bytelyst/learning_ai_common_plat
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

docs: add comprehensive dashboard UI gap analysis — 55 hidden/underexposed features identified

Browse Source 
Systematic scan of platform-service (43+ modules, 511+ endpoints) vs admin-web
(27 sidebar items, 38 pages) and user-dashboard-web (11 pages, 39 API routes).

Key findings:
- 28 backend modules completely missing from admin UI
- 7 admin pages built but missing from sidebar (undiscoverable)
- 12 user-dashboard features completely missing
- 1 critical backend bug: ai-diagnostics routes.ts not registered in server.ts
- 26 missing admin API proxy routes
- 10 errata items self-audited and corrected in-place

Includes 79-row module-to-UI matrix, auth sub-module gap detail,
prioritized 6-sprint action plan, and cross-cutting gap tables.
This commit is contained in:
saravanakumardb1 2026-03-21 17:18:06 -07:00
parent 267f8af3a4
commit 827934124d
1 changed files with 719 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

719
docs/DASHBOARD_UI_GAP_ANALYSIS.md Normal file
View File

@ -0,0 +1,719 @@
# Dashboard UI Gap Analysis — Hidden Features Not Exposed in Admin & User Dashboards
> **Generated:** 2026-03-21
> **Scope:** Full workspace scan across platform-service (43 modules, 511+ endpoints), admin-web, user-dashboard-web, tracker-web, LysnrAI backend (7 modules), and extraction-service (2 modules).
> **Goal:** Identify every backend feature/module that exists but has NO corresponding UI page or is only partially exposed.
---
## Review Errata (2026-03-21 self-audit)
The following bugs/inaccuracies were found during systematic post-generation review and corrected in-place:
| # | Bug | Severity | Fix Applied |
| :-: | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | :------: | ------------------------------------------ |
| E1 | **Section 1.2 classification error:** Items 1.2.41.2.12 (onboarding, delivery, jobs, sessions, IP rules, maintenance, exports, status, marketplace) were labeled "Partially Exposed" but are actually **Completely Missing** — they have zero admin pages, zero sidebar items, and zero API proxy routes. | HIGH | Moved to section 1.1, renumbered |
| E2 | **6 admin pages exist but have NO sidebar nav item** — these "hidden pages" were not flagged as a distinct gap category: `/debug-sessions`, `/health-dashboard`, `/extraction`, `/experiments`, `/ai-diagnostics`, `/predictive/*` | HIGH | Added new section 1.3 |
| E3 | **`ai-diagnostics` module (671 lines, its own routes.ts) is NOT registered in server.ts** — backend bug, not just a UI gap. Routes exist but the Fastify plugin is never mounted. | CRITICAL | Added to section 1.1 with backend-bug flag |
| E4 | **Appendix A matrix missing 5 modules** that are registered in server.ts: `referrals/migration-admin-routes`, `runs` (separate from `jobs`), `surveys`, the `diagnostics` sub-route files (auto-trigger, crash-trigger, session-replay, performance-profile) | MEDIUM | Added to matrix |
| E5 | **Admin API route `/api/users/` exists** but was not mentioned — the doc implied users management was only via direct Cosmos, but there are proxy routes | LOW | Noted in matrix |
| E6 | **Admin API route `/api/usage/` exists** — doc's matrix row 70 was wrong about usage having no admin API | LOW | Fixed in matrix |
| E7 | **Statistics count corrections:** Admin pages = 38 (not ~38, exact). Admin-web has `/api/users/` and `/api/usage/` proxy routes (total API route dirs = 24 top-level). Sidebar items exactly 27. | LOW | Fixed in Part 6 |
| E8 | **Billing Checkout (1.1.14) missing endpoint count** — listed as "endpoints" without a number | LOW | Added count |
| E9 | **Tenants (1.1.17) missing endpoint count** — listed as "endpoints" without a number | LOW | Added count |
| E10 | **`/users` page exists in admin-web** but has no sidebar nav item and was not in the original gap analysis | MEDIUM | Added to section 1.3 + matrix row 79 |
---
## Executive Summary
**Platform-service has 43+ registered route modules.** Admin-web exposes ~27 nav items/pages. User-dashboard-web exposes ~11 pages. **At least 25 backend modules have zero or insufficient UI exposure.**
| Category | Backend Modules | Admin Pages | User Pages | Gap |
| -------------------------- | :-------------: | :---------: | :--------: | :----------: |
| Auth & Security | 9 sub-modules | 4 pages | 3 pages | **5 hidden** |
| Billing & Commerce | 7 modules | 2 pages | 2 pages | **5 hidden** |
| AI & Agents | 5 modules | 1 page | 0 pages | **4 hidden** |
| Operations & Infra | 10 modules | 6 pages | 0 pages | **4 hidden** |
| Growth & Engagement | 6 modules | 4 pages | 1 page | **2 hidden** |
| Content & Data | 6 modules | 2 pages | 2 pages | **4 hidden** |
| Enterprise | 4 modules | 0 pages | 0 pages | **4 hidden** |
| Product-Specific (LysnrAI) | 3 modules | 0 pages | 1 page | **2 hidden** |
---
## PART 1: ADMIN-WEB — Missing Features
### 1.1 COMPLETELY MISSING (No page, no sidebar item, no API route)
#### 1.1.1 Organizations & Workspaces (`orgs` module — 14 endpoints)
- **Backend:** Full CRUD for organizations, workspaces, memberships with RBAC permissions
- **Endpoints:** `GET/POST /orgs`, `GET/PATCH/DELETE /orgs/:id`, `POST /orgs/:id/workspaces`, `GET/PATCH/DELETE /orgs/:orgId/workspaces/:wsId`, `GET/POST /orgs/:id/members`, `PATCH/DELETE /orgs/:id/members/:memberId`
- **Admin UI:** NONE — no page, no sidebar item
- **Impact:** HIGH — admins cannot view/manage organizations, memberships, or workspaces
- **Action needed:** New `/organizations` page with org list, member management, workspace management
#### 1.1.2 SCIM Provisioning (`scim` module — 14 endpoints)
- **Backend:** SCIM connector CRUD, user sync, group sync, provisioning events
- **Endpoints:** `GET/POST /scim/connectors`, `GET/PATCH/DELETE /scim/connectors/:id`, user/group sync recording, provisioning event listing
- **Admin UI:** NONE
- **Impact:** HIGH — enterprise SCIM integrations invisible to admins
- **Action needed:** New `/ops/scim` page for connector management, sync status, provisioning event log
#### 1.1.3 Support Cases (`support-cases` module — 12 endpoints)
- **Backend:** Full ticketing system — case CRUD, notes, escalation events, status transitions
- **Endpoints:** `GET/POST /support/cases`, `GET/PATCH /support/cases/:id`, `POST /support/cases/:id/close`, `POST /support/cases/:id/notes`, `GET /support/cases/:id/notes`, escalation management
- **Admin UI:** NONE
- **Impact:** HIGH — entire support ticketing system has no UI
- **Action needed:** New `/support` page with case list, detail view, notes, escalation workflow
#### 1.1.4 AI Budgets & Cost Management (`ai-budgets` module — 11 endpoints)
- **Backend:** Budget policies, spend tracking, alerts, rollover, cost dashboard
- **Endpoints:** `GET/POST /ai-budgets/policies`, `PATCH/DELETE /ai-budgets/policies/:id`, `POST /ai-budgets/spend`, `GET /ai-budgets/spend`, `GET /ai-budgets/alerts`, `GET /ai-budgets/dashboard`, `GET /ai-budgets/rollover`
- **Admin UI:** NONE
- **Impact:** HIGH — AI spend invisible, budget alerts not viewable
- **Action needed:** New `/ai-budgets` page with cost dashboard, policy management, spend history, alerts
#### 1.1.5 Knowledge Bases (`knowledge` module — 13 endpoints)
- **Backend:** Knowledge base CRUD, sources, chunk management, retrieval/search
- **Endpoints:** `GET/POST /knowledge/bases`, `GET/PATCH/DELETE /knowledge/bases/:id`, `POST /knowledge/bases/:id/sources`, `POST /knowledge/bases/:id/chunks`, `POST /knowledge/bases/:id/retrieve`, etc.
- **Admin UI:** NONE
- **Impact:** MEDIUM — RAG knowledge bases invisible, no way to manage or test retrieval
- **Action needed:** New `/knowledge` page with base list, source management, chunk browser, retrieval tester
#### 1.1.6 Agent Executor & Tool Registry (`agents/executor-routes` — 10 endpoints)
- **Backend:** Execute agents, cancel runs, list active runs, SSE step streaming, tool registry
- **Endpoints:** `POST /agents/execute`, `POST /agents/runs/:id/cancel`, `GET /agents/runs/active`, `GET /agents/runs/:id/stream` (SSE), `GET /agents/tools`, `POST /agents/tools/validate`, etc.
- **Admin UI:** The existing `/actiontrail` page shows trails but NOT agent execution/tool management
- **Impact:** MEDIUM — cannot trigger agent runs, view live execution, or manage tool bindings from admin
- **Action needed:** Expand ActionTrail page OR add `/ai-agents` page with execution panel, tool registry, live run viewer
#### 1.1.7 Agent Evaluations (`agent-evals` module — 15 endpoints)
- **Backend:** Eval suites, test cases, eval runs with pass/fail scoring
- **Endpoints:** `GET/POST /agent-evals/suites`, `GET/PATCH/DELETE /agent-evals/suites/:id`, test case CRUD, `POST /agent-evals/suites/:id/run`, `GET /agent-evals/runs`, `GET /agent-evals/runs/:id`
- **Admin UI:** NONE
- **Impact:** MEDIUM — agent quality evaluation invisible
- **Action needed:** New `/ai-evals` page with suite management, test cases, run history, pass/fail charts
#### 1.1.8 Event Subscriptions & DLQ (`event-subscriptions` module — 10 endpoints)
- **Backend:** Event subscription CRUD, DLQ management, event replay
- **Endpoints:** `GET/POST /event-subscriptions`, `GET/PATCH/DELETE /event-subscriptions/:id`, `GET /event-subscriptions/:id/dlq`, `POST /event-subscriptions/:id/dlq/:msgId/replay`, `DELETE /event-subscriptions/:id/dlq/:msgId`, `GET /events`
- **Admin UI:** NONE
- **Impact:** MEDIUM — event bus subscriptions, dead letter queue, replays all invisible
- **Action needed:** New `/ops/events` page with subscription list, DLQ viewer with replay/purge buttons
#### 1.1.9 Waitlist Management (`waitlist` module — 12 endpoints)
- **Backend:** Admin: list entries, stats, update, delete, batch invite, CSV export. Public: join, check position, count, config, unsubscribe
- **Endpoints:** `GET /waitlist`, `GET /waitlist/stats`, `GET/PUT/DELETE /waitlist/:id`, `POST /waitlist/invite`, `POST /waitlist/export` + 5 public routes
- **Admin UI:** NONE
- **Impact:** MEDIUM — pre-launch waitlist signups invisible, no way to invite or export
- **Action needed:** New `/waitlist` page with entries table, stats cards, batch invite, CSV export
#### 1.1.10 Reviews & Approval Workflow (`reviews` module — 9 endpoints)
- **Backend:** Review items, assignment, decision (approve/reject/request-changes), listing
- **Endpoints:** `GET/POST /reviews`, `GET/PATCH /reviews/:id`, `POST /reviews/:id/assign`, `POST /reviews/:id/decide`, `GET /reviews/assigned`, `GET /reviews/stats`, `GET /reviews/:id/history`
- **Admin UI:** NONE (distinct from `/feedback` which is user feedback, not content reviews)
- **Impact:** MEDIUM — content review/approval workflow has no UI
- **Action needed:** New `/reviews` page with review queue, assignment, approval workflow
#### 1.1.11 Webhooks Management (`webhooks` module — 8 endpoints)
- **Backend:** Webhook subscription CRUD, secret rotation, delivery log, test webhook
- **Endpoints:** `GET/POST /webhooks`, `GET/PATCH/DELETE /webhooks/:id`, `POST /webhooks/:id/rotate-secret`, `GET /webhooks/:id/deliveries`, `POST /webhooks/:id/test`
- **Admin UI:** NONE
- **Impact:** MEDIUM — webhook integrations invisible, no delivery log viewer
- **Action needed:** New `/webhooks` page with subscription list, delivery log, test button, secret rotation
#### 1.1.12 Data Retention (`retention` module — 5 endpoints)
- **Backend:** Retention policies, dry-run, execution
- **Endpoints:** `GET/POST /retention/policies`, `GET /retention/policies/:id`, `POST /retention/policies/:id/dry-run`, `POST /retention/policies/:id/execute`
- **Admin UI:** NONE
- **Impact:** MEDIUM — data lifecycle management invisible
- **Action needed:** Add to `/settings` or new `/ops/retention` page
#### 1.1.13 Backups (`backups` module — 6 endpoints)
- **Backend:** Create, list, download, restore backups
- **Endpoints:** `GET/POST /backups`, `GET /backups/:id`, `GET /backups/:id/download`, `POST /backups/:id/restore`, `DELETE /backups/:id`
- **Admin UI:** NONE
- **Impact:** MEDIUM — backup/restore invisible
- **Action needed:** New `/ops/backups` page with backup list, create/restore/download buttons
#### 1.1.14 Billing Checkout (`billing-checkout` module — ~4 endpoints)
- **Backend:** Pre-built Stripe Checkout session creation, success/cancel handling
- **Admin UI:** NONE (existing `/billing` page may not cover checkout flow management)
- **Impact:** LOW — mostly user-facing, but admin should see checkout sessions
- **Action needed:** Add checkout session listing to existing `/billing` page
#### 1.1.15 CDN Pipeline (`cdn` module — 7 endpoints)
- **Backend:** Asset upload, listing, invalidation, CDN configuration
- **Admin UI:** NONE
- **Impact:** LOW — CDN management invisible
- **Action needed:** New `/ops/cdn` page or add to existing `/ops` Mission Control
#### 1.1.16 Dunning (`dunning` module — 6 endpoints)
- **Backend:** Failed payment retry, dunning campaigns, customer communication
- **Admin UI:** NONE
- **Impact:** MEDIUM — failed payment recovery invisible
- **Action needed:** Add to `/billing` page or new `/billing/dunning` page
#### 1.1.17 Tenants (`tenants` module — ~5 endpoints)
- **Backend:** Multi-tenant management
- **Admin UI:** NONE
- **Impact:** LOW for now — multi-tenant not yet needed
- **Action needed:** New `/tenants` page when multi-tenant goes live
#### 1.1.18 API Versioning (`api-versioning` module — 5 endpoints)
- **Backend:** Version management, deprecation, migration tracking
- **Admin UI:** NONE
- **Impact:** LOW
- **Action needed:** Add to `/settings` or `/ops` page
#### 1.1.19 Full-Text Search (`search` module — 5 endpoints)
- **Backend:** Cross-entity search across products
- **Admin UI:** NONE
- **Impact:** LOW — search is typically consumed by clients
- **Action needed:** Consider adding a universal search bar to admin header
#### 1.1.20 Onboarding Analytics (`onboarding` module — 4 endpoints)
- **Backend:** Step tracking, completion tracking, funnel conversion rates
- **Endpoints:** `POST /onboarding/step`, `POST /onboarding/complete`, `GET /onboarding/funnel`, `GET /onboarding/user/:userId`
- **Admin UI:** NONE
- **Impact:** MEDIUM — onboarding funnel visualization completely missing
- **Action needed:** New `/analytics/onboarding` page with funnel chart, step drop-off analysis
#### 1.1.21 Delivery Module (`delivery` — 8 endpoints)
- **Backend:** 8 email templates, delivery log, send history
- **Admin UI:** NONE
- **Impact:** MEDIUM — cannot view email delivery log, template previews, or failure rates
- **Action needed:** New `/ops/delivery` page with delivery log, template preview, retry failed
#### 1.1.22 Jobs & Runs (`jobs` — 5 endpoints, `runs` — 7 endpoints)
- **Backend:** Scheduled job management, run history, trigger
- **Admin UI:** NONE
- **Impact:** MEDIUM — cannot view/trigger scheduled jobs, see run history or failures
- **Action needed:** New `/ops/jobs` page with job list, trigger button, run history table
#### 1.1.23 Sessions Module (`sessions` — 5 endpoints)
- **Backend:** List user sessions, revoke, revoke-all, admin force-revoke
- **Admin UI:** NONE (settings/devices is for the admin's OWN devices only)
- **Impact:** MEDIUM — cannot view/revoke other users' active sessions
- **Action needed:** Add session management to user detail view or new `/ops/sessions` page
#### 1.1.24 IP Rules (`ip-rules` — 5 endpoints)
- **Backend:** IP allow/deny with CIDR matching, temporary blocks with expiry
- **Admin UI:** NONE
- **Impact:** MEDIUM — cannot manage IP allowlists/blocklists
- **Action needed:** New `/ops/security/ip-rules` or add to existing `/ops/security`
#### 1.1.25 Maintenance Mode (`maintenance` — 6 endpoints)
- **Backend:** 4 modes (off/read_only/maintenance/emergency), bypass roles/IPs, scheduled windows
- **Admin UI:** NONE
- **Impact:** MEDIUM — cannot activate maintenance mode from UI
- **Action needed:** Add maintenance toggle to `/ops` Mission Control page
#### 1.1.26 Exports / GDPR (`exports` — 5 endpoints)
- **Backend:** GDPR data export jobs for 6 entity types, CSV/JSON format
- **Admin UI:** NONE
- **Impact:** MEDIUM — cannot trigger or download GDPR exports
- **Action needed:** New `/ops/exports` page or add to existing `/settings`
#### 1.1.27 Status Page / Incidents (`status` — 9 endpoints)
- **Backend:** Public status page, incident CRUD, subscriber notifications
- **Admin UI:** `/ops` Mission Control shows service health but NOT incident management
- **Impact:** MEDIUM — cannot create/update incidents, manage status page subscribers
- **Action needed:** New `/ops/status` page with incident CRUD, subscriber list
#### 1.1.28 Marketplace (`marketplace` — 29 endpoints)
- **Backend:** Listings, purchases, reviews, featured, categories — largest module by endpoint count
- **Admin UI:** NONE
- **Impact:** HIGH — entire marketplace management invisible
- **Action needed:** New `/marketplace` page with listing management, purchase history, review moderation
#### 1.1.29 ⚠️ BACKEND BUG: AI Diagnostics (`ai-diagnostics` — 671-line routes.ts, NOT REGISTERED)
- **Backend:** `ai-diagnostics/routes.ts` exists (671 lines) with NL query parser, LLM root-cause analyzer, telemetry linking, error clustering — but the route plugin is **never registered in server.ts**
- **Admin UI:** `/ai-diagnostics` page exists and is reachable
- **Impact:** CRITICAL — the admin page exists but the backend endpoints it calls are not mounted. Page is non-functional.
- **Action needed:** Add `import { aiDiagnosticsRoutes } from './modules/ai-diagnostics/routes.js'` and `await app.register(aiDiagnosticsRoutes, { prefix: '/api' })` to server.ts
---
### 1.2 PARTIALLY EXPOSED (Page exists but missing sub-features)
#### 1.2.1 Experiments Page — Missing A/B Test Assignment Viewer
- **Backend:** `experiments` + `ab-testing` modules — full experiment lifecycle
- **Admin UI:** `/experiments` page exists, `/ops/ab-testing` exists
- **Gap:** No UI to view individual user assignments, no variant traffic split visualization
- **Action needed:** Add assignment log table, traffic split donut chart
#### 1.2.2 Diagnostics — Missing Session Replay, Performance Profiles, Crash Triggers
- **Backend:** `diagnostics` module has 5 route files: base routes, auto-trigger, crash-trigger, session-replay, performance-profile
- **Admin UI:** `/debug-sessions` page exists
- **Gap:** No session replay viewer, no performance profile flame graphs, no crash trigger configuration UI
- **Action needed:** Add sub-pages: `/debug-sessions/replay`, `/debug-sessions/performance`, `/ops/crash-triggers`
#### 1.2.3 Predictive Analytics — Missing Campaign Execution
- **Backend:** `predictive-analytics` module — churn scoring, at-risk users, intervention campaigns
- **Admin UI:** `/predictive/at-risk` and `/predictive/campaigns` pages exist
- **Gap:** Campaign execution/send may not be wired, no cohort comparison charts
- **Action needed:** Verify campaign execution UI, add cohort visualization
#### 1.2.4 Settings — Missing Kill Switch UI for Newer Products
- **Backend:** `/api/settings/kill-switch` exists in admin API routes
- **Gap:** Kill switch toggle may only cover LysnrAI; other products need coverage
- **Action needed:** Verify kill switch works for all 11 products
---
### 1.3 HIDDEN PAGES (Page exists but NO sidebar nav item — unreachable without direct URL)
These admin pages were built but never added to the sidebar navigation. Users cannot discover them without knowing the URL.
| Page Path | Backend Module | Has API Routes? | Action Needed |
| --------------------------------------------------------- | ---------------------- | :---------------------------: | -------------------------------------------------------------- |
| `/users` | `auth` (user list) | ✅ `/api/users/` | Add to sidebar (currently accessible only via Dashboard links) |
| `/debug-sessions` | `diagnostics` | via platform-client | Add to sidebar under Ops |
| `/debug-sessions/[id]` | `diagnostics` | via platform-client | (detail view — ok as sub-route) |
| `/health-dashboard` | `diagnostics` | via platform-client | Add to sidebar under Ops |
| `/extraction` | extraction-service | ✅ `/api/extraction/` | Add to sidebar under Ops |
| `/experiments` + `/experiments/[id]` + `/experiments/new` | `experiments` | via platform-client | Add to sidebar |
| `/ai-diagnostics` | `ai-diagnostics` | ⚠️ **Backend not registered** | Add to sidebar + fix backend first |
| `/predictive/at-risk` | `predictive-analytics` | ✅ via predictive-client | Add to sidebar |
| `/predictive/campaigns` | `predictive-analytics` | ✅ via predictive-client | Add to sidebar |
**Total: 7 unique features with pages but zero sidebar discoverability.**
---
## PART 2: USER-DASHBOARD-WEB — Missing Features
### 2.1 COMPLETELY MISSING
#### 2.1.1 User Invitations — Partial
- **Backend:** User can redeem invitations (`/api/invitations/redeem` API route exists)
- **UI Page:** NONE — no `/invitations` page in sidebar
- **Gap:** User cannot see pending invitations or redeem from UI
- **Action needed:** New `/invitations` page showing pending invitations with accept/decline
#### 2.1.2 MFA Management — Partial
- **Backend:** MFA verify route exists (`/api/auth/mfa/verify`)
- **UI Gap:** No dedicated MFA setup/management page (TOTP setup, recovery codes, disable MFA)
- **Action needed:** Add MFA section to `/settings` or new `/settings/security` page with TOTP setup wizard, recovery code viewer
#### 2.1.3 Passkeys — Missing
- **Backend:** Passkey routes exist in admin-web but NOT in user-dashboard
- **UI Gap:** User cannot register/manage passkeys
- **Action needed:** Add passkey management to `/settings/security`
#### 2.1.4 Devices & Trusted Sessions — Missing
- **Backend:** Device trust, login events exist in platform-service
- **UI Gap:** User cannot view logged-in devices, revoke sessions, or manage device trust
- **Action needed:** New `/settings/devices` page showing active sessions with revoke button
#### 2.1.5 OAuth Account Linking — Missing
- **Backend:** OAuth routes exist (`/api/auth/oauth/[provider]`, SSO routes for Google/Microsoft)
- **UI Gap:** OAuth callbacks exist but no UI for linking/unlinking OAuth providers from profile
- **Action needed:** Add "Connected Accounts" section to `/profile` page
#### 2.1.6 Changelog / What's New — Missing
- **Backend:** `changelog` module exists in platform-service
- **UI Gap:** User has no way to see product updates, release notes
- **Action needed:** New `/changelog` page or notification bell dropdown with latest changes
#### 2.1.7 Feedback Submission — Missing
- **Backend:** `feedback` module in platform-service
- **UI Gap:** No way for users to submit feedback from the dashboard
- **Action needed:** Add feedback widget/button (e.g., floating button) or `/feedback` page
#### 2.1.8 Organizations — Missing
- **Backend:** `orgs` module with user-facing membership endpoints
- **UI Gap:** User cannot view/manage their organization memberships
- **Action needed:** New `/organization` page if user belongs to an org
#### 2.1.9 Support / Help — Missing
- **Backend:** `support-cases` module
- **UI Gap:** No way for users to create/track support tickets
- **Action needed:** New `/support` page with ticket creation form, ticket list, status tracking
#### 2.1.10 Usage Stats — Missing
- **Backend:** `usage` module tracks per-user usage
- **UI Gap:** User cannot see their own usage stats (API calls, storage, etc.)
- **Action needed:** Add usage widget to dashboard or new `/usage` page
#### 2.1.11 Export Personal Data (GDPR) — Missing
- **Backend:** `exports` module supports user data export
- **UI Gap:** No "Download My Data" button anywhere
- **Action needed:** Add "Export My Data" to `/settings` page
#### 2.1.12 Marketplace — Missing
- **Backend:** `marketplace` module has user-facing browse/purchase endpoints
- **UI Gap:** No marketplace browsing or purchase history
- **Action needed:** New `/marketplace` page (lower priority — depends on product)
---
### 2.2 PARTIALLY EXPOSED
#### 2.2.1 Profile Page — Missing Account Deletion Confirmation
- **Backend:** `/api/auth/delete-account` API route exists
- **UI Gap:** Delete button may exist but confirmation flow, data export reminder, and cooldown period UI may be incomplete
- **Action needed:** Verify delete account flow has proper confirmation modal + 7-day cooldown notice
#### 2.2.2 Notifications Page — Missing Preference Management
- **Backend:** `notifications` module has preference endpoints
- **UI Gap:** Can view notifications but may not have granular preference toggles (email/push/in-app per category)
- **Action needed:** Add notification preference grid to `/notifications` or `/settings`
#### 2.2.3 Settings Page — Missing Several Sections
- **Current:** Likely just basic settings
- **Missing sections:** Security (MFA, passkeys, devices), Connected accounts, Notification preferences, Data export, Delete account
- **Action needed:** Expand into tabbed settings with Security, Privacy, Notifications sections
---
## PART 3: TRACKER-WEB — Coverage Assessment
Tracker-web is relatively well-scoped (items, board, roadmap). Main gaps:
- No comment threading UI (backend `comments` module has reply support)
- No vote visualization (backend `votes` module exists)
- These are minor since tracker-web is a simpler dashboard
---
## PART 4: CROSS-CUTTING GAPS
### 4.1 Admin-Web Sidebar Missing Items
Current sidebar has 27 items. The following should be added:
**A) Hidden pages — already built, just need sidebar link:**
| Priority | New Sidebar Item | Page Path | Icon Suggestion |
| :------: | ---------------- | --------------------- | --------------- |
| **P0** | Users | `/users` | Users |
| **P0** | Debug Sessions | `/debug-sessions` | Bug |
| **P0** | Health Dashboard | `/health-dashboard` | HeartPulse |
| **P0** | Extraction | `/extraction` | FileSearch |
| **P0** | Experiments | `/experiments` | FlaskConical |
| **P0** | Predictive | `/predictive/at-risk` | TrendingDown |
| **P1** | AI Diagnostics | `/ai-diagnostics` | BrainCircuit |
**B) New pages — need to be built + sidebar link:**
| Priority | New Sidebar Item | Backend Module | Icon Suggestion |
| :------: | ----------------- | --------------------- | --------------- |
| **P0** | Organizations | `orgs` | Building2 |
| **P0** | Support Cases | `support-cases` | LifeBuoy |
| **P0** | AI Budgets | `ai-budgets` | DollarSign |
| **P0** | Waitlist | `waitlist` | Clock |
| **P1** | Webhooks | `webhooks` | Webhook |
| **P1** | Knowledge Bases | `knowledge` | Database |
| **P1** | Agent Evals | `agent-evals` | FlaskConical |
| **P1** | Reviews | `reviews` | CheckSquare |
| **P1** | Marketplace | `marketplace` | Store |
| **P1** | Delivery Log | `delivery` | Mail |
| **P1** | Scheduled Jobs | `jobs` + `runs` | Timer |
| **P2** | Event Bus | `event-subscriptions` | Radio |
| **P2** | SCIM | `scim` | Link |
| **P2** | IP Rules | `ip-rules` | ShieldBan |
| **P2** | Backups | `backups` | HardDrive |
| **P2** | Retention | `retention` | Trash2 |
| **P2** | Maintenance | `maintenance` | Wrench |
| **P2** | Status/Incidents | `status` | Activity |
| **P2** | Exports (GDPR) | `exports` | Download |
| **P2** | Onboarding Funnel | `onboarding` | Compass |
| **P3** | CDN | `cdn` | Globe |
| **P3** | Dunning | `dunning` | AlertTriangle |
| **P3** | API Versions | `api-versioning` | GitBranch |
| **P3** | Tenants | `tenants` | Users |
| **P3** | Search | `search` | Search |
### 4.2 User-Dashboard Sidebar Missing Items
| Priority | New Sidebar Item | Backend Module | Icon Suggestion |
| :------: | ---------------- | -------------------- | --------------- |
| **P0** | Security | `auth/*` sub-modules | Shield |
| **P0** | Support | `support-cases` | LifeBuoy |
| **P1** | Usage | `usage` | BarChart |
| **P1** | Invitations | `invitations` | Mail |
| **P1** | Changelog | `changelog` | Newspaper |
| **P2** | Feedback | `feedback` | MessageSquare |
| **P2** | Organizations | `orgs` | Building2 |
| **P2** | Marketplace | `marketplace` | Store |
### 4.3 Missing Admin-Web API Proxy Routes
These platform-service modules have NO corresponding `/api/` proxy route in admin-web:
| Module | Admin API Route Needed |
| --------------------- | ------------------------------------ |
| `orgs` | `/api/orgs/[...path]` |
| `scim` | `/api/scim/[...path]` |
| `support-cases` | `/api/support/[...path]` |
| `ai-budgets` | `/api/ai-budgets/[...path]` |
| `knowledge` | `/api/knowledge/[...path]` |
| `agent-evals` | `/api/agent-evals/[...path]` |
| `agents/executor` | `/api/agents/execute/[...path]` |
| `event-subscriptions` | `/api/event-subscriptions/[...path]` |
| `waitlist` | `/api/waitlist/[...path]` |
| `reviews` | `/api/reviews/[...path]` |
| `webhooks` | `/api/webhooks/[...path]` |
| `retention` | `/api/retention/[...path]` |
| `backups` | `/api/backups/[...path]` |
| `cdn` | `/api/cdn/[...path]` |
| `dunning` | `/api/dunning/[...path]` |
| `maintenance` | `/api/maintenance/[...path]` |
| `exports` | `/api/exports/[...path]` |
| `jobs` | `/api/jobs/[...path]` |
| `runs` | `/api/runs/[...path]` |
| `sessions` | `/api/sessions/[...path]` |
| `ip-rules` | `/api/ip-rules/[...path]` |
| `status` | `/api/status/[...path]` |
| `onboarding` | `/api/onboarding/[...path]` |
| `delivery` | `/api/delivery/[...path]` |
| `search` | `/api/search/[...path]` |
| `marketplace` | `/api/marketplace/[...path]` |
---
## PART 5: PRIORITIZED ACTION PLAN
### Sprint 0 — Quick Wins: Wire Hidden Pages + Fix Backend Bug (1 day)
1. **FIX BACKEND BUG:** Register `ai-diagnostics` routes in `server.ts` (1 import + 1 register line)
2. **Add 7 sidebar items** for already-built hidden pages: Users, Debug Sessions, Health Dashboard, Extraction, Experiments, Predictive, AI Diagnostics
3. No new pages needed — just sidebar-nav.tsx edits
### Sprint 1 — Critical Admin Gaps (P0)
4. **Organizations page** — org list, member CRUD, workspace management
5. **Support Cases page** — ticket list, detail, notes, escalation
6. **AI Budgets page** — cost dashboard, policies, spend history, alerts
7. **Waitlist page** — entry list, stats, batch invite, export
8. Add 4 new sidebar items + 4 API proxy routes
### Sprint 2 — High-Value Admin Pages (P1)
9. **Webhooks page** — subscription CRUD, delivery log, test
10. **Knowledge Bases page** — base list, sources, chunk browser
11. **Agent Evals page** — suite management, test cases, run history
12. **Reviews page** — review queue, assignment, approval
13. **Marketplace page** — listing management, purchase history
14. **Delivery Log page** — email logs, template preview, retry
15. **Scheduled Jobs page** — job list, trigger, run history
16. Add 7 new sidebar items + 7 API proxy routes
### Sprint 3 — User Dashboard Gaps (P0)
17. **Security page** — MFA setup, passkeys, device management, session revocation
18. **Support page** — ticket creation, tracking
19. **Usage page** — personal usage stats
20. **Invitations page** — pending invites, accept/decline
21. **Changelog page** — recent updates, release notes
22. Expand Settings with Security/Privacy/Notifications tabs
23. Add "Connected Accounts" to Profile (OAuth link/unlink)
### Sprint 4 — Operational Admin Pages (P2)
24. **Event Bus page** — subscription CRUD, DLQ viewer, replay
25. **SCIM page** — connector management, sync status
26. **IP Rules** — add to ops/security
27. **Backups page** — create/restore/download
28. **Retention page** — policy management, dry-run
29. **Maintenance toggle** — add to Mission Control
30. **Status/Incidents** — incident CRUD
31. **GDPR Exports** — trigger/download
32. **Onboarding Funnel** — analytics visualization
33. **Session Replay** — expand debug-sessions
34. **Performance Profiles** — expand debug-sessions
### Sprint 5 — Lower Priority (P3)
35. CDN management
36. Dunning campaigns
37. API versioning
38. Multi-tenant management
39. Universal search bar
---
## PART 6: SUMMARY STATISTICS
| Metric | Count |
| ------------------------------------------------------------ | :------------------------------: |
| Platform-service modules | 43+ |
| Platform-service route files | 76 |
| Platform-service endpoints | 511+ |
| Admin-web sidebar items | 27 |
| Admin-web pages | 38 |
| Admin-web API routes | 39 |
| User-dashboard pages | 12 |
| User-dashboard API routes | 39 |
| **Admin: Completely missing (no page, no sidebar, no API)** | **28** |
| **Admin: Partially exposed (page exists, features missing)** | **4** |
| **Admin: Hidden pages (page exists, no sidebar item)** | **7** |
| **Admin: Backend bug (routes.ts exists, not registered)** | **1** |
| **User: Completely missing features** | **12** |
| **User: Partially exposed** | **3** |
| **Total hidden/underexposed features** | **55** |
| New admin sidebar items needed | 32 (25 new + 7 hidden pages) |
| New admin API proxy routes needed | 26 |
| New user sidebar items needed | 8 |
| Estimated new pages to build | ~28 (hidden pages already built) |
---
## Appendix A: Complete Module ↔ UI Matrix
| # | Platform-Service Module | Admin Page | Admin API | User Page | User API | Status |
| :-: | ----------------------- | :------------------------: | :-------------: | :--------------: | :------------: | :---------------------------------------------: |
| 1 | auth (core) | ✅ login | ✅ | ✅ login | ✅ | OK |
| 2 | auth/oauth | ✅ settings | ✅ | ⚠️ callback only | ✅ | User gap |
| 3 | auth/mfa | ✅ settings/security | ✅ | ⚠️ verify only | ⚠️ | User gap |
| 4 | auth/passkeys | ✅ settings/passkeys | ✅ | ❌ | ❌ | User gap |
| 5 | auth/devices | ✅ settings/devices | ✅ | ❌ | ❌ | User gap |
| 6 | auth/login-events | ✅ via security | ✅ | ❌ | ❌ | User gap |
| 7 | auth/push-approvals | ❌ | ❌ | ❌ | ❌ | Both gap |
| 8 | auth/qr-auth | ❌ | ❌ | ❌ | ❌ | Both gap |
| 9 | auth/enterprise | ❌ | ❌ | ❌ | ❌ | Both gap |
| 10 | auth/magic-link | ❌ | ❌ | ❌ | ❌ | Both gap |
| 11 | audit | ✅ | ✅ | ❌ | ❌ | OK (admin-only) |
| 12 | agents | ✅ actiontrail | ✅ actiontrail | ❌ | ❌ | Partial |
| 13 | agent-evals | ❌ | ❌ | ❌ | ❌ | **Missing** |
| 14 | agents/executor | ❌ | ❌ | ❌ | ❌ | **Missing** |
| 15 | ai-budgets | ❌ | ❌ | ❌ | ❌ | **Missing** |
| 16 | ai-diagnostics | ⚠️ page exists, no sidebar | ❌ | ❌ | ❌ | **⚠️ BACKEND BUG: not registered in server.ts** |
| 17 | analytics | ✅ via dashboard | ✅ | ❌ | ❌ | OK |
| 18 | api-versioning | ❌ | ❌ | ❌ | ❌ | **Missing** |
| 19 | ab-testing | ✅ ops/ab-testing | ❌ | ❌ | ❌ | OK |
| 20 | backups | ❌ | ❌ | ❌ | ❌ | **Missing** |
| 21 | billing-checkout | ❌ | ❌ | ❌ | ❌ | **Missing** |
| 22 | blob | ❌ | ❌ | ❌ | ❌ | OK (SDK-only) |
| 23 | broadcasts | ✅ | ❌ | ❌ | ❌ | OK |
| 24 | cdn | ❌ | ❌ | ❌ | ❌ | **Missing** |
| 25 | changelog | ❌ | ❌ | ❌ | ❌ | **Missing** |
| 26 | comments | ❌ | ❌ | ❌ | ❌ | OK (tracker) |
| 27 | delivery | ❌ | ❌ | ❌ | ❌ | **Missing** |
| 28 | diagnostics | ✅ debug-sessions | ❌ | ❌ | ❌ | Partial |
| 29 | dunning | ❌ | ❌ | ❌ | ❌ | **Missing** |
| 30 | event-subscriptions | ❌ | ❌ | ❌ | ❌ | **Missing** |
| 31 | experiments | ✅ | ❌ | ❌ | ❌ | OK |
| 32 | exports | ❌ | ❌ | ❌ | ❌ | **Missing** |
| 33 | feedback | ✅ | ❌ | ❌ | ❌ | User gap |
| 34 | flags | ✅ | ✅ | ❌ | ❌ | OK |
| 35 | impersonation | ❌ | ❌ | ❌ | ❌ | OK (API-only) |
| 36 | invitations | ✅ | ✅ | ❌ | ⚠️ redeem only | User gap |
| 37 | ip-rules | ❌ | ❌ | ❌ | ❌ | **Missing** |
| 38 | items | ❌ | ❌ | ❌ | ❌ | OK (tracker) |
| 39 | jobs | ❌ | ❌ | ❌ | ❌ | **Missing** |
| 40 | knowledge | ❌ | ❌ | ❌ | ❌ | **Missing** |
| 41 | licenses | ✅ | ✅ | ✅ | ✅ | OK |
| 42 | maintenance | ❌ | ❌ | ❌ | ❌ | **Missing** |
| 43 | marketplace | ❌ | ❌ | ❌ | ❌ | **Missing** |
| 44 | notifications | ✅ | ✅ | ✅ | ✅ | OK |
| 45 | onboarding | ❌ | ❌ | ❌ | ❌ | **Missing** |
| 46 | orgs | ❌ | ❌ | ❌ | ❌ | **Missing** |
| 47 | plans | ❌ | ✅ settings | ❌ | ❌ | OK |
| 48 | predictive-analytics | ✅ | ✅ | ❌ | ❌ | OK |
| 49 | products | ✅ | ✅ | ❌ | ❌ | OK |
| 50 | promos | ✅ | ✅ | ❌ | ❌ | OK |
| 51 | public | ❌ | ❌ | ❌ | ❌ | OK (public) |
| 52 | ratelimit | ❌ | ❌ | ❌ | ❌ | OK (infra) |
| 53 | referrals | ✅ | ✅ | ✅ | ✅ | OK |
| 54 | retention | ❌ | ❌ | ❌ | ❌ | **Missing** |
| 55 | reviews | ❌ | ❌ | ❌ | ❌ | **Missing** |
| 56 | runs | ❌ | ❌ | ❌ | ❌ | **Missing** |
| 57 | scim | ❌ | ❌ | ❌ | ❌ | **Missing** |
| 58 | search | ❌ | ❌ | ❌ | ❌ | **Missing** |
| 59 | sessions | ❌ | ❌ | ❌ | ❌ | **Missing** |
| 60 | settings | ✅ | ✅ | ✅ | ✅ | OK |
| 61 | status | ❌ | ⚠️ ops/status | ❌ | ❌ | Partial |
| 62 | stripe | ❌ | ✅ via settings | ✅ | ✅ | OK |
| 63 | subscriptions | ✅ | ✅ | ✅ | ✅ | OK |
| 64 | support-cases | ❌ | ❌ | ❌ | ❌ | **Missing** |
| 65 | surveys | ✅ | ❌ | ❌ | ❌ | OK |
| 66 | telemetry | ✅ | ✅ | ❌ | ✅ ingest | OK |
| 67 | tenants | ❌ | ❌ | ❌ | ❌ | **Missing** |
| 68 | themes | ✅ | ✅ | ❌ | ❌ | OK |
| 69 | tokens | ✅ | ✅ | ❌ | ❌ | OK |
| 70 | usage | ❌ | ✅ /api/usage/ | ❌ | ❌ | User gap |
| 71 | votes | ❌ | ❌ | ❌ | ❌ | OK (tracker) |
| 72 | waitlist | ❌ | ❌ | ❌ | ❌ | **Missing** |
| 73 | webhooks | ❌ | ❌ | ❌ | ❌ | **Missing** |
| 74 | diagnostics/auto-trigger | ⚠️ no dedicated page | ❌ | ❌ | ❌ | Hidden |
| 75 | diagnostics/crash-trigger | ⚠️ no dedicated page | ❌ | ❌ | ❌ | Hidden |
| 76 | diagnostics/session-replay | ⚠️ no dedicated page | ❌ | ❌ | ❌ | Hidden |
| 77 | diagnostics/perf-profile | ⚠️ no dedicated page | ❌ | ❌ | ❌ | Hidden |
| 78 | referrals/migration-admin | ❌ | ❌ | ❌ | ❌ | OK (one-time migration) |
| 79 | users (admin-web direct) | ✅ (no sidebar!) | ✅ /api/users/ | ❌ | ❌ | **Hidden page** |
**Legend:** ✅ = Exposed | ⚠️ = Partial | ❌ = Missing | OK = Correctly not needed in that dashboard
---
## Appendix B: Auth Sub-Module Gap Detail
| Auth Sub-Module | Endpoints | Admin UI | User UI | Notes |
| ---------------------------------- | :-------: | :------: | :-----: | ---------------------------------------- |
| Core (login/register/forgot/reset) | 18 | ✅ | ✅ | Complete |
| OAuth (Google/Microsoft/Apple) | 6 | ✅ | ⚠️ | User: callbacks exist, no link/unlink UI |
| MFA (TOTP setup/verify/disable) | 9 | ✅ | ⚠️ | User: verify only, no setup/manage |
| Passkeys (WebAuthn) | 6 | ✅ | ❌ | User: no passkey management at all |
| Devices (trust/fingerprint) | 5 | ✅ | ❌ | User: cannot view/revoke devices |
| Login Events (audit) | 3 | ✅ | ❌ | User: cannot view own login history |
| Push Approvals | 4 | ❌ | ❌ | Neither dashboard has UI |
| QR Auth | 3 | ❌ | ❌ | Neither dashboard has UI |
| Enterprise SSO (SAML/OIDC) | 8 | ❌ | ❌ | Neither dashboard has UI |
| Magic Link | 3 | ❌ | ❌ | Neither dashboard has UI |
---
_This document should be reviewed and updated as pages are built. Check off items as they are completed._