hobbyhimmel/Project-Image-Uploader
8
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

docs: Update README and CHANGELOG for Phase 2 completion

Browse Source 
README.md:
- Updated Phase 2 completion date: Nov 11-14 → Nov 11-15
- Added new section: Modular UI Architecture (Nov 15)
- Listed all reusable components and their modes
- Added code reduction metrics (62% reduction, -227 net lines)
- Removed outdated 'email link' mention

CHANGELOG.md:
- Complete rewrite for feature/SocialMedia branch
- Added Phase 1: Social Media Consent Management (Nov 9-10)
  * Backend: Migrations, APIs, validation
  * Frontend: ConsentCheckboxes, ConsentBadges, filters
  * Testing results and GDPR compliance
- Added Phase 2 Backend: Management Portal (Nov 11)
  * Management APIs, security features, audit log
  * Rate limiting and brute-force protection
- Added Phase 2 Frontend: Management Portal UI (Nov 13-14)
  * ManagementPortalPage, component reuse
  * Upload success integration
- Added Phase 2 UI Refactoring (Nov 15)
  * 4 new modular components (686 lines)
  * Multi-mode support (upload/edit/moderate)
  * Code reduction metrics
  * UI consistency patterns
  * Bug fixes

All documentation now accurately reflects Nov 9-15 work.
This commit is contained in:
Matthias Lotz 2025-11-15 18:45:16 +01:00
parent a7d2d7d6aa
commit ede45aafdd
2 changed files with 157 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

149
CHANGELOG.md
View File

@ -1,5 +1,154 @@
# Changelog
## [Unreleased] - Branch: feature/SocialMedia
### 🎨 Modular UI Architecture (November 15, 2025)
#### Features
- ✅ **Reusable Component System**: Created modular components for all pages
- `ConsentManager.js` (263 lines): Workshop + Social Media consents with edit/upload modes
- `GroupMetadataEditor.js` (146 lines): Metadata editing with edit/upload/moderate modes
- `ImageDescriptionManager.js` (175 lines): Batch image descriptions with manage/moderate modes
- `DeleteGroupButton.js` (102 lines): Standalone group deletion component
- ✅ **Multi-Mode Support**: Components adapt behavior based on context
- `mode="upload"`: External state, no save buttons (MultiUploadPage)
- `mode="edit"`: Management API endpoints (ManagementPortalPage)
- `mode="moderate"`: Admin API endpoints (ModerationGroupImagesPage)
- ✅ **Code Reduction**: Massive reduction in code duplication
- ManagementPortalPage: 1000→400 lines (-60%)
- ModerationGroupImagesPage: 281→107 lines (-62%)
- MultiUploadPage: Refactored to use modular components
- Net result: +288 lines added, -515 lines removed = **-227 lines total**
#### UI Consistency
- 🎨 **Design System**: Established consistent patterns across all pages
- Paper boxes with headings inside (not outside)
- HTML `<button>` with CSS classes instead of Material-UI Button
- Material-UI Alert for inline feedback (SweetAlert2 only for destructive actions)
- Icons: 💾 save, ↩ discard, 🗑️ delete, 📥 download
- Individual save/discard per component section
#### Bug Fixes
- <20> Fixed: Image descriptions not saving during upload (preview ID → filename mapping)
- 🐛 Fixed: FilterListIcon import missing in ModerationGroupsPage
- 🐛 Fixed: Button styles inconsistent across pages
#### Technical Details
- **Frontend Changes**:
- New files: 4 modular components (686 lines)
- Refactored files: 7 pages with consistent patterns
- State management: Deep copy pattern, JSON comparison, set-based comparison
- API integration: Mode-based endpoint selection
---
### 🔑 Self-Service Management Portal (November 11-14, 2025)
#### Backend Features (Phase 2 Backend - Nov 11)
- ✅ **Management Token System**: UUID v4 token generation and validation
- Tokens stored in `groups.management_token` column
- Token-based authentication for all management operations
- Format validation (UUID v4 regex)
- ✅ **Management APIs**: Complete self-service functionality
- `GET /api/manage/:token` - Load group data
- `PUT /api/manage/:token/consents` - Revoke/restore consents
- `PUT /api/manage/:token/metadata` - Edit title/description
- `PUT /api/manage/:token/images/descriptions` - Batch update descriptions
- `POST /api/manage/:token/images` - Add images (max 50 per group)
- `DELETE /api/manage/:token/images/:imageId` - Delete single image
- `DELETE /api/manage/:token` - Delete entire group
- ✅ **Security Features**:
- Rate limiting: 10 requests/hour per IP (in-memory)
- Brute-force protection: 20 failed attempts → 24h IP ban
- Management audit log: All actions tracked in `management_audit_log` table
- Token masking: Only first 8 characters logged
- ✅ **Database Migration 007**: Management audit log table
- Tracks: action, success, error_message, ip_address, user_agent
- Indexes for performance: group_id, action, ip_address, created_at
#### Frontend Features (Phase 2 Frontend - Nov 13-14)
- ✅ **Management Portal Page**: Full-featured user interface at `/manage/:token`
- Token validation with error handling
- Consent management UI (revoke/restore)
- Metadata editing UI
- Image upload/delete UI
- Group deletion UI (with confirmation)
- ✅ **Component Reuse**: ConsentCheckboxes with mode support
- `mode="upload"`: Upload page behavior
- `mode="manage"`: Management portal behavior
- Eliminates ~150 lines of duplicated code
- ✅ **Upload Success Integration**: Management link prominently displayed
- Copy-to-clipboard functionality
- Security warning about safe storage
- Email link for social media post deletion requests
---
### 🔐 Social Media Consent Management (November 9-10, 2025)
#### Backend Features (Phase 1 Backend - Nov 9)
- ✅ **Database Migrations**:
- Migration 005: Added consent fields to `groups` table
* `display_in_workshop` (BOOLEAN, NOT NULL, default 0)
* `consent_timestamp` (DATETIME)
* `management_token` (TEXT, UNIQUE) - for Phase 2
- Migration 006: Social media platform system
* `social_media_platforms` table (configurable platforms)
* `group_social_media_consents` table (per-group, per-platform consents)
* Revocation tracking: `revoked`, `revoked_timestamp` columns
- GDPR-compliant: Old groups keep `display_in_workshop = 0` (no automatic consent)
- ✅ **API Endpoints**:
- `GET /api/social-media/platforms` - List active platforms (Facebook, Instagram, TikTok)
- `POST /api/groups/:groupId/consents` - Save consents (batch operation)
- `GET /api/groups/:groupId/consents` - Load consent status
- `GET /api/admin/groups/by-consent` - Filter groups by consent (all, workshop, platform-specific)
- `GET /api/admin/consents/export` - Export consent data (CSV/JSON format)
- ✅ **Upload Validation**: 400 error if `display_in_workshop` not set to true
- ✅ **Repositories**:
- `SocialMediaRepository.js`: Platform & consent management
- Extended `GroupRepository.js`: Consent filtering queries
#### Frontend Features (Phase 1 Frontend - Nov 10)
- ✅ **ConsentCheckboxes Component**: GDPR-compliant consent UI
- Workshop consent (mandatory, cannot upload without)
- Social media consents (optional, per-platform checkboxes)
- Informative tooltips explaining usage
- Legal notice about moderation and withdrawal rights
- ✅ **ConsentBadges Component**: Visual consent status indicators
- Icons: 🏭 Workshop, 📱 Facebook, 📷 Instagram, 🎵 TikTok
- Tooltips with consent details and timestamps
- Filtering support for revoked consents
- ✅ **Moderation Panel Updates**:
- Consent filter dropdown (All, Workshop-only, per-platform)
- Export button for CSV/JSON download
- Consent badges on each group card
- In-memory filtering (loads all groups, filters client-side)
- ✅ **Upload Success Dialog**: Group ID display for consent withdrawal reference
#### Testing Results (Nov 10)
- ✅ Upload with/without workshop consent
- ✅ Social media consent persistence
- ✅ Filter functionality (All: 76, Workshop: 74, Facebook: 2)
- ✅ CSV export with proper formatting
- ✅ Badge icons and tooltips
- ✅ Migration 005 & 006 auto-applied on startup
- ✅ GDPR validation: 72 old groups with display_in_workshop = 0
---
## [Unreleased] - Branch: feature/PreloadImage
### 🚀 Slideshow Optimization (November 2025)

11
README.md
View File

@ -28,18 +28,23 @@ This project extends the original [Image-Uploader by vallezw](https://github.com
- Consent badges and filtering in moderation panel
- CSV/JSON export for legal documentation
- Group ID tracking for consent withdrawal requests
- **🔑 Self-Service Management Portal** (Phase 2 Complete - Nov 11-14):
- **🔑 Self-Service Management Portal** (Phase 2 Complete - Nov 11-15):
- Secure UUID-based management tokens for user self-service
- Frontend portal at `/manage/:token` for consent management
- Revoke/restore consents for workshop and social media
- Edit metadata (title, description) after upload
- Add/delete images after upload (with moderation re-approval)
- Complete group deletion with audit trail
- Reusable ConsentCheckboxes component (no code duplication)
- Email link for social media post deletion requests
- IP-based rate limiting (10 requests/hour)
- Brute-force protection (20 failed attempts → 24h ban)
- Management audit log for security tracking
- **🎨 Modular UI Architecture** (Nov 15):
- Reusable components: ConsentManager, GroupMetadataEditor, ImageDescriptionManager
- Multi-mode support: upload/edit/moderate modes for maximum reusability
- Code reduction: 62% in ModerationGroupImagesPage (281→107 lines)
- Consistent design: HTML buttons, Paper boxes, Material-UI Alerts
- Individual save/discard per component section
- Zero code duplication between pages
- **<EFBFBD> Slideshow Optimization**: Intelligent image preloading eliminates loading delays and duplicate images
- **📅 Chronological Display**: Slideshows now play in chronological order (year → upload date)
- **Automatic Cleanup**: Unapproved groups are automatically deleted after 7 days