feat(korrespondenz): address PR #164 review – blockers and suggestions

Blockers (14): - B1: fix senderName/receiverName to use $derived instead of $state + sync $effect - B2: migrate all korrespondenz components from messages-extra shim to paraglide m.* - B3: i18n CorrespondenzEmptyState (heading, subtext, search placeholder) - B4: add response.ok checks to admin layout server load - B5: add response.ok checks to korrespondenz page server load - B6: add page.server.spec.ts with 5 test suites for korrespondenz load function - B7: add axe-core accessibility checks to all e2e korrespondenz tests - B8: add Testcontainers JPQL tests for findSinglePersonCorrespondence (DISTINCT + sender) - B9: hide auth reset-token endpoint from OpenAPI spec; remove from generated api.ts - B11: replace amber hardcoded hex colors in SinglePersonHintBar with brand tokens - B12: replace clipboard emoji with Heroicons SVG in SinglePersonHintBar - B13: create DateInput component (German dd.mm.yyyy); use it in CorrespondenzFilterControls - B14: add Paraglide compile step to CI workflow before lint/test Suggestions (11): - S1: make CorrespondentSuggestionsDropdown a pure display component; lift fetch to PersonBar - S2: fix leftover messages-extra import in ConversationTimeline; use brand tokens for status dots - S3: add intent comment to EntityNav openFlyout behavior - S4: rename canManageGroups → canManagePermissions throughout admin - S6: remove domFlush helper from DateInput spec; use expect.poll instead - S7: replace test.skip with throw new Error in bilateral e2e tests - S8: add inverse aria-disabled test for filter strip - S9: remove sm:min-h-0 from sort button to preserve 44px touch target - S10: add title attributes to tablet trigger buttons in EntityNav - S11: delete messages-extra.ts shim entirely Also: fix admin pages revealing blank strip at bottom (-mb-6 on admin layout) Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-03-30 19:57:48 +02:00
parent 9d6c7b8605
commit 154f859efc
26 changed files with 459 additions and 184 deletions
--- a/backend/src/main/java/org/raddatz/familienarchiv/controller/AuthE2EController.java
+++ b/backend/src/main/java/org/raddatz/familienarchiv/controller/AuthE2EController.java
@@ -10,6 +10,8 @@ import org.springframework.web.bind.annotation.RequestMapping;
 import org.springframework.web.bind.annotation.RequestParam;
 import org.springframework.web.bind.annotation.RestController;

+import io.swagger.v3.oas.annotations.Operation;
+
 import lombok.RequiredArgsConstructor;

 /**
@@ -24,6 +26,9 @@ public class AuthE2EController {

    private final PasswordResetTokenRepository tokenRepository;

+    // Hidden from the OpenAPI spec — this endpoint must never appear in the generated api.ts
+    // even when the e2e profile is active alongside the dev profile during spec generation.
+    @Operation(hidden = true)
    @GetMapping("/reset-token-for-test")
    public ResponseEntity<String> getResetTokenForTest(@RequestParam String email) {
        return tokenRepository.findLatestActiveTokenByEmail(email, LocalDateTime.now())