refactor(kol-admin): move subscription admin endpoints from tenant-api to ops-api
Approving / manually binding / revoking KOL subscriptions belonged to the operations console, not the tenant-admin role on tenant-api. Add a fresh KolSubscriptionService + repository + handlers under the ops module with its own list/manual-bind/approve/revoke routes, wire a Redis-backed cache into ops-api so admin actions can invalidate tenant prompt caches, and delete the tenant-side admin service/handler now that ops-web owns the UI. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
This commit is contained in:
@@ -1,116 +0,0 @@
|
||||
package transport
|
||||
|
||||
import (
|
||||
"time"
|
||||
|
||||
"github.com/gin-gonic/gin"
|
||||
|
||||
"github.com/geo-platform/tenant-api/internal/bootstrap"
|
||||
"github.com/geo-platform/tenant-api/internal/shared/auth"
|
||||
"github.com/geo-platform/tenant-api/internal/shared/response"
|
||||
"github.com/geo-platform/tenant-api/internal/tenant/app"
|
||||
)
|
||||
|
||||
var errTenantAdminRequired = response.ErrForbidden(40371, "tenant_admin_required", "tenant admin role is required")
|
||||
|
||||
type KolAdminHandler struct {
|
||||
svc *app.KolSubscriptionAdminService
|
||||
}
|
||||
|
||||
type approveKolSubscriptionRequest struct {
|
||||
EndAt *time.Time `json:"end_at"`
|
||||
}
|
||||
|
||||
func NewKolAdminHandler(a *bootstrap.App) *KolAdminHandler {
|
||||
return &KolAdminHandler{
|
||||
svc: app.NewKolSubscriptionAdminService(
|
||||
a.DB,
|
||||
a.AuditLogs,
|
||||
a.KolMarketplace,
|
||||
a.KolSubscriptions,
|
||||
a.KolPrompts,
|
||||
).WithCache(a.Cache),
|
||||
}
|
||||
}
|
||||
|
||||
func (h *KolAdminHandler) ApproveSubscription(c *gin.Context) {
|
||||
id, ok := parseInt64Param(c, "id", "subscription id")
|
||||
if !ok {
|
||||
return
|
||||
}
|
||||
|
||||
actor, ok := requireTenantAdmin(c)
|
||||
if !ok {
|
||||
return
|
||||
}
|
||||
|
||||
var req approveKolSubscriptionRequest
|
||||
if c.Request.ContentLength > 0 {
|
||||
if err := c.ShouldBindJSON(&req); err != nil {
|
||||
response.Error(c, response.ErrBadRequest(40001, "invalid_params", err.Error()))
|
||||
return
|
||||
}
|
||||
}
|
||||
|
||||
data, err := h.svc.Approve(c.Request.Context(), id, req.EndAt, actor.UserID)
|
||||
if err != nil {
|
||||
response.Error(c, err)
|
||||
return
|
||||
}
|
||||
|
||||
response.Success(c, data)
|
||||
}
|
||||
|
||||
func (h *KolAdminHandler) ManualBind(c *gin.Context) {
|
||||
actor, ok := requireTenantAdmin(c)
|
||||
if !ok {
|
||||
return
|
||||
}
|
||||
|
||||
var req app.ManualBindKolSubscriptionInput
|
||||
if err := c.ShouldBindJSON(&req); err != nil {
|
||||
response.Error(c, response.ErrBadRequest(40001, "invalid_params", err.Error()))
|
||||
return
|
||||
}
|
||||
|
||||
data, err := h.svc.ManualBind(c.Request.Context(), req, actor.UserID)
|
||||
if err != nil {
|
||||
response.Error(c, err)
|
||||
return
|
||||
}
|
||||
|
||||
response.Success(c, data)
|
||||
}
|
||||
|
||||
func (h *KolAdminHandler) RevokeSubscription(c *gin.Context) {
|
||||
id, ok := parseInt64Param(c, "id", "subscription id")
|
||||
if !ok {
|
||||
return
|
||||
}
|
||||
|
||||
actor, ok := requireTenantAdmin(c)
|
||||
if !ok {
|
||||
return
|
||||
}
|
||||
|
||||
if err := h.svc.Revoke(c.Request.Context(), id, actor.UserID); err != nil {
|
||||
response.Error(c, err)
|
||||
return
|
||||
}
|
||||
|
||||
response.Success(c, gin.H{"ok": true})
|
||||
}
|
||||
|
||||
// V1 compromise: these admin endpoints live on tenant-api until a dedicated
|
||||
// platform-api/module exists. The temporary gate is tenant_role=tenant_admin.
|
||||
func requireTenantAdmin(c *gin.Context) (auth.Actor, bool) {
|
||||
actor, ok := actorFromRequest(c)
|
||||
if !ok {
|
||||
return auth.Actor{}, false
|
||||
}
|
||||
if actor.Role != "tenant_admin" {
|
||||
response.Error(c, errTenantAdminRequired)
|
||||
return auth.Actor{}, false
|
||||
}
|
||||
return actor, true
|
||||
}
|
||||
Reference in New Issue
Block a user