mosaic/stack
1
0
Fork 0
Code Issues 10 Pull Requests 1 Actions Packages Projects Releases 2 Wiki Activity
23 Commits 78 Branches 4 Tags
5291fece26bd3c485241d19c7c598f6a00e84434
Commit Graph

4 Commits

Author SHA1 Message Date
Jason Woltje
5291fece26 feat(web): add workspace management UI (M2 #12) 
- Create workspace listing page at /settings/workspaces
  - List all user workspaces with role badges
  - Create new workspace functionality
  - Display member count per workspace

- Create workspace detail page at /settings/workspaces/[id]
  - Workspace settings (name, ID, created date)
  - Member management with role editing
  - Invite member functionality
  - Delete workspace (owner only)

- Add workspace components:
  - WorkspaceCard: Display workspace info with role badge
  - WorkspaceSettings: Edit workspace settings and delete
  - MemberList: Display and manage workspace members
  - InviteMember: Send invitations with role selection

- Add WorkspaceMemberWithUser type to shared package
- Follow existing app patterns for styling and structure
- Use mock data (ready for API integration)
 2026-01-29 16:59:26 -06:00
Jason Woltje
f47dd8bc92 feat: add domains, ideas, layouts, widgets API modules 
- Add DomainsModule with full CRUD, search, and activity logging
- Add IdeasModule with quick capture endpoint
- Add LayoutsModule for user dashboard layouts
- Add WidgetsModule for widget definitions (read-only)
- Update ActivityService with domain/idea logging methods
- Register all new modules in AppModule
 2026-01-29 13:47:03 -06:00
Jason Woltje
a220c2dc0a fix(#5,#36): Fix critical security issues and add comprehensive tests 
SECURITY FIXES:
- Replace generic Error with UnauthorizedException in all controllers
- Fix workspace isolation bypass in findAll methods (CRITICAL)
- Controllers now always use req.user.workspaceId, never allow query override

CODE FIXES:
- Fix redundant priority logic in tasks.service.ts
- Use TaskPriority.MEDIUM as default instead of undefined

TEST ADDITIONS:
- Add multi-tenant isolation tests for all services (tasks, events, projects)
- Add database constraint violation handling tests (P2002, P2003, P2025)
- Add missing controller error tests for events and projects controllers
- All new tests verify authentication and workspace isolation

RESULTS:
- All 247 tests passing
- Test coverage: 94.35% (exceeds 85% requirement)
- Critical security vulnerabilities fixed

Fixes #5
Refs #36

Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
 2026-01-28 18:55:07 -06:00
Jason Woltje
132fe6ba98 feat(#5): Implement CRUD APIs for tasks, events, and projects 
Implements comprehensive CRUD APIs following TDD principles with 92.44%
test coverage (exceeds 85% requirement).

Features:
- Tasks API: Full CRUD with filtering, pagination, and subtask support
- Events API: Full CRUD with recurrence support and date filtering
- Projects API: Full CRUD with task/event association
- Authentication guards on all endpoints
- Workspace-scoped queries for multi-tenant isolation
- Activity logging for all operations (CREATED, UPDATED, DELETED, etc.)
- DTOs with class-validator validation
- Comprehensive test suite (221 tests, 44 for new APIs)

Implementation:
- Services: Business logic with Prisma ORM integration
- Controllers: RESTful endpoints with AuthGuard
- Modules: Properly registered in AppModule
- Documentation: Complete API reference in docs/4-api/4-crud-endpoints/

Test Coverage:
- Tasks: 96.1%
- Events: 89.83%
- Projects: 84.21%
- Overall: 92.44%

TDD Workflow:
1. RED: Wrote failing tests first
2. GREEN: Implemented minimal code to pass tests
3. REFACTOR: Improved code quality while maintaining coverage

Refs #5

Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
 2026-01-28 18:43:12 -06:00