Sprint 5: PartnerCustomerListView — partner-scoped customer list

- admin_api/views.py: PartnerCustomerListView — distinct users who've booked partner's events, annotated with bookings_count + total_spent aggregates, search by email/name, paginated [1,200] - admin_api/urls.py: wire partners/me/customers/ Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Sprint 4: PartnerBookingListView for partner-scoped booking list
2026-04-22 11:38:39 +05:30 · 2026-04-22 11:34:57 +05:30 · 2026-04-22 11:28:57 +05:30 · 2026-04-22 11:20:37 +05:30 · 2026-04-22 11:02:34 +05:30 · 2026-04-22 10:30:58 +05:30
24 changed files with 2876 additions and 65 deletions
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -5,6 +5,154 @@ Format follows [Keep a Changelog](https://keepachangelog.com/en/1.0.0/), version

 ---

+## [1.14.2] — 2026-04-22
+
+### Fixed
+- **Admin "Login as Partner" impersonation now completes into `/dashboard`** instead of bouncing back to `/login?error=ImpersonationFailed`. Two linked issues:
+  - **`ALLOWED_HOSTS`** (`eventify/settings.py`) — partner portal's server-side `authorize()` (Next.js) calls `${BACKEND_API_URL}/api/v1/auth/me/` with `BACKEND_API_URL=http://eventify-backend:8000`, so the HTTP `Host` header was `eventify-backend` — not in the Django allowlist. `SecurityMiddleware` rejected with HTTP 400 DisallowedHost, `authorize()` returned null, `signIn()` failed, and the `/impersonate` page redirected to the login error. Added `partner.eventifyplus.com`, `eventify-backend`, and `eventify-django` to `ALLOWED_HOSTS`. Same Host issue was silently breaking regular partner password login too — fixed as a side effect.
+  - **`UserSerializer` missing `partner` field** (`admin_api/serializers.py`) — `MeView` returned `/api/v1/auth/me/` payload with no `partner` key, so the partner portal's `auth.ts` set `partnerId: ""` on the NextAuth session. Downstream dashboard queries that filter by `partnerId` would then return empty/403. Added `partner = PrimaryKeyRelatedField(read_only=True)` to the serializer's `fields` list. Payload now includes `"partner": <id>`.
+- Deploy: `docker cp` both files into **both** `eventify-backend` and `eventify-django` containers + `kill -HUP 1` on each (per shared admin_api rule).
+
+---
+
+## [1.14.1] — 2026-04-22
+
+### Fixed
+- **`_serialize_review()` now returns `profile_photo`** (`mobile_api/views/reviews.py`) — `/api/reviews/list` payload was missing the reviewer's photo URL, so the consumer app had no choice but to render DiceBear placeholders for every reviewer regardless of whether they had uploaded a real profile picture
+  - Resolves `r.reviewer.profile_picture.url` when the field is non-empty and the file name is not `default.png` (the model's placeholder default); returns empty string otherwise so the frontend can fall back cleanly to DiceBear
+  - Mirrors the existing pattern in `mobile_api/views/user.py` (`LoginView`, `StatusView`, `UpdateProfileView`) — same defensive try/except around FK dereference
+  - Pure serializer change — no migration, no URL change, no permission change; `gunicorn kill -HUP 1` picks it up
+
+---
+
+## [1.14.0] — 2026-04-21
+
+### Added
+- **Module-level RBAC scopes for Reviews, Contributions, Leads, Audit Log** — `SCOPE_DEFINITIONS` in `admin_api/views.py` extended with 13 new entries so the admin dashboard's Roles & Permissions grid and the new Base Permissions tab can grant/revoke access at module granularity:
+  - Reviews: `reviews.read`, `reviews.moderate`, `reviews.delete`
+  - Contributions: `contributions.read`, `contributions.approve`, `contributions.reject`, `contributions.award`
+  - Leads: `leads.read`, `leads.write`, `leads.assign`, `leads.convert`
+  - Audit Log: `audit.read`, `audit.export`
+- **`NotificationSchedule` audit emissions** in `admin_api/views.py` — `NotificationScheduleListView.post` and `NotificationScheduleDetailView.patch` / `.delete` now write `notification.schedule.created` / `.updated` / `.deleted` `AuditLog` rows. Update emits only when at least one field actually changed. Delete captures `name`/`notification_type`/`cron_expression` before the row is deleted so the audit trail survives the deletion
+
+### Fixed
+- **`StaffProfile.get_allowed_modules()`** in `admin_api/models.py` — `SCOPE_TO_MODULE` was missing the `'reviews': 'reviews'` entry, so staff granted `reviews.*` scopes could not see the Reviews module in their sidebar. Added
+
+---
+
+## [1.13.0] — 2026-04-21
+
+### Added
+- **Full admin interaction audit coverage** — `_audit_log()` calls added to 12 views; every meaningful admin state change now writes an `AuditLog` row:
+
+| View | Action slug(s) | Notes |
+|---|---|---|
+| `AdminLoginView` | `auth.admin_login`, `auth.admin_login_failed` | Uses new `user=` kwarg (anonymous at login time) |
+| `PartnerStatusView` | `partner.status_changed` | Wrapped in `transaction.atomic()` |
+| `PartnerOnboardView` | `partner.onboarded` | Inside existing `transaction.atomic()` block |
+| `PartnerStaffCreateView` | `partner.staff.created` | Logged after `staff_user.save()` |
+| `EventCreateView` | `event.created` | title, partner_id, source in details |
+| `EventUpdateView` | `event.updated` | changed_fields list in details, wrapped in `transaction.atomic()` |
+| `EventDeleteView` | `event.deleted` | title + partner_id captured BEFORE delete, wrapped in `transaction.atomic()` |
+| `SettlementReleaseView` | `settlement.released` | prev/new status in details, `transaction.atomic()` |
+| `ReviewDeleteView` | `review.deleted` | reviewer_user_id + event_id + rating captured BEFORE delete |
+| `PaymentGatewaySettingsView` | `gateway.created`, `gateway.updated`, `gateway.deleted` | changed_fields on update |
+| `EventPrimaryImageView` | `event.primary_image_changed` | prev + new primary image id in details |
+| `LeadUpdateView` | `lead.updated` | changed_fields list; only emits if any field was changed |
+
+- **`_audit_log` helper** — optional `user=None` kwarg so `AdminLoginView` can supply the authenticated user explicitly (request.user is still anonymous at that point in the login flow). All 20+ existing callers are unaffected (no kwarg = falls through to `request.user`).
+- **`admin_api/tests.py`** — `AuthAuditEmissionTests` (login success + failed login) and `EventCrudAuditTests` (create/update/delete) bring total test count to 16, all green
+
+---
+
+## [1.12.0] — 2026-04-21
+
+### Added
+- **Audit coverage for four moderation endpoints** — every admin state change now leaves a matching row in `AuditLog`, written in the same `transaction.atomic()` block as the state change so the log can never disagree with the database:
+  - `UserStatusView` (`PATCH /api/v1/users/<id>/status/`) — `user.suspended`, `user.banned`, `user.reinstated`, `user.flagged`; details capture `reason`, `previous_status`, `new_status`
+  - `EventModerationView` (`PATCH /api/v1/events/<id>/moderate/`) — `event.approved`, `event.rejected`, `event.flagged`, `event.featured`, `event.unfeatured`; details include `reason`, `partner_id`, `previous_status`/`new_status`, `previous_is_featured`/`new_is_featured`
+  - `ReviewModerationView` (`PATCH /api/v1/reviews/<id>/moderate/`) — `review.approved`, `review.rejected`, `review.edited`; details include `reject_reason`, `edited_text` flag, `original_text` on edits
+  - `PartnerKYCReviewView` (`POST /api/v1/partners/<id>/kyc/review/`) — `partner.kyc.approved`, `partner.kyc.rejected`, `partner.kyc.requested_info` (new `requested_info` decision leaves compliance state intact and only records the info request)
+- **`GET /api/v1/rbac/audit-log/metrics/`** — `AuditLogMetricsView` returns `total`, `today`, `week`, `distinct_users`, and a `by_action_group` breakdown (`create`/`update`/`delete`/`moderate`/`auth`/`other`). Cached 60 s under key `admin_api:audit_log:metrics:v1`; pass `?nocache=1` to bypass (useful from the Django shell during incident response)
+- **`GET /api/v1/rbac/audit-log/`** — free-text `search` parameter (Q-filter over `action`, `target_type`, `target_id`, `user__username`, `user__email`); `page_size` now bounded to `[1, 200]` with defensive fallback to defaults on non-integer input
+- **`accounts.User.ALL_MODULES`** — appended `audit-log`; `StaffProfile.get_allowed_modules()` adds `'audit'` → `'audit-log'` to `SCOPE_TO_MODULE` so scope-based staff resolve the module correctly
+- **`admin_api/migrations/0005_auditlog_indexes.py`** — composite indexes `(action, -created_at)` and `(target_type, target_id)` on `AuditLog` to keep the /audit-log page fast past ~10k rows; reversible via Django's default `RemoveIndex` reverse op
+- **`admin_api/tests.py`** — `AuditLogListViewTests`, `AuditLogMetricsViewTests`, `UserStatusAuditEmissionTests` covering list shape, search, pagination bounds, metrics shape + `nocache`, and audit emission on suspend / ban / reinstate
+
+### Deploy notes
+Admin users created before this release won't have `audit-log` in their `allowed_modules` TextField. Backfill with:
+```python
+# Django shell
+from accounts.models import User
+for u in User.objects.filter(role__in=['admin', 'manager']):
+    mods = [m.strip() for m in (u.allowed_modules or '').split(',') if m.strip()]
+    if 'audit-log' not in mods and mods:  # only touch users with explicit lists
+        u.allowed_modules = ','.join(mods + ['audit-log'])
+        u.save(update_fields=['allowed_modules'])
+```
+Users on the implicit full-access list (empty `allowed_modules` + admin role) pick up the new module automatically via `get_allowed_modules()`.
+
+---
+
+## [1.11.0] — 2026-04-12
+
+### Added
+- **Worldline Connect payment integration** (`banking_operations/worldline/`)
+  - `client.py` — `WorldlineClient`: HMAC-SHA256 signed requests, `create_hosted_checkout()`, `get_hosted_checkout_status()`, `verify_webhook_signature()`
+  - `views.py` — `POST /api/payments/webhook/` (CSRF-exempt, signature-verified Worldline server callback) + `POST /api/payments/verify/` (frontend polls on return URL)
+  - `emails.py` — HTML ticket confirmation email with per-ticket QR codes embedded as base64 inline images
+  - `WorldlineOrder` model in `banking_operations/models.py` — tracks each hosted-checkout session (hosted_checkout_id, reference_id, status, raw_response, webhook_payload)
+- **`Booking.payment_status`** field — `pending / paid / failed / cancelled` (default `pending`); migration `bookings/0002_booking_payment_status`
+- **`banking_operations/services.py::transaction_initiate`** — implemented (was a stub); calls Worldline API, creates `WorldlineOrder`, returns `payment_url` back to `CheckoutAPI`
+- **Settings**: `WORLDLINE_MERCHANT_ID`, `WORLDLINE_API_KEY_ID`, `WORLDLINE_API_SECRET_KEY`, `WORLDLINE_WEBHOOK_SECRET_KEY`, `WORLDLINE_API_ENDPOINT` (default: sandbox), `WORLDLINE_RETURN_URL`
+- **Requirements**: `requests>=2.31.0`, `qrcode[pil]>=7.4.2`
+
+### Flow
+1. User adds tickets to cart → `POST /api/bookings/checkout/` creates Bookings + calls `transaction_initiate`
+2. `transaction_initiate` creates `WorldlineOrder` + calls Worldline → returns redirect URL
+3. Frontend redirects user to Worldline hosted checkout page
+4. After payment, Worldline redirects to `WORLDLINE_RETURN_URL` (`app.eventifyplus.com/booking/confirm?hostedCheckoutId=...`)
+5. SPA calls `POST /api/payments/verify/` — checks local status; if still pending, polls Worldline API directly
+6. Worldline webhook fires `POST /api/payments/webhook/` → generates Tickets (one per quantity), marks Booking `paid`, sends confirmation email with QR codes
+7. Partner scans QR code at event → existing `POST /api/bookings/check-in/` marks `Ticket.is_checked_in=True`
+
+### Deploy requirement
+Set in Django container `.env`:
+```
+WORLDLINE_MERCHANT_ID=...
+WORLDLINE_API_KEY_ID=...
+WORLDLINE_API_SECRET_KEY=...
+WORLDLINE_WEBHOOK_SECRET_KEY=...
+```
+`WORLDLINE_API_ENDPOINT` defaults to sandbox — set to production URL when going live.
+
+---
+
+## [1.10.0] — 2026-04-10
+
+### Security
+- **`GoogleLoginView` audience-check fix** (`POST /api/user/google-login/`) — **CRITICAL security patch**
+  - `verify_oauth2_token(token, google_requests.Request())` was called **without** the third `audience` argument, meaning any valid Google-signed ID token from *any* OAuth client was accepted — token spoofing from external apps was trivially possible
+  - Fixed to `verify_oauth2_token(token, google_requests.Request(), settings.GOOGLE_CLIENT_ID)` — only tokens whose `aud` claim matches our registered Client ID are now accepted
+  - Added fail-closed guard: if `settings.GOOGLE_CLIENT_ID` is empty the view returns HTTP 503 instead of silently accepting all tokens
+
+### Changed
+- **Removed Clerk scaffolding** — the `@clerk/react` broker approach added in a prior iteration has been replaced with direct Google Identity Services (GIS) ID-token flow on the frontend. Simpler architecture: one trust boundary instead of three.
+  - Removed `ClerkLoginView`, `_clerk_jwks_client`, `_get_clerk_jwks_client()` from `mobile_api/views/user.py`
+  - Removed `path('user/clerk-login/', ...)` from `mobile_api/urls.py`
+  - Removed `CLERK_JWKS_URL` / `CLERK_ISSUER` / `CLERK_SECRET_KEY` from `eventify/settings.py`; replaced with `GOOGLE_CLIENT_ID = os.environ.get('GOOGLE_CLIENT_ID', '')`
+  - Removed `PyJWT[crypto]>=2.8.0` and `requests>=2.31.0` from `requirements.txt` + `requirements-docker.txt` (no longer needed; `google-auth>=2.0.0` handles verification)
+
+### Added
+- **Settings**: `GOOGLE_CLIENT_ID = os.environ.get('GOOGLE_CLIENT_ID', '')` in `eventify/settings.py`
+- **Tests**: `mobile_api/tests.py::GoogleLoginViewTests` — 4 cases: valid token creates user (audience arg verified), missing `id_token` → 400, `ValueError` (wrong sig / wrong aud) → 401, existing user reuses DRF token
+
+### Context
+- The consumer SPA (`app.eventifyplus.com`) now loads the Google Identity Services script dynamically and POSTs a Google ID token to the existing `/api/user/google-login/` endpoint. Django is the sole session authority. `localStorage.event_token` / `event_user` are unchanged.
+- Deploy requirement: set `GOOGLE_CLIENT_ID` in the Django container `.env` **before** deploying — without it the view returns 503 (fail-closed by design).
+
+---
+
 ## [1.9.0] — 2026-04-07

 ### Added
--- a/accounts/models.py
+++ b/accounts/models.py
@@ -68,10 +68,10 @@ class User(AbstractUser):
        help_text='Comma-separated module slugs this user can access',
    )

-    ALL_MODULES = ["dashboard", "partners", "events", "ad-control", "users", "reviews", "contributions", "leads", "financials", "settings"]
+    ALL_MODULES = ["dashboard", "partners", "events", "ad-control", "users", "reviews", "contributions", "leads", "financials", "audit-log", "settings"]

    def get_allowed_modules(self):
-        ALL = ["dashboard", "partners", "events", "ad-control", "users", "reviews", "contributions", "leads", "financials", "settings"]
+        ALL = ["dashboard", "partners", "events", "ad-control", "users", "reviews", "contributions", "leads", "financials", "audit-log", "settings"]
        if self.is_superuser or self.role == "admin":
            return ALL
        if self.allowed_modules:
--- a/admin_api/migrations/0005_auditlog_indexes.py
+++ b/admin_api/migrations/0005_auditlog_indexes.py
@@ -0,0 +1,31 @@
+# Generated by Django 4.2.21 for the Audit Log module (admin_api v1.12.0).
+#
+# Adds two composite indexes to `AuditLog` so the new /audit-log admin page
+# can filter by action and resolve "related entries" lookups without a full
+# table scan once the log grows past a few thousand rows.
+
+from django.db import migrations, models
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('admin_api', '0004_lead_user_account'),
+    ]
+
+    operations = [
+        migrations.AddIndex(
+            model_name='auditlog',
+            index=models.Index(
+                fields=['action', '-created_at'],
+                name='auditlog_action_time_idx',
+            ),
+        ),
+        migrations.AddIndex(
+            model_name='auditlog',
+            index=models.Index(
+                fields=['target_type', 'target_id'],
+                name='auditlog_target_idx',
+            ),
+        ),
+    ]
--- a/admin_api/models.py
+++ b/admin_api/models.py
@@ -130,7 +130,7 @@ class StaffProfile(models.Model):
    def get_allowed_modules(self):
        scopes = self.get_effective_scopes()
        if '*' in scopes:
-            return ['dashboard', 'partners', 'events', 'ad-control', 'users', 'reviews', 'contributions', 'leads', 'financials', 'settings']
+            return ['dashboard', 'partners', 'events', 'ad-control', 'users', 'reviews', 'contributions', 'leads', 'financials', 'audit-log', 'settings']
        SCOPE_TO_MODULE = {
            'users': 'users',
            'events': 'events',
@@ -141,6 +141,8 @@ class StaffProfile(models.Model):
            'ads': 'ad-control',
            'contributions': 'contributions',
            'leads': 'leads',
+            'audit': 'audit-log',
+            'reviews': 'reviews',
        }
        modules = {'dashboard'}
        for scope in scopes:
@@ -179,6 +181,12 @@ class AuditLog(models.Model):

    class Meta:
        ordering = ['-created_at']
+        indexes = [
+            # Fast filter-by-action ordered by time (audit log page default view)
+            models.Index(fields=['action', '-created_at'], name='auditlog_action_time_idx'),
+            # Fast "related entries for this target" lookups in the detail panel
+            models.Index(fields=['target_type', 'target_id'], name='auditlog_target_idx'),
+        ]

    def __str__(self):
        return f"{self.action} by {self.user} at {self.created_at}"
--- a/admin_api/serializers.py
+++ b/admin_api/serializers.py
@@ -5,9 +5,10 @@ User = get_user_model()
 class UserSerializer(serializers.ModelSerializer):
    name = serializers.SerializerMethodField()
    role = serializers.SerializerMethodField()
+    partner = serializers.PrimaryKeyRelatedField(read_only=True)
    class Meta:
        model = User
-        fields = ['id', 'email', 'username', 'name', 'role']
+        fields = ['id', 'email', 'username', 'name', 'role', 'partner']
    def get_name(self, obj):
        return f"{obj.first_name} {obj.last_name}".strip() or obj.username
    def get_role(self, obj):
--- a/admin_api/tests.py
+++ b/admin_api/tests.py
@@ -0,0 +1,325 @@
+"""Tests for the Audit Log module (admin_api v1.12.0).
+
+Covers:
+    * `AuditLogListView` — list + search + filter shape
+    * `AuditLogMetricsView` — shape + `?nocache=1` bypass
+    * `UserStatusView` — emits a row into `AuditLog` for every status change,
+      inside the same transaction as the state change
+
+Run with:
+    python manage.py test admin_api.tests
+"""
+from __future__ import annotations
+
+from django.core.cache import cache
+from django.test import TestCase
+from rest_framework_simplejwt.tokens import RefreshToken
+
+from accounts.models import User
+from admin_api.models import AuditLog
+
+
+# ---------------------------------------------------------------------------
+# Base — auth helper shared across cases
+# ---------------------------------------------------------------------------
+
+
+class _AuditTestBase(TestCase):
+    """Gives each subclass an admin user + pre-issued JWT."""
+
+    @classmethod
+    def setUpTestData(cls):
+        cls.admin = User.objects.create_user(
+            username='audit.admin@eventifyplus.com',
+            email='audit.admin@eventifyplus.com',
+            password='irrelevant',
+            role='admin',
+        )
+        cls.admin.is_superuser = True
+        cls.admin.save()
+
+    def setUp(self):
+        # Metrics view caches by key; reset to keep cases independent.
+        cache.delete('admin_api:audit_log:metrics:v1')
+        access = str(RefreshToken.for_user(self.admin).access_token)
+        self.auth = {'HTTP_AUTHORIZATION': f'Bearer {access}'}
+
+
+# ---------------------------------------------------------------------------
+# AuditLogListView
+# ---------------------------------------------------------------------------
+
+
+class AuditLogListViewTests(_AuditTestBase):
+    url = '/api/v1/rbac/audit-log/'
+
+    def test_unauthenticated_returns_401(self):
+        resp = self.client.get(self.url)
+        self.assertEqual(resp.status_code, 401)
+
+    def test_authenticated_returns_paginated_shape(self):
+        AuditLog.objects.create(
+            user=self.admin,
+            action='user.suspended',
+            target_type='user',
+            target_id='42',
+            details={'reason': 'spam'},
+        )
+        resp = self.client.get(self.url, **self.auth)
+        self.assertEqual(resp.status_code, 200, resp.content)
+        body = resp.json()
+        for key in ('results', 'total', 'page', 'page_size', 'total_pages'):
+            self.assertIn(key, body)
+        self.assertEqual(body['total'], 1)
+        self.assertEqual(body['results'][0]['action'], 'user.suspended')
+        self.assertEqual(body['results'][0]['user']['email'], self.admin.email)
+
+    def test_search_narrows_results(self):
+        AuditLog.objects.create(
+            user=self.admin, action='user.suspended',
+            target_type='user', target_id='1', details={},
+        )
+        AuditLog.objects.create(
+            user=self.admin, action='event.approved',
+            target_type='event', target_id='1', details={},
+        )
+        resp = self.client.get(self.url, {'search': 'suspend'}, **self.auth)
+        self.assertEqual(resp.status_code, 200)
+        body = resp.json()
+        self.assertEqual(body['total'], 1)
+        self.assertEqual(body['results'][0]['action'], 'user.suspended')
+
+    def test_page_size_is_bounded(self):
+        # page_size=999 must be clamped to the 200-row upper bound.
+        resp = self.client.get(self.url, {'page_size': '999'}, **self.auth)
+        self.assertEqual(resp.status_code, 200)
+        self.assertEqual(resp.json()['page_size'], 200)
+
+    def test_invalid_pagination_falls_back_to_defaults(self):
+        resp = self.client.get(self.url, {'page': 'x', 'page_size': 'y'}, **self.auth)
+        self.assertEqual(resp.status_code, 200)
+        body = resp.json()
+        self.assertEqual(body['page'], 1)
+        self.assertEqual(body['page_size'], 50)
+
+
+# ---------------------------------------------------------------------------
+# AuditLogMetricsView
+# ---------------------------------------------------------------------------
+
+
+class AuditLogMetricsViewTests(_AuditTestBase):
+    url = '/api/v1/rbac/audit-log/metrics/'
+
+    def test_unauthenticated_returns_401(self):
+        resp = self.client.get(self.url)
+        self.assertEqual(resp.status_code, 401)
+
+    def test_returns_expected_shape(self):
+        AuditLog.objects.create(
+            user=self.admin, action='event.approved',
+            target_type='event', target_id='7', details={},
+        )
+        AuditLog.objects.create(
+            user=self.admin, action='department.created',
+            target_type='department', target_id='3', details={},
+        )
+        resp = self.client.get(self.url, **self.auth)
+        self.assertEqual(resp.status_code, 200, resp.content)
+        body = resp.json()
+        for key in ('total', 'today', 'week', 'distinct_users', 'by_action_group'):
+            self.assertIn(key, body)
+        self.assertEqual(body['total'], 2)
+        self.assertEqual(body['distinct_users'], 1)
+        # Each group present so frontend tooltip can render all 6 rows.
+        for group in ('create', 'update', 'delete', 'moderate', 'auth', 'other'):
+            self.assertIn(group, body['by_action_group'])
+        self.assertEqual(body['by_action_group']['moderate'], 1)
+        self.assertEqual(body['by_action_group']['create'], 1)
+
+    def test_nocache_bypasses_stale_cache(self):
+        # Prime cache with a fake payload.
+        cache.set(
+            'admin_api:audit_log:metrics:v1',
+            {
+                'total': 999,
+                'today': 0, 'week': 0, 'distinct_users': 0,
+                'by_action_group': {
+                    'create': 0, 'update': 0, 'delete': 0,
+                    'moderate': 0, 'auth': 0, 'other': 0,
+                },
+            },
+            60,
+        )
+
+        resp_cached = self.client.get(self.url, **self.auth)
+        self.assertEqual(resp_cached.json()['total'], 999)
+
+        resp_fresh = self.client.get(self.url, {'nocache': '1'}, **self.auth)
+        self.assertEqual(resp_fresh.json()['total'], 0)  # real DB state
+
+
+# ---------------------------------------------------------------------------
+# UserStatusView — audit emission
+# ---------------------------------------------------------------------------
+
+
+class UserStatusAuditEmissionTests(_AuditTestBase):
+    """Each status transition must leave a matching row in `AuditLog`.
+
+    The endpoint wraps the state change + audit log in `transaction.atomic()`
+    so the two can never disagree. These assertions catch regressions where a
+    new branch forgets the audit call.
+    """
+
+    def _url(self, user_id: int) -> str:
+        return f'/api/v1/users/{user_id}/status/'
+
+    def setUp(self):
+        super().setUp()
+        self.target = User.objects.create_user(
+            username='target@example.com',
+            email='target@example.com',
+            password='irrelevant',
+            role='customer',
+        )
+
+    def test_suspend_emits_audit_row(self):
+        resp = self.client.patch(
+            self._url(self.target.id),
+            data={'action': 'suspend', 'reason': 'spam flood'},
+            content_type='application/json',
+            **self.auth,
+        )
+        self.assertEqual(resp.status_code, 200, resp.content)
+        log = AuditLog.objects.filter(
+            action='user.suspended', target_id=str(self.target.id),
+        ).first()
+        self.assertIsNotNone(log, 'suspend did not emit audit log')
+        self.assertEqual(log.details.get('reason'), 'spam flood')
+
+    def test_ban_emits_audit_row(self):
+        resp = self.client.patch(
+            self._url(self.target.id),
+            data={'action': 'ban'},
+            content_type='application/json',
+            **self.auth,
+        )
+        self.assertEqual(resp.status_code, 200, resp.content)
+        self.assertTrue(
+            AuditLog.objects.filter(
+                action='user.banned', target_id=str(self.target.id),
+            ).exists(),
+            'ban did not emit audit log',
+        )
+
+    def test_reinstate_emits_audit_row(self):
+        self.target.is_active = False
+        self.target.save()
+        resp = self.client.patch(
+            self._url(self.target.id),
+            data={'action': 'reinstate'},
+            content_type='application/json',
+            **self.auth,
+        )
+        self.assertEqual(resp.status_code, 200, resp.content)
+        self.assertTrue(
+            AuditLog.objects.filter(
+                action='user.reinstated', target_id=str(self.target.id),
+            ).exists(),
+            'reinstate did not emit audit log',
+        )
+
+
+# ---------------------------------------------------------------------------
+# AdminLoginView — audit emission
+# ---------------------------------------------------------------------------
+
+
+class AuthAuditEmissionTests(_AuditTestBase):
+    """Successful and failed logins must leave matching rows in AuditLog."""
+
+    url = '/api/v1/admin/auth/login/'
+
+    def test_successful_login_emits_audit_row(self):
+        resp = self.client.post(
+            self.url,
+            data={'username': self.admin.username, 'password': 'irrelevant'},
+            content_type='application/json',
+        )
+        self.assertEqual(resp.status_code, 200, resp.content)
+        log = AuditLog.objects.filter(
+            action='auth.admin_login', target_id=str(self.admin.id),
+        ).first()
+        self.assertIsNotNone(log, 'successful login did not emit audit log')
+        self.assertEqual(log.details.get('username'), self.admin.username)
+
+    def test_failed_login_emits_audit_row(self):
+        resp = self.client.post(
+            self.url,
+            data={'username': self.admin.username, 'password': 'wrong-password'},
+            content_type='application/json',
+        )
+        self.assertEqual(resp.status_code, 401, resp.content)
+        self.assertTrue(
+            AuditLog.objects.filter(action='auth.admin_login_failed').exists(),
+            'failed login did not emit audit log',
+        )
+
+
+# ---------------------------------------------------------------------------
+# EventCreateView / EventUpdateView / EventDeleteView — audit emission
+# ---------------------------------------------------------------------------
+
+
+class EventCrudAuditTests(_AuditTestBase):
+    """Event CRUD operations must emit matching audit rows."""
+
+    def setUp(self):
+        super().setUp()
+        from events.models import EventType
+        self.event_type = EventType.objects.create(event_type='Test Category')
+
+    def _create_event_id(self):
+        resp = self.client.post(
+            '/api/v1/events/create/',
+            data={'title': 'Test Event', 'eventType': self.event_type.id},
+            content_type='application/json',
+            **self.auth,
+        )
+        self.assertEqual(resp.status_code, 201, resp.content)
+        return resp.json()['id']
+
+    def test_create_event_emits_audit_row(self):
+        event_id = self._create_event_id()
+        self.assertTrue(
+            AuditLog.objects.filter(action='event.created', target_id=str(event_id)).exists(),
+            'event create did not emit audit log',
+        )
+
+    def test_update_event_emits_audit_row(self):
+        event_id = self._create_event_id()
+        AuditLog.objects.all().delete()
+        resp = self.client.patch(
+            f'/api/v1/events/{event_id}/update/',
+            data={'title': 'Updated Title'},
+            content_type='application/json',
+            **self.auth,
+        )
+        self.assertEqual(resp.status_code, 200, resp.content)
+        log = AuditLog.objects.filter(action='event.updated', target_id=str(event_id)).first()
+        self.assertIsNotNone(log, 'event update did not emit audit log')
+        self.assertIn('title', log.details.get('changed_fields', []))
+
+    def test_delete_event_emits_audit_row(self):
+        event_id = self._create_event_id()
+        AuditLog.objects.all().delete()
+        resp = self.client.delete(
+            f'/api/v1/events/{event_id}/delete/',
+            **self.auth,
+        )
+        self.assertEqual(resp.status_code, 204)
+        self.assertTrue(
+            AuditLog.objects.filter(action='event.deleted', target_id=str(event_id)).exists(),
+            'event delete did not emit audit log',
+        )
--- a/admin_api/urls.py
+++ b/admin_api/urls.py
@@ -18,8 +18,25 @@ urlpatterns = [
    path('partners/<int:pk>/', views.PartnerDetailView.as_view(), name='partner-detail'),
    path('partners/<int:pk>/status/', views.PartnerStatusView.as_view(), name='partner-status'),
    path('partners/<int:pk>/kyc/review/', views.PartnerKYCReviewView.as_view(), name='partner-kyc-review'),
+    path('partners/<int:pk>/impersonate/', views.PartnerImpersonateView.as_view(), name='partner-impersonate'),
    path('partners/onboard/', views.PartnerOnboardView.as_view(), name='partner-onboard'),
    path('partners/<int:partner_id>/staff/', views.PartnerStaffCreateView.as_view(), name='partner-staff-create'),
+    # Partner-Me: partner portal self-service (Sprint 1)
+    path('partners/me/profile/', views.PartnerMeProfileView.as_view(), name='partner-me-profile'),
+    path('partners/me/notifications/', views.PartnerMeNotificationsView.as_view(), name='partner-me-notifications'),
+    path('partners/me/payout/', views.PartnerMePayoutView.as_view(), name='partner-me-payout'),
+    path('partners/me/change-password/', views.PartnerMeChangePasswordView.as_view(), name='partner-me-change-password'),
+    # Partner-Me: events (Sprint 2)
+    path('partners/me/events/', views.PartnerMeEventsView.as_view(), name='partner-me-events'),
+    path('partners/me/events/<int:pk>/', views.PartnerMeEventDetailView.as_view(), name='partner-me-event-detail'),
+    path('partners/me/events/<int:pk>/duplicate/', views.PartnerMeEventDuplicateView.as_view(), name='partner-me-event-duplicate'),
+    # Partner-Me: ticket tiers (Sprint 3)
+    path('partners/me/events/<int:event_pk>/tiers/', views.PartnerMeEventTiersView.as_view(), name='partner-me-event-tiers'),
+    path('partners/me/events/<int:event_pk>/tiers/<int:tier_pk>/', views.PartnerMeEventTierDetailView.as_view(), name='partner-me-event-tier-detail'),
+    # Partner-Me: bookings (Sprint 4)
+    path('partners/me/bookings/', views.PartnerBookingListView.as_view(), name='partner-me-bookings'),
+    # Partner-Me: customers (Sprint 5)
+    path('partners/me/customers/', views.PartnerCustomerListView.as_view(), name='partner-me-customers'),
    path('users/metrics/', views.UserMetricsView.as_view(), name='user-metrics'),
    path('users/', views.UserListView.as_view(), name='user-list'),
    path('users/<int:pk>/', views.UserDetailView.as_view(), name='user-detail'),
@@ -80,6 +97,16 @@ urlpatterns = [
    path('rbac/scopes/', views.ScopeListView.as_view(), name='rbac-scope-list'),
    path('rbac/org-tree/', views.OrgTreeView.as_view(), name='rbac-org-tree'),
    path('rbac/audit-log/', views.AuditLogListView.as_view(), name='rbac-audit-log'),
+    path('rbac/audit-log/metrics/', views.AuditLogMetricsView.as_view(), name='rbac-audit-log-metrics'),
+
+    # Notifications (admin-side recurring email jobs)
+    path('notifications/types/', views.NotificationTypesView.as_view(), name='notification-types'),
+    path('notifications/schedules/', views.NotificationScheduleListView.as_view(), name='notification-schedule-list'),
+    path('notifications/schedules/<int:pk>/', views.NotificationScheduleDetailView.as_view(), name='notification-schedule-detail'),
+    path('notifications/schedules/<int:pk>/recipients/', views.NotificationRecipientView.as_view(), name='notification-recipient-create'),
+    path('notifications/schedules/<int:pk>/recipients/<int:rid>/', views.NotificationRecipientDetailView.as_view(), name='notification-recipient-detail'),
+    path('notifications/schedules/<int:pk>/send-now/', views.NotificationScheduleSendNowView.as_view(), name='notification-schedule-send-now'),
+    path('notifications/schedules/<int:pk>/test-send/', views.NotificationScheduleTestSendView.as_view(), name='notification-schedule-test-send'),

    # Ad Control
    path('ad-control/', include('ad_control.urls')),
--- a/admin_api/views.py
+++ b/admin_api/views.py
--- a/eventify/settings.py
+++ b/eventify/settings.py
@@ -18,6 +18,9 @@ ALLOWED_HOSTS = [
    'backend.eventifyplus.com',
    'admin.eventifyplus.com',
    'app.eventifyplus.com',
+    'partner.eventifyplus.com',
+    'eventify-backend',
+    'eventify-django',
    'localhost',
    '127.0.0.1',
 ]
@@ -196,3 +199,9 @@ SIMPLE_JWT = {
    'USER_ID_FIELD': 'id',
    'USER_ID_CLAIM': 'user_id',
 }
+
+# --- Google OAuth (Sign in with Google via GIS ID-token flow) -----------
+# The Client ID is public (safe in VITE_* env vars and the SPA bundle).
+# There is NO client secret — we use the ID-token flow, not auth-code flow.
+# Set the SAME value in the Django container .env and in SPA .env.local.
+GOOGLE_CLIENT_ID = os.environ.get('GOOGLE_CLIENT_ID', '')
--- a/mobile_api/tests.py
+++ b/mobile_api/tests.py
@@ -1,3 +1,89 @@
-from django.test import TestCase
+"""Unit tests for GoogleLoginView.

-# Create your tests here.
+Run with:
+    python manage.py test mobile_api.tests
+"""
+import json
+from unittest.mock import patch, MagicMock
+
+from django.test import TestCase, override_settings
+from rest_framework.authtoken.models import Token
+
+from accounts.models import User
+
+
+@override_settings(GOOGLE_CLIENT_ID='test-client-id.apps.googleusercontent.com')
+class GoogleLoginViewTests(TestCase):
+    url = '/api/user/google-login/'
+
+    def _valid_idinfo(self, email='new.user@example.com'):
+        return {
+            'email': email,
+            'given_name': 'New',
+            'family_name': 'User',
+            'aud': 'test-client-id.apps.googleusercontent.com',
+        }
+
+    @patch('google.oauth2.id_token.verify_oauth2_token')
+    def test_valid_token_creates_user(self, mock_verify):
+        mock_verify.return_value = self._valid_idinfo('fresh@example.com')
+
+        resp = self.client.post(
+            self.url,
+            data=json.dumps({'id_token': 'fake.google.jwt'}),
+            content_type='application/json',
+        )
+
+        self.assertEqual(resp.status_code, 200, resp.content)
+        body = resp.json()
+        self.assertEqual(body['email'], 'fresh@example.com')
+        self.assertEqual(body['role'], 'customer')
+        self.assertTrue(body['token'])
+
+        user = User.objects.get(email='fresh@example.com')
+        self.assertTrue(Token.objects.filter(user=user).exists())
+        # Confirm audience was passed to verify_oauth2_token
+        _, call_kwargs = mock_verify.call_args[0], mock_verify.call_args
+        self.assertEqual(mock_verify.call_args[0][2], 'test-client-id.apps.googleusercontent.com')
+
+    def test_missing_id_token_returns_400(self):
+        resp = self.client.post(
+            self.url,
+            data=json.dumps({}),
+            content_type='application/json',
+        )
+        self.assertEqual(resp.status_code, 400)
+        self.assertEqual(resp.json()['error'], 'id_token is required')
+
+    @patch('google.oauth2.id_token.verify_oauth2_token')
+    def test_invalid_token_returns_401(self, mock_verify):
+        mock_verify.side_effect = ValueError('Token audience mismatch')
+
+        resp = self.client.post(
+            self.url,
+            data=json.dumps({'id_token': 'tampered.or.wrong-aud.jwt'}),
+            content_type='application/json',
+        )
+        self.assertEqual(resp.status_code, 401)
+        self.assertEqual(resp.json()['error'], 'Invalid Google token')
+
+    @patch('google.oauth2.id_token.verify_oauth2_token')
+    def test_existing_user_reuses_token(self, mock_verify):
+        existing = User.objects.create_user(
+            username='returning@example.com',
+            email='returning@example.com',
+            password='irrelevant',
+            role='customer',
+        )
+        existing_auth_token = Token.objects.create(user=existing)
+        mock_verify.return_value = self._valid_idinfo('returning@example.com')
+
+        resp = self.client.post(
+            self.url,
+            data=json.dumps({'id_token': 'returning.user.jwt'}),
+            content_type='application/json',
+        )
+        self.assertEqual(resp.status_code, 200)
+        self.assertEqual(resp.json()['token'], existing_auth_token.key)
+        # No duplicate user created
+        self.assertEqual(User.objects.filter(email='returning@example.com').count(), 1)
--- a/mobile_api/views/events.py
+++ b/mobile_api/views/events.py
@@ -244,9 +244,9 @@ class EventListAPI(APIView):
                if pincode_qs.count() >= MIN_EVENTS_THRESHOLD:
                    qs = pincode_qs

-            # Priority 3: Full-text search on title / description
+            # Priority 3: Full-text search on title / name / description
            if q:
-                qs = qs.filter(Q(title__icontains=q) | Q(description__icontains=q))
+                qs = qs.filter(Q(title__icontains=q) | Q(name__icontains=q) | Q(description__icontains=q))

            if per_type > 0 and page == 1:
                type_ids = list(qs.values_list('event_type_id', flat=True).distinct())
--- a/mobile_api/views/reviews.py
+++ b/mobile_api/views/reviews.py
@@ -29,11 +29,20 @@ def _serialize_review(r, user_interactions=None):
        uname = r.reviewer.username
    except Exception:
        uname = ''
+    try:
+        pic = r.reviewer.profile_picture
+        if pic and pic.name and 'default.png' not in pic.name:
+            profile_photo = pic.url
+        else:
+            profile_photo = ''
+    except Exception:
+        profile_photo = ''
    return {
        'id': r.id,
        'event_id': r.event_id,
        'username': uname,
        'display_name': display,
+        'profile_photo': profile_photo,
        'rating': r.rating,
        'comment': r.review_text,
        'status': _STATUS_TO_JSON.get(r.status, r.status),
--- a/mobile_api/views/user.py
+++ b/mobile_api/views/user.py
@@ -431,12 +431,22 @@ class GoogleLoginView(View):
            from google.oauth2 import id_token as google_id_token
            from google.auth.transport import requests as google_requests

+            from django.conf import settings
+
            data = json.loads(request.body)
            token = data.get('id_token')
            if not token:
                return JsonResponse({'error': 'id_token is required'}, status=400)

-            idinfo = google_id_token.verify_oauth2_token(token, google_requests.Request())
+            if not settings.GOOGLE_CLIENT_ID:
+                log("error", "GOOGLE_CLIENT_ID not configured", request=request)
+                return JsonResponse({'error': 'Google login temporarily unavailable'}, status=503)
+
+            idinfo = google_id_token.verify_oauth2_token(
+                token,
+                google_requests.Request(),
+                settings.GOOGLE_CLIENT_ID,
+            )
            email = idinfo.get('email')
            if not email:
                return JsonResponse({'error': 'Email not found in Google token'}, status=400)
--- a/notifications/emails.py
+++ b/notifications/emails.py
@@ -0,0 +1,181 @@
+"""HTML email builders for scheduled admin notifications.
+
+Each builder is registered in ``BUILDERS`` keyed by ``NotificationSchedule.notification_type``
+and returns ``(subject, html_body)``. Add new types by appending to the registry
+and extending ``NotificationSchedule.TYPE_CHOICES``.
+
+Week bounds for ``events_expiring_this_week`` are computed in Asia/Kolkata so the
+"this week" semantics match the operations team's wall-clock week regardless of
+``settings.TIME_ZONE`` (currently UTC).
+"""
+from datetime import date, datetime, timedelta
+from html import escape
+
+try:
+    from zoneinfo import ZoneInfo
+except ImportError:  # pragma: no cover — fallback for py<3.9
+    from backports.zoneinfo import ZoneInfo  # type: ignore
+
+from django.conf import settings
+from django.core.mail import EmailMessage
+from django.db.models import Q
+
+from eventify_logger.services import log
+
+
+IST = ZoneInfo('Asia/Kolkata')
+
+
+def _today_in_ist() -> date:
+    return datetime.now(IST).date()
+
+
+def _upcoming_week_bounds(today: date) -> tuple[date, date]:
+    """Return (next Monday, next Sunday) inclusive.
+
+    If today is Monday the result is *this week* (today..Sunday).
+    If today is any other weekday the result is *next week* (next Monday..next Sunday).
+    Mon=0 per Python ``weekday()``.
+    """
+    days_until_monday = (7 - today.weekday()) % 7
+    monday = today + timedelta(days=days_until_monday)
+    sunday = monday + timedelta(days=6)
+    return monday, sunday
+
+
+def _build_events_expiring_this_week(schedule) -> tuple[str, str]:
+    from events.models import Event
+
+    today = _today_in_ist()
+    monday, sunday = _upcoming_week_bounds(today)
+
+    qs = (
+        Event.objects
+        .select_related('partner', 'event_type')
+        .filter(event_status='published')
+        .filter(
+            Q(end_date__isnull=False, end_date__gte=monday, end_date__lte=sunday)
+            | Q(end_date__isnull=True, start_date__gte=monday, start_date__lte=sunday)
+        )
+        .order_by('end_date', 'start_date', 'name')
+    )
+
+    events = list(qs)
+    rows_html = ''
+    for e in events:
+        end = e.end_date or e.start_date
+        title = e.title or e.name or '(untitled)'
+        partner_name = ''
+        if e.partner_id:
+            try:
+                partner_name = e.partner.name or ''
+            except Exception:
+                partner_name = ''
+        category = ''
+        if e.event_type_id and e.event_type:
+            category = getattr(e.event_type, 'event_type', '') or ''
+        rows_html += (
+            '<tr>'
+            f'<td style="padding:10px 12px;border-bottom:1px solid #eee;">{escape(title)}</td>'
+            f'<td style="padding:10px 12px;border-bottom:1px solid #eee;">{escape(partner_name or "—")}</td>'
+            f'<td style="padding:10px 12px;border-bottom:1px solid #eee;">{escape(category or "—")}</td>'
+            f'<td style="padding:10px 12px;border-bottom:1px solid #eee;">'
+            f'{end.strftime("%a %d %b %Y") if end else "—"}</td>'
+            '</tr>'
+        )
+
+    if not events:
+        rows_html = (
+            '<tr><td colspan="4" style="padding:24px;text-align:center;color:#888;">'
+            'No published events are expiring next week.'
+            '</td></tr>'
+        )
+
+    subject = (
+        f'[Eventify] {len(events)} event(s) expiring '
+        f'{monday.strftime("%d %b")}–{sunday.strftime("%d %b")}'
+    )
+
+    html = f"""<!doctype html>
+<html><body style="margin:0;padding:0;background:#f5f5f5;font-family:Arial,Helvetica,sans-serif;color:#1a1a1a;">
+  <table role="presentation" width="100%" cellspacing="0" cellpadding="0" style="background:#f5f5f5;">
+    <tr><td align="center" style="padding:24px 12px;">
+      <table role="presentation" width="640" cellspacing="0" cellpadding="0" style="max-width:640px;background:#ffffff;border-radius:10px;overflow:hidden;box-shadow:0 2px 6px rgba(15,69,207,0.08);">
+        <tr><td style="background:#0F45CF;color:#ffffff;padding:24px 28px;">
+          <h2 style="margin:0;font-size:20px;">Events expiring next week</h2>
+          <p style="margin:6px 0 0;color:#d2dcff;font-size:14px;">
+            {monday.strftime("%A %d %b %Y")} &rarr; {sunday.strftime("%A %d %b %Y")}
+            &middot; {len(events)} event(s)
+          </p>
+        </td></tr>
+        <tr><td style="padding:20px 24px;">
+          <p style="margin:0 0 12px;font-size:14px;color:#444;">
+            Scheduled notification: <strong>{escape(schedule.name)}</strong>
+          </p>
+          <table role="presentation" width="100%" cellspacing="0" cellpadding="0" style="border-collapse:collapse;font-size:14px;">
+            <thead>
+              <tr style="background:#f0f4ff;color:#0F45CF;">
+                <th align="left" style="padding:10px 12px;">Title</th>
+                <th align="left" style="padding:10px 12px;">Partner</th>
+                <th align="left" style="padding:10px 12px;">Category</th>
+                <th align="left" style="padding:10px 12px;">End date</th>
+              </tr>
+            </thead>
+            <tbody>{rows_html}</tbody>
+          </table>
+        </td></tr>
+        <tr><td style="padding:16px 24px 24px;color:#888;font-size:12px;">
+          Sent automatically by Eventify Command Center.
+          To change recipients or the schedule, open
+          <a href="https://admin.eventifyplus.com/settings" style="color:#0F45CF;">admin.eventifyplus.com &rsaquo; Settings &rsaquo; Notifications</a>.
+        </td></tr>
+      </table>
+    </td></tr>
+  </table>
+</body></html>"""
+
+    return subject, html
+
+
+BUILDERS: dict = {
+    'events_expiring_this_week': _build_events_expiring_this_week,
+}
+
+
+def render_and_send(schedule) -> int:
+    """Render the email for ``schedule`` and deliver it to active recipients.
+
+    Returns the number of recipients the message was sent to. Raises on SMTP
+    failure so the management command can mark the schedule as errored.
+    """
+    builder = BUILDERS.get(schedule.notification_type)
+    if builder is None:
+        raise ValueError(f'No builder for notification type: {schedule.notification_type}')
+
+    subject, html = builder(schedule)
+    recipients = list(
+        schedule.recipients.filter(is_active=True).values_list('email', flat=True)
+    )
+    if not recipients:
+        log('warning', 'notification schedule has no active recipients', logger_data={
+            'schedule_id': schedule.id,
+            'schedule_name': schedule.name,
+        })
+        return 0
+
+    msg = EmailMessage(
+        subject=subject,
+        body=html,
+        from_email=settings.DEFAULT_FROM_EMAIL,
+        to=recipients,
+    )
+    msg.content_subtype = 'html'
+    msg.send(fail_silently=False)
+
+    log('info', 'notification email sent', logger_data={
+        'schedule_id': schedule.id,
+        'schedule_name': schedule.name,
+        'type': schedule.notification_type,
+        'recipient_count': len(recipients),
+    })
+    return len(recipients)
--- a/notifications/management/init.py
+++ b/notifications/management/init.py
--- a/notifications/management/commands/init.py
+++ b/notifications/management/commands/init.py
--- a/notifications/management/commands/send_scheduled_notifications.py
+++ b/notifications/management/commands/send_scheduled_notifications.py
@@ -0,0 +1,153 @@
+"""Dispatch due ``NotificationSchedule`` jobs.
+
+Host cron invokes this every ~15 minutes via ``docker exec``. The command
+walks all active schedules, evaluates their cron expression against
+``last_run_at`` using ``croniter``, and fires any that are due. A row-level
+``select_for_update(skip_locked=True)`` prevents duplicate sends if two cron
+ticks race or the container is restarted mid-run.
+
+Evaluation timezone is **Asia/Kolkata** to match
+``notifications/emails.py::_upcoming_week_bounds`` — the same wall-clock week
+used in the outgoing email body.
+
+Flags:
+    --schedule-id <id>   Fire exactly one schedule, ignoring cron check.
+    --dry-run            Resolve due schedules + render emails, send nothing.
+"""
+from datetime import datetime, timedelta
+
+try:
+    from zoneinfo import ZoneInfo
+except ImportError:  # pragma: no cover — py<3.9
+    from backports.zoneinfo import ZoneInfo  # type: ignore
+
+from croniter import croniter
+from django.core.management.base import BaseCommand, CommandError
+from django.db import transaction
+from django.utils import timezone
+
+from eventify_logger.services import log
+from notifications.emails import BUILDERS, render_and_send
+from notifications.models import NotificationSchedule
+
+
+IST = ZoneInfo('Asia/Kolkata')
+
+
+def _is_due(schedule: NotificationSchedule, now_ist: datetime) -> bool:
+    """Return True if ``schedule`` should fire at ``now_ist``.
+
+    ``croniter`` is seeded with ``last_run_at`` (or one year ago for a fresh
+    schedule) and asked for the next fire time. If that time has already
+    passed relative to ``now_ist`` the schedule is due.
+    """
+    if not croniter.is_valid(schedule.cron_expression):
+        return False
+
+    if schedule.last_run_at is not None:
+        seed = schedule.last_run_at.astimezone(IST)
+    else:
+        seed = now_ist - timedelta(days=365)
+
+    itr = croniter(schedule.cron_expression, seed)
+    next_fire = itr.get_next(datetime)
+    return next_fire <= now_ist
+
+
+class Command(BaseCommand):
+    help = 'Dispatch due NotificationSchedule email jobs.'
+
+    def add_arguments(self, parser):
+        parser.add_argument(
+            '--schedule-id', type=int, default=None,
+            help='Force-run a single schedule by ID, ignoring cron check.',
+        )
+        parser.add_argument(
+            '--dry-run', action='store_true',
+            help='Render and log but do not send or persist last_run_at.',
+        )
+
+    def handle(self, *args, **opts):
+        schedule_id = opts.get('schedule_id')
+        dry_run = opts.get('dry_run', False)
+
+        now_ist = datetime.now(IST)
+        qs = NotificationSchedule.objects.filter(is_active=True)
+        if schedule_id is not None:
+            qs = qs.filter(id=schedule_id)
+
+        candidate_ids = list(qs.values_list('id', flat=True))
+        if not candidate_ids:
+            self.stdout.write('No active schedules to evaluate.')
+            return
+
+        fired = 0
+        skipped = 0
+        errored = 0
+
+        for sid in candidate_ids:
+            with transaction.atomic():
+                locked_qs = (
+                    NotificationSchedule.objects
+                    .select_for_update(skip_locked=True)
+                    .filter(id=sid, is_active=True)
+                )
+                schedule = locked_qs.first()
+                if schedule is None:
+                    skipped += 1
+                    continue
+
+                forced = schedule_id is not None
+                if not forced and not _is_due(schedule, now_ist):
+                    skipped += 1
+                    continue
+
+                if schedule.notification_type not in BUILDERS:
+                    schedule.last_status = NotificationSchedule.STATUS_ERROR
+                    schedule.last_error = (
+                        f'No builder registered for {schedule.notification_type!r}'
+                    )
+                    schedule.save(update_fields=['last_status', 'last_error', 'updated_at'])
+                    errored += 1
+                    continue
+
+                if dry_run:
+                    self.stdout.write(
+                        f'[dry-run] would fire schedule {schedule.id} '
+                        f'({schedule.name}) type={schedule.notification_type}'
+                    )
+                    fired += 1
+                    continue
+
+                try:
+                    recipient_count = render_and_send(schedule)
+                except Exception as exc:  # noqa: BLE001 — wide catch, store msg
+                    log('error', 'notification dispatch failed', logger_data={
+                        'schedule_id': schedule.id,
+                        'schedule_name': schedule.name,
+                        'error': str(exc),
+                    })
+                    schedule.last_status = NotificationSchedule.STATUS_ERROR
+                    schedule.last_error = str(exc)[:2000]
+                    schedule.save(update_fields=['last_status', 'last_error', 'updated_at'])
+                    errored += 1
+                    continue
+
+                schedule.last_run_at = timezone.now()
+                schedule.last_status = NotificationSchedule.STATUS_SUCCESS
+                schedule.last_error = ''
+                schedule.save(update_fields=[
+                    'last_run_at', 'last_status', 'last_error', 'updated_at',
+                ])
+                fired += 1
+                self.stdout.write(
+                    f'Fired schedule {schedule.id} ({schedule.name}) '
+                    f'→ {recipient_count} recipient(s)'
+                )
+
+        summary = f'Done. fired={fired} skipped={skipped} errored={errored}'
+        self.stdout.write(summary)
+        log('info', 'send_scheduled_notifications complete', logger_data={
+            'fired': fired, 'skipped': skipped, 'errored': errored,
+            'dry_run': dry_run, 'forced_id': schedule_id,
+        })
--- a/notifications/migrations/0001_initial.py
+++ b/notifications/migrations/0001_initial.py
@@ -0,0 +1,93 @@
+from django.conf import settings
+from django.db import migrations, models
+import django.db.models.deletion
+
+
+class Migration(migrations.Migration):
+
+    initial = True
+
+    dependencies = [
+        migrations.swappable_dependency(settings.AUTH_USER_MODEL),
+    ]
+
+    operations = [
+        migrations.CreateModel(
+            name='Notification',
+            fields=[
+                ('id', models.BigAutoField(auto_created=True, primary_key=True, serialize=False, verbose_name='ID')),
+                ('title', models.CharField(max_length=255)),
+                ('message', models.TextField()),
+                ('notification_type', models.CharField(
+                    choices=[
+                        ('event', 'Event'),
+                        ('promo', 'Promotion'),
+                        ('system', 'System'),
+                        ('booking', 'Booking'),
+                    ],
+                    default='system', max_length=20,
+                )),
+                ('is_read', models.BooleanField(default=False)),
+                ('action_url', models.URLField(blank=True, null=True)),
+                ('created_at', models.DateTimeField(auto_now_add=True)),
+                ('user', models.ForeignKey(
+                    on_delete=django.db.models.deletion.CASCADE,
+                    related_name='notifications',
+                    to=settings.AUTH_USER_MODEL,
+                )),
+            ],
+            options={'ordering': ['-created_at']},
+        ),
+        migrations.CreateModel(
+            name='NotificationSchedule',
+            fields=[
+                ('id', models.BigAutoField(auto_created=True, primary_key=True, serialize=False, verbose_name='ID')),
+                ('name', models.CharField(max_length=200)),
+                ('notification_type', models.CharField(
+                    choices=[('events_expiring_this_week', 'Events Expiring This Week')],
+                    db_index=True, max_length=64,
+                )),
+                ('cron_expression', models.CharField(
+                    default='0 0 * * 1',
+                    help_text=(
+                        'Standard 5-field cron (minute hour dom month dow). '
+                        'Evaluated in Asia/Kolkata.'
+                    ),
+                    max_length=100,
+                )),
+                ('is_active', models.BooleanField(db_index=True, default=True)),
+                ('last_run_at', models.DateTimeField(blank=True, null=True)),
+                ('last_status', models.CharField(blank=True, default='', max_length=20)),
+                ('last_error', models.TextField(blank=True, default='')),
+                ('created_at', models.DateTimeField(auto_now_add=True)),
+                ('updated_at', models.DateTimeField(auto_now=True)),
+            ],
+            options={'ordering': ['-created_at']},
+        ),
+        migrations.AddIndex(
+            model_name='notificationschedule',
+            index=models.Index(
+                fields=['is_active', 'notification_type'],
+                name='notificatio_is_acti_26dfb5_idx',
+            ),
+        ),
+        migrations.CreateModel(
+            name='NotificationRecipient',
+            fields=[
+                ('id', models.BigAutoField(auto_created=True, primary_key=True, serialize=False, verbose_name='ID')),
+                ('email', models.EmailField(max_length=254)),
+                ('display_name', models.CharField(blank=True, default='', max_length=200)),
+                ('is_active', models.BooleanField(default=True)),
+                ('created_at', models.DateTimeField(auto_now_add=True)),
+                ('schedule', models.ForeignKey(
+                    on_delete=django.db.models.deletion.CASCADE,
+                    related_name='recipients',
+                    to='notifications.notificationschedule',
+                )),
+            ],
+            options={
+                'ordering': ['display_name', 'email'],
+                'unique_together': {('schedule', 'email')},
+            },
+        ),
+    ]
--- a/notifications/migrations/init.py
+++ b/notifications/migrations/init.py
--- a/notifications/models.py
+++ b/notifications/models.py
@@ -1,4 +1,16 @@
+"""
+Two distinct concerns live in this app:
+
+1. ``Notification`` — consumer-facing in-app inbox entries surfaced on the mobile
+   SPA (/api/notifications/list/). One row per user per alert.
+
+2. ``NotificationSchedule`` + ``NotificationRecipient`` — admin-side recurring
+   email jobs configured from the Command Center Settings tab and dispatched by
+   the ``send_scheduled_notifications`` management command (host cron).
+   Not user-facing; strictly operational.
+"""
 from django.db import models
+
 from accounts.models import User


@@ -23,3 +35,68 @@ class Notification(models.Model):

    def __str__(self):
        return f"{self.notification_type}: {self.title} → {self.user.email}"
+
+
+class NotificationSchedule(models.Model):
+    """One configurable recurring email job.
+
+    New types are added by registering a builder in ``notifications/emails.py``
+    and adding the slug to ``TYPE_CHOICES`` below. Cron expression is evaluated
+    in ``Asia/Kolkata`` by the dispatcher (matches operations team timezone).
+    """
+
+    TYPE_EVENTS_EXPIRING_THIS_WEEK = 'events_expiring_this_week'
+
+    TYPE_CHOICES = [
+        (TYPE_EVENTS_EXPIRING_THIS_WEEK, 'Events Expiring This Week'),
+    ]
+
+    STATUS_SUCCESS = 'success'
+    STATUS_ERROR = 'error'
+
+    name = models.CharField(max_length=200)
+    notification_type = models.CharField(
+        max_length=64, choices=TYPE_CHOICES, db_index=True,
+    )
+    cron_expression = models.CharField(
+        max_length=100, default='0 0 * * 1',
+        help_text='Standard 5-field cron (minute hour dom month dow). '
+                  'Evaluated in Asia/Kolkata.',
+    )
+    is_active = models.BooleanField(default=True, db_index=True)
+    last_run_at = models.DateTimeField(null=True, blank=True)
+    last_status = models.CharField(max_length=20, blank=True, default='')
+    last_error = models.TextField(blank=True, default='')
+    created_at = models.DateTimeField(auto_now_add=True)
+    updated_at = models.DateTimeField(auto_now=True)
+
+    class Meta:
+        ordering = ['-created_at']
+        indexes = [models.Index(fields=['is_active', 'notification_type'])]
+
+    def __str__(self):
+        return f'{self.name} ({self.notification_type})'
+
+
+class NotificationRecipient(models.Model):
+    """Free-form recipient — not tied to a User row so external stakeholders
+    (vendors, partners, sponsors) can receive notifications without needing
+    platform accounts."""
+
+    schedule = models.ForeignKey(
+        NotificationSchedule,
+        on_delete=models.CASCADE,
+        related_name='recipients',
+    )
+    email = models.EmailField()
+    display_name = models.CharField(max_length=200, blank=True, default='')
+    is_active = models.BooleanField(default=True)
+    created_at = models.DateTimeField(auto_now_add=True)
+
+    class Meta:
+        unique_together = [('schedule', 'email')]
+        ordering = ['display_name', 'email']
+
+    def __str__(self):
+        label = self.display_name or self.email
+        return f'{label} ({self.schedule.name})'
--- a/partner/migrations/0002_partner_profile_payout_notifications.py
+++ b/partner/migrations/0002_partner_profile_payout_notifications.py
@@ -0,0 +1,70 @@
+from django.db import migrations, models
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('partner', '0001_initial'),
+    ]
+
+    operations = [
+        # Profile extras
+        migrations.AddField(
+            model_name='partner',
+            name='bio',
+            field=models.TextField(blank=True, null=True),
+        ),
+
+        # Payout settings
+        migrations.AddField(
+            model_name='partner',
+            name='payout_account_holder_name',
+            field=models.CharField(blank=True, max_length=250, null=True),
+        ),
+        migrations.AddField(
+            model_name='partner',
+            name='payout_account_number',
+            field=models.CharField(blank=True, max_length=50, null=True),
+        ),
+        migrations.AddField(
+            model_name='partner',
+            name='payout_ifsc_code',
+            field=models.CharField(blank=True, max_length=20, null=True),
+        ),
+        migrations.AddField(
+            model_name='partner',
+            name='payout_bank_name',
+            field=models.CharField(blank=True, max_length=250, null=True),
+        ),
+        migrations.AddField(
+            model_name='partner',
+            name='payout_schedule',
+            field=models.CharField(
+                choices=[('weekly', 'Weekly'), ('biweekly', 'Bi-weekly'), ('monthly', 'Monthly')],
+                default='monthly',
+                max_length=20,
+            ),
+        ),
+
+        # Notification preferences
+        migrations.AddField(
+            model_name='partner',
+            name='notif_new_booking',
+            field=models.BooleanField(default=True),
+        ),
+        migrations.AddField(
+            model_name='partner',
+            name='notif_event_status',
+            field=models.BooleanField(default=True),
+        ),
+        migrations.AddField(
+            model_name='partner',
+            name='notif_payout_update',
+            field=models.BooleanField(default=True),
+        ),
+        migrations.AddField(
+            model_name='partner',
+            name='notif_weekly_report',
+            field=models.BooleanField(default=False),
+        ),
+    ]
--- a/partner/models.py
+++ b/partner/models.py
@@ -65,5 +65,28 @@ class Partner(models.Model):
    kyc_compliance_document_file = models.FileField(upload_to='kyc_documents/', blank=True, null=True)
    kyc_compliance_document_number = models.CharField(max_length=250, blank=True, null=True)

+    # Profile extras
+    bio = models.TextField(blank=True, null=True)
+
+    # Payout settings
+    PAYOUT_SCHEDULE_CHOICES = (
+        ('weekly', 'Weekly'),
+        ('biweekly', 'Bi-weekly'),
+        ('monthly', 'Monthly'),
+    )
+    payout_account_holder_name = models.CharField(max_length=250, blank=True, null=True)
+    payout_account_number = models.CharField(max_length=50, blank=True, null=True)
+    payout_ifsc_code = models.CharField(max_length=20, blank=True, null=True)
+    payout_bank_name = models.CharField(max_length=250, blank=True, null=True)
+    payout_schedule = models.CharField(
+        max_length=20, choices=PAYOUT_SCHEDULE_CHOICES, default='monthly'
+    )
+
+    # Notification preferences
+    notif_new_booking = models.BooleanField(default=True)
+    notif_event_status = models.BooleanField(default=True)
+    notif_payout_update = models.BooleanField(default=True)
+    notif_weekly_report = models.BooleanField(default=False)
+
    def __str__(self):
        return self.name
--- a/requirements-docker.txt
+++ b/requirements-docker.txt
@@ -7,3 +7,7 @@ gunicorn==21.2.0
 django-extensions==3.2.3
 psycopg2-binary==2.9.9
 djangorestframework-simplejwt==5.3.1
+google-auth>=2.0.0
+requests>=2.28.0
+qrcode[pil]>=7.4.2
+croniter>=2.0.0
--- a/requirements.txt
+++ b/requirements.txt
@@ -2,3 +2,6 @@ Django>=4.2
 Pillow
 django-summernote
 google-auth>=2.0.0
+requests>=2.31.0
+qrcode[pil]>=7.4.2
+croniter>=2.0.0
Author	SHA1	Message	Date
Sicherhaven	f587c4dd24	Sprint 5: PartnerCustomerListView — partner-scoped customer list - admin_api/views.py: PartnerCustomerListView — distinct users who've booked partner's events, annotated with bookings_count + total_spent aggregates, search by email/name, paginated [1,200] - admin_api/urls.py: wire partners/me/customers/ Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>	2026-04-22 11:38:39 +05:30
Sicherhaven	4669907a02	Sprint 4: PartnerBookingListView for partner-scoped booking list - admin_api/views.py: PartnerBookingListView — filters Booking rows by partner via ticket_meta__event__partner, supports search (booking_id, user email/name), payment_status filter, event_id filter, pagination with page_size bound [1,200] - admin_api/urls.py: wire partners/me/bookings/ endpoint Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>	2026-04-22 11:34:57 +05:30
Sicherhaven	611d653938	Sprint 3: partner ticket tier CRUD endpoints - admin_api/views.py: add _serialize_tier(), PartnerMeEventTiersView (GET list + POST create with get_or_create TicketMeta), PartnerMeEventTierDetailView (PATCH update + DELETE) - admin_api/urls.py: wire partners/me/events/{event_pk}/tiers/ and .../tiers/{tier_pk}/ with named routes partner-me-event-tiers, partner-me-event-tier-detail - Deployed to eventify-backend + eventify-django containers Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>	2026-04-22 11:28:57 +05:30
Sicherhaven	16c21c17d2	feat(partner-portal): Sprint 2 — partner-me events CRUD endpoints Add partner-scoped event endpoints under /api/v1/partners/me/events/: - GET/POST /partners/me/events/ → list + create - GET/PATCH/DELETE /partners/me/events/{pk}/ → detail + update + delete - POST /partners/me/events/{pk}/duplicate/ → clone as draft All endpoints enforce partner ownership via _require_owned_event(). Create auto-sets partner FK + source='partner'. Duplicate always resets status to 'created' (draft). Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>	2026-04-22 11:20:37 +05:30
Sicherhaven	761b702e57	feat(partner-portal): Sprint 1 — partner-me settings endpoints Add 4 self-service endpoints under /api/v1/partners/me/: - GET/PUT /partners/me/profile/ → name, email, phone, website, bio - GET/PUT /partners/me/notifications/ → 4 boolean notification prefs - GET/PUT /partners/me/payout/ → bank account + payout schedule - POST /partners/me/change-password/ → current+new password change Model changes (partner/models.py + migration 0002): - Partner.bio TextField - Partner.payout_* fields (holder name, account number, IFSC, bank name, schedule) - Partner.notif_* boolean fields (new_booking, event_status, payout_update, weekly_report) Auth: simplejwt Bearer token (same as all admin_api views). Role guard: _require_partner() enforces partner/partner_manager/partner_staff and verifies user.partner FK is non-null. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>	2026-04-22 11:02:34 +05:30
Sicherhaven	46b391bd51	fix: allow partner portal SSR to reach admin_api (/me/) for impersonation ALLOWED_HOSTS was missing partner.eventifyplus.com + docker internal hostnames (eventify-backend, eventify-django). Partner Next.js server-side authorize() fetch to /api/v1/auth/me/ was rejected with HTTP 400 DisallowedHost, so admin "Login as Partner" redirected to /login?error=ImpersonationFailed instead of /dashboard. Also added `partner` FK to UserSerializer so the /me/ response exposes the partner id the portal needs to set session.user.partnerId. Deployed to both eventify-backend and eventify-django containers via docker cp + HUP. Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>	2026-04-22 10:30:58 +05:30
Sicherhaven	d9a2af7168	fix(reviews): expose profile_photo in /api/reviews/list payload _serialize_review() was not returning the reviewer's profile_picture URL, so the consumer app had no field to key off and always rendered DiceBear cartoons for every reviewer. - Resolves r.reviewer.profile_picture.url when non-empty - Treats default.png placeholder as no-photo (returns empty string) - Defensive try/except around FK dereference, same pattern as user.py Paired with mvnew consumer v1.7.8 which consumes the new field. Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>	2026-04-22 00:32:00 +05:30
Sicherhaven	f75d4f2915	fix: add missing get_object_or_404 import in PartnerImpersonateView	2026-04-21 23:18:37 +05:30
Sicherhaven	05de552820	feat(partners): add PartnerImpersonateView for admin Login-as-Partner POST /api/v1/partners/<pk>/impersonate/ mints a short-lived JWT for the partner's primary partner_manager user. Returns access + refresh tokens so the partner portal can create a session without requiring a password. Writes a partner.impersonated audit log row with admin username, partner name, and impersonated user for traceability. Closes: admin Login-as-Partner showing "Partner not found" (mock data)	2026-04-21 22:55:08 +05:30
Sicherhaven	f85188ca6b	revert: remove partner role login block from AdminLoginView Partner accounts must be able to log into admin.eventifyplus.com. ProtectedRoute empty-module redirect (frontend) handles the access boundary — no backend login gate needed.	2026-04-21 18:38:10 +05:30
Sicherhaven	64ff08b2b2	security: block non-admin roles from AdminLoginView AdminLoginView previously accepted any valid credential regardless of role. partner_manager / partner / partner_staff / partner_customer / customer accounts could obtain admin JWTs and land on admin.eventifyplus.com, where protected pages would render generic "not found" empty states. Now returns 403 for those roles unless the user is a superuser or has an attached StaffProfile. Writes an auth.admin_login_failed audit row with reason=non_admin_role. Closes gap reported for novakopro@gmail.com on /partners/3.	2026-04-21 18:35:16 +05:30
Sicherhaven	4a9f754fda	feat(rbac): add Reviews/Contributions/Leads/Audit scope defs + fix reviews module mapping (v1.14.0) - SCOPE_DEFINITIONS extended with 13 new scopes across 4 categories so the admin Roles & Permissions grid and new Base Permissions tab can grant module-level access - StaffProfile.SCOPE_TO_MODULE was missing 'reviews': 'reviews' — staff with reviews.* scopes could not resolve the Reviews module in their sidebar - NotificationSchedule CRUD views now emit AuditLog rows (notification.schedule.created / .updated / .deleted) matching the v1.13.0 audit coverage pattern Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>	2026-04-21 17:11:01 +05:30
Sicherhaven	66e41ba647	feat(audit): extend audit coverage to all admin interactions (v1.13.0) - _audit_log helper: optional user= kwarg for login-time calls - AdminLoginView: auth.admin_login / auth.admin_login_failed - PartnerStatusView: partner.status_changed (atomic) - PartnerOnboardView: partner.onboarded - PartnerStaffCreateView: partner.staff.created - EventCreateView/UpdateView/DeleteView: event.created/updated/deleted (atomic) - EventPrimaryImageView: event.primary_image_changed - SettlementReleaseView: settlement.released (atomic) - ReviewDeleteView: review.deleted (atomic) - LeadUpdateView: lead.updated - PaymentGatewaySettingsView: gateway.created/updated/deleted - tests: AuthAuditEmissionTests + EventCrudAuditTests (16 total, all green) Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>	2026-04-21 13:42:02 +05:30
Sicherhaven	2c60a82704	feat(audit): add Audit Log module — coverage, metrics endpoint, indexes - UserStatusView, EventModerationView, ReviewModerationView, PartnerKYCReviewView: each state change now emits _audit_log() inside the same transaction.atomic() block so the log stays consistent with DB state on partial failure - AuditLogMetricsView: GET /api/v1/rbac/audit-log/metrics/ returns total/today/week/distinct_users/by_action_group; 60 s cache with ?nocache=1 bypass - AuditLogListView: free-text search (Q over action/target/user), page_size bounded to [1, 200] - accounts.User.ALL_MODULES += 'audit-log'; StaffProfile.SCOPE_TO_MODULE['audit'] = 'audit-log' - Migration 0005: composite indexes (action,-created_at) and (target_type,target_id) on AuditLog - admin_api/tests.py: 11 tests covering list shape, search, page bounds, metrics shape+nocache, suspend/ban/reinstate audit emission Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>	2026-04-21 12:39:38 +05:30
Sicherhaven	9cde886bd4	feat(notifications): add test-send endpoint for single-address preview POST /api/v1/notifications/schedules/<pk>/test-send/ accepts {"email": "..."}, renders the schedule's email, delivers to that address only with [TEST] prefix. Does not touch last_run_at or last_status. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>	2026-04-20 11:53:33 +05:30
Sicherhaven	a8751b5183	feat(notifications): add scheduled email notification system - NotificationSchedule + NotificationRecipient models with initial migration - emails.py BUILDERS registry + events_expiring_this_week HTML email builder (IST week bounds) - send_scheduled_notifications management command (croniter due-check + select_for_update(skip_locked)) - 6 admin API endpoints under /api/v1/notifications/ (types, schedules CRUD, recipients CRUD, send-now) - date_from/date_to filters on EventListView for dashboard card - croniter>=2.0.0 added to requirements Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>	2026-04-20 11:41:46 +05:30
Sicherhaven	170208d3e5	fix(search): include name field in EventListAPI full-text search title__icontains only searched the optional title column; most events are stored in the required name field, so Thrissur Pooram and similar events were invisible to the q= search filter. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>	2026-04-10 12:03:05 +05:30
Sicherhaven	ca24a4cb23	fix: restore requests package for google-auth transport google.auth.transport.requests requires requests — removed it incorrectly during Clerk cleanup since requests is also a google-auth runtime dependency. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>	2026-04-10 01:35:28 +05:30
Sicherhaven	e0a491e8cb	security: fix GoogleLoginView audience check + replace Clerk with direct GIS flow - verify_oauth2_token now passes GOOGLE_CLIENT_ID as third arg (audience check) - fail-closed: returns 503 if GOOGLE_CLIENT_ID env var is not set - add GOOGLE_CLIENT_ID = os.environ.get('GOOGLE_CLIENT_ID', '') to settings - replace ClerkLoginViewTests with GoogleLoginViewTests (4 cases) - update requirements-docker.txt Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>	2026-04-10 01:31:18 +05:30