1
0

Repo Interface für tests

This commit is contained in:
2026-03-05 08:26:51 +01:00
parent 8f4dd5840d
commit 4b31fc7664
171 changed files with 3518 additions and 2297 deletions

View File

@@ -12,7 +12,7 @@ Durchgaengig dieselben technischen Grenzen durchsetzen, damit Core robust, wartb
## Verbindliche Regeln
1. MUST Layering einhalten (`pages` -> `Service` -> `Repository`, Templates nur Rendering).
2. MUST Request/Input/Validation-Contract einhalten (`requestInput()`, `FormErrors`, API-Validation ueber `ApiResponse::validationFromFormErrors(...)`).
2. MUST Request/Input/Validation-Contract einhalten (`requestInput()`, `FormErrors`, API-Validation ueber `ApiResponse::validationFromFormErrors(...)`, kein `ApiResponse::readJsonBody(...)` in `pages/api/v1/**`).
3. MUST AuthZ/RBAC serverseitig durchsetzen und im UI nur ueber `$viewAuth` steuern.
4. MUST UI-Standards und Data-Contracts fuer Listen/Detailseiten nutzen (Wrapper, Partials, keine inline `confirm(...)`).
5. MUST Quality-Gates ausfuehren und Ergebnis transparent berichten.

View File

@@ -20,6 +20,13 @@
2. MUST NOT `$_POST`, `$_GET`, `$_FILES`, `REQUEST_METHOD` in `pages/**` verwenden.
3. MUST Form-Validation ueber `FormErrors` fuehren.
4. MUST API-Validation-Fehler ueber `ApiResponse::validationFromFormErrors(...)` ausgeben.
5. MUST NOT `ApiResponse::readJsonBody(...)` in `pages/api/v1/**` verwenden.
## List-Data Endpoints
1. MUST `pages/**/data().php` als GET-only Endpunkte umsetzen (`gridRequireGetRequest()`).
2. MUST Query-Filter ueber `gridParseFilters(...)` + `filter-schema.php` normalisieren.
3. MUST NOT Query-Filter inline/parallele Alias-Parser in `data().php` neu einfuehren.
## Security / API

View File

@@ -16,6 +16,7 @@
(rg -n '\bDB::' pages -g '*.php' || true) | wc -l
(rg -n 'app\([^\n]*Factory::class\)->create' pages/admin -g '*.php' || true) | wc -l
(rg -n 'Factory::class' pages/admin -g '*.php' || true) | wc -l
(rg -n 'ApiResponse::readJsonBody\(' pages/api/v1 -g '*.php' || true) | wc -l
```
Erwartung: jeweils `0`.