ibnezzoubayr/L-Ami-Fiduciaire
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Compare commits

base: ibnezzoubayr:bc100491f186edfac2e0581405006bb1df66b13a
Branches Tags
ibnezzoubayr:l-ami-fiduciaire-v1.0.0
...
compare: ibnezzoubayr:l-ami-fiduciaire-v1.0.0
Branches Tags
ibnezzoubayr:l-ami-fiduciaire-v1.0.0

3 Commits
bc100491f1 ... l-ami-fidu

Author SHA1 Message Date
Saad Zoubir
50f492668d chore: update .gitignore to exclude database, images, and artifacts 
Remove database.sqlite from tracking and add database/database.sqlite,
images/, blackalgo.jpg, and nul to .gitignore.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
 2026-03-27 16:18:32 +01:00
Saad Zoubir
88e5803061 feat: add team invitation acceptance flow with email link routing 
Implement end-to-end invitation acceptance: neutral entry route validates
token and routes to register (new users), login (existing users), or
auto-accepts (authenticated users). Handles 2FA token survival via
session, email case-insensitive matching, and dedicated error pages.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
 2026-03-27 15:16:45 +01:00
Saad Zoubir
8f39bd9b73 fix: resolve permission toggle persistence, nudge terminology, and bulk action bugs (Bugs #2-5) 
- Fix togglePermission() to always include all permission keys with false defaults
- Add migration to backfill null/empty Manager permissions with config defaults
- Rename nudge UI text from "Relance" to "Notification"/"Notifier" across 8 files
- Fix select-all checkbox and show checkboxes on all declaration rows
- Remove en_attente_client status restriction from BulkNotificationController

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
 2026-03-27 13:40:30 +01:00
31 changed files with 587 additions and 60 deletions
Expand all files Collapse all files

4
.gitignore vendored
View File

@@ -29,3 +29,7 @@ yarn-error.log
/.claude/settings.local.json
/.windsurf
/LandingPageApp
database/database.sqlite
images/
blackalgo.jpg
nul

14
_bmad-output/implementation-artifacts/deferred-work.md Normal file
View File

@@ -0,0 +1,14 @@
# Deferred Work
## From: tech-spec-fix-permission-nudge-bulk-bugs (2026-03-27)
- **Null contact_email guard in BulkNotificationController** — If a client exists but has null `contact_email`, `Mail::to(null)` will throw. Add a filter for non-null email before sending.
- **Cross-page selection UX on declarations page** — Navigating between pages clears selections silently. Consider persisting selections across pages or warning the user.
- **Bulk notify count mismatch UX** — When some selected declarations are filtered out (no client), the success message count differs from the selection count with no explanation. Consider showing skipped count.
- **Nudge email template null guards**`nudge-notification.blade.php` renders `$clientName`, `$declarationType`, `$dueDate` without null fallbacks, producing blank labels.
## From: tech-spec-team-invitation-acceptance (2026-03-27)
- **Race condition on concurrent invitation acceptance** — Two users clicking the same invitation link simultaneously could both pass `isValid()` before either sets `accepted_at`. Fix with `SELECT FOR UPDATE` or atomic `UPDATE WHERE accepted_at IS NULL`.
- **Multiple pending invitations per email/workspace** — No unique constraint on `[workspace_id, email]` in `team_invitations`. Multiple tokens can exist for the same email+workspace. Second token in `CreateNewUser` path would hit unique constraint on `workspace_user` and throw.
- **Vue cross-link URLs should come from PHP props** — Register.vue and Login.vue construct invitation-aware login/register URLs via JS string interpolation instead of receiving them as props from the controller.

2
_bmad-output/implementation-artifacts/sprint-status.yaml
View File

@@ -78,7 +78,7 @@ development_status:
3-2-one-click-nudge-system: done
3-3-notification-center-and-bell: done
3-4-bulk-client-notification-scheduling: done
3-5-email-notification-enhancement-for-key-events: review
3-5-email-notification-enhancement-for-key-events: done
epic-3-retrospective: optional
# Epic 4: Bulk Operations, Search & Advanced Filtering

85
_bmad-output/implementation-artifacts/tech-spec-fix-permission-nudge-bulk-bugs.md Normal file
View File

@@ -0,0 +1,85 @@
---
title: 'Fix permission persistence, nudge terminology, and bulk action bugs'
type: 'bugfix'
created: '2026-03-27'
status: 'done'
baseline_commit: 'bc100491f186edfac2e0581405006bb1df66b13a'
context: []
---
# Fix permission persistence, nudge terminology, and bulk action bugs
<frozen-after-approval reason="human-owned intent — do not modify unless human renegotiates">
## Intent
**Problem:** Three groups of bugs found during manual testing of Epics 1-3: (1) Manager permission toggles silently fail when `permissions` is null/empty because the payload omits required keys, (2) the nudge system incorrectly uses "Relance" which in this domain refers to client document requests, not manager-to-worker notifications, (3) bulk action checkboxes and select-all on the declarations page are broken and restricted to `en_attente_client` status only.
**Approach:** Fix the frontend permission payload to always include all keys with false defaults, add a data migration for existing null/empty rows, rename all nudge-context "Relance" to "Notification"/"Notifier", and remove the `en_attente_client` restriction from both the frontend checkbox rendering and backend query filter.
## Boundaries & Constraints
**Always:** Preserve "Relance" terminology where it refers to client document requests (Story 3.4 bulk notifications). All permission keys from `availablePermissions` must be sent in every toggle request.
**Ask First:** Any changes to the DeclarationInvitation creation logic or email templates beyond what's specified.
**Never:** Rename "Relance" in the bulk client notification system. Change permission validation rules in UpdatePermissionsRequest. Alter the nudge throttling logic.
## I/O & Edge-Case Matrix
| Scenario | Input / State | Expected Output / Behavior | Error Handling |
|----------|--------------|---------------------------|----------------|
| Toggle permission with null DB | Manager has `permissions: null` | All 3 keys sent, toggle persists | N/A |
| Toggle permission with partial DB | Manager has only `can_manage_team: true` | Missing keys default to false, all 3 sent | N/A |
| Select-all on mixed statuses | Page has draft, processing, en_attente_client rows | All rows selected | N/A |
| Bulk notify non-en_attente_client | Select a `draft` declaration and notify | Invitation created, email queued | N/A |
| Bulk notify declaration without client | Declaration has no client | Filtered out, not sent | Warning if all filtered |
</frozen-after-approval>
## Code Map
- `resources/js/pages/team/Index.vue` -- togglePermission() builds payload from availablePermissions base
- `database/migrations/2026_03_27_000001_backfill_manager_permissions.php` -- backfills null/empty manager permissions
- `app/Http/Controllers/NudgeController.php` -- flash messages use "Notification" instead of "Relance"
- `app/Mail/NudgeNotificationMail.php` -- email subject uses "Notification"
- `app/Enums/NotificationType.php` -- nudge label changed to "Notification"
- `resources/views/emails/nudge-notification.blade.php` -- email body uses "Notification"
- `resources/js/components/declarations/NudgePopover.vue` -- button/text uses "notification"
- `resources/js/pages/Dashboard.vue` -- dropdown item "Notifier" instead of "Relancer"
- `resources/js/components/NotificationDropdown.vue` -- nudge description uses "Notification"
- `resources/js/pages/notifications/Index.vue` -- nudge description uses "Notification"
- `resources/js/pages/declarations/Index.vue` -- checkboxes on all rows, select-all targets all visible
- `app/Http/Controllers/BulkNotificationController.php` -- removed en_attente_client status filter
## Tasks & Acceptance
**Execution:**
- [x] `resources/js/pages/team/Index.vue` -- Build base object from availablePermissions keys with false defaults before spreading member permissions
- [x] `database/migrations/2026_03_27_000001_backfill_manager_permissions.php` -- Create migration to update manager rows with null/empty permissions to config defaults
- [x] `app/Http/Controllers/NudgeController.php` -- Replace "Relance" with "Notification" in flash messages
- [x] `app/Mail/NudgeNotificationMail.php` -- Replace "Relance" with "Notification" in email subject
- [x] `app/Enums/NotificationType.php` -- Change nudge label from "Relance" to "Notification"
- [x] `resources/views/emails/nudge-notification.blade.php` -- Replace "Relance"/"relance" with "Notification"/"notification"
- [x] `resources/js/components/declarations/NudgePopover.vue` -- Replace "relance" with "notification" in button text
- [x] `resources/js/pages/Dashboard.vue` -- Replace "Relancer" with "Notifier" in dropdown
- [x] `resources/js/components/NotificationDropdown.vue` -- Replace "Relance" with "Notification" in nudge descriptions
- [x] `resources/js/pages/notifications/Index.vue` -- Replace "Relance" with "Notification" in nudge descriptions
- [x] `resources/js/pages/declarations/Index.vue` -- Remove eligibleDeclarations filter, show checkboxes on all rows, fix select-all to target all visible rows
- [x] `app/Http/Controllers/BulkNotificationController.php` -- Remove `->where('status', DeclarationStatus::EnAttenteClient)` filter
**Acceptance Criteria:**
- Given a Manager with null permissions in DB, when an Owner toggles a permission, then the toggle persists after page reload
- Given the declarations page with mixed-status rows, when clicking the header checkbox, then all visible rows are selected
- Given 1+ rows selected (any status), when clicking "Notifier les clients", then the BulkActionBar appears and notifications are sent
- Given a nudge is sent, when viewing the notification or email, then "Notification" appears instead of "Relance"
- Given a bulk client notification is sent (Story 3.4), then "Relance" terminology is preserved (not renamed)
## Verification
**Manual checks (if no CLI):**
- Toggle a Manager permission, navigate away, return — toggle state persists
- On declarations page, click header checkbox — all rows selected regardless of status
- Select rows, verify BulkActionBar appears with "Notifier les clients" button
- Send a nudge, check notification dropdown shows "Notification de X sur Y"
- Verify bulk client notification UI still shows correct terminology

90
_bmad-output/implementation-artifacts/tech-spec-team-invitation-acceptance.md Normal file
View File

@@ -0,0 +1,90 @@
---
title: 'Team Invitation Acceptance Flow'
type: 'feature'
created: '2026-03-27'
status: 'done'
baseline_commit: '8f39bd9'
context: ['_bmad-output/project-context.md']
---
# Team Invitation Acceptance Flow
<frozen-after-approval reason="human-owned intent — do not modify unless human renegotiates">
## Intent
**Problem:** Clicking the team invitation email link lands on a standard registration page that ignores the invitation token. New users register without being attached to the inviting workspace; existing users have no acceptance path at all.
**Approach:** Create a neutral entry route `/team/invitation/{token}/accept` that validates the token and routes to the correct flow: auto-accept for authenticated users, redirect to login (with message) for existing accounts, or redirect to register (with pre-filled email) for new users. Modify `CreateNewUser` to process the invitation token after registration. Update both auth Vue pages to pass the token through.
## Boundaries & Constraints
**Always:**
- Validate invitation via `TeamInvitation::isValid()` at every entry point
- Attach user to workspace using role from invitation + default permissions from `config('permissions.defaults')`
- Set `current_workspace_id` in session after acceptance
- Mark invitation `accepted_at = now()` in a DB transaction
- Show a dedicated error page for invalid/expired tokens
**Ask First:**
- Any changes to the invitation email subject or body beyond the URL
**Never:**
- Modify Fortify's core auth pipeline or middleware stack
- Allow accepting an invitation for an email that doesn't match the authenticated user's email
- Allow a user who is already a member of the workspace to re-accept
## I/O & Edge-Case Matrix
| Scenario | Input / State | Expected Output / Behavior | Error Handling |
|----------|--------------|---------------------------|----------------|
| New user, valid token | Guest visits `/team/invitation/{token}/accept` | Redirect to `/register?invitation={token}` with email pre-filled and read-only | N/A |
| New user completes registration | POST register with `invitation` field | User created, attached to workspace, session set, redirect to `/dashboard` | N/A |
| Existing user, authenticated, valid token | Auth user visits `/team/invitation/{token}/accept` | Auto-accept: attach to workspace, set session, redirect to `/dashboard` with success flash | N/A |
| Existing user, not authenticated | Guest with existing account visits entry route | Redirect to `/login?invitation={token}` with status message | N/A |
| Post-login with invitation token | User logs in with `invitation` query param | Process invitation after login, redirect to dashboard | N/A |
| Expired token | Any visitor | Dedicated error page: "Cette invitation a expiré" | Inertia error page |
| Already-accepted token | Any visitor | Dedicated error page: "Cette invitation a deja ete utilisee" | Inertia error page |
| Email mismatch (auth user email != invitation email) | Auth user visits entry route | Error flash: "Cette invitation est destinee a une autre adresse email" + redirect back | Redirect with error |
| Already a workspace member | Auth user visits entry route | Flash "Vous etes deja membre de cet espace de travail" + redirect to dashboard | Redirect with info |
</frozen-after-approval>
## Code Map
- `app/Http/Controllers/TeamInvitationAcceptController.php` -- NEW: entry route controller, handles routing logic and acceptance for authenticated users
- `app/Actions/Fortify/CreateNewUser.php` -- ADD: invitation processing after user creation
- `app/Providers/FortifyServiceProvider.php` -- MODIFY: pass invitation data to register/login views, add custom registration response
- `resources/js/pages/auth/Register.vue` -- MODIFY: accept invitation props, pre-fill email, add hidden field
- `resources/js/pages/auth/Login.vue` -- MODIFY: accept invitation prop, pass token through form, show invitation message
- `routes/web.php` -- ADD: `/team/invitation/{token}/accept` route
- `app/Mail/TeamInvitationMail.php` -- MODIFY: change URL to new acceptance route
- `resources/js/pages/auth/InvitationError.vue` -- NEW: dedicated error page for invalid/expired tokens
- `app/Http/Responses/RegisterResponse.php` -- NEW: custom Fortify response to redirect to dashboard with workspace session after invitation registration
## Tasks & Acceptance
**Execution:**
- [ ] `app/Http/Controllers/TeamInvitationAcceptController.php` -- Create single-action controller with `__invoke()`: validate token, check auth state, check if email has existing account, route accordingly
- [ ] `routes/web.php` -- Add `GET /team/invitation/{token}/accept` route (no auth middleware, publicly accessible)
- [ ] `resources/js/pages/auth/InvitationError.vue` -- Create error page with `AuthLayout`, show message + link to home
- [ ] `app/Providers/FortifyServiceProvider.php` -- Update `registerView` to pass `invitation` query param and invitation email as props; update `loginView` to pass `invitation` query param
- [ ] `resources/js/pages/auth/Register.vue` -- Accept `invitation` and `invitationEmail` props, pre-fill email (read-only when invitation present), add hidden `invitation` input
- [ ] `resources/js/pages/auth/Login.vue` -- Accept `invitation` prop, add hidden `invitation` input, show invitation status message
- [ ] `app/Actions/Fortify/CreateNewUser.php` -- After user creation: if `invitation` token present, validate, attach workspace, mark accepted, set session
- [ ] `app/Http/Responses/RegisterResponse.php` -- Create custom `RegisterResponse` implementing `Fortify\Contracts\RegisterResponse`: if session has `invitation_workspace_id`, redirect to `/dashboard`; bind in `FortifyServiceProvider`
- [ ] `app/Mail/TeamInvitationMail.php` -- Change `registerUrl` to `route('team.invitation.accept', $this->invitation->token)`
**Acceptance Criteria:**
- Given a new user clicks the invitation email link, when they complete registration, then they are attached to the workspace with the correct role and land on the workspace dashboard
- Given an authenticated user clicks the invitation link, when the token is valid and email matches, then they are auto-attached and redirected to the dashboard with the new workspace active
- Given a non-authenticated user with an existing account clicks the link, when they log in, then the invitation is processed and they land on the workspace dashboard
- Given an expired or used token, when any user visits the link, then they see a clear French-language error page
- Given an email mismatch between authenticated user and invitation, when they visit the link, then they see an error and are not attached
## Verification
**Commands:**
- `composer test` -- expected: all existing tests pass (no regressions)
- `npm run lint` -- expected: no lint errors
- `composer lint` -- expected: no PHP formatting errors

24
app/Actions/Fortify/CreateNewUser.php
View File

@@ -4,7 +4,9 @@ namespace App\Actions\Fortify;
use App\Concerns\PasswordValidationRules;
use App\Concerns\ProfileValidationRules;
use App\Models\TeamInvitation;
use App\Models\User;
use Illuminate\Support\Facades\DB;
use Illuminate\Support\Facades\Validator;
use Laravel\Fortify\Contracts\CreatesNewUsers;
@@ -24,10 +26,30 @@ class CreateNewUser implements CreatesNewUsers
'password' => $this->passwordRules(),
])->validate();
return User::create([
$user = User::create([
'name' => $input['name'],
'email' => $input['email'],
'password' => $input['password'],
]);
if (! empty($input['invitation'])) {
$invitation = TeamInvitation::where('token', $input['invitation'])->first();
if ($invitation && $invitation->isValid() && strtolower($user->email) === strtolower($invitation->email)) {
DB::transaction(function () use ($user, $invitation) {
$user->workspaces()->attach($invitation->workspace_id, [
'role' => $invitation->role,
'permissions' => json_encode(config("permissions.defaults.{$invitation->role}", [])),
]);
$invitation->update(['accepted_at' => now()]);
});
session(['current_workspace_id' => $invitation->workspace_id]);
session(['invitation_accepted' => true]);
}
}
return $user;
}
}

5
app/Enums/NotificationType.php
View File

@@ -16,6 +16,8 @@ final class NotificationType extends Enum
const StatusChanged = 'status_changed';
const Mention = 'mention';
/**
* Get French display labels for each notification type.
*
@@ -24,11 +26,12 @@ final class NotificationType extends Enum
public static function labels(): array
{
return [
self::Nudge => 'Relance',
self::Nudge => 'Notification',
self::DeclarationOverdue => 'Déclaration en retard',
self::DocumentUploaded => 'Document téléversé',
self::BulkNotification => 'Notification groupée',
self::StatusChanged => 'Statut modifié',
self::Mention => 'Mention',
];
}
}

2
app/Http/Controllers/BulkNotificationController.php
View File

@@ -3,7 +3,6 @@
namespace App\Http\Controllers;
use App\Concerns\HasWorkspaceScope;
use App\Enums\DeclarationStatus;
use App\Http\Requests\BulkNotifyRequest;
use App\Mail\DeclarationFileRequestMail;
use App\Models\Declaration;
@@ -24,7 +23,6 @@ class BulkNotificationController extends Controller
$declarations = Declaration::where('workspace_id', $workspace->id)
->forUser($user, $workspaceUser)
->where('status', DeclarationStatus::EnAttenteClient)
->whereIn('id', $request->validated('declaration_ids'))
->with('client')
->get()

4
app/Http/Controllers/NudgeController.php
View File

@@ -44,7 +44,7 @@ class NudgeController extends Controller
->exists();
if ($recentNudge) {
return back()->with('flash', ['type' => 'warning', 'message' => 'Relance déjà envoyée récemment']);
return back()->with('flash', ['type' => 'warning', 'message' => 'Notification déjà envoyée récemment']);
}
$assignee->notify(new NudgeNotification($declaration, $request->user()));
@@ -56,6 +56,6 @@ class NudgeController extends Controller
Cache::forget("user:{$assignee->id}:workspace:{$workspace->id}:unread_notifications");
return back()->with('flash', ['type' => 'success', 'message' => 'Relance envoyée à '.$assignee->name]);
return back()->with('flash', ['type' => 'success', 'message' => 'Notification envoyée à '.$assignee->name]);
}
}

103
app/Http/Controllers/TeamInvitationAcceptController.php Normal file
View File

@@ -0,0 +1,103 @@
<?php
namespace App\Http\Controllers;
use App\Models\TeamInvitation;
use App\Models\User;
use App\Models\WorkspaceUser;
use Illuminate\Http\RedirectResponse;
use Illuminate\Support\Facades\Auth;
use Illuminate\Support\Facades\DB;
use Inertia\Inertia;
use Inertia\Response;
class TeamInvitationAcceptController extends Controller
{
/**
* Handle team invitation acceptance.
*/
public function __invoke(string $token): Response|RedirectResponse
{
$invitation = TeamInvitation::where('token', $token)->first();
if (! $invitation) {
return Inertia::render('auth/InvitationError', [
'title' => 'Invitation introuvable',
'message' => 'Ce lien d\'invitation est invalide ou n\'existe pas.',
'homeUrl' => url('/'),
]);
}
if (! $invitation->isValid()) {
$message = $invitation->accepted_at !== null
? 'Cette invitation a déjà été acceptée.'
: 'Cette invitation a expiré.';
return Inertia::render('auth/InvitationError', [
'title' => 'Invitation invalide',
'message' => $message,
'homeUrl' => url('/'),
]);
}
if (Auth::check()) {
return $this->handleAuthenticatedUser($invitation);
}
return $this->handleUnauthenticatedUser($invitation);
}
/**
* Handle invitation acceptance for authenticated users.
*/
protected function handleAuthenticatedUser(TeamInvitation $invitation): Response|RedirectResponse
{
/** @var User $user */
$user = Auth::user();
if (strtolower($user->email) !== strtolower($invitation->email)) {
return Inertia::render('auth/InvitationError', [
'title' => 'Adresse email incorrecte',
'message' => 'Cette invitation est destinée à une autre adresse email.',
'homeUrl' => url('/'),
]);
}
$alreadyMember = WorkspaceUser::where('workspace_id', $invitation->workspace_id)
->where('user_id', $user->id)
->exists();
if ($alreadyMember) {
return redirect()->route('dashboard')->with('info', 'Vous êtes déjà membre de cet espace de travail.');
}
DB::transaction(function () use ($user, $invitation) {
$user->workspaces()->attach($invitation->workspace_id, [
'role' => $invitation->role,
'permissions' => json_encode(config("permissions.defaults.{$invitation->role}", [])),
]);
$invitation->update(['accepted_at' => now()]);
});
session(['current_workspace_id' => $invitation->workspace_id]);
return redirect()->route('dashboard')->with('success', 'Vous avez rejoint l\'espace de travail avec succès.');
}
/**
* Handle invitation acceptance for unauthenticated users.
*/
protected function handleUnauthenticatedUser(TeamInvitation $invitation): RedirectResponse
{
$existingUser = User::where('email', $invitation->email)->first();
if ($existingUser) {
return redirect()
->to(route('login', ['invitation' => $invitation->token]))
->with('status', 'Connectez-vous pour rejoindre l\'espace de travail');
}
return redirect()->to(route('register', ['invitation' => $invitation->token]));
}
}

61
app/Http/Responses/LoginResponse.php Normal file
View File

@@ -0,0 +1,61 @@
<?php
namespace App\Http\Responses;
use App\Models\TeamInvitation;
use App\Models\WorkspaceUser;
use Illuminate\Http\JsonResponse;
use Illuminate\Support\Facades\DB;
use Laravel\Fortify\Contracts\LoginResponse as LoginResponseContract;
class LoginResponse implements LoginResponseContract
{
/**
* Create an HTTP response that represents the object.
*
* @param \Illuminate\Http\Request $request
* @return \Symfony\Component\HttpFoundation\Response
*/
public function toResponse($request)
{
$token = $request->input('invitation')
?? $request->session()->pull('pending_invitation_token');
if ($token) {
$invitation = TeamInvitation::where('token', $token)->first();
$user = $request->user();
if ($invitation && $invitation->isValid() && strtolower($invitation->email) === strtolower($user->email)) {
$alreadyMember = WorkspaceUser::where('workspace_id', $invitation->workspace_id)
->where('user_id', $user->id)
->exists();
if (! $alreadyMember) {
DB::transaction(function () use ($user, $invitation) {
$user->workspaces()->attach($invitation->workspace_id, [
'role' => $invitation->role,
'permissions' => json_encode(config("permissions.defaults.{$invitation->role}", [])),
]);
$invitation->update(['accepted_at' => now()]);
});
} else {
session(['current_workspace_id' => $invitation->workspace_id]);
return redirect()->intended('/dashboard');
}
session(['current_workspace_id' => $invitation->workspace_id]);
return redirect()->intended('/dashboard');
}
}
// Clean up session token if present but not used
$request->session()->forget('pending_invitation_token');
return $request->wantsJson()
? new JsonResponse('', 204)
: redirect()->intended(config('fortify.home'));
}
}

26
app/Http/Responses/RegisterResponse.php Normal file
View File

@@ -0,0 +1,26 @@
<?php
namespace App\Http\Responses;
use Illuminate\Http\JsonResponse;
use Laravel\Fortify\Contracts\RegisterResponse as RegisterResponseContract;
class RegisterResponse implements RegisterResponseContract
{
/**
* Create an HTTP response that represents the object.
*
* @param \Illuminate\Http\Request $request
* @return \Symfony\Component\HttpFoundation\Response
*/
public function toResponse($request)
{
if ($request->session()->pull('invitation_accepted')) {
return redirect()->intended('/dashboard');
}
return $request->wantsJson()
? new JsonResponse('', 201)
: redirect()->intended(config('fortify.home'));
}
}

2
app/Mail/NudgeNotificationMail.php
View File

@@ -22,7 +22,7 @@ class NudgeNotificationMail extends Mailable
public function envelope(): Envelope
{
return new Envelope(
subject: 'Relance - '.($this->declaration->title ?? 'Sans titre'),
subject: 'Notification - '.($this->declaration->title ?? 'Sans titre'),
);
}

2
app/Mail/TeamInvitationMail.php
View File

@@ -48,7 +48,7 @@ class TeamInvitationMail extends Mailable implements ShouldQueue
with: [
'workspaceName' => $this->workspace->name,
'roleLabel' => $roleLabels[$this->invitation->role] ?? $this->invitation->role,
'registerUrl' => route('register', ['invitation' => $this->invitation->token]),
'acceptUrl' => route('team.invitation.accept', $this->invitation->token),
'expiresAt' => $this->invitation->expires_at->format('d/m/Y à H:i'),
]
);

3
app/Notifications/DeclarationMentionNotification.php
View File

@@ -2,6 +2,7 @@
namespace App\Notifications;
use App\Enums\NotificationType;
use App\Models\Declaration;
use App\Models\User;
use Illuminate\Bus\Queueable;
@@ -33,6 +34,8 @@ class DeclarationMentionNotification extends Notification implements ShouldQueue
public function toDatabase(object $notifiable): array
{
return [
'workspace_id' => $this->declaration->workspace_id,
'notification_type' => NotificationType::Mention,
'declaration_id' => $this->declaration->id,
'declaration_title' => $this->declaration->title,
'mentioned_by_id' => $this->mentionedBy->id,

3
app/Notifications/NudgeNotification.php
View File

@@ -48,6 +48,7 @@ class NudgeNotification extends Notification implements ShouldQueue
public function toMail(object $notifiable): NudgeNotificationMail
{
return new NudgeNotificationMail($this->declaration, $this->sender);
return (new NudgeNotificationMail($this->declaration, $this->sender))
->to($notifiable->email);
}
}

45
app/Providers/FortifyServiceProvider.php
View File

@@ -20,7 +20,15 @@ class FortifyServiceProvider extends ServiceProvider
*/
public function register(): void
{
//
$this->app->singleton(
\Laravel\Fortify\Contracts\RegisterResponse::class,
\App\Http\Responses\RegisterResponse::class
);
$this->app->singleton(
\Laravel\Fortify\Contracts\LoginResponse::class,
\App\Http\Responses\LoginResponse::class
);
}
/**
@@ -47,11 +55,21 @@ class FortifyServiceProvider extends ServiceProvider
*/
private function configureViews(): void
{
Fortify::loginView(fn (Request $request) => Inertia::render('auth/Login', [
'canResetPassword' => Features::enabled(Features::resetPasswords()),
'canRegister' => Features::enabled(Features::registration()),
'status' => $request->session()->get('status'),
]));
Fortify::loginView(function (Request $request) {
$props = [
'canResetPassword' => Features::enabled(Features::resetPasswords()),
'canRegister' => Features::enabled(Features::registration()),
'status' => $request->session()->get('status'),
];
$token = $request->query('invitation');
if ($token) {
$props['invitation'] = $token;
$request->session()->put('pending_invitation_token', $token);
}
return Inertia::render('auth/Login', $props);
});
Fortify::resetPasswordView(fn (Request $request) => Inertia::render('auth/ResetPassword', [
'email' => $request->email,
@@ -66,7 +84,20 @@ class FortifyServiceProvider extends ServiceProvider
'status' => $request->session()->get('status'),
]));
Fortify::registerView(fn () => Inertia::render('auth/Register'));
Fortify::registerView(function (Request $request) {
$props = [];
$token = $request->query('invitation');
if ($token) {
$invitation = \App\Models\TeamInvitation::where('token', $token)->first();
if ($invitation && $invitation->isValid()) {
$props['invitation'] = $token;
$props['invitationEmail'] = $invitation->email;
}
}
return Inertia::render('auth/Register', $props);
});
Fortify::twoFactorChallengeView(fn () => Inertia::render('auth/TwoFactorChallenge'));

BIN
database/database.sqlite
View File

Binary file not shown.

34
database/migrations/2026_03_27_000001_backfill_manager_permissions.php Normal file
View File

@@ -0,0 +1,34 @@
<?php
use Illuminate\Database\Migrations\Migration;
use Illuminate\Support\Facades\DB;
return new class extends Migration
{
/**
* Backfill Manager workspace_user rows that have null or empty permissions
* with the defaults from config('permissions.defaults.manager').
*/
public function up(): void
{
$defaults = json_encode(config('permissions.defaults.manager'));
DB::table('workspace_user')
->where('role', 'manager')
->where(function ($query) {
$query->whereNull('permissions')
->orWhere('permissions', '[]')
->orWhere('permissions', 'null')
->orWhere('permissions', '');
})
->update(['permissions' => $defaults]);
}
/**
* Reverse the migration (no-op we cannot know original values).
*/
public function down(): void
{
// Cannot reverse: original null/empty values are indistinguishable
}
};

4
resources/js/components/NotificationDropdown.vue
View File

@@ -74,8 +74,8 @@ function getDescription(notification: NotificationItem): string {
switch (type) {
case 'nudge':
return sender
? `Relance de ${sender} sur ${title}`
: `Relance sur ${title}`;
? `Notification de ${sender} sur ${title}`
: `Notification sur ${title}`;
case 'declaration_overdue':
return `Déclaration en retard : ${title}`;
case 'document_uploaded':

4
resources/js/components/declarations/NudgePopover.vue
View File

@@ -48,7 +48,7 @@ function sendNudge() {
>
<div class="space-y-3">
<p class="text-sm">
Envoyer une relance à
Envoyer une notification à
<span class="font-medium">{{
assigneeName ?? 'Non assigné'
}}</span>
@@ -60,7 +60,7 @@ function sendNudge() {
@click="sendNudge"
>
<Send class="mr-2 h-4 w-4" />
Envoyer une relance
Envoyer une notification
</Button>
</div>
</PopoverContent>

2
resources/js/pages/Dashboard.vue
View File

@@ -367,7 +367,7 @@ function navigateToDeclaration(declaration: DashboardDeclaration): void {
<Send
class="mr-2 h-4 w-4"
/>
Relancer
Notifier
</DropdownMenuItem>
<DropdownMenuItem
disabled

31
resources/js/pages/auth/InvitationError.vue Normal file
View File

@@ -0,0 +1,31 @@
<script setup lang="ts">
import { Head } from '@inertiajs/vue3';
import TextLink from '@/components/TextLink.vue';
import AuthBase from '@/layouts/AuthLayout.vue';
type Props = {
title: string;
message: string;
homeUrl: string;
};
defineProps<Props>();
</script>
<template>
<AuthBase
:title="title"
:description="message"
>
<Head :title="title" />
<div class="flex flex-col items-center gap-4">
<TextLink
:href="homeUrl"
class="underline underline-offset-4"
>
Retour à l'accueil
</TextLink>
</div>
</AuthBase>
</template>

18
resources/js/pages/auth/Login.vue
View File

@@ -12,11 +12,21 @@ import { register } from '@/routes';
import { store } from '@/routes/login';
import { request } from '@/routes/password';
defineProps<{
type Props = {
status?: string;
canResetPassword: boolean;
canRegister: boolean;
}>();
invitation?: string;
};
const props = withDefaults(defineProps<Props>(), {
status: undefined,
invitation: undefined,
});
const registerUrl = props.invitation
? `${register()}?invitation=${props.invitation}`
: register();
</script>
<template>
@@ -39,6 +49,8 @@ defineProps<{
v-slot="{ errors, processing }"
class="flex flex-col gap-6"
>
<input v-if="invitation" type="hidden" name="invitation" :value="invitation" />
<div class="grid gap-6">
<div class="grid gap-2">
<Label for="email">Email address</Label>
@@ -103,7 +115,7 @@ defineProps<{
v-if="canRegister"
>
Don't have an account?
<TextLink :href="register()" :tabindex="5">Sign up</TextLink>
<TextLink :href="registerUrl" :tabindex="5">Sign up</TextLink>
</div>
</Form>
</AuthBase>

28
resources/js/pages/auth/Register.vue
View File

@@ -9,14 +9,28 @@ import { Spinner } from '@/components/ui/spinner';
import AuthBase from '@/layouts/AuthLayout.vue';
import { login } from '@/routes';
import { store } from '@/routes/register';
type Props = {
invitation?: string;
invitationEmail?: string;
};
const props = withDefaults(defineProps<Props>(), {
invitation: undefined,
invitationEmail: undefined,
});
const loginUrl = props.invitation
? `${login()}?invitation=${props.invitation}`
: login();
</script>
<template>
<AuthBase
title="Create an account"
description="Enter your details below to create your account"
:title="invitation ? 'Rejoindre l\'espace de travail' : 'Create an account'"
:description="invitation ? 'Créez votre compte pour accepter l\'invitation' : 'Enter your details below to create your account'"
>
<Head title="Register" />
<Head :title="invitation ? 'Rejoindre l\'espace de travail' : 'Register'" />
<Form
v-bind="store.form()"
@@ -24,6 +38,8 @@ import { store } from '@/routes/register';
v-slot="{ errors, processing }"
class="flex flex-col gap-6"
>
<input v-if="invitation" type="hidden" name="invitation" :value="invitation" />
<div class="grid gap-6">
<div class="grid gap-2">
<Label for="name">Name</Label>
@@ -49,7 +65,9 @@ import { store } from '@/routes/register';
:tabindex="2"
autocomplete="email"
name="email"
placeholder="email@example.com"
:placeholder="invitationEmail ?? 'email@example.com'"
:value="invitationEmail"
:readonly="!!invitationEmail"
/>
<InputError :message="errors.email" />
</div>
@@ -97,7 +115,7 @@ import { store } from '@/routes/register';
<div class="text-center text-sm text-muted-foreground">
Already have an account?
<TextLink
:href="login()"
:href="loginUrl"
class="underline underline-offset-4"
:tabindex="6"
>Log in</TextLink

31
resources/js/pages/declarations/Index.vue
View File

@@ -59,32 +59,19 @@ watch(() => props.declarations.data, () => {
selectedIds.value = [];
});
const eligibleDeclarations = computed(() =>
props.declarations.data.filter(
(d) => d.status === 'en_attente_client',
),
);
const allEligibleSelected = computed(
const allSelected = computed(
() =>
eligibleDeclarations.value.length > 0 &&
eligibleDeclarations.value.every((d) =>
props.declarations.data.length > 0 &&
props.declarations.data.every((d) =>
selectedIds.value.includes(d.id),
),
);
function toggleSelectAll(checked: boolean | 'indeterminate') {
if (checked === true) {
const eligibleIds = eligibleDeclarations.value.map((d) => d.id);
const merged = new Set([...selectedIds.value, ...eligibleIds]);
selectedIds.value = [...merged];
selectedIds.value = props.declarations.data.map((d) => d.id);
} else {
const eligibleIds = new Set(
eligibleDeclarations.value.map((d) => d.id),
);
selectedIds.value = selectedIds.value.filter(
(id) => !eligibleIds.has(id),
);
selectedIds.value = [];
}
}
@@ -168,9 +155,9 @@ const columnCount = computed(() => (props.canBulkNotify ? 7 : 6));
class="h-10 w-10 px-4 text-center align-middle"
>
<Checkbox
:checked="allEligibleSelected"
:checked="allSelected"
:disabled="
eligibleDeclarations.length === 0
declarations.data.length === 0
"
@update:checked="toggleSelectAll"
/>
@@ -218,10 +205,6 @@ const columnCount = computed(() => (props.canBulkNotify ? 7 : 6));
class="px-4 py-3 text-center"
>
<Checkbox
v-if="
declaration.status ===
'en_attente_client'
"
:checked="
selectedIds.includes(
declaration.id,

4
resources/js/pages/notifications/Index.vue
View File

@@ -53,8 +53,8 @@ function getDescription(notification: AppNotification): string {
switch (type) {
case 'nudge':
return sender
? `Relance de ${sender} sur ${title}`
: `Relance sur ${title}`;
? `Notification de ${sender} sur ${title}`
: `Notification sur ${title}`;
case 'declaration_overdue':
return `Déclaration en retard : ${title}`;
case 'document_uploaded':

5
resources/js/pages/team/Index.vue
View File

@@ -139,7 +139,12 @@ function openPermissionsDialog(member: TeamMember) {
function togglePermission(key: string, value: boolean) {
if (!permissionsMember.value?.permissionsUrl) return;
// Ensure ALL permission keys are present, defaulting missing keys to false
const base = Object.fromEntries(
Object.keys(props.availablePermissions).map((k) => [k, false]),
);
const updatedPermissions = {
...base,
...permissionsMember.value.permissions,
[key]: value,
};

4
resources/views/emails/nudge-notification.blade.php
View File

@@ -1,9 +1,9 @@
<x-mail::message>
# Relance
# Notification
Bonjour,
**{{ $senderName }}** de **{{ $firmName }}** vous envoie une relance concernant la déclaration suivante :
**{{ $senderName }}** de **{{ $firmName }}** vous envoie une notification concernant la déclaration suivante :
- **Client :** {{ $clientName }}
- **Type :** {{ $declarationType }}

4
resources/views/emails/team-invitation.blade.php
View File

@@ -5,9 +5,9 @@ Bonjour,
Vous êtes invité(e) à rejoindre le cabinet **{{ $workspaceName }}** en tant que **{{ $roleLabel }}**.
Cliquez sur le bouton ci-dessous pour créer votre compte et rejoindre l'équipe.
Cliquez sur le bouton ci-dessous pour rejoindre l'équipe.
<x-mail::button :url="$registerUrl" color="primary">
<x-mail::button :url="$acceptUrl" color="primary">
Rejoindre l'équipe
</x-mail::button>

3
routes/web.php
View File

@@ -7,6 +7,9 @@ Route::inertia('/', 'Welcome', [
'canRegister' => Features::enabled(Features::registration()),
])->name('home');
Route::get('team/invitation/{token}/accept', \App\Http\Controllers\TeamInvitationAcceptController::class)
->name('team.invitation.accept');
Route::middleware(['auth', 'verified'])->group(function () {
Route::get('dashboard', \App\Http\Controllers\DashboardController::class)->name('dashboard');
Route::post('workspace/switch', \App\Http\Controllers\WorkspaceSwitchController::class)