Commit Graph

685 Commits

Author SHA1 Message Date
56c3f9c8e1 Merge pull request 'Add password change field on user's own page (#46)' (#71) from feature/password-change-self-service into develop
Reviewed-on: #71
Reviewed-by: Samuele Lorefice <aironenerowork@gmail.com>
2026-07-10 08:42:59 +00:00
b59c3b68ec fix: wire profile icon in navbar to user profile page 2026-07-10 10:37:35 +02:00
47eef8aad0 fix: center profile card on page 2026-07-10 10:33:55 +02:00
d4e0af2c29 refactor(ui): complete user profile page redesign with card layout 2026-07-10 10:32:18 +02:00
9e4b0ecb27 fix: auto-close modal on password change success, add page-level success message 2026-07-10 10:29:07 +02:00
64220d0818 fix: propagate server-side error messages from UpdateUserAsync to UI 2026-07-10 10:23:27 +02:00
55af7dccec refactor(ui): replace inline password form with modal 2026-07-10 10:22:39 +02:00
3bddd4385d feat: add server-side password policy validation (admin bypass) 2026-07-10 10:22:36 +02:00
d8927d90c2 docs: add granular commit convention to AGENTS.md 2026-07-10 10:15:25 +02:00
afad073d0c feat: add password change UI with strength bar and validation on user profile page 2026-07-10 10:15:05 +02:00
15b3fcedf1 feat: enforce old-password verification on own password change, allow admin override 2026-07-10 10:15:03 +02:00
3f56f9afdc feat: add OldPassword field to UserUpdateDto for self-service password change 2026-07-10 10:15:01 +02:00
c541c45e9b docs: add Gitea repo owner note to AGENTS.md 2026-07-10 10:14:58 +02:00
459079d708 Merge pull request 'refactor(auth): remove redundant SendWithRefreshAsync, enforce JwtTokenRefresher as sole handler' (#69) from feature/remove-sendwithrefreshasync into develop
Reviewed-on: #69
Reviewed-by: Fastwind <fastwind@noreply.localhost>
Reviewed-by: Samuele Lorefice <aironenerowork@gmail.com>
2026-07-09 23:47:08 +00:00
REDCODE
220581579b refactor(auth): remove SendWithRefreshAsync, rely solely on JwtTokenRefresher
- Remove SendWithRefreshAsync method from AuthServiceBase (now dead code)
- Replace all 15 SendWithRefreshAsync call sites in 7 services with
  direct Client.XxxAsync calls
- Remove unused using System.Net from AuthServiceBase
- Update AGENTS.md to document JwtTokenRefresher as the sole token
  refresh mechanism
2026-07-10 01:12:31 +02:00
REDCODE
254e98b37b refactor(auth): extract AuthServiceBase, replace retry with re-auth on 401
- Move AuthServiceBase from ServiceBase.cs into its own file
- Replace FetchLoggedUserAsync retry loop with re-authentication on
  failure, then single recursive retry
- Fix override keyword order in App.razor OnInitializedAsync
- Clean up MainLayout.razor inject (unqualified type name)
2026-07-10 01:01:17 +02:00
REDCODE
652143d738 feat: allow users to update own albums and curators to update any album
- Users: changed from blanket Forbid to ownership check (can update own albums)
- Curators: changed from ownership check to full access (can update any album)
2026-07-09 23:46:02 +02:00
5a74edd29f Merge pull request 'CSS/UI fixes for cosplayers page and image previewer' (#67) from feature/CSS-UI-Fixes into develop
Reviewed-on: #67
Reviewed-by: Samuele Lorefice <aironenerowork@gmail.com>
2026-07-09 21:31:52 +00:00
REDCODE
7f447077b0 feat: make album name in image previewer an anchor element for native navigation 2026-07-09 23:27:18 +02:00
REDCODE
b813c32756 fix(#62): lock body scroll when modal forms open to prevent position:fixed breakage on mobile
- PersonForm and AlbumForm now call lockBodyScroll/unlockBodyScroll via JS
  when Show state changes, preventing the body scroll context from
  interfering with position:fixed on mobile browsers
- added minimal mobile CSS: align-items:flex-start, padding-top, and
  reduced max-height:85vh on modal-content for small viewports
- safe disposal: unlocks body scroll on DisposeAsync if modal was open
2026-07-09 22:54:57 +02:00
REDCODE
cdd2e9a1ef fix(#62): use explicit top/left/right/bottom instead of inset, add !important to ensure position:fixed takes effect on mobile 2026-07-09 22:49:24 +02:00
REDCODE
64bee6c92a revert: restore docker-compose.yml — testing-only CORS/baseUrl changes committed by accident 2026-07-09 22:45:21 +02:00
REDCODE
870ebb06f8 fix(#62): move mobile modal fix to global MilkyShot.css — scoped ::deep cannot pierce PersonForm root element
fix(AlbumCard): add null check for Album.Person before rendering link

The ::deep combinator in CosplayerDetail.razor.css cannot target
.modal-overlay rendered by the PersonForm child component because
Blazor's CSS isolation applies the child's scope attribute to its
root, and ::deep only strips the parent's scope — it doesn't match
elements bearing only the child's scope.
2026-07-09 22:43:27 +02:00
REDCODE
2f7cd3d7da fix: resolve UI issues #61, #62, #66
- #61: wrap standalone fallback div in cosplayer-card-img-wrap on
  Cosplayers page so placeholder icon gets proper sizing/positioning
- #62: add mobile breakpoint rule for modal-overlay so edit form
  appears centered on small screens instead of at page bottom
- #66: make cosplayer name in ImagePreview, AlbumDetail, AlbumCard,
  and Home asset tiles a clickable link to /cosplayer/{id}
- add CosplayerIds to AssetPreviewDto and populate via mapper for
  linked navigation from the home page image previewer
2026-07-09 22:36:07 +02:00
18ddcf681f Merge pull request 'feat: migrate to UTC timestamps — remove legacy Npgsql behavior' (#65) from feature/utctimezone into develop
Reviewed-on: #65
Reviewed-by: Samuele Lorefice <aironenerowork@gmail.com>
2026-07-09 19:57:43 +00:00
MrFastwind
ede759b50b feat: migrate to UTC timestamps — remove legacy Npgsql timestamp behavior
- Remove EnableLegacyTimestampBehavior switch from Program.cs
- Add ConfigureConventions to DbContext pinning DateTime → timestamptz
- Add migration to convert all 17 DateTime columns across 5 tables
  (Albums, Assets, Users, People, JobRecords) with safe AT TIME ZONE 'UTC'
- Add Roslyn analyzer (MS001-MS004) enforcing UTC-only DateTime at compile time
  with code fix provider for auto-replacement
- Fix pre-existing DateTime.Now in AuthController.cs:119
- Add AllowMissingPrunePackageData to work around .NET 10 SDK issue
2026-07-09 21:43:46 +02:00
9f74bc91a9 chore: Added the test images folder to the dockerignore avoiding them being sent every time a docker build starts 2026-07-09 18:46:16 +02:00
8922dbcc57 Merge branch 'fix/mobile-ui-responsive-fixes' into develop
Closes #49

Integrates responsive mobile UI fixes on top of the cosplayers pages
(#55) without conflicts. All 19 files from PR #49 merged cleanly; the
two overlapping files (NavMenu.razor, Albums.razor) were auto-merged
correctly with the cosplayers features preserved.
2026-07-09 18:34:02 +02:00
095a2bdce0 Merge pull request 'feat(ui): cosplayers pages — browse and discover cosplayers' (#55) from feature/cosplayers-pages into develop
Reviewed-on: #55
Reviewed-by: Samuele Lorefice <aironenerowork@gmail.com>
2026-07-09 16:00:02 +00:00
b807e4b636 feat: infinite scroll for albums on cosplayer detail page 2026-07-09 17:53:42 +02:00
9c17843dec fix: cache random banner covers in field, not computed on every render 2026-07-09 17:48:12 +02:00
c1aafc4223 refactor: replace individual albumPage/albumSize params with PagedParametersDto in person detail endpoint 2026-07-09 17:42:37 +02:00
a8d06959b5 feat: person hard delete with album cascade, AlbumCard select mode, cosplayer list multi-select 2026-07-09 17:07:43 +02:00
dbbb25da32 fix: create AlbumSearchParametersDto, add album pagination to person detail, fix duplicate XML param 2026-07-09 16:46:18 +02:00
9f180742cd fix(test): update name assertion to match renamed person 2026-07-09 16:40:32 +02:00
e8c1a80264 test: all tests create their own data — create album returns ID, all mutations use self-created resources 2026-07-09 16:38:43 +02:00
7e16c77cb6 test: use real album from search for update test, not zero-GUID fallback 2026-07-09 16:36:01 +02:00
8f6a4396db test: add album update test without removePerson field 2026-07-09 16:34:47 +02:00
34fbbc91a0 chore(test): remove Swagger test — disabled in container environments 2026-07-09 16:32:47 +02:00
9be49ac9c6 fix(test): use response.body directly instead of JSON.parse (already parsed object) 2026-07-09 16:32:00 +02:00
c96b22fe62 fix(tests): fix pre-existing auth route tests and handle empty unassigned albums gracefully 2026-07-09 16:30:53 +02:00
7f50d3c3e2 test(api): add comprehensive http tests for all person and album endpoints 2026-07-09 16:26:11 +02:00
191cba4946 fix(pr): implement BulkUpdate, BulkDelete, revert docker-compose, explain [FromQuery] 2026-07-09 16:22:51 +02:00
a38f627ca4 feat(dto): add RemovePerson flag to AlbumUpdateDto for explicit person unlinking 2026-07-09 15:56:20 +02:00
f31b753182 refactor(dto): move Unassigned filter into PagedSearchParametersDto 2026-07-09 15:54:02 +02:00
1377d02520 fix: prevent album title from being overwritten when only setting Person in update DTO 2026-07-09 15:19:03 +02:00
bac1ad0afc fix(build): remove stray semicolon in onclick lambda 2026-07-09 15:16:01 +02:00
fa434b180d fix(api): allow unlinking person from album by directly assigning null PersonOwnerId 2026-07-09 15:12:34 +02:00
4d169e6303 docs: add API reuse convention to AGENTS.md — prefer optional query params over new endpoints 2026-07-09 15:10:05 +02:00
e1d7822b7c refactor(api): fold unassigned album filter into search endpoint via query param 2026-07-09 15:09:09 +02:00