feat(web): gate task queue + failed tasks behind admin role#130
Merged
Conversation
Move the operator-only pipeline views (Task Queue, Failed Tasks) into a dedicated Admin nav section and gate them behind a real is_admin role, enforced on both the UI and the API. Prepares for multi-user where ordinary users should neither see nor control the global queue. - models/User: add is_admin (preserved across logins, like region) - users schema + idempotent ALTER TABLE migration for is_admin - single-user default user is created as admin; require_admin dependency treats single-user mode as always-admin, requires the flag in multi-user - apply require_admin to the 8 global queue + DLQ routes (per-episode pipeline controls stay available to regular users) - frontend: isAdmin in AuthContext, conditional Admin nav section in Layout + NavigationDrawer, AdminRoute guard on /queue and /failed - tests: add is_admin to the hand-rolled user-table fixtures
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Move the operator-only pipeline views (Task Queue, Failed Tasks) into a dedicated Admin nav section and gate them behind a real is_admin role, enforced on both the UI and the API. Prepares for multi-user where ordinary users should neither see nor control the global queue.