feat: implement audit trail alignment (soft delete & permission audit)
- Task Soft Delete:
- Add is_deleted, deleted_at, deleted_by fields to Task model
- Convert DELETE to soft delete with cascade to subtasks
- Add include_deleted query param (admin only)
- Add POST /api/tasks/{id}/restore endpoint
- Exclude deleted tasks from subtask_count
- Permission Change Audit:
- Add user.role_change event (high sensitivity)
- Add user.admin_change event (critical, triggers alert)
- Add PATCH /api/users/{id}/admin endpoint
- Add role.permission_change event type
- Append-Only Enforcement:
- Add DB triggers for audit_logs immutability (manual for production)
- Migration 008 with graceful trigger failure handling
- Tests: 11 new soft delete tests (153 total passing)
- OpenSpec: fix-audit-trail archived, fix-realtime-notifications & fix-weekly-report proposals added
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
This commit is contained in:
beabigegg
50
openspec/changes/fix-realtime-notifications/proposal.md
Normal file
50
openspec/changes/fix-realtime-notifications/proposal.md
Normal file
@@ -0,0 +1,50 @@
|
||||
# Change: Fix Real-time Notifications Alignment
|
||||
|
||||
## Why
|
||||
現行實作與 collaboration spec 的 Real-time Notifications requirement 有以下差距:
|
||||
1. 通知僅寫入資料庫,未透過 WebSocket 即時推播
|
||||
2. 未使用 Redis Pub/Sub 處理多 process 推播
|
||||
3. 使用者連線時未補送未讀通知
|
||||
|
||||
## What Changes
|
||||
- **WebSocket Manager** - 建立 WebSocket 連線管理模組
|
||||
- **Redis Pub/Sub** - 整合 Redis 處理跨 process 通知推播
|
||||
- **NotificationService** - 新增即時推播呼叫
|
||||
- **API** - 新增 `/ws/notifications` WebSocket endpoint
|
||||
- **Frontend** - 整合 WebSocket 接收即時通知
|
||||
|
||||
## Impact
|
||||
- Affected specs: `collaboration`
|
||||
- Affected code:
|
||||
- `backend/app/core/websocket.py` - 新增 WebSocket 管理
|
||||
- `backend/app/core/redis_pubsub.py` - 新增 Redis Pub/Sub 服務
|
||||
- `backend/app/services/notification_service.py` - 加入即時推播
|
||||
- `backend/app/api/notifications/router.py` - 新增 WebSocket endpoint
|
||||
- `frontend/src/services/websocket.ts` - 新增 WebSocket client
|
||||
- `frontend/src/contexts/NotificationContext.tsx` - 整合即時通知
|
||||
|
||||
## Implementation Phases
|
||||
|
||||
### Phase 1: WebSocket Infrastructure
|
||||
- WebSocket 連線管理器
|
||||
- 使用者連線/斷線處理
|
||||
- 連線時補送未讀通知
|
||||
|
||||
### Phase 2: Redis Pub/Sub Integration
|
||||
- Redis Pub/Sub 服務封裝
|
||||
- 多 process 通知廣播
|
||||
- 訊息序列化/反序列化
|
||||
|
||||
### Phase 3: Service Integration
|
||||
- NotificationService 加入推播
|
||||
- 前端 WebSocket client
|
||||
- 未讀數量即時更新
|
||||
|
||||
## Dependencies
|
||||
- collaboration (已完成)
|
||||
- Redis 已在 user-auth 中使用
|
||||
|
||||
## Technical Decisions
|
||||
- 使用 FastAPI WebSocket 原生支援
|
||||
- Redis Pub/Sub 處理多 worker 同步
|
||||
- 使用者以 user_id 為 channel key
|
||||
Reference in New Issue
Block a user