Add Buckets, Monitoring, Memberships, Networking, SSO, Announcements, Status page

Full set of admin surfaces on top of /platform/* and /admin/* endpoints,
plus a migration of /assistant onto @crema/llm-providers-ui.

Buckets (/buckets):
  S3-level CRUD over /platform/buckets — list, create, delete (with the
  6-digit confirmation flow the backend enforces), per-bucket configure
  for versioning / CORS rules / policy JSON, plus an object browser
  with FileGrid/FileList from @crema/file-ui and presigned-URL reveal.
  Storage-config picker scopes the view to one credential at a time.

Monitoring (/monitoring):
  Live dashboard. Service health board derived from indirect signals
  (status-ui OverallStatus + ComponentRow). KPI tiles for sessions,
  jobs, audit. Tabs: background jobs (Donut + BarChart + retry recent),
  sessions (Sparkline of last 24h sign-ins), audit activity (BarChart
  of severity / top resource types), infrastructure (DO summary +
  WorldMapSvg coloured by droplet region + droplet list + Spaces),
  rate limits. 30s auto-refresh.

Memberships (/memberships):
  M:N glue between users and tenants over /admin/memberships. Add /
  edit / suspend / activate / remove with role multi-select.

Networking (/networking):
  Tabs over /platform/{firewalls,vpcs,domains,floating_ips}.
  Read/delete on firewalls, read on VPCs, full DNS-record CRUD, and
  inline assign/unassign for floating IPs.

SSO (/sso):
  /sso/identity-providers CRUD with PEM cert as write-only field, plus
  /sso/sessions list with destroy.

Announcements (/announcements):
  /admin/announcements CRUD. Platform-wide vs per-tenant audience,
  schedule windows, dismissible + active toggles.

Status page (/status-page):
  /admin/status-page/{components,incidents,subscribers}. Components
  CRUD, incidents with timeline + post-update + resolve flow,
  subscriber list. Public preview at the top using StatusBoard +
  IncidentTimeline from @crema/status-ui.

Assistant migration:
  /assistant now uses @crema/llm-providers-ui (provider catalog +
  vault key resolution) instead of ~/lib/llm-settings. Same async
  buildAdapter() flow used by /ai. The legacy lib file is now
  unreferenced and can be removed when ready.

New sibling libs wired (cloned from CremaUIStudio):
  lib-file-ui, lib-card-ui, lib-dashboard-ui, lib-chart-ui,
  lib-map-ui, lib-status-ui.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
This commit is contained in:
jules
2026-05-02 07:55:46 +10:00
parent 7ba415d78e
commit 0fcb9e40f1
20 changed files with 7472 additions and 28 deletions

217
app/lib/arcadia/buckets.ts Normal file
View File

@@ -0,0 +1,217 @@
// Platform-level bucket management.
// Backend: /api/v1/platform/buckets/*. All operations require a
// storage_config_id pointing at a credential row in /api/v1/storage_configs.
import type { ArcadiaClient } from "@crema/arcadia-client"
export interface Bucket {
name: string
region?: string
size_bytes?: number | null
object_count?: number | null
created_at?: string | null
/** Backend may return additional provider-specific fields. */
[key: string]: unknown
}
export interface BucketObject {
key: string
size: number
last_modified: string | null
etag: string | null
storage_class: string | null
}
export interface ListObjectsResponse {
objects: BucketObject[]
is_truncated: boolean
continuation_token: string | null
prefix: string | null
bucket_name: string
}
export interface CreateBucketInput {
storage_config_id: string
bucket_name: string
region?: string
acl?: "private" | "public-read" | string
versioning?: boolean
/** Pre-validate without creating. Default false. */
dry_run?: boolean
}
export interface DeleteBucketInput {
storage_config_id: string
bucket_name: string
/** 6-digit code from /confirmation-code. */
confirmation_code?: string
/** DANGEROUS — empty the bucket first. */
force_empty?: boolean
/** Verify a backup exists before delete. Default true. */
verify_backup?: boolean
/** Preview-only. Default true on first call so the UI can confirm. */
dry_run?: boolean
}
const BASE = "/api/v1/platform/buckets"
export async function listBuckets(
arcadia: ArcadiaClient,
storageConfigId: string,
): Promise<Bucket[]> {
const res = await arcadia.GET<{ buckets: Bucket[]; count: number }>(`${BASE}/list`, {
params: { storage_config_id: storageConfigId },
})
return res.buckets ?? []
}
export async function createBucket(
arcadia: ArcadiaClient,
input: CreateBucketInput,
): Promise<unknown> {
return arcadia.POST(`${BASE}/create`, { body: input })
}
export async function deleteBucket(
arcadia: ArcadiaClient,
input: DeleteBucketInput,
): Promise<unknown> {
return arcadia.POST(`${BASE}/delete`, { body: input })
}
export async function generateConfirmationCode(
arcadia: ArcadiaClient,
storageConfigId: string,
bucketName: string,
): Promise<{ code: string; expires_at?: string }> {
return arcadia.GET(`${BASE}/confirmation-code`, {
params: { storage_config_id: storageConfigId, bucket_name: bucketName },
})
}
export async function listRegions(
arcadia: ArcadiaClient,
storageConfigId: string,
): Promise<string[]> {
const res = await arcadia.GET<{ regions?: string[]; data?: string[] }>(`${BASE}/regions`, {
params: { storage_config_id: storageConfigId },
})
return res.regions ?? res.data ?? []
}
// --- Versioning / lifecycle / replication / policy / CORS -----------------
export async function configureVersioning(
arcadia: ArcadiaClient,
input: { storage_config_id: string; bucket_name: string; enabled: boolean; dry_run?: boolean },
): Promise<unknown> {
return arcadia.POST(`${BASE}/versioning`, { body: input })
}
export async function configureLifecycle(
arcadia: ArcadiaClient,
input: {
storage_config_id: string
bucket_name: string
rules: Array<Record<string, unknown>>
dry_run?: boolean
},
): Promise<unknown> {
return arcadia.POST(`${BASE}/lifecycle`, { body: input })
}
export async function configureReplication(
arcadia: ArcadiaClient,
input: {
storage_config_id: string
bucket_name: string
destination_bucket: string
destination_region?: string
dry_run?: boolean
},
): Promise<unknown> {
return arcadia.POST(`${BASE}/replication`, { body: input })
}
export async function configurePolicy(
arcadia: ArcadiaClient,
input: {
storage_config_id: string
bucket_name: string
policy: Record<string, unknown>
dry_run?: boolean
},
): Promise<unknown> {
return arcadia.POST(`${BASE}/policy`, { body: input })
}
export interface CorsRule {
allowed_origins: string[]
allowed_methods: string[]
allowed_headers?: string[]
expose_headers?: string[]
max_age_seconds?: number
}
export async function getCors(
arcadia: ArcadiaClient,
storageConfigId: string,
bucketName: string,
): Promise<{ rules: CorsRule[] } | null> {
return arcadia.GET(`${BASE}/cors`, {
params: { storage_config_id: storageConfigId, bucket_name: bucketName },
})
}
export async function configureCors(
arcadia: ArcadiaClient,
input: {
storage_config_id: string
bucket_name: string
rules: CorsRule[]
dry_run?: boolean
},
): Promise<unknown> {
return arcadia.POST(`${BASE}/cors`, { body: input })
}
export async function deleteCors(
arcadia: ArcadiaClient,
storageConfigId: string,
bucketName: string,
): Promise<unknown> {
return arcadia.DELETE(`${BASE}/cors`, {
params: { storage_config_id: storageConfigId, bucket_name: bucketName },
})
}
// --- Objects ---------------------------------------------------------------
export async function listObjects(
arcadia: ArcadiaClient,
params: {
storage_config_id: string
bucket_name: string
prefix?: string
max_keys?: number
continuation_token?: string
},
): Promise<ListObjectsResponse> {
return arcadia.GET<ListObjectsResponse>(`${BASE}/objects`, {
params: params as Record<string, string | number | boolean | null | undefined>,
})
}
export async function getPresignedUrl(
arcadia: ArcadiaClient,
params: {
storage_config_id: string
bucket_name: string
key: string
expires_in?: number
},
): Promise<{ url: string; expires_at?: string; expires_in?: number }> {
return arcadia.GET(`${BASE}/presigned-url`, {
params: params as Record<string, string | number | undefined>,
})
}