pguerrerox/leads4less
Public Access
1
0
Fork 0
Code Actions Wiki Activity

feat: introduce app-admin authorization and audit logging

Browse Source 
- add migrations for owner/member workspace roles and application admins

- centralize /admin access checks with DB-backed admin resolution

- audit admin analytics/billing route access

- update account/admin UI typing and env/docs for ADMIN_EMAILS fallback behavior
This commit is contained in:
pguerrerox
2026-05-25 15:25:59 +00:00
parent 5508e15da1
commit f5e7e966e3
14 changed files with 269 additions and 302 deletions
Download Patch File Download Diff File Expand all files Collapse all files
.env.example
+19 -4
View File
@@ -7,8 +7,8 @@ VITE_GOOGLE_MAPS_PLATFORM_KEY="YOUR_BROWSER_MAPS_KEY"
WEB_PORT="3000"
# Backend env vars
# For Docker Compose deployments, point DATABASE_URL at the internal "db" host.
# If your password contains special characters, URL-encode it in DATABASE_URL.
## For Docker Compose deployments, point DATABASE_URL at the internal "db" host.
## If your password contains special characters, URL-encode it in DATABASE_URL.
DATABASE_URL="postgres://postgres:postgres@localhost:5432/leads4less"
COOKIE_SECRET="CHANGE_ME_IN_LOCAL_ENV"
APP_HOST="0.0.0.0"
@@ -16,7 +16,22 @@ APP_PORT="4000"
APP_ORIGIN="http://localhost:3000"
SESSION_TTL_DAYS="30"
GOOGLE_MAPS_SERVER_KEY="YOUR_SERVER_MAPS_KEY"
BILLING_ADMIN_EMAILS="ops@example.com"
## Stripe integration
STRIPE_SECRET_KEY="sk_test_CHANGE_ME"
STRIPE_PUBLISHABLE_KEY="pk_test_CHANGE_ME"
STRIPE_WEBHOOK_SECRET="whsec_CHANGE_ME"
STRIPE_PRICE_STARTER_MONTHLY="price_CHANGE_ME"
STRIPE_PRICE_STARTER_ANNUAL="price_CHANGE_ME"
STRIPE_PRICE_GROWTH_MONTHLY="price_CHANGE_ME"
STRIPE_PRICE_GROWTH_ANNUAL="price_CHANGE_ME"
STRIPE_PRICE_PRO_MONTHLY="price_CHANGE_ME"
STRIPE_PRICE_PRO_ANNUAL="price_CHANGE_ME"
STRIPE_PRICE_EXPORT_PACK_10K="price_CHANGE_ME"
STRIPE_PRICE_EXPORT_PACK_50K="price_CHANGE_ME"
STRIPE_BILLING_PORTAL_CONFIGURATION_ID="bpc_CHANGE_ME"
ADMIN_EMAILS="ops@example.com"
BILLING_ADMIN_EMAILS="ops@example.com" # Deprecated fallback; use ADMIN_EMAILS
# Docker Compose database env vars
POSTGRES_DB="leads4less"
@@ -25,4 +40,4 @@ POSTGRES_PASSWORD="CHANGE_ME_IN_LOCAL_ENV"
PG_BOSS_SCHEMA="pgboss"
# Example Compose DATABASE_URL
# DATABASE_URL="postgres://postgres:CHANGE_ME_IN_LOCAL_ENV@db:5432/leads4less"
# DATABASE_URL="postgres://postgres:CHANGE_ME_IN_LOCAL_ENV@db:5432/leads4less"