9be979ee90
feat(acadenice): add dual editor (WYSIWYG + markdown source) for R3.4
...
Custom bidirectional markdown converter (no new deps) with full round-trip
support for database-view, wikilink, mention nodes. DualEditor component wraps
PageEditor with a toolbar toggle (WYSIWYG<->markdown), lossy-switch modal, and
localStorage persistence per page. 77 tests covering 24 round-trip cases + 4
custom nodes + 9 edge cases. i18n FR+EN.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-05-08 01:18:29 +02:00
ba18a349d4
docs(fork): update ACADENICE_PATCHES.md Patch 010 for R3.3
2026-05-08 01:07:22 +02:00
8cd57f93b3
docs(fork): update ACADENICE_PATCHES.md Patch 009 for R3.2
2026-05-08 00:52:12 +02:00
ba8d8678a0
test(e2e): add data-testid attributes for Playwright e2e (Patch 008 R3.1.e)
...
Minimal testid additions to 4 renderer files so Playwright can target
stable selectors: table-renderer, cell-{rowId}-{fieldName}, kanban-board,
kanban-column-{label}, kanban-card-{rowId}, calendar-renderer,
inline-editor-input, inline-editor-readonly.
Also adds Dockerfile.e2e for the client build used in docker-compose.e2e.yml.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-05-08 00:37:39 +02:00
ea00386877
docs(fork): update ACADENICE_PATCHES.md Patch 007 for R3.1.d
2026-05-08 00:24:54 +02:00
71c2abad8a
feat(client): add database-view Tiptap extension for R3.1.c
...
- Tiptap Node extension (database-view) with attrs tableId/viewId/viewType/bridgeUrl
- NodeViewWrapper dispatches on viewType: grid/table -> TableRenderer, other -> PlaceholderRenderer
- TableRenderer (HTML table, TanStack Table v8 migration-ready - dep not yet installed)
- InsertDatabaseModal (Mantine, 2-step: table -> view selection)
- useDatabaseRealtimeUpdates SSE hook (EventSource + exponential backoff + React Query invalidation)
- bridge-client.ts (axios wrapper, per-origin singleton, cookie Bearer passthrough)
- Slash command /database registered in menu-items CommandGroups
- DatabaseViewExtension wired in mainExtensions array
- i18n: 22 keys added in en-US and fr-FR
- 41 Vitest tests across 5 suites (extension schema, component dispatch, renderer states, modal steps, SSE hook)
Upstream patches: extensions.ts (+2 lines), menu-items.ts (+4 lines), 2 translation files
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-05-08 00:07:33 +02:00
4d8bd250be
feat(rbac): R2.3a endpoint /permissions/me + frontend hook propre
2026-05-07 22:58:22 +02:00
022add9acc
feat(rbac): R2.2 frontend pages settings RBAC dynamique avec PermissionMatrix
...
- Pages /settings/roles (liste + filtres + create), /settings/roles/:id (matrix
permissions + danger zone), /settings/users/:userId/roles (multi-select +
preview union)
- PermissionMatrix : groupes Mantine cards, wildcard <group>:* qui grise les
individuals, admin:* qui court-circuite tout, indeterminate states, tooltips
avec descriptions du catalogue
- React Query hooks pour CRUD roles + assignations user-roles, notifications
Mantine sur succes / erreurs avec extraction du message backend
- Hook useAcadenicePermissions : best-effort lecture du claim JWT R2.1, fallback
sur role natif Docmost (defense en profondeur — backend reste source de verite)
- i18n complet FR + EN (~80 cles)
- Vitest + Testing Library introduits dans apps/client (devDeps + config + setup)
- 22 tests couvrant matrix wildcards, list filters, detail save/delete flow,
multi-select assignments
- Patches upstream minimaux : 3 routes ajoutees au router, 1 entree sidebar
(visible si canManageRoles)
- Documente comme Patch 004 dans ACADENICE_PATCHES.md
2026-05-07 22:42:39 +02:00
bcd861126f
feat(rbac): R2.1 backend RBAC dynamique multi-roles avec catalogue + 5 roles seed + JWT enrichi
2026-05-07 22:26:21 +02:00
06c46f7b9b
fix(oidc): defaut OIDC_SCOPES align Authentik (sans 'groups')
...
Authentik n'expose pas un scope 'groups' standard — demander ce scope
inconnu peut faire echouer l'authorize selon la config provider. Les
groups arrivent dans le claim 'groups' du scope 'profile' par defaut.
Defaut passe de 'openid email profile groups' vers 'openid email profile'.
Update env.example + ACADENICE_PATCHES.md doc associee.
2026-05-07 21:28:40 +02:00
07d0b66fda
feat(auth): Bloc 4b — OIDC client Authentik via openid-client (active par OIDC_ENABLED env)
...
Ajoute un flow d'authentification OIDC via Authentik (ou tout IdP conforme),
desactive par defaut. Le code est dormant tant que OIDC_ENABLED=true n'est
pas pose.
Server :
- apps/server/src/core/auth/oidc/oidc.module.ts (nouveau)
- apps/server/src/core/auth/oidc/oidc.service.ts (discovery + PKCE + callback + JIT provisioning)
- apps/server/src/core/auth/oidc/oidc.controller.ts (routes /api/auth/oidc/{login,callback,status})
- apps/server/src/core/auth/oidc/oidc.service.spec.ts (8 tests Jest, openid-client mocke)
- apps/server/src/integrations/environment/environment.service.ts : +9 getters OIDC
- apps/server/src/core/core.module.ts : +OidcModule dans imports
Client :
- apps/client/src/features/auth/queries/oidc-query.ts (hook useOidcStatus)
- apps/client/src/features/auth/components/oidc-login-button.tsx (bouton conditionnel)
- apps/client/src/features/auth/components/login-form.tsx : +OidcLoginButton
Securite :
- PKCE S256 obligatoire
- State CSRF en cookie httpOnly signe (5 min)
- Verification JWKS auto via openid-client v6
- Refetch userInfo apres echange du code
- JIT provisioning strict par defaut (OIDC_AUTO_PROVISION=false)
Lib : openid-client v6.8.2 (deja en deps), import lazy.
Documente dans ACADENICE_PATCHES.md (Patch 002) et .env.example.
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
2026-05-07 21:26:53 +02:00
efa26440a0
feat(rebrand): DocAdenice — patch initial sur le fork Acadenice
...
- Renomme app name visible 'Docmost' -> 'DocAdenice' (browser title, header, emails)
- Conserve identifiants techniques (package name, classes, imports, service docker)
- Ajoute ACADENICE_PATCHES.md avec changelog des patches Acadenice
2026-05-07 21:10:51 +02:00
