58b344aa31
Fixed:
- Price: €800K-€1.5M, Sunseeker added
- Agent 1: Joe Trader persona + actual sale ads research
- Ignored meilisearch binary + data/ (too large for GitHub)
- SESSION_DEBUG_BLOCKERS.md created
Ready for Session 1 launch.
🤖 Generated with Claude Code
6.2 KiB
6.2 KiB
Admin UI Implementation Plan
Overview
Based on persona analysis, implementing a progressive disclosure UI system that starts simple and reveals complexity based on user needs.
Implementation Strategy
Phase 1: Foundation (CURRENT)
1. Permission Templates System
Backend: Create pre-built role templates
Captain- Manager level, full vessel accessCrew Member- Viewer level, shift-basedMaintenance Contractor- Editor level, temporary (7 days)Inspector- Viewer level, temporary (1 day)Property Manager- Admin level, organization-wide
Files to create:
services/permission-templates.service.jsroutes/permission-templates.routes.js- Migration for templates table
2. Simple Admin Dashboard
Features:
- Quick user invitation (email → auto-assign template)
- Active permissions list
- Recent activity feed
- Mobile-responsive cards layout
Tech Stack: Vanilla JS + Tailwind CSS (lightweight, no framework overhead)
3. Mobile-First Permission Grant
Captain's Quick Access:
- Scan QR code to onboard crew
- Select template (Crew/Contractor/Inspector)
- Set duration (Shift/Day/Week/Custom)
- Send invitation
UI Components:
- Large touch targets (min 44px)
- High contrast mode for outdoor use
- Offline capability with service worker
File Structure
server/
├── services/
│ ├── permission-templates.service.js [NEW]
│ └── quick-invite.service.js [NEW]
├── routes/
│ ├── admin.routes.js [NEW]
│ └── quick-invite.routes.js [NEW]
├── db/migrations/
│ └── 009_permission_templates.sql [NEW]
└── public/admin/ [NEW]
├── index.html Simple admin dashboard
├── quick-grant.html Mobile permission grant
├── css/admin.css Tailwind + custom
└── js/
├── admin-dashboard.js
├── quick-grant.js
└── permission-visualizer.js
client/ (if separate React app exists)
├── src/
└── pages/
└── admin/ [NEW]
├── Dashboard.jsx
├── PermissionGrant.jsx
├── BulkOperations.jsx
└── Analytics.jsx
API Endpoints to Implement
Permission Templates
GET /api/admin/templates List all permission templates
POST /api/admin/templates Create custom template
GET /api/admin/templates/:id Get template details
PUT /api/admin/templates/:id Update template
DELETE /api/admin/templates/:id Delete template
Quick Invite
POST /api/admin/quick-invite Send invitation with template
GET /api/admin/invitations List pending invitations
DELETE /api/admin/invitations/:id Cancel invitation
Admin Dashboard
GET /api/admin/stats Dashboard statistics
GET /api/admin/activity Recent activity feed
GET /api/admin/users List users with permissions
POST /api/admin/users/:id/revoke-all Emergency revoke all access
Bulk Operations
POST /api/admin/bulk/grant Grant permissions to multiple users
POST /api/admin/bulk/revoke Revoke from multiple users
POST /api/admin/bulk/import CSV import
GET /api/admin/bulk/export CSV export
Database Schema
permission_templates table
CREATE TABLE permission_templates (
id TEXT PRIMARY KEY,
name TEXT NOT NULL,
description TEXT,
permission_level TEXT NOT NULL, -- viewer, editor, manager, admin
default_duration_hours INTEGER, -- NULL = permanent
is_system BOOLEAN DEFAULT 0, -- System templates can't be deleted
metadata TEXT, -- JSON: {icon, color, restrictions}
created_by TEXT,
created_at INTEGER NOT NULL,
updated_at INTEGER NOT NULL
);
invitations table
CREATE TABLE invitations (
id TEXT PRIMARY KEY,
email TEXT NOT NULL,
template_id TEXT REFERENCES permission_templates(id),
entity_id TEXT,
invited_by TEXT REFERENCES users(id),
status TEXT DEFAULT 'pending', -- pending, accepted, expired, cancelled
expires_at INTEGER NOT NULL,
accepted_at INTEGER,
created_at INTEGER NOT NULL
);
UI Modes Implementation
Auto-detect mode based on:
- Number of properties/entities (< 10 = Simple, 10-50 = Standard, 50+ = Enterprise)
- Number of users (< 20 = Simple, 20-100 = Standard, 100+ = Enterprise)
- API usage (any API calls = show Developer mode option)
Mode switching:
- Allow manual override
- Save preference per user
- Keyboard shortcut:
Ctrl/Cmd + Shift + Mto toggle modes
Success Metrics
Performance Targets:
- Page load: < 2s on 3G
- Time to interactive: < 3s
- Permission grant: < 500ms API response
- Bulk operation (100 users): < 5s
UX Targets (from persona analysis):
- Captain grants access: < 30 seconds
- Single agency setup: < 5 minutes
- Bulk onboard 20 users: < 3 minutes
- Mobile permission check: < 2 taps
Progressive Enhancement Strategy
- Core HTML - Works without JS (forms submit via POST)
- + CSS - Mobile-responsive, accessible
- + Basic JS - AJAX forms, client-side validation
- + Advanced JS - Real-time updates, drag-drop, visualizations
- + PWA - Offline support, push notifications
Security Considerations
- CSRF protection on all admin endpoints
- Rate limiting on invitation endpoints (max 10/hour per user)
- Audit logging for all permission changes
- Email verification before accepting invitations
- IP whitelisting option for enterprise users
- 2FA requirement for bulk operations (optional)
Next Steps
- ✅ Create persona requirements analysis (DONE)
- Create permission templates service
- Build simple admin dashboard
- Implement quick invite system
- Add mobile-optimized permission grant UI
- Create bulk operations panel
- Build analytics/reporting
- Add visual permission builder (Phase 4)
This plan follows the progressive disclosure principle: start simple, add complexity as needed.