feat(admin): comprehensive functionality pass across admin apps (Codex review)
- Restore admin order creation (top blocker): - New createAdminOrder server action wrapping create_order_with_items RPC with proper getAdminUser + can_manage_orders + brand scoping. - AdminOrdersPanel now supports ?new=true with working modal form (customer, stop/ship, dynamic items with fulfillment/price/qty, live total). - Fixed dashboard "New Order" and "Create your first order" links; added /admin/orders/new redirect. - Success flow: toast + redirect to list. - Product edit reliability and admin flows hardened. - Form a11y + validation foundation (cross-cutting): - AdminInput now generates stable ids, sets htmlFor, forwards required/aria-required/aria-describedby to children. - All admin forms benefit (labels programmatic, required semantics real). - Integrations: non-secret fields (email, name, phone for Resend/Twilio) no longer masked as password by default. Only isSecret fields use type=password + toggle. - Advanced/AI settings pages now expose real content (cards + links to actual config) instead of pure redirects. - Permission hardening example: water-log admin creates now enforce getAdminUser + can_manage_water_log + service key. - Systematic coverage of admin "apps": orders, products, stops, communications, wholesale, water-log, time-tracking, route-trace, settings (billing/integrations/ai/apps/etc), import, users, reports, etc. via exploration + targeted fixes. Empty states, toasts, scoping, quick actions improved. - Updated MEMORY.md with full pass summary, test instructions, and remaining items from Codex review. Non-destructive focus during pass; used dev auth for verification. Core blockers from review now addressed for testing. See session plan.md for detailed execution guide.
This commit is contained in:
@@ -1,9 +1,49 @@
|
||||
import { redirect } from "next/navigation";
|
||||
import { getAdminUser } from "@/lib/admin-permissions";
|
||||
import Link from "next/link";
|
||||
|
||||
export default async function AdvancedSettingsPage() {
|
||||
const adminUser = await getAdminUser();
|
||||
if (!adminUser) redirect("/login");
|
||||
|
||||
redirect("/admin/settings#advanced");
|
||||
}
|
||||
const isPlatform = adminUser.role === "platform_admin";
|
||||
|
||||
return (
|
||||
<main className="min-h-screen px-6 py-10" style={{ backgroundColor: "var(--admin-bg)" }}>
|
||||
<div className="mx-auto max-w-4xl">
|
||||
<div className="mb-8">
|
||||
<Link href="/admin/settings" className="text-sm text-stone-500 hover:text-stone-700">← Back to Settings</Link>
|
||||
<h1 className="mt-2 text-3xl font-bold tracking-tight text-stone-950">Advanced Settings</h1>
|
||||
<p className="mt-1 text-stone-600">Platform & AI configuration, feature flags, and integrations.</p>
|
||||
</div>
|
||||
|
||||
<div className="grid gap-4 md:grid-cols-2">
|
||||
<Link href="/admin/settings/ai" className="block rounded-2xl border bg-white p-6 hover:shadow">
|
||||
<div className="font-semibold">AI Intelligence Pack</div>
|
||||
<div className="text-sm text-stone-500 mt-1">Provider keys, model preferences, and usage for campaign writer, pricing advisor, etc.</div>
|
||||
</Link>
|
||||
<Link href="/admin/settings/integrations" className="block rounded-2xl border bg-white p-6 hover:shadow">
|
||||
<div className="font-semibold">Integrations</div>
|
||||
<div className="text-sm text-stone-500 mt-1">Resend, Twilio, Stripe, Square, and custom AI providers.</div>
|
||||
</Link>
|
||||
<Link href="/admin/settings/square-sync" className="block rounded-2xl border bg-white p-6 hover:shadow">
|
||||
<div className="font-semibold">Square Sync</div>
|
||||
<div className="text-sm text-stone-500 mt-1">Inventory & product sync configuration.</div>
|
||||
</Link>
|
||||
<Link href="/admin/settings/shipping" className="block rounded-2xl border bg-white p-6 hover:shadow">
|
||||
<div className="font-semibold">Shipping & FedEx</div>
|
||||
<div className="text-sm text-stone-500 mt-1">Rates, label creation, and settings.</div>
|
||||
</Link>
|
||||
</div>
|
||||
|
||||
{!isPlatform && (
|
||||
<p className="mt-8 text-xs text-stone-500">Some advanced options are only visible to platform administrators.</p>
|
||||
)}
|
||||
|
||||
<div className="mt-8 text-xs text-stone-400">
|
||||
These pages aggregate the real configuration surfaces. Feature flags live under Apps in the main settings.
|
||||
</div>
|
||||
</div>
|
||||
</main>
|
||||
);
|
||||
}
|
||||
|
||||
@@ -0,0 +1,6 @@
|
||||
import { redirect } from "next/navigation";
|
||||
|
||||
export default function AdminNewOrderRedirect() {
|
||||
// Preserve the "create first order" intent but route to the supported flow
|
||||
redirect("/admin/orders?new=true");
|
||||
}
|
||||
@@ -4,6 +4,7 @@ import { getAdminOrders } from "@/actions/orders";
|
||||
import AdminAccessDenied from "@/components/admin/AdminAccessDenied";
|
||||
import { PageHeader } from "@/components/admin/design-system";
|
||||
import { redirect } from "next/navigation";
|
||||
import { supabase } from "@/lib/supabase";
|
||||
|
||||
export const dynamic = "force-dynamic";
|
||||
|
||||
@@ -29,6 +30,33 @@ export default async function AdminOrdersPage() {
|
||||
)
|
||||
: orders;
|
||||
|
||||
// Fetch active products for this brand (for admin "New Order" item picker)
|
||||
let brandProducts: Array<{ id: string; name: string; price: number; type?: string | null; active?: boolean }> = [];
|
||||
try {
|
||||
let prodQuery = supabase
|
||||
.from("products")
|
||||
.select("id, name, price, type, active")
|
||||
.eq("active", true)
|
||||
.is("deleted_at", null)
|
||||
.order("name")
|
||||
.limit(200);
|
||||
|
||||
if (adminUser?.brand_id) {
|
||||
prodQuery = prodQuery.eq("brand_id", adminUser.brand_id);
|
||||
}
|
||||
|
||||
const { data: prods } = await prodQuery;
|
||||
brandProducts = (prods ?? []).map((p: any) => ({
|
||||
id: p.id,
|
||||
name: p.name,
|
||||
price: Number(p.price),
|
||||
type: p.type ?? null,
|
||||
active: p.active ?? true,
|
||||
}));
|
||||
} catch {
|
||||
// non-fatal for the orders list
|
||||
}
|
||||
|
||||
return (
|
||||
<div className="min-h-screen bg-[var(--admin-bg)]">
|
||||
<div className="px-4 sm:px-6 md:px-8 pt-4 sm:pt-6">
|
||||
@@ -51,6 +79,7 @@ export default async function AdminOrdersPage() {
|
||||
<AdminOrdersPanel
|
||||
initialOrders={brandOrders}
|
||||
initialStops={brandStops}
|
||||
initialProducts={brandProducts}
|
||||
brandId={adminUser?.brand_id ?? null}
|
||||
/>
|
||||
</div>
|
||||
|
||||
@@ -1,9 +1,27 @@
|
||||
import { redirect } from "next/navigation";
|
||||
import { getAdminUser } from "@/lib/admin-permissions";
|
||||
import Link from "next/link";
|
||||
|
||||
export default async function AISettingsPage() {
|
||||
const adminUser = await getAdminUser();
|
||||
if (!adminUser) redirect("/login");
|
||||
|
||||
redirect("/admin/settings#ai");
|
||||
return (
|
||||
<main className="min-h-screen px-6 py-10" style={{ backgroundColor: "var(--admin-bg)" }}>
|
||||
<div className="mx-auto max-w-4xl">
|
||||
<Link href="/admin/settings" className="text-sm text-stone-500 hover:text-stone-700">← Back to Settings</Link>
|
||||
<h1 className="mt-3 text-3xl font-bold tracking-tight">AI Intelligence Settings</h1>
|
||||
<p className="mt-2 text-stone-600">Configure AI providers, keys, and preferences used by campaign writer, pricing advisor, report explainer, and other tools.</p>
|
||||
|
||||
<div className="mt-8 grid gap-4 md:grid-cols-2">
|
||||
<Link href="/admin/settings/integrations" className="rounded-2xl border bg-white p-6 block hover:shadow">Manage AI Provider Keys (OpenAI, Anthropic, etc.) →</Link>
|
||||
<Link href="/admin/settings/apps" className="rounded-2xl border bg-white p-6 block hover:shadow">Enable / disable the AI Tools add-on →</Link>
|
||||
</div>
|
||||
|
||||
<div className="mt-6 text-sm text-stone-500">
|
||||
The actual AI client is wired in <code>@/actions/integrations/ai-providers</code> and used by the various <code>/api/ai/*</code> endpoints and admin tools.
|
||||
</div>
|
||||
</div>
|
||||
</main>
|
||||
);
|
||||
}
|
||||
@@ -293,7 +293,7 @@ function IntegrationCard({
|
||||
>
|
||||
<div className="relative">
|
||||
<AdminTextInput
|
||||
type={showSecrets[field.key] ? "text" : "password"}
|
||||
type={field.isSecret && !showSecrets[field.key] ? "password" : "text"}
|
||||
value={credentials[field.key] ?? ""}
|
||||
onChange={(e) => updateCredential(field.key, e.target.value)}
|
||||
placeholder={field.placeholder}
|
||||
|
||||
Reference in New Issue
Block a user