Now you can do:
- cargo build --features sheet → gets automation+drive+cache+sheet deps
- cargo build --features mail → gets automation+drive+cache+mail deps
- cargo build --features tasks → gets automation+drive+cache+tasks deps
Each app automatically includes what it needs from core infrastructure.
No need to manually specify automation, drive, cache anymore.
Added test_all_apps.sh to test each app independently and measure
compilation times.
- Removed complex nested feature dependencies
- Each app now lists only its direct crate dependencies
- Apps can be tested independently without inter-dependencies
- Simplified structure: Core Infrastructure + Flat App List + Bundles
- Core: automation, drive, cache, directory (always needed)
- Apps: chat, mail, tasks, docs, etc. (independent)
- Bundles: minimal, lightweight, full (convenience)
This makes it easy to test each app individually and matches
the app launcher menu structure.
Verified: cargo check with chat+automation+drive+cache ✅
- Created comprehensive apps-manifest.json mapping Cargo features to UI
- Organized apps into categories: Communication, Productivity, Documents, etc.
- Includes app metadata: name, description, icon, dependencies
- Defines bundles: minimal, lightweight, full, communications, etc.
- Documents core dependencies and their reasons
- Ready for botui app launcher integration
- Add crm_ui.rs with stub handlers for pipeline, leads, contacts, accounts, stats
- Add billing_ui.rs with stub handlers for invoices, payments, quotes, stats
- Add products module with stub handlers for items, services, pricelists, stats
- Register routes in main.rs
These stubs return empty data/HTML to prevent 404 errors in UI.
Full CRUD implementation to follow.
- Add umya-spreadsheet v2.3 dependency (preserves charts, styles, images, formulas, macros, comments)
- Rewrite storage.rs to use umya-spreadsheet for read/write
- Keep original workbook in memory during edit session
- On cell edit: modify only that cell via update_xlsx_cell()
- On save: write full workbook via save_workbook_to_drive()
- Preserve all Excel features: merged cells, frozen panes, comments, styles
- Extract cell styles (font, color, background, alignment)
- Parse and preserve merge ranges
- Support formula preservation with = prefix handling
- Add rust_xlsxwriter for Excel export with formatting support
- Add docx-rs for Word document import/export with HTML conversion
- Add PPTX export support with slides, shapes, and text elements
- Refactor sheet module into 7 files (types, formulas, handlers, etc)
- Refactor docs module into 6 files (types, handlers, storage, etc)
- Refactor slides module into 6 files (types, handlers, storage, etc)
- Fix collaboration modules (borrow issues, rand compatibility)
- Add ooxmlsdk dependency for future Office 2021 features
- Fix type mismatches in slides storage
- Update security protection API router type
Features:
- Excel: Read xlsx/xlsm/xls, write xlsx with styles
- Word: Read/write docx with formatting preservation
- PowerPoint: Write pptx with slides, shapes, text
- Real-time collaboration via WebSocket (already working)
- Theme-aware UI with --sentient-* CSS variables
Add security_protection.rs with 8 new BASIC keywords:
- SECURITY TOOL STATUS - Check if tool is installed/running
- SECURITY RUN SCAN - Execute security scan
- SECURITY GET REPORT - Get latest scan report
- SECURITY UPDATE DEFINITIONS - Update signatures
- SECURITY START SERVICE - Start security service
- SECURITY STOP SERVICE - Stop security service
- SECURITY INSTALL TOOL - Install security tool
- SECURITY HARDENING SCORE - Get Lynis hardening index
Also:
- Registered protection routes in main.rs
- Added Security Protection category to keywords list
- All functions use proper error handling (no unwrap/expect)
In Axum, layers are applied bottom-to-top (last added runs first).
So Auth middleware must be added AFTER RBAC in the chain to run BEFORE it.
Previous order (wrong): RBAC -> Auth -> Handler
New order (correct): Auth -> RBAC -> Handler
- Treat non-JWT bearer tokens as Zitadel session IDs
- Grant Admin role to valid sessions (temporary until proper role lookup)
- Add is_jwt_format helper to distinguish JWTs from session IDs
- Update RBAC to allow authenticated users access to UI monitoring routes
