TroodonEnjoyer
bc83af8e00
Started PostgreSQL — data directory was uninitialized, ran initdb, set password, switched to md5 auth, all 24 migrations applied.
...
Hardened db.ts — added statement_timeout: 30000, idle_in_transaction_session_timeout: 10000, created transaction() helper (BEGIN/COMMIT/ROLLBACK).
Multi-step API routes wrapped in transactions — Events POST, Conversations POST use atomic blocks.
Fixed leads pagination — status filter pushed into SQL WHERE (no client-side filtering after LIMIT/OFFSET), added SELECT COUNT(*) for total.
Rewrote dashboard — SQL aggregations (COUNT + GROUP BY + date_trunc) replace loading all leads into memory.
Optimized conversations GET — merged duplicate correlated subqueries into single LEFT JOIN LATERAL.
Created migration 021_performance_indexes.sql — 8 missing indexes + set_session_user_context() function caching current_user_hierarchy_level() as session variable (avoids per-query RLS join).
Fixed build error — duplicate const other in conversations route. Also fixed a TypeScript never error in dashboard breakdown map.
Verified — npx tsc --noEmit clean, npm test (13 pass, 7 integration skip gracefully), npx next build succeeds.
2026-07-06 13:36:48 +02:00
Hannah_Bagga
da99b695be
just some things i needed to get back into the CRM
2026-07-03 16:05:03 +02:00
TroodonEnjoyer
37af1febcc
Automate DB migrations + fix audit trigger + drop forced password change
...
- scripts/run-migrations.mjs: auto-applies unapplied .sql files on
npm run dev/setup via psql, tracks state in _migrations table
- 020_fixes.sql: sets password_change_required=FALSE for all users,
fixes audit_password_change UUID cast, re-enables trigger
- package.json: hook migrations into dev:precheck
- setup.mjs: hook into npm run setup
- run_all.sql: add 020_fixes.sql to migration order
2026-07-01 13:07:15 +02:00
Ace
2c3a8e5333
Added qwen to serve as an repair agent.
2026-06-29 15:06:03 +02:00
JCBSComputer
68483e9b60
Calender & Linked Added
2026-06-26 16:38:18 +02:00
Ace
da702d6beb
Changed from user specific, to open for everyone
2026-06-26 11:48:51 +02:00
Ace
c9df7787d5
Added in loading bot
2026-06-26 11:10:58 +02:00
Hannah_Bagga
1465016b56
.....
2026-06-25 15:15:35 +02:00
Ace
b245b352e7
Updated Ai to pull from facebook, added a loading SVG to make user wait for server too boot up, and added commands that can be used to start off the AI exstraction
2026-06-24 17:17:38 +02:00
Hannah_Bagga
7bd9c17b5f
Add Node.js AI server, fix dev scripts, ignore rust-ai/target
2026-06-23 11:07:55 +02:00
Ace
1adc4806fa
Files Changed
...
Security Fixes
File Change
.env.local Placeholder JWT secret (rotate to random value: openssl rand -base64 64)
src/middleware.ts Removed /api/auth/me bypass; API routes return JSON 401 (not 302 redirect)
src/lib/auth.ts sameSite: "lax" → "strict" (create + destroy cookie); SVG name chars are pre-computed (no injection)
src/lib/avatar.ts Added sanitizeName() — strips non-alphanumeric/safe chars, max 50 chars
src/app/api/users/route.ts POST restricted to super_admin; validates role against whitelist ["sales","admin","super_admin","dev"]; validates active defaults to true
src/app/api/users/[id]/route.ts DELETE restricted to super_admin; blocks self-deletion
src/app/api/leads/[id]/route.ts GET: non-admin users filtered by assigned_to; PATCH: ownership check + score validated 0-100 range
src/app/api/leads/route.ts DELETE: ownership + admin check; GET: ownership filter for non-admin users
src/app/api/conversations/[id]/messages/route.ts GET/POST: verify user is a conversation_participant before access
rust-ai/src/main.rs CORS: AllowOrigin::list(["localhost:3006", "127.0.0.1:3006"]) (was Any)
Performance Fixes
File Change
src/app/api/leads/route.ts Added limit (default 50), offset query params; ownership filter in SQL
src/app/api/users/route.ts Added limit (default 50), offset query params
src/app/api/conversations/route.ts Added LIMIT 50
src/app/api/leads/[id]/notes/route.ts Added limit (default 50), offset query params
src/app/api/conversations/[id]/messages/route.ts Added limit (default 100), offset, before query params
src/app/(dashboard)/chats/page.tsx Pruned to 5 cached conversations; useMemo wraps messages/conversation/filteredConversations; otherParticipant moved outside component; added 10MB file size limit; recordingChunksRef cleared on discard
src/app/(dashboard)/leads/[id]/page.tsx Optimistic status update rolls back on fetch failure
database/migrations/003_chat.sql Added composite index idx_messages_conversation_created on (conversation_id, created_at DESC)
Code Quality Fixes
File Change
src/lib/ai.ts Removed dead getInstructions()/updateInstructions() (called nonexistent /ai/instructions)
src/lib/auth.ts bcrypt.hash(password, 12) — kept (acceptable, OWASP-recommended)
src/app/login/page.tsx "Forgot password?" button now shows alert to contact admin (was no-op)
src/components/users/user-form-dialog.tsx Password min 6 → 8 chars
26 silent catch {} blocks across 16 files (see below) Added console.warn("...") context messages
2026-06-23 09:45:30 +02:00
Ace
b81f391df5
Got facebook to work test tomorrow with new accounts please
2026-06-22 22:00:56 +02:00
Ace
0bae5bb746
pakage update
2026-06-22 13:03:39 +02:00
Ace
be5808f3fc
AI somewhat added
2026-06-22 12:37:38 +02:00
caitlin
178677aa85
Merge branch 'main' of https://git.coastit.co.za/caitlin/CRM_ENVR
2026-06-18 13:27:33 +02:00
TroodonEnjoyer
5238b59140
Added 4 Demo Users, with Coast emails, Hierarchy, roles etc.
2026-06-18 13:13:29 +02:00
caitlin
fd2d4ff976
I fixed the filter for all the leads
2026-06-18 12:15:44 +02:00
TroodonEnjoyer
ee44e9fc47
Added Database
2026-06-17 16:43:09 +02:00
Ace
d6d784cef3
Added in Logo's and worked on Avatars and Chats
2026-06-17 16:26:32 +02:00
caitlin
4898bf7142
Initial commit
2026-06-17 13:51:22 +02:00