egg/PROJECT-CONTORL
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat: implement 8 OpenSpec proposals for security, reliability, and UX improvements

Browse Source 
## Security Enhancements (P0)
- Add input validation with max_length and numeric range constraints
- Implement WebSocket token authentication via first message
- Add path traversal prevention in file storage service

## Permission Enhancements (P0)
- Add project member management for cross-department access
- Implement is_department_manager flag for workload visibility

## Cycle Detection (P0)
- Add DFS-based cycle detection for task dependencies
- Add formula field circular reference detection
- Display user-friendly cycle path visualization

## Concurrency & Reliability (P1)
- Implement optimistic locking with version field (409 Conflict on mismatch)
- Add trigger retry mechanism with exponential backoff (1s, 2s, 4s)
- Implement cascade restore for soft-deleted tasks

## Rate Limiting (P1)
- Add tiered rate limits: standard (60/min), sensitive (20/min), heavy (5/min)
- Apply rate limits to tasks, reports, attachments, and comments

## Frontend Improvements (P1)
- Add responsive sidebar with hamburger menu for mobile
- Improve touch-friendly UI with proper tap target sizes
- Complete i18n translations for all components

## Backend Reliability (P2)
- Configure database connection pool (size=10, overflow=20)
- Add Redis fallback mechanism with message queue
- Add blocker check before task deletion

## API Enhancements (P3)
- Add standardized response wrapper utility
- Add /health/ready and /health/live endpoints
- Implement project templates with status/field copying

## Tests Added
- test_input_validation.py - Schema and path traversal tests
- test_concurrency_reliability.py - Optimistic locking and retry tests
- test_backend_reliability.py - Connection pool and Redis tests
- test_api_enhancements.py - Health check and template tests

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
This commit is contained in:
beabigegg
2026-01-10 22:13:43 +08:00
parent 96210c7ad4
commit 3bdc6ff1c9
106 changed files with 9704 additions and 429 deletions
Download Patch File Download Diff File Expand all files Collapse all files

21
openspec/changes/archive/2026-01-10-add-concurrency-reliability/specs/automation/spec.md Normal file
View File

@@ -0,0 +1,21 @@
## ADDED Requirements
### Requirement: Trigger Execution Retry
The system SHALL retry failed trigger executions with exponential backoff to handle transient failures.
#### Scenario: Trigger succeeds after retry
- **WHEN** trigger execution fails due to transient error
- **THEN** system retries after 1 second delay
- **WHEN** retry succeeds
- **THEN** trigger is marked as successful in execution log
#### Scenario: Trigger exhausts retries
- **WHEN** trigger execution fails 3 consecutive times
- **THEN** system marks trigger execution as permanently failed
- **THEN** system sends alert notification to system administrators
- **THEN** execution log contains all retry attempts with error details
#### Scenario: Non-retryable error
- **WHEN** trigger fails with validation or permission error (4xx)
- **THEN** system does not retry and marks as failed immediately
- **THEN** error is logged with appropriate categorization

30
openspec/changes/archive/2026-01-10-add-concurrency-reliability/specs/task-management/spec.md Normal file
View File

@@ -0,0 +1,30 @@
## ADDED Requirements
### Requirement: Optimistic Locking for Task Updates
The system SHALL use optimistic locking to prevent concurrent update conflicts on tasks.
#### Scenario: Concurrent update detected
- **WHEN** user A and user B both load task at version 1
- **WHEN** user A saves changes, incrementing version to 2
- **WHEN** user B attempts to save with version 1
- **THEN** system returns 409 Conflict error
- **THEN** error message instructs user to refresh and retry
#### Scenario: Sequential updates succeed
- **WHEN** user loads task at version N
- **WHEN** user saves changes with correct version N
- **THEN** system accepts update and increments version to N+1
### Requirement: Soft Delete Cascade Restore
The system SHALL restore child tasks when parent task is restored from soft delete.
#### Scenario: Parent task restored with children
- **WHEN** soft-deleted parent task is restored
- **THEN** system identifies child tasks deleted at same timestamp
- **THEN** system recursively restores all matching child tasks
- **THEN** audit log records restoration of parent and children
#### Scenario: Selective restore without children
- **WHEN** user explicitly requests restore without cascade
- **THEN** only parent task is restored
- **THEN** child tasks remain in deleted state