ChrisChen/ROLAC
1
0
Fork 0
Code Issues 66 Pull Requests Actions Packages Projects Releases Wiki Activity
159 Commits 2 Branches 0 Tags
39432ac588ea264b7b756246765e5e96840c7e30
Commit Graph

159 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Chris Chen 4a2b142061 feat(giving): frontend models + API services 
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-05-28 16:57:15 -07:00
Chris Chen b5a15dd9f2 feat(giving): add offering-sessions controller 2026-05-28 16:54:24 -07:00
Chris Chen 86041c0d05 fix(giving): map duplicate-date race to 409 + return zelle/paypal refs in session detail 2026-05-28 16:53:24 -07:00
Chris Chen e04776460d feat(giving): offering-session batch service with server-side totals + locking 
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-05-28 16:47:19 -07:00
Chris Chen 586551aec0 feat(giving): add givings controller 2026-05-28 16:43:06 -07:00
Chris Chen 8ff93e3698 test(giving): cover anonymous member-id stripping and delete-lock guard 2026-05-28 16:42:18 -07:00
Chris Chen 2b6f29e775 feat(giving): single-entry giving service with paging + lock guard 
Adds GivingListItemDto, GivingDto, CreateGivingRequest, UpdateGivingRequest DTOs;
IGivingService interface; GivingService implementation with category/date filtering,
OfferingSession lock guard (Submitted/Reconciled), and DI registration in Program.cs.
Covered by 4 xUnit tests (TDD: red → green).

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-05-28 16:38:32 -07:00
Chris Chen 81efaedbc2 feat(giving): add giving-categories controller 2026-05-28 16:34:18 -07:00
Chris Chen cb15d30980 refactor(giving): drop unused accessor from category service + add deactivate-missing test 2026-05-28 16:33:27 -07:00
Chris Chen 798dfa3fe0 feat(giving): giving-category service with CRUD + soft-disable 
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-05-28 16:29:31 -07:00
Chris Chen 8b52572fad feat(giving): add EF migration for giving module 
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-05-28 16:25:11 -07:00
Chris Chen 577ae1aabe refactor(giving): use AnyAsync in category seed (code-review minor) 2026-05-28 16:21:32 -07:00
Chris Chen e20964ae0d feat(giving): seed default giving categories 2026-05-28 16:19:44 -07:00
Chris Chen 999f8a80f9 feat(giving): add GivingCategory, OfferingSession, Giving entities + EF config 
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-05-28 16:16:24 -07:00
Chris Chen 3974cec967 docs: add implementation plan for giving/donation tracking module 
15 bite-sized TDD tasks: entities+EF+seed+migration, three services
(giving-category, single giving, offering-session) with server-side
totals and lock-after-submit, controllers, Angular models/services and
three pages (categories, single entry, keyboard-first batch entry +
quick-add member), role-gated finance nav, and E2E verification.

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
 2026-05-28 15:57:47 -07:00
Chris Chen 82b9744024 docs: add design spec for giving/donation tracking module 
Manual giving module (Phase 1): giving category config, single-entry
giving, and keyboard-first Sunday offering batch entry (OfferingSession)
with finance-gated reconciliation. Client-buffered bulk submit (decision
B), lock-after-submit, Member-or-anonymous givers with inline quick-add.

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
 2026-05-28 15:47:09 -07:00
Chris Chen a525c71baa WIP 2026-05-28 15:25:31 -07:00
Chris Chen d79b1faa8f fix 401 loop hell 2026-05-27 15:09:05 -07:00
Chris Chen e83fa4c2e9 fix: use RandomNumberGenerator for cryptographic temp password generation 
Replaced `new Random()` with `RandomNumberGenerator.GetInt32()` and a
Fisher-Yates shuffle to ensure temp passwords are cryptographically secure.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-05-27 14:29:26 -07:00
Chris Chen bc67146d86 feat: add Administration section to sidebar with role-gated Member/User nav 
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-05-27 14:26:07 -07:00
Chris Chen a18d44bd0a feat: add UsersPageComponent with Kendo Grid + edit/deactivate/reset-password 
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-05-27 14:24:00 -07:00
Chris Chen 6c3292861a feat: add EditUserDialogComponent 2026-05-27 14:22:13 -07:00
Chris Chen 3a5b5721e4 feat: add MembersPageComponent with Kendo Grid and routing 
Also adds stub UsersPageComponent for route compilation, and fixes
pre-existing kendo-textbox type="email" build errors in dialog templates.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-05-27 14:20:52 -07:00
Chris Chen 07e0270599 feat: add CreateUserAccountDialogComponent with temp-password reveal 
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-05-27 14:17:15 -07:00
Chris Chen 32e47e4566 feat: add MemberFormDialogComponent (3-tab form) 
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-05-27 14:15:26 -07:00
Chris Chen d2eac52a47 feat: add Angular member and user models + API services 
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-05-27 14:13:35 -07:00
Chris Chen 8249b3fe3e feat: add UsersController and register all services 
Adds UsersController with CRUD endpoints (list, get, create, update,
deactivate, reset-password) restricted to super_admin role. Registers
IUserManagementService in Program.cs alongside existing services.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-05-27 14:10:46 -07:00
Chris Chen 3ab0998793 feat: add UserManagementService with temp-password creation and deactivation 
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-05-27 14:08:50 -07:00
Chris Chen 0986233d9b feat: add MembersController (CRUD + paged list) 
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-05-27 14:03:23 -07:00
Chris Chen bfffdee2a8 feat: add MemberService with soft-delete and paged search 
Implements IMemberService with Create/Read/Update/soft-Delete operations,
NickName/zh-name search, status and hasUser filtering, and full xUnit coverage
(11 tests). Uses separate user-lookup query for InMemory DB compatibility; detaches
entity after soft-delete so query-filter assertions work correctly in tests.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-05-27 14:00:59 -07:00
Chris Chen 97743f6974 feat: add PagedResult, Member DTOs, and User DTOs 
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-05-27 13:55:21 -07:00
Chris Chen 34344cbf83 feat: add Member/FamilyUnit DbSets, audit interceptor registration, EF migration 
Registers AuditSaveChangesInterceptor in DI and wires it into AppDbContext.
Adds Members and FamilyUnits DbSets with full column/index configuration and
applies the AddMemberAndFamilyUnit migration to the ChurchCRM database.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-05-27 13:52:58 -07:00
Chris Chen cd5413125d feat: add Member and FamilyUnit entities 2026-05-27 13:49:50 -07:00
Chris Chen 820ca6981c feat: add AuditSaveChangesInterceptor and failing interceptor tests 
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-05-27 13:48:03 -07:00
Chris Chen f703519838 fix: use DateTimeOffset instead of DateTime in audit base classes 2026-05-27 13:46:31 -07:00
Chris Chen 5041873c2b feat: add AuditableEntity and SoftDeleteEntity base classes 2026-05-27 13:44:10 -07:00
Chris Chen 61c6697c87 docs: add 3-part implementation plan for Member and User Management 
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-05-27 13:18:27 -07:00
Chris Chen 5d556b882d docs: add NickName field to Member spec 
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-05-27 08:14:07 -07:00
Chris Chen adad5cb7e9 docs: add AspNetUsers CRUD and Member Management design spec 
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-05-27 08:12:07 -07:00
Chris Chen 60405ef0aa WIP 2026-05-27 07:49:26 -07:00
Chris Chen 62428cd2d4 feat: rewrite AuthService to use ROLAC auth API with in-memory token storage 
- Replace GET /api/Token/Create (Basic Auth) with POST /api/Auth/login
- Add refresh() method using HttpOnly cookie (POST /api/Auth/refresh)
- Add initializeFromRefreshToken() for APP_INITIALIZER support
- logout() now fires POST /api/Auth/logout (fire-and-forget)
- Rename User interface to UserInfo (matches C# DTO: id, email, roles, languagePreference)
- All auth state is in-memory only (no localStorage)
- Fix downstream consumers: app.ts, header components, mfa-dialog, token-verification
- Fix tsconfig.spec.json: exclude legacy src/components and src/directives
- Add stub enums.model.ts and fix models/index.ts for pre-existing build errors

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-05-26 20:47:43 -07:00
Chris Chen 4874f2a0a3 test: fix spec issues from code review (logout assertion order, refresh 5xx test) 2026-05-26 20:38:58 -07:00
Chris Chen dc7909e247 test: add failing specs for AuthService login API integration 2026-05-26 20:34:49 -07:00
Chris Chen aa0c5403a1 docs: login API integration implementation plan 
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-05-26 20:29:33 -07:00
Chris Chen 98965274b8 docs: fix TokenVerificationResult type in login integration spec 
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-05-26 20:22:24 -07:00
Chris Chen d1f342e3d0 docs: login API integration design spec 
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-05-26 20:21:43 -07:00
Chris Chen 2aa095c158 Task 11: Smoke test fixes (all 5 scenarios pass) 
TokenService.GenerateRefreshToken():
  - Switched to URL-safe Base64 (RFC 4648 §5): +→-, /→_, no = padding.
  - Characters are unreserved per RFC 6265, so Response.Cookies.Append
    does NOT percent-encode the value.  Request.Cookies reads back exact value.

AuthController:
  - CookieOptions.Secure = !env.IsDevelopment()
    Plain HTTP in local dev works; HTTPS-only in staging/production.
  - Inject IWebHostEnvironment for environment-aware Secure flag.

TokenServiceTests:
  - Updated GenerateRefreshToken test: 86-char URL-safe Base64 instead
    of 64-byte standard Base64.  16/16 tests pass.

Smoke test results (http://localhost:5209):
  1. POST /api/auth/login       → 200 + rolac_rt cookie + JWT
  2. POST /api/auth/refresh     → 200 + new token (rotation)
  3. POST /api/auth/logout      → 204 + cookie cleared
  4. Refresh with revoked token → 401
  5. Wrong password             → 401

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-05-26 19:28:20 -07:00
Chris Chen ef0098d5cc Task 10: EF Core InitialAuth migration 
Applied against ChurchCRM database on 192.168.68.55:49154.
Creates Identity tables (AspNetUsers, AspNetRoles, AspNetUserRoles, etc.)
+ RefreshTokens table with unique index on TokenHash.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-05-26 19:13:30 -07:00
Chris Chen 8b86bd573e Tasks 7-9: AuthController, appsettings, Program.cs 
Task 7 – AuthController (POST /api/auth/login|refresh|logout)
  - Refresh token in HttpOnly; Secure; SameSite=Strict cookie (rolac_rt)
  - Cookie Path scoped to /api/auth; cleared on logout/invalid refresh

Task 8 – appsettings.json (non-secret JWT values + CORS origins)
  - appsettings.Development.json carries connection string + JWT secret
    (file is gitignored)

Task 9 – Program.cs wiring
  - EF Core + Npgsql, ASP.NET Core Identity, JWT Bearer auth
  - RoleClaimType=role matches the short JWT claim name written by TokenService
  - CORS: AllowCredentials for Angular app
  - Swagger UI with Bearer security definition
  - Startup: MigrateAsync + DbSeeder.SeedAsync (roles + dev admin)
  - DbSeeder: added SeedAsync(IServiceProvider) entry point

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-05-26 17:40:52 -07:00
Chris Chen 9db8b34181 Task 6: AuthService + 9 unit tests (16/16 pass) 
- IAuthService: LoginAsync / RefreshAsync / LogoutAsync
- AuthService: refresh-token rotation, hashed storage, LastLoginAt update
- AuthServiceTests: 5 login + 3 refresh + 1 logout tests via Moq + EF InMemory

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-05-26 17:38:56 -07:00