CSS url() resolves relative to the stylesheet, not <base href>. With
the stylesheet at /ahnenforschung/style.css, url('../fonts/...') resolves
to /fonts/ (root) instead of /ahnenforschung/fonts/. Changed to relative
url('fonts/...') which correctly resolves under the subpath.
Also fixes Material Icons font not loading (menu icons broken).
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
GrampsWeb JS has 6 instances of location.href="/" that redirect users
to the root domain (Django app) instead of /ahnenforschung/. These
are now patched at container startup alongside the API path rewrites.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
GrampsWeb's frontend JS hardcodes absolute paths like "/api/...",
"/lang/...", "/fonts/..." which bypass <base href>. These now get
rewritten to "/ahnenforschung/api/..." etc. at container startup,
matching both double-quoted and template-literal (backtick) patterns.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Without these defaults, GrampsWeb starts without an admin user when
no .env file is present (common for local dev).
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
The previous sed only patched two known paths. Now uses find to discover
and patch all index.html files containing <base href="/"> across the
entire container, with logging to show which files were patched.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
The GrampsWeb SPA has <base href="/"> hardcoded at build time, causing
assets to load from / instead of /ahnenforschung/ when behind a reverse
proxy. Instead of relying on nginx sub_filter (which may not be available),
patch the HTML at container startup via GRAMPSWEB_SUBPATH env var.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
deploy.sh was only updating Docker containers but never copying the
nginx config to the host. This meant changes like the sub_filter fix
for GrampsWeb's <base href> rewrite were never applied.
Now diffs deploy-production/nginx.conf against /etc/nginx/sites-enabled/stiftung
and reloads nginx when changed.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
GrampsWeb's SPA has <base href="/"> hardcoded at build time. The
GRAMPSWEB_BASE_URL env var is a full URL for API/OIDC, not a path prefix.
This means assets always load from root, hitting Django instead of GrampsWeb.
Fix: nginx sub_filter rewrites <base href="/"> to <base href="/ahnenforschung/">
so the browser resolves all SPA assets under the correct subpath.
Also revert BASE_URL default to a proper URL (not a path).
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
The SPA needs GRAMPSWEB_BASE_URL=/ahnenforschung to generate correct
asset URLs when served behind nginx at /ahnenforschung/. Without this,
JS/CSS assets load from / instead of /ahnenforschung/, causing a blank page.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Mirror the production fix from fd626a9 in compose.dev.yml. The
GRAMPSWEB_STATIC_PATH was set to a URL path instead of a filesystem path,
causing 404 on all routes. BASE_URL simplified to / (nginx handles subpath).
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
GRAMPSWEB_STATIC_PATH was set to /ahnenforschung/static (a URL path)
instead of a filesystem path, causing GrampsWeb to return 404 on all
routes. Removed STATIC_PATH and STATIC_URL (defaults work correctly)
and simplified BASE_URL to /.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
- Fix GRAMPS_URL default port from 80 to 5000 to match dev compose
- Add "Ahnenforschung" sidebar link in navigation (links to /ahnenforschung/)
- Update env-template with all GRAMPSWEB_* variables for production setup
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
- Datenschutzerklärung unter /portal/datenschutz/ öffentlich erreichbar
- Link zur Datenschutzerklärung in Nachweis-Aufforderungs-E-Mails (HTML + TXT)
- Einwilligungs-Checkbox vor Upload mit Server-Side-Validierung
- Consent-Logging: einwilligung_erteilt_am auf UploadToken (Art. 7 Abs. 1 DSGVO)
- Regelsatz-Korrektur: 449€→563€ in Onboarding-Template (Stand 01/2024)
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
MCP_AUTH_TOKEN was stored in plain text in .mcp.json and thus in git
history. Now connect.sh reads the token from the environment variable
MCP_AUTH_TOKEN — set via export in ~/.bashrc or a secrets manager.
⚠️ Old token is in git history and should be rotated on the server.
Rotate: python manage.py create_agent_token <username>
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Provides a Model Context Protocol server exposing read-only tools
for Destinatäre, Ländereien, Pächter, Konten, Transaktionen and more.
Includes SSH-based remote connection config in .mcp.json.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Ensures APP_VERSION is available as an environment variable
when docker-compose starts, so containers pick up the correct version.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Adds optional salutation (Herr/Frau/Divers) to the Destinatär model
with migration, form support, admin integration and template display.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Summernote WYSIWYG was mangling Django template syntax ({{ }}, {% %})
on save, causing content to revert to corrupted state. Switched all
template types to the plain code editor textarea which preserves
content exactly as-is.
Also removed jQuery/Summernote JS dependencies from the editor page,
and fixed getEditorContent reference in preview code.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
The Bestätigung email was sent via Celery task (fire-and-forget), so the UI
always showed "wird gesendet" even when the task failed silently in the worker.
Now sends synchronously from the web process (matching the working test email
pattern) with proper error display to the user.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
The shown.bs.tab event never fired, leaving the preview spinner forever.
Switched to a direct click handler with setTimeout for reliability.
Also added explicit credentials and HTTP error handling to the fetch.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Celery worker was missing the media_files:/app/media volume mount,
causing DMS files saved by background tasks (email attachments,
Bestätigungsschreiben PDFs) to land in ephemeral container storage
instead of the persistent named volume. After any container restart,
these files were lost while DB records remained → Http404.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Root cause: Dockerfile build context is ./app/ but VERSION file is at
repo root, so it's excluded from the Docker image. The context processor
tried parent.parent.parent which resolves to / inside the container.
Fix:
- Context processor now checks APP_VERSION env var first, then tries
multiple file paths (repo root for local dev, app/ dir for Docker)
- Dockerfile accepts APP_VERSION build arg and sets it as ENV
- compose.yml passes APP_VERSION build arg to all service builds
Note: Deploy script needs `export APP_VERSION=$(cat VERSION)` before
docker-compose build for the build arg to pick up the version.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
- Move test email form to a standalone card at the top of the page
(was buried at the bottom of SMTP settings)
- Add 'An mich' button that fills in the logged-in user's email
- Send HTML + plain text test email (multi-alternative) styled like
actual Stiftung emails, instead of plain text only
- Include diagnostic info (SMTP server, sender, user) in test email
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
- Fix preview bug: preview event handlers were never attached when
Summernote failed to load (fallback returned early at line 240)
- Restructure layout with Bootstrap tabs (Editor | Vorschau) instead
of stacked editor+hidden preview
- Preview loads automatically when switching to the Vorschau tab
- Editor content getter works in all modes (Summernote, code, fallback)
- Editor now uses full viewport height for more editing space
- Variables sidebar gets 3 cols (was 4) giving editor 9 cols (was 8)
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
The 'Abgeschlossen' column was redundant after 'Überwiesen' since no further
action occurs after a payment is transferred. The pipeline is now 4 stages:
Offen → Nachweis eingereicht → Freigegeben → Überwiesen.
Existing 'abgeschlossen' records are merged into the 'Überwiesen' column.
Financial reports and queries are unaffected as they already include both statuses.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
These are required for the WYSIWYG template editor to work.
Without them, Summernote doesn't load and the preview button is non-functional.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
- veranstaltungen_anzeigen: list events with participant counts
- veranstaltung_teilnehmer_anzeigen: list participants by event
- veranstaltung_teilnehmer_anlegen: add single participant
- veranstaltung_teilnehmer_importieren: bulk import via JSON array
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
- Save cover email body as DMS document with new 'email' context type
- Show email body separately from attachments in email detail view
- Add per-category DMS document assignment in quarterly confirmation
(Studiennachweis, Einkommenssituation, Vermögenssituation)
- Add VERSION file and context processor for automatic version display
- Add MCP server, agent system, import/export, and new migrations
- Update compose files and production environment template
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Refactors the Berichte section from a single hardcoded Jahresbericht into
a modular report-building system. Jahresbericht now uses PDFGenerator for
corporate identity (logo, colors, headers/footers, cover page). 8 reusable
section templates can be freely combined. 6 predefined report templates
(Jahres-, Destinatär-, Grundstücks-, Finanz-, Förder-, Pachtbericht) with
HTML preview and PDF export. New Bericht-Baukasten UI lets users compose
custom reports from individual sections.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
When an ALKIS identifier is set on a Land record, the button links to
ogc-api.nrw.de detail view instead of the imprecise TIM-Online search.
Falls back to TIM-Online when no ALKIS number is present.
Closes STI-57
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
- Display current branch, local/remote main commit with message
- Warn if local main is ahead of Gitea remote
- Show last 5 commits on main before deploying
- Update server address to deployment@217.154.84.225
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Add DokumentDatei, EmailEingang, Verwaltungskosten, and
GeschichteSeite to post-restore verification table checks.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
- Display linked PDFs/documents in the edit form with download links
- Fix "Details ansehen" button to link to detail page
- Redirect edit save to detail page instead of list
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
- New detail view at /geschaeftsfuehrung/verwaltungskosten/<pk>/
showing invoice data, status, linked DMS documents, and emails
- Status change form in sidebar for quick workflow updates
- Link Verwaltungskosten list items to detail page
- Update email detail to link to VK detail instead of edit
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
- DMS edit view: add Destinatär, Land, Pächter, Verpachtung dropdowns
so documents can be assigned to entities after upload
- Geschichte: add M2M dokumente field on GeschichteSeite model
- Geschichte form: checkboxes to select/link Stiftungsgeschichte docs
- Geschichte detail: show linked documents in sidebar with download
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
- Rename DestinataerEmailEingang → EmailEingang with category support
(destinataer, rechnung, land_pacht, stiftungsgeschichte, allgemein)
- Add invoice capture workflow: create Verwaltungskosten from email,
link DMS documents as invoice attachments, track payment status
- Add Stiftungsgeschichte email category with auto-detection patterns
(Ahnenforschung, Genealogie, Chronik, etc.) and DMS integration
- Update poll_emails task with category detection and DMS context mapping
- Show available history documents in Geschichte editor sidebar
- Consolidate DMS views, remove legacy dokument templates
- Update all detail/form templates for DMS document linking
- Add deploy.sh script and streamline compose.yml
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
- When manually assigning an email to a Destinatär, also update
associated DokumentLink records so attachments appear in the
Destinatär's Dokumente tab
- Add email delete functionality (view, URL, buttons in list and detail)
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
User requested the create form to look exactly like the detail page.
Now uses the same two-column table-based card layout with matching
card headers, gradient header bar, and field organization as the
Stammdaten tab on the detail page.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Replace custom CSS (.form-section, gradients, var(--racing-green)) with
standard Bootstrap card-based layout matching the rest of the modernized UI:
dark card headers, responsive grid rows, consistent shadow-sm styling.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Paperless-ngx post_document returns a task UUID string, not a document
ID directly. The code assumed it was a dict and called .get() on a
string, causing AttributeError. Now polls the task status endpoint to
retrieve the actual integer document ID.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
- Add 120s IMAP socket timeout (was unlimited, could hang on large emails)
- Increase Paperless upload timeout from 60s to 300s for large attachments
- Increase manual poll UI timeout from 60s to 300s
- Show error count in UI when emails fail to process
- Log warning when attachment payload is empty/corrupted
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
- Email settings page at /administration/email/ with IMAP config form
- Connection test button to verify IMAP connectivity
- Sidebar link "E-Mail Eingang" for quick access
- AppConfiguration model extended with email category and password type
- init_config command includes IMAP default settings
- DB-based IMAP config with env var fallback
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
