alldigital/PSA
2
0
Fork 0
Code Issues Pull Requests Actions 15 Packages Projects Releases Wiki Activity
PSA/ee/docs/plans/2026-01-31-edit-other-users-time-entries/features.json
Hermes 284313f908
Some checks are pending
Bidi Control Character Guard / bidi-control-guard (push) Waiting to run
Details
Circular Dependency Check / Check for new circular dependencies (push) Waiting to run
Details
Citus Migration Smoke / Combined migrations on single-node Citus (push) Waiting to run
Details
E2E Fresh Install Tests / fresh-install-e2e (push) Waiting to run
Details
ext-v2 guardrails / Run ext-v2 guard and ESLint (push) Waiting to run
Details
Integration Tests / Check for relevant changes (push) Waiting to run
Details
Integration Tests / ${{ (github.event_name == 'schedule' || github.event.inputs.suite == 'full') && 'Full integration suite' || 'Tier-1 integration subset' }} (push) Blocked by required conditions
Details
Mobile checks / Mobile lint + typecheck (push) Waiting to run
Details
Mobile checks / Mobile unit tests (push) Waiting to run
Details
Mobile checks / Mobile dependency audit (report) (push) Waiting to run
Details
Mobile checks / Mobile reproducibility checks (push) Waiting to run
Details
Secrets guard (env backups) / Ensure no tracked env backup files (push) Waiting to run
Details
Temporal Readiness / fast-readiness (push) Waiting to run
Details
Temporal Readiness / docker-parity (push) Waiting to run
Details
TypeScript Type Check / Nx affected typecheck (push) Waiting to run
Details
Unit Tests / Skipped-test budget (push) Waiting to run
Details
Unit Tests / Nx affected unit tests (push) Waiting to run
Details
Unit Tests / Server unit coverage (informational) (push) Waiting to run
Details
Validate Tenant Management Schema / Check for relevant changes (push) Waiting to run
Details
Validate Tenant Management Schema / Validate Tenant Management Schema (push) Blocked by required conditions
Details
EE Workflows Build Guard / ee-workflows-build-guard (push) Waiting to run
Details
Initial import of AlgaPSA codebase from PSA server 
Excluded: .git, node_modules, secrets/, compose.env, assemblyscript tgz

Source: /opt/alga-psa on psa.joliet.tech
2026-06-22 16:12:17 -05:00

53 lines
7.0 KiB
JSON
Raw Permalink Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

[
{ "id": "F001", "description": "DB: Add `created_by` and `updated_by` columns to `time_entries` to track the actor who created/updated an entry.", "implemented": true },
{ "id": "F002", "description": "DB: Add FK constraints for `time_entries.(created_by,updated_by)` referencing `users(user_id)` scoped by tenant.", "implemented": true },
{ "id": "F003", "description": "Types: Extend `ITimeEntry` (and derived time entry types) to include optional `created_by`/`updated_by` fields.", "implemented": true },
{ "id": "F004", "description": "Validation: Extend `packages/scheduling/src/schemas/timeSheet.schemas.ts` `timeEntrySchema` to include optional `created_by`/`updated_by`.", "implemented": true },
{ "id": "F005", "description": "Auth: Add a shared server-side helper to determine whether the actor can act on behalf of a subject user (self, tenant-wide admin, or manager-of-subject).", "implemented": true },
{ "id": "F006", "description": "Auth: Implement server-side “manager-of-subject” check using `teams` + `team_members` joins (do not trust client-provided team ids).", "implemented": true },
{ "id": "F007", "description": "Auth: Define a single policy for delegation actions: allow if self; else require `timesheet:approve` AND (tenant-wide via `timesheet:read_all` OR manager-of-subject).", "implemented": true },
{ "id": "F008", "description": "Actions: Add a server action that returns the list of eligible subject users for the actor (self always; otherwise team-scoped or tenant-wide depending on permissions).", "implemented": true },
{ "id": "F009", "description": "Actions: Harden `fetchTimePeriods(userId)` to enforce the delegation policy when `userId !== actor.user_id`.", "implemented": true },
{ "id": "F010", "description": "Actions: Harden `fetchOrCreateTimeSheet(userId, periodId)` to enforce the delegation policy when creating/fetching a time sheet for another user.", "implemented": true },
{ "id": "F011", "description": "Actions: Harden `fetchTimeSheet(timeSheetId)` to allow only the owner or an authorized delegate (billing admin / manager-of-subject).", "implemented": true },
{ "id": "F012", "description": "Actions: Harden `fetchTimeEntriesForTimeSheet(timeSheetId)` to allow only the owner or an authorized delegate.", "implemented": true },
{ "id": "F013", "description": "Actions: Harden `fetchWorkItemsForTimeSheet(timeSheetId)` to allow only the owner or an authorized delegate.", "implemented": true },
{ "id": "F014", "description": "Actions: Fix `saveTimeEntry` to support creating/editing entries for a subject user (do not force `user_id` to the actor).", "implemented": true },
{ "id": "F015", "description": "Actions: Fix `saveTimeEntry` update semantics so `user_id` is not changed on update unless explicitly requested (default: immutable ownership).", "implemented": true },
{ "id": "F016", "description": "Actions: Ensure `saveTimeEntry` enforces delegation policy when subject != actor.", "implemented": true },
{ "id": "F017", "description": "Actions: Ensure `saveTimeEntry` computes `work_date`/`work_timezone` using the subject users timezone (not the actors).", "implemented": true },
{ "id": "F018", "description": "Actions: Populate `created_by`/`updated_by` on create, and `updated_by` on update.", "implemented": true },
{ "id": "F019", "description": "Actions: Add server-side validation that a time entrys timestamps fall within the associated time period boundaries for the time sheet.", "implemented": true },
{ "id": "F020", "description": "Actions: Block updates/deletes for `time_entries.invoiced = true` with a clear error message.", "implemented": true },
{ "id": "F021", "description": "Actions: Block reopening/reversing approvals for a time sheet if any related time entry is invoiced.", "implemented": true },
{ "id": "F022", "description": "Actions: Update `deleteTimeEntry(entryId)` to enforce delegation policy and invoiced constraints.", "implemented": true },
{ "id": "F023", "description": "Actions: Update `submitTimeSheet(timeSheetId)` to allow submission by authorized delegates and keep entry statuses consistent.", "implemented": true },
{ "id": "F024", "description": "Actions: Ensure approval operations (`approveTimeSheet`, `bulkApproveTimeSheets`) remain consistent with delegation rules (billing admins tenant-wide; managers only for their reports).", "implemented": true },
{ "id": "F025", "description": "Actions: Update the “reverse approval / reopen” behavior to transition the time sheet into an editable status (`CHANGES_REQUESTED`) instead of `SUBMITTED`.", "implemented": true },
{ "id": "F026", "description": "Actions: Ensure “reopen for edits” requires `timesheet:reverse` and delegation authorization.", "implemented": true },
{ "id": "F027", "description": "UI: Add a subject user selector to `/msp/time-entry` for users who can act on behalf of others (default to self).", "implemented": true },
{ "id": "F028", "description": "UI: Use `UserPicker` for subject selection and load options from the new eligible-subjects server action.", "implemented": true },
{ "id": "F029", "description": "UI: Update time period listing to fetch periods for the selected subject user.", "implemented": true },
{ "id": "F030", "description": "UI: Ensure navigation into a timesheet preserves/communicates the subject context (derived from time sheet owner).", "implemented": true },
{ "id": "F031", "description": "UI: Update timesheet header to display “Time Sheet for {Subject}” and optionally “Edited by {Actor}” when acting on behalf.", "implemented": true },
{ "id": "F032", "description": "UI: Add “Reopen for edits” control for authorized users when a time sheet is `APPROVED` and not invoiced.", "implemented": true },
{ "id": "F033", "description": "UI: Make the reopen flow actionable and informative (confirmation dialog + error display if invoiced).", "implemented": true },
{ "id": "F034", "description": "UI: Ensure time entry create/edit/delete in the timesheet UI works unchanged for self and works correctly for delegated subject users.", "implemented": true },
{ "id": "F035", "description": "UI: Prevent editing UI affordances when the server indicates non-editable status or invoiced constraints.", "implemented": true },
{ "id": "F036", "description": "Security: Remove/avoid APIs that accept arbitrary team ids for manager-scoped operations; compute/validate scope server-side.", "implemented": true },
{ "id": "F037", "description": "Security: Ensure knowing a `timeSheetId` is insufficient to read/edit entries without being owner or authorized delegate.", "implemented": true },
{ "id": "F038", "description": "DX: Add minimal unit/integration coverage around delegation authorization + invoiced constraints (see tests.json).", "implemented": true },
{ "id": "F039", "description": "UI: In ticket pickers for adding time/work items, render bundled tickets (child tickets with master_ticket_id) as disabled/greyed out with a clear explanation that time must be logged on the master ticket.", "implemented": true }
]
Reference in New Issue View Git Blame Copy Permalink