Skip to main content

MenuMingle Admin Portal - User Guide

Version: 2.1.1
Last Updated: January 2025
Documentation Status: Complete

Table of Contents

  1. Overview
  2. Access & Authentication
  3. Feature Status Summary
  4. Available Features
  5. Partially Implemented Features
  6. Coming Soon / Needs Development
  7. Navigation Structure
  8. Best Practices
  9. Troubleshooting

Overview

The MenuMingle Admin Portal provides comprehensive system management capabilities for platform administrators. It offers tools for managing restaurants, users, analytics, security, and system health monitoring.

Key Capabilities

  • Restaurant Management: Full CRUD operations, approval workflows, subscription management
  • User Management: User search, role assignment, account status management, safe deletion
  • Analytics: Platform-wide metrics and performance insights
  • Video Optimization: Bulk video processing and optimization tools
  • Session Management: Active session monitoring and termination
  • Security Monitoring: Audit logs and security alerts (partial)
  • System Health: Performance metrics and service status (partial)

Access & Authentication

Access Requirements

  • Role Required: Super Admin (isSuperAdmin: true)
  • Login URL: /admin-login
  • Portal URL: /admin
  • Authentication: Supabase Auth with role-based access control

Access Denied

If you don't have Super Admin privileges, you'll see an "Access Denied" message when attempting to access admin routes.

Session Management

  • Admin sessions are tracked in the user_sessions table
  • Sessions can be monitored and terminated from /admin/sessions
  • Active sessions are displayed with device, location, and activity information

Feature Status Summary

✅ Fully Available (6 features)

These features are fully implemented, accessible from the main navigation, and production-ready:

  1. Dashboard (/admin)
  2. Restaurant Management (/admin/restaurants)
  3. User Management (/admin/users)
  4. Analytics (/admin/analytics)
  5. Video Optimizer (/admin/video-optimizer)
  6. Session Management (/admin/sessions)

🚧 Partially Implemented (3 features)

These features have UI implemented but use mock data or simulated functionality:

  1. Security (/admin/security) - Mock security alerts
  2. System Health (/admin/health) - Mock system metrics
  3. Settings (/admin/settings) - Simulated save operations

⏳ Coming Soon / Needs Development

  • IP Blocking (mentioned in Security section)
  • Real-time Security Alerts (currently using mock data)
  • Live System Metrics (currently using mock data)
  • Persistent Settings Storage (currently simulated)

Available Features

1. Dashboard (/admin)

Status: ✅ Fully Available
Navigation: Main menu (Home icon)
URL: /admin

Features

  • System Overview Metrics:

    • Total restaurants, chefs, dishes
    • Active users and restaurants
    • New registrations this month
    • Total interactions, views, saves, orders

  • Quick Actions:

    • Navigate to Restaurant Management
    • Navigate to User Management
    • Navigate to Analytics
    • Navigate to Security

  • Recent Activity Feed:

    • Latest platform events
    • Action types and metadata
    • Timestamps and user information
    • Link to full security audit log

  • Growth Metrics:

    • Month-over-month growth rates
    • Subscription tier distribution
    • Platform health indicators

  • Quick Links:

    • System Health monitoring
    • Session Management
    • Settings configuration

Data Sources

  • Real-time queries to Supabase:
    • restaurants table
    • chefs table
    • dishes table
    • profiles table
    • user_interactions table
    • audit_logs table

2. Restaurant Management (/admin/restaurants)

Status: ✅ Fully Available
Navigation: Main menu (Building2 icon)
URL: /admin/restaurants

Features

  • Restaurant CRUD Operations:

    • Create new restaurants
    • Edit existing restaurant details
    • Delete restaurants (with confirmation)
    • View restaurant details and analytics

  • Search & Filtering:

    • Text search by name, cuisine, location
    • Filter by subscription tier
    • Filter by status (active, pending, inactive)
    • Filter by cuisine type
    • Filter by price range
    • Filter by location
    • Filter by visibility settings
    • Filter by last active date
    • Filter by date added
    • Sort by various fields (created_at, name, etc.)

  • Bulk Operations:

    • Bulk status updates
    • Bulk subscription tier changes
    • Bulk email sending
    • Bulk deletion (with confirmation)

  • Restaurant Details:

    • Contact information
    • Business configuration
    • Team structure
    • Platform setup
    • System configuration
    • Review and launch workflow

  • View Modes:

    • List view
    • Card view
    • Responsive design for mobile/tablet

  • Restaurant Analytics:

    • View individual restaurant analytics
    • Performance metrics
    • Engagement statistics

Data Sources

  • restaurants table
  • profiles table (for restaurant owners)
  • dishes table (for dish counts)
  • user_interactions table (for analytics)

3. User Management (/admin/users)

Status: ✅ Fully Available
Navigation: Main menu (Users icon)
URL: /admin/users

Features

  • User Search & Filtering:

    • Text search by name, email
    • Filter by role
    • Filter by account status
    • Filter by restaurant association
    • Filter by registration date
    • Filter by last active date
    • Advanced filtering options

  • User Operations:

    • View user details
    • Edit user information
    • Assign roles
    • Assign to restaurants
    • Invite new users
    • Invite restaurant staff
    • Delete users (with safe deletion validation)
    • Export user data

  • Role Management:

    • Assign user roles
    • View role permissions
    • Manage restaurant associations

  • Bulk Operations:

    • Bulk role assignment
    • Bulk status updates
    • Bulk restaurant assignment
    • Bulk deletion (with confirmation)

  • User Metrics:

    • Total users
    • Active users
    • Users by role
    • New users this month

Data Sources

  • profiles table
  • auth.users table (via Supabase Auth)
  • user_roles table
  • restaurant_staff table

Safety Features

  • Safe deletion with validation
  • Confirmation dialogs for destructive actions
  • Audit logging of user changes

4. Analytics (/admin/analytics)

Status: ✅ Fully Available
Navigation: Main menu (BarChart3 icon)
URL: /admin/analytics

Features

  • Platform Metrics:

    • Total restaurants count
    • Total chefs count
    • Total dishes count
    • Total user profiles
    • Total interactions
    • Total views
    • Total saves
    • Total orders

  • Engagement Metrics:

    • Dish views
    • Dishes saved
    • Orders placed
    • All user interactions

  • Platform Health Indicators:

    • Average dishes per restaurant
    • Average views per dish
    • Order conversion rate
    • Save rate

  • Data Refresh:

    • Manual refresh button
    • Real-time data from database

Data Sources

  • restaurants table
  • chefs table
  • dishes table
  • profiles table
  • user_interactions table (filtered by interaction_type)

5. Video Optimizer (/admin/video-optimizer)

Status: ✅ Fully Available
Navigation: Main menu (Video icon)
URL: /admin/video-optimizer

Features

  • Video Detection:

    • Detect unoptimized videos
    • Identify videos without quality variants
    • Detect media optimization issues
    • Identify URL mismatches

  • Bulk Optimization:

    • Process multiple videos at once
    • Queue optimization jobs
    • Track optimization progress
    • View optimization results

  • Thumbnail Integrity:

    • Check thumbnail URLs
    • Verify thumbnail generation
    • Fix thumbnail issues

  • Video Quality Analysis:

    • View video quality variants
    • Check video optimization status
    • Monitor CDN cache status

  • Individual Video Management:

    • Optimize individual videos
    • View video details
    • Delete videos
    • Download videos

Detection Reasons

  • no_qualities: Video lacks quality variants
  • media_unoptimized: Media asset not optimized
  • url_mismatch: URL inconsistencies detected

Data Sources

  • dishes table
  • media_assets table
  • Video storage buckets

6. Session Management (/admin/sessions)

Status: ✅ Fully Available
Navigation: Main menu (Users icon)
URL: /admin/sessions

Features

  • Active Session Viewer:

    • View all user sessions
    • Filter by user
    • Filter by status (active/inactive)
    • Search sessions

  • Session Details:

    • Device information
    • Device fingerprint
    • IP address
    • User agent
    • Location data
    • Last activity timestamp
    • Session expiration
    • Creation timestamp

  • Session Operations:

    • Terminate individual sessions
    • View session history
    • Monitor active sessions

  • Device Tracking:

    • Device type (desktop, mobile, tablet)
    • Browser information
    • Operating system

  • Metrics:

    • Total active sessions
    • Sessions by device type
    • Recent session activity

Data Sources

  • user_sessions table
  • profiles table (for user email lookup)

Partially Implemented Features

7. Security (/admin/security)

Status: 🚧 Partially Implemented (Mock Data)
Navigation: Hidden (accessible via direct URL)
URL: /admin/security

Current Implementation

  • UI Components: Fully implemented
  • Audit Log Viewer: ✅ Real data from audit_logs table
  • Security Alerts: ⚠️ Using mock data
  • Suspicious Activity Detection: ⚠️ Using mock data
  • Failed Login Attempts: ⚠️ Mock data
  • Session Anomalies: ⚠️ Mock data

Features Available

  • View audit logs (real data)
  • Security alert dashboard (mock alerts)
  • Suspicious IP tracking (mock IPs)
  • Active admin session count (mock count)

What Needs Development

  1. Real Security Alert Generation:

    • Implement actual suspicious activity detection
    • Analyze failed login patterns
    • Detect privilege escalation attempts
    • Monitor data export patterns

  2. IP Blocking (marked as "planned" in code):

    • Implement IP blocking functionality
    • Create blocked IP list management
    • Automatic blocking for suspicious activity

  3. Real-time Monitoring:

    • Connect to actual security monitoring systems
    • Real-time alert generation
    • Integration with Supabase Auth logs

Code Location

  • src/pages/admin/AdminSecurity.tsx
  • Mock alerts generated in fetchSecurityData() function (lines 88-114)

8. System Health (/admin/health)

Status: 🚧 Partially Implemented (Mock Data)
Navigation: Hidden (accessible via direct URL)
URL: /admin/health

Current Implementation

  • UI Components: Fully implemented
  • Metrics Display: ✅ UI ready
  • Service Status: ⚠️ Using mock data
  • Performance Metrics: ⚠️ Using mock data

Features Available

  • System metrics dashboard (mock data):

    • CPU Usage
    • Memory Usage
    • Disk Usage
    • Database Connections
    • API Response Time
    • Error Rate

  • Service status monitoring (mock data):

    • Service uptime
    • Last check timestamps
    • Response times
    • Service health status

What Needs Development

  1. Real System Metrics:

    • Connect to Supabase monitoring APIs
    • Real-time database performance metrics
    • Actual storage usage from Supabase Storage
    • Edge function performance data

  2. Service Monitoring:

    • Real service health checks
    • Actual uptime tracking
    • Real response time measurements

  3. Error Tracking:

    • Connect to error logging system
    • Real error rate calculations
    • Error trend analysis

  4. Performance Benchmarks:

    • Historical performance data
    • Performance trend analysis
    • Alert thresholds

Code Location

  • src/pages/admin/AdminSystemHealth.tsx
  • Mock metrics generated in fetchSystemHealth() function (lines 60-104)

9. Settings (/admin/settings)

Status: 🚧 Partially Implemented (Simulated Saves)
Navigation: Hidden (accessible via direct URL)
URL: /admin/settings

Current Implementation

  • UI Components: Fully implemented
  • Settings Forms: ✅ All form fields present
  • Save Functionality: ⚠️ Simulated (not persisted to database)

Features Available

  • Platform Settings:

    • Maintenance mode toggle
    • New registrations toggle
    • Email notifications toggle
    • Analytics tracking toggle
    • Auto moderation toggle
    • API rate limit configuration
    • Max file size configuration
    • Maintenance message editor
    • Admin email configuration

  • Feature Flags:

    • Social features toggle
    • QR menu generation toggle

What Needs Development

  1. Persistent Storage:

    • Create platform_settings table in Supabase
    • Implement real save functionality
    • Load settings from database on page load

  2. Settings Management:

    • Settings versioning
    • Settings history/audit log
    • Default settings configuration

  3. Settings Validation:

    • Input validation
    • Settings dependency checks
    • Rollback functionality

Code Location

  • src/pages/admin/AdminSettings.tsx
  • Simulated save in handleSaveSettings() function (lines 45-65)
  • Comment indicates: "In a real implementation, this would save to Supabase"

Coming Soon / Needs Development

Permissions Management (/admin/permissions)

Status: ⏳ Available but Not in Main Navigation
URL: /admin/permissions
Access: Direct URL only

Current Status

  • Component: PermissionManagement component exists
  • Route: Configured in App.tsx
  • Navigation: Not included in main admin navigation
  • Permission Guard: Protected with users.edit permission

Features

  • Role configuration
  • Permission assignment
  • Context-aware permissions (admin vs restaurant)
  • Permission templates

Recommendation

  • Add to main navigation if permissions management is a priority feature
  • Or keep as hidden feature for advanced admin use

The Admin Portal sidebar includes these items:

  1. Dashboard (/admin) - Home icon
  2. Restaurants (/admin/restaurants) - Building2 icon
  3. Users (/admin/users) - Users icon
  4. Analytics (/admin/analytics) - BarChart3 icon
  5. Video Optimizer (/admin/video-optimizer) - Video icon
  6. Sessions (/admin/sessions) - Users icon

Hidden Navigation (Direct URL Access)

These pages exist but are commented out in navigation:

  1. Security (/admin/security) - Shield icon
  2. System Health (/admin/health) - Activity icon
  3. Settings (/admin/settings) - Settings icon

Additional Routes

  • Permissions (/admin/permissions) - Not in navigation, accessible via direct URL

Best Practices

Security

  1. Access Control: Only Super Admins should have access
  2. Audit Logging: All admin actions are logged to audit_logs table
  3. Session Management: Regularly review and terminate suspicious sessions
  4. User Deletion: Always use safe deletion with validation

Data Management

  1. Bulk Operations: Use bulk operations carefully, especially deletions
  2. Restaurant Management: Verify restaurant details before approval
  3. User Management: Review user roles and permissions regularly
  4. Video Optimization: Monitor optimization queue to prevent overload

Performance

  1. Analytics Refresh: Use manual refresh to avoid excessive queries
  2. Large Datasets: Use filters to narrow down large result sets
  3. Session Monitoring: Limit session queries to active sessions when possible

Development

  1. Mock Data: Be aware that Security and System Health use mock data
  2. Settings: Settings changes are currently simulated and not persisted
  3. Testing: Test all admin operations in staging before production

Troubleshooting

Access Issues

Problem: "Access Denied" message when accessing admin routes

Solution:

  • Verify user has isSuperAdmin: true in their profile
  • Check Supabase Auth role assignments
  • Ensure user is logged in with correct account

Data Not Loading

Problem: Dashboard or analytics showing zero values

Solution:

  • Check Supabase connection
  • Verify RLS policies allow admin access
  • Check browser console for errors
  • Refresh the page

Settings Not Saving

Problem: Settings page shows "Settings saved" but changes don't persist

Solution:

  • This is expected behavior - settings are currently simulated
  • Settings need to be implemented with database persistence
  • See "Settings" section in "Partially Implemented Features"

Security Alerts Not Appearing

Problem: Security page shows no alerts or only mock alerts

Solution:

  • Security alerts are currently using mock data
  • Real security monitoring needs to be implemented
  • See "Security" section in "Partially Implemented Features"

System Health Metrics Not Accurate

Problem: System Health page shows incorrect or static metrics

Solution:

  • System Health currently uses mock data
  • Real monitoring integration needs to be implemented
  • See "System Health" section in "Partially Implemented Features"

Video Optimization Not Working

Problem: Videos not optimizing or optimization failing

Solution:

  • Check video storage bucket permissions
  • Verify media_assets table structure
  • Check browser console for errors
  • Review optimization queue status

Development Roadmap

High Priority

  1. Implement Real Security Monitoring

    • Replace mock security alerts with real detection
    • Implement IP blocking functionality
    • Connect to Supabase Auth logs

  2. Implement Real System Health Monitoring

    • Connect to Supabase monitoring APIs
    • Implement real-time metrics collection
    • Add error tracking integration

  3. Implement Settings Persistence

    • Create platform_settings table
    • Implement real save/load functionality
    • Add settings validation

Medium Priority

  1. Add Permissions to Main Navigation

    • Decide if permissions management should be visible
    • Add to navigation if needed

  2. Enhance Audit Logging

    • Add more detailed audit events
    • Improve audit log search/filtering
    • Add audit log export functionality

  3. Improve Bulk Operations

    • Add progress indicators for large operations
    • Add operation cancellation
    • Improve error handling

Low Priority

  1. Add Help Documentation

    • In-app tooltips
    • Contextual help buttons
    • Feature tutorials

  2. Enhance Analytics

    • Add date range filtering
    • Add export functionality
    • Add chart visualizations

  3. Improve Mobile Experience

    • Optimize admin portal for mobile devices
    • Add mobile-specific navigation
    • Improve touch interactions

Technical Details

Database Tables Used

  • restaurants - Restaurant data
  • profiles - User profiles
  • chefs - Chef/admin profiles
  • dishes - Dish data
  • user_interactions - User engagement data
  • user_sessions - Session tracking
  • audit_logs - Admin action logging
  • media_assets - Video/media data
  • user_roles - Role assignments
  • restaurant_staff - Restaurant team members

Key Components

  • AdminLayout - Main layout wrapper with navigation
  • AdminPageHeader - Standardized page headers
  • SectionCard - Reusable section containers
  • MetricCard - Metric display cards
  • AdminActionBar - Action buttons and filters
  • AdminErrorBoundary - Error handling

Authentication

  • Uses useAuth() hook
  • Checks isSuperAdmin flag
  • Supabase Auth integration
  • Row-Level Security (RLS) policies

Support & Contact

For questions or issues with the Admin Portal:

  1. Check this documentation first
  2. Review the codebase in src/pages/admin/
  3. Check Supabase logs for database errors
  4. Review browser console for frontend errors

Last Updated: January 2025
Maintained By: Platform Development Team
Documentation Version: 1.0