KanzlAI-mGMT

Author	SHA1	Message	Date
m	b36247dfb9	feat: append-only audit trail for all mutations (P0) - Database: kanzlai.audit_log table with RLS, append-only policies (no UPDATE/DELETE), indexes for entity, user, and time queries - Backend: AuditService.Log() with context-based tenant/user/IP/UA extraction, wired into all 7 services (case, deadline, appointment, document, note, party, tenant) - API: GET /api/audit-log with entity_type, entity_id, user_id, from/to date, and pagination filters - Frontend: Protokoll tab on case detail page with chronological audit entries, diff preview, and pagination Required by § 50 BRAO and DSGVO Art. 5(2).	2026-03-30 11:02:28 +02:00
m	ba29fc75c7	feat: add case + party CRUD with case events (Phase 1B)	2026-03-25 13:32:15 +01:00
m	0b6bab8512	feat: add tenant + auth backend endpoints (Phase 1A) Tenant management: - POST /api/tenants — create tenant (creator becomes owner) - GET /api/tenants — list tenants for authenticated user - GET /api/tenants/:id — tenant details with access check - POST /api/tenants/:id/invite — invite user by email (owner/admin) - DELETE /api/tenants/:id/members/:uid — remove member - GET /api/tenants/:id/members — list members New packages: - internal/services/tenant_service.go — CRUD on tenants + user_tenants - internal/handlers/tenant_handler.go — HTTP handlers with auth checks - internal/auth/tenant_resolver.go — X-Tenant-ID header middleware, defaults to user's first tenant for scoped routes Authorization: owners/admins can invite and remove members. Cannot remove the last owner. Users can remove themselves. TenantResolver applies to resource routes (cases, deadlines, etc.) but not tenant management routes.	2026-03-25 13:27:39 +01:00
m	f11c411147	feat: add case + party CRUD with case events (Phase 1B) - CaseService: list (paginated, filterable), get detail (with parties, events, deadline count), create, update, soft-delete (archive) - PartyService: list by case, create, update, delete - Auto-create case_events on case creation, status change, party add, and case archive - Auth middleware now resolves tenant_id from user_tenants table - All operations scoped to tenant_id from auth context	2026-03-25 13:26:50 +01:00
m	1fc0874893	feat: add database schema and backend foundation Part 1 - Database (kanzlai schema in Supabase): - Tenant-scoped tables: tenants, user_tenants, cases, parties, deadlines, appointments, documents, case_events - Global reference tables: proceeding_types, deadline_rules, holidays - RLS policies on all tenant-scoped tables - Seed: UPC proceeding types, 32 deadline rules (INF/CCR/REV/PI/APP), ZPO civil rules (Berufung, Revision, Einspruch), 2026 holidays Part 2 - Backend skeleton: - config: env var loading (DATABASE_URL, SUPABASE_*, ANTHROPIC_API_KEY) - db: sqlx connection pool with kanzlai search_path - auth: JWT verification middleware adapted from youpc.org, context helpers - models: Go structs for all tables with sqlx/json tags - router: route registration with auth middleware, /health + placeholder API routes - Updated main.go to wire everything together	2026-03-25 13:17:33 +01:00

5 Commits