CORS was blocking direct browser navigation/downloads in production.
Auth is still enforced by JWT/cookies on protected routes.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Install chromium in Alpine Dockerfile
- Add PUPPETEER_EXECUTABLE_PATH env var support
- Fallback to system Chrome paths if bundled Chrome not found
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
If participant with same email exists, update their data and
return existing record instead of throwing duplicate key error.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
drizzle.config.js imports from drizzle-kit, so it must be
installed in production for db:push to work on Coolify.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Use proper HTTP POST to upload blob to JMAP server
- Truemail JMAP requires /upload/{accountId}/ endpoint
- Simplified email creation with correct bodyStructure
- Better error logging for debugging
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Improves browser compatibility for PDF file downloads by setting
proper MIME type and filename encoding.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
The emailAccounts table doesn't have a userId column - it uses a
many-to-many relationship through userEmailAccounts table.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Create certificate-email.service.js with HTML email template
- Add beautiful gradient email template with course details
- Support PDF attachment via JMAP
- Add POST /prilohy/:prilohaId/send-email endpoint
- Add sendCertificateEmail controller function
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Add ico and dic columns to companies table schema
- Add validation for ico and dic in createCompanySchema and updateCompanySchema
- Update company.service.js to include ico and dic in all CRUD operations
- Include migration file for database changes
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Same approach as ScrumMaster - signatures are already in the background image,
no need to overlay separate PNG files which had quality issues.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Layout now:
1. Participant name (centered)
2. Course title (centered, below name)
3. Date range (centered, below course title)
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Position course title below header, not overlapping
- Center participant name above the horizontal line
- Position issue date above "Dátum" text at bottom left
- Use Bahnschrift font for course titles
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Add 3 new HTML templates: ScrumGeneric, ITIL, PRINCE2
- Add 3 background images: blue (Scrum), green (ITIL), orange (PRINCE2)
- Extract and add signatures: Gablas, Husam
- Update certificate.service.js to support multiple templates with different backgrounds
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Add datumOd and datumDo columns to kurzy table
- Remove datumOd, datumDo, pocetUcastnikov from registracie table
- Update schema, validators, and services accordingly
- Certificate generation now uses course dates
- Migration preserves existing data by copying most recent dates
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Move HTML template to src/templates/certificates/AIcertifikat.html
- Add template rendering with {{variable}} and {{#if}} syntax
- Add CERTIFICATE_TEMPLATES registry for multiple templates
- Accept templateName parameter in generateCertificate
- Add hasCertificate check to prevent duplicate certificates
- Add hasCertificate field to getCombinedTableData query
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Add team_leader access to /admin/users endpoint for user list viewing
- Add PDF certificate generation for AI Kurzy with Puppeteer
- Add certificate assets (background, signatures)
- Add getPrilohaById and download endpoint for attachments
- Fix time tracking service permissions for team_leader
- Fix timesheet controller/service permissions for team_leader
- Fix calendar badge to include reminders in count
- Add lastSeen to message service for online indicator
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Add team_leader role with appropriate permissions
- Add lastSeen timestamp for chat online indicator
- Add needsFollowup flag to ucastnici table
- Add getTodayCalendarCount endpoint for calendar badge
- Add company reminders to calendar data
- Enhance company search to include phone and contacts
- Update routes to allow team_leader access to kurzy, services, timesheets
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Create todo-notification.service.js with:
- notifyNewTodoAssignment(): push notification for new todo assignments
- notifyUpdatedTodoAssignment(): push notification for updated assignments
todo.service.js now delegates to the notification service instead of
containing inline push notification logic with error handling.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Add auditContext parameter to service mutating functions. Services now
call audit log functions internally when auditContext is provided.
Controllers pass { userId, ipAddress, userAgent } and no longer import
audit service or fetch extra data for audit purposes.
Files modified:
- 10 service files: added audit imports and auditContext parameter
- 9 controller files: removed audit imports and calls
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Create ai-kurzy.validators.js and service.validators.js with schemas
extracted from their respective route files. Routes now import schemas
instead of defining them inline.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Create src/config/upload.js with createUpload() factory and shared
ALLOWED_FILE_TYPES constant. Replace duplicated multer configs in 5
route files with calls to the shared factory.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Remove setPrimaryAccountSchema from email-account.validators.js and
requireOwnerOrAdmin from roleMiddleware.js — both have zero imports.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Includes deleted sql/ files, seeds, and documentation files.
Prepares master for refactoring branch.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Add pausedAt and pausedDuration columns to time_entries table.
New pause/resume endpoints with audit logging. Duration calculations
now correctly exclude paused time across start, stop, auto-stop,
and edit flows.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Restrict no-origin CORS bypass to development only
- Activate xss-clean middleware for input sanitization
- Add MIME type whitelist and filename sanitization to file uploads
- Reduce project upload limit from 50MB to 20MB
- Stop leaking stack traces in error responses
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Relax project PATCH route from requireAdmin to checkProjectAccess
- Normalize empty string companyId to null in updateProject service to prevent UUID parse error
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Add POST /auth/refresh endpoint for token renewal
- Only set refresh token cookie when rememberMe is true
- Add rememberMe field to login validator schema
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- pricingTiers field was missing from createServiceSchema
- pricingTiers field was missing from updateServiceSchema
- This caused the field to be stripped during validation
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Add pricingTiers field handling in createService/updateService
- Fix timesheet filename to use firstName-lastName-vykazprace-YYYY-MM.xlsx
- Fix company timesheet filename format similarly
- Removed timestamp from filename for cleaner naming
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Fix timesheet filename to use firstName-lastName format with username fallback
- Remove auto-assign creator to todos (user must manually select assignees)
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Add searchNotes service function with company/project info
- Add /notes/search endpoint for searching notes content
- Returns matching notes with linked company/project names
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Add postal_code column to companies table
- Add pricing_tiers column to services table for tiered pricing
- Update timesheet upload to generate filename in format {firstname}-{lastname}-timesheet-{date}
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Add farba (color) field to kurzy schema and Zod validation
- Add company detail fields (firma_ico, firma_dic, firma_ic_dph, firma_sidlo) to ucastnici
- Remove console logs from ai-kurzy service
- Add SQL migration scripts for schema updates and data
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Add AI Kurzy module with courses, participants, and registrations management
- Add project documents and service documents features
- Add service folders for document organization
- Add SQL import queries for services from firmy.slovensko.ai
- Update todo notifications and group messaging
- Various API improvements and bug fixes
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Add email_signatures table to schema
- Add email signature service, controller, routes
- Users can create/edit signature in Profile
- Toggle to include signature when sending email replies
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
