5 Commits

Author	SHA1	Message	Date
zhi	39d4627be1	Fix milestones 422 + acc-mgr user + reset-apikey endpoint ... - Fix: /milestones?project_id= now accepts project_code (str) not just int - Add: built-in acc-mgr user created on wizard init (account-manager role, no login, undeletable) - Add: POST /users/{id}/reset-apikey with permission-based access control - Add: GET /auth/me/apikey-permissions for frontend capability check - Add: user.reset-self-apikey and user.reset-apikey permissions - Protect admin and acc-mgr accounts from deletion - Block acc-mgr from login (/auth/token returns 403)	2026-03-22 13:32:11 +00:00
zhi	271d5140e6	feat(users): switch account management to single-role model ... - add users.role_id for one global role per account - seed protected account-manager role with account.create permission - default new accounts to guest role - block admin role assignment through user management - allow account-manager permission to create accounts	2026-03-21 08:44:19 +00:00
zhi	7d42d567d1	feat(users): add admin-safe user management endpoints ... - require admin auth for user CRUD - support editable email/full name/password/admin/active fields - prevent self lockout and self deletion - return clear error when related records block deletion	2026-03-20 10:56:00 +00:00
zhi	214a9b109d	refactor: replace issues backend with milestone tasks	2026-03-16 13:22:14 +00:00
Zhi	f60dc68b22	refactor: split monolithic main.py into FastAPI routers (v0.2.0) ... - app/api/deps.py: shared auth dependencies - app/api/routers/auth.py: login, me - app/api/routers/issues.py: CRUD, transition, assign, relations, tags, batch, search - app/api/routers/projects.py: CRUD, members, worklog summary - app/api/routers/users.py: CRUD, worklogs - app/api/routers/comments.py: CRUD - app/api/routers/webhooks.py: CRUD, logs, retry - app/api/routers/misc.py: API keys, activity, milestones, notifications, worklogs, export, dashboard - main.py: 1165 lines → 51 lines - Version bump to 0.2.0	2026-02-23 15:14:46 +00:00