You cannot select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
1.5 KiB
1.5 KiB
+++ title = "quotesdb/api: admin moderation endpoints (list reports, delete/hide from report)" priority = 5 status = "todo" ticket_type = "feature" dependencies = ["8a7fba", "77237f"] +++
Summary
Add admin endpoints for viewing and acting on reported quotes.
Endpoints
GET /api/admin/reports?page=N
- Returns paginated list of reported quotes (10/page)
- Each entry: quote summary + report count + most recent report date
- Requires X-Admin-Auth-Code header (admin auth)
- Returns 403 on auth mismatch
GET /api/admin/reports/:quote_id
- Returns the full quote + all reports for that quote (id, reason, created_at)
- Requires X-Admin-Auth-Code header
DELETE /api/admin/reports/:quote_id/quote
- Deletes the quote (cascades to reports via FK)
- Requires X-Admin-Auth-Code header
POST /api/admin/reports/:quote_id/hide
- Sets hidden=1 on the quote
- Requires X-Admin-Auth-Code header
DELETE /api/admin/reports/:quote_id/reports
- Clears all reports for a quote (dismiss reports without acting on the quote)
- Requires X-Admin-Auth-Code header
Notes
- Admin auth is validated against the admin_auth_code in the DB (same as existing admin endpoints)
- Depends on: 8a7fba (hidden flag), 77237f (reports table)
Acceptance Criteria
- All endpoints return correct data
- All endpoints require and validate admin auth
- Pagination works for GET /api/admin/reports
- Delete cascades correctly
- Unit tests for each endpoint
Validation
cargo fmt && cargo check && cargo clippy && cargo test