care-book-block-ultimate/specs/001-wordpress-plugin-para/tasks.md

# Tasks: WordPress Plugin para Controlo Seguro de Agendamentos KiviCare

**Input**: Design documents from `/specs/001-wordpress-plugin-para/`  
**Prerequisites**: plan.md, research.md, data-model.md, contracts/admin-api.md, quickstart.md  
**Project Type**: WordPress Plugin (Single Project Structure)

## Execution Flow (main)
```
1. Load plan.md from feature directory
   → Extract: PHP 7.4+, WordPress 5.0+, KiviCare 3.0.0+, MySQL 5.7+
   → Structure: Single WordPress plugin project
2. Load design documents:
   → data-model.md: wp_care_booking_restrictions entity → model tasks
   → contracts/admin-api.md: 4 AJAX endpoints → contract test tasks  
   → quickstart.md: 8 test scenarios → integration test tasks
3. Generate WordPress plugin tasks:
   → Setup: plugin structure, activation hooks, autoloader
   → Tests: AJAX contract tests, KiviCare integration tests
   → Core: database models, admin interface, frontend filtering
   → Integration: KiviCare hooks, cache system, CSS injection
   → Polish: validation tests, performance optimization
4. Applied task rules:
   → Different PHP files = mark [P] for parallel
   → Same file modifications = sequential (no [P])
   → Tests before implementation (WordPress TDD)
5. Numbered tasks sequentially (T001-T025)
6. WordPress-specific dependencies validated
7. SUCCESS (tasks ready for WordPress development)
```

## Format: `[ID] [P?] Description`
- **[P]**: Can run in parallel (different files, no dependencies)  
- All paths relative to WordPress plugin root directory

## Path Conventions (WordPress Plugin Structure)
```
care-booking-block/                    # Plugin root
├── care-booking-block.php             # Main plugin file
├── includes/                          # Core classes
│   ├── class-care-booking-core.php
│   ├── class-database-handler.php
│   ├── class-admin-interface.php
│   └── class-kivicare-integration.php
├── admin/                             # Admin interface
│   ├── css/admin-style.css
│   ├── js/admin-script.js
│   └── partials/
├── public/                            # Frontend assets
│   ├── css/public-style.css
│   └── js/frontend-script.js
└── tests/                             # PHPUnit tests
    ├── unit/
    ├── integration/
    └── bootstrap.php
```

## Phase 3.1: WordPress Plugin Setup
- [ ] T001 Create WordPress plugin directory structure per WordPress standards
- [ ] T002 Initialize main plugin file care-booking-block.php with headers and activation hooks
- [ ] T003 [P] Configure PHPUnit for WordPress testing with WP_UnitTestCase
- [ ] T004 [P] Set up WordPress coding standards and PHPCS configuration

## Phase 3.2: Database & Models (TDD) ⚠️ MUST COMPLETE BEFORE 3.3
**CRITICAL: These tests MUST be written and MUST FAIL before ANY implementation**
- [ ] T005 [P] Database schema test for wp_care_booking_restrictions table in tests/unit/test-database-schema.php
- [ ] T006 [P] Restriction model CRUD test in tests/unit/test-restriction-model.php  
- [ ] T007 [P] WordPress cache integration test in tests/unit/test-cache-integration.php

## Phase 3.3: Contract Tests (WordPress AJAX) ⚠️ MUST COMPLETE BEFORE 3.4
**CRITICAL: These tests MUST be written and MUST FAIL before implementing AJAX handlers**
- [ ] T008 [P] Contract test wp_ajax_care_booking_get_restrictions in tests/unit/test-ajax-get-restrictions.php
- [ ] T009 [P] Contract test wp_ajax_care_booking_toggle_restriction in tests/unit/test-ajax-toggle-restriction.php
- [ ] T010 [P] Contract test wp_ajax_care_booking_bulk_update in tests/unit/test-ajax-bulk-update.php
- [ ] T011 [P] Contract test wp_ajax_care_booking_get_entities in tests/unit/test-ajax-get-entities.php

## Phase 3.4: KiviCare Integration Tests ⚠️ MUST COMPLETE BEFORE 3.5
**CRITICAL: These tests MUST be written and MUST FAIL before implementing hooks**
- [ ] T012 [P] Integration test KiviCare doctor filtering in tests/integration/test-doctor-filtering.php
- [ ] T013 [P] Integration test KiviCare service filtering in tests/integration/test-service-filtering.php
- [ ] T014 [P] Integration test CSS injection on wp_head in tests/integration/test-css-injection.php

## Phase 3.5: Core Implementation (ONLY after tests are failing)
- [ ] T015 [P] Database handler class in includes/class-database-handler.php
- [ ] T016 [P] Restriction model class in includes/class-restriction-model.php
- [ ] T017 [P] Cache manager class in includes/class-cache-manager.php
- [ ] T018 WordPress plugin activation hook with database table creation
- [ ] T019 WordPress plugin deactivation hook with cleanup
- [ ] T020 PSR-4 autoloader implementation in care-booking-block.php

## Phase 3.6: Admin Interface Implementation 
- [ ] T021 Admin menu registration and capability checks
- [ ] T022 [P] Admin page HTML template in admin/partials/admin-display.php
- [ ] T023 [P] Admin CSS styling in admin/css/admin-style.css  
- [ ] T024 [P] Admin JavaScript for AJAX in admin/js/admin-script.js
- [ ] T025 AJAX handler wp_ajax_care_booking_get_restrictions implementation
- [ ] T026 AJAX handler wp_ajax_care_booking_toggle_restriction implementation  
- [ ] T027 AJAX handler wp_ajax_care_booking_bulk_update implementation
- [ ] T028 AJAX handler wp_ajax_care_booking_get_entities implementation

## Phase 3.7: Frontend Integration
- [ ] T029 KiviCare doctor list filter hook implementation
- [ ] T030 KiviCare service list filter hook implementation
- [ ] T031 [P] Dynamic CSS generation for blocked elements
- [ ] T032 [P] Frontend JavaScript for graceful degradation in public/js/frontend-script.js
- [ ] T033 WordPress wp_head hook for CSS injection

## Phase 3.8: Security & Validation
- [ ] T034 WordPress nonce validation for all AJAX endpoints
- [ ] T035 User capability checks (manage_options) for admin functions
- [ ] T036 [P] Input sanitization using WordPress functions
- [ ] T037 [P] Output escaping for XSS prevention
- [ ] T038 SQL injection prevention with $wpdb->prepare()

## Phase 3.9: Performance & Caching  
- [ ] T039 WordPress transients integration for restriction caching
- [ ] T040 Cache invalidation on restriction changes
- [ ] T041 [P] Database query optimization with proper indexes
- [ ] T042 [P] Asset minification for production

## Phase 3.10: Integration Validation (From quickstart.md)
- [ ] T043 [P] End-to-end test: Block doctor from public booking in tests/integration/test-e2e-block-doctor.php
- [ ] T044 [P] End-to-end test: Hide service for specific doctor in tests/integration/test-e2e-hide-service.php  
- [ ] T045 [P] End-to-end test: Frontend booking form validation in tests/integration/test-e2e-frontend-validation.php
- [ ] T046 [P] Performance validation test (<5% overhead) in tests/integration/test-performance.php
- [ ] T047 [P] Error handling test (KiviCare deactivated) in tests/integration/test-error-handling.php
- [ ] T048 [P] Cache plugin compatibility test in tests/integration/test-cache-compatibility.php

## Phase 3.11: Polish & Documentation
- [ ] T049 [P] WordPress plugin readme.txt with installation instructions
- [ ] T050 [P] Inline PHP documentation following WordPress standards
- [ ] T051 Code cleanup and WordPress coding standards validation
- [ ] T052 Final security audit and vulnerability testing

## Dependencies
**Critical WordPress TDD Flow:**
- Database/Model tests (T005-T007) before implementation (T015-T020)
- Contract tests (T008-T011) before AJAX implementation (T025-T028)  
- Integration tests (T012-T014) before hook implementation (T029-T033)

**Sequential Dependencies:**
- T001 blocks T002-T004 (structure before setup)
- T015 blocks T025-T028 (database before AJAX)
- T016 blocks T025-T028 (models before AJAX)
- T018-T020 block T021-T024 (core before admin)
- T025-T028 block T029-T033 (AJAX before hooks)
- All implementation before validation (T043-T048)

## WordPress Plugin Parallel Execution Examples
```bash
# Phase 3.2: Database tests (run together)
Task: "Database schema test for wp_care_booking_restrictions in tests/unit/test-database-schema.php"  
Task: "Restriction model CRUD test in tests/unit/test-restriction-model.php"
Task: "WordPress cache integration test in tests/unit/test-cache-integration.php"

# Phase 3.3: Contract tests (run together)  
Task: "Contract test wp_ajax_care_booking_get_restrictions in tests/unit/test-ajax-get-restrictions.php"
Task: "Contract test wp_ajax_care_booking_toggle_restriction in tests/unit/test-ajax-toggle-restriction.php"
Task: "Contract test wp_ajax_care_booking_bulk_update in tests/unit/test-ajax-bulk-update.php"
Task: "Contract test wp_ajax_care_booking_get_entities in tests/unit/test-ajax-get-entities.php"

# Phase 3.5: Core classes (run together)
Task: "Database handler class in includes/class-database-handler.php"
Task: "Restriction model class in includes/class-restriction-model.php"  
Task: "Cache manager class in includes/class-cache-manager.php"
```

## WordPress-Specific Notes
- Follow WordPress Plugin Development Guidelines
- Use WordPress hooks and filters, never modify core files
- All database operations use $wpdb with prepared statements
- Admin interface uses WordPress native styling
- Frontend integration respects theme compatibility
- Security follows WordPress standards (nonces, capabilities, sanitization)
- Performance targets: <5% overhead, <300ms AJAX responses

## Validation Checklist  
*Applied during task execution*

**WordPress Plugin Requirements:**
- [x] All AJAX endpoints have contract tests
- [x] All database entities have model tasks  
- [x] All hooks have integration tests
- [x] All tests come before implementation (TDD)
- [x] Parallel tasks use different files
- [x] Each task specifies exact file path
- [x] WordPress coding standards enforced
- [x] Security best practices included
- [x] Performance requirements addressed
- [x] KiviCare compatibility maintained

**Task Generation Sources:**
- From contracts/admin-api.md: 4 AJAX endpoints → 4 contract tests + 4 implementations
- From data-model.md: wp_care_booking_restrictions → database + model tasks
- From quickstart.md: 8 test scenarios → 6 integration validation tasks  
- From plan.md: WordPress plugin structure → setup and architecture tasks

**Total Tasks**: 52 WordPress plugin development tasks following TDD methodology