salman/igny8
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
38bc015d96818fd9fbc032af6dca4cf206485bcb
igny8/FRONTEND_ADMIN_PAGES_COMPREHENSIVE_AUDIT.md

312 lines
21 KiB
Markdown
Raw Blame History

# FRONTEND ADMIN & SETTINGS PAGES - COMPREHENSIVE AUDIT
**Date:** December 20, 2025
**Purpose:** Document all frontend admin and settings pages, their data sources, actions, Django admin equivalents, and whether regular users need them.
---
## ADMIN PAGES (All require AdminGuard - developer/superuser only)
| Page Path | File Path | API Endpoints Called | Data Displayed | Actions Allowed | Django Admin Equivalent | Regular Users Need It? |
|-----------|-----------|---------------------|----------------|-----------------|------------------------|----------------------|
| `/admin/dashboard` | `frontend/src/pages/admin/AdminSystemDashboard.tsx` | `/v1/admin/billing/stats/` | System stats: total users, active users, credits issued, credits used. Links to all admin tools (Django admin, PgAdmin, Portainer, Gitea). | Read-only dashboard, external links to admin tools | ❌ No equivalent (custom dashboard) | ❌ NO - System-wide overview only for superusers |
| `/admin/accounts` | `frontend/src/pages/admin/AdminAllAccountsPage.tsx` | `/v1/auth/accounts/` | All accounts: name, slug, owner email, status, credit balance, plan, created date | Search, filter by status, view account details | ✅ YES - `Account` model in auth admin | ❌ NO - Cross-account data only for superusers |
| `/admin/subscriptions` | `frontend/src/pages/admin/AdminSubscriptionsPage.tsx` | `/v1/admin/subscriptions/` | All subscriptions: account name, plan, status, period dates, cancellation status | Filter by status, activate/cancel subscriptions | ✅ YES - `Subscription` model in auth admin | ❌ NO - Cross-account subscription management |
| `/admin/account-limits` | `frontend/src/pages/admin/AdminAccountLimitsPage.tsx` | None (static form) | Mock account limit settings: max sites, team members, storage, API calls, concurrent jobs, rate limits | Edit limit values (mock data - no backend) | ⚠️ PARTIAL - No dedicated model, limits stored in Plan/Account | ❌ NO - System-wide configuration |
| `/admin/billing` | `frontend/src/pages/Admin/AdminBilling.tsx` | `/v1/admin/billing/stats/`, `/v1/admin/users/`, `/v1/admin/credit-costs/`, `/v1/billing/credit-packages/` | System billing stats, all users with credits, credit cost configs, credit packages | Adjust user credits, update credit costs, view stats | ✅ YES - Multiple models: `CreditTransaction`, `CreditUsageLog`, `CreditCostConfig`, `CreditPackage` | ❌ NO - Global billing administration |
| `/admin/invoices` | `frontend/src/pages/admin/AdminAllInvoicesPage.tsx` | `/v1/admin/billing/invoices/` (via `getAdminInvoices`) | All invoices: invoice number, account name, date, amount, status | Search by invoice number, filter by status, download invoices | ✅ YES - `Invoice` model in billing admin | ❌ NO - Cross-account invoice viewing |
| `/admin/payments` | `frontend/src/pages/admin/AdminAllPaymentsPage.tsx` | `/v1/admin/billing/payments/`, `/v1/admin/billing/pending_payments/`, `/v1/admin/billing/payment_method_configs/`, `/v1/admin/users/` | All payments, pending manual payments, payment method configs (country-level), account payment methods | Filter payments, approve/reject manual payments, manage payment method configs, manage account payment methods | ✅ YES - `Payment` model, `PaymentMethodConfig`, `AccountPaymentMethod` in billing admin | ❌ NO - Cross-account payment management and approval workflow |
| `/admin/payments/approvals` | `frontend/src/pages/admin/PaymentApprovalPage.tsx` | Not read yet (needs investigation) | Pending payment approvals | Approve/reject payments | ✅ YES - `Payment` model with status field | ❌ NO - Payment approval workflow |
| `/admin/credit-packages` | `frontend/src/pages/admin/AdminCreditPackagesPage.tsx` | `/v1/admin/credit-packages/` (GET), `/v1/admin/credit-packages/` (POST/PUT/DELETE) | Credit packages: name, credits, price, discount %, description, active status, featured status, sort order | Create, edit, delete credit packages | ✅ YES - `CreditPackage` model in billing admin | ❌ NO - Defines packages available to all accounts |
| `/admin/credit-costs` | `frontend/src/pages/Admin/AdminCreditCostsPage.tsx` | `/v1/admin/credit-costs/` (GET), `/v1/admin/credit-costs/` (POST for updates) | Credit costs per operation: operation type, display name, cost, unit, description | Update credit cost for each operation | ✅ YES - `CreditCostConfig` model in billing admin | ❌ NO - System-wide pricing configuration |
| `/admin/users` | `frontend/src/pages/admin/AdminAllUsersPage.tsx` | `/v1/admin/users/` | All users: name, email, account name, role, status (active/inactive), last login, date joined | Search by email/name, filter by role, manage users | ✅ YES - `User` model in auth admin | ❌ NO - Cross-account user management |
| `/admin/roles` | `frontend/src/pages/admin/AdminRolesPermissionsPage.tsx` | None (static mock data) | Mock role data: developer, owner, admin, editor, viewer with permissions and user counts | View roles and permissions (read-only mock) | ⚠️ PARTIAL - Roles stored in User model, no separate Role model | ❌ NO - System-wide role configuration |
| `/admin/activity-logs` | `frontend/src/pages/admin/AdminActivityLogsPage.tsx` | None (mock data) | Mock activity logs: timestamp, user, account, action, resource, details, IP address | Search, filter by action type | ⚠️ PARTIAL - `SystemLog` exists but not used by this page | ❌ NO - Cross-account activity auditing |
| `/admin/settings/system` (mapped to `/admin/system-settings` in sidebar) | `frontend/src/pages/admin/AdminSystemSettingsPage.tsx` | None (mock data) | Mock system settings: site name, description, maintenance mode, registration settings, session timeout, upload limits, timezone | Edit settings (mock - no backend) | ⚠️ PARTIAL - Some settings in Django settings, no unified model | ❌ NO - System-wide configuration |
| `/admin/monitoring/health` (mapped to `/admin/system-health` in sidebar) | `frontend/src/pages/admin/AdminSystemHealthPage.tsx` | None (mock data) | Mock health checks: API server, database, background jobs, Redis cache with status and response times | View health status (refreshes every 30s) | ❌ NO - Custom monitoring page | ❌ NO - Infrastructure monitoring |
| `/admin/monitoring/api` (mapped to `/admin/api-monitor` in sidebar) | `frontend/src/pages/admin/AdminAPIMonitorPage.tsx` | None (mock data) | Mock API metrics: total requests, requests/min, avg response time, error rate, top endpoints | View API usage statistics | ❌ NO - Custom monitoring page | ❌ NO - Infrastructure monitoring |
### Admin Pages Summary:
- **Total Pages:** 16 admin pages
- **Django Admin Coverage:** 10 have equivalent models, 3 partial, 3 no equivalent
- **Regular User Need:** 0 pages (all are superuser-only)
- **Pages with Mock Data:** 5 pages (account-limits, roles, activity-logs, system-settings, both monitoring pages)
- **Pages Needing Backend Work:** Activity logs needs real API integration, system settings needs backend model
---
## SETTINGS PAGES (User-facing account settings)
| Page Path | File Path | API Endpoints Called | Data Displayed | Actions Allowed | Django Admin Equivalent | Regular Users Need It? |
|-----------|-----------|---------------------|----------------|-----------------|------------------------|----------------------|
| `/settings/status` (Master Status) | `frontend/src/pages/Settings/Status.tsx` (previously MasterStatus.tsx) | `/v1/system/status/` | System health: CPU, memory, disk usage, database status, Redis status, Celery workers, process counts, module stats | View system status (refreshes every 30s) | ⚠️ PARTIAL - `SystemStatus` model exists but page shows more than stored | ⚠️ MAYBE - Account owners might want to see their instance health |
| `/settings/api-monitor` | `frontend/src/pages/Settings/ApiMonitor.tsx` | Multiple test endpoints for validation: `/v1/system/status/`, `/v1/auth/me/`, `/v1/planner/keywords/`, `/v1/writer/tasks/`, `/v1/writer/images/content_images/`, etc. | Endpoint health checks with response times, grouped by module | Test API endpoints, validate page data population | ❌ NO - Custom monitoring tool | ⚠️ MAYBE - Developers/integrators might need it |
| `/settings/debug-status` | `frontend/src/pages/Settings/DebugStatus.tsx` | `/v1/writer/content/`, WordPress sync diagnostics (site-specific) | WordPress integration health, database schema validation, sync events, data validation | Test integration health, view sync logs, diagnose issues | ❌ NO - Custom debugging tool | ✅ YES - Account owners troubleshooting WP integration |
| `/settings/modules` | `frontend/src/pages/Settings/Modules.tsx` | `/v1/system/settings/modules/` (load), `/v1/system/settings/modules/` (update) | Module enable/disable status for planner, writer, thinker, linker, optimizer | Enable/disable modules for account | ⚠️ PARTIAL - Settings stored in account but managed differently | ✅ YES - Account owners control which modules they use |
| `/settings/ai` | `frontend/src/pages/Settings/AI.tsx` | `/v1/system/settings/ai/` | AI-specific settings (placeholder - "coming soon") | None yet | ⚠️ PARTIAL - AI prompts exist in `AIPrompt` model | ✅ YES - Account owners might want AI configuration |
| `/settings/system` | `frontend/src/pages/Settings/System.tsx` | `/v1/system/settings/system/` | System-wide settings (placeholder - "coming soon") | None yet | ⚠️ PARTIAL - Various system settings exist but not unified | ⚠️ UNCLEAR - Depends on what settings will be exposed |
| `/settings/integration` | `frontend/src/pages/Settings/Integration.tsx` | `/v1/system/settings/integrations/{id}/test/`, `/v1/system/settings/integrations/openai/`, `/v1/system/settings/integrations/runware/`, etc. | Integration configs: OpenAI (API key, model), Runware (API key), Image Generation (provider, model, settings), GSC (client ID/secret), site-specific WP integrations | Configure API integrations, test connections, manage image generation settings, configure site integrations | ✅ YES - `IntegrationSettings` model, `SiteIntegration` model in business/integration admin | ✅ YES - Account owners configure their own integrations |
### Other Settings Pages (not explicitly tested but exist in routing):
| Page Path | File Path | Purpose | Regular Users Need It? |
|-----------|-----------|---------|----------------------|
| `/settings` (General) | `frontend/src/pages/Settings/General.tsx` | General account settings | ✅ YES |
| `/settings/profile` | `frontend/src/pages/settings/ProfileSettingsPage.tsx` | User profile settings | ✅ YES |
| `/settings/users` | `frontend/src/pages/Settings/Users.tsx` | Account user management | ✅ YES - Account owners manage their team |
| `/settings/subscriptions` | `frontend/src/pages/Settings/Subscriptions.tsx` | Account subscription management | ✅ YES - Account owners manage their subscription |
| `/settings/account` | `frontend/src/pages/Settings/Account.tsx` | Account settings | ✅ YES |
| `/settings/plans` | `frontend/src/pages/Settings/Plans.tsx` | View/manage plans | ✅ YES - Account owners view available plans |
| `/settings/industries` | `frontend/src/pages/Settings/Industries.tsx` | Industry/sector management | ✅ YES - Account owners configure their industries |
| `/settings/publishing` | `frontend/src/pages/Settings/Publishing.tsx` | Publishing settings | ✅ YES - Account owners configure publishing |
| `/settings/sites` | `frontend/src/pages/Settings/Sites.tsx` | Site management settings | ✅ YES - Account owners manage their sites |
| `/settings/import-export` | `frontend/src/pages/Settings/ImportExport.tsx` | Import/export data | ✅ YES - Account owners manage their data |
### Settings Pages Summary:
- **Total Settings Pages:** ~17 pages (7 detailed + 10 other)
- **Regular Users Need:** ~13 pages (most are account-owner facing)
- **Admin-Only (via AdminGuard):** `/settings/integration` has AdminGuard wrapping it in routes
- **Monitoring/Debug Pages:** 3 pages (status, api-monitor, debug-status) - borderline admin tools
---
## HELP/TESTING PAGES
| Page Path | File Path | API Endpoints Called | Data Displayed | Actions Allowed | Regular Users Need It? |
|-----------|-----------|---------------------|----------------|-----------------|----------------------|
| `/help/function-testing` (mapped to `/admin/function-testing` in sidebar) | `frontend/src/pages/Help/FunctionTesting.tsx` | None | "Coming Soon" placeholder | None | ❌ NO - Development/testing tool |
| `/help/system-testing` (mapped to `/admin/system-testing` in sidebar) | `frontend/src/pages/Help/SystemTesting.tsx` | None | "Coming Soon" placeholder | None | ❌ NO - Development/testing tool |
---
## UI ELEMENTS PAGES (All `/ui-elements/*` routes)
These are **component showcase/documentation pages** for developers and designers. They demonstrate UI components with examples.
**Located in:** `frontend/src/pages/Settings/UiElements/`
**List of UI Element Pages:**
1. `/ui-elements/alerts` - Alerts.tsx
2. `/ui-elements/avatars` - Avatars.tsx
3. `/ui-elements/badges` - Badges.tsx
4. `/ui-elements/breadcrumb` - Breadcrumb.tsx
5. `/ui-elements/buttons` - Buttons.tsx
6. `/ui-elements/buttons-group` - ButtonsGroup.tsx
7. `/ui-elements/cards` - Cards.tsx
8. `/ui-elements/carousel` - Carousel.tsx
9. `/ui-elements/dropdowns` - Dropdowns.tsx
10. `/ui-elements/images` - Images.tsx
11. `/ui-elements/links` - Links.tsx
12. `/ui-elements/list` - List.tsx
13. `/ui-elements/modals` - Modals.tsx
14. `/ui-elements/notifications` - Notifications.tsx
15. `/ui-elements/pagination` - Pagination.tsx
16. `/ui-elements/popovers` - Popovers.tsx
17. `/ui-elements/pricing-table` - PricingTable.tsx
18. `/ui-elements/progressbar` - Progressbar.tsx
19. `/ui-elements/ribbons` - Ribbons.tsx
20. `/ui-elements/spinners` - Spinners.tsx
21. `/ui-elements/tabs` - Tabs.tsx
22. `/ui-elements/tooltips` - Tooltips.tsx
23. `/ui-elements/videos` - Videos.tsx
**Total:** 23 UI element showcase pages
**Purpose:** Design system documentation and component testing
**Regular Users Need:** ❌ NO - These are for developers/designers only
**Recommendation:** Should be behind a feature flag or removed from production builds
---
## DJANGO ADMIN COVERAGE ANALYSIS
### Models in Django Admin (from backend admin.py files):
#### Auth Module:
-`Plan` - Plans admin
-`Account` - Account admin with history
-`Subscription` - Subscription admin
-`PasswordResetToken` - Password reset admin
-`Site` - Site admin
-`Sector` - Sector admin
-`SiteUserAccess` - Site access admin
-`Industry` - Industry admin
-`IndustrySector` - Industry sector admin
-`SeedKeyword` - Seed keyword admin
-`User` - User admin with account filtering
#### Billing Module:
-`CreditTransaction` - Credit transaction logs
-`CreditUsageLog` - Usage logs
-`Invoice` - Invoice admin
-`Payment` - Payment admin with history and approval workflow
-`CreditPackage` - Credit package admin
-`PaymentMethodConfig` - Payment method config admin
-`AccountPaymentMethod` - Account-specific payment methods
-`CreditCostConfig` - Credit cost configuration with history
-`PlanLimitUsage` - Plan limit usage tracking
-`BillingConfiguration` - Billing configuration
#### System Module:
-`SystemLog` - System logging
-`SystemStatus` - System status
-`AIPrompt` - AI prompt management
-`IntegrationSettings` - Integration settings
-`AuthorProfile` - Author profiles
-`Strategy` - Content strategies
#### Planner Module:
-`Clusters` - Keyword clusters
-`Keywords` - Keywords
-`ContentIdeas` - Content ideas
#### Writer Module:
-`Tasks` - Writing tasks
-`Images` - Images
-`Content` - Content with extensive filtering
-`ContentTaxonomy` - Taxonomies (categories/tags)
-`ContentAttribute` - Content attributes
-`ContentTaxonomyRelation` - Taxonomy relationships
-`ContentClusterMap` - Cluster mappings
#### Business Modules:
-`OptimizationTask` - SEO optimization tasks
-`SiteIntegration` - Site integrations (WordPress)
-`SyncEvent` - Sync event logs
-`PublishingRecord` - Publishing records
-`DeploymentRecord` - Deployment records
-`AutomationConfig` - Automation configuration
-`AutomationRun` - Automation run logs
#### AI Module:
-`AITaskLog` - AI task logging
#### Celery:
-`TaskResult` - Celery task results
-`GroupResult` - Celery group results
**Total Django Admin Models: 40+ models**
### Frontend Pages WITHOUT Django Admin Equivalent:
1. ❌ Admin Dashboard (`/admin/dashboard`) - Custom dashboard
2. ❌ System Health Monitoring (`/admin/monitoring/health`) - Custom monitoring
3. ❌ API Monitor (`/admin/monitoring/api`) - Custom monitoring
4. ⚠️ Account Limits (`/admin/account-limits`) - Logic exists but no unified model
5. ⚠️ Roles & Permissions (`/admin/roles`) - Logic in User model but no separate Role model
6. ⚠️ System Settings (`/admin/settings/system`) - Various settings but no unified model
---
## KEY FINDINGS & RECOMMENDATIONS
### 1. **Pages That Should NOT Be User-Accessible** ❌
These are correctly behind AdminGuard but listed for clarity:
- All `/admin/*` pages (16 pages)
- `/help/function-testing` and `/help/system-testing` (2 pages)
- All `/ui-elements/*` pages (23 pages)
**Total: 41 pages that are admin/developer-only**
### 2. **Settings Pages Regular Users NEED** ✅
- `/settings/modules` - Control which modules are enabled
- `/settings/integration` - Configure API integrations (OpenAI, Runware, etc.)
- `/settings/debug-status` - Troubleshoot WordPress integration
- All other standard settings (profile, users, account, sites, etc.)
**Total: ~13 user-facing settings pages**
### 3. **Borderline Pages** ⚠️
These might be useful for power users but could overwhelm regular users:
- `/settings/status` - System health monitoring
- `/settings/api-monitor` - API endpoint testing
**Recommendation:** Consider adding a "Developer Mode" toggle or role-based visibility
### 4. **Pages Using Mock Data** 🚧
These need backend implementation:
- `/admin/account-limits` - Needs Account/Plan limit model
- `/admin/roles` - Needs proper Role/Permission model or use existing User roles
- `/admin/activity-logs` - Needs to connect to `SystemLog` model
- `/admin/system-settings` - Needs unified SystemSettings model
- Both monitoring pages - Need real metrics collection
### 5. **Pages with Incomplete Features** 📝
- `/settings/ai` - Placeholder "coming soon"
- `/settings/system` - Placeholder "coming soon"
- `/help/function-testing` - Placeholder "coming soon"
- `/help/system-testing` - Placeholder "coming soon"
### 6. **Django Admin Coverage** ✅
- **Excellent coverage** for core business models (40+ models)
- All major data entities have admin interfaces
- Many use ImportExportMixin for data management
- Historical tracking enabled for critical models (Account, Payment, etc.)
### 7. **Duplicate Functionality** 🔄
Some admin pages duplicate Django admin functionality:
- Account management
- User management
- Payment management
- Credit package management
- Subscription management
**Consideration:** Could consolidate some admin operations to Django admin only, keep frontend for dashboard/overview purposes.
---
## ROUTING PROTECTION SUMMARY
### AdminGuard Routes (Superuser Only):
```typescript
// All /admin/* routes are NOT wrapped in AdminGuard in App.tsx
// They should be accessible by checking user.is_superuser in components
// Current: No route-level protection
```
### Protected Routes (Authenticated Users):
```typescript
// All routes inside <AppLayout /> require ProtectedRoute
// This includes both /settings/* and /admin/* routes
```
### Current Issue:
**CRITICAL:** Admin routes (`/admin/*`) are NOT wrapped in `<AdminGuard>` at the route level in App.tsx. Only `/settings/integration` has AdminGuard wrapping. Individual pages might check permissions, but this should be enforced at routing level.
**Recommendation:** Wrap all `/admin/*` routes in `<AdminGuard>` component in App.tsx to prevent unauthorized access at routing level.
---
## CONCLUSION
### Summary Statistics:
- **Total Pages Audited:** ~58 pages
- 16 admin pages
- 17 settings pages
- 2 help/testing pages
- 23 UI element pages
- **Django Admin Models:** 40+ models with comprehensive coverage
- **Pages Needing Backend Work:** 5 pages (mostly using mock data)
- **Pages Regular Users Need:** ~13 settings pages
- **Pages That Should Be Admin-Only:** 41 pages
### Priority Actions:
1.**High Priority:** Add route-level AdminGuard protection to all `/admin/*` routes
2. 🚧 **Medium Priority:** Implement backend for mock data pages (account-limits, activity-logs, system-settings)
3. 📝 **Low Priority:** Complete placeholder pages (AI settings, system settings, testing pages)
4. 🔄 **Consider:** Add developer mode toggle for borderline monitoring pages
5. 🎨 **Optional:** Feature-flag or remove UI elements showcase pages from production
### Architecture Strength:
✅ Strong Django admin foundation with 40+ models
✅ Clear separation between admin and user-facing features
✅ Comprehensive API coverage for most operations
⚠️ Route-level protection needs improvement
🚧 Some features still using mock data
---
**End of Comprehensive Audit**
Reference in New Issue View Git Blame Copy Permalink