rede5/gohorsejobs
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions 1
501 commits 2 branches 0 tags 140 MiB
Commit graph

44 commits

Author SHA1 Message Date
Yamamoto
3cd52accfb feat: infrastructure updates, storage verification, and superadmin reset 
1. Auth: Implemented forced password reset for SuperAdmin and updated login logic.

2. Infra: Switched backend to internal Postgres and updated .drone.yml.

3. Storage: Added Test Connection endpoint and UI in Backoffice.

4. CI/CD: Updated Forgejo deploy pipeline to include Seeder and use Internal Registry.
 2026-01-02 16:36:31 -03:00
Tiago Yamamoto
6cd8c02252 feat: add test coverage and handler improvements 
- Add new test files for handlers (storage, payment, settings)
- Add new test files for services (chat, email, storage, settings, admin)
- Add integration tests for services
- Update handler implementations with bug fixes
- Add coverage reports and test documentation
 2026-01-02 08:50:29 -03:00
Tiago Yamamoto
d79fa8e97a feat: increase test coverage backend/frontend and setup e2e 2026-01-01 10:54:58 -03:00
Tiago Yamamoto
c26ad578b9 feat: migrate credentials management to backoffice nestjs 2025-12-31 16:25:32 -03:00
Tiago Yamamoto
2e7da0b28e feat: add backoffice credentials page and backend support 2025-12-31 16:13:27 -03:00
Tiago Yamamoto
e637117f40 feat(security): migrate auth to httpOnly cookies - Frontend: remove localStorage tokens, use sessionStorage for user data, add credentials include - Backend: add logout endpoint to clear cookie 2025-12-31 15:16:45 -03:00
Tiago Yamamoto
69534f5810 docs: update roadmap and add admin handler tests 2025-12-28 03:04:18 -03:00
Tiago Yamamoto
a5323a4eaf fix(backend): fix AdminService tests and expand CoreHandlers coverage 2025-12-28 02:32:57 -03:00
Tiago Yamamoto
6c87078200 test: increase backend test coverage - sanitizer, middleware, handlers, services 
- Add tests for SanitizeEmail, SanitizeDescription, DefaultSanitizer
- Add AuthMiddleware and RequireRole tests
- Add admin_handlers_test.go and location_handlers_test.go
- Expand application_service_test.go with more methods
 2025-12-28 01:48:12 -03:00
Tiago Yamamoto
b79566aad7 docs: update backend api docs and swagger 2025-12-28 00:29:34 -03:00
Tiago Yamamoto
786ef42d8a feat: add complete support ticket CRUD operations 
Backend Service:
- UpdateTicket: update status/priority (owner or admin)
- CloseTicket: convenience method to set status=closed
- DeleteTicket: admin only, removes ticket and messages
- ListAllTickets: admin only, with optional status filter

Handlers:
- PATCH /api/v1/support/tickets/{id} - update ticket
- PATCH /api/v1/support/tickets/{id}/close - close ticket
- DELETE /api/v1/support/tickets/{id} - delete ticket (admin)
- GET /api/v1/support/tickets/all - list all tickets (admin)

All endpoints with Swagger annotations
 2025-12-26 16:16:05 -03:00
Tiago Yamamoto
4712193ade docs: add Swagger annotations for Company UPDATE and DELETE endpoints 
- PATCH /api/v1/companies/{id} - Update Company
- DELETE /api/v1/companies/{id} - Delete Company
- Both endpoints require admin authentication
 2025-12-26 16:08:26 -03:00
Tiago Yamamoto
fb79e987bb feat: add location selector and contract types 
Backend:
- Created LocationHandler, LocationService, LocationRepository
- Added endpoints: GET /api/v1/locations/countries, states, cities, search
- Added migration 029_expand_employment_types.sql with new contract types (permanent, training, temporary, voluntary)
- Fixed .gitignore to allow internal/api folder

Frontend:
- Created LocationPicker component with country dropdown and city/state autocomplete search
- Integrated LocationPicker into PostJobPage
- Updated contract type options in job form (Permanent, Contract, Training, Temporary, Voluntary)
- Added locationsApi with search functionality to api.ts
 2025-12-26 15:18:16 -03:00
Tiago Yamamoto
841b1d780c feat: Email System, Avatar Upload, Email Templates UI, and Public Job Posting 
- Backend: Email producer (LavinMQ), EmailService interface
- Backend: CRUD API for email_templates and email_settings
- Backend: avatar_url field in users table + UpdateMyProfile support
- Backend: StorageService for pre-signed URLs
- NestJS: Email consumer with Nodemailer and Handlebars
- Frontend: Email Templates admin pages (list/edit)
- Frontend: Updated profileApi.uploadAvatar with pre-signed URL flow
- Frontend: New /post-job public page (company registration + job creation wizard)
- Migrations: 027_create_email_system.sql, 028_add_avatar_url_to_users.sql
 2025-12-26 12:21:34 -03:00
Tiago Yamamoto
b1639dbcd8 Implement secure Stripe credential management using RSA encryption 2025-12-26 11:03:52 -03:00
Tiago Yamamoto
722e72cdbd Implement FCM Token Management (DB, Backend, Frontend, Backoffice) 2025-12-26 10:41:50 -03:00
Tiago Yamamoto
ee5a680468 Add missing CRUD routes: Companies GET by ID, Support Tickets 2025-12-26 10:20:38 -03:00
Tiago Yamamoto
fb98016afc Refactor RBAC: Admin sees only their company data, Superadmin sees all 2025-12-26 10:05:57 -03:00
Tiago Yamamoto
f9c9293a19 Fix undefined middleware.GetRequestID in backend 2025-12-26 09:58:33 -03:00
Tiago Yamamoto
e0b16e5b29 Fix profile 404/500 and user deletion 403 2025-12-26 09:55:19 -03:00
Tiago Yamamoto
f51a8dd99c fix: resolved user profile 500 error, fixed frontend build types, enhanced logging, increases test coverage 2025-12-26 01:35:34 -03:00
Tiago Yamamoto
3fa875ed98 feat: implemented delete application endpoint and dashboard action 2025-12-26 01:29:31 -03:00
Tiago Yamamoto
7b76b62490 feat(backoffice): implemented edit and delete company functionality 2025-12-26 01:23:01 -03:00
Tiago Yamamoto
43c0719664 feat(users): add company selection and status to create user modal 2025-12-26 01:18:14 -03:00
Tiago Yamamoto
6ab7e357fb fix(users): resolve 403 on update and enable role/status editing 2025-12-26 01:14:18 -03:00
Tiago Yamamoto
eae3df7f38 fix(cors): add PATCH to allowed methods 
Without PATCH in CORS headers, user update was failing with:
'Method PATCH is not allowed by Access-Control-Allow-Methods'
 2025-12-26 00:59:04 -03:00
Tiago Yamamoto
73967ca52b fix(users): allow superadmin to list all users without tenant restriction 
- Modified ListUsers handler to check for admin/superadmin role
- Superadmins can now list all users across tenants
- Added ListUsers method to AdminService
- Added Status field to dto.User

Fixes 403 error when superadmin tries to access /api/v1/users
 2025-12-26 00:51:54 -03:00
Tiago Yamamoto
f396acfb72 debug: add RBAC logging to RequireRoles middleware 2025-12-26 00:42:55 -03:00
Tiago Yamamoto
4eae018a25 fix(backoffice): use string IDs for companies/jobs/users, fix audit log, ensure real tags support 2025-12-24 19:43:49 -03:00
Tiago Yamamoto
bb970f4a74 fix(backend): resolve 500 errors on jobs, notifications and secure routes 
- Fix CreateJob 500 error by extracting user ID correctly
- Secure Create/Update/Delete Job routes with AuthGuard
- Fix Notifications/Tickets/Profile 500 error (UUID vs Int mismatch)
- Add E2E test for CreateJob
 2025-12-24 17:48:06 -03:00
Tiago Yamamoto
052f5169c5 test(auth): add comprehensive auth tests with 98.6% coverage 
Backend Tests Added:
- auth_middleware_test.go: 25+ tests for HeaderAuthGuard, OptionalHeaderAuthGuard, RequireRoles, TenantGuard, ExtractRoles, hasRole (100% coverage)
- cors_middleware_test.go: 7 tests for CORS origin validation (100% coverage)
- jwt_service_test.go: expanded with expiration parsing, wrong signing method tests (94.4% coverage)

Features:
- Maximum console.log/fmt.Printf output for debugging
- Tests for JWT from header and cookie fallback
- Tests for role-based access (case-insensitive)
- Tests for tenant enforcement
- Tests for token expiration parsing (7d, 2h, invalid formats)

Total backend auth coverage: 98.6%
 2025-12-24 16:20:56 -03:00
Tiago Yamamoto
ac84571c55 debug(auth): add detailed logging to HeaderAuthGuard middleware 2025-12-24 15:14:46 -03:00
Tiago Yamamoto
02f35b46b6 feat: implement dynamic dashboard, auth hardening (pepper/httponly) and backend tests 2025-12-24 01:30:33 -03:00
Tiago Yamamoto
0f2aae3073 fix(backoffice): force 0.0.0.0 binding to resolve deployment crash 
refactor(backend): consolidate admin routes and implement RBAC

feat(frontend): update api client to use consolidated routes
 2025-12-24 00:59:33 -03:00
Tiago Yamamoto
72174b5232 docs(backend): update Swagger annotations for admin and core handlers 2025-12-24 00:45:48 -03:00
Tiago Yamamoto
78ce341370 feat: Implement Ticket System, Profile Page integration, and fix migrations 2025-12-23 19:22:55 -03:00
Tiago Yamamoto
0e265e64b8 Refactor backend to use string IDs for Job, Company, and Application 2025-12-23 14:46:17 -03:00
Tiago Yamamoto
ce0531fefc feat: connect registration and jobs to real API 
Backend fixes:
- Fix FK violation in candidate registration by creating company first
- Add CompanyRepository to RegisterCandidateUseCase
- Add handler integration tests for validation

Frontend improvements:
- Add registerCompany function in auth.ts
- Connect company registration form to backend API
- Replace mockJobs with API call in job detail page
- Add loading/error states to job detail page
- Add Jest tests for auth module
 2025-12-23 08:19:49 -03:00
Tiago Yamamoto
743b2842c0 feat: Enhance platform with funny jobs, FAQ, Skeleton UI, and Tests 2025-12-22 23:48:56 -03:00
Tiago Yamamoto
e71fc361ac Add dynamic candidate management data 2025-12-22 19:18:15 -03:00
Tiago Yamamoto
9c17a7a15a Add paginated users listing 2025-12-22 16:43:54 -03:00
Tiago Yamamoto
58cfd76675 Add admin backoffice routes and dashboard 2025-12-22 16:37:05 -03:00
Tiago Yamamoto
a505726786 fix: refactor dashboard urls, fix layout duplication and resolve backend api errors 2025-12-09 20:29:49 -03:00
Tiago Yamamoto
1c7ef95c1a first commit 2025-12-09 19:04:48 -03:00