feat(ui): add user details page (#1083)

Signed-off-by: Guillaume Belanger <guillaume.belanger27@gmail.com>

Author: gruyaume

client/logs.go

@@ -58,6 +58,32 @@ func (c *Client) ListAuditLogs(ctx context.Context, p *ListParams) (*ListAuditLo
 	return &auditLogs, nil
 }
 
+// ListAuditLogsByActor retrieves a paginated list of audit logs filtered by actor email.
+func (c *Client) ListAuditLogsByActor(ctx context.Context, actor string, p *ListParams) (*ListAuditLogsResponse, error) {
+	resp, err := c.Requester.Do(ctx, &RequestOptions{
+		Type:   SyncRequest,
+		Method: "GET",
+		Path:   "api/v1/logs/audit",
+		Query: url.Values{
+			"page":     {fmt.Sprintf("%d", p.Page)},
+			"per_page": {fmt.Sprintf("%d", p.PerPage)},
+			"actor":    {actor},
+		},
+	})
+	if err != nil {
+		return nil, err
+	}
+
+	var auditLogs ListAuditLogsResponse
+
+	err = resp.DecodeResult(&auditLogs)
+	if err != nil {
+		return nil, err
+	}
+
+	return &auditLogs, nil
+}
+
 // GetAuditLogRetentionPolicy retrieves the current audit log retention policy.
 func (c *Client) GetAuditLogRetentionPolicy(ctx context.Context) (*GetAuditLogsRetentionPolicy, error) {
 	resp, err := c.Requester.Do(ctx, &RequestOptions{

client/logs_test.go

@@ -188,3 +188,63 @@ func TestUpdateAuditLogRetentionPolicy_Failure(t *testing.T) {
 		t.Fatalf("expected error, got none")
 	}
 }
+
+func TestListAuditLogsByActor_Success(t *testing.T) {
+	fake := &fakeRequester{
+		response: &client.RequestResponse{
+			StatusCode: 200,
+			Headers:    http.Header{},
+			Result:     []byte(`{"items": [{"id": 1, "timestamp": "2023-10-01T12:00:00Z", "level": "info", "actor": "admin@example.com", "action": "create_user", "ip": "1.2.3.4", "details": "Created user"}], "page": 1, "per_page": 10, "total_count": 1}`),
+		},
+		err: nil,
+	}
+	clientObj := &client.Client{
+		Requester: fake,
+	}
+
+	ctx := context.Background()
+
+	params := &client.ListParams{
+		Page:    1,
+		PerPage: 10,
+	}
+
+	resp, err := clientObj.ListAuditLogsByActor(ctx, "admin@example.com", params)
+	if err != nil {
+		t.Fatalf("expected no error, got: %v", err)
+	}
+
+	if len(resp.Items) != 1 {
+		t.Fatalf("expected 1 audit log, got %d", len(resp.Items))
+	}
+
+	if resp.Items[0].Actor != "admin@example.com" {
+		t.Fatalf("expected actor 'admin@example.com', got '%s'", resp.Items[0].Actor)
+	}
+}
+
+func TestListAuditLogsByActor_Failure(t *testing.T) {
+	fake := &fakeRequester{
+		response: &client.RequestResponse{
+			StatusCode: 500,
+			Headers:    http.Header{},
+			Result:     []byte(`{"error": "Internal server error"}`),
+		},
+		err: errors.New("requester error"),
+	}
+	clientObj := &client.Client{
+		Requester: fake,
+	}
+
+	ctx := context.Background()
+
+	params := &client.ListParams{
+		Page:    1,
+		PerPage: 10,
+	}
+
+	_, err := clientObj.ListAuditLogsByActor(ctx, "admin@example.com", params)
+	if err == nil {
+		t.Fatalf("expected error, got none")
+	}
+}

client/users.go

@@ -206,3 +206,79 @@ func (c *Client) DeleteMyAPIToken(ctx context.Context, tokenID string) error {
 
 	return nil
 }
+
+// ListUserAPITokens lists API tokens for a specific user with pagination. Requires admin privileges.
+func (c *Client) ListUserAPITokens(ctx context.Context, email string, p *ListParams) (*ListAPITokensResponse, error) {
+	resp, err := c.Requester.Do(ctx, &RequestOptions{
+		Type:   SyncRequest,
+		Method: "GET",
+		Path:   "api/v1/users/" + email + "/api-tokens",
+		Query: url.Values{
+			"page":     {fmt.Sprintf("%d", p.Page)},
+			"per_page": {fmt.Sprintf("%d", p.PerPage)},
+		},
+	})
+	if err != nil {
+		return nil, err
+	}
+
+	var tokens ListAPITokensResponse
+
+	err = resp.DecodeResult(&tokens)
+	if err != nil {
+		return nil, err
+	}
+
+	return &tokens, nil
+}
+
+// CreateUserAPIToken creates a new API token for the specified user. Requires admin privileges.
+func (c *Client) CreateUserAPIToken(ctx context.Context, email string, opts *CreateAPITokenOptions) (*CreateAPITokenResponse, error) {
+	payload := struct {
+		Name   string `json:"name"`
+		Expiry string `json:"expiry,omitempty"`
+	}{
+		Name:   opts.Name,
+		Expiry: opts.Expiry,
+	}
+
+	var body bytes.Buffer
+
+	err := json.NewEncoder(&body).Encode(payload)
+	if err != nil {
+		return nil, err
+	}
+
+	resp, err := c.Requester.Do(ctx, &RequestOptions{
+		Type:   SyncRequest,
+		Method: "POST",
+		Path:   "api/v1/users/" + email + "/api-tokens",
+		Body:   &body,
+	})
+	if err != nil {
+		return nil, err
+	}
+
+	var tokenResponse CreateAPITokenResponse
+
+	err = resp.DecodeResult(&tokenResponse)
+	if err != nil {
+		return nil, err
+	}
+
+	return &tokenResponse, nil
+}
+
+// DeleteUserAPIToken deletes an API token for the specified user by token ID. Requires admin privileges.
+func (c *Client) DeleteUserAPIToken(ctx context.Context, email string, tokenID string) error {
+	_, err := c.Requester.Do(ctx, &RequestOptions{
+		Type:   SyncRequest,
+		Method: "DELETE",
+		Path:   "api/v1/users/" + email + "/api-tokens/" + tokenID,
+	})
+	if err != nil {
+		return err
+	}
+
+	return nil
+}

client/users_test.go

@@ -328,3 +328,167 @@ func TestListMyAPITokens_Failure(t *testing.T) {
 		t.Fatalf("expected no tokens, got: %v", tokens)
 	}
 }
+
+func TestListUserAPITokens_Success(t *testing.T) {
+	fake := &fakeRequester{
+		response: &client.RequestResponse{
+			StatusCode: 200,
+			Headers:    http.Header{},
+			Result:     []byte(`{"items": [{"name": "agent-token"}], "page": 1, "per_page": 10, "total_count": 1}`),
+		},
+		err: nil,
+	}
+	clientObj := &client.Client{
+		Requester: fake,
+	}
+
+	ctx := context.Background()
+
+	param := &client.ListParams{
+		Page:    1,
+		PerPage: 10,
+	}
+
+	resp, err := clientObj.ListUserAPITokens(ctx, "user@example.com", param)
+	if err != nil {
+		t.Fatalf("expected no error, got: %v", err)
+	}
+
+	if len(resp.Items) != 1 {
+		t.Fatalf("expected 1 token, got: %d", len(resp.Items))
+	}
+
+	if resp.Items[0].Name != "agent-token" {
+		t.Fatalf("expected token name 'agent-token', got: %s", resp.Items[0].Name)
+	}
+}
+
+func TestListUserAPITokens_Failure(t *testing.T) {
+	fake := &fakeRequester{
+		response: &client.RequestResponse{
+			StatusCode: 404,
+			Headers:    http.Header{},
+			Result:     []byte(`{"error": "User not found"}`),
+		},
+		err: errors.New("requester error"),
+	}
+	clientObj := &client.Client{
+		Requester: fake,
+	}
+
+	ctx := context.Background()
+
+	param := &client.ListParams{
+		Page:    1,
+		PerPage: 10,
+	}
+
+	tokens, err := clientObj.ListUserAPITokens(ctx, "nonexistent@example.com", param)
+	if err == nil {
+		t.Fatalf("expected error, got none")
+	}
+
+	if tokens != nil {
+		t.Fatalf("expected no tokens, got: %v", tokens)
+	}
+}
+
+func TestCreateUserAPIToken_Success(t *testing.T) {
+	fake := &fakeRequester{
+		response: &client.RequestResponse{
+			StatusCode: 201,
+			Headers:    http.Header{},
+			Result:     []byte(`{"token": "ellacore_abc123_secret456"}`),
+		},
+		err: nil,
+	}
+	clientObj := &client.Client{
+		Requester: fake,
+	}
+
+	ctx := context.Background()
+
+	opts := &client.CreateAPITokenOptions{
+		Name: "ci-pipeline",
+	}
+
+	resp, err := clientObj.CreateUserAPIToken(ctx, "user@example.com", opts)
+	if err != nil {
+		t.Fatalf("expected no error, got: %v", err)
+	}
+
+	if resp.Token != "ellacore_abc123_secret456" {
+		t.Fatalf("expected token 'ellacore_abc123_secret456', got: %s", resp.Token)
+	}
+}
+
+func TestCreateUserAPIToken_Failure(t *testing.T) {
+	fake := &fakeRequester{
+		response: &client.RequestResponse{
+			StatusCode: 400,
+			Headers:    http.Header{},
+			Result:     []byte(`{"error": "Token name must be between 3 and 50 characters"}`),
+		},
+		err: errors.New("requester error"),
+	}
+	clientObj := &client.Client{
+		Requester: fake,
+	}
+
+	ctx := context.Background()
+
+	opts := &client.CreateAPITokenOptions{
+		Name: "ab",
+	}
+
+	resp, err := clientObj.CreateUserAPIToken(ctx, "user@example.com", opts)
+	if err == nil {
+		t.Fatalf("expected error, got none")
+	}
+
+	if resp != nil {
+		t.Fatalf("expected no response, got: %v", resp)
+	}
+}
+
+func TestDeleteUserAPIToken_Success(t *testing.T) {
+	fake := &fakeRequester{
+		response: &client.RequestResponse{
+			StatusCode: 200,
+			Headers:    http.Header{},
+			Result:     []byte(`{"message": "API token deleted successfully"}`),
+		},
+		err: nil,
+	}
+	clientObj := &client.Client{
+		Requester: fake,
+	}
+
+	ctx := context.Background()
+
+	err := clientObj.DeleteUserAPIToken(ctx, "user@example.com", "token-id-123")
+	if err != nil {
+		t.Fatalf("expected no error, got: %v", err)
+	}
+}
+
+func TestDeleteUserAPIToken_Failure(t *testing.T) {
+	fake := &fakeRequester{
+		response: &client.RequestResponse{
+			StatusCode: 404,
+			Headers:    http.Header{},
+			Result:     []byte(`{"error": "API token not found"}`),
+		},
+		err: errors.New("requester error"),
+	}
+	clientObj := &client.Client{
+		Requester: fake,
+	}
+
+	ctx := context.Background()
+
+	err := clientObj.DeleteUserAPIToken(ctx, "user@example.com", "nonexistent-id")
+	if err == nil {
+		t.Fatalf("expected error, got none")
+	}
+}

docs/how_to/ai_agents.md

@@ -11,15 +11,15 @@ Ella Core ships with an [Agent Skill](https://agentskills.io/) that lets AI agen
 Before using the skill, you need:
 
 1. **A running Ella Core instance** with its API accessible (e.g. `http://192.168.1.10:5000`).
-2. **An API token** — create one in the Ella Core UI under your user profile, or via the API. Tokens are prefixed with `ellacore_`.
+2. **A user for your AI agent with an API token** — create a user for your agent in the UI with a role that matches the permissions you want to grant (e.g. "network manager" for full network access, "read only" for monitoring). Then generate an API token for that user and copy it.
 
 ## 1. Install the skill
 
 Download [`SKILL.md`](https://raw.githubusercontent.com/ellanetworks/core/main/.github/skills/ella-core-api/SKILL.md) and place it in a skills directory that your AI tool can discover (e.g. `<project>/.agents/skills/ella-core-api/SKILL.md`).
 
 ## 2. Prompt the agent
 
-Once the skill is active, you can ask things like "Which subscribers used the most data over the last 7 days?".
+Once the skill is active, you can ask things like "Which subscribers used the most data over the last 7 days?". The agent will ask you for the Ella Core URL and an API token — use the token you generated earlier.
 
 <figure markdown="span">
   <div data-cast="../../casts/ella-demo.cast"></div>

docs/reference/api/audit_logs.md

@@ -16,10 +16,11 @@ This path returns the list of audit logs.
 
 ### Query Parameters
 
-| Name       | In    | Type | Default | Allowed | Description                   |
-| ---------- | ----- | ---- | ------- | ------- | ----------------------------- |
-| `page`     | query | int  | `1`     | `>= 1`  | 1-based page index.           |
-| `per_page` | query | int  | `25`    | `1…100` | Number of items per page.     |
+| Name       | In    | Type   | Default | Allowed | Description                                                                 |
+| ---------- | ----- | ------ | ------- | ------- | --------------------------------------------------------------------------- |
+| `page`     | query | int    | `1`     | `>= 1`  | 1-based page index.                                                         |
+| `per_page` | query | int    | `25`    | `1…100` | Number of items per page.                                                   |
+| `actor`    | query | string | —       | —       | Filter audit logs by actor email. When omitted, all audit logs are returned. |
 
 ### Sample Response