dezky/apps/operator/pages/index.vue

<script setup lang="ts">
// O.3 scaffolding home. Confirms login round-trips and exposes a smoke-test
// button that exercises the operator-only audience gating against
// platform-api. Real operator UI lands in O.4+.

const { user, logout } = useOidcAuth()
const smokeResult = ref<string | null>(null)
const smokeBusy = ref(false)

async function createTestPartner() {
  smokeBusy.value = true
  smokeResult.value = null
  try {
    const res = await $fetch('/api/operator-smoke-test', { method: 'POST' })
    smokeResult.value = `✓ ${JSON.stringify(res).slice(0, 200)}`
  } catch (err: unknown) {
    const e = err as { data?: { message?: string }; statusCode?: number }
    smokeResult.value = `✗ ${e.statusCode}: ${e.data?.message ?? String(err)}`
  } finally {
    smokeBusy.value = false
  }
}
</script>

<template>
  <div class="page">
    <header class="bar">
      <div class="brand">
        <span class="dot" />
        <span class="name">dezky · ops</span>
      </div>
      <div class="me">
        <span class="email">{{ user?.userInfo?.email || user?.userName }}</span>
        <button class="logout" @click="logout()">sign out</button>
      </div>
    </header>

    <main class="stage">
      <p class="eyebrow">O.3 scaffolding</p>
      <h1>Operator portal · placeholder</h1>
      <p class="lead">
        You're signed in via the <code>dezky-operator</code> Authentik client. Real screens
        (Overview, Tenants, Partners, Infrastructure, etc.) land in O.4 once the design system
        is ported. This page exists to prove the OAuth round-trip works and to smoke-test the
        operator-only endpoints on platform-api.
      </p>

      <section class="card">
        <h2>Smoke test · POST /partners</h2>
        <p>
          Calls <code>https://api.dezky.local/partners</code> through a server-side proxy that
          forwards your access token. With an operator-scoped token this should return 200 +
          the created partner; with a customer-portal token (try in the other app) it returns 403.
        </p>
        <button :disabled="smokeBusy" class="primary" @click="createTestPartner">
          {{ smokeBusy ? 'Calling…' : 'Create partner "test-partner"' }}
        </button>
        <pre v-if="smokeResult" class="result">{{ smokeResult }}</pre>
      </section>

      <section class="meta">
        <div class="row"><span class="k">subject</span><span class="v">{{ user?.userName }}</span></div>
        <div class="row"><span class="k">email</span><span class="v">{{ user?.userInfo?.email }}</span></div>
        <div class="row"><span class="k">groups</span><span class="v">{{ (user?.userInfo as { groups?: string[] } | undefined)?.groups?.join(', ') || '—' }}</span></div>
        <div class="row"><span class="k">aud</span><span class="v">dezky-operator (expected)</span></div>
      </section>
    </main>
  </div>
</template>

<style scoped>
.page {
  min-height: 100vh;
  display: flex;
  flex-direction: column;
}

.bar {
  padding: 14px 24px;
  display: flex;
  justify-content: space-between;
  align-items: center;
  border-bottom: 1px solid var(--border);
}

.brand {
  display: flex;
  align-items: center;
  gap: 10px;
  font-family: var(--font-mono);
  font-size: 12px;
  font-weight: 600;
}

.dot {
  width: 10px;
  height: 10px;
  border-radius: 999px;
  background: var(--accent);
  box-shadow: 0 0 0 3px rgba(212, 255, 58, 0.15);
}

.me {
  display: flex;
  align-items: center;
  gap: 12px;
}

.email {
  font-family: var(--font-mono);
  font-size: 12px;
  color: var(--text-dim);
}

.logout {
  background: transparent;
  border: 1px solid var(--border);
  border-radius: 6px;
  padding: 6px 12px;
  font-family: var(--font-mono);
  font-size: 11px;
  color: var(--text);
}

.logout:hover {
  background: rgba(244, 243, 238, 0.04);
}

.stage {
  flex: 1;
  padding: 48px 32px;
  max-width: 760px;
  width: 100%;
  margin: 0 auto;
}

.eyebrow {
  font-family: var(--font-mono);
  font-size: 10px;
  letter-spacing: 0.18em;
  text-transform: uppercase;
  color: var(--text-mute);
  margin: 0 0 12px 0;
}

h1 {
  margin: 0 0 16px 0;
  font-family: var(--font-display);
  font-weight: 600;
  font-size: 32px;
  letter-spacing: -0.025em;
  line-height: 1.1;
}

.lead {
  color: var(--text-dim);
  font-size: 14px;
  line-height: 1.6;
  margin: 0 0 32px 0;
}

code {
  font-family: var(--font-mono);
  font-size: 12px;
  background: rgba(244, 243, 238, 0.06);
  padding: 1px 6px;
  border-radius: 3px;
}

.card {
  background: var(--surface);
  border: 1px solid var(--border);
  border-radius: 10px;
  padding: 20px 22px;
  margin-bottom: 24px;
}

.card h2 {
  font-family: var(--font-display);
  font-weight: 600;
  font-size: 16px;
  letter-spacing: -0.01em;
  margin: 0 0 8px 0;
}

.card p {
  font-size: 13px;
  color: var(--text-dim);
  line-height: 1.55;
  margin: 0 0 14px 0;
}

.primary {
  height: 36px;
  padding: 0 16px;
  background: var(--accent);
  color: var(--accent-fg);
  border: none;
  border-radius: 6px;
  font-weight: 600;
  font-size: 12.5px;
  font-family: inherit;
  cursor: pointer;
}

.primary[disabled] {
  opacity: 0.55;
  cursor: not-allowed;
}

.result {
  margin: 14px 0 0 0;
  padding: 12px;
  background: var(--bg);
  border: 1px solid var(--border);
  border-radius: 6px;
  font-family: var(--font-mono);
  font-size: 11.5px;
  color: var(--text-dim);
  white-space: pre-wrap;
  word-break: break-all;
}

.meta {
  background: var(--surface);
  border: 1px solid var(--border);
  border-radius: 10px;
  padding: 14px 18px;
}

.row {
  display: flex;
  gap: 12px;
  padding: 5px 0;
  font-family: var(--font-mono);
  font-size: 11px;
}

.k {
  color: var(--text-mute);
  letter-spacing: 0.06em;
  text-transform: uppercase;
  width: 70px;
  flex-shrink: 0;
}

.v {
  color: var(--text-dim);
  word-break: break-all;
}
</style>