phil/StarPunk
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat(tags): Add database schema and tags module (v1.3.0 Phase 1)

Browse Source 
Implements tag/category system backend following microformats2 p-category specification.

Database changes:
- Migration 008: Add tags and note_tags tables
- Normalized tag storage (case-insensitive lookup, display name preserved)
- Indexes for performance

New module:
- starpunk/tags.py: Tag management functions
  - normalize_tag: Normalize tag strings
  - get_or_create_tag: Get or create tag records
  - add_tags_to_note: Associate tags with notes (replaces existing)
  - get_note_tags: Retrieve note tags (alphabetically ordered)
  - get_tag_by_name: Lookup tag by normalized name
  - get_notes_by_tag: Get all notes with specific tag
  - parse_tag_input: Parse comma-separated tag input

Model updates:
- Note.tags property (lazy-loaded, prefer pre-loading in routes)
- Note.to_dict() add include_tags parameter

CRUD updates:
- create_note() accepts tags parameter
- update_note() accepts tags parameter (None = no change, [] = remove all)

Micropub integration:
- Pass tags to create_note() (tags already extracted by extract_tags())
- Return tags in q=source response

Per design doc: docs/design/v1.3.0/microformats-tags-design.md

Generated with Claude Code

Co-Authored-By: Claude <noreply@anthropic.com>
This commit is contained in:
Phil Skentelbery
2025-12-10 11:24:23 -07:00
parent 927db4aea0
commit f10d0679da
188 changed files with 601 additions and 945 deletions
Download Patch File Download Diff File Expand all files Collapse all files

306
docs/design/v1.0.0/delete-route-404-fix-implementation.md Normal file
View File

@@ -0,0 +1,306 @@
# Delete Route 404 Fix - Implementation Report
**Date**: 2025-11-18
**Developer**: StarPunk Developer Subagent
**Component**: Admin Routes - Delete Note
**Test Status**: 405/406 passing (99.75%)
## Summary
Fixed the delete route to return HTTP 404 when attempting to delete nonexistent notes, achieving full ADR-012 compliance and pattern consistency with the edit route.
## Problem
The delete route (`POST /admin/delete/<id>`) was not checking if a note existed before attempting deletion. Because the underlying `delete_note()` function is idempotent (returns successfully even for nonexistent notes), the route always showed "Note deleted successfully" regardless of whether the note existed.
This violated ADR-012 (HTTP Error Handling Policy), which requires routes to return 404 with an error message when operating on nonexistent resources.
## Implementation
### Code Changes
**File**: `/home/phil/Projects/starpunk/starpunk/routes/admin.py`
**Function**: `delete_note_submit()` (lines 173-206)
Added existence check after docstring, before confirmation check:
```python
# Check if note exists first (per ADR-012)
existing_note = get_note(id=note_id, load_content=False)
if not existing_note:
flash("Note not found", "error")
return redirect(url_for("admin.dashboard")), 404
```
This follows the exact same pattern as the update route (lines 148-152), ensuring consistency across all admin routes.
### Test Fix
**File**: `/home/phil/Projects/starpunk/tests/test_routes_admin.py`
**Test**: `test_delete_nonexistent_note_shows_error` (line 443)
The test was incorrectly using `follow_redirects=True` and expecting status 200. When Flask returns `redirect(), 404`, the test client does NOT follow the redirect because of the 404 status code.
**Before**:
```python
def test_delete_nonexistent_note_shows_error(self, authenticated_client):
"""Test deleting nonexistent note shows error"""
response = authenticated_client.post(
"/admin/delete/99999", data={"confirm": "yes"}, follow_redirects=True
)
assert response.status_code == 200
assert (
b"error" in response.data.lower() or b"not found" in response.data.lower()
)
```
**After**:
```python
def test_delete_nonexistent_note_shows_error(self, authenticated_client):
"""Test deleting nonexistent note returns 404"""
response = authenticated_client.post(
"/admin/delete/99999", data={"confirm": "yes"}
)
assert response.status_code == 404
```
This now matches the pattern used by `test_update_nonexistent_note_404` (line 381-386).
## Architectural Compliance
### ADR-012 Compliance
| Requirement | Status |
|-------------|--------|
| Return 404 for nonexistent resource | ✅ Yes (`return ..., 404`) |
| Check existence before operation | ✅ Yes (`get_note()` before `delete_note()`) |
| Include user-friendly flash message | ✅ Yes (`flash("Note not found", "error")`) |
| Redirect to safe location | ✅ Yes (`redirect(url_for("admin.dashboard"))`) |
### Pattern Consistency
All admin routes now follow the same pattern for handling nonexistent resources:
| Route | Method | 404 on Missing | Flash Message | Implementation |
|-------|--------|----------------|---------------|----------------|
| `/admin/edit/<id>` | GET | ✅ Yes | "Note not found" | Lines 118-122 |
| `/admin/edit/<id>` | POST | ✅ Yes | "Note not found" | Lines 148-152 |
| `/admin/delete/<id>` | POST | ✅ Yes | "Note not found" | Lines 193-197 |
## Implementation Details
### Existence Check
- **Function**: `get_note(id=note_id, load_content=False)`
- **Purpose**: Check if note exists without loading file content
- **Performance**: ~0.1ms (single SELECT query, no file I/O)
- **Returns**: `Note` object if found, `None` if not found or soft-deleted
### Flash Message
- **Message**: "Note not found"
- **Category**: "error" (displays as red alert in UI)
- **Rationale**: Consistent with edit route, clear and simple
### Return Statement
- **Pattern**: `return redirect(url_for("admin.dashboard")), 404`
- **Result**: HTTP 404 status with redirect to dashboard
- **UX**: User sees dashboard with error message, not blank 404 page
### Separation of Concerns
**Data Layer** (`delete_note()` function):
- Remains idempotent by design
- Returns successfully for nonexistent notes
- Supports retry scenarios and REST semantics
**Route Layer** (`delete_note_submit()` function):
- Now checks existence explicitly
- Returns proper HTTP status codes
- Handles user-facing error messages
## Testing Results
### Specific Test
```bash
uv run pytest tests/test_routes_admin.py::TestDeleteNote::test_delete_nonexistent_note_shows_error -v
```
**Result**: ✅ PASSED
### All Delete Tests
```bash
uv run pytest tests/test_routes_admin.py::TestDeleteNote -v
```
**Result**: ✅ 4/4 tests passed
### All Admin Route Tests
```bash
uv run pytest tests/test_routes_admin.py -v
```
**Result**: ✅ 32/32 tests passed
### Full Test Suite
```bash
uv run pytest
```
**Result**: ✅ 405/406 tests passing (99.75%)
**Remaining Failure**: `test_dev_mode_requires_dev_admin_me` (unrelated to this fix)
## Edge Cases Handled
### Case 1: Note Exists
- Existence check passes
- Confirmation check proceeds
- Deletion succeeds
- Flash: "Note deleted successfully"
- Return: 302 redirect
### Case 2: Note Doesn't Exist
- Existence check fails
- Flash: "Note not found"
- Return: 404 with redirect
- Deletion NOT attempted
### Case 3: Note Soft-Deleted
- `get_note()` excludes soft-deleted notes
- Treated as nonexistent from user perspective
- Flash: "Note not found"
- Return: 404 with redirect
### Case 4: Deletion Not Confirmed
- Existence check passes
- Confirmation check fails
- Flash: "Deletion cancelled"
- Return: 302 redirect (no 404)
## Performance Impact
### Before
1. DELETE query (inside `delete_note()`)
### After
1. SELECT query (`get_note()` - existence check)
2. DELETE query (inside `delete_note()`)
**Overhead**: ~0.1ms per deletion request
### Why This is Acceptable
1. Single-user system (not high traffic)
2. Deletions are rare operations
3. Correctness > performance for edge cases
4. Consistent with edit route (already accepts this overhead)
5. `load_content=False` avoids file I/O
## Files Changed
1. **starpunk/routes/admin.py**: Added 5 lines (existence check)
2. **tests/test_routes_admin.py**: Simplified test to match ADR-012
3. **CHANGELOG.md**: Documented fix in v0.5.2
## Version Update
Per `docs/standards/versioning-strategy.md`:
- **Previous**: v0.5.1
- **New**: v0.5.2
- **Type**: PATCH (bug fix, no breaking changes)
## Code Snippet
Complete delete route function after fix:
```python
@bp.route("/delete/<int:note_id>", methods=["POST"])
@require_auth
def delete_note_submit(note_id: int):
"""
Handle note deletion
Deletes a note after confirmation.
Requires authentication.
Args:
note_id: Database ID of note to delete
Form data:
confirm: Must be 'yes' to proceed with deletion
Returns:
Redirect to dashboard with success/error message
Decorator: @require_auth
"""
# Check if note exists first (per ADR-012)
existing_note = get_note(id=note_id, load_content=False)
if not existing_note:
flash("Note not found", "error")
return redirect(url_for("admin.dashboard")), 404
# Check for confirmation
if request.form.get("confirm") != "yes":
flash("Deletion cancelled", "info")
return redirect(url_for("admin.dashboard"))
try:
delete_note(id=note_id, soft=False)
flash("Note deleted successfully", "success")
except ValueError as e:
flash(f"Error deleting note: {e}", "error")
except Exception as e:
flash(f"Unexpected error deleting note: {e}", "error")
return redirect(url_for("admin.dashboard"))
```
## Verification
### Code Review Checklist
- ✅ Existence check is first operation (after docstring)
- ✅ Uses `get_note(id=note_id, load_content=False)` exactly
- ✅ Flash message is "Note not found" with category "error"
- ✅ Return statement is `return redirect(url_for("admin.dashboard")), 404`
- ✅ No changes to confirmation logic
- ✅ No changes to deletion logic
- ✅ No changes to exception handling
- ✅ No changes to imports (get_note already imported)
- ✅ Code matches update route pattern exactly
### Documentation Checklist
- ✅ Implementation report created
- ✅ Changelog updated
- ✅ Version incremented
- ✅ ADR-012 compliance verified
## Next Steps
This fix brings the test suite to 405/406 passing (99.75%). The remaining failing test (`test_dev_mode_requires_dev_admin_me`) is unrelated to this fix and will be addressed separately.
All admin routes now follow ADR-012 HTTP Error Handling Policy with 100% consistency.
## References
- **ADR-012**: HTTP Error Handling Policy
- **Architect Specs**:
- `docs/reports/delete-route-implementation-spec.md`
- `docs/reports/delete-nonexistent-note-error-analysis.md`
- `docs/reports/ARCHITECT-FINAL-ANALYSIS.md`
- **Implementation Files**:
- `starpunk/routes/admin.py` (lines 173-206)
- `tests/test_routes_admin.py` (lines 443-448)
---
**Implementation Complete**: ✅
**Tests Passing**: 405/406 (99.75%)
**ADR-012 Compliant**: ✅
**Pattern Consistent**: ✅