vikunja/pkg
kolaente cbe8f1f5b5 fix(tasks): show filter-matched subtasks whose parent is filtered out (#2646)
When expand=subtasks was used, phase 1 decided which tasks are "roots"
(top-level rows) by excluding any task whose parent lived in the same
project: `parent_tasks.project_id != tasks.project_id`. That comparison
was only ever a proxy for the real question - "is the parent actually part
of this result set?" - and the proxy keeps being wrong:

  - #1000  cross-project parent
  - #2494  deleted parent
  - #2646  same-project parent that is filtered out

In the #2646 case a subtask that matches the filter but whose parent does
not was wrongly dropped from the roots, so a filter matching only a
subtask returned [].

Replace the proxy with the real predicate. A task is excluded from roots
only when its parent is genuinely in the matched set, i.e. ALL of:
  - it has a parenttask relation, AND
  - the parent task exists, AND
  - the parent is within the queried project scope, AND
  - the parent satisfies the active filter.

The parent-satisfies-the-filter check rebuilds the parsed filter against
the parent_tasks alias (convertFiltersToDBFilterCondWithAlias). It applies
the filter and project scope but deliberately NOT the text-search
predicate, so ParadeDB's search operators are never composed against the
parent_tasks alias.

Semantics are unchanged: count = roots. The LIMIT still slices roots in
phase 1; subtasks ride along in phase 2 (recursive CTE, deduped via NOT
IN) and are not counted toward the per-page limit. totalCount stays the
number of roots and uses the same corrected condition.

Verified on SQLite and a real ParadeDB instance (no "unsupported query
shape").

Fixes #2646
2026-06-19 22:39:48 +02:00
..
audit refactor(events): use a concrete doer on project and team events 2026-06-12 08:56:08 +00:00
caldav fix(caldav): escape user-controlled strings per RFC 5545 in VCALENDAR output 2026-04-09 15:44:04 +00:00
caldavtests fix(caldav): skip tests for known CalDAV bugs and fix timing issues 2026-04-02 11:34:55 +00:00
cmd fix(cli): guard last admin on scheduled CLI deletion path 2026-04-20 18:55:06 +00:00
config feat(config): add audit logging config keys 2026-06-12 08:56:08 +00:00
cron fix: correct license header references (#882) 2025-06-10 12:18:38 +02:00
db fix(db): interpolate table identifiers in truncate instead of binding them 2026-06-17 12:13:50 +00:00
doctor feat(auth): enforce OpenID Connect issuer uniqueness across providers 2026-03-30 22:41:50 +00:00
e2etests test(webhook): assert bad webhook is retried in no-duplicate test 2026-04-09 09:26:04 +00:00
events fix(notifications): use full user so notifications show display name 2026-06-18 20:57:05 +00:00
files docs(api/v2): tag task attachment fields for the v2 schema 2026-06-10 10:22:39 +00:00
health feat: introduce shared health check logic (#1073) 2025-07-02 21:01:41 +00:00
i18n chore(i18n): update translations via Crowdin 2026-05-27 02:31:52 +00:00
initialize feat(audit): wire request-meta middleware and writer initialization 2026-06-12 08:56:08 +00:00
license fix(license): degrade to free when servers unreachable or key rejected 2026-04-20 18:55:06 +00:00
log fix(mail): guard log calls in GetMailDomain and fix hostname-dependent tests 2026-04-03 18:30:39 +00:00
mail feat: add Atom feed for user notifications with API token auth (#2758) 2026-05-15 17:25:09 +02:00
metrics refactor(metrics): count entities on demand with a TTL cache 2026-05-30 13:48:01 +00:00
migration fix(auth): build OIDC end-session URL with RP-Initiated Logout params (#2943) 2026-06-19 18:27:33 +02:00
models fix(tasks): show filter-matched subtasks whose parent is filtered out (#2646) 2026-06-19 22:39:48 +02:00
modules fix(auth): build OIDC end-session URL with RP-Initiated Logout params (#2943) 2026-06-19 18:27:33 +02:00
notifications fix(notifications): strip remote images from notification emails 2026-06-11 06:53:37 +00:00
plugins test(plugins): add yaegi plugin integration tests 2026-03-30 20:44:46 +00:00
red fix: correct license header references (#882) 2025-06-10 12:18:38 +02:00
routes fix(auth): build OIDC end-session URL with RP-Initiated Logout params (#2943) 2026-06-19 18:27:33 +02:00
swagger [skip ci] Updated swagger docs 2026-06-19 16:52:13 +00:00
user feat(api/v2): add totp qr code endpoint 2026-06-17 18:39:38 +00:00
utils fix: add timeouts to Gravatar, Unsplash, and SSRF-safe HTTP clients 2026-04-09 07:31:08 +00:00
version fix: correct license header references (#882) 2025-06-10 12:18:38 +02:00
web fix(files): never cache file downloads in v1 or v2 2026-06-17 18:39:38 +00:00
websocket feat(time-tracking): let clients subscribe to timer events 2026-06-08 13:54:09 +00:00
webtests fix(auth): build OIDC end-session URL with RP-Initiated Logout params (#2943) 2026-06-19 18:27:33 +02:00
yaegi_symbols refactor(user): remove the now-empty listeners file 2026-05-30 13:48:01 +00:00