Add categories admin CRUD endpoints#600
Conversation
- ✨ Create, update, and delete category endpoints - ✅ Add comprehensive test coverage for categories API - 🗃️ Add database migration for equipment_categories - ♻️ Refactor brands and groups to use shared validation patterns - 🔧 Extract base record types for API consistency - 📚 Update AGENTS.md and plan documentation - ✅ Add validation schema tests
🎉 Deployed to Cloudflare!
|
![gemini-code-assist[bot]](https://avatars.githubusercontent.com/in/956858?s=60&v=4){kind=small}
There was a problem hiding this comment.
Code Review
This pull request implements full CRUD operations for equipment categories and refactors the existing brand and group admin endpoints to utilize database transactions. This ensures atomicity between data mutations and contribution logging. The database schema has been updated to use 'restrict' on foreign keys for brands and categories to prevent accidental cascading deletes, and a new canonical slug validation has been introduced for reference data. Documentation and technical debt tracking have also been updated to reflect these changes. Feedback was provided regarding the removal of several security and validation tests in the groups test suite, which should be restored to maintain coverage for authentication and input validation.
![chatgpt-codex-connector[bot]](https://avatars.githubusercontent.com/in/1144995?s=60&v=4){kind=small}
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
Reviewed commit: 72cdde4eff
ℹ️ About Codex in GitHub
Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".
1 participant
Summary
Added complete admin category management API 💪😎 with proper validation patterns and FK safety:
New categories admin endpoints 🆕
/api/equipment/categories— create new categories with slug validation/api/equipment/categories/[id]— update category metadata and slug/api/equipment/categories/[id]— remove categories (protected by FKRESTRICT)Refactored shared validation 🔧
server/utils/validation/schemas.tsbrandBaseRecord,groupBaseRecord,categoryBaseRecord) for consistent API responsesDatabase safety improvements 🛡️
RESTRICTforeign keys fromequipment_items→brandsandequipment_items→equipment_categoriesDocumentation updates 📚
AGENTS.mdwith new API conventions and FK behaviorplan/completed.mdplan/tech-debt.mdfor intentional follow-up work (FK error mapping, shared length limits finish, OAuth tests)Motivation
Categories are the third admin entity after brands and groups 🏗️. This iteration completes the reference data CRUD foundation before moving to item management. The validation refactor was necessary because brands/groups/categories share 90% of their validation logic (slug format, name length, description) — extracting shared schemas eliminated duplication and makes future changes easier to maintain 🧹.
The
RESTRICTFK constraints protect the catalog data model 🔒 — without them, deleting a brand or category could silently remove all items in that category from user inventories. The FK blocks destructive deletes at the database level, forcing a safe cleanup workflow (reassign items first, then delete reference data).Testing notes
All endpoints covered by Vitest unit tests 🧪. No E2E changes required — admin UI iteration comes later. Run validation:
Known tech debt
Documented in
plan/tech-debt.md📝:500instead of409 Conflictwith a clear "in use" messagelimitscreateOAuthUser()lacks direct unit coverage (next OAuth iteration)None of these block the current iteration from shipping 🚀. The delete endpoints work correctly (FK blocks the delete), they just return a generic error code until the error mapping iteration.