javier/construprogress
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
49 Commits 1 Branch 1 Tag
f8a1310c0fa16036070416dad6a8f2db5ab4b73e
Commit Graph

40 Commits

Author SHA1 Message Date
javier f8a1310c0f security: fix 27 vulnerabilities + UI integration (Issues tab, project nav, validation) 
Security fixes (27 vulnerabilities across 20 files):
CRITICAL:
- MediaManager: whitelist mediable types prevents RCE via class instantiation
- MediaManager/OfflineSyncController: IDOR fixes, remove Auth::id()??1 fallback
- ClientProjects: verify project ownership on all mutations (IDOR)
- CompanyManagement: Admin role check on mount() and mutations (auth bypass)
- ProjectMap: scope feature/template lookups to current project (IDOR x5)
- PhaseList/TemplateManager/LayerManager: scope mutations to owned resources (IDOR)
- ProjectEditTabs: Gate::authorize on mount() and updateProject()
- routes/web.php: reports routes moved inside can:manage all middleware (auth bypass)

MEDIUM:
- layer-manager: escapeHtml() on Leaflet popup interpolations (XSS)
- MediaManager: server-side MIME validation + 50MB limit
- ProjectList/ProjectUsers/ProjectCompanies/PhaseProgress: auth checks added
- AdminUsers/ReportsDashboard/ExportController: role/permission checks added

LOW:
- config/session.php: secure cookie tied to production env
- OfflineSyncController: sanitize storage path (path traversal)

UI integration:
- project-map: Issues tab (4th) with open-count badge
- project-map: project navigation bar (Dashboard/Map/Gantt/Report/Issues)
- project-dashboard: action buttons for Map/Gantt/Report/Issues
- project-form: validation error summary + per-field @error spans
- template-manager: validation error display

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-06-16 18:25:36 +02:00
javier 7d854ffb0a feat: i18n, language switcher fix, DataTable improvements, blade translations 
- Translation system: lang/es/ PHP files (auth, validation, pagination, passwords)
- Rappasoft vendor translations published (lang/vendor/livewire-tables/es/)
- JSON files synced to 391 keys (EN + ES, full parity)
- APP_LOCALE changed to 'es', users.locale column default changed to 'es'
- Language switcher fixed: JS event + window.location.reload() avoids /livewire/update redirect
- SetLocale middleware fallback uses config('app.locale') instead of hardcoded 'en'
- setSortingPillsEnabled(false) on ProjectTable, CompanyTable, UserTable
- Translated 17 blade views: project-map, template-manager, layer-manager,
  company-management, phase-list, media-manager, reports-dashboard,
  client-projects, layer-upload, project-form, project-map-editor-tab,
  admin/users, projects/media, projects/templates, layouts/client
- Navigation 'Empresas' link uses __('Companies')
- Fixed typo key 'Fases and layers' -> 'Phases and layers'

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-06-16 18:05:53 +02:00
javier 052e1397df Fix: Corrected structural error in project-map Livewire component (multiple root elements). Moved closing </div> after @push('scripts') to ensure single root element. 2026-05-28 13:07:14 +02:00
javier 02e99329eb Add tabs to project map: Edit, Features, Inspections. Features and Inspections tabs show all items. 2026-05-27 22:40:45 +02:00
javier cf3d32a6fa Add interactive map to project form for setting coordinates and updating address/country 2026-05-27 20:28:44 +02:00
javier 52f586f815 Fix: selectFeature and window.openViewer JS syntax in project-map.blade.php 2026-05-27 19:48:29 +02:00
javier 2da0eb817e feat: Add tabs to project map right column with element selector, inspection history and media viewer 2026-05-27 11:56:44 +02:00
javier 971420ebaa feat: Add language switcher to client portal header for desktop view 2026-05-27 10:12:57 +02:00
javier 0f720567c3 feat: Register background sync for offline actions when queued or stored 2026-05-27 09:29:44 +02:00
javier 0bf2d82ee1 Implement company management with logo, nickname, status fields; add filters by type and estado; CSV export functionality 2026-05-27 01:33:27 +02:00
javier 4ab7935c17 feat: Add change orders system with client approval/rejection and integrate with client portal 2026-05-25 19:08:06 +02:00
javier 07ffce437f feat: Add offline media capture capability and enhance offline sync system with comprehensive action type support 2026-05-25 18:41:54 +02:00
javier d4d5097fe2 feat: Enhance offline sync system with support for multiple action types (progress_update, inspection, feature_create, media_upload) and improved error handling 2026-05-25 17:59:03 +02:00
javier c556a4910b feat: Add Excel export functionality for reports (projects, phases, inspections) using maatwebsite/excel 2026-05-25 17:21:25 +02:00
javier 8ca8dfbccc feat: Add client portal with project selection, progress overview, gallery, and change order approval 2026-05-25 15:57:06 +02:00
javier 4f5569a156 feat: Add reports dashboard with Chart.js analytics and PWA improvements (Avante) 2026-05-25 14:38:49 +02:00
javier dbe43a04f3 feat: Add language switcher to responsive settings dropdown 2026-05-14 13:06:11 +02:00
javier 61910d366f feat: Add language switcher to guest layout 2026-05-14 12:58:27 +02:00
javier 2c2e8fde7d feat: Add PWA support (manifest, service worker) and Companies tab to project edit 2026-05-14 12:53:24 +02:00
javier 4f4e83bc66 Actualizar resources/views/projects/edit.blade.php 
funciona
 2026-05-14 10:19:32 +02:00
javier a9000d453e feat: Add company association to projects with role management 
- Created Company model and migration with fields: name, tax_id, address, phone, email, website, type, notes
- Created company_project pivot table with role_in_project field
- Added relationships: Project.companies() and Company.projects()
- Created Livewire component ProjectCompanies for managing company assignments
- Added 'Companies' tab to project edit interface alongside Phases and Users tabs
- Implemented assign/remove company functionality with role selection
- Applied same permissions logic as user assignment (assign users permission or Admin role)
 2026-05-13 11:20:33 +02:00
javier 4af4387b1e Implement Rappasoft Livewire Tables for project list and replace old component 2026-05-12 14:04:07 +02:00
javier 0bc3ca3d3e Create reusable Livewire component for project edit tabs and replace manual tabs implementation 2026-05-12 12:06:17 +02:00
javier 65254a0dfa Fix project edit view: implement DaisyUI tabs for project data, phases, and users 2026-05-12 09:51:56 +02:00
javier 86dcf960a7 Refactor project edit view: split into tabs for project data, phases, and users 2026-05-12 09:17:28 +02:00
javier 53df28068c Fix: Corrected JavaScript syntax in project-map Blade template (selectFeature and window.openViewer calls). Feat: Enhanced templates page with clearer button text and explanatory text for generic template creation. 2026-05-11 23:27:14 +02:00
javier 7959d44211 fix: Corrected syntax error in project-map Blade template that was preventing map loading; fixed @json() syntax to !!json_encode()!! 2026-05-11 18:13:05 +02:00
javier a4547d4bda feat: Add new template button to templates page and improve template creation form 2026-05-11 16:36:16 +02:00
javier c574e67d71 Add 'Nuevo template' button to template manager 2026-05-11 15:32:00 +02:00
javier 436e3ba5cf Add phase selection to template manager and create new template button 2026-05-11 15:28:16 +02:00
javier 8662e092df Add quick links to projects list and user management in admin view 2026-05-11 13:14:26 +02:00
javier 472a1fdee0 Fix: Capas desaparecen al deseleccionar en mapa principal - corregir manejo de parámetros Livewire en event listener layersUpdated; actualizar configuración Tailwind para DaisyUI 2026-05-11 11:54:19 +02:00
javier 2cb10b0854 Gestión de usuarios por proyecto: ProjectUsers Livewire, AdminUsers, panel admin con roles, protección de rutas 2026-05-09 23:32:22 +02:00
javier 3e8b6f1eb3 Sistema multilingüe EN/ES: middleware SetLocale, LanguageSwitcher, campo locale en users, traducciones en dashboard/mapa/proyectos/gestores 2026-05-09 23:14:48 +02:00
javier 8f7b9aa09b Sistema de archivos multimedia: MediaManager, checkbox imágenes en mapa, modal visor, subida por feature/proyecto 2026-05-09 22:28:20 +02:00
javier dabd35091a Mapa: panel de fases con acceso a gestionar capas y progreso, editor funcional, saveFeatureProgress, onTemplateChange 2026-05-09 21:30:46 +02:00
javier 2a300241f9 Dashboard con stats, LayerUpload funcional, PhaseProgress eager-loading, README actualizado 2026-05-09 21:17:36 +02:00
javier 7461bd9124 feat: implementar modal gestión capas y limpieza de stubs duplicados 2026-05-08 09:01:00 +02:00
javier 199fb487c2 fix: correcciones parciales - ProjectController, ProfileController, Phase features, project-map JS 2026-05-08 01:16:20 +02:00
javier 156aa14bbb Initial commit - construprogress app 2026-05-07 23:31:33 +02:00