# Setrip โ€” Admin Roadmap (Index) Status implementasi kemampuan admin agar admin **dapat mengontrol seluruh aplikasi saat ada insiden**, bukan hanya read-only dashboard. > **Prinsip:** admin adalah safety net terakhir saat sistem otomatis gagal atau ada bad actor. Setiap action admin harus auditable (siapa, kapan, alasan), idempotent, dan terbatas hanya untuk admin yang terdaftar di `ADMIN_EMAILS`. --- ## Baseline โ€” yang BISA admin lakukan sekarang | Area | Fungsi | File | |---|---|---| | **Dashboard** | View count: verifikasi PENDING, refund per status, payout per status | [app/admin/page.tsx](app/admin/page.tsx) | | **Global search** | Search bar di sidebar โ€” by email, order_id, cuid, fuzzy trip/user | [features/admin/components/admin-search-bar.tsx](features/admin/components/admin-search-bar.tsx) | | **Trips** | List + search + detail; force-cancel dengan auto-refund (admin intervention) | [app/admin/trips/](app/admin/trips/) | | **Users** | List + search + filter (active/suspended); detail dengan trip + booking history; suspend/unsuspend | [app/admin/users/](app/admin/users/) | | **Bookings detail** | Timeline lintas Payment + Refund + Payout, raw callback viewer, Midtrans reconcile | [app/admin/bookings/[id]/page.tsx](app/admin/bookings/[id]/page.tsx) | | **Verifikasi KYC** | Approve / Reject / Reopen REJECTED; filter date range + reviewer; CSV export | [app/admin/verifications/page.tsx](app/admin/verifications/page.tsx) | | **Refund** | Create manual, approve, reject, mark SUCCEEDED/FAILED; filter date/reviewer/reason; link ke booking timeline; CSV export | [app/admin/refunds/page.tsx](app/admin/refunds/page.tsx) | | **Payout** | View per status, mark PAID; filter date/processor; link ke booking timeline; CSV export | [app/admin/payouts/page.tsx](app/admin/payouts/page.tsx) | | **Audit Log** | View semua action admin lintas entity (refund, payout, trip cancel, suspend, dst); filter by admin/entity/action/date | [app/admin/audit-log/page.tsx](app/admin/audit-log/page.tsx) | | **System Health** | Status cron jobs (last run, last success, 7d stats), 20 recent runs, health badge | [app/admin/system/page.tsx](app/admin/system/page.tsx) | **Aksi mutating yang diblokir untuk suspended user:** sign-in (NextAuth), `createTripAction`, `joinTripAction`. Trip public list otomatis sembunyikan organizer suspended. **Audit trail otomatis:** semua aksi admin (suspend, force-cancel, reconcile, approve/reject verification/refund, mark payout PAID, reopen verification) tercatat di `AdminActionLog` via `auditLog.record()`. Auth admin: env `ADMIN_EMAILS` โ†’ cek di [lib/admin.ts](lib/admin.ts), dipassing ke session via [lib/auth.ts](lib/auth.ts). --- ## Roadmap per area | Roadmap | Prioritas | Status | File | |---|---|---|---| | Trip Operations | ๐Ÿ”ด HIGH | โœ… **Delivered** | [docs/archive/ADMIN_TRIP_OPS_ROADMAP.md](docs/archive/ADMIN_TRIP_OPS_ROADMAP.md) | | Payment Operations | ๐Ÿ”ด HIGH | โœ… **Delivered** | [docs/archive/ADMIN_PAYMENT_OPS_ROADMAP.md](docs/archive/ADMIN_PAYMENT_OPS_ROADMAP.md) | | Audit & Investigation | ๐Ÿ”ด HIGH | โœ… **Delivered** | [docs/archive/ADMIN_AUDIT_ROADMAP.md](docs/archive/ADMIN_AUDIT_ROADMAP.md) | | User Management | ๐ŸŸก MEDIUM | โœ… **Delivered** | [docs/archive/ADMIN_USER_MGMT_ROADMAP.md](docs/archive/ADMIN_USER_MGMT_ROADMAP.md) | | Verification | ๐ŸŸก MEDIUM | ๐Ÿšง Phase 1 done ยท 2-4 deferred | [docs/archive/ADMIN_VERIFICATION_ROADMAP.md](docs/archive/ADMIN_VERIFICATION_ROADMAP.md) | | System Health | ๐ŸŸก MEDIUM | ๐Ÿšง Phase 1-2 done ยท 3-4 deferred | [docs/archive/ADMIN_SYSTEM_HEALTH_ROADMAP.md](docs/archive/ADMIN_SYSTEM_HEALTH_ROADMAP.md) | **Legend status:** โณ belum mulai ยท ๐Ÿšง partial ยท โœ… selesai --- ## Sisa pekerjaan (semua deferred โ€” low priority) - **Verification Phase 2** Re-upload request flow (butuh schema + organizer-side UI) - **Verification Phase 3** Verification history (audit trail multi-submission) - **Verification Phase 4** Manual override (admin verify tanpa upload, untuk referral) - **System Health Phase 3** Stale state alerts (Payment AWAITING > 25h, Payout HELD overdue) - **System Health Phase 4** External alerting (Discord webhook) - **User Mgmt Phase 3** Bulk analytics dashboard Tidak ada yang blocking. Diangkat saat ada incident konkret atau permintaan stakeholder. --- ## Tindakan manual setelah deploy Untuk versi yang berisi delivery 6 roadmap admin: ```bash # Apply 4 migration baru npx prisma migrate deploy # - 20260518150000_add_trip_admin_cancel # - 20260518160000_add_user_suspension # - 20260518170000_add_cron_run # - 20260518180000_add_admin_action_log # Restart Next.js / PM2 supaya Prisma client baru ter-load pm2 restart setrip --update-env ``` Brief admin tentang kapabilitas baru: - **Global search** di sidebar โ€” ketik email, order_id, atau cuid; auto-detect ke detail page yang tepat. - **Force-cancel trip** di `/admin/trips/[id]` โ€” pakai saat organizer unreachable / dispute, reason wajib min 10 char. - **Reconcile Midtrans** di `/admin/bookings/[id]` โ€” pakai saat peserta lapor "sudah bayar tapi status belum update". Idempotent. - **Suspend user** di `/admin/users/[id]` โ€” pakai untuk scam/harassment. Suspended user diblokir sign-in dan aksi mutatif. - **Reopen verification** di `/admin/verifications` (tab REJECTED) โ€” saat organizer kirim ulang foto via email/WA. - **System status** di `/admin/system` โ€” cek setiap pagi, pastikan cron jalan (๐ŸŸข OK). - **Audit log** di `/admin/audit-log` โ€” bukti compliance saat audit eksternal; semua aksi admin tercatat dengan email + payload. - **CSV export** di refunds/payouts/verifications โ€” download untuk laporan keuangan/compliance. - **Filter date range + reviewer** di refunds/payouts/verifications โ€” untuk investigasi.