pgz-sport

damir/pgz-sport

Fork 0

Commit Graph

Author	SHA1	Message	Date
claude-cc1	cf993b0221	CC1 R4-A1+A2 — audit log + stats endpoints + audit_log() helper - GET /sport/api/audit/log?limit=&action=&resource=&q=&user=&since= Filters pgz_sport.sys_audit; returns normalised items list + total count. Aliases target_type → resource_type for the audit.html UI. Lifts tx_hash from payload.tx_hash / polygon_tx / seal_tx_hash. - GET /sport/api/audit/stats — {total, today, sealed, users} sealed counts rows whose payload jsonb has tx_hash key (or polygon_tx). - audit_log() shared helper for cc2/cc4/cc5/cc6 to call after DB writes. Fail-soft: never raises, writes traceback to stderr if insert fails. trg_audit_chain on table fills row_hash + chain_idx automatically. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>	2026-05-05 00:45:20 +02:00
Damir Radulić	8fe2478b84	CC2 R3 frontend: login.html + admin_users.html (M1+M2+M10 UI) - static/login.html: dark Palantir-style login with PGŽ branding, Prijava se / Zaboravljena lozinka, demo account quick-fills, GDPR cookie banner, autostore tokens (local/session) - static/admin_users.html: full user-management admin panel: - Collapsible left sidebar (Pregled, Korisnici, Tenanti, Audit log, Sigurnost, GDPR, links to ERP/CRM) - Users table with filters (q, tenant, role, status, limit) - + Dodaj korisnika modal (CRUD via /api/admin/users/*) - Suspend / unsuspend / reset-password / delete actions - Audit log viewer + Security KPIs + GDPR queue - Self-service: change pwd, export data (Art. 20), erasure request (Art. 17) - pgz_sport_api.py: /login and /admin/users URL routes - auth/seed_demo.py: added tajnik@atletski.pgz.hr/Atl2026!, admin@ak-kvarner.hr/Kvarner2026! demo users 5/5 live tests pass: login JWT, /me, /admin/users, /gdpr/consent, /gdpr/export Note: existing admin.html (CC4 ERP/OCR work) preserved intact; admin_users.html is dedicated user-mgmt page linked from sidebar.	2026-05-05 00:20:03 +02:00

Author

SHA1

Message

Date

claude-cc1

cf993b0221

CC1 R4-A1+A2 — audit log + stats endpoints + audit_log() helper

- GET /sport/api/audit/log?limit=&action=&resource=&q=&user=&since=
  Filters pgz_sport.sys_audit; returns normalised items list + total count.
  Aliases target_type → resource_type for the audit.html UI.
  Lifts tx_hash from payload.tx_hash / polygon_tx / seal_tx_hash.
- GET /sport/api/audit/stats — {total, today, sealed, users}
  sealed counts rows whose payload jsonb has tx_hash key (or polygon_tx).
- audit_log() shared helper for cc2/cc4/cc5/cc6 to call after DB writes.
  Fail-soft: never raises, writes traceback to stderr if insert fails.
  trg_audit_chain on table fills row_hash + chain_idx automatically.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>

2026-05-05 00:45:20 +02:00

Damir Radulić

8fe2478b84

CC2 R3 frontend: login.html + admin_users.html (M1+M2+M10 UI)

- static/login.html: dark Palantir-style login with PGŽ branding,
  Prijava se / Zaboravljena lozinka, demo account quick-fills,
  GDPR cookie banner, autostore tokens (local/session)
- static/admin_users.html: full user-management admin panel:
  - Collapsible left sidebar (Pregled, Korisnici, Tenanti, Audit log,
    Sigurnost, GDPR, links to ERP/CRM)
  - Users table with filters (q, tenant, role, status, limit)
  - + Dodaj korisnika modal (CRUD via /api/admin/users/*)
  - Suspend / unsuspend / reset-password / delete actions
  - Audit log viewer + Security KPIs + GDPR queue
  - Self-service: change pwd, export data (Art. 20), erasure request (Art. 17)
- pgz_sport_api.py: /login and /admin/users URL routes
- auth/seed_demo.py: added tajnik@atletski.pgz.hr/Atl2026!,
  admin@ak-kvarner.hr/Kvarner2026! demo users

5/5 live tests pass: login JWT, /me, /admin/users, /gdpr/consent, /gdpr/export

Note: existing admin.html (CC4 ERP/OCR work) preserved intact;
admin_users.html is dedicated user-mgmt page linked from sidebar.

2026-05-05 00:20:03 +02:00

2 Commits