feat(auth): center-scoped single admin + GET /admin-email + cli #1
Reference in New Issue
Block a user
Delete Branch "feat/admin-user"
Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?
Triage channels need to deliver every message to a single Center-scoped admin observer. Adds
users.isAdmincolumn (synchronize:true auto-apply), Center cli (user set-admin/clear-admin/show-admin), andGET /auth/admin-email(api-key auth, returns{email,userId}or literalnull).set-adminuses a transaction filter onisAdmin=true(TypeORM rejects empty-where) to enforce at-most-one-admin.Sim-verified end-to-end: cli set-admin → admin row updated → guild fetch returns correct shape.
🤖 Generated with Claude Code
Triage channels in Guilds need to deliver every message to a single "observer" admin user across the whole Center deployment (regardless of on-duty / mention). This adds the data + auth surface for that. ## Schema `users.isAdmin TINYINT DEFAULT 0` (synchronize:true auto-applies; cli `user set-admin` enforces at-most-one in a transaction). ## CLI (subject `user`) - `set-admin --email <e>` — clears every other admin row first, then marks the target. Returns `{admin: {email, userId}}` - `clear-admin` — unsets all (returns `{cleared: N}`) - `show-admin` — prints `{admin: {email, userId}}` or `{admin: null}` ## HTTP `GET /auth/admin-email` (NOT @Public — requires a guild-node api key via the existing CenterApiKeyGuard). Returns: - `{email: "...", userId: "..."}` if an admin exists - `null` (literal JSON) if no admin Guild backends cache the result (1 day TTL per spec; with cli refresh override on guild side). 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>