fix(erp): enable erp pages and menu items

- Create CreatePlanModal component with Headless UI Dialog
- Implement dark mode support throughout plans UI
- Update plans/page.tsx with professional card layout
- Update plans/[id]/page.tsx with consistent styling
- Add proper spacing, typography, and color consistency
- Implement smooth animations and transitions
- Add success/error message feedback
- Improve form UX with better input styling

.agent/agent-gemini.md

@@ -0,0 +1,74 @@
+# Agent Gemini - Log de Evolução do Projeto Aggios
+
+Este arquivo documenta as contribuições do Agente Code AI (Gemini) e a compreensão técnica consolidada sobre o ecossistema Aggios.
+
+## 🚀 Visão Geral do Projeto
+O **Aggios** é uma plataforma SaaS multi-tenant focada em agências, oferecendo uma suíte "all-in-one" que inclui CRM, ERP, Gestão de Projetos, entre outros.
+
+### Stack Tecnológica
+- **Frontend:** Next.js (App Router), TypeScript, Tailwind CSS, Headless UI.
+- **Backend:** Go (Golang) com roteamento `gorilla/mux`.
+- **Banco de Dados:** PostgreSQL (migrações SQL puras).
+- **Infraestrutura:** Docker Compose (backend, agency-frontend, minio, postgres, redis).
+
+---
+
+## 🛠️ Contribuições do Agente (Dezembro/2025)
+
+### 1. Módulo ERP - Finanças & Caixa
+- **Gestão de Múltiplas Contas:** Implementação completa (CRUD) de contas bancárias no backend e frontend.
+- **Controle de Saldo em Tempo Real:** Desenvolvimento da lógica de repositório em Go para atualizar o `current_balance` de contas baseando-se no status das transações financeiras (`paid`, `pending`).
+- **Resumo Financeiro:** Refatoração dos cartões de estatísticas para exibir o "Saldo de Caixa" real (somatório de contas) em vez de apenas totais de lançamentos filtrados.
+- **Dashboard ERP Real:** Dados reais, gráficos automáticos e filtros de status/data avançados.
+- **Módulo de Documentos:** Implementado sistema de documentos (estilo Google Docs) com editor de texto e gestão por tenant.
+
+### 2. UI/UX & Design System (Padrão Aggios)
+- **Refinação Minimalista Flat:** Aplicação do padrão visual "Clean & Flat" na página de finanças, removendo sombras pesadas e mantendo foco no contraste e tipografia.
+- **Componentização:** Utilização e refinamento de componentes em `components/ui` (Input, CustomSelect, DataTable).
+- **Barra de Busca:** Implementação de busca reativa integrada ao `Input` padronizado.
+
+### 3. Otimização e Reatividade
+- **Correção de Cache da API:** Configuração de `cache: 'no-store'` nas chamadas de serviço para garantir integridade dos dados sem necessidade de recarregar a página (F5).
+- **Sync de Estado:** Ajuste nos handlers do React para usar `await fetchData()` em todas as operações de escrita, garantindo que a UI reflita as mudanças do backend instantaneamente.
+
+### 4. Novas Funcionalidades (27 de Dezembro de 2025)
+- **Ações em Lote (Bulk Actions):** Implementação de seleção múltipla em transações financeiras e produtos. Adição de barra de ações flutuante para exclusão em massa e atualização de status coletiva.
+- **Melhorias no Dashboard & Filtros:** Refinamento dos filtros de data, busca reativa e integração de ações em lote nos módulos de "Contas a Pagar" e "Contas a Receber".
+- **Gestão de Contas Bancárias:** Refatoração da interface de contas (cards) com feedback visual de saldo e integração direta com o fluxo de caixa.
+
+---
+
+## 🧠 Entendimento Técnico do Sistema
+
+### Arquitetura de Soluções
+O sistema utiliza um sistema de **Solutions** vinculadas a **Planos**.
+- Slugs identificados: `crm`, `erp`, `projetos`, `helpdesk`, `pagamentos`, `contratos`, `documentos`, `social`.
+- O acesso é controlado via `SolutionGuard` no frontend e middleware de tenant no backend.
+
+### Estrutura de Autenticação
+- **Níveis de Acesso:** `SUPERADMIN` (Aggios), `ADMIN_AGENCIA` (Dono da agência/Tenant), `CLIENTE` (Portal do Cliente).
+- **Segurança:** JWT armazenado no `localStorage` com envio no header `Authorization`.
+
+### Padrão de Design "Aggios Pattern"
+- **Cards:** Bordas sutis (`zinc-100/800`), sem sombras, `rounded-2xl` ou `[32px]`.
+- **Botões:** Uso de gradientes (`var(--gradient)`) para ações primárias e visual flat para secundárias.
+- **Feedback:** Uso intensivo de `react-hot-toast` para notificações de sucesso/erro.
+
+---
+
+## 🛠️ Diretrizes de Desenvolvimento
+
+### 📋 Uso de Templates e Padronização
+Para manter a consistência visual e técnica do ecossistema Aggios, o Agente deve seguir rigorosamente estas regras:
+
+1.  **Aggios App Pattern:** Sempre basear novas telas e funcionalidades no workflow `aggios-app-pattern.md`. Isso garante que a hierarquia visual (PageHeader -> StatsCards -> Tabs -> DataTable) seja preservada.
+2.  **Componentes UI Reutilizáveis:** Nunca criar elementos de interface ad-hoc se existir um componente correspondente em `components/ui`. Priorizar o uso de:
+    -   `DataTable` para listagens.
+    -   `Input` e `CustomSelect` para formulários e buscas.
+    -   `StatsCard` para indicadores numéricos e financeiros.
+3.  **Visual Minimalista Flat:** Evitar o uso de sombras (`shadow`), utilizando bordas sutis (`border-zinc-100` / `dark:border-zinc-800`) e fundos contrastantes para separar camadas.
+4.  **Reatividade Garantida:** Manter o padrão de execução assíncrona com `await fetchData()` e desativação de cache da API para que os templates reflitam mudanças instantaneamente sem recarregar a página.
+5.  **Rebuild de Containers:** Sempre que houver mudanças estruturais no frontend (especialmente no `front-end-agency`), é necessário rodar `docker-compose up -d --build agency` para refletir as alterações no ambiente de produção/Docker.
+
+---
+*Documentado por Gemini (Agent Gemini) em 27 de Dezembro de 2025.*

.agent/workflows/aggios-app-pattern.md

@@ -0,0 +1,117 @@
+---
+description: Padrão de Design Aggios App para Páginas de Listagem e Dashboards
+---
+
+# Padrão de Design Aggios App
+
+Este workflow descreve como construir uma página seguindo o design system da Aggios, utilizando os componentes padronizados na pasta `components/ui`.
+
+## 1. Estrutura Básica da Página
+
+Toda página deve ser envolvida por um container com padding e largura máxima:
+
+```tsx
+<div className="p-6 max-w-[1600px] mx-auto space-y-6">
+    {/* Conteúdo aqui */}
+</div>
+```
+
+## 2. Cabeçalho (`PageHeader`)
+
+Utilize o `PageHeader` para títulos, descrições e ações globais da página.
+
+```tsx
+<PageHeader
+    title="Título da Página"
+    description="Breve descrição da funcionalidade."
+    primaryAction={{
+        label: "Novo Item",
+        icon: <PlusIcon className="w-4 h-4" />,
+        onClick: () => handleCreate()
+    }}
+/>
+```
+
+## 3. Cartões de Estatísticas (`StatsCard`)
+
+Para dashboards ou resumos, utilize o grid de stats:
+
+```tsx
+<div className="grid grid-cols-1 sm:grid-cols-2 lg:grid-cols-4 gap-6">
+    <StatsCard 
+        title="Métrica"
+        value="R$ 1.000"
+        icon={<CurrencyDollarIcon className="w-6 h-6" />}
+        trend={{ value: '10%', label: 'vs ontem', type: 'up' }}
+    />
+</div>
+```
+
+## 4. Filtros e Pesquisa (Minimalista Flat)
+
+Os filtros não devem ter sombras nem cores de marca no estado inicial/focus. Devem usar um visual "Clean" com contraste sólido.
+
+```tsx
+<div className="flex flex-col md:flex-row gap-4 items-center">
+    <div className="flex-1 w-full">
+        <Input
+            placeholder="Pesquisar..."
+            leftIcon={<MagnifyingGlassIcon className="w-5 h-5 text-zinc-400" />}
+            className="bg-white dark:bg-zinc-900 border-zinc-200 dark:border-zinc-800 focus:border-zinc-400 dark:focus:border-zinc-500"
+        />
+    </div>
+    <div className="w-full md:w-80">
+        <DatePicker 
+            value={dateRange}
+            onChange={setDateRange}
+            buttonClassName="bg-white dark:bg-zinc-900 border-zinc-200 dark:border-zinc-800 text-zinc-700 dark:text-zinc-300 hover:border-zinc-400"
+        />
+    </div>
+    <div className="w-full md:w-56">
+        <CustomSelect 
+           value={status}
+           onChange={setStatus}
+           options={[
+               { label: 'Todos', value: 'all' },
+               { label: 'Ativo', value: 'active', color: 'bg-emerald-500' },
+           ]}
+           buttonClassName="bg-white dark:bg-zinc-900 border-zinc-200 dark:border-zinc-800 hover:border-zinc-400"
+        />
+    </div>
+</div>
+```
+
+## 5. Abas e Tabelas (`Tabs` & `DataTable`)
+
+Para organizar o conteúdo principal, utilize o componente `Tabs`. Dentro de cada aba, utilize `Card` com `noPadding` para envolver a `DataTable`.
+
+```tsx
+<Tabs
+    variant="pills" // ou 'underline'
+    items={[
+        {
+            label: 'Listagem',
+            icon: <TableIcon />,
+            content: (
+                <Card noPadding title="Itens" description="Gerenciamento de registros.">
+                    <DataTable 
+                        columns={COLUMNS}
+                        data={DATA}
+                        pagination={{ ... }}
+                    />
+                </Card>
+            )
+        }
+    ]}
+/>
+```
+
+## Regras de Estilo e Cores
+- **Botões Primários**: Sempre use `variant="primary"` e aplique o gradiente via style/classe: `style={{ background: 'var(--gradient)' }} className="shadow-lg shadow-brand-500/20"`.
+- **Bordas**: Use `border-zinc-200` para light mode e `dark:border-zinc-800` para dark mode.
+- **Backgrounds**: Use `bg-white` (light) e `dark:bg-zinc-900` (dark) para componentes elevados.
+- **Cards & Containers (Flat Design)**:
+    - **Cards:** Fundo branco/zinc-900, bordas sutis (`border-zinc-200` / `dark:border-zinc-800`), **SEM SOMBRAS**.
+    - **Border Radius:** Usar `rounded-2xl` (16px) ou `rounded-[32px]` para containers grandes.
+    - **StatsCards:** Texto de valor em `font-bold` ou `font-black`, ícones em boxes coloridos com opacidade 10% no dark mode.
+    - **Hover:** Apenas transições de cor ou escalas sutis, evitar sombras no hover.

.claude/settings.local.json

@@ -8,7 +8,9 @@
       "Bash(docker logs:*)",
       "Bash(docker exec:*)",
       "Bash(npx tsc:*)",
-      "Bash(docker-compose restart:*)"
+      "Bash(docker-compose restart:*)",
+      "Bash(npm install:*)",
+      "Bash(docker-compose build:*)"
     ]
   }
 }

.vscode/tasks.json

@@ -0,0 +1,10 @@
+{
+	"version": "2.0.0",
+	"tasks": [
+		{
+			"label": "build-agency-frontend",
+			"type": "shell",
+			"command": "docker compose build agency"
+		}
+	]
+}

1. docs/planos-roadmap.md

@@ -0,0 +1,173 @@
+# Sistema de Planos - Roadmap
+
+## Status: Estrutura Frontend Criada ✅
+
+### O que foi criado no Frontend:
+1. **Menu Item** adicionado em `/superadmin/layout.tsx`
+   - Nova rota: `/superadmin/plans`
+
+2. **Página Principal de Planos** (`/superadmin/plans/page.tsx`)
+   - Lista todos os planos em grid
+   - Mostra: nome, descrição, faixa de usuários, preços, features, diferenciais
+   - Botão "Novo Plano"
+   - Botões Editar e Deletar
+   - Status visual (ativo/inativo)
+
+3. **Página de Edição de Plano** (`/superadmin/plans/[id]/page.tsx`)
+   - Formulário completo para editar:
+     - Informações básicas (nome, slug, descrição)
+     - Faixa de usuários (min/max)
+     - Preços (mensal/anual)
+     - Armazenamento (GB)
+     - Status (ativo/inativo)
+   - TODO: Editor de Features e Diferenciais
+
+---
+
+## Próximos Passos - Backend
+
+### 1. Modelo de Dados (Domain)
+```go
+// internal/domain/plan.go
+type Plan struct {
+    ID              string        `json:"id"`
+    Name            string        `json:"name"`
+    Slug            string        `json:"slug"`
+    Description     string        `json:"description"`
+    MinUsers        int           `json:"min_users"`
+    MaxUsers        int           `json:"max_users"` // -1 = unlimited
+    MonthlyPrice    *decimal.Decimal `json:"monthly_price"`
+    AnnualPrice     *decimal.Decimal `json:"annual_price"`
+    Features        pq.StringArray   `json:"features"` // CRM, ERP, etc
+    Differentiators pq.StringArray   `json:"differentiators"`
+    StorageGB       int           `json:"storage_gb"`
+    IsActive        bool          `json:"is_active"`
+    CreatedAt       time.Time     `json:"created_at"`
+    UpdatedAt       time.Time     `json:"updated_at"`
+}
+
+type Subscription struct {
+    ID            string    `json:"id"`
+    AgencyID      string    `json:"agency_id"`
+    PlanID        string    `json:"plan_id"`
+    BillingType   string    `json:"billing_type"` // monthly/annual
+    CurrentUsers  int       `json:"current_users"`
+    Status        string    `json:"status"` // active/suspended/cancelled
+    StartDate     time.Time `json:"start_date"`
+    RenewalDate   time.Time `json:"renewal_date"`
+    CreatedAt     time.Time `json:"created_at"`
+    UpdatedAt     time.Time `json:"updated_at"`
+}
+```
+
+### 2. Migrations
+- `001_create_plans_table.sql`
+- `002_create_agency_subscriptions_table.sql`
+- `003_add_plan_id_to_agencies.sql`
+
+### 3. Repository
+- `PlanRepository` (CRUD)
+- `SubscriptionRepository` (CRUD)
+
+### 4. Service
+- `PlanService` (validações, lógica)
+- `SubscriptionService` (validar limite de usuários, etc)
+
+### 5. Handlers (API)
+```
+GET    /api/admin/plans           - Listar planos
+POST   /api/admin/plans           - Criar plano
+GET    /api/admin/plans/:id       - Obter plano
+PUT    /api/admin/plans/:id       - Atualizar plano
+DELETE /api/admin/plans/:id       - Deletar plano
+
+GET    /api/admin/subscriptions   - Listar subscrições
+```
+
+### 6. Seeds
+- Seed dos 4 planos padrão (Ignição, Órbita, Cosmos, Enterprise)
+
+---
+
+## Dados Padrão para Seed
+
+```json
+[
+  {
+    "name": "Ignição",
+    "slug": "ignition",
+    "description": "Ideal para pequenas agências iniciantes",
+    "min_users": 1,
+    "max_users": 30,
+    "monthly_price": 199.99,
+    "annual_price": 1919.90,
+    "features": ["CRM", "ERP", "Projetos", "Helpdesk", "Pagamentos", "Contratos", "Documentos"],
+    "differentiators": [],
+    "storage_gb": 1,
+    "is_active": true
+  },
+  {
+    "name": "Órbita",
+    "slug": "orbit",
+    "description": "Para agências em crescimento",
+    "min_users": 31,
+    "max_users": 100,
+    "monthly_price": 399.99,
+    "annual_price": 3839.90,
+    "features": ["CRM", "ERP", "Projetos", "Helpdesk", "Pagamentos", "Contratos", "Documentos"],
+    "differentiators": ["Suporte prioritário"],
+    "storage_gb": 1,
+    "is_active": true
+  },
+  {
+    "name": "Cosmos",
+    "slug": "cosmos",
+    "description": "Para agências consolidadas",
+    "min_users": 101,
+    "max_users": 300,
+    "monthly_price": 799.99,
+    "annual_price": 7679.90,
+    "features": ["CRM", "ERP", "Projetos", "Helpdesk", "Pagamentos", "Contratos", "Documentos"],
+    "differentiators": ["Gerente de conta dedicado", "API integrações"],
+    "storage_gb": 1,
+    "is_active": true
+  },
+  {
+    "name": "Enterprise",
+    "slug": "enterprise",
+    "description": "Solução customizada para grandes agências",
+    "min_users": 301,
+    "max_users": -1,
+    "monthly_price": null,
+    "annual_price": null,
+    "features": ["CRM", "ERP", "Projetos", "Helpdesk", "Pagamentos", "Contratos", "Documentos"],
+    "differentiators": ["Armazenamento customizado", "Treinamento personalizado"],
+    "storage_gb": 1,
+    "is_active": true
+  }
+]
+```
+
+---
+
+## Integração com Agências
+
+Quando agência se cadastra:
+1. Seleciona um plano
+2. Sistema cria `Subscription` com status `active` ou `pending_payment`
+3. Agência herda limite de usuários do plano
+4. Ao criar usuário: validar se não ultrapassou limite
+
+---
+
+## Features Futuras
+- [ ] Editor de Features e Diferenciais (drag-drop no frontend)
+- [ ] Planos promocionais (duplicar existente, editar preço)
+- [ ] Validações de limite de usuários por plano
+- [ ] Dashboard com uso atual vs limite
+- [ ] Alertas quando próximo do limite
+- [ ] Integração com Stripe/PagSeguro
+
+---
+
+**Pronto para começar?**

README.md

@@ -4,27 +4,116 @@ Plataforma composta por serviços de autenticação, painel administrativo (supe
 
 ## Visão geral
 - **Objetivo**: permitir que superadministradores cadastrem e gerenciem agências (tenants) enquanto o site institucional apresenta informações públicas da empresa.
-- **Stack**: Go (backend), Next.js 14 (dashboard e site), PostgreSQL, Traefik, Docker.
+- **Stack**: Go (backend), Next.js 16 (dashboard e site), PostgreSQL, Traefik, Docker.
-- **Status**: fluxo de autenticação e gestão de agências concluído; ambiente dockerizável pronto para uso local.
+- **Status**: Sistema multi-tenant completo com Soluções Alpha (ERP e Documentos), CRM Beta (leads, funis, campanhas), portal do cliente, segurança cross-tenant validada, branding dinâmico e file serving via API.
 
 ## Componentes principais
-- `backend/`: API Go com serviços de autenticação, operadores e CRUD de agências (endpoints `/api/admin/agencies` e `/api/admin/agencies/{id}`).
+- `backend/`: API Go com serviços de autenticação, operadores e CRUD de agências (endpoints `/api/admin/agencies` e `/api/admin/agencies/{id}`). Inclui handlers para CRM (leads, funis, campanhas), portal do cliente e exportação de dados.
+- `front-end-agency/`: Painel Next.js para agências - branding dinâmico, upload de logos, gestão de perfil, CRM completo com Kanban, portal de cadastro de clientes e autenticação tenant-aware.
 - `front-end-dash.aggios.app/`: painel Next.js – login do superadmin, listagem de agências, exibição detalhada e exclusão definitiva.
 - `frontend-aggios.app/`: site institucional Next.js com suporte a temas claro/escuro e compartilhamento de tokens de design.
-- `backend/internal/data/postgres/`: scripts de inicialização do banco (estrutura base de tenants e usuários).
+- `backend/internal/data/postgres/`: scripts de inicialização do banco (estrutura base de tenants e usuários) + migrações para CRM, funis e autenticação de clientes.
 - `traefik/`: reverse proxy e certificados automatizados.
 
 ## Funcionalidades entregues
-- **Redesign da Interface (v1.2)**: Adoção de design "Flat" (sem sombras), focado em bordas e limpeza visual em todas as rotas principais (Login, Dashboard, Agências, Cadastro).
+
-- **Gestão Avançada de Agências**:
+### **v2.0 - Alpha: CRM, ERP e Documentos (29/12/2025)**
-  - Listagem com filtros robustos: Busca textual, Status (Ativo/Inativo) e Filtros de Data (Presets de 7/15/30 dias e intervalo personalizado).
+- **🏢 ERP Alpha**:
-  - Detalhamento completo da agência com visualização de logo, cores e dados cadastrais.
+  - Módulo inicial de gestão empresarial integrado ao dashboard
-  - Edição e Exclusão de agências.
+  - Estrutura base para controle financeiro e operacional
-- **Login de Superadmin**: Autenticação via JWT com restrição de rotas protegidas.
+- **📄 Gestão de Documentos (Docs) Alpha**:
-- **Cadastro de Agências**: Criação de tenant e usuário administrador atrelado.
+  - Repositório centralizado de arquivos por tenant
-- **Proxy Interno**: Camada de API no Next.js (`app/api/...`) garantindo chamadas autenticadas e seguras ao backend Go.
+  - Organização de documentos técnicos, comerciais e operacionais
-- **Site Institucional**: Suporte a dark mode, componentes compartilhados e tokens de design centralizados.
+  - Visualização integrada no painel da agência
-- **Documentação**: Atualizada em `1. docs/` com fluxos, arquiteturas e changelog.
+- **🚀 CRM Evolução**:
+  - Refinamento dos fluxos de leads e funis
+  - Preparação para automações de vendas
+
+### **v1.5 - CRM Beta: Leads, Funis e Portal do Cliente (24/12/2025)**
+- **🎯 Gestão Completa de Leads**:
+  - CRUD completo de leads com status, origem e pontuação
+  - Sistema de importação de leads (CSV/Excel)
+  - Filtros avançados por status, origem, responsável e cliente
+  - Associação de leads a clientes específicos
+  - Timeline de atividades e histórico de interações
+  
+- **📊 Funis de Vendas (Sales Funnels)**:
+  - Criação e gestão de múltiplos funis personalizados
+  - Board Kanban interativo com drag-and-drop
+  - Estágios customizáveis com cores e ícones
+  - Vinculação de funis a campanhas específicas
+  - Métricas e conversão por estágio
+  
+- **🎪 Gestão de Campanhas**:
+  - Criação de campanhas com período e orçamento
+  - Vinculação de campanhas a clientes específicos
+  - Acompanhamento de leads gerados por campanha
+  - Dashboard de performance de campanhas
+  
+- **👥 Portal do Cliente**:
+  - Sistema de registro público de clientes
+  - Autenticação dedicada para clientes (JWT separado)
+  - Dashboard personalizado com estatísticas
+  - Visualização de leads e listas compartilhadas
+  - Gestão de perfil e alteração de senha
+  
+- **🔗 Compartilhamento de Listas**:
+  - Tokens únicos para compartilhamento de leads
+  - URLs públicas para visualização de listas específicas
+  - Controle de acesso via token com expiração
+  
+- **👔 Gestão de Colaboradores**:
+  - Sistema de permissões (Owner, Admin, Member, Readonly)
+  - Middleware de autenticação unificada (agência + cliente)
+  - Controle granular de acesso a funcionalidades
+  - Atribuição de leads a colaboradores específicos
+  
+- **📤 Exportação de Dados**:
+  - Exportação de leads em CSV
+  - Filtros aplicados na exportação
+  - Formatação otimizada para planilhas
+
+### **v1.4 - Segurança Multi-tenant e File Serving (13/12/2025)**
+- **🔒 Segurança Cross-Tenant Crítica**:
+  - Validação de tenant_id em endpoints de login (bloqueio de cross-tenant authentication)
+  - Validação de tenant em todas rotas protegidas via middleware
+  - Mensagens de erro genéricas (sem exposição de arquitetura multi-tenant)
+  - Logs detalhados de tentativas de acesso cross-tenant bloqueadas
+  
+- **📁 File Serving via API**:
+  - Nova rota `/api/files/{bucket}/{path}` para servir arquivos do MinIO através do backend Go
+  - Eliminação de dependência de DNS (`files.localhost`) - arquivos servidos via `api.localhost`
+  - Headers de cache otimizados (Cache-Control: public, max-age=31536000)
+  - CORS e content-type corretos automaticamente
+  
+- **🎨 Melhorias de UX**:
+  - Mensagens de erro humanizadas no formulário de login (sem pop-ups/toasts)
+  - Erros inline com ícones e cores apropriadas
+  - Feedback em tempo real ao digitar (limpeza automática de erros)
+  - Mensagens específicas para cada tipo de erro (401, 403, 404, 429, 5xx)
+  
+- **🔧 Melhorias Técnicas**:
+  - Next.js middleware injetando headers `X-Tenant-Subdomain` para routing correto
+  - TenantDetector middleware prioriza headers customizados sobre Host
+  - Upload de logos retorna URLs via API ao invés de MinIO direto
+  - Configuração MinIO com variáveis de ambiente `MINIO_SERVER_URL` e `MINIO_BROWSER_REDIRECT_URL`
+
+### **v1.3 - Branding Dinâmico e Favicon (12/12/2025)**
+- **Branding Multi-tenant**: Logo, favicon e cores personalizadas por agência
+- **Favicon Dinâmico**: Atualização em tempo real via localStorage e SSR metadata
+- **Upload de Arquivos**: Sistema de upload para MinIO com bucket público
+- **Rate Limiting**: 1000 requisições/minuto por IP
+
+### **v1.2 - Redesign Interface Flat**
+- Adoção de design "Flat" (sem sombras), focado em bordas e limpeza visual
+- Gestão avançada de agências com filtros robustos
+- Detalhamento completo com visualização de branding
+
+### **v1.1 - Fundação Multi-tenant**
+- Login de Superadmin com JWT
+- Cadastro de Agências
+- Proxy Interno Next.js para chamadas autenticadas
+- Site Institucional com dark mode
 
 ## Executando o projeto
 1. **Pré-requisitos**: Docker Desktop e Node.js 20+ (para utilitários opcionais).
@@ -34,15 +123,67 @@ Plataforma composta por serviços de autenticação, painel administrativo (supe
 	docker-compose up --build
 	```
 4. **Hosts locais**:
-	- Painel: `https://dash.localhost`
+	- Painel SuperAdmin: `http://dash.localhost`
-	- Site: `https://aggios.app.localhost`
+	- Painel Agência: `http://{agencia}.localhost` (ex: `http://idealpages.localhost`)
-	- API: `https://api.localhost`
+	- Portal do Cliente: `http://{agencia}.localhost/cliente` (cadastro e área logada)
+	- Site: `http://aggios.app.localhost`
+	- API: `http://api.localhost`
+	- Console MinIO: `http://minio.localhost` (admin: minioadmin / M1n10_S3cur3_P@ss_2025!)
 5. **Credenciais padrão**: ver `backend/internal/data/postgres/init-db.sql` para usuário superadmin seed.
 
+## Segurança
+- ✅ **Cross-Tenant Authentication**: Usuários não podem fazer login em agências que não pertencem
+- ✅ **Tenant Isolation**: Todas rotas protegidas validam tenant_id no JWT vs tenant_id do contexto
+- ✅ **Erro Handling**: Mensagens genéricas que não expõem arquitetura interna
+- ✅ **JWT Validation**: Tokens validados em cada requisição autenticada
+- ✅ **Rate Limiting**: 1000 req/min por IP para prevenir brute force
+
 ## Estrutura de diretórios (resumo)
 ```
 backend/                            API Go (config, domínio, handlers, serviços)
+  internal/
+    api/
+      handlers/
+        crm.go                      🎯 CRUD de leads, funis e campanhas
+        customer_portal.go          👥 Portal do cliente (auth, dashboard, leads)
+        export.go                   📤 Exportação de dados (CSV)
+        collaborator.go             👔 Gestão de colaboradores
+        files.go                    Handler para servir arquivos via API
+        auth.go                     🔒 Validação cross-tenant no login
+      middleware/
+        unified_auth.go             🔐 Autenticação unificada (agência + cliente)
+        customer_auth.go            🔑 Middleware de autenticação de clientes
+        collaborator_readonly.go    📖 Controle de permissões readonly
+        auth.go                     🔒 Validação tenant em rotas protegidas
+        tenant.go                   🔧 Detecção de tenant via headers
+    domain/
+      auth_unified.go               🆕 Domínios para autenticação unificada
+    repository/
+      crm_repository.go             🆕 Repositório de dados do CRM
 backend/internal/data/postgres/     Scripts SQL de seed
+  migrations/
+    015_create_crm_leads.sql        🆕 Estrutura de leads
+    020_create_crm_funnels.sql      🆕 Sistema de funis
+    018_add_customer_auth.sql       🆕 Autenticação de clientes
+front-end-agency/                   Dashboard Next.js para Agências
+  app/
+    (agency)/
+      crm/
+        leads/                      🆕 Gestão de leads
+        funis/[id]/                 🆕 Board Kanban de funis
+        campanhas/                  🆕 Gestão de campanhas
+    cliente/
+      cadastro/                     🆕 Registro público de clientes
+      (portal)/                     🆕 Portal do cliente autenticado
+    share/leads/[token]/            🆕 Compartilhamento de listas
+    login/page.tsx                  Login com mensagens humanizadas
+  components/
+    crm/
+      KanbanBoard.tsx               🆕 Board Kanban drag-and-drop
+      CRMCustomerFilter.tsx         🆕 Filtros avançados de CRM
+    team/
+      TeamManagement.tsx            🆕 Gestão de equipe e permissões
+  middleware.ts                     Injeção de headers tenant
 front-end-dash.aggios.app/          Dashboard Next.js Superadmin
 frontend-aggios.app/                Site institucional Next.js
 traefik/                            Regras de roteamento e TLS
@@ -51,15 +192,21 @@ traefik/                            Regras de roteamento e TLS
 
 ## Testes e validação
 - Consultar `1. docs/TESTING_GUIDE.md` para cenários funcionais.
-- Requisições de verificação recomendadas:
+- **Testes de Segurança**:
-  - `curl http://api.localhost/api/admin/agencies` (lista) – requer token JWT válido.
+  - ✅ Tentativa de login cross-tenant retorna 403
-  - `curl http://dash.localhost/api/admin/agencies` (proxy Next) – usado pelo painel.
+  - ✅ JWT de uma agência não funciona em outra agência
-  - Fluxo manual via painel `dash.localhost/superadmin`.
+  - ✅ Logs registram tentativas de acesso cross-tenant
+- **Testes de File Serving**:
+  - ✅ Upload de logo gera URL via API (`http://api.localhost/api/files/...`)
+  - ✅ Imagens carregam sem problemas de CORS ou DNS
+  - ✅ Cache headers aplicados corretamente
 
 ## Próximos passos sugeridos
-- Implementar soft delete e trilhas de auditoria para exclusão de agências.
+- Implementar soft delete e trilhas de auditoria para exclusão de agências
-- Expandir testes automatizados (unitários e e2e) focados no fluxo do dashboard.
+- Adicionar validação de permissões por tenant em rotas de files (se necessário)
-- Disponibilizar pipeline CI/CD com validações de lint/build.
+- Expandir testes automatizados (unitários e e2e) focados no fluxo do dashboard
+- Disponibilizar pipeline CI/CD com validações de lint/build
 
 ## Repositório
 - Principal: https://git.stackbyte.cloud/erik/aggios.app.git
+- Branch: 2.0-crm-erp-doc (v2.0 - Soluções Alpha ERP e Documentos + CRM)

backend/Dockerfile

@@ -19,7 +19,7 @@ RUN CGO_ENABLED=0 GOOS=linux go build -a -installsuffix cgo -o server ./cmd/serv
 # Runtime image
 FROM alpine:latest
 
-RUN apk --no-cache add ca-certificates tzdata
+RUN apk --no-cache add ca-certificates tzdata postgresql-client
 
 WORKDIR /root/
 

backend/cmd/server/main.go

@@ -18,7 +18,7 @@ import (
 
 func initDB(cfg *config.Config) (*sql.DB, error) {
 	connStr := fmt.Sprintf(
-		"host=%s port=%s user=%s password=%s dbname=%s sslmode=disable",
+		"host=%s port=%s user=%s password=%s dbname=%s sslmode=disable client_encoding=UTF8",
 		cfg.Database.Host,
 		cfg.Database.Port,
 		cfg.Database.User,
@@ -56,22 +56,37 @@ func main() {
 	companyRepo := repository.NewCompanyRepository(db)
 	signupTemplateRepo := repository.NewSignupTemplateRepository(db)
 	agencyTemplateRepo := repository.NewAgencyTemplateRepository(db)
+	planRepo := repository.NewPlanRepository(db)
+	subscriptionRepo := repository.NewSubscriptionRepository(db)
+	crmRepo := repository.NewCRMRepository(db)
+	solutionRepo := repository.NewSolutionRepository(db)
+	erpRepo := repository.NewERPRepository(db)
+	docRepo := repository.NewDocumentRepository(db)
 
 	// Initialize services
-	authService := service.NewAuthService(userRepo, tenantRepo, cfg)
+	authService := service.NewAuthService(userRepo, tenantRepo, crmRepo, cfg)
-	agencyService := service.NewAgencyService(userRepo, tenantRepo, cfg)
+	agencyService := service.NewAgencyService(userRepo, tenantRepo, cfg, db)
-	tenantService := service.NewTenantService(tenantRepo)
+	tenantService := service.NewTenantService(tenantRepo, db)
 	companyService := service.NewCompanyService(companyRepo)
+	planService := service.NewPlanService(planRepo, subscriptionRepo)
 
 	// Initialize handlers
 	healthHandler := handlers.NewHealthHandler()
 	authHandler := handlers.NewAuthHandler(authService)
-	agencyProfileHandler := handlers.NewAgencyHandler(tenantRepo)
+	agencyProfileHandler := handlers.NewAgencyHandler(tenantRepo, cfg)
 	agencyHandler := handlers.NewAgencyRegistrationHandler(agencyService, cfg)
+	collaboratorHandler := handlers.NewCollaboratorHandler(userRepo, agencyService)
 	tenantHandler := handlers.NewTenantHandler(tenantService)
 	companyHandler := handlers.NewCompanyHandler(companyService)
+	planHandler := handlers.NewPlanHandler(planService)
+	crmHandler := handlers.NewCRMHandler(crmRepo)
+	solutionHandler := handlers.NewSolutionHandler(solutionRepo)
 	signupTemplateHandler := handlers.NewSignupTemplateHandler(signupTemplateRepo, userRepo, tenantRepo, agencyService)
 	agencyTemplateHandler := handlers.NewAgencyTemplateHandler(agencyTemplateRepo, agencyService, userRepo, tenantRepo)
+	filesHandler := handlers.NewFilesHandler(cfg)
+	customerPortalHandler := handlers.NewCustomerPortalHandler(crmRepo, authService, cfg)
+	erpHandler := handlers.NewERPHandler(erpRepo)
+	docHandler := handlers.NewDocumentHandler(docRepo)
 	
 	// Initialize upload handler
 	uploadHandler, err := handlers.NewUploadHandler(cfg)
@@ -79,6 +94,9 @@ func main() {
 		log.Fatalf("❌ Erro ao inicializar upload handler: %v", err)
 	}
 
+	// Initialize backup handler
+	backupHandler := handlers.NewBackupHandler()
+
 	// Create middleware chain
 	tenantDetector := middleware.TenantDetector(tenantRepo)
 	corsMiddleware := middleware.CORS(cfg)
@@ -100,7 +118,8 @@ func main() {
 	router.HandleFunc("/api/health", healthHandler.Check)
 
 	// Auth
-	router.HandleFunc("/api/auth/login", authHandler.Login)
+	router.HandleFunc("/api/auth/login", authHandler.UnifiedLogin)           // Nova rota unificada
+	router.HandleFunc("/api/auth/login/legacy", authHandler.Login)           // Antiga rota (deprecada)
 	router.HandleFunc("/api/auth/register", agencyHandler.PublicRegister).Methods("POST")
 	
 	// Public agency template registration (for creating new agencies)
@@ -111,11 +130,23 @@ func main() {
 	router.HandleFunc("/api/signup-templates/slug/{slug}", signupTemplateHandler.GetTemplateBySlug).Methods("GET")
 	router.HandleFunc("/api/signup/register", signupTemplateHandler.PublicRegister).Methods("POST")
 	
+	// Public plans (for signup flow)
+	router.HandleFunc("/api/plans", planHandler.ListActivePlans).Methods("GET")
+	router.HandleFunc("/api/plans/{id}", planHandler.GetActivePlan).Methods("GET")
+	
 	// File upload (public for signup, will also work with auth)
 	router.HandleFunc("/api/upload", uploadHandler.Upload).Methods("POST")
 
 	// Tenant check (public)
 	router.HandleFunc("/api/tenant/check", tenantHandler.CheckExists).Methods("GET")
+	router.HandleFunc("/api/tenant/config", tenantHandler.GetPublicConfig).Methods("GET")
+	router.HandleFunc("/api/tenants/{id}/profile", tenantHandler.GetProfile).Methods("GET")
+	
+	// Tenant branding (protected - used by both agency and customer portal)
+	router.Handle("/api/tenant/branding", middleware.RequireAnyAuthenticated(cfg)(http.HandlerFunc(tenantHandler.GetBranding))).Methods("GET")
+	
+	// Public customer registration (for agency portal signup)
+	router.HandleFunc("/api/public/customers/register", crmHandler.PublicRegisterCustomer).Methods("POST")
 
 	// Hash generator (dev only - remove in production)
 	router.HandleFunc("/api/hash", handlers.GenerateHash).Methods("POST")
@@ -130,6 +161,12 @@ func main() {
 	router.HandleFunc("/api/admin/agencies", tenantHandler.ListAll).Methods("GET")
 	router.HandleFunc("/api/admin/agencies/{id}", agencyHandler.HandleAgency).Methods("GET", "PATCH", "DELETE")
 
+	// SUPERADMIN: Backup & Restore
+	router.Handle("/api/superadmin/backups", authMiddleware(http.HandlerFunc(backupHandler.ListBackups))).Methods("GET")
+	router.Handle("/api/superadmin/backup/create", authMiddleware(http.HandlerFunc(backupHandler.CreateBackup))).Methods("POST")
+	router.Handle("/api/superadmin/backup/restore", authMiddleware(http.HandlerFunc(backupHandler.RestoreBackup))).Methods("POST")
+	router.Handle("/api/superadmin/backup/download/{filename}", authMiddleware(http.HandlerFunc(backupHandler.DownloadBackup))).Methods("GET")
+
 	// SUPERADMIN: Agency template management
 	router.Handle("/api/admin/agency-templates", authMiddleware(http.HandlerFunc(agencyTemplateHandler.ListTemplates))).Methods("GET")
 	router.Handle("/api/admin/agency-templates", authMiddleware(http.HandlerFunc(agencyTemplateHandler.CreateTemplate))).Methods("POST")
@@ -154,6 +191,40 @@ func main() {
 		}
 	}))).Methods("GET", "PUT", "PATCH", "DELETE")
 
+	// SUPERADMIN: Plans management
+	planHandler.RegisterRoutes(router)
+
+	// SUPERADMIN: Solutions management
+	router.Handle("/api/admin/solutions", authMiddleware(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
+		switch r.Method {
+		case http.MethodGet:
+			solutionHandler.GetAllSolutions(w, r)
+		case http.MethodPost:
+			solutionHandler.CreateSolution(w, r)
+		}
+	}))).Methods("GET", "POST")
+	
+	router.Handle("/api/admin/solutions/{id}", authMiddleware(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
+		switch r.Method {
+		case http.MethodGet:
+			solutionHandler.GetSolution(w, r)
+		case http.MethodPut, http.MethodPatch:
+			solutionHandler.UpdateSolution(w, r)
+		case http.MethodDelete:
+			solutionHandler.DeleteSolution(w, r)
+		}
+	}))).Methods("GET", "PUT", "PATCH", "DELETE")
+	
+	// SUPERADMIN: Plan <-> Solutions
+	router.Handle("/api/admin/plans/{plan_id}/solutions", authMiddleware(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
+		switch r.Method {
+		case http.MethodGet:
+			solutionHandler.GetPlanSolutions(w, r)
+		case http.MethodPut:
+			solutionHandler.SetPlanSolutions(w, r)
+		}
+	}))).Methods("GET", "PUT")
+
 	// ADMIN_AGENCIA: Client registration
 	router.Handle("/api/agencies/clients/register", authMiddleware(http.HandlerFunc(agencyHandler.RegisterClient))).Methods("POST")
 
@@ -170,10 +241,320 @@ func main() {
 	// Agency logo upload (protected)
 	router.Handle("/api/agency/logo", authMiddleware(http.HandlerFunc(agencyProfileHandler.UploadLogo))).Methods("POST")
 
+	// File serving route (public - serves files from MinIO through API)
+	router.PathPrefix("/api/files/{bucket}/").HandlerFunc(filesHandler.ServeFile).Methods("GET")
+
 	// Company routes (protected)
 	router.Handle("/api/companies", authMiddleware(http.HandlerFunc(companyHandler.List))).Methods("GET")
 	router.Handle("/api/companies/create", authMiddleware(http.HandlerFunc(companyHandler.Create))).Methods("POST")
 
+	// ==================== CRM ROUTES (TENANT) ====================
+	
+	// Tenant solutions (which solutions the tenant has access to)
+	router.Handle("/api/tenant/solutions", authMiddleware(http.HandlerFunc(solutionHandler.GetTenantSolutions))).Methods("GET")
+	
+	// Dashboard
+	router.Handle("/api/crm/dashboard", authMiddleware(http.HandlerFunc(crmHandler.GetDashboard))).Methods("GET")
+
+	// Customers
+	router.Handle("/api/crm/customers", authMiddleware(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
+		switch r.Method {
+		case http.MethodGet:
+			crmHandler.GetCustomers(w, r)
+		case http.MethodPost:
+			crmHandler.CreateCustomer(w, r)
+		}
+	}))).Methods("GET", "POST")
+	
+	router.Handle("/api/crm/customers/{id}", authMiddleware(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
+		switch r.Method {
+		case http.MethodGet:
+			crmHandler.GetCustomer(w, r)
+		case http.MethodPut, http.MethodPatch:
+			crmHandler.UpdateCustomer(w, r)
+		case http.MethodDelete:
+			crmHandler.DeleteCustomer(w, r)
+		}
+	}))).Methods("GET", "PUT", "PATCH", "DELETE")
+	
+	// Lists
+	router.Handle("/api/crm/lists", authMiddleware(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
+		switch r.Method {
+		case http.MethodGet:
+			crmHandler.GetLists(w, r)
+		case http.MethodPost:
+			crmHandler.CreateList(w, r)
+		}
+	}))).Methods("GET", "POST")
+	
+	router.Handle("/api/crm/lists/{id}", authMiddleware(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
+		switch r.Method {
+		case http.MethodGet:
+			crmHandler.GetList(w, r)
+		case http.MethodPut, http.MethodPatch:
+			crmHandler.UpdateList(w, r)
+		case http.MethodDelete:
+			crmHandler.DeleteList(w, r)
+		}
+	}))).Methods("GET", "PUT", "PATCH", "DELETE")
+
+	router.Handle("/api/crm/lists/{id}/leads", authMiddleware(http.HandlerFunc(crmHandler.GetLeadsByList))).Methods("GET")
+	
+	// Customer <-> List relationship
+	router.Handle("/api/crm/customers/{customer_id}/lists/{list_id}", authMiddleware(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
+		switch r.Method {
+		case http.MethodPost:
+			crmHandler.AddCustomerToList(w, r)
+		case http.MethodDelete:
+			crmHandler.RemoveCustomerFromList(w, r)
+		}
+	}))).Methods("POST", "DELETE")
+
+	// Leads
+	router.Handle("/api/crm/leads", authMiddleware(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
+		switch r.Method {
+		case http.MethodGet:
+			crmHandler.GetLeads(w, r)
+		case http.MethodPost:
+			crmHandler.CreateLead(w, r)
+		}
+	}))).Methods("GET", "POST")
+
+	router.Handle("/api/crm/leads/export", authMiddleware(http.HandlerFunc(crmHandler.ExportLeads))).Methods("GET")
+	router.Handle("/api/crm/leads/import", authMiddleware(http.HandlerFunc(crmHandler.ImportLeads))).Methods("POST")
+	router.Handle("/api/crm/leads/{leadId}/stage", authMiddleware(http.HandlerFunc(crmHandler.UpdateLeadStage))).Methods("PUT")
+
+	router.Handle("/api/crm/leads/{id}", authMiddleware(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
+		switch r.Method {
+		case http.MethodGet:
+			crmHandler.GetLead(w, r)
+		case http.MethodPut, http.MethodPatch:
+			crmHandler.UpdateLead(w, r)
+		case http.MethodDelete:
+			crmHandler.DeleteLead(w, r)
+		}
+	}))).Methods("GET", "PUT", "PATCH", "DELETE")
+
+	// Funnels & Stages
+	router.Handle("/api/crm/funnels", authMiddleware(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
+		switch r.Method {
+		case http.MethodGet:
+			crmHandler.ListFunnels(w, r)
+		case http.MethodPost:
+			crmHandler.CreateFunnel(w, r)
+		}
+	}))).Methods("GET", "POST")
+
+	router.Handle("/api/crm/funnels/{id}", authMiddleware(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
+		switch r.Method {
+		case http.MethodGet:
+			crmHandler.GetFunnel(w, r)
+		case http.MethodPut:
+			crmHandler.UpdateFunnel(w, r)
+		case http.MethodDelete:
+			crmHandler.DeleteFunnel(w, r)
+		}
+	}))).Methods("GET", "PUT", "DELETE")
+
+	router.Handle("/api/crm/funnels/{funnelId}/stages", authMiddleware(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
+		switch r.Method {
+		case http.MethodGet:
+			crmHandler.ListStages(w, r)
+		case http.MethodPost:
+			crmHandler.CreateStage(w, r)
+		}
+	}))).Methods("GET", "POST")
+
+	router.Handle("/api/crm/stages/{id}", authMiddleware(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
+		switch r.Method {
+		case http.MethodPut:
+			crmHandler.UpdateStage(w, r)
+		case http.MethodDelete:
+			crmHandler.DeleteStage(w, r)
+		}
+	}))).Methods("PUT", "DELETE")
+
+	// Lead ingest (integrations)
+	router.Handle("/api/crm/leads/ingest", authMiddleware(http.HandlerFunc(crmHandler.IngestLead))).Methods("POST")
+
+	// Share tokens (generate)
+	router.Handle("/api/crm/customers/share-token", authMiddleware(http.HandlerFunc(crmHandler.GenerateShareToken))).Methods("POST")
+
+	// Share data (public endpoint - no auth required)
+	router.HandleFunc("/api/crm/share/{token}", crmHandler.GetSharedData).Methods("GET")
+
+	// ==================== CUSTOMER PORTAL ====================
+	// Customer portal login (public endpoint)
+	router.HandleFunc("/api/portal/login", customerPortalHandler.Login).Methods("POST")
+	
+	// Customer portal dashboard (requires customer auth)
+	router.Handle("/api/portal/dashboard", middleware.RequireCustomer(cfg)(http.HandlerFunc(customerPortalHandler.GetPortalDashboard))).Methods("GET")
+	
+	// Customer portal leads (requires customer auth)
+	router.Handle("/api/portal/leads", middleware.RequireCustomer(cfg)(http.HandlerFunc(customerPortalHandler.GetPortalLeads))).Methods("GET")
+	
+	// Customer portal lists (requires customer auth)
+	router.Handle("/api/portal/lists", middleware.RequireCustomer(cfg)(http.HandlerFunc(customerPortalHandler.GetPortalLists))).Methods("GET")
+	
+	// Customer portal profile (requires customer auth)
+	router.Handle("/api/portal/profile", middleware.RequireCustomer(cfg)(http.HandlerFunc(customerPortalHandler.GetPortalProfile))).Methods("GET")
+	
+	// Customer portal change password (requires customer auth)
+	router.Handle("/api/portal/change-password", middleware.RequireCustomer(cfg)(http.HandlerFunc(customerPortalHandler.ChangePassword))).Methods("POST")
+
+	// Customer portal logo upload (requires customer auth)
+	router.Handle("/api/portal/logo", middleware.RequireCustomer(cfg)(http.HandlerFunc(customerPortalHandler.UploadLogo))).Methods("POST")
+
+	// ==================== AGENCY COLLABORATORS ====================
+	// List collaborators (requires agency auth, owner only)
+	router.Handle("/api/agency/collaborators", middleware.RequireAgencyUser(cfg)(http.HandlerFunc(collaboratorHandler.ListCollaborators))).Methods("GET")
+	
+	// Invite collaborator (requires agency auth, owner only)
+	router.Handle("/api/agency/collaborators/invite", middleware.RequireAgencyUser(cfg)(http.HandlerFunc(collaboratorHandler.InviteCollaborator))).Methods("POST")
+	
+	// Remove collaborator (requires agency auth, owner only)
+	router.Handle("/api/agency/collaborators/{id}", middleware.RequireAgencyUser(cfg)(http.HandlerFunc(collaboratorHandler.RemoveCollaborator))).Methods("DELETE")
+
+	// Generate customer portal access (agency staff)
+	router.Handle("/api/crm/customers/{id}/portal-access", authMiddleware(http.HandlerFunc(crmHandler.GenerateCustomerPortalAccess))).Methods("POST")
+
+	// Lead <-> List relationship
+	router.Handle("/api/crm/leads/{lead_id}/lists/{list_id}", authMiddleware(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
+		switch r.Method {
+		case http.MethodPost:
+			crmHandler.AddLeadToList(w, r)
+		case http.MethodDelete:
+			crmHandler.RemoveLeadFromList(w, r)
+		}
+	}))).Methods("POST", "DELETE")
+
+	// ==================== ERP ROUTES (TENANT) ====================
+	
+	// Finance
+	router.Handle("/api/erp/finance/categories", middleware.RequireAgencyUser(cfg)(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
+		switch r.Method {
+		case http.MethodGet:
+			erpHandler.GetFinancialCategories(w, r)
+		case http.MethodPost:
+			erpHandler.CreateFinancialCategory(w, r)
+		}
+	}))).Methods("GET", "POST")
+
+	router.Handle("/api/erp/finance/accounts", middleware.RequireAgencyUser(cfg)(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
+		switch r.Method {
+		case http.MethodGet:
+			erpHandler.GetBankAccounts(w, r)
+		case http.MethodPost:
+			erpHandler.CreateBankAccount(w, r)
+		}
+	}))).Methods("GET", "POST")
+
+	router.Handle("/api/erp/finance/accounts/{id}", middleware.RequireAgencyUser(cfg)(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
+		switch r.Method {
+		case http.MethodPut:
+			erpHandler.UpdateBankAccount(w, r)
+		case http.MethodDelete:
+			erpHandler.DeleteBankAccount(w, r)
+		}
+	}))).Methods("PUT", "DELETE")
+
+	router.Handle("/api/erp/finance/transactions", middleware.RequireAgencyUser(cfg)(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
+		switch r.Method {
+		case http.MethodGet:
+			erpHandler.GetTransactions(w, r)
+		case http.MethodPost:
+			erpHandler.CreateTransaction(w, r)
+		}
+	}))).Methods("GET", "POST")
+
+	router.Handle("/api/erp/finance/transactions/{id}", middleware.RequireAgencyUser(cfg)(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
+		switch r.Method {
+		case http.MethodPut:
+			erpHandler.UpdateTransaction(w, r)
+		case http.MethodDelete:
+			erpHandler.DeleteTransaction(w, r)
+		}
+	}))).Methods("PUT", "DELETE")
+
+	// Products
+	router.Handle("/api/erp/products", middleware.RequireAgencyUser(cfg)(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
+		switch r.Method {
+		case http.MethodGet:
+			erpHandler.GetProducts(w, r)
+		case http.MethodPost:
+			erpHandler.CreateProduct(w, r)
+		}
+	}))).Methods("GET", "POST")
+
+	router.Handle("/api/erp/products/{id}", middleware.RequireAgencyUser(cfg)(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
+		switch r.Method {
+		case http.MethodPut:
+			erpHandler.UpdateProduct(w, r)
+		case http.MethodDelete:
+			erpHandler.DeleteProduct(w, r)
+		}
+	}))).Methods("PUT", "DELETE")
+
+	// Orders
+	router.Handle("/api/erp/orders", middleware.RequireAgencyUser(cfg)(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
+		switch r.Method {
+		case http.MethodGet:
+			erpHandler.GetOrders(w, r)
+		case http.MethodPost:
+			erpHandler.CreateOrder(w, r)
+		}
+	}))).Methods("GET", "POST")
+
+	router.Handle("/api/erp/orders/{id}", middleware.RequireAgencyUser(cfg)(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
+		switch r.Method {
+		case http.MethodDelete:
+			erpHandler.DeleteOrder(w, r)
+		}
+	}))).Methods("DELETE")
+
+	// Entities
+	router.Handle("/api/erp/entities", middleware.RequireAgencyUser(cfg)(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
+		switch r.Method {
+		case http.MethodGet:
+			erpHandler.GetEntities(w, r)
+		case http.MethodPost:
+			erpHandler.CreateEntity(w, r)
+		}
+	}))).Methods("GET", "POST")
+
+	router.Handle("/api/erp/entities/{id}", middleware.RequireAgencyUser(cfg)(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
+		switch r.Method {
+		case http.MethodPut, http.MethodPatch:
+			erpHandler.UpdateEntity(w, r)
+		case http.MethodDelete:
+			erpHandler.DeleteEntity(w, r)
+		}
+	}))).Methods("PUT", "PATCH", "DELETE")
+
+	// Documents
+	router.Handle("/api/documents", middleware.RequireAgencyUser(cfg)(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
+		switch r.Method {
+		case http.MethodGet:
+			docHandler.List(w, r)
+		case http.MethodPost:
+			docHandler.Create(w, r)
+		}
+	}))).Methods("GET", "POST")
+
+	router.Handle("/api/documents/{id}", middleware.RequireAgencyUser(cfg)(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
+		switch r.Method {
+		case http.MethodGet:
+			docHandler.Get(w, r)
+		case http.MethodPut:
+			docHandler.Update(w, r)
+		case http.MethodDelete:
+			docHandler.Delete(w, r)
+		}
+	}))).Methods("GET", "PUT", "DELETE")
+
+	router.Handle("/api/documents/{id}/subpages", middleware.RequireAgencyUser(cfg)(http.HandlerFunc(docHandler.GetSubpages))).Methods("GET")
+	router.Handle("/api/documents/{id}/activities", middleware.RequireAgencyUser(cfg)(http.HandlerFunc(docHandler.GetActivities))).Methods("GET")
+
 	// Apply global middlewares: tenant -> cors -> security -> rateLimit -> router
 	handler := tenantDetector(corsMiddleware(securityMiddleware(rateLimitMiddleware(router))))
 

backend/generate_hash.go

@@ -0,0 +1,15 @@
+package main
+
+import (
+	"fmt"
+	"golang.org/x/crypto/bcrypt"
+)
+
+func main() {
+	password := "Android@2020"
+	hash, err := bcrypt.GenerateFromPassword([]byte(password), bcrypt.DefaultCost)
+	if err != nil {
+		panic(err)
+	}
+	fmt.Println(string(hash))
+}

backend/go.mod

@@ -5,7 +5,32 @@ go 1.23
 require (
 	github.com/golang-jwt/jwt/v5 v5.2.0
 	github.com/google/uuid v1.6.0
+	github.com/gorilla/mux v1.8.1
 	github.com/lib/pq v1.10.9
 	github.com/minio/minio-go/v7 v7.0.63
+	github.com/shopspring/decimal v1.3.1
+	github.com/xuri/excelize/v2 v2.8.1
 	golang.org/x/crypto v0.27.0
 )
+
+require (
+	github.com/dustin/go-humanize v1.0.1 // indirect
+	github.com/json-iterator/go v1.1.12 // indirect
+	github.com/klauspost/compress v1.16.7 // indirect
+	github.com/klauspost/cpuid/v2 v2.2.5 // indirect
+	github.com/minio/md5-simd v1.1.2 // indirect
+	github.com/minio/sha256-simd v1.0.1 // indirect
+	github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd // indirect
+	github.com/modern-go/reflect2 v1.0.2 // indirect
+	github.com/mohae/deepcopy v0.0.0-20170929034955-c48cc78d4826 // indirect
+	github.com/richardlehane/mscfb v1.0.4 // indirect
+	github.com/richardlehane/msoleps v1.0.3 // indirect
+	github.com/rs/xid v1.5.0 // indirect
+	github.com/sirupsen/logrus v1.9.3 // indirect
+	github.com/xuri/efp v0.0.0-20231025114914-d1ff6096ae53 // indirect
+	github.com/xuri/nfp v0.0.0-20230919160717-d98342af3f05 // indirect
+	golang.org/x/net v0.21.0 // indirect
+	golang.org/x/sys v0.25.0 // indirect
+	golang.org/x/text v0.18.0 // indirect
+	gopkg.in/ini.v1 v1.67.0 // indirect
+)

backend/go.sum

@@ -1,8 +1,76 @@
+github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
+github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c=
+github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
+github.com/dustin/go-humanize v1.0.1 h1:GzkhY7T5VNhEkwH0PVJgjz+fX1rhBrR7pRT3mDkpeCY=
+github.com/dustin/go-humanize v1.0.1/go.mod h1:Mu1zIs6XwVuF/gI1OepvI0qD18qycQx+mFykh5fBlto=
 github.com/golang-jwt/jwt/v5 v5.2.0 h1:d/ix8ftRUorsN+5eMIlF4T6J8CAt9rch3My2winC1Jw=
 github.com/golang-jwt/jwt/v5 v5.2.0/go.mod h1:pqrtFR0X4osieyHYxtmOUWsAWrfe1Q5UVIyoH402zdk=
+github.com/google/gofuzz v1.0.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg=
 github.com/google/uuid v1.6.0 h1:NIvaJDMOsjHA8n1jAhLSgzrAzy1Hgr+hNrb57e+94F0=
 github.com/google/uuid v1.6.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo=
+github.com/gorilla/mux v1.8.1 h1:TuBL49tXwgrFYWhqrNgrUNEY92u81SPhu7sTdzQEiWY=
+github.com/gorilla/mux v1.8.1/go.mod h1:AKf9I4AEqPTmMytcMc0KkNouC66V3BtZ4qD5fmWSiMQ=
+github.com/json-iterator/go v1.1.12 h1:PV8peI4a0ysnczrg+LtxykD8LfKY9ML6u2jnxaEnrnM=
+github.com/json-iterator/go v1.1.12/go.mod h1:e30LSqwooZae/UwlEbR2852Gd8hjQvJoHmT4TnhNGBo=
+github.com/klauspost/compress v1.16.7 h1:2mk3MPGNzKyxErAw8YaohYh69+pa4sIQSC0fPGCFR9I=
+github.com/klauspost/compress v1.16.7/go.mod h1:ntbaceVETuRiXiv4DpjP66DpAtAGkEQskQzEyD//IeE=
+github.com/klauspost/cpuid/v2 v2.0.1/go.mod h1:FInQzS24/EEf25PyTYn52gqo7WaD8xa0213Md/qVLRg=
+github.com/klauspost/cpuid/v2 v2.2.5 h1:0E5MSMDEoAulmXNFquVs//DdoomxaoTY1kUhbc/qbZg=
+github.com/klauspost/cpuid/v2 v2.2.5/go.mod h1:Lcz8mBdAVJIBVzewtcLocK12l3Y+JytZYpaMropDUws=
 github.com/lib/pq v1.10.9 h1:YXG7RB+JIjhP29X+OtkiDnYaXQwpS4JEWq7dtCCRUEw=
 github.com/lib/pq v1.10.9/go.mod h1:AlVN5x4E4T544tWzH6hKfbfQvm3HdbOxrmggDNAPY9o=
+github.com/minio/md5-simd v1.1.2 h1:Gdi1DZK69+ZVMoNHRXJyNcxrMA4dSxoYHZSQbirFg34=
+github.com/minio/md5-simd v1.1.2/go.mod h1:MzdKDxYpY2BT9XQFocsiZf/NKVtR7nkE4RoEpN+20RM=
+github.com/minio/minio-go/v7 v7.0.63 h1:GbZ2oCvaUdgT5640WJOpyDhhDxvknAJU2/T3yurwcbQ=
+github.com/minio/minio-go/v7 v7.0.63/go.mod h1:Q6X7Qjb7WMhvG65qKf4gUgA5XaiSox74kR1uAEjxRS4=
+github.com/minio/sha256-simd v1.0.1 h1:6kaan5IFmwTNynnKKpDHe6FWHohJOHhCPchzK49dzMM=
+github.com/minio/sha256-simd v1.0.1/go.mod h1:Pz6AKMiUdngCLpeTL/RJY1M9rUuPMYujV5xJjtbRSN8=
+github.com/modern-go/concurrent v0.0.0-20180228061459-e0a39a4cb421/go.mod h1:6dJC0mAP4ikYIbvyc7fijjWJddQyLn8Ig3JB5CqoB9Q=
+github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd h1:TRLaZ9cD/w8PVh93nsPXa1VrQ6jlwL5oN8l14QlcNfg=
+github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd/go.mod h1:6dJC0mAP4ikYIbvyc7fijjWJddQyLn8Ig3JB5CqoB9Q=
+github.com/modern-go/reflect2 v1.0.2 h1:xBagoLtFs94CBntxluKeaWgTMpvLxC4ur3nMaC9Gz0M=
+github.com/modern-go/reflect2 v1.0.2/go.mod h1:yWuevngMOJpCy52FWWMvUC8ws7m/LJsjYzDa0/r8luk=
+github.com/mohae/deepcopy v0.0.0-20170929034955-c48cc78d4826 h1:RWengNIwukTxcDr9M+97sNutRR1RKhG96O6jWumTTnw=
+github.com/mohae/deepcopy v0.0.0-20170929034955-c48cc78d4826/go.mod h1:TaXosZuwdSHYgviHp1DAtfrULt5eUgsSMsZf+YrPgl8=
+github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM=
+github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
+github.com/richardlehane/mscfb v1.0.4 h1:WULscsljNPConisD5hR0+OyZjwK46Pfyr6mPu5ZawpM=
+github.com/richardlehane/mscfb v1.0.4/go.mod h1:YzVpcZg9czvAuhk9T+a3avCpcFPMUWm7gK3DypaEsUk=
+github.com/richardlehane/msoleps v1.0.1/go.mod h1:BWev5JBpU9Ko2WAgmZEuiz4/u3ZYTKbjLycmwiWUfWg=
+github.com/richardlehane/msoleps v1.0.3 h1:aznSZzrwYRl3rLKRT3gUk9am7T/mLNSnJINvN0AQoVM=
+github.com/richardlehane/msoleps v1.0.3/go.mod h1:BWev5JBpU9Ko2WAgmZEuiz4/u3ZYTKbjLycmwiWUfWg=
+github.com/rs/xid v1.5.0 h1:mKX4bl4iPYJtEIxp6CYiUuLQ/8DYMoz0PUdtGgMFRVc=
+github.com/rs/xid v1.5.0/go.mod h1:trrq9SKmegXys3aeAKXMUTdJsYXVwGY3RLcfgqegfbg=
+github.com/shopspring/decimal v1.3.1 h1:2Usl1nmF/WZucqkFZhnfFYxxxu8LG21F6nPQBE5gKV8=
+github.com/shopspring/decimal v1.3.1/go.mod h1:DKyhrW/HYNuLGql+MJL6WCR6knT2jwCFRcu2hWCYk4o=
+github.com/sirupsen/logrus v1.9.3 h1:dueUQJ1C2q9oE3F7wvmSGAaVtTmUizReu6fjN8uqzbQ=
+github.com/sirupsen/logrus v1.9.3/go.mod h1:naHLuLoDiP4jHNo9R0sCBMtWGeIprob74mVsIT4qYEQ=
+github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME=
+github.com/stretchr/testify v1.3.0/go.mod h1:M5WIy9Dh21IEIfnGCwXGc5bZfKNJtfHm1UVUgZn+9EI=
+github.com/stretchr/testify v1.7.0/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg=
+github.com/stretchr/testify v1.8.4 h1:CcVxjf3Q8PM0mHUKJCdn+eZZtm5yQwehR5yeSVQQcUk=
+github.com/stretchr/testify v1.8.4/go.mod h1:sz/lmYIOXD/1dqDmKjjqLyZ2RngseejIcXlSw2iwfAo=
+github.com/xuri/efp v0.0.0-20231025114914-d1ff6096ae53 h1:Chd9DkqERQQuHpXjR/HSV1jLZA6uaoiwwH3vSuF3IW0=
+github.com/xuri/efp v0.0.0-20231025114914-d1ff6096ae53/go.mod h1:ybY/Jr0T0GTCnYjKqmdwxyxn2BQf2RcQIIvex5QldPI=
+github.com/xuri/excelize/v2 v2.8.1 h1:pZLMEwK8ep+CLIUWpWmvW8IWE/yxqG0I1xcN6cVMGuQ=
+github.com/xuri/excelize/v2 v2.8.1/go.mod h1:oli1E4C3Pa5RXg1TBXn4ENCXDV5JUMlBluUhG7c+CEE=
+github.com/xuri/nfp v0.0.0-20230919160717-d98342af3f05 h1:qhbILQo1K3mphbwKh1vNm4oGezE1eF9fQWmNiIpSfI4=
+github.com/xuri/nfp v0.0.0-20230919160717-d98342af3f05/go.mod h1:WwHg+CVyzlv/TX9xqBFXEZAuxOPxn2k1GNHwG41IIUQ=
 golang.org/x/crypto v0.27.0 h1:GXm2NjJrPaiv/h1tb2UH8QfgC/hOf/+z0p6PT8o1w7A=
 golang.org/x/crypto v0.27.0/go.mod h1:1Xngt8kV6Dvbssa53Ziq6Eqn0HqbZi5Z6R0ZpwQzt70=
+golang.org/x/image v0.14.0 h1:tNgSxAFe3jC4uYqvZdTr84SZoM1KfwdC9SKIFrLjFn4=
+golang.org/x/image v0.14.0/go.mod h1:HUYqC05R2ZcZ3ejNQsIHQDQiwWM4JBqmm6MKANTp4LE=
+golang.org/x/net v0.21.0 h1:AQyQV4dYCvJ7vGmJyKki9+PBdyvhkSd8EIx/qb0AYv4=
+golang.org/x/net v0.21.0/go.mod h1:bIjVDfnllIU7BJ2DNgfnXvpSvtn8VRwhlsaeUTyUS44=
+golang.org/x/sys v0.0.0-20220715151400-c0bba94af5f8/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
+golang.org/x/sys v0.5.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
+golang.org/x/sys v0.25.0 h1:r+8e+loiHxRqhXVl6ML1nO3l1+oFoWbnlu2Ehimmi34=
+golang.org/x/sys v0.25.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
+golang.org/x/text v0.18.0 h1:XvMDiNzPAl0jr17s6W9lcaIhGUfUORdGCNsuLmPG224=
+golang.org/x/text v0.18.0/go.mod h1:BuEKDfySbSR4drPmRPG/7iBdf8hvFMuRexcpahXilzY=
+gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
+gopkg.in/ini.v1 v1.67.0 h1:Dgnx+6+nfE+IfzjUEISNeydPJh9AXNNsWbGP9KzCsOA=
+gopkg.in/ini.v1 v1.67.0/go.mod h1:pNLf8WUiyNEtQjuu5G5vTm06TEv9tsIgeAvK8hOrP4k=
+gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
+gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA=
+gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=

backend/internal/api/handlers/agency_logo.go

@@ -9,6 +9,7 @@ import (
 	"log"
 	"net/http"
 	"path/filepath"
+	"strings"
 	"time"
 
 	"aggios-app/backend/internal/api/middleware"
@@ -172,20 +173,28 @@ func (h *AgencyHandler) UploadLogo(w http.ResponseWriter, r *http.Request) {
 		return
 	}
 
-	// Generate public URL
+	// Generate public URL through API (not direct MinIO access)
-	logoURL := fmt.Sprintf("http://localhost:9000/%s/%s", bucketName, filename)
+	// This is more secure and doesn't require DNS configuration
+	logoURL := fmt.Sprintf("http://api.localhost/api/files/%s/%s", bucketName, filename)
 	
 	log.Printf("Logo uploaded successfully: %s", logoURL)
 
 	// Delete old logo file from MinIO if exists
 	if currentLogoURL != "" && currentLogoURL != "https://via.placeholder.com/150" {
 		// Extract object key from URL
-		// Example: http://localhost:9000/aggios-logos/tenants/uuid/logo-123.png -> tenants/uuid/logo-123.png
+		// Example: http://api.localhost/api/files/aggios-logos/tenants/uuid/logo-123.png -> tenants/uuid/logo-123.png
 		oldFilename := ""
 		if len(currentLogoURL) > 0 {
-			// Split by bucket name
+			// Split by /api/files/{bucket}/ to get the file path
-			if idx := len("http://localhost:9000/aggios-logos/"); idx < len(currentLogoURL) {
+			apiPrefix := fmt.Sprintf("http://api.localhost/api/files/%s/", bucketName)
-				oldFilename = currentLogoURL[idx:]
+			if strings.HasPrefix(currentLogoURL, apiPrefix) {
+				oldFilename = strings.TrimPrefix(currentLogoURL, apiPrefix)
+			} else {
+				// Fallback for old MinIO URLs
+				baseURL := fmt.Sprintf("%s/%s/", h.config.Minio.PublicURL, bucketName)
+				if len(currentLogoURL) > len(baseURL) {
+					oldFilename = currentLogoURL[len(baseURL):]
+				}
 			}
 		}
 		
@@ -202,6 +211,8 @@ func (h *AgencyHandler) UploadLogo(w http.ResponseWriter, r *http.Request) {
 
 	// Update tenant record in database
 	var err2 error
+	log.Printf("Updating database: tenant_id=%s, logo_type=%s, logo_url=%s", tenantID, logoType, logoURL)
+	
 	if logoType == "horizontal" {
 		_, err2 = h.tenantRepo.DB().Exec("UPDATE tenants SET logo_horizontal_url = $1, updated_at = NOW() WHERE id = $2", logoURL, tenantID)
 	} else {
@@ -209,11 +220,13 @@ func (h *AgencyHandler) UploadLogo(w http.ResponseWriter, r *http.Request) {
 	}
 
 	if err2 != nil {
-		log.Printf("Failed to update logo: %v", err2)
+		log.Printf("ERROR: Failed to update logo in database: %v", err2)
-		http.Error(w, "Failed to update database", http.StatusInternalServerError)
+		http.Error(w, fmt.Sprintf("Failed to update database: %v", err2), http.StatusInternalServerError)
 		return
 	}
 	
+	log.Printf("SUCCESS: Logo saved to database successfully!")
+
 	// Return success response
 	response := map[string]string{
 		"logo_url": logoURL,

backend/internal/api/handlers/agency_profile.go

@@ -6,6 +6,7 @@ import (
 	"net/http"
 
 	"aggios-app/backend/internal/api/middleware"
+	"aggios-app/backend/internal/config"
 	"aggios-app/backend/internal/repository"
 
 	"github.com/google/uuid"
@@ -13,11 +14,13 @@ import (
 
 type AgencyHandler struct {
 	tenantRepo *repository.TenantRepository
+	config     *config.Config
 }
 
-func NewAgencyHandler(tenantRepo *repository.TenantRepository) *AgencyHandler {
+func NewAgencyHandler(tenantRepo *repository.TenantRepository, cfg *config.Config) *AgencyHandler {
 	return &AgencyHandler{
 		tenantRepo: tenantRepo,
+		config:     cfg,
 	}
 }
 

backend/internal/api/handlers/auth.go

@@ -7,6 +7,7 @@ import (
 	"net/http"
 	"strings"
 
+	"aggios-app/backend/internal/api/middleware"
 	"aggios-app/backend/internal/domain"
 	"aggios-app/backend/internal/service"
 )
@@ -96,6 +97,23 @@ func (h *AuthHandler) Login(w http.ResponseWriter, r *http.Request) {
 		return
 	}
 
+	// VALIDAÇÃO DE SEGURANÇA: Verificar se o tenant do usuário corresponde ao subdomain acessado
+	tenantIDFromContext := ""
+	if ctxTenantID := r.Context().Value(middleware.TenantIDKey); ctxTenantID != nil {
+		tenantIDFromContext, _ = ctxTenantID.(string)
+	}
+
+	// Se foi detectado um tenant no contexto (não é superadmin ou site institucional)
+	if tenantIDFromContext != "" && response.User.TenantID != nil {
+		userTenantID := response.User.TenantID.String()
+		if userTenantID != tenantIDFromContext {
+			log.Printf("❌ LOGIN BLOCKED: User from tenant %s tried to login in tenant %s subdomain",  userTenantID, tenantIDFromContext)
+			http.Error(w, "Forbidden: Invalid credentials for this tenant", http.StatusForbidden)
+			return
+		}
+		log.Printf("✅ TENANT LOGIN VALIDATION PASSED: %s", userTenantID)
+	}
+
 	log.Printf("✅ Login successful for %s, role=%s", response.User.Email, response.User.Role)
 	w.Header().Set("Content-Type", "application/json")
 	json.NewEncoder(w).Encode(response)
@@ -149,3 +167,94 @@ func (h *AuthHandler) ChangePassword(w http.ResponseWriter, r *http.Request) {
 		"message": "Password changed successfully",
 	})
 }
+
+// UnifiedLogin handles login for all user types (agency, customer, superadmin)
+func (h *AuthHandler) UnifiedLogin(w http.ResponseWriter, r *http.Request) {
+	log.Printf("🔐 UNIFIED LOGIN HANDLER CALLED - Method: %s", r.Method)
+	
+	if r.Method != http.MethodPost {
+		log.Printf("❌ Method not allowed: %s", r.Method)
+		http.Error(w, "Method not allowed", http.StatusMethodNotAllowed)
+		return
+	}
+
+	bodyBytes, err := io.ReadAll(r.Body)
+	if err != nil {
+		log.Printf("❌ Failed to read body: %v", err)
+		http.Error(w, "Failed to read request body", http.StatusBadRequest)
+		return
+	}
+	defer r.Body.Close()
+
+	log.Printf("📥 Raw body: %s", string(bodyBytes))
+
+	sanitized := strings.TrimSpace(string(bodyBytes))
+	var req domain.UnifiedLoginRequest
+	if err := json.Unmarshal([]byte(sanitized), &req); err != nil {
+		log.Printf("❌ JSON parse error: %v", err)
+		http.Error(w, "Invalid request body", http.StatusBadRequest)
+		return
+	}
+
+	log.Printf("📧 Unified login attempt for email: %s", req.Email)
+
+	response, err := h.authService.UnifiedLogin(req)
+	if err != nil {
+		log.Printf("❌ authService.UnifiedLogin error: %v", err)
+		if err == service.ErrInvalidCredentials || strings.Contains(err.Error(), "não autorizado") {
+			w.Header().Set("Content-Type", "application/json")
+			w.WriteHeader(http.StatusUnauthorized)
+			json.NewEncoder(w).Encode(map[string]string{
+				"error": err.Error(),
+			})
+		} else {
+			http.Error(w, "Internal server error", http.StatusInternalServerError)
+		}
+		return
+	}
+
+	// VALIDAÇÃO DE SEGURANÇA: Verificar se o tenant corresponde ao subdomain acessado
+	tenantIDFromContext := ""
+	if ctxTenantID := r.Context().Value(middleware.TenantIDKey); ctxTenantID != nil {
+		tenantIDFromContext, _ = ctxTenantID.(string)
+	}
+
+	// Se foi detectado um tenant no contexto E o usuário tem tenant
+	if tenantIDFromContext != "" && response.TenantID != "" {
+		if response.TenantID != tenantIDFromContext {
+			log.Printf("❌ LOGIN BLOCKED: User from tenant %s tried to login in tenant %s subdomain", 
+				response.TenantID, tenantIDFromContext)
+			w.Header().Set("Content-Type", "application/json")
+			w.WriteHeader(http.StatusForbidden)
+			json.NewEncoder(w).Encode(map[string]string{
+				"error": "Credenciais inválidas para esta agência",
+			})
+			return
+		}
+		log.Printf("✅ TENANT LOGIN VALIDATION PASSED: %s", response.TenantID)
+	}
+
+	log.Printf("✅ Unified login successful: email=%s, type=%s, role=%s", 
+		response.Email, response.UserType, response.Role)
+	
+	// Montar resposta compatível com frontend antigo E com novos campos
+	compatibleResponse := map[string]interface{}{
+		"token": response.Token,
+		"user": map[string]interface{}{
+			"id":        response.UserID,
+			"email":     response.Email,
+			"name":      response.Name,
+			"role":      response.Role,
+			"tenant_id": response.TenantID,
+			"user_type": response.UserType,
+		},
+		// Campos adicionais do sistema unificado
+		"user_type": response.UserType,
+		"user_id":   response.UserID,
+		"subdomain": response.Subdomain,
+		"tenant_id": response.TenantID,
+	}
+	
+	w.Header().Set("Content-Type", "application/json")
+	json.NewEncoder(w).Encode(compatibleResponse)
+}

backend/internal/api/handlers/backup.go

@@ -0,0 +1,264 @@
+package handlers
+
+import (
+	"encoding/json"
+	"fmt"
+	"io/ioutil"
+	"net/http"
+	"os"
+	"os/exec"
+	"path/filepath"
+	"sort"
+	"strings"
+	"time"
+)
+
+type BackupHandler struct {
+	backupDir string
+}
+
+type BackupInfo struct {
+	Filename  string `json:"filename"`
+	Size      string `json:"size"`
+	Date      string `json:"date"`
+	Timestamp string `json:"timestamp"`
+}
+
+func NewBackupHandler() *BackupHandler {
+	// Usa o caminho montado no container
+	backupDir := "/backups"
+	
+	// Garante que o diretório existe
+	if _, err := os.Stat(backupDir); os.IsNotExist(err) {
+		os.MkdirAll(backupDir, 0755)
+	}
+	
+	return &BackupHandler{
+		backupDir: backupDir,
+	}
+}
+
+// ListBackups lista todos os backups disponíveis
+func (h *BackupHandler) ListBackups(w http.ResponseWriter, r *http.Request) {
+	files, err := ioutil.ReadDir(h.backupDir)
+	if err != nil {
+		http.Error(w, "Error reading backups directory", http.StatusInternalServerError)
+		return
+	}
+
+	var backups []BackupInfo
+	for _, file := range files {
+		if strings.HasPrefix(file.Name(), "aggios_backup_") && strings.HasSuffix(file.Name(), ".sql") {
+			// Extrai timestamp do nome do arquivo
+			timestamp := strings.TrimPrefix(file.Name(), "aggios_backup_")
+			timestamp = strings.TrimSuffix(timestamp, ".sql")
+			
+			// Formata a data
+			t, _ := time.Parse("2006-01-02_15-04-05", timestamp)
+			dateStr := t.Format("02/01/2006 15:04:05")
+			
+			// Formata o tamanho
+			sizeMB := float64(file.Size()) / 1024
+			sizeStr := fmt.Sprintf("%.2f KB", sizeMB)
+			
+			backups = append(backups, BackupInfo{
+				Filename:  file.Name(),
+				Size:      sizeStr,
+				Date:      dateStr,
+				Timestamp: timestamp,
+			})
+		}
+	}
+	
+	// Ordena por data (mais recente primeiro)
+	sort.Slice(backups, func(i, j int) bool {
+		return backups[i].Timestamp > backups[j].Timestamp
+	})
+
+	w.Header().Set("Content-Type", "application/json")
+	json.NewEncoder(w).Encode(map[string]interface{}{
+		"backups": backups,
+	})
+}
+
+// CreateBackup cria um novo backup do banco de dados
+func (h *BackupHandler) CreateBackup(w http.ResponseWriter, r *http.Request) {
+	if r.Method != http.MethodPost {
+		http.Error(w, "Method not allowed", http.StatusMethodNotAllowed)
+		return
+	}
+
+	timestamp := time.Now().Format("2006-01-02_15-04-05")
+	filename := fmt.Sprintf("aggios_backup_%s.sql", timestamp)
+	filepath := filepath.Join(h.backupDir, filename)
+
+	// Usa pg_dump diretamente (backend e postgres estão na mesma rede docker)
+	dbPassword := os.Getenv("DB_PASSWORD")
+	if dbPassword == "" {
+		dbPassword = "A9g10s_S3cur3_P@ssw0rd_2025!"
+	}
+	
+	cmd := exec.Command("pg_dump", 
+		"-h", "postgres",
+		"-U", "aggios", 
+		"-d", "aggios_db",
+		"--no-password")
+	
+	// Define a variável de ambiente para a senha
+	cmd.Env = append(os.Environ(), fmt.Sprintf("PGPASSWORD=%s", dbPassword))
+	
+	output, err := cmd.Output()
+	if err != nil {
+		http.Error(w, fmt.Sprintf("Error creating backup: %v", err), http.StatusInternalServerError)
+		return
+	}
+
+	// Salva o backup no arquivo
+	err = ioutil.WriteFile(filepath, output, 0644)
+	if err != nil {
+		http.Error(w, fmt.Sprintf("Error saving backup: %v", err), http.StatusInternalServerError)
+		return
+	}
+
+	// Limpa backups antigos (mantém apenas os últimos 10)
+	h.cleanOldBackups()
+
+	fileInfo, _ := os.Stat(filepath)
+	sizeMB := float64(fileInfo.Size()) / 1024
+	sizeStr := fmt.Sprintf("%.2f KB", sizeMB)
+
+	w.Header().Set("Content-Type", "application/json")
+	json.NewEncoder(w).Encode(map[string]interface{}{
+		"message":  "Backup created successfully",
+		"filename": filename,
+		"size":     sizeStr,
+	})
+}
+
+// RestoreBackup restaura um backup específico
+func (h *BackupHandler) RestoreBackup(w http.ResponseWriter, r *http.Request) {
+	if r.Method != http.MethodPost {
+		http.Error(w, "Method not allowed", http.StatusMethodNotAllowed)
+		return
+	}
+
+	var req struct {
+		Filename string `json:"filename"`
+	}
+
+	if err := json.NewDecoder(r.Body).Decode(&req); err != nil {
+		http.Error(w, "Invalid request", http.StatusBadRequest)
+		return
+	}
+
+	if req.Filename == "" {
+		http.Error(w, "Filename is required", http.StatusBadRequest)
+		return
+	}
+
+	// Valida que o arquivo existe e está no diretório correto
+	backupPath := filepath.Join(h.backupDir, req.Filename)
+	if !strings.HasPrefix(backupPath, h.backupDir) {
+		http.Error(w, "Invalid filename", http.StatusBadRequest)
+		return
+	}
+
+	if _, err := os.Stat(backupPath); os.IsNotExist(err) {
+		http.Error(w, "Backup file not found", http.StatusNotFound)
+		return
+	}
+
+	// Lê o conteúdo do backup
+	backupContent, err := ioutil.ReadFile(backupPath)
+	if err != nil {
+		http.Error(w, fmt.Sprintf("Error reading backup: %v", err), http.StatusInternalServerError)
+		return
+	}
+
+	// Restaura o backup usando psql diretamente
+	dbPassword := os.Getenv("DB_PASSWORD")
+	if dbPassword == "" {
+		dbPassword = "A9g10s_S3cur3_P@ssw0rd_2025!"
+	}
+	
+	cmd := exec.Command("psql",
+		"-h", "postgres",
+		"-U", "aggios",
+		"-d", "aggios_db",
+		"--no-password")
+	cmd.Stdin = strings.NewReader(string(backupContent))
+	cmd.Env = append(os.Environ(), fmt.Sprintf("PGPASSWORD=%s", dbPassword))
+	
+	if err := cmd.Run(); err != nil {
+		http.Error(w, fmt.Sprintf("Error restoring backup: %v", err), http.StatusInternalServerError)
+		return
+	}
+
+	w.Header().Set("Content-Type", "application/json")
+	json.NewEncoder(w).Encode(map[string]interface{}{
+		"message": "Backup restored successfully",
+	})
+}
+
+// DownloadBackup permite fazer download de um backup
+func (h *BackupHandler) DownloadBackup(w http.ResponseWriter, r *http.Request) {
+	// Extrai o filename da URL
+	parts := strings.Split(r.URL.Path, "/")
+	filename := parts[len(parts)-1]
+
+	if filename == "" {
+		http.Error(w, "Filename is required", http.StatusBadRequest)
+		return
+	}
+
+	// Valida que o arquivo existe e está no diretório correto
+	backupPath := filepath.Join(h.backupDir, filename)
+	if !strings.HasPrefix(backupPath, h.backupDir) {
+		http.Error(w, "Invalid filename", http.StatusBadRequest)
+		return
+	}
+
+	if _, err := os.Stat(backupPath); os.IsNotExist(err) {
+		http.Error(w, "Backup file not found", http.StatusNotFound)
+		return
+	}
+
+	// Lê o arquivo
+	data, err := ioutil.ReadFile(backupPath)
+	if err != nil {
+		http.Error(w, "Error reading file", http.StatusInternalServerError)
+		return
+	}
+
+	// Define headers para download
+	w.Header().Set("Content-Type", "application/sql")
+	w.Header().Set("Content-Disposition", fmt.Sprintf("attachment; filename=%s", filename))
+	w.Write(data)
+}
+
+// cleanOldBackups mantém apenas os últimos 10 backups
+func (h *BackupHandler) cleanOldBackups() {
+	files, err := ioutil.ReadDir(h.backupDir)
+	if err != nil {
+		return
+	}
+
+	var backupFiles []os.FileInfo
+	for _, file := range files {
+		if strings.HasPrefix(file.Name(), "aggios_backup_") && strings.HasSuffix(file.Name(), ".sql") {
+			backupFiles = append(backupFiles, file)
+		}
+	}
+
+	// Ordena por data de modificação (mais recente primeiro)
+	sort.Slice(backupFiles, func(i, j int) bool {
+		return backupFiles[i].ModTime().After(backupFiles[j].ModTime())
+	})
+
+	// Remove backups antigos (mantém os 10 mais recentes)
+	if len(backupFiles) > 10 {
+		for _, file := range backupFiles[10:] {
+			os.Remove(filepath.Join(h.backupDir, file.Name()))
+		}
+	}
+}

backend/internal/api/handlers/collaborator.go

@@ -0,0 +1,271 @@
+package handlers
+
+import (
+	"aggios-app/backend/internal/api/middleware"
+	"aggios-app/backend/internal/domain"
+	"aggios-app/backend/internal/repository"
+	"aggios-app/backend/internal/service"
+	"encoding/json"
+	"log"
+	"net/http"
+	"time"
+
+	"github.com/google/uuid"
+	"golang.org/x/crypto/bcrypt"
+)
+
+// CollaboratorHandler handles agency collaborator management
+type CollaboratorHandler struct {
+	userRepo    *repository.UserRepository
+	agencyServ  *service.AgencyService
+}
+
+// NewCollaboratorHandler creates a new collaborator handler
+func NewCollaboratorHandler(userRepo *repository.UserRepository, agencyServ *service.AgencyService) *CollaboratorHandler {
+	return &CollaboratorHandler{
+		userRepo:   userRepo,
+		agencyServ: agencyServ,
+	}
+}
+
+// AddCollaboratorRequest representa a requisição para adicionar um colaborador
+type AddCollaboratorRequest struct {
+	Email string `json:"email"`
+	Name  string `json:"name"`
+}
+
+// CollaboratorResponse representa um colaborador
+type CollaboratorResponse struct {
+	ID                   string     `json:"id"`
+	Email                string     `json:"email"`
+	Name                 string     `json:"name"`
+	AgencyRole           string     `json:"agency_role"` // owner ou collaborator
+	CreatedAt            time.Time  `json:"created_at"`
+	CollaboratorCreatedAt *time.Time `json:"collaborator_created_at,omitempty"`
+}
+
+// ListCollaborators lista todos os colaboradores da agência (apenas owner pode ver)
+func (h *CollaboratorHandler) ListCollaborators(w http.ResponseWriter, r *http.Request) {
+	if r.Method != http.MethodGet {
+		http.Error(w, "Method not allowed", http.StatusMethodNotAllowed)
+		return
+	}
+
+	ownerID, _ := r.Context().Value(middleware.UserIDKey).(string)
+	tenantID, _ := r.Context().Value(middleware.TenantIDKey).(string)
+	agencyRole, _ := r.Context().Value("agency_role").(string)
+
+	// Apenas owner pode listar colaboradores
+	if agencyRole != "owner" {
+		log.Printf("❌ COLLABORATOR ACCESS BLOCKED: User %s tried to list collaborators", ownerID)
+		http.Error(w, "Only agency owners can manage collaborators", http.StatusForbidden)
+		return
+	}
+
+	// Buscar todos os usuários da agência
+	tenantUUID := parseUUID(tenantID)
+	if tenantUUID == nil {
+		http.Error(w, "Invalid tenant ID", http.StatusBadRequest)
+		return
+	}
+	users, err := h.userRepo.ListByTenantID(*tenantUUID)
+	if err != nil {
+		log.Printf("Error fetching collaborators: %v", err)
+		http.Error(w, "Error fetching collaborators", http.StatusInternalServerError)
+		return
+	}
+
+	// Formatar resposta
+	collaborators := make([]CollaboratorResponse, 0)
+	for _, user := range users {
+		collaborators = append(collaborators, CollaboratorResponse{
+			ID:                    user.ID.String(),
+			Email:                 user.Email,
+			Name:                  user.Name,
+			AgencyRole:            user.AgencyRole,
+			CreatedAt:             user.CreatedAt,
+			CollaboratorCreatedAt: user.CollaboratorCreatedAt,
+		})
+	}
+
+	w.Header().Set("Content-Type", "application/json")
+	json.NewEncoder(w).Encode(map[string]interface{}{
+		"collaborators": collaborators,
+	})
+}
+
+// InviteCollaborator convida um novo colaborador para a agência (apenas owner pode fazer isso)
+func (h *CollaboratorHandler) InviteCollaborator(w http.ResponseWriter, r *http.Request) {
+	if r.Method != http.MethodPost {
+		http.Error(w, "Method not allowed", http.StatusMethodNotAllowed)
+		return
+	}
+
+	ownerID, _ := r.Context().Value(middleware.UserIDKey).(string)
+	tenantID, _ := r.Context().Value(middleware.TenantIDKey).(string)
+	agencyRole, _ := r.Context().Value("agency_role").(string)
+
+	// Apenas owner pode convidar colaboradores
+	if agencyRole != "owner" {
+		log.Printf("❌ COLLABORATOR INVITE BLOCKED: User %s tried to invite collaborator", ownerID)
+		http.Error(w, "Only agency owners can invite collaborators", http.StatusForbidden)
+		return
+	}
+
+	var req AddCollaboratorRequest
+	if err := json.NewDecoder(r.Body).Decode(&req); err != nil {
+		http.Error(w, "Invalid request body", http.StatusBadRequest)
+		return
+	}
+
+	// Validar email
+	if req.Email == "" {
+		http.Error(w, "Email is required", http.StatusBadRequest)
+		return
+	}
+
+	// Validar se email já existe
+	exists, err := h.userRepo.EmailExists(req.Email)
+	if err != nil {
+		log.Printf("Error checking email: %v", err)
+		http.Error(w, "Error processing request", http.StatusInternalServerError)
+		return
+	}
+	if exists {
+		http.Error(w, "Email already registered", http.StatusConflict)
+		return
+	}
+
+	// Gerar senha temporária (8 caracteres aleatórios)
+	tempPassword := generateTempPassword()
+	hashedPassword, err := bcrypt.GenerateFromPassword([]byte(tempPassword), bcrypt.DefaultCost)
+	if err != nil {
+		log.Printf("Error hashing password: %v", err)
+		http.Error(w, "Error processing request", http.StatusInternalServerError)
+		return
+	}
+
+	// Criar novo colaborador
+	ownerUUID := parseUUID(ownerID)
+	tenantUUID := parseUUID(tenantID)
+	now := time.Now()
+
+	collaborator := &domain.User{
+		TenantID:              tenantUUID,
+		Email:                 req.Email,
+		Password:              string(hashedPassword),
+		Name:                  req.Name,
+		Role:                  "ADMIN_AGENCIA",
+		AgencyRole:            "collaborator",
+		CreatedBy:             ownerUUID,
+		CollaboratorCreatedAt: &now,
+	}
+
+	if err := h.userRepo.Create(collaborator); err != nil {
+		log.Printf("Error creating collaborator: %v", err)
+		http.Error(w, "Error creating collaborator", http.StatusInternalServerError)
+		return
+	}
+
+	w.Header().Set("Content-Type", "application/json")
+	w.WriteHeader(http.StatusCreated)
+	json.NewEncoder(w).Encode(map[string]interface{}{
+		"message":         "Collaborator invited successfully",
+		"temporary_password": tempPassword,
+		"collaborator": CollaboratorResponse{
+			ID:                    collaborator.ID.String(),
+			Email:                 collaborator.Email,
+			Name:                  collaborator.Name,
+			AgencyRole:            collaborator.AgencyRole,
+			CreatedAt:             collaborator.CreatedAt,
+			CollaboratorCreatedAt: collaborator.CollaboratorCreatedAt,
+		},
+	})
+}
+
+// RemoveCollaborator remove um colaborador da agência (apenas owner pode fazer isso)
+func (h *CollaboratorHandler) RemoveCollaborator(w http.ResponseWriter, r *http.Request) {
+	if r.Method != http.MethodDelete {
+		http.Error(w, "Method not allowed", http.StatusMethodNotAllowed)
+		return
+	}
+
+	ownerID, _ := r.Context().Value(middleware.UserIDKey).(string)
+	tenantID, _ := r.Context().Value(middleware.TenantIDKey).(string)
+	agencyRole, _ := r.Context().Value("agency_role").(string)
+
+	// Apenas owner pode remover colaboradores
+	if agencyRole != "owner" {
+		log.Printf("❌ COLLABORATOR REMOVE BLOCKED: User %s tried to remove collaborator", ownerID)
+		http.Error(w, "Only agency owners can remove collaborators", http.StatusForbidden)
+		return
+	}
+
+	collaboratorID := r.URL.Query().Get("id")
+	if collaboratorID == "" {
+		http.Error(w, "Collaborator ID is required", http.StatusBadRequest)
+		return
+	}
+
+	// Converter ID para UUID
+	collaboratorUUID := parseUUID(collaboratorID)
+	if collaboratorUUID == nil {
+		http.Error(w, "Invalid collaborator ID", http.StatusBadRequest)
+		return
+	}
+
+	// Buscar o colaborador
+	collaborator, err := h.userRepo.GetByID(*collaboratorUUID)
+	if err != nil {
+		http.Error(w, "Collaborator not found", http.StatusNotFound)
+		return
+	}
+
+	// Verificar se o colaborador pertence à mesma agência
+	if collaborator.TenantID == nil || collaborator.TenantID.String() != tenantID {
+		http.Error(w, "Collaborator not found in this agency", http.StatusForbidden)
+		return
+	}
+
+	// Não permitir remover o owner
+	if collaborator.AgencyRole == "owner" {
+		http.Error(w, "Cannot remove the agency owner", http.StatusBadRequest)
+		return
+	}
+
+	// Remover colaborador
+	if err := h.userRepo.Delete(*collaboratorUUID); err != nil {
+		log.Printf("Error removing collaborator: %v", err)
+		http.Error(w, "Error removing collaborator", http.StatusInternalServerError)
+		return
+	}
+
+	w.Header().Set("Content-Type", "application/json")
+	json.NewEncoder(w).Encode(map[string]string{
+		"message": "Collaborator removed successfully",
+	})
+}
+
+// generateTempPassword gera uma senha temporária
+func generateTempPassword() string {
+	const charset = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789!@#$%^&*"
+	return randomString(12, charset)
+}
+
+// randomString gera uma string aleatória
+func randomString(length int, charset string) string {
+	b := make([]byte, length)
+	for i := range b {
+		b[i] = charset[i%len(charset)]
+	}
+	return string(b)
+}
+
+// parseUUID converte string para UUID
+func parseUUID(s string) *uuid.UUID {
+	u, err := uuid.Parse(s)
+	if err != nil {
+		return nil
+	}
+	return &u
+}

backend/internal/api/handlers/customer_portal.go

@@ -0,0 +1,465 @@
+package handlers
+
+import (
+	"aggios-app/backend/internal/domain"
+	"aggios-app/backend/internal/repository"
+	"aggios-app/backend/internal/service"
+	"aggios-app/backend/internal/config"
+	"aggios-app/backend/internal/api/middleware"
+	"context"
+	"database/sql"
+	"encoding/json"
+	"fmt"
+	"log"
+	"net/http"
+	"path/filepath"
+	"strings"
+	"time"
+
+	"github.com/minio/minio-go/v7"
+	"github.com/minio/minio-go/v7/pkg/credentials"
+	"golang.org/x/crypto/bcrypt"
+)
+
+type CustomerPortalHandler struct {
+	crmRepo     *repository.CRMRepository
+	authService *service.AuthService
+	cfg         *config.Config
+	minioClient *minio.Client
+}
+
+func NewCustomerPortalHandler(crmRepo *repository.CRMRepository, authService *service.AuthService, cfg *config.Config) *CustomerPortalHandler {
+	// Initialize MinIO client
+	minioClient, err := minio.New(cfg.Minio.Endpoint, &minio.Options{
+		Creds:  credentials.NewStaticV4(cfg.Minio.RootUser, cfg.Minio.RootPassword, ""),
+		Secure: cfg.Minio.UseSSL,
+	})
+	if err != nil {
+		log.Printf("❌ Failed to create MinIO client for CustomerPortalHandler: %v", err)
+	}
+
+	return &CustomerPortalHandler{
+		crmRepo:     crmRepo,
+		authService: authService,
+		cfg:         cfg,
+		minioClient: minioClient,
+	}
+}
+
+// CustomerLoginRequest representa a requisição de login do cliente
+type CustomerLoginRequest struct {
+	Email    string `json:"email"`
+	Password string `json:"password"`
+}
+
+// CustomerLoginResponse representa a resposta de login do cliente
+type CustomerLoginResponse struct {
+	Token    string                `json:"token"`
+	Customer *CustomerPortalInfo   `json:"customer"`
+}
+
+// CustomerPortalInfo representa informações seguras do cliente para o portal
+type CustomerPortalInfo struct {
+	ID              string    `json:"id"`
+	Name            string    `json:"name"`
+	Email           string    `json:"email"`
+	Company         string    `json:"company"`
+	HasPortalAccess bool      `json:"has_portal_access"`
+	TenantID        string    `json:"tenant_id"`
+}
+
+// Login autentica um cliente e retorna um token JWT
+func (h *CustomerPortalHandler) Login(w http.ResponseWriter, r *http.Request) {
+	var req CustomerLoginRequest
+	if err := json.NewDecoder(r.Body).Decode(&req); err != nil {
+		w.Header().Set("Content-Type", "application/json")
+		w.WriteHeader(http.StatusBadRequest)
+		json.NewEncoder(w).Encode(map[string]string{
+			"error": "Invalid request body",
+		})
+		return
+	}
+
+	// Validar entrada
+	if req.Email == "" || req.Password == "" {
+		w.Header().Set("Content-Type", "application/json")
+		w.WriteHeader(http.StatusBadRequest)
+		json.NewEncoder(w).Encode(map[string]string{
+			"error": "Email e senha são obrigatórios",
+		})
+		return
+	}
+
+	// Buscar cliente por email
+	customer, err := h.crmRepo.GetCustomerByEmail(req.Email)
+	if err != nil {
+		if err == sql.ErrNoRows {
+			w.Header().Set("Content-Type", "application/json")
+			w.WriteHeader(http.StatusUnauthorized)
+			json.NewEncoder(w).Encode(map[string]string{
+				"error": "Credenciais inválidas",
+			})
+			return
+		}
+		log.Printf("Error fetching customer: %v", err)
+		w.Header().Set("Content-Type", "application/json")
+		w.WriteHeader(http.StatusInternalServerError)
+		json.NewEncoder(w).Encode(map[string]string{
+			"error": "Erro ao processar login",
+		})
+		return
+	}
+
+	// Verificar se tem acesso ao portal
+	if !customer.HasPortalAccess {
+		w.Header().Set("Content-Type", "application/json")
+		w.WriteHeader(http.StatusForbidden)
+		json.NewEncoder(w).Encode(map[string]string{
+			"error": "Acesso ao portal não autorizado. Entre em contato com o administrador.",
+		})
+		return
+	}
+
+	// Verificar senha
+	if err := bcrypt.CompareHashAndPassword([]byte(customer.PasswordHash), []byte(req.Password)); err != nil {
+		w.Header().Set("Content-Type", "application/json")
+		w.WriteHeader(http.StatusUnauthorized)
+		json.NewEncoder(w).Encode(map[string]string{
+			"error": "Credenciais inválidas",
+		})
+		return
+	}
+
+	// Atualizar último login
+	if err := h.crmRepo.UpdateCustomerLastLogin(customer.ID); err != nil {
+		log.Printf("Warning: Failed to update last login for customer %s: %v", customer.ID, err)
+	}
+
+	// Gerar token JWT
+	token, err := h.authService.GenerateCustomerToken(customer.ID, customer.TenantID, customer.Email)
+	if err != nil {
+		log.Printf("Error generating token: %v", err)
+		w.Header().Set("Content-Type", "application/json")
+		w.WriteHeader(http.StatusInternalServerError)
+		json.NewEncoder(w).Encode(map[string]string{
+			"error": "Erro ao gerar token de autenticação",
+		})
+		return
+	}
+
+	// Resposta de sucesso
+	w.Header().Set("Content-Type", "application/json")
+	json.NewEncoder(w).Encode(CustomerLoginResponse{
+		Token: token,
+		Customer: &CustomerPortalInfo{
+			ID:              customer.ID,
+			Name:            customer.Name,
+			Email:           customer.Email,
+			Company:         customer.Company,
+			HasPortalAccess: customer.HasPortalAccess,
+			TenantID:        customer.TenantID,
+		},
+	})
+}
+
+// GetPortalDashboard retorna dados do dashboard para o cliente autenticado
+func (h *CustomerPortalHandler) GetPortalDashboard(w http.ResponseWriter, r *http.Request) {
+	customerID, _ := r.Context().Value(middleware.CustomerIDKey).(string)
+	tenantID, _ := r.Context().Value(middleware.TenantIDKey).(string)
+
+	// Buscar leads do cliente
+	leads, err := h.crmRepo.GetLeadsByCustomerID(customerID)
+	if err != nil {
+		log.Printf("Error fetching leads: %v", err)
+		w.Header().Set("Content-Type", "application/json")
+		w.WriteHeader(http.StatusInternalServerError)
+		json.NewEncoder(w).Encode(map[string]string{
+			"error": "Erro ao buscar leads",
+		})
+		return
+	}
+
+	// Buscar informações do cliente
+	customer, err := h.crmRepo.GetCustomerByID(customerID, tenantID)
+	if err != nil {
+		log.Printf("Error fetching customer: %v", err)
+		w.Header().Set("Content-Type", "application/json")
+		w.WriteHeader(http.StatusInternalServerError)
+		json.NewEncoder(w).Encode(map[string]string{
+			"error": "Erro ao buscar informações do cliente",
+		})
+		return
+	}
+
+	// Calcular estatísticas
+	rawStats := calculateLeadStats(leads)
+	stats := map[string]interface{}{
+		"total_leads":  rawStats["total"],
+		"active_leads": rawStats["novo"].(int) + rawStats["qualificado"].(int) + rawStats["negociacao"].(int),
+		"converted":    rawStats["convertido"],
+	}
+
+	w.Header().Set("Content-Type", "application/json")
+	json.NewEncoder(w).Encode(map[string]interface{}{
+		"customer": CustomerPortalInfo{
+			ID:              customer.ID,
+			Name:            customer.Name,
+			Email:           customer.Email,
+			Company:         customer.Company,
+			HasPortalAccess: customer.HasPortalAccess,
+			TenantID:        customer.TenantID,
+		},
+		"leads": leads,
+		"stats": stats,
+	})
+}
+
+// GetPortalLeads retorna apenas os leads do cliente
+func (h *CustomerPortalHandler) GetPortalLeads(w http.ResponseWriter, r *http.Request) {
+	customerID, _ := r.Context().Value(middleware.CustomerIDKey).(string)
+
+	leads, err := h.crmRepo.GetLeadsByCustomerID(customerID)
+	if err != nil {
+		log.Printf("Error fetching leads: %v", err)
+		w.Header().Set("Content-Type", "application/json")
+		w.WriteHeader(http.StatusInternalServerError)
+		json.NewEncoder(w).Encode(map[string]string{
+			"error": "Erro ao buscar leads",
+		})
+		return
+	}
+
+	if leads == nil {
+		leads = []domain.CRMLead{}
+	}
+
+	w.Header().Set("Content-Type", "application/json")
+	json.NewEncoder(w).Encode(map[string]interface{}{
+		"leads": leads,
+	})
+}
+
+// GetPortalLists retorna as listas que possuem leads do cliente
+func (h *CustomerPortalHandler) GetPortalLists(w http.ResponseWriter, r *http.Request) {
+	customerID, _ := r.Context().Value(middleware.CustomerIDKey).(string)
+
+	lists, err := h.crmRepo.GetListsByCustomerID(customerID)
+	if err != nil {
+		log.Printf("Error fetching portal lists: %v", err)
+		w.Header().Set("Content-Type", "application/json")
+		w.WriteHeader(http.StatusInternalServerError)
+		json.NewEncoder(w).Encode(map[string]string{
+			"error": "Erro ao buscar listas",
+		})
+		return
+	}
+
+	w.Header().Set("Content-Type", "application/json")
+	json.NewEncoder(w).Encode(map[string]interface{}{
+		"lists": lists,
+	})
+}
+
+// GetPortalProfile retorna o perfil completo do cliente
+func (h *CustomerPortalHandler) GetPortalProfile(w http.ResponseWriter, r *http.Request) {
+	customerID, _ := r.Context().Value(middleware.CustomerIDKey).(string)
+	tenantID, _ := r.Context().Value(middleware.TenantIDKey).(string)
+
+	// Buscar informações do cliente
+	customer, err := h.crmRepo.GetCustomerByID(customerID, tenantID)
+	if err != nil {
+		log.Printf("Error fetching customer: %v", err)
+		w.Header().Set("Content-Type", "application/json")
+		w.WriteHeader(http.StatusInternalServerError)
+		json.NewEncoder(w).Encode(map[string]string{
+			"error": "Erro ao buscar perfil",
+		})
+		return
+	}
+
+	// Buscar leads para estatísticas
+	leads, err := h.crmRepo.GetLeadsByCustomerID(customerID)
+	if err != nil {
+		log.Printf("Error fetching leads for stats: %v", err)
+		leads = []domain.CRMLead{}
+	}
+
+	// Calcular estatísticas
+	stats := calculateLeadStats(leads)
+
+	w.Header().Set("Content-Type", "application/json")
+	json.NewEncoder(w).Encode(map[string]interface{}{
+		"customer": map[string]interface{}{
+			"id":                customer.ID,
+			"name":              customer.Name,
+			"email":             customer.Email,
+			"phone":             customer.Phone,
+			"company":           customer.Company,
+			"logo_url":          customer.LogoURL,
+			"portal_last_login": customer.PortalLastLogin,
+			"created_at":        customer.CreatedAt,
+			"total_leads":       len(leads),
+			"converted_leads":   stats["convertido"].(int),
+		},
+	})
+}
+
+// ChangePasswordRequest representa a requisição de troca de senha
+type CustomerChangePasswordRequest struct {
+	CurrentPassword string `json:"current_password"`
+	NewPassword     string `json:"new_password"`
+}
+
+// ChangePassword altera a senha do cliente
+func (h *CustomerPortalHandler) ChangePassword(w http.ResponseWriter, r *http.Request) {
+	customerID, _ := r.Context().Value(middleware.CustomerIDKey).(string)
+	tenantID, _ := r.Context().Value(middleware.TenantIDKey).(string)
+
+	var req CustomerChangePasswordRequest
+	if err := json.NewDecoder(r.Body).Decode(&req); err != nil {
+		w.Header().Set("Content-Type", "application/json")
+		w.WriteHeader(http.StatusBadRequest)
+		json.NewEncoder(w).Encode(map[string]string{
+			"error": "Invalid request body",
+		})
+		return
+	}
+
+	// Validar entrada
+	if req.CurrentPassword == "" || req.NewPassword == "" {
+		w.Header().Set("Content-Type", "application/json")
+		w.WriteHeader(http.StatusBadRequest)
+		json.NewEncoder(w).Encode(map[string]string{
+			"error": "Senha atual e nova senha são obrigatórias",
+		})
+		return
+	}
+
+	if len(req.NewPassword) < 6 {
+		w.Header().Set("Content-Type", "application/json")
+		w.WriteHeader(http.StatusBadRequest)
+		json.NewEncoder(w).Encode(map[string]string{
+			"error": "A nova senha deve ter no mínimo 6 caracteres",
+		})
+		return
+	}
+
+	// Buscar cliente
+	customer, err := h.crmRepo.GetCustomerByID(customerID, tenantID)
+	if err != nil {
+		log.Printf("Error fetching customer: %v", err)
+		w.Header().Set("Content-Type", "application/json")
+		w.WriteHeader(http.StatusInternalServerError)
+		json.NewEncoder(w).Encode(map[string]string{
+			"error": "Erro ao processar solicitação",
+		})
+		return
+	}
+
+	// Verificar senha atual
+	if err := bcrypt.CompareHashAndPassword([]byte(customer.PasswordHash), []byte(req.CurrentPassword)); err != nil {
+		w.Header().Set("Content-Type", "application/json")
+		w.WriteHeader(http.StatusUnauthorized)
+		json.NewEncoder(w).Encode(map[string]string{
+			"error": "Senha atual incorreta",
+		})
+		return
+	}
+
+	// Gerar hash da nova senha
+	hashedPassword, err := bcrypt.GenerateFromPassword([]byte(req.NewPassword), bcrypt.DefaultCost)
+	if err != nil {
+		log.Printf("Error hashing password: %v", err)
+		w.Header().Set("Content-Type", "application/json")
+		w.WriteHeader(http.StatusInternalServerError)
+		json.NewEncoder(w).Encode(map[string]string{
+			"error": "Erro ao processar nova senha",
+		})
+		return
+	}
+
+	// Atualizar senha no banco
+	if err := h.crmRepo.UpdateCustomerPassword(customerID, string(hashedPassword)); err != nil {
+		log.Printf("Error updating password: %v", err)
+		w.Header().Set("Content-Type", "application/json")
+		w.WriteHeader(http.StatusInternalServerError)
+		json.NewEncoder(w).Encode(map[string]string{
+			"error": "Erro ao atualizar senha",
+		})
+		return
+	}
+
+	w.Header().Set("Content-Type", "application/json")
+	json.NewEncoder(w).Encode(map[string]string{
+		"message": "Senha alterada com sucesso",
+	})
+}
+
+// UploadLogo faz o upload do logo do cliente
+func (h *CustomerPortalHandler) UploadLogo(w http.ResponseWriter, r *http.Request) {
+	customerID, _ := r.Context().Value(middleware.CustomerIDKey).(string)
+	tenantID, _ := r.Context().Value(middleware.TenantIDKey).(string)
+
+	if h.minioClient == nil {
+		http.Error(w, "Storage service unavailable", http.StatusServiceUnavailable)
+		return
+	}
+
+	// Parse multipart form (2MB max)
+	const maxLogoSize = 2 * 1024 * 1024
+	if err := r.ParseMultipartForm(maxLogoSize); err != nil {
+		http.Error(w, "File too large", http.StatusBadRequest)
+		return
+	}
+
+	file, header, err := r.FormFile("logo")
+	if err != nil {
+		http.Error(w, "Failed to read file", http.StatusBadRequest)
+		return
+	}
+	defer file.Close()
+
+	// Validate file type
+	contentType := header.Header.Get("Content-Type")
+	if !strings.HasPrefix(contentType, "image/") {
+		http.Error(w, "Only images are allowed", http.StatusBadRequest)
+		return
+	}
+
+	// Generate unique filename
+	ext := filepath.Ext(header.Filename)
+	if ext == "" {
+		ext = ".png" // Default extension
+	}
+	filename := fmt.Sprintf("logo-%d%s", time.Now().Unix(), ext)
+	objectPath := fmt.Sprintf("customers/%s/%s", customerID, filename)
+
+	// Upload to MinIO
+	ctx := context.Background()
+	bucketName := h.cfg.Minio.BucketName
+	
+	_, err = h.minioClient.PutObject(ctx, bucketName, objectPath, file, header.Size, minio.PutObjectOptions{
+		ContentType: contentType,
+	})
+	if err != nil {
+		log.Printf("Error uploading to MinIO: %v", err)
+		http.Error(w, "Failed to upload file", http.StatusInternalServerError)
+		return
+	}
+
+	// Generate public URL
+	logoURL := fmt.Sprintf("%s/api/files/%s/%s", h.cfg.Minio.PublicURL, bucketName, objectPath)
+
+	// Update customer in database
+	err = h.crmRepo.UpdateCustomerLogo(customerID, tenantID, logoURL)
+	if err != nil {
+		log.Printf("Error updating customer logo in DB: %v", err)
+		http.Error(w, "Failed to update profile", http.StatusInternalServerError)
+		return
+	}
+
+	w.Header().Set("Content-Type", "application/json")
+	json.NewEncoder(w).Encode(map[string]string{
+		"logo_url": logoURL,
+	})
+}

backend/internal/api/handlers/document_handler.go

@@ -0,0 +1,144 @@
+package handlers
+
+import (
+	"aggios-app/backend/internal/api/middleware"
+	"aggios-app/backend/internal/domain"
+	"aggios-app/backend/internal/repository"
+	"encoding/json"
+	"net/http"
+
+	"github.com/google/uuid"
+	"github.com/gorilla/mux"
+)
+
+type DocumentHandler struct {
+	repo *repository.DocumentRepository
+}
+
+func NewDocumentHandler(repo *repository.DocumentRepository) *DocumentHandler {
+	return &DocumentHandler{repo: repo}
+}
+
+func (h *DocumentHandler) Create(w http.ResponseWriter, r *http.Request) {
+	tenantID, _ := r.Context().Value(middleware.TenantIDKey).(string)
+	userID, _ := r.Context().Value(middleware.UserIDKey).(string)
+
+	var doc domain.Document
+	if err := json.NewDecoder(r.Body).Decode(&doc); err != nil {
+		http.Error(w, err.Error(), http.StatusBadRequest)
+		return
+	}
+
+	doc.ID = uuid.New()
+	doc.TenantID, _ = uuid.Parse(tenantID)
+	doc.CreatedBy, _ = uuid.Parse(userID)
+	doc.LastUpdatedBy, _ = uuid.Parse(userID)
+	if doc.Status == "" {
+		doc.Status = "draft"
+	}
+
+	if err := h.repo.Create(&doc); err != nil {
+		http.Error(w, err.Error(), http.StatusInternalServerError)
+		return
+	}
+
+	w.Header().Set("Content-Type", "application/json")
+	w.WriteHeader(http.StatusCreated)
+	json.NewEncoder(w).Encode(doc)
+}
+
+func (h *DocumentHandler) List(w http.ResponseWriter, r *http.Request) {
+	tenantID, _ := r.Context().Value(middleware.TenantIDKey).(string)
+
+	docs, err := h.repo.GetByTenant(tenantID)
+	if err != nil {
+		http.Error(w, err.Error(), http.StatusInternalServerError)
+		return
+	}
+
+	w.Header().Set("Content-Type", "application/json")
+	json.NewEncoder(w).Encode(docs)
+}
+
+func (h *DocumentHandler) Get(w http.ResponseWriter, r *http.Request) {
+	tenantID, _ := r.Context().Value(middleware.TenantIDKey).(string)
+	id := mux.Vars(r)["id"]
+
+	doc, err := h.repo.GetByID(id, tenantID)
+	if err != nil {
+		http.Error(w, err.Error(), http.StatusInternalServerError)
+		return
+	}
+	if doc == nil {
+		http.Error(w, "document not found", http.StatusNotFound)
+		return
+	}
+
+	w.Header().Set("Content-Type", "application/json")
+	json.NewEncoder(w).Encode(doc)
+}
+
+func (h *DocumentHandler) Update(w http.ResponseWriter, r *http.Request) {
+	tenantID, _ := r.Context().Value(middleware.TenantIDKey).(string)
+	userID, _ := r.Context().Value(middleware.UserIDKey).(string)
+	id := mux.Vars(r)["id"]
+
+	var doc domain.Document
+	if err := json.NewDecoder(r.Body).Decode(&doc); err != nil {
+		http.Error(w, err.Error(), http.StatusBadRequest)
+		return
+	}
+
+	doc.ID, _ = uuid.Parse(id)
+	doc.TenantID, _ = uuid.Parse(tenantID)
+	doc.LastUpdatedBy, _ = uuid.Parse(userID)
+
+	if err := h.repo.Update(&doc); err != nil {
+		http.Error(w, err.Error(), http.StatusInternalServerError)
+		return
+	}
+
+	w.Header().Set("Content-Type", "application/json")
+	w.WriteHeader(http.StatusOK)
+	json.NewEncoder(w).Encode(doc)
+}
+
+func (h *DocumentHandler) Delete(w http.ResponseWriter, r *http.Request) {
+	tenantID, _ := r.Context().Value(middleware.TenantIDKey).(string)
+	id := mux.Vars(r)["id"]
+
+	if err := h.repo.Delete(id, tenantID); err != nil {
+		http.Error(w, err.Error(), http.StatusInternalServerError)
+		return
+	}
+
+	w.WriteHeader(http.StatusOK)
+}
+
+func (h *DocumentHandler) GetSubpages(w http.ResponseWriter, r *http.Request) {
+	tenantID, _ := r.Context().Value(middleware.TenantIDKey).(string)
+	parentID := mux.Vars(r)["id"]
+
+	docs, err := h.repo.GetSubpages(parentID, tenantID)
+	if err != nil {
+		http.Error(w, err.Error(), http.StatusInternalServerError)
+		return
+	}
+
+	w.Header().Set("Content-Type", "application/json")
+	json.NewEncoder(w).Encode(docs)
+}
+
+func (h *DocumentHandler) GetActivities(w http.ResponseWriter, r *http.Request) {
+	tenantID, _ := r.Context().Value(middleware.TenantIDKey).(string)
+	id := mux.Vars(r)["id"]
+
+	activities, err := h.repo.GetActivities(id, tenantID)
+	if err != nil {
+		http.Error(w, err.Error(), http.StatusInternalServerError)
+		return
+	}
+
+	w.Header().Set("Content-Type", "application/json")
+	json.NewEncoder(w).Encode(activities)
+}

backend/internal/api/handlers/erp_handler.go

@@ -0,0 +1,399 @@
+package handlers
+
+import (
+	"aggios-app/backend/internal/api/middleware"
+	"aggios-app/backend/internal/domain"
+	"aggios-app/backend/internal/repository"
+	"encoding/json"
+	"log"
+	"net/http"
+	"time"
+
+	"github.com/google/uuid"
+	"github.com/gorilla/mux"
+)
+
+type ERPHandler struct {
+	repo *repository.ERPRepository
+}
+
+func NewERPHandler(repo *repository.ERPRepository) *ERPHandler {
+	return &ERPHandler{repo: repo}
+}
+
+// ==================== FINANCE ====================
+
+func (h *ERPHandler) CreateFinancialCategory(w http.ResponseWriter, r *http.Request) {
+	tenantID, _ := r.Context().Value(middleware.TenantIDKey).(string)
+	var cat domain.FinancialCategory
+	if err := json.NewDecoder(r.Body).Decode(&cat); err != nil {
+		http.Error(w, err.Error(), http.StatusBadRequest)
+		return
+	}
+	cat.ID = uuid.New()
+	cat.TenantID, _ = uuid.Parse(tenantID)
+	cat.IsActive = true
+
+	if err := h.repo.CreateFinancialCategory(&cat); err != nil {
+		http.Error(w, err.Error(), http.StatusInternalServerError)
+		return
+	}
+
+	w.Header().Set("Content-Type", "application/json")
+	w.WriteHeader(http.StatusCreated)
+	json.NewEncoder(w).Encode(cat)
+}
+
+func (h *ERPHandler) GetFinancialCategories(w http.ResponseWriter, r *http.Request) {
+	tenantID, _ := r.Context().Value(middleware.TenantIDKey).(string)
+	cats, err := h.repo.GetFinancialCategoriesByTenant(tenantID)
+	if err != nil {
+		http.Error(w, err.Error(), http.StatusInternalServerError)
+		return
+	}
+
+	w.Header().Set("Content-Type", "application/json")
+	json.NewEncoder(w).Encode(cats)
+}
+
+func (h *ERPHandler) CreateBankAccount(w http.ResponseWriter, r *http.Request) {
+	tenantID, _ := r.Context().Value(middleware.TenantIDKey).(string)
+	var acc domain.BankAccount
+	if err := json.NewDecoder(r.Body).Decode(&acc); err != nil {
+		http.Error(w, err.Error(), http.StatusBadRequest)
+		return
+	}
+	acc.ID = uuid.New()
+	acc.TenantID, _ = uuid.Parse(tenantID)
+	acc.IsActive = true
+
+	if err := h.repo.CreateBankAccount(&acc); err != nil {
+		http.Error(w, err.Error(), http.StatusInternalServerError)
+		return
+	}
+
+	w.Header().Set("Content-Type", "application/json")
+	w.WriteHeader(http.StatusCreated)
+	json.NewEncoder(w).Encode(acc)
+}
+
+func (h *ERPHandler) GetBankAccounts(w http.ResponseWriter, r *http.Request) {
+	tenantID, _ := r.Context().Value(middleware.TenantIDKey).(string)
+	accs, err := h.repo.GetBankAccountsByTenant(tenantID)
+	if err != nil {
+		http.Error(w, err.Error(), http.StatusInternalServerError)
+		return
+	}
+
+	w.Header().Set("Content-Type", "application/json")
+	json.NewEncoder(w).Encode(accs)
+}
+
+func (h *ERPHandler) CreateTransaction(w http.ResponseWriter, r *http.Request) {
+	tenantID, _ := r.Context().Value(middleware.TenantIDKey).(string)
+	userID, _ := r.Context().Value(middleware.UserIDKey).(string)
+	var t domain.FinancialTransaction
+	if err := json.NewDecoder(r.Body).Decode(&t); err != nil {
+		http.Error(w, err.Error(), http.StatusBadRequest)
+		return
+	}
+	t.ID = uuid.New()
+	t.TenantID, _ = uuid.Parse(tenantID)
+	t.CreatedBy, _ = uuid.Parse(userID)
+
+	if err := h.repo.CreateTransaction(&t); err != nil {
+		http.Error(w, err.Error(), http.StatusInternalServerError)
+		return
+	}
+
+	w.Header().Set("Content-Type", "application/json")
+	w.WriteHeader(http.StatusCreated)
+	json.NewEncoder(w).Encode(t)
+}
+
+func (h *ERPHandler) GetTransactions(w http.ResponseWriter, r *http.Request) {
+	tenantID, _ := r.Context().Value(middleware.TenantIDKey).(string)
+	txs, err := h.repo.GetTransactionsByTenant(tenantID)
+	if err != nil {
+		http.Error(w, err.Error(), http.StatusInternalServerError)
+		return
+	}
+
+	w.Header().Set("Content-Type", "application/json")
+	json.NewEncoder(w).Encode(txs)
+}
+
+// ==================== PRODUCTS ====================
+
+func (h *ERPHandler) CreateProduct(w http.ResponseWriter, r *http.Request) {
+	tenantID, _ := r.Context().Value(middleware.TenantIDKey).(string)
+	var p domain.Product
+	if err := json.NewDecoder(r.Body).Decode(&p); err != nil {
+		http.Error(w, err.Error(), http.StatusBadRequest)
+		return
+	}
+	p.ID = uuid.New()
+	p.TenantID, _ = uuid.Parse(tenantID)
+	p.IsActive = true
+
+	if err := h.repo.CreateProduct(&p); err != nil {
+		http.Error(w, err.Error(), http.StatusInternalServerError)
+		return
+	}
+
+	w.Header().Set("Content-Type", "application/json")
+	w.WriteHeader(http.StatusCreated)
+	json.NewEncoder(w).Encode(p)
+}
+
+func (h *ERPHandler) GetProducts(w http.ResponseWriter, r *http.Request) {
+	tenantID, _ := r.Context().Value(middleware.TenantIDKey).(string)
+	products, err := h.repo.GetProductsByTenant(tenantID)
+	if err != nil {
+		http.Error(w, err.Error(), http.StatusInternalServerError)
+		return
+	}
+
+	w.Header().Set("Content-Type", "application/json")
+	json.NewEncoder(w).Encode(products)
+}
+
+// ==================== ORDERS ====================
+
+type createOrderRequest struct {
+	Order domain.Order       `json:"order"`
+	Items []domain.OrderItem `json:"items"`
+}
+
+func (h *ERPHandler) CreateOrder(w http.ResponseWriter, r *http.Request) {
+	tenantID, _ := r.Context().Value(middleware.TenantIDKey).(string)
+	userID, _ := r.Context().Value(middleware.UserIDKey).(string)
+	var req createOrderRequest
+	if err := json.NewDecoder(r.Body).Decode(&req); err != nil {
+		http.Error(w, err.Error(), http.StatusBadRequest)
+		return
+	}
+
+	req.Order.ID = uuid.New()
+	req.Order.TenantID, _ = uuid.Parse(tenantID)
+	req.Order.CreatedBy, _ = uuid.Parse(userID)
+	if req.Order.Status == "" {
+		req.Order.Status = "draft"
+	}
+
+	for i := range req.Items {
+		req.Items[i].ID = uuid.New()
+		req.Items[i].OrderID = req.Order.ID
+		req.Items[i].CreatedAt = time.Now()
+	}
+
+	if err := h.repo.CreateOrder(&req.Order, req.Items); err != nil {
+		http.Error(w, err.Error(), http.StatusInternalServerError)
+		return
+	}
+
+	w.Header().Set("Content-Type", "application/json")
+	w.WriteHeader(http.StatusCreated)
+	json.NewEncoder(w).Encode(req.Order)
+}
+
+func (h *ERPHandler) GetOrders(w http.ResponseWriter, r *http.Request) {
+	tenantID, _ := r.Context().Value(middleware.TenantIDKey).(string)
+	orders, err := h.repo.GetOrdersByTenant(tenantID)
+	if err != nil {
+		http.Error(w, err.Error(), http.StatusInternalServerError)
+		return
+	}
+
+	w.Header().Set("Content-Type", "application/json")
+	json.NewEncoder(w).Encode(orders)
+}
+
+// ==================== ENTITIES ====================
+
+func (h *ERPHandler) CreateEntity(w http.ResponseWriter, r *http.Request) {
+	tenantID, _ := r.Context().Value(middleware.TenantIDKey).(string)
+	var e domain.Entity
+	if err := json.NewDecoder(r.Body).Decode(&e); err != nil {
+		http.Error(w, err.Error(), http.StatusBadRequest)
+		return
+	}
+	e.ID = uuid.New()
+	e.TenantID, _ = uuid.Parse(tenantID)
+	if e.Status == "" {
+		e.Status = "active"
+	}
+
+	if err := h.repo.CreateEntity(&e); err != nil {
+		http.Error(w, err.Error(), http.StatusInternalServerError)
+		return
+	}
+
+	w.Header().Set("Content-Type", "application/json")
+	w.WriteHeader(http.StatusCreated)
+	json.NewEncoder(w).Encode(e)
+}
+
+func (h *ERPHandler) GetEntities(w http.ResponseWriter, r *http.Request) {
+	tenantID, _ := r.Context().Value(middleware.TenantIDKey).(string)
+	entityType := r.URL.Query().Get("type") // customer or supplier
+
+	entities, err := h.repo.GetEntitiesByTenant(tenantID, entityType)
+	if err != nil {
+		http.Error(w, err.Error(), http.StatusInternalServerError)
+		return
+	}
+
+	w.Header().Set("Content-Type", "application/json")
+	json.NewEncoder(w).Encode(entities)
+}
+func (h *ERPHandler) UpdateTransaction(w http.ResponseWriter, r *http.Request) {
+	tenantID, _ := r.Context().Value(middleware.TenantIDKey).(string)
+	idStr := mux.Vars(r)["id"]
+	id, err := uuid.Parse(idStr)
+	if err != nil {
+		http.Error(w, "invalid id", http.StatusBadRequest)
+		return
+	}
+
+	var t domain.FinancialTransaction
+	if err := json.NewDecoder(r.Body).Decode(&t); err != nil {
+		http.Error(w, err.Error(), http.StatusBadRequest)
+		return
+	}
+	t.ID = id
+	t.TenantID, _ = uuid.Parse(tenantID)
+
+	if err := h.repo.UpdateTransaction(&t); err != nil {
+		http.Error(w, err.Error(), http.StatusInternalServerError)
+		return
+	}
+	w.WriteHeader(http.StatusOK)
+}
+
+func (h *ERPHandler) DeleteTransaction(w http.ResponseWriter, r *http.Request) {
+	tenantID, _ := r.Context().Value(middleware.TenantIDKey).(string)
+	idStr := mux.Vars(r)["id"]
+	if err := h.repo.DeleteTransaction(idStr, tenantID); err != nil {
+		log.Printf("❌ Error deleting transaction: %v", err)
+		http.Error(w, err.Error(), http.StatusInternalServerError)
+		return
+	}
+	w.WriteHeader(http.StatusOK)
+}
+
+func (h *ERPHandler) UpdateEntity(w http.ResponseWriter, r *http.Request) {
+	tenantID, _ := r.Context().Value(middleware.TenantIDKey).(string)
+	idStr := mux.Vars(r)["id"]
+	id, err := uuid.Parse(idStr)
+	if err != nil {
+		http.Error(w, "invalid id", http.StatusBadRequest)
+		return
+	}
+
+	var e domain.Entity
+	if err := json.NewDecoder(r.Body).Decode(&e); err != nil {
+		http.Error(w, err.Error(), http.StatusBadRequest)
+		return
+	}
+	e.ID = id
+	e.TenantID, _ = uuid.Parse(tenantID)
+
+	if err := h.repo.UpdateEntity(&e); err != nil {
+		http.Error(w, err.Error(), http.StatusInternalServerError)
+		return
+	}
+	w.WriteHeader(http.StatusOK)
+}
+
+func (h *ERPHandler) DeleteEntity(w http.ResponseWriter, r *http.Request) {
+	tenantID, _ := r.Context().Value(middleware.TenantIDKey).(string)
+	idStr := mux.Vars(r)["id"]
+	if err := h.repo.DeleteEntity(idStr, tenantID); err != nil {
+		log.Printf("❌ Error deleting entity: %v", err)
+		http.Error(w, err.Error(), http.StatusInternalServerError)
+		return
+	}
+	w.WriteHeader(http.StatusOK)
+}
+
+func (h *ERPHandler) UpdateProduct(w http.ResponseWriter, r *http.Request) {
+	tenantID, _ := r.Context().Value(middleware.TenantIDKey).(string)
+	idStr := mux.Vars(r)["id"]
+	id, err := uuid.Parse(idStr)
+	if err != nil {
+		http.Error(w, "invalid id", http.StatusBadRequest)
+		return
+	}
+
+	var p domain.Product
+	if err := json.NewDecoder(r.Body).Decode(&p); err != nil {
+		http.Error(w, err.Error(), http.StatusBadRequest)
+		return
+	}
+	p.ID = id
+	p.TenantID, _ = uuid.Parse(tenantID)
+
+	if err := h.repo.UpdateProduct(&p); err != nil {
+		http.Error(w, err.Error(), http.StatusInternalServerError)
+		return
+	}
+	w.WriteHeader(http.StatusOK)
+}
+
+func (h *ERPHandler) DeleteProduct(w http.ResponseWriter, r *http.Request) {
+	tenantID, _ := r.Context().Value(middleware.TenantIDKey).(string)
+	idStr := mux.Vars(r)["id"]
+	if err := h.repo.DeleteProduct(idStr, tenantID); err != nil {
+		log.Printf("❌ Error deleting product: %v", err)
+		http.Error(w, err.Error(), http.StatusInternalServerError)
+		return
+	}
+	w.WriteHeader(http.StatusOK)
+}
+
+func (h *ERPHandler) UpdateBankAccount(w http.ResponseWriter, r *http.Request) {
+	tenantID, _ := r.Context().Value(middleware.TenantIDKey).(string)
+	idStr := mux.Vars(r)["id"]
+	id, err := uuid.Parse(idStr)
+	if err != nil {
+		http.Error(w, "invalid id", http.StatusBadRequest)
+		return
+	}
+
+	var a domain.BankAccount
+	if err := json.NewDecoder(r.Body).Decode(&a); err != nil {
+		http.Error(w, err.Error(), http.StatusBadRequest)
+		return
+	}
+	a.ID = id
+	a.TenantID, _ = uuid.Parse(tenantID)
+
+	if err := h.repo.UpdateBankAccount(&a); err != nil {
+		http.Error(w, err.Error(), http.StatusInternalServerError)
+		return
+	}
+	w.WriteHeader(http.StatusOK)
+}
+
+func (h *ERPHandler) DeleteBankAccount(w http.ResponseWriter, r *http.Request) {
+	tenantID, _ := r.Context().Value(middleware.TenantIDKey).(string)
+	idStr := mux.Vars(r)["id"]
+	if err := h.repo.DeleteBankAccount(idStr, tenantID); err != nil {
+		log.Printf("❌ Error deleting bank account: %v", err)
+		http.Error(w, err.Error(), http.StatusInternalServerError)
+		return
+	}
+	w.WriteHeader(http.StatusOK)
+}
+
+func (h *ERPHandler) DeleteOrder(w http.ResponseWriter, r *http.Request) {
+	tenantID, _ := r.Context().Value(middleware.TenantIDKey).(string)
+	idStr := mux.Vars(r)["id"]
+	if err := h.repo.DeleteOrder(idStr, tenantID); err != nil {
+		log.Printf("❌ Error deleting order: %v", err)
+		http.Error(w, err.Error(), http.StatusInternalServerError)
+		return
+	}
+	w.WriteHeader(http.StatusOK)
+}

backend/internal/api/handlers/export.go

@@ -0,0 +1,210 @@
+package handlers
+
+import (
+	"aggios-app/backend/internal/api/middleware"
+	"aggios-app/backend/internal/domain"
+	"encoding/csv"
+	"encoding/json"
+	"fmt"
+	"log"
+	"net/http"
+	"strings"
+
+	"github.com/xuri/excelize/v2"
+)
+
+// ExportLeads handles exporting leads in different formats
+func (h *CRMHandler) ExportLeads(w http.ResponseWriter, r *http.Request) {
+	tenantID, _ := r.Context().Value(middleware.TenantIDKey).(string)
+	if tenantID == "" {
+		w.WriteHeader(http.StatusBadRequest)
+		json.NewEncoder(w).Encode(map[string]string{"error": "Missing tenant_id"})
+		return
+	}
+
+	format := r.URL.Query().Get("format")
+	if format == "" {
+		format = "csv"
+	}
+
+	customerID := r.URL.Query().Get("customer_id")
+	campaignID := r.URL.Query().Get("campaign_id")
+
+	var leads []domain.CRMLead
+	var err error
+
+	if campaignID != "" {
+		leads, err = h.repo.GetLeadsByListID(campaignID)
+	} else if customerID != "" {
+		leads, err = h.repo.GetLeadsByTenant(tenantID)
+		// Filter by customer manually
+		filtered := []domain.CRMLead{}
+		for _, lead := range leads {
+			if lead.CustomerID != nil && *lead.CustomerID == customerID {
+				filtered = append(filtered, lead)
+			}
+		}
+		leads = filtered
+	} else {
+		leads, err = h.repo.GetLeadsByTenant(tenantID)
+	}
+
+	if err != nil {
+		log.Printf("ExportLeads: Error fetching leads: %v", err)
+		w.WriteHeader(http.StatusInternalServerError)
+		json.NewEncoder(w).Encode(map[string]string{"error": "Failed to fetch leads"})
+		return
+	}
+
+	switch strings.ToLower(format) {
+	case "json":
+		exportJSON(w, leads)
+	case "xlsx", "excel":
+		exportXLSX(w, leads)
+	default:
+		exportCSV(w, leads)
+	}
+}
+
+func exportJSON(w http.ResponseWriter, leads []domain.CRMLead) {
+	w.Header().Set("Content-Type", "application/json")
+	w.Header().Set("Content-Disposition", "attachment; filename=leads.json")
+
+	json.NewEncoder(w).Encode(map[string]interface{}{
+		"leads": leads,
+		"count": len(leads),
+	})
+}
+
+func exportCSV(w http.ResponseWriter, leads []domain.CRMLead) {
+	w.Header().Set("Content-Type", "text/csv")
+	w.Header().Set("Content-Disposition", "attachment; filename=leads.csv")
+
+	writer := csv.NewWriter(w)
+	defer writer.Flush()
+
+	// Header
+	header := []string{"ID", "Nome", "Email", "Telefone", "Status", "Origem", "Notas", "Tags", "Criado Em"}
+	writer.Write(header)
+
+	// Data
+	for _, lead := range leads {
+		tags := ""
+		if len(lead.Tags) > 0 {
+			tags = strings.Join(lead.Tags, ", ")
+		}
+
+		phone := ""
+		if lead.Phone != "" {
+			phone = lead.Phone
+		}
+
+		notes := ""
+		if lead.Notes != "" {
+			notes = lead.Notes
+		}
+
+		row := []string{
+			lead.ID,
+			lead.Name,
+			lead.Email,
+			phone,
+			lead.Status,
+			lead.Source,
+			notes,
+			tags,
+			lead.CreatedAt.Format("02/01/2006 15:04"),
+		}
+		writer.Write(row)
+	}
+}
+
+func exportXLSX(w http.ResponseWriter, leads []domain.CRMLead) {
+	f := excelize.NewFile()
+	defer f.Close()
+
+	sheetName := "Leads"
+	index, err := f.NewSheet(sheetName)
+	if err != nil {
+		log.Printf("Error creating sheet: %v", err)
+		w.WriteHeader(http.StatusInternalServerError)
+		return
+	}
+
+	// Set active sheet
+	f.SetActiveSheet(index)
+
+	// Header style
+	headerStyle, _ := f.NewStyle(&excelize.Style{
+		Font: &excelize.Font{
+			Bold: true,
+			Size: 12,
+		},
+		Fill: excelize.Fill{
+			Type:    "pattern",
+			Color:   []string{"#4472C4"},
+			Pattern: 1,
+		},
+		Alignment: &excelize.Alignment{
+			Horizontal: "center",
+			Vertical:   "center",
+		},
+	})
+
+	// Headers
+	headers := []string{"ID", "Nome", "Email", "Telefone", "Status", "Origem", "Notas", "Tags", "Criado Em"}
+	for i, header := range headers {
+		cell := fmt.Sprintf("%s1", string(rune('A'+i)))
+		f.SetCellValue(sheetName, cell, header)
+		f.SetCellStyle(sheetName, cell, cell, headerStyle)
+	}
+
+	// Data
+	for i, lead := range leads {
+		row := i + 2
+
+		tags := ""
+		if len(lead.Tags) > 0 {
+			tags = strings.Join(lead.Tags, ", ")
+		}
+
+		phone := ""
+		if lead.Phone != "" {
+			phone = lead.Phone
+		}
+
+		notes := ""
+		if lead.Notes != "" {
+			notes = lead.Notes
+		}
+
+		f.SetCellValue(sheetName, fmt.Sprintf("A%d", row), lead.ID)
+		f.SetCellValue(sheetName, fmt.Sprintf("B%d", row), lead.Name)
+		f.SetCellValue(sheetName, fmt.Sprintf("C%d", row), lead.Email)
+		f.SetCellValue(sheetName, fmt.Sprintf("D%d", row), phone)
+		f.SetCellValue(sheetName, fmt.Sprintf("E%d", row), lead.Status)
+		f.SetCellValue(sheetName, fmt.Sprintf("F%d", row), lead.Source)
+		f.SetCellValue(sheetName, fmt.Sprintf("G%d", row), notes)
+		f.SetCellValue(sheetName, fmt.Sprintf("H%d", row), tags)
+		f.SetCellValue(sheetName, fmt.Sprintf("I%d", row), lead.CreatedAt.Format("02/01/2006 15:04"))
+	}
+
+	// Auto-adjust column widths
+	for i := 0; i < len(headers); i++ {
+		col := string(rune('A' + i))
+		f.SetColWidth(sheetName, col, col, 15)
+	}
+	f.SetColWidth(sheetName, "B", "B", 25) // Nome
+	f.SetColWidth(sheetName, "C", "C", 30) // Email
+	f.SetColWidth(sheetName, "G", "G", 40) // Notas
+
+	// Delete default sheet if exists
+	f.DeleteSheet("Sheet1")
+
+	w.Header().Set("Content-Type", "application/vnd.openxmlformats-officedocument.spreadsheetml.sheet")
+	w.Header().Set("Content-Disposition", "attachment; filename=leads.xlsx")
+
+	if err := f.Write(w); err != nil {
+		log.Printf("Error writing xlsx: %v", err)
+	}
+}

backend/internal/api/handlers/files.go

@@ -0,0 +1,104 @@
+package handlers
+
+import (
+	"context"
+	"fmt"
+	"io"
+	"log"
+	"net/http"
+	"strings"
+
+	"aggios-app/backend/internal/config"
+
+	"github.com/gorilla/mux"
+	"github.com/minio/minio-go/v7"
+	"github.com/minio/minio-go/v7/pkg/credentials"
+)
+
+type FilesHandler struct {
+	config *config.Config
+}
+
+func NewFilesHandler(cfg *config.Config) *FilesHandler {
+	return &FilesHandler{
+		config: cfg,
+	}
+}
+
+// ServeFile serves files from MinIO through the API
+func (h *FilesHandler) ServeFile(w http.ResponseWriter, r *http.Request) {
+	vars := mux.Vars(r)
+	bucket := vars["bucket"]
+	
+	// Get the file path (everything after /api/files/{bucket}/)
+	prefix := fmt.Sprintf("/api/files/%s/", bucket)
+	filePath := strings.TrimPrefix(r.URL.Path, prefix)
+	
+	if filePath == "" {
+		http.Error(w, "File path is required", http.StatusBadRequest)
+		return
+	}
+
+	// Whitelist de buckets públicos permitidos
+	allowedBuckets := map[string]bool{
+		"aggios-logos": true,
+	}
+	if !allowedBuckets[bucket] {
+		log.Printf("🚫 Access denied to bucket: %s", bucket)
+		http.Error(w, "Access denied", http.StatusForbidden)
+		return
+	}
+
+	// Proteção contra path traversal
+	if strings.Contains(filePath, "..") {
+		log.Printf("🚫 Path traversal attempt detected: %s", filePath)
+		http.Error(w, "Invalid path", http.StatusBadRequest)
+		return
+	}
+
+	log.Printf("📁 Serving file: bucket=%s, path=%s", bucket, filePath)
+
+	// Initialize MinIO client
+	minioClient, err := minio.New("aggios-minio:9000", &minio.Options{
+		Creds:  credentials.NewStaticV4("minioadmin", "M1n10_S3cur3_P@ss_2025!", ""),
+		Secure: false,
+	})
+	if err != nil {
+		log.Printf("Failed to create MinIO client: %v", err)
+		http.Error(w, "Storage service unavailable", http.StatusInternalServerError)
+		return
+	}
+
+	// Get object from MinIO
+	ctx := context.Background()
+	object, err := minioClient.GetObject(ctx, bucket, filePath, minio.GetObjectOptions{})
+	if err != nil {
+		log.Printf("Failed to get object: %v", err)
+		http.Error(w, "File not found", http.StatusNotFound)
+		return
+	}
+	defer object.Close()
+
+	// Get object info for content type and size
+	objInfo, err := object.Stat()
+	if err != nil {
+		log.Printf("Failed to stat object: %v", err)
+		http.Error(w, "File not found", http.StatusNotFound)
+		return
+	}
+
+	// Set appropriate headers
+	w.Header().Set("Content-Type", objInfo.ContentType)
+	w.Header().Set("Content-Length", fmt.Sprintf("%d", objInfo.Size))
+	w.Header().Set("Cache-Control", "public, max-age=31536000") // Cache for 1 year
+	w.Header().Set("Access-Control-Allow-Origin", "*")
+
+	// Copy file content to response
+	_, err = io.Copy(w, object)
+	if err != nil {
+		log.Printf("Failed to copy object content: %v", err)
+		return
+	}
+
+	log.Printf("✅ File served successfully: %s", filePath)
+}

backend/internal/api/handlers/plan.go

@@ -0,0 +1,274 @@
+package handlers
+
+import (
+	"encoding/json"
+	"log"
+	"net/http"
+	"strconv"
+
+	"aggios-app/backend/internal/domain"
+	"aggios-app/backend/internal/service"
+
+	"github.com/google/uuid"
+	"github.com/gorilla/mux"
+)
+
+// PlanHandler handles plan-related endpoints
+type PlanHandler struct {
+	planService *service.PlanService
+}
+
+// NewPlanHandler creates a new plan handler
+func NewPlanHandler(planService *service.PlanService) *PlanHandler {
+	return &PlanHandler{
+		planService: planService,
+	}
+}
+
+// RegisterRoutes registers plan routes
+func (h *PlanHandler) RegisterRoutes(r *mux.Router) {
+	// Note: Route protection is done in main.go with authMiddleware wrapper
+	r.HandleFunc("/api/admin/plans", h.CreatePlan).Methods(http.MethodPost)
+	r.HandleFunc("/api/admin/plans", h.ListPlans).Methods(http.MethodGet)
+	r.HandleFunc("/api/admin/plans/{id}", h.GetPlan).Methods(http.MethodGet)
+	r.HandleFunc("/api/admin/plans/{id}", h.UpdatePlan).Methods(http.MethodPut)
+	r.HandleFunc("/api/admin/plans/{id}", h.DeletePlan).Methods(http.MethodDelete)
+
+	// Public routes (for signup flow)
+	r.HandleFunc("/api/plans", h.ListActivePlans).Methods(http.MethodGet)
+	r.HandleFunc("/api/plans/{id}", h.GetActivePlan).Methods(http.MethodGet)
+}
+
+// CreatePlan creates a new plan (admin only)
+func (h *PlanHandler) CreatePlan(w http.ResponseWriter, r *http.Request) {
+	log.Printf("📋 CREATE PLAN - Method: %s", r.Method)
+
+	var req domain.CreatePlanRequest
+	if err := json.NewDecoder(r.Body).Decode(&req); err != nil {
+		log.Printf("❌ Invalid request body: %v", err)
+		w.Header().Set("Content-Type", "application/json")
+		w.WriteHeader(http.StatusBadRequest)
+		json.NewEncoder(w).Encode(map[string]string{"error": "Invalid request body", "message": err.Error()})
+		return
+	}
+
+	plan, err := h.planService.CreatePlan(&req)
+	if err != nil {
+		log.Printf("❌ Error creating plan: %v", err)
+		w.Header().Set("Content-Type", "application/json")
+		switch err {
+		case service.ErrPlanSlugTaken:
+			w.WriteHeader(http.StatusConflict)
+			json.NewEncoder(w).Encode(map[string]string{"error": "Slug already taken", "message": err.Error()})
+		case service.ErrInvalidUserRange:
+			w.WriteHeader(http.StatusBadRequest)
+			json.NewEncoder(w).Encode(map[string]string{"error": "Invalid user range", "message": err.Error()})
+		default:
+			w.WriteHeader(http.StatusInternalServerError)
+			json.NewEncoder(w).Encode(map[string]string{"error": "Internal server error", "message": err.Error()})
+		}
+		return
+	}
+
+	w.Header().Set("Content-Type", "application/json")
+	w.WriteHeader(http.StatusCreated)
+	json.NewEncoder(w).Encode(map[string]interface{}{
+		"message": "Plan created successfully",
+		"plan":    plan,
+	})
+	log.Printf("✅ Plan created: %s", plan.ID)
+}
+
+// GetPlan retrieves a plan by ID (admin only)
+func (h *PlanHandler) GetPlan(w http.ResponseWriter, r *http.Request) {
+	vars := mux.Vars(r)
+	idStr := vars["id"]
+
+	id, err := uuid.Parse(idStr)
+	if err != nil {
+		http.Error(w, "Invalid plan ID", http.StatusBadRequest)
+		return
+	}
+
+	plan, err := h.planService.GetPlan(id)
+	if err != nil {
+		if err == service.ErrPlanNotFound {
+			http.Error(w, "Plan not found", http.StatusNotFound)
+		} else {
+			http.Error(w, "Internal server error", http.StatusInternalServerError)
+		}
+		return
+	}
+
+	w.Header().Set("Content-Type", "application/json")
+	json.NewEncoder(w).Encode(map[string]interface{}{
+		"plan": plan,
+	})
+}
+
+// ListPlans retrieves all plans (admin only)
+func (h *PlanHandler) ListPlans(w http.ResponseWriter, r *http.Request) {
+	plans, err := h.planService.ListPlans()
+	if err != nil {
+		log.Printf("❌ Error listing plans: %v", err)
+		http.Error(w, "Internal server error", http.StatusInternalServerError)
+		return
+	}
+
+	w.Header().Set("Content-Type", "application/json")
+	json.NewEncoder(w).Encode(map[string]interface{}{
+		"plans": plans,
+	})
+	log.Printf("✅ Listed %d plans", len(plans))
+}
+
+// ListActivePlans retrieves all active plans (public)
+func (h *PlanHandler) ListActivePlans(w http.ResponseWriter, r *http.Request) {
+	plans, err := h.planService.ListActivePlans()
+	if err != nil {
+		log.Printf("❌ Error listing active plans: %v", err)
+		http.Error(w, "Internal server error", http.StatusInternalServerError)
+		return
+	}
+
+	w.Header().Set("Content-Type", "application/json")
+	json.NewEncoder(w).Encode(map[string]interface{}{
+		"plans": plans,
+	})
+}
+
+// GetActivePlan retrieves an active plan by ID (public)
+func (h *PlanHandler) GetActivePlan(w http.ResponseWriter, r *http.Request) {
+	vars := mux.Vars(r)
+	idStr := vars["id"]
+
+	id, err := uuid.Parse(idStr)
+	if err != nil {
+		http.Error(w, "Invalid plan ID", http.StatusBadRequest)
+		return
+	}
+
+	plan, err := h.planService.GetPlan(id)
+	if err != nil {
+		if err == service.ErrPlanNotFound {
+			http.Error(w, "Plan not found", http.StatusNotFound)
+		} else {
+			http.Error(w, "Internal server error", http.StatusInternalServerError)
+		}
+		return
+	}
+
+	// Check if plan is active
+	if !plan.IsActive {
+		http.Error(w, "Plan not available", http.StatusNotFound)
+		return
+	}
+
+	w.Header().Set("Content-Type", "application/json")
+	json.NewEncoder(w).Encode(map[string]interface{}{
+		"plan": plan,
+	})
+}
+
+// UpdatePlan updates a plan (admin only)
+func (h *PlanHandler) UpdatePlan(w http.ResponseWriter, r *http.Request) {
+	log.Printf("📋 UPDATE PLAN - Method: %s", r.Method)
+
+	vars := mux.Vars(r)
+	idStr := vars["id"]
+
+	id, err := uuid.Parse(idStr)
+	if err != nil {
+		http.Error(w, "Invalid plan ID", http.StatusBadRequest)
+		return
+	}
+
+	var req domain.UpdatePlanRequest
+	if err := json.NewDecoder(r.Body).Decode(&req); err != nil {
+		log.Printf("❌ Invalid request body: %v", err)
+		http.Error(w, "Invalid request body", http.StatusBadRequest)
+		return
+	}
+
+	plan, err := h.planService.UpdatePlan(id, &req)
+	if err != nil {
+		log.Printf("❌ Error updating plan: %v", err)
+		switch err {
+		case service.ErrPlanNotFound:
+			http.Error(w, "Plan not found", http.StatusNotFound)
+		case service.ErrPlanSlugTaken:
+			http.Error(w, err.Error(), http.StatusConflict)
+		case service.ErrInvalidUserRange:
+			http.Error(w, err.Error(), http.StatusBadRequest)
+		default:
+			http.Error(w, "Internal server error", http.StatusInternalServerError)
+		}
+		return
+	}
+
+	w.Header().Set("Content-Type", "application/json")
+	json.NewEncoder(w).Encode(map[string]interface{}{
+		"message": "Plan updated successfully",
+		"plan":    plan,
+	})
+	log.Printf("✅ Plan updated: %s", plan.ID)
+}
+
+// DeletePlan deletes a plan (admin only)
+func (h *PlanHandler) DeletePlan(w http.ResponseWriter, r *http.Request) {
+	log.Printf("📋 DELETE PLAN - Method: %s", r.Method)
+
+	vars := mux.Vars(r)
+	idStr := vars["id"]
+
+	id, err := uuid.Parse(idStr)
+	if err != nil {
+		http.Error(w, "Invalid plan ID", http.StatusBadRequest)
+		return
+	}
+
+	err = h.planService.DeletePlan(id)
+	if err != nil {
+		log.Printf("❌ Error deleting plan: %v", err)
+		switch err {
+		case service.ErrPlanNotFound:
+			http.Error(w, "Plan not found", http.StatusNotFound)
+		default:
+			http.Error(w, "Internal server error", http.StatusInternalServerError)
+		}
+		return
+	}
+
+	w.Header().Set("Content-Type", "application/json")
+	w.WriteHeader(http.StatusOK)
+	json.NewEncoder(w).Encode(map[string]interface{}{
+		"message": "Plan deleted successfully",
+	})
+	log.Printf("✅ Plan deleted: %s", idStr)
+}
+
+// GetPlanByUserCount returns a plan for a given user count
+func (h *PlanHandler) GetPlanByUserCount(w http.ResponseWriter, r *http.Request) {
+	userCountStr := r.URL.Query().Get("user_count")
+	if userCountStr == "" {
+		http.Error(w, "user_count parameter required", http.StatusBadRequest)
+		return
+	}
+
+	userCount, err := strconv.Atoi(userCountStr)
+	if err != nil {
+		http.Error(w, "Invalid user_count", http.StatusBadRequest)
+		return
+	}
+
+	plan, err := h.planService.GetPlanByUserCount(userCount)
+	if err != nil {
+		http.Error(w, "No plan available for this user count", http.StatusNotFound)
+		return
+	}
+
+	w.Header().Set("Content-Type", "application/json")
+	json.NewEncoder(w).Encode(map[string]interface{}{
+		"plan": plan,
+	})
+}

backend/internal/api/handlers/solution.go

@@ -0,0 +1,252 @@
+package handlers
+
+import (
+	"aggios-app/backend/internal/domain"
+	"aggios-app/backend/internal/repository"
+	"aggios-app/backend/internal/api/middleware"
+	"encoding/json"
+	"log"
+	"net/http"
+
+	"github.com/google/uuid"
+	"github.com/gorilla/mux"
+)
+
+type SolutionHandler struct {
+	repo *repository.SolutionRepository
+}
+
+func NewSolutionHandler(repo *repository.SolutionRepository) *SolutionHandler {
+	return &SolutionHandler{repo: repo}
+}
+
+// ==================== CRUD SOLUTIONS (SUPERADMIN) ====================
+
+func (h *SolutionHandler) CreateSolution(w http.ResponseWriter, r *http.Request) {
+	var solution domain.Solution
+	if err := json.NewDecoder(r.Body).Decode(&solution); err != nil {
+		w.Header().Set("Content-Type", "application/json")
+		w.WriteHeader(http.StatusBadRequest)
+		json.NewEncoder(w).Encode(map[string]string{
+			"error":   "Invalid request body",
+			"message": err.Error(),
+		})
+		return
+	}
+
+	solution.ID = uuid.New().String()
+
+	if err := h.repo.CreateSolution(&solution); err != nil {
+		w.Header().Set("Content-Type", "application/json")
+		w.WriteHeader(http.StatusInternalServerError)
+		json.NewEncoder(w).Encode(map[string]string{
+			"error":   "Failed to create solution",
+			"message": err.Error(),
+		})
+		return
+	}
+
+	w.Header().Set("Content-Type", "application/json")
+	w.WriteHeader(http.StatusCreated)
+	json.NewEncoder(w).Encode(map[string]interface{}{
+		"solution": solution,
+	})
+}
+
+func (h *SolutionHandler) GetAllSolutions(w http.ResponseWriter, r *http.Request) {
+	solutions, err := h.repo.GetAllSolutions()
+	if err != nil {
+		w.Header().Set("Content-Type", "application/json")
+		w.WriteHeader(http.StatusInternalServerError)
+		json.NewEncoder(w).Encode(map[string]string{
+			"error":   "Failed to fetch solutions",
+			"message": err.Error(),
+		})
+		return
+	}
+
+	if solutions == nil {
+		solutions = []domain.Solution{}
+	}
+
+	w.Header().Set("Content-Type", "application/json")
+	json.NewEncoder(w).Encode(map[string]interface{}{
+		"solutions": solutions,
+	})
+}
+
+func (h *SolutionHandler) GetSolution(w http.ResponseWriter, r *http.Request) {
+	vars := mux.Vars(r)
+	solutionID := vars["id"]
+
+	solution, err := h.repo.GetSolutionByID(solutionID)
+	if err != nil {
+		w.Header().Set("Content-Type", "application/json")
+		w.WriteHeader(http.StatusNotFound)
+		json.NewEncoder(w).Encode(map[string]string{
+			"error":   "Solution not found",
+			"message": err.Error(),
+		})
+		return
+	}
+
+	w.Header().Set("Content-Type", "application/json")
+	json.NewEncoder(w).Encode(map[string]interface{}{
+		"solution": solution,
+	})
+}
+
+func (h *SolutionHandler) UpdateSolution(w http.ResponseWriter, r *http.Request) {
+	vars := mux.Vars(r)
+	solutionID := vars["id"]
+
+	var solution domain.Solution
+	if err := json.NewDecoder(r.Body).Decode(&solution); err != nil {
+		w.Header().Set("Content-Type", "application/json")
+		w.WriteHeader(http.StatusBadRequest)
+		json.NewEncoder(w).Encode(map[string]string{
+			"error":   "Invalid request body",
+			"message": err.Error(),
+		})
+		return
+	}
+
+	solution.ID = solutionID
+
+	if err := h.repo.UpdateSolution(&solution); err != nil {
+		w.Header().Set("Content-Type", "application/json")
+		w.WriteHeader(http.StatusInternalServerError)
+		json.NewEncoder(w).Encode(map[string]string{
+			"error":   "Failed to update solution",
+			"message": err.Error(),
+		})
+		return
+	}
+
+	w.Header().Set("Content-Type", "application/json")
+	json.NewEncoder(w).Encode(map[string]string{
+		"message": "Solution updated successfully",
+	})
+}
+
+func (h *SolutionHandler) DeleteSolution(w http.ResponseWriter, r *http.Request) {
+	vars := mux.Vars(r)
+	solutionID := vars["id"]
+
+	if err := h.repo.DeleteSolution(solutionID); err != nil {
+		w.Header().Set("Content-Type", "application/json")
+		w.WriteHeader(http.StatusInternalServerError)
+		json.NewEncoder(w).Encode(map[string]string{
+			"error":   "Failed to delete solution",
+			"message": err.Error(),
+		})
+		return
+	}
+
+	w.Header().Set("Content-Type", "application/json")
+	json.NewEncoder(w).Encode(map[string]string{
+		"message": "Solution deleted successfully",
+	})
+}
+
+// ==================== TENANT SOLUTIONS (AGENCY) ====================
+
+func (h *SolutionHandler) GetTenantSolutions(w http.ResponseWriter, r *http.Request) {
+	tenantID, _ := r.Context().Value(middleware.TenantIDKey).(string)
+	
+	log.Printf("🔍 GetTenantSolutions: tenantID=%s", tenantID)
+	
+	if tenantID == "" {
+		log.Printf("❌ GetTenantSolutions: Missing tenant_id")
+		w.Header().Set("Content-Type", "application/json")
+		w.WriteHeader(http.StatusBadRequest)
+		json.NewEncoder(w).Encode(map[string]string{
+			"error": "Missing tenant_id",
+		})
+		return
+	}
+
+	solutions, err := h.repo.GetTenantSolutions(tenantID)
+	if err != nil {
+		log.Printf("❌ GetTenantSolutions: Error fetching solutions: %v", err)
+		w.Header().Set("Content-Type", "application/json")
+		w.WriteHeader(http.StatusInternalServerError)
+		json.NewEncoder(w).Encode(map[string]string{
+			"error":   "Failed to fetch solutions",
+			"message": err.Error(),
+		})
+		return
+	}
+
+	log.Printf("✅ GetTenantSolutions: Found %d solutions for tenant %s", len(solutions), tenantID)
+
+	if solutions == nil {
+		solutions = []domain.Solution{}
+	}
+
+	w.Header().Set("Content-Type", "application/json")
+	json.NewEncoder(w).Encode(map[string]interface{}{
+		"solutions": solutions,
+	})
+}
+
+// ==================== PLAN SOLUTIONS ====================
+
+func (h *SolutionHandler) GetPlanSolutions(w http.ResponseWriter, r *http.Request) {
+	vars := mux.Vars(r)
+	planID := vars["plan_id"]
+
+	solutions, err := h.repo.GetPlanSolutions(planID)
+	if err != nil {
+		w.Header().Set("Content-Type", "application/json")
+		w.WriteHeader(http.StatusInternalServerError)
+		json.NewEncoder(w).Encode(map[string]string{
+			"error":   "Failed to fetch plan solutions",
+			"message": err.Error(),
+		})
+		return
+	}
+
+	if solutions == nil {
+		solutions = []domain.Solution{}
+	}
+
+	w.Header().Set("Content-Type", "application/json")
+	json.NewEncoder(w).Encode(map[string]interface{}{
+		"solutions": solutions,
+	})
+}
+
+func (h *SolutionHandler) SetPlanSolutions(w http.ResponseWriter, r *http.Request) {
+	vars := mux.Vars(r)
+	planID := vars["plan_id"]
+
+	var req struct {
+		SolutionIDs []string `json:"solution_ids"`
+	}
+
+	if err := json.NewDecoder(r.Body).Decode(&req); err != nil {
+		w.Header().Set("Content-Type", "application/json")
+		w.WriteHeader(http.StatusBadRequest)
+		json.NewEncoder(w).Encode(map[string]string{
+			"error":   "Invalid request body",
+			"message": err.Error(),
+		})
+		return
+	}
+
+	if err := h.repo.SetPlanSolutions(planID, req.SolutionIDs); err != nil {
+		w.Header().Set("Content-Type", "application/json")
+		w.WriteHeader(http.StatusInternalServerError)
+		json.NewEncoder(w).Encode(map[string]string{
+			"error":   "Failed to update plan solutions",
+			"message": err.Error(),
+		})
+		return
+	}
+
+	w.Header().Set("Content-Type", "application/json")
+	json.NewEncoder(w).Encode(map[string]string{
+		"message": "Plan solutions updated successfully",
+	})
+}

backend/internal/api/handlers/tenant.go

@@ -2,10 +2,13 @@ package handlers
 
 import (
 	"encoding/json"
+	"log"
 	"net/http"
 
-	"aggios-app/backend/internal/domain"
+	"aggios-app/backend/internal/api/middleware"
 	"aggios-app/backend/internal/service"
+
+	"github.com/google/uuid"
 )
 
 // TenantHandler handles tenant/agency listing endpoints
@@ -27,14 +30,15 @@ func (h *TenantHandler) ListAll(w http.ResponseWriter, r *http.Request) {
 		return
 	}
 
-	tenants, err := h.tenantService.ListAll()
+	tenants, err := h.tenantService.ListAllWithDetails()
 	if err != nil {
+		log.Printf("Error listing tenants with details: %v", err)
 		http.Error(w, "Internal server error", http.StatusInternalServerError)
 		return
 	}
 
 	if tenants == nil {
-		tenants = []*domain.Tenant{}
+		tenants = []map[string]interface{}{}
 	}
 
 	w.Header().Set("Content-Type", "application/json; charset=utf-8")
@@ -67,3 +71,127 @@ func (h *TenantHandler) CheckExists(w http.ResponseWriter, r *http.Request) {
 	w.Header().Set("Content-Type", "application/json; charset=utf-8")
 	json.NewEncoder(w).Encode(map[string]string{"status": "ok"})
 }
+
+// GetPublicConfig returns public branding info for a tenant by subdomain
+func (h *TenantHandler) GetPublicConfig(w http.ResponseWriter, r *http.Request) {
+	if r.Method != http.MethodGet {
+		http.Error(w, "Method not allowed", http.StatusMethodNotAllowed)
+		return
+	}
+
+	subdomain := r.URL.Query().Get("subdomain")
+	if subdomain == "" {
+		http.Error(w, "subdomain is required", http.StatusBadRequest)
+		return
+	}
+
+	tenant, err := h.tenantService.GetBySubdomain(subdomain)
+	if err != nil {
+		if err == service.ErrTenantNotFound {
+			http.NotFound(w, r)
+			return
+		}
+		http.Error(w, "Internal server error", http.StatusInternalServerError)
+		return
+	}
+
+	// Return only public info
+	response := map[string]interface{}{
+		"id":                  tenant.ID.String(),
+		"name":                tenant.Name,
+		"primary_color":       tenant.PrimaryColor,
+		"secondary_color":     tenant.SecondaryColor,
+		"logo_url":            tenant.LogoURL,
+		"logo_horizontal_url": tenant.LogoHorizontalURL,
+	}
+
+	log.Printf("📤 Returning tenant config for %s: logo_url=%s", subdomain, tenant.LogoURL)
+
+	w.Header().Set("Content-Type", "application/json; charset=utf-8")
+	json.NewEncoder(w).Encode(response)
+}
+
+// GetBranding returns branding info for the current authenticated tenant
+func (h *TenantHandler) GetBranding(w http.ResponseWriter, r *http.Request) {
+	if r.Method != http.MethodGet {
+		http.Error(w, "Method not allowed", http.StatusMethodNotAllowed)
+		return
+	}
+
+	// Get tenant from context (set by auth middleware)
+	tenantID := r.Context().Value(middleware.TenantIDKey)
+	if tenantID == nil {
+		http.Error(w, "Tenant not found in context", http.StatusUnauthorized)
+		return
+	}
+
+	// Parse tenant ID
+	tid, err := uuid.Parse(tenantID.(string))
+	if err != nil {
+		http.Error(w, "Invalid tenant ID", http.StatusBadRequest)
+		return
+	}
+
+	// Get tenant from database
+	tenant, err := h.tenantService.GetByID(tid)
+	if err != nil {
+		http.Error(w, "Error fetching branding", http.StatusInternalServerError)
+		return
+	}
+
+	// Return branding info
+	response := map[string]interface{}{
+		"id":                  tenant.ID.String(),
+		"name":                tenant.Name,
+		"primary_color":       tenant.PrimaryColor,
+		"secondary_color":     tenant.SecondaryColor,
+		"logo_url":            tenant.LogoURL,
+		"logo_horizontal_url": tenant.LogoHorizontalURL,
+	}
+
+	w.Header().Set("Content-Type", "application/json; charset=utf-8")
+	json.NewEncoder(w).Encode(response)
+}
+
+// GetProfile returns public tenant information by tenant ID
+func (h *TenantHandler) GetProfile(w http.ResponseWriter, r *http.Request) {
+	if r.Method != http.MethodGet {
+		http.Error(w, "Method not allowed", http.StatusMethodNotAllowed)
+		return
+	}
+
+	// Extract tenant ID from URL path
+	// URL format: /api/tenants/{id}/profile
+	tenantIDStr := r.URL.Path[len("/api/tenants/"):]
+	if idx := len(tenantIDStr) - len("/profile"); idx > 0 {
+		tenantIDStr = tenantIDStr[:idx]
+	}
+
+	if tenantIDStr == "" {
+		http.Error(w, "tenant_id is required", http.StatusBadRequest)
+		return
+	}
+
+	// Para compatibilidade, aceitar tanto UUID quanto ID numérico
+	// Primeiro tentar como UUID, se falhar buscar tenant diretamente
+	tenant, err := h.tenantService.GetBySubdomain(tenantIDStr)
+	if err != nil {
+		log.Printf("Error getting tenant: %v", err)
+		http.Error(w, "Tenant not found", http.StatusNotFound)
+		return
+	}
+
+	// Return public info
+	response := map[string]interface{}{
+		"tenant": map[string]string{
+			"company":             tenant.Name,
+			"primary_color":       tenant.PrimaryColor,
+			"secondary_color":     tenant.SecondaryColor,
+			"logo_url":            tenant.LogoURL,
+			"logo_horizontal_url": tenant.LogoHorizontalURL,
+		},
+	}
+
+	w.Header().Set("Content-Type", "application/json; charset=utf-8")
+	json.NewEncoder(w).Encode(response)
+}

backend/internal/api/middleware/auth.go

@@ -2,6 +2,7 @@ package middleware
 
 import (
 	"context"
+	"log"
 	"net/http"
 	"strings"
 
@@ -59,13 +60,50 @@ func Auth(cfg *config.Config) func(http.Handler) http.Handler {
 		}
 
 		// tenant_id pode ser nil para SuperAdmin
-		var tenantID string
+		var tenantIDFromJWT string
 		if tenantIDClaim, ok := claims["tenant_id"]; ok && tenantIDClaim != nil {
-			tenantID, _ = tenantIDClaim.(string)
+			tenantIDFromJWT, _ = tenantIDClaim.(string)
 		}
 
-		ctx := context.WithValue(r.Context(), UserIDKey, userID)
+		// VALIDAÇÃO DE SEGURANÇA: Verificar user_type para impedir clientes de acessarem rotas de agência
-		ctx = context.WithValue(ctx, TenantIDKey, tenantID)
+		if userTypeClaim, ok := claims["user_type"]; ok && userTypeClaim != nil {
+			userType, _ := userTypeClaim.(string)
+			if userType == "customer" {
+				log.Printf("❌ CUSTOMER ACCESS BLOCKED: Customer %s tried to access agency route %s", userID, r.RequestURI)
+				http.Error(w, "Forbidden: Customers cannot access agency routes", http.StatusForbidden)
+				return
+			}
+		}
+
+		// VALIDAÇÃO DE SEGURANÇA: Verificar se o tenant_id do JWT corresponde ao subdomínio acessado
+		// Pegar o tenant_id do contexto (detectado pelo TenantDetector middleware ANTES deste)
+		tenantIDFromContext := ""
+		if ctxTenantID := r.Context().Value(TenantIDKey); ctxTenantID != nil {
+			tenantIDFromContext, _ = ctxTenantID.(string)
+		}
+
+		log.Printf("🔐 AUTH VALIDATION: JWT tenant=%s | Context tenant=%s | Path=%s", 
+			tenantIDFromJWT, tenantIDFromContext, r.RequestURI)
+
+		// Se o usuário não é SuperAdmin (tem tenant_id) e está acessando uma agência (subdomain detectado)
+		if tenantIDFromJWT != "" && tenantIDFromContext != "" {
+			// Validar se o tenant_id do JWT corresponde ao tenant detectado
+			if tenantIDFromJWT != tenantIDFromContext {
+				log.Printf("❌ CROSS-TENANT ACCESS BLOCKED: User from tenant %s tried to access tenant %s", 
+					tenantIDFromJWT, tenantIDFromContext)
+				http.Error(w, "Forbidden: You don't have access to this tenant", http.StatusForbidden)
+				return
+			}
+			log.Printf("✅ TENANT VALIDATION PASSED: %s", tenantIDFromJWT)
+		}
+
+		// Preservar TODOS os valores do contexto anterior (incluindo o tenantID do TenantDetector)
+		ctx := r.Context()
+		ctx = context.WithValue(ctx, UserIDKey, userID)
+		// Só sobrescrever o TenantIDKey se vier do JWT (para não perder o do TenantDetector)
+		if tenantIDFromJWT != "" {
+			ctx = context.WithValue(ctx, TenantIDKey, tenantIDFromJWT)
+		}
 		next.ServeHTTP(w, r.WithContext(ctx))
 	})
 }

backend/internal/api/middleware/collaborator_readonly.go

@@ -0,0 +1,44 @@
+package middleware
+
+import (
+	"log"
+	"net/http"
+	"strings"
+)
+
+// CheckCollaboratorReadOnly verifica se um colaborador está tentando fazer operações de escrita
+// Se sim, bloqueia com 403
+func CheckCollaboratorReadOnly(next http.Handler) http.Handler {
+	return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
+		// Verificar agency_role do contexto
+		agencyRole, ok := r.Context().Value("agency_role").(string)
+		if !ok {
+			// Se não houver agency_role no contexto, é um customer, deixa passar
+			next.ServeHTTP(w, r)
+			return
+		}
+
+		// Apenas colaboradores têm restrição de read-only
+		if agencyRole != "collaborator" {
+			next.ServeHTTP(w, r)
+			return
+		}
+
+		// Verificar se é uma operação de escrita
+		method := r.Method
+		if method == http.MethodPost || method == http.MethodPut || method == http.MethodDelete {
+			// Verificar a rota
+			path := r.URL.Path
+			
+			// Bloquear operações de escrita em CRM
+			if strings.Contains(path, "/api/crm/") {
+				userID, _ := r.Context().Value(UserIDKey).(string)
+				log.Printf("❌ COLLABORATOR WRITE BLOCKED: User %s (collaborator) tried %s %s", userID, method, path)
+				http.Error(w, "Colaboradores têm acesso somente leitura", http.StatusForbidden)
+				return
+			}
+		}
+
+		next.ServeHTTP(w, r)
+	})
+}

backend/internal/api/middleware/customer_auth.go

@@ -0,0 +1,85 @@
+package middleware
+
+import (
+	"aggios-app/backend/internal/config"
+	"context"
+	"log"
+	"net/http"
+	"strings"
+
+	"github.com/golang-jwt/jwt/v5"
+)
+
+const (
+	CustomerIDKey contextKey = "customer_id"
+)
+
+// CustomerAuthMiddleware valida tokens JWT de clientes do portal
+func CustomerAuthMiddleware(cfg *config.Config) func(http.Handler) http.Handler {
+	return func(next http.Handler) http.Handler {
+		return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
+			// Extrair token do header Authorization
+			authHeader := r.Header.Get("Authorization")
+			if authHeader == "" {
+				http.Error(w, "Authorization header required", http.StatusUnauthorized)
+				return
+			}
+
+			// Remover "Bearer " prefix
+			tokenString := strings.TrimPrefix(authHeader, "Bearer ")
+			if tokenString == authHeader {
+				http.Error(w, "Invalid authorization format", http.StatusUnauthorized)
+				return
+			}
+
+			// Parse e validar token
+			token, err := jwt.Parse(tokenString, func(token *jwt.Token) (interface{}, error) {
+				// Verificar método de assinatura
+				if _, ok := token.Method.(*jwt.SigningMethodHMAC); !ok {
+					return nil, jwt.ErrSignatureInvalid
+				}
+				return []byte(cfg.JWT.Secret), nil
+			})
+
+			if err != nil || !token.Valid {
+				log.Printf("Invalid token: %v", err)
+				http.Error(w, "Invalid or expired token", http.StatusUnauthorized)
+				return
+			}
+
+			// Extrair claims
+			claims, ok := token.Claims.(jwt.MapClaims)
+			if !ok {
+				http.Error(w, "Invalid token claims", http.StatusUnauthorized)
+				return
+			}
+
+			// Verificar se é token de customer
+			tokenType, _ := claims["type"].(string)
+			if tokenType != "customer_portal" {
+				http.Error(w, "Invalid token type", http.StatusUnauthorized)
+				return
+			}
+
+			// Extrair customer_id e tenant_id
+			customerID, ok := claims["customer_id"].(string)
+			if !ok {
+				http.Error(w, "Invalid customer_id in token", http.StatusUnauthorized)
+				return
+			}
+
+			tenantID, ok := claims["tenant_id"].(string)
+			if !ok {
+				http.Error(w, "Invalid tenant_id in token", http.StatusUnauthorized)
+				return
+			}
+
+			// Adicionar ao contexto
+			ctx := context.WithValue(r.Context(), CustomerIDKey, customerID)
+			ctx = context.WithValue(ctx, TenantIDKey, tenantID)
+
+			// Prosseguir com a requisição
+			next.ServeHTTP(w, r.WithContext(ctx))
+		})
+	}
+}

backend/internal/api/middleware/tenant.go

@@ -16,15 +16,25 @@ func TenantDetector(tenantRepo *repository.TenantRepository) func(http.Handler)
 	return func(next http.Handler) http.Handler {
 		return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
 			// Get host from X-Forwarded-Host header (set by Next.js proxy) or Host header
-			host := r.Header.Get("X-Forwarded-Host")
+			// Priority order: X-Tenant-Subdomain (set by Next.js middleware) > X-Forwarded-Host > X-Original-Host > Host
-			if host == "" {
+			tenantSubdomain := r.Header.Get("X-Tenant-Subdomain")
-				host = r.Header.Get("X-Original-Host")
-			}
-			if host == "" {
-				host = r.Host
-			}
 			
-			log.Printf("TenantDetector: host = %s (from headers), path = %s", host, r.RequestURI)
+			var host string
+			if tenantSubdomain != "" {
+				// Use direct subdomain from Next.js middleware
+				host = tenantSubdomain
+				log.Printf("TenantDetector: using X-Tenant-Subdomain = %s", tenantSubdomain)
+			} else {
+				// Fallback to extracting from host headers
+				host = r.Header.Get("X-Forwarded-Host")
+				if host == "" {
+					host = r.Header.Get("X-Original-Host")
+				}
+				if host == "" {
+					host = r.Host
+				}
+				log.Printf("TenantDetector: host = %s (from headers), path = %s", host, r.RequestURI)
+			}
 			
 			// Extract subdomain
 			// Examples:
@@ -33,17 +43,28 @@ func TenantDetector(tenantRepo *repository.TenantRepository) func(http.Handler)
 			// - dash.localhost -> dash (master admin)
 			// - localhost -> (institutional site)
 			
-			parts := strings.Split(host, ".")
 			var subdomain string
 			
-			if len(parts) >= 2 {
+			// If we got the subdomain directly from X-Tenant-Subdomain, use it
-				// Has subdomain
+			if tenantSubdomain != "" {
-				subdomain = parts[0]
+				subdomain = tenantSubdomain
-				
 				// Remove port if present
 				if strings.Contains(subdomain, ":") {
 					subdomain = strings.Split(subdomain, ":")[0]
 				}
+			} else {
+				// Extract from host
+				parts := strings.Split(host, ".")
+				
+				if len(parts) >= 2 {
+					// Has subdomain
+					subdomain = parts[0]
+					
+					// Remove port if present
+					if strings.Contains(subdomain, ":") {
+						subdomain = strings.Split(subdomain, ":")[0]
+					}
+				}
 			}
 			
 			log.Printf("TenantDetector: extracted subdomain = %s", subdomain)

backend/internal/api/middleware/unified_auth.go

@@ -0,0 +1,104 @@
+package middleware
+
+import (
+	"aggios-app/backend/internal/config"
+	"aggios-app/backend/internal/domain"
+	"context"
+	"log"
+	"net/http"
+	"strings"
+
+	"github.com/golang-jwt/jwt/v5"
+)
+
+// UnifiedAuthMiddleware valida JWT unificado e permite múltiplos tipos de usuários
+func UnifiedAuthMiddleware(cfg *config.Config, allowedTypes ...domain.UserType) func(http.Handler) http.Handler {
+	return func(next http.Handler) http.Handler {
+		return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
+			// Extrair token do header Authorization
+			authHeader := r.Header.Get("Authorization")
+			if authHeader == "" {
+				log.Printf("🚫 UnifiedAuth: Missing Authorization header")
+				http.Error(w, "Unauthorized: Missing token", http.StatusUnauthorized)
+				return
+			}
+
+			// Formato esperado: "Bearer <token>"
+			parts := strings.Split(authHeader, " ")
+			if len(parts) != 2 || parts[0] != "Bearer" {
+				log.Printf("🚫 UnifiedAuth: Invalid Authorization format")
+				http.Error(w, "Unauthorized: Invalid token format", http.StatusUnauthorized)
+				return
+			}
+
+			tokenString := parts[1]
+
+			// Parsear e validar token
+			token, err := jwt.ParseWithClaims(tokenString, &domain.UnifiedClaims{}, func(token *jwt.Token) (interface{}, error) {
+				return []byte(cfg.JWT.Secret), nil
+			})
+
+			if err != nil {
+				log.Printf("🚫 UnifiedAuth: Token parse error: %v", err)
+				http.Error(w, "Unauthorized: Invalid token", http.StatusUnauthorized)
+				return
+			}
+
+			claims, ok := token.Claims.(*domain.UnifiedClaims)
+			if !ok || !token.Valid {
+				log.Printf("🚫 UnifiedAuth: Invalid token claims")
+				http.Error(w, "Unauthorized: Invalid token", http.StatusUnauthorized)
+				return
+			}
+
+			// Verificar se o tipo de usuário é permitido
+			if len(allowedTypes) > 0 {
+				allowed := false
+				for _, allowedType := range allowedTypes {
+					if claims.UserType == allowedType {
+						allowed = true
+						break
+					}
+				}
+				if !allowed {
+					log.Printf("🚫 UnifiedAuth: User type %s not allowed (allowed: %v)", claims.UserType, allowedTypes)
+					http.Error(w, "Forbidden: Insufficient permissions", http.StatusForbidden)
+					return
+				}
+			}
+
+			// Adicionar informações ao contexto
+			ctx := r.Context()
+			ctx = context.WithValue(ctx, UserIDKey, claims.UserID)
+			ctx = context.WithValue(ctx, TenantIDKey, claims.TenantID)
+			ctx = context.WithValue(ctx, "email", claims.Email)
+			ctx = context.WithValue(ctx, "user_type", string(claims.UserType))
+			ctx = context.WithValue(ctx, "role", claims.Role)
+
+			// Para compatibilidade com handlers de portal que esperam CustomerIDKey
+			if claims.UserType == domain.UserTypeCustomer {
+				ctx = context.WithValue(ctx, CustomerIDKey, claims.UserID)
+			}
+
+			log.Printf("✅ UnifiedAuth: Authenticated user_id=%s, type=%s, role=%s, tenant=%s",
+				claims.UserID, claims.UserType, claims.Role, claims.TenantID)
+
+			next.ServeHTTP(w, r.WithContext(ctx))
+		})
+	}
+}
+
+// RequireAgencyUser middleware que permite apenas usuários de agência (admin, colaborador)
+func RequireAgencyUser(cfg *config.Config) func(http.Handler) http.Handler {
+	return UnifiedAuthMiddleware(cfg, domain.UserTypeAgency)
+}
+
+// RequireCustomer middleware que permite apenas clientes
+func RequireCustomer(cfg *config.Config) func(http.Handler) http.Handler {
+	return UnifiedAuthMiddleware(cfg, domain.UserTypeCustomer)
+}
+
+// RequireAnyAuthenticated middleware que permite qualquer usuário autenticado
+func RequireAnyAuthenticated(cfg *config.Config) func(http.Handler) http.Handler {
+	return UnifiedAuthMiddleware(cfg) // Sem filtro de tipo
+}

backend/internal/config/config.go

@@ -49,6 +49,7 @@ type SecurityConfig struct {
 // MinioConfig holds MinIO configuration
 type MinioConfig struct {
 	Endpoint     string
+	PublicURL    string // URL pública para acesso ao MinIO (para gerar links)
 	RootUser     string
 	RootPassword string
 	UseSSL       bool
@@ -64,9 +65,9 @@ func Load() *Config {
 	}
 
 	// Rate limit: more lenient in dev, strict in prod
-	maxAttempts := 30
+	maxAttempts := 1000 // Aumentado drasticamente para evitar 429 durante debug
 	if env == "production" {
-		maxAttempts = 5
+		maxAttempts = 100 // Mais restritivo em produção
 	}
 
 	return &Config{
@@ -102,6 +103,7 @@ func Load() *Config {
 		},
 		Minio: MinioConfig{
 			Endpoint:     getEnvOrDefault("MINIO_ENDPOINT", "minio:9000"),
+			PublicURL:    getEnvOrDefault("MINIO_PUBLIC_URL", "http://localhost:9000"),
 			RootUser:     getEnvOrDefault("MINIO_ROOT_USER", "minioadmin"),
 			RootPassword: getEnvOrDefault("MINIO_ROOT_PASSWORD", "changeme"),
 			UseSSL:       getEnvOrDefault("MINIO_USE_SSL", "false") == "true",

backend/internal/data/postgres/migrations/001_add_agency_roles.sql

@@ -0,0 +1,18 @@
+-- Migration: Add agency user roles and collaborator tracking
+-- Purpose: Support owner/collaborator hierarchy for agency users
+
+-- 1. Add agency_role column to users table (owner or collaborator)
+ALTER TABLE users ADD COLUMN IF NOT EXISTS agency_role VARCHAR(50) DEFAULT 'owner' CHECK (agency_role IN ('owner', 'collaborator'));
+
+-- 2. Add created_by column to track which user created this collaborator
+ALTER TABLE users ADD COLUMN IF NOT EXISTS created_by UUID REFERENCES users(id) ON DELETE SET NULL;
+
+-- 3. Update existing ADMIN_AGENCIA users to have 'owner' agency_role
+UPDATE users SET agency_role = 'owner' WHERE role = 'ADMIN_AGENCIA' AND agency_role IS NULL;
+
+-- 4. Add collaborator_created_at to track when the collaborator was added
+ALTER TABLE users ADD COLUMN IF NOT EXISTS collaborator_created_at TIMESTAMP WITH TIME ZONE;
+
+-- 5. Create index for faster queries
+CREATE INDEX IF NOT EXISTS idx_users_agency_role ON users(tenant_id, agency_role);
+CREATE INDEX IF NOT EXISTS idx_users_created_by ON users(created_by);

backend/internal/data/postgres/migrations/025_create_erp_tables.sql

@@ -0,0 +1,93 @@
+-- Migration: 025_create_erp_tables.sql
+-- Description: Create tables for Finance, Inventory, and Order management
+
+-- Financial Categories
+CREATE TABLE IF NOT EXISTS erp_financial_categories (
+    id UUID PRIMARY KEY DEFAULT gen_random_uuid(),
+    tenant_id UUID NOT NULL REFERENCES tenants(id) ON DELETE CASCADE,
+    name VARCHAR(255) NOT NULL,
+    type VARCHAR(20) NOT NULL CHECK (type IN ('income', 'expense')),
+    color VARCHAR(20),
+    is_active BOOLEAN DEFAULT true,
+    created_at TIMESTAMP WITH TIME ZONE DEFAULT CURRENT_TIMESTAMP,
+    updated_at TIMESTAMP WITH TIME ZONE DEFAULT CURRENT_TIMESTAMP
+);
+
+-- Bank Accounts
+CREATE TABLE IF NOT EXISTS erp_bank_accounts (
+    id UUID PRIMARY KEY DEFAULT gen_random_uuid(),
+    tenant_id UUID NOT NULL REFERENCES tenants(id) ON DELETE CASCADE,
+    name VARCHAR(255) NOT NULL,
+    bank_name VARCHAR(255),
+    initial_balance DECIMAL(15,2) DEFAULT 0.00,
+    current_balance DECIMAL(15,2) DEFAULT 0.00,
+    is_active BOOLEAN DEFAULT true,
+    created_at TIMESTAMP WITH TIME ZONE DEFAULT CURRENT_TIMESTAMP,
+    updated_at TIMESTAMP WITH TIME ZONE DEFAULT CURRENT_TIMESTAMP
+);
+
+-- Financial Transactions
+CREATE TABLE IF NOT EXISTS erp_financial_transactions (
+    id UUID PRIMARY KEY DEFAULT gen_random_uuid(),
+    tenant_id UUID NOT NULL REFERENCES tenants(id) ON DELETE CASCADE,
+    account_id UUID REFERENCES erp_bank_accounts(id),
+    category_id UUID REFERENCES erp_financial_categories(id),
+    description TEXT,
+    amount DECIMAL(15,2) NOT NULL,
+    type VARCHAR(20) NOT NULL CHECK (type IN ('income', 'expense')),
+    status VARCHAR(20) NOT NULL DEFAULT 'pending' CHECK (status IN ('pending', 'paid', 'cancelled')),
+    due_date DATE,
+    payment_date TIMESTAMP WITH TIME ZONE,
+    attachments TEXT[], -- URLs for proofs
+    created_by UUID REFERENCES users(id),
+    created_at TIMESTAMP WITH TIME ZONE DEFAULT CURRENT_TIMESTAMP,
+    updated_at TIMESTAMP WITH TIME ZONE DEFAULT CURRENT_TIMESTAMP
+);
+
+-- Products & Services
+CREATE TABLE IF NOT EXISTS erp_products (
+    id UUID PRIMARY KEY DEFAULT gen_random_uuid(),
+    tenant_id UUID NOT NULL REFERENCES tenants(id) ON DELETE CASCADE,
+    name VARCHAR(255) NOT NULL,
+    sku VARCHAR(100),
+    description TEXT,
+    price DECIMAL(15,2) NOT NULL,
+    cost_price DECIMAL(15,2),
+    type VARCHAR(20) DEFAULT 'product' CHECK (type IN ('product', 'service')),
+    stock_quantity INT DEFAULT 0,
+    is_active BOOLEAN DEFAULT true,
+    created_at TIMESTAMP WITH TIME ZONE DEFAULT CURRENT_TIMESTAMP,
+    updated_at TIMESTAMP WITH TIME ZONE DEFAULT CURRENT_TIMESTAMP
+);
+
+-- Orders
+CREATE TABLE IF NOT EXISTS erp_orders (
+    id UUID PRIMARY KEY DEFAULT gen_random_uuid(),
+    tenant_id UUID NOT NULL REFERENCES tenants(id) ON DELETE CASCADE,
+    customer_id UUID REFERENCES companies(id), -- Linked to CRM (companies)
+    status VARCHAR(20) NOT NULL DEFAULT 'draft' CHECK (status IN ('draft', 'confirmed', 'completed', 'cancelled')),
+    total_amount DECIMAL(15,2) DEFAULT 0.00,
+    notes TEXT,
+    created_by UUID REFERENCES users(id),
+    created_at TIMESTAMP WITH TIME ZONE DEFAULT CURRENT_TIMESTAMP,
+    updated_at TIMESTAMP WITH TIME ZONE DEFAULT CURRENT_TIMESTAMP
+);
+
+-- Order Items
+CREATE TABLE IF NOT EXISTS erp_order_items (
+    id UUID PRIMARY KEY DEFAULT gen_random_uuid(),
+    order_id UUID NOT NULL REFERENCES erp_orders(id) ON DELETE CASCADE,
+    product_id UUID NOT NULL REFERENCES erp_products(id),
+    quantity INT NOT NULL DEFAULT 1,
+    unit_price DECIMAL(15,2) NOT NULL,
+    total_price DECIMAL(15,2) NOT NULL,
+    created_at TIMESTAMP WITH TIME ZONE DEFAULT CURRENT_TIMESTAMP
+);
+
+-- Indexes for performance and multi-tenancy
+CREATE INDEX idx_erp_fin_cat_tenant ON erp_financial_categories(tenant_id);
+CREATE INDEX idx_erp_bank_acc_tenant ON erp_bank_accounts(tenant_id);
+CREATE INDEX idx_erp_fin_trans_tenant ON erp_financial_transactions(tenant_id);
+CREATE INDEX idx_erp_products_tenant ON erp_products(tenant_id);
+CREATE INDEX idx_erp_orders_tenant ON erp_orders(tenant_id);
+CREATE INDEX idx_erp_order_items_order ON erp_order_items(order_id);

backend/internal/data/postgres/migrations/026_create_erp_entities.sql

@@ -0,0 +1,32 @@
+-- Migration: 026_create_erp_entities.sql
+-- Description: Create tables for Customers and Suppliers in ERP
+
+-- ERP Entities (Customers and Suppliers)
+CREATE TABLE IF NOT EXISTS erp_entities (
+    id UUID PRIMARY KEY DEFAULT gen_random_uuid(),
+    tenant_id UUID NOT NULL REFERENCES tenants(id) ON DELETE CASCADE,
+    name VARCHAR(255) NOT NULL,
+    document VARCHAR(20), -- CPF/CNPJ
+    email VARCHAR(255),
+    phone VARCHAR(20),
+    type VARCHAR(20) NOT NULL CHECK (type IN ('customer', 'supplier', 'both')),
+    status VARCHAR(20) DEFAULT 'active',
+    address TEXT,
+    city VARCHAR(100),
+    state VARCHAR(2),
+    zip VARCHAR(10),
+    notes TEXT,
+    created_at TIMESTAMP WITH TIME ZONE DEFAULT CURRENT_TIMESTAMP,
+    updated_at TIMESTAMP WITH TIME ZONE DEFAULT CURRENT_TIMESTAMP
+);
+
+-- Update Financial Transactions to link with Entities
+ALTER TABLE erp_financial_transactions ADD COLUMN IF NOT EXISTS entity_id UUID REFERENCES erp_entities(id);
+
+-- Update Orders to link with Entities instead of companies (optional but more consistent for ERP)
+-- Keep customer_id for now to avoid breaking existing logic, but allow entity_id
+ALTER TABLE erp_orders ADD COLUMN IF NOT EXISTS entity_id UUID REFERENCES erp_entities(id);
+
+-- Indexes
+CREATE INDEX IF NOT EXISTS idx_erp_entities_tenant ON erp_entities(tenant_id);
+CREATE INDEX IF NOT EXISTS idx_erp_entities_type ON erp_entities(type);

backend/internal/data/postgres/migrations/027_add_payment_method_to_transactions.sql

@@ -0,0 +1,4 @@
+-- Migration: 027_add_payment_method_to_transactions.sql
+-- Description: Add payment_method field to financial transactions
+
+ALTER TABLE erp_financial_transactions ADD COLUMN IF NOT EXISTS payment_method VARCHAR(50);

backend/internal/data/postgres/migrations/028_add_crm_links_to_transactions.sql

@@ -0,0 +1,5 @@
+-- Migration: 028_add_crm_links_to_transactions.sql
+-- Description: Add fields to link financial transactions to CRM Customers and Companies
+
+ALTER TABLE erp_financial_transactions ADD COLUMN IF NOT EXISTS crm_customer_id UUID REFERENCES crm_customers(id) ON DELETE SET NULL;
+ALTER TABLE erp_financial_transactions ADD COLUMN IF NOT EXISTS company_id UUID REFERENCES companies(id) ON DELETE SET NULL;

backend/internal/data/postgres/migrations/029_create_documents_table.sql

@@ -0,0 +1,15 @@
+-- Migration: 029_create_documents_table.sql
+-- Description: Create table for text documents (Google Docs style)
+
+CREATE TABLE IF NOT EXISTS documents (
+    id UUID PRIMARY KEY DEFAULT gen_random_uuid(),
+    tenant_id UUID NOT NULL REFERENCES tenants(id) ON DELETE CASCADE,
+    title VARCHAR(255) NOT NULL,
+    content TEXT,
+    status VARCHAR(50) DEFAULT 'draft',
+    created_by UUID REFERENCES users(id),
+    created_at TIMESTAMP WITH TIME ZONE DEFAULT CURRENT_TIMESTAMP,
+    updated_at TIMESTAMP WITH TIME ZONE DEFAULT CURRENT_TIMESTAMP
+);
+
+CREATE INDEX IF NOT EXISTS idx_documents_tenant_id ON documents(tenant_id);

backend/internal/data/postgres/migrations/030_add_subpages_and_activities_to_documents.sql

@@ -0,0 +1,22 @@
+-- Migration: 030_add_subpages_and_activities_to_documents.sql
+-- Description: Add parent_id for subpages and tracking columns (Fixed)
+
+ALTER TABLE documents 
+ADD COLUMN IF NOT EXISTS parent_id UUID REFERENCES documents(id) ON DELETE CASCADE,
+ADD COLUMN IF NOT EXISTS last_updated_by UUID REFERENCES users(id),
+ADD COLUMN IF NOT EXISTS version INTEGER DEFAULT 1;
+
+CREATE INDEX IF NOT EXISTS idx_documents_parent_id ON documents(parent_id);
+
+-- Simple activity log table
+CREATE TABLE IF NOT EXISTS document_activities (
+    id UUID PRIMARY KEY DEFAULT gen_random_uuid(),
+    document_id UUID NOT NULL REFERENCES documents(id) ON DELETE CASCADE,
+    tenant_id UUID NOT NULL REFERENCES tenants(id) ON DELETE CASCADE,
+    user_id UUID NOT NULL REFERENCES users(id),
+    action VARCHAR(50) NOT NULL, -- 'created', 'updated', 'deleted', 'status_change'
+    description TEXT,
+    created_at TIMESTAMP WITH TIME ZONE DEFAULT CURRENT_TIMESTAMP
+);
+
+CREATE INDEX IF NOT EXISTS idx_doc_activities_doc_id ON document_activities(document_id);

backend/internal/domain/auth_unified.go

@@ -0,0 +1,42 @@
+package domain
+
+import "github.com/golang-jwt/jwt/v5"
+
+// UserType representa os diferentes tipos de usuários do sistema
+type UserType string
+
+const (
+	UserTypeAgency   UserType = "agency_user" // Usuários das agências (admin, colaborador)
+	UserTypeCustomer UserType = "customer"    // Clientes do CRM
+	// SUPERADMIN usa endpoint próprio /api/admin/*, não usa autenticação unificada
+)
+
+// UnifiedClaims representa as claims do JWT unificado
+type UnifiedClaims struct {
+	UserID    string   `json:"user_id"`              // ID do usuário (user.id ou customer.id)
+	UserType  UserType `json:"user_type"`            // Tipo de usuário
+	TenantID  string   `json:"tenant_id,omitempty"`  // ID do tenant (agência)
+	Email     string   `json:"email"`                // Email do usuário
+	Role      string   `json:"role,omitempty"`       // Role (para agency_user: ADMIN_AGENCIA, CLIENTE)
+	AgencyRole string  `json:"agency_role,omitempty"` // Agency role (owner ou collaborator)
+	jwt.RegisteredClaims
+}
+
+// UnifiedLoginRequest representa uma requisição de login unificada
+type UnifiedLoginRequest struct {
+	Email    string `json:"email"`
+	Password string `json:"password"`
+}
+
+// UnifiedLoginResponse representa a resposta de login unificada
+type UnifiedLoginResponse struct {
+	Token      string   `json:"token"`
+	UserType   UserType `json:"user_type"`
+	UserID     string   `json:"user_id"`
+	Email      string   `json:"email"`
+	Name       string   `json:"name"`
+	Role       string   `json:"role,omitempty"`        // Apenas para agency_user
+	AgencyRole string   `json:"agency_role,omitempty"` // owner ou collaborator
+	TenantID   string   `json:"tenant_id,omitempty"`   // ID do tenant
+	Subdomain  string   `json:"subdomain,omitempty"`   // Subdomínio da agência
+}

backend/internal/domain/crm.go

@@ -0,0 +1,135 @@
+package domain
+
+import (
+	"encoding/json"
+	"time"
+)
+
+type CRMCustomer struct {
+	ID               string     `json:"id" db:"id"`
+	TenantID         string     `json:"tenant_id" db:"tenant_id"`
+	Name             string     `json:"name" db:"name"`
+	Email            string     `json:"email" db:"email"`
+	Phone            string     `json:"phone" db:"phone"`
+	Company          string     `json:"company" db:"company"`
+	Position         string     `json:"position" db:"position"`
+	Address          string     `json:"address" db:"address"`
+	City             string     `json:"city" db:"city"`
+	State            string     `json:"state" db:"state"`
+	ZipCode          string     `json:"zip_code" db:"zip_code"`
+	Country          string     `json:"country" db:"country"`
+	Notes            string     `json:"notes" db:"notes"`
+	Tags             []string   `json:"tags" db:"tags"`
+	LogoURL          string     `json:"logo_url" db:"logo_url"`
+	IsActive         bool       `json:"is_active" db:"is_active"`
+	CreatedBy        string     `json:"created_by" db:"created_by"`
+	CreatedAt        time.Time  `json:"created_at" db:"created_at"`
+	UpdatedAt        time.Time  `json:"updated_at" db:"updated_at"`
+	PasswordHash     string     `json:"-" db:"password_hash"`
+	HasPortalAccess  bool       `json:"has_portal_access" db:"has_portal_access"`
+	PortalLastLogin  *time.Time `json:"portal_last_login,omitempty" db:"portal_last_login"`
+	PortalCreatedAt  *time.Time `json:"portal_created_at,omitempty" db:"portal_created_at"`
+}
+
+type CRMList struct {
+	ID          string    `json:"id" db:"id"`
+	TenantID    string    `json:"tenant_id" db:"tenant_id"`
+	CustomerID  *string   `json:"customer_id" db:"customer_id"`
+	FunnelID    *string   `json:"funnel_id" db:"funnel_id"`
+	Name        string    `json:"name" db:"name"`
+	Description string    `json:"description" db:"description"`
+	Color       string    `json:"color" db:"color"`
+	CreatedBy   string    `json:"created_by" db:"created_by"`
+	CreatedAt   time.Time `json:"created_at" db:"created_at"`
+	UpdatedAt   time.Time `json:"updated_at" db:"updated_at"`
+}
+
+type CRMCustomerList struct {
+	CustomerID string    `json:"customer_id" db:"customer_id"`
+	ListID     string    `json:"list_id" db:"list_id"`
+	AddedAt    time.Time `json:"added_at" db:"added_at"`
+	AddedBy    string    `json:"added_by" db:"added_by"`
+}
+
+// DTO com informações extras
+type CRMCustomerWithLists struct {
+	CRMCustomer
+	Lists []CRMList `json:"lists"`
+}
+
+type CRMListWithCustomers struct {
+	CRMList
+	CustomerName  string `json:"customer_name"`
+	CustomerCount int    `json:"customer_count"`
+	LeadCount     int    `json:"lead_count"`
+}
+
+// ==================== LEADS ====================
+
+type CRMLead struct {
+	ID         string          `json:"id" db:"id"`
+	TenantID   string          `json:"tenant_id" db:"tenant_id"`
+	CustomerID *string         `json:"customer_id" db:"customer_id"`
+	FunnelID   *string         `json:"funnel_id" db:"funnel_id"`
+	StageID    *string         `json:"stage_id" db:"stage_id"`
+	Name       string          `json:"name" db:"name"`
+	Email      string          `json:"email" db:"email"`
+	Phone      string          `json:"phone" db:"phone"`
+	Source     string          `json:"source" db:"source"`
+	SourceMeta json.RawMessage `json:"source_meta" db:"source_meta"`
+	Status     string          `json:"status" db:"status"`
+	Notes      string          `json:"notes" db:"notes"`
+	Tags       []string        `json:"tags" db:"tags"`
+	IsActive   bool            `json:"is_active" db:"is_active"`
+	CreatedBy  string          `json:"created_by" db:"created_by"`
+	CreatedAt  time.Time       `json:"created_at" db:"created_at"`
+	UpdatedAt  time.Time       `json:"updated_at" db:"updated_at"`
+}
+
+type CRMFunnel struct {
+	ID          string    `json:"id" db:"id"`
+	TenantID    string    `json:"tenant_id" db:"tenant_id"`
+	Name        string    `json:"name" db:"name"`
+	Description string    `json:"description" db:"description"`
+	IsDefault   bool      `json:"is_default" db:"is_default"`
+	CreatedAt   time.Time `json:"created_at" db:"created_at"`
+	UpdatedAt   time.Time `json:"updated_at" db:"updated_at"`
+}
+
+type CRMFunnelStage struct {
+	ID          string    `json:"id" db:"id"`
+	FunnelID    string    `json:"funnel_id" db:"funnel_id"`
+	Name        string    `json:"name" db:"name"`
+	Description string    `json:"description" db:"description"`
+	Color       string    `json:"color" db:"color"`
+	OrderIndex  int       `json:"order_index" db:"order_index"`
+	CreatedAt   time.Time `json:"created_at" db:"created_at"`
+	UpdatedAt   time.Time `json:"updated_at" db:"updated_at"`
+}
+
+type CRMFunnelWithStages struct {
+	CRMFunnel
+	Stages []CRMFunnelStage `json:"stages"`
+}
+
+type CRMLeadList struct {
+	LeadID  string    `json:"lead_id" db:"lead_id"`
+	ListID  string    `json:"list_id" db:"list_id"`
+	AddedAt time.Time `json:"added_at" db:"added_at"`
+	AddedBy string    `json:"added_by" db:"added_by"`
+}
+
+type CRMLeadWithLists struct {
+	CRMLead
+	Lists []CRMList `json:"lists"`
+}
+
+type CRMShareToken struct {
+	ID         string    `json:"id" db:"id"`
+	TenantID   string    `json:"tenant_id" db:"tenant_id"`
+	CustomerID string    `json:"customer_id" db:"customer_id"`
+	Token      string    `json:"token" db:"token"`
+	ExpiresAt  *time.Time `json:"expires_at" db:"expires_at"`
+	CreatedBy  string    `json:"created_by" db:"created_by"`
+	CreatedAt  time.Time `json:"created_at" db:"created_at"`
+}

backend/internal/domain/document.go

@@ -0,0 +1,32 @@
+package domain
+
+import (
+	"time"
+
+	"github.com/google/uuid"
+)
+
+type Document struct {
+	ID            uuid.UUID  `json:"id" db:"id"`
+	TenantID      uuid.UUID  `json:"tenant_id" db:"tenant_id"`
+	ParentID      *uuid.UUID `json:"parent_id" db:"parent_id"`
+	Title         string     `json:"title" db:"title"`
+	Content       string     `json:"content" db:"content"` // JSON for blocks
+	Status        string     `json:"status" db:"status"`   // draft, published
+	CreatedBy     uuid.UUID  `json:"created_by" db:"created_by"`
+	LastUpdatedBy uuid.UUID  `json:"last_updated_by" db:"last_updated_by"`
+	Version       int        `json:"version" db:"version"`
+	CreatedAt     time.Time  `json:"created_at" db:"created_at"`
+	UpdatedAt     time.Time  `json:"updated_at" db:"updated_at"`
+}
+
+type DocumentActivity struct {
+	ID          uuid.UUID `json:"id" db:"id"`
+	DocumentID  uuid.UUID `json:"document_id" db:"document_id"`
+	TenantID    uuid.UUID `json:"tenant_id" db:"tenant_id"`
+	UserID      uuid.UUID `json:"user_id" db:"user_id"`
+	UserName    string    `json:"user_name" db:"user_name"` // For join
+	Action      string    `json:"action" db:"action"`
+	Description string    `json:"description" db:"description"`
+	CreatedAt   time.Time `json:"created_at" db:"created_at"`
+}

backend/internal/domain/erp.go

@@ -0,0 +1,115 @@
+package domain
+
+import (
+	"time"
+
+	"github.com/google/uuid"
+	"github.com/shopspring/decimal"
+)
+
+// FinancialCategory represents a category for income or expenses
+type FinancialCategory struct {
+	ID        uuid.UUID `json:"id" db:"id"`
+	TenantID  uuid.UUID `json:"tenant_id" db:"tenant_id"`
+	Name      string    `json:"name" db:"name"`
+	Type      string    `json:"type" db:"type"` // income, expense
+	Color     string    `json:"color" db:"color"`
+	IsActive  bool      `json:"is_active" db:"is_active"`
+	CreatedAt time.Time `json:"created_at" db:"created_at"`
+	UpdatedAt time.Time `json:"updated_at" db:"updated_at"`
+}
+
+// BankAccount represents a financial account in the agency
+type BankAccount struct {
+	ID             uuid.UUID       `json:"id" db:"id"`
+	TenantID       uuid.UUID       `json:"tenant_id" db:"tenant_id"`
+	Name           string          `json:"name" db:"name"`
+	BankName       string          `json:"bank_name" db:"bank_name"`
+	InitialBalance decimal.Decimal `json:"initial_balance" db:"initial_balance"`
+	CurrentBalance decimal.Decimal `json:"current_balance" db:"current_balance"`
+	IsActive       bool            `json:"is_active" db:"is_active"`
+	CreatedAt      time.Time       `json:"created_at" db:"created_at"`
+	UpdatedAt      time.Time       `json:"updated_at" db:"updated_at"`
+}
+
+// Entity represents a customer or supplier in the ERP
+type Entity struct {
+	ID        uuid.UUID `json:"id" db:"id"`
+	TenantID  uuid.UUID `json:"tenant_id" db:"tenant_id"`
+	Name      string    `json:"name" db:"name"`
+	Document  string    `json:"document" db:"document"`
+	Email     string    `json:"email" db:"email"`
+	Phone     string    `json:"phone" db:"phone"`
+	Type      string    `json:"type" db:"type"` // customer, supplier, both
+	Status    string    `json:"status" db:"status"`
+	Address   string    `json:"address" db:"address"`
+	City      string    `json:"city" db:"city"`
+	State     string    `json:"state" db:"state"`
+	Zip       string    `json:"zip" db:"zip"`
+	Notes     string    `json:"notes" db:"notes"`
+	CreatedAt time.Time `json:"created_at" db:"created_at"`
+	UpdatedAt time.Time `json:"updated_at" db:"updated_at"`
+}
+
+// FinancialTransaction represents a single financial movement
+type FinancialTransaction struct {
+	ID          uuid.UUID       `json:"id" db:"id"`
+	TenantID    uuid.UUID       `json:"tenant_id" db:"tenant_id"`
+	AccountID   *uuid.UUID      `json:"account_id" db:"account_id"`
+	CategoryID    *uuid.UUID      `json:"category_id" db:"category_id"`
+	EntityID      *uuid.UUID      `json:"entity_id" db:"entity_id"`
+	CRMCustomerID *uuid.UUID      `json:"crm_customer_id" db:"crm_customer_id"`
+	CompanyID     *uuid.UUID      `json:"company_id" db:"company_id"`
+	Description   string          `json:"description" db:"description"`
+	Amount      decimal.Decimal `json:"amount" db:"amount"`
+	Type        string          `json:"type" db:"type"`   // income, expense
+	Status      string          `json:"status" db:"status"` // pending, paid, cancelled
+	DueDate     *time.Time      `json:"due_date" db:"due_date"`
+	PaymentDate   *time.Time      `json:"payment_date" db:"payment_date"`
+	PaymentMethod string          `json:"payment_method" db:"payment_method"`
+	Attachments   []string        `json:"attachments" db:"attachments"`
+	CreatedBy   uuid.UUID       `json:"created_by" db:"created_by"`
+	CreatedAt   time.Time       `json:"created_at" db:"created_at"`
+	UpdatedAt   time.Time       `json:"updated_at" db:"updated_at"`
+}
+
+// Product represents a product or service in the catalog
+type Product struct {
+	ID            uuid.UUID       `json:"id" db:"id"`
+	TenantID      uuid.UUID       `json:"tenant_id" db:"tenant_id"`
+	Name          string          `json:"name" db:"name"`
+	SKU           string          `json:"sku" db:"sku"`
+	Description   string          `json:"description" db:"description"`
+	Price         decimal.Decimal `json:"price" db:"price"`
+	CostPrice     decimal.Decimal `json:"cost_price" db:"cost_price"`
+	Type          string          `json:"type" db:"type"` // product, service
+	StockQuantity int             `json:"stock_quantity" db:"stock_quantity"`
+	IsActive      bool            `json:"is_active" db:"is_active"`
+	CreatedAt     time.Time       `json:"created_at" db:"created_at"`
+	UpdatedAt     time.Time       `json:"updated_at" db:"updated_at"`
+}
+
+// Order represents a sales or service order
+type Order struct {
+	ID          uuid.UUID       `json:"id" db:"id"`
+	TenantID    uuid.UUID       `json:"tenant_id" db:"tenant_id"`
+	CustomerID  *uuid.UUID      `json:"customer_id" db:"customer_id"`
+	EntityID    *uuid.UUID      `json:"entity_id" db:"entity_id"`
+	Status      string          `json:"status" db:"status"` // draft, confirmed, completed, cancelled
+	TotalAmount decimal.Decimal `json:"total_amount" db:"total_amount"`
+	Notes       string          `json:"notes" db:"notes"`
+	CreatedBy   uuid.UUID       `json:"created_by" db:"created_by"`
+	CreatedAt   time.Time       `json:"created_at" db:"created_at"`
+	UpdatedAt   time.Time       `json:"updated_at" db:"updated_at"`
+}
+
+// OrderItem represents an item within an order
+type OrderItem struct {
+	ID         uuid.UUID       `json:"id" db:"id"`
+	OrderID    uuid.UUID       `json:"order_id" db:"order_id"`
+	ProductID  uuid.UUID       `json:"product_id" db:"product_id"`
+	Quantity   int             `json:"quantity" db:"quantity"`
+	UnitPrice  decimal.Decimal `json:"unit_price" db:"unit_price"`
+	TotalPrice decimal.Decimal `json:"total_price" db:"total_price"`
+	CreatedAt  time.Time       `json:"created_at" db:"created_at"`
+}

backend/internal/domain/plan.go

@@ -0,0 +1,78 @@
+package domain
+
+import (
+	"time"
+
+	"github.com/google/uuid"
+	"github.com/lib/pq"
+	"github.com/shopspring/decimal"
+)
+
+// Plan represents a subscription plan in the system
+type Plan struct {
+	ID              uuid.UUID           `json:"id" db:"id"`
+	Name            string              `json:"name" db:"name"`
+	Slug            string              `json:"slug" db:"slug"`
+	Description     string              `json:"description" db:"description"`
+	MinUsers        int                 `json:"min_users" db:"min_users"`
+	MaxUsers        int                 `json:"max_users" db:"max_users"` // -1 means unlimited
+	MonthlyPrice    *decimal.Decimal    `json:"monthly_price" db:"monthly_price"`
+	AnnualPrice     *decimal.Decimal    `json:"annual_price" db:"annual_price"`
+	Features        pq.StringArray      `json:"features" db:"features"`
+	Differentiators pq.StringArray      `json:"differentiators" db:"differentiators"`
+	StorageGB       int                 `json:"storage_gb" db:"storage_gb"`
+	IsActive        bool                `json:"is_active" db:"is_active"`
+	CreatedAt       time.Time           `json:"created_at" db:"created_at"`
+	UpdatedAt       time.Time           `json:"updated_at" db:"updated_at"`
+}
+
+// CreatePlanRequest represents the request to create a new plan
+type CreatePlanRequest struct {
+	Name            string     `json:"name" validate:"required"`
+	Slug            string     `json:"slug" validate:"required"`
+	Description     string     `json:"description"`
+	MinUsers        int        `json:"min_users" validate:"required,min=1"`
+	MaxUsers        int        `json:"max_users" validate:"required"` // -1 for unlimited
+	MonthlyPrice    *float64   `json:"monthly_price"`
+	AnnualPrice     *float64   `json:"annual_price"`
+	Features        []string   `json:"features"`
+	Differentiators []string   `json:"differentiators"`
+	StorageGB       int        `json:"storage_gb" validate:"required,min=1"`
+	IsActive        bool       `json:"is_active"`
+}
+
+// UpdatePlanRequest represents the request to update a plan
+type UpdatePlanRequest struct {
+	Name            *string    `json:"name"`
+	Slug            *string    `json:"slug"`
+	Description     *string    `json:"description"`
+	MinUsers        *int       `json:"min_users"`
+	MaxUsers        *int       `json:"max_users"`
+	MonthlyPrice    *float64   `json:"monthly_price"`
+	AnnualPrice     *float64   `json:"annual_price"`
+	Features        []string   `json:"features"`
+	Differentiators []string   `json:"differentiators"`
+	StorageGB       *int       `json:"storage_gb"`
+	IsActive        *bool      `json:"is_active"`
+}
+
+// Subscription represents an agency's subscription to a plan
+type Subscription struct {
+	ID          uuid.UUID `json:"id" db:"id"`
+	AgencyID    uuid.UUID `json:"agency_id" db:"agency_id"`
+	PlanID      uuid.UUID `json:"plan_id" db:"plan_id"`
+	BillingType string    `json:"billing_type" db:"billing_type"` // monthly or annual
+	CurrentUsers int      `json:"current_users" db:"current_users"`
+	Status      string    `json:"status" db:"status"` // active, suspended, cancelled
+	StartDate   time.Time `json:"start_date" db:"start_date"`
+	RenewalDate time.Time `json:"renewal_date" db:"renewal_date"`
+	CreatedAt   time.Time `json:"created_at" db:"created_at"`
+	UpdatedAt   time.Time `json:"updated_at" db:"updated_at"`
+}
+
+// CreateSubscriptionRequest represents the request to create a subscription
+type CreateSubscriptionRequest struct {
+	AgencyID    uuid.UUID `json:"agency_id" validate:"required"`
+	PlanID      uuid.UUID `json:"plan_id" validate:"required"`
+	BillingType string    `json:"billing_type" validate:"required,oneof=monthly annual"`
+}

backend/internal/domain/solution.go

@@ -0,0 +1,20 @@
+package domain
+
+import "time"
+
+type Solution struct {
+	ID          string    `json:"id" db:"id"`
+	Name        string    `json:"name" db:"name"`
+	Slug        string    `json:"slug" db:"slug"`
+	Icon        string    `json:"icon" db:"icon"`
+	Description string    `json:"description" db:"description"`
+	IsActive    bool      `json:"is_active" db:"is_active"`
+	CreatedAt   time.Time `json:"created_at" db:"created_at"`
+	UpdatedAt   time.Time `json:"updated_at" db:"updated_at"`
+}
+
+type PlanSolution struct {
+	PlanID     string    `json:"plan_id" db:"plan_id"`
+	SolutionID string    `json:"solution_id" db:"solution_id"`
+	CreatedAt  time.Time `json:"created_at" db:"created_at"`
+}

backend/internal/domain/tenant.go

@@ -45,7 +45,15 @@ type CreateTenantRequest struct {
 
 // AgencyDetails aggregates tenant info with its admin user for superadmin view
 type AgencyDetails struct {
-	Tenant    *Tenant `json:"tenant"`
+	Tenant       *Tenant                 `json:"tenant"`
-	Admin     *User   `json:"admin,omitempty"`
+	Admin        *User                   `json:"admin,omitempty"`
-	AccessURL string  `json:"access_url"`
+	Subscription *AgencySubscriptionInfo `json:"subscription,omitempty"`
+	AccessURL    string                  `json:"access_url"`
+}
+
+type AgencySubscriptionInfo struct {
+	PlanID    string     `json:"plan_id"`
+	PlanName  string     `json:"plan_name"`
+	Status    string     `json:"status"`
+	Solutions []Solution `json:"solutions"`
 }

backend/internal/domain/user.go

@@ -8,14 +8,17 @@ import (
 
 // User represents a user in the system
 type User struct {
-	ID        uuid.UUID  `json:"id" db:"id"`
+	ID                   uuid.UUID  `json:"id" db:"id"`
-	TenantID  *uuid.UUID `json:"tenant_id,omitempty" db:"tenant_id"`
+	TenantID             *uuid.UUID `json:"tenant_id,omitempty" db:"tenant_id"`
-	Email     string     `json:"email" db:"email"`
+	Email                string     `json:"email" db:"email"`
-	Password  string     `json:"-" db:"password_hash"`
+	Password             string     `json:"-" db:"password_hash"`
-	Name      string     `json:"name" db:"first_name"`
+	Name                 string     `json:"name" db:"first_name"`
-	Role      string     `json:"role" db:"role"` // SUPERADMIN, ADMIN_AGENCIA, CLIENTE
+	Role                 string     `json:"role" db:"role"` // SUPERADMIN, ADMIN_AGENCIA, CLIENTE
-	CreatedAt time.Time  `json:"created_at" db:"created_at"`
+	AgencyRole           string     `json:"agency_role" db:"agency_role"` // owner or collaborator (only for ADMIN_AGENCIA)
-	UpdatedAt time.Time  `json:"updated_at" db:"updated_at"`
+	CreatedBy            *uuid.UUID `json:"created_by,omitempty" db:"created_by"` // Which owner created this collaborator
+	CollaboratorCreatedAt *time.Time `json:"collaborator_created_at,omitempty" db:"collaborator_created_at"` // When collaborator was added
+	CreatedAt            time.Time  `json:"created_at" db:"created_at"`
+	UpdatedAt            time.Time  `json:"updated_at" db:"updated_at"`
 }
 
 // CreateUserRequest represents the request to create a new user

backend/internal/repository/document_repository.go

@@ -0,0 +1,156 @@
+package repository
+
+import (
+	"aggios-app/backend/internal/domain"
+	"database/sql"
+	"fmt"
+)
+
+type DocumentRepository struct {
+	db *sql.DB
+}
+
+func NewDocumentRepository(db *sql.DB) *DocumentRepository {
+	return &DocumentRepository{db: db}
+}
+
+func (r *DocumentRepository) Create(doc *domain.Document) error {
+	query := `
+		INSERT INTO documents (id, tenant_id, parent_id, title, content, status, created_by, last_updated_by, version, created_at, updated_at)
+		VALUES ($1, $2, $3, $4, $5, $6, $7, $7, 1, NOW(), NOW())
+	`
+	_, err := r.db.Exec(query, doc.ID, doc.TenantID, doc.ParentID, doc.Title, doc.Content, doc.Status, doc.CreatedBy)
+	if err != nil {
+		return err
+	}
+	return r.logActivity(doc.ID.String(), doc.TenantID.String(), doc.CreatedBy.String(), "created", "Criou o documento")
+}
+
+func (r *DocumentRepository) GetByTenant(tenantID string) ([]domain.Document, error) {
+	query := `
+		SELECT id, tenant_id, parent_id, title, content, status, created_by, last_updated_by, version, created_at, updated_at
+		FROM documents
+		WHERE tenant_id = $1 AND parent_id IS NULL
+		ORDER BY updated_at DESC
+	`
+	rows, err := r.db.Query(query, tenantID)
+	if err != nil {
+		return nil, err
+	}
+	defer rows.Close()
+
+	var docs []domain.Document
+	for rows.Next() {
+		var doc domain.Document
+		if err := rows.Scan(&doc.ID, &doc.TenantID, &doc.ParentID, &doc.Title, &doc.Content, &doc.Status, &doc.CreatedBy, &doc.LastUpdatedBy, &doc.Version, &doc.CreatedAt, &doc.UpdatedAt); err != nil {
+			return nil, err
+		}
+		docs = append(docs, doc)
+	}
+	return docs, nil
+}
+
+func (r *DocumentRepository) GetSubpages(parentID, tenantID string) ([]domain.Document, error) {
+	query := `
+		SELECT id, tenant_id, parent_id, title, content, status, created_by, last_updated_by, version, created_at, updated_at
+		FROM documents
+		WHERE parent_id = $1 AND tenant_id = $2
+		ORDER BY created_at ASC
+	`
+	rows, err := r.db.Query(query, parentID, tenantID)
+	if err != nil {
+		return nil, err
+	}
+	defer rows.Close()
+
+	var docs []domain.Document
+	for rows.Next() {
+		var doc domain.Document
+		if err := rows.Scan(&doc.ID, &doc.TenantID, &doc.ParentID, &doc.Title, &doc.Content, &doc.Status, &doc.CreatedBy, &doc.LastUpdatedBy, &doc.Version, &doc.CreatedAt, &doc.UpdatedAt); err != nil {
+			return nil, err
+		}
+		docs = append(docs, doc)
+	}
+	return docs, nil
+}
+
+func (r *DocumentRepository) GetByID(id, tenantID string) (*domain.Document, error) {
+	query := `
+		SELECT id, tenant_id, parent_id, title, content, status, created_by, last_updated_by, version, created_at, updated_at
+		FROM documents
+		WHERE id = $1 AND tenant_id = $2
+	`
+	var doc domain.Document
+	err := r.db.QueryRow(query, id, tenantID).Scan(
+		&doc.ID, &doc.TenantID, &doc.ParentID, &doc.Title, &doc.Content, &doc.Status, &doc.CreatedBy, &doc.LastUpdatedBy, &doc.Version, &doc.CreatedAt, &doc.UpdatedAt,
+	)
+	if err != nil {
+		if err == sql.ErrNoRows {
+			return nil, nil
+		}
+		return nil, err
+	}
+	return &doc, nil
+}
+
+func (r *DocumentRepository) Update(doc *domain.Document) error {
+	query := `
+		UPDATE documents
+		SET title = $1, content = $2, status = $3, last_updated_by = $4, version = version + 1, updated_at = NOW()
+		WHERE id = $5 AND tenant_id = $6
+	`
+	_, err := r.db.Exec(query, doc.Title, doc.Content, doc.Status, doc.LastUpdatedBy, doc.ID, doc.TenantID)
+	if err != nil {
+		return err
+	}
+	return r.logActivity(doc.ID.String(), doc.TenantID.String(), doc.LastUpdatedBy.String(), "updated", "Atualizou o conteúdo")
+}
+
+func (r *DocumentRepository) Delete(id, tenantID string) error {
+	query := "DELETE FROM documents WHERE id = $1 AND tenant_id = $2"
+	res, err := r.db.Exec(query, id, tenantID)
+	if err != nil {
+		return err
+	}
+	rows, _ := res.RowsAffected()
+	if rows == 0 {
+		return fmt.Errorf("document not found")
+	}
+	return nil
+}
+
+func (r *DocumentRepository) logActivity(docID, tenantID, userID, action, description string) error {
+	query := `
+		INSERT INTO document_activities (document_id, tenant_id, user_id, action, description)
+		VALUES ($1, $2, $3, $4, $5)
+	`
+	_, err := r.db.Exec(query, docID, tenantID, userID, action, description)
+	return err
+}
+
+func (r *DocumentRepository) GetActivities(docID, tenantID string) ([]domain.DocumentActivity, error) {
+	query := `
+		SELECT a.id, a.document_id, a.tenant_id, a.user_id, COALESCE(u.first_name, 'Usuário Removido') as user_name, a.action, a.description, a.created_at
+		FROM document_activities a
+		LEFT JOIN users u ON a.user_id = u.id
+		WHERE a.document_id = $1 AND a.tenant_id = $2
+		ORDER BY a.created_at DESC
+		LIMIT 20
+	`
+	rows, err := r.db.Query(query, docID, tenantID)
+	if err != nil {
+		return nil, err
+	}
+	defer rows.Close()
+
+	var activities []domain.DocumentActivity
+	for rows.Next() {
+		var a domain.DocumentActivity
+		err := rows.Scan(&a.ID, &a.DocumentID, &a.TenantID, &a.UserID, &a.UserName, &a.Action, &a.Description, &a.CreatedAt)
+		if err != nil {
+			return nil, err
+		}
+		activities = append(activities, a)
+	}
+	return activities, nil
+}

backend/internal/repository/erp_repository.go

@@ -0,0 +1,493 @@
+package repository
+
+import (
+	"aggios-app/backend/internal/domain"
+	"database/sql"
+	"github.com/lib/pq"
+)
+
+type ERPRepository struct {
+	db *sql.DB
+}
+
+func NewERPRepository(db *sql.DB) *ERPRepository {
+	return &ERPRepository{db: db}
+}
+
+// ==================== FINANCE: CATEGORIES ====================
+
+func (r *ERPRepository) CreateFinancialCategory(cat *domain.FinancialCategory) error {
+	query := `
+		INSERT INTO erp_financial_categories (id, tenant_id, name, type, color, is_active)
+		VALUES ($1, $2, $3, $4, $5, $6)
+		RETURNING created_at, updated_at
+	`
+	return r.db.QueryRow(
+		query,
+		cat.ID, cat.TenantID, cat.Name, cat.Type, cat.Color, cat.IsActive,
+	).Scan(&cat.CreatedAt, &cat.UpdatedAt)
+}
+
+func (r *ERPRepository) GetFinancialCategoriesByTenant(tenantID string) ([]domain.FinancialCategory, error) {
+	query := `
+		SELECT id, tenant_id, name, type, color, is_active, created_at, updated_at
+		FROM erp_financial_categories
+		WHERE tenant_id = $1
+		ORDER BY name ASC
+	`
+	rows, err := r.db.Query(query, tenantID)
+	if err != nil {
+		return nil, err
+	}
+	defer rows.Close()
+
+	var categories []domain.FinancialCategory
+	for rows.Next() {
+		var c domain.FinancialCategory
+		err := rows.Scan(&c.ID, &c.TenantID, &c.Name, &c.Type, &c.Color, &c.IsActive, &c.CreatedAt, &c.UpdatedAt)
+		if err != nil {
+			return nil, err
+		}
+		categories = append(categories, c)
+	}
+	return categories, nil
+}
+
+// ==================== FINANCE: BANK ACCOUNTS ====================
+
+func (r *ERPRepository) CreateBankAccount(acc *domain.BankAccount) error {
+	query := `
+		INSERT INTO erp_bank_accounts (id, tenant_id, name, bank_name, initial_balance, current_balance, is_active)
+		VALUES ($1, $2, $3, $4, $5, $6, $7)
+		RETURNING created_at, updated_at
+	`
+	return r.db.QueryRow(
+		query,
+		acc.ID, acc.TenantID, acc.Name, acc.BankName, acc.InitialBalance, acc.InitialBalance, acc.IsActive,
+	).Scan(&acc.CreatedAt, &acc.UpdatedAt)
+}
+
+func (r *ERPRepository) GetBankAccountsByTenant(tenantID string) ([]domain.BankAccount, error) {
+	query := `
+		SELECT id, tenant_id, name, bank_name, initial_balance, current_balance, is_active, created_at, updated_at
+		FROM erp_bank_accounts
+		WHERE tenant_id = $1
+		ORDER BY name ASC
+	`
+	rows, err := r.db.Query(query, tenantID)
+	if err != nil {
+		return nil, err
+	}
+	defer rows.Close()
+
+	var accounts []domain.BankAccount
+	for rows.Next() {
+		var a domain.BankAccount
+		err := rows.Scan(&a.ID, &a.TenantID, &a.Name, &a.BankName, &a.InitialBalance, &a.CurrentBalance, &a.IsActive, &a.CreatedAt, &a.UpdatedAt)
+		if err != nil {
+			return nil, err
+		}
+		accounts = append(accounts, a)
+	}
+	return accounts, nil
+}
+
+// ==================== ENTITIES: CUSTOMERS & SUPPLIERS ====================
+
+func (r *ERPRepository) CreateEntity(e *domain.Entity) error {
+	query := `
+		INSERT INTO erp_entities (id, tenant_id, name, document, email, phone, type, status, address, city, state, zip, notes)
+		VALUES ($1, $2, $3, $4, $5, $6, $7, $8, $9, $10, $11, $12, $13)
+		RETURNING created_at, updated_at
+	`
+	return r.db.QueryRow(
+		query,
+		e.ID, e.TenantID, e.Name, e.Document, e.Email, e.Phone, e.Type, e.Status, e.Address, e.City, e.State, e.Zip, e.Notes,
+	).Scan(&e.CreatedAt, &e.UpdatedAt)
+}
+
+func (r *ERPRepository) GetEntitiesByTenant(tenantID string, entityType string) ([]domain.Entity, error) {
+	query := `
+		SELECT id, tenant_id, name, document, email, phone, type, status, address, city, state, zip, notes, created_at, updated_at
+		FROM erp_entities
+		WHERE tenant_id = $1
+	`
+	var args []interface{}
+	args = append(args, tenantID)
+
+	if entityType != "" {
+		query += " AND (type = $2 OR type = 'both')"
+		args = append(args, entityType)
+	}
+
+	query += " ORDER BY name ASC"
+
+	rows, err := r.db.Query(query, args...)
+	if err != nil {
+		return nil, err
+	}
+	defer rows.Close()
+
+	var entities []domain.Entity
+	for rows.Next() {
+		var e domain.Entity
+		err := rows.Scan(
+			&e.ID, &e.TenantID, &e.Name, &e.Document, &e.Email, &e.Phone, &e.Type, &e.Status, &e.Address, &e.City, &e.State, &e.Zip, &e.Notes, &e.CreatedAt, &e.UpdatedAt,
+		)
+		if err != nil {
+			return nil, err
+		}
+		entities = append(entities, e)
+	}
+	return entities, nil
+}
+
+// ==================== FINANCE: TRANSACTIONS ====================
+
+func (r *ERPRepository) CreateTransaction(t *domain.FinancialTransaction) error {
+	tx, err := r.db.Begin()
+	if err != nil {
+		return err
+	}
+	defer tx.Rollback()
+
+	query := `
+		INSERT INTO erp_financial_transactions (
+			id, tenant_id, account_id, category_id, entity_id, crm_customer_id, company_id, description, amount, type, status, due_date, payment_date, payment_method, attachments, created_by
+		) VALUES ($1, $2, $3, $4, $5, $6, $7, $8, $9, $10, $11, $12, $13, $14, $15, $16)
+		RETURNING created_at, updated_at
+	`
+	err = tx.QueryRow(
+		query,
+		t.ID, t.TenantID, t.AccountID, t.CategoryID, t.EntityID, t.CRMCustomerID, t.CompanyID, t.Description, t.Amount, t.Type, t.Status, t.DueDate, t.PaymentDate, t.PaymentMethod, pq.Array(t.Attachments), t.CreatedBy,
+	).Scan(&t.CreatedAt, &t.UpdatedAt)
+	if err != nil {
+		return err
+	}
+
+	// Update balance if paid
+	if t.Status == "paid" && t.AccountID != nil {
+		balanceQuery := ""
+		if t.Type == "income" {
+			balanceQuery = "UPDATE erp_bank_accounts SET current_balance = current_balance + $1 WHERE id = $2"
+		} else {
+			balanceQuery = "UPDATE erp_bank_accounts SET current_balance = current_balance - $1 WHERE id = $2"
+		}
+		_, err = tx.Exec(balanceQuery, t.Amount, t.AccountID)
+		if err != nil {
+			return err
+		}
+	}
+
+	return tx.Commit()
+}
+
+func (r *ERPRepository) GetTransactionsByTenant(tenantID string) ([]domain.FinancialTransaction, error) {
+	query := `
+		SELECT id, tenant_id, account_id, category_id, entity_id, crm_customer_id, company_id, description, amount, type, status, due_date, payment_date, payment_method, attachments, created_by, created_at, updated_at
+		FROM erp_financial_transactions
+		WHERE tenant_id = $1
+		ORDER BY created_at DESC
+	`
+	rows, err := r.db.Query(query, tenantID)
+	if err != nil {
+		return nil, err
+	}
+	defer rows.Close()
+
+	var transactions []domain.FinancialTransaction
+	for rows.Next() {
+		var t domain.FinancialTransaction
+		err := rows.Scan(
+			&t.ID, &t.TenantID, &t.AccountID, &t.CategoryID, &t.EntityID, &t.CRMCustomerID, &t.CompanyID, &t.Description, &t.Amount, &t.Type, &t.Status, &t.DueDate, &t.PaymentDate, &t.PaymentMethod, pq.Array(&t.Attachments), &t.CreatedBy, &t.CreatedAt, &t.UpdatedAt,
+		)
+		if err != nil {
+			return nil, err
+		}
+		transactions = append(transactions, t)
+	}
+	return transactions, nil
+}
+
+// ==================== PRODUCTS ====================
+
+func (r *ERPRepository) CreateProduct(p *domain.Product) error {
+	query := `
+		INSERT INTO erp_products (id, tenant_id, name, sku, description, price, cost_price, type, stock_quantity, is_active)
+		VALUES ($1, $2, $3, $4, $5, $6, $7, $8, $9, $10)
+		RETURNING created_at, updated_at
+	`
+	return r.db.QueryRow(
+		query,
+		p.ID, p.TenantID, p.Name, p.SKU, p.Description, p.Price, p.CostPrice, p.Type, p.StockQuantity, p.IsActive,
+	).Scan(&p.CreatedAt, &p.UpdatedAt)
+}
+
+func (r *ERPRepository) GetProductsByTenant(tenantID string) ([]domain.Product, error) {
+	query := `
+		SELECT id, tenant_id, name, sku, description, price, cost_price, type, stock_quantity, is_active, created_at, updated_at
+		FROM erp_products
+		WHERE tenant_id = $1
+		ORDER BY name ASC
+	`
+	rows, err := r.db.Query(query, tenantID)
+	if err != nil {
+		return nil, err
+	}
+	defer rows.Close()
+
+	var products []domain.Product
+	for rows.Next() {
+		var p domain.Product
+		err := rows.Scan(&p.ID, &p.TenantID, &p.Name, &p.SKU, &p.Description, &p.Price, &p.CostPrice, &p.Type, &p.StockQuantity, &p.IsActive, &p.CreatedAt, &p.UpdatedAt)
+		if err != nil {
+			return nil, err
+		}
+		products = append(products, p)
+	}
+	return products, nil
+}
+
+// ==================== ORDERS ====================
+
+func (r *ERPRepository) CreateOrder(o *domain.Order, items []domain.OrderItem) error {
+	tx, err := r.db.Begin()
+	if err != nil {
+		return err
+	}
+	defer tx.Rollback()
+
+	orderQuery := `
+		INSERT INTO erp_orders (id, tenant_id, customer_id, entity_id, status, total_amount, notes, created_by)
+		VALUES ($1, $2, $3, $4, $5, $6, $7, $8)
+		RETURNING created_at, updated_at
+	`
+	err = tx.QueryRow(
+		orderQuery,
+		o.ID, o.TenantID, o.CustomerID, o.EntityID, o.Status, o.TotalAmount, o.Notes, o.CreatedBy,
+	).Scan(&o.CreatedAt, &o.UpdatedAt)
+	if err != nil {
+		return err
+	}
+
+	itemQuery := `
+		INSERT INTO erp_order_items (id, order_id, product_id, quantity, unit_price, total_price)
+		VALUES ($1, $2, $3, $4, $5, $6)
+	`
+	for _, item := range items {
+		_, err = tx.Exec(itemQuery, item.ID, o.ID, item.ProductID, item.Quantity, item.UnitPrice, item.TotalPrice)
+		if err != nil {
+			return err
+		}
+
+		// Update stock if product
+		stockQuery := "UPDATE erp_products SET stock_quantity = stock_quantity - $1 WHERE id = $2 AND type = 'product'"
+		_, err = tx.Exec(stockQuery, item.Quantity, item.ProductID)
+		if err != nil {
+			return err
+		}
+	}
+
+	return tx.Commit()
+}
+
+func (r *ERPRepository) GetOrdersByTenant(tenantID string) ([]domain.Order, error) {
+	query := `
+		SELECT id, tenant_id, customer_id, status, total_amount, notes, created_by, created_at, updated_at
+		FROM erp_orders
+		WHERE tenant_id = $1
+		ORDER BY created_at DESC
+	`
+	rows, err := r.db.Query(query, tenantID)
+	if err != nil {
+		return nil, err
+	}
+	defer rows.Close()
+
+	var orders []domain.Order
+	for rows.Next() {
+		var o domain.Order
+		err := rows.Scan(&o.ID, &o.TenantID, &o.CustomerID, &o.Status, &o.TotalAmount, &o.Notes, &o.CreatedBy, &o.CreatedAt, &o.UpdatedAt)
+		if err != nil {
+			return nil, err
+		}
+		orders = append(orders, o)
+	}
+	return orders, nil
+}
+func (r *ERPRepository) UpdateTransaction(t *domain.FinancialTransaction) error {
+	tx, err := r.db.Begin()
+	if err != nil {
+		return err
+	}
+	defer tx.Rollback()
+
+	// Get old transaction to adjust balance
+	var oldT domain.FinancialTransaction
+	err = tx.QueryRow(`
+		SELECT amount, type, status, account_id 
+		FROM erp_financial_transactions 
+		WHERE id = $1 AND tenant_id = $2`, t.ID, t.TenantID).
+		Scan(&oldT.Amount, &oldT.Type, &oldT.Status, &oldT.AccountID)
+	if err != nil {
+		return err
+	}
+
+	// Falls back to old type if not provided in request
+	if t.Type == "" {
+		t.Type = oldT.Type
+	}
+
+	// Reverse old balance impact
+	if oldT.Status == "paid" && oldT.AccountID != nil {
+		balanceQuery := ""
+		if oldT.Type == "income" {
+			balanceQuery = "UPDATE erp_bank_accounts SET current_balance = current_balance - $1 WHERE id = $2"
+		} else {
+			balanceQuery = "UPDATE erp_bank_accounts SET current_balance = current_balance + $1 WHERE id = $2"
+		}
+		_, err = tx.Exec(balanceQuery, oldT.Amount, oldT.AccountID)
+		if err != nil {
+			return err
+		}
+	}
+
+	query := `
+		UPDATE erp_financial_transactions
+		SET description = $1, amount = $2, type = $3, status = $4, due_date = $5, payment_date = $6, 
+		    category_id = $7, entity_id = $8, crm_customer_id = $9, company_id = $10, account_id = $11, payment_method = $12, updated_at = NOW()
+		WHERE id = $13 AND tenant_id = $14
+	`
+	_, err = tx.Exec(query, 
+		t.Description, t.Amount, t.Type, t.Status, t.DueDate, t.PaymentDate, 
+		t.CategoryID, t.EntityID, t.CRMCustomerID, t.CompanyID, t.AccountID, t.PaymentMethod, 
+		t.ID, t.TenantID)
+	if err != nil {
+		return err
+	}
+
+	// Apply new balance impact
+	if t.Status == "paid" && t.AccountID != nil {
+		balanceQuery := ""
+		if t.Type == "income" {
+			balanceQuery = "UPDATE erp_bank_accounts SET current_balance = current_balance + $1 WHERE id = $2"
+		} else {
+			balanceQuery = "UPDATE erp_bank_accounts SET current_balance = current_balance - $1 WHERE id = $2"
+		}
+		_, err = tx.Exec(balanceQuery, t.Amount, t.AccountID)
+		if err != nil {
+			return err
+		}
+	}
+
+	return tx.Commit()
+}
+
+func (r *ERPRepository) DeleteTransaction(id, tenantID string) error {
+	tx, err := r.db.Begin()
+	if err != nil {
+		return err
+	}
+	defer tx.Rollback()
+
+	// Adjust balance before delete
+	var t domain.FinancialTransaction
+	err = tx.QueryRow(`
+		SELECT amount, type, status, account_id 
+		FROM erp_financial_transactions 
+		WHERE id = $1 AND tenant_id = $2`, id, tenantID).
+		Scan(&t.Amount, &t.Type, &t.Status, &t.AccountID)
+	if err != nil {
+		return err
+	}
+
+	if t.Status == "paid" && t.AccountID != nil {
+		balanceQuery := ""
+		if t.Type == "income" {
+			balanceQuery = "UPDATE erp_bank_accounts SET current_balance = current_balance - $1 WHERE id = $2"
+		} else {
+			balanceQuery = "UPDATE erp_bank_accounts SET current_balance = current_balance + $1 WHERE id = $2"
+		}
+		_, err = tx.Exec(balanceQuery, t.Amount, t.AccountID)
+		if err != nil {
+			return err
+		}
+	}
+
+	_, err = tx.Exec("DELETE FROM erp_financial_transactions WHERE id = $1 AND tenant_id = $2", id, tenantID)
+	if err != nil {
+		return err
+	}
+
+	return tx.Commit()
+}
+
+
+func (r *ERPRepository) UpdateEntity(e *domain.Entity) error {
+	query := `
+		UPDATE erp_entities
+		SET name = $1, document = $2, email = $3, phone = $4, type = $5, status = $6, 
+		    address = $7, city = $8, state = $9, zip = $10, notes = $11, updated_at = NOW()
+		WHERE id = $12 AND tenant_id = $13
+	`
+	_, err := r.db.Exec(query, e.Name, e.Document, e.Email, e.Phone, e.Type, e.Status, e.Address, e.City, e.State, e.Zip, e.Notes, e.ID, e.TenantID)
+	return err
+}
+
+func (r *ERPRepository) DeleteEntity(id, tenantID string) error {
+	_, err := r.db.Exec("DELETE FROM erp_entities WHERE id = $1 AND tenant_id = $2", id, tenantID)
+	return err
+}
+
+func (r *ERPRepository) UpdateProduct(p *domain.Product) error {
+	query := `
+		UPDATE erp_products
+		SET name = $1, sku = $2, description = $3, price = $4, cost_price = $5, 
+		    type = $6, stock_quantity = $7, is_active = $8, updated_at = NOW()
+		WHERE id = $9 AND tenant_id = $10
+	`
+	_, err := r.db.Exec(query, p.Name, p.SKU, p.Description, p.Price, p.CostPrice, p.Type, p.StockQuantity, p.IsActive, p.ID, p.TenantID)
+	return err
+}
+
+func (r *ERPRepository) DeleteProduct(id, tenantID string) error {
+	_, err := r.db.Exec("DELETE FROM erp_products WHERE id = $1 AND tenant_id = $2", id, tenantID)
+	return err
+}
+
+func (r *ERPRepository) UpdateBankAccount(a *domain.BankAccount) error {
+	query := `
+		UPDATE erp_bank_accounts
+		SET name = $1, bank_name = $2, initial_balance = $3, is_active = $4, updated_at = NOW()
+		WHERE id = $5 AND tenant_id = $6
+	`
+	_, err := r.db.Exec(query, a.Name, a.BankName, a.InitialBalance, a.IsActive, a.ID, a.TenantID)
+	return err
+}
+
+func (r *ERPRepository) DeleteBankAccount(id, tenantID string) error {
+	_, err := r.db.Exec("DELETE FROM erp_bank_accounts WHERE id = $1 AND tenant_id = $2", id, tenantID)
+	return err
+}
+
+func (r *ERPRepository) DeleteOrder(id, tenantID string) error {
+	tx, err := r.db.Begin()
+	if err != nil {
+		return err
+	}
+	defer tx.Rollback()
+
+	// Deleta os itens do pedido primeiro
+	_, err = tx.Exec("DELETE FROM erp_order_items WHERE order_id = $1", id)
+	if err != nil {
+		return err
+	}
+
+	// Deleta o pedido
+	_, err = tx.Exec("DELETE FROM erp_orders WHERE id = $1 AND tenant_id = $2", id, tenantID)
+	if err != nil {
+		return err
+	}
+
+	return tx.Commit()
+}

backend/internal/repository/plan_repository.go

@@ -0,0 +1,283 @@
+package repository
+
+import (
+	"database/sql"
+	"time"
+
+	"aggios-app/backend/internal/domain"
+
+	"github.com/google/uuid"
+	"github.com/lib/pq"
+)
+
+// PlanRepository handles database operations for plans
+type PlanRepository struct {
+	db *sql.DB
+}
+
+// NewPlanRepository creates a new plan repository
+func NewPlanRepository(db *sql.DB) *PlanRepository {
+	return &PlanRepository{db: db}
+}
+
+// Create creates a new plan
+func (r *PlanRepository) Create(plan *domain.Plan) error {
+	query := `
+		INSERT INTO plans (id, name, slug, description, min_users, max_users, monthly_price, annual_price, features, differentiators, storage_gb, is_active, created_at, updated_at)
+		VALUES ($1, $2, $3, $4, $5, $6, $7, $8, $9, $10, $11, $12, $13, $14)
+		RETURNING id, created_at, updated_at
+	`
+
+	now := time.Now()
+	plan.ID = uuid.New()
+	plan.CreatedAt = now
+	plan.UpdatedAt = now
+
+	features := pq.Array(plan.Features)
+	differentiators := pq.Array(plan.Differentiators)
+
+	return r.db.QueryRow(
+		query,
+		plan.ID,
+		plan.Name,
+		plan.Slug,
+		plan.Description,
+		plan.MinUsers,
+		plan.MaxUsers,
+		plan.MonthlyPrice,
+		plan.AnnualPrice,
+		features,
+		differentiators,
+		plan.StorageGB,
+		plan.IsActive,
+		plan.CreatedAt,
+		plan.UpdatedAt,
+	).Scan(&plan.ID, &plan.CreatedAt, &plan.UpdatedAt)
+}
+
+// GetByID retrieves a plan by ID
+func (r *PlanRepository) GetByID(id uuid.UUID) (*domain.Plan, error) {
+	query := `
+		SELECT id, name, slug, description, min_users, max_users, monthly_price, annual_price, features, differentiators, storage_gb, is_active, created_at, updated_at
+		FROM plans
+		WHERE id = $1
+	`
+
+	plan := &domain.Plan{}
+	var features, differentiators pq.StringArray
+
+	err := r.db.QueryRow(query, id).Scan(
+		&plan.ID,
+		&plan.Name,
+		&plan.Slug,
+		&plan.Description,
+		&plan.MinUsers,
+		&plan.MaxUsers,
+		&plan.MonthlyPrice,
+		&plan.AnnualPrice,
+		&features,
+		&differentiators,
+		&plan.StorageGB,
+		&plan.IsActive,
+		&plan.CreatedAt,
+		&plan.UpdatedAt,
+	)
+
+	if err != nil {
+		return nil, err
+	}
+
+	plan.Features = []string(features)
+	plan.Differentiators = []string(differentiators)
+
+	return plan, nil
+}
+
+// GetBySlug retrieves a plan by slug
+func (r *PlanRepository) GetBySlug(slug string) (*domain.Plan, error) {
+	query := `
+		SELECT id, name, slug, description, min_users, max_users, monthly_price, annual_price, features, differentiators, storage_gb, is_active, created_at, updated_at
+		FROM plans
+		WHERE slug = $1
+	`
+
+	plan := &domain.Plan{}
+	var features, differentiators pq.StringArray
+
+	err := r.db.QueryRow(query, slug).Scan(
+		&plan.ID,
+		&plan.Name,
+		&plan.Slug,
+		&plan.Description,
+		&plan.MinUsers,
+		&plan.MaxUsers,
+		&plan.MonthlyPrice,
+		&plan.AnnualPrice,
+		&features,
+		&differentiators,
+		&plan.StorageGB,
+		&plan.IsActive,
+		&plan.CreatedAt,
+		&plan.UpdatedAt,
+	)
+
+	if err != nil {
+		return nil, err
+	}
+
+	plan.Features = []string(features)
+	plan.Differentiators = []string(differentiators)
+
+	return plan, nil
+}
+
+// ListAll retrieves all plans
+func (r *PlanRepository) ListAll() ([]*domain.Plan, error) {
+	query := `
+		SELECT id, name, slug, description, min_users, max_users, monthly_price, annual_price, features, differentiators, storage_gb, is_active, created_at, updated_at
+		FROM plans
+		ORDER BY min_users ASC
+	`
+
+	rows, err := r.db.Query(query)
+	if err != nil {
+		return nil, err
+	}
+	defer rows.Close()
+
+	var plans []*domain.Plan
+
+	for rows.Next() {
+		plan := &domain.Plan{}
+		var features, differentiators pq.StringArray
+
+		err := rows.Scan(
+			&plan.ID,
+			&plan.Name,
+			&plan.Slug,
+			&plan.Description,
+			&plan.MinUsers,
+			&plan.MaxUsers,
+			&plan.MonthlyPrice,
+			&plan.AnnualPrice,
+			&features,
+			&differentiators,
+			&plan.StorageGB,
+			&plan.IsActive,
+			&plan.CreatedAt,
+			&plan.UpdatedAt,
+		)
+
+		if err != nil {
+			return nil, err
+		}
+
+		plan.Features = []string(features)
+		plan.Differentiators = []string(differentiators)
+		plans = append(plans, plan)
+	}
+
+	return plans, rows.Err()
+}
+
+// ListActive retrieves all active plans
+func (r *PlanRepository) ListActive() ([]*domain.Plan, error) {
+	query := `
+		SELECT id, name, slug, description, min_users, max_users, monthly_price, annual_price, features, differentiators, storage_gb, is_active, created_at, updated_at
+		FROM plans
+		WHERE is_active = true
+		ORDER BY min_users ASC
+	`
+
+	rows, err := r.db.Query(query)
+	if err != nil {
+		return nil, err
+	}
+	defer rows.Close()
+
+	var plans []*domain.Plan
+
+	for rows.Next() {
+		plan := &domain.Plan{}
+		var features, differentiators pq.StringArray
+
+		err := rows.Scan(
+			&plan.ID,
+			&plan.Name,
+			&plan.Slug,
+			&plan.Description,
+			&plan.MinUsers,
+			&plan.MaxUsers,
+			&plan.MonthlyPrice,
+			&plan.AnnualPrice,
+			&features,
+			&differentiators,
+			&plan.StorageGB,
+			&plan.IsActive,
+			&plan.CreatedAt,
+			&plan.UpdatedAt,
+		)
+
+		if err != nil {
+			return nil, err
+		}
+
+		plan.Features = []string(features)
+		plan.Differentiators = []string(differentiators)
+		plans = append(plans, plan)
+	}
+
+	return plans, rows.Err()
+}
+
+// Update updates a plan
+func (r *PlanRepository) Update(plan *domain.Plan) error {
+	query := `
+		UPDATE plans
+		SET name = $2, slug = $3, description = $4, min_users = $5, max_users = $6, monthly_price = $7, annual_price = $8, features = $9, differentiators = $10, storage_gb = $11, is_active = $12, updated_at = $13
+		WHERE id = $1
+		RETURNING updated_at
+	`
+
+	plan.UpdatedAt = time.Now()
+
+	features := pq.Array(plan.Features)
+	differentiators := pq.Array(plan.Differentiators)
+
+	return r.db.QueryRow(
+		query,
+		plan.ID,
+		plan.Name,
+		plan.Slug,
+		plan.Description,
+		plan.MinUsers,
+		plan.MaxUsers,
+		plan.MonthlyPrice,
+		plan.AnnualPrice,
+		features,
+		differentiators,
+		plan.StorageGB,
+		plan.IsActive,
+		plan.UpdatedAt,
+	).Scan(&plan.UpdatedAt)
+}
+
+// Delete deletes a plan
+func (r *PlanRepository) Delete(id uuid.UUID) error {
+	query := `DELETE FROM plans WHERE id = $1`
+	result, err := r.db.Exec(query, id)
+	if err != nil {
+		return err
+	}
+
+	rowsAffected, err := result.RowsAffected()
+	if err != nil {
+		return err
+	}
+
+	if rowsAffected == 0 {
+		return sql.ErrNoRows
+	}
+
+	return nil
+}

backend/internal/repository/solution_repository.go

@@ -0,0 +1,300 @@
+package repository
+
+import (
+	"aggios-app/backend/internal/domain"
+	"database/sql"
+	"fmt"
+)
+
+type SolutionRepository struct {
+	db *sql.DB
+}
+
+func NewSolutionRepository(db *sql.DB) *SolutionRepository {
+	return &SolutionRepository{db: db}
+}
+
+// ==================== SOLUTIONS ====================
+
+func (r *SolutionRepository) CreateSolution(solution *domain.Solution) error {
+	query := `
+		INSERT INTO solutions (id, name, slug, icon, description, is_active)
+		VALUES ($1, $2, $3, $4, $5, $6)
+		RETURNING created_at, updated_at
+	`
+
+	return r.db.QueryRow(
+		query,
+		solution.ID, solution.Name, solution.Slug, solution.Icon,
+		solution.Description, solution.IsActive,
+	).Scan(&solution.CreatedAt, &solution.UpdatedAt)
+}
+
+func (r *SolutionRepository) GetAllSolutions() ([]domain.Solution, error) {
+	query := `
+		SELECT id, name, slug, icon, description, is_active, created_at, updated_at
+		FROM solutions
+		ORDER BY created_at DESC
+	`
+
+	rows, err := r.db.Query(query)
+	if err != nil {
+		return nil, err
+	}
+	defer rows.Close()
+
+	var solutions []domain.Solution
+	for rows.Next() {
+		var s domain.Solution
+		err := rows.Scan(
+			&s.ID, &s.Name, &s.Slug, &s.Icon, &s.Description,
+			&s.IsActive, &s.CreatedAt, &s.UpdatedAt,
+		)
+		if err != nil {
+			return nil, err
+		}
+		solutions = append(solutions, s)
+	}
+
+	return solutions, nil
+}
+
+func (r *SolutionRepository) GetActiveSolutions() ([]domain.Solution, error) {
+	query := `
+		SELECT id, name, slug, icon, description, is_active, created_at, updated_at
+		FROM solutions
+		WHERE is_active = true
+		ORDER BY name
+	`
+
+	rows, err := r.db.Query(query)
+	if err != nil {
+		return nil, err
+	}
+	defer rows.Close()
+
+	var solutions []domain.Solution
+	for rows.Next() {
+		var s domain.Solution
+		err := rows.Scan(
+			&s.ID, &s.Name, &s.Slug, &s.Icon, &s.Description,
+			&s.IsActive, &s.CreatedAt, &s.UpdatedAt,
+		)
+		if err != nil {
+			return nil, err
+		}
+		solutions = append(solutions, s)
+	}
+
+	return solutions, nil
+}
+
+func (r *SolutionRepository) GetSolutionByID(id string) (*domain.Solution, error) {
+	query := `
+		SELECT id, name, slug, icon, description, is_active, created_at, updated_at
+		FROM solutions
+		WHERE id = $1
+	`
+
+	var s domain.Solution
+	err := r.db.QueryRow(query, id).Scan(
+		&s.ID, &s.Name, &s.Slug, &s.Icon, &s.Description,
+		&s.IsActive, &s.CreatedAt, &s.UpdatedAt,
+	)
+
+	if err != nil {
+		return nil, err
+	}
+
+	return &s, nil
+}
+
+func (r *SolutionRepository) GetSolutionBySlug(slug string) (*domain.Solution, error) {
+	query := `
+		SELECT id, name, slug, icon, description, is_active, created_at, updated_at
+		FROM solutions
+		WHERE slug = $1
+	`
+
+	var s domain.Solution
+	err := r.db.QueryRow(query, slug).Scan(
+		&s.ID, &s.Name, &s.Slug, &s.Icon, &s.Description,
+		&s.IsActive, &s.CreatedAt, &s.UpdatedAt,
+	)
+
+	if err != nil {
+		return nil, err
+	}
+
+	return &s, nil
+}
+
+func (r *SolutionRepository) UpdateSolution(solution *domain.Solution) error {
+	query := `
+		UPDATE solutions SET
+			name = $1, slug = $2, icon = $3, description = $4, is_active = $5, updated_at = CURRENT_TIMESTAMP
+		WHERE id = $6
+	`
+
+	result, err := r.db.Exec(
+		query,
+		solution.Name, solution.Slug, solution.Icon, solution.Description,
+		solution.IsActive, solution.ID,
+	)
+
+	if err != nil {
+		return err
+	}
+
+	rows, err := result.RowsAffected()
+	if err != nil {
+		return err
+	}
+
+	if rows == 0 {
+		return fmt.Errorf("solution not found")
+	}
+
+	return nil
+}
+
+func (r *SolutionRepository) DeleteSolution(id string) error {
+	query := `DELETE FROM solutions WHERE id = $1`
+
+	result, err := r.db.Exec(query, id)
+	if err != nil {
+		return err
+	}
+
+	rows, err := result.RowsAffected()
+	if err != nil {
+		return err
+	}
+
+	if rows == 0 {
+		return fmt.Errorf("solution not found")
+	}
+
+	return nil
+}
+
+// ==================== PLAN <-> SOLUTION ====================
+
+func (r *SolutionRepository) AddSolutionToPlan(planID, solutionID string) error {
+	query := `
+		INSERT INTO plan_solutions (plan_id, solution_id)
+		VALUES ($1, $2)
+		ON CONFLICT (plan_id, solution_id) DO NOTHING
+	`
+
+	_, err := r.db.Exec(query, planID, solutionID)
+	return err
+}
+
+func (r *SolutionRepository) RemoveSolutionFromPlan(planID, solutionID string) error {
+	query := `DELETE FROM plan_solutions WHERE plan_id = $1 AND solution_id = $2`
+
+	_, err := r.db.Exec(query, planID, solutionID)
+	return err
+}
+
+func (r *SolutionRepository) GetPlanSolutions(planID string) ([]domain.Solution, error) {
+	query := `
+		SELECT s.id, s.name, s.slug, s.icon, s.description, s.is_active, s.created_at, s.updated_at
+		FROM solutions s
+		INNER JOIN plan_solutions ps ON s.id = ps.solution_id
+		WHERE ps.plan_id = $1
+		ORDER BY s.name
+	`
+
+	rows, err := r.db.Query(query, planID)
+	if err != nil {
+		return nil, err
+	}
+	defer rows.Close()
+
+	var solutions []domain.Solution
+	for rows.Next() {
+		var s domain.Solution
+		err := rows.Scan(
+			&s.ID, &s.Name, &s.Slug, &s.Icon, &s.Description,
+			&s.IsActive, &s.CreatedAt, &s.UpdatedAt,
+		)
+		if err != nil {
+			return nil, err
+		}
+		solutions = append(solutions, s)
+	}
+
+	return solutions, nil
+}
+
+func (r *SolutionRepository) SetPlanSolutions(planID string, solutionIDs []string) error {
+	// Inicia transação
+	tx, err := r.db.Begin()
+	if err != nil {
+		return err
+	}
+
+	// Remove todas as soluções antigas do plano
+	_, err = tx.Exec(`DELETE FROM plan_solutions WHERE plan_id = $1`, planID)
+	if err != nil {
+		tx.Rollback()
+		return err
+	}
+
+	// Adiciona as novas soluções
+	stmt, err := tx.Prepare(`INSERT INTO plan_solutions (plan_id, solution_id) VALUES ($1, $2)`)
+	if err != nil {
+		tx.Rollback()
+		return err
+	}
+	defer stmt.Close()
+
+	for _, solutionID := range solutionIDs {
+		_, err = stmt.Exec(planID, solutionID)
+		if err != nil {
+			tx.Rollback()
+			return err
+		}
+	}
+
+	return tx.Commit()
+}
+
+func (r *SolutionRepository) GetTenantSolutions(tenantID string) ([]domain.Solution, error) {
+	query := `
+		SELECT DISTINCT s.id, s.name, s.slug, s.icon, s.description, s.is_active, s.created_at, s.updated_at
+		FROM solutions s
+		INNER JOIN plan_solutions ps ON s.id = ps.solution_id
+		INNER JOIN agency_subscriptions asub ON ps.plan_id = asub.plan_id
+		WHERE asub.agency_id = $1 AND s.is_active = true AND asub.status = 'active'
+		ORDER BY s.name
+	`
+
+	rows, err := r.db.Query(query, tenantID)
+	if err != nil {
+		return nil, err
+	}
+	defer rows.Close()
+
+	var solutions []domain.Solution
+	for rows.Next() {
+		var s domain.Solution
+		err := rows.Scan(
+			&s.ID, &s.Name, &s.Slug, &s.Icon, &s.Description,
+			&s.IsActive, &s.CreatedAt, &s.UpdatedAt,
+		)
+		if err != nil {
+			return nil, err
+		}
+		solutions = append(solutions, s)
+	}
+
+	// Se não encontrou via subscription, retorna array vazio
+	if solutions == nil {
+		solutions = []domain.Solution{}
+	}
+
+	return solutions, nil
+}

backend/internal/repository/subscription_repository.go

@@ -0,0 +1,203 @@
+package repository
+
+import (
+	"database/sql"
+	"time"
+
+	"aggios-app/backend/internal/domain"
+
+	"github.com/google/uuid"
+)
+
+// SubscriptionRepository handles database operations for subscriptions
+type SubscriptionRepository struct {
+	db *sql.DB
+}
+
+// NewSubscriptionRepository creates a new subscription repository
+func NewSubscriptionRepository(db *sql.DB) *SubscriptionRepository {
+	return &SubscriptionRepository{db: db}
+}
+
+// Create creates a new subscription
+func (r *SubscriptionRepository) Create(subscription *domain.Subscription) error {
+	query := `
+		INSERT INTO agency_subscriptions (id, agency_id, plan_id, billing_type, current_users, status, start_date, renewal_date, created_at, updated_at)
+		VALUES ($1, $2, $3, $4, $5, $6, $7, $8, $9, $10)
+		RETURNING id, created_at, updated_at
+	`
+
+	now := time.Now()
+	subscription.ID = uuid.New()
+	subscription.CreatedAt = now
+	subscription.UpdatedAt = now
+	subscription.StartDate = now
+
+	// Set renewal date based on billing type
+	if subscription.BillingType == "annual" {
+		subscription.RenewalDate = now.AddDate(1, 0, 0)
+	} else {
+		subscription.RenewalDate = now.AddDate(0, 1, 0)
+	}
+
+	return r.db.QueryRow(
+		query,
+		subscription.ID,
+		subscription.AgencyID,
+		subscription.PlanID,
+		subscription.BillingType,
+		subscription.CurrentUsers,
+		subscription.Status,
+		subscription.StartDate,
+		subscription.RenewalDate,
+		subscription.CreatedAt,
+		subscription.UpdatedAt,
+	).Scan(&subscription.ID, &subscription.CreatedAt, &subscription.UpdatedAt)
+}
+
+// GetByID retrieves a subscription by ID
+func (r *SubscriptionRepository) GetByID(id uuid.UUID) (*domain.Subscription, error) {
+	query := `
+		SELECT id, agency_id, plan_id, billing_type, current_users, status, start_date, renewal_date, created_at, updated_at
+		FROM agency_subscriptions
+		WHERE id = $1
+	`
+
+	subscription := &domain.Subscription{}
+	err := r.db.QueryRow(query, id).Scan(
+		&subscription.ID,
+		&subscription.AgencyID,
+		&subscription.PlanID,
+		&subscription.BillingType,
+		&subscription.CurrentUsers,
+		&subscription.Status,
+		&subscription.StartDate,
+		&subscription.RenewalDate,
+		&subscription.CreatedAt,
+		&subscription.UpdatedAt,
+	)
+
+	return subscription, err
+}
+
+// GetByAgencyID retrieves a subscription by agency ID
+func (r *SubscriptionRepository) GetByAgencyID(agencyID uuid.UUID) (*domain.Subscription, error) {
+	query := `
+		SELECT id, agency_id, plan_id, billing_type, current_users, status, start_date, renewal_date, created_at, updated_at
+		FROM agency_subscriptions
+		WHERE agency_id = $1 AND status = 'active'
+		LIMIT 1
+	`
+
+	subscription := &domain.Subscription{}
+	err := r.db.QueryRow(query, agencyID).Scan(
+		&subscription.ID,
+		&subscription.AgencyID,
+		&subscription.PlanID,
+		&subscription.BillingType,
+		&subscription.CurrentUsers,
+		&subscription.Status,
+		&subscription.StartDate,
+		&subscription.RenewalDate,
+		&subscription.CreatedAt,
+		&subscription.UpdatedAt,
+	)
+
+	return subscription, err
+}
+
+// ListAll retrieves all subscriptions
+func (r *SubscriptionRepository) ListAll() ([]*domain.Subscription, error) {
+	query := `
+		SELECT id, agency_id, plan_id, billing_type, current_users, status, start_date, renewal_date, created_at, updated_at
+		FROM agency_subscriptions
+		ORDER BY created_at DESC
+	`
+
+	rows, err := r.db.Query(query)
+	if err != nil {
+		return nil, err
+	}
+	defer rows.Close()
+
+	var subscriptions []*domain.Subscription
+
+	for rows.Next() {
+		subscription := &domain.Subscription{}
+		err := rows.Scan(
+			&subscription.ID,
+			&subscription.AgencyID,
+			&subscription.PlanID,
+			&subscription.BillingType,
+			&subscription.CurrentUsers,
+			&subscription.Status,
+			&subscription.StartDate,
+			&subscription.RenewalDate,
+			&subscription.CreatedAt,
+			&subscription.UpdatedAt,
+		)
+
+		if err != nil {
+			return nil, err
+		}
+
+		subscriptions = append(subscriptions, subscription)
+	}
+
+	return subscriptions, rows.Err()
+}
+
+// Update updates a subscription
+func (r *SubscriptionRepository) Update(subscription *domain.Subscription) error {
+	query := `
+		UPDATE agency_subscriptions
+		SET plan_id = $2, billing_type = $3, current_users = $4, status = $5, renewal_date = $6, updated_at = $7
+		WHERE id = $1
+		RETURNING updated_at
+	`
+
+	subscription.UpdatedAt = time.Now()
+
+	return r.db.QueryRow(
+		query,
+		subscription.ID,
+		subscription.PlanID,
+		subscription.BillingType,
+		subscription.CurrentUsers,
+		subscription.Status,
+		subscription.RenewalDate,
+		subscription.UpdatedAt,
+	).Scan(&subscription.UpdatedAt)
+}
+
+// Delete deletes a subscription
+func (r *SubscriptionRepository) Delete(id uuid.UUID) error {
+	query := `DELETE FROM agency_subscriptions WHERE id = $1`
+	result, err := r.db.Exec(query, id)
+	if err != nil {
+		return err
+	}
+
+	rowsAffected, err := result.RowsAffected()
+	if err != nil {
+		return err
+	}
+
+	if rowsAffected == 0 {
+		return sql.ErrNoRows
+	}
+
+	return nil
+}
+
+// UpdateUserCount updates the current user count for a subscription
+func (r *SubscriptionRepository) UpdateUserCount(agencyID uuid.UUID, userCount int) error {
+	query := `
+		UPDATE agency_subscriptions
+		SET current_users = $2, updated_at = $3
+		WHERE agency_id = $1 AND status = 'active'
+	`
+
+	_, err := r.db.Exec(query, agencyID, userCount, time.Now())
+	return err
+}

backend/internal/repository/tenant_repository.go

@@ -188,17 +188,23 @@ func (r *TenantRepository) FindByID(id uuid.UUID) (*domain.Tenant, error) {
 // FindBySubdomain finds a tenant by subdomain
 func (r *TenantRepository) FindBySubdomain(subdomain string) (*domain.Tenant, error) {
 	query := `
-		SELECT id, name, domain, subdomain, created_at, updated_at
+		SELECT id, name, domain, subdomain, primary_color, secondary_color, logo_url, logo_horizontal_url, created_at, updated_at
 		FROM tenants
 		WHERE subdomain = $1
 	`
 
 	tenant := &domain.Tenant{}
+	var primaryColor, secondaryColor, logoURL, logoHorizontalURL sql.NullString
+
 	err := r.db.QueryRow(query, subdomain).Scan(
 		&tenant.ID,
 		&tenant.Name,
 		&tenant.Domain,
 		&tenant.Subdomain,
+		&primaryColor,
+		&secondaryColor,
+		&logoURL,
+		&logoHorizontalURL,
 		&tenant.CreatedAt,
 		&tenant.UpdatedAt,
 	)
@@ -207,7 +213,24 @@ func (r *TenantRepository) FindBySubdomain(subdomain string) (*domain.Tenant, er
 		return nil, nil
 	}
 
-	return tenant, err
+	if err != nil {
+		return nil, err
+	}
+
+	if primaryColor.Valid {
+		tenant.PrimaryColor = primaryColor.String
+	}
+	if secondaryColor.Valid {
+		tenant.SecondaryColor = secondaryColor.String
+	}
+	if logoURL.Valid {
+		tenant.LogoURL = logoURL.String
+	}
+	if logoHorizontalURL.Valid {
+		tenant.LogoHorizontalURL = logoHorizontalURL.String
+	}
+
+	return tenant, nil
 }
 
 // SubdomainExists checks if a subdomain is already taken

backend/internal/repository/user_repository.go

@@ -161,3 +161,73 @@ func (r *UserRepository) FindAdminByTenantID(tenantID uuid.UUID) (*domain.User,
 
 	return user, nil
 }
+// ListByTenantID returns all users for a tenant (excluding the tenant admin)
+func (r *UserRepository) ListByTenantID(tenantID uuid.UUID) ([]domain.User, error) {
+	query := `
+		SELECT id, tenant_id, email, password_hash, first_name, role, created_at, updated_at, 
+		       agency_role, created_by, collaborator_created_at
+		FROM users
+		WHERE tenant_id = $1 AND is_active = true AND role != 'SUPERADMIN'
+		ORDER BY created_at DESC
+	`
+
+	rows, err := r.db.Query(query, tenantID)
+	if err != nil {
+		return nil, err
+	}
+	defer rows.Close()
+
+	var users []domain.User
+	for rows.Next() {
+		user := domain.User{}
+		err := rows.Scan(
+			&user.ID,
+			&user.TenantID,
+			&user.Email,
+			&user.Password,
+			&user.Name,
+			&user.Role,
+			&user.CreatedAt,
+			&user.UpdatedAt,
+			&user.AgencyRole,
+			&user.CreatedBy,
+			&user.CollaboratorCreatedAt,
+		)
+		if err != nil {
+			return nil, err
+		}
+		users = append(users, user)
+	}
+
+	return users, rows.Err()
+}
+
+// GetByID returns a user by ID
+func (r *UserRepository) GetByID(id uuid.UUID) (*domain.User, error) {
+	return r.FindByID(id)
+}
+
+// Delete marks a user as inactive
+func (r *UserRepository) Delete(id uuid.UUID) error {
+	query := `
+		UPDATE users
+		SET is_active = false, updated_at = NOW()
+		WHERE id = $1
+	`
+
+	result, err := r.db.Exec(query, id)
+	if err != nil {
+		return err
+	}
+
+	rows, err := result.RowsAffected()
+	if err != nil {
+		return err
+	}
+
+	if rows == 0 {
+		return sql.ErrNoRows
+	}
+
+	return nil
+}

backend/internal/service/agency_service.go

@@ -4,6 +4,7 @@ import (
 	"aggios-app/backend/internal/config"
 	"aggios-app/backend/internal/domain"
 	"aggios-app/backend/internal/repository"
+	"database/sql"
 	"fmt"
 
 	"github.com/google/uuid"
@@ -15,14 +16,16 @@ type AgencyService struct {
 	userRepo   *repository.UserRepository
 	tenantRepo *repository.TenantRepository
 	cfg        *config.Config
+	db         *sql.DB
 }
 
 // NewAgencyService creates a new agency service
-func NewAgencyService(userRepo *repository.UserRepository, tenantRepo *repository.TenantRepository, cfg *config.Config) *AgencyService {
+func NewAgencyService(userRepo *repository.UserRepository, tenantRepo *repository.TenantRepository, cfg *config.Config, db *sql.DB) *AgencyService {
 	return &AgencyService{
 		userRepo:   userRepo,
 		tenantRepo: tenantRepo,
 		cfg:        cfg,
+		db:         db,
 	}
 }
 
@@ -180,6 +183,43 @@ func (s *AgencyService) GetAgencyDetails(id uuid.UUID) (*domain.AgencyDetails, e
 		details.Admin = admin
 	}
 
+	// Buscar subscription e soluções
+	var subscription domain.AgencySubscriptionInfo
+	query := `
+		SELECT 
+			s.plan_id, 
+			p.name as plan_name,
+			s.status
+		FROM agency_subscriptions s
+		JOIN plans p ON s.plan_id = p.id
+		WHERE s.agency_id = $1
+		LIMIT 1
+	`
+	err = s.db.QueryRow(query, id).Scan(&subscription.PlanID, &subscription.PlanName, &subscription.Status)
+	if err == nil {
+		// Buscar soluções do plano
+		solutionsQuery := `
+			SELECT sol.id, sol.name, sol.slug, sol.icon
+			FROM solutions sol
+			JOIN plan_solutions ps ON sol.id = ps.solution_id
+			WHERE ps.plan_id = $1
+			ORDER BY sol.name
+		`
+		rows, err := s.db.Query(solutionsQuery, subscription.PlanID)
+		if err == nil {
+			defer rows.Close()
+			var solutions []domain.Solution
+			for rows.Next() {
+				var solution domain.Solution
+				if err := rows.Scan(&solution.ID, &solution.Name, &solution.Slug, &solution.Icon); err == nil {
+					solutions = append(solutions, solution)
+				}
+			}
+			subscription.Solutions = solutions
+			details.Subscription = &subscription
+		}
+	}
+
 	return details, nil
 }
 

backend/internal/service/auth_service.go

@@ -24,17 +24,19 @@ var (
 
 // AuthService handles authentication business logic
 type AuthService struct {
-	userRepo   *repository.UserRepository
+	userRepo     *repository.UserRepository
-	tenantRepo *repository.TenantRepository
+	tenantRepo   *repository.TenantRepository
-	cfg        *config.Config
+	crmRepo      *repository.CRMRepository
+	cfg          *config.Config
 }
 
 // NewAuthService creates a new auth service
-func NewAuthService(userRepo *repository.UserRepository, tenantRepo *repository.TenantRepository, cfg *config.Config) *AuthService {
+func NewAuthService(userRepo *repository.UserRepository, tenantRepo *repository.TenantRepository, crmRepo *repository.CRMRepository, cfg *config.Config) *AuthService {
 	return &AuthService{
-		userRepo:   userRepo,
+		userRepo:     userRepo,
-		tenantRepo: tenantRepo,
+		tenantRepo:   tenantRepo,
-		cfg:        cfg,
+		crmRepo:      crmRepo,
+		cfg:          cfg,
 	}
 }
 
@@ -175,3 +177,158 @@ func (s *AuthService) ChangePassword(userID string, currentPassword, newPassword
 func parseUUID(s string) (uuid.UUID, error) {
 	return uuid.Parse(s)
 }
+
+// GenerateCustomerToken gera um token JWT para um cliente do CRM
+func (s *AuthService) GenerateCustomerToken(customerID, tenantID, email string) (string, error) {
+	claims := jwt.MapClaims{
+		"customer_id": customerID,
+		"tenant_id":   tenantID,
+		"email":       email,
+		"type":        "customer_portal",
+		"exp":         time.Now().Add(time.Hour * 24 * 30).Unix(), // 30 dias
+	}
+
+	token := jwt.NewWithClaims(jwt.SigningMethodHS256, claims)
+	return token.SignedString([]byte(s.cfg.JWT.Secret))
+}
+
+// UnifiedLogin autentica qualquer tipo de usuário (agência ou cliente) e retorna token unificado
+func (s *AuthService) UnifiedLogin(req domain.UnifiedLoginRequest) (*domain.UnifiedLoginResponse, error) {
+	email := req.Email
+	password := req.Password
+
+	// TENTATIVA 1: Buscar em users (agência)
+	user, err := s.userRepo.FindByEmail(email)
+	if err == nil && user != nil {
+		// Verificar senha
+		if err := bcrypt.CompareHashAndPassword([]byte(user.Password), []byte(password)); err != nil {
+			log.Printf("❌ Password mismatch for agency user %s", email)
+			return nil, ErrInvalidCredentials
+		}
+
+		// SUPERADMIN usa login próprio em outro domínio, não deve usar esta rota
+		if user.Role == "SUPERADMIN" {
+			log.Printf("🚫 SUPERADMIN attempted unified login - redirecting to proper endpoint")
+			return nil, errors.New("superadmins devem usar o painel administrativo")
+		}
+
+		// Gerar token unificado para agency_user
+		token, err := s.generateUnifiedToken(user.ID.String(), domain.UserTypeAgency, email, user.Role, user.AgencyRole, user.TenantID)
+		if err != nil {
+			log.Printf("❌ Error generating unified token: %v", err)
+			return nil, err
+		}
+
+		// Buscar subdomain se tiver tenant
+		subdomain := ""
+		tenantID := ""
+		if user.TenantID != nil {
+			tenantID = user.TenantID.String()
+			tenant, err := s.tenantRepo.FindByID(*user.TenantID)
+			if err == nil && tenant != nil {
+				subdomain = tenant.Subdomain
+			}
+		}
+
+		log.Printf("✅ Agency user logged in: %s (type=agency_user, role=%s, agency_role=%s)", email, user.Role, user.AgencyRole)
+
+		return &domain.UnifiedLoginResponse{
+			Token:      token,
+			UserType:   domain.UserTypeAgency,
+			UserID:     user.ID.String(),
+			Email:      email,
+			Name:       user.Name,
+			Role:       user.Role,
+			AgencyRole: user.AgencyRole,
+			TenantID:   tenantID,
+			Subdomain:  subdomain,
+		}, nil
+	}
+
+	// TENTATIVA 2: Buscar em crm_customers
+	log.Printf("🔍 Attempting to find customer in CRM: %s", email)
+	customer, err := s.crmRepo.GetCustomerByEmail(email)
+	log.Printf("🔍 CRM GetCustomerByEmail result: customer=%v, err=%v", customer != nil, err)
+	if err == nil && customer != nil {
+		// Verificar se tem acesso ao portal
+		if !customer.HasPortalAccess {
+			log.Printf("🚫 Customer %s has no portal access", email)
+			return nil, errors.New("acesso ao portal não autorizado. Entre em contato com o administrador")
+		}
+
+		// Verificar senha
+		if customer.PasswordHash == "" {
+			log.Printf("❌ Customer %s has no password set", email)
+			return nil, ErrInvalidCredentials
+		}
+
+		if err := bcrypt.CompareHashAndPassword([]byte(customer.PasswordHash), []byte(password)); err != nil {
+			log.Printf("❌ Password mismatch for customer %s", email)
+			return nil, ErrInvalidCredentials
+		}
+
+		// Atualizar último login
+		if err := s.crmRepo.UpdateCustomerLastLogin(customer.ID); err != nil {
+			log.Printf("⚠️ Warning: Failed to update last login for customer %s: %v", customer.ID, err)
+		}
+
+		// Gerar token unificado
+		tenantUUID, _ := uuid.Parse(customer.TenantID)
+		token, err := s.generateUnifiedToken(customer.ID, domain.UserTypeCustomer, email, "", "", &tenantUUID)
+		if err != nil {
+			log.Printf("❌ Error generating unified token: %v", err)
+			return nil, err
+		}
+
+		// Buscar subdomain do tenant
+		subdomain := ""
+		if tenantUUID != uuid.Nil {
+			tenant, err := s.tenantRepo.FindByID(tenantUUID)
+			if err == nil && tenant != nil {
+				subdomain = tenant.Subdomain
+			}
+		}
+
+		log.Printf("✅ Customer logged in: %s (tenant=%s)", email, customer.TenantID)
+
+		return &domain.UnifiedLoginResponse{
+			Token:     token,
+			UserType:  domain.UserTypeCustomer,
+			UserID:    customer.ID,
+			Email:     email,
+			Name:      customer.Name,
+			TenantID:  customer.TenantID,
+			Subdomain: subdomain,
+		}, nil
+	}
+
+	// Não encontrou em nenhuma tabela
+	log.Printf("❌ User not found: %s", email)
+	return nil, ErrInvalidCredentials
+}
+
+// generateUnifiedToken cria um JWT com claims unificadas
+func (s *AuthService) generateUnifiedToken(userID string, userType domain.UserType, email, role, agencyRole string, tenantID *uuid.UUID) (string, error) {
+	tenantIDStr := ""
+	if tenantID != nil {
+		tenantIDStr = tenantID.String()
+	}
+
+	claims := domain.UnifiedClaims{
+		UserID:     userID,
+		UserType:   userType,
+		TenantID:   tenantIDStr,
+		Email:      email,
+		Role:       role,
+		AgencyRole: agencyRole,
+		RegisteredClaims: jwt.RegisteredClaims{
+			ExpiresAt: jwt.NewNumericDate(time.Now().Add(time.Hour * 24 * 30)), // 30 dias
+			IssuedAt:  jwt.NewNumericDate(time.Now()),
+		},
+	}
+
+	token := jwt.NewWithClaims(jwt.SigningMethodHS256, claims)
+	return token.SignedString([]byte(s.cfg.JWT.Secret))
+}
+
+

backend/internal/service/plan_service.go

@@ -0,0 +1,286 @@
+package service
+
+import (
+	"database/sql"
+	"errors"
+	"fmt"
+
+	"aggios-app/backend/internal/domain"
+	"aggios-app/backend/internal/repository"
+
+	"github.com/google/uuid"
+	"github.com/shopspring/decimal"
+)
+
+var (
+	ErrPlanNotFound           = errors.New("plan not found")
+	ErrPlanSlugTaken          = errors.New("plan slug already exists")
+	ErrInvalidUserRange       = errors.New("invalid user range: min_users must be less than or equal to max_users")
+	ErrSubscriptionNotFound   = errors.New("subscription not found")
+	ErrUserLimitExceeded      = errors.New("user limit exceeded for this plan")
+	ErrSubscriptionExists     = errors.New("agency already has an active subscription")
+)
+
+// PlanService handles plan business logic
+type PlanService struct {
+	planRepo         *repository.PlanRepository
+	subscriptionRepo *repository.SubscriptionRepository
+}
+
+// NewPlanService creates a new plan service
+func NewPlanService(planRepo *repository.PlanRepository, subscriptionRepo *repository.SubscriptionRepository) *PlanService {
+	return &PlanService{
+		planRepo:         planRepo,
+		subscriptionRepo: subscriptionRepo,
+	}
+}
+
+// CreatePlan creates a new plan
+func (s *PlanService) CreatePlan(req *domain.CreatePlanRequest) (*domain.Plan, error) {
+	// Validate user range
+	if req.MinUsers > req.MaxUsers && req.MaxUsers != -1 {
+		return nil, ErrInvalidUserRange
+	}
+
+	// Check if slug is unique
+	existing, _ := s.planRepo.GetBySlug(req.Slug)
+	if existing != nil {
+		return nil, ErrPlanSlugTaken
+	}
+
+	plan := &domain.Plan{
+		Name:            req.Name,
+		Slug:            req.Slug,
+		Description:     req.Description,
+		MinUsers:        req.MinUsers,
+		MaxUsers:        req.MaxUsers,
+		Features:        req.Features,
+		Differentiators: req.Differentiators,
+		StorageGB:       req.StorageGB,
+		IsActive:        req.IsActive,
+	}
+
+	// Convert prices if provided
+	if req.MonthlyPrice != nil {
+		price := decimal.NewFromFloat(*req.MonthlyPrice)
+		plan.MonthlyPrice = &price
+	}
+	if req.AnnualPrice != nil {
+		price := decimal.NewFromFloat(*req.AnnualPrice)
+		plan.AnnualPrice = &price
+	}
+
+	if err := s.planRepo.Create(plan); err != nil {
+		return nil, err
+	}
+
+	return plan, nil
+}
+
+// GetPlan retrieves a plan by ID
+func (s *PlanService) GetPlan(id uuid.UUID) (*domain.Plan, error) {
+	plan, err := s.planRepo.GetByID(id)
+	if err != nil {
+		if err == sql.ErrNoRows {
+			return nil, ErrPlanNotFound
+		}
+		return nil, err
+	}
+	return plan, nil
+}
+
+// ListPlans retrieves all plans
+func (s *PlanService) ListPlans() ([]*domain.Plan, error) {
+	return s.planRepo.ListAll()
+}
+
+// ListActivePlans retrieves all active plans
+func (s *PlanService) ListActivePlans() ([]*domain.Plan, error) {
+	return s.planRepo.ListActive()
+}
+
+// UpdatePlan updates a plan
+func (s *PlanService) UpdatePlan(id uuid.UUID, req *domain.UpdatePlanRequest) (*domain.Plan, error) {
+	plan, err := s.planRepo.GetByID(id)
+	if err != nil {
+		if err == sql.ErrNoRows {
+			return nil, ErrPlanNotFound
+		}
+		return nil, err
+	}
+
+	// Update fields if provided
+	if req.Name != nil {
+		plan.Name = *req.Name
+	}
+	if req.Slug != nil {
+		// Check if new slug is unique
+		existing, _ := s.planRepo.GetBySlug(*req.Slug)
+		if existing != nil && existing.ID != plan.ID {
+			return nil, ErrPlanSlugTaken
+		}
+		plan.Slug = *req.Slug
+	}
+	if req.Description != nil {
+		plan.Description = *req.Description
+	}
+	if req.MinUsers != nil {
+		plan.MinUsers = *req.MinUsers
+	}
+	if req.MaxUsers != nil {
+		plan.MaxUsers = *req.MaxUsers
+	}
+	if req.MonthlyPrice != nil {
+		price := decimal.NewFromFloat(*req.MonthlyPrice)
+		plan.MonthlyPrice = &price
+	}
+	if req.AnnualPrice != nil {
+		price := decimal.NewFromFloat(*req.AnnualPrice)
+		plan.AnnualPrice = &price
+	}
+	if req.Features != nil {
+		plan.Features = req.Features
+	}
+	if req.Differentiators != nil {
+		plan.Differentiators = req.Differentiators
+	}
+	if req.StorageGB != nil {
+		plan.StorageGB = *req.StorageGB
+	}
+	if req.IsActive != nil {
+		plan.IsActive = *req.IsActive
+	}
+
+	// Validate user range
+	if plan.MinUsers > plan.MaxUsers && plan.MaxUsers != -1 {
+		return nil, ErrInvalidUserRange
+	}
+
+	if err := s.planRepo.Update(plan); err != nil {
+		return nil, err
+	}
+
+	return plan, nil
+}
+
+// DeletePlan deletes a plan
+func (s *PlanService) DeletePlan(id uuid.UUID) error {
+	// Check if plan exists
+	if _, err := s.planRepo.GetByID(id); err != nil {
+		if err == sql.ErrNoRows {
+			return ErrPlanNotFound
+		}
+		return err
+	}
+
+	return s.planRepo.Delete(id)
+}
+
+// CreateSubscription creates a new subscription for an agency
+func (s *PlanService) CreateSubscription(req *domain.CreateSubscriptionRequest) (*domain.Subscription, error) {
+	// Check if plan exists
+	plan, err := s.planRepo.GetByID(req.PlanID)
+	if err != nil {
+		if err == sql.ErrNoRows {
+			return nil, ErrPlanNotFound
+		}
+		return nil, err
+	}
+
+	// Check if agency already has active subscription
+	existing, err := s.subscriptionRepo.GetByAgencyID(req.AgencyID)
+	if err != nil && err != sql.ErrNoRows {
+		return nil, err
+	}
+	if existing != nil {
+		return nil, ErrSubscriptionExists
+	}
+
+	subscription := &domain.Subscription{
+		AgencyID:    req.AgencyID,
+		PlanID:      req.PlanID,
+		BillingType: req.BillingType,
+		Status:      "active",
+		CurrentUsers: 0,
+	}
+
+	if err := s.subscriptionRepo.Create(subscription); err != nil {
+		return nil, err
+	}
+
+	// Load plan details
+	subscription.PlanID = plan.ID
+
+	return subscription, nil
+}
+
+// GetSubscription retrieves a subscription by ID
+func (s *PlanService) GetSubscription(id uuid.UUID) (*domain.Subscription, error) {
+	subscription, err := s.subscriptionRepo.GetByID(id)
+	if err != nil {
+		if err == sql.ErrNoRows {
+			return nil, ErrSubscriptionNotFound
+		}
+		return nil, err
+	}
+	return subscription, nil
+}
+
+// GetAgencySubscription retrieves an agency's active subscription
+func (s *PlanService) GetAgencySubscription(agencyID uuid.UUID) (*domain.Subscription, error) {
+	subscription, err := s.subscriptionRepo.GetByAgencyID(agencyID)
+	if err != nil {
+		if err == sql.ErrNoRows {
+			return nil, ErrSubscriptionNotFound
+		}
+		return nil, err
+	}
+	return subscription, nil
+}
+
+// ListSubscriptions retrieves all subscriptions
+func (s *PlanService) ListSubscriptions() ([]*domain.Subscription, error) {
+	return s.subscriptionRepo.ListAll()
+}
+
+// ValidateUserLimit checks if adding a user would exceed plan limit
+func (s *PlanService) ValidateUserLimit(agencyID uuid.UUID, newUserCount int) error {
+	subscription, err := s.subscriptionRepo.GetByAgencyID(agencyID)
+	if err != nil {
+		if err == sql.ErrNoRows {
+			return ErrSubscriptionNotFound
+		}
+		return err
+	}
+
+	plan, err := s.planRepo.GetByID(subscription.PlanID)
+	if err != nil {
+		if err == sql.ErrNoRows {
+			return ErrPlanNotFound
+		}
+		return err
+	}
+
+	if plan.MaxUsers != -1 && newUserCount > plan.MaxUsers {
+		return fmt.Errorf("%w (limit: %d, requested: %d)", ErrUserLimitExceeded, plan.MaxUsers, newUserCount)
+	}
+
+	return nil
+}
+
+// GetPlanByUserCount returns the appropriate plan for a given user count
+func (s *PlanService) GetPlanByUserCount(userCount int) (*domain.Plan, error) {
+	plans, err := s.planRepo.ListActive()
+	if err != nil {
+		return nil, err
+	}
+
+	// Find the plan that fits the user count
+	for _, plan := range plans {
+		if userCount >= plan.MinUsers && (plan.MaxUsers == -1 || userCount <= plan.MaxUsers) {
+			return plan, nil
+		}
+	}
+
+	return nil, fmt.Errorf("no plan found for user count: %d", userCount)
+}

backend/internal/service/tenant_service.go

@@ -17,12 +17,14 @@ var (
 // TenantService handles tenant business logic
 type TenantService struct {
 	tenantRepo *repository.TenantRepository
+	db         *sql.DB
 }
 
 // NewTenantService creates a new tenant service
-func NewTenantService(tenantRepo *repository.TenantRepository) *TenantService {
+func NewTenantService(tenantRepo *repository.TenantRepository, db *sql.DB) *TenantService {
 	return &TenantService{
 		tenantRepo: tenantRepo,
+		db:         db,
 	}
 }
 
@@ -79,6 +81,84 @@ func (s *TenantService) ListAll() ([]*domain.Tenant, error) {
 	return s.tenantRepo.FindAll()
 }
 
+// ListAllWithDetails retrieves all tenants with their plan and solutions information
+func (s *TenantService) ListAllWithDetails() ([]map[string]interface{}, error) {
+	tenants, err := s.tenantRepo.FindAll()
+	if err != nil {
+		return nil, err
+	}
+
+	var result []map[string]interface{}
+	for _, tenant := range tenants {
+		tenantData := map[string]interface{}{
+			"id":                  tenant.ID,
+			"name":                tenant.Name,
+			"subdomain":           tenant.Subdomain,
+			"domain":              tenant.Domain,
+			"email":               tenant.Email,
+			"phone":               tenant.Phone,
+			"cnpj":                tenant.CNPJ,
+			"is_active":           tenant.IsActive,
+			"created_at":          tenant.CreatedAt,
+			"logo_url":            tenant.LogoURL,
+			"logo_horizontal_url": tenant.LogoHorizontalURL,
+			"primary_color":       tenant.PrimaryColor,
+			"secondary_color":     tenant.SecondaryColor,
+		}
+
+		// Buscar subscription e soluções
+		var planName sql.NullString
+		var planID string
+		query := `
+			SELECT 
+				s.plan_id, 
+				p.name as plan_name
+			FROM agency_subscriptions s
+			JOIN plans p ON s.plan_id = p.id
+			WHERE s.agency_id = $1 AND s.status = 'active'
+			LIMIT 1
+		`
+		err = s.db.QueryRow(query, tenant.ID).Scan(&planID, &planName)
+		if err == nil && planName.Valid {
+			tenantData["plan_name"] = planName.String
+
+			// Buscar soluções do plano
+			solutionsQuery := `
+				SELECT sol.id, sol.name, sol.slug, sol.icon
+				FROM solutions sol
+				JOIN plan_solutions ps ON sol.id = ps.solution_id
+				WHERE ps.plan_id = $1
+				ORDER BY sol.name
+			`
+			rows, err := s.db.Query(solutionsQuery, planID)
+			if err == nil {
+				defer rows.Close()
+				var solutions []map[string]interface{}
+				for rows.Next() {
+					var id, name, slug string
+					var icon sql.NullString
+					if err := rows.Scan(&id, &name, &slug, &icon); err == nil {
+						solution := map[string]interface{}{
+							"id":   id,
+							"name": name,
+							"slug": slug,
+						}
+						if icon.Valid {
+							solution["icon"] = icon.String
+						}
+						solutions = append(solutions, solution)
+					}
+				}
+				tenantData["solutions"] = solutions
+			}
+		}
+
+		result = append(result, tenantData)
+	}
+
+	return result, nil
+}
+
 // Delete removes a tenant by ID
 func (s *TenantService) Delete(id uuid.UUID) error {
 	if err := s.tenantRepo.Delete(id); err != nil {

backups/aggios_backup_2025-12-14_02-42-03.sql

@@ -0,0 +1,343 @@
+--
+-- PostgreSQL database dump
+--
+
+\restrict mUKTWCYeXvRf2SKhMr352J1jYiouAP5fsYPxvQjxn9xhEgk8BrOSEtYCYQoFicQ
+
+-- Dumped from database version 16.11
+-- Dumped by pg_dump version 18.1
+
+SET statement_timeout = 0;
+SET lock_timeout = 0;
+SET idle_in_transaction_session_timeout = 0;
+SET transaction_timeout = 0;
+SET client_encoding = 'UTF8';
+SET standard_conforming_strings = on;
+SELECT pg_catalog.set_config('search_path', '', false);
+SET check_function_bodies = false;
+SET xmloption = content;
+SET client_min_messages = warning;
+SET row_security = off;
+
+--
+-- Name: pgcrypto; Type: EXTENSION; Schema: -; Owner: -
+--
+
+CREATE EXTENSION IF NOT EXISTS pgcrypto WITH SCHEMA public;
+
+
+--
+-- Name: EXTENSION pgcrypto; Type: COMMENT; Schema: -; Owner: 
+--
+
+COMMENT ON EXTENSION pgcrypto IS 'cryptographic functions';
+
+
+--
+-- Name: uuid-ossp; Type: EXTENSION; Schema: -; Owner: -
+--
+
+CREATE EXTENSION IF NOT EXISTS "uuid-ossp" WITH SCHEMA public;
+
+
+--
+-- Name: EXTENSION "uuid-ossp"; Type: COMMENT; Schema: -; Owner: 
+--
+
+COMMENT ON EXTENSION "uuid-ossp" IS 'generate universally unique identifiers (UUIDs)';
+
+
+SET default_tablespace = '';
+
+SET default_table_access_method = heap;
+
+--
+-- Name: companies; Type: TABLE; Schema: public; Owner: aggios
+--
+
+CREATE TABLE public.companies (
+    id uuid DEFAULT gen_random_uuid() NOT NULL,
+    tenant_id uuid NOT NULL,
+    cnpj character varying(18) NOT NULL,
+    razao_social character varying(255) NOT NULL,
+    nome_fantasia character varying(255),
+    email character varying(255),
+    telefone character varying(20),
+    status character varying(50) DEFAULT 'active'::character varying,
+    created_by_user_id uuid,
+    created_at timestamp with time zone DEFAULT CURRENT_TIMESTAMP,
+    updated_at timestamp with time zone DEFAULT CURRENT_TIMESTAMP
+);
+
+
+ALTER TABLE public.companies OWNER TO aggios;
+
+--
+-- Name: refresh_tokens; Type: TABLE; Schema: public; Owner: aggios
+--
+
+CREATE TABLE public.refresh_tokens (
+    id uuid DEFAULT gen_random_uuid() NOT NULL,
+    user_id uuid NOT NULL,
+    token_hash character varying(255) NOT NULL,
+    expires_at timestamp with time zone NOT NULL,
+    created_at timestamp with time zone DEFAULT CURRENT_TIMESTAMP
+);
+
+
+ALTER TABLE public.refresh_tokens OWNER TO aggios;
+
+--
+-- Name: tenants; Type: TABLE; Schema: public; Owner: aggios
+--
+
+CREATE TABLE public.tenants (
+    id uuid DEFAULT gen_random_uuid() NOT NULL,
+    name character varying(255) NOT NULL,
+    domain character varying(255) NOT NULL,
+    subdomain character varying(63) NOT NULL,
+    cnpj character varying(18),
+    razao_social character varying(255),
+    email character varying(255),
+    phone character varying(20),
+    website character varying(255),
+    address text,
+    city character varying(100),
+    state character varying(2),
+    zip character varying(10),
+    description text,
+    industry character varying(100),
+    is_active boolean DEFAULT true,
+    created_at timestamp with time zone DEFAULT CURRENT_TIMESTAMP,
+    updated_at timestamp with time zone DEFAULT CURRENT_TIMESTAMP,
+    neighborhood character varying(100),
+    street character varying(100),
+    number character varying(20),
+    complement character varying(100),
+    team_size character varying(20),
+    primary_color character varying(7),
+    secondary_color character varying(7),
+    logo_url text,
+    logo_horizontal_url text
+);
+
+
+ALTER TABLE public.tenants OWNER TO aggios;
+
+--
+-- Name: users; Type: TABLE; Schema: public; Owner: aggios
+--
+
+CREATE TABLE public.users (
+    id uuid DEFAULT gen_random_uuid() NOT NULL,
+    tenant_id uuid,
+    email character varying(255) NOT NULL,
+    password_hash character varying(255) NOT NULL,
+    first_name character varying(128),
+    last_name character varying(128),
+    role character varying(50) DEFAULT 'CLIENTE'::character varying,
+    is_active boolean DEFAULT true,
+    created_at timestamp with time zone DEFAULT CURRENT_TIMESTAMP,
+    updated_at timestamp with time zone DEFAULT CURRENT_TIMESTAMP,
+    CONSTRAINT users_role_check CHECK (((role)::text = ANY ((ARRAY['SUPERADMIN'::character varying, 'ADMIN_AGENCIA'::character varying, 'CLIENTE'::character varying])::text[])))
+);
+
+
+ALTER TABLE public.users OWNER TO aggios;
+
+--
+-- Data for Name: companies; Type: TABLE DATA; Schema: public; Owner: aggios
+--
+
+COPY public.companies (id, tenant_id, cnpj, razao_social, nome_fantasia, email, telefone, status, created_by_user_id, created_at, updated_at) FROM stdin;
+\.
+
+
+--
+-- Data for Name: refresh_tokens; Type: TABLE DATA; Schema: public; Owner: aggios
+--
+
+COPY public.refresh_tokens (id, user_id, token_hash, expires_at, created_at) FROM stdin;
+\.
+
+
+--
+-- Data for Name: tenants; Type: TABLE DATA; Schema: public; Owner: aggios
+--
+
+COPY public.tenants (id, name, domain, subdomain, cnpj, razao_social, email, phone, website, address, city, state, zip, description, industry, is_active, created_at, updated_at, neighborhood, street, number, complement, team_size, primary_color, secondary_color, logo_url, logo_horizontal_url) FROM stdin;
+d351e725-1428-45f3-b2e3-ca767e9b952c	Agência Teste	agencia-teste.aggios.app	agencia-teste	\N	\N	\N	\N	\N	\N	\N	\N	\N	\N	\N	t	2025-12-13 22:31:35.818953+00	2025-12-13 22:31:35.818953+00	\N	\N	\N	\N	\N	\N	\N	\N	\N
+13d32cc3-0490-4557-96a3-7a38da194185	Empresa Teste	teste-empresa.localhost	teste-empresa	12.345.678/0001-90	EMPRESA TESTE LTDA	teste@teste.com	(11) 99999-9999	teste.com.br	Avenida Paulista, 1000 - Andar 10	S<EFBFBD>o Paulo	SP	01310-100	Empresa de teste	tecnologia	t	2025-12-13 23:22:58.406376+00	2025-12-13 23:22:58.406376+00	Bela Vista	\N	1000	Andar 10	1-10	#8B5CF6	#A78BFA		
+ae271be0-a63c-407f-9cf6-a4a8c8a0a4dc	IdealPages	idealpages.localhost	idealpages	31.091.190/0001-23	ERIK DA SILVA SANTOS 36615318830	erik@idealpages.com.br	(13) 92000-4392	idealpages.com.br	Rua Quatorze, 150 - Casa	Guarujá	SP	11436-575	Empresa de contrucao de marca e desenvolvimento de software	agencia-digital	t	2025-12-13 23:23:35.508285+00	2025-12-13 23:26:40.947714+00	Vila Zilda	\N	150	Casa	1-10	#8B5CF6	#A78BFA	http://api.localhost/api/files/aggios-logos/tenants/ae271be0-a63c-407f-9cf6-a4a8c8a0a4dc/logo-1765668400.png	
+\.
+
+
+--
+-- Data for Name: users; Type: TABLE DATA; Schema: public; Owner: aggios
+--
+
+COPY public.users (id, tenant_id, email, password_hash, first_name, last_name, role, is_active, created_at, updated_at) FROM stdin;
+7b51ae6e-6fb0-42c4-8473-a98cbfcda6a4	\N	admin@aggios.app	$2a$10$yhCREFqXL7FA4zveCFcl4eYODNTSyt/swuYjS0nXkEq8pzqJo.BwO	Super	Admin	SUPERADMIN	t	2025-12-13 23:02:33.124444+00	2025-12-13 23:02:33.124444+00
+488351e7-4ddc-41a4-9cd3-5c3dec833c44	13d32cc3-0490-4557-96a3-7a38da194185	teste@teste.com	$2a$10$fx3bQqL01A9UqJwSwKpdLuVCq8M/1L9CvcQhx5tTkdinsvCpPsh4a	Teste Silva	\N	ADMIN_AGENCIA	t	2025-12-13 23:22:58.446011+00	2025-12-13 23:22:58.446011+00
+8742c1a1-5f1a-4df3-aa53-dcf94a2a2591	ae271be0-a63c-407f-9cf6-a4a8c8a0a4dc	erik@idealpages.com.br	$2a$10$tD8Kq/ZW0fbmW3Ga5JsKbOUy0nzsIZwkXJKaf43gFDVnRxjaf63Em	Erik da Silva Santos	\N	ADMIN_AGENCIA	t	2025-12-13 23:23:35.551192+00	2025-12-13 23:23:35.551192+00
+\.
+
+
+--
+-- Name: companies companies_pkey; Type: CONSTRAINT; Schema: public; Owner: aggios
+--
+
+ALTER TABLE ONLY public.companies
+    ADD CONSTRAINT companies_pkey PRIMARY KEY (id);
+
+
+--
+-- Name: companies companies_tenant_id_cnpj_key; Type: CONSTRAINT; Schema: public; Owner: aggios
+--
+
+ALTER TABLE ONLY public.companies
+    ADD CONSTRAINT companies_tenant_id_cnpj_key UNIQUE (tenant_id, cnpj);
+
+
+--
+-- Name: refresh_tokens refresh_tokens_pkey; Type: CONSTRAINT; Schema: public; Owner: aggios
+--
+
+ALTER TABLE ONLY public.refresh_tokens
+    ADD CONSTRAINT refresh_tokens_pkey PRIMARY KEY (id);
+
+
+--
+-- Name: tenants tenants_domain_key; Type: CONSTRAINT; Schema: public; Owner: aggios
+--
+
+ALTER TABLE ONLY public.tenants
+    ADD CONSTRAINT tenants_domain_key UNIQUE (domain);
+
+
+--
+-- Name: tenants tenants_pkey; Type: CONSTRAINT; Schema: public; Owner: aggios
+--
+
+ALTER TABLE ONLY public.tenants
+    ADD CONSTRAINT tenants_pkey PRIMARY KEY (id);
+
+
+--
+-- Name: tenants tenants_subdomain_key; Type: CONSTRAINT; Schema: public; Owner: aggios
+--
+
+ALTER TABLE ONLY public.tenants
+    ADD CONSTRAINT tenants_subdomain_key UNIQUE (subdomain);
+
+
+--
+-- Name: users users_email_key; Type: CONSTRAINT; Schema: public; Owner: aggios
+--
+
+ALTER TABLE ONLY public.users
+    ADD CONSTRAINT users_email_key UNIQUE (email);
+
+
+--
+-- Name: users users_pkey; Type: CONSTRAINT; Schema: public; Owner: aggios
+--
+
+ALTER TABLE ONLY public.users
+    ADD CONSTRAINT users_pkey PRIMARY KEY (id);
+
+
+--
+-- Name: idx_companies_cnpj; Type: INDEX; Schema: public; Owner: aggios
+--
+
+CREATE INDEX idx_companies_cnpj ON public.companies USING btree (cnpj);
+
+
+--
+-- Name: idx_companies_tenant_id; Type: INDEX; Schema: public; Owner: aggios
+--
+
+CREATE INDEX idx_companies_tenant_id ON public.companies USING btree (tenant_id);
+
+
+--
+-- Name: idx_refresh_tokens_expires_at; Type: INDEX; Schema: public; Owner: aggios
+--
+
+CREATE INDEX idx_refresh_tokens_expires_at ON public.refresh_tokens USING btree (expires_at);
+
+
+--
+-- Name: idx_refresh_tokens_user_id; Type: INDEX; Schema: public; Owner: aggios
+--
+
+CREATE INDEX idx_refresh_tokens_user_id ON public.refresh_tokens USING btree (user_id);
+
+
+--
+-- Name: idx_tenants_domain; Type: INDEX; Schema: public; Owner: aggios
+--
+
+CREATE INDEX idx_tenants_domain ON public.tenants USING btree (domain);
+
+
+--
+-- Name: idx_tenants_subdomain; Type: INDEX; Schema: public; Owner: aggios
+--
+
+CREATE INDEX idx_tenants_subdomain ON public.tenants USING btree (subdomain);
+
+
+--
+-- Name: idx_users_email; Type: INDEX; Schema: public; Owner: aggios
+--
+
+CREATE INDEX idx_users_email ON public.users USING btree (email);
+
+
+--
+-- Name: idx_users_tenant_id; Type: INDEX; Schema: public; Owner: aggios
+--
+
+CREATE INDEX idx_users_tenant_id ON public.users USING btree (tenant_id);
+
+
+--
+-- Name: companies companies_created_by_user_id_fkey; Type: FK CONSTRAINT; Schema: public; Owner: aggios
+--
+
+ALTER TABLE ONLY public.companies
+    ADD CONSTRAINT companies_created_by_user_id_fkey FOREIGN KEY (created_by_user_id) REFERENCES public.users(id);
+
+
+--
+-- Name: companies companies_tenant_id_fkey; Type: FK CONSTRAINT; Schema: public; Owner: aggios
+--
+
+ALTER TABLE ONLY public.companies
+    ADD CONSTRAINT companies_tenant_id_fkey FOREIGN KEY (tenant_id) REFERENCES public.tenants(id) ON DELETE CASCADE;
+
+
+--
+-- Name: refresh_tokens refresh_tokens_user_id_fkey; Type: FK CONSTRAINT; Schema: public; Owner: aggios
+--
+
+ALTER TABLE ONLY public.refresh_tokens
+    ADD CONSTRAINT refresh_tokens_user_id_fkey FOREIGN KEY (user_id) REFERENCES public.users(id) ON DELETE CASCADE;
+
+
+--
+-- Name: users users_tenant_id_fkey; Type: FK CONSTRAINT; Schema: public; Owner: aggios
+--
+
+ALTER TABLE ONLY public.users
+    ADD CONSTRAINT users_tenant_id_fkey FOREIGN KEY (tenant_id) REFERENCES public.tenants(id) ON DELETE CASCADE;
+
+
+--
+-- PostgreSQL database dump complete
+--
+
+\unrestrict mUKTWCYeXvRf2SKhMr352J1jYiouAP5fsYPxvQjxn9xhEgk8BrOSEtYCYQoFicQ
+

backups/aggios_backup_2025-12-14_03-42-29.sql

@@ -0,0 +1,343 @@
+--
+-- PostgreSQL database dump
+--
+
+\restrict ZSl79LbDN89EVihiEgzYdjR8EV38YLVYgKFBBZX4jKNuTBgFyc2DCZ8bFM5F42n
+
+-- Dumped from database version 16.11
+-- Dumped by pg_dump version 18.1
+
+SET statement_timeout = 0;
+SET lock_timeout = 0;
+SET idle_in_transaction_session_timeout = 0;
+SET transaction_timeout = 0;
+SET client_encoding = 'UTF8';
+SET standard_conforming_strings = on;
+SELECT pg_catalog.set_config('search_path', '', false);
+SET check_function_bodies = false;
+SET xmloption = content;
+SET client_min_messages = warning;
+SET row_security = off;
+
+--
+-- Name: pgcrypto; Type: EXTENSION; Schema: -; Owner: -
+--
+
+CREATE EXTENSION IF NOT EXISTS pgcrypto WITH SCHEMA public;
+
+
+--
+-- Name: EXTENSION pgcrypto; Type: COMMENT; Schema: -; Owner: 
+--
+
+COMMENT ON EXTENSION pgcrypto IS 'cryptographic functions';
+
+
+--
+-- Name: uuid-ossp; Type: EXTENSION; Schema: -; Owner: -
+--
+
+CREATE EXTENSION IF NOT EXISTS "uuid-ossp" WITH SCHEMA public;
+
+
+--
+-- Name: EXTENSION "uuid-ossp"; Type: COMMENT; Schema: -; Owner: 
+--
+
+COMMENT ON EXTENSION "uuid-ossp" IS 'generate universally unique identifiers (UUIDs)';
+
+
+SET default_tablespace = '';
+
+SET default_table_access_method = heap;
+
+--
+-- Name: companies; Type: TABLE; Schema: public; Owner: aggios
+--
+
+CREATE TABLE public.companies (
+    id uuid DEFAULT gen_random_uuid() NOT NULL,
+    tenant_id uuid NOT NULL,
+    cnpj character varying(18) NOT NULL,
+    razao_social character varying(255) NOT NULL,
+    nome_fantasia character varying(255),
+    email character varying(255),
+    telefone character varying(20),
+    status character varying(50) DEFAULT 'active'::character varying,
+    created_by_user_id uuid,
+    created_at timestamp with time zone DEFAULT CURRENT_TIMESTAMP,
+    updated_at timestamp with time zone DEFAULT CURRENT_TIMESTAMP
+);
+
+
+ALTER TABLE public.companies OWNER TO aggios;
+
+--
+-- Name: refresh_tokens; Type: TABLE; Schema: public; Owner: aggios
+--
+
+CREATE TABLE public.refresh_tokens (
+    id uuid DEFAULT gen_random_uuid() NOT NULL,
+    user_id uuid NOT NULL,
+    token_hash character varying(255) NOT NULL,
+    expires_at timestamp with time zone NOT NULL,
+    created_at timestamp with time zone DEFAULT CURRENT_TIMESTAMP
+);
+
+
+ALTER TABLE public.refresh_tokens OWNER TO aggios;
+
+--
+-- Name: tenants; Type: TABLE; Schema: public; Owner: aggios
+--
+
+CREATE TABLE public.tenants (
+    id uuid DEFAULT gen_random_uuid() NOT NULL,
+    name character varying(255) NOT NULL,
+    domain character varying(255) NOT NULL,
+    subdomain character varying(63) NOT NULL,
+    cnpj character varying(18),
+    razao_social character varying(255),
+    email character varying(255),
+    phone character varying(20),
+    website character varying(255),
+    address text,
+    city character varying(100),
+    state character varying(2),
+    zip character varying(10),
+    description text,
+    industry character varying(100),
+    is_active boolean DEFAULT true,
+    created_at timestamp with time zone DEFAULT CURRENT_TIMESTAMP,
+    updated_at timestamp with time zone DEFAULT CURRENT_TIMESTAMP,
+    neighborhood character varying(100),
+    street character varying(100),
+    number character varying(20),
+    complement character varying(100),
+    team_size character varying(20),
+    primary_color character varying(7),
+    secondary_color character varying(7),
+    logo_url text,
+    logo_horizontal_url text
+);
+
+
+ALTER TABLE public.tenants OWNER TO aggios;
+
+--
+-- Name: users; Type: TABLE; Schema: public; Owner: aggios
+--
+
+CREATE TABLE public.users (
+    id uuid DEFAULT gen_random_uuid() NOT NULL,
+    tenant_id uuid,
+    email character varying(255) NOT NULL,
+    password_hash character varying(255) NOT NULL,
+    first_name character varying(128),
+    last_name character varying(128),
+    role character varying(50) DEFAULT 'CLIENTE'::character varying,
+    is_active boolean DEFAULT true,
+    created_at timestamp with time zone DEFAULT CURRENT_TIMESTAMP,
+    updated_at timestamp with time zone DEFAULT CURRENT_TIMESTAMP,
+    CONSTRAINT users_role_check CHECK (((role)::text = ANY ((ARRAY['SUPERADMIN'::character varying, 'ADMIN_AGENCIA'::character varying, 'CLIENTE'::character varying])::text[])))
+);
+
+
+ALTER TABLE public.users OWNER TO aggios;
+
+--
+-- Data for Name: companies; Type: TABLE DATA; Schema: public; Owner: aggios
+--
+
+COPY public.companies (id, tenant_id, cnpj, razao_social, nome_fantasia, email, telefone, status, created_by_user_id, created_at, updated_at) FROM stdin;
+\.
+
+
+--
+-- Data for Name: refresh_tokens; Type: TABLE DATA; Schema: public; Owner: aggios
+--
+
+COPY public.refresh_tokens (id, user_id, token_hash, expires_at, created_at) FROM stdin;
+\.
+
+
+--
+-- Data for Name: tenants; Type: TABLE DATA; Schema: public; Owner: aggios
+--
+
+COPY public.tenants (id, name, domain, subdomain, cnpj, razao_social, email, phone, website, address, city, state, zip, description, industry, is_active, created_at, updated_at, neighborhood, street, number, complement, team_size, primary_color, secondary_color, logo_url, logo_horizontal_url) FROM stdin;
+d351e725-1428-45f3-b2e3-ca767e9b952c	Agência Teste	agencia-teste.aggios.app	agencia-teste	\N	\N	\N	\N	\N	\N	\N	\N	\N	\N	\N	t	2025-12-13 22:31:35.818953+00	2025-12-13 22:31:35.818953+00	\N	\N	\N	\N	\N	\N	\N	\N	\N
+13d32cc3-0490-4557-96a3-7a38da194185	Empresa Teste	teste-empresa.localhost	teste-empresa	12.345.678/0001-90	EMPRESA TESTE LTDA	teste@teste.com	(11) 99999-9999	teste.com.br	Avenida Paulista, 1000 - Andar 10	S<EFBFBD>o Paulo	SP	01310-100	Empresa de teste	tecnologia	t	2025-12-13 23:22:58.406376+00	2025-12-13 23:22:58.406376+00	Bela Vista	\N	1000	Andar 10	1-10	#8B5CF6	#A78BFA		
+ae271be0-a63c-407f-9cf6-a4a8c8a0a4dc	IdealPages	idealpages.localhost	idealpages	31.091.190/0001-23	ERIK DA SILVA SANTOS 36615318830	erik@idealpages.com.br	(13) 92000-4392	idealpages.com.br	Rua Quatorze, 150 - Casa	Guarujá	SP	11436-575	Empresa de contrucao de marca e desenvolvimento de software	agencia-digital	t	2025-12-13 23:23:35.508285+00	2025-12-13 23:26:40.947714+00	Vila Zilda	\N	150	Casa	1-10	#8B5CF6	#A78BFA	http://api.localhost/api/files/aggios-logos/tenants/ae271be0-a63c-407f-9cf6-a4a8c8a0a4dc/logo-1765668400.png	
+\.
+
+
+--
+-- Data for Name: users; Type: TABLE DATA; Schema: public; Owner: aggios
+--
+
+COPY public.users (id, tenant_id, email, password_hash, first_name, last_name, role, is_active, created_at, updated_at) FROM stdin;
+7b51ae6e-6fb0-42c4-8473-a98cbfcda6a4	\N	admin@aggios.app	$2a$10$yhCREFqXL7FA4zveCFcl4eYODNTSyt/swuYjS0nXkEq8pzqJo.BwO	Super	Admin	SUPERADMIN	t	2025-12-13 23:02:33.124444+00	2025-12-13 23:02:33.124444+00
+488351e7-4ddc-41a4-9cd3-5c3dec833c44	13d32cc3-0490-4557-96a3-7a38da194185	teste@teste.com	$2a$10$fx3bQqL01A9UqJwSwKpdLuVCq8M/1L9CvcQhx5tTkdinsvCpPsh4a	Teste Silva	\N	ADMIN_AGENCIA	t	2025-12-13 23:22:58.446011+00	2025-12-13 23:22:58.446011+00
+8742c1a1-5f1a-4df3-aa53-dcf94a2a2591	ae271be0-a63c-407f-9cf6-a4a8c8a0a4dc	erik@idealpages.com.br	$2a$10$tD8Kq/ZW0fbmW3Ga5JsKbOUy0nzsIZwkXJKaf43gFDVnRxjaf63Em	Erik da Silva Santos	\N	ADMIN_AGENCIA	t	2025-12-13 23:23:35.551192+00	2025-12-13 23:23:35.551192+00
+\.
+
+
+--
+-- Name: companies companies_pkey; Type: CONSTRAINT; Schema: public; Owner: aggios
+--
+
+ALTER TABLE ONLY public.companies
+    ADD CONSTRAINT companies_pkey PRIMARY KEY (id);
+
+
+--
+-- Name: companies companies_tenant_id_cnpj_key; Type: CONSTRAINT; Schema: public; Owner: aggios
+--
+
+ALTER TABLE ONLY public.companies
+    ADD CONSTRAINT companies_tenant_id_cnpj_key UNIQUE (tenant_id, cnpj);
+
+
+--
+-- Name: refresh_tokens refresh_tokens_pkey; Type: CONSTRAINT; Schema: public; Owner: aggios
+--
+
+ALTER TABLE ONLY public.refresh_tokens
+    ADD CONSTRAINT refresh_tokens_pkey PRIMARY KEY (id);
+
+
+--
+-- Name: tenants tenants_domain_key; Type: CONSTRAINT; Schema: public; Owner: aggios
+--
+
+ALTER TABLE ONLY public.tenants
+    ADD CONSTRAINT tenants_domain_key UNIQUE (domain);
+
+
+--
+-- Name: tenants tenants_pkey; Type: CONSTRAINT; Schema: public; Owner: aggios
+--
+
+ALTER TABLE ONLY public.tenants
+    ADD CONSTRAINT tenants_pkey PRIMARY KEY (id);
+
+
+--
+-- Name: tenants tenants_subdomain_key; Type: CONSTRAINT; Schema: public; Owner: aggios
+--
+
+ALTER TABLE ONLY public.tenants
+    ADD CONSTRAINT tenants_subdomain_key UNIQUE (subdomain);
+
+
+--
+-- Name: users users_email_key; Type: CONSTRAINT; Schema: public; Owner: aggios
+--
+
+ALTER TABLE ONLY public.users
+    ADD CONSTRAINT users_email_key UNIQUE (email);
+
+
+--
+-- Name: users users_pkey; Type: CONSTRAINT; Schema: public; Owner: aggios
+--
+
+ALTER TABLE ONLY public.users
+    ADD CONSTRAINT users_pkey PRIMARY KEY (id);
+
+
+--
+-- Name: idx_companies_cnpj; Type: INDEX; Schema: public; Owner: aggios
+--
+
+CREATE INDEX idx_companies_cnpj ON public.companies USING btree (cnpj);
+
+
+--
+-- Name: idx_companies_tenant_id; Type: INDEX; Schema: public; Owner: aggios
+--
+
+CREATE INDEX idx_companies_tenant_id ON public.companies USING btree (tenant_id);
+
+
+--
+-- Name: idx_refresh_tokens_expires_at; Type: INDEX; Schema: public; Owner: aggios
+--
+
+CREATE INDEX idx_refresh_tokens_expires_at ON public.refresh_tokens USING btree (expires_at);
+
+
+--
+-- Name: idx_refresh_tokens_user_id; Type: INDEX; Schema: public; Owner: aggios
+--
+
+CREATE INDEX idx_refresh_tokens_user_id ON public.refresh_tokens USING btree (user_id);
+
+
+--
+-- Name: idx_tenants_domain; Type: INDEX; Schema: public; Owner: aggios
+--
+
+CREATE INDEX idx_tenants_domain ON public.tenants USING btree (domain);
+
+
+--
+-- Name: idx_tenants_subdomain; Type: INDEX; Schema: public; Owner: aggios
+--
+
+CREATE INDEX idx_tenants_subdomain ON public.tenants USING btree (subdomain);
+
+
+--
+-- Name: idx_users_email; Type: INDEX; Schema: public; Owner: aggios
+--
+
+CREATE INDEX idx_users_email ON public.users USING btree (email);
+
+
+--
+-- Name: idx_users_tenant_id; Type: INDEX; Schema: public; Owner: aggios
+--
+
+CREATE INDEX idx_users_tenant_id ON public.users USING btree (tenant_id);
+
+
+--
+-- Name: companies companies_created_by_user_id_fkey; Type: FK CONSTRAINT; Schema: public; Owner: aggios
+--
+
+ALTER TABLE ONLY public.companies
+    ADD CONSTRAINT companies_created_by_user_id_fkey FOREIGN KEY (created_by_user_id) REFERENCES public.users(id);
+
+
+--
+-- Name: companies companies_tenant_id_fkey; Type: FK CONSTRAINT; Schema: public; Owner: aggios
+--
+
+ALTER TABLE ONLY public.companies
+    ADD CONSTRAINT companies_tenant_id_fkey FOREIGN KEY (tenant_id) REFERENCES public.tenants(id) ON DELETE CASCADE;
+
+
+--
+-- Name: refresh_tokens refresh_tokens_user_id_fkey; Type: FK CONSTRAINT; Schema: public; Owner: aggios
+--
+
+ALTER TABLE ONLY public.refresh_tokens
+    ADD CONSTRAINT refresh_tokens_user_id_fkey FOREIGN KEY (user_id) REFERENCES public.users(id) ON DELETE CASCADE;
+
+
+--
+-- Name: users users_tenant_id_fkey; Type: FK CONSTRAINT; Schema: public; Owner: aggios
+--
+
+ALTER TABLE ONLY public.users
+    ADD CONSTRAINT users_tenant_id_fkey FOREIGN KEY (tenant_id) REFERENCES public.tenants(id) ON DELETE CASCADE;
+
+
+--
+-- PostgreSQL database dump complete
+--
+
+\unrestrict ZSl79LbDN89EVihiEgzYdjR8EV38YLVYgKFBBZX4jKNuTBgFyc2DCZ8bFM5F42n
+

docker-compose.yml

@@ -65,9 +65,24 @@ services:
     container_name: aggios-minio
     restart: unless-stopped
     command: server /data --console-address ":9001"
+    labels:
+      - "traefik.enable=true"
+      # Router para acesso aos arquivos (API S3)
+      - "traefik.http.routers.minio.rule=Host(`files.aggios.local`) || Host(`files.localhost`)"
+      - "traefik.http.routers.minio.entrypoints=web"
+      - "traefik.http.routers.minio.priority=100" # Prioridade alta para evitar captura pelo wildcard
+      - "traefik.http.services.minio.loadbalancer.server.port=9000"
+      - "traefik.http.services.minio.loadbalancer.passhostheader=true"
+      # Router para o Console do MinIO
+      - "traefik.http.routers.minio-console.rule=Host(`minio.aggios.local`) || Host(`minio.localhost`)"
+      - "traefik.http.routers.minio-console.entrypoints=web"
+      - "traefik.http.routers.minio-console.priority=100"
+      - "traefik.http.services.minio-console.loadbalancer.server.port=9001"
     environment:
       MINIO_ROOT_USER: minioadmin
       MINIO_ROOT_PASSWORD: ${MINIO_PASSWORD:-M1n10_S3cur3_P@ss_2025!}
+      MINIO_BROWSER_REDIRECT_URL: http://minio.localhost
+      MINIO_SERVER_URL: http://files.localhost
     volumes:
       - minio_data:/data
     ports:
@@ -89,12 +104,15 @@ services:
       dockerfile: Dockerfile
     container_name: aggios-backend
     restart: unless-stopped
+    ports:
+      - "8085:8080"
     labels:
       - "traefik.enable=true"
       - "traefik.http.routers.backend.rule=Host(`api.aggios.local`) || Host(`api.localhost`)"
       - "traefik.http.routers.backend.entrypoints=web"
       - "traefik.http.services.backend.loadbalancer.server.port=8080"
     environment:
+      TZ: America/Sao_Paulo
       SERVER_HOST: 0.0.0.0
       SERVER_PORT: 8080
       JWT_SECRET: ${JWT_SECRET:-Th1s_1s_A_V3ry_S3cur3_JWT_S3cr3t_K3y_2025_Ch@ng3_In_Pr0d!}
@@ -107,8 +125,11 @@ services:
       REDIS_PORT: 6379
       REDIS_PASSWORD: ${REDIS_PASSWORD:-R3d1s_S3cur3_P@ss_2025!}
       MINIO_ENDPOINT: minio:9000
+      MINIO_PUBLIC_URL: http://files.localhost
       MINIO_ROOT_USER: minioadmin
       MINIO_ROOT_PASSWORD: ${MINIO_PASSWORD:-M1n10_S3cur3_P@ss_2025!}
+    volumes:
+      - ./backups:/backups
     depends_on:
       postgres:
         condition: service_healthy
@@ -178,6 +199,7 @@ services:
       - "traefik.enable=true"
       - "traefik.http.routers.agency.rule=Host(`agency.aggios.local`) || Host(`agency.localhost`) || HostRegexp(`^.+\\.localhost$`)"
       - "traefik.http.routers.agency.entrypoints=web"
+      - "traefik.http.routers.agency.priority=1" # Prioridade baixa para não conflitar com files/minio
     environment:
       - NODE_ENV=production
       - NEXT_PUBLIC_API_URL=http://api.localhost

docs/COLABORADORES_SETUP.md

@@ -0,0 +1,159 @@
+# Sistema de Hierarquia de Usuários - Guia de Configuração
+
+## Visão Geral
+
+O sistema implementa dois tipos de usuários para agências:
+
+1. **Dono da Agência (owner)** - Acesso total
+   - Pode convidar colaboradores
+   - Pode remover colaboradores
+   - Tem acesso completo ao CRM
+
+2. **Colaborador (collaborator)** - Acesso Restrito
+   - Pode VER leads e clientes
+   - **NÃO pode** editar ou remover dados
+   - Acesso somente leitura (read-only)
+
+## Configuração Inicial
+
+### Passo 1: Configurar o primeiro usuário como "owner"
+
+Após criar a primeira agência e seu usuário admin, execute o script SQL:
+
+```bash
+docker exec aggios-postgres psql -U postgres -d aggios < /docker-entrypoint-initdb.d/../setup_owner_role.sql
+```
+
+Ou manualmente:
+
+```sql
+UPDATE users 
+SET agency_role = 'owner'
+WHERE email = 'seu-email@exemplo.com' AND role = 'ADMIN_AGENCIA';
+```
+
+### Passo 2: Login e acessar o gerenciamento de colaboradores
+
+1. Faça login com o usuário owner
+2. Vá em **Configurações > Equipe**
+3. Clique em "Convidar Colaborador"
+
+### Passo 3: Convidar um colaborador
+
+- Preencha Nome e Email
+- Clique em "Convidar"
+- Copie a senha temporária (16 caracteres)
+- Compartilhe com o colaborador
+
+## Fluxo de Funcionamento
+
+### Quando um Colaborador é Convidado
+
+1. Novo usuário é criado com `agency_role = 'collaborator'`
+2. Recebe uma **senha temporária aleatória**
+3. Email é adicionado à agência do owner
+
+### Quando um Colaborador Faz Login
+
+1. JWT contém `"agency_role": "collaborator"`
+2. Frontend detecta a restrição
+   - Botões de editar/deletar desabilitados
+   - Mensagens de acesso restrito
+3. Backend bloqueia POST/PUT/DELETE em `/api/crm/*`
+   - Retorna 403 Forbidden se tentar
+
+### Dados no JWT
+
+```json
+{
+  "user_id": "uuid",
+  "user_type": "agency_user",
+  "agency_role": "owner",  // ou "collaborator"
+  "email": "usuario@exemplo.com",
+  "role": "ADMIN_AGENCIA",
+  "tenant_id": "uuid",
+  "exp": 1234567890
+}
+```
+
+## Banco de Dados
+
+### Novos Campos na Tabela `users`
+
+```sql
+- agency_role VARCHAR(50)           -- 'owner' ou 'collaborator'
+- created_by UUID REFERENCES users  -- Quem criou este colaborador
+- collaborator_created_at TIMESTAMP -- Quando foi adicionado
+```
+
+## Endpoints da API
+
+### Listar Colaboradores
+```
+GET /api/agency/collaborators
+Headers: Authorization: Bearer <token>
+Resposta: Array de Collaborators
+Restrição: Apenas owner pode usar
+```
+
+### Convidar Colaborador
+```
+POST /api/agency/collaborators/invite
+Body: { "email": "...", "name": "..." }
+Resposta: { "temporary_password": "..." }
+Restrição: Apenas owner pode usar
+```
+
+### Remover Colaborador
+```
+DELETE /api/agency/collaborators/{id}
+Restrição: Apenas owner pode usar
+```
+
+## Página de Interface
+
+**Localização:** `/configuracoes` → Aba "Equipe"
+
+### Funcionalidades
+- ✅ Ver lista de colaboradores (dono apenas)
+- ✅ Convidar novo colaborador
+- ✅ Copiar senha temporária
+- ✅ Remover colaborador (com confirmação)
+- ✅ Ver data de adição de cada colaborador
+- ✅ Indicador visual (badge) do tipo de usuário
+
+## Troubleshooting
+
+### "Apenas o dono da agência pode gerenciar colaboradores"
+
+**Causa:** O usuário não tem `agency_role = 'owner'`
+
+**Solução:**
+```sql
+UPDATE users 
+SET agency_role = 'owner'
+WHERE id = 'seu-user-id';
+```
+
+### Colaborador consegue editar dados (bug)
+
+**Causa:** A middleware de read-only não está ativa
+
+**Status:** Implementada em `backend/internal/api/middleware/collaborator_readonly.go`
+
+**Para ativar:** Descomente a linha em `main.go` que aplica `CheckCollaboratorReadOnly`
+
+### Senha temporária não aparece
+
+**Verificar:**
+1. API `/api/agency/collaborators/invite` retorna 200?
+2. Response JSON tem o campo `temporary_password`?
+3. Verificar logs do backend para erros
+
+## Próximas Melhorias
+
+- [ ] Permitir editar nome/email do colaborador
+- [ ] Definir permissões granulares por colaborador
+- [ ] Histórico de ações feitas por cada colaborador
+- [ ] 2FA para owners
+- [ ] Auditoria de quem removeu quem

docs/backup-system.md

@@ -0,0 +1,186 @@
+# 📦 Sistema de Backup & Restore - Aggios
+
+## 🎯 Funcionalidades Implementadas
+
+### Interface Web (Superadmin)
+**URL:** `http://dash.localhost/superadmin/backup`
+
+Disponível apenas para usuários com role `superadmin`.
+
+#### Recursos:
+1. **Criar Backup**
+   - Botão para criar novo backup instantâneo
+   - Mostra nome do arquivo e tamanho
+   - Mantém automaticamente apenas os últimos 10 backups
+
+2. **Listar Backups**
+   - Exibe todos os backups disponíveis
+   - Informações: nome, data, tamanho
+   - Seleção visual do backup ativo
+
+3. **Restaurar Backup**
+   - Seleção de backup na lista
+   - Confirmação de segurança (alerta de sobrescrita)
+   - Recarrega a página após restauração
+
+4. **Download de Backup**
+   - Botão de download em cada backup
+   - Download direto do arquivo .sql
+
+### API Endpoints
+
+#### 1. Listar Backups
+```
+GET /api/superadmin/backups
+Authorization: Bearer {token}
+```
+
+**Resposta:**
+```json
+{
+  "backups": [
+    {
+      "filename": "aggios_backup_2025-12-13_20-23-08.sql",
+      "size": "20.49 KB",
+      "date": "13/12/2025 20:23:08",
+      "timestamp": "2025-12-13_20-23-08"
+    }
+  ]
+}
+```
+
+#### 2. Criar Backup
+```
+POST /api/superadmin/backup/create
+Authorization: Bearer {token}
+```
+
+**Resposta:**
+```json
+{
+  "message": "Backup created successfully",
+  "filename": "aggios_backup_2025-12-13_20-30-15.sql",
+  "size": "20.52 KB"
+}
+```
+
+#### 3. Restaurar Backup
+```
+POST /api/superadmin/backup/restore
+Authorization: Bearer {token}
+Content-Type: application/json
+
+{
+  "filename": "aggios_backup_2025-12-13_20-23-08.sql"
+}
+```
+
+**Resposta:**
+```json
+{
+  "message": "Backup restored successfully"
+}
+```
+
+#### 4. Download de Backup
+```
+GET /api/superadmin/backup/download/{filename}
+Authorization: Bearer {token}
+```
+
+**Resposta:** Arquivo .sql para download
+
+## 📂 Estrutura de Arquivos
+
+```
+backups/
+├── aggios_backup_2025-12-13_19-56-18.sql
+├── aggios_backup_2025-12-13_20-12-49.sql
+├── aggios_backup_2025-12-13_20-17-59.sql
+└── aggios_backup_2025-12-13_20-23-08.sql (mais recente)
+```
+
+## ⚙️ Scripts PowerShell (ainda funcionam!)
+
+### Backup Manual
+```powershell
+cd g:\Projetos\aggios-app\scripts
+.\backup-db.ps1
+```
+
+### Restaurar Último Backup
+```powershell
+cd g:\Projetos\aggios-app\scripts
+.\restore-db.ps1
+```
+
+## 🔒 Segurança
+
+1. ✅ Apenas superadmins podem acessar
+2. ✅ Validação de arquivos (apenas .sql na pasta backups/)
+3. ✅ Proteção contra path traversal
+4. ✅ Autenticação JWT obrigatória
+5. ✅ Confirmação dupla antes de restaurar
+
+## ⚠️ Avisos Importantes
+
+1. **Backup Automático:** 
+   - Ainda não configurado
+   - Por enquanto, fazer backups manuais antes de `docker-compose down -v`
+
+2. **Limite de Backups:**
+   - Sistema mantém apenas os **últimos 10 backups**
+   - Backups antigos são deletados automaticamente
+
+3. **Restauração:**
+   - ⚠️ **SOBRESCREVE TODOS OS DADOS ATUAIS**
+   - Sempre peça confirmação dupla
+   - Cria um backup automático antes? (implementar depois)
+
+## 🚀 Como Usar
+
+1. **Acesse o Superadmin:**
+   - Login: admin@aggios.app
+   - Senha: Ag@}O%}Z;if)97o*JOgNMbP2025!
+
+2. **No Menu Lateral:**
+   - Clique em "Backup & Restore" (ícone de servidor)
+
+3. **Criar Backup:**
+   - Clique em "Criar Novo Backup"
+   - Aguarde confirmação
+
+4. **Restaurar:**
+   - Selecione o backup desejado na lista
+   - Clique em "Restaurar Backup"
+   - Confirme o alerta
+   - Aguarde reload da página
+
+## 🐛 Troubleshooting
+
+### Erro ao criar backup
+```bash
+# Verificar se o container está rodando
+docker ps | grep aggios-postgres
+
+# Verificar logs
+docker logs aggios-backend --tail 50
+```
+
+### Erro ao restaurar
+```bash
+# Verificar permissões
+ls -la g:\Projetos\aggios-app\backups\
+
+# Testar manualmente
+docker exec -i aggios-postgres psql -U aggios aggios_db < backup.sql
+```
+
+## 📝 TODO Futuro
+
+- [ ] Backup automático agendado (diário)
+- [ ] Backup antes de restaurar (safety)
+- [ ] Upload de backup externo
+- [ ] Exportar/importar apenas tabelas específicas
+- [ ] Histórico de restaurações
+- [ ] Notificações por email

front-end-agency/Dockerfile

@@ -30,6 +30,12 @@ RUN npm ci --omit=dev
 COPY --from=builder /app/.next ./.next
 COPY --from=builder /app/public ./public
 
+# Create uploads directory
+RUN mkdir -p ./public/uploads/logos && chown -R node:node ./public/uploads
+
+# Switch to node user
+USER node
+
 # Expose port
 EXPOSE 3000
 

front-end-agency/app/(agency)/AgencyLayoutClient.tsx

@@ -0,0 +1,154 @@
+'use client';
+
+import { DashboardLayout } from '@/components/layout/DashboardLayout';
+import { AgencyBranding } from '@/components/layout/AgencyBranding';
+import AuthGuard from '@/components/auth/AuthGuard';
+import { CRMFilterProvider } from '@/contexts/CRMFilterContext';
+import { useState, useEffect } from 'react';
+import { getUser } from '@/lib/auth';
+import {
+    HomeIcon,
+    RocketLaunchIcon,
+    UserPlusIcon,
+    RectangleStackIcon,
+    UsersIcon,
+    MegaphoneIcon,
+    BanknotesIcon,
+    CubeIcon,
+    ShoppingCartIcon,
+    ArrowDownCircleIcon,
+    ChartBarIcon,
+    WalletIcon,
+    UserGroupIcon,
+    ArchiveBoxIcon,
+    AdjustmentsHorizontalIcon,
+    ArrowTrendingUpIcon,
+    ArrowTrendingDownIcon,
+    DocumentTextIcon,
+    ShoppingBagIcon
+} from '@heroicons/react/24/outline';
+
+const AGENCY_MENU_ITEMS = [
+    { id: 'dashboard', label: 'Dashboard', href: '/dashboard', icon: HomeIcon },
+    {
+        id: 'documentos',
+        label: 'Documentos',
+        href: '/documentos',
+        icon: DocumentTextIcon,
+        requiredSolution: 'documentos'
+    },
+    {
+        id: 'crm',
+        label: 'CRM',
+        href: '/crm',
+        icon: RocketLaunchIcon,
+        requiredSolution: 'crm',
+        subItems: [
+            { label: 'Visão Geral', href: '/crm', icon: HomeIcon },
+            { label: 'Funis de Vendas', href: '/crm/funis', icon: RectangleStackIcon },
+            { label: 'Clientes', href: '/crm/clientes', icon: UsersIcon },
+            { label: 'Campanhas', href: '/crm/campanhas', icon: MegaphoneIcon },
+            { label: 'Leads', href: '/crm/leads', icon: UserPlusIcon },
+        ]
+    },
+    {
+        id: 'erp',
+        label: 'ERP',
+        href: '/erp',
+        icon: BanknotesIcon,
+        requiredSolution: 'erp',
+        subItems: [
+            { label: 'Visão Geral', href: '/erp', icon: ChartBarIcon },
+            { label: 'Produtos e Estoque', href: '/erp/estoque', icon: ArchiveBoxIcon },
+            { label: 'Pedidos e Vendas', href: '/erp/pedidos', icon: ShoppingBagIcon },
+            { label: 'Caixa', href: '/erp/caixa', icon: WalletIcon },
+            { label: 'Contas a Receber', href: '/erp/receber', icon: ArrowTrendingUpIcon },
+            { label: 'Contas a Pagar', href: '/erp/pagar', icon: ArrowTrendingDownIcon },
+        ]
+    },
+];
+
+interface AgencyLayoutClientProps {
+    children: React.ReactNode;
+    colors?: {
+        primary: string;
+        secondary: string;
+    } | null;
+}
+
+export function AgencyLayoutClient({ children, colors }: AgencyLayoutClientProps) {
+    const [filteredMenuItems, setFilteredMenuItems] = useState(AGENCY_MENU_ITEMS);
+    const [loading, setLoading] = useState(true);
+
+    useEffect(() => {
+        const fetchTenantSolutions = async () => {
+            try {
+                console.log('🔍 Buscando soluções do tenant...');
+                const response = await fetch('/api/tenant/solutions', {
+                    headers: {
+                        'Authorization': `Bearer ${localStorage.getItem('token')}`,
+                    },
+                });
+
+                console.log('📡 Response status:', response.status);
+
+                if (response.ok) {
+                    const data = await response.json();
+                    console.log('📦 Dados recebidos:', data);
+                    const solutions = data.solutions || [];
+                    console.log('✅ Soluções:', solutions);
+
+                    // Mapear slugs de solutions para IDs de menu
+                    const solutionSlugs = solutions.map((s: any) => s.slug.toLowerCase());
+                    console.log('🏷️ Slugs das soluções:', solutionSlugs);
+
+                    // Sempre mostrar dashboard + soluções disponíveis
+                    // Segurança Máxima: ERP só para ADMIN_AGENCIA
+                    const user = getUser();
+                    const filtered = AGENCY_MENU_ITEMS.filter(item => {
+                        if (item.id === 'dashboard') return true;
+
+                        // ERP restrito a administradores da agência
+                        if (item.id === 'erp' && user?.role !== 'ADMIN_AGENCIA') {
+                            return false;
+                        }
+
+                        const requiredSolution = (item as any).requiredSolution;
+                        const hasSolution = solutionSlugs.includes((requiredSolution || item.id).toLowerCase());
+
+                        // Temporariamente forçar a exibição de Documentos para debug
+                        if (item.id === 'documentos') return true;
+
+                        return hasSolution;
+                    });
+
+                    console.log('📋 Menu filtrado:', filtered.map(i => i.id));
+                    setFilteredMenuItems(filtered);
+                } else {
+                    console.error('❌ Erro na resposta:', response.status);
+                    // Em caso de erro, mostrar todos (fallback)
+                    setFilteredMenuItems(AGENCY_MENU_ITEMS);
+                }
+            } catch (error) {
+                console.error('❌ Error fetching solutions:', error);
+                // Em caso de erro, mostrar todos (fallback)
+                setFilteredMenuItems(AGENCY_MENU_ITEMS);
+            } finally {
+                setLoading(false);
+            }
+        };
+
+        fetchTenantSolutions();
+    }, []);
+
+    return (
+        <AuthGuard allowedTypes={['agency_user']}>
+            <CRMFilterProvider>
+                <AgencyBranding colors={colors} />
+                <DashboardLayout menuItems={loading ? [AGENCY_MENU_ITEMS[0]] : filteredMenuItems}>
+                    {children}
+                </DashboardLayout>
+            </CRMFilterProvider>
+        </AuthGuard>
+    );
+}

front-end-agency/app/(agency)/clientes/page.tsx

@@ -1,26 +0,0 @@
-"use client";
-
-export default function ClientesPage() {
-    return (
-        <div className="p-6">
-            <div className="mb-6">
-                <h1 className="text-2xl font-bold text-gray-900 dark:text-white mb-2">Clientes</h1>
-                <p className="text-gray-600 dark:text-gray-400">Gerencie sua carteira de clientes</p>
-            </div>
-
-            <div className="bg-white dark:bg-gray-800 rounded-lg p-12 border border-gray-200 dark:border-gray-700 text-center">
-                <div className="max-w-md mx-auto">
-                    <div className="w-24 h-24 bg-blue-100 dark:bg-blue-900/30 rounded-full flex items-center justify-center mx-auto mb-6">
-                        <i className="ri-user-line text-5xl text-blue-600 dark:text-blue-400"></i>
-                    </div>
-                    <h2 className="text-2xl font-bold text-gray-900 dark:text-white mb-3">
-                        Módulo CRM em Desenvolvimento
-                    </h2>
-                    <p className="text-gray-600 dark:text-gray-400">
-                        Em breve você poderá gerenciar seus clientes com recursos avançados de CRM.
-                    </p>
-                </div>
-            </div>
-        </div>
-    );
-}

front-end-agency/app/(agency)/configuracoes/page.tsx

@@ -2,8 +2,9 @@
 
 import { useState, useEffect } from 'react';
 import { Tab } from '@headlessui/react';
-import { Button, Dialog } from '@/components/ui';
+import { Button, Dialog, Input } from '@/components/ui';
 import { Toaster, toast } from 'react-hot-toast';
+import TeamManagement from '@/components/team/TeamManagement';
 import {
     BuildingOfficeIcon,
     PhotoIcon,
@@ -44,6 +45,7 @@ export default function ConfiguracoesPage() {
     const [showSupportDialog, setShowSupportDialog] = useState(false);
     const [supportMessage, setSupportMessage] = useState('Para alterar estes dados, contate o suporte.');
     const [loading, setLoading] = useState(true);
+    const [saving, setSaving] = useState(false);
     const [loadingCep, setLoadingCep] = useState(false);
     const [uploadingLogo, setUploadingLogo] = useState(false);
     const [logoPreview, setLogoPreview] = useState<string | null>(null);
@@ -70,8 +72,32 @@ export default function ConfiguracoesPage() {
         teamSize: '',
         logoUrl: '',
         logoHorizontalUrl: '',
+        primaryColor: '#ff3a05',
+        secondaryColor: '#ff0080',
     });
 
+    // Live Preview da Cor Primária
+    useEffect(() => {
+        if (agencyData.primaryColor) {
+            const root = document.documentElement;
+            const hexToRgb = (hex: string) => {
+                const result = /^#?([a-f\d]{2})([a-f\d]{2})([a-f\d]{2})$/i.exec(hex);
+                return result ? `${parseInt(result[1], 16)} ${parseInt(result[2], 16)} ${parseInt(result[3], 16)}` : null;
+            };
+
+            const primaryRgb = hexToRgb(agencyData.primaryColor);
+
+            if (primaryRgb) {
+                root.style.setProperty('--brand-rgb', primaryRgb);
+                root.style.setProperty('--brand-strong-rgb', primaryRgb);
+                root.style.setProperty('--brand-hover-rgb', primaryRgb);
+            }
+
+            root.style.setProperty('--brand-color', agencyData.primaryColor);
+            root.style.setProperty('--gradient', `linear-gradient(135deg, ${agencyData.primaryColor}, ${agencyData.primaryColor})`);
+        }
+    }, [agencyData.primaryColor]);
+
     // Dados para alteração de senha
     const [passwordData, setPasswordData] = useState({
         currentPassword: '',
@@ -102,9 +128,6 @@ export default function ConfiguracoesPage() {
 
                 if (response.ok) {
                     const data = await response.json();
-                    console.log('DEBUG: API response data:', data);
-                    console.log('DEBUG: logo_url:', data.logo_url);
-                    console.log('DEBUG: logo_horizontal_url:', data.logo_horizontal_url);
 
                     const parsedAddress = parseAddressParts(data.address || '');
                     setAgencyData({
@@ -125,19 +148,26 @@ export default function ConfiguracoesPage() {
                         description: data.description || '',
                         industry: data.industry || '',
                         teamSize: data.team_size || '',
-                        logoUrl: data.logo_url || '',
+                        logoUrl: data.logo_url || localStorage.getItem('agency-logo-url') || '',
-                        logoHorizontalUrl: data.logo_horizontal_url || '',
+                        logoHorizontalUrl: data.logo_horizontal_url || localStorage.getItem('agency-logo-horizontal-url') || '',
+                        primaryColor: data.primary_color || '#ff3a05',
+                        secondaryColor: data.secondary_color || '#ff0080',
                     });
 
-                    // Set logo previews
+                    // Set logo previews - usar localStorage como fallback se API não retornar
-                    console.log('DEBUG: Setting previews...');
+                    const cachedLogo = localStorage.getItem('agency-logo-url');
-                    if (data.logo_url) {
+                    const cachedHorizontal = localStorage.getItem('agency-logo-horizontal-url');
-                        console.log('DEBUG: Setting logoPreview to:', data.logo_url);
+
-                        setLogoPreview(data.logo_url);
+                    const finalLogoUrl = data.logo_url || cachedLogo;
+                    const finalHorizontalUrl = data.logo_horizontal_url || cachedHorizontal;
+
+                    if (finalLogoUrl) {
+                        setLogoPreview(finalLogoUrl);
+                        localStorage.setItem('agency-logo-url', finalLogoUrl);
                     }
-                    if (data.logo_horizontal_url) {
+                    if (finalHorizontalUrl) {
-                        console.log('DEBUG: Setting logoHorizontalPreview to:', data.logo_horizontal_url);
+                        setLogoHorizontalPreview(finalHorizontalUrl);
-                        setLogoHorizontalPreview(data.logo_horizontal_url);
+                        localStorage.setItem('agency-logo-horizontal-url', finalHorizontalUrl);
                     }
                 } else {
                     console.error('Erro ao buscar dados:', response.status);
@@ -166,6 +196,8 @@ export default function ConfiguracoesPage() {
                             teamSize: data.formData?.teamSize || '',
                             logoUrl: '',
                             logoHorizontalUrl: '',
+                            primaryColor: '#ff3a05',
+                            secondaryColor: '#ff0080',
                         });
                     }
                 }
@@ -223,11 +255,18 @@ export default function ConfiguracoesPage() {
                 if (type === 'logo') {
                     setAgencyData(prev => ({ ...prev, logoUrl }));
                     setLogoPreview(logoUrl);
+                    // Salvar no localStorage para uso do favicon
+                    localStorage.setItem('agency-logo-url', logoUrl);
                 } else {
                     setAgencyData(prev => ({ ...prev, logoHorizontalUrl: logoUrl }));
                     setLogoHorizontalPreview(logoUrl);
                 }
 
+                // Disparar evento para atualizar branding em tempo real
+                if (typeof window !== 'undefined') {
+                    window.dispatchEvent(new Event('branding-update'));
+                }
+
                 toast.success('Logo enviado com sucesso!');
             } else {
                 const errorData = await response.json().catch(() => ({}));
@@ -319,11 +358,13 @@ export default function ConfiguracoesPage() {
     };
 
     const handleSaveAgency = async () => {
+        setSaving(true);
         try {
             const token = localStorage.getItem('token');
             if (!token) {
                 setSuccessMessage('Você precisa estar autenticado.');
                 setShowSuccessDialog(true);
+                setSaving(false);
                 return;
             }
 
@@ -354,17 +395,47 @@ export default function ConfiguracoesPage() {
                     description: agencyData.description,
                     industry: agencyData.industry,
                     team_size: agencyData.teamSize,
+                    primary_color: agencyData.primaryColor,
+                    secondary_color: agencyData.secondaryColor,
                 }),
             });
 
             if (response.ok) {
                 setSuccessMessage('Dados da agência salvos com sucesso!');
+
+                // Atualiza localStorage imediatamente para persistência instantânea
+                localStorage.setItem('agency-primary-color', agencyData.primaryColor);
+                localStorage.setItem('agency-secondary-color', agencyData.secondaryColor);
+
+                // Preservar logos no localStorage (não sobrescrever com valores vazios)
+                // Logos são gerenciados separadamente via upload
+                const currentLogoCache = localStorage.getItem('agency-logo-url');
+                const currentHorizontalCache = localStorage.getItem('agency-logo-horizontal-url');
+
+                // Só atualizar se temos valores novos no estado
+                if (agencyData.logoUrl) {
+                    localStorage.setItem('agency-logo-url', agencyData.logoUrl);
+                } else if (!currentLogoCache && logoPreview) {
+                    // Se não tem cache mas tem preview, usar o preview
+                    localStorage.setItem('agency-logo-url', logoPreview);
+                }
+
+                if (agencyData.logoHorizontalUrl) {
+                    localStorage.setItem('agency-logo-horizontal-url', agencyData.logoHorizontalUrl);
+                } else if (!currentHorizontalCache && logoHorizontalPreview) {
+                    localStorage.setItem('agency-logo-horizontal-url', logoHorizontalPreview);
+                }
+
+                // Disparar evento para atualizar o tema em tempo real
+                window.dispatchEvent(new Event('branding-update'));
             } else {
                 setSuccessMessage('Erro ao salvar dados. Tente novamente.');
             }
         } catch (error) {
             console.error('Erro ao salvar:', error);
             setSuccessMessage('Erro ao salvar dados. Verifique sua conexão.');
+        } finally {
+            setSaving(false);
         }
         setShowSuccessDialog(true);
     };
@@ -437,7 +508,7 @@ export default function ConfiguracoesPage() {
             {/* Loading State */}
             {loading ? (
                 <div className="flex items-center justify-center py-12">
-                    <div className="animate-spin rounded-full h-12 w-12 border-b-2 border-gray-900 dark:border-gray-100"></div>
+                    <div className="animate-spin rounded-full h-12 w-12 border-b border-gray-900 dark:border-gray-100"></div>
                 </div>
             ) : (
                 <>
@@ -475,52 +546,40 @@ export default function ConfiguracoesPage() {
 
                                     <div className="grid grid-cols-1 md:grid-cols-2 gap-6">
                                         <div>
-                                            <label className="block text-sm font-medium text-gray-700 dark:text-gray-300 mb-2">
+                                            <Input
-                                                Nome da Agência
+                                                label="Nome da Agência"
-                                            </label>
-                                            <input
-                                                type="text"
                                                 value={agencyData.name}
                                                 onChange={(e) => setAgencyData({ ...agencyData, name: e.target.value })}
-                                                className="w-full px-4 py-2 border border-gray-300 dark:border-gray-600 rounded-lg bg-white dark:bg-gray-900 text-gray-900 dark:text-white focus:ring-2 focus:ring-gray-400 dark:focus:ring-gray-600 focus:outline-none"
+                                                placeholder="Ex: Minha Agência"
                                             />
                                         </div>
 
                                         <div>
-                                            <label className="block text-sm font-medium text-gray-700 dark:text-gray-300 mb-2">
+                                            <Input
-                                                Razão Social
+                                                label="Razão Social"
-                                            </label>
-                                            <input
-                                                type="text"
                                                 value={agencyData.razaoSocial}
                                                 onChange={(e) => setAgencyData({ ...agencyData, razaoSocial: e.target.value })}
-                                                className="w-full px-4 py-2 border border-gray-300 dark:border-gray-600 rounded-lg bg-white dark:bg-gray-900 text-gray-900 dark:text-white focus:ring-2 focus:ring-gray-400 dark:focus:ring-gray-600 focus:outline-none"
+                                                placeholder="Razão Social Ltda"
                                             />
                                         </div>
 
                                         <div>
-                                            <label className="text-sm font-medium text-gray-700 dark:text-gray-300 mb-2 flex items-center justify-between">
+                                            <Input
-                                                <span>CNPJ</span>
+                                                label="CNPJ"
-                                                <span className="text-xs text-gray-500">Alteração via suporte</span>
-                                            </label>
-                                            <input
-                                                type="text"
                                                 value={agencyData.cnpj}
                                                 readOnly
                                                 onClick={() => {
                                                     setSupportMessage('Para alterar CNPJ, contate o suporte.');
                                                     setShowSupportDialog(true);
                                                 }}
-                                                className="w-full px-4 py-2 border border-gray-300 dark:border-gray-600 rounded-lg bg-gray-50 dark:bg-gray-800 text-gray-900 dark:text-white focus:outline-none cursor-pointer"
+                                                className="cursor-pointer bg-gray-50 dark:bg-gray-800"
+                                                helperText="Alteração via suporte"
                                             />
                                         </div>
 
                                         <div>
-                                            <label className="text-sm font-medium text-gray-700 dark:text-gray-300 mb-2 flex items-center justify-between">
+                                            <Input
-                                                <span>E-mail (acesso)</span>
+                                                label="E-mail (acesso)"
-                                                <span className="text-xs text-gray-500">Alteração via suporte</span>
-                                            </label>
-                                            <input
                                                 type="email"
                                                 value={agencyData.email}
                                                 readOnly
@@ -528,55 +587,47 @@ export default function ConfiguracoesPage() {
                                                     setSupportMessage('Para alterar o e-mail de acesso, contate o suporte.');
                                                     setShowSupportDialog(true);
                                                 }}
-                                                className="w-full px-4 py-2 border border-gray-300 dark:border-gray-600 rounded-lg bg-gray-50 dark:bg-gray-800 text-gray-900 dark:text-white focus:outline-none cursor-pointer"
+                                                className="cursor-pointer bg-gray-50 dark:bg-gray-800"
+                                                helperText="Alteração via suporte"
                                             />
                                         </div>
 
                                         <div>
-                                            <label className="block text-sm font-medium text-gray-700 dark:text-gray-300 mb-2">
+                                            <Input
-                                                Telefone / WhatsApp
+                                                label="Telefone / WhatsApp"
-                                            </label>
-                                            <input
                                                 type="tel"
                                                 value={agencyData.phone}
                                                 onChange={(e) => setAgencyData({ ...agencyData, phone: e.target.value })}
-                                                className="w-full px-4 py-2 border border-gray-300 dark:border-gray-600 rounded-lg bg-white dark:bg-gray-900 text-gray-900 dark:text-white focus:ring-2 focus:ring-gray-400 dark:focus:ring-gray-600 focus:outline-none"
+                                                placeholder="(00) 00000-0000"
                                             />
                                         </div>
 
                                         <div className="md:col-span-2">
-                                            <label className="block text-sm font-medium text-gray-700 dark:text-gray-300 mb-2">
+                                            <Input
-                                                Website
+                                                label="Website"
-                                            </label>
-                                            <input
                                                 type="url"
                                                 value={agencyData.website}
                                                 onChange={(e) => setAgencyData({ ...agencyData, website: e.target.value })}
-                                                className="w-full px-4 py-2 border border-gray-300 dark:border-gray-600 rounded-lg bg-white dark:bg-gray-900 text-gray-900 dark:text-white focus:ring-2 focus:ring-gray-400 dark:focus:ring-gray-600 focus:outline-none"
+                                                placeholder="https://www.suaagencia.com.br"
+                                                leftIcon="ri-global-line"
                                             />
                                         </div>
 
                                         <div>
-                                            <label className="block text-sm font-medium text-gray-700 dark:text-gray-300 mb-2">
+                                            <Input
-                                                Segmento / Indústria
+                                                label="Segmento / Indústria"
-                                            </label>
-                                            <input
-                                                type="text"
                                                 value={agencyData.industry}
                                                 onChange={(e) => setAgencyData({ ...agencyData, industry: e.target.value })}
-                                                className="w-full px-4 py-2 border border-gray-300 dark:border-gray-600 rounded-lg bg-white dark:bg-gray-900 text-gray-900 dark:text-white focus:ring-2 focus:ring-gray-400 dark:focus:ring-gray-600 focus:outline-none"
+                                                placeholder="Ex: Marketing Digital"
                                             />
                                         </div>
 
                                         <div>
-                                            <label className="block text-sm font-medium text-gray-700 dark:text-gray-300 mb-2">
+                                            <Input
-                                                Tamanho da Equipe
+                                                label="Tamanho da Equipe"
-                                            </label>
-                                            <input
-                                                type="text"
                                                 value={agencyData.teamSize}
                                                 onChange={(e) => setAgencyData({ ...agencyData, teamSize: e.target.value })}
-                                                className="w-full px-4 py-2 border border-gray-300 dark:border-gray-600 rounded-lg bg-white dark:bg-gray-900 text-gray-900 dark:text-white focus:ring-2 focus:ring-gray-400 dark:focus:ring-gray-600 focus:outline-none"
+                                                placeholder="Ex: 10-50 funcionários"
                                             />
                                         </div>
                                     </div>
@@ -591,11 +642,8 @@ export default function ConfiguracoesPage() {
                                     <div className="grid grid-cols-1 md:grid-cols-2 gap-6">
 
                                         <div>
-                                            <label className="block text-sm font-medium text-gray-700 dark:text-gray-300 mb-2">
+                                            <Input
-                                                CEP
+                                                label="CEP"
-                                            </label>
-                                            <input
-                                                type="text"
                                                 value={agencyData.zip}
                                                 onChange={(e) => {
                                                     const formatted = formatCep(e.target.value);
@@ -617,85 +665,74 @@ export default function ConfiguracoesPage() {
                                                         }));
                                                     }
                                                 }}
-                                                className="w-full px-4 py-2 border border-gray-300 dark:border-gray-600 rounded-lg bg-white dark:bg-gray-900 text-gray-900 dark:text-white focus:ring-2 focus:ring-gray-400 dark:focus:ring-gray-600 focus:outline-none"
+                                                placeholder="00000-000"
+                                                rightIcon={loadingCep ? "ri-loader-4-line animate-spin" : undefined}
                                             />
                                         </div>
 
                                         <div>
-                                            <label className="block text-sm font-medium text-gray-700 dark:text-gray-300 mb-2">
+                                            <Input
-                                                Estado
+                                                label="Estado"
-                                            </label>
-                                            <input
-                                                type="text"
                                                 value={agencyData.state}
                                                 readOnly
-                                                className="w-full px-4 py-2 border border-gray-300 dark:border-gray-600 rounded-lg bg-gray-50 dark:bg-gray-800 text-gray-900 dark:text-white focus:outline-none cursor-not-allowed"
+                                                className="bg-gray-50 dark:bg-gray-800 cursor-not-allowed"
                                             />
-                                        </div>                                                <div>
+                                        </div>
-                                            <label className="block text-sm font-medium text-gray-700 dark:text-gray-300 mb-2">
+
-                                                Cidade
+                                        <div>
-                                            </label>
+                                            <Input
-                                            <input
+                                                label="Cidade"
-                                                type="text"
                                                 value={agencyData.city}
                                                 readOnly
-                                                className="w-full px-4 py-2 border border-gray-300 dark:border-gray-600 rounded-lg bg-gray-50 dark:bg-gray-800 text-gray-900 dark:text-white focus:outline-none cursor-not-allowed"
+                                                className="bg-gray-50 dark:bg-gray-800 cursor-not-allowed"
                                             />
                                         </div>
 
                                         <div>
-                                            <label className="block text-sm font-medium text-gray-700 dark:text-gray-300 mb-2">
+                                            <Input
-                                                Bairro
+                                                label="Bairro"
-                                            </label>
-                                            <input
-                                                type="text"
                                                 value={agencyData.neighborhood}
                                                 readOnly
-                                                className="w-full px-4 py-2 border border-gray-300 dark:border-gray-600 rounded-lg bg-gray-50 dark:bg-gray-800 text-gray-900 dark:text-white focus:outline-none cursor-not-allowed"
+                                                className="bg-gray-50 dark:bg-gray-800 cursor-not-allowed"
                                             />
-                                        </div>                                                <div className="md:col-span-2">
+                                        </div>
-                                            <label className="block text-sm font-medium text-gray-700 dark:text-gray-300 mb-2">
+
-                                                Rua/Avenida
+                                        <div className="md:col-span-2">
-                                            </label>
+                                            <Input
-                                            <input
+                                                label="Rua/Avenida"
-                                                type="text"
                                                 value={agencyData.street}
                                                 readOnly
-                                                className="w-full px-4 py-2 border border-gray-300 dark:border-gray-600 rounded-lg bg-gray-50 dark:bg-gray-800 text-gray-900 dark:text-white focus:outline-none cursor-not-allowed"
+                                                className="bg-gray-50 dark:bg-gray-800 cursor-not-allowed"
-                                            />
-                                        </div>                                        <div>
-                                            <label className="block text-sm font-medium text-gray-700 dark:text-gray-300 mb-2">
-                                                Número
-                                            </label>
-                                            <input
-                                                type="text"
-                                                value={agencyData.number}
-                                                onChange={(e) => setAgencyData({ ...agencyData, number: e.target.value })}
-                                                className="w-full px-4 py-2 border border-gray-300 dark:border-gray-600 rounded-lg bg-white dark:bg-gray-900 text-gray-900 dark:text-white focus:ring-2 focus:ring-gray-400 dark:focus:ring-gray-600 focus:outline-none"
                                             />
                                         </div>
 
                                         <div>
-                                            <label className="block text-sm font-medium text-gray-700 dark:text-gray-300 mb-2">
+                                            <Input
-                                                Complemento (opcional)
+                                                label="Número"
-                                            </label>
+                                                value={agencyData.number}
-                                            <input
+                                                onChange={(e) => setAgencyData({ ...agencyData, number: e.target.value })}
-                                                type="text"
+                                                placeholder="123"
+                                            />
+                                        </div>
+
+                                        <div>
+                                            <Input
+                                                label="Complemento (opcional)"
                                                 value={agencyData.complement}
                                                 onChange={(e) => setAgencyData({ ...agencyData, complement: e.target.value })}
-                                                className="w-full px-4 py-2 border border-gray-300 dark:border-gray-600 rounded-lg bg-white dark:bg-gray-900 text-gray-900 dark:text-white focus:ring-2 focus:ring-gray-400 dark:focus:ring-gray-600 focus:outline-none"
+                                                placeholder="Apto 101, Bloco B"
                                             />
                                         </div>
                                     </div>
 
                                     <div className="mt-6 flex justify-end">
-                                        <button
+                                        <Button
                                             onClick={handleSaveAgency}
-                                            className="px-6 py-2 rounded-lg text-white font-medium transition-all hover:scale-105"
+                                            variant="primary"
-                                            style={{ background: 'var(--gradient-primary)' }}
+                                            size="lg"
                                         >
                                             Salvar Alterações
-                                        </button>
+                                        </Button>
                                     </div>
                                 </div>
                             </Tab.Panel>
@@ -789,7 +826,7 @@ export default function ConfiguracoesPage() {
                                                             className="hidden"
                                                             disabled={uploadingLogo}
                                                         />
-                                                        <div className="border-2 border-dashed border-gray-300 dark:border-gray-600 rounded-xl p-8 text-center hover:border-gray-400 dark:hover:border-gray-500 transition-colors bg-gray-50/50 dark:bg-gray-900/50">
+                                                        <div className="border-2 border-dashed border-gray-200 dark:border-gray-600 rounded-xl p-8 text-center hover:border-gray-400 dark:hover:border-gray-500 transition-colors bg-gray-50/50 dark:bg-gray-900/50">
                                                             <div className="flex flex-col items-center">
                                                                 <div className="w-16 h-16 rounded-full bg-gray-100 dark:bg-gray-800 flex items-center justify-center mb-4">
                                                                     <PhotoIcon className="w-8 h-8 text-gray-400 dark:text-gray-500" />
@@ -897,7 +934,7 @@ export default function ConfiguracoesPage() {
                                                             className="hidden"
                                                             disabled={uploadingLogo}
                                                         />
-                                                        <div className="border-2 border-dashed border-gray-300 dark:border-gray-600 rounded-xl p-8 text-center hover:border-gray-400 dark:hover:border-gray-500 transition-colors bg-gray-50/50 dark:bg-gray-900/50">
+                                                        <div className="border-2 border-dashed border-gray-200 dark:border-gray-600 rounded-xl p-8 text-center hover:border-gray-400 dark:hover:border-gray-500 transition-colors bg-gray-50/50 dark:bg-gray-900/50">
                                                             <div className="flex flex-col items-center">
                                                                 <div className="w-16 h-16 rounded-full bg-gray-100 dark:bg-gray-800 flex items-center justify-center mb-4">
                                                                     <PhotoIcon className="w-8 h-8 text-gray-400 dark:text-gray-500" />
@@ -928,6 +965,69 @@ export default function ConfiguracoesPage() {
                                                 )}
                                             </div>
                                         </div>
+
+                                        {/* Cores da Marca */}
+                                        <div className="pt-6 border-t border-gray-200 dark:border-gray-700">
+                                            <h3 className="text-lg font-semibold text-gray-900 dark:text-white mb-4">
+                                                Personalização de Cores
+                                            </h3>
+                                            <div className="grid grid-cols-1 md:grid-cols-2 gap-6">
+                                                <div>
+                                                    <div className="flex items-end gap-3">
+                                                        <div className="relative w-[50px] h-[42px] rounded-lg overflow-hidden border border-gray-200 dark:border-gray-700 shadow-sm shrink-0 mb-[2px]">
+                                                            <input
+                                                                type="color"
+                                                                value={agencyData.primaryColor}
+                                                                onChange={(e) => setAgencyData({ ...agencyData, primaryColor: e.target.value })}
+                                                                className="absolute -top-2 -left-2 w-24 h-24 cursor-pointer p-0 border-0"
+                                                            />
+                                                        </div>
+                                                        <div className="flex-1">
+                                                            <Input
+                                                                label="Cor Primária"
+                                                                type="text"
+                                                                value={agencyData.primaryColor}
+                                                                onChange={(e) => setAgencyData({ ...agencyData, primaryColor: e.target.value })}
+                                                                className="uppercase"
+                                                                maxLength={7}
+                                                            />
+                                                        </div>
+                                                    </div>
+                                                </div>
+                                                <div>
+                                                    <div className="flex items-end gap-3">
+                                                        <div className="relative w-[50px] h-[42px] rounded-lg overflow-hidden border border-gray-200 dark:border-gray-700 shadow-sm shrink-0 mb-[2px]">
+                                                            <input
+                                                                type="color"
+                                                                value={agencyData.secondaryColor}
+                                                                onChange={(e) => setAgencyData({ ...agencyData, secondaryColor: e.target.value })}
+                                                                className="absolute -top-2 -left-2 w-24 h-24 cursor-pointer p-0 border-0"
+                                                            />
+                                                        </div>
+                                                        <div className="flex-1">
+                                                            <Input
+                                                                label="Cor Secundária"
+                                                                type="text"
+                                                                value={agencyData.secondaryColor}
+                                                                onChange={(e) => setAgencyData({ ...agencyData, secondaryColor: e.target.value })}
+                                                                className="uppercase"
+                                                                maxLength={7}
+                                                            />
+                                                        </div>
+                                                    </div>
+                                                </div>
+                                            </div>
+                                            <div className="mt-6 flex justify-end">
+                                                <Button
+                                                    onClick={handleSaveAgency}
+                                                    variant="primary"
+                                                    isLoading={saving}
+                                                    style={{ backgroundColor: agencyData.primaryColor }}
+                                                >
+                                                    Salvar Cores
+                                                </Button>
+                                            </div>
+                                        </div>
                                     </div>
 
                                     {/* Info adicional */}
@@ -941,19 +1041,7 @@ export default function ConfiguracoesPage() {
 
                             {/* Tab 3: Equipe */}
                             <Tab.Panel className="rounded-xl bg-white dark:bg-gray-800 p-6 border border-gray-200 dark:border-gray-700">
-                                <h2 className="text-lg font-semibold text-gray-900 dark:text-white mb-6">
+                                <TeamManagement />
-                                    Gerenciamento de Equipe
-                                </h2>
-
-                                <div className="text-center py-12">
-                                    <UserGroupIcon className="w-16 h-16 mx-auto text-gray-300 dark:text-gray-600 mb-4" />
-                                    <p className="text-gray-600 dark:text-gray-400 mb-4">
-                                        Em breve: gerenciamento completo de usuários e permissões
-                                    </p>
-                                    <button className="px-6 py-2 bg-gray-900 dark:bg-gray-100 text-white dark:text-gray-900 rounded-lg font-medium hover:scale-105 transition-all">
-                                        Convidar Membro
-                                    </button>
-                                </div>
                             </Tab.Panel>
 
                             {/* Tab 3: Segurança */}
@@ -970,52 +1058,42 @@ export default function ConfiguracoesPage() {
 
                                     <div className="space-y-4">
                                         <div>
-                                            <label className="block text-sm font-medium text-gray-700 dark:text-gray-300 mb-2">
+                                            <Input
-                                                Senha Atual
+                                                label="Senha Atual"
-                                            </label>
-                                            <input
                                                 type="password"
                                                 value={passwordData.currentPassword}
                                                 onChange={(e) => setPasswordData({ ...passwordData, currentPassword: e.target.value })}
-                                                className="w-full px-4 py-2 border border-gray-300 dark:border-gray-600 rounded-lg bg-white dark:bg-gray-900 text-gray-900 dark:text-white focus:ring-2 focus:ring-gray-400 dark:focus:ring-gray-600 focus:outline-none"
                                                 placeholder="Digite sua senha atual"
                                             />
                                         </div>
 
                                         <div>
-                                            <label className="block text-sm font-medium text-gray-700 dark:text-gray-300 mb-2">
+                                            <Input
-                                                Nova Senha
+                                                label="Nova Senha"
-                                            </label>
-                                            <input
                                                 type="password"
                                                 value={passwordData.newPassword}
                                                 onChange={(e) => setPasswordData({ ...passwordData, newPassword: e.target.value })}
-                                                className="w-full px-4 py-2 border border-gray-300 dark:border-gray-600 rounded-lg bg-white dark:bg-gray-900 text-gray-900 dark:text-white focus:ring-2 focus:ring-gray-400 dark:focus:ring-gray-600 focus:outline-none"
                                                 placeholder="Digite a nova senha (mínimo 8 caracteres)"
                                             />
                                         </div>
 
                                         <div>
-                                            <label className="block text-sm font-medium text-gray-700 dark:text-gray-300 mb-2">
+                                            <Input
-                                                Confirmar Nova Senha
+                                                label="Confirmar Nova Senha"
-                                            </label>
-                                            <input
                                                 type="password"
                                                 value={passwordData.confirmPassword}
                                                 onChange={(e) => setPasswordData({ ...passwordData, confirmPassword: e.target.value })}
-                                                className="w-full px-4 py-2 border border-gray-300 dark:border-gray-600 rounded-lg bg-white dark:bg-gray-900 text-gray-900 dark:text-white focus:ring-2 focus:ring-gray-400 dark:focus:ring-gray-600 focus:outline-none"
                                                 placeholder="Digite a nova senha novamente"
                                             />
                                         </div>
 
                                         <div className="pt-4">
-                                            <button
+                                            <Button
                                                 onClick={handleChangePassword}
-                                                className="px-6 py-2 rounded-lg text-white font-medium transition-all hover:scale-105"
+                                                variant="primary"
-                                                style={{ background: 'var(--gradient-primary)' }}
                                             >
                                                 Alterar Senha
-                                            </button>
+                                            </Button>
                                         </div>
                                     </div>
 
@@ -1071,13 +1149,12 @@ export default function ConfiguracoesPage() {
                     <p className="text-center py-4">{successMessage}</p>
                 </Dialog.Body>
                 <Dialog.Footer>
-                    <button
+                    <Button
                         onClick={() => setShowSuccessDialog(false)}
-                        className="px-6 py-2 rounded-lg text-white font-medium transition-all hover:scale-105"
+                        variant="primary"
-                        style={{ background: 'var(--gradient-primary)' }}
                     >
                         OK
-                    </button>
+                    </Button>
                 </Dialog.Footer>
             </Dialog>
 
@@ -1092,12 +1169,12 @@ export default function ConfiguracoesPage() {
                     <p className="mt-3 text-sm text-gray-500">Envie um e-mail para suporte@aggios.app ou abra um chamado para ajuste desses dados.</p>
                 </Dialog.Body>
                 <Dialog.Footer>
-                    <button
+                    <Button
                         onClick={() => setShowSupportDialog(false)}
-                        className="px-4 py-2 bg-gray-900 dark:bg-gray-100 text-white dark:text-gray-900 rounded-lg font-medium hover:scale-105 transition-all"
+                        variant="primary"
                     >
                         Fechar
-                    </button>
+                    </Button>
                 </Dialog.Footer>
             </Dialog>
         </div>

front-end-agency/app/(agency)/contratos/page.tsx

@@ -0,0 +1,16 @@
+'use client';
+
+import { SolutionGuard } from '@/components/auth/SolutionGuard';
+
+export default function ContratosPage() {
+    return (
+        <SolutionGuard requiredSolution="contratos">
+            <div className="p-6">
+                <h1 className="text-2xl font-bold text-gray-900 dark:text-white mb-4">Contratos</h1>
+                <div className="bg-white dark:bg-gray-900 rounded-xl border border-gray-200 dark:border-gray-800 p-8 text-center">
+                    <p className="text-gray-500">Gestão de Contratos e Assinaturas em breve</p>
+                </div>
+            </div>
+        </SolutionGuard>
+    );
+}

front-end-agency/app/(agency)/crm/campanhas/[id]/page.tsx

@@ -0,0 +1,624 @@
+"use client";
+
+import { Fragment, useEffect, useState, use } from 'react';
+import { Tab, Menu, Transition } from '@headlessui/react';
+import {
+    UserGroupIcon,
+    InformationCircleIcon,
+    CreditCardIcon,
+    ArrowLeftIcon,
+    PlusIcon,
+    MagnifyingGlassIcon,
+    FunnelIcon,
+    EllipsisVerticalIcon,
+    PencilIcon,
+    TrashIcon,
+    EnvelopeIcon,
+    PhoneIcon,
+    TagIcon,
+    CalendarIcon,
+    UserIcon,
+    ArrowDownTrayIcon,
+    BriefcaseIcon,
+} from '@heroicons/react/24/outline';
+import Link from 'next/link';
+import { useToast } from '@/components/layout/ToastContext';
+import KanbanBoard from '@/components/crm/KanbanBoard';
+
+interface Lead {
+    id: string;
+    name: string;
+    email: string;
+    phone: string;
+    status: string;
+    created_at: string;
+    tags: string[];
+}
+
+interface Campaign {
+    id: string;
+    name: string;
+    description: string;
+    color: string;
+    customer_id: string;
+    customer_name: string;
+    lead_count: number;
+    created_at: string;
+}
+
+const STATUS_OPTIONS = [
+    { value: 'novo', label: 'Novo', color: 'bg-blue-100 text-blue-800 dark:bg-blue-900 dark:text-blue-200' },
+    { value: 'qualificado', label: 'Qualificado', color: 'bg-green-100 text-green-800 dark:bg-green-900 dark:text-green-200' },
+    { value: 'negociacao', label: 'Em Negociação', color: 'bg-yellow-100 text-yellow-800 dark:bg-yellow-900 dark:text-yellow-200' },
+    { value: 'convertido', label: 'Convertido', color: 'bg-purple-100 text-purple-800 dark:bg-purple-900 dark:text-purple-200' },
+    { value: 'perdido', label: 'Perdido', color: 'bg-red-100 text-red-800 dark:bg-red-900 dark:text-red-200' },
+];
+
+function classNames(...classes: string[]) {
+    return classes.filter(Boolean).join(' ');
+}
+
+export default function CampaignDetailPage({ params }: { params: Promise<{ id: string }> }) {
+    const { id } = use(params);
+    const toast = useToast();
+    const [campaign, setCampaign] = useState<Campaign | null>(null);
+    const [leads, setLeads] = useState<Lead[]>([]);
+    const [loading, setLoading] = useState(true);
+    const [searchTerm, setSearchTerm] = useState('');
+    const [funnels, setFunnels] = useState<any[]>([]);
+    const [selectedFunnelId, setSelectedFunnelId] = useState<string>('');
+
+    useEffect(() => {
+        fetchCampaignDetails();
+        fetchCampaignLeads();
+        fetchFunnels();
+    }, [id]);
+
+    const fetchFunnels = async () => {
+        try {
+            const response = await fetch('/api/crm/funnels', {
+                headers: { 'Authorization': `Bearer ${localStorage.getItem('token')}` }
+            });
+            if (response.ok) {
+                const data = await response.json();
+                setFunnels(data.funnels || []);
+                if (data.funnels?.length > 0) {
+                    setSelectedFunnelId(data.funnels[0].id);
+                }
+            }
+        } catch (error) {
+            console.error('Error fetching funnels:', error);
+        }
+    };
+
+    const fetchCampaignDetails = async () => {
+        try {
+            const response = await fetch(`/api/crm/lists`, {
+                headers: {
+                    'Authorization': `Bearer ${localStorage.getItem('token')}`,
+                },
+            });
+            if (response.ok) {
+                const data = await response.json();
+                const found = data.lists?.find((l: Campaign) => l.id === id);
+                if (found) {
+                    setCampaign(found);
+                }
+            }
+        } catch (error) {
+            console.error('Error fetching campaign details:', error);
+        }
+    };
+
+    const fetchCampaignLeads = async () => {
+        try {
+            const response = await fetch(`/api/crm/lists/${id}/leads`, {
+                headers: {
+                    'Authorization': `Bearer ${localStorage.getItem('token')}`,
+                },
+            });
+            if (response.ok) {
+                const data = await response.json();
+                setLeads(data.leads || []);
+            }
+        } catch (error) {
+            console.error('Error fetching leads:', error);
+        } finally {
+            setLoading(false);
+        }
+    };
+
+    const filteredLeads = leads.filter(lead =>
+        (lead.name?.toLowerCase() || '').includes(searchTerm.toLowerCase()) ||
+        (lead.email?.toLowerCase() || '').includes(searchTerm.toLowerCase())
+    );
+
+    const handleExport = async (format: 'csv' | 'xlsx' | 'json') => {
+        try {
+            const token = localStorage.getItem('token');
+            const response = await fetch(`/api/crm/leads/export?format=${format}&campaign_id=${id}`, {
+                headers: { 'Authorization': `Bearer ${token}` }
+            });
+
+            if (response.ok) {
+                const blob = await response.blob();
+                const url = window.URL.createObjectURL(blob);
+                const a = document.createElement('a');
+                a.href = url;
+                a.download = `leads-${campaign?.name || 'campaign'}.${format === 'xlsx' ? 'xlsx' : format}`;
+                document.body.appendChild(a);
+                a.click();
+                window.URL.revokeObjectURL(url);
+                document.body.removeChild(a);
+                toast.success('Exportado com sucesso!');
+            } else {
+                toast.error('Erro ao exportar leads');
+            }
+        } catch (error) {
+            console.error('Export error:', error);
+            toast.error('Erro ao exportar');
+        }
+    };
+
+    if (loading && !campaign) {
+        return (
+            <div className="flex items-center justify-center min-h-screen">
+                <div className="animate-spin rounded-full h-12 w-12 border-b-2 border-brand-500"></div>
+            </div>
+        );
+    }
+
+    if (!campaign) {
+        return (
+            <div className="p-8 text-center">
+                <h2 className="text-2xl font-bold text-zinc-900 dark:text-white">Campanha não encontrada</h2>
+                <Link href="/crm/campanhas" className="mt-4 inline-flex items-center text-brand-500 hover:underline">
+                    <ArrowLeftIcon className="w-4 h-4 mr-2" />
+                    Voltar para Campanhas
+                </Link>
+            </div>
+        );
+    }
+
+    return (
+        <div className="p-6 max-w-[1600px] mx-auto space-y-6">
+            {/* Header */}
+            <div className="flex flex-col gap-4">
+                <Link
+                    href="/crm/campanhas"
+                    className="inline-flex items-center text-sm text-zinc-500 hover:text-zinc-900 dark:hover:text-zinc-300 transition-colors"
+                >
+                    <ArrowLeftIcon className="w-4 h-4 mr-2" />
+                    Voltar para Campanhas
+                </Link>
+
+                <div className="flex flex-col sm:flex-row sm:items-center justify-between gap-4">
+                    <div className="flex items-center gap-4">
+                        <div
+                            className="w-14 h-14 rounded-2xl flex items-center justify-center text-white shadow-lg"
+                            style={{ backgroundColor: campaign.color }}
+                        >
+                            <UserGroupIcon className="w-8 h-8" />
+                        </div>
+                        <div>
+                            <h1 className="text-2xl font-bold text-zinc-900 dark:text-white tracking-tight">
+                                {campaign.name}
+                            </h1>
+                            <div className="flex items-center gap-2 mt-1">
+                                {campaign.customer_name ? (
+                                    <span className="inline-flex items-center px-2 py-0.5 rounded text-[10px] font-bold uppercase tracking-wider bg-brand-50 text-brand-700 dark:bg-brand-900/20 dark:text-brand-400 border border-brand-100 dark:border-brand-800/50">
+                                        {campaign.customer_name}
+                                    </span>
+                                ) : (
+                                    <span className="inline-flex items-center px-2 py-0.5 rounded text-[10px] font-bold uppercase tracking-wider bg-zinc-100 text-zinc-600 dark:bg-zinc-800 dark:text-zinc-400 border border-zinc-200 dark:border-zinc-700">
+                                        Geral
+                                    </span>
+                                )}
+                                <span className="text-zinc-400 text-xs">•</span>
+                                <span className="text-xs text-zinc-500 dark:text-zinc-400">
+                                    {leads.length} leads vinculados
+                                </span>
+                            </div>
+                        </div>
+                    </div>
+
+                    <div className="flex items-center gap-3">
+                        <div className="relative inline-block text-left">
+                            <Menu>
+                                <Menu.Button className="inline-flex items-center justify-center gap-2 px-4 py-2 text-sm font-medium text-zinc-700 dark:text-zinc-300 bg-white dark:bg-zinc-900 border border-zinc-200 dark:border-zinc-800 rounded-lg hover:bg-zinc-50 dark:hover:bg-zinc-800 transition-colors">
+                                    <ArrowDownTrayIcon className="w-4 h-4" />
+                                    Exportar
+                                </Menu.Button>
+                                <Transition
+                                    as={Fragment}
+                                    enter="transition ease-out duration-100"
+                                    enterFrom="transform opacity-0 scale-95"
+                                    enterTo="transform opacity-100 scale-100"
+                                    leave="transition ease-in duration-75"
+                                    leaveFrom="transform opacity-100 scale-100"
+                                    leaveTo="transform opacity-0 scale-95"
+                                >
+                                    <Menu.Items className="absolute right-0 mt-2 w-48 origin-top-right divide-y divide-zinc-100 dark:divide-zinc-800 rounded-xl bg-white dark:bg-zinc-900 shadow-lg ring-1 ring-black ring-opacity-5 focus:outline-none z-50 border border-zinc-200 dark:border-zinc-800">
+                                        <div className="px-1 py-1">
+                                            <Menu.Item>
+                                                {({ active }) => (
+                                                    <button
+                                                        onClick={() => handleExport('csv')}
+                                                        className={`${active ? 'bg-zinc-50 dark:bg-zinc-800' : ''} group flex w-full items-center rounded-lg px-3 py-2 text-sm text-zinc-700 dark:text-zinc-300`}
+                                                    >
+                                                        Exportar como CSV
+                                                    </button>
+                                                )}
+                                            </Menu.Item>
+                                            <Menu.Item>
+                                                {({ active }) => (
+                                                    <button
+                                                        onClick={() => handleExport('xlsx')}
+                                                        className={`${active ? 'bg-zinc-50 dark:bg-zinc-800' : ''} group flex w-full items-center rounded-lg px-3 py-2 text-sm text-zinc-700 dark:text-zinc-300`}
+                                                    >
+                                                        Exportar como Excel
+                                                    </button>
+                                                )}
+                                            </Menu.Item>
+                                            <Menu.Item>
+                                                {({ active }) => (
+                                                    <button
+                                                        onClick={() => handleExport('json')}
+                                                        className={`${active ? 'bg-zinc-50 dark:bg-zinc-800' : ''} group flex w-full items-center rounded-lg px-3 py-2 text-sm text-zinc-700 dark:text-zinc-300`}
+                                                    >
+                                                        Exportar como JSON
+                                                    </button>
+                                                )}
+                                            </Menu.Item>
+                                        </div>
+                                    </Menu.Items>
+                                </Transition>
+                            </Menu>
+                        </div>
+                        <button className="px-4 py-2 text-sm font-medium text-zinc-700 dark:text-zinc-300 bg-white dark:bg-zinc-900 border border-zinc-200 dark:border-zinc-800 rounded-lg hover:bg-zinc-50 dark:hover:bg-zinc-800 transition-colors">
+                            Editar Campanha
+                        </button>
+                        <Link
+                            href={`/crm/leads/importar?campaign=${campaign.id}`}
+                            className="inline-flex items-center justify-center gap-2 px-4 py-2 text-sm font-medium text-white rounded-lg hover:opacity-90 transition-opacity"
+                            style={{ background: 'var(--gradient)' }}
+                        >
+                            <PlusIcon className="w-4 h-4" />
+                            Importar Leads
+                        </Link>
+                    </div>
+                </div>
+            </div>
+
+            {/* Tabs */}
+            <Tab.Group>
+                <Tab.List className="flex space-x-1 rounded-xl bg-zinc-100 dark:bg-zinc-800/50 p-1 max-w-lg">
+                    <Tab className={({ selected }) =>
+                        classNames(
+                            'w-full rounded-lg py-2.5 text-sm font-medium leading-5 transition-all duration-200',
+                            'ring-white ring-opacity-60 ring-offset-2 ring-offset-brand-400 focus:outline-none',
+                            selected
+                                ? 'bg-white dark:bg-zinc-900 text-brand-600 dark:text-brand-400 shadow-sm'
+                                : 'text-zinc-500 hover:text-zinc-700 dark:text-zinc-400 dark:hover:text-zinc-200 hover:bg-white/[0.12]'
+                        )
+                    }>
+                        <div className="flex items-center justify-center gap-2">
+                            <FunnelIcon className="w-4 h-4" />
+                            Monitoramento
+                        </div>
+                    </Tab>
+                    <Tab className={({ selected }) =>
+                        classNames(
+                            'w-full rounded-lg py-2.5 text-sm font-medium leading-5 transition-all duration-200',
+                            'ring-white ring-opacity-60 ring-offset-2 ring-offset-brand-400 focus:outline-none',
+                            selected
+                                ? 'bg-white dark:bg-zinc-900 text-brand-600 dark:text-brand-400 shadow-sm'
+                                : 'text-zinc-500 hover:text-zinc-700 dark:text-zinc-400 dark:hover:text-zinc-200 hover:bg-white/[0.12]'
+                        )
+                    }>
+                        <div className="flex items-center justify-center gap-2">
+                            <UserGroupIcon className="w-4 h-4" />
+                            Leads
+                        </div>
+                    </Tab>
+                    <Tab className={({ selected }) =>
+                        classNames(
+                            'w-full rounded-lg py-2.5 text-sm font-medium leading-5 transition-all duration-200',
+                            'ring-white ring-opacity-60 ring-offset-2 ring-offset-brand-400 focus:outline-none',
+                            selected
+                                ? 'bg-white dark:bg-zinc-900 text-brand-600 dark:text-brand-400 shadow-sm'
+                                : 'text-zinc-500 hover:text-zinc-700 dark:text-zinc-400 dark:hover:text-zinc-200 hover:bg-white/[0.12]'
+                        )
+                    }>
+                        <div className="flex items-center justify-center gap-2">
+                            <InformationCircleIcon className="w-4 h-4" />
+                            Informações
+                        </div>
+                    </Tab>
+                    <Tab className={({ selected }) =>
+                        classNames(
+                            'w-full rounded-lg py-2.5 text-sm font-medium leading-5 transition-all duration-200',
+                            'ring-white ring-opacity-60 ring-offset-2 ring-offset-brand-400 focus:outline-none',
+                            selected
+                                ? 'bg-white dark:bg-zinc-900 text-brand-600 dark:text-brand-400 shadow-sm'
+                                : 'text-zinc-500 hover:text-zinc-700 dark:text-zinc-400 dark:hover:text-zinc-200 hover:bg-white/[0.12]'
+                        )
+                    }>
+                        <div className="flex items-center justify-center gap-2">
+                            <CreditCardIcon className="w-4 h-4" />
+                            Pagamentos
+                        </div>
+                    </Tab>
+                </Tab.List>
+
+                <Tab.Panels className="mt-6">
+                    {/* Monitoramento Panel */}
+                    <Tab.Panel className="space-y-6">
+                        {funnels.length > 0 ? (
+                            <div className="flex flex-col h-full">
+                                <div className="flex items-center justify-between mb-6">
+                                    <div className="flex items-center gap-4">
+                                        <div className="p-2 bg-brand-50 dark:bg-brand-900/20 rounded-lg">
+                                            <FunnelIcon className="h-5 w-5 text-brand-600 dark:text-brand-400" />
+                                        </div>
+                                        <div>
+                                            <h3 className="text-sm font-bold text-zinc-900 dark:text-white uppercase tracking-wider">Monitoramento de Leads</h3>
+                                            <p className="text-xs text-zinc-500 dark:text-zinc-400">Acompanhe o progresso dos leads desta campanha no funil.</p>
+                                        </div>
+                                    </div>
+
+                                    <div className="flex items-center gap-3">
+                                        <label className="text-xs font-bold text-zinc-500 uppercase">Funil:</label>
+                                        <select
+                                            value={selectedFunnelId}
+                                            onChange={(e) => setSelectedFunnelId(e.target.value)}
+                                            className="bg-white dark:bg-zinc-900 border border-zinc-200 dark:border-zinc-800 rounded-lg px-3 py-1.5 text-sm font-medium focus:ring-2 focus:ring-brand-500/20 outline-none"
+                                        >
+                                            {funnels.map(f => (
+                                                <option key={f.id} value={f.id}>{f.name}</option>
+                                            ))}
+                                        </select>
+                                    </div>
+                                </div>
+
+                                <div className="flex-1 min-h-[600px]">
+                                    <KanbanBoard funnelId={selectedFunnelId} campaignId={id} />
+                                </div>
+                            </div>
+                        ) : (
+                            <div className="flex flex-col items-center justify-center h-64 bg-white dark:bg-zinc-900 rounded-xl border border-zinc-200 dark:border-zinc-800 text-center p-8">
+                                <div className="w-16 h-16 bg-zinc-50 dark:bg-zinc-800 rounded-full flex items-center justify-center mb-4">
+                                    <FunnelIcon className="w-8 h-8 text-zinc-400" />
+                                </div>
+                                <h3 className="text-lg font-medium text-zinc-900 dark:text-white mb-1">
+                                    Nenhum funil configurado
+                                </h3>
+                                <p className="text-zinc-500 dark:text-zinc-400 max-w-sm mx-auto">
+                                    Configure um funil de vendas para começar a monitorar os leads desta campanha.
+                                </p>
+                                <Link href="/crm/funis" className="mt-4 text-brand-600 font-medium hover:underline">
+                                    Configurar Funis
+                                </Link>
+                            </div>
+                        )}
+                    </Tab.Panel>
+
+                    {/* Leads Panel */}
+                    <Tab.Panel className="space-y-6">
+                        <div className="flex flex-col sm:flex-row sm:items-center justify-between gap-4">
+                            <div className="relative w-full lg:w-96">
+                                <div className="absolute inset-y-0 left-0 pl-3 flex items-center pointer-events-none">
+                                    <MagnifyingGlassIcon className="h-5 w-5 text-zinc-400" aria-hidden="true" />
+                                </div>
+                                <input
+                                    type="text"
+                                    className="block w-full pl-10 pr-3 py-2 border border-zinc-200 dark:border-zinc-700 rounded-lg leading-5 bg-white dark:bg-zinc-900 text-zinc-900 dark:text-zinc-100 placeholder-zinc-400 focus:outline-none focus:ring-1 focus:ring-[var(--brand-color)] focus:border-[var(--brand-color)] sm:text-sm transition duration-150 ease-in-out"
+                                    placeholder="Buscar leads nesta campanha..."
+                                    value={searchTerm}
+                                    onChange={(e) => setSearchTerm(e.target.value)}
+                                />
+                            </div>
+                            <div className="flex items-center gap-2">
+                                <button className="inline-flex items-center gap-2 px-3 py-2 text-sm font-medium text-zinc-700 dark:text-zinc-300 bg-white dark:bg-zinc-900 border border-zinc-200 dark:border-zinc-800 rounded-lg hover:bg-zinc-50 dark:hover:bg-zinc-800 transition-colors">
+                                    <FunnelIcon className="w-4 h-4" />
+                                    Filtros
+                                </button>
+                            </div>
+                        </div>
+
+                        {filteredLeads.length === 0 ? (
+                            <div className="flex flex-col items-center justify-center h-64 bg-white dark:bg-zinc-900 rounded-xl border border-zinc-200 dark:border-zinc-800 text-center p-8">
+                                <div className="w-16 h-16 bg-zinc-50 dark:bg-zinc-800 rounded-full flex items-center justify-center mb-4">
+                                    <UserGroupIcon className="w-8 h-8 text-zinc-400" />
+                                </div>
+                                <h3 className="text-lg font-medium text-zinc-900 dark:text-white mb-1">
+                                    Nenhum lead encontrado
+                                </h3>
+                                <p className="text-zinc-500 dark:text-zinc-400 max-w-sm mx-auto">
+                                    {searchTerm ? 'Nenhum lead corresponde à sua busca.' : 'Esta campanha ainda não possui leads vinculados.'}
+                                </p>
+                            </div>
+                        ) : (
+                            <div className="grid grid-cols-1 md:grid-cols-2 lg:grid-cols-3 gap-4">
+                                {filteredLeads.map((lead) => (
+                                    <div key={lead.id} className="bg-white dark:bg-zinc-900 rounded-xl border border-zinc-200 dark:border-zinc-800 p-4 hover:shadow-md transition-shadow">
+                                        <div className="flex items-start justify-between mb-3">
+                                            <div className="flex-1 min-w-0">
+                                                <h3 className="font-semibold text-zinc-900 dark:text-white truncate">
+                                                    {lead.name || 'Sem nome'}
+                                                </h3>
+                                                <span className={classNames(
+                                                    'inline-block px-2 py-0.5 text-[10px] font-bold uppercase tracking-wider rounded-full mt-1',
+                                                    STATUS_OPTIONS.find(s => s.value === lead.status)?.color || 'bg-zinc-100 text-zinc-800'
+                                                )}>
+                                                    {STATUS_OPTIONS.find(s => s.value === lead.status)?.label || lead.status}
+                                                </span>
+                                            </div>
+                                            <button className="p-1 hover:bg-zinc-100 dark:hover:bg-zinc-800 rounded text-zinc-400">
+                                                <EllipsisVerticalIcon className="w-5 h-5" />
+                                            </button>
+                                        </div>
+
+                                        <div className="space-y-2 text-sm">
+                                            {lead.email && (
+                                                <div className="flex items-center gap-2 text-zinc-600 dark:text-zinc-400">
+                                                    <EnvelopeIcon className="w-4 h-4 flex-shrink-0" />
+                                                    <span className="truncate">{lead.email}</span>
+                                                </div>
+                                            )}
+                                            {lead.phone && (
+                                                <div className="flex items-center gap-2 text-zinc-600 dark:text-zinc-400">
+                                                    <PhoneIcon className="w-4 h-4 flex-shrink-0" />
+                                                    <span>{lead.phone}</span>
+                                                </div>
+                                            )}
+                                        </div>
+
+                                        <div className="mt-4 pt-4 border-t border-zinc-100 dark:border-zinc-800 flex items-center justify-between">
+                                            <div className="flex items-center gap-1 text-[10px] text-zinc-400 uppercase font-bold tracking-widest">
+                                                <CalendarIcon className="w-3 h-3" />
+                                                {new Date(lead.created_at).toLocaleDateString('pt-BR')}
+                                            </div>
+                                            <button className="text-xs font-semibold text-brand-600 dark:text-brand-400 hover:underline">
+                                                Ver Detalhes
+                                            </button>
+                                        </div>
+                                    </div>
+                                ))}
+                            </div>
+                        )}
+                    </Tab.Panel>
+
+                    {/* Info Panel */}
+                    <Tab.Panel>
+                        <div className="grid grid-cols-1 lg:grid-cols-3 gap-6">
+                            <div className="lg:col-span-2 space-y-6">
+                                <div className="bg-white dark:bg-zinc-900 rounded-2xl border border-zinc-200 dark:border-zinc-800 overflow-hidden">
+                                    <div className="p-6 border-b border-zinc-100 dark:border-zinc-800">
+                                        <h3 className="text-lg font-bold text-zinc-900 dark:text-white">Detalhes da Campanha</h3>
+                                    </div>
+                                    <div className="p-6 space-y-6">
+                                        <div>
+                                            <label className="block text-xs font-bold text-zinc-400 uppercase tracking-widest mb-2">Descrição</label>
+                                            <p className="text-zinc-600 dark:text-zinc-400">
+                                                {campaign.description || 'Nenhuma descrição fornecida para esta campanha.'}
+                                            </p>
+                                        </div>
+
+                                        <div className="grid grid-cols-1 sm:grid-cols-2 gap-6">
+                                            <div>
+                                                <label className="block text-xs font-bold text-zinc-400 uppercase tracking-widest mb-2">Data de Criação</label>
+                                                <div className="flex items-center gap-2 text-zinc-900 dark:text-white">
+                                                    <CalendarIcon className="w-5 h-5 text-zinc-400" />
+                                                    {new Date(campaign.created_at).toLocaleDateString('pt-BR', { day: '2-digit', month: 'long', year: 'numeric' })}
+                                                </div>
+                                            </div>
+                                            <div>
+                                                <label className="block text-xs font-bold text-zinc-400 uppercase tracking-widest mb-2">Cor de Identificação</label>
+                                                <div className="flex items-center gap-2">
+                                                    <div className="w-6 h-6 rounded-full shadow-sm" style={{ backgroundColor: campaign.color }}></div>
+                                                    <span className="text-zinc-900 dark:text-white font-medium">{campaign.color}</span>
+                                                </div>
+                                            </div>
+                                        </div>
+                                    </div>
+                                </div>
+
+                                <div className="bg-white dark:bg-zinc-900 rounded-2xl border border-zinc-200 dark:border-zinc-800 overflow-hidden">
+                                    <div className="p-6 border-b border-zinc-100 dark:border-zinc-800">
+                                        <h3 className="text-lg font-bold text-zinc-900 dark:text-white">Configurações de Integração</h3>
+                                    </div>
+                                    <div className="p-6">
+                                        <div className="bg-zinc-50 dark:bg-zinc-800/50 rounded-xl p-4 border border-zinc-200 dark:border-zinc-700">
+                                            <div className="flex items-start gap-3">
+                                                <InformationCircleIcon className="w-5 h-5 text-brand-500 mt-0.5" />
+                                                <div>
+                                                    <h4 className="text-sm font-bold text-zinc-900 dark:text-white">Webhook de Entrada</h4>
+                                                    <p className="text-xs text-zinc-500 dark:text-zinc-400 mt-1">
+                                                        Use este endpoint para enviar leads automaticamente de outras plataformas (Typeform, Elementor, etc).
+                                                    </p>
+                                                    <div className="mt-3 flex items-center gap-2">
+                                                        <code className="flex-1 block p-2 bg-white dark:bg-zinc-900 border border-zinc-200 dark:border-zinc-700 rounded text-[10px] text-zinc-600 dark:text-zinc-400 overflow-x-auto">
+                                                            https://api.aggios.app/v1/webhooks/leads/{campaign.id}
+                                                        </code>
+                                                        <button className="p-2 text-zinc-400 hover:text-brand-500 transition-colors">
+                                                            <TagIcon className="w-4 h-4" />
+                                                        </button>
+                                                    </div>
+                                                </div>
+                                            </div>
+                                        </div>
+                                    </div>
+                                </div>
+                            </div>
+
+                            <div className="space-y-6">
+                                <div className="bg-white dark:bg-zinc-900 rounded-2xl border border-zinc-200 dark:border-zinc-800 p-6">
+                                    <h3 className="text-lg font-bold text-zinc-900 dark:text-white mb-4">Cliente Responsável</h3>
+                                    {campaign.customer_id ? (
+                                        <div className="space-y-4">
+                                            <div className="flex items-center gap-3">
+                                                <div className="w-10 h-10 rounded-full bg-brand-100 dark:bg-brand-900/30 flex items-center justify-center text-brand-600 dark:text-brand-400">
+                                                    <UserIcon className="w-6 h-6" />
+                                                </div>
+                                                <div>
+                                                    <p className="text-sm font-bold text-zinc-900 dark:text-white">{campaign.customer_name}</p>
+                                                    <p className="text-xs text-zinc-500">Cliente Ativo</p>
+                                                </div>
+                                            </div>
+                                            <Link
+                                                href={`/crm/clientes?id=${campaign.customer_id}`}
+                                                className="w-full flex items-center justify-center gap-2 px-4 py-2 bg-zinc-50 dark:bg-zinc-800 text-zinc-700 dark:text-zinc-300 text-xs font-bold rounded-lg hover:bg-zinc-100 dark:hover:bg-zinc-700 transition-colors"
+                                            >
+                                                <BriefcaseIcon className="w-4 h-4" />
+                                                Ver Perfil do Cliente
+                                            </Link>
+                                        </div>
+                                    ) : (
+                                        <div className="text-center py-4">
+                                            <p className="text-sm text-zinc-500">Esta é uma campanha geral da agência.</p>
+                                        </div>
+                                    )}
+                                </div>
+
+                                <div className="bg-gradient-to-br from-brand-500 to-brand-600 rounded-2xl p-6 text-white shadow-lg">
+                                    <h3 className="text-lg font-bold mb-2">Resumo de Performance</h3>
+                                    <div className="space-y-4 mt-4">
+                                        <div className="flex justify-between items-end">
+                                            <span className="text-xs text-brand-100">Total de Leads</span>
+                                            <span className="text-2xl font-bold">{leads.length}</span>
+                                        </div>
+                                        <div className="w-full bg-white/20 rounded-full h-1.5">
+                                            <div className="bg-white h-1.5 rounded-full" style={{ width: '65%' }}></div>
+                                        </div>
+                                        <p className="text-[10px] text-brand-100">
+                                            +12% em relação ao mês passado
+                                        </p>
+                                    </div>
+                                </div>
+                            </div>
+                        </div>
+                    </Tab.Panel>
+
+                    {/* Payments Panel */}
+                    <Tab.Panel>
+                        <div className="bg-white dark:bg-zinc-900 rounded-2xl border border-zinc-200 dark:border-zinc-800 overflow-hidden">
+                            <div className="p-12 text-center">
+                                <div className="w-20 h-20 bg-zinc-50 dark:bg-zinc-800 rounded-full flex items-center justify-center mx-auto mb-6">
+                                    <CreditCardIcon className="w-10 h-10 text-zinc-400" />
+                                </div>
+                                <h3 className="text-xl font-bold text-zinc-900 dark:text-white mb-2">Módulo de Pagamentos</h3>
+                                <p className="text-zinc-500 dark:text-zinc-400 max-w-md mx-auto mb-8">
+                                    Em breve você poderá gerenciar orçamentos, faturas e pagamentos vinculados diretamente a esta campanha.
+                                </p>
+                                <button className="px-6 py-3 bg-zinc-900 dark:bg-white text-white dark:text-zinc-900 font-bold rounded-xl hover:opacity-90 transition-opacity">
+                                    Solicitar Acesso Antecipado
+                                </button>
+                            </div>
+                        </div>
+                    </Tab.Panel>
+                </Tab.Panels>
+            </Tab.Group>
+        </div>
+    );
+}

front-end-agency/app/(agency)/crm/campanhas/page.tsx

@@ -0,0 +1,622 @@
+"use client";
+
+import { Fragment, useEffect, useState } from 'react';
+import { useRouter } from 'next/navigation';
+import { Menu, Transition } from '@headlessui/react';
+import ConfirmDialog from '@/components/layout/ConfirmDialog';
+import { useToast } from '@/components/layout/ToastContext';
+import Pagination from '@/components/layout/Pagination';
+import { useCRMFilter } from '@/contexts/CRMFilterContext';
+import { SolutionGuard } from '@/components/auth/SolutionGuard';
+import SearchableSelect from '@/components/form/SearchableSelect';
+import {
+    ListBulletIcon,
+    TrashIcon,
+    PencilIcon,
+    EllipsisVerticalIcon,
+    MagnifyingGlassIcon,
+    PlusIcon,
+    XMarkIcon,
+    UserGroupIcon,
+    EyeIcon,
+    CalendarIcon,
+    RectangleStackIcon,
+} from '@heroicons/react/24/outline';
+
+interface List {
+    id: string;
+    tenant_id: string;
+    customer_id: string;
+    customer_name: string;
+    funnel_id?: string;
+    name: string;
+    description: string;
+    color: string;
+    customer_count: number;
+    lead_count: number;
+    created_at: string;
+    updated_at: string;
+}
+
+interface Funnel {
+    id: string;
+    name: string;
+}
+
+interface Customer {
+    id: string;
+    name: string;
+    company: string;
+}
+
+const COLORS = [
+    { name: 'Azul', value: '#3B82F6' },
+    { name: 'Verde', value: '#10B981' },
+    { name: 'Roxo', value: '#8B5CF6' },
+    { name: 'Rosa', value: '#EC4899' },
+    { name: 'Laranja', value: '#F97316' },
+    { name: 'Amarelo', value: '#EAB308' },
+    { name: 'Vermelho', value: '#EF4444' },
+    { name: 'Cinza', value: '#6B7280' },
+];
+
+function CampaignsContent() {
+    const router = useRouter();
+    const toast = useToast();
+    const { selectedCustomerId } = useCRMFilter();
+    console.log('📢 CampaignsPage render, selectedCustomerId:', selectedCustomerId);
+
+    const [lists, setLists] = useState<List[]>([]);
+    const [customers, setCustomers] = useState<Customer[]>([]);
+    const [funnels, setFunnels] = useState<Funnel[]>([]);
+    const [loading, setLoading] = useState(true);
+    const [isModalOpen, setIsModalOpen] = useState(false);
+    const [editingList, setEditingList] = useState<List | null>(null);
+
+    const [confirmOpen, setConfirmOpen] = useState(false);
+    const [listToDelete, setListToDelete] = useState<string | null>(null);
+
+    const [searchTerm, setSearchTerm] = useState('');
+    const [currentPage, setCurrentPage] = useState(1);
+    const itemsPerPage = 10;
+
+    const [formData, setFormData] = useState({
+        name: '',
+        description: '',
+        color: COLORS[0].value,
+        customer_id: '',
+        funnel_id: '',
+    });
+
+    useEffect(() => {
+        console.log('🔄 CampaignsPage useEffect triggered by selectedCustomerId:', selectedCustomerId);
+        fetchLists();
+        fetchCustomers();
+        fetchFunnels();
+    }, [selectedCustomerId]);
+
+    const fetchFunnels = async () => {
+        try {
+            const response = await fetch('/api/crm/funnels', {
+                headers: { 'Authorization': `Bearer ${localStorage.getItem('token')}` }
+            });
+            if (response.ok) {
+                const data = await response.json();
+                setFunnels(data.funnels || []);
+            }
+        } catch (error) {
+            console.error('Error fetching funnels:', error);
+        }
+    };
+
+    const fetchCustomers = async () => {
+        try {
+            const response = await fetch('/api/crm/customers', {
+                headers: {
+                    'Authorization': `Bearer ${localStorage.getItem('token')}`,
+                },
+            });
+            if (response.ok) {
+                const data = await response.json();
+                setCustomers(data.customers || []);
+            }
+        } catch (error) {
+            console.error('Error fetching customers:', error);
+        }
+    };
+
+    const fetchLists = async () => {
+        try {
+            setLoading(true);
+            const url = selectedCustomerId
+                ? `/api/crm/lists?customer_id=${selectedCustomerId}`
+                : '/api/crm/lists';
+
+            console.log(`📊 Fetching campaigns from: ${url}`);
+
+            const response = await fetch(url, {
+                cache: 'no-store',
+                headers: {
+                    'Authorization': `Bearer ${localStorage.getItem('token')}`,
+                },
+            });
+            if (response.ok) {
+                const data = await response.json();
+                console.log('📊 Campaigns data received:', data);
+                setLists(data.lists || []);
+            }
+        } catch (error) {
+            console.error('Error fetching campaigns:', error);
+        } finally {
+            setLoading(false);
+        }
+    };
+
+    const handleSubmit = async (e: React.FormEvent) => {
+        e.preventDefault();
+
+        const url = editingList
+            ? `/api/crm/lists/${editingList.id}`
+            : '/api/crm/lists';
+
+        const method = editingList ? 'PUT' : 'POST';
+
+        try {
+            const response = await fetch(url, {
+                method,
+                headers: {
+                    'Authorization': `Bearer ${localStorage.getItem('token')}`,
+                    'Content-Type': 'application/json',
+                },
+                body: JSON.stringify(formData),
+            });
+
+            if (response.ok) {
+                toast.success(
+                    editingList ? 'Campanha atualizada' : 'Campanha criada',
+                    editingList ? 'A campanha foi atualizada com sucesso.' : 'A nova campanha foi criada com sucesso.'
+                );
+                fetchLists();
+                handleCloseModal();
+            } else {
+                const error = await response.json();
+                toast.error('Erro', error.message || 'Não foi possível salvar a campanha.');
+            }
+        } catch (error) {
+            console.error('Error saving campaign:', error);
+            toast.error('Erro', 'Ocorreu um erro ao salvar a campanha.');
+        }
+    };
+
+    const handleNewCampaign = () => {
+        setEditingList(null);
+        setFormData({
+            name: '',
+            description: '',
+            color: COLORS[0].value,
+            customer_id: selectedCustomerId || '',
+            funnel_id: '',
+        });
+        setIsModalOpen(true);
+    };
+
+    const handleEdit = (list: List) => {
+        setEditingList(list);
+        setFormData({
+            name: list.name,
+            description: list.description,
+            color: list.color,
+            customer_id: list.customer_id || '',
+            funnel_id: list.funnel_id || '',
+        });
+        setIsModalOpen(true);
+    };
+
+    const handleDeleteClick = (id: string) => {
+        setListToDelete(id);
+        setConfirmOpen(true);
+    };
+
+    const handleConfirmDelete = async () => {
+        if (!listToDelete) return;
+
+        try {
+            const response = await fetch(`/api/crm/lists/${listToDelete}`, {
+                method: 'DELETE',
+                headers: {
+                    'Authorization': `Bearer ${localStorage.getItem('token')}`,
+                },
+            });
+
+            if (response.ok) {
+                setLists(lists.filter(l => l.id !== listToDelete));
+                toast.success('Campanha excluída', 'A campanha foi excluída com sucesso.');
+            } else {
+                toast.error('Erro ao excluir', 'Não foi possível excluir a campanha.');
+            }
+        } catch (error) {
+            console.error('Error deleting campaign:', error);
+            toast.error('Erro ao excluir', 'Ocorreu um erro ao excluir a campanha.');
+        } finally {
+            setConfirmOpen(false);
+            setListToDelete(null);
+        }
+    };
+
+    const handleCloseModal = () => {
+        setIsModalOpen(false);
+        setEditingList(null);
+        setFormData({
+            name: '',
+            description: '',
+            color: COLORS[0].value,
+            customer_id: '',
+            funnel_id: '',
+        });
+    };
+
+    const filteredLists = lists.filter((list) => {
+        const searchLower = searchTerm.toLowerCase();
+        return (
+            (list.name?.toLowerCase() || '').includes(searchLower) ||
+            (list.description?.toLowerCase() || '').includes(searchLower)
+        );
+    });
+
+    const totalPages = Math.ceil(filteredLists.length / itemsPerPage);
+    const paginatedLists = filteredLists.slice(
+        (currentPage - 1) * itemsPerPage,
+        currentPage * itemsPerPage
+    );
+
+    return (
+        <div className="p-6 max-w-[1600px] mx-auto space-y-6">
+            {/* Header */}
+            <div className="flex flex-col sm:flex-row sm:items-center justify-between gap-4">
+                <div>
+                    <h1 className="text-2xl font-bold text-zinc-900 dark:text-white tracking-tight">Campanhas</h1>
+                    <p className="text-sm text-zinc-500 dark:text-zinc-400 mt-1">
+                        Organize seus leads e rastreie a origem de cada um
+                    </p>
+                </div>
+                <button
+                    onClick={handleNewCampaign}
+                    className="inline-flex items-center justify-center gap-2 px-4 py-2.5 text-sm font-medium text-white rounded-lg hover:opacity-90 transition-opacity"
+                    style={{ background: 'var(--gradient)' }}
+                >
+                    <PlusIcon className="w-4 h-4" />
+                    Nova Campanha
+                </button>
+            </div>
+
+            {/* Search */}
+            <div className="relative w-full lg:w-96">
+                <div className="absolute inset-y-0 left-0 pl-3 flex items-center pointer-events-none">
+                    <MagnifyingGlassIcon className="h-5 w-5 text-zinc-400" aria-hidden="true" />
+                </div>
+                <input
+                    type="text"
+                    className="block w-full pl-10 pr-3 py-2 border border-zinc-200 dark:border-zinc-700 rounded-lg leading-5 bg-white dark:bg-zinc-900 text-zinc-900 dark:text-zinc-100 placeholder-zinc-400 focus:outline-none focus:ring-1 focus:ring-[var(--brand-color)] focus:border-[var(--brand-color)] sm:text-sm transition duration-150 ease-in-out"
+                    placeholder="Buscar campanhas..."
+                    value={searchTerm}
+                    onChange={(e) => setSearchTerm(e.target.value)}
+                />
+            </div>
+
+            {/* Table */}
+            {loading ? (
+                <div className="flex items-center justify-center h-64 bg-white dark:bg-zinc-900 rounded-xl border border-zinc-200 dark:border-zinc-800">
+                    <div className="animate-spin rounded-full h-8 w-8 border-b-2 border-[var(--brand-color)]"></div>
+                </div>
+            ) : filteredLists.length === 0 ? (
+                <div className="flex flex-col items-center justify-center h-64 bg-white dark:bg-zinc-900 rounded-xl border border-zinc-200 dark:border-zinc-800 text-center p-8">
+                    <div className="w-16 h-16 bg-zinc-50 dark:bg-zinc-800 rounded-full flex items-center justify-center mb-4">
+                        <ListBulletIcon className="w-8 h-8 text-zinc-400" />
+                    </div>
+                    <h3 className="text-lg font-medium text-zinc-900 dark:text-white mb-1">
+                        Nenhuma campanha encontrada
+                    </h3>
+                    <p className="text-zinc-500 dark:text-zinc-400 max-w-sm mx-auto">
+                        {searchTerm ? 'Nenhuma campanha corresponde à sua busca.' : 'Comece criando sua primeira campanha.'}
+                    </p>
+                </div>
+            ) : (
+                <div className="bg-white dark:bg-zinc-900 rounded-xl border border-zinc-200 dark:border-zinc-800 overflow-hidden">
+                    <div className="overflow-x-auto">
+                        <table className="w-full">
+                            <thead>
+                                <tr className="bg-zinc-50/50 dark:bg-zinc-800/50 border-b border-zinc-200 dark:border-zinc-800">
+                                    <th className="px-6 py-4 text-left text-xs font-semibold text-zinc-500 dark:text-zinc-400 uppercase tracking-wider">Campanha</th>
+                                    <th className="px-6 py-4 text-left text-xs font-semibold text-zinc-500 dark:text-zinc-400 uppercase tracking-wider">Cliente Vinculado</th>
+                                    <th className="px-6 py-4 text-left text-xs font-semibold text-zinc-500 dark:text-zinc-400 uppercase tracking-wider">Leads</th>
+                                    <th className="px-6 py-4 text-left text-xs font-semibold text-zinc-500 dark:text-zinc-400 uppercase tracking-wider">Criada em</th>
+                                    <th className="px-6 py-4 text-right text-xs font-semibold text-zinc-500 dark:text-zinc-400 uppercase tracking-wider">Ações</th>
+                                </tr>
+                            </thead>
+                            <tbody className="divide-y divide-zinc-100 dark:divide-zinc-800">
+                                {paginatedLists.map((list) => (
+                                    <tr
+                                        key={list.id}
+                                        onClick={() => router.push(`/crm/campanhas/${list.id}`)}
+                                        className="group hover:bg-zinc-50 dark:hover:bg-zinc-800/50 transition-colors cursor-pointer"
+                                    >
+                                        <td className="px-6 py-4 whitespace-nowrap">
+                                            <div className="flex items-center gap-3">
+                                                <div
+                                                    className="w-10 h-10 rounded-lg flex items-center justify-center text-white shadow-sm"
+                                                    style={{ backgroundColor: list.color }}
+                                                >
+                                                    <ListBulletIcon className="w-5 h-5" />
+                                                </div>
+                                                <div>
+                                                    <div className="text-sm font-semibold text-zinc-900 dark:text-white">
+                                                        {list.name}
+                                                    </div>
+                                                    {list.description && (
+                                                        <div className="text-xs text-zinc-500 dark:text-zinc-400 truncate max-w-[200px]">
+                                                            {list.description}
+                                                        </div>
+                                                    )}
+                                                </div>
+                                            </div>
+                                        </td>
+                                        <td className="px-6 py-4 whitespace-nowrap">
+                                            {list.customer_name ? (
+                                                <span className="inline-flex items-center px-2.5 py-0.5 rounded-full text-xs font-medium bg-brand-50 text-brand-700 dark:bg-brand-900/20 dark:text-brand-400 border border-brand-100 dark:border-brand-800/50">
+                                                    {list.customer_name}
+                                                </span>
+                                            ) : (
+                                                <span className="inline-flex items-center px-2.5 py-0.5 rounded-full text-xs font-medium bg-zinc-100 text-zinc-600 dark:bg-zinc-800 dark:text-zinc-400 border border-zinc-200 dark:border-zinc-700">
+                                                    Geral
+                                                </span>
+                                            )}
+                                        </td>
+                                        <td className="px-6 py-4 whitespace-nowrap">
+                                            <div className="flex items-center gap-1.5">
+                                                <UserGroupIcon className="w-4 h-4 text-zinc-400" />
+                                                <span className="text-sm font-bold text-zinc-900 dark:text-white">{list.lead_count || 0}</span>
+                                            </div>
+                                        </td>
+                                        <td className="px-6 py-4 whitespace-nowrap text-sm text-zinc-600 dark:text-zinc-400">
+                                            <div className="flex items-center gap-1.5">
+                                                <CalendarIcon className="w-4 h-4 text-zinc-400" />
+                                                {new Date(list.created_at).toLocaleDateString('pt-BR')}
+                                            </div>
+                                        </td>
+                                        <td className="px-6 py-4 whitespace-nowrap text-right">
+                                            <div className="flex items-center justify-end gap-2" onClick={(e) => e.stopPropagation()}>
+                                                <button
+                                                    onClick={() => router.push(`/crm/campanhas/${list.id}`)}
+                                                    className="flex items-center gap-1.5 px-3 py-1.5 text-xs font-bold text-brand-600 dark:text-brand-400 bg-brand-50 dark:bg-brand-900/20 rounded-lg hover:bg-brand-100 dark:hover:bg-brand-900/40 transition-all"
+                                                    title="Monitorar Leads"
+                                                >
+                                                    <RectangleStackIcon className="w-4 h-4" />
+                                                    MONITORAR
+                                                </button>
+                                                <button
+                                                    onClick={() => router.push(`/crm/campanhas/${list.id}`)}
+                                                    className="p-2 text-zinc-400 hover:text-brand-500 dark:hover:text-brand-400 transition-colors"
+                                                    title="Ver Detalhes"
+                                                >
+                                                    <EyeIcon className="w-5 h-5" />
+                                                </button>
+                                                <Menu as="div" className="relative inline-block text-left">
+                                                    <Menu.Button className="p-2 text-zinc-400 hover:text-zinc-600 dark:hover:text-zinc-300 transition-colors">
+                                                        <EllipsisVerticalIcon className="w-5 h-5" />
+                                                    </Menu.Button>
+                                                    <Transition
+                                                        as={Fragment}
+                                                        enter="transition ease-out duration-100"
+                                                        enterFrom="transform opacity-0 scale-95"
+                                                        enterTo="transform opacity-100 scale-100"
+                                                        leave="transition ease-in duration-75"
+                                                        leaveFrom="transform opacity-100 scale-100"
+                                                        leaveTo="transform opacity-0 scale-95"
+                                                    >
+                                                        <Menu.Items className="absolute right-0 mt-2 w-48 origin-top-right divide-y divide-zinc-100 dark:divide-zinc-800 rounded-xl bg-white dark:bg-zinc-900 shadow-lg ring-1 ring-black ring-opacity-5 focus:outline-none z-50 border border-zinc-200 dark:border-zinc-800">
+                                                            <div className="px-1 py-1">
+                                                                <Menu.Item>
+                                                                    {({ active }) => (
+                                                                        <button
+                                                                            onClick={() => handleEdit(list)}
+                                                                            className={`${active ? 'bg-zinc-50 dark:bg-zinc-800' : ''
+                                                                                } group flex w-full items-center rounded-lg px-3 py-2 text-sm text-zinc-700 dark:text-zinc-300`}
+                                                                        >
+                                                                            <PencilIcon className="mr-2 h-4 w-4 text-zinc-400" />
+                                                                            Editar
+                                                                        </button>
+                                                                    )}
+                                                                </Menu.Item>
+                                                            </div>
+                                                            <div className="px-1 py-1">
+                                                                <Menu.Item>
+                                                                    {({ active }) => (
+                                                                        <button
+                                                                            onClick={() => handleDeleteClick(list.id)}
+                                                                            className={`${active ? 'bg-red-50 dark:bg-red-900/20' : ''
+                                                                                } group flex w-full items-center rounded-lg px-3 py-2 text-sm text-red-600 dark:text-red-400`}
+                                                                        >
+                                                                            <TrashIcon className="mr-2 h-4 w-4" />
+                                                                            Excluir
+                                                                        </button>
+                                                                    )}
+                                                                </Menu.Item>
+                                                            </div>
+                                                        </Menu.Items>
+                                                    </Transition>
+                                                </Menu>
+                                            </div>
+                                        </td>
+                                    </tr>
+                                ))}
+                            </tbody>
+                        </table>
+                    </div>
+                    <Pagination
+                        currentPage={currentPage}
+                        totalPages={totalPages}
+                        totalItems={filteredLists.length}
+                        itemsPerPage={itemsPerPage}
+                        onPageChange={setCurrentPage}
+                    />
+                </div>
+            )}
+
+            {/* Modal */}
+            {isModalOpen && (
+                <div className="fixed inset-0 z-50 overflow-y-auto">
+                    <div className="flex min-h-full items-end justify-center p-4 text-center sm:items-center sm:p-0">
+                        <div className="fixed inset-0 bg-zinc-900/40 backdrop-blur-sm transition-opacity" onClick={handleCloseModal}></div>
+
+                        <div className="relative transform overflow-hidden rounded-2xl bg-white dark:bg-zinc-900 text-left shadow-xl transition-all sm:my-8 sm:w-full sm:max-w-lg border border-zinc-200 dark:border-zinc-800">
+                            <div className="absolute right-0 top-0 pr-6 pt-6">
+                                <button
+                                    type="button"
+                                    className="rounded-lg p-1.5 text-zinc-400 hover:text-zinc-600 dark:hover:text-zinc-300 hover:bg-zinc-100 dark:hover:bg-zinc-800 transition-colors"
+                                    onClick={handleCloseModal}
+                                >
+                                    <XMarkIcon className="h-5 w-5" />
+                                </button>
+                            </div>
+
+                            <form onSubmit={handleSubmit} className="p-6 sm:p-8">
+                                <div className="flex items-start gap-4 mb-6">
+                                    <div
+                                        className="flex h-12 w-12 flex-shrink-0 items-center justify-center rounded-xl shadow-lg"
+                                        style={{ backgroundColor: formData.color }}
+                                    >
+                                        <ListBulletIcon className="h-6 w-6 text-white" />
+                                    </div>
+                                    <div>
+                                        <h3 className="text-xl font-bold text-zinc-900 dark:text-white">
+                                            {editingList ? 'Editar Campanha' : 'Nova Campanha'}
+                                        </h3>
+                                        <p className="mt-1 text-sm text-zinc-500 dark:text-zinc-400">
+                                            {editingList ? 'Atualize as informações da campanha.' : 'Crie uma nova campanha para organizar seus leads.'}
+                                        </p>
+                                    </div>
+                                </div>
+
+                                <div className="space-y-4">
+                                    <SearchableSelect
+                                        label="Cliente Vinculado"
+                                        options={customers.map(c => ({
+                                            id: c.id,
+                                            name: c.name,
+                                            subtitle: c.company || undefined
+                                        }))}
+                                        value={formData.customer_id}
+                                        onChange={(value) => setFormData({ ...formData, customer_id: value || '' })}
+                                        placeholder="Nenhum cliente (Geral)"
+                                        emptyText="Nenhum cliente encontrado"
+                                        helperText="Vincule esta campanha a um cliente específico para melhor organização."
+                                    />
+
+                                    <div>
+                                        <label className="block text-sm font-medium text-zinc-700 dark:text-zinc-300 mb-2">
+                                            Nome da Campanha *
+                                        </label>
+                                        <input
+                                            type="text"
+                                            value={formData.name}
+                                            onChange={(e) => setFormData({ ...formData, name: e.target.value })}
+                                            placeholder="Ex: Black Friday 2025"
+                                            required
+                                            className="w-full px-3 py-2.5 border border-zinc-200 dark:border-zinc-700 rounded-lg bg-white dark:bg-zinc-900 text-zinc-900 dark:text-white placeholder-zinc-400 focus:outline-none focus:ring-2 focus:ring-[var(--brand-color)] focus:border-transparent transition-all"
+                                        />
+                                    </div>
+
+                                    <div>
+                                        <label className="block text-sm font-medium text-zinc-700 dark:text-zinc-300 mb-2">
+                                            Descrição
+                                        </label>
+                                        <textarea
+                                            value={formData.description}
+                                            onChange={(e) => setFormData({ ...formData, description: e.target.value })}
+                                            placeholder="Descreva o propósito desta campanha"
+                                            rows={3}
+                                            className="w-full px-3 py-2.5 border border-zinc-200 dark:border-zinc-700 rounded-lg bg-white dark:bg-zinc-900 text-zinc-900 dark:text-white placeholder-zinc-400 focus:outline-none focus:ring-2 focus:ring-[var(--brand-color)] focus:border-transparent resize-none transition-all"
+                                        />
+                                    </div>
+
+                                    <div>
+                                        <label className="block text-sm font-medium text-zinc-700 dark:text-zinc-300 mb-3">
+                                            Cor
+                                        </label>
+                                        <div className="grid grid-cols-8 gap-2">
+                                            {COLORS.map((color) => (
+                                                <button
+                                                    key={color.value}
+                                                    type="button"
+                                                    onClick={() => setFormData({ ...formData, color: color.value })}
+                                                    className={`w-10 h-10 rounded-lg transition-all ${formData.color === color.value
+                                                        ? 'ring-2 ring-offset-2 ring-zinc-400 dark:ring-zinc-600 scale-110'
+                                                        : 'hover:scale-105'
+                                                        }`}
+                                                    style={{ backgroundColor: color.value }}
+                                                    title={color.name}
+                                                />
+                                            ))}
+                                        </div>
+                                    </div>
+
+                                    <SearchableSelect
+                                        label="Funil de Vendas"
+                                        options={funnels.map(f => ({
+                                            id: f.id,
+                                            name: f.name
+                                        }))}
+                                        value={formData.funnel_id}
+                                        onChange={(value) => setFormData({ ...formData, funnel_id: value || '' })}
+                                        placeholder="Nenhum funil selecionado"
+                                        emptyText="Nenhum funil encontrado. Crie um funil primeiro."
+                                        helperText="Leads desta campanha seguirão as etapas do funil selecionado."
+                                    />
+                                </div>
+
+                                <div className="mt-8 pt-6 border-t border-zinc-200 dark:border-zinc-700 flex gap-3">
+                                    <button
+                                        type="button"
+                                        onClick={handleCloseModal}
+                                        className="flex-1 px-4 py-2.5 border border-zinc-200 dark:border-zinc-700 text-zinc-700 dark:text-zinc-300 font-medium rounded-lg hover:bg-zinc-50 dark:hover:bg-zinc-800 transition-colors"
+                                    >
+                                        Cancelar
+                                    </button>
+                                    <button
+                                        type="submit"
+                                        className="flex-1 px-4 py-2.5 text-white font-medium rounded-lg transition-all shadow-lg hover:shadow-xl"
+                                        style={{ background: 'var(--gradient)' }}
+                                    >
+                                        {editingList ? 'Atualizar' : 'Criar Campanha'}
+                                    </button>
+                                </div>
+                            </form>
+                        </div>
+                    </div>
+                </div>
+            )}
+
+            <ConfirmDialog
+                isOpen={confirmOpen}
+                onClose={() => {
+                    setConfirmOpen(false);
+                    setListToDelete(null);
+                }}
+                onConfirm={handleConfirmDelete}
+                title="Excluir Campanha"
+                message="Tem certeza que deseja excluir esta campanha? Os leads não serão excluídos, apenas removidos da campanha."
+                confirmText="Excluir"
+                cancelText="Cancelar"
+                variant="danger"
+            />
+        </div>
+    );
+}
+
+export default function CampaignsPage() {
+    return (
+        <SolutionGuard requiredSolution="crm">
+            <CampaignsContent />
+        </SolutionGuard>
+    );
+}

front-end-agency/app/(agency)/crm/funis/[id]/page.tsx

@@ -0,0 +1,426 @@
+"use client";
+
+import { useState, useEffect } from 'react';
+import { useParams, useRouter } from 'next/navigation';
+import { FunnelIcon, Cog6ToothIcon, TrashIcon, PencilIcon, CheckIcon, ChevronUpIcon, ChevronDownIcon, RectangleStackIcon, ArrowLeftIcon } from '@heroicons/react/24/outline';
+import KanbanBoard from '@/components/crm/KanbanBoard';
+import { useToast } from '@/components/layout/ToastContext';
+import Modal from '@/components/layout/Modal';
+import ConfirmDialog from '@/components/layout/ConfirmDialog';
+
+interface Stage {
+    id: string;
+    name: string;
+    color: string;
+    order_index: number;
+}
+
+interface Funnel {
+    id: string;
+    name: string;
+    description: string;
+    is_default: boolean;
+}
+
+export default function FunnelDetailPage() {
+    const params = useParams();
+    const router = useRouter();
+    const funnelId = params.id as string;
+    const [funnel, setFunnel] = useState<Funnel | null>(null);
+    const [stages, setStages] = useState<Stage[]>([]);
+    const [loading, setLoading] = useState(true);
+    const [isSettingsModalOpen, setIsSettingsModalOpen] = useState(false);
+    const [isSaving, setIsSaving] = useState(false);
+    const [editingStageId, setEditingStageId] = useState<string | null>(null);
+    const [confirmStageOpen, setConfirmStageOpen] = useState(false);
+    const [stageToDelete, setStageToDelete] = useState<string | null>(null);
+    const [newStageForm, setNewStageForm] = useState({ name: '', color: '#3b82f6' });
+    const [editStageForm, setEditStageForm] = useState<{ id: string; name: string; color: string }>({ id: '', name: '', color: '' });
+    const toast = useToast();
+
+    useEffect(() => {
+        fetchFunnel();
+        fetchStages();
+    }, [funnelId]);
+
+    const fetchFunnel = async () => {
+        try {
+            const response = await fetch(`/api/crm/funnels/${funnelId}`, {
+                headers: { 'Authorization': `Bearer ${localStorage.getItem('token')}` }
+            });
+            if (response.ok) {
+                const data = await response.json();
+                setFunnel(data.funnel);
+            } else {
+                toast.error('Funil não encontrado');
+                router.push('/crm/funis');
+            }
+        } catch (error) {
+            console.error('Error fetching funnel:', error);
+            toast.error('Erro ao carregar funil');
+            router.push('/crm/funis');
+        } finally {
+            setLoading(false);
+        }
+    };
+
+    const fetchStages = async () => {
+        try {
+            const response = await fetch(`/api/crm/funnels/${funnelId}/stages`, {
+                headers: { 'Authorization': `Bearer ${localStorage.getItem('token')}` }
+            });
+            if (response.ok) {
+                const data = await response.json();
+                setStages((data.stages || []).sort((a: Stage, b: Stage) => a.order_index - b.order_index));
+            }
+        } catch (error) {
+            console.error('Error fetching stages:', error);
+            toast.error('Erro ao carregar etapas');
+        }
+    };
+
+    const handleAddStage = async () => {
+        if (!newStageForm.name.trim()) {
+            toast.error('Digite o nome da etapa');
+            return;
+        }
+        try {
+            const response = await fetch(`/api/crm/funnels/${funnelId}/stages`, {
+                method: 'POST',
+                headers: {
+                    'Content-Type': 'application/json',
+                    'Authorization': `Bearer ${localStorage.getItem('token')}`
+                },
+                body: JSON.stringify({
+                    name: newStageForm.name,
+                    color: newStageForm.color,
+                    order_index: stages.length
+                })
+            });
+            if (response.ok) {
+                toast.success('Etapa criada');
+                setNewStageForm({ name: '', color: '#3b82f6' });
+                fetchStages();
+                // Notificar o KanbanBoard para refetch
+                window.dispatchEvent(new Event('kanban-refresh'));
+            }
+        } catch (error) {
+            toast.error('Erro ao criar etapa');
+        }
+    };
+
+    const handleUpdateStage = async () => {
+        if (!editStageForm.name.trim()) {
+            toast.error('Nome não pode estar vazio');
+            return;
+        }
+        try {
+            const response = await fetch(`/api/crm/funnels/${funnelId}/stages/${editStageForm.id}`, {
+                method: 'PUT',
+                headers: {
+                    'Content-Type': 'application/json',
+                    'Authorization': `Bearer ${localStorage.getItem('token')}`
+                },
+                body: JSON.stringify({
+                    name: editStageForm.name,
+                    color: editStageForm.color,
+                    order_index: stages.find(s => s.id === editStageForm.id)?.order_index || 0
+                })
+            });
+            if (response.ok) {
+                toast.success('Etapa atualizada');
+                setEditingStageId(null);
+                fetchStages();
+                window.dispatchEvent(new Event('kanban-refresh'));
+            }
+        } catch (error) {
+            toast.error('Erro ao atualizar etapa');
+        }
+    };
+
+    const handleDeleteStage = async () => {
+        if (!stageToDelete) return;
+        try {
+            const response = await fetch(`/api/crm/funnels/${funnelId}/stages/${stageToDelete}`, {
+                method: 'DELETE',
+                headers: { 'Authorization': `Bearer ${localStorage.getItem('token')}` }
+            });
+            if (response.ok) {
+                toast.success('Etapa excluída');
+                fetchStages();
+                window.dispatchEvent(new Event('kanban-refresh'));
+            } else {
+                toast.error('Erro ao excluir etapa');
+            }
+        } catch (error) {
+            toast.error('Erro ao excluir etapa');
+        } finally {
+            setConfirmStageOpen(false);
+            setStageToDelete(null);
+        }
+    };
+
+    const handleMoveStage = async (stageId: string, direction: 'up' | 'down') => {
+        const idx = stages.findIndex(s => s.id === stageId);
+        if (idx === -1) return;
+        if (direction === 'up' && idx === 0) return;
+        if (direction === 'down' && idx === stages.length - 1) return;
+
+        const newStages = [...stages];
+        const targetIdx = direction === 'up' ? idx - 1 : idx + 1;
+        [newStages[idx], newStages[targetIdx]] = [newStages[targetIdx], newStages[idx]];
+
+        try {
+            await Promise.all(
+                newStages.map((s, i) =>
+                    fetch(`/api/crm/funnels/${funnelId}/stages/${s.id}`, {
+                        method: 'PUT',
+                        headers: {
+                            'Content-Type': 'application/json',
+                            'Authorization': `Bearer ${localStorage.getItem('token')}`
+                        },
+                        body: JSON.stringify({ ...s, order_index: i })
+                    })
+                )
+            );
+            fetchStages();
+            window.dispatchEvent(new Event('kanban-refresh'));
+        } catch (error) {
+            toast.error('Erro ao reordenar etapas');
+        }
+    };
+
+    if (loading) {
+        return (
+            <div className="flex items-center justify-center h-screen">
+                <div className="animate-spin rounded-full h-8 w-8 border-b-2 border-[var(--brand-color)]"></div>
+            </div>
+        );
+    }
+
+    if (!funnel) {
+        return null;
+    }
+
+    return (
+        <div className="p-6 max-w-[1600px] mx-auto space-y-6">
+            {/* Header */}
+            <div className="flex items-center gap-4">
+                <button
+                    onClick={() => router.push('/crm/funis')}
+                    className="p-2 hover:bg-zinc-100 dark:hover:bg-zinc-800 rounded-lg transition-colors"
+                    title="Voltar"
+                >
+                    <ArrowLeftIcon className="w-5 h-5 text-zinc-700 dark:text-zinc-300" />
+                </button>
+                <div className="flex-1">
+                    <div className="flex items-center gap-3">
+                        <div className="w-10 h-10 rounded-lg flex items-center justify-center text-white shadow-sm bg-gradient-to-br from-brand-500 to-brand-600">
+                            <FunnelIcon className="w-5 h-5" />
+                        </div>
+                        <div>
+                            <h1 className="text-2xl font-bold text-zinc-900 dark:text-white tracking-tight flex items-center gap-2">
+                                {funnel.name}
+                                {funnel.is_default && (
+                                    <span className="inline-block px-2 py-0.5 text-xs font-bold text-brand-600 bg-brand-50 dark:bg-brand-900/30 rounded">
+                                        PADRÃO
+                                    </span>
+                                )}
+                            </h1>
+                            {funnel.description && (
+                                <p className="text-sm text-zinc-500 dark:text-zinc-400 mt-0.5">
+                                    {funnel.description}
+                                </p>
+                            )}
+                        </div>
+                    </div>
+                </div>
+                <button
+                    onClick={() => setIsSettingsModalOpen(true)}
+                    className="inline-flex items-center gap-2 px-4 py-2.5 text-sm font-medium text-zinc-700 dark:text-zinc-300 bg-white dark:bg-zinc-800 border border-zinc-200 dark:border-zinc-700 rounded-lg hover:bg-zinc-50 dark:hover:bg-zinc-700 transition-colors"
+                >
+                    <Cog6ToothIcon className="w-4 h-4" />
+                    Configurar Etapas
+                </button>
+            </div>
+
+            {/* Kanban */}
+            {stages.length === 0 ? (
+                <div className="flex flex-col items-center justify-center h-64 bg-white dark:bg-zinc-900 rounded-xl border border-zinc-200 dark:border-zinc-800 text-center p-8">
+                    <div className="w-16 h-16 bg-zinc-50 dark:bg-zinc-800 rounded-full flex items-center justify-center mb-4">
+                        <RectangleStackIcon className="w-8 h-8 text-zinc-400" />
+                    </div>
+                    <h3 className="text-lg font-medium text-zinc-900 dark:text-white mb-1">
+                        Nenhuma etapa configurada
+                    </h3>
+                    <p className="text-zinc-500 dark:text-zinc-400 max-w-sm mx-auto mb-4">
+                        Configure as etapas do funil para começar a gerenciar seus leads.
+                    </p>
+                    <button
+                        onClick={() => setIsSettingsModalOpen(true)}
+                        className="inline-flex items-center gap-2 px-4 py-2.5 text-sm font-medium text-white rounded-lg hover:opacity-90 transition-opacity"
+                        style={{ background: 'var(--gradient)' }}
+                    >
+                        <Cog6ToothIcon className="w-4 h-4" />
+                        Configurar Etapas
+                    </button>
+                </div>
+            ) : (
+                <KanbanBoard
+                    funnelId={funnelId}
+                />
+            )}
+
+            {/* Modal Configurações */}
+            <Modal
+                isOpen={isSettingsModalOpen}
+                onClose={() => setIsSettingsModalOpen(false)}
+                title="Configurar Etapas do Funil"
+                maxWidth="2xl"
+            >
+                <div className="space-y-6">
+                    {/* Nova Etapa */}
+                    <div className="bg-zinc-50 dark:bg-zinc-800/50 p-4 rounded-xl space-y-3">
+                        <h3 className="text-sm font-bold text-zinc-700 dark:text-zinc-300">Nova Etapa</h3>
+                        <div className="flex gap-3">
+                            <div className="flex-1">
+                                <input
+                                    type="text"
+                                    placeholder="Nome da etapa"
+                                    className="w-full px-4 py-2.5 bg-white dark:bg-zinc-900 border border-zinc-200 dark:border-zinc-700 rounded-xl text-sm focus:ring-2 focus:ring-brand-500/20 outline-none"
+                                    value={newStageForm.name}
+                                    onChange={e => setNewStageForm({ ...newStageForm, name: e.target.value })}
+                                    onKeyPress={e => e.key === 'Enter' && handleAddStage()}
+                                />
+                            </div>
+                            <div className="flex items-center gap-2">
+                                <input
+                                    type="color"
+                                    value={newStageForm.color}
+                                    onChange={e => setNewStageForm({ ...newStageForm, color: e.target.value })}
+                                    className="w-12 h-10 rounded-lg cursor-pointer"
+                                />
+                                <button
+                                    onClick={handleAddStage}
+                                    className="px-4 py-2.5 text-sm font-bold text-white rounded-xl transition-all"
+                                    style={{ background: 'var(--gradient)' }}
+                                >
+                                    Adicionar
+                                </button>
+                            </div>
+                        </div>
+                    </div>
+
+                    {/* Lista de Etapas */}
+                    <div className="space-y-2">
+                        <h3 className="text-sm font-bold text-zinc-700 dark:text-zinc-300">Etapas Configuradas</h3>
+                        {stages.length === 0 ? (
+                            <div className="text-center py-8 text-zinc-500 dark:text-zinc-400">
+                                Nenhuma etapa configurada. Adicione a primeira etapa acima.
+                            </div>
+                        ) : (
+                            <div className="space-y-2 max-h-[400px] overflow-y-auto pr-2 scrollbar-thin">
+                                {stages.map((stage, idx) => (
+                                    <div
+                                        key={stage.id}
+                                        className="bg-white dark:bg-zinc-900 border border-zinc-200 dark:border-zinc-700 rounded-xl p-4 flex items-center gap-3"
+                                    >
+                                        <div className="flex flex-col gap-1">
+                                            <button
+                                                onClick={() => handleMoveStage(stage.id, 'up')}
+                                                disabled={idx === 0}
+                                                className="p-1 hover:bg-zinc-100 dark:hover:bg-zinc-800 rounded disabled:opacity-30 disabled:cursor-not-allowed"
+                                            >
+                                                <ChevronUpIcon className="w-3 h-3" />
+                                            </button>
+                                            <button
+                                                onClick={() => handleMoveStage(stage.id, 'down')}
+                                                disabled={idx === stages.length - 1}
+                                                className="p-1 hover:bg-zinc-100 dark:hover:bg-zinc-800 rounded disabled:opacity-30 disabled:cursor-not-allowed"
+                                            >
+                                                <ChevronDownIcon className="w-3 h-3" />
+                                            </button>
+                                        </div>
+
+                                        {editingStageId === stage.id ? (
+                                            <>
+                                                <input
+                                                    type="text"
+                                                    className="flex-1 px-3 py-2 bg-zinc-50 dark:bg-zinc-800 border border-zinc-200 dark:border-zinc-700 rounded-lg text-sm focus:ring-2 focus:ring-brand-500/20 outline-none"
+                                                    value={editStageForm.name}
+                                                    onChange={e => setEditStageForm({ ...editStageForm, name: e.target.value })}
+                                                    onKeyPress={e => e.key === 'Enter' && handleUpdateStage()}
+                                                />
+                                                <input
+                                                    type="color"
+                                                    value={editStageForm.color}
+                                                    onChange={e => setEditStageForm({ ...editStageForm, color: e.target.value })}
+                                                    className="w-12 h-10 rounded-lg cursor-pointer"
+                                                />
+                                                <button
+                                                    onClick={handleUpdateStage}
+                                                    className="p-2 text-green-600 hover:bg-green-50 dark:hover:bg-green-900/20 rounded-lg"
+                                                >
+                                                    <CheckIcon className="w-5 h-5" />
+                                                </button>
+                                            </>
+                                        ) : (
+                                            <>
+                                                <div
+                                                    className="w-6 h-6 rounded-lg shadow-sm"
+                                                    style={{ backgroundColor: stage.color }}
+                                                ></div>
+                                                <span className="flex-1 font-medium text-zinc-900 dark:text-white">{stage.name}</span>
+                                                <button
+                                                    onClick={() => {
+                                                        setEditingStageId(stage.id);
+                                                        setEditStageForm({ id: stage.id, name: stage.name, color: stage.color });
+                                                    }}
+                                                    className="p-2 text-zinc-400 hover:text-zinc-600 dark:hover:text-zinc-200 hover:bg-zinc-100 dark:hover:bg-zinc-800 rounded-lg"
+                                                >
+                                                    <PencilIcon className="w-5 h-5" />
+                                                </button>
+                                                <button
+                                                    onClick={() => {
+                                                        setStageToDelete(stage.id);
+                                                        setConfirmStageOpen(true);
+                                                    }}
+                                                    className="p-2 text-zinc-400 hover:text-red-600 dark:hover:text-red-400 hover:bg-zinc-100 dark:hover:bg-zinc-800 rounded-lg"
+                                                >
+                                                    <TrashIcon className="w-5 h-5" />
+                                                </button>
+                                            </>
+                                        )}
+                                    </div>
+                                ))}
+                            </div>
+                        )}
+                    </div>
+
+                    <div className="flex justify-end pt-4 border-t border-zinc-100 dark:border-zinc-800">
+                        <button
+                            onClick={() => setIsSettingsModalOpen(false)}
+                            className="px-6 py-2.5 text-sm font-bold text-white rounded-xl transition-all"
+                            style={{ background: 'var(--gradient)' }}
+                        >
+                            Concluir
+                        </button>
+                    </div>
+                </div>
+            </Modal>
+
+            <ConfirmDialog
+                isOpen={confirmStageOpen}
+                onClose={() => {
+                    setConfirmStageOpen(false);
+                    setStageToDelete(null);
+                }}
+                onConfirm={handleDeleteStage}
+                title="Excluir Etapa"
+                message="Tem certeza que deseja excluir esta etapa? Leads nesta etapa permanecerão no funil mas sem uma etapa definida."
+                confirmText="Excluir"
+                cancelText="Cancelar"
+            />
+        </div>
+    );
+}

front-end-agency/app/(agency)/crm/funis/page.tsx

@@ -0,0 +1,456 @@
+"use client";
+
+import { useState, useEffect } from 'react';
+import { FunnelIcon, PlusIcon, TrashIcon, MagnifyingGlassIcon } from '@heroicons/react/24/outline';
+import { useRouter } from 'next/navigation';
+import { useToast } from '@/components/layout/ToastContext';
+import Modal from '@/components/layout/Modal';
+import ConfirmDialog from '@/components/layout/ConfirmDialog';
+
+interface Funnel {
+    id: string;
+    name: string;
+    description: string;
+    is_default: boolean;
+}
+
+const FUNNEL_TEMPLATES = [
+    {
+        name: 'Vendas Padrão',
+        description: 'Funil clássico para prospecção e fechamento de negócios.',
+        stages: [
+            { name: 'Novo Lead', color: '#3b82f6' },
+            { name: 'Qualificado', color: '#10b981' },
+            { name: 'Reunião Agendada', color: '#f59e0b' },
+            { name: 'Proposta Enviada', color: '#6366f1' },
+            { name: 'Negociação', color: '#8b5cf6' },
+            { name: 'Fechado / Ganho', color: '#22c55e' },
+            { name: 'Perdido', color: '#ef4444' }
+        ]
+    },
+    {
+        name: 'Onboarding de Clientes',
+        description: 'Acompanhamento após a venda até o sucesso do cliente.',
+        stages: [
+            { name: 'Contrato Assinado', color: '#10b981' },
+            { name: 'Briefing', color: '#3b82f6' },
+            { name: 'Setup Inicial', color: '#6366f1' },
+            { name: 'Treinamento', color: '#f59e0b' },
+            { name: 'Lançamento', color: '#8b5cf6' },
+            { name: 'Sucesso', color: '#22c55e' }
+        ]
+    },
+    {
+        name: 'Suporte / Atendimento',
+        description: 'Gestão de chamados e solicitações de clientes.',
+        stages: [
+            { name: 'Aberto', color: '#ef4444' },
+            { name: 'Em Atendimento', color: '#f59e0b' },
+            { name: 'Aguardando Cliente', color: '#3b82f6' },
+            { name: 'Resolvido', color: '#10b981' },
+            { name: 'Fechado', color: '#71717a' }
+        ]
+    }
+];
+
+export default function FunisPage() {
+    const router = useRouter();
+    const [funnels, setFunnels] = useState<Funnel[]>([]);
+    const [campaigns, setCampaigns] = useState<any[]>([]);
+    const [loading, setLoading] = useState(true);
+    const [isFunnelModalOpen, setIsFunnelModalOpen] = useState(false);
+    const [isSaving, setIsSaving] = useState(false);
+    const [searchTerm, setSearchTerm] = useState('');
+    const [confirmOpen, setConfirmOpen] = useState(false);
+    const [funnelToDelete, setFunnelToDelete] = useState<string | null>(null);
+
+    const [funnelForm, setFunnelForm] = useState({
+        name: '',
+        description: '',
+        template_index: -1,
+        campaign_id: ''
+    });
+
+    const toast = useToast();
+
+    useEffect(() => {
+        fetchFunnels();
+        fetchCampaigns();
+    }, []);
+
+    const fetchCampaigns = async () => {
+        try {
+            const response = await fetch('/api/crm/lists', {
+                headers: { 'Authorization': `Bearer ${localStorage.getItem('token')}` }
+            });
+            if (response.ok) {
+                const data = await response.json();
+                setCampaigns(data.lists || []);
+            }
+        } catch (error) {
+            console.error('Erro ao buscar campanhas:', error);
+        }
+    };
+
+    const fetchFunnels = async () => {
+        try {
+            const response = await fetch('/api/crm/funnels', {
+                headers: { 'Authorization': `Bearer ${localStorage.getItem('token')}` }
+            });
+            if (response.ok) {
+                const data = await response.json();
+                setFunnels(data.funnels || []);
+            }
+        } catch (error) {
+            console.error('Error fetching funnels:', error);
+            toast.error('Erro ao carregar funis');
+        } finally {
+            setLoading(false);
+        }
+    };
+
+    const handleCreateFunnel = async (e: React.FormEvent) => {
+        e.preventDefault();
+        setIsSaving(true);
+        try {
+            const response = await fetch('/api/crm/funnels', {
+                method: 'POST',
+                headers: {
+                    'Content-Type': 'application/json',
+                    'Authorization': `Bearer ${localStorage.getItem('token')}`
+                },
+                body: JSON.stringify({
+                    name: funnelForm.name,
+                    description: funnelForm.description,
+                    is_default: funnels.length === 0
+                })
+            });
+
+            if (response.ok) {
+                const data = await response.json();
+                const newFunnelId = data.id;
+
+                // Se selecionou uma campanha, vincular o funil a ela
+                if (funnelForm.campaign_id) {
+                    const campaign = campaigns.find(c => c.id === funnelForm.campaign_id);
+                    if (campaign) {
+                        await fetch(`/api/crm/lists/${campaign.id}`, {
+                            method: 'PUT',
+                            headers: {
+                                'Content-Type': 'application/json',
+                                'Authorization': `Bearer ${localStorage.getItem('token')}`
+                            },
+                            body: JSON.stringify({
+                                ...campaign,
+                                funnel_id: newFunnelId
+                            })
+                        });
+                    }
+                }
+
+                // Se escolheu um template, criar as etapas
+                if (funnelForm.template_index >= 0) {
+                    const template = FUNNEL_TEMPLATES[funnelForm.template_index];
+                    for (let i = 0; i < template.stages.length; i++) {
+                        const s = template.stages[i];
+                        await fetch(`/api/crm/funnels/${newFunnelId}/stages`, {
+                            method: 'POST',
+                            headers: {
+                                'Content-Type': 'application/json',
+                                'Authorization': `Bearer ${localStorage.getItem('token')}`
+                            },
+                            body: JSON.stringify({
+                                name: s.name,
+                                color: s.color,
+                                order_index: i
+                            })
+                        });
+                    }
+                }
+
+                toast.success('Funil criado com sucesso');
+                setIsFunnelModalOpen(false);
+                setFunnelForm({ name: '', description: '', template_index: -1, campaign_id: '' });
+                fetchFunnels();
+                router.push(`/crm/funis/${newFunnelId}`);
+            }
+        } catch (error) {
+            toast.error('Erro ao criar funil');
+        } finally {
+            setIsSaving(false);
+        }
+    };
+
+    const handleDeleteFunnel = async () => {
+        if (!funnelToDelete) return;
+
+        try {
+            const response = await fetch(`/api/crm/funnels/${funnelToDelete}`, {
+                method: 'DELETE',
+                headers: { 'Authorization': `Bearer ${localStorage.getItem('token')}` }
+            });
+            if (response.ok) {
+                toast.success('Funil excluído com sucesso');
+                setFunnels(funnels.filter(f => f.id !== funnelToDelete));
+            } else {
+                toast.error('Erro ao excluir funil');
+            }
+        } catch (error) {
+            toast.error('Erro ao excluir funil');
+        } finally {
+            setConfirmOpen(false);
+            setFunnelToDelete(null);
+        }
+    };
+
+    const filteredFunnels = funnels.filter(f =>
+        f.name.toLowerCase().includes(searchTerm.toLowerCase()) ||
+        (f.description || '').toLowerCase().includes(searchTerm.toLowerCase())
+    );
+
+    return (
+        <div className="p-6 max-w-[1600px] mx-auto space-y-6">
+            {/* Header */}
+            <div className="flex flex-col sm:flex-row sm:items-center justify-between gap-4">
+                <div>
+                    <h1 className="text-2xl font-bold text-zinc-900 dark:text-white tracking-tight">Funis de Vendas</h1>
+                    <p className="text-sm text-zinc-500 dark:text-zinc-400 mt-1">
+                        Gerencie seus funis e acompanhe o progresso dos leads
+                    </p>
+                </div>
+                <button
+                    onClick={() => setIsFunnelModalOpen(true)}
+                    className="inline-flex items-center justify-center gap-2 px-4 py-2.5 text-sm font-medium text-white rounded-lg hover:opacity-90 transition-opacity"
+                    style={{ background: 'var(--gradient)' }}
+                >
+                    <PlusIcon className="w-4 h-4" />
+                    Novo Funil
+                </button>
+            </div>
+
+            {/* Search */}
+            <div className="relative w-full lg:w-96">
+                <div className="absolute inset-y-0 left-0 pl-3 flex items-center pointer-events-none">
+                    <MagnifyingGlassIcon className="h-5 w-5 text-zinc-400" aria-hidden="true" />
+                </div>
+                <input
+                    type="text"
+                    className="block w-full pl-10 pr-3 py-2 border border-zinc-200 dark:border-zinc-700 rounded-lg leading-5 bg-white dark:bg-zinc-900 text-zinc-900 dark:text-zinc-100 placeholder-zinc-400 focus:outline-none focus:ring-1 focus:ring-[var(--brand-color)] focus:border-[var(--brand-color)] sm:text-sm transition duration-150 ease-in-out"
+                    placeholder="Buscar funis..."
+                    value={searchTerm}
+                    onChange={(e) => setSearchTerm(e.target.value)}
+                />
+            </div>
+
+            {/* Content */}
+            {loading ? (
+                <div className="flex items-center justify-center h-64 bg-white dark:bg-zinc-900 rounded-xl border border-zinc-200 dark:border-zinc-800">
+                    <div className="animate-spin rounded-full h-8 w-8 border-b-2 border-[var(--brand-color)]"></div>
+                </div>
+            ) : filteredFunnels.length === 0 ? (
+                <div className="flex flex-col items-center justify-center h-64 bg-white dark:bg-zinc-900 rounded-xl border border-zinc-200 dark:border-zinc-800 text-center p-8">
+                    <div className="w-16 h-16 bg-zinc-50 dark:bg-zinc-800 rounded-full flex items-center justify-center mb-4">
+                        <FunnelIcon className="w-8 h-8 text-zinc-400" />
+                    </div>
+                    <h3 className="text-lg font-medium text-zinc-900 dark:text-white mb-1">
+                        Nenhum funil encontrado
+                    </h3>
+                    <p className="text-zinc-500 dark:text-zinc-400 max-w-sm mx-auto">
+                        {searchTerm ? 'Nenhum funil corresponde à sua busca.' : 'Comece criando seu primeiro funil de vendas.'}
+                    </p>
+                </div>
+            ) : (
+                <div className="bg-white dark:bg-zinc-900 rounded-xl border border-zinc-200 dark:border-zinc-800 overflow-hidden">
+                    <div className="overflow-x-auto">
+                        <table className="w-full">
+                            <thead>
+                                <tr className="bg-zinc-50/50 dark:bg-zinc-800/50 border-b border-zinc-200 dark:border-zinc-800">
+                                    <th className="px-6 py-4 text-left text-xs font-semibold text-zinc-500 dark:text-zinc-400 uppercase tracking-wider">Funil</th>
+                                    <th className="px-6 py-4 text-left text-xs font-semibold text-zinc-500 dark:text-zinc-400 uppercase tracking-wider">Etapas</th>
+                                    <th className="px-6 py-4 text-left text-xs font-semibold text-zinc-500 dark:text-zinc-400 uppercase tracking-wider">Status</th>
+                                    <th className="px-6 py-4 text-right text-xs font-semibold text-zinc-500 dark:text-zinc-400 uppercase tracking-wider">Ações</th>
+                                </tr>
+                            </thead>
+                            <tbody className="divide-y divide-zinc-100 dark:divide-zinc-800">
+                                {filteredFunnels.map((funnel) => (
+                                    <tr
+                                        key={funnel.id}
+                                        onClick={() => router.push(`/crm/funis/${funnel.id}`)}
+                                        className="group hover:bg-zinc-50 dark:hover:bg-zinc-800/50 transition-colors cursor-pointer"
+                                    >
+                                        <td className="px-6 py-4 whitespace-nowrap">
+                                            <div className="flex items-center gap-3">
+                                                <div className="w-10 h-10 rounded-lg flex items-center justify-center text-white shadow-sm bg-gradient-to-br from-brand-500 to-brand-600">
+                                                    <FunnelIcon className="w-5 h-5" />
+                                                </div>
+                                                <div>
+                                                    <div className="font-medium text-zinc-900 dark:text-white flex items-center gap-2">
+                                                        {funnel.name}
+                                                        {funnel.is_default && (
+                                                            <span className="inline-block px-1.5 py-0.5 text-[10px] font-bold text-brand-600 bg-brand-50 dark:bg-brand-900/30 rounded">
+                                                                PADRÃO
+                                                            </span>
+                                                        )}
+                                                    </div>
+                                                    {funnel.description && (
+                                                        <div className="text-sm text-zinc-500 dark:text-zinc-400 truncate max-w-md">
+                                                            {funnel.description}
+                                                        </div>
+                                                    )}
+                                                </div>
+                                            </div>
+                                        </td>
+                                        <td className="px-6 py-4 whitespace-nowrap">
+                                            <div className="text-sm text-zinc-700 dark:text-zinc-300">
+                                                Clique para ver
+                                            </div>
+                                        </td>
+                                        <td className="px-6 py-4 whitespace-nowrap">
+                                            <span className="inline-flex items-center px-2.5 py-0.5 rounded-full text-xs font-medium bg-green-100 text-green-800 dark:bg-green-900/30 dark:text-green-400">
+                                                Ativo
+                                            </span>
+                                        </td>
+                                        <td className="px-6 py-4 whitespace-nowrap text-right text-sm font-medium">
+                                            <button
+                                                onClick={(e) => {
+                                                    e.stopPropagation();
+                                                    setFunnelToDelete(funnel.id);
+                                                    setConfirmOpen(true);
+                                                }}
+                                                className="text-zinc-400 hover:text-red-600 transition-colors p-2"
+                                                title="Excluir"
+                                            >
+                                                <TrashIcon className="w-5 h-5" />
+                                            </button>
+                                        </td>
+                                    </tr>
+                                ))}
+                            </tbody>
+                        </table>
+                    </div>
+                </div>
+            )}
+
+            {/* Modal Criar Funil */}
+            <Modal
+                isOpen={isFunnelModalOpen}
+                onClose={() => setIsFunnelModalOpen(false)}
+                title="Criar Novo Funil"
+                maxWidth="2xl"
+            >
+                <form onSubmit={handleCreateFunnel} className="space-y-6">
+                    <div className="grid grid-cols-1 md:grid-cols-2 gap-6">
+                        <div className="space-y-4">
+                            <div className="space-y-1">
+                                <label className="text-xs font-bold text-zinc-500 uppercase ml-1">Nome do Funil</label>
+                                <input
+                                    type="text"
+                                    required
+                                    className="w-full px-4 py-2.5 bg-zinc-50 dark:bg-zinc-800 border border-zinc-200 dark:border-zinc-700 rounded-xl text-sm focus:ring-2 focus:ring-brand-500/20 outline-none"
+                                    placeholder="Ex: Vendas High Ticket"
+                                    value={funnelForm.name}
+                                    onChange={e => setFunnelForm({ ...funnelForm, name: e.target.value })}
+                                />
+                            </div>
+                            <div className="space-y-1">
+                                <label className="text-xs font-bold text-zinc-500 uppercase ml-1">Descrição (Opcional)</label>
+                                <textarea
+                                    rows={3}
+                                    className="w-full px-4 py-2.5 bg-zinc-50 dark:bg-zinc-800 border border-zinc-200 dark:border-zinc-700 rounded-xl text-sm focus:ring-2 focus:ring-brand-500/20 outline-none resize-none"
+                                    placeholder="Para que serve este funil?"
+                                    value={funnelForm.description}
+                                    onChange={e => setFunnelForm({ ...funnelForm, description: e.target.value })}
+                                />
+                            </div>
+                            <div className="space-y-1">
+                                <label className="text-xs font-bold text-zinc-500 uppercase ml-1">Vincular à Campanha (Opcional)</label>
+                                <select
+                                    className="w-full px-4 py-2.5 bg-zinc-50 dark:bg-zinc-800 border border-zinc-200 dark:border-zinc-700 rounded-xl text-sm focus:ring-2 focus:ring-brand-500/20 outline-none"
+                                    value={funnelForm.campaign_id}
+                                    onChange={e => setFunnelForm({ ...funnelForm, campaign_id: e.target.value })}
+                                >
+                                    <option value="">Nenhuma campanha selecionada</option>
+                                    {campaigns.map(c => (
+                                        <option key={c.id} value={c.id}>{c.name}</option>
+                                    ))}
+                                </select>
+                            </div>
+                        </div>
+
+                        <div className="space-y-4">
+                            <label className="text-xs font-bold text-zinc-500 uppercase ml-1">Escolha um Template</label>
+                            <div className="space-y-2 max-h-[250px] overflow-y-auto pr-2 scrollbar-thin">
+                                {FUNNEL_TEMPLATES.map((template, idx) => (
+                                    <button
+                                        key={idx}
+                                        type="button"
+                                        onClick={() => setFunnelForm({ ...funnelForm, template_index: idx })}
+                                        className={`w-full p-4 text-left rounded-xl border transition-all ${funnelForm.template_index === idx
+                                            ? 'border-brand-500 bg-brand-50/50 dark:bg-brand-900/10 ring-1 ring-brand-500'
+                                            : 'border-zinc-200 dark:border-zinc-800 hover:border-zinc-300 dark:hover:border-zinc-700'
+                                            }`}
+                                    >
+                                        <div className="flex items-center justify-between mb-1">
+                                            <span className="font-bold text-sm text-zinc-900 dark:text-white">{template.name}</span>
+                                        </div>
+                                        <p className="text-[10px] text-zinc-500 dark:text-zinc-400 leading-relaxed">
+                                            {template.description}
+                                        </p>
+                                        <div className="mt-2 flex gap-1">
+                                            {template.stages.slice(0, 4).map((s, i) => (
+                                                <div key={i} className="h-1 w-4 rounded-full" style={{ backgroundColor: s.color }}></div>
+                                            ))}
+                                            {template.stages.length > 4 && <span className="text-[8px] text-zinc-400">+{template.stages.length - 4}</span>}
+                                        </div>
+                                    </button>
+                                ))}
+                                <button
+                                    type="button"
+                                    onClick={() => setFunnelForm({ ...funnelForm, template_index: -1 })}
+                                    className={`w-full p-4 text-left rounded-xl border transition-all ${funnelForm.template_index === -1
+                                        ? 'border-brand-500 bg-brand-50/50 dark:bg-brand-900/10 ring-1 ring-brand-500'
+                                        : 'border-zinc-200 dark:border-zinc-800 hover:border-zinc-300 dark:hover:border-zinc-700'
+                                        }`}
+                                >
+                                    <span className="font-bold text-sm text-zinc-900 dark:text-white">Personalizado</span>
+                                    <p className="text-[10px] text-zinc-500 dark:text-zinc-400">Comece com um funil vazio e crie suas próprias etapas.</p>
+                                </button>
+                            </div>
+                        </div>
+                    </div>
+
+                    <div className="flex justify-end gap-3 pt-6 border-t border-zinc-100 dark:border-zinc-800">
+                        <button
+                            type="button"
+                            onClick={() => setIsFunnelModalOpen(false)}
+                            className="px-6 py-2.5 text-sm font-bold text-zinc-500 hover:text-zinc-700 dark:text-zinc-400 dark:hover:text-zinc-200 transition-colors"
+                        >
+                            Cancelar
+                        </button>
+                        <button
+                            type="submit"
+                            disabled={isSaving}
+                            className="px-6 py-2.5 text-sm font-bold text-white rounded-xl transition-all disabled:opacity-50"
+                            style={{ background: 'var(--gradient)' }}
+                        >
+                            {isSaving ? 'Criando...' : 'Criar Funil'}
+                        </button>
+                    </div>
+                </form>
+            </Modal>
+
+            <ConfirmDialog
+                isOpen={confirmOpen}
+                onClose={() => {
+                    setConfirmOpen(false);
+                    setFunnelToDelete(null);
+                }}
+                onConfirm={handleDeleteFunnel}
+                title="Excluir Funil"
+                message="Tem certeza que deseja excluir este funil e todas as suas etapas? Leads vinculados a este funil ficarão órfãos."
+                confirmText="Excluir"
+                cancelText="Cancelar"
+            />
+        </div>
+    );
+}

front-end-agency/app/(agency)/crm/leads/importar/page.tsx

@@ -0,0 +1,648 @@
+"use client";
+
+import { useState, useEffect, Suspense, useRef } from 'react';
+import { useRouter, useSearchParams } from 'next/navigation';
+import { useToast } from '@/components/layout/ToastContext';
+import Papa from 'papaparse';
+import {
+    ArrowUpTrayIcon,
+    DocumentTextIcon,
+    CheckCircleIcon,
+    XCircleIcon,
+    ArrowPathIcon,
+    ChevronLeftIcon,
+    InformationCircleIcon,
+    TableCellsIcon,
+    CommandLineIcon,
+    CpuChipIcon,
+    CloudArrowUpIcon,
+} from '@heroicons/react/24/outline';
+
+interface Customer {
+    id: string;
+    name: string;
+    company: string;
+}
+
+interface Campaign {
+    id: string;
+    name: string;
+    customer_id: string;
+}
+
+function ImportLeadsContent() {
+    const router = useRouter();
+    const searchParams = useSearchParams();
+    const campaignIdFromUrl = searchParams.get('campaign');
+    const customerIdFromUrl = searchParams.get('customer');
+
+    const toast = useToast();
+    const [customers, setCustomers] = useState<Customer[]>([]);
+    const [campaigns, setCampaigns] = useState<Campaign[]>([]);
+    const [loading, setLoading] = useState(false);
+    const [importing, setImporting] = useState(false);
+
+    const [selectedCustomer, setSelectedCustomer] = useState(customerIdFromUrl || '');
+    const [selectedCampaign, setSelectedCampaign] = useState(campaignIdFromUrl || '');
+    const [jsonContent, setJsonContent] = useState('');
+    const [csvFile, setCsvFile] = useState<File | null>(null);
+    const [preview, setPreview] = useState<any[]>([]);
+    const [error, setError] = useState<string | null>(null);
+    const [importType, setImportType] = useState<'json' | 'csv' | 'typebot' | 'api'>('json');
+    const fileInputRef = useRef<HTMLInputElement>(null);
+
+    // Mapeamento inteligente de campos
+    const mapLeadData = (data: any[]) => {
+        const fieldMap: Record<string, string[]> = {
+            name: ['nome', 'name', 'full name', 'nome completo', 'cliente', 'contato'],
+            email: ['email', 'e-mail', 'mail', 'correio'],
+            phone: ['phone', 'telefone', 'celular', 'mobile', 'whatsapp', 'zap', 'tel'],
+            source: ['source', 'origem', 'canal', 'campanha', 'midia', 'mídia', 'campaign'],
+            status: ['status', 'fase', 'etapa', 'situação', 'situacao'],
+            notes: ['notes', 'notas', 'observações', 'observacoes', 'obs', 'comentário', 'comentario'],
+        };
+
+        return data.map(item => {
+            const mapped: any = { ...item };
+            const itemKeys = Object.keys(item);
+
+            // Tenta encontrar correspondências para cada campo principal
+            Object.entries(fieldMap).forEach(([targetKey, aliases]) => {
+                const foundKey = itemKeys.find(k =>
+                    aliases.includes(k.toLowerCase().trim())
+                );
+                if (foundKey && !mapped[targetKey]) {
+                    mapped[targetKey] = item[foundKey];
+                }
+            });
+
+            // Garante que campos básicos existam
+            if (!mapped.name && mapped.Nome) mapped.name = mapped.Nome;
+            if (!mapped.email && mapped.Email) mapped.email = mapped.Email;
+            if (!mapped.phone && (mapped.Celular || mapped.Telefone)) mapped.phone = mapped.Celular || mapped.Telefone;
+
+            return mapped;
+        });
+    };
+
+    useEffect(() => {
+        fetchData();
+    }, []);
+
+    const handleFileChange = (e: React.ChangeEvent<HTMLInputElement>) => {
+        const file = e.target.files?.[0];
+        if (!file) return;
+
+        if (file.type !== 'text/csv' && !file.name.endsWith('.csv')) {
+            toast.error('Erro', 'Por favor, selecione um arquivo CSV válido.');
+            return;
+        }
+
+        setCsvFile(file);
+        setError(null);
+
+        // Tenta ler o arquivo primeiro para detectar onde começam os dados
+        const reader = new FileReader();
+        reader.onload = (event) => {
+            const text = event.target?.result as string;
+            const lines = text.split('\n');
+
+            // Procura a linha que parece ser o cabeçalho (contém Nome, Email ou Celular)
+            let headerIndex = 0;
+            for (let i = 0; i < Math.min(lines.length, 10); i++) {
+                const lowerLine = lines[i].toLowerCase();
+                if (lowerLine.includes('nome') || lowerLine.includes('email') || lowerLine.includes('celular')) {
+                    headerIndex = i;
+                    break;
+                }
+            }
+
+            const csvData = lines.slice(headerIndex).join('\n');
+
+            Papa.parse(csvData, {
+                header: true,
+                skipEmptyLines: true,
+                complete: (results) => {
+                    if (results.errors.length > 0 && results.data.length === 0) {
+                        setError('Erro ao processar CSV. Verifique a formatação.');
+                        setPreview([]);
+                    } else {
+                        const mappedData = mapLeadData(results.data);
+                        setPreview(mappedData.slice(0, 5));
+                    }
+                },
+                error: (err: any) => {
+                    setError('Falha ao ler o arquivo.');
+                    setPreview([]);
+                }
+            });
+        };
+        reader.readAsText(file);
+    };
+
+    const fetchData = async () => {
+        setLoading(true);
+        try {
+            const [custRes, campRes] = await Promise.all([
+                fetch('/api/crm/customers', {
+                    headers: { 'Authorization': `Bearer ${localStorage.getItem('token')}` }
+                }),
+                fetch('/api/crm/lists', {
+                    headers: { 'Authorization': `Bearer ${localStorage.getItem('token')}` }
+                })
+            ]);
+
+            let fetchedCampaigns: Campaign[] = [];
+            if (campRes.ok) {
+                const data = await campRes.json();
+                fetchedCampaigns = data.lists || [];
+                setCampaigns(fetchedCampaigns);
+            }
+
+            if (custRes.ok) {
+                const data = await custRes.json();
+                setCustomers(data.customers || []);
+            }
+
+            // Se veio da campanha, tenta setar o cliente automaticamente
+            if (campaignIdFromUrl && fetchedCampaigns.length > 0) {
+                const campaign = fetchedCampaigns.find(c => c.id === campaignIdFromUrl);
+                if (campaign && campaign.customer_id) {
+                    setSelectedCustomer(campaign.customer_id);
+                }
+            }
+        } catch (err) {
+            console.error('Error fetching data:', err);
+        } finally {
+            setLoading(false);
+        }
+    };
+
+    const handleJsonChange = (e: React.ChangeEvent<HTMLTextAreaElement>) => {
+        const content = e.target.value;
+        setJsonContent(content);
+        setError(null);
+
+        if (!content.trim()) {
+            setPreview([]);
+            return;
+        }
+
+        try {
+            const parsed = JSON.parse(content);
+            const leads = Array.isArray(parsed) ? parsed : [parsed];
+            const mappedData = mapLeadData(leads);
+            setPreview(mappedData.slice(0, 5));
+        } catch (err) {
+            setError('JSON inválido. Verifique a formatação.');
+            setPreview([]);
+        }
+    };
+
+    const handleImport = async () => {
+        let leads: any[] = [];
+
+        if (importType === 'json') {
+            if (!jsonContent.trim() || error) {
+                toast.error('Erro', 'Por favor, insira um JSON válido.');
+                return;
+            }
+            try {
+                const parsed = JSON.parse(jsonContent);
+                leads = Array.isArray(parsed) ? parsed : [parsed];
+            } catch (err) {
+                toast.error('Erro', 'JSON inválido.');
+                return;
+            }
+        } else if (importType === 'csv') {
+            if (!csvFile || error) {
+                toast.error('Erro', 'Por favor, selecione um arquivo CSV válido.');
+                return;
+            }
+
+            // Parse CSV again to get all data
+            const results = await new Promise<any[]>((resolve) => {
+                const reader = new FileReader();
+                reader.onload = (event) => {
+                    const text = event.target?.result as string;
+                    const lines = text.split('\n');
+                    let headerIndex = 0;
+                    for (let i = 0; i < Math.min(lines.length, 10); i++) {
+                        const lowerLine = lines[i].toLowerCase();
+                        if (lowerLine.includes('nome') || lowerLine.includes('email') || lowerLine.includes('celular')) {
+                            headerIndex = i;
+                            break;
+                        }
+                    }
+                    const csvData = lines.slice(headerIndex).join('\n');
+                    Papa.parse(csvData, {
+                        header: true,
+                        skipEmptyLines: true,
+                        complete: (results: any) => resolve(results.data)
+                    });
+                };
+                reader.readAsText(csvFile);
+            });
+            leads = results;
+        }
+
+        if (leads.length === 0) {
+            toast.error('Erro', 'Nenhum lead encontrado para importar.');
+            return;
+        }
+
+        // Aplica o mapeamento inteligente antes de enviar
+        const mappedLeads = mapLeadData(leads);
+
+        setImporting(true);
+        try {
+            const response = await fetch('/api/crm/leads/import', {
+                method: 'POST',
+                headers: {
+                    'Authorization': `Bearer ${localStorage.getItem('token')}`,
+                    'Content-Type': 'application/json',
+                },
+                body: JSON.stringify({
+                    customer_id: selectedCustomer,
+                    campaign_id: selectedCampaign,
+                    leads: mappedLeads
+                }),
+            });
+
+            if (response.ok) {
+                const result = await response.json();
+                toast.success('Sucesso', `${result.count} leads importados com sucesso.`);
+
+                // Se veio de uma campanha, volta para a campanha
+                if (campaignIdFromUrl) {
+                    router.push(`/crm/campanhas/${campaignIdFromUrl}`);
+                } else {
+                    router.push('/crm/leads');
+                }
+            } else {
+                const errData = await response.json();
+                toast.error('Erro na importação', errData.error || 'Ocorreu um erro ao importar os leads.');
+            }
+        } catch (err) {
+            console.error('Import error:', err);
+            toast.error('Erro', 'Falha ao processar a importação.');
+        } finally {
+            setImporting(false);
+        }
+    };
+
+    return (
+        <div className="p-6 max-w-5xl mx-auto space-y-6">
+            {/* Header */}
+            <div className="flex items-center gap-4">
+                <button
+                    onClick={() => router.back()}
+                    className="p-2 rounded-lg hover:bg-zinc-100 dark:hover:bg-zinc-800 text-zinc-500 transition-colors"
+                >
+                    <ChevronLeftIcon className="w-5 h-5" />
+                </button>
+                <div>
+                    <h1 className="text-2xl font-bold text-zinc-900 dark:text-white tracking-tight">Importar Leads</h1>
+                    <p className="text-sm text-zinc-500 dark:text-zinc-400 mt-1">
+                        Selecione o método de importação e organize seus leads
+                    </p>
+                </div>
+            </div>
+
+            {/* Import Methods */}
+            <div className="grid grid-cols-1 sm:grid-cols-2 lg:grid-cols-4 gap-4">
+                <button
+                    onClick={() => setImportType('json')}
+                    className={`p-4 rounded-xl border transition-all text-left flex flex-col gap-3 ${importType === 'json'
+                        ? 'bg-blue-50 border-blue-200 dark:bg-blue-900/20 dark:border-blue-800 ring-1 ring-blue-500'
+                        : 'bg-white border-zinc-200 dark:bg-zinc-900 dark:border-zinc-800 hover:border-zinc-300 dark:hover:border-zinc-700'
+                        }`}
+                >
+                    <div className={`w-10 h-10 rounded-lg flex items-center justify-center ${importType === 'json' ? 'bg-blue-500 text-white' : 'bg-zinc-100 dark:bg-zinc-800 text-zinc-500'}`}>
+                        <DocumentTextIcon className="w-6 h-6" />
+                    </div>
+                    <div>
+                        <h3 className="text-sm font-bold text-zinc-900 dark:text-white">JSON</h3>
+                        <p className="text-xs text-zinc-500 dark:text-zinc-400">Importação via código</p>
+                    </div>
+                    <div className="mt-auto">
+                        <span className="text-[10px] font-bold uppercase px-1.5 py-0.5 bg-green-100 text-green-700 dark:bg-green-900/30 dark:text-green-400 rounded">Ativo</span>
+                    </div>
+                </button>
+
+                <button
+                    onClick={() => {
+                        setImportType('csv');
+                        setPreview([]);
+                        setError(null);
+                    }}
+                    className={`p-4 rounded-xl border transition-all text-left flex flex-col gap-3 ${importType === 'csv'
+                        ? 'bg-blue-50 border-blue-200 dark:bg-blue-900/20 dark:border-blue-800 ring-1 ring-blue-500'
+                        : 'bg-white border-zinc-200 dark:bg-zinc-900 dark:border-zinc-800 hover:border-zinc-300 dark:hover:border-zinc-700'
+                        }`}
+                >
+                    <div className={`w-10 h-10 rounded-lg flex items-center justify-center ${importType === 'csv' ? 'bg-blue-500 text-white' : 'bg-zinc-100 dark:bg-zinc-800 text-zinc-500'}`}>
+                        <TableCellsIcon className="w-6 h-6" />
+                    </div>
+                    <div>
+                        <h3 className="text-sm font-bold text-zinc-900 dark:text-white">CSV / Excel</h3>
+                        <p className="text-xs text-zinc-500 dark:text-zinc-400">Planilhas padrão</p>
+                    </div>
+                    <div className="mt-auto">
+                        <span className="text-[10px] font-bold uppercase px-1.5 py-0.5 bg-green-100 text-green-700 dark:bg-green-900/30 dark:text-green-400 rounded">Ativo</span>
+                    </div>
+                </button>
+
+                <button
+                    disabled
+                    className="p-4 rounded-xl border bg-zinc-50/50 dark:bg-zinc-900/50 border-zinc-200 dark:border-zinc-800 opacity-60 cursor-not-allowed text-left flex flex-col gap-3"
+                >
+                    <div className="w-10 h-10 rounded-lg flex items-center justify-center bg-zinc-100 dark:bg-zinc-800 text-zinc-400">
+                        <CpuChipIcon className="w-6 h-6" />
+                    </div>
+                    <div>
+                        <h3 className="text-sm font-bold text-zinc-400">Typebot</h3>
+                        <p className="text-xs text-zinc-400">Integração direta</p>
+                    </div>
+                    <div className="mt-auto">
+                        <span className="text-[10px] font-bold uppercase px-1.5 py-0.5 bg-zinc-100 text-zinc-500 dark:bg-zinc-800 dark:text-zinc-500 rounded">Em breve</span>
+                    </div>
+                </button>
+
+                <button
+                    disabled
+                    className="p-4 rounded-xl border bg-zinc-50/50 dark:bg-zinc-900/50 border-zinc-200 dark:border-zinc-800 opacity-60 cursor-not-allowed text-left flex flex-col gap-3"
+                >
+                    <div className="w-10 h-10 rounded-lg flex items-center justify-center bg-zinc-100 dark:bg-zinc-800 text-zinc-400">
+                        <CommandLineIcon className="w-6 h-6" />
+                    </div>
+                    <div>
+                        <h3 className="text-sm font-bold text-zinc-400">API / Webhook</h3>
+                        <p className="text-xs text-zinc-400">Endpoint externo</p>
+                    </div>
+                    <div className="mt-auto">
+                        <span className="text-[10px] font-bold uppercase px-1.5 py-0.5 bg-zinc-100 text-zinc-500 dark:bg-zinc-800 dark:text-zinc-500 rounded">Em breve</span>
+                    </div>
+                </button>
+            </div>
+
+            <div className="grid grid-cols-1 lg:grid-cols-3 gap-6">
+                {/* Config Side */}
+                <div className="lg:col-span-1 space-y-6">
+                    <div className="bg-white dark:bg-zinc-900 rounded-xl border border-zinc-200 dark:border-zinc-800 p-6 shadow-sm">
+                        <h2 className="text-sm font-semibold text-zinc-900 dark:text-white mb-4 flex items-center gap-2">
+                            <InformationCircleIcon className="w-4 h-4 text-blue-500" />
+                            Destino dos Leads
+                        </h2>
+
+                        <div className="space-y-4">
+                            <div>
+                                <label className="block text-xs font-medium text-zinc-500 dark:text-zinc-400 uppercase tracking-wider mb-1.5">
+                                    Campanha
+                                </label>
+                                <select
+                                    value={selectedCampaign}
+                                    onChange={(e) => {
+                                        setSelectedCampaign(e.target.value);
+                                        const camp = campaigns.find(c => c.id === e.target.value);
+                                        if (camp?.customer_id) setSelectedCustomer(camp.customer_id);
+                                    }}
+                                    className="w-full px-3 py-2 text-sm border border-zinc-200 dark:border-zinc-700 rounded-lg bg-white dark:bg-zinc-900 text-zinc-900 dark:text-white focus:outline-none focus:ring-2 focus:ring-blue-500 transition-all"
+                                >
+                                    <option value="">Nenhuma</option>
+                                    {campaigns.map(c => (
+                                        <option key={c.id} value={c.id}>{c.name}</option>
+                                    ))}
+                                </select>
+                                {campaignIdFromUrl && (
+                                    <p className="mt-1.5 text-[10px] text-blue-600 dark:text-blue-400 font-medium">
+                                        * Campanha pré-selecionada via contexto
+                                    </p>
+                                )}
+                            </div>
+
+                            <div>
+                                <label className="block text-xs font-medium text-zinc-500 dark:text-zinc-400 uppercase tracking-wider mb-1.5">
+                                    Cliente Vinculado
+                                </label>
+                                <select
+                                    value={selectedCustomer}
+                                    onChange={(e) => setSelectedCustomer(e.target.value)}
+                                    className="w-full px-3 py-2 text-sm border border-zinc-200 dark:border-zinc-700 rounded-lg bg-white dark:bg-zinc-900 text-zinc-900 dark:text-white focus:outline-none focus:ring-2 focus:ring-blue-500 transition-all"
+                                >
+                                    <option value="">Nenhum (Geral)</option>
+                                    {customers.map(c => (
+                                        <option key={c.id} value={c.id}>{c.name}</option>
+                                    ))}
+                                </select>
+                            </div>
+                        </div>
+                    </div>
+
+                    <div className="bg-blue-50 dark:bg-blue-900/20 rounded-xl border border-blue-100 dark:border-blue-800/30 p-4">
+                        <h3 className="text-xs font-bold text-blue-700 dark:text-blue-400 uppercase mb-2">Formato JSON Esperado</h3>
+                        <pre className="text-[10px] text-blue-600 dark:text-blue-300 overflow-x-auto">
+                            {`[
+  {
+    "name": "João Silva",
+    "email": "joao@email.com",
+    "phone": "11999999999",
+    "source": "facebook",
+    "tags": ["lead-quente"]
+  }
+]`}
+                        </pre>
+                    </div>
+                </div>
+
+                {/* Editor Side */}
+                <div className="lg:col-span-2 space-y-6">
+                    {importType === 'json' ? (
+                        <div className="bg-white dark:bg-zinc-900 rounded-xl border border-zinc-200 dark:border-zinc-800 shadow-sm overflow-hidden">
+                            <div className="px-6 py-4 border-b border-zinc-200 dark:border-zinc-800 flex items-center justify-between bg-zinc-50/50 dark:bg-zinc-800/50">
+                                <div className="flex items-center gap-2">
+                                    <DocumentTextIcon className="w-5 h-5 text-zinc-400" />
+                                    <span className="text-sm font-medium text-zinc-700 dark:text-zinc-300">Conteúdo JSON</span>
+                                </div>
+                                {error && (
+                                    <span className="text-xs text-red-500 flex items-center gap-1">
+                                        <XCircleIcon className="w-4 h-4" />
+                                        {error}
+                                    </span>
+                                )}
+                                {!error && preview.length > 0 && (
+                                    <span className="text-xs text-green-500 flex items-center gap-1">
+                                        <CheckCircleIcon className="w-4 h-4" />
+                                        JSON Válido
+                                    </span>
+                                )}
+                            </div>
+                            <textarea
+                                value={jsonContent}
+                                onChange={handleJsonChange}
+                                placeholder="Cole seu JSON aqui..."
+                                className="w-full h-80 p-4 font-mono text-sm bg-transparent border-none focus:ring-0 resize-none text-zinc-800 dark:text-zinc-200"
+                            />
+                            <div className="px-6 py-4 bg-zinc-50 dark:bg-zinc-800/50 border-t border-zinc-200 dark:border-zinc-800 flex justify-end">
+                                <button
+                                    onClick={handleImport}
+                                    disabled={importing || !!error || !jsonContent.trim()}
+                                    className="inline-flex items-center gap-2 px-6 py-2.5 bg-zinc-900 dark:bg-white text-white dark:text-zinc-900 rounded-lg font-semibold text-sm hover:opacity-90 disabled:opacity-50 transition-all shadow-sm"
+                                >
+                                    {importing ? (
+                                        <ArrowPathIcon className="w-4 h-4 animate-spin" />
+                                    ) : (
+                                        <ArrowUpTrayIcon className="w-4 h-4" />
+                                    )}
+                                    {importing ? 'Importando...' : 'Iniciar Importação'}
+                                </button>
+                            </div>
+                        </div>
+                    ) : importType === 'csv' ? (
+                        <div className="bg-white dark:bg-zinc-900 rounded-xl border border-zinc-200 dark:border-zinc-800 shadow-sm overflow-hidden">
+                            <div className="px-6 py-4 border-b border-zinc-200 dark:border-zinc-800 flex items-center justify-between bg-zinc-50/50 dark:bg-zinc-800/50">
+                                <div className="flex items-center gap-2">
+                                    <TableCellsIcon className="w-5 h-5 text-zinc-400" />
+                                    <span className="text-sm font-medium text-zinc-700 dark:text-zinc-300">Upload de Arquivo CSV</span>
+                                </div>
+                                {error && (
+                                    <span className="text-xs text-red-500 flex items-center gap-1">
+                                        <XCircleIcon className="w-4 h-4" />
+                                        {error}
+                                    </span>
+                                )}
+                                {!error && csvFile && (
+                                    <span className="text-xs text-green-500 flex items-center gap-1">
+                                        <CheckCircleIcon className="w-4 h-4" />
+                                        Arquivo Selecionado
+                                    </span>
+                                )}
+                            </div>
+
+                            <div className="p-8">
+                                <input
+                                    type="file"
+                                    ref={fileInputRef}
+                                    onChange={handleFileChange}
+                                    accept=".csv"
+                                    className="hidden"
+                                />
+
+                                <div
+                                    onClick={() => fileInputRef.current?.click()}
+                                    className={`border-2 border-dashed rounded-2xl p-12 text-center cursor-pointer transition-all ${csvFile
+                                        ? 'border-green-200 bg-green-50/30 dark:border-green-900/30 dark:bg-green-900/10'
+                                        : 'border-zinc-200 hover:border-blue-400 dark:border-zinc-800 dark:hover:border-blue-500 bg-zinc-50/50 dark:bg-zinc-800/30'
+                                        }`}
+                                >
+                                    <div className="w-16 h-16 bg-white dark:bg-zinc-800 rounded-2xl shadow-sm flex items-center justify-center mx-auto mb-4">
+                                        <CloudArrowUpIcon className={`w-8 h-8 ${csvFile ? 'text-green-500' : 'text-zinc-400'}`} />
+                                    </div>
+                                    {csvFile ? (
+                                        <div>
+                                            <h4 className="text-sm font-bold text-zinc-900 dark:text-white">{csvFile.name}</h4>
+                                            <p className="text-xs text-zinc-500 mt-1">{(csvFile.size / 1024).toFixed(2)} KB</p>
+                                            <button
+                                                onClick={(e) => {
+                                                    e.stopPropagation();
+                                                    setCsvFile(null);
+                                                    setPreview([]);
+                                                }}
+                                                className="mt-4 text-xs font-semibold text-red-500 hover:text-red-600"
+                                            >
+                                                Remover arquivo
+                                            </button>
+                                        </div>
+                                    ) : (
+                                        <div>
+                                            <h4 className="text-sm font-bold text-zinc-900 dark:text-white">Clique para selecionar ou arraste o arquivo</h4>
+                                            <p className="text-xs text-zinc-500 mt-1">Apenas arquivos .csv são aceitos</p>
+                                        </div>
+                                    )}
+                                </div>
+
+                                <div className="mt-6 bg-blue-50 dark:bg-blue-900/20 rounded-lg p-4 border border-blue-100 dark:border-blue-800/30">
+                                    <h5 className="text-xs font-bold text-blue-700 dark:text-blue-400 uppercase mb-2">Importação Inteligente</h5>
+                                    <p className="text-xs text-blue-600 dark:text-blue-300 leading-relaxed">
+                                        Nosso sistema detecta automaticamente os cabeçalhos. Você pode usar nomes como <code className="bg-blue-100 dark:bg-blue-800 px-1 rounded">Nome</code>, <code className="bg-blue-100 dark:bg-blue-800 px-1 rounded">E-mail</code>, <code className="bg-blue-100 dark:bg-blue-800 px-1 rounded">Celular</code> ou <code className="bg-blue-100 dark:bg-blue-800 px-1 rounded">Telefone</code>.
+                                        Linhas de título extras no topo do arquivo também são ignoradas automaticamente.
+                                    </p>
+                                </div>
+                            </div>
+
+                            <div className="px-6 py-4 bg-zinc-50 dark:bg-zinc-800/50 border-t border-zinc-200 dark:border-zinc-800 flex justify-end">
+                                <button
+                                    onClick={handleImport}
+                                    disabled={importing || !!error || !csvFile}
+                                    className="inline-flex items-center gap-2 px-6 py-2.5 bg-zinc-900 dark:bg-white text-white dark:text-zinc-900 rounded-lg font-semibold text-sm hover:opacity-90 disabled:opacity-50 transition-all shadow-sm"
+                                >
+                                    {importing ? (
+                                        <ArrowPathIcon className="w-4 h-4 animate-spin" />
+                                    ) : (
+                                        <ArrowUpTrayIcon className="w-4 h-4" />
+                                    )}
+                                    {importing ? 'Importando...' : 'Iniciar Importação'}
+                                </button>
+                            </div>
+                        </div>
+                    ) : (
+                        <div className="bg-white dark:bg-zinc-900 rounded-xl border border-zinc-200 dark:border-zinc-800 p-12 text-center">
+                            <div className="w-16 h-16 bg-zinc-100 dark:bg-zinc-800 rounded-full flex items-center justify-center mx-auto mb-4">
+                                <ArrowPathIcon className="w-8 h-8 text-zinc-400" />
+                            </div>
+                            <h3 className="text-lg font-bold text-zinc-900 dark:text-white">Em Desenvolvimento</h3>
+                            <p className="text-zinc-500 dark:text-zinc-400 max-w-xs mx-auto mt-2">
+                                Este método de importação estará disponível em breve. Por enquanto, utilize o formato JSON.
+                            </p>
+                        </div>
+                    )}
+
+                    {/* Preview */}
+                    {(importType === 'json' || importType === 'csv') && preview.length > 0 && (
+                        <div className="bg-white dark:bg-zinc-900 rounded-xl border border-zinc-200 dark:border-zinc-800 p-6 shadow-sm">
+                            <h3 className="text-sm font-semibold text-zinc-900 dark:text-white mb-4">Pré-visualização (Primeiros 5)</h3>
+                            <div className="overflow-x-auto">
+                                <table className="w-full text-left text-sm">
+                                    <thead>
+                                        <tr className="text-zinc-500 border-b border-zinc-100 dark:border-zinc-800">
+                                            <th className="pb-2 font-medium">Nome</th>
+                                            <th className="pb-2 font-medium">Email</th>
+                                            <th className="pb-2 font-medium">Telefone</th>
+                                            <th className="pb-2 font-medium">Origem</th>
+                                        </tr>
+                                    </thead>
+                                    <tbody className="divide-y divide-zinc-50 dark:divide-zinc-800">
+                                        {preview.map((lead, i) => (
+                                            <tr key={i}>
+                                                <td className="py-2 text-zinc-900 dark:text-zinc-100">{lead.name || '-'}</td>
+                                                <td className="py-2 text-zinc-600 dark:text-zinc-400">{lead.email || '-'}</td>
+                                                <td className="py-2 text-zinc-600 dark:text-zinc-400">{lead.phone || '-'}</td>
+                                                <td className="py-2">
+                                                    <span className="px-2 py-0.5 bg-zinc-100 dark:bg-zinc-800 rounded text-[10px] uppercase font-bold text-zinc-500">
+                                                        {lead.source || 'manual'}
+                                                    </span>
+                                                </td>
+                                            </tr>
+                                        ))}
+                                    </tbody>
+                                </table>
+                            </div>
+                        </div>
+                    )}
+                </div>
+            </div>
+        </div>
+    );
+}
+
+export default function ImportLeadsPage() {
+    return (
+        <Suspense fallback={
+            <div className="flex items-center justify-center h-screen">
+                <div className="animate-spin rounded-full h-8 w-8 border-b-2 border-blue-500"></div>
+            </div>
+        }>
+            <ImportLeadsContent />
+        </Suspense>
+    );
+}

front-end-agency/app/(agency)/crm/negociacoes/page.tsx

@@ -0,0 +1,31 @@
+"use client";
+
+import { CurrencyDollarIcon } from '@heroicons/react/24/outline';
+
+export default function NegociacoesPage() {
+    return (
+        <div className="p-6 h-full flex items-center justify-center">
+            <div className="text-center max-w-md">
+                <div className="mx-auto mb-6 flex h-20 w-20 items-center justify-center rounded-full bg-gradient-to-br from-green-500 to-emerald-600">
+                    <CurrencyDollarIcon className="h-10 w-10 text-white" />
+                </div>
+                <h1 className="text-2xl font-bold text-gray-900 dark:text-white mb-2">
+                    Negociações
+                </h1>
+                <p className="text-gray-600 dark:text-gray-400 mb-4">
+                    Esta funcionalidade está em desenvolvimento
+                </p>
+                <div className="inline-flex items-center gap-2 px-4 py-2 rounded-lg bg-green-50 dark:bg-green-900/20 border border-green-200 dark:border-green-800">
+                    <div className="flex gap-1">
+                        <span className="animate-bounce inline-block h-2 w-2 rounded-full bg-green-600" style={{ animationDelay: '0ms' }}></span>
+                        <span className="animate-bounce inline-block h-2 w-2 rounded-full bg-green-600" style={{ animationDelay: '150ms' }}></span>
+                        <span className="animate-bounce inline-block h-2 w-2 rounded-full bg-green-600" style={{ animationDelay: '300ms' }}></span>
+                    </div>
+                    <span className="text-sm font-medium text-green-600 dark:text-green-400">
+                        Em breve
+                    </span>
+                </div>
+            </div>
+        </div>
+    );
+}

front-end-agency/app/(agency)/crm/page.tsx

@@ -0,0 +1,249 @@
+"use client";
+
+import { useEffect, useState } from 'react';
+import Link from 'next/link';
+import { SolutionGuard } from '@/components/auth/SolutionGuard';
+import { useCRMFilter } from '@/contexts/CRMFilterContext';
+import KanbanBoard from '@/components/crm/KanbanBoard';
+import {
+    UsersIcon,
+    CurrencyDollarIcon,
+    ChartPieIcon,
+    ArrowTrendingUpIcon,
+    ListBulletIcon,
+    ArrowRightIcon,
+    MegaphoneIcon,
+    RectangleStackIcon,
+} from '@heroicons/react/24/outline';
+
+function CRMDashboardContent() {
+    const { selectedCustomerId } = useCRMFilter();
+    console.log('🏠 CRMPage (Content) render, selectedCustomerId:', selectedCustomerId);
+
+    const [stats, setStats] = useState([
+        { name: 'Leads Totais', value: '0', icon: UsersIcon, color: 'blue' },
+        { name: 'Clientes', value: '0', icon: UsersIcon, color: 'green' },
+        { name: 'Campanhas', value: '0', icon: MegaphoneIcon, color: 'purple' },
+        { name: 'Taxa de Conversão', value: '0%', icon: ChartPieIcon, color: 'orange' },
+    ]);
+    const [loading, setLoading] = useState(true);
+    const [defaultFunnelId, setDefaultFunnelId] = useState<string>('');
+
+    useEffect(() => {
+        console.log('🔄 CRM Dashboard: selectedCustomerId changed to:', selectedCustomerId);
+        fetchDashboardData();
+        fetchDefaultFunnel();
+    }, [selectedCustomerId]);
+
+    const fetchDefaultFunnel = async () => {
+        try {
+            const response = await fetch('/api/crm/funnels', {
+                headers: { 'Authorization': `Bearer ${localStorage.getItem('token')}` }
+            });
+            if (response.ok) {
+                const data = await response.json();
+                if (data.funnels?.length > 0) {
+                    setDefaultFunnelId(data.funnels[0].id);
+                }
+            }
+        } catch (error) {
+            console.error('Error fetching funnels:', error);
+        }
+    };
+
+    const fetchDashboardData = async () => {
+        try {
+            setLoading(true);
+            // Adicionando um timestamp para evitar cache agressivo do navegador
+            const timestamp = new Date().getTime();
+            const url = selectedCustomerId
+                ? `/api/crm/dashboard?customer_id=${selectedCustomerId}&t=${timestamp}`
+                : `/api/crm/dashboard?t=${timestamp}`;
+
+            console.log(`📊 Fetching dashboard data from: ${url}`);
+
+            const response = await fetch(url, {
+                method: 'GET',
+                headers: {
+                    'Authorization': `Bearer ${localStorage.getItem('token')}`,
+                    'Cache-Control': 'no-cache',
+                    'Pragma': 'no-cache'
+                },
+            });
+            if (response.ok) {
+                const data = await response.json();
+                console.log('📊 Dashboard data received:', data);
+                const s = data.stats;
+                setStats([
+                    { name: 'Leads Totais', value: s.total.toString(), icon: UsersIcon, color: 'blue' },
+                    { name: 'Clientes', value: s.total_customers.toString(), icon: UsersIcon, color: 'green' },
+                    { name: 'Campanhas', value: s.total_campaigns.toString(), icon: MegaphoneIcon, color: 'purple' },
+                    { name: 'Taxa de Conversão', value: `${s.conversionRate || 0}%`, icon: ChartPieIcon, color: 'orange' },
+                ]);
+            } else {
+                console.error('📊 Error response from dashboard:', response.status);
+            }
+        } catch (error) {
+            console.error('Error fetching CRM dashboard data:', error);
+        } finally {
+            setLoading(false);
+        }
+    };
+
+    const quickLinks = [
+        {
+            name: 'Funis de Vendas',
+            description: 'Configure seus processos e etapas',
+            icon: RectangleStackIcon,
+            href: '/crm/funis',
+            color: 'blue',
+        },
+        {
+            name: 'Clientes',
+            description: 'Gerencie seus contatos e clientes',
+            icon: UsersIcon,
+            href: '/crm/clientes',
+            color: 'indigo',
+        },
+        {
+            name: 'Campanhas',
+            description: 'Organize leads e rastreie origens',
+            icon: MegaphoneIcon,
+            href: '/crm/campanhas',
+            color: 'purple',
+        },
+        {
+            name: 'Leads',
+            description: 'Gerencie potenciais clientes',
+            icon: UsersIcon,
+            href: '/crm/leads',
+            color: 'green',
+        },
+    ];
+
+    return (
+        <div className="p-6 h-full overflow-auto">
+            <div className="space-y-6">
+                <div>
+                    <h1 className="text-2xl font-bold text-gray-900 dark:text-white">
+                        CRM
+                    </h1>
+                    <p className="mt-1 text-sm text-gray-600 dark:text-gray-400">
+                        Visão geral do relacionamento com clientes
+                    </p>
+                </div>
+
+                <div className="grid grid-cols-1 gap-4 sm:grid-cols-2 lg:grid-cols-4">
+                    {stats.map((stat) => {
+                        const Icon = stat.icon;
+                        return (
+                            <div
+                                key={stat.name}
+                                className="group relative overflow-hidden rounded-xl bg-white dark:bg-gray-900 p-4 border border-gray-200 dark:border-gray-800 transition-all"
+                            >
+                                <div className="flex items-center justify-between">
+                                    <div>
+                                        <p className="text-xs font-medium text-gray-600 dark:text-gray-400">
+                                            {stat.name}
+                                        </p>
+                                        <p className="mt-1 text-2xl font-bold text-gray-900 dark:text-white">
+                                            {stat.value}
+                                        </p>
+                                    </div>
+                                    <div
+                                        className={`rounded-lg p-2 bg-${stat.color}-100 dark:bg-${stat.color}-900/20`}
+                                    >
+                                        <Icon
+                                            className={`h-5 w-5 text-${stat.color}-600 dark:text-${stat.color}-400`}
+                                        />
+                                    </div>
+                                </div>
+                            </div>
+                        );
+                    })}
+                </div>
+
+                {/* Quick Links */}
+                <div className="mb-6">
+                    <h2 className="text-lg font-semibold text-gray-900 dark:text-white mb-4">
+                        Acesso Rápido
+                    </h2>
+                    <div className="grid grid-cols-1 md:grid-cols-2 gap-4">
+                        {quickLinks.map((link) => {
+                            const Icon = link.icon;
+                            return (
+                                <Link
+                                    key={link.name}
+                                    href={link.href}
+                                    className="group relative overflow-hidden rounded-xl bg-white dark:bg-gray-900 p-6 border border-gray-200 dark:border-gray-800 hover:border-gray-300 dark:hover:border-gray-700 transition-all hover:shadow-lg"
+                                >
+                                    <div className="flex items-start justify-between">
+                                        <div className="flex items-start gap-4">
+                                            <div
+                                                className={`rounded-lg p-3 bg-${link.color}-100 dark:bg-${link.color}-900/20`}
+                                            >
+                                                <Icon
+                                                    className={`h-6 w-6 text-${link.color}-600 dark:text-${link.color}-400`}
+                                                />
+                                            </div>
+                                            <div>
+                                                <h3 className="text-lg font-semibold text-gray-900 dark:text-white mb-1">
+                                                    {link.name}
+                                                </h3>
+                                                <p className="text-sm text-gray-600 dark:text-gray-400">
+                                                    {link.description}
+                                                </p>
+                                            </div>
+                                        </div>
+                                        <ArrowRightIcon className="w-5 h-5 text-gray-400 group-hover:text-gray-600 dark:group-hover:text-gray-300 group-hover:translate-x-1 transition-all" />
+                                    </div>
+                                </Link>
+                            );
+                        })}
+                    </div>
+                </div>
+
+                <div className="space-y-6">
+                    <div className="flex items-center justify-between">
+                        <h2 className="text-lg font-semibold text-gray-900 dark:text-white">
+                            Monitoramento de Leads
+                        </h2>
+                        <Link href="/crm/funis" className="text-sm font-medium text-brand-600 hover:underline">
+                            Gerenciar Funis
+                        </Link>
+                    </div>
+                    <div className="rounded-xl bg-white dark:bg-gray-900 border border-gray-200 dark:border-gray-800 p-6 min-h-[500px]">
+                        {defaultFunnelId ? (
+                            <KanbanBoard funnelId={defaultFunnelId} />
+                        ) : (
+                            <div className="flex flex-col items-center justify-center h-64 text-center">
+                                <RectangleStackIcon className="h-12 w-12 text-gray-300 mb-4" />
+                                <p className="text-gray-500">Nenhum funil configurado.</p>
+                                <Link href="/crm/funis" className="mt-4 px-4 py-2 bg-brand-600 text-white rounded-lg text-sm font-bold">
+                                    CRIAR PRIMEIRO FUNIL
+                                </Link>
+                            </div>
+                        )}
+                    </div>
+                </div>
+
+                <div className="grid grid-cols-1 lg:grid-cols-2 gap-6">
+                    <div className="rounded-xl bg-white dark:bg-gray-900 border border-gray-200 dark:border-gray-800 p-6 h-64 flex items-center justify-center">
+                        <p className="text-gray-500">Atividades Recentes (Em breve)</p>
+                    </div>
+                    <div className="rounded-xl bg-white dark:bg-gray-900 border border-gray-200 dark:border-gray-800 p-6 h-64 flex items-center justify-center">
+                        <p className="text-gray-500">Metas de Vendas (Em breve)</p>
+                    </div>
+                </div>
+            </div>
+        </div>
+    );
+}
+
+export default function CRMPage() {
+    return (
+        <SolutionGuard requiredSolution="crm">
+            <CRMDashboardContent />
+        </SolutionGuard>
+    );
+}

front-end-agency/app/(agency)/dashboard/page.tsx

@@ -1,178 +1,233 @@
 "use client";
 
-import { useEffect, useState } from "react";
+import { useEffect, useState } from 'react';
-import { useRouter } from "next/navigation";
+import { getUser } from '@/lib/auth';
-import { getUser } from "@/lib/auth";
 import {
+    RocketLaunchIcon,
     ChartBarIcon,
-    UserGroupIcon,
+    BriefcaseIcon,
+    LifebuoyIcon,
+    CreditCardIcon,
+    DocumentTextIcon,
     FolderIcon,
-    CurrencyDollarIcon,
+    ShareIcon,
     ArrowTrendingUpIcon,
-    ArrowTrendingDownIcon
+    ArrowTrendingDownIcon,
+    CheckCircleIcon,
+    ClockIcon,
 } from '@heroicons/react/24/outline';
 
-interface StatCardProps {
-    title: string;
-    value: string | number;
-    icon: React.ComponentType<React.SVGProps<SVGSVGElement>>;
-    trend?: number;
-    color: 'blue' | 'purple' | 'gray' | 'green';
-}
-
-const colorClasses = {
-    blue: {
-        iconBg: 'bg-blue-50 dark:bg-blue-900/20',
-        iconColor: 'text-blue-600 dark:text-blue-400',
-        trend: 'text-blue-600 dark:text-blue-400'
-    },
-    purple: {
-        iconBg: 'bg-purple-50 dark:bg-purple-900/20',
-        iconColor: 'text-purple-600 dark:text-purple-400',
-        trend: 'text-purple-600 dark:text-purple-400'
-    },
-    gray: {
-        iconBg: 'bg-gray-50 dark:bg-gray-900/20',
-        iconColor: 'text-gray-600 dark:text-gray-400',
-        trend: 'text-gray-600 dark:text-gray-400'
-    },
-    green: {
-        iconBg: 'bg-emerald-50 dark:bg-emerald-900/20',
-        iconColor: 'text-emerald-600 dark:text-emerald-400',
-        trend: 'text-emerald-600 dark:text-emerald-400'
-    }
-};
-
-function StatCard({ title, value, icon: Icon, trend, color }: StatCardProps) {
-    const colors = colorClasses[color];
-    const isPositive = trend && trend > 0;
-
-    return (
-        <div className="bg-white dark:bg-gray-800 rounded-xl p-6 border border-gray-200 dark:border-gray-700 hover:shadow-lg transition-shadow">
-            <div className="flex items-center justify-between">
-                <div className="flex-1">
-                    <p className="text-sm font-medium text-gray-600 dark:text-gray-400">{title}</p>
-                    <p className="text-3xl font-semibold text-gray-900 dark:text-white mt-2">{value}</p>
-                    {trend !== undefined && (
-                        <div className="flex items-center mt-2">
-                            {isPositive ? (
-                                <ArrowTrendingUpIcon className="w-4 h-4 text-emerald-500" />
-                            ) : (
-                                <ArrowTrendingDownIcon className="w-4 h-4 text-red-500" />
-                            )}
-                            <span className={`text-sm font-medium ml-1 ${isPositive ? 'text-emerald-600 dark:text-emerald-400' : 'text-red-600 dark:text-red-400'}`}>
-                                {Math.abs(trend)}%
-                            </span>
-                            <span className="text-xs text-gray-500 dark:text-gray-400 ml-1">vs mês anterior</span>
-                        </div>
-                    )}
-                </div>
-                <div className={`${colors.iconBg} p-3 rounded-xl`}>
-                    <Icon className={`w-8 h-8 ${colors.iconColor}`} />
-                </div>
-            </div>
-        </div>
-    );
-}
-
 export default function DashboardPage() {
-    const router = useRouter();
+    const [userName, setUserName] = useState('');
-    const [stats, setStats] = useState({
+    const [greeting, setGreeting] = useState('');
-        clientes: 0,
-        projetos: 0,
-        tarefas: 0,
-        faturamento: 0
-    });
 
     useEffect(() => {
-        // Verificar se é SUPERADMIN e redirecionar
         const user = getUser();
-        if (user && user.role === 'SUPERADMIN') {
+        if (user) {
-            router.push('/superadmin');
+            setUserName(user.name.split(' ')[0]); // Primeiro nome
-            return;
         }
 
-        // Simulando carregamento de dados
+        const hour = new Date().getHours();
-        setTimeout(() => {
+        if (hour >= 5 && hour < 12) setGreeting('Bom dia');
-            setStats({
+        else if (hour >= 12 && hour < 18) setGreeting('Boa tarde');
-                clientes: 127,
+        else setGreeting('Boa noite');
-                projetos: 18,
+    }, []);
-                tarefas: 64,
+
-                faturamento: 87500
+    const overviewStats = [
-            });
+        { name: 'Receita Total (Mês)', value: 'R$ 124.500', change: '+12%', changeType: 'increase', icon: ChartBarIcon, color: 'green' },
-        }, 300);
+        { name: 'Novos Leads', value: '45', change: '+5%', changeType: 'increase', icon: RocketLaunchIcon, color: 'blue' },
-    }, [router]);
+        { name: 'Projetos Ativos', value: '12', change: '-1', changeType: 'decrease', icon: BriefcaseIcon, color: 'purple' },
+        { name: 'Chamados Abertos', value: '3', change: '-2', changeType: 'decrease', icon: LifebuoyIcon, color: 'orange' },
+    ];
+
+    const modules = [
+        {
+            title: 'CRM & Vendas',
+            icon: RocketLaunchIcon,
+            color: 'blue',
+            stats: [
+                { label: 'Propostas Enviadas', value: '8' },
+                { label: 'Aguardando Aprovação', value: '3' },
+                { label: 'Taxa de Conversão', value: '24%' },
+            ]
+        },
+        {
+            title: 'Financeiro & ERP',
+            icon: ChartBarIcon,
+            color: 'green',
+            stats: [
+                { label: 'A Receber', value: 'R$ 45.200' },
+                { label: 'A Pagar', value: 'R$ 12.800' },
+                { label: 'Fluxo de Caixa', value: 'Positivo' },
+            ]
+        },
+        {
+            title: 'Projetos & Tarefas',
+            icon: BriefcaseIcon,
+            color: 'purple',
+            stats: [
+                { label: 'Em Andamento', value: '12' },
+                { label: 'Atrasados', value: '1' },
+                { label: 'Concluídos (Mês)', value: '4' },
+            ]
+        },
+        {
+            title: 'Helpdesk',
+            icon: LifebuoyIcon,
+            color: 'orange',
+            stats: [
+                { label: 'Novos Chamados', value: '3' },
+                { label: 'Tempo Médio Resposta', value: '2h' },
+                { label: 'Satisfação', value: '4.8/5' },
+            ]
+        },
+        {
+            title: 'Documentos & Contratos',
+            icon: DocumentTextIcon,
+            color: 'indigo',
+            stats: [
+                { label: 'Contratos Ativos', value: '28' },
+                { label: 'A Vencer (30 dias)', value: '2' },
+                { label: 'Docs Armazenados', value: '1.2GB' },
+            ]
+        },
+        {
+            title: 'Redes Sociais',
+            icon: ShareIcon,
+            color: 'pink',
+            stats: [
+                { label: 'Posts Agendados', value: '14' },
+                { label: 'Engajamento', value: '+8.5%' },
+                { label: 'Novos Seguidores', value: '120' },
+            ]
+        }
+    ];
 
     return (
-        <div className="p-6 max-w-7xl mx-auto">
+        <div className="p-6 h-full overflow-auto">
-            {/* Header */}
+            <div className="space-y-8">
-            <div className="mb-8">
+                {/* Header Personalizado */}
-                <h1 className="text-2xl font-bold text-gray-900 dark:text-white mb-2">
+                <div className="flex flex-col md:flex-row md:items-center justify-between gap-4">
-                    Dashboard
+                    <div>
-                </h1>
+                        <h1 className="text-2xl font-heading font-bold text-gray-900 dark:text-white">
-                <p className="text-gray-600 dark:text-gray-400">
+                            {greeting}, {userName || 'Administrador'}! 👋
-                    Bem-vindo ao seu painel de controle
+                        </h1>
-                </p>
+                        <p className="mt-1 text-sm text-gray-600 dark:text-gray-400">
-            </div>
+                            Aqui está o resumo da sua agência hoje. Tudo parece estar sob controle.
-
+                        </p>
-            {/* Stats Grid */}
-            <div className="grid grid-cols-1 md:grid-cols-2 lg:grid-cols-4 gap-6 mb-8">
-                <StatCard
-                    title="Clientes Ativos"
-                    value={stats.clientes}
-                    icon={UserGroupIcon}
-                    trend={12.5}
-                    color="blue"
-                />
-                <StatCard
-                    title="Projetos em Andamento"
-                    value={stats.projetos}
-                    icon={FolderIcon}
-                    trend={8.2}
-                    color="purple"
-                />
-                <StatCard
-                    title="Tarefas Pendentes"
-                    value={stats.tarefas}
-                    icon={ChartBarIcon}
-                    trend={-3.1}
-                    color="gray"
-                />
-                <StatCard
-                    title="Faturamento"
-                    value={new Intl.NumberFormat('pt-BR', {
-                        style: 'currency',
-                        currency: 'BRL',
-                        minimumFractionDigits: 0
-                    }).format(stats.faturamento)}
-                    icon={CurrencyDollarIcon}
-                    trend={25.3}
-                    color="green"
-                />
-            </div>
-
-            {/* Coming Soon Card */}
-            <div className="bg-linear-to-br from-gray-50 to-gray-100 dark:from-gray-800 dark:to-gray-900 rounded-2xl border border-gray-200 dark:border-gray-700 p-12">
-                <div className="max-w-2xl mx-auto text-center">
-                    <div className="inline-flex items-center justify-center w-16 h-16 rounded-2xl mb-6" style={{ background: 'var(--gradient-primary)' }}>
-                        <ChartBarIcon className="w-8 h-8 text-white" />
                     </div>
-                    <h2 className="text-3xl font-bold text-gray-900 dark:text-white mb-3">
+                    <div className="flex items-center gap-3">
-                        Em Desenvolvimento
+                        <span className="text-xs font-medium px-3 py-1 rounded-full bg-green-100 text-green-700 dark:bg-green-900/30 dark:text-green-400 border border-green-200 dark:border-green-800 flex items-center gap-1">
+                            <span className="w-2 h-2 rounded-full bg-green-500 animate-pulse"></span>
+                            Sistema Operacional
+                        </span>
+                        <span className="text-xs text-gray-500 dark:text-gray-400">
+                            {new Date().toLocaleDateString('pt-BR', { weekday: 'long', day: 'numeric', month: 'long' })}
+                        </span>
+                    </div>
+                </div>
+
+                {/* Top Stats */}
+                <div>
+                    {/* Mobile: Scroll Horizontal */}
+                    <div className="md:hidden overflow-x-auto scrollbar-hide">
+                        <div className="flex gap-4 min-w-max">
+                            {overviewStats.map((stat) => {
+                                const Icon = stat.icon;
+                                return (
+                                    <div
+                                        key={stat.name}
+                                        className="relative overflow-hidden rounded-xl bg-white dark:bg-zinc-900 p-4 border border-gray-200 dark:border-zinc-800 shadow-sm w-[280px] flex-shrink-0"
+                                    >
+                                        <div className="flex items-center justify-between">
+                                            <div className={`rounded-lg p-2 bg-${stat.color}-50 dark:bg-${stat.color}-900/20`}>
+                                                <Icon className={`h-6 w-6 text-${stat.color}-600 dark:text-${stat.color}-400`} />
+                                            </div>
+                                            <div className={`flex items-baseline text-sm font-semibold ${stat.changeType === 'increase' ? 'text-green-600' : 'text-red-600'
+                                                }`}>
+                                                {stat.changeType === 'increase' ? (
+                                                    <ArrowTrendingUpIcon className="h-4 w-4 mr-1" />
+                                                ) : (
+                                                    <ArrowTrendingDownIcon className="h-4 w-4 mr-1" />
+                                                )}
+                                                {stat.change}
+                                            </div>
+                                        </div>
+                                        <div className="mt-4">
+                                            <p className="text-sm font-medium text-gray-500 dark:text-gray-400">{stat.name}</p>
+                                            <p className="text-2xl font-bold text-gray-900 dark:text-white">{stat.value}</p>
+                                        </div>
+                                    </div>
+                                );
+                            })}
+                        </div>
+                    </div>
+
+                    {/* Desktop: Grid */}
+                    <div className="hidden md:grid md:grid-cols-2 lg:grid-cols-4 gap-4">
+                        {overviewStats.map((stat) => {
+                            const Icon = stat.icon;
+                            return (
+                                <div
+                                    key={stat.name}
+                                    className="relative overflow-hidden rounded-xl bg-white dark:bg-zinc-900 p-4 border border-gray-200 dark:border-zinc-800 shadow-sm"
+                                >
+                                    <div className="flex items-center justify-between">
+                                        <div className={`rounded-lg p-2 bg-${stat.color}-50 dark:bg-${stat.color}-900/20`}>
+                                            <Icon className={`h-6 w-6 text-${stat.color}-600 dark:text-${stat.color}-400`} />
+                                        </div>
+                                        <div className={`flex items-baseline text-sm font-semibold ${stat.changeType === 'increase' ? 'text-green-600' : 'text-red-600'
+                                            }`}>
+                                            {stat.changeType === 'increase' ? (
+                                                <ArrowTrendingUpIcon className="h-4 w-4 mr-1" />
+                                            ) : (
+                                                <ArrowTrendingDownIcon className="h-4 w-4 mr-1" />
+                                            )}
+                                            {stat.change}
+                                        </div>
+                                    </div>
+                                    <div className="mt-4">
+                                        <p className="text-sm font-medium text-gray-500 dark:text-gray-400">{stat.name}</p>
+                                        <p className="text-2xl font-bold text-gray-900 dark:text-white">{stat.value}</p>
+                                    </div>
+                                </div>
+                            );
+                        })}
+                    </div>
+                </div>
+
+                {/* Modules Grid */}
+                <div>
+                    <h2 className="text-lg font-semibold text-gray-900 dark:text-white mb-4">
+                        Performance por Módulo
                     </h2>
-                    <p className="text-lg text-gray-600 dark:text-gray-400 mb-8">
+                    <div className="grid grid-cols-1 gap-6 sm:grid-cols-2 lg:grid-cols-3">
-                        Estamos construindo recursos incríveis de CRM e ERP para sua agência.
+                        {modules.map((module) => {
-                        Em breve você terá acesso a análises detalhadas, gestão completa de clientes e muito mais.
+                            const Icon = module.icon;
-                    </p>
+                            return (
-                    <div className="flex flex-wrap items-center justify-center gap-3">
+                                <div
-                        {['CRM', 'ERP', 'Projetos', 'Pagamentos', 'Documentos', 'Suporte', 'Contratos'].map((item) => (
+                                    key={module.title}
-                            <span
+                                    className="rounded-xl bg-white dark:bg-zinc-900 border border-gray-200 dark:border-zinc-800 p-6 hover:border-gray-200 dark:hover:border-zinc-700 transition-colors"
-                                key={item}
+                                >
-                                className="inline-flex items-center px-4 py-2 rounded-full text-sm font-medium bg-white dark:bg-gray-800 text-gray-700 dark:text-gray-300 border border-gray-200 dark:border-gray-700"
+                                    <div className="flex items-center gap-3 mb-6">
-                            >
+                                        <div className={`p-2 rounded-lg bg-${module.color}-50 dark:bg-${module.color}-900/20`}>
-                                {item}
+                                            <Icon className={`h-5 w-5 text-${module.color}-600 dark:text-${module.color}-400`} />
-                            </span>
+                                        </div>
-                        ))}
+                                        <h3 className="font-semibold text-gray-900 dark:text-white">
+                                            {module.title}
+                                        </h3>
+                                    </div>
+                                    <div className="space-y-4">
+                                        {module.stats.map((stat, idx) => (
+                                            <div key={idx} className="flex items-center justify-between text-sm">
+                                                <span className="text-gray-500 dark:text-gray-400">{stat.label}</span>
+                                                <span className="font-medium text-gray-900 dark:text-white">{stat.value}</span>
+                                            </div>
+                                        ))}
+                                    </div>
+                                </div>
+                            );
+                        })}
                     </div>
                 </div>
             </div>

front-end-agency/app/(agency)/documentos/page.tsx

@@ -0,0 +1,252 @@
+'use client';
+
+import React, { useState, useEffect, useMemo } from 'react';
+import { SolutionGuard } from '@/components/auth/SolutionGuard';
+import { PageHeader, DataTable, Card, Badge } from '@/components/ui';
+import {
+    PlusIcon,
+    MagnifyingGlassIcon,
+    DocumentTextIcon,
+    PencilSquareIcon,
+    TrashIcon,
+    ArrowPathIcon,
+    EyeIcon,
+    ClockIcon
+} from '@heroicons/react/24/outline';
+import { docApi, Document } from '@/lib/api-docs';
+import { toast } from 'react-hot-toast';
+import DocumentEditor from '@/components/documentos/DocumentEditor';
+import { format, parseISO } from 'date-fns';
+import { ptBR } from 'date-fns/locale';
+
+export default function DocumentosPage() {
+    const [documents, setDocuments] = useState<Document[]>([]);
+    const [loading, setLoading] = useState(true);
+    const [searchTerm, setSearchTerm] = useState('');
+    const [isEditing, setIsEditing] = useState(false);
+    const [currentDoc, setCurrentDoc] = useState<Partial<Document> | null>(null);
+
+    // Pagination
+    const [currentPage, setCurrentPage] = useState(1);
+    const itemsPerPage = 8;
+
+    useEffect(() => {
+        fetchDocuments();
+    }, []);
+
+    const fetchDocuments = async () => {
+        try {
+            setLoading(true);
+            const data = await docApi.getDocuments();
+            setDocuments(data || []);
+        } catch (error) {
+            toast.error('Erro ao carregar documentos');
+        } finally {
+            setLoading(false);
+        }
+    };
+
+    const handleCreate = async () => {
+        try {
+            const newDoc = await docApi.createDocument({
+                title: 'Novo Documento',
+                content: '{"type":"doc","content":[{"type":"paragraph"}]}',
+                status: 'published',
+                parent_id: null
+            });
+            setCurrentDoc(newDoc);
+            setIsEditing(true);
+            fetchDocuments();
+        } catch (error) {
+            toast.error('Erro ao iniciar novo documento');
+        }
+    };
+
+    const handleEdit = (doc: Document) => {
+        setCurrentDoc(doc);
+        setIsEditing(true);
+    };
+
+    const handleSave = async (docData: Partial<Document>) => {
+        try {
+            if (docData.id) {
+                await docApi.updateDocument(docData.id, docData);
+                // toast.success('Documento atualizado!'); // Auto-save já acontece
+            } else {
+                await docApi.createDocument(docData);
+                toast.success('Documento criado!');
+            }
+            setIsEditing(false);
+            fetchDocuments();
+        } catch (error) {
+            toast.error('Erro ao salvar documento');
+        }
+    };
+
+    const handleDelete = async (id: string) => {
+        if (!confirm('Tem certeza que deseja excluir este documento e todas as suas subpáginas?')) return;
+        try {
+            await docApi.deleteDocument(id);
+            toast.success('Documento excluído!');
+            fetchDocuments();
+        } catch (error) {
+            toast.error('Erro ao excluir documento');
+        }
+    };
+
+    const filteredDocuments = useMemo(() => {
+        return documents.filter(doc =>
+            (doc.title || '').toLowerCase().includes(searchTerm.toLowerCase()) ||
+            (doc.content || '').toLowerCase().includes(searchTerm.toLowerCase())
+        );
+    }, [documents, searchTerm]);
+
+    const paginatedDocuments = useMemo(() => {
+        const start = (currentPage - 1) * itemsPerPage;
+        return filteredDocuments.slice(start, start + itemsPerPage);
+    }, [filteredDocuments, currentPage]);
+
+    const columns = [
+        {
+            header: 'Documento',
+            accessor: (doc: Document) => (
+                <div className="flex items-center gap-3 py-1">
+                    <div className="p-2.5 bg-zinc-50 dark:bg-zinc-800 rounded-xl border border-zinc-100 dark:border-zinc-700 shadow-sm">
+                        <DocumentTextIcon className="w-5 h-5 text-zinc-500" />
+                    </div>
+                    <div>
+                        <p className="font-bold text-zinc-900 dark:text-white group-hover:text-brand-500 transition-colors uppercase tracking-tight text-sm">
+                            {doc.title || 'Sem título'}
+                        </p>
+                        <div className="flex items-center gap-2 mt-0.5">
+                            <Badge variant="info" className="text-[8px] px-1.5 font-black">v{doc.version || 1}</Badge>
+                            <span className="text-[10px] text-zinc-400 font-medium">#{doc.id.substring(0, 8)}</span>
+                        </div>
+                    </div>
+                </div>
+            )
+        },
+        {
+            header: 'Última Modificação',
+            accessor: (doc: Document) => (
+                <div className="flex items-center gap-3">
+                    <ClockIcon className="w-4 h-4 text-zinc-300" />
+                    <div className="flex flex-col">
+                        <span className="text-xs font-bold text-zinc-600 dark:text-zinc-400">
+                            {format(parseISO(doc.updated_at), "dd 'de' MMM", { locale: ptBR })}
+                        </span>
+                        <span className="text-[9px] text-zinc-400 uppercase font-black tracking-tighter">
+                            às {format(parseISO(doc.updated_at), "HH:mm")}
+                        </span>
+                    </div>
+                </div>
+            )
+        },
+        {
+            header: 'Ações',
+            align: 'right' as const,
+            accessor: (doc: Document) => (
+                <div className="flex items-center justify-end gap-2">
+                    <button
+                        onClick={() => handleEdit(doc)}
+                        className="flex items-center gap-2 px-4 py-2 text-xs font-black uppercase tracking-widest text-zinc-600 dark:text-zinc-400 hover:text-brand-500 hover:bg-brand-50 dark:hover:bg-brand-500/10 rounded-xl transition-all"
+                    >
+                        <PencilSquareIcon className="w-4 h-4" />
+                        Abrir
+                    </button>
+                    <button
+                        onClick={() => handleDelete(doc.id)}
+                        className="p-2 text-zinc-300 hover:text-rose-500 hover:bg-rose-50 dark:hover:bg-rose-500/10 rounded-xl transition-all"
+                        title="Excluir"
+                    >
+                        <TrashIcon className="w-4 h-4" />
+                    </button>
+                </div>
+            )
+        }
+    ];
+
+    return (
+        <SolutionGuard requiredSolution="documentos">
+            <div className="p-6 max-w-[1600px] mx-auto space-y-8 animate-in fade-in duration-700">
+                <PageHeader
+                    title="Wiki & Base de Conhecimento"
+                    description="Organize processos, manuais e documentação técnica da agência."
+                    primaryAction={{
+                        label: "Criar Novo",
+                        icon: <PlusIcon className="w-5 h-5" />,
+                        onClick: handleCreate
+                    }}
+                />
+
+                <div className="flex flex-col md:flex-row gap-4 items-center justify-between bg-white dark:bg-zinc-900/50 p-4 rounded-[28px] border border-zinc-200 dark:border-zinc-800 shadow-sm">
+                    <div className="w-full md:w-96 relative">
+                        <MagnifyingGlassIcon className="absolute left-4 top-1/2 -translate-y-1/2 w-5 h-5 text-zinc-300" />
+                        <input
+                            type="text"
+                            placeholder="Pesquisar wiki..."
+                            value={searchTerm}
+                            onChange={(e) => setSearchTerm(e.target.value)}
+                            className="w-full bg-zinc-50 dark:bg-zinc-950 border border-zinc-100 dark:border-zinc-800 rounded-2xl pl-12 pr-4 py-3 text-sm outline-none focus:ring-2 ring-brand-500/20 transition-all font-semibold placeholder:text-zinc-400"
+                        />
+                    </div>
+
+                    <div className="flex items-center gap-4">
+                        <button
+                            onClick={fetchDocuments}
+                            className="p-3 text-zinc-400 hover:text-zinc-900 dark:hover:text-white transition-colors"
+                        >
+                            <ArrowPathIcon className={`w-5 h-5 ${loading ? 'animate-spin' : ''}`} />
+                        </button>
+                        <div className="h-6 w-px bg-zinc-200 dark:border-zinc-800" />
+                        <div className="flex items-center gap-2 px-5 py-2.5 bg-zinc-900 dark:bg-zinc-100 text-white dark:text-zinc-900 rounded-2xl text-[10px] font-black uppercase tracking-widest shadow-lg shadow-zinc-200 dark:shadow-none">
+                            {filteredDocuments.length} Documentos
+                        </div>
+                    </div>
+                </div>
+
+                <Card noPadding allowOverflow className="border-none shadow-2xl shadow-black/5 overflow-hidden rounded-[32px]">
+                    <DataTable
+                        columns={columns}
+                        data={paginatedDocuments}
+                        isLoading={loading}
+                    />
+
+                    {/* Pagination */}
+                    <div className="p-6 border-t border-zinc-50 dark:border-zinc-800 flex items-center justify-between bg-zinc-50/50 dark:bg-zinc-900/50">
+                        <p className="text-[10px] font-black text-zinc-400 uppercase tracking-widest">
+                            {filteredDocuments.length} itens no total
+                        </p>
+                        <div className="flex gap-2">
+                            <button
+                                disabled={currentPage === 1}
+                                onClick={() => setCurrentPage(p => p - 1)}
+                                className="px-6 py-2.5 text-[10px] font-black uppercase tracking-widest bg-white dark:bg-zinc-800 border border-zinc-200 dark:border-zinc-700 rounded-xl disabled:opacity-30 hover:bg-zinc-50 dark:hover:bg-zinc-700 transition-all shadow-sm"
+                            >
+                                Anterior
+                            </button>
+                            <button
+                                disabled={currentPage * itemsPerPage >= filteredDocuments.length}
+                                onClick={() => setCurrentPage(p => p + 1)}
+                                className="px-6 py-2.5 text-[10px] font-black uppercase tracking-widest bg-zinc-900 dark:bg-zinc-100 text-white dark:text-zinc-900 rounded-xl disabled:opacity-30 hover:bg-black dark:hover:bg-white transition-all shadow-lg active:scale-95"
+                            >
+                                Próximo
+                            </button>
+                        </div>
+                    </div>
+                </Card>
+
+                {isEditing && (
+                    <DocumentEditor
+                        initialDocument={currentDoc}
+                        onSave={handleSave}
+                        onCancel={() => {
+                            setIsEditing(false);
+                            fetchDocuments();
+                        }}
+                    />
+                )}
+            </div>
+        </SolutionGuard>
+    );
+}

front-end-agency/app/(agency)/erp/ERPSettingsPage.tsx

@@ -0,0 +1,211 @@
+'use client';
+
+import React, { useState, useEffect } from 'react';
+import {
+    PlusIcon,
+    BanknotesIcon,
+    TagIcon,
+    CheckIcon,
+    XMarkIcon,
+    PencilSquareIcon,
+    TrashIcon,
+    BuildingLibraryIcon
+} from '@heroicons/react/24/outline';
+import { erpApi, FinancialCategory, BankAccount } from '@/lib/api-erp';
+import { formatCurrency } from '@/lib/format';
+import { toast } from 'react-hot-toast';
+import {
+    PageHeader,
+    DataTable,
+    Input,
+    Card,
+    Tabs
+} from "@/components/ui";
+
+export default function ERPSettingsPage() {
+    return (
+        <div className="space-y-6">
+            <PageHeader
+                title="Configurações do ERP"
+                description="Gerencie categorias financeiras, contas bancárias e outras preferências do sistema."
+            />
+
+            <Tabs
+                variant="pills"
+                items={[
+                    {
+                        label: 'Categorias Financeiras',
+                        icon: <TagIcon className="w-4 h-4" />,
+                        content: <CategorySettings />
+                    },
+                    {
+                        label: 'Contas Bancárias',
+                        icon: <BuildingLibraryIcon className="w-4 h-4" />,
+                        content: <AccountSettings />
+                    }
+                ]}
+            />
+        </div>
+    );
+}
+
+function CategorySettings() {
+    const [categories, setCategories] = useState<FinancialCategory[]>([]);
+    const [loading, setLoading] = useState(true);
+
+    useEffect(() => {
+        fetchData();
+    }, []);
+
+    const fetchData = async () => {
+        try {
+            const data = await erpApi.getFinancialCategories();
+            setCategories(data || []);
+        } catch (error) {
+            toast.error('Erro ao carregar categorias');
+        } finally {
+            setLoading(false);
+        }
+    };
+
+    return (
+        <div className="space-y-4">
+            <div className="flex justify-between items-center">
+                <h3 className="text-lg font-bold text-zinc-900 dark:text-white">Categorias</h3>
+                <button
+                    className="flex items-center gap-2 px-4 py-2 text-white rounded-xl font-bold shadow-lg hover:opacity-90 transition-all text-sm"
+                    style={{ background: 'var(--gradient)' }}
+                >
+                    <PlusIcon className="w-4 h-4" />
+                    Nova Categoria
+                </button>
+            </div>
+
+            <Card noPadding className="overflow-hidden">
+                <DataTable
+                    isLoading={loading}
+                    data={categories}
+                    columns={[
+                        {
+                            header: 'Nome',
+                            accessor: (row) => (
+                                <div className="flex items-center gap-3">
+                                    <div className="w-3 h-3 rounded-full" style={{ backgroundColor: row.color }} />
+                                    <span className="font-bold text-zinc-900 dark:text-white">{row.name}</span>
+                                </div>
+                            )
+                        },
+                        {
+                            header: 'Tipo',
+                            accessor: (row) => (
+                                <span className={`px-2 py-0.5 rounded-full text-[10px] font-bold uppercase tracking-wider ${row.type === 'income' ? 'bg-emerald-100 text-emerald-700' : 'bg-rose-100 text-rose-700'}`}>
+                                    {row.type === 'income' ? 'Receita' : 'Despesa'}
+                                </span>
+                            )
+                        },
+                        {
+                            header: 'Status',
+                            accessor: (row) => (
+                                <span className={`text-xs font-bold ${row.is_active ? 'text-emerald-500' : 'text-zinc-400'}`}>
+                                    {row.is_active ? 'Ativo' : 'Inativo'}
+                                </span>
+                            )
+                        },
+                        {
+                            header: '',
+                            className: 'text-right',
+                            accessor: () => (
+                                <div className="flex justify-end gap-2 opacity-0 group-hover:opacity-100 transition-all">
+                                    <button className="p-2 text-zinc-400 hover:text-brand-600 dark:hover:text-brand-400">
+                                        <PencilSquareIcon className="w-4 h-4" />
+                                    </button>
+                                </div>
+                            )
+                        }
+                    ]}
+                />
+            </Card>
+        </div>
+    );
+}
+
+function AccountSettings() {
+    const [accounts, setAccounts] = useState<BankAccount[]>([]);
+    const [loading, setLoading] = useState(true);
+
+    useEffect(() => {
+        fetchData();
+    }, []);
+
+    const fetchData = async () => {
+        try {
+            const data = await erpApi.getBankAccounts();
+            setAccounts(data || []);
+        } catch (error) {
+            toast.error('Erro ao carregar contas');
+        } finally {
+            setLoading(false);
+        }
+    };
+
+    return (
+        <div className="space-y-4">
+            <div className="flex justify-between items-center">
+                <h3 className="text-lg font-bold text-zinc-900 dark:text-white">Contas Bancárias</h3>
+                <button
+                    className="flex items-center gap-2 px-4 py-2 text-white rounded-xl font-bold shadow-lg hover:opacity-90 transition-all text-sm"
+                    style={{ background: 'var(--gradient)' }}
+                >
+                    <PlusIcon className="w-4 h-4" />
+                    Nova Conta
+                </button>
+            </div>
+
+            <Card noPadding className="overflow-hidden">
+                <DataTable
+                    isLoading={loading}
+                    data={accounts}
+                    columns={[
+                        {
+                            header: 'Nome da Conta',
+                            accessor: (row) => (
+                                <div className="flex flex-col">
+                                    <span className="font-bold text-zinc-900 dark:text-white">{row.name}</span>
+                                    <span className="text-xs text-zinc-400 font-bold uppercase">{row.bank_name}</span>
+                                </div>
+                            )
+                        },
+                        {
+                            header: 'Saldo Atual',
+                            className: 'text-right',
+                            accessor: (row) => (
+                                <span className="font-black text-zinc-900 dark:text-white">
+                                    {formatCurrency(row.current_balance)}
+                                </span>
+                            )
+                        },
+                        {
+                            header: 'Status',
+                            accessor: (row) => (
+                                <span className={`text-xs font-bold ${row.is_active ? 'text-emerald-500' : 'text-zinc-400'}`}>
+                                    {row.is_active ? 'Ativo' : 'Inativo'}
+                                </span>
+                            )
+                        },
+                        {
+                            header: '',
+                            className: 'text-right',
+                            accessor: () => (
+                                <div className="flex justify-end gap-2 opacity-0 group-hover:opacity-100 transition-all">
+                                    <button className="p-2 text-zinc-400 hover:text-brand-600 dark:hover:text-brand-400">
+                                        <PencilSquareIcon className="w-4 h-4" />
+                                    </button>
+                                </div>
+                            )
+                        }
+                    ]}
+                />
+            </Card>
+        </div>
+    );
+}

front-end-agency/app/(agency)/erp/OrdersPage.tsx

@@ -0,0 +1,309 @@
+'use client';
+
+import React, { useState, useEffect, Fragment } from 'react';
+import {
+    PlusIcon,
+    MagnifyingGlassIcon,
+    FunnelIcon,
+    ShoppingBagIcon,
+    CalendarIcon,
+    CurrencyDollarIcon,
+    UserIcon,
+    CheckCircleIcon,
+    ClockIcon,
+    XMarkIcon,
+    EyeIcon,
+    TrashIcon,
+    ExclamationTriangleIcon
+} from '@heroicons/react/24/outline';
+import { ConfirmDialog } from "@/components/ui";
+import { erpApi, Order, Entity } from '@/lib/api-erp';
+import { formatCurrency } from '@/lib/format';
+import { useToast } from '@/components/layout/ToastContext';
+import {
+    PageHeader,
+    StatsCard,
+    DataTable,
+    Input,
+    Card,
+    BulkActionBar,
+} from "@/components/ui";
+import { format } from 'date-fns';
+
+export default function OrdersPage() {
+    const toast = useToast();
+    const [orders, setOrders] = useState<Order[]>([]);
+    const [entities, setEntities] = useState<Entity[]>([]);
+    const [loading, setLoading] = useState(true);
+    const [searchTerm, setSearchTerm] = useState('');
+    const [selectedIds, setSelectedIds] = useState<(string | number)[]>([]);
+    const [confirmOpen, setConfirmOpen] = useState(false);
+    const [bulkConfirmOpen, setBulkConfirmOpen] = useState(false);
+    const [orderToDelete, setOrderToDelete] = useState<string | null>(null);
+
+    useEffect(() => {
+        fetchData();
+    }, []);
+
+    const fetchData = async (silent = false) => {
+        try {
+            if (!silent) setLoading(true);
+            const [ordersData, entitiesData] = await Promise.all([
+                erpApi.getOrders(),
+                erpApi.getEntities()
+            ]);
+            setOrders(ordersData || []);
+            setEntities(entitiesData || []);
+        } catch (error) {
+            toast.error('Erro ao carregar', 'Não foi possível carregar os pedidos');
+        } finally {
+            setLoading(false);
+            setSelectedIds([]);
+        }
+    };
+
+    const handleBulkDelete = async () => {
+        if (selectedIds.length === 0) return;
+        setBulkConfirmOpen(true);
+    };
+
+    const handleConfirmBulkDelete = async () => {
+        if (selectedIds.length === 0) return;
+
+        const originalOrders = [...orders];
+        const idsToDelete = selectedIds.map(String);
+
+        // Dynamic: remove instantly
+        setOrders(prev => prev.filter(o => !idsToDelete.includes(String(o.id))));
+        const deletedCount = selectedIds.length;
+
+        try {
+            await Promise.all(idsToDelete.map(id => erpApi.deleteOrder(id)));
+            toast.success('Exclusão completa', `${deletedCount} pedidos excluídos com sucesso.`);
+            setTimeout(() => fetchData(true), 500);
+        } catch (error) {
+            setOrders(originalOrders);
+            toast.error('Erro ao excluir', 'Ocorreu um erro ao excluir alguns pedidos.');
+        } finally {
+            setBulkConfirmOpen(false);
+            setSelectedIds([]);
+        }
+    };
+
+    const handleDelete = (id: string) => {
+        setOrderToDelete(id);
+        setConfirmOpen(true);
+    };
+
+    const handleConfirmDelete = async () => {
+        if (!orderToDelete) return;
+
+        const originalOrders = [...orders];
+        const idToDelete = String(orderToDelete);
+
+        // Dynamic: remove instantly
+        setOrders(prev => prev.filter(o => String(o.id) !== idToDelete));
+
+        try {
+            await erpApi.deleteOrder(idToDelete);
+            toast.success('Exclusão completa', 'O pedido foi removido com sucesso.');
+            setTimeout(() => fetchData(true), 500);
+        } catch (error) {
+            setOrders(originalOrders);
+            toast.error('Erro ao excluir', 'Ocorreu um erro ao excluir o pedido.');
+        } finally {
+            setConfirmOpen(false);
+            setOrderToDelete(null);
+        }
+    };
+
+    const filteredOrders = orders.filter(o => {
+        const entityName = entities.find(e => e.id === o.entity_id)?.name || '';
+        const searchStr = searchTerm.toLowerCase();
+        return String(o.id).toLowerCase().includes(searchStr) ||
+            entityName.toLowerCase().includes(searchStr);
+    });
+
+    const totalRevenue = orders.filter(o => o.status !== 'cancelled').reduce((sum, o) => sum + Number(o.total_amount), 0);
+    const pendingOrders = orders.filter(o => o.status === 'confirmed').length;
+    const completedOrders = orders.filter(o => o.status === 'completed').length;
+
+    const columns = [
+        {
+            header: 'Pedido / Data',
+            accessor: (row: Order) => (
+                <div className="flex flex-col">
+                    <span className="font-bold text-zinc-900 dark:text-white uppercase text-xs">#{row.id.slice(0, 8)}</span>
+                    <div className="flex items-center gap-1 text-[10px] text-zinc-400 font-bold">
+                        <CalendarIcon className="w-3 h-3" />
+                        {row.created_at ? format(new Date(row.created_at), 'dd/MM/yyyy HH:mm') : '-'}
+                    </div>
+                </div>
+            )
+        },
+        {
+            header: 'Cliente',
+            accessor: (row: Order) => (
+                <div className="flex items-center gap-2">
+                    <div className="p-1.5 rounded-lg bg-zinc-100 dark:bg-zinc-800 text-zinc-500">
+                        <UserIcon className="w-4 h-4" />
+                    </div>
+                    <span className="text-sm font-semibold text-zinc-900 dark:text-white">
+                        {entities.find(e => e.id === row.entity_id)?.name || 'Consumidor Final'}
+                    </span>
+                </div>
+            )
+        },
+        {
+            header: 'Status',
+            accessor: (row: Order) => {
+                const colors = {
+                    draft: 'bg-zinc-100 text-zinc-700',
+                    confirmed: 'bg-blue-100 text-blue-700',
+                    completed: 'bg-emerald-100 text-emerald-700',
+                    cancelled: 'bg-rose-100 text-rose-700'
+                };
+                const labels = {
+                    draft: 'Rascunho',
+                    confirmed: 'Confirmado',
+                    completed: 'Concluído',
+                    cancelled: 'Cancelado'
+                };
+                return (
+                    <span className={`px-2.5 py-0.5 rounded-full text-[10px] font-black uppercase tracking-wider ${colors[row.status as keyof typeof colors]}`}>
+                        {labels[row.status as keyof typeof labels]}
+                    </span>
+                );
+            }
+        },
+        {
+            header: 'Total',
+            className: 'text-right',
+            accessor: (row: Order) => (
+                <span className="font-black text-zinc-900 dark:text-white">
+                    {formatCurrency(row.total_amount)}
+                </span>
+            )
+        },
+        {
+            header: '',
+            className: 'text-right',
+            accessor: (row: Order) => (
+                <div className="flex justify-end gap-2">
+                    <button className="p-2 text-zinc-400 hover:text-brand-600 dark:hover:text-brand-400">
+                        <EyeIcon className="w-5 h-5" />
+                    </button>
+                    <button
+                        onClick={(e) => { e.stopPropagation(); handleDelete(row.id); }}
+                        className="p-2 text-zinc-400 hover:text-rose-600 dark:hover:text-rose-400 transition-all"
+                    >
+                        <TrashIcon className="w-5 h-5" />
+                    </button>
+                </div>
+            )
+        }
+    ];
+
+    return (
+        <div className="space-y-6">
+            <PageHeader
+                title="Pedidos & Vendas"
+                description="Acompanhe suas vendas, gerencie orçamentos e controle o fluxo de pedidos."
+                primaryAction={{
+                    label: "Novo Pedido",
+                    icon: <PlusIcon className="w-5 h-5" />,
+                    onClick: () => toast.error('Funcionalidade em desenvolvimento')
+                }}
+            />
+
+            <div className="grid grid-cols-1 md:grid-cols-2 lg:grid-cols-4 gap-6">
+                <StatsCard
+                    title="Receita de Vendas"
+                    value={formatCurrency(totalRevenue)}
+                    icon={<CurrencyDollarIcon className="w-6 h-6 text-emerald-500" />}
+                />
+                <StatsCard
+                    title="Pedidos Pendentes"
+                    value={pendingOrders}
+                    icon={<ClockIcon className="w-6 h-6 text-blue-500" />}
+                />
+                <StatsCard
+                    title="Pedidos Concluídos"
+                    value={completedOrders}
+                    icon={<CheckCircleIcon className="w-6 h-6 text-emerald-500" />}
+                />
+                <StatsCard
+                    title="Total de Pedidos"
+                    value={orders.length}
+                    icon={<ShoppingBagIcon className="w-6 h-6 text-indigo-500" />}
+                />
+            </div>
+
+            <div className="flex flex-col sm:flex-row justify-between items-start sm:items-center gap-4">
+                <div className="relative w-full sm:w-96">
+                    <MagnifyingGlassIcon className="absolute left-3 top-1/2 -translate-y-1/2 w-4 h-4 text-zinc-400" />
+                    <Input
+                        placeholder="Buscar por cliente ou ID do pedido..."
+                        className="pl-10 h-10 border-zinc-200 dark:border-zinc-800"
+                        value={searchTerm}
+                        onChange={(e) => setSearchTerm(e.target.value)}
+                    />
+                </div>
+                <div className="flex gap-2 w-full sm:w-auto">
+                    <button className="flex items-center gap-2 px-4 py-2 bg-white dark:bg-zinc-900 border border-zinc-200 dark:border-zinc-800 rounded-xl text-sm font-bold text-zinc-600 dark:text-zinc-400 hover:bg-zinc-50 dark:hover:bg-zinc-800 transition-all">
+                        <FunnelIcon className="w-4 h-4" />
+                        Filtros
+                    </button>
+                </div>
+            </div>
+
+            <Card noPadding className="overflow-hidden">
+                <DataTable
+                    selectable
+                    isLoading={loading}
+                    selectedIds={selectedIds}
+                    onSelectionChange={setSelectedIds}
+                    columns={columns}
+                    data={filteredOrders}
+                />
+            </Card>
+
+            <ConfirmDialog
+                isOpen={bulkConfirmOpen}
+                onClose={() => setBulkConfirmOpen(false)}
+                onConfirm={handleConfirmBulkDelete}
+                title="Excluir Pedidos Selecionados"
+                message={`Tem certeza que deseja excluir os ${selectedIds.length} pedidos selecionados? Esta ação não pode ser desfeita.`}
+                confirmText="Excluir Tudo"
+                variant="danger"
+            />
+
+            <ConfirmDialog
+                isOpen={confirmOpen}
+                onClose={() => {
+                    setConfirmOpen(false);
+                    setOrderToDelete(null);
+                }}
+                onConfirm={handleConfirmDelete}
+                title="Excluir Pedido"
+                message="Tem certeza que deseja excluir este pedido? Esta ação não pode ser desfeita."
+                confirmText="Excluir"
+                cancelText="Cancelar"
+                variant="danger"
+            />
+
+            <BulkActionBar
+                selectedCount={selectedIds.length}
+                onClearSelection={() => setSelectedIds([])}
+                actions={[
+                    {
+                        label: "Excluir Selecionados",
+                        icon: <TrashIcon className="w-5 h-5" />,
+                        onClick: handleBulkDelete,
+                        variant: 'danger'
+                    }
+                ]}
+            />
+        </div>
+    );
+}

front-end-agency/app/(agency)/erp/ProductsPage.tsx

@@ -0,0 +1,503 @@
+'use client';
+
+import React, { useState, useEffect, Fragment } from 'react';
+import {
+    PlusIcon,
+    MagnifyingGlassIcon,
+    FunnelIcon,
+    Square3Stack3DIcon as PackageIcon,
+    CurrencyDollarIcon,
+    ExclamationTriangleIcon,
+    TrashIcon,
+    PencilSquareIcon,
+    XMarkIcon,
+    CheckIcon,
+    TagIcon,
+} from '@heroicons/react/24/outline';
+import { erpApi, Product } from '@/lib/api-erp';
+import { formatCurrency } from '@/lib/format';
+import { useToast } from '@/components/layout/ToastContext';
+import {
+    PageHeader,
+    StatsCard,
+    DataTable,
+    Input,
+    Card,
+    BulkActionBar,
+    ConfirmDialog,
+} from "@/components/ui";
+import { Dialog, DialogPanel, DialogTitle, Transition, TransitionChild } from '@headlessui/react';
+
+export default function ProductsPage() {
+    const toast = useToast();
+    const [products, setProducts] = useState<Product[]>([]);
+    const [loading, setLoading] = useState(true);
+    const [searchTerm, setSearchTerm] = useState('');
+    const [isModalOpen, setIsModalOpen] = useState(false);
+    const [confirmOpen, setConfirmOpen] = useState(false);
+    const [bulkConfirmOpen, setBulkConfirmOpen] = useState(false);
+    const [productToDelete, setProductToDelete] = useState<string | null>(null);
+    const [editingProduct, setEditingProduct] = useState<Product | null>(null);
+    const [selectedIds, setSelectedIds] = useState<(string | number)[]>([]);
+
+    const [formData, setFormData] = useState<Partial<Product>>({
+        name: '',
+        sku: '',
+        description: '',
+        price: 0,
+        cost_price: 0,
+        type: 'product',
+        stock_quantity: 0,
+        is_active: true
+    });
+
+    useEffect(() => {
+        fetchProducts();
+    }, []);
+
+    const fetchProducts = async (silent = false) => {
+        try {
+            if (!silent) setLoading(true);
+            const data = await erpApi.getProducts();
+            setProducts(data || []);
+        } catch (error) {
+            toast.error('Erro ao carregar', 'Não foi possível carregar os produtos');
+        } finally {
+            setLoading(false);
+            setSelectedIds([]);
+        }
+    };
+
+    const handleSave = async (e: React.FormEvent) => {
+        e.preventDefault();
+        try {
+            if (editingProduct?.id) {
+                await erpApi.updateProduct(editingProduct.id, formData);
+                toast.success('Produto atualizado com sucesso!');
+            } else {
+                await erpApi.createProduct(formData);
+                toast.success('Produto cadastrado com sucesso!');
+            }
+            setIsModalOpen(false);
+            setEditingProduct(null);
+            resetForm();
+            await fetchProducts(true);
+        } catch (error) {
+            toast.error(editingProduct ? 'Erro ao atualizar produto' : 'Erro ao salvar produto');
+        }
+    };
+
+    const handleDelete = (id: string) => {
+        setProductToDelete(id);
+        setConfirmOpen(true);
+    };
+
+    const handleConfirmDelete = async () => {
+        if (!productToDelete) return;
+
+        const originalProducts = [...products];
+        const idToDelete = String(productToDelete);
+
+        // Dynamic: remove instantly
+        setProducts(prev => prev.filter(p => String(p.id) !== idToDelete));
+
+        try {
+            await erpApi.deleteProduct(idToDelete);
+            toast.success('Exclusão completa', 'O item foi removido com sucesso.');
+            setTimeout(() => fetchProducts(true), 500);
+        } catch (error) {
+            setProducts(originalProducts);
+            toast.error('Erro ao excluir', 'Ocorreu um erro ao excluir o produto.');
+        } finally {
+            setConfirmOpen(false);
+            setProductToDelete(null);
+        }
+    };
+
+    const handleBulkDelete = async () => {
+        if (selectedIds.length === 0) return;
+        setBulkConfirmOpen(true);
+    };
+
+    const handleConfirmBulkDelete = async () => {
+        if (selectedIds.length === 0) return;
+
+        const originalProducts = [...products];
+        const idsToDelete = selectedIds.map(String);
+
+        // Dynamic: remove instantly
+        setProducts(prev => prev.filter(p => !idsToDelete.includes(String(p.id))));
+        const deletedCount = selectedIds.length;
+
+        try {
+            await Promise.all(idsToDelete.map(id => erpApi.deleteProduct(id)));
+            toast.success('Exclusão completa', `${deletedCount} produtos excluídos com sucesso.`);
+            setTimeout(() => fetchProducts(true), 500);
+        } catch (error) {
+            setProducts(originalProducts);
+            toast.error('Erro ao excluir', 'Ocorreu um erro ao excluir alguns produtos.');
+        } finally {
+            setBulkConfirmOpen(false);
+            setSelectedIds([]);
+        }
+    };
+
+    const handleEdit = (product: Product) => {
+        setEditingProduct(product);
+        setFormData({
+            name: product.name,
+            sku: product.sku,
+            description: product.description,
+            price: Number(product.price),
+            cost_price: Number(product.cost_price),
+            type: product.type,
+            stock_quantity: Number(product.stock_quantity),
+            is_active: product.is_active
+        });
+        setIsModalOpen(true);
+    };
+
+    const resetForm = () => {
+        setFormData({
+            name: '',
+            sku: '',
+            description: '',
+            price: 0,
+            cost_price: 0,
+            type: 'product',
+            stock_quantity: 0,
+            is_active: true
+        });
+    };
+
+    const filteredProducts = products.filter(p =>
+        p.name.toLowerCase().includes(searchTerm.toLowerCase()) ||
+        (p.sku || '').toLowerCase().includes(searchTerm.toLowerCase())
+    );
+
+    const totalStockValue = products.reduce((sum, p) => sum + (Number(p.price) * Number(p.stock_quantity)), 0);
+    const lowStockItems = products.filter(p => p.type === 'product' && p.stock_quantity < 5).length;
+    const servicesCount = products.filter(p => p.type === 'service').length;
+
+    const columns = [
+        {
+            header: 'Produto / SKU',
+            accessor: (row: Product) => (
+                <div className="flex items-center gap-3">
+                    <div className={`p-2 rounded-lg ${row.type === 'product' ? 'bg-indigo-50 text-indigo-600' : 'bg-amber-50 text-amber-600'}`}>
+                        {row.type === 'product' ? <PackageIcon className="w-5 h-5" /> : <TagIcon className="w-5 h-5" />}
+                    </div>
+                    <div className="flex flex-col">
+                        <span className="font-bold text-zinc-900 dark:text-white uppercase tracking-tight">{row.name}</span>
+                        <span className="text-xs text-zinc-400 font-black tracking-widest">{row.sku || 'SEM SKU'}</span>
+                    </div>
+                </div>
+            )
+        },
+        {
+            header: 'Tipo',
+            accessor: (row: Product) => (
+                <span className={`px-2.5 py-0.5 rounded-full text-[10px] font-bold uppercase tracking-wider ${row.type === 'product' ? 'bg-indigo-100 text-indigo-700' : 'bg-amber-100 text-amber-700'}`}>
+                    {row.type === 'product' ? 'Produto' : 'Serviço'}
+                </span>
+            )
+        },
+        {
+            header: 'Estoque',
+            accessor: (row: Product) => (
+                row.type === 'product' ? (
+                    <div className="flex items-center gap-2">
+                        <span className={`font-black text-sm ${row.stock_quantity < 5 ? 'text-rose-500' : 'text-zinc-900 dark:text-white'}`}>
+                            {row.stock_quantity}
+                        </span>
+                        {row.stock_quantity < 5 && (
+                            <ExclamationTriangleIcon className="w-4 h-4 text-rose-500" />
+                        )}
+                    </div>
+                ) : (
+                    <span className="text-zinc-400 text-xs">N/A</span>
+                )
+            )
+        },
+        {
+            header: 'Preço de Venda',
+            className: 'text-right',
+            accessor: (row: Product) => (
+                <span className="font-black text-zinc-900 dark:text-white">
+                    {formatCurrency(row.price)}
+                </span>
+            )
+        },
+        {
+            header: '',
+            className: 'text-right',
+            accessor: (row: Product) => (
+                <div className="flex justify-end gap-2">
+                    <button
+                        onClick={(e) => { e.stopPropagation(); handleEdit(row); }}
+                        className="p-2 text-zinc-400 hover:text-brand-600 dark:hover:text-brand-400 transition-all"
+                    >
+                        <PencilSquareIcon className="w-5 h-5" />
+                    </button>
+                    <button
+                        onClick={(e) => { e.stopPropagation(); handleDelete(row.id); }}
+                        className="p-2 text-zinc-400 hover:text-rose-600 dark:hover:text-rose-400 transition-all"
+                    >
+                        <TrashIcon className="w-5 h-5" />
+                    </button>
+                </div>
+            )
+        }
+    ];
+
+    return (
+        <div className="space-y-6">
+            <PageHeader
+                title="Produtos & Estoque"
+                description="Controle seu inventário, gerencie preços e acompanhe a disponibilidade de itens."
+                primaryAction={{
+                    label: "Novo Item",
+                    icon: <PlusIcon className="w-5 h-5" />,
+                    onClick: () => {
+                        setEditingProduct(null);
+                        resetForm();
+                        setIsModalOpen(true);
+                    }
+                }}
+            />
+
+            <div className="grid grid-cols-1 md:grid-cols-2 lg:grid-cols-4 gap-6">
+                <StatsCard
+                    title="Total em Estoque"
+                    value={formatCurrency(totalStockValue)}
+                    icon={<CurrencyDollarIcon className="w-6 h-6 text-emerald-500" />}
+                />
+                <StatsCard
+                    title="Itens com Estoque Baixo"
+                    value={lowStockItems}
+                    icon={<ExclamationTriangleIcon className="w-6 h-6 text-rose-500" />}
+                />
+                <StatsCard
+                    title="Total de Produtos"
+                    value={products.filter(p => p.type === 'product').length}
+                    icon={<PackageIcon className="w-6 h-6 text-indigo-500" />}
+                />
+                <StatsCard
+                    title="Total de Serviços"
+                    value={servicesCount}
+                    icon={<TagIcon className="w-6 h-6 text-amber-500" />}
+                />
+            </div>
+
+            <div className="flex flex-col sm:flex-row justify-between items-start sm:items-center gap-4">
+                <div className="relative w-full sm:w-96">
+                    <MagnifyingGlassIcon className="absolute left-3 top-1/2 -translate-y-1/2 w-4 h-4 text-zinc-400" />
+                    <Input
+                        placeholder="Buscar por nome ou SKU..."
+                        className="pl-10 h-10 border-zinc-200 dark:border-zinc-800"
+                        value={searchTerm}
+                        onChange={(e) => setSearchTerm(e.target.value)}
+                    />
+                </div>
+                <div className="flex gap-2 w-full sm:w-auto">
+                    <button className="flex items-center gap-2 px-4 py-2 bg-white dark:bg-zinc-900 border border-zinc-200 dark:border-zinc-800 rounded-xl text-sm font-bold text-zinc-600 dark:text-zinc-400 hover:bg-zinc-50 dark:hover:bg-zinc-800 transition-all">
+                        <FunnelIcon className="w-4 h-4" />
+                        Filtros
+                    </button>
+                </div>
+            </div>
+
+            <Card noPadding className="overflow-hidden">
+                <DataTable
+                    selectable
+                    selectedIds={selectedIds}
+                    onSelectionChange={setSelectedIds}
+                    columns={columns}
+                    data={filteredProducts}
+                    isLoading={loading}
+                />
+            </Card>
+
+            <Transition show={isModalOpen} as={Fragment}>
+                <Dialog as="div" className="relative z-50" onClose={() => setIsModalOpen(false)}>
+                    <TransitionChild
+                        as={Fragment}
+                        enter="ease-out duration-300"
+                        enterFrom="opacity-0"
+                        enterTo="opacity-100"
+                        leave="ease-in duration-200"
+                        leaveFrom="opacity-100"
+                        leaveTo="opacity-0"
+                    >
+                        <div className="fixed inset-0 bg-black/40 backdrop-blur-sm" />
+                    </TransitionChild>
+
+                    <div className="fixed inset-0 overflow-y-auto">
+                        <div className="flex min-h-full items-center justify-center p-4 text-center">
+                            <TransitionChild
+                                as={Fragment}
+                                enter="ease-out duration-300"
+                                enterFrom="opacity-0 scale-95 translate-y-4"
+                                enterTo="opacity-100 scale-100 translate-y-0"
+                                leave="ease-in duration-200"
+                                leaveFrom="opacity-100 scale-100 translate-y-0"
+                                leaveTo="opacity-0 scale-95 translate-y-4"
+                            >
+                                <DialogPanel className="w-full max-w-2xl transform overflow-hidden rounded-[32px] bg-white dark:bg-zinc-900 p-8 text-left align-middle shadow-2xl transition-all border border-gray-100 dark:border-zinc-800">
+                                    <div className="flex justify-between items-center mb-8">
+                                        <DialogTitle as="h3" className="text-xl font-bold text-zinc-900 dark:text-white">
+                                            {editingProduct ? 'Editar Item' : 'Novo Produto/Serviço'}
+                                        </DialogTitle>
+                                        <button
+                                            onClick={() => setIsModalOpen(false)}
+                                            className="p-2 hover:bg-zinc-100 dark:hover:bg-zinc-800 rounded-full transition-all"
+                                        >
+                                            <XMarkIcon className="w-6 h-6 text-zinc-400" />
+                                        </button>
+                                    </div>
+
+                                    <form onSubmit={handleSave} className="grid grid-cols-1 md:grid-cols-2 gap-6">
+                                        <div className="md:col-span-2">
+                                            <div className="flex gap-4">
+                                                <button
+                                                    type="button"
+                                                    onClick={() => setFormData({ ...formData, type: 'product' })}
+                                                    className={`flex-1 flex items-center justify-center gap-2 py-3 rounded-2xl border transition-all font-bold text-sm ${formData.type === 'product' ? 'border-indigo-500 bg-indigo-50 text-indigo-600' : 'border-zinc-200 dark:border-zinc-700 text-zinc-400'}`}
+                                                >
+                                                    <PackageIcon className="w-5 h-5" />
+                                                    Produto
+                                                </button>
+                                                <button
+                                                    type="button"
+                                                    onClick={() => setFormData({ ...formData, type: 'service' })}
+                                                    className={`flex-1 flex items-center justify-center gap-2 py-3 rounded-2xl border transition-all font-bold text-sm ${formData.type === 'service' ? 'border-amber-500 bg-amber-50 text-amber-600' : 'border-zinc-200 dark:border-zinc-700 text-zinc-400'}`}
+                                                >
+                                                    <TagIcon className="w-5 h-5" />
+                                                    Serviço
+                                                </button>
+                                            </div>
+                                        </div>
+
+                                        <div className="md:col-span-2">
+                                            <Input
+                                                label="Nome do Item"
+                                                required
+                                                placeholder="Ex: Teclado Mecânico RGB"
+                                                value={formData.name}
+                                                onChange={(e) => setFormData({ ...formData, name: e.target.value })}
+                                                className="bg-zinc-50 dark:bg-zinc-800 border-zinc-200 dark:border-zinc-700"
+                                            />
+                                        </div>
+
+                                        <Input
+                                            label="SKU / Código"
+                                            placeholder="Ex: PROD-001"
+                                            value={formData.sku}
+                                            onChange={(e) => setFormData({ ...formData, sku: e.target.value })}
+                                            className="bg-zinc-50 dark:bg-zinc-800 border-zinc-200 dark:border-zinc-700"
+                                        />
+
+                                        <Input
+                                            label="Estoque Inicial"
+                                            type="number"
+                                            disabled={formData.type === 'service'}
+                                            placeholder="0"
+                                            value={formData.stock_quantity}
+                                            onChange={(e) => setFormData({ ...formData, stock_quantity: Number(e.target.value) })}
+                                            className="bg-zinc-50 dark:bg-zinc-800 border-zinc-200 dark:border-zinc-700"
+                                        />
+
+                                        <Input
+                                            label="Preço de Venda"
+                                            type="number"
+                                            step="0.01"
+                                            required
+                                            placeholder="0,00"
+                                            value={formData.price}
+                                            onChange={(e) => setFormData({ ...formData, price: Number(e.target.value) })}
+                                            className="bg-zinc-50 dark:bg-zinc-800 border-zinc-200 dark:border-zinc-700"
+                                        />
+
+                                        <Input
+                                            label="Preço de Custo"
+                                            type="number"
+                                            step="0.01"
+                                            placeholder="0,00"
+                                            value={formData.cost_price}
+                                            onChange={(e) => setFormData({ ...formData, cost_price: Number(e.target.value) })}
+                                            className="bg-zinc-50 dark:bg-zinc-800 border-zinc-200 dark:border-zinc-700"
+                                        />
+
+                                        <div className="md:col-span-2">
+                                            <label className="block text-xs font-black text-zinc-400 uppercase tracking-widest mb-2">Descrição</label>
+                                            <textarea
+                                                className="w-full px-4 py-3 bg-zinc-50 dark:bg-zinc-800 border border-zinc-200 dark:border-zinc-700 rounded-2xl focus:ring-2 focus:ring-brand-500/20 outline-none transition-all placeholder:text-zinc-400 text-sm h-32 resize-none"
+                                                placeholder="Detalhes sobre o produto ou serviço..."
+                                                value={formData.description}
+                                                onChange={(e) => setFormData({ ...formData, description: e.target.value })}
+                                            />
+                                        </div>
+
+                                        <div className="md:col-span-2 pt-6 flex justify-end gap-3">
+                                            <button
+                                                type="button"
+                                                onClick={() => setIsModalOpen(false)}
+                                                className="px-6 py-3 text-zinc-500 hover:text-zinc-700 dark:text-zinc-400 font-bold transition-all"
+                                            >
+                                                Cancelar
+                                            </button>
+                                            <button
+                                                type="submit"
+                                                className="px-8 py-3 text-white rounded-2xl font-bold shadow-lg hover:opacity-90 transition-all flex items-center gap-2"
+                                                style={{ background: 'var(--gradient)' }}
+                                            >
+                                                <CheckIcon className="w-5 h-5" />
+                                                Salvar Item
+                                            </button>
+                                        </div>
+                                    </form>
+                                </DialogPanel>
+                            </TransitionChild>
+                        </div>
+                    </div>
+                </Dialog>
+            </Transition>
+
+            <ConfirmDialog
+                isOpen={bulkConfirmOpen}
+                onClose={() => setBulkConfirmOpen(false)}
+                onConfirm={handleConfirmBulkDelete}
+                title="Excluir Produtos Selecionados"
+                message={`Tem certeza que deseja excluir os ${selectedIds.length} produtos selecionados? Esta ação não pode ser desfeita.`}
+                confirmText="Excluir Tudo"
+                variant="danger"
+            />
+            <ConfirmDialog
+                isOpen={confirmOpen}
+                onClose={() => {
+                    setConfirmOpen(false);
+                    setProductToDelete(null);
+                }}
+                onConfirm={handleConfirmDelete}
+                title="Excluir Item"
+                message="Tem certeza que deseja excluir este produto ou serviço? Esta ação não pode ser desfeita."
+                confirmText="Excluir"
+                cancelText="Cancelar"
+                variant="danger"
+            />
+
+            <BulkActionBar
+                selectedCount={selectedIds.length}
+                onClearSelection={() => setSelectedIds([])}
+                actions={[
+                    {
+                        label: "Excluir Selecionados",
+                        icon: <TrashIcon className="w-5 h-5" />,
+                        onClick: handleBulkDelete,
+                        variant: 'danger'
+                    }
+                ]}
+            />
+        </div>
+    );
+}

front-end-agency/app/(agency)/erp/caixa/page.tsx

@@ -0,0 +1,12 @@
+'use client';
+
+import { SolutionGuard } from '@/components/auth/SolutionGuard';
+import FinanceContent from '@/components/erp/FinanceContent';
+
+export default function CaixaPage() {
+    return (
+        <SolutionGuard requiredSolution="erp">
+            <FinanceContent />
+        </SolutionGuard>
+    );
+}

front-end-agency/app/(agency)/erp/configuracoes/page.tsx

@@ -0,0 +1,23 @@
+'use client';
+
+import { SolutionGuard } from '@/components/auth/SolutionGuard';
+import { AdjustmentsHorizontalIcon } from "@heroicons/react/24/outline";
+import { PageHeader } from "@/components/ui";
+
+export default function ConfiguracoesPage() {
+    return (
+        <SolutionGuard requiredSolution="erp">
+            <div className="p-6 max-w-[1600px] mx-auto space-y-6">
+                <PageHeader
+                    title="Configurações do ERP"
+                    description="Personalize as categorias financeiras, contas e parâmetros do sistema."
+                />
+                <div className="flex flex-col items-center justify-center py-20 bg-white dark:bg-zinc-900 rounded-[32px] border border-zinc-200 dark:border-zinc-800">
+                    <AdjustmentsHorizontalIcon className="w-16 h-16 text-zinc-300 mb-4" />
+                    <h3 className="text-xl font-bold text-zinc-900 dark:text-white">Módulo em Desenvolvimento</h3>
+                    <p className="text-zinc-500 max-w-sm text-center mt-2">Em breve você poderá configurar suas categorias, contas bancárias e fluxos operacionais aqui.</p>
+                </div>
+            </div>
+        </SolutionGuard>
+    );
+}

front-end-agency/app/(agency)/erp/entidades/page.tsx

@@ -0,0 +1,358 @@
+'use client';
+
+import React, { useState, useEffect, Fragment } from 'react';
+import {
+    PlusIcon,
+    MagnifyingGlassIcon,
+    UserIcon,
+    BriefcaseIcon,
+    TrashIcon,
+    PencilSquareIcon,
+    ArrowRightIcon,
+    XMarkIcon,
+} from '@heroicons/react/24/outline';
+import { erpApi, Entity } from '@/lib/api-erp';
+import { useToast } from '@/components/layout/ToastContext';
+import {
+    StatsCard,
+    DataTable,
+    Input,
+    Card,
+    CustomSelect,
+    PageHeader,
+    BulkActionBar,
+    ConfirmDialog,
+} from "@/components/ui";
+import { Dialog, DialogPanel, DialogTitle, Transition, TransitionChild } from '@headlessui/react';
+import { SolutionGuard } from '@/components/auth/SolutionGuard';
+import Link from 'next/link';
+
+interface CRMCustomer {
+    id: string;
+    name: string;
+    email: string;
+    company: string;
+    phone: string;
+}
+
+function EntidadesContent() {
+    const toast = useToast();
+    const [entities, setEntities] = useState<Entity[]>([]);
+    const [crmCustomers, setCrmCustomers] = useState<CRMCustomer[]>([]);
+    const [loading, setLoading] = useState(true);
+    const [searchTerm, setSearchTerm] = useState('');
+    const [isModalOpen, setIsModalOpen] = useState(false);
+    const [confirmOpen, setConfirmOpen] = useState(false);
+    const [bulkConfirmOpen, setBulkConfirmOpen] = useState(false);
+    const [entityToDelete, setEntityToDelete] = useState<string | null>(null);
+    const [editingEntity, setEditingEntity] = useState<Partial<Entity> | null>(null);
+    const [selectedIds, setSelectedIds] = useState<(string | number)[]>([]);
+
+    const [formData, setFormData] = useState<Partial<Entity>>({
+        name: '',
+        type: 'supplier',
+        document: '',
+        email: '',
+        phone: '',
+        address: '',
+    });
+
+    useEffect(() => {
+        fetchAllData();
+    }, []);
+
+    const fetchAllData = async (silent = false) => {
+        try {
+            if (!silent) setLoading(true);
+            const token = typeof window !== 'undefined' ? localStorage.getItem('token') : null;
+            const [erpData, crmResp] = await Promise.all([
+                erpApi.getEntities(),
+                fetch('/api/crm/customers', {
+                    headers: { 'Authorization': `Bearer ${token}` }
+                }).then(res => res.ok ? res.json() : [])
+            ]);
+
+            setEntities(erpData || []);
+            setCrmCustomers(crmResp?.customers || crmResp || []);
+        } catch (error) {
+            toast.error('Erro ao carregar', 'Não foi possível carregar os dados financeiros');
+        } finally {
+            setLoading(false);
+            setSelectedIds([]);
+        }
+    };
+
+    const handleSave = async (e: React.FormEvent) => {
+        e.preventDefault();
+        try {
+            if (editingEntity?.id) {
+                await erpApi.updateEntity(editingEntity.id, formData);
+                toast.success('Cadastro atualizado!');
+            } else {
+                await erpApi.createEntity(formData);
+                toast.success('Entidade cadastrada!');
+            }
+            setIsModalOpen(false);
+            setEditingEntity(null);
+            await fetchAllData();
+        } catch (error) {
+            toast.error('Erro ao salvar');
+        }
+    };
+
+    const handleConfirmDelete = async () => {
+        if (!entityToDelete) return;
+
+        const originalEntities = [...entities];
+        const idToDelete = String(entityToDelete);
+
+        // Dynamic: remove instantly
+        setEntities(prev => prev.filter(e => String(e.id) !== idToDelete));
+
+        try {
+            await erpApi.deleteEntity(idToDelete);
+            toast.success('Exclusão completa', 'A entidade foi removida com sucesso.');
+            setTimeout(() => fetchAllData(true), 500);
+        } catch (error) {
+            setEntities(originalEntities);
+            toast.error('Erro ao excluir', 'Ocorreu um erro ao excluir a entidade.');
+        } finally {
+            setConfirmOpen(false);
+            setEntityToDelete(null);
+        }
+    };
+
+    const handleBulkDelete = async () => {
+        if (selectedIds.length === 0) return;
+        setBulkConfirmOpen(true);
+    };
+
+    const handleConfirmBulkDelete = async () => {
+        const erpIds = selectedIds.filter(id => {
+            const item = combinedData.find(d => d.id === id);
+            return item?.source === 'ERP';
+        }).map(String);
+
+        if (erpIds.length === 0) return;
+
+        const originalEntities = [...entities];
+
+        // Dynamic: remove instantly
+        setEntities(prev => prev.filter(e => !erpIds.includes(String(e.id))));
+
+        try {
+            await Promise.all(erpIds.map(id => erpApi.deleteEntity(id)));
+            toast.success('Exclusão completa', `${erpIds.length} entidades excluídas com sucesso.`);
+            setTimeout(() => fetchAllData(true), 500);
+        } catch (error) {
+            setEntities(originalEntities);
+            toast.error('Erro ao excluir', 'Ocorreu um erro ao excluir algumas entidades.');
+        } finally {
+            setBulkConfirmOpen(false);
+            setSelectedIds([]);
+        }
+    };
+
+    // Combine both for searching
+    const combinedData = [
+        ...crmCustomers.map(c => ({
+            id: c.id,
+            name: c.name,
+            email: c.email,
+            phone: c.phone,
+            source: 'CRM' as const,
+            type: 'Cliente (CRM)',
+            original: c
+        })),
+        ...entities.map(e => ({
+            id: e.id,
+            name: e.name,
+            email: e.email,
+            phone: e.phone,
+            source: 'ERP' as const,
+            type: e.type === 'customer' ? 'Cliente (ERP)' : (e.type === 'supplier' ? 'Fornecedor (ERP)' : 'Ambos'),
+            original: e
+        }))
+    ];
+
+    const filteredData = combinedData.filter(d =>
+        d.name.toLowerCase().includes(searchTerm.toLowerCase()) ||
+        (d.email || '').toLowerCase().includes(searchTerm.toLowerCase())
+    );
+
+    if (loading && combinedData.length === 0) return (
+        <div className="p-6 max-w-[1600px] mx-auto">
+            <div className="text-center py-20 text-zinc-500">Carregando parceiros de negócio...</div>
+        </div>
+    );
+
+    return (
+        <div className="p-6 max-w-[1600px] mx-auto space-y-6">
+            <PageHeader
+                title="Parceiros de Negócio"
+                description="Gerencie seus Clientes (CRM) e Fornecedores (ERP) em um único lugar."
+                primaryAction={{
+                    label: "Novo Fornecedor",
+                    icon: <PlusIcon className="w-5 h-5" />,
+                    onClick: () => {
+                        setEditingEntity(null);
+                        setFormData({ name: '', type: 'supplier', document: '', email: '', phone: '', address: '' });
+                        setIsModalOpen(true);
+                    }
+                }}
+                secondaryAction={{
+                    label: "Ir para CRM Clientes",
+                    icon: <UserIcon className="w-5 h-5" />,
+                    onClick: () => window.location.href = '/crm/clientes'
+                }}
+            />
+
+            <div className="space-y-6">
+                <div className="grid grid-cols-1 md:grid-cols-2 gap-6">
+                    <StatsCard
+                        title="Clientes no CRM"
+                        value={crmCustomers.length}
+                        icon={<UserIcon className="w-6 h-6 text-emerald-500" />}
+                    />
+                    <StatsCard
+                        title="Fornecedores no ERP"
+                        value={entities.filter(e => e.type === 'supplier' || e.type === 'both').length}
+                        icon={<BriefcaseIcon className="w-6 h-6 text-purple-500" />}
+                    />
+                </div>
+
+                <Card noPadding>
+                    <div className="p-4 border-b border-zinc-100 dark:border-zinc-800">
+                        <div className="max-w-md">
+                            <Input
+                                placeholder="Pesquisar por nome ou e-mail em toda a base..."
+                                value={searchTerm}
+                                onChange={(e) => setSearchTerm(e.target.value)}
+                                leftIcon={<MagnifyingGlassIcon className="w-5 h-5 text-zinc-400" />}
+                            />
+                        </div>
+                    </div>
+                    <DataTable
+                        selectable
+                        isLoading={loading}
+                        selectedIds={selectedIds}
+                        onSelectionChange={setSelectedIds}
+                        data={filteredData}
+                        columns={[
+                            {
+                                header: 'Nome / Razão Social',
+                                accessor: (row) => (
+                                    <div className="flex flex-col">
+                                        <span className="font-bold text-zinc-900 dark:text-white">{row.name}</span>
+                                        <div className="flex items-center gap-2 mt-0.5">
+                                            <span className={`text-[10px] px-1.5 py-0.5 rounded font-black uppercase ${row.source === 'CRM' ? 'bg-emerald-50 text-emerald-700' : 'bg-purple-50 text-purple-700'}`}>
+                                                {row.source}
+                                            </span>
+                                            <span className="text-[10px] text-zinc-400 font-medium">{row.type}</span>
+                                        </div>
+                                    </div>
+                                )
+                            },
+                            {
+                                header: 'E-mail',
+                                accessor: (row) => row.email || '-'
+                            },
+                            {
+                                header: 'Telefone',
+                                accessor: (row) => row.phone || '-'
+                            },
+                            {
+                                header: '',
+                                className: 'text-right',
+                                accessor: (row) => (
+                                    <div className="flex justify-end gap-2">
+                                        {row.source === 'ERP' ? (
+                                            <>
+                                                <button onClick={(e) => { e.stopPropagation(); setEditingEntity(row.original as Entity); setFormData(row.original as Entity); setIsModalOpen(true); }} className="p-2 text-zinc-400 hover:text-brand-500">
+                                                    <PencilSquareIcon className="w-5 h-5" />
+                                                </button>
+                                                <button onClick={(e) => { e.stopPropagation(); setEntityToDelete(row.id as string); setConfirmOpen(true); }} className="p-2 text-zinc-400 hover:text-rose-500">
+                                                    <TrashIcon className="w-5 h-5" />
+                                                </button>
+                                            </>
+                                        ) : (
+                                            <Link href={`/crm/clientes?id=${row.id}`} onClick={(e) => e.stopPropagation()} className="p-2 text-zinc-400 hover:text-brand-500 flex items-center gap-1 text-xs font-bold">
+                                                Ver no CRM <ArrowRightIcon className="w-4 h-4" />
+                                            </Link>
+                                        )}
+                                    </div>
+                                )
+                            }
+                        ]}
+                    />
+                </Card>
+            </div>
+
+            {/* Modal de Cadastro ERP (Fornecedores) */}
+            <Transition show={isModalOpen} as={Fragment}>
+                <Dialog as="div" className="relative z-50" onClose={() => setIsModalOpen(false)}>
+                    <TransitionChild as={Fragment} enter="ease-out duration-300" enterFrom="opacity-0" enterTo="opacity-100" leave="ease-in duration-200" leaveFrom="opacity-100" leaveTo="opacity-0">
+                        <div className="fixed inset-0 bg-black/40 backdrop-blur-sm" />
+                    </TransitionChild>
+                    <div className="fixed inset-0 overflow-y-auto">
+                        <div className="flex min-h-full items-center justify-center p-4">
+                            <TransitionChild as={Fragment} enter="ease-out duration-300" enterFrom="opacity-0 scale-95" enterTo="opacity-100 scale-100" leave="ease-in duration-200" leaveFrom="opacity-100 scale-100" leaveTo="opacity-0 scale-95">
+                                <DialogPanel className="w-full max-w-lg transform overflow-hidden rounded-2xl bg-white dark:bg-zinc-900 p-8 shadow-xl transition-all border border-zinc-200 dark:border-zinc-800">
+                                    <DialogTitle className="text-xl font-bold mb-6">{editingEntity ? 'Editar Fornecedor' : 'Novo Fornecedor / Outros'}</DialogTitle>
+                                    <form onSubmit={handleSave} className="space-y-4">
+                                        <Input label="Nome / Razão Social" value={formData.name} onChange={e => setFormData({ ...formData, name: e.target.value })} required />
+                                        <CustomSelect label="Tipo" options={[{ label: 'Fornecedor', value: 'supplier' }, { label: 'Cliente (ERP Avulso)', value: 'customer' }, { label: 'Ambos', value: 'both' }]} value={formData.type || 'supplier'} onChange={val => setFormData({ ...formData, type: val as any })} />
+                                        <div className="grid grid-cols-1 md:grid-cols-2 gap-4">
+                                            <Input label="Documento (CNPJ/CPF)" value={formData.document} onChange={e => setFormData({ ...formData, document: e.target.value })} />
+                                            <Input label="Telefone" value={formData.phone} onChange={e => setFormData({ ...formData, phone: e.target.value })} />
+                                        </div>
+                                        <Input label="E-mail" type="email" value={formData.email} onChange={e => setFormData({ ...formData, email: e.target.value })} />
+                                        <Input label="Endereço Completo" value={formData.address} onChange={e => setFormData({ ...formData, address: e.target.value })} />
+
+                                        <div className="flex justify-end gap-3 mt-8 pt-4 border-t border-zinc-100 dark:border-zinc-800">
+                                            <button type="button" onClick={() => setIsModalOpen(false)} className="px-4 py-2 text-zinc-500 font-bold">Cancelar</button>
+                                            <button type="submit" className="px-8 py-2 text-white rounded-xl font-bold" style={{ background: 'var(--gradient)' }}>Salvar Cadastro</button>
+                                        </div>
+                                    </form>
+                                </DialogPanel>
+                            </TransitionChild>
+                        </div>
+                    </div>
+                </Dialog>
+            </Transition>
+
+            <ConfirmDialog isOpen={confirmOpen} onClose={() => setConfirmOpen(false)} onConfirm={handleConfirmDelete} title="Excluir Cadastro" message="Tem certeza? Isso pode afetar lançamentos vinculados a esta entidade no ERP." confirmText="Excluir" />
+
+            <ConfirmDialog
+                isOpen={bulkConfirmOpen}
+                onClose={() => setBulkConfirmOpen(false)}
+                onConfirm={handleConfirmBulkDelete}
+                title="Excluir Itens Selecionados"
+                message={`Tem certeza que deseja excluir as entidades selecionadas? Esta ação não pode ser desfeita.`}
+                confirmText="Excluir Tudo"
+                variant="danger"
+            />
+
+            <BulkActionBar
+                selectedCount={selectedIds.length}
+                onClearSelection={() => setSelectedIds([])}
+                actions={[
+                    {
+                        label: "Excluir Selecionados",
+                        icon: <TrashIcon className="w-5 h-5" />,
+                        onClick: handleBulkDelete,
+                        variant: 'danger'
+                    }
+                ]}
+            />
+        </div>
+    );
+}
+
+export default function EntidadesPage() {
+    return (
+        <SolutionGuard requiredSolution="erp">
+            <EntidadesContent />
+        </SolutionGuard>
+    );
+}

front-end-agency/app/(agency)/erp/estoque/page.tsx

@@ -0,0 +1,14 @@
+'use client';
+
+import { SolutionGuard } from '@/components/auth/SolutionGuard';
+import ProductsPage from '../ProductsPage';
+
+export default function EstoquePage() {
+    return (
+        <SolutionGuard requiredSolution="erp">
+            <div className="p-6 max-w-[1600px] mx-auto">
+                <ProductsPage />
+            </div>
+        </SolutionGuard>
+    );
+}

front-end-agency/app/(agency)/erp/pagar/page.tsx

@@ -0,0 +1,12 @@
+'use client';
+
+import { SolutionGuard } from '@/components/auth/SolutionGuard';
+import FinanceContent from '@/components/erp/FinanceContent';
+
+export default function ContasPagarPage() {
+    return (
+        <SolutionGuard requiredSolution="erp">
+            <FinanceContent type="pagar" />
+        </SolutionGuard>
+    );
+}

front-end-agency/app/(agency)/erp/page.tsx

@@ -0,0 +1,315 @@
+'use client';
+
+import React, { useState, useEffect } from 'react';
+import {
+    AreaChart, Area, PieChart, Pie, Cell, ResponsiveContainer, CartesianGrid, XAxis, YAxis, Tooltip, Legend
+} from 'recharts';
+import {
+    ArrowTrendingUpIcon,
+    ArrowTrendingDownIcon,
+    CubeIcon,
+    CurrencyDollarIcon,
+    CreditCardIcon,
+    ClockIcon,
+} from "@heroicons/react/24/outline";
+import { erpApi, FinancialTransaction, Order, FinancialCategory, Entity } from '@/lib/api-erp';
+import { formatCurrency } from '@/lib/format';
+import { PageHeader, StatsCard, Card } from "@/components/ui";
+import { SolutionGuard } from '@/components/auth/SolutionGuard';
+
+const COLORS = ['#8b5cf6', '#ec4899', '#f43f5e', '#f59e0b', '#10b981', '#3b82f6'];
+
+function ERPDashboardContent() {
+    const [transactions, setTransactions] = useState<FinancialTransaction[]>([]);
+    const [orders, setOrders] = useState<Order[]>([]);
+    const [categories, setCategories] = useState<FinancialCategory[]>([]);
+    const [entities, setEntities] = useState<Entity[]>([]);
+    const [loading, setLoading] = useState(true);
+
+    useEffect(() => {
+        const fetchData = async () => {
+            try {
+                const [txData, orderData, categoriesData, entitiesData] = await Promise.all([
+                    erpApi.getTransactions(),
+                    erpApi.getOrders(),
+                    erpApi.getFinancialCategories(),
+                    erpApi.getEntities()
+                ]);
+                setTransactions(Array.isArray(txData) ? txData : []);
+                setOrders(Array.isArray(orderData) ? orderData : []);
+                setCategories(Array.isArray(categoriesData) ? categoriesData : []);
+                setEntities(Array.isArray(entitiesData) ? entitiesData : []);
+            } catch (error) {
+                console.error('Error fetching dashboard data:', error);
+            } finally {
+                setLoading(false);
+            }
+        };
+        fetchData();
+    }, []);
+
+    const paidTransactions = (transactions || []).filter(t => t.status === 'paid');
+
+    const totalIncome = paidTransactions
+        .filter(t => t.type === 'income')
+        .reduce((sum, t) => sum + Number(t.amount || 0), 0);
+
+    const totalExpense = paidTransactions
+        .filter(t => t.type === 'expense')
+        .reduce((sum, t) => sum + Number(t.amount || 0), 0);
+
+    const pendingIncome = (transactions || [])
+        .filter(t => t.type === 'income' && t.status === 'pending')
+        .reduce((sum, t) => sum + Number(t.amount || 0), 0);
+
+    const pendingExpense = (transactions || [])
+        .filter(t => t.type === 'expense' && t.status === 'pending')
+        .reduce((sum, t) => sum + Number(t.amount || 0), 0);
+
+    const balance = totalIncome - totalExpense;
+
+    // Process chart data (Income vs Expense by Month)
+    const getChartData = () => {
+        const months = ['Jan', 'Fev', 'Mar', 'Abr', 'Mai', 'Jun', 'Jul', 'Ago', 'Set', 'Out', 'Nov', 'Dez'];
+        const currentYear = new Date().getFullYear();
+
+        const data = months.map((month, index) => {
+            const monthTransactions = paidTransactions.filter(t => {
+                const date = new Date(t.payment_date || t.due_date || '');
+                return date.getMonth() === index && date.getFullYear() === currentYear;
+            });
+
+            const income = monthTransactions
+                .filter(t => t.type === 'income')
+                .reduce((sum, t) => sum + Number(t.amount || 0), 0);
+
+            const expense = monthTransactions
+                .filter(t => t.type === 'expense')
+                .reduce((sum, t) => sum + Number(t.amount || 0), 0);
+
+            return { name: month, income, expense };
+        });
+
+        const currentMonthIndex = new Date().getMonth();
+        // Mostrar pelo menos os últimos 6 meses ou o ano todo se for o caso
+        return data.slice(Math.max(0, currentMonthIndex - 5), currentMonthIndex + 1);
+    };
+
+    // Process category data (Expenses by Category)
+    const getCategoryData = () => {
+        const expenseTransactions = paidTransactions.filter(t => t.type === 'expense');
+        const breakdown: Record<string, number> = {};
+
+        expenseTransactions.forEach(t => {
+            const category = categories.find(c => c.id === t.category_id)?.name || 'Outros';
+            breakdown[category] = (breakdown[category] || 0) + Number(t.amount || 0);
+        });
+
+        return Object.entries(breakdown)
+            .map(([name, value]) => ({ name, value }))
+            .sort((a, b) => b.value - a.value)
+            .slice(0, 6);
+    };
+
+    const chartData = getChartData();
+    const categoryData = getCategoryData();
+
+    if (loading) return (
+        <div className="p-6 max-w-[1600px] mx-auto">
+            <div className="flex items-center justify-center h-[600px]">
+                <div className="animate-spin rounded-full h-12 w-12 border-b-2 border-brand-500"></div>
+            </div>
+        </div>
+    );
+
+    return (
+        <div className="p-6 max-w-[1600px] mx-auto space-y-6">
+            <PageHeader
+                title="Dashboard ERP"
+                description="Visão geral financeira e operacional em tempo real"
+            />
+
+            <div className="grid grid-cols-1 md:grid-cols-2 lg:grid-cols-4 gap-6">
+                <StatsCard
+                    title="Receitas pagas"
+                    value={formatCurrency(totalIncome)}
+                    icon={<ArrowTrendingUpIcon className="w-6 h-6 text-emerald-500" />}
+                    trend={{ value: formatCurrency(pendingIncome), label: 'pendente', type: 'up' }}
+                />
+                <StatsCard
+                    title="Despesas pagas"
+                    value={formatCurrency(totalExpense)}
+                    icon={<ArrowTrendingDownIcon className="w-6 h-6 text-rose-500" />}
+                    trend={{ value: formatCurrency(pendingExpense), label: 'pendente', type: 'down' }}
+                />
+                <StatsCard
+                    title="Saldo em Caixa"
+                    value={formatCurrency(balance)}
+                    icon={<CurrencyDollarIcon className="w-6 h-6 text-brand-500" />}
+                />
+                <StatsCard
+                    title="Pedidos (Mês)"
+                    value={(orders?.length || 0).toString()}
+                    icon={<CubeIcon className="w-6 h-6 text-purple-500" />}
+                />
+            </div>
+
+            <div className="grid grid-cols-1 lg:grid-cols-3 gap-6">
+                <div className="lg:col-span-2">
+                    <Card title="Evolução Financeira" description="Diferença entre entradas e saídas pagas nos últimos meses.">
+                        <div className="h-[350px] w-full mt-4">
+                            {chartData.some(d => d.income > 0 || d.expense > 0) ? (
+                                <ResponsiveContainer width="100%" height="100%">
+                                    <AreaChart data={chartData}>
+                                        <defs>
+                                            <linearGradient id="colorIncome" x1="0" y1="0" x2="0" y2="1">
+                                                <stop offset="5%" stopColor="#10b981" stopOpacity={0.1} />
+                                                <stop offset="95%" stopColor="#10b981" stopOpacity={0} />
+                                            </linearGradient>
+                                            <linearGradient id="colorExpense" x1="0" y1="0" x2="0" y2="1">
+                                                <stop offset="5%" stopColor="#ef4444" stopOpacity={0.1} />
+                                                <stop offset="95%" stopColor="#ef4444" stopOpacity={0} />
+                                            </linearGradient>
+                                        </defs>
+                                        <CartesianGrid strokeDasharray="3 3" vertical={false} stroke="#88888820" />
+                                        <XAxis dataKey="name" axisLine={false} tickLine={false} tick={{ fontSize: 12, fill: '#888' }} />
+                                        <YAxis axisLine={false} tickLine={false} tick={{ fontSize: 12, fill: '#888' }} tickFormatter={(val) => `R$${val}`} />
+                                        <Tooltip
+                                            contentStyle={{
+                                                borderRadius: '16px',
+                                                border: 'none',
+                                                boxShadow: '0 10px 15px -3px rgb(0 0 0 / 0.1)',
+                                                backgroundColor: 'rgba(255, 255, 255, 0.9)'
+                                            }}
+                                            formatter={(value: any) => formatCurrency(value || 0)}
+                                        />
+                                        <Legend verticalAlign="top" height={36} />
+                                        <Area
+                                            name="Receitas"
+                                            type="monotone"
+                                            dataKey="income"
+                                            stroke="#10b981"
+                                            fillOpacity={1}
+                                            fill="url(#colorIncome)"
+                                            strokeWidth={3}
+                                        />
+                                        <Area
+                                            name="Despesas"
+                                            type="monotone"
+                                            dataKey="expense"
+                                            stroke="#ef4444"
+                                            fillOpacity={1}
+                                            fill="url(#colorExpense)"
+                                            strokeWidth={3}
+                                        />
+                                    </AreaChart>
+                                </ResponsiveContainer>
+                            ) : (
+                                <div className="flex items-center justify-center h-full text-zinc-400 text-sm italic">
+                                    Ainda não há dados financeiros suficientes para exibir o gráfico.
+                                </div>
+                            )}
+                        </div>
+                    </Card>
+                </div>
+
+                <div className="lg:col-span-1">
+                    <Card title="Despesas por Categoria" description="Distribuição dos gastos pagos.">
+                        <div className="h-[350px] w-full mt-4">
+                            {categoryData.length > 0 ? (
+                                <ResponsiveContainer width="100%" height="100%">
+                                    <PieChart>
+                                        <Pie
+                                            data={categoryData}
+                                            cx="50%"
+                                            cy="50%"
+                                            innerRadius={60}
+                                            outerRadius={80}
+                                            paddingAngle={5}
+                                            dataKey="value"
+                                        >
+                                            {categoryData.map((entry, index) => (
+                                                <Cell key={`cell-${index}`} fill={COLORS[index % COLORS.length]} />
+                                            ))}
+                                        </Pie>
+                                        <Tooltip
+                                            contentStyle={{
+                                                borderRadius: '16px',
+                                                border: 'none',
+                                                boxShadow: '0 10px 15px -3px rgb(0 0 0 / 0.1)'
+                                            }}
+                                            formatter={(value: any) => formatCurrency(value || 0)}
+                                        />
+                                        <Legend />
+                                    </PieChart>
+                                </ResponsiveContainer>
+                            ) : (
+                                <div className="flex items-center justify-center h-full text-zinc-400 text-sm italic">
+                                    Ainda não há despesas pagas registradas.
+                                </div>
+                            )}
+                        </div>
+                    </Card>
+                </div>
+
+                <div className="lg:col-span-3">
+                    <Card title="Transações Recentes" description="Últimos lançamentos financeiros registrados no sistema.">
+                        <div className="overflow-x-auto">
+                            <table className="w-full text-left text-sm">
+                                <thead>
+                                    <tr className="border-b border-zinc-100 dark:border-zinc-800">
+                                        <th className="py-4 font-semibold text-zinc-900 dark:text-white">Descrição</th>
+                                        <th className="py-4 font-semibold text-zinc-900 dark:text-white">Categoria</th>
+                                        <th className="py-4 font-semibold text-zinc-900 dark:text-white">Data</th>
+                                        <th className="py-4 font-semibold text-zinc-900 dark:text-white text-right">Valor</th>
+                                        <th className="py-4 font-semibold text-zinc-900 dark:text-white text-right">Status</th>
+                                    </tr>
+                                </thead>
+                                <tbody className="divide-y divide-zinc-50 dark:divide-zinc-900">
+                                    {transactions.slice(0, 5).map((t) => (
+                                        <tr key={t.id} className="hover:bg-zinc-50 dark:hover:bg-zinc-800/50 transition-colors">
+                                            <td className="py-4 text-zinc-600 dark:text-zinc-400">{t.description}</td>
+                                            <td className="py-4 text-zinc-600 dark:text-zinc-400">
+                                                {categories.find(c => c.id === t.category_id)?.name || 'Outros'}
+                                            </td>
+                                            <td className="py-4 text-zinc-600 dark:text-zinc-400">
+                                                {new Date(t.payment_date || t.due_date || '').toLocaleDateString('pt-BR')}
+                                            </td>
+                                            <td className={`py-4 text-right font-medium ${t.type === 'income' ? 'text-emerald-600' : 'text-rose-600'}`}>
+                                                {t.type === 'income' ? '+' : '-'} {formatCurrency(t.amount)}
+                                            </td>
+                                            <td className="py-4 text-right">
+                                                <span className={`inline-flex items-center px-2 py-0.5 rounded-full text-xs font-medium ${t.status === 'paid' ? 'bg-emerald-100 text-emerald-700 dark:bg-emerald-900/20 dark:text-emerald-400' :
+                                                    t.status === 'pending' ? 'bg-amber-100 text-amber-700 dark:bg-amber-900/20 dark:text-amber-400' :
+                                                        'bg-zinc-100 text-zinc-700 dark:bg-zinc-900/20 dark:text-zinc-400'
+                                                    }`}>
+                                                    {t.status === 'paid' ? 'Pago' : t.status === 'pending' ? 'Pendente' : 'Cancelado'}
+                                                </span>
+                                            </td>
+                                        </tr>
+                                    ))}
+                                    {transactions.length === 0 && (
+                                        <tr>
+                                            <td colSpan={5} className="py-8 text-center text-zinc-400 italic">
+                                                Nenhuma transação encontrada.
+                                            </td>
+                                        </tr>
+                                    )}
+                                </tbody>
+                            </table>
+                        </div>
+                    </Card>
+                </div>
+            </div>
+        </div>
+    );
+}
+
+export default function ERPPage() {
+    return (
+        <SolutionGuard requiredSolution="erp">
+            <ERPDashboardContent />
+        </SolutionGuard>
+    );
+}
+

front-end-agency/app/(agency)/erp/pedidos/page.tsx

@@ -0,0 +1,14 @@
+'use client';
+
+import { SolutionGuard } from '@/components/auth/SolutionGuard';
+import OrdersPage from '../OrdersPage';
+
+export default function PedidosPage() {
+    return (
+        <SolutionGuard requiredSolution="erp">
+            <div className="p-6 max-w-[1600px] mx-auto">
+                <OrdersPage />
+            </div>
+        </SolutionGuard>
+    );
+}

front-end-agency/app/(agency)/erp/receber/page.tsx

@@ -0,0 +1,12 @@
+'use client';
+
+import { SolutionGuard } from '@/components/auth/SolutionGuard';
+import FinanceContent from '@/components/erp/FinanceContent';
+
+export default function ContasReceberPage() {
+    return (
+        <SolutionGuard requiredSolution="erp">
+            <FinanceContent type="receber" />
+        </SolutionGuard>
+    );
+}

front-end-agency/app/(agency)/helpdesk/page.tsx

@@ -0,0 +1,16 @@
+'use client';
+
+import { SolutionGuard } from '@/components/auth/SolutionGuard';
+
+export default function HelpdeskPage() {
+    return (
+        <SolutionGuard requiredSolution="helpdesk">
+            <div className="p-6">
+                <h1 className="text-2xl font-bold text-gray-900 dark:text-white mb-4">Helpdesk</h1>
+                <div className="bg-white dark:bg-gray-900 rounded-xl border border-gray-200 dark:border-gray-800 p-8 text-center">
+                    <p className="text-gray-500">Central de Suporte e Chamados em breve</p>
+                </div>
+            </div>
+        </SolutionGuard>
+    );
+}