3f35e4b18d
Harden MkDocs header auth-check: targeted postMessage, tighter CSP
...
- Replace postMessage wildcard ('*') with explicit parent origin passed
via ?origin= parameter to prevent auth state disclosure to arbitrary
embedders
- Tighten frame-ancestors CSP: production restricts to self + DOMAIN,
dev restricts to localhost origins (was frame-ancestors *)
- Remove deprecated X-Frame-Options ALLOW-FROM header (CSP
frame-ancestors is the modern replacement)
- Validate targetOrigin with URL constructor before use
Bunker Admin
2026-03-07 16:44:29 -07:00
1cca51e518
Tonne of updates to things like social systems, calendars, and the documentation system (making it mobile friendly and fixing up navigation)
2026-03-07 13:10:08 -07:00
08d8066157
Add ticketed events, Jitsi meeting integration, social features, and calendar system
...
- Ticketed events: full CRUD, ticket tiers (free/paid/donation), Stripe checkout,
QR-based check-in scanner, public event pages, ticket confirmation emails
- Event formats: IN_PERSON/ONLINE/HYBRID with auto Jitsi meeting room lifecycle,
ticket-gated meeting access, moderator JWT tokens, feature-flag guarded
- Social engagement: challenges with scoring/leaderboards, referral tracking,
volunteer spotlight, impact stories, campaign celebrations, wall of fame
- Social calendar: personal calendar layers, shared calendar items with
recurrence, scheduling polls, mobile day view
- MCP server: events tool pack with full admin CRUD + meeting token generation
- Unified calendar: eventFormat-aware tags, online event indicators
- Updated docs site, pangolin configs, and various admin UI improvements
Bunker Admin
2026-03-06 14:33:33 -07:00
2390820e41
Fix MkDocs header nav rendering broken icons for unmapped Ant Design icons
...
ScheduleOutlined was missing from the ANT_ICON_TO_MATERIAL mapping in
header-builder.service.ts, causing Material Icons to render raw text
characters ("S", "O") instead of a clock icon for the Shifts nav item.
Added the missing mapping and a toMaterialIcon() fallback that converts
any unmapped Ant Design icon name to snake_case Material Icons format.
Bunker Admin
2026-03-03 11:08:45 -07:00
b30e4301bb
upgrade update
2026-03-02 10:00:15 -07:00
1f2ce681a6
Add "free*" asterisk modal to landing page hero for transparency
...
Discloses external production dependencies (server, ISP, domain, tunnel,
SMTP, Android phone for SMS) and offers paid hardware/managed options.
Bunker Admin
2026-02-28 09:04:11 -07:00
9e51aac570
Okay Wish I could say I know exactly. Will do better next time promise lol
2026-02-26 17:47:04 -07:00
7352815e57
More control panel updates
2026-02-21 11:46:55 -07:00
1a1f12c45b
Tonne of updates
2026-02-18 17:15:31 -07:00
56e262ad8b
Tonne of udpatess
2026-02-18 10:01:54 -07:00
99a6abab06
Add video card insert feature + MkDocs video hydration + fixes
...
- New video card block for GrapesJS landing pages, email templates,
MkDocs export, and documentation editor Insert dropdown
- Shared HTML generators in admin/src/utils/videoCardHtml.ts
- MkDocs video-player.js hydrates .video-card-block elements:
thumbnail fix via MEDIA_API_URL, click-to-play inline, Gallery link
- Media API CORS: auto-add MkDocs + docs subdomain origins
- env_config_hook.py: smart Docker hostname detection, ADMIN_PORT
resolution, pass env vars to MkDocs container
- Gallery URL uses /gallery?expanded=ID format
- VideoPickerModal: fix double /api prefix and Docker hostname thumbs
- Seed: default-video-card PageBlock
- Remove V1 legacy code (influence/, map/)
Bunker Admin
2026-02-17 15:42:32 -07:00
7895ce683e
Tonne of debugging - getting ready for the production builds
2026-02-16 10:44:18 -07:00
a77306fac2
Initial v2 commit: complete rebuild with unified API + React admin
...
Phase 1-14 complete:
- Unified Express.js API (TypeScript, Prisma ORM, PostgreSQL 16)
- React Admin GUI (Vite + Ant Design + Zustand)
- JWT auth with refresh tokens
- Influence: Campaigns, Representatives, Responses, Email Queue
- Map: Locations, Cuts, Shifts, Canvassing System
- NAR data import infrastructure (2025 format)
- Listmonk newsletter integration
- Landing page builder (GrapesJS)
- MkDocs + Code Server integration
- Volunteer portal with GPS tracking
- Monitoring stack (Prometheus, Grafana, Alertmanager)
- Pangolin tunnel integration
Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
2026-02-11 10:05:04 -07:00
