boha_admin/app
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 26 Wiki Activity

feat: NAS storage for invoices/offers, code cleanup, date/time fixes

Browse Source 
- NAS storage for created invoices (PDF via puppeteer), received invoices,
  and offers with auto-save on create/edit
- Deterministic file paths derived from DB fields (no file_path column needed)
- Separate NAS mount points: NAS_FINANCIALS_PATH, NAS_OFFERS_PATH
- Invoice language field (cs/en) stored per invoice, replaces lang modal
- Invoices list filtered by month/year matching KPI card selection
- Centralized date helpers (src/utils/date.ts) replacing all .toISOString()
  calls that returned UTC instead of local time
- Attendance project switching uses exact time (not rounded)
- Comment cleanup: removed ~100 unnecessary/Czech comments
- Removed as-any casts in orders and attendance
- Prisma migrations: add invoice language, drop received_invoices BLOB columns

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
This commit is contained in:
BOHA
2026-03-26 10:36:39 +01:00
parent 0317ba3168
commit baceb88347
60 changed files with 2475 additions and 563 deletions
Download Patch File Download Diff File Expand all files Collapse all files

888
package-lock.json generated
View File

File diff suppressed because it is too large Load Diff

1
package.json
View File

@@ -46,6 +46,7 @@
"nodemailer": "^8.0.2",
"otpauth": "^9.5.0",
"prisma": "^6.19.2",
"puppeteer": "^24.40.0",
"qrcode": "^1.5.4",
"react": "^18.3.1",
"react-datepicker": "^9.1.0",

1
prisma/migrations/20260326_add_invoice_language/migration.sql Normal file
View File

@@ -0,0 +1 @@
ALTER TABLE `invoices` ADD COLUMN `language` VARCHAR(5) DEFAULT 'cs' AFTER `billing_text`;

2
prisma/migrations/20260326_add_received_invoice_file_path/migration.sql Normal file
View File

@@ -0,0 +1,2 @@
-- Add file_path column for NAS storage of received invoice files
ALTER TABLE `received_invoices` ADD COLUMN `file_path` VARCHAR(500) NULL AFTER `file_data`;

4
prisma/migrations/20260326_drop_received_invoice_blob_columns/migration.sql Normal file
View File

@@ -0,0 +1,4 @@
-- Remove file_data (BLOB) and file_path columns — files are now stored on NAS
-- Path is derived from year, month, and file_name
ALTER TABLE `received_invoices` DROP COLUMN `file_data`;
ALTER TABLE `received_invoices` DROP COLUMN `file_path`;

3
prisma/migrations/migration_lock.toml Normal file
View File

@@ -0,0 +1,3 @@
# Please do not edit this file manually
# It should be added in your version-control system (i.e. Git)
provider = "mysql"

2
prisma/schema.prisma
View File

@@ -167,6 +167,7 @@ model invoices {
paid_date DateTime? @db.Date
issued_by String? @db.VarChar(255)
billing_text String? @db.VarChar(500)
language String? @default("cs") @db.VarChar(5)
notes String? @db.Text
internal_notes String? @db.Text
created_at DateTime? @default(now()) @db.DateTime(0)
@@ -410,7 +411,6 @@ model received_invoices {
due_date DateTime? @db.Date
paid_date DateTime? @db.Date
status received_invoices_status @default(unpaid)
file_data Bytes? @db.MediumBlob
file_name String? @db.VarChar(255)
file_mime String? @db.VarChar(100)
file_size Int? @db.UnsignedInt

75
scripts/migrate-received-invoices-to-nas.ts Normal file
View File

@@ -0,0 +1,75 @@
/**
* Migrate received invoice files from DB BLOB to NAS storage.
*
* Usage: NAS_FINANCIALS_PATH=/mnt/nas/financials npx tsx scripts/migrate-received-invoices-to-nas.ts
*/
import "../src/config/env";
import { PrismaClient } from "@prisma/client";
import { nasFinancialsManager } from "../src/services/nas-financials-manager";
const prisma = new PrismaClient();
async function main() {
if (!nasFinancialsManager.isConfigured()) {
console.error(
"NAS_FINANCIALS_PATH is not configured or path does not exist.",
);
process.exit(1);
}
const records = await prisma.received_invoices.findMany({
where: { file_data: { not: null }, file_path: null },
select: {
id: true,
file_data: true,
file_name: true,
month: true,
year: true,
},
});
console.log(`Found ${records.length} invoices to migrate.`);
let migrated = 0;
let failed = 0;
for (const rec of records) {
if (!rec.file_data) continue;
const fileName = rec.file_name || `invoice-${rec.id}.pdf`;
const result = nasFinancialsManager.saveReceivedInvoice(
fileName,
rec.year,
rec.month,
Buffer.from(rec.file_data),
);
if ("error" in result) {
console.error(` FAIL id=${rec.id}: ${result.error}`);
failed++;
continue;
}
await prisma.received_invoices.update({
where: { id: rec.id },
data: { file_path: result.filePath, file_data: null },
});
migrated++;
if (migrated % 50 === 0) {
console.log(` Progress: ${migrated}/${records.length}...`);
}
}
console.log(
`Done. Migrated: ${migrated}, Failed: ${failed}, Total: ${records.length}`,
);
}
main()
.catch((e) => {
console.error(e);
process.exit(1);
})
.finally(() => prisma.$disconnect());

418
src/admin/admin.css
View File

@@ -17,7 +17,9 @@ html {
overflow-x: hidden;
}
html, body, #root {
html,
body,
#root {
min-height: 100%;
min-height: 100dvh;
max-width: 100vw;
@@ -33,14 +35,19 @@ body {
overscroll-behavior-x: none;
-webkit-font-smoothing: antialiased;
-moz-osx-font-smoothing: grayscale;
transition: background-color 0.3s ease, color 0.3s ease;
transition:
background-color 0.3s ease,
color 0.3s ease;
}
.admin-sidebar,
.admin-header,
.admin-card,
.admin-modal {
transition: background-color 0.3s ease, color 0.3s ease, border-color 0.3s ease;
transition:
background-color 0.3s ease,
color 0.3s ease,
border-color 0.3s ease;
}
#root {
@@ -48,16 +55,27 @@ body {
touch-action: pan-y pinch-zoom;
}
h1, h2, h3, h4, h5, h6 {
h1,
h2,
h3,
h4,
h5,
h6 {
font-family: var(--font-heading);
font-weight: 700;
line-height: 1.2;
color: var(--text-primary);
}
h1 { font-size: clamp(2.5rem, 5vw, 4rem); }
h2 { font-size: clamp(2rem, 4vw, 3rem); }
h3 { font-size: clamp(1.25rem, 2vw, 1.5rem); }
h1 {
font-size: clamp(2.5rem, 5vw, 4rem);
}
h2 {
font-size: clamp(2rem, 4vw, 3rem);
}
h3 {
font-size: clamp(1.25rem, 2vw, 1.5rem);
}
p {
color: var(--text-secondary);
@@ -114,15 +132,15 @@ img {
--space-12: 3rem;
/* Shared colors */
--accent-color: #D63031;
--accent-hover: #B52626;
--accent-color: #d63031;
--accent-hover: #b52626;
--success: #22c55e;
--warning: #f59e0b;
--danger: #ef4444;
--info: #3b82f6;
--error: var(--danger);
--muted: #9ca3af;
--gradient: #D63031;
--gradient: #d63031;
--gradient-subtle: rgba(214, 48, 49, 0.9);
/* Shared layout */
@@ -131,9 +149,9 @@ img {
--border-radius-lg: 16px;
--transition: all 0.3s cubic-bezier(0.4, 0, 0.2, 1);
--transition-slow: all 0.5s cubic-bezier(0.4, 0, 0.2, 1);
--font-heading: 'Urbanist', sans-serif;
--font-body: 'Plus Jakarta Sans', sans-serif;
--font-mono: 'DM Mono', 'Menlo', monospace;
--font-heading: "Urbanist", sans-serif;
--font-body: "Plus Jakarta Sans", sans-serif;
--font-mono: "DM Mono", "Menlo", monospace;
--safe-top: env(safe-area-inset-top, 0px);
--safe-bottom: env(safe-area-inset-bottom, 0px);
--safe-left: env(safe-area-inset-left, 0px);
@@ -192,14 +210,14 @@ img {
--accent-color: #c73030;
--accent-hover: #b52828;
--muted: #6b7280;
--bg-primary: #F5F4F2;
--bg-primary: #f5f4f2;
--bg-secondary: #ffffff;
--bg-tertiary: #EEECEA;
--text-primary: #1A1A1A;
--bg-tertiary: #eeecea;
--text-primary: #1a1a1a;
--text-secondary: #555555;
--text-muted: #717180;
--text-tertiary: #8a8a96;
--border-color: rgba(0, 0, 0, 0.10);
--border-color: rgba(0, 0, 0, 0.1);
--border-color-hover: rgba(0, 0, 0, 0.18);
--glass-bg: #ffffff;
--glass-bg-solid: #ffffff;
@@ -210,16 +228,16 @@ img {
--input-bg: #ffffff;
--glow-color: rgba(222, 58, 58, 0.08);
--accent-light: rgba(222, 58, 58, 0.08);
--accent-soft: #FFF0F0;
--accent-soft: #fff0f0;
--accent-glow: rgba(222, 58, 58, 0.15);
--success-light: rgba(34, 197, 94, 0.1);
--success-soft: #E8FBF7;
--success-soft: #e8fbf7;
--warning-light: rgba(245, 158, 11, 0.1);
--warning-soft: #FEF9EC;
--warning-soft: #fef9ec;
--danger-light: rgba(239, 68, 68, 0.1);
--danger-soft: #FEF2F2;
--danger-soft: #fef2f2;
--info-light: rgba(59, 130, 246, 0.1);
--info-soft: #EBF3FD;
--info-soft: #ebf3fd;
--muted-light: rgba(107, 114, 128, 0.12);
--calendar-icon-filter: none;
--select-arrow: url("data:image/svg+xml,%3Csvg xmlns='http://www.w3.org/2000/svg' width='16' height='16' viewBox='0 0 24 24' fill='none' stroke='%23555555' stroke-width='2'%3E%3Cpath d='M6 9l6 6 6-6'/%3E%3C/svg%3E");
@@ -234,7 +252,9 @@ img {
/* Light mode - jemnejsi stiny */
[data-theme="light"] .admin-toast {
box-shadow: 0 2px 8px rgba(0, 0, 0, 0.08), 0 1px 3px rgba(0, 0, 0, 0.06);
box-shadow:
0 2px 8px rgba(0, 0, 0, 0.08),
0 1px 3px rgba(0, 0, 0, 0.06);
}
[data-theme="light"] .react-datepicker {
@@ -302,28 +322,67 @@ img {
}
/* Layout utilities */
.flex-1 { flex: 1; }
.flex-row { display: flex; align-items: center; }
.flex-row-gap { display: flex; align-items: center; gap: var(--space-3); }
.flex-between { display: flex; align-items: center; justify-content: space-between; }
.flex-1 {
flex: 1;
}
.flex-row {
display: flex;
align-items: center;
}
.flex-row-gap {
display: flex;
align-items: center;
gap: var(--space-3);
}
.flex-between {
display: flex;
align-items: center;
justify-content: space-between;
}
/* Spacing utilities */
.mb-2 { margin-bottom: var(--space-2); }
.mb-4 { margin-bottom: var(--space-4); }
.mb-6 { margin-bottom: var(--space-6); }
.mt-2 { margin-top: var(--space-2); }
.mt-6 { margin-top: var(--space-6); }
.gap-2 { gap: var(--space-2); }
.gap-4 { gap: var(--space-4); }
.gap-5 { gap: var(--space-5); }
.mb-2 {
margin-bottom: var(--space-2);
}
.mb-4 {
margin-bottom: var(--space-4);
}
.mb-6 {
margin-bottom: var(--space-6);
}
.mt-2 {
margin-top: var(--space-2);
}
.mt-6 {
margin-top: var(--space-6);
}
.gap-2 {
gap: var(--space-2);
}
.gap-4 {
gap: var(--space-4);
}
.gap-5 {
gap: var(--space-5);
}
/* Typography utilities */
.fw-500 { font-weight: 500; }
.text-right { text-align: right; }
.text-center { text-align: center; }
.fw-500 {
font-weight: 500;
}
.text-right {
text-align: right;
}
.text-center {
text-align: center;
}
/* Spinner variant */
.admin-spinner-sm { width: 16px; height: 16px; border-width: 2px; }
.admin-spinner-sm {
width: 16px;
height: 16px;
border-width: 2px;
}
/* ============================================================================
Forms
@@ -357,7 +416,9 @@ img {
font-size: 13px;
font-family: inherit;
outline: none;
transition: border-color 0.3s cubic-bezier(0.4, 0, 0.2, 1), box-shadow 0.3s cubic-bezier(0.4, 0, 0.2, 1);
transition:
border-color 0.3s cubic-bezier(0.4, 0, 0.2, 1),
box-shadow 0.3s cubic-bezier(0.4, 0, 0.2, 1);
box-sizing: border-box;
min-height: 36px;
}
@@ -420,7 +481,9 @@ img {
font-size: 13px;
font-family: inherit;
outline: none;
transition: border-color 0.3s cubic-bezier(0.4, 0, 0.2, 1), box-shadow 0.3s cubic-bezier(0.4, 0, 0.2, 1);
transition:
border-color 0.3s cubic-bezier(0.4, 0, 0.2, 1),
box-shadow 0.3s cubic-bezier(0.4, 0, 0.2, 1);
min-height: 36px;
box-sizing: border-box;
cursor: pointer;
@@ -452,7 +515,9 @@ img {
font-size: 13px;
font-family: inherit;
outline: none;
transition: border-color 0.3s cubic-bezier(0.4, 0, 0.2, 1), box-shadow 0.3s cubic-bezier(0.4, 0, 0.2, 1);
transition:
border-color 0.3s cubic-bezier(0.4, 0, 0.2, 1),
box-shadow 0.3s cubic-bezier(0.4, 0, 0.2, 1);
resize: vertical;
box-sizing: border-box;
min-height: 80px;
@@ -481,7 +546,7 @@ img {
}
.admin-form-checkbox input + span::before {
content: '';
content: "";
display: inline-flex;
align-items: center;
justify-content: center;
@@ -492,7 +557,10 @@ img {
border: 1px solid var(--border-color);
border-radius: 4px;
vertical-align: middle;
transition: border-color var(--transition), box-shadow var(--transition), background var(--transition);
transition:
border-color var(--transition),
box-shadow var(--transition),
background var(--transition);
flex-shrink: 0;
}
@@ -510,7 +578,9 @@ img {
box-shadow: 0 0 0 3px var(--accent-light);
}
.admin-form-checkbox:hover input:not(:checked):not(:disabled):not(:indeterminate) + span::before {
.admin-form-checkbox:hover
input:not(:checked):not(:disabled):not(:indeterminate)
+ span::before {
border-color: var(--border-color-hover);
background: var(--bg-secondary);
}
@@ -641,7 +711,7 @@ img {
/* Required field indicator */
.admin-form-label.required::after {
content: ' *';
content: " *";
color: var(--danger);
font-weight: 600;
}
@@ -760,7 +830,6 @@ img {
color: var(--text-primary);
}
.admin-btn-icon {
display: inline-flex;
align-items: center;
@@ -823,7 +892,7 @@ img {
[data-theme="dark"] .admin-sidebar {
--sb-bg: #141414;
--sb-border: #2a2a2a;
--sb-text: #A0A0A0;
--sb-text: #a0a0a0;
--sb-text-hover: #ddd;
--sb-hover-bg: #1f1f1f;
--sb-active-bg: #ffffff;
@@ -835,14 +904,14 @@ img {
[data-theme="light"] .admin-sidebar {
--sb-bg: #ffffff;
--sb-border: #E8E6E1;
--sb-text: #7C7C84;
--sb-text-hover: #1A1A1A;
--sb-hover-bg: #F5F4F2;
--sb-border: #e8e6e1;
--sb-text: #7c7c84;
--sb-text-hover: #1a1a1a;
--sb-hover-bg: #f5f4f2;
--sb-active-bg: #141414;
--sb-active-text: #ffffff;
--sb-label: #A0A0A0;
--sb-muted: #A0A0A0;
--sb-label: #a0a0a0;
--sb-muted: #a0a0a0;
--sb-scrollbar: #ddd;
}
@@ -866,7 +935,9 @@ img {
padding-right: env(safe-area-inset-right, 0px);
transform: translateX(-100%);
visibility: hidden;
transition: transform 0.3s ease, visibility 0.3s ease;
transition:
transform 0.3s ease,
visibility 0.3s ease;
overflow: hidden;
overscroll-behavior: none;
}
@@ -889,7 +960,9 @@ img {
}
[data-theme="light"] .admin-sidebar {
box-shadow: 1px 0 0 0 var(--sb-border), 4px 0 16px rgba(0, 0, 0, 0.04);
box-shadow:
1px 0 0 0 var(--sb-border),
4px 0 16px rgba(0, 0, 0, 0.04);
}
/* Sidebar Overlay (mobile) */
@@ -1367,8 +1440,6 @@ img {
}
}
/* Stat cards, quick links, dashboard modules moved to dashboard.css */
/* ============================================================================
Tables
============================================================================ */
@@ -1557,21 +1628,54 @@ img {
}
/* Status Badges - Leave Requests */
.badge-pending { background: color-mix(in srgb, var(--warning) 15%, transparent); color: var(--warning); }
.badge-approved { background: color-mix(in srgb, var(--success) 15%, transparent); color: var(--success); }
.badge-rejected { background: color-mix(in srgb, var(--danger) 15%, transparent); color: var(--danger); }
.badge-cancelled { background: var(--muted-light); color: var(--muted); }
.badge-pending {
background: color-mix(in srgb, var(--warning) 15%, transparent);
color: var(--warning);
}
.badge-approved {
background: color-mix(in srgb, var(--success) 15%, transparent);
color: var(--success);
}
.badge-rejected {
background: color-mix(in srgb, var(--danger) 15%, transparent);
color: var(--danger);
}
.badge-cancelled {
background: var(--muted-light);
color: var(--muted);
}
/* Status Badges - Orders */
.admin-badge-order-prijata { background: color-mix(in srgb, var(--info) 15%, transparent); color: var(--info); }
.admin-badge-order-realizace { background: color-mix(in srgb, var(--warning) 15%, transparent); color: var(--warning); }
.admin-badge-order-dokoncena { background: color-mix(in srgb, var(--success) 15%, transparent); color: var(--success); }
.admin-badge-order-stornovana { background: color-mix(in srgb, var(--danger) 15%, transparent); color: var(--danger); }
.admin-badge-order-prijata {
background: color-mix(in srgb, var(--info) 15%, transparent);
color: var(--info);
}
.admin-badge-order-realizace {
background: color-mix(in srgb, var(--warning) 15%, transparent);
color: var(--warning);
}
.admin-badge-order-dokoncena {
background: color-mix(in srgb, var(--success) 15%, transparent);
color: var(--success);
}
.admin-badge-order-stornovana {
background: color-mix(in srgb, var(--danger) 15%, transparent);
color: var(--danger);
}
/* Status Badges - Projects */
.admin-badge-project-aktivni { background: color-mix(in srgb, var(--success) 15%, transparent); color: var(--success); }
.admin-badge-project-dokonceny { background: color-mix(in srgb, var(--info) 15%, transparent); color: var(--info); }
.admin-badge-project-zruseny { background: color-mix(in srgb, var(--danger) 15%, transparent); color: var(--danger); }
.admin-badge-project-aktivni {
background: color-mix(in srgb, var(--success) 15%, transparent);
color: var(--success);
}
.admin-badge-project-dokonceny {
background: color-mix(in srgb, var(--info) 15%, transparent);
color: var(--info);
}
.admin-badge-project-zruseny {
background: color-mix(in srgb, var(--danger) 15%, transparent);
color: var(--danger);
}
/* ============================================================================
Modals
@@ -1823,10 +1927,18 @@ img {
color: var(--text-primary);
}
.admin-toast-success .admin-toast-icon { color: var(--success); }
.admin-toast-error .admin-toast-icon { color: var(--danger); }
.admin-toast-warning .admin-toast-icon { color: var(--warning); }
.admin-toast-info .admin-toast-icon { color: var(--info); }
.admin-toast-success .admin-toast-icon {
color: var(--success);
}
.admin-toast-error .admin-toast-icon {
color: var(--danger);
}
.admin-toast-warning .admin-toast-icon {
color: var(--warning);
}
.admin-toast-info .admin-toast-icon {
color: var(--info);
}
/* ============================================================================
Loading & Animations
@@ -1849,22 +1961,38 @@ img {
}
@keyframes spin {
to { transform: rotate(360deg); }
to {
transform: rotate(360deg);
}
}
@keyframes float {
0%, 100% { transform: translate(0, 0); }
50% { transform: translate(30px, -30px); }
0%,
100% {
transform: translate(0, 0);
}
50% {
transform: translate(30px, -30px);
}
}
@keyframes pulse {
0%, 100% { opacity: 1; }
50% { opacity: 0.5; }
0%,
100% {
opacity: 1;
}
50% {
opacity: 0.5;
}
}
@keyframes shimmer {
0% { background-position: -200% 0; }
100% { background-position: 200% 0; }
0% {
background-position: -200% 0;
}
100% {
background-position: 200% 0;
}
}
/* ============================================================================
@@ -1881,7 +2009,9 @@ img {
}
@keyframes skeleton-fade-in {
to { opacity: 1; }
to {
opacity: 1;
}
}
.admin-skeleton-row {
@@ -1893,18 +2023,37 @@ img {
.admin-skeleton-line {
height: 14px;
border-radius: 6px;
background: linear-gradient(90deg, var(--bg-tertiary) 25%, var(--border-color) 50%, var(--bg-tertiary) 75%);
background: linear-gradient(
90deg,
var(--bg-tertiary) 25%,
var(--border-color) 50%,
var(--bg-tertiary) 75%
);
background-size: 200% 100%;
animation: shimmer 1.2s ease-in-out infinite;
}
.admin-skeleton-line.w-full { width: 100%; }
.admin-skeleton-line.w-3\/4 { width: 75%; }
.admin-skeleton-line.w-1\/2 { width: 50%; }
.admin-skeleton-line.w-1\/3 { width: 33%; }
.admin-skeleton-line.w-1\/4 { width: 25%; }
.admin-skeleton-line.h-8 { height: 32px; }
.admin-skeleton-line.h-10 { height: 40px; }
.admin-skeleton-line.w-full {
width: 100%;
}
.admin-skeleton-line.w-3\/4 {
width: 75%;
}
.admin-skeleton-line.w-1\/2 {
width: 50%;
}
.admin-skeleton-line.w-1\/3 {
width: 33%;
}
.admin-skeleton-line.w-1\/4 {
width: 25%;
}
.admin-skeleton-line.h-8 {
height: 32px;
}
.admin-skeleton-line.h-10 {
height: 40px;
}
.admin-skeleton-line.circle {
width: 40px;
height: 40px;
@@ -1939,7 +2088,10 @@ img {
font-weight: 500;
font-family: inherit;
cursor: pointer;
transition: color 0.2s ease, background 0.2s ease, box-shadow 0.2s ease;
transition:
color 0.2s ease,
background 0.2s ease,
box-shadow 0.2s ease;
letter-spacing: 0.01em;
white-space: nowrap;
}
@@ -1952,7 +2104,9 @@ img {
color: var(--text-primary);
font-weight: 600;
background: var(--bg-secondary);
box-shadow: 0 1px 3px rgba(0, 0, 0, 0.12), 0 0 0 1px var(--border-color);
box-shadow:
0 1px 3px rgba(0, 0, 0, 0.12),
0 0 0 1px var(--border-color);
}
/* ============================================================================
@@ -1986,13 +2140,6 @@ img {
max-width: 320px;
}
/* Back link styles moved to login.css */
/* Attendance styles moved to attendance.css */
/* Sessions/devices styles moved to dashboard.css */
/* Settings/permissions styles moved to settings.css */
.admin-role-locked-notice {
display: flex;
align-items: center;
@@ -2006,13 +2153,6 @@ img {
margin-bottom: 0.5rem;
}
/* Offers styles moved to offers.css */
/* Leave badges moved to leave.css */
/* Order badges moved to orders.css */
/* Project badges moved to projects.css */
/* ============================================================================
React DatePicker Overrides
============================================================================ */
@@ -2060,7 +2200,9 @@ img {
.react-datepicker__day {
color: var(--text-primary) !important;
border-radius: 6px !important;
transition: background 0.15s, color 0.15s !important;
transition:
background 0.15s,
color 0.15s !important;
}
.react-datepicker__day:hover {
@@ -2118,21 +2260,35 @@ img {
background-color: var(--bg-secondary) !important;
}
.react-datepicker__time-container .react-datepicker__time .react-datepicker__time-box {
.react-datepicker__time-container
.react-datepicker__time
.react-datepicker__time-box {
width: 100% !important;
}
.react-datepicker__time-container .react-datepicker__time .react-datepicker__time-box ul.react-datepicker__time-list li.react-datepicker__time-list-item {
.react-datepicker__time-container
.react-datepicker__time
.react-datepicker__time-box
ul.react-datepicker__time-list
li.react-datepicker__time-list-item {
color: var(--text-primary) !important;
transition: background 0.15s !important;
}
.react-datepicker__time-container .react-datepicker__time .react-datepicker__time-box ul.react-datepicker__time-list li.react-datepicker__time-list-item:hover {
.react-datepicker__time-container
.react-datepicker__time
.react-datepicker__time-box
ul.react-datepicker__time-list
li.react-datepicker__time-list-item:hover {
background-color: var(--accent-light) !important;
color: var(--text-primary) !important;
}
.react-datepicker__time-container .react-datepicker__time .react-datepicker__time-box ul.react-datepicker__time-list li.react-datepicker__time-list-item--selected {
.react-datepicker__time-container
.react-datepicker__time
.react-datepicker__time-box
ul.react-datepicker__time-list
li.react-datepicker__time-list-item--selected {
background-color: var(--accent-color) !important;
color: #fff !important;
font-weight: 600 !important;
@@ -2261,7 +2417,7 @@ img {
.admin-form-select,
.admin-form-textarea {
min-height: 44px;
font-size: 16px; /* zabrání auto-zoomu na iOS */
font-size: 16px; /* prevent auto-zoom on iOS */
}
.admin-form-checkbox {
@@ -2397,7 +2553,9 @@ img {
cursor: grab;
border-radius: 4px;
padding: 0;
transition: color 0.15s, background 0.15s;
transition:
color 0.15s,
background 0.15s;
touch-action: none;
}
@@ -2452,7 +2610,10 @@ img {
font-size: 13px;
font-family: var(--font-mono);
cursor: pointer;
transition: background 0.15s, color 0.15s, border-color 0.15s;
transition:
background 0.15s,
color 0.15s,
border-color 0.15s;
}
.admin-pagination-page:hover {
@@ -2722,7 +2883,9 @@ img {
}
@keyframes dp-fade-in {
to { opacity: 1; }
to {
opacity: 1;
}
}
.react-datepicker {
@@ -2758,7 +2921,9 @@ img {
.react-datepicker__day {
color: var(--text-primary) !important;
border-radius: 6px !important;
transition: background 0.15s, color 0.15s !important;
transition:
background 0.15s,
color 0.15s !important;
}
.react-datepicker__day:hover {
@@ -2813,21 +2978,35 @@ img {
background-color: var(--bg-secondary) !important;
}
.react-datepicker__time-container .react-datepicker__time .react-datepicker__time-box {
.react-datepicker__time-container
.react-datepicker__time
.react-datepicker__time-box {
width: 100% !important;
}
.react-datepicker__time-container .react-datepicker__time .react-datepicker__time-box ul.react-datepicker__time-list li.react-datepicker__time-list-item {
.react-datepicker__time-container
.react-datepicker__time
.react-datepicker__time-box
ul.react-datepicker__time-list
li.react-datepicker__time-list-item {
color: var(--text-primary) !important;
transition: background 0.15s !important;
}
.react-datepicker__time-container .react-datepicker__time .react-datepicker__time-box ul.react-datepicker__time-list li.react-datepicker__time-list-item:hover {
.react-datepicker__time-container
.react-datepicker__time
.react-datepicker__time-box
ul.react-datepicker__time-list
li.react-datepicker__time-list-item:hover {
background-color: var(--accent-light) !important;
color: var(--text-primary) !important;
}
.react-datepicker__time-container .react-datepicker__time .react-datepicker__time-box ul.react-datepicker__time-list li.react-datepicker__time-list-item--selected {
.react-datepicker__time-container
.react-datepicker__time
.react-datepicker__time-box
ul.react-datepicker__time-list
li.react-datepicker__time-list-item--selected {
background-color: var(--accent-color) !important;
color: #fff !important;
font-weight: 600 !important;
@@ -3047,4 +3226,3 @@ img {
color: var(--text-tertiary);
cursor: help;
}

201
src/admin/dashboard.css
View File

@@ -18,7 +18,7 @@
}
.admin-stat-card::before {
content: '';
content: "";
position: absolute;
top: 0;
left: 0;
@@ -28,10 +28,18 @@
border-radius: var(--border-radius) var(--border-radius) 0 0;
}
.admin-stat-card.success::before { background: var(--success); }
.admin-stat-card.warning::before { background: var(--warning); }
.admin-stat-card.danger::before { background: var(--danger); }
.admin-stat-card.info::before { background: var(--info); }
.admin-stat-card.success::before {
background: var(--success);
}
.admin-stat-card.warning::before {
background: var(--warning);
}
.admin-stat-card.danger::before {
background: var(--danger);
}
.admin-stat-card.info::before {
background: var(--info);
}
.admin-stat-icon {
width: 40px;
@@ -73,10 +81,22 @@
color: var(--text-secondary);
}
.admin-stat-icon.danger { background: var(--danger-soft); color: var(--danger); }
.admin-stat-icon.info { background: var(--info-soft); color: var(--info); }
.admin-stat-icon.success { background: var(--success-soft); color: var(--success); }
.admin-stat-icon.warning { background: var(--warning-soft); color: var(--warning); }
.admin-stat-icon.danger {
background: var(--danger-soft);
color: var(--danger);
}
.admin-stat-icon.info {
background: var(--info-soft);
color: var(--info);
}
.admin-stat-icon.success {
background: var(--success-soft);
color: var(--success);
}
.admin-stat-icon.warning {
background: var(--warning-soft);
color: var(--warning);
}
/* ============================================================================
Dashboard
@@ -99,10 +119,19 @@
gap: 0.875rem;
}
.dash-kpi-4 { grid-template-columns: repeat(4, 1fr); }
.dash-kpi-3 { grid-template-columns: repeat(3, 1fr); }
.dash-kpi-2 { grid-template-columns: repeat(2, 1fr); }
.dash-kpi-1 { grid-template-columns: 1fr; max-width: 320px; }
.dash-kpi-4 {
grid-template-columns: repeat(4, 1fr);
}
.dash-kpi-3 {
grid-template-columns: repeat(3, 1fr);
}
.dash-kpi-2 {
grid-template-columns: repeat(2, 1fr);
}
.dash-kpi-1 {
grid-template-columns: 1fr;
max-width: 320px;
}
/* Quick actions */
.dash-quick-actions {
@@ -134,20 +163,44 @@
transform: none !important;
}
.dash-quick-btn-success { background: var(--success-soft); color: var(--success); }
.dash-quick-btn-info { background: var(--info-soft); color: var(--info); }
.dash-quick-btn-warning { background: var(--warning-soft); color: var(--warning); }
.dash-quick-btn-danger { background: var(--danger-soft); color: var(--danger); }
.dash-quick-btn-success {
background: var(--success-soft);
color: var(--success);
}
.dash-quick-btn-info {
background: var(--info-soft);
color: var(--info);
}
.dash-quick-btn-warning {
background: var(--warning-soft);
color: var(--warning);
}
.dash-quick-btn-danger {
background: var(--danger-soft);
color: var(--danger);
}
.dash-quick-btn:hover {
transform: translateY(-1px);
filter: brightness(0.95);
}
[data-theme="light"] .dash-quick-btn-success { background: var(--success); color: #fff; }
[data-theme="light"] .dash-quick-btn-info { background: var(--info); color: #fff; }
[data-theme="light"] .dash-quick-btn-warning { background: var(--warning); color: #fff; }
[data-theme="light"] .dash-quick-btn-danger { background: var(--danger); color: #fff; }
[data-theme="light"] .dash-quick-btn-success {
background: var(--success);
color: #fff;
}
[data-theme="light"] .dash-quick-btn-info {
background: var(--info);
color: #fff;
}
[data-theme="light"] .dash-quick-btn-warning {
background: var(--warning);
color: #fff;
}
[data-theme="light"] .dash-quick-btn-danger {
background: var(--danger);
color: #fff;
}
/* Main content 3-col grid */
.dash-main-grid {
@@ -197,12 +250,30 @@
flex-shrink: 0;
}
.dash-activity-icon.success { background: var(--success-soft); color: var(--success); }
.dash-activity-icon.info { background: var(--info-soft); color: var(--info); }
.dash-activity-icon.warning { background: var(--warning-soft); color: var(--warning); }
.dash-activity-icon.danger { background: var(--danger-soft); color: var(--danger); }
.dash-activity-icon.accent { background: var(--accent-soft); color: var(--accent-color); }
.dash-activity-icon.muted { background: var(--bg-tertiary); color: var(--text-secondary); }
.dash-activity-icon.success {
background: var(--success-soft);
color: var(--success);
}
.dash-activity-icon.info {
background: var(--info-soft);
color: var(--info);
}
.dash-activity-icon.warning {
background: var(--warning-soft);
color: var(--warning);
}
.dash-activity-icon.danger {
background: var(--danger-soft);
color: var(--danger);
}
.dash-activity-icon.accent {
background: var(--accent-soft);
color: var(--accent-color);
}
.dash-activity-icon.muted {
background: var(--bg-tertiary);
color: var(--text-secondary);
}
.dash-activity-main {
flex: 1;
@@ -256,10 +327,22 @@
text-transform: uppercase;
}
.dash-presence-avatar.dash-status-in { background: var(--success-soft); color: var(--success); }
.dash-presence-avatar.dash-status-away { background: var(--warning-soft); color: var(--warning); }
.dash-presence-avatar.dash-status-out { background: var(--bg-tertiary); color: var(--text-muted); }
.dash-presence-avatar.dash-status-leave { background: var(--info-soft); color: var(--info); }
.dash-presence-avatar.dash-status-in {
background: var(--success-soft);
color: var(--success);
}
.dash-presence-avatar.dash-status-away {
background: var(--warning-soft);
color: var(--warning);
}
.dash-presence-avatar.dash-status-out {
background: var(--bg-tertiary);
color: var(--text-muted);
}
.dash-presence-avatar.dash-status-leave {
background: var(--info-soft);
color: var(--info);
}
.dash-status-dot {
width: 8px;
@@ -268,15 +351,31 @@
flex-shrink: 0;
}
.dash-status-dot.dash-status-in { background: var(--success); }
.dash-status-dot.dash-status-away { background: var(--warning); }
.dash-status-dot.dash-status-out { background: var(--text-muted); }
.dash-status-dot.dash-status-leave { background: var(--info); }
.dash-status-dot.dash-status-in {
background: var(--success);
}
.dash-status-dot.dash-status-away {
background: var(--warning);
}
.dash-status-dot.dash-status-out {
background: var(--text-muted);
}
.dash-status-dot.dash-status-leave {
background: var(--info);
}
.dash-presence-label.dash-status-in { color: var(--success); }
.dash-presence-label.dash-status-away { color: var(--warning); }
.dash-presence-label.dash-status-out { color: var(--text-muted); }
.dash-presence-label.dash-status-leave { color: var(--info); }
.dash-presence-label.dash-status-in {
color: var(--success);
}
.dash-presence-label.dash-status-away {
color: var(--warning);
}
.dash-presence-label.dash-status-out {
color: var(--text-muted);
}
.dash-presence-label.dash-status-leave {
color: var(--info);
}
.dash-presence-name {
flex: 1;
@@ -414,12 +513,18 @@
grid-template-columns: 1fr 1fr;
}
.dash-kpi-4 { grid-template-columns: repeat(2, 1fr); }
.dash-kpi-4 {
grid-template-columns: repeat(2, 1fr);
}
}
@media (max-width: 768px) {
.dash-kpi-grid { grid-template-columns: repeat(2, 1fr); }
.dash-quick-actions { grid-template-columns: repeat(2, 1fr); }
.dash-kpi-grid {
grid-template-columns: repeat(2, 1fr);
}
.dash-quick-actions {
grid-template-columns: repeat(2, 1fr);
}
.dash-main-grid {
grid-template-columns: 1fr;
@@ -435,9 +540,15 @@
}
@media (max-width: 480px) {
.dash-quick-actions { grid-template-columns: 1fr 1fr; }
.dash-kpi-grid { grid-template-columns: 1fr; }
.dash-profile-grid { grid-template-columns: 1fr; }
.dash-quick-actions {
grid-template-columns: 1fr 1fr;
}
.dash-kpi-grid {
grid-template-columns: 1fr;
}
.dash-profile-grid {
grid-template-columns: 1fr;
}
}
/* ============================================================================

9
src/admin/hooks/useAttendanceAdmin.ts
View File

@@ -479,7 +479,8 @@ export default function useAttendanceAdmin({ alert }: AlertContext) {
// ---- Create modal ----
const [showCreateModal, setShowCreateModal] = useState(false);
const today = new Date().toISOString().split("T")[0];
const now = new Date();
const today = `${now.getFullYear()}-${String(now.getMonth() + 1).padStart(2, "0")}-${String(now.getDate()).padStart(2, "0")}`;
const [createForm, setCreateForm] = useState<ShiftFormData>({
user_id: "",
shift_date: today,
@@ -589,11 +590,9 @@ export default function useAttendanceAdmin({ alert }: AlertContext) {
try {
const [yearStr, monthStr] = month.split("-");
// Build records URL
let recordsUrl = `${API_BASE}/attendance?year=${yearStr}&month=${monthStr}&limit=1000`;
if (filterUserId) recordsUrl += `&user_id=${filterUserId}`;
// Fetch records and balances in parallel
const [recordsResponse, balancesResponse] = await Promise.all([
apiFetch(recordsUrl),
apiFetch(`${API_BASE}/attendance?action=balances&year=${yearStr}`),
@@ -614,7 +613,6 @@ export default function useAttendanceAdmin({ alert }: AlertContext) {
const leaveBalances: Record<string, LeaveBalance> =
balancesObj?.balances ?? balancesObj ?? {};
// Compute user_totals client-side
const userTotals = computeUserTotals(records, usersRef.current, month);
setData((prev) => ({
@@ -670,7 +668,8 @@ export default function useAttendanceAdmin({ alert }: AlertContext) {
// Create modal
// =========================================================================
const openCreateModal = () => {
const todayDate = new Date().toISOString().split("T")[0];
const d = new Date();
const todayDate = `${d.getFullYear()}-${String(d.getMonth() + 1).padStart(2, "0")}-${String(d.getDate()).padStart(2, "0")}`;
setCreateForm({
user_id: "",
shift_date: todayDate,

5
src/admin/invoices.css
View File

@@ -48,7 +48,9 @@
background: transparent;
color: var(--text-secondary);
cursor: pointer;
transition: border-color 0.15s, color 0.15s;
transition:
border-color 0.15s,
color 0.15s;
}
.invoice-month-btn:hover:not(:disabled) {
@@ -138,4 +140,3 @@
max-width: 200px;
}
}

215
src/admin/offers.css
View File

@@ -164,7 +164,11 @@
}
.offers-scope-section:hover {
border-color: color-mix(in srgb, var(--border-color) 70%, var(--accent-color));
border-color: color-mix(
in srgb,
var(--border-color) 70%,
var(--accent-color)
);
}
.offers-scope-section-header {
@@ -397,7 +401,10 @@
font-weight: 500;
font-family: inherit;
cursor: pointer;
transition: color 0.2s ease, background 0.2s ease, box-shadow 0.2s ease;
transition:
color 0.2s ease,
background 0.2s ease,
box-shadow 0.2s ease;
letter-spacing: 0.01em;
white-space: nowrap;
}
@@ -410,7 +417,9 @@
color: var(--text-primary);
font-weight: 600;
background: var(--bg-secondary);
box-shadow: 0 1px 3px rgba(0, 0, 0, 0.12), 0 0 0 1px var(--border-color);
box-shadow:
0 1px 3px rgba(0, 0, 0, 0.12),
0 0 0 1px var(--border-color);
}
/* RichEditor (Quill) */
@@ -509,78 +518,189 @@
}
/* Font picker */
.rich-editor .ql-snow .ql-font .ql-picker-options { min-width: 11rem; max-height: 200px; overflow-y: auto; }
.rich-editor .ql-snow .ql-size .ql-picker-options { max-height: 200px; overflow-y: auto; }
.rich-editor .ql-snow .ql-font .ql-picker-options {
min-width: 11rem;
max-height: 200px;
overflow-y: auto;
}
.rich-editor .ql-snow .ql-size .ql-picker-options {
max-height: 200px;
overflow-y: auto;
}
/* Font labels - vysoka specificita kvuli quill.snow.css */
.ql-snow .ql-picker.ql-font .ql-picker-label[data-value="arial"]::before,
.ql-snow .ql-picker.ql-font .ql-picker-item[data-value="arial"]::before { content: 'Arial' !important; font-family: Arial, sans-serif; }
.ql-snow .ql-picker.ql-font .ql-picker-item[data-value="arial"]::before {
content: "Arial" !important;
font-family: Arial, sans-serif;
}
.ql-snow .ql-picker.ql-font .ql-picker-label[data-value="tahoma"]::before,
.ql-snow .ql-picker.ql-font .ql-picker-item[data-value="tahoma"]::before { content: 'Tahoma' !important; font-family: Tahoma, sans-serif; }
.ql-snow .ql-picker.ql-font .ql-picker-item[data-value="tahoma"]::before {
content: "Tahoma" !important;
font-family: Tahoma, sans-serif;
}
.ql-snow .ql-picker.ql-font .ql-picker-label[data-value="verdana"]::before,
.ql-snow .ql-picker.ql-font .ql-picker-item[data-value="verdana"]::before { content: 'Verdana' !important; font-family: Verdana, sans-serif; }
.ql-snow .ql-picker.ql-font .ql-picker-item[data-value="verdana"]::before {
content: "Verdana" !important;
font-family: Verdana, sans-serif;
}
.ql-snow .ql-picker.ql-font .ql-picker-label[data-value="georgia"]::before,
.ql-snow .ql-picker.ql-font .ql-picker-item[data-value="georgia"]::before { content: 'Georgia' !important; font-family: Georgia, serif; }
.ql-snow .ql-picker.ql-font .ql-picker-label[data-value="times-new-roman"]::before,
.ql-snow .ql-picker.ql-font .ql-picker-item[data-value="times-new-roman"]::before { content: 'Times New Roman' !important; font-family: 'Times New Roman', serif; }
.ql-snow .ql-picker.ql-font .ql-picker-item[data-value="georgia"]::before {
content: "Georgia" !important;
font-family: Georgia, serif;
}
.ql-snow
.ql-picker.ql-font
.ql-picker-label[data-value="times-new-roman"]::before,
.ql-snow
.ql-picker.ql-font
.ql-picker-item[data-value="times-new-roman"]::before {
content: "Times New Roman" !important;
font-family: "Times New Roman", serif;
}
.ql-snow .ql-picker.ql-font .ql-picker-label[data-value="courier-new"]::before,
.ql-snow .ql-picker.ql-font .ql-picker-item[data-value="courier-new"]::before { content: 'Courier New' !important; font-family: 'Courier New', monospace; }
.ql-snow .ql-picker.ql-font .ql-picker-item[data-value="courier-new"]::before {
content: "Courier New" !important;
font-family: "Courier New", monospace;
}
.ql-snow .ql-picker.ql-font .ql-picker-label[data-value="trebuchet-ms"]::before,
.ql-snow .ql-picker.ql-font .ql-picker-item[data-value="trebuchet-ms"]::before { content: 'Trebuchet MS' !important; font-family: 'Trebuchet MS', sans-serif; }
.ql-snow .ql-picker.ql-font .ql-picker-item[data-value="trebuchet-ms"]::before {
content: "Trebuchet MS" !important;
font-family: "Trebuchet MS", sans-serif;
}
.ql-snow .ql-picker.ql-font .ql-picker-label[data-value="impact"]::before,
.ql-snow .ql-picker.ql-font .ql-picker-item[data-value="impact"]::before { content: 'Impact' !important; font-family: Impact, sans-serif; }
.ql-snow .ql-picker.ql-font .ql-picker-label[data-value="comic-sans-ms"]::before,
.ql-snow .ql-picker.ql-font .ql-picker-item[data-value="comic-sans-ms"]::before { content: 'Comic Sans MS' !important; font-family: 'Comic Sans MS', cursive; }
.ql-snow .ql-picker.ql-font .ql-picker-label[data-value="lucida-console"]::before,
.ql-snow .ql-picker.ql-font .ql-picker-item[data-value="lucida-console"]::before { content: 'Lucida Console' !important; font-family: 'Lucida Console', monospace; }
.ql-snow .ql-picker.ql-font .ql-picker-label[data-value="palatino-linotype"]::before,
.ql-snow .ql-picker.ql-font .ql-picker-item[data-value="palatino-linotype"]::before { content: 'Palatino Linotype' !important; font-family: 'Palatino Linotype', serif; }
.ql-snow .ql-picker.ql-font .ql-picker-item[data-value="impact"]::before {
content: "Impact" !important;
font-family: Impact, sans-serif;
}
.ql-snow
.ql-picker.ql-font
.ql-picker-label[data-value="comic-sans-ms"]::before,
.ql-snow
.ql-picker.ql-font
.ql-picker-item[data-value="comic-sans-ms"]::before {
content: "Comic Sans MS" !important;
font-family: "Comic Sans MS", cursive;
}
.ql-snow
.ql-picker.ql-font
.ql-picker-label[data-value="lucida-console"]::before,
.ql-snow
.ql-picker.ql-font
.ql-picker-item[data-value="lucida-console"]::before {
content: "Lucida Console" !important;
font-family: "Lucida Console", monospace;
}
.ql-snow
.ql-picker.ql-font
.ql-picker-label[data-value="palatino-linotype"]::before,
.ql-snow
.ql-picker.ql-font
.ql-picker-item[data-value="palatino-linotype"]::before {
content: "Palatino Linotype" !important;
font-family: "Palatino Linotype", serif;
}
.ql-snow .ql-picker.ql-font .ql-picker-label[data-value="garamond"]::before,
.ql-snow .ql-picker.ql-font .ql-picker-item[data-value="garamond"]::before { content: 'Garamond' !important; font-family: Garamond, serif; }
.ql-snow .ql-picker.ql-font .ql-picker-item[data-value="garamond"]::before {
content: "Garamond" !important;
font-family: Garamond, serif;
}
/* Font classes */
.ql-font-arial { font-family: Arial, sans-serif; }
.ql-font-tahoma { font-family: Tahoma, sans-serif; }
.ql-font-verdana { font-family: Verdana, sans-serif; }
.ql-font-georgia { font-family: Georgia, serif; }
.ql-font-times-new-roman { font-family: 'Times New Roman', serif; }
.ql-font-courier-new { font-family: 'Courier New', monospace; }
.ql-font-trebuchet-ms { font-family: 'Trebuchet MS', sans-serif; }
.ql-font-impact { font-family: Impact, sans-serif; }
.ql-font-comic-sans-ms { font-family: 'Comic Sans MS', cursive; }
.ql-font-lucida-console { font-family: 'Lucida Console', monospace; }
.ql-font-palatino-linotype { font-family: 'Palatino Linotype', serif; }
.ql-font-garamond { font-family: Garamond, serif; }
.ql-font-arial {
font-family: Arial, sans-serif;
}
.ql-font-tahoma {
font-family: Tahoma, sans-serif;
}
.ql-font-verdana {
font-family: Verdana, sans-serif;
}
.ql-font-georgia {
font-family: Georgia, serif;
}
.ql-font-times-new-roman {
font-family: "Times New Roman", serif;
}
.ql-font-courier-new {
font-family: "Courier New", monospace;
}
.ql-font-trebuchet-ms {
font-family: "Trebuchet MS", sans-serif;
}
.ql-font-impact {
font-family: Impact, sans-serif;
}
.ql-font-comic-sans-ms {
font-family: "Comic Sans MS", cursive;
}
.ql-font-lucida-console {
font-family: "Lucida Console", monospace;
}
.ql-font-palatino-linotype {
font-family: "Palatino Linotype", serif;
}
.ql-font-garamond {
font-family: Garamond, serif;
}
/* Size picker */
.ql-snow .ql-picker.ql-size .ql-picker-label[data-value="8px"]::before,
.ql-snow .ql-picker.ql-size .ql-picker-item[data-value="8px"]::before { content: '8px' !important; }
.ql-snow .ql-picker.ql-size .ql-picker-item[data-value="8px"]::before {
content: "8px" !important;
}
.ql-snow .ql-picker.ql-size .ql-picker-label[data-value="9px"]::before,
.ql-snow .ql-picker.ql-size .ql-picker-item[data-value="9px"]::before { content: '9px' !important; }
.ql-snow .ql-picker.ql-size .ql-picker-item[data-value="9px"]::before {
content: "9px" !important;
}
.ql-snow .ql-picker.ql-size .ql-picker-label[data-value="10px"]::before,
.ql-snow .ql-picker.ql-size .ql-picker-item[data-value="10px"]::before { content: '10px' !important; }
.ql-snow .ql-picker.ql-size .ql-picker-item[data-value="10px"]::before {
content: "10px" !important;
}
.ql-snow .ql-picker.ql-size .ql-picker-label[data-value="11px"]::before,
.ql-snow .ql-picker.ql-size .ql-picker-item[data-value="11px"]::before { content: '11px' !important; }
.ql-snow .ql-picker.ql-size .ql-picker-item[data-value="11px"]::before {
content: "11px" !important;
}
.ql-snow .ql-picker.ql-size .ql-picker-label[data-value="12px"]::before,
.ql-snow .ql-picker.ql-size .ql-picker-item[data-value="12px"]::before { content: '12px' !important; }
.ql-snow .ql-picker.ql-size .ql-picker-item[data-value="12px"]::before {
content: "12px" !important;
}
.ql-snow .ql-picker.ql-size .ql-picker-label[data-value="14px"]::before,
.ql-snow .ql-picker.ql-size .ql-picker-item[data-value="14px"]::before { content: '14px' !important; }
.ql-snow .ql-picker.ql-size .ql-picker-item[data-value="14px"]::before {
content: "14px" !important;
}
.ql-snow .ql-picker.ql-size .ql-picker-label[data-value="16px"]::before,
.ql-snow .ql-picker.ql-size .ql-picker-item[data-value="16px"]::before { content: '16px' !important; }
.ql-snow .ql-picker.ql-size .ql-picker-item[data-value="16px"]::before {
content: "16px" !important;
}
.ql-snow .ql-picker.ql-size .ql-picker-label[data-value="18px"]::before,
.ql-snow .ql-picker.ql-size .ql-picker-item[data-value="18px"]::before { content: '18px' !important; }
.ql-snow .ql-picker.ql-size .ql-picker-item[data-value="18px"]::before {
content: "18px" !important;
}
.ql-snow .ql-picker.ql-size .ql-picker-label[data-value="20px"]::before,
.ql-snow .ql-picker.ql-size .ql-picker-item[data-value="20px"]::before { content: '20px' !important; }
.ql-snow .ql-picker.ql-size .ql-picker-item[data-value="20px"]::before {
content: "20px" !important;
}
.ql-snow .ql-picker.ql-size .ql-picker-label[data-value="24px"]::before,
.ql-snow .ql-picker.ql-size .ql-picker-item[data-value="24px"]::before { content: '24px' !important; }
.ql-snow .ql-picker.ql-size .ql-picker-item[data-value="24px"]::before {
content: "24px" !important;
}
.ql-snow .ql-picker.ql-size .ql-picker-label[data-value="28px"]::before,
.ql-snow .ql-picker.ql-size .ql-picker-item[data-value="28px"]::before { content: '28px' !important; }
.ql-snow .ql-picker.ql-size .ql-picker-item[data-value="28px"]::before {
content: "28px" !important;
}
.ql-snow .ql-picker.ql-size .ql-picker-label[data-value="32px"]::before,
.ql-snow .ql-picker.ql-size .ql-picker-item[data-value="32px"]::before { content: '32px' !important; }
.ql-snow .ql-picker.ql-size .ql-picker-item[data-value="32px"]::before {
content: "32px" !important;
}
.ql-snow .ql-picker.ql-size .ql-picker-label[data-value="36px"]::before,
.ql-snow .ql-picker.ql-size .ql-picker-item[data-value="36px"]::before { content: '36px' !important; }
.ql-snow .ql-picker.ql-size .ql-picker-item[data-value="36px"]::before {
content: "36px" !important;
}
.ql-snow .ql-picker.ql-size .ql-picker-label[data-value="48px"]::before,
.ql-snow .ql-picker.ql-size .ql-picker-item[data-value="48px"]::before { content: '48px' !important; }
.ql-snow .ql-picker.ql-size .ql-picker-item[data-value="48px"]::before {
content: "48px" !important;
}
/* Editor area */
.rich-editor .ql-container.ql-snow {
@@ -627,7 +747,6 @@
flex-shrink: 0;
}
/* Tooltip (link editor) */
.rich-editor .ql-snow .ql-tooltip {
background: var(--bg-primary);

5
src/admin/pages/Attendance.tsx
View File

@@ -755,10 +755,7 @@ export default function Attendance() {
{formatTime(shift.departure_time)}
</td>
<td className="admin-mono">
{formatMinutes(
calculateWorkMinutes(shift as any),
true,
)}
{formatMinutes(calculateWorkMinutes(shift), true)}
</td>
{projects.length > 0 && (
<td>

3
src/admin/pages/AttendanceHistory.tsx
View File

@@ -156,7 +156,6 @@ export default function AttendanceHistory() {
fetchData();
}, [fetchData]);
// Compute totals client-side from raw records
const computed = useMemo(() => {
const [yearStr, monthStr] = month.split("-");
const monthIndex = parseInt(monthStr, 10) - 1;
@@ -181,11 +180,9 @@ export default function AttendanceHistory() {
}
}
// Compute monthly fund (working days * 8h)
// Exclude holidays from business days (matching PHP CzechHolidays logic)
const yr = parseInt(yearStr, 10);
const mo = parseInt(monthStr, 10) - 1;
// Count holiday records to subtract from business days
const holidayDays = records.filter(
(r) => (r.leave_type || "work") === "holiday",
).length;

138
src/admin/pages/InvoiceDetail.tsx
View File

@@ -12,7 +12,7 @@ import Forbidden from "../components/Forbidden";
import FormField from "../components/FormField";
import AdminDatePicker from "../components/AdminDatePicker";
import ConfirmModal from "../components/ConfirmModal";
import { motion, AnimatePresence } from "framer-motion";
import { motion } from "framer-motion";
import {
DndContext,
closestCenter,
@@ -104,6 +104,7 @@ interface InvoiceForm {
issued_by: string;
billing_text: string;
notes: string;
language: string;
bank_account_id: number | string;
bank_name: string;
bank_swift: string;
@@ -132,6 +133,7 @@ interface Invoice {
issued_by: string | null;
paid_date?: string;
notes: string;
language: string;
apply_vat: number | string;
items: Omit<InvoiceItem, "_key">[];
valid_transitions?: string[];
@@ -521,6 +523,7 @@ export default function InvoiceDetail() {
issued_by: user?.fullName || "",
billing_text: "",
notes: "",
language: "cs",
bank_account_id: "",
bank_name: "",
bank_swift: "",
@@ -536,12 +539,10 @@ export default function InvoiceDetail() {
const [loading, setLoading] = useState(true);
const [invoiceNumber, setInvoiceNumber] = useState("");
// Customer selector (create mode)
const [customers, setCustomers] = useState<Customer[]>([]);
const [customerSearch, setCustomerSearch] = useState("");
const [showCustomerDropdown, setShowCustomerDropdown] = useState(false);
// Draft
const DRAFT_KEY = "boha_invoice_draft";
const clearDraft = useCallback(() => {
@@ -561,18 +562,15 @@ export default function InvoiceDetail() {
status: string | null;
}>({ show: false, status: null });
const [pdfLoading, setPdfLoading] = useState(false);
const [langModal, setLangModal] = useState(false);
const [deleteConfirm, setDeleteConfirm] = useState(false);
const [deleting, setDeleting] = useState(false);
// Edit items (edit mode)
const [editingItems, setEditingItems] = useState(false);
const [editItems, setEditItems] = useState<InvoiceItem[]>([]);
const editKeyCounter = useRef(0);
// ─── Data loading ───
// Create mode: load next number, customers, bank accounts, order data
useEffect(() => {
if (isEdit) return;
const load = async () => {
@@ -843,6 +841,9 @@ export default function InvoiceDetail() {
const result = await response.json();
if (result.success) {
clearDraft();
await apiFetch(
`${API_BASE}/invoices-pdf/${result.data.invoice_id}?lang=${form.language}&save=1`,
).catch(() => {});
alert.success(result.message || "Faktura byla vytvořena");
navigate(`/invoices/${result.data.invoice_id}`);
} else {
@@ -918,6 +919,9 @@ export default function InvoiceDetail() {
});
const result = await response.json();
if (result.success) {
await apiFetch(
`${API_BASE}/invoices-pdf/${id}?lang=${invoice?.language || "cs"}&save=1`,
).catch(() => {});
alert.success("Poznámky byly uloženy");
} else {
alert.error(result.error || "Nepodařilo se uložit poznámky");
@@ -930,28 +934,19 @@ export default function InvoiceDetail() {
};
// ─── Edit mode: PDF export ───
const handleViewPdf = async (lang = "cs") => {
setLangModal(false);
const newWindow = window.open("", "_blank");
const handleViewPdf = async (_lang = "cs") => {
setPdfLoading(true);
try {
const response = await apiFetch(
`${API_BASE}/invoices-pdf/${id}?lang=${encodeURIComponent(lang)}`,
);
const response = await apiFetch(`${API_BASE}/invoices/${id}/file`);
if (!response.ok) {
newWindow?.close();
alert.error("Nepodařilo se vygenerovat PDF");
alert.error("PDF soubor nenalezen — uložte fakturu pro vygenerování");
return;
}
const html = await response.text();
if (newWindow) {
newWindow.document.open();
newWindow.document.write(html);
newWindow.document.close();
newWindow.onload = () => newWindow.print();
}
const blob = await response.blob();
const url = URL.createObjectURL(blob);
window.open(url, "_blank");
setTimeout(() => URL.revokeObjectURL(url), 60000);
} catch {
newWindow?.close();
alert.error("Chyba připojení");
} finally {
setPdfLoading(false);
@@ -1028,6 +1023,10 @@ export default function InvoiceDetail() {
});
const result = await response.json();
if (result.success) {
// Regenerate PDF on NAS (fire-and-forget)
await apiFetch(
`${API_BASE}/invoices-pdf/${id}?lang=${invoice?.language || "cs"}&save=1`,
).catch(() => {});
alert.success("Položky byly uloženy");
setEditingItems(false);
fetchDetail();
@@ -1379,6 +1378,21 @@ export default function InvoiceDetail() {
<option value="USD">USD ($)</option>
</select>
</FormField>
<FormField label="Jazyk faktury">
<select
value={form.language}
onChange={(e) =>
setForm((prev) => ({
...prev,
language: e.target.value,
}))
}
className="admin-form-select"
>
<option value="cs">Čeština</option>
<option value="en">English</option>
</select>
</FormField>
<FormField label="DPH">
<div className="flex-row-gap">
<label
@@ -1608,19 +1622,20 @@ export default function InvoiceDetail() {
</div>
</div>
<div className="admin-page-actions">
{hasPermission("invoices.export") && (
{hasPermission("invoices.export") && invoice && (
<button
onClick={() => setLangModal(true)}
onClick={() => handleViewPdf(invoice.language || "cs")}
className="admin-btn admin-btn-secondary"
style={{
display: "inline-flex",
alignItems: "center",
gap: "0.4rem",
}}
disabled={pdfLoading}
>
{pdfLoading ? (
<>
<div className="admin-spinner admin-spinner-sm" />
PDF...
</>
) : (
<>
<svg
width="16"
height="16"
@@ -1632,9 +1647,8 @@ export default function InvoiceDetail() {
<path d="M14 2H6a2 2 0 0 0-2 2v16a2 2 0 0 0 2 2h12a2 2 0 0 0 2-2V8z" />
<polyline points="14 2 14 8 20 8" />
</svg>
PDF
</>
)}
Zobrazit fakturu
</button>
)}
{hasPermission("invoices.edit") &&
@@ -2026,70 +2040,6 @@ export default function InvoiceDetail() {
type="danger"
loading={deleting}
/>
{/* Language selection for PDF */}
<AnimatePresence>
{langModal && (
<motion.div
className="admin-modal-overlay"
initial={{ opacity: 0 }}
animate={{ opacity: 1 }}
exit={{ opacity: 0 }}
transition={{ duration: 0.2 }}
>
<div
className="admin-modal-backdrop"
onClick={() => setLangModal(false)}
/>
<motion.div
className="admin-modal admin-confirm-modal"
role="dialog"
aria-modal="true"
initial={{ opacity: 0, scale: 0.95, y: 20 }}
animate={{ opacity: 1, scale: 1, y: 0 }}
exit={{ opacity: 0, scale: 0.95, y: 20 }}
transition={{ duration: 0.2 }}
>
<div className="admin-modal-body admin-confirm-content">
<div className="admin-confirm-icon admin-confirm-icon-info">
<svg
width="24"
height="24"
viewBox="0 0 24 24"
fill="none"
stroke="currentColor"
strokeWidth="2"
>
<path d="M12 22c5.523 0 10-4.477 10-10S17.523 2 12 2 2 6.477 2 12s4.477 10 10 10z" />
<path d="M2 12h20" />
<path d="M12 2a15.3 15.3 0 0 1 4 10 15.3 15.3 0 0 1-4 10 15.3 15.3 0 0 1-4-10 15.3 15.3 0 0 1 4-10z" />
</svg>
</div>
<h2 className="admin-confirm-title">Jazyk faktury</h2>
<p className="admin-confirm-message">
V jakém jazyce chcete vygenerovat fakturu?
</p>
</div>
<div className="admin-modal-footer">
<button
type="button"
onClick={() => handleViewPdf("cs")}
className="admin-btn admin-btn-primary"
>
Čeština
</button>
<button
type="button"
onClick={() => handleViewPdf("en")}
className="admin-btn admin-btn-primary"
>
English
</button>
</div>
</motion.div>
</motion.div>
)}
</AnimatePresence>
</div>
);
}

6
src/admin/pages/Invoices.tsx
View File

@@ -223,7 +223,11 @@ export default function Invoices() {
sort,
order,
page,
extraParams: statusFilter ? { status: statusFilter } : {},
extraParams: {
month: String(statsMonth),
year: String(statsYear),
...(statusFilter ? { status: statusFilter } : {}),
},
errorMsg: "Nepodařilo se načíst faktury",
});

39
src/admin/pages/OfferDetail.tsx
View File

@@ -345,7 +345,6 @@ export default function OfferDetail() {
form.valid_until &&
new Date(form.valid_until) < new Date(new Date().toDateString());
// Load data
const fetchDetail = useCallback(async () => {
if (!id) return;
try {
@@ -473,7 +472,6 @@ export default function OfferDetail() {
}
}, [showCustomerDropdown]);
// Fetch next quotation number for new offers
useEffect(() => {
if (isEdit) return;
const fetchNextNumber = async () => {
@@ -584,7 +582,6 @@ export default function OfferDetail() {
setItems((prev) => prev.filter((_, i) => i !== index));
};
// Totals
const subtotal = items.reduce((sum, item) => {
if (item.is_included_in_total) {
return (
@@ -624,6 +621,12 @@ export default function OfferDetail() {
});
const result = await response.json();
if (result.success) {
const offerId = isEdit ? id : result.data?.id;
if (offerId) {
await apiFetch(`${API_BASE}/offers-pdf/${offerId}?save=1`).catch(
() => {},
);
}
alert.success(
result.message ||
(isEdit ? "Nabídka byla aktualizována" : "Nabídka byla vytvořena"),
@@ -736,22 +739,16 @@ export default function OfferDetail() {
if (!isEdit || pdfLoading) return;
setPdfLoading(true);
try {
const response = await apiFetch(`${API_BASE}/offers-pdf/${id}`);
const response = await apiFetch(`${API_BASE}/offers/${id}/file`);
if (response.status === 401) return;
if (!response.ok) {
alert.error("Nepodařilo se vygenerovat PDF");
alert.error("PDF soubor nenalezen — uložte nabídku pro vygenerování");
return;
}
const html = await response.text();
const w = window.open("", "_blank");
if (w) {
w.document.open();
w.document.write(html);
w.document.close();
w.onload = () => w.print();
} else {
alert.error("Prohlížeč zablokoval vyskakovací okno");
}
const blob = await response.blob();
const url = URL.createObjectURL(blob);
window.open(url, "_blank");
setTimeout(() => URL.revokeObjectURL(url), 60000);
} catch {
alert.error("Chyba při generování PDF");
} finally {
@@ -858,15 +855,16 @@ export default function OfferDetail() {
<button
onClick={handlePdf}
className="admin-btn admin-btn-secondary"
style={{
display: "inline-flex",
alignItems: "center",
gap: "0.4rem",
}}
disabled={pdfLoading}
>
{pdfLoading ? (
<>
<div className="admin-spinner admin-spinner-sm" />
PDF...
</>
) : (
<>
<svg
width="16"
height="16"
@@ -878,9 +876,8 @@ export default function OfferDetail() {
<path d="M14 2H6a2 2 0 0 0-2 2v16a2 2 0 0 0 2 2h12a2 2 0 0 0 2-2V8z" />
<polyline points="14 2 14 8 20 8" />
</svg>
PDF
</>
)}
Zobrazit nabídku
</button>
)}
{isEdit &&

19
src/admin/pages/ReceivedInvoices.tsx
View File

@@ -148,7 +148,6 @@ export default function ReceivedInvoices({
const { sort, order, handleSort, activeSort } = useTableSort("created_at");
const [search, setSearch] = useState("");
// Data
const [invoices, setInvoices] = useState<ReceivedInvoice[]>([]);
const [loading, setLoading] = useState(true);
const [stats, setStats] = useState<ReceivedStats | null>(null);
@@ -159,7 +158,6 @@ export default function ReceivedInvoices({
const prevMonth = useRef(statsMonth);
const prevYear = useRef(statsYear);
// Modals
const [editOpen, setEditOpen] = useState(false);
const [editInvoice, setEditInvoice] = useState<EditInvoice | null>(null);
const [deleteConfirm, setDeleteConfirm] = useState<{
@@ -169,10 +167,8 @@ export default function ReceivedInvoices({
const [deleting, setDeleting] = useState(false);
const [saving, setSaving] = useState(false);
// Supplier autocomplete
const [supplierNames, setSupplierNames] = useState<string[]>([]);
// Upload state
const [uploadFiles, setUploadFiles] = useState<File[]>([]);
const [uploadMeta, setUploadMeta] = useState<UploadMeta[]>([]);
const [uploadErrors, setUploadErrors] = useState<UploadErrors>({});
@@ -180,7 +176,6 @@ export default function ReceivedInvoices({
useModalLock(uploadOpen || editOpen);
// Slide direction detection
useEffect(() => {
const prev = prevYear.current * 12 + prevMonth.current;
const curr = statsYear * 12 + statsMonth;
@@ -194,7 +189,6 @@ export default function ReceivedInvoices({
prevYear.current = statsYear;
}, [statsMonth, statsYear]);
// Fetch list
const fetchList = useCallback(async () => {
if (!hasLoadedOnce.current) setLoading(true);
try {
@@ -228,7 +222,6 @@ export default function ReceivedInvoices({
fetchList();
}, [fetchList]);
// Fetch supplier names for autocomplete
useEffect(() => {
apiFetch(`${API_BASE}/received-invoices/suppliers`)
.then((r) => r.json())
@@ -277,7 +270,6 @@ export default function ReceivedInvoices({
load();
}, [statsMonth, statsYear]);
// Upload handlers
const handleFileSelect = (e: React.ChangeEvent<HTMLInputElement>) => {
const selected = Array.from(e.target.files || []);
if (selected.length === 0) {
@@ -384,7 +376,6 @@ export default function ReceivedInvoices({
}
};
// Edit handlers
const toDateInput = (d: string | null | undefined): string => {
if (!d) return "";
const date = new Date(d);
@@ -455,7 +446,6 @@ export default function ReceivedInvoices({
}
};
// Delete
const handleDelete = async () => {
if (!deleteConfirm.invoice) {
return;
@@ -484,26 +474,20 @@ export default function ReceivedInvoices({
}
};
// View file
const openFile = async (inv: ReceivedInvoice) => {
const newWindow = window.open("", "_blank");
try {
const response = await apiFetch(
`${API_BASE}/received-invoices/${inv.id}/file`,
);
if (!response.ok) {
newWindow?.close();
alert.error("Nepodařilo se načíst soubor");
return;
}
const blob = await response.blob();
const url = URL.createObjectURL(blob);
if (newWindow) {
newWindow.location.href = url;
}
window.open(url, "_blank");
setTimeout(() => URL.revokeObjectURL(url), 60000);
} catch {
newWindow?.close();
alert.error("Chyba připojení");
}
};
@@ -531,7 +515,6 @@ export default function ReceivedInvoices({
const monthLabel = `${MONTH_NAMES[statsMonth - 1]}`;
// KPI
const renderKpi = () => {
if (!hasLoadedOnce.current && statsLoading) {
return (

1
src/admin/pages/Settings.tsx
View File

@@ -55,7 +55,6 @@ export default function Settings() {
Record<string, Permission[]>
>({});
// 2FA requirement
const [require2FA, setRequire2FA] = useState(false);
const [require2FALoading, setRequire2FALoading] = useState(true);
const [require2FASaving, setRequire2FASaving] = useState(false);

11
src/config/env.ts
View File

@@ -4,10 +4,11 @@ dotenv.config();
// Set timezone for Date operations — all attendance/time records are in Czech local time
process.env.TZ = process.env.TZ || "Europe/Prague";
// Override Date.toJSON to serialize as local time instead of UTC
// MySQL DATETIME stores local time, Prisma creates Date objects,
// JSON.stringify calls toJSON() which defaults to toISOString() (UTC with Z suffix).
// This causes times to shift by timezone offset on the frontend.
// Override Date.toJSON so JSON.stringify outputs local time (Europe/Prague).
// Prisma stores UTC in MySQL DATETIME columns. When reading, it creates
// JS Date objects with correct UTC internals. The default toJSON() calls
// toISOString() which returns UTC — this override uses local getters instead,
// so the frontend always receives times in the user's timezone.
Date.prototype.toJSON = function () {
const y = this.getFullYear();
const m = String(this.getMonth() + 1).padStart(2, "0");
@@ -53,6 +54,8 @@ export const config = {
nas: {
path: process.env.NAS_PATH || "Z:/02_PROJEKTY",
financialsPath: process.env.NAS_FINANCIALS_PATH || "",
offersPath: process.env.NAS_OFFERS_PATH || "",
maxUploadSize: parseInt(process.env.MAX_UPLOAD_SIZE || "52428800", 10),
},

3
src/routes/admin/attendance.ts
View File

@@ -16,6 +16,7 @@ import {
UpdateAttendanceSchema,
} from "../../schemas/attendance.schema";
import * as attendanceService from "../../services/attendance.service";
import { localMonthStr } from "../../utils/date";
export default async function attendanceRoutes(
fastify: FastifyInstance,
@@ -125,7 +126,7 @@ export default async function attendanceRoutes(
const monthStr = query.month
? String(query.month)
: `${new Date().getFullYear()}-${String(new Date().getMonth() + 1).padStart(2, "0")}`;
: localMonthStr(new Date());
const filterUserId = query.user_id ? Number(query.user_id) : null;
const data = await attendanceService.getPrintData(monthStr, filterUserId);
return reply.send({ success: true, data });

2
src/routes/admin/auth.ts
View File

@@ -128,7 +128,6 @@ export default async function authRoutes(
return error(reply, "Neplatný TOTP kód", 401);
}
// Delete used login token
await prisma.totp_login_tokens.delete({ where: { id: storedToken.id } });
// Reset failed attempts and update last login (TOTP verified = successful login)
@@ -149,7 +148,6 @@ export default async function authRoutes(
return error(reply, "Chyba načítání uživatele", 500);
}
// Create tokens manually since password was already verified
const jwt = await import("jsonwebtoken");
const accessToken = jwt.default.sign(
{

7
src/routes/admin/bank-accounts.ts
View File

@@ -40,8 +40,7 @@ export default async function bankAccountsRoutes(
iban: body.iban ? String(body.iban) : null,
bic: body.bic ? String(body.bic) : null,
currency: body.currency ? String(body.currency) : "CZK",
is_default:
!!body.is_default,
is_default: !!body.is_default,
position: body.position ? Number(body.position) : 0,
},
});
@@ -107,9 +106,7 @@ export default async function bankAccountsRoutes(
currency:
body.currency !== undefined ? String(body.currency) : undefined,
is_default:
body.is_default !== undefined
? !!body.is_default
: undefined,
body.is_default !== undefined ? !!body.is_default : undefined,
position:
body.position !== undefined ? Number(body.position) : undefined,
modified_at: new Date(),

7
src/routes/admin/dashboard.ts
View File

@@ -2,6 +2,7 @@ import { FastifyInstance } from "fastify";
import prisma from "../../config/database";
import { requireAuth } from "../../middleware/auth";
import { success } from "../../utils/response";
import { localTimeStr } from "../../utils/date";
export default async function dashboardRoutes(
fastify: FastifyInstance,
@@ -106,9 +107,7 @@ export default async function dashboardRoutes(
name: `${user.first_name} ${user.last_name}`,
initials: `${firstInitial}${lastInitial}`.toUpperCase(),
status,
arrived_at: a.arrival_time
? `${String(a.arrival_time.getHours()).padStart(2, "0")}:${String(a.arrival_time.getMinutes()).padStart(2, "0")}`
: null,
arrived_at: a.arrival_time ? localTimeStr(a.arrival_time) : null,
});
}
@@ -252,7 +251,7 @@ export default async function dashboardRoutes(
entity_type: log.entity_type ?? "",
description: log.description ?? "",
username: log.username ?? null,
created_at: log.created_at ? log.created_at.toISOString() : "",
created_at: log.created_at ?? "",
}));
}

38
src/routes/admin/invoices-pdf.ts
View File

@@ -2,6 +2,9 @@ import { FastifyInstance } from "fastify";
import QRCode from "qrcode";
import prisma from "../../config/database";
import { requirePermission } from "../../middleware/auth";
import { localDateCzStr } from "../../utils/date";
import { nasFinancialsManager } from "../../services/nas-financials-manager";
import { htmlToPdf } from "../../utils/html-to-pdf";
/* ── Helpers ─────────────────────────────────────────────────────── */
@@ -9,7 +12,7 @@ function formatDate(date: Date | string | null | undefined): string {
if (!date) return "";
const d = new Date(date);
if (isNaN(d.getTime())) return String(date);
return `${String(d.getDate()).padStart(2, "0")}.${String(d.getMonth() + 1).padStart(2, "0")}.${d.getFullYear()}`;
return localDateCzStr(d);
}
function formatNum(n: number, decimals = 2): string {
@@ -278,7 +281,6 @@ export default async function invoicesPdfRoutes(
unknown
> | null;
// Order number lookup
let orderNumber = "";
if (invoice.order_id) {
const orderRow = await prisma.orders.findUnique({
@@ -298,7 +300,6 @@ export default async function invoicesPdfRoutes(
}
}
// Logo
let logoImg = "";
if (settings?.logo_data) {
const buf = Buffer.from(settings.logo_data as Buffer);
@@ -313,7 +314,6 @@ export default async function invoicesPdfRoutes(
const currency = invoice.currency || "CZK";
const applyVat = !!invoice.apply_vat;
// Calculations
const vatSummary: Record<string, { base: number; vat: number }> = {};
let subtotal = 0;
@@ -380,7 +380,6 @@ export default async function invoicesPdfRoutes(
});
}
// Address lines
const supp = buildAddressLines(settings, true, t);
const cust = buildAddressLines(customer, false, t);
@@ -410,7 +409,6 @@ export default async function invoicesPdfRoutes(
const invoiceNumber = escapeHtml(invoice.invoice_number);
// Items HTML
const itemsHtml = items
.map((item, i) => {
const qty = Number(item.quantity);
@@ -434,7 +432,6 @@ export default async function invoicesPdfRoutes(
})
.join("");
// VAT recap rows
const vatRecapHtml = vatRecap
.map(
(vr) => `<tr>
@@ -446,7 +443,6 @@ export default async function invoicesPdfRoutes(
)
.join("");
// VAT detail rows for totals section
let vatDetailHtml = "";
if (applyVat) {
for (const [rate, data] of Object.entries(vatSummary)) {
@@ -460,7 +456,6 @@ export default async function invoicesPdfRoutes(
}
}
// Notes section
const notesRaw = invoice.notes ?? "";
const notesStripped = notesRaw.replace(/<[^>]*>/g, "").trim();
const notesHtml = notesStripped
@@ -1027,6 +1022,31 @@ ${indentCSS}
</body>
</html>`;
// Save PDF to NAS
if (nasFinancialsManager.isConfigured() && invoice.invoice_number) {
const issueDate = invoice.issue_date
? new Date(invoice.issue_date)
: new Date();
const saveMode = query.save === "1";
const pdfPromise = htmlToPdf(html)
.then((pdfBuffer) => {
nasFinancialsManager.saveIssuedInvoicePdf(
invoice.invoice_number!,
issueDate.getFullYear(),
issueDate.getMonth() + 1,
pdfBuffer,
);
})
.catch((err) => {
request.log.error(err, "Failed to save invoice PDF to NAS");
});
if (saveMode) {
await pdfPromise;
return reply.send({ success: true, message: "PDF uloženo" });
}
}
return reply.type("text/html").send(html);
},
);

40
src/routes/admin/invoices.ts
View File

@@ -1,4 +1,5 @@
import { FastifyInstance } from "fastify";
import prisma from "../../config/database";
import { requirePermission } from "../../middleware/auth";
import { logAudit } from "../../services/audit";
import { success, error, parseId } from "../../utils/response";
@@ -19,6 +20,7 @@ import {
updateInvoice,
deleteInvoice,
} from "../../services/invoices.service";
import { nasFinancialsManager } from "../../services/nas-financials-manager";
export default async function invoicesRoutes(
fastify: FastifyInstance,
@@ -46,6 +48,8 @@ export default async function invoicesRoutes(
search,
status: query.status ? String(query.status) : undefined,
customer_id: query.customer_id ? Number(query.customer_id) : undefined,
month: query.month ? Number(query.month) : undefined,
year: query.year ? Number(query.year) : undefined,
});
return reply.send({
@@ -185,6 +189,13 @@ export default async function invoicesRoutes(
const existing = await deleteInvoice(id);
if (!existing) return error(reply, "Faktura nenalezena", 404);
// Delete PDF from NAS
if (existing.invoice_number && existing.issue_date) {
const d = new Date(existing.issue_date);
const relPath = `Vydané/${d.getFullYear()}/${String(d.getMonth() + 1).padStart(2, "0")}/${existing.invoice_number}.pdf`;
nasFinancialsManager.deleteIssuedInvoice(relPath);
}
await logAudit({
request,
authData: request.authData,
@@ -196,4 +207,33 @@ export default async function invoicesRoutes(
return success(reply, null, 200, "Faktura smazána");
},
);
// GET /api/admin/invoices/:id/file — serve PDF from NAS
fastify.get<{ Params: { id: string } }>(
"/:id/file",
{ preHandler: requirePermission("invoices.view") },
async (request, reply) => {
const id = parseId(request.params.id, reply);
if (id === null) return;
const invoice = await prisma.invoices.findUnique({
where: { id },
select: { invoice_number: true, issue_date: true },
});
if (!invoice?.invoice_number || !invoice.issue_date)
return error(reply, "Faktura nenalezena", 404);
const d = new Date(invoice.issue_date);
const relPath = `Vydané/${d.getFullYear()}/${String(d.getMonth() + 1).padStart(2, "0")}/${invoice.invoice_number}.pdf`;
const file = nasFinancialsManager.readIssuedInvoice(relPath);
if (!file) return error(reply, "PDF soubor nenalezen", 404);
return reply
.type("application/pdf")
.header(
"Content-Disposition",
`inline; filename="${invoice.invoice_number}.pdf"`,
)
.send(file.data);
},
);
}

2
src/routes/admin/leave-requests.ts
View File

@@ -205,7 +205,6 @@ export default async function leaveRequestsRoutes(
}
}
// Count business days and create attendance records
let totalBusinessDays = 0;
const current = new Date(dateFrom);
const attendanceCreates: Array<{
@@ -242,7 +241,6 @@ export default async function leaveRequestsRoutes(
const totalHours = totalBusinessDays * 8;
// Run everything in a transaction
await prisma.$transaction(async (tx) => {
// 1. Create attendance records for each business day
if (attendanceCreates.length > 0) {

39
src/routes/admin/offers-pdf.ts
View File

@@ -1,12 +1,15 @@
import { FastifyInstance } from "fastify";
import prisma from "../../config/database";
import { requirePermission } from "../../middleware/auth";
import { localDateCzStr } from "../../utils/date";
import { nasOffersManager } from "../../services/nas-offers-manager";
import { htmlToPdf } from "../../utils/html-to-pdf";
function formatDate(date: Date | string | null | undefined): string {
if (!date) return "";
const d = new Date(date);
if (isNaN(d.getTime())) return String(date);
return `${String(d.getDate()).padStart(2, "0")}.${String(d.getMonth() + 1).padStart(2, "0")}.${d.getFullYear()}`;
return localDateCzStr(d);
}
/** Format number with comma decimal separator and non-breaking space thousands separator */
@@ -53,7 +56,6 @@ function cleanQuillHtml(html: string | null | undefined): string {
if (!html) return "";
const allowedTags =
"<p><br><strong><em><u><s><ul><ol><li><span><sub><sup><a><h1><h2><h3><h4><blockquote><pre>";
// Simple strip_tags equivalent: remove tags not in allowed list
let s = html;
// Remove dangerous tags with content
s = s.replace(
@@ -95,7 +97,6 @@ function buildAddressLines(
const nameKey = isSupplier ? "company_name" : "name";
const name = String(entity[nameKey] || "");
// Parse custom_fields
let cfData: Array<{ name?: string; value?: string; showLabel?: boolean }> =
[];
let fieldOrder: string[] | null = null;
@@ -201,6 +202,7 @@ export default async function offersPdfRoutes(
{ preHandler: requirePermission("offers.view") },
async (request, reply) => {
const id = parseInt(request.params.id, 10);
const query = request.query as Record<string, string>;
try {
const quotation = await prisma.quotations.findUnique({
@@ -225,7 +227,6 @@ export default async function offersPdfRoutes(
const currency = quotation.currency || "EUR";
const t = (key: string): string => TRANSLATIONS[key]?.[langKey] || key;
// Logo
let logoImg = "";
if (settings?.logo_data) {
const buf = Buffer.from(settings.logo_data);
@@ -236,7 +237,6 @@ export default async function offersPdfRoutes(
logoImg = `<img src="data:${escapeHtml(mime)};base64,${buf.toString("base64")}" class="logo" />`;
}
// Calculations
const items = quotation.quotation_items;
let subtotal = 0;
for (const item of items) {
@@ -251,7 +251,6 @@ export default async function offersPdfRoutes(
const totalToPay = subtotal + vatAmount;
const exchangeRate = Number(quotation.exchange_rate) || 0;
// Scope content check
let hasScopeContent = false;
for (const s of quotation.scope_sections) {
if ((s.content || "").trim() || (s.title || "").trim()) {
@@ -260,7 +259,6 @@ export default async function offersPdfRoutes(
}
}
// Addresses
const cust = buildAddressLines(
quotation.customers as unknown as Record<string, unknown>,
false,
@@ -288,7 +286,6 @@ export default async function offersPdfRoutes(
indentCSS += ` li.ql-indent-${n} { padding-left: ${liPad}em; }\n`;
}
// Items HTML
let itemsHtml = "";
items.forEach((item, i) => {
const lineTotal =
@@ -304,7 +301,6 @@ export default async function offersPdfRoutes(
</tr>`;
});
// Totals HTML
let totalsHtml = "";
if (applyVat) {
totalsHtml += `<div class="detail-rows">
@@ -328,7 +324,6 @@ export default async function offersPdfRoutes(
const quotationNumber = escapeHtml(quotation.quotation_number);
// Scope HTML
let scopeHtml = "";
if (hasScopeContent) {
scopeHtml += '<div class="scope-page">';
@@ -768,6 +763,30 @@ ${indentCSS}
</body>
</html>`;
// Save PDF to NAS
if (nasOffersManager.isConfigured() && quotation.quotation_number) {
const created = quotation.created_at
? new Date(quotation.created_at)
: new Date();
const saveMode = query.save === "1";
const pdfPromise = htmlToPdf(html)
.then((pdfBuffer) => {
nasOffersManager.saveOfferPdf(
quotation.quotation_number!,
created.getFullYear(),
pdfBuffer,
);
})
.catch((err) => {
request.log.error(err, "Failed to save offer PDF to NAS");
});
if (saveMode) {
await pdfPromise;
return reply.send({ success: true, message: "PDF uloženo" });
}
}
return reply.type("text/html").send(html);
} catch (err) {
request.log.error(err, "PDF generation failed");

4
src/routes/admin/orders.ts
View File

@@ -208,7 +208,7 @@ export default async function ordersRoutes(
if ("error" in manualParsed) return error(reply, manualParsed.error, 400);
const body = manualParsed.data;
const result = await createOrder(body as any);
const result = await createOrder(body);
await logAudit({
request,
@@ -236,7 +236,7 @@ export default async function ordersRoutes(
const parsed = parseBody(UpdateOrderSchema, request.body);
if ("error" in parsed) return error(reply, parsed.error, 400);
const result = await updateOrder(id, parsed.data as any);
const result = await updateOrder(id, parsed.data);
if ("error" in result) return error(reply, result.error!, result.status!);
await logAudit({

1
src/routes/admin/project-files.ts
View File

@@ -60,7 +60,6 @@ export default async function projectFilesRoutes(
.send(stream);
}
// List files
if (!project.project_number)
return error(reply, "Projekt nemá číslo projektu");

44
src/routes/admin/quotations.ts
View File

@@ -19,6 +19,7 @@ import {
invalidateOffer,
getNextOfferNumber,
} from "../../services/offers.service";
import { nasOffersManager } from "../../services/nas-offers-manager";
const LOCK_TIMEOUT_MS = 10 * 1000; // 10 seconds — lock expires if no heartbeat
@@ -122,7 +123,6 @@ export default async function quotationsRoutes(
const data = await getOffer(id);
if (!data) return error(reply, "Nabídka nenalezena", 404);
// Include lock info
const quotation = await prisma.quotations.findUnique({
where: { id },
select: { locked_by: true, locked_at: true },
@@ -305,6 +305,14 @@ export default async function quotationsRoutes(
const existing = await deleteOffer(id);
if (!existing) return error(reply, "Nabídka nenalezena", 404);
// Delete PDF from NAS
if (existing.quotation_number && existing.created_at) {
const yr = new Date(existing.created_at).getFullYear();
nasOffersManager.deleteOfferPdf(
nasOffersManager.buildRelativePath(existing.quotation_number, yr),
);
}
await logAudit({
request,
authData: request.authData,
@@ -316,4 +324,38 @@ export default async function quotationsRoutes(
return success(reply, null, 200, "Nabídka smazána");
},
);
// GET /api/admin/offers/:id/file — serve PDF from NAS
fastify.get<{ Params: { id: string } }>(
"/:id/file",
{ preHandler: requirePermission("offers.view") },
async (request, reply) => {
const id = parseId(request.params.id, reply);
if (id === null) return;
const offer = await prisma.quotations.findUnique({
where: { id },
select: { quotation_number: true, created_at: true },
});
if (!offer?.quotation_number)
return error(reply, "Nabídka nenalezena", 404);
const year = offer.created_at
? new Date(offer.created_at).getFullYear()
: new Date().getFullYear();
const relPath = nasOffersManager.buildRelativePath(
offer.quotation_number,
year,
);
const file = nasOffersManager.readOfferPdf(relPath);
if (!file) return error(reply, "PDF soubor nenalezen", 404);
return reply
.type("application/pdf")
.header(
"Content-Disposition",
`inline; filename="${offer.quotation_number}.pdf"`,
)
.send(file.data);
},
);
}

73
src/routes/admin/received-invoices.ts
View File

@@ -11,6 +11,7 @@ import {
CreateReceivedInvoiceSchema,
UpdateReceivedInvoiceSchema,
} from "../../schemas/received-invoices.schema";
import { nasFinancialsManager } from "../../services/nas-financials-manager";
const VALID_STATUSES = ["unpaid", "paid"] as const;
const ALLOWED_SORT_FIELDS = [
@@ -160,16 +161,31 @@ export default async function receivedInvoicesRoutes(
if (id === null) return;
const invoice = await prisma.received_invoices.findUnique({
where: { id },
select: { file_data: true, file_name: true, file_mime: true },
select: {
file_name: true,
file_mime: true,
year: true,
month: true,
},
});
if (!invoice?.file_data) return error(reply, "Soubor nenalezen", 404);
if (!invoice?.file_name) return error(reply, "Soubor nenalezen", 404);
const relPath = nasFinancialsManager.buildReceivedPath(
invoice.file_name,
invoice.year,
invoice.month,
);
const nasFile = nasFinancialsManager.readReceivedInvoice(relPath);
if (!nasFile) return error(reply, "Soubor na NAS nenalezen", 404);
const mime = invoice.file_mime || "application/pdf";
const filename = invoice.file_name || `received-invoice-${id}.pdf`;
return reply
.type(mime)
.header("Content-Disposition", `inline; filename="${filename}"`)
.send(Buffer.from(invoice.file_data));
.header(
"Content-Disposition",
`inline; filename="${invoice.file_name}"`,
)
.send(nasFile.data);
},
);
@@ -183,9 +199,10 @@ export default async function receivedInvoicesRoutes(
where: { id },
});
if (!invoice) return error(reply, "Přijatá faktura nenalezena", 404);
// Don't send file_data in detail response (can be large)
const { file_data: _fileData, ...rest } = invoice;
return success(reply, rest);
return success(reply, {
...invoice,
has_file: !!invoice.file_name,
});
},
);
@@ -230,6 +247,8 @@ export default async function receivedInvoicesRoutes(
const now = new Date();
const createdIds: number[] = [];
const useNas = nasFinancialsManager.isConfigured();
for (let i = 0; i < files.length; i++) {
const file = files[i];
const meta = invoicesMeta[i] || {};
@@ -241,10 +260,34 @@ export default async function receivedInvoicesRoutes(
? Math.round((amount - amount / (1 + vatRate / 100)) * 100) / 100
: 0;
const issueDate = meta.issue_date
? new Date(String(meta.issue_date))
: null;
const invoiceMonth = issueDate
? issueDate.getMonth() + 1
: Number(meta.month) || now.getMonth() + 1;
const invoiceYear = issueDate
? issueDate.getFullYear()
: Number(meta.year) || now.getFullYear();
if (!useNas) {
return error(reply, "NAS úložiště není nakonfigurováno", 503);
}
const nasResult = nasFinancialsManager.saveReceivedInvoice(
file.name,
invoiceYear,
invoiceMonth,
file.data,
);
if ("error" in nasResult) {
return error(reply, nasResult.error, 503);
}
const invoice = await prisma.received_invoices.create({
data: {
month: Number(meta.month) || now.getMonth() + 1,
year: Number(meta.year) || now.getFullYear(),
month: invoiceMonth,
year: invoiceYear,
supplier_name: meta.supplier_name
? String(meta.supplier_name)
: file.name,
@@ -263,7 +306,6 @@ export default async function receivedInvoicesRoutes(
status: "unpaid",
notes: meta.notes ? String(meta.notes) : null,
uploaded_by: request.authData?.userId,
file_data: Uint8Array.from(file.data),
file_name: file.name,
file_mime: file.mime,
file_size: file.size,
@@ -488,6 +530,15 @@ export default async function receivedInvoicesRoutes(
});
if (!existing) return error(reply, "Přijatá faktura nenalezena", 404);
if (existing.file_name) {
const relPath = nasFinancialsManager.buildReceivedPath(
existing.file_name,
existing.year,
existing.month,
);
nasFinancialsManager.deleteReceivedInvoice(relPath);
}
await prisma.received_invoices.delete({ where: { id } });
await logAudit({
request,

3
src/routes/admin/scope-templates.ts
View File

@@ -27,7 +27,6 @@ export default async function scopeTemplatesRoutes(
const query = request.query as Record<string, unknown>;
const action = query.action ? String(query.action) : null;
// Item templates
if (action === "items") {
const items = await prisma.item_templates.findMany({
where: { is_deleted: false },
@@ -70,7 +69,6 @@ export default async function scopeTemplatesRoutes(
category: body.category ? String(body.category) : null,
};
// Update existing item if id is provided
if (body.id) {
const existingItem = await prisma.item_templates.findUnique({
where: { id: Number(body.id) },
@@ -92,7 +90,6 @@ export default async function scopeTemplatesRoutes(
return success(reply, { id: item.id }, 201, "Položka byla vytvořena");
}
// Scope template create (original logic below)
const scopeParsed = parseBody(CreateScopeTemplateSchema, request.body);
if ("error" in scopeParsed) return error(reply, scopeParsed.error, 400);
const body = scopeParsed.data;

5
src/routes/admin/sessions.ts
View File

@@ -21,7 +21,6 @@ function parseUserAgent(ua: string | null): {
icon: "monitor",
};
// Browser detection
let browser = "Neznámý prohlížeč";
if (ua.includes("Edg/")) browser = "Edge";
else if (ua.includes("OPR/") || ua.includes("Opera")) browser = "Opera";
@@ -29,7 +28,6 @@ function parseUserAgent(ua: string | null): {
else if (ua.includes("Safari/") && !ua.includes("Chrome")) browser = "Safari";
else if (ua.includes("Firefox/")) browser = "Firefox";
// OS detection
let os = "Neznámý systém";
if (ua.includes("Windows")) os = "Windows";
else if (ua.includes("Mac OS X") || ua.includes("Macintosh")) os = "macOS";
@@ -37,7 +35,6 @@ function parseUserAgent(ua: string | null): {
else if (ua.includes("Android")) os = "Android";
else if (ua.includes("iPhone") || ua.includes("iPad")) os = "iOS";
// Device icon
let icon = "monitor";
if (
ua.includes("Mobile") ||
@@ -76,7 +73,7 @@ export default async function sessionsRoutes(
is_current: currentHash ? s.token_hash === currentHash : false,
device_info,
ip_address: s.ip_address || "",
created_at: s.created_at ? s.created_at.toISOString() : "",
created_at: s.created_at ?? "",
};
});

4
src/routes/admin/totp.ts
View File

@@ -44,7 +44,6 @@ export default async function totpRoutes(
return error(reply, "Secret a kód jsou povinné", 400);
}
// Verify the code first
const totp = new OTPAuthLib.TOTP({
secret: OTPAuthLib.Secret.fromBase32(String(secret)),
algorithm: "SHA1",
@@ -66,7 +65,6 @@ export default async function totpRoutes(
backupCodesHashed.push(bcrypt.hashSync(code, 10));
}
// Encrypt and store
const encryptedSecret = encrypt(String(secret));
await prisma.users.update({
where: { id: request.authData!.userId },
@@ -237,7 +235,6 @@ export default async function totpRoutes(
return error(reply, "Neplatný záložní kód", 401);
}
// Remove used backup code
backupCodes.splice(matchIndex, 1);
await prisma.users.update({
where: { id: user.id },
@@ -249,7 +246,6 @@ export default async function totpRoutes(
},
});
// Delete used login token
await prisma.totp_login_tokens.delete({ where: { id: storedToken.id } });
// Create tokens (same as /login/totp flow)

8
src/routes/admin/trips.ts
View File

@@ -176,13 +176,11 @@ export default async function tripsRoutes(
end_km: Number(body.end_km),
route_from: String(body.route_from),
route_to: String(body.route_to),
is_business:
!!body.is_business,
is_business: !!body.is_business,
notes: body.notes ? String(body.notes) : null,
},
});
// Update vehicle actual_km
await prisma.vehicles.update({
where: { id: Number(body.vehicle_id) },
data: { actual_km: Number(body.end_km) },
@@ -227,9 +225,7 @@ export default async function tripsRoutes(
if (body.route_from !== undefined)
data.route_from = String(body.route_from);
if (body.route_to !== undefined) data.route_to = String(body.route_to);
if (body.is_business !== undefined)
data.is_business =
!!body.is_business;
if (body.is_business !== undefined) data.is_business = !!body.is_business;
if (body.notes !== undefined)
data.notes = body.notes ? String(body.notes) : null;

4
src/routes/admin/vehicles.ts
View File

@@ -107,9 +107,7 @@ export default async function vehiclesRoutes(
actual_km:
body.actual_km !== undefined ? Number(body.actual_km) : undefined,
is_active:
body.is_active !== undefined
? !!body.is_active
: undefined,
body.is_active !== undefined ? !!body.is_active : undefined,
},
});
await logAudit({

9
src/schemas/bank-accounts.schema.ts
View File

@@ -7,7 +7,10 @@ export const CreateBankAccountSchema = z.object({
iban: z.string().nullish(),
bic: z.string().nullish(),
currency: z.string().optional().default("CZK"),
is_default: z.preprocess(v => v === true || v === 1 || v === "1", z.boolean()).optional().default(false),
is_default: z
.preprocess((v) => v === true || v === 1 || v === "1", z.boolean())
.optional()
.default(false),
position: z
.union([z.number(), z.string()])
.transform((v) => Number(v))
@@ -22,7 +25,9 @@ export const UpdateBankAccountSchema = z.object({
iban: z.string().nullish(),
bic: z.string().nullish(),
currency: z.string().optional(),
is_default: z.preprocess(v => v === true || v === 1 || v === "1", z.boolean()).optional(),
is_default: z
.preprocess((v) => v === true || v === 1 || v === "1", z.boolean())
.optional(),
position: z
.union([z.number(), z.string()])
.transform((v) => Number(v))

4
src/schemas/company-settings.schema.ts
View File

@@ -16,7 +16,9 @@ export const UpdateCompanySettingsSchema = z.object({
.union([z.number(), z.string()])
.transform((v) => Number(v))
.optional(),
require_2fa: z.preprocess(v => v === true || v === 1 || v === "1", z.boolean()).optional(),
require_2fa: z
.preprocess((v) => v === true || v === 1 || v === "1", z.boolean())
.optional(),
custom_fields: z.array(z.any()).optional(),
supplier_field_order: z.array(z.any()).optional(),
});

11
src/schemas/invoices.schema.ts
View File

@@ -41,7 +41,10 @@ export const CreateInvoiceSchema = z.object({
.transform((v) => Number(v))
.optional()
.default(21.0),
apply_vat: z.preprocess(v => v === true || v === 1 || v === "1", z.boolean()).optional().default(true),
apply_vat: z
.preprocess((v) => v === true || v === 1 || v === "1", z.boolean())
.optional()
.default(true),
payment_method: z.string().nullish(),
constant_symbol: z.string().nullish(),
bank_name: z.string().nullish(),
@@ -53,6 +56,7 @@ export const CreateInvoiceSchema = z.object({
tax_date: z.string().nullish(),
issued_by: z.string().nullish(),
billing_text: z.string().nullish(),
language: z.string().optional().default("cs"),
notes: z.string().nullish(),
internal_notes: z.string().nullish(),
items: z.array(InvoiceItemSchema).optional(),
@@ -61,6 +65,7 @@ export const CreateInvoiceSchema = z.object({
export const UpdateInvoiceSchema = z.object({
status: z.string().optional(),
currency: z.string().optional(),
language: z.string().optional(),
payment_method: z.string().nullish(),
constant_symbol: z.string().nullish(),
bank_name: z.string().nullish(),
@@ -73,7 +78,9 @@ export const UpdateInvoiceSchema = z.object({
.union([z.number(), z.string()])
.transform((v) => Number(v))
.optional(),
apply_vat: z.preprocess(v => v === true || v === 1 || v === "1", z.boolean()).optional(),
apply_vat: z
.preprocess((v) => v === true || v === 1 || v === "1", z.boolean())
.optional(),
issue_date: z.union([z.string(), z.null()]).optional(),
due_date: z.union([z.string(), z.null()]).optional(),
tax_date: z.union([z.string(), z.null()]).optional(),

14
src/schemas/offers.schema.ts
View File

@@ -14,7 +14,10 @@ const QuotationItemSchema = z.object({
.transform((v) => Number(v) || 0)
.optional()
.default(0),
is_included_in_total: z.preprocess(v => v === true || v === 1 || v === "1", z.boolean()).optional().default(true),
is_included_in_total: z
.preprocess((v) => v === true || v === 1 || v === "1", z.boolean())
.optional()
.default(true),
position: z
.union([z.number(), z.string()])
.transform((v) => Number(v))
@@ -46,7 +49,10 @@ export const CreateQuotationSchema = z.object({
.transform((v) => Number(v))
.optional()
.default(21.0),
apply_vat: z.preprocess(v => v === true || v === 1 || v === "1", z.boolean()).optional().default(true),
apply_vat: z
.preprocess((v) => v === true || v === 1 || v === "1", z.boolean())
.optional()
.default(true),
exchange_rate: z
.union([z.number(), z.string()])
.transform((v) => Number(v))
@@ -73,7 +79,9 @@ export const UpdateQuotationSchema = z.object({
.union([z.number(), z.string()])
.transform((v) => Number(v))
.optional(),
apply_vat: z.preprocess(v => v === true || v === 1 || v === "1", z.boolean()).optional(),
apply_vat: z
.preprocess((v) => v === true || v === 1 || v === "1", z.boolean())
.optional(),
exchange_rate: z
.union([z.number(), z.string()])
.transform((v) => Number(v))

14
src/schemas/orders.schema.ts
View File

@@ -14,7 +14,10 @@ const OrderItemSchema = z.object({
.transform((v) => Number(v) || 0)
.optional()
.default(0),
is_included_in_total: z.preprocess(v => v === true || v === 1 || v === "1", z.boolean()).optional().default(true),
is_included_in_total: z
.preprocess((v) => v === true || v === 1 || v === "1", z.boolean())
.optional()
.default(true),
position: z
.union([z.number(), z.string()])
.transform((v) => Number(v))
@@ -55,7 +58,10 @@ export const CreateOrderSchema = z.object({
.transform((v) => Number(v))
.optional()
.default(21.0),
apply_vat: z.preprocess(v => v === true || v === 1 || v === "1", z.boolean()).optional().default(true),
apply_vat: z
.preprocess((v) => v === true || v === 1 || v === "1", z.boolean())
.optional()
.default(true),
exchange_rate: z
.union([z.number(), z.string()])
.transform((v) => Number(v))
@@ -82,7 +88,9 @@ export const UpdateOrderSchema = z.object({
.union([z.number(), z.string()])
.transform((v) => Number(v))
.optional(),
apply_vat: z.preprocess(v => v === true || v === 1 || v === "1", z.boolean()).optional(),
apply_vat: z
.preprocess((v) => v === true || v === 1 || v === "1", z.boolean())
.optional(),
items: z.array(OrderItemSchema).optional(),
sections: z.array(OrderSectionSchema).optional(),
});

9
src/schemas/trips.schema.ts
View File

@@ -11,7 +11,10 @@ export const CreateTripSchema = z.object({
end_km: z.union([z.number(), z.string()]).transform((v) => Number(v)),
route_from: z.string(),
route_to: z.string(),
is_business: z.preprocess(v => v === true || v === 1 || v === "1", z.boolean()).optional().default(false),
is_business: z
.preprocess((v) => v === true || v === 1 || v === "1", z.boolean())
.optional()
.default(false),
notes: z.string().nullish(),
});
@@ -27,7 +30,9 @@ export const UpdateTripSchema = z.object({
.optional(),
route_from: z.string().optional(),
route_to: z.string().optional(),
is_business: z.preprocess(v => v === true || v === 1 || v === "1", z.boolean()).optional(),
is_business: z
.preprocess((v) => v === true || v === 1 || v === "1", z.boolean())
.optional(),
notes: z.string().nullish(),
});

9
src/schemas/users.schema.ts
View File

@@ -7,7 +7,10 @@ export const CreateUserSchema = z.object({
first_name: z.string().min(1, "Jméno je povinné"),
last_name: z.string().min(1, "Příjmení je povinné"),
role_id: z.union([z.number(), z.string()]).transform((v) => Number(v)),
is_active: z.preprocess(v => v === true || v === 1 || v === "1", z.boolean()).optional().default(true),
is_active: z
.preprocess((v) => v === true || v === 1 || v === "1", z.boolean())
.optional()
.default(true),
});
export const UpdateUserSchema = z.object({
@@ -17,7 +20,9 @@ export const UpdateUserSchema = z.object({
first_name: z.string().optional(),
last_name: z.string().optional(),
role_id: z.union([z.number(), z.string(), z.null()]).optional(),
is_active: z.preprocess(v => v === true || v === 1 || v === "1", z.boolean()).optional(),
is_active: z
.preprocess((v) => v === true || v === 1 || v === "1", z.boolean())
.optional(),
});
export type CreateUserInput = z.infer<typeof CreateUserSchema>;

9
src/schemas/vehicles.schema.ts
View File

@@ -15,7 +15,10 @@ export const CreateVehicleSchema = z.object({
.transform((v) => Number(v))
.optional()
.default(0),
is_active: z.preprocess(v => v === true || v === 1 || v === "1", z.boolean()).optional().default(true),
is_active: z
.preprocess((v) => v === true || v === 1 || v === "1", z.boolean())
.optional()
.default(true),
});
export const UpdateVehicleSchema = z.object({
@@ -31,7 +34,9 @@ export const UpdateVehicleSchema = z.object({
.union([z.number(), z.string()])
.transform((v) => Number(v))
.optional(),
is_active: z.preprocess(v => v === true || v === 1 || v === "1", z.boolean()).optional(),
is_active: z
.preprocess((v) => v === true || v === 1 || v === "1", z.boolean())
.optional(),
});
export type CreateVehicleInput = z.infer<typeof CreateVehicleSchema>;

3
src/server.ts
View File

@@ -6,7 +6,6 @@ import path from "path";
import { config } from "./config/env";
import { securityHeaders } from "./middleware/security";
// Route imports
import authRoutes from "./routes/admin/auth";
import usersRoutes from "./routes/admin/users";
import rolesRoutes from "./routes/admin/roles";
@@ -194,6 +193,8 @@ async function start() {
await app.close();
const { default: prisma } = await import("./config/database");
await prisma.$disconnect();
const { closeBrowser } = await import("./utils/html-to-pdf");
await closeBrowser();
app.log.info("Server shut down successfully");
process.exit(0);
} catch (err) {

24
src/services/attendance.service.ts
View File

@@ -1,6 +1,7 @@
import { attendance_leave_type, Prisma } from "@prisma/client";
import prisma from "../config/database";
import { getBusinessDaysInMonth } from "../utils/czech-holidays";
import { localDateStr } from "../utils/date";
type AttendanceWithRelations = Prisma.attendanceGetPayload<{
include: {
@@ -254,7 +255,6 @@ export async function getStatus(userId: number) {
};
// 5) Project logs for ongoing shift
// Collect all project IDs from completed shifts for name lookup
const completedProjectIds = new Set<number>();
for (const shift of todayShiftsRaw) {
for (const log of shift.attendance_project_logs) {
@@ -262,7 +262,6 @@ export async function getStatus(userId: number) {
}
}
// Fetch project names for completed shifts
const completedProjectNames = new Map<number, string>();
if (completedProjectIds.size > 0) {
const projects = await prisma.projects.findMany({
@@ -277,7 +276,6 @@ export async function getStatus(userId: number) {
}
}
// Enrich today's completed shifts with project names
const todayShifts = todayShiftsRaw.map((shift) => ({
...shift,
project_logs: shift.attendance_project_logs.map((l) => ({
@@ -337,7 +335,7 @@ export async function getStatus(userId: number) {
today_shifts: todayShifts,
leave_balance: leaveBalance,
monthly_fund: monthlyFund,
date: now.toISOString().split("T")[0],
date: localDateStr(now),
project_logs: projectLogs,
active_project_id: activeProjectId,
};
@@ -759,7 +757,6 @@ export async function getPrintData(
const fundHours = getBusinessDaysInMonth(yr, mo - 1) * 8;
// Load project names for enrichment
const typedRecords = records as AttendanceWithRelations[];
const projectIds = [
@@ -784,7 +781,6 @@ export async function getPrintData(
}
}
// Group records by user and calculate totals
const userTotals: Record<string, Record<string, unknown>> = {};
for (const rec of typedRecords) {
const uid = String(rec.user_id);
@@ -806,7 +802,6 @@ export async function getPrintData(
};
}
// Build record with project_logs for frontend
const projectLogs =
rec.attendance_project_logs?.map((log) => ({
project_id: log.project_id,
@@ -843,7 +838,6 @@ export async function getPrintData(
}
}
// Calculate fund coverage per user
for (const uid of Object.keys(userTotals)) {
const ut = userTotals[uid];
const workedH = Math.round(((ut.minutes as number) / 60) * 10) / 10;
@@ -864,7 +858,6 @@ export async function getPrintData(
);
}
// Leave balances
const leaveBalances: Record<string, Record<string, number>> = {};
const balanceRecords = await prisma.leave_balances.findMany({
where: { year: yr },
@@ -878,7 +871,6 @@ export async function getPrintData(
};
}
// Selected user name
let selectedUserName = "";
if (filterUserId) {
const u = users.find((u) => u.id === filterUserId);
@@ -912,7 +904,8 @@ export async function getActiveProjects() {
});
return activeProjects.map((p) => ({
id: p.id,
name: p.project_number ? `${p.project_number} ${p.name}` : p.name,
name: p.name,
project_number: p.project_number ?? "",
}));
}
@@ -1069,9 +1062,7 @@ export async function bulkCreateAttendance(data: BulkAttendanceData) {
select: { user_id: true, shift_date: true },
});
const existingSet = new Set(
existing.map(
(r) => `${r.user_id}:${r.shift_date.toISOString().split("T")[0]}`,
),
existing.map((r) => `${r.user_id}:${localDateStr(r.shift_date)}`),
);
let inserted = 0;
@@ -1080,7 +1071,7 @@ export async function bulkCreateAttendance(data: BulkAttendanceData) {
for (const userId of data.user_ids.map(Number)) {
for (let day = 1; day <= daysInMonth; day++) {
const date = new Date(yr, mo - 1, day);
const dateStr = date.toISOString().split("T")[0];
const dateStr = localDateStr(date);
const dow = date.getDay();
if (dow === 0 || dow === 6) continue;
@@ -1136,7 +1127,7 @@ export async function createLeave(data: LeaveData, authUserId: number) {
while (current <= end) {
const dow = current.getDay();
if (dow !== 0 && dow !== 6) {
const dateStr = current.toISOString().split("T")[0];
const dateStr = localDateStr(current);
const shiftDate = new Date(
Date.UTC(
current.getFullYear(),
@@ -1161,7 +1152,6 @@ export async function createLeave(data: LeaveData, authUserId: number) {
current.setDate(current.getDate() + 1);
}
// Update leave balance for vacation/sick
const totalLeaveHours =
created * (data.leave_hours ? Number(data.leave_hours) : 8);
if (

6
src/services/auth.ts
View File

@@ -111,7 +111,6 @@ export async function login(
return { type: "error", message: "Účet je deaktivován", status: 403 };
}
// Check lockout
if (user.locked_until && new Date(user.locked_until) > new Date()) {
return {
type: "error",
@@ -141,7 +140,6 @@ export async function login(
};
}
// Reset failed attempts
await prisma.users.update({
where: { id: user.id },
data: {
@@ -151,7 +149,6 @@ export async function login(
},
});
// Check if 2FA is enabled
if (user.totp_enabled) {
const loginToken = crypto.randomBytes(32).toString("hex");
const tokenHash = hashToken(loginToken);
@@ -167,7 +164,6 @@ export async function login(
return { type: "totp_required", loginToken };
}
// Generate tokens
const authData = await loadAuthData(user.id);
if (!authData) {
return {
@@ -241,7 +237,6 @@ export async function refreshAccessToken(
return { type: "error", message: "Uživatel nenalezen", status: 401 };
}
// Rotate refresh token
const newRefreshTokenRaw = generateRefreshToken();
const newRefreshTokenHash = hashToken(newRefreshTokenRaw);
@@ -303,7 +298,6 @@ export async function logout(refreshTokenRaw: string): Promise<void> {
});
}
// Clean up expired tokens
await prisma.refresh_tokens.deleteMany({
where: { expires_at: { lt: new Date() } },
});

28
src/services/invoices.service.ts
View File

@@ -1,7 +1,5 @@
import prisma from "../config/database";
// Re-export for convenience
// Status transition rules matching PHP
const VALID_TRANSITIONS: Record<string, string[]> = {
issued: ["paid"],
@@ -36,6 +34,8 @@ interface ListInvoicesParams {
search: string;
status?: string;
customer_id?: number;
month?: number;
year?: number;
}
function computeInvoiceTotals(
@@ -75,13 +75,28 @@ export async function markOverdueInvoices() {
}
export async function listInvoices(params: ListInvoicesParams) {
const { page, limit, skip, sort, order, search, status, customer_id } =
params;
const {
page,
limit,
skip,
sort,
order,
search,
status,
customer_id,
month,
year,
} = params;
const sortField = ALLOWED_SORT_FIELDS.includes(sort) ? sort : "id";
const where: Record<string, unknown> = {};
if (status) where.status = status;
if (customer_id) where.customer_id = customer_id;
if (month && year) {
const from = new Date(year, month - 1, 1);
const to = new Date(year, month, 1);
where.issue_date = { gte: from, lt: to };
}
if (search) {
where.OR = [
{ invoice_number: { contains: search } },
@@ -159,7 +174,6 @@ export async function getInvoiceStats(queryMonth?: number, queryYear?: number) {
include: { invoice_items: true },
});
// Helper: compute invoice total WITH VAT (matching PHP)
const invoiceTotalWithVat = (inv: (typeof allInvoices)[0]) => {
const sub = inv.invoice_items.reduce(
(s, i) => s + (Number(i.quantity) || 0) * (Number(i.unit_price) || 0),
@@ -177,7 +191,6 @@ export async function getInvoiceStats(queryMonth?: number, queryYear?: number) {
return sub + vat;
};
// Helper: aggregate by currency
const aggregateByCurrency = (invoices: typeof allInvoices) => {
const map: Record<string, number> = {};
for (const inv of invoices) {
@@ -209,7 +222,6 @@ export async function getInvoiceStats(queryMonth?: number, queryYear?: number) {
const awaitingInvoices = allInvoices.filter((i) => i.status === "issued");
const overdueInvoices = allInvoices.filter((i) => i.status === "overdue");
// VAT by currency
const vatMap: Record<string, number> = {};
for (const inv of monthInvoices) {
if (!inv.apply_vat) continue;
@@ -309,6 +321,7 @@ export async function createInvoice(body: Record<string, any>) {
tax_date: body.tax_date ? new Date(String(body.tax_date)) : null,
issued_by: body.issued_by ? String(body.issued_by) : null,
billing_text: body.billing_text ? String(body.billing_text) : null,
language: body.language ? String(body.language) : "cs",
notes: body.notes ? String(body.notes) : null,
internal_notes: body.internal_notes ? String(body.internal_notes) : null,
},
@@ -361,6 +374,7 @@ export async function updateInvoice(id: number, body: Record<string, any>) {
"bank_account",
"issued_by",
"billing_text",
"language",
];
for (const f of strFields) {
if (body[f] !== undefined) data[f] = body[f] ? String(body[f]) : null;

5
src/services/leave-notification.ts
View File

@@ -1,5 +1,6 @@
import { sendMail } from "./mailer";
import { config } from "../config/env";
import { localDateCzStr, localDateTimeCzStr } from "../utils/date";
const LEAVE_TYPE_LABELS: Record<string, string> = {
vacation: "Dovolená",
@@ -10,7 +11,7 @@ const LEAVE_TYPE_LABELS: Record<string, string> = {
function formatDate(dateStr: string): string {
try {
const d = new Date(dateStr);
return `${String(d.getDate()).padStart(2, "0")}.${String(d.getMonth() + 1).padStart(2, "0")}.${d.getFullYear()}`;
return localDateCzStr(d);
} catch {
return dateStr;
}
@@ -59,7 +60,7 @@ export async function notifyNewLeaveRequest(
: "";
const now = new Date();
const timestamp = `${String(now.getDate()).padStart(2, "0")}.${String(now.getMonth() + 1).padStart(2, "0")}.${now.getFullYear()} ${String(now.getHours()).padStart(2, "0")}:${String(now.getMinutes()).padStart(2, "0")}:${String(now.getSeconds()).padStart(2, "0")}`;
const timestamp = localDateTimeCzStr(now);
const html = `
<html>

19
src/services/nas-file-manager.ts
View File

@@ -1,6 +1,7 @@
import fs from "fs";
import path from "path";
import { config } from "../config/env";
import { localDateStr, localTimeStr } from "../utils/date";
const FileType = require("file-type") as typeof import("file-type");
@@ -223,16 +224,7 @@ export class NasFileManager {
}
const modified = lstat.mtime;
const modifiedStr =
modified.getFullYear() +
"-" +
String(modified.getMonth() + 1).padStart(2, "0") +
"-" +
String(modified.getDate()).padStart(2, "0") +
" " +
String(modified.getHours()).padStart(2, "0") +
":" +
String(modified.getMinutes()).padStart(2, "0");
const modifiedStr = `${localDateStr(modified)} ${localTimeStr(modified)}`;
const item: FileItem = {
name: entry,
@@ -284,7 +276,6 @@ export class NasFileManager {
}
}
// Real path on disk for UI display
let realDirPath: string;
try {
realDirPath = fs.realpathSync(dirPath);
@@ -331,7 +322,6 @@ export class NasFileManager {
return "Tento typ souboru není povolen";
}
// MIME validation via file-type
try {
const typeResult = await FileType.fromBuffer(fileBuffer);
if (typeResult && this.isSuspiciousMime(typeResult.mime, ext)) {
@@ -343,7 +333,6 @@ export class NasFileManager {
let destPath = dirPath + "/" + safeName;
// If file exists, append counter
if (fs.existsSync(destPath)) {
const base = path.basename(safeName, ext ? "." + ext : "");
let counter = 1;
@@ -456,7 +445,6 @@ export class NasFileManager {
return "Cílový soubor již existuje";
}
// Validate target name
const targetName = path.basename(toPath);
if (this.sanitizeFilename(targetName) !== targetName) {
return "Neplatný cílový název";
@@ -513,7 +501,6 @@ export class NasFileManager {
public sanitizeFilename(name: string): string {
let safe = path.basename(name);
// Strip control chars and special chars
safe = safe.replace(/[\x00-\x1f\x7f<>:"/\\|?*]/g, "");
safe = safe.replace(/^[. ]+|[. ]+$/g, "");
@@ -583,7 +570,6 @@ export class NasFileManager {
return null;
}
// Normalize separators and trim
const normalized = subPath.replace(/\\/g, "/").replace(/^\/+|\/+$/g, "");
const candidate = path.resolve(folderPath, normalized).replace(/\\/g, "/");
@@ -618,7 +604,6 @@ export class NasFileManager {
const normalFull = fullPath.replace(/\\/g, "/");
const normalBase = basePath.replace(/\\/g, "/");
// Get the relative portion after basePath
if (!normalFull.startsWith(normalBase)) {
return false;
}

214
src/services/nas-financials-manager.ts Normal file
View File

@@ -0,0 +1,214 @@
import fs from "fs";
import path from "path";
import { config } from "../config/env";
/**
* NAS storage for financial documents.
* Structure: {basePath}/Vydané/YYYY/MM/ and {basePath}/Přijaté/YYYY/MM/
*/
const DIR_ISSUED = "Vydané";
const DIR_RECEIVED = "Přijaté";
class NasFinancialsManager {
private readonly basePath: string;
constructor() {
const raw = config.nas.financialsPath;
this.basePath = raw ? path.resolve(raw).replace(/\\/g, "/") : "";
}
isConfigured(): boolean {
if (!this.basePath) return false;
try {
fs.mkdirSync(this.basePath, { recursive: true });
return fs.statSync(this.basePath).isDirectory();
} catch {
return false;
}
}
// ── Created (issued) invoices ────────────────────────────────────
saveIssuedInvoicePdf(
invoiceNumber: string,
year: number,
month: number,
pdfBuffer: Buffer,
): string | null {
const dir = this.ensureDir(DIR_ISSUED, year, month);
if (!dir) return null;
const safeName = this.sanitizeFilename(invoiceNumber) + ".pdf";
const fullPath = path.join(dir, safeName);
try {
fs.writeFileSync(fullPath, pdfBuffer);
return `${DIR_ISSUED}/${year}/${this.pad(month)}/${safeName}`;
} catch {
return null;
}
}
readIssuedInvoice(
relativePath: string,
): { data: Buffer; fileName: string } | null {
const fullPath = this.resolveSafePath(relativePath);
if (!fullPath) return null;
try {
const data = fs.readFileSync(fullPath);
return { data, fileName: path.basename(fullPath) };
} catch {
return null;
}
}
deleteIssuedInvoice(relativePath: string): boolean {
const fullPath = this.resolveSafePath(relativePath);
if (!fullPath) return false;
try {
fs.unlinkSync(fullPath);
return true;
} catch {
return false;
}
}
// ── Received invoices ────────────────────────────────────────────
buildReceivedPath(fileName: string, year: number, month: number): string {
const safeName = this.sanitizeFilename(fileName) || "file";
return `${DIR_RECEIVED}/${year}/${this.pad(month)}/${safeName}`;
}
saveReceivedInvoice(
originalName: string,
year: number,
month: number,
fileBuffer: Buffer,
): { filePath: string } | { error: string } {
if (!this.isConfigured()) {
return { error: "NAS financials path is not configured" };
}
const dir = this.ensureDir(DIR_RECEIVED, year, month);
if (!dir) return { error: "Nelze vytvořit adresář na NAS" };
let safeName = this.sanitizeFilename(originalName);
if (!safeName) safeName = "file";
const fullPath = path.join(dir, safeName);
try {
fs.writeFileSync(fullPath, fileBuffer);
return {
filePath: `${DIR_RECEIVED}/${year}/${this.pad(month)}/${safeName}`,
};
} catch (e) {
return {
error: `Nelze uložit soubor na NAS: ${e instanceof Error ? e.message : String(e)}`,
};
}
}
readReceivedInvoice(
filePath: string,
): { data: Buffer; fileName: string } | null {
const fullPath = this.resolveSafePath(filePath);
if (!fullPath) return null;
try {
const data = fs.readFileSync(fullPath);
return { data, fileName: path.basename(fullPath) };
} catch {
return null;
}
}
deleteReceivedInvoice(filePath: string): boolean {
const fullPath = this.resolveSafePath(filePath);
if (!fullPath) return false;
try {
fs.unlinkSync(fullPath);
return true;
} catch {
return false;
}
}
// ── Private helpers ──────────────────────────────────────────────
private ensureDir(
category: string,
year: number,
month: number,
): string | null {
const dirPath = path.join(
this.basePath,
category,
String(year),
this.pad(month),
);
try {
fs.mkdirSync(dirPath, { recursive: true });
return dirPath;
} catch {
return null;
}
}
private pad(n: number): string {
return String(n).padStart(2, "0");
}
private sanitizeFilename(name: string): string {
let safe = path.basename(name);
safe = safe.replace(/[\x00-\x1f\x7f<>:"/\\|?*]/g, "");
safe = safe.replace(/^[. ]+|[. ]+$/g, "");
if ([...safe].length > 255) {
const ext = path.extname(safe).slice(1);
const base = path.basename(safe, ext ? "." + ext : "");
const maxBase = 250 - [...ext].length;
safe = ext
? [...base].slice(0, maxBase).join("") + "." + ext
: [...base].slice(0, maxBase).join("");
}
return safe;
}
private uniquePath(dir: string, fileName: string): string {
let fullPath = path.join(dir, fileName);
if (!fs.existsSync(fullPath)) return fullPath;
const ext = path.extname(fileName);
const base = path.basename(fileName, ext);
let counter = 1;
while (fs.existsSync(fullPath)) {
fullPath = path.join(dir, `${base}_${counter}${ext}`);
counter++;
}
return fullPath;
}
private resolveSafePath(relativePath: string): string | null {
if (!this.basePath) return null;
if (relativePath.includes("\0") || relativePath.includes("..")) {
return null;
}
const normalized = relativePath.replace(/\\/g, "/").replace(/^\/+/, "");
const candidate = path
.resolve(this.basePath, normalized)
.replace(/\\/g, "/");
const normalBase = this.basePath.replace(/\\/g, "/");
if (!candidate.startsWith(normalBase + "/")) {
return null;
}
return candidate;
}
}
export const nasFinancialsManager = new NasFinancialsManager();

146
src/services/nas-offers-manager.ts Normal file
View File

@@ -0,0 +1,146 @@
import fs from "fs";
import path from "path";
import { config } from "../config/env";
/**
* NAS storage for offers/quotations.
* Structure: {basePath}/{YYYY}/{prefix_seq}/{year_prefix_seq}.pdf
* The env path (NAS_OFFERS_PATH) should point directly to the Nabídky folder.
*/
class NasOffersManager {
private readonly basePath: string;
constructor() {
const raw = config.nas.offersPath;
this.basePath = raw ? path.resolve(raw).replace(/\\/g, "/") : "";
}
isConfigured(): boolean {
if (!this.basePath) return false;
try {
fs.mkdirSync(this.basePath, { recursive: true });
return fs.statSync(this.basePath).isDirectory();
} catch {
return false;
}
}
saveOfferPdf(
quotationNumber: string,
year: number,
pdfBuffer: Buffer,
): string | null {
const { prefix, seq } = this.parseParts(quotationNumber);
const folderName = `${prefix}_${seq}`;
const fileName = `${year}_${prefix}_${seq}.pdf`;
const dir = this.ensureDir(year, folderName);
if (!dir) return null;
const fullPath = path.join(dir, fileName);
try {
fs.writeFileSync(fullPath, pdfBuffer);
return `${year}/${folderName}/${fileName}`;
} catch {
return null;
}
}
readOfferPdf(
relativePath: string,
): { data: Buffer; fileName: string } | null {
const fullPath = this.resolveSafePath(relativePath);
if (!fullPath) return null;
try {
const data = fs.readFileSync(fullPath);
return { data, fileName: path.basename(fullPath) };
} catch {
return null;
}
}
deleteOfferPdf(relativePath: string): boolean {
const fullPath = this.resolveSafePath(relativePath);
if (!fullPath) return false;
try {
fs.unlinkSync(fullPath);
// Remove parent folder if empty
const dir = path.dirname(fullPath);
const remaining = fs.readdirSync(dir);
if (remaining.length === 0) {
fs.rmdirSync(dir);
}
return true;
} catch {
return false;
}
}
/** Build the relative NAS path for a given quotation number + year */
buildRelativePath(quotationNumber: string, year: number): string {
const { prefix, seq } = this.parseParts(quotationNumber);
const folderName = `${prefix}_${seq}`;
const fileName = `${year}_${prefix}_${seq}.pdf`;
return `${year}/${folderName}/${fileName}`;
}
private parseParts(quotationNumber: string): {
prefix: string;
seq: string;
} {
const parts = quotationNumber.split("/");
return {
prefix: parts.length >= 2 ? parts[parts.length - 2] : "NA",
seq: parts[parts.length - 1],
};
}
// ── Private helpers ──────────────────────────────────────────────
private ensureDir(year: number, quotationNumber?: string): string | null {
const parts = [this.basePath, String(year)];
if (quotationNumber) parts.push(quotationNumber);
const dirPath = path.join(...parts);
try {
fs.mkdirSync(dirPath, { recursive: true });
return dirPath;
} catch {
return null;
}
}
private sanitizeFilename(name: string): string {
let safe = path.basename(name);
safe = safe.replace(/[\x00-\x1f\x7f<>:"/\\|?*]/g, "");
safe = safe.replace(/^[. ]+|[. ]+$/g, "");
if ([...safe].length > 255) {
const ext = path.extname(safe).slice(1);
const base = path.basename(safe, ext ? "." + ext : "");
const maxBase = 250 - [...ext].length;
safe = ext
? [...base].slice(0, maxBase).join("") + "." + ext
: [...base].slice(0, maxBase).join("");
}
return safe;
}
private resolveSafePath(relativePath: string): string | null {
if (!this.basePath) return null;
if (relativePath.includes("\0") || relativePath.includes("..")) {
return null;
}
const normalized = relativePath.replace(/\\/g, "/").replace(/^\/+/, "");
const candidate = path
.resolve(this.basePath, normalized)
.replace(/\\/g, "/");
const normalBase = this.basePath.replace(/\\/g, "/");
if (!candidate.startsWith(normalBase + "/")) {
return null;
}
return candidate;
}
}
export const nasOffersManager = new NasOffersManager();

8
src/services/orders.service.ts
View File

@@ -11,9 +11,9 @@ interface OrderItemInput {
position?: number;
}
interface OrderSectionInput {
title?: string;
title_cz?: string;
content?: string;
title?: string | null;
title_cz?: string | null;
content?: string | null;
position?: number;
}
@@ -331,6 +331,7 @@ export async function createOrder(body: CreateOrderData) {
interface UpdateOrderData {
[key: string]: unknown;
customer_id?: number | string | null;
items?: OrderItemInput[];
sections?: OrderSectionInput[];
}
@@ -342,7 +343,6 @@ export async function updateOrder(id: number, body: UpdateOrderData) {
const currentStatus = existing.status as string;
// Validate status transition
if (body.status !== undefined && String(body.status) !== currentStatus) {
const newStatus = String(body.status);
const allowed = VALID_TRANSITIONS[currentStatus] || [];

5
src/services/users.service.ts
View File

@@ -97,12 +97,10 @@ export async function createUser(data: CreateUserData) {
const firstName = data.first_name.trim();
const lastName = data.last_name.trim();
// Email format
if (!/^[^\s@]+@[^\s@]+\.[^\s@]+$/.test(email)) {
return { error: "Neplatný formát e-mailu", status: 400 } as const;
}
// Username uniqueness
const existingUsername = await prisma.users.findFirst({
where: { username },
});
@@ -110,7 +108,6 @@ export async function createUser(data: CreateUserData) {
return { error: "Uživatelské jméno již existuje", status: 409 } as const;
}
// Email uniqueness
const existingEmail = await prisma.users.findFirst({ where: { email } });
if (existingEmail) {
return { error: "E-mail již existuje", status: 409 } as const;
@@ -144,7 +141,6 @@ export async function updateUser(id: number, body: UpdateUserData) {
const data: Record<string, unknown> = {};
// Username validation and uniqueness
if (body.username !== undefined) {
const newUsername = String(body.username).trim();
if (newUsername !== existing.username) {
@@ -161,7 +157,6 @@ export async function updateUser(id: number, body: UpdateUserData) {
data.username = newUsername;
}
// Email validation and uniqueness
if (body.email !== undefined) {
const newEmail = String(body.email).trim();
if (!/^[^\s@]+@[^\s@]+\.[^\s@]+$/.test(newEmail)) {

1
src/types/index.ts
View File

@@ -1,4 +1,3 @@
// Re-export all Prisma-generated types
export type {
attendance,
attendance_project_logs,

30
src/utils/czech-holidays.ts
View File

@@ -3,6 +3,8 @@
* Port of PHP CzechHolidays class.
*/
import { localDateStr } from "./date";
const holidayCache = new Map<number, string[]>();
/** Easter Sunday using the Anonymous Gregorian algorithm */
@@ -30,17 +32,17 @@ export function getHolidays(year: number): string[] {
const y = String(year);
const holidays = [
`${y}-01-01`, // Den obnovy samostatného českého státu
`${y}-05-01`, // Svátek práce
`${y}-05-08`, // Den vítězství
`${y}-07-05`, // Den slovanských věrozvěstů Cyrila a Metoděje
`${y}-07-06`, // Den upálení mistra Jana Husa
`${y}-09-28`, // Den české státnosti
`${y}-10-28`, // Den vzniku samostatného československého státu
`${y}-11-17`, // Den boje za svobodu a demokracii
`${y}-12-24`, // Štědrý den
`${y}-12-25`, // 1. svátek vánoční
`${y}-12-26`, // 2. svátek vánoční
`${y}-01-01`, // New Year's / Restoration of Czech Independence
`${y}-05-01`, // Labour Day
`${y}-05-08`, // Victory Day
`${y}-07-05`, // Saints Cyril and Methodius Day
`${y}-07-06`, // Jan Hus Day
`${y}-09-28`, // Czech Statehood Day
`${y}-10-28`, // Czechoslovak Independence Day
`${y}-11-17`, // Freedom and Democracy Day
`${y}-12-24`, // Christmas Eve
`${y}-12-25`, // Christmas Day
`${y}-12-26`, // St. Stephen's Day
];
// Easter-based
@@ -51,10 +53,8 @@ export function getHolidays(year: number): string[] {
const easterMonday = new Date(easterDate);
easterMonday.setDate(easterMonday.getDate() + 1);
const fmt = (d: Date) =>
`${d.getFullYear()}-${String(d.getMonth() + 1).padStart(2, "0")}-${String(d.getDate()).padStart(2, "0")}`;
holidays.push(fmt(goodFriday)); // Velký pátek
holidays.push(fmt(easterMonday)); // Velikonoční pondělí
holidays.push(localDateStr(goodFriday)); // Good Friday
holidays.push(localDateStr(easterMonday)); // Easter Monday
holidays.sort();
holidayCache.set(year, holidays);

40
src/utils/date.ts Normal file
View File

@@ -0,0 +1,40 @@
/**
* Centralized date/time helpers.
*
* Prisma stores DateTime as UTC in MySQL DATETIME columns.
* The Date.toJSON override in config/env.ts serializes using local getters,
* so the frontend always receives local time. These helpers ensure
* consistent local-time formatting whenever we need a string outside
* of JSON serialization (e.g., building lookup keys, shift_date strings).
*/
/** YYYY-MM-DD in local time */
export function localDateStr(d: Date): string {
const y = d.getFullYear();
const m = String(d.getMonth() + 1).padStart(2, "0");
const day = String(d.getDate()).padStart(2, "0");
return `${y}-${m}-${day}`;
}
/** YYYY-MM in local time */
export function localMonthStr(d: Date): string {
return `${d.getFullYear()}-${String(d.getMonth() + 1).padStart(2, "0")}`;
}
/** HH:MM in local time */
export function localTimeStr(d: Date): string {
return `${String(d.getHours()).padStart(2, "0")}:${String(d.getMinutes()).padStart(2, "0")}`;
}
/** DD.MM.YYYY in local time (Czech date format) */
export function localDateCzStr(d: Date): string {
return `${String(d.getDate()).padStart(2, "0")}.${String(d.getMonth() + 1).padStart(2, "0")}.${d.getFullYear()}`;
}
/** DD.MM.YYYY HH:MM:SS in local time (Czech datetime format) */
export function localDateTimeCzStr(d: Date): string {
const h = String(d.getHours()).padStart(2, "0");
const min = String(d.getMinutes()).padStart(2, "0");
const s = String(d.getSeconds()).padStart(2, "0");
return `${localDateCzStr(d)} ${h}:${min}:${s}`;
}

52
src/utils/html-to-pdf.ts Normal file
View File

@@ -0,0 +1,52 @@
import { Browser } from "puppeteer";
let browser: Browser | null = null;
async function getBrowser(): Promise<Browser> {
if (browser && browser.connected) return browser;
// Try puppeteer (bundles Chromium), fall back to puppeteer-core (system Chromium)
try {
const puppeteer = await import("puppeteer");
browser = await puppeteer.default.launch({
headless: true,
args: ["--no-sandbox", "--disable-setuid-sandbox", "--disable-gpu"],
});
} catch {
const core = await import("puppeteer-core");
const executablePath =
process.env.CHROMIUM_PATH ||
"/usr/bin/chromium-browser" ||
"/usr/bin/chromium";
browser = await core.default.launch({
headless: true,
executablePath,
args: ["--no-sandbox", "--disable-setuid-sandbox", "--disable-gpu"],
});
}
return browser;
}
export async function htmlToPdf(html: string): Promise<Buffer> {
const b = await getBrowser();
const page = await b.newPage();
try {
await page.setContent(html, { waitUntil: "networkidle0" });
const pdf = await page.pdf({
format: "A4",
printBackground: true,
margin: { top: "10mm", bottom: "10mm", left: "10mm", right: "10mm" },
});
return Buffer.from(pdf);
} finally {
await page.close();
}
}
export async function closeBrowser(): Promise<void> {
if (browser) {
await browser.close();
browser = null;
}
}