Add Storage, Users, Secrets, Webhooks, Scheduled tasks, Audit log screens

Full management surfaces for the platform-admin tenant, mirroring the
existing Tenants pattern (DataTable + row actions + create/edit dialogs +
ConfirmDialog for destructive ops, all data-action tagged for the
command bus, useRegisterAdminContext publishing for the assistant).

- Storage (/storage): backends + credentials. Write-only secret fields,
  Validate/Activate/Deactivate/Set-default/Mark-degraded/Maintenance.
- Users (/users): tabs for Users, Invitations, Roles. Per-user View
  drawer with profile, role add/remove, API keys (one-time reveal on
  create), usage + quota.
- Secrets (/secrets): /api/v1/admin/secrets — create/rotate/rollback,
  versions dialog, enable/disable, generate-value helper.
- Webhooks (/webhooks): CRUD, pause/resume, regenerate-secret with
  one-time reveal, send test event, deliveries dialog.
- Scheduled tasks (/scheduled-tasks): cron CRUD, run-now trigger,
  enable/disable, expandable run history.
- Audit log (/activity): replaces the empty stub. Filter by severity,
  resource type, date range; click for full JSON detail.

All endpoints are hand-rolled HTTP because most aren't covered by the
generated OpenAPI typed paths yet — switch to arcadia.typed.* when the
backend wires them into OpenApiSpex.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
This commit is contained in:
jules
2026-05-01 22:50:09 +10:00
parent 45fa130951
commit a907e25a7c
19 changed files with 7439 additions and 25 deletions

View File

@@ -0,0 +1,67 @@
// Arcadia per-user API key helpers (v2 multi-key path).
//
// `POST /api/v1/users/:user_id/api_keys` returns the raw key value exactly
// once — list/show endpoints only return the prefix. Callers must surface
// the value to the user immediately on create.
import type { ArcadiaClient } from "@crema/arcadia-client"
export interface ApiKey {
id: string
key_prefix: string
description: string | null
created_at: string
last_used_at: string | null
expires_at: string | null
revoked_at: string | null
is_active: boolean
}
export interface ApiKeyCreateInput {
description?: string
expires_at?: string | null
}
export interface ApiKeyCreated {
api_key: string
key_id: string
key_prefix: string
user_id: string
description: string | null
created_at: string
expires_at: string | null
warning: string
}
export async function listUserApiKeys(
arcadia: ArcadiaClient,
userId: string,
): Promise<ApiKey[]> {
const res = await arcadia.GET<{ data: ApiKey[] }>(
`/api/v1/users/${userId}/api_keys`,
)
return res.data
}
export async function createUserApiKey(
arcadia: ArcadiaClient,
userId: string,
input: ApiKeyCreateInput,
): Promise<ApiKeyCreated> {
const res = await arcadia.POST<{ data: ApiKeyCreated }>(
`/api/v1/users/${userId}/api_keys`,
{ body: input },
)
return res.data
}
export async function revokeUserApiKey(
arcadia: ArcadiaClient,
userId: string,
keyId: string,
reason?: string,
): Promise<void> {
await arcadia.DELETE(`/api/v1/users/${userId}/api_keys/${keyId}`, {
body: reason ? { reason } : undefined,
})
}