AcadeNice/Wiki
1
0
Fork 0
Code Issues Pull requests Releases Activity Actions

docs(session): RECAP fin session 2026-05-07 — pivot Notion-like + R1 + R2.x livres
Some checks are pending
CI / Security scan (push) Waiting to run
Details
CI / Lint bridge (Biome) (push) Waiting to run
Details
CI / Type-check bridge (push) Blocked by required conditions
Details
CI / Tests unit bridge (push) Blocked by required conditions
Details
CI / Tests integration bridge (push) Blocked by required conditions
Details
CI / Docker build + healthcheck (push) Blocked by required conditions
Details

Browse source
This commit is contained in:
Corentin JOGUET 2026-05-07 23:05:51 +02:00
parent a79c51e6f2
commit 9fbdbd0cf3
1 changed files with 71 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

72
_byan-output/fast-app/formation-hub/SESSION-RESUME.md
View file

@ -1,4 +1,74 @@
# SESSION RESUME — formation-hub Acadenice (last update 2026-05-07 R2.3b) # SESSION RESUME — formation-hub Acadenice (last update 2026-05-07 fin de session, post R2.3b)
## RECAP SESSION 2026-05-07 (lecture obligatoire post-/compact)
### Pivot strategique majeur acte
DocAdenice n'est plus un outil metier formation-hub mais un **produit Notion-like generique**. Le bridge a ete refactor (R1) pour supprimer l'ontologie metier (Personne/Formation/Bloc/Module/Attribution/Client/Projet/Tache/Intervention) au profit de routes generiques `/api/v1/tables/*`. Le metier formation-hub vit dans `examples/acadenice-formation-hub/`.
### Memoire perso a jour
- `feedback_no_mvp.md` : Corentin refuse les MVP / shortcuts. Production-like des le jour 1.
- `user_role.md` : ancien conseil "MVP first" marque OBSOLETE.
- `MEMORY.md` index cree.
### Etat des chantiers (commits, ordres chronologique de la session)
**Bridge formation-hub (`bridge/`, push origin+selfhost)** :
```
a79c51e R2.3b bridge accepte JWT HMAC DocAdenice via DOCMOST_APP_SECRET
2ed73fa R1 refactor proxy generique style Notion
0cf6533 Bloc 5 rate limit + cache invalidation cote writes
571f5c3 Bloc 4 OIDC-ready (Authentik JWKS + service tokens)
8b42cbc chore docmost upstream clone + rename setup
022b1ee Bloc 7 webhooks Baserow + Docmost stub (HMAC + idempotence)
c4f087b Bloc 6 tests integration adapters via testcontainers
```
Bridge state : 292/292 tests verts, coverage globale 89.54% lines, 3 sources d'auth Bearer (brg_*, RS256 Authentik, HS256 DocAdenice).
**Fork DocAdenice (`docmost/`, gitignored, branche `acadenice/main`, local-only)** :
```
4d8bd25 R2.3a /api/acadenice/permissions/me + frontend hook React Query propre
022add9 R2.2 frontend pages settings RBAC (PermissionMatrix, sidebar, i18n FR+EN)
bcd8611 R2.1 backend RBAC dynamique (catalogue 22 perms, 5 roles seed, JWT enrichi)
06c46f7 fix scopes Authentik (groups dans profile, pas un scope standard)
07d0b66 Bloc 4b OIDC client Authentik via openid-client v6.8.2
efa2644 rebrand DocAdenice (titres + emails, identifiants techniques KEEP)
```
### Ce qui marche end-to-end (en local)
- Bridge expose `/api/v1/tables/*` (CRUD generique Baserow)
- Frontend DocAdenice `/settings/roles` + matrix permissions + assignation users
- JWT DocAdenice enrichi avec `acadenice_permissions[]` au sign
- Bridge consume le claim direct (pas de mapping)
- 3 modes auth Bearer cohabitent
### Catalogue 22 permissions atomiques (en code TS, fork)
```
pages:read|write|delete|share, space:read|create|write|delete|invite,
tables:list|create|write|delete, rows:read|write|delete,
attachments:upload|delete, users:invite|write|delete, roles:manage, admin:*
```
### 5 roles classiques pre-seed (`is_system_role=true`)
Owner=`admin:*`, Admin=tout sauf `*:delete` et `roles:manage`, Editor, Member, Guest.
### Suite immediate : R3 — Tiptap node-views Notion-like (4 sous-blocs)
- **R3.1** database-view inline (embed une table/kanban/calendar Baserow dans une page)
- **R3.2** backlinks bidirec (page A reference B → B liste les references entrantes)
- **R3.3** slash commands custom (declarer ses propres `/foo` extensibles)
- **R3.4** dual editor (code raw markdown + WYSIWYG)
### TODO connus non bloquants
- Hook `WorkspaceService.create` pour seed live RBAC (actuellement seed au prochain boot)
- Audit log mutations role/assignation
- Mapping group sync OIDC -> acadenice_role (sync user.groups Authentik vers acadenice_user_role)
- Pagination liste roles (assume < 100 / workspace)
- Section "Members" dans page detail role
- Endpoint admin debug `GET /permissions/me/effective?for=<userId>`
### Push pending au fork
Quand un fork remote `acadenice` sera cree (Forgejo ou GitHub fork), push toute la branche `acadenice/main` du repo `docmost/` sur ce remote. Aujourd'hui les commits sont local-only.
---
## CHANGELOG R2.3b — Bridge accepte JWT HMAC DocAdenice (mode local sans Authentik) ## CHANGELOG R2.3b — Bridge accepte JWT HMAC DocAdenice (mode local sans Authentik)