A bunch of bug fixes and feature improvements

[petorikooru]

The information is available on the commit message

[IritaSee]

@copilot ensure this PR is only for frontend improvements

[Copilot]

Pull request overview

This PR bundles multiple UI tweaks and admin-side improvements, including a new admin password-change flow, global audio mute control, and updated announcement/state handling, alongside dependency updates.

Changes:

• Added admin routes + controller actions + UI for changing a user’s password via NIM search/autocomplete.
• Introduced a global mute toggle (SoundProvider state + new MuteButton mounted in the app shell).
• Refined announcement UX (scrolling/layout) and status handling (pending state), plus various UI/layout adjustments across user/admin pages.

Reviewed changes

Copilot reviewed 20 out of 21 changed files in this pull request and generated 11 comments.

Show a summary per file

File	Description
routes/web.php	Adds admin endpoints for password change UI + submit.
resources/js/app.jsx	Mounts the global MuteButton within SoundProvider.
resources/js/Pages/welcome.jsx	Adjusts landing page image positioning classes.
resources/js/Pages/User/oaline.jsx	Updates footer styling/content rendering.
resources/js/Pages/User/cores.jsx	Tweaks unlocked-all CTA positioning.
resources/js/Pages/User/assistants.jsx	Adjusts total page count and adds footer.
resources/js/Pages/User/announcement.jsx	Reworks layout to allow scrolling, fixes positioning, adds internal scroll area and scrollbar-hiding styles.
resources/js/Pages/Admin/password.jsx	Adds NIM autocomplete/search dropdown and UX updates for admin password changes.
resources/js/Pages/Admin/home.jsx	Switches displayed admin name to come from Inertia shared props.
resources/js/Pages/Admin/caas.jsx	Formatting-only JSX changes and minor router call cleanup.
resources/js/Components/UnderwaterEffect.jsx	Removes inline SVG filter defs and refactors whitespace/formatting.
resources/js/Components/SoundProvider.jsx	Adds mute state + exposes muted in context; lowers default volume.
resources/js/Components/ShiftSuccessModal.jsx	Removes desktop close button block (and previously removed backdrop click).
resources/js/Components/MuteButton.jsx	New fixed-position UI control to toggle mute via Sound context.
resources/js/Components/CaasCard.jsx	Adds truncation and max-width class for card text.
resources/js/Components/AssistantBook.jsx	Removes a comment line (no functional change).
resources/js/Components/AdminDashboard.jsx	Adjusts pending-action type handling, stage label mapping, and adds scroll/word-wrap helper CSS.
composer.lock	Updates Laravel/ecosystem dependencies and lock metadata.
app/Http/Controllers/UserController.php	Adds passwordChangeView + updatePassword endpoints and search logic.
app/Http/Controllers/User/AnnouncementController.php	Introduces pending status mapping using match.
README.md	Updates logo asset reference to .webp and minor formatting.

Comments suppressed due to low confidence (1)

resources/js/Components/UnderwaterEffect.jsx:103

• backdropFilter/WebkitBackdropFilter references url(#waterDistortion), but the <svg><filter id="waterDistortion" ...></filter></svg> definition was removed from this component. As a result the distortion filter won’t resolve; either restore the SVG filter defs (e.g., hidden in the DOM) or remove the url(#waterDistortion) reference and rely on supported CSS effects.

                        zIndex: 3,
                        backdropFilter: 'url(#waterDistortion) blur(1px)',
                        WebkitBackdropFilter: 'url(#waterDistortion) blur(1px)',
                        background: 'rgba(0, 100, 200, 0.08)',
                        pointerEvents: 'none'

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

[Copilot]

Spelling: footer text should read “All Rights Reserved” (not “All Right Served”).

Suggested change

	@Atlantis.DLOR2026. All Right Served
	@Atlantis.DLOR2026. All Rights Reserved

[IritaSee]

@petorikooru is this intentional? (Easter Egg related?)

[petorikooru]

my bad, it is a typo

[Copilot]

Spelling: comment says “If Revelaled”; should be “If Revealed”.

Suggested change

	{/* If Revelaled */}
	{/* If Revealed */}

[Copilot]

This endpoint validates current_password against users.nim and then updates that user’s password, which effectively allows changing any account’s password by NIM (including admins). If that’s not intended, restrict the query/validation to non-admin users and/or add an authorization check for which accounts an admin can modify.

Suggested change

	$user = User::where('nim', $request->current_password)->firstOrFail();
	$user->update([
	$authenticatedUser = $request->user();
	if (!$authenticatedUser || $authenticatedUser->nim !== $request->current_password) {
	return back()->withErrors([
	'current_password' => 'The provided NIM does not match the authenticated user.',
	]);
	}
	$authenticatedUser->update([

[petorikooru]

added

[Copilot]

searchTimeoutRef is used to debounce the search, but the pending timeout isn’t cleared on unmount. Add a cleanup (e.g., in a useEffect return) to clearTimeout(searchTimeoutRef.current) to avoid a delayed router.get firing after navigation.

Suggested change

	useEffect(() => {
	return () => {
	if (searchTimeoutRef.current) {
	clearTimeout(searchTimeoutRef.current);
	}
	};
	}, []);

[IritaSee]

@petorikooru i think we can skip this but this might raise a new bug in the future, kindly check them out

[petorikooru]

i see, i will investigate it later

[Copilot]

bottom-30 isn’t part of Tailwind’s default spacing scale, and this project’s @theme section doesn’t define custom spacing tokens. If this class isn’t generated, the element will fall back to bottom: auto. Use a valid spacing utility (e.g., bottom-28/bottom-32) or an arbitrary value like bottom-[7.5rem].

Suggested change

	<div className="absolute bottom-30 md:bottom-24 w-full flex justify-center z-50 transition-opacity duration-1000 animate-fadeIn">
	<div className="absolute bottom-[7.5rem] md:bottom-24 w-full flex justify-center z-50 transition-opacity duration-1000 animate-fadeIn">

[Copilot]

Spelling: footer text should read “All Rights Reserved” (not “All Right Served”).

Suggested change

	@Atlantis.DLOR2026. All Right Served
	@Atlantis.DLOR2026. All Rights Reserved

[IritaSee]

@petorikooru is this intentional?

[petorikooru]

My bad, that's a typo

[Copilot]

auth shared by HandleInertiaRequests exposes auth.user, not auth.profile, so auth.profile will be undefined and the UI will always fall back to “Admin”. Use auth.user (and auth.user.profile if it’s loaded) or update the shared props to include profile/eager-load the relation.

Suggested change

	const {auth} = usePage().props;
	const profile= auth.profile|| {};
	const USER = profile.name || "Admin";
	const { auth } = usePage().props;
	const user = auth?.user || {};
	const profile = user.profile || {};
	const USER = profile.name || user.name || "Admin";

[petorikooru]

fixed

[Copilot]

The desktop layout no longer has any close affordance (the backdrop click handler is commented out and the desktop “Close” button was removed). This can trap desktop users in the modal; add a close button to the desktop layout and/or re-enable a safe dismiss mechanism (e.g., ESC key and/or backdrop click).

[petorikooru]

this is intentional since the user can no longer reselect the shift

[Copilot]

The search query can return admin accounts too (no is_admin = false filter). Since this page is for changing practikans/CaAs passwords, consider explicitly restricting results to non-admin users (and ideally only eligible roles) to avoid accidentally exposing/changing admin credentials.

[Copilot]

The form field named current_password is being repurposed as “Praktikans NIM” (and is also used as the live search term). This is confusing and makes validation/errors harder to reason about; consider renaming the field to nim (and keeping search as separate UI state/query param) in both the React form and the controller validation.