Feature: Finance Dashboard & Report Pages#7702
Merged
Conversation
Create new /finance/ route with Slim 4 architecture: - Entry point with FinanceRoleAuthMiddleware for access control - Dashboard view with YTD metrics, tax year checklist, quick actions - Reports index with organized report categories and links - PhpRenderer for server-side view rendering
Add _finance.scss with: - Finance card hover effects - Gradient metric cards for YTD statistics - Report list item hover transitions - Progress bar and truncated text styles
Add service methods for finance dashboard data: - getFiscalYearDates(): Calculate fiscal year date range - getDepositStatistics(): Count total/open/closed deposits - getRecentDeposits(): Get recent deposits with FY filter - getYtdPaymentTotal/PledgeTotal/PaymentCount/DonorFamilyCount - getDashboardData(): Consolidated method for all dashboard data
- Rename 'Deposit' menu to 'Finance' - Add Dashboard link as first submenu item - Update Deposit Reports link to new /finance/reports path - Fix indentation on Edit Deposit Slip submenu
Update FinanceRoleAuthMiddleware to check isAdmin() OR isFinanceEnabled() so administrators have full access to finance features without needing explicit finance permission.
Add visual indicators to clarify form mode: - Color-coded alert banner explaining pledge vs payment - Dynamic page titles with mode-specific icons - Card headers with mode-appropriate colors (warning/primary) - Dynamic labels: 'Pledge Details' vs 'Payment Details'
Create modular settings panel for use across dashboards: - SettingTypes for boolean, number, text, choice, password - Pre-defined SettingDefinitions for financial settings - API-based save with success notifications - SCSS with responsive layout and dark mode support
Dashboard tests: - YTD metrics cards, quick actions, tax year checklist - Recent deposits, deposit statistics, donation funds - Standard user access with finance permission - Access denial for users without finance permission Reports index tests: - Report categories (Tax, Pledge, Deposit, Membership) - Navigation to legacy FinancialReports.php - Permission-based access control
- Add setupNoFinanceSession Cypress command (judith.matthews) - Add nofinance credentials to docker/cypress.config.ts - Update demo database with correct password hash - TypeScript definition for new command
Add tests to verify navigation from finance dashboard: - Navigate to deposits from Dashboard Quick Actions - Navigate to deposits from Recent Deposits View All - Navigate to reports from Dashboard Generate Reports - Navigate to Giving Report from Reports Index
DawoudIO
requested review from
DAcodedBEAT,
MrClever,
bigtigerku,
Copilot,
grayeul and
respencer
and removed request for
a team
![github-code-quality[bot]](https://avatars.githubusercontent.com/u/9919?s=60&v=4){kind=small}
…tion or class' Co-authored-by: Copilot Autofix powered by AI <223894421+github-code-quality[bot]@users.noreply.github.com>
Contributor
There was a problem hiding this comment.
Pull request overview
This PR introduces a Finance Dashboard module using Slim 4 MVC architecture, providing a centralized hub for financial operations. It includes a new dashboard at /finance/ with YTD metrics, tax year checklist, and quick actions, plus a reports index page at /finance/reports organizing existing financial reports. The module follows the existing /admin/ pattern with Slim 4 routing, PhpRenderer views, service layer integration, and middleware-based access control.
Key changes:
- New finance module with dashboard and reports index pages using Slim 4 MVC
- Reusable system-settings-panel webpack component for embedding SystemConfig settings
- Enhanced FinanceRoleAuthMiddleware to allow admin OR finance permission access
- Color-coded mode indicators in PledgeEditor.php to distinguish pledges vs payments
Reviewed changes
Copilot reviewed 22 out of 23 changed files in this pull request and generated 3 comments.
Show a summary per file
| File | Description |
|---|---|
| webpack/system-settings-panel.js | Reusable component for displaying/editing SystemConfig settings with XSS protection and i18n support |
| webpack.config.js | Added system-settings-panel entry point for webpack compilation |
| src/skin/scss/system-settings-panel.scss | Styles for settings panel with responsive design and dark mode support |
| src/skin/scss/_finance.scss | Finance module styles including metric card gradients and hover effects |
| src/skin/churchcrm.scss | Imported _finance.scss into main stylesheet |
| src/finance/views/reports.php | Reports index page organizing financial reports by category |
| src/finance/views/dashboard.php | Finance dashboard with YTD metrics, checklist, and quick actions |
| src/finance/routes/reports.php | Slim 4 routes for reports pages |
| src/finance/routes/dashboard.php | Slim 4 route for dashboard page |
| src/finance/index.php | Slim 4 entry point with middleware and error handling |
| src/finance/.htaccess | URL rewriting configuration for Slim routing |
| src/PledgeEditor.php | Added color-coded mode indicators for pledge vs payment entry |
| src/ChurchCRM/Slim/Middleware/Request/Auth/FinanceRoleAuthMiddleware.php | Updated to allow admin OR finance permission |
| src/ChurchCRM/Service/FinancialService.php | Added dashboard data methods for metrics and fiscal year calculations |
| src/ChurchCRM/Config/Menu/Menu.php | Renamed "Deposit" menu to "Finance" with Dashboard as first item |
| docker/cypress.config.ts | Added nofinance test user credentials |
| demo/ChurchCRM-Database.sql | Updated demo database with test user permissions |
| cypress/support/ui-commands.js | Added setupNoFinanceSession command for access control testing |
| cypress/support/commands.d.ts | TypeScript definitions for new Cypress command |
| cypress/e2e/ui/finance/*.spec.js | Comprehensive UI tests for dashboard, reports, and access control |
src/finance/index.php
Outdated
| $response = $app->getResponseFactory()->createResponse(500); | ||
| return SlimUtils::renderJSON($response, [ | ||
| 'success' => false, | ||
| 'error' => $exception->getMessage() |
There was a problem hiding this comment.
The custom error handler returns $exception->getMessage() to clients in the JSON body:
return SlimUtils::renderJSON($response, [
'success' => false,
'error' => $exception->getMessage()
]);Exception messages can reveal sensitive internals (SQL errors, file paths, config hints). Instead, return a generic message to users and log full details server-side (e.g., use a static user-safe string and keep $exception->getMessage() only in logs).
Suggested change
| 'error' => $exception->getMessage() | |
| 'error' => gettext('An unexpected error occurred. Please contact your administrator.') |
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
…/ChurchCRM/CRM into feature/finance-dashboard-module
Closed
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
What Changed
This PR introduces a new Finance Dashboard module using Slim 4 MVC architecture, providing a centralized hub for financial operations and tax year reporting.
Changes
New Finance Module (
/finance/)Architecture
/admin/patternFinanceRoleAuthMiddlewareupdated to allow admin OR finance permissionReusable Components
UX Improvements
Testing
nofinancetest user (judith.matthews)Type
Screenshots
Security Check
Code Quality
Pre-Merge