From 46d4475b8fd08c86ff3e107b41a3d0ce0826eb60 Mon Sep 17 00:00:00 2001
From: karilint <kari.lintulaakso@gmail.com>
Date: Wed, 1 Apr 2026 15:17:20 +0300
Subject: [PATCH 1/6] Fix admin user management flows

---
 backend/src/routes/user.ts                    | 43 +++++++---
 .../components/Person/Tabs/AddUserModal.tsx   |  4 +-
 .../Person/Tabs/ChangePasswordForm.test.tsx   | 82 +++++++++++++++++++
 .../Person/Tabs/ChangePasswordForm.tsx        | 49 +++++++----
 .../src/components/Person/Tabs/PersonTab.tsx  | 11 ++-
 frontend/src/redux/userReducer.ts             |  7 +-
 6 files changed, 157 insertions(+), 39 deletions(-)
 create mode 100644 frontend/src/components/Person/Tabs/ChangePasswordForm.test.tsx

diff --git a/backend/src/routes/user.ts b/backend/src/routes/user.ts
index 98884c0cf..24a111a32 100644
--- a/backend/src/routes/user.ts
+++ b/backend/src/routes/user.ts
@@ -106,33 +106,50 @@ router.post('/create', async (req, res) => {
 
 router.put('/password', async (req, res) => {
   if (!req.user) throw new AccessError()
-  const { userId } = req.user
-  const { newPassword, oldPassword } = req.body as { newPassword: string; oldPassword: string }
+  const { userId, role } = req.user
+  const { newPassword, oldPassword, targetUserId } = req.body as {
+    newPassword: string
+    oldPassword?: string
+    targetUserId?: number
+  }
+
+  const isAdminChangingAnotherUser = role === Role.Admin && typeof targetUserId === 'number' && targetUserId !== userId
+  const userIdToUpdate = isAdminChangingAnotherUser ? targetUserId : userId
 
   const foundUser = await nowDb.com_users.findFirst({
     where: {
-      user_id: userId,
+      user_id: userIdToUpdate,
     },
     select: { password: true, newpassword: true },
   })
 
-  let passwordMatches: boolean
-  if (foundUser?.newpassword === null) {
-    // Compare old password
-    const hash = md5(oldPassword)
-    passwordMatches = hash === foundUser.password
-  } else {
-    passwordMatches = !!foundUser && !!(await bcrypt.compare(oldPassword, foundUser.newpassword))
+  if (!foundUser) return res.status(404).send({ error: 'User not found.' })
+
+  if (!isAdminChangingAnotherUser) {
+    let passwordMatches: boolean
+    if (typeof oldPassword !== 'string' || oldPassword.length === 0) {
+      return res.status(400).send({ error: 'Old password is required.' })
+    }
+    if (newPassword === oldPassword) {
+      return res.status(400).send({ error: 'New password must be different from your current password.' })
+    }
+    if (foundUser.newpassword === null) {
+      // Compare old password
+      const hash = md5(oldPassword)
+      passwordMatches = hash === foundUser.password
+    } else {
+      passwordMatches = !!(await bcrypt.compare(oldPassword, foundUser.newpassword))
+    }
+
+    if (!passwordMatches) return res.status(403).send({ error: 'Old password does not match your current password.' })
   }
 
-  if (!passwordMatches) return res.status(403).send({ error: 'Old password does not match your current password.' })
-
   const validationResult = validatePassword(newPassword)
   if (!validationResult.isValid) return res.status(400).send({ error: validationResult.error })
 
   const passwordHash = await createPasswordHash(newPassword)
 
-  await nowDb.com_users.update({ where: { user_id: userId }, data: { newpassword: passwordHash } })
+  await nowDb.com_users.update({ where: { user_id: userIdToUpdate }, data: { newpassword: passwordHash } })
   return res.status(200).send()
 })
 
diff --git a/frontend/src/components/Person/Tabs/AddUserModal.tsx b/frontend/src/components/Person/Tabs/AddUserModal.tsx
index 2bce279bc..d3b8f1b68 100644
--- a/frontend/src/components/Person/Tabs/AddUserModal.tsx
+++ b/frontend/src/components/Person/Tabs/AddUserModal.tsx
@@ -108,11 +108,10 @@ interface UserFieldValues {
 interface Props {
   isOpen: boolean
   onClose: () => void
-  onSave: () => void
   personInitials: string
 }
 
-export const AddUserModal = ({ isOpen, onClose, onSave, personInitials }: Props) => {
+export const AddUserModal = ({ isOpen, onClose, personInitials }: Props) => {
   const [fieldValues, setFieldValues] = useState<UserFieldValues>({
     username: '',
     password: '',
@@ -134,7 +133,6 @@ export const AddUserModal = ({ isOpen, onClose, onSave, personInitials }: Props)
       .then(() => {
         notify('User saved successfully.')
         onClose()
-        onSave()
       })
       .catch(e => {
         notify((e as { data: { message: string } }).data.message, 'error')
diff --git a/frontend/src/components/Person/Tabs/ChangePasswordForm.test.tsx b/frontend/src/components/Person/Tabs/ChangePasswordForm.test.tsx
new file mode 100644
index 000000000..bbdc345f6
--- /dev/null
+++ b/frontend/src/components/Person/Tabs/ChangePasswordForm.test.tsx
@@ -0,0 +1,82 @@
+import { beforeEach, describe, expect, it, jest } from '@jest/globals'
+import { fireEvent, render, screen, waitFor } from '@testing-library/react'
+import { ChangePasswordForm } from './ChangePasswordForm'
+
+const mockNotify = jest.fn()
+const mockDispatch = jest.fn()
+const mockUnwrap = jest.fn()
+const mockChangePasswordMutation = jest.fn(() => ({ unwrap: mockUnwrap }))
+
+jest.mock('@/hooks/notification', () => ({
+  useNotify: () => ({ notify: mockNotify }),
+}))
+
+jest.mock('react-redux', () => ({
+  useDispatch: () => mockDispatch,
+}))
+
+jest.mock('@/redux/userReducer', () => ({
+  removeFirstLogin: () => ({ type: 'user/removeFirstLogin' }),
+  useChangePasswordMutation: () => [mockChangePasswordMutation],
+}))
+
+jest.mock('@/hooks/usePasswordValidation', () => ({
+  usePasswordValidation: () => ({
+    passwordRequirements: ['At least 8 characters'],
+    validatePassword: (password: string) => ({
+      isValid: password.length >= 8,
+      error: password.length >= 8 ? undefined : 'Password must be at least 8 characters long',
+    }),
+  }),
+}))
+
+describe('ChangePasswordForm', () => {
+  beforeEach(() => {
+    mockNotify.mockReset()
+    mockDispatch.mockReset()
+    mockChangePasswordMutation.mockClear()
+    mockUnwrap.mockReset()
+    mockUnwrap.mockImplementation(() => Promise.resolve())
+  })
+
+  it('requires the old password for self-service password changes', () => {
+    render(<ChangePasswordForm />)
+
+    expect(screen.getByTestId('old-password-input')).toBeTruthy()
+    expect(screen.getByRole('button', { name: 'Change password' })).toHaveProperty('disabled', true)
+  })
+
+  it('lets admins set another users password without showing the old password field', async () => {
+    render(<ChangePasswordForm targetUserId={42} />)
+
+    expect(screen.queryByTestId('old-password-input')).toBeNull()
+
+    fireEvent.change(screen.getByTestId('new-password-input'), { target: { value: 'validpass' } })
+    fireEvent.change(screen.getByTestId('verify-password-input'), { target: { value: 'validpass' } })
+    fireEvent.click(screen.getByRole('button', { name: 'Set password' }))
+
+    expect(mockChangePasswordMutation).toHaveBeenCalledWith({
+      newPassword: 'validpass',
+      oldPassword: '',
+      targetUserId: 42,
+    })
+    expect(mockDispatch).not.toHaveBeenCalled()
+    await waitFor(() => {
+      expect(mockNotify).toHaveBeenCalledWith('Password changed successfully for user.')
+    })
+  })
+
+  it('rejects setting the same password in self-service mode', async () => {
+    render(<ChangePasswordForm />)
+
+    fireEvent.change(screen.getByTestId('old-password-input'), { target: { value: 'validpass' } })
+    fireEvent.change(screen.getByTestId('new-password-input'), { target: { value: 'validpass' } })
+    fireEvent.change(screen.getByTestId('verify-password-input'), { target: { value: 'validpass' } })
+    fireEvent.click(screen.getByRole('button', { name: 'Change password' }))
+
+    expect(mockChangePasswordMutation).not.toHaveBeenCalled()
+    await waitFor(() => {
+      expect(mockNotify).toHaveBeenCalledWith('New password must be different from your current password.', 'error')
+    })
+  })
+})
diff --git a/frontend/src/components/Person/Tabs/ChangePasswordForm.tsx b/frontend/src/components/Person/Tabs/ChangePasswordForm.tsx
index 9d03409a7..adcaaf83b 100755
--- a/frontend/src/components/Person/Tabs/ChangePasswordForm.tsx
+++ b/frontend/src/components/Person/Tabs/ChangePasswordForm.tsx
@@ -7,7 +7,11 @@ import { usePasswordValidation } from '@/hooks/usePasswordValidation'
 
 type ChangePasswordError = { status: number; data: { error: string } }
 
-export const ChangePasswordForm = () => {
+type ChangePasswordFormProps = {
+  targetUserId?: number
+}
+
+export const ChangePasswordForm = ({ targetUserId }: ChangePasswordFormProps) => {
   const [oldPassword, setOldPassword] = useState('')
   const [newPassword, setNewPassword] = useState('')
   const [verifyPassword, setVerifyPassword] = useState('')
@@ -15,14 +19,15 @@ export const ChangePasswordForm = () => {
   const { notify } = useNotify()
   const sx = { display: 'flex', alignItems: 'center', width: '10em', fontWeight: 'bold' }
   const dispatch = useDispatch()
+  const isAdminOverride = typeof targetUserId === 'number'
 
   const { passwordRequirements, validatePassword } = usePasswordValidation()
   const isPasswordValid = useMemo(() => validatePassword(newPassword).isValid, [newPassword, validatePassword])
   const isFormValid =
-    oldPassword.length > 0 &&
     newPassword.length > 0 &&
     verifyPassword.length > 0 &&
     isPasswordValid &&
+    (isAdminOverride || oldPassword.length > 0) &&
     newPassword === verifyPassword
 
   const changePassword = async () => {
@@ -30,19 +35,25 @@ export const ChangePasswordForm = () => {
       notify('New password was not the same in both fields.', 'error')
       return
     }
+    if (!isAdminOverride && newPassword === oldPassword) {
+      notify('New password must be different from your current password.', 'error')
+      return
+    }
     const passwordValidationResult = validatePassword(newPassword)
     if (!passwordValidationResult.isValid) {
       notify(passwordValidationResult.error ?? 'Password does not meet requirements', 'error')
       return
     }
-    if (newPassword.length === 0 || oldPassword.length === 0) {
+    if (newPassword.length === 0 || (!isAdminOverride && oldPassword.length === 0)) {
       notify('Please fill all fields.', 'error')
       return
     }
     try {
-      await changePasswordMutation({ newPassword, oldPassword }).unwrap()
-      notify('Password changed successfully.')
-      dispatch(removeFirstLogin())
+      await changePasswordMutation({ newPassword, oldPassword, targetUserId }).unwrap()
+      notify(isAdminOverride ? 'Password changed successfully for user.' : 'Password changed successfully.')
+      if (!isAdminOverride) {
+        dispatch(removeFirstLogin())
+      }
       setOldPassword('')
       setNewPassword('')
       setVerifyPassword('')
@@ -54,18 +65,20 @@ export const ChangePasswordForm = () => {
 
   return (
     <Grid container direction="column" sx={{ rowGap: '1em' }}>
-      <Grid container direction="row">
-        <Grid item sx={sx}>
-          Old password:
+      {!isAdminOverride && (
+        <Grid container direction="row">
+          <Grid item sx={sx}>
+            Old password:
+          </Grid>
+          <TextField
+            id="old-password-textfield"
+            type="password"
+            value={oldPassword}
+            onChange={event => setOldPassword(event.target.value)}
+            inputProps={{ 'data-testid': 'old-password-input' }}
+          />
         </Grid>
-        <TextField
-          id="old-password-textfield"
-          type="password"
-          value={oldPassword}
-          onChange={event => setOldPassword(event.target.value)}
-          inputProps={{ 'data-testid': 'old-password-input' }}
-        />
-      </Grid>
+      )}
       <Grid container direction="row">
         <Grid item sx={sx}>
           New password:
@@ -110,7 +123,7 @@ export const ChangePasswordForm = () => {
             onClick={() => void changePassword()}
             disabled={!isFormValid}
           >
-            Change password
+            {isAdminOverride ? 'Set password' : 'Change password'}
           </Button>
         </Grid>
       </Grid>
diff --git a/frontend/src/components/Person/Tabs/PersonTab.tsx b/frontend/src/components/Person/Tabs/PersonTab.tsx
index 74ecb8016..67c77903b 100755
--- a/frontend/src/components/Person/Tabs/PersonTab.tsx
+++ b/frontend/src/components/Person/Tabs/PersonTab.tsx
@@ -18,9 +18,9 @@ export const PersonTab = () => {
   const { notify } = useNotify()
   const { id: idFromUrl } = useParams()
   const isNew = idFromUrl === 'new'
+  const isUserPage = idFromUrl === 'user-page'
   const isAdmin = currentUser.role == Role.Admin
   const [isAddUserModalOpen, setIsAddUserModalOpen] = useState(false)
-  const [disableAddUserButton, setDisableAddUserButton] = useState(false)
 
   useEffect(() => {
     if (!currentUser?.isFirstLogin) return
@@ -54,13 +54,12 @@ export const PersonTab = () => {
         onClose={() => {
           setIsAddUserModalOpen(false)
         }}
-        onSave={() => setDisableAddUserButton(true)}
         personInitials={data.initials}
       />
       <ArrayFrame array={person} title="Person" />
       {data.user && <ArrayFrame array={user} title="User" />}
 
-      {isAdmin && !data.user && !disableAddUserButton && mode.option === 'read' && (
+      {isAdmin && !data.user && mode.option === 'read' && (
         <Button
           variant="contained"
           startIcon={<PersonAddIcon />}
@@ -84,6 +83,12 @@ export const PersonTab = () => {
           <ChangePasswordForm />
         </Grouped>
       )}
+
+      {isAdmin && !isUserPage && currentUser.initials !== data.initials && data.user?.user_id && (
+        <Grouped title="Change password" style={{ padding: '1em' }}>
+          <ChangePasswordForm targetUserId={data.user.user_id} />
+        </Grouped>
+      )}
     </>
   )
 }
diff --git a/frontend/src/redux/userReducer.ts b/frontend/src/redux/userReducer.ts
index 5aef900bb..b42e1ebf9 100755
--- a/frontend/src/redux/userReducer.ts
+++ b/frontend/src/redux/userReducer.ts
@@ -12,6 +12,7 @@ export type LoginResponse = {
 }
 
 type LoginData = { username: string; password: string }
+type ChangePasswordRequest = { newPassword: string; oldPassword?: string; targetUserId?: number }
 
 const userApi = api.injectEndpoints({
   endpoints: builder => ({
@@ -25,12 +26,13 @@ const userApi = api.injectEndpoints({
         method: 'POST',
       }),
     }),
-    changePassword: builder.mutation<void, { newPassword: string; oldPassword: string }>({
-      query: ({ newPassword, oldPassword }: { newPassword: string; oldPassword: string }) => ({
+    changePassword: builder.mutation<void, ChangePasswordRequest>({
+      query: ({ newPassword, oldPassword, targetUserId }: ChangePasswordRequest) => ({
         url: 'user/password',
         body: {
           newPassword,
           oldPassword,
+          targetUserId,
         },
         method: 'PUT',
       }),
@@ -41,6 +43,7 @@ const userApi = api.injectEndpoints({
         body: user,
         method: 'POST',
       }),
+      invalidatesTags: (_result, _error, { initials }) => [{ type: 'person', id: initials }, 'persons'],
     }),
   }),
 })

From 4185467a85971f94fb4bde3f9e841a60c622a960 Mon Sep 17 00:00:00 2001
From: karilint <kari.lintulaakso@gmail.com>
Date: Wed, 1 Apr 2026 15:44:43 +0300
Subject: [PATCH 2/6] Fix Grid2 layout regressions

---
 frontend/src/App.tsx                          |  9 ++++---
 .../DetailView/common/tabLayoutHelpers.tsx    | 10 +++----
 .../Person/Tabs/ChangePasswordForm.tsx        | 27 ++++++++-----------
 .../src/components/Project/ProjectForm.tsx    | 12 ++++-----
 4 files changed, 27 insertions(+), 31 deletions(-)

diff --git a/frontend/src/App.tsx b/frontend/src/App.tsx
index 1283bf2ea..4cd68d7a8 100755
--- a/frontend/src/App.tsx
+++ b/frontend/src/App.tsx
@@ -1,4 +1,5 @@
-import { Container, Grid } from '@mui/material'
+import { Container } from '@mui/material'
+import Grid from '@mui/material/Grid2'
 import { Outlet } from 'react-router-dom'
 import { NavBar } from './components/NavBar'
 import { Notification, NotificationContextProvider } from './components/Notification'
@@ -9,12 +10,12 @@ const App = () => {
     <NotificationContextProvider>
       <Notification />
       <div id="wrapper">
-        <Grid container>
-          <Grid item xs={12}>
+        <Grid container direction="column">
+          <Grid size={12}>
             <NavBar />
           </Grid>
           <Container maxWidth="xl" fixed style={{ marginTop: '2em', marginBottom: '2em' }}>
-            <Grid item>
+            <Grid size={12}>
               <Outlet />
             </Grid>
           </Container>
diff --git a/frontend/src/components/DetailView/common/tabLayoutHelpers.tsx b/frontend/src/components/DetailView/common/tabLayoutHelpers.tsx
index 05415df40..cfe02066c 100755
--- a/frontend/src/components/DetailView/common/tabLayoutHelpers.tsx
+++ b/frontend/src/components/DetailView/common/tabLayoutHelpers.tsx
@@ -1,4 +1,5 @@
-import { Card, Typography, Box, Grid, Divider } from '@mui/material'
+import { Card, Typography, Box, Divider } from '@mui/material'
+import Grid from '@mui/material/Grid2'
 import { ReactNode } from 'react'
 import { useDetailContext } from '../Context/DetailContext'
 import { EditDataType } from '@/shared/types'
@@ -11,14 +12,13 @@ export const ArrayToTable = ({ array, half }: { array: Array<Array<ReactNode>>;
     return width
   }
   return (
-    <Grid container direction="row">
+    <Grid container direction="column">
       {array.map((row, rowIndex) => (
-        <Grid key={rowIndex} container direction="row" minHeight="2.5em">
+        <Grid key={rowIndex} container direction="row" size={12} minHeight="2.5em">
           {row.map((item, index) => (
             <Grid
               key={index}
-              item
-              xs={getCellWidth(rowIndex, index)}
+              size={getCellWidth(rowIndex, index)}
               sx={{
                 display: 'flex',
                 alignItems: 'center',
diff --git a/frontend/src/components/Person/Tabs/ChangePasswordForm.tsx b/frontend/src/components/Person/Tabs/ChangePasswordForm.tsx
index adcaaf83b..338c7dce6 100755
--- a/frontend/src/components/Person/Tabs/ChangePasswordForm.tsx
+++ b/frontend/src/components/Person/Tabs/ChangePasswordForm.tsx
@@ -1,6 +1,7 @@
 import { useNotify } from '@/hooks/notification'
 import { removeFirstLogin, useChangePasswordMutation } from '@/redux/userReducer'
-import { Button, Grid, List, ListItem, ListItemText, TextField, Typography } from '@mui/material'
+import { Button, List, ListItem, ListItemText, TextField, Typography } from '@mui/material'
+import Grid from '@mui/material/Grid2'
 import { useMemo, useState } from 'react'
 import { useDispatch } from 'react-redux'
 import { usePasswordValidation } from '@/hooks/usePasswordValidation'
@@ -66,10 +67,8 @@ export const ChangePasswordForm = ({ targetUserId }: ChangePasswordFormProps) =>
   return (
     <Grid container direction="column" sx={{ rowGap: '1em' }}>
       {!isAdminOverride && (
-        <Grid container direction="row">
-          <Grid item sx={sx}>
-            Old password:
-          </Grid>
+        <Grid container direction="row" size={12}>
+          <Grid sx={sx}>Old password:</Grid>
           <TextField
             id="old-password-textfield"
             type="password"
@@ -79,10 +78,8 @@ export const ChangePasswordForm = ({ targetUserId }: ChangePasswordFormProps) =>
           />
         </Grid>
       )}
-      <Grid container direction="row">
-        <Grid item sx={sx}>
-          New password:
-        </Grid>
+      <Grid container direction="row" size={12}>
+        <Grid sx={sx}>New password:</Grid>
         <TextField
           id="new-password-textfield"
           type="password"
@@ -91,10 +88,8 @@ export const ChangePasswordForm = ({ targetUserId }: ChangePasswordFormProps) =>
           inputProps={{ 'data-testid': 'new-password-input' }}
         />
       </Grid>
-      <Grid container direction="row">
-        <Grid item sx={sx}>
-          New password again:
-        </Grid>
+      <Grid container direction="row" size={12}>
+        <Grid sx={sx}>New password again:</Grid>
         <TextField
           id="new-password-verification-textfield"
           type="password"
@@ -103,7 +98,7 @@ export const ChangePasswordForm = ({ targetUserId }: ChangePasswordFormProps) =>
           inputProps={{ 'data-testid': 'verify-password-input' }}
         />
       </Grid>
-      <Grid container direction="column" sx={{ rowGap: '0.5em' }}>
+      <Grid container direction="column" size={12} sx={{ rowGap: '0.5em' }}>
         <Typography variant="subtitle1">Password requirements</Typography>
         <List dense sx={{ listStyleType: 'disc', pl: 4 }}>
           {passwordRequirements.map(requirement => (
@@ -113,8 +108,8 @@ export const ChangePasswordForm = ({ targetUserId }: ChangePasswordFormProps) =>
           ))}
         </List>
       </Grid>
-      <Grid container direction="row">
-        <Grid item width="27em">
+      <Grid container direction="row" size={12}>
+        <Grid width="27em">
           <Button
             id="change-password-button"
             fullWidth
diff --git a/frontend/src/components/Project/ProjectForm.tsx b/frontend/src/components/Project/ProjectForm.tsx
index 547a9fef8..898888926 100644
--- a/frontend/src/components/Project/ProjectForm.tsx
+++ b/frontend/src/components/Project/ProjectForm.tsx
@@ -9,7 +9,6 @@ import {
   Divider,
   FormControl,
   FormHelperText,
-  Grid,
   InputLabel,
   MenuItem,
   Select,
@@ -17,6 +16,7 @@ import {
   TextField,
   Typography,
 } from '@mui/material'
+import Grid from '@mui/material/Grid2'
 import { Controller, useForm } from 'react-hook-form'
 import { recordStatusOptions, projectStatusOptions } from '@/constants/projectStatus'
 import type { RecordStatusValue } from '@/constants/projectStatus'
@@ -121,7 +121,7 @@ export const ProjectForm = ({
           </Stack>
 
           <Grid container spacing={3}>
-            <Grid item xs={12} md={6}>
+            <Grid size={{ xs: 12, md: 6 }}>
               <TextField
                 label="Project Code"
                 fullWidth
@@ -131,7 +131,7 @@ export const ProjectForm = ({
                 disabled={isSubmitting}
               />
             </Grid>
-            <Grid item xs={12} md={6}>
+            <Grid size={{ xs: 12, md: 6 }}>
               <TextField
                 label="Project Name"
                 fullWidth
@@ -141,7 +141,7 @@ export const ProjectForm = ({
                 disabled={isSubmitting}
               />
             </Grid>
-            <Grid item xs={12} md={6}>
+            <Grid size={{ xs: 12, md: 6 }}>
               <Controller
                 control={control}
                 name="coordinatorUserId"
@@ -162,7 +162,7 @@ export const ProjectForm = ({
                 )}
               />
             </Grid>
-            <Grid item xs={12} md={3}>
+            <Grid size={{ xs: 12, md: 3 }}>
               <FormControl fullWidth error={Boolean(errors.projectStatus)} disabled={isSubmitting}>
                 <InputLabel id="project-status-label">Project Status</InputLabel>
                 <Controller
@@ -182,7 +182,7 @@ export const ProjectForm = ({
                 <FormHelperText>{errors.projectStatus?.message}</FormHelperText>
               </FormControl>
             </Grid>
-            <Grid item xs={12} md={3}>
+            <Grid size={{ xs: 12, md: 3 }}>
               <FormControl fullWidth error={Boolean(errors.recordStatus)} disabled={isSubmitting}>
                 <InputLabel id="record-status-label">Record Status</InputLabel>
                 <Controller

From 26b01e624a16d7ed1b08a447e5af1655df44c98d Mon Sep 17 00:00:00 2001
From: karilint <kari.lintulaakso@gmail.com>
Date: Wed, 1 Apr 2026 16:07:56 +0300
Subject: [PATCH 3/6] Update Codex prompt docs

---
 documentation/codex_planning_prompt.md            | 3 ++-
 documentation/coding_prompt_template_fullstack.md | 5 +++--
 2 files changed, 5 insertions(+), 3 deletions(-)

diff --git a/documentation/codex_planning_prompt.md b/documentation/codex_planning_prompt.md
index 14e700aae..7858a43a1 100644
--- a/documentation/codex_planning_prompt.md
+++ b/documentation/codex_planning_prompt.md
@@ -19,7 +19,7 @@ This section summarizes the overall architecture, structure, and technologies of
 - Backend: **Node.js** with **Express.js** (REST API)
 - ORM / database layer via **Prisma**, targeting **MySQL / MariaDB**
 - Frontend: **React** (via **Vite**)
-- UI library: **Material-UI (MUI)**
+- UI library: **Material-UI (MUI v6)**
 - State management: **Redux Toolkit** (or React context for simpler cases)
 - Routing: **React Router**
 - Build tooling: Vite, TypeScript, ESLint, Prettier
@@ -92,6 +92,7 @@ This section summarizes the overall architecture, structure, and technologies of
 - Database migrations managed with Prisma
 - CI/CD pipelines ensure linting, testing, and build integrity
 - All new features require code review, test coverage, and documentation updates
+- GitHub repository access may be configured via the repository's existing remote (for example SSH); do not assume HTTPS credentials or the GitHub CLI are available in every environment.
 
 ### Linting and Type-Checking Expectations
 
diff --git a/documentation/coding_prompt_template_fullstack.md b/documentation/coding_prompt_template_fullstack.md
index a8a328508..8f9147d36 100644
--- a/documentation/coding_prompt_template_fullstack.md
+++ b/documentation/coding_prompt_template_fullstack.md
@@ -10,7 +10,7 @@ Implement **exactly one task** from an approved feature plan.
 - **Language:** TypeScript (strict mode)
 - **Backend:** Node.js 18 + Express.js (REST API)
 - **ORM / DB:** Prisma • MySQL / MariaDB
-- **Frontend:** React + Vite + Material UI (MUI v5)
+- **Frontend:** React + Vite + Material UI (MUI v6)
 - **State management:** Redux Toolkit (or React Context when simpler)
 - **Routing:** React Router v6
 - **Auth:** JWT-based / role-based middleware on backend + protected routes on frontend
@@ -22,6 +22,7 @@ Implement **exactly one task** from an approved feature plan.
 - **Config:** `.env` (12-factor); `.env.template` lists defaults
 - **CI/CD:** GitHub Actions (lint → type-check → test → build → deploy)
 - **Code style:** ESLint + Prettier enforced in CI
+- **GitHub access:** Use the repository's configured remote/auth setup when syncing changes or opening PRs; do not assume HTTPS credentials or `gh` are available.
 
 ---
 
@@ -299,4 +300,4 @@ JWT_SECRET="replace_me"
 - Prisma migrations exist if `migrations:true`.
 - Role-based permissions verified.
 - Docs and `.env.template` updated if required.
-- CI pipeline green after push.
+- CI pipeline green after push or PR update.

From 61d4017b0acc8ff1747a55b4e147f7b48c992076 Mon Sep 17 00:00:00 2001
From: karilint <kari.lintulaakso@gmail.com>
Date: Wed, 1 Apr 2026 16:26:19 +0300
Subject: [PATCH 4/6] Stabilize Cypress app startup waits

---
 cypress.config.js           | 67 +++++++++++++++++++++++++++++++++++++
 cypress/support/commands.js | 13 +++++--
 cypress/support/index.d.ts  |  6 ++++
 3 files changed, 84 insertions(+), 2 deletions(-)

diff --git a/cypress.config.js b/cypress.config.js
index a97668cb0..be0cb7e60 100644
--- a/cypress.config.js
+++ b/cypress.config.js
@@ -1,9 +1,13 @@
 const { defineConfig } = require('cypress')
 const net = require('net')
+const http = require('http')
+const https = require('https')
 
 const DEFAULT_DB_HOST = process.env.CYPRESS_DB_HOST ?? process.env.MARIADB_HOST ?? '127.0.0.1'
 const DEFAULT_DB_PORT = Number(process.env.CYPRESS_DB_PORT ?? process.env.MARIADB_PORT ?? 3306)
 const DEFAULT_DB_WAIT_TIMEOUT_MS = Number(process.env.CYPRESS_DB_WAIT_TIMEOUT ?? 30_000)
+const DEFAULT_APP_BASE_URL = process.env.CYPRESS_baseUrl ?? 'http://localhost:5173/'
+const DEFAULT_APP_WAIT_TIMEOUT_MS = Number(process.env.CYPRESS_APP_WAIT_TIMEOUT ?? 60_000)
 
 const RETRY_DELAY_MS = 1_000
 const SOCKET_TIMEOUT_MS = 2_000
@@ -59,6 +63,61 @@ async function waitForDatabase(options = {}, env = {}) {
   })
 }
 
+/**
+ * @param {{ url?: string; timeoutMs?: number }} [options]
+ * @param {{ appBaseUrl?: string; appWaitTimeoutMs?: number }} [env]
+ */
+async function waitForHttpUrl(options = {}, env = {}) {
+  const url = options.url ?? env.appBaseUrl ?? DEFAULT_APP_BASE_URL
+  const timeoutMs = Number(options.timeoutMs ?? env.appWaitTimeoutMs ?? DEFAULT_APP_WAIT_TIMEOUT_MS)
+  const parsedUrl = new URL(url)
+  const client = parsedUrl.protocol === 'https:' ? https : http
+  const deadline = Date.now() + timeoutMs
+
+  return new Promise((resolve, reject) => {
+    const attemptRequest = () => {
+      const request = client.request(
+        parsedUrl,
+        { method: 'GET', timeout: SOCKET_TIMEOUT_MS },
+        response => {
+          response.resume()
+
+          if (response.statusCode && response.statusCode < 500) {
+            resolve(null)
+            return
+          }
+
+          if (Date.now() >= deadline) {
+            reject(new Error(`Timed out waiting for app at ${url} (status ${response.statusCode ?? 'unknown'})`))
+            return
+          }
+
+          setTimeout(attemptRequest, RETRY_DELAY_MS)
+        }
+      )
+
+      const retry = error => {
+        request.destroy()
+
+        if (Date.now() >= deadline) {
+          reject(new Error(`Timed out waiting for app at ${url} (${error.message})`))
+          return
+        }
+
+        setTimeout(attemptRequest, RETRY_DELAY_MS)
+      }
+
+      request.on('error', retry)
+      request.on('timeout', () => {
+        retry(new Error('Connection attempt timed out'))
+      })
+      request.end()
+    }
+
+    attemptRequest()
+  })
+}
+
 module.exports = defineConfig({
   e2e: {
     setupNodeEvents(on, config) {
@@ -68,6 +127,12 @@ module.exports = defineConfig({
         waitForDbHealthy(options) {
           return waitForDatabase(options, config.env)
         },
+        waitForAppHealthy(options) {
+          return waitForHttpUrl(options, {
+            ...config.env,
+            appBaseUrl: config.baseUrl,
+          })
+        },
       })
 
       // It's IMPORTANT to return the config object
@@ -88,6 +153,8 @@ module.exports = defineConfig({
     dbHost: DEFAULT_DB_HOST,
     dbPort: DEFAULT_DB_PORT,
     dbWaitTimeoutMs: DEFAULT_DB_WAIT_TIMEOUT_MS,
+    appBaseUrl: DEFAULT_APP_BASE_URL,
+    appWaitTimeoutMs: DEFAULT_APP_WAIT_TIMEOUT_MS,
   },
   viewportHeight: 900,
   viewportWidth: 1200,
diff --git a/cypress/support/commands.js b/cypress/support/commands.js
index e77805962..34ce10a11 100644
--- a/cypress/support/commands.js
+++ b/cypress/support/commands.js
@@ -24,6 +24,15 @@
 // -- This will overwrite an existing command --
 // Cypress.Commands.overwrite('visit', (originalFn, url, options) => { ... })
 
+Cypress.Commands.overwrite('visit', (originalFn, url, options) => {
+  const targetUrl = typeof url === 'string' ? url : url?.url
+  const resolvedUrl = targetUrl ? new URL(targetUrl, Cypress.config('baseUrl')).toString() : Cypress.config('baseUrl')
+
+  cy.task('waitForAppHealthy', { url: resolvedUrl })
+
+  return originalFn(url, options)
+})
+
 Cypress.Commands.add('login', username => {
   cy.clearAllLocalStorage()
   cy.clearAllSessionStorage()
@@ -77,7 +86,7 @@ Cypress.Commands.add('resetDatabase', () => {
 Cypress.Commands.add('resetDatabaseOnce', () => {
   const currentSpec = Cypress.spec.name
   const resetKey = `dbReset_${currentSpec}`
-  
+
   if (!window[resetKey]) {
     cy.resetDatabase()
     window[resetKey] = true
@@ -108,7 +117,7 @@ Cypress.Commands.add('loginWithSession', (username) => {
       // Validate the session is still valid by checking for the username box
       cy.visit('/')
       cy.contains('.username-box', username, { timeout: 10000 }).should('be.visible')
-    }
+    },
   })
 })
 
diff --git a/cypress/support/index.d.ts b/cypress/support/index.d.ts
index abed29a7f..14c9850c4 100644
--- a/cypress/support/index.d.ts
+++ b/cypress/support/index.d.ts
@@ -13,6 +13,7 @@ declare namespace Cypress {
 
   interface Tasks {
     waitForDbHealthy(options?: WaitForDbHealthyOptions): null
+    waitForAppHealthy(options?: WaitForAppHealthyOptions): null
   }
 }
 
@@ -22,6 +23,11 @@ interface WaitForDbHealthyOptions {
   timeoutMs?: number
 }
 
+interface WaitForAppHealthyOptions {
+  url?: string
+  timeoutMs?: number
+}
+
 interface DeleteTarget {
   entity: string
   path: string

From 54b73d596997baec45dcf4ad0dc69f3f1f9ab899 Mon Sep 17 00:00:00 2001
From: karilint <kari.lintulaakso@gmail.com>
Date: Wed, 1 Apr 2026 16:42:13 +0300
Subject: [PATCH 5/6] Fix Cypress visit command chaining

---
 cypress/support/commands.js | 4 +---
 1 file changed, 1 insertion(+), 3 deletions(-)

diff --git a/cypress/support/commands.js b/cypress/support/commands.js
index 34ce10a11..4386a61a8 100644
--- a/cypress/support/commands.js
+++ b/cypress/support/commands.js
@@ -28,9 +28,7 @@ Cypress.Commands.overwrite('visit', (originalFn, url, options) => {
   const targetUrl = typeof url === 'string' ? url : url?.url
   const resolvedUrl = targetUrl ? new URL(targetUrl, Cypress.config('baseUrl')).toString() : Cypress.config('baseUrl')
 
-  cy.task('waitForAppHealthy', { url: resolvedUrl })
-
-  return originalFn(url, options)
+  return cy.task('waitForAppHealthy', { url: resolvedUrl }).then(() => originalFn(url, options))
 })
 
 Cypress.Commands.add('login', username => {

From 6e32be9a40cc8b28f1b80a75d874407a52576e8c Mon Sep 17 00:00:00 2001
From: karilint <kari.lintulaakso@gmail.com>
Date: Wed, 1 Apr 2026 16:58:13 +0300
Subject: [PATCH 6/6] Extend Cypress visit wait timeout

---
 cypress/support/commands.js | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/cypress/support/commands.js b/cypress/support/commands.js
index 4386a61a8..a917619d0 100644
--- a/cypress/support/commands.js
+++ b/cypress/support/commands.js
@@ -27,8 +27,11 @@
 Cypress.Commands.overwrite('visit', (originalFn, url, options) => {
   const targetUrl = typeof url === 'string' ? url : url?.url
   const resolvedUrl = targetUrl ? new URL(targetUrl, Cypress.config('baseUrl')).toString() : Cypress.config('baseUrl')
+  const appWaitTimeoutMs = Number(Cypress.env('appWaitTimeoutMs') ?? 60000)
 
-  return cy.task('waitForAppHealthy', { url: resolvedUrl }).then(() => originalFn(url, options))
+  return cy
+    .task('waitForAppHealthy', { url: resolvedUrl }, { timeout: appWaitTimeoutMs })
+    .then(() => originalFn(url, options))
 })
 
 Cypress.Commands.add('login', username => {