From ae1a24a083390080cc2ce8f793c046d83f41d9e4 Mon Sep 17 00:00:00 2001
From: Razmig Sarkissian <razmig@padelclub.app>
Date: Sun, 8 Jun 2025 10:06:12 +0200
Subject: [PATCH] add view all users and access to dashboard and private toggle
 for superuser / staff

---
 .../shop/partials/navigation_base.html        |  4 ++
 .../admin/tournaments/dashboard.html          |  7 +++-
 .../tournaments/navigation_base.html          |  6 ++-
 .../tournaments/navigation_tournament.html    | 31 ++++++++++++++
 tournaments/urls.py                           |  2 +
 tournaments/views.py                          | 42 +++++++++++++++++++
 6 files changed, 90 insertions(+), 2 deletions(-)

diff --git a/shop/templates/shop/partials/navigation_base.html b/shop/templates/shop/partials/navigation_base.html
index f5dc311..351b98f 100644
--- a/shop/templates/shop/partials/navigation_base.html
+++ b/shop/templates/shop/partials/navigation_base.html
@@ -9,4 +9,8 @@
         <a href="{% url 'custom-login' %}">Se connecter</a>
     {% endif %}
     <a href="{% url 'shop:product_list' %}">La boutique</a>
+    {% if user.is_authenticated and user.is_staff %}
+        <a href="{% url 'admin:shop_order_dashboard' %}" class="download-button">Tableau de bord boutique</a>
+        <a href="{% url 'admin:prepare_all_orders' %}" class="download-button">Préparer commandes</a>
+    {% endif %}
 </nav>
diff --git a/tournaments/templates/admin/tournaments/dashboard.html b/tournaments/templates/admin/tournaments/dashboard.html
index 3986625..b6f6fb1 100644
--- a/tournaments/templates/admin/tournaments/dashboard.html
+++ b/tournaments/templates/admin/tournaments/dashboard.html
@@ -181,7 +181,12 @@
 
             <!-- Recent Users -->
             <div style="background: #f8f9fa; border-radius: 8px; padding: 20px; grid-column: span 2;">
-                <h4 style="margin: 0 0 15px 0;">Recently Registered Users</h4>
+                <h4 style="margin: 0 0 15px 0; display: flex; justify-content: space-between; align-items: center;">
+                    <span>Recently Registered Users</span>
+                    <a href="{% url 'admin:tournaments_customuser_changelist' %}" style="font-size: 14px; text-decoration: none; color: #007bff; display: flex; align-items: center;">
+                        View All Users <span style="margin-left: 5px; font-size: 16px;">→</span>
+                    </a>
+                </h4>
                 <div style="overflow-x: auto;">
                     <table style="width: 100%; border-collapse: collapse;">
                         <thead>
diff --git a/tournaments/templates/tournaments/navigation_base.html b/tournaments/templates/tournaments/navigation_base.html
index b1ef0ea..91c9752 100644
--- a/tournaments/templates/tournaments/navigation_base.html
+++ b/tournaments/templates/tournaments/navigation_base.html
@@ -10,5 +10,9 @@
                     <a href="{% url 'custom-login' %}">Se connecter</a>
                 {% endif %}
                 <a href="{% url 'shop:product_list' %}">La boutique</a>
-                <a href="{% url 'download' %}" class="download-button">Ajouter vos tournois</a>
+                {% if user.is_authenticated and user.is_staff %}
+                    <a href="{% url 'admin:tournaments_tournament_dashboard' %}" class="download-button">Tableau de bord</a>
+                {% else %}
+                    <a href="{% url 'download' %}" class="download-button">Ajouter vos tournois</a>
+                {% endif %}
             </nav>
diff --git a/tournaments/templates/tournaments/navigation_tournament.html b/tournaments/templates/tournaments/navigation_tournament.html
index 7f74a36..4af9993 100644
--- a/tournaments/templates/tournaments/navigation_tournament.html
+++ b/tournaments/templates/tournaments/navigation_tournament.html
@@ -37,4 +37,35 @@
     {% else %}
         <a href="{% url 'login' %}" class="topmargin5">Se connecter</a>
     {% endif %}
+
+    <!-- Superuser private toggle form -->
+    {% if user.is_superuser %}
+        <form method="post" action="{% url 'toggle_tournament_private' tournament.id %}" style="display: inline;">
+            {% csrf_token %}
+            <button
+                type="submit"
+                class="topmargin5"
+                title="Changer la visibilité du tournoi"
+                onclick="return confirm('Êtes-vous sûr de vouloir changer la visibilité de ce tournoi ?{% if tournament.is_private %}\n\nCe tournoi deviendra public et sera visible par tous.{% else %}\n\nCe tournoi deviendra privé et ne sera visible que par les administrateurs.{% endif %}')"
+                style="
+                    padding: 8px 12px;
+                    font-size: 0.9em;
+                    border-radius: 4px;
+                    background: {% if tournament.is_private %}#dc3545{% else %}#28a745{% endif %};
+                    color: white;
+                    cursor: pointer;
+                    font-weight: bold;
+                    margin-top: 5px;
+                    display: block;
+                    width: auto;
+                    font-family: inherit;
+                ">
+                {% if tournament.is_private %}
+                    🔒 Tournoi Privé
+                {% else %}
+                    🌐 Tournoi Public
+                {% endif %}
+            </button>
+        </form>
+    {% endif %}
 </nav>
diff --git a/tournaments/urls.py b/tournaments/urls.py
index 5ea47c7..3d14290 100644
--- a/tournaments/urls.py
+++ b/tournaments/urls.py
@@ -80,4 +80,6 @@ urlpatterns = [
     path('tournaments/<str:tournament_id>/confirm/', views.confirm_tournament_registration, name='confirm_tournament_registration'),
     path('stripe-onboarding-complete/', views.stripe_onboarding_complete, name='stripe-onboarding-complete'),
     path('stripe-refresh-account-link/', views.stripe_refresh_account_link, name='stripe-refresh-account-link'),
+    path('tournaments/<str:tournament_id>/toggle-private/', views.toggle_tournament_private, name='toggle_tournament_private'),
+
 ]
diff --git a/tournaments/views.py b/tournaments/views.py
index 4d606a6..6d98079 100644
--- a/tournaments/views.py
+++ b/tournaments/views.py
@@ -1659,6 +1659,48 @@ def stripe_onboarding_complete(request):
 def stripe_refresh_account_link(request):
     return render(request, 'stripe/refresh_account_link.html')
 
+def toggle_tournament_private(request, tournament_id):
+    """Toggle tournament privacy status (for superusers only)"""
+
+    # Check if user is superuser
+    if not request.user.is_superuser:
+        if request.headers.get('Content-Type') == 'application/json':
+            return JsonResponse({'error': 'Accès non autorisé'}, status=403)
+        messages.error(request, 'Accès non autorisé')
+        return redirect('tournament-info', tournament_id=tournament_id)
+
+    # Only allow POST requests
+    if request.method != 'POST':
+        if request.headers.get('Content-Type') == 'application/json':
+            return JsonResponse({'error': 'Méthode non autorisée'}, status=405)
+        messages.error(request, 'Méthode non autorisée')
+        return redirect('tournament-info', tournament_id=tournament_id)
+
+    try:
+        tournament = get_object_or_404(Tournament, pk=tournament_id)
+
+        # Toggle the private status
+        tournament.is_private = not tournament.is_private
+        tournament.save()
+
+        # Check if this is an AJAX request
+        if request.headers.get('Content-Type') == 'application/json':
+            return JsonResponse({
+                'success': True,
+                'is_private': tournament.is_private,
+                'message': f'Tournoi défini comme {"privé" if tournament.is_private else "public"}'
+            })
+        else:
+            # Regular form submission - add success message and redirect
+            status = "privé" if tournament.is_private else "public"
+            messages.success(request, f'Tournoi défini comme {status}')
+            return redirect('tournament-info', tournament_id=tournament_id)
+
+    except Exception as e:
+        if request.headers.get('Content-Type') == 'application/json':
+            return JsonResponse({'error': f'Erreur: {str(e)}'}, status=500)
+        messages.error(request, f'Erreur: {str(e)}')
+        return redirect('tournament-info', tournament_id=tournament_id)
 
 class UserListExportView(LoginRequiredMixin, View):
     def get(self, request, *args, **kwargs):