USER STORY: Admin User Account Control

[emidombek]

User Story

As an admin, I want to manage user accounts and their roles (buyer/seller, admin). So that I am able to control my website and permissions on it.

Acceptance Criteria:

1. Acceptance Criteria 1:

As an admin, I have a dedicated admin dashboard accessible when logged in.

2. Acceptance Criteria 2:

Within the admin dashboard, there is a section labeled "User Management" or "Manage Users."

3. Acceptance Criteria 3:

The "User Management" section displays a list of all registered users on the website.

4. Acceptance Criteria 4:

Each user entry includes the username, email address, user role (buyer, seller, admin), and registration date.

5. Acceptance Criteria 5:

I can search for specific users by username or email address.

6. Acceptance Criteria 6:

I have the ability to change the user role for any user directly from the user entry.

7. Acceptance Criteria 7:

The available user roles are "buyer," "seller," and "admin."

8. Acceptance Criteria 8:

When I change a user's role, the user's permissions are updated accordingly.

9. Acceptance Criteria 9:

If I change a user's role to "seller," they gain the ability to list artworks for sale.

10. Acceptance Criteria 10:

If I change a user's role to "admin," they gain access to the admin dashboard and its features.

11. Acceptance Criteria 11:

If I change a user's role to "buyer," they have access to buyer-related features, such as bidding and purchasing.

12. Acceptance Criteria 12:

I have the option to disable or enable user accounts as needed.

13. Acceptance Criteria 13:

When I disable a user account, the user cannot log in or use the website until the account is re-enabled.

14. Acceptance Criteria 14:

I can see a history of user role changes and account status changes for audit purposes.

15. Acceptance Criteria 15:

I receive email notifications when a user registers a new account on the website.

16. Acceptance Criteria 16:

The email notification includes the user's username and a link to the admin dashboard for further actions.

Tasks

• [x] Design and implement an admin dashboard accessible only to administrators.
• [x] Create a section labeled "User Management" or "Manage Users" within the admin dashboard.
• [x] Set up database structures to store user account information and roles.
• [x] Implement logic to fetch and display registered users in the "User Management" section.
• [x] Design and implement the layout for displaying user entries with username, email address, user role, and registration date.
• [x] Implement search functionality to search for users by username or email address.
• [x] Implement the ability to change user roles directly from the user entry.
• [x] Design and implement a user-friendly interface to change user roles.
• [x] Implement logic to update user permissions based on role changes.
• [x] Implement permissions for each user role, including buyer-related features, listing artworks, and accessing the admin dashboard.
• [x] Implement the ability to enable or disable user accounts.
• [x] Design and implement a history log to track user role changes and account status changes.
• [x] Test the display of registered users in the admin dashboard to ensure accurate content.
• [x] Test search functionality to verify that users can be found by username or email address.
• [x] Test email notifications for user registration events to ensure correct content and delivery.
• [x] Test responsive design for various devices and screen sizes.
• [x] Perform security testing to prevent unauthorized access to user management features.
• [x] Test the user interface for changing user roles to ensure a smooth experience.
• [x] Test the history log to ensure accurate tracking of user role and account status changes.
• [x] Implement logic to send email notifications to administrators when a user registers a new account.
• [x] Test email notifications for user registration events to ensure correct content and delivery.
• [x] Optimize the performance of fetching and displaying registered users for administrators.
• [x] Ensure compatibility of the admin dashboard across different web browsers.
• [x] Implement logic to prevent disabled users from logging in or accessing the website.
• [x] Implement logic to enforce permissions based on user roles throughout the website.
• [x] Implement real-time updates for user role changes and account status changes in the admin dashboard.

[emidombek]

Alot of these things are already handled by django admin.