109 lines
4.9 KiB
Markdown
109 lines
4.9 KiB
Markdown
|
---
|
||
|
|
phase: 07-audit-trail-and-download
|
||
|
|
plan: "03"
|
||
|
|
type: execute
|
||
|
|
wave: 3
|
||
|
|
depends_on:
|
||
|
|
- "07-02"
|
||
|
|
files_modified: []
|
||
|
|
autonomous: false
|
||
|
|
requirements:
|
||
|
|
- SIGN-07
|
||
|
|
- LEGAL-03
|
||
|
|
|
||
|
|
must_haves:
|
||
|
|
truths:
|
||
|
|
- "Agent downloads the signed PDF from the document detail page and receives the actual file"
|
||
|
|
- "Dashboard shows Signed status badge for the signed document"
|
||
|
|
- "Dashboard shows a non-empty Date Signed value for the signed document"
|
||
|
|
- "Accessing uploads/ directory or file directly via guessable URL returns an error, not the file"
|
||
|
|
artifacts: []
|
||
|
|
key_links: []
|
||
|
|
---
|
||
|
|
|
||
|
|
<objective>
|
||
|
|
Human verification checkpoint: confirm that the agent-facing download, Signed status badge, private storage guard, and download-only-for-Signed rule all pass the Phase 7 success criteria.
|
||
|
|
|
||
|
|
Purpose: Satisfy the observable success criteria for SIGN-07 and LEGAL-03 through direct browser verification.
|
||
|
|
|
||
|
|
Output: Human confirmation that all Phase 7 success criteria are met (or issue report for gap closure).
|
||
|
|
</objective>
|
||
|
|
|
||
|
|
<execution_context>
|
||
|
|
@/Users/ccopeland/.claude/get-shit-done/workflows/execute-plan.md
|
||
|
|
@/Users/ccopeland/.claude/get-shit-done/templates/summary.md
|
||
|
|
</execution_context>
|
||
|
|
|
||
|
|
<context>
|
||
|
|
@.planning/ROADMAP.md
|
||
|
|
@.planning/phases/07-audit-trail-and-download/07-02-SUMMARY.md
|
||
|
|
</context>
|
||
|
|
|
||
|
|
<tasks>
|
||
|
|
|
||
|
|
<task type="checkpoint:human-verify" gate="blocking">
|
||
|
|
<name>Task 1: Full Phase 7 browser verification</name>
|
||
|
|
<action>Start the dev server and walk through the Phase 7 verification checklist below. No code changes needed — this task is observation only.</action>
|
||
|
|
<files>none</files>
|
||
|
|
<verify>Human approval of all 4 verification criteria below.</verify>
|
||
|
|
<done>Agent confirms: download button works, Signed badge shows, Date Signed populates, guessable URLs return 404.</done>
|
||
|
|
<what-built>
|
||
|
|
Plan 01: Agent-authenticated download API at GET /api/documents/[id]/download — 5-min presigned JWT (adt query param), path traversal guard, streams signedFilePath PDF.
|
||
|
|
|
||
|
|
Plan 02:
|
||
|
|
- Document detail page: generates agentDownloadUrl server-side for Signed docs, passes to PreparePanel
|
||
|
|
- PreparePanel: green "Document Signed" panel with signed timestamp + "Download Signed PDF" anchor for Signed status; unchanged prepare form for Draft; read-only message for Sent/Viewed
|
||
|
|
- DocumentsTable: Date Signed column added to table
|
||
|
|
- Dashboard page: signedAt included in DB select
|
||
|
|
</what-built>
|
||
|
|
<how-to-verify>
|
||
|
|
Start the dev server: `cd teressa-copeland-homes && npm run dev`
|
||
|
|
|
||
|
|
Prerequisite: You need a document with status "Signed" and signedFilePath populated in the DB. Use an existing signed document from Phase 6 testing, or run through a quick signing ceremony now.
|
||
|
|
|
||
|
|
**Criterion 1 — Agent download (SIGN-07):**
|
||
|
|
1. Log in to the portal at http://localhost:3000/portal/dashboard
|
||
|
|
2. Find a document with status "Signed" — confirm the "Date Signed" column shows a formatted date (not "—")
|
||
|
|
3. Click the document name to navigate to the document detail page (/portal/documents/[id])
|
||
|
|
4. Confirm the right sidebar shows a green panel labeled "Document Signed" with the signed date/time and a "Download Signed PDF" button
|
||
|
|
5. Click "Download Signed PDF" — confirm browser PDF download dialog appears and the file saves successfully
|
||
|
|
6. Open the downloaded file — confirm it is a PDF containing the drawn signature
|
||
|
|
|
||
|
|
**Criterion 2 — Status badge (SIGN-07 success criterion 3):**
|
||
|
|
7. Return to http://localhost:3000/portal/dashboard
|
||
|
|
8. Confirm the signed document's Status column shows "Signed" badge (green/teal styling)
|
||
|
|
|
||
|
|
**Criterion 3 — Private storage (LEGAL-03):**
|
||
|
|
9. In the browser address bar, visit: http://localhost:3000/uploads/
|
||
|
|
10. Confirm it returns 404 — NOT a directory listing or file contents
|
||
|
|
11. Also try: http://localhost:3000/uploads/clients/ — confirm 404
|
||
|
|
|
||
|
|
**Criterion 4 — Download button absent for non-Signed documents:**
|
||
|
|
12. Navigate to any document with status "Draft", "Sent", or "Viewed"
|
||
|
|
13. Confirm the right sidebar does NOT show a "Download Signed PDF" button (Draft shows prepare form; Sent/Viewed shows read-only status message)
|
||
|
|
</how-to-verify>
|
||
|
|
<resume-signal>
|
||
|
|
Type "approved" if all 4 criteria pass.
|
||
|
|
Or describe which criterion failed and what you observed — Claude will diagnose and create a gap closure plan.
|
||
|
|
</resume-signal>
|
||
|
|
</task>
|
||
|
|
|
||
|
|
</tasks>
|
||
|
|
|
||
|
|
<verification>
|
||
|
|
All three Phase 7 roadmap success criteria verified by human:
|
||
|
|
1. Agent can download the signed PDF from the document detail page via authenticated presigned URL (5-minute TTL)
|
||
|
|
2. Signed PDFs are stored in a private local directory — a direct or guessable URL returns 404, not the file
|
||
|
|
3. Document status in the dashboard updates correctly to "Signed" after a signing ceremony completes
|
||
|
|
</verification>
|
||
|
|
|
||
|
|
<success_criteria>
|
||
|
|
- Human types "approved" after verifying all 4 browser checks
|
||
|
|
- Phase 7 is marked complete in ROADMAP.md and STATE.md
|
||
|
|
- REQUIREMENTS.md checkboxes for SIGN-07 and LEGAL-03 updated to [x]
|
||
|
|
</success_criteria>
|
||
|
|
|
||
|
|
<output>
|
||
|
|
After completion, create `.planning/phases/07-audit-trail-and-download/07-03-SUMMARY.md`
|
||
|
|
</output>
|