organizations: admin surface for tenant orgs

New /organizations route under Tenancy. Lists every org in the current
tenant (via GET /api/v1/admin/organizations), with per-row Manage
members and Settings dialogs.

- Members dialog: invite by email, add restricted sub-user, change role,
  transfer ownership, remove member (owner removal honors the org's
  on_owner_removal policy server-side)
- Settings dialog: edit name, status (active/frozen/pending_deletion),
  and on_owner_removal policy
- app/lib/arcadia/organizations.ts: typed client for the new endpoints
- Nav entry added under Tenancy group

Tenant admins bypass per-org membership checks via the backend's
OrganizationContext plug, so the per-org REST endpoints work for any
org in the tenant without an explicit /admin/* surface.
This commit is contained in:
jules
2026-05-15 19:50:48 +10:00
parent a74550d73f
commit a299900021
4 changed files with 1068 additions and 0 deletions

View File

@@ -29,6 +29,7 @@ import {
Gauge,
UserCheck,
Network,
Building,
ShieldCheck,
Megaphone,
AlertOctagon,
@@ -128,6 +129,7 @@ const navGroups: NavGroup[] = [
items: [
{ to: "/tenants", icon: Building2, label: "Tenants" },
{ to: "/memberships", icon: UserCheck, label: "Memberships" },
{ to: "/organizations", icon: Building, label: "Organizations" },
{ to: "/users", icon: UsersIcon, label: "Users" },
{ to: "/sso", icon: ShieldCheck, label: "SSO" },
],