headroom/openspec/changes/headroom-foundation/tasks.md at main

santhoshj/headroom

Fork 0

Files

Santhosh Janardhanan 04022b7e0b Headroom - Foundation

2026-02-17 02:10:23 -05:00

22 KiB

Raw Permalink Blame History

1. Project Setup & Infrastructure

1.1 Create Docker Compose configuration (frontend, backend, postgres, redis containers)
1.2 Configure Dockerfile for Laravel backend (PHP 8.4-FPM, use :latest tag)
1.3 Configure Dockerfile for SvelteKit frontend (Node:latest)
1.4 Set up volume mounts for code (hot reload) and data (PostgreSQL, Redis)
1.5 Configure environment variables (.env files for frontend and backend)
1.6 Test Docker Compose startup (all 4 containers running)
1.7 Configure Nginx Proxy Manager routes (/api/* → Laravel, /* → SvelteKit)

2. Backend Foundation (Laravel)

2.1 Initialize Laravel 12 (latest) project with required dependencies
2.2 Install tymon/jwt-auth, predis/predis, knuckleswtf/scribe
2.3 Install pestphp/pest, laravel/pint for testing and linting
2.4 Configure PostgreSQL connection in config/database.php
2.5 Configure Redis connection for cache and sessions
2.6 Set up JWT authentication configuration (60min access, 7day refresh)
2.7 Configure CORS for SvelteKit frontend origin
2.8 Create API route structure (api.php)

3. Frontend Foundation (SvelteKit)

3.1 Initialize SvelteKit project with TypeScript
3.2 Install Tailwind CSS and DaisyUI
3.3 Install Recharts, TanStack Table (@tanstack/svelte-table)
3.4 Install Superforms (sveltekit-superforms) and Zod
3.5 Install Vitest and Playwright for testing
3.6 Configure Tailwind with DaisyUI theme
3.7 Create API client service (fetch wrapper with JWT token handling)
3.8 Create auth store (Svelte store for user, token management)
3.9 Create layout components (+layout.svelte, navigation)

4. Database Schema & Migrations

4.1 Create migration: roles table (id, name, description)
4.2 Create migration: project_statuses table (id, name, order, is_active, is_billable)
4.3 Create migration: project_types table (id, name, description)
4.4 Create migration: team_members table (id UUID, name, role_id, hourly_rate, active)
4.5 Create migration: projects table (id UUID, code unique, title, status_id, type_id, approved_estimate, forecasted_effort JSON)
4.6 Create migration: allocations table (id UUID, project_id, team_member_id, month, allocated_hours)
4.7 Create migration: actuals table (id UUID, project_id, team_member_id, month, hours_logged)
4.8 Create migration: holidays table (id UUID, date, name, description)
4.9 Create migration: ptos table (id UUID, team_member_id, start_date, end_date, reason, status)
4.10 Create migration: users table (id UUID, name, email, password, role enum)
4.11 Add indexes (composite on allocations/actuals for project+month, member+month)
4.12 Run migrations and verify schema

5. Database Seeders

5.1 Create seeder: roles (Frontend Dev, Backend Dev, QA, DevOps, UX, PM, Architect)
5.2 Create seeder: project_statuses (13 statuses with correct order)
5.3 Create seeder: project_types (Project, Support)
5.4 Create seeder: users (create superuser account for testing)
5.5 Run seeders and verify master data populated

6. Laravel Models & Relationships

6.1 Create TeamMember model with role relationship
6.2 Create Project model with status, type relationships, casts for forecasted_effort JSON
6.3 Create Allocation model with project, team_member relationships
6.4 Create Actual model with project, team_member relationships
6.5 Create Role, ProjectStatus, ProjectType models
6.6 Create Holiday, PTO models
6.7 Create User model with JWT authentication traits
6.8 Define model factories for testing (TeamMemberFactory, ProjectFactory, etc.)

7. Authentication (Backend)

7.1 Create AuthController (login, logout, refresh methods)
7.2 Implement login endpoint (validate credentials, generate JWT tokens)
7.3 Implement logout endpoint (invalidate refresh token in Redis)
7.4 Implement refresh endpoint (validate refresh token, rotate tokens)
7.5 Create JWT middleware for protecting routes
7.6 Store refresh tokens in Redis with 7-day TTL
7.7 Write unit tests for AuthController
7.8 Write feature tests for auth endpoints

8. Authentication (Frontend)

8.1 Create login page (/login route)
8.2 Create login form with Superforms + Zod validation
8.3 Implement auth API client methods (login, logout, refresh)
8.4 Create auth store (persist tokens in localStorage)
8.5 Implement token refresh logic (interceptor for 401 responses)
8.6 Create auth guard for protected routes (hooks.server.ts)
8.7 Add logout functionality to navigation
8.8 Write E2E test for login flow (Playwright)

9. Team Member Management (Backend)

9.1 Create TeamMemberController (index, store, show, update, destroy)
9.2 Create TeamMemberRequest for validation (name required, hourly_rate > 0)
9.3 Create TeamMemberResource for JSON transformation
9.4 Create TeamMemberPolicy for authorization (managers can CRUD)
9.5 Implement soft delete prevention (cannot delete if allocations exist)
9.6 Add API routes for team members
9.7 Write unit tests for TeamMember model
9.8 Write feature tests for team member endpoints

10. Team Member Management (Frontend)

10.1 Create team members list page (/team-members route)
10.2 Create team member create/edit form with Superforms + Zod
10.3 Implement team member API client methods (CRUD)
10.4 Display team members in TanStack Table (sortable, filterable)
10.5 Add active/inactive toggle UI
10.6 Add hourly rate display (formatted as currency)
10.7 Implement delete with confirmation modal
10.8 Write unit tests for team member components (Vitest)
10.9 Write E2E test for team member CRUD (Playwright)

11. Project Management (Backend)

11.1 Create ProjectController (index, store, show, update, destroy)
11.2 Create ProjectRequest for validation (code unique, approved_estimate > 0 if status >= Approved)
11.3 Create ProjectResource for JSON transformation
11.4 Create ProjectPolicy for authorization (managers can edit own projects)
11.5 Implement project status state machine validation
11.6 Implement forecasted effort validation (sum must equal approved estimate ±5%)
11.7 Add API routes for projects
11.8 Write unit tests for Project model and status transitions
11.9 Write feature tests for project endpoints

12. Project Management (Frontend)

12.1 Create projects list page (/projects route)
12.2 Create project create/edit form with Superforms + Zod
12.3 Implement project API client methods (CRUD)
12.4 Display projects in TanStack Table (sortable, filterable by status/type)
12.5 Add status dropdown (reflect state machine transitions)
12.6 Add forecasted effort input (JSON editor or month-by-month fields)
12.7 Display validation warnings (forecasted effort ≠ approved estimate)
12.8 Write unit tests for project components (Vitest)
12.9 Write E2E test for project creation and status transitions (Playwright)

13. Capacity Planning (Backend)

13.1 Create HolidayController (index, store, destroy)
13.2 Create PTOController (index, store, update, destroy with approval workflow)
13.3 Create CapacityService for capacity calculations
13.4 Implement calculateIndividualCapacity method (working days × availability - PTO - holidays)
13.5 Implement calculateTeamCapacity method (sum of individual capacities for active members)
13.6 Implement calculatePossibleRevenue method (capacity × hourly rates)
13.7 Add API routes for capacity endpoint (/api/capacity?month=YYYY-MM)
13.8 Implement Redis caching for capacity calculations (1 hour TTL)
13.9 Write unit tests for CapacityService
13.10 Write feature tests for capacity endpoints

14. Capacity Planning (Frontend)

14.1 Create capacity planning page (/capacity route)
14.2 Create calendar component for displaying month grid
14.3 Implement availability editor (click day to set 0, 0.5, 1.0)
14.4 Display holidays (H marker on dates)
14.5 Display weekends (O marker on dates)
14.6 Create PTO request form
14.7 Display individual and team capacity summary
14.8 Display possible revenue calculation
14.9 Write unit tests for capacity components (Vitest)
14.10 Write E2E test for capacity planning workflow (Playwright)

15. Resource Allocation (Backend)

15.1 Create AllocationController (index, store, update, destroy, bulk methods)
15.2 Create AllocationRequest for validation (hours >= 0, month format YYYY-MM)
15.3 Create AllocationResource for JSON transformation
15.4 Create AllocationPolicy for authorization (managers can allocate own team members)
15.5 Implement allocation validation service (check capacity, approved estimate)
15.6 Implement bulk allocation endpoint (create/update multiple allocations)
15.7 Add API routes for allocations (/api/allocations?month=YYYY-MM)
15.8 Implement Redis cache invalidation on allocation mutations
15.9 Write unit tests for allocation validation logic
15.10 Write feature tests for allocation endpoints

16. Resource Allocation (Frontend)

16.1 Create allocation matrix page (/allocations route)
16.2 Create allocation matrix component using TanStack Table
16.3 Implement inline editing for allocation hours
16.4 Display projects as rows, team members as columns
16.5 Display row totals (total hours per project)
16.6 Display column totals (total hours per team member)
16.7 Display utilization percentages per team member
16.8 Implement color-coded indicators (GREEN/YELLOW/RED for over/under allocation)
16.9 Add "Untracked" resource column
16.10 Implement month selector (navigate between months)
16.11 Add bulk allocation actions (copy previous month, clear all)
16.12 Write unit tests for allocation matrix logic (Vitest)
16.13 Write E2E test for allocation workflow (Playwright)

17. Actuals Tracking (Backend)

17.1 Create ActualController (index, store, update, bulk methods)
17.2 Create ActualRequest for validation (hours >= 0, cannot log future months)
17.3 Create ActualResource for JSON transformation
17.4 Create ActualPolicy for authorization (developers can log own hours only)
17.5 Implement validation: cannot log to completed/cancelled projects (configurable)
17.6 Implement bulk actuals endpoint
17.7 Add API routes for actuals (/api/actuals?month=YYYY-MM)
17.8 Implement Redis cache invalidation on actuals mutations
17.9 Write unit tests for actuals validation
17.10 Write feature tests for actuals endpoints

18. Actuals Tracking (Frontend)

18.1 Create actuals entry page (/actuals route)
18.2 Create actuals matrix component (similar to allocations matrix)
18.3 Display allocated hours vs actual hours side by side
18.4 Highlight variances (over/under delivery)
18.5 Allow developers to see only their own actuals (RBAC check)
18.6 Implement bulk update for multiple projects
18.7 Write unit tests for actuals components (Vitest)
18.8 Write E2E test for actuals logging (Playwright)

19. Utilization Calculations (Backend)

19.1 Create UtilizationService for utilization calculations
19.2 Implement calculateRunningUtilization method (YTD allocated / YTD capacity)
19.3 Implement calculateOverallUtilization method (monthly allocated / monthly capacity)
19.4 Implement calculateActualUtilization method (monthly actuals / monthly capacity)
19.5 Implement team-level utilization aggregation
19.6 Add utilization data to allocation and actuals responses
19.7 Write unit tests for UtilizationService
19.8 Write feature tests for utilization calculations

20. Reporting - Forecast (Backend)

20.1 Create ReportController with forecast method
20.2 Implement forecast report query (multi-period allocations)
20.3 Calculate revenue forecast (allocations × hourly rates)
20.4 Display variance indicators (forecasted vs approved estimate)
20.5 Implement filters (project, status, type, team, date range)
20.6 Create ForecastReportResource for JSON transformation
20.7 Add API route /api/reports/forecast
20.8 Implement Redis caching for forecast reports (15 min TTL)
20.9 Write unit tests for forecast report logic
20.10 Write feature tests for forecast endpoint

21. Reporting - Forecast (Frontend)

21.1 Create forecast report page (/reports/forecast route)
21.2 Create forecast report table component
21.3 Display multi-period view (month columns)
21.4 Display variance indicators (GREEN/YELLOW/RED)
21.5 Implement date range selector
21.6 Implement filters (project, status, type, team)
21.7 Display summary aggregations (total approved, total allocated, variance)
21.8 Add revenue forecast chart (Recharts line chart)
21.9 Write E2E test for forecast report (Playwright)

22. Reporting - Utilization (Backend)

22.1 Add utilization method to ReportController
22.2 Implement utilization report query (team and individual trends)
22.3 Calculate planned vs actual utilization
22.4 Implement filters (team member, role, date range)
22.5 Create UtilizationReportResource for JSON transformation
22.6 Add API route /api/reports/utilization
22.7 Implement Redis caching for utilization reports
22.8 Write feature tests for utilization endpoint

23. Reporting - Utilization (Frontend)

23.1 Create utilization report page (/reports/utilization route)
23.2 Display team-level utilization summary
23.3 Display individual utilization breakdown
23.4 Add utilization trend chart (Recharts line chart)
23.5 Color-code utilization bands (< 70% blue, 80-100% green, > 100% yellow/red)
23.6 Implement filters (team member, role, date range)
23.7 Display utilization distribution chart (how many in each band)
23.8 Write E2E test for utilization report (Playwright)

24. Reporting - Cost (Backend)

24.1 Add cost method to ReportController
24.2 Implement cost report query (allocations × hourly rates)
24.3 Calculate possible revenue (full capacity utilization)
24.4 Calculate forecasted revenue (current allocations)
24.5 Calculate revenue gap (possible - forecasted)
24.6 Implement filters (project, client, type, team, date range)
24.7 Create CostReportResource for JSON transformation
24.8 Add API route /api/reports/cost
24.9 Implement Redis caching for cost reports
24.10 Write feature tests for cost endpoint

25. Reporting - Cost (Frontend)

25.1 Create cost report page (/reports/cost route)
25.2 Display monthly revenue forecast
25.3 Display cost breakdown by project
25.4 Display possible revenue vs forecasted revenue
25.5 Display revenue gap analysis
25.6 Implement filters (project, type, team, date range)
25.7 Add revenue chart (Recharts bar chart)
25.8 Write E2E test for cost report (Playwright)

26. Reporting - Allocation (Backend)

26.1 Add allocation method to ReportController
26.2 Implement allocation report query (monthly matrix view)
26.3 Include utilization percentages
26.4 Implement filters (team, role, project, status)
26.5 Create AllocationReportResource for JSON transformation
26.6 Add API route /api/reports/allocation
26.7 Implement Redis caching for allocation reports
26.8 Write feature tests for allocation endpoint

27. Reporting - Allocation (Frontend)

27.1 Create allocation report page (/reports/allocation route)
27.2 Display allocation matrix with totals
27.3 Display utilization percentages
27.4 Highlight recent allocation changes (NEW/UPDATED badges)
27.5 Implement multi-month view option
27.6 Implement filters (team, role, project, status)
27.7 Write E2E test for allocation report (Playwright)

28. Reporting - Variance (Backend)

28.1 Add variance method to ReportController
28.2 Implement variance report query (planned vs actual comparison)
28.3 Calculate variance (actual - planned) and percentage
28.4 Flag over-delivery and under-delivery patterns
28.5 Implement filters (project, team, person, date range)
28.6 Create VarianceReportResource for JSON transformation
28.7 Add API route /api/reports/variance
28.8 Implement Redis caching for variance reports
28.9 Write feature tests for variance endpoint

29. Reporting - Variance (Frontend)

29.1 Create variance report page (/reports/variance route)
29.2 Display variance table (planned, actual, variance, variance %)
29.3 Color-code variances (positive green, negative red)
29.4 Display project-level variance aggregations
29.5 Display person-level variance aggregations
29.6 Add variance trend chart (Recharts)
29.7 Implement filters (project, team, person, date range)
29.8 Write E2E test for variance report (Playwright)

30. Role-Based Access Control (Backend)

30.1 Create role middleware for route protection
30.2 Implement permission checks in controllers
30.3 Create policies for all models (TeamMember, Project, Allocation, Actual)
30.4 Implement Superuser full access (bypass all checks)
30.5 Implement Manager permissions (own projects, own team allocations)
30.6 Implement Developer permissions (own allocations, own actuals)
30.7 Implement Top Brass permissions (read-only all reports)
30.8 Write unit tests for policies
30.9 Write feature tests for authorization (401, 403 responses)

31. Role-Based Access Control (Frontend)

31.1 Add role to auth store
31.2 Implement route guards based on role (hooks.server.ts)
31.3 Hide UI elements based on permissions (v-if directives)
31.4 Show read-only state for Top Brass users
31.5 Filter visible projects for Managers (own projects editable, others read-only)
31.6 Filter visible data for Developers (only assigned projects)
31.7 Write E2E tests for RBAC (different user roles)

32. Master Data Management (Backend)

32.1 Create MasterDataController (roles, statuses, types endpoints)
32.2 Create RoleController for managing roles (Superuser only)
32.3 Create ProjectStatusController for managing statuses (Superuser only)
32.4 Create ProjectTypeController for managing types (Superuser only)
32.5 Implement validation: cannot delete role/status/type in use
32.6 Add API routes for master data endpoints
32.7 Implement Redis caching for master data (24 hour TTL)
32.8 Write feature tests for master data endpoints

33. Master Data Management (Frontend)

33.1 Create master data management page (/admin/master-data route, Superuser only)
33.2 Display roles list with CRUD actions
33.3 Display project statuses list with reordering and CRUD actions
33.4 Display project types list with CRUD actions
33.5 Implement master data forms (create/edit)
33.6 Write E2E test for master data management (Playwright)

34. API Documentation (Backend)

34.1 Add Scribe annotations to all controllers (@group, @response tags)
34.2 Configure Scribe (scribe.php config file)
34.3 Generate API documentation (php artisan scribe:generate)
34.4 Verify SwaggerUI accessible at /api/documentation
34.5 Add example requests and responses to documentation
34.6 Add authentication section to API docs

35. Testing & Code Quality

35.1 Write comprehensive unit tests (backend models, services, utilities)
35.2 Write feature tests for all API endpoints (Laravel Pest)
35.3 Write unit tests for frontend components (Vitest)
35.4 Write E2E tests for critical flows (Playwright: login, allocate, report)
35.5 Configure pre-commit hooks (Laravel Pint, ESLint, Prettier)
35.6 Run PHPStan static analysis (level 5+)
35.7 Generate code coverage report (verify >70%)
35.8 Fix all linting errors (Laravel Pint, ESLint)
35.9 Run security audit (composer audit, npm audit)

36. Polish & UX

36.1 Add loading states (spinners, skeleton loaders)
36.2 Add error states (toast notifications, error pages)
36.3 Add empty states (no data placeholders)
36.4 Implement form validation feedback (inline errors, success messages)
36.5 Add confirmation modals for destructive actions (delete)
36.6 Implement responsive design (mobile-friendly tables, navigation)
36.7 Add keyboard shortcuts (ESC to close modals, etc.)
36.8 Add accessibility features (ARIA labels, focus management)
36.9 Test in multiple browsers (Chrome, Firefox, Safari)

37. Documentation & Deployment

37.1 Write README.md with setup instructions
37.2 Document environment variables (.env.example files)
37.3 Create Quick Start guide for managers (capacity → allocate → reports)
37.4 Document API authentication flow
37.5 Create deployment guide (Docker Compose production setup)
37.6 Add health check endpoints (/api/health)
37.7 Configure logging (Laravel logs to stdout, Svelte client errors to console)
37.8 Test full deployment workflow (fresh Docker Compose up)
37.9 Create superuser via seeder for initial login
37.10 Verify Nginx Proxy Manager routing

38. Final Verification

38.1 Run full test suite (unit + E2E) and verify all pass
38.2 Verify code coverage >70%
38.3 Run linters and fix all issues
38.4 Test complete user flow: capacity → allocate → log actuals → reports
38.5 Verify RBAC working for all 4 personas
38.6 Verify Redis caching working (check cache hit rate)
38.7 Verify API documentation accessible and accurate
38.8 Verify Docker Compose startup works cleanly
38.9 Verify database migrations and seeders work
38.10 Conduct final security review (no secrets in code, HTTPS enforced)

22 KiB Raw Permalink Blame History Unescape Escape

1. Project Setup & Infrastructure

2. Backend Foundation (Laravel)

3. Frontend Foundation (SvelteKit)

4. Database Schema & Migrations

5. Database Seeders

6. Laravel Models & Relationships

7. Authentication (Backend)

8. Authentication (Frontend)

9. Team Member Management (Backend)

10. Team Member Management (Frontend)

11. Project Management (Backend)

12. Project Management (Frontend)

13. Capacity Planning (Backend)

14. Capacity Planning (Frontend)

15. Resource Allocation (Backend)

16. Resource Allocation (Frontend)

17. Actuals Tracking (Backend)

18. Actuals Tracking (Frontend)

19. Utilization Calculations (Backend)

20. Reporting - Forecast (Backend)

21. Reporting - Forecast (Frontend)

22. Reporting - Utilization (Backend)

23. Reporting - Utilization (Frontend)

24. Reporting - Cost (Backend)

25. Reporting - Cost (Frontend)

26. Reporting - Allocation (Backend)

27. Reporting - Allocation (Frontend)

28. Reporting - Variance (Backend)

29. Reporting - Variance (Frontend)

30. Role-Based Access Control (Backend)

31. Role-Based Access Control (Frontend)

32. Master Data Management (Backend)

33. Master Data Management (Frontend)

34. API Documentation (Backend)

35. Testing & Code Quality

36. Polish & UX

37. Documentation & Deployment

38. Final Verification

22 KiB

Raw Permalink Blame History