feat: admin tag management, maintenance mode, TFE visibility states

Tags admin: - Database: getAllTagsWithCount(), renameTag(), mergeTag(), deleteTag() - public/admin/tags.php: table with inline rename/merge/delete forms, CSRF-guarded - public/admin/actions/tag.php: routes on action=rename|merge|delete - templates/admin/head.php: 'Mots-clés' nav link - admin.css: admin-inline-form, admin-btn--sm/warning/danger variants Maintenance mode: - config/bootstrap.php: gate on MAINTENANCE_FLAG file; admin/ and maintenance.php exempt - public/maintenance.php: 503 dark minimal page - public/admin/actions/maintenance.php: enable/disable toggle - public/admin/index.php: status bar with toggle button - admin.css: admin-maintenance-bar styles TFE Visibility (Libre/Interne/Interdit via existing access_type_id): - migration 002_add_visibility.sql: seeds access_types if missing - Database: setVisibility(), bulkSetVisibility(), getAccessTypes() - public/media.php: blocks thesis files for access_type_id=3 - public/tfe.php: shows access_type, context_note; hides file panel for Interdit - public/admin/edit.php: access_type_id select + context_note textarea; saves both - public/admin/index.php: three-state badge (Libre/Interne/Interdit) per row - public/admin/actions/visibility.php: single + bulk visibility action handler - admin.css: status-access badge variants
2026-05-07 03:29:19 +02:00 · 2026-03-24 15:35:52 +01:00
parent 0933137540
commit 92e344b757
17 changed files with 661 additions and 35 deletions
--- a/TODO.md
+++ b/TODO.md
@@ -264,32 +264,25 @@ Goal: rename the tables and column to the canonical M2M pattern (`tags`, `thesis

 ### 5 — Admin tag management UI (`/admin/tags.php`)

-The goal is a dedicated page for viewing, renaming, merging, and deleting tags, with
-full referential-integrity awareness (no orphan `thesis_tags` rows, no broken search
-results).
+#### 5a — `src/Database.php`

-#### 5a — `src/Database.php` — new tag-management methods
+- [x] `getAllTagsWithCount()`, `renameTag()`, `mergeTag()`, `deleteTag()`

- [ ] `getAllTagsWithCount(): array` — return all tags with a `thesis_count` column
- [ ] `renameTag(int $id, string $newName): void`
- [ ] `mergeTag(int $sourceId, int $targetId): void`
- [ ] `deleteTag(int $id): void`
+#### 5b — `public/admin/tags.php`

-#### 5b — `public/admin/tags.php` — list + inline-edit view
+- [x] Auth guard, CSRF, table with rename/merge/delete per row, inline forms

- [ ] Auth guard, CSRF, table with rename/merge/delete per row
+#### 5c — `public/admin/actions/tag.php`

-#### 5c — `public/admin/actions/tag.php` — POST action handler
-
- [ ] Route on `$_POST['action']`: rename, merge, delete
+- [x] Routes on `$_POST['action']`: rename, merge, delete

 #### 5d — Nav & routing

- [ ] `templates/admin/head.php`: add nav link to `/admin/tags.php`
+- [x] `templates/admin/head.php`: "Mots-clés" nav link added

-#### 5e — Propagation safety checklist
+#### 5e — Propagation safety

- [ ] Verify all search/display paths remain correct after tag ops
+- [x] mergeTag() uses INSERT OR IGNORE to avoid PK conflicts; deleteTag() cascades via FK

 ### 6 — Tests

@@ -304,23 +297,23 @@ results).

 ## Feature: Mode Maintenance

- [ ] Storage flag file `storage/maintenance.flag`
- [ ] Public gate in `config/bootstrap.php`
- [ ] `public/maintenance.php` (503 page)
- [ ] `public/admin/actions/maintenance.php` (POST handler)
- [ ] Admin UI toggle in `public/admin/index.php`
+- [x] Storage flag file `storage/maintenance.flag` (created on demand)
+- [x] Public gate in `config/bootstrap.php` — blocks non-admin routes when flag exists
+- [x] `public/maintenance.php` (503 page, minimal dark UI)
+- [x] `public/admin/actions/maintenance.php` (POST: enable/disable)
+- [x] Admin UI toggle in `public/admin/index.php` (bar with status + action button)

 ---

 ## Feature: TFE Visibility States (publique / interne / interdit)

- [ ] DB migration `002_add_visibility.sql`
- [ ] `src/Database.php` — `setVisibility()`, `bulkSetVisibility()`
- [ ] `public/media.php` — visibility gate
- [ ] `public/tfe.php` — conditional rendering
- [ ] `public/admin/edit.php` — visibility select + context_note textarea
- [ ] `public/admin/index.php` — three-state badge + bulk actions
- [ ] `public/admin/actions/publish.php` or new `visibility.php`
+- [x] DB migration `002_add_visibility.sql` — seeds access_types rows (already existed)
+- [x] `src/Database.php` — `setVisibility()`, `bulkSetVisibility()`, `getAccessTypes()`
+- [x] `public/media.php` — blocks thesis files when access_type_id = 3 (Interdit)
+- [x] `public/tfe.php` — shows access type, context_note, hides files for Interdit
+- [x] `public/admin/edit.php` — access_type_id select + context_note textarea
+- [x] `public/admin/index.php` — three-state access badge per row
+- [x] `public/admin/actions/visibility.php` — single + bulk visibility update

 ---