Skip to content

Add campaign team collaboration and public API v1 platform.#261

Merged
dotunv merged 2 commits into
Savitura:mainfrom
Abidoyesimze:feature/issues-248-249
Jun 20, 2026
Merged

Add campaign team collaboration and public API v1 platform.#261
dotunv merged 2 commits into
Savitura:mainfrom
Abidoyesimze:feature/issues-248-249

Conversation

@Abidoyesimze

@Abidoyesimze Abidoyesimze commented Jun 19, 2026

Copy link
Copy Markdown
Contributor

Summary

Closes #248
Closes #249

Backend

Team & invites (#248)

  • Migration: backend/db/migrations/20260527_campaign_members.sql
  • POST /api/campaigns/:id/members/invite — email invite with 7-day token
  • GET /api/invites/:token — invite preview (campaign name + role)
  • POST /api/invites/:token/accept — accept invitation
  • POST /:id/members/:memberId/resend, DELETE /:id/members/invites/:memberId — pending invite management
  • PATCH /:id/members/:userId (owner only), DELETE /:id/members/:userId (last-owner guard)
  • Role enforcement: managers post updates; editors edit content; viewers see analytics; editors cannot access analytics
  • GET /campaigns/:id resolves user_role from session cookie

Public API (#249)

  • GET /v1/campaigns, GET /v1/campaigns/:id
  • GET/POST /v1/campaigns/:id/contributions (Horizon-verified Stellar tx)
  • GET /v1/users/me
  • POST /api/auth/api-keys alias alongside /api/api-keys
  • OpenAPI at /v1/docs and /api/v1/docs

Frontend

  • Campaign.jsx: Team tab with role badges, editor role in invite dropdown, pending invite Resend/Cancel, role-gated analytics and update posting
  • AcceptInvite.jsx: Shows campaign title and assigned role before confirming
  • Developer.jsx: API key management + live v1 API explorer + OpenAPI link

Test plan

  • Run migration: psql $DATABASE_URL -f backend/db/migrations/20260527_campaign_members.sql
  • Owner invites a manager by email; invitee receives link, sees preview, accepts, appears in Team list
  • Manager can post campaign update; editor cannot view analytics
  • Owner can resend/cancel pending invites; cannot remove last owner
  • Create API key on Developer page; call GET /api/v1/campaigns unauthenticated (200)
  • Call GET /api/v1/users/me without key (401); with Bearer cp_live_… (200)
  • POST /api/v1/campaigns/:id/contributions with valid Stellar tx hash creates contribution
  • Open /v1/docs and verify OpenAPI spec loads
  • cd backend && npm testcampaignPermissions.test.js, v1.test.js, authScopes.test.js

devsimze and others added 2 commits June 19, 2026 03:07
@devsimze @cursoragent
Add campaign team collaboration and public API v1 platform.
2b2e4c5 
Closes Savitura#248 and Savitura#249 by completing invite flows, role-based permissions,
the Team dashboard tab, versioned /v1 endpoints with API key auth, and
the Developer page API explorer.

Co-authored-by: Cursor <cursoragent@cursor.com>
@dotunv
Merge branch 'main' into feature/issues-248-249
da5334b
@dotunv dotunv merged commit e7bbc0a into Savitura:main Jun 20, 2026
0 of 3 checks passed
@grantfox-oss grantfox-oss Bot mentioned this pull request Jun 20, 2026
Closed
5 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Public Payments API — Programmatic Campaign Contributions for Developers Campaign Team Collaboration — Multi-Member Roles & Permissions

3 participants

@Abidoyesimze @dotunv @devsimze