Skip to content

updating to current main#553

Merged
nielsdrost7 merged 18 commits into
feature/476-cewliofrom
develop
Jun 19, 2026
Merged

updating to current main#553
nielsdrost7 merged 18 commits into
feature/476-cewliofrom
develop

Conversation

@cewlio1

@cewlio1 cewlio1 commented Jun 18, 2026

Copy link
Copy Markdown
Collaborator

Pull Request Checklist

Please check the following steps before submitting your PR. If any items are incomplete, consider marking it as [WIP] (Work in Progress).

Checklist

  • My code follows the code formatting guidelines.
  • I have tested my changes locally.
  • I selected the appropriate branch for this PR.
  • I have rebased my changes on top of the selected branch.
  • I included relevant documentation updates if necessary.
  • I have an accompanying issue ID for this pull request.

Description

Provide a brief description of the changes made in this pull request.


Related Issue(s)

List any related issues or discussions. If applicable, link to an accompanying thread on the forums.
Fixes # (example)


Motivation and Context

Why was this change necessary? Does it solve a problem or improve an existing feature? If this PR fixes an open issue, link to it here.


Issue Type (Check one or more)

  • Bugfix
  • Improvement of an existing feature
  • New feature

Screenshots (If Applicable)

Attach relevant screenshots that demonstrate your changes.


Thank you for your contribution to InvoicePlane! We appreciate your time and effort.

Summary by CodeRabbit

  • New Features

    • Streamlined login experience with automatic company dashboard routing for users.
    • Added type-specific filtering for invoice and quote numbering selection.
  • Bug Fixes

    • Improved tenant resolution to prevent incorrect company access on login.
  • Chores

    • Transitioned testing framework from Pest to PHPUnit for consistency.
    • Enhanced project documentation and development guidelines for maintainers.

nielsdrost7 and others added 17 commits June 13, 2026 06:54
QuoteForm now only shows numbering schemes with type=Quote; InvoiceForm
only shows type=Invoice. Previously both forms showed all numbering
schemes regardless of type, allowing an invoice to be assigned a Quote
numbering scheme and vice versa.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Captures module layout, Filament panel config, auth/tenancy flow,
testing base classes and patterns, key model quirks (non-standard PKs,
BelongsToCompany trait), service layer, seeder defaults, and a
debugging quick-reference table.

Lets Claude sessions start with full context instead of re-scanning
the codebase on every request.

https://claude.ai/code/session_01KVV91ECY14zwgavRm99zPs
AGENTS.md                        — OpenAI Codex / Agents
.github/copilot-instructions.md  — corrected and enriched with verified
                                   facts (Laravel 11 not 12+, PHP 8.1+,
                                   real panel paths, correct role names,
                                   no DTO/Repository layer)
.junie/guidelines.md             — corrected and enriched (same fixes)
.junie/testing.md                — testing base classes, factory patterns,
                                   common pitfalls, assertion cheat sheet
.junie/architecture.md           — auth flow, middleware chain, seeder
                                   layout, key relationships

All files are consistent with CLAUDE.md and with each other. Each one
lets the respective agent start with full project context so it does
not need to scan the codebase from scratch on every request.

https://claude.ai/code/session_01KVV91ECY14zwgavRm99zPs
- Remove pestphp/pest-plugin from composer.json allow-plugins (Pest is not installed)
- Fix .gitignore comment: # PHPUnit / Pest → # PHPUnit
- Fix Makefile comment: remove "Pest-style dots" wording
- Add PHPUnit-only notice to CLAUDE.md testing section
- Add .claude/skills/pest-control/SKILL.md — enforces PHPUnit-only testing,
  provides Pest→PHPUnit conversion reference, and elimination checklist

https://claude.ai/code/session_01YDhpDcaYqiVJWVZ67iakv6
…users

Three bugs combined to produce the silent redirect-to-/admin/login? symptom:

1. Both panel providers called ->login() with no arguments, so Filament used
   its own default login page. The custom Login class (with is_active check,
   rate-limit feedback, and translated validation messages) was never invoked —
   explaining zero feedback on bad credentials.

2. LoginResponse used Company::query()->first() for elevated users, picking
   whichever company has the lowest DB id (random from seeder). If that
   company's search_code is 'admin', the redirect URL becomes /admin/dashboard
   which hits the admin panel instead of the company panel, producing the
   /admin/login? redirect. Fixed with DEFAULT_COMPANY_CODE='ivplv2' and a
   whereRaw('LOWER(search_code) = ?') query with a safe fallback.

3. Session current_company_id was only set for regular users, not elevated
   ones. Elevated users now also get the session key set for consistency with
   what the tenant middleware expects.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Claude-Session: https://claude.ai/code/session_01GWq4PTCCwznTv2K7rzYXVx
Tests cover the three bugs fixed in the previous commit:

- Elevated users land on ivplv2 (DEFAULT_COMPANY_CODE), not whichever
  company happens to have the lowest DB id
- Graceful fallback to first() when ivplv2 does not exist
- Regular users land on their own company, not the global default
- session current_company_id is set for both elevated and regular users
- abort(500) when elevated user finds no company at all
- abort(500) when regular user has no company attached

Also drops the PHP 8.3-only typed-constant syntax (const string)
since composer.json constrains ^8.2.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Claude-Session: https://claude.ai/code/session_01GWq4PTCCwznTv2K7rzYXVx
All users now follow a single code path: prefer ivplv2 if attached,
fall back to first attached company, abort 403 if no company attached.
Fixes admin user by attaching them to ivplv2 in the seeder.
Update LoginResponseTest to cover the new attachment-based behaviour
and add a regression test against the old DB-presence bypass.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Claude-Session: https://claude.ai/code/session_01GWq4PTCCwznTv2K7rzYXVx
Without an encryption key, Livewire snapshot signing fails during tests.
Adds the key to both phpunit.xml (authoritative for CI) and .env.testing
(for local dev runs via php artisan test). Also adds !.env.testing to
.gitignore so the file can be committed alongside the example.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Claude-Session: https://claude.ai/code/session_01GWq4PTCCwznTv2K7rzYXVx
- filament-resource-pages: replace wrong service-layer content with actual
  Filament v4 resource/pages/schemas/tables patterns from the codebase
- service-layer: merge nuanced DTO guidance from the evicted duplicate;
  trim to single authoritative file
- laravel-modules: remove false "no nwidart" claim (composer.json has it);
  fix directory structure to match reality (no src/ layer, uppercase Database/Tests/)
- non-standard-pks: remove fabricated model PK table; keep only the two
  confirmed non-standard PKs (ClientCustom, Import)
- senior-laravel-developer-phpunit-interpreter: remove hardcoded project path
  /home/runner/work/spotivel/ so skill is reusable across projects
- filament-panel-setup: add missing User panel (three panels, not two)
- autonomous-coding-workflow: add missing YAML frontmatter
- safe-refactoring-rules: add missing YAML frontmatter
- sync-stale-branches: add missing YAML frontmatter
- ci-schema-invariant-gate: fix name mismatch (ci-schema-gate → ci-schema-invariant-gate)
- dto-contract: fix name mismatch (dto-contracts → dto-contract)
- filament-multi-tenancy: remove duplicated middleware chain docs; point to tenant-middleware skill
- senior-laravel-developer-code-reviewer: add grumpy Senior Laravel developer persona
  with direct, no-nonsense tone and structured Must/Should/Could fix output format

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Claude-Session: https://claude.ai/code/session_01RCxcRGA8PyC5eocitHtjKy
…ular

Switches the standard to internachi/modular where each module is a real
Composer package with src/, database/, tests/ layout and path-repository
wiring in the root composer.json.

Retains an explicit nwidart (InvoicePlane-v2 legacy) comparison table so
the skill stays useful in this repo while guiding future projects toward
the correct structure.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Claude-Session: https://claude.ai/code/session_01RCxcRGA8PyC5eocitHtjKy
Both internachi/modular and nwidart share the same Modules\{Name}\ namespace.
The src/ layer is the only structural difference — namespace stays consistent.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Claude-Session: https://claude.ai/code/session_01RCxcRGA8PyC5eocitHtjKy
Every test method must have // Arrange, // Act, // Assert comments —
no exceptions. Added as Rule 7 in pest-control and as a named check
in the code reviewer's test pass.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Claude-Session: https://claude.ai/code/session_01RCxcRGA8PyC5eocitHtjKy
Not // single-line comments. The phase markers are block comments.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Claude-Session: https://claude.ai/code/session_01RCxcRGA8PyC5eocitHtjKy
Fixed 1 file(s) based on 1 unresolved review comment.

Co-authored-by: CodeRabbit <noreply@coderabbit.ai>
@cewlio1 cewlio1 requested a review from nielsdrost7 June 18, 2026 22:17
@InvoicePlane InvoicePlane deleted a comment from coderabbitai Bot Jun 19, 2026
coderabbitai[bot]

This comment was marked as outdated.

- Add missing /* Arrange */ comment to it_creates_a_quote_through_a_modal
- Add missing /* Act */ and /* Assert */ comments to same method
- Add missing /* Arrange */ comment to it_creates_a_quote
- Remove duplicate /* Assert */ comment in it_only_lists_quotes_for_the_current_tenant
- Rename widget_shows_only_current_tenant_quotes → it_shows_only_current_tenant_quotes_in_the_widget (noun-before-verb naming violation)
- Split forbidden /* Act & Assert */ into separate /* Act */ and /* Assert */ in QuoteDuplicateNumberPreventionTest

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Claude-Session: https://claude.ai/code/session_01DqwRdtVHYbBGYkENv1D78R
@InvoicePlane InvoicePlane deleted a comment from coderabbitai Bot Jun 19, 2026
@InvoicePlane InvoicePlane deleted a comment from coderabbitai Bot Jun 19, 2026
@nielsdrost7 nielsdrost7 merged commit db50af7 into feature/476-cewlio Jun 19, 2026
1 of 6 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

4 participants