This document provides context and instructions for AI coding agents to effectively understand and contribute to this project. For a human-oriented guide, please see README.md or the documentation in the /docs directory.
This is a full-stack web application for resource management and tracking. It is built with Next.js (App Router), TypeScript, and Tailwind CSS. The backend uses Next.js API Routes, Drizzle ORM, and a Turso (SQLite) database. Authentication is handled by NextAuth.js with a Discord provider, which also drives role-based access control (RBAC).
The application's primary function is to track resource quantities across two locations, maintain a complete history of changes, and provide a gamified leaderboard to encourage user participation.
Use npm for all package management and script execution.
Clone the repository and install dependencies:
git clone <repository-url>
cd <repository-name>
npm install- Run the development server:
npm run dev - Build for production:
npm run build - Run the production server:
npm run start - Lint the codebase:
npm run lint
The project uses Jest for unit and integration testing. All test files are located in the tests/ directory at the root of the project.
- Run all tests:
npm test - Test Environment: Most server-side tests require a
nodeenvironment. Use the@jest-environment nodedocblock at the top of test files that interact with Node.js APIs (e.g.,fetch,Request). - Mocks: Mocks for external dependencies are located in the
__mocks__directory. When testing modules that rely onnext/cache, be sure to mock it to avoidInvariant: incrementalCache missingerrors.
The database is managed using Drizzle ORM with a Turso (SQLite) database. Migrations are handled by drizzle-kit.
- Generate a new migration:
npm run db:generate - Apply migrations:
npm run db:migrate - Check migration status:
npm run db:check
A custom script (scripts/generate-migration-hashes.ts) generates hashes of migration files to ensure the database schema is in sync with the codebase. This script is automatically run as part of the npm run build and npm run db:generate commands.
- Language: TypeScript
- Formatting: Use Prettier for code formatting. A
.prettierrcfile is provided. - Linting: Use ESLint. Run
npm run lintbefore committing to check for issues.
- The project version is managed in
package.json. - A changelog is maintained in
lib/changelog.json. Please add an entry for any significant change, specifying the type (feature,improvement,bugfix,breaking). - The
npm run update-versionscript can be used to bump the version number and update the changelog.
- Authentication: API routes are protected using
getServerSessionfrom NextAuth.js. Middleware (middleware.ts) protects all pages under/dashboard,/resources, and/users. - Authorization: Role-based permissions are defined in
lib/discord-roles.tsand controlled by theDISCORD_ROLES_CONFIGenvironment variable. Enforce these permissions in all relevant API routes. - Input Validation: All API routes must validate incoming data to prevent errors and security vulnerabilities.
The application defines three user roles with specific permissions and access to different tools (API endpoints and UI components).
- Permissions:
canAccessResources - Tools:
- View resources:
GET /api/resources - Update resource quantities:
PUT /api/resources/[id] - Transfer resources:
PUT /api/resources/[id]/transfer - View leaderboards:
GET /api/leaderboard
- View resources:
- Permissions:
canAccessResources,canEditTargets - Tools:
- All Contributor tools.
- Update resource targets:
PUT /api/resources/[id]/target
- Permissions:
isAdmin,canAccessResources,canEditTargets,canManageUsers,canExportData - Tools:
- All Logistics Manager tools.
- Create, edit, and delete resources:
POST /api/resources,PUT /api/resources,DELETE /api/resources/[id] - Manage users:
GET /api/users - Export user data:
GET /api/users/[userId]/data-export