Skip to content

Deactivate and reactivate admin accounts#340

Open
naman0r wants to merge 4 commits into
mainfrom
topic/319
Open

Deactivate and reactivate admin accounts#340
naman0r wants to merge 4 commits into
mainfrom
topic/319

Conversation

@naman0r

@naman0r naman0r commented Jun 30, 2026

Copy link
Copy Markdown

ℹ️ Issue

Closes #319

📝 Description

✔️ Verification

image

Provide screenshots of any new components, styling changes, or pages.

🏕️ (Optional) Future Work / Notes

Did you notice anything ugly during the course of this ticket? Any bugs, design challenges, or unexpected behavior? Write it down so we can clean it up in a future ticket!

Implements reversible admin account lifecycle, managed by admins:
- Add isActive flag to User entity (migration)
- AdminLifecycleService: deactivate (Cognito global sign-out + disable +
  isActive=false) and reactivate (Cognito enable + isActive=true), with a
  last-active-admin safeguard
- Guarded /admins endpoints: list, deactivate, reactivate (covers self and
  other admins)
- RolesGuard blocks deactivated users on every protected route immediately
- Frontend: Manage Admins page and a self-deactivate action in Settings
- Reactivated admins log in normally with their existing credentials
- Backend tests for service, controller, and guard
The jest workflow's generated .env set only AWS bucket/region/keys, so any
spec importing util/aws-exports without mocking it (the email service and
controller specs) failed at module load via checkAuthSecrets(). Add dummy
COGNITO_APP_CLIENT_ID and COGNITO_USER_POOL_ID so the full suite runs.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

Deactivate and Reactivate admin accounts (Stretch)

1 participant