f3ac595d06
* MCP Server 2.0 - Updated application version from 2.23.14 to 2.24.0 in package.json. - MCP Server improved with new features - Migrated functionality from Dev Tools to MCP Server - Improved getMonitoringProvider not to crash application when misconfigured
1.3 KiB
1.3 KiB
Super Admin
Critical Security Rules
- ALWAYS use
AdminGuardto protect pages - ALWAYS validate admin status before operations
- NEVER bypass authentication or authorization
- ALWAYS audit admin operations with logging
- ALWAYS use
adminActionto wrap admin actions @packages/features/admin/src/lib/server/utils/admin-action.ts
Page Structure
import { AdminGuard } from '@kit/admin/components/admin-guard';
import { PageBody, PageHeader } from '@kit/ui/page';
async function AdminPage() {
return (
<>
<PageHeader title="Admin" />
<PageBody>{/* Content */}</PageBody>
</>
);
}
export default AdminGuard(AdminPage);
Admin Client Usage
import { isSuperAdmin } from '@kit/admin';
import { getSupabaseServerAdminClient } from '@kit/supabase/server-admin-client';
async function adminOperation() {
// CRITICAL: Validate first - admin client bypasses RLS
if (!(await isSuperAdmin(currentUser))) {
throw new Error('Unauthorized');
}
const adminClient = getSupabaseServerAdminClient();
// Safe to proceed
}
Audit Logging
const logger = await getLogger();
logger.info({
name: 'admin-audit',
action: 'delete-user',
adminId: currentUser.id,
targetId: userId,
}, 'Admin action performed');