- Added `databack/mysql-backup` service to the production docker-compose Swarm stack, scheduling a daily 02:55 AM cron backup of the database with a 3-day local retention policy.
- Fixed a critical race condition in the backend JWT authentication middleware where an invalid token returning 401 could crash the response flow if the route executed before the defensive checks caught it.
- Added strict undefined defensive checks to the `getUserById` endpoint and RBAC middleware to gracefully reject requests that somehow bypass the token parser.
- Updated `GEMINI.md` technical documentation to fully match the real codebase logic.
- Fixed UX rule to prevent `manager` role from seeing Funnels or Origins tabs in the sidebar.
- Blocked `agent` role from modifying their own 'fullName' string in the Profile UI.
- Updated Dashboard origin chart to strictly reflect only configured origins, grouping unmapped data into an 'Outros' category.
- Added GET /api/integration/funnels and GET /api/integration/origins endpoints to allow external AIs to dynamically map stages and lead sources.
- Fixed database initialization where default origins were seeded without color_classes.
- Added a visual color picker to the Origens admin page to allow users to assign colors to origin tags.
- Updated Dashboard Pie Chart to read the color classes correctly and display them.
- Dropped simple origins table in favor of origin_groups and origin_items to match the Funnels architecture.
- Added origin_group_id to teams table to assign specific origins to specific teams.
- Updated /admin/origins page to support creating origin groups, adding origin items to them, and assigning teams to groups.
- Updated Dashboard and UserDetail pages to dynamically load the exact origin items belonging to the active team/user.
- Updated Login.tsx to automatically redirect users to the dashboard if a valid token is already present in localStorage.
- Refactored getUserById to properly throw server/network errors instead of silently returning undefined.
- Updated AuthGuard in App.tsx to gracefully handle network errors without destroying the user's valid localStorage tokens.
- Removed all hardcoded MOCK_ATTENDANCES, USERS, and TENANTS generators from constants.ts since the system is now production-ready.
- Renamed 'summary' to 'title' in the database and across all frontend components for clarity.
- Added 'full_summary' to the attendances schema to explicitly store the large, detailed AI analysis texts from n8n.
- Updated the 'Resumo da Interação' UI to render the 'full_summary' without adding any artificial filler text.
- Localized all dates and times across the dashboard to Brazilian formatting (pt-BR).
- Extracted API Key generation and management from UserProfile to a new /super-admin/api-keys route.
- Added cross-tenant selection in the new ApiKeys page so Super Admins can manage integrations for any organization.
- Added api_keys table to database schema.
- Added API Key authentication middleware to express router.
- Created GET /api/integration/users endpoint for n8n to map agents.
- Created POST /api/integration/attendances endpoint to accept webhooks from n8n.
- Added UI in UserProfile (for Admins/Owners) to generate, view, and revoke API keys.
- Fixed audio playback by rendering a hidden audio tag to comply with browser policies.
- Renamed DELETE /notifications to /notifications/clear-all to prevent route conflicts.
- Notifications badge now clears automatically when the tray is opened.
- Translated notification types to Portuguese (SUCESSO, AVISO, ERRO, INFO).
- Implemented team deletion functionality for Admins.
- Updated DB schema to support multiple funnels (funnels table) and their stages (funnel_stages table).
- Added funnel_id to teams table to link teams to specific funnels.
- Redesigned /admin/funnels page ('Meus Funis') to allow creating multiple funnels, managing their stages, and assigning them to teams.
- Updated Dashboard, UserDetail, and AttendanceDetail to dynamically load the correct funnel based on the selected team or user's assigned team.
- Modified attendances.funnel_stage in DB from ENUM to VARCHAR.
- Created tenant_funnels table and backend API routes to manage custom stages.
- Added /admin/funnels page for Admins/Managers to create, edit, order, and color-code their funnel stages.
- Updated Dashboard, UserDetail, and AttendanceDetail to fetch and render dynamic funnel stages instead of hardcoded enums.
- Added defensive checks and logging to GET /users/:idOrSlug to fix sporadic 500 errors during impersonation handoffs.
- Updated Layout and SuperAdmin to explicitly set window.location.hash before triggering window.location.reload() to guarantee correct routing after state resets.
- Added sound_enabled column to users table with a default of true.
- Implemented a pleasant pop sound (notification.mp3) that plays when a new unread notification arrives.
- Added a toggle in the User Profile page allowing users to enable/disable the sound.
- Backend now only returns users, teams, and attendances from a manager's own team.
- Hidden 'Todas as Equipes' filter from manager dashboard.
- Removed manager ability to create or edit teams.
- Restricted Agent view to own dashboard and hid management tabs.
- Allowed Managers to create teams and members but restricted them from editing roles or emails.
- Allowed Admins to update their own email via profile.
- Protected Admin roles from being modified by anyone other than Super Admins.
- Updated all email templates to a clean light theme and changed button text to 'Finalizar Cadastro'.
- Enforced a strict 15-minute expiration on all auth/reset tokens.
- Created SetupAccount flow distinct from ResetPassword to capture user name during admin init.
- Refined dark mode to a premium True Black (Onyx) palette using Zinc.
- Fixed Dashboard KPI visibility and true period-over-period trend logic.
- Enhanced TeamManagement with global tenant filtering for Super Admins.
- Implemented secure User URL routing via slugs instead of raw UUIDs.
- Enforced strict Agent-level RBAC for viewing attendances.
- Fixed real backend deletion for tenants
- Allowed super_admins to manage other super_admins in Global Users
- Filtered teams based on selected tenant in user creation
- Protected system tenant from deletion
- Enforced tenant isolation and Role-Based Access Control across all API routes
- Implemented secure profile avatar upload using multer and UUIDs
- Redesigned UI with a premium "Onyx & Gold" Charcoal dark mode
- Added Funnel Stage and Origin filters to Dashboard and User Detail pages
- Replaced "Referral" with "Indicação" across the platform and database
- Optimized Dockerfile and local environment setup for reliable deployments
- Fixed frontend syntax errors and improved KPI/Chart visualizations
- Implemented real JWT authentication and persistent user sessions
- Replaced all hardcoded mock data with dynamic MySQL-backed API calls
- Created new 'Times' (Teams) dashboard with performance metrics
- Renamed 'Equipe' to 'Membros' and centralized team management
- Added Role-Based Access Control (RBAC) for Admin/Manager/Agent roles
- Implemented secure invite-only member creation and password setup flow
- Enhanced Login with password visibility and real-time validation
- Added safe delete confirmation modal and custom Toast notifications
Adds initial backend API endpoints for fetching users and attendances, including basic filtering. Sets up the frontend routing with a layout component and includes placeholder pages for dashboard, users, and login. Refactors the README for local development setup.
