Fill gaps in User Management module

[fr4nc1stein]

Overview

The User Management module at /admin/users is functional but incomplete. Several planned capabilities from the original spec are not yet implemented.

Pending items

• User submission history view from the user management page
• Triager activity detail view
• Suspend/unsuspend user actions
• Full user deletion UI (with confirmation and cascade handling) — deferred, under review
• Audit log entries for all role changes

Notes

• Suspend/unsuspend and deletion will need Clerk Backend API calls
• Role change audit logging should write to the existing audit_logs table
• Submission history can link to the existing /triage reports view filtered by researcher

Implementation Plan

Branch: feature/van-13-user-management-gaps

Step 1 — Extend lib/audit.ts
Add role_changed, user_suspended, user_unsuspended action types.

Step 2 — /api/admin/users/route.ts

• GET: expose banned field from Clerk
• PATCH: write role_changed audit log after role update

Step 3 — /api/admin/users/[id]/route.ts

• GET: return banned status

Step 4 — New /api/admin/users/[id]/suspend/route.ts

• POST { suspend: boolean }: ban/unban via Clerk, write audit log
• Guards: cannot suspend self or another admin

Step 5 — New /api/admin/users/[id]/activity/route.ts

• GET: query audit_logs by actorId, paginated

Step 6 — /api/admin/reports/route.ts

• Add ?clerk_user_id= filter for researcher submission history

Step 7 — /admin/users/page.tsx

• Banned badge on suspended user rows
• Reports → link for researchers (links to triage filtered by user)
• Activity button for triagers (modal with action history)
• Suspend / Unsuspend button with confirm dialog

What is NOT changing

• audit_logs schema — no migration needed
• Reports data — deletion is Clerk-only; orphaned report rows are kept
• Existing role-change confirm dialog for USER → TRIAGER

[fr4nc1stein]

#19