studio/sbbb
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

(all) add organizations, resources, channels, and infra migration (#34)

Browse Source 
Add multi-tenant organization model populated from OIDC claims with
org-scoped user discovery, CalDAV principal filtering, and cross-org
isolation at the SabreDAV layer.

Add bookable resource principals (rooms, equipment) with CalDAV
auto-scheduling that handles conflict detection, auto-accept/decline,
and org-scoped booking enforcement. Fixes #14.

Replace CalendarSubscriptionToken with a unified Channel model
supporting CalDAV integration tokens and iCal feed URLs, with
encrypted token storage and role-based access control. Fixes #16.

Migrate task queue from Celery to Dramatiq with async ICS import,
progress tracking, and task status polling endpoint.

Replace nginx with Caddy for both the reverse proxy and frontend
static serving. Switch frontend package manager from yarn/pnpm to
npm and upgrade Node to 24, Next.js to 16, TypeScript to 5.9.

Harden security with fail-closed entitlements, RSVP rate limiting
and token expiry, CalDAV proxy path validation blocking internal
API routes, channel path scope enforcement, and ETag-based
conflict prevention.

Add frontend pages for resource management and integration channel
CRUD, with resource booking in the event modal.

Restructure CalDAV paths to /calendars/users/ and
/calendars/resources/ with nested principal collections in SabreDAV.
This commit is contained in:
Sylvain Zimmer
2026-03-09 09:09:34 +01:00
committed by GitHub
parent cd2b15b3b5
commit 9c18f96090
176 changed files with 26903 additions and 12108 deletions
Download Patch File Download Diff File Expand all files Collapse all files

54
CLAUDE.md
View File

@@ -18,44 +18,39 @@ In this project, you can create events, invite people to events, create calendar
### Development Setup
```bash
make bootstrap # Initial setup: builds containers, runs migrations, starts services
make run # Start all services (backend + frontend containers)
make run-backend # Start backend services only (for local frontend development)
make start # Start all services (backend + frontend containers)
make start-back # Start backend services only (for local frontend development)
make stop # Stop all containers
make down # Stop and remove containers, networks, volumes
make update # Update project after pulling changes
```
### Backend Development
```bash
make test-back -- path/to/test.py::TestClass::test_method # Run specific test
make test-back-parallel # Run all tests in parallel
make lint # Run ruff + pylint
make lint # Run all linters (back + front)
make lint-back # Run back-end linters only
make migrate # Run Django migrations
make makemigrations # Create new migrations
make shell # Django shell
make dbshell # PostgreSQL shell
make shell-back-django # Django shell
make shell-db # PostgreSQL shell
```
### Frontend Development
```bash
make frontend-development-install # Install frontend dependencies locally
make run-frontend-development # Run frontend locally (after run-backend)
make frontend-lint # Run ESLint on frontend
cd src/frontend/apps/calendars && yarn test # Run frontend tests
cd src/frontend/apps/calendars && yarn test:watch # Watch mode
make install-front # Install frontend dependencies
make lint-front # Run ESLint on frontend
make typecheck-front # Run TypeScript type checker
make test-front # Run frontend tests
cd src/frontend/apps/calendars && npm test # Run frontend tests (local)
cd src/frontend/apps/calendars && npm run test:watch # Watch mode (local)
```
### E2E Tests
```bash
make run-tests-e2e # Run all e2e tests
make run-tests-e2e -- --project chromium --headed # Run with specific browser
```
### Internationalization
```bash
make i18n-generate # Generate translation files
make i18n-compile # Compile translations
make crowdin-upload # Upload sources to Crowdin
make crowdin-download # Download translations from Crowdin
make test-e2e # Run all e2e tests
make test-e2e -- --project chromium --headed # Run with specific browser
```
## Architecture
@@ -70,14 +65,14 @@ make crowdin-download # Download translations from Crowdin
- `tests/` - pytest test files
### Frontend Structure (`src/frontend/`)
Yarn workspaces monorepo:
npm workspaces:
- `apps/calendars/` - Main Next.js application
- `src/features/` - Feature modules (calendar, auth, api, i18n, etc.)
- `src/pages/` - Next.js pages
- `src/hooks/` - Custom React hooks
- `apps/e2e/` - Playwright end-to-end tests
### CalDAV Server (`docker/sabredav/`)
### CalDAV Server (`src/caldav/`)
PHP SabreDAV server providing CalDAV protocol support, running against the shared PostgreSQL database.
**IMPORTANT: Never query the SabreDAV database tables directly from Django.** Always interact with CalDAV through the SabreDAV HTTP API (PROPFIND, REPORT, PUT, etc.).
@@ -86,14 +81,13 @@ PHP SabreDAV server providing CalDAV protocol support, running against the share
| Service | URL / Port | Description |
|---------|------------|-------------|
| **Frontend** | [http://localhost:8920](http://localhost:8920) | Next.js Calendar frontend |
| **Backend API** | [http://localhost:8921](http://localhost:8921) | Django REST API |
| **CalDAV** | [http://localhost:8922](http://localhost:8922) | SabreDAV CalDAV server |
| **Nginx** | [http://localhost:8923](http://localhost:8923) | Reverse proxy (frontend + API) |
| **Redis** | 8924 | Cache and Celery broker |
| **Keycloak** | [http://localhost:8925](http://localhost:8925) | OIDC identity provider |
| **PostgreSQL** | 8926 | Database server |
| **Mailcatcher** | [http://localhost:8927](http://localhost:8927) | Email testing interface |
| **Frontend** | [http://localhost:8930](http://localhost:8930) | Next.js Calendar frontend |
| **Backend API** | [http://localhost:8931](http://localhost:8931) | Django REST API |
| **CalDAV** | [http://localhost:8932](http://localhost:8932) | SabreDAV CalDAV server |
| **Redis** | 8934 | Cache and Celery broker |
| **Keycloak** | [http://localhost:8935](http://localhost:8935) | OIDC identity provider |
| **PostgreSQL** | 8936 | Database server |
| **Mailcatcher** | [http://localhost:8937](http://localhost:8937) | Email testing interface |
## Key Technologies