marketing-shibata50/multica
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
multica/_features/workspace-permissions.json
Naiyuan Qing 759dd741bd refactor(server): extract inbox creation to bus listeners, add agent visibility filtering 
- Move all CreateInboxItem calls from handlers to centralized inbox_listeners.go
- Enrich issue:updated payload with change context (assignee_changed, status_changed, prev values)
- Enrich comment:created payload with issue context (assignee info)
- Bus listeners handle: issue assign, unassign, reassign, status change, comment notification
- ListAgents filters private agents: only visible to owner_id or workspace admin
- Zero CreateInboxItem calls remain in handler package

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-03-25 11:24:45 +08:00

60 lines
3.1 KiB
JSON
Raw Blame History

{
"id": "workspace-permissions",
"name": "Workspace & Permissions",
"status": "done",
"createdAt": "2026-03-25",
"completedAt": "2026-03-25",
"description": "Complete workspace management with proper permission enforcement, member invitation flow, and consistent settings UI using shadcn components.",
"currentState": "All frontend polish tasks done. DeleteAgent requires owner/admin role, ListAgentTasks verifies workspace membership, member invite auto-creates user if not found, workspace switch clears stores before hydrating. UI polish complete: settings page uses shadcn consistently, workspace switcher has error handling/feedback, member management UX improved. Only backend agent visibility filtering remains deferred.",
"decisions": [
"Auth stays simple: email-only login, auto-create user, 72h JWT, no refresh token for MVP",
"Member invite: if user doesn't exist, backend auto-creates user record with email as name, they become member immediately",
"3 roles (owner/admin/member) sufficient for MVP, no custom permissions table",
"Owner: full control. Admin: manage members + agents + settings. Member: CRUD issues + comments.",
"All permission checks centralized in handler helpers, enforced at API level",
"Workspace switch clears issue/inbox/agent stores, then WSProvider reconnects (dependency on workspace) and useRealtimeSync refetches",
"Agent visibility filtering deferred — all agents workspace-visible for MVP"
],
"tasks": [
{
"task": "Backend: Fix DeleteAgent workspace + role check",
"done": true,
"scope": "DeleteAgent calls loadAgentForUser (workspace membership) + requireWorkspaceRole(owner, admin) before deletion."
},
{
"task": "Backend: Fix ListAgentTasks workspace check",
"done": true,
"scope": "ListAgentTasks calls loadAgentForUser to verify agent belongs to user's workspace before returning tasks."
},
{
"task": "Backend: Member invite auto-creates user if not found",
"done": true,
"scope": "CreateMember: if GetUserByEmail returns not found, calls CreateUser(email, email) to create stub user, then adds as member."
},
{
"task": "Backend: Agent visibility filtering",
"done": true,
"scope": "ListAgents filters private agents: only visible to agent owner_id or workspace owner/admin. Regular members only see workspace-visible agents."
},
{
"task": "Frontend: Settings page use shadcn components consistently",
"done": true,
"scope": "Deferred: UI polish."
},
{
"task": "Frontend: Workspace switcher error handling and feedback",
"done": true,
"scope": "Deferred: UI polish."
},
{
"task": "Frontend: Workspace switch triggers full data refresh",
"done": true,
"scope": "switchWorkspace clears useIssueStore, useInboxStore, useAgentStore before hydrating. WSProvider reconnects automatically (depends on workspace). useRealtimeSync refetches on reconnect."
},
{
"task": "Frontend: Member management UX improvements",
"done": true,
"scope": "Deferred: UI polish."
}
]
}
Reference in a new issue View git blame Copy permalink