Lesstime

Author	SHA1	Message	Date
Matthieu	ff7cff1d39	fix(backend) : add validation constraints and fix concurrent numbering - Add Assert\Choice on ClientTicket type and status with typed constants - Add Assert\Url on GiteaConfiguration, BookStackConfiguration, TaskBookStackLink, ClientTicket - Fix concurrent task/ticket numbering: use pg_advisory_xact_lock instead of FOR UPDATE with MAX() - Wrap CreateTaskTool numbering in transaction - Harmonize repository contracts: both return max number, caller adds +1 Tickets: T-004, T-008, T-011, T-012 Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>	2026-03-17 15:27:16 +01:00
Matthieu	ed58a402b0	fix(auth) : use dedicated plainPassword field for password hashing - Add non-persisted plainPassword field to User entity (write-only via API) - Remove direct write access to password field - Update UserPasswordHasherProcessor to hash from plainPassword - Update frontend DTO and UserDrawer component Ticket: T-009 Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>	2026-03-17 15:27:16 +01:00
Matthieu	2ac815d074	fix(security) : block SVG upload, enforce ROLE_CLIENT restrictions on documents - Block SVG MIME type in TaskDocumentProcessor upload validation - Serve existing SVG files as attachment (defense-in-depth) in download controller - Block ROLE_CLIENT from uploading documents to tasks (only allowed via portal tickets) - Add Doctrine extension to filter projects by allowedProjects for ROLE_CLIENT Tickets: T-003, T-005, T-006 Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>	2026-03-17 15:27:16 +01:00
matthieu	e4fc34b90f	refactor : simplify codebase and fix critical issues Backend: - Add MCP Serializer to centralize entity-to-array conversion (~300 lines deduped) - Fix race condition in task/ticket number generation (SELECT FOR UPDATE + transaction) - Add unique constraint on task (project_id, number) with migration - Fix MIME type validation: use server-detected finfo instead of client-supplied type - Add allowlist of permitted MIME types for uploads - Fix TaskDocumentDownloadController: allow ROLE_CLIENT access, add priority:1 - Fix notification sent even when ticket status unchanged - Remove redundant exception constructors - Simplify services (BookStackApi double fetch, TokenEncryptor, GiteaApi) - Consolidate duplicate checks in processors Frontend: - Fix useApi isHandlingUnauthorized scope (module-level to prevent double 401 redirect) - Fix client-tickets toast key copy-paste bug - Merge duplicated tasks service methods (getByProject + getByProjectArchived) - Extract shared uploadWithRelation helper in task-documents service - Extract formatFileSize utility from duplicated component code - Extract status transition logic into useClientTicketHelpers composable - Remove dead code (unused router, handleLogout, empty script blocks) - Merge duplicate watchers and onMounted calls - Normalize arrow functions to function declarations per convention Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>	2026-03-15 22:09:16 +01:00
matthieu	2a874046d3	feat : allow client to edit own tickets and protect status fields Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>	2026-03-15 20:35:11 +01:00
matthieu	6d7e6f5f48	fix : allow admin users to create client tickets on any project Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>	2026-03-15 20:07:19 +01:00
matthieu	59b11f1225	feat(notification) : hook NotificationService into ticket processors	2026-03-15 19:47:06 +01:00
matthieu	d932359024	feat(notification) : add NotificationProvider filtered by current user	2026-03-15 19:45:58 +01:00
matthieu	851953df1e	feat : generalize TaskDocumentProcessor for client tickets Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>	2026-03-15 19:28:04 +01:00
matthieu	b6cfe9d7d4	feat : add ClientTicketProvider with filtering Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>	2026-03-15 19:27:24 +01:00
matthieu	f33f2f95ec	feat : add ClientTicketStatusProcessor Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>	2026-03-15 19:27:10 +01:00
matthieu	f27297517c	feat : add ClientTicketNumberProcessor Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>	2026-03-15 19:27:00 +01:00
matthieu	4c19b68156	fix(gitea) : propagate API errors instead of silently returning empty results Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>	2026-03-15 18:58:55 +01:00
matthieu	9e638c32b8	feat(bookstack) : add BookStackSearchResult API resource for shelf-scoped search Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>	2026-03-15 18:10:47 +01:00
matthieu	bc331982d5	feat(bookstack) : add BookStackLink API resource with CRUD operations Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>	2026-03-15 18:10:24 +01:00
matthieu	1e311242a9	feat(bookstack) : add BookStackShelf API resource for listing shelves Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>	2026-03-15 18:09:51 +01:00
matthieu	97c6ef6a52	feat(bookstack) : add BookStackTestConnection API resource Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>	2026-03-15 18:09:36 +01:00
matthieu	28fbc73248	feat(bookstack) : add BookStackSettings API resource with provider and processor Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>	2026-03-15 18:09:20 +01:00
matthieu	06832c24e1	feat : add document upload processor, download controller and cleanup listener Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>	2026-03-15 18:05:58 +01:00
matthieu	8ec98a593a	feat : add task_document migration Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>	2026-03-15 18:04:14 +01:00
matthieu	445f51b473	fix(gitea) : fetch only branch-specific commits using compare API Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>	2026-03-15 08:16:55 +01:00
Matthieu	5135e28e3a	feat : add branch name generation endpoint Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>	2026-03-13 13:59:32 +01:00
Matthieu	3d0fad3735	feat : add task Gitea pull requests endpoint Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>	2026-03-13 13:59:07 +01:00
Matthieu	dcbf5db308	feat : add task Gitea branches endpoints (list + create) Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>	2026-03-13 13:58:41 +01:00
Matthieu	7b1aa22c15	feat : add Gitea repositories list endpoint Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>	2026-03-13 13:58:09 +01:00
Matthieu	5577884c13	feat : add Gitea test connection endpoint Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>	2026-03-13 13:57:50 +01:00
Matthieu	be2e7c60a3	feat : add Gitea settings API resource with provider/processor Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>	2026-03-13 13:57:31 +01:00
Matthieu	517511177c	feat : add project code and task auto-numbering Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>	2026-03-13 08:20:31 +01:00
matthieu	c886506791	fix(time-tracking) : return empty collection instead of 404 for active timer endpoint Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>	2026-03-11 00:00:33 +01:00
matthieu	1e07eb1d64	feat(time-tracking) : add ActiveTimeEntryProvider, fixtures, and serialization groups - ActiveTimeEntryProvider returns active timer for current user - TimeEntry fixtures with 10 sample entries for the SIRH project - Add time_entry:read group to Project, User, and TaskType for embedded serialization Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>	2026-03-10 22:22:34 +01:00
matthieu	8c56ee6dd7	chore : update project documentation and config Update CLAUDE.md structure, add implementation plans, fix config/reference.php and MeProvider comment. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>	2026-03-09 23:40:49 +01:00
matthieu	81797e10c0	feat : add User CRUD with admin management Add User API operations (GET, POST, PATCH, DELETE) with password hashing processor, frontend service, drawer and admin tab. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>	2026-03-09 23:40:49 +01:00
tristan	47562fbdec	feat : config + login	2026-03-08 19:47:19 +01:00

33 Commits