feat(admin-console): Stage 3 — users domain

Add the operator console's user-administration pages over the existing *user.Service (no new business logic). - GET /_gm/users paginated account list - GET /_gm/users/{id} account detail: profile, entitlement, sanctions - POST /_gm/users/{id}/block apply permanent_block (reason required) - POST /_gm/users/{id}/entitlement set the entitlement tier - POST /_gm/users/{id}/soft-delete soft-delete the account (cascades) The console depends on a UserAdmin interface (satisfied by *user.Service) so the pages render in tests without a database. All writes flow through the CSRF guard, carry the operator as the audit actor, and answer with a 303 redirect; a generic message page handles not-found, validation, and failure notices. Unblock is intentionally absent — the admin API exposes no remove-sanction endpoint. Tests: list/detail render, not-found, block (with actor/scope/reason assertions), missing-reason 400, bad-CSRF 403, entitlement, soft-delete redirect, and the service-unavailable path. Docs: backend/docs/admin-console.md gains the page inventory.
2026-05-31 20:15:19 +02:00
parent 985e51d25e
commit cf34710b4f
12 changed files with 780 additions and 0 deletions
@@ -69,3 +69,32 @@ h1 { font-size: 1.4rem; margin: 0 0 0.4rem; }
 .errors ul { margin: 0; padding-left: 1.1rem; color: var(--danger); }
 .ok { color: var(--ok); }
 .bad { color: var(--danger); }
+
+.list { width: 100%; border-collapse: collapse; font-size: 0.9rem; margin-bottom: 1rem; }
+.list th, .list td { text-align: left; padding: 0.35rem 0.6rem; border-bottom: 1px solid var(--line); }
+.list th { color: var(--ink-dim); font-weight: 600; }
+.list tr:hover td { background: var(--panel-hi); }
+.pager { display: flex; gap: 1rem; align-items: center; color: var(--ink-dim); }
+.form { display: flex; flex-wrap: wrap; gap: 0.6rem; align-items: end; margin-top: 0.8rem; }
+.form label { display: flex; flex-direction: column; gap: 0.2rem; font-size: 0.85rem; color: var(--ink-dim); }
+.form input, .form select {
+  background: var(--bg);
+  color: var(--ink);
+  border: 1px solid var(--line);
+  border-radius: 6px;
+  padding: 0.35rem 0.5rem;
+  font: inherit;
+}
+button {
+  background: var(--accent);
+  color: #06121f;
+  border: 0;
+  border-radius: 6px;
+  padding: 0.4rem 0.9rem;
+  font: inherit;
+  font-weight: 600;
+  cursor: pointer;
+}
+button:hover { filter: brightness(1.1); }
+button.danger { background: var(--danger); color: #1a0606; }
+code { background: var(--bg); padding: 0.05rem 0.3rem; border-radius: 4px; }
@@ -0,0 +1,11 @@
+package adminconsole
+
+// MessageData is the view model for the generic message page used to render
+// not-found, validation, and operation-failure notices. Class selects the CSS
+// styling (for example "bad" for errors); BackHref, when set, renders a link
+// back to a relevant page.
+type MessageData struct {
+	Message  string
+	Class    string
+	BackHref string
+}
@@ -0,0 +1,7 @@
+{{define "content" -}}
+<h1>{{.Title}}</h1>
+{{with .Data}}
+<p class="{{.Class}}">{{.Message}}</p>
+{{if .BackHref}}<p><a href="{{.BackHref}}">&laquo; back</a></p>{{end}}
+{{end}}
+{{- end}}
@@ -0,0 +1,68 @@
+{{define "content" -}}
+{{$csrf := .CSRFToken}}
+{{with .Data}}
+<p><a href="/_gm/users">&laquo; all users</a></p>
+<h1>{{.Email}}</h1>
+{{if .Deleted}}<p class="bad">This account is soft-deleted.</p>{{end}}
+
+<section class="panel">
+<h2>Account</h2>
+<ul class="kv">
+<li>User ID: <code>{{.UserID}}</code></li>
+<li>User name: {{.UserName}}</li>
+<li>Display name: {{.DisplayName}}</li>
+<li>Preferred language: {{.PreferredLanguage}}</li>
+<li>Time zone: {{.TimeZone}}</li>
+<li>Declared country: {{.DeclaredCountry}}</li>
+<li>Status: {{if .Blocked}}<span class="bad">blocked</span>{{else}}<span class="ok">active</span>{{end}}</li>
+<li>Created: {{.CreatedAt}}</li>
+<li>Updated: {{.UpdatedAt}}</li>
+</ul>
+</section>
+
+<section class="panel">
+<h2>Entitlement</h2>
+<ul class="kv">
+<li>Tier: <strong>{{.Tier}}</strong> ({{if .IsPaid}}paid{{else}}free{{end}})</li>
+<li>Source: {{.EntitlementSource}}</li>
+<li>Reason: {{.EntitlementReason}}</li>
+<li>Ends: {{if .EntitlementEnds}}{{.EntitlementEnds}}{{else}}—{{end}}</li>
+</ul>
+<form method="post" action="/_gm/users/{{.UserID}}/entitlement" class="form">
+<input type="hidden" name="_csrf" value="{{$csrf}}">
+<label>Tier
+<select name="tier">{{range .Tiers}}<option value="{{.}}">{{.}}</option>{{end}}</select>
+</label>
+<label>Source <input type="text" name="source" value="admin"></label>
+<label>Reason <input type="text" name="reason_code" placeholder="optional"></label>
+<button type="submit">Update entitlement</button>
+</form>
+</section>
+
+<section class="panel">
+<h2>Active sanctions</h2>
+{{if .Sanctions}}
+<table class="counts"><tbody>
+{{range .Sanctions}}<tr><td>{{.SanctionCode}}</td><td>{{.Scope}}</td><td>{{.ReasonCode}}</td><td>{{.AppliedAt}}</td></tr>{{end}}
+</tbody></table>
+{{else}}<p class="note">none</p>{{end}}
+{{if .Blocked}}
+<p class="note">User is permanently blocked. Unblock is not available in the current admin API.</p>
+{{else}}
+<form method="post" action="/_gm/users/{{.UserID}}/block" class="form" onsubmit="return confirm('Permanently block this user?');">
+<input type="hidden" name="_csrf" value="{{$csrf}}">
+<label>Reason <input type="text" name="reason_code" required></label>
+<button type="submit" class="danger">Permanently block</button>
+</form>
+{{end}}
+</section>
+
+<section class="panel">
+<h2>Danger zone</h2>
+<form method="post" action="/_gm/users/{{.UserID}}/soft-delete" class="form" onsubmit="return confirm('Soft-delete this account? This cascades to sessions, memberships, and owned games.');">
+<input type="hidden" name="_csrf" value="{{$csrf}}">
+<button type="submit" class="danger">Soft-delete account</button>
+</form>
+</section>
+{{end}}
+{{- end}}
@@ -0,0 +1,27 @@
+{{define "content" -}}
+<h1>Users</h1>
+{{with .Data}}
+<table class="list">
+<thead><tr><th>Email</th><th>User name</th><th>Display</th><th>Tier</th><th>Status</th><th>Created</th></tr></thead>
+<tbody>
+{{range .Items}}
+<tr>
+<td><a href="/_gm/users/{{.UserID}}">{{.Email}}</a></td>
+<td>{{.UserName}}</td>
+<td>{{.DisplayName}}</td>
+<td>{{.Tier}}</td>
+<td>{{if .Deleted}}<span class="bad">deleted</span>{{else if .Blocked}}<span class="bad">blocked</span>{{else}}<span class="ok">active</span>{{end}}</td>
+<td>{{.CreatedAt}}</td>
+</tr>
+{{else}}
+<tr><td colspan="6"><span class="note">no users</span></td></tr>
+{{end}}
+</tbody>
+</table>
+<nav class="pager">
+{{if .HasPrev}}<a href="/_gm/users?page={{.PrevPage}}&amp;page_size={{.PageSize}}">&laquo; prev</a>{{end}}
+<span>page {{.Page}} · {{.Total}} total</span>
+{{if .HasNext}}<a href="/_gm/users?page={{.NextPage}}&amp;page_size={{.PageSize}}">next &raquo;</a>{{end}}
+</nav>
+{{end}}
+{{- end}}
@@ -0,0 +1,61 @@
+package adminconsole
+
+// UserRow is one line in the users list table.
+type UserRow struct {
+	UserID      string
+	Email       string
+	UserName    string
+	DisplayName string
+	Tier        string
+	Blocked     bool
+	Deleted     bool
+	CreatedAt   string
+}
+
+// UsersListData is the view model for the paginated users list.
+type UsersListData struct {
+	Items    []UserRow
+	Page     int
+	PageSize int
+	Total    int
+	HasPrev  bool
+	HasNext  bool
+	PrevPage int
+	NextPage int
+}
+
+// SanctionView is one active sanction shown on the user detail page.
+type SanctionView struct {
+	SanctionCode string
+	Scope        string
+	ReasonCode   string
+	AppliedAt    string
+	ExpiresAt    string
+}
+
+// UserDetailData is the view model for a single user's detail page,
+// combining the account aggregate with the form option lists.
+type UserDetailData struct {
+	UserID            string
+	Email             string
+	UserName          string
+	DisplayName       string
+	PreferredLanguage string
+	TimeZone          string
+	DeclaredCountry   string
+	Blocked           bool
+	Deleted           bool
+	CreatedAt         string
+	UpdatedAt         string
+
+	Tier              string
+	IsPaid            bool
+	EntitlementSource string
+	EntitlementReason string
+	EntitlementEnds   string
+
+	Sanctions []SanctionView
+
+	// Tiers lists the selectable entitlement tiers for the form.
+	Tiers []string
+}