malpercio.dev
WIP! A BB-style forum, on the ATmosphere!
We're still working... we'll be back soon when we have something to show off!
node
typescript
hono
htmx
atproto
docs: mark ATB-42 and ATB-43 complete in project plan
+17
docs/atproto-forum-plan.md
+17
docs/atproto-forum-plan.md
···
263
263
- ATB-30 | `apps/web/src/routes/login.tsx` — handle input form; `apps/web/src/routes/auth.tsx` — OAuth callback + session management; BaseLayout shows login/logout based on auth state
264
264
- [x] Admin panel: manage categories, view members, mod actions
265
265
- ATB-24 | Topic view mod buttons (lock/hide/ban) gated on permissions; `<dialog>` confirmation modal; `POST /mod/action` web proxy route; `getSessionWithPermissions()` for permission-aware rendering
266
+
- [x] **ATB-42: Admin panel landing page and routing infrastructure** — **Complete:** 2026-02-28
267
+
- `GET /admin` landing page with permission-gated nav cards (Members, Structure, Mod Log)
268
+
- `hasAnyAdminPermission()` gate redirects non-admins; 403 for authenticated users without any admin permission
269
+
- `canManageMembers()`, `canManageCategories()`, `canViewModLog()` helpers control which cards render
270
+
- CSS: `.admin-nav-grid`, `.admin-nav-card`, `.admin-nav-card__icon/title/description`; neobrutal card style
271
+
- Files: `apps/web/src/routes/admin.tsx`, `apps/web/public/static/css/theme.css`
272
+
- [x] **ATB-43: Admin panel member management page (`/admin/members`)** — **Complete:** 2026-02-28
273
+
- `GET /admin/members` renders full member table (handle, role badge, joined date) with `manageMembers` gate
274
+
- Role assignment controls (`<select>` + Assign button) shown only when session has `manageRoles`
275
+
- Parallel fetch: `GET /api/admin/members` + `GET /api/admin/roles` (roles skipped if no `manageRoles`)
276
+
- HTMX `outerHTML` row swap: `POST /admin/members/:did/role` proxy → AppView → updated `<tr>` fragment
277
+
- Hidden form inputs carry reconstruction data (handle, joinedAt, currentRole, currentRoleUri, rolesJson) — no extra API call on re-render
278
+
- Web-layer permission gate on POST (auth + `manageRoles`) returns `<tr>` error fragment (not redirect) for HTMX compatibility
279
+
- AppView: `GET /api/admin/roles` now includes `uri` field (`at://${did}/space.atbb.forum.role/${rkey}`)
280
+
- `canManageRoles` session helper added to `apps/web/src/lib/session.ts`
281
+
- 31 integration tests: auth guards, table render, role form visibility, HTMX success/error paths, 503/500 error display
282
+
- Files: `apps/web/src/routes/admin.tsx`, `apps/web/src/lib/session.ts`, `apps/web/public/static/css/theme.css`, `apps/appview/src/routes/admin.ts`
266
283
- [x] Basic responsive design
267
284
- ATB-32 | Mobile-first responsive breakpoints (375px/768px/1024px), CSS-only hamburger nav via `<details>`/`<summary>`, token overrides for mobile, accessibility improvements (skip link, focus-visible, ARIA attributes, semantic HTML), 404 page, visual polish (transitions, hover states), SVG favicon
268
285
- [x] Show author handles in posts