Compare commits
1 Commits
mai/ritchi
...
mai/knuth/
| Author | SHA1 | Date | |
|---|---|---|---|
|
b36247dfb9 |
@@ -36,12 +36,7 @@ func main() {
|
||||
calDAVSvc.Start()
|
||||
defer calDAVSvc.Stop()
|
||||
|
||||
// Start notification reminder service
|
||||
notifSvc := services.NewNotificationService(database)
|
||||
notifSvc.Start()
|
||||
defer notifSvc.Stop()
|
||||
|
||||
handler := router.New(database, authMW, cfg, calDAVSvc, notifSvc)
|
||||
handler := router.New(database, authMW, cfg, calDAVSvc)
|
||||
|
||||
slog.Info("starting KanzlAI API server", "port", cfg.Port)
|
||||
if err := http.ListenAndServe(":"+cfg.Port, handler); err != nil {
|
||||
|
||||
@@ -9,8 +9,10 @@ import (
|
||||
type contextKey string
|
||||
|
||||
const (
|
||||
userIDKey contextKey = "user_id"
|
||||
tenantIDKey contextKey = "tenant_id"
|
||||
userIDKey contextKey = "user_id"
|
||||
tenantIDKey contextKey = "tenant_id"
|
||||
ipKey contextKey = "ip_address"
|
||||
userAgentKey contextKey = "user_agent"
|
||||
)
|
||||
|
||||
func ContextWithUserID(ctx context.Context, userID uuid.UUID) context.Context {
|
||||
@@ -30,3 +32,23 @@ func TenantFromContext(ctx context.Context) (uuid.UUID, bool) {
|
||||
id, ok := ctx.Value(tenantIDKey).(uuid.UUID)
|
||||
return id, ok
|
||||
}
|
||||
|
||||
func ContextWithRequestInfo(ctx context.Context, ip, userAgent string) context.Context {
|
||||
ctx = context.WithValue(ctx, ipKey, ip)
|
||||
ctx = context.WithValue(ctx, userAgentKey, userAgent)
|
||||
return ctx
|
||||
}
|
||||
|
||||
func IPFromContext(ctx context.Context) *string {
|
||||
if v, ok := ctx.Value(ipKey).(string); ok && v != "" {
|
||||
return &v
|
||||
}
|
||||
return nil
|
||||
}
|
||||
|
||||
func UserAgentFromContext(ctx context.Context) *string {
|
||||
if v, ok := ctx.Value(userAgentKey).(string); ok && v != "" {
|
||||
return &v
|
||||
}
|
||||
return nil
|
||||
}
|
||||
|
||||
@@ -46,6 +46,13 @@ func (m *Middleware) RequireAuth(next http.Handler) http.Handler {
|
||||
}
|
||||
ctx = ContextWithTenantID(ctx, tenantID)
|
||||
|
||||
// Capture IP and user-agent for audit logging
|
||||
ip := r.Header.Get("X-Forwarded-For")
|
||||
if ip == "" {
|
||||
ip = r.RemoteAddr
|
||||
}
|
||||
ctx = ContextWithRequestInfo(ctx, ip, r.UserAgent())
|
||||
|
||||
next.ServeHTTP(w, r.WithContext(ctx))
|
||||
})
|
||||
}
|
||||
|
||||
63
backend/internal/handlers/audit_log.go
Normal file
63
backend/internal/handlers/audit_log.go
Normal file
@@ -0,0 +1,63 @@
|
||||
package handlers
|
||||
|
||||
import (
|
||||
"net/http"
|
||||
"strconv"
|
||||
|
||||
"github.com/google/uuid"
|
||||
|
||||
"mgit.msbls.de/m/KanzlAI-mGMT/internal/auth"
|
||||
"mgit.msbls.de/m/KanzlAI-mGMT/internal/services"
|
||||
)
|
||||
|
||||
type AuditLogHandler struct {
|
||||
svc *services.AuditService
|
||||
}
|
||||
|
||||
func NewAuditLogHandler(svc *services.AuditService) *AuditLogHandler {
|
||||
return &AuditLogHandler{svc: svc}
|
||||
}
|
||||
|
||||
func (h *AuditLogHandler) List(w http.ResponseWriter, r *http.Request) {
|
||||
tenantID, ok := auth.TenantFromContext(r.Context())
|
||||
if !ok {
|
||||
writeError(w, http.StatusForbidden, "missing tenant")
|
||||
return
|
||||
}
|
||||
|
||||
q := r.URL.Query()
|
||||
page, _ := strconv.Atoi(q.Get("page"))
|
||||
limit, _ := strconv.Atoi(q.Get("limit"))
|
||||
|
||||
filter := services.AuditFilter{
|
||||
EntityType: q.Get("entity_type"),
|
||||
From: q.Get("from"),
|
||||
To: q.Get("to"),
|
||||
Page: page,
|
||||
Limit: limit,
|
||||
}
|
||||
|
||||
if idStr := q.Get("entity_id"); idStr != "" {
|
||||
if id, err := uuid.Parse(idStr); err == nil {
|
||||
filter.EntityID = &id
|
||||
}
|
||||
}
|
||||
if idStr := q.Get("user_id"); idStr != "" {
|
||||
if id, err := uuid.Parse(idStr); err == nil {
|
||||
filter.UserID = &id
|
||||
}
|
||||
}
|
||||
|
||||
entries, total, err := h.svc.List(r.Context(), tenantID, filter)
|
||||
if err != nil {
|
||||
writeError(w, http.StatusInternalServerError, "failed to fetch audit log")
|
||||
return
|
||||
}
|
||||
|
||||
writeJSON(w, http.StatusOK, map[string]any{
|
||||
"entries": entries,
|
||||
"total": total,
|
||||
"page": filter.Page,
|
||||
"limit": filter.Limit,
|
||||
})
|
||||
}
|
||||
@@ -113,7 +113,7 @@ func (h *DeadlineHandlers) Create(w http.ResponseWriter, r *http.Request) {
|
||||
return
|
||||
}
|
||||
|
||||
deadline, err := h.deadlines.Create(tenantID, input)
|
||||
deadline, err := h.deadlines.Create(r.Context(), tenantID, input)
|
||||
if err != nil {
|
||||
writeError(w, http.StatusInternalServerError, "failed to create deadline")
|
||||
return
|
||||
@@ -142,7 +142,7 @@ func (h *DeadlineHandlers) Update(w http.ResponseWriter, r *http.Request) {
|
||||
return
|
||||
}
|
||||
|
||||
deadline, err := h.deadlines.Update(tenantID, deadlineID, input)
|
||||
deadline, err := h.deadlines.Update(r.Context(), tenantID, deadlineID, input)
|
||||
if err != nil {
|
||||
writeError(w, http.StatusInternalServerError, "failed to update deadline")
|
||||
return
|
||||
@@ -169,7 +169,7 @@ func (h *DeadlineHandlers) Complete(w http.ResponseWriter, r *http.Request) {
|
||||
return
|
||||
}
|
||||
|
||||
deadline, err := h.deadlines.Complete(tenantID, deadlineID)
|
||||
deadline, err := h.deadlines.Complete(r.Context(), tenantID, deadlineID)
|
||||
if err != nil {
|
||||
writeError(w, http.StatusInternalServerError, "failed to complete deadline")
|
||||
return
|
||||
@@ -196,7 +196,7 @@ func (h *DeadlineHandlers) Delete(w http.ResponseWriter, r *http.Request) {
|
||||
return
|
||||
}
|
||||
|
||||
err = h.deadlines.Delete(tenantID, deadlineID)
|
||||
err = h.deadlines.Delete(r.Context(), tenantID, deadlineID)
|
||||
if err != nil {
|
||||
writeError(w, http.StatusNotFound, err.Error())
|
||||
return
|
||||
|
||||
@@ -1,171 +0,0 @@
|
||||
package handlers
|
||||
|
||||
import (
|
||||
"encoding/json"
|
||||
"net/http"
|
||||
"strconv"
|
||||
|
||||
"github.com/jmoiron/sqlx"
|
||||
|
||||
"mgit.msbls.de/m/KanzlAI-mGMT/internal/auth"
|
||||
"mgit.msbls.de/m/KanzlAI-mGMT/internal/services"
|
||||
)
|
||||
|
||||
// NotificationHandler handles notification API endpoints.
|
||||
type NotificationHandler struct {
|
||||
svc *services.NotificationService
|
||||
db *sqlx.DB
|
||||
}
|
||||
|
||||
// NewNotificationHandler creates a new notification handler.
|
||||
func NewNotificationHandler(svc *services.NotificationService, db *sqlx.DB) *NotificationHandler {
|
||||
return &NotificationHandler{svc: svc, db: db}
|
||||
}
|
||||
|
||||
// List returns paginated notifications for the authenticated user.
|
||||
func (h *NotificationHandler) List(w http.ResponseWriter, r *http.Request) {
|
||||
tenantID, ok := auth.TenantFromContext(r.Context())
|
||||
if !ok {
|
||||
writeError(w, http.StatusUnauthorized, "unauthorized")
|
||||
return
|
||||
}
|
||||
userID, ok := auth.UserFromContext(r.Context())
|
||||
if !ok {
|
||||
writeError(w, http.StatusUnauthorized, "unauthorized")
|
||||
return
|
||||
}
|
||||
|
||||
limit, _ := strconv.Atoi(r.URL.Query().Get("limit"))
|
||||
offset, _ := strconv.Atoi(r.URL.Query().Get("offset"))
|
||||
|
||||
notifications, total, err := h.svc.ListForUser(r.Context(), tenantID, userID, limit, offset)
|
||||
if err != nil {
|
||||
writeError(w, http.StatusInternalServerError, "failed to list notifications")
|
||||
return
|
||||
}
|
||||
|
||||
writeJSON(w, http.StatusOK, map[string]any{
|
||||
"data": notifications,
|
||||
"total": total,
|
||||
})
|
||||
}
|
||||
|
||||
// UnreadCount returns the count of unread notifications.
|
||||
func (h *NotificationHandler) UnreadCount(w http.ResponseWriter, r *http.Request) {
|
||||
tenantID, ok := auth.TenantFromContext(r.Context())
|
||||
if !ok {
|
||||
writeError(w, http.StatusUnauthorized, "unauthorized")
|
||||
return
|
||||
}
|
||||
userID, ok := auth.UserFromContext(r.Context())
|
||||
if !ok {
|
||||
writeError(w, http.StatusUnauthorized, "unauthorized")
|
||||
return
|
||||
}
|
||||
|
||||
count, err := h.svc.UnreadCount(r.Context(), tenantID, userID)
|
||||
if err != nil {
|
||||
writeError(w, http.StatusInternalServerError, "failed to count notifications")
|
||||
return
|
||||
}
|
||||
|
||||
writeJSON(w, http.StatusOK, map[string]int{"unread_count": count})
|
||||
}
|
||||
|
||||
// MarkRead marks a single notification as read.
|
||||
func (h *NotificationHandler) MarkRead(w http.ResponseWriter, r *http.Request) {
|
||||
tenantID, ok := auth.TenantFromContext(r.Context())
|
||||
if !ok {
|
||||
writeError(w, http.StatusUnauthorized, "unauthorized")
|
||||
return
|
||||
}
|
||||
userID, ok := auth.UserFromContext(r.Context())
|
||||
if !ok {
|
||||
writeError(w, http.StatusUnauthorized, "unauthorized")
|
||||
return
|
||||
}
|
||||
|
||||
notifID, err := parsePathUUID(r, "id")
|
||||
if err != nil {
|
||||
writeError(w, http.StatusBadRequest, "invalid notification ID")
|
||||
return
|
||||
}
|
||||
|
||||
if err := h.svc.MarkRead(r.Context(), tenantID, userID, notifID); err != nil {
|
||||
writeError(w, http.StatusNotFound, err.Error())
|
||||
return
|
||||
}
|
||||
|
||||
writeJSON(w, http.StatusOK, map[string]string{"status": "ok"})
|
||||
}
|
||||
|
||||
// MarkAllRead marks all notifications as read.
|
||||
func (h *NotificationHandler) MarkAllRead(w http.ResponseWriter, r *http.Request) {
|
||||
tenantID, ok := auth.TenantFromContext(r.Context())
|
||||
if !ok {
|
||||
writeError(w, http.StatusUnauthorized, "unauthorized")
|
||||
return
|
||||
}
|
||||
userID, ok := auth.UserFromContext(r.Context())
|
||||
if !ok {
|
||||
writeError(w, http.StatusUnauthorized, "unauthorized")
|
||||
return
|
||||
}
|
||||
|
||||
if err := h.svc.MarkAllRead(r.Context(), tenantID, userID); err != nil {
|
||||
writeError(w, http.StatusInternalServerError, "failed to mark all read")
|
||||
return
|
||||
}
|
||||
|
||||
writeJSON(w, http.StatusOK, map[string]string{"status": "ok"})
|
||||
}
|
||||
|
||||
// GetPreferences returns notification preferences for the authenticated user.
|
||||
func (h *NotificationHandler) GetPreferences(w http.ResponseWriter, r *http.Request) {
|
||||
tenantID, ok := auth.TenantFromContext(r.Context())
|
||||
if !ok {
|
||||
writeError(w, http.StatusUnauthorized, "unauthorized")
|
||||
return
|
||||
}
|
||||
userID, ok := auth.UserFromContext(r.Context())
|
||||
if !ok {
|
||||
writeError(w, http.StatusUnauthorized, "unauthorized")
|
||||
return
|
||||
}
|
||||
|
||||
pref, err := h.svc.GetPreferences(r.Context(), tenantID, userID)
|
||||
if err != nil {
|
||||
writeError(w, http.StatusInternalServerError, "failed to get preferences")
|
||||
return
|
||||
}
|
||||
|
||||
writeJSON(w, http.StatusOK, pref)
|
||||
}
|
||||
|
||||
// UpdatePreferences updates notification preferences for the authenticated user.
|
||||
func (h *NotificationHandler) UpdatePreferences(w http.ResponseWriter, r *http.Request) {
|
||||
tenantID, ok := auth.TenantFromContext(r.Context())
|
||||
if !ok {
|
||||
writeError(w, http.StatusUnauthorized, "unauthorized")
|
||||
return
|
||||
}
|
||||
userID, ok := auth.UserFromContext(r.Context())
|
||||
if !ok {
|
||||
writeError(w, http.StatusUnauthorized, "unauthorized")
|
||||
return
|
||||
}
|
||||
|
||||
var input services.UpdatePreferencesInput
|
||||
if err := json.NewDecoder(r.Body).Decode(&input); err != nil {
|
||||
writeError(w, http.StatusBadRequest, "invalid request body")
|
||||
return
|
||||
}
|
||||
|
||||
pref, err := h.svc.UpdatePreferences(r.Context(), tenantID, userID, input)
|
||||
if err != nil {
|
||||
writeError(w, http.StatusInternalServerError, "failed to update preferences")
|
||||
return
|
||||
}
|
||||
|
||||
writeJSON(w, http.StatusOK, pref)
|
||||
}
|
||||
@@ -46,7 +46,7 @@ func testServer(t *testing.T) (http.Handler, func()) {
|
||||
}
|
||||
|
||||
authMW := auth.NewMiddleware(jwtSecret, database)
|
||||
handler := router.New(database, authMW, cfg, nil, nil)
|
||||
handler := router.New(database, authMW, cfg, nil)
|
||||
|
||||
return handler, func() { database.Close() }
|
||||
}
|
||||
|
||||
22
backend/internal/models/audit_log.go
Normal file
22
backend/internal/models/audit_log.go
Normal file
@@ -0,0 +1,22 @@
|
||||
package models
|
||||
|
||||
import (
|
||||
"encoding/json"
|
||||
"time"
|
||||
|
||||
"github.com/google/uuid"
|
||||
)
|
||||
|
||||
type AuditLog struct {
|
||||
ID int64 `db:"id" json:"id"`
|
||||
TenantID uuid.UUID `db:"tenant_id" json:"tenant_id"`
|
||||
UserID *uuid.UUID `db:"user_id" json:"user_id,omitempty"`
|
||||
Action string `db:"action" json:"action"`
|
||||
EntityType string `db:"entity_type" json:"entity_type"`
|
||||
EntityID *uuid.UUID `db:"entity_id" json:"entity_id,omitempty"`
|
||||
OldValues *json.RawMessage `db:"old_values" json:"old_values,omitempty"`
|
||||
NewValues *json.RawMessage `db:"new_values" json:"new_values,omitempty"`
|
||||
IPAddress *string `db:"ip_address" json:"ip_address,omitempty"`
|
||||
UserAgent *string `db:"user_agent" json:"user_agent,omitempty"`
|
||||
CreatedAt time.Time `db:"created_at" json:"created_at"`
|
||||
}
|
||||
@@ -1,32 +0,0 @@
|
||||
package models
|
||||
|
||||
import (
|
||||
"time"
|
||||
|
||||
"github.com/google/uuid"
|
||||
"github.com/lib/pq"
|
||||
)
|
||||
|
||||
type Notification struct {
|
||||
ID uuid.UUID `db:"id" json:"id"`
|
||||
TenantID uuid.UUID `db:"tenant_id" json:"tenant_id"`
|
||||
UserID uuid.UUID `db:"user_id" json:"user_id"`
|
||||
Type string `db:"type" json:"type"`
|
||||
EntityType *string `db:"entity_type" json:"entity_type,omitempty"`
|
||||
EntityID *uuid.UUID `db:"entity_id" json:"entity_id,omitempty"`
|
||||
Title string `db:"title" json:"title"`
|
||||
Body *string `db:"body" json:"body,omitempty"`
|
||||
SentAt *time.Time `db:"sent_at" json:"sent_at,omitempty"`
|
||||
ReadAt *time.Time `db:"read_at" json:"read_at,omitempty"`
|
||||
CreatedAt time.Time `db:"created_at" json:"created_at"`
|
||||
}
|
||||
|
||||
type NotificationPreferences struct {
|
||||
UserID uuid.UUID `db:"user_id" json:"user_id"`
|
||||
TenantID uuid.UUID `db:"tenant_id" json:"tenant_id"`
|
||||
DeadlineReminderDays pq.Int64Array `db:"deadline_reminder_days" json:"deadline_reminder_days"`
|
||||
EmailEnabled bool `db:"email_enabled" json:"email_enabled"`
|
||||
DailyDigest bool `db:"daily_digest" json:"daily_digest"`
|
||||
CreatedAt time.Time `db:"created_at" json:"created_at"`
|
||||
UpdatedAt time.Time `db:"updated_at" json:"updated_at"`
|
||||
}
|
||||
@@ -15,20 +15,21 @@ import (
|
||||
"mgit.msbls.de/m/KanzlAI-mGMT/internal/services"
|
||||
)
|
||||
|
||||
func New(db *sqlx.DB, authMW *auth.Middleware, cfg *config.Config, calDAVSvc *services.CalDAVService, notifSvc *services.NotificationService) http.Handler {
|
||||
func New(db *sqlx.DB, authMW *auth.Middleware, cfg *config.Config, calDAVSvc *services.CalDAVService) http.Handler {
|
||||
mux := http.NewServeMux()
|
||||
|
||||
// Services
|
||||
tenantSvc := services.NewTenantService(db)
|
||||
caseSvc := services.NewCaseService(db)
|
||||
partySvc := services.NewPartyService(db)
|
||||
appointmentSvc := services.NewAppointmentService(db)
|
||||
auditSvc := services.NewAuditService(db)
|
||||
tenantSvc := services.NewTenantService(db, auditSvc)
|
||||
caseSvc := services.NewCaseService(db, auditSvc)
|
||||
partySvc := services.NewPartyService(db, auditSvc)
|
||||
appointmentSvc := services.NewAppointmentService(db, auditSvc)
|
||||
holidaySvc := services.NewHolidayService(db)
|
||||
deadlineSvc := services.NewDeadlineService(db)
|
||||
deadlineSvc := services.NewDeadlineService(db, auditSvc)
|
||||
deadlineRuleSvc := services.NewDeadlineRuleService(db)
|
||||
calculator := services.NewDeadlineCalculator(holidaySvc)
|
||||
storageCli := services.NewStorageClient(cfg.SupabaseURL, cfg.SupabaseServiceKey)
|
||||
documentSvc := services.NewDocumentService(db, storageCli)
|
||||
documentSvc := services.NewDocumentService(db, storageCli, auditSvc)
|
||||
|
||||
// AI service (optional — only if API key is configured)
|
||||
var aiH *handlers.AIHandler
|
||||
@@ -40,16 +41,11 @@ func New(db *sqlx.DB, authMW *auth.Middleware, cfg *config.Config, calDAVSvc *se
|
||||
// Middleware
|
||||
tenantResolver := auth.NewTenantResolver(tenantSvc)
|
||||
|
||||
noteSvc := services.NewNoteService(db)
|
||||
noteSvc := services.NewNoteService(db, auditSvc)
|
||||
dashboardSvc := services.NewDashboardService(db)
|
||||
|
||||
// Notification handler (optional — nil in tests)
|
||||
var notifH *handlers.NotificationHandler
|
||||
if notifSvc != nil {
|
||||
notifH = handlers.NewNotificationHandler(notifSvc, db)
|
||||
}
|
||||
|
||||
// Handlers
|
||||
auditH := handlers.NewAuditLogHandler(auditSvc)
|
||||
tenantH := handlers.NewTenantHandler(tenantSvc)
|
||||
caseH := handlers.NewCaseHandler(caseSvc)
|
||||
partyH := handlers.NewPartyHandler(partySvc)
|
||||
@@ -129,6 +125,9 @@ func New(db *sqlx.DB, authMW *auth.Middleware, cfg *config.Config, calDAVSvc *se
|
||||
// Dashboard
|
||||
scoped.HandleFunc("GET /api/dashboard", dashboardH.Get)
|
||||
|
||||
// Audit log
|
||||
scoped.HandleFunc("GET /api/audit-log", auditH.List)
|
||||
|
||||
// Documents
|
||||
scoped.HandleFunc("GET /api/cases/{id}/documents", docH.ListByCase)
|
||||
scoped.HandleFunc("POST /api/cases/{id}/documents", docH.Upload)
|
||||
@@ -143,16 +142,6 @@ func New(db *sqlx.DB, authMW *auth.Middleware, cfg *config.Config, calDAVSvc *se
|
||||
scoped.HandleFunc("POST /api/ai/summarize-case", aiLimiter.LimitFunc(aiH.SummarizeCase))
|
||||
}
|
||||
|
||||
// Notifications
|
||||
if notifH != nil {
|
||||
scoped.HandleFunc("GET /api/notifications", notifH.List)
|
||||
scoped.HandleFunc("GET /api/notifications/unread-count", notifH.UnreadCount)
|
||||
scoped.HandleFunc("PATCH /api/notifications/{id}/read", notifH.MarkRead)
|
||||
scoped.HandleFunc("PATCH /api/notifications/read-all", notifH.MarkAllRead)
|
||||
scoped.HandleFunc("GET /api/notification-preferences", notifH.GetPreferences)
|
||||
scoped.HandleFunc("PUT /api/notification-preferences", notifH.UpdatePreferences)
|
||||
}
|
||||
|
||||
// CalDAV sync endpoints
|
||||
if calDAVSvc != nil {
|
||||
calDAVH := handlers.NewCalDAVHandler(calDAVSvc)
|
||||
|
||||
@@ -12,11 +12,12 @@ import (
|
||||
)
|
||||
|
||||
type AppointmentService struct {
|
||||
db *sqlx.DB
|
||||
db *sqlx.DB
|
||||
audit *AuditService
|
||||
}
|
||||
|
||||
func NewAppointmentService(db *sqlx.DB) *AppointmentService {
|
||||
return &AppointmentService{db: db}
|
||||
func NewAppointmentService(db *sqlx.DB, audit *AuditService) *AppointmentService {
|
||||
return &AppointmentService{db: db, audit: audit}
|
||||
}
|
||||
|
||||
type AppointmentFilter struct {
|
||||
@@ -86,6 +87,7 @@ func (s *AppointmentService) Create(ctx context.Context, a *models.Appointment)
|
||||
if err != nil {
|
||||
return fmt.Errorf("creating appointment: %w", err)
|
||||
}
|
||||
s.audit.Log(ctx, "create", "appointment", &a.ID, nil, a)
|
||||
return nil
|
||||
}
|
||||
|
||||
@@ -116,6 +118,7 @@ func (s *AppointmentService) Update(ctx context.Context, a *models.Appointment)
|
||||
if rows == 0 {
|
||||
return fmt.Errorf("appointment not found")
|
||||
}
|
||||
s.audit.Log(ctx, "update", "appointment", &a.ID, nil, a)
|
||||
return nil
|
||||
}
|
||||
|
||||
@@ -131,5 +134,6 @@ func (s *AppointmentService) Delete(ctx context.Context, tenantID, id uuid.UUID)
|
||||
if rows == 0 {
|
||||
return fmt.Errorf("appointment not found")
|
||||
}
|
||||
s.audit.Log(ctx, "delete", "appointment", &id, nil, nil)
|
||||
return nil
|
||||
}
|
||||
|
||||
141
backend/internal/services/audit_service.go
Normal file
141
backend/internal/services/audit_service.go
Normal file
@@ -0,0 +1,141 @@
|
||||
package services
|
||||
|
||||
import (
|
||||
"context"
|
||||
"encoding/json"
|
||||
"fmt"
|
||||
"log/slog"
|
||||
|
||||
"github.com/google/uuid"
|
||||
"github.com/jmoiron/sqlx"
|
||||
|
||||
"mgit.msbls.de/m/KanzlAI-mGMT/internal/auth"
|
||||
"mgit.msbls.de/m/KanzlAI-mGMT/internal/models"
|
||||
)
|
||||
|
||||
type AuditService struct {
|
||||
db *sqlx.DB
|
||||
}
|
||||
|
||||
func NewAuditService(db *sqlx.DB) *AuditService {
|
||||
return &AuditService{db: db}
|
||||
}
|
||||
|
||||
// Log records an audit entry. It extracts tenant, user, IP, and user-agent from context.
|
||||
// Errors are logged but not returned — audit logging must not break business operations.
|
||||
func (s *AuditService) Log(ctx context.Context, action, entityType string, entityID *uuid.UUID, oldValues, newValues any) {
|
||||
tenantID, ok := auth.TenantFromContext(ctx)
|
||||
if !ok {
|
||||
slog.Warn("audit: missing tenant_id in context", "action", action, "entity_type", entityType)
|
||||
return
|
||||
}
|
||||
|
||||
var userID *uuid.UUID
|
||||
if uid, ok := auth.UserFromContext(ctx); ok {
|
||||
userID = &uid
|
||||
}
|
||||
|
||||
var oldJSON, newJSON *json.RawMessage
|
||||
if oldValues != nil {
|
||||
if b, err := json.Marshal(oldValues); err == nil {
|
||||
raw := json.RawMessage(b)
|
||||
oldJSON = &raw
|
||||
}
|
||||
}
|
||||
if newValues != nil {
|
||||
if b, err := json.Marshal(newValues); err == nil {
|
||||
raw := json.RawMessage(b)
|
||||
newJSON = &raw
|
||||
}
|
||||
}
|
||||
|
||||
ip := auth.IPFromContext(ctx)
|
||||
ua := auth.UserAgentFromContext(ctx)
|
||||
|
||||
_, err := s.db.ExecContext(ctx,
|
||||
`INSERT INTO audit_log (tenant_id, user_id, action, entity_type, entity_id, old_values, new_values, ip_address, user_agent)
|
||||
VALUES ($1, $2, $3, $4, $5, $6, $7, $8, $9)`,
|
||||
tenantID, userID, action, entityType, entityID, oldJSON, newJSON, ip, ua)
|
||||
if err != nil {
|
||||
slog.Error("audit: failed to write log entry",
|
||||
"error", err,
|
||||
"action", action,
|
||||
"entity_type", entityType,
|
||||
"entity_id", entityID,
|
||||
)
|
||||
}
|
||||
}
|
||||
|
||||
// AuditFilter holds query parameters for listing audit log entries.
|
||||
type AuditFilter struct {
|
||||
EntityType string
|
||||
EntityID *uuid.UUID
|
||||
UserID *uuid.UUID
|
||||
From string // RFC3339 date
|
||||
To string // RFC3339 date
|
||||
Page int
|
||||
Limit int
|
||||
}
|
||||
|
||||
// List returns paginated audit log entries for a tenant.
|
||||
func (s *AuditService) List(ctx context.Context, tenantID uuid.UUID, filter AuditFilter) ([]models.AuditLog, int, error) {
|
||||
if filter.Limit <= 0 {
|
||||
filter.Limit = 50
|
||||
}
|
||||
if filter.Limit > 200 {
|
||||
filter.Limit = 200
|
||||
}
|
||||
if filter.Page <= 0 {
|
||||
filter.Page = 1
|
||||
}
|
||||
offset := (filter.Page - 1) * filter.Limit
|
||||
|
||||
where := "WHERE tenant_id = $1"
|
||||
args := []any{tenantID}
|
||||
argIdx := 2
|
||||
|
||||
if filter.EntityType != "" {
|
||||
where += fmt.Sprintf(" AND entity_type = $%d", argIdx)
|
||||
args = append(args, filter.EntityType)
|
||||
argIdx++
|
||||
}
|
||||
if filter.EntityID != nil {
|
||||
where += fmt.Sprintf(" AND entity_id = $%d", argIdx)
|
||||
args = append(args, *filter.EntityID)
|
||||
argIdx++
|
||||
}
|
||||
if filter.UserID != nil {
|
||||
where += fmt.Sprintf(" AND user_id = $%d", argIdx)
|
||||
args = append(args, *filter.UserID)
|
||||
argIdx++
|
||||
}
|
||||
if filter.From != "" {
|
||||
where += fmt.Sprintf(" AND created_at >= $%d", argIdx)
|
||||
args = append(args, filter.From)
|
||||
argIdx++
|
||||
}
|
||||
if filter.To != "" {
|
||||
where += fmt.Sprintf(" AND created_at <= $%d", argIdx)
|
||||
args = append(args, filter.To)
|
||||
argIdx++
|
||||
}
|
||||
|
||||
var total int
|
||||
if err := s.db.GetContext(ctx, &total, "SELECT COUNT(*) FROM audit_log "+where, args...); err != nil {
|
||||
return nil, 0, fmt.Errorf("counting audit entries: %w", err)
|
||||
}
|
||||
|
||||
query := fmt.Sprintf("SELECT * FROM audit_log %s ORDER BY created_at DESC LIMIT $%d OFFSET $%d",
|
||||
where, argIdx, argIdx+1)
|
||||
args = append(args, filter.Limit, offset)
|
||||
|
||||
var entries []models.AuditLog
|
||||
if err := s.db.SelectContext(ctx, &entries, query, args...); err != nil {
|
||||
return nil, 0, fmt.Errorf("listing audit entries: %w", err)
|
||||
}
|
||||
if entries == nil {
|
||||
entries = []models.AuditLog{}
|
||||
}
|
||||
|
||||
return entries, total, nil
|
||||
}
|
||||
@@ -13,11 +13,12 @@ import (
|
||||
)
|
||||
|
||||
type CaseService struct {
|
||||
db *sqlx.DB
|
||||
db *sqlx.DB
|
||||
audit *AuditService
|
||||
}
|
||||
|
||||
func NewCaseService(db *sqlx.DB) *CaseService {
|
||||
return &CaseService{db: db}
|
||||
func NewCaseService(db *sqlx.DB, audit *AuditService) *CaseService {
|
||||
return &CaseService{db: db, audit: audit}
|
||||
}
|
||||
|
||||
type CaseFilter struct {
|
||||
@@ -162,6 +163,9 @@ func (s *CaseService) Create(ctx context.Context, tenantID uuid.UUID, userID uui
|
||||
if err := s.db.GetContext(ctx, &c, "SELECT * FROM cases WHERE id = $1", id); err != nil {
|
||||
return nil, fmt.Errorf("fetching created case: %w", err)
|
||||
}
|
||||
|
||||
s.audit.Log(ctx, "create", "case", &id, nil, c)
|
||||
|
||||
return &c, nil
|
||||
}
|
||||
|
||||
@@ -239,6 +243,9 @@ func (s *CaseService) Update(ctx context.Context, tenantID, caseID uuid.UUID, us
|
||||
if err := s.db.GetContext(ctx, &updated, "SELECT * FROM cases WHERE id = $1", caseID); err != nil {
|
||||
return nil, fmt.Errorf("fetching updated case: %w", err)
|
||||
}
|
||||
|
||||
s.audit.Log(ctx, "update", "case", &caseID, current, updated)
|
||||
|
||||
return &updated, nil
|
||||
}
|
||||
|
||||
@@ -254,6 +261,7 @@ func (s *CaseService) Delete(ctx context.Context, tenantID, caseID uuid.UUID, us
|
||||
return sql.ErrNoRows
|
||||
}
|
||||
createEvent(ctx, s.db, tenantID, caseID, userID, "case_archived", "Case archived", nil)
|
||||
s.audit.Log(ctx, "delete", "case", &caseID, map[string]string{"status": "active"}, map[string]string{"status": "archived"})
|
||||
return nil
|
||||
}
|
||||
|
||||
|
||||
@@ -1,6 +1,7 @@
|
||||
package services
|
||||
|
||||
import (
|
||||
"context"
|
||||
"database/sql"
|
||||
"fmt"
|
||||
"time"
|
||||
@@ -13,12 +14,13 @@ import (
|
||||
|
||||
// DeadlineService handles CRUD operations for case deadlines
|
||||
type DeadlineService struct {
|
||||
db *sqlx.DB
|
||||
db *sqlx.DB
|
||||
audit *AuditService
|
||||
}
|
||||
|
||||
// NewDeadlineService creates a new deadline service
|
||||
func NewDeadlineService(db *sqlx.DB) *DeadlineService {
|
||||
return &DeadlineService{db: db}
|
||||
func NewDeadlineService(db *sqlx.DB, audit *AuditService) *DeadlineService {
|
||||
return &DeadlineService{db: db, audit: audit}
|
||||
}
|
||||
|
||||
// ListAll returns all deadlines for a tenant, ordered by due_date
|
||||
@@ -87,7 +89,7 @@ type CreateDeadlineInput struct {
|
||||
}
|
||||
|
||||
// Create inserts a new deadline
|
||||
func (s *DeadlineService) Create(tenantID uuid.UUID, input CreateDeadlineInput) (*models.Deadline, error) {
|
||||
func (s *DeadlineService) Create(ctx context.Context, tenantID uuid.UUID, input CreateDeadlineInput) (*models.Deadline, error) {
|
||||
id := uuid.New()
|
||||
source := input.Source
|
||||
if source == "" {
|
||||
@@ -108,6 +110,7 @@ func (s *DeadlineService) Create(tenantID uuid.UUID, input CreateDeadlineInput)
|
||||
if err != nil {
|
||||
return nil, fmt.Errorf("creating deadline: %w", err)
|
||||
}
|
||||
s.audit.Log(ctx, "create", "deadline", &id, nil, d)
|
||||
return &d, nil
|
||||
}
|
||||
|
||||
@@ -123,7 +126,7 @@ type UpdateDeadlineInput struct {
|
||||
}
|
||||
|
||||
// Update modifies an existing deadline
|
||||
func (s *DeadlineService) Update(tenantID, deadlineID uuid.UUID, input UpdateDeadlineInput) (*models.Deadline, error) {
|
||||
func (s *DeadlineService) Update(ctx context.Context, tenantID, deadlineID uuid.UUID, input UpdateDeadlineInput) (*models.Deadline, error) {
|
||||
// First check it exists and belongs to tenant
|
||||
existing, err := s.GetByID(tenantID, deadlineID)
|
||||
if err != nil {
|
||||
@@ -154,11 +157,12 @@ func (s *DeadlineService) Update(tenantID, deadlineID uuid.UUID, input UpdateDea
|
||||
if err != nil {
|
||||
return nil, fmt.Errorf("updating deadline: %w", err)
|
||||
}
|
||||
s.audit.Log(ctx, "update", "deadline", &deadlineID, existing, d)
|
||||
return &d, nil
|
||||
}
|
||||
|
||||
// Complete marks a deadline as completed
|
||||
func (s *DeadlineService) Complete(tenantID, deadlineID uuid.UUID) (*models.Deadline, error) {
|
||||
func (s *DeadlineService) Complete(ctx context.Context, tenantID, deadlineID uuid.UUID) (*models.Deadline, error) {
|
||||
query := `UPDATE deadlines SET
|
||||
status = 'completed',
|
||||
completed_at = $1,
|
||||
@@ -176,11 +180,12 @@ func (s *DeadlineService) Complete(tenantID, deadlineID uuid.UUID) (*models.Dead
|
||||
}
|
||||
return nil, fmt.Errorf("completing deadline: %w", err)
|
||||
}
|
||||
s.audit.Log(ctx, "update", "deadline", &deadlineID, map[string]string{"status": "pending"}, map[string]string{"status": "completed"})
|
||||
return &d, nil
|
||||
}
|
||||
|
||||
// Delete removes a deadline
|
||||
func (s *DeadlineService) Delete(tenantID, deadlineID uuid.UUID) error {
|
||||
func (s *DeadlineService) Delete(ctx context.Context, tenantID, deadlineID uuid.UUID) error {
|
||||
query := `DELETE FROM deadlines WHERE id = $1 AND tenant_id = $2`
|
||||
result, err := s.db.Exec(query, deadlineID, tenantID)
|
||||
if err != nil {
|
||||
@@ -193,5 +198,6 @@ func (s *DeadlineService) Delete(tenantID, deadlineID uuid.UUID) error {
|
||||
if rows == 0 {
|
||||
return fmt.Errorf("deadline not found")
|
||||
}
|
||||
s.audit.Log(ctx, "delete", "deadline", &deadlineID, nil, nil)
|
||||
return nil
|
||||
}
|
||||
|
||||
@@ -18,10 +18,11 @@ const documentBucket = "kanzlai-documents"
|
||||
type DocumentService struct {
|
||||
db *sqlx.DB
|
||||
storage *StorageClient
|
||||
audit *AuditService
|
||||
}
|
||||
|
||||
func NewDocumentService(db *sqlx.DB, storage *StorageClient) *DocumentService {
|
||||
return &DocumentService{db: db, storage: storage}
|
||||
func NewDocumentService(db *sqlx.DB, storage *StorageClient, audit *AuditService) *DocumentService {
|
||||
return &DocumentService{db: db, storage: storage, audit: audit}
|
||||
}
|
||||
|
||||
type CreateDocumentInput struct {
|
||||
@@ -97,6 +98,7 @@ func (s *DocumentService) Create(ctx context.Context, tenantID, caseID, userID u
|
||||
if err := s.db.GetContext(ctx, &doc, "SELECT * FROM documents WHERE id = $1", id); err != nil {
|
||||
return nil, fmt.Errorf("fetching created document: %w", err)
|
||||
}
|
||||
s.audit.Log(ctx, "create", "document", &id, nil, doc)
|
||||
return &doc, nil
|
||||
}
|
||||
|
||||
@@ -151,6 +153,7 @@ func (s *DocumentService) Delete(ctx context.Context, tenantID, docID, userID uu
|
||||
// Log case event
|
||||
createEvent(ctx, s.db, tenantID, doc.CaseID, userID, "document_deleted",
|
||||
fmt.Sprintf("Document deleted: %s", doc.Title), nil)
|
||||
s.audit.Log(ctx, "delete", "document", &docID, doc, nil)
|
||||
|
||||
return nil
|
||||
}
|
||||
|
||||
@@ -13,11 +13,12 @@ import (
|
||||
)
|
||||
|
||||
type NoteService struct {
|
||||
db *sqlx.DB
|
||||
db *sqlx.DB
|
||||
audit *AuditService
|
||||
}
|
||||
|
||||
func NewNoteService(db *sqlx.DB) *NoteService {
|
||||
return &NoteService{db: db}
|
||||
func NewNoteService(db *sqlx.DB, audit *AuditService) *NoteService {
|
||||
return &NoteService{db: db, audit: audit}
|
||||
}
|
||||
|
||||
// ListByParent returns all notes for a given parent entity, scoped to tenant.
|
||||
@@ -68,6 +69,7 @@ func (s *NoteService) Create(ctx context.Context, tenantID uuid.UUID, createdBy
|
||||
if err != nil {
|
||||
return nil, fmt.Errorf("creating note: %w", err)
|
||||
}
|
||||
s.audit.Log(ctx, "create", "note", &id, nil, n)
|
||||
return &n, nil
|
||||
}
|
||||
|
||||
@@ -85,6 +87,7 @@ func (s *NoteService) Update(ctx context.Context, tenantID, noteID uuid.UUID, co
|
||||
}
|
||||
return nil, fmt.Errorf("updating note: %w", err)
|
||||
}
|
||||
s.audit.Log(ctx, "update", "note", ¬eID, nil, n)
|
||||
return &n, nil
|
||||
}
|
||||
|
||||
@@ -101,6 +104,7 @@ func (s *NoteService) Delete(ctx context.Context, tenantID, noteID uuid.UUID) er
|
||||
if rows == 0 {
|
||||
return fmt.Errorf("note not found")
|
||||
}
|
||||
s.audit.Log(ctx, "delete", "note", ¬eID, nil, nil)
|
||||
return nil
|
||||
}
|
||||
|
||||
|
||||
@@ -1,501 +0,0 @@
|
||||
package services
|
||||
|
||||
import (
|
||||
"context"
|
||||
"fmt"
|
||||
"log/slog"
|
||||
"os/exec"
|
||||
"strings"
|
||||
"sync"
|
||||
"time"
|
||||
|
||||
"github.com/google/uuid"
|
||||
"github.com/jmoiron/sqlx"
|
||||
"github.com/lib/pq"
|
||||
|
||||
"mgit.msbls.de/m/KanzlAI-mGMT/internal/models"
|
||||
)
|
||||
|
||||
// NotificationService handles notification CRUD, deadline reminders, and email sending.
|
||||
type NotificationService struct {
|
||||
db *sqlx.DB
|
||||
stopCh chan struct{}
|
||||
wg sync.WaitGroup
|
||||
}
|
||||
|
||||
// NewNotificationService creates a new notification service.
|
||||
func NewNotificationService(db *sqlx.DB) *NotificationService {
|
||||
return &NotificationService{
|
||||
db: db,
|
||||
stopCh: make(chan struct{}),
|
||||
}
|
||||
}
|
||||
|
||||
// Start launches the background reminder checker (every hour) and daily digest (8am).
|
||||
func (s *NotificationService) Start() {
|
||||
s.wg.Add(1)
|
||||
go s.backgroundLoop()
|
||||
}
|
||||
|
||||
// Stop gracefully shuts down background workers.
|
||||
func (s *NotificationService) Stop() {
|
||||
close(s.stopCh)
|
||||
s.wg.Wait()
|
||||
}
|
||||
|
||||
func (s *NotificationService) backgroundLoop() {
|
||||
defer s.wg.Done()
|
||||
|
||||
// Check reminders on startup
|
||||
ctx, cancel := context.WithTimeout(context.Background(), 2*time.Minute)
|
||||
s.CheckDeadlineReminders(ctx)
|
||||
cancel()
|
||||
|
||||
reminderTicker := time.NewTicker(1 * time.Hour)
|
||||
defer reminderTicker.Stop()
|
||||
|
||||
// Digest ticker: check every 15 minutes, send at 8am
|
||||
digestTicker := time.NewTicker(15 * time.Minute)
|
||||
defer digestTicker.Stop()
|
||||
|
||||
var lastDigestDate string
|
||||
|
||||
for {
|
||||
select {
|
||||
case <-s.stopCh:
|
||||
return
|
||||
case <-reminderTicker.C:
|
||||
ctx, cancel := context.WithTimeout(context.Background(), 2*time.Minute)
|
||||
s.CheckDeadlineReminders(ctx)
|
||||
cancel()
|
||||
case now := <-digestTicker.C:
|
||||
today := now.Format("2006-01-02")
|
||||
hour := now.Hour()
|
||||
if hour >= 8 && lastDigestDate != today {
|
||||
lastDigestDate = today
|
||||
ctx, cancel := context.WithTimeout(context.Background(), 5*time.Minute)
|
||||
s.SendDailyDigests(ctx)
|
||||
cancel()
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
// CheckDeadlineReminders finds deadlines due in N days matching user preferences and creates notifications.
|
||||
func (s *NotificationService) CheckDeadlineReminders(ctx context.Context) {
|
||||
slog.Info("checking deadline reminders")
|
||||
|
||||
// Get all user preferences with email enabled
|
||||
var prefs []models.NotificationPreferences
|
||||
err := s.db.SelectContext(ctx, &prefs,
|
||||
`SELECT user_id, tenant_id, deadline_reminder_days, email_enabled, daily_digest, created_at, updated_at
|
||||
FROM notification_preferences`)
|
||||
if err != nil {
|
||||
slog.Error("failed to load notification preferences", "error", err)
|
||||
return
|
||||
}
|
||||
|
||||
if len(prefs) == 0 {
|
||||
return
|
||||
}
|
||||
|
||||
// Collect all unique reminder day values across all users
|
||||
daySet := make(map[int64]bool)
|
||||
for _, p := range prefs {
|
||||
for _, d := range p.DeadlineReminderDays {
|
||||
daySet[d] = true
|
||||
}
|
||||
}
|
||||
if len(daySet) == 0 {
|
||||
return
|
||||
}
|
||||
|
||||
// Build array of target dates
|
||||
today := time.Now().Truncate(24 * time.Hour)
|
||||
var targetDates []string
|
||||
dayToDate := make(map[string]int64)
|
||||
for d := range daySet {
|
||||
target := today.AddDate(0, 0, int(d))
|
||||
dateStr := target.Format("2006-01-02")
|
||||
targetDates = append(targetDates, dateStr)
|
||||
dayToDate[dateStr] = d
|
||||
}
|
||||
|
||||
// Also check overdue deadlines
|
||||
todayStr := today.Format("2006-01-02")
|
||||
|
||||
// Find pending deadlines matching target dates
|
||||
type deadlineRow struct {
|
||||
models.Deadline
|
||||
CaseTitle string `db:"case_title"`
|
||||
CaseNumber string `db:"case_number"`
|
||||
}
|
||||
|
||||
// Reminder deadlines (due in N days)
|
||||
var reminderDeadlines []deadlineRow
|
||||
query, args, err := sqlx.In(
|
||||
`SELECT d.*, c.title AS case_title, c.case_number
|
||||
FROM deadlines d
|
||||
JOIN cases c ON c.id = d.case_id
|
||||
WHERE d.status = 'pending' AND d.due_date IN (?)`,
|
||||
targetDates)
|
||||
if err == nil {
|
||||
query = s.db.Rebind(query)
|
||||
err = s.db.SelectContext(ctx, &reminderDeadlines, query, args...)
|
||||
}
|
||||
if err != nil {
|
||||
slog.Error("failed to query reminder deadlines", "error", err)
|
||||
}
|
||||
|
||||
// Overdue deadlines
|
||||
var overdueDeadlines []deadlineRow
|
||||
err = s.db.SelectContext(ctx, &overdueDeadlines,
|
||||
`SELECT d.*, c.title AS case_title, c.case_number
|
||||
FROM deadlines d
|
||||
JOIN cases c ON c.id = d.case_id
|
||||
WHERE d.status = 'pending' AND d.due_date < $1`, todayStr)
|
||||
if err != nil {
|
||||
slog.Error("failed to query overdue deadlines", "error", err)
|
||||
}
|
||||
|
||||
// Create notifications for each user based on their tenant and preferences
|
||||
for _, pref := range prefs {
|
||||
// Reminder notifications
|
||||
for _, dl := range reminderDeadlines {
|
||||
if dl.TenantID != pref.TenantID {
|
||||
continue
|
||||
}
|
||||
daysUntil := dayToDate[dl.DueDate]
|
||||
// Check if this user cares about this many days
|
||||
if !containsDay(pref.DeadlineReminderDays, daysUntil) {
|
||||
continue
|
||||
}
|
||||
|
||||
title := fmt.Sprintf("Frist in %d Tagen: %s", daysUntil, dl.Title)
|
||||
body := fmt.Sprintf("Akte %s — %s\nFällig am %s", dl.CaseNumber, dl.CaseTitle, dl.DueDate)
|
||||
entityType := "deadline"
|
||||
|
||||
s.CreateNotification(ctx, CreateNotificationInput{
|
||||
TenantID: pref.TenantID,
|
||||
UserID: pref.UserID,
|
||||
Type: "deadline_reminder",
|
||||
EntityType: &entityType,
|
||||
EntityID: &dl.ID,
|
||||
Title: title,
|
||||
Body: &body,
|
||||
SendEmail: pref.EmailEnabled && !pref.DailyDigest,
|
||||
})
|
||||
}
|
||||
|
||||
// Overdue notifications
|
||||
for _, dl := range overdueDeadlines {
|
||||
if dl.TenantID != pref.TenantID {
|
||||
continue
|
||||
}
|
||||
|
||||
title := fmt.Sprintf("Frist überfällig: %s", dl.Title)
|
||||
body := fmt.Sprintf("Akte %s — %s\nFällig seit %s", dl.CaseNumber, dl.CaseTitle, dl.DueDate)
|
||||
entityType := "deadline"
|
||||
|
||||
s.CreateNotification(ctx, CreateNotificationInput{
|
||||
TenantID: pref.TenantID,
|
||||
UserID: pref.UserID,
|
||||
Type: "deadline_overdue",
|
||||
EntityType: &entityType,
|
||||
EntityID: &dl.ID,
|
||||
Title: title,
|
||||
Body: &body,
|
||||
SendEmail: pref.EmailEnabled && !pref.DailyDigest,
|
||||
})
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
// SendDailyDigests compiles pending notifications into one email per user.
|
||||
func (s *NotificationService) SendDailyDigests(ctx context.Context) {
|
||||
slog.Info("sending daily digests")
|
||||
|
||||
// Find users with daily_digest enabled
|
||||
var prefs []models.NotificationPreferences
|
||||
err := s.db.SelectContext(ctx, &prefs,
|
||||
`SELECT user_id, tenant_id, deadline_reminder_days, email_enabled, daily_digest, created_at, updated_at
|
||||
FROM notification_preferences
|
||||
WHERE daily_digest = true AND email_enabled = true`)
|
||||
if err != nil {
|
||||
slog.Error("failed to load digest preferences", "error", err)
|
||||
return
|
||||
}
|
||||
|
||||
for _, pref := range prefs {
|
||||
// Get unsent notifications for this user from the last 24 hours
|
||||
var notifications []models.Notification
|
||||
err := s.db.SelectContext(ctx, ¬ifications,
|
||||
`SELECT id, tenant_id, user_id, type, entity_type, entity_id, title, body, sent_at, read_at, created_at
|
||||
FROM notifications
|
||||
WHERE user_id = $1 AND tenant_id = $2 AND sent_at IS NULL
|
||||
AND created_at > now() - interval '24 hours'
|
||||
ORDER BY created_at DESC`,
|
||||
pref.UserID, pref.TenantID)
|
||||
if err != nil {
|
||||
slog.Error("failed to load unsent notifications", "error", err, "user_id", pref.UserID)
|
||||
continue
|
||||
}
|
||||
|
||||
if len(notifications) == 0 {
|
||||
continue
|
||||
}
|
||||
|
||||
// Get user email
|
||||
email := s.getUserEmail(ctx, pref.UserID)
|
||||
if email == "" {
|
||||
continue
|
||||
}
|
||||
|
||||
// Build digest
|
||||
var lines []string
|
||||
lines = append(lines, fmt.Sprintf("Guten Morgen! Hier ist Ihre Tagesübersicht mit %d Benachrichtigungen:\n", len(notifications)))
|
||||
for _, n := range notifications {
|
||||
body := ""
|
||||
if n.Body != nil {
|
||||
body = " — " + *n.Body
|
||||
}
|
||||
lines = append(lines, fmt.Sprintf("• %s%s", n.Title, body))
|
||||
}
|
||||
lines = append(lines, "\n---\nKanzlAI Kanzleimanagement")
|
||||
|
||||
subject := fmt.Sprintf("KanzlAI Tagesübersicht — %d Benachrichtigungen", len(notifications))
|
||||
bodyText := strings.Join(lines, "\n")
|
||||
|
||||
if err := SendEmail(email, subject, bodyText); err != nil {
|
||||
slog.Error("failed to send digest email", "error", err, "user_id", pref.UserID)
|
||||
continue
|
||||
}
|
||||
|
||||
// Mark all as sent
|
||||
ids := make([]uuid.UUID, len(notifications))
|
||||
for i, n := range notifications {
|
||||
ids[i] = n.ID
|
||||
}
|
||||
query, args, err := sqlx.In(
|
||||
`UPDATE notifications SET sent_at = now() WHERE id IN (?)`, ids)
|
||||
if err == nil {
|
||||
query = s.db.Rebind(query)
|
||||
_, err = s.db.ExecContext(ctx, query, args...)
|
||||
}
|
||||
if err != nil {
|
||||
slog.Error("failed to mark digest notifications sent", "error", err)
|
||||
}
|
||||
|
||||
slog.Info("sent daily digest", "user_id", pref.UserID, "count", len(notifications))
|
||||
}
|
||||
}
|
||||
|
||||
// CreateNotificationInput holds the data for creating a notification.
|
||||
type CreateNotificationInput struct {
|
||||
TenantID uuid.UUID
|
||||
UserID uuid.UUID
|
||||
Type string
|
||||
EntityType *string
|
||||
EntityID *uuid.UUID
|
||||
Title string
|
||||
Body *string
|
||||
SendEmail bool
|
||||
}
|
||||
|
||||
// CreateNotification stores a notification in the DB and optionally sends an email.
|
||||
func (s *NotificationService) CreateNotification(ctx context.Context, input CreateNotificationInput) (*models.Notification, error) {
|
||||
// Dedup: check if we already sent this notification today
|
||||
if input.EntityID != nil {
|
||||
var count int
|
||||
err := s.db.GetContext(ctx, &count,
|
||||
`SELECT COUNT(*) FROM notifications
|
||||
WHERE user_id = $1 AND entity_id = $2 AND type = $3
|
||||
AND created_at::date = CURRENT_DATE`,
|
||||
input.UserID, input.EntityID, input.Type)
|
||||
if err == nil && count > 0 {
|
||||
return nil, nil // Already notified today
|
||||
}
|
||||
}
|
||||
|
||||
var n models.Notification
|
||||
err := s.db.QueryRowxContext(ctx,
|
||||
`INSERT INTO notifications (tenant_id, user_id, type, entity_type, entity_id, title, body)
|
||||
VALUES ($1, $2, $3, $4, $5, $6, $7)
|
||||
RETURNING id, tenant_id, user_id, type, entity_type, entity_id, title, body, sent_at, read_at, created_at`,
|
||||
input.TenantID, input.UserID, input.Type, input.EntityType, input.EntityID,
|
||||
input.Title, input.Body).StructScan(&n)
|
||||
if err != nil {
|
||||
slog.Error("failed to create notification", "error", err)
|
||||
return nil, fmt.Errorf("create notification: %w", err)
|
||||
}
|
||||
|
||||
// Send email immediately if requested (non-digest users)
|
||||
if input.SendEmail {
|
||||
email := s.getUserEmail(ctx, input.UserID)
|
||||
if email != "" {
|
||||
go func() {
|
||||
if err := SendEmail(email, input.Title, derefStr(input.Body)); err != nil {
|
||||
slog.Error("failed to send notification email", "error", err, "user_id", input.UserID)
|
||||
} else {
|
||||
// Mark as sent
|
||||
_, _ = s.db.Exec(`UPDATE notifications SET sent_at = now() WHERE id = $1`, n.ID)
|
||||
}
|
||||
}()
|
||||
}
|
||||
}
|
||||
|
||||
return &n, nil
|
||||
}
|
||||
|
||||
// ListForUser returns notifications for a user in a tenant, paginated.
|
||||
func (s *NotificationService) ListForUser(ctx context.Context, tenantID, userID uuid.UUID, limit, offset int) ([]models.Notification, int, error) {
|
||||
if limit <= 0 {
|
||||
limit = 50
|
||||
}
|
||||
if limit > 200 {
|
||||
limit = 200
|
||||
}
|
||||
|
||||
var total int
|
||||
err := s.db.GetContext(ctx, &total,
|
||||
`SELECT COUNT(*) FROM notifications WHERE user_id = $1 AND tenant_id = $2`,
|
||||
userID, tenantID)
|
||||
if err != nil {
|
||||
return nil, 0, fmt.Errorf("count notifications: %w", err)
|
||||
}
|
||||
|
||||
var notifications []models.Notification
|
||||
err = s.db.SelectContext(ctx, ¬ifications,
|
||||
`SELECT id, tenant_id, user_id, type, entity_type, entity_id, title, body, sent_at, read_at, created_at
|
||||
FROM notifications
|
||||
WHERE user_id = $1 AND tenant_id = $2
|
||||
ORDER BY created_at DESC
|
||||
LIMIT $3 OFFSET $4`,
|
||||
userID, tenantID, limit, offset)
|
||||
if err != nil {
|
||||
return nil, 0, fmt.Errorf("list notifications: %w", err)
|
||||
}
|
||||
|
||||
return notifications, total, nil
|
||||
}
|
||||
|
||||
// UnreadCount returns the number of unread notifications for a user.
|
||||
func (s *NotificationService) UnreadCount(ctx context.Context, tenantID, userID uuid.UUID) (int, error) {
|
||||
var count int
|
||||
err := s.db.GetContext(ctx, &count,
|
||||
`SELECT COUNT(*) FROM notifications WHERE user_id = $1 AND tenant_id = $2 AND read_at IS NULL`,
|
||||
userID, tenantID)
|
||||
return count, err
|
||||
}
|
||||
|
||||
// MarkRead marks a single notification as read.
|
||||
func (s *NotificationService) MarkRead(ctx context.Context, tenantID, userID, notificationID uuid.UUID) error {
|
||||
result, err := s.db.ExecContext(ctx,
|
||||
`UPDATE notifications SET read_at = now()
|
||||
WHERE id = $1 AND user_id = $2 AND tenant_id = $3 AND read_at IS NULL`,
|
||||
notificationID, userID, tenantID)
|
||||
if err != nil {
|
||||
return fmt.Errorf("mark notification read: %w", err)
|
||||
}
|
||||
rows, _ := result.RowsAffected()
|
||||
if rows == 0 {
|
||||
return fmt.Errorf("notification not found or already read")
|
||||
}
|
||||
return nil
|
||||
}
|
||||
|
||||
// MarkAllRead marks all notifications as read for a user.
|
||||
func (s *NotificationService) MarkAllRead(ctx context.Context, tenantID, userID uuid.UUID) error {
|
||||
_, err := s.db.ExecContext(ctx,
|
||||
`UPDATE notifications SET read_at = now()
|
||||
WHERE user_id = $1 AND tenant_id = $2 AND read_at IS NULL`,
|
||||
userID, tenantID)
|
||||
return err
|
||||
}
|
||||
|
||||
// GetPreferences returns notification preferences for a user, creating defaults if needed.
|
||||
func (s *NotificationService) GetPreferences(ctx context.Context, tenantID, userID uuid.UUID) (*models.NotificationPreferences, error) {
|
||||
var pref models.NotificationPreferences
|
||||
err := s.db.GetContext(ctx, &pref,
|
||||
`SELECT user_id, tenant_id, deadline_reminder_days, email_enabled, daily_digest, created_at, updated_at
|
||||
FROM notification_preferences
|
||||
WHERE user_id = $1 AND tenant_id = $2`,
|
||||
userID, tenantID)
|
||||
if err != nil {
|
||||
// Return defaults if no preferences set
|
||||
return &models.NotificationPreferences{
|
||||
UserID: userID,
|
||||
TenantID: tenantID,
|
||||
DeadlineReminderDays: pq.Int64Array{7, 3, 1},
|
||||
EmailEnabled: true,
|
||||
DailyDigest: false,
|
||||
}, nil
|
||||
}
|
||||
return &pref, nil
|
||||
}
|
||||
|
||||
// UpdatePreferences upserts notification preferences for a user.
|
||||
func (s *NotificationService) UpdatePreferences(ctx context.Context, tenantID, userID uuid.UUID, input UpdatePreferencesInput) (*models.NotificationPreferences, error) {
|
||||
var pref models.NotificationPreferences
|
||||
err := s.db.QueryRowxContext(ctx,
|
||||
`INSERT INTO notification_preferences (user_id, tenant_id, deadline_reminder_days, email_enabled, daily_digest)
|
||||
VALUES ($1, $2, $3, $4, $5)
|
||||
ON CONFLICT (user_id, tenant_id)
|
||||
DO UPDATE SET deadline_reminder_days = $3, email_enabled = $4, daily_digest = $5, updated_at = now()
|
||||
RETURNING user_id, tenant_id, deadline_reminder_days, email_enabled, daily_digest, created_at, updated_at`,
|
||||
userID, tenantID, pq.Int64Array(input.DeadlineReminderDays), input.EmailEnabled, input.DailyDigest).StructScan(&pref)
|
||||
if err != nil {
|
||||
return nil, fmt.Errorf("update preferences: %w", err)
|
||||
}
|
||||
return &pref, nil
|
||||
}
|
||||
|
||||
// UpdatePreferencesInput holds the data for updating notification preferences.
|
||||
type UpdatePreferencesInput struct {
|
||||
DeadlineReminderDays []int64 `json:"deadline_reminder_days"`
|
||||
EmailEnabled bool `json:"email_enabled"`
|
||||
DailyDigest bool `json:"daily_digest"`
|
||||
}
|
||||
|
||||
// SendEmail sends an email using the `m mail send` CLI command.
|
||||
func SendEmail(to, subject, body string) error {
|
||||
cmd := exec.Command("m", "mail", "send",
|
||||
"--to", to,
|
||||
"--subject", subject,
|
||||
"--body", body,
|
||||
"--yes")
|
||||
output, err := cmd.CombinedOutput()
|
||||
if err != nil {
|
||||
return fmt.Errorf("m mail send failed: %w (output: %s)", err, string(output))
|
||||
}
|
||||
slog.Info("email sent", "to", to, "subject", subject)
|
||||
return nil
|
||||
}
|
||||
|
||||
// getUserEmail looks up the email for a user from Supabase auth.users.
|
||||
func (s *NotificationService) getUserEmail(ctx context.Context, userID uuid.UUID) string {
|
||||
var email string
|
||||
err := s.db.GetContext(ctx, &email,
|
||||
`SELECT email FROM auth.users WHERE id = $1`, userID)
|
||||
if err != nil {
|
||||
slog.Error("failed to get user email", "error", err, "user_id", userID)
|
||||
return ""
|
||||
}
|
||||
return email
|
||||
}
|
||||
|
||||
func containsDay(arr pq.Int64Array, day int64) bool {
|
||||
for _, d := range arr {
|
||||
if d == day {
|
||||
return true
|
||||
}
|
||||
}
|
||||
return false
|
||||
}
|
||||
|
||||
func derefStr(s *string) string {
|
||||
if s == nil {
|
||||
return ""
|
||||
}
|
||||
return *s
|
||||
}
|
||||
@@ -13,11 +13,12 @@ import (
|
||||
)
|
||||
|
||||
type PartyService struct {
|
||||
db *sqlx.DB
|
||||
db *sqlx.DB
|
||||
audit *AuditService
|
||||
}
|
||||
|
||||
func NewPartyService(db *sqlx.DB) *PartyService {
|
||||
return &PartyService{db: db}
|
||||
func NewPartyService(db *sqlx.DB, audit *AuditService) *PartyService {
|
||||
return &PartyService{db: db, audit: audit}
|
||||
}
|
||||
|
||||
type CreatePartyInput struct {
|
||||
@@ -79,6 +80,7 @@ func (s *PartyService) Create(ctx context.Context, tenantID, caseID uuid.UUID, u
|
||||
if err := s.db.GetContext(ctx, &party, "SELECT * FROM parties WHERE id = $1", id); err != nil {
|
||||
return nil, fmt.Errorf("fetching created party: %w", err)
|
||||
}
|
||||
s.audit.Log(ctx, "create", "party", &id, nil, party)
|
||||
return &party, nil
|
||||
}
|
||||
|
||||
@@ -135,6 +137,7 @@ func (s *PartyService) Update(ctx context.Context, tenantID, partyID uuid.UUID,
|
||||
if err := s.db.GetContext(ctx, &updated, "SELECT * FROM parties WHERE id = $1", partyID); err != nil {
|
||||
return nil, fmt.Errorf("fetching updated party: %w", err)
|
||||
}
|
||||
s.audit.Log(ctx, "update", "party", &partyID, current, updated)
|
||||
return &updated, nil
|
||||
}
|
||||
|
||||
@@ -148,5 +151,6 @@ func (s *PartyService) Delete(ctx context.Context, tenantID, partyID uuid.UUID)
|
||||
if rows == 0 {
|
||||
return sql.ErrNoRows
|
||||
}
|
||||
s.audit.Log(ctx, "delete", "party", &partyID, nil, nil)
|
||||
return nil
|
||||
}
|
||||
|
||||
@@ -13,11 +13,12 @@ import (
|
||||
)
|
||||
|
||||
type TenantService struct {
|
||||
db *sqlx.DB
|
||||
db *sqlx.DB
|
||||
audit *AuditService
|
||||
}
|
||||
|
||||
func NewTenantService(db *sqlx.DB) *TenantService {
|
||||
return &TenantService{db: db}
|
||||
func NewTenantService(db *sqlx.DB, audit *AuditService) *TenantService {
|
||||
return &TenantService{db: db, audit: audit}
|
||||
}
|
||||
|
||||
// Create creates a new tenant and assigns the creator as owner.
|
||||
@@ -49,6 +50,7 @@ func (s *TenantService) Create(ctx context.Context, userID uuid.UUID, name, slug
|
||||
return nil, fmt.Errorf("commit: %w", err)
|
||||
}
|
||||
|
||||
s.audit.Log(ctx, "create", "tenant", &tenant.ID, nil, tenant)
|
||||
return &tenant, nil
|
||||
}
|
||||
|
||||
@@ -171,6 +173,7 @@ func (s *TenantService) InviteByEmail(ctx context.Context, tenantID uuid.UUID, e
|
||||
return nil, fmt.Errorf("invite user: %w", err)
|
||||
}
|
||||
|
||||
s.audit.Log(ctx, "create", "membership", &tenantID, nil, ut)
|
||||
return &ut, nil
|
||||
}
|
||||
|
||||
@@ -186,6 +189,7 @@ func (s *TenantService) UpdateSettings(ctx context.Context, tenantID uuid.UUID,
|
||||
if err != nil {
|
||||
return nil, fmt.Errorf("update settings: %w", err)
|
||||
}
|
||||
s.audit.Log(ctx, "update", "settings", &tenantID, nil, settings)
|
||||
return &tenant, nil
|
||||
}
|
||||
|
||||
@@ -223,5 +227,6 @@ func (s *TenantService) RemoveMember(ctx context.Context, tenantID, userID uuid.
|
||||
return fmt.Errorf("remove member: %w", err)
|
||||
}
|
||||
|
||||
s.audit.Log(ctx, "delete", "membership", &tenantID, map[string]any{"user_id": userID, "role": role}, nil)
|
||||
return nil
|
||||
}
|
||||
|
||||
@@ -15,6 +15,7 @@ import {
|
||||
Users,
|
||||
StickyNote,
|
||||
AlertTriangle,
|
||||
ScrollText,
|
||||
} from "lucide-react";
|
||||
import { format } from "date-fns";
|
||||
import { de } from "date-fns/locale";
|
||||
@@ -44,6 +45,7 @@ const TABS = [
|
||||
{ segment: "dokumente", label: "Dokumente", icon: FileText },
|
||||
{ segment: "parteien", label: "Parteien", icon: Users },
|
||||
{ segment: "notizen", label: "Notizen", icon: StickyNote },
|
||||
{ segment: "protokoll", label: "Protokoll", icon: ScrollText },
|
||||
] as const;
|
||||
|
||||
const TAB_LABELS: Record<string, string> = {
|
||||
@@ -52,6 +54,7 @@ const TAB_LABELS: Record<string, string> = {
|
||||
dokumente: "Dokumente",
|
||||
parteien: "Parteien",
|
||||
notizen: "Notizen",
|
||||
protokoll: "Protokoll",
|
||||
};
|
||||
|
||||
function CaseDetailSkeleton() {
|
||||
|
||||
178
frontend/src/app/(app)/cases/[id]/protokoll/page.tsx
Normal file
178
frontend/src/app/(app)/cases/[id]/protokoll/page.tsx
Normal file
@@ -0,0 +1,178 @@
|
||||
"use client";
|
||||
|
||||
import { useQuery } from "@tanstack/react-query";
|
||||
import { useParams, useSearchParams } from "next/navigation";
|
||||
import { api } from "@/lib/api";
|
||||
import type { AuditLogResponse } from "@/lib/types";
|
||||
import { format } from "date-fns";
|
||||
import { de } from "date-fns/locale";
|
||||
import { Loader2, ChevronLeft, ChevronRight } from "lucide-react";
|
||||
|
||||
const ACTION_LABELS: Record<string, string> = {
|
||||
create: "Erstellt",
|
||||
update: "Aktualisiert",
|
||||
delete: "Geloescht",
|
||||
};
|
||||
|
||||
const ACTION_COLORS: Record<string, string> = {
|
||||
create: "bg-emerald-50 text-emerald-700",
|
||||
update: "bg-blue-50 text-blue-700",
|
||||
delete: "bg-red-50 text-red-700",
|
||||
};
|
||||
|
||||
const ENTITY_LABELS: Record<string, string> = {
|
||||
case: "Akte",
|
||||
deadline: "Frist",
|
||||
appointment: "Termin",
|
||||
document: "Dokument",
|
||||
party: "Partei",
|
||||
note: "Notiz",
|
||||
settings: "Einstellungen",
|
||||
membership: "Mitgliedschaft",
|
||||
};
|
||||
|
||||
function DiffPreview({
|
||||
oldValues,
|
||||
newValues,
|
||||
}: {
|
||||
oldValues?: Record<string, unknown>;
|
||||
newValues?: Record<string, unknown>;
|
||||
}) {
|
||||
if (!oldValues && !newValues) return null;
|
||||
|
||||
const allKeys = new Set([
|
||||
...Object.keys(oldValues ?? {}),
|
||||
...Object.keys(newValues ?? {}),
|
||||
]);
|
||||
|
||||
const changes: { key: string; from?: unknown; to?: unknown }[] = [];
|
||||
for (const key of allKeys) {
|
||||
const oldVal = oldValues?.[key];
|
||||
const newVal = newValues?.[key];
|
||||
if (JSON.stringify(oldVal) !== JSON.stringify(newVal)) {
|
||||
changes.push({ key, from: oldVal, to: newVal });
|
||||
}
|
||||
}
|
||||
|
||||
if (changes.length === 0) return null;
|
||||
|
||||
return (
|
||||
<div className="mt-2 space-y-1">
|
||||
{changes.slice(0, 5).map((c) => (
|
||||
<div key={c.key} className="flex items-baseline gap-2 text-xs">
|
||||
<span className="font-medium text-neutral-500">{c.key}:</span>
|
||||
{c.from !== undefined && (
|
||||
<span className="rounded bg-red-50 px-1 text-red-600 line-through">
|
||||
{String(c.from)}
|
||||
</span>
|
||||
)}
|
||||
{c.to !== undefined && (
|
||||
<span className="rounded bg-emerald-50 px-1 text-emerald-600">
|
||||
{String(c.to)}
|
||||
</span>
|
||||
)}
|
||||
</div>
|
||||
))}
|
||||
{changes.length > 5 && (
|
||||
<span className="text-xs text-neutral-400">
|
||||
+{changes.length - 5} weitere Aenderungen
|
||||
</span>
|
||||
)}
|
||||
</div>
|
||||
);
|
||||
}
|
||||
|
||||
export default function ProtokollPage() {
|
||||
const { id } = useParams<{ id: string }>();
|
||||
const searchParams = useSearchParams();
|
||||
const page = Number(searchParams.get("page")) || 1;
|
||||
|
||||
const { data, isLoading } = useQuery({
|
||||
queryKey: ["audit-log", id, page],
|
||||
queryFn: () =>
|
||||
api.get<AuditLogResponse>(
|
||||
`/audit-log?entity_id=${id}&page=${page}&limit=50`,
|
||||
),
|
||||
});
|
||||
|
||||
if (isLoading) {
|
||||
return (
|
||||
<div className="flex items-center justify-center py-8">
|
||||
<Loader2 className="h-5 w-5 animate-spin text-neutral-400" />
|
||||
</div>
|
||||
);
|
||||
}
|
||||
|
||||
const entries = data?.entries ?? [];
|
||||
const total = data?.total ?? 0;
|
||||
const totalPages = Math.ceil(total / 50);
|
||||
|
||||
if (entries.length === 0) {
|
||||
return (
|
||||
<div className="py-8 text-center text-sm text-neutral-400">
|
||||
Keine Protokolleintraege vorhanden.
|
||||
</div>
|
||||
);
|
||||
}
|
||||
|
||||
return (
|
||||
<div>
|
||||
<div className="space-y-3">
|
||||
{entries.map((entry) => (
|
||||
<div
|
||||
key={entry.id}
|
||||
className="rounded-md border border-neutral-100 bg-white px-4 py-3"
|
||||
>
|
||||
<div className="flex items-start justify-between gap-3">
|
||||
<div className="flex items-center gap-2">
|
||||
<span
|
||||
className={`inline-block rounded-full px-2 py-0.5 text-xs font-medium ${ACTION_COLORS[entry.action] ?? "bg-neutral-100 text-neutral-600"}`}
|
||||
>
|
||||
{ACTION_LABELS[entry.action] ?? entry.action}
|
||||
</span>
|
||||
<span className="text-sm font-medium text-neutral-700">
|
||||
{ENTITY_LABELS[entry.entity_type] ?? entry.entity_type}
|
||||
</span>
|
||||
</div>
|
||||
<span className="shrink-0 text-xs text-neutral-400">
|
||||
{format(new Date(entry.created_at), "d. MMM yyyy, HH:mm", {
|
||||
locale: de,
|
||||
})}
|
||||
</span>
|
||||
</div>
|
||||
<DiffPreview
|
||||
oldValues={entry.old_values}
|
||||
newValues={entry.new_values}
|
||||
/>
|
||||
</div>
|
||||
))}
|
||||
</div>
|
||||
|
||||
{totalPages > 1 && (
|
||||
<div className="mt-4 flex items-center justify-between">
|
||||
<span className="text-xs text-neutral-400">
|
||||
{total} Eintraege, Seite {page} von {totalPages}
|
||||
</span>
|
||||
<div className="flex gap-1">
|
||||
{page > 1 && (
|
||||
<a
|
||||
href={`?page=${page - 1}`}
|
||||
className="inline-flex items-center gap-1 rounded-md border border-neutral-200 px-2 py-1 text-xs text-neutral-600 hover:bg-neutral-50"
|
||||
>
|
||||
<ChevronLeft className="h-3 w-3" /> Zurueck
|
||||
</a>
|
||||
)}
|
||||
{page < totalPages && (
|
||||
<a
|
||||
href={`?page=${page + 1}`}
|
||||
className="inline-flex items-center gap-1 rounded-md border border-neutral-200 px-2 py-1 text-xs text-neutral-600 hover:bg-neutral-50"
|
||||
>
|
||||
Weiter <ChevronRight className="h-3 w-3" />
|
||||
</a>
|
||||
)}
|
||||
</div>
|
||||
</div>
|
||||
)}
|
||||
</div>
|
||||
);
|
||||
}
|
||||
@@ -1,12 +1,11 @@
|
||||
"use client";
|
||||
|
||||
import { useQuery } from "@tanstack/react-query";
|
||||
import { Settings, Calendar, Users, Bell } from "lucide-react";
|
||||
import { Settings, Calendar, Users } from "lucide-react";
|
||||
import Link from "next/link";
|
||||
import { api } from "@/lib/api";
|
||||
import type { Tenant } from "@/lib/types";
|
||||
import { CalDAVSettings } from "@/components/settings/CalDAVSettings";
|
||||
import { NotificationSettings } from "@/components/settings/NotificationSettings";
|
||||
import { SkeletonCard } from "@/components/ui/Skeleton";
|
||||
import { EmptyState } from "@/components/ui/EmptyState";
|
||||
|
||||
@@ -98,19 +97,6 @@ export default function EinstellungenPage() {
|
||||
</div>
|
||||
</section>
|
||||
|
||||
{/* Notification Settings */}
|
||||
<section className="rounded-xl border border-neutral-200 bg-white p-5">
|
||||
<div className="flex items-center gap-2.5 border-b border-neutral-100 pb-3">
|
||||
<Bell className="h-4 w-4 text-neutral-500" />
|
||||
<h2 className="text-sm font-semibold text-neutral-900">
|
||||
Benachrichtigungen
|
||||
</h2>
|
||||
</div>
|
||||
<div className="mt-4">
|
||||
<NotificationSettings />
|
||||
</div>
|
||||
</section>
|
||||
|
||||
{/* CalDAV Settings */}
|
||||
<section className="rounded-xl border border-neutral-200 bg-white p-5">
|
||||
<div className="flex items-center gap-2.5 border-b border-neutral-100 pb-3">
|
||||
|
||||
@@ -2,7 +2,6 @@
|
||||
|
||||
import { createClient } from "@/lib/supabase/client";
|
||||
import { TenantSwitcher } from "./TenantSwitcher";
|
||||
import { NotificationBell } from "@/components/notifications/NotificationBell";
|
||||
import { LogOut } from "lucide-react";
|
||||
import { useRouter } from "next/navigation";
|
||||
import { useEffect, useState } from "react";
|
||||
@@ -30,7 +29,6 @@ export function Header() {
|
||||
<div className="w-8 lg:w-0" />
|
||||
<div className="flex items-center gap-2 sm:gap-3">
|
||||
<TenantSwitcher />
|
||||
<NotificationBell />
|
||||
{email && (
|
||||
<span className="hidden text-sm text-neutral-500 sm:inline">
|
||||
{email}
|
||||
|
||||
@@ -1,205 +0,0 @@
|
||||
"use client";
|
||||
|
||||
import { useEffect, useRef, useState } from "react";
|
||||
import { useQuery, useMutation, useQueryClient } from "@tanstack/react-query";
|
||||
import { Bell, Check, CheckCheck, ExternalLink } from "lucide-react";
|
||||
import { api } from "@/lib/api";
|
||||
import type { Notification, NotificationListResponse } from "@/lib/types";
|
||||
|
||||
function getEntityLink(n: Notification): string | null {
|
||||
if (!n.entity_type || !n.entity_id) return null;
|
||||
switch (n.entity_type) {
|
||||
case "deadline":
|
||||
return `/fristen/${n.entity_id}`;
|
||||
case "appointment":
|
||||
return `/termine/${n.entity_id}`;
|
||||
case "case":
|
||||
return `/akten/${n.entity_id}`;
|
||||
default:
|
||||
return null;
|
||||
}
|
||||
}
|
||||
|
||||
function getTypeColor(type: Notification["type"]): string {
|
||||
switch (type) {
|
||||
case "deadline_overdue":
|
||||
return "bg-red-500";
|
||||
case "deadline_reminder":
|
||||
return "bg-amber-500";
|
||||
case "case_update":
|
||||
return "bg-blue-500";
|
||||
case "assignment":
|
||||
return "bg-violet-500";
|
||||
default:
|
||||
return "bg-neutral-500";
|
||||
}
|
||||
}
|
||||
|
||||
function timeAgo(dateStr: string): string {
|
||||
const now = new Date();
|
||||
const date = new Date(dateStr);
|
||||
const diffMs = now.getTime() - date.getTime();
|
||||
const diffMin = Math.floor(diffMs / 60000);
|
||||
if (diffMin < 1) return "gerade eben";
|
||||
if (diffMin < 60) return `vor ${diffMin} Min.`;
|
||||
const diffHours = Math.floor(diffMin / 60);
|
||||
if (diffHours < 24) return `vor ${diffHours} Std.`;
|
||||
const diffDays = Math.floor(diffHours / 24);
|
||||
if (diffDays === 1) return "gestern";
|
||||
return `vor ${diffDays} Tagen`;
|
||||
}
|
||||
|
||||
export function NotificationBell() {
|
||||
const [open, setOpen] = useState(false);
|
||||
const panelRef = useRef<HTMLDivElement>(null);
|
||||
const queryClient = useQueryClient();
|
||||
|
||||
const { data: unreadData } = useQuery({
|
||||
queryKey: ["notifications-unread-count"],
|
||||
queryFn: () =>
|
||||
api.get<{ unread_count: number }>("/api/notifications/unread-count"),
|
||||
refetchInterval: 30_000,
|
||||
});
|
||||
|
||||
const { data: notifData } = useQuery({
|
||||
queryKey: ["notifications"],
|
||||
queryFn: () =>
|
||||
api.get<NotificationListResponse>("/api/notifications?limit=20"),
|
||||
enabled: open,
|
||||
});
|
||||
|
||||
const markRead = useMutation({
|
||||
mutationFn: (id: string) =>
|
||||
api.patch(`/api/notifications/${id}/read`),
|
||||
onSuccess: () => {
|
||||
queryClient.invalidateQueries({ queryKey: ["notifications"] });
|
||||
queryClient.invalidateQueries({
|
||||
queryKey: ["notifications-unread-count"],
|
||||
});
|
||||
},
|
||||
});
|
||||
|
||||
const markAllRead = useMutation({
|
||||
mutationFn: () => api.patch("/api/notifications/read-all"),
|
||||
onSuccess: () => {
|
||||
queryClient.invalidateQueries({ queryKey: ["notifications"] });
|
||||
queryClient.invalidateQueries({
|
||||
queryKey: ["notifications-unread-count"],
|
||||
});
|
||||
},
|
||||
});
|
||||
|
||||
// Close on click outside
|
||||
useEffect(() => {
|
||||
function handleClickOutside(e: MouseEvent) {
|
||||
if (panelRef.current && !panelRef.current.contains(e.target as Node)) {
|
||||
setOpen(false);
|
||||
}
|
||||
}
|
||||
if (open) {
|
||||
document.addEventListener("mousedown", handleClickOutside);
|
||||
}
|
||||
return () => document.removeEventListener("mousedown", handleClickOutside);
|
||||
}, [open]);
|
||||
|
||||
const unreadCount = unreadData?.unread_count ?? 0;
|
||||
const notifications = notifData?.data ?? [];
|
||||
|
||||
return (
|
||||
<div className="relative" ref={panelRef}>
|
||||
<button
|
||||
onClick={() => setOpen(!open)}
|
||||
className="relative rounded-md p-1.5 text-neutral-400 transition-colors hover:bg-neutral-100 hover:text-neutral-600"
|
||||
title="Benachrichtigungen"
|
||||
>
|
||||
<Bell className="h-4 w-4" />
|
||||
{unreadCount > 0 && (
|
||||
<span className="absolute -right-0.5 -top-0.5 flex h-4 min-w-4 items-center justify-center rounded-full bg-red-500 px-1 text-[10px] font-bold text-white">
|
||||
{unreadCount > 99 ? "99+" : unreadCount}
|
||||
</span>
|
||||
)}
|
||||
</button>
|
||||
|
||||
{open && (
|
||||
<div className="absolute right-0 top-full z-50 mt-2 w-80 rounded-xl border border-neutral-200 bg-white shadow-lg sm:w-96">
|
||||
{/* Header */}
|
||||
<div className="flex items-center justify-between border-b border-neutral-100 px-4 py-3">
|
||||
<h3 className="text-sm font-semibold text-neutral-900">
|
||||
Benachrichtigungen
|
||||
</h3>
|
||||
{unreadCount > 0 && (
|
||||
<button
|
||||
onClick={() => markAllRead.mutate()}
|
||||
className="flex items-center gap-1 text-xs text-neutral-500 hover:text-neutral-700"
|
||||
>
|
||||
<CheckCheck className="h-3 w-3" />
|
||||
Alle gelesen
|
||||
</button>
|
||||
)}
|
||||
</div>
|
||||
|
||||
{/* Notification list */}
|
||||
<div className="max-h-96 overflow-y-auto">
|
||||
{notifications.length === 0 ? (
|
||||
<div className="p-6 text-center text-sm text-neutral-400">
|
||||
Keine Benachrichtigungen
|
||||
</div>
|
||||
) : (
|
||||
notifications.map((n) => {
|
||||
const link = getEntityLink(n);
|
||||
return (
|
||||
<div
|
||||
key={n.id}
|
||||
className={`flex items-start gap-3 border-b border-neutral-50 px-4 py-3 transition-colors last:border-0 ${
|
||||
n.read_at
|
||||
? "bg-white"
|
||||
: "bg-blue-50/50"
|
||||
}`}
|
||||
>
|
||||
<div
|
||||
className={`mt-1.5 h-2 w-2 flex-shrink-0 rounded-full ${getTypeColor(n.type)}`}
|
||||
/>
|
||||
<div className="min-w-0 flex-1">
|
||||
<p className="text-sm font-medium text-neutral-900 leading-snug">
|
||||
{n.title}
|
||||
</p>
|
||||
{n.body && (
|
||||
<p className="mt-0.5 text-xs text-neutral-500 line-clamp-2">
|
||||
{n.body}
|
||||
</p>
|
||||
)}
|
||||
<div className="mt-1.5 flex items-center gap-2">
|
||||
<span className="text-[11px] text-neutral-400">
|
||||
{timeAgo(n.created_at)}
|
||||
</span>
|
||||
{link && (
|
||||
<a
|
||||
href={link}
|
||||
onClick={() => setOpen(false)}
|
||||
className="flex items-center gap-0.5 text-[11px] text-blue-600 hover:text-blue-700"
|
||||
>
|
||||
<ExternalLink className="h-2.5 w-2.5" />
|
||||
Anzeigen
|
||||
</a>
|
||||
)}
|
||||
</div>
|
||||
</div>
|
||||
{!n.read_at && (
|
||||
<button
|
||||
onClick={() => markRead.mutate(n.id)}
|
||||
className="flex-shrink-0 rounded p-1 text-neutral-400 hover:bg-neutral-100 hover:text-neutral-600"
|
||||
title="Als gelesen markieren"
|
||||
>
|
||||
<Check className="h-3 w-3" />
|
||||
</button>
|
||||
)}
|
||||
</div>
|
||||
);
|
||||
})
|
||||
)}
|
||||
</div>
|
||||
</div>
|
||||
)}
|
||||
</div>
|
||||
);
|
||||
}
|
||||
@@ -1,167 +0,0 @@
|
||||
"use client";
|
||||
|
||||
import { useState } from "react";
|
||||
import { useQuery, useMutation, useQueryClient } from "@tanstack/react-query";
|
||||
import { api } from "@/lib/api";
|
||||
import type { NotificationPreferences } from "@/lib/types";
|
||||
|
||||
const REMINDER_OPTIONS = [
|
||||
{ value: 14, label: "14 Tage" },
|
||||
{ value: 7, label: "7 Tage" },
|
||||
{ value: 3, label: "3 Tage" },
|
||||
{ value: 1, label: "1 Tag" },
|
||||
];
|
||||
|
||||
export function NotificationSettings() {
|
||||
const queryClient = useQueryClient();
|
||||
const [saved, setSaved] = useState(false);
|
||||
|
||||
const { data: prefs, isLoading } = useQuery({
|
||||
queryKey: ["notification-preferences"],
|
||||
queryFn: () =>
|
||||
api.get<NotificationPreferences>("/api/notification-preferences"),
|
||||
});
|
||||
|
||||
const [reminderDays, setReminderDays] = useState<number[]>([]);
|
||||
const [emailEnabled, setEmailEnabled] = useState(true);
|
||||
const [dailyDigest, setDailyDigest] = useState(false);
|
||||
const [initialized, setInitialized] = useState(false);
|
||||
|
||||
// Sync state from server once loaded
|
||||
if (prefs && !initialized) {
|
||||
setReminderDays(prefs.deadline_reminder_days);
|
||||
setEmailEnabled(prefs.email_enabled);
|
||||
setDailyDigest(prefs.daily_digest);
|
||||
setInitialized(true);
|
||||
}
|
||||
|
||||
const update = useMutation({
|
||||
mutationFn: (input: {
|
||||
deadline_reminder_days: number[];
|
||||
email_enabled: boolean;
|
||||
daily_digest: boolean;
|
||||
}) => api.put<NotificationPreferences>("/api/notification-preferences", input),
|
||||
onSuccess: () => {
|
||||
queryClient.invalidateQueries({
|
||||
queryKey: ["notification-preferences"],
|
||||
});
|
||||
setSaved(true);
|
||||
setTimeout(() => setSaved(false), 2000);
|
||||
},
|
||||
});
|
||||
|
||||
function toggleDay(day: number) {
|
||||
setReminderDays((prev) =>
|
||||
prev.includes(day) ? prev.filter((d) => d !== day) : [...prev, day].sort((a, b) => b - a),
|
||||
);
|
||||
}
|
||||
|
||||
function handleSave() {
|
||||
update.mutate({
|
||||
deadline_reminder_days: reminderDays,
|
||||
email_enabled: emailEnabled,
|
||||
daily_digest: dailyDigest,
|
||||
});
|
||||
}
|
||||
|
||||
if (isLoading) {
|
||||
return (
|
||||
<div className="animate-pulse space-y-3">
|
||||
<div className="h-4 w-48 rounded bg-neutral-200" />
|
||||
<div className="h-8 w-full rounded bg-neutral-100" />
|
||||
<div className="h-8 w-full rounded bg-neutral-100" />
|
||||
</div>
|
||||
);
|
||||
}
|
||||
|
||||
return (
|
||||
<div className="space-y-5">
|
||||
{/* Reminder days */}
|
||||
<div>
|
||||
<p className="text-sm font-medium text-neutral-700">
|
||||
Fristen-Erinnerungen
|
||||
</p>
|
||||
<p className="mt-0.5 text-xs text-neutral-500">
|
||||
Erinnern Sie mich vor Fristablauf:
|
||||
</p>
|
||||
<div className="mt-2 flex flex-wrap gap-2">
|
||||
{REMINDER_OPTIONS.map((opt) => (
|
||||
<button
|
||||
key={opt.value}
|
||||
onClick={() => toggleDay(opt.value)}
|
||||
className={`rounded-lg border px-3 py-1.5 text-sm transition-colors ${
|
||||
reminderDays.includes(opt.value)
|
||||
? "border-blue-500 bg-blue-50 text-blue-700"
|
||||
: "border-neutral-200 bg-white text-neutral-600 hover:border-neutral-300"
|
||||
}`}
|
||||
>
|
||||
{opt.label}
|
||||
</button>
|
||||
))}
|
||||
</div>
|
||||
</div>
|
||||
|
||||
{/* Email toggle */}
|
||||
<label className="flex items-center justify-between">
|
||||
<div>
|
||||
<p className="text-sm font-medium text-neutral-700">
|
||||
E-Mail-Benachrichtigungen
|
||||
</p>
|
||||
<p className="text-xs text-neutral-500">
|
||||
Erinnerungen per E-Mail erhalten
|
||||
</p>
|
||||
</div>
|
||||
<button
|
||||
onClick={() => setEmailEnabled(!emailEnabled)}
|
||||
className={`relative h-6 w-11 rounded-full transition-colors ${
|
||||
emailEnabled ? "bg-blue-500" : "bg-neutral-300"
|
||||
}`}
|
||||
>
|
||||
<span
|
||||
className={`absolute left-0.5 top-0.5 h-5 w-5 rounded-full bg-white shadow transition-transform ${
|
||||
emailEnabled ? "translate-x-5" : "translate-x-0"
|
||||
}`}
|
||||
/>
|
||||
</button>
|
||||
</label>
|
||||
|
||||
{/* Daily digest toggle */}
|
||||
<label className="flex items-center justify-between">
|
||||
<div>
|
||||
<p className="text-sm font-medium text-neutral-700">
|
||||
Tagesübersicht
|
||||
</p>
|
||||
<p className="text-xs text-neutral-500">
|
||||
Alle Benachrichtigungen gesammelt um 8:00 Uhr per E-Mail
|
||||
</p>
|
||||
</div>
|
||||
<button
|
||||
onClick={() => setDailyDigest(!dailyDigest)}
|
||||
className={`relative h-6 w-11 rounded-full transition-colors ${
|
||||
dailyDigest ? "bg-blue-500" : "bg-neutral-300"
|
||||
}`}
|
||||
>
|
||||
<span
|
||||
className={`absolute left-0.5 top-0.5 h-5 w-5 rounded-full bg-white shadow transition-transform ${
|
||||
dailyDigest ? "translate-x-5" : "translate-x-0"
|
||||
}`}
|
||||
/>
|
||||
</button>
|
||||
</label>
|
||||
|
||||
{/* Save */}
|
||||
<div className="flex items-center gap-3 pt-2">
|
||||
<button
|
||||
onClick={handleSave}
|
||||
disabled={update.isPending}
|
||||
className="rounded-md bg-neutral-900 px-4 py-2 text-sm font-medium text-white hover:bg-neutral-800 disabled:opacity-50"
|
||||
>
|
||||
{update.isPending ? "Speichern..." : "Speichern"}
|
||||
</button>
|
||||
{saved && (
|
||||
<span className="text-sm text-green-600">Gespeichert</span>
|
||||
)}
|
||||
</div>
|
||||
</div>
|
||||
);
|
||||
}
|
||||
@@ -189,35 +189,25 @@ export interface Note {
|
||||
updated_at: string;
|
||||
}
|
||||
|
||||
// Notifications
|
||||
|
||||
export interface Notification {
|
||||
id: string;
|
||||
export interface AuditLogEntry {
|
||||
id: number;
|
||||
tenant_id: string;
|
||||
user_id: string;
|
||||
type: "deadline_reminder" | "deadline_overdue" | "case_update" | "assignment";
|
||||
entity_type?: "deadline" | "appointment" | "case";
|
||||
user_id?: string;
|
||||
action: string;
|
||||
entity_type: string;
|
||||
entity_id?: string;
|
||||
title: string;
|
||||
body?: string;
|
||||
sent_at?: string;
|
||||
read_at?: string;
|
||||
old_values?: Record<string, unknown>;
|
||||
new_values?: Record<string, unknown>;
|
||||
ip_address?: string;
|
||||
user_agent?: string;
|
||||
created_at: string;
|
||||
}
|
||||
|
||||
export interface NotificationPreferences {
|
||||
user_id: string;
|
||||
tenant_id: string;
|
||||
deadline_reminder_days: number[];
|
||||
email_enabled: boolean;
|
||||
daily_digest: boolean;
|
||||
created_at?: string;
|
||||
updated_at?: string;
|
||||
}
|
||||
|
||||
export interface NotificationListResponse {
|
||||
data: Notification[];
|
||||
export interface AuditLogResponse {
|
||||
entries: AuditLogEntry[];
|
||||
total: number;
|
||||
page: number;
|
||||
limit: number;
|
||||
}
|
||||
|
||||
export interface ApiError {
|
||||
|
||||
Reference in New Issue
Block a user