mirror of
https://git.coastit.co.za/caitlin/CRM_ENVR.git
synced 2026-07-10 11:15:43 +02:00
Security architecture upgrade + bug reporting system
Database & Security: - Dual password storage: bcrypt (auth) + pgcrypto AES-256 (recovery) - SUPER_ADMIN master key recovery system (master_keys table) - Row Level Security on customers, leads, opportunities, communications, tasks - SALES_USER: own records only - ADMIN: all records - SUPER_ADMIN: all records (bypasses RLS) - Immutable audit logs (DELETE/UPDATE blocked by triggers) - New audit event types: BUG_CREATED, BUG_UPDATED, BUG_ASSIGNED, BUG_RESOLVED, LOGIN, LOGOUT - Database export logging (database_export_logs table) - Backup logging with pg_dump script (scripts/backup.ps1) - Fixed audit constraint to allow new action types Authentication: - Random JWT secret generated on every dev server start (invalidates all prior sessions after restart) - Session cookie is now session-only (no maxAge) - setSessionContext() for RLS integration Bug Reporting System: - bug_reports table with RLS (insert by all, select/update by admin only) - POST /api/bug-reports (any authenticated user) - GET /api/bug-reports (admin/super_admin only) - PATCH /api/bug-reports/:id (admin/super_admin only) - POST /api/auth/recover (super_admin password recovery) - Audit logging for all bug report actions Other: - Added 'dev' to UserRole type - Bug report modal UI with severity selector - Added bug report button to topbar
This commit is contained in:
@@ -34,5 +34,11 @@ BEGIN;
|
||||
\echo '=== Running 009_settings.sql (Company Settings + User Preferences) ==='
|
||||
\i 009_settings.sql
|
||||
|
||||
\echo '=== Running 013_security_upgrade.sql (Security Architecture: RLS, Encryption, Master Keys, Backups) ==='
|
||||
\i 013_security_upgrade.sql
|
||||
|
||||
\echo '=== Running 014_bug_reports.sql (Bug Reporting System) ==='
|
||||
\i 014_bug_reports.sql
|
||||
|
||||
\echo '=== Migration Complete ==='
|
||||
COMMIT;
|
||||
|
||||
Reference in New Issue
Block a user