service-finder/docs/audits/admin_gap_analysis.md

Admin System Gap Analysis Report

Generated: 2026-03-21 12:14:33

📊 Executive Summary

• Total hardcoded business values found: 149
• API modules analyzed: 22
• Modules missing admin endpoints: 20

🔍 Hardcoded Business Values

These values should be moved to system_parameters table for dynamic configuration.

File	Line	Variable	Value	Context
seed_discovery.py	8	url	"https://opendata.rdw.nl/resource/m9d7-ebf2.json?$s..."	url = "https://opendata.rdw.nl/resource/m9d7-ebf2.json?$select=distinct%20merk&$limit=50000"
create_sandbox_user.py	28	API_BASE	"http://localhost:8000..."	API_BASE = "http://localhost:8000"
create_sandbox_user.py	29	MAILPIT_API	"http://sf_mailpit:8025/api/v1/messages..."	MAILPIT_API = "http://sf_mailpit:8025/api/v1/messages"
create_sandbox_user.py	30	MAILPIT_DELETE_ALL	"http://sf_mailpit:8025/api/v1/messages..."	MAILPIT_DELETE_ALL = "http://sf_mailpit:8025/api/v1/messages"
create_sandbox_user.py	35	SANDBOX_PASSWORD	"Sandbox123!..."	SANDBOX_PASSWORD = "Sandbox123!"
create_sandbox_user.py	138	max_attempts	5	max_attempts = 5
create_sandbox_user.py	139	wait_seconds	3	wait_seconds = 3
app/test_billing_engine.py	32	base_amount	100.0	base_amount = 100.0
app/test_billing_engine.py	133	file_path	"backend/app/services/billing_engine.py..."	file_path = "backend/app/services/billing_engine.py"
app/api/v1/endpoints/providers.py	11	user_id	2	user_id = 2
app/api/v1/endpoints/services.py	68	new_level	80	new_level = 80
app/api/v1/endpoints/social.py	15	user_id	2	user_id = 2
app/models/core_logic.py	17	__tablename__	"subscription_tiers..."	__tablename__ = "subscription_tiers"
app/models/core_logic.py	29	__tablename__	"org_subscriptions..."	__tablename__ = "org_subscriptions"
app/models/core_logic.py	48	__tablename__	"credit_logs..."	__tablename__ = "credit_logs"
app/models/core_logic.py	64	__tablename__	"service_specialties..."	__tablename__ = "service_specialties"
app/models/reference_data.py	7	__tablename__	"reference_lookup..."	__tablename__ = "reference_lookup"
app/models/identity/identity.py	25	region_admin	"region_admin..."	region_admin = "region_admin"
app/models/identity/identity.py	26	country_admin	"country_admin..."	country_admin = "country_admin"
app/models/identity/identity.py	28	sales_agent	"sales_agent..."	sales_agent = "sales_agent"
app/models/identity/identity.py	30	service_owner	"service_owner..."	service_owner = "service_owner"
app/models/identity/identity.py	31	fleet_manager	"fleet_manager..."	fleet_manager = "fleet_manager"
app/models/identity/identity.py	204	__tablename__	"verification_tokens..."	__tablename__ = "verification_tokens"
app/models/identity/identity.py	217	__tablename__	"social_accounts..."	__tablename__ = "social_accounts"
app/models/identity/identity.py	235	__tablename__	"active_vouchers..."	__tablename__ = "active_vouchers"
app/models/identity/identity.py	249	__tablename__	"user_trust_profiles..."	__tablename__ = "user_trust_profiles"
app/models/identity/address.py	14	__tablename__	"geo_postal_codes..."	__tablename__ = "geo_postal_codes"
app/models/identity/address.py	24	__tablename__	"geo_streets..."	__tablename__ = "geo_streets"
app/models/identity/address.py	33	__tablename__	"geo_street_types..."	__tablename__ = "geo_street_types"
app/models/identity/social.py	24	__tablename__	"service_providers..."	__tablename__ = "service_providers"
app/models/identity/social.py	61	__tablename__	"competitions..."	__tablename__ = "competitions"
app/models/identity/social.py	73	__tablename__	"user_scores..."	__tablename__ = "user_scores"
app/models/identity/social.py	91	__tablename__	"service_reviews..."	__tablename__ = "service_reviews"
app/models/identity/security.py	24	__tablename__	"pending_actions..."	__tablename__ = "pending_actions"
app/models/vehicle/vehicle.py	24	__tablename__	"cost_categories..."	__tablename__ = "cost_categories"
app/models/vehicle/vehicle.py	114	__tablename__	"vehicle_odometer_states..."	__tablename__ = "vehicle_odometer_states"
app/models/vehicle/vehicle.py	145	__tablename__	"vehicle_user_ratings..."	__tablename__ = "vehicle_user_ratings"
app/models/vehicle/vehicle.py	196	__tablename__	"gb_catalog_discovery..."	__tablename__ = "gb_catalog_discovery"
app/models/vehicle/vehicle_definitions.py	19	__tablename__	"vehicle_types..."	__tablename__ = "vehicle_types"
app/models/vehicle/vehicle_definitions.py	35	__tablename__	"feature_definitions..."	__tablename__ = "feature_definitions"
app/models/vehicle/vehicle_definitions.py	53	__tablename__	"vehicle_model_definitions..."	__tablename__ = "vehicle_model_definitions"
app/models/vehicle/vehicle_definitions.py	147	__tablename__	"model_feature_maps..."	__tablename__ = "model_feature_maps"
app/models/vehicle/external_reference.py	7	__tablename__	"external_reference_library..."	__tablename__ = "external_reference_library"
app/models/vehicle/external_reference_queue.py	7	__tablename__	"auto_data_crawler_queue..."	__tablename__ = "auto_data_crawler_queue"
app/models/vehicle/asset.py	14	__tablename__	"vehicle_catalog..."	__tablename__ = "vehicle_catalog"
app/models/vehicle/asset.py	91	__tablename__	"asset_financials..."	__tablename__ = "asset_financials"
app/models/vehicle/asset.py	107	__tablename__	"asset_costs..."	__tablename__ = "asset_costs"
app/models/vehicle/asset.py	125	__tablename__	"vehicle_logbook..."	__tablename__ = "vehicle_logbook"
app/models/vehicle/asset.py	154	__tablename__	"asset_inspections..."	__tablename__ = "asset_inspections"
app/models/vehicle/asset.py	169	__tablename__	"asset_reviews..."	__tablename__ = "asset_reviews"

... and 99 more findings

🏗️ Admin Endpoints Analysis

Modules with Admin Prefix

No modules have /admin prefix

Modules with Admin Routes (but no prefix)

No mixed admin routes found

⚠️ Critical Gaps: Missing Admin Endpoints

These core business modules lack dedicated admin endpoints:

• users - No /admin prefix and no admin routes
• vehicles - No /admin prefix and no admin routes
• services - No /admin prefix and no admin routes
• assets - No /admin prefix and no admin routes
• organizations - No /admin prefix and no admin routes
• billing - No /admin prefix and no admin routes
• gamification - No /admin prefix and no admin routes
• analytics - No /admin prefix and no admin routes
• security - No /admin prefix and no admin routes
• documents - No /admin prefix and no admin routes
• evidence - No /admin prefix and no admin routes
• expenses - No /admin prefix and no admin routes
• finance_admin - No /admin prefix and no admin routes
• notifications - No /admin prefix and no admin routes
• reports - No /admin prefix and no admin routes
• catalog - No /admin prefix and no admin routes
• providers - No /admin prefix and no admin routes
• search - No /admin prefix and no admin routes
• social - No /admin prefix and no admin routes
• system_parameters - No /admin prefix and no admin routes

Recommended Actions:

1. Create /admin prefixed routers for each missing module
2. Implement CRUD endpoints for administrative operations
3. Add audit logging and permission checks

🚀 Recommendations

Phase 1: Hardcode Elimination

1. Create system_parameters migration if not exists
2. Move identified hardcoded values to database
3. Implement ConfigService for dynamic value retrieval

Phase 2: Admin Endpoint Expansion

1. Prioritize modules with highest business impact:
   • users (user management)
   • billing (financial oversight)
   • security (access control)
2. Follow consistent pattern: /admin/{module}/...
3. Implement RBAC with admin and superadmin roles

Phase 3: Monitoring & Audit

1. Add admin action logging to SecurityAuditLog
2. Implement admin dashboard with real-time metrics
3. Create automated health checks for admin endpoints

🔧 Technical Details

Scan Parameters

• Project root: /app
• Files scanned: Python files in /app
• Business patterns: 25
• Trivial values excluded: None, False, 0, '', "", True, 1, [], {}