- Fix AUTH_METHOD=none: Read from Flask app config instead of Config class
- Add comprehensive schema verification: Verify all SQLAlchemy models against
database and auto-fix missing columns
- Improve startup logging: Unified format with timestamps and log levels
- Enhanced migration flow: Automatic schema verification after migrations
Fixes authentication issue where password field showed even with AUTH_METHOD=none.
Ensures all database columns from models exist, preventing missing column errors.
Improves startup logging for better debugging and monitoring.
Major refactoring to improve code organization and maintainability:
- Refactor API routes (api_v1.py) to delegate business logic to service layer
- Add new QuoteService for quote management operations
- Enhance existing services: ExpenseService, InvoiceService, PaymentService, ProjectService, TimeTrackingService
- Improve caching utilities with enhanced cache management
- Enhance API authentication utilities
- Add comprehensive test suite covering routes, services, and utilities
- Update routes to use service layer pattern (kiosk, main, projects, quotes, timer, time_entry_templates)
- Update time entry template model with additional functionality
- Update Docker configuration and startup scripts
- Update dependencies and setup configuration
This refactoring improves separation of concerns, testability, and code maintainability while preserving existing functionality.
Major Features:
- Complete quote management system with CRUD operations
- Quote items management with dynamic add/remove functionality
- Discount system (percentage and fixed amount)
- Payment terms integration with invoice creation
- Approval workflow with status tracking
- Quote attachments with client visibility control
- Quote templates for reusable configurations
- Quote versioning for revision history
- Email notifications for quote lifecycle events
- Scheduled tasks for expiring quote reminders
- Client portal integration for quote viewing/acceptance
- Bulk actions for quote management
- Analytics dashboard for quote metrics
UI/UX Improvements:
- Consistent table layout matching projects/clients pages
- Professional quote view page with improved action buttons
- Enhanced create/edit forms with organized sections
- Dynamic line items management in quote forms
- PDF template editor accessible via admin menu
- PDF submenu under Admin with Invoice and Quote options
- Fixed admin menu collapse when opening nested dropdowns
PDF Template System:
- Quote PDF layout editor with visual design tools
- Separate preview route for quote PDF templates
- Template reset functionality
- Support for multiple page sizes (A4, Letter, Legal, A3, A5, Tabloid)
Bug Fixes:
- Fixed 405 Method Not Allowed error on quote PDF save
- Fixed UnboundLocalError with translation function shadowing
- Fixed quote preview template context (quote vs invoice)
- Updated template references from invoice to quote variables
Database:
- Added 9 Alembic migrations for quote system schema
- Support for quotes, quote_items, quote_attachments, quote_templates, quote_versions
- Integration with existing comments system
Technical:
- Added Quote, QuoteItem, QuoteAttachment, QuoteTemplate, QuoteVersion models
- Extended comment routes to support quotes
- Integrated payment terms from quotes to invoices
- Email notification system for quote events
- Scheduled task for expiring quote checks
- Add Norwegian (Norsk) language support with locale code normalization (no -> nb)
- Create Norwegian translation files (translations/nb/ and translations/no/)
- Fill empty Norwegian translation strings with English fallback values
- Add locale normalization for Flask-Babel compatibility (no -> nb mapping)
- Update context processor to correctly display 'Norsk' label instead of 'NB'
Translation improvements:
- Wrap all hardcoded strings in templates with _() translation function
- Add missing translations for setup, timer, tasks, invoices, and admin templates
- Ensure brandnames 'drytrix' and 'TimeTracker' remain untranslated across all languages
- Add new translation strings to all language files (en, de, nl, fr, it, fi, es, no, ar, he)
- Update translation files for: initial_setup, manual_entry, tasks/list, email_templates, etc.
Bug fixes:
- Add missing /api/summary/today endpoint for daily summary notifications
- Fix 'Response body already consumed' error in smart-notifications.js
- Improve translation compilation logging and error handling
- Add debug endpoint /debug/i18n for troubleshooting translation issues
Technical changes:
- Improve ensure_translations_compiled() with better logging
- Add locale normalization function for Norwegian locale handling
- Update context processor to reverse-map normalized locales for display
- Fix JavaScript fetch error handling to check response.ok before reading body
Implement per-project Kanban column workflows, allowing different projects
to have their own custom kanban board columns and task states.
Changes:
- Add project_id field to KanbanColumn model (nullable, NULL = global columns)
- Create Alembic migration 043 to add project_id column with foreign key
- Update unique constraint from (key) to (key, project_id) to allow same
keys across different projects
- Update all KanbanColumn model methods to filter by project_id:
- get_active_columns(project_id=None)
- get_all_columns(project_id=None)
- get_column_by_key(key, project_id=None)
- get_valid_status_keys(project_id=None)
- initialize_default_columns(project_id=None)
- reorder_columns(column_ids, project_id=None)
- Update kanban routes to support project filtering:
- /kanban/columns accepts project_id query parameter
- /kanban/columns/create supports project selection
- All CRUD operations redirect to project-filtered view when applicable
- API endpoints support project_id parameter
- Update project view route to use project-specific columns
- Update task routes to validate status against project-specific columns
- Add fallback logic: projects without custom columns use global columns
- Update UI templates:
- Add project filter dropdown in column management page
- Add project selection in create column form
- Show project info in edit column page
- Update reorder API calls to include project_id
Database Migration:
- Migration 043 adds project_id column (nullable)
- Existing columns remain global (project_id = NULL)
- New unique constraint on (key, project_id)
- Foreign key constraint with CASCADE delete
Backward Compatibility:
- Existing global columns continue to work
- Projects without custom columns fall back to global columns
- Task status validation uses project-specific columns when available
Impact: High - Enables multi-project teams to have different workflows
per project while maintaining backward compatibility with existing
global column setup.
The PDF layout editor was displaying the canvas at actual page dimensions (595x842px for A4) without scaling to fit the container, causing the canvas to appear compressed and making it difficult to position elements accurately. When generating PDFs, fields would appear compressed in a small space instead of utilizing the full page width.
Changes:
- Add auto-fit scaling function that calculates optimal scale to fit canvas within container while maintaining aspect ratio
- Center canvas in container using flexbox CSS
- Update zoom controls to work with base fit scale (zoom applies on top of auto-fit)
- Ensure saved designs are properly refitted when loaded
- Add window resize handler to refit canvas on container size changes
The coordinate system remains in actual page dimensions (72 DPI), ensuring that elements positioned in the editor match their positions in generated PDFs. The visual representation is now properly scaled to fit the container, making the editor more user-friendly while maintaining accurate PDF generation.
Fixes issue where canvas appeared smaller than actual page size, causing compression when generating invoices.
Add the ability to create and manage PDF invoice templates for different
page sizes (A4, Letter, Legal, A3, A5, Tabloid) with independent templates
for each size.
Features:
- Database migration to create invoice_pdf_templates table with page_size
column and default templates for all supported sizes
- New InvoicePDFTemplate model with helper methods for template management
- Page size selector dropdown in canvas editor with dynamic canvas resizing
- Size selection in invoice export view
- Each page size maintains its own template (HTML, CSS, design JSON)
- Preview functionality converted to full-screen modal popup
PDF Generation:
- Updated InvoicePDFGenerator to accept page_size parameter
- Dynamic @page rule updates in CSS based on selected size
- Removed conflicting @page rules from HTML inline styles when separate
CSS exists
- Template content preserved exactly as saved (no whitespace stripping)
- Fallback logic: size-specific template → legacy Settings template → default
UI/UX Improvements:
- Styled page size selector to match app theme with dark mode support
- Fixed canvas editor header styling and readability
- Canvas correctly resizes when switching between page sizes
- Unsaved changes confirmation uses app's standard modal
- All editor controls properly styled for dark/light mode
- Preview opens in modal instead of small side window
Bug Fixes:
- Fixed migration KeyError by correcting down_revision reference
- Fixed DatatypeMismatch error by using boolean TRUE instead of integer
- Fixed template content mismatch (logo positions) by preserving HTML
- Fixed page size not being applied by ensuring @page rules are updated
- Fixed f-string syntax error in _generate_css by using .format() instead
- Fixed debug_print scope issue in _render_from_custom_template
Debugging:
- Added comprehensive debug logging to PDF generation flow
- Debug output visible in Docker console for troubleshooting
- Logs template retrieval, @page size updates, and final CSS content
Files Changed:
- migrations/versions/041_add_invoice_pdf_templates_table.py (new)
- app/models/invoice_pdf_template.py (new)
- app/models/__init__.py (register new model)
- app/routes/admin.py (template management by size)
- app/routes/invoices.py (page size parameter, debug logging)
- app/utils/pdf_generator.py (page size support, debug logging)
- templates/admin/pdf_layout.html (size selector, canvas resizing, modal)
- app/templates/invoices/view.html (size selector for export)
Implement comprehensive overtime tracking feature that allows users to
set their standard working hours per day and automatically calculates
overtime for hours worked beyond that threshold.
Core Features:
- Add standard_hours_per_day field to User model (default: 8.0 hours)
- Create Alembic migration (031_add_standard_hours_per_day.py)
- Implement overtime calculation utilities (app/utils/overtime.py)
* calculate_daily_overtime: per-day overtime calculation
* calculate_period_overtime: multi-day overtime aggregation
* get_daily_breakdown: detailed day-by-day analysis
* get_weekly_overtime_summary: weekly overtime statistics
* get_overtime_statistics: comprehensive overtime metrics
User Interface:
- Add "Overtime Settings" section to user settings page
- Display overtime data in user reports (regular vs overtime hours)
- Show "Days with Overtime" badge in reports
- Add overtime analytics API endpoint (/api/analytics/overtime)
- Improve input field styling with cleaner appearance (no spinners)
Reports Enhancement:
- Standardize form input styling across all report pages
- Replace inline Tailwind classes with consistent form-input class
- Add FontAwesome icons to form labels for better UX
- Improve button hover states and transitions
Testing:
- Add comprehensive unit tests (tests/test_overtime.py)
- Add smoke tests for quick validation (tests/test_overtime_smoke.py)
- Test coverage for models, utilities, and various overtime scenarios
Documentation:
- OVERTIME_FEATURE_DOCUMENTATION.md: complete feature guide
- OVERTIME_IMPLEMENTATION_SUMMARY.md: technical implementation details
- docs/features/OVERTIME_TRACKING.md: quick start guide
This change enables organizations to track employee overtime accurately
based on individual working hour configurations, providing better
insights into work patterns and resource allocation.
Implement comprehensive client notes system allowing users to add
internal notes about clients that are never visible to clients
themselves. Notes support importance flagging, full CRUD operations,
and proper access controls.
Key Changes:
- Add ClientNote model with user/client relationships
- Create Alembic migration (025) for client_notes table
- Implement full REST API with 9 endpoints
- Add client_notes blueprint with CRUD routes
- Create UI templates (edit page + notes section on client view)
- Add importance toggle with AJAX functionality
- Implement permission system (users edit own, admins edit all)
Features:
- Internal-only notes with rich text support
- Mark notes as important for quick identification
- Author tracking with timestamps
- Cascade delete when client is removed
- Mobile-responsive design
- i18n support for all user-facing text
Testing:
- 24 comprehensive model tests
- 23 route/integration tests
- Full coverage of CRUD operations and permissions
Documentation:
- Complete feature guide in docs/CLIENT_NOTES_FEATURE.md
- API documentation with examples
- Troubleshooting section
- Updated main docs index
Database:
- Migration revision 025 (depends on 024)
- Fixed PostgreSQL boolean default value issue
- 4 indexes for query performance
- CASCADE delete constraint on client_id
This feature addresses the need for teams to track important
information about clients internally without exposing sensitive
notes to client-facing interfaces or documents.
Improved the Release Build workflow to clearly show that PostHog and Sentry
credentials are being injected from the GitHub Secret Store, providing better
transparency and auditability.
Changes:
- Enhanced workflow step name to explicitly mention "GitHub Secrets"
- Added comprehensive logging with visual separators and clear sections
- Added before/after file content display showing placeholder replacement
- Added secret availability verification with format validation
- Added detailed error messages with step-by-step fix instructions
- Enhanced release summary to highlight successful credential injection
- Updated build configuration documentation with cross-references
Benefits:
- Developers can immediately see credentials come from GitHub Secret Store
- Security teams have clear audit trail of credential injection process
- Better troubleshooting with detailed error messages
- Secrets remain protected with proper redaction (first 8 + last 4 chars)
- Multiple validation steps ensure correct injection
The workflow now outputs 50+ lines of structured logging showing:
- Secret store location (Settings → Secrets and variables → Actions)
- Target file being modified (app/config/analytics_defaults.py)
- Verification that secrets are available
- Format validation (phc_* pattern for PostHog)
- Confirmation of successful placeholder replacement
- Summary with redacted credential previews
Workflow: .github/workflows/cd-release.yml
Documentation: docs/cicd/README_BUILD_CONFIGURATION.md
Fully backward compatible - no breaking changes.
Improve task workflows and overall UX, and align backend routes with the
new UI flows. Update docs and development setup accordingly.
- UI: refine task list/view/edit templates, project views, and Kanban
partial (`_kanban_tailwind.html`)
- CSS: polish `app/static/enhanced-ui.css` for spacing, layout, and
responsiveness
- Routes: update `app/routes/tasks.py` and `app/routes/clients.py` to
support new edit/delete/filter behaviors and validations
- Templates: align clients/projects pages for consistency and navigation
- Docs: refresh `docs/GETTING_STARTED.md` and
`docs/TASK_MANAGEMENT_README.md`
- Dev: adjust `docker-compose.yml` and `setup.py` to match the latest
runtime/build expectations
- Tests: add coverage for delete actions, task project editing, and task
filters UI (`tests/test_delete_actions.py`,
`tests/test_task_edit_project.py`,
`tests/test_tasks_filters_ui.py`); update existing tests
Why:
- Streamlines common task operations and improves discoverability
- Ensures backend and UI are consistent and well-tested
- Enhanced invoice creation form with auto-fill client data from project selection
- Redesigned invoice edit page with improved layout and quick actions sidebar
- Added new generate-from-time template for adding unbilled time entries and costs
- Improved form styling and added responsive design enhancements
- Added internationalization (i18n) support throughout invoice templates
- Added notes and terms fields to invoice forms
- Implemented item removal functionality in invoice editor
- Added comprehensive tests for new invoice features
- Updated .gitignore to exclude logs directory
- Bumped version from 3.0.0 to 3.2.0
The invoice UI now provides:
- Quick actions panel with export, duplicate, and payment recording links
- Invoice summary sidebar showing totals and status
- Tips and guidance sidebars for better UX
- Client data auto-population when selecting projects
- Improved visual hierarchy and mobile responsiveness
Implement comprehensive CSRF token management with cookie-based
double-submit pattern to improve security and SPA compatibility.
Changes:
- Add CSRF cookie configuration in app/config.py
* WTF_CSRF_SSL_STRICT for strict SSL validation in production
* CSRF_COOKIE_NAME (default: XSRF-TOKEN) for framework compatibility
* CSRF_COOKIE_SECURE inherits from SESSION_COOKIE_SECURE by default
* CSRF_COOKIE_HTTPONLY, CSRF_COOKIE_SAMESITE, and CSRF_COOKIE_DOMAIN settings
- Implement CSRF cookie handler in app/__init__.py
* Set CSRF token in cookie after each request
* Configure cookie with secure flags based on environment settings
* Support for double-submit pattern and SPA frameworks
- Add client-side CSRF token management in base.html
* JavaScript utilities for token retrieval and validation
* Cookie synchronization for frameworks that read XSRF-TOKEN
* Auto-refresh mechanism for stale tokens (>15 minutes)
* Pre-submit token validation and refresh
* User notification for missing cookies/tokens
- Clean up docker-compose.yml environment variables
* Remove redundant SECRET_KEY, WTF_CSRF_*, and cookie security settings
* These are now managed through .env files and config.py
This enhancement provides better CSRF protection while maintaining
compatibility with modern JavaScript frameworks and SPA architectures.
