mpuchstein/tutortool
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
dcb4a92afdb6c451eba0de2637d5e9201f93600d
tutortool/conductor/superadmin-crud.md

3.6 KiB
Raw Blame History

Superadmin CRUD Implementation Plan

Objective: Implement a superadmin role to manage courses and tutors, ensuring only authorized users can perform system-wide administrative actions. This feature will be developed in an isolated git worktree.

Key Context & Decisions

  • Role Strategy: A new is_superadmin boolean column will be added to the tutors database table.
  • UI Structure: A dedicated /admin/tutors page will handle tutor management. Course management will remain on /admin/courses but will be enhanced with superadmin-only actions (e.g., assigning tutors to courses).
  • Workspace: Development will be done in .worktrees/feature-superadmin-crud.

Implementation Steps

1. Workspace Isolation via Git Worktree

  • Create a new git worktree: git worktree add .worktrees/feature-superadmin-crud -b feature-superadmin-crud
  • All subsequent steps will be performed inside this isolated workspace.

2. Database & Models

  • Create migration backend/migrations/002_add_superadmin.sql to add is_superadmin BOOLEAN NOT NULL DEFAULT 0 to the tutors table.
  • Update backend/demo/demo_seed.sql to set the default admin@tutortool.com as a superadmin (is_superadmin = 1).
  • Update backend/src/models.rs to include is_superadmin: bool in the Tutor struct.
  • Add CreateTutor and TutorResponse structs to backend/src/models.rs.

3. Auth & Core Backend

  • Modify backend/src/auth.rs to include is_superadmin: bool in TutorClaims. This allows auth guards to check permissions efficiently.
  • Update backend/src/routes/auth_routes.rs login handler to fetch is_superadmin and encode it in the JWT.
  • Add a helper function to verify superadmin access to reject unauthorized requests.

4. Tutors API

  • Create backend/src/routes/tutors.rs with endpoints:
    • GET /api/admin/tutors (list all tutors)
    • POST /api/admin/tutors (create a tutor, hashing their password)
    • DELETE /api/admin/tutors/:id (delete a tutor)
  • Merge these routes in backend/src/routes/mod.rs.

5. Course Assignments API

  • Modify backend/src/routes/courses.rs:
    • Enhance GET /api/admin/courses to return ALL courses if claims.is_superadmin is true, otherwise only return assigned courses.
    • Restrict POST /api/admin/courses to superadmins only.
    • Add POST /api/admin/courses/:id/tutors to assign a tutor to a course (superadmin only).
    • Add DELETE /api/admin/courses/:id/tutors/:tutor_id to remove a tutor from a course (superadmin only).
    • Add GET /api/admin/courses/:id/tutors to list tutors assigned to a course.

6. Frontend Auth & API Client

  • Update frontend/src/lib/types.ts to include Tutor and the new is_superadmin flag in token payload or state.
  • Add the new endpoints to frontend/src/lib/api.ts under api.admin.tutors and enhance api.admin.courses.

7. Frontend UI: Tutors Management

  • Update frontend/src/lib/components/TutorShell.svelte to conditionally render a "Tutor:innen" link in the sidebar if the user is a superadmin.
  • Create frontend/src/routes/admin/tutors/+page.svelte following the paper-bg design system. Include a list of tutors and a form to add a new tutor.

8. Frontend UI: Courses Enhancements

  • Modify frontend/src/routes/admin/courses/+page.svelte to show a "Tutor:innen zuweisen" (Assign Tutors) section for each course if the logged-in user is a superadmin.
  • Restrict the course creation form to superadmins only.

Verification & Testing

  • Run cargo test in the backend to ensure existing tests pass and new route isolation works.
  • Perform a manual end-to-end test using the make dev script in the new worktree to verify the UI.
Reference in New Issue View Git Blame Copy Permalink