feat(admin-console): Stage 5 — operators (admin accounts)
Tests · Go / test (push) Successful in 1m59s
Tests · Go / test (push) Successful in 1m59s
Add the operator-management page over *admin.Service (no new business logic).
- GET/POST /_gm/operators list + create operator
- POST /_gm/operators/{user}/disable|enable toggle access
- POST /_gm/operators/{user}/reset-password set a new password
Console depends on an OperatorAdmin interface (satisfied by *admin.Service) so
the page renders in tests without a database. Create POST is mounted on the
collection path; per-row disable/enable/reset are guarded by the CSRF middleware
and redirect back. Passwords are never logged.
Tests: list render, create (+ username/password assertions), username-taken
conflict, disable/enable, reset (+ password assertion), missing-password 400,
bad-CSRF 403, and unavailable 503.
Docs: backend/docs/admin-console.md page inventory extended.
This commit is contained in:
Ilia Denisov
@@ -408,6 +408,12 @@ func registerAdminConsoleRoutes(router *gin.Engine, deps RouterDependencies) {
|
||||
group.GET("/engine-versions", deps.AdminConsole.EngineVersionsList())
|
||||
group.POST("/engine-versions", deps.AdminConsole.EngineVersionRegister())
|
||||
group.POST("/engine-versions/:version/disable", deps.AdminConsole.EngineVersionDisable())
|
||||
|
||||
group.GET("/operators", deps.AdminConsole.OperatorsList())
|
||||
group.POST("/operators", deps.AdminConsole.OperatorCreate())
|
||||
group.POST("/operators/:username/disable", deps.AdminConsole.OperatorDisable())
|
||||
group.POST("/operators/:username/enable", deps.AdminConsole.OperatorEnable())
|
||||
group.POST("/operators/:username/reset-password", deps.AdminConsole.OperatorResetPassword())
|
||||
}
|
||||
|
||||
// allowedMethodsForPath returns the comma-separated list of methods
|
||||
|
||||
Reference in New Issue
Block a user