- Add APP_URL and GOOGLE_REDIRECT_URI=https://scoreodonto.com/api/oauth2callback
to docker-compose backend environment
- /api/auth/google/url returns 503 with clear message when CLIENT_ID/SECRET unset
- GoogleConnectButton shows alert instead of silently breaking on API error
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Move user profile card and Google connect button from sidebar footer
to a dedicated Configurações view. Sidebar footer now shows a compact
user button that navigates to settings. All roles have access.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Remove all window.location.hash assignments and hashchange events.
Navigate with history.pushState; listen on popstate. Fix base href to
'/' so assets resolve correctly on deep paths. Update magic link URL.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Express matches routes in registration order. PUT /procedimentos/:id was
registered before /procedimentos/reorder, causing 'reorder' to be captured
as an id param and the reorder endpoint to be unreachable.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
- Remove translateQuery function, pool.query override, and pool.getConnection mock entirely
- Replace all ? placeholders with $N positional parameters throughout
- Replace INSERT INTO t SET ? with buildInsert() helper across pacientes, dentistas, especialidades, planos, procedimentos, financeiro, leads, gto_items
- Replace UPDATE t SET ? WHERE id = ? with buildUpdate() helper across the same tables
- Replace all pool.getConnection()/beginTransaction/commit/rollback blocks with withTransaction()
- Convert ON DUPLICATE KEY UPDATE to ON CONFLICT DO UPDATE SET in dentistas/register (usuarios, vinculos, dentistas tables)
- Fix dentistas/register to use withTransaction instead of SET FOREIGN_KEY_CHECKS
- Fix all [rows] array destructuring to { rows } object destructuring (PG native result shape)
- Fix guias dynamic WHERE builder to use incrementing $N parameter indices
- Fix double-quoted string literal bug in procedimentos categoria query ("Particular" → 'Particular')
- Quote camelCase column names in gto_items/gto_builders queries ("builderId", "valorTotal", etc.)
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Causa raiz do login não navegar: getCurrentRole() retornava null quando
vinculos.role era NULL no banco, fazendo isViewAllowed() retornar false
e handleNavigate() falhar silenciosamente sem nenhum feedback.
Fixes:
- backend.ts: getCurrentRole usa workspace?.role || 'paciente' para
garantir que nunca retorne null/undefined
- App.tsx: onLoginSuccess usa setCurrentView+navigate diretamente,
sem passar pela guarda de permissão (desnecessária pós-autenticação)
- App.tsx: mount effect sempre chama navigate(currentView) para sincronizar
a URL com a view real — antes só executava com hash vazio, deixando
/#/login na URL ao recarregar com usuário autenticado
- LoginView.tsx: remove spinner isInitializing de 3s que bloqueava o
formulário em toda montagem do componente
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
- Backend: substitui string literals com aspas duplas por aspas simples
nas queries PostgreSQL (settings, GTO builder, google_tokens delete)
- Backend: corrige alias SQL 'dentistanome' para 'dentistaNome' (quoted)
e ajusta frontend para usar 'pacientenome' (lowercase do PG)
- Backend: move app.listen() para após todas as rotas registradas
- Backend: ativa generateIntelligentNotifications no startup + intervalo 5min
- Backend: magic link usa process.env.APP_URL em vez de localhost:3000 hardcoded
- Frontend: adiciona 'relatorios' às permissões do role 'funcionario'
- Frontend: adiciona onClick ao botão Relatórios do Dashboard
- Frontend: adiciona Content-Type e JWT token em salvarAgendamento/atualizarAgendamento
- Frontend: MeusTratamentos passa JWT token nas chamadas a /api/guias
- Frontend: ClinicasView passa JWT token no endpoint de atualização de cor
- Frontend: corrige subtítulo 'MYSQL + GOOGLE' para 'POSTGRESQL + GOOGLE'
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>