feat: dist/ pridan do repa pro server deploy

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-03-13 09:19:40 +01:00
parent 1d27d19157
commit b2a2937a35
119 changed files with 15628 additions and 1 deletions
--- a/dist/api/admin/attendance.php
+++ b/dist/api/admin/attendance.php
@@ -0,0 +1,152 @@
+<?php
+
+/**
+ * BOHA Automation - Attendance API
+ *
+ * Endpoints:
+ * GET    /api/admin/attendance.php                    - Get current shift status and today's shifts
+ * GET    /api/admin/attendance.php?action=history     - Get attendance history for month
+ * GET    /api/admin/attendance.php?action=admin       - Get all attendance records (admin)
+ * GET    /api/admin/attendance.php?action=balances    - Get leave balances (admin)
+ * GET    /api/admin/attendance.php?action=workfund&year=YYYY - Get work fund overview (admin)
+ * GET    /api/admin/attendance.php?action=location&id=X - Get location for record (admin)
+ * GET    /api/admin/attendance.php?action=print       - Get print data for attendance (admin)
+ * GET    /api/admin/attendance.php?action=projects    - Get active projects list
+ * GET    /api/admin/attendance.php?action=project_report&month=YYYY-MM - Get project hours report (admin)
+ * GET    /api/admin/attendance.php?action=project_logs&attendance_id=X - Get project logs for a shift
+ * POST   /api/admin/attendance.php                    - Clock in/out/break actions
+ * POST   /api/admin/attendance.php?action=update_address - Doplnit adresu k poslednimu zaznamu
+ * POST   /api/admin/attendance.php?action=notes       - Save notes for current shift
+ * POST   /api/admin/attendance.php?action=switch_project - Switch active project on current shift
+ * POST   /api/admin/attendance.php?action=leave       - Add leave record
+ * POST   /api/admin/attendance.php?action=save_project_logs - Save project logs for record (admin)
+ * POST   /api/admin/attendance.php?action=create      - Create attendance record (admin)
+ * POST   /api/admin/attendance.php?action=bulk_attendance - Bulk add attendance for month (admin)
+ * POST   /api/admin/attendance.php?action=balances    - Update leave balance (admin)
+ * PUT    /api/admin/attendance.php?id=X               - Update attendance record (admin)
+ * DELETE /api/admin/attendance.php?id=X               - Delete attendance record (admin)
+ */
+
+declare(strict_types=1);
+
+require_once dirname(__DIR__) . '/config.php';
+require_once dirname(__DIR__) . '/includes/JWTAuth.php';
+require_once dirname(__DIR__) . '/includes/AuditLog.php';
+require_once dirname(__DIR__) . '/includes/CzechHolidays.php';
+require_once dirname(__DIR__) . '/includes/AttendanceHelpers.php';
+require_once dirname(__DIR__) . '/includes/AttendanceAdmin.php';
+require_once __DIR__ . '/handlers/attendance-handlers.php';
+
+setCorsHeaders();
+setSecurityHeaders();
+setNoCacheHeaders();
+header('Content-Type: application/json; charset=utf-8');
+
+$authData = JWTAuth::requireAuth();
+AuditLog::setUser($authData['user_id'], $authData['user']['username'] ?? 'unknown');
+
+$method = $_SERVER['REQUEST_METHOD'];
+$action = $_GET['action'] ?? '';
+$recordId = isset($_GET['id']) ? (int) $_GET['id'] : null;
+
+try {
+    $pdo = db();
+    $userId = $authData['user_id'];
+    $isAdmin = $authData['user']['is_admin'] ?? false;
+
+    switch ($method) {
+        case 'GET':
+            if ($action === 'history') {
+                requirePermission($authData, 'attendance.history');
+                handleGetHistory($pdo, $userId);
+            } elseif ($action === 'admin') {
+                requirePermission($authData, 'attendance.admin');
+                handleGetAdmin($pdo);
+            } elseif ($action === 'balances') {
+                requirePermission($authData, 'attendance.balances');
+                handleGetBalances($pdo);
+            } elseif ($action === 'location' && $recordId) {
+                requirePermission($authData, 'attendance.admin');
+                handleGetLocation($pdo, $recordId);
+            } elseif ($action === 'users') {
+                requirePermission($authData, 'attendance.admin');
+                handleGetUsers($pdo);
+            } elseif ($action === 'print') {
+                requirePermission($authData, 'attendance.admin');
+                handleGetPrint($pdo);
+            } elseif ($action === 'workfund') {
+                requirePermission($authData, 'attendance.balances');
+                handleGetWorkFund($pdo);
+            } elseif ($action === 'projects') {
+                handleGetProjects();
+            } elseif ($action === 'project_report') {
+                if (!hasPermission($authData, 'attendance.admin') && !hasPermission($authData, 'attendance.balances')) {
+                    requirePermission($authData, 'attendance.admin');
+                }
+                handleGetProjectReport($pdo);
+            } elseif ($action === 'project_logs') {
+                handleGetProjectLogs($pdo, $userId, $authData);
+            } else {
+                requirePermission($authData, 'attendance.record');
+                handleGetCurrent($pdo, $userId);
+            }
+            break;
+
+        case 'POST':
+            if ($action === 'leave') {
+                requirePermission($authData, 'attendance.record');
+                handleAddLeave($pdo, $userId);
+            } elseif ($action === 'notes') {
+                requirePermission($authData, 'attendance.record');
+                handleSaveNotes($pdo, $userId);
+            } elseif ($action === 'switch_project') {
+                requirePermission($authData, 'attendance.record');
+                handleSwitchProject($pdo, $userId);
+            } elseif ($action === 'save_project_logs') {
+                requirePermission($authData, 'attendance.admin');
+                handleSaveProjectLogs($pdo);
+            } elseif ($action === 'create') {
+                requirePermission($authData, 'attendance.admin');
+                handleCreateAttendance($pdo);
+            } elseif ($action === 'bulk_attendance') {
+                requirePermission($authData, 'attendance.admin');
+                handleBulkAttendance($pdo);
+            } elseif ($action === 'balances') {
+                requirePermission($authData, 'attendance.balances');
+                handleUpdateBalance($pdo);
+            } elseif ($action === 'update_address') {
+                requirePermission($authData, 'attendance.record');
+                handleUpdateAddress($pdo, $userId);
+            } else {
+                requirePermission($authData, 'attendance.record');
+                handlePunch($pdo, $userId);
+            }
+            break;
+
+        case 'PUT':
+            requirePermission($authData, 'attendance.admin');
+            if (!$recordId) {
+                errorResponse('ID záznamu je povinné');
+            }
+            handleUpdateAttendance($pdo, $recordId);
+            break;
+
+        case 'DELETE':
+            requirePermission($authData, 'attendance.admin');
+            if (!$recordId) {
+                errorResponse('ID záznamu je povinné');
+            }
+            handleDeleteAttendance($pdo, $recordId);
+            break;
+
+        default:
+            errorResponse('Metoda není povolena', 405);
+    }
+} catch (PDOException $e) {
+    error_log('Attendance API error: ' . $e->getMessage());
+    errorResponse('Chyba databáze', 500);
+}
+
+// ============================================================================
+// User-facing handlers
+// ============================================================================