Skip to main content

Documentation Index

Fetch the complete documentation index at: https://mintlify.com/Danielsl4/TFG_DAM_2526/llms.txt

Use this file to discover all available pages before exploring further.

The Administration API provides privileged endpoints for managing users, monitoring league activity, uploading optimized images, and querying the audit trail. Every route in this section is protected by both JWT authentication and an admin role check — regular users and referees will receive a 403 Forbidden response.
All endpoints on this page require an Authorization: Bearer <token> header where the decoded JWT contains role: "admin". Requests from non-admin accounts are rejected before any business logic runs.

GET /admin/active-season

Returns the currently active season object. Equivalent to the public GET /seasons/active endpoint but restricted to admin callers. Responses
StatusDescription
200Active season object
404No season is currently marked active
id
number
Unique season identifier.
name
string
Human-readable season name (e.g. “2025/26”).
start_date
string
ISO 8601 date when the season begins.
end_date
string
ISO 8601 date when the season ends.
is_active
boolean
Always true for the returned object.
cURL
curl https://api.example.com/admin/active-season \
  --header "Authorization: Bearer <token>"

GET /admin/summary

Returns an aggregated dashboard snapshot: entity counts and the five most recent audit log entries. Optionally scoped to a specific season. Query parameters
season_id
number
When provided, counts are filtered to teams, players, and matches that belong to this season. Audit logs are also filtered by season when possible.
Response
stats
object
recentActivity
object[]
The five most recent audit log entries, each joined with the acting user’s username.
cURL
curl "https://api.example.com/admin/summary?season_id=3" \
  --header "Authorization: Bearer <token>"
Example response
{
  "stats": {
    "totalTeams": 12,
    "totalPlayers": 144,
    "pendingMatches": 8,
    "totalUsers": 57
  },
  "recentActivity": [
    {
      "id": 204,
      "user_id": 1,
      "username": "admin",
      "action": "Actualización de usuario",
      "entity_type": "user",
      "entity_id": 42,
      "details": { "name": "jdoe", "role": "referee" },
      "created_at": "2026-05-14T10:32:01.000Z"
    }
  ]
}

POST /admin/upload

Uploads an image to Cloudinary. The file is first processed by Sharp to optimize size and format before the upload occurs. Only a single file per request is accepted via the image multipart field. Query parameters
folder
string
default:"general"
Cloudinary folder to store the image in (e.g. "teams", "players").
filename
string
Override the auto-generated filename in Cloudinary. Omit to let the server generate one.
Request bodymultipart/form-data
image
file
required
The image file to upload. Processed by Sharp before being sent to Cloudinary.
Response
url
string
The public Cloudinary URL of the uploaded and optimized image.
cURL
curl --request POST \
  "https://api.example.com/admin/upload?folder=teams&filename=fc-rockets" \
  --header "Authorization: Bearer <token>" \
  --form "image=@/path/to/logo.png"
Example response
{
  "url": "https://res.cloudinary.com/example/image/upload/v1/teams/fc-rockets.webp"
}

GET /admin/users

Returns a paginated list of active user accounts. Supports accent-insensitive search across username and email using unaccent. Query parameters
search
string
Case- and accent-insensitive filter applied to both username and email.
page
number
default:"1"
Page number (1-indexed).
limit
number
default:"10"
Number of results per page.
Response
users
object[]
total
number
Total number of active users matching the search filter.
page
number
Current page number.
limit
number
Page size used for this response.
cURL
curl "https://api.example.com/admin/users?search=garcia&page=1&limit=10" \
  --header "Authorization: Bearer <token>"

PUT /admin/users/:id

Updates the role of an existing user account. Path parameters
id
number
required
ID of the user whose role should be changed.
Request body
role
string
required
New role to assign. Must be one of "admin", "referee", or "user".
Response
message
string
Confirmation message.
user
object
cURL
curl --request PUT \
  "https://api.example.com/admin/users/42" \
  --header "Authorization: Bearer <token>" \
  --header "Content-Type: application/json" \
  --data '{ "role": "referee" }'

DELETE /admin/users/:id

Soft-deactivates a user account by setting is_active = false and anonymizing their username and email with a __deleted__<timestamp> suffix. The record is preserved in the database for referential integrity.
This endpoint does not delete the account from the database. It anonymizes the username and email (e.g. jdoe__deleted__1715600000000) and marks the account inactive. The data remains for audit purposes and cannot be recovered through the API. Returns 400 if the account is already inactive.
Path parameters
id
number
required
ID of the user to deactivate.
Response
message
string
Confirmation that the user was deactivated and anonymized.
cURL
curl --request DELETE \
  "https://api.example.com/admin/users/42" \
  --header "Authorization: Bearer <token>"

GET /admin/logs

Returns a paginated, filterable list of audit log entries. Each log records an admin or system action, the acting user, the affected entity, and a JSONB details payload. Query parameters
page
number
default:"1"
Page number (1-indexed).
limit
number
default:"20"
Number of log entries per page.
season_id
number
Filter to logs whose details.season_id matches this value (or logs with no season context).
username
string
Accent-insensitive partial match against the acting user’s username.
date
string
Exact date filter in YYYY-MM-DD format. Matches on the created_at date component.
Response
logs
object[]
total
number
Total number of log entries matching the applied filters.
page
number
Current page number.
limit
number
Page size used for this response.
cURL
curl "https://api.example.com/admin/logs?season_id=3&username=admin&date=2026-05-14&page=1&limit=20" \
  --header "Authorization: Bearer <token>"
Example response
{
  "logs": [
    {
      "id": 201,
      "user_id": 1,
      "username": "admin",
      "action": "Creación de temporada",
      "entity_type": "season",
      "entity_id": 5,
      "details": {
        "name": "2026/27",
        "imported_from": 4,
        "season_id": "5"
      },
      "created_at": "2026-05-14T09:15:00.000Z"
    },
    {
      "id": 198,
      "user_id": 1,
      "username": "admin",
      "action": "Desactivación de usuario (Admin)",
      "entity_type": "user",
      "entity_id": 33,
      "details": { "name": "old_user" },
      "created_at": "2026-05-13T14:42:00.000Z"
    }
  ],
  "total": 2,
  "page": 1,
  "limit": 20
}

Build docs developers (and LLMs) love

Get started for freeTalk to us