PowderCoatingLogix

spouliot/PowderCoatingLogix

Fork 0

Commit Graph

Author	SHA1	Message	Date
spouliot	8acbc8605d	Harden multi-tenant isolation across all user-facing controllers Added explicit CompanyId == companyId predicates to every tenant-scoped query in 22 controllers so cross-tenant data leakage is impossible even if EF Core global query filters are bypassed or misconfigured. Also fixed ApplicationDbContext.IsPlatformAdmin to correctly return true for SuperAdmins with no CompanyId claim (break-glass accounts) and when no HTTP context is present (background services, unit tests), resolving 225 unit test failures that stemmed from the global filter blocking all in-memory test data. New MultiTenantIsolationTests class (8 tests) verifies the explicit predicate layer independently of the global query filters. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>	2026-05-17 18:04:22 -04:00
spouliot	d94612cc9c	Fix 4 post-review issues found in accounting module audit - Drop orphan VendorCreditId1 column from VendorCreditApplications (was scaffolded by EF because WithMany() lacked inverse navigation name; fixed WithMany() → WithMany(vc => vc.Applications) in ApplicationDbContext) - Wire EarlyPaymentDiscount fields through full data path: added EarlyPaymentDiscountPercent/Days to CreateInvoiceDto, hidden inputs to Invoice Create view, and JS to populate from customer AJAX response - Add missing [HttpGet] attribute to TaxRatesController.Index - Document GenerateNow architecture exception with XML rationale Migration DropOrphanVendorCreditId1 applied. Build: 0 errors, 168 warnings. Unit tests: 200/200 passing. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>	2026-05-10 11:32:44 -04:00
spouliot	42eff3357e	Phase G: Add Recurring Transactions (BackgroundService + CRUD UI) - RecurringTemplate entity with Frequency/IntervalCount/NextFireDate/EndDate/MaxOccurrences/TemplateData JSON - RecurringFrequency + RecurringTemplateType enums - RecurringTransactionService BackgroundService: hourly check, creates Draft bills or immediate expenses, advances NextFireDate, auto-deactivates on limits - RecurringTemplatesController: Index/Create/Edit/ToggleActive/Delete/GenerateNow (on-demand fire) - Three views + external JS for type-toggle and dynamic bill line items - Finance sidebar nav: Recurring Transactions - Migration: AddRecurringTemplates Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>	2026-05-10 11:08:36 -04:00

Author

SHA1

Message

Date

spouliot

8acbc8605d

Harden multi-tenant isolation across all user-facing controllers

Added explicit CompanyId == companyId predicates to every tenant-scoped
query in 22 controllers so cross-tenant data leakage is impossible even
if EF Core global query filters are bypassed or misconfigured.

Also fixed ApplicationDbContext.IsPlatformAdmin to correctly return true
for SuperAdmins with no CompanyId claim (break-glass accounts) and when
no HTTP context is present (background services, unit tests), resolving
225 unit test failures that stemmed from the global filter blocking all
in-memory test data.

New MultiTenantIsolationTests class (8 tests) verifies the explicit
predicate layer independently of the global query filters.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

2026-05-17 18:04:22 -04:00

spouliot

d94612cc9c

Fix 4 post-review issues found in accounting module audit

- Drop orphan VendorCreditId1 column from VendorCreditApplications (was
  scaffolded by EF because WithMany() lacked inverse navigation name;
  fixed WithMany() → WithMany(vc => vc.Applications) in ApplicationDbContext)
- Wire EarlyPaymentDiscount fields through full data path: added
  EarlyPaymentDiscountPercent/Days to CreateInvoiceDto, hidden inputs to
  Invoice Create view, and JS to populate from customer AJAX response
- Add missing [HttpGet] attribute to TaxRatesController.Index
- Document GenerateNow architecture exception with XML rationale

Migration DropOrphanVendorCreditId1 applied. Build: 0 errors, 168 warnings.
Unit tests: 200/200 passing.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

2026-05-10 11:32:44 -04:00

spouliot

42eff3357e

Phase G: Add Recurring Transactions (BackgroundService + CRUD UI)

- RecurringTemplate entity with Frequency/IntervalCount/NextFireDate/EndDate/MaxOccurrences/TemplateData JSON
- RecurringFrequency + RecurringTemplateType enums
- RecurringTransactionService BackgroundService: hourly check, creates Draft bills or immediate expenses, advances NextFireDate, auto-deactivates on limits
- RecurringTemplatesController: Index/Create/Edit/ToggleActive/Delete/GenerateNow (on-demand fire)
- Three views + external JS for type-toggle and dynamic bill line items
- Finance sidebar nav: Recurring Transactions
- Migration: AddRecurringTemplates

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

2026-05-10 11:08:36 -04:00

3 Commits