Soren_Molty/plumbing-dashy
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
60a1cf1b67571aa3e1bbd024ccb90acc23ccdcfd
plumbing-dashy/PROGRESS.md
T

80 lines
6.3 KiB
Markdown
Raw Blame History

# Dashy Project Refactor: Progress Report
**Objective:** Transition Dashy from a browser-based SQLite (local storage) application to a Client-Server architecture using a Python FastAPI backend with a persistent database.
---
## ✅ Completed Tasks
### 1. Backend Infrastructure Setup
- Created `backend/` directory structure.
- Configured `requirements.txt` with essential libraries (`fastapi`, `sqlalchemy`, `pydantic`, `jose`, etc.).
- **Fix:** Pinned `bcrypt==4.0.1` to resolve compatibility issues with `passlib`.
### 2. Database Modeling
- **Schema Design:** Translated the original `db.js` schema into SQLAlchemy models in `models.py`.
- **Relationships:** Established Many-to-Many relationships for Task Tags and One-to-Many for User Tasks and Notes.
- **Audit Logging:** Implemented a robust Audit Log system to track all user actions.
### 3. API Development
- **Main App (`main.py`):** Set up FastAPI with CORS middleware enabled for frontend communication.
- **Authentication:** Built JWT-based login flow in `auth.py`.
- **Endpoints:** Created initial endpoints for:
- User retrieval
- Task CRUD (Create, Read, Update)
- Audit log retrieval/creation
### 4. Data Migration & Environment Handling
- **Seeding:** Created `seed.py` to migrate initial prototype data into the new database.
- **CIFS/NAS Fix:**
- Implemented `DASHY_DB_PATH` environment variable support to allow the database file to reside on a local disk while code stays on the NAS.
- Added a 30-second connection timeout to mitigate network latency.
---
## 🚧 Current Status
- **Backend:** Feature-complete for the first phase.
- **Database:** Schema is stabilized, seeding logic is verified, and database is active.
- **Frontend:** Integrated with FastAPI backend via `api.js`. Legacy WASM SQLite files archived.
---
## ⏭️ Upcoming Steps
### Phase 2: Frontend Refactor & Workflow Polish (✅ Completed)
1. **API Integration:** Created `api.js` to handle network requests, swapped `DashyDB` for async API calls in `app.jsx`, and updated Login to use JWT tokens.
2. **Legacy Cleanup:** Archived `db.js` and `data.jsx` to `Dashy-v1/scraps/` and removed `sql.js` WASM dependency from `Dashy.html`.
3. **API Base URL Fix:** Updated `api.js` to dynamically use the browser's hostname to resolve "Connection Refused" errors.
4. **Audit Rendering Crash Fix:** Resolved the `TASK_AUDIT` ReferenceError by passing live API audit logs into the `TaskDetail` modal.
5. **UI State Refresh Fix:** Modified the `useApiData` hook to fetch subsequent updates silently without unmounting the app (fixing the drag-and-drop refresh bug).
6. **Task Completion:** Added a "Mark as completed" button, removed closed tasks from the main Overview board, and set up audit logging.
7. **User Views Update:** Updated `UserScreen` to accurately display open task counts and render a dedicated, faded "Completed" section for closed tasks.
8. **Task Reopening:** Added a "Reopen task" button to restore accidentally closed tasks back to the queue.
9. **User Management (Settings):** Built backend API endpoints (`POST`, `PATCH`, `DELETE` for `/users`) and wired up the `WorkspaceTab` allowing Admins to manage the team from the UI.
10. **Task Editing:** Implemented inline editing for task descriptions using an active text box state with "Save/Cancel" actions.
11. **UI Cleanup:** Removed hardcoded, prototype placeholder notes from the `TaskDetail` modal to prepare for future dynamic notes integration.
12. **Permanent Deletion:** Added a "Delete task permanently" button to the `TaskDetail` sidebar with a confirmation dialog, backed by a new `DELETE /tasks/{id}` API endpoint.
13. **Permanent Deletion Wiring Fix:** Resolved a three-layer bug where the delete button was non-functional:
- Added the missing `onDeleteTask` prop to the `TaskDetail` component signature in `screens.jsx`.
- Added the missing `deleteTask` handler in `app.jsx` (calls `api.deleteTask`, writes an audit entry, and closes the modal).
- Restarted the FastAPI backend so the previously-added `DELETE /tasks/{id}` route was loaded into the running process (was returning 405 prior to restart).
14. **Password Management:** Made the "Change password" flow real (previously a placeholder UI).
- **Backend:** Added `PasswordChange` schema and a new `POST /users/{user_id}/password` endpoint that verifies the current password (401 on mismatch) before re-hashing and saving the new one.
- **API client:** Added `api.changePassword(id, oldPwd, newPwd)` that surfaces the backend's `detail` message inline rather than just the HTTP status text.
- **Frontend:** Wired the previously-inert "Update password" button in `SettingsScreen` — submits via `onChangePassword`, shows inline error / success states, disables while in flight, clears the fields on success, and writes a `password_changed` audit entry.
- **Defaults confirmed:** Seeded users (`seed.py`) and admin-created users (`app.jsx`) both default to `password123`.
15. **Real Login Authentication:** Fixed a security bug where the login screen accepted any password. Bound the input to component state and implemented proper 401 handling with inline error messaging.
16. **Network Hardening:** Configured the frontend to use a relative `/api` path, allowing the FastAPI backend to be completely shielded behind an Nginx SSL reverse proxy on `127.0.0.1`. No internal ports are now exposed to the public internet.
17. **API Authentication Enforcement:** Fixed a security vulnerability where API endpoints were publicly accessible without a token. Implemented the `get_current_user` dependency in `backend/auth.py` and applied it to all sensitive routes. Accessing `/tasks`, `/users`, etc. now strictly requires a valid JWT Bearer token.
18. **Persistent Workspace Settings:** Added a `Workspace` database model and API endpoints (`GET /workspace`, `PATCH /workspace`) to track global settings. Added an "Update workspace" button to the Settings UI, allowing Admins to persist changes to the Workspace Name and Timezone across the entire dashboard.
### Phase 3: Advanced Features
- **Real-time Notifications:** Explore WebSockets for task assignments.
- **iMessage Integration:** Develop the "Molty" bridge for phone-to-task creation.
- **File Uploads:** Support for attaching photos/documents to tasks.
---
**Last Updated:** Monday, May 11, 2026
**Status:** Phase 2 Complete / Ready for Phase 3
Reference in New Issue View Git Blame Copy Permalink