From 3cbe7e2979487d7c9540c9087dda60c7d950d06a Mon Sep 17 00:00:00 2001
From: Samir Boulahtit <samir.boulahtit@wizard.lu>
Date: Sat, 24 Jan 2026 19:49:40 +0100
Subject: [PATCH] feat: add platform assignment to user and vendor creation
 forms

User create page:
- When role=admin, show super admin toggle
- If not super admin, show platform multi-select
- Admin users created via /api/v1/admin/admin-users endpoint
- Vendor users created via existing /admin/users endpoint

Vendor create page:
- Add platform selection section
- Vendors can be assigned to multiple platforms on creation
- Update VendorCreate schema to accept platform_ids
- Update AdminService.create_vendor() to create VendorPlatform records

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
---
 app/services/admin_service.py          |  19 +++++
 app/templates/admin/user-create.html   |  56 ++++++++++++-
 app/templates/admin/vendor-create.html |  38 +++++++++
 models/schema/vendor.py                |   5 ++
 static/admin/js/user-create.js         | 105 ++++++++++++++++++++++---
 static/admin/js/vendor-create.js       |  31 +++++++-
 6 files changed, 241 insertions(+), 13 deletions(-)

diff --git a/app/services/admin_service.py b/app/services/admin_service.py
index 8a44cf9b..f016c4a5 100644
--- a/app/services/admin_service.py
+++ b/app/services/admin_service.py
@@ -34,6 +34,7 @@ from app.exceptions.auth import UserAlreadyExistsException
 from middleware.auth import AuthManager
 from models.database.company import Company
 from models.database.marketplace_import_job import MarketplaceImportJob
+from models.database.platform import Platform
 from models.database.user import User
 from models.database.vendor import Role, Vendor
 from models.schema.marketplace_import_job import MarketplaceImportJobResponse
@@ -419,6 +420,24 @@ class AdminService:
             # Create default roles for vendor
             self._create_default_roles(db, vendor.id)
 
+            # Assign vendor to platforms if provided
+            if vendor_data.platform_ids:
+                from models.database.vendor_platform import VendorPlatform
+
+                for platform_id in vendor_data.platform_ids:
+                    # Verify platform exists
+                    platform = db.query(Platform).filter(Platform.id == platform_id).first()
+                    if platform:
+                        vendor_platform = VendorPlatform(
+                            vendor_id=vendor.id,
+                            platform_id=platform_id,
+                            is_active=True,
+                        )
+                        db.add(vendor_platform)
+                        logger.debug(
+                            f"Assigned vendor {vendor.vendor_code} to platform {platform.code}"
+                        )
+
             db.flush()
             db.refresh(vendor)
 
diff --git a/app/templates/admin/user-create.html b/app/templates/admin/user-create.html
index 409e41e2..212d693e 100644
--- a/app/templates/admin/user-create.html
+++ b/app/templates/admin/user-create.html
@@ -81,6 +81,7 @@
                 </span>
                 <select
                     x-model="formData.role"
+                    @change="onRoleChange()"
                     :disabled="saving"
                     class="block w-full mt-1 text-sm dark:text-gray-300 dark:border-gray-600 dark:bg-gray-700 focus:border-purple-400 focus:outline-none focus:shadow-outline-purple dark:focus:shadow-outline-gray form-select"
                 >
@@ -88,9 +89,62 @@
                     <option value="admin">Admin</option>
                 </select>
                 <span class="text-xs text-gray-600 dark:text-gray-400 mt-1">
-                    Vendor: Can own companies and manage stores. Admin: Full platform access.
+                    Vendor: Can own companies and manage stores. Admin: Platform management access.
                 </span>
             </label>
+
+            <!-- Admin-specific options -->
+            <template x-if="formData.role === 'admin'">
+                <div class="mt-4 p-4 bg-purple-50 dark:bg-purple-900/20 rounded-lg border border-purple-200 dark:border-purple-800">
+                    <h4 class="text-sm font-medium text-purple-800 dark:text-purple-300 mb-3">Admin Settings</h4>
+
+                    <!-- Super Admin Toggle -->
+                    <label class="flex items-center mb-4">
+                        <input
+                            type="checkbox"
+                            x-model="formData.is_super_admin"
+                            :disabled="saving"
+                            class="w-4 h-4 text-purple-600 border-gray-300 rounded focus:ring-purple-500 dark:border-gray-600 dark:bg-gray-700"
+                        >
+                        <span class="ml-2 text-sm text-gray-700 dark:text-gray-300">
+                            Super Admin
+                        </span>
+                    </label>
+                    <p class="text-xs text-gray-600 dark:text-gray-400 mb-4 -mt-2 ml-6">
+                        Super admins have access to all platforms and can manage other admins.
+                    </p>
+
+                    <!-- Platform Assignment (only if not super admin) -->
+                    <template x-if="!formData.is_super_admin">
+                        <div>
+                            <label class="block text-sm">
+                                <span class="text-gray-700 dark:text-gray-400">
+                                    Assigned Platforms <span class="text-red-600">*</span>
+                                </span>
+                                <div class="mt-2 space-y-2 max-h-48 overflow-y-auto">
+                                    <template x-for="platform in platforms" :key="platform.id">
+                                        <label class="flex items-center p-2 rounded hover:bg-purple-100 dark:hover:bg-purple-900/30 cursor-pointer">
+                                            <input
+                                                type="checkbox"
+                                                :value="platform.id"
+                                                x-model="formData.platform_ids"
+                                                :disabled="saving"
+                                                class="w-4 h-4 text-purple-600 border-gray-300 rounded focus:ring-purple-500 dark:border-gray-600 dark:bg-gray-700"
+                                            >
+                                            <span class="ml-2 text-sm text-gray-700 dark:text-gray-300" x-text="platform.name"></span>
+                                            <span class="ml-2 text-xs text-gray-500 dark:text-gray-400" x-text="'(' + platform.code + ')'"></span>
+                                        </label>
+                                    </template>
+                                </div>
+                                <p x-show="platforms.length === 0" class="text-sm text-gray-500 dark:text-gray-400 mt-2">
+                                    No platforms available. Create a platform first.
+                                </p>
+                                <span x-show="errors.platform_ids" class="text-xs text-red-600 dark:text-red-400 mt-1" x-text="errors.platform_ids"></span>
+                            </label>
+                        </div>
+                    </template>
+                </div>
+            </template>
         </div>
 
         <!-- Right Column: Personal Info -->
diff --git a/app/templates/admin/vendor-create.html b/app/templates/admin/vendor-create.html
index 726a081b..8a1d34a3 100644
--- a/app/templates/admin/vendor-create.html
+++ b/app/templates/admin/vendor-create.html
@@ -166,6 +166,44 @@
             </div>
         </div>
 
+        <!-- Platform Selection Section -->
+        <div class="mb-6 pt-6 border-t border-gray-200 dark:border-gray-700">
+            <h3 class="mb-4 text-lg font-semibold text-gray-700 dark:text-gray-200">Platform Access</h3>
+            <div class="p-4 mb-4 bg-blue-50 border border-blue-200 rounded-lg dark:bg-gray-700 dark:border-gray-600">
+                <p class="text-sm text-blue-800 dark:text-blue-300">
+                    <span x-html="$icon('information-circle', 'w-4 h-4 inline mr-1')"></span>
+                    Select which platforms this vendor should have access to. Each platform can have different settings and features.
+                </p>
+            </div>
+
+            <div class="space-y-2 max-h-48 overflow-y-auto">
+                <template x-for="platform in platforms" :key="platform.id">
+                    <label class="flex items-center p-3 rounded-lg border border-gray-200 dark:border-gray-600 hover:bg-purple-50 dark:hover:bg-purple-900/20 cursor-pointer transition-colors">
+                        <input
+                            type="checkbox"
+                            :value="platform.id"
+                            x-model="formData.platform_ids"
+                            class="w-4 h-4 text-purple-600 border-gray-300 rounded focus:ring-purple-500 dark:border-gray-600 dark:bg-gray-700"
+                        >
+                        <div class="ml-3 flex-1">
+                            <span class="text-sm font-medium text-gray-700 dark:text-gray-300" x-text="platform.name"></span>
+                            <span class="ml-2 text-xs text-gray-500 dark:text-gray-400" x-text="'(' + platform.code + ')'"></span>
+                        </div>
+                        <template x-if="platform.description">
+                            <span class="text-xs text-gray-500 dark:text-gray-400" x-text="platform.description"></span>
+                        </template>
+                    </label>
+                </template>
+            </div>
+            <p x-show="platforms.length === 0" class="text-sm text-gray-500 dark:text-gray-400 mt-2">
+                No platforms available. Create a platform first.
+            </p>
+            <p x-show="formData.platform_ids.length === 0 && platforms.length > 0" class="text-xs text-amber-600 dark:text-amber-400 mt-2">
+                <span x-html="$icon('exclamation-triangle', 'w-4 h-4 inline mr-1')"></span>
+                Select at least one platform for the vendor to be accessible.
+            </p>
+        </div>
+
         <!-- Marketplace URLs Section (Optional) -->
         <div class="mb-6 pt-6 border-t border-gray-200 dark:border-gray-700">
             <h3 class="mb-4 text-lg font-semibold text-gray-700 dark:text-gray-200">Marketplace URLs (Optional)</h3>
diff --git a/models/schema/vendor.py b/models/schema/vendor.py
index 5be576df..66fc1c86 100644
--- a/models/schema/vendor.py
+++ b/models/schema/vendor.py
@@ -50,6 +50,11 @@ class VendorCreate(BaseModel):
     )
     description: str | None = Field(None, description="Vendor/brand description")
 
+    # Platform assignments (optional - vendor can be on multiple platforms)
+    platform_ids: list[int] | None = Field(
+        None, description="List of platform IDs to assign the vendor to"
+    )
+
     # Marketplace URLs (brand-specific multi-language support)
     letzshop_csv_url_fr: str | None = Field(None, description="French CSV URL")
     letzshop_csv_url_en: str | None = Field(None, description="English CSV URL")
diff --git a/static/admin/js/user-create.js b/static/admin/js/user-create.js
index c185045f..aa97f917 100644
--- a/static/admin/js/user-create.js
+++ b/static/admin/js/user-create.js
@@ -17,8 +17,11 @@ function adminUserCreate() {
             password: '',
             first_name: '',
             last_name: '',
-            role: 'vendor'
+            role: 'vendor',
+            is_super_admin: false,
+            platform_ids: []
         },
+        platforms: [],
         errors: {},
         saving: false,
 
@@ -33,30 +36,114 @@ function adminUserCreate() {
             }
             window._userCreateInitialized = true;
 
+            // Load platforms for admin assignment
+            await this.loadPlatforms();
+
             userCreateLog.info('=== USER CREATE PAGE INITIALIZATION COMPLETE ===');
         },
 
+        // Load available platforms
+        async loadPlatforms() {
+            try {
+                userCreateLog.debug('Loading platforms...');
+                const response = await apiClient.get('/admin/platforms');
+                this.platforms = response.platforms || response.items || [];
+                userCreateLog.debug(`Loaded ${this.platforms.length} platforms`);
+            } catch (error) {
+                userCreateLog.error('Failed to load platforms:', error);
+                this.platforms = [];
+            }
+        },
+
+        // Handle role change
+        onRoleChange() {
+            userCreateLog.debug('Role changed to:', this.formData.role);
+            if (this.formData.role !== 'admin') {
+                // Reset admin-specific fields when switching away from admin
+                this.formData.is_super_admin = false;
+                this.formData.platform_ids = [];
+            }
+        },
+
+        // Validate form
+        validateForm() {
+            this.errors = {};
+
+            if (!this.formData.username.trim()) {
+                this.errors.username = 'Username is required';
+            }
+            if (!this.formData.email.trim()) {
+                this.errors.email = 'Email is required';
+            }
+            if (!this.formData.password || this.formData.password.length < 6) {
+                this.errors.password = 'Password must be at least 6 characters';
+            }
+
+            // Admin-specific validation
+            if (this.formData.role === 'admin' && !this.formData.is_super_admin) {
+                if (!this.formData.platform_ids || this.formData.platform_ids.length === 0) {
+                    this.errors.platform_ids = 'Platform admins must be assigned to at least one platform';
+                }
+            }
+
+            return Object.keys(this.errors).length === 0;
+        },
+
         // Submit form
         async handleSubmit() {
             userCreateLog.info('=== CREATING USER ===');
             userCreateLog.debug('Form data:', { ...this.formData, password: '[REDACTED]' });
 
-            this.errors = {};
+            if (!this.validateForm()) {
+                userCreateLog.warn('Validation failed:', this.errors);
+                Utils.showToast('Please fix the errors before submitting', 'error');
+                return;
+            }
+
             this.saving = true;
 
             try {
-                const url = `/admin/users`;
-                window.LogConfig.logApiCall('POST', url, { ...this.formData, password: '[REDACTED]' }, 'request');
+                let url, payload, response;
+
+                if (this.formData.role === 'admin') {
+                    // Use admin-users endpoint for creating admin users
+                    url = '/api/v1/admin/admin-users';
+                    payload = {
+                        email: this.formData.email,
+                        username: this.formData.username,
+                        password: this.formData.password,
+                        first_name: this.formData.first_name || null,
+                        last_name: this.formData.last_name || null,
+                        is_super_admin: this.formData.is_super_admin,
+                        platform_ids: this.formData.is_super_admin ? [] : this.formData.platform_ids.map(id => parseInt(id))
+                    };
+                } else {
+                    // Use regular users endpoint for vendor users
+                    url = '/admin/users';
+                    payload = {
+                        email: this.formData.email,
+                        username: this.formData.username,
+                        password: this.formData.password,
+                        first_name: this.formData.first_name || null,
+                        last_name: this.formData.last_name || null,
+                        role: this.formData.role
+                    };
+                }
+
+                window.LogConfig.logApiCall('POST', url, { ...payload, password: '[REDACTED]' }, 'request');
 
                 const startTime = performance.now();
-                const response = await apiClient.post(url, this.formData);
+                response = await apiClient.post(url, payload);
                 const duration = performance.now() - startTime;
 
                 window.LogConfig.logApiCall('POST', url, response, 'response');
                 window.LogConfig.logPerformance('Create User', duration);
 
-                Utils.showToast('User created successfully', 'success');
-                userCreateLog.info(`User created successfully in ${duration}ms`, response);
+                const userType = this.formData.role === 'admin'
+                    ? (this.formData.is_super_admin ? 'Super admin' : 'Platform admin')
+                    : 'User';
+                Utils.showToast(`${userType} created successfully`, 'success');
+                userCreateLog.info(`${userType} created successfully in ${duration}ms`, response);
 
                 // Redirect to the new user's detail page
                 setTimeout(() => {
@@ -79,9 +166,9 @@ function adminUserCreate() {
 
                 // Handle specific errors
                 if (error.message) {
-                    if (error.message.includes('Email already registered')) {
+                    if (error.message.includes('Email already')) {
                         this.errors.email = 'This email is already registered';
-                    } else if (error.message.includes('Username already taken')) {
+                    } else if (error.message.includes('Username already')) {
                         this.errors.username = 'This username is already taken';
                     }
                 }
diff --git a/static/admin/js/vendor-create.js b/static/admin/js/vendor-create.js
index 63c0a685..cd01f27c 100644
--- a/static/admin/js/vendor-create.js
+++ b/static/admin/js/vendor-create.js
@@ -23,6 +23,9 @@ function adminVendorCreate() {
         companies: [],
         loadingCompanies: true,
 
+        // Platforms list for selection
+        platforms: [],
+
         // Form data matching VendorCreate schema
         formData: {
             company_id: '',
@@ -32,7 +35,8 @@ function adminVendorCreate() {
             description: '',
             letzshop_csv_url_fr: '',
             letzshop_csv_url_en: '',
-            letzshop_csv_url_de: ''
+            letzshop_csv_url_de: '',
+            platform_ids: []
         },
 
         // UI state
@@ -49,7 +53,10 @@ function adminVendorCreate() {
 
             try {
                 vendorCreateLog.info('Initializing vendor create page');
-                await this.loadCompanies();
+                await Promise.all([
+                    this.loadCompanies(),
+                    this.loadPlatforms()
+                ]);
             } catch (error) {
                 vendorCreateLog.error('Failed to initialize vendor create:', error);
             }
@@ -70,6 +77,18 @@ function adminVendorCreate() {
             }
         },
 
+        // Load platforms for selection
+        async loadPlatforms() {
+            try {
+                const response = await apiClient.get('/admin/platforms');
+                this.platforms = response.platforms || response.items || [];
+                vendorCreateLog.debug('Loaded platforms:', this.platforms.length);
+            } catch (error) {
+                vendorCreateLog.error('Failed to load platforms:', error);
+                this.platforms = [];
+            }
+        },
+
         // Auto-generate subdomain from vendor name
         autoGenerateSubdomain() {
             if (!this.formData.name) {
@@ -124,6 +143,11 @@ function adminVendorCreate() {
                     payload.letzshop_csv_url_de = this.formData.letzshop_csv_url_de;
                 }
 
+                // Add platform assignments
+                if (this.formData.platform_ids && this.formData.platform_ids.length > 0) {
+                    payload.platform_ids = this.formData.platform_ids.map(id => parseInt(id));
+                }
+
                 const response = await apiClient.post('/admin/vendors', payload);
 
                 vendorCreateLog.info('Vendor created successfully:', response.vendor_code);
@@ -147,7 +171,8 @@ function adminVendorCreate() {
                     description: '',
                     letzshop_csv_url_fr: '',
                     letzshop_csv_url_en: '',
-                    letzshop_csv_url_de: ''
+                    letzshop_csv_url_de: '',
+                    platform_ids: []
                 };
 
                 // Scroll to top to show success message