Files
paperclip/ui/src/components/MembershipAction.test.tsx
T
Dotta 9aea3e3d35
Release / publish_stable (push) Has been skipped
Release / verify_stable (push) Has been skipped
Release / preview_stable (push) Has been skipped
Refresh Lockfile / refresh (push) Successful in 48s
Docker / build-and-push (push) Failing after 2m20s
Release / verify_canary (push) Failing after 6m5s
Release / publish_canary (push) Has been skipped
[codex] Add resource membership controls (#6677)
## Thinking Path

> - Paperclip orchestrates AI-agent companies through company-scoped
issues, projects, agents, and board-visible workflows.
> - The board sidebar and project list are the daily navigation surface
for that control plane.
> - Users need to keep all projects and agents accessible while hiding
resources they have intentionally left from their own sidebar.
> - That requires user-scoped resource membership state backed by
company-scoped API and database contracts.
> - The branch also needed to preserve HTTP worktree login sessions and
keep the project list easier to scan after membership grouping.
> - This pull request adds resource membership controls, sidebar leave
actions, grouped/sortable project listings, and focused tests.
> - The benefit is a cleaner personal workspace view without weakening
company-scoped access to the underlying project or agent detail pages.

## What Changed

- Added `project_memberships` and `agent_memberships` tables with
API/shared/server contracts for current-user join/leave state.
- Renumbered the membership migration to `0090_resource_memberships`
after rebasing onto current `master`, and made it idempotent for anyone
who had applied the old branch-local `0087` migration.
- Added project and agent sidebar leave actions, plus list filtering
that waits for membership state before hiding resources.
- Added grouped project listing, project sorting controls, and reserved
row subtitle height for cleaner scanning.
- Fixed HTTP auth cookie security handling so HTTP worktree sessions can
persist.
- Updated focused server and UI tests for the new membership, sidebar,
project list, and auth behavior.

## Verification

- `pnpm exec vitest run server/src/__tests__/better-auth.test.ts
server/src/__tests__/resource-memberships-routes.test.ts
ui/src/pages/Projects.test.tsx
ui/src/components/SidebarProjects.test.tsx
ui/src/components/SidebarAgents.test.tsx
ui/src/components/MembershipAction.test.tsx
ui/src/components/EntityRow.test.tsx`
- Confirmed the branch is rebased on current `origin/master`.
- Confirmed the PR diff does not include `pnpm-lock.yaml` or
`.github/workflows` changes.

## Risks

- Migration safety: low to medium. The migration now uses `IF NOT
EXISTS` / guarded constraints and is numbered after current master
migrations, but it should still get CI coverage against fresh databases.
- UI behavior: low. Left resources are hidden from sidebar only after
membership state loads; direct detail access remains available.
- Auth behavior: low. Cookie security is relaxed only for HTTP/private
local-style origins where secure cookies would prevent login
persistence.

> For core feature work, check [`ROADMAP.md`](ROADMAP.md) first and
discuss it in `#dev` before opening the PR. Feature PRs that overlap
with planned core work may need to be redirected — check the roadmap
first. See `CONTRIBUTING.md`.

## Model Used

- OpenAI GPT-5 Codex coding agent, tool-enabled shell/git workflow,
context window not exposed by runtime.

## Checklist

- [x] I have included a thinking path that traces from project context
to this change
- [x] I have specified the model used (with version and capability
details)
- [x] I have checked ROADMAP.md and confirmed this PR does not duplicate
planned core work
- [x] I have run tests locally and they pass
- [x] I have added or updated tests where applicable
- [x] If this change affects the UI, I have included before/after
screenshots
- [x] I have updated relevant documentation to reflect my changes
- [x] I have considered and documented any risks above
- [x] I will address all Greptile and reviewer comments before
requesting merge

Screenshot note: no browser screenshots were captured in this heartbeat;
the UI changes are covered by focused component tests above.

---------

Co-authored-by: Paperclip <noreply@paperclip.ing>
2026-05-25 13:12:41 -05:00

122 lines
3.1 KiB
TypeScript

// @vitest-environment jsdom
import type { ReactNode } from "react";
import { flushSync } from "react-dom";
import { createRoot } from "react-dom/client";
import { afterEach, beforeEach, describe, expect, it, vi } from "vitest";
import { MembershipAction } from "./MembershipAction";
// eslint-disable-next-line @typescript-eslint/no-explicit-any
(globalThis as any).IS_REACT_ACT_ENVIRONMENT = true;
async function act(callback: () => void | Promise<void>) {
let result: void | Promise<void> = undefined;
flushSync(() => {
result = callback();
});
await result;
}
describe("MembershipAction", () => {
let container: HTMLDivElement;
let root: ReturnType<typeof createRoot> | null;
beforeEach(() => {
container = document.createElement("div");
document.body.appendChild(container);
root = null;
});
afterEach(async () => {
const currentRoot = root;
if (currentRoot) {
await act(async () => {
currentRoot.unmount();
});
}
container.remove();
document.body.innerHTML = "";
});
async function renderAction(element: ReactNode) {
const currentRoot = createRoot(container);
root = currentRoot;
await act(async () => {
currentRoot.render(element);
});
}
function button() {
const element = container.querySelector("button");
expect(element).not.toBeNull();
return element as HTMLButtonElement;
}
it("renders a leave action for joined resources", async () => {
await renderAction(
<MembershipAction
state="joined"
resourceName="Growth"
onJoin={() => {}}
onLeave={() => {}}
/>,
);
expect(button().getAttribute("aria-label")).toBe("Leave Growth");
expect(button().textContent).toContain("Leave");
});
it("renders a join action for left resources", async () => {
await renderAction(
<MembershipAction
state="left"
resourceName="Growth"
onJoin={() => {}}
onLeave={() => {}}
/>,
);
expect(button().getAttribute("aria-label")).toBe("Join Growth");
expect(button().textContent).toContain("Join");
});
it("prevents row navigation when clicked", async () => {
const onLeave = vi.fn();
const parentClick = vi.fn();
await renderAction(
<a href="/projects/growth" onClick={parentClick}>
<MembershipAction
state="joined"
resourceName="Growth"
onJoin={() => {}}
onLeave={onLeave}
/>
</a>,
);
await act(async () => {
button().dispatchEvent(new MouseEvent("click", { bubbles: true, cancelable: true }));
});
expect(onLeave).toHaveBeenCalledTimes(1);
expect(parentClick).not.toHaveBeenCalled();
});
it("marks pending actions busy and disabled", async () => {
await renderAction(
<MembershipAction
state="left"
pending
pendingState="joined"
resourceName="Growth"
onJoin={() => {}}
onLeave={() => {}}
/>,
);
expect(button().getAttribute("aria-busy")).toBe("true");
expect(button().disabled).toBe(true);
expect(button().textContent).toContain("Joining...");
});
});