Notifications (fire-and-forget, non-blocking) for: review submitted,
approved/rejected/revision requested, task assigned/completed, issue
assigned/status changed, campaign created, user invited. Emails render
in user's preferred language (EN/AR) with RTL support. Adds
preferred_language to Users, syncs from frontend language toggle.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
The 401 handler in api.js was redirecting to /login on ALL pages,
including public review/approval pages, defeating their purpose.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
- Removed h1 titles from Settings and Brands (already in Header)
- Server injects og:title, og:description, og:image meta tags for
/review-post/:token URLs so WhatsApp/Slack show proper previews
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Added missing title keys for calendar, artefacts, brands, budgets,
issues, and settings. No more fallback "Page" text.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Show button only when post has no approval token. Once a link exists,
only the link is shown. Server preserves status for non-draft posts.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Derived from post.approval_token instead of transient state, so it
persists when the panel is closed and reopened.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Brands and modules fields were hidden/disabled when editing self.
Superadmins now see editable brands dropdown and modules toggles.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
The self-edit path only sent name+phone. Superadmins now use the full
team update endpoint so brands, modules, and role changes persist.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
- Reject requires feedback on both client and server (400 if empty)
- PublicPostReview uses post-specific i18n keys instead of artefact ones
- Team list always includes superadmins/managers for non-superadmin users
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
- Token-based public review page at /review-post/:token
- Submit for Review button generates shareable link
- External reviewers can approve/reject with comments
- Approval gate prevents skipping review (superadmin override)
- i18n keys for review flow in en + ar
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
- Add approval process to posts (approver multi-select, rejected status column)
- Reorganize PostDetailPanel into Content, Scheduling, Approval sections
- Fix save button visibility: move to fixed footer via SlidePanel footer prop
- Change date picker from datetime-local to date-only
- Complete Arabic translations across all panels (Header, Issues, Artefacts)
- Fix artefact versioning to start empty (copyFromPrevious defaults to false)
- Separate media uploads by type (image, audio, video) in PostDetailPanel
- Fix team membership save when editing own profile as superadmin
- Server: add approver_ids column to Posts, enrich GET/POST/PATCH responses
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
- InteractiveTimeline: dir="ltr" on scroll area, i18n for all strings
- ArtefactVersionTimeline: text-start, ms-11 logical properties
- Header dropdown: end-0 instead of right-0, text-start on menu items
- Added 11 new timeline i18n keys (en + ar)
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Add "Admin Actions" section (superadmin-only, collapsed by default) with
password + confirm fields, eye toggle, mismatch validation, and success toast.
Delete button moved here too.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Cards (bg-white → #22223a) now sit visibly above kanban columns
and section backgrounds (surface-secondary → #1c1c2a).
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Deep layered surfaces (#15151e → #1c1c2a → #24243a), ambient
purple/cyan/gold background glow, glass-edge borders, translucent
status badges, form inputs with accent focus glow, comprehensive
overrides for all hardcoded bg-white/gray/border/text utilities,
brand primary with violet glow effect, and dark selection highlight.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
The ThemeContext was toggling the 'dark' class on <html> but the CSS
custom properties never changed. Added:
- .dark selector overriding all theme color variables
- .dark overrides for hardcoded bg-white, bg-gray-*, text-gray-*,
border-gray-* classes used throughout components
- Dark mode input/select/textarea styling
- Dark mode scrollbar colors
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
- Team page: add member via modal with password confirmation,
keep SlidePanel for editing existing members only
- Settings: add role via modal with color picker presets,
keep inline editing for existing roles
- Remove create-mode code from TeamMemberPanel
- Add i18n keys: confirmPassword, passwordsDoNotMatch, memberAdded,
roleColor (en + ar)
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
NocoDB list endpoint doesn't always return all fields (e.g.
password_hash). Use list() to find by email/token, then get()
to fetch the full record with all fields.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
- Migrate auth credentials from SQLite (auth.db) to NocoDB Users table
with one-time migration function (auth.db → auth.db.bak)
- Add email-based password reset via Cloudron SMTP (nodemailer)
- Add GET /api/health endpoint for monitoring
- Add startup env var validation with clear error messages
- Strip sensitive fields (password_hash, reset_token) from all API responses
- Add ForgotPassword + ResetPassword pages with i18n (en/ar)
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
- Multi-select bulk delete in all 5 list views (Artefacts, Posts, Tasks,
Issues, Assets) with cascade deletes and confirmation modals
- Team-based issue dispatch: team picker on public issue form, team filter
on Issues page, copy public link from Team page and Issues header,
team assignment in IssueDetailPanel
- Month/Week toggle on PostCalendar and TaskCalendarView
- Month/Week/Day zoom on project and campaign timelines (InteractiveTimeline)
and ProjectDetail GanttView, with Month as default
- Custom timeline bar colors: clickable color dot with 12-color palette
popover on project, campaign, and task timeline bars
- Artefacts default view changed to list
- BulkSelectBar reusable component
- i18n keys for all new features (en + ar)
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Fixes CORS errors when deployed behind a reverse proxy by removing
hardcoded localhost references in Brands.jsx and PostCard.jsx.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
api.post() was setting Content-Type to application/json and JSON.stringifying
the FormData, which destroyed the file data and caused "Either file upload or
drive_url is required" error.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Only fetch data and render stat cards, lists, and widgets for modules
the user has enabled (marketing, projects, finance).
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Users can choose English or Arabic during profile setup. The
selection is applied immediately via the existing LanguageContext.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
- Remove team_role and brands from profile completion wizard
- Lock team_role and brands fields when user edits own profile
- Remove team_role and brands from PATCH /users/me/profile endpoint
- Profile completeness now checks name instead of team_role
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Await loadTeam() and loadTeams() so the UI reflects changes
immediately without needing a manual page refresh.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Users without a team_role now show their system role instead of
the generic "Team Member" fallback.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
- Remove team_role filter from GET /api/users/team — all users now
appear in the team view
- POST /api/users now accepts team_role, brands, phone, modules
- PATCH /api/users/:id now accepts team_role, phone, brands, modules
- Users without team_role display their system role as fallback
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Tables like Users, Brands, Campaigns, Projects, etc. are now created
automatically by ensureRequiredTables() if they don't exist, removing
the need to run setup-tables.js manually on fresh deployments.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
When no users exist in the database, the login page shows a setup
form to create the initial superadmin account. The /api/setup
endpoint is locked once the first user is created.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
- Fix Dashboard stat card: show "Budget Remaining" instead of "Budget Spent"
with correct remaining value accounting for campaign allocations
- Add expense system: budget entries now have income/expense type with
server-side split, per-campaign and per-project expense tracking,
colored amounts, type filters, and summary bar in Budgets page
- Add configurable currency in Settings (SAR default, supports 10
currencies) replacing all hardcoded SAR references across the app
- Replace PiggyBank icon with Landmark (culturally appropriate for KSA)
- Visual upgrade: mesh background, gradient text, premium stat cards with
accent bars, section-card containers, sidebar active glow
- UX polish: consistent text-2xl headers, skeleton loaders for Finance
and Budgets pages
- Finance page: expenses column in campaign/project breakdown tables,
ROI accounts for expenses, expense stat card
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
