This website requires JavaScript.
Explore
Help
Sign In
larvit
/
plainpages
Watch
3
Star
0
Fork
0
You've already forked plainpages
Code
Issues
1
Pull Requests
3
Actions
3
Packages
Projects
Releases
Wiki
Activity
145
Commits
7
Branches
3
Tags
9c5b521ede8dafaf3ba48adacf1f3bf8383138e9
Commit Graph
6 Commits
Author
SHA1
Message
Date
lilleman
0644ec8f5a
CI: nightly registry cleanup - prune hash images not release-tagged nor a branch head
CI / full-gate (push)
Successful in 2m40s
Details
Mirror / github-mirror (push)
Successful in 0s
Details
2026-07-04 09:18:07 +02:00
lilleman
2202bdbaa0
config/ becomes an empty drop-in mount; examples/ mirrors the mount dirs; plugins & config import the host via #plugin-api/#menu-config subpath imports
2026-07-01 23:19:48 +02:00
lilleman
fe97c3854a
Move reference plugin to examples/scheduling-plugin; plugins/ ships empty as a drop-in mount point, e2e bind-mounts the example
2026-06-27 00:02:26 +02:00
lilleman
f189f88942
§7 reference plugin (todo §7); plugins/scheduling is the worked example of the plugin contract — a list page fetching upstream data, a CSRF-guarded form forwarding writes upstream, permission-gated nav. shifts.ts: an injectable-fetch upstream REST client (stateless stand-in for the customer backend) + thin handler factories (list filters by ?q + degrades to a recoverable page on upstream-down; create CSRF-guards via ctx.verifyCsrf, validates, forwards, PRG, 502 on upstream 4xx). plugin.ts: apiVersion literal, namespaced scheduling:read/write perms, nav gated so the whole Scheduling header vanishes for non-holders. Views compose the core building blocks around the native app shell, incl. the plugin's own partials/shift-form. New host capability so a plugin page is native + secure (src/chrome.ts buildPluginChrome): ctx.chrome = brand/global-nav/user/theme/csrf for partials/shell (global menu = Dashboard + every plugin nav fragment + gated admin section, role-filtered + current-marked); ctx.verifyCsrf = the host's bound double-submit verifier (secret stays in the host). Both added to RequestContext (defaulted in buildContext), built per plugin route in app.ts (CSRF cookie set when fresh). Dashboard merges plugin nav fragments too (gated => invisible to anonymous, visual E2E byte-identical). Out of the box: bootstrap grants the demo admin scheduling:read/write (seedAdmin generalized to a roles list, env ADMIN_ROLES); dev compose runs a tiny stdlib mock upstream (examples/shifts-upstream, SCHEDULING_UPSTREAM). plugins/ added to tsconfig + the npm test glob. Tests-first across shifts/chrome/app/dashboard/bootstrap. README Building-a-plugin + Layout and docs/plugin-contract.md (ctx.chrome/verifyCsrf, upstream pattern) updated. typecheck + 296 units + the Ory-free visual E2E green (plugin discovered at boot, routes/nav gated, dashboard unchanged); live full-stack boot-verified (stack up with plugin + mock upstream serving the seeded shifts, bootstrap grants in real Keto all allowed:true) then torn down. apiVersion stays 1.0.0 (contract still assembled in §7). Authenticated browser happy-path deferred to §8 full E2E (line 114).
2026-06-19 14:48:27 +02:00
lilleman
952dd03cc2
Add config/menu.ts central override + branding (todo §2); loadMenuConfig validates+merges, override applied to nav, branding into shell
2026-06-16 15:52:03 +02:00
lilleman
4eed701419
Scaffold Docker-only Node 24 + TypeScript EJS web backend
2026-06-14 11:45:30 +02:00