rebreak-monorepo

chahine/rebreak-monorepo

Fork 0

Commit Graph

Author	SHA1	Message	Date
chahinebrini	335945fe2c	feat(tier): plan limits Rev.2 + downgrade reconciliation + change-preview (Phase 2 backend) - plan-features.ts: globalBlocklist 'curated'\|'full' (curated = 30-domain stub, TODO real ~1-2k HaGeZi subset); maxAppDevices vs maxProtectedDevices split (legend maxProtectedDevices: 2); mail 1/3/Infinity - limit-enforcement structured errors on mail/connect, custom-domains/add, devices/enroll ({ error:'plan_limit', resource, current, limit }); approved-own-submissions already excluded from custom-domain count (slot frees on approval) - server/utils/downgrade-reconciliation.ts: founding-member exemption; re-upgrade reactivates paused mail + degraded devices; downgrade pauses newest-N mail accounts (isActive=false, pausedAt, pausedReason; pre-pause sets nextScanAt=now for a final sweep — real direct IMAP scan is TODO/stub); degrades excess device profiles (status='degraded', degradedAt); free → globalBlocklistGraceUntil = now+14d; custom domains grandfathered - set-plan.post.ts + stripe/webhook.post.ts: run reconciliation on plan change; set-plan accepts { foundingMember } for testing - GET /api/plan/change-preview?to=<plan>: gains/keeps/changes per resource (8 axes), founding-member → direction 'same' - me.get.ts: + foundingMember, globalBlocklistGraceUntil, planLimits block - blocklist + mail-scan honour globalBlocklistGraceUntil (grace → treat as 'full') - db: countMailConnections/getMailConnections exclude paused; getAllMailConnections; getDeviceBlocklistMode (active\|grace\|passthrough\|revoked) - migration 20260511_tier_system_phase2 (profiles.founding_member + global_blocklist_grace_until; mail_connections.paused_at/paused_reason; protected_devices.degraded_at). prisma generate + build:backend clean. TODOs (separate tickets): founding-member auto-counter on signup; real direct IMAP final-scan (not just nextScanAt nudge); real curated blocklist data + wiring the stub into the blocklist response for free users. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>	2026-05-11 16:23:02 +02:00
chahinebrini	587b0c273b	feat(admin): Phase 3 — requireAdmin middleware + verify-admin endpoint Backend-side admin-auth. Admin-App (apps/admin/) braucht das damit useAdminAuth.verifyAdminRole() nach Login server-side prüfen kann ob User in admin_users-tabelle steht. New schema: - model AdminUser → table rebreak.admin_users (user_id UUID PK FK Profile.id, created_at, added_by). Migration 20260508_admin_users/migration.sql. - ⚠️ SCHEMA-MIGRATION — NICHT autopushen. User entscheidet wann pipeline triggert. New backend code: - backend/server/db/admin.ts: isAdminUser(userId) → boolean - backend/server/utils/auth.ts: requireAdmin(event) wraps requireUser + isAdminUser-check. Throws 403 wenn nicht admin. - backend/server/api/admin/verify-admin.get.ts: GET endpoint. Returns { isAdmin: true, userId, email } bei success, 403 sonst, 401 if not auth'd. Tests (5 cases in tests/admin/verify-admin.test.ts): - isAdminUser DB-layer: row exists/null - requireAdmin: admin → user, non-admin → 403, no token → 401 - Endpoint: admin → success, non-admin → 403 Pending User-Actions nach Push+Deploy: 1. Migration deploy auf staging: ssh rebreak-server && cd /srv/rebreak && pnpm exec prisma migrate deploy 2. Seed-Admin eintragen: INSERT INTO "rebreak"."admin_users" ("user_id", "created_at") VALUES ('128df360-2008-4d6f-8aa1-bdb41ec1362f', NOW()) ON CONFLICT DO NOTHING; 3. Admin-App composables/useAdminAuth.ts kann dann verifyAdminRole() gegen GET /api/admin/verify-admin aufrufen Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>	2026-05-08 22:30:03 +02:00
RaynisDev	b58588cf3c	initial commit: rebreak-monorepo (RN app + standalone Nitro backend)	2026-05-06 07:13:43 +02:00

Author

SHA1

Message

Date

chahinebrini

335945fe2c

feat(tier): plan limits Rev.2 + downgrade reconciliation + change-preview (Phase 2 backend)

- plan-features.ts: globalBlocklist 'curated'|'full' (curated = 30-domain stub,
  TODO real ~1-2k HaGeZi subset); maxAppDevices vs maxProtectedDevices split
  (legend maxProtectedDevices: 2); mail 1/3/Infinity
- limit-enforcement structured errors on mail/connect, custom-domains/add, devices/enroll
  ({ error:'plan_limit', resource, current, limit }); approved-own-submissions already
  excluded from custom-domain count (slot frees on approval)
- server/utils/downgrade-reconciliation.ts: founding-member exemption; re-upgrade
  reactivates paused mail + degraded devices; downgrade pauses newest-N mail accounts
  (isActive=false, pausedAt, pausedReason; pre-pause sets nextScanAt=now for a final
  sweep — real direct IMAP scan is TODO/stub); degrades excess device profiles
  (status='degraded', degradedAt); free → globalBlocklistGraceUntil = now+14d;
  custom domains grandfathered
- set-plan.post.ts + stripe/webhook.post.ts: run reconciliation on plan change;
  set-plan accepts { foundingMember } for testing
- GET /api/plan/change-preview?to=<plan>: gains/keeps/changes per resource (8 axes),
  founding-member → direction 'same'
- me.get.ts: + foundingMember, globalBlocklistGraceUntil, planLimits block
- blocklist + mail-scan honour globalBlocklistGraceUntil (grace → treat as 'full')
- db: countMailConnections/getMailConnections exclude paused; getAllMailConnections;
  getDeviceBlocklistMode (active|grace|passthrough|revoked)
- migration 20260511_tier_system_phase2 (profiles.founding_member +
  global_blocklist_grace_until; mail_connections.paused_at/paused_reason;
  protected_devices.degraded_at). prisma generate + build:backend clean.

TODOs (separate tickets): founding-member auto-counter on signup; real direct IMAP
final-scan (not just nextScanAt nudge); real curated blocklist data + wiring the
stub into the blocklist response for free users.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>

2026-05-11 16:23:02 +02:00

chahinebrini

587b0c273b

feat(admin): Phase 3 — requireAdmin middleware + verify-admin endpoint

Backend-side admin-auth. Admin-App (apps/admin/) braucht das damit
useAdminAuth.verifyAdminRole() nach Login server-side prüfen kann ob User
in admin_users-tabelle steht.

New schema:
- model AdminUser → table rebreak.admin_users (user_id UUID PK FK Profile.id,
  created_at, added_by). Migration 20260508_admin_users/migration.sql.
- ⚠️  SCHEMA-MIGRATION — NICHT autopushen. User entscheidet wann pipeline
  triggert.

New backend code:
- backend/server/db/admin.ts: isAdminUser(userId) → boolean
- backend/server/utils/auth.ts: requireAdmin(event) wraps requireUser +
  isAdminUser-check. Throws 403 wenn nicht admin.
- backend/server/api/admin/verify-admin.get.ts: GET endpoint. Returns
  { isAdmin: true, userId, email } bei success, 403 sonst, 401 if not auth'd.

Tests (5 cases in tests/admin/verify-admin.test.ts):
- isAdminUser DB-layer: row exists/null
- requireAdmin: admin → user, non-admin → 403, no token → 401
- Endpoint: admin → success, non-admin → 403

Pending User-Actions nach Push+Deploy:
1. Migration deploy auf staging:
   ssh rebreak-server && cd /srv/rebreak && pnpm exec prisma migrate deploy
2. Seed-Admin eintragen:
   INSERT INTO "rebreak"."admin_users" ("user_id", "created_at")
   VALUES ('128df360-2008-4d6f-8aa1-bdb41ec1362f', NOW())
   ON CONFLICT DO NOTHING;
3. Admin-App composables/useAdminAuth.ts kann dann verifyAdminRole()
   gegen GET /api/admin/verify-admin aufrufen

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>

2026-05-08 22:30:03 +02:00

RaynisDev

b58588cf3c

initial commit: rebreak-monorepo (RN app + standalone Nitro backend)

2026-05-06 07:13:43 +02:00

3 Commits