WorldGurudwara
Join the Sewa

Dashboard Admin Guide

This page mirrors Dashboardadminguide.md. Keep both files synchronized.

Scope

  • Ensure authenticated access to Dashboard pages.
  • Maintain stable member navigation and user flows.
  • Monitor auth-related issues and API connectivity.
  • Coordinate with CMS admin for cross-module behavior.
  • Keep Dashboard documentation aligned with code changes.

Dashboard architecture (current)

Core pages

  • dashboard/index.php
  • dashboard/academy.php
  • dashboard/help.php
  • dashboard/contact.php

Shared dashboard layout

  • dashboard/includes/layout-start.php
  • dashboard/includes/layout-end.php
  • dashboard/includes/sidebar.php

Client auth guard and auth UI modules

  • assets/js/dashboard-guard.js
  • assets/js/auth.js
  • assets/js/firebase-bootstrap.js
  • assets/js/api-client.js

Server APIs used by dashboard flows

  • php/api/sync-user.php
  • php/api/submit-contact.php

Security and access model

  1. User signs in via Firebase auth flow.
  2. Dashboard guard confirms authenticated user.
  3. User sync API upserts account row in users.
  4. Contact submissions are tied to authenticated users.id.

Dashboard is auth-gated for members; role-based restrictions are handled separately in CMS.

Operational checklist

  1. Signed-out user visiting dashboard URL is redirected to sign-in.
  2. Signed-in user lands on requested dashboard page.
  3. Sidebar navigation routes correctly.
  4. Contact form submits for authenticated user.
  5. sync-user API still upserts user records correctly.
  6. Dashboard to CMS link behavior remains expected.

Database dependencies

  • users
  • contact_submissions

Ensure schema migrations are applied and DB configuration is valid in php/config.php.

Troubleshooting

"Dashboard guard failed" or redirect loops

  • Verify Firebase config values are valid.
  • Verify auth modal flow is operational.
  • Check browser console for auth initialization errors.

User is signed in but API calls fail

  • Verify bearer token handling in API requests.
  • Verify server firebase_project_id configuration.
  • Check token verification in php/lib/firebase_jwt.php.

Contact form errors

  • Validate payload size and required fields.
  • Confirm DB connection and table availability.

Admin coordination with CMS

  • Dashboard includes a CMS shortcut in sidebar.
  • CMS authorization is role-based (editor/admin) and server-enforced.
  • If a user can access Dashboard but not CMS, this is expected unless CMS role is granted.

Change management and documentation policy

Whenever Dashboard evolves, update both Dashboardadminguide.md and Dashboardadminguide.php in the same change.