vikunja/pkg/db
Claude 64c3f464ac
feat: add project-scoped API tokens
Add optional project scope to API tokens, allowing tokens to be restricted
to a specific project and optionally its sub-projects. This builds on the
existing API token system by adding two new fields: project_id and
include_sub_projects.

Key changes:
- Database migration adding project_id and include_sub_projects columns
- ProjectScopedAuth wrapper type implementing web.Auth with scope info
- AuthUnwrapper interface for transparent auth type unwrapping
- Scope enforcement in project/task permission checks and list queries
- Middleware resolves scoped project IDs (with recursive CTE for sub-projects)
- Frontend: project selector in token creation form, scope display in list
- Tests for scope resolution, permission enforcement, and token creation

https://claude.ai/code/session_015JjPNeSkwxYQNCeMf2PYTi
2026-03-22 11:28:40 +00:00
..
fixtures feat: add project-scoped API tokens 2026-03-22 11:28:40 +00:00
db.go fix: only drop Vikunja-owned tables in WipeEverything 2026-03-04 15:37:54 +01:00
db_path_test.go refactor(db): extract testable ResolveDatabasePath function (#2193) 2026-02-08 10:47:57 +00:00
dump.go fix: only dump Vikunja-owned tables 2026-03-04 15:37:54 +01:00
helpers.go fix: use ParadeDB v2 fuzzy prefix matching for search (#2346) 2026-03-05 13:57:05 +01:00
helpers_test.go test: call real MultiFieldSearch function and branch on db engine 2026-03-05 13:57:05 +01:00
test.go refactor: remove environment variable requirements for go test 2026-02-17 18:01:05 +01:00
test_fixtures.go refactor: remove environment variable requirements for go test 2026-02-17 18:01:05 +01:00