Initial implementation: multi-tenant Kanban board (Phase 1)
Complete Phase 1 foundation with working board, column, and card CRUD: - SvelteKit + TypeScript + Tailwind CSS v4 + adapter-node - Full Prisma schema with 18 tables (tenants, users, boards, columns, cards, etc.) - Multi-tenant architecture with hostname-based tenant resolution - Email/password auth with bcrypt + session cookies - Board/Column/Card API routes with full CRUD - Fractional indexing for drag-and-drop ordering - Board view with svelte-dnd-action for column and card drag-and-drop - Card modal with inline editing - Auth pages (login, register) - Board listing with create form - RLS policies SQL script for tenant isolation - Prisma RLS client extensions (forTenant/bypassRLS) - Permission helpers (canEditBoard, canManageMembers, etc.) - Socket.IO server setup (dev Vite plugin + production Express server) - Client-side socket store for real-time updates - Docker Compose (app + PostgreSQL 16) + multi-stage Dockerfile - Database seed script (default tenant + admin user) Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
This commit is contained in:
@@ -0,0 +1,74 @@
|
||||
import { json, error } from '@sveltejs/kit';
|
||||
import type { RequestHandler } from './$types.js';
|
||||
import { prisma } from '$lib/server/db.js';
|
||||
import { boardSchema } from '$lib/server/validation.js';
|
||||
|
||||
// List boards for current tenant
|
||||
export const GET: RequestHandler = async ({ locals }) => {
|
||||
const tenant = locals.tenant;
|
||||
if (!tenant) throw error(400, 'Unknown tenant');
|
||||
|
||||
const where: Record<string, unknown> = { tenantId: tenant.id, archived: false };
|
||||
|
||||
// If not logged in, only show public boards
|
||||
if (!locals.user) {
|
||||
where.visibility = 'PUBLIC';
|
||||
} else {
|
||||
// Show boards user is a member of + public boards
|
||||
where.OR = [
|
||||
{ visibility: 'PUBLIC' },
|
||||
{ members: { some: { userId: locals.user.id } } }
|
||||
];
|
||||
delete where.visibility;
|
||||
}
|
||||
|
||||
const boards = await prisma.board.findMany({
|
||||
where,
|
||||
include: {
|
||||
members: {
|
||||
include: { user: { select: { id: true, name: true, avatarUrl: true } } }
|
||||
},
|
||||
_count: { select: { columns: true } }
|
||||
},
|
||||
orderBy: { updatedAt: 'desc' }
|
||||
});
|
||||
|
||||
return json({ boards });
|
||||
};
|
||||
|
||||
// Create a new board
|
||||
export const POST: RequestHandler = async ({ request, locals }) => {
|
||||
const tenant = locals.tenant;
|
||||
if (!tenant) throw error(400, 'Unknown tenant');
|
||||
if (!locals.user) throw error(401, 'Not authenticated');
|
||||
|
||||
const body = await request.json();
|
||||
const result = boardSchema.safeParse(body);
|
||||
if (!result.success) {
|
||||
return json({ error: result.error.issues[0].message }, { status: 400 });
|
||||
}
|
||||
|
||||
const { title, description, visibility } = result.data;
|
||||
|
||||
const board = await prisma.board.create({
|
||||
data: {
|
||||
tenantId: tenant.id,
|
||||
title,
|
||||
description,
|
||||
visibility,
|
||||
members: {
|
||||
create: {
|
||||
userId: locals.user.id,
|
||||
role: 'OWNER'
|
||||
}
|
||||
}
|
||||
},
|
||||
include: {
|
||||
members: {
|
||||
include: { user: { select: { id: true, name: true, avatarUrl: true } } }
|
||||
}
|
||||
}
|
||||
});
|
||||
|
||||
return json({ board }, { status: 201 });
|
||||
};
|
||||
Reference in New Issue
Block a user