@@ -28,6 +28,11 @@ GET /{org}/people members + (owner-only) invite form |
| 28 | 28 | POST /{org}/people/invite invite by username OR email |
| 29 | 29 | POST /{org}/people/{userID}/role change role (owner-only) |
| 30 | 30 | POST /{org}/people/{userID}/remove remove member (owner-only) |
| 31 | +GET /organizations/{org}/settings/profile |
| 32 | +POST /organizations/{org}/settings/profile |
| 33 | +POST /organizations/{org}/settings/profile/avatar |
| 34 | +POST /organizations/{org}/settings/profile/avatar/remove |
| 35 | +POST /organizations/{org}/settings/delete |
| 31 | 36 | GET /invitations/{token} accept/decline view (auth required) |
| 32 | 37 | POST /invitations/{token}/accept |
| 33 | 38 | POST /invitations/{token}/decline |
@@ -74,6 +79,20 @@ org-owned repos, has a live text filter, caps selections at six, and |
| 74 | 79 | persists the ordered set transactionally. Saving no selected repos is a |
| 75 | 80 | real customized state and suppresses the automatic fallback. |
| 76 | 81 | |
| 82 | +`GET /organizations/{org}/settings/profile` renders the owner-only |
| 83 | +organization settings profile page. The page uses the GitHub settings |
| 84 | +shape: org pagehead + underline nav, left settings sidebar, General |
| 85 | +profile form, profile-picture aside, in-product message rows, and a |
| 86 | +Danger zone. `POST /organizations/{org}/settings/profile` updates the |
| 87 | +persisted org fields (`display_name`, `description`, `website`, |
| 88 | +`location`, `billing_email`, and `allow_member_repo_create`) with |
| 89 | +friendly length, URL, and email validation before writing through the |
| 90 | +org sqlc queries. Avatar upload/removal stores object keys through the |
| 91 | +avatar pipeline and object store. |
| 92 | +`POST /organizations/{org}/settings/delete` soft-deletes the org through |
| 93 | +`orgs.SoftDelete` after an owner confirms the slug; the hard-delete |
| 94 | +worker still owns permanent removal after the grace window. |
| 95 | + |
| 77 | 96 | Repo visibility is filtered through `policy.IsVisibleTo` using an actor |
| 78 | 97 | constructed from `middleware.CurrentUser`, including suspension, |
| 79 | 98 | site-admin, and impersonation write-mode fields. Anonymous viewers only |
@@ -140,8 +159,8 @@ old slug for 301s during the rename cooldown. |
| 140 | 159 | (each one gets a regenerated model). Org renames aren't in the |
| 141 | 160 | S30 DoD; deferred to a follow-up sprint that owns the rename |
| 142 | 161 | refactor end to end. |
| 143 | | -* **Org-level audit log surface**, **suspension UI**, **org settings |
| 144 | | - page**, **avatar upload**, **email notifications for role-change / |
| 162 | +* **Org-level audit log surface**, **suspension UI**, **org rename / |
| 163 | + archive settings actions**, **email notifications for role-change / |
| 145 | 164 | remove / suspension / deletion**. Schema columns are present; UI and |
| 146 | 165 | notification fan-out land in follow-ups. |
| 147 | 166 | * **Org renaming via `principal_redirects`** — depends on the |