Skip to main content

Admin Platform

Platform admin features manage users, AI access, core rules, and ingestion settings. They are separate from campaign DM permissions.

Backend

Primary files:

  • server/app/routers/admin.py
  • server/app/deps.py
  • server/app/config.py
  • server/app/serializers.py
  • server/app/schemas.py

Admin access is User.isAdmin, with environment-admin protection from ADMIN_EMAILS. Environment admins cannot be demoted or deleted from the admin UI.

Frontend

Primary file:

  • web/src/screens/PlatformSettings.tsx

The admin UI includes user management, core-rule uploads, usage policy editing, and ingestion settings.

User Management

Admins can:

  • List users.
  • Promote/demote platform admins.
  • Delete users when they do not own campaigns.
  • Grant/revoke AI access for non-admin users.

Admin users implicitly have effective AI access even if the raw aiAccess flag is false.

Core Rules

Admins can upload, download, re-index, process, rename, set usage policy, and delete core-rule documents. Core-rule files are stored privately.

Ingestion Settings

Settings exist per source type (core, campaign) and control extraction method, chunk max chars, and overlap. The backend clamps invalid values and returns stable DTOs for the UI.

Change Checklist

  • Gate all admin routes with require_admin.
  • Protect environment admins.
  • Keep core-rule storage private.
  • Reflect raw versus effective AI access correctly in serializers.
  • Update campaign core-source behavior when core-rule usage changes.