- HIGH: Fix SQL injection in ZOPK knowledge service (3 functions) — replace f-strings with parameterized queries
- MEDIUM: Sanitize tsquery/LIKE input in SearchService to prevent injection
- MEDIUM: Add @login_required + @role_required(ADMIN) to /health/full endpoint
- MEDIUM: Add @role_required(ADMIN) to ZOPK knowledge search API
- MEDIUM: Add bleach HTML sanitization on write for announcements, events, board proceedings (stored XSS via |safe)
- MEDIUM: Remove partial API key from Gemini service logs
- MEDIUM: Remove @csrf.exempt from chat endpoints, add X-CSRFToken headers in JS
- MEDIUM: Add missing CSRF tokens to 3 POST forms (data_request, benefits_form, benefits_list)
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
- Use fixed #1e293b/#f8fafc instead of CSS variables for tooltip
- Increase z-index, padding, font-size for better visibility
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
- Email notifications sent to topic subscribers when new reply posted
- Auto-subscribe users when they reply to a topic
- Custom CSS tooltip on "seen by" avatars (replaces native title)
- GET /forum/<id>/unsubscribe endpoint for email unsubscribe links
- Clean up ROADMAP.md (remove unimplemented priorities, add RBAC/Slack)
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
- Add @role_required to 2 missing routes (krs_api PDF download, zopk milestones)
- Add role-based menu visibility in admin bar (hide Users, Security, Benefits,
Model Comparison, Debug from OFFICE_MANAGER users)
- Inject SystemRole into Jinja2 context processor for template role checks
- Replace is_admin checkbox with role select dropdown in user creation form
- Migrate routes.py and routes_users_api.py from is_admin to SystemRole-based
role assignment via set_role()
- Add deprecation notice to is_admin database column
- Add 23 RBAC unit tests (hierarchy, has_role, set_role, permissions)
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Replace ~20 remaining is_admin references across backend, templates and scripts
with proper SystemRole checks. Column is_admin stays as deprecated (synced by
set_role()) until DB migration removes it.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Workflow: Active → Archive → Permanent Delete (hard delete from DB).
Only ADMIN role can permanently delete, and only archived companies.
FK cleanup across 35+ tables before deletion.
Also adds 4 missing items to v1.25.0 release notes:
- Strefa RADA simplified (removed documents section)
- Korzyści commission column visibility
- Company hard-delete feature
- User delete FK cascade fix
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Expunge user from ORM session and use raw SQL DELETE to prevent
SQLAlchemy from trying to SET NULL on backref relationships.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Clean up FK references with NO ACTION before user deletion:
- SET NULL for nullable FK columns (30+ tables)
- DELETE records for NOT NULL FK columns without CASCADE
Prevents IntegrityError on user_notifications and other tables.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Fixes email mismatches that would have created duplicate accounts:
- Artur Wiertel: norda-biznes.info → waterm.pl (existing prod ID=3)
- Andrzej Gorczycki: zukwejherowo.pl → ekofabrykawejherowo.pl (prod ID=41)
Adds secretary (Magdalena Klóska) and deactivates corrupted duplicate (ID=40).
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
WeasyPrint raises OSError (not ImportError) when pango/cairo system
libraries are not installed. Catch both to allow graceful fallback.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Replace redundant documents tab with PDF generation from meeting data
using weasyprint. Meetings become the main /rada/ view with board
members section. Remove upload/view/download document routes and
templates.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Major UX improvements to meeting protocol editing:
- Numbered, color-coded cards with left accent borders
- Three fields per agenda item: Discussion, Decisions, Tasks
- Decisions and tasks as line-per-item textareas (auto-convert to arrays)
- Fill status indicators (green check vs empty circle)
- Collapsible sections to reduce visual clutter
- Add CSRF token to form (was missing)
- Better visual hierarchy with proceeding headers
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Update meeting view template to properly render proceedings data:
- Support both 'discussion' and legacy 'discussed' field names
- Render decisions and tasks as bulleted lists (not raw Python arrays)
- Handle multi-paragraph discussion text with proper line breaks
- Update print function to include tasks section and proper list rendering
Also updates meeting 1 data on staging with complete protocol content.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Rename clickable status badges to action-oriented labels:
- 'Program opublikowany' -> 'Zobacz program'
- 'Protokół opublikowany' -> 'Zobacz protokół'
Hide redundant 'Zobacz' button when status badge is already clickable.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Both agenda and protocol publish forms were missing CSRF tokens,
causing 'CSRF Token is missing' raw error. Adds hidden csrf_token
inputs and a global CSRFError handler that shows a friendly flash
message instead of raw system error.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Status badges on meetings list now link directly to the relevant
section: agenda_published -> #agenda, protocol_* -> #proceedings.
Also adds anchor IDs to meeting_view sections.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Meeting JSONB fields (proceedings, agenda_items) can be NULL for
meetings that haven't occurred yet. Add `or []` fallback to all
unguarded Jinja2 iterations to prevent TypeError on NoneType.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Adds staging-only UI elements: environment banner, TEST badges on nav
items, and floating test panel with feature checklist. Controlled by
STAGING=true env var — zero impact on production.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Changes:
- Add staff users dropdown for secretary selection (Magdalena Klóska)
- Implement 3-status attendance (present/absent/unknown) with colors
- Add automatic quorum calculation with visual indicator
- Add print buttons for agenda and protocol (opens formatted print view)
- Add quick edit action button in meetings list
- Fix Polish diacritics across all board templates
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Add BoardMeeting model with JSON fields for flexible data storage
- Add migration 049_board_meetings.sql
- Add routes for creating, editing, viewing meetings
- Add publish workflows for agenda and protocol
- Add templates: meetings_list, meeting_form (with tabs), meeting_view
- Support for: agenda items, attendance tracking, proceedings
- Pre-filled defaults for chairperson, secretary, location
- Quorum calculation (9/16 for majority)
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Converts DOCX/DOC to PDF using soffice --headless
- Caches converted PDFs alongside originals
- Falls back to mammoth HTML if LibreOffice fails
- Preserves full document formatting and graphics
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Add /rada/<id>/view endpoint for document preview
- PDF files displayed inline in browser
- DOCX files converted to HTML using mammoth library
- Add board members section showing all is_rada_member users
- Add "Podgląd" button next to "Pobierz" in document list
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Add @rada_member_required decorator for access control
- Add BoardDocument model for storing protocols and documents
- Create document upload service (PDF, DOCX, DOC up to 50MB)
- Add /rada/ blueprint with list, upload, download endpoints
- Add "Rada" link in navigation (visible only for board members)
- Add "Rada" badge and toggle button in admin user management
- Create SQL migration to set up board_documents table and assign
is_rada_member=True to 16 board members by email
Storage: /data/board-docs/ (outside webroot for security)
Access: is_rada_member=True OR role >= OFFICE_MANAGER
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Check for pending membership application on homepage
- Show blue "Deklaracja w toku" banner with status info
- Different messages for: draft, submitted, under_review, pending_user_approval, changes_requested
- Link to membership status page instead of application form
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Notify ADMIN and OFFICE_MANAGER users when new membership application is submitted
- Include applicant name, company name, and link to application detail
- Use notification_type='alert' for visibility
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Block company detail access for non-members (redirect to membership form)
- Show membership CTA header instead of catalog header for non-members
- Add info banner explaining access restriction
- Non-members can still see company list on homepage
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Filter next_event by user's view permissions
- Check user_can_attend before showing "Zapisz się" button
- Show "🔒 Rada Izby" badge for restricted events
- Add "Złóż deklarację" banner for non-NORDA members on homepage
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Members can VIEW Rada Izby events (title, date, location)
- Only Rada members can RSVP and see attendee list
- Add can_user_see_attendees() method to NordaEvent
- Update event template to conditionally show RSVP and attendees
- Add info banner for non-Rada members viewing restricted events
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Add access_level field to norda_events (public, members_only, rada_only)
- Add is_rada_member field to users table
- Add can_user_view() and can_user_attend() methods to NordaEvent model
- Update calendar routes to filter events by user permissions
- Add access_level dropdown to admin event form
- Rada Izby events only visible to designated board members
- Regular member meetings visible to all NORDA members
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Add Benefit and BenefitClick models for tracking affiliate offers
- Create /korzysci blueprint with admin-only access (test mode)
- Add admin panel at /admin/benefits for managing offers
- Include WisprFlow as first benefit with branded link ref.wisprflow.ai/norda
- Add QR code support for printed materials
- Track clicks with user attribution and analytics
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Pulsing green dot with 'Oczekuje na aktywacje...' text
- Changes to 'Aktywowano! Przekierowuje...' when verified
- Visual feedback that page is actively checking
