fix(perfexcrm module): align version to 3.0.1, unify entrypoint, and harden routes/views

- Bump DESK_MOLONI version to 3.0.1 across module - Normalize hooks to after_client_* and instantiate PerfexHooks safely - Fix OAuthController view path and API client class name - Add missing admin views for webhook config/logs; adjust view loading - Harden client portal routes and admin routes mapping - Make Dashboard/Logs/Queue tolerant to optional model methods - Align log details query with existing schema; avoid broken joins This makes the module operational in Perfex (admin + client), reduces 404s, and avoids fatal errors due to inconsistent tables/methods.
2025-09-11 17:38:45 +01:00
parent 5e5102db73
commit c19f6fd9ee
193 changed files with 59298 additions and 638 deletions
--- a/modules/desk_moloni/config/client_portal_routes.php
+++ b/modules/desk_moloni/config/client_portal_routes.php
@@ -0,0 +1,151 @@
+<?php
+
+defined('BASEPATH') or exit('No direct script access allowed');
+
+/**
+ * Client Portal Routes Configuration
+ * Defines routing for client-facing document portal API
+ * 
+ * @package    Desk-Moloni
+ * @version    3.0.0
+ * @author     Descomplicar Business Solutions
+ */
+
+// Client Portal API Routes
+// Base URL: /clients/desk_moloni/
+
+$route['clients/desk_moloni/documents'] = 'desk_moloni/ClientPortalController/documents';
+$route['clients/desk_moloni/documents/(:num)'] = 'desk_moloni/ClientPortalController/document_details/$1';
+$route['clients/desk_moloni/documents/(:num)/download'] = 'desk_moloni/ClientPortalController/download_document/$1';
+$route['clients/desk_moloni/documents/(:num)/view'] = 'desk_moloni/ClientPortalController/view_document/$1';
+$route['clients/desk_moloni/dashboard'] = 'desk_moloni/ClientPortalController/dashboard';
+$route['clients/desk_moloni/notifications'] = 'desk_moloni/ClientPortalController/notifications';
+$route['clients/desk_moloni/notifications/(:num)/mark_read'] = 'desk_moloni/ClientPortalController/mark_notification_read/$1';
+
+// Additional utility routes
+$route['clients/desk_moloni/health'] = 'desk_moloni/ClientPortalController/health_check';
+$route['clients/desk_moloni/status'] = 'desk_moloni/ClientPortalController/status';
+
+/**
+ * Route middleware configuration
+ * These would be applied by the main application routing system
+ */
+$client_portal_middleware = [
+    'auth' => 'client_authentication', // Ensure client is logged in
+    'rate_limit' => 'client_rate_limiting', // Apply rate limiting
+    'cors' => 'cors_headers', // Add CORS headers for API
+    'security' => 'security_headers' // Add security headers
+];
+
+/**
+ * API versioning support
+ * Future versions can be added here
+ */
+$api_versions = [
+    'v1' => [
+        'base_path' => 'clients/desk_moloni/',
+        'controller' => 'ClientPortalController',
+        'version' => '3.0.0'
+    ]
+];
+
+/**
+ * Rate limiting configuration
+ * Different limits for different endpoints
+ */
+$rate_limits = [
+    'documents' => [
+        'window' => 60, // 1 minute
+        'max_requests' => 100
+    ],
+    'document_details' => [
+        'window' => 30, // 30 seconds
+        'max_requests' => 50
+    ],
+    'document_download' => [
+        'window' => 10, // 10 seconds
+        'max_requests' => 20
+    ],
+    'document_view' => [
+        'window' => 30, // 30 seconds
+        'max_requests' => 100
+    ],
+    'dashboard' => [
+        'window' => 60, // 1 minute
+        'max_requests' => 200
+    ],
+    'notifications' => [
+        'window' => 60, // 1 minute
+        'max_requests' => 100
+    ],
+    'mark_notification' => [
+        'window' => 30, // 30 seconds
+        'max_requests' => 50
+    ]
+];
+
+/**
+ * Security configuration
+ */
+$security_config = [
+    'require_https' => true, // Require HTTPS in production
+    'csrf_protection' => false, // CSRF not needed for API endpoints
+    'xss_protection' => true, // Enable XSS protection
+    'content_type_validation' => true, // Validate content types
+    'max_request_size' => '10MB', // Maximum request size
+    'allowed_origins' => [
+        'same-origin' // Only allow same-origin requests by default
+    ]
+];
+
+/**
+ * Cache configuration
+ */
+$cache_config = [
+    'documents_list' => [
+        'ttl' => 300, // 5 minutes
+        'tags' => ['client_documents', 'api_cache']
+    ],
+    'document_details' => [
+        'ttl' => 600, // 10 minutes
+        'tags' => ['document_details', 'api_cache']
+    ],
+    'dashboard' => [
+        'ttl' => 1800, // 30 minutes
+        'tags' => ['dashboard_data', 'api_cache']
+    ]
+];
+
+/**
+ * Logging configuration
+ */
+$logging_config = [
+    'enabled' => true,
+    'log_level' => 'info', // info, warning, error
+    'include_request_data' => false, // Don't log sensitive request data
+    'include_response_data' => false, // Don't log response data
+    'retention_days' => 90, // Keep logs for 90 days
+    'anonymize_ip' => true // Anonymize IP addresses for privacy
+];
+
+/**
+ * Error handling configuration
+ */
+$error_config = [
+    'show_detailed_errors' => false, // Don't show detailed errors to clients
+    'error_reporting_email' => null, // Email for critical errors
+    'fallback_error_message' => 'An error occurred while processing your request.',
+    'maintenance_mode_message' => 'The document portal is temporarily unavailable for maintenance.'
+];
+
+/**
+ * Feature flags
+ */
+$feature_flags = [
+    'enable_pdf_preview' => true,
+    'enable_bulk_download' => false, // Future feature
+    'enable_document_sharing' => false, // Future feature
+    'enable_advanced_search' => true,
+    'enable_notifications' => true,
+    'enable_audit_logging' => true
+];