HarborForge.Backend

zhi/HarborForge.Backend

Fork 0

Commit Graph

Author	SHA1	Message	Date
zhi	88931d822d	Fix milestones 422 + acc-mgr user + reset-apikey endpoint - Fix: /milestones?project_id= now accepts project_code (str) not just int - Add: built-in acc-mgr user created on wizard init (account-manager role, no login, undeletable) - Add: POST /users/{id}/reset-apikey with permission-based access control - Add: GET /auth/me/apikey-permissions for frontend capability check - Add: user.reset-self-apikey and user.reset-apikey permissions - Protect admin and acc-mgr accounts from deletion - Block acc-mgr from login (/auth/token returns 403)	2026-03-22 05:39:03 +00:00
zhi	e5fd89f972	feat: add username-based user lookup and permission introspection endpoint - users router: accept username or id in get/update/delete/worklogs via _find_user_by_id_or_username() - auth router: add GET /auth/me/permissions for CLI help introspection (token → user → role → permissions)	2026-03-21 14:21:54 +00:00
Zhi	f60dc68b22	refactor: split monolithic main.py into FastAPI routers (v0.2.0) - app/api/deps.py: shared auth dependencies - app/api/routers/auth.py: login, me - app/api/routers/issues.py: CRUD, transition, assign, relations, tags, batch, search - app/api/routers/projects.py: CRUD, members, worklog summary - app/api/routers/users.py: CRUD, worklogs - app/api/routers/comments.py: CRUD - app/api/routers/webhooks.py: CRUD, logs, retry - app/api/routers/misc.py: API keys, activity, milestones, notifications, worklogs, export, dashboard - main.py: 1165 lines → 51 lines - Version bump to 0.2.0	2026-02-23 15:14:46 +00:00

Author

SHA1

Message

Date

zhi

88931d822d

Fix milestones 422 + acc-mgr user + reset-apikey endpoint

- Fix: /milestones?project_id= now accepts project_code (str) not just int
- Add: built-in acc-mgr user created on wizard init (account-manager role, no login, undeletable)
- Add: POST /users/{id}/reset-apikey with permission-based access control
- Add: GET /auth/me/apikey-permissions for frontend capability check
- Add: user.reset-self-apikey and user.reset-apikey permissions
- Protect admin and acc-mgr accounts from deletion
- Block acc-mgr from login (/auth/token returns 403)

2026-03-22 05:39:03 +00:00

zhi

e5fd89f972

feat: add username-based user lookup and permission introspection endpoint

- users router: accept username or id in get/update/delete/worklogs via _find_user_by_id_or_username()
- auth router: add GET /auth/me/permissions for CLI help introspection (token → user → role → permissions)

2026-03-21 14:21:54 +00:00

Zhi

f60dc68b22

refactor: split monolithic main.py into FastAPI routers (v0.2.0)

- app/api/deps.py: shared auth dependencies
- app/api/routers/auth.py: login, me
- app/api/routers/issues.py: CRUD, transition, assign, relations, tags, batch, search
- app/api/routers/projects.py: CRUD, members, worklog summary
- app/api/routers/users.py: CRUD, worklogs
- app/api/routers/comments.py: CRUD
- app/api/routers/webhooks.py: CRUD, logs, retry
- app/api/routers/misc.py: API keys, activity, milestones, notifications, worklogs, export, dashboard
- main.py: 1165 lines → 51 lines
- Version bump to 0.2.0

2026-02-23 15:14:46 +00:00

3 Commits