Class PlatformAdminsController
- Namespace
- KadicAuth.Api.Controllers
- Assembly
- KadicAuth.Api.dll
Platform-admin membership administration. Deliberately isolated:
- Not exposed in Swagger (
[ApiExplorerSettings(IgnoreApi = true)]). - Every endpoint gated by RequirePlatformAdminAttribute which returns 404 to unauthorized callers (so they cannot even learn this controller exists).
- Does not use the normal
Permissions.Auth.*policy system. Platform admins are a parallel, first-class concept — on purpose. - Grants and revokes are audited inside IPlatformAdminService.
Bootstrap of the very first platform admin happens via PlatformAdminBootstrap at startup; this controller cannot bootstrap because it requires an existing platform admin to call it.
[ApiController]
[Authorize]
[Route("api/[controller]")]
[Produces("application/json", new string[] { })]
[ApiExplorerSettings(IgnoreApi = true)]
public sealed class PlatformAdminsController : ControllerBase- Inheritance
-
objectControllerBasePlatformAdminsController
Constructors
PlatformAdminsController(IPlatformAdminService, ICurrentUser, ILogger<PlatformAdminsController>)
public PlatformAdminsController(IPlatformAdminService service, ICurrentUser currentUser, ILogger<PlatformAdminsController> logger)Parameters
serviceIPlatformAdminServicecurrentUserICurrentUserloggerILogger<PlatformAdminsController>
Methods
Grant(GrantPlatformAdminRequest, CancellationToken)
Grants platform-admin status to a target user. Idempotent: calling twice on an already-active user is a no-op. Calling on a previously- revoked user re-activates them and writes a ReGranted audit entry.
[HttpPost("grant")]
public Task<IActionResult> Grant(GrantPlatformAdminRequest request, CancellationToken cancellationToken)Parameters
requestGrantPlatformAdminRequestcancellationTokenCancellationToken
Returns
- Task<IActionResult>
List(CancellationToken)
Returns all platform admins, active first, most recent grants first. Only visible to other platform admins (gated by the class-level RequirePlatformAdminAttribute).
[HttpGet]
public Task<ActionResult<IReadOnlyList<PlatformAdminDto>>> List(CancellationToken cancellationToken)Parameters
cancellationTokenCancellationToken
Returns
- Task<ActionResult<IReadOnlyList<PlatformAdminDto>>>
Revoke(RevokePlatformAdminRequest, CancellationToken)
Revokes platform-admin status. Fails with 409 Conflict if the caller is trying to revoke themselves AND they are the last active platform admin (self-lockout guard).
[HttpPost("revoke")]
public Task<IActionResult> Revoke(RevokePlatformAdminRequest request, CancellationToken cancellationToken)Parameters
requestRevokePlatformAdminRequestcancellationTokenCancellationToken
Returns
- Task<IActionResult>