feat: Phase 1c — Platform Admin Dashboard

Full super-admin dashboard for SaaS platform management: Backend (10 files): - Migration 003: Add is_super_admin column to users table - JWT Claims: Carry is_super_admin through access tokens - SuperAdmin extractor: Axum FromRequestParts that rejects non-admins (403) - Admin API module: 10 endpoints behind /api/admin/* - GET /stats (KPIs: licenses, users, MRR, servers, signups) - GET/POST /licenses (paginated, filterable, manual generation) - GET/PATCH /licenses/:id (detail view, revoke/activate) - GET /subscriptions (module sub list with MRR breakdown) - GET/PATCH /users (paginated, toggle admin, disable accounts) - GET /servers (fleet overview across all licenses) - GET /health (DB pool, NATS status, table row counts) - Bootstrap updated: first user gets is_super_admin = true Frontend (8 files): - 5 admin views in src/views/platform-admin/ - DashboardLayout: "Platform" nav section (gated on isSuperAdmin) - Router: /admin/* routes with superAdmin meta guard - Auth store: isSuperAdmin computed property - Types: is_super_admin on User interface Build: 80 chunks, zero TS errors, clean production build. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-02-15 02:07:38 -05:00
parent 0ac1738c85
commit 88b50a30b4
16 changed files with 711 additions and 52 deletions
--- a/backend/src/main.rs
+++ b/backend/src/main.rs
@@ -89,6 +89,7 @@ async fn main() -> anyhow::Result<()> {
        .nest("/api/license", api::license::router())
        .nest("/api/store", api::store::router())
        .nest("/api/early-access", api::early_access::router())
+        .nest("/api/admin", api::admin::router())
        .layer(cors)
        .layer(TraceLayer::new_for_http())
        .with_state(state);
@@ -144,6 +145,15 @@ async fn bootstrap_admin(db: &sqlx::PgPool) {
        }
    };

+    // Flag as super-admin
+    if let Err(e) = sqlx::query("UPDATE users SET is_super_admin = true WHERE id = $1")
+        .bind(user_id)
+        .execute(db)
+        .await
+    {
+        tracing::error!("Failed to set super-admin flag: {e}");
+    }
+
    // Create a license for the admin
    let license_key = std::env::var("ADMIN_LICENSE_KEY")
        .unwrap_or_else(|_| format!("CORROSION-{}", services::encryption::generate_token(8).to_uppercase()));