feat(web): add workspace management UI (M2 #12)
- Create workspace listing page at /settings/workspaces - List all user workspaces with role badges - Create new workspace functionality - Display member count per workspace - Create workspace detail page at /settings/workspaces/[id] - Workspace settings (name, ID, created date) - Member management with role editing - Invite member functionality - Delete workspace (owner only) - Add workspace components: - WorkspaceCard: Display workspace info with role badge - WorkspaceSettings: Edit workspace settings and delete - MemberList: Display and manage workspace members - InviteMember: Send invitations with role selection - Add WorkspaceMemberWithUser type to shared package - Follow existing app patterns for styling and structure - Use mock data (ready for API integration)
This commit is contained in:
Jason Woltje
@@ -8,97 +8,96 @@ import {
|
||||
Param,
|
||||
Query,
|
||||
UseGuards,
|
||||
Request,
|
||||
UnauthorizedException,
|
||||
} from "@nestjs/common";
|
||||
import { TasksService } from "./tasks.service";
|
||||
import { CreateTaskDto, UpdateTaskDto, QueryTasksDto } from "./dto";
|
||||
import { AuthGuard } from "../auth/guards/auth.guard";
|
||||
import { WorkspaceGuard, PermissionGuard } from "../common/guards";
|
||||
import { Workspace, Permission, RequirePermission } from "../common/decorators";
|
||||
import { CurrentUser } from "../auth/decorators/current-user.decorator";
|
||||
|
||||
/**
|
||||
* Controller for task endpoints
|
||||
* All endpoints require authentication
|
||||
* All endpoints require authentication and workspace context
|
||||
*
|
||||
* Guards are applied in order:
|
||||
* 1. AuthGuard - Verifies user authentication
|
||||
* 2. WorkspaceGuard - Validates workspace access and sets RLS context
|
||||
* 3. PermissionGuard - Checks role-based permissions
|
||||
*/
|
||||
@Controller("tasks")
|
||||
@UseGuards(AuthGuard)
|
||||
@UseGuards(AuthGuard, WorkspaceGuard, PermissionGuard)
|
||||
export class TasksController {
|
||||
constructor(private readonly tasksService: TasksService) {}
|
||||
|
||||
/**
|
||||
* POST /api/tasks
|
||||
* Create a new task
|
||||
* Requires: MEMBER role or higher
|
||||
*/
|
||||
@Post()
|
||||
async create(@Body() createTaskDto: CreateTaskDto, @Request() req: any) {
|
||||
const workspaceId = req.user?.workspaceId;
|
||||
const userId = req.user?.id;
|
||||
|
||||
if (!workspaceId || !userId) {
|
||||
throw new UnauthorizedException("Authentication required");
|
||||
}
|
||||
|
||||
return this.tasksService.create(workspaceId, userId, createTaskDto);
|
||||
@RequirePermission(Permission.WORKSPACE_MEMBER)
|
||||
async create(
|
||||
@Body() createTaskDto: CreateTaskDto,
|
||||
@Workspace() workspaceId: string,
|
||||
@CurrentUser() user: any
|
||||
) {
|
||||
return this.tasksService.create(workspaceId, user.id, createTaskDto);
|
||||
}
|
||||
|
||||
/**
|
||||
* GET /api/tasks
|
||||
* Get paginated tasks with optional filters
|
||||
* Requires: Any workspace member (including GUEST)
|
||||
*/
|
||||
@Get()
|
||||
async findAll(@Query() query: QueryTasksDto, @Request() req: any) {
|
||||
const workspaceId = req.user?.workspaceId;
|
||||
if (!workspaceId) {
|
||||
throw new UnauthorizedException("Authentication required");
|
||||
}
|
||||
@RequirePermission(Permission.WORKSPACE_ANY)
|
||||
async findAll(
|
||||
@Query() query: QueryTasksDto,
|
||||
@Workspace() workspaceId: string
|
||||
) {
|
||||
return this.tasksService.findAll({ ...query, workspaceId });
|
||||
}
|
||||
|
||||
/**
|
||||
* GET /api/tasks/:id
|
||||
* Get a single task by ID
|
||||
* Requires: Any workspace member
|
||||
*/
|
||||
@Get(":id")
|
||||
async findOne(@Param("id") id: string, @Request() req: any) {
|
||||
const workspaceId = req.user?.workspaceId;
|
||||
if (!workspaceId) {
|
||||
throw new UnauthorizedException("Authentication required");
|
||||
}
|
||||
@RequirePermission(Permission.WORKSPACE_ANY)
|
||||
async findOne(@Param("id") id: string, @Workspace() workspaceId: string) {
|
||||
return this.tasksService.findOne(id, workspaceId);
|
||||
}
|
||||
|
||||
/**
|
||||
* PATCH /api/tasks/:id
|
||||
* Update a task
|
||||
* Requires: MEMBER role or higher
|
||||
*/
|
||||
@Patch(":id")
|
||||
@RequirePermission(Permission.WORKSPACE_MEMBER)
|
||||
async update(
|
||||
@Param("id") id: string,
|
||||
@Body() updateTaskDto: UpdateTaskDto,
|
||||
@Request() req: any
|
||||
@Workspace() workspaceId: string,
|
||||
@CurrentUser() user: any
|
||||
) {
|
||||
const workspaceId = req.user?.workspaceId;
|
||||
const userId = req.user?.id;
|
||||
|
||||
if (!workspaceId || !userId) {
|
||||
throw new UnauthorizedException("Authentication required");
|
||||
}
|
||||
|
||||
return this.tasksService.update(id, workspaceId, userId, updateTaskDto);
|
||||
return this.tasksService.update(id, workspaceId, user.id, updateTaskDto);
|
||||
}
|
||||
|
||||
/**
|
||||
* DELETE /api/tasks/:id
|
||||
* Delete a task
|
||||
* Requires: ADMIN role or higher
|
||||
*/
|
||||
@Delete(":id")
|
||||
async remove(@Param("id") id: string, @Request() req: any) {
|
||||
const workspaceId = req.user?.workspaceId;
|
||||
const userId = req.user?.id;
|
||||
|
||||
if (!workspaceId || !userId) {
|
||||
throw new UnauthorizedException("Authentication required");
|
||||
}
|
||||
|
||||
return this.tasksService.remove(id, workspaceId, userId);
|
||||
@RequirePermission(Permission.WORKSPACE_ADMIN)
|
||||
async remove(
|
||||
@Param("id") id: string,
|
||||
@Workspace() workspaceId: string,
|
||||
@CurrentUser() user: any
|
||||
) {
|
||||
return this.tasksService.remove(id, workspaceId, user.id);
|
||||
}
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user