🏠 Overview 🧩 Components 🧩 AdminUserService

AdminUserService

Component Detail

Service Layer medium complexity backend
0
Dependencies
0
Dependents
7
Entities
0
Integrations

Description

Backend service layer orchestrating all user lifecycle operations for the Admin Web Portal. Enforces tenant isolation, validates support-grant presence for Global Admin callers, and writes every mutation to the org audit trail. Coordinates with the email service for invitation dispatch and with session management to propagate status changes.

Feature: User CRUD

admin-user-service

Sources & reasoning

Blueprint tags user-crud [MVP] and the Admin Web Portal MVP scope (lines 326, 329) explicitly lists brukeradministrasjon as a launch requirement and confirms Coordinators and Peer Mentors are managed records, not portal users. Target release is MVP per both the blueprint and the source doc's Admin Web Portal MVP section.

  • Brukeradministrasjon (invitere, deaktivere, rolletildeling)
  • Coordinators og Peer Mentors logger IKKE inn i admin-portalen; de forvaltes som datarecords (invitasjon, rolletildeling, deaktivering) av Org Admin.

Responsibilities

  • Validate caller permissions and, for Global Admins, verify an active time-bounded support grant before any operation
  • Orchestrate invite flow including token generation, email dispatch, and pending-user record creation
  • Apply profile edits, deactivations, and deletions while maintaining tenant isolation
  • Write structured audit-trail entries for every mutating operation (GDPR and Bufdir traceability)
  • Invalidate or update active session tokens when a user's role or status changes

Interfaces

listUsers(callerContext: CallerContext, tenantId, query: UserQuery): UserListResponse
inviteUser(callerContext, tenantId, email, role): PendingUser
updateUser(callerContext, userId, patch: UserPatch): UserProfile
deactivateUser(callerContext, userId): void
deleteUser(callerContext, userId): void
validateSupportGrant(globalAdminId, tenantId): GrantStatus

Related Data Entities (7)

Data entities managed by this component

Certification 17 fields core Contact 22 fields core Course 17 fields core Organization 16 fields core Peer Mentor Profile 26 fields core User 25 fields core User Organization Membership 19 fields core