MALIO-DEV/Lesstime
3
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases 32 Wiki Activity
264 Commits 6 Branches 49 Tags
d6399c20e10e3ade5cc381ae562ff66e384989f0
Commit Graph

87 Commits

Author SHA1 Message Date
Matthieu
d6399c20e1 fix : fix MCP create-task tool crashing on task creation 
CreateTaskTool called nonexistent findMaxNumberByProject instead of
findMaxNumberByProjectForUpdate. Also removed FOR UPDATE clause from the
query as PostgreSQL does not support it with aggregate functions.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-03-16 09:26:36 +01:00
matthieu
e4fc34b90f refactor : simplify codebase and fix critical issues 
Backend:
- Add MCP Serializer to centralize entity-to-array conversion (~300 lines deduped)
- Fix race condition in task/ticket number generation (SELECT FOR UPDATE + transaction)
- Add unique constraint on task (project_id, number) with migration
- Fix MIME type validation: use server-detected finfo instead of client-supplied type
- Add allowlist of permitted MIME types for uploads
- Fix TaskDocumentDownloadController: allow ROLE_CLIENT access, add priority:1
- Fix notification sent even when ticket status unchanged
- Remove redundant exception constructors
- Simplify services (BookStackApi double fetch, TokenEncryptor, GiteaApi)
- Consolidate duplicate checks in processors

Frontend:
- Fix useApi isHandlingUnauthorized scope (module-level to prevent double 401 redirect)
- Fix client-tickets toast key copy-paste bug
- Merge duplicated tasks service methods (getByProject + getByProjectArchived)
- Extract shared uploadWithRelation helper in task-documents service
- Extract formatFileSize utility from duplicated component code
- Extract status transition logic into useClientTicketHelpers composable
- Remove dead code (unused router, handleLogout, empty script blocks)
- Merge duplicate watchers and onMounted calls
- Normalize arrow functions to function declarations per convention

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
 2026-03-15 22:09:16 +01:00
matthieu
a5144443a4 fix(avatar) : address review findings — security and UX fixes 
- Use getMimeType() instead of getClientMimeType() to prevent MIME spoofing
- Change IsGranted to IS_AUTHENTICATED_FULLY so ROLE_CLIENT can access avatars
- Remove Groups from avatarFileName (only avatarUrl needed by frontend)
- Disable aggressive caching to prevent stale avatar images
- Add error handling to avatar upload in profile page
- Use i18n for "Mon profil" button text

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
 2026-03-15 22:02:27 +01:00
matthieu
4d0aa65920 feat(avatar) : add avatar upload/serve/delete controller 
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
 2026-03-15 21:54:23 +01:00
matthieu
63315c0a15 feat(avatar) : add avatarFileName field to User entity 
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
 2026-03-15 21:53:43 +01:00
matthieu
cd8cea45c1 fix(security) : allow ROLE_CLIENT to read projects 
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
 2026-03-15 21:39:41 +01:00
matthieu
1f31a3a33f fix(portal) : embed project id/name in /me response for client users 
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
 2026-03-15 21:37:18 +01:00
matthieu
2a874046d3 feat : allow client to edit own tickets and protect status fields 
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
 2026-03-15 20:35:11 +01:00
matthieu
046ee396d3 feat(fixtures) : add users alice/bob/charlie and distribute task assignees 
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
 2026-03-15 20:25:14 +01:00
matthieu
0ba487cfa9 feat(fixtures) : add client users, client tickets, and ticket-task link 
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
 2026-03-15 20:20:27 +01:00
matthieu
6c910e7fcc fix : use native SQL for JSON roles query in PostgreSQL 
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
 2026-03-15 20:11:54 +01:00
matthieu
6d7e6f5f48 fix : allow admin users to create client tickets on any project 
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
 2026-03-15 20:07:19 +01:00
matthieu
2c28a4ad1d fix(notification) : add route priority to prevent API Platform conflict 
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
 2026-03-15 19:59:47 +01:00
matthieu
59b11f1225 feat(notification) : hook NotificationService into ticket processors 2026-03-15 19:47:06 +01:00
matthieu
4094048aba feat(notification) : add NotificationService and UserRepository::findByRole 2026-03-15 19:46:37 +01:00
matthieu
ce2eaa03e1 feat(notification) : add unread-count and mark-all-read custom controllers 2026-03-15 19:46:10 +01:00
matthieu
d932359024 feat(notification) : add NotificationProvider filtered by current user 2026-03-15 19:45:58 +01:00
matthieu
669c36cea1 feat(notification) : add Notification entity, repository, and migration 2026-03-15 19:45:47 +01:00
matthieu
3d1a510d82 feat : add 22 MCP tool classes for projects, tasks, and time tracking 
Tools: list-users, list-clients, list/get/create/update-project,
list/get/create/update/delete-task, list-statuses/priorities/efforts/tags,
list/create/update-group, list/create/update/delete-time-entry.

Attribute moved to class level for SDK discovery compatibility.
Install nyholm/psr7 for HTTP transport PSR-17 support.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
 2026-03-15 19:45:39 +01:00
matthieu
e16fd2053e feat : MCP server infrastructure setup 
Install symfony/mcp-bundle, add STDIO + HTTP transport config,
API token auth on User entity with custom authenticator and firewall,
generate-api-token console command, Nginx /_mcp location, fixture token.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
 2026-03-15 19:33:52 +01:00
matthieu
851953df1e feat : generalize TaskDocumentProcessor for client tickets 
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-03-15 19:28:04 +01:00
matthieu
b6cfe9d7d4 feat : add ClientTicketProvider with filtering 
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-03-15 19:27:24 +01:00
matthieu
f33f2f95ec feat : add ClientTicketStatusProcessor 
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-03-15 19:27:10 +01:00
matthieu
f27297517c feat : add ClientTicketNumberProcessor 
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-03-15 19:27:00 +01:00
matthieu
d2e27a04ce feat : add ClientTicketRepository 
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-03-15 19:25:45 +01:00
matthieu
926d6d54c5 feat : generalize TaskDocument for client tickets 
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-03-15 19:25:02 +01:00
matthieu
a538bb3601 feat : add clientTicket relation to Task entity 
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-03-15 19:23:50 +01:00
matthieu
97dcff8542 feat : add ClientTicket entity 
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-03-15 19:23:36 +01:00
matthieu
87ab281099 feat : extend User entity with client and allowedProjects 
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-03-15 19:23:10 +01:00
matthieu
63febbea45 fix(security) : add ROLE_USER security on all read endpoints 
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-03-15 19:21:19 +01:00
matthieu
edc441f363 fix(security) : exclude ROLE_USER for ROLE_CLIENT users 
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-03-15 19:20:46 +01:00
matthieu
4c19b68156 fix(gitea) : propagate API errors instead of silently returning empty results 
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
 2026-03-15 18:58:55 +01:00
matthieu
06771c17e0 fix(bookstack) : add uriVariables to BookStackLink and BookStackSearchResult 
API Platform 4 requires explicit uriVariables declaration for
URI template parameters on DTO resources.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
 2026-03-15 18:27:57 +01:00
matthieu
9e638c32b8 feat(bookstack) : add BookStackSearchResult API resource for shelf-scoped search 
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-03-15 18:10:47 +01:00
matthieu
bc331982d5 feat(bookstack) : add BookStackLink API resource with CRUD operations 
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-03-15 18:10:24 +01:00
matthieu
1e311242a9 feat(bookstack) : add BookStackShelf API resource for listing shelves 
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-03-15 18:09:51 +01:00
matthieu
97c6ef6a52 feat(bookstack) : add BookStackTestConnection API resource 
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-03-15 18:09:36 +01:00
matthieu
28fbc73248 feat(bookstack) : add BookStackSettings API resource with provider and processor 
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-03-15 18:09:20 +01:00
matthieu
df00b27a64 feat(bookstack) : add BookStackApiService 
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-03-15 18:08:51 +01:00
matthieu
ee38f99022 feat(bookstack) : add BookStackApiException 
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-03-15 18:08:15 +01:00
matthieu
06832c24e1 feat : add document upload processor, download controller and cleanup listener 
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
 2026-03-15 18:05:58 +01:00
matthieu
8fbafc1f8a feat(bookstack) : add bookstackShelfId and bookstackShelfName to Project 2026-03-15 18:05:13 +01:00
matthieu
585cc3368f feat(bookstack) : add TaskBookStackLink entity and repository 2026-03-15 18:05:09 +01:00
matthieu
043826075d feat(bookstack) : add BookStackConfiguration entity and repository 2026-03-15 18:05:07 +01:00
matthieu
8ec98a593a feat : add task_document migration 
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
 2026-03-15 18:04:14 +01:00
matthieu
3dd2d39222 refactor : rename GITEA_ENCRYPTION_KEY to ENCRYPTION_KEY 
Generic encryption key name for shared use across Gitea and BookStack
token encryption.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
 2026-03-15 18:03:52 +01:00
matthieu
cfaa6c42ec feat : add TaskDocument entity with Task relation 
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
 2026-03-15 18:03:20 +01:00
matthieu
445f51b473 fix(gitea) : fetch only branch-specific commits using compare API 
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-03-15 08:16:55 +01:00
matthieu
f888a29e0a refactor(frontend) : make page headers and filters sticky across all pages 
Wrap title + filters in a sticky container (top-8 sm:top-12, z-20, bg-white)
on all pages for consistent scroll behavior. Also fix SidebarTimer icon
visibility when sidebar is collapsed.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-03-14 09:21:45 +01:00
matthieu
b48ca10304 feat : populate all projects with tasks, groups and time entries in fixtures 
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-03-14 09:14:15 +01:00