6b31b2f74b
- System settings page with tabs: Security, System, Firma
- Configurable attendance rules (break thresholds, rounding) from DB
- Configurable document numbering with template patterns ({YYYY}/{PREFIX}/{NNN})
- Dynamic logo upload (light/dark variants) served from DB instead of static files
- Email settings (SMTP from/name, alert/leave emails) configurable in UI
- Currency and VAT rate lists configurable, used across all modules
- Permissions simplified: offers.settings + settings.roles + settings.security → settings.manage
- Leaflet bundled locally, removed unpkg.com from CSP
- Silent catch blocks fixed with proper logging
- console.log replaced with app.log.info in server.ts
- Schema renamed: company-settings.schema → settings.schema
- App info section: version, Node.js, uptime, memory, DB status, NAS status
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
19 lines
918 B
SQL
19 lines
918 B
SQL
-- Create new unified permission
|
|
INSERT INTO permissions (name, display_name, description, module)
|
|
VALUES ('settings.manage', 'Správa nastavení', 'Správa všech nastavení systému', 'settings')
|
|
ON DUPLICATE KEY UPDATE display_name = VALUES(display_name);
|
|
|
|
-- Grant to all roles that had any of the old 3
|
|
INSERT IGNORE INTO role_permissions (role_id, permission_id)
|
|
SELECT DISTINCT rp.role_id, (SELECT id FROM permissions WHERE name = 'settings.manage')
|
|
FROM role_permissions rp
|
|
JOIN permissions p ON p.id = rp.permission_id
|
|
WHERE p.name IN ('offers.settings', 'settings.roles', 'settings.security');
|
|
|
|
-- Clean up old role_permissions
|
|
DELETE FROM role_permissions
|
|
WHERE permission_id IN (SELECT id FROM permissions WHERE name IN ('offers.settings', 'settings.roles', 'settings.security'));
|
|
|
|
-- Remove old permissions
|
|
DELETE FROM permissions WHERE name IN ('offers.settings', 'settings.roles', 'settings.security');
|