Kế hoạch: Admin Backoffice Feature
1. Hiện trạng
- 100+ controllers phủ toàn bộ domain của hệ thống.
- Auth riêng với email/password + JWT (
SecurityJwtService).
- RBAC qua Role/Rule model.
AdminRequestAspect audit logging.- 10 JMS listeners xử lý async events.
InitializeData seed master data khi startup.
2. Vấn đề đã biết
| # |
Vấn đề |
Mức độ |
| 1 |
CheatController.addCoin() endpoint không có strict RBAC |
Critical |
| 2 |
TestController tồn tại không có env guard |
High |
| 3 |
InitController không có guard sau khi init |
High |
| 4 |
AdminRequestAspect không mask sensitive data trong logs |
Medium |
| 5 |
Không có rate limiting cho admin endpoints |
Medium |
| 6 |
TriggerBatchController không có audit trail per trigger |
Medium |
3. Kế hoạch cải tiến
Phase 1: Security
- Task 1-1: Guard
CheatController với SUPER_ADMIN role only
- Task 1-2: Guard
TestController và InitController với @Profile("!main")
- Task 1-3: Mask sensitive fields trong
AdminRequestAspect logs
Phase 2: Observability
- Task 2-1: Structured audit trail cho
TriggerBatchController (who triggered what, when, result)
- Task 2-2: Alert khi cheat endpoint được gọi (Slack notification)
Phase 3: Testing
- Task 3-1: Test admin auth flow (login, JWT validation, role check)
- Task 3-2: Test RBAC — wrong role nhận 403
- Task 3-3: Test feature toggle mechanism (ON/OFF/cache invalidation)
4. Timeline
gantt
title Admin Feature - Improvement Plan
dateFormat YYYY-MM-DD
section Phase 1 Security
Task 1-1 Cheat guard :crit, t1_1, 2025-01-01, 1d
Task 1-2 Test endpoints :crit, t1_2, after t1_1, 1d
Task 1-3 Log masking :t1_3, after t1_2, 2d
section Phase 2 Observability
Task 2-1 Batch audit :t2_1, after t1_3, 2d
Task 2-2 Cheat alert :t2_2, after t2_1, 1d
section Phase 3 Testing
Task 3-1 Auth test :t3_1, after t1_2, 2d
Task 3-2 RBAC test :t3_2, after t3_1, 1d
Task 3-3 Feature toggle :t3_3, after t3_2, 1d
5. Rủi ro
| Rủi ro |
Ảnh hưởng |
Biện pháp |
| Cheat endpoint abuse |
Balance manipulation |
SUPER_ADMIN only + audit log + Slack alert |
| Admin JWT leak |
Full system access |
Short TTL + refresh token |
| Batch trigger cascade |
Unintended side effects |
Confirm dialog + audit log |
| Init endpoint after deploy |
Data overwrite |
One-time guard hoặc @Profile("!main") |