feat: add update and delete operations for users and policies in admin interface

Add updateUser and deleteUser API client methods with PATCH and DELETE endpoints. Add updatePolicy and deletePolicy API client methods. Add email field to User type. Add Actions column to users and policies tables with Edit and Delete buttons. Implement inline edit forms for users and policies with state management for editing mode. Add update and delete mutations with query invalidation on success. Add error notices

backend/internal/policy/repository.go

@@ -2,6 +2,7 @@ package policy
 
 import (
 	"context"
+	"errors"
 
 	"github.com/google/uuid"
 	"github.com/jackc/pgx/v5/pgxpool"
@@ -10,6 +11,8 @@ import (
 type Repository interface {
 	List(ctx context.Context) ([]Policy, error)
 	Create(ctx context.Context, input CreateRequest, createdBy uuid.UUID) (Policy, error)
+	Update(ctx context.Context, policyID uuid.UUID, input UpdateRequest) (Policy, error)
+	Delete(ctx context.Context, policyID uuid.UUID) error
 	ResolveDestinations(ctx context.Context, userID uuid.UUID, deviceID *uuid.UUID) ([]string, error)
 }
 
@@ -106,6 +109,81 @@ func (r *PGRepository) Create(ctx context.Context, input CreateRequest, createdB
 	return inputPolicy, nil
 }
 
+func (r *PGRepository) Update(ctx context.Context, policyID uuid.UUID, input UpdateRequest) (Policy, error) {
+	tx, err := r.db.Begin(ctx)
+	if err != nil {
+		return Policy{}, err
+	}
+	defer tx.Rollback(ctx)
+
+	_, err = tx.Exec(ctx, `
+		update policies
+		set
+			name = coalesce($2, name),
+			description = coalesce($3, description),
+			priority = coalesce($4, priority),
+			effect = coalesce($5, effect),
+			full_tunnel = coalesce($6, full_tunnel),
+			is_active = coalesce($7, is_active),
+			updated_at = now()
+		where id = $1 and deleted_at is null
+	`, policyID, input.Name, input.Description, input.Priority, input.Effect, input.FullTunnel, input.IsActive)
+	if err != nil {
+		return Policy{}, err
+	}
+
+	if input.Destinations != nil {
+		if _, err := tx.Exec(ctx, `delete from policy_destinations where policy_id = $1`, policyID); err != nil {
+			return Policy{}, err
+		}
+		for _, destination := range input.Destinations {
+			if _, err := tx.Exec(ctx, `
+				insert into policy_destinations (id, policy_id, destination)
+				values ($1, $2, $3::cidr)
+			`, uuid.New(), policyID, destination); err != nil {
+				return Policy{}, err
+			}
+		}
+	}
+
+	if input.Targets != nil {
+		if _, err := tx.Exec(ctx, `delete from policy_targets where policy_id = $1`, policyID); err != nil {
+			return Policy{}, err
+		}
+		for _, target := range input.Targets {
+			if _, err := tx.Exec(ctx, `
+				insert into policy_targets (id, policy_id, target_type, target_id)
+				values ($1, $2, $3, $4)
+			`, uuid.New(), policyID, target.Type, target.ID); err != nil {
+				return Policy{}, err
+			}
+		}
+	}
+
+	if err := tx.Commit(ctx); err != nil {
+		return Policy{}, err
+	}
+
+	items, err := r.List(ctx)
+	if err != nil {
+		return Policy{}, err
+	}
+	for _, item := range items {
+		if item.ID == policyID {
+			if input.Targets != nil {
+				item.Targets = input.Targets
+			}
+			return item, nil
+		}
+	}
+	return Policy{}, errors.New("policy not found after update")
+}
+
+func (r *PGRepository) Delete(ctx context.Context, policyID uuid.UUID) error {
+	_, err := r.db.Exec(ctx, `update policies set deleted_at = now(), updated_at = now() where id = $1 and deleted_at is null`, policyID)
+	return err
+}
+
 func (r *PGRepository) ResolveDestinations(ctx context.Context, userID uuid.UUID, deviceID *uuid.UUID) ([]string, error) {
 	query := `
 		select distinct pd.destination::text