makiolaj/GearBox
1
0
Fork 0
Code Issues 8 Pull Requests Actions Packages Projects Releases 10 Wiki Activity
Files
Develop
GearBox/.planning/phases/32-setup-sharing-system/32-02-SUMMARY.md
Jean-Luc Makiola 7eb5335a88 docs: add phase 32 plan summaries 
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-04-13 18:05:24 +02:00

44 lines
1.9 KiB
Markdown
Raw Permalink Blame History

# Plan 32-02 Summary: Share Link Backend
**Status:** Complete
**Commit:** da159d1
## What was done
1. **Share service** (`src/server/services/share.service.ts`):
- `createShareLink`: 128-bit random base64url token, configurable expiration
- `getShareLinks`: Lists all shares for a setup (ownership verified)
- `revokeShareLink`: Sets revokedAt (ownership verified via join)
- `validateShareToken`: Returns setupId/permission, rejects expired/revoked/nonexistent
- `deactivateShareLinks`: Bulk revoke all active links for a setup
- `reactivateShareLinks`: Clears revokedAt on non-expired shares
2. **Visibility transition side effects** (`src/server/services/setup.service.ts`):
- `updateSetup` now detects visibility transitions and calls deactivate/reactivate
- Uses dynamic import to avoid circular dependency
3. **New function** `getSetupWithItemsById` for share-token-authorized access (no user/visibility check)
4. **API routes** (added to `src/server/routes/setups.ts`):
- `POST /api/setups/:id/shares` — Create share link (auth required)
- `GET /api/setups/:id/shares` — List share links (auth required)
- `DELETE /api/setups/:id/shares/:shareId` — Revoke share link (auth required)
5. **Public endpoints** (added to `src/server/index.ts`):
- `GET /api/shared/:token` — Access setup via share token (no auth)
- `GET /s/:token` — Short URL redirect to `/setups/:id?share=:token`
- Auth middleware skip for `/api/shared/` and rate limiting applied
6. **Share schema** (`src/shared/schemas.ts`):
- `createShareLinkSchema` with `expiresInDays: 7 | 14 | 30 | null`
7. **Tests** (`tests/services/share.service.test.ts`):
- 16 tests covering all service functions and visibility transitions
- All pass (62/62 across 5 affected test files)
## Verification
- `bun run lint`: Passes
- All share service tests pass (16/16)
- All affected tests pass (62/62 across 5 files)
Reference in New Issue View Git Blame Copy Permalink