Issue #65 — Backend: Get Members Provider & Endpoint

[yusuftomilola]

Location:

• backend/src/users/providers/get-members.provider.ts
• backend/src/users/members.controller.ts

Description

Admins need a paginated, searchable, filterable list of all registered members on the platform. This endpoint is the backbone of the admin members management page and must support searching by name or email, filtering by role, and filtering by membership status — all combinable in a single request.

This endpoint is admin-only and must never return sensitive fields such as passwords, TOTP secrets, or backup codes. Use TypeORM's select option or the existing @Exclude() decorators on the entity to ensure sensitive fields are stripped from the response.

Acceptance Criteria

• A GetMembersProvider class is created at backend/src/users/providers/get-members.provider.ts
• GET /members returns a paginated list of users
  • Accepts MemberQueryDto query params: page, limit, search, role, status
  • search performs a case-insensitive ILIKE match against firstname, lastname, and email using an OR condition
  • role and status filters are applied when provided
  • Results are ordered by createdAt descending (newest members first)
  • Response shape: { success: true, data: User[], meta: { total, page, limit, totalPages } }
• The endpoint is guarded with @UseGuards(RolesGuard) and @Roles(UserRole.ADMIN, UserRole.SUPER_ADMIN, UserRole.STAFF)
• Sensitive fields (password, totpSecret, totpBackupCodes) are never included in the response
• GetMembersProvider is registered and exported from UsersModule
• npx tsc --noEmit passes with no errors