Repair first-time identity and trust operator journeys

2026-03-15 12:33:56 +02:00
parent 7bdfcd5055
commit 08390f0ca4
27 changed files with 5814 additions and 2425 deletions
--- a/src/Platform/StellaOps.Platform.WebService/Endpoints/AdministrationTrustSigningMutationEndpoints.cs
+++ b/src/Platform/StellaOps.Platform.WebService/Endpoints/AdministrationTrustSigningMutationEndpoints.cs
@@ -226,6 +226,72 @@ public static class AdministrationTrustSigningMutationEndpoints
        .WithSummary("Register trust issuer")
        .RequireAuthorization(PlatformPolicies.TrustWrite);

+        group.MapPost("/issuers/{issuerId:guid}/block", async Task<IResult>(
+            HttpContext context,
+            PlatformRequestContextResolver resolver,
+            IAdministrationTrustSigningStore store,
+            Guid issuerId,
+            BlockAdministrationTrustIssuerRequest request,
+            CancellationToken cancellationToken) =>
+        {
+            if (!TryResolveContext(context, resolver, out var requestContext, out var failure))
+            {
+                return failure!;
+            }
+
+            try
+            {
+                var updated = await store.BlockIssuerAsync(
+                    requestContext!.TenantId,
+                    requestContext.ActorId,
+                    issuerId,
+                    request,
+                    cancellationToken).ConfigureAwait(false);
+
+                return Results.Ok(updated);
+            }
+            catch (InvalidOperationException ex)
+            {
+                return MapStoreError(ex, keyId: null, certificateId: null);
+            }
+        })
+        .WithName("BlockAdministrationTrustIssuer")
+        .WithSummary("Block trust issuer")
+        .RequireAuthorization(PlatformPolicies.TrustAdmin);
+
+        group.MapPost("/issuers/{issuerId:guid}/unblock", async Task<IResult>(
+            HttpContext context,
+            PlatformRequestContextResolver resolver,
+            IAdministrationTrustSigningStore store,
+            Guid issuerId,
+            UnblockAdministrationTrustIssuerRequest request,
+            CancellationToken cancellationToken) =>
+        {
+            if (!TryResolveContext(context, resolver, out var requestContext, out var failure))
+            {
+                return failure!;
+            }
+
+            try
+            {
+                var updated = await store.UnblockIssuerAsync(
+                    requestContext!.TenantId,
+                    requestContext.ActorId,
+                    issuerId,
+                    request,
+                    cancellationToken).ConfigureAwait(false);
+
+                return Results.Ok(updated);
+            }
+            catch (InvalidOperationException ex)
+            {
+                return MapStoreError(ex, keyId: null, certificateId: null);
+            }
+        })
+        .WithName("UnblockAdministrationTrustIssuer")
+        .WithSummary("Unblock trust issuer")
+        .RequireAuthorization(PlatformPolicies.TrustAdmin);
+
        group.MapGet("/certificates", async Task<IResult>(
            HttpContext context,
            PlatformRequestContextResolver resolver,