Adds distanceMethod to DriverStatsDto and LocationHistoryResponse interface
to support the OSRM road-snapping feature.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Routes now follow actual roads instead of cutting through buildings:
- New OsrmService calls free OSRM Match API to snap GPS points to roads
- Position history endpoint accepts ?matched=true for road-snapped geometry
- Stats use OSRM road distance instead of Haversine crow-flies distance
- Frontend shows solid blue polylines for matched routes, dashed for raw
- Handles chunking (100 coord limit), rate limiting, graceful fallback
- Distance badge shows accurate road miles on route trails
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
- Replace Traccar summary API dependency with local Haversine distance calculation
- Calculate mileage from GpsLocationHistory table (sum consecutive positions)
- Filter out GPS jitter (<0.01mi), gaps (>10min), and unrealistic speeds (>100mph)
- Calculate trips, driving time, average/top speed from position history
- Add detailed stats logging for debugging
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Backend:
- Increase sync overlap buffer from 5s to 30s to catch late-arriving positions
- Add position history endpoint GET /gps/locations/:driverId/history
- Add logging for position sync counts (returned vs inserted)
Frontend:
- Add useDriverLocationHistory hook for fetching position trails
- Draw Polyline route trails on GPS map for each tracked driver
- Historical positions shown as semi-transparent paths behind live markers
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Issue #1: QR button on GPS Devices tab for re-enrollment
Issue #2: App-wide timezone setting with TimezoneContext, useFormattedDate hook,
and admin timezone selector. All date displays now respect the configured timezone.
Issue #3: PDF export for Accountability Roster using @react-pdf/renderer with
professional styling matching VIPSchedulePDF. Added Signal send button.
Issue #4: Fixed GPS "teleporting" gaps - syncPositions now fetches position history
per device instead of only latest position. Changed cron to every 30s, added
unique constraint on deviceId+timestamp for deduplication, lowered min interval to 10s.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Adds searchable Help/User Guide page, trims copilot tool bloat,
adds OTHER department option, and various form/layout improvements.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
- Add isRosterOnly flag for VIPs who attend but don't need transportation
- Add VIP contact fields (phone, email) and emergency contact info
- Create Reports page under Admin menu with Accountability Roster
- Report shows all VIPs (active + roster-only) with contact/emergency info
- Export to CSV functionality for emergency preparedness
- VIP list filters roster-only by default with toggle to show
- VIP form includes collapsible contact/emergency section
- Fix first-user race condition with Serializable transaction
- Remove Traccar hardcoded default credentials
- Add feature flags endpoint for optional services
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Add helmet for HTTP security headers (CSP, HSTS, X-Frame-Options, etc.)
- Add @nestjs/throttler for rate limiting (100 req/60s per IP)
- Add shared secret validation on Signal webhook endpoint
- Remove JWT token from localStorage, use Auth0 SDK memory cache
with async getAccessTokenSilently() in API interceptor
- Restrict hard delete (?hard=true) to ADMINISTRATOR role in service layer
- Replace exposed Anthropic API key with placeholder in .env
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Remove @casl/prisma (unused) from backend
- Remove @heroicons/react (unused, using lucide-react) from frontend
- Remove unused InferSubjects import from ability.factory.ts
- Remove unused Calendar import from Dashboard.tsx
- Delete stale frontend/src/lib/types.ts (duplicate of src/types/index.ts)
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- EventList VIP column: compact layout with max 2 names shown, party
size badges, "+N more" indicator, and total passenger count
- Seed service: 20 VIPs with party sizes, 8 drivers, 8 vehicles,
13 master events over 3 days with linked transport legs, realistic
capacity planning and conflict-free driver/vehicle assignments
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Replaces generic test data with a realistic BSA Jamboree scenario that
demonstrates party sizes, shared itinerary items, and linked transport
legs. Includes 6 VIPs with varying party sizes, 7 shared events, 15
transport legs, 6 vehicles, and 4 drivers.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Add partySize field to VIP model (default 1) to track total people
traveling with each VIP including entourage/handlers/spouses. Vehicle
capacity checks now sum party sizes instead of just counting VIPs.
Add masterEventId self-reference to ScheduleEvent for linking transport
legs to shared itinerary items (events, meetings, meals). When creating
a transport event, users can link it to a shared activity and VIPs
auto-populate from the linked event.
Changes:
- Schema: partySize on VIP, masterEventId on ScheduleEvent
- Backend: party-size-aware capacity checks, master/child event includes
- VIP Form: party size input with helper text
- Event Form: party-size capacity display, master event selector
- Event List: party size in capacity and VIP names, master event badges
- Command Center: all VIP names shown with party size indicators
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
When a coordinator's driver status was toggled off (soft-delete) and
then back on, the create failed because the soft-deleted record still
existed. Now checks for active vs soft-deleted driver records and
restores the existing record instead of trying to create a duplicate.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Add a "Driver" checkbox column to the User Management page. Checking it
creates a linked Driver record so the user appears in the drivers list,
can be assigned events, and enrolled for GPS tracking — without changing
their primary role. The DRIVER role checkbox is auto-checked and disabled
since being a driver is inherent to that role. Promoting a user from
DRIVER to Admin/Coordinator preserves their driver record.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Generate a QR code URL containing device ID, server URL, and update
interval that the Traccar Client app can scan to auto-configure.
The enrollment modal now shows the QR prominently with manual setup
collapsed as a fallback. Also pins Traccar to 6.11 and fixes Docker
health checks (IPv6/curl issues).
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Lowercase and strip non-alphanumeric chars from device ID
- Explicitly set disabled=false when creating device in Traccar
- Use the uniqueId returned by Traccar (ensures consistency)
- Add logging for debugging device creation
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Reverted Auth0-only approach since Traccar has openid.force=false
and the token-based login was working.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Remove dashes from device identifiers for better compatibility
- Auto-enable consent on enrollment (HR handles consent at hiring)
- Remove consent checks from location queries and UI
- Simplify Traccar Admin to use Auth0 SSO directly
- Fix server URL to return base Traccar URL (app handles port)
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Add GPS module with Traccar client service for device management
- Add driver enrollment flow with QR code generation
- Add real-time location tracking on driver profiles
- Add GPS settings configuration in admin tools
- Add Auth0 OpenID Connect setup script for Traccar
- Add deployment configs for production server
- Update nginx configs for SSL on GPS port 5055
- Add timezone setting support
- Various UI improvements and bug fixes
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- nginx stream module now terminates SSL on port 5055
- Backend returns HTTPS URL for device server
- More secure GPS data transmission
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Remove unreliable QR code scanning, add direct app store links
- Fix server URL to use HTTP (not HTTPS) for port 5055
- OsmAnd protocol doesn't use SSL
- Emphasize that official Traccar Client app is required
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
When creating a device, automatically link it to all Traccar admin users
so they can see it regardless of which account created the device.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Device server URL now derives from TRACCAR_PUBLIC_URL, returning
traccar.vip.madeamess.online:5055 instead of vip.madeamess.online:5055
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Previously TraccarClientService was trying to authenticate with default
credentials (admin/admin) before GpsService could load the actual
credentials from the database. This caused 401 errors on driver enrollment.
Now GpsService sets credentials on TraccarClientService during onModuleInit()
after loading them from the gps_settings table.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
## Signal Messaging Integration
- Added SignalService for sending messages to drivers via Signal
- SignalMessage model for tracking message history
- Driver chat modal for real-time messaging
- Send schedule via Signal (ICS + PDF attachments)
## AI Copilot
- Natural language interface for VIP Coordinator
- Capabilities: create VIPs, schedule events, assign drivers
- Help and guidance for users
- Floating copilot button in UI
## Theme System
- Dark/light/system theme support
- Color scheme selection (blue, green, purple, orange, red)
- ThemeContext for global state
- AppearanceMenu in header
## PDF Schedule Export
- VIPSchedulePDF component for schedule generation
- PDF settings (header, footer, branding)
- Preview PDF in browser
- Settings stored in database
## Database Migrations
- add_signal_messages: SignalMessage model
- add_pdf_settings: Settings model for PDF config
- add_reminder_tracking: lastReminderSent for events
- make_driver_phone_optional: phone field nullable
## Event Management
- Event status service for automated updates
- IN_PROGRESS/COMPLETED status tracking
- Reminder tracking for notifications
## UI/UX Improvements
- Driver schedule modal
- Improved My Schedule page
- Better error handling and loading states
- Responsive design improvements
## Other Changes
- AGENT_TEAM.md documentation
- Seed data improvements
- Ability factory updates
- Driver profile page
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
This commit implements comprehensive driver schedule self-service functionality,
allowing drivers to access their own schedules without requiring administrator
permissions, along with full schedule support for multi-day views.
Backend Changes:
- Added /drivers/me/* endpoints for driver self-service operations:
- GET /drivers/me - Get authenticated driver's profile
- GET /drivers/me/schedule/ics - Export driver's own schedule as ICS
- GET /drivers/me/schedule/pdf - Export driver's own schedule as PDF
- POST /drivers/me/send-schedule - Send schedule to driver via Signal
- PATCH /drivers/me - Update driver's own profile
- Added fullSchedule parameter support to schedule export service:
- Defaults to true (full upcoming schedule)
- Pass fullSchedule=false for single-day view
- Applied to ICS, PDF, and Signal message generation
- Fixed route ordering in drivers.controller.ts:
- Static routes (send-all-schedules) now come before :id routes
- Prevents path matching issues
- TypeScript improvements in copilot.service.ts:
- Fixed type errors with proper null handling
- Added explicit return types
Frontend Changes:
- Created MySchedule page with simplified driver-focused UI:
- Preview PDF button - Opens schedule PDF in new browser tab
- Send to Signal button - Sends schedule directly to driver's phone
- Uses /drivers/me/* endpoints to avoid permission issues
- No longer requires driver ID parameter
- Resolved "Forbidden Resource" errors for driver role users:
- Replaced /drivers/:id endpoints with /drivers/me endpoints
- Drivers can now access their own data without admin permissions
Key Features:
1. Full Schedule by Default - Drivers see all upcoming events, not just today
2. Self-Service Access - Drivers manage their own schedules independently
3. PDF Preview - Quick browser-based preview without downloading
4. Signal Integration - Direct schedule delivery to mobile devices
5. Role-Based Security - Proper CASL permissions for driver self-access
This resolves the driver schedule access issue and provides a streamlined
experience for drivers to view and share their schedules.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Changed global prefix to use 'v1' in production instead of 'api/v1'
- App Platform ingress routes /api to backend, so backend only needs /v1 prefix
- Maintains backward compatibility: dev uses /api/v1, prod uses /v1
Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
- Remove hardcoded test@test.com auto-approval
- Count approved users instead of total users
- Only first user gets auto-approved as ADMINISTRATOR
- Subsequent users default to DRIVER role and require approval
Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
Removed old/unused configuration files:
- .env (root) - Old Google OAuth production credentials (not used)
- .env.example (root) - Old Google OAuth template (replaced by Auth0)
- docker-compose.dev.yml - Old Keycloak setup (replaced by Auth0)
- Makefile - Unused build automation
Improved environment configuration:
- Created frontend/.env.example - Auth0 template for frontend
- Updated backend/.env.example:
- Fixed port numbers (5433 for postgres, 6380 for redis)
- Added clearer Auth0 setup instructions
- Matches docker-compose.yml port configuration
Current setup:
- docker-compose.yml - PostgreSQL & Redis services (in use)
- backend/.env - Auth0 credentials (in use, not committed)
- frontend/.env - Auth0 credentials (in use, not committed)
- *.env.example files - Templates for new developers
All old Google OAuth and Keycloak references removed.
Application now runs on Auth0 only.
Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
Complete rewrite from Express to NestJS with enterprise-grade features:
## Backend Improvements
- Migrated from Express to NestJS 11.0.1 with TypeScript
- Implemented Prisma ORM 7.3.0 for type-safe database access
- Added CASL authorization system replacing role-based guards
- Created global exception filters with structured logging
- Implemented Auth0 JWT authentication with Passport.js
- Added vehicle management with conflict detection
- Enhanced event scheduling with driver/vehicle assignment
- Comprehensive error handling and logging
## Frontend Improvements
- Upgraded to React 19.2.0 with Vite 7.2.4
- Implemented CASL-based permission system
- Added AbilityContext for declarative permissions
- Created ErrorHandler utility for consistent error messages
- Enhanced API client with request/response logging
- Added War Room (Command Center) dashboard
- Created VIP Schedule view with complete itineraries
- Implemented Vehicle Management UI
- Added mock data generators for testing (288 events across 20 VIPs)
## New Features
- Vehicle fleet management (types, capacity, status tracking)
- Complete 3-day Jamboree schedule generation
- Individual VIP schedule pages with PDF export (planned)
- Real-time War Room dashboard with auto-refresh
- Permission-based navigation filtering
- First user auto-approval as administrator
## Documentation
- Created CASL_AUTHORIZATION.md (comprehensive guide)
- Created ERROR_HANDLING.md (error handling patterns)
- Updated CLAUDE.md with new architecture
- Added migration guides and best practices
## Technical Debt Resolved
- Removed custom authentication in favor of Auth0
- Replaced role checks with CASL abilities
- Standardized error responses across API
- Implemented proper TypeScript typing
- Added comprehensive logging
Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
