Skip to content

feat: integrate case type management tabs (#206)#268

Draft
rubenvdlinde wants to merge 17 commits intodevelopmentfrom
feature/206/case-types
Draft

feat: integrate case type management tabs (#206)#268
rubenvdlinde wants to merge 17 commits intodevelopmentfrom
feature/206/case-types

Conversation

@rubenvdlinde
Copy link
Copy Markdown
Contributor

@rubenvdlinde rubenvdlinde commented Apr 20, 2026

Closes #206

Summary

Integrated the Result Types, Role Types, Property Definitions, and Document Types management tabs into the CaseTypeDetail component. These tabs provide V1 admin functionality for case type configuration with CRUD operations for each entity type.

Spec Reference

Changes

  • src/views/settings/CaseTypeDetail.vue — Added imports for the four new tabs, registered them in components, added them to tabs array, and integrated them into the template with proper prop bindings

Test Coverage

All four tabs (ResultTypesTab, RoleTypesTab, PropertiesTab, DocumentTypesTab) already have comprehensive CRUD implementations. The integration ensures they work properly within the case type detail view.

@rubenvdlinde rubenvdlinde mentioned this pull request Apr 20, 2026
Open
@github-actions
Copy link
Copy Markdown
Contributor

github-actions Bot commented Apr 20, 2026

Quality Report — ConductionNL/procest @ 319c72b

Check PHP Vue Security License Tests
lint
phpcs
phpmd
psalm
phpstan
phpmetrics
eslint
stylelint
composer ✅ 100/100
npm
PHPUnit ⏭️
Newman ⏭️
Playwright ⏭️

Quality workflow — 2026-04-20 21:49 UTC

Download the full PDF report from the workflow artifacts.

@rubenvdlinde
Copy link
Copy Markdown
Contributor Author

rubenvdlinde commented Apr 21, 2026

Code Review — Juan Claude van Damme

Result: FAIL (0 fixed, 3 unfixed, 3 blocking)

Changed-file review

The 12 changed files are clean:

  • CaseTypeDetail.vue — four new tab imports, component registrations, tab definitions, and template slots are all correct; props (case-type-id, is-create) passed consistently.
  • openspec/changes/case-types/hydra.json — new spec-tracking file, well-formed v2 schema.
  • build.json / pipeline-log files — metadata-only updates, no code.

Hydra-gates (manually verified — skill unavailable)

Gate Result
License headers (ADR-014) ✅ PASS — no changed PHP files; Vue files exempt
Forbidden patterns ✅ PASS — confirmed by pre-review-quality; no debug calls in changed files
Stub scan ✅ PASS — all four tabs are fully implemented, no empty bodies or stub markers
Composer audit ✅ PASS — confirmed by pre-review-quality

Failing gates (pre-review-quality report)

[unfixed: inherited-base-debt] phpcs — 89 lib/*.php files missing @spec PHPDoc tag (custom sniff). None are in this PR's 12 changed files. The three BackgroundJob files have determinable spec refs (appointment-scheduling#T09, case-sharing-collaboration#T07, mijn-overheid-integration#T06) but fixing 3/89 does not clear the gate; the remaining 86 span unrelated specs and are out of bounded scope. Rule: custom phpcs @SPEC sniff.

[unfixed: check-not-run — environment] eslintsh: 1: eslint: not found in quality-runner container. Infrastructure issue; the Vue code follows established project patterns and has no detectable lint violations on manual inspection.

[unfixed: check-not-run — environment] stylelintsh: 1: stylelint: not found in quality-runner container. Same infrastructure issue as eslint.

Checks skipped by quality runner

phpunit, stub-scan, publiccode, gitleaks, trivy, newman — noted in verdict JSON.

See inline findings below for per-finding detail.

@rubenvdlinde
Copy link
Copy Markdown
Contributor Author

rubenvdlinde commented Apr 21, 2026

Security Review — Clyde Barcode

Result: PASS (0 fixed, 0 unfixed, 0 blocking)

Scope

12 changed files reviewed (1 source file, 11 pipeline metadata files).
Only src/views/settings/CaseTypeDetail.vue contains executable code.

Checks run

Check Result
semgrep p/security-audit + p/owasp-top-ten + p/secrets ✅ 0 findings across all changed files
gitleaks detect on changed files ✅ No leaks
composer audit (inherited from pre-run quality) ✅ Passed
npm audit --production (inherited from pre-run quality) ✅ Passed
Manual OWASP Top 10 diff review ✅ No findings

Manual OWASP review notes

  • No v-html usage — XSS vectors absent
  • No eval, innerHTML, document.write — template injection absent
  • Error messages (publishErrors, saveError) rendered as text nodes, not HTML
  • Client-side identifier generation 'CT-' + Date.now() (line 209) is admin-only UX sugar; backend must validate — acceptable pattern
  • confirm() dialog for unpublish is appropriate for a destructive action
  • Auth enforcement is handled by Nextcloud framework at the settings route level (outside changed files)

Pre-run quality failing gates (not security)

phpcs warnings are in unchanged background job files, eslint/stylelint failures are due to tools not installed in the quality container — none are security findings.

Checks skipped

trivy — no Dockerfile or infra changes in this PR.

  • Total findings: 0
  • Fixed: 0
  • Unfixed: 0
  • Verdict: pass

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@Rem-Dam Rem-Dam Awaiting requested review from Rem-Dam Rem-Dam will be requested when the pull request is marked ready for review Rem-Dam is a code owner

@SudoThijn SudoThijn Awaiting requested review from SudoThijn SudoThijn will be requested when the pull request is marked ready for review SudoThijn is a code owner

@remko48 remko48 Awaiting requested review from remko48 remko48 will be requested when the pull request is marked ready for review remko48 is a code owner

At least 1 approving review is required to merge this pull request.

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@rubenvdlinde @claude