updating to current main#553
Merged
Merged
Conversation
QuoteForm now only shows numbering schemes with type=Quote; InvoiceForm only shows type=Invoice. Previously both forms showed all numbering schemes regardless of type, allowing an invoice to be assigned a Quote numbering scheme and vice versa. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Captures module layout, Filament panel config, auth/tenancy flow, testing base classes and patterns, key model quirks (non-standard PKs, BelongsToCompany trait), service layer, seeder defaults, and a debugging quick-reference table. Lets Claude sessions start with full context instead of re-scanning the codebase on every request. https://claude.ai/code/session_01KVV91ECY14zwgavRm99zPs
AGENTS.md — OpenAI Codex / Agents
.github/copilot-instructions.md — corrected and enriched with verified
facts (Laravel 11 not 12+, PHP 8.1+,
real panel paths, correct role names,
no DTO/Repository layer)
.junie/guidelines.md — corrected and enriched (same fixes)
.junie/testing.md — testing base classes, factory patterns,
common pitfalls, assertion cheat sheet
.junie/architecture.md — auth flow, middleware chain, seeder
layout, key relationships
All files are consistent with CLAUDE.md and with each other. Each one
lets the respective agent start with full project context so it does
not need to scan the codebase from scratch on every request.
https://claude.ai/code/session_01KVV91ECY14zwgavRm99zPs
- Remove pestphp/pest-plugin from composer.json allow-plugins (Pest is not installed) - Fix .gitignore comment: # PHPUnit / Pest → # PHPUnit - Fix Makefile comment: remove "Pest-style dots" wording - Add PHPUnit-only notice to CLAUDE.md testing section - Add .claude/skills/pest-control/SKILL.md — enforces PHPUnit-only testing, provides Pest→PHPUnit conversion reference, and elimination checklist https://claude.ai/code/session_01YDhpDcaYqiVJWVZ67iakv6
…users
Three bugs combined to produce the silent redirect-to-/admin/login? symptom:
1. Both panel providers called ->login() with no arguments, so Filament used
its own default login page. The custom Login class (with is_active check,
rate-limit feedback, and translated validation messages) was never invoked —
explaining zero feedback on bad credentials.
2. LoginResponse used Company::query()->first() for elevated users, picking
whichever company has the lowest DB id (random from seeder). If that
company's search_code is 'admin', the redirect URL becomes /admin/dashboard
which hits the admin panel instead of the company panel, producing the
/admin/login? redirect. Fixed with DEFAULT_COMPANY_CODE='ivplv2' and a
whereRaw('LOWER(search_code) = ?') query with a safe fallback.
3. Session current_company_id was only set for regular users, not elevated
ones. Elevated users now also get the session key set for consistency with
what the tenant middleware expects.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Claude-Session: https://claude.ai/code/session_01GWq4PTCCwznTv2K7rzYXVx
Tests cover the three bugs fixed in the previous commit: - Elevated users land on ivplv2 (DEFAULT_COMPANY_CODE), not whichever company happens to have the lowest DB id - Graceful fallback to first() when ivplv2 does not exist - Regular users land on their own company, not the global default - session current_company_id is set for both elevated and regular users - abort(500) when elevated user finds no company at all - abort(500) when regular user has no company attached Also drops the PHP 8.3-only typed-constant syntax (const string) since composer.json constrains ^8.2. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com> Claude-Session: https://claude.ai/code/session_01GWq4PTCCwznTv2K7rzYXVx
All users now follow a single code path: prefer ivplv2 if attached, fall back to first attached company, abort 403 if no company attached. Fixes admin user by attaching them to ivplv2 in the seeder. Update LoginResponseTest to cover the new attachment-based behaviour and add a regression test against the old DB-presence bypass. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com> Claude-Session: https://claude.ai/code/session_01GWq4PTCCwznTv2K7rzYXVx
Without an encryption key, Livewire snapshot signing fails during tests. Adds the key to both phpunit.xml (authoritative for CI) and .env.testing (for local dev runs via php artisan test). Also adds !.env.testing to .gitignore so the file can be committed alongside the example. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com> Claude-Session: https://claude.ai/code/session_01GWq4PTCCwznTv2K7rzYXVx
- filament-resource-pages: replace wrong service-layer content with actual Filament v4 resource/pages/schemas/tables patterns from the codebase - service-layer: merge nuanced DTO guidance from the evicted duplicate; trim to single authoritative file - laravel-modules: remove false "no nwidart" claim (composer.json has it); fix directory structure to match reality (no src/ layer, uppercase Database/Tests/) - non-standard-pks: remove fabricated model PK table; keep only the two confirmed non-standard PKs (ClientCustom, Import) - senior-laravel-developer-phpunit-interpreter: remove hardcoded project path /home/runner/work/spotivel/ so skill is reusable across projects - filament-panel-setup: add missing User panel (three panels, not two) - autonomous-coding-workflow: add missing YAML frontmatter - safe-refactoring-rules: add missing YAML frontmatter - sync-stale-branches: add missing YAML frontmatter - ci-schema-invariant-gate: fix name mismatch (ci-schema-gate → ci-schema-invariant-gate) - dto-contract: fix name mismatch (dto-contracts → dto-contract) - filament-multi-tenancy: remove duplicated middleware chain docs; point to tenant-middleware skill - senior-laravel-developer-code-reviewer: add grumpy Senior Laravel developer persona with direct, no-nonsense tone and structured Must/Should/Could fix output format Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com> Claude-Session: https://claude.ai/code/session_01RCxcRGA8PyC5eocitHtjKy
…ular Switches the standard to internachi/modular where each module is a real Composer package with src/, database/, tests/ layout and path-repository wiring in the root composer.json. Retains an explicit nwidart (InvoicePlane-v2 legacy) comparison table so the skill stays useful in this repo while guiding future projects toward the correct structure. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com> Claude-Session: https://claude.ai/code/session_01RCxcRGA8PyC5eocitHtjKy
Both internachi/modular and nwidart share the same Modules\{Name}\ namespace.
The src/ layer is the only structural difference — namespace stays consistent.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Claude-Session: https://claude.ai/code/session_01RCxcRGA8PyC5eocitHtjKy
Every test method must have // Arrange, // Act, // Assert comments — no exceptions. Added as Rule 7 in pest-control and as a named check in the code reviewer's test pass. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com> Claude-Session: https://claude.ai/code/session_01RCxcRGA8PyC5eocitHtjKy
Not // single-line comments. The phase markers are block comments. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com> Claude-Session: https://claude.ai/code/session_01RCxcRGA8PyC5eocitHtjKy
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com> Claude-Session: https://claude.ai/code/session_01RCxcRGA8PyC5eocitHtjKy
Fixed 1 file(s) based on 1 unresolved review comment. Co-authored-by: CodeRabbit <noreply@coderabbit.ai>
- Add missing /* Arrange */ comment to it_creates_a_quote_through_a_modal - Add missing /* Act */ and /* Assert */ comments to same method - Add missing /* Arrange */ comment to it_creates_a_quote - Remove duplicate /* Assert */ comment in it_only_lists_quotes_for_the_current_tenant - Rename widget_shows_only_current_tenant_quotes → it_shows_only_current_tenant_quotes_in_the_widget (noun-before-verb naming violation) - Split forbidden /* Act & Assert */ into separate /* Act */ and /* Assert */ in QuoteDuplicateNumberPreventionTest Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com> Claude-Session: https://claude.ai/code/session_01DqwRdtVHYbBGYkENv1D78R
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Pull Request Checklist
Please check the following steps before submitting your PR. If any items are incomplete, consider marking it as
[WIP](Work in Progress).Checklist
Description
Provide a brief description of the changes made in this pull request.
Related Issue(s)
List any related issues or discussions. If applicable, link to an accompanying thread on the forums.
Fixes # (example)
Motivation and Context
Why was this change necessary? Does it solve a problem or improve an existing feature? If this PR fixes an open issue, link to it here.
Issue Type (Check one or more)
Screenshots (If Applicable)
Attach relevant screenshots that demonstrate your changes.
Thank you for your contribution to InvoicePlane! We appreciate your time and effort.
Summary by CodeRabbit
New Features
Bug Fixes
Chores