Admin Management Module
Overview Description
The Admin Management Module provides a comprehensive set of features for administrators to manage the system's core components. This module enables administrators to control and monitor users, groups, announcements, and guides within the application.
The primary purpose of this module is to centralize administrative functions, allowing authorized staff to effectively manage system resources, control access permissions, and distribute important information to users.
Activity Diagram
---
config:
theme: base
layout: dagre
flowchart:
curve: linear
htmlLabels: true
themeVariables:
edgeLabelBackground: "transparent"
---
flowchart TB
%% Main components
Client[Client Application]
AuthController[AuthController]
AdminController[AdminController]
UserService(UserService)
GroupService(GroupService)
AnnouncementService(AnnouncementService)
GuideService(GuideService)
UserDB[(users)]
GroupDB[(groups)]
AnnouncementDB[(announcements)]
GuideDB[(guides)]
Client --- Step1[
<div style='text-align: center'>
<span style='display: inline-block; background-color: #6699cc !important; color:white; width: 28px; height: 28px; line-height: 28px; border-radius: 50%; font-weight: bold'>1</span>
<p style='margin-top: 8px'>Admin Login</p>
</div>
]
Step1 --> AuthController
AuthController --- Step2[
<div style='text-align: center'>
<span style='display: inline-block; background-color: #6699cc !important; color:white; width: 28px; height: 28px; line-height: 28px; border-radius: 50%; font-weight: bold'>2</span>
<p style='margin-top: 8px'>Verify Admin Access</p>
</div>
]
Step2 --> AdminController
AdminController --- Step3[
<div style='text-align: center'>
<span style='display: inline-block; background-color: #6699cc !important; color:white; width: 28px; height: 28px; line-height: 28px; border-radius: 50%; font-weight: bold'>3</span>
<p style='margin-top: 8px'>Load Dashboard</p>
</div>
]
Step3 --> Client
Client --- Step4[
<div style='text-align: center'>
<span style='display: inline-block; background-color: #6699cc !important; color:white; width: 28px; height: 28px; line-height: 28px; border-radius: 50%; font-weight: bold'>4</span>
<p style='margin-top: 8px'>Select Management</p>
</div>
]
Step4 --> AdminController
AdminController --- Step5[
<div style='text-align: center'>
<span style='display: inline-block; background-color: #6699cc !important; color:white; width: 28px; height: 28px; line-height: 28px; border-radius: 50%; font-weight: bold'>5</span>
<p style='margin-top: 8px'>Process Request</p>
</div>
]
Step5 --> UserService
Step5 --> GroupService
Step5 --> AnnouncementService
Step5 --> GuideService
UserService --- Step6[
<div style='text-align: center'>
<span style='display: inline-block; background-color: #6699cc !important; color:white; width: 28px; height: 28px; line-height: 28px; border-radius: 50%; font-weight: bold'>6</span>
<p style='margin-top: 8px'>Manage Users</p>
</div>
]
Step6 --> UserDB
GroupService --- Step7[
<div style='text-align: center'>
<span style='display: inline-block; background-color: #6699cc !important; color:white; width: 28px; height: 28px; line-height: 28px; border-radius: 50%; font-weight: bold'>7</span>
<p style='margin-top: 8px'>Manage Groups</p>
</div>
]
Step7 --> GroupDB
AnnouncementService --- Step8[
<div style='text-align: center'>
<span style='display: inline-block; background-color: #6699cc !important; color:white; width: 28px; height: 28px; line-height: 28px; border-radius: 50%; font-weight: bold'>8</span>
<p style='margin-top: 8px'>Manage Announcements</p>
</div>
]
Step8 --> AnnouncementDB
GuideService --- Step9[
<div style='text-align: center'>
<span style='display: inline-block; background-color: #6699cc !important; color:white; width: 28px; height: 28px; line-height: 28px; border-radius: 50%; font-weight: bold'>9</span>
<p style='margin-top: 8px'>Manage Guides</p>
</div>
]
Step9 --> GuideDB
%% Styling
style Client fill:#e6f3ff,stroke:#0066cc,stroke-width:2px
style AuthController fill:#e6f3ff,stroke:#0066cc,stroke-width:2px
style AdminController fill:#e6f3ff,stroke:#0066cc,stroke-width:2px
style UserService fill:#f0f8e6,stroke:#339933,stroke-width:2px
style GroupService fill:#f0f8e6,stroke:#339933,stroke-width:2px
style AnnouncementService fill:#f0f8e6,stroke:#339933,stroke-width:2px
style GuideService fill:#f0f8e6,stroke:#339933,stroke-width:2px
style UserDB fill:#ffe6cc,stroke:#ff9900,stroke-width:2px
style GroupDB fill:#ffe6cc,stroke:#ff9900,stroke-width:2px
style AnnouncementDB fill:#ffe6cc,stroke:#ff9900,stroke-width:2px
style GuideDB fill:#ffe6cc,stroke:#ff9900,stroke-width:2px
style Step1 fill:transparent,stroke:transparent,stroke-width:1px
style Step2 fill:transparent,stroke:transparent,stroke-width:1px
style Step3 fill:transparent,stroke:transparent,stroke-width:1px
style Step4 fill:transparent,stroke:transparent,stroke-width:1px
style Step5 fill:transparent,stroke:transparent,stroke-width:1px
style Step6 fill:transparent,stroke:transparent,stroke-width:1px
style Step7 fill:transparent,stroke:transparent,stroke-width:1px
style Step8 fill:transparent,stroke:transparent,stroke-width:1px
style Step9 fill:transparent,stroke:transparent,stroke-width:1px
API: Admin Management API
Case Documentation
Case 1: Admin Dashboard Access
Description
Administrator accesses the management dashboard after successful authentication.
Sequence Diagram
sequenceDiagram
participant Admin
participant API as AdminController
participant Auth as AuthService
participant UserDB as users
participant GroupDB as groups
participant AnnouncementDB as announcements
participant GuideDB as guides
Note over Admin,API: Step 1: Access Dashboard
Admin->>API: GET /api/admin/dashboard
Note over API,Auth: Step 2: Verify Access
API->>Auth: verifyAdminAccess()
Auth-->>API: Return verification result
Note over API,UserDB: Step 3: Load User Stats
API->>UserDB: getActiveUsersCount()
UserDB-->>API: Return user count
Note over API,GroupDB: Step 4: Load Group Stats
API->>GroupDB: getActiveGroupsCount()
GroupDB-->>API: Return group count
Note over API,AnnouncementDB: Step 5: Load Announcements
API->>AnnouncementDB: getRecentAnnouncements()
AnnouncementDB-->>API: Return announcements
Note over API,GuideDB: Step 6: Load Guides
API->>GuideDB: getRecentGuides()
GuideDB-->>API: Return guides
Note over API,Admin: Step 7: Return Dashboard
API-->>Admin: 200 OK with dashboard data
Steps
Step 1: Access Dashboard
- Description: Admin requests dashboard data
- Request:
GET /api/admin/dashboard - Headers:
- Authorization: Bearer token
- Validation:
- Token presence check
- Admin role verification
- Rate limiting check (60 requests/minute)
Step 2: Verify Access
- Description: Verify admin permissions
- Action:
- Check authentication token
- Verify admin role
- Validate session status
Step 3: Load User Stats
- Description: Get user statistics
- Action:
- Count active users
- Get recent user activities
- Calculate user metrics
Step 4: Load Group Stats
- Description: Get group statistics
- Action:
- Count active groups
- Get recent group activities
- Calculate group metrics
Step 5: Load Announcements
- Description: Get recent announcements
- Action:
- Fetch recent announcements
- Filter by status
- Sort by date
Step 6: Load Guides
- Description: Get recent guides
- Action:
- Fetch recent guides
- Filter by status
- Sort by date
Step 7: Return Dashboard
- Description: Send dashboard data
- Response:
- Success:
200 OKwith dashboard data - Include all statistics and recent items
- Success:
Error Handling
-
Log
- Login failures logged to application logs
- Role verification errors recorded
- (Optional) Send slack message for security events
-
Error Detail:
Status Code Error Message Description 401 "ログイン情報が正しくありません。" When user is not found in admin role 401 "認証情報と一致するレコードがありません。" When login fails 401 "問題が発生しました。申し訳ございませんが、もう一度お試しください。" When unexpected errors occur
Database Related Tables & Fields
erDiagram
users {
bigint id PK
string name "User's full name"
string email "User's email address (unique)"
string uid "Firebase UID"
int status "Account status"
boolean is_first_login "Flag indicating if user has completed first login"
string payment_provider_customer_id "Payment provider customer ID"
boolean show_free_plan_modal "Show free plan modal flag"
bigint group_id FK "Reference to groups table"
timestamp created_at
timestamp updated_at
}
groups {
bigint id PK
string name "Group name"
timestamp created_at
timestamp updated_at
}
group_members {
bigint id PK
bigint user_id FK "Reference to users table"
bigint group_id FK "Reference to groups table"
bigint group_role_id FK "Reference to group_roles table"
timestamp created_at
timestamp updated_at
}
group_roles {
bigint id PK
string name "Role name"
string slug "Role slug"
timestamp created_at
timestamp updated_at
}
admin_roles {
bigint id PK
string name "Role name"
string slug "Role slug"
timestamp created_at
timestamp updated_at
}
admin_role_user {
bigint user_id FK "Reference to users table"
bigint admin_role_id FK "Reference to admin_roles table"
timestamp created_at
timestamp updated_at
}
users ||--o{ group_members : has
groups ||--o{ group_members : has
group_roles ||--o{ group_members : has
users ||--o{ admin_role_user : has
admin_roles ||--o{ admin_role_user : has
Case 2: Resource Management
Description
Administrator manages system resources (users, groups, announcements, guides).
Sequence Diagram
sequenceDiagram
participant Admin
participant API as AdminController
participant Service as ResourceService
participant DB as Database
Admin->>API: POST /api/admin/resources (with action)
API->>Service: processResourceAction(action, data)
Service->>DB: executeAction(action, data)
DB-->>Service: Return result
Service-->>API: Return processed data
API-->>Admin: 200 OK with result
Steps
Step 1: Submit Resource Action
- Description: Admin submits resource management action
- Request:
POST /api/admin/resources - Body Parameters:
- action: Type of action (create/update/delete)
- resource_type: Type of resource
- data: Resource data
- Validation:
- Action type validation
- Resource type validation
- Data format validation
Step 2: Process Action
- Description: Process resource management action
- Action:
- Validate permissions
- Check resource existence
- Apply business rules
Step 3: Execute Action
- Description: Execute database action
- Action:
- Perform database operation
- Update related records
- Log changes
Step 4: Return Response
- Description: Send action result
- Response:
- Success:
200 OKwith result - Include updated resource data
- Success:
Additional Notes
- Rate limiting: Resource management actions are limited to 30 per minute per admin
- All changes are logged with admin ID and timestamp
- Consider implementing:
- Resource versioning
- Change history tracking
- Bulk operation support
- Resource dependency validation
- Automatic backup before major changes
Module List
| Name | Overview Link | Description |
|---|---|---|
| Auth | Authentication | Login, Logout, Representative Login, Reset password |
| User Management | User Management | Administrator interface for managing user accounts, including creation, updates, status changes, and removal |
| Group Management | Group Management | Administrative tools for managing user groups, including creation, updates, status changes, and deletion |
| Announcement Management | Announcement Management | System for creating and managing announcements, including content and image uploads |
| Guide Management | Guide Management | Features for creating and managing system guides and documentation |