feat: introduce temporary admin mode for site config

[dcshzj]

Problem

Ops load on engineers is quite high for editing the site config, navbar and footer.

Solution

Breaking Changes

• Yes - this PR contains breaking changes
• No - this PR is backwards compatible

Features:

• Add a new /admin route for Isomer Admins to directly modify the site's config, theme, navbar and footer items.
  • Access to this feature is gated for just Isomer Admins, all other users will not know of its existence and even if they do, they will not have the permission to access the form to edit.

Before & After Screenshots

View for Isomer Admins:

View for unauthorised users:

Tests

• Log in to Studio as a whitelisted Isomer Admin (your email should be whitelisted inside Growthbook).
• Go to any site.
• Verify that a star icon appears on the navigation bar on the left side.
• Click on the star icon, verify that you are able to see the form to change the site configurations.
• Change any configuration and save, verify that you are able to save successfully.
• Navigate to any page and verify that those changes have persisted (or change another configuration that is more visible, such as the navigation bar or footer).
• Log in to Studio as a non-whitelisted user.
• Go to any site, verify that there are only 2 icons on the navigation bar on the left side.
• Append /admin to the URL and navigate to the page.
• Verify that the page shows that you do not have permission to access the page.

[datadog-opengovsg]

Datadog Report

Branch report: feat/site-config-admin
Commit report: e47e08d
Test service: isomer-studio

✅ 0 Failed, 261 Passed, 36 Skipped, 47.08s Total Time
➡️ Test Sessions change in coverage: 1 no change

missed something oopsie

[seaerchin]

minor issue - not too sure what the useEffect is doing! i think because this affects end user sites (and the site wide config), we might want to sanitise the json object to make sure it's valid (cos we're just parsing to make sure it's valid json, but not that the jsonobject matches what we expect - eg: {siteNavItems: [...]} vs {siteNavItem: [...]}

but no actionable re: the second point of matching - onlyi want to make sure the useEffect isn't sussy

[seaerchin]

i'm not quiet sure what this useEffect does? if the modal is closed + there are changes, we unsub to routeChangeStart (so this iwll only ever fire once) -> and we set the next url

why wouldn't we use the nextUrl of the unsaved settings modal

[dcshzj]

Hmm this was taken directly from the settings.tsx file, mainly to trigger the unsaved settings modal if the form is dirty and the user is attempting to change to a different route (e.g. clicking on the pages icon to go back to the site dashboard). This useEffect will prevent that.

[seaerchin]

ok, sounds good! this honestly look abit sus but given that it's used on settings.tsx , i think it's ok.

i think it might be worth to double-check the function is cleaning up properly; just based off what i see here, we turn off the events if isDirty then we setNextUrl, but we only turn on the event when the modal is closed again? wondering if it's possible for our users to bypass the !isOpen and for routeChangeStart to be off permanently

based off what i know i don't think so, because any closing of the modal will trigger the state change, but just wanted to be sure

[seaerchin]

mostly lgtm - i think blind spots for me are the useEffect, which is actually pretty confusing

the router method can be updated but not a real blocker, given that it's narrowly used and easy to infer from context

[seaerchin]

nit: i think this might be better named as setSiteConfigByAdmin or setAdminSiteConfig but very minor