m/paliad
1
0
Fork 0
Code Issues 146 Pull Requests 8 Actions 3 Packages Projects Releases Wiki Activity
Files
3a41aa920918e9cc92a0d611258164b88d68cf6c
paliad/internal
History
m 3a41aa9209 feat(approvals/t-paliad-160 slice1+2): split policy + 409 handler 
m's locked redesign (2026-05-08 16:40): replace `required_role` (with
'none' sentinel) with two columns — `requires_approval boolean` (the
gate) + `min_role text` (the seniority threshold). Cleanly separates
"approval applies at all" from "who's allowed to approve".

M1 phase: additive migration 064 adds the columns, backfills from the
legacy required_role ('none' → false/NULL; else → true/role), and
rewrites paliad.approval_policy_effective() to most-strict-wins:
  - requires_approval := bool_or across project + ancestor + unit_default
  - min_role          := MAX(approval_role_level) among requires_approval=true
The legacy required_role column survives this slice as a dual-read
mirror (resolver returns it too) so any caller that hasn't cut over
keeps working. M2 will drop required_role.

Service layer (approval_service.go): LookupPolicy + GetEffectivePolicyOne
read the new columns; UpsertProjectPolicySplit / UpsertUnitPolicySplit
accept the new shape directly; legacy UpsertProjectPolicy /
UpsertUnitPolicy stay as thin shims that map required_role through
splitFromLegacy(). ApplyMatrixToDescendants writes both columns.

Handler 409 mapping (§B): writeServiceError now consults a shared
mapApprovalError() helper before falling through to the generic 500.
ErrConcurrentPending → HTTP 409 with body
{code: "awaiting_approval", message, request_id?, required_role?}.
PendingApprovalError wraps ErrConcurrentPending with the in-flight
request id + role so the UI knows which request to point a withdraw
button at. ErrNoQualifiedApprover, ErrSelfApproval, ErrNotApprover,
ErrRequestNotPending all mapped consistently. writeApprovalError
now defers to the same helper for shape consistency.

Models: ApprovalPolicy + EffectivePolicy gain RequiresApproval/MinRole
fields. RequiredRole stays as a dual-read mirror until M2.

Tests: TestMapApprovalError_* covers the four 409/403 branches and the
"no match — fall through" case. Existing approval service tests pass
unchanged.

Defers per task spec to follow-up slices:
  - A3 (admin UI 2-control flip)
  - C+E (badge + withdraw button on detail pages)
  - D   (/inbox Meine Anfragen visibility fix)
  - M2  (drop required_role column)
2026-05-08 16:54:45 +02:00
..
auth
chore(t-paliad-081): doc + dead-code batch (F-5/F-10/F-11/F-15/F-16/F-17/F-18)
2026-04-30 03:42:25 +02:00
branding
feat(t-paliad-065): firm-agnostic branding via single FIRM_NAME constant
2026-04-28 22:44:06 +02:00
calc
fix(t-paliad-130): cap GKG/RVG Streitwert at €30M (§34 GKG / §22(2) RVG)
2026-05-04 20:58:08 +02:00
changelog
revert(t-paliad-100): trim changelog backfill — keep only Event-Typen + UPC-Fristen
2026-05-03 13:09:37 +02:00
checklists
refactor(rename): German→English for backend (tables, types, services, handler files)
2026-04-20 17:35:38 +02:00
db
feat(approvals/t-paliad-160 slice1+2): split policy + 409 handler
2026-05-08 16:54:45 +02:00
handlers
feat(approvals/t-paliad-160 slice1+2): split policy + 409 handler
2026-05-08 16:54:45 +02:00
models
feat(approvals/t-paliad-160 slice1+2): split policy + 409 handler
2026-05-08 16:54:45 +02:00
offices
feat(t-paliad-065): firm-agnostic branding via single FIRM_NAME constant
2026-04-28 22:44:06 +02:00
services
feat(approvals/t-paliad-160 slice1+2): split policy + 409 handler
2026-05-08 16:54:45 +02:00
templates
feat(admin): /admin/email-templates editor (t-paliad-072)
2026-04-29 22:09:39 +02:00