curo/kite
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
220 Commits 1 Branch 0 Tags
46f7505e36943ea0964957e0721cf0ce2e4d9277
Commit Graph

101 Commits

Author SHA1 Message Date
curo1305 46f7505e36 chore: merge executor worktree (worktree-agent-af66944050628b0e4) 2026-05-31 15:23:36 +02:00
curo1305 893da5b9ba docs(06.2-04): complete ADMIN-06 audit enrichment + daily exports — 10 tests pass 
- Handle-enriched audit log (user_handle, actor_handle via aliased double-JOIN)
- user_handle filter with handle-to-UUID resolution, empty result for unknown handles
- fetch+Blob CSV export replacing window.location.href (T-06.2-04-03)
- GET /audit-log/daily-exports and /daily-exports/{date} with date regex validation
- Daily exports section in AuditLogTab with date dropdown + Download button
- Full audit test suite: 10 passed; backend suite: 337 passed, 1 pre-existing failure
 2026-05-31 15:22:46 +02:00
curo1305 f176235ee8 docs(phase-04): update VALIDATION.md — Nyquist-compliant (all gaps resolved) 
Mark nyquist_compliant: true. All 22 tasks now have automated coverage.
4 gaps resolved: FOLD-04 sort, FOLD-05 FTS, SEC-08 credentials_enc, SEC-09
MinIO cleanup. 1 impl bug logged and fixed (FTS try/except misplacement).

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-05-31 15:21:08 +02:00
curo1305 eab5f124f6 docs(06.2-03): complete cloud-delete gap closure — 24 tests pass 
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-05-31 15:11:51 +02:00
curo1305 e812922a26 docs(06.2-02): complete SHARE-05 + SHARE-03 gap closure — 12 tests pass 
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-05-31 15:07:26 +02:00
curo1305 3cc4a5335d docs(phase-03): update VALIDATION.md — Nyquist-compliant (partial) 
15 automated tests green, 4 manual-only (PostgreSQL/migration infra).
Added 4 previously unlisted passing tests to task map (D-15, D-16, D-09×2).
Audit trail appended. Status: nyquist_compliant: true, status: partial.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-05-31 15:07:23 +02:00
curo1305 7e62868fea docs(phase-02): add VALIDATION.md — Nyquist-compliant, all 24 tasks mapped, 4 manual-only 
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-05-31 12:04:28 +02:00
curo1305 21fde406e7 docs(06.2-01): complete Wave 0 Nyquist scaffold — 11 xfail stubs across 3 test files 
- 3 stubs in test_shares.py (SHARE-03 permission field, PATCH, IDOR)
- 3 stubs in test_documents.py (cloud delete propagation, failure, remove_only)
- 5 stubs in test_audit.py (handle enrichment, handle filter x2, daily exports x2)
- All 11 reported as XFAIL; full 3-file suite: 35 passed, 15 xfailed, exits 0
 2026-05-31 11:58:58 +02:00
curo1305 708fd7fad0 docs(phase-6.2): record planning complete — 4 plans verified, state updated 
- ROADMAP.md: progress table → Planned; wave annotations already added by planner
- STATE.md: phase 6.2 row → Planned (4 plans, 3 waves); session note added
- 06.2-03-PLAN.md: remove incorrect SHARE-03/SHARE-05 from requirements field
- 06.2-RESEARCH.md: mark Open Questions section as RESOLVED
- 06.2-UI-SPEC.md: add to version control (was untracked)

Verification: 0 blockers, 2 cosmetic warnings fixed.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-05-31 11:41:32 +02:00
curo1305 4adc77d8cc docs(06.2): create 4-plan phase covering SHARE-03, SHARE-05, cloud-delete, ADMIN-06 
Wave 0: 11 xfail stubs across test_shares/test_documents/test_audit
Wave 1 (parallel): SHARE-05 badge + SHARE-03 permission control; cloud-delete propagation
Wave 2: audit handle enrichment, user_handle filter, CSV fetch+Blob, daily-export UI

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-05-31 11:36:33 +02:00
curo1305 67f0c01540 docs(phase-6.2): add validation strategy 2026-05-31 11:12:23 +02:00
curo1305 695649eefa docs(06.2): add research document for phase 6.2 gap-closure 
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-05-31 11:10:59 +02:00
curo1305 7be48266ae docs(06.2): capture phase context + fix admin user creation 500 
- Phase 6.2 CONTEXT.md: cloud-delete propagation, SHARE-03/05, audit
  log CSV export fix, daily export UI, user handle display
- Fix: admin create_user missing session.flush() before write_audit_log
  caused FK violation on PostgreSQL (silent on SQLite)
- Regression test: test_create_user_writes_audit_log in test_admin_api.py

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-05-31 11:00:45 +02:00
curo1305 3825f670a1 docs(phase-6.1): add VALIDATION.md and commit VERIFICATION.md 
VALIDATION.md: Nyquist audit — 3 gaps found, 2 resolved automated
(SHARE-03 permission field, SHARE-05 is_shared indicator), 1 escalated
to manual-only (STORE-06 requires INTEGRATION=1 PostgreSQL).

VERIFICATION.md: was untracked artifact from gsd-verifier run.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-05-30 23:38:16 +02:00
curo1305 56bfdba8d1 docs(phase-6.1): mark phase complete — 12 tests, 310 total passing 
SHARE-01..05 and ADMIN-06 test coverage gaps closed.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-05-30 23:30:34 +02:00
curo1305 5762f65b09 docs(6.1): add code review report — 3 warnings, 2 info 
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-05-30 23:24:05 +02:00
curo1305 1e4654aad5 docs(phase-6.1): update tracking after wave 1 — both plans complete 
11 tests passing (7 shares + 4 audit), 309 total, 0 failures.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-05-30 23:18:04 +02:00
curo1305 21ea3bf169 chore: merge executor worktree (06.1-01 shares tests) 2026-05-30 23:16:38 +02:00
curo1305 eee9970cf2 chore: merge executor worktree (06.1-02 audit tests) 2026-05-30 23:16:14 +02:00
curo1305 ec14fc722f docs(6.1-01): complete plan — promote test_shares.py stubs to real tests 
- 2/2 tasks complete: second_auth_user fixture + 7 real share tests
- 7 PASSED in Docker (0 xfailed, 0 failed)
- SHARE-01..05 requirements covered
 2026-05-30 23:13:09 +02:00
curo1305 0ccdee48ba docs(6.1-02): complete plan 06.1-02 — promote test_audit.py stubs to real tests 
- 4 PASSED, 0 xfailed; ADMIN-06 test coverage complete
 2026-05-30 23:11:01 +02:00
curo1305 838698e715 docs(06): capture phase context — performance & production hardening 
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-05-30 22:41:14 +02:00
curo1305 767c5234de docs(milestone): update v1.0 audit — Phase 1 Nyquist upgraded to compliant 
Phase 1 moved from partial_phases to compliant_phases after
gsd-validate-phase 1 closed all 3 gaps. Audit status remains
gaps_found (3 blockers unchanged: SHARE-02/DOC-01, STORE-06/SEC-09,
ADMIN-06). Nyquist overall: partial (phases 3, 4 still draft; phase 2
missing).

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-05-30 21:34:09 +02:00
curo1305 a2ece9ee7d docs(phase-1): mark VALIDATION.md Nyquist-compliant — all 6 rows green 
Audit 2026-05-30: 3 gaps closed (STORE-07 concurrent test added,
test_confirm_endpoint unblocked, alembic tests moved to manual-only).
nyquist_compliant: true, status: compliant.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-05-30 18:57:07 +02:00
curo1305 33e5efe846 docs(v1.0): add milestone audit — 48/54 requirements satisfied, 3 blockers 
Audit findings: share recipient doc-metadata 404 (SHARE-02/DOC-01),
cloud document delete corrupts MinIO quota (STORE-06/SEC-09), admin
CSV export returns 403 (ADMIN-06). 6 tech debt warnings.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-05-30 18:44:16 +02:00
curo1305 710e535411 docs(phase-5): mark VALIDATION.md Nyquist-compliant — all 13 rows green 
All 117 cloud tests pass; 13/13 validation map requirements COVERED.
Updated status, frontmatter, sign-off, and added audit trail.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-05-30 18:24:12 +02:00
curo1305 cafdceef10 docs(phase-5): add security threat verification 
56/56 threats verified CLOSED across all 12 plans. 14 accepted risks documented. Unregistered flag (GET /connections/{id}/config) reviewed and confirmed fully mitigated.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-05-30 18:18:22 +02:00
curo1305 1a6fa08a34 docs(05): add code review and verification reports for phase 5 
REVIEW.md: 3 critical findings fixed (HTTPException passthrough,
Redis pre-flight ordering, CLOUD_CREDS_KEY in celery-worker env)
VERIFICATION.md: 7/7 must-haves verified; 6 human-verification items
require live cloud credentials (Google Drive, OneDrive, Nextcloud/WebDAV)

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-05-30 18:07:42 +02:00
curo1305 12dd692f00 docs(05): mark phase 5 complete — 12/12 plans done, all UAT gaps resolved 
Update STATE.md and ROADMAP.md to reflect plan 05-12 completion and Phase 5
as fully complete. All UAT gaps (OneDrive 500 → 400, cloud stream 500 → 502,
upload hint) resolved. 293 tests passing.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-05-30 17:56:18 +02:00
curo1305 10175ee4b5 fix(05-12): close 3 UAT gaps — OAuth 400 preflight, 502 cloud fallback, upload hint 
- oauth_initiate: pre-flight check returns 400 with env-var hint when
  GOOGLE_CLIENT_ID/SECRET or ONEDRIVE_CLIENT_ID/SECRET are not configured,
  preventing opaque MSAL/OAuth library 500 errors on misconfigured servers
- stream_document_content: broad except-clause catches non-CloudConnectionError
  exceptions and returns 502 with user-friendly message (was raw 500)
- docker-compose.yml: add volumes: - ./backend:/app to celery-worker so code
  changes are picked up by docker compose restart without a rebuild
- CloudStorageView: upload hint paragraph directs users to navigate into a
  cloud folder; no DropZone added (no folder context at overview level)
- 3 new backend tests pass; 2 existing tests patched with credential monkeypatch;
  full suite: 293 passed, 0 new failures, 1 pre-existing (test_extract_docx)

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-05-30 17:55:08 +02:00
curo1305 67edc19a36 docs(05): add UAT, UI-SPEC, deferred items, debug notes; refine plans 09-11 
Plan refinements: Vitest tests added to 09/10 must-haves, explicit
mock_flow two-tuple pattern in 10, test_admin_api.py fixture usage in 11.
New artifacts: UAT checklist, UI-SPEC, deferred-items, debug investigation
for cloud-doc-operations-fail.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-05-30 11:57:54 +02:00
curo1305 9935c06aab docs(05): add code review report — 5 critical, 6 warning, 3 info findings 2026-05-30 11:49:43 +02:00
curo1305 3180e759de docs(05-11): complete admin hard-delete with password confirmation plan 
- UserDeleteConfirm Pydantic model + Argon2 password verification in delete_user
- adminDeleteUser(id, adminPassword) exported from client.js
- AdminUsersTab inline delete confirmation panel with password field
- Three new tests pass: 204/403/422 scenarios
- Full 21-test admin suite green; frontend build clean
 2026-05-30 11:40:14 +02:00
curo1305 f5ea2103b3 docs(05-10): complete OAuth initiate fix + cloud UI gap closure plan 2026-05-30 11:31:42 +02:00
curo1305 7534f679f3 docs(05-09): complete cloud document access fixes plan — PATCH endpoint, cloud-aware re-analyze, authenticated preview 2026-05-30 11:19:33 +02:00
curo1305 f006c00d49 docs(05): create UAT gap closure plans 09-11 
Three new plans address all 6 diagnosed gaps from 05-UAT.md:

- 05-09: cloud document open (fetch+Blob URL), re-analyze (cloud-aware
  Celery task), and edit (PATCH /api/documents/{id})
- 05-10: OAuth initiate JSON response fix, Nextcloud custom endpoint
  edit round-trip, Edit button on ERROR rows, confirmation text overflow
- 05-11: admin hard-delete with admin-password confirmation (backend
  UserDeleteConfirm model + frontend inline panel)

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-05-30 10:39:47 +02:00
curo1305 7691477c6d docs(05): mark Phase 5 complete — all 8 plans executed, security gates passed, human checkpoint approved 
- ROADMAP.md: all 05-01..05-08 plans marked [x], phase gates [x], Progress Table row updated to Complete 2026-05-29
- STATE.md: status→complete, completed_phases→5, percent→100, session continuity entry added
 2026-05-29 09:16:45 +02:00
curo1305 c6a97b6a89 docs(05-08): complete cloud sidebar tree plan — awaiting human checkpoint 2026-05-29 08:34:42 +02:00
curo1305 ec0c69fb4e docs(05-07): complete cloud storage frontend UI plan — SUMMARY and STATE 
- useCloudConnectionsStore, 3-tab SettingsView, SettingsCloudTab, CloudCredentialModal
- 61 Vitest tests passing, Vite build exits 0
- Fixed pre-existing build failure (top-level await) via build.target=esnext
 2026-05-29 08:18:48 +02:00
curo1305 c44e861271 docs(05-06): complete cloud upload/test integration plan — SUMMARY and STATE 
- Create 05-06-SUMMARY.md: documents.py cloud extension + 20 passing cloud tests
- Update STATE.md: plan 5→6 of 8, session notes, next action → 05-07
- Update ROADMAP.md: mark 05-06 as complete [x]
 2026-05-29 07:58:03 +02:00
curo1305 be6ff5a71f docs(05-05): complete cloud API endpoints plan — SUMMARY and STATE 
- Created 05-05-SUMMARY.md: cloud.py (7 endpoints), main.py (router registration), admin.py (SEC-09 cleanup)
- Updated STATE.md: plan advanced to 5/8, session log updated, decisions recorded
- Updated ROADMAP.md: 05-03, 05-04, 05-05 marked complete
- Updated REQUIREMENTS.md: SEC-09 marked complete (cloud credential purge on account deletion)
 2026-05-29 07:34:22 +02:00
curo1305 add654444e docs(05-04): complete WebDAVBackend + NextcloudBackend plan — SUMMARY and STATE 
- 05-04-SUMMARY.md: 2 tasks (31 tests, 4 files), 8 min, 1 auto-fixed deviation (factory dispatch)
- STATE.md: plan advanced to 4/8, session log updated, 3 new key decisions recorded
 2026-05-28 21:15:12 +02:00
curo1305 6834a6797f docs(05-03): complete GoogleDriveBackend + OneDriveBackend plan 
- SUMMARY.md created for Plan 05-03
- STATE.md updated: completed_plans 26→27, progress 81→84%
- Session continuity updated with pytest results (262 passed / 43 xfailed / 1 pre-existing)
- Key decisions added: shared CloudConnectionError, cache_discovery=False, createUploadSession
 2026-05-28 21:13:53 +02:00
curo1305 3b84626da9 docs(05-02): complete shared cloud utilities plan 
- 05-02-SUMMARY.md: full plan summary with TDD gate compliance, deviation docs, threat surface scan
- STATE.md: advanced to plan 26/32 (81%), updated session log, added 4 key decisions
- ROADMAP.md: marked 05-02 complete (2/8 Phase 5 plans done)
 2026-05-28 21:04:03 +02:00
curo1305 664451b8e6 docs(05-01): complete Wave 0 Nyquist scaffold plan 
- Create 05-01-SUMMARY.md documenting all 3 tasks and 5 files modified
- Update STATE.md: session record, progress 78% (25/32 plans), resume file → 05-02
- Update ROADMAP.md: Phase 5 progress (1/8 summaries, In Progress)
- Update REQUIREMENTS.md: mark CLOUD-01..07 complete (Wave 0 scaffold)
 2026-05-28 20:54:51 +02:00
curo1305 4d7b4c83ab docs(05): create phase 5 plan — cloud storage backends (8 plans, 7 waves) 
Plans 05-01..05-08 cover all CLOUD-01..07 requirements plus SEC-09
(cloud credential cleanup on account deletion). Key design decisions:
API layer owns D-05 token refresh + DB update via _call_cloud_op helper;
backends are stateless signal-raisers. Vitest tests added for frontend
store and SettingsCloudTab. RESEARCH.md open questions resolved.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-05-28 20:25:56 +02:00
curo1305 d13801538d fix(05): revise Phase 5 plans based on checker feedback — B1-B4, W1-W4 
B1: Mark RESEARCH.md Open Questions as (RESOLVED) with decision text for all 3
B2: Backends now stateless — raise CloudConnectionError(reason=) only; API layer
    in cloud.py owns token refresh + DB update via _call_cloud_op helper
B3: Add Task 3 to Plan 05 — cloud connection + object cleanup on account deletion (SEC-09)
B4: Add frontend_url setting to Plan 01 Task 1; Plan 05 uses settings.frontend_url
    for OAuth callback redirects
W1: ROADMAP.md Phase 5 now correctly labels Plans 03+04 as Wave 3 (not Wave 2)
W2: Plan 06 invalid_grant test now asserts both 503 HTTP response AND DB REQUIRES_REAUTH
W3: Plan 06 Task 2 split into unit tests (4, cloud_utils.py) and integration tests (11, HTTP)
W4: Plan 07 adds Vitest tests for cloudConnections store (4 tests) and SettingsCloudTab
    mount test (2 tests) per CLAUDE.md testing protocol

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-05-28 19:55:28 +02:00
curo1305 baa5bed7e2 docs(05): create phase 5 plan — cloud storage backends (8 plans, 7 waves) 
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-05-28 19:43:12 +02:00
curo1305 141e582eab docs(05): research phase — cloud storage backends 
Verify all 6 PyPI packages (cryptography, google-auth-oauthlib,
google-api-python-client, msal, webdavclient3, cachetools); all pass
slopcheck [OK]. Document HKDF+Fernet pattern, OAuth2 flows for Google
Drive and OneDrive, webdavclient3+asyncio.to_thread for WebDAV/Nextcloud,
SSRF ipaddress module approach, Redis OAuth state pattern, and
cachetools.TTLCache folder listing cache. Confirm cloud_connections table
and storage_backend columns already exist — no new Alembic migration needed.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-05-28 18:04:11 +02:00
curo1305 358af367f3 docs(05): capture phase 5 context — cloud storage backends 
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-05-28 17:52:25 +02:00