- Add public organizers list page (/organisateurs) with neo-brutalist card grid, social icons, and logo display
- Add organizer detail page (/organisateur/{id}-{slug}) with company info, SIRET, email, address, social links, and events placeholder
- Add slug-based URLs with 301 redirect on wrong slug, getSlug() method on User entity
- Add "Voir les evenements" button on organizer cards linking to detail page
- Add JSON-LD BreadcrumbList to all 17 pages that were missing breadcrumbs (login, forgot_password, register_success, email_verified, legal/*, attestation/*, account/*)
- Add Open Graph meta tags (og:title, og:description, og:image, og:type, og:locale, og:site_name) in base.html.twig with automatic inheritance from title/description blocks
- Add og:image with organizer logo on detail page
- Update sitemap: add /organisateurs to sitemap-main, generate organizer detail URLs in sitemap-orgas with logo images
- Update navbar to highlight "Organisateurs" on detail pages
- Redesign homepage with hero section, marquee, stats counters, how-it-works, and CTA sections
- Add Tailwind v4 @source "../templates" directive to app.scss and admin.scss
- Migrate Flysystem from S3 to local storage (uploads/events, uploads/logos)
- Update Liip Imagine config with FormatExtensionResolver for webp conversion
- Add User entity social fields (website, facebook, instagram, twitter, tiktok), logo upload (Vich), __serialize/__unserialize for session safety
- Add account page settings tab with profile, logo upload, and social media for organizers
- Add Stripe Connect status display and sub-account management in account page
- Delete WebpExtensionSubscriber (replaced by FormatExtensionResolver)
- Add migration for social fields and logo columns
- Add deploy.yml chmod tasks for uploads directories
- Add HomeController tests (detail success, wrong slug redirect, 404 cases)
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Tests (16 total):
- Valid/invalid signature
- v2.core.account.created/updated/closed status updates
- Account status with unknown user and missing related_object
- Merchant capability card_payments active
- Recipient capability payouts active
- Both capabilities active sets status to 'active'
- Capability update with unknown user
- Payout created with email notification
- Payout paid with PDF attachment
- Payout updated on existing payout
- Payout with missing payout ID
- Payout with unknown user (no organizer found)
Fix: skip payout creation when organizer not found instead of persisting
with null organizer_id (NOT NULL constraint)
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
- Test create sub-account denied for non-organizer (redirect)
- Test edit/submit/delete sub-account denied for wrong organizer (403)
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
- Add @codeCoverageIgnore to Stripe API methods in AccountController
- Add @codeCoverageIgnore to PayoutPdfService generate/generateToFile
- Add title tag and role=presentation to PDF attestation tables
- Fix DejaVu Sans font in PDF template
- Add 4 sub-account tests: create with email, edit page, edit submit, delete
- Fix duplicate PHPDoc in AccountControllerTest
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Payout system:
- Create Payout entity (stripePayoutId, status, amount, currency, destination, arrivalDate)
- Webhook handles payout.created/updated/paid/failed/canceled with email notification
- Payout list in /mon-compte virements tab with status badges
- PDF attestation on paid payouts with email attachment
PDF attestation:
- dompdf with DejaVu Sans font, yellow-orange gradient background
- Orange centered title bar, E-Cosplay logo, emitter/beneficiary info blocks
- QR code linking to /attestation/check/{payoutId} for authenticity verification
- Public verification page: shows payout details if valid, error if altered
- Legal disclaimer and CGV reference
- Button visible only when status is paid, opens in new tab
Sub-accounts:
- Add parentOrganizer (self-referencing ManyToOne) and subAccountPermissions (JSON) to User
- Permissions: scanner (validate tickets), events (CRUD), tickets (free invitations)
- Create sub-account with random password, send email with credentials
- Edit page with name/email/permissions checkboxes
- Delete with confirmation
- hasPermission() helper method
Account improvements:
- Block entire page for unapproved organizers with validation pending message
- Display stripeStatus in Stripe Connect banners
- Remove test payout button
Webhook v2 Connect events:
- v2.core.account.created/updated/closed → update stripeStatus
- capability_status_updated → sync charges/payouts enabled from capabilities
- PayoutPdfService for reusable PDF generation
Migrations: stripeStatus, Payout table, sub-account fields, drop pdfPath
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
- Add thead headers to all tables in siret_check.html.twig
- Add @codeCoverageIgnore to Stripe API methods (syncWebhook, createAccountConnect, createAccountLink, getClient)
- Remove redundant false check in saveWebhookSecret, use string cast
- Remove redundant false check in getNafLabel, use string cast
- Add meaningful comments to catch blocks in SiretService
- Fix StripeWebhookControllerTest: use Event::constructFrom and fresh EntityManager
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
- Add stripeChargesEnabled and stripePayoutsEnabled fields to User entity + migration
- Handle account.updated webhook: sync charges_enabled and payouts_enabled from Stripe
- Add createAccountConnect() and createAccountLink() to StripeService
- Update organizer approved email with Stripe verification notice
- Tests: webhook account.updated with flags, unknown account, User stripe fields
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
- Create StripeService: webhook sync, signature verification, save secret to .env.local
- Create StripeWebhookController with signature verification (400 on invalid)
- Create stripe:sync command to auto-create webhook endpoint via Stripe API
- Webhook listens to all events (configurable later)
- Save webhook secret automatically to .env.local on creation
- Add stripeAccountId field to User entity for Stripe Connect + migration
- Tests: StripeServiceTest (5), StripeWebhookControllerTest (2), StripeSyncCommandTest (1), UserTest updated
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
VichUploader organizer logo:
- Add organizer_logo mapping with local Flysystem storage
- Add logoFile, logoName, updatedAt fields to User entity
- Use Vich Attribute (not deprecated Annotation)
- Add migration for logo_name and updated_at columns
Meilisearch organizer search:
- Add search bar on /admin/organisateurs page (hides tabs during search)
- Index organizers in Meilisearch on approval
- Sync button on dashboard now syncs both buyers and organizers
- Add tests: search query, search error
Liip Imagine webp:
- Add format filter to all filter_sets for explicit webp conversion
- Add organizer_logo filter_set (400x400, webp)
- Create WebpExtensionSubscriber to rewrite image URLs to .webp extension
- 8 tests for subscriber (png, jpg, jpeg, gif, webp passthrough, case insensitive, null)
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
- Create appuser (UID 1000) in dev and prod Dockerfiles
- Set USER appuser to avoid running as root
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
- Add --no-install-recommends to both dev and prod Dockerfiles (DL3015)
- Add .hadolint.yaml to ignore DL3008 (pin versions)
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
- Add sonar.dependencyCheck.jsonReportPath and htmlReportPath to sonar-project.properties
- Add Dependency-Check action scanning composer.lock and package.json
- Generate JSON and HTML reports for SonarQube analysis
- Add to ci.yml sonarqube job and sonarqube.yml workflow
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
- Add sonar.eslint.reportPaths and sonar.docker.hadolint.reportPaths
- Generate ESLint JSON report in CI frontend and sonarqube jobs
- Generate Hadolint JSON reports for dev and prod Dockerfiles
- Add reports to ci.yml and sonarqube.yml workflows
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
- Add sonar.php.phpstan.reportPaths to sonar-project.properties
- Generate phpstan-report.json in CI php job, sonarqube job, and sonarqube.yml workflow
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
- Add admin.test.js with 3 tests: confirm cancel, confirm accept, no data-confirm
- Update CLAUDE.md: coverage rule includes PHP and JS
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Admin panel (/admin, ROLE_ROOT):
- Dashboard with CA HT Global/Commission cards and Meilisearch sync button
- Buyers page with search (Meilisearch), create form, pagination (KnpPaginator)
- Buyer actions: resend verification, force verify, reset password, delete
- Organizers page with tabs (pending/approved), approve/reject with emails
- Neo-brutalist design matching main site theme
- Vite admin entry point with dedicated SCSS
- CSP-compatible confirm dialogs via data-confirm attributes
Meilisearch integration:
- Auto-index buyers on email verification
- Remove from index on buyer deletion
- Manual sync button on dashboard
- Search bar on buyers page
- Add Meilisearch service to CI/SonarQube workflows
- Add MEILISEARCH env vars to .env.test
- Fix MeilisearchMessageHandler infinite loop: use request() directly instead
of service methods that re-dispatch messages
Email templates:
- Redesign base email template to neo-brutalist style (borders, shadows, yellow footer)
- Add E-Cosplay logo, "E-Ticket solution proposee par e-cosplay.fr"
- Add admin_reset_password, organizer_approved, organizer_rejected templates
Other:
- Install knplabs/knp-paginator-bundle
- Add ^/admin access_control for ROLE_ROOT in security.yaml
- Update site footer with E-Ticket branding
- 18 admin tests, updated MeilisearchMessageHandler tests
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
- Add isVerified, emailVerificationToken, emailVerifiedAt fields to User entity
- Send verification email on registration with token link
- Add /verification-email/{token} route to confirm email
- Send notification emails to organizer and staff on organizer email verification
- Add isApproved and offer fields to User entity for organizer approval workflow
- Auto-verify and auto-approve SSO Keycloak users with offer='custom'
- Add resetCode and resetCodeExpiresAt fields to User entity
- Create ForgotPasswordController with 2-step flow (email -> code + new password)
- Block forgot password for SSO users (no local password)
- Add "Mot de passe oublie" link on login page
- Create email templates: verification, reset_code, organizer_pending, organizer_request
- Add migrations for all new fields
- Add tests: ForgotPasswordControllerTest (9 tests), update RegistrationControllerTest,
update UserTest with verification, approval, offer, and reset code fields
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
- Add testRegistrationAsOrganizer to RegistrationControllerTest
- Add testOrganizerFields and testOrganizerFieldsDefaultToNull to UserTest
- Add testing rules to CLAUDE.md: always create tests, run after changes, 100% coverage
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
- Add organizer fields to User entity: companyName, siret, address, postalCode, city, phone
- Update RegistrationController to handle buyer and organizer registration types
- Create register template with tab selector (acheteur/organisateur)
- Organizer registration assigns ROLE_ORGANIZER
- Add migration for new User fields
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
- Fix OAuthController: add missing second parameter to redirect()
- Fix KeycloakAuthenticator: get email from toArray() instead of getEmail()
- Fix KeycloakAuthenticator: type-hint session for getFlashBag() access
- Fix import order in KeycloakAuthenticatorTest
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
- Add KeycloakAuthenticatorTest: supports, success/failure redirects, user creation,
email linking, user update, /superadmin group to ROLE_ROOT mapping, unknown groups
- Add OAuthControllerTest: SSO login redirects to Keycloak, SSO logout redirects to home
- Add SSO button presence test to SecurityControllerTest
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
- Install knpuniversity/oauth2-client-bundle and stevenmaguire/oauth2-keycloak
- Register KnpUOAuth2ClientBundle in bundles.php
- Configure Keycloak OIDC client (realm e-cosplay, auth.esy-web.dev)
- Add keycloakId field to User entity with migration
- Create KeycloakAuthenticator with group-to-role mapping (/superadmin -> ROLE_ROOT)
- Create OAuthController with SSO routes (/connection/sso/login, logout, check)
- Add custom_authenticator to security firewall with form_login entry point
- Add auth.esy-web.dev to nelmio external_redirects whitelist and CSP form-action
- Add SSO button and error flash messages to login page
- Make navbar active state dynamic based on current route (desktop + mobile)
- Add Keycloak env vars to .env, .env.local, and ansible/env.local.j2
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
- Create ContactController with GET/POST handling and MailerService integration
- Create contact page template with name, surname, email, message form
- Create dedicated email template for contact messages
- Update navbar links (desktop + mobile) to point to /contact route
- Add ContactControllerTest with 5 tests covering form submission and validation
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
- Add Node.js and Bun setup steps to the sonarqube job
- Install JS dependencies and run bun test:coverage before SonarQube scan
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
- Add `make run_test` command to run PHP and JS tests via Docker dev
- Remove unused `$page` parameter from SitemapController::getEventUrls() and getOrgaUrls()
- Add AccountControllerTest with auth redirect and authenticated access tests
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
- Extract mobile-menu.js and tabs.js from app.js
- Add Vitest tests with happy-dom and v8 coverage (100% on modules)
- Add JS test step to CI frontend and SonarQube workflows
- SonarQube: add JS lcov coverage report path
- SitemapController: extract URLSET_TEMPLATE constant, deduplicate methods
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
