacing-lg); background: #fefce8; border: 1px solid #fde68a;">
<div style="padding: var(--spacing-md);">
<h3 style="margin: 0 0 var(--spacing-sm) 0; color: #92400e;">Odwracalnosc</h3>
<p style="margin: 0; color: #78350f;">
Aby przywrocic dostep do audytow dla wszystkich administratorow,
nalezy zmienic funkcje <code>is_audit_owner()</code> w pliku
<code>utils/decorators.py</code> na sprawdzanie roli OFFICE_MANAGER.
</p>
</div>
</div>
</div>
{% endblock %}
Reference in New Issue View Git Blame Copy Permalink