-
Notifications
You must be signed in to change notification settings - Fork 2.5k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Admin panel init #8742
Admin panel init #8742
Conversation
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
PR Summary
This PR introduces an admin panel with user impersonation and feature flag management capabilities, along with necessary routing and state management changes.
- Added
useImpersonate
hook in/settings/admin/hooks/useImpersonate.ts
for user impersonation but missinglastVisitedView
clearing (Clear lastVisitedView when impersonating #7090) - Added feature flag management table in
/settings/admin/components/SettingsAdminFeatureFlags.tsx
without loading/error states - Added admin panel access control via
canImpersonate
flag inAppRouter.tsx
andSettingsNavigationDrawerItems.tsx
- Refactored
clearSession
inuseAuth.ts
to support both sign-out and impersonation flows - Added admin panel route with conditional rendering based on user permissions in
SettingsRoutes.tsx
11 file(s) reviewed, 12 comment(s)
Edit PR Review Bot Settings | Greptile
margin-top: ${({ theme }) => theme.spacing(0.5)}; | ||
`; | ||
|
||
const StyledTableHeaderRow = styled(Table)` |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
logic: StyledTableHeaderRow extends Table instead of TableRow, which could cause layout issues
<TableHeader>Value</TableHeader> | ||
</TableRow> | ||
</StyledTableHeaderRow> | ||
{currentWorkspace?.featureFlags?.map((flag) => ( |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
style: No handling of empty/undefined featureFlags array - should show empty state message
`; | ||
|
||
export const SettingsAdminFeatureFlags = () => { | ||
const currentWorkspace = useRecoilValue(currentWorkspaceState); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
style: No loading or error state handling when fetching currentWorkspace
<Section> | ||
<H2Title title="Feature Flags" description="Manage feature flags." /> | ||
|
||
<Table> |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
style: Table structure creates new Table component for each row instead of reusing one table with multiple rows
packages/twenty-front/src/modules/settings/admin/components/SettingsAdminImpersonateUsers.tsx
Outdated
Show resolved
Hide resolved
<TextInput | ||
value={userId} | ||
onChange={setUserId} | ||
placeholder="User ID" | ||
fullWidth | ||
disabled={isLoading} | ||
dataTestId="impersonate-input" | ||
/> |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
style: Consider adding input validation or pattern matching for valid user ID formats
setCurrentUser(user); | ||
setTokenPair(tokens); | ||
await sleep(0); | ||
window.location.href = AppPath.Index; |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
logic: setIsLoading(false) missing before redirect - loading state will remain true if navigation fails
packages/twenty-front/src/modules/settings/admin/hooks/useImpersonate.ts
Outdated
Show resolved
Hide resolved
packages/twenty-front/src/modules/settings/admin/hooks/useImpersonate.ts
Outdated
Show resolved
Hide resolved
packages/twenty-front/src/modules/settings/admin-panel/hooks/useFeatureFlagsManagement.ts
Outdated
Show resolved
Hide resolved
}); | ||
|
||
return true; | ||
} catch (err) { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Same comment as above
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
It's unclear for me in what scenario this would happen and why we would not want it displayed to the user (or sent to Sentry if it's a real program error)
packages/twenty-front/src/modules/settings/admin-panel/hooks/useImpersonate.ts
Outdated
Show resolved
Hide resolved
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Great work! I think we're very close to merging
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
PR Summary
(updates since last review)
Based on the latest changes, here's a summary of the key updates to the admin panel implementation:
Added server-side admin panel infrastructure with robust security and data management:
- Added
AdminPanelModule
,AdminPanelService
, andAdminPanelResolver
in server codebase for handling admin operations - Implemented proper authorization guards and input validation for admin operations
- Added GraphQL DTOs and entities for user lookup and feature flag management
Key points to note:
- Server-side implementation includes comprehensive permission checks through
canImpersonate
flag - Added proper error handling for invalid inputs and unauthorized access attempts
- Integrated with existing user and workspace entities using TypeORM
- Structured admin panel operations around three core functions: impersonate, userLookup, and updateWorkspaceFeatureFlags
This complements the previous frontend changes and creates a complete admin panel solution with proper security controls and data management capabilities.
38 file(s) reviewed, 38 comment(s)
Edit PR Review Bot Settings | Greptile
{isAdminPageEnabled && ( | ||
<> | ||
<Route path={SettingsPath.Admin} element={<SettingsAdmin />} /> | ||
<Route | ||
path={SettingsPath.FeatureFlags} | ||
element={<SettingsAdminFeatureFlags />} | ||
/> | ||
</> | ||
)} |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
logic: Consider adding a UserAuthGuard or similar auth wrapper around admin routes to ensure double protection against unauthorized access
...s/twenty-front/src/modules/settings/admin-panel/components/SettingsAdminImpersonateUsers.tsx
Show resolved
Hide resolved
@Field(() => String) | ||
@IsNotEmpty() | ||
featureFlag: FeatureFlagKey; |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
logic: featureFlag field is typed as String but accepts FeatureFlagKey enum - should use @field(() => FeatureFlagKey) for proper GraphQL enum type
@Field(() => Number) | ||
totalUsers: number; |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
style: consider using Int instead of Number for totalUsers count
packages/twenty-server/src/engine/core-modules/admin-panel/dtos/user-lookup.input.ts
Show resolved
Hide resolved
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Great work!
Thanks @ehconitin for your contribution! |
WIP
Related issues -
#7090
#8547
Master issue -
#4499