docs: cover admin dashboard actions + API key Delete
Update the design docs so they match the implemented Admin-only dashboard surface. GatewayDashboardDesign now documents the Close session / Kill worker controls and the new Delete action on revoked API keys, plus the ConfirmDialog gate for every destructive action. Sessions.md adds the SessionManager.KillWorkerAsync entry alongside CloseSessionAsync and explains the immediate-kill semantics. Authentication.md adds the IApiKeyAdminStore.DeleteAsync write path and the dashboard-delete-key audit event. DashboardInterfaceDesign drops the "read-only until admin workflows have a separate design" line in favor of the confirm-before-act invariant. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
This commit is contained in:
Joseph Doherty
@@ -287,7 +287,12 @@ Use this checklist when applying the design to another project:
|
||||
- Use dashed bordered empty states for loading and no-data cases.
|
||||
- Use top-bordered sections for page groups instead of nested cards.
|
||||
- Centralize formatting and redaction outside Razor markup.
|
||||
- Keep the dashboard read-only until admin workflows have a separate design.
|
||||
- Hide every destructive admin affordance from viewers; render it only for
|
||||
the `Admin` role and re-check the role server-side on every invocation.
|
||||
- Route every destructive action (Close session, Kill worker, Rotate /
|
||||
Revoke / Delete API key) through the shared `ConfirmDialog` component so
|
||||
the operator always gets one explicit confirmation step before the call
|
||||
reaches the service.
|
||||
|
||||
## Related Documentation
|
||||
|
||||
|
||||
Reference in New Issue
Block a user