Skip to main content

Teetime Admin Portal

The admin portal (teetime-admin) lets course staff manage clubs, tee sheets and players, and view basic reports. It is a Vite + React SPA that consumes the Tee Time backend and shared services via workspace linking.

URL & Auth

  • FQDN: https://teetime-admin.uat.digiwedge.com
  • Audience: tokens are issued with aud=teetime-admin.
  • CSRF & cookies: Web clients fetch GET /api/auth/csrf (IDP) through the Vite proxy to set XSRF-TOKEN, then post login/refresh/logout with withCredentials: true and the X-XSRF-Token header. Refresh supports cookie‑only sessions (no refresh token in Web Storage).

Health & Diagnostics

Open the Admin Health page at /health for quick, non‑destructive checks:

  • Core Probes

    • Uses a shared panel to probe key endpoints with friendly badges and timings.
    • Probes: Identity Provider (/api/health or /.well-known/openid-configuration), Tee Time API (/api/health/{readiness|ready|liveness}), and Messaging API.
    • Auto‑refresh controls, open/copy base and endpoint links.

  • IDP Direct Login (Diagnostics)

    • Posts to POST /api/auth/login (IDP) with credentials: 'include' and X-XSRF-Token when present; has a one‑click “Ensure CSRF cookie” helper (GET /api/auth/csrf via the proxy).
    • On success, applies tokens to the app store for further checks.

  • App Login Flow (Diagnostics)

    • Uses the app’s configured IDP client (axios + interceptors) to run the normal login and refresh flows, including cookie‑backed refresh.

  • Route Access Diagnostics

    • Tenant‑scoped capability check for navigation routes.
    • Admin roles (e.g., platform.superadmin, SYSTEM_ADMIN, OWNER, or any *.admin) show “Allowed (bypass)”. Other roles are evaluated via Access Control capabilities.
    • Dev/Test: set VITE_ACCESS_CONTROL_BASE_URL so the panel can call POST /api/capabilities/can with Authorization: Bearer and x-tenant-id.
    • The tenant is taken from the token’s tenantIds claim (first ID by default).

Auto‑deploy

The Argo CD Application lives at kubernetes/teetime/admin/teetime-admin-argo.yaml with Argo Image Updater annotations (digest strategy + Git write‑back). Pushing registry.digiwedge.com/digiwedge/teetime-admin:latest triggers an automatic rollout.

See this section’s full guide in the docs site (this page) and related backend notes in libs/tee-time-services/README.md.

Environment variables (dev)

Set these in your dev shell or via .env.local when using the Vite dev server:

  • VITE_IDP_BASE_URL — Identity Provider base (e.g., https://idp.uat.digiwedge.com)
  • VITE_IDP_DEV_ORIGIN — Local IDP origin for /api/auth/* proxying (defaults http://localhost:4001)
  • VITE_TEE_TIME_BASE_URL — Tee Time API base; enables dev proxy
  • VITE_MESSAGING_BASE_URL — Messaging API base (optional)
  • VITE_ACCESS_CONTROL_BASE_URL — Access Control API base (capability checks)

Reports dashboard

  • Access via /reports after authentication.
  • Summary cards surface:
    • Total clubs and tee-sheet adoption.
    • Clubs connected to the visitor-booking bridge.
    • Average tee-sheet utilisation for the selected window.
    • Booking volume and revenue across 7-day and 30-day periods.
  • The daily breakdown table tracks bookings, revenue and utilisation trends with client-side pagination.
  • Range selector (7 / 30 / 90 days) reloads /admin/reports/summary and /admin/reports/breakdowns via the @digiwedge/teetime-api-client helpers.
  • Loading states render Ant Design skeletons; HTTP failures show retryable alerts with structured error messages.