9087bb17cd
feat: complete General Bots 7.0 (v6.2.0)
2026-01-25 10:29:54 -03:00
fdf74903ad
fix(server): update security modules and TODOs
2026-01-25 08:42:36 -03:00
0a24cd4b50
Fix build errors and unused imports in core, security and package_manager modules
2026-01-24 22:04:47 -03:00
6fa52e1dd8
feat: implement feature bundling architecture and fix conditional compilation
...
- Restructured Cargo.toml with Bundle Pattern for easy feature selection
- Added feature bundles: tasks → automation + drive + monitoring
- Applied conditional compilation guards throughout codebase:
* AppState fields (drive, cache, task_engine, task_scheduler)
* main.rs initialization (S3, Redis, Tasks)
* SessionManager Redis usage
* bootstrap S3/Drive operations
* compiler task scheduling
* shared module Task/NewTask exports
- Eliminated all botserver compilation warnings
- Minimal build now compiles successfully
- Accepted core dependencies: automation (Rhai), drive (S3), cache (Redis)
- Created DEPENDENCY_FIX_PLAN.md with complete documentation
Minimal feature set: chat + automation + drive + cache
Verified: cargo check -p botserver --no-default-features --features minimal ✅
2026-01-23 13:14:20 -03:00
f8a907bd81
Update PROMPT.md and feature gating
2026-01-22 20:24:05 -03:00
66abce913f
Feature gating refactor: modular compilation with minimal feature set
2026-01-22 19:45:18 -03:00
3db87c029d
Modularize learn schema and clean up channels/project schema stubs
2026-01-22 14:01:50 -03:00
fc9c07d204
Refactor schema.rs into modular files
2026-01-22 13:57:40 -03:00
18b8afd54c
O
2026-01-19 21:19:10 -03:00
4f63065da2
Update botserver submodule
2026-01-19 15:43:45 -03:00
5126c648ff
Auto-commit: 20260118_195334
2026-01-18 19:53:34 -03:00
033bb504b9
Various updates: dependencies, features, and bug fixes
2026-01-16 11:29:22 -03:00
f42ae6e57c
Remove lib.rs - botserver is binary only, move modules to main.rs
2026-01-14 12:36:18 -03:00
fa9a1f33fa
Fix Product initializer: add all extended fields
2026-01-14 11:50:10 -03:00
e4524d0584
Add SCAN BARCODE keyword and BotModelsClient.scan_barcode
2026-01-14 11:43:34 -03:00
ee9341163f
Add PRODUCTS, PRODUCT, SEARCH PRODUCTS keywords for ERP integration
2026-01-14 10:20:07 -03:00
1c4cc2f986
Add SEARCH keyword and store tools: classify-product, search-products, calculate-shipping
2026-01-14 10:13:33 -03:00
446dee26b6
Add extended product fields: dimensions, weight, tax codes, brand, inventory, pricing, SEO
2026-01-14 10:02:55 -03:00
95a7591c39
Add Stone Pagamentos fields: SKU, dimensões, peso, NCM, GTIN, tributos, etc
2026-01-14 09:50:39 -03:00
15a09270a1
Remove unused put imports
2026-01-14 09:43:50 -03:00
cb2f13d5b0
Fix all duplicate route conflicts: combine methods and move UI routes to /api/ui/
2026-01-14 09:37:07 -03:00
44a7f3eade
Fix CRM route conflicts: move UI routes to /api/ui/crm/
2026-01-14 09:30:23 -03:00
204703ae92
Fix duplicate UI routes in calendar - keep only in ui.rs
2026-01-13 23:02:51 -03:00
d3a3811c07
Fix duplicate route /api/calendar/calendars causing panic
2026-01-13 22:26:40 -03:00
a2783f9b32
Fix 5 errors and 32 warnings: calendar, compliance, billing_alert_broadcast, unused vars
2026-01-13 22:21:25 -03:00
31777432b4
Implement TODO items: session auth, face API, task logs, intent storage
...
Learn Module:
- All 9 handlers now use AuthenticatedUser extractor
Security:
- validate_session_sync reads roles from SESSION_CACHE
AutoTask:
- get_task_logs reads from manifest with status logs
- store_compiled_intent saves to cache and database
Face API:
- AWS Rekognition, OpenCV, InsightFace implementations
- Detection, verification, analysis methods
Other fixes:
- Calendar/task integration database queries
- Recording database methods
- Analytics insights trends
- Email/folder monitoring mock data
2026-01-13 14:48:49 -03:00
a886478548
Implement database persistence for dashboards, legal, and compliance modules
...
- Add PostgreSQL persistence for dashboards module (was returning empty vec![])
- Tables: dashboards, dashboard_widgets, dashboard_data_sources, dashboard_filters,
dashboard_widget_data_sources, conversational_queries
- Full CRUD operations with spawn_blocking pattern
- Add PostgreSQL persistence for legal module (was using in-memory HashMap)
- Tables: legal_documents, legal_document_versions, cookie_consents, consent_history,
legal_acceptances, data_deletion_requests, data_export_requests
- GDPR-compliant consent tracking and document management
- Add PostgreSQL persistence for compliance module (was returning empty results)
- Tables: compliance_checks, compliance_issues, compliance_audit_log, compliance_evidence,
compliance_risk_assessments, compliance_risks, compliance_training_records,
compliance_access_reviews
- Support for GDPR, SOC2, ISO27001, HIPAA, PCI-DSS frameworks
- Add migration files for all new tables
- Update schema.rs with new table definitions and joinables
- Register new routes in main.rs
- Add recursion_limit = 512 for macro expansion
2026-01-13 00:07:22 -03:00
67c9b0e0cc
feat(api): add CRM, billing, products stub UI routes
...
- Add crm_ui.rs with stub handlers for pipeline, leads, contacts, accounts, stats
- Add billing_ui.rs with stub handlers for invoices, payments, quotes, stats
- Add products module with stub handlers for items, services, pricelists, stats
- Register routes in main.rs
These stubs return empty data/HTML to prevent 404 errors in UI.
Full CRUD implementation to follow.
2026-01-12 14:35:03 -03:00
4ed05f3f19
feat(i18n): add missing translation keys to TRANSLATION_KEYS array
...
- Add people-* keys (title, subtitle, search, tabs, form fields)
- Add crm-* keys (stages, stats, metrics)
- Add billing-* keys (subtitle, new-payment, revenue metrics)
- Add products-* keys (subtitle, items, stats)
2026-01-12 14:13:35 -03:00
fd03a324b9
Fix RUST_LOG: append noise filters instead of replacing existing value
2026-01-11 20:10:23 -03:00
3fc3c58816
Fix overlapping route panic: remove duplicate /api/docs/import from drive module
2026-01-11 18:49:04 -03:00
9c2a4dbb97
feat(collab): Add Phase 5 collaboration - presence, typing, selections, mentions
2026-01-11 12:27:40 -03:00
c27ba404c0
feat(office): Add Phase 4 import/export - HTML, ODS, Markdown, RTF, SVG, ODP formats
2026-01-11 12:22:14 -03:00
840c7789f3
feat(office): Add Phase 3 advanced features - Comments, Track Changes, TOC, Footnotes, Styles, Presenter View, Transitions, Media
2026-01-11 12:13:10 -03:00
1850564e62
feat(office): Add ooxmlsdk integration for Word/PowerPoint preservation
2026-01-11 12:01:58 -03:00
8a9a913ffb
Use umya-spreadsheet for Excel as specified in TODO.md
...
- Add umya-spreadsheet v2.3 dependency (preserves charts, styles, images, formulas, macros, comments)
- Rewrite storage.rs to use umya-spreadsheet for read/write
- Keep original workbook in memory during edit session
- On cell edit: modify only that cell via update_xlsx_cell()
- On save: write full workbook via save_workbook_to_drive()
- Preserve all Excel features: merged cells, frozen panes, comments, styles
- Extract cell styles (font, color, background, alignment)
- Parse and preserve merge ranges
- Support formula preservation with = prefix handling
2026-01-11 10:01:59 -03:00
3e75bbff97
MS Office 100% Compatibility - Phase 1 Implementation
...
- Add rust_xlsxwriter for Excel export with formatting support
- Add docx-rs for Word document import/export with HTML conversion
- Add PPTX export support with slides, shapes, and text elements
- Refactor sheet module into 7 files (types, formulas, handlers, etc)
- Refactor docs module into 6 files (types, handlers, storage, etc)
- Refactor slides module into 6 files (types, handlers, storage, etc)
- Fix collaboration modules (borrow issues, rand compatibility)
- Add ooxmlsdk dependency for future Office 2021 features
- Fix type mismatches in slides storage
- Update security protection API router type
Features:
- Excel: Read xlsx/xlsm/xls, write xlsx with styles
- Word: Read/write docx with formatting preservation
- PowerPoint: Write pptx with slides, shapes, text
- Real-time collaboration via WebSocket (already working)
- Theme-aware UI with --sentient-* CSS variables
2026-01-11 09:56:15 -03:00
46695c0f75
feat(security): add BASIC keywords for security protection tools
...
Add security_protection.rs with 8 new BASIC keywords:
- SECURITY TOOL STATUS - Check if tool is installed/running
- SECURITY RUN SCAN - Execute security scan
- SECURITY GET REPORT - Get latest scan report
- SECURITY UPDATE DEFINITIONS - Update signatures
- SECURITY START SERVICE - Start security service
- SECURITY STOP SERVICE - Stop security service
- SECURITY INSTALL TOOL - Install security tool
- SECURITY HARDENING SCORE - Get Lynis hardening index
Also:
- Registered protection routes in main.rs
- Added Security Protection category to keywords list
- All functions use proper error handling (no unwrap/expect)
2026-01-10 20:32:56 -03:00
b4003e3e0a
fix(auth): align auth middleware anonymous paths with RBAC config
...
- Remove broad /api/auth anonymous path that was matching /api/auth/me
- Add specific anonymous paths: /api/auth/login, /api/auth/refresh, /api/auth/bootstrap
- Remove /api/auth/logout, /api/auth/2fa/* from anonymous (require auth)
- Fix /api/auth/me returning 401 for authenticated users
2026-01-10 17:31:50 -03:00
8a6d63ff3e
debug: add logging for auth header extraction
2026-01-10 14:24:56 -03:00
209f4d74f7
feat(rbac): add missing route permissions
...
- Add /api/email/** routes
- Add messaging channels: telegram, whatsapp, msteams, instagram
- Add /api/pages/** routes
- Add /api/insights/** routes
- Add /api/app-logs/** routes
- Add /api/user/** for user profile
- Add /api/ui/email/** HTMX routes
2026-01-10 14:13:08 -03:00
113f44b957
fix(middleware): correct order - Auth runs BEFORE RBAC
...
In Axum, layers are applied bottom-to-top (last added runs first).
So Auth middleware must be added AFTER RBAC in the chain to run BEFORE it.
Previous order (wrong): RBAC -> Auth -> Handler
New order (correct): Auth -> RBAC -> Handler
2026-01-10 14:07:23 -03:00
0bda3ed466
fix(auth): simplify session validation and add debug logging
...
- Remove restrictive length check in validate_session_sync
- Accept any non-empty token as valid session
- Add debug logging throughout auth flow
- Add RBAC decision logging for troubleshooting
2026-01-10 14:03:34 -03:00
b4647cd8d2
feat(rbac): implement complete RBAC middleware and route permissions
...
- Add rbac_middleware_fn for use in middleware layer chain
- Add RBAC middleware to request processing pipeline (after auth)
- Complete route permissions for ALL apps:
- Anonymous: health, i18n, product, auth/login, chat, websocket
- Authenticated users: drive, mail, calendar, tasks, docs, paper, sheet,
slides, meet, research, sources, canvas, video, player, workspaces,
projects, goals, settings, bots (read), designer, dashboards, crm,
contacts, billing, products, tickets, learn, social, llm, autotask
- Admin/SuperAdmin: users, groups, bot management, analytics, monitoring,
audit, security, admin panel, attendant
- SuperAdmin only: RBAC management
- Add all /api/ui/** HTMX routes with proper permissions
- Chat remains anonymous for customer support functionality
2026-01-10 11:41:25 -03:00
81b8fd8f2d
fix(auth): handle Zitadel session tokens and grant Admin role
...
- Treat non-JWT bearer tokens as Zitadel session IDs
- Grant Admin role to valid sessions (temporary until proper role lookup)
- Add is_jwt_format helper to distinguish JWTs from session IDs
- Update RBAC to allow authenticated users access to UI monitoring routes
2026-01-10 11:14:33 -03:00
1686bfb454
feat(i18n): add missing navigation keys to TRANSLATION_KEYS
...
- Add nav-docs, nav-sheet, nav-slides, nav-social, nav-all-apps
- Add nav-people, nav-editor, nav-dashboards, nav-security
- Add nav-designer, nav-project, nav-canvas, nav-goals
- Add nav-player, nav-workspace, nav-video, nav-learn
- Add nav-crm, nav-billing, nav-products, nav-tickets
2026-01-10 10:53:56 -03:00
a15d020556
fix: add /api/i18n to anonymous paths for unauthenticated access
2026-01-10 10:27:01 -03:00
f07448d40a
fix: add /js/* route to serve suite JS files like i18n.js
2026-01-10 10:13:46 -03:00
e3b3f04206
Normalize API paths: remove unnecessary /v1/ prefix
...
- Update all internal API routes from /api/v1/* to /api/*
- Protection API: /api/security/protection/*
- Botmodels calls: /api/vision/*, /api/audio/*, /api/speech/*
- Remove /api/v1/health from anonymous paths (keep /api/health)
External APIs (Reddit, Facebook, etc.) keep their original versioned paths
2026-01-10 09:48:43 -03:00
79ee009983
Fix: Add auth endpoints to anonymous paths list
...
- /api/auth/login was being blocked by auth middleware
- Add all auth endpoints to allow_anonymous_paths:
- /api/auth/login
- /api/auth/logout
- /api/auth/refresh
- /api/auth/bootstrap
- /api/auth/2fa/verify
- /api/auth/2fa/resend
- /oauth
- /auth/callback
2026-01-10 09:44:59 -03:00
