nalalangan/fiddy

Nico 4873449e16 initial commit

2026-02-11 23:45:15 -08:00

1.0 KiB

Raw Blame History

Entries CRUD Plan

Focus

Implement entry CRUD (list/create/update/delete) scoped to active group. Ensure list endpoints never return receipt bytes.

Goals

Create, read, update, delete entries for active group only.
Enforce server-side membership/authorization.
Keep receipt bytes out of list responses.

Planned changes

Backend

Routes:

GET /api/entries (list for active group)
POST /api/entries (create)
PATCH /api/entries/:id (update)
DELETE /api/entries/:id (delete)

Helpers:

requireActiveGroup(userId)
requireGroupMember(userId, groupId)

Frontend

Basic entries list + create form on dashboard.

Tests

API tests for create/list/update/delete with group scoping.

Files impacted

apps/web/app/api/entries/*
apps/web/lib/server/entries.ts
apps/web/lib/client/entries.ts
apps/web/hooks/use-entries.ts
apps/web/components/entries-panel.tsx
apps/web/app/page.tsx
apps/web/__tests__/entries.test.ts

Status

Implemented

Test output

entries CRUD