Skip to main content

Admin Dashboard — Epics & User Stories Report

Status: populated Owner: Platform Engineering (Frontend) Last updated: 2026-04-18

EP-ADMDASH-01 — Admin Authentication & Session Management

Goal: Allow platform administrators to securely sign in with elevated privileges and maintain sessions.

US-ADMDASH-01-01 — Admin Login with Claim Verification

As a platform administrator, I want to sign in with my Google Workspace email, So that I can access the admin dashboard with the correct privileges.

Acceptance Criteria:

  • /login page renders email + password fields
  • Firebase Auth sign-in called on submit
  • Firebase ID token exchanged via GET /v1/internal/auth/me
  • admin custom claim verified; login rejected with "Access denied" if claim missing
  • JWT stored in httpOnly; Secure; SameSite=Strict encrypted cookie
  • Cloudflare Access gate must be passed before reaching the login page
  • User redirected to /dashboard on success

Story Points: 5

US-ADMDASH-01-02 — Auto-Refresh Admin Session

As a logged-in admin, I want my session to refresh automatically, So that I am not interrupted during long operational tasks.

Acceptance Criteria:

  • Middleware detects JWT expiry; silently refreshes using __admin_refresh cookie
  • If refresh fails, redirect to /login?reason=session_expired
  • No disruption to in-progress form edits during refresh

Story Points: 3

EP-ADMDASH-02 — Real-Time Operations Dashboard

Goal: Give platform admins a live operational overview of the SMS platform.

US-ADMDASH-02-01 — Dashboard Metric Summary Cards

As a platform admin, I want to see key platform metrics at a glance, So that I can quickly assess platform health without navigating multiple pages.

Acceptance Criteria:

  • /dashboard shows cards: messages sent (24h), delivery rate (24h), active operators, queue depth, alert count
  • Cards load server-side on initial render
  • Cards refresh every 30 seconds via client-side polling
  • Polling pauses when browser tab is backgrounded

Story Points: 5

US-ADMDASH-02-02 — Throughput Chart (24h Hourly)

As a platform admin, I want to see an hourly message throughput chart for the last 24 hours, So that I can spot traffic spikes and delivery anomalies.

Acceptance Criteria:

  • Area chart with three series: sent, delivered, failed
  • 24 hourly data points; x-axis shows hour labels
  • Chart updates on each 30-second poll cycle
  • Empty data state handled gracefully (flat zero line with label)
  • Chart is accessible with aria-label summary

Story Points: 5

US-ADMDASH-02-03 — Delivery Breakdown Pie Chart

As a platform admin, I want to see a delivery status breakdown, So that I can identify if a high proportion of messages are failing.

Acceptance Criteria:

  • Pie chart with four segments: delivered, failed, pending, undeliverable
  • Segments labeled with count and percentage
  • Legend renders below the chart
  • Updates on each poll cycle

Story Points: 3

US-ADMDASH-02-04 — Top-5 Operators Table

As a platform admin, I want to see the top 5 operators by message volume, So that I can quickly identify which operators are carrying the most traffic and their health state.

Acceptance Criteria:

  • Table shows: operator name, messages sent (24h), delivery rate, avg latency, connection status badge
  • Connection status badge: connected (green), degraded (amber), disconnected (red)
  • Updates on each poll cycle
  • Clicking an operator name navigates to /operators/{operatorId}

Story Points: 3

US-ADMDASH-02-05 — Service Alert Banners

As a platform admin, I want to see alert banners when a backend service is degraded or down, So that I can act on incidents immediately.

Acceptance Criteria:

  • Alert banners appear at the top of the dashboard when alertCount > 0
  • Each banner names the degraded/down service and its status
  • Banners are individually dismissible; dismissed state stored in sessionStorage
  • Banners re-appear after tab reload if condition persists

Story Points: 3

EP-ADMDASH-03 — SMPP Operator Management

Goal: Allow admins to create, configure, and manage SMPP operator connections.

US-ADMDASH-03-01 — List Operators

As a platform admin, I want to see all configured SMPP operators, So that I can monitor their configuration and live connection status.

Acceptance Criteria:

  • /operators table: name, host:port, bindType, throughput TPS, priority, status, connection state
  • Connection state badge refreshes every 30s
  • Search/filter by operator name

Story Points: 3

US-ADMDASH-03-02 — Create SMPP Operator

As a platform admin, I want to add a new SMPP operator, So that the platform can route messages through a new carrier connection.

Acceptance Criteria:

  • "Add Operator" button opens a multi-section modal
  • Required fields: name, host, port, systemId, password (masked), bindType
  • Optional fields: throughput TPS, priority, status
  • Client-side validation: host is a valid hostname/IP; port 1–65535; TPS > 0
  • On submit, POST /v1/internal/operators called
  • Success: modal closes; operator appears in list
  • SMPP password never shown again after creation

Story Points: 5

US-ADMDASH-03-03 — Edit SMPP Operator

As a platform admin, I want to update an operator's configuration, So that I can adjust throughput limits or fix connection details without deleting and recreating.

Acceptance Criteria:

  • "Edit" button opens the create modal pre-populated (password field blank)
  • Blank password field means no password change
  • All other fields editable
  • PUT /v1/internal/operators/{operatorId} called on submit

Story Points: 3

US-ADMDASH-03-04 — Delete SMPP Operator

As a platform admin, I want to delete an SMPP operator that is no longer in use, So that it does not appear in routing rule options.

Acceptance Criteria:

  • "Delete" button shows confirmation dialog
  • Dialog warns: "This operator will be removed from all routing rules"
  • If operator is in active routing rules, backend returns 422 with error message
  • 422 error shown: "Remove this operator from routing rules before deleting"
  • On success, operator removed from list

Story Points: 3

EP-ADMDASH-04 — Routing Rule Management

Goal: Allow admins to view and manage SMS routing rules.

US-ADMDASH-04-01 — View and Reorder Routing Rules

As a platform admin, I want to view routing rules in priority order and reorder them via drag-and-drop, So that I can adjust which operators are preferred for different message types.

Acceptance Criteria:

  • /routing lists all rules in priority order
  • Each rule shows: name, conditions (pills), target operators, active status
  • Drag-and-drop reordering; save button commits the new order
  • 409 conflict on save shows error toast + list re-fetches
  • Rules can be activated/deactivated via toggle

Story Points: 8

EP-ADMDASH-05 — Cross-Tenant Message Log Inspection

Goal: Allow admins to search and inspect messages across all tenants.

US-ADMDASH-05-01 — Cross-Tenant Message Search

As a platform admin, I want to search messages across all tenants with rich filters, So that I can investigate delivery failures and support customer enquiries.

Acceptance Criteria:

  • /messages filter panel: tenant selector, account selector (filtered by tenant), from, to, status, operatorId, date range
  • Filter state in URL params; shareable deep-links
  • Paginated table with columns: messageId, tenant, account, to, from, status, operator, submittedAt
  • Clicking a row opens message detail with all timestamps, DLR codes, operator

Story Points: 8

EP-ADMDASH-06 — User Management

Goal: Allow admins to manage platform user accounts.

US-ADMDASH-06-01 — User Administration

As a platform admin, I want to view, suspend, and delete user accounts, So that I can enforce account policies and handle abuse.

Acceptance Criteria:

  • /users lists all users: email, roles, status, createdAt
  • Search by email or userId
  • "Suspend" changes status to suspended with confirmation
  • "Reactivate" changes status back to active
  • "Delete" — hard delete with confirmation dialog; irreversible warning

Story Points: 5

EP-ADMDASH-07 — System Health Monitoring

Goal: Provide admins with a consolidated view of all platform service health.

US-ADMDASH-07-01 — System Health Page

As a platform admin, I want to see the health status of all platform microservices on a single page, So that I can identify unhealthy services during an incident.

Acceptance Criteria:

  • /health shows a card for each backend service
  • Each card: service name, status badge (healthy/degraded/down), last latency ms, last checked time, diagnostic message
  • Health grid refreshes every 30 seconds (shared poll with dashboard)
  • Degraded or down services highlighted with amber/red

Story Points: 5

EP-ADMDASH-08 — Billing Oversight

Goal: Allow admins to review tenant billing and manage pricing.

US-ADMDASH-08-01 — Tenant Invoice Review

As a platform admin, I want to view invoices across all tenants and update pricing, So that I can identify billing issues and apply pricing changes.

Acceptance Criteria:

  • /billing shows all tenant invoices: tenant, period, amount, status
  • Filter by tenant, status, date range
  • Overdue invoices highlighted
  • Pricing tab: current per-message pricing configuration; "Update pricing" form
  • Pricing update requires a confirmation dialog before submission

Story Points: 5

Summary

EpicStoriesTotal Points
EP-ADMDASH-01 Auth28
EP-ADMDASH-02 Dashboard519
EP-ADMDASH-03 Operator Mgmt414
EP-ADMDASH-04 Routing Rules18
EP-ADMDASH-05 Message Logs18
EP-ADMDASH-06 User Mgmt15
EP-ADMDASH-07 Health15
EP-ADMDASH-08 Billing15
EP-ADMDASH-09 NOC SPoG626
EP-ADMDASH-10 Regulator Workbench521
EP-ADMDASH-11 Sender-ID Workbench416
Total31135

EP-ADMDASH-09 — NOC Single-Pane-of-Glass

Goal: Give the 24×7 NOC a single dashboard that shows the health and shape of national SMS traffic at a glance: per-MNO bind state, queue depth per priority lane, TPS shaping, DLR latency heatmap, compliance hold queue, fraud signals, regulator alerts.

US-ADMDASH-09-01 — NOC home page with status tiles

As a NOC operator, I want a single home page with red/amber/green tiles for every critical subsystem, So that I can triage in seconds.

Acceptance Criteria:

  • AC1: Tiles for: each MNO bind, each NATS stream lag, compliance hold age, DLR latency P95 per lane, fraud-feed updates, regulator portal status
  • AC2: Tile colour: green (in SLO), amber (degraded — NFR breach within 50%), red (out of SLO)
  • AC3: Click through to detailed dashboard
  • AC4: Auto-refresh every 5 s; configurable

Story Points: 5

US-ADMDASH-09-02 — Per-MNO bind state matrix

As a NOC operator, I want a matrix showing every (MNO × bind direction × bindId) cell with bind state and TPS, So that a partial outage is immediately spotted.

Acceptance Criteria:

  • AC1: Rows: MNOs (AWCC, Roshan, Etisalat, MTN, Salaam); columns: TX, RX, TRX
  • AC2: Cell shows bound/unbound count, TPS in/out, last error
  • AC3: Click cell → detail page with last 10 events, bind history graph

Story Points: 5

US-ADMDASH-09-03 — Priority-lane queue-depth panel

As a NOC operator, I want queue depth per priority lane (P0..P4) over time, So that lane shedding events are visible.

Acceptance Criteria:

  • AC1: Stacked area chart: lag per lane over 24h
  • AC2: Annotations on shed events
  • AC3: Linked alert OrchLaneSloBreach

Story Points: 3

US-ADMDASH-09-04 — Compliance hold-queue triage

As a NOC operator + compliance reviewer, I want a hold-queue widget showing oldest holds, by-tenant breakdown, and bulk-review link, So that SLA breaches don't accumulate unnoticed.

Acceptance Criteria:

  • AC1: Widget shows: oldest hold age, holds > 4h count (alert threshold), top 10 tenants by hold count
  • AC2: Bulk-review link drops into compliance admin UI with filter pre-applied
  • AC3: Live count updates every 30 s

Story Points: 5

US-ADMDASH-09-05 — Fraud signals stream

As a NOC operator, I want a real-time stream of fraud signals from fraud-intel-service, So that I can see emerging incidents.

Acceptance Criteria:

  • AC1: Live feed of fraud.detected.* events (AIT, SIM-box, OTP-grinding) with severity
  • AC2: Click-through to fraud-intel detail
  • AC3: One-click "create incident" button

Story Points: 5

US-ADMDASH-09-06 — Incident command mode

As a NOC lead, I want an "incident mode" overlay that pins a war-room view (relevant tiles, NATS broadcast composer, on-call roster), So that an active incident has a unified workspace.

Acceptance Criteria:

  • AC1: Activate Incident button creates a NATS subject noc.incident.{id} and pins relevant tiles
  • AC2: Broadcast composer wired to EP-NOTIF-07 (national incident broadcasts)
  • AC3: PagerDuty incident auto-linked

Story Points: 3

EP-ADMDASH-10 — Regulator Workbench

Goal: Provide internal staff a workbench for regulator-facing operations: CDR submission status, lawful-intercept request queue, complaint triage, reports.

US-ADMDASH-10-01 — CDR submission status panel

As a regulator-liaison, I want to see daily CDR submissions to ATRA — status, file hashes, regulator ack timestamps, So that missed submissions are caught the same day.

Acceptance Criteria:

  • AC1: Table: date, file count, total records, signed-hash, ATRA ack status (PENDING/ACK/REJECTED), retry count
  • AC2: Filter by date range; default last 30 d
  • AC3: Manual re-submit button (audit-logged)
  • AC4: Linked alert CdrSubmissionMissing if any day in last 7 lacks an ACK

Story Points: 5

US-ADMDASH-10-02 — Lawful-intercept (LI) request queue

As a regulator-liaison, I want a queue of incoming LI requests from ATRA with status workflow (RECEIVED → ACK → IN_PROGRESS → DELIVERED → CLOSED), So that the legal-mandated 24-h SLA is met.

Acceptance Criteria:

  • AC1: List view of regulator.li_requests rows; SLA countdown clock per row
  • AC2: Workflow transitions logged in regulator.li_audit
  • AC3: SLA breach alert if any row in IN_PROGRESS > 18h
  • AC4: Role-restricted (only Legal + Regulator-Liaison roles)

Story Points: 5

US-ADMDASH-10-03 — Complaint triage queue

As a regulator-liaison, I want to see citizen complaints forwarded from ATRA with workflow (NEW → INVESTIGATING → RESOLVED), So that complaints are handled within the agreed SLA.

Acceptance Criteria:

  • AC1: Triage list: new complaints first, by age
  • AC2: Each complaint links to: tenant, message(s) referenced, related sender-ID
  • AC3: Resolution form with RESOLVED/REJECTED + reason; pushed back to ATRA
  • AC4: Resolution NPS captured (regulator satisfaction)

Story Points: 5

US-ADMDASH-10-04 — Compliance attestation hub

As a compliance officer, I want to see ISO 27001 / SOC 2 Type II evidence collection status, So that annual audits are continuously evidenced.

Acceptance Criteria:

  • AC1: Dashboard of control families, evidence status (CURRENT/STALE/MISSING)
  • AC2: Stale evidence > 60 d auto-flagged
  • AC3: Auditor portal link (read-only) for external assessors

Story Points: 3

US-ADMDASH-10-05 — SIEM forwarding health

As a security engineer, I want to see SIEM forwarding (Splunk/ELK/QRadar) health and back-pressure, So that dropped security events are detected.

Acceptance Criteria:

  • AC1: Panel showing event-throughput per SIEM target
  • AC2: Lag metric per target; alert if > 60 s sustained
  • AC3: Failover to secondary SIEM tested monthly

Story Points: 3

EP-ADMDASH-11 — Sender-ID Registry Review Workbench

Goal: Provide internal Trust & Safety staff a workbench to review pending sender-ID registrations, KYC documents, verification status, and reputation scores.

US-ADMDASH-11-01 — Pending-registration queue

As a T&S reviewer, I want a queue of pending sender-ID registrations sorted by submission date, So that I can process them in order and meet the SLA.

Acceptance Criteria:

  • AC1: List of sender_id_registry.pending with tenant, alpha-ID requested, submission date, KYC document refs
  • AC2: SLA countdown per row (default 5 business days); breach flag
  • AC3: Reviewer assignment; round-robin or self-claim

Story Points: 5

US-ADMDASH-11-02 — KYC document inline-viewer

As a T&S reviewer, I want to view uploaded KYC documents (commercial license, national ID, regulator letter) inline, So that I don't need to download files individually.

Acceptance Criteria:

  • AC1: PDF/image inline viewer; full-screen toggle
  • AC2: Watermark applied: "GHASI INTERNAL — DO NOT DISTRIBUTE"
  • AC3: View action audit-logged
  • AC4: Document fetched from S3 via signed URL (15 min expiry)

Story Points: 5

US-ADMDASH-11-03 — Approve / Reject / Request-Info workflow

As a T&S reviewer, I want approve/reject/request-info actions with mandatory reason, So that decisions are auditable.

Acceptance Criteria:

  • AC1: Three actions; reason field mandatory
  • AC2: APPROVED → publish sender.id.registered.v1; tenant notified
  • AC3: REJECTED → publish sender.id.rejected.v1; reason shown to tenant
  • AC4: REQUEST_INFO → tenant gets ticket with checklist of additional docs needed

Story Points: 3

US-ADMDASH-11-04 — Sender-ID reputation dashboard

As a T&S reviewer, I want to see the live reputation score for any sender-ID, So that I can investigate complaints and consider suspension.

Acceptance Criteria:

  • AC1: Search by sender-ID; show: score (0–100), score history (90 d), top complaint categories, recent compliance hits, fraud signals
  • AC2: One-click suspend (with reason; audit-logged)
  • AC3: Score recomputed from sender-id-registry-service aggregates

Story Points: 3