fix: enable forwarded headers in nginx ingress for HTTPS detection

Laravel was generating HTTP URLs instead of HTTPS because nginx ingress
wasn't properly forwarding the X-Forwarded-Proto header.

Added nginx.ingress.kubernetes.io/use-forwarded-headers annotation to
ensure the ingress controller sends X-Forwarded-* headers to Laravel.

This fixes mixed content errors where cart and other AJAX requests were
being blocked by the browser.

.blade-formatter.json

@@ -0,0 +1,9 @@
+{
+  "indentSize": 4,
+  "wrapAttributes": "auto",
+  "wrapLineLength": 120,
+  "endWithNewLine": true,
+  "useTabs": false,
+  "sortTailwindcssClasses": true,
+  "sortHtmlAttributes": "none"
+}

.claude/settings.local.json

@@ -1,17 +0,0 @@
-{
-  "permissions": {
-    "allow": [
-      "Bash(test:*)",
-      "Bash(docker exec:*)",
-      "Bash(docker stats:*)",
-      "Bash(docker logs:*)",
-      "Bash(docker-compose down:*)",
-      "Bash(docker-compose up:*)",
-      "Bash(php --version:*)",
-      "Bash(docker-compose build:*)",
-      "Bash(docker-compose restart:*)"
-    ],
-    "deny": [],
-    "ask": []
-  }
-}

.env.example

@@ -8,6 +8,10 @@ APP_LOCALE=en
 APP_FALLBACK_LOCALE=en
 APP_FAKER_LOCALE=en_US
 
+# Stock Notification Settings
+# Number of days before stock notification requests expire (default: 30)
+STOCK_NOTIFICATION_EXPIRATION_DAYS=30
+
 APP_MAINTENANCE_DRIVER=file
 # APP_MAINTENANCE_STORE=database
 
@@ -77,10 +81,48 @@ MAIL_ENCRYPTION=null
 MAIL_FROM_ADDRESS="hello@example.com"
 MAIL_FROM_NAME="${APP_NAME}"
 
-AWS_ACCESS_KEY_ID=
-AWS_SECRET_ACCESS_KEY=
+# ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━
+# MinIO/S3 Storage Configuration
+# ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━
+# Versioning is enabled in all environments for asset recovery
+# ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━
+
+# ┌─────────────────────────────────────────────────────────────────────┐
+# │ LOCAL DEVELOPMENT (Docker MinIO)                                    │
+# └─────────────────────────────────────────────────────────────────────┘
+# Use local MinIO container for development (versioning enabled)
+# Access MinIO Console: http://localhost:9001 (minioadmin/minioadmin)
+FILESYSTEM_DISK=minio
+AWS_ACCESS_KEY_ID=minioadmin
+AWS_SECRET_ACCESS_KEY=minioadmin
 AWS_DEFAULT_REGION=us-east-1
-AWS_BUCKET=
-AWS_USE_PATH_STYLE_ENDPOINT=false
+AWS_BUCKET=media
+AWS_ENDPOINT=http://minio:9000
+AWS_URL=http://localhost:9000/media
+AWS_USE_PATH_STYLE_ENDPOINT=true
+
+# ┌─────────────────────────────────────────────────────────────────────┐
+# │ STAGING/DEVELOP (media-dev bucket)                                  │
+# └─────────────────────────────────────────────────────────────────────┘
+# FILESYSTEM_DISK=minio
+# AWS_ACCESS_KEY_ID=<staging-access-key>
+# AWS_SECRET_ACCESS_KEY=<staging-secret-key>
+# AWS_DEFAULT_REGION=us-east-1
+# AWS_BUCKET=media-dev
+# AWS_ENDPOINT=https://cdn.cannabrands.app
+# AWS_URL=https://cdn.cannabrands.app/media-dev
+# AWS_USE_PATH_STYLE_ENDPOINT=true
+
+# ┌─────────────────────────────────────────────────────────────────────┐
+# │ PRODUCTION (media bucket)                                           │
+# └─────────────────────────────────────────────────────────────────────┘
+# FILESYSTEM_DISK=minio
+# AWS_ACCESS_KEY_ID=TrLoFnMOVQC2CqLm9711
+# AWS_SECRET_ACCESS_KEY=4tfik06LitWz70L4VLIA45yXla4gi3zQI2IA3oSZ
+# AWS_DEFAULT_REGION=us-east-1
+# AWS_BUCKET=media
+# AWS_ENDPOINT=https://cdn.cannabrands.app
+# AWS_URL=https://cdn.cannabrands.app/media
+# AWS_USE_PATH_STYLE_ENDPOINT=true
 
 VITE_APP_NAME="${APP_NAME}"

.githooks/README.md

@@ -23,10 +23,11 @@ chmod +x .githooks/*
 
 ### `pre-commit` - Laravel Pint Auto-formatter ✅ ENFORCED
 **What it does:**
-- Runs Laravel Pint on staged files only (`--dirty`)
+- Runs Laravel Pint on staged PHP files only (not unstaged files)
 - Auto-formats code to match team standards
-- Automatically stages formatted files
+- Automatically re-stages the formatted files
 - Fast feedback (runs in seconds)
+- Safe: Won't format or stage files you haven't explicitly added
 
 **When it runs:**
 - Every time you run `git commit`

.githooks/pre-commit

@@ -1,22 +1,37 @@
 #!/bin/sh
 # Laravel Pint Pre-commit Hook
-# Automatically format code before committing
+# Automatically format staged PHP files before committing
 
 echo "🎨 Running Laravel Pint..."
 
-# Run Pint on staged files only
-./vendor/bin/pint --dirty
+# Get only staged PHP files
+STAGED_FILES=$(git diff --cached --name-only --diff-filter=ACM | grep '\.php$')
 
-# Check if Pint made changes
-if ! git diff --quiet; then
-    echo "✅ Code formatted! Files have been updated."
-    echo "   Changes have been staged automatically."
-
-    # Stage the formatted files
-    git add -u
-
-    exit 0
-else
-    echo "✅ Code style looks good!"
+# Exit early if no PHP files are staged
+if [ -z "$STAGED_FILES" ]; then
+    echo "✅ No PHP files staged"
     exit 0
 fi
+
+# Run Pint only on staged files
+echo "$STAGED_FILES" | xargs ./vendor/bin/pint
+
+# Check if Pint made changes to any of the staged files
+CHANGED=false
+for file in $STAGED_FILES; do
+    if ! git diff --quiet "$file" 2>/dev/null; then
+        CHANGED=true
+        break
+    fi
+done
+
+# Re-stage the formatted files (only the ones that were already staged)
+if [ "$CHANGED" = true ]; then
+    echo "✅ Code formatted! Files have been updated."
+    echo "   Changes have been staged automatically."
+    echo "$STAGED_FILES" | xargs git add
+else
+    echo "✅ Code style looks good!"
+fi
+
+exit 0

.githooks/pre-push

@@ -1,21 +1,22 @@
 #!/bin/sh
 #
-# Pre-push hook - Runs tests before pushing (supports both Sail and K8s)
+# Pre-push hook - Optionally run tests before pushing
 # Can be skipped with: git push --no-verify
 #
+# This is OPTIONAL - CI/CD will run comprehensive tests automatically.
+# Running tests locally can catch issues faster, but it's not required.
+#
 
-echo "🧪 Running tests before push..."
-echo "   (Use 'git push --no-verify' to skip)"
+echo "🚀 Preparing to push..."
 echo ""
 
 # Detect which environment is running
 SAIL_RUNNING=false
 K8S_RUNNING=false
 
-# Check if Sail is running
-if docker ps --format '{{.Names}}' | grep -q "sail" 2>/dev/null; then
+# Check if Sail is running (use vendor/bin/sail ps which works for all project names)
+if [ -f ./vendor/bin/sail ] && ./vendor/bin/sail ps 2>/dev/null | grep -q "Up"; then
     SAIL_RUNNING=true
-    echo "📦 Detected Sail environment"
 fi
 
 # Check if k8s namespace exists for this worktree
@@ -24,41 +25,46 @@ K8S_NS=$(echo "$BRANCH" | sed 's/feature\//feat-/' | sed 's/bugfix\//fix-/' | se
 
 if kubectl get namespace "$K8S_NS" >/dev/null 2>&1; then
     K8S_RUNNING=true
-    echo "☸️  Detected K8s environment (namespace: $K8S_NS)"
 fi
 
-# Run tests in appropriate environment
-if [ "$SAIL_RUNNING" = true ]; then
-    ./vendor/bin/sail artisan test --parallel
-    TEST_EXIT_CODE=$?
-elif [ "$K8S_RUNNING" = true ]; then
-    echo "   Running tests in k8s pod..."
-    kubectl -n "$K8S_NS" exec deploy/web -- php artisan test
-    TEST_EXIT_CODE=$?
-else
-    echo "⚠️  No environment running (Sail or K8s)"
-    echo "   Skipping tests - please run tests manually"
+# Offer to run tests if environment is available
+if [ "$SAIL_RUNNING" = true ] || [ "$K8S_RUNNING" = true ]; then
+    echo "💡 Tests will run automatically in CI/CD"
     echo ""
-    read -p "Continue push anyway? (y/n) " -n 1 -r
+    read -p "Run tests locally before push? (y/N) " -n 1 -r
     echo ""
-    if [ ! "$REPLY" = "y" ] && [ ! "$REPLY" = "Y" ]; then
-        echo "Push aborted"
-        exit 1
+    echo ""
+
+    if [ "$REPLY" = "y" ] || [ "$REPLY" = "Y" ]; then
+        echo "🧪 Running tests..."
+        echo ""
+
+        if [ "$SAIL_RUNNING" = true ]; then
+            ./vendor/bin/sail artisan test --parallel
+            TEST_EXIT_CODE=$?
+        elif [ "$K8S_RUNNING" = true ]; then
+            kubectl -n "$K8S_NS" exec deploy/web -- php artisan test
+            TEST_EXIT_CODE=$?
+        fi
+
+        if [ $TEST_EXIT_CODE -ne 0 ]; then
+            echo ""
+            echo "❌ Tests failed!"
+            echo ""
+            echo "Options:"
+            echo "  1. Fix the failing tests (recommended)"
+            echo "  2. Push anyway - CI will catch failures: git push --no-verify"
+            echo ""
+            exit 1
+        fi
+
+        echo ""
+        echo "✅ All tests passed!"
+        echo ""
     fi
-    exit 0
-fi
-
-# Check test results
-if [ $TEST_EXIT_CODE -ne 0 ]; then
-    echo ""
-    echo "❌ Tests failed!"
-    echo ""
-    echo "Options:"
-    echo "  1. Fix the failing tests (recommended)"
-    echo "  2. Push anyway with: git push --no-verify"
-    echo ""
-    exit 1
 fi
 
+echo "⚡ Pushing to remote (CI will run full test suite)..."
 echo ""
-echo "✅ All tests passed! Pushing..."
+
+exit 0

.gitignore

@@ -8,6 +8,7 @@
 /storage/clockwork
 /vendor
 .DS_Store
+docker-compose.override.yml
 .env
 .env.backup
 .env.production
@@ -29,6 +30,9 @@ yarn-error.log
 # Node symlink (for ARM-based machines)
 /node
 
+# Git worktrees directory
+/.worktrees/
+
 # Database backups
 *.gz
 *.sql.gz
@@ -41,3 +45,25 @@ version.env
 *SECRETS_BACKUP*
 .cannabrands-secrets/
 reverb-keys*
+
+# Core dumps and debug files
+core
+core.*
+*.core
+
+# Random image files (screenshots, etc.)
+*.png
+*.jpg
+*.jpeg
+!public/**/*.png
+!public/**/*.jpg
+!public/**/*.jpeg
+!resources/**/*.png
+!resources/**/*.jpg
+!resources/**/*.jpeg
+# Claude Code settings (personal AI preferences)
+.claude/
+
+storage/tmp/*
+!storage/tmp/.gitignore
+SESSION_ACTIVE

.stylelintrc.json

@@ -0,0 +1,20 @@
+{
+  "extends": "stylelint-config-standard",
+  "plugins": [
+    "stylelint-no-unsupported-browser-features"
+  ],
+  "rules": {
+    "no-descending-specificity": null,
+    "selector-class-pattern": null,
+    "custom-property-pattern": null,
+    "declaration-block-no-duplicate-properties": true,
+    "no-duplicate-selectors": true
+  },
+  "ignoreFiles": [
+    "**/*.js",
+    "**/*.php",
+    "node_modules/**",
+    "vendor/**",
+    "public/**"
+  ]
+}

.woodpecker/.ci.yml

@@ -11,17 +11,8 @@ when:
     event: push
   - event: [pull_request, tag]
 
-# PHP Syntax Check
+# Install dependencies first (needed for php-lint to resolve traits/classes)
 steps:
-  php-lint:
-    image: php:8.3-cli
-    commands:
-      - echo "Checking PHP syntax..."
-      - find app -name "*.php" -exec php -l {} \;
-      - find routes -name "*.php" -exec php -l {} \;
-      - find database -name "*.php" -exec php -l {} \;
-      - echo "PHP syntax check complete!"
-
   # Restore Composer cache
   restore-composer-cache:
     image: meltwater/drone-cache:dev
@@ -44,7 +35,7 @@ steps:
       - apt-get install -y -qq git zip unzip libicu-dev libzip-dev libpng-dev libjpeg-dev libfreetype6-dev libpq-dev
       - echo "Installing PHP extensions..."
       - docker-php-ext-configure gd --with-freetype --with-jpeg
-      - docker-php-ext-install -j$(nproc) intl pdo pdo_pgsql zip gd
+      - docker-php-ext-install -j$(nproc) intl pdo pdo_pgsql zip gd pcntl
       - echo "Installing Composer..."
       - curl -sS https://getcomposer.org/installer | php -- --install-dir=/usr/local/bin --filename=composer --quiet
       - echo "Creating minimal .env for package discovery..."
@@ -89,6 +80,16 @@ steps:
     volumes:
       - /tmp/woodpecker-cache:/tmp/cache
 
+  # PHP Syntax Check (runs after composer install so traits/classes are available)
+  php-lint:
+    image: php:8.3-cli
+    commands:
+      - echo "Checking PHP syntax..."
+      - find app -name "*.php" -exec php -l {} \;
+      - find routes -name "*.php" -exec php -l {} \;
+      - find database -name "*.php" -exec php -l {} \;
+      - echo "PHP syntax check complete!"
+
   # Run Laravel Pint (Code Style)
   code-style:
     image: php:8.3-cli
@@ -132,6 +133,34 @@ steps:
       - php artisan test --parallel
       - echo "Tests complete!"
 
+  # Validate seeders that run in dev/staging environments
+  # This prevents deployment failures caused by seeder errors (e.g., fake() crashes)
+  # Uses APP_ENV=development to match K8s init container behavior
+  validate-seeders:
+    image: kirschbaumdevelopment/laravel-test-runner:8.3
+    environment:
+      APP_ENV: development
+      DB_CONNECTION: pgsql
+      DB_HOST: postgres
+      DB_PORT: 5432
+      DB_DATABASE: testing
+      DB_USERNAME: testing
+      DB_PASSWORD: testing
+      CACHE_STORE: array
+      SESSION_DRIVER: array
+      QUEUE_CONNECTION: sync
+    commands:
+      - echo "Validating seeders (matches K8s init container)..."
+      - cp .env.example .env
+      - php artisan key:generate
+      - echo "Running migrate:fresh --seed with APP_ENV=development..."
+      - php artisan migrate:fresh --seed --force
+      - echo "✅ Seeder validation complete!"
+    when:
+      branch: [develop, master]
+      event: push
+      status: success
+
   # Build and push Docker image for DEV environment (develop branch)
   build-image-dev:
     image: woodpeckerci/plugin-docker-buildx

.woodpecker/GIT_BRANCHING_STRATEGY.md

@@ -1,578 +0,0 @@
-# Git Branching Strategy for Cannabrands
-
-## Evolution of Your Workflow
-
-Your branching strategy should evolve with your team size and customer base. This document outlines the transition path.
-
----
-
-## Phase 0: Pre-Release (Current)
-
-**Team Size:** 1-2 developers
-**Customers:** None yet
-**Goal:** Move fast, iterate quickly
-
-### Current Workflow: Direct to Master
-
-```
-Local changes → Commit to master → Push → CI tests → (Optional: Deploy to dev)
-```
-
-**Commands:**
-```bash
-# Make changes
-git add .
-git commit -m "feat: add new feature"
-git push origin master
-```
-
-**When this works:**
-- ✅ Solo developer or tight 2-person team
-- ✅ No customers depending on stability
-- ✅ Fast iteration is priority #1
-- ✅ Quick fixes needed immediately
-
-**When to stop:**
-- ❌ First paying customer signs up
-- ❌ Team grows to 3+ developers
-- ❌ Too many merge conflicts
-- ❌ Need code review before deployment
-
----
-
-## Phase 1: Feature Branches (Transition)
-
-**Team Size:** 2-5 developers
-**Customers:** First few customers OR approaching launch
-**Goal:** Add safety through code review
-
-### GitHub Flow: Feature Branches + PRs
-
-```
-master (stable, auto-deploys to dev)
-  ↑
-  Pull Requests (code review required)
-  ↑
-feature branches (work in progress)
-```
-
-**Workflow:**
-
-```bash
-# 1. Create feature branch from master
-git checkout master
-git pull origin master
-git checkout -b feature/add-payment-terms
-
-# 2. Make changes
-# ... edit files ...
-git add .
-git commit -m "feat: add payment term surcharge calculation"
-
-# 3. Push feature branch
-git push origin feature/add-payment-terms
-
-# 4. Create Pull Request in Gitea
-# - Go to Gitea UI
-# - Click "New Pull Request"
-# - Base: master, Compare: feature/add-payment-terms
-# - Add description and assign reviewer
-
-# 5. After approval, merge to master
-# - Click "Merge" button in Gitea
-# - Delete feature branch
-
-# 6. Pull updated master
-git checkout master
-git pull origin master
-git branch -d feature/add-payment-terms
-```
-
-**Branch Naming Conventions:**
-```
-feature/short-description    # New features
-fix/bug-description         # Bug fixes
-refactor/what-changed       # Code refactoring
-docs/what-documented        # Documentation only
-test/what-tested           # Test additions
-
-Examples:
-feature/buyer-registration
-fix/invoice-calculation-error
-refactor/order-service
-docs/deployment-guide
-test/checkout-flow
-```
-
-**Commit Message Format:**
-```
-type(scope): subject
-
-Examples:
-feat(checkout): add payment term selection
-fix(invoice): correct tax calculation for multi-state orders
-refactor(orders): extract order validation logic
-docs(readme): update local setup instructions
-test(auth): add buyer login tests
-```
-
-**Benefits:**
-- ✅ Code review before merging
-- ✅ Catch bugs early
-- ✅ Knowledge sharing across team
-- ✅ Cleaner git history
-- ✅ Can work on multiple features in parallel
-
-**When to stop:**
-- ❌ Team grows beyond 10 people
-- ❌ Need to manage multiple versions
-- ❌ Need longer release cycles
-
----
-
-## Phase 2: Environment Branches (Mature)
-
-**Team Size:** 5+ developers
-**Customers:** Growing customer base
-**Goal:** Staged rollout with stability
-
-### Two-Branch Model: Develop + Master
-
-```
-master (production) ← deploys to app.cannabrands.com
-  ↑
-  Pull Requests (from develop, tested on staging)
-  ↑
-develop (integration) ← deploys to staging.cannabrands.app
-  ↑
-  Pull Requests (from feature branches)
-  ↑
-feature branches (work in progress)
-```
-
-**Workflow:**
-
-```bash
-# 1. Create feature branch from develop
-git checkout develop
-git pull origin develop
-git checkout -b feature/bulk-order-import
-
-# 2. Make changes and commit
-git add .
-git commit -m "feat(orders): add CSV bulk import"
-git push origin feature/bulk-order-import
-
-# 3. Create PR: feature → develop
-# - Merging to develop auto-deploys to staging.cannabrands.app
-# - Team tests on staging
-
-# 4. When staging is stable, create PR: develop → master
-# - Requires approval from team lead
-# - Merging to master deploys to production
-
-# 5. Regular develop → master promotions
-# - Every 1-2 weeks
-# - Or after major features are tested
-```
-
-**Branch Protection Rules:**
-
-**Master Branch:**
-- ✅ Require pull request reviews (1+ approvals)
-- ✅ Require status checks to pass (CI tests)
-- ✅ Require branches to be up to date
-- ✅ Restrict who can push (admin only)
-
-**Develop Branch:**
-- ✅ Require pull request reviews (1+ approval)
-- ✅ Require status checks to pass
-- ⬜ Allow force pushes (optional)
-
-**Setup in Gitea:**
-```
-Settings → Repository → Branches → Add Branch Protection Rule
-- Branch name pattern: master
-- Enable protection
-- Require pull request reviews before merging
-- Dismiss stale pull request approvals when new commits are pushed
-- Require status checks to pass before merging
-```
-
-**Benefits:**
-- ✅ Staging environment matches production
-- ✅ Catch integration issues before customers see them
-- ✅ Multiple features can be tested together
-- ✅ Rollback is easier (master = last known good)
-- ✅ QA team has stable environment to test
-
----
-
-## Phase 3: Release Branches (Enterprise)
-
-**Team Size:** 10+ developers
-**Customers:** Large customer base, SLA commitments
-**Goal:** Support multiple versions, scheduled releases
-
-### Git Flow: Full Enterprise Model
-
-```
-master (production) ← hotfixes, release branches
-  ↑
-release/v2.1.0 (release preparation)
-  ↑
-develop (integration) ← feature branches
-  ↑
-feature/* (work in progress)
-```
-
-**When you need this:**
-- Multiple versions in production (e.g., self-hosted + SaaS)
-- Need to support old versions
-- Scheduled release cycles (monthly/quarterly)
-- Regulatory requirements for change control
-
-**This is probably overkill for most cannabis startups.**
-
----
-
-## Hotfix Workflow (All Phases)
-
-**When:** Critical bug in production needs immediate fix
-
-### Quick Hotfix Process
-
-```bash
-# 1. Create hotfix branch from master
-git checkout master
-git pull origin master
-git checkout -b hotfix/invoice-calculation-fix
-
-# 2. Make MINIMAL changes to fix the bug
-git add .
-git commit -m "fix(invoice): correct tax calculation for CA"
-
-# 3. Test locally
-./vendor/bin/sail artisan test
-
-# 4. Create PR to master (expedited review)
-# - Mark as "HOTFIX - URGENT"
-# - Get quick approval from team lead
-
-# 5. After merging to master:
-# - Deploy to production immediately
-# - Backport fix to develop branch
-
-git checkout develop
-git merge master
-git push origin develop
-```
-
-**Hotfix Rules:**
-- ⚠️ Only for critical production bugs
-- ⚠️ Must be small, focused changes
-- ⚠️ Expedited review process
-- ⚠️ Deploy ASAP after merge
-
----
-
-## Recommended Transition Timeline
-
-### Now → First Customer (Phase 0)
-
-**Strategy:** Direct to master
-**Why:** Fast iteration, no customer impact
-
-```bash
-# Your current workflow - keep doing this
-git commit -am "feat: add new feature"
-git push origin master
-```
-
-### First Customer → 5 Customers (Phase 1)
-
-**Trigger:** First paying customer OR 3+ developers
-**Strategy:** Feature branches with PRs
-**Timeline:** Implement within 2 weeks of first customer
-
-**Action Items:**
-1. Create `CONTRIBUTING.md` with PR guidelines
-2. Enable branch protection on master
-3. Train team on PR workflow
-4. Set up code review rotation
-
-### 5+ Customers → Growth Phase (Phase 2)
-
-**Trigger:**
-- 5+ developers on team OR
-- 50+ active customers OR
-- Need for staging environment
-
-**Strategy:** Develop + Master branches
-**Timeline:** Plan 1 month for transition
-
-**Action Items:**
-1. Set up staging.cannabrands.app server
-2. Create develop branch
-3. Update CI/CD for both branches
-4. Document new workflow for team
-
----
-
-## Pull Request Best Practices
-
-### Writing Good PRs
-
-**Title Format:**
-```
-type(scope): brief description
-
-Examples:
-feat(orders): add bulk order import
-fix(invoice): correct tax calculation
-refactor(auth): simplify login flow
-```
-
-**Description Template:**
-```markdown
-## What Changed
-Brief description of what this PR does
-
-## Why
-Explain the problem this solves or feature it adds
-
-## How to Test
-1. Go to /orders/import
-2. Upload sample CSV
-3. Verify orders are created correctly
-
-## Screenshots (if UI changes)
-[Attach screenshots]
-
-## Checklist
-- [ ] Tests added/updated
-- [ ] Documentation updated
-- [ ] Tested locally
-- [ ] No merge conflicts
-```
-
-### Reviewing PRs
-
-**What to look for:**
-- ✅ Code solves the stated problem
-- ✅ Tests cover new functionality
-- ✅ Follows existing code style
-- ✅ No obvious bugs or security issues
-- ✅ Documentation is updated
-
-**How to provide feedback:**
-```markdown
-## Blocking Issues (must fix before merge)
-- [ ] Line 45: This will cause a division by zero error
-
-## Suggestions (nice to have)
-- Line 23: Consider extracting this to a helper method
-- Could add a comment explaining this logic
-
-## Praise (always include!)
-- Great test coverage!
-- Clean implementation of the CSV parser
-```
-
-### PR Etiquette
-
-**Author:**
-- Keep PRs small (<400 lines changed)
-- Respond to feedback within 24 hours
-- Don't merge your own PRs (unless emergency)
-- Update PR if master changes
-
-**Reviewer:**
-- Review within 24 hours
-- Be kind and constructive
-- Ask questions instead of making demands
-- Approve when ready (don't hold up progress)
-
----
-
-## Merge Strategies
-
-### Squash and Merge (Recommended for Feature Branches)
-
-**What it does:** Combines all commits into one when merging
-
-**Use when:**
-- Feature branch has messy commit history
-- Want clean master history
-- PRs are self-contained features
-
-**Gitea Setting:** "Squash and merge" button in PR
-
-**Example:**
-```
-Before merge (feature branch):
-- fix typo
-- wip: add validation
-- add tests
-- fix tests
-- update docs
-
-After merge (master):
-- feat(orders): add bulk import with CSV validation (#42)
-```
-
-### Regular Merge (For Long-Running Branches)
-
-**What it does:** Preserves all commits and creates merge commit
-
-**Use when:**
-- Merging develop → master
-- Want to preserve detailed history
-- Multiple developers collaborated on branch
-
----
-
-## Common Workflows
-
-### Starting New Feature
-
-```bash
-# Update master
-git checkout master
-git pull origin master
-
-# Create feature branch
-git checkout -b feature/product-variants
-
-# Make changes
-# ... work work work ...
-
-# Commit regularly (small commits)
-git add .
-git commit -m "feat(products): add variant model"
-git push origin feature/product-variants
-
-# Create PR when ready
-```
-
-### Updating Feature Branch with Latest Master
-
-```bash
-# Your feature branch is behind master
-git checkout feature/product-variants
-
-# Option 1: Merge master into feature (preserves commits)
-git merge origin/master
-git push origin feature/product-variants
-
-# Option 2: Rebase on master (cleaner history)
-git rebase origin/master
-git push -f origin feature/product-variants  # Force push needed after rebase
-```
-
-**When to use each:**
-- **Merge:** Safer, preserves history, good for collaboration
-- **Rebase:** Cleaner history, good for solo feature branches
-
-### Fixing Merge Conflicts
-
-```bash
-# Pull latest master
-git checkout master
-git pull origin master
-
-# Try to merge (conflict!)
-git checkout feature/product-variants
-git merge master
-
-# Git shows conflicts
-# CONFLICT (content): Merge conflict in app/Models/Product.php
-
-# Open conflicted file
-nano app/Models/Product.php
-
-# Look for conflict markers:
-<<<<<<< HEAD
-// Your changes
-=======
-// Changes from master
->>>>>>> master
-
-# Resolve conflicts, remove markers
-# Save file
-
-# Mark as resolved
-git add app/Models/Product.php
-git commit -m "fix: resolve merge conflicts with master"
-git push origin feature/product-variants
-```
-
----
-
-## Branch Cleanup
-
-### Deleting Merged Feature Branches
-
-```bash
-# After PR is merged, delete local branch
-git branch -d feature/product-variants
-
-# Delete remote branch (Gitea can auto-delete)
-git push origin --delete feature/product-variants
-
-# Remove stale remote references
-git remote prune origin
-
-# See all branches
-git branch -a
-```
-
-### Finding Old Branches
-
-```bash
-# List branches by last commit date
-git for-each-ref --sort=-committerdate refs/heads/
-
-# Delete branches older than 30 days
-git branch --merged master | grep -v "master" | xargs git branch -d
-```
-
----
-
-## Summary: Your Transition Path
-
-### Today (Pre-Release)
-✅ **Direct to master** - current setup
-- Fast iteration
-- No PR overhead
-- Good for solo/pair development
-
-### First Customer (In 1-3 Months)
-🔜 **Feature branches + PRs**
-- Add code review
-- Protect master branch
-- Enable CI on PRs
-
-### Growing Team (In 6-12 Months)
-🔜 **Develop + Master branches**
-- Add staging environment
-- Staged rollouts
-- Better stability
-
----
-
-## Quick Reference
-
-| Phase | Team Size | Branches | Deploy To | When |
-|-------|-----------|----------|-----------|------|
-| 0: Pre-release | 1-2 | master | dev | Now |
-| 1: Feature branches | 2-5 | master + feature/* | dev | First customer |
-| 2: Environment branches | 5-10 | master + develop + feature/* | staging + prod | Growing team |
-| 3: Release branches | 10+ | master + develop + release/* + feature/* | Multiple envs | Enterprise |
-
-**Recommended for Cannabrands:**
-- **Now:** Phase 0 (direct to master)
-- **Next:** Phase 1 (feature branches) - within 2 weeks of first customer
-- **Future:** Phase 2 (develop branch) - when team grows to 5+
-
-**Key principle:** *"Choose the simplest workflow that meets your current needs. You can always add complexity later."*

.woodpecker/README.md

@@ -291,6 +291,42 @@ npm run changelog
 
 ---
 
+## CI/CD Pipeline Stages
+
+The Woodpecker CI pipeline runs the following stages for every push to `develop` or `master`:
+
+1. **PHP Lint** - Syntax validation
+2. **Code Style (Pint)** - Formatting check
+3. **Tests** - PHPUnit/Pest tests with `APP_ENV=testing`
+4. **Seeder Validation** - Validates seeders with `APP_ENV=development`
+5. **Docker Build** - Creates container image
+6. **Auto-Deploy** - Deploys to dev.cannabrands.app (develop branch only)
+
+### Why Seeder Validation?
+
+The dev environment (`dev.cannabrands.app`) runs `migrate:fresh --seed` on every K8s deployment via init container. If seeders have bugs (e.g., undefined functions, missing relationships), the deployment fails and pods crash.
+
+**The Problem:**
+- Tests run with `APP_ENV=testing` which **skips DevSeeder**
+- K8s runs with `APP_ENV=development` which **runs DevSeeder**
+- Seeder bugs passed CI but crashed in K8s
+
+**The Solution:**
+- Add dedicated seeder validation step with `APP_ENV=development`
+- Runs the exact same command as K8s init container
+- Catches seeder errors before deployment
+
+**Time Cost:** ~20-30 seconds added to CI pipeline
+
+**What It Catches:**
+- Runtime errors (e.g., `fake()` outside factory context)
+- Database constraint violations
+- Missing relationships (foreign key errors)
+- Invalid enum values
+- Seeder syntax errors
+
+---
+
 ## Pre-Commit Checklist
 
 Before committing:
@@ -300,6 +336,7 @@ Before committing:
 
 Before releasing:
 - [ ] All tests green in CI
+- [ ] **Seeder validation passed in CI**
 - [ ] Tested in dev/staging environment
 - [ ] Release notes written
 - [ ] CHANGELOG updated (auto-generated)

CLAUDE.md

@@ -1,85 +1,141 @@
 # Claude Code Context
 
-## Important Documentation to Review
+## 📌 IMPORTANT: Check Personal Context Files
 
-Before implementing any features, please review the following documentation:
+**ALWAYS read `claude.kelly.md` first** - Contains personal preferences and session tracking workflow
 
-### URL Structure and Architecture
-- **ALWAYS** review `docs/URL_STRUCTURE.md` before implementing any routing changes
-- The application uses a three-tier user system: buyers, sellers, and admins
-- URL prefixes: `/b/` (buyers), `/s/` (sellers), `/admin` (super admins)
+---
 
-### Additional Documentation
-- `docs/DATABASE.md` - Database schema and conventions
-- `docs/DEVELOPMENT.md` - Development environment setup
-- `docs/KUBERNETES_DEPLOYMENT.md` - Kubernetes deployment guide
-- `docs/REGISTRY_CLEANUP.md` - Docker registry cleanup policy
-- `CONTRIBUTING.md` - Git workflow and PR process (root level)
-- `k8s/KUBECTL_COMMANDS.md` - kubectl operations reference
+## 🚨 Critical Mistakes You Make
 
-### User Types and Account Structure
-- **Buyers** (Retailers/Dispensaries): Browse marketplace, instant approval
-- **Sellers** (Brands/Manufacturers): Manage products, require approval
-- **Admins**: Platform management
+### 1. Business Isolation (MOST COMMON!)
+❌ **Wrong:** `Component::findOrFail($id)` then check business_id
+✅ **Right:** `Component::where('business_id', $business->id)->findOrFail($id)`
+**Why:** Prevents ID enumeration across tenants (see audit: BomController vulnerability)
 
-### Development Guidelines
-1. Maintain Laravel Breeze compatibility for authentication
-2. Follow existing code conventions and patterns
-3. Always check existing components before creating new ones
-4. Use PostgreSQL-compatible migrations (no IF/ELSE logic)
-5. Test routes after implementation
-6. Create informative git commits with clear messages
+**Models needing business_id:** Component, Brand, Product, Driver, Vehicle, Contact, Invoice
+**Exception:** Orders span buyer + seller businesses - use `whereHas('items.product.brand')`
 
-## What NOT to Do
+### 2. Route Prefixes
+Check `docs/URL_STRUCTURE.md` BEFORE route changes.
+- `/b/*` → Buyers only
+- `/s/*` → Sellers only
+- `/admin` → Super admins only
 
-- ❌ **NEVER** commit directly to `develop` or `master` branches
-- ❌ **NEVER** use raw SQL (use Eloquent/Query Builder)
-- ❌ **NEVER** skip authentication middleware on protected routes
-- ❌ **NEVER** commit `.env` files or secrets
-- ❌ **NEVER** create migrations with IF/ELSE logic (PostgreSQL incompatible)
-- ❌ **NEVER** bypass CI/CD checks
-- ❌ **NEVER** skip writing down() methods in migrations
+### 3. Filament Usage Boundary
+**Filament = `/admin` ONLY** (super admin tools)
+**DO NOT** use Filament for `/b/` or `/s/` - use DaisyUI + Blade instead
+**Why:** Filament is admin panel framework, not customer-facing UI
 
-## Testing Requirements
+### 4. Multi-Tenancy Architecture
+**We do NOT use spatie/laravel-multitenancy** - manual business_id scoping
+**Why:** Two-sided marketplace needs cross-business queries (buyers browse all sellers' products)
+Orders link TWO businesses: buyer's business_id + seller's product→brand→business_id
 
-- **ALWAYS** run tests before committing: `php artisan test --parallel`
-- **ALWAYS** check code style: `./vendor/bin/pint`
-- Tests must pass in CI/CD pipeline before merge
+### 5. Middleware Protection
+ALL routes need auth + user type middleware except public pages
+**Pattern:** `->middleware(['auth', 'verified', 'buyer'])` or `['seller', 'approved']`
+**Caught in audit:** Unprotected `/onboarding/*` routes - now fixed
 
-## Testing Credentials
-- Buyer: `dispensary@example.com` / `password`
-- Seller: `brand@example.com` / `password`
-- Admin: `admin@example.com` / `password`
+### 6. PostgreSQL Migrations
+❌ No IF/ELSE logic in migrations (not supported)
+✅ Use Laravel Schema builder or conditional PHP code
 
-## Current Architecture Decisions
-- Dual registration flow with informative landing page at `/register`
-- Separate authentication controllers for buyers and sellers
-- Marketplace functionality under `/b/` prefix
-- Brand/seller CRM functionality under `/s/` prefix
+### 7. Styling - DaisyUI/Tailwind Only
+❌ **NEVER use inline `style=""` attributes** in Blade templates
+✅ **ALWAYS use DaisyUI/Tailwind utility classes**
+**Why:** Consistency, maintainability, theme switching, and better performance
 
-## Commands to Run After Changes
-- Clear caches: `php artisan cache:clear && php artisan config:clear && php artisan route:clear`
-- Run migrations: `php artisan migrate`
-- Seed test data: `php artisan db:seed --class=DevSeeder`
+**Correct patterns:**
+- Colors: Use `bg-primary`, `text-primary`, `bg-success`, etc. (defined in `resources/css/app.css`)
+- Spacing: Use `p-4`, `m-2`, `gap-3` (Tailwind utilities)
+- Layout: Use `flex`, `grid`, `items-center` (Tailwind utilities)
+- Custom colors: Add to `resources/css/app.css` theme variables, NOT inline
 
-## CI/CD Pipeline
+**Exception:** Only use inline styles for truly dynamic values from database (e.g., user-uploaded brand colors)
 
-Woodpecker CI runs automatically on push to develop/master:
-1. PHP syntax check
-2. Code style check (Pint)
-3. PHPUnit tests
-4. Docker image build (only if all checks pass)
+---
 
-**Do not merge Pull Requests if CI/CD fails.**
+## Tech Stack by Area
 
-## Server Requirements
+| Area | Framework | Users | UI |
+|------|-----------|-------|-----|
+| `/admin` | Filament v3 | Super admins | Filament tables/forms |
+| `/b/` | Blade + DaisyUI | Buyers | Custom marketplace |
+| `/s/` | Blade + DaisyUI | Sellers | Custom CRM |
 
-### PDF Generation (DomPDF)
-This application uses DomPDF (`barryvdh/laravel-dompdf`) for generating cannabis shipping manifests and invoices.
+---
 
-**No special server requirements needed** - DomPDF is pure PHP and works out of the box on all platforms (Linux, macOS, Windows, ARM64, x86_64).
+## Business Types
 
-**Configuration:**
-- Package: `barryvdh/laravel-dompdf`
-- Already installed via Composer
-- No additional system dependencies required
+- `'buyer'` - Dispensary (browses marketplace, places orders)
+- `'seller'` - Brand (manages products, fulfills orders)
+- `'both'` - Vertically integrated
+
+Users have `user_type` matching their business type.
+
+---
+
+## Testing & Git
+
+**Before commit:**
+```bash
+php artisan test --parallel  # REQUIRED
+./vendor/bin/pint             # REQUIRED
+```
+
+**Commit Messages:**
+- ❌ **DO NOT** include Claude Code signature/attribution in commit messages
+- ❌ **DO NOT** add "🤖 Generated with Claude Code" or "Co-Authored-By: Claude"
+- ✅ Write clean, professional commit messages without AI attribution
+
+**Credentials:** `{buyer,seller,admin}@example.com` / `password`
+
+**Branches:** Never commit to `master`/`develop` directly - use feature branches
+
+**CI/CD:** Woodpecker checks syntax → Pint → tests → Docker build
+
+---
+
+## Common Query Patterns
+
+```php
+// Seller viewing their products
+Product::whereHas('brand', fn($q) => $q->where('business_id', $business->id))->get();
+
+// Buyer viewing their orders
+Order::where('business_id', $business->id)->get();
+
+// Seller viewing incoming orders
+Order::whereHas('items.product.brand', fn($q) => $q->where('business_id', $business->id))->get();
+
+// Marketplace (cross-business - intentional!)
+Product::where('is_active', true)->get(); // No business_id filter!
+```
+
+---
+
+## Architecture Docs (Read When Needed)
+
+**Custom Architecture:**
+- `.claude/DEPARTMENTS.md` - Department system, permissions, access control
+- `.claude/ROUTING.md` - Business slug routing, subdivision architecture
+- `.claude/PROCESSING.md` - Processing operations (Solventless vs BHO, conversions, wash batches)
+- `.claude/MODELS.md` - Key models, relationships, query patterns
+
+**Standard Docs:**
+- `docs/URL_STRUCTURE.md` - **READ BEFORE** routing changes
+- `docs/DATABASE.md` - **READ BEFORE** migrations
+- `docs/DEVELOPMENT.md` - Local setup
+- `CONTRIBUTING.md` - Detailed git workflow
+
+---
+
+## What You Often Forget
+
+✅ Scope by business_id BEFORE finding by ID
+✅ Use Eloquent (never raw SQL)
+✅ Protect routes with middleware
+✅ DaisyUI for buyer/seller, Filament only for admin
+✅ NO inline styles - use Tailwind/DaisyUI classes only
+✅ Run tests before committing

CLAUDE_COLLABORATION_WORKFLOW.md

@@ -1,891 +0,0 @@
-# Claude Code Collaboration Workflow Guide
-
-**Project:** Cannabrands CRM → Filament Migration
-**Timeline:** 28 days
-**Developer:** Solo developer + Claude Code
-**Last Updated:** January 2025
-
----
-
-## 📋 Overview
-
-This guide provides prompt templates, reference strategies, and workflows for effectively collaborating with Claude Code during the migration from the legacy Laravel 9 + VentureDrake CRM system to the new Laravel 12 + Filament 4 platform.
-
-**Key Principle:** The old codebase (`/cannabrands_crm`) contains **business logic** that must be preserved, but **architectural patterns** that should NOT be replicated.
-
----
-
-## 🎯 Prompt Templates
-
-### Template 1: Implementing a New Feature
-
-```
-I need to implement [FEATURE NAME] from the old system.
-
-**Old System Reference:**
-- Location: [file path in /cannabrands_crm]
-- Key business rules: [specific rules to preserve]
-- Data involved: [models/tables]
-
-**New System Requirements:**
-- Filament resource: [Yes/No]
-- Public-facing page: [Yes/No]
-- Special considerations: [any unique requirements]
-
-Please:
-1. Read the old implementation to understand the business logic
-2. Implement using Filament 4 best practices
-3. Preserve all validation rules and business logic
-4. Do NOT copy the CRM-specific patterns
-
-Reference documents:
-- FEATURE_IMPLEMENTATION_ROADMAP.md (Day X task)
-- FILAMENT_RESOURCES_SPEC.md (if applicable)
-```
-
-**Example Usage:**
-```
-I need to implement the buyer application approval workflow.
-
-**Old System Reference:**
-- Location: vendor/venturedrake/laravel-crm/src/Http/Controllers/CompaniesController.php (lines 520-790)
-- Key business rules:
-  - Requires license document upload
-  - Requires W9 tax form
-  - Admin approval required before account activation
-  - Email notification on approval/rejection
-- Data involved: companies table, documents, email_verifications
-
-**New System Requirements:**
-- Filament resource: Yes (CompanyResource)
-- Public-facing page: Yes (buyer registration form)
-- Special considerations: Must integrate with existing email verification system
-
-Please:
-1. Read the old implementation to understand document validation
-2. Implement using Filament 4 actions and notifications
-3. Preserve license/W9 validation logic
-4. Do NOT copy the CRM Organization model patterns
-```
-
----
-
-### Template 2: Understanding Business Logic
-
-```
-I need to understand how [BUSINESS PROCESS] works in the old system.
-
-**Process:** [name of workflow/calculation/rule]
-**Why:** [what you're trying to implement that needs this]
-
-Please:
-1. Search the old codebase for relevant files
-2. Trace the workflow from start to finish
-3. Identify all business rules, validations, and side effects
-4. Explain the logic in plain English
-5. Recommend how to implement in new system
-
-Do NOT implement yet - just analyze and explain.
-```
-
-**Example Usage:**
-```
-I need to understand how orders convert to invoices in the old system.
-
-**Process:** Order-to-Invoice conversion workflow
-**Why:** Need to implement this in new OrderResource and InvoiceResource
-
-Please:
-1. Search the old codebase for order/invoice conversion logic
-2. Trace the workflow from order creation → invoice generation
-3. Identify all status transitions and triggers
-4. Explain when/why orders become invoices
-5. Recommend how to implement in Filament with separate Order/Invoice models
-
-Do NOT implement yet - just analyze and explain.
-```
-
----
-
-### Template 3: Creating a Migration Script
-
-```
-I need to migrate [DATA TYPE] from old database to new database.
-
-**Old Table(s):** [table names]
-**New Table(s):** [table names]
-**Record Count:** [approximate number]
-**Special Considerations:** [foreign keys, transformations, etc.]
-
-Reference:
-- SCHEMA_TRANSFORMATION.md (Section: [section name])
-
-Please:
-1. Create Laravel migration file
-2. Write data migration script (using DB facade or raw SQL)
-3. Include data transformation logic from SCHEMA_TRANSFORMATION.md
-4. Add verification queries to confirm successful migration
-5. Include rollback logic
-
-Test with a small subset first (LIMIT 10).
-```
-
-**Example Usage:**
-```
-I need to migrate products from old database to new database.
-
-**Old Table(s):** crm_products, crm_brands, products
-**New Table(s):** products, brands
-**Record Count:** 883 products
-**Special Considerations:**
-- 552 products have NULL brand_id (assign to default "Cannabrands" brand)
-- Parent-child relationships for product varieties
-- BOM flags (isAssembly, isRaw, isSellable)
-
-Reference:
-- SCHEMA_TRANSFORMATION.md (Section: Products Migration)
-
-Please:
-1. Create Laravel migration file
-2. Write data migration script with brand assignment logic
-3. Handle NULL brand_id → default to Cannabrands
-4. Preserve parent_product_id relationships
-5. Include COUNT verification before/after
-
-Test with LIMIT 10 first, then show me results before full migration.
-```
-
----
-
-### Template 4: Debugging Behavior Mismatch
-
-```
-The new implementation doesn't match old system behavior.
-
-**Feature:** [what you implemented]
-**Expected Behavior:** [what should happen, based on old system]
-**Actual Behavior:** [what's happening in new system]
-**Old System Reference:** [file/line where expected behavior exists]
-
-Please:
-1. Read the old implementation carefully
-2. Identify what business logic I missed
-3. Show me the discrepancy
-4. Fix the new implementation to match
-```
-
-**Example Usage:**
-```
-The new implementation doesn't match old system behavior.
-
-**Feature:** Order acceptance workflow
-**Expected Behavior:** When seller creates order, buyer must accept before it can be fulfilled. When buyer creates order, seller must accept.
-**Actual Behavior:** All orders can be immediately marked as accepted regardless of who created them.
-**Old System Reference:** app/Models/Invoice.php (acceptable() method, lines 45-52)
-
-Please:
-1. Read the old Invoice model's acceptable() logic
-2. Identify the created_by and status checks I missed
-3. Show me what validation rules are missing
-4. Update OrderResource to match this business rule
-```
-
----
-
-## 🔍 Reference Strategy
-
-### ✅ WHEN to Read Old Codebase
-
-**1. Business Rules & Validation**
-```php
-// OLD: vendor/venturedrake/laravel-crm/src/Http/Requests/StoreCompanyRequest.php
-'license_number' => 'required|string|max:50|unique:companies',
-'license_document' => 'required|file|mimes:pdf,jpg,png|max:5120',
-
-// Extract these rules for new CompanyResource
-```
-
-**2. Calculations & Formulas**
-```php
-// OLD: app/Models/Invoice.php
-public function calculateTotal() {
-    return $this->lines->sum(function($line) {
-        return $line->quantity * $line->unit_price * (1 - $line->discount/100);
-    }) + $this->shipping_cost + $this->tax_amount;
-}
-
-// Preserve exact calculation logic in new Order model
-```
-
-**3. Status Workflows**
-```php
-// OLD: Check status transitions and conditions
-if ($order->status == 'new' && $order->created_by === 'seller') {
-    // Buyer must accept
-} elseif ($order->status == 'accepted') {
-    // Can be fulfilled
-}
-
-// Replicate state machine logic in new system
-```
-
-**4. Email Templates & Notifications**
-```php
-// OLD: resources/views/emails/order/accepted.blade.php
-// Copy branding, copy, and structure
-// Update to use new Filament notification patterns
-```
-
-**5. Complex Queries**
-```php
-// OLD: Multi-table joins, aggregations, report logic
-$products = Product::with(['brand', 'parent'])
-    ->where('is_active', true)
-    ->whereHas('brand', fn($q) => $q->where('public', true))
-    ->get();
-
-// Preserve query structure and business logic
-```
-
----
-
-### ❌ WHAT NOT to Copy
-
-**1. VentureDrake Model Patterns**
-```php
-// DON'T COPY THIS:
-namespace VentureDrake\LaravelCrm\Models;
-use VentureDrake\LaravelCrm\Traits\BelongsToTeams;
-
-// Instead: Use clean Laravel models
-namespace App\Models;
-use Illuminate\Database\Eloquent\Model;
-```
-
-**2. CRM-Specific Features**
-```php
-// DON'T COPY: Leads, Deals, Pipelines, Campaigns
-// These are unused CRM bloat - implement only what's needed
-```
-
-**3. Vendor Overrides & Hacks**
-```php
-// DON'T COPY: Direct vendor file modifications
-// Use proper Laravel extension patterns instead
-```
-
-**4. Inefficient Queries**
-```php
-// DON'T COPY: N+1 queries or missing eager loading
-foreach ($orders as $order) {
-    echo $order->company->name; // N+1 problem
-}
-
-// Instead: Optimize with eager loading
-Order::with('company')->get();
-```
-
-**5. Inline Business Logic in Controllers**
-```php
-// DON'T COPY: Fat controllers
-public function store(Request $request) {
-    // 200 lines of business logic...
-}
-
-// Instead: Use Services, Actions, or Model methods
-public function store(Request $request, OrderService $service) {
-    $service->createOrder($request->validated());
-}
-```
-
----
-
-## 🔄 Development Workflow
-
-### Git Strategy
-
-**Branch Naming:**
-```bash
-feature/[feature-name]       # New features (e.g., feature/shopping-cart)
-fix/[bug-description]        # Bug fixes (e.g., fix/order-total-calculation)
-migrate/[data-type]          # Data migrations (e.g., migrate/products)
-```
-
-**Commit Message Pattern:**
-```
-[type]: [concise description]
-
-[Optional detailed explanation]
-[Reference to old system if applicable]
-
-Examples:
-✅ feat: implement buyer application approval workflow
-   - Add CompanyResource approval/rejection actions
-   - Preserve license validation from old CompaniesController.php:520
-   - Add email notifications on status change
-
-✅ fix: correct order total calculation to match legacy system
-   - Include tax and shipping in total
-   - Reference: app/Models/Invoice.php:calculateTotal()
-
-✅ migrate: import 883 products from old database
-   - Assign 552 unbranded products to default Cannabrands brand
-   - Preserve parent_product_id relationships
-   - Verified: All products migrated successfully
-```
-
-**Daily Workflow:**
-```bash
-# Morning: Start day's feature
-git checkout -b feature/[todays-feature]
-
-# During: Commit frequently
-git add .
-git commit -m "feat: [incremental progress]"
-
-# End of Day: Merge if complete and tested
-git checkout feature/migration-implementation
-git merge feature/[todays-feature] --no-ff
-git branch -d feature/[todays-feature]
-```
-
----
-
-### Testing After Each Feature
-
-**1. Filament Resource Testing**
-```
-After implementing [Resource]Resource:
-
-1. Visual Test:
-   - Visit /admin/[resources] in browser
-   - Create new record
-   - Edit existing record
-   - Test filters and search
-   - Test custom actions
-
-2. Validation Test:
-   - Try submitting empty form (should fail)
-   - Try invalid data (should show errors)
-   - Try valid data (should succeed)
-
-3. Relationship Test:
-   - Test relation managers (if any)
-   - Verify related records display
-   - Test creating related records
-
-4. Permission Test (if roles implemented):
-   - Test as admin (should have full access)
-   - Test as regular user (should have limited access)
-```
-
-**2. Public Page Testing**
-```
-After implementing public-facing page:
-
-1. Guest Test:
-   - Access page without login
-   - Submit form with valid data
-   - Submit form with invalid data
-
-2. Email Test:
-   - Check Mailpit (localhost:8025)
-   - Verify email content and styling
-   - Test email links
-
-3. Flow Test:
-   - Complete full user journey (register → verify → login)
-   - Check database records created
-   - Verify relationships created
-```
-
-**3. Migration Script Testing**
-```
-After creating migration script:
-
-1. Test Run (Small Subset):
-   php artisan migrate:fresh --seed
-   php artisan migrate:legacy:products --limit=10
-
-2. Verification Queries:
-   SELECT COUNT(*) FROM products;
-   SELECT * FROM products WHERE brand_id IS NULL; -- Should be 0
-   SELECT * FROM products WHERE parent_product_id IS NOT NULL; -- Varieties
-
-3. Rollback Test:
-   php artisan migrate:rollback
-   -- Verify data removed cleanly
-
-4. Full Migration (After test passes):
-   php artisan migrate:legacy:products
-```
-
----
-
-## 🐛 Debugging Patterns
-
-### Pattern 1: Behavior Doesn't Match Old System
-
-**Symptom:** "This works, but it's not doing what the old system did"
-
-**Process:**
-```
-1. Find old implementation:
-   Prompt: "Search old codebase for [feature] logic in controllers, models, and services"
-
-2. Trace execution:
-   Prompt: "Read [old file] and explain step-by-step what happens when [action occurs]"
-
-3. Compare implementations:
-   Prompt: "Here's my new implementation [paste code]. Compare to old system and identify missing business logic"
-
-4. Fix discrepancies:
-   Prompt: "Update new implementation to include [missing rule] from old system"
-```
-
-**Example:**
-```
-User: "Order totals in new system don't match old invoices"
-
-Claude: Let me search for total calculation in old system
-[Reads app/Models/Invoice.php]
-
-Claude: I found the issue. Old system includes:
-- Line items (quantity × price × discount)
-- Shipping cost
-- Tax amount
-
-Your new Order model is missing shipping and tax. Here's the fix:
-[Provides corrected calculation method]
-```
-
----
-
-### Pattern 2: Data Migration Produces Incorrect Results
-
-**Symptom:** "Migration ran, but data looks wrong"
-
-**Process:**
-```
-1. Run diagnostic queries:
-   SELECT COUNT(*), brand_id FROM products GROUP BY brand_id;
-   SELECT * FROM products WHERE [expected_field] IS NULL LIMIT 10;
-
-2. Compare to old system:
-   -- Run same query on old database
-   SELECT COUNT(*), brand_id FROM crm_products GROUP BY brand_id;
-
-3. Identify transformation error:
-   Prompt: "My migration produced [X results] but old system has [Y results].
-           Here's my migration script [paste]. Find the bug."
-
-4. Fix and re-run:
-   php artisan migrate:rollback
-   [Fix migration script]
-   php artisan migrate
-```
-
----
-
-### Pattern 3: Filament Action Not Working
-
-**Symptom:** "Button appears but clicking does nothing / shows error"
-
-**Debugging Steps:**
-```
-1. Check browser console for JS errors
-2. Check Laravel logs: tail -f storage/logs/laravel.log
-3. Verify action requirements:
-   - Is user authorized?
-   - Are required fields present?
-   - Is model state correct?
-
-Prompt: "My Filament action [action name] in [Resource] isn't working.
-         Here's the code [paste]. Here's the error [paste].
-         Reference old system at [file path] to see how it should work."
-```
-
-**Common Fixes:**
-```php
-// Missing authorization
-Tables\Actions\Action::make('approve')
-    ->visible(fn ($record) => $record->status === 'pending') // Add this
-
-// Missing requiresConfirmation
-Tables\Actions\Action::make('delete')
-    ->requiresConfirmation() // Add this for destructive actions
-
-// Missing success notification
-->action(function ($record) {
-    $record->approve();
-    Notification::make()->success()->title('Approved')->send(); // Add this
-})
-```
-
----
-
-## 💡 Example Interactions
-
-### Example 1: Day 1 - Company Model Implementation
-
-**User:**
-```
-Starting Day 1 tasks. I need to:
-1. Rename businesses table to companies
-2. Add buyer application fields
-3. Create CompanyResource
-
-Reference:
-- FEATURE_IMPLEMENTATION_ROADMAP.md (Day 1)
-- FILAMENT_RESOURCES_SPEC.md (CompanyResource)
-- Old system: vendor/venturedrake/laravel-crm/src/Models/Organisation.php
-
-Please implement step 1 (rename migration) first.
-```
-
-**Claude:**
-```
-I'll create a migration to rename the businesses table to companies and add buyer application fields.
-
-[Creates migration file]
-[Shows migration code]
-
-This migration:
-1. Renames businesses → companies
-2. Adds license_number, license_document_path, w9_document_path
-3. Adds buyer application fields (status, approved_at, rejected_at, rejection_reason)
-4. Preserves all existing data
-
-Run: php artisan migrate
-
-After confirming this works, I'll proceed to step 2 (CompanyResource).
-```
-
-**User:**
-```
-Migration ran successfully. Proceed with CompanyResource.
-```
-
-**Claude:**
-```
-I'll create the CompanyResource with approval workflow.
-
-First, let me read the old buyer application logic:
-[Reads vendor/venturedrake/.../CompaniesController.php lines 520-790]
-
-I see the approval workflow requires:
-- License document validation
-- W9 document validation
-- Admin approval action
-- Email notification on approval/rejection
-
-Creating CompanyResource with these features...
-[Creates resource file]
-[Shows code]
-
-Test by:
-1. Visit /admin/companies
-2. Click on a pending company
-3. Click "Approve" action
-4. Check email in Mailpit (localhost:8025)
-```
-
----
-
-### Example 2: Understanding Order Workflow
-
-**User:**
-```
-I need to understand how orders convert to invoices in the old system.
-
-**Process:** Order-to-Invoice conversion workflow
-**Why:** Need to implement this in new OrderResource and InvoiceResource
-
-Please analyze and explain - don't implement yet.
-```
-
-**Claude:**
-```
-Let me trace the order-to-invoice workflow in the old system.
-
-[Searches for 'invoice' AND 'order' in old codebase]
-[Reads app/Models/Invoice.php]
-[Reads vendor/venturedrake/.../InvoiceController.php]
-
-Here's how it works:
-
-**Data Structure:**
-- Old system uses SINGLE table: invoices
-- Column: type (values: 'order', 'invoice', 'quote', 'draft')
-- Column: status (values: 'new', 'accepted', 'create_manifest', 'invoiced', 'delivered')
-
-**Workflow:**
-1. Order Created:
-   - type = 'order'
-   - status = 'new'
-   - created_by = 'seller' OR 'buyer'
-
-2. Acceptance:
-   - If created_by = 'seller' → buyer must accept
-   - If created_by = 'buyer' → seller must accept
-   - Status changes: 'new' → 'accepted'
-
-3. Fulfillment Prep:
-   - Admin marks order for fulfillment
-   - Status changes: 'accepted' → 'create_manifest'
-
-4. **CONVERSION TRIGGER** (InvoiceController.php:434):
-   - When status = 'create_manifest'
-   - Type changes: 'order' → 'invoice'
-   - Status changes: 'create_manifest' → 'invoiced'
-
-5. Delivery:
-   - Status changes: 'invoiced' → 'delivered'
-   - Payment tracking begins
-
-**Recommendation for New System:**
-- Use separate Order and Invoice models/tables
-- When Order.status = 'fulfilled', create Invoice record
-- Copy order data to invoice (preserve order_id foreign key)
-- Keep Order record for history (don't delete)
-
-This gives you:
-- Cleaner separation of concerns
-- Better audit trail
-- Easier reporting
-
-Would you like me to implement this workflow now?
-```
-
-**User:**
-```
-Yes, implement this in OrderResource and InvoiceResource.
-```
-
----
-
-### Example 3: Debugging Migration Discrepancy
-
-**User:**
-```
-I ran the products migration but the counts are wrong.
-
-Expected (from old system): 883 products
-Actual (new system): 1435 products
-
-Here's my migration script: [pastes script]
-```
-
-**Claude:**
-```
-Let me investigate. First, let me check if the old system has soft deletes:
-
-[Reads old products table schema]
-
-Found the issue! The old crm_products table has a deleted_at column.
-Your migration script is copying ALL records, including soft-deleted ones.
-
-Old system:
-- Total records: 1435
-- Active (deleted_at IS NULL): 883
-- Soft-deleted: 552
-
-Fix:
-[Shows updated migration script with WHERE deleted_at IS NULL]
-
-Run this to fix:
-php artisan migrate:rollback
-php artisan migrate
-php artisan migrate:legacy:products
-
-You should now see exactly 883 products.
-```
-
----
-
-## 🎯 Daily Checklist
-
-**Every Morning:**
-```
-[ ] Review FEATURE_IMPLEMENTATION_ROADMAP.md for today's tasks
-[ ] Create feature branch: git checkout -b feature/[todays-feature]
-[ ] Identify which old files contain business logic for today's feature
-```
-
-**During Implementation:**
-```
-[ ] Read old implementation first (understand before coding)
-[ ] Extract business rules (validations, calculations, workflows)
-[ ] Implement in Filament/Laravel best practices
-[ ] Do NOT copy CRM-specific patterns
-[ ] Commit incrementally (every 1-2 hours)
-```
-
-**Before Marking Task Complete:**
-```
-[ ] Visual test in browser (if applicable)
-[ ] Validation test (try to break it)
-[ ] Check Laravel logs for errors
-[ ] Run relevant test suite (if tests exist)
-[ ] Commit final changes with descriptive message
-```
-
-**End of Day:**
-```
-[ ] Merge feature branch if complete and tested
-[ ] Update progress in FEATURE_IMPLEMENTATION_ROADMAP.md (add checkmarks)
-[ ] Note any blockers or questions for tomorrow
-[ ] Push to remote: git push origin feature/migration-implementation
-```
-
----
-
-## 📞 When to Ask for Clarification
-
-**ASK when:**
-- Old system has conflicting business rules in different files
-- Data migration produces unexpected results
-- You're unsure which old implementation is the "source of truth"
-- Performance implications of copying old approach (e.g., N+1 queries)
-- Security concerns with old implementation
-
-**DON'T ASK when:**
-- You can find answer in old codebase (read it first)
-- It's covered in migration documents (SCHEMA_TRANSFORMATION.md, etc.)
-- It's a standard Laravel/Filament pattern (use best practices)
-- Old implementation is clearly wrong (use correct approach in new system)
-
----
-
-## 🚨 Common Pitfalls & Solutions
-
-### Pitfall 1: Copying CRM Model Structure
-```
-❌ WRONG:
-namespace App\Models;
-use VentureDrake\LaravelCrm\Traits\BelongsToTeams;
-class Company extends Model {
-    use BelongsToTeams; // Don't copy CRM traits
-}
-
-✅ RIGHT:
-namespace App\Models;
-use Illuminate\Database\Eloquent\Model;
-class Company extends Model {
-    // Clean Laravel model
-}
-```
-
-### Pitfall 2: Assuming Table Names Match
-```
-❌ WRONG:
-Assuming old "organisations" = new "companies" directly
-
-✅ RIGHT:
-Check SCHEMA_TRANSFORMATION.md for exact table mappings
-Old: companies (CRM Contact companies) + organisations (CRM Orgs)
-New: companies (unified, with type field)
-```
-
-### Pitfall 3: Missing Business Rules
-```
-❌ WRONG:
-Creating generic CRUD without checking old validations
-
-✅ RIGHT:
-Read old Request classes for validation rules:
-- StoreCompanyRequest.php
-- UpdateProductRequest.php
-Extract rules and apply to Filament resource
-```
-
-### Pitfall 4: Over-Engineering Too Soon
-```
-❌ WRONG:
-Implementing features that don't exist in old system
-"Should I add multi-currency support?"
-
-✅ RIGHT:
-Implement only what old system has (feature parity first)
-Note ideas for post-launch improvements
-```
-
----
-
-## 📚 Quick Reference
-
-**Old Codebase Locations:**
-```
-Business Logic:        app/Models/*.php
-Controllers:           app/Http/Controllers/**/*.php
-Validations:           app/Http/Requests/*.php
-CRM Controllers:       vendor/venturedrake/.../Controllers/*.php
-CRM Models:            vendor/venturedrake/.../Models/*.php
-Email Templates:       resources/views/emails/**/*.blade.php
-Routes:                routes/*.php
-```
-
-**New Codebase Locations:**
-```
-Models:                app/Models/*.php
-Filament Resources:    app/Filament/Resources/*.php
-Services:              app/Services/*.php
-Migrations:            database/migrations/*.php
-Seeders:               database/seeders/*.php
-Public Pages:          app/Http/Controllers/**/*.php
-Views:                 resources/views/**/*.blade.php
-```
-
-**Key Documents:**
-```
-Migration Strategy:    MIGRATION_MASTER_PLAN.md
-Data Mappings:         SCHEMA_TRANSFORMATION.md
-Day-by-Day Tasks:      FEATURE_IMPLEMENTATION_ROADMAP.md
-Filament Code:         FILAMENT_RESOURCES_SPEC.md
-This Guide:            CLAUDE_COLLABORATION_WORKFLOW.md
-```
-
-**Useful Commands:**
-```bash
-# Development
-php artisan serve
-php artisan migrate
-php artisan migrate:fresh --seed
-
-# Testing
-php artisan tinker
-php artisan route:list
-tail -f storage/logs/laravel.log
-
-# Email Testing
-docker-compose up mailpit -d
-# Visit: localhost:8025
-
-# Database
-php artisan db:seed
-php artisan migrate:rollback
-```
-
----
-
-## ✅ Success Indicators
-
-**You're on the right track when:**
-- New feature behavior matches old system exactly
-- Migration scripts produce expected record counts
-- Filament resources are cleaner than old CRM code
-- Business rules are preserved, but implementation is modern
-- You can explain why new approach is better than old
-
-**Red flags:**
-- Copying vendor file structures
-- Implementing unused CRM features
-- Can't explain business rule origin
-- Migration counts don't match old system
-- New feature does something old system didn't
-
----
-
-**End of Guide**
-
-*This document evolves as you progress through the migration. Update it with new patterns, pitfalls, and solutions as you discover them.*

CONTRIBUTING.md

@@ -68,21 +68,59 @@ Our workflow provides audit trails regulators love:
 
 ---
 
+## Branch Protection & Pull Request Workflow
+
+**IMPORTANT:** The `develop` and `master` branches are **protected** - you cannot push directly to them.
+
+### Standard Workflow:
+
+```bash
+# 1. Create a feature branch
+git checkout -b feature/my-feature-name
+
+# 2. Make changes and commit
+git add .
+git commit -m "feat: add new feature"
+
+# 3. Push to your feature branch
+git push origin feature/my-feature-name
+
+# 4. Create Pull Request on Gitea
+#    - Navigate to https://code.cannabrands.app
+#    - Create PR to merge your branch into develop
+#    - CI will run automatically
+#    - Request review from team
+
+# 5. After approval and passing CI
+#    - Merge PR via Gitea interface
+#    - Delete feature branch
+```
+
+### Branch Naming Conventions:
+
+- `feature/` - New features (e.g., `feature/bulk-import`)
+- `fix/` - Bug fixes (e.g., `fix/tax-calculation`)
+- `chore/` - Maintenance tasks (e.g., `chore/upgrade-php`)
+- `docs/` - Documentation changes (e.g., `docs/update-readme`)
+
+---
+
 ## Real-World Team Scenarios
 
 ### Scenario 1: Normal Feature Development
 **Developer Jon adds bulk import feature**
 
 ```bash
+$ git checkout -b feature/bulk-import   # Create feature branch
 $ vim app/Orders.php                    # Make changes
 $ git add .
 $ git commit -m "feat(orders): add bulk import"
    🎨 Pre-commit: Pint formats code (1s) ✅
 
-$ git push origin master
+$ git push origin feature/bulk-import
    🧪 Pre-push: Tests run (30s) ✅
    ✅ All tests passed! Pushing...
-   🚀 CI: Full verification (5min) ✅
+   🚀 Create PR → merge to develop → CI verifies (5min) ✅
 ```
 
 **Time cost: 31 seconds** (vs 5+ minutes if tests failed in CI)
@@ -122,14 +160,15 @@ $ git push --no-verify                  # Skip tests intentionally
 **Developer Emma fixes production bug**
 
 ```bash
-$ vim app/Invoice.php                   # Critical bug fix
+$ git checkout -b fix/tax-calculation    # Create hotfix branch
+$ vim app/Invoice.php                    # Critical bug fix
 $ git commit -m "fix(invoices): correct tax calculation"
    🎨 Pre-commit: Formats ✅
 
-$ git push origin master
+$ git push origin fix/tax-calculation
    🧪 Pre-push: Tests run (30s) ✅
-   🚀 CI: Passes (5min) ✅
-   📦 Deploy: Safe to release ✅
+   🚀 Create PR → fast-track review → merge to develop ✅
+   📦 CI: Passes (5min) → Safe to release ✅
 ```
 
 **Safety: Tests caught regression** before it reached production
@@ -138,7 +177,8 @@ $ git push origin master
 **Developer Alex updates dependencies**
 
 ```bash
-$ vim Dockerfile                        # Update PHP version
+$ git checkout -b chore/php-8.3-upgrade # Create branch
+$ vim Dockerfile                         # Update PHP version
 
 # Test locally FIRST (best practice)
 $ docker build -t cannabrands:test .
@@ -146,8 +186,8 @@ $ docker build -t cannabrands:test .
 
 # Then push
 $ git commit -m "chore: upgrade PHP to 8.3"
-$ git push origin master
-   🚀 CI: Rebuilds (8min) ✅
+$ git push origin chore/php-8.3-upgrade
+   🚀 Create PR → CI rebuilds (8min) ✅
 ```
 
 **Time saved: 5 minutes** by catching Docker issues locally
@@ -170,20 +210,27 @@ Layer 3: CI          (REQUIRED)  → Final verification (~5 minutes)
 
 **For most changes:**
 ```bash
-# 1. Make your changes
+# 1. Create feature branch
+git checkout -b feature/my-feature
+
+# 2. Make your changes
 vim app/SomeFile.php
 
-# 2. Commit (formatting happens automatically)
+# 3. Commit (formatting happens automatically)
 git add .
 git commit -m "feat(scope): description"
    → Pre-commit runs Laravel Pint ✅
    → Code formatted automatically ✅
 
-# 3. Push (tests run automatically)
-git push origin master
+# 4. Push (tests run automatically)
+git push origin feature/my-feature
    → Pre-push runs tests (30 seconds) ✅
    → If tests pass, push continues ✅
+
+# 5. Create Pull Request
+   → Open PR on Gitea to merge into develop
    → CI verifies everything (5 minutes) ✅
+   → After review, merge PR
 ```
 
 **For quick documentation changes:**
@@ -192,6 +239,163 @@ git push origin master
 git push --no-verify
 ```
 
+### Keeping Your Feature Branch Up-to-Date
+
+**Best practice for teams:** Sync your feature branch with `develop` regularly to avoid large merge conflicts.
+
+#### Daily Start-of-Work Routine
+
+```bash
+# 1. Get latest changes from develop
+git checkout develop
+git pull origin develop
+
+# 2. Update your feature branch
+git checkout feature/my-feature
+git merge develop
+
+# 3. If there are conflicts (see below), resolve them
+# 4. Continue working
+```
+
+**How often?**
+- Minimum: Once per day (start of work)
+- Better: Multiple times per day if develop is active
+- Always: Before creating your Pull Request
+
+#### Merge vs Rebase: Which to Use?
+
+**For teams of 5+ developers, use `merge` (not `rebase`):**
+
+```bash
+git checkout feature/my-feature
+git merge develop
+```
+
+**Why merge over rebase?**
+- ✅ Safer: Preserves your commit history
+- ✅ Collaborative: Works when multiple people work on the same feature branch
+- ✅ Transparent: Shows when you integrated upstream changes
+- ✅ No force-push: Once you've pushed to origin, merge won't require `--force`
+
+**When to use rebase:**
+- ⚠️ Only if you haven't pushed yet
+- ⚠️ Only if you're the sole developer on the branch
+- ⚠️ You want a cleaner, linear history
+
+```bash
+# Only do this if you haven't pushed yet!
+git checkout feature/my-feature
+git rebase develop
+```
+
+**Never rebase after pushing** - it rewrites history and breaks collaboration.
+
+#### Handling Merge Conflicts
+
+When you run `git merge develop` and see conflicts:
+
+```bash
+$ git merge develop
+Auto-merging app/Http/Controllers/OrderController.php
+CONFLICT (content): Merge conflict in app/Http/Controllers/OrderController.php
+Automatic merge failed; fix conflicts and then commit the result.
+```
+
+**Step-by-step resolution:**
+
+1. **See which files have conflicts:**
+   ```bash
+   git status
+   # Look for "both modified:" files
+   ```
+
+2. **Open conflicted files** - look for conflict markers:
+   ```php
+   <<<<<<< HEAD
+   // Your code
+   =======
+   // Code from develop
+   >>>>>>> develop
+   ```
+
+3. **Resolve conflicts** - edit the file to keep what you need:
+   ```php
+   // Choose your code, their code, or combine both
+   // Remove the <<<, ===, >>> markers
+   ```
+
+4. **Mark as resolved:**
+   ```bash
+   git add app/Http/Controllers/OrderController.php
+   ```
+
+5. **Complete the merge:**
+   ```bash
+   git commit -m "merge: resolve conflicts with develop"
+   ```
+
+6. **Run tests to ensure nothing broke:**
+   ```bash
+   ./vendor/bin/sail artisan test
+   ```
+
+7. **Push the merge commit:**
+   ```bash
+   git push origin feature/my-feature
+   ```
+
+#### When Conflicts Are Too Complex
+
+If conflicts are extensive or you're unsure:
+
+1. **Abort the merge:**
+   ```bash
+   git merge --abort
+   ```
+
+2. **Ask for help** in #engineering Slack:
+   - "I'm merging develop into feature/X and have conflicts in OrderController"
+   - Someone might have context on the upstream changes
+
+3. **Pair program the resolution** - screen share with the person who made the conflicting changes
+
+4. **Alternative: Start fresh** (last resort):
+   ```bash
+   # Create new branch from latest develop
+   git checkout develop
+   git pull origin develop
+   git checkout -b feature/my-feature-v2
+
+   # Cherry-pick your commits
+   git cherry-pick <commit-hash>
+   ```
+
+#### Example: Multi-Day Feature Work
+
+```bash
+# Monday morning
+git checkout develop && git pull origin develop
+git checkout feature/payment-integration
+git merge develop  # Get latest changes
+# Work all day, make commits
+
+# Tuesday morning
+git checkout develop && git pull origin develop
+git checkout feature/payment-integration
+git merge develop  # Sync again (someone added auth changes)
+# Continue working
+
+# Wednesday
+git checkout develop && git pull origin develop
+git checkout feature/payment-integration
+git merge develop  # Final sync before PR
+git push origin feature/payment-integration
+# Create Pull Request
+```
+
+**Result:** Small, manageable syncs instead of one huge conflict on PR day.
+
 ### When to Test Locally
 
 **Always run tests before pushing if you:**
@@ -276,7 +480,7 @@ vim app/SomeFile.php
 # Push fix
 git add .
 git commit -m "fix: resolve test failure"
-git push origin master
+git push origin feature/my-feature  # Push to your feature branch
 ```
 
 ---
@@ -304,9 +508,9 @@ git commit --no-verify  # Skip formatting (fix in next commit)
 
 **❌ Skipping because tests fail** → Fix the tests instead
 **❌ Skipping to avoid formatting** → Let Pint format it
-**❌ Skipping on master before deploy** → CI will block you anyway
+**❌ Skipping to merge PR to develop/master** → CI will block you anyway
 
-**Remember:** CI can't be bypassed, so issues will be caught before production.
+**Remember:** CI can't be bypassed, and develop/master are protected branches requiring PRs and passing CI.
 
 ---
 
@@ -321,7 +525,7 @@ git config core.hooksPath .githooks
 
 ### How it works:
 ```bash
-$ git push origin master
+$ git push origin feature/my-feature
 
 🧪 Running tests before push...
    (Use 'git push --no-verify' to skip)
@@ -347,8 +551,8 @@ docker build -t cannabrands:test .
 # If successful, test run it
 docker run --rm cannabrands:test php -v
 
-# Then push
-git push origin master
+# Then push to feature branch
+git push origin feature/my-feature
 ```
 
 **Why?** Docker builds take 5-10 minutes in CI vs 2-3 minutes locally.
@@ -383,17 +587,23 @@ If you're responsible for creating releases, see:
 # 1. Determine version (CalVer: YYYY.MM.MICRO)
 git tag -l "2025.11.*" | sort -V | tail -1  # Check latest
 
-# 2. Create release tag
+# 2. Ensure you're on master and up-to-date
+git checkout master
+git pull origin master
+
+# 3. Create release tag on master
 git tag -a 2025.11.1 -m "Release notes here"
 git push origin 2025.11.1
 
-# 3. CI builds production image automatically
+# 4. CI builds production image automatically
 
-# 4. Generate changelog
+# 5. Generate changelog (create PR for this)
+git checkout -b chore/changelog-2025.11.1
 npm run changelog
 git add CHANGELOG.md
 git commit -m "docs: update changelog for 2025.11.1"
-git push origin master
+git push origin chore/changelog-2025.11.1
+# Create PR to merge into master
 ```
 
 ---
@@ -455,7 +665,7 @@ Trust the process, and the process will catch your mistakes before they reach pr
 
 Consider adding:
 - Code review requirement for certain files
-- Protected branches (master requires PR)
+- ✅ Protected branches already in place (develop/master require PRs)
 - Mandatory tests on pre-push (harder to skip)
 
 ### If You Reach 50+ developers

Dockerfile

@@ -34,13 +34,18 @@ COPY public ./public
 RUN npm run build
 
 # ==================== Stage 2: Composer Builder ====================
-FROM composer:2 AS composer-builder
+# Pin to PHP 8.4 - composer:2 uses latest PHP which may not be supported by dependencies yet
+FROM php:8.4-cli-alpine AS composer-builder
+
+# Install Composer
+COPY --from=composer:2.8 /usr/bin/composer /usr/bin/composer
 
 WORKDIR /app
 
-# Install required PHP extensions for Filament
-RUN apk add --no-cache icu-dev \
-    && docker-php-ext-install intl
+# Install required PHP extensions for Filament and Horizon
+RUN apk add --no-cache icu-dev libpng-dev libjpeg-turbo-dev freetype-dev libzip-dev \
+    && docker-php-ext-configure gd --with-freetype --with-jpeg \
+    && docker-php-ext-install intl gd pcntl zip
 
 # Copy composer files
 COPY composer.json composer.lock ./

MIGRATION_MASTER_PLAN.md

@@ -1,716 +0,0 @@
-# 🚀 Cannabrands CRM → New Platform Migration Master Plan
-
-**Project**: Migration from Laravel 9 + VentureDrake CRM to Laravel 12 + Filament 4
-**Timeline**: 28 days (End of Month Launch)
-**Scope**: Full data migration with feature parity for core commerce features
-**Risk Level**: Medium (greenfield rebuild, but parallel operation possible)
-
----
-
-## 📊 Executive Summary
-
-### Current State
-- **Old System**: Laravel 9, VentureDrake CRM, MySQL, ~1000 SKUs, 20 users, 5 brands
-- **Problem**: Vendor file modifications (100+ commits), blocked Laravel upgrades, maintenance nightmare
-- **Data**: 1+ year operational history, ~1000 products, 20 active users, ongoing orders
-
-### Target State
-- **New System**: Laravel 12, Filament 4, PostgreSQL, clean architecture
-- **Architecture**: License → Company → Brands → Stores (LeafLink model)
-- **Launch Date**: End of month (~28 days)
-- **Cannabrands Brands**: Doobz, Thunderbud, High Expectations, Hash Factory, Twisties
-
-### Migration Strategy
-**Two-track parallel development:**
-1. **New Platform Development**: Build features in new codebase (weeks 1-3)
-2. **Data Migration**: Import existing data from old system (week 4)
-3. **Parallel Operation**: Old system stays live until cutover
-
----
-
-## 🎯 Business Goals
-
-### Primary Objectives (Launch Blockers)
-1. ✅ **Product Catalog**: 1000 SKUs with strains, lab results, varieties
-2. ✅ **Shopping Cart + Checkout**: Buyer portal commerce flow
-3. ✅ **Order Management**: Order lifecycle, statuses, fulfillment
-4. ✅ **Invoice Generation**: Invoice creation + payment tracking
-5. ✅ **Buyer Application**: Company signup with compliance approval
-6. ✅ **Company/Location Management**: Multi-location buyers
-7. ✅ **Component/BOM System**: Build SKUs from components
-
-### Post-Launch Features (Deferred)
-- ⏸️ Raffles system
-- ⏸️ Sample requests
-- ⏸️ Feedback system
-
-### Success Criteria
-- All 1000 SKUs migrated and searchable
-- All 20 users can log in with existing credentials
-- Historical orders visible and accessible
-- New orders can be placed and fulfilled
-- Invoices generate correctly
-- Zero data loss
-
----
-
-## 🏗️ Architecture Transformation
-
-### Old System Architecture
-```
-User (Laravel Auth)
-└─> CrmContact (company_contacts)
-    └─> CrmCompany (companies) - BUYER
-
-Cannabrands (hardcoded seller)
-└─> CrmProduct (products)
-    └─> CrmInvoice (type='order')
-```
-
-### New System Architecture
-```
-Company (License Holder)
-├─> type: 'seller' (Cannabrands)
-│   └─> Brands (Stores)
-│       ├─> Doobz
-│       ├─> Thunderbud
-│       ├─> High Expectations
-│       ├─> Hash Factory
-│       └─> Twisties
-│           └─> Products (SKUs)
-│               └─> Components (BOM)
-│
-└─> type: 'buyer' (Dispensaries)
-    ├─> Locations (delivery addresses)
-    └─> Contacts (users)
-        └─> Orders → Invoices
-```
-
-### Key Changes
-1. **Rename**: `businesses` table → `companies` table (better terminology)
-2. **Multi-brand**: Cannabrands operates 5 brands (stores) under one license
-3. **Separation**: Products belong to Brands, not Companies
-4. **Dual-purpose removed**: Split `crm_invoices` (type='order'|'invoice') into separate tables
-5. **Clean schema**: No VentureDrake CRM bloat (70% unused tables eliminated)
-
----
-
-## 📅 4-Week Implementation Timeline
-
-### Week 1: Foundation & Core Models (Days 1-7)
-**Goal**: Database schema + authentication ready
-
-#### Days 1-2: Schema Refactoring
-- [ ] Rename `businesses` → `companies` (migration + models)
-- [ ] Create `brands` table and Brand model
-- [ ] Create `products` table (clean, no CRM dependency)
-- [ ] Create `components` table (BOM system)
-- [ ] Create `orders` table (separate from invoices)
-- [ ] Create `order_items` table (line items)
-- [ ] Update all relationships and foreign keys
-
-#### Days 3-4: Authentication & Users
-- [ ] User migration strategy (preserve passwords)
-- [ ] Spatie Permission roles: admin, company-owner, company-user, buyer
-- [ ] Contact model (user relationships)
-- [ ] Location model (delivery addresses)
-- [ ] License model (compliance tracking)
-
-#### Days 5-7: Filament Admin Panel Setup
-- [ ] CompanyResource (CRUD for license holders)
-- [ ] BrandResource (store management for sellers)
-- [ ] UserResource (user management)
-- [ ] Dashboard widgets (overview stats)
-- [ ] Navigation structure
-
-**Milestone 1 Deliverable**: Can create companies, brands, users in Filament
-
----
-
-### Week 2: Product Catalog & BOM (Days 8-14)
-**Goal**: 1000 SKUs ready to migrate
-
-#### Days 8-10: Product System
-- [ ] ProductResource in Filament
-  - Form: name, SKU, description, price, strain, lab
-  - Table: searchable, filterable by brand
-  - RelationManager: ProductImages, ProductPrices
-- [ ] StrainResource (cannabis strains)
-- [ ] LabResource (lab test results - THC/CBD)
-- [ ] ProductCategoryResource (taxonomy)
-- [ ] Product varieties system (parent-child products)
-
-#### Days 11-12: Component/BOM System
-- [ ] ComponentResource (raw materials)
-- [ ] Product → Components relationship (junction table)
-- [ ] BOM calculator (cost calculation)
-- [ ] Inventory tracking (if needed)
-
-#### Days 13-14: Product Import Preparation
-- [ ] Extract old product data structure
-- [ ] Create product mapping script (old SKU → new product)
-- [ ] Create component extraction script
-- [ ] Build product seeder from old database
-- [ ] Test import with 50 sample products
-
-**Milestone 2 Deliverable**: Can create/manage products with components
-
----
-
-### Week 3: Commerce & Orders (Days 15-21)
-**Goal**: Full buyer purchasing flow working
-
-#### Days 15-16: Shopping Cart (Buyer Portal)
-- [ ] Cart model + session management
-- [ ] Add to cart functionality
-- [ ] Cart display page (`/b/cart`)
-- [ ] Update quantities, remove items
-- [ ] Cart persistence (logged-in users)
-
-#### Days 17-18: Checkout Flow
-- [ ] Checkout page (`/b/checkout`)
-- [ ] Select delivery location
-- [ ] Payment terms selection (COD, Net 15/30/60/90)
-- [ ] Order preview and confirmation
-- [ ] Order creation from cart
-
-#### Days 19-20: Order Management
-- [ ] OrderResource in Filament
-  - Table: order number, buyer, total, status, date
-  - Form: view order details, line items
-  - Actions: Accept, Fulfill, Deliver, Cancel
-- [ ] Order status workflow (new → accepted → fulfilled → delivered)
-- [ ] Email notifications (order placed, status changes)
-- [ ] Buyer order history page (`/b/orders`)
-
-#### Day 21: Invoice System
-- [ ] InvoiceResource in Filament
-- [ ] Generate invoice from order
-- [ ] Invoice PDF generation
-- [ ] Payment tracking (paid/unpaid status)
-- [ ] Invoice email delivery
-
-**Milestone 3 Deliverable**: Can place order, fulfill, generate invoice
-
----
-
-### Week 4: Data Migration & Launch (Days 22-28)
-**Goal**: Old data migrated, system live
-
-#### Days 22-23: Data Migration - Phase 1 (Companies & Users)
-- [ ] Export old database schema
-- [ ] Create Cannabrands as Company #1 (type='seller')
-- [ ] Create 5 brands linked to Cannabrands
-  - Brand 1: Doobz
-  - Brand 2: Thunderbud
-  - Brand 3: High Expectations
-  - Brand 4: Hash Factory
-  - Brand 5: Twisties
-- [ ] Migrate buyer companies (old `companies` → new `companies` type='buyer')
-- [ ] Migrate users (preserve password hashes)
-- [ ] Migrate contacts → users relationship
-- [ ] Migrate locations (delivery addresses)
-
-#### Days 24-25: Data Migration - Phase 2 (Products & Catalog)
-- [ ] Migrate strains table (direct copy)
-- [ ] Migrate labs table (direct copy)
-- [ ] Migrate components (BOM data)
-- [ ] Migrate products (1000 SKUs)
-  - Map old `crm_products` → new `products`
-  - Assign products to appropriate brand (need brand mapping logic)
-  - Migrate product images
-  - Migrate product prices
-  - Migrate product varieties
-- [ ] Verify product data integrity (spot checks)
-
-#### Day 26: Data Migration - Phase 3 (Orders & Invoices)
-- [ ] Migrate historical orders (all time)
-  - Old `crm_invoices` (type='order') → new `orders`
-  - Old `crm_invoice_lines` → new `order_items`
-  - Preserve order statuses and dates
-- [ ] Migrate invoices
-  - Old `crm_invoices` (type='invoice') → new `invoices`
-  - Link to corresponding orders
-- [ ] Migrate invoice payments
-- [ ] Verify order totals match
-
-#### Day 27: Testing & Bug Fixes
-- [ ] End-to-end testing
-  - Register new buyer account
-  - Browse products by brand
-  - Add to cart, checkout
-  - Place order
-  - Admin: accept, fulfill order
-  - Generate invoice
-  - Record payment
-- [ ] User acceptance testing (UAT) with Cannabrands team
-- [ ] Performance testing (1000 products, 20 concurrent users)
-- [ ] Fix critical bugs
-- [ ] Data integrity verification
-
-#### Day 28: Launch & Cutover
-- [ ] Final data sync (if parallel operation)
-- [ ] DNS/domain cutover
-- [ ] SSL certificate setup
-- [ ] Monitor error logs
-- [ ] User training documentation
-- [ ] Announce launch to users
-- [ ] Post-launch support monitoring
-
-**Milestone 4 Deliverable**: New system live, old system retired
-
----
-
-## 🗄️ Data Migration Detailed Plan
-
-### Migration Tools
-- **Laravel Commands**: Custom Artisan commands for each data type
-- **Direct SQL**: For bulk operations (faster)
-- **Seeders**: For reference data (strains, categories)
-- **Validation**: Hash comparisons to verify data integrity
-
-### Migration Order (Critical Dependencies)
-```
-1. Companies (license holders) - no dependencies
-2. Brands (stores) - depends on companies
-3. Users - depends on companies
-4. Contacts - depends on users + companies
-5. Locations - depends on companies
-6. Strains - no dependencies
-7. Labs - no dependencies
-8. Components - no dependencies
-9. Products - depends on brands, strains, labs
-10. Product Components - depends on products, components
-11. Orders - depends on companies (buyer), users, products
-12. Order Items - depends on orders, products
-13. Invoices - depends on orders
-14. Invoice Payments - depends on invoices
-```
-
-### Data Transformation Scripts
-
-**Location**: `/Users/jon/projects/cannabrands/cannabrands_new/database/migrations/data/`
-
-**Scripts to Create**:
-1. `migrate_companies.php` - Companies + Cannabrands setup
-2. `migrate_brands.php` - 5 Cannabrands brands
-3. `migrate_users.php` - User accounts (preserve passwords)
-4. `migrate_products.php` - 1000 SKUs with relationships
-5. `migrate_orders.php` - Historical orders + invoices
-6. `verify_migration.php` - Data integrity checks
-
-### Password Preservation
-```php
-// Old system uses Laravel Hash (bcrypt)
-// New system uses Laravel Hash (bcrypt)
-// Direct copy of password hashes works
-
-User::create([
-    'email' => $oldUser->email,
-    'password' => $oldUser->password, // Direct copy - NO rehashing
-    'email_verified_at' => $oldUser->email_verified_at,
-]);
-```
-
-### Rollback Strategy
-- Keep old system running in parallel for 2 weeks post-launch
-- Database snapshots before each migration phase
-- Export old database to SQL dump (backup)
-- Document rollback commands for each migration script
-
----
-
-## 🎨 Filament Resources Specification
-
-### 1. CompanyResource
-**Purpose**: Manage license holders (buyers + sellers)
-
-**Table Columns**:
-- Name (searchable)
-- Type (badge: buyer/seller/both)
-- License # (searchable)
-- Status (badge: active/pending/suspended)
-- Created date
-
-**Form Fields**:
-- Business Information: name, DBA, legal name, type
-- License: number, expiry, document upload
-- Contact: email, phone, address
-- Compliance: W9, insurance, cannabis license
-
-**Relations**:
-- Brands (HasMany) - for sellers
-- Locations (HasMany)
-- Contacts (HasMany)
-- Users (BelongsToMany via pivot)
-
-**Actions**:
-- Approve Company
-- Suspend Company
-- Download Compliance Docs
-
----
-
-### 2. BrandResource
-**Purpose**: Manage stores (product catalogs under a company)
-
-**Table Columns**:
-- Logo (image)
-- Name (searchable)
-- Company (relationship)
-- Product count
-- Status (active/inactive)
-
-**Form Fields**:
-- Brand Identity: name, slug, logo, description
-- Company (BelongsTo selector)
-- Social Media: Instagram, website
-- Settings: active status
-
-**Relations**:
-- Products (HasMany)
-- Company (BelongsTo)
-
-**Actions**:
-- View Storefront
-- Clone Brand
-- Activate/Deactivate
-
----
-
-### 3. ProductResource
-**Purpose**: Manage SKUs (products sold on platform)
-
-**Table Columns**:
-- Image (thumbnail)
-- SKU (searchable)
-- Name (searchable)
-- Brand (relationship)
-- Strain (relationship)
-- Price (money format)
-- Stock status
-
-**Form Fields**:
-- Product Info: name, SKU, description
-- Brand (BelongsTo selector)
-- Pricing: base price, quantity breaks
-- Cannabis: Strain (BelongsTo), Lab results (BelongsTo)
-- Media: Images (multiple upload)
-- Inventory: track stock, quantity
-
-**Relations**:
-- Brand (BelongsTo)
-- Strain (BelongsTo)
-- Lab (BelongsTo)
-- Components (BelongsToMany) - BOM
-- ProductImages (HasMany)
-- ProductPrices (HasMany)
-- Varieties (HasMany) - parent/child products
-
-**Actions**:
-- Clone Product
-- Generate Barcode
-- Export to CSV
-- Activate/Deactivate
-
----
-
-### 4. OrderResource
-**Purpose**: Manage buyer purchase orders
-
-**Table Columns**:
-- Order # (searchable)
-- Buyer Company (relationship)
-- Brand (relationship)
-- Total (money format)
-- Status (badge with colors)
-- Order date (sortable)
-
-**Form Fields**:
-- Order Info: number, date, buyer, location
-- Line Items: Repeater (product, quantity, price)
-- Totals: subtotal, tax, total
-- Status: workflow selector
-- Notes: internal notes
-
-**Relations**:
-- Company (BelongsTo) - buyer
-- User (BelongsTo) - who placed it
-- Location (BelongsTo) - delivery address
-- OrderItems (HasMany)
-- Invoice (HasOne)
-
-**Actions**:
-- Accept Order
-- Mark as Fulfilled
-- Mark as Delivered
-- Cancel Order
-- Generate Invoice
-- Email Customer
-
-**Status Workflow**:
-```
-new → accepted → fulfilled → delivered
-  ↓       ↓          ↓
-cancelled
-```
-
----
-
-### 5. ComponentResource (BOM System)
-**Purpose**: Manage raw materials used to build products
-
-**Table Columns**:
-- Name (searchable)
-- Type (badge: flower/extract/packaging)
-- Unit cost (money)
-- Unit (oz/g/each)
-- Stock
-
-**Form Fields**:
-- Component Info: name, description, type
-- Pricing: cost per unit, unit of measure
-- Inventory: current stock, reorder point
-- Supplier: supplier info (optional)
-
-**Relations**:
-- Products (BelongsToMany via product_components)
-
-**Actions**:
-- View Products Using This Component
-- Update Cost
-
----
-
-## 🔒 Security & Compliance
-
-### Data Protection
-- **Password hashes**: Direct copy (bcrypt compatible)
-- **Sensitive documents**: Migrate file paths, verify file existence
-- **License data**: Encrypted at rest in new system
-- **Payment info**: PCI compliance (if storing cards)
-
-### Access Control
-**Roles** (Spatie Permission):
-- `admin` - Platform administrators (you/your team)
-- `company-owner` - Company account owner (full company access)
-- `company-manager` - Can manage orders, products (limited)
-- `company-user` - Can place orders, view history (buyer role)
-
-**Permissions**:
-- `companies.view`, `companies.create`, `companies.edit`, `companies.delete`
-- `brands.manage` - Create/edit brands (seller only)
-- `products.manage` - Manage product catalog (seller only)
-- `orders.place` - Place orders (buyer only)
-- `orders.manage` - Accept/fulfill orders (seller only)
-- `invoices.view`, `invoices.generate`
-
----
-
-## 📈 Performance Optimization
-
-### Database Indexes (Critical for 1000 SKUs)
-```sql
--- Products table
-CREATE INDEX idx_products_brand_id ON products(brand_id);
-CREATE INDEX idx_products_sku ON products(sku);
-CREATE INDEX idx_products_strain_id ON products(strain_id);
-
--- Orders table
-CREATE INDEX idx_orders_company_id ON orders(company_id);
-CREATE INDEX idx_orders_status ON orders(status);
-CREATE INDEX idx_orders_created_at ON orders(created_at);
-
--- Companies table
-CREATE INDEX idx_companies_type ON companies(type);
-CREATE INDEX idx_companies_license ON companies(license_number);
-```
-
-### Caching Strategy
-- **Product catalog**: Cache for 1 hour
-- **Brand data**: Cache for 24 hours
-- **Shopping cart**: Session-based (no DB queries)
-- **Order history**: Cache per user (invalidate on new order)
-
-### Eager Loading (Prevent N+1 Queries)
-```php
-// Products with relationships
-Product::with(['brand', 'strain', 'lab', 'images', 'prices'])->get();
-
-// Orders with line items
-Order::with(['items.product', 'company', 'location'])->get();
-```
-
----
-
-## 🧪 Testing Strategy
-
-### Unit Tests (Pest)
-- [ ] Product model relationships
-- [ ] Order total calculations
-- [ ] BOM cost calculations
-- [ ] User authentication
-- [ ] Permission checks
-
-### Feature Tests
-- [ ] User registration flow
-- [ ] Company approval workflow
-- [ ] Product CRUD operations
-- [ ] Shopping cart functionality
-- [ ] Order placement end-to-end
-- [ ] Invoice generation
-
-### Migration Verification Tests
-- [ ] User count matches (20 users)
-- [ ] Product count matches (~1000 SKUs)
-- [ ] Order totals match historical data
-- [ ] Company count matches
-- [ ] All file paths resolve (images, documents)
-
-### Load Testing
-- [ ] 1000 products loaded in catalog page (<2s)
-- [ ] 20 concurrent users placing orders
-- [ ] Search performance with 1000 SKUs (<500ms)
-
----
-
-## ⚠️ Risk Mitigation
-
-### High-Risk Items
-
-**1. Password Migration**
-- **Risk**: Users can't log in if hashes incompatible
-- **Mitigation**: Test migration with 3 sample users first
-- **Rollback**: Keep old system for password resets
-
-**2. Product-to-Brand Mapping**
-- **Risk**: Old system doesn't track which brand owns which product
-- **Mitigation**: Manual mapping CSV: product_id → brand_name
-- **Fallback**: Assign all to "Cannabrands General" brand initially
-
-**3. Order Data Integrity**
-- **Risk**: Order totals don't match after migration
-- **Mitigation**: Checksum verification on order totals
-- **Testing**: Compare 10 random orders old vs new
-
-**4. File Path Migration**
-- **Risk**: Product images, compliance docs not found
-- **Mitigation**: Copy entire storage directory
-- **Verification**: Script to check all file paths resolve
-
-**5. Email Notifications**
-- **Risk**: Spamming users during migration testing
-- **Mitigation**: Use Mailpit, disable SMTP until launch
-- **Testing**: Check email queue, don't send during migration
-
-### Medium-Risk Items
-- Component data incomplete (some products missing BOM)
-- Variety relationships complex (parent-child products)
-- Historical data too large (performance issues)
-
----
-
-## 📋 Launch Checklist
-
-### Pre-Launch (Day 27)
-- [ ] All 1000 products migrated and visible
-- [ ] All 20 users can log in successfully
-- [ ] Test order placement end-to-end (3 different buyers)
-- [ ] Filament admin panel accessible
-- [ ] Email notifications working (test mode)
-- [ ] SSL certificate installed
-- [ ] Database backups automated
-- [ ] Error monitoring setup (Sentry/Bugsnag)
-
-### Launch Day (Day 28)
-- [ ] Final data sync from old database
-- [ ] DNS cutover to new system
-- [ ] Announce to users via email
-- [ ] Monitor error logs (first 2 hours)
-- [ ] Support team on standby
-- [ ] Old system in read-only mode (fallback)
-
-### Post-Launch (Week 5)
-- [ ] Daily monitoring for 1 week
-- [ ] User feedback collection
-- [ ] Bug fix hot patches
-- [ ] Performance tuning based on real usage
-- [ ] Retire old system after 2 weeks stable operation
-
----
-
-## 🛠️ Development Tools & Resources
-
-### Required Packages (Already Installed)
-- ✅ Laravel 12
-- ✅ Filament 4
-- ✅ Spatie Permission v6
-- ✅ Laravel Breeze (auth scaffolding)
-- ✅ Pest (testing)
-
-### Additional Packages Needed
-```bash
-composer require barryvdh/laravel-dompdf  # Invoice PDFs
-composer require intervention/image       # Image processing
-composer require maatwebsite/excel        # CSV imports/exports
-```
-
-### Development Commands
-```bash
-# New project
-cd /Users/jon/projects/cannabrands/cannabrands_new
-
-# Old project (reference only)
-cd /Users/jon/projects/cannabrands/cannabrands_crm
-```
-
----
-
-## 📞 Support & Communication
-
-### Daily Standup (Recommended)
-- What was completed yesterday
-- What's planned for today
-- Any blockers
-
-### Claude Code Collaboration
-- Reference old codebase: `/Users/jon/projects/cannabrands/cannabrands_crm`
-- Active development: `/Users/jon/projects/cannabrands/cannabrands_new`
-- Use CLAUDE_COLLABORATION_WORKFLOW.md for prompt templates
-
-### Decision Log
-| Date | Decision | Rationale |
-|------|----------|-----------|
-| Today | Use "companies" not "businesses" | Better industry terminology |
-| Today | 5 brands under Cannabrands | Matches business structure |
-| Today | Separate orders/invoices tables | Cleaner than dual-purpose |
-| Today | PostgreSQL for new system | Better JSON support, scalability |
-
----
-
-## ✅ Success Metrics
-
-### Technical Metrics
-- Zero data loss (100% of records migrated)
-- <2s page load for product catalog
-- <500ms search response time
-- 99.9% uptime in first month
-
-### Business Metrics
-- All 5 Cannabrands brands have active storefronts
-- 20/20 users successfully migrated and active
-- First order placed within 48 hours of launch
-- Invoice generation working for all brands
-
-### User Satisfaction
-- User training completed (1 hour session)
-- <5 support tickets in first week
-- Positive feedback from Cannabrands team
-- Buyers can easily find products
-
----
-
-**Last Updated**: December 2024
-**Owner**: Cannabrands Development Team
-**Status**: Ready for Execution
-**Next Step**: Begin Week 1 - Schema Refactoring

Makefile

@@ -1,8 +1,40 @@
-.PHONY: help dev dev-down dev-build dev-shell dev-logs dev-vite prod-build prod-up prod-down prod-logs prod-shell prod-vite prod-test prod-test-build prod-test-up prod-test-down prod-test-logs prod-test-shell prod-test-status prod-test-clean migrate test clean install
+.PHONY: help dev dev-down dev-build dev-shell dev-logs dev-vite k-setup k-dev k-down k-logs k-shell k-artisan k-composer k-vite k-status prod-build prod-up prod-down prod-logs prod-shell prod-vite prod-test prod-test-build prod-test-up prod-test-down prod-test-logs prod-test-shell prod-test-status prod-test-clean migrate test clean install
 
 # Default target
 .DEFAULT_GOAL := help
 
+# ==================== K8s Variables ====================
+# Detect if we're in a worktree or project root
+GIT_DIR := $(shell git rev-parse --git-dir 2>/dev/null)
+IS_WORKTREE := $(shell echo "$(GIT_DIR)" | grep -q ".worktrees" && echo "true" || echo "false")
+
+# Find project root (handles both worktree and main repo)
+ifeq ($(IS_WORKTREE),true)
+    # In a worktree - project root is two levels up
+    PROJECT_ROOT := $(shell cd ../.. && pwd)
+    WORKTREE_NAME := $(shell basename $(CURDIR))
+    K8S_VOLUME_PATH := /worktrees/$(WORKTREE_NAME)
+    HOST_WORKTREE_PATH := $(PROJECT_ROOT)/.worktrees
+else
+    # In project root
+    PROJECT_ROOT := $(shell pwd)
+    WORKTREE_NAME := root
+    K8S_VOLUME_PATH := /project-root
+    HOST_WORKTREE_PATH := $(PROJECT_ROOT)/.worktrees
+endif
+
+# Generate namespace from branch name (feat-branch-name)
+CURRENT_BRANCH := $(shell git rev-parse --abbrev-ref HEAD)
+K8S_NS := $(shell echo "$(CURRENT_BRANCH)" | sed 's/feature\//feat-/' | sed 's/bugfix\//fix-/' | sed 's/\//-/g')
+# Generate sanitized branch name for database
+SANITIZED_BRANCH := $(shell echo "$(CURRENT_BRANCH)" | sed 's/[^a-zA-Z0-9]/_/g')
+# Generate host from branch
+K8S_HOST := $(shell echo "$(CURRENT_BRANCH)" | sed 's/feature\///' | sed 's/bugfix\///' | sed 's/\//-/g').cannabrands.test
+# Read database credentials from .env
+DB_USERNAME := $(shell grep '^DB_USERNAME=' .env 2>/dev/null | cut -d '=' -f2)
+DB_PASSWORD := $(shell grep '^DB_PASSWORD=' .env 2>/dev/null | cut -d '=' -f2)
+DB_DATABASE := $(shell grep '^DB_DATABASE=' .env 2>/dev/null | cut -d '=' -f2)
+
 # ==================== Local Development (Sail) ====================
 dev: ## Start local development environment with Sail
 	./vendor/bin/sail up -d
@@ -31,6 +63,116 @@ dev-composer: ## Run composer command (usage: make dev-composer CMD="install")
 dev-vite: ## Start Vite dev server (run after 'make dev')
 	./vendor/bin/sail npm run dev
 
+# ==================== K8s Local Development ====================
+k-setup: ## One-time setup: Create K3d cluster with auto-detected volume mounts
+	@echo "🔧 Setting up K3d cluster 'dev' with auto-detected paths"
+	@echo "   Project Root: $(PROJECT_ROOT)"
+	@echo "   Worktrees Path: $(HOST_WORKTREE_PATH)"
+	@echo ""
+	@# Check if cluster already exists
+	@if k3d cluster list | grep -q "^dev "; then \
+		echo "⚠️  Cluster 'dev' already exists!"; \
+		echo "   To recreate, run: k3d cluster delete dev && make k-setup"; \
+		exit 1; \
+	fi
+	@# Create cluster with dynamic volume mounts
+	k3d cluster create dev \
+		--api-port 6443 \
+		--port "80:80@loadbalancer" \
+		--port "443:443@loadbalancer" \
+		--volume $(HOST_WORKTREE_PATH):/worktrees \
+		--volume $(PROJECT_ROOT):/project-root
+	@echo ""
+	@echo "✅ K3d cluster created successfully!"
+	@echo "   Next step: Run 'make k-dev' to start your environment"
+
+k-dev: ## Start k8s local environment (like Sail, but with namespace isolation)
+	@echo "🚀 Starting k8s environment"
+	@echo "   Location: $(if $(filter true,$(IS_WORKTREE)),Worktree ($(WORKTREE_NAME)),Project Root)"
+	@echo "   Namespace: $(K8S_NS)"
+	@echo "   Branch: $(CURRENT_BRANCH)"
+	@echo "   URL: http://$(K8S_HOST)"
+	@echo ""
+	@# Create namespace
+	@kubectl create ns $(K8S_NS) --dry-run=client -o yaml | kubectl apply -f -
+	@# Create secrets from .env
+	@kubectl -n $(K8S_NS) delete secret app-env --ignore-not-found
+	@kubectl -n $(K8S_NS) create secret generic app-env --from-env-file=.env
+	@# Create PostgreSQL auth secret (using credentials from .env)
+	@kubectl -n $(K8S_NS) create secret generic pg-auth --dry-run=client -o yaml \
+		--from-literal=POSTGRES_DB=$(DB_DATABASE) \
+		--from-literal=POSTGRES_USER=$(DB_USERNAME) \
+		--from-literal=POSTGRES_PASSWORD=$(DB_PASSWORD) | kubectl apply -f -
+	@# Deploy PostgreSQL
+	@export NS=$(K8S_NS) PG_DB=$(DB_DATABASE) PG_USER=$(DB_USERNAME) PG_PASS=$(DB_PASSWORD) && \
+		envsubst < k8s/local/postgres.yaml | kubectl apply -f -
+	@# Deploy Redis
+	@export NS=$(K8S_NS) && \
+		envsubst < k8s/local/redis.yaml | kubectl apply -f -
+	@# Deploy Reverb (WebSocket server)
+	@export NS=$(K8S_NS) K8S_VOLUME_PATH=$(K8S_VOLUME_PATH) K8S_HOST=$(K8S_HOST) && \
+		envsubst < k8s/local/reverb.yaml | kubectl apply -f -
+	@# Wait for DB
+	@echo "⏳ Waiting for PostgreSQL..."
+	@kubectl -n $(K8S_NS) wait --for=condition=ready pod -l app=postgres --timeout=60s
+	@# Deploy app (with code volume mounted)
+	@export NS=$(K8S_NS) K8S_VOLUME_PATH=$(K8S_VOLUME_PATH) K8S_HOST=$(K8S_HOST) && \
+		envsubst < k8s/local/deployment.yaml | kubectl apply -f -
+	@# Create service + ingress
+	@export NS=$(K8S_NS) K8S_HOST=$(K8S_HOST) && \
+		envsubst < k8s/local/service.yaml | kubectl apply -f - && \
+		envsubst < k8s/local/ingress.yaml | kubectl apply -f -
+	@echo ""
+	@echo "✅ Ready! Visit: http://$(K8S_HOST)"
+	@echo ""
+	@echo "💡 Your code is volume-mounted - changes are instant!"
+	@echo "   Edit files → refresh browser → see changes"
+	@echo ""
+	@echo "📝 Useful commands:"
+	@echo "   make k-logs    # View app logs"
+	@echo "   make k-shell   # Open shell in pod"
+	@echo "   make k-vite    # Start Vite dev server"
+	@echo ""
+	@echo "🔌 WebSocket (Reverb) available at: ws://reverb.$(K8S_HOST):8080"
+
+k-down: ## Stop k8s environment
+	@echo "🗑  Removing namespace: $(K8S_NS)"
+	@kubectl delete ns $(K8S_NS) --ignore-not-found
+	@echo "✅ Cleaned up"
+
+k-logs: ## View app logs
+	@kubectl -n $(K8S_NS) logs -f deploy/web --all-containers=true
+
+k-shell: ## Shell into app container
+	@kubectl -n $(K8S_NS) exec -it deploy/web -- /bin/bash
+
+k-artisan: ## Run artisan command (usage: make k-artisan CMD="migrate")
+	@kubectl -n $(K8S_NS) exec deploy/web -- php artisan $(CMD)
+
+k-composer: ## Run composer (usage: make k-composer CMD="install")
+	@kubectl -n $(K8S_NS) exec deploy/web -- composer $(CMD)
+
+k-vite: ## Run Vite dev server in k8s pod
+	@echo "🎨 Starting Vite dev server in pod..."
+	@echo "   Access at: http://vite.$(K8S_HOST)"
+	@kubectl -n $(K8S_NS) exec deploy/web -- npm run dev
+
+k-test: ## Run tests in k8s pod
+	@echo "🧪 Running tests in k8s pod..."
+	@kubectl -n $(K8S_NS) exec deploy/web -- php artisan test
+
+k-seed: ## Run database seeders in k8s (usage: make k-seed SEEDER=DevSeeder)
+	@kubectl -n $(K8S_NS) exec deploy/web -- php artisan db:seed --class=$(SEEDER)
+
+k-migrate-fresh: ## Fresh database with seeding in k8s pod
+	@echo "🔄 Running fresh migration with seeding..."
+	@kubectl -n $(K8S_NS) exec deploy/web -- php artisan migrate:fresh --seed
+
+k-status: ## Show k8s environment status
+	@echo "📊 Status for namespace: $(K8S_NS)"
+	@echo ""
+	@kubectl -n $(K8S_NS) get pods,svc,ingress
+
 # ==================== Production ====================
 prod-build: ## Build production Docker image
 	docker build -t cannabrands/app:latest -f Dockerfile .
@@ -129,13 +271,37 @@ install: ## Initial project setup
 	@echo "  2. Run 'make dev' to start development environment"
 	@echo "  3. Run 'make migrate' to set up database"
 
+setup-hooks: ## Configure git hooks for code quality
+	@git config core.hooksPath .githooks
+	@chmod +x .githooks/*
+	@echo "✅ Git hooks configured!"
+	@echo "   - pre-commit: Auto-formats code with Laravel Pint"
+	@echo "   - pre-push: Optionally runs tests before pushing"
+
 mailpit: ## Open Mailpit web UI
 	@open http://localhost:8025 || xdg-open http://localhost:8025 || echo "Open http://localhost:8025 in your browser"
 
+new-worktree: ## Create new worktree (usage: make new-worktree BRANCH=feature/my-feature or make new-worktree BRANCH=feature/my-feature NEW=true)
+	@if [ -z "$(BRANCH)" ]; then \
+		echo "❌ Error: BRANCH parameter required"; \
+		echo ""; \
+		echo "Usage:"; \
+		echo "  make new-worktree BRANCH=feature/my-feature        # Checkout existing branch"; \
+		echo "  make new-worktree BRANCH=feature/my-feature NEW=true  # Create new branch"; \
+		exit 1; \
+	fi
+	@if [ "$(NEW)" = "true" ]; then \
+		./scripts/new-worktree.sh -b $(BRANCH); \
+	else \
+		./scripts/new-worktree.sh $(BRANCH); \
+	fi
+
 help: ## Show this help message
 	@echo "\n📦 CannaBrands Docker Commands\n"
 	@echo "Local Development (Sail):"
 	@grep -E '^dev.*:.*?## .*$$' $(MAKEFILE_LIST) | awk 'BEGIN {FS = ":.*?## "}; {printf "  \033[36m%-25s\033[0m %s\n", $$1, $$2}'
+	@echo "\nK8s Local Development:"
+	@grep -E '^k-.*:.*?## .*$$' $(MAKEFILE_LIST) | awk 'BEGIN {FS = ":.*?## "}; {printf "  \033[35m%-25s\033[0m %s\n", $$1, $$2}'
 	@echo "\nProduction Testing (Local):"
 	@grep -E '^prod-test.*:.*?## .*$$' $(MAKEFILE_LIST) | awk 'BEGIN {FS = ":.*?## "}; {printf "  \033[33m%-25s\033[0m %s\n", $$1, $$2}'
 	@echo "\nProduction (K8s/Deployment):"

NOTIFICATIONS.md

@@ -1,237 +0,0 @@
-# Notification & Email Policy
-
-**Last Updated**: January 2025
-**Status**: Initial Implementation (Day 15)
-
----
-
-## Overview
-
-This document outlines the notification and email strategy for the Cannabrands B2B platform. The system uses both email notifications (via Laravel Mail) and in-app notifications for real-time updates.
-
----
-
-## Email Notifications
-
-### Order Workflow Emails
-
-| Event | Recipient | Template | Priority | Notes |
-|-------|-----------|----------|----------|-------|
-| **New Order Placed** | Seller (Admin) | `emails.orders.new-order` | High | Includes order summary, buyer info, items list |
-| **Order Accepted** | Buyer | `emails.orders.order-accepted` | Medium | Confirms acceptance, shows estimated timeline |
-| **Order Ready for Delivery** | Buyer | `emails.orders.ready-for-delivery` | High | Notifies order is packed and ready to ship |
-| **Order Delivered** | Buyer | `emails.orders.order-delivered` | Medium | Delivery confirmation with thank you message |
-| **Order Cancelled** | Buyer | `emails.orders.order-cancelled` | High | Cancellation notice with reason if provided |
-
-### Invoice Workflow Emails
-
-| Event | Recipient | Template | Priority | Notes |
-|-------|-----------|----------|----------|-------|
-| **Invoice Generated** | Buyer | `emails.invoices.invoice-ready` | High | Invoice ready for buyer approval after seller review |
-| **Invoice Overdue (3 days)** | Buyer | `emails.invoices.payment-reminder-3day` | High | First reminder |
-| **Invoice Overdue (7 days)** | Buyer | `emails.invoices.payment-reminder-7day` | High | Second reminder |
-| **Invoice Overdue (14 days)** | Buyer + Seller | `emails.invoices.payment-reminder-14day` | Critical | Final reminder, copied to seller |
-| **Payment Received** | Buyer | `emails.invoices.payment-received` | Low | Payment confirmation (future feature) |
-
-### Picking Workflow Emails
-
-| Event | Recipient | Template | Priority | Notes |
-|-------|-----------|----------|----------|-------|
-| **Picking Complete (100%)** | Seller | `emails.orders.picking-complete` | High | Alerts seller to review and generate invoice |
-
----
-
-## In-App Notifications
-
-### Notification Types
-
-**For Buyers:**
-- 🛒 New order confirmation
-- ✅ Order accepted by seller
-- 📦 Order ready for delivery
-- 🚚 Order delivered
-- 📄 Invoice ready for approval
-- ⚠️ Payment due soon (3 days before due date)
-- 🔴 Payment overdue
-
-**For Sellers (Admin Panel):**
-- 🛍️ New order received
-- 📋 Picking complete - ready for review
-- 💳 Payment received (future)
-
-### Notification Bell Behavior
-
-- **Unread Count Badge**: Shows count of unread notifications
-- **Auto-refresh**: Checks for new notifications every 30 seconds
-- **Mark as Read**: Clicking notification marks it as read
-- **Persistence**: Notifications stored in database, not deleted after reading
-- **Archive**: Users can manually dismiss notifications (future feature)
-
----
-
-## Email Template Design
-
-All emails follow the branded template pattern established in `emails.registration.verification`:
-
-**Brand Elements:**
-- Logo: `https://cannabrands.app/assets/images/canna_white.png`
-- Primary Color: `#014847` (teal gradient)
-- Font: DM Sans
-- Button Style: Teal gradient background, white text
-- Footer: Cannabrands © 2025, support contact
-
-**Template Structure:**
-```blade
-@component('mail::message')
-# [Email Subject Line]
-
-[Email body content - plain language, buyer/seller focused]
-
-@component('mail::button', ['url' => $actionUrl, 'color' => 'primary'])
-[Call to Action Button]
-@endcomponent
-
-[Additional information or next steps]
-
-Thanks,<br>
-The Cannabrands Team
-@endcomponent
-```
-
----
-
-## Notification Preferences (Future)
-
-Allow users to control notification settings:
-
-### Email Preferences
-- [ ] Order updates (placed, accepted, delivered)
-- [ ] Invoice notifications (generated, due soon, overdue)
-- [ ] Marketing emails (new products, promotions)
-- [ ] System announcements
-
-### In-App Preferences
-- [ ] Real-time notifications
-- [ ] Desktop push notifications (future)
-- [ ] Sound alerts
-
-### Frequency Settings
-- [ ] Immediate (default)
-- [ ] Daily digest
-- [ ] Weekly summary
-- [ ] Disabled (except critical)
-
----
-
-## Implementation Notes
-
-### Current Status (Day 15)
-
-**Implemented:**
-- Email infrastructure using Laravel Mail
-- Notification database table and model
-- In-app notification dropdown (frontend exists, needs backend)
-- Brand-consistent email templates
-
-**Not Yet Implemented:**
-- Automated overdue payment reminders (requires scheduled task)
-- Email preference management
-- Notification archiving
-- Push notifications
-- SMS notifications (future consideration)
-
-### Technical Details
-
-**Email Service**: Mailpit (local), SMTP (production)
-
-**Notification Storage**:
-- Table: `notifications`
-- Model: `App\Models\Notification`
-- Polymorphic relationship to User
-
-**Queue System**:
-- Development: sync driver
-- Production: database/redis queue recommended for email sending
-
-**Rate Limiting**:
-- Payment reminders: Max 1 per invoice per day
-- Marketing emails: Opt-in only, max 2 per week
-
----
-
-## Testing Checklist
-
-### Email Testing
-- [ ] New order email arrives at seller email
-- [ ] Order acceptance email arrives at buyer email
-- [ ] Invoice ready email includes correct invoice number and amount
-- [ ] Overdue reminders send at correct intervals
-- [ ] All emails render correctly in Gmail, Outlook, Apple Mail
-- [ ] All CTA buttons link to correct pages
-- [ ] Unsubscribe links work (future)
-
-### In-App Notification Testing
-- [ ] Notification bell shows unread count
-- [ ] Clicking notification marks it as read
-- [ ] Notification links to correct resource (order/invoice)
-- [ ] Notifications auto-refresh without page reload
-- [ ] Mark all as read functionality works
-
----
-
-## Future Enhancements
-
-### Phase 2 (Post-MVP)
-1. **Digest Emails**: Daily/weekly summary of activity
-2. **Smart Notifications**: AI-powered suggestions based on buying patterns
-3. **SMS Notifications**: Critical alerts via Twilio
-4. **Webhook Support**: Allow third-party integrations
-5. **Notification Templates**: Customizable by company
-
-### Phase 3 (Advanced)
-1. **Multi-channel**: Email + SMS + Push + Slack
-2. **Notification Analytics**: Track open rates, click-through
-3. **A/B Testing**: Test email subject lines and content
-4. **Scheduled Sends**: Time-zone aware delivery
-5. **Rich Notifications**: Images, action buttons in notifications
-
----
-
-## Refinement Areas
-
-**To be reviewed and potentially changed:**
-
-1. **Overdue Reminder Intervals**: Currently 3/7/14 days - should it be 1/3/7 or 5/10/15?
-2. **Seller Notifications**: Should sellers get daily digest of new orders or immediate alerts?
-3. **Picking Alerts**: Should lab crew get notifications when orders are accepted?
-4. **Invoice Approval**: Should seller be notified when buyer approves invoice?
-5. **Marketing vs Transactional**: Clear separation needed for CAN-SPAM compliance
-6. **Notification Retention**: How long to keep old notifications? Auto-archive after 30 days?
-7. **Critical vs Non-Critical**: Which emails should bypass "unsubscribe" (transactional only)
-8. **CC Recipients**: Should account managers be CC'd on order emails?
-
----
-
-## Compliance Notes
-
-**CAN-SPAM Act Requirements:**
-- ✅ Clear "From" name (Cannabrands)
-- ✅ Accurate subject lines
-- ✅ Physical address in footer
-- ✅ Unsubscribe mechanism (for marketing only)
-- ⚠️ Transactional emails exempt from unsubscribe requirement
-
-**GDPR Considerations** (if applicable):
-- User consent for marketing emails
-- Right to export notification history
-- Right to delete notification data
-- Data retention policies
-
----
-
-## Contact for Policy Changes
-
-**Product Owner**: [To be filled]
-**Technical Lead**: [To be filled]
-**Last Review Date**: January 2025
-**Next Review Date**: March 2025

TESTING_INVOICE_APPROVAL.md

@@ -1,368 +0,0 @@
-# Invoice Approval & Modification System - Testing Guide
-
-## Quick Start
-
-### 1. Generate Test Data
-
-Run this command to create a complete test order with invoice:
-
-```bash
-php artisan test:invoice-approval
-```
-
-Or specify a specific buyer:
-```bash
-php artisan test:invoice-approval --buyer-email=your-buyer@example.com
-```
-
-This will:
-- ✅ Create a test order with 5 random products
-- ✅ Progress it through the workflow (accepted → in_progress → ready_for_invoice → invoiced)
-- ✅ Generate an invoice with `approval_status = 'pending_buyer_approval'`
-- ✅ Display test URLs and credentials
-
----
-
-## Testing Scenarios
-
-### Scenario 1: Approve Invoice Without Changes
-
-**Steps:**
-1. Login as buyer
-2. Navigate to `/b/invoices/{invoice_id}`
-3. Click **"Approve Invoice"** button
-4. Confirm the action
-
-**Expected Results:**
-- ✅ Invoice `approval_status` → `'buyer_approved'`
-- ✅ Invoice `approved_at` timestamp set
-- ✅ Invoice `approved_by` = current user ID
-- ✅ Order `status` → `'manifest_created'`
-- ✅ Order `manifest_created_at` timestamp set
-- ✅ Success message displayed
-- ✅ Page reloads with success alert
-
-**Database Verification:**
-```sql
--- Check invoice approval
-SELECT id, invoice_number, approval_status, approved_at, approved_by
-FROM invoices
-WHERE id = {invoice_id};
-
--- Check order status progression
-SELECT id, order_number, status, manifest_created_at
-FROM orders
-WHERE id = {order_id};
-
--- Should be no changes recorded (direct approval)
-SELECT COUNT(*) FROM order_changes WHERE order_id = {order_id};
--- Expected: 0
-```
-
----
-
-### Scenario 2: Reject Invoice
-
-**Steps:**
-1. Login as buyer
-2. Navigate to `/b/invoices/{invoice_id}`
-3. Click **"Reject Invoice"** button
-4. Modal opens
-5. Enter rejection reason: "Prices too high"
-6. Click **"Confirm Rejection"**
-
-**Expected Results:**
-- ✅ Invoice `approval_status` → `'rejected'`
-- ✅ Invoice `rejected_at` timestamp set
-- ✅ Invoice `rejection_reason` = "Prices too high"
-- ✅ Order `status` → `'rejected'`
-- ✅ Order `rejected_at` timestamp set
-- ✅ Order `rejected_reason` = "Prices too high"
-- ✅ Redirect to invoices index with success message
-
-**Database Verification:**
-```sql
-SELECT id, invoice_number, approval_status, rejected_at, rejection_reason
-FROM invoices
-WHERE id = {invoice_id};
-
-SELECT id, order_number, status, rejected_at, rejected_reason
-FROM orders
-WHERE id = {order_id};
-```
-
----
-
-### Scenario 3: Modify Invoice - Reduce Quantity (Auto-Approved)
-
-**Steps:**
-1. Login as buyer
-2. Navigate to `/b/invoices/{invoice_id}`
-3. Click **"Modify Invoice"** button
-4. Edit mode activates
-5. Find a line item with quantity 10
-6. Change quantity to **9** (10% reduction - should auto-approve)
-7. Click **"Save Changes"**
-
-**Expected Results:**
-- ✅ Invoice `approval_status` → `'buyer_modified'`
-- ✅ `order_changes` record created:
-  - `change_type` = 'quantity_edit'
-  - `old_value` = 10
-  - `new_value` = 9
-  - `status` = **'auto_approved'** (because <10% reduction)
-  - `negotiation_round` = 1
-  - `user_type` = 'buyer'
-- ✅ Success message: "Changes saved successfully..."
-- ✅ Page reloads
-
-**Database Verification:**
-```sql
--- Check the change was recorded
-SELECT * FROM order_changes
-WHERE order_id = {order_id}
-ORDER BY created_at DESC
-LIMIT 1;
-
--- Verify auto-approval
-SELECT change_type, old_value, new_value, status
-FROM order_changes
-WHERE order_id = {order_id} AND status = 'auto_approved';
-```
-
----
-
-### Scenario 4: Modify Invoice - Reduce Quantity (>10%, Needs Review)
-
-**Steps:**
-1. Login as buyer
-2. Navigate to `/b/invoices/{invoice_id}`
-3. Click **"Modify Invoice"**
-4. Change a quantity from **10 to 5** (50% reduction)
-5. Click **"Save Changes"**
-
-**Expected Results:**
-- ✅ Invoice `approval_status` → `'buyer_modified'`
-- ✅ `order_changes` record created with `status` = **'pending'** (not auto-approved)
-- ✅ Seller will need to review this change
-
-**Database Verification:**
-```sql
-SELECT change_type, old_value, new_value, status
-FROM order_changes
-WHERE order_id = {order_id} AND status = 'pending';
-```
-
----
-
-### Scenario 5: Delete Line Item
-
-**Steps:**
-1. Login as buyer
-2. Navigate to `/b/invoices/{invoice_id}`
-3. Click **"Modify Invoice"**
-4. Click **"Remove"** button on a line item
-5. Item shows as deleted (opacity-50, crossed out)
-6. Click **"Save Changes"**
-
-**Expected Results:**
-- ✅ Invoice `approval_status` → `'buyer_modified'`
-- ✅ `order_changes` record created:
-  - `change_type` = 'item_delete'
-  - `old_value` = {original_quantity}
-  - `new_value` = 0
-  - `status` = 'pending'
-  - `order_item_id` = {deleted_item_id}
-
-**Database Verification:**
-```sql
-SELECT * FROM order_changes
-WHERE order_id = {order_id} AND change_type = 'item_delete';
-```
-
----
-
-### Scenario 6: Try to Increase Quantity (Should Fail)
-
-**Steps:**
-1. Login as buyer
-2. Navigate to `/b/invoices/{invoice_id}`
-3. Click **"Modify Invoice"**
-4. Try to change quantity from **10 to 15**
-5. Input field should prevent this OR show validation error
-
-**Expected Results:**
-- ✅ Validation prevents increase
-- ✅ Alert: "You can only reduce quantities, not increase them."
-- ✅ Quantity resets to original value
-- ✅ No change saved
-
----
-
-### Scenario 7: Multiple Changes in One Modification
-
-**Steps:**
-1. Login as buyer
-2. Click **"Modify Invoice"**
-3. Reduce item 1 quantity from 10 → 8
-4. Delete item 2 entirely
-5. Reduce item 3 quantity from 12 → 10
-6. Click **"Save Changes"**
-
-**Expected Results:**
-- ✅ 3 separate `order_changes` records created
-- ✅ Each tracked independently
-- ✅ All have same `negotiation_round` (1)
-- ✅ All have same `created_at` (batch)
-
-**Database Verification:**
-```sql
-SELECT id, change_type, order_item_id, old_value, new_value, status, negotiation_round
-FROM order_changes
-WHERE order_id = {order_id}
-ORDER BY created_at DESC;
-```
-
----
-
-### Scenario 8: View Change History
-
-**Steps:**
-1. After making changes (Scenario 7)
-2. Scroll down to **"Change History"** section
-3. Review the table
-
-**Expected Results:**
-- ✅ Shows recent changes (up to 5)
-- ✅ Displays: Round, Type, Product, Old Value, New Value, Changed By, Status
-- ✅ Status badges: success (approved/auto-approved), warning (pending), error (rejected)
-- ✅ "View All Changes" button visible
-
----
-
-### Scenario 9: Cancel Edit Mode
-
-**Steps:**
-1. Login as buyer
-2. Click **"Modify Invoice"**
-3. Make some changes (reduce qty, delete item)
-4. Click **"Cancel"** button
-
-**Expected Results:**
-- ✅ All changes discarded
-- ✅ Quantities reset to original values
-- ✅ Deleted items restored
-- ✅ Edit mode exits
-- ✅ No changes saved to database
-
----
-
-### Scenario 10: Negotiation Round Tracking
-
-**This requires seller response - will test once seller UI is complete**
-
-1. Buyer modifies invoice (Round 1)
-2. Seller counter-modifies (Round 2)
-3. Buyer modifies again (Round 3)
-4. Check `current_negotiation_round` field increments
-
-**Expected:**
-- ✅ Max 3 rounds allowed
-- ✅ `invoice.current_negotiation_round` increments
-
----
-
-## Browser Console Testing
-
-Open browser console while testing to see:
-
-```javascript
-// Alpine.js state inspection
-Alpine.store('invoice')
-
-// Check reactive data
-$data.items
-$data.editMode
-$data.hasChanges
-```
-
----
-
-## Network Tab Verification
-
-Monitor the following API calls:
-
-### Approve Invoice
-```
-POST /b/invoices/{invoice}/approve
-Response: { success: true, message: "Invoice approved successfully." }
-```
-
-### Reject Invoice
-```
-POST /b/invoices/{invoice}/reject
-Body: { reason: "..." }
-Redirect: /b/invoices
-```
-
-### Modify Invoice
-```
-POST /b/invoices/{invoice}/modify
-Body: {
-  items: [
-    { id: 1, quantity: 8, deleted: false },
-    { id: 2, quantity: 0, deleted: true }
-  ]
-}
-Response: { success: true, message: "Changes saved..." }
-```
-
----
-
-## Edge Cases to Test
-
-### ❌ Unauthorized Access
-- Try accessing another company's invoice
-- Expected: 403 Forbidden
-
-### ❌ Already Approved Invoice
-- Try modifying an invoice with `approval_status = 'buyer_approved'`
-- Expected: Buttons hidden, "This invoice cannot be modified" message
-
-### ❌ Already Rejected Invoice
-- Try approving a rejected invoice
-- Expected: Buttons hidden, rejection reason displayed
-
-### ❌ Empty Changes
-- Click "Modify Invoice"
-- Don't change anything
-- Click "Save Changes"
-- Expected: "No changes detected" error
-
----
-
-## Post-Testing Cleanup
-
-Remove test data:
-```sql
--- Find test orders
-SELECT * FROM orders WHERE notes LIKE '%Test order for invoice approval%';
-
--- Delete test data (cascades to order_items, invoices, order_changes)
-DELETE FROM orders WHERE notes LIKE '%Test order for invoice approval%';
-```
-
-Or keep for repeated testing!
-
----
-
-## Next Steps: Seller Testing (Once UI Complete)
-
-1. Seller receives notification of buyer modifications
-2. Seller reviews changes at `/seller/invoices/{invoice}`
-3. Seller can:
-   - Approve buyer's changes (applies them, moves to amendment_in_progress)
-   - Counter-modify (make own changes, increments negotiation round)
-   - Reject outright
-
-This will be tested once seller review UI is implemented.

TESTING_PRODUCTION_LOCALLY.md

@@ -1,174 +0,0 @@
-# Testing Production Docker Image Locally
-
-This guide helps you test the production Docker image locally before pushing to CI/CD.
-
-## Quick Start
-
-```bash
-# Build and start the production image locally
-docker-compose -f docker-compose.prod-test.yml up --build
-
-# Access the app at: http://localhost:8080
-# PostgreSQL accessible at: localhost:5433
-```
-
-## Why Test Locally?
-
-- ✅ **Faster feedback** - 2-5 min vs 10-15 min through CI/CD
-- ✅ **Save CI resources** - Don't waste build minutes
-- ✅ **Easier debugging** - Direct container access
-- ✅ **Catch issues early** - Before they hit version control
-
-## Common Commands
-
-### Build and Run
-```bash
-# Start everything (builds if needed)
-docker-compose -f docker-compose.prod-test.yml up
-
-# Build with no cache (clean build)
-docker-compose -f docker-compose.prod-test.yml build --no-cache
-
-# Run in background
-docker-compose -f docker-compose.prod-test.yml up -d
-
-# View logs
-docker-compose -f docker-compose.prod-test.yml logs -f app
-```
-
-### Debug Inside Container
-```bash
-# Execute shell in running container
-docker-compose -f docker-compose.prod-test.yml exec app /bin/sh
-
-# Check supervisor status
-docker-compose -f docker-compose.prod-test.yml exec app supervisorctl status
-
-# View nginx logs
-docker-compose -f docker-compose.prod-test.yml exec app cat /var/log/nginx/error.log
-
-# View Laravel logs
-docker-compose -f docker-compose.prod-test.yml exec app tail -f /var/www/html/storage/logs/laravel.log
-```
-
-### Cleanup
-```bash
-# Stop everything
-docker-compose -f docker-compose.prod-test.yml down
-
-# Remove volumes too (fresh database)
-docker-compose -f docker-compose.prod-test.yml down -v
-```
-
-## Testing Workflow
-
-### Before Pushing to CI/CD:
-
-1. **Make your changes** to Dockerfile, configs, etc.
-
-2. **Test locally:**
-   ```bash
-   docker-compose -f docker-compose.prod-test.yml up --build
-   ```
-
-3. **Verify it works:**
-   - App accessible at http://localhost:8080
-   - No errors in logs: `docker-compose -f docker-compose.prod-test.yml logs app`
-   - All services running: `docker-compose -f docker-compose.prod-test.yml exec app supervisorctl status`
-
-4. **If it works, push to develop:**
-   ```bash
-   git add .
-   git commit -m "fix: your change"
-   git push origin develop
-   ```
-
-5. **If it doesn't work, debug:**
-   ```bash
-   # Check logs
-   docker-compose -f docker-compose.prod-test.yml logs app
-
-   # Exec into container
-   docker-compose -f docker-compose.prod-test.yml exec app /bin/sh
-
-   # Make fixes and rebuild
-   docker-compose -f docker-compose.prod-test.yml up --build
-   ```
-
-## Differences from Production
-
-This local test environment differs from production K8s in:
-
-- Uses local PostgreSQL (not persistent volume)
-- Runs on localhost:8080 (not ingress with TLS)
-- Uses test APP_KEY (not secret from K8s)
-- Single replica (not multiple pods)
-- No load balancer or ingress
-
-But it **does test**:
-- ✅ Dockerfile builds correctly
-- ✅ All directories exist and have correct permissions
-- ✅ Supervisor starts all services (nginx, php-fpm, workers, scheduler)
-- ✅ Laravel boots and connects to database
-- ✅ Migrations run successfully
-- ✅ Application responds to HTTP requests
-
-## Troubleshooting
-
-### Port conflicts
-If 8080 or 5433 are already in use, edit `docker-compose.prod-test.yml` and change the ports.
-
-### Build errors
-```bash
-# Clean build from scratch
-docker-compose -f docker-compose.prod-test.yml build --no-cache --pull
-```
-
-### Container crashes immediately
-```bash
-# Check logs for error
-docker-compose -f docker-compose.prod-test.yml logs app
-
-# Try running without detach to see output
-docker-compose -f docker-compose.prod-test.yml up
-```
-
-### Need fresh database
-```bash
-# Remove volumes and recreate
-docker-compose -f docker-compose.prod-test.yml down -v
-docker-compose -f docker-compose.prod-test.yml up
-```
-
-## Integration with Development Workflow
-
-### Using alongside Laravel Sail
-
-Sail and prod-test can run simultaneously:
-- Sail dev environment: http://localhost (port 80)
-- Production test: http://localhost:8080
-
-Just make sure to use different database ports (Sail: 5432, prod-test: 5433).
-
-### When to use each:
-
-**Laravel Sail (docker-compose.yml):**
-- Daily development
-- Running artisan commands
-- Testing code changes
-- Hot reload with Vite
-
-**Production Test (docker-compose.prod-test.yml):**
-- Before pushing to develop
-- Testing Dockerfile changes
-- Testing supervisor/nginx configs
-- Verifying production build process
-
-## Next Steps After Local Success
-
-Once your image works locally:
-
-1. ✅ Commit and push to develop
-2. ✅ CI/CD builds the same image
-3. ✅ Deploy to Kubernetes with confidence
-4. ✅ Much faster iteration cycle!

TEST_RESULTS.md

@@ -1,197 +0,0 @@
-# Business-Scoped Seller Routes - Test Results
-
-**Test Date:** 2025-10-15
-**Tester:** Claude Code
-**Test Account:** jon@cannabrands.com
-**Business Slug:** cannabrands
-
-## Test Data Summary
-- **Business:** Cannabrands (slug: `cannabrands`)
-- **Brands:** 13
-- **Products:** 312
-- **Orders:** 0 (none yet)
-- **Invoices:** 0 (none yet)
-- **Drivers:** 1
-- **Vehicles:** 2
-
----
-
-## Route Tests
-
-### 1. Business-Scoped Dashboard
-**URL:** `http://localhost:8000/s/cannabrands/dashboard`
-**Expected:** Dashboard with business context
-**Status:** ⏳ Testing...
-
-### 2. Fleet Management - Drivers
-**URL:** `http://localhost:8000/s/cannabrands/fleet/drivers`
-**Expected:** Drivers list page with business context
-**Status:** ⏳ Testing...
-
-### 3. Fleet Management - Vehicles
-**URL:** `http://localhost:8000/s/cannabrands/fleet/vehicles`
-**Expected:** Vehicles list page with business context
-**Status:** ⏳ Testing...
-
-### 4. Orders List
-**URL:** `http://localhost:8000/s/cannabrands/orders`
-**Expected:** Orders list (empty state expected)
-**Status:** ✅ PASSED (Fixed query in OrderController)
-**Notes:** Fixed relationship chain to use `whereHas('items.product.brand')`
-
-### 5. Products List
-**URL:** `http://localhost:8000/s/cannabrands/products`
-**Expected:** Products list with 312 products
-**Status:** ⏳ Testing...
-
-### 6. Invoices List
-**URL:** `http://localhost:8000/s/cannabrands/invoices`
-**Expected:** Invoices list (empty state expected)
-**Status:** ✅ PASSED
-**Notes:** InvoiceController updated with business scope
-
-### 7. Product Edit Page
-**URL:** `http://localhost:8000/s/cannabrands/products/225/edit`
-**Expected:** Product edit form with audit history
-**Status:** ✅ PASSED
-**Notes:** Enhanced UI, audit logging, checkbox handling fixed
-
----
-
-## Access Control Tests
-
-### Test 1: Business Slug Validation
-**Test:** Access non-existent business slug
-**URL:** `http://localhost:8000/s/invalid-slug/dashboard`
-**Expected:** 404 Not Found
-**Status:** ⏳ Testing...
-
-### Test 2: Unauthorized Business Access
-**Test:** User attempts to access another user's business
-**Expected:** 403 Forbidden
-**Status:** ⏳ Testing...
-**Notes:** Requires second test account
-
-### Test 3: Unauthenticated Access
-**Test:** Access business-scoped route without login
-**Expected:** Redirect to login page
-**Status:** ⏳ Testing...
-
----
-
-## Route Model Binding Tests
-
-### Test 1: Business by Slug
-**Binding:** `{business}` → Business model by slug
-**Test URL:** `/s/cannabrands/dashboard`
-**Expected:** Resolve to Business with slug 'cannabrands'
-**Status:** ⏳ Testing...
-
-### Test 2: Order by Order Number
-**Binding:** `{order}` → Order model by order_number
-**Test URL:** `/s/cannabrands/orders/{order_number}`
-**Expected:** Resolve to Order by order_number field
-**Status:** ⏳ Testing... (requires order data)
-
-### Test 3: Product by ID
-**Binding:** `{product}` → Product model by ID
-**Test URL:** `/s/cannabrands/products/225/edit`
-**Expected:** Resolve to Product with ID 225
-**Status:** ✅ PASSED
-
----
-
-## Critical Routes Requiring Approval Middleware
-
-These routes require `approved` middleware:
-- ✅ Orders: `/s/{business}/orders`
-- ✅ Invoices: `/s/{business}/invoices`
-- ✅ Products: `/s/{business}/products`
-- ✅ Components: `/s/{business}/components`
-- ✅ Customers: `/s/{business}/customers`
-
-**Test Account Status:** jon@cannabrands.com is approved ✓
-
----
-
-## Known Issues & Fixes Applied
-
-### Issue 1: OrderController Query Error ✅ FIXED
-**Error:** `Column "seller_business_id" does not exist`
-**Fix:** Changed query to use correct relationship chain:
-```php
-->whereHas('items.product.brand', function ($query) use ($business) {
-    $query->where('business_id', $business->id);
-})
-```
-**File:** `app/Http/Controllers/OrderController.php:26`
-
-### Issue 2: Invoice Model Fillable Array ✅ FIXED
-**Error:** Using deprecated `company_id` instead of `business_id`
-**Fix:** Updated fillable array in Invoice model
-**File:** `app/Models/Invoice.php`
-
-### Issue 3: Invoice Routes Not Business-Scoped ✅ FIXED
-**Error:** Invoice routes not accepting business parameter
-**Fix:** Updated InvoiceController to accept Business parameter and verify ownership
-**File:** `app/Http/Controllers/Seller/InvoiceController.php`
-
-### Issue 4: Product Checkbox Not Unchecking ✅ FIXED
-**Error:** Featured checkbox stays checked when unchecked and saved
-**Fix:** Added explicit checkbox handling in ProductController:
-```php
-$validated['is_active'] = $request->has('is_active');
-$validated['is_featured'] = $request->has('is_featured');
-```
-**File:** `app/Http/Controllers/Seller/ProductController.php`
-
-### Issue 5: Alpine.js FOUC on Sidebar ✅ FIXED
-**Error:** Brief flash of expanded menu items during page load
-**Fix:** Added `x-cloak` directive to sidebar menu container
-**File:** `resources/views/components/seller-sidebar.blade.php:35`
-
-### Issue 6: Alpine.js FOUC on Notifications ✅ FIXED
-**Error:** Brief flash of notification dropdown during page load
-**Fix:** Added `x-cloak` directive to notification dropdown container
-**File:** `resources/views/layouts/app-with-sidebar.blade.php:67`
-
----
-
-## Manual Testing Checklist
-
-- [ ] Login as seller (jon@cannabrands.com)
-- [ ] Navigate to `/s/cannabrands/dashboard`
-- [ ] Test fleet management pages (drivers, vehicles)
-- [ ] Test orders page (empty state)
-- [ ] Test products list and edit
-- [ ] Test invoices page (empty state)
-- [ ] Test product audit history
-- [ ] Test checkbox toggles
-- [ ] Verify sidebar menu persistence
-- [ ] Verify notification dropdown works
-- [ ] Test accessing invalid business slug
-- [ ] Test logout and re-login flow
-
----
-
-## Recommendations
-
-1. **Create test orders** to fully test the order management workflow
-2. **Add automated tests** for business-scoped routing and access control
-3. **Monitor production** for any route binding issues
-4. **Document** the business-scoped routing pattern for future development
-5. **Consider** adding middleware to verify business ownership on all routes
-
----
-
-## Summary
-
-**Total Routes Tested:** 7
-**Passed:** 4
-**In Progress:** 3
-**Failed:** 0
-
-**Critical Fixes Applied:** 6
-**Access Control:** ✅ Implemented via custom route model binding
-**Business Scope:** ✅ All routes accept business parameter
-**Database Queries:** ✅ Fixed to use correct relationship chains

app/Console/Commands/CleanupPermissionAuditLogs.php

@@ -0,0 +1,155 @@
+<?php
+
+namespace App\Console\Commands;
+
+use App\Models\PermissionAuditLog;
+use Illuminate\Console\Command;
+
+class CleanupPermissionAuditLogs extends Command
+{
+    /**
+     * The name and signature of the console command.
+     *
+     * @var string
+     */
+    protected $signature = 'permissions:cleanup-audit
+                            {--dry-run : Show what would be deleted without actually deleting}
+                            {--force : Skip confirmation prompt}';
+
+    /**
+     * The console command description.
+     *
+     * @var string
+     */
+    protected $description = 'Delete expired permission audit logs (non-critical logs past their expiration date)';
+
+    /**
+     * Execute the console command.
+     */
+    public function handle(): int
+    {
+        $isDryRun = $this->option('dry-run');
+        $isForced = $this->option('force');
+
+        $this->info('🔍 Scanning for expired permission audit logs...');
+        $this->newLine();
+
+        // Find expired logs
+        $expiredLogs = PermissionAuditLog::expired()->get();
+
+        if ($expiredLogs->isEmpty()) {
+            $this->info('✅ No expired audit logs found. Everything is up to date!');
+
+            return self::SUCCESS;
+        }
+
+        // Statistics
+        $totalCount = $expiredLogs->count();
+        $oldestLog = $expiredLogs->sortBy('created_at')->first();
+        $newestLog = $expiredLogs->sortByDesc('created_at')->first();
+
+        // Display summary
+        $this->table(
+            ['Metric', 'Value'],
+            [
+                ['Expired logs found', $totalCount],
+                ['Oldest expired log', $oldestLog->created_at->format('Y-m-d H:i:s')],
+                ['Newest expired log', $newestLog->created_at->format('Y-m-d H:i:s')],
+                ['Date range', $oldestLog->created_at->diffForHumans($newestLog->created_at, true)],
+            ]
+        );
+
+        $this->newLine();
+
+        // Show sample of logs to be deleted
+        $this->info('📋 Sample of logs to be deleted:');
+        $sampleLogs = $expiredLogs->take(5);
+
+        foreach ($sampleLogs as $log) {
+            $this->line(sprintf(
+                '  • [%s] %s - %s (expired %s)',
+                $log->created_at->format('Y-m-d'),
+                $log->action_name,
+                $log->targetUser?->name ?? 'Unknown User',
+                $log->expires_at->diffForHumans()
+            ));
+        }
+
+        if ($totalCount > 5) {
+            $this->line("  ... and {$totalCount} more");
+        }
+
+        $this->newLine();
+
+        // Dry run mode
+        if ($isDryRun) {
+            $this->warn('🧪 DRY RUN MODE - No logs will be deleted');
+            $this->info("Would delete {$totalCount} expired audit logs");
+
+            return self::SUCCESS;
+        }
+
+        // Confirmation prompt (unless forced)
+        if (! $isForced) {
+            $confirmed = $this->confirm(
+                "Are you sure you want to delete {$totalCount} expired audit logs?",
+                false
+            );
+
+            if (! $confirmed) {
+                $this->info('❌ Cleanup cancelled');
+
+                return self::SUCCESS;
+            }
+        }
+
+        // Perform deletion
+        $this->info('🗑️  Deleting expired audit logs...');
+
+        $progressBar = $this->output->createProgressBar($totalCount);
+        $progressBar->start();
+
+        $deletedCount = 0;
+        $errorCount = 0;
+
+        foreach ($expiredLogs as $log) {
+            try {
+                $log->delete();
+                $deletedCount++;
+            } catch (\Exception $e) {
+                $errorCount++;
+                $this->error("Failed to delete log ID {$log->id}: {$e->getMessage()}");
+            }
+
+            $progressBar->advance();
+        }
+
+        $progressBar->finish();
+        $this->newLine(2);
+
+        // Final summary
+        if ($errorCount === 0) {
+            $this->info("✅ Successfully deleted {$deletedCount} expired audit logs");
+        } else {
+            $this->warn("⚠️  Deleted {$deletedCount} logs with {$errorCount} errors");
+        }
+
+        // Show remaining stats
+        $remainingTotal = PermissionAuditLog::count();
+        $remainingCritical = PermissionAuditLog::critical()->count();
+        $remainingNonExpired = $remainingTotal - $remainingCritical;
+
+        $this->newLine();
+        $this->info('📊 Database statistics after cleanup:');
+        $this->table(
+            ['Category', 'Count'],
+            [
+                ['Critical logs (kept forever)', $remainingCritical],
+                ['Non-critical logs (not yet expired)', $remainingNonExpired],
+                ['Total remaining logs', $remainingTotal],
+            ]
+        );
+
+        return self::SUCCESS;
+    }
+}

app/Console/Commands/CreateTestInvoiceForApproval.php

@@ -51,8 +51,10 @@ class CreateTestInvoiceForApproval extends Command
 
         $this->info("✓ Company: {$company->name}");
 
-        // Get some products
-        $products = Product::where('quantity_on_hand', '>', 10)->where('is_active', true)->take(5)->get();
+        // Get some products that have inventory
+        $products = Product::whereHas('inventoryItems', function ($q) {
+            $q->where('quantity_on_hand', '>', 10);
+        })->where('is_active', true)->take(5)->get();
         if ($products->isEmpty()) {
             $this->error('No products found. Please seed products first.');
 

app/Console/Commands/ImportBrandFromMySQL.php

@@ -0,0 +1,289 @@
+<?php
+
+namespace App\Console\Commands;
+
+use App\Models\Brand;
+use Illuminate\Console\Command;
+use Illuminate\Support\Facades\Storage;
+use Intervention\Image\Drivers\Gd\Driver;
+use Intervention\Image\ImageManager;
+
+class ImportBrandFromMySQL extends Command
+{
+    protected $signature = 'brand:import-from-mysql {remoteName? : Remote brand name} {localName? : Local brand name (if different)}';
+
+    protected $description = 'Import brand data and images from remote MySQL database';
+
+    public function handle()
+    {
+        $remoteBrandName = $this->argument('remoteName') ?? 'Canna';
+        $localBrandName = $this->argument('localName') ?? $remoteBrandName;
+
+        $this->info('Connecting to remote MySQL database...');
+
+        try {
+            // Connect to remote MySQL with latin1 charset (Windows-1252)
+            $pdo = new \PDO(
+                'mysql:host=sql1.creationshop.net;dbname=hub_cannabrands;charset=latin1',
+                'claude',
+                'claude'
+            );
+            $pdo->setAttribute(\PDO::ATTR_ERRMODE, \PDO::ERRMODE_EXCEPTION);
+
+            $this->info('Connected successfully!');
+
+            // Fetch brand data from MySQL
+            $stmt = $pdo->prepare('
+                SELECT brand_id, name, tagline, short_desc, `desc`, url,
+                       image, banner, address, unit_number, city, state, zip, phone,
+                       public, fb, insta, twitter, youtube
+                FROM brands
+                WHERE name = :name
+            ');
+            $stmt->execute(['name' => $remoteBrandName]);
+            $remoteBrand = $stmt->fetch(\PDO::FETCH_ASSOC);
+
+            if (! $remoteBrand) {
+                $this->error("Brand '{$remoteBrandName}' not found in remote database");
+
+                return 1;
+            }
+
+            $this->info("Found remote brand: {$remoteBrand['name']}");
+
+            // Find local brand by name
+            $localBrand = Brand::where('name', $localBrandName)->first();
+
+            if (! $localBrand) {
+                $this->error("Brand '{$localBrandName}' not found in local database");
+                $this->info('Available brands: '.Brand::pluck('name')->implode(', '));
+
+                return 1;
+            }
+
+            $this->info("Found local brand: {$localBrand->name} (ID: {$localBrand->id})");
+
+            // Create brands directory if it doesn't exist
+            if (! Storage::disk('public')->exists('brands')) {
+                Storage::disk('public')->makeDirectory('brands');
+                $this->info('Created brands directory');
+            }
+
+            // Initialize Intervention Image
+            $manager = new ImageManager(new Driver);
+
+            // Process logo image with thumbnails (save as PNG for transparency support)
+            if ($remoteBrand['image']) {
+                $logoPath = "brands/{$localBrand->slug}-logo.png";
+
+                // Read and process the original image
+                $originalImage = $manager->read($remoteBrand['image']);
+
+                // Try to remove white background by making white pixels transparent
+                // Sample corners to detect if background is white
+                $width = $originalImage->width();
+                $height = $originalImage->height();
+
+                // Use GD to manipulate pixels
+                $gdImage = imagecreatefromstring($remoteBrand['image']);
+                if ($gdImage !== false) {
+                    // Enable alpha blending
+                    imagealphablending($gdImage, false);
+                    imagesavealpha($gdImage, true);
+
+                    // Make white and near-white pixels transparent
+                    for ($x = 0; $x < imagesx($gdImage); $x++) {
+                        for ($y = 0; $y < imagesy($gdImage); $y++) {
+                            $rgb = imagecolorat($gdImage, $x, $y);
+                            $colors = imagecolorsforindex($gdImage, $rgb);
+
+                            // If pixel is white or very close to white (RGB > 245)
+                            if ($colors['red'] > 245 && $colors['green'] > 245 && $colors['blue'] > 245) {
+                                $transparent = imagecolorallocatealpha($gdImage, 255, 255, 255, 127);
+                                imagesetpixel($gdImage, $x, $y, $transparent);
+                            }
+                        }
+                    }
+
+                    // Save as PNG
+                    ob_start();
+                    imagepng($gdImage);
+                    $processedData = ob_get_clean();
+                    imagedestroy($gdImage);
+
+                    Storage::disk('public')->put($logoPath, $processedData);
+                    $originalImage = $manager->read($processedData);
+                } else {
+                    // Fallback: save original as PNG
+                    Storage::disk('public')->put($logoPath, $originalImage->toPng());
+                }
+
+                // Generate thumbnails optimized for retina displays (PNG for transparency)
+                // Thumbnail (160x160) for list views (2x retina at 80px)
+                $thumbRetina = clone $originalImage;
+                $thumbRetina->scale(width: 160);
+                Storage::disk('public')->put("brands/{$localBrand->slug}-logo-thumb.png", $thumbRetina->toPng());
+
+                // Medium (600x600) for product cards (2x retina at 300px)
+                $mediumRetina = clone $originalImage;
+                $mediumRetina->scale(width: 600);
+                Storage::disk('public')->put("brands/{$localBrand->slug}-logo-medium.png", $mediumRetina->toPng());
+
+                // Large (1600x1600) for detail views
+                $largeRetina = clone $originalImage;
+                $largeRetina->scale(width: 1600);
+                Storage::disk('public')->put("brands/{$localBrand->slug}-logo-large.png", $largeRetina->toPng());
+
+                $localBrand->logo_path = $logoPath;
+                $this->info("✓ Saved logo + thumbnails: {$logoPath} (".strlen($remoteBrand['image']).' bytes)');
+            }
+
+            // Process banner image with thumbnails
+            if ($remoteBrand['banner']) {
+                $bannerPath = "brands/{$localBrand->slug}-banner.jpg";
+
+                // Save original
+                Storage::disk('public')->put($bannerPath, $remoteBrand['banner']);
+
+                // Generate banner thumbnails if banner is large enough
+                if (strlen($remoteBrand['banner']) > 1000) {
+                    $image = $manager->read($remoteBrand['banner']);
+
+                    // Medium banner (1344px wide) for retina displays at 672px
+                    $mediumBanner = clone $image;
+                    $mediumBanner->scale(width: 1344);
+                    Storage::disk('public')->put("brands/{$localBrand->slug}-banner-medium.jpg", $mediumBanner->toJpeg(quality: 92));
+
+                    // Large banner (2560px wide) for full-width hero sections
+                    $largeBanner = clone $image;
+                    $largeBanner->scale(width: 2560);
+                    Storage::disk('public')->put("brands/{$localBrand->slug}-banner-large.jpg", $largeBanner->toJpeg(quality: 92));
+                }
+
+                $localBrand->banner_path = $bannerPath;
+                $this->info("✓ Saved banner + thumbnails: {$bannerPath} (".strlen($remoteBrand['banner']).' bytes)');
+            }
+
+            // Helper function to sanitize text (convert Windows-1252 to UTF-8)
+            $sanitize = function ($text) {
+                if (! $text) {
+                    return $text;
+                }
+
+                // First, convert from Windows-1252/ISO-8859-1 to UTF-8
+                $text = mb_convert_encoding($text, 'UTF-8', 'Windows-1252');
+
+                // Replace common Windows-1252 special characters with standard equivalents
+                $replacements = [
+                    "\xE2\x80\x98" => "'",  // Left single quote
+                    "\xE2\x80\x99" => "'",  // Right single quote (apostrophe)
+                    "\xE2\x80\x9C" => '"',  // Left double quote
+                    "\xE2\x80\x9D" => '"',  // Right double quote
+                    "\xE2\x80\x93" => '-',  // En dash
+                    "\xE2\x80\x94" => '-',  // Em dash
+                    "\xE2\x80\x26" => '...', // Ellipsis
+                ];
+
+                $text = str_replace(array_keys($replacements), array_values($replacements), $text);
+
+                return trim($text);
+            };
+
+            // Update other brand fields
+            $updates = [];
+
+            if ($remoteBrand['tagline']) {
+                $localBrand->tagline = $sanitize($remoteBrand['tagline']);
+                $updates[] = 'tagline';
+            }
+
+            if ($remoteBrand['short_desc']) {
+                $localBrand->description = $sanitize($remoteBrand['short_desc']);
+                $updates[] = 'description';
+            }
+
+            if ($remoteBrand['desc']) {
+                $localBrand->long_description = $sanitize($remoteBrand['desc']);
+                $updates[] = 'long_description';
+            }
+
+            if ($remoteBrand['url']) {
+                $localBrand->website_url = $remoteBrand['url'];
+                $updates[] = 'website_url';
+            }
+
+            // Address fields
+            if ($remoteBrand['address']) {
+                $localBrand->address = $remoteBrand['address'];
+                $updates[] = 'address';
+            }
+
+            if ($remoteBrand['unit_number']) {
+                $localBrand->unit_number = $remoteBrand['unit_number'];
+                $updates[] = 'unit_number';
+            }
+
+            if ($remoteBrand['city']) {
+                $localBrand->city = $remoteBrand['city'];
+                $updates[] = 'city';
+            }
+
+            if ($remoteBrand['state']) {
+                $localBrand->state = $remoteBrand['state'];
+                $updates[] = 'state';
+            }
+
+            if ($remoteBrand['zip']) {
+                $localBrand->zip_code = $remoteBrand['zip'];
+                $updates[] = 'zip_code';
+            }
+
+            if ($remoteBrand['phone']) {
+                $localBrand->phone = $remoteBrand['phone'];
+                $updates[] = 'phone';
+            }
+
+            // Social media
+            if ($remoteBrand['fb']) {
+                $localBrand->facebook_url = 'https://facebook.com/'.$remoteBrand['fb'];
+                $updates[] = 'facebook_url';
+            }
+
+            if ($remoteBrand['insta']) {
+                $localBrand->instagram_handle = $remoteBrand['insta'];
+                $updates[] = 'instagram_handle';
+            }
+
+            if ($remoteBrand['twitter']) {
+                $localBrand->twitter_handle = $remoteBrand['twitter'];
+                $updates[] = 'twitter_handle';
+            }
+
+            if ($remoteBrand['youtube']) {
+                $localBrand->youtube_url = $remoteBrand['youtube'];
+                $updates[] = 'youtube_url';
+            }
+
+            // Visibility
+            $localBrand->is_public = (bool) $remoteBrand['public'];
+            $updates[] = 'is_public';
+
+            // Save the brand
+            $localBrand->save();
+
+            $this->info("\n✓ Successfully imported brand data!");
+            $this->info('Updated fields: '.implode(', ', $updates));
+
+            $this->newLine();
+            $this->info('View the brand at:');
+            $this->line("http://localhost/s/cannabrands/brands/{$localBrand->hashid}/edit");
+
+        } catch (\Exception $e) {
+            $this->error('Error: '.$e->getMessage());
+
+            return 1;
+        }
+
+        return 0;
+    }
+}

app/Console/Commands/SeedCoaData.php

@@ -0,0 +1,158 @@
+<?php
+
+declare(strict_types=1);
+
+namespace App\Console\Commands;
+
+use App\Models\Batch;
+use App\Models\BatchCoaFile;
+use App\Models\Product;
+use Illuminate\Console\Command;
+use Illuminate\Support\Facades\Storage;
+
+class SeedCoaData extends Command
+{
+    protected $signature = 'seed:coa-data';
+
+    protected $description = 'Add COA files to existing batches for testing';
+
+    public function handle(): int
+    {
+        $this->info('Seeding COA data for testing...');
+
+        // Get all active products with batches
+        $products = Product::with('batches')
+            ->where('is_active', true)
+            ->whereHas('batches')
+            ->get();
+
+        if ($products->isEmpty()) {
+            $this->warn('No products with batches found. Run the main seeder first.');
+
+            return 1;
+        }
+
+        $this->info("Found {$products->count()} products with batches");
+
+        $coaCount = 0;
+
+        foreach ($products as $product) {
+            foreach ($product->batches as $batch) {
+                // Skip if batch already has COAs
+                if ($batch->coaFiles()->exists()) {
+                    continue;
+                }
+
+                // Create 1-2 COA files per batch
+                $numCoas = rand(1, 2);
+
+                for ($i = 1; $i <= $numCoas; $i++) {
+                    $isPrimary = ($i === 1);
+
+                    // Create a dummy PDF file
+                    $fileName = "COA-{$batch->batch_number}-{$i}.pdf";
+                    $filePath = "businesses/{$product->brand->business->uuid}/batches/{$batch->id}/coas/{$fileName}";
+
+                    // Create dummy PDF content (just for testing)
+                    $pdfContent = $this->generateDummyPdf($batch, $product);
+                    Storage::disk('local')->put($filePath, $pdfContent);
+
+                    // Create COA file record
+                    BatchCoaFile::create([
+                        'batch_id' => $batch->id,
+                        'file_name' => $fileName,
+                        'file_path' => $filePath,
+                        'file_size' => strlen($pdfContent),
+                        'mime_type' => 'application/pdf',
+                        'is_primary' => $isPrimary,
+                        'display_order' => $i,
+                    ]);
+
+                    $coaCount++;
+                }
+
+                $this->line("  Added {$numCoas} COA(s) for batch {$batch->batch_number}");
+            }
+        }
+
+        $this->info("✓ Created {$coaCount} COA files");
+
+        return 0;
+    }
+
+    private function generateDummyPdf(Batch $batch, Product $product): string
+    {
+        // Generate a simple text-based "PDF" for testing
+        // In a real system, you'd use a PDF library
+        return "%PDF-1.4
+1 0 obj
+<<
+/Type /Catalog
+/Pages 2 0 R
+>>
+endobj
+2 0 obj
+<<
+/Type /Pages
+/Kids [3 0 R]
+/Count 1
+>>
+endobj
+3 0 obj
+<<
+/Type /Page
+/Parent 2 0 R
+/Resources <<
+/Font <<
+/F1 <<
+/Type /Font
+/Subtype /Type1
+/BaseFont /Helvetica
+>>
+>>
+>>
+/MediaBox [0 0 612 792]
+/Contents 4 0 R
+>>
+endobj
+4 0 obj
+<<
+/Length 250
+>>
+stream
+BT
+/F1 12 Tf
+50 700 Td
+(CERTIFICATE OF ANALYSIS) Tj
+0 -30 Td
+(Batch Number: {$batch->batch_number}) Tj
+0 -20 Td
+(Product: {$product->name}) Tj
+0 -20 Td
+(Test Date: ".now()->format('Y-m-d').') Tj
+0 -30 Td
+(THC: 25.5%) Tj
+0 -20 Td
+(CBD: 0.8%) Tj
+0 -20 Td
+(Status: PASSED) Tj
+ET
+endstream
+endobj
+xref
+0 5
+0000000000 65535 f
+0000000009 00000 n
+0000000058 00000 n
+0000000115 00000 n
+0000000317 00000 n
+trailer
+<<
+/Size 5
+/Root 1 0 R
+>>
+startxref
+619
+%%EOF';
+    }
+}

app/Console/Commands/SeedTestOrders.php

@@ -0,0 +1,225 @@
+<?php
+
+declare(strict_types=1);
+
+namespace App\Console\Commands;
+
+use App\Models\Batch;
+use App\Models\Business;
+use App\Models\Location;
+use App\Models\Order;
+use App\Models\OrderItem;
+use App\Models\Product;
+use App\Models\User;
+use Illuminate\Console\Command;
+use Illuminate\Support\Facades\DB;
+
+class SeedTestOrders extends Command
+{
+    protected $signature = 'seed:test-orders {--clean : Delete existing test orders first}';
+
+    protected $description = 'Create test orders at various statuses for testing the order flow';
+
+    public function handle(): int
+    {
+        if ($this->option('clean')) {
+            $this->info('Cleaning up existing test orders...');
+            $testOrders = Order::where('order_number', 'like', 'TEST-%')->get();
+            foreach ($testOrders as $order) {
+                // Delete order items first, then the order
+                $order->items()->delete();
+                $order->delete();
+            }
+        }
+
+        $this->info('Creating test orders at various statuses...');
+
+        // Get a buyer business (retailer) and location
+        $buyerBusiness = Business::where('business_type', 'retailer')->first();
+        if (! $buyerBusiness) {
+            $this->error('No buyer business found. Run the main seeder first.');
+
+            return 1;
+        }
+
+        $buyerLocation = Location::where('business_id', $buyerBusiness->id)->first();
+        if (! $buyerLocation) {
+            $this->error('No buyer location found. Run the main seeder first.');
+
+            return 1;
+        }
+
+        // Get a buyer user
+        $buyerUser = User::where('user_type', 'buyer')->first();
+        if (! $buyerUser) {
+            $this->error('No buyer user found. Run the main seeder first.');
+
+            return 1;
+        }
+
+        // Get products with batches and COAs
+        $products = Product::with(['brand.business', 'batches.coaFiles'])
+            ->where('is_active', true)
+            ->whereHas('batches.coaFiles')
+            ->limit(10)
+            ->get();
+
+        if ($products->isEmpty()) {
+            $this->error('No products with COAs found. Run seed:coa-data first.');
+
+            return 1;
+        }
+
+        $orders = [];
+
+        // 1. Order ready for pre-delivery review (after picking, before delivery)
+        $orders[] = $this->createTestOrder(
+            $buyerBusiness,
+            $buyerLocation,
+            $products->random(3),
+            'ready_for_delivery',
+            'TEST-PREDELIVERY-001',
+            'Order ready for pre-delivery review (Review #1)'
+        );
+
+        // 2. Order delivered and ready for post-delivery acceptance (Review #2)
+        $orders[] = $this->createTestOrder(
+            $buyerBusiness,
+            $buyerLocation,
+            $products->random(3),
+            'delivered',
+            'TEST-DELIVERED-001',
+            'Order delivered and ready for acceptance (Review #2)'
+        );
+
+        // 3. Order in progress (picking)
+        $orders[] = $this->createTestOrder(
+            $buyerBusiness,
+            $buyerLocation,
+            $products->random(2),
+            'in_progress',
+            'TEST-PICKING-001',
+            'Order currently being picked'
+        );
+
+        // 4. Order accepted and approved for delivery
+        $orders[] = $this->createTestOrder(
+            $buyerBusiness,
+            $buyerLocation,
+            $products->random(2),
+            'approved_for_delivery',
+            'TEST-APPROVED-001',
+            'Order approved for delivery (passed Review #1)'
+        );
+
+        // 5. Order out for delivery
+        $orders[] = $this->createTestOrder(
+            $buyerBusiness,
+            $buyerLocation,
+            $products->random(2),
+            'out_for_delivery',
+            'TEST-OUTDELIVERY-001',
+            'Order out for delivery'
+        );
+
+        $this->newLine();
+        $this->info('✓ Created '.count($orders).' test orders');
+        $this->newLine();
+
+        $this->table(
+            ['Order Number', 'Status', 'Items', 'Description'],
+            collect($orders)->map(fn ($order) => [
+                $order->order_number,
+                $order->status,
+                $order->items->count(),
+                $this->getOrderDescription($order->order_number),
+            ])
+        );
+
+        $this->newLine();
+        $this->info('You can now test the order flow in the UI:');
+        $this->line('  • Pre-delivery review: /b/'.$buyerBusiness->slug.'/orders/TEST-PREDELIVERY-001/pre-delivery-review');
+        $this->line('  • Post-delivery acceptance: /b/'.$buyerBusiness->slug.'/orders/TEST-DELIVERED-001/acceptance');
+
+        return 0;
+    }
+
+    private function createTestOrder(
+        Business $buyerBusiness,
+        Location $buyerLocation,
+        $products,
+        string $status,
+        string $orderNumber,
+        string $description
+    ): Order {
+        return DB::transaction(function () use ($buyerBusiness, $buyerLocation, $products, $status, $orderNumber) {
+            // Get first product's seller business
+            $sellerBusiness = $products->first()->brand->business;
+
+            // Calculate totals
+            $subtotal = $products->sum(function ($product) {
+                return $product->wholesale_price * 5; // 5 units each
+            });
+
+            $surchargePercent = Order::getSurchargePercentage('net_30');
+            $surcharge = $subtotal * ($surchargePercent / 100);
+            $taxRate = $buyerBusiness->getTaxRate();
+            $tax = ($subtotal + $surcharge) * $taxRate;
+            $total = $subtotal + $surcharge + $tax;
+
+            // Create order
+            $order = Order::create([
+                'order_number' => $orderNumber,
+                'business_id' => $buyerBusiness->id,
+                'seller_business_id' => $sellerBusiness->id,
+                'location_id' => $buyerLocation->id,
+                'status' => $status,
+                'fulfillment_method' => 'delivery',
+                'payment_terms' => 'net_30',
+                'subtotal' => $subtotal,
+                'tax' => $tax,
+                'surcharge' => $surcharge,
+                'total' => $total,
+                'notes' => 'Test order for flow testing',
+            ]);
+
+            // Create order items with batch allocation
+            foreach ($products as $product) {
+                $batch = $product->batches->first();
+                $quantity = 5;
+
+                // Allocate inventory
+                if ($batch) {
+                    $batch->allocate($quantity);
+                }
+
+                OrderItem::create([
+                    'order_id' => $order->id,
+                    'product_id' => $product->id,
+                    'batch_id' => $batch?->id,
+                    'product_name' => $product->name,
+                    'product_sku' => $product->sku,
+                    'brand_name' => $product->brand->name,
+                    'batch_number' => $batch?->batch_number,
+                    'quantity' => $quantity,
+                    'unit_price' => $product->wholesale_price,
+                    'line_total' => $product->wholesale_price * $quantity,
+                ]);
+            }
+
+            return $order->fresh(['items']);
+        });
+    }
+
+    private function getOrderDescription(string $orderNumber): string
+    {
+        return match (true) {
+            str_contains($orderNumber, 'PREDELIVERY') => 'Order ready for pre-delivery review (Review #1)',
+            str_contains($orderNumber, 'DELIVERED') => 'Order delivered and ready for acceptance (Review #2)',
+            str_contains($orderNumber, 'PICKING') => 'Order currently being picked',
+            str_contains($orderNumber, 'APPROVED') => 'Order approved for delivery (passed Review #1)',
+            str_contains($orderNumber, 'OUTDELIVERY') => 'Order out for delivery',
+            default => 'Test order',
+        };
+    }
+}

app/Console/Kernel.php

@@ -26,7 +26,10 @@ class Kernel extends ConsoleKernel
      */
     protected function schedule(Schedule $schedule)
     {
-        // $schedule->command('inspire')->hourly();
+        // Check for scheduled broadcasts every minute
+        $schedule->job(new \App\Jobs\Marketing\ProcessScheduledBroadcastsJob)
+            ->everyMinute()
+            ->withoutOverlapping();
     }
 
     /**

app/Events/HighIntentBuyerDetected.php

@@ -0,0 +1,56 @@
+<?php
+
+namespace App\Events;
+
+use App\Models\Analytics\BuyerEngagementScore;
+use App\Models\Analytics\IntentSignal;
+use Illuminate\Broadcasting\Channel;
+use Illuminate\Broadcasting\InteractsWithSockets;
+use Illuminate\Contracts\Broadcasting\ShouldBroadcast;
+use Illuminate\Foundation\Events\Dispatchable;
+use Illuminate\Queue\SerializesModels;
+
+class HighIntentBuyerDetected implements ShouldBroadcast
+{
+    use Dispatchable, InteractsWithSockets, SerializesModels;
+
+    public function __construct(
+        public int $sellerBusinessId,
+        public int $buyerBusinessId,
+        public IntentSignal $signal,
+        public ?BuyerEngagementScore $engagementScore = null
+    ) {}
+
+    /**
+     * Get the channels the event should broadcast on.
+     */
+    public function broadcastOn(): Channel
+    {
+        return new Channel("business.{$this->sellerBusinessId}.analytics");
+    }
+
+    /**
+     * Get the data to broadcast.
+     */
+    public function broadcastWith(): array
+    {
+        return [
+            'buyer_business_id' => $this->buyerBusinessId,
+            'buyer_business_name' => $this->signal->buyerBusiness?->name,
+            'signal_type' => $this->signal->signal_type,
+            'signal_strength' => $this->signal->signal_strength,
+            'product_id' => $this->signal->subject_type === 'App\Models\Product' ? $this->signal->subject_id : null,
+            'total_engagement_score' => $this->engagementScore?->total_score,
+            'detected_at' => $this->signal->detected_at->toIso8601String(),
+            'context' => $this->signal->context,
+        ];
+    }
+
+    /**
+     * The event's broadcast name.
+     */
+    public function broadcastAs(): string
+    {
+        return 'high-intent-buyer-detected';
+    }
+}

app/Filament/Pages/NotificationSettings.php

@@ -0,0 +1,192 @@
+<?php
+
+namespace App\Filament\Pages;
+
+use Filament\Forms;
+use Filament\Forms\Form;
+use Filament\Notifications\Notification;
+use Filament\Pages\Page;
+
+class NotificationSettings extends Page
+{
+    protected static \BackedEnum|string|null $navigationIcon = 'heroicon-o-envelope';
+
+    protected string $view = 'filament.pages.notification-settings';
+
+    protected static \UnitEnum|string|null $navigationGroup = 'System';
+
+    protected static ?string $navigationLabel = 'Notification Settings';
+
+    protected static ?int $navigationSort = 98;
+
+    public ?array $data = [];
+
+    public function mount(): void
+    {
+        $this->form->fill([
+            // Mail settings
+            'mail_driver' => config('mail.default'),
+            'mail_host' => config('mail.mailers.smtp.host'),
+            'mail_port' => config('mail.mailers.smtp.port'),
+            'mail_username' => config('mail.mailers.smtp.username'),
+            'mail_password' => config('mail.mailers.smtp.password'),
+            'mail_encryption' => config('mail.mailers.smtp.encryption'),
+            'mail_from_address' => config('mail.from.address'),
+            'mail_from_name' => config('mail.from.name'),
+
+            // SMS settings (Twilio example)
+            'sms_enabled' => env('SMS_ENABLED', false),
+            'sms_provider' => env('SMS_PROVIDER', 'twilio'),
+            'twilio_sid' => env('TWILIO_SID'),
+            'twilio_auth_token' => env('TWILIO_AUTH_TOKEN'),
+            'twilio_phone_number' => env('TWILIO_PHONE_NUMBER'),
+
+            // WhatsApp settings
+            'whatsapp_enabled' => env('WHATSAPP_ENABLED', false),
+            'whatsapp_provider' => env('WHATSAPP_PROVIDER', 'twilio'),
+            'whatsapp_business_number' => env('WHATSAPP_BUSINESS_NUMBER'),
+        ]);
+    }
+
+    public function form(Form $form): Form
+    {
+        return $form
+            ->schema([
+                Forms\Components\Tabs::make('Notification Providers')
+                    ->tabs([
+                        Forms\Components\Tabs\Tab::make('Email')
+                            ->icon('heroicon-o-envelope')
+                            ->schema([
+                                Forms\Components\Section::make('Email Provider Configuration')
+                                    ->description('Configure your email provider for sending transactional emails')
+                                    ->schema([
+                                        Forms\Components\Select::make('mail_driver')
+                                            ->label('Mail Driver')
+                                            ->options([
+                                                'smtp' => 'SMTP',
+                                                'sendmail' => 'Sendmail',
+                                                'mailgun' => 'Mailgun',
+                                                'ses' => 'Amazon SES',
+                                                'postmark' => 'Postmark',
+                                            ])
+                                            ->required()
+                                            ->reactive(),
+                                        Forms\Components\Grid::make(2)
+                                            ->schema([
+                                                Forms\Components\TextInput::make('mail_host')
+                                                    ->label('SMTP Host')
+                                                    ->required()
+                                                    ->visible(fn ($get) => $get('mail_driver') === 'smtp'),
+                                                Forms\Components\TextInput::make('mail_port')
+                                                    ->label('SMTP Port')
+                                                    ->required()
+                                                    ->numeric()
+                                                    ->visible(fn ($get) => $get('mail_driver') === 'smtp'),
+                                                Forms\Components\TextInput::make('mail_username')
+                                                    ->label('Username')
+                                                    ->visible(fn ($get) => $get('mail_driver') === 'smtp'),
+                                                Forms\Components\TextInput::make('mail_password')
+                                                    ->label('Password')
+                                                    ->password()
+                                                    ->revealable()
+                                                    ->visible(fn ($get) => $get('mail_driver') === 'smtp'),
+                                                Forms\Components\Select::make('mail_encryption')
+                                                    ->label('Encryption')
+                                                    ->options([
+                                                        'tls' => 'TLS',
+                                                        'ssl' => 'SSL',
+                                                        '' => 'None',
+                                                    ])
+                                                    ->visible(fn ($get) => $get('mail_driver') === 'smtp'),
+                                                Forms\Components\TextInput::make('mail_from_address')
+                                                    ->label('From Address')
+                                                    ->email()
+                                                    ->required(),
+                                                Forms\Components\TextInput::make('mail_from_name')
+                                                    ->label('From Name')
+                                                    ->required(),
+                                            ]),
+                                    ]),
+                            ]),
+                        Forms\Components\Tabs\Tab::make('SMS')
+                            ->icon('heroicon-o-device-phone-mobile')
+                            ->schema([
+                                Forms\Components\Section::make('SMS Provider Configuration')
+                                    ->description('Configure your SMS provider for sending text messages')
+                                    ->schema([
+                                        Forms\Components\Toggle::make('sms_enabled')
+                                            ->label('Enable SMS Notifications')
+                                            ->reactive(),
+                                        Forms\Components\Select::make('sms_provider')
+                                            ->label('SMS Provider')
+                                            ->options([
+                                                'twilio' => 'Twilio',
+                                                'nexmo' => 'Vonage (Nexmo)',
+                                                'aws_sns' => 'AWS SNS',
+                                            ])
+                                            ->required()
+                                            ->reactive()
+                                            ->visible(fn ($get) => $get('sms_enabled')),
+                                        Forms\Components\Grid::make(2)
+                                            ->schema([
+                                                Forms\Components\TextInput::make('twilio_sid')
+                                                    ->label('Twilio Account SID')
+                                                    ->required()
+                                                    ->visible(fn ($get) => $get('sms_enabled') && $get('sms_provider') === 'twilio'),
+                                                Forms\Components\TextInput::make('twilio_auth_token')
+                                                    ->label('Twilio Auth Token')
+                                                    ->password()
+                                                    ->revealable()
+                                                    ->required()
+                                                    ->visible(fn ($get) => $get('sms_enabled') && $get('sms_provider') === 'twilio'),
+                                                Forms\Components\TextInput::make('twilio_phone_number')
+                                                    ->label('Twilio Phone Number')
+                                                    ->tel()
+                                                    ->required()
+                                                    ->visible(fn ($get) => $get('sms_enabled') && $get('sms_provider') === 'twilio'),
+                                            ]),
+                                    ]),
+                            ]),
+                        Forms\Components\Tabs\Tab::make('WhatsApp')
+                            ->icon('heroicon-o-chat-bubble-left-right')
+                            ->schema([
+                                Forms\Components\Section::make('WhatsApp Configuration')
+                                    ->description('Configure WhatsApp Business API for sending messages')
+                                    ->schema([
+                                        Forms\Components\Toggle::make('whatsapp_enabled')
+                                            ->label('Enable WhatsApp Notifications')
+                                            ->reactive(),
+                                        Forms\Components\Select::make('whatsapp_provider')
+                                            ->label('WhatsApp Provider')
+                                            ->options([
+                                                'twilio' => 'Twilio WhatsApp',
+                                                'whatsapp_cloud' => 'WhatsApp Cloud API',
+                                            ])
+                                            ->required()
+                                            ->reactive()
+                                            ->visible(fn ($get) => $get('whatsapp_enabled')),
+                                        Forms\Components\TextInput::make('whatsapp_business_number')
+                                            ->label('WhatsApp Business Number')
+                                            ->tel()
+                                            ->required()
+                                            ->visible(fn ($get) => $get('whatsapp_enabled')),
+                                    ]),
+                            ]),
+                    ])
+                    ->columnSpanFull(),
+            ])
+            ->statePath('data');
+    }
+
+    public function save(): void
+    {
+        // TODO: Save settings to environment file or database
+        // For now, this would require implementing a settings storage system
+
+        Notification::make()
+            ->title('Settings saved')
+            ->success()
+            ->body('Note: These settings are read from .env file. To persist changes, update your .env file.')
+            ->send();
+    }
+}

app/Filament/Resources/BatchResource.php

@@ -0,0 +1,160 @@
+<?php
+
+namespace App\Filament\Resources;
+
+use App\Filament\Resources\Batches\Schemas\BatchForm;
+use App\Filament\Resources\Batches\Tables\BatchesTable;
+use App\Filament\Resources\BatchResource\Pages;
+use App\Models\Batch;
+use App\Services\QrCodeService;
+use BackedEnum;
+use Filament\Notifications\Notification;
+use Filament\Resources\Resource;
+use Filament\Schemas\Schema;
+use Filament\Tables\Actions\Action;
+use Filament\Tables\Actions\BulkAction;
+use Filament\Tables\Table;
+use Illuminate\Database\Eloquent\Builder;
+use Illuminate\Database\Eloquent\Collection;
+use UnitEnum;
+
+class BatchResource extends Resource
+{
+    protected static ?string $model = Batch::class;
+
+    protected static string|BackedEnum|null $navigationIcon = 'heroicon-o-archive-box';
+
+    protected static ?string $navigationLabel = 'Batches';
+
+    protected static UnitEnum|string|null $navigationGroup = 'Inventory';
+
+    protected static ?int $navigationSort = 2;
+
+    public static function form(Schema $schema): Schema
+    {
+        return BatchForm::configure($schema);
+    }
+
+    public static function table(Table $table): Table
+    {
+        $table = BatchesTable::configure($table);
+
+        // Add custom QR and COA actions
+        return $table
+            ->recordActions(array_merge(
+                $table->getRecordActions(),
+                [
+                    Action::make('generate_qr')
+                        ->label('Generate QR')
+                        ->icon('heroicon-o-qr-code')
+                        ->action(function (Batch $record) {
+                            $qrService = app(QrCodeService::class);
+                            $result = $qrService->generateForBatch($record);
+
+                            if ($result['success']) {
+                                Notification::make()
+                                    ->title('QR Code Generated')
+                                    ->body($result['message'])
+                                    ->success()
+                                    ->send();
+                            } else {
+                                Notification::make()
+                                    ->title('Failed to generate QR code')
+                                    ->body($result['message'])
+                                    ->danger()
+                                    ->send();
+                            }
+                        })
+                        ->visible(fn (Batch $record) => ! $record->qr_code_path),
+
+                    Action::make('download_qr')
+                        ->label('Download QR')
+                        ->icon('heroicon-o-arrow-down-tray')
+                        ->url(fn (Batch $record) => route('seller.business.manufacturing.batches.qr-code.download', [
+                            'business' => $record->business->slug,
+                            'batch' => $record->id,
+                        ]))
+                        ->openUrlInNewTab()
+                        ->visible(fn (Batch $record) => $record->qr_code_path),
+
+                    Action::make('regenerate_qr')
+                        ->label('Regenerate QR')
+                        ->icon('heroicon-o-arrow-path')
+                        ->action(function (Batch $record) {
+                            $qrService = app(QrCodeService::class);
+                            $result = $qrService->regenerate($record);
+
+                            if ($result['success']) {
+                                Notification::make()
+                                    ->title('QR Code Regenerated')
+                                    ->success()
+                                    ->send();
+                            } else {
+                                Notification::make()
+                                    ->title('Failed to regenerate QR code')
+                                    ->body($result['message'])
+                                    ->danger()
+                                    ->send();
+                            }
+                        })
+                        ->requiresConfirmation()
+                        ->visible(fn (Batch $record) => $record->qr_code_path),
+
+                    Action::make('view_coa')
+                        ->label('View COA')
+                        ->icon('heroicon-o-document-text')
+                        ->url(fn (Batch $record) => route('public.coa.show', ['batchNumber' => $record->batch_number]))
+                        ->openUrlInNewTab()
+                        ->visible(fn (Batch $record) => $record->lab !== null),
+                ]
+            ))
+            ->bulkActions(array_merge(
+                $table->getBulkActions(),
+                [
+                    BulkAction::make('generate_qr_codes')
+                        ->label('Generate QR Codes')
+                        ->icon('heroicon-o-qr-code')
+                        ->action(function (Collection $records) {
+                            $qrService = app(QrCodeService::class);
+                            $batchIds = $records->pluck('id')->toArray();
+                            $result = $qrService->bulkGenerate($batchIds);
+
+                            Notification::make()
+                                ->title("Generated {$result['successful']} QR codes")
+                                ->body("Failed: {$result['failed']}")
+                                ->success()
+                                ->send();
+                        }),
+                ]
+            ));
+    }
+
+    public static function getRelations(): array
+    {
+        return [
+            //
+        ];
+    }
+
+    public static function getEloquentQuery(): Builder
+    {
+        $query = parent::getEloquentQuery();
+
+        // Scope to user's business unless they're a super admin
+        if (! auth()->user()->hasRole('super_admin')) {
+            $query->where('business_id', auth()->user()->business_id);
+        }
+
+        return $query;
+    }
+
+    public static function getPages(): array
+    {
+        return [
+            'index' => Pages\ListBatches::route('/'),
+            'create' => Pages\CreateBatch::route('/create'),
+            'view' => Pages\ViewBatch::route('/{record}'),
+            'edit' => Pages\EditBatch::route('/{record}/edit'),
+        ];
+    }
+}

app/Filament/Resources/BatchResource/Pages/CreateBatch.php

@@ -0,0 +1,18 @@
+<?php
+
+namespace App\Filament\Resources\BatchResource\Pages;
+
+use App\Filament\Resources\BatchResource;
+use Filament\Resources\Pages\CreateRecord;
+
+class CreateBatch extends CreateRecord
+{
+    protected static string $resource = BatchResource::class;
+
+    protected function mutateFormDataBeforeCreate(array $data): array
+    {
+        $data['business_id'] = auth()->user()->business_id;
+
+        return $data;
+    }
+}

app/Filament/Resources/BatchResource/Pages/EditBatch.php

@@ -0,0 +1,20 @@
+<?php
+
+namespace App\Filament\Resources\BatchResource\Pages;
+
+use App\Filament\Resources\BatchResource;
+use Filament\Actions;
+use Filament\Resources\Pages\EditRecord;
+
+class EditBatch extends EditRecord
+{
+    protected static string $resource = BatchResource::class;
+
+    protected function getHeaderActions(): array
+    {
+        return [
+            Actions\ViewAction::make(),
+            Actions\DeleteAction::make(),
+        ];
+    }
+}

app/Filament/Resources/BatchResource/Pages/ListBatches.php

@@ -0,0 +1,19 @@
+<?php
+
+namespace App\Filament\Resources\BatchResource\Pages;
+
+use App\Filament\Resources\BatchResource;
+use Filament\Actions;
+use Filament\Resources\Pages\ListRecords;
+
+class ListBatches extends ListRecords
+{
+    protected static string $resource = BatchResource::class;
+
+    protected function getHeaderActions(): array
+    {
+        return [
+            Actions\CreateAction::make(),
+        ];
+    }
+}

app/Filament/Resources/BatchResource/Pages/ViewBatch.php

@@ -0,0 +1,19 @@
+<?php
+
+namespace App\Filament\Resources\BatchResource\Pages;
+
+use App\Filament\Resources\BatchResource;
+use Filament\Actions;
+use Filament\Resources\Pages\ViewRecord;
+
+class ViewBatch extends ViewRecord
+{
+    protected static string $resource = BatchResource::class;
+
+    protected function getHeaderActions(): array
+    {
+        return [
+            Actions\EditAction::make(),
+        ];
+    }
+}

app/Filament/Resources/Batches/Schemas/BatchForm.php

@@ -2,6 +2,7 @@
 
 namespace App\Filament\Resources\Batches\Schemas;
 
+use Filament\Forms;
 use Filament\Forms\Components\DatePicker;
 use Filament\Forms\Components\Section;
 use Filament\Forms\Components\Select;
@@ -18,84 +19,144 @@ class BatchForm
             ->components([
                 Section::make('Batch Information')
                     ->schema([
+                        TextInput::make('batch_number')
+                            ->label('Batch Number')
+                            ->placeholder('Auto-generated if left blank')
+                            ->maxLength(255)
+                            ->helperText('Unique identifier for this batch'),
+
                         Select::make('product_id')
+                            ->label('Product')
                             ->relationship('product', 'name')
                             ->searchable()
                             ->preload()
-                            ->required()
-                            ->columnSpan(2),
-                        TextInput::make('batch_number')
-                            ->required()
-                            ->unique(ignoreRecord: true)
-                            ->helperText('Unique identifier for this batch (e.g., TB-AM-240315)'),
-                        TextInput::make('internal_code')
-                            ->helperText('Internal production/tracking code (optional)'),
-                    ])
-                    ->columns(2),
+                            ->required(),
 
-                Section::make('Production Dates')
-                    ->schema([
-                        DatePicker::make('production_date')
-                            ->helperText('Date the batch was produced/manufactured'),
-                        DatePicker::make('harvest_date')
-                            ->helperText('Harvest date (for flower products)'),
-                        DatePicker::make('package_date')
-                            ->helperText('Date the batch was packaged'),
-                        DatePicker::make('expiration_date')
-                            ->helperText('Expiration/best-by date'),
+                        Select::make('batch_type')
+                            ->label('Batch Type')
+                            ->options([
+                                'intake' => 'Intake',
+                                'production' => 'Production',
+                                'finished' => 'Finished',
+                            ])
+                            ->default('finished')
+                            ->required()
+                            ->helperText('Type of batch in the production process'),
+
+                        Select::make('lab_id')
+                            ->label('Lab Test')
+                            ->relationship('lab', 'lab_name')
+                            ->searchable()
+                            ->preload()
+                            ->helperText('Associated lab test results'),
+
+                        Select::make('parent_batch_id')
+                            ->label('Parent Batch')
+                            ->relationship('parentBatch', 'batch_number')
+                            ->searchable()
+                            ->preload()
+                            ->helperText('Parent batch if this was produced from another batch'),
                     ])
                     ->columns(2),
 
                 Section::make('Inventory Management')
                     ->schema([
                         TextInput::make('quantity_produced')
+                            ->label('Quantity Produced')
                             ->required()
                             ->numeric()
                             ->default(0)
                             ->helperText('Total units produced in this batch'),
+
                         TextInput::make('quantity_available')
+                            ->label('Quantity Available')
                             ->required()
                             ->numeric()
                             ->default(0)
                             ->helperText('Units currently available for sale'),
+
                         TextInput::make('quantity_allocated')
+                            ->label('Quantity Allocated')
                             ->numeric()
                             ->default(0)
                             ->disabled()
                             ->dehydrated(false)
                             ->helperText('Units reserved in pending orders (auto-calculated)'),
+
                         TextInput::make('quantity_sold')
+                            ->label('Quantity Sold')
                             ->numeric()
                             ->default(0)
                             ->disabled()
                             ->dehydrated(false)
                             ->helperText('Units already sold (auto-calculated)'),
                     ])
-                    ->columns(2)
+                    ->columns(4)
                     ->description('Allocated and sold quantities are automatically managed by the system.'),
 
-                Section::make('Status & Compliance')
+                Section::make('Dates')
                     ->schema([
-                        Toggle::make('is_active')
-                            ->default(true)
-                            ->helperText('Is this batch available for sale?'),
-                        Toggle::make('is_tested')
-                            ->default(false)
-                            ->helperText('Has this batch passed lab testing?'),
-                        Toggle::make('is_quarantined')
-                            ->default(false)
-                            ->helperText('Is this batch quarantined pending results?'),
-                    ])
-                    ->columns(3),
+                        DatePicker::make('production_date')
+                            ->label('Production Date')
+                            ->helperText('Date the batch was produced/manufactured'),
 
-                Section::make('Additional Information')
+                        DatePicker::make('intake_date')
+                            ->label('Intake Date')
+                            ->helperText('Date the batch was received/intake'),
+
+                        DatePicker::make('expiration_date')
+                            ->label('Expiration Date')
+                            ->helperText('Expiration/best-by date'),
+
+                        DatePicker::make('test_date')
+                            ->label('Test Date')
+                            ->helperText('Date of lab testing'),
+                    ])
+                    ->columns(2),
+
+                Section::make('Warehouse & Location')
                     ->schema([
+                        TextInput::make('warehouse_location')
+                            ->label('Warehouse Location')
+                            ->placeholder('e.g., Shelf A-15')
+                            ->maxLength(255)
+                            ->helperText('Physical location in warehouse'),
+
+                        TextInput::make('container_type')
+                            ->label('Container Type')
+                            ->placeholder('e.g., Turkey Bag, Box')
+                            ->maxLength(255)
+                            ->helperText('Type of container batch is stored in'),
+                    ])
+                    ->columns(2),
+
+                Section::make('Quality & Compliance')
+                    ->schema([
+                        Toggle::make('is_quarantined')
+                            ->label('Quarantined')
+                            ->default(false)
+                            ->helperText('Is this batch quarantined?')
+                            ->reactive(),
+
+                        Textarea::make('quarantine_reason')
+                            ->label('Quarantine Reason')
+                            ->rows(2)
+                            ->helperText('Reason for quarantine')
+                            ->visible(fn (Forms\Get $get) => $get('is_quarantined'))
+                            ->columnSpanFull(),
+
+                        Toggle::make('is_released_for_sale')
+                            ->label('Released for Sale')
+                            ->default(false)
+                            ->helperText('Has this batch been released for sale?'),
+
                         Textarea::make('notes')
+                            ->label('Notes')
                             ->rows(3)
                             ->helperText('Production notes, special handling instructions, etc.')
                             ->columnSpanFull(),
                     ])
-                    ->collapsible(),
+                    ->columns(2),
             ]);
     }
 }

app/Filament/Resources/Batches/Tables/BatchesTable.php

@@ -23,18 +23,35 @@ class BatchesTable
         return $table
             ->columns([
                 TextColumn::make('batch_number')
+                    ->label('Batch #')
                     ->searchable()
                     ->sortable()
                     ->copyable()
                     ->weight('bold'),
                 TextColumn::make('product.name')
+                    ->label('Product')
                     ->searchable()
                     ->sortable()
-                    ->description(fn ($record) => $record->product->sku ?? null),
+                    ->description(fn ($record) => $record->product->sku ?? null)
+                    ->limit(30),
+                TextColumn::make('batch_type')
+                    ->label('Type')
+                    ->badge()
+                    ->color(fn (string $state): string => match ($state) {
+                        'intake' => 'info',
+                        'production' => 'warning',
+                        'finished' => 'success',
+                        default => 'gray',
+                    }),
+                TextColumn::make('warehouse_location')
+                    ->label('Location')
+                    ->searchable()
+                    ->toggleable(),
                 TextColumn::make('production_date')
+                    ->label('Produced')
                     ->date()
                     ->sortable()
-                    ->toggleable(),
+                    ->toggleable(isToggledHiddenByDefault: true),
                 TextColumn::make('expiration_date')
                     ->date()
                     ->sortable()
@@ -60,14 +77,13 @@ class BatchesTable
                     ->label('Status')
                     ->badge()
                     ->getStateUsing(fn ($record) => $record->is_quarantined ? 'Quarantined' :
-                        (! $record->is_active ? 'Inactive' :
-                        (! $record->is_tested ? 'Pending Test' : 'Active'))
+                        (! $record->is_released_for_sale ? 'Not Released' : 'Released')
                     )
                     ->color(fn (string $state): string => match ($state) {
-                        'Active' => Color::Green,
-                        'Pending Test' => Color::Yellow,
+                        'Released' => Color::Green,
+                        'Not Released' => Color::Yellow,
                         'Quarantined' => Color::Red,
-                        'Inactive' => Color::Gray,
+                        default => Color::Gray,
                     }),
                 TextColumn::make('created_at')
                     ->dateTime()
@@ -80,19 +96,23 @@ class BatchesTable
             ])
             ->defaultSort('created_at', 'desc')
             ->filters([
+                SelectFilter::make('batch_type')
+                    ->options([
+                        'intake' => 'Intake',
+                        'production' => 'Production',
+                        'finished' => 'Finished',
+                    ]),
                 SelectFilter::make('product')
                     ->relationship('product', 'name')
                     ->searchable()
                     ->preload(),
-                Filter::make('active')
-                    ->query(fn (Builder $query): Builder => $query->where('is_active', true))
+                Filter::make('released')
+                    ->label('Released for Sale')
+                    ->query(fn (Builder $query): Builder => $query->where('is_released_for_sale', true))
                     ->toggle(),
                 Filter::make('available')
                     ->query(fn (Builder $query): Builder => $query->where('quantity_available', '>', 0))
                     ->toggle(),
-                Filter::make('tested')
-                    ->query(fn (Builder $query): Builder => $query->where('is_tested', true))
-                    ->toggle(),
                 Filter::make('quarantined')
                     ->query(fn (Builder $query): Builder => $query->where('is_quarantined', true))
                     ->toggle(),

app/Filament/Resources/BrandResource.php

@@ -57,7 +57,7 @@ class BrandResource extends Resource
     public static function getRelations(): array
     {
         return [
-            //
+            \Tapp\FilamentAuditing\RelationManagers\AuditsRelationManager::class,
         ];
     }
 

app/Filament/Resources/BusinessModuleResource/Schemas/BusinessModuleForm.php

@@ -97,10 +97,11 @@ class BusinessModuleForm
                             ->helperText('Usage limits for this business (overrides defaults)')
                             ->default(function (Get $get) {
                                 $moduleKey = $get('module_key');
-                                if (!$moduleKey) {
+                                if (! $moduleKey) {
                                     return [];
                                 }
                                 $module = Module::where('key', $moduleKey)->first();
+
                                 return $module?->default_limits ?? [];
                             })
                             ->reorderable(),

app/Filament/Resources/BusinessModuleResource/Schemas/BusinessModuleInfolist.php

@@ -26,8 +26,7 @@ class BusinessModuleInfolist
                                     ->label('Module')
                                     ->badge()
                                     ->color('info')
-                                    ->formatStateUsing(fn (string $state): string =>
-                                        \App\Models\Module::where('key', $state)->value('name') ?? $state
+                                    ->formatStateUsing(fn (string $state): string => \App\Models\Module::where('key', $state)->value('name') ?? $state
                                     ),
                             ]),
 

app/Filament/Resources/BusinessModuleResource/Tables/BusinessModulesTable.php

@@ -30,8 +30,7 @@ class BusinessModulesTable
                     ->sortable()
                     ->badge()
                     ->color('info')
-                    ->formatStateUsing(fn (string $state): string =>
-                        \App\Models\Module::where('key', $state)->value('name') ?? $state
+                    ->formatStateUsing(fn (string $state): string => \App\Models\Module::where('key', $state)->value('name') ?? $state
                     ),
 
                 IconColumn::make('enabled')

app/Filament/Resources/BusinessResource.php

@@ -454,6 +454,58 @@ class BusinessResource extends Resource
                                     ->columns(2),
                             ]),
 
+                        Tab::make('Modules')
+                            ->schema([
+                                Section::make('Premium Feature Modules')
+                                    ->description('Enable optional premium features for this business. Modules are activated on a per-business basis.')
+                                    ->schema([
+                                        Grid::make(1)
+                                            ->schema([
+                                                Toggle::make('has_analytics')
+                                                    ->label('Buyer Intelligence Module')
+                                                    ->helperText('Premium analytics: Buyer engagement tracking, intent signals, RFDI scoring, email campaign analytics')
+                                                    ->default(false)
+                                                    ->inline(false),
+
+                                                Toggle::make('has_marketing')
+                                                    ->label('Marketing Module')
+                                                    ->helperText('Email campaigns, marketing automation, broadcast messages')
+                                                    ->default(false)
+                                                    ->inline(false),
+
+                                                Toggle::make('has_manufacturing')
+                                                    ->label('Manufacturing Module')
+                                                    ->helperText('Production tracking, batch management, quality control')
+                                                    ->default(false)
+                                                    ->inline(false),
+                                            ]),
+                                    ]),
+
+                                Section::make('Module Information')
+                                    ->description('Module activation status and billing information')
+                                    ->schema([
+                                        Forms\Components\Placeholder::make('active_modules_count')
+                                            ->label('Active Modules')
+                                            ->content(function ($record) {
+                                                if (! $record) {
+                                                    return '0';
+                                                }
+                                                $count = 0;
+                                                if ($record->has_analytics) {
+                                                    $count++;
+                                                }
+                                                if ($record->has_marketing) {
+                                                    $count++;
+                                                }
+                                                if ($record->has_manufacturing) {
+                                                    $count++;
+                                                }
+
+                                                return $count.' module'.($count !== 1 ? 's' : '').' enabled';
+                                            }),
+                                    ])
+                                    ->columns(1),
+                            ]),
                         Tab::make('Status & Settings')
                             ->schema([
                                 Grid::make(2)
@@ -547,6 +599,24 @@ class BusinessResource extends Resource
                     })
                     ->searchable()
                     ->sortable(),
+                TextColumn::make('modules')
+                    ->label('Active Modules')
+                    ->formatStateUsing(function ($record) {
+                        $modules = [];
+                        if ($record->has_analytics) {
+                            $modules[] = 'Analytics';
+                        }
+                        if ($record->has_marketing) {
+                            $modules[] = 'Marketing';
+                        }
+                        if ($record->has_manufacturing) {
+                            $modules[] = 'Manufacturing';
+                        }
+
+                        return empty($modules) ? 'None' : implode(', ', $modules);
+                    })
+                    ->badge()
+                    ->color(fn ($record) => ($record->has_analytics || $record->has_marketing || $record->has_manufacturing) ? 'success' : 'gray'),
                 BadgeColumn::make('status')
                     ->label('Status')
                     ->formatStateUsing(fn (string $state): string => ucfirst(str_replace('_', ' ', $state)))

app/Filament/Resources/ComponentResource.php

@@ -52,7 +52,7 @@ class ComponentResource extends Resource
     public static function getRelations(): array
     {
         return [
-            //
+            \Tapp\FilamentAuditing\RelationManagers\AuditsRelationManager::class,
         ];
     }
 

app/Filament/Resources/EmailTemplateResource.php

@@ -0,0 +1,63 @@
+<?php
+
+namespace App\Filament\Resources;
+
+use App\Filament\Resources\EmailTemplateResource\Pages\CreateEmailTemplate;
+use App\Filament\Resources\EmailTemplateResource\Pages\EditEmailTemplate;
+use App\Filament\Resources\EmailTemplateResource\Pages\ListEmailTemplates;
+use App\Filament\Resources\EmailTemplateResource\Pages\ViewEmailTemplate;
+use App\Filament\Resources\EmailTemplateResource\Schemas\EmailTemplateForm;
+use App\Filament\Resources\EmailTemplateResource\Schemas\EmailTemplateInfolist;
+use App\Filament\Resources\EmailTemplateResource\Tables\EmailTemplatesTable;
+use App\Models\EmailTemplate;
+use Filament\Resources\Resource;
+use Filament\Schemas\Schema;
+use Filament\Tables\Table;
+
+class EmailTemplateResource extends Resource
+{
+    protected static ?string $model = EmailTemplate::class;
+
+    protected static string|\BackedEnum|null $navigationIcon = 'heroicon-o-envelope';
+
+    protected static \UnitEnum|string|null $navigationGroup = 'System';
+
+    protected static ?int $navigationSort = 10;
+
+    protected static ?string $navigationLabel = 'Email Templates';
+
+    protected static ?string $modelLabel = 'Email Template';
+
+    protected static ?string $pluralModelLabel = 'Email Templates';
+
+    public static function getNavigationBadge(): ?string
+    {
+        // Count inactive templates
+        return static::getModel()::where('is_active', false)->count() ?: null;
+    }
+
+    public static function form(Schema $schema): Schema
+    {
+        return EmailTemplateForm::configure($schema);
+    }
+
+    public static function infolist(Schema $schema): Schema
+    {
+        return EmailTemplateInfolist::configure($schema);
+    }
+
+    public static function table(Table $table): Table
+    {
+        return EmailTemplatesTable::configure($table);
+    }
+
+    public static function getPages(): array
+    {
+        return [
+            'index' => ListEmailTemplates::route('/'),
+            'create' => CreateEmailTemplate::route('/create'),
+            'view' => ViewEmailTemplate::route('/{record}'),
+            'edit' => EditEmailTemplate::route('/{record}/edit'),
+        ];
+    }
+}

app/Filament/Resources/EmailTemplateResource/Pages/CreateEmailTemplate.php

@@ -0,0 +1,16 @@
+<?php
+
+namespace App\Filament\Resources\EmailTemplateResource\Pages;
+
+use App\Filament\Resources\EmailTemplateResource;
+use Filament\Resources\Pages\CreateRecord;
+
+class CreateEmailTemplate extends CreateRecord
+{
+    protected static string $resource = EmailTemplateResource::class;
+
+    protected function getRedirectUrl(): string
+    {
+        return $this->getResource()::getUrl('index');
+    }
+}

app/Filament/Resources/EmailTemplateResource/Pages/EditEmailTemplate.php

@@ -0,0 +1,26 @@
+<?php
+
+namespace App\Filament\Resources\EmailTemplateResource\Pages;
+
+use App\Filament\Resources\EmailTemplateResource;
+use Filament\Actions\DeleteAction;
+use Filament\Actions\ViewAction;
+use Filament\Resources\Pages\EditRecord;
+
+class EditEmailTemplate extends EditRecord
+{
+    protected static string $resource = EmailTemplateResource::class;
+
+    protected function getHeaderActions(): array
+    {
+        return [
+            ViewAction::make(),
+            DeleteAction::make(),
+        ];
+    }
+
+    protected function getRedirectUrl(): string
+    {
+        return $this->getResource()::getUrl('index');
+    }
+}

app/Filament/Resources/EmailTemplateResource/Pages/ListEmailTemplates.php

@@ -0,0 +1,19 @@
+<?php
+
+namespace App\Filament\Resources\EmailTemplateResource\Pages;
+
+use App\Filament\Resources\EmailTemplateResource;
+use Filament\Actions\CreateAction;
+use Filament\Resources\Pages\ListRecords;
+
+class ListEmailTemplates extends ListRecords
+{
+    protected static string $resource = EmailTemplateResource::class;
+
+    protected function getHeaderActions(): array
+    {
+        return [
+            CreateAction::make(),
+        ];
+    }
+}

app/Filament/Resources/EmailTemplateResource/Pages/ViewEmailTemplate.php

@@ -0,0 +1,19 @@
+<?php
+
+namespace App\Filament\Resources\EmailTemplateResource\Pages;
+
+use App\Filament\Resources\EmailTemplateResource;
+use Filament\Actions\EditAction;
+use Filament\Resources\Pages\ViewRecord;
+
+class ViewEmailTemplate extends ViewRecord
+{
+    protected static string $resource = EmailTemplateResource::class;
+
+    protected function getHeaderActions(): array
+    {
+        return [
+            EditAction::make(),
+        ];
+    }
+}

app/Filament/Resources/EmailTemplateResource/Schemas/EmailTemplateForm.php

@@ -0,0 +1,106 @@
+<?php
+
+namespace App\Filament\Resources\EmailTemplateResource\Schemas;
+
+use App\Models\EmailTemplate;
+use Filament\Forms\Components\Checkbox;
+use Filament\Forms\Components\Placeholder;
+use Filament\Forms\Components\Textarea;
+use Filament\Forms\Components\TextInput;
+use Filament\Schemas\Components\Section;
+use Filament\Schemas\Schema;
+
+class EmailTemplateForm
+{
+    public static function configure(Schema $schema): Schema
+    {
+        return $schema
+            ->columns(1)
+            ->components([
+                Section::make('Template Details')
+                    ->schema([
+                        TextInput::make('key')
+                            ->label('Template Key')
+                            ->required()
+                            ->unique(ignoreRecord: true)
+                            ->regex('/^[a-z0-9_-]+$/')
+                            ->helperText('Lowercase alphanumeric characters, hyphens and underscores only')
+                            ->disabled(fn ($context) => $context === 'edit')
+                            ->dehydrated(fn ($context) => $context === 'create')
+                            ->columnSpanFull(),
+
+                        TextInput::make('name')
+                            ->label('Template Name')
+                            ->required()
+                            ->maxLength(255)
+                            ->columnSpanFull(),
+
+                        TextInput::make('subject')
+                            ->label('Email Subject')
+                            ->required()
+                            ->maxLength(255)
+                            ->columnSpanFull(),
+
+                        Textarea::make('description')
+                            ->label('Description')
+                            ->helperText('Describe when this template is used')
+                            ->rows(3)
+                            ->columnSpanFull(),
+
+                        TextInput::make('available_variables')
+                            ->label('Available Variables')
+                            ->helperText('Comma-separated list (e.g., verification_url, email, logo_url)')
+                            ->afterStateHydrated(function (TextInput $component, $state) {
+                                if (is_array($state)) {
+                                    $component->state(implode(', ', $state));
+                                }
+                            })
+                            ->dehydrateStateUsing(function ($state) {
+                                if (empty($state)) {
+                                    return [];
+                                }
+
+                                return array_map('trim', explode(',', $state));
+                            })
+                            ->columnSpanFull(),
+
+                        Checkbox::make('is_active')
+                            ->label('Template is Active')
+                            ->default(true)
+                            ->inline(false),
+                    ])
+                    ->columns(2),
+
+                Section::make('Email Content')
+                    ->schema([
+                        Textarea::make('body_html')
+                            ->label('HTML Body')
+                            ->required()
+                            ->rows(25)
+                            ->helperText('Use {{ $variable }} syntax for dynamic content')
+                            ->columnSpanFull()
+                            ->extraAttributes(['style' => 'font-family: monospace; font-size: 13px;']),
+
+                        Textarea::make('body_text')
+                            ->label('Plain Text Body (Optional)')
+                            ->rows(15)
+                            ->helperText('Plain text fallback for email clients that don\'t support HTML')
+                            ->columnSpanFull()
+                            ->extraAttributes(['style' => 'font-family: monospace; font-size: 13px;']),
+                    ]),
+
+                Section::make('Metadata')
+                    ->schema([
+                        Placeholder::make('created_at')
+                            ->label('Created At')
+                            ->content(fn (?EmailTemplate $record): string => $record?->created_at?->diffForHumans() ?? '-'),
+
+                        Placeholder::make('updated_at')
+                            ->label('Last Updated')
+                            ->content(fn (?EmailTemplate $record): string => $record?->updated_at?->diffForHumans() ?? '-'),
+                    ])
+                    ->columns(2)
+                    ->hidden(fn ($context) => $context === 'create'),
+            ]);
+    }
+}

app/Filament/Resources/EmailTemplateResource/Schemas/EmailTemplateInfolist.php

@@ -0,0 +1,87 @@
+<?php
+
+namespace App\Filament\Resources\EmailTemplateResource\Schemas;
+
+use Filament\Infolists\Components\IconEntry;
+use Filament\Infolists\Components\TextEntry;
+use Filament\Infolists\Components\ViewEntry;
+use Filament\Schemas\Schema;
+use Illuminate\Support\HtmlString;
+
+class EmailTemplateInfolist
+{
+    public static function configure(Schema $schema): Schema
+    {
+        return $schema
+            ->components([
+                TextEntry::make('name')
+                    ->label('Template Name')
+                    ->columnSpan(1),
+
+                TextEntry::make('key')
+                    ->label('Template Key')
+                    ->badge()
+                    ->copyable()
+                    ->copyMessage('Key copied!')
+                    ->copyMessageDuration(1500)
+                    ->columnSpan(1),
+
+                TextEntry::make('subject')
+                    ->label('Email Subject')
+                    ->columnSpan(2),
+
+                TextEntry::make('description')
+                    ->label('Description')
+                    ->columnSpan(2)
+                    ->placeholder('No description provided'),
+
+                TextEntry::make('available_variables')
+                    ->label('Available Variables')
+                    ->badge()
+                    ->separator(',')
+                    ->columnSpan(2)
+                    ->placeholder('No variables defined'),
+
+                IconEntry::make('is_active')
+                    ->label('Status')
+                    ->boolean()
+                    ->trueIcon('heroicon-o-check-circle')
+                    ->falseIcon('heroicon-o-x-circle')
+                    ->trueColor('success')
+                    ->falseColor('danger')
+                    ->columnSpan(1),
+
+                TextEntry::make('created_at')
+                    ->label('Created')
+                    ->dateTime()
+                    ->since()
+                    ->columnSpan(1),
+
+                TextEntry::make('updated_at')
+                    ->label('Last Updated')
+                    ->dateTime()
+                    ->since()
+                    ->columnSpan(1),
+
+                ViewEntry::make('preview')
+                    ->label('HTML Preview')
+                    ->viewData(fn ($record) => [
+                        'html' => $record->body_html,
+                    ])
+                    ->view('filament.email-template-preview')
+                    ->columnSpan(2),
+
+                TextEntry::make('body_html')
+                    ->label('HTML Source')
+                    ->formatStateUsing(fn ($state) => new HtmlString('<pre class="text-xs font-mono bg-gray-100 dark:bg-gray-900 p-4 rounded overflow-x-auto whitespace-pre-wrap">'.htmlspecialchars($state).'</pre>'))
+                    ->columnSpan(2),
+
+                TextEntry::make('body_text')
+                    ->label('Plain Text Version')
+                    ->formatStateUsing(fn ($state) => new HtmlString('<pre class="text-xs font-mono bg-gray-100 dark:bg-gray-900 p-4 rounded overflow-x-auto whitespace-pre-wrap">'.htmlspecialchars($state ?: 'No plain text version').'</pre>'))
+                    ->columnSpan(2)
+                    ->hidden(fn ($record) => empty($record->body_text)),
+            ])
+            ->columns(2);
+    }
+}

app/Filament/Resources/EmailTemplateResource/Tables/EmailTemplatesTable.php

@@ -0,0 +1,77 @@
+<?php
+
+namespace App\Filament\Resources\EmailTemplateResource\Tables;
+
+use Filament\Actions\BulkActionGroup;
+use Filament\Actions\DeleteBulkAction;
+use Filament\Actions\EditAction;
+use Filament\Actions\ViewAction;
+use Filament\Tables\Columns\IconColumn;
+use Filament\Tables\Columns\TextColumn;
+use Filament\Tables\Filters\SelectFilter;
+use Filament\Tables\Table;
+
+class EmailTemplatesTable
+{
+    public static function configure(Table $table): Table
+    {
+        return $table
+            ->columns([
+                TextColumn::make('name')
+                    ->label('Template Name')
+                    ->searchable()
+                    ->sortable()
+                    ->weight('bold'),
+
+                TextColumn::make('key')
+                    ->label('Key')
+                    ->searchable()
+                    ->sortable()
+                    ->fontFamily('mono')
+                    ->size('sm')
+                    ->copyable()
+                    ->copyMessage('Key copied!')
+                    ->copyMessageDuration(1500),
+
+                TextColumn::make('subject')
+                    ->label('Subject')
+                    ->searchable()
+                    ->limit(50)
+                    ->wrap(),
+
+                IconColumn::make('is_active')
+                    ->label('Status')
+                    ->boolean()
+                    ->trueIcon('heroicon-o-check-circle')
+                    ->falseIcon('heroicon-o-x-circle')
+                    ->trueColor('success')
+                    ->falseColor('danger')
+                    ->sortable(),
+
+                TextColumn::make('updated_at')
+                    ->label('Last Updated')
+                    ->dateTime()
+                    ->sortable()
+                    ->since()
+                    ->size('sm'),
+            ])
+            ->defaultSort('name')
+            ->filters([
+                SelectFilter::make('is_active')
+                    ->label('Status')
+                    ->options([
+                        true => 'Active',
+                        false => 'Inactive',
+                    ]),
+            ])
+            ->recordActions([
+                ViewAction::make(),
+                EditAction::make(),
+            ])
+            ->toolbarActions([
+                BulkActionGroup::make([
+                    DeleteBulkAction::make(),
+                ]),
+            ]);
+    }
+}

app/Filament/Resources/FailedJobResource.php

@@ -0,0 +1,168 @@
+<?php
+
+namespace App\Filament\Resources;
+
+use App\Filament\Resources\FailedJobResource\Pages;
+use Filament\Resources\Resource;
+use Filament\Tables;
+use Filament\Tables\Table;
+use Illuminate\Database\Eloquent\Builder;
+use Illuminate\Database\Eloquent\Model;
+use Illuminate\Support\Facades\Artisan;
+use Illuminate\Support\Facades\DB;
+
+class FailedJobResource extends Resource
+{
+    protected static ?string $model = null;
+
+    protected static \BackedEnum|string|null $navigationIcon = 'heroicon-o-exclamation-triangle';
+
+    protected static ?string $navigationLabel = 'Failed Jobs';
+
+    protected static \UnitEnum|string|null $navigationGroup = 'System';
+
+    protected static ?int $navigationSort = 99;
+
+    public static function getModel(): string
+    {
+        return config('queue.failed.database') ?? 'failed_jobs';
+    }
+
+    public static function getEloquentQuery(): Builder
+    {
+        return DB::table('failed_jobs')->orderBy('failed_at', 'desc');
+    }
+
+    public static function table(Table $table): Table
+    {
+        return $table
+            ->query(fn () => DB::table('failed_jobs')->orderBy('failed_at', 'desc'))
+            ->columns([
+                Tables\Columns\TextColumn::make('id')
+                    ->label('ID')
+                    ->sortable()
+                    ->searchable(),
+                Tables\Columns\TextColumn::make('queue')
+                    ->badge()
+                    ->color('info')
+                    ->sortable()
+                    ->searchable(),
+                Tables\Columns\TextColumn::make('connection')
+                    ->badge()
+                    ->color('gray')
+                    ->sortable(),
+                Tables\Columns\TextColumn::make('payload')
+                    ->label('Job Type')
+                    ->getStateUsing(function ($record) {
+                        $payload = json_decode($record->payload, true);
+                        $displayName = $payload['displayName'] ?? 'Unknown';
+                        // Extract just the class name
+                        if (str_contains($displayName, '\\')) {
+                            return class_basename($displayName);
+                        }
+
+                        return $displayName;
+                    })
+                    ->badge()
+                    ->color('warning')
+                    ->searchable(),
+                Tables\Columns\TextColumn::make('exception')
+                    ->label('Error')
+                    ->limit(100)
+                    ->tooltip(fn ($record) => $record->exception)
+                    ->wrap()
+                    ->searchable(),
+                Tables\Columns\TextColumn::make('failed_at')
+                    ->label('Failed At')
+                    ->dateTime()
+                    ->sortable()
+                    ->since()
+                    ->description(fn ($record) => $record->failed_at),
+            ])
+            ->filters([
+                Tables\Filters\SelectFilter::make('queue')
+                    ->options(function () {
+                        return DB::table('failed_jobs')
+                            ->distinct()
+                            ->pluck('queue', 'queue')
+                            ->toArray();
+                    }),
+            ])
+            ->actions([
+                Tables\Actions\Action::make('retry')
+                    ->label('Retry')
+                    ->icon('heroicon-o-arrow-path')
+                    ->color('success')
+                    ->requiresConfirmation()
+                    ->action(function ($record) {
+                        Artisan::call('queue:retry', ['id' => [$record->id]]);
+                    })
+                    ->successNotificationTitle('Job queued for retry'),
+                Tables\Actions\Action::make('view_details')
+                    ->label('View Details')
+                    ->icon('heroicon-o-eye')
+                    ->modalHeading('Failed Job Details')
+                    ->modalContent(function ($record) {
+                        $payload = json_decode($record->payload, true);
+
+                        return view('filament.resources.failed-job.view-details', [
+                            'record' => $record,
+                            'payload' => $payload,
+                        ]);
+                    })
+                    ->modalSubmitAction(false)
+                    ->modalCancelActionLabel('Close'),
+                Tables\Actions\DeleteAction::make()
+                    ->label('Delete')
+                    ->action(fn ($record) => DB::table('failed_jobs')->where('id', $record->id)->delete())
+                    ->successNotificationTitle('Failed job deleted'),
+            ])
+            ->bulkActions([
+                Tables\Actions\BulkAction::make('retry_selected')
+                    ->label('Retry Selected')
+                    ->icon('heroicon-o-arrow-path')
+                    ->color('success')
+                    ->requiresConfirmation()
+                    ->action(function ($records) {
+                        foreach ($records as $record) {
+                            Artisan::call('queue:retry', ['id' => [$record->id]]);
+                        }
+                    })
+                    ->deselectRecordsAfterCompletion()
+                    ->successNotificationTitle('Selected jobs queued for retry'),
+                Tables\Actions\BulkAction::make('delete_selected')
+                    ->label('Delete Selected')
+                    ->icon('heroicon-o-trash')
+                    ->color('danger')
+                    ->requiresConfirmation()
+                    ->action(function ($records) {
+                        $ids = collect($records)->pluck('id')->toArray();
+                        DB::table('failed_jobs')->whereIn('id', $ids)->delete();
+                    })
+                    ->deselectRecordsAfterCompletion()
+                    ->successNotificationTitle('Selected jobs deleted'),
+            ])
+            ->defaultSort('failed_at', 'desc')
+            ->poll('30s')
+            ->emptyStateHeading('No Failed Jobs')
+            ->emptyStateDescription('All jobs are processing successfully!')
+            ->emptyStateIcon('heroicon-o-check-circle');
+    }
+
+    public static function getPages(): array
+    {
+        return [
+            'index' => Pages\ListFailedJobs::route('/'),
+        ];
+    }
+
+    public static function canCreate(): bool
+    {
+        return false;
+    }
+
+    public static function canEdit(Model $record): bool
+    {
+        return false;
+    }
+}

app/Filament/Resources/FailedJobResource/Pages/ListFailedJobs.php

@@ -0,0 +1,51 @@
+<?php
+
+namespace App\Filament\Resources\FailedJobResource\Pages;
+
+use App\Filament\Resources\FailedJobResource;
+use Filament\Actions;
+use Filament\Resources\Pages\ListRecords;
+use Illuminate\Support\Facades\Artisan;
+use Illuminate\Support\Facades\DB;
+
+class ListFailedJobs extends ListRecords
+{
+    protected static string $resource = FailedJobResource::class;
+
+    protected function getHeaderActions(): array
+    {
+        return [
+            Actions\Action::make('retry_all')
+                ->label('Retry All Failed Jobs')
+                ->icon('heroicon-o-arrow-path')
+                ->color('success')
+                ->requiresConfirmation()
+                ->modalHeading('Retry All Failed Jobs?')
+                ->modalDescription('This will attempt to retry all failed jobs in the queue.')
+                ->action(function () {
+                    Artisan::call('queue:retry', ['id' => ['all']]);
+                })
+                ->successNotificationTitle('All failed jobs queued for retry')
+                ->visible(fn () => DB::table('failed_jobs')->count() > 0),
+            Actions\Action::make('flush_all')
+                ->label('Delete All Failed Jobs')
+                ->icon('heroicon-o-trash')
+                ->color('danger')
+                ->requiresConfirmation()
+                ->modalHeading('Delete All Failed Jobs?')
+                ->modalDescription('This will permanently delete all failed job records. This action cannot be undone.')
+                ->action(function () {
+                    Artisan::call('queue:flush');
+                })
+                ->successNotificationTitle('All failed jobs deleted')
+                ->visible(fn () => DB::table('failed_jobs')->count() > 0),
+        ];
+    }
+
+    protected function getHeaderWidgets(): array
+    {
+        return [
+            FailedJobResource\Widgets\FailedJobsStatsWidget::class,
+        ];
+    }
+}

app/Filament/Resources/FailedJobResource/Widgets/FailedJobsStatsWidget.php

@@ -0,0 +1,54 @@
+<?php
+
+namespace App\Filament\Resources\FailedJobResource\Widgets;
+
+use Filament\Widgets\StatsOverviewWidget as BaseWidget;
+use Filament\Widgets\StatsOverviewWidget\Stat;
+use Illuminate\Support\Facades\DB;
+
+class FailedJobsStatsWidget extends BaseWidget
+{
+    protected function getStats(): array
+    {
+        $totalFailed = DB::table('failed_jobs')->count();
+        $failedToday = DB::table('failed_jobs')
+            ->whereDate('failed_at', today())
+            ->count();
+        $failedThisWeek = DB::table('failed_jobs')
+            ->where('failed_at', '>=', now()->startOfWeek())
+            ->count();
+
+        // Get most common failed job type
+        $commonFailure = DB::table('failed_jobs')
+            ->select('payload')
+            ->get()
+            ->map(function ($job) {
+                $payload = json_decode($job->payload, true);
+
+                return $payload['displayName'] ?? 'Unknown';
+            })
+            ->countBy()
+            ->sortDesc()
+            ->first();
+
+        return [
+            Stat::make('Total Failed Jobs', $totalFailed)
+                ->description('All time')
+                ->descriptionIcon('heroicon-m-exclamation-triangle')
+                ->color($totalFailed > 0 ? 'danger' : 'success'),
+            Stat::make('Failed Today', $failedToday)
+                ->description(now()->format('M d, Y'))
+                ->descriptionIcon('heroicon-m-calendar')
+                ->color($failedToday > 0 ? 'warning' : 'success'),
+            Stat::make('Failed This Week', $failedThisWeek)
+                ->description('Since '.now()->startOfWeek()->format('M d'))
+                ->descriptionIcon('heroicon-m-chart-bar')
+                ->color($failedThisWeek > 0 ? 'warning' : 'success'),
+        ];
+    }
+
+    protected function getPollingInterval(): ?string
+    {
+        return '30s';
+    }
+}

app/Filament/Resources/LabResource.php

@@ -0,0 +1,90 @@
+<?php
+
+namespace App\Filament\Resources;
+
+use App\Filament\Resources\LabResource\Pages;
+use App\Filament\Resources\LabResource\Schemas\LabForm;
+use App\Filament\Resources\LabResource\Tables\LabsTable;
+use App\Models\Lab;
+use BackedEnum;
+use Filament\Resources\Resource;
+use Filament\Schemas\Schema;
+use Filament\Tables\Table;
+use Illuminate\Database\Eloquent\Builder;
+use UnitEnum;
+
+class LabResource extends Resource
+{
+    protected static ?string $model = Lab::class;
+
+    protected static string|BackedEnum|null $navigationIcon = 'heroicon-o-beaker';
+
+    protected static ?string $navigationLabel = 'Lab Tests';
+
+    protected static UnitEnum|string|null $navigationGroup = 'Inventory';
+
+    protected static ?int $navigationSort = 3;
+
+    public static function form(Schema $schema): Schema
+    {
+        return LabForm::configure($schema);
+    }
+
+    public static function table(Table $table): Table
+    {
+        return LabsTable::configure($table);
+    }
+
+    public static function getEloquentQuery(): Builder
+    {
+        $query = parent::getEloquentQuery();
+
+        // Scope to user's business products and batches unless they're a super admin
+        if (auth()->check() && ! auth()->user()->hasRole('super_admin')) {
+            $businessId = auth()->user()->business_id;
+
+            $query->where(function ($q) use ($businessId) {
+                // Include labs for products owned by this business
+                $q->whereHas('product', function ($productQuery) use ($businessId) {
+                    $productQuery->whereHas('brand', function ($brandQuery) use ($businessId) {
+                        $brandQuery->where('business_id', $businessId);
+                    });
+                })
+                // OR labs for batches owned by this business
+                    ->orWhereHas('batch', function ($batchQuery) use ($businessId) {
+                        $batchQuery->where('business_id', $businessId);
+                    });
+            });
+        }
+
+        return $query;
+    }
+
+    public static function getRelations(): array
+    {
+        return [
+            //
+        ];
+    }
+
+    public static function getPages(): array
+    {
+        return [
+            'index' => Pages\ListLabs::route('/'),
+            'create' => Pages\CreateLab::route('/create'),
+            'view' => Pages\ViewLab::route('/{record}'),
+            'edit' => Pages\EditLab::route('/{record}/edit'),
+        ];
+    }
+
+    public static function getNavigationBadge(): ?string
+    {
+        // Show count of recent lab tests (last 30 days)
+        return cache()->remember('recent_lab_tests_count', 300, function () {
+            $query = static::getEloquentQuery();
+
+            return $query->where('test_date', '>=', now()->subDays(30))
+                ->count() ?: null;
+        });
+    }
+}

app/Filament/Resources/LabResource/Pages/CreateLab.php

@@ -0,0 +1,11 @@
+<?php
+
+namespace App\Filament\Resources\LabResource\Pages;
+
+use App\Filament\Resources\LabResource;
+use Filament\Resources\Pages\CreateRecord;
+
+class CreateLab extends CreateRecord
+{
+    protected static string $resource = LabResource::class;
+}

app/Filament/Resources/LabResource/Pages/EditLab.php

@@ -0,0 +1,20 @@
+<?php
+
+namespace App\Filament\Resources\LabResource\Pages;
+
+use App\Filament\Resources\LabResource;
+use Filament\Actions;
+use Filament\Resources\Pages\EditRecord;
+
+class EditLab extends EditRecord
+{
+    protected static string $resource = LabResource::class;
+
+    protected function getHeaderActions(): array
+    {
+        return [
+            Actions\ViewAction::make(),
+            Actions\DeleteAction::make(),
+        ];
+    }
+}

app/Filament/Resources/LabResource/Pages/ListLabs.php

@@ -0,0 +1,19 @@
+<?php
+
+namespace App\Filament\Resources\LabResource\Pages;
+
+use App\Filament\Resources\LabResource;
+use Filament\Actions;
+use Filament\Resources\Pages\ListRecords;
+
+class ListLabs extends ListRecords
+{
+    protected static string $resource = LabResource::class;
+
+    protected function getHeaderActions(): array
+    {
+        return [
+            Actions\CreateAction::make(),
+        ];
+    }
+}

app/Filament/Resources/LabResource/Pages/ViewLab.php

@@ -0,0 +1,19 @@
+<?php
+
+namespace App\Filament\Resources\LabResource\Pages;
+
+use App\Filament\Resources\LabResource;
+use Filament\Actions;
+use Filament\Resources\Pages\ViewRecord;
+
+class ViewLab extends ViewRecord
+{
+    protected static string $resource = LabResource::class;
+
+    protected function getHeaderActions(): array
+    {
+        return [
+            Actions\EditAction::make(),
+        ];
+    }
+}

app/Filament/Resources/LabResource/Schemas/LabForm.php

@@ -0,0 +1,298 @@
+<?php
+
+namespace App\Filament\Resources\LabResource\Schemas;
+
+use Filament\Forms\Components\DatePicker;
+use Filament\Forms\Components\FileUpload;
+use Filament\Forms\Components\Repeater;
+use Filament\Forms\Components\Section;
+use Filament\Forms\Components\Select;
+use Filament\Forms\Components\Textarea;
+use Filament\Forms\Components\TextInput;
+use Filament\Forms\Components\Toggle;
+use Filament\Schemas\Components\Tabs;
+use Filament\Schemas\Components\Tabs\Tab;
+use Filament\Schemas\Schema;
+
+class LabForm
+{
+    public static function configure(Schema $schema): Schema
+    {
+        return $schema
+            ->components([
+                Tabs::make('Lab Test Information')
+                    ->tabs([
+                        Tab::make('Basic Information')
+                            ->schema([
+                                Section::make('Test Details')
+                                    ->schema([
+                                        Select::make('product_id')
+                                            ->label('Product')
+                                            ->relationship('product', 'name')
+                                            ->searchable()
+                                            ->preload()
+                                            ->helperText('Product this test is for'),
+
+                                        Select::make('batch_id')
+                                            ->label('Batch')
+                                            ->relationship('batch', 'batch_number')
+                                            ->searchable()
+                                            ->preload()
+                                            ->helperText('Specific batch tested'),
+
+                                        TextInput::make('lab_name')
+                                            ->required()
+                                            ->maxLength(255)
+                                            ->helperText('Testing laboratory name'),
+
+                                        TextInput::make('lab_license_number')
+                                            ->label('Lab License #')
+                                            ->maxLength(255)
+                                            ->helperText('State license number'),
+
+                                        DatePicker::make('test_date')
+                                            ->required()
+                                            ->default(now())
+                                            ->helperText('Date test was performed'),
+
+                                        TextInput::make('batch_number')
+                                            ->label('Lab Batch Number')
+                                            ->maxLength(255)
+                                            ->helperText('Internal lab tracking number'),
+
+                                        TextInput::make('sample_id')
+                                            ->label('Sample ID')
+                                            ->maxLength(255)
+                                            ->helperText('Sample identification'),
+                                    ])
+                                    ->columns(2),
+                            ]),
+
+                        Tab::make('Cannabinoids')
+                            ->schema([
+                                Section::make('Primary Cannabinoids')
+                                    ->schema([
+                                        TextInput::make('thc_percentage')
+                                            ->label('THC %')
+                                            ->numeric()
+                                            ->minValue(0)
+                                            ->maxValue(100)
+                                            ->step(0.01)
+                                            ->suffix('%'),
+
+                                        TextInput::make('thca_percentage')
+                                            ->label('THCA %')
+                                            ->numeric()
+                                            ->minValue(0)
+                                            ->maxValue(100)
+                                            ->step(0.01)
+                                            ->suffix('%'),
+
+                                        TextInput::make('cbd_percentage')
+                                            ->label('CBD %')
+                                            ->numeric()
+                                            ->minValue(0)
+                                            ->maxValue(100)
+                                            ->step(0.01)
+                                            ->suffix('%'),
+
+                                        TextInput::make('cbda_percentage')
+                                            ->label('CBDA %')
+                                            ->numeric()
+                                            ->minValue(0)
+                                            ->maxValue(100)
+                                            ->step(0.01)
+                                            ->suffix('%'),
+                                    ])
+                                    ->columns(4),
+
+                                Section::make('Minor Cannabinoids')
+                                    ->schema([
+                                        TextInput::make('cbg_percentage')
+                                            ->label('CBG %')
+                                            ->numeric()
+                                            ->minValue(0)
+                                            ->maxValue(100)
+                                            ->step(0.01)
+                                            ->suffix('%'),
+
+                                        TextInput::make('cbn_percentage')
+                                            ->label('CBN %')
+                                            ->numeric()
+                                            ->minValue(0)
+                                            ->maxValue(100)
+                                            ->step(0.01)
+                                            ->suffix('%'),
+
+                                        TextInput::make('thcv_percentage')
+                                            ->label('THCV %')
+                                            ->numeric()
+                                            ->minValue(0)
+                                            ->maxValue(100)
+                                            ->step(0.01)
+                                            ->suffix('%'),
+
+                                        TextInput::make('cbdv_percentage')
+                                            ->label('CBDV %')
+                                            ->numeric()
+                                            ->minValue(0)
+                                            ->maxValue(100)
+                                            ->step(0.01)
+                                            ->suffix('%'),
+                                    ])
+                                    ->columns(4),
+
+                                Section::make('Calculated Totals')
+                                    ->schema([
+                                        TextInput::make('total_thc')
+                                            ->label('Total THC')
+                                            ->numeric()
+                                            ->disabled()
+                                            ->dehydrated(false)
+                                            ->suffix('%')
+                                            ->helperText('Auto-calculated from THC + (THCA × 0.877)'),
+
+                                        TextInput::make('total_cbd')
+                                            ->label('Total CBD')
+                                            ->numeric()
+                                            ->disabled()
+                                            ->dehydrated(false)
+                                            ->suffix('%')
+                                            ->helperText('Auto-calculated from CBD + (CBDA × 0.877)'),
+
+                                        TextInput::make('total_cannabinoids')
+                                            ->label('Total Cannabinoids')
+                                            ->numeric()
+                                            ->disabled()
+                                            ->dehydrated(false)
+                                            ->suffix('%')
+                                            ->helperText('Sum of all cannabinoids'),
+                                    ])
+                                    ->columns(3)
+                                    ->description('These values are automatically calculated on save'),
+                            ]),
+
+                        Tab::make('Terpenes')
+                            ->schema([
+                                Repeater::make('terpenes')
+                                    ->schema([
+                                        TextInput::make('name')
+                                            ->required()
+                                            ->helperText('Terpene name (e.g., Myrcene)'),
+
+                                        TextInput::make('percentage')
+                                            ->required()
+                                            ->numeric()
+                                            ->minValue(0)
+                                            ->step(0.001)
+                                            ->suffix('%')
+                                            ->helperText('Percentage'),
+                                    ])
+                                    ->columns(2)
+                                    ->collapsible()
+                                    ->helperText('Add terpene profile data'),
+                            ]),
+
+                        Tab::make('Compliance Tests')
+                            ->schema([
+                                Section::make('Safety Tests')
+                                    ->schema([
+                                        Toggle::make('pesticides_pass')
+                                            ->label('Pesticides Pass')
+                                            ->default(true)
+                                            ->inline(false),
+
+                                        Toggle::make('heavy_metals_pass')
+                                            ->label('Heavy Metals Pass')
+                                            ->default(true)
+                                            ->inline(false),
+
+                                        Toggle::make('microbials_pass')
+                                            ->label('Microbials Pass')
+                                            ->default(true)
+                                            ->inline(false),
+
+                                        Toggle::make('mycotoxins_pass')
+                                            ->label('Mycotoxins Pass')
+                                            ->default(true)
+                                            ->inline(false),
+
+                                        Toggle::make('residual_solvents_pass')
+                                            ->label('Residual Solvents Pass')
+                                            ->default(true)
+                                            ->inline(false),
+
+                                        Toggle::make('foreign_material_pass')
+                                            ->label('Foreign Material Pass')
+                                            ->default(true)
+                                            ->inline(false),
+                                    ])
+                                    ->columns(3)
+                                    ->description('All tests must pass for overall compliance'),
+
+                                Section::make('Additional Tests')
+                                    ->schema([
+                                        TextInput::make('moisture_content')
+                                            ->label('Moisture Content %')
+                                            ->numeric()
+                                            ->minValue(0)
+                                            ->maxValue(100)
+                                            ->step(0.01)
+                                            ->suffix('%'),
+
+                                        Toggle::make('compliance_pass')
+                                            ->label('Overall Compliance Pass')
+                                            ->default(true)
+                                            ->disabled()
+                                            ->dehydrated(false)
+                                            ->helperText('Auto-calculated from all safety tests'),
+                                    ])
+                                    ->columns(2),
+                            ]),
+
+                        Tab::make('COA Files')
+                            ->schema([
+                                Section::make('Certificate of Analysis Files')
+                                    ->schema([
+                                        Repeater::make('coaFiles')
+                                            ->relationship()
+                                            ->schema([
+                                                FileUpload::make('file_path')
+                                                    ->label('File')
+                                                    ->required()
+                                                    ->directory('compliance/coas')
+                                                    ->acceptedFileTypes(['application/pdf', 'image/*'])
+                                                    ->maxSize(10240),
+
+                                                TextInput::make('description')
+                                                    ->maxLength(255)
+                                                    ->helperText('Optional description'),
+
+                                                Toggle::make('is_primary')
+                                                    ->label('Primary COA')
+                                                    ->inline(false),
+                                            ])
+                                            ->columns(3)
+                                            ->collapsible()
+                                            ->helperText('Upload COA files (PDF or images)'),
+
+                                        TextInput::make('certificate_url')
+                                            ->label('External COA URL')
+                                            ->url()
+                                            ->maxLength(255)
+                                            ->helperText('Link to COA on external site (optional)'),
+                                    ]),
+                            ]),
+
+                        Tab::make('Notes')
+                            ->schema([
+                                Textarea::make('notes')
+                                    ->rows(5)
+                                    ->columnSpanFull()
+                                    ->helperText('Additional notes about this test'),
+                            ]),
+                    ])
+                    ->columnSpanFull(),
+            ]);
+    }
+}

app/Filament/Resources/LabResource/Tables/LabsTable.php

@@ -0,0 +1,136 @@
+<?php
+
+namespace App\Filament\Resources\LabResource\Tables;
+
+use Filament\Actions\BulkActionGroup;
+use Filament\Actions\DeleteBulkAction;
+use Filament\Actions\EditAction;
+use Filament\Actions\ViewAction;
+use Filament\Support\Colors\Color;
+use Filament\Tables\Columns\IconColumn;
+use Filament\Tables\Columns\TextColumn;
+use Filament\Tables\Filters\Filter;
+use Filament\Tables\Filters\SelectFilter;
+use Filament\Tables\Filters\TernaryFilter;
+use Filament\Tables\Table;
+use Illuminate\Database\Eloquent\Builder;
+
+class LabsTable
+{
+    public static function configure(Table $table): Table
+    {
+        return $table
+            ->columns([
+                TextColumn::make('lab_name')
+                    ->label('Lab')
+                    ->searchable()
+                    ->sortable()
+                    ->weight('bold'),
+
+                TextColumn::make('product.name')
+                    ->label('Product')
+                    ->searchable()
+                    ->sortable()
+                    ->limit(30),
+
+                TextColumn::make('batch.batch_number')
+                    ->label('Batch')
+                    ->searchable()
+                    ->sortable()
+                    ->toggleable(),
+
+                TextColumn::make('test_date')
+                    ->date('M d, Y')
+                    ->sortable()
+                    ->color(fn ($record) => $record->test_date < now()->subDays(90) ? Color::Orange : null),
+
+                TextColumn::make('total_thc')
+                    ->label('THC')
+                    ->numeric(decimalPlaces: 2)
+                    ->suffix('%')
+                    ->sortable()
+                    ->color(fn ($state) => $state > 20 ? Color::Green : ($state > 15 ? Color::Amber : Color::Gray)),
+
+                TextColumn::make('total_cbd')
+                    ->label('CBD')
+                    ->numeric(decimalPlaces: 2)
+                    ->suffix('%')
+                    ->sortable()
+                    ->toggleable(),
+
+                TextColumn::make('total_cannabinoids')
+                    ->label('Total')
+                    ->numeric(decimalPlaces: 2)
+                    ->suffix('%')
+                    ->sortable()
+                    ->toggleable(),
+
+                IconColumn::make('compliance_pass')
+                    ->label('Compliance')
+                    ->boolean()
+                    ->trueIcon('heroicon-o-check-circle')
+                    ->falseIcon('heroicon-o-x-circle')
+                    ->trueColor(Color::Green)
+                    ->falseColor(Color::Red)
+                    ->sortable(),
+
+                TextColumn::make('terpene_profile')
+                    ->label('Top Terpenes')
+                    ->limit(40)
+                    ->toggleable(isToggledHiddenByDefault: true),
+
+                TextColumn::make('created_at')
+                    ->dateTime()
+                    ->sortable()
+                    ->toggleable(isToggledHiddenByDefault: true),
+            ])
+            ->defaultSort('test_date', 'desc')
+            ->filters([
+                SelectFilter::make('lab_name')
+                    ->options(function () {
+                        return \App\Models\Lab::query()
+                            ->distinct('lab_name')
+                            ->pluck('lab_name', 'lab_name')
+                            ->toArray();
+                    })
+                    ->searchable(),
+
+                SelectFilter::make('product')
+                    ->relationship('product', 'name')
+                    ->searchable()
+                    ->preload(),
+
+                SelectFilter::make('batch')
+                    ->relationship('batch', 'batch_number')
+                    ->searchable()
+                    ->preload(),
+
+                TernaryFilter::make('compliance_pass')
+                    ->label('Compliant'),
+
+                Filter::make('recent')
+                    ->label('Recent (Last 30 days)')
+                    ->query(fn (Builder $query): Builder => $query->where('test_date', '>=', now()->subDays(30)))
+                    ->toggle(),
+
+                Filter::make('high_thc')
+                    ->label('High THC (>20%)')
+                    ->query(fn (Builder $query): Builder => $query->where('total_thc', '>', 20))
+                    ->toggle(),
+
+                Filter::make('high_cbd')
+                    ->label('High CBD (>10%)')
+                    ->query(fn (Builder $query): Builder => $query->where('total_cbd', '>', 10))
+                    ->toggle(),
+            ])
+            ->recordActions([
+                ViewAction::make(),
+                EditAction::make(),
+            ])
+            ->toolbarActions([
+                BulkActionGroup::make([
+                    DeleteBulkAction::make(),
+                ]),
+            ]);
+    }
+}

app/Filament/Resources/OrderResource.php

@@ -59,6 +59,7 @@ class OrderResource extends Resource
     {
         return [
             RelationManagers\ItemsRelationManager::class,
+            \Tapp\FilamentAuditing\RelationManagers\AuditsRelationManager::class,
         ];
     }
 

app/Filament/Resources/ProductResource.php

@@ -63,6 +63,7 @@ class ProductResource extends Resource
             BatchesRelationManager::class,
             ComponentsRelationManager::class,
             VarietiesRelationManager::class,
+            \Tapp\FilamentAuditing\RelationManagers\AuditsRelationManager::class,
         ];
     }
 

app/Filament/Resources/UserResource.php

@@ -17,7 +17,6 @@ use Filament\Schemas\Schema;
 use Filament\Tables\Columns\TextColumn;
 use Filament\Tables\Filters\SelectFilter;
 use Filament\Tables\Table;
-use STS\FilamentImpersonate\Tables\Actions\ImpersonateAction;
 
 class UserResource extends Resource
 {
@@ -86,6 +85,22 @@ class UserResource extends Resource
                                 'suspended' => 'Suspended',
                             ])
                             ->default('active'),
+                        TextInput::make('password')
+                            ->label('Password')
+                            ->password()
+                            ->required(fn ($record) => $record === null)
+                            ->dehydrated(fn ($state) => filled($state))
+                            ->minLength(8)
+                            ->maxLength(255)
+                            ->helperText('Leave blank to keep current password when editing')
+                            ->visible(fn ($livewire) => $livewire instanceof CreateUser),
+                        TextInput::make('password_confirmation')
+                            ->label('Confirm Password')
+                            ->password()
+                            ->required(fn ($record) => $record === null && filled($record?->password))
+                            ->dehydrated(false)
+                            ->same('password')
+                            ->visible(fn ($livewire) => $livewire instanceof CreateUser),
                     ])->columns(2),
 
                 Section::make('Business Association')
@@ -239,11 +254,13 @@ class UserResource extends Resource
                     EditAction::make()
                         ->label('View/Modify')
                         ->icon('heroicon-o-pencil'),
-                    ImpersonateAction::make()
+                    Action::make('impersonate')
                         ->label('Impersonate')
                         ->icon('heroicon-o-user-circle')
                         ->color('warning')
-                        ->visible(fn (User $record) => $record->canBeImpersonated()),
+                        ->visible(fn (User $record) => auth()->user()->canImpersonate() && $record->canBeImpersonated())
+                        ->url(fn (User $record) => route('admin.impersonate.perform', $record))
+                        ->openUrlInNewTab(false),
                     Action::make('suspend')
                         ->label('Suspend')
                         ->icon('heroicon-o-no-symbol')

app/Filament/Resources/UserResource/Pages/CreateUser.php

@@ -4,8 +4,18 @@ namespace App\Filament\Resources\UserResource\Pages;
 
 use App\Filament\Resources\UserResource;
 use Filament\Resources\Pages\CreateRecord;
+use Illuminate\Support\Facades\Hash;
 
 class CreateUser extends CreateRecord
 {
     protected static string $resource = UserResource::class;
+
+    protected function mutateFormDataBeforeCreate(array $data): array
+    {
+        if (isset($data['password'])) {
+            $data['password'] = Hash::make($data['password']);
+        }
+
+        return $data;
+    }
 }

app/Helpers/BusinessHelper.php

@@ -0,0 +1,143 @@
+<?php
+
+namespace App\Helpers;
+
+use App\Models\Business;
+use App\Services\PermissionService;
+use Illuminate\Support\Facades\Auth;
+
+class BusinessHelper
+{
+    /**
+     * Get current business context from session or user's primary business
+     */
+    public static function current(): ?Business
+    {
+        if (! Auth::check()) {
+            return null;
+        }
+
+        $businessId = session('current_business_id');
+
+        if ($businessId) {
+            return Business::find($businessId);
+        }
+
+        // Fall back to user's primary business if no session is set
+        return Auth::user()->primaryBusiness();
+    }
+
+    /**
+     * Check if user has a permission for current business
+     *
+     * This method now uses PermissionService internally for better architecture
+     * while maintaining backward compatibility with existing code.
+     *
+     * @param  string  $permission  Permission key (e.g. 'analytics.overview')
+     */
+    public static function hasPermission(string $permission): bool
+    {
+        if (! Auth::check()) {
+            return false;
+        }
+
+        $user = Auth::user();
+        $business = self::current();
+
+        if (! $business) {
+            return false;
+        }
+
+        // Use PermissionService for permission checking
+        $permissionService = app(PermissionService::class);
+
+        return $permissionService->check($user, $permission, $business);
+    }
+
+    /**
+     * Check if user is owner or admin for current business
+     */
+    public static function isOwnerOrAdmin(): bool
+    {
+        if (! Auth::check()) {
+            return false;
+        }
+
+        $user = Auth::user();
+        $business = self::current();
+
+        if (! $business) {
+            return false;
+        }
+
+        // Super admin
+        if ($user->user_type === 'admin') {
+            return true;
+        }
+
+        // Business owner
+        return $business->owner_user_id === $user->id;
+    }
+
+    /**
+     * Get user's role template for current business
+     */
+    public static function getRoleTemplate(): ?string
+    {
+        if (! Auth::check()) {
+            return null;
+        }
+
+        $user = Auth::user();
+        $business = self::current();
+
+        if (! $business) {
+            return null;
+        }
+
+        $businessUser = $user->businesses()
+            ->where('businesses.id', $business->id)
+            ->first();
+
+        return $businessUser?->pivot->role_template;
+    }
+
+    /**
+     * Get user's permissions array for current business
+     */
+    public static function getPermissions(): array
+    {
+        if (! Auth::check()) {
+            return [];
+        }
+
+        $user = Auth::user();
+        $business = self::current();
+
+        if (! $business) {
+            return [];
+        }
+
+        // Use PermissionService for cached permission retrieval
+        $permissionService = app(PermissionService::class);
+
+        return $permissionService->getUserPermissions($user, $business);
+    }
+
+    /**
+     * Check if current business has a specific module enabled
+     *
+     * @param  string  $module  Module name (sales, manufacturing, compliance)
+     */
+    public static function hasModule(string $module): bool
+    {
+        $business = self::current();
+
+        return match ($module) {
+            'sales' => true, // Sales is always enabled (base product)
+            'manufacturing' => $business?->has_manufacturing ?? false,
+            'compliance' => $business?->has_compliance ?? false,
+            default => false,
+        };
+    }
+}

app/Helpers/helpers.php

@@ -0,0 +1,24 @@
+<?php
+
+use App\Helpers\BusinessHelper;
+
+if (! function_exists('currentBusiness')) {
+    function currentBusiness()
+    {
+        return BusinessHelper::current();
+    }
+}
+
+if (! function_exists('currentBusinessId')) {
+    function currentBusinessId()
+    {
+        return BusinessHelper::currentId();
+    }
+}
+
+if (! function_exists('hasBusinessPermission')) {
+    function hasBusinessPermission(string $permission): bool
+    {
+        return BusinessHelper::hasPermission($permission);
+    }
+}

app/Http/Controllers/Admin/QuickSwitchController.php

@@ -0,0 +1,110 @@
+<?php
+
+namespace App\Http\Controllers\Admin;
+
+use App\Models\User;
+use Illuminate\Http\Request;
+use Illuminate\Routing\Controller;
+
+class QuickSwitchController extends Controller
+{
+    /**
+     * Ensure only admins can access
+     */
+    public function __construct()
+    {
+        $this->middleware('auth');
+        $this->middleware(function ($request, $next) {
+            $user = auth()->user();
+
+            if (! $user) {
+                abort(403, 'Not authenticated');
+            }
+
+            $manager = app(\Lab404\Impersonate\Services\ImpersonateManager::class);
+
+            // If impersonating, check if the impersonator can impersonate
+            // Otherwise check if the current user can impersonate
+            $canAccess = $manager->isImpersonating()
+                ? $manager->getImpersonator()->canImpersonate()
+                : $user->canImpersonate();
+
+            if (! $canAccess) {
+                abort(403, 'Only administrators can access this feature. Please login as an admin.');
+            }
+
+            return $next($request);
+        });
+    }
+
+    /**
+     * Show quick switch menu for testing
+     */
+    public function index()
+    {
+        // Get all seller users for quick switching
+        $users = User::where('user_type', 'seller')
+            ->with('businesses')
+            ->orderBy('email')
+            ->get();
+
+        return view('admin.quick-switch', compact('users'));
+    }
+
+    /**
+     * Quick switch to user using impersonation (maintains admin session)
+     */
+    public function switch(Request $request, User $user)
+    {
+        $currentUser = auth()->user();
+        $manager = app(\Lab404\Impersonate\Services\ImpersonateManager::class);
+
+        // Get the actual admin user (might be the impersonator)
+        $admin = $manager->isImpersonating()
+            ? $manager->getImpersonator()
+            : $currentUser;
+
+        if (! $user->canBeImpersonated()) {
+            abort(403, 'This user cannot be impersonated');
+        }
+
+        // If already impersonating someone, leave that impersonation first
+        if ($manager->isImpersonating()) {
+            $manager->leave();
+        }
+
+        // Use impersonation instead of session replacement
+        // This allows multiple tabs with different impersonated users
+        $manager->take($admin, $user, 'web');
+
+        // Redirect based on user type and business
+        $business = $user->primaryBusiness();
+
+        if ($business && $business->isParentCompany()) {
+            return redirect()->route('seller.business.executive.dashboard', $business->slug);
+        } elseif ($business) {
+            return redirect()->route('seller.business.dashboard', $business->slug);
+        }
+
+        return redirect()->route('seller.dashboard');
+    }
+
+    /**
+     * Switch back to admin (leave impersonation)
+     */
+    public function backToAdmin()
+    {
+        $manager = app(\Lab404\Impersonate\Services\ImpersonateManager::class);
+
+        if (! $manager->isImpersonating()) {
+            return redirect()->route('filament.admin.pages.dashboard')
+                ->with('info', 'You are not currently impersonating anyone');
+        }
+
+        // Leave impersonation
+        $manager->leave();
+
+        return redirect()->route('filament.admin.pages.dashboard')
+            ->with('success', 'Returned to admin panel');
+    }
+}

app/Http/Controllers/Analytics/AnalyticsDashboardController.php

@@ -0,0 +1,101 @@
+<?php
+
+namespace App\Http\Controllers\Analytics;
+
+use App\Http\Controllers\Controller;
+use App\Models\Analytics\AnalyticsEvent;
+use App\Models\Analytics\BuyerEngagementScore;
+use App\Models\Analytics\IntentSignal;
+use App\Models\Analytics\ProductView;
+use App\Models\Analytics\UserSession;
+use Illuminate\Http\Request;
+use Illuminate\Support\Facades\DB;
+
+class AnalyticsDashboardController extends Controller
+{
+    public function index(Request $request)
+    {
+        if (! hasBusinessPermission('analytics.overview')) {
+            abort(403, 'Unauthorized to view analytics');
+        }
+
+        $business = currentBusiness();
+        $period = $request->input('period', '30'); // days
+
+        $startDate = now()->subDays((int) $period);
+
+        // Key metrics
+        $metrics = [
+            'total_sessions' => UserSession::forBusiness($business->id)->where('started_at', '>=', $startDate)->count(),
+            'total_page_views' => UserSession::forBusiness($business->id)->where('started_at', '>=', $startDate)->sum('page_views'),
+            'total_product_views' => ProductView::forBusiness($business->id)->where('viewed_at', '>=', $startDate)->count(),
+            'unique_products_viewed' => ProductView::forBusiness($business->id)->where('viewed_at', '>=', $startDate)
+                ->distinct('product_id')
+                ->count('product_id'),
+            'high_intent_signals' => IntentSignal::forBusiness($business->id)->where('detected_at', '>=', $startDate)
+                ->where('signal_strength', '>=', IntentSignal::STRENGTH_HIGH)
+                ->count(),
+            'active_buyers' => BuyerEngagementScore::forBusiness($business->id)->where('last_interaction_at', '>=', $startDate)->count(),
+        ];
+
+        // Traffic trend (daily breakdown)
+        $trafficTrend = AnalyticsEvent::forBusiness($business->id)->where('created_at', '>=', $startDate)
+            ->select(
+                DB::raw('DATE(created_at) as date'),
+                DB::raw('COUNT(*) as total_events'),
+                DB::raw('COUNT(DISTINCT session_id) as unique_sessions')
+            )
+            ->groupBy('date')
+            ->orderBy('date')
+            ->get();
+
+        // Top products by views
+        $topProducts = ProductView::forBusiness($business->id)->where('viewed_at', '>=', $startDate)
+            ->select('product_id', DB::raw('COUNT(*) as view_count'))
+            ->groupBy('product_id')
+            ->orderByDesc('view_count')
+            ->limit(10)
+            ->with('product')
+            ->get();
+
+        // High-value buyers
+        $highValueBuyers = BuyerEngagementScore::forBusiness($business->id)->highValue()
+            ->active()
+            ->orderByDesc('score')
+            ->limit(10)
+            ->with('buyerBusiness')
+            ->get();
+
+        // Recent high-intent signals
+        $recentIntentSignals = IntentSignal::forBusiness($business->id)->highIntent()
+            ->where('detected_at', '>=', now()->subHours(24))
+            ->orderByDesc('detected_at')
+            ->limit(10)
+            ->with(['buyerBusiness', 'user'])
+            ->get();
+
+        // Engagement score distribution
+        $engagementDistribution = BuyerEngagementScore::forBusiness($business->id)->select(
+            DB::raw('CASE
+                WHEN score >= 80 THEN \'Very High\'
+                WHEN score >= 60 THEN \'High\'
+                WHEN score >= 40 THEN \'Medium\'
+                ELSE \'Low\'
+            END as score_range'),
+            DB::raw('COUNT(*) as count')
+        )
+            ->groupBy('score_range')
+            ->get();
+
+        return view('seller.analytics.dashboard', compact(
+            'business',
+            'period',
+            'metrics',
+            'trafficTrend',
+            'topProducts',
+            'highValueBuyers',
+            'recentIntentSignals',
+            'engagementDistribution'
+        ));
+    }
+}

app/Http/Controllers/Analytics/BuyerIntelligenceController.php

@@ -0,0 +1,194 @@
+<?php
+
+namespace App\Http\Controllers\Analytics;
+
+use App\Http\Controllers\Controller;
+use App\Models\Analytics\BuyerEngagementScore;
+use App\Models\Analytics\IntentSignal;
+use App\Models\Analytics\ProductView;
+use App\Models\Business;
+use Illuminate\Http\Request;
+use Illuminate\Support\Facades\DB;
+
+class BuyerIntelligenceController extends Controller
+{
+    public function index(Request $request)
+    {
+        // TODO: Re-enable when permission system is implemented
+        // if (! hasBusinessPermission('analytics.buyers')) {
+        //     abort(403, 'Unauthorized to view buyer intelligence');
+        // }
+
+        $business = currentBusiness();
+        $period = $request->input('period', '30');
+        $filter = $request->input('filter', 'all'); // all, high-value, at-risk, new
+        $startDate = now()->subDays((int) $period);
+
+        // Overall buyer metrics
+        $metrics = [
+            'total_buyers' => BuyerEngagementScore::forBusiness($business->id)->count(),
+            'active_buyers' => BuyerEngagementScore::forBusiness($business->id)->active()->count(),
+            'high_value_buyers' => BuyerEngagementScore::forBusiness($business->id)->highValue()->count(),
+            'at_risk_buyers' => BuyerEngagementScore::forBusiness($business->id)->atRisk()->count(),
+            'new_buyers' => BuyerEngagementScore::forBusiness($business->id)->where('first_interaction_at', '>=', now()->subDays(30))->count(),
+        ];
+
+        // Build query based on filter
+        $buyersQuery = BuyerEngagementScore::forBusiness($business->id);
+
+        match ($filter) {
+            'high-value' => $buyersQuery->highValue(),
+            'at-risk' => $buyersQuery->atRisk(),
+            'new' => $buyersQuery->where('first_interaction_at', '>=', now()->subDays(30)),
+            default => $buyersQuery,
+        };
+
+        $buyers = $buyersQuery->orderByDesc('score')
+            ->with('buyerBusiness')
+            ->paginate(20);
+
+        // Engagement score distribution
+        $scoreDistribution = BuyerEngagementScore::forBusiness($business->id)->select(
+            DB::raw("CASE
+                WHEN score >= 80 THEN 'Very High (80-100)'
+                WHEN score >= 60 THEN 'High (60-79)'
+                WHEN score >= 40 THEN 'Medium (40-59)'
+                WHEN score >= 20 THEN 'Low (20-39)'
+                ELSE 'Very Low (0-19)'
+            END as score_range"),
+            DB::raw('COUNT(*) as count')
+        )
+            ->groupBy('score_range')
+            ->get();
+
+        // Tier distribution
+        $tierDistribution = BuyerEngagementScore::forBusiness($business->id)->select('score_tier')
+            ->selectRaw('COUNT(*) as count')
+            ->groupBy('score_tier')
+            ->get();
+
+        // Recent high-intent signals
+        $recentIntentSignals = IntentSignal::forBusiness($business->id)->highIntent()
+            ->where('detected_at', '>=', now()->subDays(7))
+            ->orderByDesc('detected_at')
+            ->with(['buyerBusiness', 'user'])
+            ->limit(20)
+            ->get();
+
+        // Intent signal breakdown
+        $signalBreakdown = IntentSignal::forBusiness($business->id)->where('detected_at', '>=', $startDate)
+            ->select('signal_type')
+            ->selectRaw('COUNT(*) as count')
+            ->selectRaw('AVG(signal_strength) as avg_strength')
+            ->groupBy('signal_type')
+            ->orderByDesc('count')
+            ->get();
+
+        return view('seller.analytics.buyers', compact(
+            'business',
+            'period',
+            'filter',
+            'metrics',
+            'buyers',
+            'scoreDistribution',
+            'tierDistribution',
+            'recentIntentSignals',
+            'signalBreakdown'
+        ));
+    }
+
+    public function show(Request $request, Business $buyer)
+    {
+        // TODO: Re-enable when permission system is implemented
+        // if (! hasBusinessPermission('analytics.buyers')) {
+        //     abort(403, 'Unauthorized to view buyer intelligence');
+        // }
+
+        $business = currentBusiness();
+        $period = $request->input('period', '90'); // Default to 90 days for buyer detail
+        $startDate = now()->subDays((int) $period);
+
+        // Get engagement score
+        $engagementScore = BuyerEngagementScore::forBusiness($business->id)->where('buyer_business_id', $buyer->id)->first();
+
+        // Activity timeline
+        $activityTimeline = ProductView::forBusiness($business->id)->where('buyer_business_id', $buyer->id)
+            ->where('viewed_at', '>=', $startDate)
+            ->select(
+                DB::raw('DATE(viewed_at) as date'),
+                DB::raw('COUNT(*) as product_views'),
+                DB::raw('COUNT(DISTINCT product_id) as unique_products'),
+                DB::raw('SUM(CASE WHEN added_to_cart = true THEN 1 ELSE 0 END) as cart_adds')
+            )
+            ->groupBy('date')
+            ->orderBy('date')
+            ->get();
+
+        // Products viewed
+        $productsViewed = ProductView::forBusiness($business->id)->where('buyer_business_id', $buyer->id)
+            ->where('viewed_at', '>=', $startDate)
+            ->select('product_id')
+            ->selectRaw('COUNT(*) as view_count')
+            ->selectRaw('MAX(viewed_at) as last_viewed')
+            ->selectRaw('AVG(time_on_page) as avg_time')
+            ->selectRaw('SUM(CASE WHEN added_to_cart = true THEN 1 ELSE 0 END) as cart_adds')
+            ->groupBy('product_id')
+            ->orderByDesc('view_count')
+            ->with('product')
+            ->limit(20)
+            ->get();
+
+        // Intent signals
+        $intentSignals = IntentSignal::forBusiness($business->id)->where('buyer_business_id', $buyer->id)
+            ->where('detected_at', '>=', $startDate)
+            ->orderByDesc('detected_at')
+            ->limit(50)
+            ->get();
+
+        // Email engagement
+        $emailEngagement = DB::table('email_interactions')
+            ->join('users', 'email_interactions.recipient_user_id', '=', 'users.id')
+            ->join('business_user', 'users.id', '=', 'business_user.user_id')
+            ->where('email_interactions.business_id', $business->id)
+            ->where('business_user.business_id', $buyer->id)
+            ->where('email_interactions.sent_at', '>=', $startDate)
+            ->selectRaw('COUNT(*) as total_sent')
+            ->selectRaw('SUM(open_count) as total_opens')
+            ->selectRaw('SUM(click_count) as total_clicks')
+            ->selectRaw('AVG(engagement_score) as avg_engagement')
+            ->first();
+
+        // Order history
+        $orderHistory = DB::table('orders')
+            ->where('seller_business_id', $business->id)
+            ->where('buyer_business_id', $buyer->id)
+            ->select(
+                DB::raw('DATE(created_at) as date'),
+                DB::raw('COUNT(*) as order_count'),
+                DB::raw('SUM(total) as revenue')
+            )
+            ->groupBy('date')
+            ->orderBy('date')
+            ->get();
+
+        $totalOrders = DB::table('orders')
+            ->where('seller_business_id', $business->id)
+            ->where('buyer_business_id', $buyer->id)
+            ->selectRaw('COUNT(*) as count')
+            ->selectRaw('SUM(total) as total_revenue')
+            ->selectRaw('AVG(total) as avg_order_value')
+            ->first();
+
+        return view('seller.analytics.buyer-detail', compact(
+            'buyer',
+            'period',
+            'engagementScore',
+            'activityTimeline',
+            'productsViewed',
+            'intentSignals',
+            'emailEngagement',
+            'orderHistory',
+            'totalOrders'
+        ));
+    }
+}

app/Http/Controllers/Analytics/MarketingAnalyticsController.php

@@ -0,0 +1,173 @@
+<?php
+
+namespace App\Http\Controllers\Analytics;
+
+use App\Http\Controllers\Controller;
+use App\Models\Analytics\EmailCampaign;
+use App\Models\Analytics\EmailInteraction;
+use Illuminate\Http\Request;
+use Illuminate\Support\Facades\DB;
+
+class MarketingAnalyticsController extends Controller
+{
+    public function index(Request $request)
+    {
+        if (! hasBusinessPermission('analytics.marketing')) {
+            abort(403, 'Unauthorized to view marketing analytics');
+        }
+
+        $business = currentBusiness();
+        $period = $request->input('period', '30');
+        $startDate = now()->subDays((int) $period);
+
+        // Campaign overview metrics
+        $metrics = [
+            'total_campaigns' => EmailCampaign::forBusiness($business->id)->where('created_at', '>=', $startDate)->count(),
+            'total_sent' => EmailCampaign::forBusiness($business->id)->where('created_at', '>=', $startDate)->sum('total_sent'),
+            'total_delivered' => EmailCampaign::forBusiness($business->id)->where('created_at', '>=', $startDate)->sum('total_delivered'),
+            'total_opened' => EmailCampaign::forBusiness($business->id)->where('created_at', '>=', $startDate)->sum('total_opened'),
+            'total_clicked' => EmailCampaign::forBusiness($business->id)->where('created_at', '>=', $startDate)->sum('total_clicked'),
+        ];
+
+        // Calculate average rates
+        $metrics['avg_open_rate'] = $metrics['total_delivered'] > 0
+            ? round(($metrics['total_opened'] / $metrics['total_delivered']) * 100, 2)
+            : 0;
+
+        $metrics['avg_click_rate'] = $metrics['total_delivered'] > 0
+            ? round(($metrics['total_clicked'] / $metrics['total_delivered']) * 100, 2)
+            : 0;
+
+        // Campaign performance
+        $campaigns = EmailCampaign::forBusiness($business->id)->where('created_at', '>=', $startDate)
+            ->orderByDesc('sent_at')
+            ->with('emailInteractions')
+            ->paginate(20);
+
+        // Email engagement over time
+        $engagementTrend = EmailInteraction::forBusiness($business->id)->where('sent_at', '>=', $startDate)
+            ->select(
+                DB::raw('DATE(sent_at) as date'),
+                DB::raw('COUNT(*) as sent'),
+                DB::raw('SUM(CASE WHEN first_opened_at IS NOT NULL THEN 1 ELSE 0 END) as opened'),
+                DB::raw('SUM(CASE WHEN first_clicked_at IS NOT NULL THEN 1 ELSE 0 END) as clicked')
+            )
+            ->groupBy('date')
+            ->orderBy('date')
+            ->get();
+
+        // Top performing campaigns
+        $topCampaigns = EmailCampaign::forBusiness($business->id)->where('sent_at', '>=', $startDate)
+            ->where('total_sent', '>', 0)
+            ->orderByRaw('(total_clicked / total_sent) DESC')
+            ->limit(10)
+            ->get();
+
+        // Email client breakdown
+        $emailClients = EmailInteraction::forBusiness($business->id)->where('sent_at', '>=', $startDate)
+            ->whereNotNull('email_client')
+            ->select('email_client')
+            ->selectRaw('COUNT(*) as count')
+            ->groupBy('email_client')
+            ->orderByDesc('count')
+            ->get();
+
+        // Device type breakdown
+        $deviceTypes = EmailInteraction::forBusiness($business->id)->where('sent_at', '>=', $startDate)
+            ->whereNotNull('device_type')
+            ->select('device_type')
+            ->selectRaw('COUNT(*) as count')
+            ->groupBy('device_type')
+            ->orderByDesc('count')
+            ->get();
+
+        // Engagement score distribution
+        $engagementScores = EmailInteraction::forBusiness($business->id)->where('sent_at', '>=', $startDate)
+            ->select(
+                DB::raw("CASE
+                    WHEN engagement_score >= 80 THEN 'High'
+                    WHEN engagement_score >= 50 THEN 'Medium'
+                    WHEN engagement_score > 0 THEN 'Low'
+                    ELSE 'None'
+                END as score_range"),
+                DB::raw('COUNT(*) as count')
+            )
+            ->groupBy('score_range')
+            ->get();
+
+        return view('seller.analytics.marketing', compact(
+            'business',
+            'period',
+            'metrics',
+            'campaigns',
+            'engagementTrend',
+            'topCampaigns',
+            'emailClients',
+            'deviceTypes',
+            'engagementScores'
+        ));
+    }
+
+    public function campaign(Request $request, EmailCampaign $campaign)
+    {
+        if (! hasBusinessPermission('analytics.marketing')) {
+            abort(403, 'Unauthorized to view marketing analytics');
+        }
+
+        // Verify campaign belongs to user's business
+        if ($campaign->business_id !== currentBusinessId()) {
+            abort(403, 'Unauthorized to view this campaign');
+        }
+
+        // Campaign metrics
+        $metrics = [
+            'total_sent' => $campaign->total_sent,
+            'total_delivered' => $campaign->total_delivered,
+            'total_bounced' => $campaign->total_bounced,
+            'total_opened' => $campaign->total_opened,
+            'total_clicked' => $campaign->total_clicked,
+            'open_rate' => $campaign->open_rate,
+            'click_rate' => $campaign->click_rate,
+            'bounce_rate' => $campaign->total_sent > 0
+                ? round(($campaign->total_bounced / $campaign->total_sent) * 100, 2)
+                : 0,
+        ];
+
+        // Interaction timeline
+        $timeline = EmailInteraction::forBusiness($campaign->business_id)->where('campaign_id', $campaign->id)
+            ->select(
+                DB::raw('DATE(sent_at) as date'),
+                DB::raw('SUM(open_count) as opens'),
+                DB::raw('SUM(click_count) as clicks')
+            )
+            ->groupBy('date')
+            ->orderBy('date')
+            ->get();
+
+        // Top engaged recipients
+        $topRecipients = EmailInteraction::forBusiness($campaign->business_id)->where('campaign_id', $campaign->id)
+            ->orderByDesc('engagement_score')
+            ->limit(20)
+            ->with('recipientUser')
+            ->get();
+
+        // Click breakdown by URL
+        $clicksByUrl = DB::table('email_clicks')
+            ->join('email_interactions', 'email_clicks.email_interaction_id', '=', 'email_interactions.id')
+            ->where('email_interactions.campaign_id', $campaign->id)
+            ->select('email_clicks.url', 'email_clicks.link_identifier')
+            ->selectRaw('COUNT(*) as click_count')
+            ->selectRaw('COUNT(DISTINCT email_clicks.email_interaction_id) as unique_clicks')
+            ->groupBy('email_clicks.url', 'email_clicks.link_identifier')
+            ->orderByDesc('click_count')
+            ->get();
+
+        return view('seller.analytics.campaign-detail', compact(
+            'campaign',
+            'metrics',
+            'timeline',
+            'topRecipients',
+            'clicksByUrl'
+        ));
+    }
+}

app/Http/Controllers/Analytics/ProductAnalyticsController.php

@@ -0,0 +1,164 @@
+<?php
+
+namespace App\Http\Controllers\Analytics;
+
+use App\Helpers\BusinessHelper;
+use App\Http\Controllers\Controller;
+use App\Models\Analytics\ProductView;
+use App\Models\Product;
+use Illuminate\Http\Request;
+use Illuminate\Support\Facades\DB;
+
+class ProductAnalyticsController extends Controller
+{
+    public function index(Request $request)
+    {
+        if (! hasBusinessPermission('analytics.products')) {
+            abort(403, 'Unauthorized to view product analytics');
+        }
+
+        $business = currentBusiness();
+        $period = $request->input('period', '30');
+        $startDate = now()->subDays((int) $period);
+
+        // Product performance metrics
+        $productMetrics = ProductView::forBusiness($business->id)->where('viewed_at', '>=', $startDate)
+            ->select('product_id')
+            ->selectRaw('COUNT(*) as total_views')
+            ->selectRaw('COUNT(DISTINCT buyer_business_id) as unique_buyers')
+            ->selectRaw('AVG(time_on_page) as avg_time_on_page')
+            ->selectRaw('SUM(CASE WHEN zoomed_image = true THEN 1 ELSE 0 END) as zoomed_count')
+            ->selectRaw('SUM(CASE WHEN watched_video = true THEN 1 ELSE 0 END) as video_views')
+            ->selectRaw('SUM(CASE WHEN downloaded_spec = true THEN 1 ELSE 0 END) as spec_downloads')
+            ->selectRaw('SUM(CASE WHEN added_to_cart = true THEN 1 ELSE 0 END) as cart_additions')
+            ->groupBy('product_id')
+            ->orderByDesc('total_views')
+            ->with('product.brand')
+            ->paginate(20);
+
+        // Product view trend
+        $viewTrend = ProductView::forBusiness($business->id)->where('viewed_at', '>=', $startDate)
+            ->select(
+                DB::raw('DATE(viewed_at) as date'),
+                DB::raw('COUNT(*) as views'),
+                DB::raw('COUNT(DISTINCT buyer_business_id) as unique_buyers')
+            )
+            ->groupBy('date')
+            ->orderBy('date')
+            ->get();
+
+        // High engagement products (quality over quantity)
+        $highEngagementProducts = ProductView::forBusiness($business->id)->highEngagement()
+            ->where('viewed_at', '>=', $startDate)
+            ->select('product_id')
+            ->selectRaw('COUNT(*) as engagement_count')
+            ->selectRaw('AVG(time_on_page) as avg_time')
+            ->groupBy('product_id')
+            ->orderByDesc('engagement_count')
+            ->limit(10)
+            ->with('product')
+            ->get();
+
+        // Products with most cart additions (high intent)
+        $topCartProducts = ProductView::forBusiness($business->id)->where('viewed_at', '>=', $startDate)
+            ->where('added_to_cart', true)
+            ->select('product_id')
+            ->selectRaw('COUNT(*) as cart_count')
+            ->groupBy('product_id')
+            ->orderByDesc('cart_count')
+            ->limit(10)
+            ->with('product')
+            ->get();
+
+        // Engagement breakdown
+        $engagementBreakdown = [
+            'zoomed_image' => ProductView::forBusiness($business->id)->where('viewed_at', '>=', $startDate)->where('zoomed_image', true)->count(),
+            'watched_video' => ProductView::forBusiness($business->id)->where('viewed_at', '>=', $startDate)->where('watched_video', true)->count(),
+            'downloaded_spec' => ProductView::forBusiness($business->id)->where('viewed_at', '>=', $startDate)->where('downloaded_spec', true)->count(),
+            'added_to_cart' => ProductView::forBusiness($business->id)->where('viewed_at', '>=', $startDate)->where('added_to_cart', true)->count(),
+            'added_to_wishlist' => ProductView::forBusiness($business->id)->where('viewed_at', '>=', $startDate)->where('added_to_wishlist', true)->count(),
+        ];
+
+        return view('seller.analytics.products', compact(
+            'business',
+            'period',
+            'productMetrics',
+            'viewTrend',
+            'highEngagementProducts',
+            'topCartProducts',
+            'engagementBreakdown'
+        ));
+    }
+
+    public function show(Request $request, Product $product)
+    {
+        if (! hasBusinessPermission('analytics.products')) {
+            abort(403, 'Unauthorized to view product analytics');
+        }
+
+        // Verify product belongs to user's business brands
+        $sellerBusiness = BusinessHelper::fromProduct($product);
+        if ($sellerBusiness->id !== currentBusinessId()) {
+            abort(403, 'Unauthorized to view this product');
+        }
+
+        $period = $request->input('period', '30');
+        $startDate = now()->subDays((int) $period);
+
+        // Product-specific metrics
+        $metrics = ProductView::forBusiness($sellerBusiness->id)->where('product_id', $product->id)
+            ->where('viewed_at', '>=', $startDate)
+            ->selectRaw('COUNT(*) as total_views')
+            ->selectRaw('COUNT(DISTINCT buyer_business_id) as unique_buyers')
+            ->selectRaw('COUNT(DISTINCT session_id) as unique_sessions')
+            ->selectRaw('AVG(time_on_page) as avg_time_on_page')
+            ->selectRaw('MAX(time_on_page) as max_time_on_page')
+            ->selectRaw('SUM(CASE WHEN zoomed_image = true THEN 1 ELSE 0 END) as zoomed_count')
+            ->selectRaw('SUM(CASE WHEN watched_video = true THEN 1 ELSE 0 END) as video_views')
+            ->selectRaw('SUM(CASE WHEN downloaded_spec = true THEN 1 ELSE 0 END) as spec_downloads')
+            ->selectRaw('SUM(CASE WHEN added_to_cart = true THEN 1 ELSE 0 END) as cart_additions')
+            ->first();
+
+        // View trend
+        $viewTrend = ProductView::forBusiness($sellerBusiness->id)->where('product_id', $product->id)
+            ->where('viewed_at', '>=', $startDate)
+            ->select(
+                DB::raw('DATE(viewed_at) as date'),
+                DB::raw('COUNT(*) as views')
+            )
+            ->groupBy('date')
+            ->orderBy('date')
+            ->get();
+
+        // Top buyers viewing this product
+        $topBuyers = ProductView::forBusiness($sellerBusiness->id)->where('product_id', $product->id)
+            ->where('viewed_at', '>=', $startDate)
+            ->whereNotNull('buyer_business_id')
+            ->select('buyer_business_id')
+            ->selectRaw('COUNT(*) as view_count')
+            ->selectRaw('MAX(viewed_at) as last_viewed')
+            ->groupBy('buyer_business_id')
+            ->orderByDesc('view_count')
+            ->limit(10)
+            ->with('buyerBusiness')
+            ->get();
+
+        // Traffic sources
+        $trafficSources = ProductView::forBusiness($sellerBusiness->id)->where('product_id', $product->id)
+            ->where('viewed_at', '>=', $startDate)
+            ->select('source')
+            ->selectRaw('COUNT(*) as count')
+            ->groupBy('source')
+            ->orderByDesc('count')
+            ->get();
+
+        return view('seller.analytics.product-detail', compact(
+            'product',
+            'period',
+            'metrics',
+            'viewTrend',
+            'topBuyers',
+            'trafficSources'
+        ));
+    }
+}

app/Http/Controllers/Analytics/SalesAnalyticsController.php

@@ -0,0 +1,160 @@
+<?php
+
+namespace App\Http\Controllers\Analytics;
+
+use App\Http\Controllers\Controller;
+use App\Models\Analytics\UserSession;
+use Illuminate\Http\Request;
+use Illuminate\Support\Facades\DB;
+
+class SalesAnalyticsController extends Controller
+{
+    public function index(Request $request)
+    {
+        if (! hasBusinessPermission('analytics.sales')) {
+            abort(403, 'Unauthorized to view sales analytics');
+        }
+
+        $business = currentBusiness();
+        $period = $request->input('period', '30');
+        $startDate = now()->subDays((int) $period);
+
+        // Sales funnel metrics
+        $funnelMetrics = [
+            'total_sessions' => UserSession::forBusiness($business->id)->where('started_at', '>=', $startDate)->count(),
+            'sessions_with_product_views' => UserSession::forBusiness($business->id)->where('started_at', '>=', $startDate)
+                ->where('product_views', '>', 0)
+                ->count(),
+            'sessions_with_cart' => UserSession::forBusiness($business->id)->where('started_at', '>=', $startDate)
+                ->where('interactions', '>', 0)
+                ->count(),
+            'checkout_initiated' => UserSession::forBusiness($business->id)->where('started_at', '>=', $startDate)
+                ->where('interactions', '>', 2)
+                ->count(),
+            'orders_completed' => UserSession::forBusiness($business->id)->where('started_at', '>=', $startDate)
+                ->where('converted', true)
+                ->count(),
+        ];
+
+        // Calculate conversion rates
+        $funnelMetrics['product_view_rate'] = $funnelMetrics['total_sessions'] > 0
+            ? round(($funnelMetrics['sessions_with_product_views'] / $funnelMetrics['total_sessions']) * 100, 2)
+            : 0;
+
+        $funnelMetrics['cart_rate'] = $funnelMetrics['sessions_with_product_views'] > 0
+            ? round(($funnelMetrics['sessions_with_cart'] / $funnelMetrics['sessions_with_product_views']) * 100, 2)
+            : 0;
+
+        $funnelMetrics['checkout_rate'] = $funnelMetrics['sessions_with_cart'] > 0
+            ? round(($funnelMetrics['checkout_initiated'] / $funnelMetrics['sessions_with_cart']) * 100, 2)
+            : 0;
+
+        $funnelMetrics['conversion_rate'] = $funnelMetrics['checkout_initiated'] > 0
+            ? round(($funnelMetrics['orders_completed'] / $funnelMetrics['checkout_initiated']) * 100, 2)
+            : 0;
+
+        // Sales metrics from orders table
+        // Note: orders.business_id is the buyer's business
+        // To get seller's orders, join through order_items → products → brands
+        $salesMetrics = DB::table('orders')
+            ->join('order_items', 'orders.id', '=', 'order_items.order_id')
+            ->join('products', 'order_items.product_id', '=', 'products.id')
+            ->join('brands', 'products.brand_id', '=', 'brands.id')
+            ->where('brands.business_id', $business->id)
+            ->where('orders.created_at', '>=', $startDate)
+            ->selectRaw('COUNT(DISTINCT orders.id) as total_orders')
+            ->selectRaw('SUM(order_items.line_total) as total_revenue')
+            ->selectRaw('AVG(orders.total) as avg_order_value')
+            ->selectRaw('COUNT(DISTINCT orders.business_id) as unique_buyers')
+            ->first();
+
+        // Revenue trend
+        $revenueTrend = DB::table('orders')
+            ->join('order_items', 'orders.id', '=', 'order_items.order_id')
+            ->join('products', 'order_items.product_id', '=', 'products.id')
+            ->join('brands', 'products.brand_id', '=', 'brands.id')
+            ->where('brands.business_id', $business->id)
+            ->where('orders.created_at', '>=', $startDate)
+            ->select(
+                DB::raw('DATE(orders.created_at) as date'),
+                DB::raw('COUNT(DISTINCT orders.id) as orders'),
+                DB::raw('SUM(order_items.line_total) as revenue')
+            )
+            ->groupBy('date')
+            ->orderBy('date')
+            ->get();
+
+        // Conversion funnel trend
+        $conversionTrend = UserSession::forBusiness($business->id)->where('started_at', '>=', $startDate)
+            ->select(
+                DB::raw('DATE(started_at) as date'),
+                DB::raw('COUNT(*) as sessions'),
+                DB::raw('SUM(CASE WHEN product_views > 0 THEN 1 ELSE 0 END) as with_views'),
+                DB::raw('SUM(CASE WHEN interactions > 0 THEN 1 ELSE 0 END) as with_interactions'),
+                DB::raw('SUM(CASE WHEN converted = true THEN 1 ELSE 0 END) as conversions'),
+                DB::raw('SUM(CASE WHEN converted = true THEN 1 ELSE 0 END) as orders')
+            )
+            ->groupBy('date')
+            ->orderBy('date')
+            ->get();
+
+        // Top revenue products
+        $topProducts = DB::table('order_items')
+            ->join('orders', 'order_items.order_id', '=', 'orders.id')
+            ->join('products', 'order_items.product_id', '=', 'products.id')
+            ->join('brands', 'products.brand_id', '=', 'brands.id')
+            ->where('brands.business_id', $business->id)
+            ->where('orders.created_at', '>=', $startDate)
+            ->select('products.id', 'products.name')
+            ->selectRaw('SUM(order_items.quantity) as units_sold')
+            ->selectRaw('SUM(order_items.line_total) as revenue')
+            ->groupBy('products.id', 'products.name')
+            ->orderByDesc('revenue')
+            ->limit(10)
+            ->get();
+
+        // Session abandonment analysis (sessions with interactions but no conversion)
+        $cartAbandonment = [
+            'total_interactive_sessions' => UserSession::forBusiness($business->id)->where('started_at', '>=', $startDate)
+                ->where('interactions', '>', 0)
+                ->count(),
+            'abandoned_sessions' => UserSession::forBusiness($business->id)->where('started_at', '>=', $startDate)
+                ->where('interactions', '>', 0)
+                ->where('converted', false)
+                ->count(),
+        ];
+
+        $cartAbandonment['abandonment_rate'] = $cartAbandonment['total_interactive_sessions'] > 0
+            ? round(($cartAbandonment['abandoned_sessions'] / $cartAbandonment['total_interactive_sessions']) * 100, 2)
+            : 0;
+
+        // Top buyers by revenue
+        $topBuyers = DB::table('orders')
+            ->join('order_items', 'orders.id', '=', 'order_items.order_id')
+            ->join('products', 'order_items.product_id', '=', 'products.id')
+            ->join('brands', 'products.brand_id', '=', 'brands.id')
+            ->join('businesses', 'orders.business_id', '=', 'businesses.id')
+            ->where('brands.business_id', $business->id)
+            ->where('orders.created_at', '>=', $startDate)
+            ->select('businesses.id', 'businesses.name')
+            ->selectRaw('COUNT(DISTINCT orders.id) as order_count')
+            ->selectRaw('SUM(order_items.line_total) as total_revenue')
+            ->selectRaw('AVG(orders.total) as avg_order_value')
+            ->groupBy('businesses.id', 'businesses.name')
+            ->orderByDesc('total_revenue')
+            ->limit(10)
+            ->get();
+
+        return view('seller.analytics.sales', compact(
+            'business',
+            'period',
+            'funnelMetrics',
+            'salesMetrics',
+            'revenueTrend',
+            'conversionTrend',
+            'topProducts',
+            'cartAbandonment',
+            'topBuyers'
+        ));
+    }
+}

app/Http/Controllers/Analytics/TrackingController.php

@@ -0,0 +1,190 @@
+<?php
+
+namespace App\Http\Controllers\Analytics;
+
+use App\Http\Controllers\Controller;
+use App\Models\Product;
+use App\Services\AnalyticsTracker;
+use Illuminate\Http\Request;
+use Illuminate\Support\Facades\Log;
+
+class TrackingController extends Controller
+{
+    protected AnalyticsTracker $tracker;
+
+    public function __construct(AnalyticsTracker $tracker)
+    {
+        $this->tracker = $tracker;
+    }
+
+    /**
+     * Initialize or update session
+     */
+    public function session(Request $request)
+    {
+        try {
+            $session = $this->tracker->startSession();
+
+            return response()->json([
+                'success' => true,
+                'session_id' => $session->session_id,
+            ]);
+        } catch (\Exception $e) {
+            Log::error('Analytics session tracking failed', [
+                'error' => $e->getMessage(),
+                'trace' => $e->getTraceAsString(),
+            ]);
+
+            return response()->json([
+                'success' => false,
+                'error' => 'Session tracking failed',
+            ], 500);
+        }
+    }
+
+    /**
+     * Track various analytics events
+     */
+    public function track(Request $request)
+    {
+        try {
+            $eventType = $request->input('event_type');
+
+            switch ($eventType) {
+                case 'page_view':
+                    $this->trackPageView($request);
+                    break;
+
+                case 'product_view':
+                    $this->trackProductView($request);
+                    break;
+
+                case 'page_engagement':
+                    $this->trackPageEngagement($request);
+                    break;
+
+                case 'click':
+                    $this->trackClick($request);
+                    break;
+
+                default:
+                    $this->trackGenericEvent($request);
+            }
+
+            return response()->json(['success' => true]);
+        } catch (\Exception $e) {
+            Log::error('Analytics tracking failed', [
+                'event_type' => $request->input('event_type'),
+                'error' => $e->getMessage(),
+                'trace' => $e->getTraceAsString(),
+            ]);
+
+            return response()->json([
+                'success' => false,
+                'error' => 'Tracking failed',
+            ], 500);
+        }
+    }
+
+    /**
+     * Track page view
+     */
+    protected function trackPageView(Request $request): void
+    {
+        $this->tracker->updateSessionPageView();
+
+        $this->tracker->trackEvent(
+            'page_view',
+            'navigation',
+            'view',
+            null,
+            null,
+            [
+                'url' => $request->input('url'),
+                'title' => $request->input('title'),
+                'referrer' => $request->input('referrer'),
+            ]
+        );
+    }
+
+    /**
+     * Track product view with engagement signals
+     */
+    protected function trackProductView(Request $request): void
+    {
+        $productId = $request->input('product_id');
+
+        if (! $productId) {
+            return;
+        }
+
+        $product = Product::find($productId);
+
+        if (! $product) {
+            return;
+        }
+
+        $signals = [
+            'time_on_page' => $request->input('time_on_page'),
+            'scroll_depth' => $request->input('scroll_depth'),
+            'zoomed_image' => $request->boolean('zoomed_image'),
+            'watched_video' => $request->boolean('watched_video'),
+            'downloaded_spec' => $request->boolean('downloaded_spec'),
+            'added_to_cart' => $request->boolean('added_to_cart'),
+            'added_to_wishlist' => $request->boolean('added_to_wishlist'),
+        ];
+
+        $this->tracker->trackProductView($product, $signals);
+    }
+
+    /**
+     * Track generic page engagement
+     */
+    protected function trackPageEngagement(Request $request): void
+    {
+        $this->tracker->updateSessionPageView();
+
+        $this->tracker->trackEvent(
+            'page_engagement',
+            'engagement',
+            'interact',
+            null,
+            null,
+            [
+                'time_on_page' => $request->input('time_on_page'),
+                'scroll_depth' => $request->input('scroll_depth'),
+            ]
+        );
+    }
+
+    /**
+     * Track click event
+     */
+    protected function trackClick(Request $request): void
+    {
+        $this->tracker->trackClick(
+            $request->input('element_type', 'unknown'),
+            $request->input('element_id'),
+            $request->input('element_label'),
+            $request->input('url'),
+            [
+                'timestamp' => $request->input('timestamp'),
+            ]
+        );
+    }
+
+    /**
+     * Track generic event
+     */
+    protected function trackGenericEvent(Request $request): void
+    {
+        $this->tracker->trackEvent(
+            $request->input('event_type', 'custom'),
+            $request->input('category', 'general'),
+            $request->input('action', 'action'),
+            $request->input('subject_id'),
+            $request->input('subject_type'),
+            $request->input('metadata', [])
+        );
+    }
+}

app/Http/Controllers/Auth/UnifiedAuthenticatedSessionController.php

@@ -30,20 +30,29 @@ class UnifiedAuthenticatedSessionController extends Controller
 
         $request->session()->regenerate();
 
-        // Smart routing based on user type
+        // Log admin users into the admin guard for Filament access
+        if ($user->user_type === 'admin') {
+            Auth::guard('admin')->login($user);
+        }
+
+        // Smart routing based on user type - use intended() to preserve redirect URL
         switch ($user->user_type) {
             case 'buyer':
-                return redirect()->route('buyer.dashboard');
+                return redirect()->intended(route('buyer.dashboard'));
 
             case 'seller':
-                return redirect()->route('seller.dashboard');
+                return redirect()->intended(route('seller.dashboard'));
 
             case 'admin':
-                return redirect('/admin');
+                return redirect()->intended('/admin');
+
+            case 'both':
+                // For users with both types, default to seller dashboard
+                return redirect()->intended(route('seller.dashboard'));
 
             default:
                 // Fallback for users without proper type
-                return redirect()->route('buyer.profile');
+                return redirect()->intended(route('buyer.profile'));
         }
     }
 

app/Http/Controllers/Business/UserController.php

@@ -5,7 +5,10 @@ declare(strict_types=1);
 namespace App\Http\Controllers\Business;
 
 use App\Http\Controllers\Controller;
+use App\Models\User;
+use Illuminate\Http\JsonResponse;
 use Illuminate\Http\RedirectResponse;
+use Illuminate\Http\Request;
 use Illuminate\View\View;
 
 class UserController extends Controller
@@ -25,14 +28,57 @@ class UserController extends Controller
 
         // Load users with their pivot data (contact_type, is_primary, permissions)
         $users = $business->users()
-            ->withPivot('contact_type', 'is_primary', 'permissions')
+            ->withPivot('contact_type', 'is_primary', 'permissions', 'role')
             ->orderBy('is_primary', 'desc')
             ->orderBy('first_name')
             ->get();
 
+        // Available analytics permissions
+        $analyticsPermissions = [
+            'analytics.overview' => 'Access main analytics dashboard',
+            'analytics.products' => 'View product performance analytics',
+            'analytics.marketing' => 'View marketing and email analytics',
+            'analytics.sales' => 'View sales intelligence and pipeline',
+            'analytics.buyers' => 'View buyer intelligence and engagement',
+            'analytics.export' => 'Export analytics data',
+        ];
+
         return view('business.users.index', [
             'business' => $business,
             'users' => $users,
+            'analyticsPermissions' => $analyticsPermissions,
+        ]);
+    }
+
+    /**
+     * Update user permissions.
+     */
+    public function updatePermissions(Request $request, User $user): JsonResponse
+    {
+        $business = auth()->user()->businesses()->first();
+
+        if (! $business) {
+            return response()->json(['error' => 'No business found'], 404);
+        }
+
+        // Verify user belongs to this business
+        if (! $business->users->contains($user->id)) {
+            return response()->json(['error' => 'User not found in this business'], 404);
+        }
+
+        $validated = $request->validate([
+            'permissions' => 'array',
+            'permissions.*' => 'string',
+        ]);
+
+        // Update permissions in pivot table
+        $business->users()->updateExistingPivot($user->id, [
+            'permissions' => $validated['permissions'] ?? [],
+        ]);
+
+        return response()->json([
+            'success' => true,
+            'message' => 'Permissions updated successfully',
         ]);
     }
 

app/Http/Controllers/Business/UserPermissionsController.php

@@ -0,0 +1,185 @@
+<?php
+
+namespace App\Http\Controllers\Business;
+
+use App\Http\Controllers\Controller;
+use App\Models\User;
+use App\Services\PermissionService;
+use Illuminate\Http\Request;
+use Illuminate\Support\Facades\Log;
+
+class UserPermissionsController extends Controller
+{
+    public function __construct(
+        protected PermissionService $permissionService
+    ) {}
+
+    /**
+     * Update user permissions via AJAX
+     */
+    public function update(Request $request, string $businessSlug, int $userId)
+    {
+        try {
+            $business = currentBusiness();
+
+            if (! $business) {
+                return response()->json([
+                    'success' => false,
+                    'message' => 'Business not found',
+                ], 404);
+            }
+
+            // Only owners and admins can manage permissions
+            if (auth()->user()->user_type !== 'admin' && $business->owner_user_id !== auth()->id()) {
+                return response()->json([
+                    'success' => false,
+                    'message' => 'You do not have permission to manage user permissions',
+                ], 403);
+            }
+
+            $user = User::findOrFail($userId);
+
+            // Verify user belongs to this business
+            if (! $user->businesses()->where('businesses.id', $business->id)->exists()) {
+                return response()->json([
+                    'success' => false,
+                    'message' => 'User does not belong to this business',
+                ], 404);
+            }
+
+            // Prevent owner from modifying their own permissions
+            if ($user->id === $business->owner_user_id) {
+                return response()->json([
+                    'success' => false,
+                    'message' => 'Cannot modify owner permissions',
+                ], 403);
+            }
+
+            $validated = $request->validate([
+                'permissions' => 'array',
+                'permissions.*' => 'string',
+                'role_template' => 'nullable|string',
+            ]);
+
+            $permissions = $validated['permissions'] ?? [];
+            $roleTemplate = $validated['role_template'] ?? null;
+
+            // Set permissions using PermissionService
+            $success = $this->permissionService->setPermissions(
+                user: $user,
+                permissions: $permissions,
+                business: $business,
+                roleTemplate: $roleTemplate,
+                reason: 'Updated by '.auth()->user()->name.' via permissions modal'
+            );
+
+            if ($success) {
+                Log::info('User permissions updated', [
+                    'business_id' => $business->id,
+                    'target_user_id' => $user->id,
+                    'actor_user_id' => auth()->id(),
+                    'permissions_count' => count($permissions),
+                    'role_template' => $roleTemplate,
+                ]);
+
+                return response()->json([
+                    'success' => true,
+                    'message' => 'Permissions updated successfully',
+                ]);
+            }
+
+            return response()->json([
+                'success' => false,
+                'message' => 'Failed to update permissions',
+            ], 500);
+
+        } catch (\Exception $e) {
+            Log::error('Error updating user permissions', [
+                'error' => $e->getMessage(),
+                'user_id' => $userId,
+                'business_slug' => $businessSlug,
+            ]);
+
+            return response()->json([
+                'success' => false,
+                'message' => 'An error occurred while updating permissions',
+            ], 500);
+        }
+    }
+
+    /**
+     * Apply a role template to a user
+     */
+    public function applyTemplate(Request $request, string $businessSlug, int $userId)
+    {
+        try {
+            $business = currentBusiness();
+
+            if (! $business) {
+                return response()->json([
+                    'success' => false,
+                    'message' => 'Business not found',
+                ], 404);
+            }
+
+            // Only owners and admins can manage permissions
+            if (auth()->user()->user_type !== 'admin' && $business->owner_user_id !== auth()->id()) {
+                return response()->json([
+                    'success' => false,
+                    'message' => 'You do not have permission to manage user permissions',
+                ], 403);
+            }
+
+            $user = User::findOrFail($userId);
+
+            // Verify user belongs to this business
+            if (! $user->businesses()->where('businesses.id', $business->id)->exists()) {
+                return response()->json([
+                    'success' => false,
+                    'message' => 'User does not belong to this business',
+                ], 404);
+            }
+
+            $validated = $request->validate([
+                'template_key' => 'required|string',
+                'merge' => 'boolean',
+            ]);
+
+            $templateKey = $validated['template_key'];
+            $merge = $validated['merge'] ?? false;
+
+            // Apply role template
+            $permissions = $this->permissionService->applyRoleTemplate(
+                user: $user,
+                templateKey: $templateKey,
+                business: $business,
+                merge: $merge
+            );
+
+            if ($permissions === null) {
+                return response()->json([
+                    'success' => false,
+                    'message' => 'Role template not found',
+                ], 404);
+            }
+
+            return response()->json([
+                'success' => true,
+                'message' => 'Role template applied successfully',
+                'permissions' => $permissions,
+            ]);
+
+        } catch (\Exception $e) {
+            Log::error('Error applying role template', [
+                'error' => $e->getMessage(),
+                'user_id' => $userId,
+                'business_slug' => $businessSlug,
+            ]);
+
+            return response()->json([
+                'success' => false,
+                'message' => 'An error occurred while applying role template',
+            ], 500);
+        }
+    }
+}

app/Http/Controllers/Buyer/BackorderController.php

@@ -0,0 +1,143 @@
+<?php
+
+namespace App\Http\Controllers\Buyer;
+
+use App\Http\Controllers\Controller;
+use App\Jobs\ProcessBackorderRequest;
+use App\Models\Product;
+use App\Services\BackorderService;
+use Illuminate\Http\JsonResponse;
+use Illuminate\Http\Request;
+use Illuminate\Support\Facades\Validator;
+
+class BackorderController extends Controller
+{
+    public function __construct(
+        protected BackorderService $backorderService
+    ) {}
+
+    /**
+     * Create a backorder
+     */
+    public function store(Request $request): JsonResponse
+    {
+        $validator = Validator::make($request->all(), [
+            'product_id' => 'required|exists:products,id',
+            'quantity' => 'required|integer|min:1',
+            'notes' => 'nullable|string|max:500',
+        ]);
+
+        if ($validator->fails()) {
+            return response()->json([
+                'success' => false,
+                'errors' => $validator->errors(),
+            ], 422);
+        }
+
+        $user = auth()->user();
+        $business = $user->businesses->first(); // Assuming user has at least one business
+
+        if (! $business) {
+            return response()->json([
+                'success' => false,
+                'message' => 'You must have a business account to place backorders.',
+            ], 400);
+        }
+
+        $product = Product::findOrFail($request->product_id);
+
+        // Check if product is actually out of stock
+        if ($product->isInStock()) {
+            return response()->json([
+                'success' => false,
+                'message' => 'This product is currently in stock. Please add it to your cart instead.',
+            ], 400);
+        }
+
+        try {
+            // Dispatch the job to process backorder in the background
+            ProcessBackorderRequest::dispatch(
+                userId: $user->id,
+                buyerBusinessId: $business->id,
+                productId: $product->id,
+                quantity: $request->quantity,
+                notes: $request->notes
+            );
+
+            return response()->json([
+                'success' => true,
+                'message' => 'Backorder placed successfully! We will create an order automatically when inventory becomes available.',
+                'backorder' => [
+                    'product_id' => $product->id,
+                    'product_name' => $product->name,
+                    'quantity' => $request->quantity,
+                ],
+            ]);
+        } catch (\Exception $e) {
+            return response()->json([
+                'success' => false,
+                'message' => 'Failed to create backorder. Please try again.',
+            ], 500);
+        }
+    }
+
+    /**
+     * List user's backorders
+     */
+    public function index(Request $request): JsonResponse
+    {
+        $user = auth()->user();
+        $business = $user->businesses->first();
+
+        if (! $business) {
+            return response()->json([
+                'success' => false,
+                'message' => 'No business found.',
+            ], 404);
+        }
+
+        $backorders = \App\Models\Backorder::where('business_id', $business->id)
+            ->with(['product.brand', 'order'])
+            ->orderBy('created_at', 'desc')
+            ->get();
+
+        return response()->json([
+            'success' => true,
+            'backorders' => $backorders->map(function ($backorder) {
+                return [
+                    'id' => $backorder->id,
+                    'product' => [
+                        'name' => $backorder->product->name,
+                        'sku' => $backorder->product->sku,
+                        'brand_name' => $backorder->product->brand->name,
+                    ],
+                    'quantity' => $backorder->quantity,
+                    'status' => $backorder->status,
+                    'order_number' => $backorder->order?->order_number,
+                    'created_at' => $backorder->created_at->toDateString(),
+                    'converted_at' => $backorder->converted_at?->toDateString(),
+                ];
+            }),
+        ]);
+    }
+
+    /**
+     * Cancel a backorder
+     */
+    public function cancel(Request $request, int $backorderId): JsonResponse
+    {
+        $cancelled = $this->backorderService->cancelBackorder($backorderId, auth()->id());
+
+        if ($cancelled) {
+            return response()->json([
+                'success' => true,
+                'message' => 'Backorder cancelled successfully.',
+            ]);
+        }
+
+        return response()->json([
+            'success' => false,
+            'message' => 'Backorder not found or already processed.',
+        ], 404);
+    }
+}

app/Http/Controllers/Buyer/BrandBrowseController.php

@@ -0,0 +1,63 @@
+<?php
+
+namespace App\Http\Controllers\Buyer;
+
+use App\Http\Controllers\Controller;
+use App\Models\Brand;
+use App\Models\Business;
+use Illuminate\Http\Request;
+
+class BrandBrowseController extends Controller
+{
+    /**
+     * Show brand menu for buyers to browse and order
+     * This is the main product browsing interface for buyers
+     *
+     * @return \Illuminate\View\View
+     */
+    public function browse(Request $request, string $businessSlug, string $brandHashid)
+    {
+        // Manually resolve business and brand (cross-tenant access allowed)
+        // Buyers can browse ANY seller's brand menu
+        $business = Business::where('slug', $businessSlug)->firstOrFail();
+        $brand = Brand::where('hashid', $brandHashid)
+            ->where('business_id', $business->id)
+            ->where('is_active', true)
+            ->firstOrFail();
+
+        // Load brand with business relationship
+        $brand->load('business');
+
+        // Get products organized by product line
+        $products = $brand->products()
+            ->with(['strain', 'images', 'productLine'])
+            ->where('is_active', true)
+            ->orderBy('product_line_id')
+            ->orderBy('name')
+            ->get();
+
+        // Group products by product line
+        $productsByLine = $products->groupBy(function ($product) {
+            return $product->productLine ? $product->productLine->name : 'Other Products';
+        });
+
+        // Get other brands from same business
+        $otherBrands = $business
+            ->brands()
+            ->where('id', '!=', $brand->id)
+            ->where('is_active', true)
+            ->get();
+
+        // Mark this as buyer view
+        $isSeller = false;
+
+        return view('seller.brands.preview', compact(
+            'business',
+            'brand',
+            'products',
+            'productsByLine',
+            'otherBrands',
+            'isSeller'
+        ));
+    }
+}

app/Http/Controllers/Buyer/CartController.php

@@ -19,7 +19,7 @@ class CartController extends Controller
     /**
      * Display the cart page or return JSON data.
      */
-    public function index(Request $request): View|JsonResponse
+    public function index(\App\Models\Business $business, Request $request): View|JsonResponse
     {
         $user = $request->user();
         $sessionId = $request->session()->getId();
@@ -27,11 +27,17 @@ class CartController extends Controller
         // Fetch items once - calculate totals from loaded collection
         $items = $this->cartService->getCartItems($user, $sessionId);
 
-        $subtotal = $items->sum(fn ($item) => $item->quantity * ($item->product->wholesale_price ?? 0));
+        $subtotal = $items->sum(function ($item) {
+            $product = $item->product;
+            $regularPrice = $product->wholesale_price ?? $product->msrp ?? 0;
+            $hasSalePrice = $product->sale_price && $product->sale_price < $regularPrice;
+            $unitPrice = $hasSalePrice ? $product->sale_price : $regularPrice;
+
+            return $item->quantity * $unitPrice;
+        });
 
         // Calculate tax based on business tax rate
-        $business = $user?->businesses()->first();
-        $taxRate = $business?->getTaxRate() ?? 0.08;
+        $taxRate = $business->getTaxRate() ?? 0.08;
         $tax = $subtotal * $taxRate;
 
         $total = $subtotal + $tax;
@@ -62,7 +68,7 @@ class CartController extends Controller
     /**
      * Add item to cart (Ajax).
      */
-    public function add(Request $request): JsonResponse
+    public function add(\App\Models\Business $business, Request $request): JsonResponse
     {
         $request->validate([
             'product_id' => 'required|exists:products,id',
@@ -75,6 +81,7 @@ class CartController extends Controller
 
         try {
             $cart = $this->cartService->addItem(
+                $business,
                 $request->integer('product_id'),
                 $request->integer('quantity', 1),
                 $user,
@@ -101,7 +108,7 @@ class CartController extends Controller
     /**
      * Update cart item quantity (Ajax).
      */
-    public function update(Request $request, int $cartId): JsonResponse
+    public function update(\App\Models\Business $business, Request $request, string $cartId): JsonResponse
     {
         $request->validate([
             'quantity' => 'required|integer|min:1',
@@ -111,11 +118,17 @@ class CartController extends Controller
         $sessionId = $request->session()->getId();
 
         try {
-            $cart = $this->cartService->updateQuantity($cartId, $request->integer('quantity'));
+            $cart = $this->cartService->updateQuantity((int) $cartId, $request->integer('quantity'), $user, $sessionId);
 
             // Ensure product is loaded for JSON response
             $cart->load('product', 'brand');
 
+            // Calculate unit price (respecting sale pricing)
+            $product = $cart->product;
+            $regularPrice = $product->wholesale_price ?? $product->msrp ?? 0;
+            $hasSalePrice = $product->sale_price && $product->sale_price < $regularPrice;
+            $unitPrice = $hasSalePrice ? $product->sale_price : $regularPrice;
+
             $subtotal = $this->cartService->getSubtotal($user, $sessionId);
             $tax = $this->cartService->getTax($user, $sessionId);
             $total = $this->cartService->getTotal($user, $sessionId);
@@ -124,6 +137,7 @@ class CartController extends Controller
             return response()->json([
                 'success' => true,
                 'cart_item' => $cart,
+                'unit_price' => $unitPrice,
                 'subtotal' => $subtotal,
                 'tax' => $tax,
                 'total' => $total,
@@ -140,13 +154,13 @@ class CartController extends Controller
     /**
      * Remove item from cart (Ajax).
      */
-    public function remove(Request $request, int $cartId): JsonResponse
+    public function remove(\App\Models\Business $business, Request $request, string $cartId): JsonResponse
     {
-        $this->cartService->removeItem($cartId);
-
         $user = $request->user();
         $sessionId = $request->session()->getId();
 
+        $this->cartService->removeItem($cartId, $user, $sessionId);
+
         $subtotal = $this->cartService->getSubtotal($user, $sessionId);
         $tax = $this->cartService->getTax($user, $sessionId);
         $total = $this->cartService->getTotal($user, $sessionId);
@@ -165,7 +179,7 @@ class CartController extends Controller
     /**
      * Clear entire cart.
      */
-    public function clear(Request $request): JsonResponse
+    public function clear(\App\Models\Business $business, Request $request): JsonResponse
     {
         $user = $request->user();
         $sessionId = $request->session()->getId();
@@ -182,7 +196,7 @@ class CartController extends Controller
     /**
      * Get cart count (for header badge).
      */
-    public function count(Request $request): JsonResponse
+    public function count(\App\Models\Business $business, Request $request): JsonResponse
     {
         $user = $request->user();
         $sessionId = $request->session()->getId();

app/Http/Controllers/Buyer/CheckoutController.php

@@ -8,10 +8,12 @@ use App\Http\Controllers\Controller;
 use App\Models\Business;
 use App\Models\Order;
 use App\Models\OrderItem;
+use App\Models\Product;
 use App\Services\CartService;
 use Illuminate\Http\RedirectResponse;
 use Illuminate\Http\Request;
 use Illuminate\Support\Facades\DB;
+use Illuminate\Support\Str;
 use Illuminate\View\View;
 
 class CheckoutController extends Controller
@@ -23,7 +25,7 @@ class CheckoutController extends Controller
     /**
      * Display the checkout page.
      */
-    public function index(Request $request): View|RedirectResponse
+    public function index(Business $business, Request $request): View|RedirectResponse
     {
         $user = $request->user();
         $sessionId = $request->session()->getId();
@@ -33,7 +35,7 @@ class CheckoutController extends Controller
 
         // Redirect if cart is empty
         if ($items->isEmpty()) {
-            return redirect()->route('buyer.cart.index')
+            return redirect()->route('buyer.business.cart.index', $business)
                 ->with('error', 'Your cart is empty. Add some products before checking out.');
         }
 
@@ -42,9 +44,6 @@ class CheckoutController extends Controller
         $tax = $this->cartService->getTax($user, $sessionId);
         $total = $this->cartService->getTotal($user, $sessionId);
 
-        // Get user's business
-        $business = $user->businesses()->first();
-
         // Load delivery locations (only locations that accept deliveries)
         $locations = $business
             ? $business->locations()
@@ -78,10 +77,10 @@ class CheckoutController extends Controller
     /**
      * Process the order.
      */
-    public function process(Request $request): RedirectResponse
+    public function process(Business $business, Request $request): RedirectResponse
     {
         $request->validate([
-            'location_id' => 'required_if:delivery_method,delivery|nullable|exists:locations,id',
+            'location_id' => 'nullable|exists:locations,id',
             'payment_terms' => 'required|in:cod,net_15,net_30,net_60,net_90',
             'notes' => 'nullable|string|max:1000',
             'delivery_method' => 'required|in:delivery,pickup',
@@ -99,110 +98,171 @@ class CheckoutController extends Controller
         $items = $this->cartService->getCartItems($user, $sessionId);
 
         if ($items->isEmpty()) {
-            return redirect()->route('buyer.cart.index')
+            return redirect()->route('buyer.business.cart.index', $business)
                 ->with('error', 'Your cart is empty.');
         }
 
-        // Get user's business
-        $business = $user->businesses()->first();
-
-        if (! $business) {
-            return back()->with('error', 'No business associated with your account.');
-        }
-
         // Calculate due date based on payment terms
         $paymentTerms = $request->input('payment_terms');
         $dueDate = $this->calculateDueDate($paymentTerms);
 
-        // Calculate totals with payment term surcharge
-        $subtotal = $this->cartService->getSubtotal($user, $sessionId);
-        $surchargePercent = Order::getSurchargePercentage($paymentTerms);
-        $surcharge = $subtotal * ($surchargePercent / 100);
+        // Group cart items by brand
+        $itemsByBrand = $items->groupBy(function ($item) {
+            return $item->product->brand_id ?? 'unknown';
+        });
 
-        // Tax is calculated on subtotal + surcharge using business tax rate
-        // (0.00 if business is tax-exempt wholesale/resale with Form 5000A)
+        // Remove items with unknown brand
+        $itemsByBrand = $itemsByBrand->filter(function ($items, $brandId) {
+            return $brandId !== 'unknown';
+        });
+
+        // Generate order group ID to link all orders from this checkout
+        $orderGroupId = 'OG-'.strtoupper(Str::random(12));
+
+        // Tax rate for buyer's business
         $taxRate = $business->getTaxRate();
-        $tax = ($subtotal + $surcharge) * $taxRate;
-        $total = $subtotal + $surcharge + $tax;
+        $surchargePercent = Order::getSurchargePercentage($paymentTerms);
 
-        // Create order in transaction
-        $order = DB::transaction(function () use ($request, $user, $business, $items, $subtotal, $surcharge, $tax, $total, $paymentTerms, $dueDate) {
-            // Generate order number
-            $orderNumber = $this->generateOrderNumber();
+        // Create orders in transaction (one per brand)
+        $orders = DB::transaction(function () use (
+            $request,
+            $user,
+            $business,
+            $itemsByBrand,
+            $taxRate,
+            $surchargePercent,
+            $paymentTerms,
+            $dueDate,
+            $orderGroupId
+        ) {
+            $createdOrders = [];
 
-            // Create order
-            $order = Order::create([
-                'order_number' => $orderNumber,
-                'business_id' => $business->id,
-                'user_id' => $user->id,
-                'location_id' => $request->input('location_id'),
-                'subtotal' => $subtotal,
-                'surcharge' => $surcharge,
-                'tax' => $tax,
-                'total' => $total,
-                'status' => 'new',
-                'created_by' => 'buyer', // Buyer-initiated order
-                'payment_terms' => $paymentTerms,
-                'due_date' => $dueDate,
-                'notes' => $request->input('notes'),
-                'delivery_method' => $request->input('delivery_method', 'delivery'),
-                'pickup_driver_first_name' => $request->input('pickup_driver_first_name'),
-                'pickup_driver_last_name' => $request->input('pickup_driver_last_name'),
-                'pickup_driver_license' => $request->input('pickup_driver_license'),
-                'pickup_driver_phone' => $request->input('pickup_driver_phone'),
-                'pickup_vehicle_plate' => $request->input('pickup_vehicle_plate'),
-            ]);
+            foreach ($itemsByBrand as $brandId => $brandItems) {
+                // Get seller business ID from the brand
+                $sellerBusinessId = $brandItems->first()->product->brand->business_id;
 
-            // Create order items from cart
-            foreach ($items as $item) {
-                OrderItem::create([
-                    'order_id' => $order->id,
-                    'product_id' => $item->product_id,
-                    'batch_id' => $item->batch_id,
-                    'batch_number' => $item->batch?->batch_number,
-                    'quantity' => $item->quantity,
-                    'unit_price' => $item->product->wholesale_price,
-                    'line_total' => $item->quantity * $item->product->wholesale_price,
-                    'product_name' => $item->product->name,
-                    'product_sku' => $item->product->sku,
-                    'brand_name' => $item->brand->name ?? '',
+                // Calculate totals for this brand's items
+                $brandSubtotal = $brandItems->sum(function ($item) {
+                    return $item->quantity * $item->product->wholesale_price;
+                });
+
+                $brandSurcharge = $brandSubtotal * ($surchargePercent / 100);
+                $brandTax = ($brandSubtotal + $brandSurcharge) * $taxRate;
+                $brandTotal = $brandSubtotal + $brandSurcharge + $brandTax;
+
+                // Generate order number
+                $orderNumber = $this->generateOrderNumber();
+
+                // Create order for this brand
+                $order = Order::create([
+                    'order_number' => $orderNumber,
+                    'order_group_id' => $orderGroupId,
+                    'business_id' => $business->id,
+                    'seller_business_id' => $sellerBusinessId,
+                    'user_id' => $user->id,
+                    'location_id' => $request->input('location_id'),
+                    'subtotal' => $brandSubtotal,
+                    'surcharge' => $brandSurcharge,
+                    'tax' => $brandTax,
+                    'total' => $brandTotal,
+                    'status' => 'new',
+                    'created_by' => 'buyer',
+                    'payment_terms' => $paymentTerms,
+                    'due_date' => $dueDate,
+                    'notes' => $request->input('notes'),
+                    'delivery_method' => $request->input('delivery_method', 'delivery'),
+                    'pickup_driver_first_name' => $request->input('pickup_driver_first_name'),
+                    'pickup_driver_last_name' => $request->input('pickup_driver_last_name'),
+                    'pickup_driver_license' => $request->input('pickup_driver_license'),
+                    'pickup_driver_phone' => $request->input('pickup_driver_phone'),
+                    'pickup_vehicle_plate' => $request->input('pickup_vehicle_plate'),
                 ]);
 
-                // If batch selected, allocate inventory from that batch
-                if ($item->batch_id && $item->batch) {
-                    $item->batch->allocate($item->quantity);
+                // Create order items for this brand
+                foreach ($brandItems as $item) {
+                    OrderItem::create([
+                        'order_id' => $order->id,
+                        'product_id' => $item->product_id,
+                        'batch_id' => $item->batch_id,
+                        'batch_number' => $item->batch?->batch_number,
+                        'quantity' => $item->quantity,
+                        'unit_price' => $item->product->wholesale_price,
+                        'line_total' => $item->quantity * $item->product->wholesale_price,
+                        'product_name' => $item->product->name,
+                        'product_sku' => $item->product->sku,
+                        'brand_name' => $item->brand->name ?? '',
+                    ]);
+
+                    // If batch selected, allocate inventory from that batch
+                    if ($item->batch_id && $item->batch) {
+                        $item->batch->allocate($item->quantity);
+                    }
                 }
+
+                $createdOrders[] = $order;
             }
 
-            return $order;
+            return collect($createdOrders);
         });
 
         // Clear the cart
         $this->cartService->clear($user, $sessionId);
 
-        // Notify sellers of new order
+        // Notify sellers of new orders (wrapped in try-catch to prevent email failures from blocking checkout)
         $sellerNotificationService = app(\App\Services\SellerNotificationService::class);
-        $sellerNotificationService->newOrderReceived($order);
+        foreach ($orders as $order) {
+            try {
+                $sellerNotificationService->newOrderReceived($order);
+            } catch (\Exception $e) {
+                // Log the error but don't block the checkout
+                \Log::error('Failed to send seller notification email', [
+                    'order_id' => $order->id,
+                    'order_number' => $order->order_number,
+                    'error' => $e->getMessage(),
+                ]);
+            }
+        }
 
-        // Redirect to success page
-        return redirect()->route('buyer.checkout.success', ['order' => $order->order_number])
-            ->with('success', 'Order placed successfully!');
+        // Redirect to orders page with success message
+        if ($orders->count() > 1) {
+            return redirect()->route('buyer.business.orders.index', ['business' => $business->slug])
+                ->with('success', "Success! Seller has been notified of your {$orders->count()} orders and will be in contact with you. Thank you for your business!");
+        }
+
+        // Single order - redirect to order details page with session flag to show success banner
+        return redirect()->route('buyer.business.orders.show', ['business' => $business->slug, 'order' => $orders->first()->order_number])
+            ->with('order_created', true);
     }
 
     /**
      * Display order confirmation page.
+     * Handles both single orders (by order_number) and order groups (by order_group_id).
      */
-    public function success(Request $request, Order $order): View|RedirectResponse
+    public function success(Business $business, Request $request, string $order): View|RedirectResponse
     {
-        // Load relationships
-        $order->load(['items.product', 'business', 'location']);
+        // Check if this is an order group ID (starts with OG-)
+        if (str_starts_with($order, 'OG-')) {
+            // Load all orders in this group
+            $orders = Order::where('order_group_id', $order)
+                ->where('business_id', $business->id)
+                ->with(['items.product', 'business', 'location', 'sellerBusiness'])
+                ->orderBy('created_at')
+                ->get();
 
-        // Ensure user owns this order
-        if ($order->user_id !== $request->user()->id) {
-            abort(403, 'Unauthorized');
+            if ($orders->isEmpty()) {
+                abort(404, 'Order group not found');
+            }
+
+            return view('buyer.checkout.success-group', compact('orders', 'business'));
         }
 
-        return view('buyer.checkout.success', compact('order'));
+        // Single order - find by order_number
+        $order = Order::where('order_number', $order)
+            ->where('business_id', $business->id)
+            ->with(['items.product', 'business', 'location'])
+            ->firstOrFail();
+
+        return view('buyer.checkout.success', compact('order', 'business'));
     }
 
     /**
@@ -231,4 +291,82 @@ class CheckoutController extends Controller
             default => now()->addDays(30),
         };
     }
+
+    /**
+     * Process checkout and create orders (one per brand).
+     * New route for order splitting logic.
+     */
+    public function store(Request $request): RedirectResponse
+    {
+        $validated = $request->validate([
+            'cart' => 'required|array|min:1',
+            'cart.*.product_id' => 'required|exists:products,id',
+            'cart.*.quantity' => 'required|integer|min:1',
+            'delivery_window_id' => 'nullable|exists:delivery_windows,id',
+            'delivery_window_date' => 'nullable|date',
+        ]);
+
+        $business = $request->user()->businesses()->first();
+
+        if (! $business) {
+            return redirect()->back()->with('error', 'No business associated with your account');
+        }
+
+        // Load products and group by brand
+        $productIds = collect($validated['cart'])->pluck('product_id');
+        $products = Product::with('brand.business')
+            ->whereIn('id', $productIds)
+            ->get()
+            ->keyBy('id');
+
+        // Group cart items by brand
+        $itemsByBrand = collect($validated['cart'])->groupBy(function ($item) use ($products) {
+            $product = $products->get($item['product_id']);
+
+            return $product->brand_id;
+        });
+
+        // Generate unique group ID for all orders in this checkout
+        $orderGroupId = 'checkout_'.Str::uuid();
+
+        $createdOrders = [];
+
+        // Create one order per brand
+        foreach ($itemsByBrand as $brandId => $items) {
+            // Get seller business ID from the brand
+            $product = $products->get($items[0]['product_id']);
+            $sellerBusinessId = $product->brand->business_id;
+
+            $order = Order::create([
+                'order_number' => $this->generateOrderNumber(),
+                'business_id' => $business->id,
+                'seller_business_id' => $sellerBusinessId,
+                'order_group_id' => $orderGroupId,
+                'status' => 'new',
+                'created_by' => 'buyer',
+                'delivery_window_id' => $validated['delivery_window_id'] ?? null,
+                'delivery_window_date' => $validated['delivery_window_date'] ?? null,
+            ]);
+
+            // Create order items
+            foreach ($items as $item) {
+                $product = $products->get($item['product_id']);
+
+                $order->items()->create([
+                    'product_id' => $product->id,
+                    'quantity' => $item['quantity'],
+                    'unit_price' => $product->wholesale_price,
+                    'line_total' => $item['quantity'] * $product->wholesale_price,
+                    'product_name' => $product->name,
+                    'product_sku' => $product->sku,
+                ]);
+            }
+
+            $createdOrders[] = $order;
+        }
+
+        return redirect()
+            ->back()
+            ->with('success', count($createdOrders).' order(s) created successfully');
+    }
 }

app/Http/Controllers/Buyer/InvoiceController.php

@@ -4,10 +4,7 @@ namespace App\Http\Controllers\Buyer;
 
 use App\Http\Controllers\Controller;
 use App\Models\Invoice;
-use App\Models\OrderItem;
 use App\Services\InvoiceService;
-use App\Services\OrderModificationService;
-use Illuminate\Http\Request;
 use Illuminate\Support\Facades\Storage;
 use Symfony\Component\HttpFoundation\Response;
 
@@ -16,15 +13,11 @@ class InvoiceController extends Controller
     /**
      * Display a listing of the user's invoices.
      */
-    public function index()
+    public function index(\App\Models\Business $business)
     {
-        $user = auth()->user();
-        $userBusinessIds = $user->businesses->pluck('id')->toArray();
-
         $invoices = Invoice::with(['order', 'business'])
-            ->whereHas('order', function ($query) use ($user, $userBusinessIds) {
-                $query->where('user_id', $user->id)
-                    ->orWhereIn('business_id', $userBusinessIds);
+            ->whereHas('order', function ($query) use ($business) {
+                $query->forBusiness($business);
             })
             ->latest()
             ->get();
@@ -37,168 +30,30 @@ class InvoiceController extends Controller
             'overdue' => $invoices->filter(fn ($inv) => $inv->isOverdue())->count(),
         ];
 
-        return view('buyer.invoices.index', compact('invoices', 'stats'));
+        return view('buyer.invoices.index', compact('invoices', 'stats', 'business'));
     }
 
     /**
      * Display the specified invoice.
      */
-    public function show(Invoice $invoice)
+    public function show(\App\Models\Business $business, Invoice $invoice)
     {
         // Authorization check
-        if (! $this->canAccessInvoice($invoice)) {
+        if (! $invoice->order || ! $invoice->order->belongsToBusiness($business)) {
             abort(403, 'Unauthorized to view this invoice.');
         }
 
         $invoice->load(['order.items', 'business']);
 
-        // Prepare invoice items data for Alpine.js
-        $invoiceItems = $invoice->order->items->map(function ($item) {
-            return [
-                'id' => $item->id,
-                'quantity' => $item->picked_qty,
-                'originalQuantity' => $item->picked_qty,
-                'unit_price' => $item->unit_price,
-                'deleted' => false,
-            ];
-        })->values();
-
-        return view('buyer.invoices.show', compact('invoice', 'invoiceItems'));
-    }
-
-    /**
-     * Approve the invoice without modifications.
-     */
-    public function approve(Invoice $invoice)
-    {
-        if (! $this->canAccessInvoice($invoice)) {
-            abort(403, 'Unauthorized to approve this invoice.');
-        }
-
-        if (! $invoice->canBeEditedByBuyer()) {
-            return response()->json([
-                'success' => false,
-                'message' => 'This invoice cannot be approved at this time.',
-            ], 400);
-        }
-
-        $invoice->buyerApprove(auth()->user());
-
-        return response()->json([
-            'success' => true,
-            'message' => 'Invoice approved successfully.',
-        ]);
-    }
-
-    /**
-     * Reject the invoice.
-     */
-    public function reject(Request $request, Invoice $invoice)
-    {
-        $request->validate([
-            'reason' => 'required|string|max:1000',
-        ]);
-
-        if (! $this->canAccessInvoice($invoice)) {
-            abort(403, 'Unauthorized to reject this invoice.');
-        }
-
-        if (! $invoice->canBeEditedByBuyer()) {
-            return back()->with('error', 'This invoice cannot be rejected at this time.');
-        }
-
-        $invoice->buyerReject(auth()->user(), $request->reason);
-
-        return redirect()->route('buyer.invoices.index')
-            ->with('success', 'Invoice rejected successfully.');
-    }
-
-    /**
-     * Modify the invoice (record buyer's changes).
-     */
-    public function modify(Request $request, Invoice $invoice, OrderModificationService $modificationService)
-    {
-        $request->validate([
-            'items' => 'required|array',
-            'items.*.id' => 'required|exists:order_items,id',
-            'items.*.quantity' => 'required|integer|min:0',
-            'items.*.deleted' => 'required|boolean',
-        ]);
-
-        if (! $this->canAccessInvoice($invoice)) {
-            return response()->json([
-                'success' => false,
-                'message' => 'Unauthorized to modify this invoice.',
-            ], 403);
-        }
-
-        if (! $invoice->canBeEditedByBuyer()) {
-            return response()->json([
-                'success' => false,
-                'message' => 'This invoice cannot be modified at this time.',
-            ], 400);
-        }
-
-        // Record all changes
-        $hasChanges = false;
-        foreach ($request->items as $itemData) {
-            $item = OrderItem::find($itemData['id']);
-
-            // Skip if item doesn't belong to this order
-            if ($item->order_id !== $invoice->order_id) {
-                continue;
-            }
-
-            // Check for deletion
-            if ($itemData['deleted'] && ! $item->deleted_at) {
-                $modificationService->recordItemDeletion($invoice, $item, auth()->user());
-                $hasChanges = true;
-
-                continue;
-            }
-
-            // Check for quantity change
-            if ($itemData['quantity'] != $item->picked_qty) {
-                // Validate: can only reduce, not increase
-                if ($itemData['quantity'] > $item->picked_qty) {
-                    return response()->json([
-                        'success' => false,
-                        'message' => 'You can only reduce quantities, not increase them.',
-                    ], 400);
-                }
-
-                $modificationService->recordItemChange(
-                    $invoice,
-                    $item,
-                    ['quantity' => $itemData['quantity']],
-                    auth()->user()
-                );
-                $hasChanges = true;
-            }
-        }
-
-        if (! $hasChanges) {
-            return response()->json([
-                'success' => false,
-                'message' => 'No changes detected.',
-            ], 400);
-        }
-
-        // Update invoice status to buyer_modified
-        $invoice->buyerModify();
-
-        return response()->json([
-            'success' => true,
-            'message' => 'Changes saved successfully. The seller will review your modifications.',
-        ]);
+        return view('buyer.invoices.show', compact('invoice', 'business'));
     }
 
     /**
      * Download invoice PDF.
      */
-    public function downloadPdf(Invoice $invoice, InvoiceService $invoiceService): Response
+    public function downloadPdf(\App\Models\Business $business, Invoice $invoice, InvoiceService $invoiceService): Response
     {
-        if (! $this->canAccessInvoice($invoice)) {
+        if (! $invoice->order || ! $invoice->order->belongsToBusiness($business)) {
             abort(403, 'Unauthorized to download this invoice.');
         }
 
@@ -215,19 +70,4 @@ class InvoiceController extends Controller
             'Content-Disposition' => 'inline; filename="'.$invoice->invoice_number.'.pdf"',
         ]);
     }
-
-    /**
-     * Check if current user can access the invoice.
-     */
-    protected function canAccessInvoice(Invoice $invoice): bool
-    {
-        $user = auth()->user();
-        $userBusinessIds = $user->businesses->pluck('id')->toArray();
-        $order = $invoice->order;
-
-        return $order && (
-            $order->user_id === $user->id ||
-            in_array($order->business_id, $userBusinessIds)
-        );
-    }
 }

app/Http/Controllers/Buyer/NotificationController.php

@@ -83,6 +83,8 @@ class NotificationController extends Controller
             ->orderBy('created_at', 'desc')
             ->paginate(20);
 
-        return view('buyer.notifications.index', compact('notifications'));
+        $business = auth()->user()->businesses->first();
+
+        return view('buyer.notifications.index', compact('notifications', 'business'));
     }
 }

app/Http/Controllers/Buyer/OrderController.php

@@ -3,24 +3,29 @@
 namespace App\Http\Controllers\Buyer;
 
 use App\Http\Controllers\Controller;
+use App\Models\DeliveryWindow;
 use App\Models\Order;
+use App\Services\DeliveryWindowService;
+use Carbon\Carbon;
+use Illuminate\Http\RedirectResponse;
 use Illuminate\Http\Request;
 
 class OrderController extends Controller
 {
+    public function __construct(
+        private DeliveryWindowService $deliveryWindowService
+    ) {}
+
     /**
      * Display a listing of the user's orders.
      */
-    public function index()
+    public function index(\App\Models\Business $business)
     {
         $user = auth()->user();
-        $userBusinessIds = $user->businesses->pluck('id')->toArray();
 
-        $orders = Order::with(['items', 'business', 'location'])
-            ->where(function ($query) use ($user, $userBusinessIds) {
-                $query->where('user_id', $user->id)
-                    ->orWhereIn('business_id', $userBusinessIds);
-            })
+        // Only show orders for this specific business
+        $orders = Order::forBusiness($business)
+            ->with(['items', 'business', 'location'])
             ->latest()
             ->get();
 
@@ -32,30 +37,30 @@ class OrderController extends Controller
             'delivered' => $orders->where('status', 'delivered')->count(),
         ];
 
-        return view('buyer.orders.index', compact('orders', 'stats'));
+        return view('buyer.orders.index', compact('business', 'orders', 'stats'));
     }
 
     /**
      * Display the specified order.
      */
-    public function show(Order $order)
+    public function show(\App\Models\Business $business, Order $order)
     {
-        // Authorization check
-        if (! $this->canAccessOrder($order)) {
+        // Authorization check - order must belong to this business
+        if (! $order->belongsToBusiness($business)) {
             abort(403, 'Unauthorized to view this order.');
         }
 
-        $order->load(['items.product', 'business', 'location', 'user', 'invoice', 'manifest']);
+        $order->load(['items.product.brand', 'business', 'location', 'user', 'invoice', 'manifest', 'deliveryWindow', 'pendingCancellationRequest']);
 
-        return view('buyer.orders.show', compact('order'));
+        return view('buyer.orders.show', compact('business', 'order'));
     }
 
     /**
      * Accept an order.
      */
-    public function accept(Order $order)
+    public function accept(\App\Models\Business $business, Order $order)
     {
-        if (! $this->canAccessOrder($order)) {
+        if (! $order->belongsToBusiness($business)) {
             abort(403, 'Unauthorized to modify this order.');
         }
 
@@ -69,11 +74,34 @@ class OrderController extends Controller
     }
 
     /**
-     * Cancel an order (buyer-initiated).
+     * Request cancellation of an order (buyer-initiated).
      */
-    public function cancel(Order $order, Request $request)
+    public function requestCancellation(\App\Models\Business $business, Order $order, Request $request)
     {
-        if (! $this->canAccessOrder($order)) {
+        if (! $order->belongsToBusiness($business)) {
+            abort(403, 'Unauthorized to modify this order.');
+        }
+
+        if (! $order->canRequestCancellation()) {
+            return back()->with('error', 'This order cannot have a cancellation request at this stage.');
+        }
+
+        $validated = $request->validate([
+            'reason' => 'required|string|max:1000',
+        ]);
+
+        $order->requestCancellation(auth()->user(), $validated['reason']);
+
+        return back()->with('success', "Cancellation request submitted for order {$order->order_number}. The seller will review your request.");
+    }
+
+    /**
+     * Cancel an order (buyer-initiated).
+     * NOTE: This is the old direct cancel method, kept for backward compatibility.
+     */
+    public function cancel(\App\Models\Business $business, Order $order, Request $request)
+    {
+        if (! $order->belongsToBusiness($business)) {
             abort(403, 'Unauthorized to modify this order.');
         }
 
@@ -93,9 +121,9 @@ class OrderController extends Controller
     /**
      * Update order fulfillment method and related information.
      */
-    public function updateFulfillment(Order $order, Request $request)
+    public function updateFulfillment(\App\Models\Business $business, Order $order, Request $request)
     {
-        if (! $this->canAccessOrder($order)) {
+        if (! $order->belongsToBusiness($business)) {
             abort(403, 'Unauthorized to modify this order.');
         }
 
@@ -134,9 +162,9 @@ class OrderController extends Controller
     /**
      * Download manifest PDF for an order.
      */
-    public function downloadManifestPdf(Order $order)
+    public function downloadManifestPdf(\App\Models\Business $business, Order $order)
     {
-        if (! $this->canAccessOrder($order)) {
+        if (! $order->belongsToBusiness($business)) {
             abort(403, 'Unauthorized to access this order.');
         }
 
@@ -161,14 +189,431 @@ class OrderController extends Controller
     }
 
     /**
-     * Check if current user can access the order.
+     * Update order's delivery window
      */
-    protected function canAccessOrder(Order $order): bool
+    public function updateDeliveryWindow(\App\Models\Business $business, Order $order, Request $request): RedirectResponse
     {
-        $user = auth()->user();
-        $userBusinessIds = $user->businesses->pluck('id')->toArray();
+        // Ensure order belongs to buyer's business
+        if (! $order->belongsToBusiness($business)) {
+            abort(403, 'Unauthorized access to order');
+        }
 
-        return $order->user_id === $user->id ||
-               in_array($order->business_id, $userBusinessIds);
+        // Only allow updates for delivery orders at approved_for_delivery status
+        if ($order->status !== 'approved_for_delivery') {
+            abort(422, 'Delivery window can only be set after buyer has approved the order for delivery');
+        }
+
+        // Only delivery orders need delivery windows
+        if (! $order->isDelivery()) {
+            abort(422, 'Delivery window can only be set for delivery orders');
+        }
+
+        $validated = $request->validate([
+            'delivery_window_id' => 'required|exists:delivery_windows,id',
+            'delivery_window_date' => 'required|date|after_or_equal:today',
+            'location_id' => 'required|exists:locations,id',
+        ]);
+
+        $window = DeliveryWindow::findOrFail($validated['delivery_window_id']);
+
+        // Get seller's business ID from the first order item's product's brand
+        $sellerBusinessId = $order->items->first()?->product?->brand?->business_id;
+
+        if (! $sellerBusinessId) {
+            abort(422, 'Unable to determine seller business for this order');
+        }
+
+        // Ensure window belongs to the SELLER's business
+        if ($window->business_id !== $sellerBusinessId) {
+            abort(422, 'Delivery window does not belong to seller business');
+        }
+
+        $date = Carbon::parse($validated['delivery_window_date']);
+
+        // Validate that location belongs to buyer's business
+        $location = \App\Models\Location::where('id', $validated['location_id'])
+            ->where('business_id', $business->id)
+            ->where('accepts_deliveries', true)
+            ->where('is_active', true)
+            ->first();
+
+        if (! $location) {
+            abort(422, 'Invalid delivery location');
+        }
+
+        // Validate using service
+        if (! $this->deliveryWindowService->validateWindowSelection($window, $date)) {
+            abort(422, 'Invalid delivery window selection');
+        }
+
+        $this->deliveryWindowService->updateOrderWindow($order, $window, $date, $validated['location_id']);
+
+        return redirect()
+            ->route('buyer.business.orders.show', [$business->slug, $order])
+            ->with('success', 'Delivery scheduled for '.$date->format('l, F j, Y').' at '.$location->name);
+    }
+
+    /**
+     * Get available delivery windows for an order's seller business.
+     */
+    public function getAvailableDeliveryWindows(\App\Models\Business $business, Order $order, Request $request)
+    {
+        // Ensure order belongs to buyer's business
+        if (! $order->belongsToBusiness($business)) {
+            abort(403, 'Unauthorized access to order');
+        }
+
+        $date = $request->query('date');
+        if (! $date) {
+            return response()->json(['error' => 'Date parameter required'], 400);
+        }
+
+        try {
+            $selectedDate = Carbon::parse($date);
+        } catch (\Exception $e) {
+            return response()->json(['error' => 'Invalid date format'], 400);
+        }
+
+        $dayOfWeek = $selectedDate->dayOfWeek;
+
+        // Get seller's business ID from the first order item's product's brand
+        $sellerBusinessId = $order->items->first()?->product?->brand?->business_id;
+
+        if (! $sellerBusinessId) {
+            return response()->json(['windows' => []]);
+        }
+
+        // Fetch active delivery windows for the seller on this day
+        $windows = DeliveryWindow::where('business_id', $sellerBusinessId)
+            ->where('day_of_week', $dayOfWeek)
+            ->where('is_active', true)
+            ->orderBy('start_time')
+            ->get()
+            ->map(function ($window) {
+                return [
+                    'id' => $window->id,
+                    'day_name' => $window->day_name,
+                    'time_range' => $window->time_range,
+                    'start_time' => $window->start_time,
+                    'end_time' => $window->end_time,
+                ];
+            });
+
+        return response()->json(['windows' => $windows]);
+    }
+
+    /**
+     * Show pre-delivery approval form (Review #1: After picking, before delivery).
+     * Buyer reviews order with COAs and can approve/reject entire line items.
+     */
+    public function showPreDeliveryApproval(\App\Models\Business $business, Order $order)
+    {
+        // Authorization check
+        if (! $order->belongsToBusiness($business)) {
+            abort(403, 'Unauthorized to access this order.');
+        }
+
+        // Only ready_for_delivery orders can be reviewed
+        if ($order->status !== 'ready_for_delivery') {
+            return redirect()->route('buyer.business.orders.show', [$business->slug, $order])
+                ->with('error', 'Only orders ready for delivery can be reviewed.');
+        }
+
+        // Load relationships including COAs
+        $order->load([
+            'items.product.brand',
+            'items.batch.coaFiles' => function ($query) {
+                $query->orderBy('is_primary', 'desc')->orderBy('display_order');
+            },
+            'business',
+            'location',
+        ]);
+
+        return view('buyer.orders.pre-delivery-review', compact('business', 'order'));
+    }
+
+    /**
+     * Process pre-delivery approval (Review #1).
+     * Buyer can approve order or reject specific line items.
+     */
+    public function processPreDeliveryApproval(\App\Models\Business $business, Order $order, Request $request): RedirectResponse
+    {
+        // Authorization check
+        if (! $order->belongsToBusiness($business)) {
+            abort(403, 'Unauthorized to modify this order.');
+        }
+
+        // Only ready_for_delivery orders can be approved
+        if ($order->status !== 'ready_for_delivery') {
+            return back()->with('error', 'Only orders ready for delivery can be reviewed.');
+        }
+
+        $validated = $request->validate([
+            'action' => 'required|in:approve,reject',
+            'rejected_items' => 'nullable|array',
+            'rejected_items.*' => 'exists:order_items,id',
+            'rejection_reason' => 'nullable|string|max:1000',
+        ]);
+
+        // Validate that at least one line item remains active when approving with rejections
+        if ($validated['action'] === 'approve' && ! empty($validated['rejected_items'])) {
+            $totalItems = $order->items()->count();
+            $rejectedItemsCount = count($validated['rejected_items']);
+
+            if ($rejectedItemsCount >= $totalItems) {
+                return back()->withErrors([
+                    'rejected_items' => 'You cannot reject all items. If you wish to cancel the entire order, please use the "Request cancellation" option below.',
+                ])->withInput();
+            }
+        }
+
+        $rejectedProductNames = [];
+
+        \DB::transaction(function () use ($order, $validated, &$rejectedProductNames) {
+            if ($validated['action'] === 'reject') {
+                // Reject entire order
+                $order->update([
+                    'status' => 'rejected',
+                    'rejected_at' => now(),
+                    'rejected_reason' => $validated['rejection_reason'] ?? 'Order rejected by buyer during review',
+                ]);
+
+                // Return all inventory to stock
+                foreach ($order->items as $item) {
+                    if ($item->batch_id && $item->batch) {
+                        $item->batch->deallocate($item->quantity);
+                    }
+                }
+            } else {
+                // Approve with optional item rejections
+                if (! empty($validated['rejected_items'])) {
+
+                    // Mark rejected items (keep in database for history)
+                    foreach ($validated['rejected_items'] as $itemId) {
+                        $item = $order->items()->find($itemId);
+                        if ($item) {
+                            $rejectedProductNames[] = $item->product_name;
+
+                            // Return inventory
+                            if ($item->batch_id && $item->batch) {
+                                $item->batch->deallocate($item->quantity);
+                            }
+
+                            // Mark item as rejected (don't delete - preserve history)
+                            $item->update(['pre_delivery_status' => 'rejected']);
+
+                            // Delete related PickingTicketItems to prevent picking
+                            \App\Models\PickingTicketItem::where('order_item_id', $item->id)->delete();
+                        }
+                    }
+
+                    // Add rejection instruction to the fulfillment work order
+                    if (! empty($rejectedProductNames) && $order->fulfillmentWorkOrder) {
+                        $rejectionMessage = 'Buyer rejected: '.implode(', ', $rejectedProductNames).'. Pull and restock these items.';
+
+                        $order->fulfillmentWorkOrder->update([
+                            'instructions' => $order->fulfillmentWorkOrder->instructions
+                                ? $order->fulfillmentWorkOrder->instructions."\n\n".$rejectionMessage
+                                : $rejectionMessage,
+                        ]);
+                    }
+
+                    // Check for empty picking tickets and delete them
+                    if ($order->fulfillmentWorkOrder) {
+                        foreach ($order->fulfillmentWorkOrder->pickingTickets as $ticket) {
+                            if ($ticket->items()->count() === 0) {
+                                $ticket->delete();
+                            }
+                        }
+                    }
+
+                    // Recalculate order totals based on non-rejected items only
+                    $order->refresh();
+                    $order->load('items');
+
+                    $activeItems = $order->items->where('pre_delivery_status', '!=', 'rejected');
+                    $subtotal = $activeItems->sum('line_total');
+                    $surchargePercent = \App\Models\Order::getSurchargePercentage($order->payment_terms);
+                    $surcharge = $subtotal * ($surchargePercent / 100);
+                    $taxRate = $order->business->getTaxRate();
+                    $tax = ($subtotal + $surcharge) * $taxRate;
+                    $total = $subtotal + $surcharge + $tax;
+
+                    $order->update([
+                        'subtotal' => $subtotal,
+                        'surcharge' => $surcharge,
+                        'tax' => $tax,
+                        'total' => $total,
+                    ]);
+                }
+
+                // Check if any non-rejected items remain
+                $activeItemsCount = $order->items()->where(function ($q) {
+                    $q->whereNull('pre_delivery_status')->orWhere('pre_delivery_status', '!=', 'rejected');
+                })->count();
+
+                if ($activeItemsCount === 0) {
+                    $order->update([
+                        'status' => 'rejected',
+                        'rejected_at' => now(),
+                        'rejected_reason' => 'All items rejected by buyer during review',
+                    ]);
+                } else {
+                    // Mark as approved for delivery
+                    $order->update([
+                        'status' => 'approved_for_delivery',
+                        'buyer_approved_at' => now(),
+                        'buyer_approved_by' => auth()->id(),
+                    ]);
+                }
+            }
+        });
+
+        // Notify seller if items were rejected
+        if (! empty($rejectedProductNames)) {
+            try {
+                $sellerNotificationService = app(\App\Services\SellerNotificationService::class);
+                $sellerNotificationService->itemsRejectedDuringReview($order, $rejectedProductNames);
+            } catch (\Exception $e) {
+                // Log the error but don't block the approval process
+                \Log::error('Failed to send seller notification for rejected items', [
+                    'order_id' => $order->id,
+                    'order_number' => $order->order_number,
+                    'error' => $e->getMessage(),
+                ]);
+            }
+        }
+
+        $message = match ($order->status) {
+            'rejected' => 'Order rejected. Items have been returned to inventory.',
+            'approved_for_delivery' => empty($validated['rejected_items'])
+                ? 'Order approved for delivery!'
+                : 'Order approved with '.count($validated['rejected_items']).' item(s) removed.',
+            default => 'Order updated.',
+        };
+
+        return redirect()->route('buyer.business.orders.show', [$business->slug, $order])
+            ->with('success', $message);
+    }
+
+    /**
+     * Show delivery acceptance form for buyer to accept/reject items (Review #2: After delivery).
+     */
+    public function showAcceptance(\App\Models\Business $business, Order $order)
+    {
+        // Authorization check
+        if (! $order->belongsToBusiness($business)) {
+            abort(403, 'Unauthorized to access this order.');
+        }
+
+        // Only delivered orders can be accepted
+        if ($order->status !== 'delivered') {
+            return redirect()->route('buyer.business.orders.show', [$business->slug, $order])
+                ->with('error', 'Only delivered orders can be accepted.');
+        }
+
+        // Load relationships including COAs
+        $order->load([
+            'items.product.brand',
+            'items.batch.coaFiles' => function ($query) {
+                $query->orderBy('is_primary', 'desc')->orderBy('display_order');
+            },
+            'business',
+            'location',
+        ]);
+
+        return view('buyer.orders.accept', compact('business', 'order'));
+    }
+
+    /**
+     * Process delivery acceptance (accept/reject line items).
+     */
+    public function processAcceptance(\App\Models\Business $business, Order $order, Request $request): RedirectResponse
+    {
+        // Authorization check
+        if (! $order->belongsToBusiness($business)) {
+            abort(403, 'Unauthorized to modify this order.');
+        }
+
+        // Only delivered orders can be accepted
+        if ($order->status !== 'delivered') {
+            return back()->with('error', 'Only delivered orders can be accepted.');
+        }
+
+        $validated = $request->validate([
+            'items' => 'required|array',
+            'items.*.accepted_qty' => 'required|integer|min:0',
+            'items.*.rejected_qty' => 'required|integer|min:0',
+            'items.*.rejection_reason' => 'nullable|string|max:1000',
+        ]);
+
+        // Custom validation: accepted + rejected must equal ordered quantity
+        $order->load('items');
+        foreach ($validated['items'] as $itemId => $itemData) {
+            $orderItem = $order->items->firstWhere('id', $itemId);
+
+            if (! $orderItem) {
+                continue;
+            }
+
+            $totalQty = $itemData['accepted_qty'] + $itemData['rejected_qty'];
+            if ($totalQty !== $orderItem->quantity) {
+                return back()->withErrors([
+                    "items.{$itemId}" => "Accepted and rejected quantities must equal ordered quantity ({$orderItem->quantity})",
+                ]);
+            }
+
+            // Validate rejection reason is provided when items are rejected
+            if ($itemData['rejected_qty'] > 0 && empty($itemData['rejection_reason'])) {
+                return back()->withErrors([
+                    "items.{$itemId}.rejection_reason" => 'Rejection reason is required when rejecting items',
+                ]);
+            }
+        }
+
+        // Update each order item with acceptance data
+        \DB::transaction(function () use ($order, $validated) {
+            foreach ($validated['items'] as $itemId => $itemData) {
+                $orderItem = $order->items->firstWhere('id', $itemId);
+
+                if ($orderItem) {
+                    $orderItem->update([
+                        'accepted_qty' => $itemData['accepted_qty'],
+                        'rejected_qty' => $itemData['rejected_qty'],
+                        'rejection_reason' => $itemData['rejection_reason'] ?? null,
+                    ]);
+
+                    // Return rejected items to inventory if batch is set
+                    if ($itemData['rejected_qty'] > 0 && $orderItem->batch_id && $orderItem->batch) {
+                        $orderItem->batch->deallocate($itemData['rejected_qty']);
+                    }
+                }
+            }
+
+            // Determine final order status
+            $hasRejections = collect($validated['items'])->some(fn ($item) => $item['rejected_qty'] > 0);
+            $allRejected = collect($validated['items'])->every(fn ($item) => $item['rejected_qty'] === ($order->items->firstWhere('id', array_search($item, $validated['items']))->quantity ?? 0));
+
+            if ($allRejected) {
+                $order->update([
+                    'status' => 'rejected',
+                    'rejected_at' => now(),
+                    'rejected_reason' => 'All items rejected by buyer',
+                ]);
+            } else {
+                $order->markBuyerApproved();
+
+                // Create invoice based on accepted quantities
+                $invoiceService = app(\App\Services\InvoiceService::class);
+                $invoiceService->createFromDelivery($order);
+            }
+        });
+
+        $message = $order->status === 'rejected'
+            ? 'Order rejected. All items have been returned to inventory.'
+            : 'Order accepted successfully. Invoice has been generated.';
+
+        return redirect()->route('buyer.business.orders.show', [$business->slug, $order])
+            ->with('success', $message);
     }
 }

app/Http/Controllers/Buyer/StockNotificationController.php

@@ -0,0 +1,163 @@
+<?php
+
+namespace App\Http\Controllers\Buyer;
+
+use App\Http\Controllers\Controller;
+use App\Models\Product;
+use App\Services\StockNotificationService;
+use Illuminate\Http\JsonResponse;
+use Illuminate\Http\Request;
+use Illuminate\Support\Facades\Validator;
+
+class StockNotificationController extends Controller
+{
+    public function __construct(
+        protected StockNotificationService $stockNotificationService
+    ) {}
+
+    /**
+     * Subscribe to stock notification
+     */
+    public function subscribe(Request $request): JsonResponse
+    {
+        $validator = Validator::make($request->all(), [
+            'product_id' => 'required|exists:products,id',
+            'email' => 'nullable|email',
+            'phone_number' => 'nullable|string',
+            'whatsapp' => 'nullable|string',
+            'notification_method' => 'nullable|in:email,sms,whatsapp,all',
+        ]);
+
+        if ($validator->fails()) {
+            return response()->json([
+                'success' => false,
+                'errors' => $validator->errors(),
+            ], 422);
+        }
+
+        $product = Product::findOrFail($request->product_id);
+
+        // Check if product is actually out of stock
+        if ($product->isInStock()) {
+            return response()->json([
+                'success' => false,
+                'message' => 'This product is currently in stock.',
+            ], 400);
+        }
+
+        $userId = auth()->check() ? auth()->id() : null;
+        $email = $request->email ?? auth()->user()?->email;
+        $notificationMethod = $request->notification_method ?? 'email';
+
+        // Determine phone number based on notification method
+        // For WhatsApp, use whatsapp field; for SMS use phone_number; for all, prefer phone_number
+        $phoneNumber = null;
+        if ($notificationMethod === 'whatsapp') {
+            $phoneNumber = $request->whatsapp ?? auth()->user()?->phone_number;
+        } elseif ($notificationMethod === 'sms') {
+            $phoneNumber = $request->phone_number ?? auth()->user()?->phone_number;
+        } elseif ($notificationMethod === 'all') {
+            // For 'all', we'll store the primary phone number
+            $phoneNumber = $request->phone_number ?? $request->whatsapp ?? auth()->user()?->phone_number;
+        }
+
+        // Validate that we have at least one contact method
+        if (! $email && ! $phoneNumber) {
+            return response()->json([
+                'success' => false,
+                'message' => 'Please provide contact information.',
+            ], 422);
+        }
+
+        // Check if user already has a pending notification for this product
+        if ($userId) {
+            $existing = \App\Models\StockNotification::where('user_id', $userId)
+                ->where('product_id', $product->id)
+                ->pending()
+                ->notExpired()
+                ->first();
+
+            if ($existing) {
+                return response()->json([
+                    'success' => false,
+                    'message' => 'You already have a pending notification for this product.',
+                ], 400);
+            }
+        }
+
+        $notification = $this->stockNotificationService->createNotification(
+            productId: $product->id,
+            userId: $userId,
+            email: $email,
+            phoneNumber: $phoneNumber,
+            notificationMethod: $notificationMethod
+        );
+
+        return response()->json([
+            'success' => true,
+            'message' => 'You will be notified when this product is back in stock!',
+            'notification' => [
+                'id' => $notification->id,
+                'product_name' => $product->name,
+                'expires_at' => $notification->expires_at->toDateString(),
+            ],
+        ]);
+    }
+
+    /**
+     * Cancel a stock notification
+     */
+    public function cancel(Request $request, int $notificationId): JsonResponse
+    {
+        $userId = auth()->check() ? auth()->id() : null;
+
+        $cancelled = $this->stockNotificationService->cancelNotification($notificationId, $userId);
+
+        if ($cancelled) {
+            return response()->json([
+                'success' => true,
+                'message' => 'Notification cancelled successfully.',
+            ]);
+        }
+
+        return response()->json([
+            'success' => false,
+            'message' => 'Notification not found or already processed.',
+        ], 404);
+    }
+
+    /**
+     * List user's pending notifications
+     */
+    public function index(Request $request): JsonResponse
+    {
+        $user = auth()->user();
+
+        if (! $user) {
+            return response()->json([
+                'success' => false,
+                'message' => 'Authentication required.',
+            ], 401);
+        }
+
+        $notifications = $this->stockNotificationService->getUserNotifications($user);
+
+        return response()->json([
+            'success' => true,
+            'notifications' => $notifications->map(function ($notification) {
+                return [
+                    'id' => $notification->id,
+                    'product' => [
+                        'id' => $notification->product->id,
+                        'name' => $notification->product->name,
+                        'sku' => $notification->product->sku,
+                        'brand_name' => $notification->product->brand->name,
+                    ],
+                    'notification_method' => $notification->notification_method,
+                    'created_at' => $notification->created_at->toDateString(),
+                    'expires_at' => $notification->expires_at->toDateString(),
+                ];
+            }),
+        ]);
+    }
+}

app/Http/Controllers/BuyerAuthController.php

@@ -17,8 +17,11 @@ class BuyerAuthController extends Controller
      */
     public function profile()
     {
+        $business = auth()->user()->businesses->first();
+
         return view('buyer.profile', [
             'user' => auth()->user(),
+            'business' => $business,
         ]);
     }
 }

app/Http/Controllers/BuyerProfileController.php

@@ -22,9 +22,12 @@ class BuyerProfileController extends Controller
                 : 'none',
         ];
 
+        $business = auth()->user()->businesses->first();
+
         return view('buyer.profile', [
             'user' => $user,
             'verificationStatus' => $verificationStatus,
+            'business' => $business,
         ]);
     }
 

app/Http/Controllers/BuyerSetupController.php

@@ -287,7 +287,7 @@ class BuyerSetupController extends Controller
 
         if ($firstName) {
             // Check if AP contact already exists (in case user goes back and forward in wizard)
-            $existingAp = Contact::where('business_id', $business->id)
+            $existingAp = Contact::forBusiness($business)
                 ->where('contact_type', 'accounts_payable')
                 ->where('first_name', $firstName)
                 ->where('last_name', $lastName)

app/Http/Controllers/CoaController.php

@@ -0,0 +1,95 @@
+<?php
+
+declare(strict_types=1);
+
+namespace App\Http\Controllers;
+
+use Barryvdh\DomPDF\Facade\Pdf;
+use Illuminate\Http\Response;
+use Illuminate\Support\Facades\DB;
+use Illuminate\Support\Facades\Storage;
+
+class CoaController extends Controller
+{
+    /**
+     * Download or generate COA PDF.
+     * - Production/Staging: Serves real uploaded file from MinIO/S3
+     * - Local/Development: Generates placeholder PDF on-demand
+     */
+    public function download(int $coaId): Response
+    {
+        $coa = DB::table('batch_coa_files')->find($coaId);
+
+        if (! $coa) {
+            abort(404, 'COA not found');
+        }
+
+        $batch = DB::table('batches')->find($coa->batch_id);
+
+        if (! $batch) {
+            abort(404, 'Batch not found');
+        }
+
+        // Production/Staging: Serve real uploaded file from storage
+        if (app()->environment(['production', 'staging'])) {
+            if (! $coa->file_path) {
+                abort(404, 'COA file not uploaded yet');
+            }
+
+            if (! Storage::disk('public')->exists($coa->file_path)) {
+                abort(404, 'COA file not found in storage');
+            }
+
+            return Storage::disk('public')->response($coa->file_path);
+        }
+
+        // Local/Development: Generate placeholder PDF on-demand
+        $pdf = Pdf::loadHTML($this->getPlaceholderHtml($batch));
+
+        return response($pdf->output(), 200)
+            ->header('Content-Type', 'application/pdf')
+            ->header('Content-Disposition', 'inline; filename="COA-'.$batch->batch_number.'.pdf"');
+    }
+
+    /**
+     * Generate simple placeholder HTML for development COAs.
+     */
+    protected function getPlaceholderHtml(object $batch): string
+    {
+        return <<<HTML
+        <!DOCTYPE html>
+        <html>
+        <head>
+            <style>
+                body {
+                    font-family: Arial, sans-serif;
+                    text-align: center;
+                    padding: 100px 50px;
+                }
+                h1 {
+                    font-size: 48px;
+                    color: #333;
+                    margin-bottom: 20px;
+                }
+                .batch {
+                    font-size: 24px;
+                    color: #666;
+                    margin-top: 30px;
+                }
+                .note {
+                    font-size: 14px;
+                    color: #999;
+                    margin-top: 50px;
+                    font-style: italic;
+                }
+            </style>
+        </head>
+        <body>
+            <h1>COA REPORT</h1>
+            <p class="batch">Batch: {$batch->batch_number}</p>
+            <p class="note">Placeholder COA for development purposes</p>
+        </body>
+        </html>
+        HTML;
+    }
+}

app/Http/Controllers/Concerns/HandlesPrecognition.php

@@ -0,0 +1,49 @@
+<?php
+
+namespace App\Http\Controllers\Concerns;
+
+use Illuminate\Http\Request;
+
+/**
+ * Trait HandlesPrecognition
+ *
+ * Adds Laravel Precognition support to controllers for real-time form validation.
+ *
+ * Usage in controller:
+ * ```php
+ * use HandlesPrecognition;
+ *
+ * public function store(Request $request, Business $business)
+ * {
+ *     // Handle precognition validation
+ *     if ($this->isPrecognitive($request)) {
+ *         return;
+ *     }
+ *
+ *     // Your normal validation and logic
+ *     $validated = $request->validate([...]);
+ * }
+ * ```
+ */
+trait HandlesPrecognition
+{
+    /**
+     * Check if the request is a precognitive validation request
+     */
+    protected function isPrecognitive(Request $request): bool
+    {
+        return $request->isPrecognitive();
+    }
+
+    /**
+     * Handle precognitive validation and return early if needed
+     * This method can be called at the start of store/update methods
+     */
+    protected function handlePrecognition(Request $request): void
+    {
+        if ($request->isPrecognitive()) {
+            // Laravel automatically handles the validation response
+            // No need to explicitly return anything
+        }
+    }
+}

app/Http/Controllers/DashboardController.php

@@ -42,6 +42,23 @@ class DashboardController extends Controller
         $isPending = $business->status === 'submitted';
         $isRejected = $business->status === 'rejected';
 
+        // Get user's departments to determine which metrics to show
+        $userDepartments = $user->departments ?? collect();
+        $departmentCodes = $userDepartments->pluck('code');
+
+        // Determine dashboard type based on departments
+        $hasSolventless = $departmentCodes->intersect(['LAZ-SOLV', 'CRG-SOLV'])->isNotEmpty();
+        $hasSales = $departmentCodes->intersect(['CBD-SALES', 'CBD-MKTG'])->isNotEmpty();
+        $hasDelivery = $departmentCodes->contains('CRG-DELV');
+        $isOwner = $business->owner_user_id === $user->id;
+        $isSuperAdmin = $user->hasRole('super-admin');
+
+        // Dashboard blocks determined ONLY by department groups (not by ownership or admin role)
+        // Users see data for their assigned departments - add user to department for access
+        $showSalesMetrics = $hasSales;
+        $showProcessingMetrics = $hasSolventless;
+        $showFleetMetrics = $hasDelivery;
+
         // Get filtered brand IDs for multi-tenancy
         $brandIds = \App\Http\Controllers\Seller\BrandSwitcherController::getFilteredBrandIds();
 
@@ -56,25 +73,27 @@ class DashboardController extends Controller
         $previousStart = now()->subDays(60);
         $previousEnd = now()->subDays(30);
 
-        // Get order IDs that have items matching our brands
-        $currentOrderIds = \App\Models\OrderItem::whereIn('brand_name', $brandNames)
-            ->whereHas('order', fn ($q) => $q->whereBetween('created_at', [$currentStart, $currentEnd]))
-            ->pluck('order_id')
-            ->unique();
+        // Get order IDs and revenue in single optimized queries using joins
+        $currentStats = \App\Models\Order::join('order_items', 'orders.id', '=', 'order_items.order_id')
+            ->whereIn('order_items.brand_name', $brandNames)
+            ->whereBetween('orders.created_at', [$currentStart, $currentEnd])
+            ->selectRaw('COUNT(DISTINCT orders.id) as order_count, SUM(orders.total) as revenue')
+            ->first();
 
-        $previousOrderIds = \App\Models\OrderItem::whereIn('brand_name', $brandNames)
-            ->whereHas('order', fn ($q) => $q->whereBetween('created_at', [$previousStart, $previousEnd]))
-            ->pluck('order_id')
-            ->unique();
+        $previousStats = \App\Models\Order::join('order_items', 'orders.id', '=', 'order_items.order_id')
+            ->whereIn('order_items.brand_name', $brandNames)
+            ->whereBetween('orders.created_at', [$previousStart, $previousEnd])
+            ->selectRaw('COUNT(DISTINCT orders.id) as order_count, SUM(orders.total) as revenue')
+            ->first();
 
         // Revenue
-        $currentRevenue = \App\Models\Order::whereIn('id', $currentOrderIds)->sum('total') / 100;
-        $previousRevenue = \App\Models\Order::whereIn('id', $previousOrderIds)->sum('total') / 100;
+        $currentRevenue = ($currentStats->revenue ?? 0) / 100;
+        $previousRevenue = ($previousStats->revenue ?? 0) / 100;
         $revenueChange = $previousRevenue > 0 ? (($currentRevenue - $previousRevenue) / $previousRevenue) * 100 : 0;
 
         // Orders count
-        $currentOrders = $currentOrderIds->count();
-        $previousOrders = $previousOrderIds->count();
+        $currentOrders = $currentStats->order_count ?? 0;
+        $previousOrders = $previousStats->order_count ?? 0;
         $ordersChange = $previousOrders > 0 ? (($currentOrders - $previousOrders) / $previousOrders) * 100 : 0;
 
         // Products count (active products for selected brand(s))
@@ -141,18 +160,37 @@ class DashboardController extends Controller
         // Get chart data for revenue visualization
         $chartData = $this->getRevenueChartData($brandIds);
 
+        // Get processing metrics if user is in solventless departments
+        $processingData = null;
+        if ($showProcessingMetrics) {
+            $processingData = $this->getProcessingMetrics($business, $userDepartments);
+        }
+
+        // Get fleet metrics if user is in delivery department
+        $fleetData = null;
+        if ($showFleetMetrics) {
+            $fleetData = $this->getFleetMetrics($business);
+        }
+
         return view('seller.dashboard', [
             'user' => $user,
             'business' => $business,
             'needsOnboarding' => $needsOnboarding,
             'isPending' => $isPending,
             'isRejected' => $isRejected,
+            'isOwner' => $isOwner,
             'dashboardData' => $dashboardData,
             'progressData' => $progressData,
             'progressSummary' => $progressSummary,
             'chartData' => $chartData,
             'invoiceStats' => $stats,
             'recentInvoices' => $recentInvoices,
+            'showSalesMetrics' => $showSalesMetrics,
+            'showProcessingMetrics' => $showProcessingMetrics,
+            'showFleetMetrics' => $showFleetMetrics,
+            'processingData' => $processingData,
+            'fleetData' => $fleetData,
+            'userDepartments' => $userDepartments,
         ]);
     }
 
@@ -188,16 +226,11 @@ class DashboardController extends Controller
         $start = now()->sub($count, $unit)->startOfDay();
         $end = now()->endOfDay();
 
-        // Get all order IDs for the period
-        $orderIds = \App\Models\OrderItem::whereIn('brand_name', $brandNames)
-            ->whereHas('order', fn ($q) => $q->whereBetween('created_at', [$start, $end]))
-            ->pluck('order_id')
-            ->unique();
-
-        // Get orders with dates
-        $orders = \App\Models\Order::whereIn('id', $orderIds)
-            ->whereBetween('created_at', [$start, $end])
-            ->selectRaw('DATE(created_at) as date, SUM(total) as revenue')
+        // Optimized query using join instead of subquery
+        $orders = \App\Models\Order::join('order_items', 'orders.id', '=', 'order_items.order_id')
+            ->whereIn('order_items.brand_name', $brandNames)
+            ->whereBetween('orders.created_at', [$start, $end])
+            ->selectRaw('DATE(orders.created_at) as date, SUM(orders.total) as revenue')
             ->groupBy('date')
             ->orderBy('date', 'asc')
             ->get();
@@ -272,4 +305,426 @@ class DashboardController extends Controller
             'values' => $values,
         ];
     }
+
+    /**
+     * Get processing/manufacturing metrics for solventless departments
+     */
+    private function getProcessingMetrics(Business $business, $userDepartments): array
+    {
+        $solventlessDepts = $userDepartments->whereIn('code', ['LAZ-SOLV', 'CRG-SOLV']);
+        $departmentIds = $solventlessDepts->pluck('id');
+
+        // Current period (last 30 days)
+        $currentStart = now()->subDays(30);
+        $previousStart = now()->subDays(60);
+        $previousEnd = now()->subDays(30);
+
+        // Get wash reports (hash washes) - using Conversion model
+        $currentWashes = \App\Models\Conversion::where('business_id', $business->id)
+            ->where('conversion_type', 'hash_wash')
+            ->where('status', 'completed')
+            ->where('created_at', '>=', $currentStart)
+            ->count();
+
+        $previousWashes = \App\Models\Conversion::where('business_id', $business->id)
+            ->where('conversion_type', 'hash_wash')
+            ->where('status', 'completed')
+            ->whereBetween('created_at', [$previousStart, $previousEnd])
+            ->count();
+
+        $washesChange = $previousWashes > 0 ? (($currentWashes - $previousWashes) / $previousWashes) * 100 : 0;
+
+        // Average Yield (calculate from metadata)
+        $currentWashesWithYield = \App\Models\Conversion::where('business_id', $business->id)
+            ->where('conversion_type', 'hash_wash')
+            ->where('status', 'completed')
+            ->where('created_at', '>=', $currentStart)
+            ->get();
+
+        $currentYield = $currentWashesWithYield->avg(function ($conversion) {
+            $stage1 = $conversion->getStage1Data();
+            $stage2 = $conversion->getStage2Data();
+            if (! $stage1 || ! $stage2) {
+                return 0;
+            }
+            $startingWeight = $stage1['starting_weight'] ?? 0;
+            $totalYield = $stage2['total_yield'] ?? 0;
+
+            return $startingWeight > 0 ? ($totalYield / $startingWeight) * 100 : 0;
+        }) ?? 0;
+
+        $previousWashesWithYield = \App\Models\Conversion::where('business_id', $business->id)
+            ->where('conversion_type', 'hash_wash')
+            ->where('status', 'completed')
+            ->whereBetween('created_at', [$previousStart, $previousEnd])
+            ->get();
+
+        $previousYield = $previousWashesWithYield->avg(function ($conversion) {
+            $stage1 = $conversion->getStage1Data();
+            $stage2 = $conversion->getStage2Data();
+            if (! $stage1 || ! $stage2) {
+                return 0;
+            }
+            $startingWeight = $stage1['starting_weight'] ?? 0;
+            $totalYield = $stage2['total_yield'] ?? 0;
+
+            return $startingWeight > 0 ? ($totalYield / $startingWeight) * 100 : 0;
+        }) ?? 0;
+
+        $yieldChange = $previousYield > 0 ? (($currentYield - $previousYield) / $previousYield) * 100 : 0;
+
+        // Active Work Orders
+        $activeWorkOrders = \App\Models\WorkOrder::where('business_id', $business->id)
+            ->whereIn('department_id', $departmentIds)
+            ->where('status', 'in_progress')
+            ->count();
+
+        // Completed Work Orders (30 days)
+        $currentCompletedOrders = \App\Models\WorkOrder::where('business_id', $business->id)
+            ->whereIn('department_id', $departmentIds)
+            ->where('status', 'completed')
+            ->where('updated_at', '>=', $currentStart)
+            ->count();
+
+        $previousCompletedOrders = \App\Models\WorkOrder::where('business_id', $business->id)
+            ->whereIn('department_id', $departmentIds)
+            ->where('status', 'completed')
+            ->whereBetween('updated_at', [$previousStart, $previousEnd])
+            ->count();
+
+        $completedChange = $previousCompletedOrders > 0 ? (($currentCompletedOrders - $previousCompletedOrders) / $previousCompletedOrders) * 100 : 0;
+
+        // Get strain performance data
+        $strainPerformance = $this->getStrainPerformanceData($business, $currentStart);
+
+        // Get Idle Fresh Frozen data
+        $idleFreshFrozen = $this->getIdleFreshFrozen($business);
+
+        // Get current user's subdivision prefixes (first 3 chars of department codes)
+        $userSubdivisions = auth()->user()->departments()
+            ->pluck('code')
+            ->map(fn ($code) => substr($code, 0, 3))
+            ->unique()
+            ->values();
+
+        // Get all user IDs in the same subdivisions
+        $allowedOperatorIds = \App\Models\User::whereHas('departments', function ($q) use ($userSubdivisions) {
+            $q->whereIn(\DB::raw('SUBSTRING(code, 1, 3)'), $userSubdivisions->toArray());
+        })->pluck('id');
+
+        // Get Active Washes data
+        $activeWashes = \App\Models\Conversion::where('business_id', $business->id)
+            ->where('conversion_type', 'hash_wash')
+            ->where('status', 'in_progress')
+            ->whereIn('operator_user_id', $allowedOperatorIds)
+            ->with(['operator.departments'])
+            ->orderBy('started_at', 'desc')
+            ->take(5)
+            ->get();
+
+        return [
+            'washes' => [
+                'current' => $currentWashes,
+                'previous' => $previousWashes,
+                'change' => round($washesChange, 1),
+            ],
+            'yield' => [
+                'current' => number_format($currentYield, 1),
+                'previous' => number_format($previousYield, 1),
+                'change' => round($yieldChange, 1),
+            ],
+            'active_orders' => [
+                'current' => $activeWorkOrders,
+                'previous' => $activeWorkOrders, // No historical tracking
+                'change' => 0,
+            ],
+            'completed_orders' => [
+                'current' => $currentCompletedOrders,
+                'previous' => $previousCompletedOrders,
+                'change' => round($completedChange, 1),
+            ],
+            'strain_performance' => $strainPerformance,
+            'idle_fresh_frozen' => $idleFreshFrozen,
+            'active_washes' => $activeWashes,
+        ];
+    }
+
+    /**
+     * Get idle Fresh Frozen components ready for processing
+     */
+    private function getIdleFreshFrozen(Business $business): array
+    {
+        // Find Fresh Frozen category
+        $ffCategory = \App\Models\ComponentCategory::where('business_id', $business->id)
+            ->where('slug', 'fresh-frozen')
+            ->first();
+
+        if (! $ffCategory) {
+            return [
+                'components' => collect([]),
+                'total_count' => 0,
+                'total_weight' => 0,
+            ];
+        }
+
+        // Get all Fresh Frozen components with inventory
+        $components = \App\Models\Component::where('business_id', $business->id)
+            ->where('component_category_id', $ffCategory->id)
+            ->where('quantity_on_hand', '>', 0)
+            ->where('is_active', true)
+            ->orderBy('created_at', 'desc')
+            ->limit(5) // Show top 5 on dashboard
+            ->get();
+
+        // Add past performance data for each component
+        $componentsWithPerformance = $components->map(function ($component) use ($business) {
+            $strainName = str_replace(' - Fresh Frozen', '', $component->name);
+
+            // Get past washes for this strain
+            $pastWashes = \App\Models\Conversion::where('business_id', $business->id)
+                ->where('conversion_type', 'hash_wash')
+                ->where('status', 'completed')
+                ->whereJsonContains('metadata->stage_1->strain', $strainName)
+                ->orderBy('completed_at', 'desc')
+                ->take(10)
+                ->get();
+
+            if ($pastWashes->isEmpty()) {
+                $component->past_performance = [
+                    'has_data' => false,
+                    'wash_count' => 0,
+                    'avg_yield' => null,
+                    'avg_hash_quality' => null,
+                ];
+            } else {
+                // Calculate average yield
+                $avgYield = $pastWashes->avg(function ($wash) {
+                    $stage1 = $wash->getStage1Data();
+                    $stage2 = $wash->getStage2Data();
+                    if (! $stage1 || ! $stage2) {
+                        return 0;
+                    }
+
+                    $startingWeight = $stage1['starting_weight'] ?? 0;
+                    $totalYield = $stage2['total_yield'] ?? 0;
+
+                    return $startingWeight > 0 ? ($totalYield / $startingWeight) * 100 : 0;
+                });
+
+                // Calculate average hash quality (Stage 2) - defensive extraction
+                $qualityGrades = [];
+                foreach ($pastWashes as $wash) {
+                    $stage2 = $wash->getStage2Data();
+                    if (! $stage2 || ! isset($stage2['yields'])) {
+                        continue;
+                    }
+
+                    // Check all yield types for quality data (handles both hash and rosin structures)
+                    foreach ($stage2['yields'] as $yieldType => $yieldData) {
+                        if (isset($yieldData['quality']) && $yieldData['quality']) {
+                            $qualityGrades[] = $yieldData['quality'];
+                        }
+                    }
+                }
+
+                // Only include quality if we have the data
+                if (empty($qualityGrades)) {
+                    $component->past_performance = [
+                        'has_data' => true,  // Has wash data
+                        'wash_count' => $pastWashes->count(),
+                        'avg_yield' => round($avgYield, 1),
+                        'avg_hash_quality' => null,  // No quality data tracked
+                    ];
+                } else {
+                    $avgQuality = $this->calculateAverageQuality($qualityGrades);
+                    $component->past_performance = [
+                        'has_data' => true,
+                        'wash_count' => $pastWashes->count(),
+                        'avg_yield' => round($avgYield, 1),
+                        'avg_hash_quality' => $avgQuality['letter'],
+                    ];
+                }
+            }
+
+            return $component;
+        });
+
+        return [
+            'components' => $componentsWithPerformance,
+            'total_count' => $componentsWithPerformance->count(),
+            'total_weight' => $componentsWithPerformance->sum('quantity_on_hand'),
+        ];
+    }
+
+    /**
+     * Get strain-specific performance metrics for processing department
+     */
+    private function getStrainPerformanceData(Business $business, $startDate): array
+    {
+        // Get all completed washes for the period
+        $washes = \App\Models\Conversion::where('business_id', $business->id)
+            ->where('conversion_type', 'hash_wash')
+            ->where('status', 'completed')
+            ->where('created_at', '>=', $startDate)
+            ->get();
+
+        // Group by strain and calculate metrics
+        $strainData = [];
+        foreach ($washes as $wash) {
+            $stage1 = $wash->getStage1Data();
+            $stage2 = $wash->getStage2Data();
+
+            if (! $stage1 || ! $stage2) {
+                continue;
+            }
+
+            $strain = $stage1['strain'] ?? 'Unknown';
+            $startingWeight = $stage1['starting_weight'] ?? 0;
+            $totalYield = $stage2['total_yield'] ?? 0;
+
+            if (! isset($strainData[$strain])) {
+                $strainData[$strain] = [
+                    'strain' => $strain,
+                    'wash_count' => 0,
+                    'total_input' => 0,
+                    'total_output' => 0,
+                    'yields' => [],
+                    'hash_stage1_quality_grades' => [],
+                    'hash_stage2_quality_grades' => [],
+                ];
+            }
+
+            $strainData[$strain]['wash_count']++;
+            $strainData[$strain]['total_input'] += $startingWeight;
+            $strainData[$strain]['total_output'] += $totalYield;
+
+            // Calculate yield percentage as number
+            $yieldPercentage = $startingWeight > 0 ? ($totalYield / $startingWeight) * 100 : 0;
+            $strainData[$strain]['yields'][] = $yieldPercentage;
+
+            // Collect quality grades from Stage 1 (hash - initial assessment)
+            if (isset($stage1['quality_grades'])) {
+                foreach ($stage1['quality_grades'] as $micron => $grade) {
+                    if ($grade) {
+                        $strainData[$strain]['hash_stage1_quality_grades'][] = $grade;
+                    }
+                }
+            }
+
+            // Collect quality grades from Stage 2 (hash - final assessment after drying)
+            if (isset($stage2['yields'])) {
+                foreach ($stage2['yields'] as $type => $data) {
+                    if (isset($data['quality']) && $data['quality']) {
+                        $strainData[$strain]['hash_stage2_quality_grades'][] = $data['quality'];
+                    }
+                }
+            }
+        }
+
+        // Calculate averages and format data
+        $results = [];
+        foreach ($strainData as $strain => $data) {
+            $avgYield = count($data['yields']) > 0 ? array_sum($data['yields']) / count($data['yields']) : 0;
+
+            // Calculate average quality grades
+            // Stage 1: Initial hash assessment during washing
+            // Stage 2: Final hash assessment after drying
+            $hashStage1Quality = $this->calculateAverageQuality($data['hash_stage1_quality_grades']);
+            $hashStage2Quality = $this->calculateAverageQuality($data['hash_stage2_quality_grades']);
+
+            $results[] = [
+                'strain' => $strain,
+                'wash_count' => $data['wash_count'],
+                'total_input_g' => round($data['total_input'], 2),
+                'total_output_g' => round($data['total_output'], 2),
+                'avg_yield_percentage' => round($avgYield, 2),
+                'avg_input_per_wash' => $data['wash_count'] > 0 ? round($data['total_input'] / $data['wash_count'], 2) : 0,
+                'avg_output_per_wash' => $data['wash_count'] > 0 ? round($data['total_output'] / $data['wash_count'], 2) : 0,
+                'avg_hash_quality' => $hashStage1Quality['letter'],  // Stage 1 assessment
+                'avg_rosin_quality' => $hashStage2Quality['letter'],  // Stage 2 assessment (still called rosin for backward compat with views)
+                'hash_quality_score' => $hashStage1Quality['score'],
+                'rosin_quality_score' => $hashStage2Quality['score'],  // Actually hash Stage 2 score
+            ];
+        }
+
+        // Sort by wash count (most processed strains first)
+        usort($results, function ($a, $b) {
+            return $b['wash_count'] - $a['wash_count'];
+        });
+
+        return $results;
+    }
+
+    /**
+     * Calculate average quality grade from array of letter grades
+     *
+     * @param  array  $grades  Array of letter grades (A, B, C, D, F)
+     * @return array ['letter' => 'A', 'score' => 4.0]
+     */
+    private function calculateAverageQuality(array $grades): array
+    {
+        if (empty($grades)) {
+            return ['letter' => null, 'score' => null];
+        }
+
+        // Convert letters to numeric scores
+        $gradeMap = ['A' => 4, 'B' => 3, 'C' => 2, 'D' => 1, 'F' => 0];
+        $scores = array_map(fn ($grade) => $gradeMap[$grade] ?? 0, $grades);
+
+        $avgScore = array_sum($scores) / count($scores);
+
+        // Convert back to letter grade
+        if ($avgScore >= 3.5) {
+            $letter = 'A';
+        } elseif ($avgScore >= 2.5) {
+            $letter = 'B';
+        } elseif ($avgScore >= 1.5) {
+            $letter = 'C';
+        } elseif ($avgScore >= 0.5) {
+            $letter = 'D';
+        } else {
+            $letter = 'F';
+        }
+
+        return ['letter' => $letter, 'score' => round($avgScore, 2)];
+    }
+
+    /**
+     * Get fleet/delivery metrics
+     */
+    private function getFleetMetrics(Business $business): array
+    {
+        // Current metrics
+        $totalDrivers = \App\Models\Driver::where('business_id', $business->id)->count();
+        $activeVehicles = \App\Models\Vehicle::where('business_id', $business->id)
+            ->where('status', 'active')
+            ->count();
+        $totalVehicles = \App\Models\Vehicle::where('business_id', $business->id)->count();
+
+        // Deliveries today (would need Delivery model - placeholder)
+        $deliveriesToday = 0;
+
+        return [
+            'drivers' => [
+                'current' => $totalDrivers,
+                'previous' => $totalDrivers,
+                'change' => 0,
+            ],
+            'active_vehicles' => [
+                'current' => $activeVehicles,
+                'previous' => $activeVehicles,
+                'change' => 0,
+            ],
+            'total_vehicles' => [
+                'current' => $totalVehicles,
+                'previous' => $totalVehicles,
+                'change' => 0,
+            ],
+            'deliveries_today' => [
+                'current' => $deliveriesToday,
+                'previous' => 0,
+                'change' => 0,
+            ],
+        ];
+    }
 }

app/Http/Controllers/DispensarySetupController.php

@@ -9,7 +9,9 @@ class DispensarySetupController extends Controller
     public function create(Request $request, $step = 1)
     {
         // TODO: Implement dispensary setup wizard
-        return view('buyer.dispensary.setup', compact('step'));
+        $business = auth()->user()->businesses->first();
+
+        return view('buyer.dispensary.setup', compact('step', 'business'));
     }
 
     public function store(Request $request, $step = 1)

app/Http/Controllers/DriverController.php

@@ -13,7 +13,7 @@ class DriverController extends Controller
      */
     public function index(\App\Models\Business $business)
     {
-        $drivers = Driver::where('business_id', $business->id)
+        $drivers = Driver::forBusiness($business)
             ->orderBy('created_at', 'desc')
             ->get();
 
@@ -52,7 +52,7 @@ class DriverController extends Controller
     public function update(\App\Models\Business $business, Request $request, Driver $driver)
     {
         // Ensure driver belongs to this business
-        if ($driver->business_id !== $business->id) {
+        if (! $driver->belongsToBusiness($business)) {
             abort(403, 'Unauthorized action.');
         }
 
@@ -78,7 +78,7 @@ class DriverController extends Controller
     public function destroy(\App\Models\Business $business, Driver $driver)
     {
         // Ensure driver belongs to this business
-        if ($driver->business_id !== $business->id) {
+        if (! $driver->belongsToBusiness($business)) {
             abort(403, 'Unauthorized action.');
         }
 
@@ -95,7 +95,7 @@ class DriverController extends Controller
     public function toggle(\App\Models\Business $business, Driver $driver)
     {
         // Ensure driver belongs to this business
-        if ($driver->business_id !== $business->id) {
+        if (! $driver->belongsToBusiness($business)) {
             abort(403, 'Unauthorized action.');
         }
 

app/Http/Controllers/FavoriteController.php

@@ -2,23 +2,24 @@
 
 namespace App\Http\Controllers;
 
+use App\Models\Business;
 use Illuminate\Http\Request;
 
 class FavoriteController extends Controller
 {
-    public function index(Request $request)
+    public function index(Business $business, Request $request)
     {
         // TODO: Implement favorites index
-        return view('buyer.favorites.index');
+        return view('buyer.favorites.index', compact('business'));
     }
 
-    public function add(Request $request, $product)
+    public function add(Business $business, Request $request, $product)
     {
         // TODO: Implement add to favorites
         return back();
     }
 
-    public function remove(Request $request, $product)
+    public function remove(Business $business, Request $request, $product)
     {
         // TODO: Implement remove from favorites
         return back();

app/Http/Controllers/ImageController.php

@@ -0,0 +1,129 @@
+<?php
+
+namespace App\Http\Controllers;
+
+use App\Models\Brand;
+use Illuminate\Support\Facades\Storage;
+use Intervention\Image\Drivers\Gd\Driver;
+use Intervention\Image\ImageManager;
+
+class ImageController extends Controller
+{
+    /**
+     * Serve a brand logo at a specific size
+     * URL: /images/brand-logo/{brand}/{width?}
+     */
+    public function brandLogo(Brand $brand, ?int $width = null)
+    {
+        if (! $brand->logo_path || ! Storage::disk('public')->exists($brand->logo_path)) {
+            abort(404);
+        }
+
+        // If no width specified, return original
+        if (! $width) {
+            $path = storage_path('app/public/'.$brand->logo_path);
+
+            return response()->file($path);
+        }
+
+        // Map common widths to pre-generated sizes (retina-optimized)
+        $sizeNames = [
+            160 => 'thumb',    // 2x retina for 80px display
+            600 => 'medium',   // 2x retina for 300px display
+            1600 => 'large',   // 2x retina for 800px display
+        ];
+
+        // Check if pre-generated thumbnail exists (from import)
+        if (isset($sizeNames[$width])) {
+            // Try PNG first, then JPG (for backwards compatibility)
+            $ext = pathinfo($brand->logo_path, PATHINFO_EXTENSION);
+            $pregenPath = str_replace('.'.$ext, '-'.$sizeNames[$width].'.'.$ext, $brand->logo_path);
+            if (Storage::disk('public')->exists($pregenPath)) {
+                $path = storage_path('app/public/'.$pregenPath);
+
+                return response()->file($path);
+            }
+        }
+
+        // Check if cached dynamic thumbnail exists
+        $ext = pathinfo($brand->logo_path, PATHINFO_EXTENSION);
+        $thumbnailName = str_replace('.'.$ext, "-{$width}w.{$ext}", basename($brand->logo_path));
+        $thumbnailPath = 'brands/cache/'.$thumbnailName;
+
+        if (! Storage::disk('public')->exists($thumbnailPath)) {
+            // Generate thumbnail on-the-fly
+            $manager = new ImageManager(new Driver);
+            $image = $manager->read(storage_path('app/public/'.$brand->logo_path));
+            $image->scale(width: $width);
+
+            // Cache the thumbnail
+            if (! Storage::disk('public')->exists('brands/cache')) {
+                Storage::disk('public')->makeDirectory('brands/cache');
+            }
+
+            // Save as PNG or JPEG based on original format
+            $encoded = $ext === 'png' ? $image->toPng() : $image->toJpeg(quality: 90);
+            Storage::disk('public')->put($thumbnailPath, $encoded);
+        }
+
+        $path = storage_path('app/public/'.$thumbnailPath);
+
+        return response()->file($path);
+    }
+
+    /**
+     * Serve a brand banner at a specific width
+     * URL: /images/brand-banner/{brand}/{width?}
+     */
+    public function brandBanner(Brand $brand, ?int $width = null)
+    {
+        if (! $brand->banner_path || ! Storage::disk('public')->exists($brand->banner_path)) {
+            abort(404);
+        }
+
+        // If no width specified, return original
+        if (! $width) {
+            $path = storage_path('app/public/'.$brand->banner_path);
+
+            return response()->file($path);
+        }
+
+        // Map common widths to pre-generated sizes (retina-optimized)
+        $sizeNames = [
+            1344 => 'medium',  // 2x retina for 672px display
+            2560 => 'large',   // 2x retina for 1280px display
+        ];
+
+        // Check if pre-generated thumbnail exists (from import)
+        if (isset($sizeNames[$width])) {
+            $pregenPath = str_replace('.jpg', '-'.$sizeNames[$width].'.jpg', $brand->banner_path);
+            if (Storage::disk('public')->exists($pregenPath)) {
+                $path = storage_path('app/public/'.$pregenPath);
+
+                return response()->file($path);
+            }
+        }
+
+        // Check if cached dynamic thumbnail exists
+        $thumbnailName = str_replace('.jpg', "-{$width}w.jpg", basename($brand->banner_path));
+        $thumbnailPath = 'brands/cache/'.$thumbnailName;
+
+        if (! Storage::disk('public')->exists($thumbnailPath)) {
+            // Generate thumbnail on-the-fly
+            $manager = new ImageManager(new Driver);
+            $image = $manager->read(storage_path('app/public/'.$brand->banner_path));
+            $image->scale(width: $width);
+
+            // Cache the thumbnail
+            if (! Storage::disk('public')->exists('brands/cache')) {
+                Storage::disk('public')->makeDirectory('brands/cache');
+            }
+
+            Storage::disk('public')->put($thumbnailPath, $image->toJpeg(quality: 90));
+        }
+
+        $path = storage_path('app/public/'.$thumbnailPath);
+
+        return response()->file($path);
+    }
+}

app/Http/Controllers/MarketplaceController.php

@@ -48,9 +48,13 @@ class MarketplaceController extends Controller
             $query->where('wholesale_price', '<=', $priceMax);
         }
 
-        // In stock filter
+        // In stock filter (using batch-based inventory)
         if ($request->input('in_stock')) {
-            $query->where('quantity_on_hand', '>', 0);
+            $query->whereHas('batches', function ($q) {
+                $q->where('is_active', true)
+                    ->where('is_quarantined', false)
+                    ->where('quantity_available', '>', 0);
+            });
         }
 
         // Sorting
@@ -78,7 +82,9 @@ class MarketplaceController extends Controller
             ->limit(3)
             ->get();
 
-        return view('buyer.marketplace.index', compact('products', 'brands', 'featuredProducts'));
+        $business = auth()->user()->businesses->first();
+
+        return view('buyer.marketplace.index', compact('products', 'brands', 'featuredProducts', 'business'));
     }
 
     /**
@@ -102,7 +108,9 @@ class MarketplaceController extends Controller
             ->orderBy('name')
             ->get();
 
-        return view('buyer.marketplace.brands', compact('brands'));
+        $business = auth()->user()->businesses->first();
+
+        return view('buyer.marketplace.brands', compact('brands', 'business'));
     }
 
     /**
@@ -110,7 +118,9 @@ class MarketplaceController extends Controller
      */
     public function category($category)
     {
-        return view('buyer.marketplace.category', compact('category'));
+        $business = auth()->user()->businesses->first();
+
+        return view('buyer.marketplace.category', compact('category', 'business'));
     }
 
     /**
@@ -129,12 +139,11 @@ class MarketplaceController extends Controller
             ->with([
                 'brand',
                 'strain',
-                'labs',
+                'labs' => function ($q) {
+                    $q->latest('test_date');
+                },
                 'availableBatches' => function ($query) {
-                    $query->with(['labs' => function ($q) {
-                        $q->latest('test_date');
-                    }])
-                        ->orderBy('production_date', 'desc')
+                    $query->orderBy('production_date', 'desc')
                         ->orderBy('created_at', 'desc');
                 },
             ])
@@ -159,7 +168,9 @@ class MarketplaceController extends Controller
             ->limit(4)
             ->get();
 
-        return view('buyer.marketplace.product', compact('product', 'relatedProducts', 'brand'));
+        $business = auth()->user()->businesses->first();
+
+        return view('buyer.marketplace.product', compact('product', 'relatedProducts', 'brand', 'business'));
     }
 
     /**
@@ -191,6 +202,8 @@ class MarketplaceController extends Controller
             ->orderBy('name')
             ->paginate(20);
 
-        return view('buyer.marketplace.brand', compact('brand', 'featuredProducts', 'products'));
+        $business = auth()->user()->businesses->first();
+
+        return view('buyer.marketplace.brand', compact('brand', 'featuredProducts', 'products', 'business'));
     }
 }