Add batch video statistics retrieval method that fetches view counts,
like counts, and comment counts for up to 50 videos per request.
Includes unit tests covering normal operation, empty input, missing
statistics defaults, null API response, and error propagation.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Add youtube.upload and yt-analytics.readonly scopes to enable video
uploading and analytics data retrieval in the YouTube Operations Hub.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
POST /api/youtube/thumbnails/bulk (Super-Admin only)
Supports ?dryRun=true for preview. Downloads sequentially with 500ms delay.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Adds channelThumbnailUrl field to store YouTube API URL.
afterChange hook downloads image to Payload Media when branding.logo is empty.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
The manual sync button in Community Inbox was only syncing YouTube comments
via the legacy syncAllComments service. Now uses UnifiedSyncService to sync
all platforms (YouTube, Facebook, Instagram). Also adds comprehensive
Community Management documentation to CLAUDE.md.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
- Extend admin component overrides to cover all Payload admin views
(no-html-link-for-pages, no-img-element off for admin panel)
- Rename useGeneratedReply to applyGeneratedReply (not a hook)
- Fix useRealtimeUpdates: resolve circular dependency with connectRef,
wrap ref assignments in useEffect for React 19 compiler compliance
- Fix MetaBaseClient: let -> const for single-assignment variable
ESLint now passes with 0 errors (68 warnings only).
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Replace custom BEM classes and SCSS with Payload's native nav-group CSS
classes for Community and YouTube dashboard nav links. Removes emojis,
adds collapsible toggle with chevron, matches the native sidebar UX.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
- Clear data state on tab switch to prevent stale data type mismatch
- Add defensive null guards in all render functions (?.stats, ?.pipeline)
- Use channel ID instead of slug for API filtering
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Custom admin view at /admin/youtube-analytics with 4 tabs:
- Performance: Views, Watch Time, CTR, Subscribers with period comparison
- Pipeline: Status distribution, scheduled videos, overdue tasks
- Goals: Monthly target progress bars and custom KPIs
- Community: Sentiment analysis, response time, top topics
Includes channel selector, period selector (7d/30d/90d), and
sidebar nav link in the YouTube section.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Issue #15241 (TypeError: Missing parameter name with custom admin
components + multi-tenant plugin) is resolved in Payload 3.76.1.
Re-enable TenantDashboard custom view at /admin/tenant-dashboard.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Upgrade all 11 @payloadcms/* packages to 3.76.1, gaining fixes from
PRs #15404 (user.collection property for multi-tenant access control)
and #15499 (tenant selector uses beforeNav slot).
Fix afterLogin audit hook deadlock: payload.create() inside the hook
caused a transaction deadlock with PgBouncer in transaction mode under
Payload 3.76.1's stricter transaction handling. Changed to fire-and-forget
pattern to prevent login hangs.
Note: Next.js 15.5.9 peer dependency warning exists but build/runtime
work correctly. Consider upgrading Next.js to 16.x or downgrading to
15.4.11 in a follow-up.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Refactor custom login route to be more resilient:
- Lazy-load security modules to prevent initialization errors
- Wrap each security feature in try-catch for graceful degradation
- Skip CSRF validation for API requests (no Origin header + JSON content)
- Improve error handling and logging throughout
This ensures login works even if individual security modules fail,
while still providing full protection when everything is available.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Implements a unified sync service that orchestrates comment
synchronization across all social media platforms.
UnifiedSyncService:
- Platform-agnostic sync orchestration
- Support for YouTube, Facebook, and Instagram
- Parallel platform detection and account grouping
- Progress tracking with live status updates
- Aggregated results per platform
- Error handling with partial results support
New API Endpoints:
- GET/POST /api/cron/community-sync
- Cron endpoint for scheduled multi-platform sync
- Query params: platforms, accountIds, analyzeWithAI, maxItems
- HEAD for monitoring status
- GET /api/community/sync-status
- Live sync status for dashboard
- Platform overview with account details
- Interaction statistics (total, today, unanswered)
- Last sync result summary
Configuration:
- vercel.json updated to use community-sync cron
- 15-minute sync interval maintained
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Implements complete Meta Graph API integration for Facebook Pages
and Instagram Business Accounts.
Phase 2.3a - Meta OAuth & Base Infrastructure:
- Meta OAuth service with long-lived token support (60 days)
- MetaBaseClient with error handling and retry logic
- OAuth routes (/api/auth/meta, /api/auth/meta/callback)
- Type definitions for all Meta API responses
Phase 2.3b - Facebook Client:
- FacebookClient extending MetaBaseClient
- Page posts and comments retrieval
- Comment moderation (reply, hide, delete, like)
- Messenger conversations support
- Page insights and analytics
- FacebookSyncService for comment synchronization
Phase 2.3c - Instagram Client:
- InstagramClient for Business Accounts
- Media (posts/reels/carousels) retrieval
- Comment management with replies
- Mentions and Story-Mentions (24h expiry)
- Instagram Direct messaging
- Account and media insights
- InstagramSyncService for comment/mention sync
Additional changes:
- SocialPlatforms collection extended with oauthEndpoint field
- Environment variables documented (META_APP_ID, META_APP_SECRET)
- Module index with all exports
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Implementiert automatische YouTube-Kommentar-Synchronisation und
KI-gestützte Antwortvorschläge für das Community Management.
Neue Features:
- Cron-Endpoint für externen Scheduler (/api/cron/youtube-sync)
- ClaudeReplyService für AI-generierte Antworten (3 Tonalitäten)
- Sync Status API mit Live-Polling
- AI Reply Suggestions UI mit Varianten-Auswahl
- Job Logger für strukturiertes Logging von Background Jobs
Änderungen:
- ClaudeAnalysisService: Model-Update auf claude-3-5-haiku-20241022
- CommunityInbox: Sync Status Badge, AI Reply Suggestions Integration
- SCSS: Styles für Sync-Indicator und Suggestion Cards
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Add CommunityNavLinks component with styled navigation
- Register afterNavLinks in payload.config.ts
- Link to Community Inbox and Analytics views
- Add Analytics quick-link in Inbox component
- Support dark mode styling
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Fix Server Components render error by using 'use client' directive
- Remove DefaultTemplate which requires server-side props
- Add Community Analytics Dashboard view with charts
- Add Analytics API endpoints (overview, sentiment, response metrics, etc.)
- Add implementation report for design AI
The custom views now work correctly within Payload's RootLayout context.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Add 5 new collections: SocialPlatforms, SocialAccounts,
CommunityInteractions, CommunityTemplates, CommunityRules
- Add communityRole field to Users collection
- Add YouTube API client for comment sync
- Add Claude AI service for sentiment analysis
- Add API endpoints: /api/community/sync-comments, /api/community/reply
- Add communityAccess.ts for role-based access control
- Add migrations for all new tables and community_role enum fix
Fix: Make audit hooks non-blocking to prevent user save timeout
Dependencies: @anthropic-ai/sdk, googleapis
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Complete YouTube content management system:
- YouTubeChannels: Channel management with branding and metrics
- YouTubeContent: Video pipeline with workflow, approvals, scheduling
- YtSeries: Dedicated series management per channel (NEW)
- YtBatches: Production batch tracking with targets and progress
- YtTasks: Task management with notifications
- YtNotifications: User notification system
- YtMonthlyGoals: Monthly production goals per channel
- YtScriptTemplates: Reusable script templates
- YtChecklistTemplates: Checklist templates for workflows
Features:
- Role-based access (YouTubeManager, YouTubeCreator, YouTubeViewer)
- Auto-task generation on status changes
- Series relationship with channel-based filtering
- API endpoints for dashboard, tasks, and task completion
- German/English localization support
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
The Locations collection has an array field for structured opening hours
that requires a separate table. This was missing and caused the admin
panel to fail when accessing the Locations collection.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Root cause: payload_locked_documents_rels table was missing columns
for new collections, causing "column does not exist" errors during
the dashboard query after login.
Changes:
- Enable Favorites and Series collections in payload.config.ts
- Enable all BlogWoman blocks (FavoritesBlock, SeriesBlock, etc.)
- Add migration with proper system table updates:
- favorites_id column in payload_locked_documents_rels
- series_id column in payload_locked_documents_rels
- Include related migrations for Pages blocks and VideoEmbed
Key insight: When adding new collections, the migration must also
update payload_locked_documents_rels with a reference column.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Create migration with ENUMs and tables for BlogWoman collections
- favorites table with category, badge, priceRange, affiliateNetwork enums
- series table with localized fields (title, tagline, description)
- Associated _rels and _locales tables
- Set push: false to enforce migration-based schema changes
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Add new collections and blocks for BlogWoman affiliate and video content:
Collections:
- Favorites: Affiliate products with categories, badges, and price ranges
- Series: YouTube series with custom branding (logo, colors)
Blocks:
- FavoritesBlock: Grid/list/carousel display for affiliate products
- SeriesBlock: Series overview with filtering
- SeriesDetailBlock: Single series page with hero
- VideoEmbedBlock: YouTube/Vimeo embed with privacy mode
- FeaturedContentBlock: Curated mixed-content collections
Also includes documentation updates for deployment and API guides.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Replace single textarea address field with structured address group
(street, additionalLine, zip, city, state, country) and add geo
coordinates group (lat, lng, zoom) for map integration. Also adds
fax field to contact group. Matches structure of Locations collection.
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Update Payload CMS 3.68.4 → 3.69.0 to fix login redirect loop
(formatAdminURL no longer generates absolute URLs for currentRoute)
- Add explicit access control to Users collection for account updates
(multi-tenant plugin was blocking save button)
- Add read/update access controls to SEOSettings global
(settings group was hidden due to missing permissions)
- Regenerate importMap after Payload update
- Remove unused files: custom login page, cache-keys, my-route, migrations_backup
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Updated payload-types.ts with new collection types
- Updated comment in payload.config.ts
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- SiteSettings is now a Collection with multi-tenant support
- Navigation is now Navigations Collection with multi-tenant support
- Both added to multiTenantPlugin collections config
- Allows each tenant to have their own site settings and navigation
- API endpoints change from /api/globals/* to /api/site-settings and /api/navigations
BREAKING CHANGE: Frontends need to update API calls from globals to collections
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
The importMap still contained references to disabled components
(TenantBreadcrumb, DashboardNavLink, TenantDashboardView) which
caused the path-to-regexp error.
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
TenantBreadcrumb in afterNavLinks also triggers the error on production.
Completely disabling admin.components until Payload fixes the issue.
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Custom admin views cause TypeError: Missing parameter name at 5
when used with @payloadcms/plugin-multi-tenant. This appears to be
a bug in Payload 3.68.4's custom view handling.
Changes:
- Disable custom TenantDashboard view temporarily
- Keep TenantBreadcrumb in afterNavLinks (works correctly)
- Add bug report template for Payload team
See BUG_REPORT_CUSTOM_VIEWS.md for full details.
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- CSRF: Require CSRF_SECRET in production, throw error on missing secret
- IP Allowlist: TRUST_PROXY must be explicitly set to 'true' for proxy headers
- Rate Limiter: Add proper proxy trust handling for client IP detection
- Login: Add browser form redirect support with safe URL validation
- Add custom admin login page with styled form
- Update CLAUDE.md with TRUST_PROXY documentation
- Update tests for new security behavior
BREAKING: Server will not start in production without CSRF_SECRET or PAYLOAD_SECRET
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Adds videos_id and video_categories_id columns to payload_locked_documents_rels
and payload_preferences_rels tables to fix CI test failures.
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Fix slug-validation.ts: Use proper Where type from Payload
- Fix processFeaturedVideo.ts: Remove TypeWithID constraint, use type casting
- Fix retention-worker.ts: Remove unused import cleanupExpiredConsentLogs
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Video Feature Implementation:
- Add Videos and VideoCategories collections with multi-tenant support
- Extend VideoBlock with library/upload/embed sources and playback options
- Add featuredVideo group to Posts collection with processed embed URLs
Hooks & Validation:
- Add processFeaturedVideo hook for URL parsing and privacy mode embedding
- Add createSlugValidationHook for tenant-scoped slug uniqueness
- Add video-utils library (parseVideoUrl, generateEmbedUrl, formatDuration)
Testing:
- Add 84 unit tests for video-utils (URL parsing, duration, embed generation)
- Add 14 integration tests for Videos collection CRUD and slug validation
Database:
- Migration for videos, video_categories tables with locales
- Migration for Posts featuredVideo processed fields
- Update payload internal tables for new collections
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Add automatic cleanup for email-logs (90 days default)
- Add automatic cleanup for audit-logs (90 days default)
- Add consent-logs archival based on expiresAt (3 years GDPR)
- Add media orphan cleanup for unreferenced files (30 days min age)
- Add BullMQ-based retention worker with daily scheduler
- Add /api/retention endpoint for manual triggers (super-admin only)
- Update queue worker to include retention worker
- Add comprehensive documentation to CLAUDE.md and TODO.md
New files:
- src/lib/retention/retention-config.ts
- src/lib/retention/cleanup-service.ts
- src/lib/retention/index.ts
- src/lib/queue/jobs/retention-job.ts
- src/lib/queue/workers/retention-worker.ts
- src/app/(payload)/api/retention/route.ts
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- CSRF bypass in CI can be disabled with BYPASS_CSRF=false
- Security integration tests set BYPASS_CSRF=false to test CSRF validation
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Remove NODE_ENV check from CSRF bypass (production builds need bypass too)
- Add CI environment stub to CSRF unit tests to ensure normal validation
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Add CSRF_SECRET to E2E tests environment
- Bypass CSRF validation when CI=true and not production
- This allows E2E tests to run without needing CSRF tokens
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Add Where type imports and proper type assertions in API routes
- Add Locale type definitions for locale validation
- Fix email-logs/stats route with proper EmailLog typing
- Fix newsletter-service interests type and null checks
- Remove invalid contact field from OpenAPI metadata
- Fix formSubmissionOverrides type casting in payload.config
- Fix vcard route Team type casting
All 24 TypeScript errors in src/ are now resolved.
Test files have separate type issues that don't affect production.
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Remove unused variables and imports across API routes and workers
- Fix TypeScript errors in ConsentLogs.ts (PayloadRequest header access)
- Fix TypeScript errors in formSubmissionHooks.ts (add ResponseTracking interface)
- Update eslint ignores for coverage, test results, and generated files
- Set push: false in payload.config.ts (schema changes only via migrations)
- Update dependencies to latest versions (Payload 3.68.4, React 19.2.3)
- Add framework update check script and documentation
- Regenerate payload-types.ts
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
