4707ab5d6f
docs(01-03): complete token middleware + client portal data layer plan
...
- 01-03-SUMMARY.md: 3/3 tasks complete, npm run build passes
- Edge proxy pattern (proxy.ts), validate-token API route, ClientView type system
- /c/[token] Server Component operational, ready for Plan 04 dashboard UI
2026-05-14 21:25:56 +02:00
8b5e723f81
feat(01-03): add /c/[token] Server Component route + layout
...
- src/app/c/[token]/page.tsx: Server Component calls getClientView(), notFound() on null
- src/app/c/[token]/layout.tsx: layout with metadata for client portal
- [Rule 1 - Bug] Renamed middleware.ts → proxy.ts and export middleware → proxy
(Next.js 16 deprecated 'middleware' file convention; requires 'proxy' export name)
- params typed as Promise<{ token: string }> per Next.js 15+ breaking change
- npm run build: SUCCESS (no TypeScript errors)
2026-05-14 21:11:32 +02:00
14787bab10
feat(01-03): add ClientView type system and getClientView() query function
...
- ClientView interface enforces admin data exclusion: no quote_items, no service prices
- getClientView() queries clients.token, phases, tasks, deliverables, payments, documents, notes
- inArray() scoping prevents full table scan on tasks and deliverables
- accepted_total: client.accepted_total ?? '0' null coalescing
- Progress percentages calculated server-side (per-phase + global)
- Payment amount intentionally excluded — only label and status returned to client
2026-05-14 20:58:30 +02:00
ef3481744c
feat(01-03): add Edge middleware + internal validate-token API route
...
- src/middleware.ts: Edge-compatible token validation via fetch() (no Drizzle import)
- src/app/api/internal/validate-token/route.ts: Node.js route queries clients.token via Drizzle
- Invalid tokens rewrite to /not-found (404); matcher scoped to /c/:path*
2026-05-14 20:15:11 +02:00
1faca1f522
docs(01-02): complete Drizzle schema plan — 10 tables live on Postgres
...
- SUMMARY documenta schema, deviazioni (uuid->text+nanoid, drizzle-kit env),
threat surface e self-check PASSED
- Piano 03 (Middleware + /c/[token]) può partire
2026-05-13 22:49:47 +02:00
abcbb5224e
feat(01-02): [BLOCKING] drizzle-kit push — schema live on Postgres
...
- Connected to postgresql://178.104.27.55:5432/clienthub
- 10 tables created: clients, phases, tasks, deliverables, comments,
payments, documents, notes, service_catalog, quote_items
- UNIQUE constraint on clients.token active at DB level
- All FK constraints and CASCADE rules applied
- Verified via information_schema.tables query
2026-05-13 22:47:51 +02:00
a6ec599188
chore(01-02): generate Drizzle migration from schema (0000_pretty_typhoid_mary.sql)
...
- 10 tables: clients, phases, tasks, deliverables, comments, payments,
documents, notes, service_catalog, quote_items
- UNIQUE constraint on clients.token enforced at DB level
- All FK cascades correct (deliverables->tasks->phases->clients)
- approved_at: timestamp with time zone (nullable, immutable)
- drizzle.config.ts already correct from Plan 01 (no changes needed)
2026-05-13 22:46:54 +02:00
1bdbe7ab5d
feat(01-02): create complete Drizzle schema with all 10 tables
...
- clients: token as separate text field (notNull, unique, nanoid) — never PK
- accepted_total denormalized on clients — client API never touches quote_items
- deliverables.approved_at immutable timestamp (TIMESTAMPTZ) — audit trail
- payments: label (Acconto 50% / Saldo 50%), status (da_saldare/inviata/saldato)
- comments: polymorphic entity_type+entity_id pattern
- service_catalog + quote_items: admin-only, never exposed to client API
- Full relations defined for all FK chains
- TypeScript types exported: Client, Phase, Task, Deliverable, etc.
- ID strategy: text + nanoid() via $defaultFn (cryptographically secure, URL-safe)
2026-05-13 22:46:30 +02:00
2a24067005
docs(01-01): complete walking skeleton plan — Next.js 16 + Drizzle + shadcn/ui
...
Summary: 3/3 tasks completed, 4 auto-fixed deviations (all blocking/bug),
build passes, TypeScript strict, DATABASE_URL placeholder in .env.local
2026-05-13 15:33:31 +02:00
f8420072f4
feat(01-01): install shadcn/ui components and lucide-react icons
...
- components.json configured (Radix preset, CSS variables, @/ aliases)
- src/lib/utils.ts: cn() helper with clsx + tailwind-merge
- 10 shadcn/ui components: button, card, badge, progress, input, label,
select, separator, table, textarea
- lucide-react@0.511 installed for iconography
- clsx, tailwind-merge, class-variance-authority added as dependencies
2026-05-13 15:32:19 +02:00
6b5609b0cb
feat(01-01): install Drizzle ORM, postgres-js, and configure DB client
...
- drizzle-orm@0.45 .2 + postgres@3.4.9 installed (postgres-js driver)
- drizzle-kit@0.31.10 installed as dev dependency
- nanoid@5, zod@4, react-hook-form, @hookform/resolvers installed
- src/db/index.ts: Drizzle client initialized with postgres-js driver
- drizzle.config.ts: configured for postgresql dialect + src/db/schema.ts
- .env.example: added as public template (no secrets)
- .gitignore: allow .env.example while blocking all other .env* files
2026-05-13 15:30:53 +02:00
9563b87c81
chore(01-01): bootstrap Next.js 16 with TypeScript, App Router, Tailwind CSS v4
...
- Created Next.js 16.2.6 project with App Router, src/ directory, TypeScript strict mode
- Configured Tailwind CSS v4 with postcss.config.mjs
- Simplified src/app/page.tsx to Welcome to ClientHub placeholder
- Updated layout.tsx with ClientHub metadata, Italian lang, viewport export (Next.js 16 API)
- Added .gitignore covering node_modules, .env*, .next/, build artifacts
Note: create-next-app installed Next.js 16.2.6 (latest stable) instead of 15.x — fully compatible upgrade
2026-05-13 15:28:58 +02:00
2123dc9d00
fix(01-foundation): resolve plan checker blockers — 3 fixes across 01-02, 01-03, 01-04
...
- 01-02: wave corrected from 1 to 2 (has depends_on: ["01-01"])
- 01-03: middleware rewritten to Edge-compatible fetch pattern; internal API route
app/api/internal/validate-token/route.ts handles DB query in Node.js runtime;
tasks/deliverables queries scoped with inArray(); accepted_total null-coalesced
- 01-04: Task 1 and Task 6 merged → 5 tasks total (was 6, exceeded threshold)
- STATE.md: updated to reflect Phase 1 planning verified, ready for execution
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com >
2026-05-13 15:20:50 +02:00
81c667838f
docs(01-foundation-client-dashboard): complete phase 1 planning with 5-plan structure
...
Create comprehensive phase plans for Foundation & Client Dashboard:
- 01-01-PLAN.md: Walking Skeleton (Next.js 15 bootstrap + DB connection)
- 01-02-PLAN.md: Database schema (11 tables, Drizzle ORM, drizzle-kit push)
- 01-03-PLAN.md: Middleware token validation + ClientView type + data fetching
- 01-04-PLAN.md: Client dashboard UI (header, timeline, progress, payments, docs, notes)
- 01-05-PLAN.md: Seed script + DNS CNAME configuration
Also create SKELETON.md documenting locked architectural decisions for all future phases:
- Next.js 15 + Drizzle + postgres-js driver (Coolify Postgres)
- Token as separate rotatable field (not PK)
- ClientView enforcement (no quote_items exposed to client API)
- Approved_at immutable audit trail
- Two independent auth systems (client token + admin session)
- Vercel deployment with custom domain
Update ROADMAP.md to mark Phase 1 as planned (5 plans created) and ready for execution.
All plans follow MVP vertical-slice structure with 2-3 tasks per plan.
Walking Skeleton proves the entire stack works end-to-end.
Requirements mapping: DASH-01 through DASH-04, DASH-07 through DASH-10 covered.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com >
2026-05-13 11:27:19 +02:00
663aefeb38
docs(01): capture phase context
2026-05-13 11:18:08 +02:00
7192f5e82a
docs: create roadmap (4 phases)
2026-05-13 10:44:13 +02:00
b79fb4347a
docs: initialize project
2026-05-09 21:08:07 +02:00
Simone Cavalli