feat: Add analytics, incident, and alert models and APIs, along with user permissions and bulk profile lookups.

backend/apps/api/v1/admin/views.py

@@ -1263,3 +1263,88 @@ class PipelineIntegrityScanView(APIView):
                 {"detail": "Failed to run integrity scan"},
                 status=status.HTTP_500_INTERNAL_SERVER_ERROR,
             )
+
+
+class AdminSettingsView(APIView):
+    """
+    GET/POST /admin/settings/
+    Simple key-value store for admin preferences.
+    
+    Settings are stored in Django cache with admin-specific keys.
+    For persistent storage, a database model can be added later.
+    """
+
+    permission_classes = [IsAdminWithSecondFactor]
+
+    def get(self, request):
+        """Get all admin settings or a specific setting."""
+        try:
+            key = request.query_params.get("key")
+            
+            if key:
+                # Get specific setting
+                value = cache.get(f"admin_setting_{key}")
+                if value is None:
+                    return Response(
+                        {"results": []},
+                        status=status.HTTP_200_OK,
+                    )
+                return Response(
+                    {"results": [{"key": key, "value": value}]},
+                    status=status.HTTP_200_OK,
+                )
+            
+            # Get all settings (return empty list if none exist)
+            # In a real implementation, you'd query a database model
+            settings_keys = cache.get("admin_settings_keys", [])
+            results = []
+            for k in settings_keys:
+                val = cache.get(f"admin_setting_{k}")
+                if val is not None:
+                    results.append({"key": k, "value": val})
+            
+            return Response(
+                {"results": results, "count": len(results)},
+                status=status.HTTP_200_OK,
+            )
+
+        except Exception as e:
+            capture_and_log(e, "Admin settings GET - error", source="api")
+            return Response(
+                {"detail": "Failed to fetch admin settings"},
+                status=status.HTTP_500_INTERNAL_SERVER_ERROR,
+            )
+
+    def post(self, request):
+        """Create or update an admin setting."""
+        try:
+            key = request.data.get("key")
+            value = request.data.get("value")
+            
+            if not key:
+                return Response(
+                    {"detail": "key is required"},
+                    status=status.HTTP_400_BAD_REQUEST,
+                )
+            
+            # Store in cache (30 days TTL)
+            cache.set(f"admin_setting_{key}", value, 60 * 60 * 24 * 30)
+            
+            # Track keys
+            settings_keys = cache.get("admin_settings_keys", [])
+            if key not in settings_keys:
+                settings_keys.append(key)
+                cache.set("admin_settings_keys", settings_keys, 60 * 60 * 24 * 30)
+            
+            return Response(
+                {"success": True, "key": key, "value": value},
+                status=status.HTTP_200_OK,
+            )
+
+        except Exception as e:
+            capture_and_log(e, "Admin settings POST - error", source="api")
+            return Response(
+                {"detail": "Failed to save admin setting"},
+                status=status.HTTP_500_INTERNAL_SERVER_ERROR,
+            )
+