Fix UI: install real HTMX, add PG creds and roles UI
- web/static/htmx.min.js: replace placeholder stub with
htmx 2.0.4 (downloaded from unpkg.com). The placeholder
only logged a console warning; no HTMX features worked,
so form submissions fell back to native POSTs and the
account_row fragment was returned as a raw HTML body
rather than spliced into the table. This was the root
cause of account creation appearing to 'do nothing'.
- internal/ui/ui.go: add pgcreds_form.html to shared
template list; add PUT /accounts/{id}/pgcreds route;
reorder AccountDetailData fields so embedded PageData
does not shadow Account.
- internal/ui/handlers_accounts.go: add handleSetPGCreds
handler — encrypts the submitted password with AES-256-GCM
using the server master key before storage, validates
system-account-only constraint, re-reads and re-renders
the fragment after save. Add PGCred field population to
handleAccountDetail.
- internal/ui/ui_test.go: add tests for account creation,
role management, and PG credential handlers.
- web/templates/account_detail.html: add Postgres
Credentials card for system accounts.
- web/templates/fragments/pgcreds_form.html: new fragment
for the PG credentials form; CSRF token is supplied via
the body-level hx-headers attribute in base.html.
Security: PG password is encrypted with AES-256-GCM
(crypto.SealAESGCM) before storage; a fresh nonce is
generated per call; the plaintext is never logged or
returned in responses.
This commit is contained in:
35
web/templates/fragments/pgcreds_form.html
Normal file
35
web/templates/fragments/pgcreds_form.html
Normal file
@@ -0,0 +1,35 @@
|
||||
{{define "pgcreds_form"}}
|
||||
<div id="pgcreds-section">
|
||||
{{if .PGCred}}
|
||||
<dl style="display:grid;grid-template-columns:140px 1fr;gap:.5rem .75rem;font-size:.9rem;margin-bottom:1rem">
|
||||
<dt class="text-muted">Host</dt><dd>{{.PGCred.PGHost}}:{{.PGCred.PGPort}}</dd>
|
||||
<dt class="text-muted">Database</dt><dd>{{.PGCred.PGDatabase}}</dd>
|
||||
<dt class="text-muted">Username</dt><dd>{{.PGCred.PGUsername}}</dd>
|
||||
<dt class="text-muted">Password</dt><dd><em class="text-muted">stored (not shown)</em></dd>
|
||||
<dt class="text-muted">Updated</dt><dd class="text-small">{{formatTime .PGCred.UpdatedAt}}</dd>
|
||||
</dl>
|
||||
{{else}}
|
||||
<p class="text-muted text-small" style="margin-bottom:1rem">No credentials stored.</p>
|
||||
{{end}}
|
||||
<form hx-put="/accounts/{{.Account.UUID}}/pgcreds"
|
||||
hx-target="#pgcreds-section" hx-swap="outerHTML">
|
||||
<div style="display:grid;grid-template-columns:1fr 1fr;gap:.5rem;margin-bottom:.5rem">
|
||||
<input class="form-control" type="text" name="host" placeholder="Host" required
|
||||
value="{{if .PGCred}}{{.PGCred.PGHost}}{{end}}">
|
||||
<input class="form-control" type="number" name="port" placeholder="Port (5432)"
|
||||
min="1" max="65535"
|
||||
value="{{if .PGCred}}{{.PGCred.PGPort}}{{end}}">
|
||||
</div>
|
||||
<div style="display:grid;grid-template-columns:1fr 1fr;gap:.5rem;margin-bottom:.5rem">
|
||||
<input class="form-control" type="text" name="database" placeholder="Database" required
|
||||
value="{{if .PGCred}}{{.PGCred.PGDatabase}}{{end}}">
|
||||
<input class="form-control" type="text" name="username" placeholder="Username" required
|
||||
value="{{if .PGCred}}{{.PGCred.PGUsername}}{{end}}">
|
||||
</div>
|
||||
<input class="form-control" type="password" name="password"
|
||||
placeholder="Password (required to update)" required
|
||||
style="margin-bottom:.5rem">
|
||||
<button class="btn btn-sm btn-secondary" type="submit">Save Credentials</button>
|
||||
</form>
|
||||
</div>
|
||||
{{end}}
|
||||
Reference in New Issue
Block a user