fix: attendance shows only users with attendance.record permission

- Filter attendance admin/balances/workfund to users with attendance.record permission or admin role - New attendance_users API action for user dropdown - Fix missing prisma import in attendance route - Fix user edit: empty password no longer blocks save (preprocess to undefined) Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-03-27 17:32:22 +01:00
parent 9779112066
commit af1b41994c
4 changed files with 66 additions and 17 deletions
--- a/src/services/attendance.service.ts
+++ b/src/services/attendance.service.ts
@@ -4,6 +4,29 @@ import { getBusinessDaysInMonth } from "../utils/czech-holidays";
 import { localDateStr } from "../utils/date";
 import { getSystemSettings } from "./system-settings";

+/** Get active users whose role has attendance.record permission (or admin role) */
+async function getAttendanceUsers() {
+  return prisma.users.findMany({
+    where: {
+      is_active: true,
+      roles: {
+        is: {
+          OR: [
+            { name: "admin" },
+            {
+              role_permissions: {
+                some: { permissions: { name: "attendance.record" } },
+              },
+            },
+          ],
+        },
+      },
+    },
+    select: { id: true, first_name: true, last_name: true },
+    orderBy: { last_name: "asc" },
+  });
+}
+
 type AttendanceWithRelations = Prisma.attendanceGetPayload<{
  include: {
    users: { select: { id: true; first_name: true; last_name: true } };
@@ -421,11 +444,7 @@ export async function switchProject(userId: number, projectId: number | null) {
 }

 export async function getBalances(year: number) {
-  const users = await prisma.users.findMany({
-    where: { is_active: true },
-    select: { id: true, first_name: true, last_name: true },
-    orderBy: { last_name: "asc" },
-  });
+  const users = await getAttendanceUsers();

  const balances: Record<
    string,
@@ -463,11 +482,7 @@ export async function getBalances(year: number) {
 }

 export async function getWorkfund(year: number) {
-  const users = await prisma.users.findMany({
-    where: { is_active: true },
-    select: { id: true, first_name: true, last_name: true },
-    orderBy: { last_name: "asc" },
-  });
+  const users = await getAttendanceUsers();

  const now = new Date();
  const currentYear = now.getFullYear();
@@ -734,11 +749,7 @@ export async function getPrintData(
  const monthStart = new Date(yr, mo - 1, 1);
  const monthEnd = new Date(yr, mo, 0, 23, 59, 59);

-  const users = await prisma.users.findMany({
-    where: { is_active: true },
-    select: { id: true, first_name: true, last_name: true },
-    orderBy: { last_name: "asc" },
-  });
+  const users = await getAttendanceUsers();

  const where: Record<string, unknown> = {
    shift_date: { gte: monthStart, lte: monthEnd },