Handbook
Prompt 10 — Tenant administration workspace
Build a complete organization-settings workspace that replaces the prototype directory forms with safe, searchable, auditable enterprise administration.
Updated
Required context
- Tenant-admin routes and permissions
- Current org units, users, HR designations, invites, and CSV import screens
- Design-system table, tree, form, wizard, and audit patterns
- Entitlement and data-governance decisions
Prompt
Build a complete organization-settings workspace that replaces the prototype directory forms with safe, searchable, auditable enterprise administration.
1. Administration overview
Create a setup and health checklist covering:
- Organization structure
- People and manager graph
- Roles and HR scopes
- Authentication/domains
- Integrations and sync
- Framework/content
- Program defaults
- Data governance
- Billing/usage
- Outstanding errors or expiring configurations
2. Organization units
Upgrade the hierarchy to include:
- Searchable expandable tree
- Headcount and direct/total counts
- Unit owner/manager where modeled
- Parent, path, and inherited settings
- Add child, rename, move/reparent with impact preview
- Archive/restore rather than unsafe deletion when referenced
- Sync/source indicator and last updated
- Effective dates where needed
- Audit history
Prevent cycles and cross-tenant parent references.
3. People directory
Add:
- Search, filters, sort, pagination/virtualization
- Name, email, status, org, manager, roles, seat, invite/auth state, source, last activity
- Detail drawer and full detail route
- Bulk assign/move/invite/archive where safe
- Duplicate/conflict handling
- Role and license preview
- CSV/SCIM/HRIS provenance
4. Roles and HR scopes
Replace checkbox lists with:
- Searchable people/group picker
- Role picker with description
- Org-scope tree and include-descendants control
- Permission preview
- Effective start/end
- Inherited/conflicting assignment warning
- Population preview
- Change review and audit
5. Invitations and imports
Invitations:
- Status, sent/expiry, delivery, resend, revoke, copy secure link if policy allows, bulk actions
- Role/scope preview and domain policy
CSV import:
- Downloadable template
- Upload, field mapping, dry run, validation report, diff preview
- Conflict policy
- Background job, progress, retry, rollback/compensating action
- Import history and audit
6. Tenant settings
Build or scaffold pages for:
- Branding
- Verified domains
- Authentication and sessions
- Integrations/API/webhooks
- Framework/question library
- Default program policies
- Data retention/export/deletion
- Audit
- Billing/plan/usage
Do not show plan-gated controls as silently broken. Explain plan and upgrade path or hide according to product policy.
7. Tests and documentation
- Tenant isolation and cross-tenant object tests
- Org cycle/reparent/archive cases
- Role scope and effective dates
- Import conflict and rollback cases
- Invite expiry/revoke/replay
- Large directory performance
- Keyboard interaction for tree, table, drawers, and wizard
- Admin documentation and internal data model updates
Acceptance gates
- Tenant admins can onboard and maintain an organization without manual database changes.
- Destructive changes are previewed, reversible where possible, and audited.
- HR scope assignment clearly shows actual population and permissions.
- Directory source of truth and sync conflicts are visible.