- Created a .gitignore file to exclude node_modules from version control.
- Added package-lock.json to manage project dependencies and ensure consistent installations.
- Introduced a new utility function `safe_urlopen` to ensure only allowed URL schemes (http, https) are opened, enhancing security against path traversal vulnerabilities.
- Updated the `run.py` and `calendar_ics.py` files to utilize `safe_urlopen` for HTTP requests, improving error handling and security.
- Added `HTTP_HOST` configuration to the settings, allowing dynamic binding of the HTTP server host.
- Revised the `.env.example` file to include the new `HTTP_HOST` variable with a description.
- Enhanced tests for `safe_urlopen` to validate behavior with disallowed URL schemes and ensure proper integration in existing functionality.
- Added *.egg-info/ to .gitignore to prevent egg metadata from being tracked.
- Updated virtual environment instructions in CONTRIBUTING.md and README.md to use .venv for consistency.
- Revised mkdocs.yml to include a placeholder for the repository URL when publishing.
- Cleaned up pyproject.toml by removing unnecessary pylint configuration.
- Enhanced import-format.md and runbook.md documentation for clarity on user roles and health check endpoints.
- Changed the behavior of the group duty pin feature to send a new message, unpin the old one, and pin the new one instead of editing the existing message. This ensures the pinned message is always fresh.
- Updated the `DUTY_PIN_NOTIFY` configuration description in the documentation to reflect the new message handling approach.
- Revised the architecture documentation to clarify the updated group duty pin process.
- Enhanced tests to verify the new behavior of the group duty pin functionality, ensuring proper message handling and scheduling.
- Introduced a new configuration option `DUTY_PIN_NOTIFY` to control whether the bot re-pins the duty message when updated, providing notifications to group members.
- Updated the architecture documentation to reflect the new functionality of re-pinning duty messages.
- Enhanced the `.env.example` file to include the new configuration option with a description.
- Added tests to verify the behavior of the new refresh pin command and its integration with the existing group duty pin functionality.
- Updated internationalization messages to include help text for the new `/refresh_pin` command.
- Implemented a new API endpoint to generate an ICS calendar for team duty shifts, accessible via a valid token.
- Enhanced the `calendar_link` command to return both personal and team calendar URLs.
- Added a new function to build the team ICS file, ensuring each event includes the duty holder's name in the description.
- Updated tests to cover the new team calendar functionality, including validation for token formats and response content.
- Revised internationalization messages to reflect the new team calendar links.
- Eliminated the forced reflow line in the `showAsBottomSheet` function to streamline the rendering process of the day detail panel.
- This change enhances code clarity and maintains the intended functionality without impacting user experience.
- Removed outdated CSS styles related to the calendar sticky behavior and duty item animations to streamline the stylesheet.
- Added a reflow trigger in the JavaScript function to ensure proper rendering of the day detail panel when opened, improving user experience.
- Enhanced overall code clarity by eliminating unnecessary styles and improving the animation handling logic.
- Updated the loading indicator in `index.html` to include a spinner and text for better user feedback during loading.
- Added CSS transitions for smoother visual effects on various elements, including buttons and overlays, enhancing overall user experience.
- Refactored JavaScript functions to utilize requestAnimationFrame for improved animation performance when showing and hiding panels.
- Implemented smooth scrolling behavior for duty list navigation, improving usability when focusing on current duties.
- Removed the ability to specify multiple event types in the ICS calendar generation API, ensuring it only returns duty shifts.
- Updated the associated test to reflect the change in behavior, confirming that unknown query parameters are ignored.
- Revised documentation to clarify the API's focus on duty shifts only, enhancing clarity for users.
- Revised the `.env.example` file to clarify the purpose of the `MINI_APP_SKIP_AUTH` variable, emphasizing its insecure nature and restriction to development use only.
- Updated the `README.md` to reflect changes in API authentication requirements, specifying that unauthenticated access to `/api/duties` and `/api/calendar-events` is only allowed with `MINI_APP_SKIP_AUTH=1`.
- Enhanced `configuration.md` to detail the implications of using `MINI_APP_SKIP_AUTH` for API access without Telegram initData.
- Removed the `_is_private_client` function and its associated tests, streamlining the codebase and focusing on the current authentication model.
- Added logging in `run.py` to warn when `MINI_APP_SKIP_AUTH` is enabled, highlighting the security risks.
- Removed unnecessary condition for determining if a duty is current, streamlining the logic.
- Refactored the scrolling functionality to ensure the view correctly focuses on the current duty or today's block.
- Improved code clarity by consolidating the scroll target logic into a reusable function.
- Introduced new tests for the `import_duty_schedule_cmd` to verify behavior when no message or effective user is present, ensuring proper early returns.
- Added tests for admin checks to confirm that only authorized users can initiate duty schedule imports, enhancing security.
- Implemented error handling tests for the `handle_handover_time_text` function to ensure appropriate responses for invalid time formats and non-admin users.
- Enhanced overall test coverage for the duty schedule import functionality, contributing to improved reliability and maintainability of the codebase.
- Updated the `.coverage` file to reflect the latest coverage metrics.
- Introduced new tests for the `is_admin_async` function to verify correct behavior based on user roles.
- Added tests for error handling in the `error_handler` to ensure exceptions are logged and do not propagate.
- Enhanced test coverage for configuration settings by adding a test for parsing admin phone numbers from environment variables.
- Updated the `.cursorrules` file to include the use of a virtual environment for better dependency management.
- Added CSS styles for the "today" cell to visually distinguish it with a solid background and border when it has external events.
- Updated the margin for day elements to improve layout consistency.
- Introduced new styles for duty, unavailable, vacation, and event indicator dots on the "today" cell to enhance visual contrast and clarity.
- Improved overall calendar aesthetics to better represent different event types.
- Introduced a new roles table in the database to manage user roles ('user' and 'admin') for access control.
- Updated the user model to include a foreign key reference to the roles table, allowing for role assignment.
- Enhanced command handlers to support the `/set_role` command for admins to assign roles to users.
- Refactored access control logic to utilize role checks instead of username/phone allowlists, improving security and maintainability.
- Updated documentation to reflect changes in access control mechanisms and role management.
- Added unit tests to ensure correct functionality of role assignment and access checks.
- Introduced a new `normalize_lang` function to standardize language codes across the application, ensuring consistent handling of user language preferences.
- Refactored date handling utilities by adding `parse_utc_iso` and `parse_utc_iso_naive` functions for better parsing of ISO 8601 date strings, enhancing timezone awareness.
- Updated various modules to utilize the new language normalization and date parsing functions, improving code clarity and maintainability.
- Enhanced error handling in date validation to raise specific `DateRangeValidationError` exceptions, providing clearer feedback on validation issues.
- Improved test coverage for date range validation and language normalization functionalities, ensuring robustness and reliability.
- Added Docker health check endpoint to the FastAPI application, returning a 200 status when the app is running.
- Updated Dockerfile to include curl for health checks and modified entrypoint script to exit on errors.
- Enhanced .dockerignore and .gitignore files to exclude coverage and test artifacts.
- Updated docker-compose.prod.yml to specify version.
- Added pytest-cov as a development dependency to improve test coverage reporting.
- Added support for filtering calendar events by type in the ICS generation API endpoint, allowing users to specify whether to include only duty shifts or all event types (duty, unavailable, vacation).
- Updated the `get_duties_for_user` function to accept an optional `event_types` parameter, enabling more flexible data retrieval based on user preferences.
- Enhanced unit tests to cover the new event type filtering functionality, ensuring correct behavior and reliability of the ICS generation process.
- Upgraded `pytest-asyncio` to version 1.0 to ensure compatibility with the latest features and improvements.
- Increased the coverage threshold in pytest configuration to 80%, enhancing the quality assurance process.
- Added a new `conftest.py` file to manage shared fixtures and improve test organization.
- Introduced multiple new test files to cover various components, ensuring comprehensive test coverage across the application.
- Updated the `.coverage` file to reflect the latest coverage metrics.
- Refactored the configuration loading in `config.py` to utilize a single source of truth through the `Settings` class, improving maintainability and clarity.
- Introduced the `is_admin_for_telegram_user` function in `repository.py` to centralize admin checks based on usernames and phone numbers.
- Updated command handlers to use the new admin check function, ensuring consistent access control across the application.
- Enhanced error handling in the `error_handler` to log exceptions when sending error replies to users, improving debugging capabilities.
- Improved the handling of user phone updates in `repository.py` to ensure proper normalization and validation of phone numbers.
- Revised the README to improve clarity in instructions for accessing the calendar miniapp, including changes to the phrasing for consistency.
- Updated the configuration documentation to enhance the description of the `EXTERNAL_CALENDAR_ICS_URL` setting, ensuring users understand its purpose and usage.
- Improved the import format documentation by translating terms to English for better accessibility to a wider audience.
- Enhanced the runbook with clearer instructions regarding access issues when using direct links, emphasizing the importance of using the bot's menu button.
- Added `pytest-cov` as a development dependency for coverage reporting.
- Configured pytest to include coverage options, ensuring code coverage is reported and enforced.
- Updated the README to include contributing guidelines and logging policies, enhancing clarity for developers.
- Added a new section in the configuration documentation emphasizing the necessity of serving the application over HTTPS in production for security purposes.
- Introduced a new `.coverage` file to track test coverage metrics.
- Created a new `CHANGELOG.md` file to document all notable changes to the project, adhering to the Keep a Changelog format.
- Updated `CONTRIBUTING.md` to include instructions for building and previewing documentation using MkDocs.
- Added `mkdocs.yml` configuration for documentation generation, including navigation structure and theme settings.
- Enhanced various documentation files, including API reference, architecture overview, configuration reference, and runbook, to provide comprehensive guidance for users and developers.
- Included new sections in the README for changelog and documentation links, improving accessibility to project information.
- Introduced a new boolean column `name_manually_edited` in the `users` table to control whether user names are overwritten during synchronization with Telegram.
- Updated the `get_or_create_user` function to respect the `name_manually_edited` flag, ensuring names are only updated when the flag is false.
- Implemented a new function `update_user_display_name` to allow manual updates of user names while setting the `name_manually_edited` flag to true.
- Enhanced unit tests to cover the new functionality and ensure correct behavior of name handling based on the `name_manually_edited` flag.
- Introduced a new database model for calendar subscription tokens, allowing users to generate unique tokens for accessing their personal calendar.
- Implemented API endpoint to return ICS files containing only the subscribing user's duties, enhancing user experience with personalized calendar access.
- Added utility functions for generating ICS files from user duties, ensuring proper formatting and timezone handling.
- Updated command handlers to support the new calendar link feature, providing users with easy access to their personal calendar subscriptions.
- Included unit tests for the new functionality, ensuring reliability and correctness of token generation and ICS file creation.
- Added functionality to lock the background scroll when the day detail panel is open, improving user interaction by preventing background movement.
- Implemented logic to restore the scroll position when the panel is closed, ensuring a seamless user experience.
- Updated CSS to support the new behavior, enhancing the visual consistency of the day detail panel.
- Added early return checks in navigation button event listeners to prevent actions while the day detail panel is open, improving performance and usability.
- Adjusted the bottom padding in `style.css` to improve layout by incorporating a comfortable offset for safe areas.
- Added an early return in `dayDetail.js` to prevent further processing when there are no duties or event summaries, enhancing performance and preventing unnecessary DOM manipulations.
- Introduced a new `dayDetail.js` module to manage the day detail panel functionality, allowing users to view detailed information about duties and events for each calendar day.
- Enhanced the calendar rendering in `calendar.js` to include visual indicators for duties and events, improving user interaction and experience.
- Updated CSS in `style.css` to style the day detail panel and its components, ensuring a responsive design for both desktop and mobile views.
- Refactored `hints.js` to export the `getDutyMarkerRows` function, facilitating better integration with the new day detail features.
- Added localization support for the day detail panel in `i18n.js`, including new translations for close button and event titles.
- Enhanced the initialization process in `main.js` to set up the day detail panel on application load.
- Introduced a new `i18n.js` module for handling translations and language detection, supporting both Russian and English.
- Updated various components to utilize the new translation functions, enhancing user experience by providing localized messages for errors, hints, and UI elements.
- Refactored existing code in `api.js`, `calendar.js`, `dutyList.js`, `hints.js`, and `ui.js` to replace hardcoded strings with translated messages, improving maintainability and accessibility.
- Enhanced the initialization process in `main.js` to set the document language and update UI elements based on the user's language preference.
- Updated CSS for `.calendar-event-hint-rows` and `.calendar-event-hint-row` to enhance layout using table display properties for better alignment.
- Adjusted JavaScript in `hints.js` to modify the separator between time and name in duty marker hints, improving visual clarity.
- Ensured consistent styling and spacing for better readability of duty hints in the calendar.
- Updated CSS for `.day` and `.access-denied` to improve layout and visual consistency.
- Introduced a new function `dutyOverlapsLocalRange` in `dateUtils.js` to check duty overlaps within a specified date range.
- Refactored `dutyItemHtml` in `dutyList.js` to utilize `formatTimeLocal` for time formatting, enhancing readability.
- Added utility functions in `hints.js` for parsing duty marker data and building time prefixes, streamlining hint rendering logic.
- Improved the `showAccessDenied` function in `ui.js` to display detailed server messages when access is denied.
- Deleted the `app.js` file and migrated its functionality to a modular structure with multiple JavaScript files for better organization and maintainability.
- Updated `index.html` to reference the new `main.js` module, ensuring proper loading of the application.
- Introduced new utility modules for API requests, authentication, calendar handling, and DOM manipulation to enhance code clarity and separation of concerns.
- Enhanced CSS styles for improved layout and theming consistency across the application.
- Added comprehensive comments and documentation to new modules to facilitate future development and understanding.
- Introduced a new function `getDutyMarkerHintHtml` to generate HTML for duty hints, improving the display of duty times and names.
- Updated the CSS for `.calendar-event-hint` to enhance layout and styling, ensuring better visual alignment and readability.
- Adjusted the handling of duty items to include non-breaking spaces for improved formatting of time displays.
- Removed deprecated CSS rules related to sticky elements to streamline styles and improve maintainability.
- Refactored the `docker-build.yml` workflow to improve clarity and maintainability.
- Ensured the workflow correctly handles Docker image building and pushing to the Gitea Container Registry upon version tag pushes.
- Enhanced the release step to generate release notes based on previous tags, improving release documentation.
- Created a new `CONTRIBUTING.md` file outlining development setup, testing, and commit message conventions.
- Updated `README.md` to clarify environment variable usage, including new variables for HTTP port, CORS origins, and duty display timezone.
- Enhanced documentation for bot commands and API endpoints to improve user understanding and onboarding.
- Added example configurations in `.env.example` for better clarity on optional settings.
- Updated the logging statement in `get_authenticated_username` to include the normalized phone number when access is denied, improving traceability.
- Introduced a new variable `failed_phone` to store the normalized phone number for better debugging and error reporting.
- Ensured that the logging format reflects the additional information for enhanced clarity during authentication failures.
- Added functionality to normalize phone numbers for comparison, ensuring only digits are stored and checked.
- Updated configuration to include optional phone number allowlists for users and admins in the environment settings.
- Enhanced authentication logic to allow access based on normalized phone numbers, in addition to usernames.
- Introduced new helper functions for parsing and validating phone numbers, improving code organization and maintainability.
- Added unit tests to validate phone normalization and access control based on phone numbers.
- Changed the dark theme background color in `app.js` for improved aesthetics.
- Added new CSS variables for dark theme elements in `style.css`, enhancing visual consistency and user experience.
- Updated styling for various components in dark mode, including duty markers and calendar sticky behavior, to align with the new theme parameters.
- Updated the HTML structure for duty timeline rows to include a date cell with a visual track, improving the layout and user experience.
- Modified CSS to define new variables for timeline date and track widths, enhancing flexibility in styling.
- Improved the styling of duty timeline elements, including today’s duties, to provide clearer visual cues and better alignment.
- Ensured consistent display of date labels and added visual enhancements for better accessibility and readability.
- Introduced a new i18n module for managing translations and language normalization, supporting both Russian and English.
- Updated various handlers and services to utilize the new translation functions for user-facing messages, improving user experience based on language preferences.
- Enhanced error handling and response messages to be language-aware, ensuring appropriate feedback is provided to users in their preferred language.
- Added tests for the i18n module to validate language detection and translation functionality.
- Updated the example environment file to include a default language configuration.
- Introduced a new function `applyThemeParamsToCss` to map Telegram theme parameters to CSS variables, improving theme customization.
- Updated the `applyTheme` function to utilize the new theme parameters and set background/header colors accordingly.
- Added a favicon to the project by linking `favicon.png` in `index.html`.
- Modified CSS for the light theme to use CSS variables for better flexibility and maintainability.
- Enhanced styling for light theme elements, including container borders and calendar sticky behavior.
- Modified the CI configuration in `ci.yml` to change the linting command from checking the entire `src` directory to specifically targeting the `duty_teller` package and `tests`.
- This change enhances the accuracy of linting by focusing on relevant code areas, improving code quality checks during the CI process.
- Introduced a CI workflow in `ci.yml` to automate linting, testing, and security checks using Ruff and Bandit.
- Added a Docker build and release workflow in `docker-build.yml` to automate image building and pushing to the Gitea Container Registry upon version tag pushes.
- Configured steps for checking out code, setting up Python, installing dependencies, and generating release notes.
- Enhanced project automation and deployment processes, improving overall development efficiency.
- Removed the `alembic.ini` file and migrated its configuration to `pyproject.toml` under `[tool.alembic]`, enhancing project organization.
- Updated the `Dockerfile` to copy `pyproject.toml` instead of `alembic.ini`, ensuring the new configuration is utilized during the build process.
- Modified `entrypoint.sh` to use the new Alembic configuration from `pyproject.toml` for database migrations.
- Updated README documentation to reflect the new Alembic configuration and usage instructions.
- Updated `.dockerignore` to exclude test and development artifacts, optimizing the Docker image size.
- Refactored `main.py` to delegate execution to `duty_teller.run.main()`, simplifying the entry point.
- Introduced a new `duty_teller` package to encapsulate core functionality, improving modularity and organization.
- Enhanced `pyproject.toml` to define a script for running the application, streamlining the execution process.
- Updated README documentation to reflect changes in project structure and usage instructions.
- Improved Alembic environment configuration to utilize the new package structure for database migrations.
- Introduced a new configuration file `.cursorrules` to define coding standards, error handling, testing requirements, and project-specific guidelines.
- Refactored `config.py` to implement a `Settings` dataclass for better management of environment variables, improving testability and maintainability.
- Updated the import duty schedule handler to utilize session management with `session_scope`, ensuring proper database session handling.
- Enhanced the import service to streamline the duty schedule import process, improving code organization and readability.
- Added new service layer functions to encapsulate business logic related to group duty pinning and duty schedule imports.
- Updated README documentation to reflect the new configuration structure and improved import functionality.
- Introduced a new function `get_authenticated_username` to centralize Mini App authentication logic, improving code readability and maintainability.
- Updated the duty fetching logic to map unknown event types to "duty" for consistent API responses.
- Enhanced the `get_duties` function to include duties starting on the last day of the specified date range.
- Improved session management in the database layer to ensure rollback on exceptions.
- Added tests to validate the new authentication flow and event type handling.
- Added functionality to pin duty messages in group chats, including scheduling updates and handling bot add/remove events.
- Introduced a new `GroupDutyPin` model to store pinned message details and a `phone` field in the `User` model for user contact information.
- Implemented commands for users to set or clear their phone numbers in private chats.
- Enhanced the repository with functions to manage group duty pins and user phone data.
- Updated handlers to register new commands and manage duty pin updates effectively.
- Added functions to check if duties overlap with the local day and format dates for display.
- Enhanced the rendering of the duty list to highlight today's duties, including a current duty indicator.
- Introduced a refresh mechanism for today's duties to ensure real-time updates in the calendar view.
- Improved HTML structure for duty items to enhance visual presentation and user interaction.
