mirror of https://github.com/Memo-2023/mana-monorepo.git synced 2026-05-15 08:01:09 +02:00

Mirror of github.com/Memo-2023/mana-monorepo

Find a file

Till JS 94d7dd4831 feat(mana/web): tier-gate workbench picker, openApps, and per-route navigation Guests and under-tier users could see and use every module in the workbench because tier-filtering only existed in @mana/shared-branding's MANA_APPS list — never in the workbench app-registry that the picker and the page-level routes actually consume. Three leaks closed: ──── 1. Workbench AppPagePicker ──── The picker was calling getAllApps() and only filtering by "already open in this scene". Result: a guest opening "Add page" saw all 32 modules including founder-only ones like dreams, finance, memoro. Fix: new getAccessibleApps(userTier) helper in app-registry/registry.ts joins the workbench in-memory map with MANA_APPS by id, looks up each app's requiredTier, and filters via hasAppAccess. Apps that exist in the workbench registry but NOT in MANA_APPS (`automations`, `playground`, the `inventar` ↔ `inventory` id mismatch) default to visible — hiding them would silently break internal tools for founders/devs. AppPagePicker now takes a `userTier` prop and calls getAccessibleApps(userTier) instead of getAllApps(). (app)/+page.svelte threads authStore.user?.tier into it. ──── 2. openApps soft-filter ──── The default Home scene seeds [todo, calendar, notes] — `notes` is founder-tier, so a brand-new guest device would still try to render the notes view in their workbench tab strip even though they can't actually use it. Same risk for any cross-device synced scene that contains gated apps (e.g. founder logs in on a public-tier secondary account). Fix: (app)/+page.svelte derives `openApps` through a soft filter (isAppAccessible) instead of using workbenchScenesStore.openApps directly. The store keeps the full list — we don't destructively delete on tier downgrades — so the tabs reappear when the user upgrades or signs in. Internal-only apps (no MANA_APPS entry) stay visible by the same default-visible rule. ──── 3. Per-route tier gate in (app)/+layout.svelte ──── The wrapping <AuthGate> in (app)/+layout.svelte: - only runs onMount, so it doesn't react to client-side navigation - skips the tier check entirely when !authStore.isAuthenticated - has no per-route requiredTier — it's set once on the outer wrapper So a guest typing /dreams or /cycles in the URL bar slipped past silently and rendered the gated module. Same for a public-tier user clicking through to /finance. Fix: reactive `routeBlocked` derivation in the (app) layout: - Extract first path segment from $page.url.pathname - Look it up in MANA_APPS by id - If found and user (or 'guest') doesn't satisfy requiredTier, render an inline tier-denied panel instead of {@render children()} The panel mirrors AuthGate's tier-denied design (same locked icon + tier comparison + "Zur Übersicht" / "Anmelden" buttons) but works reactively for any subsequent navigation. Routes that don't map to a MANA_APPS id (settings, profile, admin, help, observatory, …) fall through with routeAppId=null and are never blocked. ──── New helpers in app-registry ──── getAccessibleApps(userTier?) — filtered AppDescriptor[] isAppAccessible(appId, userTier?) — boolean for single-app lookup Both treat `userTier === undefined \| null` as 'guest' (the lowest tier in @mana/shared-branding). Both default-visible for apps not in MANA_APPS so the workbench-internal tools keep working. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>		2026-04-09 12:08:49 +02:00
.changeset	feat(versioning): add semantic versioning and changesets to all apps	2026-03-19 16:20:18 +01:00
.claude	feat(manacore/web): wire TagField, FavoriteButton, ColorPicker into module UIs	2026-04-02 17:20:46 +02:00
.github	test(integration): end-to-end auth flow test with Mailpit + CI gating	2026-04-08 17:14:02 +02:00
.husky	fix(devtools): fix pre-commit hook - add eslint-config dep, remove type-check	2026-03-17 13:08:51 +01:00
apps	feat(mana/web): tier-gate workbench picker, openApps, and per-route navigation	2026-04-09 12:08:49 +02:00
docker	fix(mana/web): unwrap $state proxy in workbench-scenes Dexie writes	2026-04-09 00:44:00 +02:00
docs	docs: refactoring audit April 2026	2026-04-09 11:57:33 +02:00
games	chore: remove abandoned per-product workspace artifacts	2026-04-09 11:56:51 +02:00
load-tests	chore: rename mukke to music in infra, scripts, and CI/CD	2026-04-05 16:47:57 +02:00
NewAppIdeas/Roblox Reimagined	chore: complete ManaCore → Mana rename (docs, go modules, plists, images)	2026-04-07 12:26:10 +02:00
packages	chore(packages): remove 4 dead zero-consumer packages	2026-04-09 11:56:25 +02:00
patches	fix(traces): configure EAS Build for TestFlight and fix bot-services build	2026-03-17 13:16:38 +01:00
scripts	fix(macmini): auto-rebuild stale sveltekit-base before per-app web builds	2026-04-08 22:35:46 +02:00
services	chore(workspace): remove redundant nested lockfiles + workspace.yaml	2026-04-09 11:57:11 +02:00
tests	fix(mana-auth): account lockout was structurally dead + add failure-path tests	2026-04-08 18:29:00 +02:00
.dockerignore	make auth working	2025-11-26 01:31:12 +01:00
.editorconfig	feat: add monorepo configuration and shared packages structure	2025-11-22 23:41:52 +01:00
.env.development	chore(env): default MANA_LLM_URL to llm.mana.how	2026-04-08 16:55:01 +02:00
.env.macmini.example	refactor(shared-tailwind): rewrite themes.css to single-layer shadcn convention	2026-04-09 01:13:06 +02:00
.env.secrets.example	feat(env): persistent dev secrets via .env.secrets override	2026-04-08 17:50:37 +02:00
.gitignore	feat(env): persistent dev secrets via .env.secrets override	2026-04-08 17:50:37 +02:00
.npmrc	fix(monorepo): add .npmrc with node-linker=hoisted for EAS Build compatibility	2026-03-15 08:50:18 +01:00
.nvmrc	feat: add monorepo configuration and shared packages structure	2025-11-22 23:41:52 +01:00
.prettierignore	chore: complete ManaCore → Mana rename (docs, go modules, plists, images)	2026-04-07 12:26:10 +02:00
.prettierrc.json	fix(cicd): docker paths, formatting config,	2025-11-27 18:33:08 +01:00
CLAUDE.md	docs(local-llm): document browser-local LLM stack and CSP requirements	2026-04-08 23:27:50 +02:00
cloudflared-config.yml	fix(mana-auth) + chore: rewrite /api/v1/auth/login JWT mint, remove Matrix stack	2026-04-08 16:32:13 +02:00
docker-compose.dev.yml	test(integration): end-to-end auth flow test with Mailpit + CI gating	2026-04-08 17:14:02 +02:00
docker-compose.macmini.yml	refactor(shared-tailwind): rewrite themes.css to single-layer shadcn convention	2026-04-09 01:13:06 +02:00
docker-compose.test.yml	test(integration): end-to-end auth flow test with Mailpit + CI gating	2026-04-08 17:14:02 +02:00
eslint.config.mjs	chore: complete ManaCore → Mana rename (docs, go modules, plists, images)	2026-04-07 12:26:10 +02:00
gift-codes-2026-02-14.txt	✨ feat(gifts): add gift code creation script and initial codes	2026-02-14 11:23:08 +01:00
lint-staged.config.js	chore: archive 17 standalone app servers (replaced by unified API)	2026-04-02 21:37:45 +02:00
package.json	chore: remove abandoned per-product workspace artifacts	2026-04-09 11:56:51 +02:00
playwright.config.ts	style: auto-format codebase with Prettier	2025-11-27 18:33:16 +01:00
pnpm-lock.yaml	feat(shared-llm): Phase 4 — persistent LLM task queue	2026-04-09 01:51:20 +02:00
pnpm-workspace.yaml	chore: delete 25 web-archived directories, remove stale stubs, clean workspace config	2026-04-03 13:03:49 +02:00
README.md	chore: complete ManaCore → Mana rename (docs, go modules, plists, images)	2026-04-07 12:26:10 +02:00
TROUBLESHOOTING.md	chore: complete ManaCore → Mana rename (docs, go modules, plists, images)	2026-04-07 12:26:10 +02:00
turbo.json	feat: rename ManaCore to Mana across entire codebase	2026-04-05 20:00:13 +02:00
vitest.config.ts	feat: rename ManaCore to Mana across entire codebase	2026-04-05 20:00:13 +02:00

README.md

Mana Monorepo

Monorepo containing all Mana projects — a self-hosted multi-app ecosystem with shared packages and unified tooling.

Projects

Project	Description	Apps
mana	Multi-app ecosystem platform	Expo mobile, SvelteKit web
chat	AI chat application	NestJS backend, Expo mobile, SvelteKit web, Astro landing
todo	Task management	NestJS backend, SvelteKit web, Astro landing
calendar	Calendar & scheduling	NestJS backend, SvelteKit web, Astro landing
clock	Pomodoro & time tracking	NestJS backend, SvelteKit web, Astro landing
contacts	Contact management	NestJS backend, SvelteKit web
picture	AI image generation	NestJS backend, Expo mobile, SvelteKit web, Astro landing
cards	Card/deck management	NestJS backend, Expo mobile, SvelteKit web
zitare	Daily inspiration quotes	NestJS backend, Expo mobile, SvelteKit web, Astro landing
mukke	Music player	NestJS backend, SvelteKit web
planta	Plant care tracker	NestJS backend, SvelteKit web
storage	Cloud storage	NestJS backend, SvelteKit web
questions	Q&A with web search	SvelteKit web
skilltree	Skill tree visualization	NestJS backend, SvelteKit web
nutriphi	Nutrition tracking	NestJS backend, SvelteKit web
citycorners	City guide	NestJS backend, SvelteKit web, Astro landing
presi	Presentation tool	NestJS backend, SvelteKit web
photos	Photo management	NestJS backend, SvelteKit web

Getting Started

Prerequisites

Node.js 20+
pnpm 9.15.0+
Docker (for PostgreSQL, Redis, MinIO)

Installation

pnpm install

Development

# Start infrastructure (PostgreSQL, Redis, MinIO)
pnpm docker:up

# Start any app with auto DB setup
pnpm dev:chat:full
pnpm dev:todo:full
pnpm dev:calendar:full
pnpm dev:contacts:full

# Build & quality
pnpm run build
pnpm run type-check
pnpm run format

See CLAUDE.md for comprehensive development documentation.

Architecture

mana-monorepo/
├── apps/                    # Product applications
├── services/                # Microservices (auth, search, LLM, bots)
├── packages/                # Shared packages
├── docker/                  # Docker configuration
└── scripts/                 # Development & deployment scripts

Tooling

Package Manager: pnpm 9.15.0
Build System: Turborepo
Formatting: Prettier (tabs, single quotes, 100 char width)
Hosting: Mac Mini (self-hosted) via Docker + Cloudflare Tunnel
Analytics: Umami (stats.mana.how)