---
# quotesdb-ooyx
title: 'quotesdb/api: admin moderation endpoints (list reports, delete/hide from report)'
status: completed
type: feature
priority: normal
created_at: 2026-03-10T23:32:08Z
updated_at: 2026-03-10T23:32:15Z
blocked_by:
    - quotesdb-ysah
    - quotesdb-i37j
---

## Summary
Add admin endpoints for viewing and acting on reported quotes.

## Endpoints
GET /api/admin/reports?page=N
- Returns paginated list of reported quotes (10/page)
- Each entry: quote summary + report count + most recent report date
- Requires X-Admin-Auth-Code header (admin auth)
- Returns 403 on auth mismatch

GET /api/admin/reports/:quote_id
- Returns the full quote + all reports for that quote (id, reason, created_at)
- Requires X-Admin-Auth-Code header

DELETE /api/admin/reports/:quote_id/quote
- Deletes the quote (cascades to reports via FK)
- Requires X-Admin-Auth-Code header

POST /api/admin/reports/:quote_id/hide
- Sets hidden=1 on the quote
- Requires X-Admin-Auth-Code header

DELETE /api/admin/reports/:quote_id/reports
- Clears all reports for a quote (dismiss reports without acting on the quote)
- Requires X-Admin-Auth-Code header

## Notes
- Admin auth is validated against the admin_auth_code in the DB (same as existing admin endpoints)
- Depends on: 8a7fba (hidden flag), 77237f (reports table)

## Acceptance Criteria
- [ ] All endpoints return correct data
- [ ] All endpoints require and validate admin auth
- [ ] Pagination works for GET /api/admin/reports
- [ ] Delete cascades correctly
- [ ] Unit tests for each endpoint

## Validation
```sh
cargo fmt && cargo check && cargo clippy && cargo test
```