- HIGH: Fix SQL injection in ZOPK knowledge service (3 functions) — replace f-strings with parameterized queries
- MEDIUM: Sanitize tsquery/LIKE input in SearchService to prevent injection
- MEDIUM: Add @login_required + @role_required(ADMIN) to /health/full endpoint
- MEDIUM: Add @role_required(ADMIN) to ZOPK knowledge search API
- MEDIUM: Add bleach HTML sanitization on write for announcements, events, board proceedings (stored XSS via |safe)
- MEDIUM: Remove partial API key from Gemini service logs
- MEDIUM: Remove @csrf.exempt from chat endpoints, add X-CSRFToken headers in JS
- MEDIUM: Add missing CSRF tokens to 3 POST forms (data_request, benefits_form, benefits_list)
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
- Use fixed #1e293b/#f8fafc instead of CSS variables for tooltip
- Increase z-index, padding, font-size for better visibility
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
- Email notifications sent to topic subscribers when new reply posted
- Auto-subscribe users when they reply to a topic
- Custom CSS tooltip on "seen by" avatars (replaces native title)
- GET /forum/<id>/unsubscribe endpoint for email unsubscribe links
- Clean up ROADMAP.md (remove unimplemented priorities, add RBAC/Slack)
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
- Add @role_required to 2 missing routes (krs_api PDF download, zopk milestones)
- Add role-based menu visibility in admin bar (hide Users, Security, Benefits,
Model Comparison, Debug from OFFICE_MANAGER users)
- Inject SystemRole into Jinja2 context processor for template role checks
- Replace is_admin checkbox with role select dropdown in user creation form
- Migrate routes.py and routes_users_api.py from is_admin to SystemRole-based
role assignment via set_role()
- Add deprecation notice to is_admin database column
- Add 23 RBAC unit tests (hierarchy, has_role, set_role, permissions)
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Replace ~20 remaining is_admin references across backend, templates and scripts
with proper SystemRole checks. Column is_admin stays as deprecated (synced by
set_role()) until DB migration removes it.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Workflow: Active → Archive → Permanent Delete (hard delete from DB).
Only ADMIN role can permanently delete, and only archived companies.
FK cleanup across 35+ tables before deletion.
Also adds 4 missing items to v1.25.0 release notes:
- Strefa RADA simplified (removed documents section)
- Korzyści commission column visibility
- Company hard-delete feature
- User delete FK cascade fix
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Replace redundant documents tab with PDF generation from meeting data
using weasyprint. Meetings become the main /rada/ view with board
members section. Remove upload/view/download document routes and
templates.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Major UX improvements to meeting protocol editing:
- Numbered, color-coded cards with left accent borders
- Three fields per agenda item: Discussion, Decisions, Tasks
- Decisions and tasks as line-per-item textareas (auto-convert to arrays)
- Fill status indicators (green check vs empty circle)
- Collapsible sections to reduce visual clutter
- Add CSRF token to form (was missing)
- Better visual hierarchy with proceeding headers
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Update meeting view template to properly render proceedings data:
- Support both 'discussion' and legacy 'discussed' field names
- Render decisions and tasks as bulleted lists (not raw Python arrays)
- Handle multi-paragraph discussion text with proper line breaks
- Update print function to include tasks section and proper list rendering
Also updates meeting 1 data on staging with complete protocol content.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Rename clickable status badges to action-oriented labels:
- 'Program opublikowany' -> 'Zobacz program'
- 'Protokół opublikowany' -> 'Zobacz protokół'
Hide redundant 'Zobacz' button when status badge is already clickable.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Both agenda and protocol publish forms were missing CSRF tokens,
causing 'CSRF Token is missing' raw error. Adds hidden csrf_token
inputs and a global CSRFError handler that shows a friendly flash
message instead of raw system error.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Status badges on meetings list now link directly to the relevant
section: agenda_published -> #agenda, protocol_* -> #proceedings.
Also adds anchor IDs to meeting_view sections.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Meeting JSONB fields (proceedings, agenda_items) can be NULL for
meetings that haven't occurred yet. Add `or []` fallback to all
unguarded Jinja2 iterations to prevent TypeError on NoneType.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Adds staging-only UI elements: environment banner, TEST badges on nav
items, and floating test panel with feature checklist. Controlled by
STAGING=true env var — zero impact on production.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Changes:
- Add staff users dropdown for secretary selection (Magdalena Klóska)
- Implement 3-status attendance (present/absent/unknown) with colors
- Add automatic quorum calculation with visual indicator
- Add print buttons for agenda and protocol (opens formatted print view)
- Add quick edit action button in meetings list
- Fix Polish diacritics across all board templates
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Add BoardMeeting model with JSON fields for flexible data storage
- Add migration 049_board_meetings.sql
- Add routes for creating, editing, viewing meetings
- Add publish workflows for agenda and protocol
- Add templates: meetings_list, meeting_form (with tabs), meeting_view
- Support for: agenda items, attendance tracking, proceedings
- Pre-filled defaults for chairperson, secretary, location
- Quorum calculation (9/16 for majority)
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Add /rada/<id>/view endpoint for document preview
- PDF files displayed inline in browser
- DOCX files converted to HTML using mammoth library
- Add board members section showing all is_rada_member users
- Add "Podgląd" button next to "Pobierz" in document list
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Add @rada_member_required decorator for access control
- Add BoardDocument model for storing protocols and documents
- Create document upload service (PDF, DOCX, DOC up to 50MB)
- Add /rada/ blueprint with list, upload, download endpoints
- Add "Rada" link in navigation (visible only for board members)
- Add "Rada" badge and toggle button in admin user management
- Create SQL migration to set up board_documents table and assign
is_rada_member=True to 16 board members by email
Storage: /data/board-docs/ (outside webroot for security)
Access: is_rada_member=True OR role >= OFFICE_MANAGER
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Check for pending membership application on homepage
- Show blue "Deklaracja w toku" banner with status info
- Different messages for: draft, submitted, under_review, pending_user_approval, changes_requested
- Link to membership status page instead of application form
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Block company detail access for non-members (redirect to membership form)
- Show membership CTA header instead of catalog header for non-members
- Add info banner explaining access restriction
- Non-members can still see company list on homepage
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Filter next_event by user's view permissions
- Check user_can_attend before showing "Zapisz się" button
- Show "🔒 Rada Izby" badge for restricted events
- Add "Złóż deklarację" banner for non-NORDA members on homepage
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Members can VIEW Rada Izby events (title, date, location)
- Only Rada members can RSVP and see attendee list
- Add can_user_see_attendees() method to NordaEvent
- Update event template to conditionally show RSVP and attendees
- Add info banner for non-Rada members viewing restricted events
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Add access_level field to norda_events (public, members_only, rada_only)
- Add is_rada_member field to users table
- Add can_user_view() and can_user_attend() methods to NordaEvent model
- Update calendar routes to filter events by user permissions
- Add access_level dropdown to admin event form
- Rada Izby events only visible to designated board members
- Regular member meetings visible to all NORDA members
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Add Benefit and BenefitClick models for tracking affiliate offers
- Create /korzysci blueprint with admin-only access (test mode)
- Add admin panel at /admin/benefits for managing offers
- Include WisprFlow as first benefit with branded link ref.wisprflow.ai/norda
- Add QR code support for printed materials
- Track clicks with user attribution and analytics
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Pulsing green dot with 'Oczekuje na aktywacje...' text
- Changes to 'Aktywowano! Przekierowuje...' when verified
- Visual feedback that page is actively checking
- Add /auth/check-verification-status API endpoint
- Add JS polling every 3s on registration success page
- When email is verified elsewhere, redirect to dashboard automatically
- No need for user to manually navigate back
This improves UX by detecting verification in the original tab
- Reduce padding, margins, and icon sizes
- Compact email box to horizontal layout
- Steps in 2x2 grid instead of vertical list
- Combine timer and spam warning
- Shorter button text
User feedback: page should not require scrolling
Registration flow improvements:
- New dedicated success page (/registration-success) with clear instructions
- Shows email address where verification link was sent
- Step-by-step guide what to do next
- Link validity reminder (24 hours)
- Easy access to resend verification
Verification flow improvements:
- Auto-login after email verification (no need to enter password)
- Redirect to dashboard instead of login page
- If already verified, auto-login and redirect to dashboard
- Audit logging for verification and auto-login events
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Modules now requiring MEMBER role or higher:
- NordaGPT (/chat) - with dedicated landing page for non-members
- Wiadomości (/wiadomosci) - private messaging
- Tablica B2B (/tablica) - business classifieds
- Kontakty (/kontakty) - member contact information
Non-members see a promotional page explaining the benefits
of NordaGPT membership instead of being simply redirected.
This provides clear value proposition for NORDA membership
while protecting member-exclusive features.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Replace ~170 manual `if not current_user.is_admin` checks with:
- @role_required(SystemRole.ADMIN) for user management, security, ZOPK
- @role_required(SystemRole.OFFICE_MANAGER) for content management
- current_user.can_access_admin_panel() for admin UI access
- current_user.can_moderate_forum() for forum moderation
- current_user.can_edit_company(id) for company permissions
Add @office_manager_required decorator shortcut.
Add SQL migration to sync existing users' role field.
Role hierarchy: UNAFFILIATED(10) < MEMBER(20) < EMPLOYEE(30) < MANAGER(40) < OFFICE_MANAGER(50) < ADMIN(100)
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Change address_postal_code to address_postal (correct Company field name)
- Combine address_street + address_number into address_street (Company has no address_number field)
- Fix template reference to company.address_postal
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Remove position:sticky from actions-section to prevent overlap
- Redesign user acceptance alert with better visual hierarchy
- Clearer message about next steps after user accepts changes
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Display prominent green alert informing admin that user has accepted
the proposed changes and they can now approve the membership application.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Position "Historia workflow" right after "Akcje" section so it's
visible without scrolling. Previously it was hidden below "Zgłaszający".
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Show same workflow history on admin side as users see, with sub-workflow
arrows (↓ for admin proposals, ↑ for user responses).
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
