feat: migrate high-priority admin endpoints to unified @Auth() decora…

[snowmous3]

Description

This commit migrates all security-critical admin endpoints from the old inconsistent auth patterns to the new unified @Auth() decorator system, improving code maintainability and security.

Changes:

• Migrated 15 admin endpoints to use @adminonly() decorator
• Replaced 20+ @ispublic() with @public() for consistency
• Removed old patterns: @UseGuards(AbilitiesGuard), @CheckAbilities()
• Updated imports across all affected controllers

Controllers migrated:

1. claim-review.controller.ts (4/4 endpoints - COMPLETE)

   • Admin: PUT/DELETE review endpoints
   • Public: GET review endpoints

2. claim.controller.ts (15/39 endpoints - admin + public)

   • Admin: DELETE claim, PUT hidden status, GET debate editor
   • Public: 12 GET endpoints for claim pages

3. personality.controller.ts (7/16 endpoints - admin + public API)

   • Admin: PUT hidden status, DELETE personality
   • Public: 5 GET endpoints for personality data

4. daily-report.controller.ts (1/1 endpoint - COMPLETE)

   • Admin: POST daily report sending

5. badge.controller.ts (4/4 endpoints - COMPLETE)

   • Admin: POST/PUT badge management, GET admin page

6. name-space.controller.ts (4/4 endpoints - COMPLETE)

   • Admin: POST/PUT/GET namespace management

New file:

• server/auth/auth_migration_mapping.md Comprehensive tracking document mapping all 32 controllers and their migration status

Benefits:
✅ Consistent auth pattern across all admin endpoints ✅ Improved code readability and maintainability
✅ Explicit security boundaries for critical operations ✅ No breaking changes - backward compatible
✅ Foundation for continued migration of remaining endpoints

See auth_migration_mapping.md for detailed migration plan and progress.

🤖 Generated with Claude Code

Related Ticket # (issue)

Type of change

Please delete options that are not relevant.

• Bug fix (non-breaking change which fixes an issue)
• New feature (non-breaking change which adds functionality)
• Existing feature enhancement (non-breaking change which modifies existing functionality)

Testing

Provide relevant testing instructions. What scenarios are impacted? What build may be necessary to test this change?

Developer Checklist

General

• Code is appropriately commented, particularly in hard-to-understand areas
• Repository documentation has been updated (Readme.md) with additional steps required for a local environment setup.
• No console.log or related logging is added.
• No code is repeated/duplicated in violation of DRY. The exception to this is for new (MVP/Prototype) functionality where the abstraction layer may not be clear (comments should be added to explain the violation of DRY in these scenarios).
• Documented with TSDoc all library and controller new functions

Frontend Changes

• No new styling is added through CSS files (Unless it's a bugfix/hotfix)
• All types are added correctly

Backend Changes

• All endpoints are appropriately secured with Middleware authentication
• All new endpoints have a interface schema defined

Tests

• All existing unit and end to end tests pass across all services
• Unit and end to end tests have been added to ensure backend APIs behave as expected

Test IDs

• Include the test ID when adding new tasks or components.
• Check that test IDs are present in the modified components.

Merge Request Review Checklist

• An issue is linked to this PR and these changes meet the requirements outlined in the linked issue(s)
• High risk and core workflows have been tested and verified in a local environment.
• Enhancements or opportunities to improve performance, stability, security or code readability have been noted and documented in Project do Github issues if not being addressed.
• Any dependent changes have been merged and published in downstream modules
• Changes to multiple services can be deployed in parallel and independently. If not, changes should be broken out into separate merge requests and deployed in order.

[sonarqubecloud]

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
100.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

[sonarqubecloud]

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
83.3% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud