MasterMito/work-club-manager
1
0
Fork 0
Code Issues 1 Pull Requests Actions Packages Projects Releases 1 Wiki Activity
21 Commits 4 Branches 1 Tag
46bbac355b0d8cd13bd51af3264ffc72b62e9e26
Commit Graph

9 Commits

Author SHA1 Message Date
WorkClub Automation
46bbac355b feat(ui): add layout, club-switcher, and auth guard 
Implements Task 18: App Layout + Club-Switcher + Auth Guard

New components:
- TenantContext: Manages activeClubId state with TanStack Query
- QueryProvider: TanStack Query client wrapper (60s stale time)
- AuthGuard: Auth + tenant redirect logic (unauthenticated → /login)
- ClubSwitcher: shadcn DropdownMenu for switching clubs
- SignOutButton: Simple sign out button
- Protected layout: Sidebar navigation + top bar with ClubSwitcher

Key features:
- Fetches clubs from /api/clubs/me
- Auto-loads activeClubId from localStorage
- Sets X-Tenant-Id cookie on club switch
- Invalidates all queries on club switch
- Redirect logic: unauthenticated → /login, 0 clubs → message, 1 club → auto-select, >1 clubs + no active → /select-club

TDD:
- 6 AuthGuard tests (loading, unauthenticated, 0 clubs, 1 club, multiple clubs, authenticated)
- 3 ClubSwitcher tests (renders current club, lists all clubs, calls setActiveClub on selection)

Dependencies:
- Added @tanstack/react-query

All tests pass (25/25). Build succeeds.
 2026-03-03 19:59:14 +01:00
WorkClub Automation
54b893e34e test(frontend): add Playwright E2E test setup 
Implement Task 17: Frontend Test Infrastructure - Playwright

Configuration:
- playwright.config.ts: baseURL localhost:3000, Chromium only
- Screenshot on failure, trace on first retry
- Auto-start webServer (bun dev) if not running
- Test directory: ./e2e/

Smoke Test:
- e2e/smoke.spec.ts: Navigate to / and assert page title
- Verifies Next.js app loads successfully

Package Updates:
- Added @playwright/test@^1.58.2
- Added test:e2e script to run Playwright tests
- Chromium browser (v1208) installed

Note: Vitest setup was completed in Task 10
Build: TypeScript checks pass, 1 test discovered
Pattern: Standard Playwright configuration for Next.js
 2026-03-03 19:45:06 +01:00
WorkClub Automation
db880b3480 feat(clubs): add Club and Member API endpoints with auto-sync 
Implement Task 16: Club + Member API endpoints with MemberSyncService

Services:
- ClubService: GetMyClubsAsync (user's clubs), GetCurrentClubAsync (tenant club)
- MemberService: GetMembersAsync (list), GetMemberByIdAsync, GetCurrentMemberAsync
- MemberSyncService: Auto-creates Member records from JWT on first request

Middleware:
- MemberSyncMiddleware: Runs after auth, calls MemberSyncService

Endpoints:
- GET /api/clubs/me (list user's clubs)
- GET /api/clubs/current (current tenant's club)
- GET /api/members (list members, RLS filtered)
- GET /api/members/{id} (member detail)
- GET /api/members/me (current user's membership)

Tests: 14 integration tests (6 club + 8 member)
- Club filtering by user membership
- Multi-tenant isolation via RLS
- Member auto-sync on first request
- Cross-tenant access blocked
- Role-based authorization

Build: 0 errors, all tests compile
Pattern: TypedResults, RequireAuthorization policies, TDD approach
 2026-03-03 19:41:01 +01:00
WorkClub Automation
0ef1d0bbd4 feat(shifts): add Shift CRUD API with sign-up/cancel and capacity management 
- ShiftService with 7 methods: list, detail, create, update, delete, signup, cancel
- 5 DTOs: ShiftListDto, ShiftDetailDto, CreateShiftRequest, UpdateShiftRequest, ShiftSignupDto
- Minimal API endpoints: GET /api/shifts, GET /api/shifts/{id}, POST, PUT, DELETE, POST /signup, DELETE /signup
- Capacity validation: sign-up rejected when full → 409 Conflict
- Past shift blocking: cannot sign up for past shifts → 422 Unprocessable
- Duplicate signup prevention: check existing before create → 409 Conflict
- Concurrency: 2-attempt retry loop for last-slot race conditions
- Authorization: POST/PUT (Manager+), DELETE (Admin), signup/cancel (Member+)
- Test infrastructure: Added X-Test-UserId header support for member ID injection
- 13 TDD integration tests: CRUD, sign-up, capacity, past shift, concurrency
- Build: 0 errors (6 BouncyCastle warnings expected)

Task 15 complete. Wave 3: 3/5 tasks done.
 2026-03-03 19:30:23 +01:00
WorkClub Automation
8dfe32dc95 docs(plan): mark Task 14 complete 2026-03-03 19:19:27 +01:00
WorkClub Automation
cff101168c test(rls): add multi-tenant isolation integration tests 
- 6 comprehensive RLS tests: complete isolation, no context, insert protection, concurrent requests, cross-tenant spoof, interceptor verification
- Uses Testcontainers PostgreSQL + Dapper for raw SQL validation
- Parallel safety test: 50 concurrent requests with ConcurrentBag
- Build passes: 0 errors (6 expected BouncyCastle warnings)
- Evidence: task-13-rls-isolation.txt (21KB), task-13-concurrent-safety.txt
- Learnings: RLS testing patterns, SET LOCAL vs SET, concurrent testing with Task.WhenAll

Task 13 complete. Wave 3: 1/5 tasks done.
 2026-03-03 19:11:01 +01:00
WorkClub Automation
d3f8e329c3 feat(frontend-auth): complete NextAuth.js Keycloak integration with middleware, hooks, and API utility 
- Add middleware.ts for route protection (redirects unauthenticated users to /login)
- Add useActiveClub() hook for managing active club context (localStorage + session)
- Add apiClient() fetch wrapper with automatic Authorization + X-Tenant-Id headers
- Configure vitest with jsdom environment and global test setup
- Add comprehensive test coverage: 16/16 tests passing (hooks + API utility)
- Install test dependencies: vitest, @testing-library/react, @vitejs/plugin-react, happy-dom

Task 10 COMPLETE - all acceptance criteria met
 2026-03-03 19:01:13 +01:00
WorkClub Automation
4322ec925d docs(plan): mark Tasks 1-9, 11-12 as complete 
Wave 1 (Tasks 1-6): COMPLETE
Wave 2 (Tasks 7-12): Tasks 7-9, 11-12 COMPLETE; Task 10 partial (auth config only)
 2026-03-03 18:53:12 +01:00
Sisyphus Executor
c7dd3299d7 chore(scaffold): initialize git repo and monorepo with .NET solution 2026-03-03 14:02:37 +01:00