# Changelog — Kevron Suites and Apartments All notable changes made to the project are documented below. ## [1.6.0] - 2026-06-03 ### Added - **Flutterwave Payment Integration:** Implemented standard hosted checkout payment gateway server-side link generation, verifying callback responses and webhooks (`verif-hash` Timing-Safe signature validation, database locking `lockForUpdate()` for idempotency). - **Payment Database Entities:** Deployed migrations and models for tracking detailed transactions, attempts, status history, invoices, receipts, and webhook logs. - **SMTP Mailing System:** Integrated dynamic email template builder using database templates or luxury colored HTML branded layout templates (`emails.branded`, `emails.branded_plain`) sent via SSL SMTP. - **Filament Admin Panel Resources:** Deployed `PaymentWebhookEventResource`, `PaymentStatusHistoryResource`, `PaymentAttemptResource`, `EmailTemplateResource`, and `EmailLogResource` inside groups **"Financial & Payments"** and **"Security & System Settings"** to monitor transactions, verify payments manually, reprocess webhooks, resend emails, and manage templates. - **Filament SMTP Settings Page:** Created a custom administration page to view active SMTP parameters (with masked password secret values) and dispatch real-time test emails. - **Automated Feature Tests:** Created `tests/Feature/FlutterwavePaymentTest.php` and `tests/Feature/SmtpMailTest.php` asserting checkout redirects, callback verification, webhook timing-safe validation, SMTP configuration, mailable variable parsing, and queue assertions. Added `tests/Feature/DynamicTaxTest.php` to verify database-driven tax & service charge pricing calculations. ### Modified - **`resources/views/home.blade.php`:** Refactored the live rate calculator on the homepage search widget (desktop and mobile) to dynamically fetch and display tax and service charge percentages from the database settings instead of being hardcoded. - **`app/Services/BookingService.php`:** Refactored the reservation price calculator to retrieve tax and service charge rates dynamically from database settings. - **`resources/views/guest/booking-details.blade.php` & `resources/views/guest/pdf/invoice.blade.php`:** Rendered dynamic VAT and service charge labels in customer billing screens and PDF invoices. - **`tests/Feature/BookingFlowTest.php`:** Updated webhook testing headers to target Flutterwave's webhook route. - **`config/mail.php`:** Fixed a configuration bug by defining the missing `encryption` parameter in the `smtp` driver array, enabling secure mail transmission over SSL/TLS. - **`app/Models/Payment.php`:** Registered the new gateway fields (`gateway`, `tx_ref`, `paid_at`, etc.) in `$fillable` and `$casts`. - **`database/seeders/DatabaseSeeder.php`:** Registered `EmailTemplateSeeder` to execute during database seeding. ## [1.5.0] - 2026-06-02 ### Added - **Global Header Redesign:** Built a modern, luxury sticky header featuring a slim top utility bar (with physical address location chip, MM1/MM2 proximity triggers, WhatsApp support, direct phone line, and accessibility/theme triggers) and a full-width **Wide Catalogue Mega Menu** with custom SVG icons, bedroom details, nightly price ranges, and a dynamic 2 Bedroom visual preview card. - **Large Hospitality Footer:** Rebuilt the footer into a premium multi-column layout featuring a pre-footer CTA band with Gold Champagne highlights, a dynamic Brand NAP details section, PWA shortcut configurations, and direct accessibility/cookie preferences triggers. - **Dynamic Database Navigation Management:** Deployed database tables (`navigation_menus`, `navigation_menu_items`, `mega_menu_groups`, `mega_menu_items`, `mega_menu_preview_cards`, `footer_columns`, `footer_links`, `header_ctas`, `footer_ctas`, `site_settings`, `search_index_items`, `menu_icons`, `navigation_badges`) to represent navigation and business NAP details. Deployed 13 Eloquent models under `app/Models/`. - **Debounced Autocomplete Search Modal:** Integrated a debounced search suggestion overlay modal in the header using a local pre-loaded JSON catalog index, allowing instant page lookups with zero network requests. - **Filament Admin Resources:** Deployed custom navigation managers (`NavigationMenuResource`, `FooterColumnResource`, `SiteSettingResource`, `SearchIndexItemResource`) inside the navigation group **"Navigation & Theme Management"** to control menus, links, and index items dynamically. - **Seeder Setup & Automated Tests:** Created `NavigationAndSettingsSeeder.php` seeding the complete header navigation tree, footer column links, site configuration NAP variables, and automated search directory suggestions. Created `tests/Feature/HeaderFooterRedesignTest.php` asserting dynamic page resolving, CTA endpoints, and suggestions retrieval. ## [1.4.0] - 2026-06-02 ### Added - **Accessibility Statement Page & Governance System:** Built the fully dynamic `/accessibility-statement` page featuring luxury Marcellus and Inter typography, 50px button caps, 0.1rem card radii, and slow micro-animations matching the premium Kevron Suites brand. - **Searchable Table of Contents Sidebar:** Integrated an Alpine.js-powered Table of Contents sidebar with real-time text query filtering, section copy links, and active scroll spy indicators. - **Private Screenshot Evidence Downloads:** Implemented secure private feedback screenshot storage, a protected `/admin/accessibility/feedback/{id}/download` route checking admin authentication, and dynamic "Download Evidence" buttons in Filament feedback forms and lists. - **Automated Integration Tests:** Appended robust feature tests verifying that unauthenticated guest requests to download screenshots are securely blocked, and authenticated admin sessions successfully retrieve the uploaded screenshot bytes. - **Dynamic Property Accessibility Profiles:** Rendered Ikeja-specific step-free access, elevator, door width, and assistance animal specifications. - **B2C Support and Feedback Forms:** Created responsive accessibility support forms (capturing mobility, audio-visual, and quiet room needs) and feedback registers with file uploads. - **Dynamic FAQ & SEO schemas:** Linked database-driven accessibility FAQs and crawlable JSON-LD structured schemas (WebPage + FAQPage) with crawlable GEO/AI search content blocks. ### Modified - **Policy Pages Hero Styling Fix:** Standardized header row wrapper styling across all 9 dynamic corporate policy pages (`damage_deposit_policy/show.blade.php`, `guest_identification_policy/show.blade.php`, `payment_policy/show.blade.php`, `terms/show.blade.php`, `privacy_policy/show.blade.php`, `house_rules/show.blade.php`, `cookie_policy/show.blade.php`, `booking_policy/show.blade.php`, `cancellation_refund_policy/show.blade.php`) utilizing flexible wrappable columns to eliminate element compression on intermediate screens. - **Footer & Sitewide Integration:** Injected accessibility paths in the global footer, contact forms, and guest dashboards. ## [1.3.0] - 2026-06-02 ### Added - **Database Migrations & Models:** Executed migration `2026_06_01_320000_create_safety_emergency_tables.php` defining 16 core safety, equipment, incident, alert, role, and inspection tables. Developed 16 Eloquent models under `app/Models/` with dynamic casts and relations. - **Filament Admin Panel Resources:** Deployed 10 tailored compliance modules inside the group **"Legal & Compliance"** (`SafetyInformationPageResource`, `EmergencyContactResource`, `AssemblyPointResource`, `EvacuationMapResource`, `GuestIncidentReportResource`, `EmergencyAlertResource`, `FireEquipmentRegisterResource`, `SafetyDeviceRegisterResource`, `SafetyInspectionRecordResource`, `EmergencyDrillRecordResource`, `LocationSafetyProfileResource`) with default/modal managers and audit-logged operations actions. - **Safety Compliance Seeder:** Created `SafetyEmergencySeeder` populating the complete safety and emergency rules sections, emergency contacts, safe muster points, evacuation floor maps, and safety FAQs. - **Automated Feature Test Suite:** Created `tests/Feature/SafetyEmergencyTest.php` asserting route loads (200), draft gates (404), legacy redirects (301), active emergency banner notice renderings, and secure AJAX incident submissions. - **Documentation:** Created `SAFETY_EMERGENCY_INFORMATION_IMPLEMENTATION_NOTES.md` documenting compliance logic, data lifecycles, and architecture details. ### Modified - **`database/seeders/DatabaseSeeder.php`**: Integrated the `SafetyEmergencySeeder` into the database seed array. - **`resources/views/layouts/footer.blade.php`**: Integrated the public Safety & Emergency Information link in the footer. - **`resources/views/guest/layouts/auth.blade.php`**: Integrated the Safety & Emergency quick access menu link into the Guest Dashboard sidebar. --- ## [1.2.0] - 2026-06-02 ### Added - **Database Migrations & Models:** Executed migration `2026_06_01_310000_create_guest_identification_tables.php` defining 16 core compliance tables. Developed 15 new Eloquent models with custom relationships and auto-encryption attributes for document numbers to comply with NDPA 2023. - **Filament Admin Panel Resources:** Deployed 9 custom resources inside the group **"Legal & Compliance"** (`GuestIdentificationPolicyResource`, `GuestIdentificationPolicyAcceptanceResource`, `IdDocumentTypeResource`, `GuestIdentityDocumentResource`, `DigitalCheckInResource`, `CorporateGuestListResource`, `VisitorIdentityRecordResource`, `IdentityAccessLogResource`, `IdentityRetentionRuleResource`) to manage drafts, acceptances, accepted ID types, secure IDs, digital check-ins, B2B guest allocations, day visitor registers, administrative access logs, and GDPR retention settings. - **Regulatory Compliance Seeder:** Created `GuestIdentificationPolicySeeder` populating general ID rules, NIN/passport classifications, rejection reasons, retention limits, custom FAQs, and dynamic SEO metadata. - **Automated Feature Test Suite:** Created `tests/Feature/GuestIdentificationPolicyTest.php` asserting index views (200), draft shielding (404), legacy permanent redirects (301), AJAX policy acceptances, secure private file uploads, and staff document access tracking logs. - **Documentation:** Created `GUEST_IDENTIFICATION_POLICY_IMPLEMENTATION_NOTES.md` documenting compliance logic, data lifecycles, and architecture details. ### Modified - **`database/seeders/DatabaseSeeder.php`**: Integrated the new seeder to execute perfectly as part of the application bootstrap cycle. - **`app/Http/Controllers/GuestIdController.php`**: Injected automated audit logging targeting the `IdentityAccessLog` during administrative guest document file downloads. - **`walkthrough.md`**: Updated walkthrough artifact with final project outcomes and 100% passing test results. - **`task.md`**: Marked all remaining checklist items as completed. --- ## [1.1.0] - 2026-06-01 ### Added - **Database Migrations:** Deployed `2026_06_01_280000_create_house_rules_tables.php` creating `house_rules_policies`, `house_rule_categories`, `house_rule_sections`, `house_rule_acceptances`, `guest_conduct_rules`, `visitor_rules`, `noise_rules`, `smoking_pet_rules`, `security_access_rules`, `damage_deposit_rules`, `corporate_stay_rules`, `long_stay_rules`, `rule_breach_reports`, and `enforcement_actions`. - **Database Seeders:** - Created `database/seeders/HouseRulesSeeder.php` seeding the comprehensive 24 rules categories, detailed en-suite regulations, standard check-in/out hours, quiet hours configurations, security deposit settings, FAQs, and SEO/JSON-LD metadata configurations. - Linked `HouseRulesSeeder` inside `DatabaseSeeder.php`. - **Automated Test Suite:** Created `tests/Feature/HouseRulesTest.php` asserting that public `/house-rules` route renders correctly, legacy 301 redirects work, draft policy versions are shielded under 404, AJAX acceptances log correctly, and rule breaches/enforcements store cleanly. - **Documentation:** Created `HOUSE_RULES_IMPLEMENTATION_NOTES.md` documenting schema setups, design systems, and compliance safeguards. ### Modified - **`database/seeders/DatabaseSeeder.php`**: Registered `HouseRulesSeeder::class` in the seed execution array. - **`walkthrough.md`**: Appended the complete House Rules Page & Enforcement System implementations and automated test outcomes. - **`task.md`**: Marked all checklist items as completed. --- ## [1.0.0] - 2026-06-01 ### Added - **Database Migrations:** Deployed the fixed version of `2026_06_01_270000_create_cookie_policy_tables.php` migration file creating `cookie_policies`, `cookie_policy_sections`, `cookie_categories`, `cookie_items`, `cookie_consents`, `cookie_consent_preferences`, and `cookie_consent_events`. - **Database Seeders:** - Created `database/seeders/CookiePolicySeeder.php` seeding the comprehensive hospitality-focused policy text, 5 categories (Necessary, Preferences, Analytics, Marketing, Functional), standard cookie register items (`laravel_session`, `XSRF-TOKEN`, `_ga`, `_gid`, `_fbp`, `vuid`), custom FAQs, and SEO/JSON-LD metadata configurations. - Linked `CookiePolicySeeder` inside `DatabaseSeeder.php`. - **Automated Test Suite:** Created `tests/Feature/CookiePolicyTest.php` asserting that public routes render correctly, 301 legacy redirects work, draft policy versions are shielded under 404, and AJAX preferences saves log correctly in the database. - **Documentation:** Created `COOKIE_POLICY_IMPLEMENTATION_NOTES.md` outlining compliance structures, database schemas, script loader logic, and test scopes. ### Modified - **`resources/views/layouts/app.blade.php`**: - Replaced the simple `localStorage` cookie banner with a luxury, accessible widget featuring a dynamic Customize Preferences drawer. - Integrated the industry-standard **Consent-Aware Script Loader** that blocks analytics and marketing script tags until active user opt-in is recorded. - Wired live AJAX POST requests to `/cookie-policy/consent` to record consent states, choices, and timeline events in the database. - Handled window-level custom events to sync category selections across pages and index preferences widgets in real-time. - **`resources/views/layouts/footer.blade.php`**: - Updated the Cookie Policy footer navigation link to target the direct route `/cookie-policy` bypassing redirects. - Added a "Cookie Preferences" link serving as a sitewide trigger to open the banner customization drawer. - **`database/seeders/DatabaseSeeder.php`**: Registered `CookiePolicySeeder::class` in the seed execution array. ### Fixed - **Migration Duplicate Column:** Corrected a query exception caused by duplicate definitions of the `updated_at` column inside the `cookie_consents` table by utilizing the standard `$table->timestamps()` command. - **Tinker Database Cleanup:** Cleared half-finished tables from the initial aborted migration to allow clean, fresh execution of migrations and seeders. - **Test Suite Resiliency:** Standardized 404 assertions inside the test suite to bypass fragile `assertSee` directives on custom error views.