- Dark gradient background (slate-950/blue-950) with ambient blur effects
- Circular logo centered with dual-ring frosted glass design
- Heartbeat breathing animation (3s cycle) with glow pulse on outer ring
- Gradient sign-in button with hover shadow effects
- Removed "first user" warning, replaced with subtle "authorized personnel" note
- Closes#5 and #6
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Issue #1: QR button on GPS Devices tab for re-enrollment
Issue #2: App-wide timezone setting with TimezoneContext, useFormattedDate hook,
and admin timezone selector. All date displays now respect the configured timezone.
Issue #3: PDF export for Accountability Roster using @react-pdf/renderer with
professional styling matching VIPSchedulePDF. Added Signal send button.
Issue #4: Fixed GPS "teleporting" gaps - syncPositions now fetches position history
per device instead of only latest position. Changed cron to every 30s, added
unique constraint on deviceId+timestamp for deduplication, lowered min interval to 10s.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Adds searchable Help/User Guide page, trims copilot tool bloat,
adds OTHER department option, and various form/layout improvements.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
- Add isRosterOnly flag for VIPs who attend but don't need transportation
- Add VIP contact fields (phone, email) and emergency contact info
- Create Reports page under Admin menu with Accountability Roster
- Report shows all VIPs (active + roster-only) with contact/emergency info
- Export to CSV functionality for emergency preparedness
- VIP list filters roster-only by default with toggle to show
- VIP form includes collapsible contact/emergency section
- Fix first-user race condition with Serializable transaction
- Remove Traccar hardcoded default credentials
- Add feature flags endpoint for optional services
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Add helmet for HTTP security headers (CSP, HSTS, X-Frame-Options, etc.)
- Add @nestjs/throttler for rate limiting (100 req/60s per IP)
- Add shared secret validation on Signal webhook endpoint
- Remove JWT token from localStorage, use Auth0 SDK memory cache
with async getAccessTokenSilently() in API interceptor
- Restrict hard delete (?hard=true) to ADMINISTRATOR role in service layer
- Replace exposed Anthropic API key with placeholder in .env
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Remove @casl/prisma (unused) from backend
- Remove @heroicons/react (unused, using lucide-react) from frontend
- Remove unused InferSubjects import from ability.factory.ts
- Remove unused Calendar import from Dashboard.tsx
- Delete stale frontend/src/lib/types.ts (duplicate of src/types/index.ts)
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- EventList VIP column: compact layout with max 2 names shown, party
size badges, "+N more" indicator, and total passenger count
- Seed service: 20 VIPs with party sizes, 8 drivers, 8 vehicles,
13 master events over 3 days with linked transport legs, realistic
capacity planning and conflict-free driver/vehicle assignments
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Replaces generic test data with a realistic BSA Jamboree scenario that
demonstrates party sizes, shared itinerary items, and linked transport
legs. Includes 6 VIPs with varying party sizes, 7 shared events, 15
transport legs, 6 vehicles, and 4 drivers.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Add partySize field to VIP model (default 1) to track total people
traveling with each VIP including entourage/handlers/spouses. Vehicle
capacity checks now sum party sizes instead of just counting VIPs.
Add masterEventId self-reference to ScheduleEvent for linking transport
legs to shared itinerary items (events, meetings, meals). When creating
a transport event, users can link it to a shared activity and VIPs
auto-populate from the linked event.
Changes:
- Schema: partySize on VIP, masterEventId on ScheduleEvent
- Backend: party-size-aware capacity checks, master/child event includes
- VIP Form: party size input with helper text
- Event Form: party-size capacity display, master event selector
- Event List: party size in capacity and VIP names, master event badges
- Command Center: all VIP names shown with party size indicators
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Add real-time GPS status dots on driver names throughout the Command Center:
- Green pulsing dot for drivers seen within 10 minutes, gray for inactive
- Clickable dots open a satellite map modal centered on the driver's position
- GPS dots appear in Active NOW cards, Upcoming cards, and In Use vehicles
- Replace Quick Actions panel with Active Drivers panel showing GPS-active
drivers with speed and last seen time, with compact quick-link icons below
- New DriverLocationModal shows Leaflet satellite map at zoom 16 with
speed, heading, battery, and last seen info grid
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
The MapFitBounds component was calling fitBounds on every 30-second
location refresh, overriding the user's current view. Now only fits
bounds on the initial load so users can pan and zoom freely without
interruption.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Replace OpenStreetMap tiles with Esri World Imagery for high-resolution
satellite view on the GPS Tracking live map.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
When a coordinator's driver status was toggled off (soft-delete) and
then back on, the create failed because the soft-deleted record still
existed. Now checks for active vs soft-deleted driver records and
restores the existing record instead of trying to create a duplicate.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Replaces separate /drivers and /vehicles routes with a single /fleet
page using tabs. Old routes redirect for backward compatibility.
Navigation sidebar now shows one "Fleet" item instead of two.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Add a "Driver" checkbox column to the User Management page. Checking it
creates a linked Driver record so the user appears in the drivers list,
can be assigned events, and enrolled for GPS tracking — without changing
their primary role. The DRIVER role checkbox is auto-checked and disabled
since being a driver is inherent to that role. Promoting a user from
DRIVER to Admin/Coordinator preserves their driver record.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
The useGpsDevices query was missing refetchInterval, so the Last Active
timestamp on the Enrolled Devices page only updated on initial page load.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Generate a QR code URL containing device ID, server URL, and update
interval that the Traccar Client app can scan to auto-configure.
The enrollment modal now shows the QR prominently with manual setup
collapsed as a fallback. Also pins Traccar to 6.11 and fixes Docker
health checks (IPv6/curl issues).
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Lowercase and strip non-alphanumeric chars from device ID
- Explicitly set disabled=false when creating device in Traccar
- Use the uniqueId returned by Traccar (ensures consistency)
- Add logging for debugging device creation
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Reverted Auth0-only approach since Traccar has openid.force=false
and the token-based login was working.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Remove dashes from device identifiers for better compatibility
- Auto-enable consent on enrollment (HR handles consent at hiring)
- Remove consent checks from location queries and UI
- Simplify Traccar Admin to use Auth0 SSO directly
- Fix server URL to return base Traccar URL (app handles port)
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Add GPS module with Traccar client service for device management
- Add driver enrollment flow with QR code generation
- Add real-time location tracking on driver profiles
- Add GPS settings configuration in admin tools
- Add Auth0 OpenID Connect setup script for Traccar
- Add deployment configs for production server
- Update nginx configs for SSL on GPS port 5055
- Add timezone setting support
- Various UI improvements and bug fixes
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- nginx stream module now terminates SSL on port 5055
- Backend returns HTTPS URL for device server
- More secure GPS data transmission
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Remove unreliable QR code scanning, add direct app store links
- Fix server URL to use HTTP (not HTTPS) for port 5055
- OsmAnd protocol doesn't use SSL
- Emphasize that official Traccar Client app is required
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
When creating a device, automatically link it to all Traccar admin users
so they can see it regardless of which account created the device.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Device server URL now derives from TRACCAR_PUBLIC_URL, returning
traccar.vip.madeamess.online:5055 instead of vip.madeamess.online:5055
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Previously TraccarClientService was trying to authenticate with default
credentials (admin/admin) before GpsService could load the actual
credentials from the database. This caused 401 errors on driver enrollment.
Now GpsService sets credentials on TraccarClientService during onModuleInit()
after loading them from the gps_settings table.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
## Signal Messaging Integration
- Added SignalService for sending messages to drivers via Signal
- SignalMessage model for tracking message history
- Driver chat modal for real-time messaging
- Send schedule via Signal (ICS + PDF attachments)
## AI Copilot
- Natural language interface for VIP Coordinator
- Capabilities: create VIPs, schedule events, assign drivers
- Help and guidance for users
- Floating copilot button in UI
## Theme System
- Dark/light/system theme support
- Color scheme selection (blue, green, purple, orange, red)
- ThemeContext for global state
- AppearanceMenu in header
## PDF Schedule Export
- VIPSchedulePDF component for schedule generation
- PDF settings (header, footer, branding)
- Preview PDF in browser
- Settings stored in database
## Database Migrations
- add_signal_messages: SignalMessage model
- add_pdf_settings: Settings model for PDF config
- add_reminder_tracking: lastReminderSent for events
- make_driver_phone_optional: phone field nullable
## Event Management
- Event status service for automated updates
- IN_PROGRESS/COMPLETED status tracking
- Reminder tracking for notifications
## UI/UX Improvements
- Driver schedule modal
- Improved My Schedule page
- Better error handling and loading states
- Responsive design improvements
## Other Changes
- AGENT_TEAM.md documentation
- Seed data improvements
- Ability factory updates
- Driver profile page
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
This commit implements comprehensive driver schedule self-service functionality,
allowing drivers to access their own schedules without requiring administrator
permissions, along with full schedule support for multi-day views.
Backend Changes:
- Added /drivers/me/* endpoints for driver self-service operations:
- GET /drivers/me - Get authenticated driver's profile
- GET /drivers/me/schedule/ics - Export driver's own schedule as ICS
- GET /drivers/me/schedule/pdf - Export driver's own schedule as PDF
- POST /drivers/me/send-schedule - Send schedule to driver via Signal
- PATCH /drivers/me - Update driver's own profile
- Added fullSchedule parameter support to schedule export service:
- Defaults to true (full upcoming schedule)
- Pass fullSchedule=false for single-day view
- Applied to ICS, PDF, and Signal message generation
- Fixed route ordering in drivers.controller.ts:
- Static routes (send-all-schedules) now come before :id routes
- Prevents path matching issues
- TypeScript improvements in copilot.service.ts:
- Fixed type errors with proper null handling
- Added explicit return types
Frontend Changes:
- Created MySchedule page with simplified driver-focused UI:
- Preview PDF button - Opens schedule PDF in new browser tab
- Send to Signal button - Sends schedule directly to driver's phone
- Uses /drivers/me/* endpoints to avoid permission issues
- No longer requires driver ID parameter
- Resolved "Forbidden Resource" errors for driver role users:
- Replaced /drivers/:id endpoints with /drivers/me endpoints
- Drivers can now access their own data without admin permissions
Key Features:
1. Full Schedule by Default - Drivers see all upcoming events, not just today
2. Self-Service Access - Drivers manage their own schedules independently
3. PDF Preview - Quick browser-based preview without downloading
4. Signal Integration - Direct schedule delivery to mobile devices
5. Role-Based Security - Proper CASL permissions for driver self-access
This resolves the driver schedule access issue and provides a streamlined
experience for drivers to view and share their schedules.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Comprehensive documentation of production deployment to Digital Ocean
- Includes all configuration details, environment variables, and troubleshooting
- Documents all issues encountered and their resolutions
- Provides quick reference for future deployments
Production site: https://vip.madeamess.online
App ID: 5804ff4f-df62-40f4-bdb3-a6818fd5aab2
Cost: $17/month (fully managed)
Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
- Changed global prefix to use 'v1' in production instead of 'api/v1'
- App Platform ingress routes /api to backend, so backend only needs /v1 prefix
- Maintains backward compatibility: dev uses /api/v1, prod uses /v1
Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
- Create App Platform deployment spec (.do/app.yaml)
- Add comprehensive APP_PLATFORM_DEPLOYMENT.md guide
- Configure Docker Hub as container registry
- Set up managed PostgreSQL database
- Configure auto-SSL and custom domain support
- Total cost: ~$17/month (vs $24+ for droplets)
Images available on Docker Hub:
- t72chevy/vip-coordinator-backend:latest
- t72chevy/vip-coordinator-frontend:latest
Images also available on Gitea:
- gitea.madeamess.online/kyle/vip-coordinator/backend:latest
- gitea.madeamess.online/kyle/vip-coordinator/frontend:latest
Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
- Remove hardcoded test@test.com auto-approval
- Count approved users instead of total users
- Only first user gets auto-approved as ADMINISTRATOR
- Subsequent users default to DRIVER role and require approval
Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
Removed from repository but kept locally for development:
- .github/workflows/ - GitHub Actions (Gitea uses .gitea/workflows/)
- frontend/e2e/ - Playwright E2E tests (development only)
Added to .gitignore:
- .github/ - GitHub-specific CI/CD (not used on Gitea)
- frontend/e2e/ - E2E tests kept locally for testing
- **/playwright-report/ - Test result reports
- **/test-results/ - Test artifacts
These files remain on local machine for development/testing
but are excluded from repository to reduce clutter.
Note: Gitea uses .gitea/workflows/ for CI, not .github/workflows/
Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
Removed files only needed for Claude AI development workflow:
- CLAUDE.md - AI context documentation (not needed to run app)
- .claude/settings.local.json - Claude Code CLI settings
Added to .gitignore:
- .claude/ - Claude Code CLI configuration directory
- CLAUDE.md - AI context file
These files are kept locally for development but excluded from repository.
Application does not require these files to function.
Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
Removed old/unused configuration files:
- .env (root) - Old Google OAuth production credentials (not used)
- .env.example (root) - Old Google OAuth template (replaced by Auth0)
- docker-compose.dev.yml - Old Keycloak setup (replaced by Auth0)
- Makefile - Unused build automation
Improved environment configuration:
- Created frontend/.env.example - Auth0 template for frontend
- Updated backend/.env.example:
- Fixed port numbers (5433 for postgres, 6380 for redis)
- Added clearer Auth0 setup instructions
- Matches docker-compose.yml port configuration
Current setup:
- docker-compose.yml - PostgreSQL & Redis services (in use)
- backend/.env - Auth0 credentials (in use, not committed)
- frontend/.env - Auth0 credentials (in use, not committed)
- *.env.example files - Templates for new developers
All old Google OAuth and Keycloak references removed.
Application now runs on Auth0 only.
Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
Removed 5 obsolete documentation files from June-July 2025:
- DEPLOYMENT.md - Referenced Google OAuth (we now use Auth0)
- SETUP_GUIDE.md - Referenced Google OAuth and Express (we use NestJS)
- TESTING.md - Referenced Jest/Vitest (we now use Playwright)
- TESTING_QUICKSTART.md - Same as above
- TESTING_SETUP_SUMMARY.md - Old testing infrastructure summary
Current documentation is maintained in:
- README.md (comprehensive guide)
- CLAUDE.md (project overview)
- frontend/PLAYWRIGHT_GUIDE.md (current testing guide)
- QUICKSTART.md (current setup guide)
- And 4 recent production docs from Jan 24, 2026
Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
Updated README.md from 312 to 640 lines with current, accurate documentation:
Major Updates:
- Current technology stack (NestJS 11, React 19, Prisma 7.3, PostgreSQL 16)
- Auth0 authentication documentation (replaced generic OAuth)
- Unified Activity System explanation (single ScheduleEvent model)
- Multi-VIP support with ridesharing capabilities
- Search & filtering features across 8 fields
- Sortable columns documentation
- Complete API endpoint reference (/api/v1/*)
- Database schema in TypeScript format
- Playwright testing guide
- Common issues & troubleshooting
- Production deployment checklist
- BSA Jamboree-specific context
New Sections Added:
- Comprehensive feature list with role-based permissions
- Accurate setup instructions with correct ports
- Environment variable configuration
- Database migration guide
- Troubleshooting with specific error messages and fixes
- Development workflow documentation
- Changelog documenting v2.0.0 breaking changes
This brings the README in sync with the unified activity system overhaul.
Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
Complete rewrite from Express to NestJS with enterprise-grade features:
## Backend Improvements
- Migrated from Express to NestJS 11.0.1 with TypeScript
- Implemented Prisma ORM 7.3.0 for type-safe database access
- Added CASL authorization system replacing role-based guards
- Created global exception filters with structured logging
- Implemented Auth0 JWT authentication with Passport.js
- Added vehicle management with conflict detection
- Enhanced event scheduling with driver/vehicle assignment
- Comprehensive error handling and logging
## Frontend Improvements
- Upgraded to React 19.2.0 with Vite 7.2.4
- Implemented CASL-based permission system
- Added AbilityContext for declarative permissions
- Created ErrorHandler utility for consistent error messages
- Enhanced API client with request/response logging
- Added War Room (Command Center) dashboard
- Created VIP Schedule view with complete itineraries
- Implemented Vehicle Management UI
- Added mock data generators for testing (288 events across 20 VIPs)
## New Features
- Vehicle fleet management (types, capacity, status tracking)
- Complete 3-day Jamboree schedule generation
- Individual VIP schedule pages with PDF export (planned)
- Real-time War Room dashboard with auto-refresh
- Permission-based navigation filtering
- First user auto-approval as administrator
## Documentation
- Created CASL_AUTHORIZATION.md (comprehensive guide)
- Created ERROR_HANDLING.md (error handling patterns)
- Updated CLAUDE.md with new architecture
- Added migration guides and best practices
## Technical Debt Resolved
- Removed custom authentication in favor of Auth0
- Replaced role checks with CASL abilities
- Standardized error responses across API
- Implemented proper TypeScript typing
- Added comprehensive logging
Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
