284313f908
Some checks are pending
Bidi Control Character Guard / bidi-control-guard (push) Waiting to run
Circular Dependency Check / Check for new circular dependencies (push) Waiting to run
Citus Migration Smoke / Combined migrations on single-node Citus (push) Waiting to run
E2E Fresh Install Tests / fresh-install-e2e (push) Waiting to run
ext-v2 guardrails / Run ext-v2 guard and ESLint (push) Waiting to run
Integration Tests / Check for relevant changes (push) Waiting to run
Integration Tests / ${{ (github.event_name == 'schedule' || github.event.inputs.suite == 'full') && 'Full integration suite' || 'Tier-1 integration subset' }} (push) Blocked by required conditions
Mobile checks / Mobile lint + typecheck (push) Waiting to run
Mobile checks / Mobile unit tests (push) Waiting to run
Mobile checks / Mobile dependency audit (report) (push) Waiting to run
Mobile checks / Mobile reproducibility checks (push) Waiting to run
Secrets guard (env backups) / Ensure no tracked env backup files (push) Waiting to run
Temporal Readiness / fast-readiness (push) Waiting to run
Temporal Readiness / docker-parity (push) Waiting to run
TypeScript Type Check / Nx affected typecheck (push) Waiting to run
Unit Tests / Skipped-test budget (push) Waiting to run
Unit Tests / Nx affected unit tests (push) Waiting to run
Unit Tests / Server unit coverage (informational) (push) Waiting to run
Validate Tenant Management Schema / Check for relevant changes (push) Waiting to run
Validate Tenant Management Schema / Validate Tenant Management Schema (push) Blocked by required conditions
EE Workflows Build Guard / ee-workflows-build-guard (push) Waiting to run
Excluded: .git, node_modules, secrets/, compose.env, assemblyscript tgz Source: /opt/alga-psa on psa.joliet.tech
50 lines
6.4 KiB
JSON
50 lines
6.4 KiB
JSON
[
|
||
{ "id": "T001", "description": "Plan: `python3 scripts/validate_plan.py ee/docs/plans/2026-01-31-edit-other-users-time-entries` passes.", "implemented": true },
|
||
|
||
{ "id": "T010", "description": "DB: Migration adds `time_entries.created_by` and `time_entries.updated_by` columns.", "implemented": true, "featureIds": ["F001"] },
|
||
{ "id": "T011", "description": "DB: FK constraints for `created_by`/`updated_by` exist and are tenant-scoped.", "implemented": true, "featureIds": ["F002"] },
|
||
|
||
{ "id": "T020", "description": "Types: `ITimeEntry` includes optional `created_by`/`updated_by` and build/typecheck passes.", "implemented": true, "featureIds": ["F003"] },
|
||
{ "id": "T021", "description": "Validation: `timeEntrySchema` accepts entries with/without `created_by`/`updated_by`.", "implemented": true, "featureIds": ["F004"] },
|
||
|
||
{ "id": "T030", "description": "Auth: Self access is allowed (actor can access their own time periods/time sheets/entries).", "implemented": true, "featureIds": ["F005", "F007"] },
|
||
{ "id": "T031", "description": "Auth: Billing/system admin (with `timesheet:read_all` + `timesheet:approve`) can access any user tenant-wide.", "implemented": true, "featureIds": ["F005", "F007"] },
|
||
{ "id": "T032", "description": "Auth: Manager-of-subject (team manager) can access subject users in their managed teams.", "implemented": true, "featureIds": ["F006", "F007"] },
|
||
{ "id": "T033", "description": "Auth: Manager cannot access users outside managed teams.", "implemented": true, "featureIds": ["F006", "F007"] },
|
||
{ "id": "T034", "description": "Auth: User without delegation permissions cannot access another user’s time sheets/entries (403/permission error).", "implemented": true, "featureIds": ["F005", "F007", "F037"] },
|
||
|
||
{ "id": "T040", "description": "Actions: Eligible-subjects action returns self-only for non-delegates.", "implemented": true, "featureIds": ["F008"] },
|
||
{ "id": "T041", "description": "Actions: Eligible-subjects action returns team members for managers (only teams they manage).", "implemented": true, "featureIds": ["F006", "F008"] },
|
||
{ "id": "T042", "description": "Actions: Eligible-subjects action returns all internal users for tenant-wide admins.", "implemented": true, "featureIds": ["F008"] },
|
||
|
||
{ "id": "T050", "description": "Actions: `fetchTimePeriods(subjectUserId)` rejects unauthorized subject user.", "implemented": true, "featureIds": ["F009", "F037"] },
|
||
{ "id": "T051", "description": "Actions: `fetchOrCreateTimeSheet(subjectUserId, periodId)` rejects unauthorized subject user.", "implemented": true, "featureIds": ["F010", "F037"] },
|
||
{ "id": "T052", "description": "Actions: `fetchTimeSheet(timeSheetId)` rejects unauthorized non-owner.", "implemented": true, "featureIds": ["F011", "F037"] },
|
||
{ "id": "T053", "description": "Actions: `fetchTimeEntriesForTimeSheet(timeSheetId)` rejects unauthorized non-owner.", "implemented": true, "featureIds": ["F012", "F037"] },
|
||
{ "id": "T054", "description": "Actions: `fetchWorkItemsForTimeSheet(timeSheetId)` rejects unauthorized non-owner.", "implemented": true, "featureIds": ["F013", "F037"] },
|
||
|
||
{ "id": "T060", "description": "Actions: Creating a time entry on behalf sets `time_entries.user_id = subjectUserId` (not actor).", "implemented": true, "featureIds": ["F014", "F016"] },
|
||
{ "id": "T061", "description": "Actions: Updating a time entry does not change `user_id` ownership.", "implemented": true, "featureIds": ["F015"] },
|
||
{ "id": "T062", "description": "Actions: On create, `created_by` and `updated_by` are set to actor; on update, `updated_by` changes to actor.", "implemented": true, "featureIds": ["F018"] },
|
||
{ "id": "T063", "description": "Actions: `work_date` is computed using the subject timezone (edge case around midnight local time).", "implemented": true, "featureIds": ["F017"] },
|
||
{ "id": "T064", "description": "Actions: Time entry timestamps outside the time period boundary are rejected.", "implemented": true, "featureIds": ["F019"] },
|
||
|
||
{ "id": "T070", "description": "Billing integrity: Editing an invoiced time entry is blocked.", "implemented": true, "featureIds": ["F020"] },
|
||
{ "id": "T071", "description": "Billing integrity: Deleting an invoiced time entry is blocked.", "implemented": true, "featureIds": ["F020", "F022"] },
|
||
{ "id": "T072", "description": "Billing integrity: Reopening a time sheet with any invoiced entry is blocked.", "implemented": true, "featureIds": ["F021"] },
|
||
|
||
{ "id": "T080", "description": "Approvals: Delegate can submit a subject’s time sheet and time entries transition to `SUBMITTED`.", "implemented": true, "featureIds": ["F023"] },
|
||
{ "id": "T081", "description": "Approvals: Billing/system admin can approve a subject’s time sheet tenant-wide.", "implemented": true, "featureIds": ["F024"] },
|
||
{ "id": "T082", "description": "Approvals: Manager can approve only subject time sheets for users in managed teams.", "implemented": true, "featureIds": ["F024"] },
|
||
{ "id": "T083", "description": "Approvals: Reopen operation transitions time sheet and entries to `CHANGES_REQUESTED` and becomes editable in the UI.", "implemented": true, "featureIds": ["F025", "F026", "F032"] },
|
||
|
||
{ "id": "T090", "description": "UI: User selector is hidden/disabled for non-delegates and defaults to self.", "implemented": true, "featureIds": ["F027"] },
|
||
{ "id": "T091", "description": "UI: Eligible-subjects list populates UserPicker correctly (team-scoped vs tenant-wide).", "implemented": true, "featureIds": ["F028"] },
|
||
{ "id": "T092", "description": "UI: Selecting a subject changes the displayed time periods and opens subject’s timesheet.", "implemented": true, "featureIds": ["F029", "F030"] },
|
||
{ "id": "T093", "description": "UI: Timesheet header shows subject identity and indicates delegated editing when applicable.", "implemented": true, "featureIds": ["F031"] },
|
||
{ "id": "T094", "description": "UI: “Reopen for edits” appears only for authorized users on APPROVED, non-invoiced time sheets and executes successfully.", "implemented": true, "featureIds": ["F032", "F033"] },
|
||
|
||
{ "id": "T100", "description": "Security regression: Manager-scoped operations cannot be widened by passing arbitrary team ids from the client.", "implemented": true, "featureIds": ["F036"] },
|
||
{ "id": "T101", "description": "UI: Bundled tickets (child tickets with master_ticket_id) are shown but disabled in ticket selectors, with clear messaging about logging time on the master ticket.", "implemented": true, "featureIds": ["F039"] }
|
||
]
|