janpeter/Scrum4Me
0
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions 2
104 commits 95 branches 2 tags 10 MiB
Commit graph

104 commits

This branch
This branch
All branches
Author SHA1 Message Date
Madhura68
02096196ab feat(ST-601): add loading skeletons for dashboard, settings and todos 
De drie zware split-pane routes hadden al loading.tsx; dashboard,
settings en todos kregen elk een passende animate-pulse skeleton.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-04-25 20:09:48 +02:00
Madhura68
0595a2a5d9 feat(ST-506): toon gebruikersrollen in navigatiebalk 
Haalt rollen op in AppLayout en geeft ze door aan NavBar.
NavBar toont afkortingen (PO · SM · Dev) rechts van de navigatie.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-04-25 20:09:42 +02:00
Madhura68
7f57f2b36f feat(ST-510): add TodoCard — aanmaken, bewerken en promoveren 
- Aanmaken (+ knop): product-dropdown erft huidige filter, autoFocus op titel
- Bewerken (rij-klik): laadt todo in kaart; velden: product, titel, done-toggle
- Promoveren: → PBI en → Story knoppen openen bestaande dialogs
- key op TodoCard dwingt remount bij ander geselecteerde rij zodat
  defaultValue-velden altijd de juiste todo tonen
- SaveButton via useFormStatus voor pending-state op submit

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-04-25 20:00:57 +02:00
Madhura68
f1384a87c1 feat(ST-510): add updateTodoAction — title, product_id, done bijwerken 
Valideert eigenaarschap en product-toegang via productAccessFilter.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-04-25 20:00:48 +02:00
Madhura68
5dc8033b85 feat(ST-509): rebuild todo list as TanStack Data Table 
- @tanstack/react-table voor kolommen, paginering en rij-selectie
- Kolommen: multi-select checkbox, titel (line-clamp-2), productnaam-badge, datum
- Toolbar: product-filter dropdown, bulk-archiveer knop (telt selectie), + knop
- Paginering: 10 rijen per pagina met paginatelling (x–y van n)
- Rij-klik opent detail-kaart (placeholder; volgt in ST-510)
- Promote dialogs behouden voor gebruik in ST-510

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-04-25 19:55:36 +02:00
Madhura68
6fa768aabe feat(ST-509): add archiveSelectedTodosAction with ownership validation 
Validates all provided IDs belong to the session user before bulk-archiving.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-04-25 19:55:28 +02:00
Madhura68
5dd89739ce feat(ST-509): add Table UI primitives (Table, Header, Body, Row, Head, Cell) 
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-04-25 19:55:23 +02:00
Madhura68
fbd56aa934 docs(ST-509/510): verfijn plan — multi-select bulk-archiveer + promote in kaart 
ST-509: selectie-checkbox voor bulk-archivering (archiveSelectedTodosAction),
aparte rij-klik voor detail-kaart, paginatelling toegevoegd.
ST-510: done-toggle in kaart, promote-knoppen in kaart (→ PBI / → Story),
updateTodoAction dekt title + product_id + done.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-04-25 19:45:19 +02:00
Madhura68
e156ff1c61 docs(ST-509/510): plan Todo Data Table + detail-kaart in backlog M5 
Voegt ST-509 (Data Table met TanStack, filter, paginering) en ST-510
(detail-kaart voor aanmaken/bewerken/promoveren) toe aan de backlog.
ST-501–505 gemarkeerd als vervangen door het nieuwe ontwerp.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-04-25 19:40:41 +02:00
Madhura68
2dfd01e421 feat(todos): dropdown filters visible todos; 'Alles' toont alles 
De product-dropdown fungeert nu als filter voor de lijst:
- 'Alles' (default) toont alle todo's
- 'Geen product' toont alleen ongelinkte todo's
- Een specifiek product toont alleen todo's van dat product

Nieuw aangemaakte todo's krijgen het geselecteerde product mee.
'Alles' en 'Geen product' resulteren in een todo zonder productlink.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-04-25 19:23:54 +02:00
Madhura68
ca6510c98e fix(todos): only clear title on submit, preserve product dropdown selection 
Replace form.reset() with a titleRef so successful submission clears
the title input while leaving the selected product unchanged.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-04-25 19:20:37 +02:00
Madhura68
4d08c92af5 feat(todos): fix QuickInput — allow input without a product selected 
- Product select is no longer required; 'Geen product' is the default
- Input and submit button are no longer disabled for users with no products
- Form resets only on success (useEffect on state.success) instead of
  resetting on every submit including failures
- Inline error from server action is now displayed below the form
- Removed 'Maak eerst een product aan' message that blocked the form

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-04-25 19:17:12 +02:00
Madhura68
e991f4f185 feat(todos): include team-member products in todos page query 
Use productAccessFilter so users who are product members (not just
owners) see those products in the todo form and promote dialogs.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-04-25 19:17:05 +02:00
Madhura68
d03df529d3 feat(todos): make product optional in createTodoAction; fix promote scopes 
- createTodoAction: productId is now optional; validates with
  productAccessFilter when provided so team members can link todos
- promoteTodoToPbiAction: use productAccessFilter for product lookup;
  remove product_id from todo WHERE (was breaking unlinked todos)
- promoteTodoToStoryAction: only enforce product match when todo has
  a product_id (null means unlinked, any product is acceptable)

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-04-25 19:17:00 +02:00
Madhura68
43718c133e docs(todos): update architecture doc — product_id now nullable 
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-04-25 19:16:52 +02:00
Madhura68
3e949f5067 feat(todos): make Todo.product_id nullable with SetNull on delete 
Todos can now exist without a product link. Changed relation from
Cascade to SetNull so deleting a product doesn't delete unlinked todos.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-04-25 19:16:49 +02:00
Madhura68
35ccca49c2 chore(ci): upgrade actions to Node.js 24 (checkout@v5, setup-node@v5) 
Node.js 20 actions are deprecated and will be forced to Node.js 24
from June 2026. Bumps node-version to '24' across all three jobs.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-04-25 18:51:37 +02:00
Madhura68
ecc05dda37 chore: bump version to 0.3.1 
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-04-25 18:47:20 +02:00
Madhura68
53a6f9ec19 docs(tests): add scrum4me-test-plan.md with full API test plan and planning 
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-04-25 18:47:20 +02:00
Madhura68
bed13c2d04 docs(architecture): update todos.product_id to not null with cascade delete 
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-04-25 18:42:47 +02:00
Madhura68
6c7459c61f feat(db): make Todo.product_id non-nullable, cascade on product delete 
Aligns schema with the API and server action, both of which already
require product_id. Changes onDelete from SetNull to Cascade — deleting
a product now also removes its todos.

Run: npx prisma db push

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-04-25 18:42:47 +02:00
Madhura68
ab880e0b1f docs: add Testing section to README with npm test and curl script instructions 
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-04-25 18:38:50 +02:00
Madhura68
44acd96ee4 docs(tests): update lars-flow-checklist to reference test-api.sh and add missing endpoints 
Adds all 7 endpoints to the manual reference section (was missing
PATCH /api/sprints/:id/tasks/reorder, PATCH /api/tasks/:id, demo-block
curl example). Links automated testing to scripts/test-api.sh.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-04-25 18:38:49 +02:00
Madhura68
5918b29af3 docs(scripts): add scripts/README.md with token and ID setup instructions 
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-04-25 18:36:18 +02:00
Madhura68
b6c08851a0 chore(scripts): complete test-api.sh curl script for all 7 endpoints 
Fixes TC-TD-09 (product_id required → 400 not 201), TC-NS-08
(check_one_of for 200/404), TC-RO-10 (use TASK_ID directly to avoid
cross-story scope violation). Adds DEMO_TOKEN support for 403 tests
on all 4 write endpoints. Adds check_one_of helper and shorthand
request functions.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-04-25 18:36:17 +02:00
Madhura68
69a4ea27cd test(todos): add unit tests for POST /api/todos 
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-04-25 18:31:48 +02:00
Madhura68
a6ae9f3ed1 test(tasks): add unit tests for PATCH /api/tasks/:id 
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-04-25 18:31:46 +02:00
Madhura68
89f74f3dca test(reorder): add unit tests for PATCH /api/stories/:id/tasks/reorder 
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-04-25 18:31:45 +02:00
Madhura68
536456c1cd test(story-log): add unit tests for POST /api/stories/:id/log 
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-04-25 18:31:44 +02:00
Madhura68
dc7373e40d test(sprint-tasks): add unit tests for GET /api/sprints/:id/tasks 
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-04-25 18:31:38 +02:00
Madhura68
5903881580 test(next-story): add unit tests for GET /api/products/:id/next-story 
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-04-25 18:31:37 +02:00
Madhura68
eafdef4d5a test(products): add unit tests for GET /api/products 
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-04-25 18:31:35 +02:00
Madhura68
ead91cef5f test(security): extend security.test.ts to cover all 7 API endpoints 
Adds 401, 403 demo-block, and cross-user isolation tests for:
GET /api/products/:id/next-story, GET /api/sprints/:id/tasks,
PATCH /api/stories/:id/tasks/reorder, POST /api/stories/:id/log,
POST /api/todos. Expands prisma mock to cover all required models.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-04-25 18:26:54 +02:00
Madhura68
5070dd4133 chore(scripts): add test-api.sh curl test skeleton for all 7 API endpoints 
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-04-25 18:24:30 +02:00
Madhura68
46e795002f test(scaffold): add skeleton test files for all 7 API endpoints 
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-04-25 18:24:25 +02:00
Madhura68
0be3052f97 chore(tests): add tester user to prisma seed for cross-user isolation tests 
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-04-25 18:24:15 +02:00
Madhura68
db85d4b49e docs: add strict commit strategy to CLAUDE.md and README.md 
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-04-25 18:04:15 +02:00
Madhura68
2deea9e841 Added Beta development banner to the app. This will be removed once we are ready for a public release. 2026-04-25 17:26:35 +02:00
Madhura68
8e299915a8 Limit Prisma generation in CI 2026-04-25 17:17:35 +02:00
Madhura68
4ec0683f88 Document Prisma ERD generation 2026-04-25 17:08:55 +02:00
Madhura68
b5e967d8d3 Add analytics and documentation updates 2026-04-25 15:11:51 +02:00
Madhura68
e0efb65efb Fix scoped access checks 2026-04-25 14:36:55 +02:00
janpeter visser
d90a8fd560 fix: PATCH /api/tasks/:id geeft 403 bij cross-user toegang 
Vervang productAccessFilter in de WHERE clause door een expliciete
toegangscheck na het ophalen. findFirst haalt de taak op met product
en members (gefilterd op auth.userId); daarna wordt eigenaarschap of
teamlidmaatschap gecontroleerd en 403 teruggegeven bij geen toegang.

Dit herstelt het onderscheid 404 (taak bestaat niet) vs 403 (taak
bestaat maar geen toegang), zoals de beveiligingstest verwacht.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-04-25 13:44:51 +02:00
janpeter visser
e94959c5bc feat: PB-overzicht in instellingen + documentatie bijgewerkt 
Settings:
- "Mijn teams" vervangen door gecombineerde "Product Backlogs" sectie
- Toont eigen producten (badge Eigenaar) en team-lidmaatschappen (badge Developer)
- Productnaam is klikbaar naar de product backlog
- "Verlaten"-knop met bevestiging alleen voor Developer-lidmaatschappen
- Lege staat met link naar product aanmaken

Docs:
- architecture.md: users tabel aangevuld met bio/bio_detail/avatar_data;
  Prisma schema excerpt bijgewerkt; projectstructuur bijgewerkt (profile route, ProfileEditor)
- functional-spec.md: F-02b gebruikersprofiel en F-02c PB-overzicht toegevoegd;
  datamodel users rij bijgewerkt; settings route bijgewerkt
- backlog.md: ST-507 profiel en ST-508 PB-overzicht toegevoegd als afgerond

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-04-25 13:40:47 +02:00
janpeter visser
ec9de5a962 fix: header en footer sticky op landingspagina 
Zelfde patroon als (app) layout: h-screen overflow-hidden op de wrapper,
flex-1 overflow-y-auto op main, shrink-0 op footer.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-04-25 13:32:32 +02:00
janpeter visser
1ff894a6c0 feat: gebruikersprofiel met avatar, bio en uitgebreide beschrijving 
- Schema: bio (160), bio_detail (2000) en avatar_data (bytea) op User
- POST /api/profile/avatar: validatie MIME-type + max 12 MB vóór verwerking,
  Sharp resize naar max 700x700 (fit inside), output WebP q85, opgeslagen als bytea in Neon
- GET /api/profile/avatar: serveert avatar met Cache-Control private 1u
- updateProfileAction: slaat bio en bio_detail op via Server Action + Zod
- ProfileEditor client component: avatar preview, upload met client-side validatie,
  bio-velden met tekenlimieten
- Settings page: profiel-sectie bovenaan, uitgeschakeld voor demo-gebruiker
- next.config: sharp als serverExternalPackage

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-04-25 13:30:38 +02:00
janpeter visser
45011a3347 docs: architectuur en spec bijgewerkt na implementatie 
- Next.js 15 → 16 in architecture doc en stack-tabel
- ProductMember model toegevoegd aan datamodel-sectie en Prisma schema excerpt
- implementation_plan veld gedocumenteerd bij tasks tabel
- lib/product-access.ts en components/products|settings toegevoegd aan projectstructuur
- Functionele spec: MVP-scope bijgewerkt met teambeheer; scope-bullet uitnodigingsflow aangepast
- Rolbeheer-spec: acceptatiecriterium "geen effect in v1" vervangen door Developer-vereiste voor teams
- v2 backlog: multi-user item herschreven naar uitnodigingsflow (basis teambeheer is nu v1)

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-04-25 13:13:14 +02:00
janpeter visser
357b1e32e8 feat: ProductMember — team management for product backlogs 
- Add ProductMember model (many-to-many User ↔ Product)
- Add productAccessFilter helper (owner OR member OR clause)
- Replace all ownership checks across actions and API routes
- Add addProductMemberAction / removeProductMemberAction / leaveProductAction
- Add TeamManager component in product settings (owner adds/removes Developers)
- Add LeaveProductButton in user settings (member leaves a product team)
- Regenerate Prisma Client after schema migration

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-04-25 13:09:44 +02:00
janpeter visser
fc12e3cc64 feat: landingspagina met app-uitleg, Scrum-samenvatting en gebruikershandleiding 
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-04-25 12:47:32 +02:00
janpeter visser
76d6f0a09d fix: nav en statusbar vast op top/bottom via h-screen layout 
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-04-25 12:40:05 +02:00