feat: filemanager s NAS pro projekty

- NasFileManager.php - filesystem helper (browse, upload, download, delete, rename, mkdir) - project-files.php API - CRUD operace nad soubory projektu - ProjectFileManager.jsx - React komponenta v detailu projektu - Automaticke vytvoreni slozky pri vytvoreni projektu (rucne i z objednavky) - Prejmenovani slozky pri zmene nazvu projektu - Checkbox "Smazat i soubory na disku" pri mazani projektu/objednavky - Path traversal ochrana, MIME validace, blocklist nebezpecnych typu - Bily spinner v primary tlacitkach, ConfirmModal message jako div - Case-insensitive rename fix pro Windows filesystem Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-03-13 13:06:34 +01:00
parent 9e3c95e576
commit 45fd930f76
69 changed files with 2776 additions and 71 deletions
--- a/dist/api/admin/project-files.php
+++ b/dist/api/admin/project-files.php
@@ -0,0 +1,81 @@
+<?php
+
+/**
+ * Project Files API
+ *
+ * GET    ?project_id=X&path=...              - seznam souboru
+ * GET    ?action=download&project_id=X&path= - stazeni souboru
+ * POST   ?action=upload&project_id=X&path=   - upload (FormData)
+ * POST   ?action=create_folder&project_id=X  - nova podslozka
+ * PUT    ?action=move&project_id=X           - presun/prejmenovani
+ * DELETE ?project_id=X&path=...              - smazani souboru/slozky
+ */
+
+declare(strict_types=1);
+
+require_once dirname(__DIR__) . '/config.php';
+require_once dirname(__DIR__) . '/includes/JWTAuth.php';
+require_once dirname(__DIR__) . '/includes/AuditLog.php';
+require_once dirname(__DIR__) . '/includes/NasFileManager.php';
+require_once __DIR__ . '/handlers/project-files-handlers.php';
+
+setCorsHeaders();
+setSecurityHeaders();
+setNoCacheHeaders();
+header('Content-Type: application/json; charset=utf-8');
+
+$authData = JWTAuth::requireAuth();
+AuditLog::setUser($authData['user_id'], $authData['user']['username'] ?? 'unknown');
+
+$method = $_SERVER['REQUEST_METHOD'];
+$action = $_GET['action'] ?? '';
+
+try {
+    $pdo = db();
+
+    switch ($method) {
+        case 'GET':
+            requirePermission($authData, 'projects.view');
+            if ($action === 'download') {
+                handleFilesDownload($pdo, $authData);
+            } else {
+                handleFilesList($pdo, $authData);
+            }
+            break;
+
+        case 'POST':
+            requirePermission($authData, 'projects.files');
+            if ($action === 'upload') {
+                handleFilesUpload($pdo, $authData);
+            } elseif ($action === 'create_folder') {
+                handleFilesCreateFolder($pdo, $authData);
+            } else {
+                errorResponse('Neznámá akce', 400);
+            }
+            break;
+
+        case 'PUT':
+            requirePermission($authData, 'projects.files');
+            if ($action === 'move') {
+                handleFilesMove($pdo, $authData);
+            } else {
+                errorResponse('Neznámá akce', 400);
+            }
+            break;
+
+        case 'DELETE':
+            requirePermission($authData, 'projects.files');
+            handleFilesDelete($pdo, $authData);
+            break;
+
+        default:
+            errorResponse('Metoda není povolena', 405);
+    }
+} catch (PDOException $e) {
+    error_log('Project Files API error: ' . $e->getMessage());
+    if (DEBUG_MODE) {
+        errorResponse('Chyba databáze: ' . $e->getMessage(), 500);
+    } else {
+        errorResponse('Chyba databáze', 500);
+    }
+}