feat: dist/ pridan do repa pro server deploy

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

dist/api/admin/offers.php

@@ -0,0 +1,96 @@
+<?php
+
+/**
+ * BOHA Automation - Quotations CRUD API
+ *
+ * GET    /api/admin/offers.php                     - List quotations
+ * GET    /api/admin/offers.php?action=detail&id=X  - Get quotation detail
+ * GET    /api/admin/offers.php?action=next_number  - Get next quotation number
+ * POST   /api/admin/offers.php                     - Create quotation
+ * POST   /api/admin/offers.php?action=duplicate&id=X - Duplicate quotation
+ * POST   /api/admin/offers.php?action=invalidate&id=X - Invalidate quotation
+ * PUT    /api/admin/offers.php?id=X                - Update quotation
+ * DELETE /api/admin/offers.php?id=X                - Delete quotation
+ */
+
+declare(strict_types=1);
+
+require_once dirname(__DIR__) . '/config.php';
+require_once dirname(__DIR__) . '/includes/JWTAuth.php';
+require_once dirname(__DIR__) . '/includes/AuditLog.php';
+require_once dirname(__DIR__) . '/includes/PaginationHelper.php';
+require_once __DIR__ . '/handlers/offers-handlers.php';
+
+setCorsHeaders();
+setSecurityHeaders();
+setNoCacheHeaders();
+header('Content-Type: application/json; charset=utf-8');
+
+$authData = JWTAuth::requireAuth();
+AuditLog::setUser($authData['user_id'], $authData['user']['username'] ?? 'unknown');
+
+$method = $_SERVER['REQUEST_METHOD'];
+$action = $_GET['action'] ?? '';
+$id = isset($_GET['id']) ? (int) $_GET['id'] : null;
+
+try {
+    $pdo = db();
+
+    switch ($method) {
+        case 'GET':
+            requirePermission($authData, 'offers.view');
+            switch ($action) {
+                case 'detail':
+                    if (!$id) {
+                        errorResponse('ID nabídky je povinné');
+                    }
+                    handleGetDetail($pdo, $id);
+                    break;
+                case 'next_number':
+                    handleGetNextNumber($pdo);
+                    break;
+                default:
+                    handleGetList($pdo);
+            }
+            break;
+
+        case 'POST':
+            if ($action === 'invalidate' && $id) {
+                requirePermission($authData, 'offers.edit');
+                handleInvalidateOffer($pdo, $id);
+            } elseif ($action === 'duplicate' && $id) {
+                requirePermission($authData, 'offers.create');
+                handleDuplicate($pdo, $id);
+            } else {
+                requirePermission($authData, 'offers.create');
+                handleCreateOffer($pdo);
+            }
+            break;
+
+        case 'PUT':
+            requirePermission($authData, 'offers.edit');
+            if (!$id) {
+                errorResponse('ID nabídky je povinné');
+            }
+            handleUpdateOffer($pdo, $id);
+            break;
+
+        case 'DELETE':
+            requirePermission($authData, 'offers.delete');
+            if (!$id) {
+                errorResponse('ID nabídky je povinné');
+            }
+            handleDeleteQuotation($pdo, $id);
+            break;
+
+        default:
+            errorResponse('Metoda není povolena', 405);
+    }
+} catch (PDOException $e) {
+    error_log('Offers API error: ' . $e->getMessage());
+    if (DEBUG_MODE) {
+        errorResponse('Chyba databáze: ' . $e->getMessage(), 500);
+    } else {
+        errorResponse('Chyba databáze', 500);
+    }
+}