feat(ui): prevent self-modification in People management and highlight current user (#5441)

# Description of Changes This PR improves the People management UI by preventing users from modifying or deleting their own account and by visually highlighting the currently logged-in user. <img width="675" height="196" alt="image" src="https://github.com/user-attachments/assets/c45fb0b6-c766-412c-a53b-b72aed2925d2" /> ### What was changed - Integrated session-based authentication context to identify the currently logged-in user. - Added a helper to detect the current user in the user list. - Highlighted the current user's row with a subtle background color. - Disabled self-actions: - Editing own role - Enabling/disabling own account - Deleting own account - Kept password change available for the current user. ### Why the change was made - Prevents accidental self-lockout or privilege removal. - Aligns UI behavior with common security best practices. - Improves clarity by visually distinguishing the active user account. --- ## Checklist ### General - [ ] I have read the [Contribution Guidelines](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/CONTRIBUTING.md) - [ ] I have read the [Stirling-PDF Developer Guide](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/devGuide/DeveloperGuide.md) (if applicable) - [ ] I have read the [How to add new languages to Stirling-PDF](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/devGuide/HowToAddNewLanguage.md) (if applicable) - [ ] I have performed a self-review of my own code - [ ] My changes generate no new warnings ### Documentation - [ ] I have updated relevant docs on [Stirling-PDF's doc repo](https://github.com/Stirling-Tools/Stirling-Tools.github.io/blob/main/docs/) (if functionality has heavily changed) - [ ] I have read the section [Add New Translation Tags](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/devGuide/HowToAddNewLanguage.md#add-new-translation-tags) (for new translation tags only) ### Translations (if applicable) - [ ] I ran [`scripts/counter_translation.py`](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/docs/counter_translation.md) ### UI Changes (if applicable) - [ ] Screenshots or videos demonstrating the UI changes are attached (e.g., as comments or direct attachments in the PR) ### Testing (if applicable) - [ ] I have tested my changes locally. Refer to the [Testing Guide](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/devGuide/DeveloperGuide.md#6-testing) for more details.
2026-02-01 20:10:35 +01:00 · 2026-01-13 17:13:28 +01:00 · 2026-01-13 17:13:28 +01:00 · 65a5d05713
commit 65a5d05713
parent 8632ed9875
1 changed files with 33 additions and 19 deletions
--- a/frontend/src/proprietary/components/shared/config/configSections/PeopleSection.tsx
+++ b/frontend/src/proprietary/components/shared/config/configSections/PeopleSection.tsx
@ -31,11 +31,13 @@ import { useNavigate } from 'react-router-dom';
 import UpdateSeatsButton from '@app/components/shared/UpdateSeatsButton';
 import { useLicense } from '@app/contexts/LicenseContext';
 import ChangeUserPasswordModal from '@app/components/shared/ChangeUserPasswordModal';
+import { useAuth } from '@app/auth/UseSession';

 export default function PeopleSection() {
  const { t } = useTranslation();
  const { config } = useAppConfig();
  const { loginEnabled } = useLoginRequired();
+  const { user: currentUser } = useAuth();
  const navigate = useNavigate();
  const { licenseInfo: globalLicenseInfo } = useLicense();
  const [users, setUsers] = useState<User[]>([]);
@ -77,6 +79,7 @@ export default function PeopleSection() {
      ? t('workspace.people.license.noSlotsAvailable', 'No user slots available')
      : null;

+  const isCurrentUser = (user: User) => currentUser?.username === user.username;

  // Form state for edit user modal
  const [editForm, setEditForm] = useState({
@ -463,7 +466,10 @@ export default function PeopleSection() {
            </Table.Tr>
          ) : (
            filteredUsers.map((user) => (
-              <Table.Tr key={user.id}>
+              <Table.Tr
+                key={user.id}
+                style={isCurrentUser(user) ? { backgroundColor: 'rgba(34, 139, 230, 0.08)' } : undefined}
+              >
                <Table.Td>
                  <Group gap="xs" wrap="nowrap">
                    <Tooltip
@ -577,13 +583,15 @@ export default function PeopleSection() {
                          </ActionIcon>
                        </Menu.Target>
                        <Menu.Dropdown style={{ zIndex: Z_INDEX_OVER_CONFIG_MODAL }}>
-                          <Menu.Item
-                            leftSection={<LocalIcon icon="edit" width="1rem" height="1rem" />}
-                            onClick={() => openEditModal(user)}
-                            disabled={!loginEnabled}
-                          >
-                            {t('workspace.people.editRole')}
-                          </Menu.Item>
+                          {!isCurrentUser(user) && (
+                            <Menu.Item
+                              leftSection={<LocalIcon icon="edit" width="1rem" height="1rem" />}
+                              onClick={() => openEditModal(user)}
+                              disabled={!loginEnabled}
+                            >
+                              {t('workspace.people.editRole')}
+                            </Menu.Item>
+                          )}
                          <Menu.Item
                            leftSection={<LocalIcon icon="lock" width="1rem" height="1rem" />}
                            onClick={() => openChangePasswordModal(user)}
@ -591,17 +599,23 @@ export default function PeopleSection() {
                          >
                            {t('workspace.people.changePassword.action', 'Change password')}
                          </Menu.Item>
-                          <Menu.Item
-                            leftSection={user.enabled ? <LocalIcon icon="person-off" width="1rem" height="1rem" /> : <LocalIcon icon="person-check" width="1rem" height="1rem" />}
-                            onClick={() => handleToggleEnabled(user)}
-                            disabled={!loginEnabled}
-                          >
-                            {user.enabled ? t('workspace.people.disable') : t('workspace.people.enable')}
-                          </Menu.Item>
-                          <Menu.Divider />
-                          <Menu.Item color="red" leftSection={<LocalIcon icon="delete" width="1rem" height="1rem" />} onClick={() => handleDeleteUser(user)} disabled={!loginEnabled}>
-                            {t('workspace.people.deleteUser')}
-                          </Menu.Item>
+                          {!isCurrentUser(user) && (
+                            <Menu.Item
+                              leftSection={user.enabled ? <LocalIcon icon="person-off" width="1rem" height="1rem" /> : <LocalIcon icon="person-check" width="1rem" height="1rem" />}
+                              onClick={() => handleToggleEnabled(user)}
+                              disabled={!loginEnabled}
+                            >
+                              {user.enabled ? t('workspace.people.disable') : t('workspace.people.enable')}
+                            </Menu.Item>
+                          )}
+                          {!isCurrentUser(user) && (
+                            <>
+                              <Menu.Divider />
+                              <Menu.Item color="red" leftSection={<LocalIcon icon="delete" width="1rem" height="1rem" />} onClick={() => handleDeleteUser(user)} disabled={!loginEnabled}>
+                                {t('workspace.people.deleteUser')}
+                              </Menu.Item>
+                            </>
+                          )}
                        </Menu.Dropdown>
                      </Menu>
                    </Group>