f8fc4d6bd9
feat(core) : move user entity into core module and repoint security/doctrine (temp legacy alias)
2026-06-19 16:03:52 +02:00
748289b61a
feat(modules) : expose GET /api/modules and module registry
2026-06-19 14:33:53 +02:00
2a0b202d32
feat(absences) : avancement module absences + suppression du portail client
...
Deux lots regroupés sur la branche feat/absence-management.
Suppression complète du portail client :
- retire ROLE_CLIENT (security.yaml) ; User::getRoles() ajoute toujours ROLE_USER
- supprime l'entité ClientTicket (+ repo, states, relations), User.client et
User.allowedProjects, NotificationService, ProjectAllowedExtension, le bloc
ROLE_CLIENT de MailAccessChecker
- front : pages /portal, layout portal, composants client-ticket/,
AdminClientTicketTab, services/dto/i18n/docs associés
- fixtures : retire les users client-liot / client-acme
- migration Version20260522110000 (drop client_ticket, user_allowed_projects,
colonnes liées ; task_document.task_id -> NOT NULL)
- tests : retire les cas obsolètes testant le blocage des clients sur le mail
Module gestion des absences (WIP) :
- entités / migrations (Version20260521160000, Version20260522090000)
- pages absences.vue / team-absences.vue, composants frontend/components/absence/
- services front, AccrueLeaveCommand, PublicHolidayController
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com >
2026-05-22 11:31:31 +02:00
matthieu
8986f3cb0e
feat(mail) : security.yaml - access_control ^/api/mail (IS_AUTHENTICATED_FULLY)
...
- ajoute la regle ^/api/mail avant ^/api pour expliciter l'authentification requise
- les checks fins ROLE_USER vs ROLE_CLIENT restent dans MailAccessChecker (chaque controller)
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com >
2026-05-20 00:15:49 +02:00
fd3097cc26
chore(backend) : rate limiting, cache-control, remove twig, clean deps
...
- Add login_throttling on /login_check (5 attempts/min) with symfony/rate-limiter
- Add Cache-Control: public, max-age=86400 on avatar responses
- Remove symfony/twig-bundle (unused in API-only project)
- Remove unused dev deps: symfony/browser-kit, symfony/css-selector
- Rename API Platform title to "Lesstime API"
Tickets: T-010, T-016, T-022, T-024, T-025
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com >
2026-03-17 15:27:16 +01:00
3d4b7fad12
fix(mcp) : allow unauthenticated GET on /_mcp for SSE streaming
...
Auto Tag Develop / tag (push) Has been cancelled
Build Release Artefact / build (push) Failing after 1m16s
Claude Code MCP HTTP client sends GET SSE requests without the
Authorization header, breaking the streamable HTTP transport.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com >
2026-03-17 09:15:29 +01:00
matthieu
e16fd2053e
feat : MCP server infrastructure setup
...
Install symfony/mcp-bundle, add STDIO + HTTP transport config,
API token auth on User entity with custom authenticator and firewall,
generate-api-token console command, Nginx /_mcp location, fixture token.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com >
2026-03-15 19:33:52 +01:00
matthieu
05e24db6ca
feat(security) : add role hierarchy for client portal
...
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com >
2026-03-15 19:21:28 +01:00
tristan
47562fbdec
feat : config + login
2026-03-08 19:47:19 +01:00
Matthieu
matthieu
tristan