Enhanced Mail Import Setup documentation with additional security measures:
- Step 1.3: Start with Mail.Read only (read-only) for initial testing
- Step 1.4 (NEW): Restrict access to one mailbox via Application Access Policy
- Exchange PowerShell commands to create and test policy
- Ensures app can only access backup mailbox, not all tenant mailboxes
- Marked as "Optional but Recommended" following principle of least privilege
- Step 1.5: Add Mail.ReadWrite after testing (moved from 1.3)
- Updated Security Best Practices section to emphasize mailbox restriction
- Added security notes about starting read-only and rotating secrets (12 months)
Based on setup documented in /docker/develop/HOWTO-CREATE-GRAPH-APP.md
Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
Added comprehensive documentation for the Mail & Import section:
- Mail Import Setup: Microsoft Graph API configuration, Azure AD app registration,
folder setup, troubleshooting, and security best practices
- Inbox Management: Email review workflow, approval process, re-parsing,
deletion, and common workflows
- Mail Parsing: Parser system explanation, supported backup software,
match criteria, execution order, and troubleshooting
- Auto-Import Configuration: Automatic import scheduling, intervals, batch sizes,
auto-approval logic, manual import, and monitoring
Updated TODO-documentation.md to reflect progress (14 of 33 pages, 42% complete)
Updated changelog-claude.md with detailed content descriptions
Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
Added comprehensive documentation for customer and job management:
- Managing Customers:
- Customer creation with contact information
- Editing customer details
- Active/inactive status and impact on job visibility
- Autotask company mapping workflow with auto-search
- CSV export/import for backup and migration
- Delete operations with warnings
- Job count indicators (red/bold when zero)
- Configuring Jobs:
- Inbox-based approval workflow (cannot manually create jobs)
- Mail Parser automatic configuration of all job fields
- Reparse All functionality for batch processing
- Job archiving vs deletion
- Job lifecycle stages
- Common questions and limitations
- Approved Jobs:
- Jobs list overview with status indicators
- Job detail page information
- Editable vs parser-determined fields
- Archive/unarchive workflow
- JSON export/import via Settings > Maintenance
- Status indicators (success/failed/warning/no runs)
- Job Schedules:
- Automatic schedule learning from historical runs
- Schedule types (daily/weekly/monthly/irregular)
- Minimum data requirements (3-5 runs)
- Daily Jobs integration and expected run detection
- Schedule accuracy scenarios
- Troubleshooting schedule issues
All pages include tables, callouts, cross-references, and practical examples.
Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
- Updated page description: only password change available in User Settings
- Added screenshot reference for user-settings.png
- Clarified theme selector location: navigation bar (between username and logout)
- Clarified role selector location: navigation bar (not in settings page)
- Simplified profile information: username and assigned roles (read-only)
- Removed non-existent Notification Preferences section
- Removed Session Information section (not displayed)
- Enhanced troubleshooting section with specific password change issues
- Maintained Data Privacy and Password sections
Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
- Created documentation blueprint (doc_bp) with routes and navigation
- Added documentation menu item (📖) to navbar for all users
- Implemented hierarchical navigation with 9 sections, 33 pages
- Created base layout with sidebar, breadcrumb, and prev/next navigation
- Added documentation.css with dark mode support
- Created first 3 getting-started pages (what-is-backupchecks, first-login, quick-start)
- Updated changelog
Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
This commit completes the audit logging expansion by adding comprehensive
logging for critical system operations:
- Settings: Log changes to General, Mail, and Autotask settings with
before/after values (passwords excluded for security)
- Exports: Log customer and jobs exports with format and record counts
- Imports: Log customer and jobs imports with operation statistics
Also updated UI to reflect "System Audit Log" nomenclature instead of
"Admin activity" for better semantic clarity.
All audit events use structured event_type identifiers and JSON details
for easy filtering and analysis.
Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
Extended both customer and jobs export/import to preserve Autotask
company mappings during data migration and system reset workflows.
Changes:
- Customer export (CSV): Added autotask_company_id and autotask_company_name columns
- Customer import (CSV): Reads and applies Autotask mapping fields, resets sync status
- Jobs export (JSON): Includes Autotask fields in customers array
- Jobs import (JSON): Processes customers array with Autotask mappings before jobs
- Backwards compatible: Old exports without Autotask fields continue to work
- Import feedback: Shows both created and updated customer counts
Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
Added "Open in Autotask" button next to ticket number in Run Checks modal
for quick navigation to the ticket in Autotask PSA.
Changes:
- Enhanced renderAutotaskInfo() function in run_checks.html
- Button appears only when autotask_ticket_id exists
- Opens in new tab with proper Autotask URL format
- Styled as small outline button for compact layout
- URL format: https://ww19.autotask.net/Mvc/ServiceDesk/TicketDetail.mvc?workspace=False&ids[0]={id}&ticketId={id}
Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
Added comprehensive breakdown of the Sandbox environment indicator feature
including all modified components (database, backend, frontend, CSS) with
specific technical details for better documentation and understanding.
Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
This commit adds a new setting that displays a visual "SANDBOX" banner
when the environment is marked as development or sandbox.
Changes:
- Add is_sandbox_environment boolean column to SystemSettings model
- Add database migration for automatic schema update
- Add Environment section in Settings > General with toggle switch
- Create sandbox.css with diagonal banner styling (non-interactive)
- Inject system_settings into all template contexts
- Add sandbox banner to base.html layout
- Update changelog with feature description
The banner appears as a red diagonal ribbon in the top-left corner and
uses pointer-events: none to remain non-interactive while keeping
underlying elements clickable.
Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
Added ellipsis-field class to both "Overall remark" and "Remark" fields in
the Run Checks modal. This prevents long text from pushing action buttons
(like Autotask ticket creation) out of view. Users can click the field to
expand/collapse the full text.
Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
The button in the "Link existing Autotask ticket" modal performed a search
operation but was labeled "Refresh", which was confusing. Renamed to "Search"
to accurately reflect its functionality.
Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
Fixed bug where unchecked automatic mail import checkbox was not
processed by the backend, preventing users from disabling the
automatic import after enabling it.
Root cause: HTML forms do not send unchecked checkbox values. The
existing check `if "auto_import_enabled" in request.form` would skip
updating the setting when the checkbox was unchecked.
Solution: Added import_form_touched flag to detect when the import
settings form is submitted, then update the checkbox value based on
presence (checked) or absence (unchecked) in form data.
Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
Added automatic search for similar company names when opening unmapped
customers in the edit modal. This speeds up the mapping process by
eliminating manual searches.
Changes:
- Clear search box when opening customer edit modal
- Auto-populate search with customer name for unmapped customers
- Automatically display matching Autotask companies as suggestions
- Refactor search logic into reusable performAutotaskSearch() function
Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
Fixed issue where the search input retained previous search text when
reopening the Link existing modal. The search box now always starts
empty for a better user experience.
Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
The "Link existing ticket" dialog now searches across all companies when
a ticket number is entered, enabling linking of overarching issues.
Changes:
- Added query_tickets_by_number() to Autotask client
- Route searches both customer's company and cross-company when ticket number detected
- Results are combined and deduplicated (customer tickets shown first)
- Enables linking multi-company infrastructure issues to any job
Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
The resolve confirmation dialog and ticket notes now correctly indicate
whether the ticket will be closed or remain open based on time entry check.
Changes:
- Frontend: Updated confirmation message to explain conditional closure
- Backend: Check time entries before creating note
- Dynamic message in ticket note:
* "ticket will be closed in Autotask" (no time entries)
* "ticket remains open in Autotask due to existing time entries" (has time entries)
- Updated route docstring to reflect conditional status behaviour
Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
Implements API contract section 9: ticket resolution workflow with
conditional status updates based on time entry existence.
- Added query_time_entries_by_ticket_id() for POST /TimeEntries/query
- update_ticket_resolution_safe() now checks time entries:
* No time entries: sets status to 5 (Complete)
* Has time entries: keeps current status (ticket remains open)
This ensures tickets are only auto-closed when appropriate per the
validated Autotask API workflow.
Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
The issueType, subIssueType, and source fields must be sent in the PUT
payload with their exact values from GET response, including null. This
fixes HTTP 500 error where Autotask rejected picklist value 0.
Changed _pick function to return (found, value) tuple to distinguish
between "field missing" and "field is null".
Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
Restored from branch v20260203-13-autotask-resolution-item-wrapper with
the following functionality:
- Autotask REST API client with support for tickets, notes, companies,
and reference data (queues, sources, priorities, statuses)
- Safe ticket updates preserving stabilizing fields per API contract
- Database models for Autotask settings, customer mapping, and ticket linkage
- Settings UI for Autotask configuration with connection test
- Run Checks integration for ticket creation
- Customers page with Autotask company mapping
- Ticket linking during mail import
Also preserved the require_daily_dashboard_visit setting from the
current branch.
Added docs/autotask_rest_api.md with validated API contract from Postman tests.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Added a new setting in Settings > General > Navigation that allows
administrators to control whether users are redirected to the dashboard
on their first page view each day.
Changes:
- Added require_daily_dashboard_visit column to SystemSettings model
- Added migration for the new column (default: FALSE)
- Modified before_request hook to check the setting before redirecting
- Added Navigation card with toggle in Settings General page
- Restored changelog-claude.md with performance and feature updates
Default is OFF - users can navigate directly to any page without
being forced to visit the dashboard first.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
