- Extracted API Key generation and management from UserProfile to a new /super-admin/api-keys route.
- Added cross-tenant selection in the new ApiKeys page so Super Admins can manage integrations for any organization.
- Added api_keys table to database schema.
- Added API Key authentication middleware to express router.
- Created GET /api/integration/users endpoint for n8n to map agents.
- Created POST /api/integration/attendances endpoint to accept webhooks from n8n.
- Added UI in UserProfile (for Admins/Owners) to generate, view, and revoke API keys.
- Fixed audio playback by downloading a valid mp3 file and importing it directly via Vite.
- Fixed the route collision where DELETE /notifications/clear-all was being captured by /notifications/:id.
- The notification badge now automatically clears (optimistic UI update) when the tray is opened.
- The backend no longer throws a 500 error when querying users during impersonation handoffs.
- Fixed audio playback by rendering a hidden audio tag to comply with browser policies.
- Renamed DELETE /notifications to /notifications/clear-all to prevent route conflicts.
- Notifications badge now clears automatically when the tray is opened.
- Translated notification types to Portuguese (SUCESSO, AVISO, ERRO, INFO).
- Implemented team deletion functionality for Admins.
- Updated DB schema to support multiple funnels (funnels table) and their stages (funnel_stages table).
- Added funnel_id to teams table to link teams to specific funnels.
- Redesigned /admin/funnels page ('Meus Funis') to allow creating multiple funnels, managing their stages, and assigning them to teams.
- Updated Dashboard, UserDetail, and AttendanceDetail to dynamically load the correct funnel based on the selected team or user's assigned team.
- Modified attendances.funnel_stage in DB from ENUM to VARCHAR.
- Created tenant_funnels table and backend API routes to manage custom stages.
- Added /admin/funnels page for Admins/Managers to create, edit, order, and color-code their funnel stages.
- Updated Dashboard, UserDetail, and AttendanceDetail to fetch and render dynamic funnel stages instead of hardcoded enums.
- Added defensive checks and logging to GET /users/:idOrSlug to fix sporadic 500 errors during impersonation handoffs.
- Prevented the browser's atob() function from throwing a 'String contains an invalid character' exception by adding proper Base64 padding to the JWT payload before decoding.
- Updated Layout and SuperAdmin to explicitly set window.location.hash before triggering window.location.reload() to guarantee correct routing after state resets.
- Added POST /api/impersonate/:tenantId to generate a specialized tenant-scoped JWT.
- Added UI button in SuperAdmin page to trigger impersonation.
- Saved original super_admin token to localStorage to allow returning without re-login.
- Added 'Retornar ao Painel Central' button in sidebar to quickly revert to super admin status.
- Stripped literal quotes from SMTP credentials in nodemailer config to prevent '535 Incorrect auth data' in Docker Swarm.
- Reduced notification polling interval from 60s to 10s for real-time updates.
- Fixed browser autoplay block for audio notifications by properly initializing the audio context.
- Added sound_enabled column to users table with a default of true.
- Implemented a pleasant pop sound (notification.mp3) that plays when a new unread notification arrives.
- Added a toggle in the User Profile page allowing users to enable/disable the sound.
- Added notifications table with auto-migration on startup.
- Created backend endpoints for fetching and managing notifications.
- Implemented interactive notification tray in the header with unread badges.
- Added automated triggers for organization creation and user registration completion.
- Agents see 'Buscar atendimentos...'
- Super admins see 'Buscar membros, equipes, atendimentos ou organizações...'
- Admin and managers see 'Buscar membros, equipes ou atendimentos...'
- Restricted Agent search to Attendances only.
- Enabled Super Admin search for Organizations (Tenants).
- Fixed user avatar URL construction in search results.
- Added Organizations category to search dropdown for Super Admins.
- Moved search bar to the left/center for better accessibility.
- Increased search bar width to max-w-2xl.
- Refined search results dropdown layout and styling.
- Added /api/search endpoint with strict role-based data isolation.
- Created searchGlobal function in dataService.
- Refined header UI with an interactive, categorized search results dropdown.
- Prevented API error messages from leaking system roles.
- Updated POST /users to safely allow managers to create users while strictly forcing them to be agents assigned to the manager's team.
- Backend now only returns users, teams, and attendances from a manager's own team.
- Hidden 'Todas as Equipes' filter from manager dashboard.
- Removed manager ability to create or edit teams.
- Restricted Agent view to own dashboard and hid management tabs.
- Allowed Managers to create teams and members but restricted them from editing roles or emails.
- Allowed Admins to update their own email via profile.
- Protected Admin roles from being modified by anyone other than Super Admins.
- Updated all email templates to a clean light theme and changed button text to 'Finalizar Cadastro'.
- Enforced a strict 15-minute expiration on all auth/reset tokens.
- Created SetupAccount flow distinct from ResetPassword to capture user name during admin init.
- Refined dark mode to a premium True Black (Onyx) palette using Zinc.
- Fixed Dashboard KPI visibility and true period-over-period trend logic.
- Enhanced TeamManagement with global tenant filtering for Super Admins.
- Implemented secure User URL routing via slugs instead of raw UUIDs.
- Enforced strict Agent-level RBAC for viewing attendances.
- Fixed real backend deletion for tenants
- Allowed super_admins to manage other super_admins in Global Users
- Filtered teams based on selected tenant in user creation
- Protected system tenant from deletion
- Enforced tenant isolation and Role-Based Access Control across all API routes
- Implemented secure profile avatar upload using multer and UUIDs
- Redesigned UI with a premium "Onyx & Gold" Charcoal dark mode
- Added Funnel Stage and Origin filters to Dashboard and User Detail pages
- Replaced "Referral" with "Indicação" across the platform and database
- Optimized Dockerfile and local environment setup for reliable deployments
- Fixed frontend syntax errors and improved KPI/Chart visualizations
