maciejpi/nordabiz
1
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity
1,968 Commits 1 Branch 0 Tags 114 MiB
a68910d029
Commit Graph

17 Commits

Author SHA1 Message Date
Maciej Pienczyn
a68910d029 fix: prevent duplicate forum topics from rapid double-submit
Some checks are pending
NordaBiz Tests / Unit & Integration Tests (push) Waiting to run
Details
NordaBiz Tests / E2E Tests (Playwright) (push) Blocked by required conditions
Details
NordaBiz Tests / Smoke Tests (Production) (push) Blocked by required conditions
Details
NordaBiz Tests / Send Failure Notification (push) Blocked by required conditions
Details 
- Backend: reject identical title+content from same author within 60s
  (mirrors existing protection on forum_reply)
- Frontend: disable submit button + 'Wysyłanie…' label on first click

Daniel Kochański accidentally created 7 identical 'Local content w praktyce'
topics within 5 seconds. Soft-deleted IDs 25-30 on prod, kept 24.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
 2026-04-13 13:29:40 +02:00
Maciej Pienczyn
8f0cfba516 fix: manually delete dependent records before forum topic deletion
Some checks are pending
NordaBiz Tests / Unit & Integration Tests (push) Waiting to run
Details
NordaBiz Tests / E2E Tests (Playwright) (push) Blocked by required conditions
Details
NordaBiz Tests / Smoke Tests (Production) (push) Blocked by required conditions
Details
NordaBiz Tests / Send Failure Notification (push) Blocked by required conditions
Details 
forum_topic_reads FK lacks CASCADE in DB, causing NotNullViolation.
Delete reads, replies, attachments, reports, subscriptions manually.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
 2026-04-10 08:00:51 +02:00
Maciej Pienczyn
593da4aebb fix: forum email notification links now point to specific reply
Some checks are pending
NordaBiz Tests / Unit & Integration Tests (push) Waiting to run
Details
NordaBiz Tests / E2E Tests (Playwright) (push) Blocked by required conditions
Details
NordaBiz Tests / Smoke Tests (Production) (push) Blocked by required conditions
Details
NordaBiz Tests / Send Failure Notification (push) Blocked by required conditions
Details 
Email notifications for forum replies were linking to /forum/ID
without the #reply-XX anchor. Now includes reply_id in the URL
so the email "Zobacz odpowiedź" button scrolls directly to the
new reply instead of the top of the topic.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
 2026-04-09 22:47:10 +02:00
Maciej Pienczyn
7b31e6ba44 security(permissions): restrict guest access to members-only areas
Some checks are pending
NordaBiz Tests / Unit & Integration Tests (push) Waiting to run
Details
NordaBiz Tests / E2E Tests (Playwright) (push) Blocked by required conditions
Details
NordaBiz Tests / Smoke Tests (Production) (push) Blocked by required conditions
Details
NordaBiz Tests / Send Failure Notification (push) Blocked by required conditions
Details 
- Forum: add @forum_access_required to ALL public routes (read+write)
- Reports: add @member_required to all report routes
- Announcements: add @member_required to list and detail
- Education: add @member_required to all routes
- Calendar: guests can VIEW all events but cannot RSVP (public+members_only)
- PEJ and ZOPK remain accessible (as intended for outreach)

UNAFFILIATED users (registered but not Izba members) are now properly
restricted from internal community features.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
 2026-03-19 16:23:56 +01:00
Maciej Pienczyn
d2d7a3f35d fix: prevent duplicate forum replies from double-submit
Some checks are pending
NordaBiz Tests / Unit & Integration Tests (push) Waiting to run
Details
NordaBiz Tests / E2E Tests (Playwright) (push) Blocked by required conditions
Details
NordaBiz Tests / Smoke Tests (Production) (push) Blocked by required conditions
Details
NordaBiz Tests / Send Failure Notification (push) Blocked by required conditions
Details 
Add frontend button disable on submit and backend duplicate detection
(same user, same content, within 30 seconds).

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-02-23 09:45:25 +01:00
Maciej Pienczyn
7cc0f7e5f5 feat: show reaction author names in tooltip on forum posts
Some checks are pending
NordaBiz Tests / Unit & Integration Tests (push) Waiting to run
Details
NordaBiz Tests / E2E Tests (Playwright) (push) Blocked by required conditions
Details
NordaBiz Tests / Smoke Tests (Production) (push) Blocked by required conditions
Details
NordaBiz Tests / Send Failure Notification (push) Blocked by required conditions
Details 
Hovering over a reaction button (👍, ❤️) now shows who reacted.
Names are loaded server-side and updated dynamically after toggling.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-02-22 15:49:30 +01:00
Maciej Pienczyn
f0a5ce5add fix: forum user stats tooltip showing 'Błąd' due to User.full_name attribute error
Some checks are pending
NordaBiz Tests / Unit & Integration Tests (push) Waiting to run
Details
NordaBiz Tests / E2E Tests (Playwright) (push) Blocked by required conditions
Details
NordaBiz Tests / Smoke Tests (Production) (push) Blocked by required conditions
Details
NordaBiz Tests / Send Failure Notification (push) Blocked by required conditions
Details 
User model has 'name', not 'full_name'. The incorrect attribute caused
every hover tooltip on forum usernames to show an error.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-02-22 15:20:36 +01:00
Maciej Pienczyn
48b42eb8b1 fix(forum): Delete dependent records before removing reply
Some checks are pending
NordaBiz Tests / Unit & Integration Tests (push) Waiting to run
Details
NordaBiz Tests / E2E Tests (Playwright) (push) Blocked by required conditions
Details
NordaBiz Tests / Smoke Tests (Production) (push) Blocked by required conditions
Details
NordaBiz Tests / Send Failure Notification (push) Blocked by required conditions
Details 
Explicitly delete reply reads, attachments, reports and edit history
before deleting the reply to avoid NotNullViolation on forum_reply_reads.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-02-14 18:09:15 +01:00
Maciej Pienczyn
5e77ede9fa feat(forum): Add email notifications for replies + custom tooltips
Some checks are pending
NordaBiz Tests / Unit & Integration Tests (push) Waiting to run
Details
NordaBiz Tests / E2E Tests (Playwright) (push) Blocked by required conditions
Details
NordaBiz Tests / Smoke Tests (Production) (push) Blocked by required conditions
Details
NordaBiz Tests / Send Failure Notification (push) Blocked by required conditions
Details 
- Email notifications sent to topic subscribers when new reply posted
- Auto-subscribe users when they reply to a topic
- Custom CSS tooltip on "seen by" avatars (replaces native title)
- GET /forum/<id>/unsubscribe endpoint for email unsubscribe links
- Clean up ROADMAP.md (remove unimplemented priorities, add RBAC/Slack)

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-02-06 04:10:47 +01:00
Maciej Pienczyn
c0d60481f0 refactor(rbac): Migrate legacy is_admin checks to role-based has_role()/set_role()
Some checks are pending
NordaBiz Tests / Unit & Integration Tests (push) Waiting to run
Details
NordaBiz Tests / E2E Tests (Playwright) (push) Blocked by required conditions
Details
NordaBiz Tests / Smoke Tests (Production) (push) Blocked by required conditions
Details
NordaBiz Tests / Send Failure Notification (push) Blocked by required conditions
Details 
Replace ~20 remaining is_admin references across backend, templates and scripts
with proper SystemRole checks. Column is_admin stays as deprecated (synced by
set_role()) until DB migration removes it.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-02-05 21:06:22 +01:00
Maciej Pienczyn
4181a2e760 refactor: Migrate access control from is_admin to role-based system 
Replace ~170 manual `if not current_user.is_admin` checks with:
- @role_required(SystemRole.ADMIN) for user management, security, ZOPK
- @role_required(SystemRole.OFFICE_MANAGER) for content management
- current_user.can_access_admin_panel() for admin UI access
- current_user.can_moderate_forum() for forum moderation
- current_user.can_edit_company(id) for company permissions

Add @office_manager_required decorator shortcut.
Add SQL migration to sync existing users' role field.

Role hierarchy: UNAFFILIATED(10) < MEMBER(20) < EMPLOYEE(30) < MANAGER(40) < OFFICE_MANAGER(50) < ADMIN(100)

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
 2026-02-01 21:05:22 +01:00
Maciej Pienczyn
e87ba8ee09 feat: Add read tracking for Forum topics/replies and B2B classifieds 
- Add ForumTopicRead, ForumReplyRead, ClassifiedRead models
- Add SQL migration for new tables
- Record reads when user views forum topic (topic + all visible replies)
- Record reads when user views B2B classified
- Display "Seen by" avatars in forum topic and B2B detail pages

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
 2026-01-31 20:50:27 +01:00
Maciej Pienczyn
36d988aee3 chore: Remove party emoji from forum reactions 
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
 2026-01-31 19:31:00 +01:00
Maciej Pienczyn
e8586b3e4e feat: Add forum admin tools (analytics, search, move, merge) 
New admin features:
- Analytics dashboard with stats, charts (Chart.js), user rankings
- CSV export of forum activity with date range
- Topic category move functionality
- Merge multiple topics into one
- Admin search across all posts (including deleted)
- User activity log with stats

New endpoints:
- GET /admin/forum/analytics
- GET /admin/forum/export-activity
- POST /admin/forum/topic/<id>/move
- POST /admin/forum/merge-topics
- GET /admin/forum/search
- GET /admin/forum/user/<id>/activity

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
 2026-01-31 19:29:02 +01:00
Maciej Pienczyn
c5f724f954 feat: Add forum search, markdown, user stats, and admin bulk actions 
New features implemented:
- Forum search with title/content filtering
- Solution filter (topics with marked solutions)
- Quote reply functionality with @mention
- @mentions parsing and notifications
- Simple markdown formatting (bold, italic, code, quotes, lists)
- User forum statistics tooltip (topics, replies, solutions, reactions)
- Admin bulk actions (pin/unpin, lock/unlock, status change, delete)

Files changed:
- blueprints/forum/routes.py: user_forum_stats, admin_forum_bulk_action endpoints
- templates/forum/topic.html: user stats tooltips, markdown CSS
- templates/forum/index.html: search box, solution filter
- templates/admin/forum.html: bulk selection checkboxes and action bar
- utils/markdown.py: simple forum markdown parser
- utils/notifications.py: @mention notification parsing

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
 2026-01-31 19:11:29 +01:00
Maciej Pienczyn
f22342ea37 feat: Add forum modernization with reactions, subscriptions, and moderation 
- Add edit tracking (24h limit), soft delete, and JSONB reactions to ForumTopic/ForumReply
- Create ForumTopicSubscription, ForumReport, ForumEditHistory models
- Add 15 new API endpoints for user actions and admin moderation
- Implement reactions (👍❤️🎉), topic subscriptions, content reporting
- Add solution marking, restore deleted content, edit history for admins
- Create forum_reports.html and forum_deleted.html admin templates
- Integrate notifications for replies, reactions, solutions, and reports
- Add SQL migration 024_forum_modernization.sql

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
 2026-01-31 18:55:40 +01:00
Maciej Pienczyn
ad2262388b refactor: Extract forum blueprint (Phase 3) 
- Create blueprints/forum/ with 10 routes:
  - forum_index, forum_new_topic, forum_topic, forum_reply
  - admin_forum, admin_forum_pin, admin_forum_lock
  - admin_forum_delete_topic, admin_forum_delete_reply
  - admin_forum_change_status
- Register forum blueprint with backward-compatible aliases
- Remove dead code from app.py (-422 lines)
- app.py: 13,820 → 13,398 lines (-3.1%)

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
 2026-01-31 07:42:18 +01:00