eerrrrrr

2025-11-27 23:42:17 +00:00
parent 054e970df9
commit 1c98a634c3
50 changed files with 1666 additions and 593 deletions
--- a/docs/01-setup.md
+++ b/docs/01-setup.md
@@ -21,12 +21,23 @@ docker compose exec php php bin/console doctrine:migrations:migrate --no-interac
 docker compose exec php php bin/console app:promote-admin you@example.com
 ```

+## Moderator (optional)
+```bash
+docker compose exec php php bin/console app:promote-moderator mod@example.com
+```
+
 ## Spotify credentials
- Prefer admin UI: open `/admin/settings` and enter Client ID/Secret.
+- Prefer admin UI: open `/admin/settings` and enter Client ID/Secret. (Stored in DB)
 - Fallback to env vars:
 ```bash
 export SPOTIFY_CLIENT_ID=your_client_id
 export SPOTIFY_CLIENT_SECRET=your_client_secret
 ```

+## Optional feature flags
+- Disable public registration by setting an env variable before starting Symfony:
+```bash
+export APP_ALLOW_REGISTRATION=0 # set to 1 (default) to re-enable
+```
+

--- a/docs/02-features.md
+++ b/docs/02-features.md
@@ -5,8 +5,10 @@
 - Review rating slider (1–10) with live badge
 - Per-album aggregates: average rating and total review count
 - Auth modal (Login/Sign up) with remember-me cookie
- Role-based access (author vs admin)
+- Role-based access (user, moderator, admin) with protected admin routes
 - Admin Site Settings to manage Spotify credentials
+- Moderator/Admin dashboard with latest activity snapshots
+- User management table (create/delete accounts, promote/demote moderators)
 - User Dashboard for profile changes (email, display name, password)
 - Light/Dark theme toggle (cookie-backed)
 - Bootstrap UI
--- a/docs/03-auth-and-users.md
+++ b/docs/03-auth-and-users.md
@@ -7,10 +7,24 @@

 ## Roles
 - `ROLE_USER`: default for registered users.
- `ROLE_ADMIN`: promoted via console `app:promote-admin`.
+- `ROLE_MODERATOR`: promoted via console `app:promote-moderator`, or via webUI; can manage users and all reviews/albums but not site settings.
+- `ROLE_ADMIN`: promoted via console `app:promote-admin`; includes moderator abilities plus site settings access.
+
+### Access flow
+- Visiting `/admin/dashboard`, `/admin/users`, or `/admin/settings` while unauthenticated forces a redirect through `/login`, which re-opens the modal automatically.
+- Moderators inherit all `ROLE_USER` permissions; admins inherit both moderator and user permissions via the role hierarchy.
+- Admin-only actions (site settings, moderator toggling, deleting other admins) are additionally guarded in controllers/templates to avoid accidental misuse.
+
+### User management UI
+- `/admin/users` (moderator+) lists every account along with album/review counts.
+ - Moderators can create new accounts (without affecting their own login session.. ).
+- Delete buttons are disabled (with tooltip hints) for protected rows such as the current user or any admin.
+- Admins see a Promote/Demote toggle: promoting grants `ROLE_MODERATOR`; demoting removes that role unless the target is an admin (admins always outrank moderators).
+- Admins can disable public registration from `/admin/settings`; when disabled, the “Sign up” button in the auth modal is replaced with a tooltip explaining that registration is closed, but `/admin/users` remains fully functional.
+- Registration can also be enforced via `APP_ALLOW_REGISTRATION=0/1` in the environment; the DB setting syncs on each Symfony boot, so flips take effect after the next restart.

 ## Password changes
- On `/dashboard`, users can change email/display name.
+- On `/profile`, users can change email/display name.
 - To set a new password, the current password must be provided.

 ## Logout
--- a/docs/04-spotify-integration.md
+++ b/docs/04-spotify-integration.md
@@ -9,7 +9,6 @@
  - Client Credentials token fetch (cached)
  - `searchAlbums(q, limit)`
  - `getAlbum(id)` and `getAlbums([ids])`
-  - Centralized request pipeline: throttling, 429 backoff, response caching

 ## Advanced search
 - The search page builds Spotify fielded queries:
--- a/docs/05-reviews-and-albums.md
+++ b/docs/05-reviews-and-albums.md
@@ -8,7 +8,7 @@
 ## Permissions
 - Anyone can view.
 - Authors can edit/delete their own reviews.
- Admins can edit/delete any review.
+- Moderators and admins can edit/delete any review or user-created album.

 ## UI
 - Rating uses a slider (1–10) with ticks; badge shows current value.
--- a/docs/06-admin-and-settings.md
+++ b/docs/06-admin-and-settings.md
@@ -1,14 +1,42 @@
 # Admin & Settings

+## Access control
+- All `/admin/*` pages require authentication; unauthorized visitors get redirected through `/login`, which opens the auth modal automatically.
+- `ROLE_MODERATOR` grants dashboard + user list access.
+- `ROLE_ADMIN` adds settings access and moderator promotion/demotion abilities.
+
+## Site dashboard (ROLE_MODERATOR)
+- URL: `/admin/dashboard`
+- Shows total counts plus the most recent reviews and albums so staff can moderate activity quickly.
+
+## User management (ROLE_MODERATOR)
+- URL: `/admin/users`
+- Table columns:
+  - Name/email/roles + album/review counts (queried via aggregates).
+  - Action buttons always render; disabled buttons show tooltips describing why (e.g., "Administrators cannot be deleted").
+- Moderators:
+  - Create new accounts via the inline form without logging themselves out.
+  - Delete standard users or other moderators (except themselves).
+- Admins:
+  - Toggle moderator role (Promote/Demote) for non-admin accounts.
+  - Cannot delete or demote other admins—admin privileges supersede moderator status.
+
 ## Site settings (ROLE_ADMIN)
 - URL: `/admin/settings`
- Manage Spotify credentials stored in DB.
+- Form persists Spotify Client ID/Secret in the DB (no restart needed).
+- Toggle “Allow self-service registration” to pause public sign-ups while keeping `/admin/users` creation available to staff.
+- The setting syncs with the `APP_ALLOW_REGISTRATION` environment variable each time Symfony boots (change the env value and restart to enforce). UI changes persist while the process runs.
+- CSRF + role guards prevent unauthorized updates.

 ## User management
 - Promote an admin:
 ```bash
 docker compose exec php php bin/console app:promote-admin user@example.com
 ```
+- Promote a moderator:
+```bash
+docker compose exec php php bin/console app:promote-moderator user@example.com
+```

 ## Appearance
 - `/settings` provides a dark/light mode toggle.
--- a/docs/07-rate-limits-and-caching.md
+++ b/docs/07-rate-limits-and-caching.md
@@ -1,23 +0,0 @@
-# Rate Limits & Caching
-
-## Throttling
- Requests are throttled per window (default 30s) to avoid bursts.
- Separate caps for sensitive endpoints.
- Configure via env:
-```bash
-SPOTIFY_RATE_WINDOW_SECONDS=30
-SPOTIFY_RATE_MAX_REQUESTS=50
-SPOTIFY_RATE_MAX_REQUESTS_SENSITIVE=20
-```
-
-## 429 handling
- If Spotify returns 429, respects `Retry-After` and retries (up to 3 attempts).
-
-## Response caching
- GET responses cached: search ~10 minutes, album ~1 hour.
- Token responses are cached separately.
-
-## Batching
- `getAlbums([ids])` provided for batch lookups.
-
-
--- a/docs/07-troubleshooting.md
+++ b/docs/07-troubleshooting.md
@@ -13,7 +13,8 @@
 ## Login modal shows blank
 - Make sure Bootstrap JS loads before the modal script (handled in `base.html.twig`).

-## Rate limits / 429
- Client backs off using `Retry-After`. Reduce concurrent requests; increase window env vars if needed.
-
+## Hitting admin routes redirects to home
+- Expected when not logged in or lacking the required role.
+- Ensure your user has `ROLE_MODERATOR` for `/admin/dashboard` or `/admin/users`, and `ROLE_ADMIN` for `/admin/settings`.
+- Use the console commands in `06-admin-and-settings.md` to grant roles.