帐户背景和成员

帐户上下文和成员

目的：在凭证或提供商操作之前选择帐户范围并检查帐户成员资格。

用户界面流程

1. UI 调用GET /api/accounts 列出可访问的帐户。
2. 用户选择活动帐户。
3. UI 通过POST /api/account-views/switch 保留帐户上下文。
4. UI 加载GET /api/accounts/:account_id。
5. UI 加载GET /api/accounts/:account_id/members。
6. 所有者可以使用POST /api/accounts创建儿童帐户。
7. 所有者可以使用PATCH /api/accounts/:account_id更新帐户显示值。
8. 所有者可以使用/api/accounts/:account_id/members*添加/删除成员。
9. UI 将 account_id 存储在路由状态中，并为所有后续帐户范围的调用添加前缀。

客户端库流程

const accounts = await api.accounts.list();
const active = selectAccount(accounts.data);
const account = await api.accounts.get(active.id);
const members = await api.members.list(active.id);

HTTP/curl 流程

API_BASE_URL="https://api.inbox-manager.com"

curl -sS "${API_BASE_URL}/api/accounts" \
  -H "authorization: Bearer ${BEARER_TOKEN}"

curl -sS "${API_BASE_URL}/api/accounts/${ACCOUNT_ID}" \
  -H "authorization: Bearer ${BEARER_TOKEN}"

curl -sS -X POST "${API_BASE_URL}/api/account-views/switch" \
  -H "authorization: Bearer ${BEARER_TOKEN}" \
  -H "content-type: application/json" \
  --data "{\"account_id\":\"${ACCOUNT_ID}\"}"

curl -sS "${API_BASE_URL}/api/accounts/${ACCOUNT_ID}/members" \
  -H "authorization: Bearer ${BEARER_TOKEN}"

curl -sS -X POST "${API_BASE_URL}/api/accounts/${ACCOUNT_ID}/members/search" \
  -H "authorization: Bearer ${BEARER_TOKEN}" \
  -H "content-type: application/json" \
  --data '{"query":"owner","limit":20,"offset":0}'

curl -sS -X POST "${API_BASE_URL}/api/accounts" \
  -H "authorization: Bearer ${BEARER_TOKEN}" \
  -H "content-type: application/json" \
  --data '{"name":"Operations"}'

curl -sS -X PATCH "${API_BASE_URL}/api/accounts/${ACCOUNT_ID}" \
  -H "authorization: Bearer ${BEARER_TOKEN}" \
  -H "content-type: application/json" \
  --data '{"name":"Operations Team"}'

curl -sS -X POST "${API_BASE_URL}/api/accounts/${ACCOUNT_ID}/members" \
  -H "authorization: Bearer ${BEARER_TOKEN}" \
  -H "content-type: application/json" \
  --data '{"user_id":"uid_target","role":"member"}'

curl -sS -X PATCH "${API_BASE_URL}/api/accounts/${ACCOUNT_ID}/members/${MEMBER_ID}" \
  -H "authorization: Bearer ${BEARER_TOKEN}" \
  -H "content-type: application/json" \
  --data '{"role":"owner"}'

curl -sS -X DELETE "${API_BASE_URL}/api/accounts/${ACCOUNT_ID}/members/${MEMBER_ID}" \
  -H "authorization: Bearer ${BEARER_TOKEN}"

注释

• 帐户路径不匹配返回403。
• 会员端点是帐户范围和角色门控的。
• 帐户/成员写入端点需要 owner 角色。
• 会员创建支持member和viewer；所有权提升使用补丁。
• 业主自我降级和自我会员资格删除被阻止。
• 最后一个所有者降级或删除返回409。