feat(admin): users-management page with admin/agent role toggles#59
Merged
Conversation
Adds an admin users-management endpoint backing the
`Escalated/Admin/Users/Index` Inertia page shipped with the shared
`@escalated-dev/escalated` frontend package. Admins can grant or revoke
the `is_admin` / `is_agent` flags from the panel instead of editing the
database directly.
- New `AdminUserController` exposes the agent-profile table (paged,
searchable on name + email). `PATCH /escalated/api/admin/users/{userId}/role`
flips one role at a time via `UpdateRoleRequest{ role, value }`.
- `UserService.updateRole` enforces the cross-role rules: promoting to
admin also flips agent on; demoting an admin via the agent toggle
revokes both flags in one step.
- Self-demote on admin is rejected server-side (HTTP 422), so an admin
cannot lock themselves out of the panel they are using.
- `V3__add_user_role_flags.sql` adds `is_admin` and `is_agent` columns
to `escalated_agent_profiles`. Hosts wiring authorisation differently
(Spring Security GrantedAuthorities, a custom user table, etc.) can
override the controller in their own configuration.
Mirrors the Laravel reference port escalated-laravel#94.
Member
Author
|
Blocked on a pre-existing main-branch CI failure: Both checkstyle and test jobs on
Holding off on merge until the locale artifact is published / |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
GET /escalated/api/admin/users,PATCH /escalated/api/admin/users/{userId}/role) backing theEscalated/Admin/Users/Indexpage shipped with the shared@escalated-dev/escalatedfrontend package — admins can grant or revokeis_admin/is_agentfrom the panel instead of editing the database directly.UserService.updateRoleenforces the cross-role rules: promoting to admin also flips agent on; demoting an admin via the agent toggle revokes both flags in one step.Notes for reviewers
is_admin/is_agentcolumns on the existingescalated_agent_profilestable (added viaV3__add_user_role_flags.sql). Hosts wiring authorisation differently (Spring SecurityGrantedAuthority, a custom user table, etc.) can overrideAdminUserControllerin their own configuration — there is a comment to that effect inUserService.AgentProfileas the natural mapping for "host user with helpdesk access," since (unlike the Laravel port) there is no separate host user table in this repo.Test plan
AdminUserControllerTest— 7 new MockMvc cases (list, search filter, admin promotion flips agent on, agent-only promotion leaves admin false, self-demote rejected with no save, agent revoke from admin demotes fully, unknown role rejected)./gradlew testgreen