bert.hausmans/crewli
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat(form-builder): admin UI completion — server filters, KPIs, resource expansion (WS-6 sessie 3c)

Browse Source 
Closes the four production gaps that emerged from sessie 3b's admin UI.
What we ship here is final: no further rework planned before production.

Backend
- IndexFailuresRequest validates state/search/failed_at_from/failed_at_to/
  listener_class. orgIndex + platformIndex apply them via a single
  applyIndexFilters() helper. Search runs case-insensitive `LIKE` on
  exception_message; SQL wildcards in user input are escaped.
- New /kpis aggregate endpoint per scope (orgKpis, platformKpis) returns
  open / resolved_30d / dismissed_30d / total_submissions in O(1) COUNTs.
  Replaces sessie 3b's client-side bucketing of an oversized list.
- Resource expansion: organisation_name, form_schema_label,
  resolved_by_user_name, dismissed_by_user_name, exception_trace,
  retry_history[]. Eager-loading via indexEagerLoads()/detailEagerLoads()
  prevents N+1 (verified by query-count assertion in test).
- New 2026_04_28_181000 migration adds exception_trace (longtext nullable)
  to form_submission_action_failures. ApplyBindingsOnFormSubmit listener
  now captures $e->getTraceAsString() at failure time.
- New FormSubmissionActionFailureRetryAttemptResource exposes per-attempt
  data (timestamp, actor name, outcome, exception details) inside
  retry_history[]. Index payloads omit the field via whenLoaded() to keep
  list responses lean.

Frontend (apps/app)
- Types updated to mirror the expanded resource shape and the new KPI
  endpoint contract. FormFailuresKpis is now { open, resolved_30d,
  dismissed_30d, total_submissions } (server-aggregate).
- useFormFailures composable forwards all 5 server filters via
  buildIndexParams() (strips empty/whitespace). useFormFailuresKpis hits
  the dedicated /kpis endpoint per scope.
- FormFailuresTable replaces client-side bucketing with server-side
  filtering, adds listener_class + date-range filter inputs, and renames
  the 4th KPI tile to "Submissions" (was "Totaal").
- FormFailureDetail renders organisation_name + form_schema_label in the
  header, surfaces an expandable stack-trace card, names the resolved/
  dismissed actor in the timeline, and replaces the "v1 placeholder"
  retry-history card with a full per-attempt timeline.

ESLint config gap (apps/app)
- New .eslintrc.cjs adapted from the Vuexy reference, minus Vuexy-internal
  rules. `pnpm lint` now runs successfully (was previously broken — the
  package.json script referenced a missing config). The 80 baseline
  violations across the codebase are pre-existing and out of scope for
  this session.

Tests + gates
- 24 new backend tests across filter, kpis, and resource-shape suites.
  Backend: 1462 → 1486 passing, 0 → 0 failing. Larastan clean. Rector
  dry-run unchanged at 354 (pre-Task-1 baseline from f18b55b).
- 3 new vitest tests in apps/app (filter wiring, KPI endpoint, KPI tile
  values from /kpis). Vitest: 38 → 41 passing. tsc clean. Portal
  unchanged (113 vitest, tsc clean).
- 5 backfill rollback tests bumped --step counts +1 for the new migration.
- Ws6FoundationMigrationTest down/up chain now includes exception_trace
  before the parent table is restored.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
This commit is contained in:
bert.hausmans
2026-04-28 23:29:58 +02:00
parent b47e096a55
commit 192353f4bc
31 changed files with 1557 additions and 230 deletions
Download Patch File Download Diff File Expand all files Collapse all files

175
api/app/Http/Controllers/Api/V1/FormBuilder/FormSubmissionActionFailureController.php
View File

@@ -9,11 +9,13 @@ use App\Exceptions\FormBuilder\FailureNotRetriableException;
use App\Exceptions\FormBuilder\ParentSubmissionGoneException;
use App\Http\Controllers\Controller;
use App\Http\Requests\FormBuilder\DismissFailureRequest;
use App\Http\Requests\FormBuilder\IndexFailuresRequest;
use App\Http\Requests\FormBuilder\ResolveFailureRequest;
use App\Http\Resources\FormBuilder\FormSubmissionActionFailureResource;
use App\Models\FormBuilder\FormSubmissionActionFailure;
use App\Models\Organisation;
use App\Services\FormBuilder\FormFailureRetryService;
use Illuminate\Database\Eloquent\Builder;
use Illuminate\Database\Eloquent\ModelNotFoundException;
use Illuminate\Http\JsonResponse;
use Illuminate\Http\Request;
@@ -28,7 +30,7 @@ use Illuminate\Support\Facades\Gate;
*/
final class FormSubmissionActionFailureController extends Controller
{
public function orgIndex(Organisation $organisation): AnonymousResourceCollection
public function orgIndex(Organisation $organisation, IndexFailuresRequest $request): AnonymousResourceCollection
{
// RFC V3 IDOR-class — the user must be super_admin OR an
// org_admin on THIS specific organisation. Viewing any org's
@@ -38,28 +40,64 @@ final class FormSubmissionActionFailureController extends Controller
// resolve/dismiss.
$this->authorizeViewAnyInOrgOrNotFound($organisation);
$failures = FormSubmissionActionFailure::query()
$query = FormSubmissionActionFailure::query()
->with($this->indexEagerLoads())
->whereHas('submission', function ($q) use ($organisation): void {
/** @var \Illuminate\Database\Eloquent\Builder<\App\Models\FormBuilder\FormSubmission> $q */
$q->where('organisation_id', $organisation->id);
})
->latest('failed_at')
->paginate(50);
});
$this->applyIndexFilters($query, $request);
$failures = $query->latest('failed_at')->paginate(50)->withQueryString();
return FormSubmissionActionFailureResource::collection($failures);
}
public function platformIndex(): AnonymousResourceCollection
public function platformIndex(IndexFailuresRequest $request): AnonymousResourceCollection
{
Gate::authorize('viewAny', FormSubmissionActionFailure::class);
$failures = FormSubmissionActionFailure::query()
->latest('failed_at')
->paginate(50);
$query = FormSubmissionActionFailure::query()->with($this->indexEagerLoads());
$this->applyIndexFilters($query, $request);
$failures = $query->latest('failed_at')->paginate(50)->withQueryString();
return FormSubmissionActionFailureResource::collection($failures);
}
/**
* Sessie 3c admin-UI dashboard counters (org-scoped). Same
* tenant gate as orgIndex (RFC V3): denied 404.
*/
public function orgKpis(Organisation $organisation): JsonResponse
{
$this->authorizeViewAnyInOrgOrNotFound($organisation);
return response()->json([
'data' => $this->buildKpis(
FormSubmissionActionFailure::query()
->whereHas('submission', function ($q) use ($organisation): void {
/** @var \Illuminate\Database\Eloquent\Builder<\App\Models\FormBuilder\FormSubmission> $q */
$q->where('organisation_id', $organisation->id);
}),
$organisation,
),
]);
}
/**
* Sessie 3c platform-wide dashboard counters (super_admin only).
*/
public function platformKpis(): JsonResponse
{
Gate::authorize('viewAny', FormSubmissionActionFailure::class);
return response()->json([
'data' => $this->buildKpis(FormSubmissionActionFailure::query(), null),
]);
}
public function show(?Organisation $organisation, FormSubmissionActionFailure $formSubmissionActionFailure): FormSubmissionActionFailureResource
{
// $organisation is bound only on the org-scoped route; null on the
@@ -70,6 +108,8 @@ final class FormSubmissionActionFailureController extends Controller
unset($organisation);
$this->authorizeOrNotFound('view', $formSubmissionActionFailure);
$formSubmissionActionFailure->load($this->detailEagerLoads());
return new FormSubmissionActionFailureResource($formSubmissionActionFailure);
}
@@ -97,7 +137,7 @@ final class FormSubmissionActionFailureController extends Controller
], 410);
}
return new FormSubmissionActionFailureResource($failure->refresh());
return new FormSubmissionActionFailureResource($failure->refresh()->load($this->detailEagerLoads()));
}
public function resolve(
@@ -126,7 +166,7 @@ final class FormSubmissionActionFailureController extends Controller
$failure->resolved_by_user_id = $request->user()?->id;
$failure->save();
return new FormSubmissionActionFailureResource($failure->refresh());
return new FormSubmissionActionFailureResource($failure->refresh()->load($this->detailEagerLoads()));
}
public function dismiss(
@@ -156,7 +196,118 @@ final class FormSubmissionActionFailureController extends Controller
$failure->dismissed_by_user_id = $request->user()?->id;
$failure->save();
return new FormSubmissionActionFailureResource($failure->refresh());
return new FormSubmissionActionFailureResource($failure->refresh()->load($this->detailEagerLoads()));
}
/**
* Sessie 3c relations needed by the index Resource.
* Tight set: org+schema labels and the two action-actor user names.
* Skip retryAttempts on the index for payload size; show endpoint
* lazy-loads it via {@see detailEagerLoads()}.
*
* @return array<int, string>
*/
private function indexEagerLoads(): array
{
return [
'submission:id,form_schema_id,organisation_id',
'submission.organisation:id,name',
'submission.schema:id,name',
'resolvedBy:id,first_name,last_name',
'dismissedBy:id,first_name,last_name',
];
}
/**
* Sessie 3c relations for the detail Resource. Adds retryAttempts
* with attempted-by user for the timeline.
*
* @return array<int, string>
*/
private function detailEagerLoads(): array
{
return [
'submission:id,form_schema_id,organisation_id',
'submission.organisation:id,name',
'submission.schema:id,name',
'resolvedBy:id,first_name,last_name',
'dismissedBy:id,first_name,last_name',
'retryAttempts',
'retryAttempts.attemptedBy:id,first_name,last_name',
];
}
/**
* Sessie 3c KPI aggregate (open / resolved 30d / dismissed 30d /
* total submissions). The 30d windows are computed via aggregate
* SQL (single COUNT per metric) so the cost stays O(1) on indexed
* columns regardless of org volume.
*
* `total_submissions` is org-scoped when an organisation is given;
* platform-wide otherwise. We re-query FormSubmission rather than
* derive it from the failures query because total submissions is
* unrelated to the failure rowset.
*
* @param Builder<FormSubmissionActionFailure> $query
* @return array{open:int, resolved_30d:int, dismissed_30d:int, total_submissions:int}
*/
private function buildKpis(Builder $query, ?Organisation $organisation): array
{
$thirtyDaysAgo = now()->subDays(30);
$open = (clone $query)->whereNull('resolved_at')->whereNull('dismissed_at')->count();
$resolved30d = (clone $query)->where('resolved_at', '>=', $thirtyDaysAgo)->count();
$dismissed30d = (clone $query)->where('dismissed_at', '>=', $thirtyDaysAgo)->count();
$submissionsQuery = \App\Models\FormBuilder\FormSubmission::query();
if ($organisation instanceof Organisation) {
$submissionsQuery->where('organisation_id', $organisation->id);
}
return [
'open' => $open,
'resolved_30d' => $resolved30d,
'dismissed_30d' => $dismissed30d,
'total_submissions' => $submissionsQuery->count(),
];
}
/**
* Sessie 3c apply admin-UI filters to the failure query.
*
* Default state = `open`. Search runs case-insensitive substring
* match on `exception_message`. Date range is half-open by default
* (Laravel `whereBetween` is inclusive on both ends sufficient
* for ISO date inputs from the date-picker UI).
*
* @param Builder<FormSubmissionActionFailure> $query
*/
private function applyIndexFilters(Builder $query, IndexFailuresRequest $request): void
{
$state = (string) ($request->validated('state') ?? 'open');
match ($state) {
'open' => $query->whereNull('resolved_at')->whereNull('dismissed_at'),
'resolved' => $query->whereNotNull('resolved_at'),
'dismissed' => $query->whereNotNull('dismissed_at'),
'all' => null,
default => null,
};
if (($search = $request->validated('search')) !== null && $search !== '') {
$like = '%'.str_replace(['%', '_'], ['\\%', '\\_'], (string) $search).'%';
$query->where('exception_message', 'like', $like);
}
if (($from = $request->validated('failed_at_from')) !== null) {
$query->where('failed_at', '>=', $from);
}
if (($to = $request->validated('failed_at_to')) !== null) {
$query->where('failed_at', '<=', $to);
}
if (($listener = $request->validated('listener_class')) !== null && $listener !== '') {
$query->where('listener_class', $listener);
}
}
/**

34
api/app/Http/Requests/FormBuilder/IndexFailuresRequest.php Normal file
View File

@@ -0,0 +1,34 @@
<?php
declare(strict_types=1);
namespace App\Http\Requests\FormBuilder;
use Illuminate\Foundation\Http\FormRequest;
/**
* Sessie 3c (WS-6) query-param validation for the failure index
* endpoints (orgIndex + platformIndex). All params are optional;
* `state` defaults to `open` at the controller layer.
*/
final class IndexFailuresRequest extends FormRequest
{
public function authorize(): bool
{
return true;
}
/**
* @return array<string, mixed>
*/
public function rules(): array
{
return [
'state' => ['nullable', 'string', 'in:open,resolved,dismissed,all'],
'search' => ['nullable', 'string', 'max:255'],
'failed_at_from' => ['nullable', 'date'],
'failed_at_to' => ['nullable', 'date', 'after_or_equal:failed_at_from'],
'listener_class' => ['nullable', 'string', 'max:255'],
];
}
}

27
api/app/Http/Resources/FormBuilder/FormSubmissionActionFailureResource.php
View File

@@ -4,11 +4,19 @@ declare(strict_types=1);
namespace App\Http\Resources\FormBuilder;
use App\Models\FormBuilder\FormSchema;
use App\Models\FormBuilder\FormSubmission;
use App\Models\FormBuilder\FormSubmissionActionFailure;
use App\Models\Organisation;
use Illuminate\Http\Request;
use Illuminate\Http\Resources\Json\JsonResource;
/**
* Sessie 3c (WS-6) admin UI consumes denormalized labels
* (`organisation_name`, `form_schema_label`, user names) plus a full
* stack trace and per-attempt retry history. The relations are
* eager-loaded by the controller via {@see FormSubmissionActionFailure::loadAdminListContext()}.
*
* @mixin FormSubmissionActionFailure
*/
final class FormSubmissionActionFailureResource extends JsonResource
@@ -18,6 +26,13 @@ final class FormSubmissionActionFailureResource extends JsonResource
*/
public function toArray(Request $request): array
{
/** @var FormSubmission|null $submission */
$submission = $this->submission;
/** @var Organisation|null $organisation */
$organisation = $submission?->organisation;
/** @var FormSchema|null $schema */
$schema = $submission?->schema;
return [
'id' => $this->id,
'form_submission_id' => $this->form_submission_id,
@@ -26,11 +41,16 @@ final class FormSubmissionActionFailureResource extends JsonResource
'failed_at' => $this->failed_at->toIso8601String(),
'exception_class' => $this->exception_class,
'exception_message' => $this->exception_message,
'exception_trace' => $this->exception_trace,
'context' => $this->context,
'retry_count' => $this->retry_count,
'resolved_at' => $this->resolved_at?->toIso8601String(),
'resolved_by_user_id' => $this->resolved_by_user_id,
'resolved_by_user_name' => $this->resolvedBy?->name,
'resolved_note' => $this->resolved_note,
'dismissed_at' => $this->dismissed_at?->toIso8601String(),
'dismissed_by_user_id' => $this->dismissed_by_user_id,
'dismissed_by_user_name' => $this->dismissedBy?->name,
'dismissed_reason_type' => $this->dismissed_reason_type?->value,
'dismissed_reason_note' => $this->dismissed_reason_note,
'state' => match (true) {
@@ -38,6 +58,13 @@ final class FormSubmissionActionFailureResource extends JsonResource
$this->dismissed_at !== null => 'dismissed',
default => 'open',
},
'organisation_id' => $organisation?->id,
'organisation_name' => $organisation?->name,
'form_schema_id' => $schema?->id,
'form_schema_label' => $schema?->name,
'retry_history' => FormSubmissionActionFailureRetryAttemptResource::collection(
$this->whenLoaded('retryAttempts'),
),
];
}
}

31
api/app/Http/Resources/FormBuilder/FormSubmissionActionFailureRetryAttemptResource.php Normal file
View File

@@ -0,0 +1,31 @@
<?php
declare(strict_types=1);
namespace App\Http\Resources\FormBuilder;
use App\Models\FormBuilder\FormSubmissionActionFailureRetryAttempt;
use Illuminate\Http\Request;
use Illuminate\Http\Resources\Json\JsonResource;
/**
* @mixin FormSubmissionActionFailureRetryAttempt
*/
final class FormSubmissionActionFailureRetryAttemptResource extends JsonResource
{
/**
* @return array<string, mixed>
*/
public function toArray(Request $request): array
{
return [
'id' => $this->id,
'attempted_at' => $this->attempted_at->toIso8601String(),
'attempted_by_user_id' => $this->attempted_by_user_id,
'attempted_by_user_name' => $this->attemptedBy?->name,
'outcome' => $this->outcome,
'exception_class' => $this->exception_class,
'exception_message' => $this->exception_message,
];
}
}