- refactor: move HTTP status and DTO concerns out of model and service
layers into API and handler code.
- feat: add admin service boundary and route auth through services
instead of direct repository access.
- test: add architecture and error tests covering package boundaries,
redaction, and service behavior.
- docs: record the protocol-neutral boundary decision and update
architecture and roadmap notes.
- refactor: replace inline AppError literals with model.New*Error
constructors in service and handler layers
- feat: PromoteStaged falls back to copy/delete when os.Rename returns
EXDEV (cross-device link)
- fix: upload error messages no longer leak internal multipart field
names or parser implementation details
- fix: upload size violations are converted to domain error
ErrUploadTooLarge at the handler boundary
- fix: download logs error and size mismatch when io.Copy fails or
writes fewer bytes than expected
- test: add tests for field name leak prevention, parser error
sanitization, read errors after response start, and EXDEV fallback
Add Status field (gorm, indexed, default active) to both User and File models.
Add User status constants: StatusActive, StatusAdminDeleted.
Add File status constant: StatusUserDeleted.
Add tests verifying Status field is excluded from JSON serialization.
Ultraworked with [Sisyphus](https://github.com/code-yeongyu/oh-my-openagent)
Co-authored-by: Sisyphus <clio-agent@sisyphuslabs.ai>
- Initialize slog in the serve command with terminal/file support
- Introduce `AppError` with HTTP status for unified service-layer errors
- Replace ad-hoc `api.Error` calls with `api.RespondError`
- Wrap internal errors with `model.NewInternalError` and add reference
IDs
- Add `RequestID` middleware and switch router from `gin.Default` to
`gin.New`
- Implement FileHandler with CRUD operations for files/directories
- Add FileService with business logic and SHA-256 hashing
- Create LocalStorage backend for filesystem persistence
- Add database repository with pagination and name uniqueness
constraints
- Configure max upload size in storage settings
- Include comprehensive tests for all layers
- Add GORM dependencies for SQLite and PostgreSQL
- Create domain models (User, Session, File) with common errors
- Implement repository interfaces and database layer with migrations
- Update WebApp to bootstrap with database and repositories
- Add comprehensive unit tests for repository methods
- Update config structure to support multiple database drivers
- Extend AGENTS.md with debugging principles and dependency rules