feat(admin-console): Stage 5 — operators (admin accounts)
Tests · Go / test (push) Successful in 1m59s
Tests · Go / test (push) Successful in 1m59s
Add the operator-management page over *admin.Service (no new business logic).
- GET/POST /_gm/operators list + create operator
- POST /_gm/operators/{user}/disable|enable toggle access
- POST /_gm/operators/{user}/reset-password set a new password
Console depends on an OperatorAdmin interface (satisfied by *admin.Service) so
the page renders in tests without a database. Create POST is mounted on the
collection path; per-row disable/enable/reset are guarded by the CSRF middleware
and redirect back. Passwords are never logged.
Tests: list render, create (+ username/password assertions), username-taken
conflict, disable/enable, reset (+ password assertion), missing-password 400,
bad-CSRF 403, and unavailable 503.
Docs: backend/docs/admin-console.md page inventory extended.
This commit is contained in:
Ilia Denisov
@@ -101,6 +101,10 @@ changes.
|
||||
| `/_gm/games/{id}/runtime/force-next-turn` | POST | Force the next turn now. |
|
||||
| `/_gm/engine-versions` | GET/POST | Version registry; POST registers a version. |
|
||||
| `/_gm/engine-versions/{ver}/disable` | POST | Disable a registered version. |
|
||||
| `/_gm/operators` | GET/POST | Admin-account list; POST creates an operator. |
|
||||
| `/_gm/operators/{user}/disable` | POST | Disable an operator. |
|
||||
| `/_gm/operators/{user}/enable` | POST | Re-enable an operator. |
|
||||
| `/_gm/operators/{user}/reset-password` | POST | Reset an operator's password. |
|
||||
|
||||
Each page reuses the same service layer as the corresponding `/api/v1/admin/*`
|
||||
JSON endpoint; the console adds no business logic. Collection-mutating POSTs are
|
||||
|
||||
Reference in New Issue
Block a user