cronekorkn/left4me
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
left4me/l4d2web
History
mwiegand bcea450e98
admin: deactivate/activate/delete endpoints for /admin/users 
Three new POST endpoints on the existing admin blueprint, all guarded
by @require_admin and CSRF (per the global before_request hook):

  /admin/users/<id>/deactivate  flips active=False (refuses self)
  /admin/users/<id>/activate    flips active=True
  /admin/users/<id>/delete      hard delete with safeties:
    - refuses self-delete
    - refuses delete-of-the-last-admin
    - refuses if the user owns Servers, Blueprints, or custom
      Overlays (operator deletes those first via existing UIs)
    - nulls out Job.user_id (jobs stay as audit trail; FK is nullable)

admin_users.html grows an Active column + an Actions column with the
appropriate button per row (none for self, Deactivate/Activate
toggle, Delete-with-confirmation modal). Modal pattern mirrors
blueprint_detail.html (same modal-close/modal-open data attrs,
csrf_token hidden field).

Refusal responses are 409 with a plain-text body (matches the
blueprint-in-use refusal at blueprint_routes.py:182). No flash
infrastructure introduced; consistent with the rest of the codebase.

All 367 existing tests still pass.
2026-05-10 21:15:52 +02:00
..
alembic models: add User.active column for soft-delete (deactivation) 2026-05-10 21:12:27 +02:00
routes admin: deactivate/activate/delete endpoints for /admin/users 2026-05-10 21:15:52 +02:00
services feat(files-overlay): user-managed file content as a third overlay type 2026-05-09 18:59:32 +02:00
static ui(files-overlay): label root row as "/" instead of "(overlay root)" 2026-05-09 19:50:14 +02:00
templates admin: deactivate/activate/delete endpoints for /admin/users 2026-05-10 21:15:52 +02:00
tests feat(files-overlay): user-managed file content as a third overlay type 2026-05-09 18:59:32 +02:00
__init__.py chore(l4d2): flatten component layout 2026-05-05 23:47:06 +02:00
alembic.ini chore(l4d2): flatten component layout 2026-05-05 23:47:06 +02:00
app.py feat(l4d2-web): periodic state poller refreshes Server.actual_state 2026-05-09 12:31:28 +02:00
auth.py auth: reject inactive users at login + invalidate existing sessions 2026-05-10 21:13:31 +02:00
cli.py feat(l4d2-web): seed example script overlays from examples/script-overlays/ 2026-05-08 18:41:08 +02:00
config.py feat(l4d2-web): periodic state poller refreshes Server.actual_state 2026-05-09 12:31:28 +02:00
db.py feat(deploy): add production-like test deployment 2026-05-06 19:30:10 +02:00
models.py models: add User.active column for soft-delete (deactivation) 2026-05-10 21:12:27 +02:00
pyproject.toml refactor(l4d2-web): drop global-overlays subsystem in favor of script type 2026-05-08 15:43:41 +02:00
README.md feat(deploy): add production-like test deployment 2026-05-06 19:30:10 +02:00

README.md

l4d2-web-app

Flask web app for managing L4D2 servers through user-private blueprints.

Key v1 behaviors

  • Local username/password login; no public signup
  • Admin-managed overlay catalog
  • Private blueprints per user
  • Server creation from blueprints (live-linked; no per-server blueprint overrides)
  • Async job model with persisted command logs in job_logs
  • Desired vs actual state model
  • Live logs for jobs and servers via SSE endpoints
  • Host operations go through l4d2ctl via a local host command runner, not direct l4d2host imports

Frontend constraints

  • Server-rendered templates (Jinja)
  • Vendored HTMX (static/vendor/htmx.min.js)
  • Custom CSS only
  • Tokenized, consistent link and accent colors

Development

python3 -m venv .venv
.venv/bin/pip install -e .
.venv/bin/pytest tests -q

Configuration

The web app reads these settings from the environment:

  • DATABASE_URL: SQLAlchemy database URL, for example sqlite:////var/lib/left4me/left4me.db.
  • SECRET_KEY: Flask secret key used for sessions and CSRF-sensitive state.
  • JOB_WORKER_THREADS: number of background job worker threads.

In the systemd deployment, environment is loaded from /etc/left4me/host.env and /etc/left4me/web.env.

Admin Bootstrap

Create the first admin account with the Flask CLI. Provide the password through LEFT4ME_ADMIN_PASSWORD:

LEFT4ME_ADMIN_PASSWORD='change-me' flask create-user <username> --admin