janpeter/Scrum4Me
0
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
Scrum4Me/actions/tasks.ts
Janpeter Visser 6cd98129f2
M14: TaskDialog (create/edit) + story auto-promotion (#21) 
* chore(ST-1112): add deps for task dialog

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

* feat(ST-1112): add shared zod schema for task dialog

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

* feat(ST-1112): add missing MD3 tokens for task dialog

outline-variant, on-error-container, status-review (light + dark)

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

* feat(ST-1112): add saveTask and deleteTask server actions for TaskDialog

Unified create/edit action (saveTask) replaces separate formData-based
actions for the new TaskDialog. Uses shared zod schema, structured
SaveTaskResult union type, and context-aware revalidatePath for both
sprint and backlog routes.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

* feat(ST-1112): add TaskDialog component (create & edit mode)

Builds the full TaskDialog on top of the existing @base-ui/react
Dialog primitive. Covers create mode, edit mode (status field +
created_at metadata + delete), dirty-check AlertDialog, delete
confirm AlertDialog, Cmd+Enter submit, and per-field char counters.
Uses react-hook-form + zodResolver against the shared taskSchema.
Priority and status are extracted to PrioritySegmented and
StatusSelect sub-components using MD3 tokens throughout.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

* feat(ST-1112): refactor task-list to open TaskDialog via URL params

Replaces inline create/edit forms with router.push navigation:
- Clicking a task row → ?editTask=<id>
- "+ Taak" button → ?newTask=1&storyId=<storyId>
Removes CreateTaskForm, EditSubmitButton, updateTaskAction, and
createTaskAction from the component. Status toggle and DnD remain
unchanged. Rows now have cursor-pointer and keyboard a11y.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

* feat(ST-1112): wire TaskDialog into sprint page via searchParams

Sprint page now reads ?newTask, ?storyId, and ?editTask query params.
For edit mode: fetches the task server-side with productAccessFilter
scope (invalid/foreign IDs redirect to closePath). Renders TaskDialog
when either param is present. closePath is the sprint route without
query params.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

* feat(ST-1112): add Suspense skeleton for edit-mode task loading

Extracts task fetch into EditTaskLoader (async server component) so
the sprint board renders immediately while the task loads.
TaskDialogSkeleton shows 3 grey bars during the fetch. Invalid or
out-of-scope task IDs redirect to closePath.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

* feat(ST-1112): render description as markdown in task-detail-dialog

Solo task detail now renders description via react-markdown +
remark-gfm with prose styling. Sanitizes script/iframe elements.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

* test(ST-1112): add saveTask/deleteTask server action tests

Covers all three demo-policy layers and cross-tenant scope:
demo blocked (403), unauthenticated blocked, validation 422,
edit cross-tenant forbidden, create cross-tenant forbidden,
and happy-path for both edit and create.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

* feat(ST-1112): add updateTaskStatusWithStoryPromotion helper

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

* feat(ST-1112): wire story-promotion into saveTask and PATCH /api/tasks/:id

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

* docs(ST-1112): add task-dialog doc and architecture note

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

* chore: extend allowed tools in settings.local.json

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

* feat(ST-1113): add 200ms animation-delay to TaskDialogSkeleton to prevent flicker

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

* feat(ST-1114): add DirtyCloseGuard reusable component for dirty-form close confirmation

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

* feat(ST-1114): add shared Markdown wrapper, apply to task-detail and story-dialog

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

* chore: allow grep -E pattern in settings.local.json

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

---------

Co-authored-by: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-04-30 16:55:20 +02:00

314 lines
11 KiB
TypeScript
Raw Blame History

'use server'
import { revalidatePath } from 'next/cache'
import { cookies } from 'next/headers'
import { getIronSession } from 'iron-session'
import { z } from 'zod'
import { prisma } from '@/lib/prisma'
import { SessionData, sessionOptions } from '@/lib/session'
import { productAccessFilter } from '@/lib/product-access'
import { requireProductWriter } from '@/lib/auth'
import { taskSchema as sharedTaskSchema, type TaskInput } from '@/lib/schemas/task'
import { updateTaskStatusWithStoryPromotion } from '@/lib/tasks-status-update'
async function getSession() {
return getIronSession<SessionData>(await cookies(), sessionOptions)
}
// Return types for TaskDialog actions
export type SaveTaskResult =
| { ok: true; task: { id: string; title: string; status: string } }
| { ok: false; code: 422; error: 'validation'; fieldErrors: Record<string, string[]> }
| { ok: false; code: 403; error: 'demo_readonly' | 'forbidden' }
| { ok: false; code: 500; error: 'server_error' }
export type DeleteTaskResult =
| { ok: true }
| { ok: false; code: 403; error: 'demo_readonly' | 'forbidden' }
| { ok: false; code: 500; error: 'server_error' }
// Unified create/edit action used by TaskDialog.
// context.taskId present → edit; context.storyId present → create.
export async function saveTask(
input: TaskInput,
context: { taskId?: string; storyId?: string; productId: string },
): Promise<SaveTaskResult> {
const session = await getSession()
if (!session.userId) return { ok: false, code: 403, error: 'forbidden' }
if (session.isDemo) return { ok: false, code: 403, error: 'demo_readonly' }
const parsed = sharedTaskSchema.safeParse(input)
if (!parsed.success) {
return {
ok: false,
code: 422,
error: 'validation',
fieldErrors: parsed.error.flatten().fieldErrors as Record<string, string[]>,
}
}
const { title, description, implementation_plan, priority, status } = parsed.data
const scope = productAccessFilter(session.userId)
try {
if (context.taskId) {
const existing = await prisma.task.findFirst({
where: { id: context.taskId, story: { product: scope } },
select: { id: true, status: true },
})
if (!existing) return { ok: false, code: 403, error: 'forbidden' }
const taskId = context.taskId
const statusChanged = status !== undefined && status !== existing.status
const task = await prisma.$transaction(async (tx) => {
const updated = await tx.task.update({
where: { id: taskId },
data: {
title,
description: description ?? null,
implementation_plan: implementation_plan ?? null,
priority,
},
select: { id: true, title: true, status: true },
})
if (statusChanged) {
const result = await updateTaskStatusWithStoryPromotion(taskId, status, tx)
return { id: result.task.id, title: result.task.title, status: result.task.status }
}
return updated
})
revalidatePath(`/products/${context.productId}/sprint`)
revalidatePath(`/products/${context.productId}`)
return { ok: true, task: { ...task, status: task.status.toString() } }
}
if (!context.storyId) {
return { ok: false, code: 422, error: 'validation', fieldErrors: { storyId: ['Verplicht'] } }
}
const story = await prisma.story.findFirst({
where: { id: context.storyId, product: scope },
select: { sprint_id: true },
})
if (!story) return { ok: false, code: 403, error: 'forbidden' }
const last = await prisma.task.findFirst({
where: { story_id: context.storyId },
orderBy: { sort_order: 'desc' },
select: { sort_order: true },
})
const task = await prisma.task.create({
data: {
story_id: context.storyId,
sprint_id: story.sprint_id ?? null,
title,
description: description ?? null,
implementation_plan: implementation_plan ?? null,
priority,
sort_order: (last?.sort_order ?? 0) + 1.0,
status: 'TO_DO',
},
select: { id: true, title: true, status: true },
})
revalidatePath(`/products/${context.productId}/sprint`)
revalidatePath(`/products/${context.productId}`)
return { ok: true, task: { ...task, status: task.status.toString() } }
} catch {
return { ok: false, code: 500, error: 'server_error' }
}
}
// Delete action used by TaskDialog (context-aware revalidation).
export async function deleteTask(
taskId: string,
context: { productId: string },
): Promise<DeleteTaskResult> {
const session = await getSession()
if (!session.userId) return { ok: false, code: 403, error: 'forbidden' }
if (session.isDemo) return { ok: false, code: 403, error: 'demo_readonly' }
try {
const task = await prisma.task.findFirst({
where: { id: taskId, story: { product: productAccessFilter(session.userId) } },
})
if (!task) return { ok: false, code: 403, error: 'forbidden' }
await prisma.task.delete({ where: { id: taskId } })
revalidatePath(`/products/${context.productId}/sprint`)
revalidatePath(`/products/${context.productId}`)
return { ok: true }
} catch {
return { ok: false, code: 500, error: 'server_error' }
}
}
const taskSchema = z.object({
title: z.string().min(1, 'Titel is verplicht').max(200),
description: z.string().max(1000).optional(),
priority: z.coerce.number().int().min(1).max(4),
})
export async function createTaskAction(_prevState: unknown, formData: FormData) {
const session = await getSession()
if (!session.userId) return { error: 'Niet ingelogd' }
if (session.isDemo) return { error: 'Niet beschikbaar in demo-modus' }
const storyId = formData.get('storyId') as string
const sprintId = formData.get('sprintId') as string
const parsed = taskSchema.safeParse({
title: formData.get('title'),
description: formData.get('description') || undefined,
priority: formData.get('priority') ?? 2,
})
if (!parsed.success) return { error: parsed.error.flatten().fieldErrors }
const story = await prisma.story.findFirst({
where: { id: storyId, product: productAccessFilter(session.userId) },
})
if (!story) return { error: 'Story niet gevonden' }
const last = await prisma.task.findFirst({
where: { story_id: storyId },
orderBy: { sort_order: 'desc' },
})
const task = await prisma.task.create({
data: {
story_id: storyId,
sprint_id: sprintId || null,
title: parsed.data.title,
description: parsed.data.description ?? null,
priority: parsed.data.priority,
sort_order: (last?.sort_order ?? 0) + 1.0,
status: 'TO_DO',
},
})
revalidatePath(`/products/${story.product_id}/sprint/planning`)
return { success: true, task }
}
export async function updateTaskAction(_prevState: unknown, formData: FormData) {
const session = await getSession()
if (!session.userId) return { error: 'Niet ingelogd' }
if (session.isDemo) return { error: 'Niet beschikbaar in demo-modus' }
const id = formData.get('id') as string
const parsed = taskSchema.safeParse({
title: formData.get('title'),
description: formData.get('description') || undefined,
priority: formData.get('priority'),
})
if (!parsed.success) return { error: parsed.error.flatten().fieldErrors }
const task = await prisma.task.findFirst({
where: { id, story: { product: productAccessFilter(session.userId) } },
include: { story: true },
})
if (!task) return { error: 'Taak niet gevonden' }
await prisma.task.update({
where: { id },
data: { title: parsed.data.title, description: parsed.data.description ?? null, priority: parsed.data.priority },
})
revalidatePath(`/products/${task.story.product_id}/sprint/planning`)
return { success: true }
}
export async function updateTaskStatusAction(id: string, status: 'TO_DO' | 'IN_PROGRESS' | 'DONE') {
const session = await getSession()
if (!session.userId) return { error: 'Niet ingelogd' }
if (session.isDemo) return { error: 'Niet beschikbaar in demo-modus' }
const task = await prisma.task.findFirst({
where: { id, story: { product: productAccessFilter(session.userId) } },
include: { story: true },
})
if (!task) return { error: 'Taak niet gevonden' }
await updateTaskStatusWithStoryPromotion(id, status)
// /solo bewust niet revalideren: dat zou de page soft-navigaten en de
// open SSE-stream sluiten. De Solo Paneel-flow leunt op optimistic
// store-updates + realtime echo (M8). Sprint/planning heeft geen
// realtime en moet wèl revalidaten.
revalidatePath(`/products/${task.story.product_id}/sprint/planning`)
return { success: true }
}
export async function deleteTaskAction(id: string) {
const session = await getSession()
if (!session.userId) return { error: 'Niet ingelogd' }
if (session.isDemo) return { error: 'Niet beschikbaar in demo-modus' }
const task = await prisma.task.findFirst({
where: { id, story: { product: productAccessFilter(session.userId) } },
include: { story: true },
})
if (!task) return { error: 'Taak niet gevonden' }
await prisma.task.delete({ where: { id } })
revalidatePath(`/products/${task.story.product_id}/sprint/planning`)
return { success: true }
}
const updateTaskPlanSchema = z.object({
taskId: z.string().min(1),
productId: z.string().min(1),
implementationPlan: z.string().max(10000),
})
export async function updateTaskPlanAction(taskId: string, productId: string, implementationPlan: string) {
try {
await requireProductWriter(productId)
} catch (e) {
return { error: e instanceof Error ? e.message : 'Niet geautoriseerd' }
}
const parsed = updateTaskPlanSchema.safeParse({ taskId, productId, implementationPlan })
if (!parsed.success) return { error: 'Ongeldige invoer' }
const task = await prisma.task.findFirst({
where: { id: taskId, story: { product_id: productId } },
include: { story: true },
})
if (!task) return { error: 'Taak niet gevonden' }
await prisma.task.update({
where: { id: taskId },
data: { implementation_plan: implementationPlan || null },
})
// /solo bewust niet revalideren — zie updateTaskStatusAction.
revalidatePath(`/products/${productId}/sprint/planning`)
return { success: true }
}
export async function reorderTasksAction(storyId: string, orderedIds: string[]) {
const session = await getSession()
if (!session.userId) return { error: 'Niet ingelogd' }
if (session.isDemo) return { error: 'Niet beschikbaar in demo-modus' }
const story = await prisma.story.findFirst({
where: { id: storyId, product: productAccessFilter(session.userId) },
})
if (!story) return { error: 'Story niet gevonden' }
await prisma.$transaction(
orderedIds.map((id, i) =>
prisma.task.update({ where: { id }, data: { sort_order: i + 1.0 } })
)
)
revalidatePath(`/products/${story.product_id}/sprint/planning`)
return { success: true }
}
Reference in a new issue View git blame Copy permalink