Compare commits
145 Commits
v1.4.5
...
9dd2e07f19
| Author | SHA1 | Date | |
|---|---|---|---|
|
|
9dd2e07f19 | ||
|
|
18064a972c | ||
|
|
996835dae5 | ||
|
|
c73b980ce7 | ||
|
|
dafa6d6aab | ||
|
|
80803cc868 | ||
|
|
55fa4045ad | ||
|
|
7f156cc721 | ||
|
|
e0d2fccf50 | ||
|
|
a1c251650b | ||
|
|
103908cfb8 | ||
|
|
449a1a2243 | ||
|
|
337feb8b3a | ||
|
|
bc62d32efc | ||
|
|
30dd5a3f3b | ||
|
|
5140d23d73 | ||
|
|
a373102f3a | ||
|
|
49ec3482ae | ||
|
|
f6cdfb9801 | ||
|
|
bd9dc8d103 | ||
|
|
0c5d0ee2f7 | ||
|
|
fdf180809d | ||
|
|
52f3da73ad | ||
|
|
83aba93a98 | ||
|
|
744baec2ec | ||
|
|
1f05ef6a55 | ||
|
|
94a9fb8b5a | ||
|
|
9c582e1a43 | ||
|
|
9ae49c0d6a | ||
|
|
522afefc80 | ||
|
|
c5f986adc1 | ||
|
|
379725a096 | ||
|
|
05596642bc | ||
|
|
58bf0348d7 | ||
|
|
55a2c50f79 | ||
|
|
86e4cbf345 | ||
|
|
852c127c00 | ||
|
|
71a0016a4a | ||
|
|
88c9b7c2b8 | ||
|
|
4a78d31a7f | ||
|
|
e845400fca | ||
|
|
fce27633a9 | ||
|
|
4d47897e27 | ||
|
|
aef4ab92ec | ||
|
|
5f36c34d48 | ||
|
|
b94f4879e3 | ||
|
|
dab5ad8aa5 | ||
|
|
8b77a0a905 | ||
|
|
4b1c42b17f | ||
|
|
a55356d417 | ||
|
|
c983747418 | ||
|
|
3db257faa9 | ||
|
|
d3d7f7e199 | ||
|
|
084ec9289b | ||
|
|
4a9c283789 | ||
|
|
2f76fe0bc1 | ||
|
|
9a11a8f001 | ||
|
|
f0816b126b | ||
|
|
f31797fb5b | ||
|
|
9c110abf46 | ||
|
|
a0f351b0aa | ||
|
|
916cf34efd | ||
|
|
003807a074 | ||
|
|
ca911bf96c | ||
|
|
9c10ff9f22 | ||
|
|
38a58b55c0 | ||
|
|
4d8fd62961 | ||
|
|
ef404e4362 | ||
|
|
fb022802ae | ||
|
|
795d4d5af9 | ||
|
|
74113035ae | ||
|
|
42f9561337 | ||
|
|
f79967d433 | ||
|
|
d410e7433e | ||
|
|
0711bafac0 | ||
|
|
5273f88272 | ||
|
|
182d4ca4b3 | ||
|
|
4773b5be22 | ||
|
|
6074d6163b | ||
|
|
652e3f91fc | ||
|
|
5233db2002 | ||
|
|
dac45baaa8 | ||
|
|
f389c4b3cf | ||
|
|
fdc7037e60 | ||
|
|
b02f6afe93 | ||
|
|
1b2ab7b4eb | ||
|
|
29975ecad9 | ||
|
|
e846f15126 | ||
|
|
86bebf9776 | ||
|
|
7b7c6bde68 | ||
|
|
935fb235a6 | ||
|
|
d2d1cdbb92 | ||
|
|
5f08b0e086 | ||
|
|
637499a8ec | ||
|
|
f413bae348 | ||
|
|
2b1de583fd | ||
|
|
5500cdb118 | ||
|
|
2254a13ad0 | ||
|
|
1f5885de84 | ||
|
|
705f58e3d1 | ||
|
|
0330453ad6 | ||
|
|
66b98e2765 | ||
|
|
55648c9a30 | ||
|
|
cd6d3daf43 | ||
|
|
1db5060c42 | ||
|
|
4cabba395d | ||
|
|
59b478f262 | ||
|
|
e4f14a24b7 | ||
|
|
3bd0d055d9 | ||
|
|
746d17e182 | ||
|
|
e96e51598a | ||
|
|
9abec36f07 | ||
|
|
ecd8e3679f | ||
|
|
ba95723b61 | ||
|
|
12289bdce3 | ||
|
|
d1c5234a03 | ||
|
|
27cc876e82 | ||
|
|
82919d39f6 | ||
|
|
3481b97d47 | ||
|
|
d7c7fbad88 | ||
|
|
7f07032bf2 | ||
|
|
d873c96ae3 | ||
|
|
c4f6723042 | ||
|
|
9e699c4dd4 | ||
|
|
ea81380225 | ||
|
|
a9bc82fac5 | ||
|
|
8c278be941 | ||
|
|
aa6c1b5094 | ||
|
|
4f4b12f039 | ||
|
|
528e55991b | ||
|
|
122eee175e | ||
|
|
5a28f75303 | ||
|
|
07cb428287 | ||
|
|
b197017644 | ||
|
|
e9f07a4a39 | ||
|
|
44d389201c | ||
|
|
3106aaf314 | ||
|
|
90e797b8fa | ||
|
|
1f7362c8af | ||
|
|
fe44a2b12d | ||
|
|
8a9239311d | ||
|
|
cd25cd6ee4 | ||
|
|
967fbba2a4 | ||
|
|
41fe65c7fc | ||
|
|
09d345a312 |
@@ -1,43 +0,0 @@
|
|||||||
---
|
|
||||||
name: compare-php
|
|
||||||
description: Compare a feature between PHP boha-app and TS boha-app-ts to verify migration parity
|
|
||||||
---
|
|
||||||
|
|
||||||
# Compare PHP vs TS Implementation
|
|
||||||
|
|
||||||
Compare a specific feature, component, or endpoint between the original PHP project (D:\cortex\boha-app) and the TypeScript migration (D:\cortex\boha-app-ts).
|
|
||||||
|
|
||||||
## Usage
|
|
||||||
|
|
||||||
The user will specify what to compare. Examples:
|
|
||||||
- `/compare-php attendance print`
|
|
||||||
- `/compare-php invoice PDF generation`
|
|
||||||
- `/compare-php offer numbering logic`
|
|
||||||
|
|
||||||
## Process
|
|
||||||
|
|
||||||
1. Search the PHP codebase (D:\cortex\boha-app) for the relevant implementation
|
|
||||||
2. Search the TS codebase (D:\cortex\boha-app-ts) for the same feature
|
|
||||||
3. Compare:
|
|
||||||
- API endpoints and request/response shape
|
|
||||||
- Business logic and calculations
|
|
||||||
- Database queries
|
|
||||||
- Frontend behavior
|
|
||||||
4. Report differences found — what's missing, what's different, what's extra
|
|
||||||
|
|
||||||
## Key directories
|
|
||||||
|
|
||||||
**PHP project:**
|
|
||||||
- API handlers: `D:\cortex\boha-app\api\admin\handlers\`
|
|
||||||
- API routes: `D:\cortex\boha-app\api\admin\`
|
|
||||||
- Frontend pages: `D:\cortex\boha-app\src\admin\pages\`
|
|
||||||
- Frontend components: `D:\cortex\boha-app\src\admin\components\`
|
|
||||||
- Frontend hooks: `D:\cortex\boha-app\src\admin\hooks\`
|
|
||||||
- Includes/utils: `D:\cortex\boha-app\api\includes\`
|
|
||||||
|
|
||||||
**TS project:**
|
|
||||||
- API routes: `D:\cortex\boha-app-ts\src\routes\admin\`
|
|
||||||
- Services: `D:\cortex\boha-app-ts\src\services\`
|
|
||||||
- Frontend pages: `D:\cortex\boha-app-ts\src\admin\pages\`
|
|
||||||
- Frontend components: `D:\cortex\boha-app-ts\src\admin\components\`
|
|
||||||
- Frontend hooks: `D:\cortex\boha-app-ts\src\admin\hooks\`
|
|
||||||
@@ -7,13 +7,13 @@ HOST=127.0.0.1
|
|||||||
APP_ENV=local
|
APP_ENV=local
|
||||||
|
|
||||||
# Auth — MUST regenerate for production: openssl rand -hex 32
|
# Auth — MUST regenerate for production: openssl rand -hex 32
|
||||||
JWT_SECRET=generate-with-openssl-rand-hex-32
|
JWT_SECRET=REPLACE_WITH_64_CHAR_HEX_STRING_RUN_openssl_rand_hex_32
|
||||||
ACCESS_TOKEN_EXPIRY=900
|
ACCESS_TOKEN_EXPIRY=900
|
||||||
REFRESH_TOKEN_SESSION_EXPIRY=3600
|
REFRESH_TOKEN_SESSION_EXPIRY=3600
|
||||||
REFRESH_TOKEN_REMEMBER_EXPIRY=2592000
|
REFRESH_TOKEN_REMEMBER_EXPIRY=2592000
|
||||||
|
|
||||||
# TOTP — MUST regenerate for production: openssl rand -hex 32
|
# TOTP — MUST regenerate for production: openssl rand -hex 32
|
||||||
TOTP_ENCRYPTION_KEY=generate-with-openssl-rand-hex-32
|
TOTP_ENCRYPTION_KEY=REPLACE_WITH_64_CHAR_HEX_STRING_RUN_openssl_rand_hex_32
|
||||||
|
|
||||||
# File storage
|
# File storage
|
||||||
NAS_PATH=Z:/02_PROJEKTY
|
NAS_PATH=Z:/02_PROJEKTY
|
||||||
|
|||||||
477
CLAUDE.md
Normal file
477
CLAUDE.md
Normal file
@@ -0,0 +1,477 @@
|
|||||||
|
# CLAUDE.md — boha-app-ts
|
||||||
|
|
||||||
|
Business management system for a Czech company, rewritten from PHP to TypeScript/Node.js.
|
||||||
|
Handles attendance, invoicing, leave/trips, projects, vehicles, and HR operations.
|
||||||
|
|
||||||
|
---
|
||||||
|
|
||||||
|
## Tech Stack
|
||||||
|
|
||||||
|
| Layer | Technology |
|
||||||
|
| -------------- | ------------------------------------------------------------- |
|
||||||
|
| Runtime | Node.js, TypeScript 5.9.3 (strict) |
|
||||||
|
| HTTP Framework | Fastify 5.8.2 |
|
||||||
|
| ORM | Prisma 6.19.2 → MySQL |
|
||||||
|
| Auth | JWT (HS256, 15 min) + TOTP 2FA (RFC 6238, otpauth) + bcryptjs |
|
||||||
|
| Validation | Zod 4.3.6 |
|
||||||
|
| Frontend | React 18.3.1 + Vite 8.0.0 |
|
||||||
|
| Testing | Vitest 4.1.0 + Supertest |
|
||||||
|
| PDF | Puppeteer 24.x |
|
||||||
|
| Email | nodemailer 8.x |
|
||||||
|
| Cron | node-cron 4.x |
|
||||||
|
|
||||||
|
---
|
||||||
|
|
||||||
|
## Project Structure
|
||||||
|
|
||||||
|
```
|
||||||
|
src/
|
||||||
|
├── server.ts # Fastify server entry point — plugins, routes, error handler
|
||||||
|
├── routes/admin/ # HTTP route handlers (one file per entity)
|
||||||
|
├── services/ # Business logic (no classes, exported functions, uses Prisma directly)
|
||||||
|
├── schemas/ # Zod validation schemas (one file per entity)
|
||||||
|
├── middleware/ # auth.ts (requireAuth, requirePermission, optionalAuth)
|
||||||
|
│ # security.ts (CSP, HSTS, security headers)
|
||||||
|
├── utils/ # totp.ts, pdf.ts, email.ts, audit.ts, formatters, etc.
|
||||||
|
├── config/ # env.ts (config singleton, Date.toJSON override)
|
||||||
|
├── types/ # index.ts (AuthData, JwtPayload, ApiResponse, re-exports from Prisma)
|
||||||
|
├── admin/ # React 18 frontend (57 .tsx files)
|
||||||
|
│ ├── AdminApp.tsx # Router + lazy-loaded pages
|
||||||
|
│ ├── contexts/ # AuthContext, AlertContext
|
||||||
|
│ ├── components/ # Layout, modals, tables, editors
|
||||||
|
│ ├── pages/ # One file per page/feature
|
||||||
|
│ ├── hooks/ # useApiCall, useListData, useTableSort, etc.
|
||||||
|
│ └── utils/ # api.ts (fetch wrapper with token refresh), formatters, helpers
|
||||||
|
└── __tests__/ # Vitest tests (auth, numbering)
|
||||||
|
|
||||||
|
prisma/
|
||||||
|
├── schema.prisma # 32 models, MySQL, snake_case columns
|
||||||
|
└── migrations/ # Applied migrations
|
||||||
|
|
||||||
|
dist/ # Compiled server (CommonJS, ES2022)
|
||||||
|
dist-client/ # Built frontend (Vite, ES2020)
|
||||||
|
```
|
||||||
|
|
||||||
|
---
|
||||||
|
|
||||||
|
## Commands
|
||||||
|
|
||||||
|
```bash
|
||||||
|
# Development
|
||||||
|
npm run dev # Starts server in watch mode (manage frontend separately)
|
||||||
|
npm run dev:server # tsx watch src/server.ts
|
||||||
|
npm run dev:client # Vite dev server
|
||||||
|
|
||||||
|
# Build
|
||||||
|
npm run build # Build server + client
|
||||||
|
npm run build:server # tsc -p tsconfig.server.json → dist/
|
||||||
|
npm run build:client # vite build → dist-client/
|
||||||
|
|
||||||
|
# Run (production)
|
||||||
|
npm start # node dist/server.js
|
||||||
|
|
||||||
|
# Tests
|
||||||
|
npm test # vitest run (single pass)
|
||||||
|
npm run test:watch # vitest watch
|
||||||
|
|
||||||
|
# Database
|
||||||
|
npx prisma migrate dev # Create migration from schema changes + apply to dev
|
||||||
|
npx prisma migrate dev --name <descriptive_name> # Named migration
|
||||||
|
npx prisma migrate deploy # Apply pending migrations to production
|
||||||
|
npx prisma generate # Regenerate Prisma client after schema changes
|
||||||
|
npx prisma studio # DB browser GUI
|
||||||
|
npx prisma db seed # (Re)seed the dev database
|
||||||
|
npx prisma migrate diff --from-url <url> --to-schema-datamodel prisma/schema.prisma --script # Preview SQL before prod deploy
|
||||||
|
npx prisma migrate resolve --applied <migration> # Mark migration as applied without running SQL
|
||||||
|
```
|
||||||
|
|
||||||
|
**Do not start the dev server.** The user manages it separately.
|
||||||
|
|
||||||
|
**Before running `prisma migrate dev` or `prisma db push`, ask the user to stop their dev server and wait for confirmation.** Migrations can conflict with an active database connection from the running server.
|
||||||
|
|
||||||
|
---
|
||||||
|
|
||||||
|
## Environment Variables
|
||||||
|
|
||||||
|
Required:
|
||||||
|
|
||||||
|
```
|
||||||
|
DATABASE_URL=mysql://user:pass@host:3306/dbname
|
||||||
|
JWT_SECRET=<64-char hex string>
|
||||||
|
TOTP_ENCRYPTION_KEY=<64-char hex string>
|
||||||
|
```
|
||||||
|
|
||||||
|
Optional (with defaults):
|
||||||
|
|
||||||
|
```
|
||||||
|
PORT=3001 # Production port (dev default: 3050, hardcoded in server.ts)
|
||||||
|
HOST=127.0.0.1
|
||||||
|
APP_ENV=local|production # Default: local. Controls CSP, CORS, HSTS
|
||||||
|
ACCESS_TOKEN_EXPIRY=900 # 15 minutes
|
||||||
|
REFRESH_TOKEN_SESSION_EXPIRY=3600 # 1 hour
|
||||||
|
REFRESH_TOKEN_REMEMBER_EXPIRY=2592000 # 30 days
|
||||||
|
NAS_PATH=Z:/02_PROJEKTY # Network share for project files
|
||||||
|
MAX_UPLOAD_SIZE=52428800 # 50MB
|
||||||
|
CONTACT_EMAIL_TO=
|
||||||
|
CONTACT_EMAIL_FROM=
|
||||||
|
SMTP_FROM=
|
||||||
|
LEAVE_NOTIFY_EMAIL=
|
||||||
|
APP_URL= # Used in email links
|
||||||
|
CORS_ORIGINS= # Comma-separated, production only
|
||||||
|
```
|
||||||
|
|
||||||
|
Use `.env` for dev, `.env.test` for tests.
|
||||||
|
|
||||||
|
---
|
||||||
|
|
||||||
|
## Architecture & Key Patterns
|
||||||
|
|
||||||
|
### Request Flow
|
||||||
|
|
||||||
|
```
|
||||||
|
Request → CORS → Cookie → Rate-limit → Security headers
|
||||||
|
→ requirePermission() or requireAuth()
|
||||||
|
→ Zod schema validation (parseBody helper)
|
||||||
|
→ Route handler
|
||||||
|
→ Service function
|
||||||
|
→ Prisma
|
||||||
|
→ success(reply, data) or error(reply, message, status)
|
||||||
|
```
|
||||||
|
|
||||||
|
### Response Format
|
||||||
|
|
||||||
|
All responses use this shape:
|
||||||
|
|
||||||
|
```typescript
|
||||||
|
// Success
|
||||||
|
{ success: true, data: T, message?: string, pagination?: {...} }
|
||||||
|
|
||||||
|
// Error
|
||||||
|
{ success: false, error: string }
|
||||||
|
```
|
||||||
|
|
||||||
|
Use the `success()` and `error()` helpers in routes — never write raw `reply.send()`.
|
||||||
|
|
||||||
|
### Service Pattern
|
||||||
|
|
||||||
|
Services are plain exported async functions, no classes:
|
||||||
|
|
||||||
|
```typescript
|
||||||
|
// src/services/foo.service.ts
|
||||||
|
export async function getFoo(id: number) {
|
||||||
|
const result = await prisma.foo.findUnique({ where: { id } });
|
||||||
|
if (!result) return { error: "Not found", status: 404 };
|
||||||
|
return { data: result };
|
||||||
|
}
|
||||||
|
|
||||||
|
// src/routes/admin/foo.ts
|
||||||
|
const result = await getFoo(id);
|
||||||
|
if ("error" in result) return error(reply, result.error, result.status ?? 400);
|
||||||
|
return success(reply, result.data);
|
||||||
|
```
|
||||||
|
|
||||||
|
### Error Handling
|
||||||
|
|
||||||
|
- Routes map service errors to HTTP responses using the pattern above.
|
||||||
|
- Global error handler in `server.ts` catches all unhandled exceptions; returns 500 with Czech message.
|
||||||
|
- **Never silently swallow errors.** Even if a failure is non-fatal, log it: `app.log.error(e, 'context')`.
|
||||||
|
- Error messages are in Czech (this is intentional — user-facing messages, Czech company).
|
||||||
|
|
||||||
|
### Permissions
|
||||||
|
|
||||||
|
```typescript
|
||||||
|
// Route-level guard
|
||||||
|
fastify.addHook("preHandler", requirePermission("invoices.view"));
|
||||||
|
// or multiple
|
||||||
|
fastify.addHook(
|
||||||
|
"preHandler",
|
||||||
|
requirePermission("invoices.view", "invoices.edit"),
|
||||||
|
);
|
||||||
|
|
||||||
|
// Admin role bypasses all permission checks
|
||||||
|
// Permissions follow the pattern: "entity.action" (e.g., "users.create", "invoices.delete")
|
||||||
|
```
|
||||||
|
|
||||||
|
### Audit Logging
|
||||||
|
|
||||||
|
Call `logAudit()` from `src/utils/audit.ts` whenever data is created/updated/deleted.
|
||||||
|
Pass `oldData` and `newData` so the diff is stored. Audit failures are non-fatal.
|
||||||
|
|
||||||
|
### Validation
|
||||||
|
|
||||||
|
Use Zod schemas from `src/schemas/`. All route bodies must be validated:
|
||||||
|
|
||||||
|
```typescript
|
||||||
|
const body = parseBody(FooSchema, request.body);
|
||||||
|
if ("error" in body) return error(reply, body.error, 400);
|
||||||
|
```
|
||||||
|
|
||||||
|
---
|
||||||
|
|
||||||
|
## Date & Timezone Handling (Critical Gotcha)
|
||||||
|
|
||||||
|
`src/config/env.ts` sets `process.env.TZ = 'Europe/Prague'` and overrides
|
||||||
|
`Date.prototype.toJSON()` to return local time (not UTC). This means:
|
||||||
|
|
||||||
|
- `JSON.stringify(new Date())` returns local Czech time, not UTC.
|
||||||
|
- All API responses with Date fields will contain local time strings.
|
||||||
|
- Prisma stores dates as UTC internally, but they read back as local due to the TZ setting.
|
||||||
|
- **Never assume UTC** when working with Date objects in this codebase.
|
||||||
|
- When writing new date comparisons or DB queries, use `new Date()` (already local) — do not manually offset.
|
||||||
|
- The override exists for PHP migration compatibility and Czech date display.
|
||||||
|
|
||||||
|
---
|
||||||
|
|
||||||
|
## TOTP / 2FA
|
||||||
|
|
||||||
|
- Secret stored AES-256-GCM encrypted in `users.totp_secret`.
|
||||||
|
- Supports two encoding formats: PHP legacy (base64 iv+cipher+tag) and TS (hex).
|
||||||
|
- Backup codes stored as encrypted JSON array in `users.totp_backup_codes`.
|
||||||
|
- When `company_settings.require_2fa = true`, all users must enroll before accessing the app.
|
||||||
|
- Login flow: password → if 2FA enabled → issue `loginToken` (5 min, single-use) → TOTP verify → issue access + refresh tokens.
|
||||||
|
|
||||||
|
---
|
||||||
|
|
||||||
|
## Testing
|
||||||
|
|
||||||
|
Tests live in `src/__tests__/`. They use Vitest + Supertest against a real test database (`.env.test`).
|
||||||
|
|
||||||
|
- Test coverage is minimal: only `auth` and `numbering` are tested.
|
||||||
|
- Use `buildApp()` helper to spin up the Fastify instance for tests.
|
||||||
|
- Tests use `vitest.config.ts` with `environment: 'node'` and 15s timeout.
|
||||||
|
- **Do not mock Prisma** — tests hit a real database to catch schema/query bugs.
|
||||||
|
|
||||||
|
When adding new features, add tests in `src/__tests__/`. Name test files `<feature>.test.ts`.
|
||||||
|
|
||||||
|
---
|
||||||
|
|
||||||
|
## Frontend Conventions
|
||||||
|
|
||||||
|
- Pages are lazy-loaded via `React.lazy()` in `AdminApp.tsx`.
|
||||||
|
- Auth state lives in `AuthContext`; use `useAuth()` hook to access it.
|
||||||
|
- Alerts/toasts use `AlertContext`; use `useAlert()` to show them.
|
||||||
|
- API calls go through `src/admin/utils/api.ts` which handles token refresh automatically (deduplicates concurrent refresh calls).
|
||||||
|
- Custom hooks: `useApiCall`, `useListData`, `useTableSort`, `useDebounce`, `useModalLock`.
|
||||||
|
- Styling: CSS files in `src/admin/` — no CSS-in-JS, no Tailwind. Use CSS variables.
|
||||||
|
|
||||||
|
### Query Invalidation Convention
|
||||||
|
|
||||||
|
Mutations must invalidate the **full domain** of any entity they touch. Prefer broad invalidation:
|
||||||
|
|
||||||
|
- `["users"]` over `["users", "list"]`
|
||||||
|
- `["trips"]` over `["trips", "vehicles"]`
|
||||||
|
|
||||||
|
Reason: React Query's `invalidateQueries` uses prefix matching, so `["trips"]` matches all
|
||||||
|
`["trips", ...]` sub-queries. This means new queries are automatically invalidated without
|
||||||
|
updating every mutation handler. Inactive queries are only marked stale, not refetched, so
|
||||||
|
the performance cost is minimal. Optimize to targeted keys only when profiling shows a problem.
|
||||||
|
|
||||||
|
When entity A embeds/references entity B, A's mutation handlers invalidate B's domain:
|
||||||
|
|
||||||
|
- User CRUD invalidates `["trips"]` and `["attendance"]` (both embed user data)
|
||||||
|
- Vehicle CRUD invalidates `["trips"]` (trips reference vehicles)
|
||||||
|
- Invoice CRUD invalidates `["orders"]` (orders reference invoices)
|
||||||
|
|
||||||
|
---
|
||||||
|
|
||||||
|
## Database Conventions
|
||||||
|
|
||||||
|
- All models use `snake_case` column names; Prisma maps to camelCase in TypeScript.
|
||||||
|
- Soft-delete via `is_deleted` boolean (not all tables, check schema).
|
||||||
|
- Timestamps: `created_at`, `updated_at` (auto-managed by Prisma).
|
||||||
|
- Number sequences (`number_sequences` table) manage invoice/quotation numbering — never hardcode numbering logic.
|
||||||
|
- All significant tables have audit log entries. Check `audit_logs` model for the schema.
|
||||||
|
|
||||||
|
---
|
||||||
|
|
||||||
|
## Database Migrations (Critical Workflow)
|
||||||
|
|
||||||
|
**Golden rule: NEVER use `prisma db push`.** It bypasses migration history and causes drift
|
||||||
|
between the schema and migration tracking. Always use `prisma migrate dev` for every schema change.
|
||||||
|
|
||||||
|
**Every database change or manipulation must be a tracked Prisma migration.** This includes:
|
||||||
|
|
||||||
|
- Schema changes (tables, columns, indexes, constraints) — via `prisma migrate dev`
|
||||||
|
- Permission/role/seed data changes — via a migration that does the INSERTs/DELETEs explicitly
|
||||||
|
- Lookup data, default settings, or any other row-level baseline that production needs
|
||||||
|
- Backfills, data fixes, and one-shot corrections that should be in sync across environments
|
||||||
|
|
||||||
|
**What is NOT acceptable:**
|
||||||
|
|
||||||
|
- Running raw SQL against production (`mysql -e "..."`, `npx prisma db execute`, `pm2 exec`)
|
||||||
|
- `npx prisma db seed` as the only way to populate data (seed is dev-only convenience; prod must run the same SQL via a migration)
|
||||||
|
- "I'll fix it in the seed file" or "I'll add a row manually" without a migration to back it
|
||||||
|
|
||||||
|
The reason: every change to the production database must be reviewable, reversible, and reproducible from a fresh checkout. External SQL commands and seed-only changes cause drift — prod and dev diverge, rollback gets harder with every manual change, and the next deploy surprises us.
|
||||||
|
|
||||||
|
If you need to insert/update/seed data on production, write a migration. The migration's `migration.sql` is a normal SQL file — `INSERT INTO ...`, `UPDATE ...`, `DELETE ...` are all valid. Prisma will run it via `prisma migrate deploy` like any other migration.
|
||||||
|
|
||||||
|
### Making schema changes
|
||||||
|
|
||||||
|
```
|
||||||
|
1. Edit prisma/schema.prisma
|
||||||
|
2. npx prisma migrate dev --name descriptive_name
|
||||||
|
→ This creates a migration in prisma/migrations/ AND applies it to dev DB
|
||||||
|
3. npx prisma generate
|
||||||
|
4. Commit BOTH schema.prisma AND the new migration folder
|
||||||
|
git add prisma/schema.prisma prisma/migrations/
|
||||||
|
```
|
||||||
|
|
||||||
|
### Verifying before production deploy
|
||||||
|
|
||||||
|
```bash
|
||||||
|
# Preview what SQL will run on production (no changes applied)
|
||||||
|
npx prisma migrate diff \
|
||||||
|
--from-url "mysql://user:pass@prod:3306/app" \
|
||||||
|
--to-schema-datamodel prisma/schema.prisma \
|
||||||
|
--script
|
||||||
|
|
||||||
|
# Empty output = no diff. If it shows SQL, review it before deploying.
|
||||||
|
```
|
||||||
|
|
||||||
|
### Deploying migrations to production
|
||||||
|
|
||||||
|
The release process runs `prisma migrate deploy` on production.
|
||||||
|
This applies only pending migrations — safe, idempotent.
|
||||||
|
|
||||||
|
### If migrations get out of sync (drift)
|
||||||
|
|
||||||
|
```bash
|
||||||
|
# Diff production DB against local schema to find drift
|
||||||
|
npx prisma migrate diff \
|
||||||
|
--from-url "mysql://prod" \
|
||||||
|
--to-schema-datamodel prisma/schema.prisma \
|
||||||
|
--script
|
||||||
|
|
||||||
|
# If drift is safe (CREATE only, no DROPs): apply with db push ONCE, then baseline
|
||||||
|
# If drift includes DROPs: investigate before touching production
|
||||||
|
```
|
||||||
|
|
||||||
|
### Baselinining a database that has no migrations
|
||||||
|
|
||||||
|
If production was synced with `db push` and has no `_prisma_migrations` table:
|
||||||
|
|
||||||
|
```bash
|
||||||
|
# 1. Create initial migration locally
|
||||||
|
npx prisma migrate dev --name init
|
||||||
|
|
||||||
|
# 2. Copy to production and mark as applied (no SQL runs)
|
||||||
|
scp -r prisma/migrations user@prod:/var/www/app-ts/prisma/
|
||||||
|
ssh user@prod
|
||||||
|
cd /var/www/app-ts
|
||||||
|
npx prisma migrate resolve --applied <migration_name>
|
||||||
|
```
|
||||||
|
|
||||||
|
---
|
||||||
|
|
||||||
|
## Conventions (enforced — verified by the 2026-06-06 audit)
|
||||||
|
|
||||||
|
These are the unified rules across the codebase. Follow them for new code; the
|
||||||
|
audit found and fixed the deviations. Full report: `docs/codebase-audit-2026-06-06.md`.
|
||||||
|
|
||||||
|
**Routes**
|
||||||
|
|
||||||
|
- **Responses:** always `success(reply, data[, status, message])` / `error(reply, msg, status)` / the paginated helper. Never raw `reply.send({ success: true, ... })`. (Some legacy files still do — convert when you touch them.)
|
||||||
|
- **Route ids:** parse numeric params with `parseId((request.params as any).id, reply)` then `if (id === null) return;`. Do not use raw `parseInt` (it yields `NaN`, not a 400).
|
||||||
|
- **Bodies:** validate every body with `parseBody(Schema, request.body)` → `if ("error" in body) return error(reply, body.error, 400)`.
|
||||||
|
- **Permissions:** guard with `requirePermission` / `requireAnyPermission`. The admin shortcut is `authData.roleName === "admin"`. ⚠️ `AuthData` has **`roleName`**, not `role` (`role` only exists on `JwtPayload`). Don't type `authData` as `any` — it hides exactly this bug.
|
||||||
|
- **Audit:** call `logAudit` on every create/update/delete (and on security-relevant actions like session/token termination) with `oldValues`/`newValues`.
|
||||||
|
|
||||||
|
**Services**
|
||||||
|
|
||||||
|
- Plain exported async functions; return `{ data }` or `{ error, status }` (preferred over discriminated unions). Services own Prisma; routes stay thin.
|
||||||
|
- Respect soft-delete (`is_deleted: false`) in reads where the model has it.
|
||||||
|
|
||||||
|
**Schemas (Zod 4)**
|
||||||
|
|
||||||
|
- Use Zod 4 idioms: `z.strictObject({...})` / `z.looseObject({...})` (not deprecated `.strict()` / `.passthrough()`).
|
||||||
|
- Shared coercion helpers (number-from-form, nullable-number, boolean-from-form) belong in `src/schemas/common.ts` — don't copy-paste the `z.union([z.number(), z.string()]).transform(Number)` idiom (it's duplicated ~150× today; consolidating is a tracked follow-up). New number coercions should guard against `NaN`.
|
||||||
|
- User-facing messages in **Czech**; identifiers/keys in English.
|
||||||
|
|
||||||
|
**Frontend**
|
||||||
|
|
||||||
|
- **Query invalidation:** invalidate the **broad domain key** (`["offers"]`, not `["offers","list"]`). Prefix-matching covers sub-queries.
|
||||||
|
- **Single source of truth for shared maps:** audit `entity_type` → Czech label lives in `src/admin/lib/entityTypeLabels.ts` and MUST be keyed to the server's `EntityType` values (add the new key there when you add an entity type). Plan categories come from the DB via `lib/queries/plan.ts`. Don't duplicate label maps across files or across server/client.
|
||||||
|
- Prefer deriving state over `useEffect`; use React Query for fetching, not effects.
|
||||||
|
|
||||||
|
**Dates (two deliberate regimes — don't "fix" either)**
|
||||||
|
|
||||||
|
- **Plan module** does all date-only math in **UTC** (`setUTCDate`, `toISOString().slice(0,10)`) because its columns are `@db.Date` (UTC-midnight). Correct and stable.
|
||||||
|
- **Attendance/leave** writes `@db.Date` at **local noon** (`new Date(y, m, d, 12, 0, 0)`).
|
||||||
|
- **Frontend "today" / date-string round-trips:** use `utils/date.ts` `localDateStr` (server) / `normalizeDateStr` (client). **Never** use `new Date().toISOString().split("T")[0]` for "today" — it's the UTC date and is a day early during the late-evening Prague window.
|
||||||
|
|
||||||
|
---
|
||||||
|
|
||||||
|
## Known Issues & Gotchas
|
||||||
|
|
||||||
|
1. **Date.prototype.toJSON override** — global monkey-patch in `src/config/env.ts`. Side-effects on third-party libraries that serialize dates. Do not remove without migrating all date serialization.
|
||||||
|
|
||||||
|
2. **CJS/ESM mismatch in tests** — Server compiles to CommonJS (`tsconfig.server.json`), but Vitest runs in ESM by default. The `vitest.config.ts` resolves this, but be careful when adding dependencies that only support ESM.
|
||||||
|
|
||||||
|
3. **Mixed error patterns** — Some services return `{ error, status }`, others return discriminated unions `{ type: 'success' | 'error' }`. Prefer `{ error, status }` for consistency with existing routes.
|
||||||
|
|
||||||
|
4. **Never swallow errors** — log at minimum; never use empty `catch` blocks. The service layer logs via `console.*` (there is no request-scoped pino logger in services). The NAS managers' previously-silent filesystem catches are now logged. One exception: a `catch` that handles an _expected_ condition (e.g. `ENOENT` used as an existence check) may stay silent **only with a comment** saying so.
|
||||||
|
|
||||||
|
5. **HTML sanitization is in place — keep applying it** — Rich-text fields (invoice notes, quotation scope, order notes) ARE sanitized: server-side DOMPurify (jsdom) plus a `cleanQuillHtml` regex pass at all three PDF routes, and the frontend sanitizes before every `dangerouslySetInnerHTML` (InvoiceDetail, OrderDetail). (The old "sanitization gap" note was stale — verified by the 2026-06-06 audit.) When you add ANY new rich-text/HTML field, apply the same sanitization on BOTH the PDF path and the render path.
|
||||||
|
|
||||||
|
6. **Puppeteer PDF generation** — Runs a headless browser. Input to the HTML template must be sanitized. Do not pass unsanitized user data into PDF templates.
|
||||||
|
|
||||||
|
7. **NAS_PATH file access** — Project file uploads write to a network share path. In dev, this path may not be mounted. Features using `NAS_PATH` will fail gracefully (or not) if the path is unavailable.
|
||||||
|
|
||||||
|
8. **Prisma client regeneration** — After any schema change and migration, run `npx prisma generate`. The generated client is not committed to git.
|
||||||
|
|
||||||
|
9. **No CSRF tokens** — CSRF protection relies on `SameSite=Strict` cookies + CORS. Do not weaken CORS configuration.
|
||||||
|
|
||||||
|
10. **Czech locale hardcoded** — Error messages, month names, and some business logic strings are Czech. This is intentional.
|
||||||
|
|
||||||
|
11. **Seed file is dev-only** — `prisma/seed.ts` is for local dev convenience. It is **not** the production data source. Any data the production database must have (permissions, default roles, baseline rows) belongs in a migration's `migration.sql`, not in the seed file. `npx prisma db seed` must never be run against production.
|
||||||
|
|
||||||
|
---
|
||||||
|
|
||||||
|
## Release Process
|
||||||
|
|
||||||
|
1. Bump version in `package.json`
|
||||||
|
2. `npm run build`
|
||||||
|
3. Commit and tag (`git tag -a vX.Y.Z`)
|
||||||
|
4. Push to Gitea (`git push origin master && git push origin vX.Y.Z`)
|
||||||
|
5. Create tarball: `tar -czf app-ts-X.Y.Z.tar.gz dist dist-client prisma package.json package-lock.json scripts`
|
||||||
|
6. Deploy via SSH to production server (`boha_admin@192.168.50.100`):
|
||||||
|
- Path: `/var/www/app-ts`
|
||||||
|
- Remove old files: `rm -rf dist dist-client prisma scripts package.json package-lock.json`
|
||||||
|
- Copy tarball to server: `scp app-ts-X.Y.Z.tar.gz boha_admin@192.168.50.100:/tmp/`
|
||||||
|
- Extract tarball: `tar -xzf /tmp/app-ts-X.Y.Z.tar.gz`
|
||||||
|
- Install dependencies: `npm install --omit=dev`
|
||||||
|
- Apply Prisma migrations: `npx prisma migrate deploy`
|
||||||
|
- Restart: `pm2 restart app-ts --update-env`
|
||||||
|
|
||||||
|
### Hotfixing a migration that was added after the tarball was built
|
||||||
|
|
||||||
|
If you write a new `prisma/migrations/<timestamp>_*` folder **after** the
|
||||||
|
release tarball has already been built and shipped, that migration is
|
||||||
|
NOT in the tarball and `prisma migrate deploy` on prod will report
|
||||||
|
"No pending migrations". The release tarball re-build re-runs the whole
|
||||||
|
release, but for a one-off hotfix you can ship just the new migration
|
||||||
|
folder:
|
||||||
|
|
||||||
|
```bash
|
||||||
|
# Local
|
||||||
|
cd prisma/migrations
|
||||||
|
tar -czf /tmp/warehouse_perms_migration.tar.gz <timestamp>_<name>/
|
||||||
|
scp /tmp/warehouse_perms_migration.tar.gz boha_admin@192.168.50.100:/tmp/
|
||||||
|
|
||||||
|
# On prod
|
||||||
|
ssh boha_admin@192.168.50.100
|
||||||
|
cd /var/www/app-ts/prisma/migrations
|
||||||
|
sudo -u boha_admin tar -xzf /tmp/warehouse_perms_migration.tar.gz
|
||||||
|
cd /var/www/app-ts
|
||||||
|
npx prisma migrate deploy
|
||||||
|
pm2 restart app-ts --update-env
|
||||||
|
```
|
||||||
|
|
||||||
|
The migration is still tracked in git and applied via `prisma migrate
|
||||||
|
deploy` — the only thing the tarball is doing is delivering the
|
||||||
|
`migration.sql` to prod, which is the same mechanism the main release
|
||||||
|
uses. This is preferred over running raw SQL on prod (which the policy
|
||||||
|
in "Database Migrations" forbids).
|
||||||
|
|
||||||
|
Do not push directly to production or restart services without confirmation.
|
||||||
37
boneyard.config.json
Normal file
37
boneyard.config.json
Normal file
@@ -0,0 +1,37 @@
|
|||||||
|
{
|
||||||
|
"breakpoints": [375, 768, 1280],
|
||||||
|
"out": "./src/admin/bones",
|
||||||
|
"color": "#e0e0e0",
|
||||||
|
"animate": "shimmer",
|
||||||
|
"shimmerColor": "#f0f0f0",
|
||||||
|
"speed": "1.2s",
|
||||||
|
"shimmerAngle": 110,
|
||||||
|
"wait": 3000,
|
||||||
|
"routes": [
|
||||||
|
"/",
|
||||||
|
"/users",
|
||||||
|
"/attendance",
|
||||||
|
"/attendance/history",
|
||||||
|
"/attendance/admin",
|
||||||
|
"/attendance/balances",
|
||||||
|
"/attendance/requests",
|
||||||
|
"/attendance/approval",
|
||||||
|
"/attendance/create",
|
||||||
|
"/trips",
|
||||||
|
"/trips/history",
|
||||||
|
"/trips/admin",
|
||||||
|
"/vehicles",
|
||||||
|
"/offers",
|
||||||
|
"/offers/new",
|
||||||
|
"/offers/customers",
|
||||||
|
"/offers/templates",
|
||||||
|
"/orders",
|
||||||
|
"/orders/1",
|
||||||
|
"/projects",
|
||||||
|
"/projects/80",
|
||||||
|
"/invoices",
|
||||||
|
"/invoices/new",
|
||||||
|
"/settings",
|
||||||
|
"/audit-log"
|
||||||
|
]
|
||||||
|
}
|
||||||
90
docs/codebase-audit-2026-06-06.md
Normal file
90
docs/codebase-audit-2026-06-06.md
Normal file
@@ -0,0 +1,90 @@
|
|||||||
|
# Codebase Consistency & Best-Practices Audit — 2026-06-06 (overnight)
|
||||||
|
|
||||||
|
**Branch:** `chore/codebase-consistency-audit` (off `master` @ v1.9.0). Nothing here is pushed or deployed; for user review in the morning.
|
||||||
|
|
||||||
|
**Mandate (from user):** scan the whole codebase, find inconsistencies, unify manners/conventions, apply best practices (use context7 for library docs). Edit CLAUDE.md to codify rules. Work only in the project dir. Use many agents.
|
||||||
|
|
||||||
|
**Operating rules I'm following (self-imposed for safe autonomous work):**
|
||||||
|
|
||||||
|
- Isolated branch only. Never touch `master`, never push, never deploy, never touch prod/DB.
|
||||||
|
- Keep `tsc` (server+client) at 0 and `vitest` green after every change set.
|
||||||
|
- Prefer documenting risky/large refactors over auto-applying them. Auto-apply only safe, verified, mechanical unifications.
|
||||||
|
- Don't `git add -A`; stage explicit paths.
|
||||||
|
|
||||||
|
---
|
||||||
|
|
||||||
|
## 🔴 CRITICAL FINDINGS (need user action)
|
||||||
|
|
||||||
|
### C1 — v1.9.0 production regression: plan edit-modal delete button missing
|
||||||
|
|
||||||
|
- **Cause:** `FormModal`'s `footerLeft` / `hideCloseButton` props + modal animations lived only in the user's _uncommitted_ working tree. Committed `PlanCellModal.tsx:225` (and the modal system) depend on `footerLeft`. Releases build from committed code (WIP stashed), so v1.9.0 shipped a `FormModal` without the footer-left slot → the **delete button in the plan entry/override edit modal does not render in production**. Also caused a committed-code `tsc` error (TS2322).
|
||||||
|
- **Impact:** plan entry/override deletion via the edit modal is broken in prod v1.9.0. Category management is NOT affected (it uses `hideFooter` + in-body delete). Minor cosmetic: modal entry animation, `hideCloseButton`.
|
||||||
|
- **Fix:** committed the modal enhancements (`86e4cbf` on this branch). **Needs a patch release (v1.9.1) to fix prod.**
|
||||||
|
- **Status:** fixed on branch; prod patch pending user.
|
||||||
|
|
||||||
|
### C2 — test suite was red on master/v1.9.0 (2 failing auth tests)
|
||||||
|
|
||||||
|
- **Cause:** the JWT log-noise fix (`88c9b7c`) stopped logging expected invalid/expired tokens, but `auth.service.test.ts` still asserted it logged. The wrong auth test file (`auth.test.ts`) was run when that change landed, so 2 failing tests shipped on master.
|
||||||
|
- **Fix:** updated the tests to assert null + no-log for `JsonWebTokenError` cases (`55a2c50`). Suite back to **134/134**.
|
||||||
|
- **Status:** fixed on branch. (No runtime impact; CI/test hygiene + would also be cleared by the v1.9.1 patch.)
|
||||||
|
|
||||||
|
---
|
||||||
|
|
||||||
|
## Findings log
|
||||||
|
|
||||||
|
(Discovery sweep results appended below as agents report. Severity: critical/high/medium/low. Fix class: safe-auto / needs-judgment / manual.)
|
||||||
|
|
||||||
|
## Changes applied on this branch (all verified: server+client tsc 0, vitest 134, build 0)
|
||||||
|
|
||||||
|
Correctness / bugs:
|
||||||
|
|
||||||
|
- `86e4cbf` **C1** modal `footerLeft`/`hideCloseButton` enhancements committed (fixes v1.9.0 regression + tsc error).
|
||||||
|
- `55a2c50` **C2** fix 2 failing `verifyAccessToken` tests (red on master).
|
||||||
|
- `379725a` **H1/H4** `isAdminLike` reads `roleName` not `role` (admins were self-scoped on /entries,/overrides); dropped 4 stale `as any` category casts.
|
||||||
|
- `c5f986a` **H5** corrected + unified audit `entity_type` label map (was showing raw English for invoice/order/quotation/trip/vehicle + all warehouse\_\*).
|
||||||
|
- `1f05ef6` date: `todayLocalStr()` replaces 11 UTC-`today` defaults (off-by-one in post-midnight Prague).
|
||||||
|
- `744baec` security: audit-log session termination (single + all-others); new `session` EntityType.
|
||||||
|
|
||||||
|
Consistency / cleanup:
|
||||||
|
|
||||||
|
- `9ae49c0` parseId (trips/sessions), broad `["offers"]` invalidation, Czech messages (attendance/orders/offers/project-files), Zod 4 `z.strictObject`.
|
||||||
|
- `522afef` undefined `--danger-color`→`--danger`, dedup `formatDate` + `require2FAOptions`, removed dead `systemSettingsOptions`, dropped double `plan.css` import.
|
||||||
|
- `9c582e1` **H2/H3** log the 30 silent NAS filesystem catches (kept 3 ENOENT-expected as deliberate no-logs).
|
||||||
|
|
||||||
|
Docs:
|
||||||
|
|
||||||
|
- `94a9fb8` CLAUDE.md: codified "Conventions (enforced)" section; corrected stale known-issues #4 (NAS) and #5 (sanitization is in place, not a gap).
|
||||||
|
- `58bf034`/`0559664` this report + full 84-finding catalog (`codebase-audit-findings-2026-06-06.md`).
|
||||||
|
|
||||||
|
## Remaining recommendations (NOT auto-applied — for your review)
|
||||||
|
|
||||||
|
Deliberately left for review (too broad/behavior-risky to apply unattended, or low value):
|
||||||
|
|
||||||
|
- **`reply.send` → helpers** (medium): ~1/3 of route files use raw `reply.send({success:true,...})` instead of `success()/paginated()`. Mechanical but touches many files + response-shape sensitive — convert per-file when touched. (List in findings catalog, dimension `routes`.)
|
||||||
|
- **Zod coercion helpers** (medium): the number/nullable-number/boolean-from-form coercions are copy-pasted ~150×; extract to `src/schemas/common.ts` (with a `NaN` guard — current coercion silently yields `NaN`). Big mechanical sweep — do with review.
|
||||||
|
- **console.\* → request logger** (medium): services log via `console.*` (bypasses pino/log-level). Architectural; needs a service-logging strategy.
|
||||||
|
- **`markOverdueInvoices`** (medium): swallows the DB-update failure and returns void, so the route treats a failed update as success — surface the error. Also it compares a `@db.Date` due_date against full `new Date()` (flips "overdue" on the due day) — compare date-only.
|
||||||
|
- **Dead exports** (low): `previewPattern()` (numbering.service), `usersQuery`/`planKeys.users()` (lib/queries/plan) — unused API surface; remove or wire up.
|
||||||
|
- **`ShiftFormModal`** (low): inline styles use `--danger-color`/`--success-color`/etc. (undefined; rely on fallbacks) — switch to the `--danger`/`--success` design tokens.
|
||||||
|
- **`.env.example` drift** (low): out of sync with vars read in `config/env.ts` — regenerate.
|
||||||
|
- **`@/*` path alias** (low): declared in tsconfig but not wired into Vite/vitest — either wire it up or remove.
|
||||||
|
- **warehouse soft-delete test** (low): a test named "soft delete" asserts a hard delete its own comment flags as buggy — clarify intent.
|
||||||
|
- **TOTP verify** doesn't increment failed-login counter (relies on rate limit); **HSTS** lacks `preload` — security hardening, low.
|
||||||
|
|
||||||
|
Full detail + file:line for every item: `docs/codebase-audit-findings-2026-06-06.md`.
|
||||||
|
|
||||||
|
## Progress tracker
|
||||||
|
|
||||||
|
- [x] Branch + clean baseline (tsc server 0 / client 0; vitest 134).
|
||||||
|
- [x] C1 modal regression + C2 red tests found & fixed (134/134).
|
||||||
|
- [x] Discovery sweep (16 parallel dimensions, 84 findings).
|
||||||
|
- [x] Synthesis + prioritization (high + safe-auto).
|
||||||
|
- [x] Safe unifications applied (12 commits, each verified green).
|
||||||
|
- [x] CLAUDE.md updated with codified conventions.
|
||||||
|
- [x] Remaining items documented as a review roadmap.
|
||||||
|
- [x] Final verification.
|
||||||
|
|
||||||
|
## ⚠️ Action for you in the morning
|
||||||
|
|
||||||
|
- **v1.9.1 patch:** C1 (plan edit-modal delete button) + C2 (red tests) affect production v1.9.0. Merge this branch (or cherry-pick `86e4cbf`,`55a2c50`,`379725a`,`c5f986a`) and cut a patch.
|
||||||
|
- Review this branch (`chore/codebase-consistency-audit`, 12 commits) and merge what you like. Nothing here is pushed or deployed.
|
||||||
544
docs/codebase-audit-findings-2026-06-06.md
Normal file
544
docs/codebase-audit-findings-2026-06-06.md
Normal file
@@ -0,0 +1,544 @@
|
|||||||
|
# Codebase Audit — Full Findings Catalog (2026-06-06)
|
||||||
|
|
||||||
|
Generated from the 16-dimension discovery sweep. 84 findings (high 5, medium 31, low 48).
|
||||||
|
|
||||||
|
## Dimension summaries
|
||||||
|
|
||||||
|
**svc-errors** — test2
|
||||||
|
|
||||||
|
**routes** — Route handlers in src/routes/admin/* are largely consistent and follow the documented patterns well: nearly every route uses a requirePermission/requireAnyPermission/requireAuth guard, validates bodies via parseBody(ZodSchema, ...) with the uniform `if ("error" in parsed) return error(reply, parsed.error, 400)` shape, uses parseId for numeric route params in most files, and logs audit entries on create/update/delete with old/new values. The warehouse, customers, invoices, projects, roles, and auth/totp files are exemplary. The real issues are: (1) a genuine authorization/visibility bug in plan.ts where the admin check reads a non-existent field; (2) a recurring style violation where roughly a third of files send raw `reply.send({ success: true, ... })` instead of the success()/paginated() helpers that CLAUDE.md mandates; (3) two security-relevant session-termination mutations with no audit logging; and (4) inconsistent ID parsing (raw parseInt vs the parseId helper) in trips.ts and sessions.ts. HTTP status codes are generally correct (201 on create, 404 not-found, 409 conflict, 403 permission), with one cluster of not-found/validation responses in project-files.ts falling back to the default 400.
|
||||||
|
|
||||||
|
**schemas** — The 21 Zod schema files in src/schemas/* are consistently organized (one file per entity, Create/Update pairs, z.infer type exports, Czech user-facing messages — all intentional and good). Every route body is validated via the shared parseBody helper (src/schemas/common.ts) — coverage is complete; the handful of raw `request.body` reads (attendance.ts, orders.ts, projects.ts, project-files.ts) either re-dispatch to parseBody with branch-specific schemas or do narrow manual checks, so there is no unvalidated-body gap. The dominant real issue is massive duplication of three coercion idioms — a number-from-form `z.union([z.number(),z.string()]).transform(v=>Number(v))`, a nullable variant with `z.null()`, and a boolean-from-form `z.preprocess(v=>v===true||v===1||v==="1", z.boolean())` — copy-pasted ~150+ times across files instead of living as shared helpers in common.ts. Secondary issues: the number coercion is unsafe (no NaN guard in most places, so "abc" silently becomes NaN), email validation is applied inconsistently (only users/profile, not customers/warehouse/settings), error-message language is mixed (Czech vs English "Must be a valid number"), no schemas use strict object mode so unknown keys are silently stripped, and the two inline route schemas use Zod-3-deprecated `.strict()`/`.passthrough()` rather than Zod 4's `z.strictObject()`/`z.looseObject()`. Severity is mostly low/medium: these are maintainability and robustness gaps, not security holes (the app is on Zod 4.3.6, so the modern helpers are available).
|
||||||
|
|
||||||
|
**logging** — Overall the codebase handles errors deliberately: routes use Fastify's pino logger (request.log.*/app.log.*), the global error handler logs unhandled exceptions, audit failures are logged and treated as non-fatal, and a couple of catch blocks (auth.ts verifyAccessToken, attendance/leave duplicate-record handling) are intentionally selective with good comments. The two real systemic issues are: (1) the NAS file/financials managers (src/services/nas-file-manager.ts, src/services/nas-financials-manager.ts) contain ~25 empty/silent catch blocks that swallow genuine filesystem operation failures (delete/mkdir/write/rename) with zero logging, returning only a generic Czech string — directly violating the CLAUDE.md "never silently swallow errors" rule and making NAS issues undebuggable; and (2) all service-layer error logging uses console.* instead of the configured pino logger, so those messages bypass structured logging and the production log-level config. A secondary correctness smell: markOverdueInvoices swallows DB-update failures and returns void, so its route caller treats a failed update as success. Frontend error handling is consistent (alert.error with Czech fallback); a few best-effort .catch(()=>{}) swallows on background calls are defensible but undocumented.
|
||||||
|
|
||||||
|
**prisma** — Solid Prisma usage overall. Real issues in findings.
|
||||||
|
|
||||||
|
**security** — Auth and crypto fundamentals are solid: refresh tokens are SHA-256-hashed with rotation + reuse detection (replaced_at/replaced_by_hash + FOR UPDATE), TOTP has counter-based replay protection, password comparison is timing-safe (dummy bcrypt hash on user-not-found/locked/inactive), TOTP secrets are AES-256-GCM encrypted, account lockout + per-route rate limits exist, bcrypt cost is 12, and JWT verification pins HS256. Contrary to CLAUDE.md "known issue #5", HTML sanitization for invoice notes, quotation scope, and order notes is NOT missing: DOMPurify (jsdom) is applied at all three server-side PDF routes plus a regex-based cleanQuillHtml second pass, and both frontend render sites (InvoiceDetail, OrderDetail) sanitize before dangerouslySetInnerHTML. NAS file access has strong path-traversal defenses (rejects "..", null bytes, confines to base, rejects symlink components, MIME/extension allowlist). The real gaps are narrower: the TOTP-code verification step does not increment failed-login counters (relies only on a 5/min rate limit), HSTS lacks preload, and the server-side invoice/offer PDF endpoints serve attacker-influenced (but sanitized) HTML as same-origin text/html. No SQL injection found — all $queryRaw uses are parameterized tagged templates.
|
||||||
|
|
||||||
|
**dates** — Date handling splits into two well-reasoned, internally-consistent regimes plus a set of genuine off-by-one bugs at the boundary between them. (1) The plan module (src/services/plan.service.ts, src/admin/pages/PlanWork.tsx, usePlanWork.ts, PlanGrid.tsx) deliberately does ALL date-only arithmetic in UTC (setUTCDate/getUTCDate, toISOString().slice(0,10), proper ISO-8601 week calc). Because every column it touches is `@db.Date` (stored at UTC-midnight by Prisma), this is correct and stable — explicitly documented at plan.service.ts:63-67 and 342-352. Do not "fix" it. (2) The attendance/leave server code constructs `@db.Date` writes at LOCAL noon (new Date(y,m,d,12,0,0)), which is the robust convention. The real problems: a repeated frontend pattern `new Date().toISOString().split("T")[0]` for "today" defaults computes the UTC date, giving yesterday in the late-evening Prague window; the invoices/received-invoices/trips edit forms round-trip API date strings through `new Date(x).toISOString().split(...)` instead of the existing string-slice helper `normalizeDateStr`, risking a shift; trips' raw API datetime string is fed into a native <input type=date> (blank on mobile); markOverdueInvoices compares a `@db.Date` due_date against full `new Date()` so invoices flip to "overdue" on their due day; and getCzechDate uses a non-ISO local week formula that disagrees with PlanWork's ISO week. A correct local-date string helper (utils/date.ts localDateStr, and frontend normalizeDateStr) already exists but isn't used in the offending spots.
|
||||||
|
|
||||||
|
**ts-safety** — Both tsconfigs enable `strict: true` and there are zero `@ts-ignore`/`@ts-nocheck` directives, so the baseline is good. The real risk is concentrated, not diffuse: 77 `any` occurrences cluster in the work-plan stack (plan.service.ts, routes/admin/plan.ts, hooks/usePlanWork.ts) and a few PDF/HTML builders. The single most important finding is a latent authorization-scoping bug masked by an `any`-typed parameter in plan.ts (`isAdminLike` reads `authData.role`, but `AuthData` only has `roleName`), which makes admins always scope to their own plan rows. Systemically, ~47 of 107 exported service functions have no explicit return type, which forces `(result as any).status` casts in route handlers (projects.ts, quotations.ts) because the inferred error union isn't uniform. There is also a genuinely duplicated/contradictory `PaginationMeta` shape defined three times with diverging fields. Non-null assertions are mostly the defensible `request.authData!` post-auth pattern and are not a concern.
|
||||||
|
|
||||||
|
**rq-data** — The frontend data layer is built on a clean, idiomatic foundation: every read is a `queryOptions()` factory in `src/admin/lib/queries/*` (TanStack Query v5 best practice), data flows through a thin `apiAdapter.ts` (jsonQuery/paginatedJsonQuery) that unwraps the `{success,data}` envelope and throws on error, and a purpose-built `useApiMutation` hook (lib/queries/mutations.ts) wraps `useMutation` + apiFetch + broad invalidation exactly as the docs recommend. The factory pattern is consistently applied for queries and `useApiMutation` is adopted in 34 files. The real weakness is on the WRITE side: a large minority of mutations bypass `useApiMutation` and hand-roll `apiFetch` + `await response.json()` + manual `invalidateQueries` + `try/catch alert("Chyba připojení")` (14 files, ~27 sites), duplicating the exact logic the hook exists to centralize. Within that hand-rolled code the broad-domain invalidation convention from CLAUDE.md is violated in OfferDetail.tsx (uses narrow `["offers","list"]` while Offers.tsx uses broad `["offers"]`). useAttendanceAdmin.ts runs an entirely parallel data system (manual fetchData + setTimeout(300) instead of query factories). Query-key conventions themselves are sound; minor smells are a duplicated `require2FAOptions` factory and an unused deprecated alias. None of these are correctness bugs — they are consistency/maintainability gaps. Best-practice basis: TanStack Query v5 docs (/tanstack/query) confirm prefix-matching invalidation (validating the broad-key convention) and the useMutation→onSuccess→invalidateQueries pattern that useApiMutation implements.
|
||||||
|
|
||||||
|
**react** — The frontend is mostly modern and disciplined: data flows through TanStack Query via lib/queries/*, lazy-loading is consistent for every page in AdminApp.tsx, and there are two solid reusable modal primitives (FormModal, ConfirmModal) used in 34 files. The real issues are concentrated and concrete: (1) one large hook (useAttendanceAdmin.ts, ~830 lines) opts out of TanStack Query and hand-rolls fetching with useEffect/useState, complete with silent empty catches and no race-condition guard — the single biggest consistency/best-practice gap; (2) two editable, mutable lists use the array index as React key (OrderConfirmationModal items, OfferDetail scope sections), which the React docs flag as a correctness bug because rows are deleted/reordered while holding controlled-input state; (3) modal usage is inconsistent — alongside FormModal/ConfirmModal, ~7 components hand-roll the admin-modal-overlay markup with diverging accessibility (DashProfile/DashQuickActions omit role="dialog"/aria-modal entirely; none of the hand-rolled ones wire Esc-to-close that FormModal provides). Several "sync server data into form state via useEffect" effects exist (InvoiceDetail, OfferDetail, CompanySettings, Settings); these use a one-shot ref/flag guard and are an accepted-but-not-ideal pattern per the React "You Might Not Need an Effect" guidance, so they are reported as low severity. Per React docs I pulled: avoid adjusting/resetting state on prop change in an Effect (prefer key-reset or compute during render), and data-fetching effects need an ignore/abort cleanup to avoid stale overwrites.
|
||||||
|
|
||||||
|
**css** — The admin CSS is a single global stylesheet assembled from 19 per-feature files, all imported in AdminApp.tsx (so every selector shares one global namespace — the file split is purely organizational, not scoped). Theming is well-architected and consistent: a central variables.css drives a token system via [data-theme="dark"]/[data-theme="light"] (no prefers-color-scheme mixing), and the large majority of color usage correctly references CSS variables. Genuine issues are: (1) one undefined variable (--danger-color) used in base.css; (2) an inconsistent class-naming scheme — most files use either admin-* or a feature prefix (plan-*, dash-*, fm-*, attendance-*, offers-*), but warehouse uses admin-warehouse-*, invoices mixes admin-badge-*/invoice-*/received-*, and a block of leave badges in components.css drops the admin- prefix entirely; (3) heavy duplication of the badge color recipe (background: color-mix(... 15%) + matching text color) across leave/order/project/invoice/attendance badges, with two different recipes (--success-soft vs color-mix --success 15%) used for the same semantic color; and (4) several defined-but-unused tokens plus an empty responsive.css stub and a double-import of plan.css. Hardcoded hex outside variables.css is mostly legitimate (#fff text on accent backgrounds, feature-scoped local theme token blocks in plan.css/layout.css), not a real problem.
|
||||||
|
|
||||||
|
**naming** — Naming in this codebase is broadly consistent and mostly intentional. Backend `src/` is overwhelmingly kebab-case for files (94 kebab vs 5 camelCase), service functions follow a clean `list*` (collections) / `get*` (single) / `create|update|delete*` (mutations) scheme with no fetch/load mixing, route verbs map cleanly to fastify methods, and Czech appears only in user-facing string literals (a documented, intentional choice — not an identifier problem). The frontend leans on its own consistent conventions: `handle*` event handlers (148 vs 8 `on*`, where the `on*` cases are local DOM listeners — idiomatic), `is*/has*` for boolean props/fields, and `*Options` for TanStack query factories (55 of them). The real, genuine deviations are a small cluster of files added during the "plan" feature work that broke the surrounding kebab-case convention (`planCategory.schema.ts`, `planCategory.service.ts`, `planAuditDescription.ts` and their tests), and the `plan.ts` query module that uses `gridQuery`/`usersQuery` instead of the established `*Options` suffix. The `.service.ts` suffix is applied to 10 of 20 service files, but this tracks a defensible entity-CRUD-vs-infra split rather than randomness. These are low-to-medium consistency gaps, not correctness issues; most fixes are renames with cross-file import ripples, so few qualify as safe-auto.
|
||||||
|
|
||||||
|
**deadcode** — The codebase is generally well-factored (date helpers in src/utils/date.ts and frontend formatters are correctly centralized and reused). The real dead-code/duplication problems are concentrated in two areas: (1) the three PDF route files (invoices-pdf.ts, orders-pdf.ts, offers-pdf.ts) each redefine the same set of HTML/number helpers (escapeHtml, formatNum, formatCurrency, formatDate, cleanQuillHtml) plus an identical JSDOM+DOMPurify bootstrap — and the copies have already diverged (one uses a regular space as a thousands separator where the others use a non-breaking space); and (2) a handful of genuinely unused exports and one orphan component file. escapeHtml alone is independently defined six times across server and frontend. There are no leftover debug console.logs in the conventional sense — service-layer console.* calls are the established (consistent) logging pattern here since services have no Fastify logger, and the one documented console.warn in plan.service.ts is intentional. No commented-out code blocks of note were found.
|
||||||
|
|
||||||
|
**i18n** — Localization is overwhelmingly correct and intentional: all React UI labels, placeholders, titles, button text, alert/toast messages, and the large majority of backend error strings are Czech with correct gender agreement (nenalezen/nenalezena/nenalezeno), while code identifiers, enum values, internal sentinels (e.g. EMAIL_EXISTS), env-validation throws, console.error logs, and dev-only React invariant throws ("useAuth must be used within...") are English — all intentional and not flagged. The genuine gaps are narrow: (1) a handful of English user-facing API error strings that leak to the client ("Missing attendance_id"/"Missing id" in attendance.ts, and "Unauthorized"/"Request failed (n)"/"Invalid JSON response" thrown in the frontend query layer that ProjectFileManager renders verbatim); (2) the parseBody helper surfaces raw Zod messages, so any validator lacking a custom Czech message leaks Zod's default English (enums, .max() length caps, TOTP token .min(1)); and (3) inconsistent Czech phrasing for "not found" — the compact "nenalezen*" form (92 uses) vs the verbose "nebyl/nebyla nalezen*" form (16 uses), sometimes for the identical entity ("Projekt nenalezen" vs "Projekt nebyl nalezen"). No mixed tone, no English UI chrome.
|
||||||
|
|
||||||
|
**tests part2b** — remaining two low findings
|
||||||
|
|
||||||
|
**config-structure** — The build/config layout is coherent: a project-references tsconfig.json splits server (CJS, ES2022, excludes src/admin) from app (ES2020, bundler resolution), with matching vite/vitest configs and env validation in src/config/env.ts. The main structural problem is the absence of a shared constants/types module spanning server and src/admin: domain label maps (entity-type, action, leave-type) and the canonical EntityType value list are duplicated and have DRIFTED. Most seriously, the frontend audit-log label/filter maps use PHP-legacy entity-type keys (offers_quotation, invoices_invoice, projects_project, trips, vehicles) that no longer match what the TS server writes (quotation, invoice, project, trip, vehicle) — a functional bug caused by the duplication. Secondary issues: a configured-but-unused @/* path alias (also absent from vite resolve), a package.json db:push script contradicting the CLAUDE.md golden rule, and .env.example drift vs config/env.ts. The one piece of genuine cross-boundary sharing (czech-holidays imported by src/admin from src/utils) is inconsistent with how everything else is duplicated and is structurally fragile.
|
||||||
|
|
||||||
|
## Findings
|
||||||
|
|
||||||
|
### 1. [HIGH/needs-judgment] Frontend audit-type label/filter maps use legacy keys that don't match server-written entity_type values
|
||||||
|
- **dimension:** config-structure
|
||||||
|
- **where:** src/admin/pages/AuditLog.tsx:47-66; src/admin/utils/dashboardHelpers.ts:21-40; src/types/index.ts:121-149; src/services/audit.ts:30,43; src/routes/admin/audit-log.ts:34; src/admin/lib/queries/auditLog.ts:18
|
||||||
|
- **problem:** The server's canonical EntityType union (src/types/index.ts) and every logAudit() call write values like 'invoice', 'customer', 'quotation', 'order', 'project', 'trip', 'vehicle' (e.g. invoices.ts:134 entityType:'invoice', vehicles.ts:68 'vehicle', quotations.ts:80 'quotation'). But the frontend ENTITY_TYPE_LABELS maps (duplicated identically in AuditLog.tsx and dashboardHelpers.ts) key on PHP-legacy values: offers_quotation, offers_customer, orders_order, invoices_invoice, projects_project, trips, vehicles. Two consequences: (1) the audit log UI falls back to showing raw entity_type strings for most entities because the lookup misses; (2) ENTITY_OPTIONS (derived from this map) feeds the entity-type filter dropdown, which sends e.g. entity_type=invoices_invoice to audit-log.ts:34 where it is exact-matched (where.entity_type = String(...)), so filtering by Faktura/Objednavka/Projekt/Jizda/Vozidlo returns zero rows.
|
||||||
|
- **fix:** Make EntityType a single runtime source of truth (an `as const` array exported from a module importable by both server and src/admin) and derive both the TS union and the label maps from it, or at minimum fix the frontend keys to match the server values (invoice, customer, quotation, order, project, trip, vehicle) and de-duplicate the two copies. Add a small test asserting every EntityType value has a label.
|
||||||
|
|
||||||
|
### 2. [HIGH/needs-judgment] NAS file manager swallows real filesystem failures with empty catch blocks and zero logging
|
||||||
|
- **dimension:** logging
|
||||||
|
- **where:** src/services/nas-file-manager.ts:118; src/services/nas-file-manager.ts:139; src/services/nas-file-manager.ts:153; src/services/nas-file-manager.ts:176; src/services/nas-file-manager.ts:426; src/services/nas-file-manager.ts:531; src/services/nas-file-manager.ts:679
|
||||||
|
- **problem:** nas-file-manager.ts has ~25 catch blocks and not a single logging call (Grep for console./.log./logger returns no matches). While many are legitimate existence/control-flow checks where the error is expected (e.g. lines 471-473, 525-527, 666-668), several swallow genuine operation failures: deleteProjectFolder (118), createProjectFolder (139), delete (426) returning 'Nepodařilo se smazat...', createFolder mkdir (531) returning 'Nepodařilo se vytvořit složku', and countItems (679). The underlying OS error (EACCES, ENOSPC, network share down, etc.) is discarded, so when a NAS operation fails in production there is nothing in the logs to diagnose it. This directly violates the CLAUDE.md rule: 'Never silently swallow errors. Even if a failure is non-fatal, log it.'
|
||||||
|
- **fix:** In the catch blocks that represent actual operation failures (delete, mkdir, rename move, write, copy), capture the error and log it via the Fastify logger before returning the generic Czech message. Since these are service methods without request context, either accept an optional logger/request param or have the calling route log the returned error with the original cause. At minimum, distinguish 'expected ENOENT existence check' catches (which can stay silent) from 'operation should have succeeded' catches (which must log).
|
||||||
|
|
||||||
|
### 3. [HIGH/needs-judgment] NAS financials manager swallows write/read/delete/mkdir errors without logging
|
||||||
|
- **dimension:** logging
|
||||||
|
- **where:** src/services/nas-financials-manager.ts:135; src/services/nas-financials-manager.ts:151; src/services/nas-financials-manager.ts:163; src/services/nas-financials-manager.ts:184
|
||||||
|
- **problem:** saveReceivedInvoice (135) catches a writeFileSync failure and returns the error string to the caller but never logs it server-side. readReceivedInvoice (151-153), deleteReceivedInvoice (163-165) and ensureDir (184-186) use fully empty 'catch { return null/false }' blocks that discard the filesystem error entirely. A failed received-invoice save/read/delete on the network share leaves no server-side trace, again violating the 'never silently swallow' rule.
|
||||||
|
- **fix:** Log the caught error (with the resolved path) before returning null/false/error-string. As with nas-file-manager, thread the Fastify logger in or log the returned error at the route layer. The empty 'catch {}' forms at 151/163/184 are the worst offenders — they should at least preserve the error variable and log it.
|
||||||
|
|
||||||
|
### 4. [HIGH/needs-judgment] plan.ts admin check reads non-existent authData.role field — admins cannot see other users' plan rows
|
||||||
|
- **dimension:** routes
|
||||||
|
- **where:** src/routes/admin/plan.ts:43-45; src/routes/admin/plan.ts:120; src/routes/admin/plan.ts:142; src/services/plan.service.ts:780; src/services/plan.service.ts:799; src/types/index.ts:51
|
||||||
|
- **problem:** isAdminLike() does `return authData?.role === 'admin'`, but the AuthData interface (src/types/index.ts:51) has `roleName`, not `role`. Every other consumer in the codebase uses `roleName` (middleware/auth.ts:47,69; users.ts:109; services/auth.ts). So `authData.role` is always undefined and isAdminLike() always returns false. It is passed as the `isAdmin` argument to listEntries()/listOverrides() (plan.ts:120,142), where plan.service.ts:780/799 do `effectiveUserId = isAdmin ? query.user_id : actorUserId`. Net effect: GET /plan/entries and GET /plan/overrides silently ignore the user_id query param for everyone, including admins, so an admin can never read another employee's raw plan/override rows. (Security direction is safe — it over-restricts rather than leaking — but the feature is broken for admins.)
|
||||||
|
- **fix:** Change isAdminLike to use the documented role/permission model: either `authData?.roleName === 'admin'` to match middleware/auth.ts, or better, check the relevant permission (e.g. authData.permissions.includes('attendance.manage')) consistent with how trips.ts:22 and attendance.ts:208 distinguish admin vs self. Also drop the `any` type on the parameter and type it as AuthData.
|
||||||
|
|
||||||
|
### 5. [HIGH/needs-judgment] `any`-typed param hides admin-scoping bug: isAdminLike reads nonexistent `authData.role`
|
||||||
|
- **dimension:** ts-safety
|
||||||
|
- **where:** src/routes/admin/plan.ts:43; src/routes/admin/plan.ts:44; src/routes/admin/plan.ts:120; src/routes/admin/plan.ts:142; src/types/index.ts:44; src/services/plan.service.ts:780; src/services/plan.service.ts:799
|
||||||
|
- **problem:** `isAdminLike(authData: any)` returns `authData?.role === "admin"`. The `AuthData` type (types/index.ts:44) has NO `role` field — the admin role is on `roleName` (used correctly everywhere else: auth.ts:47/69, users.ts:109). Because the parameter is typed `any`, the compiler cannot flag that `.role` is always `undefined`, so `isAdminLike` always returns `false`. It is passed as the `isAdmin` arg to `listEntries`/`listOverrides`, where `effectiveUserId = isAdmin ? query.user_id : actorUserId`. Result: an admin querying another user's plan is silently scoped to their own rows; the `user_id` query param is ignored for everyone. The `any` is the direct cause the type system did not catch the `role` vs `roleName` typo.
|
||||||
|
- **fix:** Type the parameter as `AuthData | null | undefined` (or reuse the existing `roleName === "admin"` convention) and change the comparison to `authData?.roleName === "admin"`. This both fixes the bug and lets the compiler verify the field exists. Add/confirm a list-scoping test for the cross-user admin case.
|
||||||
|
|
||||||
|
### 6. [MEDIUM/needs-judgment] Domain label maps duplicated verbatim across frontend files (and diverging)
|
||||||
|
- **dimension:** config-structure
|
||||||
|
- **where:** src/admin/utils/dashboardHelpers.ts:1-47; src/admin/pages/AuditLog.tsx:17-66; src/admin/utils/attendanceHelpers.ts:80-97; src/admin/components/ShiftFormModal.tsx:338-340
|
||||||
|
- **problem:** ENTITY_TYPE_LABELS and ACTION_LABELS exist as near-identical copies in dashboardHelpers.ts and AuditLog.tsx, and have already diverged: ACTION_LABELS.create is 'Vytvoreni' in AuditLog but 'Vytvoril' in dashboardHelpers, and AuditLog's copy has extra entries (view, activate, deactivate, password_change, ...). Separately, leave-type labels (vacation->'Dovolena', sick->'Nemoc', unpaid->'Neplacene volno') are repeated in dashboardHelpers.ts:2-4, attendanceHelpers.ts:83-85, and inline <option> values in ShiftFormModal.tsx. There is no shared constants module, so these will keep drifting.
|
||||||
|
- **fix:** Extract one constants module (e.g. src/admin/constants/labels.ts) holding ENTITY_TYPE_LABELS, ACTION_LABELS, LEAVE_TYPE_LABELS and import it everywhere; ideally co-locate with the shared EntityType list from the audit-labels finding.
|
||||||
|
|
||||||
|
### 7. [MEDIUM/safe-auto] Undefined CSS variable --danger-color used in base.css
|
||||||
|
- **dimension:** css
|
||||||
|
- **where:** src/admin/base.css:268
|
||||||
|
- **problem:** .admin-error-stack sets color: var(--danger-color), but no file defines --danger-color (variables.css defines --danger, --error, --accent-color, etc., but never --danger-color). The property has no fallback, so the error-stack text color resolves to the inherited/initial color instead of the intended danger red. This is a copy-paste/naming bug, not an intentional choice.
|
||||||
|
- **fix:** Change to color: var(--danger) (the intended token). Optionally add a --danger-color alias in variables.css if other call sites expect it, but a grep shows base.css:268 is the only consumer.
|
||||||
|
|
||||||
|
### 8. [MEDIUM/needs-judgment] Duplicated badge color recipe across 5 feature areas
|
||||||
|
- **dimension:** css
|
||||||
|
- **where:** src/admin/components.css:142; src/admin/components.css:160; src/admin/components.css:178; src/admin/invoices.css:5; src/admin/attendance.css:333
|
||||||
|
- **problem:** The same status-badge formula — background: color-mix(in srgb, var(--X) 15%, transparent); color: var(--X) — is hand-repeated for every semantic color across leave badges (badge-pending/approved/rejected, components.css:142-152), order badges (admin-badge-order-*, :160-174), project badges (admin-badge-project-*, :178-188), invoice badges (admin-badge-invoice-*, invoices.css:5-17), and attendance leave badges (badge-vacation/sick/holiday, attendance.css:333-345). E.g. info-15% is duplicated 4x and danger-15% 4x. Worse, the recipe is inconsistent with the generic badges right above it: admin-badge-success/info/danger (components.css:106-128) use the --*-soft tokens instead of color-mix 15%, so two different visual recipes exist for the same semantic 'success/danger badge'.
|
||||||
|
- **fix:** Introduce semantic helper classes (e.g. .admin-badge-tone-success/info/warning/danger/muted) defined once, and have the leave/order/project/invoice/attendance status classes compose them, or apply the tone class in TSX. Pick one recipe (either --*-soft or color-mix 15%) so the same status reads identically everywhere. This removes ~20 near-identical rules.
|
||||||
|
|
||||||
|
### 9. [MEDIUM/needs-judgment] "Today" form defaults use UTC date (new Date().toISOString().split("T")[0]) → off-by-one in late evening
|
||||||
|
- **dimension:** dates
|
||||||
|
- **where:** src/admin/pages/InvoiceDetail.tsx:329; src/admin/pages/InvoiceDetail.tsx:331; src/admin/pages/Attendance.tsx:143; src/admin/pages/Attendance.tsx:144; src/admin/pages/Attendance.tsx:337; src/admin/pages/Attendance.tsx:338; src/admin/pages/AttendanceCreate.tsx:49; src/admin/pages/Trips.tsx:56; src/admin/pages/Trips.tsx:120; src/admin/components/dashboard/DashQuickActions.tsx:77
|
||||||
|
- **problem:** These default-date initializers compute today's date with new Date().toISOString().split("T")[0], which returns the UTC date. The whole app is intentionally Europe/Prague local time (config/env.ts), and Prague is always ahead of UTC. So between ~22:00–24:00 (summer) / ~23:00–24:00 (winter) local, UTC is still the previous day and the form pre-fills yesterday's date for trip_date, shift_date, leave date_from/date_to, invoice issue/tax dates. A user creating an attendance/trip/leave record late in the evening silently gets the wrong day.
|
||||||
|
- **fix:** Replace with a local-date string built from local getters. A correct helper already exists server-side (utils/date.ts localDateStr); add/import an equivalent frontend helper, e.g. `const d=new Date(); const today=`${d.getFullYear()}-${String(d.getMonth()+1).padStart(2,'0')}-${String(d.getDate()).padStart(2,'0')}``, and use it for every "today" default. Note InvoiceDetail.tsx:330 due_date = new Date(Date.now()+14*86400000).toISOString()... has the same issue and should derive from the local issue_date instead.
|
||||||
|
|
||||||
|
### 10. [MEDIUM/needs-judgment] Edit forms round-trip API date strings through new Date().toISOString() instead of string slicing
|
||||||
|
- **dimension:** dates
|
||||||
|
- **where:** src/admin/pages/InvoiceDetail.tsx:481; src/admin/pages/InvoiceDetail.tsx:484; src/admin/pages/InvoiceDetail.tsx:487; src/admin/pages/InvoiceDetail.tsx:658; src/admin/pages/ReceivedInvoices.tsx:373-377
|
||||||
|
- **problem:** When populating a date <input>/AdminDatePicker from an API value, these do new Date(inv.issue_date).toISOString().split("T")[0]. The API value is already a local-time string (Date.toJSON override drops the Z), so new Date() parses it as local, then toISOString() converts back to UTC. For @db.Date values (read back as UTC-midnight → local +1/+2h) this currently lands on the right day in Prague, but it is fragile: it depends on the offset always being positive and the time-of-day being near midnight. The codebase already has the correct, timezone-safe primitive — normalizeDateStr (src/admin/utils/attendanceHelpers.ts:309), which regex-slices the YYYY-MM-DD prefix off the string without ever constructing a Date.
|
||||||
|
- **fix:** Use normalizeDateStr(inv.issue_date) / a string slice for date-only fields instead of routing through new Date().toISOString(). For computedDueDate (InvoiceDetail.tsx:654-659) the date-only UTC math is self-consistent, but switching to plain string/day arithmetic via the same helper removes the latent risk.
|
||||||
|
|
||||||
|
### 11. [MEDIUM/needs-judgment] Raw API datetime string assigned to a native <input type=date> value (mobile blanks the field)
|
||||||
|
- **dimension:** dates
|
||||||
|
- **where:** src/admin/pages/Trips.tsx:140; src/admin/components/AdminDatePicker.tsx:92-96
|
||||||
|
- **problem:** openEditModal sets form.trip_date = trip.trip_date, but trip_date is a @db.Date serialized by the toJSON override as a full datetime string like "2026-06-05T02:00:00" (routes/admin/trips.ts returns the Prisma object directly). On desktop AdminDatePicker uses date-fns parse(val,"yyyy-MM-dd",...) which tolerates the trailing time, so it works. But on touch devices (AdminDatePicker.tsx:127-140) it renders <input type="date" value="2026-06-05T02:00:00">, which is not a valid date-input value — browsers show it blank, so the user appears to have no date and may submit an empty/changed value.
|
||||||
|
- **fix:** Normalize before seeding the form: trip_date: normalizeDateStr(trip.trip_date). More robustly, have AdminDatePicker's NativeInput coerce its value to the date prefix for mode="date" so any caller passing a datetime string is handled.
|
||||||
|
|
||||||
|
### 12. [MEDIUM/needs-judgment] markOverdueInvoices flips invoices to "overdue" on their due date (date-only column vs full now())
|
||||||
|
- **dimension:** dates
|
||||||
|
- **where:** src/services/invoices.service.ts:78-85
|
||||||
|
- **problem:** due_date is a @db.Date column (stored at UTC-midnight, e.g. 2026-06-06T00:00:00Z for "due 2026-06-06"). The query `due_date: { lt: new Date() }` compares it against the current full timestamp. Any time after local midnight on the due day, now() (e.g. 2026-06-06T06:00Z) is already greater than the stored UTC-midnight, so an invoice due *today* is immediately marked overdue. An invoice is normally not overdue until the day after its due date.
|
||||||
|
- **fix:** Compare against local start-of-today, not now(): build today = new Date(y,m,d,0,0,0) from local getters and use `due_date: { lt: today }` (and the reverse branch `gte: today`). This makes the boundary inclusive of the due day. Confirm the intended business rule with the user (due-day inclusive vs exclusive) before changing.
|
||||||
|
|
||||||
|
### 13. [MEDIUM/needs-judgment] Three PDF route files duplicate the same helper set (escapeHtml, formatNum, formatCurrency, formatDate, cleanQuillHtml, DOMPurify bootstrap)
|
||||||
|
- **dimension:** deadcode
|
||||||
|
- **where:** src/routes/admin/invoices-pdf.ts:14; src/routes/admin/invoices-pdf.ts:19; src/routes/admin/invoices-pdf.ts:26; src/routes/admin/invoices-pdf.ts:35; src/routes/admin/invoices-pdf.ts:44; src/routes/admin/orders-pdf.ts:12; src/routes/admin/orders-pdf.ts:34; src/routes/admin/orders-pdf.ts:41; src/routes/admin/orders-pdf.ts:50; src/routes/admin/orders-pdf.ts:59; src/routes/admin/offers-pdf.ts:11; src/routes/admin/offers-pdf.ts:14; src/routes/admin/offers-pdf.ts:22; src/routes/admin/offers-pdf.ts:31; src/routes/admin/offers-pdf.ts:51; src/routes/admin/offers-pdf.ts:61
|
||||||
|
- **problem:** All three PDF generation routes independently define near-identical formatDate, formatNum, escapeHtml, and cleanQuillHtml functions, plus the same `const window = new JSDOM('').window; const DOMPurify = createDOMPurify(window);` bootstrap. The duplication has already caused a real divergence: orders-pdf.ts (formatNum, line 45) uses a regular ASCII space ' ' for the thousands separator, while invoices-pdf.ts (line 30) and offers-pdf.ts (line 26) use a non-breaking space ' '. This is exactly the failure mode duplication creates — the copies drift and produce inconsistent output (orders invoices can line-wrap mid-number where the others won't). cleanQuillHtml/escapeHtml are security-sensitive sanitizers, so divergence here is more than cosmetic.
|
||||||
|
- **fix:** Extract the shared PDF helpers into a single module (e.g. src/utils/pdf-format.ts or extend src/utils/html-to-pdf.ts): escapeHtml, formatNum(value, decimals), formatCurrency, formatDate, cleanQuillHtml, and a shared DOMPurify instance. Import them in all three *-pdf.ts files. Pick one canonical thousands separator (the non-breaking space is correct for print) so output is consistent across invoice/order/offer PDFs.
|
||||||
|
|
||||||
|
### 14. [MEDIUM/safe-auto] English user-facing API error strings in attendance route
|
||||||
|
- **dimension:** i18n
|
||||||
|
- **where:** src/routes/admin/attendance.ts:188; src/routes/admin/attendance.ts:196
|
||||||
|
- **problem:** Two error() responses send raw English to the client: error(reply, "Missing attendance_id", 400) and error(reply, "Missing id", 400). Every other validation/not-found message in this file and across all routes is Czech (e.g. "Záznam nenalezen", "Nedostatečná oprávnění"). error() sends the string straight into the API envelope, so a user hitting these endpoints without the param sees an English message.
|
||||||
|
- **fix:** Replace with Czech equivalents, e.g. "Chybí ID docházky" and "Chybí ID" (or reuse the existing parseId/"Neplatné ID" pattern). Mechanical, no behavior change.
|
||||||
|
|
||||||
|
### 15. [MEDIUM/needs-judgment] Frontend query layer throws English errors that render in the UI
|
||||||
|
- **dimension:** i18n
|
||||||
|
- **where:** src/admin/lib/queries/projects.ts:96; src/admin/lib/queries/projects.ts:102; src/admin/lib/apiAdapter.ts:16; src/admin/lib/apiAdapter.ts:23; src/admin/lib/apiAdapter.ts:27; src/admin/lib/apiAdapter.ts:52; src/admin/lib/apiAdapter.ts:64; src/admin/lib/apiAdapter.ts:68; src/admin/lib/queries/mutations.ts:51; src/admin/lib/queries/mutations.ts:56; src/admin/components/ProjectFileManager.tsx:230
|
||||||
|
- **problem:** The TanStack Query helpers throw new Error with English literals: "Unauthorized", "Invalid JSON response", and `Request failed (${status})`. ProjectFileManager.tsx:230-232 renders filesError.message verbatim (only falling back to the Czech "Nepodařilo se načíst soubory" when message is empty), so on a 401 or non-JSON/unknown-status response the user sees English ("Unauthorized", "Request failed (500)"). ErrorBoundary.tsx:30 likewise renders error.message under a Czech heading. The server-supplied result.error is Czech, but these client-side fallbacks are not. Note projects.ts:94 already does this right with the Czech "Chyba připojení", making the English siblings inconsistent.
|
||||||
|
- **fix:** Czech-ify the user-visible fallbacks: "Unauthorized" -> e.g. "Přihlášení vypršelo" / "Nejste přihlášeni", "Request failed (n)" -> "Požadavek selhal (n)", "Invalid JSON response" -> "Neplatná odpověď serveru". These are user-facing message strings, not error codes, so translating them is safe; just confirm no code branches on the literal message text (none observed).
|
||||||
|
|
||||||
|
### 16. [MEDIUM/needs-judgment] Service-layer logging uses console.* instead of the configured Fastify/pino logger
|
||||||
|
- **dimension:** logging
|
||||||
|
- **where:** src/services/audit.ts:57; src/services/mailer.ts:34; src/services/invoices.service.ts:88; src/services/exchange-rates.ts:47; src/services/leave-notification.ts:120; src/services/invoice-alerts.ts:220; src/services/invoice-alerts.ts:224; src/services/plan.service.ts:168; src/utils/totp.ts:27; src/services/auth.ts:363
|
||||||
|
- **problem:** server.ts:40-41 configures a pino logger (level 'warn' in production, 'info' in dev) and routes correctly use request.log.*/app.log.*. But every service/util logs via console.error/warn/log. These messages bypass pino's structured JSON output, log-level filtering (in production console.log/info still print regardless of the 'warn' level), and any future log transport/aggregation. CLAUDE.md's error-handling guidance explicitly shows app.log.error(e, 'context') as the pattern. invoice-alerts.ts:224 and plan.service.ts:168 in particular emit console.log/console.warn that will print in production despite the configured warn level.
|
||||||
|
- **fix:** Standardize service logging on the Fastify logger. Since services are plain functions without app context, the cleanest fix is to pass the request/logger into service calls that can log, or export a shared logger instance (e.g. the pino instance from the app) that services import. The CLAUDE.md known-issue list already flags 'Mixed error patterns'; this is the logging analogue. If a full refactor is out of scope, at least demote informational console.log calls (invoice-alerts.ts:224) so they don't spam production stdout.
|
||||||
|
|
||||||
|
### 17. [MEDIUM/needs-judgment] markOverdueInvoices swallows DB failure and returns void, so the route treats failure as success
|
||||||
|
- **dimension:** logging
|
||||||
|
- **where:** src/services/invoices.service.ts:76; src/services/invoices.service.ts:87; src/routes/admin/invoices.ts:37
|
||||||
|
- **problem:** markOverdueInvoices() wraps two updateMany calls in try/catch, logs to console.error on failure, and returns nothing. It is invoked from an onRequest hook (invoices.ts:33-39) on every GET (throttled hourly). Because the error is fully swallowed and not surfaced, a persistent DB failure to flip overdue statuses is invisible to the request path and only visible via console (which, per the previous finding, isn't even in the structured log). The throttled best-effort design is reasonable, but the failure should be logged through the Fastify logger that the hook has access to (request.log).
|
||||||
|
- **fix:** Either keep the best-effort behavior but pass request.log into markOverdueInvoices (or log at the hook: wrap the await in try/catch and request.log.error(err, 'markOverdueInvoices failed')), so failures land in the structured production log instead of bare console.error. Do not change it to throw — that would break unrelated GET requests.
|
||||||
|
|
||||||
|
### 18. [MEDIUM/needs-judgment] camelCase 'plan*' files break the kebab-case convention of the backend src/ tree
|
||||||
|
- **dimension:** naming
|
||||||
|
- **where:** src/schemas/planCategory.schema.ts; src/services/planCategory.service.ts; src/utils/planAuditDescription.ts; src/utils/planAuditDescription.test.ts; src/services/planCategory.test.ts
|
||||||
|
- **problem:** The backend src/ tree (excluding src/admin) is kebab-case for 94 of 99 .ts files. Sibling files in the same directories establish the convention clearly: src/schemas uses bank-accounts.schema.ts, received-invoices.schema.ts, scope-templates.schema.ts; src/services uses exchange-rates.ts, nas-file-manager.ts, invoice-alerts.ts; src/utils uses czech-holidays.ts, html-to-pdf.ts. The only 5 camelCase backend files are this 'plan' feature cluster (planCategory.schema.ts, planCategory.service.ts, planAuditDescription.ts plus two test files). Note the same feature's other files DO follow the convention (plan.schema.ts, plan.service.ts), so this is internal inconsistency within one feature, not a sub-convention.
|
||||||
|
- **fix:** Rename to kebab-case to match the directory convention: plan-category.schema.ts, plan-category.service.ts, plan-audit-description.ts (and matching .test.ts files), updating their import paths. Mechanical but touches importers, so verify references after renaming.
|
||||||
|
|
||||||
|
### 19. [MEDIUM/needs-judgment] createInvoice header and items not atomic
|
||||||
|
- **dimension:** prisma
|
||||||
|
- **where:** src/services/invoices.service.ts:345-388
|
||||||
|
- **problem:** invoices.create then a separate invoice_items.createMany with no transaction; a failure leaves a header without items plus a consumed sequence. updateInvoice 469-485, createOrder, createOffer all wrap header and children in a transaction.
|
||||||
|
- **fix:** Wrap both writes in one transaction; move generateInvoiceNumber inside it.
|
||||||
|
|
||||||
|
### 20. [MEDIUM/needs-judgment] N1 in getBelowMinimumItems per-item aggregate in a loop
|
||||||
|
- **dimension:** prisma
|
||||||
|
- **where:** src/services/warehouse.service.ts:232-261; src/services/warehouse.service.ts:199-205
|
||||||
|
- **problem:** getItemTotalStock with item.id called inside the loop; each runs its own sklad_batches aggregate, N1 round trips scaling with the catalog.
|
||||||
|
- **fix:** One sklad_batches groupBy on item_id with is_consumed false summing quantity; build an id to total map; filter in memory.
|
||||||
|
|
||||||
|
### 21. [MEDIUM/manual] useAttendanceAdmin hook bypasses TanStack Query and hand-rolls fetching (with silent catches + race condition)
|
||||||
|
- **dimension:** react
|
||||||
|
- **where:** src/admin/hooks/useAttendanceAdmin.ts:818; src/admin/hooks/useAttendanceAdmin.ts:837; src/admin/hooks/useAttendanceAdmin.ts:866; src/admin/hooks/useAttendanceAdmin.ts:915
|
||||||
|
- **problem:** The whole AttendanceAdmin data layer loads projects, users, attendance records and leave balances with manual apiFetch inside useEffect + useState, instead of the TanStack Query pattern the rest of the app standardizes on (lib/queries/*). Consequences: (a) no caching/dedupe/refetch story consistent with other pages; (b) the load effects swallow errors with empty `catch { /* silent */ }` blocks (lines 827-829, 856-858), which also violates the project's 'never silently swallow errors' rule; (c) fetchData (line 866) re-runs on every month/filterUserId change with no abort or ignore flag, so a slow earlier response can overwrite a newer one — exactly the race the React docs warn about for effect-based fetching. The kept eslint-disable on the deps (line 909) is a symptom of fighting the linter rather than modeling this as a query.
|
||||||
|
- **fix:** Migrate these loads to useQuery options in src/admin/lib/queries/attendance.ts (projectListOptions, attendanceUsersOptions, attendance records keyed by [month,filterUserId], balances keyed by year). That removes all four effects, the manual loading state, the silent catches, and the race condition for free. If a full migration is out of scope now, at minimum add an `ignore`/AbortController guard in fetchData and log the caught errors via the alert/log path instead of empty catches.
|
||||||
|
|
||||||
|
### 22. [MEDIUM/needs-judgment] Array index used as React key on editable, mutable lists
|
||||||
|
- **dimension:** react
|
||||||
|
- **where:** src/admin/components/OrderConfirmationModal.tsx:247; src/admin/pages/OfferDetail.tsx:1500
|
||||||
|
- **problem:** Both lists render rows with controlled inputs and support remove/add (and OfferDetail also reorders) yet key by index. OrderConfirmationModal: items.map((item,i)=><tr key={i}>) with updateItem(i,...) and removeItem via prev.filter((_,i)=>i!==index) (line 88). OfferDetail: sections.map((section,idx)=><div key={idx}>) with delete via prev.filter((_,i)=>i!==idx) (line 1594) and swap-reorder (lines 1540/1567). Per React docs, indices as keys on a list whose order/length changes cause React to reuse the wrong DOM node and component state — here that means after deleting a row the input values/focus shift to the wrong row. This is a genuine correctness bug, not a style nit.
|
||||||
|
- **fix:** Key by a stable id. ConfirmationItem/ScopeSection should carry a stable client id (e.g. crypto.randomUUID() assigned when the row is created, or the server item id when present) and use key={item.id}. Read-only, non-reordering tables (Warehouse recentMovements, WarehouseReports rows) can keep index keys but ideally use the row's domain id.
|
||||||
|
|
||||||
|
### 23. [MEDIUM/needs-judgment] Inconsistent modal implementation: FormModal/ConfirmModal vs hand-rolled overlays with diverging accessibility
|
||||||
|
- **dimension:** react
|
||||||
|
- **where:** src/admin/components/FormModal.tsx:88; src/admin/components/dashboard/DashProfile.tsx:266; src/admin/components/dashboard/DashProfile.tsx:405; src/admin/components/dashboard/DashProfile.tsx:660; src/admin/components/dashboard/DashQuickActions.tsx:321; src/admin/components/BulkAttendanceModal.tsx:47; src/admin/components/ShiftFormModal.tsx:252; src/admin/components/OrderConfirmationModal.tsx:108; src/admin/pages/WarehouseLocations.tsx:339; src/admin/pages/Attendance.tsx:936
|
||||||
|
- **problem:** There are two good reusable modal primitives (FormModal handles body-scroll lock, Esc-to-close, role=dialog/aria-modal/aria-labelledby, focus-grouped footer; ConfirmModal similar), but at least 7 components reimplement the admin-modal-overlay + backdrop + motion markup by hand with inconsistent behavior. DashProfile's three modals (lines 266/405/660) and DashQuickActions (line 321) omit role="dialog", aria-modal, and aria-labelledby entirely; none of the hand-rolled overlays wire Esc-to-close (only FormModal/ConfirmModal do). BulkAttendanceModal/ShiftFormModal/OrderConfirmationModal include the ARIA roles but still lack Esc handling. The result is duplicated markup and an accessibility/UX behavior that varies modal-to-modal.
|
||||||
|
- **fix:** For the smaller content modals (DashProfile edit-profile, 2FA setup/disable, DashQuickActions trip modal) switch to FormModal — they fit its API and would inherit Esc/lock/ARIA. For the large complex forms (ShiftFormModal, BulkAttendanceModal, OrderConfirmationModal) where FormModal's per-child stagger animation is awkward, factor the overlay+backdrop+Esc+ARIA shell into a shared ModalShell component and have these consume it, so a11y/Esc behavior is uniform. At minimum, add role="dialog"/aria-modal/aria-labelledby to the DashProfile/DashQuickActions overlays.
|
||||||
|
|
||||||
|
### 24. [MEDIUM/safe-auto] Raw reply.send({ success: true, ... }) used instead of success()/paginated() helpers
|
||||||
|
- **dimension:** routes
|
||||||
|
- **where:** src/routes/admin/attendance.ts:32; src/routes/admin/attendance.ts:108; src/routes/admin/attendance.ts:118; src/routes/admin/attendance.ts:128; src/routes/admin/attendance.ts:142; src/routes/admin/attendance.ts:165; src/routes/admin/attendance.ts:179; src/routes/admin/attendance.ts:190; src/routes/admin/attendance.ts:203; src/routes/admin/attendance.ts:235; src/routes/admin/trips.ts:73; src/routes/admin/leave-requests.ts:57; src/routes/admin/invoices.ts:62; src/routes/admin/projects.ts:41; src/routes/admin/received-invoices.ts:80; src/routes/admin/customers.ts:100
|
||||||
|
- **problem:** CLAUDE.md explicitly states: 'Use the success() and error() helpers in routes — never write raw reply.send().' Many handlers hand-roll the envelope. The paginated-list cases (attendance.ts:235, trips.ts:73, leave-requests.ts:57, invoices.ts:62, projects.ts:41, received-invoices.ts:80, customers.ts:100) duplicate exactly what paginated(reply, data, meta) produces; the single-object cases (attendance.ts:32,108,118,...) duplicate success(reply, data). This is purely a consistency/maintainability gap (the shapes happen to match today), but it bypasses the central helper, so any future change to the response envelope or status handling won't propagate.
|
||||||
|
- **fix:** Replace the raw `return reply.send({ success: true, data, pagination })` calls with `return paginated(reply, data, buildPaginationMeta(total, page, limit))`, and `return reply.send({ success: true, data })` with `return success(reply, data)`. attendance.ts and customers.ts already import these helpers; trips/leave-requests/invoices/projects/received-invoices import paginated where needed.
|
||||||
|
|
||||||
|
### 25. [MEDIUM/needs-judgment] Session-termination mutations have no audit logging
|
||||||
|
- **dimension:** routes
|
||||||
|
- **where:** src/routes/admin/sessions.ts:80-99; src/routes/admin/sessions.ts:102-127
|
||||||
|
- **problem:** DELETE /sessions/:id (revoke a specific refresh token) and DELETE /sessions?action=all (revoke all other sessions) mutate security-relevant state — they invalidate refresh tokens — but call no logAudit(). CLAUDE.md and the database conventions say data that is created/updated/deleted should be audit-logged, and these are exactly the kind of security events (forced logout / session revocation) that belong in the forensic trail. Every other mutating route in the module logs an audit entry; these two are the notable omissions among security-sensitive endpoints.
|
||||||
|
- **fix:** Add logAudit() calls after the successful update/updateMany in both handlers (e.g. action 'delete' or 'logout', entityType 'session' or 'refresh_token', entityId the session id for the single case), mirroring the audit pattern used in totp.ts and auth.ts for login/logout events.
|
||||||
|
|
||||||
|
### 26. [MEDIUM/needs-judgment] Two competing mutation patterns coexist; ~27 raw apiFetch mutations bypass useApiMutation
|
||||||
|
- **dimension:** rq-data
|
||||||
|
- **where:** src/admin/lib/queries/mutations.ts:88; src/admin/pages/WarehouseReservations.tsx:106; src/admin/pages/WarehouseReservations.tsx:136; src/admin/pages/Invoices.tsx:208; src/admin/pages/Invoices.tsx:234; src/admin/pages/Offers.tsx:222; src/admin/pages/OfferDetail.tsx:734; src/admin/pages/OfferDetail.tsx:757; src/admin/pages/OfferDetail.tsx:782; src/admin/hooks/useAttendanceAdmin.ts:1039
|
||||||
|
- **problem:** The project ships a dedicated useApiMutation hook (mutations.ts) that wraps useMutation + apiFetch + envelope unwrapping + broad invalidation, and it is adopted in 34 files. But 14 files (~27 call sites) still hand-roll the same flow: `const response = await apiFetch(url,{method:...}); const result = await response.json(); if(result.success){ queryClient.invalidateQueries(...); alert.success(...) } else { alert.error(...) } } catch { alert.error('Chyba připojení') }`. This duplicates exactly what useApiMutation centralizes (error throwing as ApiError, success/error branching, invalidation), and the two paths diverge in behavior: useApiMutation throws typed ApiError with .status so callers can branch on HTTP code, whereas the raw path collapses all failures into a generic Czech 'Chyba připojení' string and never exposes status. This is the dominant inconsistency in the data layer. TanStack v5 docs document the useMutation→onSuccess→invalidateQueries flow that useApiMutation implements; the raw path is the non-idiomatic outlier.
|
||||||
|
- **fix:** Standardize new and touched mutations on useApiMutation (pass `invalidate: ["warehouse"]` etc. instead of manual invalidateQueries, and use mutate/mutateAsync's onSuccess/onError for UI side-effects). Migrate the raw-apiFetch mutation sites incrementally, starting with the simplest CRUD pages (WarehouseReservations, Invoices delete/toggleStatus). Document useApiMutation as the canonical mutation entry point in CLAUDE.md's Frontend Conventions so the pattern stops regrowing.
|
||||||
|
|
||||||
|
### 27. [MEDIUM/safe-auto] Broad-domain invalidation convention violated: OfferDetail uses narrow ["offers","list"]
|
||||||
|
- **dimension:** rq-data
|
||||||
|
- **where:** src/admin/pages/OfferDetail.tsx:681; src/admin/pages/OfferDetail.tsx:693; src/admin/pages/OfferDetail.tsx:739; src/admin/pages/OfferDetail.tsx:765; src/admin/pages/OfferDetail.tsx:792; src/admin/pages/Offers.tsx:227
|
||||||
|
- **problem:** CLAUDE.md mandates invalidating the broad domain key (`["offers"]` over `["offers","list"]`) because React Query prefix-matches. OfferDetail.tsx invalidates the narrow key `["offers","list"]` in five handlers (save edit/create, create order, invalidate, delete), while the sibling Offers.tsx (line 227) and CompanySettings.tsx (line 437) correctly invalidate broad `["offers"]`. Consequence: the narrow key does NOT prefix-match the offer-detail cache entry `["offers", id]` (offerDetailOptions, offers.ts:144) nor `["offers","next-number"]`, so after editing an offer the detail query for OTHER offers / next-number stays stale until refetched by other means. The TanStack v5 docs' prefix-match example (`invalidateQueries({queryKey:['projects']})`) is the exact rationale CLAUDE.md cites — OfferDetail is the lone violator.
|
||||||
|
- **fix:** Change the five `["offers","list"]` invalidations in OfferDetail.tsx to broad `["offers"]` to match the convention and the rest of the offers code. (The delete handler additionally removeQueries(["offers",id]) which is fine to keep.) Mechanical and behavior-safe: broadening only marks more inactive queries stale; active ones already refetch.
|
||||||
|
|
||||||
|
### 28. [MEDIUM/manual] useAttendanceAdmin runs a parallel data system instead of query factories / useApiMutation
|
||||||
|
- **dimension:** rq-data
|
||||||
|
- **where:** src/admin/hooks/useAttendanceAdmin.ts:1049; src/admin/hooks/useAttendanceAdmin.ts:1050; src/admin/hooks/useAttendanceAdmin.ts:1121; src/admin/hooks/useAttendanceAdmin.ts:1256; src/admin/hooks/useAttendanceAdmin.ts:1286
|
||||||
|
- **problem:** This 1200+ line hook does its own data orchestration: each mutation does `queryClient.invalidateQueries(["attendance"])` AND `await fetchData(false)` AND `await new Promise(r=>setTimeout(r,300))` to wait for the manual refetch (e.g. lines 1049-1052, 1121-1123). It runs a hand-rolled `fetchData` alongside React Query rather than relying on the attendance.ts queryOptions factories and letting invalidation drive refetch. The fixed 300ms sleep is a race-condition smell (it guesses how long the refetch takes) and the double invalidate+fetchData duplicates work. This is the single largest divergence from the otherwise-consistent data layer.
|
||||||
|
- **fix:** Treat as a larger refactor (out of scope for safe-auto): migrate the hook's reads to the attendance.ts queryOptions factories and its writes to useApiMutation so invalidation alone drives refetch, removing fetchData and the setTimeout(300). At minimum, drop the redundant manual fetchData+sleep where invalidateQueries already covers it. Flag for a dedicated cleanup ticket.
|
||||||
|
|
||||||
|
### 29. [MEDIUM/needs-judgment] Three coercion idioms duplicated ~150+ times instead of shared helpers
|
||||||
|
- **dimension:** schemas
|
||||||
|
- **where:** src/schemas/common.ts (only has parseBody); src/schemas/invoices.schema.ts:5-33; src/schemas/orders.schema.ts:6-27; src/schemas/warehouse.schema.ts:85-219; src/schemas/attendance.schema.ts:19-145; src/schemas/settings.schema.ts:15-62; src/schemas/trips.schema.ts:4-37; src/schemas/vehicles.schema.ts:8-39; src/schemas/bank-accounts.schema.ts:14-34; src/schemas/received-invoices.schema.ts:5-60
|
||||||
|
- **problem:** The same three sub-schemas are copy-pasted across nearly every file: (1) number-from-form `z.union([z.number(), z.string()]).transform((v) => Number(v))`, (2) its nullable form `z.union([z.number(), z.string(), z.null()]).transform((v) => (v === null ? null : Number(v)))`, and (3) boolean-from-form `z.preprocess((v) => v === true || v === 1 || v === '1', z.boolean())`. There are 150+ occurrences. common.ts only exports parseBody — no shared id/number/bool/date primitives exist, even though plan.schema.ts (intFromForm/isoDate) and planCategory.schema.ts (hexColor) already prove the team knows how to factor these out locally. This is the single biggest source of drift: any fix to coercion behavior must be applied in dozens of places.
|
||||||
|
- **fix:** Add shared exports to src/schemas/common.ts, e.g. `numFromForm`, `nullableNumFromForm`, `boolFromForm`, `idFromForm`, `isoDate`, and import them everywhere. Zod 4 (in use here, v4.3.6) provides `z.coerce.number()` and `z.stringbool()` which replace idioms (1) and (3) outright; per Zod 4 docs `z.stringbool()` throws on unrecognized strings (safer than the silent preprocess). Consolidating also lets you fix the NaN bug (next finding) in one spot.
|
||||||
|
|
||||||
|
### 30. [MEDIUM/needs-judgment] Number coercion silently produces NaN (no validation guard in most files)
|
||||||
|
- **dimension:** schemas
|
||||||
|
- **where:** src/schemas/trips.schema.ts:4,12-13; src/schemas/vehicles.schema.ts:8-17,29-34; src/schemas/invoices.schema.ts:26-29,48-52,89-92; src/schemas/settings.schema.ts:15-62; src/schemas/attendance.schema.ts:20-37,90-129; src/schemas/received-invoices.schema.ts:5-6,35-60; src/schemas/bank-accounts.schema.ts:14-18,31-34
|
||||||
|
- **problem:** Most `.transform((v) => Number(v))` coercions have no follow-up refine, so a non-numeric string parses to `NaN` and passes validation. e.g. CreateTripSchema vehicle_id/start_km/end_km (trips.schema.ts:4,12,13) accept garbage as NaN; settings break_threshold_hours, clock_rounding_minutes, max_login_attempts etc. all coerce to NaN silently. Notably this is applied INCONSISTENTLY: orders.schema.ts and offers.schema.ts DO add `.refine((v) => !Number.isNaN(v), ...)` after every numeric transform, and invoices.schema.ts:8-12 throws inside the transform for quantity — so the same project has three different behaviors for the identical concern. NaN then flows into Prisma/business logic.
|
||||||
|
- **fix:** Standardize on one safe numeric primitive (ideally the shared helper from the previous finding) that rejects NaN — e.g. `z.coerce.number()` which natively errors on non-numeric input, or `.refine((v) => !Number.isNaN(v))`. Apply it uniformly so trips/vehicles/settings/attendance match the stricter orders/offers behavior.
|
||||||
|
|
||||||
|
### 31. [MEDIUM/needs-judgment] Email validation applied inconsistently across schemas
|
||||||
|
- **dimension:** schemas
|
||||||
|
- **where:** src/schemas/users.schema.ts:5,21; src/schemas/profile.schema.ts:4; src/schemas/customers.schema.ts (no email field, but); src/schemas/warehouse.schema.ts:30,42; src/schemas/settings.schema.ts:38-41
|
||||||
|
- **problem:** Email fields are validated as proper emails only in users.schema.ts and profile.schema.ts via `z.string().email(...)`. Other schemas that accept email-typed data use plain `z.string().nullish()` with no format check: warehouse supplier `email` (warehouse.schema.ts:30,42), and company-settings `invoice_alert_email`, `leave_notify_email`, `smtp_from` (settings.schema.ts:38-40). The notify/alert emails in settings are used to actually send mail, so an invalid value is a silent operational failure.
|
||||||
|
- **fix:** Apply email-format validation to the email-typed fields in warehouse and settings schemas (e.g. `z.string().email(...).nullish()`, allowing empty/null). Note: Zod 4 prefers the top-level `z.email()` over the now-deprecated `z.string().email()`; consider migrating the existing users/profile usages too for consistency.
|
||||||
|
|
||||||
|
### 32. [MEDIUM/needs-judgment] Services return error with no status, forcing routes to hardcode or cast the HTTP code
|
||||||
|
- **dimension:** svc-errors
|
||||||
|
- **where:** src/services/attendance.service.ts:376; src/routes/admin/attendance.ts:50; src/routes/admin/projects.ts:73; src/routes/admin/quotations.ts:286
|
||||||
|
- **problem:** Many service functions return an error object with NO status field, while the documented convention is error plus status. Routes compensate inconsistently: attendance hardcodes the status at the call site (400 at attendance.ts:50, 404 at :70 for the same shape), and projects/quotations cast result.status with as-any. The same conceptual error yields 400 from one route and 404 from another by call-site choice, not service intent.
|
||||||
|
- **fix:** Make every error path return error plus status. Then collapse route call sites to the uniform check already used by plan.ts, removing the as-any casts.
|
||||||
|
|
||||||
|
### 33. [MEDIUM/needs-judgment] String-sentinel error values decoded by routes instead of self-describing error plus status
|
||||||
|
- **dimension:** svc-errors
|
||||||
|
- **where:** src/services/invoices.service.ts:393; src/services/offers.service.ts:231; src/services/projects.service.ts:149; src/routes/admin/invoices.ts:165
|
||||||
|
- **problem:** updateInvoice, deleteProject and updateOffer return machine-codes as the error string (not_found, has_order, invalidated) without a status. The Czech message and HTTP status are reconstructed in the route via if/else chains ending in a fall-through 500 Neznama chyba. This splits one entity error vocabulary across two files and is easy to desync.
|
||||||
|
- **fix:** Return the final Czech message plus status directly, as updateOrder/createOffer already do. The route then needs only the uniform one-line check and the 500 fall-throughs disappear.
|
||||||
|
|
||||||
|
### 34. [MEDIUM/needs-judgment] Duplicated and contradictory `PaginationMeta` / pagination shape (3 definitions)
|
||||||
|
- **dimension:** ts-safety
|
||||||
|
- **where:** src/types/index.ts:85; src/admin/lib/apiAdapter.ts:33; src/admin/hooks/usePaginatedQuery.ts:8
|
||||||
|
- **problem:** The pagination response shape is declared three times with diverging fields. The server type `PaginationMeta` (types/index.ts:85) has `page, limit, per_page, total, total_pages`. The frontend `PaginationMeta` (apiAdapter.ts:33) drops `limit` entirely (`total, page, per_page, total_pages`). A third inline `PaginatedResult.pagination` (usePaginatedQuery.ts:8-16) re-declares the same fields again. These are independent definitions that can drift; the missing `limit` on the frontend copy means a consumer expecting the server contract is silently incompatible.
|
||||||
|
- **fix:** Pick one canonical `PaginationMeta` (the server one in types/index.ts is the contract) and have the frontend import/derive from it, or at minimum collapse apiAdapter.ts and usePaginatedQuery.ts onto a single shared interface so the `limit` discrepancy is resolved and can't drift.
|
||||||
|
|
||||||
|
### 35. [MEDIUM/needs-judgment] Missing return types on ~47 of 107 exported service functions force `as any` casts in routes
|
||||||
|
- **dimension:** ts-safety
|
||||||
|
- **where:** src/services/projects.service.ts:95; src/routes/admin/projects.ts:73; src/routes/admin/projects.ts:106; src/routes/admin/quotations.ts:286; src/services/users.service.ts:59; src/services/offers.service.ts:161; src/services/invoices.service.ts:339
|
||||||
|
- **problem:** Roughly 47 of 107 exported `async function`s in src/services have no explicit return type and rely on inference. For functions like `updateProject` (projects.service.ts:95) the inferred type is a union of `null | { error, status } | <prismaRow>`; after `"error" in result` narrowing the row branch still has no `status`, so route handlers reach for `(result as any).status ?? 400` (projects.ts:73, projects.ts:106, quotations.ts:286) to read a field the compiler can't guarantee. The `any` cast erases all type checking on the result at exactly the error-handling boundary. The standard `{ data } | { error, status }` service contract documented in CLAUDE.md is not enforced because the return type is left implicit.
|
||||||
|
- **fix:** Annotate service functions with an explicit discriminated return type (e.g. a shared `ServiceResult<T> = { data: T } | { error: string; status: number }`, or `Result<T>` like plan.service.ts:387 already defines). With a uniform `status` on the error branch, the `(result as any).status` casts in routes can be deleted and become type-safe. This is the systemic root cause of the route-level casts.
|
||||||
|
|
||||||
|
### 36. [MEDIUM/needs-judgment] Heavy `any` in usePlanWork mutations plus mutation-object monkey-patching (`(createEntry as any)._rolled`)
|
||||||
|
- **dimension:** ts-safety
|
||||||
|
- **where:** src/admin/hooks/usePlanWork.ts:235; src/admin/hooks/usePlanWork.ts:241; src/admin/hooks/usePlanWork.ts:261; src/admin/hooks/usePlanWork.ts:273; src/admin/hooks/usePlanWork.ts:322; src/admin/hooks/usePlanWork.ts:355; src/admin/hooks/usePlanWork.ts:388; src/admin/hooks/usePlanWork.ts:430; src/admin/hooks/usePlanWork.ts:457; src/admin/hooks/usePlanWork.ts:478
|
||||||
|
- **problem:** The plan-work optimistic-update hook is the single densest `any` site in the frontend (20 occurrences). Mutation `mutationFn`/`onSuccess` bodies and vars are typed `any` (e.g. `(body: any)`, `(data: any, body: any)`), and rollback state is stored by mutating the mutation object: `(createEntry as any)._rolled = rolled` (and 5 more `_rolled` writes). `qc.getQueryData<GridData>(currentGridKey as any)` also casts the typed query key away. This defeats type safety on the optimistic-update path where cell-patching correctness matters most, and the `_rolled` side-channel is invisible to the type system, so a typo in the property name would silently break rollback.
|
||||||
|
- **fix:** Type the mutation bodies with the request DTOs (the plan entry/override create/update shapes already exist in schemas/ and lib/queries/plan.ts) and `onSuccess` data with the API response type. Replace the `(mutation as any)._rolled` side-channel with React Query's `onMutate`/context return value (the supported, fully-typed rollback mechanism), which removes the casts.
|
||||||
|
|
||||||
|
### 37. [LOW/safe-auto] Configured @/* path alias is unused and not wired into the Vite/vitest build
|
||||||
|
- **dimension:** config-structure
|
||||||
|
- **where:** tsconfig.app.json:19-22; tsconfig.server.json:16-19; vite.config.ts:4-32; vitest.config.ts:5-14
|
||||||
|
- **problem:** Both tsconfig.app.json and tsconfig.server.json declare baseUrl:'.' with paths {'@/*':['src/*']}, but a search for imports from '@/' across src returns zero matches — the alias is dead config. Worse, if someone did adopt it, vite.config.ts and vitest.config.ts define no matching resolve.alias, so TypeScript would resolve it but the Vite client build and Vitest would fail at runtime. The codebase consistently uses relative imports instead.
|
||||||
|
- **fix:** Either remove the baseUrl/paths block from both tsconfigs to avoid implying an alias convention the bundler does not support, or commit to it by adding the matching resolve.alias in vite.config.ts/vitest.config.ts and migrating imports. Removal is the lower-risk option given current usage.
|
||||||
|
|
||||||
|
### 38. [LOW/needs-judgment] package.json db:push / db:pull scripts contradict the documented migration golden rule
|
||||||
|
- **dimension:** config-structure
|
||||||
|
- **where:** package.json:16-17; CLAUDE.md
|
||||||
|
- **problem:** CLAUDE.md states the golden rule 'NEVER use prisma db push' (it bypasses migration history and causes drift), yet package.json exposes "db:push": "prisma db push" (and "db:pull": "prisma db pull") as first-class npm scripts, which invites exactly the prohibited workflow. The documented schema-change path is prisma migrate dev, which has no script alias.
|
||||||
|
- **fix:** Remove the db:push (and likely db:pull) scripts, or rename/guard them so they can't be run casually; add a db:migrate script wrapping `prisma migrate dev` to match the documented workflow.
|
||||||
|
|
||||||
|
### 39. [LOW/needs-judgment] Cross-boundary import of a server util by the client is inconsistent and structurally fragile
|
||||||
|
- **dimension:** config-structure
|
||||||
|
- **where:** src/admin/utils/attendanceHelpers.ts:1; src/admin/hooks/useAttendanceAdmin.ts:4; src/utils/czech-holidays.ts:1-8; tsconfig.server.json:21-30
|
||||||
|
- **problem:** src/admin code imports getHolidays/isHoliday from the server-side util src/utils/czech-holidays via '../../utils/czech-holidays'. This is the ONLY place server logic is genuinely shared with the client; every other shared concern (formatters, label maps, EntityType) is duplicated instead, so the sharing strategy is inconsistent. It also reaches across the build boundary: tsconfig.server.json compiles src/utils into the server bundle while Vite separately bundles the same file into the client. It works today only because czech-holidays has no Node-only dependencies (it imports just ./date). If czech-holidays ever pulls in a Node API (fs, crypto, prisma), the client build breaks silently.
|
||||||
|
- **fix:** Decide on one strategy: either introduce a dedicated src/shared/ (or src/common/) module for genuinely isomorphic helpers like czech-holidays and date formatters, referenced by both builds with an explicit boundary, or duplicate intentionally. Avoid ad-hoc src/admin -> src/utils relative imports that silently couple the two bundles.
|
||||||
|
|
||||||
|
### 40. [LOW/safe-auto] .env.example has drifted from the variables actually read in config/env.ts
|
||||||
|
- **dimension:** config-structure
|
||||||
|
- **where:** .env.example:1-32; src/config/env.ts:55-110
|
||||||
|
- **problem:** config/env.ts reads several env vars absent from .env.example: TOTP_ALGORITHM, TOTP_DIGITS, TOTP_PERIOD, LOGIN_TOKEN_EXPIRY_MINUTES, NAS_FINANCIALS_PATH, NAS_OFFERS_PATH, SMTP_FROM_NAME, INVOICE_ALERT_EMAIL, RATE_LIMIT_MAX/WINDOW/LOGIN/TOTP/REFRESH, and TRUST_PROXY. All have defaults so nothing breaks, but the example file no longer documents the full configuration surface, making prod tuning (rate limits, trust proxy) undiscoverable.
|
||||||
|
- **fix:** Add the missing optional variables (with their default values as comments) to .env.example so it stays a complete reference for config/env.ts.
|
||||||
|
|
||||||
|
### 41. [LOW/manual] Inconsistent badge/class naming scheme (admin- prefix dropped)
|
||||||
|
- **dimension:** css
|
||||||
|
- **where:** src/admin/components.css:142; src/admin/components.css:146; src/admin/components.css:150; src/admin/components.css:154; src/admin/attendance.css:333; src/admin/invoices.css:24; src/admin/invoices.css:70
|
||||||
|
- **problem:** Class naming is inconsistent within the single global namespace. Most badges use admin-badge-* (admin-badge-order-prijata, admin-badge-invoice-paid), but the leave-status badges in components.css:142-154 are bare badge-pending/badge-approved/badge-rejected/badge-cancelled, and attendance.css reuses bare badge-vacation/sick/holiday/unpaid. invoices.css mixes three schemes in one file: admin-badge-invoice-* (:5), invoice-month-* (:24), and received-upload-* (:70). Because all CSS is global, these bare badge-* names risk collision and make the convention ambiguous (admin-* for shared vs feature-prefix for page-local).
|
||||||
|
- **fix:** Document and enforce one rule: shared/reusable components use admin-*, page-local elements use a feature prefix (already done for plan-*, dash-*, fm-*). Rename bare badge-* to admin-badge-* (or feature-prefix them) — coordinate the matching className strings in the TSX. Not safe-auto because it requires synchronized TSX edits.
|
||||||
|
|
||||||
|
### 42. [LOW/needs-judgment] Defined-but-unused CSS variables (dead tokens)
|
||||||
|
- **dimension:** css
|
||||||
|
- **where:** src/admin/variables.css:27; src/admin/variables.css:34; src/admin/variables.css:14; src/admin/variables.css:15; src/admin/variables.css:26
|
||||||
|
- **problem:** Several tokens are declared but never referenced anywhere in *.css: --gradient-subtle (variables.css:27), --transition-slow (:34), --space-10 (:14) and --space-12 (:15). Additionally --gradient (:26) is used only once (attendance.css:220) and is just a duplicate literal of --accent-color (#d63031), so it is a redundant alias rather than a real gradient token. These are dead/redundant and add noise to the token system.
|
||||||
|
- **fix:** Remove the unused tokens, or wire them up if intended. For --gradient, either point attendance.css:220 at var(--accent-color) and delete --gradient, or rename it to something meaningful. Verify against TSX inline styles before deleting (grep showed no CSS consumers).
|
||||||
|
|
||||||
|
### 43. [LOW/needs-judgment] Empty responsive.css stub imported into the bundle
|
||||||
|
- **dimension:** css
|
||||||
|
- **where:** src/admin/responsive.css:1; src/admin/AdminApp.tsx:22
|
||||||
|
- **problem:** responsive.css contains only a 6-line comment ('reserved for responsive rules that span multiple components') and no rules, yet is imported at AdminApp.tsx:22. All responsive media queries actually live in their per-feature files (forms.css, layout.css, components.css, etc.), so the file is dead. It is harmless but misleading — a reader may expect cross-cutting breakpoints to live here.
|
||||||
|
- **fix:** Either delete the file and its import, or actually consolidate the repeated breakpoints here. Note there is no shared breakpoint token: 480/640/768/1024 recur across ~15 files as raw px (e.g. forms.css:293-312, components.css, layout.css). If kept, this file is the natural place to at least document the canonical breakpoint set.
|
||||||
|
|
||||||
|
### 44. [LOW/safe-auto] plan.css imported twice
|
||||||
|
- **dimension:** css
|
||||||
|
- **where:** src/admin/AdminApp.tsx:26; src/admin/pages/PlanWork.tsx:18
|
||||||
|
- **problem:** plan.css is imported globally in AdminApp.tsx:26 (alongside all other stylesheets) and again in PlanWork.tsx:18. Since AdminApp already loads it globally, the second import is redundant. The bundler de-dupes so there is no runtime double-application, but it is inconsistent — no other page re-imports its own CSS (e.g. WarehousePage does not re-import warehouse.css), so this is an outlier that suggests uncertainty about the loading model.
|
||||||
|
- **fix:** Remove the import at PlanWork.tsx:18 to match the convention that all admin CSS is loaded once in AdminApp.tsx. Low risk since the global import already covers it.
|
||||||
|
|
||||||
|
### 45. [LOW/needs-judgment] getCzechDate week number uses a non-ISO local formula that disagrees with the plan module's ISO week
|
||||||
|
- **dimension:** dates
|
||||||
|
- **where:** src/admin/utils/dashboardHelpers.ts:75-78; src/admin/pages/PlanWork.tsx:61-69
|
||||||
|
- **problem:** The dashboard header (getCzechDate) computes "Týden N" with a homegrown formula: Math.ceil(((now - Jan1)/86400000 + Jan1.getDay() + 1)/7) using local getters. This is not ISO-8601 (ISO weeks start Monday; week 1 is the week containing the first Thursday) and is also locale-dependent via getDay(). PlanWork.tsx:61-69 implements a correct ISO-8601 week (Thursday-anchored, UTC). For dates near year boundaries the two will display different week numbers for the same day, an internal inconsistency users can notice.
|
||||||
|
- **fix:** Extract PlanWork's isoWeekNumber into a shared util and reuse it in getCzechDate so the week number is computed one consistent (ISO) way across the UI.
|
||||||
|
|
||||||
|
### 46. [LOW/needs-judgment] Two divergent conventions for writing @db.Date columns (UTC-midnight vs local-noon)
|
||||||
|
- **dimension:** dates
|
||||||
|
- **where:** src/routes/admin/trips.ts:234; src/routes/admin/trips.ts:294; src/services/invoices.service.ts:362-364; src/services/attendance.service.ts:1176; src/services/attendance.service.ts:1227-1234
|
||||||
|
- **problem:** Date-only (@db.Date) columns are written two different ways. Trips and invoices do new Date(String(body.x)) where body.x is "YYYY-MM-DD" → UTC-midnight. Attendance constructs new Date(year,month,day,12,0,0) → local noon. Both currently store the correct date in Prague only because the local offset is always positive and 12:00 local is comfortably inside the day in UTC. The local-noon form is the robust one (immune to offset sign and DST edges); the UTC-midnight form is the fragile one. Mixing them is an inconsistency that invites a future off-by-one if anyone copies the wrong pattern or the deployment TZ ever changes.
|
||||||
|
- **fix:** Standardize on one convention for @db.Date writes — prefer the local-noon construction (or a single shared helper like dateOnly("YYYY-MM-DD")) and use it in trips/invoices too. Behavior is unchanged for Prague today, so this is a consistency/robustness cleanup, not an urgent fix.
|
||||||
|
|
||||||
|
### 47. [LOW/needs-judgment] escapeHtml is defined six times across the codebase
|
||||||
|
- **dimension:** deadcode
|
||||||
|
- **where:** src/routes/admin/invoices-pdf.ts:35; src/routes/admin/orders-pdf.ts:50; src/routes/admin/offers-pdf.ts:51; src/services/invoice-alerts.ts:18; src/services/leave-notification.ts:21; src/admin/hooks/useAttendanceAdmin.ts:341
|
||||||
|
- **problem:** There are six separate definitions of an escapeHtml(str) function. Five escape &,<,>," identically; the sixth (useAttendanceAdmin.ts:341) additionally escapes the single quote ('). They are used for HTML email bodies, PDF templates, and print HTML — all contexts where consistent escaping matters. The subtle difference (one escapes the apostrophe, the others don't) is the kind of inconsistency that hides XSS/output bugs.
|
||||||
|
- **fix:** Move escapeHtml into a single shared util (server-side src/utils, plus one for the frontend, or share via a common module). Standardize on the stricter variant that also escapes the single quote. Replace the six local copies with imports.
|
||||||
|
|
||||||
|
### 48. [LOW/safe-auto] formatDate duplicated between two frontend util files
|
||||||
|
- **dimension:** deadcode
|
||||||
|
- **where:** src/admin/utils/formatters.ts:20; src/admin/utils/attendanceHelpers.ts:24
|
||||||
|
- **problem:** formatters.ts exports `formatDate(dateStr)` => `d.toLocaleDateString('cs-CZ')` with a '—' fallback, and attendanceHelpers.ts exports an identical `formatDate` (same body, same '—' fallback). Both are imported across the app, so two names resolve to the same logic in different modules — a maintenance hazard if one is changed.
|
||||||
|
- **fix:** Keep the canonical formatDate in formatters.ts and have attendanceHelpers re-export or import it instead of redefining. Update attendanceHelpers consumers to the shared one.
|
||||||
|
|
||||||
|
### 49. [LOW/safe-auto] Dead export: previewPattern() in numbering.service.ts
|
||||||
|
- **dimension:** deadcode
|
||||||
|
- **where:** src/services/numbering.service.ts:343
|
||||||
|
- **problem:** `previewPattern(pattern, prefix, code)` is exported but has zero references anywhere in src (verified by grep across .ts/.tsx). It is the only public function in the numbering service with no callers; all sibling preview/generate functions are used.
|
||||||
|
- **fix:** Remove previewPattern, or wire it into the settings UI/route that previews a numbering pattern if that was its intent. As-is it is dead code.
|
||||||
|
|
||||||
|
### 50. [LOW/safe-auto] Dead export: usersQuery + planKeys.users() in plan query module
|
||||||
|
- **dimension:** deadcode
|
||||||
|
- **where:** src/admin/lib/queries/plan.ts:111; src/admin/lib/queries/plan.ts:95
|
||||||
|
- **problem:** `usersQuery()` (plan.ts:111) is exported but never imported or used by any component/page. Its query key `planKeys.users()` (plan.ts:95) is referenced only by usersQuery itself. The `/api/admin/plan/users` endpoint string appears only inside this dead query (the PlanWork grid gets its users from the grid payload instead). So the frontend query, its key entry, and the `users: () => ['plan','users']` key are an orphaned cluster. (The backend route src/routes/admin/plan.ts:63 still exists and was not assessed as dead from the server side.)
|
||||||
|
- **fix:** Remove usersQuery and the planKeys.users key entry. Separately confirm whether the backend GET /plan/users route still has any consumer; if not, it can be removed too.
|
||||||
|
|
||||||
|
### 51. [LOW/needs-judgment] Dead export: getMonthlyWorkFund() in czech-holidays.ts
|
||||||
|
- **dimension:** deadcode
|
||||||
|
- **where:** src/utils/czech-holidays.ts:95
|
||||||
|
- **problem:** `getMonthlyWorkFund(...)` is exported but has zero references across src (verified by grep). Sibling exports getHolidays/isHoliday/getBusinessDaysInMonth are all used; this one is not.
|
||||||
|
- **fix:** Remove getMonthlyWorkFund, or use it where monthly work-fund hours are currently computed inline (e.g. attendance.service.ts computes fund hours as `getBusinessDaysInMonth(...) * 8` in several places — that inline math is what this helper appears intended to replace).
|
||||||
|
|
||||||
|
### 52. [LOW/needs-judgment] Unused file: ReservationPicker.tsx
|
||||||
|
- **dimension:** deadcode
|
||||||
|
- **where:** src/admin/components/warehouse/ReservationPicker.tsx:11
|
||||||
|
- **problem:** The whole file (54 lines, default export ReservationPicker) has no importers anywhere in the project — grep for 'ReservationPicker' returns only self-references inside the file. The sibling warehouse pickers (ItemPicker, BatchPicker, SupplierSelect, LocationSelect) are all imported and used; this one is an orphan.
|
||||||
|
- **fix:** Delete src/admin/components/warehouse/ReservationPicker.tsx, or wire it into the warehouse issue/reservation flow if it was intended for an unfinished feature.
|
||||||
|
|
||||||
|
### 53. [LOW/safe-auto] Inconsistent Czech phrasing for "not found" (nenalezen vs nebyl nalezen)
|
||||||
|
- **dimension:** i18n
|
||||||
|
- **where:** src/routes/admin/project-files.ts:61; src/routes/admin/project-files.ts:73; src/routes/admin/project-files.ts:92; src/routes/admin/project-files.ts:112; src/routes/admin/project-files.ts:165; src/routes/admin/project-files.ts:228; src/routes/admin/project-files.ts:270; src/services/warehouse.service.ts:967; src/services/warehouse.service.ts:1021; src/routes/admin/projects.ts:56
|
||||||
|
- **problem:** Two phrasings express the same concept. The dominant, compact form "nenalezen/nenalezena/nenalezeno" appears ~92 times across routes/services; the verbose form "nebyl/nebyla nalezen*" appears ~16 times (all of project-files.ts plus warehouse.service.ts reservations/inventory). The clash is sometimes on the identical entity: projects.ts:56 "Projekt nenalezen" vs project-files.ts:61 "Projekt nebyl nalezen"; warehouse routes "Kategorie nenalezena"/"Dodavatel nenalezen" vs warehouse.service.ts "Rezervace nebyla nalezena"/"Inventarizace nebyla nalezena". Same product, two wordings for the same 404.
|
||||||
|
- **fix:** Standardize on the dominant compact form ("Projekt nenalezen", "Soubor nenalezen", "Složka nenalezena", "Rezervace nenalezena", "Inventarizace nenalezena"). Pure string normalization, no logic change. Low priority polish.
|
||||||
|
|
||||||
|
### 54. [LOW/needs-judgment] parseBody leaks default English Zod messages for validators without a custom message
|
||||||
|
- **dimension:** i18n
|
||||||
|
- **where:** src/schemas/common.ts:12; src/schemas/received-invoices.schema.ts:27; src/schemas/attendance.schema.ts:25; src/schemas/leave-requests.schema.ts:4; src/schemas/offers.schema.ts:92; src/schemas/orders.schema.ts:93; src/schemas/attendance.schema.ts:8; src/schemas/plan.schema.ts:42; src/schemas/auth.schema.ts:26
|
||||||
|
- **problem:** parseBody (common.ts:12) joins each Zod issue's .message and returns it directly as the user-facing API error. Fields with explicit Czech messages (e.g. .min(1, "Název je povinný")) are fine, but validators relying on Zod defaults emit English to the user: z.enum([...]) without a message -> "Invalid enum value..."; .max(500) on note/address -> "String must contain at most 500 character(s)"; TOTP secret/code .min(1) (auth.schema.ts:26-33) -> "String must contain at least 1 character(s)". Most are hard for a normal user to trigger (enum values come from dropdowns), but the length caps on free-text note/address fields are reachable.
|
||||||
|
- **fix:** Add Czech messages to the user-reachable validators (the free-text .max() caps and any enum a user could submit), or centralize a Czech errorMap on the Zod instance so defaults are Czech globally. Lower urgency for purely internal enums/tokens. Treat as needs-judgment because deciding which validators are user-reachable requires per-field review.
|
||||||
|
|
||||||
|
### 55. [LOW/safe-auto] Best-effort frontend background calls swallow errors silently with .catch(() => {})
|
||||||
|
- **dimension:** logging
|
||||||
|
- **where:** src/admin/pages/Attendance.tsx:235; src/admin/pages/Attendance.tsx:238; src/admin/pages/InvoiceDetail.tsx:778
|
||||||
|
- **problem:** Three fire-and-forget calls (reverse-geocode address update, and post-save PDF pre-generation) use '.catch(() => {})' with no logging. These are genuinely non-critical side effects, so failing silently is a defensible product choice, but the empty handler gives no breadcrumb when the address never updates or the PDF isn't pre-generated. Unlike the rest of the frontend, which consistently surfaces errors via alert.error with a Czech fallback, these are invisible.
|
||||||
|
- **fix:** Add a console.warn (or a debug-level log) in the catch so the swallow is intentional-and-traceable rather than fully silent, e.g. '.catch((e) => console.warn("address update failed", e))'. No user-facing alert is warranted for these background ops.
|
||||||
|
|
||||||
|
### 56. [LOW/needs-judgment] plan.ts query factories use '*Query' suffix instead of the established '*Options' convention
|
||||||
|
- **dimension:** naming
|
||||||
|
- **where:** src/admin/lib/queries/plan.ts:98; src/admin/lib/queries/plan.ts:111
|
||||||
|
- **problem:** Across src/admin/lib/queries, 55 query factories use the '*Options' suffix (userListOptions, orderListOptions, attendanceBalancesOptions, planCategoriesOptions, etc.). plan.ts itself uses planCategoriesOptions correctly, but then defines gridQuery (line 98) and usersQuery (line 111) with a '*Query' suffix instead. These are the only two '*Query'-suffixed factories in the whole queries directory, so the names read as a different kind of thing than they are (they are queryOptions() factories identical in shape to the *Options ones).
|
||||||
|
- **fix:** Rename gridQuery -> planGridOptions and usersQuery -> planUsersOptions for parity with the surrounding 55 *Options factories. Both are used inside the same module/feature, so the blast radius is small.
|
||||||
|
|
||||||
|
### 57. [LOW/needs-judgment] '.service.ts' suffix applied to only half of service files, with two borderline cases
|
||||||
|
- **dimension:** naming
|
||||||
|
- **where:** src/services/exchange-rates.ts; src/services/system-settings.ts; src/services/numbering.service.ts
|
||||||
|
- **problem:** Of 20 files in src/services, exactly 10 carry the '.service.ts' suffix and 10 do not. The split largely tracks a sensible distinction (entity CRUD services like invoices.service.ts / users.service.ts are suffixed; infra/integration helpers like mailer.ts, audit.ts, nas-*-manager.ts, leave-notification.ts are not), so this is not pure randomness. However the boundary is fuzzy: exchange-rates.ts (exports getRate/toCzk) and system-settings.ts (exports getSystemSettings) are read/query services that resemble the suffixed group but lack the suffix, while numbering.service.ts is suffixed despite being a low-level sequence helper. A reader cannot rely on the suffix to predict a file's role.
|
||||||
|
- **fix:** Document the intended rule in CLAUDE.md (e.g. '*.service.ts = entity business-logic services; bare name = infra/integration helpers') and rename the borderline files to match it, OR drop the suffix entirely since the directory name 'services/' already conveys the role. Either way pick one rule; do not leave it implicit.
|
||||||
|
|
||||||
|
### 58. [LOW/needs-judgment] queryKey helper naming: only 'plan' defines a 'planKeys' key-factory object; other domains inline keys
|
||||||
|
- **dimension:** naming
|
||||||
|
- **where:** src/admin/lib/queries/plan.ts:87
|
||||||
|
- **problem:** plan.ts introduces a dedicated planKeys object (all/grid/entries/overrides/users) to centralize query keys, which is a good pattern. But it is the only domain in src/admin/lib/queries that does so; every other module (users.ts, orders.ts, invoices.ts, trips.ts, etc.) inlines its queryKey arrays directly inside each *Options factory. The result is two coexisting key-management styles with no documented reason, so a contributor cannot tell which pattern to follow when adding a query.
|
||||||
|
- **fix:** Decide on one approach: either adopt the planKeys-style key-factory object per domain (more robust against typos and easier invalidation), or treat planKeys as a deliberate exception and note it. Low priority — purely a consistency/discoverability issue, no behavior impact.
|
||||||
|
|
||||||
|
### 59. [LOW/needs-judgment] getInvoiceStats walks the dataset four times with sequential per-invoice currency conversion
|
||||||
|
- **dimension:** prisma
|
||||||
|
- **where:** src/services/invoices.service.ts:247-256; src/services/invoices.service.ts:284-297
|
||||||
|
- **problem:** sumCzk awaits toCzk per invoice in a loop, called three times plus a fourth VAT loop; serializes many awaits. Cached so it is await overhead not network.
|
||||||
|
- **fix:** Pre-fetch the rate map once and convert synchronously, or resolve conversions together. Low priority.
|
||||||
|
|
||||||
|
### 60. [LOW/needs-judgment] getBalances runs a sequential leave_balances query per user
|
||||||
|
- **dimension:** prisma
|
||||||
|
- **where:** src/services/attendance.service.ts:490-504; src/services/attendance.service.ts:944-946
|
||||||
|
- **problem:** Loops users running leave_balances findFirst each; getPrintData already uses one findMany for the year then a map, so this is inconsistent.
|
||||||
|
- **fix:** One findMany filtered by user_id in the list and year; index by user_id.
|
||||||
|
|
||||||
|
### 61. [LOW/needs-judgment] enrich and body handlers typed as any, dropping Prisma types
|
||||||
|
- **dimension:** prisma
|
||||||
|
- **where:** src/services/orders.service.ts:41; src/services/offers.service.ts:49; src/services/invoices.service.ts:339; src/services/invoices.service.ts:391; src/services/projects.service.ts:95
|
||||||
|
- **problem:** enrichOrder and enrichQuotation and several handlers take any, losing the types Prisma generates for includes and mapped rows; code otherwise strict TS, deriving a getPayload type at attendance.service.ts 23-28.
|
||||||
|
- **fix:** Type enrich inputs with the Prisma getPayload helper; tighten bodies to existing input interfaces.
|
||||||
|
|
||||||
|
### 62. [LOW/needs-judgment] Server data synced into form state via useEffect instead of derived/key-reset (accepted-but-not-ideal)
|
||||||
|
- **dimension:** react
|
||||||
|
- **where:** src/admin/pages/InvoiceDetail.tsx:371; src/admin/pages/InvoiceDetail.tsx:454; src/admin/pages/OfferDetail.tsx:383; src/admin/pages/OfferDetail.tsx:428; src/admin/pages/CompanySettings.tsx:256; src/admin/pages/Settings.tsx:213
|
||||||
|
- **problem:** Multiple pages copy query data into local form state inside an effect, guarded by a one-shot ref/flag (formInitializedRef / dataReady / sysFormInitialized) or a derived-default merge (InvoiceDetail:371, OfferDetail:383 adjust currency/vat from companySettings on prop change). The React 'You Might Not Need an Effect' guidance explicitly lists 'adjusting/resetting state on prop change in an Effect' as an anti-pattern (causes an extra render with stale data) and recommends either computing during render or resetting state with a `key`. The flag-guarded population effects are the commonly-accepted compromise for editable forms seeded from server data, so this is low severity, but it is the same family of effect the docs steer away from.
|
||||||
|
- **fix:** Where feasible, prefer resetting form state by giving the editor a key (e.g. key={id} on the detail component) so a fresh mount re-seeds state without an effect, and compute the companySettings-derived defaults (currency/vat) during render rather than patching state in an effect. Treat as cleanup, not a blocker — the current guards prevent the worst (re-clobbering user edits).
|
||||||
|
|
||||||
|
### 63. [LOW/manual] 2FA/profile state prop-drilled through DashProfile (18 props)
|
||||||
|
- **dimension:** react
|
||||||
|
- **where:** src/admin/components/dashboard/DashProfile.tsx:10; src/admin/components/dashboard/DashProfile.tsx:40
|
||||||
|
- **problem:** DashProfile receives 18 props, ~14 of which are a single concern: the 2FA enrollment/disable flow state and its setters (totpEnabled, totpLoading, totpSubmitting, totpSecret, totpQrUri, totpCode/setTotpCode, backupCodes/setBackupCodes, show2FASetup/setShow2FASetup, show2FADisable/setShow2FADisable, disableCode/setDisableCode, plus onStart/onConfirm/onDisable callbacks). This is all owned by the Dashboard parent and threaded down, making the component signature brittle and the 2FA logic split across two files.
|
||||||
|
- **fix:** Encapsulate the 2FA flow in a dedicated hook (e.g. use2FA()) colocated with DashProfile, or move the 2FA modals fully into DashProfile and have it own that state. The parent then passes only totpEnabled (or nothing). This is a maintainability refinement, not a bug.
|
||||||
|
|
||||||
|
### 64. [LOW/safe-auto] Minor: derived-state effect in ItemPicker resets activeIndex via useEffect
|
||||||
|
- **dimension:** react
|
||||||
|
- **where:** src/admin/components/warehouse/ItemPicker.tsx:48
|
||||||
|
- **problem:** The effect at line 48 watches [items, activeIndex] to reset the highlighted index when the result list shrinks. This is derived state maintained through an effect (the docs' 'you might not need an effect' territory) and introduces an extra render cycle; it also lists activeIndex in deps while setting it, which is benign here only because of the guard. Low impact — the component otherwise correctly uses refs for keyboard nav.
|
||||||
|
- **fix:** Clamp activeIndex during render (e.g. const safeActive = activeIndex >= items.length ? -1 : activeIndex) or reset it in the same handler that changes the search/items rather than reacting in an effect. Optional cleanup.
|
||||||
|
|
||||||
|
### 65. [LOW/safe-auto] Inconsistent numeric ID parsing — raw parseInt instead of the parseId helper
|
||||||
|
- **dimension:** routes
|
||||||
|
- **where:** src/routes/admin/trips.ts:192-193; src/routes/admin/trips.ts:264-265; src/routes/admin/trips.ts:338-339; src/routes/admin/sessions.ts:84-85
|
||||||
|
- **problem:** response.ts exports parseId(raw, reply) specifically to centralize param-id parsing (it rejects NaN and id<=0 with a uniform 400 'Neplatné ID'). Most files use it, but trips.ts and sessions.ts hand-roll `parseInt(...,10)` + `isNaN` checks. Besides the duplication, the hand-rolled versions accept id <= 0 (e.g. 0 or negative) because they only check isNaN, whereas parseId also rejects id <= 0 — a subtle behavioral divergence. Error messages also differ ('Neplatné ID vozidla', 'Neplatné ID relace' vs the helper's 'Neplatné ID').
|
||||||
|
- **fix:** Replace the parseInt/isNaN blocks with `const id = parseId(request.params.id, reply); if (id === null) return;` (trips.ts uses request.params.id / vehicleId; keep a tailored message only if the distinct wording is desired). This unifies the <=0 rejection and the 400 response shape.
|
||||||
|
|
||||||
|
### 66. [LOW/needs-judgment] Several not-found / precondition errors in project-files.ts fall back to default 400 instead of an explicit status
|
||||||
|
- **dimension:** routes
|
||||||
|
- **where:** src/routes/admin/project-files.ts:68; src/routes/admin/project-files.ts:69; src/routes/admin/project-files.ts:88; src/routes/admin/project-files.ts:114; src/routes/admin/project-files.ts:124; src/routes/admin/project-files.ts:138; src/routes/admin/project-files.ts:179; src/routes/admin/project-files.ts:202; src/routes/admin/project-files.ts:229; src/routes/admin/project-files.ts:241; src/routes/admin/project-files.ts:279
|
||||||
|
- **problem:** Within the same file, downloadFile-not-found correctly returns error(reply, 'Soubor nebyl nalezen', 404) (line 73) and listFiles folder-not-found returns 404 (line 92), but the parallel 'Projekt nemá číslo projektu' (88,114,229), required-path messages (68,279), and fm-returned-error passthroughs (138,202,241) all omit the status and silently use the helper's default 400. Most are genuinely validation/precondition (400 is fine), but 'Projekt nemá číslo projektu' is a state precondition inconsistently a 400 here vs config-missing cases returning 500, and the omitted statuses make intent unclear. Consistency/clarity issue, not a correctness bug.
|
||||||
|
- **fix:** Pass an explicit status to each error() call so the intended HTTP semantics are visible and uniform (400 for client validation, 404/409/422 for state preconditions as appropriate). At minimum make the 'Projekt nemá číslo projektu' and required-path messages explicit rather than relying on the default.
|
||||||
|
|
||||||
|
### 67. [LOW/safe-auto] Redundant non-null assertions on parseBody result (body.data!) in plan.ts
|
||||||
|
- **dimension:** routes
|
||||||
|
- **where:** src/routes/admin/plan.ts:170; src/routes/admin/plan.ts:194; src/routes/admin/plan.ts:238-242; src/routes/admin/plan.ts:267; src/routes/admin/plan.ts:319; src/routes/admin/plan.ts:361
|
||||||
|
- **problem:** plan.ts writes `const body = parseBody(...); if ('error' in body) return ...; ... body.data!`. parseBody returns `{ data: T } | { error: string }` (schemas/common.ts:3-6), so after the `'error' in body` guard TypeScript already narrows body to `{ data: T }` and `.data` is non-null. Every other route file uses the cleaner `const parsed = parseBody(...); if ('error' in parsed) return ...; const body = parsed.data;` form without the `!`. The `!` is harmless but inconsistent and signals (falsely) that data might be nullable.
|
||||||
|
- **fix:** Adopt the prevailing pattern: bind `const parsed = parseBody(...)`, guard, then `const body = parsed.data` without the non-null assertion, matching customers.ts / warehouse.ts / attendance.ts.
|
||||||
|
|
||||||
|
### 68. [LOW/needs-judgment] usePlanWork re-implements the gridQuery factory inline with untyped apiFetch parsing
|
||||||
|
- **dimension:** rq-data
|
||||||
|
- **where:** src/admin/hooks/usePlanWork.ts:87; src/admin/lib/queries/plan.ts:98
|
||||||
|
- **problem:** plan.ts exports a `gridQuery(dateFrom,dateTo,view)` queryOptions factory (line 98) that uses jsonQuery<GridData> for type-safe envelope handling. usePlanWork.ts:87 ignores it and inlines its own useQuery with `apiFetch(...).then(r=>r.json().then((b:any)=>b.data as GridData))` — duplicating the URL construction, skipping jsonQuery's `!response.ok || !result.success` error check (so a backend `{success:false}` silently yields undefined data instead of throwing), and using `b:any`. The planKeys factory is reused for the key, but the queryFn diverges. This is the only place a query bypasses the apiAdapter.
|
||||||
|
- **fix:** Replace the inline useQuery body with the existing gridQuery factory: `useQuery({ ...gridQuery(isoDate(range.from), isoDate(range.to), view), placeholderData: keepPreviousData })`. Restores jsonQuery's error handling and removes the `any`. Low risk but should be eyeballed since the hook also reads this query's cache key elsewhere (key is unchanged, so cache stays compatible).
|
||||||
|
|
||||||
|
### 69. [LOW/safe-auto] Duplicate require2FAOptions factory (dead copy in dashboard.ts) and unused deprecated systemSettingsOptions alias
|
||||||
|
- **dimension:** rq-data
|
||||||
|
- **where:** src/admin/lib/queries/dashboard.ts:12; src/admin/lib/queries/settings.ts:82; src/admin/lib/queries/settings.ts:80
|
||||||
|
- **problem:** `require2FAOptions` is defined identically in two query files — dashboard.ts:12 and settings.ts:82 — both with the same key `["settings","2fa"]` and same URL. Both consumers (Dashboard.tsx:10, Settings.tsx:14) import the settings.ts copy, so the dashboard.ts copy is dead code. Because keys match it is not a cache-collision bug, but two sources of truth for one query is a maintenance hazard (edit one, miss the other). Separately, settings.ts:80 exports a `/** @deprecated */ systemSettingsOptions = systemInfoOptions` alias that has no importers (only systemInfoOptions is used).
|
||||||
|
- **fix:** Delete the duplicate require2FAOptions from dashboard.ts:12 (keep the settings.ts canonical one). Delete the unused deprecated systemSettingsOptions alias at settings.ts:80. Both are confirmed unreferenced by grep, so removal is mechanical and behavior-free.
|
||||||
|
|
||||||
|
### 70. [LOW/needs-judgment] Inconsistent filter-key serialization across list query factories
|
||||||
|
- **dimension:** rq-data
|
||||||
|
- **where:** src/admin/lib/queries/invoices.ts:129; src/admin/lib/queries/invoices.ts:157; src/admin/lib/queries/trips.ts:40; src/admin/lib/queries/warehouse.ts:194; src/admin/lib/queries/projects.ts:45
|
||||||
|
- **problem:** List factories are inconsistent in how the filters object becomes part of the query key. Most spread the raw filters object directly (invoices.ts:129 `["invoices","list",filters]`; warehouse, projects, offers, audit-log do the same), but trips.ts:40 and invoices received (invoices.ts:157) instead spell out an explicit object literal of the same fields. Functionally both work (React Query hashes the key deterministically and ignores object key order), but the inconsistency is gratuitous: the explicit form silently drops any new filter field that isn't manually listed, whereas the spread form auto-includes it. Not a bug today, just a divergence and a latent footgun for the spelled-out ones.
|
||||||
|
- **fix:** Pick one convention (spreading the filters object is the simpler, more future-proof choice) and apply it uniformly. Low priority — cosmetic consistency, no behavior change. Verify each endpoint's filters object contains only key-relevant fields before spreading.
|
||||||
|
|
||||||
|
### 71. [LOW/needs-judgment] Wrong TOTP code does not increment failed-login attempts (relies on rate limit only)
|
||||||
|
- **dimension:** security
|
||||||
|
- **where:** src/routes/admin/auth.ts:160-163; src/services/system-settings.ts
|
||||||
|
- **problem:** In the /login/totp handler, an invalid TOTP code returns 'Neplatný TOTP kód' (line 161-163) without touching failed_login_attempts or locked_until. The password stage (auth.ts service) and the backup-code endpoint (totp.ts:315-335) both implement lockout, but the primary TOTP step does not. The only protection against TOTP brute force after a valid login_token is the per-minute rate limit (config.rateLimit.loginTotp, default 5/min). The login_token lives 5 minutes and a fresh one can be re-minted by re-submitting the password, so a determined attacker who has the password gets a sustained ~5 guesses/minute against a 6-digit (1M) space without ever tripping account lockout.
|
||||||
|
- **fix:** On invalid TOTP code in /login/totp, increment failed_login_attempts inside a transaction and set locked_until when it reaches max_login_attempts, mirroring the backup-verify logic. This makes the second factor enforce the same lockout policy as the first.
|
||||||
|
|
||||||
|
### 72. [LOW/needs-judgment] Server-side PDF endpoints return attacker-influenceable HTML as same-origin text/html
|
||||||
|
- **dimension:** security
|
||||||
|
- **where:** src/routes/admin/invoices-pdf.ts:1076; src/routes/admin/offers-pdf.ts:764; src/routes/admin/invoices-pdf.ts:521; src/routes/admin/offers-pdf.ts:357
|
||||||
|
- **problem:** In non-save mode, the invoices-pdf and offers-pdf routes render the full document HTML and send it with reply.type('text/html').send(html) directly to the browser (not application/pdf). The notes/scope content is user-controlled rich text. It IS sanitized (DOMPurify.sanitize wrapped by cleanQuillHtml), so this is defense-in-depth rather than an open hole, but serving same-origin HTML built from user data is fragile: any future regression in the sanitizer, or any unescaped interpolation added to these large templates, becomes stored XSS on the app origin. The production CSP (security.ts:24-36) does mitigate inline script, but these PDF responses are served by the same Fastify app and inherit that origin.
|
||||||
|
- **fix:** Prefer returning application/pdf (render via htmlToPdf) to the client instead of raw HTML, as the orders-pdf route already does (orders-pdf.ts:889-892). If an HTML preview must be served, consider a Content-Disposition or a sandboxed delivery path. At minimum, keep the DOMPurify + cleanQuillHtml layering and avoid adding any non-escapeHtml interpolation of DB/user fields into these templates.
|
||||||
|
|
||||||
|
### 73. [LOW/needs-judgment] Scope/notes rich-text is sanitized only at render time, never on write
|
||||||
|
- **dimension:** security
|
||||||
|
- **where:** src/routes/admin/invoices-pdf.ts:521; src/routes/admin/orders-pdf.ts:409; src/admin/pages/InvoiceDetail.tsx:1206; src/admin/pages/OrderDetail.tsx:687
|
||||||
|
- **problem:** Invoice notes and quotation/order scope HTML are stored raw in the DB and sanitized at every read/render site (3 PDF routes + 2 frontend render sites). This is consistent and currently complete, but it means correctness depends on every present and future consumer remembering to sanitize. Any new feature that renders these fields (e.g. an email body, a new export, an admin preview) without DOMPurify reintroduces stored XSS. Sanitizing on write would make the stored value safe-by-default for all consumers.
|
||||||
|
- **fix:** Consider sanitizing rich-text scope/notes once on the write path (in the quotations/orders/invoices create+update services or Zod transforms) so stored data is already clean, treating render-time sanitization as defense-in-depth. Not urgent given current coverage is complete; flagging so the invariant is documented and enforced centrally.
|
||||||
|
|
||||||
|
### 74. [LOW/needs-judgment] HSTS header omits preload and is gated entirely on APP_ENV=production
|
||||||
|
- **dimension:** security
|
||||||
|
- **where:** src/middleware/security.ts:18-22; src/middleware/security.ts:23-36
|
||||||
|
- **problem:** Strict-Transport-Security is set to 'max-age=31536000; includeSubDomains' without 'preload', and both HSTS and the full CSP are only emitted when config.isProduction (APP_ENV==='production'). The max-age/includeSubDomains is good, but without preload the first-visit TLS-strip window remains. More notably, all CSP protection is absent in any non-production deployment (e.g. a staging box on real DNS), so the same app code runs without script-src/frame-ancestors restrictions there.
|
||||||
|
- **fix:** Add 'preload' to the HSTS value if the domain is (or will be) submitted to the preload list. Consider emitting at least a baseline CSP and the security headers in non-local non-production environments too, so staging/preprod is not left unprotected.
|
||||||
|
|
||||||
|
### 75. [LOW/needs-judgment] TOTP backup-code comparison does not stop at first match (minor timing/clarity)
|
||||||
|
- **dimension:** security
|
||||||
|
- **where:** src/routes/admin/totp.ts:307-312
|
||||||
|
- **problem:** The backup-code verify loop runs bcrypt.compare against every stored hash and records matchIndex but never breaks, so it always performs all 8 comparisons. This is intentional-looking constant-time behavior, but the loop also lets a later match overwrite an earlier one and does an unnecessary 8x bcrypt work per attempt. With bcryptCost=12, 8 comparisons per submission under a 5/min rate limit is a small but real CPU amplification, and the non-break pattern is easy to misread. The CLAUDE.md error-handling rule is not violated here; this is a robustness nit.
|
||||||
|
- **fix:** Either document that the full-scan is deliberate constant-time, or break on first match. Given backup codes are unique random values, breaking on match is safe and reduces bcrypt load; combine with the existing lockout to keep brute-force resistance.
|
||||||
|
|
||||||
|
### 76. [LOW/safe-auto] Error-message language mixed Czech/English within schemas
|
||||||
|
- **dimension:** schemas
|
||||||
|
- **where:** src/schemas/orders.schema.ts:9,16,26,37,45,71,81,106; src/schemas/offers.schema.ts:9,16,26,37,56,87; src/schemas/invoices.schema.ts:10,19 (thrown Error strings)
|
||||||
|
- **problem:** Project convention is Czech for user-facing messages. Most schemas follow this, but orders.schema.ts and offers.schema.ts mix English `{ message: 'Must be a valid number' }` (orders:9,16,26,37,71,81,106; offers:9,16,26,37,56,87) alongside Czech `'Musí být platné číslo'` (orders:55,60; offers:47) in the SAME file for the same validation. parseBody surfaces issue.message directly to the client (common.ts:12), so end users can see the English strings. invoices.schema.ts:10,19 also throw English `'Invalid quantity'`/`'Invalid unit_price'`.
|
||||||
|
- **fix:** Translate the English validation messages to Czech to match the rest of the codebase (e.g. 'Musí být platné číslo'). If a shared numeric helper is introduced (finding 1), it can carry one canonical Czech message and eliminate the divergence.
|
||||||
|
|
||||||
|
### 77. [LOW/safe-auto] Inline route schemas use Zod-3-deprecated .strict()/.passthrough()
|
||||||
|
- **dimension:** schemas
|
||||||
|
- **where:** src/routes/admin/audit-log.ts:15-20; .strict(); src/routes/admin/orders-pdf.ts:15-30; .passthrough()
|
||||||
|
- **problem:** The only two object-mode modifiers in the codebase use the Zod 3 forms `.strict()` (audit-log.ts:20) and `.passthrough()` (orders-pdf.ts:30). Per the Zod 4 changelog (the project is on zod ^4.3.6) these are deprecated in favor of the top-level `z.strictObject({...})` and `z.looseObject({...})`. They still work but are flagged for removal and are inconsistent with a Zod-4 codebase.
|
||||||
|
- **fix:** Migrate to `z.strictObject({ days: ..., confirm: ... })` and `z.looseObject({ items: ... })` respectively. Mechanical, no behavior change.
|
||||||
|
|
||||||
|
### 78. [LOW/needs-judgment] No schemas use strict object mode — unknown keys silently stripped everywhere
|
||||||
|
- **dimension:** schemas
|
||||||
|
- **where:** src/schemas/common.ts:8 (schema.parse, default strip); all src/schemas/*.schema.ts object definitions
|
||||||
|
- **problem:** Every body schema is a default `z.object(...)`, which strips unknown keys silently. Only audit-log.ts uses `.strict()`. For mutation endpoints this means a client typo (e.g. `is_activ` instead of `is_active`) is silently dropped rather than rejected, masking client bugs. This is a deliberate-tradeoff call (lenient APIs are sometimes intentional), so flagged as low, but the near-total absence of strictness combined with the broad Create/Update surface is worth a conscious decision rather than an accident.
|
||||||
|
- **fix:** Decide on a policy: either keep lenient (document it) or adopt `z.strictObject` for Create/Update bodies to catch client mistakes early. If adopting strict, do it via the shared pattern so it is uniform; watch for fields the frontend sends but the schema omits (audit before flipping).
|
||||||
|
|
||||||
|
### 79. [LOW/needs-judgment] Duplicated ScopeSection/Item sub-schemas across offers/orders/scope-templates
|
||||||
|
- **dimension:** schemas
|
||||||
|
- **where:** src/schemas/offers.schema.ts:3-39 (QuotationItemSchema, ScopeSectionSchema); src/schemas/orders.schema.ts:3-39 (OrderItemSchema, OrderSectionSchema); src/schemas/scope-templates.schema.ts:3-11 (ScopeSectionSchema); src/schemas/invoices.schema.ts:3-34 (InvoiceItemSchema)
|
||||||
|
- **problem:** QuotationItemSchema (offers:3-28) and OrderItemSchema (orders:3-28) are byte-for-byte identical. OrderSectionSchema (orders:30-39), ScopeSectionSchema (offers:30-39) and ScopeSectionSchema (scope-templates:3-11) are the same shape (title/title_cz/content/position) duplicated three times. These line/quote/section structures are the same domain concept reimplemented per file, so a change to e.g. position validation must be made in 3-4 places.
|
||||||
|
- **fix:** Extract a shared `LineItemSchema` and `ScopeSectionSchema` (e.g. in common.ts or a schemas/shared.ts) and import them. Note invoices.schema.ts:6-12 deliberately diverges (throws on quantity<=0), so keep that one specialized or make the shared schema configurable.
|
||||||
|
|
||||||
|
### 80. [LOW/needs-judgment] buildApp and token helpers duplicated instead of reusing helpers.ts
|
||||||
|
- **dimension:** tests part2b
|
||||||
|
- **where:** src/__tests__/helpers.ts:7; src/__tests__/warehouse.test.ts:26; src/__tests__/plan.test.ts:649
|
||||||
|
- **problem:** helpers.ts exports buildApp for auth and totp routes only. warehouse.test.ts and plan.test.ts each redefine their own buildApp, generateToken, and auth header helpers with slightly different setup, since warehouse adds securityHeaders and helpers does not. The token-minting and app-bootstrap logic now lives in three places and will drift, and a token minted wrong in one file is not caught by the others.
|
||||||
|
- **fix:** Extract a shared buildApp that takes routes and options plus one token and auth-header helper into helpers.ts and import everywhere, then re-run the full suite since it changes test bootstrap.
|
||||||
|
|
||||||
|
### 81. [LOW/safe-auto] Test named soft delete actually asserts a hard delete that its own comment flags as buggy
|
||||||
|
- **dimension:** tests part2b
|
||||||
|
- **where:** src/__tests__/warehouse.test.ts:630; src/__tests__/warehouse.test.ts:637
|
||||||
|
- **problem:** The test titled deactivates an item soft delete asserts a 404 after delete. Its own comment at lines 636 to 638 notes that the route hard-deletes the row and calls this inconsistent with the supplier soft-delete pattern, so the misleading name hides the discrepancy from future readers.
|
||||||
|
- **fix:** Rename the test to hard-deletes an item, and if soft-delete is the intended contract convert it to a todo or expected-fail test documenting the desired behaviour. Confirm the decision with the team.
|
||||||
|
|
||||||
|
### 82. [LOW/needs-judgment] `Record<string, any>` / untyped record builders in attendance PDF/HTML construction
|
||||||
|
- **dimension:** ts-safety
|
||||||
|
- **where:** src/admin/hooks/useAttendanceAdmin.ts:350; src/admin/hooks/useAttendanceAdmin.ts:382; src/admin/hooks/useAttendanceAdmin.ts:397; src/admin/hooks/useAttendanceAdmin.ts:598; src/services/offers.service.ts:49; src/services/orders.service.ts:41
|
||||||
|
- **problem:** Several HTML/PDF/total-calculation builders take `Record<string, any>` and iterate with `(log: any)`/`(i: any)` (useAttendanceAdmin buildUserSectionHtml/recordsByDate; offers `enrichQuotation`, orders `enrichOrder`). These produce HTML that is interpolated into PDF/print output, so an `any`-typed field that is unexpectedly an object or undefined can render `[object Object]` or `NaN` totals with no compile-time signal. Lower severity than the auth bug because output is internal documents, but it is the broadest untyped surface after the plan stack.
|
||||||
|
- **fix:** Define narrow input interfaces for the attendance record and quotation/order item shapes (the Prisma row types or the existing schemas can be reused) and replace the `Record<string, any>` parameters. At minimum type the `.map`/`.reduce` callbacks (`i`, `log`) with the item type to catch field-name and numeric-coercion mistakes.
|
||||||
|
|
||||||
|
### 83. [LOW/safe-auto] `category: input.category as any` casts bypass the Prisma category column type
|
||||||
|
- **dimension:** ts-safety
|
||||||
|
- **where:** src/services/plan.service.ts:451; src/services/plan.service.ts:518; src/services/plan.service.ts:639; src/services/plan.service.ts:710
|
||||||
|
- **problem:** Four `create`/`update` calls cast `input.category` (a plain `string`) to `any` to satisfy the Prisma `category` column type. Validity is enforced at runtime via `assertActiveCategory` (a DB lookup), so it's not unsafe in practice, but the `as any` discards the compiler's check and would also silence a future schema type change for this column.
|
||||||
|
- **fix:** If the Prisma column is an enum, cast to that specific enum type (e.g. `Prisma.$Enums.<Name>`) instead of `any`; if it is a `String` column, the cast is unnecessary and can be removed. Either way avoid `as any` so the field stays type-checked.
|
||||||
|
|
||||||
|
### 84. [LOW/manual] `request.authData!` non-null assertions: acceptable post-auth pattern (no action)
|
||||||
|
- **dimension:** ts-safety
|
||||||
|
- **where:** src/routes/admin/attendance.ts:30; src/middleware/auth.ts:44; src/routes/admin/plan.ts:119; src/routes/admin/warehouse.ts:1066; src/routes/admin/quotations.ts:139
|
||||||
|
- **problem:** Non-null assertions are widespread but almost entirely `request.authData!` inside handlers guarded by `requirePermission`/`requireAuth`, plus `result.error!`/`result.status!` after an `"error" in result` narrowing. These are correct given the middleware contract; the Fastify `authData` is declared optional on the request type but is always populated after the auth preHandler. Flagging only to note it was reviewed and is intentional, not a defect.
|
||||||
|
- **fix:** No change required. If you want to eliminate the `authData!` assertions, declare an `AuthenticatedRequest` type (or a module augmentation making `authData` required) for routes mounted behind the auth hook, so the `!` becomes unnecessary. Optional, cosmetic.
|
||||||
|
|
||||||
450
docs/superpowers/specs/2026-06-05-plan-praci-design.md
Normal file
450
docs/superpowers/specs/2026-06-05-plan-praci-design.md
Normal file
@@ -0,0 +1,450 @@
|
|||||||
|
# Plán prací (Work Schedule) Module Design
|
||||||
|
|
||||||
|
**Date:** 2026-06-05
|
||||||
|
**Status:** Approved
|
||||||
|
**Module:** Work schedule / Rozpis prací for boha-app-ts
|
||||||
|
|
||||||
|
---
|
||||||
|
|
||||||
|
## Overview
|
||||||
|
|
||||||
|
A new module under the "Docházka" sidebar section that lets a foreman plan
|
||||||
|
each employee's work on a per-day basis, weeks or months in advance, and lets
|
||||||
|
every employee see what they (and the team) are supposed to be doing on any
|
||||||
|
given day.
|
||||||
|
|
||||||
|
The reference for the UX is `simon/plan_boha.pdf` — a hand-rolled Excel grid
|
||||||
|
with employees as columns and dates as rows, each cell holding a free-text
|
||||||
|
task description. The module replaces that spreadsheet with a live, audited,
|
||||||
|
permission-aware grid in the existing admin app.
|
||||||
|
|
||||||
|
A plan entry is **what should happen**. It is intentionally separate from
|
||||||
|
attendance (which records **what actually happened**). The two are not
|
||||||
|
auto-linked.
|
||||||
|
|
||||||
|
---
|
||||||
|
|
||||||
|
## Requirements
|
||||||
|
|
||||||
|
### Core
|
||||||
|
|
||||||
|
- Plan entries are stored as **date ranges** (e.g. "PLC upgrade VW USA"
|
||||||
|
from 8.6. to 26.6.), with an optional **per-day override** for the rare
|
||||||
|
case where one day in a range is different (e.g. "Volno po noční").
|
||||||
|
- Each entry has:
|
||||||
|
- `user_id` — the employee this plan is for.
|
||||||
|
- `date_from` / `date_to` — inclusive range.
|
||||||
|
- `project_id` — **optional** FK to the existing `projects` table.
|
||||||
|
- `category` — enum (see below), drives color-coding and reports.
|
||||||
|
- `note` — required free-text task description (max 500 chars).
|
||||||
|
- The project dropdown is populated from the existing `projects` table.
|
||||||
|
No new "task" or "sub-project" entity — the note is the human-readable
|
||||||
|
task description.
|
||||||
|
- A cell can be empty (unassigned / not planned). An empty cell is also
|
||||||
|
clickable for admins — opens the create-entry modal.
|
||||||
|
- A `work_plan_overrides` row covers a single `(user, date)` and takes
|
||||||
|
precedence over the range that would otherwise cover that day.
|
||||||
|
|
||||||
|
### Effective-cell resolution (runtime)
|
||||||
|
|
||||||
|
To compute the cell for user `U` on date `D`:
|
||||||
|
|
||||||
|
1. Look up `work_plan_overrides` for `(U, D)`. If present, use it.
|
||||||
|
2. Otherwise, look up `work_plan_entries` where `user_id = U` and
|
||||||
|
`date_from <= D <= date_to`. If multiple match, return the
|
||||||
|
**last-created** one and write a warning to the audit log.
|
||||||
|
3. Otherwise, the cell is empty.
|
||||||
|
|
||||||
|
### Editing rules
|
||||||
|
|
||||||
|
- **Lock past, free future.** Cells with `shift_date < today` are
|
||||||
|
read-only. Admins can override with `?force=1` on the API; the
|
||||||
|
override is recorded in the audit log.
|
||||||
|
- Today and future are always editable for users with `attendance.manage`.
|
||||||
|
- The modal offers three actions when editing a cell inside an existing
|
||||||
|
range:
|
||||||
|
- "Upravit celý rozsah" — edit the range.
|
||||||
|
- "Upravit pouze tento den" — creates an override.
|
||||||
|
- "Zrušit přiřazení tohoto dne" — creates an override with
|
||||||
|
`category = 'other'` and empty note, leaving the cell empty for
|
||||||
|
that day only.
|
||||||
|
|
||||||
|
### Categories
|
||||||
|
|
||||||
|
A new enum `plan_category` for color-coding and reports:
|
||||||
|
|
||||||
|
| Value | Czech label | Cell color hint |
|
||||||
|
| ------------- | -------------- | --------------- |
|
||||||
|
| `work` | Práce | blue |
|
||||||
|
| `preparation` | Příprava | teal |
|
||||||
|
| `travel` | Cesta / Montáž | amber |
|
||||||
|
| `leave` | Dovolená | green |
|
||||||
|
| `sick` | Nemoc | red |
|
||||||
|
| `training` | Školení | purple |
|
||||||
|
| `other` | Jiné | gray |
|
||||||
|
|
||||||
|
Plan overrides for leave/sick are **informational only**. They do not
|
||||||
|
create or modify `leave_requests` or `attendance` rows. Employees still
|
||||||
|
file leave through the existing `Žádosti` flow.
|
||||||
|
|
||||||
|
### Visibility & permissions
|
||||||
|
|
||||||
|
- **Single sidebar entry** under Docházka: `Plán prací` → `/attendance/plan`.
|
||||||
|
- The sidebar entry is gated by `attendance.manage || attendance.record`
|
||||||
|
(mirrors the existing `Žádosti` entry).
|
||||||
|
- The page is **one** (`PlanWork.tsx`):
|
||||||
|
- If `useAuth().hasPermission('attendance.manage')` → editor mode
|
||||||
|
(grid + edit modal + create/edit/delete affordances).
|
||||||
|
- Otherwise → view-only mode (same grid, read-only detail modal).
|
||||||
|
- All endpoints require `attendance.manage` for writes, and either
|
||||||
|
`attendance.manage` or `attendance.record` for reads. Employees
|
||||||
|
with `attendance.record` are scoped server-side to their own
|
||||||
|
`user_id` for any direct row read; the grid endpoint handles the
|
||||||
|
scoping transparently.
|
||||||
|
- Admin role bypasses all permission checks (existing behavior).
|
||||||
|
|
||||||
|
### Grid
|
||||||
|
|
||||||
|
- Default view is **week** (T23, T24, T25 … matches the PDF's week
|
||||||
|
numbering). A toggle at the top switches to **month** view.
|
||||||
|
- The grid is `employees × dates`. Columns are ordered by
|
||||||
|
role/team first, then alphabetically by name.
|
||||||
|
- Columns are users with the `attendance.record` permission (which
|
||||||
|
includes admin). A "Aktivní" toggle in the toolbar lets the planner
|
||||||
|
hide inactive users.
|
||||||
|
- Each cell shows: a colored chip for the category, the project name
|
||||||
|
(if any) in bold, and the note underneath. Empty cells are blank.
|
||||||
|
- Weekend cells have a subtle yellow background tint to match the
|
||||||
|
PDF's "So 6.6. ★" rows.
|
||||||
|
- Read-only employees see the same grid, but cells are non-clickable
|
||||||
|
for editing. A click opens a read-only detail modal showing project,
|
||||||
|
category, note, "Vytvořil: <user> · <date>" (the entry's
|
||||||
|
`created_by`), and (if the cell is part of a range) "Patří do
|
||||||
|
rozsahu: <date_from> – <date_to>".
|
||||||
|
|
||||||
|
### Audit
|
||||||
|
|
||||||
|
Every create/update/delete of `work_plan_entries` and
|
||||||
|
`work_plan_overrides` writes a row to `audit_logs` with
|
||||||
|
`entity_type = 'work_plan_entry' | 'work_plan_override'` and full
|
||||||
|
`old_values` / `new_values` JSON, following the same pattern as
|
||||||
|
`attendance` and `projects`. The `?force=1` past-edit override is
|
||||||
|
recorded in the description field.
|
||||||
|
|
||||||
|
### Non-goals (out of scope for v1)
|
||||||
|
|
||||||
|
- No automatic link to attendance (plan stays independent).
|
||||||
|
- No time-slot granularity (full days only).
|
||||||
|
- No shift / payroll calculation.
|
||||||
|
- No drag-fill on the grid.
|
||||||
|
- No "task list" entity — projects and free text only.
|
||||||
|
- No notification/email when a plan is changed.
|
||||||
|
- No browser tests (the codebase has none; manual verification in dev).
|
||||||
|
|
||||||
|
---
|
||||||
|
|
||||||
|
## Architecture
|
||||||
|
|
||||||
|
### Module placement
|
||||||
|
|
||||||
|
- New module under the **Docházka** sidebar section.
|
||||||
|
- Reuses the existing `attendance.shift_date` concept (date column on
|
||||||
|
the `attendance` table) — the planner lives next to the calendar it
|
||||||
|
informs.
|
||||||
|
- No "administrativa" module exists; the sidebar "Administrativa"
|
||||||
|
section is the commercial back-office (offers, orders, invoices,
|
||||||
|
projects, customers) and is not the right home for HR-style planning.
|
||||||
|
|
||||||
|
### File layout
|
||||||
|
|
||||||
|
```
|
||||||
|
src/
|
||||||
|
├── routes/admin/plan.ts # Fastify routes
|
||||||
|
├── services/plan.service.ts # Business logic
|
||||||
|
├── schemas/plan.schema.ts # Zod validation
|
||||||
|
└── __tests__/plan.test.ts # Vitest + Supertest tests
|
||||||
|
|
||||||
|
src/admin/
|
||||||
|
├── pages/PlanWork.tsx # The single page (editor or view-only)
|
||||||
|
├── hooks/usePlanWork.ts # State, modal, mutations
|
||||||
|
├── lib/queries/plan.ts # React Query queryOptions
|
||||||
|
└── components/
|
||||||
|
├── PlanGrid.tsx # Week/month grid (shared by both modes)
|
||||||
|
├── PlanCellModal.tsx # Edit modal (create / edit-range / override)
|
||||||
|
├── PlanCellDetailModal.tsx # Read-only detail modal
|
||||||
|
├── PlanRangeChips.tsx # Cell content chip with category color
|
||||||
|
└── plan.css # Module-specific styles only
|
||||||
|
```
|
||||||
|
|
||||||
|
The new CSS file holds only category color helpers and grid-specific
|
||||||
|
overrides. All form/modal/table styling reuses existing classes
|
||||||
|
(`.admin-table`, `.admin-table-sticky`, `FormField`, `FormModal`,
|
||||||
|
`ConfirmModal`, `AdminDatePicker`, etc.) — no new design tokens.
|
||||||
|
|
||||||
|
### React Query keys
|
||||||
|
|
||||||
|
Per the project's "invalidate the full domain" convention:
|
||||||
|
|
||||||
|
- `['plan', 'grid', { dateFrom, dateTo, view }]`
|
||||||
|
- `['plan', 'entries', { userId, dateFrom, dateTo }]`
|
||||||
|
- `['plan', 'overrides', { userId, dateFrom, dateTo }]`
|
||||||
|
- `['plan', 'users']`
|
||||||
|
|
||||||
|
A mutation on any plan row invalidates `['plan']` (covers all four
|
||||||
|
sub-queries by prefix match).
|
||||||
|
|
||||||
|
---
|
||||||
|
|
||||||
|
## Database Schema
|
||||||
|
|
||||||
|
### New enum
|
||||||
|
|
||||||
|
```prisma
|
||||||
|
enum plan_category {
|
||||||
|
work
|
||||||
|
preparation
|
||||||
|
travel
|
||||||
|
leave
|
||||||
|
sick
|
||||||
|
training
|
||||||
|
other
|
||||||
|
}
|
||||||
|
```
|
||||||
|
|
||||||
|
### New table: `work_plan_entries`
|
||||||
|
|
||||||
|
| Column | Type | Notes |
|
||||||
|
| ------------ | ------------------------ | ------------------------------------------------------- |
|
||||||
|
| `id` | int PK autoincrement | |
|
||||||
|
| `user_id` | int FK → `users(id)` | NOT NULL, indexed |
|
||||||
|
| `date_from` | Date | NOT NULL — first day of the range |
|
||||||
|
| `date_to` | Date | NOT NULL — last day of the range, must be ≥ `date_from` |
|
||||||
|
| `project_id` | int? FK → `projects(id)` | nullable — unlinked text entries are allowed |
|
||||||
|
| `category` | enum `plan_category` | NOT NULL, default `'work'` |
|
||||||
|
| `note` | varchar(500) | NOT NULL — free-text task description |
|
||||||
|
| `created_by` | int FK → `users(id)` | who entered it |
|
||||||
|
| `created_at` | DateTime | Prisma default `now()` |
|
||||||
|
| `updated_at` | DateTime | Prisma default `now()` |
|
||||||
|
| `is_deleted` | bool? default false | soft-delete |
|
||||||
|
|
||||||
|
Indexes:
|
||||||
|
|
||||||
|
- `(user_id, date_from)`
|
||||||
|
- `(user_id, date_to)`
|
||||||
|
- `(project_id)`
|
||||||
|
- `(date_from, date_to)` — for cross-user queries like
|
||||||
|
"what's planned for project X this month?"
|
||||||
|
|
||||||
|
### New table: `work_plan_overrides`
|
||||||
|
|
||||||
|
| Column | Type | Notes |
|
||||||
|
| ------------ | ------------------------ | ------------------------------------------------- |
|
||||||
|
| `id` | int PK autoincrement | |
|
||||||
|
| `user_id` | int FK → `users(id)` | NOT NULL, indexed |
|
||||||
|
| `shift_date` | Date | NOT NULL — the one day being overridden |
|
||||||
|
| `project_id` | int? FK → `projects(id)` | nullable |
|
||||||
|
| `category` | enum `plan_category` | NOT NULL — usually `'leave'`, `'sick'`, `'other'` |
|
||||||
|
| `note` | varchar(500) | NOT NULL |
|
||||||
|
| `created_by` | int FK → `users(id)` | |
|
||||||
|
| `created_at` | DateTime | |
|
||||||
|
| `updated_at` | DateTime | |
|
||||||
|
| `is_deleted` | bool? default false | soft-delete |
|
||||||
|
|
||||||
|
Indexes:
|
||||||
|
|
||||||
|
- **Unique** `(user_id, shift_date)` — exactly one non-deleted
|
||||||
|
override per user-day. MySQL unique indexes don't ignore
|
||||||
|
soft-deleted rows, so the service layer enforces "at most one
|
||||||
|
active override per `(user_id, shift_date)`" in application code
|
||||||
|
(the database unique constraint exists as a final safety net and
|
||||||
|
may be temporarily violated by soft-deleted rows, which is
|
||||||
|
acceptable). When restoring a soft-deleted override, the service
|
||||||
|
re-validates that no active override exists for the same day.
|
||||||
|
- `(shift_date)` — for cross-user "what's overridden today" queries.
|
||||||
|
|
||||||
|
### Read semantics (recap)
|
||||||
|
|
||||||
|
For user `U` and date `D`, the "effective" cell is:
|
||||||
|
|
||||||
|
1. Override `(U, D)` if it exists and is not soft-deleted.
|
||||||
|
2. Otherwise the latest `work_plan_entry` whose range covers `D`
|
||||||
|
for user `U` and is not soft-deleted. If multiple match, pick
|
||||||
|
the latest by `created_at` and write a warning to `audit_logs`.
|
||||||
|
3. Otherwise, empty.
|
||||||
|
|
||||||
|
---
|
||||||
|
|
||||||
|
## API Surface
|
||||||
|
|
||||||
|
REST endpoints under `/api/admin/plan`. All routes use the existing
|
||||||
|
Zod-validated, `requirePermission`, `success`/`error` helpers, and
|
||||||
|
`logAudit` pattern. Czech error messages, following project convention.
|
||||||
|
|
||||||
|
| Method | Path | Permission | Body / Query | Returns |
|
||||||
|
| ------ | --------------------- | -------------------------------------------------------------------- | -------------------------------------------------------------- | -------------------------------------------------------------- |
|
||||||
|
| GET | `/plan/grid` | `attendance.manage` OR `attendance.record` | `?date_from=&date_to=&view=week\|month` (range ≤ 92 days) | `{ days, users, cells }` — effective cells ready to render |
|
||||||
|
| GET | `/plan/entries` | `attendance.manage` OR `attendance.record` (employee scoped to self) | `?user_id=&date_from=&date_to=` | raw `work_plan_entries` rows in range |
|
||||||
|
| GET | `/plan/overrides` | `attendance.manage` OR `attendance.record` (employee scoped to self) | `?user_id=&date_from=&date_to=` | raw `work_plan_overrides` rows in range |
|
||||||
|
| GET | `/plan/users` | `attendance.manage` OR `attendance.record` | — | users with `attendance.record`, ordered by role/team then name |
|
||||||
|
| POST | `/plan/entries` | `attendance.manage` | `{ user_id, date_from, date_to, project_id?, category, note }` | created entry |
|
||||||
|
| PATCH | `/plan/entries/:id` | `attendance.manage` | partial of create body | updated entry |
|
||||||
|
| DELETE | `/plan/entries/:id` | `attendance.manage` | `?force=1` to bypass past-date lock | `{ ok: true }` (soft-delete) |
|
||||||
|
| POST | `/plan/overrides` | `attendance.manage` | `{ user_id, shift_date, project_id?, category, note }` | created override |
|
||||||
|
| PATCH | `/plan/overrides/:id` | `attendance.manage` | partial of create body | updated override |
|
||||||
|
| DELETE | `/plan/overrides/:id` | `attendance.manage` | `?force=1` | `{ ok: true }` (soft-delete) |
|
||||||
|
| GET | `/plan/audit` | `settings.audit` | `?entity_type=&entity_id=` | audit log entries for a row |
|
||||||
|
|
||||||
|
### Past-date lock
|
||||||
|
|
||||||
|
Server-enforced. POST/PATCH/DELETE with any `shift_date` / `date_from`
|
||||||
|
in the past returns 403 with a Czech error message:
|
||||||
|
|
||||||
|
```
|
||||||
|
Nelze upravovat plán pro datum v minulosti. Pro nouzovou opravu použijte ?force=1.
|
||||||
|
```
|
||||||
|
|
||||||
|
With `?force=1` and `attendance.manage`, the operation succeeds and
|
||||||
|
the audit log records `description = 'force-edit past date'`.
|
||||||
|
|
||||||
|
### Employee scoping
|
||||||
|
|
||||||
|
`GET /plan/entries` and `GET /plan/overrides` accept `?user_id=`. For
|
||||||
|
a user with only `attendance.record`, the service silently overrides
|
||||||
|
the query to scope to `user_id = auth.user.id`. The grid endpoint
|
||||||
|
returns the same data either way (employees see the full grid in
|
||||||
|
view-only mode).
|
||||||
|
|
||||||
|
---
|
||||||
|
|
||||||
|
## Frontend Detail
|
||||||
|
|
||||||
|
### `PlanWork.tsx`
|
||||||
|
|
||||||
|
- Mounts and calls `useAuth()`. If `hasPermission('attendance.manage')`
|
||||||
|
→ editor state. Otherwise → view-only state.
|
||||||
|
- Renders the toolbar (view toggle, date navigator, active-toggle,
|
||||||
|
print) and `PlanGrid`.
|
||||||
|
- Owns the modal state machine for `PlanCellModal` (editor) or
|
||||||
|
`PlanCellDetailModal` (view).
|
||||||
|
|
||||||
|
### `PlanGrid.tsx`
|
||||||
|
|
||||||
|
- Pure presentational. Takes `users`, `days`, `cells` as props.
|
||||||
|
- Renders a `<table>` with sticky first column (date) and sticky
|
||||||
|
header (employee names).
|
||||||
|
- Each cell is a `<button>` (admin) or `<div>` (view-only) with the
|
||||||
|
colored chip + note.
|
||||||
|
- Calls `onCellClick(userId, date)` for the parent to open the modal.
|
||||||
|
- Reuses `.admin-table` and `.admin-table-sticky` from existing
|
||||||
|
stylesheets.
|
||||||
|
|
||||||
|
### `PlanCellModal.tsx` (editor)
|
||||||
|
|
||||||
|
Three modes, decided by what the user clicked:
|
||||||
|
|
||||||
|
- **Create** — empty cell. Fields: `user_id` (locked to clicked user,
|
||||||
|
can be switched), `date_from` (default = clicked date), `date_to`
|
||||||
|
(default = clicked date; "Jeden den" / "Rozsah dnů" toggle),
|
||||||
|
`project_id` (dropdown, populated from `projects`, nullable),
|
||||||
|
`category` (select), `note` (textarea, required).
|
||||||
|
- **Edit range** — cell is part of an existing range. Loads the
|
||||||
|
full range into the form. "Upravit celý rozsah" button is the
|
||||||
|
primary action.
|
||||||
|
- **Edit day in range** — cell is part of a range. Three buttons:
|
||||||
|
"Upravit celý rozsah" / "Upravit pouze tento den" /
|
||||||
|
"Zrušit přiřazení tohoto dne".
|
||||||
|
- **Edit single-day override** — cell is itself a `work_plan_overrides`
|
||||||
|
row. Standard edit form.
|
||||||
|
- Bottom: delete button (with `ConfirmModal`).
|
||||||
|
|
||||||
|
### `PlanCellDetailModal.tsx` (view-only)
|
||||||
|
|
||||||
|
Read-only. Shows project, category, note, "Vytvořil: <full name of
|
||||||
|
`created_by`> · <`created_at` in local Czech time>", and (if the
|
||||||
|
cell is part of a range) "Patří do rozsahu: <date_from> – <date_to>".
|
||||||
|
For override cells, the "Vytvořil" line refers to the override's own
|
||||||
|
`created_by` (not the parent range's). No edit, no delete.
|
||||||
|
|
||||||
|
### `usePlanWork.ts`
|
||||||
|
|
||||||
|
Owns:
|
||||||
|
|
||||||
|
- `view: 'week' | 'month'`, `anchorDate`, `filterActive`
|
||||||
|
- `effectiveCells` from `['plan', 'grid']` query
|
||||||
|
- `entries` and `overrides` for the cell being edited
|
||||||
|
- `modalState: { mode, userId, date, entryId?, overrideId? }`
|
||||||
|
- `createEntry`, `updateEntry`, `deleteEntry`,
|
||||||
|
`createOverride`, `updateOverride`, `deleteOverride` —
|
||||||
|
React Query mutations that invalidate `['plan']`.
|
||||||
|
|
||||||
|
---
|
||||||
|
|
||||||
|
## Migration
|
||||||
|
|
||||||
|
Single new migration:
|
||||||
|
|
||||||
|
`prisma/migrations/<timestamp>_add_work_plan/`
|
||||||
|
|
||||||
|
- `migration.sql`:
|
||||||
|
1. `CREATE TABLE work_plan_entries (...)` with columns and indexes.
|
||||||
|
2. `CREATE TABLE work_plan_overrides (...)` with columns and indexes.
|
||||||
|
3. `CREATE TYPE plan_category` (or in-table enum, per Prisma's
|
||||||
|
MySQL output).
|
||||||
|
|
||||||
|
No data migration. No `seed.ts` change. No new permission keys.
|
||||||
|
|
||||||
|
---
|
||||||
|
|
||||||
|
## Testing
|
||||||
|
|
||||||
|
`src/__tests__/plan.test.ts` — Vitest + Supertest against the real
|
||||||
|
test database (`.env.test`):
|
||||||
|
|
||||||
|
1. **Effective-cell resolution** — range + override returns the
|
||||||
|
override for that day, the range for the other days, `null`
|
||||||
|
for uncovered days.
|
||||||
|
2. **Past-date lock** — POST with `date_from < today` returns 403
|
||||||
|
for users without `attendance.manage`; allowed with `?force=1`
|
||||||
|
for users with `attendance.manage`; audit log records the force.
|
||||||
|
3. **Employee self-view scoping** — employee with `attendance.record`
|
||||||
|
calling `GET /plan/entries?user_id=<other>` is scoped to self.
|
||||||
|
4. **Soft-delete + is_deleted** — deleted rows are excluded from
|
||||||
|
`/plan/grid` but kept in `/plan/audit`.
|
||||||
|
5. **Project FK nullability** — entries with `project_id = null`
|
||||||
|
and `category = 'leave'` are valid and render correctly.
|
||||||
|
6. **Range overlap** — two ranges for the same `(user, day)` does
|
||||||
|
not error; the latest one wins; a warning is logged.
|
||||||
|
7. **Audit log on every write** — POST/PATCH/DELETE each insert
|
||||||
|
exactly one `audit_logs` row with `entity_type`,
|
||||||
|
`old_values`, `new_values`.
|
||||||
|
|
||||||
|
---
|
||||||
|
|
||||||
|
## Release Plan
|
||||||
|
|
||||||
|
1. Bump `package.json` version (minor, since new module).
|
||||||
|
2. `npm run build` — confirm clean compile.
|
||||||
|
3. Commit + push to Gitea.
|
||||||
|
4. Tarball + deploy to production via the existing release script
|
||||||
|
(per `CLAUDE.md` "Release Process" section).
|
||||||
|
5. `npx prisma migrate deploy` on prod.
|
||||||
|
6. `pm2 restart app-ts --update-env`.
|
||||||
|
7. Smoke test: log in, open Docházka → Plán prací, add a one-day
|
||||||
|
entry for yourself, reload, confirm it shows.
|
||||||
|
|
||||||
|
The deployment follows the same pattern as the warehouse module
|
||||||
|
release (see commit `5233db2` and the `2026-05-29-warehouse-module`
|
||||||
|
spec for reference).
|
||||||
|
|
||||||
|
---
|
||||||
|
|
||||||
|
## Open items / future work
|
||||||
|
|
||||||
|
- Month view polish if the toggle proves popular.
|
||||||
|
- Drag-fill on the grid (out of scope for v1).
|
||||||
|
- Optional tie-in to attendance: pre-fill `notes` on
|
||||||
|
`AttendanceCreate` from today's plan (read-only hint). Not
|
||||||
|
pursued in v1.
|
||||||
|
- "Patří do rozsahu" link in the detail modal: clickable
|
||||||
|
jump to the range's full detail.
|
||||||
|
- Per-team filtering (if a "team" concept is added to `users` later).
|
||||||
941
package-lock.json
generated
941
package-lock.json
generated
File diff suppressed because it is too large
Load Diff
11
package.json
11
package.json
@@ -1,6 +1,6 @@
|
|||||||
{
|
{
|
||||||
"name": "app-ts",
|
"name": "app-ts",
|
||||||
"version": "1.4.5",
|
"version": "1.9.6",
|
||||||
"description": "",
|
"description": "",
|
||||||
"main": "dist/server.js",
|
"main": "dist/server.js",
|
||||||
"scripts": {
|
"scripts": {
|
||||||
@@ -17,7 +17,11 @@
|
|||||||
"db:push": "prisma db push",
|
"db:push": "prisma db push",
|
||||||
"db:studio": "prisma studio",
|
"db:studio": "prisma studio",
|
||||||
"test": "vitest run",
|
"test": "vitest run",
|
||||||
"test:watch": "vitest"
|
"test:watch": "vitest",
|
||||||
|
"seed": "tsx prisma/seed.ts"
|
||||||
|
},
|
||||||
|
"prisma": {
|
||||||
|
"seed": "tsx prisma/seed.ts"
|
||||||
},
|
},
|
||||||
"keywords": [],
|
"keywords": [],
|
||||||
"author": "",
|
"author": "",
|
||||||
@@ -34,6 +38,8 @@
|
|||||||
"@fastify/rate-limit": "^10.3.0",
|
"@fastify/rate-limit": "^10.3.0",
|
||||||
"@fastify/static": "^9.0.0",
|
"@fastify/static": "^9.0.0",
|
||||||
"@prisma/client": "^6.19.2",
|
"@prisma/client": "^6.19.2",
|
||||||
|
"@tanstack/react-query": "^5.100.5",
|
||||||
|
"@types/jsdom": "^28.0.1",
|
||||||
"bcryptjs": "^3.0.3",
|
"bcryptjs": "^3.0.3",
|
||||||
"date-fns": "^4.1.0",
|
"date-fns": "^4.1.0",
|
||||||
"dompurify": "^3.3.3",
|
"dompurify": "^3.3.3",
|
||||||
@@ -42,6 +48,7 @@
|
|||||||
"file-type": "^16.5.4",
|
"file-type": "^16.5.4",
|
||||||
"framer-motion": "^12.38.0",
|
"framer-motion": "^12.38.0",
|
||||||
"hi-base32": "^0.5.1",
|
"hi-base32": "^0.5.1",
|
||||||
|
"jsdom": "^29.0.2",
|
||||||
"jsonwebtoken": "^9.0.3",
|
"jsonwebtoken": "^9.0.3",
|
||||||
"leaflet": "^1.9.4",
|
"leaflet": "^1.9.4",
|
||||||
"node-cron": "^4.2.1",
|
"node-cron": "^4.2.1",
|
||||||
|
|||||||
@@ -1,2 +0,0 @@
|
|||||||
-- Add billing_text column to invoices table
|
|
||||||
ALTER TABLE `invoices` ADD COLUMN `billing_text` VARCHAR(500) NULL AFTER `issued_by`;
|
|
||||||
@@ -1,3 +0,0 @@
|
|||||||
-- Add lock fields to quotations table for pessimistic locking
|
|
||||||
ALTER TABLE `quotations` ADD COLUMN `locked_by` INT NULL AFTER `scope_description`;
|
|
||||||
ALTER TABLE `quotations` ADD COLUMN `locked_at` DATETIME NULL AFTER `locked_by`;
|
|
||||||
@@ -1,9 +0,0 @@
|
|||||||
CREATE TABLE `invoice_alert_log` (
|
|
||||||
`id` INT NOT NULL AUTO_INCREMENT,
|
|
||||||
`invoice_type` VARCHAR(20) NOT NULL,
|
|
||||||
`invoice_id` INT NOT NULL,
|
|
||||||
`alert_type` VARCHAR(20) NOT NULL,
|
|
||||||
`sent_at` DATETIME(0) NOT NULL DEFAULT CURRENT_TIMESTAMP,
|
|
||||||
PRIMARY KEY (`id`),
|
|
||||||
UNIQUE KEY `invoice_type_invoice_id_alert_type` (`invoice_type`, `invoice_id`, `alert_type`)
|
|
||||||
) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4;
|
|
||||||
@@ -1 +0,0 @@
|
|||||||
ALTER TABLE `invoices` ADD COLUMN `language` VARCHAR(5) DEFAULT 'cs' AFTER `billing_text`;
|
|
||||||
@@ -1,2 +0,0 @@
|
|||||||
-- Add file_path column for NAS storage of received invoice files
|
|
||||||
ALTER TABLE `received_invoices` ADD COLUMN `file_path` VARCHAR(500) NULL AFTER `file_data`;
|
|
||||||
@@ -1,4 +0,0 @@
|
|||||||
-- Remove file_data (BLOB) and file_path columns — files are now stored on NAS
|
|
||||||
-- Path is derived from year, month, and file_name
|
|
||||||
ALTER TABLE `received_invoices` DROP COLUMN `file_data`;
|
|
||||||
ALTER TABLE `received_invoices` DROP COLUMN `file_path`;
|
|
||||||
@@ -1 +0,0 @@
|
|||||||
ALTER TABLE `company_settings` ADD COLUMN `logo_data_dark` MEDIUMBLOB NULL AFTER `logo_data`;
|
|
||||||
@@ -1,4 +0,0 @@
|
|||||||
ALTER TABLE `company_settings`
|
|
||||||
ADD COLUMN `offer_number_pattern` VARCHAR(100) NULL,
|
|
||||||
ADD COLUMN `order_number_pattern` VARCHAR(100) NULL,
|
|
||||||
ADD COLUMN `invoice_number_pattern` VARCHAR(100) NULL;
|
|
||||||
@@ -1,3 +0,0 @@
|
|||||||
ALTER TABLE `company_settings`
|
|
||||||
ADD COLUMN `smtp_from` VARCHAR(255) NULL,
|
|
||||||
ADD COLUMN `smtp_from_name` VARCHAR(255) NULL;
|
|
||||||
@@ -1,13 +0,0 @@
|
|||||||
-- System settings columns on company_settings
|
|
||||||
ALTER TABLE `company_settings`
|
|
||||||
ADD COLUMN `break_threshold_hours` DECIMAL(4,2) DEFAULT 6,
|
|
||||||
ADD COLUMN `break_duration_short` INT DEFAULT 15,
|
|
||||||
ADD COLUMN `break_duration_long` INT DEFAULT 30,
|
|
||||||
ADD COLUMN `clock_rounding_minutes` INT DEFAULT 15,
|
|
||||||
ADD COLUMN `invoice_alert_email` VARCHAR(255) NULL,
|
|
||||||
ADD COLUMN `leave_notify_email` VARCHAR(255) NULL,
|
|
||||||
ADD COLUMN `max_login_attempts` INT DEFAULT 5,
|
|
||||||
ADD COLUMN `lockout_minutes` INT DEFAULT 15,
|
|
||||||
ADD COLUMN `max_requests_per_minute` INT DEFAULT 300,
|
|
||||||
ADD COLUMN `available_vat_rates` LONGTEXT NULL,
|
|
||||||
ADD COLUMN `available_currencies` LONGTEXT NULL;
|
|
||||||
@@ -1,18 +0,0 @@
|
|||||||
-- Create new unified permission
|
|
||||||
INSERT INTO permissions (name, display_name, description, module)
|
|
||||||
VALUES ('settings.manage', 'Správa nastavení', 'Správa všech nastavení systému', 'settings')
|
|
||||||
ON DUPLICATE KEY UPDATE display_name = VALUES(display_name);
|
|
||||||
|
|
||||||
-- Grant to all roles that had any of the old 3
|
|
||||||
INSERT IGNORE INTO role_permissions (role_id, permission_id)
|
|
||||||
SELECT DISTINCT rp.role_id, (SELECT id FROM permissions WHERE name = 'settings.manage')
|
|
||||||
FROM role_permissions rp
|
|
||||||
JOIN permissions p ON p.id = rp.permission_id
|
|
||||||
WHERE p.name IN ('offers.settings', 'settings.roles', 'settings.security');
|
|
||||||
|
|
||||||
-- Clean up old role_permissions
|
|
||||||
DELETE FROM role_permissions
|
|
||||||
WHERE permission_id IN (SELECT id FROM permissions WHERE name IN ('offers.settings', 'settings.roles', 'settings.security'));
|
|
||||||
|
|
||||||
-- Remove old permissions
|
|
||||||
DELETE FROM permissions WHERE name IN ('offers.settings', 'settings.roles', 'settings.security');
|
|
||||||
@@ -98,6 +98,7 @@ CREATE TABLE `company_settings` (
|
|||||||
`vat_id` VARCHAR(50) NULL,
|
`vat_id` VARCHAR(50) NULL,
|
||||||
`custom_fields` LONGTEXT NULL,
|
`custom_fields` LONGTEXT NULL,
|
||||||
`logo_data` LONGBLOB NULL,
|
`logo_data` LONGBLOB NULL,
|
||||||
|
`logo_data_dark` MEDIUMBLOB NULL,
|
||||||
`quotation_prefix` VARCHAR(20) NULL,
|
`quotation_prefix` VARCHAR(20) NULL,
|
||||||
`default_currency` VARCHAR(10) NULL DEFAULT 'CZK',
|
`default_currency` VARCHAR(10) NULL DEFAULT 'CZK',
|
||||||
`default_vat_rate` DECIMAL(5, 2) NULL DEFAULT 21.00,
|
`default_vat_rate` DECIMAL(5, 2) NULL DEFAULT 21.00,
|
||||||
@@ -108,7 +109,24 @@ CREATE TABLE `company_settings` (
|
|||||||
`order_type_code` VARCHAR(10) NULL,
|
`order_type_code` VARCHAR(10) NULL,
|
||||||
`invoice_type_code` VARCHAR(10) NULL,
|
`invoice_type_code` VARCHAR(10) NULL,
|
||||||
`require_2fa` BOOLEAN NOT NULL DEFAULT false,
|
`require_2fa` BOOLEAN NOT NULL DEFAULT false,
|
||||||
|
`break_threshold_hours` DECIMAL(4, 2) NULL DEFAULT 6.00,
|
||||||
|
`break_duration_short` INTEGER NULL DEFAULT 15,
|
||||||
|
`break_duration_long` INTEGER NULL DEFAULT 30,
|
||||||
|
`clock_rounding_minutes` INTEGER NULL DEFAULT 15,
|
||||||
|
`invoice_alert_email` VARCHAR(255) NULL,
|
||||||
|
`leave_notify_email` VARCHAR(255) NULL,
|
||||||
|
`max_login_attempts` INTEGER NULL DEFAULT 5,
|
||||||
|
`lockout_minutes` INTEGER NULL DEFAULT 15,
|
||||||
|
`max_requests_per_minute` INTEGER NULL DEFAULT 300,
|
||||||
|
`available_vat_rates` LONGTEXT NULL,
|
||||||
|
`available_currencies` LONGTEXT NULL,
|
||||||
|
`smtp_from` VARCHAR(255) NULL,
|
||||||
|
`smtp_from_name` VARCHAR(255) NULL,
|
||||||
|
`offer_number_pattern` VARCHAR(100) NULL,
|
||||||
|
`order_number_pattern` VARCHAR(100) NULL,
|
||||||
|
`invoice_number_pattern` VARCHAR(100) NULL,
|
||||||
|
|
||||||
|
UNIQUE INDEX `company_settings_uuid_key`(`uuid`),
|
||||||
PRIMARY KEY (`id`)
|
PRIMARY KEY (`id`)
|
||||||
) DEFAULT CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci;
|
) DEFAULT CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci;
|
||||||
|
|
||||||
@@ -167,14 +185,18 @@ CREATE TABLE `invoices` (
|
|||||||
`tax_date` DATE NULL,
|
`tax_date` DATE NULL,
|
||||||
`paid_date` DATE NULL,
|
`paid_date` DATE NULL,
|
||||||
`issued_by` VARCHAR(255) NULL,
|
`issued_by` VARCHAR(255) NULL,
|
||||||
|
`billing_text` VARCHAR(500) NULL,
|
||||||
|
`language` VARCHAR(5) NULL DEFAULT 'cs',
|
||||||
`notes` TEXT NULL,
|
`notes` TEXT NULL,
|
||||||
`internal_notes` TEXT NULL,
|
`internal_notes` TEXT NULL,
|
||||||
`created_at` DATETIME(0) NULL DEFAULT CURRENT_TIMESTAMP(0),
|
`created_at` DATETIME(0) NULL DEFAULT CURRENT_TIMESTAMP(0),
|
||||||
`modified_at` DATETIME(0) NULL,
|
`modified_at` DATETIME(0) NULL,
|
||||||
|
|
||||||
|
UNIQUE INDEX `idx_invoices_number_unique`(`invoice_number`),
|
||||||
INDEX `customer_id`(`customer_id`),
|
INDEX `customer_id`(`customer_id`),
|
||||||
INDEX `idx_invoices_due_date`(`due_date`),
|
INDEX `idx_invoices_due_date`(`due_date`),
|
||||||
INDEX `idx_invoices_status_issue`(`status`, `issue_date`),
|
INDEX `idx_invoices_status_issue`(`status`, `issue_date`),
|
||||||
|
INDEX `idx_invoices_status_due`(`status`, `due_date`),
|
||||||
INDEX `order_id`(`order_id`),
|
INDEX `order_id`(`order_id`),
|
||||||
PRIMARY KEY (`id`)
|
PRIMARY KEY (`id`)
|
||||||
) DEFAULT CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci;
|
) DEFAULT CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci;
|
||||||
@@ -239,6 +261,7 @@ CREATE TABLE `number_sequences` (
|
|||||||
`year` INTEGER NULL,
|
`year` INTEGER NULL,
|
||||||
`last_number` INTEGER NULL DEFAULT 0,
|
`last_number` INTEGER NULL DEFAULT 0,
|
||||||
|
|
||||||
|
UNIQUE INDEX `idx_number_sequences_type_year`(`type`, `year`),
|
||||||
PRIMARY KEY (`id`)
|
PRIMARY KEY (`id`)
|
||||||
) DEFAULT CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci;
|
) DEFAULT CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci;
|
||||||
|
|
||||||
@@ -294,6 +317,7 @@ CREATE TABLE `orders` (
|
|||||||
`created_at` DATETIME(0) NULL DEFAULT CURRENT_TIMESTAMP(0),
|
`created_at` DATETIME(0) NULL DEFAULT CURRENT_TIMESTAMP(0),
|
||||||
`modified_at` DATETIME(0) NULL,
|
`modified_at` DATETIME(0) NULL,
|
||||||
|
|
||||||
|
UNIQUE INDEX `idx_orders_number_unique`(`order_number`),
|
||||||
INDEX `customer_id`(`customer_id`),
|
INDEX `customer_id`(`customer_id`),
|
||||||
INDEX `quotation_id`(`quotation_id`),
|
INDEX `quotation_id`(`quotation_id`),
|
||||||
PRIMARY KEY (`id`)
|
PRIMARY KEY (`id`)
|
||||||
@@ -341,6 +365,7 @@ CREATE TABLE `projects` (
|
|||||||
`created_at` DATETIME(0) NULL DEFAULT CURRENT_TIMESTAMP(0),
|
`created_at` DATETIME(0) NULL DEFAULT CURRENT_TIMESTAMP(0),
|
||||||
`modified_at` DATETIME(0) NULL,
|
`modified_at` DATETIME(0) NULL,
|
||||||
|
|
||||||
|
UNIQUE INDEX `projects_project_number_key`(`project_number`),
|
||||||
INDEX `customer_id`(`customer_id`),
|
INDEX `customer_id`(`customer_id`),
|
||||||
INDEX `fk_projects_responsible_user`(`responsible_user_id`),
|
INDEX `fk_projects_responsible_user`(`responsible_user_id`),
|
||||||
INDEX `order_id`(`order_id`),
|
INDEX `order_id`(`order_id`),
|
||||||
@@ -386,10 +411,13 @@ CREATE TABLE `quotations` (
|
|||||||
`status` VARCHAR(20) NOT NULL DEFAULT 'active',
|
`status` VARCHAR(20) NOT NULL DEFAULT 'active',
|
||||||
`scope_title` VARCHAR(500) NULL,
|
`scope_title` VARCHAR(500) NULL,
|
||||||
`scope_description` TEXT NULL,
|
`scope_description` TEXT NULL,
|
||||||
|
`locked_by` INTEGER NULL,
|
||||||
|
`locked_at` DATETIME(0) NULL,
|
||||||
`uuid` VARCHAR(36) NULL,
|
`uuid` VARCHAR(36) NULL,
|
||||||
`modified_at` DATETIME(0) NULL,
|
`modified_at` DATETIME(0) NULL,
|
||||||
`sync_version` INTEGER NULL DEFAULT 0,
|
`sync_version` INTEGER NULL DEFAULT 0,
|
||||||
|
|
||||||
|
UNIQUE INDEX `quotations_quotation_number_key`(`quotation_number`),
|
||||||
INDEX `customer_id`(`customer_id`),
|
INDEX `customer_id`(`customer_id`),
|
||||||
INDEX `idx_quotations_number`(`quotation_number`),
|
INDEX `idx_quotations_number`(`quotation_number`),
|
||||||
PRIMARY KEY (`id`)
|
PRIMARY KEY (`id`)
|
||||||
@@ -411,7 +439,6 @@ CREATE TABLE `received_invoices` (
|
|||||||
`due_date` DATE NULL,
|
`due_date` DATE NULL,
|
||||||
`paid_date` DATE NULL,
|
`paid_date` DATE NULL,
|
||||||
`status` ENUM('unpaid', 'paid') NOT NULL DEFAULT 'unpaid',
|
`status` ENUM('unpaid', 'paid') NOT NULL DEFAULT 'unpaid',
|
||||||
`file_data` MEDIUMBLOB NULL,
|
|
||||||
`file_name` VARCHAR(255) NULL,
|
`file_name` VARCHAR(255) NULL,
|
||||||
`file_mime` VARCHAR(100) NULL,
|
`file_mime` VARCHAR(100) NULL,
|
||||||
`file_size` INTEGER UNSIGNED NULL,
|
`file_size` INTEGER UNSIGNED NULL,
|
||||||
@@ -572,6 +599,7 @@ CREATE TABLE `users` (
|
|||||||
`totp_secret` VARCHAR(255) NULL,
|
`totp_secret` VARCHAR(255) NULL,
|
||||||
`totp_enabled` BOOLEAN NOT NULL DEFAULT false,
|
`totp_enabled` BOOLEAN NOT NULL DEFAULT false,
|
||||||
`totp_backup_codes` TEXT NULL,
|
`totp_backup_codes` TEXT NULL,
|
||||||
|
`totp_last_used_counter` INTEGER NULL,
|
||||||
|
|
||||||
UNIQUE INDEX `username`(`username`),
|
UNIQUE INDEX `username`(`username`),
|
||||||
UNIQUE INDEX `email`(`email`),
|
UNIQUE INDEX `email`(`email`),
|
||||||
@@ -597,12 +625,28 @@ CREATE TABLE `vehicles` (
|
|||||||
PRIMARY KEY (`id`)
|
PRIMARY KEY (`id`)
|
||||||
) DEFAULT CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci;
|
) DEFAULT CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci;
|
||||||
|
|
||||||
|
-- CreateTable
|
||||||
|
CREATE TABLE `invoice_alert_log` (
|
||||||
|
`id` INTEGER NOT NULL AUTO_INCREMENT,
|
||||||
|
`invoice_type` VARCHAR(20) NOT NULL,
|
||||||
|
`invoice_id` INTEGER NOT NULL,
|
||||||
|
`alert_type` VARCHAR(20) NOT NULL,
|
||||||
|
`sent_at` DATETIME(0) NOT NULL DEFAULT CURRENT_TIMESTAMP(0),
|
||||||
|
`created_at` DATETIME(0) NOT NULL DEFAULT CURRENT_TIMESTAMP(0),
|
||||||
|
|
||||||
|
UNIQUE INDEX `invoice_type_invoice_id_alert_type`(`invoice_type`, `invoice_id`, `alert_type`),
|
||||||
|
PRIMARY KEY (`id`)
|
||||||
|
) DEFAULT CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci;
|
||||||
|
|
||||||
-- AddForeignKey
|
-- AddForeignKey
|
||||||
ALTER TABLE `attendance` ADD CONSTRAINT `attendance_ibfk_1` FOREIGN KEY (`user_id`) REFERENCES `users`(`id`) ON DELETE CASCADE ON UPDATE NO ACTION;
|
ALTER TABLE `attendance` ADD CONSTRAINT `attendance_ibfk_1` FOREIGN KEY (`user_id`) REFERENCES `users`(`id`) ON DELETE CASCADE ON UPDATE NO ACTION;
|
||||||
|
|
||||||
-- AddForeignKey
|
-- AddForeignKey
|
||||||
ALTER TABLE `attendance_project_logs` ADD CONSTRAINT `attendance_project_logs_attendance_id_fkey` FOREIGN KEY (`attendance_id`) REFERENCES `attendance`(`id`) ON DELETE CASCADE ON UPDATE NO ACTION;
|
ALTER TABLE `attendance_project_logs` ADD CONSTRAINT `attendance_project_logs_attendance_id_fkey` FOREIGN KEY (`attendance_id`) REFERENCES `attendance`(`id`) ON DELETE CASCADE ON UPDATE NO ACTION;
|
||||||
|
|
||||||
|
-- AddForeignKey
|
||||||
|
ALTER TABLE `attendance_project_logs` ADD CONSTRAINT `attendance_project_logs_project_id_fkey` FOREIGN KEY (`project_id`) REFERENCES `projects`(`id`) ON DELETE CASCADE ON UPDATE NO ACTION;
|
||||||
|
|
||||||
-- AddForeignKey
|
-- AddForeignKey
|
||||||
ALTER TABLE `invoice_items` ADD CONSTRAINT `invoice_items_ibfk_1` FOREIGN KEY (`invoice_id`) REFERENCES `invoices`(`id`) ON DELETE CASCADE ON UPDATE NO ACTION;
|
ALTER TABLE `invoice_items` ADD CONSTRAINT `invoice_items_ibfk_1` FOREIGN KEY (`invoice_id`) REFERENCES `invoices`(`id`) ON DELETE CASCADE ON UPDATE NO ACTION;
|
||||||
|
|
||||||
@@ -674,4 +718,3 @@ ALTER TABLE `trips` ADD CONSTRAINT `trips_vehicle_fk` FOREIGN KEY (`vehicle_id`)
|
|||||||
|
|
||||||
-- AddForeignKey
|
-- AddForeignKey
|
||||||
ALTER TABLE `users` ADD CONSTRAINT `users_ibfk_1` FOREIGN KEY (`role_id`) REFERENCES `roles`(`id`) ON DELETE SET NULL ON UPDATE NO ACTION;
|
ALTER TABLE `users` ADD CONSTRAINT `users_ibfk_1` FOREIGN KEY (`role_id`) REFERENCES `roles`(`id`) ON DELETE SET NULL ON UPDATE NO ACTION;
|
||||||
|
|
||||||
@@ -0,0 +1,4 @@
|
|||||||
|
-- Insert the settings.system permission (also available via seed)
|
||||||
|
INSERT INTO `permissions` (`name`, `display_name`, `module`, `description`)
|
||||||
|
VALUES ('settings.system', 'Systémová nastavení', 'settings', 'Spravovat systémová nastavení, 2FA, e-maily, limity')
|
||||||
|
ON DUPLICATE KEY UPDATE `name` = `name`;
|
||||||
@@ -0,0 +1,3 @@
|
|||||||
|
-- AlterTable
|
||||||
|
ALTER TABLE `quotations` DROP COLUMN `exchange_rate`;
|
||||||
|
ALTER TABLE `quotations` DROP COLUMN `exchange_rate_date`;
|
||||||
@@ -0,0 +1,2 @@
|
|||||||
|
-- AlterTable
|
||||||
|
ALTER TABLE `invoice_items` ADD COLUMN `item_description` TEXT NULL;
|
||||||
@@ -0,0 +1,14 @@
|
|||||||
|
-- AlterTable: quotation_items
|
||||||
|
ALTER TABLE `quotation_items` DROP COLUMN `uuid`;
|
||||||
|
ALTER TABLE `quotation_items` DROP COLUMN `is_deleted`;
|
||||||
|
ALTER TABLE `quotation_items` DROP COLUMN `sync_version`;
|
||||||
|
|
||||||
|
-- AlterTable: quotations
|
||||||
|
ALTER TABLE `quotations` DROP COLUMN `uuid`;
|
||||||
|
ALTER TABLE `quotations` DROP COLUMN `sync_version`;
|
||||||
|
|
||||||
|
-- AlterTable: scope_sections
|
||||||
|
ALTER TABLE `scope_sections` DROP COLUMN `content_editor_height`;
|
||||||
|
ALTER TABLE `scope_sections` DROP COLUMN `uuid`;
|
||||||
|
ALTER TABLE `scope_sections` DROP COLUMN `is_deleted`;
|
||||||
|
ALTER TABLE `scope_sections` DROP COLUMN `sync_version`;
|
||||||
@@ -0,0 +1,277 @@
|
|||||||
|
-- CreateTable
|
||||||
|
CREATE TABLE `sklad_categories` (
|
||||||
|
`id` INTEGER NOT NULL AUTO_INCREMENT,
|
||||||
|
`name` VARCHAR(100) NOT NULL,
|
||||||
|
`description` TEXT NULL,
|
||||||
|
`sort_order` INTEGER NOT NULL DEFAULT 0,
|
||||||
|
`created_at` DATETIME(0) NULL DEFAULT CURRENT_TIMESTAMP(0),
|
||||||
|
`modified_at` DATETIME(0) NULL,
|
||||||
|
|
||||||
|
PRIMARY KEY (`id`)
|
||||||
|
) DEFAULT CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci;
|
||||||
|
|
||||||
|
-- CreateTable
|
||||||
|
CREATE TABLE `sklad_suppliers` (
|
||||||
|
`id` INTEGER NOT NULL AUTO_INCREMENT,
|
||||||
|
`name` VARCHAR(255) NOT NULL,
|
||||||
|
`ico` VARCHAR(20) NULL,
|
||||||
|
`dic` VARCHAR(20) NULL,
|
||||||
|
`contact_person` VARCHAR(255) NULL,
|
||||||
|
`email` VARCHAR(255) NULL,
|
||||||
|
`phone` VARCHAR(50) NULL,
|
||||||
|
`address` TEXT NULL,
|
||||||
|
`notes` TEXT NULL,
|
||||||
|
`is_active` BOOLEAN NOT NULL DEFAULT true,
|
||||||
|
`created_at` DATETIME(0) NULL DEFAULT CURRENT_TIMESTAMP(0),
|
||||||
|
`modified_at` DATETIME(0) NULL,
|
||||||
|
|
||||||
|
PRIMARY KEY (`id`)
|
||||||
|
) DEFAULT CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci;
|
||||||
|
|
||||||
|
-- CreateTable
|
||||||
|
CREATE TABLE `sklad_locations` (
|
||||||
|
`id` INTEGER NOT NULL AUTO_INCREMENT,
|
||||||
|
`code` VARCHAR(20) NOT NULL,
|
||||||
|
`name` VARCHAR(100) NOT NULL,
|
||||||
|
`description` TEXT NULL,
|
||||||
|
`is_active` BOOLEAN NOT NULL DEFAULT true,
|
||||||
|
`created_at` DATETIME(0) NULL DEFAULT CURRENT_TIMESTAMP(0),
|
||||||
|
`modified_at` DATETIME(0) NULL,
|
||||||
|
|
||||||
|
UNIQUE INDEX `sklad_locations_code_key`(`code`),
|
||||||
|
PRIMARY KEY (`id`)
|
||||||
|
) DEFAULT CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci;
|
||||||
|
|
||||||
|
-- CreateTable
|
||||||
|
CREATE TABLE `sklad_items` (
|
||||||
|
`id` INTEGER NOT NULL AUTO_INCREMENT,
|
||||||
|
`item_number` VARCHAR(50) NULL,
|
||||||
|
`name` VARCHAR(255) NOT NULL,
|
||||||
|
`description` TEXT NULL,
|
||||||
|
`category_id` INTEGER NULL,
|
||||||
|
`unit` VARCHAR(20) NOT NULL,
|
||||||
|
`min_quantity` DECIMAL(12, 3) NULL,
|
||||||
|
`is_active` BOOLEAN NOT NULL DEFAULT true,
|
||||||
|
`notes` TEXT NULL,
|
||||||
|
`created_at` DATETIME(0) NULL DEFAULT CURRENT_TIMESTAMP(0),
|
||||||
|
`modified_at` DATETIME(0) NULL,
|
||||||
|
|
||||||
|
UNIQUE INDEX `sklad_items_item_number_key`(`item_number`),
|
||||||
|
INDEX `sklad_items_category_id`(`category_id`),
|
||||||
|
PRIMARY KEY (`id`)
|
||||||
|
) DEFAULT CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci;
|
||||||
|
|
||||||
|
-- CreateTable
|
||||||
|
CREATE TABLE `sklad_batches` (
|
||||||
|
`id` INTEGER NOT NULL AUTO_INCREMENT,
|
||||||
|
`item_id` INTEGER NOT NULL,
|
||||||
|
`receipt_line_id` INTEGER NOT NULL,
|
||||||
|
`quantity` DECIMAL(12, 3) NOT NULL,
|
||||||
|
`original_qty` DECIMAL(12, 3) NOT NULL,
|
||||||
|
`unit_price` DECIMAL(12, 2) NOT NULL,
|
||||||
|
`received_at` DATETIME(0) NULL,
|
||||||
|
`is_consumed` BOOLEAN NOT NULL DEFAULT false,
|
||||||
|
|
||||||
|
UNIQUE INDEX `sklad_batches_receipt_line_id_key`(`receipt_line_id`),
|
||||||
|
INDEX `sklad_batches_fifo`(`item_id`, `is_consumed`, `received_at`),
|
||||||
|
PRIMARY KEY (`id`)
|
||||||
|
) DEFAULT CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci;
|
||||||
|
|
||||||
|
-- CreateTable
|
||||||
|
CREATE TABLE `sklad_item_locations` (
|
||||||
|
`id` INTEGER NOT NULL AUTO_INCREMENT,
|
||||||
|
`item_id` INTEGER NOT NULL,
|
||||||
|
`location_id` INTEGER NOT NULL,
|
||||||
|
`quantity` DECIMAL(12, 3) NOT NULL DEFAULT 0,
|
||||||
|
|
||||||
|
UNIQUE INDEX `sklad_item_locations_unique`(`item_id`, `location_id`),
|
||||||
|
PRIMARY KEY (`id`)
|
||||||
|
) DEFAULT CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci;
|
||||||
|
|
||||||
|
-- CreateTable
|
||||||
|
CREATE TABLE `sklad_receipts` (
|
||||||
|
`id` INTEGER NOT NULL AUTO_INCREMENT,
|
||||||
|
`receipt_number` VARCHAR(50) NULL,
|
||||||
|
`supplier_id` INTEGER NULL,
|
||||||
|
`delivery_note_number` VARCHAR(100) NULL,
|
||||||
|
`delivery_note_date` DATETIME(0) NULL,
|
||||||
|
`received_by` INTEGER NULL,
|
||||||
|
`notes` TEXT NULL,
|
||||||
|
`status` ENUM('DRAFT', 'CONFIRMED', 'CANCELLED') NOT NULL DEFAULT 'DRAFT',
|
||||||
|
`created_at` DATETIME(0) NULL DEFAULT CURRENT_TIMESTAMP(0),
|
||||||
|
`modified_at` DATETIME(0) NULL,
|
||||||
|
|
||||||
|
PRIMARY KEY (`id`)
|
||||||
|
) DEFAULT CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci;
|
||||||
|
|
||||||
|
-- CreateTable
|
||||||
|
CREATE TABLE `sklad_receipt_lines` (
|
||||||
|
`id` INTEGER NOT NULL AUTO_INCREMENT,
|
||||||
|
`receipt_id` INTEGER NOT NULL,
|
||||||
|
`item_id` INTEGER NOT NULL,
|
||||||
|
`quantity` DECIMAL(12, 3) NOT NULL,
|
||||||
|
`unit_price` DECIMAL(12, 2) NOT NULL,
|
||||||
|
`location_id` INTEGER NULL,
|
||||||
|
`notes` VARCHAR(255) NULL,
|
||||||
|
|
||||||
|
INDEX `sklad_receipt_lines_receipt_id`(`receipt_id`),
|
||||||
|
PRIMARY KEY (`id`)
|
||||||
|
) DEFAULT CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci;
|
||||||
|
|
||||||
|
-- CreateTable
|
||||||
|
CREATE TABLE `sklad_receipt_attachments` (
|
||||||
|
`id` INTEGER NOT NULL AUTO_INCREMENT,
|
||||||
|
`receipt_id` INTEGER NOT NULL,
|
||||||
|
`file_name` VARCHAR(255) NOT NULL,
|
||||||
|
`file_mime` VARCHAR(100) NOT NULL,
|
||||||
|
`file_size` INTEGER NOT NULL,
|
||||||
|
`file_path` VARCHAR(500) NOT NULL,
|
||||||
|
`created_at` DATETIME(0) NULL DEFAULT CURRENT_TIMESTAMP(0),
|
||||||
|
|
||||||
|
PRIMARY KEY (`id`)
|
||||||
|
) DEFAULT CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci;
|
||||||
|
|
||||||
|
-- CreateTable
|
||||||
|
CREATE TABLE `sklad_issues` (
|
||||||
|
`id` INTEGER NOT NULL AUTO_INCREMENT,
|
||||||
|
`issue_number` VARCHAR(50) NULL,
|
||||||
|
`project_id` INTEGER NOT NULL,
|
||||||
|
`issued_by` INTEGER NULL,
|
||||||
|
`notes` TEXT NULL,
|
||||||
|
`status` ENUM('DRAFT', 'CONFIRMED', 'CANCELLED') NOT NULL DEFAULT 'DRAFT',
|
||||||
|
`created_at` DATETIME(0) NULL DEFAULT CURRENT_TIMESTAMP(0),
|
||||||
|
`modified_at` DATETIME(0) NULL,
|
||||||
|
|
||||||
|
PRIMARY KEY (`id`)
|
||||||
|
) DEFAULT CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci;
|
||||||
|
|
||||||
|
-- CreateTable
|
||||||
|
CREATE TABLE `sklad_issue_lines` (
|
||||||
|
`id` INTEGER NOT NULL AUTO_INCREMENT,
|
||||||
|
`issue_id` INTEGER NOT NULL,
|
||||||
|
`item_id` INTEGER NOT NULL,
|
||||||
|
`batch_id` INTEGER NOT NULL,
|
||||||
|
`quantity` DECIMAL(12, 3) NOT NULL,
|
||||||
|
`location_id` INTEGER NULL,
|
||||||
|
`reservation_id` INTEGER NULL,
|
||||||
|
`notes` VARCHAR(255) NULL,
|
||||||
|
|
||||||
|
INDEX `sklad_issue_lines_issue_id`(`issue_id`),
|
||||||
|
PRIMARY KEY (`id`)
|
||||||
|
) DEFAULT CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci;
|
||||||
|
|
||||||
|
-- CreateTable
|
||||||
|
CREATE TABLE `sklad_reservations` (
|
||||||
|
`id` INTEGER NOT NULL AUTO_INCREMENT,
|
||||||
|
`item_id` INTEGER NOT NULL,
|
||||||
|
`project_id` INTEGER NOT NULL,
|
||||||
|
`quantity` DECIMAL(12, 3) NOT NULL,
|
||||||
|
`remaining_qty` DECIMAL(12, 3) NOT NULL,
|
||||||
|
`reserved_by` INTEGER NULL,
|
||||||
|
`notes` TEXT NULL,
|
||||||
|
`status` ENUM('ACTIVE', 'FULFILLED', 'CANCELLED') NOT NULL DEFAULT 'ACTIVE',
|
||||||
|
`created_at` DATETIME(0) NULL DEFAULT CURRENT_TIMESTAMP(0),
|
||||||
|
`modified_at` DATETIME(0) NULL,
|
||||||
|
|
||||||
|
INDEX `sklad_reservations_item_status`(`item_id`, `status`),
|
||||||
|
PRIMARY KEY (`id`)
|
||||||
|
) DEFAULT CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci;
|
||||||
|
|
||||||
|
-- CreateTable
|
||||||
|
CREATE TABLE `sklad_inventory_sessions` (
|
||||||
|
`id` INTEGER NOT NULL AUTO_INCREMENT,
|
||||||
|
`session_number` VARCHAR(50) NULL,
|
||||||
|
`notes` TEXT NULL,
|
||||||
|
`status` ENUM('DRAFT', 'CONFIRMED') NOT NULL DEFAULT 'DRAFT',
|
||||||
|
`created_at` DATETIME(0) NULL DEFAULT CURRENT_TIMESTAMP(0),
|
||||||
|
`modified_at` DATETIME(0) NULL,
|
||||||
|
|
||||||
|
PRIMARY KEY (`id`)
|
||||||
|
) DEFAULT CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci;
|
||||||
|
|
||||||
|
-- CreateTable
|
||||||
|
CREATE TABLE `sklad_inventory_lines` (
|
||||||
|
`id` INTEGER NOT NULL AUTO_INCREMENT,
|
||||||
|
`session_id` INTEGER NOT NULL,
|
||||||
|
`item_id` INTEGER NOT NULL,
|
||||||
|
`location_id` INTEGER NULL,
|
||||||
|
`system_qty` DECIMAL(12, 3) NOT NULL,
|
||||||
|
`actual_qty` DECIMAL(12, 3) NOT NULL,
|
||||||
|
`difference` DECIMAL(12, 3) NOT NULL,
|
||||||
|
`notes` VARCHAR(255) NULL,
|
||||||
|
|
||||||
|
INDEX `sklad_inventory_lines_session_id`(`session_id`),
|
||||||
|
PRIMARY KEY (`id`)
|
||||||
|
) DEFAULT CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci;
|
||||||
|
|
||||||
|
-- AddForeignKey
|
||||||
|
ALTER TABLE `sklad_items` ADD CONSTRAINT `sklad_items_category_id_fkey` FOREIGN KEY (`category_id`) REFERENCES `sklad_categories`(`id`) ON DELETE SET NULL ON UPDATE CASCADE;
|
||||||
|
|
||||||
|
-- AddForeignKey
|
||||||
|
ALTER TABLE `sklad_batches` ADD CONSTRAINT `sklad_batches_item_id_fkey` FOREIGN KEY (`item_id`) REFERENCES `sklad_items`(`id`) ON DELETE RESTRICT ON UPDATE CASCADE;
|
||||||
|
|
||||||
|
-- AddForeignKey
|
||||||
|
ALTER TABLE `sklad_batches` ADD CONSTRAINT `sklad_batches_receipt_line_id_fkey` FOREIGN KEY (`receipt_line_id`) REFERENCES `sklad_receipt_lines`(`id`) ON DELETE RESTRICT ON UPDATE CASCADE;
|
||||||
|
|
||||||
|
-- AddForeignKey
|
||||||
|
ALTER TABLE `sklad_item_locations` ADD CONSTRAINT `sklad_item_locations_item_id_fkey` FOREIGN KEY (`item_id`) REFERENCES `sklad_items`(`id`) ON DELETE RESTRICT ON UPDATE CASCADE;
|
||||||
|
|
||||||
|
-- AddForeignKey
|
||||||
|
ALTER TABLE `sklad_item_locations` ADD CONSTRAINT `sklad_item_locations_location_id_fkey` FOREIGN KEY (`location_id`) REFERENCES `sklad_locations`(`id`) ON DELETE RESTRICT ON UPDATE CASCADE;
|
||||||
|
|
||||||
|
-- AddForeignKey
|
||||||
|
ALTER TABLE `sklad_receipts` ADD CONSTRAINT `sklad_receipts_supplier_id_fkey` FOREIGN KEY (`supplier_id`) REFERENCES `sklad_suppliers`(`id`) ON DELETE SET NULL ON UPDATE CASCADE;
|
||||||
|
|
||||||
|
-- AddForeignKey
|
||||||
|
ALTER TABLE `sklad_receipts` ADD CONSTRAINT `sklad_receipts_received_by_fkey` FOREIGN KEY (`received_by`) REFERENCES `users`(`id`) ON DELETE SET NULL ON UPDATE CASCADE;
|
||||||
|
|
||||||
|
-- AddForeignKey
|
||||||
|
ALTER TABLE `sklad_receipt_lines` ADD CONSTRAINT `sklad_receipt_lines_receipt_id_fkey` FOREIGN KEY (`receipt_id`) REFERENCES `sklad_receipts`(`id`) ON DELETE RESTRICT ON UPDATE CASCADE;
|
||||||
|
|
||||||
|
-- AddForeignKey
|
||||||
|
ALTER TABLE `sklad_receipt_lines` ADD CONSTRAINT `sklad_receipt_lines_item_id_fkey` FOREIGN KEY (`item_id`) REFERENCES `sklad_items`(`id`) ON DELETE RESTRICT ON UPDATE CASCADE;
|
||||||
|
|
||||||
|
-- AddForeignKey
|
||||||
|
ALTER TABLE `sklad_receipt_lines` ADD CONSTRAINT `sklad_receipt_lines_location_id_fkey` FOREIGN KEY (`location_id`) REFERENCES `sklad_locations`(`id`) ON DELETE SET NULL ON UPDATE CASCADE;
|
||||||
|
|
||||||
|
-- AddForeignKey
|
||||||
|
ALTER TABLE `sklad_receipt_attachments` ADD CONSTRAINT `sklad_receipt_attachments_receipt_id_fkey` FOREIGN KEY (`receipt_id`) REFERENCES `sklad_receipts`(`id`) ON DELETE RESTRICT ON UPDATE CASCADE;
|
||||||
|
|
||||||
|
-- AddForeignKey
|
||||||
|
ALTER TABLE `sklad_issues` ADD CONSTRAINT `sklad_issues_project_id_fkey` FOREIGN KEY (`project_id`) REFERENCES `projects`(`id`) ON DELETE RESTRICT ON UPDATE CASCADE;
|
||||||
|
|
||||||
|
-- AddForeignKey
|
||||||
|
ALTER TABLE `sklad_issues` ADD CONSTRAINT `sklad_issues_issued_by_fkey` FOREIGN KEY (`issued_by`) REFERENCES `users`(`id`) ON DELETE SET NULL ON UPDATE CASCADE;
|
||||||
|
|
||||||
|
-- AddForeignKey
|
||||||
|
ALTER TABLE `sklad_issue_lines` ADD CONSTRAINT `sklad_issue_lines_issue_id_fkey` FOREIGN KEY (`issue_id`) REFERENCES `sklad_issues`(`id`) ON DELETE RESTRICT ON UPDATE CASCADE;
|
||||||
|
|
||||||
|
-- AddForeignKey
|
||||||
|
ALTER TABLE `sklad_issue_lines` ADD CONSTRAINT `sklad_issue_lines_item_id_fkey` FOREIGN KEY (`item_id`) REFERENCES `sklad_items`(`id`) ON DELETE RESTRICT ON UPDATE CASCADE;
|
||||||
|
|
||||||
|
-- AddForeignKey
|
||||||
|
ALTER TABLE `sklad_issue_lines` ADD CONSTRAINT `sklad_issue_lines_batch_id_fkey` FOREIGN KEY (`batch_id`) REFERENCES `sklad_batches`(`id`) ON DELETE RESTRICT ON UPDATE CASCADE;
|
||||||
|
|
||||||
|
-- AddForeignKey
|
||||||
|
ALTER TABLE `sklad_issue_lines` ADD CONSTRAINT `sklad_issue_lines_location_id_fkey` FOREIGN KEY (`location_id`) REFERENCES `sklad_locations`(`id`) ON DELETE SET NULL ON UPDATE CASCADE;
|
||||||
|
|
||||||
|
-- AddForeignKey
|
||||||
|
ALTER TABLE `sklad_issue_lines` ADD CONSTRAINT `sklad_issue_lines_reservation_id_fkey` FOREIGN KEY (`reservation_id`) REFERENCES `sklad_reservations`(`id`) ON DELETE SET NULL ON UPDATE CASCADE;
|
||||||
|
|
||||||
|
-- AddForeignKey
|
||||||
|
ALTER TABLE `sklad_reservations` ADD CONSTRAINT `sklad_reservations_item_id_fkey` FOREIGN KEY (`item_id`) REFERENCES `sklad_items`(`id`) ON DELETE RESTRICT ON UPDATE CASCADE;
|
||||||
|
|
||||||
|
-- AddForeignKey
|
||||||
|
ALTER TABLE `sklad_reservations` ADD CONSTRAINT `sklad_reservations_project_id_fkey` FOREIGN KEY (`project_id`) REFERENCES `projects`(`id`) ON DELETE RESTRICT ON UPDATE CASCADE;
|
||||||
|
|
||||||
|
-- AddForeignKey
|
||||||
|
ALTER TABLE `sklad_reservations` ADD CONSTRAINT `sklad_reservations_reserved_by_fkey` FOREIGN KEY (`reserved_by`) REFERENCES `users`(`id`) ON DELETE SET NULL ON UPDATE CASCADE;
|
||||||
|
|
||||||
|
-- AddForeignKey
|
||||||
|
ALTER TABLE `sklad_inventory_lines` ADD CONSTRAINT `sklad_inventory_lines_session_id_fkey` FOREIGN KEY (`session_id`) REFERENCES `sklad_inventory_sessions`(`id`) ON DELETE RESTRICT ON UPDATE CASCADE;
|
||||||
|
|
||||||
|
-- AddForeignKey
|
||||||
|
ALTER TABLE `sklad_inventory_lines` ADD CONSTRAINT `sklad_inventory_lines_item_id_fkey` FOREIGN KEY (`item_id`) REFERENCES `sklad_items`(`id`) ON DELETE RESTRICT ON UPDATE CASCADE;
|
||||||
|
|
||||||
|
-- AddForeignKey
|
||||||
|
ALTER TABLE `sklad_inventory_lines` ADD CONSTRAINT `sklad_inventory_lines_location_id_fkey` FOREIGN KEY (`location_id`) REFERENCES `sklad_locations`(`id`) ON DELETE SET NULL ON UPDATE CASCADE;
|
||||||
@@ -0,0 +1,17 @@
|
|||||||
|
-- AlterTable
|
||||||
|
ALTER TABLE `company_settings` ADD COLUMN `warehouse_inventory_number_pattern` VARCHAR(100) NULL,
|
||||||
|
ADD COLUMN `warehouse_inventory_prefix` VARCHAR(20) NULL,
|
||||||
|
ADD COLUMN `warehouse_issue_number_pattern` VARCHAR(100) NULL,
|
||||||
|
ADD COLUMN `warehouse_issue_prefix` VARCHAR(20) NULL,
|
||||||
|
ADD COLUMN `warehouse_receipt_number_pattern` VARCHAR(100) NULL,
|
||||||
|
ADD COLUMN `warehouse_receipt_prefix` VARCHAR(20) NULL;
|
||||||
|
|
||||||
|
-- Set backward-compatible defaults for existing installations
|
||||||
|
UPDATE `company_settings`
|
||||||
|
SET
|
||||||
|
`warehouse_receipt_prefix` = 'PRI',
|
||||||
|
`warehouse_receipt_number_pattern` = '{PREFIX}-{YYYY}-{NNN}',
|
||||||
|
`warehouse_issue_prefix` = 'VYD',
|
||||||
|
`warehouse_issue_number_pattern` = '{PREFIX}-{YYYY}-{NNN}',
|
||||||
|
`warehouse_inventory_prefix` = 'INV',
|
||||||
|
`warehouse_inventory_number_pattern` = '{PREFIX}-{YYYY}-{NNN}';
|
||||||
@@ -0,0 +1,29 @@
|
|||||||
|
-- Add warehouse module permissions and assign them to the admin role.
|
||||||
|
-- These rows used to be created by `prisma/seed.ts`, which is dev-only and
|
||||||
|
-- must not be run against production (per CLAUDE.md). This migration is
|
||||||
|
-- idempotent: re-running it is a no-op.
|
||||||
|
--
|
||||||
|
-- The 4 permissions match `prisma/seed.ts` lines 284-308 exactly.
|
||||||
|
|
||||||
|
-- 1. Insert the 4 warehouse permissions (INSERT IGNORE skips on duplicate
|
||||||
|
-- name, so re-running the migration is safe).
|
||||||
|
INSERT IGNORE INTO `permissions` (`name`, `display_name`, `module`, `description`, `created_at`) VALUES
|
||||||
|
('warehouse.view', 'Zobrazit sklad', 'warehouse', 'Prohlížet stav skladu, položky, reporty a historii pohybů', NOW()),
|
||||||
|
('warehouse.operate', 'Příjem a výdej', 'warehouse', 'Vytvářet a potvrzovat příjmy, výdeje a rezervace', NOW()),
|
||||||
|
('warehouse.manage', 'Správa skladu', 'warehouse', 'Spravovat katalog materiálů, dodavatele, lokace a kategorie', NOW()),
|
||||||
|
('warehouse.inventory', 'Inventura', 'warehouse', 'Vytvářet a potvrzovat inventurní sčítkání', NOW());
|
||||||
|
|
||||||
|
-- 2. Assign all 4 permissions to the admin role. INSERT IGNORE on the
|
||||||
|
-- composite primary key (role_id, permission_id) makes this idempotent
|
||||||
|
-- and preserves any other role assignments that already exist.
|
||||||
|
INSERT IGNORE INTO `role_permissions` (`role_id`, `permission_id`)
|
||||||
|
SELECT r.id, p.id
|
||||||
|
FROM `roles` r
|
||||||
|
CROSS JOIN `permissions` p
|
||||||
|
WHERE r.name = 'admin'
|
||||||
|
AND p.name IN (
|
||||||
|
'warehouse.view',
|
||||||
|
'warehouse.operate',
|
||||||
|
'warehouse.manage',
|
||||||
|
'warehouse.inventory'
|
||||||
|
);
|
||||||
61
prisma/migrations/20260605120000_add_work_plan/migration.sql
Normal file
61
prisma/migrations/20260605120000_add_work_plan/migration.sql
Normal file
@@ -0,0 +1,61 @@
|
|||||||
|
-- Add work_plan_entries and work_plan_overrides tables plus the plan_category
|
||||||
|
-- enum. Both tables are owned by users (Cascade on delete) and reference
|
||||||
|
-- projects (SetNull). `created_by` uses Restrict so we never silently lose
|
||||||
|
-- the audit trail of who created the entry.
|
||||||
|
|
||||||
|
-- CreateTable
|
||||||
|
CREATE TABLE `work_plan_entries` (
|
||||||
|
`id` INTEGER NOT NULL AUTO_INCREMENT,
|
||||||
|
`user_id` INTEGER NOT NULL,
|
||||||
|
`date_from` DATE NOT NULL,
|
||||||
|
`date_to` DATE NOT NULL,
|
||||||
|
`project_id` INTEGER NULL,
|
||||||
|
`category` ENUM('work', 'preparation', 'travel', 'leave', 'sick', 'training', 'other') NOT NULL DEFAULT 'work',
|
||||||
|
`note` VARCHAR(500) NOT NULL,
|
||||||
|
`created_by` INTEGER NOT NULL,
|
||||||
|
`created_at` TIMESTAMP(0) NULL DEFAULT CURRENT_TIMESTAMP(0),
|
||||||
|
`updated_at` TIMESTAMP(0) NULL DEFAULT CURRENT_TIMESTAMP(0),
|
||||||
|
`is_deleted` BOOLEAN NULL DEFAULT false,
|
||||||
|
|
||||||
|
INDEX `idx_wpe_user_from`(`user_id`, `date_from`),
|
||||||
|
INDEX `idx_wpe_user_to`(`user_id`, `date_to`),
|
||||||
|
INDEX `idx_wpe_project`(`project_id`),
|
||||||
|
INDEX `idx_wpe_dates`(`date_from`, `date_to`),
|
||||||
|
PRIMARY KEY (`id`)
|
||||||
|
) DEFAULT CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci;
|
||||||
|
|
||||||
|
-- CreateTable
|
||||||
|
CREATE TABLE `work_plan_overrides` (
|
||||||
|
`id` INTEGER NOT NULL AUTO_INCREMENT,
|
||||||
|
`user_id` INTEGER NOT NULL,
|
||||||
|
`shift_date` DATE NOT NULL,
|
||||||
|
`project_id` INTEGER NULL,
|
||||||
|
`category` ENUM('work', 'preparation', 'travel', 'leave', 'sick', 'training', 'other') NOT NULL,
|
||||||
|
`note` VARCHAR(500) NOT NULL,
|
||||||
|
`created_by` INTEGER NOT NULL,
|
||||||
|
`created_at` TIMESTAMP(0) NULL DEFAULT CURRENT_TIMESTAMP(0),
|
||||||
|
`updated_at` TIMESTAMP(0) NULL DEFAULT CURRENT_TIMESTAMP(0),
|
||||||
|
`is_deleted` BOOLEAN NULL DEFAULT false,
|
||||||
|
|
||||||
|
INDEX `idx_wpo_date`(`shift_date`),
|
||||||
|
UNIQUE INDEX `uniq_wpo_user_date`(`user_id`, `shift_date`),
|
||||||
|
PRIMARY KEY (`id`)
|
||||||
|
) DEFAULT CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci;
|
||||||
|
|
||||||
|
-- AddForeignKey
|
||||||
|
ALTER TABLE `work_plan_entries` ADD CONSTRAINT `work_plan_entries_user_id_fkey` FOREIGN KEY (`user_id`) REFERENCES `users`(`id`) ON DELETE CASCADE ON UPDATE NO ACTION;
|
||||||
|
|
||||||
|
-- AddForeignKey
|
||||||
|
ALTER TABLE `work_plan_entries` ADD CONSTRAINT `work_plan_entries_project_id_fkey` FOREIGN KEY (`project_id`) REFERENCES `projects`(`id`) ON DELETE SET NULL ON UPDATE NO ACTION;
|
||||||
|
|
||||||
|
-- AddForeignKey
|
||||||
|
ALTER TABLE `work_plan_entries` ADD CONSTRAINT `work_plan_entries_created_by_fkey` FOREIGN KEY (`created_by`) REFERENCES `users`(`id`) ON DELETE RESTRICT ON UPDATE NO ACTION;
|
||||||
|
|
||||||
|
-- AddForeignKey
|
||||||
|
ALTER TABLE `work_plan_overrides` ADD CONSTRAINT `work_plan_overrides_user_id_fkey` FOREIGN KEY (`user_id`) REFERENCES `users`(`id`) ON DELETE CASCADE ON UPDATE NO ACTION;
|
||||||
|
|
||||||
|
-- AddForeignKey
|
||||||
|
ALTER TABLE `work_plan_overrides` ADD CONSTRAINT `work_plan_overrides_project_id_fkey` FOREIGN KEY (`project_id`) REFERENCES `projects`(`id`) ON DELETE SET NULL ON UPDATE NO ACTION;
|
||||||
|
|
||||||
|
-- AddForeignKey
|
||||||
|
ALTER TABLE `work_plan_overrides` ADD CONSTRAINT `work_plan_overrides_created_by_fkey` FOREIGN KEY (`created_by`) REFERENCES `users`(`id`) ON DELETE RESTRICT ON UPDATE NO ACTION;
|
||||||
@@ -0,0 +1,26 @@
|
|||||||
|
-- Drop the unique index on (user_id, shift_date) for work_plan_overrides.
|
||||||
|
-- MySQL unique indexes don't ignore soft-deleted rows, which would prevent
|
||||||
|
-- createOverride from soft-deleting an existing override and creating a new
|
||||||
|
-- one for the same (user_id, shift_date). Application code enforces the
|
||||||
|
-- "at most one active override per (user_id, shift_date)" invariant.
|
||||||
|
-- The application-level check is wrapped in a transaction; see
|
||||||
|
-- src/services/plan.service.ts:createOverride.
|
||||||
|
--
|
||||||
|
-- The original index was created in
|
||||||
|
-- 20260605120000_add_work_plan/migration.sql as `uniq_wpo_user_date`.
|
||||||
|
|
||||||
|
-- IMPORTANT ordering: `uniq_wpo_user_date` is the only index covering the
|
||||||
|
-- `user_id` foreign key, and MySQL refuses to drop an index still needed by a
|
||||||
|
-- FK. So we CREATE the replacement non-unique index FIRST (giving the FK
|
||||||
|
-- another covering index), THEN drop the unique one. The reverse order fails
|
||||||
|
-- with "Cannot drop index ... needed in a foreign key constraint" on a fresh
|
||||||
|
-- apply.
|
||||||
|
|
||||||
|
-- Add a non-unique index for the (user_id, shift_date) lookup used by
|
||||||
|
-- createOverride's "is there an active override for this user-day?" query
|
||||||
|
-- and by resolveCell / resolveGrid. This is a plain index, not a unique
|
||||||
|
-- one — multiple rows (active and soft-deleted) can share the same
|
||||||
|
-- (user_id, shift_date) pair.
|
||||||
|
CREATE INDEX `idx_wpo_user_date` ON `work_plan_overrides`(`user_id`, `shift_date`);
|
||||||
|
|
||||||
|
DROP INDEX `uniq_wpo_user_date` ON `work_plan_overrides`;
|
||||||
@@ -0,0 +1,32 @@
|
|||||||
|
-- Add plan_categories table and convert category columns from ENUM to VARCHAR(50)
|
||||||
|
|
||||||
|
-- CreateTable
|
||||||
|
CREATE TABLE `plan_categories` (
|
||||||
|
`id` INTEGER NOT NULL AUTO_INCREMENT,
|
||||||
|
`key` VARCHAR(50) NOT NULL,
|
||||||
|
`label` VARCHAR(100) NOT NULL,
|
||||||
|
`color` VARCHAR(7) NOT NULL,
|
||||||
|
`sort_order` INTEGER NOT NULL DEFAULT 0,
|
||||||
|
`is_active` BOOLEAN NOT NULL DEFAULT true,
|
||||||
|
`created_at` DATETIME(0) NULL DEFAULT CURRENT_TIMESTAMP(0),
|
||||||
|
`updated_at` DATETIME(0) NULL DEFAULT CURRENT_TIMESTAMP(0),
|
||||||
|
|
||||||
|
UNIQUE INDEX `plan_categories_key_key`(`key`),
|
||||||
|
PRIMARY KEY (`id`)
|
||||||
|
) DEFAULT CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci;
|
||||||
|
|
||||||
|
-- AlterTable: change category from ENUM to VARCHAR(50) in work_plan_entries
|
||||||
|
ALTER TABLE `work_plan_entries` MODIFY `category` VARCHAR(50) NOT NULL DEFAULT 'work';
|
||||||
|
|
||||||
|
-- AlterTable: change category from ENUM to VARCHAR(50) in work_plan_overrides
|
||||||
|
ALTER TABLE `work_plan_overrides` MODIFY `category` VARCHAR(50) NOT NULL;
|
||||||
|
|
||||||
|
-- Seed the categories that were previously the plan_category enum
|
||||||
|
INSERT INTO `plan_categories` (`key`, `label`, `color`, `sort_order`, `is_active`) VALUES
|
||||||
|
('work', 'Práce', '#2563eb', 1, true),
|
||||||
|
('preparation', 'Příprava', '#0d9488', 2, true),
|
||||||
|
('travel', 'Cesta / Montáž', '#ca8a04', 3, true),
|
||||||
|
('leave', 'Dovolená', '#16a34a', 4, true),
|
||||||
|
('sick', 'Nemoc', '#dc2626', 5, true),
|
||||||
|
('training', 'Školení', '#7c3aed', 6, true),
|
||||||
|
('other', 'Jiné', '#6b7280', 7, true);
|
||||||
@@ -0,0 +1,15 @@
|
|||||||
|
-- Re-add the projects.create permission (removed in commit 82919d3 when manual
|
||||||
|
-- project creation was deleted). Idempotent: re-running is a no-op.
|
||||||
|
-- Mirrors prisma/seed.ts PERMISSIONS exactly (name, display_name, module, description).
|
||||||
|
|
||||||
|
-- 1. Insert the permission (INSERT IGNORE skips on duplicate name).
|
||||||
|
INSERT IGNORE INTO `permissions` (`name`, `display_name`, `module`, `description`, `created_at`) VALUES
|
||||||
|
('projects.create', 'Vytvořit projekt', 'projects', 'Ručně vytvářet projekty', NOW());
|
||||||
|
|
||||||
|
-- 2. Grant it to the admin role (idempotent via composite PK).
|
||||||
|
INSERT IGNORE INTO `role_permissions` (`role_id`, `permission_id`)
|
||||||
|
SELECT r.id, p.id
|
||||||
|
FROM `roles` r
|
||||||
|
CROSS JOIN `permissions` p
|
||||||
|
WHERE r.name = 'admin'
|
||||||
|
AND p.name IN ('projects.create');
|
||||||
@@ -1,3 +1,3 @@
|
|||||||
# Please do not edit this file manually
|
# Please do not edit this file manually
|
||||||
# It should be added in your version-control system (i.e. Git)
|
# It should be added in your version-control system (e.g., Git)
|
||||||
provider = "mysql"
|
provider = "mysql"
|
||||||
|
|||||||
@@ -46,6 +46,7 @@ model attendance_project_logs {
|
|||||||
hours Int? @db.UnsignedInt
|
hours Int? @db.UnsignedInt
|
||||||
minutes Int? @db.UnsignedInt
|
minutes Int? @db.UnsignedInt
|
||||||
attendance attendance @relation(fields: [attendance_id], references: [id], onDelete: Cascade, onUpdate: NoAction)
|
attendance attendance @relation(fields: [attendance_id], references: [id], onDelete: Cascade, onUpdate: NoAction)
|
||||||
|
projects projects? @relation(fields: [project_id], references: [id], onDelete: Cascade, onUpdate: NoAction)
|
||||||
|
|
||||||
@@index([attendance_id], map: "idx_attendance_project_logs_aid")
|
@@index([attendance_id], map: "idx_attendance_project_logs_aid")
|
||||||
@@index([project_id], map: "idx_project_id")
|
@@index([project_id], map: "idx_project_id")
|
||||||
@@ -100,18 +101,18 @@ model company_settings {
|
|||||||
vat_id String? @db.VarChar(50)
|
vat_id String? @db.VarChar(50)
|
||||||
custom_fields String? @db.LongText
|
custom_fields String? @db.LongText
|
||||||
logo_data Bytes?
|
logo_data Bytes?
|
||||||
logo_data_dark Bytes?
|
logo_data_dark Bytes? @db.MediumBlob
|
||||||
quotation_prefix String? @db.VarChar(20)
|
quotation_prefix String? @db.VarChar(20)
|
||||||
default_currency String? @default("CZK") @db.VarChar(10)
|
default_currency String? @default("CZK") @db.VarChar(10)
|
||||||
default_vat_rate Decimal? @default(21.00) @db.Decimal(5, 2)
|
default_vat_rate Decimal? @default(21.00) @db.Decimal(5, 2)
|
||||||
uuid String? @db.VarChar(36)
|
uuid String? @unique @db.VarChar(36)
|
||||||
modified_at DateTime? @db.DateTime(0)
|
modified_at DateTime? @db.DateTime(0)
|
||||||
is_deleted Boolean? @default(false)
|
is_deleted Boolean? @default(false)
|
||||||
sync_version Int? @default(0)
|
sync_version Int? @default(0)
|
||||||
order_type_code String? @db.VarChar(10)
|
order_type_code String? @db.VarChar(10)
|
||||||
invoice_type_code String? @db.VarChar(10)
|
invoice_type_code String? @db.VarChar(10)
|
||||||
require_2fa Boolean @default(false)
|
require_2fa Boolean @default(false)
|
||||||
break_threshold_hours Decimal? @default(6) @db.Decimal(4, 2)
|
break_threshold_hours Decimal? @default(6.00) @db.Decimal(4, 2)
|
||||||
break_duration_short Int? @default(15)
|
break_duration_short Int? @default(15)
|
||||||
break_duration_long Int? @default(30)
|
break_duration_long Int? @default(30)
|
||||||
clock_rounding_minutes Int? @default(15)
|
clock_rounding_minutes Int? @default(15)
|
||||||
@@ -127,6 +128,12 @@ model company_settings {
|
|||||||
offer_number_pattern String? @db.VarChar(100)
|
offer_number_pattern String? @db.VarChar(100)
|
||||||
order_number_pattern String? @db.VarChar(100)
|
order_number_pattern String? @db.VarChar(100)
|
||||||
invoice_number_pattern String? @db.VarChar(100)
|
invoice_number_pattern String? @db.VarChar(100)
|
||||||
|
warehouse_receipt_prefix String? @db.VarChar(20)
|
||||||
|
warehouse_receipt_number_pattern String? @db.VarChar(100)
|
||||||
|
warehouse_issue_prefix String? @db.VarChar(20)
|
||||||
|
warehouse_issue_number_pattern String? @db.VarChar(100)
|
||||||
|
warehouse_inventory_prefix String? @db.VarChar(20)
|
||||||
|
warehouse_inventory_number_pattern String? @db.VarChar(100)
|
||||||
}
|
}
|
||||||
|
|
||||||
model customers {
|
model customers {
|
||||||
@@ -152,8 +159,9 @@ model customers {
|
|||||||
model invoice_items {
|
model invoice_items {
|
||||||
id Int @id @default(autoincrement())
|
id Int @id @default(autoincrement())
|
||||||
invoice_id Int
|
invoice_id Int
|
||||||
description String? @db.VarChar(500)
|
description String? @db.VarChar(500)
|
||||||
quantity Decimal? @default(1.000) @db.Decimal(12, 3)
|
item_description String? @db.Text
|
||||||
|
quantity Decimal? @default(1.000) @db.Decimal(12, 3)
|
||||||
unit String? @db.VarChar(20)
|
unit String? @db.VarChar(20)
|
||||||
unit_price Decimal? @default(0.00) @db.Decimal(12, 2)
|
unit_price Decimal? @default(0.00) @db.Decimal(12, 2)
|
||||||
vat_rate Decimal? @default(21.00) @db.Decimal(5, 2)
|
vat_rate Decimal? @default(21.00) @db.Decimal(5, 2)
|
||||||
@@ -165,7 +173,7 @@ model invoice_items {
|
|||||||
|
|
||||||
model invoices {
|
model invoices {
|
||||||
id Int @id @default(autoincrement())
|
id Int @id @default(autoincrement())
|
||||||
invoice_number String? @db.VarChar(50)
|
invoice_number String? @unique(map: "idx_invoices_number_unique") @db.VarChar(50)
|
||||||
order_id Int?
|
order_id Int?
|
||||||
customer_id Int?
|
customer_id Int?
|
||||||
status String? @default("issued") @db.VarChar(30)
|
status String? @default("issued") @db.VarChar(30)
|
||||||
@@ -196,6 +204,7 @@ model invoices {
|
|||||||
@@index([customer_id], map: "customer_id")
|
@@index([customer_id], map: "customer_id")
|
||||||
@@index([due_date], map: "idx_invoices_due_date")
|
@@index([due_date], map: "idx_invoices_due_date")
|
||||||
@@index([status, issue_date], map: "idx_invoices_status_issue")
|
@@index([status, issue_date], map: "idx_invoices_status_issue")
|
||||||
|
@@index([status, due_date], map: "idx_invoices_status_due")
|
||||||
@@index([order_id], map: "order_id")
|
@@index([order_id], map: "order_id")
|
||||||
}
|
}
|
||||||
|
|
||||||
@@ -253,6 +262,8 @@ model number_sequences {
|
|||||||
type String? @db.VarChar(50)
|
type String? @db.VarChar(50)
|
||||||
year Int?
|
year Int?
|
||||||
last_number Int? @default(0)
|
last_number Int? @default(0)
|
||||||
|
|
||||||
|
@@unique([type, year], map: "idx_number_sequences_type_year")
|
||||||
}
|
}
|
||||||
|
|
||||||
model order_items {
|
model order_items {
|
||||||
@@ -286,7 +297,7 @@ model order_sections {
|
|||||||
|
|
||||||
model orders {
|
model orders {
|
||||||
id Int @id @default(autoincrement())
|
id Int @id @default(autoincrement())
|
||||||
order_number String? @db.VarChar(50)
|
order_number String? @unique(map: "idx_orders_number_unique") @db.VarChar(50)
|
||||||
customer_order_number String? @db.VarChar(100)
|
customer_order_number String? @db.VarChar(100)
|
||||||
attachment_data Bytes?
|
attachment_data Bytes?
|
||||||
attachment_name String? @db.VarChar(255)
|
attachment_name String? @db.VarChar(255)
|
||||||
@@ -338,7 +349,7 @@ model project_notes {
|
|||||||
|
|
||||||
model projects {
|
model projects {
|
||||||
id Int @id @default(autoincrement())
|
id Int @id @default(autoincrement())
|
||||||
project_number String? @db.VarChar(50)
|
project_number String? @unique @db.VarChar(50)
|
||||||
name String? @db.VarChar(255)
|
name String? @db.VarChar(255)
|
||||||
customer_id Int?
|
customer_id Int?
|
||||||
responsible_user_id Int?
|
responsible_user_id Int?
|
||||||
@@ -350,7 +361,12 @@ model projects {
|
|||||||
notes String? @db.Text
|
notes String? @db.Text
|
||||||
created_at DateTime? @default(now()) @db.DateTime(0)
|
created_at DateTime? @default(now()) @db.DateTime(0)
|
||||||
modified_at DateTime? @db.DateTime(0)
|
modified_at DateTime? @db.DateTime(0)
|
||||||
|
attendance_project_logs attendance_project_logs[]
|
||||||
project_notes project_notes[]
|
project_notes project_notes[]
|
||||||
|
sklad_issues sklad_issues[]
|
||||||
|
sklad_reservations sklad_reservations[]
|
||||||
|
work_plan_entries work_plan_entries[]
|
||||||
|
work_plan_overrides work_plan_overrides[]
|
||||||
users users? @relation(fields: [responsible_user_id], references: [id], onUpdate: NoAction, map: "fk_projects_responsible_user")
|
users users? @relation(fields: [responsible_user_id], references: [id], onUpdate: NoAction, map: "fk_projects_responsible_user")
|
||||||
customers customers? @relation(fields: [customer_id], references: [id], onUpdate: NoAction, map: "projects_ibfk_1")
|
customers customers? @relation(fields: [customer_id], references: [id], onUpdate: NoAction, map: "projects_ibfk_1")
|
||||||
quotations quotations? @relation(fields: [quotation_id], references: [id], onUpdate: NoAction, map: "projects_ibfk_2")
|
quotations quotations? @relation(fields: [quotation_id], references: [id], onUpdate: NoAction, map: "projects_ibfk_2")
|
||||||
@@ -372,10 +388,7 @@ model quotation_items {
|
|||||||
unit String? @db.VarChar(20)
|
unit String? @db.VarChar(20)
|
||||||
unit_price Decimal? @default(0.00) @db.Decimal(12, 2)
|
unit_price Decimal? @default(0.00) @db.Decimal(12, 2)
|
||||||
is_included_in_total Boolean? @default(true)
|
is_included_in_total Boolean? @default(true)
|
||||||
uuid String? @db.VarChar(36)
|
|
||||||
modified_at DateTime? @db.DateTime(0)
|
modified_at DateTime? @db.DateTime(0)
|
||||||
is_deleted Boolean? @default(false)
|
|
||||||
sync_version Int? @default(0)
|
|
||||||
quotations quotations @relation(fields: [quotation_id], references: [id], onDelete: Cascade, onUpdate: NoAction, map: "quotation_items_ibfk_1")
|
quotations quotations @relation(fields: [quotation_id], references: [id], onDelete: Cascade, onUpdate: NoAction, map: "quotation_items_ibfk_1")
|
||||||
|
|
||||||
@@index([quotation_id], map: "quotation_id")
|
@@index([quotation_id], map: "quotation_id")
|
||||||
@@ -383,8 +396,8 @@ model quotation_items {
|
|||||||
|
|
||||||
model quotations {
|
model quotations {
|
||||||
id Int @id @default(autoincrement())
|
id Int @id @default(autoincrement())
|
||||||
quotation_number String? @db.VarChar(50)
|
quotation_number String? @unique @db.VarChar(50)
|
||||||
project_code String? @db.VarChar(50)
|
project_code String? @db.VarChar(100)
|
||||||
customer_id Int?
|
customer_id Int?
|
||||||
created_at DateTime? @default(now()) @db.DateTime(0)
|
created_at DateTime? @default(now()) @db.DateTime(0)
|
||||||
valid_until DateTime? @db.Date
|
valid_until DateTime? @db.Date
|
||||||
@@ -392,17 +405,13 @@ model quotations {
|
|||||||
language String? @default("cs") @db.VarChar(5)
|
language String? @default("cs") @db.VarChar(5)
|
||||||
vat_rate Decimal? @default(21.00) @db.Decimal(5, 2)
|
vat_rate Decimal? @default(21.00) @db.Decimal(5, 2)
|
||||||
apply_vat Boolean? @default(true)
|
apply_vat Boolean? @default(true)
|
||||||
exchange_rate Decimal? @default(1.0000) @db.Decimal(10, 4)
|
|
||||||
exchange_rate_date DateTime? @db.Date
|
|
||||||
order_id Int?
|
order_id Int?
|
||||||
status String @default("active") @db.VarChar(20)
|
status String @default("active") @db.VarChar(20)
|
||||||
scope_title String? @db.VarChar(500)
|
scope_title String? @db.VarChar(500)
|
||||||
scope_description String? @db.Text
|
scope_description String? @db.Text
|
||||||
locked_by Int?
|
locked_by Int?
|
||||||
locked_at DateTime? @db.DateTime(0)
|
locked_at DateTime? @db.DateTime(0)
|
||||||
uuid String? @db.VarChar(36)
|
|
||||||
modified_at DateTime? @db.DateTime(0)
|
modified_at DateTime? @db.DateTime(0)
|
||||||
sync_version Int? @default(0)
|
|
||||||
orders orders[]
|
orders orders[]
|
||||||
projects projects[]
|
projects projects[]
|
||||||
quotation_items quotation_items[]
|
quotation_items quotation_items[]
|
||||||
@@ -487,11 +496,7 @@ model scope_sections {
|
|||||||
title String? @db.VarChar(500)
|
title String? @db.VarChar(500)
|
||||||
title_cz String? @db.VarChar(500)
|
title_cz String? @db.VarChar(500)
|
||||||
content String? @db.Text
|
content String? @db.Text
|
||||||
content_editor_height Int?
|
|
||||||
uuid String? @db.VarChar(36)
|
|
||||||
modified_at DateTime? @db.DateTime(0)
|
modified_at DateTime? @db.DateTime(0)
|
||||||
is_deleted Boolean? @default(false)
|
|
||||||
sync_version Int? @default(0)
|
|
||||||
quotations quotations @relation(fields: [quotation_id], references: [id], onDelete: Cascade, onUpdate: NoAction, map: "scope_sections_ibfk_1")
|
quotations quotations @relation(fields: [quotation_id], references: [id], onDelete: Cascade, onUpdate: NoAction, map: "scope_sections_ibfk_1")
|
||||||
|
|
||||||
@@index([quotation_id], map: "quotation_id")
|
@@index([quotation_id], map: "quotation_id")
|
||||||
@@ -578,12 +583,20 @@ model users {
|
|||||||
totp_secret String? @db.VarChar(255)
|
totp_secret String? @db.VarChar(255)
|
||||||
totp_enabled Boolean @default(false)
|
totp_enabled Boolean @default(false)
|
||||||
totp_backup_codes String? @db.Text
|
totp_backup_codes String? @db.Text
|
||||||
|
totp_last_used_counter Int?
|
||||||
attendance attendance[]
|
attendance attendance[]
|
||||||
leave_balances leave_balances[]
|
leave_balances leave_balances[]
|
||||||
leave_requests_leave_requests_user_idTousers leave_requests[] @relation("leave_requests_user_idTousers")
|
leave_requests_leave_requests_user_idTousers leave_requests[] @relation("leave_requests_user_idTousers")
|
||||||
leave_requests_leave_requests_reviewer_idTousers leave_requests[] @relation("leave_requests_reviewer_idTousers")
|
leave_requests_leave_requests_reviewer_idTousers leave_requests[] @relation("leave_requests_reviewer_idTousers")
|
||||||
projects projects[]
|
projects projects[]
|
||||||
trips trips[]
|
trips trips[]
|
||||||
|
sklad_receipts_received sklad_receipts[] @relation("SkladReceivedBy")
|
||||||
|
sklad_issues_issued sklad_issues[] @relation("SkladIssuedBy")
|
||||||
|
sklad_reservations sklad_reservations[] @relation("SkladReservedBy")
|
||||||
|
work_plan_entries work_plan_entries[] @relation("work_plan_entries_creator")
|
||||||
|
work_plan_entries_owned work_plan_entries[]
|
||||||
|
work_plan_overrides work_plan_overrides[] @relation("work_plan_overrides_creator")
|
||||||
|
work_plan_overrides_owned work_plan_overrides[]
|
||||||
roles roles? @relation(fields: [role_id], references: [id], onUpdate: NoAction, map: "users_ibfk_1")
|
roles roles? @relation(fields: [role_id], references: [id], onUpdate: NoAction, map: "users_ibfk_1")
|
||||||
|
|
||||||
@@index([is_active], map: "idx_users_is_active")
|
@@index([is_active], map: "idx_users_is_active")
|
||||||
@@ -624,8 +637,9 @@ model invoice_alert_log {
|
|||||||
invoice_id Int
|
invoice_id Int
|
||||||
alert_type String @db.VarChar(20) // "3days" or "due"
|
alert_type String @db.VarChar(20) // "3days" or "due"
|
||||||
sent_at DateTime @default(now()) @db.DateTime(0)
|
sent_at DateTime @default(now()) @db.DateTime(0)
|
||||||
|
created_at DateTime @default(now()) @db.DateTime(0)
|
||||||
|
|
||||||
@@unique([invoice_type, invoice_id, alert_type])
|
@@unique([invoice_type, invoice_id, alert_type], map: "invoice_type_invoice_id_alert_type")
|
||||||
}
|
}
|
||||||
|
|
||||||
enum received_invoices_status {
|
enum received_invoices_status {
|
||||||
@@ -640,3 +654,324 @@ enum attendance_leave_type {
|
|||||||
holiday
|
holiday
|
||||||
unpaid
|
unpaid
|
||||||
}
|
}
|
||||||
|
|
||||||
|
enum sklad_receipt_status {
|
||||||
|
DRAFT
|
||||||
|
CONFIRMED
|
||||||
|
CANCELLED
|
||||||
|
}
|
||||||
|
|
||||||
|
enum sklad_issue_status {
|
||||||
|
DRAFT
|
||||||
|
CONFIRMED
|
||||||
|
CANCELLED
|
||||||
|
}
|
||||||
|
|
||||||
|
enum sklad_reservation_status {
|
||||||
|
ACTIVE
|
||||||
|
FULFILLED
|
||||||
|
CANCELLED
|
||||||
|
}
|
||||||
|
|
||||||
|
enum sklad_inventory_status {
|
||||||
|
DRAFT
|
||||||
|
CONFIRMED
|
||||||
|
}
|
||||||
|
|
||||||
|
model sklad_categories {
|
||||||
|
id Int @id @default(autoincrement())
|
||||||
|
name String @db.VarChar(100)
|
||||||
|
description String? @db.Text
|
||||||
|
sort_order Int @default(0)
|
||||||
|
created_at DateTime? @default(now()) @db.DateTime(0)
|
||||||
|
modified_at DateTime? @db.DateTime(0)
|
||||||
|
|
||||||
|
items sklad_items[]
|
||||||
|
|
||||||
|
@@map("sklad_categories")
|
||||||
|
}
|
||||||
|
|
||||||
|
model sklad_suppliers {
|
||||||
|
id Int @id @default(autoincrement())
|
||||||
|
name String @db.VarChar(255)
|
||||||
|
ico String? @db.VarChar(20)
|
||||||
|
dic String? @db.VarChar(20)
|
||||||
|
contact_person String? @db.VarChar(255)
|
||||||
|
email String? @db.VarChar(255)
|
||||||
|
phone String? @db.VarChar(50)
|
||||||
|
address String? @db.Text
|
||||||
|
notes String? @db.Text
|
||||||
|
is_active Boolean @default(true)
|
||||||
|
created_at DateTime? @default(now()) @db.DateTime(0)
|
||||||
|
modified_at DateTime? @db.DateTime(0)
|
||||||
|
|
||||||
|
receipts sklad_receipts[]
|
||||||
|
|
||||||
|
@@map("sklad_suppliers")
|
||||||
|
}
|
||||||
|
|
||||||
|
model sklad_locations {
|
||||||
|
id Int @id @default(autoincrement())
|
||||||
|
code String @unique @db.VarChar(20)
|
||||||
|
name String @db.VarChar(100)
|
||||||
|
description String? @db.Text
|
||||||
|
is_active Boolean @default(true)
|
||||||
|
created_at DateTime? @default(now()) @db.DateTime(0)
|
||||||
|
modified_at DateTime? @db.DateTime(0)
|
||||||
|
|
||||||
|
items sklad_item_locations[]
|
||||||
|
receipt_lines sklad_receipt_lines[]
|
||||||
|
issue_lines sklad_issue_lines[]
|
||||||
|
inventory_lines sklad_inventory_lines[]
|
||||||
|
|
||||||
|
@@map("sklad_locations")
|
||||||
|
}
|
||||||
|
|
||||||
|
model sklad_items {
|
||||||
|
id Int @id @default(autoincrement())
|
||||||
|
item_number String? @unique @db.VarChar(50)
|
||||||
|
name String @db.VarChar(255)
|
||||||
|
description String? @db.Text
|
||||||
|
category_id Int?
|
||||||
|
unit String @db.VarChar(20)
|
||||||
|
min_quantity Decimal? @db.Decimal(12, 3)
|
||||||
|
is_active Boolean @default(true)
|
||||||
|
notes String? @db.Text
|
||||||
|
created_at DateTime? @default(now()) @db.DateTime(0)
|
||||||
|
modified_at DateTime? @db.DateTime(0)
|
||||||
|
|
||||||
|
category sklad_categories? @relation(fields: [category_id], references: [id])
|
||||||
|
batches sklad_batches[]
|
||||||
|
item_locations sklad_item_locations[]
|
||||||
|
receipt_lines sklad_receipt_lines[]
|
||||||
|
issue_lines sklad_issue_lines[]
|
||||||
|
reservations sklad_reservations[]
|
||||||
|
inventory_lines sklad_inventory_lines[]
|
||||||
|
|
||||||
|
@@index([category_id], map: "sklad_items_category_id")
|
||||||
|
@@map("sklad_items")
|
||||||
|
}
|
||||||
|
|
||||||
|
model sklad_batches {
|
||||||
|
id Int @id @default(autoincrement())
|
||||||
|
item_id Int
|
||||||
|
receipt_line_id Int @unique
|
||||||
|
quantity Decimal @db.Decimal(12, 3)
|
||||||
|
original_qty Decimal @db.Decimal(12, 3)
|
||||||
|
unit_price Decimal @db.Decimal(12, 2)
|
||||||
|
received_at DateTime? @db.DateTime(0)
|
||||||
|
is_consumed Boolean @default(false)
|
||||||
|
|
||||||
|
item sklad_items @relation(fields: [item_id], references: [id])
|
||||||
|
receipt_line sklad_receipt_lines @relation(fields: [receipt_line_id], references: [id])
|
||||||
|
issue_lines sklad_issue_lines[]
|
||||||
|
|
||||||
|
@@index([item_id, is_consumed, received_at], map: "sklad_batches_fifo")
|
||||||
|
@@map("sklad_batches")
|
||||||
|
}
|
||||||
|
|
||||||
|
model sklad_item_locations {
|
||||||
|
id Int @id @default(autoincrement())
|
||||||
|
item_id Int
|
||||||
|
location_id Int
|
||||||
|
quantity Decimal @default(0) @db.Decimal(12, 3)
|
||||||
|
|
||||||
|
item sklad_items @relation(fields: [item_id], references: [id])
|
||||||
|
location sklad_locations @relation(fields: [location_id], references: [id])
|
||||||
|
|
||||||
|
@@unique([item_id, location_id], map: "sklad_item_locations_unique")
|
||||||
|
@@map("sklad_item_locations")
|
||||||
|
}
|
||||||
|
|
||||||
|
model sklad_receipts {
|
||||||
|
id Int @id @default(autoincrement())
|
||||||
|
receipt_number String? @db.VarChar(50)
|
||||||
|
supplier_id Int?
|
||||||
|
delivery_note_number String? @db.VarChar(100)
|
||||||
|
delivery_note_date DateTime? @db.DateTime(0)
|
||||||
|
received_by Int?
|
||||||
|
notes String? @db.Text
|
||||||
|
status sklad_receipt_status @default(DRAFT)
|
||||||
|
created_at DateTime? @default(now()) @db.DateTime(0)
|
||||||
|
modified_at DateTime? @db.DateTime(0)
|
||||||
|
|
||||||
|
supplier sklad_suppliers? @relation(fields: [supplier_id], references: [id])
|
||||||
|
received_by_user users? @relation("SkladReceivedBy", fields: [received_by], references: [id])
|
||||||
|
items sklad_receipt_lines[]
|
||||||
|
attachments sklad_receipt_attachments[]
|
||||||
|
|
||||||
|
@@map("sklad_receipts")
|
||||||
|
}
|
||||||
|
|
||||||
|
model sklad_receipt_lines {
|
||||||
|
id Int @id @default(autoincrement())
|
||||||
|
receipt_id Int
|
||||||
|
item_id Int
|
||||||
|
quantity Decimal @db.Decimal(12, 3)
|
||||||
|
unit_price Decimal @db.Decimal(12, 2)
|
||||||
|
location_id Int?
|
||||||
|
notes String? @db.VarChar(255)
|
||||||
|
|
||||||
|
receipt sklad_receipts @relation(fields: [receipt_id], references: [id])
|
||||||
|
item sklad_items @relation(fields: [item_id], references: [id])
|
||||||
|
location sklad_locations? @relation(fields: [location_id], references: [id])
|
||||||
|
batch sklad_batches?
|
||||||
|
|
||||||
|
@@index([receipt_id], map: "sklad_receipt_lines_receipt_id")
|
||||||
|
@@map("sklad_receipt_lines")
|
||||||
|
}
|
||||||
|
|
||||||
|
model sklad_receipt_attachments {
|
||||||
|
id Int @id @default(autoincrement())
|
||||||
|
receipt_id Int
|
||||||
|
file_name String @db.VarChar(255)
|
||||||
|
file_mime String @db.VarChar(100)
|
||||||
|
file_size Int
|
||||||
|
file_path String @db.VarChar(500)
|
||||||
|
created_at DateTime? @default(now()) @db.DateTime(0)
|
||||||
|
|
||||||
|
receipt sklad_receipts @relation(fields: [receipt_id], references: [id])
|
||||||
|
|
||||||
|
@@map("sklad_receipt_attachments")
|
||||||
|
}
|
||||||
|
|
||||||
|
model sklad_issues {
|
||||||
|
id Int @id @default(autoincrement())
|
||||||
|
issue_number String? @db.VarChar(50)
|
||||||
|
project_id Int
|
||||||
|
issued_by Int?
|
||||||
|
notes String? @db.Text
|
||||||
|
status sklad_issue_status @default(DRAFT)
|
||||||
|
created_at DateTime? @default(now()) @db.DateTime(0)
|
||||||
|
modified_at DateTime? @db.DateTime(0)
|
||||||
|
|
||||||
|
project projects @relation(fields: [project_id], references: [id])
|
||||||
|
issued_by_user users? @relation("SkladIssuedBy", fields: [issued_by], references: [id])
|
||||||
|
items sklad_issue_lines[]
|
||||||
|
|
||||||
|
@@map("sklad_issues")
|
||||||
|
}
|
||||||
|
|
||||||
|
model sklad_issue_lines {
|
||||||
|
id Int @id @default(autoincrement())
|
||||||
|
issue_id Int
|
||||||
|
item_id Int
|
||||||
|
batch_id Int
|
||||||
|
quantity Decimal @db.Decimal(12, 3)
|
||||||
|
location_id Int?
|
||||||
|
reservation_id Int?
|
||||||
|
notes String? @db.VarChar(255)
|
||||||
|
|
||||||
|
issue sklad_issues @relation(fields: [issue_id], references: [id])
|
||||||
|
item sklad_items @relation(fields: [item_id], references: [id])
|
||||||
|
batch sklad_batches @relation(fields: [batch_id], references: [id])
|
||||||
|
location sklad_locations? @relation(fields: [location_id], references: [id])
|
||||||
|
reservation sklad_reservations? @relation(fields: [reservation_id], references: [id])
|
||||||
|
|
||||||
|
@@index([issue_id], map: "sklad_issue_lines_issue_id")
|
||||||
|
@@map("sklad_issue_lines")
|
||||||
|
}
|
||||||
|
|
||||||
|
model sklad_reservations {
|
||||||
|
id Int @id @default(autoincrement())
|
||||||
|
item_id Int
|
||||||
|
project_id Int
|
||||||
|
quantity Decimal @db.Decimal(12, 3)
|
||||||
|
remaining_qty Decimal @db.Decimal(12, 3)
|
||||||
|
reserved_by Int?
|
||||||
|
notes String? @db.Text
|
||||||
|
status sklad_reservation_status @default(ACTIVE)
|
||||||
|
created_at DateTime? @default(now()) @db.DateTime(0)
|
||||||
|
modified_at DateTime? @db.DateTime(0)
|
||||||
|
|
||||||
|
item sklad_items @relation(fields: [item_id], references: [id])
|
||||||
|
project projects @relation(fields: [project_id], references: [id])
|
||||||
|
reserved_by_user users? @relation("SkladReservedBy", fields: [reserved_by], references: [id])
|
||||||
|
issue_lines sklad_issue_lines[]
|
||||||
|
|
||||||
|
@@index([item_id, status], map: "sklad_reservations_item_status")
|
||||||
|
@@map("sklad_reservations")
|
||||||
|
}
|
||||||
|
|
||||||
|
model sklad_inventory_sessions {
|
||||||
|
id Int @id @default(autoincrement())
|
||||||
|
session_number String? @db.VarChar(50)
|
||||||
|
notes String? @db.Text
|
||||||
|
status sklad_inventory_status @default(DRAFT)
|
||||||
|
created_at DateTime? @default(now()) @db.DateTime(0)
|
||||||
|
modified_at DateTime? @db.DateTime(0)
|
||||||
|
|
||||||
|
items sklad_inventory_lines[]
|
||||||
|
|
||||||
|
@@map("sklad_inventory_sessions")
|
||||||
|
}
|
||||||
|
|
||||||
|
model sklad_inventory_lines {
|
||||||
|
id Int @id @default(autoincrement())
|
||||||
|
session_id Int
|
||||||
|
item_id Int
|
||||||
|
location_id Int?
|
||||||
|
system_qty Decimal @db.Decimal(12, 3)
|
||||||
|
actual_qty Decimal @db.Decimal(12, 3)
|
||||||
|
difference Decimal @db.Decimal(12, 3)
|
||||||
|
notes String? @db.VarChar(255)
|
||||||
|
|
||||||
|
session sklad_inventory_sessions @relation(fields: [session_id], references: [id])
|
||||||
|
item sklad_items @relation(fields: [item_id], references: [id])
|
||||||
|
location sklad_locations? @relation(fields: [location_id], references: [id])
|
||||||
|
|
||||||
|
@@index([session_id], map: "sklad_inventory_lines_session_id")
|
||||||
|
@@map("sklad_inventory_lines")
|
||||||
|
}
|
||||||
|
|
||||||
|
model plan_categories {
|
||||||
|
id Int @id @default(autoincrement())
|
||||||
|
key String @unique @db.VarChar(50)
|
||||||
|
label String @db.VarChar(100)
|
||||||
|
color String @db.VarChar(7)
|
||||||
|
sort_order Int @default(0)
|
||||||
|
is_active Boolean @default(true)
|
||||||
|
created_at DateTime? @default(now()) @db.DateTime(0)
|
||||||
|
updated_at DateTime? @default(now()) @updatedAt @db.DateTime(0)
|
||||||
|
}
|
||||||
|
|
||||||
|
model work_plan_entries {
|
||||||
|
id Int @id @default(autoincrement())
|
||||||
|
user_id Int
|
||||||
|
date_from DateTime @db.Date
|
||||||
|
date_to DateTime @db.Date
|
||||||
|
project_id Int?
|
||||||
|
category String @default("work") @db.VarChar(50)
|
||||||
|
note String @db.VarChar(500)
|
||||||
|
created_by Int
|
||||||
|
created_at DateTime? @default(now()) @db.Timestamp(0)
|
||||||
|
updated_at DateTime? @default(now()) @db.Timestamp(0)
|
||||||
|
is_deleted Boolean? @default(false)
|
||||||
|
users users @relation(fields: [user_id], references: [id], onDelete: Cascade, onUpdate: NoAction)
|
||||||
|
projects projects? @relation(fields: [project_id], references: [id], onDelete: SetNull, onUpdate: NoAction)
|
||||||
|
creator users @relation("work_plan_entries_creator", fields: [created_by], references: [id], onDelete: Restrict, onUpdate: NoAction)
|
||||||
|
|
||||||
|
@@index([user_id, date_from], map: "idx_wpe_user_from")
|
||||||
|
@@index([user_id, date_to], map: "idx_wpe_user_to")
|
||||||
|
@@index([project_id], map: "idx_wpe_project")
|
||||||
|
@@index([date_from, date_to], map: "idx_wpe_dates")
|
||||||
|
}
|
||||||
|
|
||||||
|
model work_plan_overrides {
|
||||||
|
id Int @id @default(autoincrement())
|
||||||
|
user_id Int
|
||||||
|
shift_date DateTime @db.Date
|
||||||
|
project_id Int?
|
||||||
|
category String @db.VarChar(50)
|
||||||
|
note String @db.VarChar(500)
|
||||||
|
created_by Int
|
||||||
|
created_at DateTime? @default(now()) @db.Timestamp(0)
|
||||||
|
updated_at DateTime? @default(now()) @db.Timestamp(0)
|
||||||
|
is_deleted Boolean? @default(false)
|
||||||
|
users users @relation(fields: [user_id], references: [id], onDelete: Cascade, onUpdate: NoAction)
|
||||||
|
projects projects? @relation(fields: [project_id], references: [id], onDelete: SetNull, onUpdate: NoAction)
|
||||||
|
creator users @relation("work_plan_overrides_creator", fields: [created_by], references: [id], onDelete: Restrict, onUpdate: NoAction)
|
||||||
|
|
||||||
|
@@index([user_id, shift_date], map: "idx_wpo_user_date")
|
||||||
|
@@index([shift_date], map: "idx_wpo_date")
|
||||||
|
}
|
||||||
|
|||||||
475
prisma/seed.ts
Normal file
475
prisma/seed.ts
Normal file
@@ -0,0 +1,475 @@
|
|||||||
|
import { PrismaClient } from "@prisma/client";
|
||||||
|
import bcrypt from "bcryptjs";
|
||||||
|
|
||||||
|
const prisma = new PrismaClient();
|
||||||
|
|
||||||
|
const PERMISSIONS: {
|
||||||
|
name: string;
|
||||||
|
display_name: string;
|
||||||
|
module: string;
|
||||||
|
description: string;
|
||||||
|
}[] = [
|
||||||
|
// Docházka
|
||||||
|
{
|
||||||
|
name: "attendance.record",
|
||||||
|
display_name: "Záznam docházky",
|
||||||
|
module: "attendance",
|
||||||
|
description: "Zapisovat příchody/odchody",
|
||||||
|
},
|
||||||
|
{
|
||||||
|
name: "attendance.history",
|
||||||
|
display_name: "Historie docházky",
|
||||||
|
module: "attendance",
|
||||||
|
description: "Prohlížet vlastní historii docházky",
|
||||||
|
},
|
||||||
|
{
|
||||||
|
name: "attendance.approve",
|
||||||
|
display_name: "Schvalování docházky",
|
||||||
|
module: "attendance",
|
||||||
|
description: "Schvalovat žádosti o dovolenou/nemoc",
|
||||||
|
},
|
||||||
|
{
|
||||||
|
name: "attendance.manage",
|
||||||
|
display_name: "Správa docházky",
|
||||||
|
module: "attendance",
|
||||||
|
description: "Spravovat všechny záznamy, vytvářet/editovat/mazat",
|
||||||
|
},
|
||||||
|
{
|
||||||
|
name: "attendance.balances",
|
||||||
|
display_name: "Správa bilancí",
|
||||||
|
module: "attendance",
|
||||||
|
description: "Spravovat zůstatky dovolené a sick days",
|
||||||
|
},
|
||||||
|
|
||||||
|
// Kniha jízd
|
||||||
|
{
|
||||||
|
name: "trips.record",
|
||||||
|
display_name: "Záznam jízd",
|
||||||
|
module: "trips",
|
||||||
|
description: "Zapisovat jízdy",
|
||||||
|
},
|
||||||
|
{
|
||||||
|
name: "trips.history",
|
||||||
|
display_name: "Historie jízd",
|
||||||
|
module: "trips",
|
||||||
|
description: "Prohlížet vlastní historii jízd",
|
||||||
|
},
|
||||||
|
{
|
||||||
|
name: "trips.manage",
|
||||||
|
display_name: "Správa jízd",
|
||||||
|
module: "trips",
|
||||||
|
description: "Spravovat všechny jízdy",
|
||||||
|
},
|
||||||
|
|
||||||
|
// Vozidla
|
||||||
|
{
|
||||||
|
name: "vehicles.manage",
|
||||||
|
display_name: "Správa vozidel",
|
||||||
|
module: "vehicles",
|
||||||
|
description: "Spravovat vozový park",
|
||||||
|
},
|
||||||
|
|
||||||
|
// Nabídky
|
||||||
|
{
|
||||||
|
name: "offers.view",
|
||||||
|
display_name: "Zobrazit nabídky",
|
||||||
|
module: "offers",
|
||||||
|
description: "Prohlížet seznam nabídek",
|
||||||
|
},
|
||||||
|
{
|
||||||
|
name: "offers.create",
|
||||||
|
display_name: "Vytvořit nabídku",
|
||||||
|
module: "offers",
|
||||||
|
description: "Vytvářet nové nabídky",
|
||||||
|
},
|
||||||
|
{
|
||||||
|
name: "offers.edit",
|
||||||
|
display_name: "Upravit nabídku",
|
||||||
|
module: "offers",
|
||||||
|
description: "Upravovat existující nabídky",
|
||||||
|
},
|
||||||
|
{
|
||||||
|
name: "offers.delete",
|
||||||
|
display_name: "Smazat nabídku",
|
||||||
|
module: "offers",
|
||||||
|
description: "Mazat nabídky",
|
||||||
|
},
|
||||||
|
{
|
||||||
|
name: "offers.export",
|
||||||
|
display_name: "Exportovat nabídku",
|
||||||
|
module: "offers",
|
||||||
|
description: "Exportovat nabídky do PDF",
|
||||||
|
},
|
||||||
|
|
||||||
|
// Objednávky
|
||||||
|
{
|
||||||
|
name: "orders.view",
|
||||||
|
display_name: "Zobrazit objednávky",
|
||||||
|
module: "orders",
|
||||||
|
description: "Prohlížet seznam objednávek",
|
||||||
|
},
|
||||||
|
{
|
||||||
|
name: "orders.create",
|
||||||
|
display_name: "Vytvořit objednávku",
|
||||||
|
module: "orders",
|
||||||
|
description: "Vytvářet nové objednávky",
|
||||||
|
},
|
||||||
|
{
|
||||||
|
name: "orders.edit",
|
||||||
|
display_name: "Upravit objednávku",
|
||||||
|
module: "orders",
|
||||||
|
description: "Upravovat existující objednávky",
|
||||||
|
},
|
||||||
|
{
|
||||||
|
name: "orders.delete",
|
||||||
|
display_name: "Smazat objednávku",
|
||||||
|
module: "orders",
|
||||||
|
description: "Mazat objednávky",
|
||||||
|
},
|
||||||
|
{
|
||||||
|
name: "orders.export",
|
||||||
|
display_name: "Exportovat objednávku",
|
||||||
|
module: "orders",
|
||||||
|
description: "Exportovat objednávky do PDF",
|
||||||
|
},
|
||||||
|
|
||||||
|
// Faktury
|
||||||
|
{
|
||||||
|
name: "invoices.view",
|
||||||
|
display_name: "Zobrazit faktury",
|
||||||
|
module: "invoices",
|
||||||
|
description: "Prohlížet seznam faktur",
|
||||||
|
},
|
||||||
|
{
|
||||||
|
name: "invoices.create",
|
||||||
|
display_name: "Vytvořit fakturu",
|
||||||
|
module: "invoices",
|
||||||
|
description: "Vytvářet nové faktury",
|
||||||
|
},
|
||||||
|
{
|
||||||
|
name: "invoices.edit",
|
||||||
|
display_name: "Upravit fakturu",
|
||||||
|
module: "invoices",
|
||||||
|
description: "Upravovat existující faktury",
|
||||||
|
},
|
||||||
|
{
|
||||||
|
name: "invoices.delete",
|
||||||
|
display_name: "Smazat fakturu",
|
||||||
|
module: "invoices",
|
||||||
|
description: "Mazat faktury",
|
||||||
|
},
|
||||||
|
{
|
||||||
|
name: "invoices.export",
|
||||||
|
display_name: "Exportovat fakturu",
|
||||||
|
module: "invoices",
|
||||||
|
description: "Exportovat faktury do PDF",
|
||||||
|
},
|
||||||
|
|
||||||
|
// Projekty
|
||||||
|
{
|
||||||
|
name: "projects.view",
|
||||||
|
display_name: "Zobrazit projekty",
|
||||||
|
module: "projects",
|
||||||
|
description: "Prohlížet seznam projektů",
|
||||||
|
},
|
||||||
|
{
|
||||||
|
name: "projects.create",
|
||||||
|
display_name: "Vytvořit projekt",
|
||||||
|
module: "projects",
|
||||||
|
description: "Ručně vytvářet projekty",
|
||||||
|
},
|
||||||
|
{
|
||||||
|
name: "projects.edit",
|
||||||
|
display_name: "Upravit projekt",
|
||||||
|
module: "projects",
|
||||||
|
description: "Upravovat existující projekty",
|
||||||
|
},
|
||||||
|
{
|
||||||
|
name: "projects.delete",
|
||||||
|
display_name: "Smazat projekt",
|
||||||
|
module: "projects",
|
||||||
|
description: "Mazat projekty",
|
||||||
|
},
|
||||||
|
{
|
||||||
|
name: "projects.files",
|
||||||
|
display_name: "Soubory projektu",
|
||||||
|
module: "projects",
|
||||||
|
description: "Spravovat soubory a složky projektu",
|
||||||
|
},
|
||||||
|
|
||||||
|
// Zákazníci
|
||||||
|
{
|
||||||
|
name: "customers.view",
|
||||||
|
display_name: "Zobrazit zákazníky",
|
||||||
|
module: "customers",
|
||||||
|
description: "Prohlížet seznam zákazníků",
|
||||||
|
},
|
||||||
|
{
|
||||||
|
name: "customers.create",
|
||||||
|
display_name: "Vytvořit zákazníka",
|
||||||
|
module: "customers",
|
||||||
|
description: "Vytvářet nové zákazníky",
|
||||||
|
},
|
||||||
|
{
|
||||||
|
name: "customers.edit",
|
||||||
|
display_name: "Upravit zákazníka",
|
||||||
|
module: "customers",
|
||||||
|
description: "Upravovat existující zákazníky",
|
||||||
|
},
|
||||||
|
{
|
||||||
|
name: "customers.delete",
|
||||||
|
display_name: "Smazat zákazníka",
|
||||||
|
module: "customers",
|
||||||
|
description: "Mazat zákazníky",
|
||||||
|
},
|
||||||
|
|
||||||
|
// Uživatelé
|
||||||
|
{
|
||||||
|
name: "users.view",
|
||||||
|
display_name: "Zobrazit uživatele",
|
||||||
|
module: "users",
|
||||||
|
description: "Prohlížet seznam uživatelů",
|
||||||
|
},
|
||||||
|
{
|
||||||
|
name: "users.create",
|
||||||
|
display_name: "Vytvořit uživatele",
|
||||||
|
module: "users",
|
||||||
|
description: "Vytvářet nové uživatele",
|
||||||
|
},
|
||||||
|
{
|
||||||
|
name: "users.edit",
|
||||||
|
display_name: "Upravit uživatele",
|
||||||
|
module: "users",
|
||||||
|
description: "Upravovat existující uživatele",
|
||||||
|
},
|
||||||
|
{
|
||||||
|
name: "users.delete",
|
||||||
|
display_name: "Smazat uživatele",
|
||||||
|
module: "users",
|
||||||
|
description: "Mazat uživatele",
|
||||||
|
},
|
||||||
|
|
||||||
|
// Nastavení
|
||||||
|
{
|
||||||
|
name: "settings.company",
|
||||||
|
display_name: "Nastavení společnosti",
|
||||||
|
module: "settings",
|
||||||
|
description: "Upravovat údaje o společnosti, logo",
|
||||||
|
},
|
||||||
|
{
|
||||||
|
name: "settings.system",
|
||||||
|
display_name: "Systémová nastavení",
|
||||||
|
module: "settings",
|
||||||
|
description: "Spravovat systémová nastavení, 2FA, e-maily, limity",
|
||||||
|
},
|
||||||
|
{
|
||||||
|
name: "settings.banking",
|
||||||
|
display_name: "Bankovní účty",
|
||||||
|
module: "settings",
|
||||||
|
description: "Spravovat bankovní účty společnosti",
|
||||||
|
},
|
||||||
|
{
|
||||||
|
name: "settings.roles",
|
||||||
|
display_name: "Role a oprávnění",
|
||||||
|
module: "settings",
|
||||||
|
description: "Spravovat role a přiřazovat oprávnění",
|
||||||
|
},
|
||||||
|
{
|
||||||
|
name: "settings.templates",
|
||||||
|
display_name: "Šablony",
|
||||||
|
module: "settings",
|
||||||
|
description: "Spravovat šablony nabídek a položek",
|
||||||
|
},
|
||||||
|
{
|
||||||
|
name: "settings.audit",
|
||||||
|
display_name: "Audit log",
|
||||||
|
module: "settings",
|
||||||
|
description: "Prohlížet auditní logy",
|
||||||
|
},
|
||||||
|
|
||||||
|
// Sklad
|
||||||
|
{
|
||||||
|
name: "warehouse.view",
|
||||||
|
display_name: "Zobrazit sklad",
|
||||||
|
module: "warehouse",
|
||||||
|
description: "Prohlížet stav skladu, položky, reporty a historii pohybů",
|
||||||
|
},
|
||||||
|
{
|
||||||
|
name: "warehouse.operate",
|
||||||
|
display_name: "Příjem a výdej",
|
||||||
|
module: "warehouse",
|
||||||
|
description: "Vytvářet a potvrzovat příjmy, výdeje a rezervace",
|
||||||
|
},
|
||||||
|
{
|
||||||
|
name: "warehouse.manage",
|
||||||
|
display_name: "Správa skladu",
|
||||||
|
module: "warehouse",
|
||||||
|
description: "Spravovat katalog materiálů, dodavatele, lokace a kategorie",
|
||||||
|
},
|
||||||
|
{
|
||||||
|
name: "warehouse.inventory",
|
||||||
|
display_name: "Inventura",
|
||||||
|
module: "warehouse",
|
||||||
|
description: "Vytvářet a potvrzovat inventurní sčítkání",
|
||||||
|
},
|
||||||
|
];
|
||||||
|
|
||||||
|
async function main() {
|
||||||
|
console.log("Seeding permissions...");
|
||||||
|
|
||||||
|
// 1. Clear existing permissions and re-insert current set
|
||||||
|
await prisma.role_permissions.deleteMany({});
|
||||||
|
await prisma.permissions.deleteMany({});
|
||||||
|
console.log(" Cleared old permissions");
|
||||||
|
|
||||||
|
for (const perm of PERMISSIONS) {
|
||||||
|
await prisma.permissions.create({ data: perm });
|
||||||
|
}
|
||||||
|
console.log(` Inserted ${PERMISSIONS.length} permissions`);
|
||||||
|
|
||||||
|
// 2. Ensure admin role exists
|
||||||
|
let adminRole = await prisma.roles.findFirst({ where: { name: "admin" } });
|
||||||
|
if (!adminRole) {
|
||||||
|
adminRole = await prisma.roles.create({
|
||||||
|
data: {
|
||||||
|
name: "admin",
|
||||||
|
display_name: "Administrátor",
|
||||||
|
description: "Hlavní administrátor s plným přístupem",
|
||||||
|
},
|
||||||
|
});
|
||||||
|
console.log(" Created admin role");
|
||||||
|
} else {
|
||||||
|
console.log(" Admin role already exists (id=" + adminRole.id + ")");
|
||||||
|
}
|
||||||
|
|
||||||
|
// 3. Assign all permissions to admin role
|
||||||
|
const allPerms = await prisma.permissions.findMany();
|
||||||
|
const existingAssignments = await prisma.role_permissions.findMany({
|
||||||
|
where: { role_id: adminRole.id },
|
||||||
|
});
|
||||||
|
|
||||||
|
// Delete stale assignments (permissions no longer in the list)
|
||||||
|
const validIds = new Set(allPerms.map((p) => p.id));
|
||||||
|
const staleIds = existingAssignments.filter(
|
||||||
|
(a) => !validIds.has(a.permission_id),
|
||||||
|
);
|
||||||
|
if (staleIds.length > 0) {
|
||||||
|
for (const s of staleIds) {
|
||||||
|
await prisma.role_permissions.delete({
|
||||||
|
where: {
|
||||||
|
role_id_permission_id: {
|
||||||
|
role_id: adminRole.id,
|
||||||
|
permission_id: s.permission_id,
|
||||||
|
},
|
||||||
|
},
|
||||||
|
});
|
||||||
|
}
|
||||||
|
console.log(` Removed ${staleIds.length} stale role_permissions`);
|
||||||
|
}
|
||||||
|
|
||||||
|
// Add missing assignments
|
||||||
|
const existingIds = new Set(existingAssignments.map((a) => a.permission_id));
|
||||||
|
let added = 0;
|
||||||
|
for (const perm of allPerms) {
|
||||||
|
if (!existingIds.has(perm.id)) {
|
||||||
|
await prisma.role_permissions.create({
|
||||||
|
data: { role_id: adminRole.id, permission_id: perm.id },
|
||||||
|
});
|
||||||
|
added++;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
if (added > 0) console.log(` Added ${added} role_permission assignments`);
|
||||||
|
console.log(` Admin role now has all ${allPerms.length} permissions`);
|
||||||
|
|
||||||
|
// 4. Ensure admin user exists
|
||||||
|
let adminUser = await prisma.users.findFirst({
|
||||||
|
where: { username: "admin" },
|
||||||
|
});
|
||||||
|
if (!adminUser) {
|
||||||
|
const hash = bcrypt.hashSync("admin", 10);
|
||||||
|
adminUser = await prisma.users.create({
|
||||||
|
data: {
|
||||||
|
username: "admin",
|
||||||
|
email: "admin@boha.local",
|
||||||
|
password_hash: hash,
|
||||||
|
first_name: "Admin",
|
||||||
|
last_name: "BOHA",
|
||||||
|
role_id: adminRole.id,
|
||||||
|
is_active: true,
|
||||||
|
},
|
||||||
|
});
|
||||||
|
console.log(" Created admin user (admin / admin)");
|
||||||
|
} else if (adminUser.role_id !== adminRole.id) {
|
||||||
|
await prisma.users.update({
|
||||||
|
where: { id: adminUser.id },
|
||||||
|
data: { role_id: adminRole.id },
|
||||||
|
});
|
||||||
|
console.log(" Updated admin user role_id to admin role");
|
||||||
|
} else {
|
||||||
|
console.log(" Admin user already exists with correct role");
|
||||||
|
}
|
||||||
|
|
||||||
|
// 5. Create default company_settings if not exists
|
||||||
|
const existingSettings = await prisma.company_settings.findFirst();
|
||||||
|
if (!existingSettings) {
|
||||||
|
await prisma.company_settings.create({
|
||||||
|
data: {
|
||||||
|
company_name: "BOHA s.r.o.",
|
||||||
|
default_currency: "CZK",
|
||||||
|
default_vat_rate: 21.0,
|
||||||
|
available_vat_rates: JSON.stringify([0, 10, 15, 21]),
|
||||||
|
available_currencies: JSON.stringify(["CZK", "EUR"]),
|
||||||
|
offer_number_pattern: "NAB-{YYYY}-{NNN}",
|
||||||
|
order_number_pattern: "OBJ-{YYYY}-{NNN}",
|
||||||
|
invoice_number_pattern: "FV-{YYYY}-{NNN}",
|
||||||
|
break_threshold_hours: 6.0,
|
||||||
|
break_duration_short: 15,
|
||||||
|
break_duration_long: 30,
|
||||||
|
clock_rounding_minutes: 15,
|
||||||
|
require_2fa: false,
|
||||||
|
max_login_attempts: 5,
|
||||||
|
lockout_minutes: 15,
|
||||||
|
max_requests_per_minute: 300,
|
||||||
|
},
|
||||||
|
});
|
||||||
|
console.log(" Created default company_settings");
|
||||||
|
} else {
|
||||||
|
console.log(" company_settings already exists");
|
||||||
|
}
|
||||||
|
|
||||||
|
// 6. Initialize number_sequences for current year
|
||||||
|
const year = new Date().getFullYear();
|
||||||
|
const types = [
|
||||||
|
"quotation",
|
||||||
|
"order",
|
||||||
|
"invoice",
|
||||||
|
"warehouse_receipt",
|
||||||
|
"warehouse_issue",
|
||||||
|
"warehouse_inventory",
|
||||||
|
];
|
||||||
|
for (const type of types) {
|
||||||
|
const existing = await prisma.number_sequences.findFirst({
|
||||||
|
where: { type, year },
|
||||||
|
});
|
||||||
|
if (!existing) {
|
||||||
|
await prisma.number_sequences.create({
|
||||||
|
data: { type, year, last_number: 0 },
|
||||||
|
});
|
||||||
|
console.log(` Created number_sequence: ${type}/${year}`);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
console.log(" number_sequences ready");
|
||||||
|
|
||||||
|
console.log(
|
||||||
|
"\nSeed complete — " +
|
||||||
|
PERMISSIONS.length +
|
||||||
|
" permissions, 1 admin role, company_settings + number_sequences ready.",
|
||||||
|
);
|
||||||
|
}
|
||||||
|
|
||||||
|
main()
|
||||||
|
.catch((e) => {
|
||||||
|
console.error("Seed failed:", e);
|
||||||
|
process.exit(1);
|
||||||
|
})
|
||||||
|
.finally(() => prisma.$disconnect());
|
||||||
51
src/__tests__/auth.service.test.ts
Normal file
51
src/__tests__/auth.service.test.ts
Normal file
@@ -0,0 +1,51 @@
|
|||||||
|
import { describe, it, expect, vi } from "vitest";
|
||||||
|
import { verifyAccessToken, hashToken } from "../services/auth";
|
||||||
|
import jwt from "jsonwebtoken";
|
||||||
|
import { config } from "../config/env";
|
||||||
|
|
||||||
|
describe("auth service", () => {
|
||||||
|
describe("verifyAccessToken", () => {
|
||||||
|
it("returns null WITHOUT logging for an invalid JWT (expected condition)", async () => {
|
||||||
|
const consoleSpy = vi
|
||||||
|
.spyOn(console, "error")
|
||||||
|
.mockImplementation(() => {});
|
||||||
|
const result = await verifyAccessToken("invalid-token");
|
||||||
|
expect(result).toBeNull();
|
||||||
|
// Invalid/expired access tokens are an expected condition (the client
|
||||||
|
// refreshes on the resulting 401), so verifyAccessToken deliberately
|
||||||
|
// does NOT log them as errors — only genuinely unexpected failures.
|
||||||
|
expect(consoleSpy).not.toHaveBeenCalled();
|
||||||
|
consoleSpy.mockRestore();
|
||||||
|
});
|
||||||
|
|
||||||
|
it("returns null WITHOUT logging for an expired JWT", async () => {
|
||||||
|
const consoleSpy = vi
|
||||||
|
.spyOn(console, "error")
|
||||||
|
.mockImplementation(() => {});
|
||||||
|
const expiredToken = jwt.sign(
|
||||||
|
{ sub: 1, username: "test", role: "user" },
|
||||||
|
config.jwt.secret,
|
||||||
|
{ expiresIn: -1 },
|
||||||
|
);
|
||||||
|
const result = await verifyAccessToken(expiredToken);
|
||||||
|
expect(result).toBeNull();
|
||||||
|
expect(consoleSpy).not.toHaveBeenCalled();
|
||||||
|
consoleSpy.mockRestore();
|
||||||
|
});
|
||||||
|
});
|
||||||
|
|
||||||
|
describe("hashToken", () => {
|
||||||
|
it("produces deterministic SHA-256 hex output", () => {
|
||||||
|
const t1 = hashToken("hello");
|
||||||
|
const t2 = hashToken("hello");
|
||||||
|
expect(t1).toBe(t2);
|
||||||
|
expect(t1).toMatch(/^[a-f0-9]{64}$/);
|
||||||
|
});
|
||||||
|
|
||||||
|
it("produces different hashes for different inputs", () => {
|
||||||
|
const t1 = hashToken("a");
|
||||||
|
const t2 = hashToken("b");
|
||||||
|
expect(t1).not.toBe(t2);
|
||||||
|
});
|
||||||
|
});
|
||||||
|
});
|
||||||
19
src/__tests__/customers.schema.test.ts
Normal file
19
src/__tests__/customers.schema.test.ts
Normal file
@@ -0,0 +1,19 @@
|
|||||||
|
import { describe, it, expect } from "vitest";
|
||||||
|
import { UpdateCustomerSchema } from "../schemas/customers.schema";
|
||||||
|
|
||||||
|
describe("UpdateCustomerSchema", () => {
|
||||||
|
it("rejects empty name", () => {
|
||||||
|
const result = UpdateCustomerSchema.safeParse({ name: "" });
|
||||||
|
expect(result.success).toBe(false);
|
||||||
|
});
|
||||||
|
|
||||||
|
it("accepts valid name", () => {
|
||||||
|
const result = UpdateCustomerSchema.safeParse({ name: "Acme Corp" });
|
||||||
|
expect(result.success).toBe(true);
|
||||||
|
});
|
||||||
|
|
||||||
|
it("accepts partial updates without name", () => {
|
||||||
|
const result = UpdateCustomerSchema.safeParse({ street: "Main St" });
|
||||||
|
expect(result.success).toBe(true);
|
||||||
|
});
|
||||||
|
});
|
||||||
34
src/__tests__/env.test.ts
Normal file
34
src/__tests__/env.test.ts
Normal file
@@ -0,0 +1,34 @@
|
|||||||
|
import { describe, it, expect } from "vitest";
|
||||||
|
import { config } from "../config/env";
|
||||||
|
|
||||||
|
describe("env validation", () => {
|
||||||
|
it("has numeric port within valid range", () => {
|
||||||
|
expect(typeof config.port).toBe("number");
|
||||||
|
expect(config.port).toBeGreaterThan(0);
|
||||||
|
expect(config.port).toBeLessThanOrEqual(65535);
|
||||||
|
});
|
||||||
|
|
||||||
|
it("has JWT_SECRET defined", () => {
|
||||||
|
expect(config.jwt.secret).toBeTruthy();
|
||||||
|
expect(config.jwt.secret.length).toBeGreaterThanOrEqual(32);
|
||||||
|
});
|
||||||
|
|
||||||
|
it("has TOTP_ENCRYPTION_KEY defined", () => {
|
||||||
|
expect(config.totp.encryptionKey).toBeTruthy();
|
||||||
|
expect(config.totp.encryptionKey.length).toBeGreaterThanOrEqual(32);
|
||||||
|
});
|
||||||
|
|
||||||
|
it("has positive JWT expiry values", () => {
|
||||||
|
expect(config.jwt.accessTokenExpiry).toBeGreaterThan(0);
|
||||||
|
expect(config.jwt.refreshTokenSessionExpiry).toBeGreaterThan(0);
|
||||||
|
expect(config.jwt.refreshTokenRememberExpiry).toBeGreaterThan(0);
|
||||||
|
});
|
||||||
|
|
||||||
|
it("has positive maxUploadSize", () => {
|
||||||
|
expect(config.nas.maxUploadSize).toBeGreaterThan(0);
|
||||||
|
});
|
||||||
|
|
||||||
|
it("has DATABASE_URL defined", () => {
|
||||||
|
expect(config.db.url).toBeTruthy();
|
||||||
|
});
|
||||||
|
});
|
||||||
64
src/__tests__/exchange-rates.test.ts
Normal file
64
src/__tests__/exchange-rates.test.ts
Normal file
@@ -0,0 +1,64 @@
|
|||||||
|
import { describe, it, expect, vi, beforeEach } from "vitest";
|
||||||
|
import { toCzk, getRate } from "../services/exchange-rates";
|
||||||
|
|
||||||
|
// Mock global fetch
|
||||||
|
const mockFetch = vi.fn();
|
||||||
|
global.fetch = mockFetch;
|
||||||
|
|
||||||
|
describe("exchange-rates", () => {
|
||||||
|
beforeEach(() => {
|
||||||
|
mockFetch.mockReset();
|
||||||
|
});
|
||||||
|
|
||||||
|
describe("toCzk", () => {
|
||||||
|
it("returns amount unchanged for CZK", async () => {
|
||||||
|
const result = await toCzk(123.45, "CZK");
|
||||||
|
expect(result).toBe(123.45);
|
||||||
|
});
|
||||||
|
|
||||||
|
it("throws for unknown currency when API fails and no cache", async () => {
|
||||||
|
mockFetch.mockRejectedValue(new Error("Network error"));
|
||||||
|
await expect(toCzk(100, "XYZ")).rejects.toThrow(
|
||||||
|
/Nepodařilo se získat aktuální kurzy/,
|
||||||
|
);
|
||||||
|
});
|
||||||
|
|
||||||
|
it("throws for unknown currency even when API succeeds", async () => {
|
||||||
|
mockFetch.mockResolvedValue({
|
||||||
|
ok: true,
|
||||||
|
json: async () => ({
|
||||||
|
rates: [{ currencyCode: "EUR", rate: 25, amount: 1 }],
|
||||||
|
}),
|
||||||
|
});
|
||||||
|
await expect(toCzk(100, "XYZ")).rejects.toThrow(/Neznámá měna: XYZ/);
|
||||||
|
});
|
||||||
|
|
||||||
|
it("converts EUR using fetched rate", async () => {
|
||||||
|
mockFetch.mockResolvedValue({
|
||||||
|
ok: true,
|
||||||
|
json: async () => ({
|
||||||
|
rates: [{ currencyCode: "EUR", rate: 25, amount: 1 }],
|
||||||
|
}),
|
||||||
|
});
|
||||||
|
const result = await toCzk(100, "EUR");
|
||||||
|
expect(result).toBe(2500);
|
||||||
|
});
|
||||||
|
});
|
||||||
|
|
||||||
|
describe("getRate", () => {
|
||||||
|
it("returns 1 for CZK", async () => {
|
||||||
|
const result = await getRate("CZK");
|
||||||
|
expect(result).toBe(1);
|
||||||
|
});
|
||||||
|
|
||||||
|
it("throws for unknown currency", async () => {
|
||||||
|
mockFetch.mockResolvedValue({
|
||||||
|
ok: true,
|
||||||
|
json: async () => ({
|
||||||
|
rates: [{ currencyCode: "EUR", rate: 25, amount: 1 }],
|
||||||
|
}),
|
||||||
|
});
|
||||||
|
await expect(getRate("XYZ")).rejects.toThrow(/Neznámá měna: XYZ/);
|
||||||
|
});
|
||||||
|
});
|
||||||
|
});
|
||||||
55
src/__tests__/invoices.service.test.ts
Normal file
55
src/__tests__/invoices.service.test.ts
Normal file
@@ -0,0 +1,55 @@
|
|||||||
|
import { describe, it, expect } from "vitest";
|
||||||
|
import { invoiceTotalWithVat } from "../services/invoices.service";
|
||||||
|
|
||||||
|
describe("invoiceTotalWithVat", () => {
|
||||||
|
it("calculates subtotal without VAT when apply_vat is false", () => {
|
||||||
|
const inv = {
|
||||||
|
apply_vat: false,
|
||||||
|
vat_rate: { toNumber: () => 21 },
|
||||||
|
currency: "CZK",
|
||||||
|
invoice_items: [
|
||||||
|
{
|
||||||
|
quantity: { toNumber: () => 2 },
|
||||||
|
unit_price: { toNumber: () => 100 },
|
||||||
|
vat_rate: { toNumber: () => 21 },
|
||||||
|
},
|
||||||
|
],
|
||||||
|
};
|
||||||
|
expect(invoiceTotalWithVat(inv)).toBe(200);
|
||||||
|
});
|
||||||
|
|
||||||
|
it("rounds each line VAT to 2 decimals before accumulation", () => {
|
||||||
|
// 3 items @ 33.33 with 21% VAT
|
||||||
|
// Line VAT = 33.33 * 0.21 = 6.9993 -> rounded to 7.00
|
||||||
|
// Total VAT = 7.00 * 3 = 21.00
|
||||||
|
// Subtotal = 33.33 * 3 = 99.99
|
||||||
|
// Total = 99.99 + 21.00 = 120.99
|
||||||
|
const inv = {
|
||||||
|
apply_vat: true,
|
||||||
|
vat_rate: { toNumber: () => 21 },
|
||||||
|
currency: "CZK",
|
||||||
|
invoice_items: Array.from({ length: 3 }, () => ({
|
||||||
|
quantity: { toNumber: () => 1 },
|
||||||
|
unit_price: { toNumber: () => 33.33 },
|
||||||
|
vat_rate: { toNumber: () => 21 },
|
||||||
|
})),
|
||||||
|
};
|
||||||
|
expect(invoiceTotalWithVat(inv)).toBe(120.99);
|
||||||
|
});
|
||||||
|
|
||||||
|
it("handles null quantity and unit_price gracefully", () => {
|
||||||
|
const inv = {
|
||||||
|
apply_vat: true,
|
||||||
|
vat_rate: { toNumber: () => 21 },
|
||||||
|
currency: "CZK",
|
||||||
|
invoice_items: [
|
||||||
|
{
|
||||||
|
quantity: { toNumber: () => 0 },
|
||||||
|
unit_price: { toNumber: () => 0 },
|
||||||
|
vat_rate: { toNumber: () => 21 },
|
||||||
|
},
|
||||||
|
],
|
||||||
|
};
|
||||||
|
expect(invoiceTotalWithVat(inv)).toBe(0);
|
||||||
|
});
|
||||||
|
});
|
||||||
142
src/__tests__/manual-create.test.ts
Normal file
142
src/__tests__/manual-create.test.ts
Normal file
@@ -0,0 +1,142 @@
|
|||||||
|
import { describe, it, expect, afterEach } from "vitest";
|
||||||
|
import prisma from "../config/database";
|
||||||
|
import { createProject } from "../services/projects.service";
|
||||||
|
import { createOrder } from "../services/orders.service";
|
||||||
|
|
||||||
|
const createdProjectIds: number[] = [];
|
||||||
|
const createdOrderIds: number[] = [];
|
||||||
|
|
||||||
|
afterEach(async () => {
|
||||||
|
for (const id of createdProjectIds)
|
||||||
|
await prisma.projects.deleteMany({ where: { id } });
|
||||||
|
for (const id of createdOrderIds)
|
||||||
|
await prisma.orders.deleteMany({ where: { id } });
|
||||||
|
createdProjectIds.length = 0;
|
||||||
|
createdOrderIds.length = 0;
|
||||||
|
await prisma.number_sequences.deleteMany({ where: { type: "shared" } });
|
||||||
|
});
|
||||||
|
|
||||||
|
const baseOrder = {
|
||||||
|
status: "prijata" as const,
|
||||||
|
currency: "CZK",
|
||||||
|
language: "cs",
|
||||||
|
vat_rate: 21,
|
||||||
|
apply_vat: true,
|
||||||
|
exchange_rate: 1,
|
||||||
|
};
|
||||||
|
|
||||||
|
describe("createOrder (manual, optional linked project)", () => {
|
||||||
|
it("creates an order AND a project sharing one number when create_project=true", async () => {
|
||||||
|
const res = await createOrder({
|
||||||
|
...baseOrder,
|
||||||
|
scope_title: "Ruční zakázka",
|
||||||
|
create_project: true,
|
||||||
|
});
|
||||||
|
expect("id" in res).toBe(true);
|
||||||
|
if (!("id" in res)) return;
|
||||||
|
createdOrderIds.push(res.id);
|
||||||
|
expect(res.project_id).toBeTruthy();
|
||||||
|
const project = await prisma.projects.findUnique({
|
||||||
|
where: { id: res.project_id! },
|
||||||
|
});
|
||||||
|
if (project) createdProjectIds.push(project.id);
|
||||||
|
expect(project?.project_number).toBe(res.order_number);
|
||||||
|
expect(project?.order_id).toBe(res.id);
|
||||||
|
});
|
||||||
|
|
||||||
|
it("creates only the order when create_project=false", async () => {
|
||||||
|
const res = await createOrder({ ...baseOrder, create_project: false });
|
||||||
|
expect("id" in res).toBe(true);
|
||||||
|
if (!("id" in res)) return;
|
||||||
|
createdOrderIds.push(res.id);
|
||||||
|
expect(res.project_id).toBeUndefined();
|
||||||
|
});
|
||||||
|
});
|
||||||
|
|
||||||
|
describe("shared pool coherence (tracking)", () => {
|
||||||
|
it("order → standalone project → order produce three distinct shared numbers", async () => {
|
||||||
|
const o1 = await createOrder({ ...baseOrder, create_project: true });
|
||||||
|
if ("id" in o1) {
|
||||||
|
createdOrderIds.push(o1.id);
|
||||||
|
if (o1.project_id) createdProjectIds.push(o1.project_id);
|
||||||
|
}
|
||||||
|
const p = await createProject({ name: "Mezi-projekt", status: "aktivni" });
|
||||||
|
if ("project_number" in p) createdProjectIds.push(p.id);
|
||||||
|
const o2 = await createOrder({ ...baseOrder, create_project: false });
|
||||||
|
if ("id" in o2) createdOrderIds.push(o2.id);
|
||||||
|
|
||||||
|
const n1 = "id" in o1 ? o1.order_number : null;
|
||||||
|
const np = "project_number" in p ? p.project_number : null;
|
||||||
|
const n2 = "id" in o2 ? o2.order_number : null;
|
||||||
|
expect(new Set([n1, np, n2]).size).toBe(3);
|
||||||
|
});
|
||||||
|
});
|
||||||
|
|
||||||
|
describe("createProject (manual, standalone)", () => {
|
||||||
|
it("assigns a shared number and is not linked to an order", async () => {
|
||||||
|
const result = await createProject({
|
||||||
|
name: "Test projekt",
|
||||||
|
status: "aktivni",
|
||||||
|
});
|
||||||
|
expect("project_number" in result).toBe(true);
|
||||||
|
if (!("project_number" in result)) return;
|
||||||
|
createdProjectIds.push(result.id);
|
||||||
|
expect(typeof result.project_number).toBe("string");
|
||||||
|
expect(result.project_number!.length).toBeGreaterThan(0);
|
||||||
|
expect(result.order_id).toBeNull();
|
||||||
|
});
|
||||||
|
|
||||||
|
it("gives consecutive standalone projects distinct numbers", async () => {
|
||||||
|
const a = await createProject({ name: "Projekt A", status: "aktivni" });
|
||||||
|
const b = await createProject({ name: "Projekt B", status: "aktivni" });
|
||||||
|
if ("project_number" in a) createdProjectIds.push(a.id);
|
||||||
|
if ("project_number" in b) createdProjectIds.push(b.id);
|
||||||
|
expect("project_number" in a && "project_number" in b).toBe(true);
|
||||||
|
if ("project_number" in a && "project_number" in b) {
|
||||||
|
expect(a.project_number).not.toBe(b.project_number);
|
||||||
|
}
|
||||||
|
});
|
||||||
|
});
|
||||||
|
|
||||||
|
describe("createOrder with price line item + attachment", () => {
|
||||||
|
it("stores a single line item with the entered price", async () => {
|
||||||
|
const res = await createOrder({
|
||||||
|
...baseOrder,
|
||||||
|
create_project: false,
|
||||||
|
items: [
|
||||||
|
{
|
||||||
|
description: "Práce",
|
||||||
|
quantity: 1,
|
||||||
|
unit_price: 12345,
|
||||||
|
is_included_in_total: true,
|
||||||
|
},
|
||||||
|
],
|
||||||
|
});
|
||||||
|
expect("id" in res).toBe(true);
|
||||||
|
if (!("id" in res)) return;
|
||||||
|
createdOrderIds.push(res.id);
|
||||||
|
const items = await prisma.order_items.findMany({
|
||||||
|
where: { order_id: res.id },
|
||||||
|
});
|
||||||
|
expect(items.length).toBe(1);
|
||||||
|
expect(Number(items[0].unit_price)).toBe(12345);
|
||||||
|
});
|
||||||
|
|
||||||
|
it("stores an uploaded PO attachment", async () => {
|
||||||
|
const buf = Buffer.from("%PDF-1.4 fake");
|
||||||
|
const res = await createOrder(
|
||||||
|
{ ...baseOrder, create_project: false },
|
||||||
|
buf,
|
||||||
|
"po.pdf",
|
||||||
|
);
|
||||||
|
expect("id" in res).toBe(true);
|
||||||
|
if (!("id" in res)) return;
|
||||||
|
createdOrderIds.push(res.id);
|
||||||
|
const order = await prisma.orders.findUnique({
|
||||||
|
where: { id: res.id },
|
||||||
|
select: { attachment_name: true, attachment_data: true },
|
||||||
|
});
|
||||||
|
expect(order?.attachment_name).toBe("po.pdf");
|
||||||
|
expect(order?.attachment_data).toBeTruthy();
|
||||||
|
});
|
||||||
|
});
|
||||||
55
src/__tests__/nas-file-manager.test.ts
Normal file
55
src/__tests__/nas-file-manager.test.ts
Normal file
@@ -0,0 +1,55 @@
|
|||||||
|
import { describe, it, expect } from "vitest";
|
||||||
|
import { NasFileManager } from "../services/nas-file-manager";
|
||||||
|
|
||||||
|
describe("NasFileManager path traversal", () => {
|
||||||
|
const nas = new NasFileManager();
|
||||||
|
|
||||||
|
describe("deleteItem", () => {
|
||||||
|
it("rejects empty path", async () => {
|
||||||
|
const result = await nas.deleteItem("PRJ-001", "");
|
||||||
|
expect(result).toContain("kořenovou složku");
|
||||||
|
});
|
||||||
|
|
||||||
|
it("rejects root path /", async () => {
|
||||||
|
const result = await nas.deleteItem("PRJ-001", "/");
|
||||||
|
expect(result).toContain("kořenovou složku");
|
||||||
|
});
|
||||||
|
|
||||||
|
it("rejects current directory .", async () => {
|
||||||
|
const result = await nas.deleteItem("PRJ-001", ".");
|
||||||
|
expect(result).toContain("kořenovou složku");
|
||||||
|
});
|
||||||
|
|
||||||
|
it("rejects current directory ./", async () => {
|
||||||
|
const result = await nas.deleteItem("PRJ-001", "./");
|
||||||
|
expect(result).toContain("kořenovou složku");
|
||||||
|
});
|
||||||
|
|
||||||
|
it("rejects path traversal ..", async () => {
|
||||||
|
const result = await nas.deleteItem("PRJ-001", "../etc/passwd");
|
||||||
|
expect(result).toContain("Neplatná cesta");
|
||||||
|
});
|
||||||
|
});
|
||||||
|
|
||||||
|
describe("moveItem", () => {
|
||||||
|
it("rejects empty fromPath", async () => {
|
||||||
|
const result = await nas.moveItem("PRJ-001", "", "dest");
|
||||||
|
expect(result).toContain("kořenovou složku");
|
||||||
|
});
|
||||||
|
|
||||||
|
it("rejects root fromPath /", async () => {
|
||||||
|
const result = await nas.moveItem("PRJ-001", "/", "dest");
|
||||||
|
expect(result).toContain("kořenovou složku");
|
||||||
|
});
|
||||||
|
|
||||||
|
it("rejects current directory .", async () => {
|
||||||
|
const result = await nas.moveItem("PRJ-001", ".", "dest");
|
||||||
|
expect(result).toContain("kořenovou složku");
|
||||||
|
});
|
||||||
|
|
||||||
|
it("rejects path traversal in fromPath", async () => {
|
||||||
|
const result = await nas.moveItem("PRJ-001", "../secret", "dest");
|
||||||
|
expect(result).toContain("Neplatná cesta");
|
||||||
|
});
|
||||||
|
});
|
||||||
|
});
|
||||||
@@ -1,21 +1,50 @@
|
|||||||
import { describe, it, expect } from "vitest";
|
import { describe, it, expect, beforeEach, afterEach } from "vitest";
|
||||||
import {
|
import {
|
||||||
generateSharedNumber,
|
generateSharedNumber,
|
||||||
generateOfferNumber,
|
generateOfferNumber,
|
||||||
} from "../services/numbering.service";
|
} from "../services/numbering.service";
|
||||||
|
import prisma from "../config/database";
|
||||||
|
|
||||||
describe("generateSharedNumber", () => {
|
describe("generateSharedNumber", () => {
|
||||||
it("returns correct format (YYtypeCode + 4 digits)", async () => {
|
beforeEach(async () => {
|
||||||
|
await prisma.number_sequences.deleteMany({ where: { type: "shared" } });
|
||||||
|
});
|
||||||
|
|
||||||
|
afterEach(async () => {
|
||||||
|
await prisma.number_sequences.deleteMany({ where: { type: "shared" } });
|
||||||
|
});
|
||||||
|
|
||||||
|
it("returns a non-empty string", async () => {
|
||||||
const num = await generateSharedNumber();
|
const num = await generateSharedNumber();
|
||||||
const yy = String(new Date().getFullYear()).slice(-2);
|
expect(typeof num).toBe("string");
|
||||||
expect(num).toMatch(new RegExp(`^${yy}\\d{2,}\\d{4}$`));
|
expect(num.length).toBeGreaterThan(0);
|
||||||
|
});
|
||||||
|
|
||||||
|
it("increments on consecutive calls", async () => {
|
||||||
|
const num1 = await generateSharedNumber();
|
||||||
|
const num2 = await generateSharedNumber();
|
||||||
|
expect(num1).not.toBe(num2);
|
||||||
});
|
});
|
||||||
});
|
});
|
||||||
|
|
||||||
describe("generateOfferNumber", () => {
|
describe("generateOfferNumber", () => {
|
||||||
it("returns correct format (YEAR/PREFIX/NNN)", async () => {
|
beforeEach(async () => {
|
||||||
|
await prisma.number_sequences.deleteMany({ where: { type: "offer" } });
|
||||||
|
});
|
||||||
|
|
||||||
|
afterEach(async () => {
|
||||||
|
await prisma.number_sequences.deleteMany({ where: { type: "offer" } });
|
||||||
|
});
|
||||||
|
|
||||||
|
it("returns a non-empty string", async () => {
|
||||||
const num = await generateOfferNumber();
|
const num = await generateOfferNumber();
|
||||||
const year = new Date().getFullYear();
|
expect(typeof num).toBe("string");
|
||||||
expect(num).toMatch(new RegExp(`^${year}/[A-Z]+/\\d{3,}$`));
|
expect(num.length).toBeGreaterThan(0);
|
||||||
|
});
|
||||||
|
|
||||||
|
it("increments on consecutive calls", async () => {
|
||||||
|
const num1 = await generateOfferNumber();
|
||||||
|
const num2 = await generateOfferNumber();
|
||||||
|
expect(num1).not.toBe(num2);
|
||||||
});
|
});
|
||||||
});
|
});
|
||||||
|
|||||||
886
src/__tests__/plan.test.ts
Normal file
886
src/__tests__/plan.test.ts
Normal file
@@ -0,0 +1,886 @@
|
|||||||
|
import { describe, it, expect, beforeAll, afterAll, beforeEach } from "vitest";
|
||||||
|
import Fastify from "fastify";
|
||||||
|
import cookie from "@fastify/cookie";
|
||||||
|
import rateLimit from "@fastify/rate-limit";
|
||||||
|
import jwt from "jsonwebtoken";
|
||||||
|
import prisma from "../config/database";
|
||||||
|
import { config } from "../config/env";
|
||||||
|
import { securityHeaders } from "../middleware/security";
|
||||||
|
import planRoutes from "../routes/admin/plan";
|
||||||
|
import {
|
||||||
|
resolveCell,
|
||||||
|
resolveGrid,
|
||||||
|
listPlanUsers,
|
||||||
|
assertNotPastDate,
|
||||||
|
createEntry,
|
||||||
|
updateEntry,
|
||||||
|
deleteEntry,
|
||||||
|
createOverride,
|
||||||
|
updateOverride,
|
||||||
|
deleteOverride,
|
||||||
|
listEntries,
|
||||||
|
listOverrides,
|
||||||
|
} from "../services/plan.service";
|
||||||
|
|
||||||
|
// ---------------------------------------------------------------------------
|
||||||
|
// Test fixtures
|
||||||
|
// ---------------------------------------------------------------------------
|
||||||
|
|
||||||
|
/** Note-prefix for test-created rows so we can clean them up safely. */
|
||||||
|
const N = "wh_plan_";
|
||||||
|
|
||||||
|
let adminUserId: number;
|
||||||
|
let noPermUserId: number;
|
||||||
|
|
||||||
|
beforeAll(async () => {
|
||||||
|
// Pick the first admin user from the test database as our fixture.
|
||||||
|
// The users -> roles relation is named `roles` in the Prisma schema
|
||||||
|
// (users.role_id references roles.id).
|
||||||
|
const admin = await prisma.users.findFirst({
|
||||||
|
where: { roles: { name: "admin" } },
|
||||||
|
});
|
||||||
|
if (!admin) throw new Error("Test setup: admin user not found");
|
||||||
|
adminUserId = admin.id;
|
||||||
|
|
||||||
|
// For list-scoping tests: any non-admin user that is NOT the admin we use
|
||||||
|
// for create tests. Just pick the second user.
|
||||||
|
const allUsers = await prisma.users.findMany({ take: 2 });
|
||||||
|
noPermUserId =
|
||||||
|
allUsers.find((u) => u.id !== adminUserId)?.id ?? allUsers[0].id;
|
||||||
|
});
|
||||||
|
|
||||||
|
beforeEach(async () => {
|
||||||
|
// Clean up any leftover test data from previous runs. We only touch rows
|
||||||
|
// whose `note` contains our test prefix, so we never disturb real data.
|
||||||
|
await prisma.work_plan_entries.deleteMany({
|
||||||
|
where: { note: { contains: N } },
|
||||||
|
});
|
||||||
|
await prisma.work_plan_overrides.deleteMany({
|
||||||
|
where: { note: { contains: N } },
|
||||||
|
});
|
||||||
|
});
|
||||||
|
|
||||||
|
afterAll(async () => {
|
||||||
|
// Final cleanup so we never leave soft-deleted test rows behind.
|
||||||
|
await prisma.work_plan_entries.deleteMany({
|
||||||
|
where: { note: { contains: N } },
|
||||||
|
});
|
||||||
|
await prisma.work_plan_overrides.deleteMany({
|
||||||
|
where: { note: { contains: N } },
|
||||||
|
});
|
||||||
|
});
|
||||||
|
|
||||||
|
// ---------------------------------------------------------------------------
|
||||||
|
// resolveCell
|
||||||
|
// ---------------------------------------------------------------------------
|
||||||
|
|
||||||
|
describe("plan.service.resolveCell", () => {
|
||||||
|
it("returns null when nothing covers the date", async () => {
|
||||||
|
// No entry, no override for (adminUserId, "2099-01-01")
|
||||||
|
const result = await resolveCell(adminUserId, "2099-01-01");
|
||||||
|
expect(result).toBeNull();
|
||||||
|
});
|
||||||
|
|
||||||
|
it("returns the entry that covers the date", async () => {
|
||||||
|
await prisma.work_plan_entries.create({
|
||||||
|
data: {
|
||||||
|
user_id: adminUserId,
|
||||||
|
date_from: new Date("2099-06-01"),
|
||||||
|
date_to: new Date("2099-06-10"),
|
||||||
|
category: "work",
|
||||||
|
note: `${N}PLC upgrade`,
|
||||||
|
created_by: adminUserId,
|
||||||
|
},
|
||||||
|
});
|
||||||
|
const result = await resolveCell(adminUserId, "2099-06-05");
|
||||||
|
expect(result).not.toBeNull();
|
||||||
|
expect(result?.source).toBe("entry");
|
||||||
|
expect(result?.note).toBe(`${N}PLC upgrade`);
|
||||||
|
expect(result?.category).toBe("work");
|
||||||
|
expect(result?.rangeFrom).toBe("2099-06-01");
|
||||||
|
expect(result?.rangeTo).toBe("2099-06-10");
|
||||||
|
});
|
||||||
|
|
||||||
|
it("returns the override for that day, not the entry", async () => {
|
||||||
|
// An entry covers 2099-06-01..2099-06-10, but an override on 2099-06-05
|
||||||
|
// takes precedence.
|
||||||
|
await prisma.work_plan_entries.create({
|
||||||
|
data: {
|
||||||
|
user_id: adminUserId,
|
||||||
|
date_from: new Date("2099-06-01"),
|
||||||
|
date_to: new Date("2099-06-10"),
|
||||||
|
category: "work",
|
||||||
|
note: `${N}PLC upgrade`,
|
||||||
|
created_by: adminUserId,
|
||||||
|
},
|
||||||
|
});
|
||||||
|
await prisma.work_plan_overrides.create({
|
||||||
|
data: {
|
||||||
|
user_id: adminUserId,
|
||||||
|
shift_date: new Date("2099-06-05"),
|
||||||
|
category: "leave",
|
||||||
|
note: `${N}Volno po noční`,
|
||||||
|
created_by: adminUserId,
|
||||||
|
},
|
||||||
|
});
|
||||||
|
const result = await resolveCell(adminUserId, "2099-06-05");
|
||||||
|
expect(result).not.toBeNull();
|
||||||
|
expect(result?.source).toBe("override");
|
||||||
|
expect(result?.note).toBe(`${N}Volno po noční`);
|
||||||
|
expect(result?.category).toBe("leave");
|
||||||
|
});
|
||||||
|
|
||||||
|
it("ignores soft-deleted entries and overrides", async () => {
|
||||||
|
await prisma.work_plan_entries.create({
|
||||||
|
data: {
|
||||||
|
user_id: adminUserId,
|
||||||
|
date_from: new Date("2099-06-01"),
|
||||||
|
date_to: new Date("2099-06-10"),
|
||||||
|
category: "work",
|
||||||
|
note: `${N}deleted entry`,
|
||||||
|
is_deleted: true,
|
||||||
|
created_by: adminUserId,
|
||||||
|
},
|
||||||
|
});
|
||||||
|
const result = await resolveCell(adminUserId, "2099-06-05");
|
||||||
|
expect(result).toBeNull();
|
||||||
|
});
|
||||||
|
});
|
||||||
|
|
||||||
|
// ---------------------------------------------------------------------------
|
||||||
|
// resolveGrid
|
||||||
|
// ---------------------------------------------------------------------------
|
||||||
|
|
||||||
|
describe("plan.service.resolveGrid", () => {
|
||||||
|
it("returns a 2D map keyed by userId then date", async () => {
|
||||||
|
await prisma.work_plan_entries.create({
|
||||||
|
data: {
|
||||||
|
user_id: adminUserId,
|
||||||
|
date_from: new Date("2099-06-01"),
|
||||||
|
date_to: new Date("2099-06-03"),
|
||||||
|
category: "work",
|
||||||
|
note: `${N}A`,
|
||||||
|
created_by: adminUserId,
|
||||||
|
},
|
||||||
|
});
|
||||||
|
const cells = await resolveGrid([adminUserId], "2099-06-01", "2099-06-05");
|
||||||
|
expect(cells[adminUserId]["2099-06-01"]?.note).toBe(`${N}A`);
|
||||||
|
expect(cells[adminUserId]["2099-06-02"]?.note).toBe(`${N}A`);
|
||||||
|
expect(cells[adminUserId]["2099-06-03"]?.note).toBe(`${N}A`);
|
||||||
|
expect(cells[adminUserId]["2099-06-04"]).toBeNull();
|
||||||
|
expect(cells[adminUserId]["2099-06-05"]).toBeNull();
|
||||||
|
});
|
||||||
|
|
||||||
|
it("applies override on a covered day", async () => {
|
||||||
|
await prisma.work_plan_entries.create({
|
||||||
|
data: {
|
||||||
|
user_id: adminUserId,
|
||||||
|
date_from: new Date("2099-06-01"),
|
||||||
|
date_to: new Date("2099-06-03"),
|
||||||
|
category: "work",
|
||||||
|
note: `${N}A`,
|
||||||
|
created_by: adminUserId,
|
||||||
|
},
|
||||||
|
});
|
||||||
|
await prisma.work_plan_overrides.create({
|
||||||
|
data: {
|
||||||
|
user_id: adminUserId,
|
||||||
|
shift_date: new Date("2099-06-02"),
|
||||||
|
category: "leave",
|
||||||
|
note: `${N}B`,
|
||||||
|
created_by: adminUserId,
|
||||||
|
},
|
||||||
|
});
|
||||||
|
const cells = await resolveGrid([adminUserId], "2099-06-01", "2099-06-03");
|
||||||
|
expect(cells[adminUserId]["2099-06-01"]?.note).toBe(`${N}A`);
|
||||||
|
expect(cells[adminUserId]["2099-06-02"]?.note).toBe(`${N}B`);
|
||||||
|
expect(cells[adminUserId]["2099-06-03"]?.note).toBe(`${N}A`);
|
||||||
|
});
|
||||||
|
});
|
||||||
|
|
||||||
|
// ---------------------------------------------------------------------------
|
||||||
|
// listPlanUsers
|
||||||
|
// ---------------------------------------------------------------------------
|
||||||
|
|
||||||
|
describe("plan.service.listPlanUsers", () => {
|
||||||
|
it("returns at least the admin user", async () => {
|
||||||
|
const users = await listPlanUsers();
|
||||||
|
const found = users.find((u) => u.id === adminUserId);
|
||||||
|
expect(found).toBeDefined();
|
||||||
|
expect(found?.has_attendance_record).toBe(true);
|
||||||
|
});
|
||||||
|
});
|
||||||
|
|
||||||
|
// ---------------------------------------------------------------------------
|
||||||
|
// assertNotPastDate
|
||||||
|
// ---------------------------------------------------------------------------
|
||||||
|
|
||||||
|
describe("plan.service.assertNotPastDate", () => {
|
||||||
|
it("returns error for a past date", () => {
|
||||||
|
const result = assertNotPastDate("2000-01-01", false);
|
||||||
|
expect(result).toEqual({
|
||||||
|
error:
|
||||||
|
"Nelze upravovat plán pro datum v minulosti. Pro nouzovou opravu použijte ?force=1.",
|
||||||
|
status: 403,
|
||||||
|
});
|
||||||
|
});
|
||||||
|
|
||||||
|
it("returns null for a future date", () => {
|
||||||
|
const result = assertNotPastDate("2099-01-01", false);
|
||||||
|
expect(result).toBeNull();
|
||||||
|
});
|
||||||
|
|
||||||
|
it("returns null for a past date with force=true", () => {
|
||||||
|
const result = assertNotPastDate("2000-01-01", true);
|
||||||
|
expect(result).toBeNull();
|
||||||
|
});
|
||||||
|
});
|
||||||
|
|
||||||
|
// ---------------------------------------------------------------------------
|
||||||
|
// createEntry
|
||||||
|
// ---------------------------------------------------------------------------
|
||||||
|
|
||||||
|
describe("plan.service.createEntry", () => {
|
||||||
|
it("creates an entry and returns { data, oldData: null }", async () => {
|
||||||
|
const result = await createEntry(
|
||||||
|
{
|
||||||
|
user_id: adminUserId,
|
||||||
|
date_from: "2099-07-01",
|
||||||
|
date_to: "2099-07-05",
|
||||||
|
category: "work",
|
||||||
|
note: `${N}new entry`,
|
||||||
|
},
|
||||||
|
adminUserId,
|
||||||
|
false,
|
||||||
|
);
|
||||||
|
expect("data" in result).toBe(true);
|
||||||
|
if ("data" in result) {
|
||||||
|
expect(result.data.note).toBe(`${N}new entry`);
|
||||||
|
expect(result.oldData).toBeNull();
|
||||||
|
}
|
||||||
|
});
|
||||||
|
|
||||||
|
it("rejects a past date without force", async () => {
|
||||||
|
const result = await createEntry(
|
||||||
|
{
|
||||||
|
user_id: adminUserId,
|
||||||
|
date_from: "2000-01-01",
|
||||||
|
date_to: "2000-01-02",
|
||||||
|
category: "work",
|
||||||
|
note: `${N}past`,
|
||||||
|
},
|
||||||
|
adminUserId,
|
||||||
|
false,
|
||||||
|
);
|
||||||
|
expect("error" in result).toBe(true);
|
||||||
|
if ("error" in result) expect(result.status).toBe(403);
|
||||||
|
});
|
||||||
|
|
||||||
|
it("allows a past date with force", async () => {
|
||||||
|
const result = await createEntry(
|
||||||
|
{
|
||||||
|
user_id: adminUserId,
|
||||||
|
date_from: "2000-01-01",
|
||||||
|
date_to: "2000-01-02",
|
||||||
|
category: "work",
|
||||||
|
note: `${N}past forced`,
|
||||||
|
},
|
||||||
|
adminUserId,
|
||||||
|
true,
|
||||||
|
);
|
||||||
|
expect("data" in result).toBe(true);
|
||||||
|
});
|
||||||
|
|
||||||
|
it("rejects when date_to < date_from", async () => {
|
||||||
|
const result = await createEntry(
|
||||||
|
{
|
||||||
|
user_id: adminUserId,
|
||||||
|
date_from: "2099-07-10",
|
||||||
|
date_to: "2099-07-05",
|
||||||
|
category: "work",
|
||||||
|
note: `${N}invalid range`,
|
||||||
|
},
|
||||||
|
adminUserId,
|
||||||
|
false,
|
||||||
|
);
|
||||||
|
expect("error" in result).toBe(true);
|
||||||
|
});
|
||||||
|
|
||||||
|
it("allows an empty note (text is optional)", async () => {
|
||||||
|
const result = await createEntry(
|
||||||
|
{
|
||||||
|
user_id: adminUserId,
|
||||||
|
date_from: "2099-07-15",
|
||||||
|
date_to: "2099-07-15",
|
||||||
|
category: "work",
|
||||||
|
note: "",
|
||||||
|
},
|
||||||
|
adminUserId,
|
||||||
|
false,
|
||||||
|
);
|
||||||
|
expect("data" in result).toBe(true);
|
||||||
|
});
|
||||||
|
|
||||||
|
it("rejects a range whose date_to is in the past, even if date_from is today", async () => {
|
||||||
|
// The range check `date_to >= date_from` fires before the past-date
|
||||||
|
// check, so a backwards range returns 400 (correct UX). The to-endpoint
|
||||||
|
// past-date check matters when updating an existing entry — see the
|
||||||
|
// matching test in updateEntry below. Here we just confirm that a
|
||||||
|
// range whose start is in the past is rejected as 403.
|
||||||
|
const result = await createEntry(
|
||||||
|
{
|
||||||
|
user_id: adminUserId,
|
||||||
|
date_from: "2000-01-01",
|
||||||
|
date_to: "2000-01-05",
|
||||||
|
category: "work",
|
||||||
|
note: `${N}past-both`,
|
||||||
|
},
|
||||||
|
adminUserId,
|
||||||
|
false,
|
||||||
|
);
|
||||||
|
expect("error" in result).toBe(true);
|
||||||
|
if ("error" in result) expect(result.status).toBe(403);
|
||||||
|
});
|
||||||
|
});
|
||||||
|
|
||||||
|
// ---------------------------------------------------------------------------
|
||||||
|
// updateEntry
|
||||||
|
// ---------------------------------------------------------------------------
|
||||||
|
|
||||||
|
describe("plan.service.updateEntry", () => {
|
||||||
|
it("updates the note and returns the old data", async () => {
|
||||||
|
const created = await createEntry(
|
||||||
|
{
|
||||||
|
user_id: adminUserId,
|
||||||
|
date_from: "2099-08-01",
|
||||||
|
date_to: "2099-08-03",
|
||||||
|
category: "work",
|
||||||
|
note: `${N}original`,
|
||||||
|
},
|
||||||
|
adminUserId,
|
||||||
|
false,
|
||||||
|
);
|
||||||
|
if (!("data" in created)) throw new Error("setup failed");
|
||||||
|
|
||||||
|
const updated = await updateEntry(
|
||||||
|
created.data.id,
|
||||||
|
{ note: `${N}updated` },
|
||||||
|
adminUserId,
|
||||||
|
false,
|
||||||
|
);
|
||||||
|
expect("data" in updated).toBe(true);
|
||||||
|
if ("data" in updated) {
|
||||||
|
expect(updated.data.note).toBe(`${N}updated`);
|
||||||
|
expect((updated.oldData as any).note).toBe(`${N}original`);
|
||||||
|
}
|
||||||
|
});
|
||||||
|
|
||||||
|
it("rejects an update that pushes date_to into the past", async () => {
|
||||||
|
// Future entry, but the user tries to extend its end backwards into
|
||||||
|
// the past. The to-endpoint past-date check should fire.
|
||||||
|
const created = await createEntry(
|
||||||
|
{
|
||||||
|
user_id: adminUserId,
|
||||||
|
date_from: "2099-08-10",
|
||||||
|
date_to: "2099-08-15",
|
||||||
|
category: "work",
|
||||||
|
note: `${N}to-shorten`,
|
||||||
|
},
|
||||||
|
adminUserId,
|
||||||
|
false,
|
||||||
|
);
|
||||||
|
if (!("data" in created)) throw new Error("setup failed");
|
||||||
|
const updated = await updateEntry(
|
||||||
|
created.data.id,
|
||||||
|
{ date_to: "2000-01-05" },
|
||||||
|
adminUserId,
|
||||||
|
false,
|
||||||
|
);
|
||||||
|
expect("error" in updated).toBe(true);
|
||||||
|
if ("error" in updated) expect(updated.status).toBe(403);
|
||||||
|
});
|
||||||
|
});
|
||||||
|
|
||||||
|
// ---------------------------------------------------------------------------
|
||||||
|
// deleteEntry
|
||||||
|
// ---------------------------------------------------------------------------
|
||||||
|
|
||||||
|
describe("plan.service.deleteEntry", () => {
|
||||||
|
it("soft-deletes the row and returns the old data", async () => {
|
||||||
|
const created = await createEntry(
|
||||||
|
{
|
||||||
|
user_id: adminUserId,
|
||||||
|
date_from: "2099-09-01",
|
||||||
|
date_to: "2099-09-01",
|
||||||
|
category: "work",
|
||||||
|
note: `${N}to delete`,
|
||||||
|
},
|
||||||
|
adminUserId,
|
||||||
|
false,
|
||||||
|
);
|
||||||
|
if (!("data" in created)) throw new Error("setup failed");
|
||||||
|
|
||||||
|
const result = await deleteEntry(created.data.id, adminUserId, false);
|
||||||
|
expect("data" in result).toBe(true);
|
||||||
|
if ("data" in result) {
|
||||||
|
expect(result.data).toEqual({ ok: true });
|
||||||
|
expect((result.oldData as any).note).toBe(`${N}to delete`);
|
||||||
|
}
|
||||||
|
|
||||||
|
const stillThere = await prisma.work_plan_entries.findUnique({
|
||||||
|
where: { id: created.data.id },
|
||||||
|
});
|
||||||
|
expect(stillThere?.is_deleted).toBe(true);
|
||||||
|
});
|
||||||
|
});
|
||||||
|
|
||||||
|
// ---------------------------------------------------------------------------
|
||||||
|
// createOverride
|
||||||
|
// ---------------------------------------------------------------------------
|
||||||
|
|
||||||
|
describe("plan.service.createOverride", () => {
|
||||||
|
it("creates an override and returns { data, oldData: null, replacedData: null }", async () => {
|
||||||
|
const result = await createOverride(
|
||||||
|
{
|
||||||
|
user_id: adminUserId,
|
||||||
|
shift_date: "2099-10-01",
|
||||||
|
category: "leave",
|
||||||
|
note: `${N}day off`,
|
||||||
|
},
|
||||||
|
adminUserId,
|
||||||
|
false,
|
||||||
|
);
|
||||||
|
expect("data" in result).toBe(true);
|
||||||
|
if ("data" in result) {
|
||||||
|
expect(result.data.note).toBe(`${N}day off`);
|
||||||
|
expect(result.oldData).toBeNull();
|
||||||
|
expect(result.replacedData).toBeNull();
|
||||||
|
}
|
||||||
|
});
|
||||||
|
|
||||||
|
it("soft-deletes the existing override and reports it in replacedData", async () => {
|
||||||
|
await createOverride(
|
||||||
|
{
|
||||||
|
user_id: adminUserId,
|
||||||
|
shift_date: "2099-10-02",
|
||||||
|
category: "leave",
|
||||||
|
note: `${N}first`,
|
||||||
|
},
|
||||||
|
adminUserId,
|
||||||
|
false,
|
||||||
|
);
|
||||||
|
const second = await createOverride(
|
||||||
|
{
|
||||||
|
user_id: adminUserId,
|
||||||
|
shift_date: "2099-10-02",
|
||||||
|
category: "sick",
|
||||||
|
note: `${N}second`,
|
||||||
|
},
|
||||||
|
adminUserId,
|
||||||
|
false,
|
||||||
|
);
|
||||||
|
expect("data" in second).toBe(true);
|
||||||
|
if ("data" in second) {
|
||||||
|
expect((second.replacedData as any)?.note).toBe(`${N}first`);
|
||||||
|
}
|
||||||
|
|
||||||
|
const all = await prisma.work_plan_overrides.findMany({
|
||||||
|
where: { user_id: adminUserId, shift_date: new Date("2099-10-02") },
|
||||||
|
});
|
||||||
|
// The first should be soft-deleted, the second active
|
||||||
|
expect(all.find((o) => o.note === `${N}first`)?.is_deleted).toBe(true);
|
||||||
|
expect(all.find((o) => o.note === `${N}second`)?.is_deleted).toBe(false);
|
||||||
|
});
|
||||||
|
|
||||||
|
it("rejects a past date without force", async () => {
|
||||||
|
const result = await createOverride(
|
||||||
|
{
|
||||||
|
user_id: adminUserId,
|
||||||
|
shift_date: "2000-01-01",
|
||||||
|
category: "leave",
|
||||||
|
note: `${N}past`,
|
||||||
|
},
|
||||||
|
adminUserId,
|
||||||
|
false,
|
||||||
|
);
|
||||||
|
expect("error" in result).toBe(true);
|
||||||
|
});
|
||||||
|
});
|
||||||
|
|
||||||
|
// ---------------------------------------------------------------------------
|
||||||
|
// updateOverride
|
||||||
|
// ---------------------------------------------------------------------------
|
||||||
|
|
||||||
|
describe("plan.service.updateOverride", () => {
|
||||||
|
it("updates the note and returns the old data", async () => {
|
||||||
|
const created = await createOverride(
|
||||||
|
{
|
||||||
|
user_id: adminUserId,
|
||||||
|
shift_date: "2099-11-01",
|
||||||
|
category: "leave",
|
||||||
|
note: `${N}original`,
|
||||||
|
},
|
||||||
|
adminUserId,
|
||||||
|
false,
|
||||||
|
);
|
||||||
|
if (!("data" in created)) throw new Error("setup");
|
||||||
|
const updated = await updateOverride(
|
||||||
|
created.data.id,
|
||||||
|
{ note: `${N}updated` },
|
||||||
|
adminUserId,
|
||||||
|
false,
|
||||||
|
);
|
||||||
|
expect("data" in updated).toBe(true);
|
||||||
|
if ("data" in updated) {
|
||||||
|
expect(updated.data.note).toBe(`${N}updated`);
|
||||||
|
expect((updated.oldData as any).note).toBe(`${N}original`);
|
||||||
|
}
|
||||||
|
});
|
||||||
|
});
|
||||||
|
|
||||||
|
// ---------------------------------------------------------------------------
|
||||||
|
// deleteOverride
|
||||||
|
// ---------------------------------------------------------------------------
|
||||||
|
|
||||||
|
describe("plan.service.deleteOverride", () => {
|
||||||
|
it("soft-deletes the override and returns the old data", async () => {
|
||||||
|
const created = await createOverride(
|
||||||
|
{
|
||||||
|
user_id: adminUserId,
|
||||||
|
shift_date: "2099-12-01",
|
||||||
|
category: "leave",
|
||||||
|
note: `${N}to delete`,
|
||||||
|
},
|
||||||
|
adminUserId,
|
||||||
|
false,
|
||||||
|
);
|
||||||
|
if (!("data" in created)) throw new Error("setup");
|
||||||
|
const result = await deleteOverride(created.data.id, adminUserId, false);
|
||||||
|
expect("data" in result).toBe(true);
|
||||||
|
if ("data" in result) {
|
||||||
|
expect(result.data).toEqual({ ok: true });
|
||||||
|
expect((result.oldData as any).note).toBe(`${N}to delete`);
|
||||||
|
}
|
||||||
|
const still = await prisma.work_plan_overrides.findUnique({
|
||||||
|
where: { id: created.data.id },
|
||||||
|
});
|
||||||
|
expect(still?.is_deleted).toBe(true);
|
||||||
|
});
|
||||||
|
});
|
||||||
|
|
||||||
|
// ---------------------------------------------------------------------------
|
||||||
|
// listEntries / listOverrides (employee scoping)
|
||||||
|
// ---------------------------------------------------------------------------
|
||||||
|
|
||||||
|
describe("plan.service.listEntries (employee scoping)", () => {
|
||||||
|
it("returns entries for the actor user when scoped", async () => {
|
||||||
|
await createEntry(
|
||||||
|
{
|
||||||
|
user_id: adminUserId,
|
||||||
|
date_from: "2098-01-01",
|
||||||
|
date_to: "2098-01-05",
|
||||||
|
category: "work",
|
||||||
|
note: `${N}scope test`,
|
||||||
|
},
|
||||||
|
adminUserId,
|
||||||
|
false,
|
||||||
|
);
|
||||||
|
const rows = await listEntries(
|
||||||
|
{ user_id: adminUserId, date_from: "2098-01-01", date_to: "2098-01-31" },
|
||||||
|
adminUserId,
|
||||||
|
true, // isAdmin
|
||||||
|
);
|
||||||
|
expect(rows.length).toBeGreaterThan(0);
|
||||||
|
});
|
||||||
|
|
||||||
|
it("scopes non-admin to actor user_id when querying for another user", async () => {
|
||||||
|
await createEntry(
|
||||||
|
{
|
||||||
|
user_id: adminUserId,
|
||||||
|
date_from: "2098-02-01",
|
||||||
|
date_to: "2098-02-05",
|
||||||
|
category: "work",
|
||||||
|
note: `${N}admin entry`,
|
||||||
|
},
|
||||||
|
adminUserId,
|
||||||
|
false,
|
||||||
|
);
|
||||||
|
const rows = await listEntries(
|
||||||
|
{ user_id: adminUserId, date_from: "2098-02-01", date_to: "2098-02-28" },
|
||||||
|
noPermUserId,
|
||||||
|
false, // not admin
|
||||||
|
);
|
||||||
|
expect(rows).toEqual([]);
|
||||||
|
});
|
||||||
|
});
|
||||||
|
|
||||||
|
describe("plan.service.listOverrides (employee scoping)", () => {
|
||||||
|
it("scopes non-admin to actor user_id", async () => {
|
||||||
|
await createOverride(
|
||||||
|
{
|
||||||
|
user_id: adminUserId,
|
||||||
|
shift_date: "2098-03-01",
|
||||||
|
category: "leave",
|
||||||
|
note: `${N}admin override`,
|
||||||
|
},
|
||||||
|
adminUserId,
|
||||||
|
false,
|
||||||
|
);
|
||||||
|
const rows = await listOverrides(
|
||||||
|
{ user_id: adminUserId, date_from: "2098-03-01", date_to: "2098-03-31" },
|
||||||
|
noPermUserId,
|
||||||
|
false,
|
||||||
|
);
|
||||||
|
expect(rows).toEqual([]);
|
||||||
|
});
|
||||||
|
});
|
||||||
|
|
||||||
|
// ---------------------------------------------------------------------------
|
||||||
|
// HTTP route tests (Fastify inject)
|
||||||
|
// ---------------------------------------------------------------------------
|
||||||
|
|
||||||
|
// Build a Fastify app with only the plan routes registered under
|
||||||
|
// /api/admin/plan. rateLimit max=1000 keeps the 7 tests from tripping it.
|
||||||
|
let app: Awaited<ReturnType<typeof buildApp>>;
|
||||||
|
let adminToken: string;
|
||||||
|
let noPermToken: string;
|
||||||
|
let noPermRoleId: number;
|
||||||
|
|
||||||
|
async function buildApp() {
|
||||||
|
const a = Fastify({ logger: false });
|
||||||
|
await a.register(cookie);
|
||||||
|
await a.register(rateLimit, { max: 1000, timeWindow: "1 minute" });
|
||||||
|
a.addHook("onRequest", securityHeaders);
|
||||||
|
await a.register(planRoutes, { prefix: "/api/admin/plan" });
|
||||||
|
return a;
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Generate a JWT access token. `requireAuth` re-loads auth data from the
|
||||||
|
* DB via `loadAuthData(payload.sub)`, so the `role` claim is ignored —
|
||||||
|
* only the `sub` (user id) matters for these tests.
|
||||||
|
*/
|
||||||
|
function generateToken(user: {
|
||||||
|
id: number;
|
||||||
|
username: string;
|
||||||
|
roleName: string | null;
|
||||||
|
}): string {
|
||||||
|
return jwt.sign(
|
||||||
|
{ sub: user.id, username: user.username, role: user.roleName },
|
||||||
|
config.jwt.secret,
|
||||||
|
{ expiresIn: "15m" },
|
||||||
|
);
|
||||||
|
}
|
||||||
|
|
||||||
|
async function authGet(path: string, token: string) {
|
||||||
|
return app.inject({
|
||||||
|
method: "GET",
|
||||||
|
url: path,
|
||||||
|
headers: { Authorization: `Bearer ${token}` },
|
||||||
|
});
|
||||||
|
}
|
||||||
|
|
||||||
|
async function authPost(path: string, token: string, body: unknown) {
|
||||||
|
return app.inject({
|
||||||
|
method: "POST",
|
||||||
|
url: path,
|
||||||
|
headers: {
|
||||||
|
Authorization: `Bearer ${token}`,
|
||||||
|
"Content-Type": "application/json",
|
||||||
|
},
|
||||||
|
payload: body as object,
|
||||||
|
});
|
||||||
|
}
|
||||||
|
|
||||||
|
async function authPatch(path: string, token: string, body: unknown) {
|
||||||
|
return app.inject({
|
||||||
|
method: "PATCH",
|
||||||
|
url: path,
|
||||||
|
headers: {
|
||||||
|
Authorization: `Bearer ${token}`,
|
||||||
|
"Content-Type": "application/json",
|
||||||
|
},
|
||||||
|
payload: body as object,
|
||||||
|
});
|
||||||
|
}
|
||||||
|
|
||||||
|
async function authDelete(path: string, token: string) {
|
||||||
|
return app.inject({
|
||||||
|
method: "DELETE",
|
||||||
|
url: path,
|
||||||
|
headers: { Authorization: `Bearer ${token}` },
|
||||||
|
});
|
||||||
|
}
|
||||||
|
|
||||||
|
beforeAll(async () => {
|
||||||
|
app = await buildApp();
|
||||||
|
|
||||||
|
// Re-fetch the admin user with the roles relation so we can build a token.
|
||||||
|
const admin = await prisma.users.findFirst({
|
||||||
|
where: { roles: { name: "admin" } },
|
||||||
|
include: { roles: true },
|
||||||
|
});
|
||||||
|
if (!admin) throw new Error("admin user not found in test setup");
|
||||||
|
adminUserId = admin.id;
|
||||||
|
adminToken = generateToken({
|
||||||
|
id: admin.id,
|
||||||
|
username: admin.username,
|
||||||
|
roleName: admin.roles?.name ?? null,
|
||||||
|
});
|
||||||
|
|
||||||
|
// Create a no-permission role + user; the role has zero permissions so
|
||||||
|
// any permission check returns 403.
|
||||||
|
const stamp = Date.now();
|
||||||
|
const noPermRole = await prisma.roles.create({
|
||||||
|
data: {
|
||||||
|
name: `noperm_plan_${stamp}`,
|
||||||
|
display_name: "No Perm Plan Test",
|
||||||
|
},
|
||||||
|
});
|
||||||
|
noPermRoleId = noPermRole.id;
|
||||||
|
const noPermUser = await prisma.users.create({
|
||||||
|
data: {
|
||||||
|
username: `noperm_plan_${stamp}`,
|
||||||
|
first_name: "No",
|
||||||
|
last_name: "Perm",
|
||||||
|
email: `noperm_plan_${stamp}@test.local`,
|
||||||
|
password_hash:
|
||||||
|
"$2a$10$invalidinvalidinvalidinvalidinvalidinvalidinvalidinvali",
|
||||||
|
role_id: noPermRole.id,
|
||||||
|
is_active: true,
|
||||||
|
},
|
||||||
|
});
|
||||||
|
noPermUserId = noPermUser.id;
|
||||||
|
noPermToken = generateToken({
|
||||||
|
id: noPermUser.id,
|
||||||
|
username: noPermUser.username,
|
||||||
|
roleName: noPermRole.name,
|
||||||
|
});
|
||||||
|
});
|
||||||
|
|
||||||
|
afterAll(async () => {
|
||||||
|
if (app) await app.close();
|
||||||
|
if (noPermUserId) {
|
||||||
|
await prisma.users
|
||||||
|
.deleteMany({ where: { id: noPermUserId } })
|
||||||
|
.catch(() => {});
|
||||||
|
}
|
||||||
|
if (noPermRoleId) {
|
||||||
|
await prisma.roles
|
||||||
|
.deleteMany({ where: { id: noPermRoleId } })
|
||||||
|
.catch(() => {});
|
||||||
|
}
|
||||||
|
});
|
||||||
|
|
||||||
|
describe("HTTP /api/admin/plan", () => {
|
||||||
|
it("GET /users requires auth", async () => {
|
||||||
|
const res = await app.inject({
|
||||||
|
method: "GET",
|
||||||
|
url: "/api/admin/plan/users",
|
||||||
|
});
|
||||||
|
expect(res.statusCode).toBe(401);
|
||||||
|
});
|
||||||
|
|
||||||
|
it("GET /users returns plan users for an admin", async () => {
|
||||||
|
const res = await authGet("/api/admin/plan/users", adminToken);
|
||||||
|
expect(res.statusCode).toBe(200);
|
||||||
|
const body = res.json();
|
||||||
|
expect(body.success).toBe(true);
|
||||||
|
expect(Array.isArray(body.data)).toBe(true);
|
||||||
|
});
|
||||||
|
|
||||||
|
it("GET /grid returns days, users, cells", async () => {
|
||||||
|
// Seed an entry so the cell on 2097-06-01 has a known note.
|
||||||
|
await createEntry(
|
||||||
|
{
|
||||||
|
user_id: adminUserId,
|
||||||
|
date_from: "2097-06-01",
|
||||||
|
date_to: "2097-06-05",
|
||||||
|
category: "work",
|
||||||
|
note: `${N}grid test`,
|
||||||
|
},
|
||||||
|
adminUserId,
|
||||||
|
false,
|
||||||
|
);
|
||||||
|
const res = await authGet(
|
||||||
|
"/api/admin/plan/grid?date_from=2097-06-01&date_to=2097-06-05",
|
||||||
|
adminToken,
|
||||||
|
);
|
||||||
|
expect(res.statusCode).toBe(200);
|
||||||
|
const body = res.json();
|
||||||
|
expect(body.data.users).toBeDefined();
|
||||||
|
expect(body.data.cells[adminUserId]).toBeDefined();
|
||||||
|
expect(body.data.cells[adminUserId]["2097-06-01"].note).toBe(
|
||||||
|
`${N}grid test`,
|
||||||
|
);
|
||||||
|
});
|
||||||
|
|
||||||
|
it("GET /grid rejects ranges > 92 days", async () => {
|
||||||
|
const res = await authGet(
|
||||||
|
"/api/admin/plan/grid?date_from=2097-01-01&date_to=2097-12-31",
|
||||||
|
adminToken,
|
||||||
|
);
|
||||||
|
expect(res.statusCode).toBe(400);
|
||||||
|
});
|
||||||
|
|
||||||
|
it("POST /entries requires attendance.manage", async () => {
|
||||||
|
const res = await authPost("/api/admin/plan/entries", noPermToken, {
|
||||||
|
user_id: adminUserId,
|
||||||
|
date_from: "2097-07-01",
|
||||||
|
date_to: "2097-07-01",
|
||||||
|
category: "work",
|
||||||
|
note: `${N}forbidden`,
|
||||||
|
});
|
||||||
|
expect(res.statusCode).toBe(403);
|
||||||
|
});
|
||||||
|
|
||||||
|
it("POST /entries works for admin", async () => {
|
||||||
|
const res = await authPost("/api/admin/plan/entries", adminToken, {
|
||||||
|
user_id: adminUserId,
|
||||||
|
date_from: "2097-08-01",
|
||||||
|
date_to: "2097-08-01",
|
||||||
|
category: "work",
|
||||||
|
note: `${N}http create`,
|
||||||
|
});
|
||||||
|
expect(res.statusCode).toBe(201);
|
||||||
|
const body = res.json();
|
||||||
|
expect(body.success).toBe(true);
|
||||||
|
expect(body.data.note).toBe(`${N}http create`);
|
||||||
|
});
|
||||||
|
|
||||||
|
it("POST /entries accepts an empty note (note is optional)", async () => {
|
||||||
|
const res = await authPost("/api/admin/plan/entries", adminToken, {
|
||||||
|
user_id: adminUserId,
|
||||||
|
date_from: "2097-08-05",
|
||||||
|
date_to: "2097-08-05",
|
||||||
|
category: "work",
|
||||||
|
note: "",
|
||||||
|
});
|
||||||
|
expect(res.statusCode).toBe(201);
|
||||||
|
});
|
||||||
|
|
||||||
|
it("POST /entries rejects a past date without ?force=1", async () => {
|
||||||
|
const res = await authPost("/api/admin/plan/entries", adminToken, {
|
||||||
|
user_id: adminUserId,
|
||||||
|
date_from: "2000-02-01",
|
||||||
|
date_to: "2000-02-01",
|
||||||
|
category: "work",
|
||||||
|
note: `${N}past http`,
|
||||||
|
});
|
||||||
|
expect(res.statusCode).toBe(403);
|
||||||
|
});
|
||||||
|
|
||||||
|
it("POST /overrides with force=1 allows past date", async () => {
|
||||||
|
const res = await authPost(
|
||||||
|
"/api/admin/plan/overrides?force=1",
|
||||||
|
adminToken,
|
||||||
|
{
|
||||||
|
user_id: adminUserId,
|
||||||
|
shift_date: "2000-01-15",
|
||||||
|
category: "leave",
|
||||||
|
note: `${N}forced past`,
|
||||||
|
},
|
||||||
|
);
|
||||||
|
expect(res.statusCode).toBe(201);
|
||||||
|
});
|
||||||
|
});
|
||||||
95
src/__tests__/planAuditDescription.test.ts
Normal file
95
src/__tests__/planAuditDescription.test.ts
Normal file
@@ -0,0 +1,95 @@
|
|||||||
|
import { describe, it, expect } from "vitest";
|
||||||
|
import {
|
||||||
|
planCategoryLabel,
|
||||||
|
buildPlanAuditDescription,
|
||||||
|
} from "../utils/planAuditDescription";
|
||||||
|
|
||||||
|
describe("planCategoryLabel", () => {
|
||||||
|
it("maps known plan categories to Czech labels", () => {
|
||||||
|
expect(planCategoryLabel("work")).toBe("Práce");
|
||||||
|
expect(planCategoryLabel("preparation")).toBe("Příprava");
|
||||||
|
expect(planCategoryLabel("travel")).toBe("Cesta / Montáž");
|
||||||
|
expect(planCategoryLabel("leave")).toBe("Dovolená");
|
||||||
|
expect(planCategoryLabel("sick")).toBe("Nemoc");
|
||||||
|
expect(planCategoryLabel("training")).toBe("Školení");
|
||||||
|
expect(planCategoryLabel("other")).toBe("Jiné");
|
||||||
|
});
|
||||||
|
|
||||||
|
it("falls back to the raw value for an unknown category", () => {
|
||||||
|
expect(planCategoryLabel("unknown_xyz")).toBe("unknown_xyz");
|
||||||
|
});
|
||||||
|
});
|
||||||
|
|
||||||
|
describe("buildPlanAuditDescription", () => {
|
||||||
|
it("describes a multi-day entry with project", () => {
|
||||||
|
const desc = buildPlanAuditDescription({
|
||||||
|
userName: "Jan Novák",
|
||||||
|
categoryLabel: "Práce",
|
||||||
|
projectName: "Rekonstrukce haly",
|
||||||
|
dateFrom: "2026-06-08",
|
||||||
|
dateTo: "2026-06-12",
|
||||||
|
});
|
||||||
|
expect(desc).toBe(
|
||||||
|
"Jan Novák · 08.06.2026 – 12.06.2026 · Práce · Rekonstrukce haly",
|
||||||
|
);
|
||||||
|
});
|
||||||
|
|
||||||
|
it("collapses a single-day range to one date", () => {
|
||||||
|
const desc = buildPlanAuditDescription({
|
||||||
|
userName: "Jan Novák",
|
||||||
|
categoryLabel: "Práce",
|
||||||
|
projectName: "Rekonstrukce haly",
|
||||||
|
dateFrom: "2026-06-08",
|
||||||
|
dateTo: "2026-06-08",
|
||||||
|
});
|
||||||
|
expect(desc).toBe("Jan Novák · 08.06.2026 · Práce · Rekonstrukce haly");
|
||||||
|
});
|
||||||
|
|
||||||
|
it("omits the project segment when there is no project", () => {
|
||||||
|
const desc = buildPlanAuditDescription({
|
||||||
|
userName: "Petr Svoboda",
|
||||||
|
categoryLabel: "Dovolená",
|
||||||
|
projectName: null,
|
||||||
|
dateFrom: "2026-06-10",
|
||||||
|
dateTo: "2026-06-10",
|
||||||
|
});
|
||||||
|
expect(desc).toBe("Petr Svoboda · 10.06.2026 · Dovolená");
|
||||||
|
});
|
||||||
|
|
||||||
|
it("appends the emergency-edit note when force is set", () => {
|
||||||
|
const desc = buildPlanAuditDescription({
|
||||||
|
userName: "Jan Novák",
|
||||||
|
categoryLabel: "Práce",
|
||||||
|
projectName: null,
|
||||||
|
dateFrom: "2026-01-02",
|
||||||
|
dateTo: "2026-01-02",
|
||||||
|
force: true,
|
||||||
|
});
|
||||||
|
expect(desc).toBe("Jan Novák · 02.01.2026 · Práce · nouzová úprava");
|
||||||
|
});
|
||||||
|
|
||||||
|
it("appends a custom suffix (e.g. replaced override)", () => {
|
||||||
|
const desc = buildPlanAuditDescription({
|
||||||
|
userName: "Jan Novák",
|
||||||
|
categoryLabel: "Nemoc",
|
||||||
|
projectName: null,
|
||||||
|
dateFrom: "2026-06-10",
|
||||||
|
dateTo: "2026-06-10",
|
||||||
|
suffix: "nahrazeno novým záznamem",
|
||||||
|
});
|
||||||
|
expect(desc).toBe(
|
||||||
|
"Jan Novák · 10.06.2026 · Nemoc · nahrazeno novým záznamem",
|
||||||
|
);
|
||||||
|
});
|
||||||
|
|
||||||
|
it("treats a whitespace-only project name as no project", () => {
|
||||||
|
const desc = buildPlanAuditDescription({
|
||||||
|
userName: "Jan Novák",
|
||||||
|
categoryLabel: "Práce",
|
||||||
|
projectName: " ",
|
||||||
|
dateFrom: "2026-06-08",
|
||||||
|
dateTo: "2026-06-08",
|
||||||
|
});
|
||||||
|
expect(desc).toBe("Jan Novák · 08.06.2026 · Práce");
|
||||||
|
});
|
||||||
|
});
|
||||||
129
src/__tests__/planCategory.test.ts
Normal file
129
src/__tests__/planCategory.test.ts
Normal file
@@ -0,0 +1,129 @@
|
|||||||
|
import { describe, it, expect, afterAll } from "vitest";
|
||||||
|
import prisma from "../config/database";
|
||||||
|
import {
|
||||||
|
listPlanCategories,
|
||||||
|
createPlanCategory,
|
||||||
|
updatePlanCategory,
|
||||||
|
deactivatePlanCategory,
|
||||||
|
deletePlanCategory,
|
||||||
|
isCategoryKeyActive,
|
||||||
|
slugifyCategory,
|
||||||
|
} from "../services/planCategory.service";
|
||||||
|
|
||||||
|
const created: number[] = [];
|
||||||
|
|
||||||
|
afterAll(async () => {
|
||||||
|
if (created.length) {
|
||||||
|
await prisma.plan_categories.deleteMany({ where: { id: { in: created } } });
|
||||||
|
}
|
||||||
|
await prisma.$disconnect();
|
||||||
|
});
|
||||||
|
|
||||||
|
describe("slugifyCategory", () => {
|
||||||
|
it("strips Czech diacritics and non-alphanumerics", () => {
|
||||||
|
expect(slugifyCategory("Cesta / Montáž")).toBe("cesta_montaz");
|
||||||
|
expect(slugifyCategory("Příprava")).toBe("priprava");
|
||||||
|
});
|
||||||
|
});
|
||||||
|
|
||||||
|
describe("plan category service", () => {
|
||||||
|
it("seeds are present and ordered", async () => {
|
||||||
|
const cats = await listPlanCategories(true);
|
||||||
|
const keys = cats.map((c) => c.key);
|
||||||
|
expect(keys).toContain("work");
|
||||||
|
expect(keys).toContain("other");
|
||||||
|
});
|
||||||
|
|
||||||
|
it("creates a category with a unique slug and next sort_order", async () => {
|
||||||
|
const res = await createPlanCategory({
|
||||||
|
label: "Test Kategorie ZZ",
|
||||||
|
color: "#123456",
|
||||||
|
});
|
||||||
|
if ("error" in res) throw new Error(res.error);
|
||||||
|
created.push(res.data.id);
|
||||||
|
expect(res.data.key).toBe("test_kategorie_zz");
|
||||||
|
expect(res.data.color).toBe("#123456");
|
||||||
|
expect(res.data.is_active).toBe(true);
|
||||||
|
expect(await isCategoryKeyActive("test_kategorie_zz")).toBe(true);
|
||||||
|
});
|
||||||
|
|
||||||
|
it("dedupes a colliding slug", async () => {
|
||||||
|
const res = await createPlanCategory({
|
||||||
|
label: "Test Kategorie ZZ",
|
||||||
|
color: "#222222",
|
||||||
|
});
|
||||||
|
if ("error" in res) throw new Error(res.error);
|
||||||
|
created.push(res.data.id);
|
||||||
|
expect(res.data.key).toBe("test_kategorie_zz_2");
|
||||||
|
});
|
||||||
|
|
||||||
|
it("updates label and color (key immutable)", async () => {
|
||||||
|
const res = await createPlanCategory({
|
||||||
|
label: "Test Upd ZZ",
|
||||||
|
color: "#aaaaaa",
|
||||||
|
});
|
||||||
|
if ("error" in res) throw new Error(res.error);
|
||||||
|
created.push(res.data.id);
|
||||||
|
const upd = await updatePlanCategory(res.data.id, {
|
||||||
|
label: "Test Upd2 ZZ",
|
||||||
|
color: "#bbbbbb",
|
||||||
|
});
|
||||||
|
if ("error" in upd) throw new Error(upd.error);
|
||||||
|
expect(upd.data.label).toBe("Test Upd2 ZZ");
|
||||||
|
expect(upd.data.color).toBe("#bbbbbb");
|
||||||
|
expect(upd.data.key).toBe("test_upd_zz");
|
||||||
|
});
|
||||||
|
|
||||||
|
it("deactivate hides the key from active check", async () => {
|
||||||
|
const res = await createPlanCategory({
|
||||||
|
label: "Test Deact ZZ",
|
||||||
|
color: "#cccccc",
|
||||||
|
});
|
||||||
|
if ("error" in res) throw new Error(res.error);
|
||||||
|
created.push(res.data.id);
|
||||||
|
await deactivatePlanCategory(res.data.id);
|
||||||
|
expect(await isCategoryKeyActive("test_deact_zz")).toBe(false);
|
||||||
|
});
|
||||||
|
|
||||||
|
it("hard-deletes an unused category", async () => {
|
||||||
|
const res = await createPlanCategory({
|
||||||
|
label: "Test Del ZZ",
|
||||||
|
color: "#dddddd",
|
||||||
|
});
|
||||||
|
if ("error" in res) throw new Error(res.error);
|
||||||
|
const del = await deletePlanCategory(res.data.id);
|
||||||
|
expect("data" in del).toBe(true);
|
||||||
|
const stillThere = await prisma.plan_categories.findUnique({
|
||||||
|
where: { id: res.data.id },
|
||||||
|
});
|
||||||
|
expect(stillThere).toBeNull();
|
||||||
|
});
|
||||||
|
|
||||||
|
it("refuses to hard-delete a category in use", async () => {
|
||||||
|
const res = await createPlanCategory({
|
||||||
|
label: "Test InUse ZZ",
|
||||||
|
color: "#eeeeee",
|
||||||
|
});
|
||||||
|
if ("error" in res) throw new Error(res.error);
|
||||||
|
created.push(res.data.id);
|
||||||
|
const user = await prisma.users.findFirst({ select: { id: true } });
|
||||||
|
if (!user) throw new Error("no user in test DB");
|
||||||
|
const entry = await prisma.work_plan_entries.create({
|
||||||
|
data: {
|
||||||
|
user_id: user.id,
|
||||||
|
date_from: new Date("2026-06-10T00:00:00.000Z"),
|
||||||
|
date_to: new Date("2026-06-10T00:00:00.000Z"),
|
||||||
|
category: res.data.key,
|
||||||
|
note: "test in-use",
|
||||||
|
created_by: user.id,
|
||||||
|
},
|
||||||
|
});
|
||||||
|
try {
|
||||||
|
const del = await deletePlanCategory(res.data.id);
|
||||||
|
expect("error" in del).toBe(true);
|
||||||
|
if ("error" in del) expect(del.status).toBe(409);
|
||||||
|
} finally {
|
||||||
|
await prisma.work_plan_entries.delete({ where: { id: entry.id } });
|
||||||
|
}
|
||||||
|
});
|
||||||
|
});
|
||||||
57
src/__tests__/schema-nan.test.ts
Normal file
57
src/__tests__/schema-nan.test.ts
Normal file
@@ -0,0 +1,57 @@
|
|||||||
|
import { describe, it, expect } from "vitest";
|
||||||
|
import { CreateOrderSchema } from "../schemas/orders.schema";
|
||||||
|
import { CreateQuotationSchema } from "../schemas/offers.schema";
|
||||||
|
|
||||||
|
describe("Zod NaN rejection", () => {
|
||||||
|
describe("CreateOrderSchema", () => {
|
||||||
|
it("rejects NaN string in quantity", () => {
|
||||||
|
const result = CreateOrderSchema.safeParse({
|
||||||
|
customer_id: 1,
|
||||||
|
items: [{ quantity: "not-a-number" }],
|
||||||
|
});
|
||||||
|
expect(result.success).toBe(false);
|
||||||
|
});
|
||||||
|
|
||||||
|
it("rejects NaN string in unit_price", () => {
|
||||||
|
const result = CreateOrderSchema.safeParse({
|
||||||
|
customer_id: 1,
|
||||||
|
items: [{ unit_price: "abc" }],
|
||||||
|
});
|
||||||
|
expect(result.success).toBe(false);
|
||||||
|
});
|
||||||
|
|
||||||
|
it("accepts valid numbers", () => {
|
||||||
|
const result = CreateOrderSchema.safeParse({
|
||||||
|
customer_id: 1,
|
||||||
|
items: [{ quantity: 2, unit_price: 100 }],
|
||||||
|
});
|
||||||
|
expect(result.success).toBe(true);
|
||||||
|
});
|
||||||
|
});
|
||||||
|
|
||||||
|
describe("CreateQuotationSchema", () => {
|
||||||
|
it("rejects NaN string in top-level vat_rate", () => {
|
||||||
|
const result = CreateQuotationSchema.safeParse({
|
||||||
|
customer_id: 1,
|
||||||
|
vat_rate: "bad",
|
||||||
|
});
|
||||||
|
expect(result.success).toBe(false);
|
||||||
|
});
|
||||||
|
|
||||||
|
it("accepts valid vat_rate", () => {
|
||||||
|
const result = CreateQuotationSchema.safeParse({
|
||||||
|
customer_id: 1,
|
||||||
|
vat_rate: 21,
|
||||||
|
});
|
||||||
|
expect(result.success).toBe(true);
|
||||||
|
});
|
||||||
|
|
||||||
|
it("rejects NaN string in item quantity", () => {
|
||||||
|
const result = CreateQuotationSchema.safeParse({
|
||||||
|
customer_id: 1,
|
||||||
|
items: [{ quantity: "bad" }],
|
||||||
|
});
|
||||||
|
expect(result.success).toBe(false);
|
||||||
|
});
|
||||||
|
});
|
||||||
|
});
|
||||||
1244
src/__tests__/warehouse.test.ts
Normal file
1244
src/__tests__/warehouse.test.ts
Normal file
File diff suppressed because it is too large
Load Diff
@@ -1,7 +1,9 @@
|
|||||||
import { lazy, Suspense } from "react";
|
import { lazy, Suspense } from "react";
|
||||||
import { Routes, Route } from "react-router-dom";
|
import { Routes, Route } from "react-router-dom";
|
||||||
|
import { QueryClientProvider } from "@tanstack/react-query";
|
||||||
import { AuthProvider } from "./context/AuthContext";
|
import { AuthProvider } from "./context/AuthContext";
|
||||||
import { AlertProvider } from "./context/AlertContext";
|
import { AlertProvider } from "./context/AlertContext";
|
||||||
|
import { queryClient } from "./lib/queryClient";
|
||||||
import ErrorBoundary from "./components/ErrorBoundary";
|
import ErrorBoundary from "./components/ErrorBoundary";
|
||||||
import AdminLayout from "./components/AdminLayout";
|
import AdminLayout from "./components/AdminLayout";
|
||||||
import AlertContainer from "./components/AlertContainer";
|
import AlertContainer from "./components/AlertContainer";
|
||||||
@@ -14,7 +16,6 @@ import "./buttons.css";
|
|||||||
import "./layout.css";
|
import "./layout.css";
|
||||||
import "./components.css";
|
import "./components.css";
|
||||||
import "./tables.css";
|
import "./tables.css";
|
||||||
import "./skeleton.css";
|
|
||||||
import "./datepicker.css";
|
import "./datepicker.css";
|
||||||
import "./filemanager.css";
|
import "./filemanager.css";
|
||||||
import "./pagination.css";
|
import "./pagination.css";
|
||||||
@@ -22,9 +23,11 @@ import "./responsive.css";
|
|||||||
import "./login.css";
|
import "./login.css";
|
||||||
import "./dashboard.css";
|
import "./dashboard.css";
|
||||||
import "./attendance.css";
|
import "./attendance.css";
|
||||||
|
import "./plan.css";
|
||||||
import "./settings.css";
|
import "./settings.css";
|
||||||
import "./offers.css";
|
import "./offers.css";
|
||||||
import "./invoices.css";
|
import "./invoices.css";
|
||||||
|
import "./warehouse.css";
|
||||||
|
|
||||||
const Users = lazy(() => import("./pages/Users"));
|
const Users = lazy(() => import("./pages/Users"));
|
||||||
const Attendance = lazy(() => import("./pages/Attendance"));
|
const Attendance = lazy(() => import("./pages/Attendance"));
|
||||||
@@ -35,6 +38,7 @@ const AttendanceCreate = lazy(() => import("./pages/AttendanceCreate"));
|
|||||||
const LeaveRequests = lazy(() => import("./pages/LeaveRequests"));
|
const LeaveRequests = lazy(() => import("./pages/LeaveRequests"));
|
||||||
const LeaveApproval = lazy(() => import("./pages/LeaveApproval"));
|
const LeaveApproval = lazy(() => import("./pages/LeaveApproval"));
|
||||||
const AttendanceLocation = lazy(() => import("./pages/AttendanceLocation"));
|
const AttendanceLocation = lazy(() => import("./pages/AttendanceLocation"));
|
||||||
|
const PlanWork = lazy(() => import("./pages/PlanWork"));
|
||||||
const Trips = lazy(() => import("./pages/Trips"));
|
const Trips = lazy(() => import("./pages/Trips"));
|
||||||
const TripsHistory = lazy(() => import("./pages/TripsHistory"));
|
const TripsHistory = lazy(() => import("./pages/TripsHistory"));
|
||||||
const TripsAdmin = lazy(() => import("./pages/TripsAdmin"));
|
const TripsAdmin = lazy(() => import("./pages/TripsAdmin"));
|
||||||
@@ -46,76 +50,187 @@ const OffersTemplates = lazy(() => import("./pages/OffersTemplates"));
|
|||||||
const Orders = lazy(() => import("./pages/Orders"));
|
const Orders = lazy(() => import("./pages/Orders"));
|
||||||
const OrderDetail = lazy(() => import("./pages/OrderDetail"));
|
const OrderDetail = lazy(() => import("./pages/OrderDetail"));
|
||||||
const Projects = lazy(() => import("./pages/Projects"));
|
const Projects = lazy(() => import("./pages/Projects"));
|
||||||
const ProjectCreate = lazy(() => import("./pages/ProjectCreate"));
|
|
||||||
const ProjectDetail = lazy(() => import("./pages/ProjectDetail"));
|
const ProjectDetail = lazy(() => import("./pages/ProjectDetail"));
|
||||||
const Invoices = lazy(() => import("./pages/Invoices"));
|
const Invoices = lazy(() => import("./pages/Invoices"));
|
||||||
const InvoiceDetail = lazy(() => import("./pages/InvoiceDetail"));
|
const InvoiceDetail = lazy(() => import("./pages/InvoiceDetail"));
|
||||||
const Settings = lazy(() => import("./pages/Settings"));
|
const Settings = lazy(() => import("./pages/Settings"));
|
||||||
const AuditLog = lazy(() => import("./pages/AuditLog"));
|
const AuditLog = lazy(() => import("./pages/AuditLog"));
|
||||||
const NotFound = lazy(() => import("./pages/NotFound"));
|
const NotFound = lazy(() => import("./pages/NotFound"));
|
||||||
|
const Warehouse = lazy(() => import("./pages/Warehouse"));
|
||||||
|
const WarehouseItems = lazy(() => import("./pages/WarehouseItems"));
|
||||||
|
const WarehouseItemDetail = lazy(() => import("./pages/WarehouseItemDetail"));
|
||||||
|
const WarehouseReceipts = lazy(() => import("./pages/WarehouseReceipts"));
|
||||||
|
const WarehouseReceiptDetail = lazy(
|
||||||
|
() => import("./pages/WarehouseReceiptDetail"),
|
||||||
|
);
|
||||||
|
const WarehouseReceiptForm = lazy(() => import("./pages/WarehouseReceiptForm"));
|
||||||
|
const WarehouseIssues = lazy(() => import("./pages/WarehouseIssues"));
|
||||||
|
const WarehouseIssueDetail = lazy(() => import("./pages/WarehouseIssueDetail"));
|
||||||
|
const WarehouseIssueForm = lazy(() => import("./pages/WarehouseIssueForm"));
|
||||||
|
const WarehouseReservations = lazy(
|
||||||
|
() => import("./pages/WarehouseReservations"),
|
||||||
|
);
|
||||||
|
const WarehouseInventory = lazy(() => import("./pages/WarehouseInventory"));
|
||||||
|
const WarehouseInventoryDetail = lazy(
|
||||||
|
() => import("./pages/WarehouseInventoryDetail"),
|
||||||
|
);
|
||||||
|
const WarehouseInventoryForm = lazy(
|
||||||
|
() => import("./pages/WarehouseInventoryForm"),
|
||||||
|
);
|
||||||
|
const WarehouseReports = lazy(() => import("./pages/WarehouseReports"));
|
||||||
|
const WarehouseSuppliers = lazy(() => import("./pages/WarehouseSuppliers"));
|
||||||
|
const WarehouseLocations = lazy(() => import("./pages/WarehouseLocations"));
|
||||||
|
const WarehouseCategories = lazy(() => import("./pages/WarehouseCategories"));
|
||||||
|
|
||||||
export default function AdminApp() {
|
export default function AdminApp() {
|
||||||
return (
|
return (
|
||||||
<AuthProvider>
|
<AuthProvider>
|
||||||
<AlertProvider>
|
<AlertProvider>
|
||||||
<AlertContainer />
|
<QueryClientProvider client={queryClient}>
|
||||||
<ErrorBoundary>
|
<AlertContainer />
|
||||||
<Suspense
|
<ErrorBoundary>
|
||||||
fallback={
|
<Suspense
|
||||||
<div className="admin-loading">
|
fallback={
|
||||||
<div className="admin-spinner" />
|
<div className="admin-loading">
|
||||||
</div>
|
<div className="admin-spinner" />
|
||||||
}
|
</div>
|
||||||
>
|
}
|
||||||
<Routes>
|
>
|
||||||
<Route path="login" element={<Login />} />
|
<Routes>
|
||||||
<Route element={<AdminLayout />}>
|
<Route path="login" element={<Login />} />
|
||||||
<Route index element={<Dashboard />} />
|
<Route element={<AdminLayout />}>
|
||||||
<Route path="users" element={<Users />} />
|
<Route index element={<Dashboard />} />
|
||||||
<Route path="attendance" element={<Attendance />} />
|
<Route path="users" element={<Users />} />
|
||||||
<Route
|
<Route path="attendance" element={<Attendance />} />
|
||||||
path="attendance/history"
|
<Route
|
||||||
element={<AttendanceHistory />}
|
path="attendance/history"
|
||||||
/>
|
element={<AttendanceHistory />}
|
||||||
<Route path="attendance/admin" element={<AttendanceAdmin />} />
|
/>
|
||||||
<Route
|
<Route
|
||||||
path="attendance/balances"
|
path="attendance/admin"
|
||||||
element={<AttendanceBalances />}
|
element={<AttendanceAdmin />}
|
||||||
/>
|
/>
|
||||||
<Route path="attendance/requests" element={<LeaveRequests />} />
|
<Route
|
||||||
<Route path="attendance/approval" element={<LeaveApproval />} />
|
path="attendance/balances"
|
||||||
<Route
|
element={<AttendanceBalances />}
|
||||||
path="attendance/create"
|
/>
|
||||||
element={<AttendanceCreate />}
|
<Route
|
||||||
/>
|
path="attendance/requests"
|
||||||
<Route
|
element={<LeaveRequests />}
|
||||||
path="attendance/location/:id"
|
/>
|
||||||
element={<AttendanceLocation />}
|
<Route
|
||||||
/>
|
path="attendance/approval"
|
||||||
<Route path="trips" element={<Trips />} />
|
element={<LeaveApproval />}
|
||||||
<Route path="trips/history" element={<TripsHistory />} />
|
/>
|
||||||
<Route path="trips/admin" element={<TripsAdmin />} />
|
<Route
|
||||||
<Route path="vehicles" element={<Vehicles />} />
|
path="attendance/create"
|
||||||
<Route path="offers" element={<Offers />} />
|
element={<AttendanceCreate />}
|
||||||
<Route path="offers/new" element={<OfferDetail />} />
|
/>
|
||||||
<Route path="offers/:id" element={<OfferDetail />} />
|
<Route
|
||||||
<Route path="offers/customers" element={<OffersCustomers />} />
|
path="attendance/location/:id"
|
||||||
<Route path="offers/templates" element={<OffersTemplates />} />
|
element={<AttendanceLocation />}
|
||||||
<Route path="orders" element={<Orders />} />
|
/>
|
||||||
<Route path="orders/:id" element={<OrderDetail />} />
|
<Route path="plan-work" element={<PlanWork />} />
|
||||||
<Route path="projects" element={<Projects />} />
|
<Route path="trips" element={<Trips />} />
|
||||||
<Route path="projects/new" element={<ProjectCreate />} />
|
<Route path="trips/history" element={<TripsHistory />} />
|
||||||
<Route path="projects/:id" element={<ProjectDetail />} />
|
<Route path="trips/admin" element={<TripsAdmin />} />
|
||||||
<Route path="invoices" element={<Invoices />} />
|
<Route path="vehicles" element={<Vehicles />} />
|
||||||
<Route path="invoices/new" element={<InvoiceDetail />} />
|
<Route path="offers" element={<Offers />} />
|
||||||
<Route path="invoices/:id" element={<InvoiceDetail />} />
|
<Route path="offers/new" element={<OfferDetail />} />
|
||||||
<Route path="settings" element={<Settings />} />
|
<Route path="offers/:id" element={<OfferDetail />} />
|
||||||
<Route path="audit-log" element={<AuditLog />} />
|
<Route
|
||||||
</Route>
|
path="offers/customers"
|
||||||
<Route path="*" element={<NotFound />} />
|
element={<OffersCustomers />}
|
||||||
</Routes>
|
/>
|
||||||
</Suspense>
|
<Route
|
||||||
</ErrorBoundary>
|
path="offers/templates"
|
||||||
|
element={<OffersTemplates />}
|
||||||
|
/>
|
||||||
|
<Route path="orders" element={<Orders />} />
|
||||||
|
<Route path="orders/:id" element={<OrderDetail />} />
|
||||||
|
<Route path="projects" element={<Projects />} />
|
||||||
|
<Route path="projects/:id" element={<ProjectDetail />} />
|
||||||
|
<Route path="invoices" element={<Invoices />} />
|
||||||
|
<Route path="invoices/new" element={<InvoiceDetail />} />
|
||||||
|
<Route path="invoices/:id" element={<InvoiceDetail />} />
|
||||||
|
<Route path="settings" element={<Settings />} />
|
||||||
|
<Route path="audit-log" element={<AuditLog />} />
|
||||||
|
<Route path="warehouse" element={<Warehouse />} />
|
||||||
|
<Route path="warehouse/items" element={<WarehouseItems />} />
|
||||||
|
<Route
|
||||||
|
path="warehouse/items/:id"
|
||||||
|
element={<WarehouseItemDetail />}
|
||||||
|
/>
|
||||||
|
<Route
|
||||||
|
path="warehouse/receipts"
|
||||||
|
element={<WarehouseReceipts />}
|
||||||
|
/>
|
||||||
|
<Route
|
||||||
|
path="warehouse/receipts/new"
|
||||||
|
element={<WarehouseReceiptForm />}
|
||||||
|
/>
|
||||||
|
<Route
|
||||||
|
path="warehouse/receipts/:id"
|
||||||
|
element={<WarehouseReceiptDetail />}
|
||||||
|
/>
|
||||||
|
<Route
|
||||||
|
path="warehouse/receipts/:id/edit"
|
||||||
|
element={<WarehouseReceiptForm />}
|
||||||
|
/>
|
||||||
|
<Route
|
||||||
|
path="warehouse/issues"
|
||||||
|
element={<WarehouseIssues />}
|
||||||
|
/>
|
||||||
|
<Route
|
||||||
|
path="warehouse/issues/new"
|
||||||
|
element={<WarehouseIssueForm />}
|
||||||
|
/>
|
||||||
|
<Route
|
||||||
|
path="warehouse/issues/:id"
|
||||||
|
element={<WarehouseIssueDetail />}
|
||||||
|
/>
|
||||||
|
<Route
|
||||||
|
path="warehouse/issues/:id/edit"
|
||||||
|
element={<WarehouseIssueForm />}
|
||||||
|
/>
|
||||||
|
<Route
|
||||||
|
path="warehouse/reservations"
|
||||||
|
element={<WarehouseReservations />}
|
||||||
|
/>
|
||||||
|
<Route
|
||||||
|
path="warehouse/inventory"
|
||||||
|
element={<WarehouseInventory />}
|
||||||
|
/>
|
||||||
|
<Route
|
||||||
|
path="warehouse/inventory/new"
|
||||||
|
element={<WarehouseInventoryForm />}
|
||||||
|
/>
|
||||||
|
<Route
|
||||||
|
path="warehouse/inventory/:id"
|
||||||
|
element={<WarehouseInventoryDetail />}
|
||||||
|
/>
|
||||||
|
<Route
|
||||||
|
path="warehouse/reports"
|
||||||
|
element={<WarehouseReports />}
|
||||||
|
/>
|
||||||
|
<Route
|
||||||
|
path="warehouse/suppliers"
|
||||||
|
element={<WarehouseSuppliers />}
|
||||||
|
/>
|
||||||
|
<Route
|
||||||
|
path="warehouse/locations"
|
||||||
|
element={<WarehouseLocations />}
|
||||||
|
/>
|
||||||
|
<Route
|
||||||
|
path="warehouse/categories"
|
||||||
|
element={<WarehouseCategories />}
|
||||||
|
/>
|
||||||
|
</Route>
|
||||||
|
<Route path="*" element={<NotFound />} />
|
||||||
|
</Routes>
|
||||||
|
</Suspense>
|
||||||
|
</ErrorBoundary>
|
||||||
|
</QueryClientProvider>
|
||||||
</AlertProvider>
|
</AlertProvider>
|
||||||
</AuthProvider>
|
</AuthProvider>
|
||||||
);
|
);
|
||||||
|
|||||||
@@ -318,12 +318,14 @@
|
|||||||
|
|
||||||
/* Leave Type Badges */
|
/* Leave Type Badges */
|
||||||
.attendance-leave-badge {
|
.attendance-leave-badge {
|
||||||
display: inline-block;
|
display: inline-flex;
|
||||||
padding: 0.25rem 0.5rem;
|
align-items: center;
|
||||||
|
justify-content: center;
|
||||||
|
padding: 0.25rem 0.55rem;
|
||||||
border-radius: var(--border-radius-sm);
|
border-radius: var(--border-radius-sm);
|
||||||
font-size: 0.75rem;
|
font-size: 0.75rem;
|
||||||
font-weight: 500;
|
font-weight: 500;
|
||||||
margin-right: 0.25rem;
|
line-height: 1.2;
|
||||||
background: var(--bg-tertiary);
|
background: var(--bg-tertiary);
|
||||||
color: var(--text-secondary);
|
color: var(--text-secondary);
|
||||||
}
|
}
|
||||||
@@ -432,3 +434,22 @@
|
|||||||
color: var(--text-muted);
|
color: var(--text-muted);
|
||||||
font-family: monospace;
|
font-family: monospace;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/* ============================================================================
|
||||||
|
Mobile (responsive)
|
||||||
|
============================================================================ */
|
||||||
|
|
||||||
|
/* The Leaflet map at a fixed 400px dominates a phone viewport — let it scale
|
||||||
|
with the viewport height (with sensible min/max) on small screens. */
|
||||||
|
@media (max-width: 640px) {
|
||||||
|
.attendance-location-map {
|
||||||
|
height: clamp(220px, 45vh, 400px);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
/* The clock card's 2rem padding crushes content at ~360px — tighten it. */
|
||||||
|
@media (max-width: 480px) {
|
||||||
|
.attendance-clock-card {
|
||||||
|
padding: 1rem;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|||||||
@@ -265,7 +265,7 @@ img {
|
|||||||
border-radius: var(--border-radius-sm);
|
border-radius: var(--border-radius-sm);
|
||||||
background: var(--bg-tertiary);
|
background: var(--bg-tertiary);
|
||||||
border: 1px solid var(--border-color);
|
border: 1px solid var(--border-color);
|
||||||
color: var(--danger-color);
|
color: var(--danger);
|
||||||
font-family: var(--font-mono);
|
font-family: var(--font-mono);
|
||||||
font-size: 11px;
|
font-size: 11px;
|
||||||
line-height: 1.5;
|
line-height: 1.5;
|
||||||
@@ -330,15 +330,6 @@ img {
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
@keyframes shimmer {
|
|
||||||
0% {
|
|
||||||
background-position: -200% 0;
|
|
||||||
}
|
|
||||||
100% {
|
|
||||||
background-position: 200% 0;
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
/* ── Additional Utilities ─────────────────────────────────────────── */
|
/* ── Additional Utilities ─────────────────────────────────────────── */
|
||||||
|
|
||||||
/* Font sizes */
|
/* Font sizes */
|
||||||
|
|||||||
@@ -8,7 +8,10 @@
|
|||||||
justify-content: center;
|
justify-content: center;
|
||||||
gap: 0.5rem;
|
gap: 0.5rem;
|
||||||
padding: 8px 14px;
|
padding: 8px 14px;
|
||||||
border: none;
|
/* 1px transparent border on ALL buttons so switching between primary
|
||||||
|
and secondary doesn't cause a 1px layout shift (the border is always
|
||||||
|
1px — only the colour changes). */
|
||||||
|
border: 1px solid transparent;
|
||||||
border-radius: var(--border-radius-sm);
|
border-radius: var(--border-radius-sm);
|
||||||
font-size: 13px;
|
font-size: 13px;
|
||||||
font-weight: 550;
|
font-weight: 550;
|
||||||
@@ -38,11 +41,13 @@
|
|||||||
|
|
||||||
.admin-btn-primary {
|
.admin-btn-primary {
|
||||||
background: var(--accent-color);
|
background: var(--accent-color);
|
||||||
|
border-color: var(--accent-color);
|
||||||
color: #fff;
|
color: #fff;
|
||||||
}
|
}
|
||||||
|
|
||||||
.admin-btn-primary:hover:not(:disabled) {
|
.admin-btn-primary:hover:not(:disabled) {
|
||||||
background: var(--accent-hover);
|
background: var(--accent-hover);
|
||||||
|
border-color: var(--accent-hover);
|
||||||
transform: translateY(-1px);
|
transform: translateY(-1px);
|
||||||
box-shadow: 0 4px 12px rgba(214, 48, 49, 0.3);
|
box-shadow: 0 4px 12px rgba(214, 48, 49, 0.3);
|
||||||
}
|
}
|
||||||
@@ -75,6 +80,24 @@
|
|||||||
color: var(--text-primary);
|
color: var(--text-primary);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
.admin-btn-danger {
|
||||||
|
background: var(--danger);
|
||||||
|
border-color: var(--danger);
|
||||||
|
color: #fff;
|
||||||
|
}
|
||||||
|
|
||||||
|
.admin-btn-danger:hover:not(:disabled) {
|
||||||
|
background: color-mix(in srgb, var(--danger) 88%, #000);
|
||||||
|
border-color: color-mix(in srgb, var(--danger) 88%, #000);
|
||||||
|
transform: translateY(-1px);
|
||||||
|
box-shadow: 0 4px 12px color-mix(in srgb, var(--danger) 30%, transparent);
|
||||||
|
}
|
||||||
|
|
||||||
|
.admin-btn-danger .admin-spinner {
|
||||||
|
border-color: rgba(255, 255, 255, 0.3);
|
||||||
|
border-top-color: #fff;
|
||||||
|
}
|
||||||
|
|
||||||
.admin-btn-icon {
|
.admin-btn-icon {
|
||||||
display: inline-flex;
|
display: inline-flex;
|
||||||
align-items: center;
|
align-items: center;
|
||||||
|
|||||||
@@ -41,6 +41,11 @@
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/* Danger card — highlighted border for alert/important cards */
|
||||||
|
.admin-card-danger {
|
||||||
|
border: 2px solid var(--danger);
|
||||||
|
}
|
||||||
|
|
||||||
/* ============================================================================
|
/* ============================================================================
|
||||||
Badges
|
Badges
|
||||||
============================================================================ */
|
============================================================================ */
|
||||||
@@ -123,6 +128,16 @@
|
|||||||
color: var(--danger);
|
color: var(--danger);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
.admin-badge-incoming {
|
||||||
|
background: var(--success-soft);
|
||||||
|
color: var(--success);
|
||||||
|
}
|
||||||
|
|
||||||
|
.admin-badge-outgoing {
|
||||||
|
background: var(--info-soft);
|
||||||
|
color: var(--info);
|
||||||
|
}
|
||||||
|
|
||||||
/* Status Badges - Leave Requests */
|
/* Status Badges - Leave Requests */
|
||||||
.badge-pending {
|
.badge-pending {
|
||||||
background: color-mix(in srgb, var(--warning) 15%, transparent);
|
background: color-mix(in srgb, var(--warning) 15%, transparent);
|
||||||
@@ -206,6 +221,8 @@
|
|||||||
position: absolute;
|
position: absolute;
|
||||||
inset: 0;
|
inset: 0;
|
||||||
background: rgba(0, 0, 0, 0.6);
|
background: rgba(0, 0, 0, 0.6);
|
||||||
|
backdrop-filter: blur(2px);
|
||||||
|
-webkit-backdrop-filter: blur(2px);
|
||||||
touch-action: none;
|
touch-action: none;
|
||||||
}
|
}
|
||||||
|
|
||||||
@@ -232,6 +249,14 @@
|
|||||||
padding: 18px;
|
padding: 18px;
|
||||||
border-bottom: 1px solid var(--border-color);
|
border-bottom: 1px solid var(--border-color);
|
||||||
flex-shrink: 0;
|
flex-shrink: 0;
|
||||||
|
display: flex;
|
||||||
|
align-items: center;
|
||||||
|
justify-content: space-between;
|
||||||
|
gap: 12px;
|
||||||
|
}
|
||||||
|
|
||||||
|
.admin-modal-heading {
|
||||||
|
min-width: 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
.admin-modal-title {
|
.admin-modal-title {
|
||||||
@@ -240,6 +265,45 @@
|
|||||||
color: var(--text-primary);
|
color: var(--text-primary);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
.admin-modal-subtitle {
|
||||||
|
margin: 2px 0 0;
|
||||||
|
font-size: 12.5px;
|
||||||
|
font-weight: 500;
|
||||||
|
color: var(--text-secondary);
|
||||||
|
}
|
||||||
|
|
||||||
|
.admin-modal-close {
|
||||||
|
flex-shrink: 0;
|
||||||
|
display: inline-flex;
|
||||||
|
align-items: center;
|
||||||
|
justify-content: center;
|
||||||
|
width: 30px;
|
||||||
|
height: 30px;
|
||||||
|
padding: 0;
|
||||||
|
background: transparent;
|
||||||
|
border: 1px solid transparent;
|
||||||
|
color: var(--text-muted);
|
||||||
|
border-radius: var(--border-radius-sm);
|
||||||
|
cursor: pointer;
|
||||||
|
transition:
|
||||||
|
background var(--motion-fast) ease,
|
||||||
|
color var(--motion-fast) ease,
|
||||||
|
border-color var(--motion-fast) ease,
|
||||||
|
transform var(--motion-fast) ease;
|
||||||
|
}
|
||||||
|
|
||||||
|
.admin-modal-close:hover:not(:disabled) {
|
||||||
|
background: var(--bg-tertiary);
|
||||||
|
color: var(--text-primary);
|
||||||
|
border-color: var(--border-color);
|
||||||
|
transform: rotate(90deg);
|
||||||
|
}
|
||||||
|
|
||||||
|
.admin-modal-close:disabled {
|
||||||
|
opacity: 0.5;
|
||||||
|
cursor: not-allowed;
|
||||||
|
}
|
||||||
|
|
||||||
.admin-modal-body {
|
.admin-modal-body {
|
||||||
padding: 18px;
|
padding: 18px;
|
||||||
overflow-y: auto;
|
overflow-y: auto;
|
||||||
@@ -254,10 +318,45 @@
|
|||||||
border-top: 1px solid var(--border-color);
|
border-top: 1px solid var(--border-color);
|
||||||
display: flex;
|
display: flex;
|
||||||
gap: 0.75rem;
|
gap: 0.75rem;
|
||||||
justify-content: flex-end;
|
justify-content: space-between;
|
||||||
|
align-items: center;
|
||||||
flex-shrink: 0;
|
flex-shrink: 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
.admin-modal-footer-left,
|
||||||
|
.admin-modal-footer-right {
|
||||||
|
display: flex;
|
||||||
|
gap: 0.5rem;
|
||||||
|
align-items: center;
|
||||||
|
}
|
||||||
|
|
||||||
|
.admin-modal-footer-right {
|
||||||
|
margin-left: auto;
|
||||||
|
}
|
||||||
|
|
||||||
|
@media (max-width: 480px) {
|
||||||
|
.admin-modal-footer {
|
||||||
|
flex-direction: column;
|
||||||
|
align-items: stretch;
|
||||||
|
gap: 0.5rem;
|
||||||
|
}
|
||||||
|
.admin-modal-footer-left,
|
||||||
|
.admin-modal-footer-right {
|
||||||
|
width: 100%;
|
||||||
|
}
|
||||||
|
.admin-modal-footer-left .admin-btn,
|
||||||
|
.admin-modal-footer-right .admin-btn {
|
||||||
|
flex: 1;
|
||||||
|
}
|
||||||
|
.admin-modal-footer-left {
|
||||||
|
order: 2;
|
||||||
|
}
|
||||||
|
.admin-modal-footer-right {
|
||||||
|
order: 1;
|
||||||
|
margin-left: 0;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
@media (max-width: 768px) {
|
@media (max-width: 768px) {
|
||||||
.admin-modal-overlay {
|
.admin-modal-overlay {
|
||||||
padding: 0;
|
padding: 0;
|
||||||
@@ -511,6 +610,25 @@
|
|||||||
0 0 0 1px var(--border-color);
|
0 0 0 1px var(--border-color);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@media (max-width: 640px) {
|
||||||
|
.admin-tabs {
|
||||||
|
display: flex;
|
||||||
|
max-width: 100%;
|
||||||
|
overflow-x: auto;
|
||||||
|
-webkit-overflow-scrolling: touch;
|
||||||
|
scrollbar-width: none;
|
||||||
|
}
|
||||||
|
|
||||||
|
.admin-tabs::-webkit-scrollbar {
|
||||||
|
display: none;
|
||||||
|
}
|
||||||
|
|
||||||
|
.admin-tab {
|
||||||
|
flex: 0 0 auto;
|
||||||
|
min-height: 44px;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
/* ============================================================================
|
/* ============================================================================
|
||||||
Empty State
|
Empty State
|
||||||
============================================================================ */
|
============================================================================ */
|
||||||
@@ -716,6 +834,7 @@
|
|||||||
.admin-kpi-grid {
|
.admin-kpi-grid {
|
||||||
display: grid;
|
display: grid;
|
||||||
gap: 0.875rem;
|
gap: 0.875rem;
|
||||||
|
margin-bottom: 1rem;
|
||||||
}
|
}
|
||||||
|
|
||||||
.admin-kpi-4 {
|
.admin-kpi-4 {
|
||||||
@@ -745,7 +864,9 @@
|
|||||||
}
|
}
|
||||||
|
|
||||||
@media (max-width: 480px) {
|
@media (max-width: 480px) {
|
||||||
.admin-kpi-grid {
|
.admin-kpi-grid,
|
||||||
|
.admin-kpi-4,
|
||||||
|
.admin-kpi-3 {
|
||||||
grid-template-columns: 1fr;
|
grid-template-columns: 1fr;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
@@ -923,3 +1044,174 @@
|
|||||||
max-height: 80px;
|
max-height: 80px;
|
||||||
object-fit: contain;
|
object-fit: contain;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/* ============================================================================
|
||||||
|
Search Bar & Filters
|
||||||
|
============================================================================ */
|
||||||
|
|
||||||
|
.admin-search-bar {
|
||||||
|
display: flex;
|
||||||
|
flex-wrap: wrap;
|
||||||
|
gap: 0.5rem;
|
||||||
|
align-items: center;
|
||||||
|
}
|
||||||
|
|
||||||
|
.admin-search-bar .admin-form-input,
|
||||||
|
.admin-search-bar .admin-form-select {
|
||||||
|
flex: 1 1 140px;
|
||||||
|
min-width: 140px;
|
||||||
|
max-width: 280px;
|
||||||
|
}
|
||||||
|
|
||||||
|
.admin-search-bar .react-datepicker-wrapper {
|
||||||
|
flex: 1 1 140px;
|
||||||
|
min-width: 140px;
|
||||||
|
max-width: 280px;
|
||||||
|
}
|
||||||
|
|
||||||
|
.admin-search-bar .admin-btn {
|
||||||
|
flex-shrink: 0;
|
||||||
|
}
|
||||||
|
|
||||||
|
.admin-search {
|
||||||
|
position: relative;
|
||||||
|
flex: 1 1 200px;
|
||||||
|
min-width: 180px;
|
||||||
|
max-width: 320px;
|
||||||
|
display: flex;
|
||||||
|
align-items: center;
|
||||||
|
}
|
||||||
|
|
||||||
|
.admin-search svg {
|
||||||
|
position: absolute;
|
||||||
|
left: 10px;
|
||||||
|
color: var(--text-muted);
|
||||||
|
pointer-events: none;
|
||||||
|
}
|
||||||
|
|
||||||
|
.admin-search .admin-form-input {
|
||||||
|
padding-left: 32px;
|
||||||
|
}
|
||||||
|
|
||||||
|
@media (max-width: 768px) {
|
||||||
|
.admin-search-bar {
|
||||||
|
flex-direction: column;
|
||||||
|
align-items: stretch;
|
||||||
|
}
|
||||||
|
|
||||||
|
.admin-search-bar .admin-form-input,
|
||||||
|
.admin-search-bar .admin-form-select {
|
||||||
|
max-width: 100%;
|
||||||
|
}
|
||||||
|
|
||||||
|
.admin-search-bar .react-datepicker-wrapper {
|
||||||
|
max-width: 100%;
|
||||||
|
}
|
||||||
|
|
||||||
|
.admin-search {
|
||||||
|
max-width: 100%;
|
||||||
|
flex: 1 1 100%;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
@media (max-width: 480px) {
|
||||||
|
.admin-search-bar .admin-form-input,
|
||||||
|
.admin-search-bar .admin-form-select {
|
||||||
|
min-width: 100%;
|
||||||
|
}
|
||||||
|
|
||||||
|
.admin-search-bar .react-datepicker-wrapper {
|
||||||
|
min-width: 100%;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
/* ============================================================================
|
||||||
|
Item Picker (Warehouse)
|
||||||
|
============================================================================ */
|
||||||
|
|
||||||
|
.admin-item-picker-list {
|
||||||
|
position: absolute;
|
||||||
|
top: 100%;
|
||||||
|
left: 0;
|
||||||
|
right: 0;
|
||||||
|
z-index: 100;
|
||||||
|
max-height: 240px;
|
||||||
|
overflow-y: auto;
|
||||||
|
overscroll-behavior: contain;
|
||||||
|
background: var(--bg-primary);
|
||||||
|
border: 1px solid var(--border-color);
|
||||||
|
border-top: none;
|
||||||
|
border-radius: 0 0 var(--border-radius-sm) var(--border-radius-sm);
|
||||||
|
box-shadow: 0 4px 12px rgba(0, 0, 0, 0.15);
|
||||||
|
padding: 4px 0;
|
||||||
|
margin: 0;
|
||||||
|
list-style: none;
|
||||||
|
}
|
||||||
|
|
||||||
|
.admin-item-picker-list::-webkit-scrollbar {
|
||||||
|
width: 5px;
|
||||||
|
}
|
||||||
|
|
||||||
|
.admin-item-picker-list::-webkit-scrollbar-track {
|
||||||
|
background: transparent;
|
||||||
|
}
|
||||||
|
|
||||||
|
.admin-item-picker-list::-webkit-scrollbar-thumb {
|
||||||
|
background: var(--border-color);
|
||||||
|
border-radius: 99px;
|
||||||
|
}
|
||||||
|
|
||||||
|
.admin-item-picker-list::-webkit-scrollbar-thumb:hover {
|
||||||
|
background: var(--text-muted);
|
||||||
|
}
|
||||||
|
|
||||||
|
.admin-item-picker-item {
|
||||||
|
display: flex;
|
||||||
|
align-items: center;
|
||||||
|
justify-content: space-between;
|
||||||
|
gap: 0.5rem;
|
||||||
|
padding: 8px 12px;
|
||||||
|
cursor: pointer;
|
||||||
|
transition: background var(--transition);
|
||||||
|
border-radius: 4px;
|
||||||
|
margin: 0 4px;
|
||||||
|
}
|
||||||
|
|
||||||
|
.admin-item-picker-item:hover,
|
||||||
|
.admin-item-picker-item.active {
|
||||||
|
background: var(--bg-secondary);
|
||||||
|
}
|
||||||
|
|
||||||
|
.admin-item-picker-name {
|
||||||
|
font-size: 13px;
|
||||||
|
font-weight: 500;
|
||||||
|
color: var(--text-primary);
|
||||||
|
white-space: nowrap;
|
||||||
|
overflow: hidden;
|
||||||
|
text-overflow: ellipsis;
|
||||||
|
min-width: 0;
|
||||||
|
flex: 1;
|
||||||
|
}
|
||||||
|
|
||||||
|
.admin-item-picker-number {
|
||||||
|
font-size: 11.5px;
|
||||||
|
color: var(--text-tertiary);
|
||||||
|
white-space: nowrap;
|
||||||
|
}
|
||||||
|
|
||||||
|
.admin-item-picker-qty {
|
||||||
|
font-size: 11.5px;
|
||||||
|
color: var(--text-secondary);
|
||||||
|
white-space: nowrap;
|
||||||
|
}
|
||||||
|
|
||||||
|
@media (max-width: 640px) {
|
||||||
|
.admin-item-picker-list {
|
||||||
|
max-width: calc(100vw - 24px);
|
||||||
|
overflow-y: auto;
|
||||||
|
}
|
||||||
|
|
||||||
|
.admin-item-picker-item {
|
||||||
|
min-height: 44px;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|||||||
@@ -1,4 +1,4 @@
|
|||||||
import { forwardRef, useMemo } from "react";
|
import { forwardRef } from "react";
|
||||||
import DatePicker, { registerLocale } from "react-datepicker";
|
import DatePicker, { registerLocale } from "react-datepicker";
|
||||||
import { cs } from "date-fns/locale";
|
import { cs } from "date-fns/locale";
|
||||||
import { parse, format } from "date-fns";
|
import { parse, format } from "date-fns";
|
||||||
@@ -75,6 +75,19 @@ function NativeInput({
|
|||||||
disabled,
|
disabled,
|
||||||
}: NativeInputProps) {
|
}: NativeInputProps) {
|
||||||
const type = modeToInputType[mode] || "date";
|
const type = modeToInputType[mode] || "date";
|
||||||
|
// For time inputs, min/max must be in HH:mm format, not date format
|
||||||
|
const formatTimeMinMax = (val: string | undefined): string | undefined => {
|
||||||
|
if (!val) return undefined;
|
||||||
|
// If it looks like a date string (yyyy-MM-dd), extract time portion if present,
|
||||||
|
// otherwise it's not a valid time min/max — return undefined
|
||||||
|
if (val.includes("T")) return val.split("T")[1]?.substring(0, 5);
|
||||||
|
if (val.includes(":")) return val.substring(0, 5);
|
||||||
|
return undefined;
|
||||||
|
};
|
||||||
|
const minProp =
|
||||||
|
mode === "time" ? formatTimeMinMax(minDate) : minDate || undefined;
|
||||||
|
const maxProp =
|
||||||
|
mode === "time" ? formatTimeMinMax(maxDate) : maxDate || undefined;
|
||||||
return (
|
return (
|
||||||
<input
|
<input
|
||||||
type={type}
|
type={type}
|
||||||
@@ -84,14 +97,14 @@ function NativeInput({
|
|||||||
className="admin-form-input"
|
className="admin-form-input"
|
||||||
required={required}
|
required={required}
|
||||||
disabled={disabled}
|
disabled={disabled}
|
||||||
min={minDate || undefined}
|
min={minProp}
|
||||||
max={maxDate || undefined}
|
max={maxProp}
|
||||||
/>
|
/>
|
||||||
);
|
);
|
||||||
}
|
}
|
||||||
|
|
||||||
interface AdminDatePickerProps {
|
interface AdminDatePickerProps {
|
||||||
mode?: "date" | "month" | "datetime" | "time";
|
mode?: "date" | "month" | "time";
|
||||||
value: string;
|
value: string;
|
||||||
onChange: (value: string) => void;
|
onChange: (value: string) => void;
|
||||||
minDate?: string;
|
minDate?: string;
|
||||||
@@ -111,7 +124,7 @@ export default function AdminDatePicker({
|
|||||||
disabled,
|
disabled,
|
||||||
placeholder,
|
placeholder,
|
||||||
}: AdminDatePickerProps) {
|
}: AdminDatePickerProps) {
|
||||||
const useNative = useMemo(() => isTouchDevice(), []);
|
const useNative = isTouchDevice();
|
||||||
|
|
||||||
if (useNative) {
|
if (useNative) {
|
||||||
return (
|
return (
|
||||||
@@ -165,17 +178,20 @@ export default function AdminDatePicker({
|
|||||||
return undefined;
|
return undefined;
|
||||||
};
|
};
|
||||||
|
|
||||||
|
const customInput = (
|
||||||
|
<CustomInput
|
||||||
|
required={required}
|
||||||
|
placeholder={placeholder}
|
||||||
|
disabled={disabled}
|
||||||
|
/>
|
||||||
|
);
|
||||||
|
|
||||||
const commonProps = {
|
const commonProps = {
|
||||||
selected: toDate(value),
|
selected: toDate(value),
|
||||||
onChange: handleChange,
|
onChange: handleChange,
|
||||||
locale: "cs",
|
locale: "cs",
|
||||||
customInput: (
|
customInput,
|
||||||
<CustomInput
|
placeholderText: placeholder,
|
||||||
required={required}
|
|
||||||
placeholder={placeholder}
|
|
||||||
disabled={disabled}
|
|
||||||
/>
|
|
||||||
),
|
|
||||||
minDate: parseMinMax(minDate),
|
minDate: parseMinMax(minDate),
|
||||||
maxDate: parseMinMax(maxDate),
|
maxDate: parseMinMax(maxDate),
|
||||||
popperPlacement: "bottom-start" as const,
|
popperPlacement: "bottom-start" as const,
|
||||||
|
|||||||
@@ -8,34 +8,13 @@ import {
|
|||||||
getLeaveTypeName,
|
getLeaveTypeName,
|
||||||
getLeaveTypeBadgeClass,
|
getLeaveTypeBadgeClass,
|
||||||
} from "../utils/attendanceHelpers";
|
} from "../utils/attendanceHelpers";
|
||||||
|
import type { AttendanceRecord as HookAttendanceRecord } from "../hooks/useAttendanceAdmin";
|
||||||
|
|
||||||
interface ProjectLog {
|
interface AttendanceRecord extends HookAttendanceRecord {
|
||||||
id?: number;
|
|
||||||
project_id?: number;
|
|
||||||
project_name?: string;
|
|
||||||
started_at?: string;
|
|
||||||
ended_at?: string | null;
|
|
||||||
hours?: string | number | null;
|
|
||||||
minutes?: string | number | null;
|
|
||||||
}
|
|
||||||
|
|
||||||
interface AttendanceRecord {
|
|
||||||
id: number;
|
|
||||||
shift_date: string;
|
|
||||||
user_name: string;
|
|
||||||
leave_type?: string;
|
|
||||||
leave_hours?: number;
|
|
||||||
arrival_time?: string | null;
|
|
||||||
departure_time?: string | null;
|
|
||||||
break_start?: string | null;
|
|
||||||
break_end?: string | null;
|
|
||||||
arrival_lat?: number | string | null;
|
arrival_lat?: number | string | null;
|
||||||
arrival_lng?: number | string | null;
|
arrival_lng?: number | string | null;
|
||||||
departure_lat?: number | string | null;
|
departure_lat?: number | string | null;
|
||||||
departure_lng?: number | string | null;
|
departure_lng?: number | string | null;
|
||||||
project_name?: string;
|
|
||||||
project_logs?: ProjectLog[];
|
|
||||||
notes?: string | null;
|
|
||||||
}
|
}
|
||||||
|
|
||||||
interface AttendanceShiftTableProps {
|
interface AttendanceShiftTableProps {
|
||||||
@@ -51,7 +30,7 @@ function formatBreak(record: AttendanceRecord): string {
|
|||||||
if (record.break_start) {
|
if (record.break_start) {
|
||||||
return `${formatTime(record.break_start)} - ?`;
|
return `${formatTime(record.break_start)} - ?`;
|
||||||
}
|
}
|
||||||
return "\u2014";
|
return "—";
|
||||||
}
|
}
|
||||||
|
|
||||||
function renderProjectCell(record: AttendanceRecord): React.ReactNode {
|
function renderProjectCell(record: AttendanceRecord): React.ReactNode {
|
||||||
@@ -64,21 +43,30 @@ function renderProjectCell(record: AttendanceRecord): React.ReactNode {
|
|||||||
let h: number,
|
let h: number,
|
||||||
m: number,
|
m: number,
|
||||||
isActive = false;
|
isActive = false;
|
||||||
|
let durationValid = true;
|
||||||
if (log.hours !== null && log.hours !== undefined) {
|
if (log.hours !== null && log.hours !== undefined) {
|
||||||
h = parseInt(String(log.hours)) || 0;
|
h = parseInt(String(log.hours)) || 0;
|
||||||
m = parseInt(String(log.minutes)) || 0;
|
m = parseInt(String(log.minutes)) || 0;
|
||||||
} else {
|
} else {
|
||||||
isActive = !log.ended_at;
|
isActive = !log.ended_at;
|
||||||
const end = log.ended_at ? new Date(log.ended_at) : new Date();
|
const end = log.ended_at ? new Date(log.ended_at) : new Date();
|
||||||
const mins = Math.floor(
|
const start = log.started_at ? new Date(log.started_at) : null;
|
||||||
(end.getTime() - new Date(log.started_at!).getTime()) / 60000,
|
if (start && !isNaN(start.getTime()) && !isNaN(end.getTime())) {
|
||||||
);
|
const mins = Math.max(
|
||||||
h = Math.floor(mins / 60);
|
0,
|
||||||
m = mins % 60;
|
Math.floor((end.getTime() - start.getTime()) / 60000),
|
||||||
|
);
|
||||||
|
h = Math.floor(mins / 60);
|
||||||
|
m = mins % 60;
|
||||||
|
} else {
|
||||||
|
durationValid = false;
|
||||||
|
h = 0;
|
||||||
|
m = 0;
|
||||||
|
}
|
||||||
}
|
}
|
||||||
return (
|
return (
|
||||||
<span
|
<span
|
||||||
key={log.id || i}
|
key={log.id ?? i}
|
||||||
className="admin-badge"
|
className="admin-badge"
|
||||||
style={{
|
style={{
|
||||||
fontSize: "0.7rem",
|
fontSize: "0.7rem",
|
||||||
@@ -86,8 +74,10 @@ function renderProjectCell(record: AttendanceRecord): React.ReactNode {
|
|||||||
background: isActive ? "var(--accent-light)" : undefined,
|
background: isActive ? "var(--accent-light)" : undefined,
|
||||||
}}
|
}}
|
||||||
>
|
>
|
||||||
{log.project_name || `#${log.project_id}`} ({h}:
|
{log.project_name || `#${log.project_id}`}{" "}
|
||||||
{String(m).padStart(2, "0")}h{isActive ? " \u25B8" : ""})
|
{durationValid
|
||||||
|
? `(${h}:${String(m).padStart(2, "0")}h${isActive ? " ▸" : ""})`
|
||||||
|
: "—"}
|
||||||
</span>
|
</span>
|
||||||
);
|
);
|
||||||
})}
|
})}
|
||||||
@@ -104,7 +94,7 @@ function renderProjectCell(record: AttendanceRecord): React.ReactNode {
|
|||||||
</span>
|
</span>
|
||||||
);
|
);
|
||||||
}
|
}
|
||||||
return "\u2014";
|
return "—";
|
||||||
}
|
}
|
||||||
|
|
||||||
export default function AttendanceShiftTable({
|
export default function AttendanceShiftTable({
|
||||||
@@ -143,8 +133,12 @@ export default function AttendanceShiftTable({
|
|||||||
const leaveType = record.leave_type || "work";
|
const leaveType = record.leave_type || "work";
|
||||||
const isLeave = leaveType !== "work";
|
const isLeave = leaveType !== "work";
|
||||||
const workMinutes = isLeave
|
const workMinutes = isLeave
|
||||||
? (Number(record.leave_hours) || 8) * 60
|
? (record.leave_hours != null ? Number(record.leave_hours) : 8) *
|
||||||
: calculateWorkMinutes(record);
|
60
|
||||||
|
: calculateWorkMinutes({
|
||||||
|
...record,
|
||||||
|
notes: record.notes ?? undefined,
|
||||||
|
});
|
||||||
const hasLocation =
|
const hasLocation =
|
||||||
(record.arrival_lat && record.arrival_lng) ||
|
(record.arrival_lat && record.arrival_lng) ||
|
||||||
(record.departure_lat && record.departure_lng);
|
(record.departure_lat && record.departure_lng);
|
||||||
@@ -161,18 +155,16 @@ export default function AttendanceShiftTable({
|
|||||||
</span>
|
</span>
|
||||||
</td>
|
</td>
|
||||||
<td className="admin-mono">
|
<td className="admin-mono">
|
||||||
{isLeave ? "\u2014" : formatDatetime(record.arrival_time)}
|
{isLeave ? "—" : formatDatetime(record.arrival_time)}
|
||||||
</td>
|
</td>
|
||||||
<td className="admin-mono">
|
<td className="admin-mono">
|
||||||
{isLeave ? "\u2014" : formatBreak(record)}
|
{isLeave ? "—" : formatBreak(record)}
|
||||||
</td>
|
</td>
|
||||||
<td className="admin-mono">
|
<td className="admin-mono">
|
||||||
{isLeave ? "\u2014" : formatDatetime(record.departure_time)}
|
{isLeave ? "—" : formatDatetime(record.departure_time)}
|
||||||
</td>
|
</td>
|
||||||
<td className="admin-mono">
|
<td className="admin-mono">
|
||||||
{workMinutes > 0
|
{workMinutes > 0 ? `${formatMinutes(workMinutes)} h` : "—"}
|
||||||
? `${formatMinutes(workMinutes)} h`
|
|
||||||
: "\u2014"}
|
|
||||||
</td>
|
</td>
|
||||||
<td>{renderProjectCell(record)}</td>
|
<td>{renderProjectCell(record)}</td>
|
||||||
<td>
|
<td>
|
||||||
@@ -183,10 +175,10 @@ export default function AttendanceShiftTable({
|
|||||||
title="Zobrazit polohu"
|
title="Zobrazit polohu"
|
||||||
aria-label="Zobrazit polohu"
|
aria-label="Zobrazit polohu"
|
||||||
>
|
>
|
||||||
{"\uD83D\uDCCD"}
|
<span aria-hidden="true">{"📍"}</span>
|
||||||
</Link>
|
</Link>
|
||||||
) : (
|
) : (
|
||||||
"\u2014"
|
"—"
|
||||||
)}
|
)}
|
||||||
</td>
|
</td>
|
||||||
<td
|
<td
|
||||||
|
|||||||
@@ -1,6 +1,5 @@
|
|||||||
import { motion, AnimatePresence } from "framer-motion";
|
import FormModal from "./FormModal";
|
||||||
import AdminDatePicker from "./AdminDatePicker";
|
import AdminDatePicker from "./AdminDatePicker";
|
||||||
import useModalLock from "../hooks/useModalLock";
|
|
||||||
|
|
||||||
interface BulkAttendanceForm {
|
interface BulkAttendanceForm {
|
||||||
month: string;
|
month: string;
|
||||||
@@ -17,7 +16,7 @@ interface BulkAttendanceUser {
|
|||||||
}
|
}
|
||||||
|
|
||||||
interface BulkAttendanceModalProps {
|
interface BulkAttendanceModalProps {
|
||||||
show: boolean;
|
isOpen: boolean;
|
||||||
onClose: () => void;
|
onClose: () => void;
|
||||||
form: BulkAttendanceForm;
|
form: BulkAttendanceForm;
|
||||||
setForm: (form: BulkAttendanceForm) => void;
|
setForm: (form: BulkAttendanceForm) => void;
|
||||||
@@ -29,7 +28,7 @@ interface BulkAttendanceModalProps {
|
|||||||
}
|
}
|
||||||
|
|
||||||
export default function BulkAttendanceModal({
|
export default function BulkAttendanceModal({
|
||||||
show,
|
isOpen,
|
||||||
onClose,
|
onClose,
|
||||||
form,
|
form,
|
||||||
setForm,
|
setForm,
|
||||||
@@ -39,174 +38,128 @@ export default function BulkAttendanceModal({
|
|||||||
toggleUser,
|
toggleUser,
|
||||||
toggleAllUsers,
|
toggleAllUsers,
|
||||||
}: BulkAttendanceModalProps) {
|
}: BulkAttendanceModalProps) {
|
||||||
useModalLock(show);
|
|
||||||
|
|
||||||
return (
|
return (
|
||||||
<AnimatePresence>
|
<FormModal
|
||||||
{show && (
|
isOpen={isOpen}
|
||||||
<motion.div
|
onClose={onClose}
|
||||||
className="admin-modal-overlay"
|
title="Vyplnit docházku za měsíc"
|
||||||
initial={{ opacity: 0 }}
|
size="lg"
|
||||||
animate={{ opacity: 1 }}
|
loading={submitting}
|
||||||
exit={{ opacity: 0 }}
|
onSubmit={onSubmit}
|
||||||
transition={{ duration: 0.2 }}
|
submitLabel="Vyplnit měsíc"
|
||||||
>
|
submitDisabled={form.user_ids.length === 0}
|
||||||
<div
|
>
|
||||||
className="admin-modal-backdrop"
|
<p
|
||||||
onClick={() => !submitting && onClose()}
|
style={{
|
||||||
|
color: "var(--text-secondary)",
|
||||||
|
marginTop: "0.25rem",
|
||||||
|
marginBottom: "1rem",
|
||||||
|
fontSize: "0.875rem",
|
||||||
|
}}
|
||||||
|
>
|
||||||
|
Vytvoří záznamy pro všechny pracovní dny. Svátky se automaticky označí.
|
||||||
|
Existující záznamy se přeskočí.
|
||||||
|
</p>
|
||||||
|
|
||||||
|
<div className="admin-form">
|
||||||
|
<div className="admin-form-group">
|
||||||
|
<label className="admin-form-label">Měsíc</label>
|
||||||
|
<AdminDatePicker
|
||||||
|
mode="month"
|
||||||
|
value={form.month}
|
||||||
|
onChange={(val) => setForm({ ...form, month: val })}
|
||||||
/>
|
/>
|
||||||
<motion.div
|
</div>
|
||||||
className="admin-modal admin-modal-lg"
|
|
||||||
initial={{ opacity: 0, scale: 0.95, y: 20 }}
|
<div className="admin-form-group">
|
||||||
animate={{ opacity: 1, scale: 1, y: 0 }}
|
<label className="admin-form-label">
|
||||||
exit={{ opacity: 0, scale: 0.95, y: 20 }}
|
Zaměstnanci
|
||||||
transition={{ duration: 0.2 }}
|
<button
|
||||||
|
type="button"
|
||||||
|
onClick={toggleAllUsers}
|
||||||
|
style={{
|
||||||
|
marginLeft: "0.75rem",
|
||||||
|
background: "none",
|
||||||
|
border: "none",
|
||||||
|
color: "var(--accent-color)",
|
||||||
|
cursor: "pointer",
|
||||||
|
fontSize: "0.8125rem",
|
||||||
|
fontWeight: 500,
|
||||||
|
padding: 0,
|
||||||
|
}}
|
||||||
|
>
|
||||||
|
{form.user_ids.length === users.length
|
||||||
|
? "Odznačit vše"
|
||||||
|
: "Vybrat vše"}
|
||||||
|
</button>
|
||||||
|
</label>
|
||||||
|
<div
|
||||||
|
style={{
|
||||||
|
display: "flex",
|
||||||
|
flexDirection: "column",
|
||||||
|
gap: "0.375rem",
|
||||||
|
maxHeight: "200px",
|
||||||
|
overflowY: "auto",
|
||||||
|
padding: "0.75rem",
|
||||||
|
background: "var(--bg-tertiary)",
|
||||||
|
borderRadius: "var(--border-radius-sm)",
|
||||||
|
border: "1px solid var(--border-color)",
|
||||||
|
}}
|
||||||
>
|
>
|
||||||
<div className="admin-modal-header">
|
{users.map((user) => (
|
||||||
<h2 className="admin-modal-title">Vyplnit docházku za měsíc</h2>
|
<label key={user.id} className="admin-form-checkbox">
|
||||||
<p
|
<input
|
||||||
style={{
|
type="checkbox"
|
||||||
color: "var(--text-secondary)",
|
checked={form.user_ids.includes(String(user.id))}
|
||||||
marginTop: "0.25rem",
|
onChange={() => toggleUser(user.id)}
|
||||||
fontSize: "0.875rem",
|
/>
|
||||||
}}
|
<span>{user.name}</span>
|
||||||
>
|
</label>
|
||||||
Vytvoří záznamy pro všechny pracovní dny. Svátky se automaticky
|
))}
|
||||||
označí. Existující záznamy se přeskočí.
|
</div>
|
||||||
</p>
|
<small className="admin-form-hint">
|
||||||
</div>
|
Vybráno: {form.user_ids.length} z {users.length}
|
||||||
|
</small>
|
||||||
|
</div>
|
||||||
|
|
||||||
<div className="admin-modal-body">
|
<div className="admin-form-row">
|
||||||
<div className="admin-form">
|
<div className="admin-form-group">
|
||||||
<div className="admin-form-group">
|
<label className="admin-form-label">Příchod</label>
|
||||||
<label className="admin-form-label">Měsíc</label>
|
<AdminDatePicker
|
||||||
<AdminDatePicker
|
mode="time"
|
||||||
mode="month"
|
value={form.arrival_time}
|
||||||
value={form.month}
|
onChange={(val) => setForm({ ...form, arrival_time: val })}
|
||||||
onChange={(val) => setForm({ ...form, month: val })}
|
/>
|
||||||
/>
|
</div>
|
||||||
</div>
|
<div className="admin-form-group">
|
||||||
|
<label className="admin-form-label">Odchod</label>
|
||||||
|
<AdminDatePicker
|
||||||
|
mode="time"
|
||||||
|
value={form.departure_time}
|
||||||
|
onChange={(val) => setForm({ ...form, departure_time: val })}
|
||||||
|
/>
|
||||||
|
</div>
|
||||||
|
</div>
|
||||||
|
|
||||||
<div className="admin-form-group">
|
<div className="admin-form-row">
|
||||||
<label className="admin-form-label">
|
<div className="admin-form-group">
|
||||||
Zaměstnanci
|
<label className="admin-form-label">Začátek pauzy</label>
|
||||||
<button
|
<AdminDatePicker
|
||||||
type="button"
|
mode="time"
|
||||||
onClick={toggleAllUsers}
|
value={form.break_start_time}
|
||||||
style={{
|
onChange={(val) => setForm({ ...form, break_start_time: val })}
|
||||||
marginLeft: "0.75rem",
|
/>
|
||||||
background: "none",
|
</div>
|
||||||
border: "none",
|
<div className="admin-form-group">
|
||||||
color: "var(--accent-color)",
|
<label className="admin-form-label">Konec pauzy</label>
|
||||||
cursor: "pointer",
|
<AdminDatePicker
|
||||||
fontSize: "0.8125rem",
|
mode="time"
|
||||||
fontWeight: 500,
|
value={form.break_end_time}
|
||||||
padding: 0,
|
onChange={(val) => setForm({ ...form, break_end_time: val })}
|
||||||
}}
|
/>
|
||||||
>
|
</div>
|
||||||
{form.user_ids.length === users.length
|
</div>
|
||||||
? "Odznačit vše"
|
</div>
|
||||||
: "Vybrat vše"}
|
</FormModal>
|
||||||
</button>
|
|
||||||
</label>
|
|
||||||
<div
|
|
||||||
style={{
|
|
||||||
display: "flex",
|
|
||||||
flexDirection: "column",
|
|
||||||
gap: "0.375rem",
|
|
||||||
maxHeight: "200px",
|
|
||||||
overflowY: "auto",
|
|
||||||
padding: "0.75rem",
|
|
||||||
background: "var(--bg-tertiary)",
|
|
||||||
borderRadius: "var(--border-radius-sm)",
|
|
||||||
border: "1px solid var(--border-color)",
|
|
||||||
}}
|
|
||||||
>
|
|
||||||
{users.map((user) => (
|
|
||||||
<label key={user.id} className="admin-form-checkbox">
|
|
||||||
<input
|
|
||||||
type="checkbox"
|
|
||||||
checked={form.user_ids.includes(String(user.id))}
|
|
||||||
onChange={() => toggleUser(user.id)}
|
|
||||||
/>
|
|
||||||
<span>{user.name}</span>
|
|
||||||
</label>
|
|
||||||
))}
|
|
||||||
</div>
|
|
||||||
<small className="admin-form-hint">
|
|
||||||
Vybráno: {form.user_ids.length} z {users.length}
|
|
||||||
</small>
|
|
||||||
</div>
|
|
||||||
|
|
||||||
<div className="admin-form-row">
|
|
||||||
<div className="admin-form-group">
|
|
||||||
<label className="admin-form-label">Příchod</label>
|
|
||||||
<AdminDatePicker
|
|
||||||
mode="time"
|
|
||||||
value={form.arrival_time}
|
|
||||||
onChange={(val) =>
|
|
||||||
setForm({ ...form, arrival_time: val })
|
|
||||||
}
|
|
||||||
/>
|
|
||||||
</div>
|
|
||||||
<div className="admin-form-group">
|
|
||||||
<label className="admin-form-label">Odchod</label>
|
|
||||||
<AdminDatePicker
|
|
||||||
mode="time"
|
|
||||||
value={form.departure_time}
|
|
||||||
onChange={(val) =>
|
|
||||||
setForm({ ...form, departure_time: val })
|
|
||||||
}
|
|
||||||
/>
|
|
||||||
</div>
|
|
||||||
</div>
|
|
||||||
|
|
||||||
<div className="admin-form-row">
|
|
||||||
<div className="admin-form-group">
|
|
||||||
<label className="admin-form-label">Začátek pauzy</label>
|
|
||||||
<AdminDatePicker
|
|
||||||
mode="time"
|
|
||||||
value={form.break_start_time}
|
|
||||||
onChange={(val) =>
|
|
||||||
setForm({ ...form, break_start_time: val })
|
|
||||||
}
|
|
||||||
/>
|
|
||||||
</div>
|
|
||||||
<div className="admin-form-group">
|
|
||||||
<label className="admin-form-label">Konec pauzy</label>
|
|
||||||
<AdminDatePicker
|
|
||||||
mode="time"
|
|
||||||
value={form.break_end_time}
|
|
||||||
onChange={(val) =>
|
|
||||||
setForm({ ...form, break_end_time: val })
|
|
||||||
}
|
|
||||||
/>
|
|
||||||
</div>
|
|
||||||
</div>
|
|
||||||
</div>
|
|
||||||
</div>
|
|
||||||
|
|
||||||
<div className="admin-modal-footer">
|
|
||||||
<button
|
|
||||||
type="button"
|
|
||||||
onClick={onClose}
|
|
||||||
className="admin-btn admin-btn-secondary"
|
|
||||||
disabled={submitting}
|
|
||||||
>
|
|
||||||
Zrušit
|
|
||||||
</button>
|
|
||||||
<button
|
|
||||||
type="button"
|
|
||||||
onClick={onSubmit}
|
|
||||||
className="admin-btn admin-btn-primary"
|
|
||||||
disabled={submitting || form.user_ids.length === 0}
|
|
||||||
>
|
|
||||||
{submitting ? "Vytvářím záznamy..." : "Vyplnit měsíc"}
|
|
||||||
</button>
|
|
||||||
</div>
|
|
||||||
</motion.div>
|
|
||||||
</motion.div>
|
|
||||||
)}
|
|
||||||
</AnimatePresence>
|
|
||||||
);
|
);
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -1,5 +1,7 @@
|
|||||||
import type { ReactNode } from "react";
|
import { useEffect, type ReactNode } from "react";
|
||||||
import { motion, AnimatePresence } from "framer-motion";
|
import { motion, AnimatePresence } from "framer-motion";
|
||||||
|
import useReducedMotion from "../hooks/useReducedMotion";
|
||||||
|
import useModalLock from "../hooks/useModalLock";
|
||||||
|
|
||||||
interface ConfirmModalProps {
|
interface ConfirmModalProps {
|
||||||
isOpen: boolean;
|
isOpen: boolean;
|
||||||
@@ -14,6 +16,71 @@ interface ConfirmModalProps {
|
|||||||
loading?: boolean;
|
loading?: boolean;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
function ConfirmIcon({ type }: { type: string }) {
|
||||||
|
switch (type) {
|
||||||
|
case "danger":
|
||||||
|
return (
|
||||||
|
<svg
|
||||||
|
width="24"
|
||||||
|
height="24"
|
||||||
|
viewBox="0 0 24 24"
|
||||||
|
fill="none"
|
||||||
|
stroke="currentColor"
|
||||||
|
strokeWidth="2"
|
||||||
|
>
|
||||||
|
<circle cx="12" cy="12" r="10" />
|
||||||
|
<line x1="15" y1="9" x2="9" y2="15" />
|
||||||
|
<line x1="9" y1="9" x2="15" y2="15" />
|
||||||
|
</svg>
|
||||||
|
);
|
||||||
|
case "info":
|
||||||
|
return (
|
||||||
|
<svg
|
||||||
|
width="24"
|
||||||
|
height="24"
|
||||||
|
viewBox="0 0 24 24"
|
||||||
|
fill="none"
|
||||||
|
stroke="currentColor"
|
||||||
|
strokeWidth="2"
|
||||||
|
>
|
||||||
|
<circle cx="12" cy="12" r="10" />
|
||||||
|
<line x1="12" y1="16" x2="12" y2="12" />
|
||||||
|
<line x1="12" y1="8" x2="12.01" y2="8" />
|
||||||
|
</svg>
|
||||||
|
);
|
||||||
|
case "warning":
|
||||||
|
return (
|
||||||
|
<svg
|
||||||
|
width="24"
|
||||||
|
height="24"
|
||||||
|
viewBox="0 0 24 24"
|
||||||
|
fill="none"
|
||||||
|
stroke="currentColor"
|
||||||
|
strokeWidth="2"
|
||||||
|
>
|
||||||
|
<path d="M10.29 3.86L1.82 18a2 2 0 0 0 1.71 3h16.94a2 2 0 0 0 1.71-3L13.71 3.86a2 2 0 0 0-3.42 0z" />
|
||||||
|
<line x1="12" y1="9" x2="12" y2="13" />
|
||||||
|
<line x1="12" y1="17" x2="12.01" y2="17" />
|
||||||
|
</svg>
|
||||||
|
);
|
||||||
|
default:
|
||||||
|
return (
|
||||||
|
<svg
|
||||||
|
width="24"
|
||||||
|
height="24"
|
||||||
|
viewBox="0 0 24 24"
|
||||||
|
fill="none"
|
||||||
|
stroke="currentColor"
|
||||||
|
strokeWidth="2"
|
||||||
|
>
|
||||||
|
<circle cx="12" cy="12" r="10" />
|
||||||
|
<line x1="12" y1="16" x2="12" y2="12" />
|
||||||
|
<line x1="12" y1="8" x2="12.01" y2="8" />
|
||||||
|
</svg>
|
||||||
|
);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
export default function ConfirmModal({
|
export default function ConfirmModal({
|
||||||
isOpen,
|
isOpen,
|
||||||
onClose,
|
onClose,
|
||||||
@@ -26,6 +93,25 @@ export default function ConfirmModal({
|
|||||||
confirmVariant,
|
confirmVariant,
|
||||||
loading,
|
loading,
|
||||||
}: ConfirmModalProps) {
|
}: ConfirmModalProps) {
|
||||||
|
const reducedMotion = useReducedMotion();
|
||||||
|
// Lock body scroll while open (ref-counted, nesting-safe) — matches FormModal.
|
||||||
|
useModalLock(isOpen);
|
||||||
|
useEffect(() => {
|
||||||
|
if (!isOpen) return;
|
||||||
|
|
||||||
|
function handleKeyDown(e: KeyboardEvent) {
|
||||||
|
if (e.key === "Escape" && !loading) {
|
||||||
|
onClose();
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
window.addEventListener("keydown", handleKeyDown);
|
||||||
|
return () => window.removeEventListener("keydown", handleKeyDown);
|
||||||
|
}, [isOpen, loading, onClose]);
|
||||||
|
|
||||||
|
const duration = reducedMotion ? 0 : 0.22;
|
||||||
|
const ease = [0.16, 1, 0.3, 1] as const;
|
||||||
|
|
||||||
return (
|
return (
|
||||||
<AnimatePresence>
|
<AnimatePresence>
|
||||||
{isOpen && (
|
{isOpen && (
|
||||||
@@ -34,32 +120,29 @@ export default function ConfirmModal({
|
|||||||
initial={{ opacity: 0 }}
|
initial={{ opacity: 0 }}
|
||||||
animate={{ opacity: 1 }}
|
animate={{ opacity: 1 }}
|
||||||
exit={{ opacity: 0 }}
|
exit={{ opacity: 0 }}
|
||||||
transition={{ duration: 0.2 }}
|
transition={{ duration: reducedMotion ? 0 : 0.18 }}
|
||||||
>
|
>
|
||||||
<div className="admin-modal-backdrop" onClick={onClose} />
|
<div
|
||||||
|
className="admin-modal-backdrop"
|
||||||
|
onClick={() => !loading && onClose()}
|
||||||
|
/>
|
||||||
<motion.div
|
<motion.div
|
||||||
className="admin-modal admin-confirm-modal"
|
className="admin-modal admin-confirm-modal"
|
||||||
initial={{ opacity: 0, scale: 0.95, y: 20 }}
|
role="dialog"
|
||||||
|
aria-modal="true"
|
||||||
|
aria-labelledby="confirm-modal-title"
|
||||||
|
initial={{ opacity: 0, scale: 0.96, y: 16 }}
|
||||||
animate={{ opacity: 1, scale: 1, y: 0 }}
|
animate={{ opacity: 1, scale: 1, y: 0 }}
|
||||||
exit={{ opacity: 0, scale: 0.95, y: 20 }}
|
exit={{ opacity: 0, scale: 0.97, y: 8 }}
|
||||||
transition={{ duration: 0.2 }}
|
transition={{ duration, ease }}
|
||||||
>
|
>
|
||||||
<div className="admin-modal-body admin-confirm-content">
|
<div className="admin-modal-body admin-confirm-content">
|
||||||
<div className={`admin-confirm-icon admin-confirm-icon-${type}`}>
|
<div className={`admin-confirm-icon admin-confirm-icon-${type}`}>
|
||||||
<svg
|
<ConfirmIcon type={type} />
|
||||||
width="24"
|
|
||||||
height="24"
|
|
||||||
viewBox="0 0 24 24"
|
|
||||||
fill="none"
|
|
||||||
stroke="currentColor"
|
|
||||||
strokeWidth="2"
|
|
||||||
>
|
|
||||||
<path d="M10.29 3.86L1.82 18a2 2 0 0 0 1.71 3h16.94a2 2 0 0 0 1.71-3L13.71 3.86a2 2 0 0 0-3.42 0z" />
|
|
||||||
<line x1="12" y1="9" x2="12" y2="13" />
|
|
||||||
<line x1="12" y1="17" x2="12.01" y2="17" />
|
|
||||||
</svg>
|
|
||||||
</div>
|
</div>
|
||||||
<h2 className="admin-confirm-title">{title}</h2>
|
<h2 id="confirm-modal-title" className="admin-confirm-title">
|
||||||
|
{title}
|
||||||
|
</h2>
|
||||||
<p className="admin-confirm-message">{message}</p>
|
<p className="admin-confirm-message">{message}</p>
|
||||||
</div>
|
</div>
|
||||||
<div className="admin-modal-footer">
|
<div className="admin-modal-footer">
|
||||||
|
|||||||
@@ -1,4 +1,10 @@
|
|||||||
import type { CSSProperties, ReactNode } from "react";
|
import {
|
||||||
|
type CSSProperties,
|
||||||
|
type ReactNode,
|
||||||
|
isValidElement,
|
||||||
|
cloneElement,
|
||||||
|
useId,
|
||||||
|
} from "react";
|
||||||
|
|
||||||
interface FormFieldProps {
|
interface FormFieldProps {
|
||||||
label: ReactNode;
|
label: ReactNode;
|
||||||
@@ -15,13 +21,22 @@ export default function FormField({
|
|||||||
required,
|
required,
|
||||||
style,
|
style,
|
||||||
}: FormFieldProps) {
|
}: FormFieldProps) {
|
||||||
|
const generatedId = useId();
|
||||||
|
const childProps = isValidElement(children)
|
||||||
|
? (children.props as Record<string, unknown>)
|
||||||
|
: null;
|
||||||
|
const childId = childProps?.id ? String(childProps.id) : generatedId;
|
||||||
|
const childWithId = isValidElement(children)
|
||||||
|
? cloneElement(children, { id: childId } as React.Attributes)
|
||||||
|
: children;
|
||||||
|
|
||||||
return (
|
return (
|
||||||
<div className="admin-form-group" style={style}>
|
<div className="admin-form-group" style={style}>
|
||||||
<label className="admin-form-label">
|
<label className="admin-form-label" htmlFor={childId}>
|
||||||
{label}
|
{label}
|
||||||
{required && <span className="admin-form-required"> *</span>}
|
{required && <span className="admin-form-required"> *</span>}
|
||||||
</label>
|
</label>
|
||||||
{children}
|
{childWithId}
|
||||||
{error && <span className="admin-form-error">{error}</span>}
|
{error && <span className="admin-form-error">{error}</span>}
|
||||||
</div>
|
</div>
|
||||||
);
|
);
|
||||||
|
|||||||
201
src/admin/components/FormModal.tsx
Normal file
201
src/admin/components/FormModal.tsx
Normal file
@@ -0,0 +1,201 @@
|
|||||||
|
import {
|
||||||
|
useEffect,
|
||||||
|
type ReactNode,
|
||||||
|
type FormEvent,
|
||||||
|
Children,
|
||||||
|
isValidElement,
|
||||||
|
cloneElement,
|
||||||
|
} from "react";
|
||||||
|
import { motion, AnimatePresence } from "framer-motion";
|
||||||
|
import useModalLock from "../hooks/useModalLock";
|
||||||
|
import useReducedMotion from "../hooks/useReducedMotion";
|
||||||
|
|
||||||
|
export interface FormModalProps {
|
||||||
|
isOpen: boolean;
|
||||||
|
onClose: () => void;
|
||||||
|
onSubmit?: () => void; // called when user clicks primary button (only if provided)
|
||||||
|
title: string;
|
||||||
|
/** Optional muted line shown under the title in the header. */
|
||||||
|
subtitle?: ReactNode;
|
||||||
|
children: ReactNode; // modal body (form fields)
|
||||||
|
submitLabel?: string; // primary button text
|
||||||
|
cancelLabel?: string; // cancel button text
|
||||||
|
loading?: boolean;
|
||||||
|
/** Disable the primary (submit) button — e.g. until the form is valid.
|
||||||
|
* Keeps the button visibly greyed out instead of clickable-but-inert. */
|
||||||
|
submitDisabled?: boolean;
|
||||||
|
hideFooter?: boolean; // for "view-only" modals
|
||||||
|
size?: "sm" | "md" | "lg"; // optional
|
||||||
|
closeOnBackdrop?: boolean; // default true
|
||||||
|
closeOnEsc?: boolean; // default true
|
||||||
|
/** Slot for footer-left actions (e.g. delete). Rendered to the LEFT of
|
||||||
|
* the standard cancel/submit group in the modal footer. */
|
||||||
|
footerLeft?: ReactNode;
|
||||||
|
/** Hide the close × in the header. Default false. */
|
||||||
|
hideCloseButton?: boolean;
|
||||||
|
}
|
||||||
|
|
||||||
|
export default function FormModal({
|
||||||
|
isOpen,
|
||||||
|
onClose,
|
||||||
|
onSubmit,
|
||||||
|
title,
|
||||||
|
subtitle,
|
||||||
|
children,
|
||||||
|
submitLabel = "Uložit",
|
||||||
|
cancelLabel = "Zrušit",
|
||||||
|
loading = false,
|
||||||
|
submitDisabled = false,
|
||||||
|
hideFooter = false,
|
||||||
|
size = "md",
|
||||||
|
closeOnBackdrop = true,
|
||||||
|
closeOnEsc = true,
|
||||||
|
footerLeft,
|
||||||
|
hideCloseButton = false,
|
||||||
|
}: FormModalProps) {
|
||||||
|
useModalLock(isOpen);
|
||||||
|
const reducedMotion = useReducedMotion();
|
||||||
|
|
||||||
|
useEffect(() => {
|
||||||
|
if (!isOpen || !closeOnEsc) return;
|
||||||
|
|
||||||
|
function handleKeyDown(e: KeyboardEvent) {
|
||||||
|
if (e.key === "Escape" && !loading) {
|
||||||
|
onClose();
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
window.addEventListener("keydown", handleKeyDown);
|
||||||
|
return () => window.removeEventListener("keydown", handleKeyDown);
|
||||||
|
}, [isOpen, closeOnEsc, loading, onClose]);
|
||||||
|
|
||||||
|
const handleBackdropClick = () => {
|
||||||
|
if (closeOnBackdrop && !loading) onClose();
|
||||||
|
};
|
||||||
|
|
||||||
|
const handlePrimaryClick = (e: FormEvent) => {
|
||||||
|
e.preventDefault();
|
||||||
|
if (onSubmit) onSubmit();
|
||||||
|
};
|
||||||
|
|
||||||
|
const titleId = "form-modal-title";
|
||||||
|
const modalClassName =
|
||||||
|
size === "lg" ? "admin-modal admin-modal-lg" : "admin-modal";
|
||||||
|
|
||||||
|
// Snappier ease curve for modal entry — matches the "industrial/refined"
|
||||||
|
// tone. Roughly equivalent to the cubic-bezier(0.16, 1, 0.3, 1) used by
|
||||||
|
// a lot of design systems for "expo out" feel.
|
||||||
|
const ease = [0.16, 1, 0.3, 1] as const;
|
||||||
|
const duration = reducedMotion ? 0 : 0.22;
|
||||||
|
// Stagger the body children slightly for a "drawing-in" reveal. We cap
|
||||||
|
// the cascade so long forms don't drag on forever.
|
||||||
|
const childrenArray = Children.toArray(children).filter(isValidElement);
|
||||||
|
const stagger = reducedMotion ? 0 : Math.min(childrenArray.length, 5) * 0.03;
|
||||||
|
|
||||||
|
return (
|
||||||
|
<AnimatePresence>
|
||||||
|
{isOpen && (
|
||||||
|
<motion.div
|
||||||
|
className="admin-modal-overlay"
|
||||||
|
initial={{ opacity: 0 }}
|
||||||
|
animate={{ opacity: 1 }}
|
||||||
|
exit={{ opacity: 0 }}
|
||||||
|
transition={{ duration: reducedMotion ? 0 : 0.18 }}
|
||||||
|
>
|
||||||
|
<div className="admin-modal-backdrop" onClick={handleBackdropClick} />
|
||||||
|
<motion.div
|
||||||
|
className={modalClassName}
|
||||||
|
role="dialog"
|
||||||
|
aria-modal="true"
|
||||||
|
aria-labelledby={titleId}
|
||||||
|
initial={{ opacity: 0, scale: 0.96, y: 16 }}
|
||||||
|
animate={{ opacity: 1, scale: 1, y: 0 }}
|
||||||
|
exit={{ opacity: 0, scale: 0.97, y: 8 }}
|
||||||
|
transition={{ duration, ease }}
|
||||||
|
>
|
||||||
|
<div className="admin-modal-header">
|
||||||
|
<div className="admin-modal-heading">
|
||||||
|
<h2 id={titleId} className="admin-modal-title">
|
||||||
|
{title}
|
||||||
|
</h2>
|
||||||
|
{subtitle && <p className="admin-modal-subtitle">{subtitle}</p>}
|
||||||
|
</div>
|
||||||
|
{!hideCloseButton && (
|
||||||
|
<button
|
||||||
|
type="button"
|
||||||
|
className="admin-modal-close"
|
||||||
|
onClick={() => !loading && onClose()}
|
||||||
|
aria-label="Zavřít"
|
||||||
|
title="Zavřít (Esc)"
|
||||||
|
disabled={loading}
|
||||||
|
>
|
||||||
|
<svg
|
||||||
|
width="18"
|
||||||
|
height="18"
|
||||||
|
viewBox="0 0 24 24"
|
||||||
|
fill="none"
|
||||||
|
stroke="currentColor"
|
||||||
|
strokeWidth="2"
|
||||||
|
strokeLinecap="round"
|
||||||
|
strokeLinejoin="round"
|
||||||
|
aria-hidden
|
||||||
|
>
|
||||||
|
<line x1="18" y1="6" x2="6" y2="18" />
|
||||||
|
<line x1="6" y1="6" x2="18" y2="18" />
|
||||||
|
</svg>
|
||||||
|
</button>
|
||||||
|
)}
|
||||||
|
</div>
|
||||||
|
|
||||||
|
<div className="admin-modal-body">
|
||||||
|
{reducedMotion || stagger === 0
|
||||||
|
? children
|
||||||
|
: Children.map(children, (child, i) => {
|
||||||
|
if (!isValidElement(child)) return child;
|
||||||
|
return (
|
||||||
|
<motion.div
|
||||||
|
initial={{ opacity: 0, y: 6 }}
|
||||||
|
animate={{ opacity: 1, y: 0 }}
|
||||||
|
transition={{
|
||||||
|
duration: 0.2,
|
||||||
|
delay: 0.04 + i * 0.03,
|
||||||
|
ease: "easeOut",
|
||||||
|
}}
|
||||||
|
>
|
||||||
|
{cloneElement(child)}
|
||||||
|
</motion.div>
|
||||||
|
);
|
||||||
|
})}
|
||||||
|
</div>
|
||||||
|
|
||||||
|
{!hideFooter && (
|
||||||
|
<div className="admin-modal-footer">
|
||||||
|
<div className="admin-modal-footer-left">{footerLeft}</div>
|
||||||
|
<div className="admin-modal-footer-right">
|
||||||
|
<button
|
||||||
|
type="button"
|
||||||
|
onClick={() => !loading && onClose()}
|
||||||
|
className="admin-btn admin-btn-secondary"
|
||||||
|
disabled={loading}
|
||||||
|
>
|
||||||
|
{cancelLabel}
|
||||||
|
</button>
|
||||||
|
{onSubmit && (
|
||||||
|
<button
|
||||||
|
type="button"
|
||||||
|
onClick={handlePrimaryClick}
|
||||||
|
className="admin-btn admin-btn-primary"
|
||||||
|
disabled={loading || submitDisabled}
|
||||||
|
>
|
||||||
|
{loading ? "Zpracování..." : submitLabel}
|
||||||
|
</button>
|
||||||
|
)}
|
||||||
|
</div>
|
||||||
|
</div>
|
||||||
|
)}
|
||||||
|
</motion.div>
|
||||||
|
</motion.div>
|
||||||
|
)}
|
||||||
|
</AnimatePresence>
|
||||||
|
);
|
||||||
|
}
|
||||||
352
src/admin/components/OrderConfirmationModal.tsx
Normal file
352
src/admin/components/OrderConfirmationModal.tsx
Normal file
@@ -0,0 +1,352 @@
|
|||||||
|
import { useState, useCallback } from "react";
|
||||||
|
import FormModal from "./FormModal";
|
||||||
|
import { useAlert } from "../context/AlertContext";
|
||||||
|
|
||||||
|
interface ConfirmationItem {
|
||||||
|
description: string;
|
||||||
|
quantity: number;
|
||||||
|
unit: string;
|
||||||
|
unit_price: number;
|
||||||
|
is_included_in_total: boolean;
|
||||||
|
vat_rate: number;
|
||||||
|
}
|
||||||
|
|
||||||
|
interface OrderConfirmationModalProps {
|
||||||
|
isOpen: boolean;
|
||||||
|
onClose: () => void;
|
||||||
|
onGenerate: (
|
||||||
|
lang: string,
|
||||||
|
applyVat: boolean,
|
||||||
|
items?: ConfirmationItem[],
|
||||||
|
) => Promise<void>;
|
||||||
|
initialItems: ConfirmationItem[];
|
||||||
|
orderNumber: string;
|
||||||
|
defaultVatRate: number;
|
||||||
|
applyVat: boolean;
|
||||||
|
}
|
||||||
|
|
||||||
|
export default function OrderConfirmationModal({
|
||||||
|
isOpen,
|
||||||
|
onClose,
|
||||||
|
onGenerate,
|
||||||
|
initialItems,
|
||||||
|
orderNumber,
|
||||||
|
defaultVatRate,
|
||||||
|
applyVat,
|
||||||
|
}: OrderConfirmationModalProps) {
|
||||||
|
const alert = useAlert();
|
||||||
|
const [step, setStep] = useState<"choose" | "edit">("choose");
|
||||||
|
const [lang, setLang] = useState<string>("cs");
|
||||||
|
const [applyVatState, setApplyVatState] = useState(applyVat);
|
||||||
|
const [items, setItems] = useState<ConfirmationItem[]>(initialItems);
|
||||||
|
const [loading, setLoading] = useState(false);
|
||||||
|
|
||||||
|
const handleUseExisting = async () => {
|
||||||
|
setLoading(true);
|
||||||
|
try {
|
||||||
|
await onGenerate(lang, applyVatState, undefined);
|
||||||
|
} catch (err) {
|
||||||
|
console.error("Chyba při generování potvrzení:", err);
|
||||||
|
alert.error("Nepodařilo se vygenerovat potvrzení");
|
||||||
|
} finally {
|
||||||
|
setLoading(false);
|
||||||
|
setStep("choose");
|
||||||
|
onClose();
|
||||||
|
}
|
||||||
|
};
|
||||||
|
|
||||||
|
const handleEditGenerate = async () => {
|
||||||
|
setLoading(true);
|
||||||
|
try {
|
||||||
|
await onGenerate(lang, applyVatState, items);
|
||||||
|
} catch (err) {
|
||||||
|
console.error("Chyba při generování potvrzení:", err);
|
||||||
|
alert.error("Nepodařilo se vygenerovat potvrzení");
|
||||||
|
} finally {
|
||||||
|
setLoading(false);
|
||||||
|
setStep("choose");
|
||||||
|
onClose();
|
||||||
|
}
|
||||||
|
};
|
||||||
|
|
||||||
|
const updateItem = useCallback(
|
||||||
|
(
|
||||||
|
index: number,
|
||||||
|
field: keyof ConfirmationItem,
|
||||||
|
value: string | number | boolean,
|
||||||
|
) => {
|
||||||
|
setItems((prev) => {
|
||||||
|
const next = [...prev];
|
||||||
|
next[index] = { ...next[index], [field]: value };
|
||||||
|
return next;
|
||||||
|
});
|
||||||
|
},
|
||||||
|
[],
|
||||||
|
);
|
||||||
|
|
||||||
|
const removeItem = useCallback((index: number) => {
|
||||||
|
setItems((prev) => prev.filter((_, i) => i !== index));
|
||||||
|
}, []);
|
||||||
|
|
||||||
|
const addItem = useCallback(() => {
|
||||||
|
setItems((prev) => [
|
||||||
|
...prev,
|
||||||
|
{
|
||||||
|
description: "",
|
||||||
|
quantity: 1,
|
||||||
|
unit: "ks",
|
||||||
|
unit_price: 0,
|
||||||
|
is_included_in_total: true,
|
||||||
|
vat_rate: defaultVatRate,
|
||||||
|
},
|
||||||
|
]);
|
||||||
|
}, [defaultVatRate]);
|
||||||
|
|
||||||
|
return (
|
||||||
|
<FormModal
|
||||||
|
isOpen={isOpen}
|
||||||
|
onClose={onClose}
|
||||||
|
title={`Potvrzení objednávky ${orderNumber}`}
|
||||||
|
size={step === "edit" ? "lg" : "md"}
|
||||||
|
loading={loading}
|
||||||
|
hideFooter
|
||||||
|
>
|
||||||
|
{step === "choose" ? (
|
||||||
|
<div className="admin-form">
|
||||||
|
<div className="admin-form-group">
|
||||||
|
<label className="admin-form-label">Jazyk dokumentu</label>
|
||||||
|
<div className="flex-row gap-2">
|
||||||
|
<button
|
||||||
|
type="button"
|
||||||
|
onClick={() => setLang("cs")}
|
||||||
|
className={
|
||||||
|
lang === "cs"
|
||||||
|
? "admin-btn admin-btn-primary admin-btn-sm"
|
||||||
|
: "admin-btn admin-btn-secondary admin-btn-sm"
|
||||||
|
}
|
||||||
|
>
|
||||||
|
Čeština
|
||||||
|
</button>
|
||||||
|
<button
|
||||||
|
type="button"
|
||||||
|
onClick={() => setLang("en")}
|
||||||
|
className={
|
||||||
|
lang === "en"
|
||||||
|
? "admin-btn admin-btn-primary admin-btn-sm"
|
||||||
|
: "admin-btn admin-btn-secondary admin-btn-sm"
|
||||||
|
}
|
||||||
|
>
|
||||||
|
English
|
||||||
|
</button>
|
||||||
|
</div>
|
||||||
|
</div>
|
||||||
|
|
||||||
|
<div className="admin-form-group">
|
||||||
|
<label className="admin-form-label">DPH</label>
|
||||||
|
<div className="flex-row gap-2">
|
||||||
|
<button
|
||||||
|
type="button"
|
||||||
|
onClick={() => setApplyVatState(true)}
|
||||||
|
className={
|
||||||
|
applyVatState
|
||||||
|
? "admin-btn admin-btn-primary admin-btn-sm"
|
||||||
|
: "admin-btn admin-btn-secondary admin-btn-sm"
|
||||||
|
}
|
||||||
|
>
|
||||||
|
S DPH
|
||||||
|
</button>
|
||||||
|
<button
|
||||||
|
type="button"
|
||||||
|
onClick={() => setApplyVatState(false)}
|
||||||
|
className={
|
||||||
|
!applyVatState
|
||||||
|
? "admin-btn admin-btn-primary admin-btn-sm"
|
||||||
|
: "admin-btn admin-btn-secondary admin-btn-sm"
|
||||||
|
}
|
||||||
|
>
|
||||||
|
Bez DPH
|
||||||
|
</button>
|
||||||
|
</div>
|
||||||
|
</div>
|
||||||
|
|
||||||
|
<div className="admin-form-group">
|
||||||
|
<label className="admin-form-label">Obsah potvrzení</label>
|
||||||
|
<p className="text-secondary" style={{ marginBottom: "0.75rem" }}>
|
||||||
|
Jak chcete připravit potvrzení objednávky?
|
||||||
|
</p>
|
||||||
|
<button
|
||||||
|
onClick={handleUseExisting}
|
||||||
|
disabled={loading}
|
||||||
|
className="admin-btn admin-btn-primary w-full"
|
||||||
|
style={{ marginBottom: "0.5rem" }}
|
||||||
|
>
|
||||||
|
{loading ? (
|
||||||
|
<>
|
||||||
|
<div className="admin-spinner admin-spinner-sm" />
|
||||||
|
Generuji...
|
||||||
|
</>
|
||||||
|
) : (
|
||||||
|
"Použít položky z objednávky"
|
||||||
|
)}
|
||||||
|
</button>
|
||||||
|
<button
|
||||||
|
onClick={() => {
|
||||||
|
setItems(initialItems.length > 0 ? initialItems : []);
|
||||||
|
setStep("edit");
|
||||||
|
}}
|
||||||
|
disabled={loading}
|
||||||
|
className="admin-btn admin-btn-secondary w-full"
|
||||||
|
>
|
||||||
|
Upravit položky
|
||||||
|
</button>
|
||||||
|
</div>
|
||||||
|
|
||||||
|
<div className="admin-modal-footer">
|
||||||
|
<button
|
||||||
|
type="button"
|
||||||
|
onClick={onClose}
|
||||||
|
className="admin-btn admin-btn-secondary"
|
||||||
|
disabled={loading}
|
||||||
|
>
|
||||||
|
Zrušit
|
||||||
|
</button>
|
||||||
|
</div>
|
||||||
|
</div>
|
||||||
|
) : (
|
||||||
|
<div className="admin-form">
|
||||||
|
<div className="admin-table-responsive">
|
||||||
|
<table className="admin-table">
|
||||||
|
<thead>
|
||||||
|
<tr>
|
||||||
|
<th>Popis</th>
|
||||||
|
<th>Mn.</th>
|
||||||
|
<th>Jedn.</th>
|
||||||
|
<th>Cena</th>
|
||||||
|
<th>%DPH</th>
|
||||||
|
<th style={{ width: "40px" }} />
|
||||||
|
</tr>
|
||||||
|
</thead>
|
||||||
|
<tbody>
|
||||||
|
{items.map((item, i) => (
|
||||||
|
<tr key={i}>
|
||||||
|
<td>
|
||||||
|
<input
|
||||||
|
type="text"
|
||||||
|
value={item.description}
|
||||||
|
onChange={(e) =>
|
||||||
|
updateItem(i, "description", e.target.value)
|
||||||
|
}
|
||||||
|
className="admin-form-input"
|
||||||
|
style={{ minWidth: "200px" }}
|
||||||
|
/>
|
||||||
|
</td>
|
||||||
|
<td>
|
||||||
|
<input
|
||||||
|
type="number"
|
||||||
|
value={item.quantity}
|
||||||
|
onChange={(e) =>
|
||||||
|
updateItem(i, "quantity", Number(e.target.value) || 0)
|
||||||
|
}
|
||||||
|
className="admin-form-input"
|
||||||
|
style={{ width: "80px" }}
|
||||||
|
step="0.001"
|
||||||
|
/>
|
||||||
|
</td>
|
||||||
|
<td>
|
||||||
|
<input
|
||||||
|
type="text"
|
||||||
|
value={item.unit}
|
||||||
|
onChange={(e) => updateItem(i, "unit", e.target.value)}
|
||||||
|
className="admin-form-input"
|
||||||
|
style={{ width: "60px" }}
|
||||||
|
/>
|
||||||
|
</td>
|
||||||
|
<td>
|
||||||
|
<input
|
||||||
|
type="number"
|
||||||
|
value={item.unit_price}
|
||||||
|
onChange={(e) =>
|
||||||
|
updateItem(
|
||||||
|
i,
|
||||||
|
"unit_price",
|
||||||
|
Number(e.target.value) || 0,
|
||||||
|
)
|
||||||
|
}
|
||||||
|
className="admin-form-input"
|
||||||
|
style={{ width: "100px" }}
|
||||||
|
step="0.01"
|
||||||
|
/>
|
||||||
|
</td>
|
||||||
|
<td>
|
||||||
|
<input
|
||||||
|
type="number"
|
||||||
|
value={item.vat_rate}
|
||||||
|
onChange={(e) =>
|
||||||
|
updateItem(i, "vat_rate", Number(e.target.value) || 0)
|
||||||
|
}
|
||||||
|
className="admin-form-input"
|
||||||
|
style={{ width: "70px" }}
|
||||||
|
step="1"
|
||||||
|
/>
|
||||||
|
</td>
|
||||||
|
<td>
|
||||||
|
<button
|
||||||
|
onClick={() => removeItem(i)}
|
||||||
|
className="admin-btn-icon danger"
|
||||||
|
title="Odstranit"
|
||||||
|
>
|
||||||
|
<svg
|
||||||
|
width="16"
|
||||||
|
height="16"
|
||||||
|
viewBox="0 0 24 24"
|
||||||
|
fill="none"
|
||||||
|
stroke="currentColor"
|
||||||
|
strokeWidth="2"
|
||||||
|
>
|
||||||
|
<polyline points="3 6 5 6 21 6" />
|
||||||
|
<path d="M19 6v14a2 2 0 0 1-2 2H7a2 2 0 0 1-2-2V6m3 0V4a2 2 0 0 1 2-2h4a2 2 0 0 1 2 2v2" />
|
||||||
|
</svg>
|
||||||
|
</button>
|
||||||
|
</td>
|
||||||
|
</tr>
|
||||||
|
))}
|
||||||
|
</tbody>
|
||||||
|
</table>
|
||||||
|
</div>
|
||||||
|
<button
|
||||||
|
onClick={addItem}
|
||||||
|
className="admin-btn admin-btn-secondary admin-btn-sm"
|
||||||
|
>
|
||||||
|
+ Přidat položku
|
||||||
|
</button>
|
||||||
|
|
||||||
|
<div className="admin-modal-footer">
|
||||||
|
<button
|
||||||
|
type="button"
|
||||||
|
onClick={() => setStep("choose")}
|
||||||
|
className="admin-btn admin-btn-secondary"
|
||||||
|
disabled={loading}
|
||||||
|
>
|
||||||
|
Zpět
|
||||||
|
</button>
|
||||||
|
<button
|
||||||
|
type="button"
|
||||||
|
onClick={handleEditGenerate}
|
||||||
|
className="admin-btn admin-btn-primary"
|
||||||
|
disabled={loading || items.length === 0}
|
||||||
|
>
|
||||||
|
{loading ? (
|
||||||
|
<>
|
||||||
|
<div className="admin-spinner admin-spinner-sm" />
|
||||||
|
Generuji...
|
||||||
|
</>
|
||||||
|
) : (
|
||||||
|
"Vygenerovat PDF"
|
||||||
|
)}
|
||||||
|
</button>
|
||||||
|
</div>
|
||||||
|
</div>
|
||||||
|
)}
|
||||||
|
</FormModal>
|
||||||
|
);
|
||||||
|
}
|
||||||
@@ -36,13 +36,18 @@ export default function Pagination({
|
|||||||
};
|
};
|
||||||
|
|
||||||
return (
|
return (
|
||||||
<div className="admin-pagination">
|
<div
|
||||||
|
className="admin-pagination"
|
||||||
|
role="navigation"
|
||||||
|
aria-label="Stránkování"
|
||||||
|
>
|
||||||
<div className="admin-pagination-info">{total} záznamů</div>
|
<div className="admin-pagination-info">{total} záznamů</div>
|
||||||
<div className="admin-pagination-controls">
|
<div className="admin-pagination-controls">
|
||||||
<button
|
<button
|
||||||
disabled={page <= 1}
|
disabled={page <= 1}
|
||||||
onClick={() => onPageChange(page - 1)}
|
onClick={() => onPageChange(page - 1)}
|
||||||
className="admin-pagination-page"
|
className="admin-pagination-page"
|
||||||
|
aria-label="Předchozí stránka"
|
||||||
>
|
>
|
||||||
<svg
|
<svg
|
||||||
width="16"
|
width="16"
|
||||||
@@ -65,6 +70,8 @@ export default function Pagination({
|
|||||||
key={p}
|
key={p}
|
||||||
onClick={() => onPageChange(p)}
|
onClick={() => onPageChange(p)}
|
||||||
className={`admin-pagination-page ${p === page ? "active" : ""}`}
|
className={`admin-pagination-page ${p === page ? "active" : ""}`}
|
||||||
|
aria-label={`Stránka ${p}`}
|
||||||
|
aria-current={p === page ? "page" : undefined}
|
||||||
>
|
>
|
||||||
{p}
|
{p}
|
||||||
</button>
|
</button>
|
||||||
@@ -74,6 +81,7 @@ export default function Pagination({
|
|||||||
disabled={page >= total_pages}
|
disabled={page >= total_pages}
|
||||||
onClick={() => onPageChange(page + 1)}
|
onClick={() => onPageChange(page + 1)}
|
||||||
className="admin-pagination-page"
|
className="admin-pagination-page"
|
||||||
|
aria-label="Další stránka"
|
||||||
>
|
>
|
||||||
<svg
|
<svg
|
||||||
width="16"
|
width="16"
|
||||||
|
|||||||
210
src/admin/components/PlanCategoriesModal.tsx
Normal file
210
src/admin/components/PlanCategoriesModal.tsx
Normal file
@@ -0,0 +1,210 @@
|
|||||||
|
import { useState } from "react";
|
||||||
|
import FormModal from "./FormModal";
|
||||||
|
import { useApiMutation } from "../lib/queries/mutations";
|
||||||
|
import { useAlert } from "../context/AlertContext";
|
||||||
|
import { PlanCategory } from "../lib/queries/plan";
|
||||||
|
|
||||||
|
interface Props {
|
||||||
|
isOpen: boolean;
|
||||||
|
onClose: () => void;
|
||||||
|
categories: PlanCategory[];
|
||||||
|
}
|
||||||
|
|
||||||
|
const DEFAULT_NEW_COLOR = "#2563eb";
|
||||||
|
|
||||||
|
export default function PlanCategoriesModal({
|
||||||
|
isOpen,
|
||||||
|
onClose,
|
||||||
|
categories,
|
||||||
|
}: Props) {
|
||||||
|
const alert = useAlert();
|
||||||
|
const [newLabel, setNewLabel] = useState("");
|
||||||
|
const [newColor, setNewColor] = useState(DEFAULT_NEW_COLOR);
|
||||||
|
// Id of the row showing the inline "really delete?" confirm, or null.
|
||||||
|
const [confirmDeleteId, setConfirmDeleteId] = useState<number | null>(null);
|
||||||
|
|
||||||
|
const createCat = useApiMutation<
|
||||||
|
{ label: string; color: string },
|
||||||
|
PlanCategory
|
||||||
|
>({
|
||||||
|
url: "/api/admin/plan/categories",
|
||||||
|
method: "POST",
|
||||||
|
invalidate: ["plan", "dashboard", "audit-log"],
|
||||||
|
});
|
||||||
|
const updateCat = useApiMutation<
|
||||||
|
{ id: number; label?: string; color?: string; is_active?: boolean },
|
||||||
|
PlanCategory
|
||||||
|
>({
|
||||||
|
url: (v) => `/api/admin/plan/categories/${v.id}`,
|
||||||
|
method: "PATCH",
|
||||||
|
invalidate: ["plan", "dashboard", "audit-log"],
|
||||||
|
});
|
||||||
|
const deleteCat = useApiMutation<{ id: number }, { ok: true }>({
|
||||||
|
url: (v) => `/api/admin/plan/categories/${v.id}`,
|
||||||
|
method: "DELETE",
|
||||||
|
invalidate: ["plan", "dashboard", "audit-log"],
|
||||||
|
});
|
||||||
|
|
||||||
|
const handleAdd = () => {
|
||||||
|
const label = newLabel.trim();
|
||||||
|
if (!label) {
|
||||||
|
alert.error("Zadejte název kategorie");
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
createCat.mutate(
|
||||||
|
{ label, color: newColor },
|
||||||
|
{
|
||||||
|
onSuccess: () => {
|
||||||
|
setNewLabel("");
|
||||||
|
setNewColor(DEFAULT_NEW_COLOR);
|
||||||
|
},
|
||||||
|
onError: (e) => alert.error(e.message),
|
||||||
|
},
|
||||||
|
);
|
||||||
|
};
|
||||||
|
|
||||||
|
const patch = (
|
||||||
|
id: number,
|
||||||
|
body: { label?: string; color?: string; is_active?: boolean },
|
||||||
|
) => {
|
||||||
|
updateCat.mutate(
|
||||||
|
{ id, ...body },
|
||||||
|
{ onError: (e) => alert.error(e.message) },
|
||||||
|
);
|
||||||
|
};
|
||||||
|
|
||||||
|
const handleDelete = (id: number) => {
|
||||||
|
deleteCat.mutate(
|
||||||
|
{ id },
|
||||||
|
{
|
||||||
|
onSuccess: () => setConfirmDeleteId(null),
|
||||||
|
// Server blocks deleting a category that is still in use (409) — show
|
||||||
|
// the Czech message ("…můžete ji skrýt") and keep the row.
|
||||||
|
onError: (e) => {
|
||||||
|
alert.error(e.message);
|
||||||
|
setConfirmDeleteId(null);
|
||||||
|
},
|
||||||
|
},
|
||||||
|
);
|
||||||
|
};
|
||||||
|
|
||||||
|
const busy =
|
||||||
|
createCat.isPending || updateCat.isPending || deleteCat.isPending;
|
||||||
|
|
||||||
|
return (
|
||||||
|
<FormModal
|
||||||
|
isOpen={isOpen}
|
||||||
|
onClose={onClose}
|
||||||
|
title="Správa kategorií"
|
||||||
|
hideFooter
|
||||||
|
size="md"
|
||||||
|
>
|
||||||
|
<div className="plan-cat-manager">
|
||||||
|
{categories.map((c) => (
|
||||||
|
<div
|
||||||
|
key={c.id}
|
||||||
|
className={`plan-cat-row${c.is_active ? "" : " plan-cat-row--inactive"}`}
|
||||||
|
>
|
||||||
|
<input
|
||||||
|
type="color"
|
||||||
|
className="plan-cat-color"
|
||||||
|
// Uncontrolled + patch on blur (like the rename input): the
|
||||||
|
// native color picker fires onChange on every drag tick, which
|
||||||
|
// would spam PATCH requests and the audit log. onBlur commits
|
||||||
|
// once when the picker closes.
|
||||||
|
defaultValue={c.color}
|
||||||
|
key={c.color}
|
||||||
|
disabled={busy}
|
||||||
|
onBlur={(e) => {
|
||||||
|
if (e.target.value !== c.color) {
|
||||||
|
patch(c.id, { color: e.target.value });
|
||||||
|
}
|
||||||
|
}}
|
||||||
|
aria-label={`Barva – ${c.label}`}
|
||||||
|
/>
|
||||||
|
<input
|
||||||
|
type="text"
|
||||||
|
className="admin-form-input"
|
||||||
|
defaultValue={c.label}
|
||||||
|
disabled={busy}
|
||||||
|
onBlur={(e) => {
|
||||||
|
const v = e.target.value.trim();
|
||||||
|
if (v && v !== c.label) patch(c.id, { label: v });
|
||||||
|
}}
|
||||||
|
aria-label={`Název – ${c.label}`}
|
||||||
|
/>
|
||||||
|
{confirmDeleteId === c.id ? (
|
||||||
|
<>
|
||||||
|
<button
|
||||||
|
type="button"
|
||||||
|
className="admin-btn admin-btn-danger admin-btn-sm"
|
||||||
|
disabled={busy}
|
||||||
|
onClick={() => handleDelete(c.id)}
|
||||||
|
>
|
||||||
|
Opravdu smazat
|
||||||
|
</button>
|
||||||
|
<button
|
||||||
|
type="button"
|
||||||
|
className="admin-btn admin-btn-secondary admin-btn-sm"
|
||||||
|
disabled={busy}
|
||||||
|
onClick={() => setConfirmDeleteId(null)}
|
||||||
|
>
|
||||||
|
Zrušit
|
||||||
|
</button>
|
||||||
|
</>
|
||||||
|
) : (
|
||||||
|
<>
|
||||||
|
<button
|
||||||
|
type="button"
|
||||||
|
className="admin-btn admin-btn-secondary admin-btn-sm"
|
||||||
|
disabled={busy}
|
||||||
|
onClick={() => patch(c.id, { is_active: !c.is_active })}
|
||||||
|
>
|
||||||
|
{c.is_active ? "Skrýt" : "Obnovit"}
|
||||||
|
</button>
|
||||||
|
<button
|
||||||
|
type="button"
|
||||||
|
className="admin-btn admin-btn-danger admin-btn-sm plan-cat-delete"
|
||||||
|
disabled={busy}
|
||||||
|
onClick={() => setConfirmDeleteId(c.id)}
|
||||||
|
aria-label={`Smazat – ${c.label}`}
|
||||||
|
title="Smazat kategorii"
|
||||||
|
>
|
||||||
|
Smazat
|
||||||
|
</button>
|
||||||
|
</>
|
||||||
|
)}
|
||||||
|
</div>
|
||||||
|
))}
|
||||||
|
|
||||||
|
<div className="plan-cat-row plan-cat-row--new">
|
||||||
|
<input
|
||||||
|
type="color"
|
||||||
|
className="plan-cat-color"
|
||||||
|
value={newColor}
|
||||||
|
disabled={busy}
|
||||||
|
onChange={(e) => setNewColor(e.target.value)}
|
||||||
|
aria-label="Barva nové kategorie"
|
||||||
|
/>
|
||||||
|
<input
|
||||||
|
type="text"
|
||||||
|
className="admin-form-input"
|
||||||
|
placeholder="Nová kategorie…"
|
||||||
|
value={newLabel}
|
||||||
|
disabled={busy}
|
||||||
|
onChange={(e) => setNewLabel(e.target.value)}
|
||||||
|
onKeyDown={(e) => e.key === "Enter" && handleAdd()}
|
||||||
|
/>
|
||||||
|
<button
|
||||||
|
type="button"
|
||||||
|
className="admin-btn admin-btn-primary admin-btn-sm"
|
||||||
|
disabled={busy}
|
||||||
|
onClick={handleAdd}
|
||||||
|
>
|
||||||
|
Přidat
|
||||||
|
</button>
|
||||||
|
</div>
|
||||||
|
</div>
|
||||||
|
</FormModal>
|
||||||
|
);
|
||||||
|
}
|
||||||
482
src/admin/components/PlanCellModal.tsx
Normal file
482
src/admin/components/PlanCellModal.tsx
Normal file
@@ -0,0 +1,482 @@
|
|||||||
|
import { useState } from "react";
|
||||||
|
import { motion, AnimatePresence } from "framer-motion";
|
||||||
|
import FormModal from "./FormModal";
|
||||||
|
import FormField from "./FormField";
|
||||||
|
import AdminDatePicker from "./AdminDatePicker";
|
||||||
|
import ConfirmModal from "./ConfirmModal";
|
||||||
|
import useReducedMotion from "../hooks/useReducedMotion";
|
||||||
|
import {
|
||||||
|
ResolvedCell,
|
||||||
|
PlanCategory,
|
||||||
|
planCategoryLabel,
|
||||||
|
cellProjectLabel,
|
||||||
|
} from "../lib/queries/plan";
|
||||||
|
import { formatDate } from "../utils/formatters";
|
||||||
|
|
||||||
|
interface Project {
|
||||||
|
id: number;
|
||||||
|
name: string;
|
||||||
|
project_number?: string;
|
||||||
|
}
|
||||||
|
|
||||||
|
export type PlanCellModalMode =
|
||||||
|
| { kind: "closed" }
|
||||||
|
| { kind: "create"; userId: number; date: string }
|
||||||
|
| {
|
||||||
|
kind: "edit-range";
|
||||||
|
entryId: number;
|
||||||
|
userId: number;
|
||||||
|
date: string;
|
||||||
|
range: {
|
||||||
|
date_from: string;
|
||||||
|
date_to: string;
|
||||||
|
project_id: number | null;
|
||||||
|
category: string;
|
||||||
|
note: string;
|
||||||
|
};
|
||||||
|
}
|
||||||
|
| {
|
||||||
|
kind: "edit-override";
|
||||||
|
overrideId: number;
|
||||||
|
userId: number;
|
||||||
|
date: string;
|
||||||
|
cell: ResolvedCell;
|
||||||
|
}
|
||||||
|
| {
|
||||||
|
kind: "day-in-range";
|
||||||
|
entryId: number;
|
||||||
|
userId: number;
|
||||||
|
date: string;
|
||||||
|
range: {
|
||||||
|
date_from: string;
|
||||||
|
date_to: string;
|
||||||
|
project_id: number | null;
|
||||||
|
category: string;
|
||||||
|
note: string;
|
||||||
|
};
|
||||||
|
}
|
||||||
|
| { kind: "view"; userId: number; date: string; cell: ResolvedCell };
|
||||||
|
|
||||||
|
interface Props {
|
||||||
|
open: boolean;
|
||||||
|
mode: PlanCellModalMode;
|
||||||
|
projects: Project[];
|
||||||
|
categories: PlanCategory[];
|
||||||
|
onClose: () => void;
|
||||||
|
onSaveEntry: (body: any) => Promise<void>;
|
||||||
|
onUpdateEntry: (id: number, body: any) => Promise<void>;
|
||||||
|
onDeleteEntry: (id: number) => Promise<void>;
|
||||||
|
onSaveOverride: (body: any) => Promise<void>;
|
||||||
|
onUpdateOverride: (id: number, body: any) => Promise<void>;
|
||||||
|
onDeleteOverride: (id: number) => Promise<void>;
|
||||||
|
onCreateOverrideFromRange: (
|
||||||
|
entryId: number,
|
||||||
|
userId: number,
|
||||||
|
date: string,
|
||||||
|
) => Promise<void>;
|
||||||
|
onSwitchToEditRange: (entryId: number, userId: number, date: string) => void;
|
||||||
|
}
|
||||||
|
|
||||||
|
export default function PlanCellModal(props: Props) {
|
||||||
|
const { open, mode, onClose } = props;
|
||||||
|
if (!open || mode.kind === "closed") return null;
|
||||||
|
if (mode.kind === "view") return <ViewModal {...props} />;
|
||||||
|
if (mode.kind === "day-in-range")
|
||||||
|
return <DayInRangeModal {...props} mode={mode} />;
|
||||||
|
return <EditForm {...props} />;
|
||||||
|
}
|
||||||
|
|
||||||
|
function EditForm(props: Props) {
|
||||||
|
const {
|
||||||
|
mode,
|
||||||
|
onClose,
|
||||||
|
onSaveEntry,
|
||||||
|
onUpdateEntry,
|
||||||
|
onDeleteEntry,
|
||||||
|
onSaveOverride,
|
||||||
|
onUpdateOverride,
|
||||||
|
onDeleteOverride,
|
||||||
|
projects,
|
||||||
|
} = props;
|
||||||
|
const [submitting, setSubmitting] = useState(false);
|
||||||
|
const [confirmDelete, setConfirmDelete] = useState(false);
|
||||||
|
|
||||||
|
// Narrow mode to the kinds EditForm actually handles. The call site in
|
||||||
|
// PlanCellModal only passes "create" | "edit-range" | "edit-override" but
|
||||||
|
// the parameter type is the full union, so we narrow explicitly here.
|
||||||
|
if (
|
||||||
|
mode.kind !== "create" &&
|
||||||
|
mode.kind !== "edit-range" &&
|
||||||
|
mode.kind !== "edit-override"
|
||||||
|
) {
|
||||||
|
return null;
|
||||||
|
}
|
||||||
|
|
||||||
|
const isOverride = mode.kind === "edit-override";
|
||||||
|
const activeCategories = props.categories.filter((c) => c.is_active);
|
||||||
|
|
||||||
|
const initial = (() => {
|
||||||
|
if (mode.kind === "create") {
|
||||||
|
return {
|
||||||
|
date_from: mode.date,
|
||||||
|
date_to: mode.date,
|
||||||
|
is_range: false,
|
||||||
|
project_id: null as number | null,
|
||||||
|
// Default to "work" when it's active, otherwise the first active
|
||||||
|
// category, so a new entry never starts on a retired key.
|
||||||
|
category: activeCategories.some((c) => c.key === "work")
|
||||||
|
? "work"
|
||||||
|
: (activeCategories[0]?.key ?? "work"),
|
||||||
|
note: "",
|
||||||
|
};
|
||||||
|
}
|
||||||
|
if (mode.kind === "edit-range") {
|
||||||
|
return {
|
||||||
|
date_from: mode.range.date_from,
|
||||||
|
date_to: mode.range.date_to,
|
||||||
|
is_range: mode.range.date_from !== mode.range.date_to,
|
||||||
|
project_id: mode.range.project_id,
|
||||||
|
category: mode.range.category,
|
||||||
|
note: mode.range.note,
|
||||||
|
};
|
||||||
|
}
|
||||||
|
// mode.kind === "edit-override" (narrowed above)
|
||||||
|
return {
|
||||||
|
date_from: mode.date,
|
||||||
|
date_to: mode.date,
|
||||||
|
is_range: false,
|
||||||
|
project_id: mode.cell.project_id,
|
||||||
|
category: mode.cell.category,
|
||||||
|
note: mode.cell.note,
|
||||||
|
};
|
||||||
|
})();
|
||||||
|
|
||||||
|
const [dateFrom, setDateFrom] = useState(initial.date_from);
|
||||||
|
const [dateTo, setDateTo] = useState(initial.date_to);
|
||||||
|
const [isRange, setIsRange] = useState(initial.is_range);
|
||||||
|
const [projectId, setProjectId] = useState<number | null>(initial.project_id);
|
||||||
|
const [category, setCategory] = useState(initial.category);
|
||||||
|
const [note, setNote] = useState(initial.note);
|
||||||
|
|
||||||
|
const title =
|
||||||
|
mode.kind === "create"
|
||||||
|
? "Nový záznam plánu"
|
||||||
|
: mode.kind === "edit-range"
|
||||||
|
? "Upravit rozsah"
|
||||||
|
: "Upravit přepsání dne";
|
||||||
|
|
||||||
|
const handleSubmit = async () => {
|
||||||
|
setSubmitting(true);
|
||||||
|
try {
|
||||||
|
if (mode.kind === "create") {
|
||||||
|
const userId = mode.userId;
|
||||||
|
await onSaveEntry({
|
||||||
|
user_id: userId,
|
||||||
|
date_from: dateFrom,
|
||||||
|
date_to: isRange ? dateTo : dateFrom,
|
||||||
|
project_id: projectId,
|
||||||
|
category,
|
||||||
|
note,
|
||||||
|
});
|
||||||
|
} else if (mode.kind === "edit-range") {
|
||||||
|
await onUpdateEntry(mode.entryId, {
|
||||||
|
date_from: dateFrom,
|
||||||
|
date_to: isRange ? dateTo : dateFrom,
|
||||||
|
project_id: projectId,
|
||||||
|
category,
|
||||||
|
note,
|
||||||
|
});
|
||||||
|
} else {
|
||||||
|
await onUpdateOverride(mode.overrideId, {
|
||||||
|
project_id: projectId,
|
||||||
|
category,
|
||||||
|
note,
|
||||||
|
});
|
||||||
|
}
|
||||||
|
onClose();
|
||||||
|
} finally {
|
||||||
|
setSubmitting(false);
|
||||||
|
}
|
||||||
|
};
|
||||||
|
|
||||||
|
const handleDelete = async () => {
|
||||||
|
setSubmitting(true);
|
||||||
|
try {
|
||||||
|
if (mode.kind === "edit-range") {
|
||||||
|
await onDeleteEntry(mode.entryId);
|
||||||
|
} else if (mode.kind === "edit-override") {
|
||||||
|
await onDeleteOverride(mode.overrideId);
|
||||||
|
}
|
||||||
|
onClose();
|
||||||
|
} finally {
|
||||||
|
setSubmitting(false);
|
||||||
|
}
|
||||||
|
};
|
||||||
|
|
||||||
|
return (
|
||||||
|
<>
|
||||||
|
<FormModal
|
||||||
|
isOpen
|
||||||
|
title={title}
|
||||||
|
onClose={onClose}
|
||||||
|
onSubmit={handleSubmit}
|
||||||
|
submitLabel={mode.kind === "create" ? "Vytvořit" : "Uložit"}
|
||||||
|
loading={submitting}
|
||||||
|
footerLeft={
|
||||||
|
mode.kind !== "create" ? (
|
||||||
|
<button
|
||||||
|
type="button"
|
||||||
|
className="admin-btn admin-btn-secondary"
|
||||||
|
onClick={() => setConfirmDelete(true)}
|
||||||
|
disabled={submitting}
|
||||||
|
>
|
||||||
|
<svg
|
||||||
|
width="14"
|
||||||
|
height="14"
|
||||||
|
viewBox="0 0 24 24"
|
||||||
|
fill="none"
|
||||||
|
stroke="currentColor"
|
||||||
|
strokeWidth="2"
|
||||||
|
strokeLinecap="round"
|
||||||
|
strokeLinejoin="round"
|
||||||
|
aria-hidden
|
||||||
|
>
|
||||||
|
<polyline points="3 6 5 6 21 6" />
|
||||||
|
<path d="M19 6l-1 14a2 2 0 0 1-2 2H8a2 2 0 0 1-2-2L5 6" />
|
||||||
|
<path d="M10 11v6" />
|
||||||
|
<path d="M14 11v6" />
|
||||||
|
<path d="M9 6V4a1 1 0 0 1 1-1h4a1 1 0 0 1 1 1v2" />
|
||||||
|
</svg>
|
||||||
|
Smazat
|
||||||
|
</button>
|
||||||
|
) : null
|
||||||
|
}
|
||||||
|
>
|
||||||
|
<FormField label="Datum od">
|
||||||
|
<AdminDatePicker
|
||||||
|
value={dateFrom}
|
||||||
|
onChange={setDateFrom}
|
||||||
|
disabled={isOverride}
|
||||||
|
/>
|
||||||
|
</FormField>
|
||||||
|
{!isOverride && (
|
||||||
|
<FormField label="Rozsah dnů">
|
||||||
|
<label className="admin-form-checkbox">
|
||||||
|
<input
|
||||||
|
type="checkbox"
|
||||||
|
checked={isRange}
|
||||||
|
onChange={(e) => setIsRange(e.target.checked)}
|
||||||
|
/>
|
||||||
|
<span>Více dní</span>
|
||||||
|
</label>
|
||||||
|
</FormField>
|
||||||
|
)}
|
||||||
|
{!isOverride && isRange && (
|
||||||
|
<FormField label="Datum do">
|
||||||
|
<AdminDatePicker value={dateTo} onChange={setDateTo} />
|
||||||
|
</FormField>
|
||||||
|
)}
|
||||||
|
<FormField label="Projekt">
|
||||||
|
<select
|
||||||
|
className="admin-form-select"
|
||||||
|
value={projectId ?? ""}
|
||||||
|
onChange={(e) =>
|
||||||
|
setProjectId(e.target.value ? Number(e.target.value) : null)
|
||||||
|
}
|
||||||
|
>
|
||||||
|
<option value="">— bez projektu —</option>
|
||||||
|
{projects.map((p) => (
|
||||||
|
<option key={p.id} value={p.id}>
|
||||||
|
{p.name}
|
||||||
|
</option>
|
||||||
|
))}
|
||||||
|
</select>
|
||||||
|
</FormField>
|
||||||
|
<FormField label="Kategorie">
|
||||||
|
<select
|
||||||
|
className="admin-form-select"
|
||||||
|
value={category}
|
||||||
|
onChange={(e) => setCategory(e.target.value)}
|
||||||
|
>
|
||||||
|
{/* If the row's current category was retired/hidden, still show it
|
||||||
|
(marked) so the select reflects reality instead of silently
|
||||||
|
snapping to the first active option. The server only re-checks
|
||||||
|
the category if it changes, so keeping it saves fine. */}
|
||||||
|
{category && !activeCategories.some((c) => c.key === category) && (
|
||||||
|
<option value={category}>
|
||||||
|
{planCategoryLabel(
|
||||||
|
category,
|
||||||
|
Object.fromEntries(props.categories.map((x) => [x.key, x])),
|
||||||
|
)}{" "}
|
||||||
|
(skrytá)
|
||||||
|
</option>
|
||||||
|
)}
|
||||||
|
{activeCategories.map((c) => (
|
||||||
|
<option key={c.key} value={c.key}>
|
||||||
|
{c.label}
|
||||||
|
</option>
|
||||||
|
))}
|
||||||
|
</select>
|
||||||
|
</FormField>
|
||||||
|
<FormField label="Text poznámky (volitelný)">
|
||||||
|
<textarea
|
||||||
|
className="admin-form-textarea"
|
||||||
|
value={note}
|
||||||
|
onChange={(e) => setNote(e.target.value)}
|
||||||
|
maxLength={500}
|
||||||
|
rows={3}
|
||||||
|
/>
|
||||||
|
</FormField>
|
||||||
|
</FormModal>
|
||||||
|
|
||||||
|
<ConfirmModal
|
||||||
|
isOpen={confirmDelete}
|
||||||
|
title="Smazat záznam plánu?"
|
||||||
|
message="Tato akce je nevratná (záznam bude soft-delete)."
|
||||||
|
confirmText="Smazat"
|
||||||
|
type="danger"
|
||||||
|
confirmVariant="danger"
|
||||||
|
loading={submitting}
|
||||||
|
onClose={() => setConfirmDelete(false)}
|
||||||
|
onConfirm={handleDelete}
|
||||||
|
/>
|
||||||
|
</>
|
||||||
|
);
|
||||||
|
}
|
||||||
|
|
||||||
|
function DayInRangeModal(
|
||||||
|
props: Props & { mode: Extract<PlanCellModalMode, { kind: "day-in-range" }> },
|
||||||
|
) {
|
||||||
|
const { mode, onClose, onCreateOverrideFromRange, onSwitchToEditRange } =
|
||||||
|
props;
|
||||||
|
const reducedMotion = useReducedMotion();
|
||||||
|
|
||||||
|
// Two clear paths: edit the whole range (default, safe) or carve out
|
||||||
|
// a one-day override (deviates from the plan). Close = no action.
|
||||||
|
const choices = [
|
||||||
|
{
|
||||||
|
key: "edit-range",
|
||||||
|
title: "Upravit celý rozsah",
|
||||||
|
desc: `Změní projekt, kategorii nebo poznámku pro všechny dny v rozsahu ${mode.range.date_from} – ${mode.range.date_to}.`,
|
||||||
|
tone: "primary" as const,
|
||||||
|
onClick: () => onSwitchToEditRange(mode.entryId, mode.userId, mode.date),
|
||||||
|
cta: "Upravit rozsah",
|
||||||
|
},
|
||||||
|
{
|
||||||
|
key: "override-day",
|
||||||
|
title: "Upravit pouze tento den",
|
||||||
|
desc: `Vytvoří přepsání pro ${mode.range.date_from === mode.date ? "tento" : mode.date}; zbytek rozsahu zůstane beze změny.`,
|
||||||
|
tone: "secondary" as const,
|
||||||
|
onClick: async () => {
|
||||||
|
await onCreateOverrideFromRange(mode.entryId, mode.userId, mode.date);
|
||||||
|
onClose();
|
||||||
|
},
|
||||||
|
cta: "Vytvořit přepsání",
|
||||||
|
},
|
||||||
|
];
|
||||||
|
|
||||||
|
return (
|
||||||
|
<FormModal
|
||||||
|
isOpen
|
||||||
|
title="Den je součástí rozsahu"
|
||||||
|
onClose={onClose}
|
||||||
|
hideFooter
|
||||||
|
size="md"
|
||||||
|
>
|
||||||
|
<p className="plan-modal-intro">
|
||||||
|
Den <strong>{mode.date}</strong> je součástí rozsahu{" "}
|
||||||
|
<strong>
|
||||||
|
{mode.range.date_from} – {mode.range.date_to}
|
||||||
|
</strong>
|
||||||
|
. Vyberte, co chcete udělat:
|
||||||
|
</p>
|
||||||
|
<ul className="plan-choices">
|
||||||
|
<AnimatePresence>
|
||||||
|
{choices.map((c, i) => (
|
||||||
|
<motion.li
|
||||||
|
key={c.key}
|
||||||
|
className={`plan-choice plan-choice-${c.tone}`}
|
||||||
|
initial={reducedMotion ? false : { opacity: 0, y: 8 }}
|
||||||
|
animate={{ opacity: 1, y: 0 }}
|
||||||
|
exit={reducedMotion ? undefined : { opacity: 0, y: -4 }}
|
||||||
|
transition={{
|
||||||
|
duration: reducedMotion ? 0 : 0.22,
|
||||||
|
delay: reducedMotion ? 0 : 0.04 + i * 0.05,
|
||||||
|
ease: [0.16, 1, 0.3, 1],
|
||||||
|
}}
|
||||||
|
>
|
||||||
|
<div className="plan-choice-body">
|
||||||
|
<div className="plan-choice-title">{c.title}</div>
|
||||||
|
<div className="plan-choice-desc">{c.desc}</div>
|
||||||
|
</div>
|
||||||
|
<button
|
||||||
|
type="button"
|
||||||
|
className={
|
||||||
|
c.tone === "primary"
|
||||||
|
? "admin-btn admin-btn-primary"
|
||||||
|
: "admin-btn admin-btn-secondary"
|
||||||
|
}
|
||||||
|
onClick={c.onClick}
|
||||||
|
>
|
||||||
|
{c.cta}
|
||||||
|
</button>
|
||||||
|
</motion.li>
|
||||||
|
))}
|
||||||
|
</AnimatePresence>
|
||||||
|
</ul>
|
||||||
|
<div className="plan-modal-actions plan-modal-actions--solo">
|
||||||
|
<button
|
||||||
|
type="button"
|
||||||
|
className="admin-btn admin-btn-secondary"
|
||||||
|
onClick={onClose}
|
||||||
|
>
|
||||||
|
Zavřít — ponechat rozsah beze změny
|
||||||
|
</button>
|
||||||
|
</div>
|
||||||
|
</FormModal>
|
||||||
|
);
|
||||||
|
}
|
||||||
|
|
||||||
|
function ViewModal(props: Props) {
|
||||||
|
const { mode, onClose, projects, categories } = props;
|
||||||
|
if (mode.kind !== "view") return null;
|
||||||
|
const c = mode.cell;
|
||||||
|
// Prefer the server-embedded project label; fall back to the projects-list
|
||||||
|
// lookup only for cells that predate the embed (stale cache).
|
||||||
|
const fallback = c.project_id
|
||||||
|
? (projects.find((p) => p.id === c.project_id) ?? null)
|
||||||
|
: null;
|
||||||
|
const projectLabel =
|
||||||
|
cellProjectLabel(c) ??
|
||||||
|
(fallback
|
||||||
|
? fallback.project_number
|
||||||
|
? `${fallback.project_number} — ${fallback.name}`
|
||||||
|
: fallback.name
|
||||||
|
: null);
|
||||||
|
return (
|
||||||
|
<FormModal isOpen title="Detail plánu" onClose={onClose} hideFooter>
|
||||||
|
<p>
|
||||||
|
<strong>Datum:</strong> {formatDate(c.shift_date)}
|
||||||
|
</p>
|
||||||
|
<p>
|
||||||
|
<strong>Kategorie:</strong>{" "}
|
||||||
|
{planCategoryLabel(
|
||||||
|
c.category,
|
||||||
|
Object.fromEntries(categories.map((x) => [x.key, x])),
|
||||||
|
)}
|
||||||
|
</p>
|
||||||
|
<p>
|
||||||
|
<strong>Projekt:</strong> {projectLabel || "—"}
|
||||||
|
</p>
|
||||||
|
<p>
|
||||||
|
<strong>Text:</strong> {c.note || "—"}
|
||||||
|
</p>
|
||||||
|
{c.rangeFrom && c.rangeTo && (
|
||||||
|
<p>
|
||||||
|
<strong>Patří do rozsahu:</strong> {formatDate(c.rangeFrom)} –{" "}
|
||||||
|
{formatDate(c.rangeTo)}
|
||||||
|
</p>
|
||||||
|
)}
|
||||||
|
</FormModal>
|
||||||
|
);
|
||||||
|
}
|
||||||
260
src/admin/components/PlanGrid.tsx
Normal file
260
src/admin/components/PlanGrid.tsx
Normal file
@@ -0,0 +1,260 @@
|
|||||||
|
import { useMemo } from "react";
|
||||||
|
import type { CSSProperties } from "react";
|
||||||
|
import {
|
||||||
|
GridData,
|
||||||
|
ResolvedCell,
|
||||||
|
planCategoryLabel,
|
||||||
|
categoryMap,
|
||||||
|
PlanCategory,
|
||||||
|
} from "../lib/queries/plan";
|
||||||
|
import type { Project } from "../lib/queries/projects";
|
||||||
|
import PlanRangeChips from "./PlanRangeChips";
|
||||||
|
|
||||||
|
interface Props {
|
||||||
|
data: GridData | undefined;
|
||||||
|
canEdit: boolean;
|
||||||
|
projects: Project[];
|
||||||
|
categories: PlanCategory[];
|
||||||
|
// The (userId, date) of the most recent successful mutation. The
|
||||||
|
// matching cell gets a one-shot highlight pulse. `nonce` is part of
|
||||||
|
// the value so back-to-back mutations on the same cell re-trigger
|
||||||
|
// the animation (React needs a new key to re-mount the class).
|
||||||
|
pulseKey?: { userId: number; date: string; nonce: number } | null;
|
||||||
|
onCellClick: (
|
||||||
|
userId: number,
|
||||||
|
date: string,
|
||||||
|
cell: ResolvedCell | null,
|
||||||
|
) => void;
|
||||||
|
}
|
||||||
|
|
||||||
|
// Full Czech weekday names, indexed by Date.getUTCDay() (0 = Sunday).
|
||||||
|
// Used in the date column "stamp" so the day name reads in full rather
|
||||||
|
// than as a 2-letter abbreviation — easier to scan when the planner
|
||||||
|
// spans several weeks.
|
||||||
|
const CZECH_WEEKDAYS = [
|
||||||
|
"Neděle",
|
||||||
|
"Pondělí",
|
||||||
|
"Úterý",
|
||||||
|
"Středa",
|
||||||
|
"Čtvrtek",
|
||||||
|
"Pátek",
|
||||||
|
"Sobota",
|
||||||
|
];
|
||||||
|
|
||||||
|
function eachDay(from: string, to: string): string[] {
|
||||||
|
const out: string[] = [];
|
||||||
|
const a = new Date(from + "T00:00:00.000Z");
|
||||||
|
const b = new Date(to + "T00:00:00.000Z");
|
||||||
|
for (let d = new Date(a); d <= b; d.setUTCDate(d.getUTCDate() + 1)) {
|
||||||
|
out.push(d.toISOString().slice(0, 10));
|
||||||
|
}
|
||||||
|
return out;
|
||||||
|
}
|
||||||
|
|
||||||
|
function czechWeekday(dateStr: string): string {
|
||||||
|
return CZECH_WEEKDAYS[new Date(dateStr + "T00:00:00.000Z").getUTCDay()];
|
||||||
|
}
|
||||||
|
|
||||||
|
function isWeekend(dateStr: string): boolean {
|
||||||
|
const day = new Date(dateStr + "T00:00:00.000Z").getUTCDay();
|
||||||
|
return day === 0 || day === 6;
|
||||||
|
}
|
||||||
|
|
||||||
|
// Today's local date as YYYY-MM-DD. Used to mark the current row and to
|
||||||
|
// gate past-day editing. Uses local time (matches the project's date
|
||||||
|
// conventions in CLAUDE.md and the server's `assertNotPastDate` guard in
|
||||||
|
// src/services/plan.service.ts).
|
||||||
|
function todayIso(): string {
|
||||||
|
const d = new Date();
|
||||||
|
const y = d.getFullYear();
|
||||||
|
const m = String(d.getMonth() + 1).padStart(2, "0");
|
||||||
|
const day = String(d.getDate()).padStart(2, "0");
|
||||||
|
return `${y}-${m}-${day}`;
|
||||||
|
}
|
||||||
|
|
||||||
|
// True when the given YYYY-MM-DD cell date is strictly before today (local).
|
||||||
|
// Used to gate the create / edit UI on past days — the server still enforces
|
||||||
|
// the rule with a 403, but the client should never put the user in the
|
||||||
|
// "I clicked, modal opened, error toast" state in the first place.
|
||||||
|
function isPastDate(dateStr: string, today: string): boolean {
|
||||||
|
return dateStr < today;
|
||||||
|
}
|
||||||
|
|
||||||
|
// Split a full name into first / last for the column header.
|
||||||
|
function splitName(full: string): { first: string; last: string } {
|
||||||
|
const parts = full.trim().split(/\s+/);
|
||||||
|
if (parts.length === 1) return { first: parts[0], last: "" };
|
||||||
|
return { first: parts[0], last: parts.slice(1).join(" ") };
|
||||||
|
}
|
||||||
|
|
||||||
|
// Short role label for the column header sub-line.
|
||||||
|
function shortRole(role: string | null): string {
|
||||||
|
if (!role) return "";
|
||||||
|
// Keep it brief — column header is tight
|
||||||
|
if (/^admin$/i.test(role)) return "Admin";
|
||||||
|
if (/^viewer$/i.test(role)) return "Viewer";
|
||||||
|
return role.length > 10 ? role.slice(0, 9) + "…" : role;
|
||||||
|
}
|
||||||
|
|
||||||
|
export default function PlanGrid({
|
||||||
|
data,
|
||||||
|
canEdit,
|
||||||
|
projects,
|
||||||
|
categories,
|
||||||
|
pulseKey,
|
||||||
|
onCellClick,
|
||||||
|
}: Props) {
|
||||||
|
const today = useMemo(() => todayIso(), []);
|
||||||
|
const catMap = useMemo(() => categoryMap(categories), [categories]);
|
||||||
|
|
||||||
|
if (!data)
|
||||||
|
return (
|
||||||
|
<div className="admin-loading">
|
||||||
|
<div className="admin-spinner" />
|
||||||
|
</div>
|
||||||
|
);
|
||||||
|
const days = eachDay(data.date_from, data.date_to);
|
||||||
|
const users = data.users;
|
||||||
|
// pulseKey?.nonce is included in the data-pulse attribute so a second
|
||||||
|
// mutation on the same cell re-triggers the animation (CSS animations
|
||||||
|
// don't restart unless the keyframe applies to a fresh element/class
|
||||||
|
// binding).
|
||||||
|
const pulseAttr = pulseKey
|
||||||
|
? `${pulseKey.userId}|${pulseKey.date}|${pulseKey.nonce}`
|
||||||
|
: undefined;
|
||||||
|
|
||||||
|
return (
|
||||||
|
<div className="plan-grid-wrap" data-pulse={pulseAttr}>
|
||||||
|
<table className="plan-grid">
|
||||||
|
{/* The colgroup is what actually controls column width in a
|
||||||
|
table — `min-width` on `<th>`/`<td>` is just a floor that
|
||||||
|
`table-layout: auto` happily blows past. The first column
|
||||||
|
gets a fixed width via the col element so the date stamp
|
||||||
|
doesn't get stretched to share space with person columns. */}
|
||||||
|
<colgroup>
|
||||||
|
<col className="plan-grid-date-col" />
|
||||||
|
{users.map((u) => (
|
||||||
|
<col key={u.id} />
|
||||||
|
))}
|
||||||
|
</colgroup>
|
||||||
|
<thead>
|
||||||
|
<tr>
|
||||||
|
<th className="plan-grid-date-col">Datum</th>
|
||||||
|
{users.map((u) => {
|
||||||
|
const { first, last } = splitName(u.full_name);
|
||||||
|
return (
|
||||||
|
<th key={u.id}>
|
||||||
|
<span className="plan-person-head">
|
||||||
|
<span className="plan-person-dot" aria-hidden />
|
||||||
|
<span className="plan-person-name">
|
||||||
|
<strong title={u.full_name}>
|
||||||
|
{first}
|
||||||
|
{last ? ` ${last}` : ""}
|
||||||
|
</strong>
|
||||||
|
{shortRole(u.role_name) && (
|
||||||
|
<small>{shortRole(u.role_name)}</small>
|
||||||
|
)}
|
||||||
|
</span>
|
||||||
|
</span>
|
||||||
|
</th>
|
||||||
|
);
|
||||||
|
})}
|
||||||
|
</tr>
|
||||||
|
</thead>
|
||||||
|
<tbody>
|
||||||
|
{days.map((date) => {
|
||||||
|
const dow = czechWeekday(date);
|
||||||
|
const dayNum = date.slice(8, 10);
|
||||||
|
const isToday = date === today;
|
||||||
|
const trCls = [
|
||||||
|
isWeekend(date) ? "plan-grid-weekend" : "",
|
||||||
|
isToday ? "is-today" : "",
|
||||||
|
]
|
||||||
|
.filter(Boolean)
|
||||||
|
.join(" ");
|
||||||
|
return (
|
||||||
|
<tr key={date} className={trCls}>
|
||||||
|
<td className="plan-grid-date-col">
|
||||||
|
<span className="plan-date-stamp">
|
||||||
|
<span className="plan-date-daynum">{dayNum}</span>
|
||||||
|
<span className="plan-date-dow">{dow}</span>
|
||||||
|
</span>
|
||||||
|
</td>
|
||||||
|
{users.map((u) => {
|
||||||
|
const cell = data.cells[u.id]?.[date] ?? null;
|
||||||
|
const past = isPastDate(date, today);
|
||||||
|
// Past-day cells are read-only in the UI: an empty past
|
||||||
|
// cell is non-interactive (no create modal, no "+" hint),
|
||||||
|
// a past cell with data opens in view mode only. The
|
||||||
|
// server still enforces the past-date rule with a 403
|
||||||
|
// (defense in depth), but the click path here never
|
||||||
|
// reaches a create/edit submission for a past date.
|
||||||
|
const isLocked = !canEdit || past;
|
||||||
|
// `isPulsing` is true for the single (user, date) cell
|
||||||
|
// that the most recent successful mutation touched.
|
||||||
|
// CSS restarts the keyframe animation whenever the
|
||||||
|
// `nonce` changes (we embed it in data-pulse on the
|
||||||
|
// wrapper, see above), so back-to-back mutations on the
|
||||||
|
// same cell re-trigger the pulse.
|
||||||
|
const isPulsing =
|
||||||
|
!!pulseKey &&
|
||||||
|
pulseKey.userId === u.id &&
|
||||||
|
pulseKey.date === date;
|
||||||
|
let cls: string;
|
||||||
|
if (cell) {
|
||||||
|
cls = isLocked
|
||||||
|
? `plan-cell plan-cell--readonly${past ? " plan-cell--past" : ""}`
|
||||||
|
: "plan-cell";
|
||||||
|
} else {
|
||||||
|
cls = isLocked
|
||||||
|
? `plan-cell plan-cell--empty plan-cell--readonly${past ? " plan-cell--past" : ""}`
|
||||||
|
: "plan-cell plan-cell--empty";
|
||||||
|
}
|
||||||
|
if (isPulsing) cls += " plan-cell--pulse";
|
||||||
|
return (
|
||||||
|
<td key={u.id}>
|
||||||
|
<button
|
||||||
|
type="button"
|
||||||
|
className={cls}
|
||||||
|
style={
|
||||||
|
cell
|
||||||
|
? ({
|
||||||
|
"--cat-color": catMap[cell.category]?.color,
|
||||||
|
} as CSSProperties)
|
||||||
|
: undefined
|
||||||
|
}
|
||||||
|
onClick={() => onCellClick(u.id, date, cell)}
|
||||||
|
aria-label={
|
||||||
|
cell
|
||||||
|
? `${u.full_name}, ${date}, ${planCategoryLabel(cell.category, catMap)}`
|
||||||
|
: isLocked
|
||||||
|
? `${u.full_name}, ${date}, ${past ? "uplynulý den" : "prázdné"} — bez záznamu`
|
||||||
|
: `${u.full_name}, ${date}, prázdné — přidat záznam`
|
||||||
|
}
|
||||||
|
>
|
||||||
|
<PlanRangeChips
|
||||||
|
cell={cell}
|
||||||
|
project={
|
||||||
|
cell?.project_id
|
||||||
|
? (projects.find(
|
||||||
|
(p) => p.id === cell.project_id,
|
||||||
|
) ?? null)
|
||||||
|
: null
|
||||||
|
}
|
||||||
|
readonly={!canEdit}
|
||||||
|
categoryLabel={
|
||||||
|
cell ? planCategoryLabel(cell.category, catMap) : ""
|
||||||
|
}
|
||||||
|
/>
|
||||||
|
</button>
|
||||||
|
</td>
|
||||||
|
);
|
||||||
|
})}
|
||||||
|
</tr>
|
||||||
|
);
|
||||||
|
})}
|
||||||
|
</tbody>
|
||||||
|
</table>
|
||||||
|
</div>
|
||||||
|
);
|
||||||
|
}
|
||||||
42
src/admin/components/PlanRangeChips.tsx
Normal file
42
src/admin/components/PlanRangeChips.tsx
Normal file
@@ -0,0 +1,42 @@
|
|||||||
|
import { ResolvedCell, cellProjectLabel } from "../lib/queries/plan";
|
||||||
|
import type { Project } from "../lib/queries/projects";
|
||||||
|
|
||||||
|
interface Props {
|
||||||
|
cell: ResolvedCell | null;
|
||||||
|
project: Project | null;
|
||||||
|
readonly?: boolean;
|
||||||
|
categoryLabel: string;
|
||||||
|
}
|
||||||
|
|
||||||
|
export default function PlanRangeChips({
|
||||||
|
cell,
|
||||||
|
project,
|
||||||
|
readonly,
|
||||||
|
categoryLabel,
|
||||||
|
}: Props) {
|
||||||
|
void readonly;
|
||||||
|
if (!cell) return null;
|
||||||
|
// Prefer the server-embedded project label (always present). Fall back to
|
||||||
|
// the looked-up `project` prop only if the cell predates the embed (stale
|
||||||
|
// cache).
|
||||||
|
const fallbackLabel = project
|
||||||
|
? project.project_number
|
||||||
|
? `${project.project_number} — ${project.name}`
|
||||||
|
: project.name
|
||||||
|
: null;
|
||||||
|
const projectLabel = cellProjectLabel(cell) ?? fallbackLabel;
|
||||||
|
const projectTitle = projectLabel ?? undefined;
|
||||||
|
return (
|
||||||
|
<div className="plan-chip-block">
|
||||||
|
<div className="plan-chip-line">
|
||||||
|
<span className="plan-chip">{categoryLabel}</span>
|
||||||
|
{projectLabel && (
|
||||||
|
<span className="plan-chip-project" title={projectTitle}>
|
||||||
|
{projectLabel}
|
||||||
|
</span>
|
||||||
|
)}
|
||||||
|
</div>
|
||||||
|
{cell.note && <div className="plan-cell-note">{cell.note}</div>}
|
||||||
|
</div>
|
||||||
|
);
|
||||||
|
}
|
||||||
@@ -1,4 +1,6 @@
|
|||||||
import { useState, useEffect, useRef, useCallback } from "react";
|
import { useState, useRef } from "react";
|
||||||
|
import { useQuery, useQueryClient } from "@tanstack/react-query";
|
||||||
|
import { projectFilesOptions } from "../lib/queries/projects";
|
||||||
import { useAlert } from "../context/AlertContext";
|
import { useAlert } from "../context/AlertContext";
|
||||||
import ConfirmModal from "./ConfirmModal";
|
import ConfirmModal from "./ConfirmModal";
|
||||||
import apiFetch from "../utils/api";
|
import apiFetch from "../utils/api";
|
||||||
@@ -196,13 +198,11 @@ export default function ProjectFileManager({
|
|||||||
hasNasFolder,
|
hasNasFolder,
|
||||||
}: ProjectFileManagerProps) {
|
}: ProjectFileManagerProps) {
|
||||||
const alert = useAlert();
|
const alert = useAlert();
|
||||||
|
const queryClient = useQueryClient();
|
||||||
const fileInputRef = useRef<HTMLInputElement>(null);
|
const fileInputRef = useRef<HTMLInputElement>(null);
|
||||||
|
const isCancelling = useRef(false);
|
||||||
|
|
||||||
const [items, setItems] = useState<FileItem[]>([]);
|
|
||||||
const [loading, setLoading] = useState(true);
|
|
||||||
const [currentPath, setCurrentPath] = useState("");
|
const [currentPath, setCurrentPath] = useState("");
|
||||||
const [breadcrumb, setBreadcrumb] = useState<string[]>([""]);
|
|
||||||
const [fullPath, setFullPath] = useState("");
|
|
||||||
|
|
||||||
const [dragOver, setDragOver] = useState(false);
|
const [dragOver, setDragOver] = useState(false);
|
||||||
const [uploading, setUploading] = useState(false);
|
const [uploading, setUploading] = useState(false);
|
||||||
@@ -216,59 +216,25 @@ export default function ProjectFileManager({
|
|||||||
|
|
||||||
const [deleteTarget, setDeleteTarget] = useState<FileItem | null>(null);
|
const [deleteTarget, setDeleteTarget] = useState<FileItem | null>(null);
|
||||||
const [deleting, setDeleting] = useState(false);
|
const [deleting, setDeleting] = useState(false);
|
||||||
const [errorMessage, setErrorMessage] = useState<string | null>(null);
|
|
||||||
|
|
||||||
const canManage = hasPermission("projects.files");
|
const canManage = hasPermission("projects.files");
|
||||||
|
|
||||||
const fetchFiles = useCallback(
|
const {
|
||||||
async (path = "", options: { ignore?: boolean } = {}) => {
|
data: filesData,
|
||||||
setLoading(true);
|
isPending: filesLoading,
|
||||||
setErrorMessage(null);
|
error: filesError,
|
||||||
try {
|
} = useQuery(projectFilesOptions(projectId, currentPath));
|
||||||
const params = new URLSearchParams({ project_id: String(projectId) });
|
const items = filesData?.items ?? [];
|
||||||
if (path) {
|
const breadcrumb = filesData?.breadcrumb ?? [""];
|
||||||
params.set("path", path);
|
const fullPath = filesData?.full_path ?? "";
|
||||||
}
|
const errorMessage = filesError
|
||||||
const res = await apiFetch(`${API_BASE}/project-files?${params}`);
|
? filesError.message || "Nepodařilo se načíst soubory"
|
||||||
if (options.ignore) return;
|
: null;
|
||||||
if (res.status === 401) return;
|
|
||||||
const data = await res.json();
|
|
||||||
if (data.success) {
|
|
||||||
setItems(data.data.items || []);
|
|
||||||
setBreadcrumb(data.data.breadcrumb || [""]);
|
|
||||||
setCurrentPath(data.data.path || "");
|
|
||||||
setFullPath(data.data.full_path || "");
|
|
||||||
} else if (res.status === 404) {
|
|
||||||
setItems([]);
|
|
||||||
setBreadcrumb([""]);
|
|
||||||
} else {
|
|
||||||
setErrorMessage(data.error || "Nepodařilo se načíst soubory");
|
|
||||||
}
|
|
||||||
} catch {
|
|
||||||
if (!options.ignore) {
|
|
||||||
setErrorMessage("Chyba připojení");
|
|
||||||
}
|
|
||||||
} finally {
|
|
||||||
if (!options.ignore) {
|
|
||||||
setLoading(false);
|
|
||||||
}
|
|
||||||
}
|
|
||||||
},
|
|
||||||
[projectId],
|
|
||||||
);
|
|
||||||
|
|
||||||
useEffect(() => {
|
|
||||||
const opts = { ignore: false };
|
|
||||||
fetchFiles("", opts);
|
|
||||||
return () => {
|
|
||||||
opts.ignore = true;
|
|
||||||
};
|
|
||||||
}, [fetchFiles]);
|
|
||||||
|
|
||||||
const navigateTo = (path: string) => {
|
const navigateTo = (path: string) => {
|
||||||
setNewFolderMode(false);
|
setNewFolderMode(false);
|
||||||
setRenamingItem(null);
|
setRenamingItem(null);
|
||||||
fetchFiles(path);
|
setCurrentPath(path);
|
||||||
};
|
};
|
||||||
|
|
||||||
const handleBreadcrumbClick = (index: number) => {
|
const handleBreadcrumbClick = (index: number) => {
|
||||||
@@ -331,7 +297,9 @@ export default function ProjectFileManager({
|
|||||||
? "Soubor byl nahrán"
|
? "Soubor byl nahrán"
|
||||||
: `Nahráno ${successCount} souborů`;
|
: `Nahráno ${successCount} souborů`;
|
||||||
alert.success(msg);
|
alert.success(msg);
|
||||||
fetchFiles(currentPath);
|
queryClient.invalidateQueries({
|
||||||
|
queryKey: ["projects", String(projectId), "files"],
|
||||||
|
});
|
||||||
}
|
}
|
||||||
if (errorMsg) {
|
if (errorMsg) {
|
||||||
alert.error(errorMsg);
|
alert.error(errorMsg);
|
||||||
@@ -382,7 +350,9 @@ export default function ProjectFileManager({
|
|||||||
alert.success("Složka byla vytvořena");
|
alert.success("Složka byla vytvořena");
|
||||||
setNewFolderMode(false);
|
setNewFolderMode(false);
|
||||||
setNewFolderName("");
|
setNewFolderName("");
|
||||||
fetchFiles(currentPath);
|
queryClient.invalidateQueries({
|
||||||
|
queryKey: ["projects", String(projectId), "files"],
|
||||||
|
});
|
||||||
} else {
|
} else {
|
||||||
alert.error(data.error || "Nepodařilo se vytvořit složku");
|
alert.error(data.error || "Nepodařilo se vytvořit složku");
|
||||||
}
|
}
|
||||||
@@ -443,7 +413,9 @@ export default function ProjectFileManager({
|
|||||||
? "Složka byla smazána"
|
? "Složka byla smazána"
|
||||||
: "Soubor byl smazán",
|
: "Soubor byl smazán",
|
||||||
);
|
);
|
||||||
fetchFiles(currentPath);
|
queryClient.invalidateQueries({
|
||||||
|
queryKey: ["projects", String(projectId), "files"],
|
||||||
|
});
|
||||||
} else {
|
} else {
|
||||||
alert.error(data.error || "Nepodařilo se smazat");
|
alert.error(data.error || "Nepodařilo se smazat");
|
||||||
}
|
}
|
||||||
@@ -478,7 +450,9 @@ export default function ProjectFileManager({
|
|||||||
const data = await res.json();
|
const data = await res.json();
|
||||||
if (data.success) {
|
if (data.success) {
|
||||||
alert.success("Přejmenováno");
|
alert.success("Přejmenováno");
|
||||||
fetchFiles(currentPath);
|
queryClient.invalidateQueries({
|
||||||
|
queryKey: ["projects", String(projectId), "files"],
|
||||||
|
});
|
||||||
} else {
|
} else {
|
||||||
alert.error(data.error || "Nepodařilo se přejmenovat");
|
alert.error(data.error || "Nepodařilo se přejmenovat");
|
||||||
}
|
}
|
||||||
@@ -494,31 +468,10 @@ export default function ProjectFileManager({
|
|||||||
setRenameValue(item.name);
|
setRenameValue(item.name);
|
||||||
};
|
};
|
||||||
|
|
||||||
if (loading && items.length === 0 && !errorMessage) {
|
if (filesLoading && items.length === 0 && !errorMessage) {
|
||||||
return (
|
return (
|
||||||
<div className="admin-card">
|
<div className="admin-loading">
|
||||||
<div className="admin-card-body">
|
<div className="admin-spinner" />
|
||||||
<h3 className="admin-card-title">Soubory</h3>
|
|
||||||
<div className="admin-skeleton" style={{ padding: 0, gap: "0.5rem" }}>
|
|
||||||
{[0, 1, 2, 3].map((i) => (
|
|
||||||
<div key={i} className="admin-skeleton-row">
|
|
||||||
<div
|
|
||||||
className="admin-skeleton-line"
|
|
||||||
style={{
|
|
||||||
width: "18px",
|
|
||||||
height: "18px",
|
|
||||||
borderRadius: "4px",
|
|
||||||
flexShrink: 0,
|
|
||||||
}}
|
|
||||||
/>
|
|
||||||
<div
|
|
||||||
className="admin-skeleton-line"
|
|
||||||
style={{ width: `${60 + i * 10}%` }}
|
|
||||||
/>
|
|
||||||
</div>
|
|
||||||
))}
|
|
||||||
</div>
|
|
||||||
</div>
|
|
||||||
</div>
|
</div>
|
||||||
);
|
);
|
||||||
}
|
}
|
||||||
@@ -709,7 +662,7 @@ export default function ProjectFileManager({
|
|||||||
</div>
|
</div>
|
||||||
)}
|
)}
|
||||||
|
|
||||||
{items.length === 0 && !loading ? (
|
{items.length === 0 && !filesLoading ? (
|
||||||
<div className="fm-empty">
|
<div className="fm-empty">
|
||||||
<svg
|
<svg
|
||||||
width="32"
|
width="32"
|
||||||
@@ -768,10 +721,26 @@ export default function ProjectFileManager({
|
|||||||
}}
|
}}
|
||||||
autoFocus
|
autoFocus
|
||||||
onKeyDown={(e) => {
|
onKeyDown={(e) => {
|
||||||
if (e.key === "Enter") handleRename(item);
|
if (e.key === "Enter") {
|
||||||
if (e.key === "Escape") setRenamingItem(null);
|
e.preventDefault();
|
||||||
|
handleRename(item);
|
||||||
|
}
|
||||||
|
if (e.key === "Escape") {
|
||||||
|
e.preventDefault();
|
||||||
|
isCancelling.current = true;
|
||||||
|
setRenamingItem(null);
|
||||||
|
setRenameValue(item.name);
|
||||||
|
setTimeout(() => {
|
||||||
|
isCancelling.current = false;
|
||||||
|
}, 0);
|
||||||
|
}
|
||||||
|
}}
|
||||||
|
onBlur={() => {
|
||||||
|
if (isCancelling.current) {
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
handleRename(item);
|
||||||
}}
|
}}
|
||||||
onBlur={() => handleRename(item)}
|
|
||||||
/>
|
/>
|
||||||
) : (
|
) : (
|
||||||
<FileNameCell
|
<FileNameCell
|
||||||
|
|||||||
@@ -1,66 +1,7 @@
|
|||||||
import { useMemo, useRef, useCallback } from "react";
|
import { useMemo, useRef, useCallback, useLayoutEffect } from "react";
|
||||||
import ReactQuill from "react-quill-new";
|
import ReactQuill from "react-quill-new";
|
||||||
import "react-quill-new/dist/quill.snow.css";
|
import "react-quill-new/dist/quill.snow.css";
|
||||||
|
|
||||||
const Quill = ReactQuill.Quill;
|
|
||||||
|
|
||||||
if (!(Quill as any).__bohaRegistered) {
|
|
||||||
const Font = Quill.import("attributors/class/font") as any;
|
|
||||||
Font.whitelist = [
|
|
||||||
"arial",
|
|
||||||
"tahoma",
|
|
||||||
"verdana",
|
|
||||||
"georgia",
|
|
||||||
"times-new-roman",
|
|
||||||
"courier-new",
|
|
||||||
"trebuchet-ms",
|
|
||||||
"impact",
|
|
||||||
"comic-sans-ms",
|
|
||||||
"lucida-console",
|
|
||||||
"palatino-linotype",
|
|
||||||
"garamond",
|
|
||||||
];
|
|
||||||
Quill.register(Font, true);
|
|
||||||
|
|
||||||
const SizeStyle = Quill.import("attributors/style/size") as any;
|
|
||||||
SizeStyle.whitelist = [
|
|
||||||
"8px",
|
|
||||||
"9px",
|
|
||||||
"10px",
|
|
||||||
"11px",
|
|
||||||
"12px",
|
|
||||||
"14px",
|
|
||||||
"16px",
|
|
||||||
"18px",
|
|
||||||
"20px",
|
|
||||||
"24px",
|
|
||||||
"28px",
|
|
||||||
"32px",
|
|
||||||
"36px",
|
|
||||||
"48px",
|
|
||||||
];
|
|
||||||
Quill.register(SizeStyle, true);
|
|
||||||
(Quill as any).__bohaRegistered = true;
|
|
||||||
}
|
|
||||||
|
|
||||||
const Font = Quill.import("attributors/class/font") as any;
|
|
||||||
const SIZE_WHITELIST = [
|
|
||||||
"8px",
|
|
||||||
"9px",
|
|
||||||
"10px",
|
|
||||||
"11px",
|
|
||||||
"12px",
|
|
||||||
"14px",
|
|
||||||
"16px",
|
|
||||||
"18px",
|
|
||||||
"20px",
|
|
||||||
"24px",
|
|
||||||
"28px",
|
|
||||||
"32px",
|
|
||||||
"36px",
|
|
||||||
"48px",
|
|
||||||
];
|
|
||||||
|
|
||||||
const COLORS = [
|
const COLORS = [
|
||||||
"#000000",
|
"#000000",
|
||||||
"#1a1a1a",
|
"#1a1a1a",
|
||||||
@@ -95,8 +36,6 @@ const COLORS = [
|
|||||||
];
|
];
|
||||||
|
|
||||||
const TOOLBAR = [
|
const TOOLBAR = [
|
||||||
[{ font: Font.whitelist }],
|
|
||||||
[{ size: SIZE_WHITELIST }],
|
|
||||||
["bold", "italic", "underline", "strike"],
|
["bold", "italic", "underline", "strike"],
|
||||||
[{ color: COLORS }, { background: COLORS }],
|
[{ color: COLORS }, { background: COLORS }],
|
||||||
[{ list: "ordered" }, { list: "bullet" }],
|
[{ list: "ordered" }, { list: "bullet" }],
|
||||||
@@ -107,8 +46,6 @@ const TOOLBAR = [
|
|||||||
];
|
];
|
||||||
|
|
||||||
const FORMATS = [
|
const FORMATS = [
|
||||||
"font",
|
|
||||||
"size",
|
|
||||||
"bold",
|
"bold",
|
||||||
"italic",
|
"italic",
|
||||||
"underline",
|
"underline",
|
||||||
@@ -159,6 +96,13 @@ export default function RichEditor({
|
|||||||
[onChange],
|
[onChange],
|
||||||
);
|
);
|
||||||
|
|
||||||
|
useLayoutEffect(() => {
|
||||||
|
if (!quillRef.current) return;
|
||||||
|
const editor = quillRef.current.getEditor();
|
||||||
|
editor.root.style.fontFamily = "Tahoma, sans-serif";
|
||||||
|
editor.root.style.fontSize = "14px";
|
||||||
|
}, []);
|
||||||
|
|
||||||
return (
|
return (
|
||||||
<div
|
<div
|
||||||
className="admin-rich-editor"
|
className="admin-rich-editor"
|
||||||
|
|||||||
@@ -1,6 +1,5 @@
|
|||||||
import { motion, AnimatePresence } from "framer-motion";
|
|
||||||
import AdminDatePicker from "./AdminDatePicker";
|
import AdminDatePicker from "./AdminDatePicker";
|
||||||
import useModalLock from "../hooks/useModalLock";
|
import FormModal from "./FormModal";
|
||||||
import {
|
import {
|
||||||
calcFormWorkMinutes,
|
calcFormWorkMinutes,
|
||||||
calcProjectMinutesTotal,
|
calcProjectMinutesTotal,
|
||||||
@@ -68,7 +67,7 @@ interface ProjectLogRowProps {
|
|||||||
|
|
||||||
export interface ShiftFormModalProps {
|
export interface ShiftFormModalProps {
|
||||||
mode: "create" | "edit";
|
mode: "create" | "edit";
|
||||||
show: boolean;
|
isOpen: boolean;
|
||||||
onClose: () => void;
|
onClose: () => void;
|
||||||
onSubmit: () => void;
|
onSubmit: () => void;
|
||||||
form: ShiftFormData;
|
form: ShiftFormData;
|
||||||
@@ -85,7 +84,15 @@ export interface ShiftFormModalProps {
|
|||||||
|
|
||||||
function ProjectTimeStatus({ form, projectLogs }: ProjectTimeStatusProps) {
|
function ProjectTimeStatus({ form, projectLogs }: ProjectTimeStatusProps) {
|
||||||
const totalWork = calcFormWorkMinutes(form);
|
const totalWork = calcFormWorkMinutes(form);
|
||||||
const totalProject = calcProjectMinutesTotal(projectLogs);
|
const totalProject = calcProjectMinutesTotal(
|
||||||
|
projectLogs.map((l) => ({
|
||||||
|
...l,
|
||||||
|
project_id:
|
||||||
|
l.project_id !== "" && l.project_id != null
|
||||||
|
? Number(l.project_id)
|
||||||
|
: undefined,
|
||||||
|
})),
|
||||||
|
);
|
||||||
const remaining = totalWork - totalProject;
|
const remaining = totalWork - totalProject;
|
||||||
const hasLogs = projectLogs.some((l) => l.project_id);
|
const hasLogs = projectLogs.some((l) => l.project_id);
|
||||||
|
|
||||||
@@ -196,7 +203,7 @@ function ProjectLogRow({
|
|||||||
|
|
||||||
export default function ShiftFormModal({
|
export default function ShiftFormModal({
|
||||||
mode,
|
mode,
|
||||||
show,
|
isOpen,
|
||||||
onClose,
|
onClose,
|
||||||
onSubmit,
|
onSubmit,
|
||||||
form,
|
form,
|
||||||
@@ -208,7 +215,6 @@ export default function ShiftFormModal({
|
|||||||
onShiftDateChange,
|
onShiftDateChange,
|
||||||
editingRecord,
|
editingRecord,
|
||||||
}: ShiftFormModalProps) {
|
}: ShiftFormModalProps) {
|
||||||
useModalLock(show);
|
|
||||||
const isCreate = mode === "create";
|
const isCreate = mode === "create";
|
||||||
const isWorkType = form.leave_type === "work";
|
const isWorkType = form.leave_type === "work";
|
||||||
|
|
||||||
@@ -239,274 +245,209 @@ export default function ShiftFormModal({
|
|||||||
};
|
};
|
||||||
|
|
||||||
return (
|
return (
|
||||||
<AnimatePresence>
|
<FormModal
|
||||||
{show && (
|
isOpen={isOpen}
|
||||||
<motion.div
|
onClose={onClose}
|
||||||
className="admin-modal-overlay"
|
title={isCreate ? "Přidat záznam docházky" : "Upravit docházku"}
|
||||||
initial={{ opacity: 0 }}
|
subtitle={
|
||||||
animate={{ opacity: 1 }}
|
!isCreate && editingRecord
|
||||||
exit={{ opacity: 0 }}
|
? `${editingRecord.user_name} — ${formatDate(editingRecord.shift_date)}`
|
||||||
transition={{ duration: 0.2 }}
|
: undefined
|
||||||
>
|
}
|
||||||
<div className="admin-modal-backdrop" onClick={onClose} />
|
size="lg"
|
||||||
<motion.div
|
onSubmit={onSubmit}
|
||||||
className="admin-modal admin-modal-lg"
|
submitLabel="Uložit"
|
||||||
initial={{ opacity: 0, scale: 0.95, y: 20 }}
|
cancelLabel="Zrušit"
|
||||||
animate={{ opacity: 1, scale: 1, y: 0 }}
|
>
|
||||||
exit={{ opacity: 0, scale: 0.95, y: 20 }}
|
<div className="admin-form">
|
||||||
transition={{ duration: 0.2 }}
|
{isCreate ? (
|
||||||
>
|
<div className="admin-form-row">
|
||||||
<div className="admin-modal-header">
|
<div className="admin-form-group">
|
||||||
<h2 className="admin-modal-title">
|
<label className="admin-form-label required">Zaměstnanec</label>
|
||||||
{isCreate ? "Přidat záznam docházky" : "Upravit docházku"}
|
<select
|
||||||
</h2>
|
value={form.user_id}
|
||||||
{!isCreate && editingRecord && (
|
onChange={(e) => updateField("user_id", e.target.value)}
|
||||||
<p
|
className="admin-form-select"
|
||||||
style={{
|
>
|
||||||
color: "var(--text-secondary)",
|
<option value="">Vyberte zaměstnance</option>
|
||||||
marginTop: "0.25rem",
|
{users.map((user) => (
|
||||||
}}
|
<option key={user.id} value={user.id}>
|
||||||
>
|
{user.name}
|
||||||
{editingRecord.user_name} —{" "}
|
</option>
|
||||||
{formatDate(editingRecord.shift_date)}
|
))}
|
||||||
</p>
|
</select>
|
||||||
)}
|
|
||||||
</div>
|
</div>
|
||||||
|
<div className="admin-form-group">
|
||||||
|
<label className="admin-form-label required">Datum směny</label>
|
||||||
|
<AdminDatePicker
|
||||||
|
mode="date"
|
||||||
|
value={form.shift_date}
|
||||||
|
onChange={(val) => onShiftDateChange(val)}
|
||||||
|
/>
|
||||||
|
</div>
|
||||||
|
</div>
|
||||||
|
) : (
|
||||||
|
<div className="admin-form-group">
|
||||||
|
<label className="admin-form-label">Datum směny</label>
|
||||||
|
<AdminDatePicker
|
||||||
|
mode="date"
|
||||||
|
value={form.shift_date}
|
||||||
|
onChange={(val) => updateField("shift_date", val)}
|
||||||
|
/>
|
||||||
|
</div>
|
||||||
|
)}
|
||||||
|
|
||||||
<div className="admin-modal-body">
|
<div className="admin-form-group">
|
||||||
<div className="admin-form">
|
<label className="admin-form-label">Typ záznamu</label>
|
||||||
{isCreate ? (
|
<select
|
||||||
<div className="admin-form-row">
|
value={form.leave_type}
|
||||||
<div className="admin-form-group">
|
onChange={(e) => updateField("leave_type", e.target.value)}
|
||||||
<label className="admin-form-label required">
|
className="admin-form-select"
|
||||||
Zaměstnanec
|
>
|
||||||
</label>
|
<option value="work">Práce</option>
|
||||||
<select
|
<option value="vacation">Dovolená</option>
|
||||||
value={form.user_id}
|
<option value="sick">Nemoc</option>
|
||||||
onChange={(e) => updateField("user_id", e.target.value)}
|
<option value="unpaid">Neplacené volno</option>
|
||||||
className="admin-form-select"
|
</select>
|
||||||
>
|
</div>
|
||||||
<option value="">Vyberte zaměstnance</option>
|
|
||||||
{users.map((user) => (
|
|
||||||
<option key={user.id} value={user.id}>
|
|
||||||
{user.name}
|
|
||||||
</option>
|
|
||||||
))}
|
|
||||||
</select>
|
|
||||||
</div>
|
|
||||||
<div className="admin-form-group">
|
|
||||||
<label className="admin-form-label required">
|
|
||||||
Datum směny
|
|
||||||
</label>
|
|
||||||
<AdminDatePicker
|
|
||||||
mode="date"
|
|
||||||
value={form.shift_date}
|
|
||||||
onChange={(val) => onShiftDateChange(val)}
|
|
||||||
/>
|
|
||||||
</div>
|
|
||||||
</div>
|
|
||||||
) : (
|
|
||||||
<div className="admin-form-group">
|
|
||||||
<label className="admin-form-label">Datum směny</label>
|
|
||||||
<AdminDatePicker
|
|
||||||
mode="date"
|
|
||||||
value={form.shift_date}
|
|
||||||
onChange={(val) => updateField("shift_date", val)}
|
|
||||||
/>
|
|
||||||
</div>
|
|
||||||
)}
|
|
||||||
|
|
||||||
<div className="admin-form-group">
|
{!isWorkType && (
|
||||||
<label className="admin-form-label">Typ záznamu</label>
|
<div className="admin-form-group">
|
||||||
<select
|
<label className="admin-form-label">Počet hodin</label>
|
||||||
value={form.leave_type}
|
<input
|
||||||
onChange={(e) => updateField("leave_type", e.target.value)}
|
type="number"
|
||||||
className="admin-form-select"
|
inputMode="decimal"
|
||||||
>
|
value={form.leave_hours}
|
||||||
<option value="work">Práce</option>
|
onChange={(e) =>
|
||||||
<option value="vacation">Dovolená</option>
|
updateField("leave_hours", parseFloat(e.target.value))
|
||||||
<option value="sick">Nemoc</option>
|
}
|
||||||
<option value="holiday">Svátek</option>
|
min="0.5"
|
||||||
<option value="unpaid">Neplacené volno</option>
|
max="24"
|
||||||
</select>
|
step="0.5"
|
||||||
</div>
|
className="admin-form-input"
|
||||||
|
/>
|
||||||
|
{isCreate && (
|
||||||
|
<small className="admin-form-hint">8 hodin = celý den</small>
|
||||||
|
)}
|
||||||
|
</div>
|
||||||
|
)}
|
||||||
|
|
||||||
{!isWorkType && (
|
{isWorkType && (
|
||||||
<div className="admin-form-group">
|
<>
|
||||||
<label className="admin-form-label">Počet hodin</label>
|
<div className="admin-form-row">
|
||||||
<input
|
<div className="admin-form-group">
|
||||||
type="number"
|
<label className="admin-form-label">Příchod - datum</label>
|
||||||
inputMode="decimal"
|
<AdminDatePicker
|
||||||
value={form.leave_hours}
|
mode="date"
|
||||||
onChange={(e) =>
|
value={form.arrival_date}
|
||||||
updateField("leave_hours", parseFloat(e.target.value))
|
onChange={(val) => updateField("arrival_date", val)}
|
||||||
}
|
/>
|
||||||
min="0.5"
|
</div>
|
||||||
max="24"
|
<div className="admin-form-group">
|
||||||
step="0.5"
|
<label className="admin-form-label">Příchod - čas</label>
|
||||||
className="admin-form-input"
|
<AdminDatePicker
|
||||||
/>
|
mode="time"
|
||||||
{isCreate && (
|
value={form.arrival_time}
|
||||||
<small className="admin-form-hint">
|
onChange={(val) => updateField("arrival_time", val)}
|
||||||
8 hodin = celý den
|
/>
|
||||||
</small>
|
|
||||||
)}
|
|
||||||
</div>
|
|
||||||
)}
|
|
||||||
|
|
||||||
{isWorkType && (
|
|
||||||
<>
|
|
||||||
<div className="admin-form-row">
|
|
||||||
<div className="admin-form-group">
|
|
||||||
<label className="admin-form-label">
|
|
||||||
Příchod - datum
|
|
||||||
</label>
|
|
||||||
<AdminDatePicker
|
|
||||||
mode="date"
|
|
||||||
value={form.arrival_date}
|
|
||||||
onChange={(val) => updateField("arrival_date", val)}
|
|
||||||
/>
|
|
||||||
</div>
|
|
||||||
<div className="admin-form-group">
|
|
||||||
<label className="admin-form-label">
|
|
||||||
Příchod - čas
|
|
||||||
</label>
|
|
||||||
<AdminDatePicker
|
|
||||||
mode="time"
|
|
||||||
value={form.arrival_time}
|
|
||||||
onChange={(val) => updateField("arrival_time", val)}
|
|
||||||
/>
|
|
||||||
</div>
|
|
||||||
</div>
|
|
||||||
|
|
||||||
<div className="admin-form-row">
|
|
||||||
<div className="admin-form-group">
|
|
||||||
<label className="admin-form-label">
|
|
||||||
Začátek pauzy - datum
|
|
||||||
</label>
|
|
||||||
<AdminDatePicker
|
|
||||||
mode="date"
|
|
||||||
value={form.break_start_date}
|
|
||||||
onChange={(val) =>
|
|
||||||
updateField("break_start_date", val)
|
|
||||||
}
|
|
||||||
/>
|
|
||||||
</div>
|
|
||||||
<div className="admin-form-group">
|
|
||||||
<label className="admin-form-label">
|
|
||||||
Začátek pauzy - čas
|
|
||||||
</label>
|
|
||||||
<AdminDatePicker
|
|
||||||
mode="time"
|
|
||||||
value={form.break_start_time}
|
|
||||||
onChange={(val) =>
|
|
||||||
updateField("break_start_time", val)
|
|
||||||
}
|
|
||||||
/>
|
|
||||||
</div>
|
|
||||||
</div>
|
|
||||||
|
|
||||||
<div className="admin-form-row">
|
|
||||||
<div className="admin-form-group">
|
|
||||||
<label className="admin-form-label">
|
|
||||||
Konec pauzy - datum
|
|
||||||
</label>
|
|
||||||
<AdminDatePicker
|
|
||||||
mode="date"
|
|
||||||
value={form.break_end_date}
|
|
||||||
onChange={(val) => updateField("break_end_date", val)}
|
|
||||||
/>
|
|
||||||
</div>
|
|
||||||
<div className="admin-form-group">
|
|
||||||
<label className="admin-form-label">
|
|
||||||
Konec pauzy - čas
|
|
||||||
</label>
|
|
||||||
<AdminDatePicker
|
|
||||||
mode="time"
|
|
||||||
value={form.break_end_time}
|
|
||||||
onChange={(val) => updateField("break_end_time", val)}
|
|
||||||
/>
|
|
||||||
</div>
|
|
||||||
</div>
|
|
||||||
|
|
||||||
<div className="admin-form-row">
|
|
||||||
<div className="admin-form-group">
|
|
||||||
<label className="admin-form-label">
|
|
||||||
Odchod - datum
|
|
||||||
</label>
|
|
||||||
<AdminDatePicker
|
|
||||||
mode="date"
|
|
||||||
value={form.departure_date}
|
|
||||||
onChange={(val) => updateField("departure_date", val)}
|
|
||||||
/>
|
|
||||||
</div>
|
|
||||||
<div className="admin-form-group">
|
|
||||||
<label className="admin-form-label">Odchod - čas</label>
|
|
||||||
<AdminDatePicker
|
|
||||||
mode="time"
|
|
||||||
value={form.departure_time}
|
|
||||||
onChange={(val) => updateField("departure_time", val)}
|
|
||||||
/>
|
|
||||||
</div>
|
|
||||||
</div>
|
|
||||||
</>
|
|
||||||
)}
|
|
||||||
|
|
||||||
{isWorkType && projectList.length > 0 && (
|
|
||||||
<div className="admin-form-group">
|
|
||||||
<label className="admin-form-label">Projekty</label>
|
|
||||||
<ProjectTimeStatus form={form} projectLogs={projectLogs} />
|
|
||||||
{projectLogs.map((log, i) => (
|
|
||||||
<ProjectLogRow
|
|
||||||
key={log._key || i}
|
|
||||||
log={log}
|
|
||||||
index={i}
|
|
||||||
projectList={projectList}
|
|
||||||
onUpdate={updateProjectLog}
|
|
||||||
onRemove={removeProjectLog}
|
|
||||||
/>
|
|
||||||
))}
|
|
||||||
<button
|
|
||||||
type="button"
|
|
||||||
onClick={addProjectLog}
|
|
||||||
className="admin-btn admin-btn-secondary admin-btn-sm"
|
|
||||||
>
|
|
||||||
+ Přidat projekt
|
|
||||||
</button>
|
|
||||||
</div>
|
|
||||||
)}
|
|
||||||
|
|
||||||
<div className="admin-form-group">
|
|
||||||
<label className="admin-form-label">Poznámka</label>
|
|
||||||
<textarea
|
|
||||||
value={form.notes}
|
|
||||||
onChange={(e) => updateField("notes", e.target.value)}
|
|
||||||
className="admin-form-textarea"
|
|
||||||
rows={3}
|
|
||||||
/>
|
|
||||||
</div>
|
|
||||||
</div>
|
</div>
|
||||||
</div>
|
</div>
|
||||||
|
|
||||||
<div className="admin-modal-footer">
|
<div className="admin-form-row">
|
||||||
<button
|
<div className="admin-form-group">
|
||||||
type="button"
|
<label className="admin-form-label">
|
||||||
onClick={onClose}
|
Začátek pauzy - datum
|
||||||
className="admin-btn admin-btn-secondary"
|
</label>
|
||||||
>
|
<AdminDatePicker
|
||||||
Zrušit
|
mode="date"
|
||||||
</button>
|
value={form.break_start_date}
|
||||||
<button
|
onChange={(val) => updateField("break_start_date", val)}
|
||||||
type="button"
|
/>
|
||||||
onClick={onSubmit}
|
</div>
|
||||||
className="admin-btn admin-btn-primary"
|
<div className="admin-form-group">
|
||||||
>
|
<label className="admin-form-label">Začátek pauzy - čas</label>
|
||||||
Uložit
|
<AdminDatePicker
|
||||||
</button>
|
mode="time"
|
||||||
|
value={form.break_start_time}
|
||||||
|
onChange={(val) => updateField("break_start_time", val)}
|
||||||
|
/>
|
||||||
|
</div>
|
||||||
</div>
|
</div>
|
||||||
</motion.div>
|
|
||||||
</motion.div>
|
<div className="admin-form-row">
|
||||||
)}
|
<div className="admin-form-group">
|
||||||
</AnimatePresence>
|
<label className="admin-form-label">Konec pauzy - datum</label>
|
||||||
|
<AdminDatePicker
|
||||||
|
mode="date"
|
||||||
|
value={form.break_end_date}
|
||||||
|
onChange={(val) => updateField("break_end_date", val)}
|
||||||
|
/>
|
||||||
|
</div>
|
||||||
|
<div className="admin-form-group">
|
||||||
|
<label className="admin-form-label">Konec pauzy - čas</label>
|
||||||
|
<AdminDatePicker
|
||||||
|
mode="time"
|
||||||
|
value={form.break_end_time}
|
||||||
|
onChange={(val) => updateField("break_end_time", val)}
|
||||||
|
/>
|
||||||
|
</div>
|
||||||
|
</div>
|
||||||
|
|
||||||
|
<div className="admin-form-row">
|
||||||
|
<div className="admin-form-group">
|
||||||
|
<label className="admin-form-label">Odchod - datum</label>
|
||||||
|
<AdminDatePicker
|
||||||
|
mode="date"
|
||||||
|
value={form.departure_date}
|
||||||
|
onChange={(val) => updateField("departure_date", val)}
|
||||||
|
/>
|
||||||
|
</div>
|
||||||
|
<div className="admin-form-group">
|
||||||
|
<label className="admin-form-label">Odchod - čas</label>
|
||||||
|
<AdminDatePicker
|
||||||
|
mode="time"
|
||||||
|
value={form.departure_time}
|
||||||
|
onChange={(val) => updateField("departure_time", val)}
|
||||||
|
/>
|
||||||
|
</div>
|
||||||
|
</div>
|
||||||
|
</>
|
||||||
|
)}
|
||||||
|
|
||||||
|
{isWorkType && projectList.length > 0 && (
|
||||||
|
<div className="admin-form-group">
|
||||||
|
<label className="admin-form-label">Projekty</label>
|
||||||
|
<ProjectTimeStatus form={form} projectLogs={projectLogs} />
|
||||||
|
{projectLogs.map((log, i) => (
|
||||||
|
<ProjectLogRow
|
||||||
|
key={log._key || i}
|
||||||
|
log={log}
|
||||||
|
index={i}
|
||||||
|
projectList={projectList}
|
||||||
|
onUpdate={updateProjectLog}
|
||||||
|
onRemove={removeProjectLog}
|
||||||
|
/>
|
||||||
|
))}
|
||||||
|
<button
|
||||||
|
type="button"
|
||||||
|
onClick={addProjectLog}
|
||||||
|
className="admin-btn admin-btn-secondary admin-btn-sm"
|
||||||
|
>
|
||||||
|
+ Přidat projekt
|
||||||
|
</button>
|
||||||
|
</div>
|
||||||
|
)}
|
||||||
|
|
||||||
|
<div className="admin-form-group">
|
||||||
|
<label className="admin-form-label">Poznámka</label>
|
||||||
|
<textarea
|
||||||
|
value={form.notes}
|
||||||
|
onChange={(e) => updateField("notes", e.target.value)}
|
||||||
|
className="admin-form-textarea"
|
||||||
|
rows={3}
|
||||||
|
/>
|
||||||
|
</div>
|
||||||
|
</div>
|
||||||
|
</FormModal>
|
||||||
);
|
);
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -116,7 +116,7 @@ const menuSections: MenuSection[] = [
|
|||||||
{
|
{
|
||||||
path: "/attendance/admin",
|
path: "/attendance/admin",
|
||||||
label: "Správa",
|
label: "Správa",
|
||||||
permission: "attendance.admin",
|
permission: "attendance.manage",
|
||||||
matchPrefix: "/attendance/admin",
|
matchPrefix: "/attendance/admin",
|
||||||
matchAlso: ["/attendance/create", "/attendance/location"],
|
matchAlso: ["/attendance/create", "/attendance/location"],
|
||||||
icon: (
|
icon: (
|
||||||
@@ -155,6 +155,26 @@ const menuSections: MenuSection[] = [
|
|||||||
</svg>
|
</svg>
|
||||||
),
|
),
|
||||||
},
|
},
|
||||||
|
{
|
||||||
|
path: "/plan-work",
|
||||||
|
label: "Plán prací",
|
||||||
|
permission: ["attendance.manage", "attendance.record"],
|
||||||
|
icon: (
|
||||||
|
<svg
|
||||||
|
viewBox="0 0 24 24"
|
||||||
|
fill="none"
|
||||||
|
stroke="currentColor"
|
||||||
|
strokeWidth="2"
|
||||||
|
strokeLinecap="round"
|
||||||
|
strokeLinejoin="round"
|
||||||
|
>
|
||||||
|
<rect x="3" y="4" width="18" height="18" rx="2" />
|
||||||
|
<line x1="16" y1="2" x2="16" y2="6" />
|
||||||
|
<line x1="8" y1="2" x2="8" y2="6" />
|
||||||
|
<line x1="3" y1="10" x2="21" y2="10" />
|
||||||
|
</svg>
|
||||||
|
),
|
||||||
|
},
|
||||||
],
|
],
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
@@ -198,7 +218,7 @@ const menuSections: MenuSection[] = [
|
|||||||
{
|
{
|
||||||
path: "/trips/admin",
|
path: "/trips/admin",
|
||||||
label: "Správa",
|
label: "Správa",
|
||||||
permission: "trips.admin",
|
permission: "trips.manage",
|
||||||
icon: (
|
icon: (
|
||||||
<svg
|
<svg
|
||||||
viewBox="0 0 24 24"
|
viewBox="0 0 24 24"
|
||||||
@@ -221,7 +241,7 @@ const menuSections: MenuSection[] = [
|
|||||||
{
|
{
|
||||||
path: "/vehicles",
|
path: "/vehicles",
|
||||||
label: "Vozidla",
|
label: "Vozidla",
|
||||||
permission: "trips.vehicles",
|
permission: "vehicles.manage",
|
||||||
icon: (
|
icon: (
|
||||||
<svg
|
<svg
|
||||||
viewBox="0 0 24 24"
|
viewBox="0 0 24 24"
|
||||||
@@ -315,7 +335,202 @@ const menuSections: MenuSection[] = [
|
|||||||
{
|
{
|
||||||
path: "/offers/customers",
|
path: "/offers/customers",
|
||||||
label: "Zákazníci",
|
label: "Zákazníci",
|
||||||
permission: "offers.view",
|
permission: "customers.view",
|
||||||
|
icon: (
|
||||||
|
<svg
|
||||||
|
viewBox="0 0 24 24"
|
||||||
|
fill="none"
|
||||||
|
stroke="currentColor"
|
||||||
|
strokeWidth="2"
|
||||||
|
>
|
||||||
|
<path d="M17 21v-2a4 4 0 0 0-4-4H5a4 4 0 0 0-4 4v2" />
|
||||||
|
<circle cx="9" cy="7" r="4" />
|
||||||
|
<path d="M23 21v-2a4 4 0 0 0-3-3.87" />
|
||||||
|
<path d="M16 3.13a4 4 0 0 1 0 7.75" />
|
||||||
|
</svg>
|
||||||
|
),
|
||||||
|
},
|
||||||
|
],
|
||||||
|
},
|
||||||
|
{
|
||||||
|
label: "Sklad",
|
||||||
|
items: [
|
||||||
|
{
|
||||||
|
path: "/warehouse",
|
||||||
|
label: "Přehled",
|
||||||
|
permission: "warehouse.view",
|
||||||
|
end: true,
|
||||||
|
icon: (
|
||||||
|
<svg
|
||||||
|
viewBox="0 0 24 24"
|
||||||
|
fill="none"
|
||||||
|
stroke="currentColor"
|
||||||
|
strokeWidth="2"
|
||||||
|
strokeLinecap="round"
|
||||||
|
strokeLinejoin="round"
|
||||||
|
>
|
||||||
|
<path d="M21 16V8a2 2 0 0 0-1-1.73l-7-4a2 2 0 0 0-2 0l-7 4A2 2 0 0 0 3 8v8a2 2 0 0 0 1 1.73l7 4a2 2 0 0 0 2 0l7-4A2 2 0 0 0 21 16z" />
|
||||||
|
<polyline points="3.27 6.96 12 12.01 20.73 6.96" />
|
||||||
|
<line x1="12" y1="22.08" x2="12" y2="12" />
|
||||||
|
</svg>
|
||||||
|
),
|
||||||
|
},
|
||||||
|
{
|
||||||
|
path: "/warehouse/items",
|
||||||
|
label: "Položky",
|
||||||
|
permission: "warehouse.view",
|
||||||
|
matchPrefix: "/warehouse/items",
|
||||||
|
icon: (
|
||||||
|
<svg
|
||||||
|
viewBox="0 0 24 24"
|
||||||
|
fill="none"
|
||||||
|
stroke="currentColor"
|
||||||
|
strokeWidth="2"
|
||||||
|
>
|
||||||
|
<path d="M21 16V8a2 2 0 0 0-1-1.73l-7-4a2 2 0 0 0-2 0l-7 4A2 2 0 0 0 3 8v8a2 2 0 0 0 1 1.73l7 4a2 2 0 0 0 2 0l7-4A2 2 0 0 0 21 16z" />
|
||||||
|
<polyline points="3.27 6.96 12 12.01 20.73 6.96" />
|
||||||
|
<line x1="12" y1="22.08" x2="12" y2="12" />
|
||||||
|
</svg>
|
||||||
|
),
|
||||||
|
},
|
||||||
|
{
|
||||||
|
path: "/warehouse/receipts",
|
||||||
|
label: "Příjmy",
|
||||||
|
permission: "warehouse.operate",
|
||||||
|
matchPrefix: "/warehouse/receipts",
|
||||||
|
icon: (
|
||||||
|
<svg
|
||||||
|
viewBox="0 0 24 24"
|
||||||
|
fill="none"
|
||||||
|
stroke="currentColor"
|
||||||
|
strokeWidth="2"
|
||||||
|
>
|
||||||
|
<polyline points="17 11 12 6 7 11" />
|
||||||
|
<line x1="12" y1="6" x2="12" y2="18" />
|
||||||
|
<path d="M5 19h14" />
|
||||||
|
</svg>
|
||||||
|
),
|
||||||
|
},
|
||||||
|
{
|
||||||
|
path: "/warehouse/issues",
|
||||||
|
label: "Výdeje",
|
||||||
|
permission: "warehouse.operate",
|
||||||
|
matchPrefix: "/warehouse/issues",
|
||||||
|
icon: (
|
||||||
|
<svg
|
||||||
|
viewBox="0 0 24 24"
|
||||||
|
fill="none"
|
||||||
|
stroke="currentColor"
|
||||||
|
strokeWidth="2"
|
||||||
|
>
|
||||||
|
<polyline points="7 13 12 18 17 13" />
|
||||||
|
<line x1="12" y1="18" x2="12" y2="6" />
|
||||||
|
<path d="M5 5h14" />
|
||||||
|
</svg>
|
||||||
|
),
|
||||||
|
},
|
||||||
|
{
|
||||||
|
path: "/warehouse/reservations",
|
||||||
|
label: "Rezervace",
|
||||||
|
permission: "warehouse.operate",
|
||||||
|
matchPrefix: "/warehouse/reservations",
|
||||||
|
icon: (
|
||||||
|
<svg
|
||||||
|
viewBox="0 0 24 24"
|
||||||
|
fill="none"
|
||||||
|
stroke="currentColor"
|
||||||
|
strokeWidth="2"
|
||||||
|
>
|
||||||
|
<path d="M16 21v-2a4 4 0 0 0-4-4H6a4 4 0 0 0-4 4v2" />
|
||||||
|
<circle cx="9" cy="7" r="4" />
|
||||||
|
<line x1="19" y1="8" x2="19" y2="14" />
|
||||||
|
<line x1="22" y1="11" x2="16" y2="11" />
|
||||||
|
</svg>
|
||||||
|
),
|
||||||
|
},
|
||||||
|
{
|
||||||
|
path: "/warehouse/inventory",
|
||||||
|
label: "Inventura",
|
||||||
|
permission: "warehouse.inventory",
|
||||||
|
matchPrefix: "/warehouse/inventory",
|
||||||
|
icon: (
|
||||||
|
<svg
|
||||||
|
viewBox="0 0 24 24"
|
||||||
|
fill="none"
|
||||||
|
stroke="currentColor"
|
||||||
|
strokeWidth="2"
|
||||||
|
>
|
||||||
|
<path d="M9 11l3 3L22 4" />
|
||||||
|
<path d="M21 12v7a2 2 0 0 1-2 2H5a2 2 0 0 1-2-2V5a2 2 0 0 1 2-2h11" />
|
||||||
|
</svg>
|
||||||
|
),
|
||||||
|
},
|
||||||
|
{
|
||||||
|
path: "/warehouse/reports",
|
||||||
|
label: "Reporty",
|
||||||
|
permission: "warehouse.view",
|
||||||
|
end: true,
|
||||||
|
icon: (
|
||||||
|
<svg
|
||||||
|
viewBox="0 0 24 24"
|
||||||
|
fill="none"
|
||||||
|
stroke="currentColor"
|
||||||
|
strokeWidth="2"
|
||||||
|
>
|
||||||
|
<line x1="18" y1="20" x2="18" y2="10" />
|
||||||
|
<line x1="12" y1="20" x2="12" y2="4" />
|
||||||
|
<line x1="6" y1="20" x2="6" y2="14" />
|
||||||
|
</svg>
|
||||||
|
),
|
||||||
|
},
|
||||||
|
{
|
||||||
|
path: "/warehouse/categories",
|
||||||
|
label: "Kategorie",
|
||||||
|
permission: "warehouse.manage",
|
||||||
|
matchPrefix: "/warehouse/categories",
|
||||||
|
icon: (
|
||||||
|
<svg
|
||||||
|
viewBox="0 0 24 24"
|
||||||
|
fill="none"
|
||||||
|
stroke="currentColor"
|
||||||
|
strokeWidth="2"
|
||||||
|
>
|
||||||
|
<line x1="4" y1="21" x2="4" y2="14" />
|
||||||
|
<line x1="4" y1="10" x2="4" y2="3" />
|
||||||
|
<line x1="12" y1="21" x2="12" y2="12" />
|
||||||
|
<line x1="12" y1="8" x2="12" y2="3" />
|
||||||
|
<line x1="20" y1="21" x2="20" y2="16" />
|
||||||
|
<line x1="20" y1="12" x2="20" y2="3" />
|
||||||
|
<line x1="1" y1="14" x2="7" y2="14" />
|
||||||
|
<line x1="9" y1="8" x2="15" y2="8" />
|
||||||
|
<line x1="17" y1="16" x2="23" y2="16" />
|
||||||
|
</svg>
|
||||||
|
),
|
||||||
|
},
|
||||||
|
{
|
||||||
|
path: "/warehouse/locations",
|
||||||
|
label: "Lokace",
|
||||||
|
permission: "warehouse.manage",
|
||||||
|
matchPrefix: "/warehouse/locations",
|
||||||
|
icon: (
|
||||||
|
<svg
|
||||||
|
viewBox="0 0 24 24"
|
||||||
|
fill="none"
|
||||||
|
stroke="currentColor"
|
||||||
|
strokeWidth="2"
|
||||||
|
>
|
||||||
|
<rect x="3" y="3" width="7" height="7" rx="1" />
|
||||||
|
<rect x="14" y="3" width="7" height="7" rx="1" />
|
||||||
|
<rect x="3" y="14" width="7" height="7" rx="1" />
|
||||||
|
<rect x="14" y="14" width="7" height="7" rx="1" />
|
||||||
|
</svg>
|
||||||
|
),
|
||||||
|
},
|
||||||
|
{
|
||||||
|
path: "/warehouse/suppliers",
|
||||||
|
label: "Dodavatelé",
|
||||||
|
permission: "warehouse.manage",
|
||||||
|
matchPrefix: "/warehouse/suppliers",
|
||||||
icon: (
|
icon: (
|
||||||
<svg
|
<svg
|
||||||
viewBox="0 0 24 24"
|
viewBox="0 0 24 24"
|
||||||
@@ -356,7 +571,13 @@ const menuSections: MenuSection[] = [
|
|||||||
{
|
{
|
||||||
path: "/settings",
|
path: "/settings",
|
||||||
label: "Nastavení",
|
label: "Nastavení",
|
||||||
permission: "settings.manage",
|
permission: [
|
||||||
|
"settings.company",
|
||||||
|
"settings.banking",
|
||||||
|
"settings.roles",
|
||||||
|
"settings.system",
|
||||||
|
"settings.templates",
|
||||||
|
],
|
||||||
icon: (
|
icon: (
|
||||||
<svg
|
<svg
|
||||||
viewBox="0 0 24 24"
|
viewBox="0 0 24 24"
|
||||||
|
|||||||
@@ -1,9 +1,9 @@
|
|||||||
import { useState, useRef } from "react";
|
import { useState, useRef } from "react";
|
||||||
import { motion, AnimatePresence } from "framer-motion";
|
import { motion } from "framer-motion";
|
||||||
import { useAuth } from "../../context/AuthContext";
|
import { useAuth } from "../../context/AuthContext";
|
||||||
import { useAlert } from "../../context/AlertContext";
|
import { useAlert } from "../../context/AlertContext";
|
||||||
import useModalLock from "../../hooks/useModalLock";
|
|
||||||
import apiFetch from "../../utils/api";
|
import apiFetch from "../../utils/api";
|
||||||
|
import FormModal from "../FormModal";
|
||||||
|
|
||||||
const API_BASE = "/api/admin";
|
const API_BASE = "/api/admin";
|
||||||
|
|
||||||
@@ -71,8 +71,6 @@ export default function DashProfile({
|
|||||||
last_name: "",
|
last_name: "",
|
||||||
});
|
});
|
||||||
|
|
||||||
useModalLock(showModal);
|
|
||||||
|
|
||||||
const openEditModal = () => {
|
const openEditModal = () => {
|
||||||
const nameParts = (user?.fullName || "").split(" ");
|
const nameParts = (user?.fullName || "").split(" ");
|
||||||
setFormData({
|
setFormData({
|
||||||
@@ -89,6 +87,21 @@ export default function DashProfile({
|
|||||||
const handleSubmit = async (e?: React.FormEvent) => {
|
const handleSubmit = async (e?: React.FormEvent) => {
|
||||||
e?.preventDefault();
|
e?.preventDefault();
|
||||||
const dataToSave = { ...formData };
|
const dataToSave = { ...formData };
|
||||||
|
|
||||||
|
if (dataToSave.new_password && !dataToSave.current_password) {
|
||||||
|
alert.error("Pro změnu hesla zadejte aktuální heslo");
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
if (dataToSave.current_password && !dataToSave.new_password) {
|
||||||
|
alert.error("Pro změnu hesla zadejte nové heslo");
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
|
||||||
|
// Strip empty password fields so Zod doesn't reject ""
|
||||||
|
if (!dataToSave.current_password)
|
||||||
|
delete (dataToSave as any).current_password;
|
||||||
|
if (!dataToSave.new_password) delete (dataToSave as any).new_password;
|
||||||
|
|
||||||
try {
|
try {
|
||||||
const response = await apiFetch(`${API_BASE}/profile`, {
|
const response = await apiFetch(`${API_BASE}/profile`, {
|
||||||
method: "PUT",
|
method: "PUT",
|
||||||
@@ -246,485 +259,367 @@ export default function DashProfile({
|
|||||||
</motion.div>
|
</motion.div>
|
||||||
|
|
||||||
{/* Edit Profile Modal */}
|
{/* Edit Profile Modal */}
|
||||||
<AnimatePresence>
|
<FormModal
|
||||||
{showModal && (
|
isOpen={showModal}
|
||||||
<motion.div
|
onClose={() => setShowModal(false)}
|
||||||
className="admin-modal-overlay"
|
title="Upravit profil"
|
||||||
initial={{ opacity: 0 }}
|
size="md"
|
||||||
animate={{ opacity: 1 }}
|
onSubmit={handleSubmit}
|
||||||
exit={{ opacity: 0 }}
|
submitLabel="Uložit změny"
|
||||||
transition={{ duration: 0.2 }}
|
>
|
||||||
>
|
<div className="admin-form">
|
||||||
<div
|
<div className="admin-form-row">
|
||||||
className="admin-modal-backdrop"
|
<div className="admin-form-group">
|
||||||
onClick={() => setShowModal(false)}
|
<label className="admin-form-label">Jméno</label>
|
||||||
/>
|
<input
|
||||||
<motion.div
|
type="text"
|
||||||
className="admin-modal"
|
value={formData.first_name}
|
||||||
initial={{ opacity: 0, scale: 0.95, y: 20 }}
|
onChange={(e) =>
|
||||||
animate={{ opacity: 1, scale: 1, y: 0 }}
|
setFormData({
|
||||||
exit={{ opacity: 0, scale: 0.95, y: 20 }}
|
...formData,
|
||||||
transition={{ duration: 0.2 }}
|
first_name: e.target.value,
|
||||||
>
|
})
|
||||||
<div className="admin-modal-header">
|
|
||||||
<h2 className="admin-modal-title">Upravit profil</h2>
|
|
||||||
</div>
|
|
||||||
<div className="admin-modal-body">
|
|
||||||
<div className="admin-form">
|
|
||||||
<div className="admin-form-row">
|
|
||||||
<div className="admin-form-group">
|
|
||||||
<label className="admin-form-label">Jméno</label>
|
|
||||||
<input
|
|
||||||
type="text"
|
|
||||||
value={formData.first_name}
|
|
||||||
onChange={(e) =>
|
|
||||||
setFormData({
|
|
||||||
...formData,
|
|
||||||
first_name: e.target.value,
|
|
||||||
})
|
|
||||||
}
|
|
||||||
required
|
|
||||||
className="admin-form-input"
|
|
||||||
/>
|
|
||||||
</div>
|
|
||||||
<div className="admin-form-group">
|
|
||||||
<label className="admin-form-label">Příjmení</label>
|
|
||||||
<input
|
|
||||||
type="text"
|
|
||||||
value={formData.last_name}
|
|
||||||
onChange={(e) =>
|
|
||||||
setFormData({
|
|
||||||
...formData,
|
|
||||||
last_name: e.target.value,
|
|
||||||
})
|
|
||||||
}
|
|
||||||
required
|
|
||||||
className="admin-form-input"
|
|
||||||
/>
|
|
||||||
</div>
|
|
||||||
</div>
|
|
||||||
<div className="admin-form-group">
|
|
||||||
<label className="admin-form-label">
|
|
||||||
Uživatelské jméno
|
|
||||||
</label>
|
|
||||||
<input
|
|
||||||
type="text"
|
|
||||||
value={formData.username}
|
|
||||||
onChange={(e) =>
|
|
||||||
setFormData({ ...formData, username: e.target.value })
|
|
||||||
}
|
|
||||||
required
|
|
||||||
className="admin-form-input"
|
|
||||||
/>
|
|
||||||
</div>
|
|
||||||
<div className="admin-form-group">
|
|
||||||
<label className="admin-form-label">E-mail</label>
|
|
||||||
<input
|
|
||||||
type="email"
|
|
||||||
value={formData.email}
|
|
||||||
onChange={(e) =>
|
|
||||||
setFormData({ ...formData, email: e.target.value })
|
|
||||||
}
|
|
||||||
required
|
|
||||||
className="admin-form-input"
|
|
||||||
/>
|
|
||||||
</div>
|
|
||||||
<div className="admin-form-group">
|
|
||||||
<label className="admin-form-label">
|
|
||||||
Nové heslo (ponechte prázdné pro zachování stávajícího)
|
|
||||||
</label>
|
|
||||||
<input
|
|
||||||
type="password"
|
|
||||||
value={formData.new_password}
|
|
||||||
onChange={(e) =>
|
|
||||||
setFormData({
|
|
||||||
...formData,
|
|
||||||
new_password: e.target.value,
|
|
||||||
})
|
|
||||||
}
|
|
||||||
className="admin-form-input"
|
|
||||||
/>
|
|
||||||
</div>
|
|
||||||
{formData.new_password && (
|
|
||||||
<div className="admin-form-group">
|
|
||||||
<label className="admin-form-label required">
|
|
||||||
Aktuální heslo
|
|
||||||
</label>
|
|
||||||
<input
|
|
||||||
type="password"
|
|
||||||
value={formData.current_password}
|
|
||||||
onChange={(e) =>
|
|
||||||
setFormData({
|
|
||||||
...formData,
|
|
||||||
current_password: e.target.value,
|
|
||||||
})
|
|
||||||
}
|
|
||||||
className="admin-form-input"
|
|
||||||
placeholder="Zadejte aktuální heslo pro potvrzení"
|
|
||||||
/>
|
|
||||||
</div>
|
|
||||||
)}
|
|
||||||
</div>
|
|
||||||
</div>
|
|
||||||
<div className="admin-modal-footer">
|
|
||||||
<button
|
|
||||||
type="button"
|
|
||||||
onClick={() => setShowModal(false)}
|
|
||||||
className="admin-btn admin-btn-secondary"
|
|
||||||
>
|
|
||||||
Zrušit
|
|
||||||
</button>
|
|
||||||
<button
|
|
||||||
type="button"
|
|
||||||
onClick={handleSubmit}
|
|
||||||
className="admin-btn admin-btn-primary"
|
|
||||||
>
|
|
||||||
Uložit změny
|
|
||||||
</button>
|
|
||||||
</div>
|
|
||||||
</motion.div>
|
|
||||||
</motion.div>
|
|
||||||
)}
|
|
||||||
</AnimatePresence>
|
|
||||||
|
|
||||||
{/* 2FA Setup Modal */}
|
|
||||||
<AnimatePresence>
|
|
||||||
{show2FASetup && (
|
|
||||||
<motion.div
|
|
||||||
className="admin-modal-overlay"
|
|
||||||
initial={{ opacity: 0 }}
|
|
||||||
animate={{ opacity: 1 }}
|
|
||||||
exit={{ opacity: 0 }}
|
|
||||||
transition={{ duration: 0.2 }}
|
|
||||||
>
|
|
||||||
<div
|
|
||||||
className="admin-modal-backdrop"
|
|
||||||
onClick={() => {
|
|
||||||
if (!backupCodes) {
|
|
||||||
setShow2FASetup(false);
|
|
||||||
}
|
}
|
||||||
}}
|
required
|
||||||
|
className="admin-form-input"
|
||||||
|
/>
|
||||||
|
</div>
|
||||||
|
<div className="admin-form-group">
|
||||||
|
<label className="admin-form-label">Příjmení</label>
|
||||||
|
<input
|
||||||
|
type="text"
|
||||||
|
value={formData.last_name}
|
||||||
|
onChange={(e) =>
|
||||||
|
setFormData({
|
||||||
|
...formData,
|
||||||
|
last_name: e.target.value,
|
||||||
|
})
|
||||||
|
}
|
||||||
|
required
|
||||||
|
className="admin-form-input"
|
||||||
|
/>
|
||||||
|
</div>
|
||||||
|
</div>
|
||||||
|
<div className="admin-form-group">
|
||||||
|
<label className="admin-form-label">Uživatelské jméno</label>
|
||||||
|
<input
|
||||||
|
type="text"
|
||||||
|
value={formData.username}
|
||||||
|
onChange={(e) =>
|
||||||
|
setFormData({ ...formData, username: e.target.value })
|
||||||
|
}
|
||||||
|
required
|
||||||
|
className="admin-form-input"
|
||||||
/>
|
/>
|
||||||
<motion.div
|
</div>
|
||||||
className="admin-modal"
|
<div className="admin-form-group">
|
||||||
initial={{ opacity: 0, scale: 0.95, y: 20 }}
|
<label className="admin-form-label">E-mail</label>
|
||||||
animate={{ opacity: 1, scale: 1, y: 0 }}
|
<input
|
||||||
exit={{ opacity: 0, scale: 0.95, y: 20 }}
|
type="email"
|
||||||
transition={{ duration: 0.2 }}
|
value={formData.email}
|
||||||
>
|
onChange={(e) =>
|
||||||
<div className="admin-modal-header">
|
setFormData({ ...formData, email: e.target.value })
|
||||||
<h2 className="admin-modal-title">
|
}
|
||||||
{backupCodes ? "Záložní kódy" : "Nastavení 2FA"}
|
required
|
||||||
</h2>
|
className="admin-form-input"
|
||||||
</div>
|
/>
|
||||||
<div className="admin-modal-body">
|
</div>
|
||||||
{backupCodes ? (
|
<div className="admin-form-group">
|
||||||
<div>
|
<label className="admin-form-label">Aktuální heslo</label>
|
||||||
<div className="admin-role-locked-notice mb-4">
|
<input
|
||||||
<svg
|
type="password"
|
||||||
width="16"
|
value={formData.current_password}
|
||||||
height="16"
|
onChange={(e) =>
|
||||||
viewBox="0 0 24 24"
|
setFormData({
|
||||||
fill="none"
|
...formData,
|
||||||
stroke="currentColor"
|
current_password: e.target.value,
|
||||||
strokeWidth="2"
|
})
|
||||||
>
|
}
|
||||||
<path d="M10.29 3.86L1.82 18a2 2 0 0 0 1.71 3h16.94a2 2 0 0 0 1.71-3L13.71 3.86a2 2 0 0 0-3.42 0z" />
|
className="admin-form-input"
|
||||||
<line x1="12" y1="9" x2="12" y2="13" />
|
placeholder="Pro změnu hesla, zadejte aktuální heslo"
|
||||||
<line x1="12" y1="17" x2="12.01" y2="17" />
|
/>
|
||||||
</svg>
|
</div>
|
||||||
Uložte si tyto kódy na bezpečné místo. Každý kód lze
|
<div className="admin-form-group">
|
||||||
použít pouze jednou. Po zavření tohoto okna je již
|
<label className="admin-form-label">Nové heslo</label>
|
||||||
neuvidíte.
|
<input
|
||||||
</div>
|
type="password"
|
||||||
<div
|
value={formData.new_password}
|
||||||
style={{
|
onChange={(e) =>
|
||||||
display: "grid",
|
setFormData({
|
||||||
gridTemplateColumns: "repeat(2, 1fr)",
|
...formData,
|
||||||
gap: "0.5rem",
|
new_password: e.target.value,
|
||||||
padding: "1rem",
|
})
|
||||||
background: "var(--bg-secondary)",
|
}
|
||||||
borderRadius: "0.5rem",
|
className="admin-form-input"
|
||||||
fontFamily: "monospace",
|
placeholder="Pro změnu hesla, zadejte nové heslo"
|
||||||
fontSize: "1rem",
|
/>
|
||||||
}}
|
</div>
|
||||||
>
|
</div>
|
||||||
{backupCodes.map((code) => (
|
</FormModal>
|
||||||
<div
|
|
||||||
key={code}
|
|
||||||
style={{
|
|
||||||
padding: "0.25rem 0.5rem",
|
|
||||||
textAlign: "center",
|
|
||||||
color: "var(--text-primary)",
|
|
||||||
}}
|
|
||||||
>
|
|
||||||
{code}
|
|
||||||
</div>
|
|
||||||
))}
|
|
||||||
</div>
|
|
||||||
<div style={{ marginTop: "0.75rem" }}>
|
|
||||||
<button
|
|
||||||
onClick={() => {
|
|
||||||
navigator.clipboard?.writeText(
|
|
||||||
backupCodes.join("\n"),
|
|
||||||
);
|
|
||||||
alert.success("Kódy zkopírovány");
|
|
||||||
}}
|
|
||||||
className="admin-btn admin-btn-secondary admin-btn-sm"
|
|
||||||
>
|
|
||||||
<svg
|
|
||||||
width="14"
|
|
||||||
height="14"
|
|
||||||
viewBox="0 0 24 24"
|
|
||||||
fill="none"
|
|
||||||
stroke="currentColor"
|
|
||||||
strokeWidth="2"
|
|
||||||
>
|
|
||||||
<rect
|
|
||||||
x="9"
|
|
||||||
y="9"
|
|
||||||
width="13"
|
|
||||||
height="13"
|
|
||||||
rx="2"
|
|
||||||
ry="2"
|
|
||||||
/>
|
|
||||||
<path d="M5 15H4a2 2 0 0 1-2-2V4a2 2 0 0 1 2-2h9a2 2 0 0 1 2 2v1" />
|
|
||||||
</svg>
|
|
||||||
Kopírovat kódy
|
|
||||||
</button>
|
|
||||||
</div>
|
|
||||||
</div>
|
|
||||||
) : (
|
|
||||||
<div>
|
|
||||||
<p
|
|
||||||
className="text-secondary"
|
|
||||||
style={{ fontSize: "0.875rem", marginBottom: "1rem" }}
|
|
||||||
>
|
|
||||||
Naskenujte QR kód v autentizační aplikaci (Google
|
|
||||||
Authenticator, Authy, Microsoft Authenticator apod.)
|
|
||||||
</p>
|
|
||||||
{totpQrUri && (
|
|
||||||
<div
|
|
||||||
style={{ textAlign: "center", marginBottom: "1rem" }}
|
|
||||||
>
|
|
||||||
<img
|
|
||||||
src={`https://api.qrserver.com/v1/create-qr-code/?size=200x200&data=${encodeURIComponent(totpQrUri)}`}
|
|
||||||
alt="TOTP QR Code"
|
|
||||||
style={{
|
|
||||||
width: 200,
|
|
||||||
height: 200,
|
|
||||||
borderRadius: "0.5rem",
|
|
||||||
border: "1px solid var(--border-color)",
|
|
||||||
}}
|
|
||||||
/>
|
|
||||||
</div>
|
|
||||||
)}
|
|
||||||
{totpSecret && (
|
|
||||||
<div className="mb-4">
|
|
||||||
<label
|
|
||||||
className="admin-form-label"
|
|
||||||
style={{ fontSize: "0.75rem" }}
|
|
||||||
>
|
|
||||||
Nebo zadejte klíč ručně:
|
|
||||||
</label>
|
|
||||||
<div
|
|
||||||
style={{
|
|
||||||
padding: "0.5rem 0.75rem",
|
|
||||||
background: "var(--bg-secondary)",
|
|
||||||
borderRadius: "0.375rem",
|
|
||||||
fontFamily: "monospace",
|
|
||||||
fontSize: "0.875rem",
|
|
||||||
wordBreak: "break-all",
|
|
||||||
color: "var(--text-primary)",
|
|
||||||
display: "flex",
|
|
||||||
alignItems: "center",
|
|
||||||
justifyContent: "space-between",
|
|
||||||
gap: "0.5rem",
|
|
||||||
}}
|
|
||||||
>
|
|
||||||
<span>{totpSecret}</span>
|
|
||||||
<button
|
|
||||||
onClick={() => {
|
|
||||||
navigator.clipboard?.writeText(totpSecret);
|
|
||||||
alert.success("Klíč zkopírován");
|
|
||||||
}}
|
|
||||||
className="admin-btn-icon"
|
|
||||||
title="Kopírovat"
|
|
||||||
aria-label="Kopírovat"
|
|
||||||
style={{ flexShrink: 0 }}
|
|
||||||
>
|
|
||||||
<svg
|
|
||||||
width="14"
|
|
||||||
height="14"
|
|
||||||
viewBox="0 0 24 24"
|
|
||||||
fill="none"
|
|
||||||
stroke="currentColor"
|
|
||||||
strokeWidth="2"
|
|
||||||
>
|
|
||||||
<rect
|
|
||||||
x="9"
|
|
||||||
y="9"
|
|
||||||
width="13"
|
|
||||||
height="13"
|
|
||||||
rx="2"
|
|
||||||
ry="2"
|
|
||||||
/>
|
|
||||||
<path d="M5 15H4a2 2 0 0 1-2-2V4a2 2 0 0 1 2-2h9a2 2 0 0 1 2 2v1" />
|
|
||||||
</svg>
|
|
||||||
</button>
|
|
||||||
</div>
|
|
||||||
</div>
|
|
||||||
)}
|
|
||||||
<div className="admin-form-group">
|
|
||||||
<label className="admin-form-label">
|
|
||||||
Ověřovací kód z aplikace
|
|
||||||
</label>
|
|
||||||
<input
|
|
||||||
ref={totpSetupRef}
|
|
||||||
type="text"
|
|
||||||
inputMode="numeric"
|
|
||||||
pattern="[0-9]*"
|
|
||||||
maxLength={6}
|
|
||||||
value={totpCode}
|
|
||||||
onChange={(e) =>
|
|
||||||
setTotpCode(e.target.value.replace(/\D/g, ""))
|
|
||||||
}
|
|
||||||
placeholder="000000"
|
|
||||||
className="admin-form-input"
|
|
||||||
style={{
|
|
||||||
textAlign: "center",
|
|
||||||
fontSize: "1.25rem",
|
|
||||||
letterSpacing: "0.4rem",
|
|
||||||
fontFamily: "monospace",
|
|
||||||
}}
|
|
||||||
onKeyDown={(e) => {
|
|
||||||
if (e.key === "Enter" && totpCode.length === 6) {
|
|
||||||
onConfirm2FA();
|
|
||||||
}
|
|
||||||
}}
|
|
||||||
/>
|
|
||||||
</div>
|
|
||||||
</div>
|
|
||||||
)}
|
|
||||||
</div>
|
|
||||||
<div className="admin-modal-footer">
|
|
||||||
{backupCodes ? (
|
|
||||||
<button
|
|
||||||
onClick={() => {
|
|
||||||
setShow2FASetup(false);
|
|
||||||
setBackupCodes(null);
|
|
||||||
}}
|
|
||||||
className="admin-btn admin-btn-primary"
|
|
||||||
>
|
|
||||||
Rozumím, uložil jsem si kódy
|
|
||||||
</button>
|
|
||||||
) : (
|
|
||||||
<>
|
|
||||||
<button
|
|
||||||
onClick={() => setShow2FASetup(false)}
|
|
||||||
className="admin-btn admin-btn-secondary"
|
|
||||||
disabled={totpSubmitting}
|
|
||||||
>
|
|
||||||
Zrušit
|
|
||||||
</button>
|
|
||||||
<button
|
|
||||||
onClick={onConfirm2FA}
|
|
||||||
className="admin-btn admin-btn-primary"
|
|
||||||
disabled={totpSubmitting || totpCode.length !== 6}
|
|
||||||
>
|
|
||||||
{totpSubmitting ? "Ověřuji..." : "Aktivovat 2FA"}
|
|
||||||
</button>
|
|
||||||
</>
|
|
||||||
)}
|
|
||||||
</div>
|
|
||||||
</motion.div>
|
|
||||||
</motion.div>
|
|
||||||
)}
|
|
||||||
</AnimatePresence>
|
|
||||||
|
|
||||||
{/* 2FA Disable Modal */}
|
{/* 2FA Setup Modal — multi-step: setup → backup codes */}
|
||||||
<AnimatePresence>
|
<FormModal
|
||||||
{show2FADisable && (
|
isOpen={show2FASetup}
|
||||||
<motion.div
|
onClose={() => {
|
||||||
className="admin-modal-overlay"
|
// Only reachable on the setup step (backdrop/ESC/× are locked while
|
||||||
initial={{ opacity: 0 }}
|
// backupCodes is set — that branch is unreachable so removed).
|
||||||
animate={{ opacity: 1 }}
|
setShow2FASetup(false);
|
||||||
exit={{ opacity: 0 }}
|
setTotpCode("");
|
||||||
transition={{ duration: 0.2 }}
|
}}
|
||||||
>
|
title={backupCodes ? "Záložní kódy" : "Nastavení 2FA"}
|
||||||
|
size="md"
|
||||||
|
loading={backupCodes ? false : totpSubmitting}
|
||||||
|
onSubmit={
|
||||||
|
backupCodes
|
||||||
|
? () => {
|
||||||
|
setShow2FASetup(false);
|
||||||
|
setBackupCodes(null);
|
||||||
|
}
|
||||||
|
: onConfirm2FA
|
||||||
|
}
|
||||||
|
submitLabel={
|
||||||
|
backupCodes ? "Rozumím, uložil jsem si kódy" : "Aktivovat 2FA"
|
||||||
|
}
|
||||||
|
submitDisabled={backupCodes ? false : totpCode.length !== 6}
|
||||||
|
cancelLabel="Zrušit"
|
||||||
|
// On the backup-codes step the cancel/× would silently dismiss unsaved
|
||||||
|
// codes, so hide the footer + × and lock backdrop/ESC; the explicit
|
||||||
|
// in-body primary is the single deliberate exit.
|
||||||
|
hideFooter={!!backupCodes}
|
||||||
|
hideCloseButton={!!backupCodes}
|
||||||
|
closeOnBackdrop={!backupCodes}
|
||||||
|
closeOnEsc={!backupCodes}
|
||||||
|
>
|
||||||
|
{backupCodes ? (
|
||||||
|
<div>
|
||||||
|
<div className="admin-role-locked-notice mb-4">
|
||||||
|
<svg
|
||||||
|
width="16"
|
||||||
|
height="16"
|
||||||
|
viewBox="0 0 24 24"
|
||||||
|
fill="none"
|
||||||
|
stroke="currentColor"
|
||||||
|
strokeWidth="2"
|
||||||
|
>
|
||||||
|
<path d="M10.29 3.86L1.82 18a2 2 0 0 0 1.71 3h16.94a2 2 0 0 0 1.71-3L13.71 3.86a2 2 0 0 0-3.42 0z" />
|
||||||
|
<line x1="12" y1="9" x2="12" y2="13" />
|
||||||
|
<line x1="12" y1="17" x2="12.01" y2="17" />
|
||||||
|
</svg>
|
||||||
|
Uložte si tyto kódy na bezpečné místo. Každý kód lze použít pouze
|
||||||
|
jednou. Po zavření tohoto okna je již neuvidíte.
|
||||||
|
</div>
|
||||||
<div
|
<div
|
||||||
className="admin-modal-backdrop"
|
style={{
|
||||||
onClick={() => setShow2FADisable(false)}
|
display: "grid",
|
||||||
/>
|
gridTemplateColumns: "repeat(2, 1fr)",
|
||||||
<motion.div
|
gap: "0.5rem",
|
||||||
className="admin-modal"
|
padding: "1rem",
|
||||||
initial={{ opacity: 0, scale: 0.95, y: 20 }}
|
background: "var(--bg-secondary)",
|
||||||
animate={{ opacity: 1, scale: 1, y: 0 }}
|
borderRadius: "0.5rem",
|
||||||
exit={{ opacity: 0, scale: 0.95, y: 20 }}
|
fontFamily: "monospace",
|
||||||
transition={{ duration: 0.2 }}
|
fontSize: "1rem",
|
||||||
|
}}
|
||||||
>
|
>
|
||||||
<div className="admin-modal-header">
|
{backupCodes.map((code) => (
|
||||||
<h2 className="admin-modal-title">Deaktivovat 2FA</h2>
|
<div
|
||||||
</div>
|
key={code}
|
||||||
<div className="admin-modal-body">
|
|
||||||
<p
|
|
||||||
style={{
|
style={{
|
||||||
color: "var(--text-secondary)",
|
padding: "0.25rem 0.5rem",
|
||||||
fontSize: "0.875rem",
|
textAlign: "center",
|
||||||
marginBottom: "1rem",
|
color: "var(--text-primary)",
|
||||||
}}
|
}}
|
||||||
>
|
>
|
||||||
Pro deaktivaci dvoufaktorového ověření zadejte aktuální kód z
|
{code}
|
||||||
autentizační aplikace.
|
</div>
|
||||||
</p>
|
))}
|
||||||
<div className="admin-form-group">
|
</div>
|
||||||
<label className="admin-form-label">Ověřovací kód</label>
|
<div style={{ marginTop: "0.75rem" }}>
|
||||||
<input
|
<button
|
||||||
type="text"
|
onClick={() => {
|
||||||
inputMode="numeric"
|
navigator.clipboard?.writeText(backupCodes.join("\n"));
|
||||||
pattern="[0-9]*"
|
alert.success("Kódy zkopírovány");
|
||||||
maxLength={6}
|
}}
|
||||||
value={disableCode}
|
className="admin-btn admin-btn-secondary admin-btn-sm"
|
||||||
onChange={(e) =>
|
>
|
||||||
setDisableCode(e.target.value.replace(/\D/g, ""))
|
<svg
|
||||||
}
|
width="14"
|
||||||
placeholder="000000"
|
height="14"
|
||||||
className="admin-form-input"
|
viewBox="0 0 24 24"
|
||||||
style={{
|
fill="none"
|
||||||
textAlign: "center",
|
stroke="currentColor"
|
||||||
fontSize: "1.25rem",
|
strokeWidth="2"
|
||||||
letterSpacing: "0.4rem",
|
>
|
||||||
fontFamily: "monospace",
|
<rect x="9" y="9" width="13" height="13" rx="2" ry="2" />
|
||||||
|
<path d="M5 15H4a2 2 0 0 1-2-2V4a2 2 0 0 1 2-2h9a2 2 0 0 1 2 2v1" />
|
||||||
|
</svg>
|
||||||
|
Kopírovat kódy
|
||||||
|
</button>
|
||||||
|
</div>
|
||||||
|
{/* Footer is hidden on this step; the single deliberate exit lives
|
||||||
|
in the body and also clears the codes. */}
|
||||||
|
<div style={{ marginTop: "1.25rem", textAlign: "right" }}>
|
||||||
|
<button
|
||||||
|
onClick={() => {
|
||||||
|
setShow2FASetup(false);
|
||||||
|
setBackupCodes(null);
|
||||||
|
}}
|
||||||
|
className="admin-btn admin-btn-primary"
|
||||||
|
>
|
||||||
|
Rozumím, uložil jsem si kódy
|
||||||
|
</button>
|
||||||
|
</div>
|
||||||
|
</div>
|
||||||
|
) : (
|
||||||
|
<div>
|
||||||
|
<p
|
||||||
|
className="text-secondary"
|
||||||
|
style={{ fontSize: "0.875rem", marginBottom: "1rem" }}
|
||||||
|
>
|
||||||
|
Naskenujte QR kód v autentizační aplikaci (Google Authenticator,
|
||||||
|
Authy, Microsoft Authenticator apod.)
|
||||||
|
</p>
|
||||||
|
{totpQrUri && (
|
||||||
|
<div style={{ textAlign: "center", marginBottom: "1rem" }}>
|
||||||
|
<img
|
||||||
|
src={`https://api.qrserver.com/v1/create-qr-code/?size=200x200&data=${encodeURIComponent(totpQrUri)}`}
|
||||||
|
alt="TOTP QR Code"
|
||||||
|
style={{
|
||||||
|
width: 200,
|
||||||
|
height: 200,
|
||||||
|
borderRadius: "0.5rem",
|
||||||
|
border: "1px solid var(--border-color)",
|
||||||
|
}}
|
||||||
|
/>
|
||||||
|
</div>
|
||||||
|
)}
|
||||||
|
{totpSecret && (
|
||||||
|
<div className="mb-4">
|
||||||
|
<label
|
||||||
|
className="admin-form-label"
|
||||||
|
style={{ fontSize: "0.75rem" }}
|
||||||
|
>
|
||||||
|
Nebo zadejte klíč ručně:
|
||||||
|
</label>
|
||||||
|
<div
|
||||||
|
style={{
|
||||||
|
padding: "0.5rem 0.75rem",
|
||||||
|
background: "var(--bg-secondary)",
|
||||||
|
borderRadius: "0.375rem",
|
||||||
|
fontFamily: "monospace",
|
||||||
|
fontSize: "0.875rem",
|
||||||
|
wordBreak: "break-all",
|
||||||
|
color: "var(--text-primary)",
|
||||||
|
display: "flex",
|
||||||
|
alignItems: "center",
|
||||||
|
justifyContent: "space-between",
|
||||||
|
gap: "0.5rem",
|
||||||
|
}}
|
||||||
|
>
|
||||||
|
<span>{totpSecret}</span>
|
||||||
|
<button
|
||||||
|
onClick={() => {
|
||||||
|
navigator.clipboard?.writeText(totpSecret);
|
||||||
|
alert.success("Klíč zkopírován");
|
||||||
}}
|
}}
|
||||||
onKeyDown={(e) => {
|
className="admin-btn-icon"
|
||||||
if (e.key === "Enter" && disableCode.length === 6) {
|
title="Kopírovat"
|
||||||
onDisable2FA();
|
aria-label="Kopírovat"
|
||||||
}
|
style={{ flexShrink: 0 }}
|
||||||
}}
|
>
|
||||||
autoFocus
|
<svg
|
||||||
/>
|
width="14"
|
||||||
|
height="14"
|
||||||
|
viewBox="0 0 24 24"
|
||||||
|
fill="none"
|
||||||
|
stroke="currentColor"
|
||||||
|
strokeWidth="2"
|
||||||
|
>
|
||||||
|
<rect x="9" y="9" width="13" height="13" rx="2" ry="2" />
|
||||||
|
<path d="M5 15H4a2 2 0 0 1-2-2V4a2 2 0 0 1 2-2h9a2 2 0 0 1 2 2v1" />
|
||||||
|
</svg>
|
||||||
|
</button>
|
||||||
</div>
|
</div>
|
||||||
</div>
|
</div>
|
||||||
<div className="admin-modal-footer">
|
)}
|
||||||
<button
|
<div className="admin-form-group">
|
||||||
onClick={() => setShow2FADisable(false)}
|
<label className="admin-form-label">
|
||||||
className="admin-btn admin-btn-secondary"
|
Ověřovací kód z aplikace
|
||||||
disabled={totpSubmitting}
|
</label>
|
||||||
>
|
<input
|
||||||
Zrušit
|
ref={totpSetupRef}
|
||||||
</button>
|
type="text"
|
||||||
<button
|
inputMode="numeric"
|
||||||
onClick={onDisable2FA}
|
pattern="[0-9]*"
|
||||||
className="admin-btn admin-btn-primary"
|
maxLength={6}
|
||||||
disabled={totpSubmitting || disableCode.length !== 6}
|
value={totpCode}
|
||||||
>
|
onChange={(e) => setTotpCode(e.target.value.replace(/\D/g, ""))}
|
||||||
{totpSubmitting ? "Deaktivuji..." : "Deaktivovat 2FA"}
|
placeholder="000000"
|
||||||
</button>
|
className="admin-form-input"
|
||||||
</div>
|
style={{
|
||||||
</motion.div>
|
textAlign: "center",
|
||||||
</motion.div>
|
fontSize: "1.25rem",
|
||||||
|
letterSpacing: "0.4rem",
|
||||||
|
fontFamily: "monospace",
|
||||||
|
}}
|
||||||
|
onKeyDown={(e) => {
|
||||||
|
if (e.key === "Enter" && totpCode.length === 6) {
|
||||||
|
onConfirm2FA();
|
||||||
|
}
|
||||||
|
}}
|
||||||
|
/>
|
||||||
|
</div>
|
||||||
|
</div>
|
||||||
)}
|
)}
|
||||||
</AnimatePresence>
|
</FormModal>
|
||||||
|
|
||||||
|
{/* 2FA Disable Modal */}
|
||||||
|
<FormModal
|
||||||
|
isOpen={show2FADisable}
|
||||||
|
onClose={() => setShow2FADisable(false)}
|
||||||
|
title="Deaktivovat 2FA"
|
||||||
|
size="md"
|
||||||
|
loading={totpSubmitting}
|
||||||
|
onSubmit={onDisable2FA}
|
||||||
|
submitDisabled={disableCode.length !== 6}
|
||||||
|
submitLabel="Deaktivovat 2FA"
|
||||||
|
cancelLabel="Zrušit"
|
||||||
|
>
|
||||||
|
<p
|
||||||
|
style={{
|
||||||
|
color: "var(--text-secondary)",
|
||||||
|
fontSize: "0.875rem",
|
||||||
|
marginBottom: "1rem",
|
||||||
|
}}
|
||||||
|
>
|
||||||
|
Pro deaktivaci dvoufaktorového ověření zadejte aktuální kód z
|
||||||
|
autentizační aplikace.
|
||||||
|
</p>
|
||||||
|
<div className="admin-form-group">
|
||||||
|
<label className="admin-form-label">Ověřovací kód</label>
|
||||||
|
<input
|
||||||
|
type="text"
|
||||||
|
inputMode="numeric"
|
||||||
|
pattern="[0-9]*"
|
||||||
|
maxLength={6}
|
||||||
|
value={disableCode}
|
||||||
|
onChange={(e) => setDisableCode(e.target.value.replace(/\D/g, ""))}
|
||||||
|
placeholder="000000"
|
||||||
|
className="admin-form-input"
|
||||||
|
style={{
|
||||||
|
textAlign: "center",
|
||||||
|
fontSize: "1.25rem",
|
||||||
|
letterSpacing: "0.4rem",
|
||||||
|
fontFamily: "monospace",
|
||||||
|
}}
|
||||||
|
onKeyDown={(e) => {
|
||||||
|
if (e.key === "Enter" && disableCode.length === 6) {
|
||||||
|
onDisable2FA();
|
||||||
|
}
|
||||||
|
}}
|
||||||
|
autoFocus
|
||||||
|
/>
|
||||||
|
</div>
|
||||||
|
</FormModal>
|
||||||
</>
|
</>
|
||||||
);
|
);
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -1,12 +1,12 @@
|
|||||||
import { useState } from "react";
|
import { useState } from "react";
|
||||||
import { Link } from "react-router-dom";
|
import { Link } from "react-router-dom";
|
||||||
import { motion, AnimatePresence } from "framer-motion";
|
import { motion } from "framer-motion";
|
||||||
import { useAuth } from "../../context/AuthContext";
|
import { useAuth } from "../../context/AuthContext";
|
||||||
import { useAlert } from "../../context/AlertContext";
|
import { useAlert } from "../../context/AlertContext";
|
||||||
import { formatKm } from "../../utils/formatters";
|
import { formatKm, todayLocalStr } from "../../utils/formatters";
|
||||||
import AdminDatePicker from "../AdminDatePicker";
|
import AdminDatePicker from "../AdminDatePicker";
|
||||||
import apiFetch from "../../utils/api";
|
import apiFetch from "../../utils/api";
|
||||||
import useModalLock from "../../hooks/useModalLock";
|
import FormModal from "../FormModal";
|
||||||
|
|
||||||
const API_BASE = "/api/admin";
|
const API_BASE = "/api/admin";
|
||||||
|
|
||||||
@@ -69,12 +69,10 @@ export default function DashQuickActions({
|
|||||||
});
|
});
|
||||||
const [tripErrors, setTripErrors] = useState<TripErrors>({});
|
const [tripErrors, setTripErrors] = useState<TripErrors>({});
|
||||||
|
|
||||||
useModalLock(showTripModal);
|
|
||||||
|
|
||||||
const openTripModal = async () => {
|
const openTripModal = async () => {
|
||||||
setTripForm({
|
setTripForm({
|
||||||
vehicle_id: "",
|
vehicle_id: "",
|
||||||
trip_date: new Date().toISOString().split("T")[0],
|
trip_date: todayLocalStr(),
|
||||||
start_km: "",
|
start_km: "",
|
||||||
end_km: "",
|
end_km: "",
|
||||||
route_from: "",
|
route_from: "",
|
||||||
@@ -316,273 +314,222 @@ export default function DashQuickActions({
|
|||||||
)}
|
)}
|
||||||
</motion.div>
|
</motion.div>
|
||||||
|
|
||||||
<AnimatePresence>
|
<FormModal
|
||||||
{showTripModal && (
|
isOpen={showTripModal}
|
||||||
<motion.div
|
onClose={() => setShowTripModal(false)}
|
||||||
className="admin-modal-overlay"
|
title="Přidat jízdu"
|
||||||
initial={{ opacity: 0 }}
|
size="lg"
|
||||||
animate={{ opacity: 1 }}
|
onSubmit={handleTripSubmit}
|
||||||
exit={{ opacity: 0 }}
|
submitLabel="Uložit"
|
||||||
transition={{ duration: 0.2 }}
|
loading={tripSubmitting}
|
||||||
>
|
>
|
||||||
|
<div className="admin-form">
|
||||||
|
<div className="admin-form-row">
|
||||||
<div
|
<div
|
||||||
className="admin-modal-backdrop"
|
className={`admin-form-group${tripErrors.vehicle_id ? " has-error" : ""}`}
|
||||||
onClick={() => setShowTripModal(false)}
|
|
||||||
/>
|
|
||||||
<motion.div
|
|
||||||
className="admin-modal admin-modal-lg"
|
|
||||||
initial={{ opacity: 0, scale: 0.95, y: 20 }}
|
|
||||||
animate={{ opacity: 1, scale: 1, y: 0 }}
|
|
||||||
exit={{ opacity: 0, scale: 0.95, y: 20 }}
|
|
||||||
transition={{ duration: 0.2 }}
|
|
||||||
>
|
>
|
||||||
<div className="admin-modal-header">
|
<label className="admin-form-label required">Vozidlo</label>
|
||||||
<h2 className="admin-modal-title">Přidat jízdu</h2>
|
<select
|
||||||
</div>
|
value={tripForm.vehicle_id}
|
||||||
<div className="admin-modal-body">
|
onChange={(e) => {
|
||||||
<div className="admin-form">
|
handleTripVehicleChange(e.target.value);
|
||||||
<div className="admin-form-row">
|
setTripErrors((prev) => ({
|
||||||
<div
|
...prev,
|
||||||
className={`admin-form-group${tripErrors.vehicle_id ? " has-error" : ""}`}
|
vehicle_id: undefined,
|
||||||
>
|
}));
|
||||||
<label className="admin-form-label required">
|
}}
|
||||||
Vozidlo
|
className="admin-form-select"
|
||||||
</label>
|
>
|
||||||
<select
|
<option value="">Vyberte vozidlo</option>
|
||||||
value={tripForm.vehicle_id}
|
{tripVehicles.map((v) => (
|
||||||
onChange={(e) => {
|
<option key={v.id} value={v.id}>
|
||||||
handleTripVehicleChange(e.target.value);
|
{v.spz} - {v.name}
|
||||||
setTripErrors((prev) => ({
|
</option>
|
||||||
...prev,
|
))}
|
||||||
vehicle_id: undefined,
|
</select>
|
||||||
}));
|
{tripErrors.vehicle_id && (
|
||||||
}}
|
<span className="admin-form-error">
|
||||||
className="admin-form-select"
|
{tripErrors.vehicle_id}
|
||||||
>
|
</span>
|
||||||
<option value="">Vyberte vozidlo</option>
|
)}
|
||||||
{tripVehicles.map((v) => (
|
</div>
|
||||||
<option key={v.id} value={v.id}>
|
<div
|
||||||
{v.spz} - {v.name}
|
className={`admin-form-group${tripErrors.trip_date ? " has-error" : ""}`}
|
||||||
</option>
|
>
|
||||||
))}
|
<label className="admin-form-label required">Datum jízdy</label>
|
||||||
</select>
|
<AdminDatePicker
|
||||||
{tripErrors.vehicle_id && (
|
mode="date"
|
||||||
<span className="admin-form-error">
|
value={tripForm.trip_date}
|
||||||
{tripErrors.vehicle_id}
|
onChange={(val: string) => {
|
||||||
</span>
|
setTripForm((prev) => ({ ...prev, trip_date: val }));
|
||||||
)}
|
setTripErrors((prev) => ({
|
||||||
</div>
|
...prev,
|
||||||
<div
|
trip_date: undefined,
|
||||||
className={`admin-form-group${tripErrors.trip_date ? " has-error" : ""}`}
|
}));
|
||||||
>
|
}}
|
||||||
<label className="admin-form-label required">
|
/>
|
||||||
Datum jízdy
|
{tripErrors.trip_date && (
|
||||||
</label>
|
<span className="admin-form-error">{tripErrors.trip_date}</span>
|
||||||
<AdminDatePicker
|
)}
|
||||||
mode="date"
|
</div>
|
||||||
value={tripForm.trip_date}
|
</div>
|
||||||
onChange={(val: string) => {
|
|
||||||
setTripForm((prev) => ({ ...prev, trip_date: val }));
|
|
||||||
setTripErrors((prev) => ({
|
|
||||||
...prev,
|
|
||||||
trip_date: undefined,
|
|
||||||
}));
|
|
||||||
}}
|
|
||||||
/>
|
|
||||||
{tripErrors.trip_date && (
|
|
||||||
<span className="admin-form-error">
|
|
||||||
{tripErrors.trip_date}
|
|
||||||
</span>
|
|
||||||
)}
|
|
||||||
</div>
|
|
||||||
</div>
|
|
||||||
|
|
||||||
<div className="admin-form-row admin-form-row-3">
|
<div className="admin-form-row admin-form-row-3">
|
||||||
<div
|
<div
|
||||||
className={`admin-form-group${tripErrors.start_km ? " has-error" : ""}`}
|
className={`admin-form-group${tripErrors.start_km ? " has-error" : ""}`}
|
||||||
>
|
>
|
||||||
<label className="admin-form-label required">
|
<label className="admin-form-label required">
|
||||||
Počáteční stav km
|
Počáteční stav km
|
||||||
</label>
|
</label>
|
||||||
<input
|
<input
|
||||||
type="number"
|
type="number"
|
||||||
inputMode="numeric"
|
inputMode="numeric"
|
||||||
value={tripForm.start_km}
|
value={tripForm.start_km}
|
||||||
onChange={(e) => {
|
onChange={(e) => {
|
||||||
setTripForm((prev) => ({
|
setTripForm((prev) => ({
|
||||||
...prev,
|
...prev,
|
||||||
start_km: e.target.value,
|
start_km: e.target.value,
|
||||||
}));
|
}));
|
||||||
setTripErrors((prev) => ({
|
setTripErrors((prev) => ({
|
||||||
...prev,
|
...prev,
|
||||||
start_km: undefined,
|
start_km: undefined,
|
||||||
}));
|
}));
|
||||||
}}
|
}}
|
||||||
className="admin-form-input"
|
className="admin-form-input"
|
||||||
min="0"
|
min="0"
|
||||||
/>
|
/>
|
||||||
{tripErrors.start_km && (
|
{tripErrors.start_km && (
|
||||||
<span className="admin-form-error">
|
<span className="admin-form-error">{tripErrors.start_km}</span>
|
||||||
{tripErrors.start_km}
|
)}
|
||||||
</span>
|
</div>
|
||||||
)}
|
<div
|
||||||
</div>
|
className={`admin-form-group${tripErrors.end_km ? " has-error" : ""}`}
|
||||||
<div
|
>
|
||||||
className={`admin-form-group${tripErrors.end_km ? " has-error" : ""}`}
|
<label className="admin-form-label required">
|
||||||
>
|
Konečný stav km
|
||||||
<label className="admin-form-label required">
|
</label>
|
||||||
Konečný stav km
|
<input
|
||||||
</label>
|
type="number"
|
||||||
<input
|
inputMode="numeric"
|
||||||
type="number"
|
value={tripForm.end_km}
|
||||||
inputMode="numeric"
|
onChange={(e) => {
|
||||||
value={tripForm.end_km}
|
setTripForm((prev) => ({
|
||||||
onChange={(e) => {
|
...prev,
|
||||||
setTripForm((prev) => ({
|
end_km: e.target.value,
|
||||||
...prev,
|
}));
|
||||||
end_km: e.target.value,
|
setTripErrors((prev) => ({
|
||||||
}));
|
...prev,
|
||||||
setTripErrors((prev) => ({
|
end_km: undefined,
|
||||||
...prev,
|
}));
|
||||||
end_km: undefined,
|
}}
|
||||||
}));
|
className="admin-form-input"
|
||||||
}}
|
min="0"
|
||||||
className="admin-form-input"
|
/>
|
||||||
min="0"
|
{tripErrors.end_km && (
|
||||||
/>
|
<span className="admin-form-error">{tripErrors.end_km}</span>
|
||||||
{tripErrors.end_km && (
|
)}
|
||||||
<span className="admin-form-error">
|
</div>
|
||||||
{tripErrors.end_km}
|
<div className="admin-form-group">
|
||||||
</span>
|
<label className="admin-form-label">Vzdálenost</label>
|
||||||
)}
|
<input
|
||||||
</div>
|
type="text"
|
||||||
<div className="admin-form-group">
|
value={`${formatKm(tripDistance())} km`}
|
||||||
<label className="admin-form-label">Vzdálenost</label>
|
className="admin-form-input"
|
||||||
<input
|
readOnly
|
||||||
type="text"
|
disabled
|
||||||
value={`${formatKm(tripDistance())} km`}
|
/>
|
||||||
className="admin-form-input"
|
</div>
|
||||||
readOnly
|
</div>
|
||||||
disabled
|
|
||||||
/>
|
|
||||||
</div>
|
|
||||||
</div>
|
|
||||||
|
|
||||||
<div className="admin-form-row">
|
<div className="admin-form-row">
|
||||||
<div
|
<div
|
||||||
className={`admin-form-group${tripErrors.route_from ? " has-error" : ""}`}
|
className={`admin-form-group${tripErrors.route_from ? " has-error" : ""}`}
|
||||||
>
|
>
|
||||||
<label className="admin-form-label required">
|
<label className="admin-form-label required">Místo odjezdu</label>
|
||||||
Místo odjezdu
|
<input
|
||||||
</label>
|
type="text"
|
||||||
<input
|
value={tripForm.route_from}
|
||||||
type="text"
|
onChange={(e) => {
|
||||||
value={tripForm.route_from}
|
setTripForm((prev) => ({
|
||||||
onChange={(e) => {
|
...prev,
|
||||||
setTripForm((prev) => ({
|
route_from: e.target.value,
|
||||||
...prev,
|
}));
|
||||||
route_from: e.target.value,
|
setTripErrors((prev) => ({
|
||||||
}));
|
...prev,
|
||||||
setTripErrors((prev) => ({
|
route_from: undefined,
|
||||||
...prev,
|
}));
|
||||||
route_from: undefined,
|
}}
|
||||||
}));
|
className="admin-form-input"
|
||||||
}}
|
placeholder="Např. Praha"
|
||||||
className="admin-form-input"
|
/>
|
||||||
placeholder="Např. Praha"
|
{tripErrors.route_from && (
|
||||||
/>
|
<span className="admin-form-error">
|
||||||
{tripErrors.route_from && (
|
{tripErrors.route_from}
|
||||||
<span className="admin-form-error">
|
</span>
|
||||||
{tripErrors.route_from}
|
)}
|
||||||
</span>
|
</div>
|
||||||
)}
|
<div
|
||||||
</div>
|
className={`admin-form-group${tripErrors.route_to ? " has-error" : ""}`}
|
||||||
<div
|
>
|
||||||
className={`admin-form-group${tripErrors.route_to ? " has-error" : ""}`}
|
<label className="admin-form-label required">
|
||||||
>
|
Místo příjezdu
|
||||||
<label className="admin-form-label required">
|
</label>
|
||||||
Místo příjezdu
|
<input
|
||||||
</label>
|
type="text"
|
||||||
<input
|
value={tripForm.route_to}
|
||||||
type="text"
|
onChange={(e) => {
|
||||||
value={tripForm.route_to}
|
setTripForm((prev) => ({
|
||||||
onChange={(e) => {
|
...prev,
|
||||||
setTripForm((prev) => ({
|
route_to: e.target.value,
|
||||||
...prev,
|
}));
|
||||||
route_to: e.target.value,
|
setTripErrors((prev) => ({
|
||||||
}));
|
...prev,
|
||||||
setTripErrors((prev) => ({
|
route_to: undefined,
|
||||||
...prev,
|
}));
|
||||||
route_to: undefined,
|
}}
|
||||||
}));
|
className="admin-form-input"
|
||||||
}}
|
placeholder="Např. Brno"
|
||||||
className="admin-form-input"
|
/>
|
||||||
placeholder="Např. Brno"
|
{tripErrors.route_to && (
|
||||||
/>
|
<span className="admin-form-error">{tripErrors.route_to}</span>
|
||||||
{tripErrors.route_to && (
|
)}
|
||||||
<span className="admin-form-error">
|
</div>
|
||||||
{tripErrors.route_to}
|
</div>
|
||||||
</span>
|
|
||||||
)}
|
|
||||||
</div>
|
|
||||||
</div>
|
|
||||||
|
|
||||||
<div className="admin-form-group">
|
<div className="admin-form-group">
|
||||||
<label className="admin-form-label">Typ jízdy</label>
|
<label className="admin-form-label">Typ jízdy</label>
|
||||||
<select
|
<select
|
||||||
value={tripForm.is_business}
|
value={tripForm.is_business}
|
||||||
onChange={(e) =>
|
onChange={(e) =>
|
||||||
setTripForm((prev) => ({
|
setTripForm((prev) => ({
|
||||||
...prev,
|
...prev,
|
||||||
is_business: parseInt(e.target.value),
|
is_business: parseInt(e.target.value),
|
||||||
}))
|
}))
|
||||||
}
|
}
|
||||||
className="admin-form-select"
|
className="admin-form-select"
|
||||||
>
|
>
|
||||||
<option value={1}>Služební</option>
|
<option value={1}>Služební</option>
|
||||||
<option value={0}>Soukromá</option>
|
<option value={0}>Soukromá</option>
|
||||||
</select>
|
</select>
|
||||||
</div>
|
</div>
|
||||||
|
|
||||||
<div className="admin-form-group">
|
<div className="admin-form-group">
|
||||||
<label className="admin-form-label">Poznámky</label>
|
<label className="admin-form-label">Poznámky</label>
|
||||||
<textarea
|
<textarea
|
||||||
value={tripForm.notes}
|
value={tripForm.notes}
|
||||||
onChange={(e) =>
|
onChange={(e) =>
|
||||||
setTripForm((prev) => ({
|
setTripForm((prev) => ({
|
||||||
...prev,
|
...prev,
|
||||||
notes: e.target.value,
|
notes: e.target.value,
|
||||||
}))
|
}))
|
||||||
}
|
}
|
||||||
className="admin-form-textarea"
|
className="admin-form-textarea"
|
||||||
rows={2}
|
rows={2}
|
||||||
placeholder="Volitelné poznámky..."
|
placeholder="Volitelné poznámky..."
|
||||||
/>
|
/>
|
||||||
</div>
|
</div>
|
||||||
</div>
|
</div>
|
||||||
</div>
|
</FormModal>
|
||||||
<div className="admin-modal-footer">
|
|
||||||
<button
|
|
||||||
type="button"
|
|
||||||
onClick={() => setShowTripModal(false)}
|
|
||||||
className="admin-btn admin-btn-secondary"
|
|
||||||
disabled={tripSubmitting}
|
|
||||||
>
|
|
||||||
Zrušit
|
|
||||||
</button>
|
|
||||||
<button
|
|
||||||
type="button"
|
|
||||||
onClick={handleTripSubmit}
|
|
||||||
className="admin-btn admin-btn-primary"
|
|
||||||
disabled={tripSubmitting}
|
|
||||||
>
|
|
||||||
{tripSubmitting ? "Ukládám..." : "Uložit"}
|
|
||||||
</button>
|
|
||||||
</div>
|
|
||||||
</motion.div>
|
|
||||||
</motion.div>
|
|
||||||
)}
|
|
||||||
</AnimatePresence>
|
|
||||||
</>
|
</>
|
||||||
);
|
);
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -1,27 +1,15 @@
|
|||||||
import { useState, useEffect, useCallback } from "react";
|
import { useState } from "react";
|
||||||
|
import { useQuery, useQueryClient } from "@tanstack/react-query";
|
||||||
import { motion } from "framer-motion";
|
import { motion } from "framer-motion";
|
||||||
import { useAlert } from "../../context/AlertContext";
|
import { useAlert } from "../../context/AlertContext";
|
||||||
import ConfirmModal from "../ConfirmModal";
|
import ConfirmModal from "../ConfirmModal";
|
||||||
import useModalLock from "../../hooks/useModalLock";
|
import useModalLock from "../../hooks/useModalLock";
|
||||||
import apiFetch from "../../utils/api";
|
import apiFetch from "../../utils/api";
|
||||||
import { formatSessionDate } from "../../utils/dashboardHelpers";
|
import { formatSessionDate } from "../../utils/dashboardHelpers";
|
||||||
|
import { sessionsOptions, type Session } from "../../lib/queries/dashboard";
|
||||||
|
|
||||||
const API_BASE = "/api/admin";
|
const API_BASE = "/api/admin";
|
||||||
|
|
||||||
interface DeviceInfo {
|
|
||||||
icon?: string;
|
|
||||||
browser?: string;
|
|
||||||
os?: string;
|
|
||||||
}
|
|
||||||
|
|
||||||
interface Session {
|
|
||||||
id: number | string;
|
|
||||||
is_current: boolean;
|
|
||||||
device_info?: DeviceInfo;
|
|
||||||
ip_address: string;
|
|
||||||
created_at: string;
|
|
||||||
}
|
|
||||||
|
|
||||||
interface DeleteModalState {
|
interface DeleteModalState {
|
||||||
isOpen: boolean;
|
isOpen: boolean;
|
||||||
session: Session | null;
|
session: Session | null;
|
||||||
@@ -77,9 +65,10 @@ function getDeviceIcon(iconType?: string) {
|
|||||||
|
|
||||||
export default function DashSessions() {
|
export default function DashSessions() {
|
||||||
const alert = useAlert();
|
const alert = useAlert();
|
||||||
|
const queryClient = useQueryClient();
|
||||||
|
|
||||||
const [sessions, setSessions] = useState<Session[]>([]);
|
const { data: sessions = [], isPending: sessionsLoading } =
|
||||||
const [sessionsLoading, setSessionsLoading] = useState(true);
|
useQuery(sessionsOptions());
|
||||||
const [deleteModal, setDeleteModal] = useState<DeleteModalState>({
|
const [deleteModal, setDeleteModal] = useState<DeleteModalState>({
|
||||||
isOpen: false,
|
isOpen: false,
|
||||||
session: null,
|
session: null,
|
||||||
@@ -89,26 +78,6 @@ export default function DashSessions() {
|
|||||||
|
|
||||||
useModalLock(deleteAllModal);
|
useModalLock(deleteAllModal);
|
||||||
|
|
||||||
const fetchSessions = useCallback(async () => {
|
|
||||||
try {
|
|
||||||
const response = await apiFetch(`${API_BASE}/sessions`);
|
|
||||||
const data = await response.json();
|
|
||||||
if (data.success) {
|
|
||||||
setSessions(
|
|
||||||
Array.isArray(data.data) ? data.data : data.data?.sessions || [],
|
|
||||||
);
|
|
||||||
}
|
|
||||||
} catch {
|
|
||||||
// session fetch failed silently
|
|
||||||
} finally {
|
|
||||||
setSessionsLoading(false);
|
|
||||||
}
|
|
||||||
}, []);
|
|
||||||
|
|
||||||
useEffect(() => {
|
|
||||||
fetchSessions();
|
|
||||||
}, [fetchSessions]);
|
|
||||||
|
|
||||||
const handleDeleteSession = async () => {
|
const handleDeleteSession = async () => {
|
||||||
if (!deleteModal.session) {
|
if (!deleteModal.session) {
|
||||||
return;
|
return;
|
||||||
@@ -122,7 +91,7 @@ export default function DashSessions() {
|
|||||||
const data = await response.json();
|
const data = await response.json();
|
||||||
if (data.success) {
|
if (data.success) {
|
||||||
setDeleteModal({ isOpen: false, session: null });
|
setDeleteModal({ isOpen: false, session: null });
|
||||||
setSessions((prev) => prev.filter((s) => s.id !== sessionId));
|
queryClient.invalidateQueries({ queryKey: ["sessions"] });
|
||||||
alert.success("Relace byla ukončena");
|
alert.success("Relace byla ukončena");
|
||||||
} else {
|
} else {
|
||||||
alert.error(data.error || "Nepodařilo se ukončit relaci");
|
alert.error(data.error || "Nepodařilo se ukončit relaci");
|
||||||
@@ -143,7 +112,7 @@ export default function DashSessions() {
|
|||||||
const data = await response.json();
|
const data = await response.json();
|
||||||
if (data.success) {
|
if (data.success) {
|
||||||
setDeleteAllModal(false);
|
setDeleteAllModal(false);
|
||||||
setSessions((prev) => prev.filter((s) => s.is_current));
|
queryClient.invalidateQueries({ queryKey: ["sessions"] });
|
||||||
alert.success(data.message || "Ostatní relace byly ukončeny");
|
alert.success(data.message || "Ostatní relace byly ukončeny");
|
||||||
} else {
|
} else {
|
||||||
alert.error(data.error || "Nepodařilo se ukončit relace");
|
alert.error(data.error || "Nepodařilo se ukončit relace");
|
||||||
@@ -183,97 +152,83 @@ export default function DashSessions() {
|
|||||||
)}
|
)}
|
||||||
</div>
|
</div>
|
||||||
<div className="admin-card-body" style={{ padding: 0 }}>
|
<div className="admin-card-body" style={{ padding: 0 }}>
|
||||||
{sessionsLoading && (
|
{sessionsLoading ? (
|
||||||
<div
|
<div className="admin-loading">
|
||||||
className="admin-skeleton"
|
<div className="admin-spinner" />
|
||||||
style={{ padding: "1rem", gap: "1rem" }}
|
|
||||||
>
|
|
||||||
{[0, 1, 2].map((i) => (
|
|
||||||
<div key={i} className="admin-skeleton-row">
|
|
||||||
<div className="admin-skeleton-line circle" />
|
|
||||||
<div className="flex-1">
|
|
||||||
<div
|
|
||||||
className="admin-skeleton-line w-1/2"
|
|
||||||
style={{ marginBottom: "0.5rem" }}
|
|
||||||
/>
|
|
||||||
<div
|
|
||||||
className="admin-skeleton-line w-1/3"
|
|
||||||
style={{ height: "10px" }}
|
|
||||||
/>
|
|
||||||
</div>
|
|
||||||
</div>
|
|
||||||
))}
|
|
||||||
</div>
|
</div>
|
||||||
)}
|
) : (
|
||||||
{!sessionsLoading && sessions.length === 0 && (
|
<>
|
||||||
<div
|
{sessions.length === 0 && (
|
||||||
className="text-secondary"
|
|
||||||
style={{
|
|
||||||
padding: "1.5rem",
|
|
||||||
textAlign: "center",
|
|
||||||
fontSize: "0.875rem",
|
|
||||||
}}
|
|
||||||
>
|
|
||||||
Žádné aktivní relace
|
|
||||||
</div>
|
|
||||||
)}
|
|
||||||
{!sessionsLoading && sessions.length > 0 && (
|
|
||||||
<div className="dash-sessions-list">
|
|
||||||
{sessions.map((session) => (
|
|
||||||
<div
|
<div
|
||||||
key={session.id}
|
className="text-secondary"
|
||||||
className={`dash-session-item ${session.is_current ? "dash-session-item-current" : ""}`}
|
style={{
|
||||||
|
padding: "1.5rem",
|
||||||
|
textAlign: "center",
|
||||||
|
fontSize: "0.875rem",
|
||||||
|
}}
|
||||||
>
|
>
|
||||||
<div className="dash-session-icon">
|
Žádné aktivní relace
|
||||||
{getDeviceIcon(session.device_info?.icon)}
|
|
||||||
</div>
|
|
||||||
<div className="dash-session-info">
|
|
||||||
<div className="dash-session-device">
|
|
||||||
{session.device_info?.browser} na{" "}
|
|
||||||
{session.device_info?.os}
|
|
||||||
{session.is_current && (
|
|
||||||
<span
|
|
||||||
className="admin-badge admin-badge-success"
|
|
||||||
style={{ marginLeft: "0.5rem" }}
|
|
||||||
>
|
|
||||||
Aktuální
|
|
||||||
</span>
|
|
||||||
)}
|
|
||||||
</div>
|
|
||||||
<div className="dash-session-meta">
|
|
||||||
<span>{session.ip_address}</span>
|
|
||||||
<span className="dash-session-meta-separator">|</span>
|
|
||||||
<span>{formatSessionDate(session.created_at)}</span>
|
|
||||||
</div>
|
|
||||||
</div>
|
|
||||||
<div className="dash-session-actions">
|
|
||||||
{!session.is_current && (
|
|
||||||
<button
|
|
||||||
onClick={() =>
|
|
||||||
setDeleteModal({ isOpen: true, session })
|
|
||||||
}
|
|
||||||
className="admin-btn-icon danger"
|
|
||||||
title="Ukončit relaci"
|
|
||||||
aria-label="Ukončit relaci"
|
|
||||||
>
|
|
||||||
<svg
|
|
||||||
width="16"
|
|
||||||
height="16"
|
|
||||||
viewBox="0 0 24 24"
|
|
||||||
fill="none"
|
|
||||||
stroke="currentColor"
|
|
||||||
strokeWidth="2"
|
|
||||||
>
|
|
||||||
<path d="M9 21H5a2 2 0 0 1-2-2V5a2 2 0 0 1 2-2h4" />
|
|
||||||
<polyline points="16 17 21 12 16 7" />
|
|
||||||
<line x1="21" y1="12" x2="9" y2="12" />
|
|
||||||
</svg>
|
|
||||||
</button>
|
|
||||||
)}
|
|
||||||
</div>
|
|
||||||
</div>
|
</div>
|
||||||
))}
|
)}
|
||||||
</div>
|
{sessions.length > 0 && (
|
||||||
|
<div className="dash-sessions-list">
|
||||||
|
{sessions.map((session) => (
|
||||||
|
<div
|
||||||
|
key={session.id}
|
||||||
|
className={`dash-session-item ${session.is_current ? "dash-session-item-current" : ""}`}
|
||||||
|
>
|
||||||
|
<div className="dash-session-icon">
|
||||||
|
{getDeviceIcon(session.device_info?.icon)}
|
||||||
|
</div>
|
||||||
|
<div className="dash-session-info">
|
||||||
|
<div className="dash-session-device">
|
||||||
|
{session.device_info?.browser} na{" "}
|
||||||
|
{session.device_info?.os}
|
||||||
|
{session.is_current && (
|
||||||
|
<span
|
||||||
|
className="admin-badge admin-badge-success"
|
||||||
|
style={{ marginLeft: "0.5rem" }}
|
||||||
|
>
|
||||||
|
Aktuální
|
||||||
|
</span>
|
||||||
|
)}
|
||||||
|
</div>
|
||||||
|
<div className="dash-session-meta">
|
||||||
|
<span>{session.ip_address}</span>
|
||||||
|
<span className="dash-session-meta-separator">|</span>
|
||||||
|
<span>{formatSessionDate(session.created_at)}</span>
|
||||||
|
</div>
|
||||||
|
</div>
|
||||||
|
<div className="dash-session-actions">
|
||||||
|
{!session.is_current && (
|
||||||
|
<button
|
||||||
|
onClick={() =>
|
||||||
|
setDeleteModal({ isOpen: true, session })
|
||||||
|
}
|
||||||
|
className="admin-btn-icon danger"
|
||||||
|
title="Ukončit relaci"
|
||||||
|
aria-label="Ukončit relaci"
|
||||||
|
>
|
||||||
|
<svg
|
||||||
|
width="16"
|
||||||
|
height="16"
|
||||||
|
viewBox="0 0 24 24"
|
||||||
|
fill="none"
|
||||||
|
stroke="currentColor"
|
||||||
|
strokeWidth="2"
|
||||||
|
>
|
||||||
|
<path d="M9 21H5a2 2 0 0 1-2-2V5a2 2 0 0 1 2-2h4" />
|
||||||
|
<polyline points="16 17 21 12 16 7" />
|
||||||
|
<line x1="21" y1="12" x2="9" y2="12" />
|
||||||
|
</svg>
|
||||||
|
</button>
|
||||||
|
)}
|
||||||
|
</div>
|
||||||
|
</div>
|
||||||
|
))}
|
||||||
|
</div>
|
||||||
|
)}
|
||||||
|
</>
|
||||||
)}
|
)}
|
||||||
</div>
|
</div>
|
||||||
</motion.div>
|
</motion.div>
|
||||||
|
|||||||
74
src/admin/components/warehouse/BatchPicker.tsx
Normal file
74
src/admin/components/warehouse/BatchPicker.tsx
Normal file
@@ -0,0 +1,74 @@
|
|||||||
|
import { useQuery } from "@tanstack/react-query";
|
||||||
|
import { jsonQuery } from "../../lib/apiAdapter";
|
||||||
|
|
||||||
|
interface Batch {
|
||||||
|
id: number;
|
||||||
|
quantity: number;
|
||||||
|
unit_price: number;
|
||||||
|
received_at: string;
|
||||||
|
is_consumed: boolean;
|
||||||
|
}
|
||||||
|
|
||||||
|
interface BatchesResponse {
|
||||||
|
batches: Batch[];
|
||||||
|
total_stock: number;
|
||||||
|
reserved_quantity: number;
|
||||||
|
available_quantity: number;
|
||||||
|
}
|
||||||
|
|
||||||
|
interface BatchPickerProps {
|
||||||
|
itemId: number | null;
|
||||||
|
value: number | null;
|
||||||
|
onChange: (batchId: number, unitPrice: number) => void;
|
||||||
|
}
|
||||||
|
|
||||||
|
export default function BatchPicker({
|
||||||
|
itemId,
|
||||||
|
value,
|
||||||
|
onChange,
|
||||||
|
}: BatchPickerProps) {
|
||||||
|
const { data: response } = useQuery({
|
||||||
|
queryKey: ["warehouse", "batches", itemId],
|
||||||
|
queryFn: () =>
|
||||||
|
jsonQuery<BatchesResponse>(
|
||||||
|
`/api/admin/warehouse/items/${itemId}/batches`,
|
||||||
|
),
|
||||||
|
enabled: !!itemId,
|
||||||
|
});
|
||||||
|
|
||||||
|
const batches = response?.batches ?? [];
|
||||||
|
|
||||||
|
return (
|
||||||
|
<div>
|
||||||
|
{response && response.reserved_quantity > 0 && (
|
||||||
|
<div
|
||||||
|
style={{
|
||||||
|
fontSize: "0.75rem",
|
||||||
|
color: "var(--text-tertiary)",
|
||||||
|
marginBottom: "0.25rem",
|
||||||
|
}}
|
||||||
|
>
|
||||||
|
Dostupné: {response.available_quantity} ks (z toho rezervováno:{" "}
|
||||||
|
{response.reserved_quantity} ks)
|
||||||
|
</div>
|
||||||
|
)}
|
||||||
|
<select
|
||||||
|
className="admin-form-select"
|
||||||
|
value={value ?? ""}
|
||||||
|
onChange={(e) => {
|
||||||
|
const batchId = Number(e.target.value);
|
||||||
|
const batch = batches.find((b) => b.id === batchId);
|
||||||
|
if (batch) onChange(batch.id, Number(batch.unit_price));
|
||||||
|
}}
|
||||||
|
>
|
||||||
|
<option value="">-- auto FIFO --</option>
|
||||||
|
{batches.map((b) => (
|
||||||
|
<option key={b.id} value={b.id}>
|
||||||
|
{new Date(b.received_at).toLocaleDateString("cs-CZ")} | {b.quantity}{" "}
|
||||||
|
ks | {Number(b.unit_price).toFixed(2)} Kč
|
||||||
|
</option>
|
||||||
|
))}
|
||||||
|
</select>
|
||||||
|
</div>
|
||||||
|
);
|
||||||
|
}
|
||||||
228
src/admin/components/warehouse/ItemPicker.tsx
Normal file
228
src/admin/components/warehouse/ItemPicker.tsx
Normal file
@@ -0,0 +1,228 @@
|
|||||||
|
import { useState, useRef, useEffect, useCallback, useId } from "react";
|
||||||
|
import { createPortal } from "react-dom";
|
||||||
|
import { useQuery } from "@tanstack/react-query";
|
||||||
|
import { warehouseItemListOptions } from "../../lib/queries/warehouse";
|
||||||
|
|
||||||
|
interface ItemPickerProps {
|
||||||
|
value: number | null;
|
||||||
|
onChange: (itemId: number) => void;
|
||||||
|
itemName?: string;
|
||||||
|
}
|
||||||
|
|
||||||
|
export default function ItemPicker({
|
||||||
|
value,
|
||||||
|
onChange,
|
||||||
|
itemName,
|
||||||
|
}: ItemPickerProps) {
|
||||||
|
const [search, setSearch] = useState(itemName ?? "");
|
||||||
|
const [open, setOpen] = useState(false);
|
||||||
|
const { data } = useQuery(warehouseItemListOptions({ search, perPage: 20 }));
|
||||||
|
const items = data?.data ?? [];
|
||||||
|
|
||||||
|
const containerRef = useRef<HTMLDivElement>(null);
|
||||||
|
const activeIndexRef = useRef<number>(-1);
|
||||||
|
const listboxId = useId();
|
||||||
|
const [activeIndex, setActiveIndex] = useState<number>(-1);
|
||||||
|
|
||||||
|
const [dropdownStyle, setDropdownStyle] = useState<{
|
||||||
|
position: "fixed";
|
||||||
|
top: number;
|
||||||
|
left: number;
|
||||||
|
width: number;
|
||||||
|
zIndex: number;
|
||||||
|
} | null>(null);
|
||||||
|
|
||||||
|
const updatePosition = useCallback(() => {
|
||||||
|
if (!containerRef.current) return;
|
||||||
|
const rect = containerRef.current.getBoundingClientRect();
|
||||||
|
setDropdownStyle({
|
||||||
|
position: "fixed",
|
||||||
|
top: rect.bottom + 2,
|
||||||
|
left: rect.left,
|
||||||
|
width: rect.width,
|
||||||
|
zIndex: 100,
|
||||||
|
});
|
||||||
|
}, []);
|
||||||
|
|
||||||
|
// Reset active index when items change
|
||||||
|
useEffect(() => {
|
||||||
|
if (activeIndex >= items.length) {
|
||||||
|
activeIndexRef.current = -1;
|
||||||
|
setActiveIndex(-1);
|
||||||
|
}
|
||||||
|
}, [items, activeIndex]);
|
||||||
|
|
||||||
|
useEffect(() => {
|
||||||
|
if (open) {
|
||||||
|
updatePosition();
|
||||||
|
const onScroll = () => updatePosition();
|
||||||
|
const onClose = () => setOpen(false);
|
||||||
|
window.addEventListener("scroll", onScroll, true);
|
||||||
|
window.addEventListener("resize", onClose);
|
||||||
|
return () => {
|
||||||
|
window.removeEventListener("scroll", onScroll, true);
|
||||||
|
window.removeEventListener("resize", onClose);
|
||||||
|
};
|
||||||
|
} else {
|
||||||
|
setDropdownStyle(null);
|
||||||
|
activeIndexRef.current = -1;
|
||||||
|
setActiveIndex(-1);
|
||||||
|
}
|
||||||
|
}, [open, updatePosition]);
|
||||||
|
|
||||||
|
// Close on click-outside via mousedown on document
|
||||||
|
useEffect(() => {
|
||||||
|
if (!open) return;
|
||||||
|
const onDocMouseDown = (e: MouseEvent) => {
|
||||||
|
const target = e.target;
|
||||||
|
if (containerRef.current && target instanceof Node) {
|
||||||
|
if (!containerRef.current.contains(target)) {
|
||||||
|
// Don't close if click landed on an option in the portal
|
||||||
|
const listEl = document.getElementById(listboxId);
|
||||||
|
if (listEl && listEl.contains(target)) return;
|
||||||
|
setOpen(false);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
};
|
||||||
|
document.addEventListener("mousedown", onDocMouseDown);
|
||||||
|
return () => document.removeEventListener("mousedown", onDocMouseDown);
|
||||||
|
}, [open, listboxId]);
|
||||||
|
|
||||||
|
const handleSelect = (itemId: number, name: string) => {
|
||||||
|
onChange(itemId);
|
||||||
|
setOpen(false);
|
||||||
|
setSearch(name);
|
||||||
|
};
|
||||||
|
|
||||||
|
const setActive = (index: number) => {
|
||||||
|
activeIndexRef.current = index;
|
||||||
|
setActiveIndex(index);
|
||||||
|
};
|
||||||
|
|
||||||
|
const handleKeyDown = (e: React.KeyboardEvent<HTMLInputElement>) => {
|
||||||
|
if (e.key === "ArrowDown") {
|
||||||
|
e.preventDefault();
|
||||||
|
if (!open) {
|
||||||
|
setOpen(true);
|
||||||
|
if (items.length > 0) setActive(0);
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
const next =
|
||||||
|
activeIndexRef.current < items.length - 1
|
||||||
|
? activeIndexRef.current + 1
|
||||||
|
: 0;
|
||||||
|
setActive(next);
|
||||||
|
} else if (e.key === "ArrowUp") {
|
||||||
|
e.preventDefault();
|
||||||
|
if (!open) {
|
||||||
|
setOpen(true);
|
||||||
|
if (items.length > 0) setActive(items.length - 1);
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
const prev =
|
||||||
|
activeIndexRef.current > 0
|
||||||
|
? activeIndexRef.current - 1
|
||||||
|
: items.length - 1;
|
||||||
|
setActive(prev);
|
||||||
|
} else if (e.key === "Enter") {
|
||||||
|
if (
|
||||||
|
open &&
|
||||||
|
activeIndexRef.current >= 0 &&
|
||||||
|
activeIndexRef.current < items.length
|
||||||
|
) {
|
||||||
|
e.preventDefault();
|
||||||
|
const item = items[activeIndexRef.current];
|
||||||
|
handleSelect(item.id, item.name);
|
||||||
|
}
|
||||||
|
} else if (e.key === "Escape") {
|
||||||
|
if (open) {
|
||||||
|
e.preventDefault();
|
||||||
|
setOpen(false);
|
||||||
|
}
|
||||||
|
} else if (e.key === "Home") {
|
||||||
|
if (open && items.length > 0) {
|
||||||
|
e.preventDefault();
|
||||||
|
setActive(0);
|
||||||
|
}
|
||||||
|
} else if (e.key === "End") {
|
||||||
|
if (open && items.length > 0) {
|
||||||
|
e.preventDefault();
|
||||||
|
setActive(items.length - 1);
|
||||||
|
}
|
||||||
|
} else if (e.key === "Tab") {
|
||||||
|
setOpen(false);
|
||||||
|
}
|
||||||
|
};
|
||||||
|
|
||||||
|
const activeId =
|
||||||
|
activeIndex >= 0 ? `${listboxId}-option-${activeIndex}` : undefined;
|
||||||
|
|
||||||
|
return (
|
||||||
|
<div
|
||||||
|
ref={containerRef}
|
||||||
|
style={{ position: "relative" }}
|
||||||
|
role="combobox"
|
||||||
|
aria-haspopup="listbox"
|
||||||
|
aria-expanded={open}
|
||||||
|
aria-owns={listboxId}
|
||||||
|
>
|
||||||
|
<input
|
||||||
|
type="text"
|
||||||
|
className="admin-form-input"
|
||||||
|
placeholder="Hledat položku..."
|
||||||
|
value={search}
|
||||||
|
role="searchbox"
|
||||||
|
aria-autocomplete="list"
|
||||||
|
aria-controls={listboxId}
|
||||||
|
aria-activedescendant={activeId}
|
||||||
|
onChange={(e) => {
|
||||||
|
setSearch(e.target.value);
|
||||||
|
setOpen(true);
|
||||||
|
}}
|
||||||
|
onFocus={() => {
|
||||||
|
setOpen(true);
|
||||||
|
updatePosition();
|
||||||
|
}}
|
||||||
|
onKeyDown={handleKeyDown}
|
||||||
|
/>
|
||||||
|
{open &&
|
||||||
|
items.length > 0 &&
|
||||||
|
dropdownStyle &&
|
||||||
|
createPortal(
|
||||||
|
<ul
|
||||||
|
id={listboxId}
|
||||||
|
role="listbox"
|
||||||
|
className="admin-item-picker-list"
|
||||||
|
style={dropdownStyle}
|
||||||
|
>
|
||||||
|
{items.map((item, index) => (
|
||||||
|
<li
|
||||||
|
key={item.id}
|
||||||
|
id={`${listboxId}-option-${index}`}
|
||||||
|
role="option"
|
||||||
|
aria-selected={value === item.id}
|
||||||
|
className={`admin-item-picker-item ${activeIndex === index ? "active" : ""}`}
|
||||||
|
onMouseDown={(e) => {
|
||||||
|
e.preventDefault();
|
||||||
|
handleSelect(item.id, item.name);
|
||||||
|
}}
|
||||||
|
>
|
||||||
|
<span className="admin-item-picker-name">{item.name}</span>
|
||||||
|
{item.item_number && (
|
||||||
|
<span className="admin-item-picker-number">
|
||||||
|
{item.item_number}
|
||||||
|
</span>
|
||||||
|
)}
|
||||||
|
{item.available_quantity !== undefined && (
|
||||||
|
<span className="admin-item-picker-qty">
|
||||||
|
{item.available_quantity} {item.unit}
|
||||||
|
</span>
|
||||||
|
)}
|
||||||
|
</li>
|
||||||
|
))}
|
||||||
|
</ul>,
|
||||||
|
document.body,
|
||||||
|
)}
|
||||||
|
</div>
|
||||||
|
);
|
||||||
|
}
|
||||||
31
src/admin/components/warehouse/LocationSelect.tsx
Normal file
31
src/admin/components/warehouse/LocationSelect.tsx
Normal file
@@ -0,0 +1,31 @@
|
|||||||
|
import { useQuery } from "@tanstack/react-query";
|
||||||
|
import {
|
||||||
|
warehouseLocationListOptions,
|
||||||
|
type WarehouseLocation,
|
||||||
|
} from "../../lib/queries/warehouse";
|
||||||
|
|
||||||
|
interface LocationSelectProps {
|
||||||
|
value: number | null;
|
||||||
|
onChange: (locationId: number | null) => void;
|
||||||
|
}
|
||||||
|
|
||||||
|
export default function LocationSelect({
|
||||||
|
value,
|
||||||
|
onChange,
|
||||||
|
}: LocationSelectProps) {
|
||||||
|
const { data: locations } = useQuery(warehouseLocationListOptions());
|
||||||
|
return (
|
||||||
|
<select
|
||||||
|
className="admin-form-select"
|
||||||
|
value={value ?? ""}
|
||||||
|
onChange={(e) => onChange(e.target.value ? Number(e.target.value) : null)}
|
||||||
|
>
|
||||||
|
<option value="">-- bez lokace --</option>
|
||||||
|
{locations?.map((loc: WarehouseLocation) => (
|
||||||
|
<option key={loc.id} value={loc.id}>
|
||||||
|
{loc.code} - {loc.name}
|
||||||
|
</option>
|
||||||
|
))}
|
||||||
|
</select>
|
||||||
|
);
|
||||||
|
}
|
||||||
54
src/admin/components/warehouse/ReservationPicker.tsx
Normal file
54
src/admin/components/warehouse/ReservationPicker.tsx
Normal file
@@ -0,0 +1,54 @@
|
|||||||
|
import { useQuery } from "@tanstack/react-query";
|
||||||
|
import { warehouseReservationListOptions } from "../../lib/queries/warehouse";
|
||||||
|
|
||||||
|
interface ReservationPickerProps {
|
||||||
|
itemId: number | null;
|
||||||
|
projectId: number | null;
|
||||||
|
value: number | null;
|
||||||
|
onChange: (reservationId: number | null, remainingQty: number) => void;
|
||||||
|
}
|
||||||
|
|
||||||
|
export default function ReservationPicker({
|
||||||
|
itemId,
|
||||||
|
projectId,
|
||||||
|
value,
|
||||||
|
onChange,
|
||||||
|
}: ReservationPickerProps) {
|
||||||
|
const { data: result } = useQuery(
|
||||||
|
warehouseReservationListOptions({
|
||||||
|
item_id: itemId ?? undefined,
|
||||||
|
project_id: projectId ?? undefined,
|
||||||
|
status: "ACTIVE",
|
||||||
|
perPage: 100,
|
||||||
|
}),
|
||||||
|
);
|
||||||
|
|
||||||
|
const reservations = result?.data ?? [];
|
||||||
|
|
||||||
|
return (
|
||||||
|
<select
|
||||||
|
className="admin-form-select"
|
||||||
|
value={value ?? ""}
|
||||||
|
onChange={(e) => {
|
||||||
|
const val = e.target.value;
|
||||||
|
if (!val) {
|
||||||
|
onChange(null, 0);
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
const reservationId = Number(val);
|
||||||
|
const reservation = reservations.find((r) => r.id === reservationId);
|
||||||
|
if (reservation) {
|
||||||
|
onChange(reservationId, Number(reservation.remaining_qty));
|
||||||
|
}
|
||||||
|
}}
|
||||||
|
>
|
||||||
|
<option value="">— žádná rezervace —</option>
|
||||||
|
{reservations.map((r) => (
|
||||||
|
<option key={r.id} value={r.id}>
|
||||||
|
R{r.id} — {r.project?.name ?? `Projekt #${r.project_id}`} — zbývá:{" "}
|
||||||
|
{Number(r.remaining_qty)} {r.item?.unit ?? "ks"}
|
||||||
|
</option>
|
||||||
|
))}
|
||||||
|
</select>
|
||||||
|
);
|
||||||
|
}
|
||||||
33
src/admin/components/warehouse/SupplierSelect.tsx
Normal file
33
src/admin/components/warehouse/SupplierSelect.tsx
Normal file
@@ -0,0 +1,33 @@
|
|||||||
|
import { useQuery } from "@tanstack/react-query";
|
||||||
|
import {
|
||||||
|
warehouseSupplierListOptions,
|
||||||
|
type WarehouseSupplier,
|
||||||
|
} from "../../lib/queries/warehouse";
|
||||||
|
|
||||||
|
interface SupplierSelectProps {
|
||||||
|
value: number | null;
|
||||||
|
onChange: (supplierId: number | null) => void;
|
||||||
|
}
|
||||||
|
|
||||||
|
export default function SupplierSelect({
|
||||||
|
value,
|
||||||
|
onChange,
|
||||||
|
}: SupplierSelectProps) {
|
||||||
|
const { data } = useQuery(warehouseSupplierListOptions({ perPage: 100 }));
|
||||||
|
const suppliers = data?.data ?? [];
|
||||||
|
return (
|
||||||
|
<select
|
||||||
|
className="admin-form-select"
|
||||||
|
value={value ?? ""}
|
||||||
|
onChange={(e) => onChange(e.target.value ? Number(e.target.value) : null)}
|
||||||
|
>
|
||||||
|
<option value="">-- bez dodavatele --</option>
|
||||||
|
{suppliers.map((s: WarehouseSupplier) => (
|
||||||
|
<option key={s.id} value={s.id}>
|
||||||
|
{s.name}
|
||||||
|
{s.ico ? ` (${s.ico})` : ""}
|
||||||
|
</option>
|
||||||
|
))}
|
||||||
|
</select>
|
||||||
|
);
|
||||||
|
}
|
||||||
249
src/admin/components/warehouse/WarehouseMovementTable.tsx
Normal file
249
src/admin/components/warehouse/WarehouseMovementTable.tsx
Normal file
@@ -0,0 +1,249 @@
|
|||||||
|
import { ReactNode, useId, useRef } from "react";
|
||||||
|
import ItemPicker from "./ItemPicker";
|
||||||
|
import LocationSelect from "./LocationSelect";
|
||||||
|
import BatchPicker from "./BatchPicker";
|
||||||
|
|
||||||
|
export interface MovementItem {
|
||||||
|
key: string;
|
||||||
|
item_id: number | null;
|
||||||
|
item_name?: string;
|
||||||
|
quantity: number;
|
||||||
|
unit_price: number;
|
||||||
|
location_id: number | null;
|
||||||
|
batch_id: number | null;
|
||||||
|
reservation_id: number | null;
|
||||||
|
notes: string | null;
|
||||||
|
}
|
||||||
|
|
||||||
|
export type MovementRowRenderer<T> = (
|
||||||
|
item: T,
|
||||||
|
index: number,
|
||||||
|
updateItem: (field: string, value: unknown) => void,
|
||||||
|
removeItem: () => void,
|
||||||
|
) => ReactNode;
|
||||||
|
|
||||||
|
interface WarehouseMovementTableProps<T extends { key: string }> {
|
||||||
|
items: T[];
|
||||||
|
onChange: (items: T[]) => void;
|
||||||
|
mode: "receipt" | "issue" | "inventory";
|
||||||
|
defaultItem?: () => Omit<T, "key">;
|
||||||
|
renderRow?: MovementRowRenderer<T>;
|
||||||
|
renderHeader?: () => ReactNode;
|
||||||
|
}
|
||||||
|
|
||||||
|
function parseDecimal(raw: string): number {
|
||||||
|
// Strip leading minus if you want negative support; here we want only positive
|
||||||
|
const cleaned = raw.replace(/[eE+\-]/g, "");
|
||||||
|
const n = Number(cleaned);
|
||||||
|
return Number.isFinite(n) ? n : 0;
|
||||||
|
}
|
||||||
|
|
||||||
|
const builtInDefaultMovementItem = (): Omit<MovementItem, "key"> => ({
|
||||||
|
item_id: null,
|
||||||
|
quantity: 0,
|
||||||
|
unit_price: 0,
|
||||||
|
location_id: null,
|
||||||
|
batch_id: null,
|
||||||
|
reservation_id: null,
|
||||||
|
notes: null,
|
||||||
|
});
|
||||||
|
|
||||||
|
export default function WarehouseMovementTable<T extends { key: string }>({
|
||||||
|
items,
|
||||||
|
onChange,
|
||||||
|
mode,
|
||||||
|
defaultItem,
|
||||||
|
renderRow,
|
||||||
|
renderHeader,
|
||||||
|
}: WarehouseMovementTableProps<T>) {
|
||||||
|
const baseId = useId();
|
||||||
|
const counterRef = useRef(0);
|
||||||
|
const nextKey = () => `${baseId}-item-${counterRef.current++}`;
|
||||||
|
|
||||||
|
const addItem = () => {
|
||||||
|
const factory =
|
||||||
|
defaultItem ??
|
||||||
|
(builtInDefaultMovementItem as unknown as () => Omit<T, "key">);
|
||||||
|
onChange([...items, { ...(factory() as object), key: nextKey() } as T]);
|
||||||
|
};
|
||||||
|
const removeItem = (index: number) => {
|
||||||
|
onChange(items.filter((_, i) => i !== index));
|
||||||
|
};
|
||||||
|
const updateItem = (index: number, field: string, value: unknown) => {
|
||||||
|
const updated = [...items];
|
||||||
|
updated[index] = { ...updated[index], [field]: value };
|
||||||
|
onChange(updated);
|
||||||
|
};
|
||||||
|
|
||||||
|
// If a custom row renderer is supplied, the caller is fully in charge of
|
||||||
|
// the row layout (and typically the column headers too — see inventory mode).
|
||||||
|
if (renderRow) {
|
||||||
|
return (
|
||||||
|
<div>
|
||||||
|
<div className="admin-warehouse-movement-table">
|
||||||
|
<table className="admin-table">
|
||||||
|
{renderHeader && (
|
||||||
|
<thead>
|
||||||
|
<tr>{renderHeader()}</tr>
|
||||||
|
</thead>
|
||||||
|
)}
|
||||||
|
<tbody>
|
||||||
|
{items.map((item, index) => (
|
||||||
|
<tr key={item.key}>
|
||||||
|
{renderRow(
|
||||||
|
item,
|
||||||
|
index,
|
||||||
|
(field, value) => updateItem(index, field, value),
|
||||||
|
() => removeItem(index),
|
||||||
|
)}
|
||||||
|
</tr>
|
||||||
|
))}
|
||||||
|
</tbody>
|
||||||
|
</table>
|
||||||
|
</div>
|
||||||
|
<button
|
||||||
|
type="button"
|
||||||
|
className="admin-btn admin-btn-secondary"
|
||||||
|
onClick={addItem}
|
||||||
|
>
|
||||||
|
+ Přidat řádek
|
||||||
|
</button>
|
||||||
|
</div>
|
||||||
|
);
|
||||||
|
}
|
||||||
|
|
||||||
|
// Default rendering: only valid for "receipt" | "issue" — narrow at runtime.
|
||||||
|
const movementItems = items as unknown as MovementItem[];
|
||||||
|
|
||||||
|
return (
|
||||||
|
<div>
|
||||||
|
<div className="admin-warehouse-movement-table">
|
||||||
|
<table className="admin-table">
|
||||||
|
<thead>
|
||||||
|
<tr>
|
||||||
|
<th className="admin-warehouse-col-item">Položka</th>
|
||||||
|
{mode === "issue" && (
|
||||||
|
<th className="admin-warehouse-col-batch">Šarže</th>
|
||||||
|
)}
|
||||||
|
<th className="admin-warehouse-col-qty">Množství</th>
|
||||||
|
<th className="admin-warehouse-col-price">Cena/ks</th>
|
||||||
|
<th className="admin-warehouse-col-location">Lokace</th>
|
||||||
|
<th className="admin-warehouse-col-notes">Poznámka</th>
|
||||||
|
<th>Akce</th>
|
||||||
|
</tr>
|
||||||
|
</thead>
|
||||||
|
<tbody>
|
||||||
|
{movementItems.map((item, index) => (
|
||||||
|
<tr key={item.key}>
|
||||||
|
<td className="admin-warehouse-col-item">
|
||||||
|
<ItemPicker
|
||||||
|
value={item.item_id}
|
||||||
|
itemName={item.item_name}
|
||||||
|
onChange={(id) => updateItem(index, "item_id", id)}
|
||||||
|
/>
|
||||||
|
</td>
|
||||||
|
{mode === "issue" && (
|
||||||
|
<td className="admin-warehouse-col-batch">
|
||||||
|
<BatchPicker
|
||||||
|
itemId={item.item_id}
|
||||||
|
value={item.batch_id}
|
||||||
|
onChange={(batchId, unitPrice) => {
|
||||||
|
updateItem(index, "batch_id", batchId);
|
||||||
|
updateItem(index, "unit_price", unitPrice);
|
||||||
|
}}
|
||||||
|
/>
|
||||||
|
</td>
|
||||||
|
)}
|
||||||
|
<td className="admin-warehouse-col-qty">
|
||||||
|
<input
|
||||||
|
type="number"
|
||||||
|
className="admin-form-input"
|
||||||
|
value={item.quantity || ""}
|
||||||
|
onChange={(e) =>
|
||||||
|
updateItem(
|
||||||
|
index,
|
||||||
|
"quantity",
|
||||||
|
parseDecimal(e.target.value),
|
||||||
|
)
|
||||||
|
}
|
||||||
|
min="0"
|
||||||
|
step="0.001"
|
||||||
|
inputMode="decimal"
|
||||||
|
pattern="[0-9]+([\.,][0-9]+)?"
|
||||||
|
aria-label={`Množství, řádek ${index + 1}`}
|
||||||
|
/>
|
||||||
|
</td>
|
||||||
|
<td className="admin-warehouse-col-price">
|
||||||
|
<input
|
||||||
|
type="number"
|
||||||
|
className="admin-form-input"
|
||||||
|
value={item.unit_price || ""}
|
||||||
|
onChange={(e) =>
|
||||||
|
updateItem(
|
||||||
|
index,
|
||||||
|
"unit_price",
|
||||||
|
parseDecimal(e.target.value),
|
||||||
|
)
|
||||||
|
}
|
||||||
|
min="0"
|
||||||
|
step="0.01"
|
||||||
|
disabled={mode === "issue"}
|
||||||
|
inputMode="decimal"
|
||||||
|
pattern="[0-9]+([\.,][0-9]+)?"
|
||||||
|
aria-label={`Cena za kus, řádek ${index + 1}`}
|
||||||
|
/>
|
||||||
|
</td>
|
||||||
|
<td className="admin-warehouse-col-location">
|
||||||
|
<LocationSelect
|
||||||
|
value={item.location_id}
|
||||||
|
onChange={(id) => updateItem(index, "location_id", id)}
|
||||||
|
/>
|
||||||
|
</td>
|
||||||
|
<td className="admin-warehouse-col-notes">
|
||||||
|
<input
|
||||||
|
type="text"
|
||||||
|
className="admin-form-input"
|
||||||
|
value={item.notes ?? ""}
|
||||||
|
onChange={(e) => updateItem(index, "notes", e.target.value)}
|
||||||
|
/>
|
||||||
|
</td>
|
||||||
|
<td>
|
||||||
|
<div className="admin-table-actions">
|
||||||
|
<button
|
||||||
|
type="button"
|
||||||
|
className="admin-btn-icon danger"
|
||||||
|
onClick={() => removeItem(index)}
|
||||||
|
title="Odebrat řádek"
|
||||||
|
aria-label="Odebrat řádek"
|
||||||
|
>
|
||||||
|
<svg
|
||||||
|
width="16"
|
||||||
|
height="16"
|
||||||
|
viewBox="0 0 24 24"
|
||||||
|
fill="none"
|
||||||
|
stroke="currentColor"
|
||||||
|
strokeWidth="2"
|
||||||
|
strokeLinecap="round"
|
||||||
|
strokeLinejoin="round"
|
||||||
|
>
|
||||||
|
<line x1="18" y1="6" x2="6" y2="18" />
|
||||||
|
<line x1="6" y1="6" x2="18" y2="18" />
|
||||||
|
</svg>
|
||||||
|
</button>
|
||||||
|
</div>
|
||||||
|
</td>
|
||||||
|
</tr>
|
||||||
|
))}
|
||||||
|
</tbody>
|
||||||
|
</table>
|
||||||
|
</div>
|
||||||
|
<button
|
||||||
|
type="button"
|
||||||
|
className="admin-btn admin-btn-secondary"
|
||||||
|
onClick={addItem}
|
||||||
|
>
|
||||||
|
+ Přidat řádek
|
||||||
|
</button>
|
||||||
|
</div>
|
||||||
|
);
|
||||||
|
}
|
||||||
@@ -5,6 +5,7 @@ import {
|
|||||||
useCallback,
|
useCallback,
|
||||||
useMemo,
|
useMemo,
|
||||||
useRef,
|
useRef,
|
||||||
|
useEffect,
|
||||||
type ReactNode,
|
type ReactNode,
|
||||||
} from "react";
|
} from "react";
|
||||||
|
|
||||||
@@ -39,6 +40,15 @@ export function AlertProvider({ children }: { children: ReactNode }) {
|
|||||||
}, []);
|
}, []);
|
||||||
|
|
||||||
const counterRef = useRef(0);
|
const counterRef = useRef(0);
|
||||||
|
const timeoutsRef = useRef<Set<ReturnType<typeof setTimeout>>>(new Set());
|
||||||
|
|
||||||
|
useEffect(() => {
|
||||||
|
return () => {
|
||||||
|
timeoutsRef.current.forEach(clearTimeout);
|
||||||
|
timeoutsRef.current.clear();
|
||||||
|
};
|
||||||
|
}, []);
|
||||||
|
|
||||||
const addAlert = useCallback(
|
const addAlert = useCallback(
|
||||||
(message: string, type = "success", duration = 4000) => {
|
(message: string, type = "success", duration = 4000) => {
|
||||||
const id = `${Date.now()}-${counterRef.current++}`;
|
const id = `${Date.now()}-${counterRef.current++}`;
|
||||||
@@ -47,7 +57,11 @@ export function AlertProvider({ children }: { children: ReactNode }) {
|
|||||||
{ id, message, type: type as Alert["type"] },
|
{ id, message, type: type as Alert["type"] },
|
||||||
]);
|
]);
|
||||||
if (duration > 0) {
|
if (duration > 0) {
|
||||||
setTimeout(() => removeAlert(id), duration);
|
const timeoutId = setTimeout(() => {
|
||||||
|
timeoutsRef.current.delete(timeoutId);
|
||||||
|
removeAlert(id);
|
||||||
|
}, duration);
|
||||||
|
timeoutsRef.current.add(timeoutId);
|
||||||
}
|
}
|
||||||
return id;
|
return id;
|
||||||
},
|
},
|
||||||
|
|||||||
@@ -84,32 +84,32 @@ function mapUser(u: Record<string, unknown> | null): User | null {
|
|||||||
} as User;
|
} as User;
|
||||||
}
|
}
|
||||||
|
|
||||||
let accessToken: string | null = null;
|
|
||||||
let tokenExpiresAt: number | null = null;
|
|
||||||
let cachedUser: User | null = null;
|
|
||||||
let sessionFetched = false;
|
|
||||||
let silentRefreshInFlight: Promise<boolean> | null = null;
|
|
||||||
|
|
||||||
export function AuthProvider({ children }: { children: ReactNode }) {
|
export function AuthProvider({ children }: { children: ReactNode }) {
|
||||||
const [user, setUser] = useState<User | null>(cachedUser);
|
const accessTokenRef = useRef<string | null>(null);
|
||||||
const [loading, setLoading] = useState(!sessionFetched);
|
const tokenExpiresAtRef = useRef<number | null>(null);
|
||||||
|
const cachedUserRef = useRef<User | null>(null);
|
||||||
|
const sessionFetchedRef = useRef(false);
|
||||||
|
const silentRefreshInFlightRef = useRef<Promise<boolean> | null>(null);
|
||||||
|
const hadValidSessionRef = useRef(false);
|
||||||
|
const [user, setUser] = useState<User | null>(cachedUserRef.current);
|
||||||
|
const [loading, setLoading] = useState(!sessionFetchedRef.current);
|
||||||
const [error, setError] = useState<string | null>(null);
|
const [error, setError] = useState<string | null>(null);
|
||||||
const refreshTimeoutRef = useRef<ReturnType<typeof setTimeout> | null>(null);
|
const refreshTimeoutRef = useRef<ReturnType<typeof setTimeout> | null>(null);
|
||||||
|
|
||||||
useEffect(() => {
|
|
||||||
cachedUser = user;
|
|
||||||
}, [user]);
|
|
||||||
|
|
||||||
const getAccessTokenFn = useCallback((): string | null => {
|
const getAccessTokenFn = useCallback((): string | null => {
|
||||||
if (!tokenExpiresAt || Date.now() > tokenExpiresAt - 30000) return null;
|
if (
|
||||||
return accessToken;
|
!tokenExpiresAtRef.current ||
|
||||||
|
Date.now() > tokenExpiresAtRef.current - 30000
|
||||||
|
)
|
||||||
|
return null;
|
||||||
|
return accessTokenRef.current;
|
||||||
}, []);
|
}, []);
|
||||||
|
|
||||||
const setAccessTokenFn = useCallback(
|
const setAccessTokenFn = useCallback(
|
||||||
(token: string | null, expiresIn?: number) => {
|
(token: string | null, expiresIn?: number) => {
|
||||||
const ttl = expiresIn ?? 900; // default 15 min matching backend config
|
const ttl = expiresIn ?? 900; // default 15 min matching backend config
|
||||||
accessToken = token;
|
accessTokenRef.current = token;
|
||||||
tokenExpiresAt = token ? Date.now() + ttl * 1000 : null;
|
tokenExpiresAtRef.current = token ? Date.now() + ttl * 1000 : null;
|
||||||
if (refreshTimeoutRef.current) {
|
if (refreshTimeoutRef.current) {
|
||||||
clearTimeout(refreshTimeoutRef.current);
|
clearTimeout(refreshTimeoutRef.current);
|
||||||
refreshTimeoutRef.current = null;
|
refreshTimeoutRef.current = null;
|
||||||
@@ -126,7 +126,8 @@ export function AuthProvider({ children }: { children: ReactNode }) {
|
|||||||
|
|
||||||
const silentRefresh = useCallback(async (): Promise<boolean> => {
|
const silentRefresh = useCallback(async (): Promise<boolean> => {
|
||||||
// Deduplicate concurrent refresh calls — token rotation means only one call can succeed
|
// Deduplicate concurrent refresh calls — token rotation means only one call can succeed
|
||||||
if (silentRefreshInFlight) return silentRefreshInFlight;
|
if (silentRefreshInFlightRef.current)
|
||||||
|
return silentRefreshInFlightRef.current;
|
||||||
|
|
||||||
const promise = (async (): Promise<boolean> => {
|
const promise = (async (): Promise<boolean> => {
|
||||||
try {
|
try {
|
||||||
@@ -138,23 +139,24 @@ export function AuthProvider({ children }: { children: ReactNode }) {
|
|||||||
if (data.success && data.data?.access_token) {
|
if (data.success && data.data?.access_token) {
|
||||||
setAccessTokenFn(data.data.access_token, data.data.expires_in);
|
setAccessTokenFn(data.data.access_token, data.data.expires_in);
|
||||||
setUser(mapUser(data.data.user));
|
setUser(mapUser(data.data.user));
|
||||||
|
hadValidSessionRef.current = true;
|
||||||
return true;
|
return true;
|
||||||
}
|
}
|
||||||
accessToken = null;
|
accessTokenRef.current = null;
|
||||||
tokenExpiresAt = null;
|
tokenExpiresAtRef.current = null;
|
||||||
setUser(null);
|
setUser(null);
|
||||||
cachedUser = null;
|
cachedUserRef.current = null;
|
||||||
setSessionExpired();
|
if (hadValidSessionRef.current) setSessionExpired();
|
||||||
return false;
|
return false;
|
||||||
} catch {
|
} catch {
|
||||||
// Network error — don't kick the user out, just return false
|
// Network error — don't kick the user out, just return false
|
||||||
return false;
|
return false;
|
||||||
} finally {
|
} finally {
|
||||||
silentRefreshInFlight = null;
|
silentRefreshInFlightRef.current = null;
|
||||||
}
|
}
|
||||||
})();
|
})();
|
||||||
|
|
||||||
silentRefreshInFlight = promise;
|
silentRefreshInFlightRef.current = promise;
|
||||||
return promise;
|
return promise;
|
||||||
}, [setAccessTokenFn]);
|
}, [setAccessTokenFn]);
|
||||||
|
|
||||||
@@ -172,12 +174,13 @@ export function AuthProvider({ children }: { children: ReactNode }) {
|
|||||||
headers,
|
headers,
|
||||||
});
|
});
|
||||||
if (response.status === 429 || response.status >= 500)
|
if (response.status === 429 || response.status >= 500)
|
||||||
return !!cachedUser;
|
return !!cachedUserRef.current;
|
||||||
const data = await response.json();
|
const data = await response.json();
|
||||||
if (data.success && data.data?.user) {
|
if (data.success && data.data?.user) {
|
||||||
if (data.data.access_token) setAccessTokenFn(data.data.access_token);
|
if (data.data.access_token) setAccessTokenFn(data.data.access_token);
|
||||||
setUser(mapUser(data.data.user));
|
setUser(mapUser(data.data.user));
|
||||||
cachedUser = mapUser(data.data.user);
|
cachedUserRef.current = mapUser(data.data.user);
|
||||||
|
hadValidSessionRef.current = true;
|
||||||
return true;
|
return true;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
@@ -185,15 +188,15 @@ export function AuthProvider({ children }: { children: ReactNode }) {
|
|||||||
const refreshed = await silentRefresh();
|
const refreshed = await silentRefresh();
|
||||||
if (refreshed) return true;
|
if (refreshed) return true;
|
||||||
setUser(null);
|
setUser(null);
|
||||||
cachedUser = null;
|
cachedUserRef.current = null;
|
||||||
accessToken = null;
|
accessTokenRef.current = null;
|
||||||
tokenExpiresAt = null;
|
tokenExpiresAtRef.current = null;
|
||||||
return false;
|
return false;
|
||||||
} catch {
|
} catch {
|
||||||
return !!cachedUser;
|
return !!cachedUserRef.current;
|
||||||
} finally {
|
} finally {
|
||||||
setLoading(false);
|
setLoading(false);
|
||||||
sessionFetched = true;
|
sessionFetchedRef.current = true;
|
||||||
}
|
}
|
||||||
}, [getAccessTokenFn, setAccessTokenFn, silentRefresh]);
|
}, [getAccessTokenFn, setAccessTokenFn, silentRefresh]);
|
||||||
|
|
||||||
@@ -231,8 +234,9 @@ export function AuthProvider({ children }: { children: ReactNode }) {
|
|||||||
}
|
}
|
||||||
setAccessTokenFn(data.data.access_token, data.data.expires_in);
|
setAccessTokenFn(data.data.access_token, data.data.expires_in);
|
||||||
setUser(mapUser(data.data.user));
|
setUser(mapUser(data.data.user));
|
||||||
cachedUser = mapUser(data.data.user);
|
cachedUserRef.current = mapUser(data.data.user);
|
||||||
sessionFetched = true;
|
sessionFetchedRef.current = true;
|
||||||
|
hadValidSessionRef.current = true;
|
||||||
return { success: true };
|
return { success: true };
|
||||||
}
|
}
|
||||||
setError(data.error);
|
setError(data.error);
|
||||||
@@ -264,14 +268,16 @@ export function AuthProvider({ children }: { children: ReactNode }) {
|
|||||||
login_token: loginToken,
|
login_token: loginToken,
|
||||||
totp_code: code,
|
totp_code: code,
|
||||||
remember_me: remember,
|
remember_me: remember,
|
||||||
|
isBackup,
|
||||||
}),
|
}),
|
||||||
});
|
});
|
||||||
const data = await response.json();
|
const data = await response.json();
|
||||||
if (data.success) {
|
if (data.success) {
|
||||||
setAccessTokenFn(data.data.access_token, data.data.expires_in);
|
setAccessTokenFn(data.data.access_token, data.data.expires_in);
|
||||||
setUser(mapUser(data.data.user));
|
setUser(mapUser(data.data.user));
|
||||||
cachedUser = mapUser(data.data.user);
|
cachedUserRef.current = mapUser(data.data.user);
|
||||||
sessionFetched = true;
|
sessionFetchedRef.current = true;
|
||||||
|
hadValidSessionRef.current = true;
|
||||||
return { success: true };
|
return { success: true };
|
||||||
}
|
}
|
||||||
setError(data.error);
|
setError(data.error);
|
||||||
@@ -296,11 +302,12 @@ export function AuthProvider({ children }: { children: ReactNode }) {
|
|||||||
} catch {
|
} catch {
|
||||||
/* ignore */
|
/* ignore */
|
||||||
} finally {
|
} finally {
|
||||||
accessToken = null;
|
accessTokenRef.current = null;
|
||||||
tokenExpiresAt = null;
|
tokenExpiresAtRef.current = null;
|
||||||
setUser(null);
|
setUser(null);
|
||||||
cachedUser = null;
|
cachedUserRef.current = null;
|
||||||
sessionFetched = false;
|
sessionFetchedRef.current = false;
|
||||||
|
hadValidSessionRef.current = false;
|
||||||
if (refreshTimeoutRef.current) {
|
if (refreshTimeoutRef.current) {
|
||||||
clearTimeout(refreshTimeoutRef.current);
|
clearTimeout(refreshTimeoutRef.current);
|
||||||
refreshTimeoutRef.current = null;
|
refreshTimeoutRef.current = null;
|
||||||
|
|||||||
@@ -197,3 +197,15 @@
|
|||||||
.react-datepicker__close-icon::after {
|
.react-datepicker__close-icon::after {
|
||||||
background-color: var(--accent-color) !important;
|
background-color: var(--accent-color) !important;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/* Mobile safety net — keep the popper inside the viewport on small phones.
|
||||||
|
(Native date input is used on touch; this guards the rare desktop-style popper.) */
|
||||||
|
@media (max-width: 480px) {
|
||||||
|
.react-datepicker-popper {
|
||||||
|
max-width: calc(100vw - 24px);
|
||||||
|
}
|
||||||
|
|
||||||
|
.react-datepicker {
|
||||||
|
font-size: 0.8rem !important;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|||||||
@@ -169,3 +169,31 @@
|
|||||||
color: var(--text-tertiary);
|
color: var(--text-tertiary);
|
||||||
cursor: help;
|
cursor: help;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/* ============================================================================
|
||||||
|
File Manager — mobile
|
||||||
|
============================================================================ */
|
||||||
|
|
||||||
|
@media (max-width: 640px) {
|
||||||
|
/* Toolbar wraps so actions drop below the path instead of overflowing */
|
||||||
|
.fm-toolbar {
|
||||||
|
flex-wrap: wrap;
|
||||||
|
}
|
||||||
|
|
||||||
|
/* New-folder input goes full width (override the 250px desktop cap) */
|
||||||
|
.fm-new-folder .admin-form-input {
|
||||||
|
max-width: none;
|
||||||
|
width: 100%;
|
||||||
|
}
|
||||||
|
|
||||||
|
/* Breadcrumb scrolls horizontally instead of overflowing the container */
|
||||||
|
.fm-breadcrumb {
|
||||||
|
flex-wrap: nowrap;
|
||||||
|
overflow-x: auto;
|
||||||
|
-webkit-overflow-scrolling: touch;
|
||||||
|
}
|
||||||
|
|
||||||
|
.fm-breadcrumb-segment {
|
||||||
|
flex-shrink: 0;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|||||||
@@ -310,6 +310,8 @@
|
|||||||
}
|
}
|
||||||
|
|
||||||
@media (max-width: 480px) {
|
@media (max-width: 480px) {
|
||||||
|
.admin-form-row,
|
||||||
|
.admin-form-row-3,
|
||||||
.admin-form-row-4,
|
.admin-form-row-4,
|
||||||
.admin-form-row-5 {
|
.admin-form-row-5 {
|
||||||
grid-template-columns: 1fr;
|
grid-template-columns: 1fr;
|
||||||
@@ -486,3 +488,23 @@
|
|||||||
color: var(--text-tertiary);
|
color: var(--text-tertiary);
|
||||||
font-size: 0.8125rem;
|
font-size: 0.8125rem;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@media (max-width: 640px) {
|
||||||
|
.admin-customer-dropdown {
|
||||||
|
max-width: calc(100vw - 24px);
|
||||||
|
overflow-y: auto;
|
||||||
|
}
|
||||||
|
|
||||||
|
.admin-customer-dropdown-item {
|
||||||
|
display: flex;
|
||||||
|
flex-direction: column;
|
||||||
|
justify-content: center;
|
||||||
|
min-height: 44px;
|
||||||
|
}
|
||||||
|
|
||||||
|
.admin-customer-selected .admin-btn-icon {
|
||||||
|
min-width: 44px;
|
||||||
|
min-height: 44px;
|
||||||
|
margin-right: -10px;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|||||||
@@ -1,48 +0,0 @@
|
|||||||
import { useCallback, useRef } from "react";
|
|
||||||
import { useAlert } from "../context/AlertContext";
|
|
||||||
import apiFetch from "../utils/api";
|
|
||||||
|
|
||||||
interface ApiCallResult<T> {
|
|
||||||
data: T | null;
|
|
||||||
ok: boolean;
|
|
||||||
response: Response | null;
|
|
||||||
}
|
|
||||||
|
|
||||||
export default function useApiCall() {
|
|
||||||
const alert = useAlert();
|
|
||||||
const abortRef = useRef<AbortController | null>(null);
|
|
||||||
|
|
||||||
const call = useCallback(
|
|
||||||
async <T = unknown>(
|
|
||||||
url: string,
|
|
||||||
options: RequestInit = {},
|
|
||||||
errorMsg = "Chyba při načítání dat",
|
|
||||||
): Promise<ApiCallResult<T>> => {
|
|
||||||
if (abortRef.current) abortRef.current.abort();
|
|
||||||
const controller = new AbortController();
|
|
||||||
abortRef.current = controller;
|
|
||||||
|
|
||||||
try {
|
|
||||||
const response = await apiFetch(url, {
|
|
||||||
...options,
|
|
||||||
signal: controller.signal,
|
|
||||||
});
|
|
||||||
const data = await response.json();
|
|
||||||
if (!response.ok || !data.success) {
|
|
||||||
alert.error(data.error || errorMsg);
|
|
||||||
return { data: null, ok: false, response };
|
|
||||||
}
|
|
||||||
return { data: data.data as T, ok: true, response };
|
|
||||||
} catch (err: unknown) {
|
|
||||||
if (err instanceof Error && err.name === "AbortError") {
|
|
||||||
return { data: null, ok: false, response: null };
|
|
||||||
}
|
|
||||||
alert.error(errorMsg);
|
|
||||||
return { data: null, ok: false, response: null };
|
|
||||||
}
|
|
||||||
},
|
|
||||||
[alert],
|
|
||||||
);
|
|
||||||
|
|
||||||
return { call };
|
|
||||||
}
|
|
||||||
@@ -1,5 +1,7 @@
|
|||||||
import { useState, useEffect, useCallback, useRef } from "react";
|
import { useState, useEffect, useCallback, useRef } from "react";
|
||||||
|
import { useQueryClient } from "@tanstack/react-query";
|
||||||
import apiFetch from "../utils/api";
|
import apiFetch from "../utils/api";
|
||||||
|
import { isHoliday } from "../../utils/czech-holidays";
|
||||||
import {
|
import {
|
||||||
calcProjectMinutesTotal,
|
calcProjectMinutesTotal,
|
||||||
calcFormWorkMinutes,
|
calcFormWorkMinutes,
|
||||||
@@ -9,9 +11,17 @@ import {
|
|||||||
formatDate,
|
formatDate,
|
||||||
formatMinutes,
|
formatMinutes,
|
||||||
getLeaveTypeName,
|
getLeaveTypeName,
|
||||||
getLeaveTypeBadgeClass,
|
|
||||||
formatTimeOrDatetimePrint,
|
formatTimeOrDatetimePrint,
|
||||||
calculateWorkMinutesPrint,
|
calculateWorkMinutesPrint,
|
||||||
|
isWeekendDate,
|
||||||
|
getDaysInMonth,
|
||||||
|
shiftDateForMonth,
|
||||||
|
formatHoursDecimal,
|
||||||
|
calculateNightMinutes,
|
||||||
|
normalizeDateStr,
|
||||||
|
holidaysInMonth,
|
||||||
|
calculateFreeHolidayHours,
|
||||||
|
getCzechWeekday,
|
||||||
} from "../utils/attendanceHelpers";
|
} from "../utils/attendanceHelpers";
|
||||||
import type {
|
import type {
|
||||||
ShiftFormData,
|
ShiftFormData,
|
||||||
@@ -28,7 +38,7 @@ interface AlertContext {
|
|||||||
alert: { success: (msg: string) => void; error: (msg: string) => void };
|
alert: { success: (msg: string) => void; error: (msg: string) => void };
|
||||||
}
|
}
|
||||||
|
|
||||||
interface AttendanceRecord {
|
export interface AttendanceRecord {
|
||||||
id: number;
|
id: number;
|
||||||
user_id: number;
|
user_id: number;
|
||||||
shift_date: string;
|
shift_date: string;
|
||||||
@@ -38,7 +48,7 @@ interface AttendanceRecord {
|
|||||||
departure_time?: string | null;
|
departure_time?: string | null;
|
||||||
break_start?: string | null;
|
break_start?: string | null;
|
||||||
break_end?: string | null;
|
break_end?: string | null;
|
||||||
notes?: string;
|
notes?: string | null;
|
||||||
project_id?: number | null;
|
project_id?: number | null;
|
||||||
project_name?: string;
|
project_name?: string;
|
||||||
project_logs?: Array<{
|
project_logs?: Array<{
|
||||||
@@ -72,7 +82,6 @@ interface UserTotal {
|
|||||||
working: boolean;
|
working: boolean;
|
||||||
vacation_hours: number;
|
vacation_hours: number;
|
||||||
sick_hours: number;
|
sick_hours: number;
|
||||||
holiday_hours: number;
|
|
||||||
unpaid_hours: number;
|
unpaid_hours: number;
|
||||||
overtime: number;
|
overtime: number;
|
||||||
missing: number;
|
missing: number;
|
||||||
@@ -80,6 +89,16 @@ interface UserTotal {
|
|||||||
business_days: number;
|
business_days: number;
|
||||||
worked_hours: number;
|
worked_hours: number;
|
||||||
covered: number;
|
covered: number;
|
||||||
|
// mzda-style summary fields (set by computeUserTotals)
|
||||||
|
worked_hours_raw?: number;
|
||||||
|
odpracovano?: number;
|
||||||
|
vcetne_svatku?: number;
|
||||||
|
prescas?: number;
|
||||||
|
svatek?: number;
|
||||||
|
weekend_hours?: number;
|
||||||
|
night_minutes?: number;
|
||||||
|
worked_holiday_hours?: number; // sum of hours worked ON a holiday
|
||||||
|
records?: AttendanceRecord[];
|
||||||
}
|
}
|
||||||
|
|
||||||
interface LeaveBalance {
|
interface LeaveBalance {
|
||||||
@@ -120,6 +139,11 @@ const combineDatetime = (date: string, time: string): string | null =>
|
|||||||
/**
|
/**
|
||||||
* Compute per-user totals from raw attendance records.
|
* Compute per-user totals from raw attendance records.
|
||||||
* This replaces the server-side `user_totals` that the PHP backend returned.
|
* This replaces the server-side `user_totals` that the PHP backend returned.
|
||||||
|
*
|
||||||
|
* Adds mzda-style summary fields (odpracovano, vcetne_svatku, prescas, svatek,
|
||||||
|
* weekend_hours, night_minutes) and a fund computed as
|
||||||
|
* (rawBizDays + holidayCount) × 8 — holidays count as work days for fund
|
||||||
|
* purposes, per the mzda.pdf model.
|
||||||
*/
|
*/
|
||||||
function computeUserTotals(
|
function computeUserTotals(
|
||||||
records: AttendanceRecord[],
|
records: AttendanceRecord[],
|
||||||
@@ -127,6 +151,7 @@ function computeUserTotals(
|
|||||||
month: string,
|
month: string,
|
||||||
): Record<string, UserTotal> {
|
): Record<string, UserTotal> {
|
||||||
const totals: Record<string, UserTotal> = {};
|
const totals: Record<string, UserTotal> = {};
|
||||||
|
const recordsByUser = new Map<number, AttendanceRecord[]>();
|
||||||
|
|
||||||
for (const rec of records) {
|
for (const rec of records) {
|
||||||
const uid = String(rec.user_id);
|
const uid = String(rec.user_id);
|
||||||
@@ -143,7 +168,6 @@ function computeUserTotals(
|
|||||||
working: false,
|
working: false,
|
||||||
vacation_hours: 0,
|
vacation_hours: 0,
|
||||||
sick_hours: 0,
|
sick_hours: 0,
|
||||||
holiday_hours: 0,
|
|
||||||
unpaid_hours: 0,
|
unpaid_hours: 0,
|
||||||
overtime: 0,
|
overtime: 0,
|
||||||
missing: 0,
|
missing: 0,
|
||||||
@@ -151,15 +175,23 @@ function computeUserTotals(
|
|||||||
business_days: 0,
|
business_days: 0,
|
||||||
worked_hours: 0,
|
worked_hours: 0,
|
||||||
covered: 0,
|
covered: 0,
|
||||||
|
records: [],
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|
||||||
const t = totals[uid];
|
const t = totals[uid];
|
||||||
|
t.records!.push(rec);
|
||||||
|
if (!recordsByUser.has(rec.user_id)) recordsByUser.set(rec.user_id, []);
|
||||||
|
recordsByUser.get(rec.user_id)!.push(rec);
|
||||||
|
|
||||||
const leaveType = rec.leave_type || "work";
|
const leaveType = rec.leave_type || "work";
|
||||||
|
|
||||||
if (leaveType === "work") {
|
if (leaveType === "work") {
|
||||||
// Only work records contribute to "minutes" (matching PHP calculateUserTotals)
|
// Only work records contribute to "minutes" (matching PHP calculateUserTotals)
|
||||||
t.minutes += calculateWorkMinutes(rec);
|
t.minutes += calculateWorkMinutes({
|
||||||
|
...rec,
|
||||||
|
notes: rec.notes ?? undefined,
|
||||||
|
});
|
||||||
} else {
|
} else {
|
||||||
const leaveHours = Number(rec.leave_hours) || 8;
|
const leaveHours = Number(rec.leave_hours) || 8;
|
||||||
switch (leaveType) {
|
switch (leaveType) {
|
||||||
@@ -169,12 +201,14 @@ function computeUserTotals(
|
|||||||
case "sick":
|
case "sick":
|
||||||
t.sick_hours += leaveHours;
|
t.sick_hours += leaveHours;
|
||||||
break;
|
break;
|
||||||
case "holiday":
|
|
||||||
t.holiday_hours += leaveHours;
|
|
||||||
break;
|
|
||||||
case "unpaid":
|
case "unpaid":
|
||||||
t.unpaid_hours += leaveHours;
|
t.unpaid_hours += leaveHours;
|
||||||
break;
|
break;
|
||||||
|
// "holiday" leave_type is no longer selectable in the UI — it is
|
||||||
|
// auto-computed from Czech public holidays (see freeHolidayHours
|
||||||
|
// below). Old records may still exist in the DB; treat them as a
|
||||||
|
// paid non-work entry and skip so they don't double-count with
|
||||||
|
// the auto-detected svátek.
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
@@ -189,7 +223,10 @@ function computeUserTotals(
|
|||||||
const yr = parseInt(yearStr, 10);
|
const yr = parseInt(yearStr, 10);
|
||||||
const mo = parseInt(monthStr, 10) - 1;
|
const mo = parseInt(monthStr, 10) - 1;
|
||||||
|
|
||||||
// Count business days in month (Mon-Fri)
|
// Count Mon-Fri business days in month (INCLUDING holidays).
|
||||||
|
// The fund is rawBizDays × 8 — holidays stay in the count so the
|
||||||
|
// user is paid for them via the fund. Svátek (free holiday hours) is
|
||||||
|
// computed separately as "8h per holiday the user did not work".
|
||||||
let rawBizDays = 0;
|
let rawBizDays = 0;
|
||||||
const cur = new Date(yr, mo, 1);
|
const cur = new Date(yr, mo, 1);
|
||||||
while (cur.getMonth() === mo) {
|
while (cur.getMonth() === mo) {
|
||||||
@@ -198,23 +235,100 @@ function computeUserTotals(
|
|||||||
cur.setDate(cur.getDate() + 1);
|
cur.setDate(cur.getDate() + 1);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
const holidayDates = holidaysInMonth(yr, mo + 1);
|
||||||
|
const holidayCount = holidayDates.length;
|
||||||
|
|
||||||
for (const uid of Object.keys(totals)) {
|
for (const uid of Object.keys(totals)) {
|
||||||
const t = totals[uid];
|
const t = totals[uid];
|
||||||
// Subtract holiday days from business days for this user
|
const userRecords = recordsByUser.get(Number(uid)) || [];
|
||||||
const holidayDays = Math.round(t.holiday_hours / 8);
|
|
||||||
const bizDays = Math.max(0, rawBizDays - holidayDays);
|
// Odpracováno: floor(worked / 8) × 8 — round to whole days, drop remainder.
|
||||||
const fund = bizDays * 8;
|
const workedHoursRaw = t.minutes / 60;
|
||||||
const workedHours = Math.round((t.minutes / 60) * 10) / 10;
|
const odpracovano = Math.floor(workedHoursRaw / 8) * 8;
|
||||||
// Covered = worked + vacation + sick (NOT holiday/unpaid — matching PHP)
|
|
||||||
const leaveHours = t.vacation_hours + t.sick_hours;
|
// So/Ne: sum of worked hours on Sat/Sun (raw, not rounded).
|
||||||
const covered = Math.round((workedHours + leaveHours) * 10) / 10;
|
const weekendHours = userRecords
|
||||||
|
.filter(
|
||||||
|
(r) =>
|
||||||
|
(r.leave_type || "work") === "work" && isWeekendDate(r.shift_date),
|
||||||
|
)
|
||||||
|
.reduce((sum, r) => sum + calculateWorkMinutesPrint(r) / 60, 0);
|
||||||
|
|
||||||
|
// Práce v noci: minutes in 22:00-06:00 across all work records.
|
||||||
|
const nightMinutes = userRecords
|
||||||
|
.filter((r) => (r.leave_type || "work") === "work")
|
||||||
|
.reduce((sum, r) => sum + calculateNightMinutes(r), 0);
|
||||||
|
|
||||||
|
// Svátek (free): 8h per holiday the user did not work.
|
||||||
|
const freeHolidayHours = calculateFreeHolidayHours(
|
||||||
|
userRecords,
|
||||||
|
holidayDates,
|
||||||
|
);
|
||||||
|
|
||||||
|
// Worked holidays: holidays the user DID work (counted toward
|
||||||
|
// Odpracováno, but their 8h must not flow into Přesčas).
|
||||||
|
const workedDatesSet = new Set(
|
||||||
|
userRecords
|
||||||
|
.filter((r) => (r.leave_type || "work") === "work")
|
||||||
|
.map((r) => normalizeDateStr(r.shift_date))
|
||||||
|
.filter(Boolean),
|
||||||
|
);
|
||||||
|
let workedHolidayCount = 0;
|
||||||
|
let workedHolidayHours = 0;
|
||||||
|
for (const hd of holidayDates) {
|
||||||
|
if (workedDatesSet.has(hd)) workedHolidayCount++;
|
||||||
|
}
|
||||||
|
// Sum the actual hours worked on holiday dates (for the KPI card's
|
||||||
|
// "fond used" total = real_work + vacation + worked_holiday + free_holiday).
|
||||||
|
for (const r of userRecords) {
|
||||||
|
if ((r.leave_type || "work") !== "work") continue;
|
||||||
|
const d = normalizeDateStr(r.shift_date);
|
||||||
|
if (d && holidayDates.includes(d)) {
|
||||||
|
workedHolidayHours += calculateWorkMinutesPrint(r) / 60;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
// Fund = Mon-Fri × 8h. Holidays count as work days (already in rawBizDays).
|
||||||
|
const fund = rawBizDays * 8;
|
||||||
|
|
||||||
|
// Včetně svátků a přesčasů (mzda formula):
|
||||||
|
// odpracovano + vacation + remainder − min(freeHols, workedHols × 8)
|
||||||
|
//
|
||||||
|
// Two-way logic matching the print:
|
||||||
|
// • If the user worked at least one holiday, that worked holiday's
|
||||||
|
// 8h is in Odpracováno and shouldn't also count as Přesčas. We
|
||||||
|
// subtract one 8h per worked holiday (capped at the total free
|
||||||
|
// holiday hours — can't go negative).
|
||||||
|
// • If the user did NOT work any holiday, no adjustment is needed:
|
||||||
|
// all unworked holidays are already paid via the Svátek line and
|
||||||
|
// don't flow into Přesčas, so vcetne_svatku just equals the
|
||||||
|
// work + vacation + remainder.
|
||||||
|
const remainder = workedHoursRaw - odpracovano;
|
||||||
|
const holidayAdj = Math.min(freeHolidayHours, workedHolidayCount * 8);
|
||||||
|
const vcetneSv = odpracovano - holidayAdj + t.vacation_hours + remainder;
|
||||||
|
|
||||||
|
// Přesčas = vcetneSv − odpracovano (derived).
|
||||||
|
const prescas = vcetneSv - odpracovano;
|
||||||
|
|
||||||
|
// Legacy fields (kept so existing UI doesn't break).
|
||||||
|
const workedHours = Math.round(workedHoursRaw * 10) / 10;
|
||||||
|
const covered = Math.round((workedHours + t.vacation_hours) * 10) / 10;
|
||||||
|
|
||||||
t.fund = fund;
|
t.fund = fund;
|
||||||
t.business_days = bizDays;
|
t.business_days = rawBizDays;
|
||||||
t.worked_hours = workedHours;
|
t.worked_hours = workedHours;
|
||||||
t.covered = covered;
|
t.covered = covered;
|
||||||
t.missing = Math.max(0, Math.round((fund - covered) * 10) / 10);
|
t.missing = Math.max(0, Math.round((fund - covered) * 10) / 10);
|
||||||
t.overtime = Math.max(0, Math.round((covered - fund) * 10) / 10);
|
t.overtime = Math.max(0, Math.round((covered - fund) * 10) / 10);
|
||||||
|
|
||||||
|
t.worked_hours_raw = workedHoursRaw;
|
||||||
|
t.odpracovano = odpracovano;
|
||||||
|
t.vcetne_svatku = vcetneSv;
|
||||||
|
t.prescas = prescas;
|
||||||
|
t.svatek = freeHolidayHours;
|
||||||
|
t.weekend_hours = weekendHours;
|
||||||
|
t.night_minutes = nightMinutes;
|
||||||
|
t.worked_holiday_hours = workedHolidayHours;
|
||||||
}
|
}
|
||||||
|
|
||||||
return totals;
|
return totals;
|
||||||
@@ -224,12 +338,13 @@ function computeUserTotals(
|
|||||||
// Print helpers
|
// Print helpers
|
||||||
// ---------------------------------------------------------------------------
|
// ---------------------------------------------------------------------------
|
||||||
|
|
||||||
function renderFundStatus(userData: Record<string, any>): string {
|
function escapeHtml(str: string): string {
|
||||||
if (userData.overtime > 0)
|
return str
|
||||||
return `<span class="leave-badge badge-overtime">+${userData.overtime}h přesčas</span>`;
|
.replace(/&/g, "&")
|
||||||
if (userData.missing > 0)
|
.replace(/</g, "<")
|
||||||
return `<span style="color:#dc2626">−${userData.missing}h</span>`;
|
.replace(/>/g, ">")
|
||||||
return '<span style="color:#16a34a">splněno</span>';
|
.replace(/"/g, """)
|
||||||
|
.replace(/'/g, "'");
|
||||||
}
|
}
|
||||||
|
|
||||||
function buildProjectLogsHtml(record: Record<string, any>): string {
|
function buildProjectLogsHtml(record: Record<string, any>): string {
|
||||||
@@ -255,29 +370,11 @@ function buildProjectLogsHtml(record: Record<string, any>): string {
|
|||||||
h = 0;
|
h = 0;
|
||||||
m = 0;
|
m = 0;
|
||||||
}
|
}
|
||||||
return `<div>${log.project_name || `#${log.project_id}`} (${h}:${String(m).padStart(2, "0")}h)</div>`;
|
return `<div>${escapeHtml(log.project_name || `#${log.project_id}`)} (${h}:${String(m).padStart(2, "0")}h)</div>`;
|
||||||
})
|
})
|
||||||
.join("");
|
.join("");
|
||||||
}
|
}
|
||||||
return record.project_name || "—";
|
return escapeHtml(record.project_name || "—");
|
||||||
}
|
|
||||||
|
|
||||||
function buildLeaveSummaryHtml(
|
|
||||||
userId: string,
|
|
||||||
userData: Record<string, any>,
|
|
||||||
printData: Record<string, any>,
|
|
||||||
): string {
|
|
||||||
const bal = printData.leave_balances[userId];
|
|
||||||
let parts = `<strong>Dovolená ${printData.year}:</strong> Zbývá ${bal.vacation_remaining.toFixed(1)}h z ${bal.vacation_total}h`;
|
|
||||||
if (userData.vacation_hours > 0)
|
|
||||||
parts += ` | <span class="leave-badge badge-vacation">Tento měsíc: ${userData.vacation_hours}h</span>`;
|
|
||||||
if (userData.sick_hours > 0)
|
|
||||||
parts += ` | <span class="leave-badge badge-sick">Nemoc: ${userData.sick_hours}h</span>`;
|
|
||||||
if (userData.holiday_hours > 0)
|
|
||||||
parts += ` | <span class="leave-badge badge-holiday">Svátek: ${userData.holiday_hours}h</span>`;
|
|
||||||
if (userData.overtime > 0)
|
|
||||||
parts += ` | <span class="leave-badge badge-overtime">Přesčas: +${userData.overtime}h</span>`;
|
|
||||||
return `<div class="leave-summary">${parts}</div>`;
|
|
||||||
}
|
}
|
||||||
|
|
||||||
function buildUserSectionHtml(
|
function buildUserSectionHtml(
|
||||||
@@ -285,71 +382,215 @@ function buildUserSectionHtml(
|
|||||||
userData: Record<string, any>,
|
userData: Record<string, any>,
|
||||||
printData: Record<string, any>,
|
printData: Record<string, any>,
|
||||||
): string {
|
): string {
|
||||||
const leaveHtml = printData.leave_balances[userId]
|
// Build a date-keyed lookup of the user's records.
|
||||||
? buildLeaveSummaryHtml(userId, userData, printData)
|
const recordsByDate = new Map<string, Record<string, any>>();
|
||||||
: "";
|
for (const r of userData.records || []) {
|
||||||
|
recordsByDate.set(normalizeDateStr(r.shift_date), r);
|
||||||
|
}
|
||||||
|
|
||||||
const recordRows = (userData.records || [])
|
// Iterate one row per day of the month.
|
||||||
.map((record: any) => {
|
const [yearStr, monthStr] = printData.month.split("-");
|
||||||
const leaveType = record.leave_type || "work";
|
const yr = parseInt(yearStr, 10);
|
||||||
const isLeave = leaveType !== "work";
|
const mo = parseInt(monthStr, 10);
|
||||||
const workMinutes = calculateWorkMinutesPrint(record);
|
const daysInMonth = getDaysInMonth(yr, mo);
|
||||||
const hours = Math.floor(workMinutes / 60);
|
|
||||||
const mins = workMinutes % 60;
|
|
||||||
const breakCell =
|
|
||||||
isLeave || !record.break_start || !record.break_end
|
|
||||||
? "—"
|
|
||||||
: `${formatTimeOrDatetimePrint(record.break_start, record.shift_date)} - ${formatTimeOrDatetimePrint(record.break_end, record.shift_date)}`;
|
|
||||||
|
|
||||||
return `<tr>
|
const userRecords = (userData.records || []) as Record<string, any>[];
|
||||||
<td>${formatDate(record.shift_date)}</td>
|
|
||||||
<td><span class="leave-badge ${getLeaveTypeBadgeClass(leaveType)}">${getLeaveTypeName(leaveType)}</span></td>
|
const rows: string[] = [];
|
||||||
<td class="text-center">${isLeave ? "—" : formatTimeOrDatetimePrint(record.arrival_time, record.shift_date)}</td>
|
for (let d = 1; d <= daysInMonth; d++) {
|
||||||
|
const dateStr = shiftDateForMonth(yr, mo, d);
|
||||||
|
const record = recordsByDate.get(dateStr);
|
||||||
|
const weekend = isWeekendDate(dateStr);
|
||||||
|
const holiday = isHoliday(dateStr);
|
||||||
|
const leaveType = (record?.leave_type as string) || "work";
|
||||||
|
const rowClasses = [
|
||||||
|
weekend && "weekend",
|
||||||
|
holiday && "holiday",
|
||||||
|
leaveType === "vacation" && "vacation",
|
||||||
|
]
|
||||||
|
.filter(Boolean)
|
||||||
|
.join(" ");
|
||||||
|
|
||||||
|
if (!record) {
|
||||||
|
rows.push(`<tr class="${rowClasses}">
|
||||||
|
<td>${escapeHtml(formatDate(dateStr))}</td>
|
||||||
|
<td>${escapeHtml(getCzechWeekday(dateStr))}</td>
|
||||||
|
<td>—</td>
|
||||||
|
<td class="text-center">—</td>
|
||||||
|
<td class="text-center">—</td>
|
||||||
|
<td class="text-center">—</td>
|
||||||
|
<td class="text-center">—</td>
|
||||||
|
<td></td>
|
||||||
|
<td></td>
|
||||||
|
</tr>`);
|
||||||
|
continue;
|
||||||
|
}
|
||||||
|
|
||||||
|
const isLeave = leaveType !== "work";
|
||||||
|
const workMinutes = calculateWorkMinutesPrint(record);
|
||||||
|
const hours = Math.floor(workMinutes / 60);
|
||||||
|
const mins = workMinutes % 60;
|
||||||
|
const breakCell =
|
||||||
|
isLeave || !record.break_start || !record.break_end
|
||||||
|
? "—"
|
||||||
|
: `${escapeHtml(formatTimeOrDatetimePrint(record.break_start, record.shift_date))} - ${escapeHtml(formatTimeOrDatetimePrint(record.break_end, record.shift_date))}`;
|
||||||
|
|
||||||
|
let hoursCell: string;
|
||||||
|
if (workMinutes > 0 && !isLeave) {
|
||||||
|
hoursCell = `${hours}:${String(mins).padStart(2, "0")} (${formatHoursDecimal(workMinutes)})`;
|
||||||
|
} else if (isLeave) {
|
||||||
|
hoursCell = formatHoursDecimal((Number(record.leave_hours) || 8) * 60);
|
||||||
|
} else {
|
||||||
|
hoursCell = "—";
|
||||||
|
}
|
||||||
|
|
||||||
|
rows.push(`<tr class="${rowClasses}">
|
||||||
|
<td>${escapeHtml(formatDate(dateStr))}</td>
|
||||||
|
<td>${escapeHtml(getCzechWeekday(dateStr))}</td>
|
||||||
|
<td>${escapeHtml(getLeaveTypeName(leaveType))}</td>
|
||||||
|
<td class="text-center">${isLeave ? "—" : escapeHtml(formatTimeOrDatetimePrint(record.arrival_time, record.shift_date))}</td>
|
||||||
<td class="text-center">${breakCell}</td>
|
<td class="text-center">${breakCell}</td>
|
||||||
<td class="text-center">${isLeave ? "—" : formatTimeOrDatetimePrint(record.departure_time, record.shift_date)}</td>
|
<td class="text-center">${isLeave ? "—" : escapeHtml(formatTimeOrDatetimePrint(record.departure_time, record.shift_date))}</td>
|
||||||
<td class="text-center">${workMinutes > 0 ? `${hours}:${String(mins).padStart(2, "0")}` : "—"}</td>
|
<td class="text-center">${hoursCell}</td>
|
||||||
<td style="font-size:8px">${buildProjectLogsHtml(record)}</td>
|
<td style="font-size:8px">${buildProjectLogsHtml(record)}</td>
|
||||||
<td>${record.notes || ""}</td>
|
<td>${escapeHtml(record.notes || "")}</td>
|
||||||
</tr>`;
|
</tr>`);
|
||||||
})
|
}
|
||||||
.join("");
|
|
||||||
|
|
||||||
const fundRow =
|
// ----- mzda-style summary numbers (computed here, not from userData,
|
||||||
userData.fund !== null
|
// because the backend's getPrintData only returns the legacy fields). -----
|
||||||
? `<tr>
|
|
||||||
<td colspan="6" class="text-right">Fond měsíce:</td>
|
// Worked minutes: sum of calculateWorkMinutesPrint across work records.
|
||||||
<td class="text-center">${userData.covered}h / ${userData.fund}h</td>
|
let workedMinutes = 0;
|
||||||
<td colspan="2">${renderFundStatus(userData)}</td>
|
let weekendHoursRaw = 0;
|
||||||
</tr>`
|
let nightMinutes = 0;
|
||||||
: "";
|
for (const r of userRecords) {
|
||||||
|
const leaveType = r.leave_type || "work";
|
||||||
|
if (leaveType !== "work") continue;
|
||||||
|
const m = calculateWorkMinutesPrint(r);
|
||||||
|
workedMinutes += m;
|
||||||
|
if (isWeekendDate(r.shift_date)) {
|
||||||
|
weekendHoursRaw += m / 60;
|
||||||
|
}
|
||||||
|
nightMinutes += calculateNightMinutes(r);
|
||||||
|
}
|
||||||
|
|
||||||
|
// Sum of vacation/sick/unpaid hours (in hours, not minutes). The
|
||||||
|
// "holiday" leave_type is auto-computed from Czech holidays further down
|
||||||
|
// and no longer selectable in the UI, so it's deliberately omitted here.
|
||||||
|
let vacationHours = 0,
|
||||||
|
sickHours = 0;
|
||||||
|
for (const r of userRecords) {
|
||||||
|
const lt = r.leave_type || "work";
|
||||||
|
if (lt === "work") continue;
|
||||||
|
const h = Number(r.leave_hours) || 8;
|
||||||
|
if (lt === "vacation") vacationHours += h;
|
||||||
|
else if (lt === "sick") sickHours += h;
|
||||||
|
}
|
||||||
|
|
||||||
|
// Odpracováno: floor(worked / 8) × 8.
|
||||||
|
const workedHoursRaw = workedMinutes / 60;
|
||||||
|
const odpracovano = Math.floor(workedHoursRaw / 8) * 8;
|
||||||
|
|
||||||
|
// Free Svátek: 8h per holiday date the user did not work.
|
||||||
|
const holidayDates = holidaysInMonth(yr, mo);
|
||||||
|
const holidayCount = holidayDates.length;
|
||||||
|
const workedDates = new Set(
|
||||||
|
userRecords
|
||||||
|
.filter((r) => (r.leave_type || "work") === "work")
|
||||||
|
.map((r) => normalizeDateStr(r.shift_date))
|
||||||
|
.filter(Boolean),
|
||||||
|
);
|
||||||
|
let freeHolidayHours = 0;
|
||||||
|
let workedHolidayCount = 0;
|
||||||
|
for (const hd of holidayDates) {
|
||||||
|
if (workedDates.has(hd)) workedHolidayCount++;
|
||||||
|
else freeHolidayHours += 8;
|
||||||
|
}
|
||||||
|
|
||||||
|
// Fund: count Mon-Fri (incl. holidays) × 8h.
|
||||||
|
let rawBizDays = 0;
|
||||||
|
const cur = new Date(yr, mo - 1, 1);
|
||||||
|
while (cur.getMonth() === mo - 1) {
|
||||||
|
const dow = cur.getDay();
|
||||||
|
if (dow !== 0 && dow !== 6) rawBizDays++;
|
||||||
|
cur.setDate(cur.getDate() + 1);
|
||||||
|
}
|
||||||
|
const businessDays = rawBizDays;
|
||||||
|
const fund = businessDays * 8;
|
||||||
|
|
||||||
|
// Včetně svátků a přesčasů: floor(worked/8)*8 − worked_holiday*8 + vacation + remainder.
|
||||||
|
// (A worked holiday counts toward Odpracováno, but its 8h should not flow
|
||||||
|
// into Přesčas — so we subtract it here. Unworked holidays are paid via
|
||||||
|
// the fund and don't affect this line.)
|
||||||
|
const remainder = workedHoursRaw - odpracovano;
|
||||||
|
const vcetneSv =
|
||||||
|
odpracovano - workedHolidayCount * 8 + vacationHours + remainder;
|
||||||
|
|
||||||
|
// Přesčas = #2 - #1.
|
||||||
|
const prescas = vcetneSv - odpracovano;
|
||||||
|
|
||||||
|
const summaryHtml = `<div class="user-summary">
|
||||||
|
<div class="summary-row">
|
||||||
|
<span class="summary-label">Odpracováno:</span>
|
||||||
|
<span class="summary-value">${formatHoursDecimal(odpracovano * 60)}h</span>
|
||||||
|
</div>
|
||||||
|
<div class="summary-row">
|
||||||
|
<span class="summary-label">Odpracováno včetně svátků a přesčasů:</span>
|
||||||
|
<span class="summary-value">${formatHoursDecimal(vcetneSv * 60)}h</span>
|
||||||
|
</div>
|
||||||
|
<div class="summary-row">
|
||||||
|
<span class="summary-label">Dovolená:</span>
|
||||||
|
<span class="summary-value">${formatHoursDecimal(vacationHours * 60)}h</span>
|
||||||
|
</div>
|
||||||
|
<div class="summary-row">
|
||||||
|
<span class="summary-label">Přesčas:</span>
|
||||||
|
<span class="summary-value">${formatHoursDecimal(prescas * 60)}h</span>
|
||||||
|
</div>
|
||||||
|
<div class="summary-row">
|
||||||
|
<span class="summary-label">Svátek:</span>
|
||||||
|
<span class="summary-value">${formatHoursDecimal(freeHolidayHours * 60)}h</span>
|
||||||
|
</div>
|
||||||
|
<div class="summary-row">
|
||||||
|
<span class="summary-label">So/Ne:</span>
|
||||||
|
<span class="summary-value">${formatHoursDecimal(weekendHoursRaw * 60)}h</span>
|
||||||
|
</div>
|
||||||
|
<div class="summary-row">
|
||||||
|
<span class="summary-label">Práce v noci:</span>
|
||||||
|
<span class="summary-value">${formatHoursDecimal(nightMinutes)}h</span>
|
||||||
|
</div>
|
||||||
|
<div class="summary-row summary-fund">
|
||||||
|
<span class="summary-label">Fond měsíce:</span>
|
||||||
|
<span class="summary-value">${formatHoursDecimal(fund * 60)}h (${businessDays} dnů)</span>
|
||||||
|
</div>
|
||||||
|
<div class="legend">
|
||||||
|
<span class="legend-item"><span class="legend-swatch weekend"></span>Víkend (So/Ne)</span>
|
||||||
|
<span class="legend-item"><span class="legend-swatch holiday"></span>Svátek</span>
|
||||||
|
<span class="legend-item"><span class="legend-swatch weekend-holiday"></span>Víkend + svátek</span>
|
||||||
|
<span class="legend-item"><span class="legend-swatch vacation"></span>Dovolená</span>
|
||||||
|
</div>
|
||||||
|
</div>`;
|
||||||
|
|
||||||
return `<div class="user-section">
|
return `<div class="user-section">
|
||||||
<div class="user-header">
|
<div class="user-header">
|
||||||
<h3>${userData.name}</h3>
|
<h3>${escapeHtml(userData.name)}</h3>
|
||||||
<span class="total">Odpracováno: ${formatMinutes(userData.minutes)} h</span>
|
<span class="total">Odpracováno: ${escapeHtml(formatMinutes(userData.minutes))} h</span>
|
||||||
</div>
|
</div>
|
||||||
${leaveHtml}
|
|
||||||
<table>
|
<table>
|
||||||
<thead><tr>
|
<thead><tr>
|
||||||
<th style="width:70px">Datum</th>
|
<th style="width:55px">Datum</th>
|
||||||
<th style="width:70px">Typ</th>
|
<th style="width:55px">Den</th>
|
||||||
<th class="text-center" style="width:70px">Příchod</th>
|
<th style="width:60px">Typ</th>
|
||||||
<th class="text-center" style="width:90px">Pauza</th>
|
<th class="text-center" style="width:55px">Příchod</th>
|
||||||
<th class="text-center" style="width:70px">Odchod</th>
|
<th class="text-center" style="width:80px">Pauza</th>
|
||||||
<th class="text-center" style="width:80px">Hodiny</th>
|
<th class="text-center" style="width:55px">Odchod</th>
|
||||||
|
<th class="text-center" style="width:85px">Hodiny</th>
|
||||||
<th>Projekty</th>
|
<th>Projekty</th>
|
||||||
<th>Poznámka</th>
|
<th>Poznámka</th>
|
||||||
</tr></thead>
|
</tr></thead>
|
||||||
<tbody>${recordRows}</tbody>
|
<tbody>${rows.join("")}</tbody>
|
||||||
<tfoot>
|
|
||||||
<tr>
|
|
||||||
<td colspan="6" class="text-right">Odpracováno:</td>
|
|
||||||
<td class="text-center">${formatMinutes(userData.minutes)} h</td>
|
|
||||||
<td colspan="2"></td>
|
|
||||||
</tr>
|
|
||||||
${fundRow}
|
|
||||||
</tfoot>
|
|
||||||
</table>
|
</table>
|
||||||
|
${summaryHtml}
|
||||||
</div>`;
|
</div>`;
|
||||||
}
|
}
|
||||||
|
|
||||||
@@ -365,9 +606,15 @@ function buildPrintHtml(
|
|||||||
<head>
|
<head>
|
||||||
<meta charset="UTF-8">
|
<meta charset="UTF-8">
|
||||||
<meta name="viewport" content="width=device-width, initial-scale=1.0">
|
<meta name="viewport" content="width=device-width, initial-scale=1.0">
|
||||||
<title>Docházka - ${pData.month_name}</title>
|
<title>Docházka - ${escapeHtml(pData.month_name)}</title>
|
||||||
<style>
|
<style>
|
||||||
* { margin: 0; padding: 0; box-sizing: border-box; }
|
* {
|
||||||
|
margin: 0;
|
||||||
|
padding: 0;
|
||||||
|
box-sizing: border-box;
|
||||||
|
-webkit-print-color-adjust: exact;
|
||||||
|
print-color-adjust: exact;
|
||||||
|
}
|
||||||
body {
|
body {
|
||||||
font-family: 'Segoe UI', Tahoma, Geneva, Verdana, sans-serif;
|
font-family: 'Segoe UI', Tahoma, Geneva, Verdana, sans-serif;
|
||||||
font-size: 11px; line-height: 1.4; color: #000; background: #fff; padding: 15mm;
|
font-size: 11px; line-height: 1.4; color: #000; background: #fff; padding: 15mm;
|
||||||
@@ -397,19 +644,47 @@ function buildPrintHtml(
|
|||||||
.user-section th { background: #333; color: #fff; font-weight: 600; font-size: 10px; text-transform: uppercase; }
|
.user-section th { background: #333; color: #fff; font-weight: 600; font-size: 10px; text-transform: uppercase; }
|
||||||
.user-section td { font-size: 10px; }
|
.user-section td { font-size: 10px; }
|
||||||
.user-section tr:nth-child(even) { background: #f9f9f9; }
|
.user-section tr:nth-child(even) { background: #f9f9f9; }
|
||||||
|
/* Weekend and holiday row highlighting — must come after the
|
||||||
|
:nth-child(even) rule and use higher specificity (tr.X td) to win. */
|
||||||
|
.user-section tr.weekend td { background: #fde68a; }
|
||||||
|
.user-section tr.holiday td { background: #bbf7d0; }
|
||||||
|
.user-section tr.weekend.holiday td { background: #fcd34d; }
|
||||||
|
.user-section tr.vacation td { background: #bfdbfe; }
|
||||||
.text-center { text-align: center; }
|
.text-center { text-align: center; }
|
||||||
.text-right { text-align: right; }
|
.text-right { text-align: right; }
|
||||||
.user-section tfoot td { background: #eee; font-weight: 600; }
|
|
||||||
.leave-badge { display: inline-block; padding: 2px 6px; border-radius: 3px; font-size: 9px; font-weight: 500; }
|
.leave-badge { display: inline-block; padding: 2px 6px; border-radius: 3px; font-size: 9px; font-weight: 500; }
|
||||||
.badge-vacation { background: #dbeafe; color: #1d4ed8; }
|
.badge-vacation { background: #dbeafe; color: #1d4ed8; }
|
||||||
.badge-sick { background: #fee2e2; color: #dc2626; }
|
.badge-sick { background: #fee2e2; color: #dc2626; }
|
||||||
.badge-holiday { background: #dcfce7; color: #16a34a; }
|
.badge-holiday { background: #dcfce7; color: #16a34a; }
|
||||||
.badge-unpaid { background: #f3f4f6; color: #6b7280; }
|
.badge-unpaid { background: #f3f4f6; color: #6b7280; }
|
||||||
.badge-overtime { background: #fef3c7; color: #d97706; }
|
.badge-overtime { background: #fef3c7; color: #d97706; }
|
||||||
.leave-summary {
|
.user-summary {
|
||||||
margin-top: 10px; padding: 8px 15px; background: #f9f9f9;
|
margin-top: 10px; padding: 10px 15px;
|
||||||
border: 1px solid #ddd; font-size: 10px;
|
background: #f9f9f9; border: 1px solid #ddd; font-size: 10px;
|
||||||
}
|
}
|
||||||
|
.user-summary .summary-row {
|
||||||
|
display: flex; justify-content: space-between; padding: 2px 0;
|
||||||
|
}
|
||||||
|
.user-summary .summary-label { color: #555; }
|
||||||
|
.user-summary .summary-value { font-weight: 600; }
|
||||||
|
.user-summary .summary-fund {
|
||||||
|
border-top: 1px solid #ddd; margin-top: 4px; padding-top: 6px;
|
||||||
|
}
|
||||||
|
.legend {
|
||||||
|
display: flex; flex-wrap: wrap; gap: 14px;
|
||||||
|
margin-top: 8px; padding-top: 6px;
|
||||||
|
border-top: 1px dashed #ddd;
|
||||||
|
font-size: 9px; color: #555;
|
||||||
|
}
|
||||||
|
.legend-item { display: inline-flex; align-items: center; gap: 5px; }
|
||||||
|
.legend-swatch {
|
||||||
|
display: inline-block; width: 12px; height: 12px;
|
||||||
|
border: 1px solid #333; vertical-align: middle;
|
||||||
|
}
|
||||||
|
.legend-swatch.weekend { background: #fde68a; }
|
||||||
|
.legend-swatch.holiday { background: #bbf7d0; }
|
||||||
|
.legend-swatch.weekend-holiday { background: #fcd34d; }
|
||||||
|
.legend-swatch.vacation { background: #bfdbfe; }
|
||||||
.print-wrapper-table { width: 100%; border-collapse: collapse; border: none; }
|
.print-wrapper-table { width: 100%; border-collapse: collapse; border: none; }
|
||||||
.print-wrapper-table > thead > tr > td,
|
.print-wrapper-table > thead > tr > td,
|
||||||
.print-wrapper-table > tbody > tr > td { padding: 0; border: none; background: none; }
|
.print-wrapper-table > tbody > tr > td { padding: 0; border: none; background: none; }
|
||||||
@@ -428,11 +703,11 @@ function buildPrintHtml(
|
|||||||
<img src="/api/admin/company-settings/logo?variant=light" alt="" class="print-logo" />
|
<img src="/api/admin/company-settings/logo?variant=light" alt="" class="print-logo" />
|
||||||
<div class="print-header-text">
|
<div class="print-header-text">
|
||||||
<h1>EVIDENCE DOCHÁZKY</h1>
|
<h1>EVIDENCE DOCHÁZKY</h1>
|
||||||
<div class="company">${companyName}</div>
|
<div class="company">${escapeHtml(companyName)}</div>
|
||||||
</div>
|
</div>
|
||||||
</div>
|
</div>
|
||||||
<div class="print-header-right">
|
<div class="print-header-right">
|
||||||
<div class="period">${pData.month_name}</div>
|
<div class="period">${escapeHtml(pData.month_name)}</div>
|
||||||
${filterNote}
|
${filterNote}
|
||||||
<div class="generated">Vygenerováno: ${new Date().toLocaleString("cs-CZ")}</div>
|
<div class="generated">Vygenerováno: ${new Date().toLocaleString("cs-CZ")}</div>
|
||||||
</div>
|
</div>
|
||||||
@@ -452,6 +727,7 @@ function buildPrintHtml(
|
|||||||
// ---------------------------------------------------------------------------
|
// ---------------------------------------------------------------------------
|
||||||
|
|
||||||
export default function useAttendanceAdmin({ alert }: AlertContext) {
|
export default function useAttendanceAdmin({ alert }: AlertContext) {
|
||||||
|
const queryClient = useQueryClient();
|
||||||
// ---- Core state ----
|
// ---- Core state ----
|
||||||
const [loading, setLoading] = useState(true);
|
const [loading, setLoading] = useState(true);
|
||||||
const [month, setMonth] = useState(() => {
|
const [month, setMonth] = useState(() => {
|
||||||
@@ -653,7 +929,15 @@ export default function useAttendanceAdmin({ alert }: AlertContext) {
|
|||||||
formData: ShiftFormData,
|
formData: ShiftFormData,
|
||||||
): boolean => {
|
): boolean => {
|
||||||
const totalWork = calcFormWorkMinutes(formData);
|
const totalWork = calcFormWorkMinutes(formData);
|
||||||
const totalProject = calcProjectMinutesTotal(logs);
|
const totalProject = calcProjectMinutesTotal(
|
||||||
|
logs.map((l) => ({
|
||||||
|
...l,
|
||||||
|
project_id:
|
||||||
|
l.project_id !== "" && l.project_id != null
|
||||||
|
? Number(l.project_id)
|
||||||
|
: undefined,
|
||||||
|
})),
|
||||||
|
);
|
||||||
if (totalWork > 0 && totalProject !== totalWork) {
|
if (totalWork > 0 && totalProject !== totalWork) {
|
||||||
const wH = Math.floor(totalWork / 60);
|
const wH = Math.floor(totalWork / 60);
|
||||||
const wM = totalWork % 60;
|
const wM = totalWork % 60;
|
||||||
@@ -762,6 +1046,7 @@ export default function useAttendanceAdmin({ alert }: AlertContext) {
|
|||||||
|
|
||||||
if (result.success) {
|
if (result.success) {
|
||||||
setShowCreateModal(false);
|
setShowCreateModal(false);
|
||||||
|
queryClient.invalidateQueries({ queryKey: ["attendance"] });
|
||||||
await fetchData(false);
|
await fetchData(false);
|
||||||
await new Promise((resolve) => setTimeout(resolve, 300));
|
await new Promise((resolve) => setTimeout(resolve, 300));
|
||||||
alert.success(
|
alert.success(
|
||||||
@@ -833,6 +1118,7 @@ export default function useAttendanceAdmin({ alert }: AlertContext) {
|
|||||||
|
|
||||||
if (result.success) {
|
if (result.success) {
|
||||||
setShowBulkModal(false);
|
setShowBulkModal(false);
|
||||||
|
queryClient.invalidateQueries({ queryKey: ["attendance"] });
|
||||||
await fetchData(false);
|
await fetchData(false);
|
||||||
await new Promise((resolve) => setTimeout(resolve, 300));
|
await new Promise((resolve) => setTimeout(resolve, 300));
|
||||||
alert.success(
|
alert.success(
|
||||||
@@ -856,7 +1142,7 @@ export default function useAttendanceAdmin({ alert }: AlertContext) {
|
|||||||
const userName = record.users
|
const userName = record.users
|
||||||
? `${record.users.first_name} ${record.users.last_name}`.trim() ||
|
? `${record.users.first_name} ${record.users.last_name}`.trim() ||
|
||||||
record.users.username
|
record.users.username
|
||||||
: ((record as Record<string, unknown>).user_name as string) ||
|
: ((record as unknown as Record<string, unknown>).user_name as string) ||
|
||||||
`User #${record.user_id}`;
|
`User #${record.user_id}`;
|
||||||
const enriched = { ...record, user_name: userName };
|
const enriched = { ...record, user_name: userName };
|
||||||
setEditingRecord(enriched);
|
setEditingRecord(enriched);
|
||||||
@@ -967,6 +1253,7 @@ export default function useAttendanceAdmin({ alert }: AlertContext) {
|
|||||||
|
|
||||||
if (result.success) {
|
if (result.success) {
|
||||||
setShowEditModal(false);
|
setShowEditModal(false);
|
||||||
|
queryClient.invalidateQueries({ queryKey: ["attendance"] });
|
||||||
await fetchData(false);
|
await fetchData(false);
|
||||||
await new Promise((resolve) => setTimeout(resolve, 300));
|
await new Promise((resolve) => setTimeout(resolve, 300));
|
||||||
alert.success(
|
alert.success(
|
||||||
@@ -996,6 +1283,7 @@ export default function useAttendanceAdmin({ alert }: AlertContext) {
|
|||||||
|
|
||||||
if (result.success) {
|
if (result.success) {
|
||||||
setDeleteConfirm({ show: false, record: null });
|
setDeleteConfirm({ show: false, record: null });
|
||||||
|
queryClient.invalidateQueries({ queryKey: ["attendance"] });
|
||||||
await fetchData(false);
|
await fetchData(false);
|
||||||
alert.success(
|
alert.success(
|
||||||
result.message || result.data?.message || "Záznam smazán",
|
result.message || result.data?.message || "Záznam smazán",
|
||||||
@@ -1037,7 +1325,7 @@ export default function useAttendanceAdmin({ alert }: AlertContext) {
|
|||||||
? '<p style="text-align:center;padding:20px">Za vybrané období nejsou žádné záznamy.</p>'
|
? '<p style="text-align:center;padding:20px">Za vybrané období nejsou žádné záznamy.</p>'
|
||||||
: "";
|
: "";
|
||||||
const filterNote = pData.selected_user_name
|
const filterNote = pData.selected_user_name
|
||||||
? `<div class="filters">Zaměstnanec: ${pData.selected_user_name}</div>`
|
? `<div class="filters">Zaměstnanec: ${escapeHtml(pData.selected_user_name)}</div>`
|
||||||
: "";
|
: "";
|
||||||
const bodyContent = buildPrintHtml(
|
const bodyContent = buildPrintHtml(
|
||||||
pData,
|
pData,
|
||||||
@@ -1051,7 +1339,9 @@ export default function useAttendanceAdmin({ alert }: AlertContext) {
|
|||||||
printWindow.document.open();
|
printWindow.document.open();
|
||||||
printWindow.document.write(bodyContent);
|
printWindow.document.write(bodyContent);
|
||||||
printWindow.document.close();
|
printWindow.document.close();
|
||||||
printWindow.onload = () => printWindow.print();
|
printWindow.addEventListener("load", () => printWindow.print(), {
|
||||||
|
once: true,
|
||||||
|
});
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
} catch {
|
} catch {
|
||||||
|
|||||||
@@ -1,126 +0,0 @@
|
|||||||
import { useState, useEffect, useCallback, useRef } from "react";
|
|
||||||
import { useAlert } from "../context/AlertContext";
|
|
||||||
import apiFetch from "../utils/api";
|
|
||||||
import useDebounce from "./useDebounce";
|
|
||||||
|
|
||||||
const API_BASE = "/api/admin";
|
|
||||||
|
|
||||||
interface PaginationData {
|
|
||||||
total: number;
|
|
||||||
page: number;
|
|
||||||
per_page: number;
|
|
||||||
total_pages: number;
|
|
||||||
}
|
|
||||||
|
|
||||||
interface UseListDataOptions {
|
|
||||||
dataKey?: string;
|
|
||||||
search?: string;
|
|
||||||
sort?: string;
|
|
||||||
order?: string;
|
|
||||||
page?: number;
|
|
||||||
perPage?: number;
|
|
||||||
extraParams?: Record<string, string>;
|
|
||||||
errorMsg?: string;
|
|
||||||
}
|
|
||||||
|
|
||||||
export default function useListData<T = unknown>(
|
|
||||||
endpoint: string,
|
|
||||||
options: UseListDataOptions = {},
|
|
||||||
) {
|
|
||||||
const {
|
|
||||||
dataKey,
|
|
||||||
search = "",
|
|
||||||
sort,
|
|
||||||
order,
|
|
||||||
page = 1,
|
|
||||||
perPage = 25,
|
|
||||||
extraParams = {},
|
|
||||||
errorMsg = "Nepodařilo se načíst data",
|
|
||||||
} = options;
|
|
||||||
const alert = useAlert();
|
|
||||||
const [items, setItems] = useState<T[]>([]);
|
|
||||||
const [loading, setLoading] = useState(true);
|
|
||||||
const [initialLoad, setInitialLoad] = useState(true);
|
|
||||||
const [pagination, setPagination] = useState<PaginationData | null>(null);
|
|
||||||
const abortRef = useRef<AbortController | null>(null);
|
|
||||||
const debouncedSearch = useDebounce(search, 300);
|
|
||||||
|
|
||||||
const fetchData = useCallback(async () => {
|
|
||||||
if (abortRef.current) abortRef.current.abort();
|
|
||||||
const controller = new AbortController();
|
|
||||||
abortRef.current = controller;
|
|
||||||
|
|
||||||
try {
|
|
||||||
const params = new URLSearchParams({
|
|
||||||
page: String(page),
|
|
||||||
per_page: String(perPage),
|
|
||||||
});
|
|
||||||
if (debouncedSearch) params.set("search", debouncedSearch);
|
|
||||||
if (sort) params.set("sort", sort);
|
|
||||||
if (order) params.set("order", order);
|
|
||||||
Object.entries(extraParams).forEach(([k, v]) => {
|
|
||||||
if (v) params.set(k, v);
|
|
||||||
});
|
|
||||||
|
|
||||||
const url = endpoint.startsWith("/")
|
|
||||||
? `${endpoint}?${params}`
|
|
||||||
: `${API_BASE}/${endpoint}?${params}`;
|
|
||||||
const response = await apiFetch(url, { signal: controller.signal });
|
|
||||||
if (response.status === 401) return;
|
|
||||||
const result = await response.json();
|
|
||||||
if (result.success) {
|
|
||||||
const data = dataKey
|
|
||||||
? result.data[dataKey]
|
|
||||||
: Array.isArray(result.data)
|
|
||||||
? result.data
|
|
||||||
: result.data?.items || [];
|
|
||||||
setItems(data || []);
|
|
||||||
const pag =
|
|
||||||
result.pagination ||
|
|
||||||
(!Array.isArray(result.data) && result.data?.pagination) ||
|
|
||||||
null;
|
|
||||||
setPagination(
|
|
||||||
pag || {
|
|
||||||
total: data?.length ?? 0,
|
|
||||||
page,
|
|
||||||
per_page: perPage,
|
|
||||||
total_pages: 1,
|
|
||||||
},
|
|
||||||
);
|
|
||||||
} else {
|
|
||||||
alert.error(result.error || errorMsg);
|
|
||||||
}
|
|
||||||
} catch (err: unknown) {
|
|
||||||
if (err instanceof Error && err.name === "AbortError") return;
|
|
||||||
alert.error(errorMsg);
|
|
||||||
} finally {
|
|
||||||
setLoading(false);
|
|
||||||
setInitialLoad(false);
|
|
||||||
}
|
|
||||||
}, [
|
|
||||||
endpoint,
|
|
||||||
debouncedSearch,
|
|
||||||
sort,
|
|
||||||
order,
|
|
||||||
page,
|
|
||||||
perPage,
|
|
||||||
dataKey,
|
|
||||||
JSON.stringify(extraParams),
|
|
||||||
]); // eslint-disable-line react-hooks/exhaustive-deps
|
|
||||||
|
|
||||||
useEffect(() => {
|
|
||||||
fetchData();
|
|
||||||
return () => {
|
|
||||||
if (abortRef.current) abortRef.current.abort();
|
|
||||||
};
|
|
||||||
}, [fetchData]);
|
|
||||||
|
|
||||||
return {
|
|
||||||
items,
|
|
||||||
setItems,
|
|
||||||
loading,
|
|
||||||
initialLoad,
|
|
||||||
pagination,
|
|
||||||
refetch: fetchData,
|
|
||||||
};
|
|
||||||
}
|
|
||||||
@@ -1,14 +1,16 @@
|
|||||||
import { useEffect } from "react";
|
import { useEffect } from "react";
|
||||||
|
|
||||||
|
let activeLocks = 0;
|
||||||
|
|
||||||
export default function useModalLock(isOpen: boolean): void {
|
export default function useModalLock(isOpen: boolean): void {
|
||||||
useEffect(() => {
|
useEffect(() => {
|
||||||
if (isOpen) {
|
if (isOpen) {
|
||||||
document.body.style.overflow = "hidden";
|
if (activeLocks === 0) document.body.style.overflow = "hidden";
|
||||||
} else {
|
activeLocks++;
|
||||||
document.body.style.overflow = "";
|
return () => {
|
||||||
|
activeLocks = Math.max(0, activeLocks - 1);
|
||||||
|
if (activeLocks === 0) document.body.style.overflow = "";
|
||||||
|
};
|
||||||
}
|
}
|
||||||
return () => {
|
|
||||||
document.body.style.overflow = "";
|
|
||||||
};
|
|
||||||
}, [isOpen]);
|
}, [isOpen]);
|
||||||
}
|
}
|
||||||
|
|||||||
44
src/admin/hooks/usePaginatedQuery.ts
Normal file
44
src/admin/hooks/usePaginatedQuery.ts
Normal file
@@ -0,0 +1,44 @@
|
|||||||
|
import {
|
||||||
|
useQuery,
|
||||||
|
keepPreviousData,
|
||||||
|
useQueryClient,
|
||||||
|
} from "@tanstack/react-query";
|
||||||
|
import type { UseQueryOptions } from "@tanstack/react-query";
|
||||||
|
|
||||||
|
interface PaginatedResult<T> {
|
||||||
|
data: T[];
|
||||||
|
pagination: {
|
||||||
|
total: number;
|
||||||
|
page: number;
|
||||||
|
per_page: number;
|
||||||
|
total_pages: number;
|
||||||
|
};
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Wrapper around useQuery for paginated list endpoints.
|
||||||
|
* Accepts the return value of queryOptions() from lib/queries/*
|
||||||
|
* and extracts items + pagination from the response.
|
||||||
|
*/
|
||||||
|
// eslint-disable-next-line @typescript-eslint/no-explicit-any
|
||||||
|
export function usePaginatedQuery<T>(options: any) {
|
||||||
|
const query = useQuery({
|
||||||
|
...options,
|
||||||
|
placeholderData: keepPreviousData,
|
||||||
|
} as UseQueryOptions<PaginatedResult<T>>);
|
||||||
|
|
||||||
|
const data = query.data as PaginatedResult<T> | undefined;
|
||||||
|
|
||||||
|
return {
|
||||||
|
items: (data?.data ?? []) as T[],
|
||||||
|
pagination: data?.pagination ?? null,
|
||||||
|
isPending: query.isPending,
|
||||||
|
isFetching: query.isFetching,
|
||||||
|
isPlaceholderData: query.isPlaceholderData,
|
||||||
|
isError: query.isError,
|
||||||
|
error: query.error,
|
||||||
|
refetch: query.refetch,
|
||||||
|
};
|
||||||
|
}
|
||||||
|
|
||||||
|
export { useQueryClient, useQuery, keepPreviousData };
|
||||||
527
src/admin/hooks/usePlanWork.ts
Normal file
527
src/admin/hooks/usePlanWork.ts
Normal file
@@ -0,0 +1,527 @@
|
|||||||
|
import { useState, useCallback, useMemo } from "react";
|
||||||
|
import {
|
||||||
|
useQuery,
|
||||||
|
useQueryClient,
|
||||||
|
useMutation,
|
||||||
|
keepPreviousData,
|
||||||
|
} from "@tanstack/react-query";
|
||||||
|
import apiFetch from "../utils/api";
|
||||||
|
import { planKeys, GridData, ResolvedCell } from "../lib/queries/plan";
|
||||||
|
|
||||||
|
export type ViewMode = "week" | "month";
|
||||||
|
export type ModalMode =
|
||||||
|
| { kind: "closed" }
|
||||||
|
| { kind: "create"; userId: number; date: string }
|
||||||
|
| { kind: "edit-range"; entryId: number; userId: number; date: string }
|
||||||
|
| { kind: "edit-override"; overrideId: number; userId: number; date: string }
|
||||||
|
| { kind: "day-in-range"; userId: number; date: string; entryId: number }
|
||||||
|
| { kind: "view"; userId: number; date: string };
|
||||||
|
|
||||||
|
function isoDate(d: Date): string {
|
||||||
|
return d.toISOString().slice(0, 10);
|
||||||
|
}
|
||||||
|
|
||||||
|
function startOfWeek(d: Date): Date {
|
||||||
|
const day = d.getUTCDay(); // 0 = Sun
|
||||||
|
const diff = day === 0 ? -6 : 1 - day; // Monday-start
|
||||||
|
const r = new Date(d);
|
||||||
|
r.setUTCDate(d.getUTCDate() + diff);
|
||||||
|
return r;
|
||||||
|
}
|
||||||
|
|
||||||
|
function addDays(d: Date, n: number): Date {
|
||||||
|
const r = new Date(d);
|
||||||
|
r.setUTCDate(d.getUTCDate() + n);
|
||||||
|
return r;
|
||||||
|
}
|
||||||
|
|
||||||
|
async function apiCall(
|
||||||
|
url: string,
|
||||||
|
options: RequestInit = {},
|
||||||
|
): Promise<unknown> {
|
||||||
|
const res = await apiFetch(url, options);
|
||||||
|
if (!res.ok) {
|
||||||
|
let message = "Chyba serveru";
|
||||||
|
try {
|
||||||
|
const body = await res.json();
|
||||||
|
if (body && typeof body.error === "string") message = body.error;
|
||||||
|
} catch {
|
||||||
|
// body wasn't JSON; use default
|
||||||
|
}
|
||||||
|
throw new Error(message);
|
||||||
|
}
|
||||||
|
try {
|
||||||
|
return await res.json();
|
||||||
|
} catch {
|
||||||
|
return null;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
export interface UsePlanWorkArgs {
|
||||||
|
initialDate?: Date;
|
||||||
|
canEdit: boolean;
|
||||||
|
}
|
||||||
|
|
||||||
|
export function usePlanWork({ initialDate, canEdit }: UsePlanWorkArgs) {
|
||||||
|
const qc = useQueryClient();
|
||||||
|
const [view, setView] = useState<ViewMode>("week");
|
||||||
|
const [anchor, setAnchor] = useState<Date>(initialDate ?? new Date());
|
||||||
|
const [filterActive, setFilterActive] = useState(true);
|
||||||
|
const [modal, setModal] = useState<ModalMode>({ kind: "closed" });
|
||||||
|
|
||||||
|
const range = useMemo(() => {
|
||||||
|
if (view === "week") {
|
||||||
|
const from = startOfWeek(anchor);
|
||||||
|
const to = addDays(from, 6);
|
||||||
|
return { from, to };
|
||||||
|
}
|
||||||
|
const from = new Date(
|
||||||
|
Date.UTC(anchor.getUTCFullYear(), anchor.getUTCMonth(), 1),
|
||||||
|
);
|
||||||
|
const to = new Date(
|
||||||
|
Date.UTC(anchor.getUTCFullYear(), anchor.getUTCMonth() + 1, 0),
|
||||||
|
);
|
||||||
|
return { from, to };
|
||||||
|
}, [view, anchor]);
|
||||||
|
|
||||||
|
const gridQuery = useQuery({
|
||||||
|
queryKey: planKeys.grid(isoDate(range.from), isoDate(range.to), view),
|
||||||
|
queryFn: () =>
|
||||||
|
apiFetch(
|
||||||
|
`/api/admin/plan/grid?date_from=${isoDate(range.from)}&date_to=${isoDate(range.to)}&view=${view}`,
|
||||||
|
).then((r) => r.json().then((b: any) => b.data as GridData)),
|
||||||
|
// keepPreviousData holds the old range's data visible while the new
|
||||||
|
// range's fetch is in flight. Without this, `gridQuery.data` is
|
||||||
|
// immediately undefined on key change and the grid flashes empty.
|
||||||
|
// `isPlaceholderData` is true while the displayed data is stale.
|
||||||
|
placeholderData: keepPreviousData,
|
||||||
|
});
|
||||||
|
|
||||||
|
const invalidate = useCallback(() => {
|
||||||
|
qc.invalidateQueries({ queryKey: planKeys.all });
|
||||||
|
// Plan mutations write audit-log rows, so they touch the audit domain
|
||||||
|
// too. Invalidate the dashboard activity feed and the audit-log page so
|
||||||
|
// they reflect the change without a manual F5 (prefix-matches all
|
||||||
|
// ["audit-log", {...}] filter variants). The dashboard query is active
|
||||||
|
// when visible and refetches immediately despite its staleTime.
|
||||||
|
qc.invalidateQueries({ queryKey: ["dashboard"] });
|
||||||
|
qc.invalidateQueries({ queryKey: ["audit-log"] });
|
||||||
|
}, [qc]);
|
||||||
|
|
||||||
|
// --- Optimistic cache patches ---------------------------------------------
|
||||||
|
// After a mutation succeeds, we patch the visible grid query's data
|
||||||
|
// *before* the refetch resolves. This is what stops the full-grid
|
||||||
|
// re-animation: the visible data updates in place (and the new cell
|
||||||
|
// gets a one-shot pulse via PlanWork's lastMutated state), so the grid
|
||||||
|
// never unmounts. The subsequent invalidate+refetch confirms the patch
|
||||||
|
// from the server (which is the source of truth) and is a no-op if the
|
||||||
|
// server's data matches our patch.
|
||||||
|
//
|
||||||
|
// If the mutation fails, the mutation's onError handler in PlanWork
|
||||||
|
// rolls the cache back to the snapshot we took before the patch.
|
||||||
|
|
||||||
|
const currentGridKey = planKeys.grid(
|
||||||
|
isoDate(range.from),
|
||||||
|
isoDate(range.to),
|
||||||
|
view,
|
||||||
|
);
|
||||||
|
|
||||||
|
// Walk the days in [from, to] inclusive (YYYY-MM-DD strings). Used to
|
||||||
|
// figure out which cell keys to patch for a range entry.
|
||||||
|
function eachDay(from: string, to: string): string[] {
|
||||||
|
const out: string[] = [];
|
||||||
|
const a = new Date(from + "T00:00:00.000Z");
|
||||||
|
const b = new Date(to + "T00:00:00.000Z");
|
||||||
|
for (let d = new Date(a); d <= b; d.setUTCDate(d.getUTCDate() + 1)) {
|
||||||
|
out.push(d.toISOString().slice(0, 10));
|
||||||
|
}
|
||||||
|
return out;
|
||||||
|
}
|
||||||
|
|
||||||
|
// Snapshot the currently-cached grid for a given key. Returns
|
||||||
|
// `undefined` if there's nothing cached (we don't patch empty data).
|
||||||
|
function snapshotGrid(key: readonly unknown[]): GridData | undefined {
|
||||||
|
return qc.getQueryData<GridData>(key as any);
|
||||||
|
}
|
||||||
|
|
||||||
|
// Apply a per-date cell patch to the cached grid at `key`. Returns the
|
||||||
|
// previous cells[userId] map so the caller can roll back on error.
|
||||||
|
function patchCells(
|
||||||
|
key: readonly unknown[],
|
||||||
|
userId: number,
|
||||||
|
dates: string[],
|
||||||
|
mutator: (prev: ResolvedCell | null) => ResolvedCell | null,
|
||||||
|
): Record<string, ResolvedCell | null> | null {
|
||||||
|
const prev = snapshotGrid(key);
|
||||||
|
if (!prev) return null;
|
||||||
|
const userPrev = prev.cells[userId] ?? {};
|
||||||
|
const rolled: Record<string, ResolvedCell | null> = {};
|
||||||
|
const userNext: Record<string, ResolvedCell | null> = { ...userPrev };
|
||||||
|
for (const date of dates) {
|
||||||
|
rolled[date] = userPrev[date] ?? null;
|
||||||
|
userNext[date] = mutator(rolled[date]);
|
||||||
|
}
|
||||||
|
qc.setQueryData(key, {
|
||||||
|
...prev,
|
||||||
|
cells: { ...prev.cells, [userId]: userNext },
|
||||||
|
});
|
||||||
|
return rolled;
|
||||||
|
}
|
||||||
|
|
||||||
|
// Build a ResolvedCell for a freshly-created entry. The server returns
|
||||||
|
// a row with the same fields, so we mirror that shape. We don't have
|
||||||
|
// entryId/overrideId from the request body — but the createEntry
|
||||||
|
// response *does* include id; we could plumb it through. For now we
|
||||||
|
// leave entryId as a placeholder that the refetch will replace.
|
||||||
|
// (PlanGrid only uses source/entryId/overrideId to decide edit flow;
|
||||||
|
// a fresh cell from an entry is "entry" source — the refetch fills
|
||||||
|
// the actual id within ~200ms.)
|
||||||
|
function makeEntryCell(args: {
|
||||||
|
userId: number;
|
||||||
|
date: string;
|
||||||
|
projectId: number | null;
|
||||||
|
category: string;
|
||||||
|
note: string;
|
||||||
|
rangeFrom: string;
|
||||||
|
rangeTo: string;
|
||||||
|
entryId: number | null;
|
||||||
|
}): ResolvedCell {
|
||||||
|
return {
|
||||||
|
source: "entry",
|
||||||
|
entryId: args.entryId,
|
||||||
|
overrideId: null,
|
||||||
|
user_id: args.userId,
|
||||||
|
shift_date: args.date,
|
||||||
|
project_id: args.projectId,
|
||||||
|
// Optimistic placeholder — the invalidate+refetch fills the real
|
||||||
|
// project label (resolveGrid embeds it) within ~200ms.
|
||||||
|
project_number: null,
|
||||||
|
project_name: null,
|
||||||
|
category: args.category,
|
||||||
|
note: args.note,
|
||||||
|
rangeFrom: args.rangeFrom,
|
||||||
|
rangeTo: args.rangeTo,
|
||||||
|
};
|
||||||
|
}
|
||||||
|
|
||||||
|
function makeOverrideCell(args: {
|
||||||
|
userId: number;
|
||||||
|
date: string;
|
||||||
|
projectId: number | null;
|
||||||
|
category: string;
|
||||||
|
note: string;
|
||||||
|
overrideId: number | null;
|
||||||
|
}): ResolvedCell {
|
||||||
|
return {
|
||||||
|
source: "override",
|
||||||
|
entryId: null,
|
||||||
|
overrideId: args.overrideId,
|
||||||
|
user_id: args.userId,
|
||||||
|
shift_date: args.date,
|
||||||
|
project_id: args.projectId,
|
||||||
|
// Optimistic placeholder — refetch fills the real project label.
|
||||||
|
project_number: null,
|
||||||
|
project_name: null,
|
||||||
|
category: args.category,
|
||||||
|
note: args.note,
|
||||||
|
rangeFrom: null,
|
||||||
|
rangeTo: null,
|
||||||
|
};
|
||||||
|
}
|
||||||
|
|
||||||
|
// --- Mutations ---
|
||||||
|
|
||||||
|
const createEntry = useMutation({
|
||||||
|
mutationFn: (body: any) =>
|
||||||
|
apiCall("/api/admin/plan/entries", {
|
||||||
|
method: "POST",
|
||||||
|
body: JSON.stringify(body),
|
||||||
|
headers: { "Content-Type": "application/json" },
|
||||||
|
}),
|
||||||
|
onSuccess: (data: any, body: any) => {
|
||||||
|
// Patch the visible grid with the new entry. We use the response
|
||||||
|
// id (server-assigned) for the new entry's entryId; the rest of
|
||||||
|
// the ResolvedCell mirrors the request body.
|
||||||
|
const days = eachDay(body.date_from, body.date_to);
|
||||||
|
const id = data && typeof data.id === "number" ? data.id : null;
|
||||||
|
const rolled = patchCells(currentGridKey, body.user_id, days, () =>
|
||||||
|
makeEntryCell({
|
||||||
|
userId: body.user_id,
|
||||||
|
date: days[0],
|
||||||
|
projectId: body.project_id ?? null,
|
||||||
|
category: body.category,
|
||||||
|
note: body.note,
|
||||||
|
rangeFrom: body.date_from,
|
||||||
|
rangeTo: body.date_to,
|
||||||
|
entryId: id,
|
||||||
|
}),
|
||||||
|
);
|
||||||
|
// Stash the rollback on the mutation object so PlanWork can call
|
||||||
|
// it from onError.
|
||||||
|
(createEntry as any)._rolled = rolled;
|
||||||
|
invalidate();
|
||||||
|
},
|
||||||
|
});
|
||||||
|
|
||||||
|
const updateEntry = useMutation({
|
||||||
|
mutationFn: ({
|
||||||
|
id,
|
||||||
|
body,
|
||||||
|
force,
|
||||||
|
}: {
|
||||||
|
id: number;
|
||||||
|
body: any;
|
||||||
|
force?: boolean;
|
||||||
|
}) =>
|
||||||
|
apiCall(`/api/admin/plan/entries/${id}${force ? "?force=1" : ""}`, {
|
||||||
|
method: "PATCH",
|
||||||
|
body: JSON.stringify(body),
|
||||||
|
headers: { "Content-Type": "application/json" },
|
||||||
|
}),
|
||||||
|
onSuccess: (_data, vars) => {
|
||||||
|
// We don't know the new full range without the response, but we
|
||||||
|
// do have the body's date_from/date_to. If those are present,
|
||||||
|
// patch the new range. Old cells outside the new range are NOT
|
||||||
|
// cleared here — they'll either still be valid (date_from/to
|
||||||
|
// were partial updates) or the refetch will fix them.
|
||||||
|
const { id, body } = vars;
|
||||||
|
if (body.date_from && body.date_to) {
|
||||||
|
const days = eachDay(body.date_from, body.date_to);
|
||||||
|
// Find the user that owns this entry in the current grid by
|
||||||
|
// looking for any cell with entryId === id (we already know
|
||||||
|
// the id from vars; it doesn't change across the update).
|
||||||
|
const grid = qc.getQueryData<GridData>(currentGridKey as any);
|
||||||
|
let ownerUserId: number | null = null;
|
||||||
|
if (grid) {
|
||||||
|
for (const [uidStr, byDate] of Object.entries(grid.cells)) {
|
||||||
|
for (const cell of Object.values(byDate)) {
|
||||||
|
if (cell && cell.entryId === id) {
|
||||||
|
ownerUserId = Number(uidStr);
|
||||||
|
break;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
if (ownerUserId !== null) break;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
if (ownerUserId !== null) {
|
||||||
|
const rolled = patchCells(currentGridKey, ownerUserId, days, (prev) =>
|
||||||
|
makeEntryCell({
|
||||||
|
userId: ownerUserId!,
|
||||||
|
date: days[0],
|
||||||
|
projectId:
|
||||||
|
body.project_id === undefined
|
||||||
|
? (prev?.project_id ?? null)
|
||||||
|
: body.project_id,
|
||||||
|
category: body.category ?? prev?.category ?? "work",
|
||||||
|
note: body.note ?? prev?.note ?? "",
|
||||||
|
rangeFrom: body.date_from,
|
||||||
|
rangeTo: body.date_to,
|
||||||
|
entryId: id,
|
||||||
|
}),
|
||||||
|
);
|
||||||
|
(updateEntry as any)._rolled = rolled;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
invalidate();
|
||||||
|
},
|
||||||
|
});
|
||||||
|
|
||||||
|
const deleteEntry = useMutation({
|
||||||
|
mutationFn: ({ id, force }: { id: number; force?: boolean }) =>
|
||||||
|
apiCall(`/api/admin/plan/entries/${id}${force ? "?force=1" : ""}`, {
|
||||||
|
method: "DELETE",
|
||||||
|
}),
|
||||||
|
onSuccess: (_data, vars) => {
|
||||||
|
// For delete we need to know the entry's user_id and full range.
|
||||||
|
// Look it up from the current grid: find the user that has a cell
|
||||||
|
// with entryId === id, and read rangeFrom/rangeTo from that cell.
|
||||||
|
const grid = qc.getQueryData<GridData>(currentGridKey as any);
|
||||||
|
if (grid) {
|
||||||
|
for (const [uidStr, byDate] of Object.entries(grid.cells)) {
|
||||||
|
for (const [, cell] of Object.entries(byDate)) {
|
||||||
|
if (
|
||||||
|
cell &&
|
||||||
|
cell.entryId === vars.id &&
|
||||||
|
cell.rangeFrom &&
|
||||||
|
cell.rangeTo
|
||||||
|
) {
|
||||||
|
const days = eachDay(cell.rangeFrom, cell.rangeTo);
|
||||||
|
const rolled = patchCells(
|
||||||
|
currentGridKey,
|
||||||
|
Number(uidStr),
|
||||||
|
days,
|
||||||
|
() => null,
|
||||||
|
);
|
||||||
|
(deleteEntry as any)._rolled = rolled;
|
||||||
|
break;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
invalidate();
|
||||||
|
},
|
||||||
|
});
|
||||||
|
|
||||||
|
const createOverride = useMutation({
|
||||||
|
mutationFn: (body: any) =>
|
||||||
|
apiCall("/api/admin/plan/overrides", {
|
||||||
|
method: "POST",
|
||||||
|
body: JSON.stringify(body),
|
||||||
|
headers: { "Content-Type": "application/json" },
|
||||||
|
}),
|
||||||
|
onSuccess: (data: any, vars: any) => {
|
||||||
|
const id = data && typeof data.id === "number" ? data.id : null;
|
||||||
|
const rolled = patchCells(
|
||||||
|
currentGridKey,
|
||||||
|
vars.user_id,
|
||||||
|
[vars.shift_date],
|
||||||
|
() =>
|
||||||
|
makeOverrideCell({
|
||||||
|
userId: vars.user_id,
|
||||||
|
date: vars.shift_date,
|
||||||
|
projectId: vars.project_id ?? null,
|
||||||
|
category: vars.category,
|
||||||
|
note: vars.note,
|
||||||
|
overrideId: id,
|
||||||
|
}),
|
||||||
|
);
|
||||||
|
(createOverride as any)._rolled = rolled;
|
||||||
|
invalidate();
|
||||||
|
},
|
||||||
|
});
|
||||||
|
|
||||||
|
const updateOverride = useMutation({
|
||||||
|
mutationFn: ({
|
||||||
|
id,
|
||||||
|
body,
|
||||||
|
force,
|
||||||
|
}: {
|
||||||
|
id: number;
|
||||||
|
body: any;
|
||||||
|
force?: boolean;
|
||||||
|
}) =>
|
||||||
|
apiCall(`/api/admin/plan/overrides/${id}${force ? "?force=1" : ""}`, {
|
||||||
|
method: "PATCH",
|
||||||
|
body: JSON.stringify(body),
|
||||||
|
headers: { "Content-Type": "application/json" },
|
||||||
|
}),
|
||||||
|
onSuccess: (_data, vars) => {
|
||||||
|
// Find the user/date for this overrideId in the current grid, then
|
||||||
|
// patch that single cell with the new values.
|
||||||
|
const grid = qc.getQueryData<GridData>(currentGridKey as any);
|
||||||
|
if (grid) {
|
||||||
|
for (const [uidStr, byDate] of Object.entries(grid.cells)) {
|
||||||
|
for (const [date, cell] of Object.entries(byDate)) {
|
||||||
|
if (cell && cell.overrideId === vars.id) {
|
||||||
|
const rolled = patchCells(
|
||||||
|
currentGridKey,
|
||||||
|
Number(uidStr),
|
||||||
|
[date],
|
||||||
|
(prev) =>
|
||||||
|
makeOverrideCell({
|
||||||
|
userId: Number(uidStr),
|
||||||
|
date,
|
||||||
|
projectId: vars.body.project_id ?? prev?.project_id ?? null,
|
||||||
|
category: vars.body.category ?? prev?.category ?? "work",
|
||||||
|
note: vars.body.note ?? prev?.note ?? "",
|
||||||
|
overrideId: vars.id,
|
||||||
|
}),
|
||||||
|
);
|
||||||
|
(updateOverride as any)._rolled = rolled;
|
||||||
|
break;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
invalidate();
|
||||||
|
},
|
||||||
|
});
|
||||||
|
|
||||||
|
const deleteOverride = useMutation({
|
||||||
|
mutationFn: ({ id, force }: { id: number; force?: boolean }) =>
|
||||||
|
apiCall(`/api/admin/plan/overrides/${id}${force ? "?force=1" : ""}`, {
|
||||||
|
method: "DELETE",
|
||||||
|
}),
|
||||||
|
onSuccess: (_data, vars) => {
|
||||||
|
const grid = qc.getQueryData<GridData>(currentGridKey as any);
|
||||||
|
if (grid) {
|
||||||
|
for (const [uidStr, byDate] of Object.entries(grid.cells)) {
|
||||||
|
for (const [date, cell] of Object.entries(byDate)) {
|
||||||
|
if (cell && cell.overrideId === vars.id) {
|
||||||
|
const rolled = patchCells(
|
||||||
|
currentGridKey,
|
||||||
|
Number(uidStr),
|
||||||
|
[date],
|
||||||
|
() => null,
|
||||||
|
);
|
||||||
|
(deleteOverride as any)._rolled = rolled;
|
||||||
|
break;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
invalidate();
|
||||||
|
},
|
||||||
|
});
|
||||||
|
|
||||||
|
// Roll back an optimistic patch on mutation error. Called from
|
||||||
|
// PlanWork's mutation wrappers via `rollbackMutation(mutation, key)`.
|
||||||
|
// `mutation` is a TanStack mutation result with a `_rolled` snapshot stashed
|
||||||
|
// on it (see the `(createEntry as any)._rolled = …` writes above). Typed as
|
||||||
|
// `unknown` + an explicit cast so callers can pass the mutation object
|
||||||
|
// directly without the "weak type" mismatch a `{ _rolled? }` param causes.
|
||||||
|
function rollbackMutation(mutation: unknown, userId: number) {
|
||||||
|
const stash = mutation as {
|
||||||
|
_rolled?: Record<string, ResolvedCell | null> | null;
|
||||||
|
};
|
||||||
|
if (!stash._rolled) return;
|
||||||
|
const prev = qc.getQueryData<GridData>(currentGridKey as any);
|
||||||
|
if (!prev) return;
|
||||||
|
const userPrev = prev.cells[userId] ?? {};
|
||||||
|
const userNext = { ...userPrev };
|
||||||
|
for (const [date, cell] of Object.entries(stash._rolled)) {
|
||||||
|
userNext[date] = cell;
|
||||||
|
}
|
||||||
|
qc.setQueryData(currentGridKey, {
|
||||||
|
...prev,
|
||||||
|
cells: { ...prev.cells, [userId]: userNext },
|
||||||
|
});
|
||||||
|
stash._rolled = null;
|
||||||
|
}
|
||||||
|
|
||||||
|
return {
|
||||||
|
view,
|
||||||
|
setView,
|
||||||
|
anchor,
|
||||||
|
setAnchor,
|
||||||
|
filterActive,
|
||||||
|
setFilterActive,
|
||||||
|
range,
|
||||||
|
grid: gridQuery.data,
|
||||||
|
gridLoading: gridQuery.isLoading,
|
||||||
|
gridFetching: gridQuery.isFetching,
|
||||||
|
gridIsPlaceholder: gridQuery.isPlaceholderData,
|
||||||
|
modal,
|
||||||
|
setModal,
|
||||||
|
canEdit,
|
||||||
|
createEntry,
|
||||||
|
updateEntry,
|
||||||
|
deleteEntry,
|
||||||
|
createOverride,
|
||||||
|
updateOverride,
|
||||||
|
deleteOverride,
|
||||||
|
invalidate,
|
||||||
|
// Exposed so PlanWork can roll back an optimistic patch when a
|
||||||
|
// mutation throws. Pass the failed mutation and the userId it
|
||||||
|
// targeted.
|
||||||
|
rollbackMutation,
|
||||||
|
};
|
||||||
|
}
|
||||||
|
|
||||||
|
export function getCell(
|
||||||
|
grid: GridData | undefined,
|
||||||
|
userId: number,
|
||||||
|
date: string,
|
||||||
|
): ResolvedCell | null {
|
||||||
|
return grid?.cells?.[userId]?.[date] ?? null;
|
||||||
|
}
|
||||||
24
src/admin/hooks/useReducedMotion.ts
Normal file
24
src/admin/hooks/useReducedMotion.ts
Normal file
@@ -0,0 +1,24 @@
|
|||||||
|
import { useEffect, useState } from "react";
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Returns true when the user has expressed a preference for reduced motion
|
||||||
|
* (OS-level setting: `prefers-reduced-motion: reduce`).
|
||||||
|
*
|
||||||
|
* SSR-safe: starts as `false` (the default state), so the first render uses
|
||||||
|
* the normal animation. The effect then reconciles with the live matchMedia
|
||||||
|
* state on the client and re-renders if needed.
|
||||||
|
*/
|
||||||
|
export default function useReducedMotion(): boolean {
|
||||||
|
const [reduced, setReduced] = useState(false);
|
||||||
|
|
||||||
|
useEffect(() => {
|
||||||
|
if (typeof window === "undefined" || !window.matchMedia) return;
|
||||||
|
const mq = window.matchMedia("(prefers-reduced-motion: reduce)");
|
||||||
|
setReduced(mq.matches);
|
||||||
|
const onChange = () => setReduced(mq.matches);
|
||||||
|
mq.addEventListener("change", onChange);
|
||||||
|
return () => mq.removeEventListener("change", onChange);
|
||||||
|
}, []);
|
||||||
|
|
||||||
|
return reduced;
|
||||||
|
}
|
||||||
@@ -1,4 +1,4 @@
|
|||||||
import { useState, useCallback, useRef } from "react";
|
import { useState, useCallback } from "react";
|
||||||
|
|
||||||
interface SortState {
|
interface SortState {
|
||||||
sort: string;
|
sort: string;
|
||||||
@@ -13,10 +13,10 @@ export default function useTableSort(
|
|||||||
sort: defaultSort,
|
sort: defaultSort,
|
||||||
order: defaultOrder,
|
order: defaultOrder,
|
||||||
});
|
});
|
||||||
const userClicked = useRef(false);
|
const [userClicked, setUserClicked] = useState(false);
|
||||||
|
|
||||||
const handleSort = useCallback((column: string) => {
|
const handleSort = useCallback((column: string) => {
|
||||||
userClicked.current = true;
|
setUserClicked(true);
|
||||||
setState((prev) => {
|
setState((prev) => {
|
||||||
if (prev.sort === column) {
|
if (prev.sort === column) {
|
||||||
return { sort: column, order: prev.order === "asc" ? "desc" : "asc" };
|
return { sort: column, order: prev.order === "asc" ? "desc" : "asc" };
|
||||||
@@ -25,7 +25,7 @@ export default function useTableSort(
|
|||||||
});
|
});
|
||||||
}, []);
|
}, []);
|
||||||
|
|
||||||
const activeSort = userClicked.current ? state.sort : null;
|
const activeSort = userClicked ? state.sort : null;
|
||||||
|
|
||||||
return { sort: state.sort, order: state.order, handleSort, activeSort };
|
return { sort: state.sort, order: state.order, handleSort, activeSort };
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -127,9 +127,17 @@
|
|||||||
}
|
}
|
||||||
|
|
||||||
@media (max-width: 640px) {
|
@media (max-width: 640px) {
|
||||||
|
/* Month-nav row may wrap so it never forces horizontal page overflow */
|
||||||
|
.invoice-month-nav {
|
||||||
|
flex-wrap: wrap;
|
||||||
|
}
|
||||||
|
|
||||||
|
/* 44px touch target for the prev/next month buttons */
|
||||||
.invoice-month-btn {
|
.invoice-month-btn {
|
||||||
width: 44px;
|
width: 44px;
|
||||||
height: 44px;
|
height: 44px;
|
||||||
|
min-width: 44px;
|
||||||
|
min-height: 44px;
|
||||||
}
|
}
|
||||||
|
|
||||||
.received-upload-row {
|
.received-upload-row {
|
||||||
|
|||||||
83
src/admin/lib/apiAdapter.ts
Normal file
83
src/admin/lib/apiAdapter.ts
Normal file
@@ -0,0 +1,83 @@
|
|||||||
|
import apiFetch from "../utils/api";
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Thin adapter that converts apiFetch responses into the shape TanStack Query expects.
|
||||||
|
* - Checks response.ok and result.success
|
||||||
|
* - Throws on errors so TanStack Query can handle retry/error states
|
||||||
|
* - Returns result.data directly (unwrapped from the API envelope)
|
||||||
|
*/
|
||||||
|
export async function jsonQuery<T>(
|
||||||
|
url: string,
|
||||||
|
options?: RequestInit,
|
||||||
|
): Promise<T> {
|
||||||
|
const response = await apiFetch(url, options);
|
||||||
|
|
||||||
|
if (response.status === 401) {
|
||||||
|
throw new Error("Unauthorized");
|
||||||
|
}
|
||||||
|
|
||||||
|
let result: { success: boolean; data?: unknown; error?: string };
|
||||||
|
try {
|
||||||
|
result = (await response.json()) as typeof result;
|
||||||
|
} catch {
|
||||||
|
throw new Error("Invalid JSON response");
|
||||||
|
}
|
||||||
|
|
||||||
|
if (!response.ok || !result.success) {
|
||||||
|
throw new Error(result.error || `Request failed (${response.status})`);
|
||||||
|
}
|
||||||
|
|
||||||
|
return result.data as T;
|
||||||
|
}
|
||||||
|
|
||||||
|
export interface PaginationMeta {
|
||||||
|
total: number;
|
||||||
|
page: number;
|
||||||
|
per_page: number;
|
||||||
|
total_pages: number;
|
||||||
|
}
|
||||||
|
|
||||||
|
export interface PaginatedResult<T> {
|
||||||
|
data: T[];
|
||||||
|
pagination: PaginationMeta;
|
||||||
|
}
|
||||||
|
|
||||||
|
export async function paginatedJsonQuery<T>(
|
||||||
|
url: string,
|
||||||
|
options?: RequestInit,
|
||||||
|
): Promise<PaginatedResult<T>> {
|
||||||
|
const response = await apiFetch(url, options);
|
||||||
|
|
||||||
|
if (response.status === 401) {
|
||||||
|
throw new Error("Unauthorized");
|
||||||
|
}
|
||||||
|
|
||||||
|
let result: {
|
||||||
|
success: boolean;
|
||||||
|
data?: unknown;
|
||||||
|
error?: string;
|
||||||
|
pagination?: PaginationMeta;
|
||||||
|
};
|
||||||
|
try {
|
||||||
|
result = (await response.json()) as typeof result;
|
||||||
|
} catch {
|
||||||
|
throw new Error("Invalid JSON response");
|
||||||
|
}
|
||||||
|
|
||||||
|
if (!response.ok || !result.success) {
|
||||||
|
throw new Error(result.error || `Request failed (${response.status})`);
|
||||||
|
}
|
||||||
|
|
||||||
|
const items = Array.isArray(result.data)
|
||||||
|
? result.data
|
||||||
|
: ((result.data as { items?: T[] })?.items ?? []);
|
||||||
|
const pagination = result.pagination ??
|
||||||
|
(result.data as { pagination?: PaginationMeta })?.pagination ?? {
|
||||||
|
total: items.length,
|
||||||
|
page: 1,
|
||||||
|
per_page: items.length,
|
||||||
|
total_pages: 1,
|
||||||
|
};
|
||||||
|
|
||||||
|
return { data: items as T[], pagination };
|
||||||
|
}
|
||||||
40
src/admin/lib/entityTypeLabels.ts
Normal file
40
src/admin/lib/entityTypeLabels.ts
Normal file
@@ -0,0 +1,40 @@
|
|||||||
|
// Single source of truth for audit-log entity_type → Czech label, used by
|
||||||
|
// the Audit Log page and the dashboard activity feed.
|
||||||
|
//
|
||||||
|
// IMPORTANT: keys MUST match the `entityType` values the server actually
|
||||||
|
// writes via logAudit() (see src/types/index.ts `EntityType` and the
|
||||||
|
// `entityType:` args in src/routes/**). The previous maps used legacy keys
|
||||||
|
// (e.g. "invoices_invoice", "offers_quotation", "trips") that never matched
|
||||||
|
// what the server writes, and omitted every warehouse_* entity, so those
|
||||||
|
// audit rows rendered the raw English entity_type instead of a Czech label.
|
||||||
|
export const ENTITY_TYPE_LABELS: Record<string, string> = {
|
||||||
|
user: "Uživatel",
|
||||||
|
role: "Role",
|
||||||
|
attendance: "Docházka",
|
||||||
|
leave_request: "Žádost o nepřítomnost",
|
||||||
|
leave_balance: "Saldo nepřítomnosti",
|
||||||
|
invoice: "Faktura",
|
||||||
|
quotation: "Nabídka",
|
||||||
|
order: "Objednávka",
|
||||||
|
project: "Projekt",
|
||||||
|
project_file: "Soubor projektu",
|
||||||
|
customer: "Zákazník",
|
||||||
|
trip: "Jízda",
|
||||||
|
vehicle: "Vozidlo",
|
||||||
|
bank_account: "Bankovní účet",
|
||||||
|
company_settings: "Nastavení firmy",
|
||||||
|
audit_logs: "Audit log",
|
||||||
|
warehouse_item: "Skladová položka",
|
||||||
|
warehouse_receipt: "Příjemka",
|
||||||
|
warehouse_issue: "Výdejka",
|
||||||
|
warehouse_reservation: "Rezervace",
|
||||||
|
warehouse_inventory: "Inventura",
|
||||||
|
warehouse_supplier: "Dodavatel",
|
||||||
|
warehouse_category: "Kategorie skladu",
|
||||||
|
warehouse_location: "Skladová lokace",
|
||||||
|
warehouse_receipt_attachment: "Příloha příjemky",
|
||||||
|
work_plan_entry: "Plán prací – záznam",
|
||||||
|
work_plan_override: "Plán prací – přepsání dne",
|
||||||
|
plan_category: "Plán prací – kategorie",
|
||||||
|
session: "Relace",
|
||||||
|
};
|
||||||
185
src/admin/lib/queries/attendance.ts
Normal file
185
src/admin/lib/queries/attendance.ts
Normal file
@@ -0,0 +1,185 @@
|
|||||||
|
import { queryOptions } from "@tanstack/react-query";
|
||||||
|
import apiFetch from "../../utils/api";
|
||||||
|
import { jsonQuery } from "../apiAdapter";
|
||||||
|
|
||||||
|
interface LocationRaw {
|
||||||
|
users?: { first_name: string; last_name: string };
|
||||||
|
user_name?: string;
|
||||||
|
shift_date: string;
|
||||||
|
arrival_time?: string | null;
|
||||||
|
departure_time?: string | null;
|
||||||
|
arrival_lat?: string | number | null;
|
||||||
|
arrival_lng?: string | number | null;
|
||||||
|
arrival_accuracy?: number | null;
|
||||||
|
arrival_address?: string | null;
|
||||||
|
departure_lat?: string | number | null;
|
||||||
|
departure_lng?: string | number | null;
|
||||||
|
departure_accuracy?: number | null;
|
||||||
|
departure_address?: string | null;
|
||||||
|
}
|
||||||
|
|
||||||
|
export interface LocationRecord {
|
||||||
|
user_name: string;
|
||||||
|
shift_date: string;
|
||||||
|
arrival_time?: string | null;
|
||||||
|
departure_time?: string | null;
|
||||||
|
arrival_lat?: string | number | null;
|
||||||
|
arrival_lng?: string | number | null;
|
||||||
|
arrival_accuracy?: number | null;
|
||||||
|
arrival_address?: string | null;
|
||||||
|
departure_lat?: string | number | null;
|
||||||
|
departure_lng?: string | number | null;
|
||||||
|
departure_accuracy?: number | null;
|
||||||
|
departure_address?: string | null;
|
||||||
|
}
|
||||||
|
|
||||||
|
export interface ProjectLogEntry {
|
||||||
|
id?: number;
|
||||||
|
project_id?: number;
|
||||||
|
project_name?: string;
|
||||||
|
started_at?: string;
|
||||||
|
ended_at?: string | null;
|
||||||
|
hours?: string | number | null;
|
||||||
|
minutes?: string | number | null;
|
||||||
|
}
|
||||||
|
|
||||||
|
export interface AttendanceRecord {
|
||||||
|
id: number;
|
||||||
|
shift_date: string;
|
||||||
|
leave_type?: string;
|
||||||
|
leave_hours?: number;
|
||||||
|
arrival_time?: string | null;
|
||||||
|
departure_time?: string | null;
|
||||||
|
break_start?: string | null;
|
||||||
|
break_end?: string | null;
|
||||||
|
notes?: string;
|
||||||
|
project_name?: string;
|
||||||
|
project_logs?: ProjectLogEntry[];
|
||||||
|
}
|
||||||
|
|
||||||
|
export interface BalanceEntry {
|
||||||
|
name: string;
|
||||||
|
vacation_total: number;
|
||||||
|
vacation_used: number;
|
||||||
|
vacation_remaining: number;
|
||||||
|
sick_used: number;
|
||||||
|
}
|
||||||
|
|
||||||
|
export interface UserShort {
|
||||||
|
id: number | string;
|
||||||
|
name: string;
|
||||||
|
}
|
||||||
|
|
||||||
|
export interface BalancesData {
|
||||||
|
users: UserShort[];
|
||||||
|
balances: Record<string, BalanceEntry>;
|
||||||
|
}
|
||||||
|
|
||||||
|
export interface FundUserData {
|
||||||
|
name: string;
|
||||||
|
worked: number;
|
||||||
|
covered: number;
|
||||||
|
overtime: number;
|
||||||
|
missing: number;
|
||||||
|
}
|
||||||
|
|
||||||
|
export interface MonthFundData {
|
||||||
|
month_name: string;
|
||||||
|
fund: number;
|
||||||
|
fund_to_date: number;
|
||||||
|
business_days: number;
|
||||||
|
users?: Record<string, FundUserData>;
|
||||||
|
}
|
||||||
|
|
||||||
|
export interface FundData {
|
||||||
|
months: Record<string, MonthFundData>;
|
||||||
|
holidays: unknown[];
|
||||||
|
users: UserShort[];
|
||||||
|
balances: Record<string, unknown>;
|
||||||
|
}
|
||||||
|
|
||||||
|
export interface ProjectUser {
|
||||||
|
user_id: number;
|
||||||
|
user_name: string;
|
||||||
|
hours: number;
|
||||||
|
}
|
||||||
|
|
||||||
|
export interface ProjectEntry {
|
||||||
|
project_id: number | null;
|
||||||
|
project_number?: string;
|
||||||
|
project_name?: string;
|
||||||
|
hours: number;
|
||||||
|
users: ProjectUser[];
|
||||||
|
}
|
||||||
|
|
||||||
|
export interface MonthProjectData {
|
||||||
|
month_name: string;
|
||||||
|
projects: ProjectEntry[];
|
||||||
|
}
|
||||||
|
|
||||||
|
export interface ProjectData {
|
||||||
|
months: Record<string, MonthProjectData>;
|
||||||
|
}
|
||||||
|
|
||||||
|
export const attendanceHistoryOptions = (filters: {
|
||||||
|
month?: string;
|
||||||
|
userId?: number;
|
||||||
|
}) =>
|
||||||
|
queryOptions({
|
||||||
|
queryKey: ["attendance", "history", filters],
|
||||||
|
queryFn: () => {
|
||||||
|
const params = new URLSearchParams();
|
||||||
|
params.set("limit", "1000");
|
||||||
|
if (filters.month) params.set("month", filters.month);
|
||||||
|
if (filters.userId) params.set("user_id", String(filters.userId));
|
||||||
|
return jsonQuery<AttendanceRecord[]>(
|
||||||
|
`/api/admin/attendance?${params.toString()}`,
|
||||||
|
);
|
||||||
|
},
|
||||||
|
});
|
||||||
|
|
||||||
|
export const attendanceBalancesOptions = (year: number) =>
|
||||||
|
queryOptions({
|
||||||
|
queryKey: ["attendance", "balances", year],
|
||||||
|
queryFn: () =>
|
||||||
|
jsonQuery<BalancesData>(
|
||||||
|
`/api/admin/attendance?action=balances&year=${year}`,
|
||||||
|
),
|
||||||
|
});
|
||||||
|
|
||||||
|
export const attendanceWorkFundOptions = (year: number) =>
|
||||||
|
queryOptions({
|
||||||
|
queryKey: ["attendance", "workfund", year],
|
||||||
|
queryFn: () =>
|
||||||
|
jsonQuery<FundData>(`/api/admin/attendance?action=workfund&year=${year}`),
|
||||||
|
});
|
||||||
|
|
||||||
|
export const attendanceProjectReportOptions = (year: number) =>
|
||||||
|
queryOptions({
|
||||||
|
queryKey: ["attendance", "project-report", year],
|
||||||
|
queryFn: () =>
|
||||||
|
jsonQuery<ProjectData>(
|
||||||
|
`/api/admin/attendance?action=project_report&year=${year}`,
|
||||||
|
),
|
||||||
|
});
|
||||||
|
|
||||||
|
export const attendanceLocationOptions = (id: string | undefined) =>
|
||||||
|
queryOptions({
|
||||||
|
queryKey: ["attendance", "location", id],
|
||||||
|
queryFn: async (): Promise<LocationRecord> => {
|
||||||
|
const response = await apiFetch(
|
||||||
|
`/api/admin/attendance?action=location&id=${id}`,
|
||||||
|
);
|
||||||
|
const result = await response.json();
|
||||||
|
if (!result.success) {
|
||||||
|
throw new Error(result.error || "Záznam nebyl nalezen");
|
||||||
|
}
|
||||||
|
const raw = (result.data.record || result.data) as LocationRaw;
|
||||||
|
const userName = raw.users
|
||||||
|
? `${raw.users.first_name} ${raw.users.last_name}`.trim()
|
||||||
|
: raw.user_name || "";
|
||||||
|
const { users: _users, ...rest } = raw;
|
||||||
|
return { ...rest, user_name: userName };
|
||||||
|
},
|
||||||
|
enabled: !!id,
|
||||||
|
});
|
||||||
28
src/admin/lib/queries/auditLog.ts
Normal file
28
src/admin/lib/queries/auditLog.ts
Normal file
@@ -0,0 +1,28 @@
|
|||||||
|
import { queryOptions } from "@tanstack/react-query";
|
||||||
|
import { jsonQuery } from "../apiAdapter";
|
||||||
|
|
||||||
|
export const auditLogOptions = (filters: {
|
||||||
|
search?: string;
|
||||||
|
action?: string;
|
||||||
|
entityType?: string;
|
||||||
|
dateFrom?: string;
|
||||||
|
dateTo?: string;
|
||||||
|
page?: number;
|
||||||
|
}) =>
|
||||||
|
queryOptions({
|
||||||
|
queryKey: ["audit-log", filters],
|
||||||
|
queryFn: () => {
|
||||||
|
const params = new URLSearchParams();
|
||||||
|
if (filters.search) params.set("search", filters.search);
|
||||||
|
if (filters.action) params.set("action", filters.action);
|
||||||
|
if (filters.entityType) params.set("entity_type", filters.entityType);
|
||||||
|
if (filters.dateFrom) params.set("date_from", filters.dateFrom);
|
||||||
|
if (filters.dateTo) params.set("date_to", filters.dateTo);
|
||||||
|
if (filters.page) params.set("page", String(filters.page));
|
||||||
|
const qs = params.toString();
|
||||||
|
return jsonQuery<{
|
||||||
|
data: Record<string, unknown>[];
|
||||||
|
pagination: Record<string, unknown>;
|
||||||
|
}>(`/api/admin/audit-log${qs ? `?${qs}` : ""}`);
|
||||||
|
},
|
||||||
|
});
|
||||||
28
src/admin/lib/queries/common.ts
Normal file
28
src/admin/lib/queries/common.ts
Normal file
@@ -0,0 +1,28 @@
|
|||||||
|
import { queryOptions } from "@tanstack/react-query";
|
||||||
|
import { jsonQuery } from "../apiAdapter";
|
||||||
|
|
||||||
|
export interface BankAccount {
|
||||||
|
id: number;
|
||||||
|
account_name: string;
|
||||||
|
bank_name: string;
|
||||||
|
account_number: string;
|
||||||
|
iban: string;
|
||||||
|
bic: string;
|
||||||
|
currency: string;
|
||||||
|
is_default: boolean;
|
||||||
|
}
|
||||||
|
|
||||||
|
export const bankAccountsOptions = () =>
|
||||||
|
queryOptions({
|
||||||
|
queryKey: ["bank-accounts"],
|
||||||
|
queryFn: () => jsonQuery<BankAccount[]>("/api/admin/bank-accounts"),
|
||||||
|
staleTime: 2 * 60_000,
|
||||||
|
});
|
||||||
|
|
||||||
|
export const supplierListOptions = () =>
|
||||||
|
queryOptions({
|
||||||
|
queryKey: ["suppliers"],
|
||||||
|
queryFn: () =>
|
||||||
|
jsonQuery<string[]>("/api/admin/received-invoices/suppliers"),
|
||||||
|
staleTime: 2 * 60_000,
|
||||||
|
});
|
||||||
38
src/admin/lib/queries/dashboard.ts
Normal file
38
src/admin/lib/queries/dashboard.ts
Normal file
@@ -0,0 +1,38 @@
|
|||||||
|
import { queryOptions } from "@tanstack/react-query";
|
||||||
|
import apiFetch from "../../utils/api";
|
||||||
|
import { jsonQuery } from "../apiAdapter";
|
||||||
|
|
||||||
|
export const dashboardOptions = () =>
|
||||||
|
queryOptions({
|
||||||
|
queryKey: ["dashboard"],
|
||||||
|
queryFn: () => jsonQuery<Record<string, unknown>>("/api/admin/dashboard"),
|
||||||
|
staleTime: 60_000,
|
||||||
|
});
|
||||||
|
|
||||||
|
// require2FAOptions lives in ./settings.ts (the single definition consumers
|
||||||
|
// import). The duplicate copy that used to be here was dead.
|
||||||
|
|
||||||
|
export interface Session {
|
||||||
|
id: number | string;
|
||||||
|
is_current: boolean;
|
||||||
|
device_info?: {
|
||||||
|
icon?: string;
|
||||||
|
browser?: string;
|
||||||
|
os?: string;
|
||||||
|
};
|
||||||
|
ip_address: string;
|
||||||
|
created_at: string;
|
||||||
|
}
|
||||||
|
|
||||||
|
export const sessionsOptions = () =>
|
||||||
|
queryOptions({
|
||||||
|
queryKey: ["sessions"],
|
||||||
|
queryFn: async (): Promise<Session[]> => {
|
||||||
|
const response = await apiFetch("/api/admin/sessions");
|
||||||
|
const data = await response.json();
|
||||||
|
if (data.success) {
|
||||||
|
return Array.isArray(data.data) ? data.data : data.data?.sessions || [];
|
||||||
|
}
|
||||||
|
throw new Error(data.error || "Nepodařilo se načíst relace");
|
||||||
|
},
|
||||||
|
});
|
||||||
209
src/admin/lib/queries/invoices.ts
Normal file
209
src/admin/lib/queries/invoices.ts
Normal file
@@ -0,0 +1,209 @@
|
|||||||
|
import { queryOptions } from "@tanstack/react-query";
|
||||||
|
import { jsonQuery, paginatedJsonQuery } from "../apiAdapter";
|
||||||
|
|
||||||
|
export interface CurrencyAmount {
|
||||||
|
amount: number;
|
||||||
|
currency: string;
|
||||||
|
}
|
||||||
|
|
||||||
|
export interface Invoice {
|
||||||
|
id: number;
|
||||||
|
invoice_number: string;
|
||||||
|
customer_name: string | null;
|
||||||
|
status: string;
|
||||||
|
issue_date: string;
|
||||||
|
due_date: string;
|
||||||
|
total: number;
|
||||||
|
currency: string;
|
||||||
|
}
|
||||||
|
|
||||||
|
export interface InvoiceStats {
|
||||||
|
paid_month: CurrencyAmount[];
|
||||||
|
paid_month_czk: number;
|
||||||
|
paid_month_count: number;
|
||||||
|
awaiting: CurrencyAmount[];
|
||||||
|
awaiting_czk: number;
|
||||||
|
awaiting_count: number;
|
||||||
|
overdue: CurrencyAmount[];
|
||||||
|
overdue_czk: number;
|
||||||
|
overdue_count: number;
|
||||||
|
vat_month: CurrencyAmount[];
|
||||||
|
vat_month_czk: number;
|
||||||
|
}
|
||||||
|
|
||||||
|
export interface InvoiceItem {
|
||||||
|
id?: number;
|
||||||
|
description: string;
|
||||||
|
item_description?: string;
|
||||||
|
quantity: number;
|
||||||
|
unit: string;
|
||||||
|
unit_price: number;
|
||||||
|
vat_rate?: number;
|
||||||
|
is_included_in_total: boolean;
|
||||||
|
position?: number;
|
||||||
|
}
|
||||||
|
|
||||||
|
export interface InvoiceDetail {
|
||||||
|
id: number;
|
||||||
|
invoice_number: string;
|
||||||
|
customer_id: number | null;
|
||||||
|
customer_name: string;
|
||||||
|
customer?: {
|
||||||
|
company_id?: string;
|
||||||
|
vat_id?: string;
|
||||||
|
};
|
||||||
|
status: string;
|
||||||
|
issue_date: string;
|
||||||
|
due_date: string;
|
||||||
|
taxable_date?: string;
|
||||||
|
tax_date?: string;
|
||||||
|
currency: string;
|
||||||
|
language: string;
|
||||||
|
vat_rate: number;
|
||||||
|
apply_vat: boolean;
|
||||||
|
exchange_rate: string;
|
||||||
|
notes?: string;
|
||||||
|
payment_method?: string;
|
||||||
|
variable_symbol?: string;
|
||||||
|
constant_symbol?: string;
|
||||||
|
issued_by?: string | null;
|
||||||
|
paid_date?: string;
|
||||||
|
billing_text?: string;
|
||||||
|
bank_name?: string;
|
||||||
|
bank_swift?: string;
|
||||||
|
bank_iban?: string;
|
||||||
|
bank_account?: string;
|
||||||
|
bank_account_id?: number | null;
|
||||||
|
items?: InvoiceItem[];
|
||||||
|
subtotal: number;
|
||||||
|
vat_amount: number;
|
||||||
|
total: number;
|
||||||
|
order?: {
|
||||||
|
id: number;
|
||||||
|
order_number: string;
|
||||||
|
status?: string;
|
||||||
|
} | null;
|
||||||
|
order_id?: number;
|
||||||
|
order_number?: string;
|
||||||
|
has_pdf?: boolean;
|
||||||
|
valid_transitions?: string[];
|
||||||
|
}
|
||||||
|
|
||||||
|
export interface ReceivedInvoice {
|
||||||
|
id: number;
|
||||||
|
supplier_name: string;
|
||||||
|
invoice_number: string;
|
||||||
|
amount: number;
|
||||||
|
currency: string;
|
||||||
|
vat_rate: number;
|
||||||
|
issue_date: string;
|
||||||
|
due_date: string;
|
||||||
|
notes: string;
|
||||||
|
status: string;
|
||||||
|
file_name?: string;
|
||||||
|
created_at: string;
|
||||||
|
}
|
||||||
|
|
||||||
|
export interface ReceivedStats {
|
||||||
|
total_month: CurrencyAmount[];
|
||||||
|
total_month_czk: number | null;
|
||||||
|
vat_month: CurrencyAmount[];
|
||||||
|
vat_month_czk: number | null;
|
||||||
|
unpaid: CurrencyAmount[];
|
||||||
|
unpaid_czk: number | null;
|
||||||
|
unpaid_count: number;
|
||||||
|
month_count: number;
|
||||||
|
}
|
||||||
|
|
||||||
|
export const invoiceListOptions = (filters: {
|
||||||
|
search?: string;
|
||||||
|
sort?: string;
|
||||||
|
order?: string;
|
||||||
|
page?: number;
|
||||||
|
perPage?: number;
|
||||||
|
month?: number;
|
||||||
|
year?: number;
|
||||||
|
status?: string;
|
||||||
|
}) =>
|
||||||
|
queryOptions({
|
||||||
|
queryKey: ["invoices", "list", filters],
|
||||||
|
queryFn: () => {
|
||||||
|
const params = new URLSearchParams();
|
||||||
|
if (filters.search) params.set("search", filters.search);
|
||||||
|
if (filters.sort) params.set("sort", filters.sort);
|
||||||
|
if (filters.order) params.set("order", filters.order);
|
||||||
|
if (filters.page) params.set("page", String(filters.page));
|
||||||
|
if (filters.perPage) params.set("per_page", String(filters.perPage));
|
||||||
|
if (filters.month) params.set("month", String(filters.month));
|
||||||
|
if (filters.year) params.set("year", String(filters.year));
|
||||||
|
if (filters.status) params.set("status", filters.status);
|
||||||
|
const qs = params.toString();
|
||||||
|
return paginatedJsonQuery<Invoice>(
|
||||||
|
`/api/admin/invoices${qs ? `?${qs}` : ""}`,
|
||||||
|
);
|
||||||
|
},
|
||||||
|
});
|
||||||
|
|
||||||
|
export const receivedInvoiceListOptions = (filters: {
|
||||||
|
month?: number;
|
||||||
|
year?: number;
|
||||||
|
search?: string;
|
||||||
|
sort?: string;
|
||||||
|
order?: string;
|
||||||
|
page?: number;
|
||||||
|
perPage?: number;
|
||||||
|
}) =>
|
||||||
|
queryOptions({
|
||||||
|
queryKey: [
|
||||||
|
"invoices",
|
||||||
|
"received",
|
||||||
|
{
|
||||||
|
month: filters.month,
|
||||||
|
year: filters.year,
|
||||||
|
search: filters.search,
|
||||||
|
sort: filters.sort,
|
||||||
|
order: filters.order,
|
||||||
|
page: filters.page,
|
||||||
|
perPage: filters.perPage,
|
||||||
|
},
|
||||||
|
],
|
||||||
|
queryFn: () => {
|
||||||
|
const params = new URLSearchParams();
|
||||||
|
if (filters.month) params.set("month", String(filters.month));
|
||||||
|
if (filters.year) params.set("year", String(filters.year));
|
||||||
|
if (filters.search) params.set("search", filters.search);
|
||||||
|
if (filters.sort) params.set("sort", filters.sort);
|
||||||
|
if (filters.order) params.set("order", filters.order);
|
||||||
|
if (filters.page) params.set("page", String(filters.page));
|
||||||
|
if (filters.perPage) params.set("per_page", String(filters.perPage));
|
||||||
|
const qs = params.toString();
|
||||||
|
return paginatedJsonQuery<ReceivedInvoice>(
|
||||||
|
`/api/admin/received-invoices${qs ? `?${qs}` : ""}`,
|
||||||
|
);
|
||||||
|
},
|
||||||
|
});
|
||||||
|
|
||||||
|
export const invoiceStatsOptions = (month: number, year: number) =>
|
||||||
|
queryOptions({
|
||||||
|
queryKey: ["invoices", "stats", month, year],
|
||||||
|
queryFn: () =>
|
||||||
|
jsonQuery<InvoiceStats>(
|
||||||
|
`/api/admin/invoices/stats?month=${month}&year=${year}`,
|
||||||
|
),
|
||||||
|
});
|
||||||
|
|
||||||
|
export const receivedInvoiceStatsOptions = (month: number, year: number) =>
|
||||||
|
queryOptions({
|
||||||
|
queryKey: ["invoices", "received", "stats", month, year],
|
||||||
|
queryFn: () =>
|
||||||
|
jsonQuery<ReceivedStats>(
|
||||||
|
`/api/admin/received-invoices/stats?month=${month}&year=${year}`,
|
||||||
|
),
|
||||||
|
});
|
||||||
|
|
||||||
|
export const invoiceDetailOptions = (id: string | undefined) =>
|
||||||
|
queryOptions({
|
||||||
|
queryKey: ["invoices", id],
|
||||||
|
queryFn: () => jsonQuery<InvoiceDetail>(`/api/admin/invoices/${id}`),
|
||||||
|
enabled: !!id,
|
||||||
|
});
|
||||||
42
src/admin/lib/queries/leave.ts
Normal file
42
src/admin/lib/queries/leave.ts
Normal file
@@ -0,0 +1,42 @@
|
|||||||
|
import { queryOptions } from "@tanstack/react-query";
|
||||||
|
import { jsonQuery } from "../apiAdapter";
|
||||||
|
|
||||||
|
export interface LeaveRequest {
|
||||||
|
id: number;
|
||||||
|
leave_type: string;
|
||||||
|
date_from: string;
|
||||||
|
date_to: string;
|
||||||
|
total_days: number;
|
||||||
|
total_hours: number;
|
||||||
|
status: string;
|
||||||
|
notes?: string;
|
||||||
|
reviewer_note?: string;
|
||||||
|
created_at: string;
|
||||||
|
}
|
||||||
|
|
||||||
|
export const leaveRequestsOptions = (mine = true) =>
|
||||||
|
queryOptions({
|
||||||
|
queryKey: ["leave-requests", mine ? "mine" : "all"],
|
||||||
|
queryFn: () =>
|
||||||
|
jsonQuery<LeaveRequest[]>(
|
||||||
|
`/api/admin/leave-requests${mine ? "?mine=1" : ""}`,
|
||||||
|
),
|
||||||
|
});
|
||||||
|
|
||||||
|
export const leavePendingOptions = () =>
|
||||||
|
queryOptions({
|
||||||
|
queryKey: ["leave", "pending"],
|
||||||
|
queryFn: () =>
|
||||||
|
jsonQuery<Record<string, unknown>[]>(
|
||||||
|
"/api/admin/leave-requests?status=pending",
|
||||||
|
),
|
||||||
|
});
|
||||||
|
|
||||||
|
export const leaveProcessedOptions = () =>
|
||||||
|
queryOptions({
|
||||||
|
queryKey: ["leave", "processed"],
|
||||||
|
queryFn: () =>
|
||||||
|
jsonQuery<Record<string, unknown>[]>(
|
||||||
|
"/api/admin/leave-requests?status=approved,rejected",
|
||||||
|
),
|
||||||
|
});
|
||||||
Some files were not shown because too many files have changed in this diff Show More
Reference in New Issue
Block a user