senke/veza - Talas Project: Beyond coding. We Forge.

senke/veza

Author	SHA1	Message	Date
senke	ed8949ee76	[BE-API-002] api: Implement playlist collaborators endpoints - Added routes in router.go: POST, GET, PUT, DELETE /playlists/:id/collaborators - Applied RequireOwnershipOrAdmin middleware to POST, PUT, DELETE routes - GET route accessible to collaborators (service layer checks permissions) - Fixed UpdateCollaboratorPermission handler to use RespondWithAppError - All handlers already existed in playlist_handler.go - All endpoints properly authenticated and ownership checks enforced Phase: PHASE-1 Priority: P0 Progress: 5/267 (1.9%)	2025-12-23 01:41:43 +01:00
senke	888a481bde	[BE-SEC-002] security: Fix ownership verification for track updates/deletes - Verified RequireOwnershipOrAdmin middleware is correctly applied to PUT/DELETE /tracks/:id - Verified trackOwnerResolver correctly loads track from DB and returns user_id - Added comprehensive integration tests for ownership verification - Test: user cannot update another user's track (403 Forbidden) - Test: user cannot delete another user's track (403 Forbidden) - Test: admin can update any track (200 OK) - Test: admin can delete any track (200 OK) - Test: user can update own track (200 OK) - Test: user can delete own track (200 OK) - All tests pass Phase: PHASE-1 Priority: P0 Progress: 2/267 (0.7%)	2025-12-23 01:37:10 +01:00
senke	e4212ee594	stabilizing apps/web: THIRD BATCH - FIXED Playwright	2025-12-21 18:55:51 -05:00
senke	e518b70067	stabilizing apps/web: SECOND BATCH - FIXING Playwright	2025-12-17 12:20:42 -05:00
senke	d341c8f847	stabilizing veza-backend-api: P1 & P2	2025-12-16 13:34:08 -05:00
senke	94555e7ae4	stabilizing veza-backend-api: phase 1	2025-12-16 11:23:49 -05:00
senke	feb7283cd4	refonte: backend-api go first; phase 1	2025-12-12 21:34:34 -05:00
okinrev	af70084298	report generation and future tasks selection	2025-12-08 19:57:54 +01:00
okinrev	5509885a4d	refactor(track): enforce unified api response envelope	2025-12-06 17:37:00 +01:00
okinrev	88a8bfdce0	feat(api): remediate missing openapi spec and annotate handlers	2025-12-06 17:34:18 +01:00
okinrev	65af2570a8	STABILISATION: phase 3–5 – API contract, tests & chat-server hardening	2025-12-06 17:21:59 +01:00
okinrev	a3f2f2c59b	P0: stabilisation backend/chat/stream + nouvelle base migrations v1 Backend Go: - Remplacement complet des anciennes migrations par la base V1 alignée sur ORIGIN. - Durcissement global du parsing JSON (BindAndValidateJSON + RespondWithAppError). - Sécurisation de config.go, CORS, statuts de santé et monitoring. - Implémentation des transactions P0 (RBAC, duplication de playlists, social toggles). - Ajout d’un job worker structuré (emails, analytics, thumbnails) + tests associés. - Nouvelle doc backend : AUDIT_CONFIG, BACKEND_CONFIG, AUTH_PASSWORD_RESET, JOB_WORKER_. Chat server (Rust): - Refonte du pipeline JWT + sécurité, audit et rate limiting avancé. - Implémentation complète du cycle de message (read receipts, delivered, edit/delete, typing). - Nettoyage des panics, gestion d’erreurs robuste, logs structurés. - Migrations chat alignées sur le schéma UUID et nouvelles features. Stream server (Rust): - Refonte du moteur de streaming (encoding pipeline + HLS) et des modules core. - Transactions P0 pour les jobs et segments, garanties d’atomicité. - Documentation détaillée de la pipeline (AUDIT_STREAM_, DESIGN_STREAM_PIPELINE, TRANSACTIONS_P0_IMPLEMENTATION). Documentation & audits: - TRIAGE.md et AUDIT_STABILITY.md à jour avec l’état réel des 3 services. - Cartographie complète des migrations et des transactions (DB_MIGRATIONS_*, DB_TRANSACTION_PLAN, AUDIT_DB_TRANSACTIONS, TRANSACTION_TESTS_PHASE3). - Scripts de reset et de cleanup pour la lab DB et la V1. Ce commit fige l’ensemble du travail de stabilisation P0 (UUID, backend, chat et stream) avant les phases suivantes (Coherence Guardian, WS hardening, etc.).	2025-12-06 11:14:38 +01:00
okinrev	fa20872585	adding initial backend API (Go)	2025-12-03 20:29:37 +01:00

13 commits