- Add invitation email service with Slovak diacritics
- Move certificate email HTML template to separate file
- Add invitation email HTML/TXT templates
- Remove template caching for development flexibility
- Add send invitation endpoint (POST /registracie/:id/send-invitation)
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Create certificate-email.service.js with HTML email template
- Add beautiful gradient email template with course details
- Support PDF attachment via JMAP
- Add POST /prilohy/:prilohaId/send-email endpoint
- Add sendCertificateEmail controller function
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Add team_leader access to /admin/users endpoint for user list viewing
- Add PDF certificate generation for AI Kurzy with Puppeteer
- Add certificate assets (background, signatures)
- Add getPrilohaById and download endpoint for attachments
- Fix time tracking service permissions for team_leader
- Fix timesheet controller/service permissions for team_leader
- Fix calendar badge to include reminders in count
- Add lastSeen to message service for online indicator
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Add team_leader role with appropriate permissions
- Add lastSeen timestamp for chat online indicator
- Add needsFollowup flag to ucastnici table
- Add getTodayCalendarCount endpoint for calendar badge
- Add company reminders to calendar data
- Enhance company search to include phone and contacts
- Update routes to allow team_leader access to kurzy, services, timesheets
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Create ai-kurzy.validators.js and service.validators.js with schemas
extracted from their respective route files. Routes now import schemas
instead of defining them inline.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Create src/config/upload.js with createUpload() factory and shared
ALLOWED_FILE_TYPES constant. Replace duplicated multer configs in 5
route files with calls to the shared factory.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Add pausedAt and pausedDuration columns to time_entries table.
New pause/resume endpoints with audit logging. Duration calculations
now correctly exclude paused time across start, stop, auto-stop,
and edit flows.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Restrict no-origin CORS bypass to development only
- Activate xss-clean middleware for input sanitization
- Add MIME type whitelist and filename sanitization to file uploads
- Reduce project upload limit from 50MB to 20MB
- Stop leaking stack traces in error responses
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Relax project PATCH route from requireAdmin to checkProjectAccess
- Normalize empty string companyId to null in updateProject service to prevent UUID parse error
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Add POST /auth/refresh endpoint for token renewal
- Only set refresh token cookie when rememberMe is true
- Add rememberMe field to login validator schema
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Add searchNotes service function with company/project info
- Add /notes/search endpoint for searching notes content
- Returns matching notes with linked company/project names
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Add farba (color) field to kurzy schema and Zod validation
- Add company detail fields (firma_ico, firma_dic, firma_ic_dph, firma_sidlo) to ucastnici
- Remove console logs from ai-kurzy service
- Add SQL migration scripts for schema updates and data
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Add AI Kurzy module with courses, participants, and registrations management
- Add project documents and service documents features
- Add service folders for document organization
- Add SQL import queries for services from firmy.slovensko.ai
- Update todo notifications and group messaging
- Various API improvements and bug fixes
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Add email_signatures table to schema
- Add email signature service, controller, routes
- Users can create/edit signature in Profile
- Toggle to include signature when sending email replies
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
lastName and secondaryEmail schemas now accept null values
sent from frontend, matching other optional fields pattern.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
The Zod schema was rejecting empty strings sent from the frontend.
Changed from z.string().optional().nullable() to z.union pattern
to properly handle "", null, and undefined values.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Allow members to create todos, companies, projects
- Auto-assign creator to resources (companyUsers, projectUsers, todoUsers)
- Add public /api/users endpoint for all authenticated users
- Make phone field optional in personal contacts (schema + validation)
- Update todo routes to use checkTodoAccess for updates
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Add description to Zod validation schema
- Add description to controller normalizePayload function
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Add messages table schema with soft delete support
- Add message service, controller and routes
- Update CORS to allow local network IPs
- Update server to listen on 0.0.0.0
- Fix cookie sameSite for local network development
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Add updateUser and resetUserPassword admin endpoints
- Change company status from boolean to enum (registered, lead, customer, inactive)
- Add 'important' event type to calendar validators and email templates
- Add 1-hour-before event notifications cron job
- Add 18:00 evening notifications for next-day events
- Add contact description field support
- Fix count() function usage in admin service
- Add SQL migrations for schema changes
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Add audit logging for contacts (link company, create company from contact)
- Add audit logging for notes (create, update, delete)
- Add audit logging for companies (update, user assign/remove, reminder CRUD)
- Add audit logging for projects (update, user assign/remove)
- Add audit logging for todos (update, uncomplete)
- Add audit logging for time entries (update, delete)
- Add audit logging for timesheets (upload, delete)
- Add audit logging for user deletion
- Add pagination and filters to audit logs API (userId, action, resource, dateFrom, dateTo)
- Add endpoints for distinct actions and resources
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- POST /api/events/:eventId/notify - send notifications from admin's email
- sendSingleEventNotification() uses admin's primary email account
- getSenderAccountByUserId() to get admin's email credentials
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- GET /admin/users now requires admin role
- GET /time-tracking/running-all now requires admin role
- GET /notes now requires admin role
- GET /audit-logs now requires admin role
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Rename meetings table to events with type field (meeting/event)
- Add eventUsers junction table for user assignments
- Members see only events they're assigned to
- Calendar endpoint returns events + todos for month
- Add migration SQL for database changes
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
- Add dueDate timestamp field to notes schema
- Update note validators to accept dueDate
- Update note service to handle dueDate in CRUD operations
- Fix company and project controllers to pass dueDate
- Fix route validations to include dueDate field
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Add companyId column to personal_contacts table
- Update personal-contact service to include companyName in list
- Add getContactsByCompanyId function for company contacts endpoint
- Add GET /companies/:companyId/contacts endpoint
- Add companyId to contact validation schema
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Add creator info (username) to companies, projects, and notes responses
- Add company_users table for team management on companies
- Add resourceAccessMiddleware for member access control
- Members can only see resources they are directly assigned to
- Companies, projects, and todos are now filtered by user assignments
- Add personal contacts feature
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Add admin-only authorization for company and projects CRUD operations
- Create requireAccountId middleware to eliminate code duplication
- Standardize error handling (use next(error) consistently)
- Change error messages to Slovak language
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
- Add status.service.js with CPU, RAM, Disk, Backend stats
- RAM calculation matches htop (reads /proc/meminfo)
- Includes uploads folder size, DB table count
- Returns both system and backend (process) uptime
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
- Add meetings table with timezone support
- Add meeting.service.js with timezone parsing (Europe/Bratislava)
- Add meeting.controller.js for CRUD operations
- Add meeting.routes.js with admin middleware for create/update/delete
- GET endpoints available for all authenticated users
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
- Extend audit.service.js with logging functions for projects, todos, companies, time tracking, and auth
- Create audit.controller.js for fetching recent audit logs with user info
- Create audit.routes.js with GET /api/audit-logs endpoint
- Add audit logging to project, todo, company, time-tracking, and auth controllers
- Log create/delete operations for projects, todos, companies
- Log timer start/stop for time tracking
- Log login/logout events
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
- Remove better-auth dependency (unused)
- Update JWT secrets to stronger values
- Add ENCRYPTION_SALT env variable for password encryption
- Add role field to createUserSchema validator
- Accept role from body in admin.controller createUser
- Fix todo filters: add priority filter, handle completed param
- Remove .env.example (merged into .env)
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
Schema changes:
- Added dueDate field to companyReminders table
- Removed reminderDate and reminderSent from notes table
Backend changes:
- Updated company-reminder.service with dueDate handling
- Added getUpcomingReminders function for dashboard
- Simplified note.service (removed reminder logic)
- Updated validators and routes
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
Implementovaný kompletný backend pre time tracking:
- Nová tabuľka time_entries s foreign keys na users, projects, todos, companies
- Service layer s business logikou pre CRUD operácie
- Controller pre všetky endpointy
- Validačné schémy pomocou Zod
- Routes s autentifikáciou a validáciou
- Endpointy:
* POST /api/time-tracking/start - Spustenie timeru
* POST /api/time-tracking/:id/stop - Zastavenie timeru
* GET /api/time-tracking/running - Získanie bežiaceho záznamu
* GET /api/time-tracking/month/:year/:month - Mesačné záznamy
* GET /api/time-tracking/stats/monthly/:year/:month - Mesačné štatistiky
* PATCH /api/time-tracking/:id - Aktualizácia záznamu
* DELETE /api/time-tracking/:id - Zmazanie záznamu
- Podpora pre isEdited flag pri editácii
- Kalkulácia duration v minútach
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
