arifal/setrip
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
6e02f2f0d7ffa12fd519aa9ccbecb8d9b9be58eb
setrip/ADMIN_ROADMAP.md
T

4.8 KiB
Raw Blame History

Setrip — Admin Roadmap (Index)

Status implementasi kemampuan admin agar admin dapat mengontrol seluruh aplikasi saat ada insiden, bukan hanya read-only dashboard.

Prinsip: admin adalah safety net terakhir saat sistem otomatis gagal atau ada bad actor. Setiap action admin harus auditable (siapa, kapan, alasan), idempotent, dan terbatas hanya untuk admin yang terdaftar di ADMIN_EMAILS.

Baseline (yang BISA admin lakukan sekarang)

Area Fungsi File
Dashboard View count: verifikasi PENDING, refund per status, payout per status app/admin/page.tsx
Trips List + search + detail; force-cancel dengan auto-refund (admin intervention) app/admin/trips/
Users List + search + filter (active/suspended); detail dengan trip + booking history; suspend/unsuspend app/admin/users/
Bookings detail Timeline lintas Payment + Refund + Payout, raw callback viewer, Midtrans reconcile app/admin/bookings/[id]/page.tsx
Verifikasi KYC Approve / Reject / Reopen REJECTED; filter date range + reviewer app/admin/verifications/page.tsx
Refund Create manual, approve, reject, mark SUCCEEDED/FAILED; filter date/reviewer/reason; link ke booking timeline app/admin/refunds/page.tsx
Payout View per status, mark PAID; filter date/processor; link ke booking timeline app/admin/payouts/page.tsx
System Health Status cron jobs (last run, last success, 7d stats), 20 recent runs, health badge app/admin/system/page.tsx

Aksi mutating yang diblokir untuk suspended user: sign-in (NextAuth), createTripAction, joinTripAction. Trip public list otomatis sembunyikan organizer suspended.

Auth admin: env ADMIN_EMAILS → cek di lib/admin.ts, dipassing ke session via lib/auth.ts.

Roadmap per area

Roadmap Prioritas Status File
Trip Operations (search, view, cancel manual) 🔴 HIGH Delivered docs/archive/ADMIN_TRIP_OPS_ROADMAP.md
Payment Operations (booking detail, reconcile, dispute) 🔴 HIGH Delivered docs/archive/ADMIN_PAYMENT_OPS_ROADMAP.md
Audit & Investigation (search, filter, export) 🔴 HIGH 🚧 Phase 1 done · Phase 2-4 pending ADMIN_AUDIT_ROADMAP.md
User Management (search, suspend/ban) 🟡 MEDIUM Delivered docs/archive/ADMIN_USER_MGMT_ROADMAP.md
Verification (reopen, re-upload request) 🟡 MEDIUM 🚧 Phase 1 done · Phase 2-4 deferred docs/archive/ADMIN_VERIFICATION_ROADMAP.md
System Health (cron monitor, stale state alerts) 🟡 MEDIUM 🚧 Phase 1-2 done · Phase 3-4 deferred docs/archive/ADMIN_SYSTEM_HEALTH_ROADMAP.md

Legend status: belum mulai · 🚧 partial · selesai

Sisa pekerjaan

Hampir semua kapabilitas dasar admin sudah delivered. Yang tersisa hanya enhancement non-blocking:

Audit Phase 2-4 (lihat ADMIN_AUDIT_ROADMAP.md):

  • Phase 2 — Global Search (admin search bar resolve email/order_id/cuid)
  • Phase 3 — CSV Export untuk refunds/payouts/verifications
  • Phase 4 — Generic AdminActionLog model untuk audit action lintas entity

Lainnya yang di-defer (di archive masing-masing):

  • Verification: re-upload request flow, verification history, manual override
  • System Health: stale state alerts (Payment AWAITING > 25h, Payout HELD overdue), external alerting (Discord webhook)
  • User Mgmt: bulk analytics dashboard

Tindakan manual setelah deploy versi terakhir

# Apply 3 migration baru: add_trip_admin_cancel, add_user_suspension, add_cron_run
npx prisma migrate deploy

# Restart Next.js / PM2 supaya Prisma client baru ter-load
pm2 restart setrip --update-env

Brief admin tentang kapabilitas baru:

  • Force-cancel trip di /admin/trips/[id] — pakai saat organizer unreachable / dispute, reason wajib min 10 char.
  • Reconcile Midtrans di /admin/bookings/[id] — pakai saat peserta lapor "sudah bayar tapi status belum update". Idempotent.
  • Suspend user di /admin/users/[id] — pakai untuk scam/harassment. Suspended user diblokir sign-in dan aksi mutatif.
  • Reopen verification di /admin/verifications (tab REJECTED) — saat organizer kirim ulang foto via email/WA.
  • System status di /admin/system — cek setiap pagi, pastikan cron jalan (🟢 OK).
  • Filter date range + reviewer di refunds/payouts/verifications — untuk investigasi & compliance.
Reference in New Issue View Git Blame Copy Permalink