- Created `CustomOidcClient` to override default `OidcClient` behavior, ensuring authorization prompts are always displayed.
- Updated `oidc-server.php` configuration to use the custom client model.
- Added `CustomAuthCodeRepository` to cache and store nonces during authorization.
- Introduced `CustomTokenResponseType` to resolve cached nonces during token exchange.
- Created `oidc-server.php` configuration for OpenID Connect support, including scopes, claims, and token lifetimes.
- Registered custom implementations in `AppServiceProvider` with bindings for `AuthCodeRepository` and `TokenResponseType`.
- Added feature tests to validate nonce caching and resolution logic.
- Introduced `is_unlimited` field in `app_roles` table to support roles with unlimited duration.
- Enhanced front-end and back-end implementations to manage unlimited roles, including UI updates and validation.
- Refactored `KekaOutlookController` and `KekaOutlookService` for streamlined exception handling and code consistency.
- Applied linting and formatting improvements across updated files.
- Introduced `KekaAccessGuard`, `KekaConfigResolver`, `KekaIntegrationService`, `KekaTokenService`, and `KekaUrlBuilder` to streamline Keka HR functionality.
- Refactored `KekaController` to delegate key operations to modular services, improving maintainability.
- Updated dashboard UI to ensure alignment with the new service-based architecture.
- Enhanced error handling, logging, and code reusability for Keka integration workflows.
- Implemented `KekaController` to manage OAuth flows for Keka HR, including connection, callback, and disconnection.
- Added required routes, middleware updates, and session handling for Keka integration.
- Enhanced dashboard UI to display Keka connection status and provide seamless connect/disconnect options.
- Included validation and configuration for Keka Portal URL in connected apps.
- Developed feature tests to ensure reliable authentication and token handling workflows for Keka.
- make the button bigger and active color
- remove unnecessary info from UI
- Removed redundant validation calls and improved permission handling for `ConnectApps`.
- Removed legacy Outlook integration, including views, controllers, and models.
- Introduced Microsoft Entra ID OAuth flows with enhanced permission checks and token management.
- Migrated database structure: replaced `outlook_tokens` table with `oauth_tokens` table for multi-provider support.
- Added comprehensive tests for Entra ID federation, including connection flow, token refresh, and permission checks.
- Standardized OAuth implementation using `EntraController` and consolidated token models into `OauthToken`.
- Refactored `SamlIdpService` to enhance SAML NameID handling, adding support for configurable formats and sources with `SamlNameIdFormatEnum`.
- Enabled custom attribute mapping with dynamic claims resolution, supporting app-level configurations.
- Standardized SAML namespace usage across all element creation methods to ensure compliance with SAML 2.0 specifications.
- Improved cryptographic signature handling with Exclusive Canonicalization (C14N) and proper DOM node positioning.
- Added new unit tests to verify SAML responses and cryptographic signature validation.
- Implemented `EnumMorphsToOptionsContract` interface to enable enums with options and labels for dropdowns.
- Created `SamlNameIdFormatEnum` and `SamlNameIdSourceEnum` for standardized SAML NameID configuration.
- Added reusable `SAML Configuration` Blade component for easier integration into connected app forms.
- Enabled custom SAML Attribute mapping with dynamic add/remove functionality and validation.
- Improved `SamlIdpController` to enforce ACS URL matching and user authorization checks.
- Refactored SAML-related tests and added scenarios for role-based SAML access and custom configurations.
- Improved logging for `MicrosoftGraphService` methods to provide detailed insights into federation configuration processes.
- Refactored error handling for domain federation configuration, including specific checks for authorization and resource errors.
- Streamlined federation flow logic and made it more resilient to exceptions.
- Updated UI components to handle configuration states more effectively and added button functionality for failed connections.
- Expanded test coverage for Microsoft Graph Federation scenarios, including authorization failures and domain validation.
- masked the sensitive fields
- Removed inline data definitions from multiple dashboard components for roles, users, and connected apps, replacing them with service-based computed properties.
- Added comprehensive debug and error-level logging throughout `SamlIdpService` and related controllers to improve traceability of SAML flows.
- Cleaned up and centralized SAML-related logic, improving maintainability and error handling consistency.
- Deleted unused `hr-permission.blade.php` component to reduce code redundancy.
- Introduced `ddev` configuration for Laravel-based SAML SSO setup.
- Added detailed technical specifications for SAML 2.0 integration, including endpoints, flows, and cryptographic signing.
- Created extensive unit tests to validate `SamlIdpController` and `SamlIdpService` functionalities.
- Enhanced metadata generation, SAML request parsing, and cryptographic signing of responses.
- Implemented models, services, and tests to standardize IdP interactions with Service Providers.
- Added activity logs for ticket status changes, comments, and ticket views.
- Implemented `TicketStatusChangedNotification` to notify users of status updates.
- Enhanced ticket list filtering with pagination, search, and status filters.
- Updated UI to better handle ticket assignments, status updates, and comment notifications.
- Extended tests for activity logs, unauthorized actions, status change notifications, and filtering functionalities.
- Added `MicrosoftGraphCredentialsData` and `FederatedIdpMfaBehaviorEnum` for managing Entra ID integration.
- Implemented `MicrosoftGraphService` to handle federation setup, domain management, and token authentication.
- Created UI for managing Microsoft Graph Federation, including connection and disconnection flows.
- Extended tests to validate Microsoft Graph Federation functionality.
- Updated `TicketService` to trigger notifications to all administrators upon ticket creation.
- Added test to verify administrator notifications when a support ticket is raised.
- Minor formatting adjustments in `Ticket` model's imports for consistency.
- Added migration for ticket assignment and comments (`assigned_user_id` and `ticket_replies` table).
- Implemented `TicketAssignedNotification` and `TicketCommentedNotification`.
- Created `ReplyData`, `TicketListData`, and `PostReplyRequest` data classes.
- Introduced `ResolveNotificationRouteController` for modular notification redirection.
- Updated UI to support assigning users and posting comments on tickets.
- User is navigated to comments page when clicked on the ticket, upon navigation ticket details modal is opened.
- Extended tests to cover assignments, comments, status transitions, and notifications.
- Added database migrations for tickets, statuses, roles, users, and related associations.
- Introduced models and enums for ticket status, permissions, and notifications.
- Implemented `TicketService` for ticket management and notification handling.
- Created Livewire form and UI for raising tickets with file attachments and routing options.
- Added tests covering ticket creation, validation, notifications, and file uploads.
- Added `priority`-based access logic to restrict role and user management actions.
- Introduced `Permission Manager` UI and routes for permission access control.
- Updated `RoleService` and `AppRoleService` to include `visible` scope for priority filtering.
- Enhanced seeding to assign priorities to default roles and ensure proper hierarchy.
- Updated sidebar, routes, and data structure to handle new permission enums and resource segmentation.
- Improved UI components to dynamically restrict visibility and actions based on role priority.
- Added `priority`-based access logic to restrict role and user management actions.
- Introduced `Permission Manager` UI and routes for permission access control.
- Updated `RoleService` and `AppRoleService` to include `visible` scope for priority filtering.
- Enhanced seeding to assign priorities to default roles and ensure proper hierarchy.
- Updated sidebar, routes, and data structure to handle new permission enums and resource segmentation.
- Improved UI components to dynamically restrict visibility and actions based on role priority.
- Introduced `ConnectedAppFactory` for generating connected app data.
- Added `MockDataSeeder` to create sample roles, users, and apps with dynamic role-app assignments.
- Extended `RoleAndAppsPermissionEnum` with `ConnectApps` permission.
- Updated access-manager UI to handle app-connection actions with proper authorization.
- Integrated app-role connection logic in Livewire component and updated `roles-and-apps` view for permissions-based actions.
- Added `priority` column to `roles` table with migration and model updates.
- Introduced priority management methods in `RoleService` and validation logic for updates.
- Enhanced access-manager UI to display and edit role priorities via a modal.
- Updated related data classes and views to support and handle the new priority field.
- Replaced `AccessManager`, `Apps`, and `Settings` enums with modular enums like `RoleAndAppsPermissionEnum`, `AppPermissionEnum`, etc.
- Updated route, view, Livewire components, and tests to use new modular enums.
- Enhanced `DefaultRoleWithPermissionSeeder` and `PermissionSeeder` with updated enums.
- Added README in the Enums/Permissions directory to explain usage and naming conventions.
- Refactored dashboard sidebar and route definitions for better enum-based permission handling.
- Improved test coverage to validate new permission enums functionality.
- Introduced methods `selectAllPermissions` and `revokeAllPermissions` in Livewire component.
- Updated permissions section UI with buttons for selecting and revoking all permissions.
- Enhanced user experience by simplifying bulk permission management.
- Applied `Confirmation` trait to multiple Livewire components for unified confirmation handling.
- Replaced inline confirmation modals with `requireConfirmation` method for streamlined interaction.
- Updated button styles and added reusable confirmation prompts for delete/detach actions.
- Enhanced `AppRoleService` and `ConnectionProviderService` to support deletion with confirmation.
- Introduced `Confirmation` trait for reusable confirmation modal logic in Livewire components.
- Added `ConfirmationModal` Livewire component for handling confirmation prompts with customizable title, subtitle, description, and styling.
- Updated `captainhook.json` to increase `subjectLength` limit.
- Integrated confirmation modal in the sidebar layout with `<livewire:confirmation-modal/>`.
- Updated login and registration forms with improved layout and new components for better user experience.
- Removed unused favicon and replaced references with updated logo image.
- Centralized user data retrieval in `dashboard-topbar.blade.php` by introducing `$user` variable.
- Enhanced topbar dropdown with user details (name, email) and improved styling.
- Fixed Livewire binding in roles-and-apps view by replacing `model` with `wire:model`.
- Updated `dashboard-topbar.blade.php` to show "Admin Panel" only for users with the Admin role.
- Introduced user initials avatar with logout functionality via dropdown menu.
- Added `UserAppAccessService` for retrieving active services by user with detailed role and permission validation.
- Created `ServiceAppDto` to standardize service data for UI rendering.
- Enhanced user dashboard layout and Livewire component with computed services, role-based restricted access, and expiring service warnings.
- Updated dashboard blade views for improved user experience and dynamic active services display.
- Added `DefaultUserRole` and permissions enums (`AccessManager`, `Apps`, `Settings`) for centralizing role and permission constants.
- Implemented `DashboardRoute` helper to resolve routes dynamically based on user roles.
- Introduced seeders for default roles (`DefaultRoleWithPermissionSeeder`, `PermissionSeeder`, `ExampleUserWithRoleSeeder`) with role-permission assignments.
- Created `EnumExtractor` utility for parsing enums and generating permissions.
- Customized dashboard routes with role-based redirection logic.
- Updated sidebar navigation to display role-based menu items with permission checks.
- Replaced `duration` (integer, days) with `validUpto` (datetime) in role-app assignments.
- Updated `AssignAppsToRoleData`, `AppRole` model, and Livewire forms to adopt the new `validUpto` field.
- Adjusted database migrations and UI components to reflect the change in validity representation.
- Enhanced validity date inputs with support for "Unlimited" roles using toggles.
- Added `RestrictedUserPermission` migration and model for managing user-role-permission restrictions.
- Introduced `UserService`, `RoleService`, and related DTOs for handling user access, role assignments, and permission restrictions.
- Created new Livewire components and Blade views for user management, including role/permission assignment modals.
- Updated navigation and routing to include the "Users" section under "Access Manager."
- Enhanced `RoleService` with methods for retrieving permissions and managing role-user interactions.
- Improved UI with permission toggles and streamlined selection features for better user-role management.
- 'Use' permission of apps now synced with Role
- Added `PermissionData` DTO for standardized permission transformation.
- Expanded `AppsPermissionService` with `getAllPermissions` method for retrieving connected app permissions.
- Updated `AppRoleService` with methods for assigning and revoking app permissions to roles (`assignAppPermissionsRole`, `removeAppPermissionsRole`).
- Introduced `AppPermission::type` method for extracting permission type from names.
- Refined role and app interaction logic, including proper slug generation and app-role association.