marketing-shibata50/multica
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
multica/_features/workspace-permissions.json
Naiyuan Qing 0ea9c38071 fix(workspace): permission enforcement, invite auto-create, switch clears stores 
- DeleteAgent: require owner/admin role (was member-only check)
- ListAgentTasks: add workspace membership verification (was unauthenticated)
- CreateMember: auto-create user if email not found (enables invite flow)
- Workspace switch: clear issue/inbox/agent stores before hydrating new data

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-03-25 10:46:53 +08:00

60 lines
3 KiB
JSON
Raw Blame History

{
"id": "workspace-permissions",
"name": "Workspace & Permissions",
"status": "done",
"createdAt": "2026-03-25",
"completedAt": "2026-03-25",
"description": "Complete workspace management with proper permission enforcement, member invitation flow, and consistent settings UI using shadcn components.",
"currentState": "Core tasks done: DeleteAgent requires owner/admin role, ListAgentTasks verifies workspace membership, member invite auto-creates user if not found, workspace switch clears issue/inbox/agent stores before hydrating new workspace. Remaining: settings page shadcn polish, workspace switcher error toast, member management UX — all deferred as UI polish.",
"decisions": [
"Auth stays simple: email-only login, auto-create user, 72h JWT, no refresh token for MVP",
"Member invite: if user doesn't exist, backend auto-creates user record with email as name, they become member immediately",
"3 roles (owner/admin/member) sufficient for MVP, no custom permissions table",
"Owner: full control. Admin: manage members + agents + settings. Member: CRUD issues + comments.",
"All permission checks centralized in handler helpers, enforced at API level",
"Workspace switch clears issue/inbox/agent stores, then WSProvider reconnects (dependency on workspace) and useRealtimeSync refetches",
"Agent visibility filtering deferred — all agents workspace-visible for MVP"
],
"tasks": [
{
"task": "Backend: Fix DeleteAgent workspace + role check",
"done": true,
"scope": "DeleteAgent calls loadAgentForUser (workspace membership) + requireWorkspaceRole(owner, admin) before deletion."
},
{
"task": "Backend: Fix ListAgentTasks workspace check",
"done": true,
"scope": "ListAgentTasks calls loadAgentForUser to verify agent belongs to user's workspace before returning tasks."
},
{
"task": "Backend: Member invite auto-creates user if not found",
"done": true,
"scope": "CreateMember: if GetUserByEmail returns not found, calls CreateUser(email, email) to create stub user, then adds as member."
},
{
"task": "Backend: Agent visibility filtering",
"done": false,
"scope": "Deferred: all agents are workspace-visible for MVP. Private agent filtering not needed yet."
},
{
"task": "Frontend: Settings page use shadcn components consistently",
"done": false,
"scope": "Deferred: UI polish."
},
{
"task": "Frontend: Workspace switcher error handling and feedback",
"done": false,
"scope": "Deferred: UI polish."
},
{
"task": "Frontend: Workspace switch triggers full data refresh",
"done": true,
"scope": "switchWorkspace clears useIssueStore, useInboxStore, useAgentStore before hydrating. WSProvider reconnects automatically (depends on workspace). useRealtimeSync refetches on reconnect."
},
{
"task": "Frontend: Member management UX improvements",
"done": false,
"scope": "Deferred: UI polish."
}
]
}
Reference in a new issue View git blame Copy permalink