Script runs before vite build via package.json "build" script.
Reads/writes APP_VERSION in frontend/constants.ts (now at V1.0.3).
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Ensures values.update and values.get use the actual tab title returned by
ensureSheetTab (case-insensitive match) so writes don't fail when existing
Apps Script tabs have different casing than our expected names.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
process.env is only set if env var exists; credentials saved via UI
live in googleCreds. Guard was blocking users who saved via DB.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Backend:
- Load GOOGLE_CLIENT_ID/SECRET from DB at startup (env vars take priority)
- GET /api/settings/google-credentials → masked status (secret never returned)
- POST /api/settings/google-credentials → save to DB, hot-reload in memory
- /api/auth/google/url returns 503 with clear message when unconfigured
Frontend (ConfiguracoesView):
- OAuth credential inputs (Client ID + Client Secret with show/hide toggle)
- Shows configured status badge (ENV vs DB) and masked clientIdHint
- Instructions with redirect URI shown inline
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
- Add APP_URL and GOOGLE_REDIRECT_URI=https://scoreodonto.com/api/oauth2callback
to docker-compose backend environment
- /api/auth/google/url returns 503 with clear message when CLIENT_ID/SECRET unset
- GoogleConnectButton shows alert instead of silently breaking on API error
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Move user profile card and Google connect button from sidebar footer
to a dedicated Configurações view. Sidebar footer now shows a compact
user button that navigates to settings. All roles have access.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Remove all window.location.hash assignments and hashchange events.
Navigate with history.pushState; listen on popstate. Fix base href to
'/' so assets resolve correctly on deep paths. Update magic link URL.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Express matches routes in registration order. PUT /procedimentos/:id was
registered before /procedimentos/reorder, causing 'reorder' to be captured
as an id param and the reorder endpoint to be unreachable.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
- Remove translateQuery function, pool.query override, and pool.getConnection mock entirely
- Replace all ? placeholders with $N positional parameters throughout
- Replace INSERT INTO t SET ? with buildInsert() helper across pacientes, dentistas, especialidades, planos, procedimentos, financeiro, leads, gto_items
- Replace UPDATE t SET ? WHERE id = ? with buildUpdate() helper across the same tables
- Replace all pool.getConnection()/beginTransaction/commit/rollback blocks with withTransaction()
- Convert ON DUPLICATE KEY UPDATE to ON CONFLICT DO UPDATE SET in dentistas/register (usuarios, vinculos, dentistas tables)
- Fix dentistas/register to use withTransaction instead of SET FOREIGN_KEY_CHECKS
- Fix all [rows] array destructuring to { rows } object destructuring (PG native result shape)
- Fix guias dynamic WHERE builder to use incrementing $N parameter indices
- Fix double-quoted string literal bug in procedimentos categoria query ("Particular" → 'Particular')
- Quote camelCase column names in gto_items/gto_builders queries ("builderId", "valorTotal", etc.)
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Causa raiz do login não navegar: getCurrentRole() retornava null quando
vinculos.role era NULL no banco, fazendo isViewAllowed() retornar false
e handleNavigate() falhar silenciosamente sem nenhum feedback.
Fixes:
- backend.ts: getCurrentRole usa workspace?.role || 'paciente' para
garantir que nunca retorne null/undefined
- App.tsx: onLoginSuccess usa setCurrentView+navigate diretamente,
sem passar pela guarda de permissão (desnecessária pós-autenticação)
- App.tsx: mount effect sempre chama navigate(currentView) para sincronizar
a URL com a view real — antes só executava com hash vazio, deixando
/#/login na URL ao recarregar com usuário autenticado
- LoginView.tsx: remove spinner isInitializing de 3s que bloqueava o
formulário em toda montagem do componente
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
- Backend: substitui string literals com aspas duplas por aspas simples
nas queries PostgreSQL (settings, GTO builder, google_tokens delete)
- Backend: corrige alias SQL 'dentistanome' para 'dentistaNome' (quoted)
e ajusta frontend para usar 'pacientenome' (lowercase do PG)
- Backend: move app.listen() para após todas as rotas registradas
- Backend: ativa generateIntelligentNotifications no startup + intervalo 5min
- Backend: magic link usa process.env.APP_URL em vez de localhost:3000 hardcoded
- Frontend: adiciona 'relatorios' às permissões do role 'funcionario'
- Frontend: adiciona onClick ao botão Relatórios do Dashboard
- Frontend: adiciona Content-Type e JWT token em salvarAgendamento/atualizarAgendamento
- Frontend: MeusTratamentos passa JWT token nas chamadas a /api/guias
- Frontend: ClinicasView passa JWT token no endpoint de atualização de cor
- Frontend: corrige subtítulo 'MYSQL + GOOGLE' para 'POSTGRESQL + GOOGLE'
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>