- ServicesController::provision(): JWT usa user_id (standard requireAuth)
- simulate-nis2.php: classifyOrg null-safe per entity_type
- simulate-nis2.php: completeOnboarding usa PUT /organizations/{id}
invece di /onboarding/complete (evita 409 quando org già esiste)
- simulate-nis2.php: supplier.critical rimosso da $supDef (was extra field)
- EmailService: rimosso sent_at (non in email_log schema)
- WebhookService: status ?? 'detected' (null-safe)
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
- ServicesController::provision(): INSERT users usa full_name/is_active (non first_name/last_name/status)
- ServicesController::ssoLogin(): stesso fix per SSO user creation
- simulate-nis2::ensureUser(): registration payload usa full_name (non first_name+last_name)
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
AuthController:
- register() accetta `role` diretto (compliance_manager, org_admin, auditor, board_member, consultant)
- Aggiunto validateInvite() → POST /api/auth/validate-invite (no auth)
OnboardingController:
- Aggiunto lookupPiva() → POST /api/onboarding/lookup-piva (no auth, rate limit 10/min)
usato da register.html per P.IVA lookup pre-login
Router (index.php):
- Aggiunto POST:validateInvite e POST:lookupPiva
api.js:
- register() invia sia `role` che `user_type` per retrocompatibilità
simulate-nis2.php:
- SIM-06: B2B provisioning via X-Provision-Secret → org + JWT + API Key
- Filtro NIS2_SIM=SIM06 via goto per skip SIM-01→05 indipendenti
- readEnvValue() helper per leggere PROVISION_SECRET da .env
register.html:
- lookupPiva usa /onboarding/lookup-piva (endpoint pubblico)
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Database non ha metodo execute() — corretto in:
InviteController, ServicesController, WebhookController,
NormativeController, WhistleblowingController.
Causa del HTTP 500 su tutti gli endpoint /api/invites/*.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
ServicesController:
- POST /api/services/token: lg231 invia API key → riceve JWT 15min
- POST /api/services/sso: SSO federato con identità utente + responsabilità
→ crea/trova utente NIS2 + emette JWT 2h con ruolo e responsibilities
- Audit trail: ogni chiamata esterna autenticata loggata (api.external_call)
- SSO login loggato come auth.sso_login severity=warning con responsabilità
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
- Tutti i riferimenti nis2.certisource.it → nis2.agile.software
- Apache vhost HTTP nis2.agile.software attivo su Hetzner
- Script setup-nis2-agile-software.sh: certbot SSL + redirect da vecchio dominio
- .env server: APP_URL aggiornato a https://nis2.agile.software
- CLAUDE.md, docs commerciali, integrazioni, API docs aggiornati
DNS da aggiungere in Cloudflare: nis2.agile.software A 135.181.149.254 (proxy OFF)
Poi eseguire: bash /opt/devenv/scripts/setup-nis2-agile-software.sh
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
1. Fix auto-fill visura: mapping corretto suggested_sector e employees_range,
indicatori visivi verdi sui campi auto-compilati, fatturato sempre manuale
2. Adesione volontaria: colonna voluntary_compliance, checkbox in onboarding
step 5 quando not_applicable, toggle in settings, reset su ri-classificazione
3. Modulo NCR/CAPA: NonConformityController con 10 endpoint API,
tabelle non_conformities + capa_actions, generazione NCR dai gap assessment,
predisposizione integrazione SistemiG.agile (webhook + sync)
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
- New 5-step onboarding wizard (onboarding.html) replacing setup-org.html
- Step 1: Choose data source (Upload Visura / CertiSource / Manual)
- Step 2: PDF upload with AI extraction or CertiSource P.IVA lookup
- Step 3: Verify/complete company data with NIS2 sector mapping
- Step 4: User profile completion
- Step 5: NIS2 classification (Essential/Important) with summary
- OnboardingController with upload-visura, fetch-company, complete endpoints
- VisuraService with Claude AI PDF extraction and ATECO-to-NIS2 mapping
- CertiSource API integration for automatic company data retrieval
- Updated login/register redirects to point to new onboarding wizard
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
- Add Authorization header passthrough in .htaccess for PHP-FPM
- Remove invalid 'severity' column query from DashboardController
- Add landing page (index.html) with feature overview
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
