Skip to content

feat(pos): add manager authorization and resolve frontend lint issues#84

Merged
CFBruna merged 62 commits intov2/monorepo-migrationfrom
feature/frontend-public-pages
Feb 17, 2026
Merged

feat(pos): add manager authorization and resolve frontend lint issues#84
CFBruna merged 62 commits intov2/monorepo-migrationfrom
feature/frontend-public-pages

Conversation

@CFBruna
Copy link
Owner

@CFBruna CFBruna commented Feb 17, 2026

What's New

  • Implemented AuditLog model in accounts app to track sensitive actions.
  • Added AuthorizeActionView API endpoint for manager authorization.
  • Frontend: Added ManagerAuthModal to protect "Remove Item" and "Apply Discount" actions in POS.
  • Frontend: Fixed critical bug where 401 errors caused infinite redirect loops (changed to 403 handling).
  • Frontend: Resolved all ESLint errors, including any type usage, useEffect dependencies, and synchronous state updates in CurrencyInput.
  • Frontend: Improved type safety in POSPage, Sales, and CheckoutModal.
  • Registered AuditLog in Django Admin with full translations.
  • Updated bandit configuration and fixed backend test assertions.

Why

  • Security: To prevent unauthorized discounts and item removals by cashiers, requiring manager approval.
  • Auditability: To keep a detailed log of who authorized sensitive actions and why.
  • Code Quality: To ensure a clean, type-safe, and maintainable codebase by resolving all linting and static analysis issues.
  • Bug Fixes: To improve user experience by preventing app crashes and redirect loops.

Testing

  • Unit tests updated for Service Layer and Authorization views (pytest).
  • Manual test: Verify "Remove Item" triggers Manager Auth Modal in POS.
  • Manual test: Verify "Apply Discount" triggers Manager Auth Modal in POS.
  • Manual test: Confirm valid credentials allow action and create Audit Log entry.
  • Manual test: Confirm invalid credentials show error without page reload.
  • Manual test: Verify npm run lint and npm run build pass without errors.

Checklist

  • Code follows Service Layer architecture
  • No logic in Views/Admin
  • MyPy strict compliance (for new files)
  • Ruff linting passed

CFBruna added 30 commits February 12, 2026 21:00
@CFBruna
fix(backend): correct date logic in backfill script
52f249e
@CFBruna
feat(analytics): implement trend calculation and period comparison
3529b79
@CFBruna
feat(core): add global configuration API for i18n and timezone
6ef58fa
@CFBruna
fix(store): resolve missing imports and Sale model referencing errors
2c85227
@CFBruna
feat(frontend): implement robust configuration provider and standardi…
8c8197d 
…zed i18n
@CFBruna
feat(ui): integrate real dashboard metrics and timezone-aware formatting
33ad996
@CFBruna
fix(i18n): ensure reliable dynamic language switching and support lan…
e20a075 
…guage aliases
@CFBruna
feat(dashboard): implement performance chart and restructure layout f…
4532eb1 
…or full-width visualization
@CFBruna
feat(analytics): fix missing metrics in dashboard and add today/month…
f9facb0 
…ly/lifetime stats
@CFBruna
feat(analytics): add comparative trends for monthly and annual metrics
31844ee
@CFBruna
style(dashboard): reorder metrics cards and refine header spacing
70b4125
@CFBruna
style(dashboard): further reduce header spacing and compact Layout pa…
6b2d059 
…dding
@CFBruna
feat(auth): implement logout functionality with redirection to login
eaeacf4
@CFBruna
feat(auth): increase login logo size for better visibility
60fb64f
@CFBruna
fix(auth): improve mobile responsiveness and fix layout repetition
89ace16
@CFBruna
fix(auth): fix ghosting login screen caused by fixed positioning and …
e1afe1a 
…transparency
@CFBruna
fix(auth): adjust tab order to flow from email to password field
9d3d2f3
@CFBruna
feat(auth): restore backend permissions and integrate frontend authen…
c9639ae 
…tication
@CFBruna
fix(dashboard): attach auth token to dashboard api requests
c4947ec
@CFBruna
fix(ui): use currency symbol from backend config instead of relying o…
a4aac17 
…n Intl
@CFBruna
chore(infra): add seed-db command and improve makefile robustness
d942298
@CFBruna
fix(dashboard): resolve currency formatting issues in charts and add …
a16fb5f 
…translations
@CFBruna
fix(dashboard): remove space in currency format and prevent chart cli…
4ab9ad9 
…pping
@CFBruna
feat(auth): implement remember me functionality and ensure enter key …
440fa4f 
…submits form
@CFBruna
fix(dashboard): implement view all activities button and sales page
dec98ab
@CFBruna
fix(sales): handle paginated response
735539c
@CFBruna
feat(sales): add product details to sales list
3cae62d
@CFBruna
feat(pos): implement layout, categories, cart logic, and auto-close
9f90b6b
@CFBruna
refactor(layout): remove global search bar
b32b0c1
@CFBruna
chore(assets): add project logos
05568b6
CFBruna added 28 commits February 13, 2026 23:03
@CFBruna
refactor(frontend): standardize api client usage and remove redundant…
d0dbb4b 
… version prefixes
@CFBruna
refactor(accounts): extract quick registration logic to service layer
c0b561f
@CFBruna
chore(makefile): enhance start/stop process management
f00494b
@CFBruna
fix(store): enforce dynamic currency decimals from settings
4bf93a4
@CFBruna
feat(sales): implement sales history with filtering
ff89bec
@CFBruna
feat(pos): update cart styling and checkout components
91305dd
@CFBruna
feat(store): implement split payment support and validation
d50ac16
@CFBruna
feat(pos): add split payment ui with proper i18n
012029b
@CFBruna
feat(pos): implement global discounts on sale checkout
5eb0245 
- Add discount field to Sale model\n- Update SaleService and SaleSerializer to handle discounts\n- Add discount input and reactive calculations to CheckoutModal\n- Connect POSPage to discount functionality
@CFBruna
feat(store): implement cash management models and services
8cc259a
@CFBruna
feat(admin): register cash management models in custom PetCareAdminSi…
cc6cde2 
…te with currency formatting
@CFBruna
feat(i18n): add cash management translations for PT-BR and ES
3b22e00
@CFBruna
feat(pos): implement cash management UI including opening/closing, di…
d8e1261 
…screpancy tracking, and currency masking
@CFBruna
feat(store): implement sale fiscal preparation and validation
4a67d2f
@CFBruna
feat(pos): implement thermal receipt printing and checkout refinements
22a8820
@CFBruna
style: apply linting and formatting fixes
dc6b5e7
@CFBruna
feat(store): implement cash session management and fiscal data support
450cd2f
@CFBruna
feat(backend): add AuditLog model and fix Customer string representation
11401cb
@CFBruna
feat(backend): implement manager authorization endpoint
3ea6f65
@CFBruna
feat(admin): register AuditLog with translations
332783c
@CFBruna
feat(frontend): implement manager authorization components
228792b
@CFBruna
feat(pos): integrate manager auth and fix checkout translations
523574b
@CFBruna
style: apply ruff formatting
dbb20c7
@CFBruna
fix(tests): resolve unused variable and formatting issues
9fcd8b0
@CFBruna
fix(tests): resolve currency formatting and service usages
2148d60
@CFBruna
fix(frontend): resolve lint errors and type safety issues
5ba4017 
- Fix Textarea import in ManagerAuthModal
- Remove explicit any from catch blocks in multiple files
- Fix actionTypes type definition in use-toast.ts
- Fix useEffect dependencies in CurrencyInput, Sales, and others
- Fix fetchSales definition order in Sales.tsx
- Remove unused variables and imports
- Ensure production build passes
@CFBruna
fix(backend): update tests and bandit config
501beb9 
- Relax Customer __str__ assertion for users without names
- Fix create_customer arguments in test_services
- Update bandit exclude patterns in pyproject.toml
@CFBruna
fix(deps): update authlib, pyasn1, virtualenv to resolve CVEs
b310176 
- Update authlib to >=1.6.6 (CVE-2025-68158)
- Update pyasn1 to >=0.6.2 (CVE-2026-23490)
- Update virtualenv to >=20.36.1 (CVE-2026-22702)
@CFBruna CFBruna merged commit 592e3d0 into v2/monorepo-migration Feb 17, 2026
1 check passed
@CFBruna CFBruna deleted the feature/frontend-public-pages branch February 17, 2026 19:01
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@CFBruna