Batch 2: dashboard cluster (#486, #482, #427)

[peterdrier]

Auto-executed by /execute-sprint for sprint 2026-04-13 (batch 2, lightweight tier).

Issues

nobodies-collective#486 — Gate Get Involved dashboard card on volunteer membership

• Card not rendered when IsVolunteerMember is false
• Active volunteers with no upcoming shifts still see it
• Onboarding users still see ThingsToDoViewComponent unchanged
• No orphan page regressions

One-line condition change in Views/Home/Dashboard.cshtml.

nobodies-collective#482 — UserAvatarViewComponent refactor (id-based, custom-upload precedence)

• Component takes a user GUID, resolves internally via IProfileService
• Custom upload shown when present (both nav and dashboard)
• Google OAuth picture shown when only that exists
• Initial-letter fallback when neither
• URL-accepting overload removed
• IMemoryCache used for avatar URL resolution (keyed on userId + UpdatedAtTicks so picture updates bust the cache)
• Reporter metadata preserved: fb:f603a8c3

All 11 call sites migrated: Dashboard, _LoginPartial, _HumanPopover, _ProfileCard, ProfileCard/Default, Profile/Edit, Profile/Search, Profile/AdminDetail, Team/Details, Application/ApplicationDetail, Google/_SyncTabContent. Also added UserId to ProfileViewModel in the Edit path so the avatar can resolve from cache.

nobodies-collective#427 — Extract dashboard orchestration from HomeController

• No term expiry calculation logic in HomeController
• No shift item aggregation logic in HomeController
• Dashboard state computed in Application-layer service

Introduces IDashboardService.GetMemberDashboardAsync(userId, isPrivileged, ct) in the Application layer with a new MemberDashboardData DTO. DashboardService in Infrastructure aggregates from IProfileService, IMembershipCalculator, IApplicationDecisionService, IShiftManagementService, IShiftSignupService, ITicketQueryService, IUserService. HomeController becomes a thin auth + mapping layer (constructor shrinks from 13 deps to 7; Index shrinks from ~230 lines to ~80).

Build / tests

• dotnet build Humans.slnx -v q — clean, 0 warnings, 0 errors.
• dotnet test Humans.slnx --filter "FullyQualifiedName~Home|FullyQualifiedName~Dashboard|FullyQualifiedName~Avatar|FullyQualifiedName~Profile" — Domain + Application tests pass (12 + 119). Integration tests not runnable in this sandbox (Docker unavailable), unrelated to these changes.
• dotnet format Humans.slnx --verify-no-changes — clean.

Test plan

• Sign in as a volunteer: / shows Get Involved card when no upcoming shifts.
• Sign in as onboarding (not-yet-volunteer) user: Get Involved card is hidden; ThingsToDo wizard still renders.
• Upload a custom profile picture on /Profile/Edit: custom picture shown in nav avatar and dashboard welcome avatar (both via UserAvatarViewComponent).
• Delete the custom picture: Google OAuth avatar reappears; deleting OAuth picture too falls back to initial letter.
• As a Colaborador/Asociado with an application expiring in <90 days: term warning card renders with correct date.
• Confirm urgent shifts and confirmed signups still render correctly on dashboard when shift browsing is open.

[chatgpt-codex-connector]

💡 Codex Review

Here are some automated review suggestions for this pull request.

Reviewed commit: b7248563b8

ℹ️ About Codex in GitHub

Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you

• Open a pull request for review
• Mark a draft as ready
• Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".

[chatgpt-codex-connector]

Preserve avatar fallback when no profile cache entry exists

The new ID-based avatar resolution only populates displayName/profilePictureUrl when GetCachedProfile* returns a profile, but that API explicitly returns null for users without a profile record; in those cases this component now renders ? even when the signed-in user has a valid Google picture and display name (e.g., onboarding/guest users reached via _LoginPartial). Before this change those values were passed directly by callers, so this is a user-visible regression for profileless accounts.

Useful? React with 👍 / 👎.

[peterdrier]

Confirmed — fixed in a44d290.

Good catch. The id-based refactor dropped the caller-supplied display name and picture URL that _LoginPartial and dashboard header used to pass through directly, so any user without a Profile row (onboarding, guest, pre-consent) fell straight into the ? fallback even when their Google claims were fully populated.

Added an IsCurrentUser(userId) check. When GetCachedProfile* returns null AND the requested userId matches the currently signed-in principal, fall back to ClaimTypes.Name and the urn:google:picture claim (same claim AccountController uses on sign-in). Profileless users now see their Google picture and initial on both the nav avatar and the dashboard header. Rendering another user's avatar who has no Profile still shows the initial-letter fallback — that's the intended behavior since we only have claims for the caller.