nexus

bao/nexus

Fork 0

Commit Graph

Author	SHA1	Message	Date
devops	1df663f57c	fix: AdminController roles hardened (owner+admin) + SettingsView visibility CI - Build & Test / Backend (.NET) (push) Successful in 31s Details CI - Build & Test / Frontend (Vue/TS) (push) Successful in 19s Details CI - Build & Test / Security Check (push) Successful in 5s Details - [Authorize(Roles = "owner,admin")] statt nur owner – admin darf jetzt ebenfalls User verwalten - CreateUser erlaubt nur Rollen admin\|user\|viewer; owner ist blockiert - UpdateUserRole erlaubt nur admin\|user\|viewer; owner kann weder gesetzt noch überschrieben werden; admin darf andere admins nicht ändern und sich nicht selbst herabstufen - SettingsView: canManageUsers = role owner \|\| admin statt nur owner - UI-Dropdown zeigt nur admin\|user\|viewer (owner als Kommentar notiert)	2026-06-20 14:27:24 +02:00
devops	e4091eee80	feat: Multi-User/Admin usermanagement + Galaxy Login/Settings + Task detail improvements CI - Build & Test / Backend (.NET) (push) Successful in 35s Details CI - Build & Test / Frontend (Vue/TS) (push) Successful in 20s Details CI - Build & Test / Security Check (push) Successful in 4s Details - Backend: NEW AdminController with user CRUD (GET/POST/DELETE /api/v1/admin/users) - Backend: NEW GET /api/dashboard/tasks/{id} single task endpoint - Backend: NEW POST /api/dashboard/tasks/{id}/activity comment endpoint - Backend: IUserRepository + UserRepository extended with GetAllAsync, DeleteAsync - Backend: Admin DTOs (AdminUserInfo, AdminCreateUserRequest, AdminUpdateRoleRequest) - Frontend: NEW TaskDetailView.vue — URL-based (/tasks/:id) Galaxy-themed task detail with subtask create/edit/delete, activity with comments, property sidebar - Frontend: LoginView.vue — полностью Galaxy theme redesign with GalaxyBackground, glass-morphism card, password toggle, consistent brand - Frontend: SettingsView.vue — Galaxy theme redesign with glass cards, admin user management section (create/list users, visible only to owner role) - Frontend: TaskBoardView.vue — added "Full View" link to URL-based detail page - Frontend: Router — added /tasks/:id route for TaskDetailView - Frontend: App.vue — added TaskDetail to standaloneViews whitelist - Frontend: tasks store — stable Auth: Admin creates accounts, users log in with existing /api/v1/auth/login. Login/Settings deliver visible Galaxy-consistent design with nexus-tokens.css tokens.	2026-06-20 14:24:40 +02:00

Author

SHA1

Message

Date

devops

1df663f57c

fix: AdminController roles hardened (owner+admin) + SettingsView visibility

CI - Build & Test / Backend (.NET) (push) Successful in 31s

Details

CI - Build & Test / Frontend (Vue/TS) (push) Successful in 19s

Details

CI - Build & Test / Security Check (push) Successful in 5s

Details

- [Authorize(Roles = "owner,admin")] statt nur owner – admin darf jetzt
  ebenfalls User verwalten
- CreateUser erlaubt nur Rollen admin|user|viewer; owner ist blockiert
- UpdateUserRole erlaubt nur admin|user|viewer; owner kann weder gesetzt
  noch überschrieben werden; admin darf andere admins nicht ändern
  und sich nicht selbst herabstufen
- SettingsView: canManageUsers = role owner || admin statt nur owner
- UI-Dropdown zeigt nur admin|user|viewer (owner als Kommentar notiert)

2026-06-20 14:27:24 +02:00

devops

e4091eee80

feat: Multi-User/Admin usermanagement + Galaxy Login/Settings + Task detail improvements

CI - Build & Test / Backend (.NET) (push) Successful in 35s

Details

CI - Build & Test / Frontend (Vue/TS) (push) Successful in 20s

Details

CI - Build & Test / Security Check (push) Successful in 4s

Details

- Backend: NEW AdminController with user CRUD (GET/POST/DELETE /api/v1/admin/users)
- Backend: NEW GET /api/dashboard/tasks/{id} single task endpoint
- Backend: NEW POST /api/dashboard/tasks/{id}/activity comment endpoint
- Backend: IUserRepository + UserRepository extended with GetAllAsync, DeleteAsync
- Backend: Admin DTOs (AdminUserInfo, AdminCreateUserRequest, AdminUpdateRoleRequest)
- Frontend: NEW TaskDetailView.vue — URL-based (/tasks/:id) Galaxy-themed task detail
  with subtask create/edit/delete, activity with comments, property sidebar
- Frontend: LoginView.vue — полностью Galaxy theme redesign with GalaxyBackground,
  glass-morphism card, password toggle, consistent brand
- Frontend: SettingsView.vue — Galaxy theme redesign with glass cards,
  admin user management section (create/list users, visible only to owner role)
- Frontend: TaskBoardView.vue — added "Full View" link to URL-based detail page
- Frontend: Router — added /tasks/:id route for TaskDetailView
- Frontend: App.vue — added TaskDetail to standaloneViews whitelist
- Frontend: tasks store — stable

Auth: Admin creates accounts, users log in with existing /api/v1/auth/login.
Login/Settings deliver visible Galaxy-consistent design with nexus-tokens.css tokens.

2026-06-20 14:24:40 +02:00

2 Commits