boha_admin/app
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 26 Wiki Activity
Files
09a9e8c2f0fef863d45f5fd48e977fe07ecf2d65
app/src/routes/admin/roles.ts
BOHA 6b31b2f74b feat: system settings, dynamic logos, template numbering, permission consolidation 
- System settings page with tabs: Security, System, Firma
- Configurable attendance rules (break thresholds, rounding) from DB
- Configurable document numbering with template patterns ({YYYY}/{PREFIX}/{NNN})
- Dynamic logo upload (light/dark variants) served from DB instead of static files
- Email settings (SMTP from/name, alert/leave emails) configurable in UI
- Currency and VAT rate lists configurable, used across all modules
- Permissions simplified: offers.settings + settings.roles + settings.security → settings.manage
- Leaflet bundled locally, removed unpkg.com from CSP
- Silent catch blocks fixed with proper logging
- console.log replaced with app.log.info in server.ts
- Schema renamed: company-settings.schema → settings.schema
- App info section: version, Node.js, uptime, memory, DB status, NAS status

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-03-27 10:15:47 +01:00

166 lines
4.8 KiB
TypeScript
Raw Blame History

import { FastifyInstance } from "fastify";
import prisma from "../../config/database";
import { requirePermission } from "../../middleware/auth";
import { logAudit } from "../../services/audit";
import { success, error, parseId } from "../../utils/response";
import { parseBody } from "../../schemas/common";
import { CreateRoleSchema, UpdateRoleSchema } from "../../schemas/roles.schema";
export default async function rolesRoutes(
fastify: FastifyInstance,
): Promise<void> {
// GET /api/admin/roles
fastify.get(
"/",
{ preHandler: requirePermission("settings.manage") },
async (request, reply) => {
const roles = await prisma.roles.findMany({
include: {
role_permissions: {
include: { permissions: true },
},
},
orderBy: { id: "asc" },
});
const data = roles.map((r) => ({
...r,
permissions: r.role_permissions.map((rp) => rp.permissions),
}));
return success(reply, data);
},
);
// GET /api/admin/roles/permissions
fastify.get(
"/permissions",
{ preHandler: requirePermission("settings.manage") },
async (_request, reply) => {
const permissions = await prisma.permissions.findMany({
orderBy: { module: "asc" },
});
return success(reply, permissions);
},
);
// POST /api/admin/roles
fastify.post(
"/",
{ preHandler: requirePermission("settings.manage") },
async (request, reply) => {
const parsed = parseBody(CreateRoleSchema, request.body);
if ("error" in parsed) return error(reply, parsed.error, 400);
const body = parsed.data;
const role = await prisma.roles.create({
data: {
name: String(body.name),
display_name: String(body.display_name),
description: body.description ? String(body.description) : null,
},
});
if (Array.isArray(body.permission_ids)) {
await prisma.role_permissions.createMany({
data: (body.permission_ids as number[]).map((pid) => ({
role_id: role.id,
permission_id: pid,
})),
});
}
await logAudit({
request,
authData: request.authData,
action: "create",
entityType: "role",
entityId: role.id,
description: `Vytvořena role ${role.name}`,
});
return success(reply, { id: role.id }, 201, "Role byla vytvořena");
},
);
// PUT /api/admin/roles/:id
fastify.put<{ Params: { id: string } }>(
"/:id",
{ preHandler: requirePermission("settings.manage") },
async (request, reply) => {
const id = parseId(request.params.id, reply);
if (id === null) return;
const parsed = parseBody(UpdateRoleSchema, request.body);
if ("error" in parsed) return error(reply, parsed.error, 400);
const body = parsed.data;
const existing = await prisma.roles.findUnique({ where: { id } });
if (!existing) return error(reply, "Role nenalezena", 404);
await prisma.roles.update({
where: { id },
data: {
display_name: body.display_name
? String(body.display_name)
: undefined,
description:
body.description !== undefined
? String(body.description)
: undefined,
},
});
if (Array.isArray(body.permission_ids)) {
await prisma.role_permissions.deleteMany({ where: { role_id: id } });
await prisma.role_permissions.createMany({
data: (body.permission_ids as number[]).map((pid) => ({
role_id: id,
permission_id: pid,
})),
});
}
await logAudit({
request,
authData: request.authData,
action: "update",
entityType: "role",
entityId: id,
description: `Upravena role ${existing.name}`,
});
return success(reply, { id }, 200, "Role byla aktualizována");
},
);
// DELETE /api/admin/roles/:id
fastify.delete<{ Params: { id: string } }>(
"/:id",
{ preHandler: requirePermission("settings.manage") },
async (request, reply) => {
const id = parseId(request.params.id, reply);
if (id === null) return;
const existing = await prisma.roles.findUnique({ where: { id } });
if (!existing) return error(reply, "Role nenalezena", 404);
if (existing.name === "admin") {
return error(reply, "Nelze smazat roli admin", 400);
}
await prisma.roles.delete({ where: { id } });
await logAudit({
request,
authData: request.authData,
action: "delete",
entityType: "role",
entityId: id,
description: `Smazána role ${existing.name}`,
});
return success(reply, { id }, 200, "Role byla smazána");
},
);
}
Reference in New Issue View Git Blame Copy Permalink