- Add /admin/users panel for managing users (toggle admin, toggle verified, assign company, reset password, delete)
- Add link to admin menu in base.html
- Replace native confirm()/alert() with styled modals and toast notifications
- Add confirmation modal for password reset with warning icon
- Add styled reset URL modal with copy functionality
- Add danger-styled confirmation modal for user deletion
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Remove sensitive tokens from logs (show only 8-char preview)
- Enforce SECRET_KEY minimum 32 characters (no default value)
- Reduce login rate limit from 100/hour to 5/hour
- Remove exposed PageSpeed API key from CLAUDE.md
BREAKING: Application requires SECRET_KEY >= 32 chars in .env
Author: Maciej Pienczyn z wykorzystaniem AI i Claude Opus
- Add /release-notes route with changelog from v1.0.0 to v1.9.0
- Document all major features added since platform launch
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Add /admin/gbp-audit panel with completeness stats, field coverage, company table
- Add /admin/social-audit panel with platform coverage, top followers, company table
- Update admin menu with new dashboard links
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Add value attribute to 5 text input fields (it_provider_name, it_contact_name,
it_contact_email, azure_tenant_name, ad_domain_name)
- Add content to collaboration_notes textarea
- Add JavaScript initialization for 23 select dropdowns in initializeForm()
This ensures that when editing an existing IT Audit, all previously entered values
are displayed in the form instead of showing empty fields with placeholders.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Edge cases handled:
1. Partial submission:
- Added is_partial flag to save response
- Dynamic success message based on completeness score
- Completeness threshold messages (< 30%, 30-70%, > 70%)
2. Company without audit:
- Fixed template to show "Brak audytu" for companies without audit
- Added "Utwórz audyt" button (+ icon) for companies without audit
- Fixed data structure mismatch between route and template
3. Multiple audit history:
- Added get_company_audit_history() convenience function
- Added has_company_audit() helper function
- Added /api/it-audit/history/<company_id> API endpoint
- Returns history_count in save response
Other fixes:
- Fixed stats variable naming in admin_it_audit route
- Fixed collaboration_matches data structure for template
- Fixed url_for to use slug instead of company_id
- Fixed match_type filter (shared_licensing not shared_m365_licensing)
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Created comprehensive test suite for IT audit collaboration matching:
1. Unit tests (tests/test_it_audit_collaboration.py):
- 12 tests verifying all 6 match types
- Backup replication, shared licensing, Teams federation
- Shared monitoring, collective purchasing, knowledge sharing
- Edge cases for size parsing and similarity
2. Integration test script (scripts/test_collaboration_matching.py):
- Creates test audits with matching criteria
- Runs collaboration matching algorithm
- Verifies matches saved to database
All unit tests pass (12/12).
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Created templates/it_audit.html for /audit/it/<slug> route that displays:
- Overall score with circular progress indicator
- Security, collaboration, completeness metrics
- Technology stack summary (Azure AD, M365, EDR, MFA, etc.)
- Collaboration flags (shared licensing, backup replication, etc.)
- Recommendations section
- Empty state when no audit data exists
Follows SEO audit template pattern for consistency.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Add user-facing IT audit dashboard route following the pattern of existing
SEO and GBP audit dashboards:
- Route: /audit/it/<slug>
- Access control: admin can view any company, members only their own
- Returns latest IT audit data with scores, technology flags, and recommendations
- Renders it_audit.html template
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Add API endpoint for getting IT audit collaboration matches for a company.
- Admin-only access (matches are not visible to regular users per spec)
- Returns all matches where company is either party A or B
- Includes partner company info, match type/score/reason, status
- Follows existing API patterns (login_required, try/finally, jsonify)
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Implemented POST endpoint at /it-audit/save that:
- Accepts JSON or form data with IT audit fields
- Validates company access (admin for any, users for their own)
- Parses boolean, array, and string fields with proper type handling
- Uses ITAuditService to save audit with scoring calculation
- Returns JSON with audit scores and redirect URL
- Includes rate limiting (30 per hour)
- Handles errors with rollback and logging
Added helper function _parse_it_audit_form_data() to properly parse:
- Boolean fields (checkboxes)
- Array fields (multi-select)
- String fields
- JSON fields (zabbix_integration)
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Add Flask route for IT audit form display:
- GET /it-audit/form with optional company_id query parameter
- Access control: admin can access any company, users only their own
- Defaults to current user's company if no company_id provided
- Pre-fills form with existing audit data if available
- Renders it_audit_form.html template
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Implemented the IT audit admin dashboard route at /admin/it-audit that:
- Checks for admin authentication (is_admin flag)
- Queries all active companies with their latest IT audit data
- Calculates statistics (audit count, avg scores, maturity distribution)
- Provides technology adoption stats (Azure AD, M365, PBS, Zabbix, EDR, DR)
- Queries collaboration flags from IT audits
- Retrieves and organizes collaboration matches by type
- Renders admin/it_audit_dashboard.html template
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Added collaboration matrix section to IT audit dashboard with:
- CSS styles for match type cards following combo-grid pattern
- Six match type categories: M365 licensing, backup replication,
Teams federation, shared monitoring, collective purchasing,
and knowledge sharing
- Company pairs display with status badges (suggested, contacted,
active, declined)
- Empty state with friendly message when no matches exist
- Responsive grid layout matching social_media.html patterns
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Create IT Audit admin dashboard template with:
- Header with title, description, and action buttons
- Stats grid showing: total audits, avg overall score, avg security
score, avg collaboration score, companies without audit
- Maturity level distribution (basic, developing, established, advanced)
- Technology stats grid (Azure AD, M365, Proxmox PBS, Zabbix, EDR, DR Plan)
- Collaboration flags section (6 cooperation types)
- Empty states for all sections when no data
- Responsive design following patterns from admin_seo_dashboard.html
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Enhanced updateProgress() function to track section-by-section completion
- Added calculateSectionCompletion() helper for per-section field analysis
- Added updateSectionProgress() for section-level progress indicators
- Implemented real-time progress tracking with input event listeners
- Added debounced input handlers for text/email/textarea fields
- Added keyboard navigation support for progress dots (accessibility)
- Progress bar color changes based on completion percentage:
- Primary (blue) for <50%
- Warning (yellow) for 50-79%
- Success (green) for >=80%
- Section dots and numbers turn green when section is 70%+ complete
- Properly handles conditional fields visibility in completion calculation
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Added three new form sections to IT audit form:
- Section 4: Endpoints (Workstations) - device types, OS, MDM, encryption
- Section 5: Security - antivirus/EDR, VPN, MFA, password policy, training
- Section 6: Backup & DR - backup solutions, targets, frequency, retention, DR plan
Features:
- Dropdowns for single-select options (MDM solution, VPN, antivirus, etc.)
- Chip-select for multi-select options (endpoint types, OS, MFA methods, etc.)
- Toggle switches for yes/no questions with conditional fields
- Full JavaScript support for new chip selections and conditional mappings
- Initialization support for editing existing audits
- Executed it_audit_migration.sql against DEV PostgreSQL (localhost:5433)
- Created it_audits and it_collaboration_matches tables
- Created 12 indexes for performance optimization
- Created 4 views: v_company_it_overview, v_it_audit_history,
v_it_collaboration_overview, v_it_technology_stats
- Added missing document_management column to match SQLAlchemy model
- Applied grants for nordabiz_app user
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Added ITCollaborationMatch model to database.py for storing company match pairs:
- company_a_id, company_b_id: Foreign keys to companies table
- match_type: Type of collaboration (shared_licensing, backup_replication, etc.)
- match_reason: Human-readable explanation of the match
- match_score: 0-100 strength score
- status: suggested, contacted, in_progress, completed, declined
- shared_attributes: JSONB for flexible attribute storage
- Helper properties for Polish labels (match_type_label, status_label)
- UniqueConstraint on (company_a_id, company_b_id, match_type)
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Add 'channel', 'c', 'user', '@' etc. to YouTube exclusion list
- Add 'bold_themes', 'boldthemes' to Twitter/Facebook exclusions (theme creators)
- Fix pattern matching loop to stop after first valid match per platform
- Prevents fallback pattern from overwriting correct channel ID with 'channel'
Fixes issue where youtube.com/channel/ID was being overwritten with
youtube.com/channel/channel by the second fallback pattern.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Add detailed logging to SocialMediaAuditor (website scan, Brave search, results)
- Slow down progress bar animation (400ms instead of 200ms) for better readability
- Bold "ZNALEZIONO" text for found platforms
- Display Google rating and review count in progress
- Increase wait time before modal close (4 seconds)
- Add console.log for debugging audit response
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Import and use SocialMediaAuditor from scripts/social_media_audit.py
- Audit now scans website HTML for social media links
- Discovers profiles via Brave Search API (if configured)
- Fetches Google Business Profile data via Google Places API
- Saves discovered profiles to database
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Add "Uruchom audyt" button to social_audit.html
- Create POST /api/social/audit endpoint to verify profile URLs
- Add loading overlay and modal for audit progress/results
- Audit verifies each social media URL and updates check_status
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Create /audit/social/<slug> route with platform presence analysis
- Create social_audit.html template with 6 platforms (FB, IG, LinkedIn, YT, X, TikTok)
- Add purple "Audyt Social" button on company profile next to GBP and SEO audits
- Show score based on platforms count, profile details and recommendations
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Create /audit/seo/<slug> route with access control (admin or company owner)
- Create seo_audit.html template with score visualization
- Add green "Audyt SEO" button next to GBP audit button on company profile
- Match styling and UX patterns from GBP audit feature
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Show "Google" badge next to each field in progress steps
- Blue badge indicates data comes from Google Places API
- Helps users understand where audit data originates
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Add new columns to CompanyWebsiteAnalysis: google_name, google_address,
google_phone, google_website, google_types, google_maps_url
- Update _check_name(), _check_address(), _check_phone(), _check_website(),
_check_categories() to use Google data instead of NordaBiz database
- All audit fields now show real data from Google Business Profile
- Fallback to NordaBiz data only when Google data unavailable
Migration: database/migrations/add_google_gbp_fields.sql
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Clearer breakdown showing:
- What points user already earned (✓)
- What's still pending (○)
- Actionable tip for zero reviews
- Goal reminder for partial scores
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Add fetch_google_business_data() to fetch fresh data from Google Places API
- Progress overlay shows all 10 data fields with actual values:
* Place search, Rating, Reviews, Photos, Hours, Phone, Website, Status
- 5-second delay after completion for user to read results
- Fix opening hours display (show formatted weekday_text)
- Fix reviews scoring (integer-based: 3 base + 1/review + 1 bonus)
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Add database migration to support opening hours and photos fields.
Update GBP audit service to properly fetch and validate these fields
from Google Business Profile API. Add comprehensive test coverage.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
