zhi/HarborForge.Frontend
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Compare commits

base: zhi:aaf36a4f5c6dc3dce9b7ec397973b69f98251c44
Branches Tags
zhi:main zhi:feat/knowledge-base zhi:feature/foundry-deck-ui
..
compare: zhi:main
Branches Tags
zhi:main zhi:feat/knowledge-base zhi:feature/foundry-deck-ui

13 Commits
aaf36a4f5c ... main

Author SHA1 Message Date
hzhang
bcdf1cbe7a Merge feat/knowledge-base: KnowledgeBase UI 2026-06-01 09:23:54 +01:00
hzhang
14ac03b551 feat(knowledge-base): Knowledge Base UI — browse/edit, modal, project links 
- Knowledge Bases list page + sidebar entry + "+ New" create modal
- Detail page with a recursive structure tree: add/edit/delete topics,
  categories and facts inline, including name + description editing
- Create/metadata-edit modal (title, description)
- Project edit modal gains a link/remove knowledge base section
- Types and routes for /knowledge-bases and /knowledge-bases/:id
- Scoped .kb-* styles (contained panel, topic cards, hierarchy guides)

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
 2026-05-31 15:03:50 +01:00
hzhang
04bb0c6f94 feat(role-editor): "Use as template" — copy another role's perm set 
Adds a select+button next to the permission editor: pick any other role
from the dropdown, click "Use as template" → all checkboxes are replaced
with that role's permission set. Local-only (no API call); the user still
hits "Save changes" to persist. Includes a banner confirming the load
with the source role name + perm count.

Selector excludes the currently-edited role. Hidden for non-admins.

UI: dark card row matching the Foundry Deck token system (--bg-card,
--text-dim mono label, --bg-sink select with --accent focus border).

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
 2026-05-24 19:38:18 +01:00
hzhang
766474f4e9 style(role-editor): rewrite UI on Foundry Deck dark tokens 
Replace hardcoded light-theme inline colors (#fff/#f8f9fa/#e8f5e9/#888…)
with semantic CSS classes that consume the existing design tokens
(--bg-card/--ember/--ember-soft/--accent/--text-dim/--steel/etc.). Fixes
the unreadable role names, faded checkmark cards, and washed-out success
banner — everything was rendering "white-on-cream" against the dark
Foundry Deck background.

Visual structure now:
- two-column grid (sidebar 280px / detail flex)
- role-card: dark surface, ember-soft + 3px ember edge + glow on selected,
  Saira Condensed display name + mono permission count
- perm-group card with dashed steel header
- perm-item: bg-sink default; ember-soft + accent border + ember-tint check
  glyph on checked; native checkbox restyled with the ember palette
- banner pill: success-green or danger-red token, mono text
- create-role card: ember left-edge, mono uppercase labels
- delete uses .btn-danger (already in the token set)

No state/logic changes — same fetch + toggle + save flow.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
 2026-05-24 19:25:05 +01:00
hzhang
f587e1e4c7 fix(frontend): drop localStorage HF_BACKEND_BASE_URL; env-only 
api.ts + useAuthConfig kept the old wizard-era localStorage path for the
backend URL, which is why fresh browsers saw blank pages on MonitorPage
and any other api-using page after the v0.4.0 wizard removal — without
the wizard pre-seeding localStorage, getApiBase() returned undefined and
axios called same-origin (frontend nginx, 404).

App.tsx getApiBase() partially worked because I had only refactored that
one path; api.ts (used by everything else) still had its own duplicate
getApiBase that I missed.

This commit removes the localStorage path entirely from all 3 read sites
(api.ts / App.tsx / useAuthConfig.ts) — single source of truth is now
the build-time env baked in by the Dockerfile ARG.

- src/services/api.ts:    const API_BASE = import.meta.env.VITE_HF_BACKEND_BASE_URL
- src/App.tsx:            const API_BASE = ... (replaces getApiBase())
- src/hooks/useAuthConfig.ts: const BACKEND_BASE = ...
- src/test/setup.ts: stub import.meta.env instead of localStorage key

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
 2026-05-24 19:17:05 +01:00
hzhang
10771a8ffc feat(frontend)!: drop SetupWizardPage, backend URL via build-time VITE_* 
Frontend no longer has any wizard flow. Backend URL is baked into the bundle
at build time via VITE_HF_BACKEND_BASE_URL (forwarded as a Dockerfile ARG
from compose).

- src/App.tsx: drop SetupWizardPage import + appState='setup' fallback +
  HF_WIZARD_PORT-via-localStorage probe. getApiBase() now reads
  import.meta.env.VITE_HF_BACKEND_BASE_URL with localStorage as an escape
  hatch for dev. When /config/status reports no admin yet, show a card
  prompting the operator to run `docker exec hf_backend hf-cli admin
  create-user ...`.
- src/pages/SetupWizardPage.tsx: deleted (~250 lines)
- src/index.css: drop .setup-wizard + .setup-* styles (~36 lines)
- src/vite-env.d.ts: add VITE_HF_BACKEND_BASE_URL to ImportMetaEnv
- Dockerfile: ARG VITE_HF_BACKEND_BASE_URL → ENV → npm run build

Build the prod image with:
  docker build --build-arg VITE_HF_BACKEND_BASE_URL=https://hf-api.hangman-lab.top \
    -t git.hangman-lab.top/zhi/harborforge-frontend:latest .

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
 2026-05-24 19:03:10 +01:00
hzhang
8e52e2bf74 feat(ui): overridable favicon/logo with branded default 
Replace the  emoji with a real logo image used as the in-app brand
mark and the favicon. Default bundled public/logo.svg is the
HangmanLab mark recolored to the Foundry-Deck ember (#ff6a1a).
Override at deploy time via HARBORFORGE_LOGO_URL (injected into
runtime-config.js; getLogoUrl() + favicon swap), no rebuild needed.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
 2026-05-17 22:39:58 +01:00
h z
4d0575291d Merge pull request 'feature/oidc-login' (#12) from feature/oidc-login into main 
Reviewed-on: #12
 2026-05-17 21:27:55 +00:00
hzhang
73da3926e7 feat(auth): admin_role config; drop manual admin-subject from wizard 
OIDC settings page + setup wizard now configure the bootstrap admin
role instead of a hand-typed OIDC subject. The OIDC-only admin link is
handled automatically by the backend admin-role auto-connect on first
sign-in (explained inline in both the wizard and settings page).

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
 2026-05-17 21:05:40 +01:00
hzhang
782e42ac64 feat(setup): OIDC step in setup wizard + runtime OIDC_ONLY flag 
Solves the OIDC-only bootstrap lockout (admin can't reach the in-app
OIDC settings page when password login is disabled and OIDC is unset).

- Frontend image entrypoint injects /runtime-config.js from the
  deploy-time HARBORFORGE_OIDC_ONLY env so the SPA knows the mode
  before the backend exists.
- Setup wizard gains an "OIDC" step (between Admin and Backend):
  required when OIDC-only (incl. admin's OIDC subject so the bootstrap
  admin can sign in), optional otherwise; written into harborforge.json.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
 2026-05-17 20:50:58 +01:00
hzhang
ba55fee9d5 fix(auth): register /settings/oidc route for admins only 
Non-admins fall through to the catch-all redirect instead of seeing
the OIDC settings page shell. Sidebar link, in-page guard and the
admin-only backend API remain as defense in depth.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
 2026-05-17 20:33:28 +01:00
hzhang
8cac6951d7 feat(auth): admin OIDC settings page 
New admin page /settings/oidc to configure the OIDC provider (issuer,
client id/secret, redirect/callback URL, scopes, post-login redirect).
Prominently shows the callback URL to register at the IdP, current
status/source, and the read-only deploy-level OIDC-only flag. Secret
is write-only (blank = keep). Sidebar entry for admins.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
 2026-05-17 20:29:22 +01:00
hzhang
8f8d6d5465 feat(auth): OIDC login UI + binding management + OIDC-only mode 
- useAuthConfig fetches public /auth/config; LoginPage hides the
  password form when oidc_only and shows an SSO button when enabled.
- /oidc/callback route applies the returned JWT (sign-in) or shows the
  link result; oidc_error surfaced on LoginPage.
- UsersPage: hides password fields in OIDC-only mode; admin OIDC
  bind/unbind UI per user. Sidebar self-service "Link OIDC account"
  (non-OIDC_ONLY).
- Dockerfile ARG/ENV HARBORFORGE_OIDC_ONLY.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
 2026-05-17 20:22:14 +01:00
24 changed files with 1774 additions and 503 deletions
Expand all files Collapse all files

24
Dockerfile
View File

@@ -1,6 +1,14 @@
# Build stage
FROM node:20-alpine AS build
WORKDIR /app
# Build-time backend URL — Vite inlines this into the bundle. Passed as
# `--build-arg VITE_HF_BACKEND_BASE_URL=https://hf-api.example.com` in
# the compose file. Without it the bundle calls relative paths (only
# works in dev with the Vite proxy).
ARG VITE_HF_BACKEND_BASE_URL=""
ENV VITE_HF_BACKEND_BASE_URL=${VITE_HF_BACKEND_BASE_URL}
COPY package.json package-lock.json* ./
RUN npm install
COPY . .
@@ -12,5 +20,19 @@ RUN npm install -g serve@14
WORKDIR /app
COPY --from=build /app ./
ENV FRONTEND_DEV_MODE=0
# OIDC-only mode flag. Injected into the SPA at container start as
# /runtime-config.js so the setup wizard knows it before the backend
# exists; /auth/config remains authoritative once the backend is up.
ARG HARBORFORGE_OIDC_ONLY=false
ENV HARBORFORGE_OIDC_ONLY=${HARBORFORGE_OIDC_ONLY}
# Optional deploy-time branding override: a URL the SPA uses for the
# logo + favicon. Empty → bundled /logo.svg default.
ARG HARBORFORGE_LOGO_URL=
ENV HARBORFORGE_LOGO_URL=${HARBORFORGE_LOGO_URL}
EXPOSE 3000
CMD ["sh", "-c", "if [ \"$FRONTEND_DEV_MODE\" = \"1\" ]; then npm run dev -- --host 0.0.0.0 --port 3000 --strictPort; else serve -s dist -l 3000; fi"]
CMD ["sh", "-c", "\
if [ \"$HARBORFORGE_OIDC_ONLY\" = \"true\" ]; then OO=true; else OO=false; fi; \
CFG=\"window.__HF_RUNTIME__={\\\"oidc_only\\\":$OO,\\\"logo_url\\\":\\\"$HARBORFORGE_LOGO_URL\\\"};\"; \
mkdir -p public; printf '%s' \"$CFG\" > public/runtime-config.js; \
[ -d dist ] && printf '%s' \"$CFG\" > dist/runtime-config.js; \
if [ \"$FRONTEND_DEV_MODE\" = \"1\" ]; then npm run dev -- --host 0.0.0.0 --port 3000 --strictPort; else serve -s dist -l 3000; fi"]

12
index.html
View File

@@ -2,12 +2,22 @@
<html lang="en">
<head>
<meta charset="UTF-8" />
<link rel="icon" type="image/svg+xml" href="/vite.svg" />
<link id="hf-favicon" rel="icon" type="image/svg+xml" href="/logo.svg" />
<meta name="viewport" content="width=device-width, initial-scale=1.0" />
<title>HarborForge</title>
</head>
<body>
<div id="root"></div>
<!-- Runtime config injected by the container entrypoint (deploy-time
HARBORFORGE_OIDC_ONLY). Absent in dev → app falls back to /auth/config. -->
<script src="/runtime-config.js"></script>
<script>
// Optional deploy-time branding override (HARBORFORGE_LOGO_URL).
try {
var u = window.__HF_RUNTIME__ && window.__HF_RUNTIME__.logo_url;
if (u) document.getElementById('hf-favicon').href = u;
} catch (e) {}
</script>
<script type="module" src="/src/main.tsx"></script>
</body>
</html>

44
public/logo.svg Normal file
View File

@@ -0,0 +1,44 @@
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 733.000000 733.000000" role="img" aria-label="Hangman Lab">
<g transform="translate(0.000000,733.000000) scale(0.100000,-0.100000)"
fill="#ff6a1a" stroke="none">
<path d="M812 6860 c-66 -40 -73 -66 -70 -242 3 -141 5 -159 24 -185 43 -58
63 -63 262 -64 l182 -1 0 -2694 0 -2694 -290 0 c-314 0 -332 -3 -380 -54 -24
-27 -25 -32 -28 -199 -3 -195 4 -218 71 -250 32 -16 257 -17 3084 -17 2955 0
3049 1 3083 19 65 34 75 66 75 236 0 186 -16 224 -104 254 -25 8 -682 11
-2512 11 l-2479 0 0 1998 0 1997 698 697 697 697 670 -3 c369 -2 680 -4 693
-5 22 -1 22 -1 22 -269 l0 -268 84 -12 c47 -7 103 -19 125 -27 41 -14 41 -14
43 283 l3 297 631 1 c698 2 673 -1 714 67 18 28 20 51 20 187 0 173 -8 201
-72 240 -33 20 -56 20 -2623 20 -2567 0 -2590 0 -2623 -20z m1725 -500 c-1 -3
-183 -185 -404 -404 l-403 -399 0 405 0 406 405 -1 c223 -1 404 -4 402 -7z
M4283 5701 c-459 -125 -690 -624 -483 -1046 67 -138 196 -266 335 -335 281
-139 612 -93 837 118 235 219 297 575 152 870 -85 174 -235 306 -427 375 -111
40 -302 48 -414 18z m267 -211 c95 -15 201 -70 274 -144 273 -274 173 -723
-189 -851 -93 -33 -236 -35 -326 -5 -202 68 -340 249 -356 465 -18 242 153
471 394 529 71 18 119 19 203 6z M5945 4716 c-56 -25 -80 -61 -80 -122 0 -48
4 -57 36 -90 88 -88 219 -29 219 98 0 45 -34 96 -75 114 -42 17 -61 17 -100 0z
M5675 4466 c-60 -26 -73 -109 -26 -157 62 -61 161 -19 161 70 0 74 -68 118
-135 87z M3747 4397 c-10 -7 -226 -223 -479 -482 -307 -313 -467 -483 -479
-510 -35 -75 -17 -177 38 -227 39 -35 114 -61 160 -54 100 13 104 17 583 554
l145 162 3 -404 c3 -455 15 -342 -137 -1186 -76 -423 -101 -587 -101 -664 0
-190 182 -307 377 -242 62 21 136 95 152 152 6 22 29 188 52 369 57 466 109
839 118 848 4 4 52 6 106 5 l99 -3 67 -210 c38 -115 68 -220 69 -232 0 -12
-38 -152 -85 -311 -47 -159 -85 -302 -85 -317 0 -128 109 -225 255 -225 109 1
185 42 228 125 26 51 237 683 237 710 0 11 -54 182 -121 380 -121 360 -121
360 -134 605 -8 135 -14 292 -14 350 l0 105 152 -158 c84 -87 166 -167 182
-177 44 -29 98 -26 135 8 38 35 187 379 173 401 -5 8 -34 20 -64 26 -59 11
-38 -8 -393 362 -89 93 -100 97 -174 59 -59 -30 -161 -62 -229 -71 -52 -7 -53
-7 -53 -41 0 -44 -21 -84 -61 -118 -38 -32 -41 0 32 -455 l52 -325 -82 -78
c-45 -43 -85 -78 -89 -78 -4 0 -42 35 -84 78 l-77 77 34 215 c19 118 46 289
61 379 26 164 26 164 -5 188 -42 33 -54 58 -61 121 -5 54 -5 54 -92 87 -98 38
-184 89 -243 145 -76 70 -123 87 -168 57z M5504 4170 c-74 -30 -69 -170 6
-170 19 0 20 -7 20 -123 0 -122 0 -122 -54 -262 -30 -77 -97 -243 -150 -369
-106 -252 -113 -287 -73 -347 46 -70 38 -69 560 -69 327 0 475 3 490 11 69 35
107 109 88 172 -5 17 -62 142 -126 277 -225 470 -215 443 -215 586 0 114 2
124 18 124 57 0 72 101 23 151 -29 29 -29 29 -298 28 -147 0 -278 -4 -289 -9z
m376 -307 c1 -148 1 -148 81 -333 101 -231 98 -222 68 -216 -13 3 -116 22
-229 42 -112 19 -208 37 -212 40 -4 2 18 75 48 160 54 156 54 156 54 305 l0
149 95 0 95 0 0 -147z m-219 -593 c22 0 49 -42 49 -75 0 -46 -29 -75 -74 -75
-37 0 -76 36 -76 71 0 46 45 94 78 83 8 -2 18 -4 23 -4z m327 -126 c53 -59 -7
-144 -80 -113 -54 22 -65 83 -22 125 30 31 67 27 102 -12z"/>
</g>
</svg>
Side by Side

After

Width:  |  Height:  |  Size: 3.0 KiB

101
src/App.tsx
View File

@@ -3,12 +3,13 @@ import { BrowserRouter, Routes, Route, Navigate } from 'react-router-dom'
import { useAuth } from '@/hooks/useAuth'
import Sidebar from '@/components/Sidebar'
import LoginPage from '@/pages/LoginPage'
import SetupWizardPage from '@/pages/SetupWizardPage'
import DashboardPage from '@/pages/DashboardPage'
import TasksPage from '@/pages/TasksPage'
import TaskDetailPage from '@/pages/TaskDetailPage'
import ProjectsPage from '@/pages/ProjectsPage'
import ProjectDetailPage from '@/pages/ProjectDetailPage'
import KnowledgeBasesPage from '@/pages/KnowledgeBasesPage'
import KnowledgeBaseDetailPage from '@/pages/KnowledgeBaseDetailPage'
import MilestonesPage from '@/pages/MilestonesPage'
import MilestoneDetailPage from '@/pages/MilestoneDetailPage'
import NotificationsPage from '@/pages/NotificationsPage'
@@ -20,71 +21,82 @@ import UsersPage from '@/pages/UsersPage'
import CalendarPage from '@/pages/CalendarPage'
import SupportDetailPage from '@/pages/SupportDetailPage'
import MeetingDetailPage from '@/pages/MeetingDetailPage'
import OidcCallbackPage from '@/pages/OidcCallbackPage'
import OidcSettingsPage from '@/pages/OidcSettingsPage'
import axios from 'axios'
const getStoredWizardPort = (): number | null => {
const stored = Number(localStorage.getItem('HF_WIZARD_PORT'))
return stored && stored > 0 ? stored : null
}
// Backend URL is baked in at build time via VITE_HF_BACKEND_BASE_URL
// (docker build --build-arg). Empty string → same-origin call (only
// works in dev with the Vite proxy).
const API_BASE = import.meta.env.VITE_HF_BACKEND_BASE_URL || ''
const getApiBase = () => {
return localStorage.getItem('HF_BACKEND_BASE_URL') ?? undefined
}
type AppState = 'checking' | 'setup' | 'ready'
type AppState = 'checking' | 'no-admin' | 'ready'
export default function App() {
const [appState, setAppState] = useState<AppState>('checking')
const { user, loading, login, logout } = useAuth()
const [errorMessage, setErrorMessage] = useState<string>('')
const { user, loading, login, loginWithToken, logout } = useAuth()
useEffect(() => {
checkInitialized()
}, [])
const checkInitialized = async () => {
// First try the backend /config/status endpoint (reads from config volume directly)
try {
const res = await axios.get(`${getApiBase()}/config/status`, { timeout: 5000 })
const res = await axios.get(`${API_BASE}/config/status`, { timeout: 5000 })
const cfg = res.data || {}
if (cfg.backend_url) {
localStorage.setItem('HF_BACKEND_BASE_URL', cfg.backend_url)
}
if (cfg.initialized === true) {
setAppState('ready')
return
}
} catch {
// Backend unreachable — fall through to wizard check
setAppState('no-admin')
} catch (err) {
const msg = err instanceof Error ? err.message : String(err)
setErrorMessage(`Backend unreachable at ${API_BASE || '<same origin>'}${msg}`)
setAppState('no-admin')
}
// Fallback: if a wizard port was previously saved during setup, try it directly
const storedPort = getStoredWizardPort()
if (storedPort) {
try {
const res = await axios.get(`http://127.0.0.1:${storedPort}/api/v1/config/harborforge.json`, {
timeout: 5000,
})
const cfg = res.data || {}
if (cfg.backend_url) {
localStorage.setItem('HF_BACKEND_BASE_URL', cfg.backend_url)
}
if (cfg.initialized === true) {
setAppState('ready')
return
}
} catch {
// ignore — fall through to setup
}
}
setAppState('setup')
}
if (appState === 'checking') {
return <div className="loading">Checking configuration status...</div>
return <div className="loading">Checking deployment status</div>
}
if (appState === 'setup') {
return <SetupWizardPage initialWizardPort={getStoredWizardPort()} onComplete={checkInitialized} />
if (appState === 'no-admin') {
return (
<div className="login-page">
<div className="login-card">
<h1> HarborForge</h1>
{errorMessage ? (
<>
<p className="text-dim">Cannot reach the backend.</p>
<pre style={{ whiteSpace: 'pre-wrap', fontSize: '0.85em' }}>{errorMessage}</pre>
<p className="text-dim">
Set <code>VITE_HF_BACKEND_BASE_URL</code> at build time
(e.g. <code>https://hf-api.example.com</code>) in the
frontend container's compose entry.
</p>
</>
) : (
<>
<p className="text-dim">
No admin user found. Bootstrap the deployment by running, on the host:
</p>
<pre style={{ whiteSpace: 'pre-wrap', fontSize: '0.85em' }}>
{`docker exec hf-backend hf-cli admin create-user \\
--email you@example.com \\
--password '...' \\
# ...or in OIDC_ONLY mode:
--oidc-issuer https://login.example.com/realms/your-realm \\
--oidc-subject <sub-from-idp>`}
</pre>
<button className="btn-primary" onClick={checkInitialized}>
Recheck
</button>
</>
)}
</div>
</div>
)
}
if (loading) return <div className="loading">Loading...</div>
@@ -100,6 +112,7 @@ export default function App() {
<Route path="/users" element={<UsersPage />} />
<Route path="/monitor" element={<MonitorPage />} />
<Route path="/login" element={<LoginPage onLogin={login} />} />
<Route path="/oidc/callback" element={<OidcCallbackPage onToken={loginWithToken} />} />
<Route path="*" element={<Navigate to="/monitor" />} />
</Routes>
</main>
@@ -119,6 +132,8 @@ export default function App() {
<Route path="/tasks/:taskCode" element={<TaskDetailPage />} />
<Route path="/projects" element={<ProjectsPage />} />
<Route path="/projects/:id" element={<ProjectDetailPage />} />
<Route path="/knowledge-bases" element={<KnowledgeBasesPage />} />
<Route path="/knowledge-bases/:id" element={<KnowledgeBaseDetailPage />} />
<Route path="/milestones" element={<MilestonesPage />} />
<Route path="/milestones/:milestoneCode" element={<MilestoneDetailPage />} />
<Route path="/proposals" element={<ProposalsPage />} />
@@ -133,6 +148,8 @@ export default function App() {
<Route path="/roles" element={<RoleEditorPage />} />
<Route path="/users" element={<UsersPage />} />
<Route path="/monitor" element={<MonitorPage />} />
{user?.is_admin && <Route path="/settings/oidc" element={<OidcSettingsPage />} />}
<Route path="/oidc/callback" element={<OidcCallbackPage onToken={loginWithToken} />} />
<Route path="*" element={<Navigate to="/" />} />
</Routes>
</main>

104
src/components/KnowledgeBaseFormModal.tsx Normal file
View File

@@ -0,0 +1,104 @@
import { useEffect, useState } from 'react'
import api from '@/services/api'
import type { KnowledgeBase } from '@/types'
type Props = {
isOpen: boolean
onClose: () => void
onSaved?: (kb: KnowledgeBase) => void | Promise<void>
knowledgeBase?: KnowledgeBase | null
}
type FormState = {
title: string
description: string
}
const emptyForm: FormState = { title: '', description: '' }
export default function KnowledgeBaseFormModal({ isOpen, onClose, onSaved, knowledgeBase }: Props) {
const [saving, setSaving] = useState(false)
const [error, setError] = useState('')
const [form, setForm] = useState<FormState>(emptyForm)
useEffect(() => {
if (!isOpen) return
setError('')
if (knowledgeBase) {
setForm({ title: knowledgeBase.title, description: knowledgeBase.description || '' })
} else {
setForm(emptyForm)
}
}, [isOpen, knowledgeBase])
const submit = async (e: React.FormEvent) => {
e.preventDefault()
setSaving(true)
setError('')
try {
if (knowledgeBase) {
const { data } = await api.patch<KnowledgeBase>(`/knowledge-bases/${knowledgeBase.id}`, {
title: form.title,
description: form.description || null,
})
await onSaved?.(data)
} else {
const { data } = await api.post<KnowledgeBase>('/knowledge-bases', {
title: form.title,
description: form.description || null,
})
await onSaved?.(data)
}
onClose()
} catch (err: any) {
setError(err?.response?.data?.detail || 'Failed to save knowledge base')
} finally {
setSaving(false)
}
}
if (!isOpen) return null
return (
<div className="modal-overlay" onClick={onClose}>
<div className="modal" onClick={(e) => e.stopPropagation()}>
<div className="modal-header">
<h3>{knowledgeBase ? 'Edit Knowledge Base' : 'Create Knowledge Base'}</h3>
<button type="button" className="btn-secondary" onClick={onClose}></button>
</div>
<form className="task-create-form" onSubmit={submit}>
<label>
Title
<input
data-testid="kb-title-input"
required
placeholder="Knowledge base title"
value={form.title}
onChange={(e) => setForm((f) => ({ ...f, title: e.target.value }))}
/>
</label>
<label>
Description
<textarea
data-testid="kb-description-input"
placeholder="Description (optional)"
value={form.description}
onChange={(e) => setForm((f) => ({ ...f, description: e.target.value }))}
/>
</label>
{error && <p className="error-text" style={{ color: 'var(--danger, #e5534b)' }}>{error}</p>}
<div className="modal-actions">
<button type="submit" className="btn-primary" disabled={saving}>
{saving ? 'Saving...' : (knowledgeBase ? 'Save' : 'Create')}
</button>
<button type="button" className="btn-secondary" onClick={onClose} disabled={saving}>Cancel</button>
</div>
</form>
</div>
</div>
)
}

275
src/components/KnowledgeBaseTree.tsx Normal file
View File

@@ -0,0 +1,275 @@
import { useState } from 'react'
import api from '@/services/api'
import type { KnowledgeBaseTree as Tree, KnowledgeTopicNode, KnowledgeCategoryNode, KnowledgeFact } from '@/types'
type Reload = () => void | Promise<void>
function errMsg(err: any, fallback: string): string {
return err?.response?.data?.detail || fallback
}
/** A toggle button that reveals a single-line input with save/cancel. */
function InlineForm({ label, placeholder, onSubmit }: {
label: string
placeholder: string
onSubmit: (value: string) => Promise<void>
}) {
const [open, setOpen] = useState(false)
const [value, setValue] = useState('')
const [busy, setBusy] = useState(false)
if (!open) {
return <button className="kb-mini-btn" onClick={() => { setValue(''); setOpen(true) }}>{label}</button>
}
const save = async () => {
if (!value.trim()) return
setBusy(true)
try { await onSubmit(value.trim()); setOpen(false) }
finally { setBusy(false) }
}
return (
<span className="kb-inline-form">
<input
autoFocus
placeholder={placeholder}
value={value}
disabled={busy}
onChange={(e) => setValue(e.target.value)}
onKeyDown={(e) => { if (e.key === 'Enter') save(); if (e.key === 'Escape') setOpen(false) }}
/>
<button className="kb-mini-btn" disabled={busy} onClick={save}></button>
<button className="kb-mini-btn" disabled={busy} onClick={() => setOpen(false)}></button>
</span>
)
}
/** Inline editor for a node's name + description (used by topics & categories). */
function NodeEditForm({ initialName, initialDesc, namePlaceholder, onSave, onCancel }: {
initialName: string
initialDesc: string
namePlaceholder: string
onSave: (name: string, description: string) => Promise<void>
onCancel: () => void
}) {
const [name, setName] = useState(initialName)
const [desc, setDesc] = useState(initialDesc)
const [busy, setBusy] = useState(false)
const save = async () => {
if (!name.trim()) return
setBusy(true)
try { await onSave(name.trim(), desc) } finally { setBusy(false) }
}
return (
<div className="kb-edit-form">
<input
autoFocus
placeholder={namePlaceholder}
value={name}
disabled={busy}
onChange={(e) => setName(e.target.value)}
onKeyDown={(e) => { if (e.key === 'Enter') save(); if (e.key === 'Escape') onCancel() }}
/>
<textarea
placeholder="Description (optional)"
rows={2}
value={desc}
disabled={busy}
onChange={(e) => setDesc(e.target.value)}
/>
<span className="kb-row-actions">
<button className="kb-mini-btn" disabled={busy} onClick={save}>save</button>
<button className="kb-mini-btn" disabled={busy} onClick={onCancel}>cancel</button>
</span>
</div>
)
}
function FactRow({ fact, onChange }: { fact: KnowledgeFact; onChange: Reload }) {
const [editing, setEditing] = useState(false)
const [value, setValue] = useState(fact.fact)
const save = async () => {
try {
await api.patch(`/knowledge-facts/${fact.id}`, { fact: value })
setEditing(false)
await onChange()
} catch (err) { alert(errMsg(err, 'Failed to update fact')) }
}
const remove = async () => {
if (!confirm('Delete this fact?')) return
try { await api.delete(`/knowledge-facts/${fact.id}`); await onChange() }
catch (err) { alert(errMsg(err, 'Failed to delete fact')) }
}
return (
<div className="kb-fact">
<span className="kb-bullet"></span>
{editing ? (
<span className="kb-inline-form kb-inline-grow">
<input autoFocus value={value} onChange={(e) => setValue(e.target.value)}
onKeyDown={(e) => { if (e.key === 'Enter') save(); if (e.key === 'Escape') setEditing(false) }} />
<button className="kb-mini-btn" onClick={save}></button>
<button className="kb-mini-btn" onClick={() => { setValue(fact.fact); setEditing(false) }}></button>
</span>
) : (
<>
<span className="kb-fact-text">{fact.fact}</span>
<span className="kb-row-actions">
<button className="kb-mini-btn" onClick={() => setEditing(true)}>edit</button>
<button className="kb-mini-btn kb-danger" onClick={remove}>del</button>
</span>
</>
)}
</div>
)
}
function CategoryNode({ cat, onChange }: { cat: KnowledgeCategoryNode; onChange: Reload }) {
const [editing, setEditing] = useState(false)
const saveEdit = async (name: string, description: string) => {
try {
await api.patch(`/knowledge-categories/${cat.id}`, { name, description: description || null })
setEditing(false)
await onChange()
} catch (err) { alert(errMsg(err, 'Failed to update category')) }
}
const remove = async () => {
if (!confirm('Delete this category and everything under it?')) return
try { await api.delete(`/knowledge-categories/${cat.id}`); await onChange() }
catch (err) { alert(errMsg(err, 'Failed to delete category')) }
}
const addSubcategory = async (value: string) => {
try { await api.post('/knowledge-categories', { topic_id: cat.topic_id, parent: cat.id, name: value }); await onChange() }
catch (err) { alert(errMsg(err, 'Failed to add category')) }
}
const addFact = async (value: string) => {
try { await api.post('/knowledge-facts', { topic_id: cat.topic_id, category_id: cat.id, fact: value }); await onChange() }
catch (err) { alert(errMsg(err, 'Failed to add fact')) }
}
return (
<div className="kb-node kb-category">
{editing ? (
<div className="kb-node-header">
<NodeEditForm
initialName={cat.name}
initialDesc={cat.description || ''}
namePlaceholder="Category name"
onSave={saveEdit}
onCancel={() => setEditing(false)}
/>
</div>
) : (
<>
<div className="kb-node-header">
<span className="kb-node-title">📂 {cat.name}</span>
<span className="kb-row-actions">
<InlineForm label="+ category" placeholder="Category name" onSubmit={addSubcategory} />
<InlineForm label="+ fact" placeholder="Fact" onSubmit={addFact} />
<button className="kb-mini-btn" onClick={() => setEditing(true)}>edit</button>
<button className="kb-mini-btn kb-danger" onClick={remove}>del</button>
</span>
</div>
{cat.description && <div className="kb-node-desc">{cat.description}</div>}
</>
)}
<div className="kb-children">
{cat.facts.map((f) => <FactRow key={f.id} fact={f} onChange={onChange} />)}
{cat.categories.map((c) => <CategoryNode key={c.id} cat={c} onChange={onChange} />)}
</div>
</div>
)
}
function TopicNode({ topic, onChange }: { topic: KnowledgeTopicNode; onChange: Reload }) {
const [editing, setEditing] = useState(false)
const saveEdit = async (name: string, description: string) => {
try {
await api.patch(`/knowledge-topics/${topic.id}`, { topic: name, description: description || null })
setEditing(false)
await onChange()
} catch (err) { alert(errMsg(err, 'Failed to update topic')) }
}
const remove = async () => {
if (!confirm('Delete this topic and everything under it?')) return
try { await api.delete(`/knowledge-topics/${topic.id}`); await onChange() }
catch (err) { alert(errMsg(err, 'Failed to delete topic')) }
}
const addCategory = async (value: string) => {
try { await api.post('/knowledge-categories', { topic_id: topic.id, name: value }); await onChange() }
catch (err) { alert(errMsg(err, 'Failed to add category')) }
}
const addFact = async (value: string) => {
try { await api.post('/knowledge-facts', { topic_id: topic.id, fact: value }); await onChange() }
catch (err) { alert(errMsg(err, 'Failed to add fact')) }
}
return (
<div className="kb-node kb-topic">
{editing ? (
<div className="kb-node-header">
<NodeEditForm
initialName={topic.topic}
initialDesc={topic.description || ''}
namePlaceholder="Topic name"
onSave={saveEdit}
onCancel={() => setEditing(false)}
/>
</div>
) : (
<>
<div className="kb-node-header">
<span className="kb-node-title kb-topic-title"># {topic.topic}</span>
<span className="kb-row-actions">
<InlineForm label="+ category" placeholder="Category name" onSubmit={addCategory} />
<InlineForm label="+ fact" placeholder="Fact" onSubmit={addFact} />
<button className="kb-mini-btn" onClick={() => setEditing(true)}>edit</button>
<button className="kb-mini-btn kb-danger" onClick={remove}>del</button>
</span>
</div>
{topic.description && <div className="kb-node-desc">{topic.description}</div>}
</>
)}
<div className="kb-children">
{topic.facts.map((f) => <FactRow key={f.id} fact={f} onChange={onChange} />)}
{topic.categories.map((c) => <CategoryNode key={c.id} cat={c} onChange={onChange} />)}
</div>
</div>
)
}
export default function KnowledgeBaseTree({ tree, onChange }: { tree: Tree; onChange: Reload }) {
const [addingTopic, setAddingTopic] = useState(false)
const [topicName, setTopicName] = useState('')
const addTopic = async () => {
if (!topicName.trim()) return
try {
await api.post(`/knowledge-bases/${tree.id}/topics`, { topic: topicName.trim() })
setTopicName(''); setAddingTopic(false)
await onChange()
} catch (err) { alert(errMsg(err, 'Failed to add topic')) }
}
return (
<div className="kb-tree">
<div className="kb-tree-toolbar">
{addingTopic ? (
<span className="kb-inline-form">
<input autoFocus placeholder="Topic name" value={topicName} onChange={(e) => setTopicName(e.target.value)}
onKeyDown={(e) => { if (e.key === 'Enter') addTopic(); if (e.key === 'Escape') setAddingTopic(false) }} />
<button className="kb-mini-btn" onClick={addTopic}></button>
<button className="kb-mini-btn" onClick={() => setAddingTopic(false)}></button>
</span>
) : (
<button className="btn-secondary" onClick={() => setAddingTopic(true)}>+ Add topic</button>
)}
</div>
{tree.topics.length === 0 && <p className="empty">No topics yet. Add one above.</p>}
{tree.topics.map((t) => <TopicNode key={t.id} topic={t} onChange={onChange} />)}
</div>
)
}

78
src/components/ProjectFormModal.tsx
View File

@@ -1,6 +1,6 @@
import { useEffect, useMemo, useState } from 'react'
import api from '@/services/api'
import type { Project, User } from '@/types'
import type { Project, User, KnowledgeBase } from '@/types'
type Props = {
isOpen: boolean
@@ -34,6 +34,15 @@ export default function ProjectFormModal({ isOpen, onClose, onSaved, project }:
const [projects, setProjects] = useState<Project[]>([])
const [saving, setSaving] = useState(false)
const [form, setForm] = useState<FormState>(emptyForm)
const [allKBs, setAllKBs] = useState<KnowledgeBase[]>([])
const [linkedKBs, setLinkedKBs] = useState<KnowledgeBase[]>([])
const [kbToLink, setKbToLink] = useState('')
const refreshLinkedKBs = async () => {
if (!project) return
const { data } = await api.get<KnowledgeBase[]>(`/projects/${project.id}/knowledge-bases`)
setLinkedKBs(data)
}
useEffect(() => {
if (!isOpen) return
@@ -46,6 +55,21 @@ export default function ProjectFormModal({ isOpen, onClose, onSaved, project }:
setUsers(userData)
setProjects(projectData)
// Knowledge-base linking is only meaningful for an existing project.
if (project) {
try {
const [{ data: kbs }, { data: linked }] = await Promise.all([
api.get<KnowledgeBase[]>('/knowledge-bases'),
api.get<KnowledgeBase[]>(`/projects/${project.id}/knowledge-bases`),
])
setAllKBs(kbs)
setLinkedKBs(linked)
} catch {
setAllKBs([])
setLinkedKBs([])
}
}
if (project) {
setForm({
name: project.name,
@@ -79,6 +103,32 @@ export default function ProjectFormModal({ isOpen, onClose, onSaved, project }:
setForm((f) => ({ ...f, [field]: values }))
}
const linkableKBs = useMemo(
() => allKBs.filter((kb) => !linkedKBs.some((l) => l.id === kb.id)),
[allKBs, linkedKBs]
)
const linkKB = async () => {
if (!project || !kbToLink) return
try {
await api.post(`/projects/${project.id}/knowledge-bases`, { knowledge_base: kbToLink })
setKbToLink('')
await refreshLinkedKBs()
} catch (err: any) {
alert(err?.response?.data?.detail || 'Failed to link knowledge base')
}
}
const unlinkKB = async (kbId: number) => {
if (!project) return
try {
await api.delete(`/projects/${project.id}/knowledge-bases/${kbId}`)
await refreshLinkedKBs()
} catch (err: any) {
alert(err?.response?.data?.detail || 'Failed to unlink knowledge base')
}
}
const submit = async (e: React.FormEvent) => {
e.preventDefault()
setSaving(true)
@@ -193,6 +243,32 @@ export default function ProjectFormModal({ isOpen, onClose, onSaved, project }:
</select>
</label>
{project && (
<div className="kb-link-section">
<label style={{ marginBottom: 4 }}>Knowledge Bases</label>
{linkedKBs.length === 0 && <p className="text-dim" style={{ margin: '4px 0' }}>None linked.</p>}
<ul className="kb-link-list">
{linkedKBs.map((kb) => (
<li key={kb.id}>
<span>{kb.knowledge_base_code ? `${kb.knowledge_base_code} · ` : ''}{kb.title}</span>
<button type="button" className="kb-mini-btn kb-danger" onClick={() => unlinkKB(kb.id)}>remove</button>
</li>
))}
</ul>
<div className="kb-link-add">
<select value={kbToLink} onChange={(e) => setKbToLink(e.target.value)}>
<option value=""> select a knowledge base </option>
{linkableKBs.map((kb) => (
<option key={kb.id} value={kb.knowledge_base_code || String(kb.id)}>
{kb.knowledge_base_code ? `${kb.knowledge_base_code} · ` : ''}{kb.title}
</option>
))}
</select>
<button type="button" className="btn-secondary" disabled={!kbToLink} onClick={linkKB}>Link</button>
</div>
</div>
)}
<div className="modal-actions">
<button type="submit" className="btn-primary" disabled={saving}>{saving ? 'Saving...' : (project ? 'Save' : 'Create')}</button>
<button type="button" className="btn-secondary" onClick={onClose} disabled={saving}>Cancel</button>

12
src/components/Sidebar.tsx
View File

@@ -1,6 +1,8 @@
import { useState, useEffect } from 'react'
import { Link, useLocation, useNavigate } from 'react-router-dom'
import api from '@/services/api'
import { useAuthConfig, oidcLinkHref } from '@/hooks/useAuthConfig'
import { getLogoUrl } from '@/runtime'
import type { User } from '@/types'
interface Props {
@@ -11,6 +13,7 @@ interface Props {
export default function Sidebar({ user, onLogout }: Props) {
const { pathname } = useLocation()
const navigate = useNavigate()
const { config: authCfg } = useAuthConfig()
const [unreadCount, setUnreadCount] = useState(0)
useEffect(() => {
@@ -32,6 +35,7 @@ export default function Sidebar({ user, onLogout }: Props) {
const links = user ? [
{ to: '/', icon: '📊', label: 'Dashboard' },
{ to: '/projects', icon: '📁', label: 'Projects' },
{ to: '/knowledge-bases', icon: '📚', label: 'Knowledge Bases' },
{ to: '/proposals', icon: '💡', label: 'Proposals' },
{ to: '/calendar', icon: '📅', label: 'Calendar' },
{ to: '/notifications', icon: '🔔', label: 'Notifications' + (unreadCount > 0 ? ' (' + unreadCount + ')' : '') },
@@ -39,6 +43,7 @@ export default function Sidebar({ user, onLogout }: Props) {
...(user.is_admin ? [
{ to: '/users', icon: '👥', label: 'Users' },
{ to: '/roles', icon: '🔐', label: 'Roles' },
{ to: '/settings/oidc', icon: '🪪', label: 'OIDC' },
] : []),
] : [
{ to: '/monitor', icon: '📡', label: 'Monitor' },
@@ -47,7 +52,7 @@ export default function Sidebar({ user, onLogout }: Props) {
return (
<nav className="sidebar">
<div className="sidebar-header">
<h1> HarborForge</h1>
<h1><img src={getLogoUrl()} className="brand-logo" alt="" /> HarborForge</h1>
</div>
<ul className="nav-links">
{links.map((l) => (
@@ -64,6 +69,11 @@ export default function Sidebar({ user, onLogout }: Props) {
<button onClick={() => navigate('/login')}>Log in</button>
)}
</div>
{user && authCfg.oidcEnabled && !authCfg.oidcOnly && (
<div className="sidebar-footer" style={{ borderTop: 'none', paddingTop: 0 }}>
<a href={oidcLinkHref()} title="Link your account to an OIDC identity">🔗 Link OIDC account</a>
</div>
)}
</nav>
)
}

8
src/hooks/useAuth.ts
View File

@@ -44,10 +44,16 @@ export function useAuth() {
await fetchUser()
}
const loginWithToken = async (token: string) => {
localStorage.setItem('token', token)
setState((s) => ({ ...s, token }))
await fetchUser()
}
const logout = () => {
localStorage.removeItem('token')
setState({ user: null, token: null, loading: false })
}
return { ...state, login, logout }
return { ...state, login, loginWithToken, logout }
}

76
src/hooks/useAuthConfig.ts Normal file
View File

@@ -0,0 +1,76 @@
import { useState, useEffect } from 'react'
import api from '@/services/api'
export interface AuthConfig {
oidcEnabled: boolean
oidcOnly: boolean
passwordLogin: boolean
oidcLoginUrl: string
}
const DEFAULT: AuthConfig = {
oidcEnabled: false,
oidcOnly: false,
passwordLogin: true,
oidcLoginUrl: '/auth/oidc/login',
}
let cache: AuthConfig | null = null
let inflight: Promise<AuthConfig> | null = null
async function load(): Promise<AuthConfig> {
if (cache) return cache
if (inflight) return inflight
inflight = api
.get('/auth/config')
.then(({ data }) => {
cache = {
oidcEnabled: !!data.oidc_enabled,
oidcOnly: !!data.oidc_only,
passwordLogin: data.password_login !== false,
oidcLoginUrl: data.oidc_login_url || '/auth/oidc/login',
}
return cache
})
.catch(() => {
// Backend unreachable / old backend without /auth/config:
// fall back to password-only so login is never fully blocked.
cache = { ...DEFAULT }
return cache
})
.finally(() => {
inflight = null
})
return inflight
}
/** Absolute backend URL for full-page OIDC redirects. */
const BACKEND_BASE = import.meta.env.VITE_HF_BACKEND_BASE_URL || ''
export function oidcLoginHref(cfg: AuthConfig): string {
return `${BACKEND_BASE}${cfg.oidcLoginUrl}`
}
export function oidcLinkHref(): string {
return `${BACKEND_BASE}/auth/oidc/link`
}
export function useAuthConfig() {
const [config, setConfig] = useState<AuthConfig | null>(cache)
const [loading, setLoading] = useState(!cache)
useEffect(() => {
let alive = true
load().then((c) => {
if (alive) {
setConfig(c)
setLoading(false)
}
})
return () => {
alive = false
}
}, [])
return { config: config ?? DEFAULT, loading }
}

358
src/index.css
View File

@@ -144,7 +144,12 @@ input, textarea, select, button { font-family: inherit; }
font-size: 1.3rem; letter-spacing: .12em;
display: flex; align-items: center; gap: 8px;
}
.sidebar-header h1::first-letter { color: var(--accent); }
/* Brand logo (overridable via HARBORFORGE_LOGO_URL / public/logo.svg) */
.brand-logo {
height: 1.15em; width: auto; vertical-align: -0.18em;
display: inline-block; flex: 0 0 auto;
}
.login-card h1 .brand-logo, .setup-header h1 .brand-logo { height: 1.4em; }
.nav-links { list-style: none; flex: 1; padding: 14px 12px; display: flex; flex-direction: column; gap: 2px; }
.nav-links li a {
display: flex; align-items: center; gap: 10px;
@@ -175,7 +180,7 @@ input, textarea, select, button { font-family: inherit; }
.sidebar-footer button:hover { border-color: var(--accent); color: var(--accent); }
/* ---- Login -------------------------------------------------------------- */
.login-page, .setup-wizard {
.login-page {
display: flex; align-items: center; justify-content: center;
min-height: 100vh; padding: 24px;
}
@@ -464,43 +469,6 @@ dd { font-size: .92rem; font-family: 'JetBrains Mono', monospace; }
.empty::after { content: ' —'; color: var(--accent); }
.text-dim { color: var(--text-dim); font-size: .82rem; }
/* ---- Setup Wizard ------------------------------------------------------- */
.setup-container {
position: relative; background: var(--bg-card); border: var(--hair);
border-radius: 6px; padding: 44px; max-width: 620px; width: 100%;
box-shadow: 0 40px 80px -30px rgba(0,0,0,.8);
animation: deck-in .55s cubic-bezier(.16,1,.3,1) both;
}
.setup-container::before { content: ''; position: absolute; left: 0; right: 0; top: 0; height: 3px; background: var(--ember); border-radius: 6px 6px 0 0; }
.setup-header { text-align: center; margin-bottom: 34px; }
.setup-header h1 { font-size: 1.6rem; margin-bottom: 22px; letter-spacing: .1em; }
.setup-steps { display: flex; justify-content: center; gap: 8px; flex-wrap: wrap; }
.setup-step {
font-size: .68rem; color: var(--text-dim); padding: 5px 12px; border-radius: 2px;
border: var(--hair); text-transform: uppercase; letter-spacing: .1em;
font-family: 'JetBrains Mono', monospace;
}
.setup-step.active { color: var(--accent); border-color: var(--accent); background: var(--ember-soft); }
.setup-step.done { color: var(--success); border-color: var(--success); }
.setup-step-content { animation: fadeIn .25s ease; }
.setup-step-content h2 { margin-bottom: 10px; font-size: 1.3rem; }
.setup-form { margin: 22px 0; }
.setup-nav { display: flex; justify-content: space-between; margin-top: 28px; }
.setup-nav button:disabled { opacity: .5; cursor: default; }
.setup-error {
background: rgba(226,85,60,.12); border: 1px solid var(--danger); color: var(--danger);
padding: 13px 16px; border-radius: var(--radius); margin-bottom: 18px;
font-size: .85rem; white-space: pre-line; font-family: 'JetBrains Mono', monospace;
}
.setup-info { background: rgba(86,198,214,.07); border: 1px solid rgba(86,198,214,.25); padding: 18px; border-radius: var(--radius); margin: 18px 0; }
.setup-info code {
display: block; background: var(--bg-sink); padding: 10px 13px; border-radius: 2px;
margin-top: 10px; font-size: .82rem; color: var(--steel); word-break: break-all;
}
.setup-hint { color: var(--warning); font-size: .82rem; margin-top: 8px; }
.setup-done { text-align: center; }
.setup-done h2 { color: var(--success); margin-bottom: 14px; }
/* ---- Monitor ------------------------------------------------------------ */
.monitor-grid { display: grid; grid-template-columns: repeat(auto-fill, minmax(270px, 1fr)); gap: 18px; margin-top: 14px; }
.monitor-card {
@@ -545,6 +513,194 @@ dd { font-size: .92rem; font-family: 'JetBrains Mono', monospace; }
.tab.active { color: var(--accent); border-bottom-color: var(--accent); }
.tab-content { margin-top: 18px; animation: fadeIn .25s ease; }
/* ---- Role Editor -------------------------------------------------------- */
.role-editor-page { animation: deck-in .35s cubic-bezier(.16,1,.3,1) both; }
.role-editor-page h2 { display: flex; align-items: center; gap: 10px; }
.role-editor-page .lead {
color: var(--text-dim); font-size: .82rem;
text-transform: uppercase; letter-spacing: .12em; margin: 8px 0 22px;
}
.role-editor-banner {
border: var(--hair); border-radius: var(--radius);
padding: 12px 16px; margin-bottom: 18px;
font-family: 'JetBrains Mono', monospace; font-size: .85rem;
display: flex; align-items: center; gap: 10px;
animation: fadeIn .25s ease;
}
.role-editor-banner.ok { background: rgba(70,180,135,.10); border-color: var(--success); color: var(--success); }
.role-editor-banner.err { background: rgba(226,85,60,.10); border-color: var(--danger); color: var(--danger); }
.role-editor-create {
background: var(--bg-card); border: var(--hair); border-radius: var(--radius);
padding: 22px 22px 18px; margin-bottom: 22px;
position: relative; max-width: 480px;
animation: fadeIn .2s ease;
}
.role-editor-create::before {
content: ''; position: absolute; left: 0; top: 0; bottom: 0; width: 3px;
background: var(--ember); border-radius: var(--radius) 0 0 var(--radius);
}
.role-editor-create h3 { margin-bottom: 14px; font-size: 1.05rem; letter-spacing: .04em; }
.role-editor-create label {
display: block; margin-bottom: 5px;
font-size: .72rem; text-transform: uppercase; letter-spacing: .12em;
color: var(--text-dim); font-family: 'JetBrains Mono', monospace;
}
.role-editor-create input {
width: 100%; padding: 9px 12px; margin-bottom: 14px;
background: var(--bg-sink); color: var(--text);
border: var(--hair); border-radius: var(--radius);
font-family: inherit; font-size: .9rem; transition: .15s;
}
.role-editor-create input:focus { border-color: var(--accent); outline: none; }
.role-editor-create .actions { display: flex; gap: 8px; }
/* ---- two-column body ---- */
.role-editor-grid {
display: grid; grid-template-columns: 280px 1fr; gap: 22px;
align-items: start;
}
@media (max-width: 980px) {
.role-editor-grid { grid-template-columns: 1fr; }
}
.role-editor-sidebar h3,
.role-editor-detail h3 {
font-size: .82rem; text-transform: uppercase; letter-spacing: .14em;
color: var(--text-dim); margin-bottom: 12px;
border-bottom: var(--hair); padding-bottom: 8px;
}
.role-editor-detail h3 .name {
color: var(--accent); font-family: 'JetBrains Mono', monospace;
letter-spacing: .04em; text-transform: none;
}
.role-list { display: flex; flex-direction: column; gap: 8px; }
.role-card {
position: relative; padding: 12px 14px;
background: var(--bg-card); border: var(--hair); border-radius: var(--radius);
cursor: pointer; transition: .15s; overflow: hidden;
}
.role-card:hover { background: var(--bg-hover); border-color: var(--border-bright); }
.role-card.active {
background: var(--ember-soft); border-color: var(--accent);
box-shadow: var(--glow);
}
.role-card.active::before {
content: ''; position: absolute; left: 0; top: 0; bottom: 0; width: 3px;
background: var(--ember);
}
.role-card .role-name {
font-family: 'Saira Condensed', sans-serif; font-weight: 700;
font-size: .98rem; color: var(--text); letter-spacing: .04em;
display: flex; align-items: center; gap: 6px;
}
.role-card .role-desc {
color: var(--text-dim); font-size: .78rem; margin-top: 3px;
line-height: 1.35;
}
.role-card .role-meta {
color: var(--steel); font-size: .68rem; margin-top: 6px;
font-family: 'JetBrains Mono', monospace; letter-spacing: .04em;
}
.role-card .role-badge-global {
font-size: .72rem; color: var(--warning);
font-family: 'JetBrains Mono', monospace;
}
/* ---- permissions ---- */
.perm-group {
background: var(--bg-card); border: var(--hair); border-radius: var(--radius);
padding: 14px 16px 16px; margin-bottom: 14px;
}
.perm-group-header {
font-family: 'Saira Condensed', sans-serif; font-weight: 600;
font-size: .85rem; text-transform: uppercase; letter-spacing: .14em;
color: var(--steel); margin-bottom: 12px;
padding-bottom: 8px; border-bottom: 1px dashed var(--border);
}
.perm-grid {
display: grid; gap: 8px;
grid-template-columns: repeat(auto-fill, minmax(230px, 1fr));
}
.perm-item {
display: flex; align-items: flex-start; gap: 10px;
padding: 9px 11px;
background: var(--bg-sink); border: 1px solid var(--border); border-radius: 3px;
cursor: pointer; transition: .12s;
user-select: none;
}
.perm-item:hover { background: var(--bg-hover); border-color: var(--border-bright); }
.perm-item.checked {
background: var(--ember-soft);
border-color: var(--accent);
box-shadow: inset 0 0 0 1px rgba(255,122,31,.18);
}
.perm-item input[type="checkbox"] {
appearance: none; -webkit-appearance: none;
width: 14px; height: 14px; margin-top: 2px;
background: var(--bg); border: 1px solid var(--border-bright);
border-radius: 2px; cursor: pointer; flex: 0 0 14px;
position: relative; transition: .12s;
}
.perm-item input[type="checkbox"]:checked {
background: var(--accent); border-color: var(--accent);
}
.perm-item input[type="checkbox"]:checked::after {
content: ''; position: absolute; left: 3px; top: 0px;
width: 4px; height: 8px;
border: solid #1a0d02; border-width: 0 2px 2px 0;
transform: rotate(45deg);
}
.perm-item .perm-body { min-width: 0; }
.perm-item .perm-name {
font-family: 'JetBrains Mono', monospace; font-size: .82rem;
color: var(--text); font-weight: 500; word-break: break-word;
}
.perm-item.checked .perm-name { color: var(--accent); }
.perm-item .perm-desc {
color: var(--text-dim); font-size: .72rem; line-height: 1.35; margin-top: 2px;
}
.role-editor-template {
display: flex; align-items: center; gap: 10px;
background: var(--bg-card); border: var(--hair); border-radius: var(--radius);
padding: 10px 14px; margin-bottom: 14px;
font-size: .82rem;
}
.role-editor-template label {
color: var(--text-dim); text-transform: uppercase;
letter-spacing: .12em; font-size: .72rem;
font-family: 'JetBrains Mono', monospace;
white-space: nowrap;
}
.role-editor-template select {
flex: 1; min-width: 0;
padding: 7px 10px;
background: var(--bg-sink); color: var(--text);
border: var(--hair); border-radius: var(--radius);
font-family: 'JetBrains Mono', monospace; font-size: .82rem;
cursor: pointer; transition: .12s;
}
.role-editor-template select:hover { border-color: var(--border-bright); }
.role-editor-template select:focus { border-color: var(--accent); outline: none; }
.role-editor-template button:disabled {
opacity: .4; cursor: not-allowed; border-color: var(--border);
}
.role-editor-actions {
display: flex; gap: 10px; margin-top: 22px;
padding-top: 18px; border-top: var(--hair);
}
.role-editor-empty {
background: var(--bg-card); border: 1px dashed var(--border);
border-radius: var(--radius); padding: 40px 28px;
text-align: center; color: var(--text-dim);
font-family: 'JetBrains Mono', monospace; font-size: .85rem;
}
/* ---- Responsive --------------------------------------------------------- */
@media (max-width: 860px) {
:root { --sidebar-w: 0px; }
@@ -552,3 +708,127 @@ dd { font-size: .92rem; font-family: 'JetBrains Mono', monospace; }
.main-content { padding: 22px 18px; }
.task-create-grid { grid-template-columns: 1fr; }
}
/* ── Knowledge Base tree (browse + structure edit) ───────────────────── */
.kb-tree {
background: var(--bg-card);
border: var(--hair);
border-radius: 8px;
padding: 16px 18px;
max-width: 960px;
}
.kb-tree-toolbar { margin-bottom: 14px; }
.kb-node { margin: 0; }
/* Each topic is a self-contained block */
.kb-topic {
border: var(--hair);
border-radius: 6px;
background: var(--bg-sink);
padding: 10px 14px;
margin-bottom: 12px;
}
.kb-topic:last-child { margin-bottom: 0; }
.kb-node-header {
display: flex;
align-items: center;
gap: 10px;
flex-wrap: wrap;
min-height: 30px;
}
.kb-node-title { color: var(--text); font-weight: 600; font-size: .94rem; }
.kb-topic-title {
color: var(--accent);
font-family: 'Saira Condensed', sans-serif;
text-transform: uppercase;
letter-spacing: .05em;
font-size: 1.05rem;
font-weight: 700;
}
.kb-category > .kb-node-header > .kb-node-title { color: var(--steel); }
/* Nested children indent under a guide line */
.kb-children {
margin: 6px 0 0 6px;
padding-left: 16px;
border-left: 2px solid var(--border);
display: flex;
flex-direction: column;
gap: 2px;
}
.kb-category { padding: 3px 0; }
.kb-fact {
display: flex;
align-items: center;
gap: 8px;
padding: 4px 6px;
font-size: .9rem;
color: var(--text);
border-radius: var(--radius);
}
.kb-fact:hover { background: var(--bg-hover); }
.kb-bullet { color: var(--accent); }
.kb-fact-text { flex: 1; min-width: 0; word-break: break-word; }
.kb-row-actions { display: inline-flex; gap: 6px; align-items: center; flex-wrap: wrap; margin-left: auto; }
/* reveal node actions on hover to keep the tree calm */
.kb-node-header .kb-row-actions,
.kb-fact .kb-row-actions { opacity: 0; transition: opacity .12s; }
.kb-node-header:hover .kb-row-actions,
.kb-topic:hover > .kb-node-header > .kb-row-actions,
.kb-fact:hover .kb-row-actions { opacity: 1; }
.kb-mini-btn {
background: transparent;
border: var(--hair);
color: var(--text-dim);
border-radius: var(--radius);
padding: 2px 8px;
font-size: .78rem;
cursor: pointer;
transition: .12s;
white-space: nowrap;
}
.kb-mini-btn:hover { border-color: var(--accent); color: var(--accent); }
.kb-mini-btn.kb-danger:hover { border-color: var(--danger); color: var(--danger); }
.kb-mini-btn:disabled { opacity: .5; cursor: default; }
.kb-inline-form { display: inline-flex; gap: 4px; align-items: center; }
.kb-inline-form input {
background: var(--bg-sink);
border: var(--hair);
color: var(--text);
border-radius: var(--radius);
padding: 2px 8px;
font-size: .9rem;
}
.kb-inline-grow { flex: 1; }
.kb-inline-grow input { flex: 1; }
/* Project-modal: linked knowledge bases */
.kb-link-section { border-top: var(--hair); padding-top: 12px; margin-top: 4px; }
.kb-link-list { list-style: none; padding: 0; margin: 6px 0; display: flex; flex-direction: column; gap: 4px; }
.kb-link-list li { display: flex; align-items: center; justify-content: space-between; gap: 8px; font-size: .9rem; }
.kb-link-add { display: flex; gap: 8px; align-items: center; margin-top: 6px; }
.kb-link-add select { flex: 1; }
/* KB node edit form (name + description) and description display */
.kb-edit-form { display: flex; flex-direction: column; gap: 6px; width: 100%; max-width: 560px; }
.kb-edit-form input,
.kb-edit-form textarea {
background: var(--bg-sink);
border: var(--hair);
color: var(--text);
border-radius: var(--radius);
padding: 4px 8px;
font: inherit;
font-size: .9rem;
}
.kb-edit-form textarea { resize: vertical; }
.kb-node-desc {
color: var(--text-dim);
font-size: .85rem;
margin: 4px 0 2px 22px;
white-space: pre-wrap;
line-height: 1.45;
}

87
src/pages/KnowledgeBaseDetailPage.tsx Normal file
View File

@@ -0,0 +1,87 @@
import { useCallback, useEffect, useState } from 'react'
import { useNavigate, useParams } from 'react-router-dom'
import api from '@/services/api'
import type { KnowledgeBase, KnowledgeBaseTree as Tree } from '@/types'
import KnowledgeBaseTree from '@/components/KnowledgeBaseTree'
import KnowledgeBaseFormModal from '@/components/KnowledgeBaseFormModal'
export default function KnowledgeBaseDetailPage() {
const { id } = useParams<{ id: string }>()
const navigate = useNavigate()
const [kb, setKb] = useState<KnowledgeBase | null>(null)
const [tree, setTree] = useState<Tree | null>(null)
const [showEdit, setShowEdit] = useState(false)
const [error, setError] = useState('')
const loadTree = useCallback(async () => {
if (!id) return
const { data } = await api.get<Tree>(`/knowledge-bases/${id}/tree`)
setTree(data)
}, [id])
const loadMeta = useCallback(async () => {
if (!id) return
const { data } = await api.get<KnowledgeBase>(`/knowledge-bases/${id}`)
setKb(data)
}, [id])
useEffect(() => {
setError('')
Promise.all([loadMeta(), loadTree()]).catch((err) => {
setError(err?.response?.data?.detail || 'Failed to load knowledge base')
})
}, [loadMeta, loadTree])
const onDelete = async () => {
if (!kb) return
if (!confirm(`Delete knowledge base "${kb.title}" and all its content?`)) return
try {
await api.delete(`/knowledge-bases/${kb.id}`)
navigate('/knowledge-bases')
} catch (err: any) {
alert(err?.response?.data?.detail || 'Failed to delete knowledge base')
}
}
if (error) {
return (
<div className="project-detail-page">
<button className="btn-back" onClick={() => navigate('/knowledge-bases')}> Knowledge Bases</button>
<p className="empty">{error}</p>
</div>
)
}
if (!kb) return <div className="loading">Loading</div>
return (
<div className="project-detail-page">
<button className="btn-back" onClick={() => navigate('/knowledge-bases')}> Knowledge Bases</button>
<div className="page-header">
<h2>
📚 {kb.title}
{kb.knowledge_base_code && <span className="badge" style={{ marginLeft: 8 }}>{kb.knowledge_base_code}</span>}
</h2>
<div style={{ display: 'flex', gap: 8 }}>
<button className="btn-secondary" onClick={() => setShowEdit(true)}>Edit</button>
<button className="btn-danger" onClick={onDelete}>Delete</button>
</div>
</div>
{kb.description && <p className="project-desc">{kb.description}</p>}
<KnowledgeBaseFormModal
isOpen={showEdit}
knowledgeBase={kb}
onClose={() => setShowEdit(false)}
onSaved={async () => { await loadMeta() }}
/>
<div className="section">
<h3>Structure</h3>
{tree && <KnowledgeBaseTree tree={tree} onChange={loadTree} />}
</div>
</div>
)
}

51
src/pages/KnowledgeBasesPage.tsx Normal file
View File

@@ -0,0 +1,51 @@
import { useState, useEffect } from 'react'
import { useNavigate } from 'react-router-dom'
import api from '@/services/api'
import type { KnowledgeBase } from '@/types'
import dayjs from 'dayjs'
import KnowledgeBaseFormModal from '@/components/KnowledgeBaseFormModal'
export default function KnowledgeBasesPage() {
const [items, setItems] = useState<KnowledgeBase[]>([])
const [showCreate, setShowCreate] = useState(false)
const navigate = useNavigate()
const fetchItems = () => {
api.get<KnowledgeBase[]>('/knowledge-bases').then(({ data }) => setItems(data)).catch(() => setItems([]))
}
useEffect(() => { fetchItems() }, [])
return (
<div className="projects-page">
<div className="page-header">
<h2>📚 Knowledge Bases ({items.length})</h2>
<button className="btn-primary" onClick={() => setShowCreate(true)}>+ New</button>
</div>
<KnowledgeBaseFormModal
isOpen={showCreate}
onClose={() => setShowCreate(false)}
onSaved={() => fetchItems()}
/>
<div className="project-grid">
{items.map((kb) => (
<div
key={kb.id}
className="project-card"
onClick={() => navigate(`/knowledge-bases/${kb.knowledge_base_code || kb.id}`)}
>
<h3>{kb.title}</h3>
{kb.knowledge_base_code && <span className="badge" style={{ marginLeft: 8 }}>{kb.knowledge_base_code}</span>}
<p className="project-desc">{kb.description || 'No description'}</p>
<div className="project-meta">
<span>Created {kb.created_at ? dayjs(kb.created_at).format('YYYY-MM-DD') : '—'}</span>
</div>
</div>
))}
{items.length === 0 && <p className="empty">No knowledge bases yet. Create one above.</p>}
</div>
</div>
)
}

85
src/pages/LoginPage.tsx
View File

@@ -1,15 +1,31 @@
import React, { useState } from 'react'
import { useAuthConfig, oidcLoginHref } from '@/hooks/useAuthConfig'
import { getLogoUrl } from '@/runtime'
interface Props {
onLogin: (username: string, password: string) => Promise<void>
}
const OIDC_ERRORS: Record<string, string> = {
not_linked: 'This OIDC account is not linked to any HarborForge user. Ask an administrator to bind it first.',
exchange_failed: 'OIDC sign-in failed during token exchange. Please try again.',
no_subject: 'The identity provider did not return a subject. Sign-in aborted.',
token_rejected: 'The issued session token was rejected. Please try again.',
missing_token: 'No session token was returned. Please try again.',
link_not_allowed: 'Account linking is not allowed in this mode.',
already_bound: 'That OIDC identity is already bound to another user.',
}
export default function LoginPage({ onLogin }: Props) {
const { config, loading: cfgLoading } = useAuthConfig()
const [username, setUsername] = useState('')
const [password, setPassword] = useState('')
const [error, setError] = useState('')
const [loading, setLoading] = useState(false)
const urlError = new URLSearchParams(window.location.search).get('oidc_error')
const oidcError = urlError ? (OIDC_ERRORS[urlError] || `OIDC error: ${urlError}`) : ''
const handleSubmit = async (e: React.FormEvent) => {
e.preventDefault()
setError('')
@@ -23,31 +39,58 @@ export default function LoginPage({ onLogin }: Props) {
}
}
const showPassword = !cfgLoading && config.passwordLogin && !config.oidcOnly
const showOidc = !cfgLoading && config.oidcEnabled
return (
<div className="login-page">
<div className="login-card">
<h1> HarborForge</h1>
<h1><img src={getLogoUrl()} className="brand-logo" alt="" /> HarborForge</h1>
<p className="subtitle">Agent/Human collaborative task management platform</p>
<form onSubmit={handleSubmit}>
<input
type="text"
placeholder="Username"
value={username}
onChange={(e) => setUsername(e.target.value)}
required
/>
<input
type="password"
placeholder="Password"
value={password}
onChange={(e) => setPassword(e.target.value)}
required
/>
{error && <p className="error">{error}</p>}
<button type="submit" disabled={loading}>
{loading ? 'Signing in...' : 'Sign in'}
</button>
</form>
{oidcError && <p className="error" style={{ marginBottom: 14 }}>{oidcError}</p>}
{showPassword && (
<form onSubmit={handleSubmit}>
<input
type="text"
placeholder="Username"
value={username}
onChange={(e) => setUsername(e.target.value)}
required
/>
<input
type="password"
placeholder="Password"
value={password}
onChange={(e) => setPassword(e.target.value)}
required
/>
{error && <p className="error">{error}</p>}
<button type="submit" disabled={loading}>
{loading ? 'Signing in...' : 'Sign in'}
</button>
</form>
)}
{showPassword && showOidc && (
<p className="text-dim" style={{ textAlign: 'center', margin: '14px 0' }}> or </p>
)}
{showOidc && (
<a
className="btn-primary"
style={{ display: 'block', textAlign: 'center', textDecoration: 'none' }}
href={oidcLoginHref(config)}
>
Sign in with SSO
</a>
)}
{cfgLoading && <p className="subtitle">Loading sign-in options</p>}
{!cfgLoading && !showPassword && !showOidc && (
<p className="error">No sign-in method is available. Check server configuration.</p>
)}
</div>
</div>
)

56
src/pages/OidcCallbackPage.tsx Normal file
View File

@@ -0,0 +1,56 @@
import { useEffect, useRef, useState } from 'react'
import { useNavigate } from 'react-router-dom'
import { getLogoUrl } from '@/runtime'
interface Props {
onToken: (token: string) => Promise<void>
}
/**
* Lands here after the backend OIDC callback redirect.
* - sign-in: URL fragment `#token=<jwt>` → apply token, go to dashboard
* - self-link: query `?oidc_linked=1` → success notice, go to /users
* - failure: query `?oidc_error=<code>` → back to /login with the code
*/
export default function OidcCallbackPage({ onToken }: Props) {
const navigate = useNavigate()
const [msg, setMsg] = useState('Completing sign-in…')
const ran = useRef(false)
useEffect(() => {
if (ran.current) return
ran.current = true
const hash = new URLSearchParams(window.location.hash.replace(/^#/, ''))
const query = new URLSearchParams(window.location.search)
const token = hash.get('token')
const oidcError = query.get('oidc_error')
const linked = query.get('oidc_linked')
if (oidcError) {
navigate(`/login?oidc_error=${encodeURIComponent(oidcError)}`, { replace: true })
return
}
if (linked) {
setMsg('OIDC account linked. Redirecting…')
const t = setTimeout(() => navigate('/users', { replace: true }), 1200)
return () => clearTimeout(t)
}
if (token) {
onToken(token)
.then(() => navigate('/', { replace: true }))
.catch(() => navigate('/login?oidc_error=token_rejected', { replace: true }))
return
}
navigate('/login?oidc_error=missing_token', { replace: true })
}, [navigate, onToken])
return (
<div className="login-page">
<div className="login-card">
<h1><img src={getLogoUrl()} className="brand-logo" alt="" /> HarborForge</h1>
<p className="subtitle">{msg}</p>
</div>
</div>
)
}

171
src/pages/OidcSettingsPage.tsx Normal file
View File

@@ -0,0 +1,171 @@
import { useEffect, useState } from 'react'
import api from '@/services/api'
import { useAuth } from '@/hooks/useAuth'
interface Settings {
enabled: boolean
issuer: string | null
client_id: string | null
has_client_secret: boolean
redirect_uri: string | null
scopes: string | null
post_login_redirect: string | null
admin_role: string
oidc_only: boolean
effective_enabled: boolean
source: string
}
export default function OidcSettingsPage() {
const { user } = useAuth()
const isAdmin = user?.is_admin === true
const [loaded, setLoaded] = useState<Settings | null>(null)
const [loading, setLoading] = useState(true)
const [saving, setSaving] = useState(false)
const [message, setMessage] = useState('')
const [form, setForm] = useState({
enabled: false,
issuer: '',
client_id: '',
client_secret: '',
redirect_uri: '',
scopes: 'openid email profile',
post_login_redirect: '',
admin_role: 'admin',
})
useEffect(() => {
if (!isAdmin) { setLoading(false); return }
api.get<Settings>('/auth/oidc/settings')
.then(({ data }) => {
setLoaded(data)
setForm({
enabled: data.enabled,
issuer: data.issuer || '',
client_id: data.client_id || '',
client_secret: '',
redirect_uri: data.redirect_uri || '',
scopes: data.scopes || 'openid email profile',
post_login_redirect: data.post_login_redirect || '',
admin_role: data.admin_role || 'admin',
})
})
.catch((e) => setMessage(e.response?.data?.detail || 'Failed to load OIDC settings'))
.finally(() => setLoading(false))
}, [isAdmin])
const save = async () => {
setSaving(true)
setMessage('')
try {
const payload: Record<string, any> = {
enabled: form.enabled,
issuer: form.issuer.trim(),
client_id: form.client_id.trim(),
redirect_uri: form.redirect_uri.trim(),
scopes: form.scopes.trim(),
post_login_redirect: form.post_login_redirect.trim(),
admin_role: form.admin_role.trim() || 'admin',
}
if (form.client_secret) payload.client_secret = form.client_secret
const { data } = await api.put<Settings>('/auth/oidc/settings', payload)
setLoaded(data)
setForm((f) => ({ ...f, client_secret: '' }))
setMessage('OIDC settings saved successfully')
} catch (e: any) {
setMessage(e.response?.data?.detail || 'Failed to save OIDC settings')
} finally {
setSaving(false)
}
}
if (loading) return <div className="loading">Loading OIDC settings...</div>
if (!isAdmin) {
return (
<div className="section">
<h2>🔐 OIDC Settings</h2>
<p className="empty">Admin access required.</p>
</div>
)
}
const callbackHint = form.redirect_uri.trim() || loaded?.redirect_uri || '(set the Redirect / Callback URL below)'
return (
<div className="section">
<div className="page-header">
<div>
<h2>🔐 OIDC Settings</h2>
<div className="text-dim">Configure the OpenID Connect provider. Saved values override environment defaults.</div>
</div>
</div>
{message && (
<div style={{
padding: '10px 12px', marginBottom: 16, borderRadius: 8,
background: message.includes('success') ? 'rgba(70,180,135,.14)' : 'rgba(226,85,60,.14)',
border: `1px solid ${message.includes('success') ? 'rgba(70,180,135,.4)' : 'rgba(226,85,60,.4)'}`,
}}>{message}</div>
)}
<div className="monitor-card" style={{ marginBottom: 16 }}>
<div className="monitor-card-header">
<div style={{ fontWeight: 600 }}>Status</div>
<span className={'badge ' + (loaded?.effective_enabled ? 'status-online' : 'status-offline')}>
{loaded?.effective_enabled ? 'OIDC active' : 'OIDC inactive'}
</span>
</div>
<div className="monitor-metrics">
config source: <b>{loaded?.source}</b> · OIDC-only mode (deploy env): <b>{loaded?.oidc_only ? 'on' : 'off'}</b>
</div>
<div style={{ marginTop: 8 }}>
<div className="text-dim">Register this Redirect / Callback URL at your identity provider:</div>
<code style={{ display: 'block', marginTop: 6, wordBreak: 'break-all' }}>{callbackHint}</code>
</div>
</div>
<div className="task-create-form" style={{ maxWidth: 640 }}>
<label className="filter-check">
<input type="checkbox" checked={form.enabled} onChange={(e) => setForm({ ...form, enabled: e.target.checked })} />
Enable OIDC sign-in
</label>
<label>
Issuer (OIDC source)
<input placeholder="https://idp.example.com" value={form.issuer} onChange={(e) => setForm({ ...form, issuer: e.target.value })} />
</label>
<label>
Client ID
<input value={form.client_id} onChange={(e) => setForm({ ...form, client_id: e.target.value })} />
</label>
<label>
Client Secret
<input type="password" placeholder={loaded?.has_client_secret ? '•••••• (leave blank to keep current)' : 'client secret'} value={form.client_secret} onChange={(e) => setForm({ ...form, client_secret: e.target.value })} />
</label>
<label>
Redirect / Callback URL
<input placeholder="https://hf-api.example.com/auth/oidc/callback" value={form.redirect_uri} onChange={(e) => setForm({ ...form, redirect_uri: e.target.value })} />
</label>
<label>
Scopes
<input value={form.scopes} onChange={(e) => setForm({ ...form, scopes: e.target.value })} />
</label>
<label>
Post-login redirect (frontend)
<input placeholder="https://hf.example.com/oidc/callback" value={form.post_login_redirect} onChange={(e) => setForm({ ...form, post_login_redirect: e.target.value })} />
</label>
<label>
Admin role (bootstrap)
<input placeholder="admin" value={form.admin_role} onChange={(e) => setForm({ ...form, admin_role: e.target.value })} />
</label>
<p className="text-dim">
OIDC-only bootstrap: before any admin is linked, an IdP user whose token carries this role
auto-connects to the HarborForge admin account on first sign-in. Disables itself once an admin is bound.
</p>
<button className="btn-primary" disabled={saving} onClick={save}>
{saving ? 'Saving...' : 'Save OIDC Settings'}
</button>
</div>
</div>
)
}

331
src/pages/RoleEditorPage.tsx
View File

@@ -25,22 +25,22 @@ export default function RoleEditorPage() {
const [loading, setLoading] = useState(true)
const [saving, setSaving] = useState(false)
const [message, setMessage] = useState('')
const [messageOk, setMessageOk] = useState(true)
const [showCreateForm, setShowCreateForm] = useState(false)
const [newRoleName, setNewRoleName] = useState('')
const [newRoleDesc, setNewRoleDesc] = useState('')
const [creating, setCreating] = useState(false)
const [templateRoleId, setTemplateRoleId] = useState<string>('')
const isAdmin = user?.is_admin === true
useEffect(() => {
fetchData()
}, [])
useEffect(() => { fetchData() }, [])
const fetchData = async () => {
try {
const [rolesRes, permsRes] = await Promise.all([
api.get('/roles'),
api.get('/roles/permissions')
api.get('/roles/permissions'),
])
setRoles(rolesRes.data)
setPermissions(permsRes.data)
@@ -54,63 +54,81 @@ export default function RoleEditorPage() {
const handlePermissionToggle = (permId: number) => {
if (!selectedRole) return
const newPermIds = selectedRole.permission_ids.includes(permId)
? selectedRole.permission_ids.filter(id => id !== permId)
? selectedRole.permission_ids.filter((id) => id !== permId)
: [...selectedRole.permission_ids, permId]
setSelectedRole({ ...selectedRole, permission_ids: newPermIds })
}
// Copy a source role's permission_ids over the current selection.
// Replaces (not merges) — the user explicitly clicked "use as template".
// Local-only: nothing persists until they hit "Save changes".
const handleApplyTemplate = () => {
if (!selectedRole || !templateRoleId) return
const src = roles.find((r) => String(r.id) === templateRoleId)
if (!src) return
setSelectedRole({ ...selectedRole, permission_ids: [...src.permission_ids] })
flashMessage(
`Loaded ${src.permission_ids.length} permissions from "${src.name}" — not saved yet`,
true,
)
}
const flashMessage = (msg: string, ok: boolean) => {
setMessage(msg); setMessageOk(ok)
}
const handleSave = async () => {
if (!selectedRole) return
setSaving(true)
setMessage('')
setSaving(true); setMessage('')
try {
await api.post(`/roles/${selectedRole.id}/permissions`, {
permission_ids: selectedRole.permission_ids
permission_ids: selectedRole.permission_ids,
})
setMessage('Saved successfully!')
flashMessage('Saved successfully', true)
fetchData()
} catch (err: any) {
setMessage(err.response?.data?.detail || 'Failed to save')
flashMessage(err.response?.data?.detail || 'Failed to save', false)
} finally {
setSaving(false)
}
}
const handleDeleteRole = async () => {
if (!selectedRole || !confirm(`Are you sure you want to delete the "${selectedRole.name}" role?`)) return
setSaving(true)
setMessage('')
if (!selectedRole) return
if (!confirm(`Delete the "${selectedRole.name}" role?`)) return
setSaving(true); setMessage('')
try {
await api.delete(`/roles/${selectedRole.id}`)
setMessage('Role deleted successfully!')
flashMessage('Role deleted', true)
setSelectedRole(null)
fetchData()
} catch (err: any) {
setMessage(err.response?.data?.detail || 'Failed to delete role')
flashMessage(err.response?.data?.detail || 'Failed to delete role', false)
} finally {
setSaving(false)
}
}
const canDeleteRole = selectedRole && !['admin', 'guest', 'account-manager'].includes(selectedRole.name) && isAdmin
const canDeleteRole =
selectedRole &&
!['admin', 'guest', 'account-manager'].includes(selectedRole.name) &&
isAdmin
const handleCreateRole = async () => {
if (!newRoleName.trim()) return
setCreating(true)
setMessage('')
setCreating(true); setMessage('')
try {
await api.post('/roles', {
name: newRoleName.trim(),
description: newRoleDesc.trim() || null,
is_global: false
is_global: false,
})
setMessage('Role created successfully!')
flashMessage('Role created', true)
setShowCreateForm(false)
setNewRoleName('')
setNewRoleDesc('')
setNewRoleName(''); setNewRoleDesc('')
fetchData()
} catch (err: any) {
setMessage(err.response?.data?.detail || 'Failed to create role')
flashMessage(err.response?.data?.detail || 'Failed to create role', false)
} finally {
setCreating(false)
}
@@ -122,195 +140,156 @@ export default function RoleEditorPage() {
return acc
}, {} as Record<string, Permission[]>)
if (loading) return <div className="p-4">Loading...</div>
if (loading) return <div className="loading">Loading roles</div>
return (
<div className="role-editor-page" style={{ padding: '20px' }}>
<div className="role-editor-page">
<h2>🔐 Role Editor</h2>
<p style={{ color: '#888', marginBottom: '20px' }}>
Configure permissions for each role. Only admins can edit roles.
</p>
<p className="lead">Configure permissions for each role. Only admins can edit roles.</p>
{isAdmin && !showCreateForm && (
<button
onClick={() => setShowCreateForm(true)}
className="btn-primary"
style={{ marginBottom: '20px' }}
>
<button className="btn-primary" onClick={() => setShowCreateForm(true)}
style={{ marginBottom: 18 }}>
+ Create New Role
</button>
)}
{showCreateForm && (
<div style={{
border: '2px solid #007bff',
borderRadius: '8px',
padding: '20px',
marginBottom: '20px',
backgroundColor: '#f8f9fa'
}}>
<h3 style={{ marginTop: 0 }}>Create New Role</h3>
<div style={{ display: 'flex', flexDirection: 'column', gap: '12px', maxWidth: '400px' }}>
<div>
<label style={{ display: 'block', marginBottom: '4px', fontWeight: 500 }}>
Role Name *
</label>
<input
type="text"
value={newRoleName}
onChange={(e) => setNewRoleName(e.target.value)}
placeholder="e.g., developer, manager"
style={{ width: '100%', padding: '8px', borderRadius: '4px', border: '1px solid #ddd' }}
/>
</div>
<div>
<label style={{ display: 'block', marginBottom: '4px', fontWeight: 500 }}>
Description
</label>
<input
type="text"
value={newRoleDesc}
onChange={(e) => setNewRoleDesc(e.target.value)}
placeholder="Role description"
style={{ width: '100%', padding: '8px', borderRadius: '4px', border: '1px solid #ddd' }}
/>
</div>
<div style={{ display: 'flex', gap: '8px' }}>
<button
onClick={handleCreateRole}
disabled={creating || !newRoleName.trim()}
className="btn-primary"
>
{creating ? 'Creating...' : 'Create'}
</button>
<button
onClick={() => {
setShowCreateForm(false)
setNewRoleName('')
setNewRoleDesc('')
}}
className="btn-secondary"
style={{ padding: '8px 16px', borderRadius: '4px', border: '1px solid #ddd', background: '#fff' }}
>
Cancel
</button>
</div>
<div className="role-editor-create">
<h3>Create new role</h3>
<label>Role name *</label>
<input
type="text"
value={newRoleName}
onChange={(e) => setNewRoleName(e.target.value)}
placeholder="e.g. developer, manager"
/>
<label>Description</label>
<input
type="text"
value={newRoleDesc}
onChange={(e) => setNewRoleDesc(e.target.value)}
placeholder="(optional) short description"
/>
<div className="actions">
<button className="btn-primary" disabled={creating || !newRoleName.trim()}
onClick={handleCreateRole}>
{creating ? 'Creating…' : 'Create'}
</button>
<button className="btn-secondary"
onClick={() => { setShowCreateForm(false); setNewRoleName(''); setNewRoleDesc('') }}>
Cancel
</button>
</div>
</div>
)}
{message && (
<div style={{
padding: '10px',
marginBottom: '20px',
backgroundColor: message.includes('success') ? '#d4edda' : '#f8d7da',
borderRadius: '4px'
}}>
{message}
<div className={`role-editor-banner ${messageOk ? 'ok' : 'err'}`}>
<span>{messageOk ? '✓' : '✗'}</span>
<span>{message}</span>
</div>
)}
<div style={{ display: 'flex', gap: '20px' }}>
{/* Role List */}
<div style={{ width: '250px' }}>
<div className="role-editor-grid">
{/* Roles sidebar */}
<aside className="role-editor-sidebar">
<h3>Roles</h3>
<div style={{ display: 'flex', flexDirection: 'column', gap: '8px' }}>
{roles.map(role => (
<div
key={role.id}
onClick={() => setSelectedRole({ ...role })}
style={{
padding: '12px',
border: selectedRole?.id === role.id ? '2px solid #007bff' : '1px solid #ddd',
borderRadius: '6px',
cursor: 'pointer',
backgroundColor: selectedRole?.id === role.id ? '#f0f8ff' : 'white'
}}
>
<strong>{role.name}</strong>
{role.is_global && <span style={{ fontSize: '12px', marginLeft: '8px', color: '#ff6b6b' }}>🌟</span>}
<div style={{ fontSize: '12px', color: '#666' }}>{role.description}</div>
<div style={{ fontSize: '11px', color: '#999', marginTop: '4px' }}>
{role.permission_ids.length} permissions
<div className="role-list">
{roles.map((role) => {
const active = selectedRole?.id === role.id
return (
<div
key={role.id}
className={`role-card${active ? ' active' : ''}`}
onClick={() => setSelectedRole({ ...role })}
>
<div className="role-name">
{role.name}
{role.is_global && <span className="role-badge-global" title="global"></span>}
</div>
{role.description && <div className="role-desc">{role.description}</div>}
<div className="role-meta">{role.permission_ids.length} permissions</div>
</div>
</div>
))}
)
})}
</div>
</div>
</aside>
{/* Permission Editor */}
<div style={{ flex: 1 }}>
{/* Permission editor */}
<section className="role-editor-detail">
{selectedRole ? (
<>
<h3>Permissions for: {selectedRole.name}</h3>
<div style={{ display: 'flex', flexDirection: 'column', gap: '20px' }}>
{Object.entries(groupedPermissions).map(([category, perms]) => (
<div key={category} style={{
border: '1px solid #eee',
borderRadius: '8px',
padding: '12px'
}}>
<h4 style={{ margin: '0 0 10px 0', textTransform: 'capitalize' }}>
{category}
</h4>
<div style={{ display: 'grid', gridTemplateColumns: 'repeat(auto-fill, minmax(200px, 1fr))', gap: '8px' }}>
{perms.map(perm => (
<label key={perm.id} style={{
display: 'flex',
alignItems: 'center',
gap: '8px',
cursor: 'pointer',
padding: '6px',
borderRadius: '4px',
backgroundColor: selectedRole.permission_ids.includes(perm.id) ? '#e8f5e9' : 'transparent'
}}>
<h3>Permissions for <span className="name">{selectedRole.name}</span></h3>
{isAdmin && roles.length > 1 && (
<div className="role-editor-template">
<label htmlFor="tpl-select">Copy from template:</label>
<select
id="tpl-select"
value={templateRoleId}
onChange={(e) => setTemplateRoleId(e.target.value)}
>
<option value=""> select a role </option>
{roles
.filter((r) => r.id !== selectedRole.id)
.map((r) => (
<option key={r.id} value={r.id}>
{r.name} ({r.permission_ids.length} perms)
</option>
))}
</select>
<button
className="btn-secondary"
disabled={!templateRoleId}
onClick={handleApplyTemplate}
title="Replace current checkboxes with the template role's permission set (local; not saved until you click Save changes)"
>
Use as template
</button>
</div>
)}
{Object.entries(groupedPermissions).map(([category, perms]) => (
<div key={category} className="perm-group">
<div className="perm-group-header">{category}</div>
<div className="perm-grid">
{perms.map((perm) => {
const checked = selectedRole.permission_ids.includes(perm.id)
return (
<label key={perm.id} className={`perm-item${checked ? ' checked' : ''}`}>
<input
type="checkbox"
checked={selectedRole.permission_ids.includes(perm.id)}
checked={checked}
onChange={() => handlePermissionToggle(perm.id)}
/>
<div>
<div style={{ fontWeight: 500 }}>{perm.name}</div>
<div style={{ fontSize: '11px', color: '#666' }}>{perm.description}</div>
<div className="perm-body">
<div className="perm-name">{perm.name}</div>
<div className="perm-desc">{perm.description}</div>
</div>
</label>
))}
</div>
)
})}
</div>
))}
</div>
<button
onClick={handleSave}
disabled={saving}
className="btn-primary"
style={{ marginTop: '20px', marginRight: '10px' }}
>
{saving ? 'Saving...' : 'Save Changes'}
</button>
{canDeleteRole && (
<button
onClick={handleDeleteRole}
disabled={saving}
style={{
marginTop: '20px',
padding: '10px 20px',
borderRadius: '4px',
border: '1px solid #dc3545',
backgroundColor: '#dc3545',
color: 'white',
cursor: 'pointer'
}}
>
Delete Role
</div>
))}
<div className="role-editor-actions">
<button className="btn-primary" disabled={saving} onClick={handleSave}>
{saving ? 'Saving…' : 'Save changes'}
</button>
)}
{canDeleteRole && (
<button className="btn-danger" disabled={saving} onClick={handleDeleteRole}>
Delete role
</button>
)}
</div>
</>
) : (
<div style={{ color: '#888', textAlign: 'center', marginTop: '40px' }}>
Select a role to edit its permissions
<div className="role-editor-empty">
Select a role on the left to edit its permissions
</div>
)}
</div>
</section>
</div>
</div>
)

202
src/pages/SetupWizardPage.tsx
View File

@@ -1,202 +0,0 @@
import { useState } from 'react'
import axios from 'axios'
interface Props {
initialWizardPort: number | null
onComplete: () => void
}
interface SetupForm {
admin_username: string
admin_password: string
admin_email: string
admin_full_name: string
backend_base_url: string
project_name: string
project_description: string
}
const STEPS = ['Wizard', 'Admin', 'Backend', 'Finish']
export default function SetupWizardPage({ initialWizardPort, onComplete }: Props) {
const [step, setStep] = useState(0)
const [error, setError] = useState('')
const [saving, setSaving] = useState(false)
const [connecting, setConnecting] = useState(false)
const [wizardPortInput, setWizardPortInput] = useState<string>(
initialWizardPort ? String(initialWizardPort) : ''
)
const [wizardBase, setWizardBase] = useState<string>('')
const [form, setForm] = useState<SetupForm>({
admin_username: 'admin',
admin_password: '',
admin_email: '',
admin_full_name: 'Admin',
backend_base_url: '',
project_name: '',
project_description: '',
})
const set = (key: keyof SetupForm, value: string | number) =>
setForm((f) => ({ ...f, [key]: value }))
const checkWizard = async () => {
setError('')
const port = Number(wizardPortInput)
if (!port || port <= 0 || port > 65535) {
setError('Please enter a valid wizard port (1-65535).')
return
}
const base = `http://127.0.0.1:${port}`
setConnecting(true)
try {
await axios.get(`${base}/health`, { timeout: 5000 })
setWizardBase(base)
localStorage.setItem('HF_WIZARD_PORT', String(port))
setStep(1)
} catch {
setError(`Unable to connect to AbstractWizard at ${base}.\nMake sure the SSH tunnel is up:\nssh -L ${port}:127.0.0.1:${port} user@server`)
} finally {
setConnecting(false)
}
}
const saveConfig = async () => {
setError('')
setSaving(true)
try {
const config = {
initialized: true,
admin: {
username: form.admin_username,
password: form.admin_password,
email: form.admin_email,
full_name: form.admin_full_name,
},
backend_url: form.backend_base_url || undefined,
}
await axios.put(`${wizardBase}/api/v1/config/harborforge.json`, config, {
headers: { 'Content-Type': 'application/json' },
timeout: 5000,
})
if (form.backend_base_url) {
localStorage.setItem('HF_BACKEND_BASE_URL', form.backend_base_url)
}
setStep(3)
} catch (err: any) {
setError(`Failed to save configuration: ${err.message}`)
} finally {
setSaving(false)
}
}
return (
<div className="setup-wizard">
<div className="setup-container">
<div className="setup-header">
<h1> HarborForge Setup Wizard</h1>
<div className="setup-steps">
{STEPS.map((s, i) => (
<span key={i} className={`setup-step ${i === step ? 'active' : i < step ? 'done' : ''}`}>
{i < step ? '✓' : i + 1}. {s}
</span>
))}
</div>
</div>
{error && <div className="setup-error">{error}</div>}
{/* Step 0: Wizard connection */}
{step === 0 && (
<div className="setup-step-content">
<h2>Connect to AbstractWizard</h2>
<p className="text-dim">Enter the local port that forwards to AbstractWizard, then test the connection.</p>
<div className="setup-info">
<p> AbstractWizard is reached over an SSH tunnel. Forward the port first:</p>
<code>ssh -L &lt;wizard_port&gt;:127.0.0.1:&lt;wizard_port&gt; user@your-server</code>
</div>
<div className="setup-form">
<label>
Wizard port
<input
type="number"
value={wizardPortInput}
min={1}
max={65535}
onChange={(e) => setWizardPortInput(e.target.value)}
placeholder="e.g. 8080"
/>
</label>
</div>
<div className="setup-nav">
<button className="btn-primary" onClick={checkWizard} disabled={connecting}>
{connecting ? 'Connecting...' : 'Test connection & continue'}
</button>
</div>
</div>
)}
{/* Step 1: Admin */}
{step === 1 && (
<div className="setup-step-content">
<h2>Admin account</h2>
<p className="text-dim">Create the first admin user</p>
<div className="setup-form">
<label>Username <input value={form.admin_username} onChange={(e) => set('admin_username', e.target.value)} required /></label>
<label>Password <input type="password" value={form.admin_password} onChange={(e) => set('admin_password', e.target.value)} required placeholder="Set admin password" /></label>
<label>Email <input type="email" value={form.admin_email} onChange={(e) => set('admin_email', e.target.value)} placeholder="admin@example.com" /></label>
<label>Full name <input value={form.admin_full_name} onChange={(e) => set('admin_full_name', e.target.value)} /></label>
</div>
<div className="setup-nav">
<button className="btn-back" onClick={() => setStep(0)}>Back</button>
<button className="btn-primary" onClick={() => {
if (!form.admin_password) { setError('Please set an admin password'); return }
setError('')
setStep(2)
}}>Next</button>
</div>
</div>
)}
{/* Step 2: Backend */}
{step === 2 && (
<div className="setup-step-content">
<h2>Backend URL</h2>
<p className="text-dim">Configure the HarborForge backend API URL (leave blank to use the frontend default).</p>
<div className="setup-form">
<label>Backend Base URL <input value={form.backend_base_url} onChange={(e) => set('backend_base_url', e.target.value)} placeholder="http://backend:8000" /></label>
</div>
<div className="setup-nav">
<button className="btn-back" onClick={() => setStep(1)}>Back</button>
<button className="btn-primary" onClick={saveConfig} disabled={saving}>
{saving ? 'Saving...' : 'Finish setup'}
</button>
</div>
</div>
)}
{/* Step 3: Done */}
{step === 3 && (
<div className="setup-step-content">
<div className="setup-done">
<h2> Setup complete!</h2>
<p>Configuration saved to AbstractWizard.</p>
<div className="setup-info">
<p>Restart services on the server:</p>
<code>docker compose restart</code>
<p style={{ marginTop: '1rem' }}>After the backend starts, refresh this page to go to login.</p>
<p>Admin account: <strong>{form.admin_username}</strong></p>
</div>
<button className="btn-primary" onClick={onComplete}>
Refresh to check
</button>
</div>
</div>
)}
</div>
</div>
)
}

106
src/pages/UsersPage.tsx
View File

@@ -1,6 +1,7 @@
import { useEffect, useMemo, useState } from 'react'
import api from '@/services/api'
import { useAuth } from '@/hooks/useAuth'
import { useAuthConfig } from '@/hooks/useAuthConfig'
import type { User } from '@/types'
interface RoleOption {
@@ -16,8 +17,13 @@ interface ApiKeyPerms {
export default function UsersPage() {
const { user } = useAuth()
const { config: authCfg } = useAuthConfig()
const oidcOnly = authCfg.oidcOnly
const oidcEnabled = authCfg.oidcEnabled
const isAdmin = user?.is_admin === true
const [bindForm, setBindForm] = useState({ issuer: '', subject: '' })
const [users, setUsers] = useState<User[]>([])
const [roles, setRoles] = useState<RoleOption[]>([])
const [loading, setLoading] = useState(true)
@@ -105,17 +111,20 @@ export default function UsersPage() {
}
const handleCreateUser = async () => {
if (!createForm.username.trim() || !createForm.email.trim() || !createForm.password.trim()) return
if (!createForm.username.trim() || !createForm.email.trim()) return
if (!oidcOnly && !createForm.password.trim()) return
setSaving(true)
setMessage('')
try {
const payload = {
const payload: Record<string, any> = {
username: createForm.username.trim(),
email: createForm.email.trim(),
full_name: createForm.full_name.trim() || null,
password: createForm.password,
role_id: createForm.role_id ? Number(createForm.role_id) : undefined,
}
if (!oidcOnly) {
payload.password = createForm.password
}
const { data } = await api.post<User>('/users', payload)
const guestRole = roles.find((r) => r.name === 'guest') ?? roles[0]
setCreateForm({
@@ -201,6 +210,42 @@ export default function UsersPage() {
}
}
const handleBindOidc = async () => {
if (!selectedUser) return
if (!bindForm.issuer.trim() || !bindForm.subject.trim()) return
setSaving(true)
setMessage('')
try {
await api.put(`/users/${selectedUser.id}/oidc-binding`, {
issuer: bindForm.issuer.trim(),
subject: bindForm.subject.trim(),
})
setBindForm({ issuer: '', subject: '' })
setMessage('OIDC identity bound successfully')
await fetchData()
} catch (err: any) {
setMessage(err.response?.data?.detail || 'Failed to bind OIDC identity')
} finally {
setSaving(false)
}
}
const handleUnbindOidc = async () => {
if (!selectedUser) return
if (!confirm(`Remove the OIDC binding for ${selectedUser.username}?`)) return
setSaving(true)
setMessage('')
try {
await api.delete(`/users/${selectedUser.id}/oidc-binding`)
setMessage('OIDC binding removed')
await fetchData()
} catch (err: any) {
setMessage(err.response?.data?.detail || 'Failed to remove OIDC binding')
} finally {
setSaving(false)
}
}
if (loading) return <div className="loading">Loading users...</div>
if (!isAdmin) {
@@ -251,10 +296,15 @@ export default function UsersPage() {
Full Name
<input value={createForm.full_name} onChange={(e) => setCreateForm({ ...createForm, full_name: e.target.value })} />
</label>
<label>
Password
<input type="password" value={createForm.password} onChange={(e) => setCreateForm({ ...createForm, password: e.target.value })} />
</label>
{!oidcOnly && (
<label>
Password
<input type="password" value={createForm.password} onChange={(e) => setCreateForm({ ...createForm, password: e.target.value })} />
</label>
)}
{oidcOnly && (
<p className="text-dim">OIDC-only mode: users are created without a password and sign in via a bound OIDC identity.</p>
)}
<label>
Role
<select value={createForm.role_id} onChange={(e) => setCreateForm({ ...createForm, role_id: e.target.value })}>
@@ -264,7 +314,7 @@ export default function UsersPage() {
))}
</select>
</label>
<button className="btn-primary" disabled={saving || !createForm.username.trim() || !createForm.email.trim() || !createForm.password.trim() || !createForm.role_id} onClick={handleCreateUser}>
<button className="btn-primary" disabled={saving || !createForm.username.trim() || !createForm.email.trim() || (!oidcOnly && !createForm.password.trim()) || !createForm.role_id} onClick={handleCreateUser}>
{saving ? 'Saving...' : 'Create User'}
</button>
</div>
@@ -326,10 +376,12 @@ export default function UsersPage() {
Full Name
<input value={editForm.full_name} onChange={(e) => setEditForm({ ...editForm, full_name: e.target.value })} />
</label>
<label>
Reset Password
<input type="password" placeholder="Leave blank to keep current password" value={editForm.password} onChange={(e) => setEditForm({ ...editForm, password: e.target.value })} />
</label>
{!oidcOnly && (
<label>
Reset Password
<input type="password" placeholder="Leave blank to keep current password" value={editForm.password} onChange={(e) => setEditForm({ ...editForm, password: e.target.value })} />
</label>
)}
<div style={{ marginTop: '8px', padding: '12px', border: '1px solid var(--border)', borderRadius: '8px' }}>
<div style={{ fontWeight: 600, marginBottom: '10px' }}>Role</div>
@@ -381,6 +433,36 @@ export default function UsersPage() {
)}
</div>
)}
{oidcEnabled && (
<div style={{ marginTop: '8px', padding: '12px', border: '1px solid var(--border)', borderRadius: '8px' }}>
<div style={{ fontWeight: 600, marginBottom: '10px' }}>OIDC Binding</div>
{selectedUser.oidc_subject ? (
<div style={{ marginBottom: 10 }}>
<div className="text-dim" style={{ fontFamily: 'monospace', wordBreak: 'break-all' }}>
issuer: {selectedUser.oidc_issuer || '—'}<br />
subject: {selectedUser.oidc_subject}
</div>
<button className="btn-danger" style={{ marginTop: 10 }} disabled={saving} onClick={handleUnbindOidc}>
Unbind OIDC identity
</button>
</div>
) : (
<div className="text-dim" style={{ marginBottom: 10 }}>No OIDC identity bound.</div>
)}
<label>
Issuer
<input value={bindForm.issuer} placeholder="https://idp.example.com" onChange={(e) => setBindForm({ ...bindForm, issuer: e.target.value })} />
</label>
<label>
Subject (sub)
<input value={bindForm.subject} placeholder="OIDC subject claim" onChange={(e) => setBindForm({ ...bindForm, subject: e.target.value })} />
</label>
<button className="btn-secondary" style={{ marginTop: 10 }} disabled={saving || !bindForm.issuer.trim() || !bindForm.subject.trim()} onClick={handleBindOidc}>
{selectedUser.oidc_subject ? 'Rebind OIDC identity' : 'Bind OIDC identity'}
</button>
</div>
)}
</div>
</>
) : (

23
src/runtime.ts Normal file
View File

@@ -0,0 +1,23 @@
// Runtime config injected by the container entrypoint into
// /runtime-config.js (from the deploy-time HARBORFORGE_OIDC_ONLY env).
// Available before the backend exists — used by the setup wizard.
declare global {
interface Window {
__HF_RUNTIME__?: { oidc_only?: boolean; logo_url?: string }
}
}
/** true/false from the injected runtime config, or null when unknown. */
export function getRuntimeOidcOnly(): boolean | null {
const v = typeof window !== 'undefined' ? window.__HF_RUNTIME__?.oidc_only : undefined
return typeof v === 'boolean' ? v : null
}
/** Brand logo URL: deploy-time override (HARBORFORGE_LOGO_URL) or the
* bundled default at /logo.svg. */
export function getLogoUrl(): string {
const u = typeof window !== 'undefined' ? window.__HF_RUNTIME__?.logo_url : undefined
return (typeof u === 'string' && u) ? u : '/logo.svg'
}
export {}

10
src/services/api.ts
View File

@@ -1,15 +1,15 @@
import axios from 'axios'
const getApiBase = (): string | undefined => {
return localStorage.getItem('HF_BACKEND_BASE_URL') ?? undefined
}
// Backend URL is the build-time VITE_HF_BACKEND_BASE_URL baked into the
// bundle by docker build --build-arg. Empty → axios uses same-origin
// (only works in dev with the Vite proxy).
const API_BASE = import.meta.env.VITE_HF_BACKEND_BASE_URL || undefined
const api = axios.create({
baseURL: getApiBase(),
baseURL: API_BASE,
})
api.interceptors.request.use((config) => {
config.baseURL = getApiBase()
const token = localStorage.getItem('token')
if (token) {
config.headers.Authorization = `Bearer ${token}`

8
src/test/setup.ts
View File

@@ -1,11 +1,17 @@
import '@testing-library/jest-dom'
import { vi } from 'vitest'
// VITE_HF_BACKEND_BASE_URL is the build-time backend URL; in tests we
// stub it via import.meta.env (api.ts + useAuthConfig + App read it).
;(import.meta as any).env = {
...(import.meta as any).env,
VITE_HF_BACKEND_BASE_URL: 'http://localhost:8000',
}
// Mock localStorage
const localStorageMock = {
getItem: vi.fn((key: string) => {
if (key === 'token') return 'mock-token'
if (key === 'HF_BACKEND_BASE_URL') return 'http://localhost:8000'
return null
}),
setItem: vi.fn(),

47
src/types/index.ts
View File

@@ -7,6 +7,8 @@ export interface User {
is_active: boolean
role_id: number | null
role_name: string | null
oidc_issuer?: string | null
oidc_subject?: string | null
created_at: string
}
@@ -24,6 +26,51 @@ export interface Project {
created_at: string
}
export interface KnowledgeBase {
id: number
knowledge_base_code: string | null
title: string
description: string | null
created_by: number
created_at: string | null
last_updated_at: string | null
}
export interface KnowledgeFact {
id: number
category_id: number | null
topic_id: number
fact: string
last_updated_at: string | null
}
export interface KnowledgeCategoryNode {
id: number
name: string
parent: number | null
topic_id: number
description: string | null
categories: KnowledgeCategoryNode[]
facts: KnowledgeFact[]
}
export interface KnowledgeTopicNode {
id: number
topic: string
knowledge_base_id: number
description: string | null
categories: KnowledgeCategoryNode[]
facts: KnowledgeFact[]
}
export interface KnowledgeBaseTree {
id: number
knowledge_base_code: string | null
title: string
description: string | null
topics: KnowledgeTopicNode[]
}
export interface ProjectMember {
id: number
user_id: number

8
src/vite-env.d.ts vendored
View File

@@ -2,6 +2,14 @@
interface ImportMetaEnv {
readonly VITE_API_BASE: string
/**
* Backend base URL baked in at build time (e.g.
* https://hf-api.example.com). Frontend uses this for all API calls.
* Passed to the Dockerfile as an ARG and forwarded to `npm run build`.
* Empty string falls back to same-origin (only useful in dev with the
* Vite proxy).
*/
readonly VITE_HF_BACKEND_BASE_URL: string
}
interface ImportMeta {