janpeter/Scrum4Me
0
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
211 commits 95 branches 2 tags 10 MiB
Commit graph

211 commits

This branch
This branch
All branches
Author SHA1 Message Date
Madhura68
7edd7c8a26 chore: update API test script base URL and IDs; add ST-313 to backlog 
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-04-25 22:53:50 +02:00
Madhura68
4e62377c4f feat(ST-313): add Sprint nav link to navbar when on product page 
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-04-25 22:53:45 +02:00
Madhura68
0a27be4886 feat(ST-313): merge sprint board into single three-panel view 
- TriplePane component with two resizable dividers, localStorage persistence, mobile tabs
- SprintBoardClient replaces SprintBacklogClient + PlanningRightClient
- Left panel: Product Backlog (PBIs with stories to add to sprint)
- Middle panel: Sprint Backlog (stories in sprint, click to select, sortable)
- Right panel: TaskList for selected story
- /sprint/planning redirects to /sprint
- Remove PlanningLeft, PlanningRightClient, SprintBacklogClient

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-04-25 22:53:39 +02:00
Madhura68
4df83dcdbb feat(ST-108/ST-208): replace inline forms with PBI and story dialogs 
- PbiDialog: create/edit with priority select and optional description
- StoryDialog: create/edit with priority, description, acceptance criteria, activity log, and delete
- PrioritySelect: reusable controlled select component
- Edit icons always visible on PBI rows and story blocks
- Dialog backdrop uses 40% opacity blur

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-04-25 22:53:26 +02:00
Madhura68
ce6ba59540 feat(ST-208/ST-306): add description to PBI and story create actions 
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-04-25 22:52:15 +02:00
Madhura68
336edad5ce docs(ST-612): update Lars-flow checklist met todo Data Table stappen 
Stap 11 toegevoegd voor de todo-tabel (aanmaken, bewerken, bulk-archiveren,
product-filter, rolweergave in navbar). Resultaatblok uitgebreid met
npm test en curl-test verificatie.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-04-25 20:10:16 +02:00
Madhura68
f51937b36a docs: markeer ST-506/601/602/603/604/606/609/610/611 als afgerond 
ST-602 (error.tsx op (app)-niveau), ST-603 (Sonner), ST-604 (DemoTooltip),
ST-609 (security tests), ST-610 (CI), ST-611 (README) waren al gereed.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-04-25 20:09:55 +02:00
Madhura68
02096196ab feat(ST-601): add loading skeletons for dashboard, settings and todos 
De drie zware split-pane routes hadden al loading.tsx; dashboard,
settings en todos kregen elk een passende animate-pulse skeleton.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-04-25 20:09:48 +02:00
Madhura68
0595a2a5d9 feat(ST-506): toon gebruikersrollen in navigatiebalk 
Haalt rollen op in AppLayout en geeft ze door aan NavBar.
NavBar toont afkortingen (PO · SM · Dev) rechts van de navigatie.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-04-25 20:09:42 +02:00
Madhura68
7f57f2b36f feat(ST-510): add TodoCard — aanmaken, bewerken en promoveren 
- Aanmaken (+ knop): product-dropdown erft huidige filter, autoFocus op titel
- Bewerken (rij-klik): laadt todo in kaart; velden: product, titel, done-toggle
- Promoveren: → PBI en → Story knoppen openen bestaande dialogs
- key op TodoCard dwingt remount bij ander geselecteerde rij zodat
  defaultValue-velden altijd de juiste todo tonen
- SaveButton via useFormStatus voor pending-state op submit

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-04-25 20:00:57 +02:00
Madhura68
f1384a87c1 feat(ST-510): add updateTodoAction — title, product_id, done bijwerken 
Valideert eigenaarschap en product-toegang via productAccessFilter.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-04-25 20:00:48 +02:00
Madhura68
5dc8033b85 feat(ST-509): rebuild todo list as TanStack Data Table 
- @tanstack/react-table voor kolommen, paginering en rij-selectie
- Kolommen: multi-select checkbox, titel (line-clamp-2), productnaam-badge, datum
- Toolbar: product-filter dropdown, bulk-archiveer knop (telt selectie), + knop
- Paginering: 10 rijen per pagina met paginatelling (x–y van n)
- Rij-klik opent detail-kaart (placeholder; volgt in ST-510)
- Promote dialogs behouden voor gebruik in ST-510

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-04-25 19:55:36 +02:00
Madhura68
6fa768aabe feat(ST-509): add archiveSelectedTodosAction with ownership validation 
Validates all provided IDs belong to the session user before bulk-archiving.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-04-25 19:55:28 +02:00
Madhura68
5dd89739ce feat(ST-509): add Table UI primitives (Table, Header, Body, Row, Head, Cell) 
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-04-25 19:55:23 +02:00
Madhura68
fbd56aa934 docs(ST-509/510): verfijn plan — multi-select bulk-archiveer + promote in kaart 
ST-509: selectie-checkbox voor bulk-archivering (archiveSelectedTodosAction),
aparte rij-klik voor detail-kaart, paginatelling toegevoegd.
ST-510: done-toggle in kaart, promote-knoppen in kaart (→ PBI / → Story),
updateTodoAction dekt title + product_id + done.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-04-25 19:45:19 +02:00
Madhura68
e156ff1c61 docs(ST-509/510): plan Todo Data Table + detail-kaart in backlog M5 
Voegt ST-509 (Data Table met TanStack, filter, paginering) en ST-510
(detail-kaart voor aanmaken/bewerken/promoveren) toe aan de backlog.
ST-501–505 gemarkeerd als vervangen door het nieuwe ontwerp.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-04-25 19:40:41 +02:00
Madhura68
2dfd01e421 feat(todos): dropdown filters visible todos; 'Alles' toont alles 
De product-dropdown fungeert nu als filter voor de lijst:
- 'Alles' (default) toont alle todo's
- 'Geen product' toont alleen ongelinkte todo's
- Een specifiek product toont alleen todo's van dat product

Nieuw aangemaakte todo's krijgen het geselecteerde product mee.
'Alles' en 'Geen product' resulteren in een todo zonder productlink.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-04-25 19:23:54 +02:00
Madhura68
ca6510c98e fix(todos): only clear title on submit, preserve product dropdown selection 
Replace form.reset() with a titleRef so successful submission clears
the title input while leaving the selected product unchanged.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-04-25 19:20:37 +02:00
Madhura68
4d08c92af5 feat(todos): fix QuickInput — allow input without a product selected 
- Product select is no longer required; 'Geen product' is the default
- Input and submit button are no longer disabled for users with no products
- Form resets only on success (useEffect on state.success) instead of
  resetting on every submit including failures
- Inline error from server action is now displayed below the form
- Removed 'Maak eerst een product aan' message that blocked the form

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-04-25 19:17:12 +02:00
Madhura68
e991f4f185 feat(todos): include team-member products in todos page query 
Use productAccessFilter so users who are product members (not just
owners) see those products in the todo form and promote dialogs.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-04-25 19:17:05 +02:00
Madhura68
d03df529d3 feat(todos): make product optional in createTodoAction; fix promote scopes 
- createTodoAction: productId is now optional; validates with
  productAccessFilter when provided so team members can link todos
- promoteTodoToPbiAction: use productAccessFilter for product lookup;
  remove product_id from todo WHERE (was breaking unlinked todos)
- promoteTodoToStoryAction: only enforce product match when todo has
  a product_id (null means unlinked, any product is acceptable)

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-04-25 19:17:00 +02:00
Madhura68
43718c133e docs(todos): update architecture doc — product_id now nullable 
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-04-25 19:16:52 +02:00
Madhura68
3e949f5067 feat(todos): make Todo.product_id nullable with SetNull on delete 
Todos can now exist without a product link. Changed relation from
Cascade to SetNull so deleting a product doesn't delete unlinked todos.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-04-25 19:16:49 +02:00
Madhura68
35ccca49c2 chore(ci): upgrade actions to Node.js 24 (checkout@v5, setup-node@v5) 
Node.js 20 actions are deprecated and will be forced to Node.js 24
from June 2026. Bumps node-version to '24' across all three jobs.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-04-25 18:51:37 +02:00
Madhura68
ecc05dda37 chore: bump version to 0.3.1 
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-04-25 18:47:20 +02:00
Madhura68
53a6f9ec19 docs(tests): add scrum4me-test-plan.md with full API test plan and planning 
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-04-25 18:47:20 +02:00
Madhura68
bed13c2d04 docs(architecture): update todos.product_id to not null with cascade delete 
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-04-25 18:42:47 +02:00
Madhura68
6c7459c61f feat(db): make Todo.product_id non-nullable, cascade on product delete 
Aligns schema with the API and server action, both of which already
require product_id. Changes onDelete from SetNull to Cascade — deleting
a product now also removes its todos.

Run: npx prisma db push

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-04-25 18:42:47 +02:00
Madhura68
ab880e0b1f docs: add Testing section to README with npm test and curl script instructions 
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-04-25 18:38:50 +02:00
Madhura68
44acd96ee4 docs(tests): update lars-flow-checklist to reference test-api.sh and add missing endpoints 
Adds all 7 endpoints to the manual reference section (was missing
PATCH /api/sprints/:id/tasks/reorder, PATCH /api/tasks/:id, demo-block
curl example). Links automated testing to scripts/test-api.sh.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-04-25 18:38:49 +02:00
Madhura68
5918b29af3 docs(scripts): add scripts/README.md with token and ID setup instructions 
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-04-25 18:36:18 +02:00
Madhura68
b6c08851a0 chore(scripts): complete test-api.sh curl script for all 7 endpoints 
Fixes TC-TD-09 (product_id required → 400 not 201), TC-NS-08
(check_one_of for 200/404), TC-RO-10 (use TASK_ID directly to avoid
cross-story scope violation). Adds DEMO_TOKEN support for 403 tests
on all 4 write endpoints. Adds check_one_of helper and shorthand
request functions.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-04-25 18:36:17 +02:00
Madhura68
69a4ea27cd test(todos): add unit tests for POST /api/todos 
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-04-25 18:31:48 +02:00
Madhura68
a6ae9f3ed1 test(tasks): add unit tests for PATCH /api/tasks/:id 
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-04-25 18:31:46 +02:00
Madhura68
89f74f3dca test(reorder): add unit tests for PATCH /api/stories/:id/tasks/reorder 
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-04-25 18:31:45 +02:00
Madhura68
536456c1cd test(story-log): add unit tests for POST /api/stories/:id/log 
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-04-25 18:31:44 +02:00
Madhura68
dc7373e40d test(sprint-tasks): add unit tests for GET /api/sprints/:id/tasks 
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-04-25 18:31:38 +02:00
Madhura68
5903881580 test(next-story): add unit tests for GET /api/products/:id/next-story 
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-04-25 18:31:37 +02:00
Madhura68
eafdef4d5a test(products): add unit tests for GET /api/products 
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-04-25 18:31:35 +02:00
Madhura68
ead91cef5f test(security): extend security.test.ts to cover all 7 API endpoints 
Adds 401, 403 demo-block, and cross-user isolation tests for:
GET /api/products/:id/next-story, GET /api/sprints/:id/tasks,
PATCH /api/stories/:id/tasks/reorder, POST /api/stories/:id/log,
POST /api/todos. Expands prisma mock to cover all required models.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-04-25 18:26:54 +02:00
Madhura68
5070dd4133 chore(scripts): add test-api.sh curl test skeleton for all 7 API endpoints 
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-04-25 18:24:30 +02:00
Madhura68
46e795002f test(scaffold): add skeleton test files for all 7 API endpoints 
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-04-25 18:24:25 +02:00
Madhura68
0be3052f97 chore(tests): add tester user to prisma seed for cross-user isolation tests 
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-04-25 18:24:15 +02:00
Madhura68
db85d4b49e docs: add strict commit strategy to CLAUDE.md and README.md 
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-04-25 18:04:15 +02:00
Madhura68
2deea9e841 Added Beta development banner to the app. This will be removed once we are ready for a public release. 2026-04-25 17:26:35 +02:00
Madhura68
8e299915a8 Limit Prisma generation in CI 2026-04-25 17:17:35 +02:00
Madhura68
4ec0683f88 Document Prisma ERD generation 2026-04-25 17:08:55 +02:00
Madhura68
b5e967d8d3 Add analytics and documentation updates 2026-04-25 15:11:51 +02:00
Madhura68
e0efb65efb Fix scoped access checks 2026-04-25 14:36:55 +02:00
janpeter visser
d90a8fd560 fix: PATCH /api/tasks/:id geeft 403 bij cross-user toegang 
Vervang productAccessFilter in de WHERE clause door een expliciete
toegangscheck na het ophalen. findFirst haalt de taak op met product
en members (gefilterd op auth.userId); daarna wordt eigenaarschap of
teamlidmaatschap gecontroleerd en 403 teruggegeven bij geen toegang.

Dit herstelt het onderscheid 404 (taak bestaat niet) vs 403 (taak
bestaat maar geen toegang), zoals de beveiligingstest verwacht.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-04-25 13:44:51 +02:00