- Updated resolve_tenant_context to use stored active_club_id if the club exists when no header is provided.
- Adjusted comments for clarity regarding platform admin behavior.
- Added unit tests to verify new behavior for platform admins in test_access_layer.py.
version bump to 1.0.5 for tenant_context module.
- library/club/c{id}/private/* und …/shared/* (club visibility)
- Private Archiv-Upload: effective_club_id oder club_id Form; Plattform braucht Header
- media_assets.club_id bei private gesetzt; Dedupe pro Verein
- Übungs-Upload: dedupe_club für private aus exercise.club_id oder Mandant
- PATCH: club_id für private erhalten; Relocate inkl. private
- version 0.8.53
Co-authored-by: Cursor <cursoragent@cursor.com>
- Expanded the allowed upload MIME types to include HEIC, HEIF, and QuickTime formats.
- Introduced a new function to resolve MIME types based on file content, filename extensions, and client-provided content types.
- Updated media upload logic in both the exercises and media assets routers to utilize the new MIME resolution function.
- Adjusted frontend file input accept attributes to allow broader media types, improving user experience.
- Enhanced media library components to handle HEIC/HEIF formats with appropriate fallback messaging for browser compatibility.
- Added a new API endpoint for bulk uploading media assets, allowing users to upload multiple files in a single request.
- Implemented validation for file types and sizes during the upload process, ensuring compliance with allowed formats and limits.
- Enhanced the MediaLibraryPage component to support bulk file selection and visibility options, improving user experience.
- Updated CSS styles for the upload interface to enhance layout and accessibility.
- Added tests to verify the functionality of the new bulk upload feature and its integration with existing media asset management.
- Updated migration scripts to ensure idempotency and safe execution of SQL statements, preventing errors on repeated runs.
- Improved documentation in migration files to clarify the execution order and idempotent practices for database migrations.
- Added a comment in main.py to explain the migration process and its conditional execution based on the SKIP_DB_MIGRATE environment variable.
- Updated APP_VERSION to 0.8.51 and MODULE_VERSIONS for media_assets to 1.5.1.
- Added a new function to check for the presence of the 'training_unit_exercises' table, enhancing conditional handling in media asset queries.
- Updated changelog to reflect the latest changes, including improved handling of media links based on the existence of the training unit exercises table.
- Introduced a function to check for the presence of the 'tags' column in the media_assets table, ensuring compatibility with database migrations.
- Updated media asset listing and patching functions to conditionally include tags based on the presence of the 'tags' column.
- Enhanced error handling for operations involving tags, providing clear feedback when the required database migration has not been performed.
- Improved search functionality to account for the presence of tags, optimizing queries based on available database schema.
- Updated APP_VERSION to 0.8.50 and DB_SCHEMA_VERSION to 20260507046.
- Enhanced media assets with new tagging functionality, allowing users to filter and search by tags.
- Improved media library UI with new filters for media kind and uploader, enhancing user experience.
- Updated changelog to reflect the latest changes and improvements in media management.
- Introduced new API endpoints for bulk lifecycle actions and bulk patching of media assets, allowing for more efficient management of multiple assets.
- Updated media lifecycle permissions to restrict actions based on user roles, ensuring that only superadmins can perform critical operations like purging and force lifecycle changes.
- Enhanced frontend components to support new bulk actions and improved user experience in the media library, including visibility and copyright management.
- Incremented version to 0.8.49, reflecting the latest improvements in media handling and governance.
- Updated media library to include lifecycle filtering options (active, trash_soft, trash_hidden) and copyright management capabilities.
- Implemented new API endpoints for listing media assets with lifecycle states and patching copyright notices.
- Enhanced frontend components to support navigation to the media library and integration of media management features in the ExerciseFormPage.
- Incremented version to 0.8.48, reflecting the latest improvements in media handling and governance.
- Enhanced exercise update functionality to support the promotion of attached media assets to 'official' status, requiring active visibility and copyright validation.
- Updated backend API to handle new fields for promoting media and setting default copyright notices during exercise updates.
- Improved frontend error handling to prompt users for confirmation when promoting media assets, including checks for copyright compliance.
- Incremented version to 0.8.47, reflecting the latest changes in media management and governance.
- Updated APP_VERSION to 0.8.46 and MODULE_VERSIONS for exercises to 2.15.1.
- Added structured logging for media upload conflicts in the backend.
- Removed explanatory media hints from the ExerciseFormPage in the frontend to streamline the user interface.
- Added a new action to the media asset lifecycle for reactivating assets from the trash, allowing users to restore previously deleted media.
- Updated the backend API to handle reactivation requests and ensure proper state transitions for media assets.
- Enhanced frontend error handling to prompt users for reactivation when attempting to upload media that matches an existing asset in the trash.
- Incremented version to 0.8.45, reflecting the latest changes in media lifecycle management and user experience improvements.
- Updated project status to reflect the latest media management milestones and version increment to 0.8.44.
- Enhanced MEDIA_ASSETS_AND_ARCHIVE_SPEC.md with new API details for media asset lifecycle and inline media integration.
- Improved exercise media handling in the frontend, including new preview features and user prompts for media deletion.
- Adjusted backend API to ensure proper handling of media asset deletions without removing files, maintaining governance and user experience.
- Added new API endpoints for listing media assets and attaching existing archive media to exercises, improving media reuse and governance.
- Updated frontend components to support media asset selection from the archive, enhancing user experience and reducing duplication.
- Incremented version to 0.8.43, reflecting the latest changes in media handling and exercise integration.
- Implemented media lifecycle management with new API endpoints for handling asset states (trash_soft, trash_hidden, recover, purge), improving media governance.
- Updated frontend components to filter and display media based on lifecycle states, enhancing user experience and visibility.
- Enhanced documentation in MEDIA_ASSETS_AND_ARCHIVE_SPEC.md to include guidelines for inline media references in exercise texts, establishing a clear implementation plan.
- Incremented version to 0.8.42, reflecting the latest changes in media handling and lifecycle management.
- Updated exercise editing permissions to allow platform admins and users with planning rights in clubs to edit exercises, improving governance.
- Refactored the `_assert_can_edit_exercise` function to utilize tenant context for permission checks.
- Enhanced frontend media management with new features for saving media metadata and reordering media items, improving user experience.
- Introduced state management for media fields in the ExerciseFormPage, allowing users to edit titles and contexts for media assets.
- Added new documentation for media assets and lifecycle management, establishing a single source of truth in MEDIA_ASSETS_AND_ARCHIVE_SPEC.md.
- Updated project status to reflect the addition of media archive and lifecycle governance.
- Introduced a new API endpoint for platform media storage, allowing superadmin access for media management.
- Enhanced exercise media handling with improved database integration for media assets, including deduplication and effective media root resolution.
- Updated frontend API utilities to support new media storage functionalities, ensuring seamless integration with the backend.
- Incremented version to 0.8.41, reflecting the latest changes and improvements in media handling.
- Added Content-Security-Policy header to nginx configuration for SPA, enhancing security against XSS attacks.
- Introduced middleware in FastAPI to set X-Content-Type-Options header, preventing MIME-sniffing vulnerabilities.
- Updated production readiness audit and access layer endpoint audit to reflect security enhancements and ongoing governance practices.
- Added tests to verify the presence of security headers in API responses, ensuring compliance with security standards.
- Added support for HTTP Range requests to enable partial downloads for media files, improving streaming capabilities.
- Implemented a new response function to handle binary media responses, including content disposition for inline display.
- Updated the media file download endpoint to utilize the new response handling, ensuring secure and efficient file delivery.
- Enhanced type hints and imports for better code clarity and maintainability.
- Updated PostgreSQL binding in docker-compose to restrict access to localhost only.
- Implemented a new API endpoint for secure media file delivery, requiring authentication via token.
- Enhanced governance checks for exercise media access, ensuring only authorized users can retrieve files.
- Updated frontend components to utilize the new media file access method, improving user experience while maintaining security.
- Documented changes in production readiness audit and access layer endpoint audit for clarity on security enhancements.
- Added functions to determine production environment and OpenAPI exposure settings, improving API documentation control.
- Updated FastAPI initialization to conditionally set OpenAPI and documentation URLs based on environment variables.
- Refactored health check response to limit detail exposure in production environments, enhancing security.
- Streamlined profile management by removing legacy ID retrieval and ensuring session-based profile access for security improvements.
- Implemented a new API endpoint to retrieve exercises in training units that are not yet visible to the target club, enhancing visibility management for trainers.
- Introduced a new widget in the Dashboard to display these exercises, improving user access to relevant training information.
- Added helper functions to determine exercise visibility based on club membership and status, streamlining the exercise promotion process.
- Added functionality to promote private exercises used in training units to club visibility, allowing better access for trainers and members.
- Introduced helper functions to retrieve distinct exercise IDs and group club IDs for scheduled units.
- Updated the create, update, and quick create training unit methods to include exercise promotion logic, enhancing exercise management within clubs.
- Introduced a new filter option for listing training units to show only those with pending debriefs.
- Updated the dashboard to reflect changes in training unit statuses, renaming components for clarity.
- Enhanced the Training Planning Page to manage debrief completion status, including UI elements for user interaction.
- Improved API utility to support new filtering criteria for training units, ensuring accurate data retrieval.
- Added a new filter option in the list_exercises function to allow users to view exercises created by the current profile.
- Introduced new CSS styles for the dashboard, including KPI tiles and training previews, improving layout and user experience.
- Updated the Dashboard component to fetch and display statistics related to user-created exercises, enhancing visibility of personal metrics.
- Enhanced the ExercisesListPage to support filtering based on user-specific exercise creation, improving data relevance for users.
- Introduced new filtering options for style directions, training types, and target groups in the exercise list.
- Implemented catalog rule picker components to manage inclusion and exclusion of exercise attributes.
- Updated utility functions to handle new catalog rules for improved filtering logic.
- Enhanced the ExercisesListPage and ExercisePickerModal to support the new filtering features, improving user experience.
- Bumped application version to 0.8.40 and updated module versions accordingly.
- Introduced new focus area filtering options in the ExercisesListPage, allowing users to include or exclude exercises based on specified focus areas.
- Added utility functions for deduplicating and merging focus area IDs to improve filtering logic.
- Enhanced the ExercisePickerModal and ExercisesListPage components to support new focus rules and improve user experience with focus area selections.
- Introduced new function `club_admin_shares_club_with_creator` to check club admin permissions for shared clubs.
- Updated `can_manage_club_org` to incorporate new role checks.
- Enhanced exercise deletion logic to include checks for club admin roles and shared club memberships.
- Added new filters for exercise visibility and status in the ExercisesListPage, allowing users to exclude specific criteria.
- Implemented functionality to save user-specific exercise list preferences, improving user experience.
- Updated API interactions to support new filtering options and preferences for exercise management.
- Added new utility functions for handling exercise focus areas, style directions, and training types, improving data presentation.
- Refactored ExercisesListPage to utilize new card layouts and improved visibility labels for exercises.
- Updated ClubsPage and SkillsPage to implement a consistent tab navigation style, enhancing user experience.
- Enhanced CSS styles for better responsiveness and visual consistency across various components.
- Improved loading states and accessibility features for better user feedback and interaction.
- Bumped the version of exercises to 2.8.0, reflecting new features in the bulk metadata patch.
- Enhanced the ExerciseBulkMetadataPatch model to include focus area, style direction, training type, and target group IDs.
- Updated the bulk patch endpoint to support replacing catalog associations for exercises.
- Improved the ExercisesListPage to handle new relation fields and updated UI for bulk operations.
- Adjusted API documentation to reflect changes in the bulk patch functionality.
- Bumped application version to 0.8.38 in both backend and frontend files.
- Updated training planning API to improve permission checks for trainer assignments, allowing club admins to manage training units more effectively.
- Enhanced the TrainingPlanningPage with new modal functionality for assigning trainers and improved loading of club member directories.
- Updated changelog to reflect the new version and changes made in this release.
- Bumped application version to 0.8.37 in both backend and frontend files.
- Updated training planning API to include new session assignment features, allowing for lead trainer and assistant trainer assignments.
- Enhanced the TrainingPlanningPage to support dynamic loading of club member directories based on selected groups.
- Improved validation for trainer assignments, ensuring only active club members can be assigned as trainers.
- Updated changelog to reflect the new version and changes made in this release.
- Bumped application version to 0.8.36 in both backend and frontend files.
- Updated the ProfileCreate model to require name and email fields, ensuring schema compliance.
- Implemented a new POST /api/profiles endpoint restricted to platform admins, utilizing a random PIN for user setup.
- Added integration tests for profile creation, including checks for unauthorized access and duplicate email handling.
- Enhanced changelog to reflect the new version and changes made in this release.
- Bumped application version to 0.8.35 in both backend and frontend files.
- Updated profile retrieval and deletion endpoints to restrict access to the profile owner or platform admins, returning a 403 status for unauthorized access.
- Added integration tests to verify access control for profile retrieval.
- Enhanced changelog to reflect the new version and changes made in this release.
- Bumped application version to 0.8.33 in both backend and frontend files.
- Refactored pytest-backend job in CI workflow to run tests within the deployed backend container, eliminating the need for a separate Python/Postgres service.
- Updated pytest.ini to include new test markers for smoke and slow tests, and adjusted default options for pytest execution.
- Enhanced changelog to reflect the new version and changes made in this release.
- Bumped application version to 0.8.31 in both backend and frontend files.
- Added pytest-backend job to the CI workflow for PostgreSQL integration testing, including database migrations and access layer checks.
- Updated test.yml to trigger on pull requests to main and develop branches in addition to pushes.
- Updated changelog to reflect the new version and changes made in this release.
- Bumped application version to 0.8.30 in both backend and frontend files.
- Added a new marker for integration tests in pytest.ini to facilitate PostgreSQL integration testing.
- Updated changelog to reflect the new version and changes made in this release.
- Introduced a new PATCH endpoint `/api/exercises/bulk-metadata` to allow bulk updates of visibility and status for exercises, supporting up to 500 IDs.
- Enhanced the ExercisesListPage to include a bulk update modal for managing exercise visibility and status.
- Updated frontend API utility to handle bulk patch requests.
- Bumped application version to 0.8.29 and updated changelog to reflect these changes.
- Enhanced ACCESS_LAYER_AND_GOVERNANCE_PLAN.md with additional details on heuristic checks and testing procedures for cross-tenant scenarios.
- Updated club_tenancy.py to recommend using `library_content_visible_to_profile` for exercise visibility checks.
- Refactored multiple routers to utilize `library_content_visible_to_profile`, improving consistency in access control across exercises and training planning.
- Bumped application version to 0.8.28 and updated changelog to reflect these changes.
- Added new documentation references for access layer governance in CLAUDE.md, including multi-tenancy and endpoint audit guidelines.
- Updated ACCESS_LAYER_AND_GOVERNANCE_PLAN.md to include cursor and heuristic checks for access layer compliance.
- Enhanced ACCESS_LAYER_ENDPOINT_AUDIT.md to clarify endpoint visibility and governance requirements, including exemptions for certain routers.
- Introduced library_content_visible_to_profile function in club_tenancy.py to streamline visibility checks for library content.
- Updated exercise progression graphs router to utilize the new visibility function, improving access control.
- Bumped application version to 0.8.27 and updated changelog to reflect these changes.
- Refactored club join requests, memberships, and clubs routers to utilize TenantContext for authentication and authorization, enhancing security and consistency.
- Updated session handling to replace direct session dictionary access with TenantContext, improving code clarity and maintainability.
- Ensured proper role and profile ID retrieval from TenantContext in various endpoints, streamlining access control for club management functionalities.
- Updated governance visibility logic in `assert_valid_governance_visibility` to enforce club membership checks for platform admins and ensure proper club existence validation.
- Increased login request limit from 5 to 30 per minute to improve user experience.
- Refactored exercise update logic to better handle visibility and club ID requirements, ensuring compliance with governance rules.
- Refactored exercises API endpoints to utilize tenant context for authentication and authorization, enhancing security and governance.
- Updated access layer documentation to reflect the complete integration of tenant context for exercises.
- Bumped application version to 0.8.24 in both backend and frontend files.
- Enhanced changelog to document the new version and changes made in this release.
