github/pangolin
1
1
Fork 0
mirror of https://github.com/fosrl/pangolin.git synced 2026-04-06 01:11:57 +02:00
Code Issues 85 Packages Projects Releases Wiki Activity

Added member resource landing page and user password reset management #1304

New Issue
Closed
opened 2026-04-05 18:49:56 +02:00 by MrUnknownDE · 0 comments
MrUnknownDE commented 2026-04-05 18:49:56 +02:00
Owner
Copy Link

Originally created by @adrianeastles on 6/27/2025

Community Contribution License Agreement

By creating this pull request, I grant the project maintainers an unlimited,
perpetual license to use, modify, and redistribute these contributions under any terms they
choose, including both the AGPLv3 and the Fossorial Commercial license terms. I
represent that I have the right to grant this license for all contributed content.

Description

New User Resources Dashboard: A dedicated page where org members can view all resources they have access to. This new dashboard features a modern, responsive card-based layout with clear visual indicators (color-coded shields for enabled/disabled, protected/unprotected status) and interactive elements like direct access links. The navigation structure has been enhanced with a new "Resources" section under "Account," and the organization landing page card now displays a resource count for quick access. This also includes clear visual distinctions for enabled/disabled states and user-friendly messaging for empty states.

Enhanced User Management with Configurable Password Resets: This introduces crucial administrative controls for user management. A new "Security" tab has been added to organization settings, allowing administrators to define the password reset token's validity period (1 to 24 hours, default 1 hour). This is supported by a new API endpoint (updateOrgSecurity PUT /org/{orgId}/security), updated backend logic for dynamic expiry, and corresponding frontend changes. Additionally, user creation and management flows are improved by making the "Name" field more prominent and defaulting the user details view to the "Details" tab for better UX.

Key Features & Changes

User Resources Dashboard:

  • New Page: A dedicated page for org members to view all resources they have access to.
  • Card-based Layout: Modern, responsive grid displaying each resource with clear visual indicators.
  • Status Indicators: Color-coded shields showing resource protection levels (enabled/disabled, protected/unprotected).
  • Interactive Elements: Direct links to access enabled resources, with links and buttons to navigate to the resource.
  • Enhanced Navigation Structure: New "Resources" section added under "Account" in the navigation menu, seamlessly integrated into existing Layout component with proper navigation hierarchy.

User Management & Password Reset:

  • Configurable Password Reset Token Expiration:
    • A new "Security" tab alongside the "General" tab in organization settings.
    • Organizations can now set password reset token expiration from 1 to 24 hours (default: 1 hour).
    • This setting is applied globally for all password resets within that organization.
  • New API Endpoint for Security Settings: Implemented updateOrgSecurity (PUT /org/{orgId}/security) for securely updating organization security parameters, protected with admin authorization.
  • Enhanced Password Reset Functionality: The password reset process now dynamically uses the organization-specific expiry setting retrieved from the database.
  • User Details and Account Creation Enhancements:
    • Added a "Name" field to user details, visible in user management and prompted during user account creation.
    • The default tab when viewing user details has been changed from "Access Controls" to "Details" for improved navigation.

How to Test?

Part 1: User Resources Dashboard

  1. New Navigation: You'll now see a "Resources" submenu under "Account" in the navigation. Click on it to access the new dashboard.
  2. Resource Display: Verify that all resources you have access to are displayed clearly in the card-based layout.
  3. Status Indicators & Links: Check that the color-coded status indicators (enabled/disabled, protected/unprotected) are correct and that the direct links to access enabled resources are working as expected.
  4. Empty State: If you have no resources assigned, please confirm that the "empty state" message is user-friendly.
    Part 2: User Management & Password Reset

Scenario 1: Configure Password Reset Token Expiration

  1. Log in as an organization administrator.
  2. Navigate to Organization Settings.
  3. Click on the newly added Security tab.
  4. Observe the "Password Reset Token Expiration" field, defaulting to 1 hour.
  5. Change the value to 12 hours and click Save.
  6. Verify that a success message is displayed.
  7. (Optional, for backend verification): If you have access to the database, check the orgs table for the corresponding organization and confirm passwordResetTokenExpiryHours is set to 12.
  8. As the same administrator, go to Access Controls -> Users.
  9. Select a user and initiate a Password Reset.
  10. Use the password reset link that was sent to the user (e.g., via email or a temporary display) and successfully create a new password.
  11. Repeat steps 5-10 with a different value (e.g., 1 hour, 24 hours) to ensure the range works. Also, test entering an invalid value (e.g., 0, 25, text) and confirm appropriate validation errors.

NOTE: If SMTP is enabled, and email will be set to the email address listed on the account. If SMTP is not enabled, the page will display the password reset link for the administrator to copy.

Screenshots

  • Resource Dashboard Screenshots:
Screenshot 2025-06-27 at 7 36 42 pm

https://github.com/user-attachments/assets/cbc5a685-d7ef-4092-91da-2677e8070881

  • Password Reset & User Management Screenshots:
Screenshot 2025-06-27 at 7 37 52 pm Screenshot 2025-06-27 at 7 38 19 pm Screenshot 2025-06-27 at 7 44 51 pm Screenshot 2025-06-27 at 7 39 06 pm Screenshot 2025-06-27 at 7 39 54 pm
*Originally created by @adrianeastles on 6/27/2025* ## Community Contribution License Agreement By creating this pull request, I grant the project maintainers an unlimited, perpetual license to use, modify, and redistribute these contributions under any terms they choose, including both the AGPLv3 and the Fossorial Commercial license terms. I represent that I have the right to grant this license for all contributed content. ## Description New User Resources Dashboard: A dedicated page where org members can view all resources they have access to. This new dashboard features a modern, responsive card-based layout with clear visual indicators (color-coded shields for enabled/disabled, protected/unprotected status) and interactive elements like direct access links. The navigation structure has been enhanced with a new "Resources" section under "Account," and the organization landing page card now displays a resource count for quick access. This also includes clear visual distinctions for enabled/disabled states and user-friendly messaging for empty states. Enhanced User Management with Configurable Password Resets: This introduces crucial administrative controls for user management. A new "Security" tab has been added to organization settings, allowing administrators to define the password reset token's validity period (1 to 24 hours, default 1 hour). This is supported by a new API endpoint (updateOrgSecurity PUT /org/{orgId}/security), updated backend logic for dynamic expiry, and corresponding frontend changes. Additionally, user creation and management flows are improved by making the "Name" field more prominent and defaulting the user details view to the "Details" tab for better UX. ### Key Features & Changes **User Resources Dashboard:** * **New Page:** A dedicated page for org members to view all resources they have access to. * **Card-based Layout:** Modern, responsive grid displaying each resource with clear visual indicators. * **Status Indicators:** Color-coded shields showing resource protection levels (enabled/disabled, protected/unprotected). * **Interactive Elements:** Direct links to access enabled resources, with links and buttons to navigate to the resource. * **Enhanced Navigation Structure:** New "Resources" section added under "Account" in the navigation menu, seamlessly integrated into existing Layout component with proper navigation hierarchy. **User Management & Password Reset:** * **Configurable Password Reset Token Expiration:** * A new "**Security**" tab alongside the "General" tab in organization settings. * Organizations can now set password reset token expiration from 1 to 24 hours (default: 1 hour). * This setting is applied globally for all password resets within that organization. * **New API Endpoint for Security Settings:** Implemented `updateOrgSecurity` (PUT `/org/{orgId}/security`) for securely updating organization security parameters, protected with admin authorization. * **Enhanced Password Reset Functionality:** The password reset process now dynamically uses the organization-specific expiry setting retrieved from the database. * **User Details and Account Creation Enhancements:** * Added a "**Name**" field to user details, visible in user management and prompted during user account creation. * The default tab when viewing user details has been changed from "Access Controls" to "**Details**" for improved navigation. --- ### How to Test? **Part 1: User Resources Dashboard** 1. **New Navigation:** You'll now see a "**Resources**" submenu under "**Account**" in the navigation. Click on it to access the new dashboard. 2. **Resource Display:** Verify that all resources you have access to are displayed clearly in the card-based layout. 3. **Status Indicators & Links:** Check that the color-coded status indicators (enabled/disabled, protected/unprotected) are correct and that the direct links to access enabled resources are working as expected. 4. **Empty State:** If you have no resources assigned, please confirm that the "empty state" message is user-friendly. **Part 2: User Management & Password Reset** **Scenario 1: Configure Password Reset Token Expiration** 1. Log in as an organization administrator. 2. Navigate to **Organization Settings**. 3. Click on the newly added **Security** tab. 4. Observe the "Password Reset Token Expiration" field, defaulting to 1 hour. 5. Change the value to **12 hours** and click **Save**. 6. Verify that a success message is displayed. 7. (Optional, for backend verification): If you have access to the database, check the `orgs` table for the corresponding organization and confirm `passwordResetTokenExpiryHours` is set to 12. 8. As the same administrator, go to **Access Controls** -> **Users**. 9. Select a user and initiate a **Password Reset**. 10. Use the password reset link that was sent to the user (e.g., via email or a temporary display) and successfully create a new password. 11. Repeat steps 5-10 with a different value (e.g., 1 hour, 24 hours) to ensure the range works. Also, test entering an invalid value (e.g., 0, 25, text) and confirm appropriate validation errors. # NOTE: If SMTP is enabled, and email will be set to the email address listed on the account. If SMTP is not enabled, the page will display the password reset link for the administrator to copy. --- ### Screenshots * **Resource Dashboard Screenshots:** <img width="1790" alt="Screenshot 2025-06-27 at 7 36 42 pm" src="https://github.com/user-attachments/assets/69806d3b-c374-4e7d-b444-a6f3f46ede40" /> https://github.com/user-attachments/assets/cbc5a685-d7ef-4092-91da-2677e8070881 * **Password Reset & User Management Screenshots:** <img width="1797" alt="Screenshot 2025-06-27 at 7 37 52 pm" src="https://github.com/user-attachments/assets/85a796a1-0955-41a0-84a8-991baea34202" /> <img width="1791" alt="Screenshot 2025-06-27 at 7 38 19 pm" src="https://github.com/user-attachments/assets/cbbf9dfe-39e5-4fba-84d0-d220a4804060" /> <img width="1788" alt="Screenshot 2025-06-27 at 7 44 51 pm" src="https://github.com/user-attachments/assets/4f0286c9-017e-46a3-83f6-61270874ddfe" /> <img width="551" alt="Screenshot 2025-06-27 at 7 39 06 pm" src="https://github.com/user-attachments/assets/a4bf33a8-b225-48ec-a456-0ce8d12d7b8b" /> <img width="535" alt="Screenshot 2025-06-27 at 7 39 54 pm" src="https://github.com/user-attachments/assets/601553eb-ee6e-45d1-9eb7-029b80123425" />
Sign in to join this conversation.
No Branch/Tag Specified
Branches Tags
Labels
Clear labels
Improvement
Improvement
Improvement
Improvement
Look Into
Security
Security
api
api
authentication
authentication
authentication
authentication
authentication
authentication
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
config
config
config
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
docker
docker
docker
docker
docker
documentation
enhancement
enhancement
enhancement
enhancement
enhancement
enhancement
enhancement
enhancement
enhancement
enhancement
enhancement
enhancement
enhancement
enhancement
enhancement
enhancement
enhancement
enhancement
enhancement
enhancement
enhancement
enhancement
enhancement
enhancement
enhancement
enhancement
enhancement
enhancement
enhancement
enhancement
enhancement
enhancement
enhancement
enhancement
enhancement
enhancement
enhancement
enhancement
enhancement
github_actions
github_actions
github_actions
github_actions
github_actions
github_actions
github_actions
github_actions
github_actions
github_actions
github_actions
github_actions
github_actions
github_actions
github_actions
github_actions
github_actions
github_actions
github_actions
github_actions
github_actions
github_actions
github_actions
github_actions
github_actions
github_actions
github_actions
github_actions
github_actions
github_actions
github_actions
go
go
go
go
go
go
go
go
go
go
good first issue
good first issue
good first issue
good first issue
good first issue
good first issue
good first issue
good first issue
good first issue
good first issue
good first issue
good first issue
good first issue
good first issue
good first issue
good first issue
good first issue
good first issue
good first issue
help wanted
help wanted
help wanted
help wanted
help wanted
help wanted
help wanted
help wanted
help wanted
help wanted
help wanted
help wanted
help wanted
help wanted
help wanted
help wanted
help wanted
help wanted
help wanted
help wanted
help wanted
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
needs investigating
needs investigating
needs investigating
needs investigating
needs investigating
needs investigating
needs investigating
needs investigating
needs investigating
needs investigating
needs investigating
needs investigating
needs investigating
needs investigating
needs investigating
needs investigating
needs investigating
needs investigating
needs investigating
needs investigating
needs investigating
needs investigating
needs investigating
needs investigating
needs investigating
needs investigating
needs investigating
needs investigating
needs investigating
needs investigating
needs investigating
needs investigating
needs investigating
needs investigating
needs investigating
needs investigating
needs investigating
needs investigating
needs investigating
needs investigating
needs investigating
needs investigating
needs investigating
needs investigating
needs investigating
needs investigating
needs investigating
needs investigating
needs investigating
needs investigating
networking
new feature
new feature
new feature
new feature
new feature
new feature
new feature
new feature
new feature
new feature
new feature
new feature
new feature
new feature
new feature
non-critical bug
non-critical bug
non-critical bug
non-critical bug
non-critical bug
non-critical bug
non-critical bug
non-critical bug
non-critical bug
non-critical bug
non-critical bug
non-critical bug
non-critical bug
non-critical bug
potential bug
potential bug
potential bug
potential bug
potential bug
potential bug
potential bug
potential bug
potential bug
potential bug
potential bug
potential bug
question
reverse proxy
reverse proxy
reverse proxy
reverse proxy
reverse proxy
reverse proxy
reverse proxy
reverse proxy
reverse proxy
reverse proxy
reverse proxy
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
ui
ui
ui
ui
ui
ui
wontfix
No Label
Milestone
No items
No Milestone
Projects
Clear projects
No project
Assignees
Clear assignees
MrUnknownDE
No Assignees
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: github/pangolin#1304
Delete Branch "%!s()"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?