MALIO-DEV/Lesstime
3
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases 32 Wiki Activity
593 Commits 4 Branches 74 Tags
d0aff0fa51ee61a68cce14c08e33a5bae555d4ce
Commit Graph

72 Commits

Author SHA1 Message Date
Matthieu d0aff0fa51 feat(share) : entité ShareConfiguration + migration 2026-06-03 17:00:53 +02:00
Matthieu c692e4cf43 fix(time-tracking) : afficher toutes les time entries sans filtre projet
Auto Tag Develop / tag (push) Successful in 13s
Details 
La vue suivi de temps tapait la GetCollection paginée de /time_entries
(30 items/page) et ne lisait que la première page : sur une semaine
chargée, les entrées les plus anciennes (triées startedAt DESC) étaient
tronquées tant qu'aucun filtre projet ne réduisait le total sous 30.

Ajout d'une GetCollection dédiée /time_entries/range non paginée, bornée
par date, vers laquelle pointe désormais getByDateRange.
 2026-05-29 16:46:04 +02:00
Matthieu 02ac151ac0 feat(users) : ajout prénom et nom sur l'utilisateur
Auto Tag Develop / tag (push) Successful in 7s
Details 
Deux colonnes nullable firstName/lastName sur User (groupes me:read,
user:list, user:write), éditables dans le drawer utilisateur (admin).
L'affichage reste basé sur le username pour l'instant. Migration +
valeurs de démo dans les fixtures.
 2026-05-26 11:33:18 +02:00
Matthieu 11fdf8d1bf fix(absences) : durcissement RGPD des données RH des utilisateurs 
Suite à la revue de conformité du module absences.

Fuite corrigée : GET /api/users et /api/users/{id} n'avaient aucun contrôle
d'accès alors que le groupe user:list exposait les données RH/familiales
(date d'embauche, contrat, soldes de CP, rôles…). Tout utilisateur authentifié
pouvait donc lire ces informations sur tous ses collègues.
- chaque champ RH (isEmployee, hireDate, endDate, contractType, workTimeRatio,
  annualLeaveDays, referencePeriodStart, initialLeaveBalance) ainsi que roles
  est désormais exposé via #[ApiProperty(security: "is_granted('ROLE_ADMIN') or
  object == user")] : visible uniquement par un admin ou par l'utilisateur
  lui-même. id et username restent publics (sélecteurs d'assigné, avatars).

Minimisation : suppression de familySituation et nbChildren, collectés et
exposés (form RH, API, outil MCP) mais utilisés par aucun calcul.
- entité User + enum FamilySituation + migration de drop des colonnes
- Serializer MCP, update-user (MCP), EmployeeDrawer, DTO, fixtures, i18n

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
 2026-05-22 14:28:48 +02:00
Matthieu 2a0b202d32 feat(absences) : avancement module absences + suppression du portail client 
Deux lots regroupés sur la branche feat/absence-management.

Suppression complète du portail client :
- retire ROLE_CLIENT (security.yaml) ; User::getRoles() ajoute toujours ROLE_USER
- supprime l'entité ClientTicket (+ repo, states, relations), User.client et
  User.allowedProjects, NotificationService, ProjectAllowedExtension, le bloc
  ROLE_CLIENT de MailAccessChecker
- front : pages /portal, layout portal, composants client-ticket/,
  AdminClientTicketTab, services/dto/i18n/docs associés
- fixtures : retire les users client-liot / client-acme
- migration Version20260522110000 (drop client_ticket, user_allowed_projects,
  colonnes liées ; task_document.task_id -> NOT NULL)
- tests : retire les cas obsolètes testant le blocage des clients sur le mail

Module gestion des absences (WIP) :
- entités / migrations (Version20260521160000, Version20260522090000)
- pages absences.vue / team-absences.vue, composants frontend/components/absence/
- services front, AccrueLeaveCommand, PublicHolidayController

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
 2026-05-22 11:31:31 +02:00
Matthieu de98924fd3 feat(absences) : fondation backend du module de gestion des absences 
Module type Payfit (étapes 1+2 de la spec V1) : demande d'absence, validation
admin, soldes à jour.

- Enums : AbsenceType, AbsenceStatus, HalfDay, ContractType, FamilySituation
- Entités : AbsencePolicy, AbsenceBalance, AbsenceRequest + champs RH sur User
- Services : PublicHolidayProvider (fériés FR métropole en PHP pur, Computus),
  AbsenceDayCalculator (décompte jours ouvrés/ouvrables + demi-journées, TDD),
  AbsenceBalanceService (périodes + pending/taken/recrédit)
- API Platform : providers/processors (création, approve/reject/cancel) + RBAC
  me/admin, contrôleurs preview (dry-run), upload/download justificatif, calendrier
- Migrations : une par table + colonnes RH user (DEFAULT puis DROP DEFAULT)
- Fixtures : 5 policies par défaut, salariés démo, soldes et demandes
- Tests unitaires : PublicHolidayProvider, AbsenceDayCalculator (12 tests)

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
 2026-05-21 14:45:14 +02:00
matthieu e5c5371c74 Merge branch 'develop' into feat/mail-integration 2026-05-20 07:45:09 +00:00
matthieu c75dfa0371 fix(mail) : synchro multi-dossiers fiable contre OVH 
Trois causes racines révélées par une vraie synchro complète (139 dossiers) :
- contrainte UNIQUE globale sur message_id : fausse pour IMAP (un même Message-ID
  existe dans plusieurs dossiers) → violation → fermeture de l'EntityManager →
  cascade qui tuait tous les dossiers suivants. Migration : index simple à la place.
- 139 connexions IMAP (une par dossier) → throttling OVH (failed to authenticate) :
  réutilisation d'une seule connexion (closeConnection() ajouté à l'interface).
- état de connexion corrompu après un dossier en erreur (must be in SELECTED state) :
  reconnexion ciblée après chaque dossier en échec.
- garde anti-cascade : reset du ManagerRegistry + arrêt propre si l'EM se ferme.

Résultat : 456 messages sur 57 dossiers (avant : 188/30 puis crash). Les rares
dossiers à encodage spécial sont skippés proprement et réessayés au cycle suivant.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
 2026-05-20 08:21:02 +02:00
matthieu 696b40ca80 feat(mail) : install symfony/messenger + browser-kit + ENCRYPTION_KEY test (deps Phase 3) 
- ajoute symfony/messenger ^8.0 et symfony/doctrine-messenger ^8.0 pour la sync mail async
- ajoute symfony/browser-kit + css-selector en dev pour tests fonctionnels WebTestCase
- ENCRYPTION_KEY ajoutee dans phpunit.dist.xml pour permettre le chiffrement en test
- MESSENGER_TRANSPORT_DSN configure (Doctrine), messenger.yaml minimal (sera enrichi en Task 12)
- fix(orm) : ClientTicket - migre uniqueConstraints en attribut separe (Doctrine ORM 4 deprecation)

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
 2026-05-20 00:05:49 +02:00
matthieu cd9c16a990 feat(mail) : TaskMailLink entity + repository 2026-05-19 23:17:16 +02:00
matthieu 0c597bc653 feat(mail) : MailMessage entity + repository 2026-05-19 23:16:52 +02:00
matthieu 0c80159d7e feat(mail) : MailFolder entity + repository 2026-05-19 23:16:17 +02:00
matthieu 3cac87aa24 feat(mail) : MailConfiguration entity + repository + singleton test 2026-05-19 23:15:47 +02:00
matthieu 6a084489ea feat(workflow) : endpoint POST /projects/{id}/switch-workflow + processor transactionnel 2026-05-19 20:59:12 +02:00
matthieu cf94635121 feat(workflow) : valide que task.status appartient au workflow du projet 2026-05-19 20:59:12 +02:00
matthieu 8a68e0d397 feat(workflow) : ajoute workflow requis sur Project (RESTRICT) 2026-05-19 20:59:12 +02:00
matthieu 43e6d1aed2 feat(workflow) : ajoute workflow et category sur TaskStatus 2026-05-19 20:59:12 +02:00
matthieu a3e3fd6da6 feat(workflow) : ajoute l'entité Workflow et son repository 2026-05-19 20:59:12 +02:00
Matthieu feaa9f1875 feat(api-token) : génération du token MCP depuis la page profil
Auto Tag Develop / tag (push) Has been cancelled
Details 
Backend :
- POST /api/me/regenerate-api-token : nouveau controller, ROLE_USER (exclut CLIENT)
- User.apiToken exposé via groupe me:read sur GET /api/me

Frontend :
- Section 'Token API MCP' sur /profile (masquée pour les CLIENT du portail)
- Boutons Copier + Régénérer avec modal de confirmation
- Service api-token + DTO mis à jour + clés i18n fr
 2026-05-13 14:59:18 +02:00
Matthieu e41caa9cfe feat : add collaborators ManyToMany on Task entity 
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
 2026-04-09 09:53:53 +02:00
Matthieu 3e9a0c93eb fix(admin) : embed client and project in user list serialization 
Client.id/name and Project.id/name were missing the user:list group,
causing them to be serialized as IRI strings instead of embedded objects.
This broke the user edit form which expected object properties.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
 2026-03-20 14:20:17 +01:00
Matthieu 1d533d1d28 fix : allow ROLE_CLIENT to upload and view documents on client tickets 
GetCollection/Get required ROLE_USER which ROLE_CLIENT doesn't have.
Added TaskDocumentProvider to scope client access to their own tickets.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
 2026-03-20 14:17:48 +01:00
Matthieu 5a47adace5 feat : add TaskCalendarProcessor for CalDAV sync after DB operations 
Handles Patch (persist + sync + recurrence check) and Delete (remove + cleanup Zimbra events).
Updates TaskNumberProcessor to sync newly created tasks to calendar.
Wires TaskCalendarProcessor as processor for Patch/Delete on Task entity.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
 2026-03-19 18:10:35 +01:00
Matthieu e688c69438 feat : add calendar fields to Task entity (dates, sync, recurrence) 
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-03-19 18:10:35 +01:00
Matthieu e640e715bb feat : add ZimbraConfiguration entity for CalDAV settings 
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-03-19 18:10:34 +01:00
Matthieu 6784ee9ead feat : add TaskRecurrence entity with RecurrenceType enum 
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-03-19 18:10:34 +01:00
Matthieu dd9db93751 feat(project) : add delete button for empty projects with confirmation modal 
Adds taskCount virtual field on Project entity, delete button in ProjectDrawer
(visible only when taskCount === 0), and a reusable ConfirmDeleteProjectModal.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
 2026-03-18 11:07:41 +01:00
Matthieu ff7cff1d39 fix(backend) : add validation constraints and fix concurrent numbering 
- Add Assert\Choice on ClientTicket type and status with typed constants
- Add Assert\Url on GiteaConfiguration, BookStackConfiguration, TaskBookStackLink, ClientTicket
- Fix concurrent task/ticket numbering: use pg_advisory_xact_lock instead of FOR UPDATE with MAX()
- Wrap CreateTaskTool numbering in transaction
- Harmonize repository contracts: both return max number, caller adds +1

Tickets: T-004, T-008, T-011, T-012

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
 2026-03-17 15:27:16 +01:00
Matthieu ed58a402b0 fix(auth) : use dedicated plainPassword field for password hashing 
- Add non-persisted plainPassword field to User entity (write-only via API)
- Remove direct write access to password field
- Update UserPasswordHasherProcessor to hash from plainPassword
- Update frontend DTO and UserDrawer component

Ticket: T-009

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
 2026-03-17 15:27:16 +01:00
Matthieu 1c6f473dff feat(mcp) : add clientTicket relation to time entries 
Add ManyToOne relation from TimeEntry to ClientTicket entity.
MCP tools create-time-entry, update-time-entry, and list-time-entries
now support clientTicketId parameter for linking tickets to time entries.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
 2026-03-16 14:28:31 +01:00
matthieu e4fc34b90f refactor : simplify codebase and fix critical issues 
Backend:
- Add MCP Serializer to centralize entity-to-array conversion (~300 lines deduped)
- Fix race condition in task/ticket number generation (SELECT FOR UPDATE + transaction)
- Add unique constraint on task (project_id, number) with migration
- Fix MIME type validation: use server-detected finfo instead of client-supplied type
- Add allowlist of permitted MIME types for uploads
- Fix TaskDocumentDownloadController: allow ROLE_CLIENT access, add priority:1
- Fix notification sent even when ticket status unchanged
- Remove redundant exception constructors
- Simplify services (BookStackApi double fetch, TokenEncryptor, GiteaApi)
- Consolidate duplicate checks in processors

Frontend:
- Fix useApi isHandlingUnauthorized scope (module-level to prevent double 401 redirect)
- Fix client-tickets toast key copy-paste bug
- Merge duplicated tasks service methods (getByProject + getByProjectArchived)
- Extract shared uploadWithRelation helper in task-documents service
- Extract formatFileSize utility from duplicated component code
- Extract status transition logic into useClientTicketHelpers composable
- Remove dead code (unused router, handleLogout, empty script blocks)
- Merge duplicate watchers and onMounted calls
- Normalize arrow functions to function declarations per convention

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
 2026-03-15 22:09:16 +01:00
matthieu a5144443a4 fix(avatar) : address review findings — security and UX fixes 
- Use getMimeType() instead of getClientMimeType() to prevent MIME spoofing
- Change IsGranted to IS_AUTHENTICATED_FULLY so ROLE_CLIENT can access avatars
- Remove Groups from avatarFileName (only avatarUrl needed by frontend)
- Disable aggressive caching to prevent stale avatar images
- Add error handling to avatar upload in profile page
- Use i18n for "Mon profil" button text

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
 2026-03-15 22:02:27 +01:00
matthieu 63315c0a15 feat(avatar) : add avatarFileName field to User entity 
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
 2026-03-15 21:53:43 +01:00
matthieu cd8cea45c1 fix(security) : allow ROLE_CLIENT to read projects 
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
 2026-03-15 21:39:41 +01:00
matthieu 1f31a3a33f fix(portal) : embed project id/name in /me response for client users 
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
 2026-03-15 21:37:18 +01:00
matthieu 2a874046d3 feat : allow client to edit own tickets and protect status fields 
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
 2026-03-15 20:35:11 +01:00
matthieu 669c36cea1 feat(notification) : add Notification entity, repository, and migration 2026-03-15 19:45:47 +01:00
matthieu e16fd2053e feat : MCP server infrastructure setup 
Install symfony/mcp-bundle, add STDIO + HTTP transport config,
API token auth on User entity with custom authenticator and firewall,
generate-api-token console command, Nginx /_mcp location, fixture token.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
 2026-03-15 19:33:52 +01:00
matthieu 851953df1e feat : generalize TaskDocumentProcessor for client tickets 
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-03-15 19:28:04 +01:00
matthieu 926d6d54c5 feat : generalize TaskDocument for client tickets 
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-03-15 19:25:02 +01:00
matthieu a538bb3601 feat : add clientTicket relation to Task entity 
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-03-15 19:23:50 +01:00
matthieu 97dcff8542 feat : add ClientTicket entity 
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-03-15 19:23:36 +01:00
matthieu 87ab281099 feat : extend User entity with client and allowedProjects 
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-03-15 19:23:10 +01:00
matthieu 63febbea45 fix(security) : add ROLE_USER security on all read endpoints 
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-03-15 19:21:19 +01:00
matthieu edc441f363 fix(security) : exclude ROLE_USER for ROLE_CLIENT users 
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-03-15 19:20:46 +01:00
matthieu 8fbafc1f8a feat(bookstack) : add bookstackShelfId and bookstackShelfName to Project 2026-03-15 18:05:13 +01:00
matthieu 585cc3368f feat(bookstack) : add TaskBookStackLink entity and repository 2026-03-15 18:05:09 +01:00
matthieu 043826075d feat(bookstack) : add BookStackConfiguration entity and repository 2026-03-15 18:05:07 +01:00
matthieu cfaa6c42ec feat : add TaskDocument entity with Task relation 
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
 2026-03-15 18:03:20 +01:00
matthieu 0733ac16cd feat : add project archiving feature 
Allow projects to be archived/unarchived from the ProjectDrawer, with a
toggle filter on the projects page to show/hide archived projects.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-03-14 08:58:29 +01:00