diff --git a/index.html b/index.html index 28613ec..4024a67 100644 --- a/index.html +++ b/index.html @@ -19,7 +19,7 @@ - BOHA | Admin + Admin
diff --git a/package-lock.json b/package-lock.json index 29448e7..1a683df 100644 --- a/package-lock.json +++ b/package-lock.json @@ -1,11 +1,11 @@ { - "name": "boha-app-ts", + "name": "app-ts", "version": "1.1.4", "lockfileVersion": 3, "requires": true, "packages": { "": { - "name": "boha-app-ts", + "name": "app-ts", "version": "1.1.4", "license": "ISC", "dependencies": { @@ -28,6 +28,7 @@ "framer-motion": "^12.38.0", "hi-base32": "^0.5.1", "jsonwebtoken": "^9.0.3", + "leaflet": "^1.9.4", "node-cron": "^4.2.1", "nodemailer": "^8.0.2", "otpauth": "^9.5.0", @@ -45,6 +46,7 @@ "@types/bcryptjs": "^2.4.6", "@types/dompurify": "^3.0.5", "@types/jsonwebtoken": "^9.0.10", + "@types/leaflet": "^1.9.21", "@types/mysql": "^2.15.27", "@types/node": "^25.5.0", "@types/node-cron": "^3.0.11", @@ -1504,6 +1506,13 @@ "dev": true, "license": "MIT" }, + "node_modules/@types/geojson": { + "version": "7946.0.16", + "resolved": "https://registry.npmjs.org/@types/geojson/-/geojson-7946.0.16.tgz", + "integrity": "sha512-6C8nqWur3j98U6+lXDfTUWIfgvZU+EumvpHKcYjujKH7woYyLj2sUmff0tRhrqM7BohUw7Pz3ZB1jj2gW9Fvmg==", + "dev": true, + "license": "MIT" + }, "node_modules/@types/jsonwebtoken": { "version": "9.0.10", "resolved": "https://registry.npmjs.org/@types/jsonwebtoken/-/jsonwebtoken-9.0.10.tgz", @@ -1515,6 +1524,16 @@ "@types/node": "*" } }, + "node_modules/@types/leaflet": { + "version": "1.9.21", + "resolved": "https://registry.npmjs.org/@types/leaflet/-/leaflet-1.9.21.tgz", + "integrity": "sha512-TbAd9DaPGSnzp6QvtYngntMZgcRk+igFELwR2N99XZn7RXUdKgsXMR+28bUO0rPsWp8MIu/f47luLIQuSLYv/w==", + "dev": true, + "license": "MIT", + "dependencies": { + "@types/geojson": "*" + } + }, "node_modules/@types/methods": { "version": "1.1.4", "resolved": "https://registry.npmjs.org/@types/methods/-/methods-1.1.4.tgz", @@ -3699,6 +3718,12 @@ "safe-buffer": "^5.0.1" } }, + "node_modules/leaflet": { + "version": "1.9.4", + "resolved": "https://registry.npmjs.org/leaflet/-/leaflet-1.9.4.tgz", + "integrity": "sha512-nxS1ynzJOmOlHp+iL3FyWqK89GtNL8U8rvlMOsQdTTssxZwCXh8N2NB3GDQOL+YR3XnWyZAxwQixURb+FA74PA==", + "license": "BSD-2-Clause" + }, "node_modules/light-my-request": { "version": "6.6.0", "resolved": "https://registry.npmjs.org/light-my-request/-/light-my-request-6.6.0.tgz", diff --git a/package.json b/package.json index 3434908..02aaab8 100644 --- a/package.json +++ b/package.json @@ -43,6 +43,7 @@ "framer-motion": "^12.38.0", "hi-base32": "^0.5.1", "jsonwebtoken": "^9.0.3", + "leaflet": "^1.9.4", "node-cron": "^4.2.1", "nodemailer": "^8.0.2", "otpauth": "^9.5.0", @@ -60,6 +61,7 @@ "@types/bcryptjs": "^2.4.6", "@types/dompurify": "^3.0.5", "@types/jsonwebtoken": "^9.0.10", + "@types/leaflet": "^1.9.21", "@types/mysql": "^2.15.27", "@types/node": "^25.5.0", "@types/node-cron": "^3.0.11", diff --git a/prisma/migrations/20260327_add_dark_logo/migration.sql b/prisma/migrations/20260327_add_dark_logo/migration.sql new file mode 100644 index 0000000..ff13d73 --- /dev/null +++ b/prisma/migrations/20260327_add_dark_logo/migration.sql @@ -0,0 +1 @@ +ALTER TABLE `company_settings` ADD COLUMN `logo_data_dark` MEDIUMBLOB NULL AFTER `logo_data`; diff --git a/prisma/migrations/20260327_add_number_patterns/migration.sql b/prisma/migrations/20260327_add_number_patterns/migration.sql new file mode 100644 index 0000000..95e178b --- /dev/null +++ b/prisma/migrations/20260327_add_number_patterns/migration.sql @@ -0,0 +1,4 @@ +ALTER TABLE `company_settings` + ADD COLUMN `offer_number_pattern` VARCHAR(100) NULL, + ADD COLUMN `order_number_pattern` VARCHAR(100) NULL, + ADD COLUMN `invoice_number_pattern` VARCHAR(100) NULL; diff --git a/prisma/migrations/20260327_add_smtp_settings/migration.sql b/prisma/migrations/20260327_add_smtp_settings/migration.sql new file mode 100644 index 0000000..900f806 --- /dev/null +++ b/prisma/migrations/20260327_add_smtp_settings/migration.sql @@ -0,0 +1,3 @@ +ALTER TABLE `company_settings` + ADD COLUMN `smtp_from` VARCHAR(255) NULL, + ADD COLUMN `smtp_from_name` VARCHAR(255) NULL; diff --git a/prisma/migrations/20260327_add_system_settings/migration.sql b/prisma/migrations/20260327_add_system_settings/migration.sql new file mode 100644 index 0000000..74412f4 --- /dev/null +++ b/prisma/migrations/20260327_add_system_settings/migration.sql @@ -0,0 +1,13 @@ +-- System settings columns on company_settings +ALTER TABLE `company_settings` + ADD COLUMN `break_threshold_hours` DECIMAL(4,2) DEFAULT 6, + ADD COLUMN `break_duration_short` INT DEFAULT 15, + ADD COLUMN `break_duration_long` INT DEFAULT 30, + ADD COLUMN `clock_rounding_minutes` INT DEFAULT 15, + ADD COLUMN `invoice_alert_email` VARCHAR(255) NULL, + ADD COLUMN `leave_notify_email` VARCHAR(255) NULL, + ADD COLUMN `max_login_attempts` INT DEFAULT 5, + ADD COLUMN `lockout_minutes` INT DEFAULT 15, + ADD COLUMN `max_requests_per_minute` INT DEFAULT 300, + ADD COLUMN `available_vat_rates` LONGTEXT NULL, + ADD COLUMN `available_currencies` LONGTEXT NULL; diff --git a/prisma/migrations/20260327_consolidate_settings_permissions/migration.sql b/prisma/migrations/20260327_consolidate_settings_permissions/migration.sql new file mode 100644 index 0000000..9019c22 --- /dev/null +++ b/prisma/migrations/20260327_consolidate_settings_permissions/migration.sql @@ -0,0 +1,18 @@ +-- Create new unified permission +INSERT INTO permissions (name, display_name, description, module) +VALUES ('settings.manage', 'Správa nastavení', 'Správa všech nastavení systému', 'settings') +ON DUPLICATE KEY UPDATE display_name = VALUES(display_name); + +-- Grant to all roles that had any of the old 3 +INSERT IGNORE INTO role_permissions (role_id, permission_id) +SELECT DISTINCT rp.role_id, (SELECT id FROM permissions WHERE name = 'settings.manage') +FROM role_permissions rp +JOIN permissions p ON p.id = rp.permission_id +WHERE p.name IN ('offers.settings', 'settings.roles', 'settings.security'); + +-- Clean up old role_permissions +DELETE FROM role_permissions +WHERE permission_id IN (SELECT id FROM permissions WHERE name IN ('offers.settings', 'settings.roles', 'settings.security')); + +-- Remove old permissions +DELETE FROM permissions WHERE name IN ('offers.settings', 'settings.roles', 'settings.security'); diff --git a/prisma/schema.prisma b/prisma/schema.prisma index 6d60854..49995ea 100644 --- a/prisma/schema.prisma +++ b/prisma/schema.prisma @@ -100,6 +100,7 @@ model company_settings { vat_id String? @db.VarChar(50) custom_fields String? @db.LongText logo_data Bytes? + logo_data_dark Bytes? quotation_prefix String? @db.VarChar(20) default_currency String? @default("CZK") @db.VarChar(10) default_vat_rate Decimal? @default(21.00) @db.Decimal(5, 2) @@ -109,7 +110,23 @@ model company_settings { sync_version Int? @default(0) order_type_code String? @db.VarChar(10) invoice_type_code String? @db.VarChar(10) - require_2fa Boolean @default(false) + require_2fa Boolean @default(false) + break_threshold_hours Decimal? @default(6) @db.Decimal(4, 2) + break_duration_short Int? @default(15) + break_duration_long Int? @default(30) + clock_rounding_minutes Int? @default(15) + invoice_alert_email String? @db.VarChar(255) + leave_notify_email String? @db.VarChar(255) + max_login_attempts Int? @default(5) + lockout_minutes Int? @default(15) + max_requests_per_minute Int? @default(300) + available_vat_rates String? @db.LongText + available_currencies String? @db.LongText + smtp_from String? @db.VarChar(255) + smtp_from_name String? @db.VarChar(255) + offer_number_pattern String? @db.VarChar(100) + order_number_pattern String? @db.VarChar(100) + invoice_number_pattern String? @db.VarChar(100) } model customers { diff --git a/src/admin/AdminApp.tsx b/src/admin/AdminApp.tsx index 5913425..6633640 100644 --- a/src/admin/AdminApp.tsx +++ b/src/admin/AdminApp.tsx @@ -32,7 +32,6 @@ const Offers = lazy(() => import("./pages/Offers")); const OfferDetail = lazy(() => import("./pages/OfferDetail")); const OffersCustomers = lazy(() => import("./pages/OffersCustomers")); const OffersTemplates = lazy(() => import("./pages/OffersTemplates")); -const CompanySettings = lazy(() => import("./pages/CompanySettings")); const Orders = lazy(() => import("./pages/Orders")); const OrderDetail = lazy(() => import("./pages/OrderDetail")); const Projects = lazy(() => import("./pages/Projects")); @@ -91,7 +90,6 @@ export default function AdminApp() { } /> } /> } /> - } /> } /> } /> } /> diff --git a/src/admin/components/Sidebar.tsx b/src/admin/components/Sidebar.tsx index dde6e87..aa9f80e 100644 --- a/src/admin/components/Sidebar.tsx +++ b/src/admin/components/Sidebar.tsx @@ -330,22 +330,6 @@ const menuSections: MenuSection[] = [ ), }, - { - path: "/company/settings", - label: "Firma", - permission: "offers.settings", - icon: ( - - - - - ), - }, ], }, { @@ -372,7 +356,7 @@ const menuSections: MenuSection[] = [ { path: "/settings", label: "Nastavení", - permission: ["settings.roles", "settings.security"], + permission: "settings.manage", icon: ( { + (e.target as HTMLImageElement).src = + theme === "dark" + ? "/images/logo-dark.png" + : "/images/logo-light.png"; + }} />
- +

EVIDENCE DOCHÁZKY

-
BOHA Automation s.r.o.
+
${companyName}
@@ -1010,9 +1011,16 @@ export default function useAttendanceAdmin({ alert }: AlertContext) { // ========================================================================= const handlePrint = async () => { try { - let url = `${API_BASE}/attendance?action=print&month=${month}`; - if (filterUserId) url += `&user_id=${filterUserId}`; - const response = await apiFetch(url); + const [response, settingsRes] = await Promise.all([ + apiFetch( + `${API_BASE}/attendance?action=print&month=${month}${filterUserId ? `&user_id=${filterUserId}` : ""}`, + ), + apiFetch(`${API_BASE}/company-settings`), + ]); + const settingsData = await settingsRes.json(); + const companyName = settingsData.success + ? settingsData.data.company_name || "" + : ""; if (response.status === 401) return; const result = await response.json(); if (result.success) { @@ -1034,6 +1042,7 @@ export default function useAttendanceAdmin({ alert }: AlertContext) { userSections, emptyMsg, filterNote, + companyName, ); const printWindow = window.open("", "_blank"); if (printWindow) { diff --git a/src/admin/pages/AttendanceHistory.tsx b/src/admin/pages/AttendanceHistory.tsx index dc263ca..e6d0387 100644 --- a/src/admin/pages/AttendanceHistory.tsx +++ b/src/admin/pages/AttendanceHistory.tsx @@ -126,6 +126,7 @@ export default function AttendanceHistory() { const alert = useAlert(); const { user, hasPermission } = useAuth(); const [loading, setLoading] = useState(true); + const [companyName, setCompanyName] = useState(""); const printRef = useRef(null); const [month, setMonth] = useState(() => { const now = new Date(); @@ -156,6 +157,15 @@ export default function AttendanceHistory() { fetchData(); }, [fetchData]); + useEffect(() => { + apiFetch(`${API_BASE}/company-settings`) + .then((r) => r.json()) + .then((d) => { + if (d.success) setCompanyName(d.data.company_name || ""); + }) + .catch(() => {}); + }, []); + const computed = useMemo(() => { const [yearStr, monthStr] = month.split("-"); const monthIndex = parseInt(monthStr, 10) - 1; @@ -637,13 +647,13 @@ export default function AttendanceHistory() {
BOHA

EVIDENCE DOCHÁZKY

-
BOHA Automation s.r.o.
+
{companyName}
diff --git a/src/admin/pages/AttendanceLocation.tsx b/src/admin/pages/AttendanceLocation.tsx index 5d0103c..21706a9 100644 --- a/src/admin/pages/AttendanceLocation.tsx +++ b/src/admin/pages/AttendanceLocation.tsx @@ -5,12 +5,13 @@ import Forbidden from "../components/Forbidden"; import { useNavigate, useParams, Link } from "react-router-dom"; import { motion } from "framer-motion"; +import L from "leaflet"; +import "leaflet/dist/leaflet.css"; + import { formatDate, formatTime } from "../utils/attendanceHelpers"; import apiFetch from "../utils/api"; const API_BASE = "/api/admin"; -declare const L: any; - interface LocationRecord { user_name: string; shift_date: string; @@ -74,23 +75,6 @@ export default function AttendanceLocation() { if (!hasAnyLocation || !mapRef.current) return; - const loadLeaflet = async () => { - if ((window as unknown as Record).L) { - initMap(); - return; - } - - const link = document.createElement("link"); - link.rel = "stylesheet"; - link.href = "https://unpkg.com/leaflet@1.9.4/dist/leaflet.css"; - document.head.appendChild(link); - - const script = document.createElement("script"); - script.src = "https://unpkg.com/leaflet@1.9.4/dist/leaflet.js"; - script.onload = initMap; - document.body.appendChild(script); - }; - const initMap = () => { if (mapInstanceRef.current) { (mapInstanceRef.current as { remove: () => void }).remove(); @@ -175,7 +159,7 @@ export default function AttendanceLocation() { } }; - loadLeaflet(); + initMap(); return () => { if (mapInstanceRef.current) { diff --git a/src/admin/pages/CompanySettings.tsx b/src/admin/pages/CompanySettings.tsx index 3ce510a..c06f56e 100644 --- a/src/admin/pages/CompanySettings.tsx +++ b/src/admin/pages/CompanySettings.tsx @@ -24,8 +24,6 @@ const FIELD_LABELS: Record = { vat_id: "DIČ", }; -const currentYear = new Date().getFullYear().toString().slice(-2); - interface CustomField { name: string; value: string; @@ -41,11 +39,6 @@ interface CompanyForm { country: string; company_id: string; vat_id: string; - quotation_prefix: string; - default_currency: string; - default_vat_rate: number; - order_type_code: string; - invoice_type_code: string; } interface BankAccount { @@ -69,14 +62,19 @@ interface BankForm { is_default: boolean; } -export default function CompanySettings() { +export default function CompanySettings({ + embedded, +}: { embedded?: boolean } = {}) { const alert = useAlert(); const { hasPermission } = useAuth(); const [loading, setLoading] = useState(true); const [saving, setSaving] = useState(false); const [uploadingLogo, setUploadingLogo] = useState(false); + const [uploadingLogoDark, setUploadingLogoDark] = useState(false); const [logoUrl, setLogoUrl] = useState(null); + const [logoUrlDark, setLogoUrlDark] = useState(null); const logoUrlRef = useRef(null); + const logoUrlDarkRef = useRef(null); const [form, setForm] = useState({ company_name: "", street: "", @@ -85,11 +83,6 @@ export default function CompanySettings() { country: "", company_id: "", vat_id: "", - quotation_prefix: "N", - default_currency: "EUR", - default_vat_rate: 21, - order_type_code: "71", - invoice_type_code: "81", }); const [customFields, setCustomFields] = useState([]); const customFieldKeyCounter = useRef(0); @@ -97,6 +90,12 @@ export default function CompanySettings() { ...DEFAULT_FIELD_ORDER, ]); const [bankAccounts, setBankAccounts] = useState([]); + const [availableCurrencies, setAvailableCurrencies] = useState([ + "CZK", + "EUR", + "USD", + "GBP", + ]); const [bankLoading, setBankLoading] = useState(true); const [bankSaving, setBankSaving] = useState(false); const [editingBank, setEditingBank] = useState(null); @@ -151,17 +150,28 @@ export default function CompanySettings() { return key; }; - const fetchLogo = useCallback(async () => { + const fetchLogo = useCallback(async (variant: "light" | "dark" = "light") => { try { - const resp = await apiFetch(`${API_BASE}/company-settings/logo`); + const resp = await apiFetch( + `${API_BASE}/company-settings/logo?variant=${variant}`, + ); if (resp.ok) { const blob = await resp.blob(); - setLogoUrl((prev) => { - if (prev) URL.revokeObjectURL(prev); - const url = URL.createObjectURL(blob); - logoUrlRef.current = url; - return url; - }); + if (variant === "dark") { + setLogoUrlDark((prev) => { + if (prev) URL.revokeObjectURL(prev); + const url = URL.createObjectURL(blob); + logoUrlDarkRef.current = url; + return url; + }); + } else { + setLogoUrl((prev) => { + if (prev) URL.revokeObjectURL(prev); + const url = URL.createObjectURL(blob); + logoUrlRef.current = url; + return url; + }); + } } } catch { // ignore - no logo @@ -183,11 +193,6 @@ export default function CompanySettings() { country: d.country || "", company_id: d.company_id || "", vat_id: d.vat_id || "", - quotation_prefix: d.quotation_prefix || "N", - default_currency: d.default_currency || "EUR", - default_vat_rate: d.default_vat_rate || 21, - order_type_code: d.order_type_code || "71", - invoice_type_code: d.invoice_type_code || "81", }); const cf = Array.isArray(d.custom_fields) && d.custom_fields.length > 0 @@ -207,8 +212,17 @@ export default function CompanySettings() { } else { setFieldOrder([...DEFAULT_FIELD_ORDER]); } + if ( + Array.isArray(d.available_currencies) && + d.available_currencies.length > 0 + ) { + setAvailableCurrencies(d.available_currencies); + } if (d.has_logo) { - fetchLogo(); + fetchLogo("light"); + } + if (d.has_logo_dark) { + fetchLogo("dark"); } } else { alert.error(result.error || "Nepodařilo se načíst nastavení"); @@ -316,10 +330,11 @@ export default function CompanySettings() { fetchBankAccounts(); }, [fetchData, fetchBankAccounts]); - // Cleanup blob URL on unmount + // Cleanup blob URLs on unmount useEffect(() => { return () => { if (logoUrlRef.current) URL.revokeObjectURL(logoUrlRef.current); + if (logoUrlDarkRef.current) URL.revokeObjectURL(logoUrlDarkRef.current); }; }, []); @@ -351,30 +366,38 @@ export default function CompanySettings() { } }; - const handleLogoUpload = async (e: React.ChangeEvent) => { + const handleLogoUpload = async ( + e: React.ChangeEvent, + variant: "light" | "dark" = "light", + ) => { const file = e.target.files?.[0]; if (!file) return; - setUploadingLogo(true); + const setUploading = + variant === "dark" ? setUploadingLogoDark : setUploadingLogo; + setUploading(true); try { const formData = new FormData(); formData.append("logo", file); - const response = await apiFetch(`${API_BASE}/company-settings/logo`, { - method: "POST", - body: formData, - }); + const response = await apiFetch( + `${API_BASE}/company-settings/logo?variant=${variant}`, + { + method: "POST", + body: formData, + }, + ); const result = await response.json(); if (result.success) { alert.success(result.message || "Logo bylo nahráno"); - fetchLogo(); + fetchLogo(variant); } else { alert.error(result.error || "Nepodařilo se nahrát logo"); } } catch { alert.error("Chyba připojení"); } finally { - setUploadingLogo(false); + setUploading(false); e.target.value = ""; } }; @@ -383,7 +406,7 @@ export default function CompanySettings() { setForm((prev) => ({ ...prev, [field]: value })); }; - if (!hasPermission("offers.settings")) return ; + if (!embedded && !hasPermission("settings.manage")) return ; if (loading) { return ( @@ -464,33 +487,33 @@ export default function CompanySettings() { return (
- -
-

Nastavení firmy

-

- Firemní údaje, číslování dokladů a výchozí hodnoty -

-
- - +
+

Nastavení firmy

+

Firemní údaje a bankovní účty

+
+ + + )}
{/* Company Info */} @@ -898,10 +921,11 @@ export default function CompanySettings() { } className="admin-form-select" > - - - - + {availableCurrencies.map((c) => ( + + ))}
@@ -1055,177 +1079,135 @@ export default function CompanySettings() {

Logo

-
- {logoUrl && ( -
- Logo -
- )} -