@seasonkoh/webaz 0.1.7 → 0.1.9

package/dist/pwa/routes/admin-reports.js

@@ -0,0 +1,154 @@
+export function registerAdminReportsRoutes(app, deps) {
+    const { db, requireContentAdmin, requireArbitrationAdmin, requireProtocolAdmin } = deps;
+    app.get('/api/admin/orders', (req, res) => {
+        const admin = requireContentAdmin(req, res);
+        if (!admin)
+            return;
+        const status = req.query.status;
+        let sql = `SELECT o.id, o.product_id, o.buyer_id, o.seller_id, o.logistics_id, o.status,
+                      o.total_amount, o.created_at,
+                      p.title as product_title,
+                      ub.name as buyer_name, us.name as seller_name
+               FROM orders o
+               JOIN products p ON o.product_id = p.id
+               JOIN users ub ON o.buyer_id = ub.id
+               JOIN users us ON o.seller_id = us.id`;
+        const params = [];
+        if (status && status.trim()) {
+            sql += ` WHERE o.status = ?`;
+            params.push(status);
+        }
+        sql += ` ORDER BY o.created_at DESC LIMIT 100`;
+        res.json({ orders: db.prepare(sql).all(...params) });
+    });
+    app.get('/api/admin/disputes', (req, res) => {
+        const admin = requireArbitrationAdmin(req, res);
+        if (!admin)
+            return;
+        const rows = db.prepare(`
+      SELECT d.id, d.order_id, d.initiator_id, d.defendant_id, d.reason, d.status,
+             d.created_at, d.respond_deadline, d.arbitrate_deadline, d.resolved_at,
+             u1.name as initiator_name, u2.name as defendant_name,
+             o.total_amount, o.status as order_status,
+             p.title as product_title
+      FROM disputes d
+      LEFT JOIN users u1 ON d.initiator_id = u1.id
+      LEFT JOIN users u2 ON d.defendant_id = u2.id
+      LEFT JOIN orders o ON d.order_id = o.id
+      LEFT JOIN products p ON o.product_id = p.id
+      ORDER BY d.created_at DESC LIMIT 100
+    `).all();
+        res.json({ disputes: rows });
+    });
+    app.get('/api/admin/verify-tasks', (req, res) => {
+        const admin = requireArbitrationAdmin(req, res);
+        if (!admin)
+            return;
+        const status = req.query.status;
+        let sql = `SELECT vt.id, vt.type, vt.status, vt.url, vt.code, vt.result, vt.fee_locked,
+                      vt.verifiers_needed, vt.created_at, vt.expires_at, vt.settled_at,
+                      vt.product_id, p.title as product_title, p.seller_id, u.name as seller_name
+               FROM verify_tasks vt
+               LEFT JOIN products p ON vt.product_id = p.id
+               LEFT JOIN users u ON p.seller_id = u.id`;
+        const params = [];
+        if (status && status.trim()) {
+            sql += ` WHERE vt.status = ?`;
+            params.push(status);
+        }
+        sql += ` ORDER BY vt.created_at DESC LIMIT 100`;
+        res.json({ tasks: db.prepare(sql).all(...params) });
+    });
+    // 双引擎收入治理视图 — 三级奖励(推土机) vs PV 对碰(原子能) 协议级聚合
+    // 治理依据：根据两引擎实际拨付量决定费率/阈值/拨出率等调参方案
+    // 隐私第一：运营财务，仅 protocol admin 可见（详见 docs/REWARD-ENGINES-DECOUPLING.md）
+    app.get('/api/admin/economic-summary', (req, res) => {
+        const admin = requireProtocolAdmin(req, res);
+        if (!admin)
+            return;
+        const r2 = (n) => Math.round(Number(n || 0) * 100) / 100;
+        // 引擎 A：三级奖励（commission_records 实际分账，按 level）
+        const commByLevel = db.prepare(`
+      SELECT level, COUNT(*) AS cnt, COALESCE(SUM(amount),0) AS total
+      FROM commission_records GROUP BY level
+    `).all();
+        const engineA = { l1: { count: 0, total: 0 }, l2: { count: 0, total: 0 }, l3: { count: 0, total: 0 }, distributed_total: 0 };
+        for (const r of commByLevel) {
+            const k = `l${r.level}`;
+            if (engineA[k]) {
+                engineA[k] = { count: r.cnt, total: r2(r.total) };
+                engineA.distributed_total += Number(r.total);
+            }
+        }
+        engineA.distributed_total = r2(engineA.distributed_total);
+        // 引擎 A 的 redirect 去向（chain_gap → charity；region_cap → global_fund）
+        const charity = db.prepare(`SELECT balance, total_chain_gap, total_orphan_sponsor, total_region_cap, total_donated, total_disbursed FROM charity_fund WHERE id='main'`).get();
+        // 引擎 B：PV 对碰（binary_score_records 现金拨付 + 待拨 Score）
+        const binarySettled = db.prepare(`SELECT COUNT(*) AS cnt, COALESCE(SUM(waz_amount),0) AS waz FROM binary_score_records WHERE settled_at IS NOT NULL`).get();
+        const binaryPending = db.prepare(`SELECT COUNT(*) AS cnt, COALESCE(SUM(score),0) AS score FROM binary_score_records WHERE settled_at IS NULL`).get();
+        const periods = db.prepare(`SELECT COUNT(*) AS cnt, COALESCE(SUM(cash_distributed),0) AS dist, COALESCE(SUM(cash_retained),0) AS retained FROM settlement_periods WHERE status='completed'`).get();
+        const gfund = db.prepare(`SELECT pool_balance, total_scores_pending, current_n FROM global_fund WHERE id=1`).get();
+        // 资金管道：global_fund 蓄水来源（fund_base 1% + commission region_cap redirect）
+        const pipe = db.prepare(`SELECT COALESCE(SUM(amount_base),0) AS base, COALESCE(SUM(amount_l3),0) AS redirect FROM fund_deposits`).get();
+        res.json({
+            engine_a_commission: {
+                ...engineA,
+                // redirect 三去向（互斥，全部源自 commission_pool 未发出的份额）：
+                redirected_to_charity_chain_gap: r2(Number(charity?.total_chain_gap || 0) + Number(charity?.total_orphan_sponsor || 0)), // 无 L / sponsor 无效
+                redirected_to_charity_region_full_ban: r2(Number(charity?.total_region_cap || 0)), // max_levels=0 区域整池入公益
+                redirected_to_global_fund_region_cap: r2(pipe.redirect), // level > max_levels（部分截断）→ global_fund (fund_deposits.amount_l3)
+                note: '即时分账，bounded by commission_pool（订单内）。redirect 三去向见上字段。',
+            },
+            engine_b_pv_matching: {
+                cash_distributed_total: r2(binarySettled.waz),
+                settled_match_count: binarySettled.cnt,
+                pending_score: r2(binaryPending.score),
+                pending_match_count: binaryPending.cnt,
+                settlement_periods_completed: periods.cnt,
+                periods_cash_distributed: r2(periods.dist),
+                periods_cash_retained: r2(periods.retained),
+                note: 'Score → 现金经安全阀拨付，源自 global_fund，永不透支。',
+            },
+            global_fund: {
+                pool_balance: r2(Number(gfund?.pool_balance || 0)),
+                total_scores_pending: r2(Number(gfund?.total_scores_pending || 0)),
+                current_n: r2(Number(gfund?.current_n || 0)),
+            },
+            funding_pipe: {
+                fund_base_1pct_accumulated: r2(pipe.base),
+                commission_redirect_accumulated: r2(pipe.redirect),
+                note: 'global_fund 蓄水来源（单向）：每单 1% fund_base + commission region_cap redirect。',
+            },
+            charity_fund: {
+                balance: r2(Number(charity?.balance || 0)),
+                total_donated: r2(Number(charity?.total_donated || 0)),
+                total_disbursed: r2(Number(charity?.total_disbursed || 0)),
+            },
+            governance_hint: '引擎A=消费即时奖励(commission_pool)；引擎B=团队对碰(global_fund 安全阀)。两者解耦，调参互不影响。详见 docs/REWARD-ENGINES-DECOUPLING.md',
+            generated_at: new Date().toISOString(),
+        });
+    });
+    app.get('/api/admin/audit-log', (req, res) => {
+        const admin = requireProtocolAdmin(req, res);
+        if (!admin)
+            return;
+        const rows = db.prepare(`
+      SELECT al.id, al.admin_id, al.action, al.target_type, al.target_id, al.detail, al.created_at,
+             u.name as admin_name
+      FROM admin_audit_log al
+      LEFT JOIN users u ON u.id = al.admin_id
+      ORDER BY al.created_at DESC LIMIT 50
+    `).all();
+        res.json({
+            entries: rows.map(r => ({
+                ...r,
+                detail: r.detail ? (() => { try {
+                    return JSON.parse(r.detail);
+                }
+                catch {
+                    return r.detail;
+                } })() : null,
+            })),
+        });
+    });
+}

package/dist/pwa/routes/admin-tokenomics.js

@@ -0,0 +1,113 @@
+export function registerAdminTokenomicsRoutes(app, deps) {
+    const { db, requireProtocolAdmin, logAdminAction } = deps;
+    // Tokenomics 详细数据 + Tier 配置 + 高额榜
+    app.get('/api/admin/tokenomics', (req, res) => {
+        const admin = requireProtocolAdmin(req, res);
+        if (!admin)
+            return;
+        const tiers = db.prepare("SELECT * FROM binary_tier_config ORDER BY tier ASC").all();
+        const topComm = db.prepare(`
+      SELECT cr.beneficiary_id, u.name, COUNT(*) as records, COALESCE(SUM(cr.amount),0) as earned
+      FROM commission_records cr LEFT JOIN users u ON u.id = cr.beneficiary_id
+      WHERE cr.beneficiary_id != 'sys_protocol'
+      GROUP BY cr.beneficiary_id ORDER BY earned DESC LIMIT 10
+    `).all();
+        const topBinary = db.prepare(`
+      SELECT bsr.user_id, u.name,
+        COUNT(*) as hits,
+        COALESCE(SUM(CASE WHEN settled_at IS NOT NULL THEN waz_amount ELSE 0 END),0) as waz_total,
+        COALESCE(SUM(score),0) as score_total
+      FROM binary_score_records bsr LEFT JOIN users u ON u.id = bsr.user_id
+      GROUP BY bsr.user_id ORDER BY waz_total DESC LIMIT 10
+    `).all();
+        const gf = db.prepare("SELECT * FROM global_fund WHERE id=1").get();
+        const mb = db.prepare("SELECT balance FROM management_bonus_pool WHERE id=1").get();
+        const pvLedger = db.prepare(`
+      SELECT COUNT(*) as total,
+        SUM(CASE WHEN processed=0 THEN 1 ELSE 0 END) as pending,
+        COALESCE(SUM(CASE WHEN processed=0 THEN pv ELSE 0 END),0) as pending_pv
+      FROM pv_ledger
+    `).get();
+        res.json({
+            global_fund: gf,
+            management_bonus_pool: mb,
+            tier_config: tiers,
+            pv_ledger: pvLedger,
+            top_commission: topComm,
+            top_binary: topBinary,
+        });
+    });
+    // 调整 Tier 配置
+    app.post('/api/admin/tokenomics/tier', (req, res) => {
+        const admin = requireProtocolAdmin(req, res);
+        if (!admin)
+            return;
+        const { tier, pv_threshold, score_per_hit, active } = req.body;
+        if (!Number.isInteger(tier) || tier < 1 || tier > 10)
+            return void res.json({ error: 'tier 无效' });
+        if (Number(pv_threshold) <= 0 || Number(score_per_hit) <= 0)
+            return void res.json({ error: '阈值/分数必须 > 0' });
+        db.prepare(`INSERT OR REPLACE INTO binary_tier_config (tier, pv_threshold, score_per_hit, active) VALUES (?,?,?,?)`)
+            .run(tier, Number(pv_threshold), Number(score_per_hit), active ? 1 : 0);
+        logAdminAction(admin.id, 'tokenomics_tier_update', 'tier', String(tier), { pv_threshold, score_per_hit, active });
+        res.json({ success: true });
+    });
+    // 管理津贴资格列表 + 开关
+    app.get('/api/admin/tokenomics/mgmt-bonus', (req, res) => {
+        const admin = requireProtocolAdmin(req, res);
+        if (!admin)
+            return;
+        const enabled = db.prepare("SELECT value FROM system_state WHERE key='mgmt_bonus_enabled'").get()?.value === '1';
+        const eligible = db.prepare(`
+      SELECT u.id, u.name, u.created_at,
+        (SELECT COUNT(*) FROM users WHERE sponsor_id = u.id) as l1_count,
+        COALESCE((SELECT SUM(amount) FROM commission_records WHERE beneficiary_id = u.id),0) as total_commission
+      FROM users u WHERE u.mgmt_bonus_eligible = 1
+      ORDER BY u.created_at DESC LIMIT 100
+    `).all();
+        res.json({ enabled, eligible_users: eligible, eligible_count: eligible.length });
+    });
+    // 注册必须 ref 开关
+    app.post('/api/admin/tokenomics/require-ref/toggle', (req, res) => {
+        const admin = requireProtocolAdmin(req, res);
+        if (!admin)
+            return;
+        const { enabled } = req.body;
+        const v = enabled ? '1' : '0';
+        db.prepare("INSERT OR REPLACE INTO system_state (key, value) VALUES ('require_ref_to_register', ?)").run(v);
+        logAdminAction(admin.id, 'require_ref_toggle', 'system', 'require_ref_to_register', { value: v });
+        res.json({ success: true, enabled: !!enabled });
+    });
+    // 管理津贴池开关
+    app.post('/api/admin/tokenomics/mgmt-bonus/toggle', (req, res) => {
+        const admin = requireProtocolAdmin(req, res);
+        if (!admin)
+            return;
+        const { enabled } = req.body;
+        const v = enabled ? '1' : '0';
+        db.prepare("INSERT OR REPLACE INTO system_state (key, value) VALUES ('mgmt_bonus_enabled', ?)").run(v);
+        logAdminAction(admin.id, 'mgmt_bonus_toggle', 'system', 'mgmt_bonus_enabled', { value: v });
+        res.json({ success: true, enabled: !!enabled });
+    });
+    // 池注资
+    app.post('/api/admin/tokenomics/inject', (req, res) => {
+        const admin = requireProtocolAdmin(req, res);
+        if (!admin)
+            return;
+        const { pool, amount } = req.body;
+        const n = Number(amount);
+        if (!(n > 0))
+            return void res.json({ error: '金额必须 > 0' });
+        if (pool === 'global_fund') {
+            db.prepare("UPDATE global_fund SET pool_balance = pool_balance + ? WHERE id=1").run(n);
+        }
+        else if (pool === 'management_bonus') {
+            db.prepare("UPDATE management_bonus_pool SET balance = balance + ? WHERE id=1").run(n);
+        }
+        else {
+            return void res.json({ error: 'pool 名称无效（global_fund / management_bonus）' });
+        }
+        logAdminAction(admin.id, 'tokenomics_pool_inject', 'pool', pool, { amount: n });
+        res.json({ success: true });
+    });
+}

package/dist/pwa/routes/admin-users-lifecycle.js

@@ -0,0 +1,237 @@
+export function registerAdminUsersLifecycleRoutes(app, deps) {
+    const { db, requireUsersAdmin, requireProtocolAdmin, requireContentAdmin, requireRootAdmin, adminCanOperateOn, isRootAdmin, safeRoles, logAdminAction, QUOTA_TIERS } = deps;
+    // L1 分享权限 override：0 auto / 1 强允 / -1 强禁
+    app.post('/api/admin/users/:id/l1-share-override', (req, res) => {
+        const admin = requireProtocolAdmin(req, res);
+        if (!admin)
+            return;
+        if (!adminCanOperateOn(admin, req.params.id, res))
+            return;
+        const { value, note } = req.body;
+        const v = Number(value);
+        if (![0, 1, -1].includes(v))
+            return void res.json({ error: 'value 必须是 0 / 1 / -1' });
+        const target = db.prepare("SELECT id FROM users WHERE id = ?").get(req.params.id);
+        if (!target)
+            return void res.json({ error: '用户不存在' });
+        db.prepare("UPDATE users SET l1_share_override = ?, updated_at = datetime('now') WHERE id = ?").run(v, req.params.id);
+        logAdminAction(admin.id, 'l1_share_override', 'user', req.params.id, { value: v, note: note || null });
+        res.json({ success: true, value: v });
+    });
+    app.post('/api/admin/users/:id/mgmt-bonus-eligible', (req, res) => {
+        const admin = requireProtocolAdmin(req, res);
+        if (!admin)
+            return;
+        if (!adminCanOperateOn(admin, req.params.id, res))
+            return;
+        const { eligible, note } = req.body;
+        const target = db.prepare("SELECT id, name FROM users WHERE id = ?").get(req.params.id);
+        if (!target)
+            return void res.json({ error: '用户不存在' });
+        db.prepare("UPDATE users SET mgmt_bonus_eligible = ?, updated_at = datetime('now') WHERE id = ?").run(eligible ? 1 : 0, req.params.id);
+        logAdminAction(admin.id, eligible ? 'mgmt_bonus_grant' : 'mgmt_bonus_revoke', 'user', req.params.id, { note: note || null });
+        res.json({ success: true });
+    });
+    app.post('/api/admin/users/:id/reset-failed-attempts', (req, res) => {
+        const admin = requireUsersAdmin(req, res);
+        if (!admin)
+            return;
+        if (!adminCanOperateOn(admin, req.params.id, res))
+            return;
+        db.prepare("UPDATE users SET failed_attempts = 0, locked_until = NULL WHERE id = ?").run(req.params.id);
+        logAdminAction(admin.id, 'reset_failed_attempts', 'user', req.params.id, {});
+        res.json({ success: true });
+    });
+    app.post('/api/admin/users/:id/force-delist-all', (req, res) => {
+        // P0.5: content 权限 + scope
+        const admin = requireContentAdmin(req, res);
+        if (!admin)
+            return;
+        if (!adminCanOperateOn(admin, req.params.id, res))
+            return;
+        const { reason } = req.body;
+        const seller = db.prepare("SELECT id, name FROM users WHERE id = ?").get(req.params.id);
+        if (!seller)
+            return void res.json({ error: '用户不存在' });
+        const result = db.prepare("UPDATE products SET status = 'paused', updated_at = datetime('now') WHERE seller_id = ? AND status = 'active'").run(req.params.id);
+        logAdminAction(admin.id, 'force_delist_all', 'user', req.params.id, { reason: reason || null, count: result.changes });
+        res.json({ success: true, count: result.changes });
+    });
+    // P0.4: users + scope；suspend admin → root only
+    app.post('/api/admin/users/:id/suspend', (req, res) => {
+        const admin = requireUsersAdmin(req, res);
+        if (!admin)
+            return;
+        const targetId = req.params.id;
+        const { reason } = req.body;
+        if (targetId === admin.id)
+            return void res.json({ error: '不能暂停自己' });
+        const target = db.prepare("SELECT id, role, region FROM users WHERE id = ?").get(targetId);
+        if (!target)
+            return void res.json({ error: '用户不存在' });
+        if (target.role === 'admin') {
+            if (!isRootAdmin(admin))
+                return void res.status(403).json({ error: '仅 root 可暂停其他 admin（或先撤销其 admin 角色）' });
+        }
+        if (target.role !== 'admin' && !adminCanOperateOn(admin, targetId, res))
+            return;
+        db.prepare(`INSERT INTO user_moderation (user_id, suspended, reason, suspended_by, suspended_at)
+                VALUES (?, 1, ?, ?, datetime('now'))
+                ON CONFLICT(user_id) DO UPDATE SET
+                  suspended    = 1,
+                  reason       = excluded.reason,
+                  suspended_by = excluded.suspended_by,
+                  suspended_at = datetime('now')`)
+            .run(targetId, reason || null, admin.id);
+        logAdminAction(admin.id, 'suspend_user', 'user', targetId, { reason: reason || null });
+        res.json({ success: true });
+    });
+    app.post('/api/admin/users/:id/unsuspend', (req, res) => {
+        const admin = requireUsersAdmin(req, res);
+        if (!admin)
+            return;
+        const targetId = req.params.id;
+        const target = db.prepare("SELECT id, role FROM users WHERE id = ?").get(targetId);
+        if (!target)
+            return void res.json({ error: '用户不存在' });
+        if (target.role === 'admin' && !isRootAdmin(admin))
+            return void res.status(403).json({ error: '仅 root 可恢复其他 admin' });
+        if (target.role !== 'admin' && !adminCanOperateOn(admin, targetId, res))
+            return;
+        db.prepare("UPDATE user_moderation SET suspended = 0, suspended_at = NULL WHERE user_id = ?").run(targetId);
+        logAdminAction(admin.id, 'unsuspend_user', 'user', targetId, {});
+        res.json({ success: true });
+    });
+    // P0.1: admin 角色提权必须 root；其他角色需 users + scope
+    app.post('/api/admin/users/:id/grant-role', (req, res) => {
+        const { role } = req.body;
+        const allowed = ['admin', 'verifier', 'arbitrator', 'logistics', 'seller', 'buyer'];
+        if (!allowed.includes(role))
+            return void res.json({ error: '角色无效' });
+        const admin = role === 'admin' ? requireRootAdmin(req, res) : requireUsersAdmin(req, res);
+        if (!admin)
+            return;
+        const targetId = req.params.id;
+        if (!adminCanOperateOn(admin, targetId, res))
+            return;
+        const target = db.prepare("SELECT id, roles FROM users WHERE id = ?").get(targetId);
+        if (!target)
+            return void res.json({ error: '用户不存在' });
+        const roles = safeRoles(target);
+        if (roles.includes(role))
+            return void res.json({ error: '该用户已拥有此角色' });
+        roles.push(role);
+        db.prepare("UPDATE users SET roles = ?, updated_at = datetime('now') WHERE id = ?")
+            .run(JSON.stringify(roles), targetId);
+        logAdminAction(admin.id, 'grant_role', 'user', targetId, { role });
+        res.json({ success: true, roles });
+    });
+    // P0.2: preview diff，含 admin 变更 → root only
+    app.post('/api/admin/users/:id/set-roles', (req, res) => {
+        const { roles } = req.body;
+        const allowed = ['buyer', 'seller', 'logistics', 'arbitrator', 'verifier', 'admin'];
+        if (!Array.isArray(roles) || roles.length === 0)
+            return void res.json({ error: '至少保留一个角色' });
+        for (const r of roles) {
+            if (!allowed.includes(r))
+                return void res.json({ error: `角色 ${r} 无效` });
+        }
+        const dedup = Array.from(new Set(roles));
+        const targetId = req.params.id;
+        const target = db.prepare("SELECT id, role, roles FROM users WHERE id = ?").get(targetId);
+        if (!target)
+            return void res.json({ error: '用户不存在' });
+        const oldRoles = (() => { try {
+            return JSON.parse(target.roles || '[]');
+        }
+        catch {
+            return [];
+        } })();
+        const added = dedup.filter(r => !oldRoles.includes(r));
+        const removed = oldRoles.filter(r => !dedup.includes(r));
+        const involvesAdmin = added.includes('admin') || removed.includes('admin');
+        const admin = involvesAdmin ? requireRootAdmin(req, res) : requireUsersAdmin(req, res);
+        if (!admin)
+            return;
+        if (!adminCanOperateOn(admin, targetId, res))
+            return;
+        if (targetId === admin.id && removed.includes('admin')) {
+            return void res.json({ error: '不能撤销自己的管理员角色' });
+        }
+        if (added.length === 0 && removed.length === 0) {
+            return void res.json({ error: '角色无变更' });
+        }
+        const newActiveRole = dedup.includes(target.role) ? target.role : dedup[0];
+        db.prepare("UPDATE users SET role = ?, roles = ?, updated_at = datetime('now') WHERE id = ?")
+            .run(newActiveRole, JSON.stringify(dedup), targetId);
+        if (added.length)
+            logAdminAction(admin.id, 'grant_role_batch', 'user', targetId, { roles: added });
+        if (removed.length)
+            logAdminAction(admin.id, 'revoke_role_batch', 'user', targetId, { roles: removed });
+        res.json({ success: true, roles: dedup, added, removed });
+    });
+    // P0.3: revoke admin → root only
+    app.post('/api/admin/users/:id/revoke-role', (req, res) => {
+        const { role } = req.body;
+        const admin = role === 'admin' ? requireRootAdmin(req, res) : requireUsersAdmin(req, res);
+        if (!admin)
+            return;
+        const targetId = req.params.id;
+        if (!adminCanOperateOn(admin, targetId, res))
+            return;
+        if (targetId === admin.id && role === 'admin')
+            return void res.json({ error: '不能撤销自己的管理员角色（防自杀）' });
+        const target = db.prepare("SELECT id, role, roles FROM users WHERE id = ?").get(targetId);
+        if (!target)
+            return void res.json({ error: '用户不存在' });
+        const roles = safeRoles(target).filter(r => r !== role);
+        if (roles.length === 0)
+            return void res.json({ error: '用户至少保留一个角色' });
+        const newActiveRole = target.role === role ? roles[0] : target.role;
+        db.prepare("UPDATE users SET role = ?, roles = ?, updated_at = datetime('now') WHERE id = ?")
+            .run(newActiveRole, JSON.stringify(roles), targetId);
+        logAdminAction(admin.id, 'revoke_role', 'user', targetId, { role });
+        res.json({ success: true, roles });
+    });
+    app.post('/api/admin/users/:id/set-product-quota', (req, res) => {
+        const admin = requireUsersAdmin(req, res);
+        if (!admin)
+            return;
+        if (!adminCanOperateOn(admin, req.params.id, res))
+            return;
+        const { max_products } = req.body;
+        const n = Number(max_products);
+        if (!QUOTA_TIERS.includes(n))
+            return void res.json({ error: `配额应为 ${QUOTA_TIERS.join(' / ')} 之一` });
+        const target = db.prepare("SELECT id FROM users WHERE id = ?").get(req.params.id);
+        if (!target)
+            return void res.json({ error: '用户不存在' });
+        db.prepare("UPDATE users SET max_products = ?, updated_at = datetime('now') WHERE id = ?").run(n, req.params.id);
+        logAdminAction(admin.id, 'set_product_quota', 'user', req.params.id, { quota: n });
+        res.json({ success: true, max_products: n });
+    });
+    app.post('/api/admin/users/:id/pause-listing', (req, res) => {
+        const admin = requireUsersAdmin(req, res);
+        if (!admin)
+            return;
+        if (!adminCanOperateOn(admin, req.params.id, res))
+            return;
+        const { reason } = req.body;
+        if (!reason?.trim())
+            return void res.json({ error: '请填写暂停原因' });
+        db.prepare(`UPDATE users SET listing_paused = 1, listing_paused_reason = ?, listing_paused_by = ?, listing_paused_at = datetime('now'), updated_at = datetime('now') WHERE id = ?`)
+            .run(reason.trim(), admin.id, req.params.id);
+        logAdminAction(admin.id, 'pause_listing', 'user', req.params.id, { reason: reason.trim() });
+        res.json({ success: true });
+    });
+    app.post('/api/admin/users/:id/resume-listing', (req, res) => {
+        const admin = requireUsersAdmin(req, res);
+        if (!admin)
+            return;
+        if (!adminCanOperateOn(admin, req.params.id, res))
+            return;
+        db.prepare(`UPDATE users SET listing_paused = 0, listing_paused_reason = NULL, updated_at = datetime('now') WHERE id = ?`).run(req.params.id);
+        logAdminAction(admin.id, 'resume_listing', 'user', req.params.id, {});
+        res.json({ success: true });
+    });
+}