feat: Add admin vehicle management and profile vehicles display (refs #11)
All checks were successful
Deploy to Staging / Build Images (pull_request) Successful in 4m34s
Deploy to Staging / Deploy to Staging (pull_request) Successful in 37s
Deploy to Staging / Verify Staging (pull_request) Successful in 6s
Deploy to Staging / Notify Staging Ready (pull_request) Successful in 6s
Deploy to Staging / Notify Staging Failure (pull_request) Has been skipped
All checks were successful
Deploy to Staging / Build Images (pull_request) Successful in 4m34s
Deploy to Staging / Deploy to Staging (pull_request) Successful in 37s
Deploy to Staging / Verify Staging (pull_request) Successful in 6s
Deploy to Staging / Notify Staging Ready (pull_request) Successful in 6s
Deploy to Staging / Notify Staging Failure (pull_request) Has been skipped
- Add GET /api/admin/stats endpoint for Total Vehicles widget - Add GET /api/admin/users/:auth0Sub/vehicles endpoint for user vehicle list - Update AdminUsersPage with Total Vehicles stat and expandable vehicle rows - Add My Vehicles section to SettingsPage (desktop) and MobileSettingsScreen - Update AdminUsersMobileScreen with stats header and vehicle expansion - Add defense-in-depth admin checks and error handling - Update admin README documentation 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
This commit is contained in:
Eric Gullickson
@@ -62,14 +62,56 @@ Provides:
|
||||
- `admin-guard` plugin - Authorization enforcement (decorator on Fastify)
|
||||
- `request.userContext` - Enhanced with `isAdmin`, `adminRecord`
|
||||
|
||||
### Phase 2: Admin Management APIs
|
||||
### Admin Dashboard Stats
|
||||
|
||||
Will provide:
|
||||
- `/api/admin/admins` - List all admins (GET)
|
||||
- `/api/admin/admins` - Add admin (POST)
|
||||
- `/api/admin/admins/:auth0Sub/revoke` - Revoke admin (PATCH)
|
||||
- `/api/admin/admins/:auth0Sub/reinstate` - Reinstate admin (PATCH)
|
||||
- `/api/admin/audit-logs` - View audit trail (GET)
|
||||
Provides admin dashboard statistics:
|
||||
|
||||
- `GET /api/admin/stats` - Get total users and vehicles counts
|
||||
|
||||
**Response:**
|
||||
```json
|
||||
{
|
||||
"totalUsers": 150,
|
||||
"totalVehicles": 287
|
||||
}
|
||||
```
|
||||
|
||||
### User Management APIs
|
||||
|
||||
Provides:
|
||||
- `GET /api/admin/users` - List all users with pagination/filters
|
||||
- `GET /api/admin/users/:auth0Sub` - Get single user details
|
||||
- `GET /api/admin/users/:auth0Sub/vehicles` - Get user's vehicles (admin view)
|
||||
- `PATCH /api/admin/users/:auth0Sub/tier` - Update subscription tier
|
||||
- `PATCH /api/admin/users/:auth0Sub/deactivate` - Deactivate user
|
||||
- `PATCH /api/admin/users/:auth0Sub/reactivate` - Reactivate user
|
||||
- `PATCH /api/admin/users/:auth0Sub/profile` - Update user profile
|
||||
- `PATCH /api/admin/users/:auth0Sub/promote` - Promote to admin
|
||||
- `DELETE /api/admin/users/:auth0Sub` - Hard delete user (GDPR)
|
||||
|
||||
**User Vehicles Endpoint:**
|
||||
```
|
||||
GET /api/admin/users/:auth0Sub/vehicles
|
||||
```
|
||||
|
||||
Returns minimal vehicle data for privacy (Year/Make/Model only):
|
||||
```json
|
||||
{
|
||||
"vehicles": [
|
||||
{ "year": 2022, "make": "Toyota", "model": "Camry" },
|
||||
{ "year": 2020, "make": "Honda", "model": "Civic" }
|
||||
]
|
||||
}
|
||||
```
|
||||
|
||||
### Admin Management APIs
|
||||
|
||||
Provides:
|
||||
- `GET /api/admin/admins` - List all admins
|
||||
- `POST /api/admin/admins` - Add admin
|
||||
- `PATCH /api/admin/admins/:auth0Sub/revoke` - Revoke admin
|
||||
- `PATCH /api/admin/admins/:auth0Sub/reinstate` - Reinstate admin
|
||||
- `GET /api/admin/audit-logs` - View audit trail
|
||||
|
||||
### Phase 3: Platform Catalog CRUD (COMPLETED)
|
||||
|
||||
|
||||
Reference in New Issue
Block a user