Skip to main content

Admin Panel Documentation

Complete documentation for the FishingLog admin control panel API.

Table of Contents

  1. Overview
  2. Architecture
  3. Controllers
  4. Role Hierarchy
  5. Permissions
  6. AI Moderation
  7. API Endpoints
  8. Frontend Integration

Overview

The admin panel is designed with a user-centric approach, focusing on what admins need to accomplish rather than technical database operations. All endpoints require admin authentication and follow consistent patterns.

Architecture

Authorization

[AdminOnly] - Requires UserRole.Admin or UserRole.Owner [OwnerOnly] - Requires UserRole.Owner only [RequirePermission("permission-key")] - Requires specific permission

Design Principles

  1. Task-Oriented Endpoints - Named for what admins want to do
  2. Soft Deletes - Deactivate rather than delete
  3. Usage Statistics - Show how entities are used
  4. Pagination & Filtering - All list endpoints support this
  5. Helpful Error Messages - Clear, actionable errors

Controllers

Core Management

  • AdminLookupController - Manage lookup table values (enum extensions)
  • AdminBrandController - Manage fishing gear brands
  • AdminFishSpeciesController - Manage fish species and taxonomy
  • AdminUserController - Manage users, roles, subscriptions, activity timeline
  • AdminDashboardController - System overview, analytics, statistics

Content Moderation

  • AdminModerationController - Review AI-flagged content, approve/reject
  • AdminModerationSettingsController - Configure AI moderation settings
  • AdminModerationRulesController - Manage automated moderation rules
  • AdminUserBanController - Ban users, manage appeals

Financial & Compliance

  • AdminTournamentController - Approve tournaments, monitor finances
  • AdminTournamentOrganizerController - Verify organizers, manage permissions
  • AdminPaymentController - View payments, process refunds
  • AdminReportController - Handle user reports/complaints

System Management

  • AdminRegulationController - Manage state regulations, zones, seasons
  • AdminEventController - Approve events, feature content
  • AdminSystemSettingsController - Site-wide configuration
  • AdminAnnouncementController - Site-wide announcements
  • AdminEmployeeController - Manage admin/moderator employees
  • AdminAuditLogController - View audit logs

Role Hierarchy

Owner (You - Site Owner)

  • Full access to everything
  • Can manage system settings
  • Can manage employees and permissions
  • Cannot be demoted or banned
  • Use [OwnerOnly] attribute

Admin (Your Employees)

  • Can manage users, content, tournaments, events
  • Can ban users
  • Cannot modify system settings (unless granted permission)
  • Cannot manage other admins' permissions
  • Has permissions by default (unless explicitly denied)
  • Use [AdminOnly] attribute

Moderator (Content Moderators)

  • Can moderate content
  • Cannot ban users or manage system
  • Needs explicit permissions granted
  • Use [RequirePermission] attribute

Permissions

Granular permissions via AdminPermission entity:

  • moderation.approve - Approve flagged content
  • moderation.reject - Reject content
  • users.ban - Ban users
  • tournaments.approve - Approve tournaments
  • payments.refund - Process refunds
  • settings.modify - Modify system settings

AI Moderation

Complete AI-powered content moderation system:

  • ✅ Checks posts/comments before publishing
  • ✅ Extensible provider system (OpenAI, AWS, custom)
  • ✅ Admin-configurable settings
  • ✅ Pre-moderation workflow
  • ✅ Review queue
  • ✅ Cost tracking

See AI_MODERATION_SETUP.md for setup guide.

API Endpoints

Dashboard

  • GET /api/admin/dashboard/overview - System statistics
  • GET /api/admin/dashboard/analytics/user-growth - User growth charts
  • GET /api/admin/dashboard/analytics/revenue - Revenue analytics
  • GET /api/admin/dashboard/analytics/popular - Popular content

Users

  • GET /api/admin/users - List users
  • GET /api/admin/users/{id} - Get user details
  • PUT /api/admin/users/{id}/role - Change role
  • GET /api/admin/users/{id}/activity-timeline - User activity history

Moderation

  • GET /api/admin/moderation/pending - Pending review queue
  • POST /api/admin/moderation/post/{id}/approve - Approve post
  • POST /api/admin/moderation/post/{id}/reject - Reject post
  • GET /api/admin/moderation-settings - Get moderation settings
  • PUT /api/admin/moderation-settings - Update settings

Payments

  • GET /api/admin/payments - List all payments
  • GET /api/admin/payments/failed - Failed payments
  • POST /api/admin/payments/{id}/refund - Process refund

Reports

  • GET /api/admin/reports - List user reports
  • POST /api/admin/reports/{id}/resolve - Resolve report

See API_ENDPOINTS_SUMMARY.md for complete endpoint list.

Frontend Integration

The API is designed for a standalone React/Vue admin panel. See ADMIN_UI_RECOMMENDATIONS.md for frontend architecture recommendations.

Example Frontend Structure

/admin
  /dashboard          - Overview statistics
  /users              - User management
  /moderation         - Content moderation queue
  /payments           - Payment management
  /reports            - User reports
  /settings           - System settings
  /tournaments        - Tournament approvals

Next Steps

See ADMIN_NEXT_STEPS.md for prioritized feature roadmap.