Lesstime

MALIO-DEV/Lesstime

Fork 0

Commit Graph

Author	SHA1	Message	Date
Matthieu	a18e1f575f	refactor(client-portal) : remove client portal feature entirely Pull Request — Quality gate / Backend (PHP CS + PHPUnit) (pull_request) Successful in 1m11s Details Pull Request — Quality gate / Frontend (build) (pull_request) Successful in 1m17s Details - drop ClientPortal module, ClientTicket entity, ROLE_CLIENT and all couplings (Task, TaskDocument, User, Notification) back to an internal-only model - migration drops client_ticket / user_allowed_projects / related FK columns and removes leftover external client accounts (would otherwise be promoted to ROLE_USER) - remove client-portal frontend module, admin tickets tab, user portal section, portal nav item and portal/clientTicket i18n keys - fix directory nav icon (invalid mdi:contact-multiple-outline -> mdi:card-account-details-outline) - add 'make sync-permissions' target, wire it into install/db-reset and the prod deploy script	2026-06-22 09:49:44 +02:00
Matthieu	808a290845	feat(client-portal) : phase 1 foundations — ROLE_CLIENT hardening + ClientTicket (back) LST-69 (3.2) phase 1. New ClientPortal module + security foundations for the client portal (spec docs/superpowers/specs/2026-03-15-client-portal-design.md). - Security: User::getRoles() no longer adds ROLE_USER to ROLE_CLIENT users; role_hierarchy ROLE_ADMIN: [ROLE_USER, ROLE_CLIENT]. Existing Task/Project/ Client/TimeEntry/metadata endpoints already required ROLE_USER -> a pure ROLE_CLIENT is walled off (verified: 403). - User (Core): client (ManyToOne ClientInterface, SET NULL) + allowedProjects (ManyToMany ProjectInterface). UserInterface extended (getClient/ getAllowedProjects). - New ClientTicket entity (module ClientPortal) + enums + repository + API with per-client isolation (ClientTicketProvider: own tickets ∩ allowedProjects), per-project numbering under advisory lock (rejects if user.client null), status transition rules. ClientTicketInterface contract for Task/TaskDocument. - TaskDocument generalized: task nullable + clientTicket (CASCADE) + CHECK; per-role access. Task.clientTicket exposed in task:read. - Additive migration; demo client fixtures. - Tenancy tests assert the isolation invariant (a client never sees another client's tickets) rather than brittle absolute counts (shared test DB). 178 tests green, mapping valid, cs-fixer clean.	2026-06-21 00:46:26 +02:00
Matthieu	23809f165e	feat(project-management) : migrate core Projects/Tasks domain into module (back) Tranche 2 of LST-65. Mechanical, behaviour-preserving move of the core business domain into src/Module/ProjectManagement/. API operations, securities, uriTemplates and the 38 MCP tool names are all unchanged. - 10 entities + 2 enums moved to Domain/{Entity,Enum}; intra-module relations stay concrete, cross-module relations go through contracts (Project.client -> ClientInterface, Task/TaskDocument users -> UserInterface). - 9 repositories split into Domain/Repository interfaces + Doctrine impls, bound in services.yaml; consumers inject the interfaces. find() kept off the interfaces (ServiceEntityRepository ?object compat) -> findById(). - State (7), MCP tools (38), controller, CalDavService/RecurrenceCalculator, 3 Doctrine listeners and SwitchWorkflowOutput moved under Infrastructure/. - doctrine.yaml: ProjectManagement mapping + resolve_target_entities of the 3 module contracts repointed to the module (ClientInterface stays legacy). - ProjectManagementModule registered (id project-management, 4 RBAC perms, not re-wired); sidebar my-tasks/projects gated by the module. - Legacy not-yet-modularised consumers (Mail/Gitea/BookStack, Serializer, fixtures, tests) swapped to the module FQCN — transitional coupling to be cleaned in 2.4/2.5/2.6. 159 tests green, mapping valid, no API route regression, cs-fixer clean.	2026-06-20 16:54:59 +02:00

Author

SHA1

Message

Date

Matthieu

a18e1f575f

refactor(client-portal) : remove client portal feature entirely

Pull Request — Quality gate / Backend (PHP CS + PHPUnit) (pull_request) Successful in 1m11s

Details

Pull Request — Quality gate / Frontend (build) (pull_request) Successful in 1m17s

Details

- drop ClientPortal module, ClientTicket entity, ROLE_CLIENT and all couplings (Task, TaskDocument, User, Notification) back to an internal-only model

- migration drops client_ticket / user_allowed_projects / related FK columns and removes leftover external client accounts (would otherwise be promoted to ROLE_USER)

- remove client-portal frontend module, admin tickets tab, user portal section, portal nav item and portal/clientTicket i18n keys

- fix directory nav icon (invalid mdi:contact-multiple-outline -> mdi:card-account-details-outline)

- add 'make sync-permissions' target, wire it into install/db-reset and the prod deploy script

2026-06-22 09:49:44 +02:00

Matthieu

808a290845

feat(client-portal) : phase 1 foundations — ROLE_CLIENT hardening + ClientTicket (back)

LST-69 (3.2) phase 1. New ClientPortal module + security foundations for the
client portal (spec docs/superpowers/specs/2026-03-15-client-portal-design.md).

- Security: User::getRoles() no longer adds ROLE_USER to ROLE_CLIENT users;
  role_hierarchy ROLE_ADMIN: [ROLE_USER, ROLE_CLIENT]. Existing Task/Project/
  Client/TimeEntry/metadata endpoints already required ROLE_USER -> a pure
  ROLE_CLIENT is walled off (verified: 403).
- User (Core): client (ManyToOne ClientInterface, SET NULL) + allowedProjects
  (ManyToMany ProjectInterface). UserInterface extended (getClient/
  getAllowedProjects).
- New ClientTicket entity (module ClientPortal) + enums + repository + API with
  per-client isolation (ClientTicketProvider: own tickets ∩ allowedProjects),
  per-project numbering under advisory lock (rejects if user.client null),
  status transition rules. ClientTicketInterface contract for Task/TaskDocument.
- TaskDocument generalized: task nullable + clientTicket (CASCADE) + CHECK;
  per-role access. Task.clientTicket exposed in task:read.
- Additive migration; demo client fixtures.
- Tenancy tests assert the isolation invariant (a client never sees another
  client's tickets) rather than brittle absolute counts (shared test DB).

178 tests green, mapping valid, cs-fixer clean.

2026-06-21 00:46:26 +02:00

Matthieu

23809f165e

feat(project-management) : migrate core Projects/Tasks domain into module (back)

Tranche 2 of LST-65. Mechanical, behaviour-preserving move of the core
business domain into src/Module/ProjectManagement/. API operations,
securities, uriTemplates and the 38 MCP tool names are all unchanged.

- 10 entities + 2 enums moved to Domain/{Entity,Enum}; intra-module
  relations stay concrete, cross-module relations go through contracts
  (Project.client -> ClientInterface, Task/TaskDocument users ->
  UserInterface).
- 9 repositories split into Domain/Repository interfaces + Doctrine impls,
  bound in services.yaml; consumers inject the interfaces. find() kept off
  the interfaces (ServiceEntityRepository ?object compat) -> findById().
- State (7), MCP tools (38), controller, CalDavService/RecurrenceCalculator,
  3 Doctrine listeners and SwitchWorkflowOutput moved under Infrastructure/.
- doctrine.yaml: ProjectManagement mapping + resolve_target_entities of the
  3 module contracts repointed to the module (ClientInterface stays legacy).
- ProjectManagementModule registered (id project-management, 4 RBAC perms,
  not re-wired); sidebar my-tasks/projects gated by the module.
- Legacy not-yet-modularised consumers (Mail/Gitea/BookStack, Serializer,
  fixtures, tests) swapped to the module FQCN — transitional coupling to be
  cleaned in 2.4/2.5/2.6.

159 tests green, mapping valid, no API route regression, cs-fixer clean.

2026-06-20 16:54:59 +02:00

3 Commits