Commit Graph

8 Commits

Author SHA1 Message Date
GuavaPopper 1fcad7d9b2 feat: Plan 5 — Ekspor PDF + Ekspor per Radius + Cetak Laporan
- Add ExportController: allMiskinPDF (all data) + radiusMiskinPDF
  (server-side Haversine filtering per ibadah radius)
- Add two table-based PDF Blade views (dompdf-compatible, no flexbox/grid)
- Add export routes (/export/pdf, /export/pdf/radius/{id}/{radius})
  with numeric route constraints
- Add "Ekspor PDF" button to data tabular view
- Add CSV + PDF radius export buttons to map analysis panel;
  exportRadiusCSV() reuses existing isInside(); PDF href synced on
  ibadah click and radius slider change
- 5 new tests: access control, PDF content-type, 404 + param validation
- Mark K-04 and Section 5 (Cetak & Ekspor) complete in missing_features.md
- Update README with export features

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
2026-06-03 20:44:10 +07:00
GuavaPopper f855f7e027 feat: Plan 4 — Dashboard Statistik + Gap Analysis
- Add /dashboard route (all authenticated roles)
- Add dashboard view with Chart.js 4.4:
  - 4 stat cards (ibadah, miskin, jiwa, % terjangkau)
  - Donut chart: ibadah per jenis
  - Horizontal bar chart: miskin per kondisi rumah
  - Gap Analysis: Turf.js coverage computation, doughnut chart,
    per-ibadah coverage table sorted by KK count, uncovered family list
  - esc() helper applied to all user-data innerHTML
- Add Dashboard nav link to map, data, and admin views
- 5 new tests: unauthenticated redirect + all 4 roles can access
- Mark K-02 and K-03 complete in missing_features.md
- Update README with new page and feature section

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-06-03 14:19:37 +07:00
GuavaPopper c1c1fae93c fix: escape user-controlled fields in admin/users innerHTML to prevent stored XSS
u.name and u.email are stored user input and were interpolated raw into
tbody.innerHTML. Added esc() helper and applied to name, email, and role
display string.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-06-03 13:53:01 +07:00
GuavaPopper 8476c5d643 feat: Plan 3 — Manajemen Pengguna (Admin User Management)
- Add AdminUserController: CRUD users, assign role, reset password,
  self-delete guard (403 on own account)
- Add admin route group under role:administrator middleware
  (GET/POST/PUT/DELETE /api/admin/users, PUT /api/admin/users/{id}/password)
- Add resources/views/admin/users.blade.php: DaisyUI table + 4 modals
  (create, edit, reset password, delete confirm), stats grid, toast
- Add Admin nav link (administrator-only) to map and data navbars
- 9 new tests covering page access, API CRUD, self-delete guard, password reset
- Mark Plan 3 complete in missing_features.md; update README page list
- Save plan3 to docs/ for reference

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-06-03 13:51:08 +07:00
GuavaPopper 2e2b42f96b feat: Plan 2 — Form Edit Rumah Ibadah & Keluarga Miskin + Ownership
- Add user_id FK (nullable) to rumah_ibadah for ownership tracking
- IbadahController: set user_id on store; enforce ownership on update/destroy
- Add edit modals to map and data views (ibadah + miskin)
- Popup and table row Edit buttons with per-record ownership check
- 7 new tests covering ownership and full-field updates
- Fix ExampleTest for auth-protected routes
- Fix UserFactory missing email_verified_at column
- Mark Plan 2 complete in missing_features.md; update README

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-06-02 20:29:36 +07:00
GuavaPopper 5683cd3b0e feat: add auth navbar and role-aware UI to all views
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-06-02 19:34:17 +07:00
GuavaPopper f609c1efa7 feat: add custom login view with map background 2026-06-02 19:28:26 +07:00
GuavaPopper 6f108afdba Migrasi ke Laravel dan penambahan dokumentasi 2026-05-02 14:03:04 +07:00