# Tasks: WordPress Plugin para Controlo Seguro de Agendamentos KiviCare **Input**: Design documents from `/specs/001-wordpress-plugin-para/` **Prerequisites**: plan.md, research.md, data-model.md, contracts/admin-api.md, quickstart.md **Project Type**: WordPress Plugin (Single Project Structure) ## Execution Flow (main) ``` 1. Load plan.md from feature directory → Extract: PHP 7.4+, WordPress 5.0+, KiviCare 3.0.0+, MySQL 5.7+ → Structure: Single WordPress plugin project 2. Load design documents: → data-model.md: wp_care_booking_restrictions entity → model tasks → contracts/admin-api.md: 4 AJAX endpoints → contract test tasks → quickstart.md: 8 test scenarios → integration test tasks 3. Generate WordPress plugin tasks: → Setup: plugin structure, activation hooks, autoloader → Tests: AJAX contract tests, KiviCare integration tests → Core: database models, admin interface, frontend filtering → Integration: KiviCare hooks, cache system, CSS injection → Polish: validation tests, performance optimization 4. Applied task rules: → Different PHP files = mark [P] for parallel → Same file modifications = sequential (no [P]) → Tests before implementation (WordPress TDD) 5. Numbered tasks sequentially (T001-T025) 6. WordPress-specific dependencies validated 7. SUCCESS (tasks ready for WordPress development) ``` ## Format: `[ID] [P?] Description` - **[P]**: Can run in parallel (different files, no dependencies) - All paths relative to WordPress plugin root directory ## Path Conventions (WordPress Plugin Structure) ``` care-booking-block/ # Plugin root ├── care-booking-block.php # Main plugin file ├── includes/ # Core classes │ ├── class-care-booking-core.php │ ├── class-database-handler.php │ ├── class-admin-interface.php │ └── class-kivicare-integration.php ├── admin/ # Admin interface │ ├── css/admin-style.css │ ├── js/admin-script.js │ └── partials/ ├── public/ # Frontend assets │ ├── css/public-style.css │ └── js/frontend-script.js └── tests/ # PHPUnit tests ├── unit/ ├── integration/ └── bootstrap.php ``` ## Phase 3.1: WordPress Plugin Setup - [ ] T001 Create WordPress plugin directory structure per WordPress standards - [ ] T002 Initialize main plugin file care-booking-block.php with headers and activation hooks - [ ] T003 [P] Configure PHPUnit for WordPress testing with WP_UnitTestCase - [ ] T004 [P] Set up WordPress coding standards and PHPCS configuration ## Phase 3.2: Database & Models (TDD) ⚠️ MUST COMPLETE BEFORE 3.3 **CRITICAL: These tests MUST be written and MUST FAIL before ANY implementation** - [ ] T005 [P] Database schema test for wp_care_booking_restrictions table in tests/unit/test-database-schema.php - [ ] T006 [P] Restriction model CRUD test in tests/unit/test-restriction-model.php - [ ] T007 [P] WordPress cache integration test in tests/unit/test-cache-integration.php ## Phase 3.3: Contract Tests (WordPress AJAX) ⚠️ MUST COMPLETE BEFORE 3.4 **CRITICAL: These tests MUST be written and MUST FAIL before implementing AJAX handlers** - [ ] T008 [P] Contract test wp_ajax_care_booking_get_restrictions in tests/unit/test-ajax-get-restrictions.php - [ ] T009 [P] Contract test wp_ajax_care_booking_toggle_restriction in tests/unit/test-ajax-toggle-restriction.php - [ ] T010 [P] Contract test wp_ajax_care_booking_bulk_update in tests/unit/test-ajax-bulk-update.php - [ ] T011 [P] Contract test wp_ajax_care_booking_get_entities in tests/unit/test-ajax-get-entities.php ## Phase 3.4: KiviCare Integration Tests ⚠️ MUST COMPLETE BEFORE 3.5 **CRITICAL: These tests MUST be written and MUST FAIL before implementing hooks** - [ ] T012 [P] Integration test KiviCare doctor filtering in tests/integration/test-doctor-filtering.php - [ ] T013 [P] Integration test KiviCare service filtering in tests/integration/test-service-filtering.php - [ ] T014 [P] Integration test CSS injection on wp_head in tests/integration/test-css-injection.php ## Phase 3.5: Core Implementation (ONLY after tests are failing) - [ ] T015 [P] Database handler class in includes/class-database-handler.php - [ ] T016 [P] Restriction model class in includes/class-restriction-model.php - [ ] T017 [P] Cache manager class in includes/class-cache-manager.php - [ ] T018 WordPress plugin activation hook with database table creation - [ ] T019 WordPress plugin deactivation hook with cleanup - [ ] T020 PSR-4 autoloader implementation in care-booking-block.php ## Phase 3.6: Admin Interface Implementation - [ ] T021 Admin menu registration and capability checks - [ ] T022 [P] Admin page HTML template in admin/partials/admin-display.php - [ ] T023 [P] Admin CSS styling in admin/css/admin-style.css - [ ] T024 [P] Admin JavaScript for AJAX in admin/js/admin-script.js - [ ] T025 AJAX handler wp_ajax_care_booking_get_restrictions implementation - [ ] T026 AJAX handler wp_ajax_care_booking_toggle_restriction implementation - [ ] T027 AJAX handler wp_ajax_care_booking_bulk_update implementation - [ ] T028 AJAX handler wp_ajax_care_booking_get_entities implementation ## Phase 3.7: Frontend Integration - [ ] T029 KiviCare doctor list filter hook implementation - [ ] T030 KiviCare service list filter hook implementation - [ ] T031 [P] Dynamic CSS generation for blocked elements - [ ] T032 [P] Frontend JavaScript for graceful degradation in public/js/frontend-script.js - [ ] T033 WordPress wp_head hook for CSS injection ## Phase 3.8: Security & Validation - [ ] T034 WordPress nonce validation for all AJAX endpoints - [ ] T035 User capability checks (manage_options) for admin functions - [ ] T036 [P] Input sanitization using WordPress functions - [ ] T037 [P] Output escaping for XSS prevention - [ ] T038 SQL injection prevention with $wpdb->prepare() ## Phase 3.9: Performance & Caching - [ ] T039 WordPress transients integration for restriction caching - [ ] T040 Cache invalidation on restriction changes - [ ] T041 [P] Database query optimization with proper indexes - [ ] T042 [P] Asset minification for production ## Phase 3.10: Integration Validation (From quickstart.md) - [ ] T043 [P] End-to-end test: Block doctor from public booking in tests/integration/test-e2e-block-doctor.php - [ ] T044 [P] End-to-end test: Hide service for specific doctor in tests/integration/test-e2e-hide-service.php - [ ] T045 [P] End-to-end test: Frontend booking form validation in tests/integration/test-e2e-frontend-validation.php - [ ] T046 [P] Performance validation test (<5% overhead) in tests/integration/test-performance.php - [ ] T047 [P] Error handling test (KiviCare deactivated) in tests/integration/test-error-handling.php - [ ] T048 [P] Cache plugin compatibility test in tests/integration/test-cache-compatibility.php ## Phase 3.11: Polish & Documentation - [ ] T049 [P] WordPress plugin readme.txt with installation instructions - [ ] T050 [P] Inline PHP documentation following WordPress standards - [ ] T051 Code cleanup and WordPress coding standards validation - [ ] T052 Final security audit and vulnerability testing ## Dependencies **Critical WordPress TDD Flow:** - Database/Model tests (T005-T007) before implementation (T015-T020) - Contract tests (T008-T011) before AJAX implementation (T025-T028) - Integration tests (T012-T014) before hook implementation (T029-T033) **Sequential Dependencies:** - T001 blocks T002-T004 (structure before setup) - T015 blocks T025-T028 (database before AJAX) - T016 blocks T025-T028 (models before AJAX) - T018-T020 block T021-T024 (core before admin) - T025-T028 block T029-T033 (AJAX before hooks) - All implementation before validation (T043-T048) ## WordPress Plugin Parallel Execution Examples ```bash # Phase 3.2: Database tests (run together) Task: "Database schema test for wp_care_booking_restrictions in tests/unit/test-database-schema.php" Task: "Restriction model CRUD test in tests/unit/test-restriction-model.php" Task: "WordPress cache integration test in tests/unit/test-cache-integration.php" # Phase 3.3: Contract tests (run together) Task: "Contract test wp_ajax_care_booking_get_restrictions in tests/unit/test-ajax-get-restrictions.php" Task: "Contract test wp_ajax_care_booking_toggle_restriction in tests/unit/test-ajax-toggle-restriction.php" Task: "Contract test wp_ajax_care_booking_bulk_update in tests/unit/test-ajax-bulk-update.php" Task: "Contract test wp_ajax_care_booking_get_entities in tests/unit/test-ajax-get-entities.php" # Phase 3.5: Core classes (run together) Task: "Database handler class in includes/class-database-handler.php" Task: "Restriction model class in includes/class-restriction-model.php" Task: "Cache manager class in includes/class-cache-manager.php" ``` ## WordPress-Specific Notes - Follow WordPress Plugin Development Guidelines - Use WordPress hooks and filters, never modify core files - All database operations use $wpdb with prepared statements - Admin interface uses WordPress native styling - Frontend integration respects theme compatibility - Security follows WordPress standards (nonces, capabilities, sanitization) - Performance targets: <5% overhead, <300ms AJAX responses ## Validation Checklist *Applied during task execution* **WordPress Plugin Requirements:** - [x] All AJAX endpoints have contract tests - [x] All database entities have model tasks - [x] All hooks have integration tests - [x] All tests come before implementation (TDD) - [x] Parallel tasks use different files - [x] Each task specifies exact file path - [x] WordPress coding standards enforced - [x] Security best practices included - [x] Performance requirements addressed - [x] KiviCare compatibility maintained **Task Generation Sources:** - From contracts/admin-api.md: 4 AJAX endpoints → 4 contract tests + 4 implementations - From data-model.md: wp_care_booking_restrictions → database + model tasks - From quickstart.md: 8 test scenarios → 6 integration validation tasks - From plan.md: WordPress plugin structure → setup and architecture tasks **Total Tasks**: 52 WordPress plugin development tasks following TDD methodology