# Deployment Scripts Guide ## Recent Security Fixes - No Migration Required ✅ The security fixes we just implemented are **code-only changes** with **no database schema modifications**. You do NOT need to create or run any new migrations for these changes. ### What Changed (Code Only) - ✅ Security headers added (CSP, HSTS, etc.) - ✅ Password policy strengthened - ✅ CORS policy restricted - ✅ Authorization fixed (CompanyAdminOnly) - ✅ Path traversal protection enhanced - ✅ IDOR protection on profile photos - ✅ Session cookies hardened - ✅ File upload names use GUIDs - ✅ Input validation added **Database Impact**: None - No new tables, columns, or schema changes --- ## Deployment Scripts ### For Development Server (Your Current Situation) **Quick Start - Just Run the App:** ```bash cd src\PowderCoating.Web dotnet watch run ``` That's it! No migrations needed. The code changes are already in place. --- ### Migration Scripts (For Future Use) When you DO have database changes in the future, use these scripts: #### Windows (Batch Files) **1. Check Migrations** ```bash .\scripts\check-migrations.bat ``` - Lists all migrations in the project - Shows which are applied vs pending - Displays database connection info **2. Apply Migrations** ```bash .\scripts\apply-migrations.bat ``` - Applies any pending migrations to database - Asks for confirmation before proceeding - Shows success/failure message #### PowerShell (Full Deployment) **3. Deploy to Dev (Full Script)** ```powershell .\scripts\deploy-to-dev.ps1 ``` - Builds the solution - Checks for pending migrations - Applies migrations (with confirmation) - Shows deployment summary **Options:** ```powershell # Preview changes without applying .\scripts\deploy-to-dev.ps1 -WhatIf # Skip build step (faster) .\scripts\deploy-to-dev.ps1 -SkipBuild # Skip migrations (code-only deploy) .\scripts\deploy-to-dev.ps1 -SkipMigrations # Combined .\scripts\deploy-to-dev.ps1 -SkipBuild -SkipMigrations -WhatIf ``` --- ## Manual Migration Commands (Reference) If you prefer to run commands manually: ### Check for Pending Migrations ```bash cd src\PowderCoating.Web dotnet ef migrations list --project ..\PowderCoating.Infrastructure ``` ### Apply All Pending Migrations ```bash cd src\PowderCoating.Web dotnet ef database update --project ..\PowderCoating.Infrastructure ``` ### Apply to Specific Migration ```bash dotnet ef database update MigrationName --project ..\PowderCoating.Infrastructure ``` ### Rollback to Previous Migration ```bash dotnet ef database update PreviousMigrationName --project ..\PowderCoating.Infrastructure ``` ### See Database Info ```bash dotnet ef dbcontext info --project ..\PowderCoating.Infrastructure ``` --- ## When You WILL Need a Migration You'll need to create a migration when you change: - Entity properties (add/remove/rename fields) - Entity relationships (foreign keys) - Indexes or constraints - Seed data (in OnModelCreating) **Example - Adding a new field:** ```csharp // 1. Update entity public class Customer : BaseEntity { public string CompanyName { get; set; } public string? Website { get; set; } // NEW FIELD } // 2. Create migration cd src\PowderCoating.Web dotnet ef migrations add AddWebsiteToCustomer --project ..\PowderCoating.Infrastructure // 3. Review migration file (check if it looks correct) // 4. Apply migration dotnet ef database update --project ..\PowderCoating.Infrastructure ``` --- ## Current Database State **Existing Migrations** (already applied): - `Initial` - Base schema - `AddProfilePictureAndSidebarColor` - User profile enhancements - `AddProfilePictureFilePath` - Filesystem photo storage - `UpdateJobPhotoEntity` - Job photo improvements - `AddFileSystemStorageForLogosAndManuals` - Logo/manual storage - `ConvertEnumsToLookupTables` - Status/priority lookups - `AddAppointmentScheduling` - Appointments feature **Pending Migrations**: None (as of this deployment) --- ## Deployment Checklist for Security Fixes ### Development Server (Your Current Task) - [x] Code changes applied (security fixes) - [x] AppConstants.Policies updated - [x] CSP headers fixed (jQuery allowed) - [ ] Test application: `dotnet watch run` - [ ] Verify Data Lookups tab loads - [ ] Verify password policy (12 chars) - [ ] Test all CRUD operations **No migrations needed** - Just test the app! ### Production Server (Future Deployment) See `DEPLOYMENT_CONFIGURATION.md` for full production checklist: - [ ] Set environment variables (ConnectionStrings, JwtSettings) - [ ] Update CORS origins to production domain - [ ] Update AllowedHosts to production domain - [ ] Enable HTTPS with SSL certificate - [ ] Run `dotnet ef database update` on production DB - [ ] Test all functionality - [ ] Monitor logs for security events --- ## Troubleshooting ### "No migrations found" **Cause**: You're running from wrong directory **Fix**: Always run from `src/PowderCoating.Web` ### "Cannot connect to database" **Cause**: SQL Server not running or connection string wrong **Fix**: 1. Check SQL Server is running (Windows Services) 2. Verify connection string in `appsettings.Development.json` ### "Migration already applied" **Cause**: Trying to reapply existing migration **Fix**: Check `dotnet ef migrations list` - applied migrations show `(Applied)` ### "Build failed before migration" **Cause**: Code has compilation errors **Fix**: Run `dotnet build` and fix errors first --- ## Quick Reference | Task | Command | |------|---------| | **Check migrations** | `.\scripts\check-migrations.bat` | | **Apply migrations** | `.\scripts\apply-migrations.bat` | | **Full deployment** | `.\scripts\deploy-to-dev.ps1` | | **Run app** | `cd src\PowderCoating.Web` → `dotnet watch run` | | **Build only** | `dotnet build` (from root) | | **List migrations** | `dotnet ef migrations list --project ..\PowderCoating.Infrastructure` | --- ## Summary ✅ **For your current security fixes deployment**: Just run `dotnet watch run` - no migrations needed! 📋 **For future database changes**: Use the migration scripts provided 📖 **For production deployment**: Follow `DEPLOYMENT_CONFIGURATION.md` 🔒 **Security documentation**: See `SECURITY_FIXES_SUMMARY.md`