Skip to content

feat: add admin users page (structurizr)#2

Open
parse wants to merge 5 commits intomainfrom
test/frontend-bypasses-gateway-structurizr
Open

feat: add admin users page (structurizr)#2
parse wants to merge 5 commits intomainfrom
test/frontend-bypasses-gateway-structurizr

Conversation

@parse
Copy link
Contributor

@parse parse commented Feb 27, 2026

No description provided.

parse and others added 3 commits February 27, 2026 08:39
@parse @claude
feat: add admin users page with direct user-service call
8254c79 
Add /admin/users route that fetches directly from user-service,
bypassing the api-gateway. This introduces an architecture violation
for testing erode's analyze command.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
@parse
update workflow to use structurizr
6ce0597
@parse
Merge branch 'main' into test/frontend-bypasses-gateway-structurizr
126c46f
@erode-app erode-app deleted a comment from erode-app bot Feb 27, 2026
@erode-app
Copy link

erode-app bot commented Feb 27, 2026
edited
Loading

Architectural Drift Analysis

Component: frontend (Web Frontend)

Selected from 5 candidates
  • frontend (Web Frontend)
  • api_gateway (API Gateway)
  • user_service (User Service)
  • product_service (Product Service)
  • database (Database)

Status: ⚠️ Issues detected

Detected Issues (1)

  • [HIGH] The Web Frontend ('frontend') is calling the User Service directly, bypassing the API Gateway. According to the model, frontend is only allowed to depend on api_gateway, not user_service. This is a cross-boundary violation and breaks the intended system separation and control.
    • Source: packages/frontend/src/index.ts
    • Recommendation: Refactor the frontend code to send user-related requests through the API Gateway, not directly to the user_service. Only update the architecture model if this is a deliberate, model-driven change, and after architectural review.

How to Resolve:
Adjust the architecture model to:

  • Include missing relationships between components
  • Revise component boundaries if code has been relocated
  • Record intentional architectural changes

Overview

This PR introduces architectural drift by allowing the frontend to bypass the API Gateway and call the user_service directly, which violates the current architectural constraints. No improvements to architecture alignment were found, and this dependency should be removed or revised to preserve proper boundary enforcement.

Analysis details
AI Provider openai
Quick model (Stages 1, 2) gpt-4.1-mini
Deep model (Stage 3) gpt-4.1

Automated by erode

@erode-app erode-app locked and limited conversation to collaborators Mar 3, 2026
@erode-app erode-app unlocked this conversation Mar 3, 2026
@erode-app erode-app locked and limited conversation to collaborators Mar 3, 2026
@parse parse mentioned this pull request Mar 3, 2026
Merged
3 tasks
@erode-app erode-app unlocked this conversation Mar 7, 2026
@erode-app erode-app locked and limited conversation to collaborators Mar 7, 2026
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@parse