Skip to content

Security hardening + support tickets, document expiry UI, admin notifications#17

Merged
kutcode merged 5 commits into
mainfrom
feature/security-and-new-features
Mar 27, 2026
Merged

Security hardening + support tickets, document expiry UI, admin notifications#17
kutcode merged 5 commits into
mainfrom
feature/security-and-new-features

Conversation

@kutcode

@kutcode kutcode commented Mar 27, 2026

Copy link
Copy Markdown
Owner

Summary

  • Security hardening: Zod input validation on all mutation routes, path traversal prevention via resolveUploadPath(), XSS fixes with DOMPurify + escapeHtml(), server-side admin auth middleware, generic 500 error responses, Docker non-root user, env var validation, N+1 query optimization, and database indexes
  • Optional Support Tickets: Full admin tickets page with status/priority management, message threads, and reply — toggleable via Settings → Features
  • Document Expiry UI: Dashboard widget for expiring docs, color-coded badges on document list, expires_at date picker on editor and upload pages
  • Admin Email Notifications: Automatic email to configured recipients when new document requests or support tickets are submitted

Migrations

  • 033_add_missing_indexes.sql — indexes on frequently queried columns
  • 034_feature_toggles.sqlsupport_tickets_enabled, notify_on_new_request, notification_emails columns

Test plan

  • Run cd backend && npm test — all 28 tests pass
  • Run cd frontend && npm run build — builds clean
  • Settings → Features → disable tickets → verify sidebar hides "Tickets" and dashboard hides "Open Tickets"
  • Re-enable tickets → submit contact form → verify ticket appears in admin → reply
  • Edit a document → set expires_at to 7 days out → verify orange badge on list and dashboard widget
  • Settings → Features → enable notifications + add email → submit document request → verify admin email arrives
  • Verify admin routes redirect to login when not authenticated (middleware)

🤖 Generated with Claude Code

kutcode and others added 5 commits March 26, 2026 16:34
Enable RLS on 5 unprotected tables (ticket_messages, salesforce_connections,
salesforce_sync_runs, salesforce_sync_run_accounts, integration_settings),
tighten overly permissive policies on 6 tables from authenticated to
admin-only, harden storage buckets with mime type and size restrictions,
and lock down storage.buckets table itself with RLS.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
…S fixes, server-side auth middleware

- Add Zod validation middleware and schemas for document/auth routes
- Add safePath utility to prevent path traversal in file operations
- Replace error.message leakage with generic 500 responses across all routes
- Add DOMPurify for XSS prevention in security updates page
- Add escapeHtml() for email template injection prevention
- Add Next.js middleware for server-side admin route protection via @supabase/ssr
- Batch-optimize N+1 queries in admin requests route
- Add non-root user to Docker container
- Add env var validation at server startup
- Add database indexes for frequently queried columns

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
…l notifications

Feature 1 - Support Tickets (optional):
- Add support_tickets_enabled toggle to settings with Features tab
- Create admin tickets page with status/priority filters, message threads, and reply
- Conditionally show tickets in sidebar and dashboard based on setting
- Add ContactSubmission and TicketMessage types

Feature 2 - Document Expiry UI:
- Add expiring documents widget to admin dashboard (color-coded by urgency)
- Add expiry badges to document list (expired/expiring indicators)
- Add expires_at date picker to document editor and upload pages

Feature 3 - Admin Email Notifications:
- Create adminNotifications utility with notifyAdminsOfNewRequest and notifyAdminsOfNewTicket
- Wire notifications into document request and contact form submission routes
- Add notify_on_new_request toggle and notification_emails config to settings
- Migration 034 adds feature toggle columns to trust_center_settings

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
The frontend was sending expires_at via FormData, but the backend
POST and PUT /replace routes were not destructuring or persisting it.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
The adduser command failed because node:20-alpine ships with a
built-in node user. Use the existing node:node user/group instead.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
@kutcode kutcode merged commit b7656ad into main Mar 27, 2026
4 checks passed
kutcode added a commit that referenced this pull request Mar 27, 2026
Security hardening + support tickets, document expiry UI, admin notifications
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant