- Create Attestation entity with reference, signature hash (HMAC-SHA256), event, user, payload
- Add migration Version20260326180000 for attestation table
- Save each attestation in DB with unique signature for tamper-proof verification
- Add public route /attestation/ventes/r/{reference} for QR code verification (short URL)
- Keep fallback /attestation/ventes/{hash} route for base64-signed verification
- Public page shows "Attestation conforme" with signature proof, no detailed data
- QR code on PDF now uses short reference URL instead of full base64 hash (scannable)
- Increase QR code resolution to 300px for better readability
- Display verification URL on PDF next to QR code
Attestation PDF improvements:
- Rename "ATTESTATION DE VENTES" to "ATTESTATION"
- Add two modes: "Attestation detaillee" (with ticket list) and "Attestation simple" (certification only)
- Simple mode: certifies figures are valid, only paid billets/votes confirmed by Stripe count
- Detailed mode: adds full ticket listing with reference, order number, billet name, buyer name
- No amounts displayed in either mode
- Gold color scheme (#fabf04) for headers, borders, table headers, summary box
- Larger text in QR verification box for readability
Scanner: ROLE_ROOT buyer tickets always validate at scan
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
- Add SSO login button to scanner PWA with Keycloak redirect flow via session state
- Add manual scan mode via security key (16 chars) alongside QR camera scan
- Add audio feedback: good (accepted), warning (already scanned), refused sounds
- Add unique scan counter per reference (no double counting same ticket)
- Add order details display in scan results (order number, email, total, items)
- Add force validation button for refused tickets (organizer/ROLE_ROOT only), sends email notification
- Add already_scanned warning only for same-day scans, exit_definitive only same day
- Staff and exposant tickets always validate regardless of state
API: ROLE_ROOT access to all events, categories, billets, and scan endpoints
- ROLE_ROOT bypasses ownership checks on all /api/live/* endpoints
- ROLE_ROOT can login via API (email/password and SSO)
- Scan API accepts securityKey parameter in addition to reference
- Scan response includes billetType, buyerEmail, and full order details with items
Event management: tickets tab, staff/exposant accreditations, attestation PDF
- Add Tickets tab listing all sold tickets with search, download PDF, resend email, cancel actions
- Add Staff/Exposant accreditation form in Invitations tab, generates dedicated non-buyable billet
- Add Attestation tab to generate sales certificate PDF with category/billet selection
- PDF billet template shows STAFF/EXPOSANT badge with distinct colors (black/purple)
- Exclude invitations from all financial stats (event stats, admin dashboard, organizer finances)
- Fix sold counts to exclude invitations in categories recap
- Use actual Stripe fee parameters instead of hardcoded values in commission calculations
- Add commission detail breakdown (E-Ticket + Stripe) in categories and stats tabs
Admin: download tickets for orders
- Add download button on admin orders page (single PDF or ZIP for multiple tickets)
Scanner PWA fixes: CSP (unpkg -> jsdelivr), service worker scope (/scanner/)
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Show charges/payouts acceptance status and Stripe connection state
when an admin views an organizer's event. Pass owner to template
and use it for Stripe checks instead of app.user.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
- Preview iframe: overflow-x-auto container instead of fixed overflow
- All public pages verified for 320px: flex-wrap, responsive breakpoints OK
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
- Calculate sold count and revenue per billet from paid orders
- Display 'Ventes par billet' card between KPIs and orders list
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
- Stats tab: "Voir" button on each order linking to public order page
- Invitations tab: "Renvoyer" button to resend invitation email
- New route app_account_event_resend_invitation
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
- Pass invitations from controller instead of Twig filter on paginator
- Email subject: "Votre invitation" for invitations, "Vos billets" for purchases
- Email content: different intro text for invitations
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
- Form sends items[] array with billet_id and quantity per line
- JS button to add more billet lines with remove button
- Controller iterates over items to create multiple BilletBuyerItems
- Same flow: all tickets generated with isInvitation=true
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
- New tab "Invitations" on event edit page
- Form: name, email, billet type, quantity
- Creates BilletBuyer with totalHT=0 (no payment), generates BilletOrders
with isInvitation=true, sends email with PDF tickets
- List of sent invitations below the form
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
- OrderIndexService: Meilisearch index order_event_{id} for order search
- Stats tab: 4 KPI cards (orders, tickets sold, CA HT, total percu)
- Orders list with KnpPaginator, search bar via Meilisearch
- Each order shows: number, status, date, buyer, items, total, payment
- Cancel order: sets status cancelled, invalidates all tickets
- Refund order: Stripe refund on connected account, sets status refunded,
invalidates all tickets
- Orders indexed in Meilisearch after payment
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
- Add isHidden field to Category entity with migration (DEFAULT false for existing rows)
- Add isHidden checkbox to edit category template and "Masquee" badge on category list
- Save isHidden in editCategory controller method
- Fix Category.isActive() indentation
- Create CategoryTest with full coverage (14 tests): defaults, setters, setEvent logic, isActive, isHidden
- Add category CRUD tests to AccountControllerTest: add/edit/delete/reorder categories with access control
- Add cookie-consent tests for dev env early return and Cloudflare tunnel script
- Exclude PayoutPdfService from phpunit coverage and SonarQube analysis
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
- Add /mon-compte/evenement/{id}/categorie/{categoryId}/modifier route (GET/POST)
- Create edit_category.html.twig with name and date fields
- Add edit button (pencil icon) on category list items
- Add sortable.js module: native HTML5 drag & drop with fetch reorder API
- Auto-correct endAt < startAt on category edit
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
- Add /evenements public page with Meilisearch search, KnpPaginator (12/page), event cards grid
- Add /evenement/{orgaSlug}/{id}-{eventSlug} public route with slug redirect
- Add Event::getSlug() method
- Update homepage stats with real event count
- Update organizer detail page to list their public events
- Update navbar: link Evenements to /evenements with active state
- Add copy URL button on edit event page (visible only when online)
- Add initCopyUrl() in app.js with clipboard API
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
- Left column: edit form (title, description, dates, address, image upload)
- Right column: sticky poster preview card with image or placeholder
- Top action bar: toggle online/offline, toggle secret/public, status badges
- Add routes: /mon-compte/evenement/{id}/en-ligne and /mon-compte/evenement/{id}/secret
- Remove is_online checkbox from form (replaced by dedicated toggle buttons)
- Meilisearch re-indexed on toggle actions
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
- Display events table sorted by startAt ASC with status (en ligne/hors ligne)
- Add KnpPaginator for events (10 per page)
- Add edit event page (/mon-compte/evenement/{id}/modifier) with all fields + isOnline toggle
- Add delete event route (/mon-compte/evenement/{id}/supprimer) with confirmation
- Add Modifier/Supprimer buttons in events table
- Move Stripe warning outside the card
- Fix test to use fresh EntityManager for event assertion
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
