mAi: #83 - approval withdraw warning modal + edit-instead path

t-paliad-252. Replace the silent confirm()-then-DELETE with a three-path
warning modal: Cancel / Edit event (primary) / Withdraw and delete
(destructive). The edit-instead path lets the requester revise the
in-flight entity without withdrawing the approval request.

Backend — new service method + endpoint
- ApprovalService.EditPendingEntity(requestID, callerID, fields):
  - validates caller == requested_by AND status = pending
  - reuses the existing wider counter-allowlist (buildCounterSetClauses
    from SuggestChanges) — every editable field on the entity, not just
    the date triggers
  - applies the field updates to the entity row via applyEntityUpdate
    (including the event_type_ids junction rewrite for deadlines)
  - merges new fields into approval_requests.payload (jsonb) so the
    approver inbox sees what was revised
  - emits a distinct *_approval_edited_by_requester project_event so the
    Verlauf surfaces the revision separately from the original *_requested
    row and any decision row
  - request stays pending; entity.approval_status stays pending
- POST /api/approval-requests/{id}/edit-entity
  - Body: {"fields": {<entity-shape>}}
  - Errors reuse the existing mapApprovalError mapping:
    400 suggestion_requires_change, 403 not_authorized,
    404, 409 request_not_pending
- Distinguishing audit event types per the spec:
  - destructive Withdraw path: existing <entity>_approval_revoked
    (no behaviour change — for CREATE deletes the entity, for UPDATE /
    COMPLETE reverts to pre_image, for DELETE cancels the delete request)
  - edit-instead path: new <entity>_approval_edited_by_requester

Frontend — shared withdraw warning modal
- frontend/src/client/components/withdraw-warning-modal.ts
  - Built on the unified openModal() primitive (t-paliad-217 Slice A)
  - Primary CTA "Termin bearbeiten" highlights the non-destructive path
  - Secondary defaults to "Abbrechen" (handled by openModal)
  - Destructive button "Endgültig zurückziehen und löschen" lives inside
    the body (red, separated by a dashed border) so the safe path stays
    visually primary in the footer
  - Copy adapts per lifecycle:
    CREATE   → "Wenn Sie zurückziehen, wird die Frist/der Termin gelöscht."
    UPDATE   → "Ihre vorgeschlagenen Änderungen werden verworfen."
    DELETE   → "Der Eintrag bleibt bestehen."

Frontend — wiring on both detail pages
- deadlines-detail.ts + appointments-detail.ts:
  - Replace confirm() in withdraw flow with openWithdrawWarningModal()
  - Edit path: set module-level pendingEditMode = true + enter edit mode
    (override existing pending-state freeze on appointments; expose
    enterEdit() via late-bound pendingEnterEdit on deadlines)
  - Save handler in pendingEditMode routes to /edit-entity instead of
    PATCH /api/<entity>/{id} (which still 409s on pending state)
  - Destructive Withdraw path: existing /revoke endpoint unchanged
  - For CREATE-lifecycle revokes the entity is gone — bounce to the
    /events list instead of trying to re-fetch (was reload() before)

i18n: +14 keys DE+EN under approvals.withdraw.* (modal title, primary,
destructive, cancel, lead.create.{deadline,appointment}, lead.update,
lead.delete, sub.create, sub.update, sub.delete)

CSS: .withdraw-warning-body + .withdraw-warning-{intro,sub,
destructive-row,destructive-btn} — lime-tint sibling palette consistent
with the existing form-hint pattern; destructive button uses .btn-danger.

Build hygiene:
- go build + go vet + go test ./internal/... clean
- frontend bun run build clean (2807 keys, +14 new, scan clean)

Files of note:
- internal/services/approval_service.go (EditPendingEntity + sortedKeys
  helper; maps.Copy for the payload merge)
- internal/handlers/approvals.go (handleEditPendingEntity)
- internal/handlers/handlers.go (route registration)
- frontend/src/client/components/withdraw-warning-modal.ts (new shared
  component)
- frontend/src/client/deadlines-detail.ts (initWithdraw rewrite + Save
  pending-edit branch)
- frontend/src/client/appointments-detail.ts (withdrawAppointmentRequest
  rewrite + Save pending-edit branch + form-freeze respects
  pendingEditMode)

Out of scope (intentionally):
- Reopening already-deleted approval requests (the destructive path
  stays final).
- Approval-request analytics / metrics.
- Notifying the original approval-requester via channel.

docs/design-inbox-overhaul-2026-05-25.md

@@ -1,848 +0,0 @@
-# Design: /inbox overhaul — project-events feed + filtering + list/cards/calendar toggles
-
-**Task:** t-paliad-249
-**Gitea:** m/paliad#80
-**Author:** icarus (inventor)
-**Date:** 2026-05-25
-**Status:** LOCKED — head confirmed Q1=A with two refinements (2026-05-25), see §12.
-**Branch:** `mai/icarus/inventor-inbox-overhaul`
-
----
-
-## 0. TL;DR
-
-`/inbox` today is approval-requests only. m wants it to become the actual
-"what's new on my projects" surface — approval requests **plus** recent
-project_events on visible projects — with the same view-toggle paradigm
-as `/events` (list / cards / calendar) and a meaningful filter row.
-
-The good news: the substrate already exists.
-
-- `view_service.RunSpec` unions four sources (deadline, appointment,
-  **project_event**, **approval_request**) into one ranked `[]ViewRow`.
-- `FilterSpec` has predicates for every axis we need
-  (`ProjectEventPredicates.EventTypes`, `ApprovalRequestPredicates`).
-- `filter-bar` knows the axes we need: `time`, `project`,
-  `approval_viewer_role`, `approval_status`, `approval_entity_type`,
-  `project_event_kind`, plus `shape` / `sort` / `density`.
-- Shape renderers exist: `shape-list` (table + compact + approval), `shape-cards`
-  (day-grouped), `shape-calendar` (thin adapter on `mountCalendar`).
-
-So the work is **mostly re-mix**:
-
-1. Extend `InboxSystemView` from `Sources=[ApprovalRequest]` to
-   `Sources=[ApprovalRequest, ProjectEvent]`, default
-   `Time.Horizon=Past30d`, and add a curated `project_event.event_types`
-   default that filters out noise (approvals duplicate-suppression,
-   checklist mutations, status churn).
-2. Extend `shape-list.ts` so `row_action="approve"` no longer assumes
-   every row is an approval — rename it `"inbox"`, dispatch per
-   `row.kind` (approval → existing approve-card layout; project_event →
-   navigate-style stream row).
-3. Wire the existing view-axis selector (the chip cluster on `/events`)
-   onto `/inbox`'s host, persisting selection via the filter-bar URL
-   codec (axis `shape` already in `AxisKey`).
-4. Add a high-watermark read cursor (`paliad.users.inbox_seen_at`) +
-   `POST /api/inbox/mark-all-seen` + extend `/api/inbox/count` to count
-   unseen project_events too. Adds one new axis `unread_only` to the bar.
-
-That's Slice A. Slice B layers cards + calendar toggles cleanly. Slice C
-is per-item dismissal — keep out of v1 unless the cursor proves not
-enough (m's pick Q3 is the cursor).
-
-No new aggregation service, no new endpoint family — the inbox runs on
-`/api/views/inbox/run` like every other system view does today.
-
----
-
-## 1. Current `/inbox` state
-
-**Routes (`internal/handlers/approvals.go`):**
-
-| Path                                  | Behaviour                                                    |
-|---------------------------------------|--------------------------------------------------------------|
-| `GET /inbox`                          | Serves `dist/inbox.html`, a thin shell. No SSR data.         |
-| `GET /api/inbox/pending-mine`         | Approval requests I can approve.                              |
-| `GET /api/inbox/mine`                 | Approval requests I submitted (all statuses by default).      |
-| `GET /api/inbox/count`                | `{count: N}` for the sidebar bell badge — `PendingCountForUser`. |
-| `GET /api/approval-requests/{id}`     | Hydrate one request (used by suggest-changes modal).          |
-| `POST /api/approval-requests/{id}/{action}` | `approve` / `reject` / `revoke` / `suggest-changes`.    |
-
-**Data path:** `frontend/src/client/inbox.ts` mounts the universal
-`FilterBar` over the inbox `SystemView` (slug `"inbox"`, sources
-`[approval_request]`, viewer_role `any_visible`, status `[pending]`).
-The bar fetches `/api/views/system`, hands the spec to itself, calls
-`/api/views/inbox/run?…`, and stamps rows via `shape-list.ts`'s
-`renderApprovalList(rows)` path (gated by `row_action="approve"`).
-
-**Action wiring:** `wireApprovalActions(host)` listens on
-`.views-approval-action` clicks; on success it triggers
-`bar.refresh()` and `refreshInboxBadge()` (which pokes
-`/api/inbox/count`).
-
-**Empty state + admin nudge:** when the result list is empty AND the
-caller is `global_admin` AND no `approval_policies` row exists firm-wide,
-the page shows a "configure policies" CTA. Otherwise the localized
-"no items" empty-state text.
-
-**Sidebar bell:** `Sidebar.tsx:143` `navItem("/inbox", BELL_ICON, …)`
-plus `client/sidebar.ts:320–345`'s `initInboxBadge` which polls
-`/api/inbox/count` every 60s. Badge clamps to `"9+"`.
-
-### What aggregates cleanly
-
-The whole approval flow already plugs into `RunSpec`'s union pipeline.
-That's the win — extending sources from `[ApprovalRequest]` to
-`[ApprovalRequest, ProjectEvent]` is a `[]DataSource` literal edit in
-`InboxSystemView()` and the engine fans out per source, sorts, returns
-one `[]ViewRow`. The hard work (`runProjectEvents` + the
-visibility predicate + project metadata join) is already in
-`view_service.go:344–430`.
-
-### What doesn't aggregate (yet)
-
-- **Read state.** There is no `inbox_seen_at` on `paliad.users` (verified
-  via information_schema). The bell badge counts pending **approval
-  requests for the caller** only — it has no notion of "new project
-  events since last visit". We have to add it.
-- **Mixed `row_action`.** `shape-list.ts`'s `renderApprovalList` assumes
-  every row is an approval and unconditionally parses
-  `row.detail` as an `ApprovalDetail`. Project_event rows in the same
-  list would crash the parse. We need to branch per `row.kind` inside
-  the inbox row stamper.
-- **`/inbox` shape toggle.** `client/inbox.ts` hardcodes `shape-list`;
-  the `shape` axis is wired into `filter-bar/axes.ts` but `/inbox`'s
-  `INBOX_AXES` deliberately omits it (because today the only meaningful
-  shape was list). Adding it onto INBOX_AXES + a small dispatcher in
-  `onResult` gives us cards + calendar for free.
-
-Everything else (sidebar entry, /api/views machinery, FilterBar URL
-codec, RowAction validation) carries through unchanged.
-
----
-
-## 2. Event-type catalogue for inbox v1 (Q1)
-
-This is the only design pick that requires a head/m signal. **Open
-question Q1 in §9 — defaulting to (A) until head answers.**
-
-### (R) Recommendation (A): curated subset
-
-Sources: `[approval_request, project_event]`.
-
-**Approval requests:** all rows whose `viewer_role=any_visible` AND
-status ∈ {pending} by default; the existing chip cluster
-(approver_eligible / self_requested / any_visible) stays. Decided
-requests are filtered by the chip, not hidden by source-removal — so a
-user who wants to see "what got approved this week" toggles the status
-chip rather than the source.
-
-**Project events:** filter by `event_type ∈ InboxProjectEventKinds`
-where InboxProjectEventKinds is a new sub-list of KnownProjectEventKinds:
-
-| event_type              | In inbox v1? | Reason                                                              |
-|-------------------------|--------------|---------------------------------------------------------------------|
-| `project_created`       | no           | The author already saw the page; not news to the team yet (the team grows post-creation). |
-| `project_archived`      | **yes**      | High-signal lifecycle event ("Akte XY wurde archiviert").           |
-| `project_reparented`    | **yes**      | Hierarchy moves matter to everyone with access.                     |
-| `project_type_changed`  | **yes**      | Same reason.                                                        |
-| `status_changed`        | no           | Currently too granular; surface in Verlauf, revisit if m disagrees. |
-| `deadline_created`      | **yes**      | New deadline on a project I can see — exactly the kind of event m named ("we should also display new events"). |
-| `deadline_completed`    | **yes**      | Likewise.                                                           |
-| `deadline_reopened`     | **yes**      | Likewise.                                                           |
-| `deadline_updated`      | **yes**      | Currently in DB (11 rows live) but not in KnownProjectEventKinds — add it. |
-| `deadline_deleted`      | **yes**      | Likewise — add to KnownProjectEventKinds.                           |
-| `deadlines_imported`    | **yes**      | Bulk-import event surfaces what got added.                          |
-| `appointment_created`   | **yes**      |                                                                     |
-| `appointment_updated`   | **yes**      |                                                                     |
-| `appointment_deleted`   | **yes**      |                                                                     |
-| `note_created`          | **yes**      | A note is "someone said something about this project". High-signal; add to KnownProjectEventKinds. |
-| `our_side_changed`      | **yes**      | Party-side flip; high-signal, add to KnownProjectEventKinds.        |
-| `member_role_changed`   | no           | Admin churn; would dominate active users' inbox. Revisit slice B. |
-| `*_approval_requested`  | **no — de-duped** | The approval_request row itself carries the signal; the audit event is the same fact in a different table. Filtering it out avoids duplicate inbox entries. |
-| `*_approval_approved/rejected/revoked` | **no — de-duped** | Same reason. The approval_request row's status flip is what the user sees. |
-| `*_approval_changes_suggested` | **no — de-duped** | Same. |
-| `approval_decided`      | no           | This is the umbrella audit-only kind; superseded by the approval_request row. |
-| `checklist_*`           | no           | Low signal; checklists are surfaced on the project's checklist page. |
-
-The de-dup pattern means: if a row exists in `approval_requests` for an
-entity, the corresponding `*_approval_*` project_event is **not** shown
-in the inbox — we trust the approval_request row.
-
-### Alternative (B): everything in KnownProjectEventKinds + approvals
-
-Simpler — no curated sub-list, no de-dup. Two drawbacks:
-
-1. `*_approval_*` duplicates would render twice per request.
-2. `status_changed` and `member_role_changed` are admin churn; in firm
-   tests both would dominate.
-
-If head picks B, we need at minimum the `*_approval_*` de-dup; otherwise
-the inbox renders the same fact twice.
-
-### Alternative (C): minimal — approvals + appointment_* + deadline_*
-
-Tightest set. Drops notes + our_side_changed + project_*. Risk: m's
-brief literally says "new events that relate to one's projects" — notes
-and side changes ARE such events. C feels too narrow.
-
----
-
-## 3. Read/unread model (Q3 → R: high-watermark cursor)
-
-### (R) Decision: per-user high-watermark `inbox_seen_at`
-
-**Schema:**
-
-```sql
-ALTER TABLE paliad.users
-    ADD COLUMN inbox_seen_at timestamptz NULL;
-```
-
-NULL means "never visited" → everything counts as unread. The high-water
-cursor advances exactly when the user POSTs to
-`/api/inbox/mark-all-seen` (UI affordance: a button in the inbox header
-+ implicit advance on page-mount, see Slice A wiring below).
-
-### Why cursor, not per-item
-
-m's recommendation: cursor. Mine matches: single column, no fan-out
-table, covers the common case ("I checked my inbox, mark everything
-read"). Per-item dismiss is Slice C — opt-in only if the cursor proves
-inadequate. The risk we're guarding against: a single high-value pending
-approval that's a week old gets buried by 80 fresh deadline_updated
-events; the user clears the badge and may now never look at the
-approval. Mitigation: **approval_requests with status=pending never
-fall behind the cursor** — they count toward the badge regardless of
-seen_at. This is a tiny conditional in the count query (Slice A).
-
-### Cursor advance behaviour
-
-- **Explicit:** "Alles als gelesen markieren" button in the inbox
-  header. POSTs `/api/inbox/mark-all-seen`; server sets
-  `inbox_seen_at = now()`.
-- **Implicit:** when the page mounts AND the bar surfaces at least one
-  row that's newer than the current cursor, the *new* cursor is
-  remembered locally as the timestamp of the **newest visible row**.
-  We do **not** auto-advance the server cursor on mount — too easy to
-  lose items behind a stray pageview. The "neu" highlight on rows
-  newer than the saved cursor is the silent UX. Explicit click is the
-  one and only path to clearing the badge.
-
-### `unread_only` axis
-
-New filter-bar axis (Slice A):
-
-```ts
-// types.ts
-unread_only?: boolean;
-```
-
-When `true`, the bar overlays a FilterSpec predicate:
-`row.event_date > inbox_seen_at` (substrate-side filter; for project_events
-that's `pe.created_at > $cursor`, for approval_requests that's
-`requested_at > $cursor` OR `status='pending'` per the carve-out above).
-
-Default: **unread_only=true** for first paint (per Slice A — landing on
-the inbox shows you what's new). The "Alle" chip flips it off so the
-user can see history.
-
----
-
-## 4. Filter contract
-
-The bar surfaces these axes on `/inbox` (`INBOX_AXES` constant in
-`client/inbox.ts`):
-
-| Axis                     | Why on /inbox                                                        | New? |
-|--------------------------|----------------------------------------------------------------------|------|
-| `time`                   | "Last 30 days" (default) with chip cluster + "Älter anzeigen" .       | already |
-| `project`                | Single-select autocomplete from visible projects.                    | already |
-| `approval_viewer_role`   | "Zur Genehmigung" / "Eigene Anfragen" / "Alle sichtbaren".            | already |
-| `approval_status`        | pending / approved / rejected / revoked / changes_requested.         | already |
-| `approval_entity_type`   | Frist / Termin (chip pair).                                          | already |
-| `project_event_kind`     | Chip cluster over InboxProjectEventKinds.                            | already |
-| **`unread_only`**        | Boolean toggle ("Nur ungelesen" / "Alle"); defaults to ungelesen.    | **Slice A new axis** |
-| `shape`                  | list / cards / calendar.                                             | already in `AxisKey`, not yet on `/inbox` |
-| `sort`                   | Newest first (default) / oldest first.                               | already |
-| `density`                | comfortable / compact.                                               | already |
-
-**Default landing state** for a brand-new pageview:
-`?time=past_30d&unread_only=true&a_status=pending&shape=list&sort=date_desc`.
-
-Bookmarks from older clients (e.g. the legacy `?tab=pending-mine`)
-still work because `client/inbox.ts:46–58` already applies the legacy
-tab → `a_role` redirect at hydration.
-
-### Source-removal not exposed as an axis
-
-Users do **not** see a "show approvals only / show events only" chip.
-The signal we want is "what's new across my projects"; splitting the
-two via the filter row is busywork. If they want approvals-only they
-chip-pick `project_event_kind` empty + status=any (or future axis pick
-`source=approval_request`). If feedback shows otherwise after Slice A
-ships, we add the axis in Slice B trivially (`Sources` is a
-spec.Sources literal flip).
-
----
-
-## 5. View toggle implementation plan (Q5 → R: list / cards / calendar)
-
-The pattern `/events` uses today (see `frontend/src/events.tsx:107–141`
-for the `<div className="events-view-selector">` block and
-`client/events.ts:617–650` for the `applyView` function):
-
-- One chip cluster `data-event-view="cards|list|calendar"`.
-- Active class toggle.
-- Per-shape `display: none` on the table-wrap / cards-wrap / cal-wrap
-  hosts.
-- For calendar, `mountCalendar()` constructs a month/week/day grid
-  into a dedicated `events-calendar-wrap` host; the handle is destroyed
-  on shape-leave so its URL state doesn't leak into the other shapes.
-
-### Mapping onto /inbox
-
-The cleanest path: **use `filter-bar`'s built-in `shape` axis instead of
-a per-page selector.** The axis already round-trips into the URL via
-`url-codec.ts` and serialises into `RenderSpec.Shape`. `client/inbox.ts`
-just needs:
-
-1. Add `"shape"` to `INBOX_AXES`.
-2. Dispatch in the `onResult` callback by `effective.render.shape`:
-
-   ```ts
-   onResult: (result, effective) => {
-     switch (effective.render.shape) {
-       case "cards":    return paintCards(result.rows, effective.render, ...);
-       case "calendar": return paintCalendar(result.rows, ...);
-       case "list":
-       default:         return paintList(result.rows, effective.render, ...);
-     }
-   }
-   ```
-
-3. The renderers exist already: `renderCardsShape` in
-   `views/shape-cards.ts`, `renderCalendarShape` in
-   `views/shape-calendar.ts`, `renderListShape` in `views/shape-list.ts`.
-   The only piece of new code is the per-shape host-clearing on switch
-   (so we don't leak a stale shape's DOM into the new host).
-
-### Calendar shape — items without dates
-
-Calendar can only render rows with a calendar-mappable date. Today:
-
-- **approval_request:** `requested_at` (timestamp). Maps fine, but
-  shows up as a single point — rendering an approval-request on a month
-  grid is semantically "you got asked on this day". OK for v1.
-- **project_event:** `created_at`. Same shape.
-- **deadline:** `due_date`. Already supported.
-- **appointment:** `start_at`. Already supported.
-
-So every row in the inbox v1 has a calendar position. No
-need to filter rows on calendar-mount. **One caveat:** the calendar
-shape currently doesn't render action affordances (approve/reject) — it
-opens a detail dialog on click. Slice B accepts that: clicking an
-approval row on the calendar opens the inbox-list-style detail in a
-modal (re-using the existing per-row /api/approval-requests/{id}
-fetch). Out of scope for Slice A.
-
-### Cards shape — day-grouped chronological cards
-
-`shape-cards.ts` groups by day and renders one card per row, with
-title + meta + actor. The approval-card layout there is the standard
-card (no approve buttons — same caveat as calendar). For Slice B, we
-extend `shape-cards.ts` to detect `row.kind === "approval_request"
-&& row.detail.status === "pending"` and stamp the approve/reject button
-strip inline. The DOM template is the same as
-`shape-list.ts:renderApprovalRow`, so most of the work is hoisting that
-template into a shared util.
-
----
-
-## 6. Backend aggregation service (Q6 → R: reuse RunSpec)
-
-**Decision: do not build a new aggregation service.** The
-substrate-level work is exactly two edits:
-
-### 6.1 InboxSystemView (system_views.go:103–144)
-
-```go
-func InboxSystemView() SystemView {
-  return SystemView{
-    Slug: "inbox",
-    Name: "Inbox",
-    Filter: FilterSpec{
-      Version: SpecVersion,
-      Sources: []DataSource{
-        SourceApprovalRequest,
-        SourceProjectEvent,
-      },
-      Scope: ScopeSpec{Projects: ScopeProjects{Mode: ScopeAllVisible}},
-      Time:  TimeSpec{Horizon: HorizonPast30d, Field: FieldAuto},
-      Predicates: map[DataSource]Predicates{
-        SourceApprovalRequest: {ApprovalRequest: &ApprovalRequestPredicates{
-          ViewerRole: "any_visible",
-          Status:     []string{"pending"}, // default; bar can override
-        }},
-        SourceProjectEvent: {ProjectEvent: &ProjectEventPredicates{
-          EventTypes: InboxProjectEventKinds, // curated subset
-        }},
-      },
-    },
-    Render: RenderSpec{
-      Shape: ShapeList,
-      List: &ListConfig{
-        Density:   DensityComfortable,
-        Sort:      SortDateDesc, // newest first — different from today's date_asc
-        RowAction: RowActionInbox, // new — see §6.3
-      },
-    },
-  }
-}
-```
-
-Curated sub-list lives in `filter_spec.go` next to KnownProjectEventKinds:
-
-```go
-var InboxProjectEventKinds = []string{
-  "project_archived", "project_reparented", "project_type_changed",
-  "deadline_created", "deadline_completed", "deadline_reopened",
-  "deadline_updated", "deadline_deleted", "deadlines_imported",
-  "appointment_created", "appointment_updated", "appointment_deleted",
-  "note_created", "our_side_changed",
-}
-```
-
-(With Q1 pick A locked. If head picks B, drop the InboxProjectEventKinds
-list and remove the `EventTypes` predicate. If head picks C, narrow the
-list to deadline_* + appointment_* only.)
-
-KnownProjectEventKinds in `filter_spec.go:186` needs **additions** so
-`note_created`, `our_side_changed`, `deadline_updated`, `deadline_deleted`,
-`deadlines_imported` are valid filter values — without this the
-validator rejects the InboxSystemView spec. Migrate this list at the
-same time. (`event_categories` and similar grouping infra are already
-covered by `event_category_service.go` and won't move.)
-
-### 6.2 Approval-duplicate suppression
-
-In `view_service.runProjectEvents` (or in a tiny new predicate helper),
-skip `event_type LIKE '%_approval_%'` when source-set includes
-ApprovalRequest. This avoids the double-count described in Q1 §2.
-
-Implementation: extend `allowedProjectEventKinds` (view_service.go:649) to
-auto-drop the `*_approval_*` strings when the same RunSpec already
-fans out the approval_request source. One conditional, six lines.
-
-### 6.3 Mixed-row row_action
-
-`shape-list.ts` today: `row_action="approve"` → calls
-`renderApprovalList(rows)` which assumes every row is an approval.
-Need a new value:
-
-```go
-// render_spec.go
-const RowActionInbox ListRowAction = "inbox"
-```
-
-And register it in `KnownRowActions`.
-
-Frontend (`shape-list.ts`):
-
-```ts
-if (rowAction === "inbox") {
-  host.appendChild(renderInboxList(sorted));
-  return;
-}
-```
-
-Where `renderInboxList(rows)`:
-
-- approval_request rows → existing `renderApprovalRow(row)` template (the
-  per-row factor-out from `renderApprovalList`).
-- project_event rows → a new `renderProjectEventRow(row)` template:
-  timestamp + actor + title + project chip + optional "Öffnen" link
-  to the underlying entity (deadline / appointment / note / project
-  detail). Modelled on the Verlauf row in
-  `client/projects-detail.ts:651–700` (`.entity-event` markup).
-
-This makes the inbox stamping kind-aware. The
-existing `wireApprovalActions` continues to find buttons via class
-`.views-approval-action` and works unchanged.
-
-### 6.4 Endpoints — what's new vs reused
-
-| Path                                | Behaviour                                                | Slice |
-|-------------------------------------|----------------------------------------------------------|-------|
-| `GET /api/views/inbox/run`          | **Already exists** — fans the InboxSystemView spec.     | A reuse |
-| `GET /api/inbox/count`              | **Behaviour change:** count includes unread project_events on visible projects + pending approval_requests (the latter regardless of cursor). | A |
-| `POST /api/inbox/mark-all-seen`     | New. Sets `users.inbox_seen_at = now()` for the caller.  | A |
-| `GET /api/inbox/pending-mine`       | **Keep** — backwards-compat for clients (sidebar bell may still use it). | unchanged |
-| `GET /api/inbox/mine`               | **Keep** — used by the saved view `inbox-mine`.         | unchanged |
-
-The two `/api/inbox/{pending-mine,mine}` endpoints stay because they're
-narrower-than-RunSpec optimisations and used by the dashboard's
-`loadInboxSummary`. No reason to remove them.
-
-### 6.5 InboxSummary on the dashboard (out of scope, but flag)
-
-`DashboardData.InboxSummary` (dashboard_service.go:89) currently counts
-only pending approvals. If Slice C extends the badge count to include
-unread project_events, the dashboard widget also needs to swap
-`PendingCountForUser` for the new unified count — keep this as a small
-follow-up after Slice A ships and the cursor semantics are proven.
-
----
-
-## 7. Slice plan
-
-### Slice A — Project-event aggregation + read cursor + list view
-
-**Goal:** /inbox shows pending approvals + curated project_events for
-visible projects in the last 30 days, with the new "Nur ungelesen"
-toggle. List view only.
-
-Tasks:
-
-1. **Migration `NNN_inbox_seen_at.up.sql`:**
-   `ALTER TABLE paliad.users ADD COLUMN inbox_seen_at timestamptz NULL;`
-2. **`filter_spec.go`:** extend `KnownProjectEventKinds` (add
-   `note_created`, `our_side_changed`, `deadline_updated`,
-   `deadline_deleted`, `deadlines_imported`). Add
-   `InboxProjectEventKinds` (curated subset, Q1=A).
-3. **`system_views.go`:** rewrite `InboxSystemView` per §6.1 with
-   both sources, `HorizonPast30d`, `SortDateDesc`,
-   `RowAction=RowActionInbox`.
-4. **`render_spec.go`:** add `RowActionInbox`, register in
-   `KnownRowActions`.
-5. **`view_service.go`:** in `runProjectEvents`, auto-drop
-   `*_approval_*` event_types when ApprovalRequest is in
-   `spec.Sources` (§6.2).
-6. **`approvals.go`:**
-   - New handler `handleInboxMarkAllSeen` →
-     `UPDATE paliad.users SET inbox_seen_at = now() WHERE id = $1`.
-   - Modify `handleInboxCount` to return
-     `pending_approvals_count + unread_project_events_count`. SQL
-     in approval_service.go: one new method
-     `UnseenInboxCountForUser(userID)` returning that union. Keep
-     `PendingCountForUser` (dashboard still uses it).
-7. **`shape-list.ts`:** factor `renderApprovalRow(row)` out of
-   `renderApprovalList`. Add `renderInboxList(rows)` that dispatches
-   per `row.kind`. Wire `row_action="inbox"` to it.
-8. **`client/inbox.ts`:**
-   - Add the `unread_only` axis to `INBOX_AXES` and wire to a FilterSpec
-     overlay (sub-spec `Time.Horizon=Past30d` AND
-     filter predicate "newer than cursor OR pending-approval").
-   - Render "Alles als gelesen markieren" button in the page header
-     (in `inbox.tsx`); on click POST `/api/inbox/mark-all-seen`,
-     refresh bar + badge.
-   - Listen for cursor update (server response) and refresh.
-9. **Sidebar badge (`client/sidebar.ts:initInboxBadge`):** unchanged code
-   path, but the new server count includes project_events. Add no client
-   changes for v1 — server returns the wider count.
-10. **i18n:** new keys —
-    - `inbox.title.feed` ("Inbox") replaces "Genehmigungen" in the page
-      header (since the page is now more than approvals).
-    - `inbox.subtitle.feed` ("Neuigkeiten zu Ihren Projekten und offene
-      Genehmigungen.").
-    - `inbox.action.mark_all_seen` ("Alles als gelesen markieren").
-    - `inbox.axis.unread_only.on/off`.
-    - `inbox.empty.feed` ("Keine Neuigkeiten in den letzten 30 Tagen.").
-    - `views.col.event_kind` (for the kind column in
-      table-density list).
-    - DE primary, EN secondary, both in `i18n.ts`.
-11. **Tests:** `system_views_test.go` covers the
-    InboxSystemView spec shape; new test for the de-dup helper in
-    view_service. `approval_service_test.go` adds tests for the new
-    `UnseenInboxCountForUser` method. New
-    `inbox_seen_at_test.go` covers the cursor migration + the POST
-    handler.
-12. **Verify** the page renders for a sample user with both event types
-    visible, "Nur ungelesen" toggles correctly, mark-all-seen clears the
-    badge, the project-events deduplicate against approval requests.
-
-### Slice B — Cards + calendar shape toggles
-
-**Goal:** `?shape=cards` and `?shape=calendar` work on /inbox; users can
-switch via the bar's shape chip. Approval rows on cards/calendar are
-*read-only* (open detail modal on click; no inline approve/reject).
-
-Tasks:
-
-1. **`client/inbox.ts`:** add `"shape"` to `INBOX_AXES`. Add the
-   per-shape host divs to `inbox.tsx` (one for cards, one for calendar)
-   matching the `/events` pattern. Implement `onResult` dispatch.
-2. **`shape-cards.ts`:** when `row.kind==="approval_request"` AND
-   `row.detail.status==="pending"`, stamp the approval row template
-   inline. Hoist the template out of `shape-list.ts` if reuse pays.
-3. **`shape-calendar.ts`:** approval_request rows render as date-point
-   chips; click opens a detail modal. The modal reuses the existing
-   `approval-edit-modal` for suggest-changes when the user is the
-   approver; otherwise a read-only summary.
-4. **CSS:** ensure `.entity-event` and `.views-approval-row` markup
-   coexist on the cards view without z-index clashes; lightweight
-   targeting via `.views-cards-list[data-surface="inbox"]`.
-5. **Tests:** shape toggle persistence via URL codec (already covered
-   in `url-codec.test.ts`; add one inbox-surface case).
-
-### Slice C — Badge upgrade + per-item dismiss (deferred)
-
-**Goal:** sidebar badge reflects unified count; per-item dismiss for
-power-users.
-
-Tasks:
-
-1. **`paliad.inbox_dismissals` table** —
-   `(user_id, source, row_id, dismissed_at)` PK `(user_id, source, row_id)`.
-   "source" is `approval_request` / `project_event`; "row_id" is the
-   row's UUID. New endpoint `POST /api/inbox/dismiss` body
-   `{source, row_id}`. RunSpec for inbox subtracts dismissed rows.
-2. **`/api/inbox/count`:** subtract dismissed rows from the count.
-3. **Dashboard widget:** `DashboardData.InboxSummary` swaps to a new
-   `UnifiedInboxSummary` that mirrors the page count. Backwards-compat
-   JSON: keep old fields, add `total_count` and `top_unified`.
-4. **Empty-state:** "Alle Einträge gelesen — gut gemacht."
-5. **Optional `member_role_changed` etc.:** if Slice A surfaces that
-   one of the excluded event_types is actually wanted, this slice opens
-   up `InboxProjectEventKinds` accordingly.
-
-### Why Slice A alone is shippable
-
-Slice A delivers m's full ask except the cards/calendar views — which
-are aesthetic shape toggles, not data changes. Slice A gives:
-
-- Inbox feed across approvals + project_events for visible projects
-- Project / type / time / read-state filters
-- Newest-first list with mark-all-seen
-- Sidebar badge reflects unified unread count (server-side)
-
-Slice B + C are layer cake on top with no schema or substrate changes.
-
----
-
-## 8. Out of scope
-
-- **Push notifications.** Telegram / WhatsApp / email — different
-  channel concerns, separate design.
-- **Cross-user inbox views.** No "admin sees others' inboxes" in v1.
-- **Pinning / starring items.** Not in m's ask. If feedback after Slice
-  A wants it, opens its own design.
-- **Paliadin chat unread.** Not part of project_events; paliadin lives
-  in its own pane. Slice C could surface a banner if asked.
-- **Replacement of the existing /api/inbox/{pending-mine,mine} endpoints.**
-  They stay because the dashboard's `loadInboxSummary` uses them and
-  no benefit to consolidating.
-- **Detail-page changes.** Clicking a project_event row in the inbox
-  navigates to the existing entity detail page (deadline, appointment,
-  note); we don't build a new "event detail" view.
-- **InboxSummary on the dashboard.** Out of Slice A. Slice C upgrades
-  it; for now the widget keeps showing approval-only.
-
----
-
-## 9. Open questions for m
-
-Defaulted to (R) per the inventor protocol — only **Q1** is escalated
-to head for explicit confirmation because it changes the
-inbox's surface area. Everything else falls to the recommended pick
-unless head/m flag otherwise.
-
-**Q1 — Event-type catalogue (material pick, head answered):**
-**LOCKED = A** (curated subset with `*_approval_*` de-dup). Head added
-`member_role_changed` to the curated list with a Slice B narrowing
-follow-up + a coarser `inbox_focus` chip cluster on the bar. Full
-decision recorded in §12.
-
-**Q2 — Time window:** (R) Past30d default + chip cluster
-(today / past_7d / past_30d / past_90d / any) + custom range via the
-existing time picker. Locked unless head overrides.
-
-**Q3 — Read/unread model:** (R) High-watermark cursor
-(`users.inbox_seen_at`). Pending approval_requests carry forward even
-when older than the cursor — guards against burying a high-value
-approval. Per-item dismiss is Slice C, opt-in. Locked.
-
-**Q4 — Filters surfaced on the bar:** (R) time / project /
-approval_viewer_role / approval_status / approval_entity_type /
-project_event_kind / unread_only / shape / sort / density. Locked
-unless head wants `source` (approvals-only vs events-only chip)
-added — defaulting to "not in v1".
-
-**Q5 — View toggle parity with /events:** (R) list (default — newest
-first) / cards (day-grouped) / calendar (date-point). Wired via the
-filter-bar's existing `shape` axis, not a per-page selector. Locked.
-
-**Q6 — Architecture:** (R) Reuse `view_service.RunSpec` with both
-sources in the InboxSystemView spec; no new aggregation service.
-Approval-event de-dup applied in `runProjectEvents`. Locked.
-
-**Q7 — Notification badge:** (R) Yes — Slice A makes the existing
-`/api/inbox/count` return the unified unread count; sidebar badge
-client unchanged. Locked.
-
-**Q8 — Acknowledgement flow:** (R) Approval rows keep
-approve/reject/revoke buttons inline (list shape only). project_event
-rows have no inline action — click row → navigate to the underlying
-entity. Cursor advance is via "Alles als gelesen markieren" only —
-no per-row mark-read in v1. Locked.
-
-**Q9 — Empty-state copy:** (R) "Keine Neuigkeiten in den letzten 30
-Tagen." (DE primary) / "No updates in the last 30 days." (EN). The
-existing admin nudge for unseeded approval_policies stays untouched.
-Locked.
-
----
-
-## 10. Risks + mitigations
-
-- **Performance.** `runProjectEvents` reads up to LIMIT 500 rows per
-  user-call; with two sources unioned + 30-day window + visibility
-  predicate this should stay under 50ms on the live shape (project
-  count ~100, events/day low double digits). If
-  it doesn't, partial index hint: `paliad.project_events (created_at DESC)
-  WHERE event_type IN (curated list)` — Slice A optional, add if
-  EXPLAIN shows a seq scan in dev.
-- **De-dup correctness.** Suppressing `*_approval_*` events in the
-  project_event source relies on the approval_request row being the
-  authoritative signal. **Edge case:** a request gets revoked, then
-  re-requested — both audit events exist. Both correspond to a single
-  approval_request row at any moment (the latter via the partial-index
-  upsert). De-dup stays valid.
-- **Cursor advance race.** If two browser tabs both POST mark-all-seen,
-  the second wins (now() wins). Acceptable. If a user reads in tab A
-  then clicks an item in tab B that was created between the two reads,
-  tab A's "Alles als gelesen" advances past that newer item without
-  the user seeing it. Mitigation: server-side, `mark-all-seen` accepts
-  an optional `?up_to=<iso>` so the client can pin to the timestamp of
-  the newest visible row. Slice A wires this.
-- **shape-list factor-out.** Pulling `renderApprovalRow` out of
-  `renderApprovalList` risks regressions on the *current* /inbox. Cover
-  with a snapshot/golden test on the approval row markup in Slice A
-  before the dispatch change.
-- **Sidebar bell badge cap.** Current code clamps at "9+". Once we add
-  project_events, the count can easily exceed 100. Keep the "9+" clamp
-  for visual reasons — but make the page header show the *exact* count
-  ("123 neu") so the user knows what's behind it.
-- **Q1 fallback.** If head doesn't reply before Slice A coder shift
-  starts, the (R) pick A locks. If head later picks B or C, the only
-  change is the `InboxProjectEventKinds` list literal in
-  `filter_spec.go` — no schema impact, no migration change. Cheap to
-  flip.
-
----
-
-## 11. Build/test verify list (Slice A done-when)
-
-1. `make build` clean.
-2. `go test ./...` passes; new tests cover:
-   - InboxSystemView spec shape includes both sources + curated kinds.
-   - `runProjectEvents` drops `*_approval_*` when ApprovalRequest is in spec.
-   - `UnseenInboxCountForUser` returns expected count for cursor and pending-approval combinations.
-   - POST `/api/inbox/mark-all-seen` updates the column.
-   - URL codec round-trip for `unread_only` axis.
-3. Inbox loads at `/inbox` with project-event rows interleaved with
-   approval rows in date-desc order.
-4. "Nur ungelesen" chip toggles between unread (with pending-approval
-   carve-out) and full feed.
-5. "Alles als gelesen markieren" advances cursor; bar refreshes;
-   badge clears (except for any still-pending approvals).
-6. Sidebar bell badge count is the unified number (approval + unread events).
-7. Existing approve/reject/revoke + suggest-changes flows on inbox
-   rows still work unchanged.
-8. `?tab=mine` legacy redirect still hits the right state.
-9. Bilingual labels render (DE/EN toggle).
-
-That's the doneness bar for Slice A.
-
----
-
-## §12 — m's decisions (head 2026-05-25 11:30)
-
-Head replied to the `mai instruct head` escalation; folded in below.
-
-**Q1 (Event-type catalogue): A — locked.** Curated subset with
-`*_approval_*` de-dup. Tracks Verlauf, matches m's framing ("new events
-that relate to one's projects"), avoids double-counting approval audit
-events against the approval_request row.
-
-Locked InboxProjectEventKinds:
-
-- IN: `project_archived`, `project_reparented`, `project_type_changed`,
-  `deadline_created`, `deadline_completed`, `deadline_reopened`,
-  `deadline_updated`, `deadline_deleted`, `deadlines_imported`,
-  `appointment_created`, `appointment_updated`, `appointment_deleted`,
-  `note_created`, `our_side_changed`, **`member_role_changed`**
-  (added by head — see refinement #1).
-- OUT (audit duplicates of approval_requests): every `*_approval_*` event.
-- OUT (too granular / authoring noise): `status_changed`,
-  `project_created`, `checklist_*`.
-
-**Refinement 1 — `member_role_changed` visibility predicate.**
-Head wants this kind included but narrowed: surface the row only when
-the role change applies to the **viewer themselves** or someone above
-them in the project tree (i.e. impacts the viewer's permissions / chain
-of command), not when it's a peer's role changing on a project the
-viewer happens to see.
-
-- Slice A: include `member_role_changed` in
-  `InboxProjectEventKinds` without the narrowing predicate. The row
-  will appear for everyone who can see the project — over-surfacing but
-  not wrong. This keeps Slice A's MVP scope tight.
-- Slice B: add a per-row narrowing filter on top of the inbox source
-  (likely a small extension to `runProjectEvents` that, when
-  `event_type='member_role_changed'`, inspects `metadata.affects_user_id`
-  + walks the project-membership predicate before emitting). The
-  metadata shape is already written by the responsible handler; verify
-  + lock the filter in B.
-
-Q2-Q9 all default to (R) per the inventor protocol.
-
-**Refinement 2 — Filter chip copy.**
-For the visible chip cluster in the bar, head wants user-readable groupings,
-not raw event-kind names. The bar today exposes `project_event_kind`
-as one chip per kind (rendered via the
-`event.title.<kind>` i18n key). For the inbox surface, surface a
-**coarser grouping chip cluster** ahead of that:
-
-- "Genehmigungen" — narrows to `Sources=[approval_request]` only.
-- "Genehmigungen + Termine" — adds appointment_* event_kinds + the
-  approval_entity_type=appointment slice of approvals.
-- "Genehmigungen + Fristen" — adds deadline_* event_kinds + the
-  approval_entity_type=deadline slice of approvals.
-- "Alles" — default; both sources, full curated kinds list.
-
-Implementation: a new axis `inbox_focus` (Slice A, additive — replaces
-the lower-level `project_event_kind` chip's *default visibility* in the
-inbox UI; advanced users still see `project_event_kind` if they expand
-the bar). The four values map to FilterSpec overlays that tweak
-`Sources` + per-source `EventTypes`. Coder owns the exact chip-text
-final copy and the placement (probably first axis in `INBOX_AXES`).
-
-The lower-level `project_event_kind` chip stays in `INBOX_AXES` as an
-advanced override for power users — when active, it overrides the
-`inbox_focus` chip's per-kind defaults.
-
----
-
-### What changes for Slice A as a result
-
-Doc deltas vs the draft text above:
-
-1. **§2 / §6.1:** add `member_role_changed` to InboxProjectEventKinds.
-   Note Slice B narrowing follow-up.
-2. **§4 / §5:** front of the bar gets a new `inbox_focus` axis
-   (4 chips: Alles / Genehmigungen / +Termine / +Fristen). Default
-   "Alles". `project_event_kind` stays available as an advanced chip,
-   visible after the user expands the bar's overflow section.
-3. **§7 Slice A task list:** add task —
-   "**12a.** New `inbox_focus` axis (`filter-bar/types.ts`,
-   `axes.ts`). FilterSpec overlay translates the chip value to a
-   `(Sources, ProjectEventPredicates.EventTypes, ApprovalRequestPredicates.EntityTypes)`
-   triple. URL codec round-trips."
-4. **§11 Slice B done-when:** add — "`member_role_changed` narrowing
-   predicate is in place; rows surface only when the change affects
-   the viewer's permissions chain."
-
-No schema changes from the head's adjustments. The `inbox_focus` axis
-is a pure UI/overlay primitive; nothing about the InboxSystemView spec
-schema moves.

frontend/src/client/appointments-detail.ts

@@ -2,6 +2,7 @@ import { initI18n, t, tDyn, getLang } from "./i18n";
 import { initSidebar } from "./sidebar";
 import { initNotes } from "./notes";
 import { projectIndent } from "./project-indent";
+import { openWithdrawWarningModal } from "./components/withdraw-warning-modal";
 
 interface Appointment {
   id: string;
@@ -25,6 +26,9 @@ interface PendingApprovalRequest {
   requested_at: string;
   required_role: string;
   requester_name?: string;
+  // t-paliad-252 — used by the withdraw warning modal to pick the right
+  // copy (CREATE warns about deletion; UPDATE/COMPLETE about revert).
+  lifecycle_event?: string;
 }
 
 interface Me {
@@ -43,6 +47,10 @@ let project: Project | null = null;
 let allProjects: Project[] = [];
 let pendingRequest: PendingApprovalRequest | null = null;
 let me: Me | null = null;
+// t-paliad-252 — see deadlines-detail.ts. Routes Save to the new
+// /api/approval-requests/{id}/edit-entity endpoint when the user picked
+// "Termin bearbeiten" in the withdraw warning modal.
+let pendingEditMode = false;
 
 function parseAppointmentID(): string | null {
   const parts = window.location.pathname.split("/").filter(Boolean);
@@ -207,10 +215,14 @@ function renderHeader() {
   }
 
   // Freeze the edit form + delete button while a request is in flight.
+  // t-paliad-252 — when the user picked "Termin bearbeiten" in the
+  // withdraw modal, pendingEditMode unfreezes the form so Save can route
+  // to /edit-entity (which keeps the request pending + merges payload).
   const form = document.getElementById("appointment-edit-form") as HTMLFormElement | null;
   if (form) {
+    const freeze = isPending && !pendingEditMode;
     form.querySelectorAll<HTMLInputElement | HTMLSelectElement | HTMLTextAreaElement | HTMLButtonElement>("input, select, textarea, button[type=submit]")
-      .forEach((el) => { el.disabled = isPending; });
+      .forEach((el) => { el.disabled = freeze; });
   }
   const deleteBtn = document.getElementById("appointment-delete-btn") as HTMLButtonElement | null;
   if (deleteBtn) deleteBtn.disabled = isPending;
@@ -263,6 +275,39 @@ async function saveEdit(ev: Event) {
 
   submitBtn.disabled = true;
   try {
+    // t-paliad-252 — pending-edit mode routes through /edit-entity which
+    // keeps the request pending + merges fields into payload. clear_project
+    // and project_id are NOT in the counter-allowlist (yet) — the requester
+    // can't move projects on a pending request from this surface.
+    if (pendingEditMode && pendingRequest) {
+      const editFields = { ...payload };
+      delete editFields.clear_project;
+      const resp = await fetch(
+        `/api/approval-requests/${pendingRequest.id}/edit-entity`,
+        {
+          method: "POST",
+          headers: { "Content-Type": "application/json" },
+          body: JSON.stringify({ fields: editFields }),
+        },
+      );
+      if (resp.ok) {
+        const fresh = await fetch(`/api/appointments/${appointment.id}`);
+        if (fresh.ok) appointment = await fresh.json();
+        await loadPendingRequest();
+        // Exit pending-edit mode so the form re-freezes (still pending).
+        pendingEditMode = false;
+        renderHeader();
+        fillEditForm();
+        msg.textContent = t("appointments.detail.saved");
+        msg.className = "form-msg form-msg-ok";
+      } else {
+        const data = await resp.json().catch(() => ({}) as { error?: string; message?: string });
+        msg.textContent = data.message || data.error || t("appointments.error.generic");
+        msg.className = "form-msg form-msg-error";
+      }
+      return;
+    }
+
     const resp = await fetch(`/api/appointments/${appointment.id}`, {
       method: "PATCH",
       headers: { "Content-Type": "application/json" },
@@ -312,12 +357,37 @@ async function deleteAppointment() {
   }
 }
 
+// t-paliad-252 — withdraw warning modal replaces the old confirm().
+// Returns:
+//   "edit"     → unfreeze the edit form (pending-edit mode); Save will
+//                route through /api/approval-requests/{id}/edit-entity
+//   "withdraw" → destructive: the existing /revoke endpoint
+//   null       → user cancelled
 async function withdrawAppointmentRequest() {
   if (!appointment || !pendingRequest) return;
-  if (!confirm(t("approvals.withdraw.confirm") || "Anfrage wirklich zurückziehen?")) return;
   const btn = document.getElementById("appointment-withdraw-btn") as HTMLButtonElement | null;
   if (btn) btn.disabled = true;
   try {
+    const action = await openWithdrawWarningModal({
+      entityType: "appointment",
+      lifecycleEvent: pendingRequest.lifecycle_event ?? "create",
+    });
+    if (action === null) {
+      if (btn) btn.disabled = false;
+      return;
+    }
+    if (action === "edit") {
+      pendingEditMode = true;
+      if (btn) btn.disabled = false;
+      // renderHeader re-evaluates the freeze and unfreezes the form now
+      // that pendingEditMode is set. Focus the first editable field so the
+      // user can type immediately.
+      renderHeader();
+      const titleEl = document.getElementById("appointment-title-edit") as HTMLInputElement | null;
+      titleEl?.focus();
+      return;
+    }
+    // action === "withdraw" → destructive path.
     const resp = await fetch(`/api/approval-requests/${pendingRequest.id}/revoke`, {
       method: "POST",
       headers: { "Content-Type": "application/json" },
@@ -328,9 +398,12 @@ async function withdrawAppointmentRequest() {
       if (fresh.ok) {
         appointment = await fresh.json();
         await loadPendingRequest();
+        renderHeader();
+        fillEditForm();
+      } else {
+        // CREATE lifecycle: entity gone → back to the list.
+        window.location.href = "/events?type=appointment";
       }
-      renderHeader();
-      fillEditForm();
     } else {
       const data = await resp.json().catch(() => ({}) as { message?: string; error?: string });
       const msg = document.getElementById("appointment-edit-msg")!;

frontend/src/client/components/withdraw-warning-modal.ts

@@ -0,0 +1,149 @@
+// t-paliad-252 / m/paliad#83 — withdraw warning modal.
+//
+// Before t-paliad-252 the deadline + appointment detail pages did a
+// confirm() dialog before POSTing to /api/approval-requests/{id}/revoke.
+// For pending CREATE lifecycles that endpoint silently DELETES the
+// underlying entity row — m's "withdrawing the approval deletes the event"
+// surprise.
+//
+// This modal replaces the confirm() with three explicit paths:
+//
+//   1. Cancel                       — does nothing
+//   2. Termin bearbeiten (primary)  — opens the edit form; saving routes
+//                                     through POST /approval-requests/{id}/
+//                                     edit-entity which keeps the request
+//                                     pending and merges the new fields
+//                                     into approval_request.payload
+//   3. Endgültig zurückziehen +     — destructive; current /revoke
+//      löschen                        behaviour (delete for CREATE, revert
+//                                     for UPDATE/COMPLETE, cancel for
+//                                     DELETE-lifecycle requests)
+//
+// Built on the unified openModal() primitive (t-paliad-217 Slice A) so the
+// three-button row sits cleanly inside the body — the primitive only
+// supports one secondary action, but we paint the destructive button as a
+// separate row above the footer.
+
+import { t } from "../i18n";
+import { openModal } from "./modal";
+
+export type WithdrawAction = "edit" | "withdraw";
+
+export interface WithdrawWarningArgs {
+  // entityType drives the copy ("event" vs "appointment" labels).
+  entityType: "deadline" | "appointment";
+  // lifecycleEvent of the pending request; copy adapts (CREATE warns about
+  // deletion; UPDATE/COMPLETE warn about revert; DELETE warns about
+  // cancelling the deletion request).
+  lifecycleEvent: "create" | "update" | "complete" | "delete" | string;
+}
+
+// openWithdrawWarningModal resolves with the chosen action, or null if the
+// user dismissed via Cancel / Esc / backdrop / browser back-button.
+export async function openWithdrawWarningModal(
+  args: WithdrawWarningArgs,
+): Promise<WithdrawAction | null> {
+  const body = document.createElement("div");
+  body.className = "withdraw-warning-body";
+
+  // Lead paragraph + sub-paragraph adapt to lifecycle so the user always
+  // knows what the destructive button will actually do. The /revoke
+  // backend behaviour:
+  //   - create   → DELETE the entity (the "surprise" m flagged)
+  //   - update   → revert to pre_image
+  //   - complete → revert to pre-complete state
+  //   - delete   → cancel the delete request (entity stays alive)
+  const intro = document.createElement("p");
+  intro.className = "withdraw-warning-intro";
+  intro.textContent = leadCopyFor(args);
+  body.appendChild(intro);
+
+  const sub = document.createElement("p");
+  sub.className = "withdraw-warning-sub muted";
+  sub.textContent = subCopyFor(args);
+  body.appendChild(sub);
+
+  // The destructive button lives inside the body — the openModal primitive
+  // only exposes one secondary button slot, and we want the safe "Edit"
+  // path to be the primary CTA. Painting it in red here, separated from
+  // the footer, signals "this is the dangerous option" without competing
+  // visually with the primary CTA.
+  const destructiveRow = document.createElement("div");
+  destructiveRow.className = "withdraw-warning-destructive-row";
+  const destructiveBtn = document.createElement("button");
+  destructiveBtn.type = "button";
+  destructiveBtn.className = "btn btn-danger withdraw-warning-destructive-btn";
+  destructiveBtn.textContent = t("approvals.withdraw.destructive.label");
+  destructiveRow.appendChild(destructiveBtn);
+  body.appendChild(destructiveRow);
+
+  return new Promise<WithdrawAction | null>((resolve) => {
+    let chosen: WithdrawAction | null = null;
+
+    // The destructive button has to close the modal and return "withdraw".
+    // We need access to the modal's internal close() — fortunately openModal
+    // exposes it via the primary handler's first arg. We pass through the
+    // outer resolve and let the primary handler (Edit) own the close-fn
+    // route. For the destructive button we resolve the outer promise
+    // directly and then synthesise an ESC keypress so the modal dismisses
+    // — or, simpler, set chosen and use the secondary "Cancel" path that
+    // the modal already supports. (openModal's onClose fires on every
+    // dismiss path including the primary handler resolution.)
+    destructiveBtn.addEventListener("click", () => {
+      chosen = "withdraw";
+      // The unified openModal primitive (modal.ts) wires its dismiss path
+      // through the native <dialog>'s `cancel` event. Dispatching it on
+      // the parent <dialog> runs the same finish() → onClose → resolve
+      // sequence as ESC / backdrop. We then map the resolved `null` back
+      // to "withdraw" via the captured `chosen` in onClose below.
+      const dialogEl = body.closest("dialog");
+      dialogEl?.dispatchEvent(new Event("cancel"));
+    });
+
+    void openModal<WithdrawAction>({
+      title: t("approvals.withdraw.modal.title"),
+      body,
+      size: "md",
+      classNames: "withdraw-warning-modal",
+      primary: {
+        label: t("approvals.withdraw.primary.label"),
+        handler: (close) => {
+          chosen = "edit";
+          close("edit");
+        },
+      },
+      secondary: { label: t("approvals.withdraw.cancel") },
+      onClose: () => {
+        // Resolves whatever was chosen via the destructive button OR the
+        // primary handler. ESC / backdrop / secondary clear `chosen` to
+        // null which is the right "cancel" semantics.
+        resolve(chosen);
+      },
+    });
+  });
+}
+
+function leadCopyFor(args: WithdrawWarningArgs): string {
+  switch (args.lifecycleEvent) {
+    case "create":
+      return args.entityType === "appointment"
+        ? t("approvals.withdraw.lead.create.appointment")
+        : t("approvals.withdraw.lead.create.deadline");
+    case "delete":
+      return t("approvals.withdraw.lead.delete");
+    default:
+      // update / complete / unknown → revert semantics
+      return t("approvals.withdraw.lead.update");
+  }
+}
+
+function subCopyFor(args: WithdrawWarningArgs): string {
+  switch (args.lifecycleEvent) {
+    case "create":
+      return t("approvals.withdraw.sub.create");
+    case "delete":
+      return t("approvals.withdraw.sub.delete");
+    default:
+      return t("approvals.withdraw.sub.update");
+  }
+}

frontend/src/client/deadlines-detail.ts

@@ -9,6 +9,7 @@ import {
   type EventType,
   type PickerHandle,
 } from "./event-types";
+import { openWithdrawWarningModal } from "./components/withdraw-warning-modal";
 
 interface Deadline {
   id: string;
@@ -38,6 +39,9 @@ interface PendingApprovalRequest {
   requested_at: string;
   required_role: string;
   requester_name?: string;
+  // t-paliad-252 — used by the withdraw warning modal to pick the right
+  // copy (CREATE warns about deletion; UPDATE/COMPLETE about revert).
+  lifecycle_event?: string;
 }
 
 let eventTypePicker: PickerHandle | null = null;
@@ -69,6 +73,18 @@ let rule: DeadlineRule | null = null;
 let me: Me | null = null;
 let allProjects: Project[] = [];
 let pendingRequest: PendingApprovalRequest | null = null;
+// t-paliad-252 — when the user chose "Edit event" in the withdraw warning
+// modal, the entity is still in approval_status='pending'. Save must POST
+// to /api/approval-requests/{id}/edit-entity (which keeps the request
+// pending + merges the new fields into payload) instead of the regular
+// PATCH /api/deadlines/{id} (which 409s during pending). Cleared on exit
+// from edit mode + after a successful save.
+let pendingEditMode = false;
+
+// pendingEnterEdit — late-bound by initEdit() so the withdraw warning
+// modal handler (initWithdraw) can route into pending-edit mode without
+// duplicating the edit-mode toggle logic.
+let pendingEnterEdit: (() => void) | null = null;
 
 function parseDeadlineID(): string | null {
   const parts = window.location.pathname.split("/").filter(Boolean);
@@ -366,6 +382,7 @@ function initEdit() {
   const etEdit = document.getElementById("deadline-event-types-edit");
   const projectLink = document.getElementById("deadline-project-link") as HTMLAnchorElement;
   const projectEdit = document.getElementById("deadline-project-edit") as HTMLSelectElement | null;
+  const titleDefaultBtn = document.getElementById("deadline-title-default-btn") as HTMLButtonElement | null;
 
   function enterEdit() {
     titleDisplay.style.display = "none";
@@ -381,6 +398,7 @@ function initEdit() {
       projectEdit.style.display = "";
       projectEdit.value = deadline.project_id;
     }
+    if (titleDefaultBtn) titleDefaultBtn.style.display = "";
     saveBtn.style.display = "";
     editBtn.style.display = "none";
     titleEdit.focus();
@@ -399,12 +417,50 @@ function initEdit() {
       projectEdit.style.display = "none";
       projectLink.style.display = "";
     }
+    if (titleDefaultBtn) titleDefaultBtn.style.display = "none";
     saveBtn.style.display = "none";
     editBtn.style.display = "";
+    pendingEditMode = false;
   }
 
+  // t-paliad-252 — expose enterEdit so the withdraw warning modal can
+  // route into pending-edit mode without re-running the edit-button
+  // visibility gate (which hides the button during pending).
+  pendingEnterEdit = () => {
+    pendingEditMode = true;
+    enterEdit();
+  };
+
   editBtn.addEventListener("click", enterEdit);
 
+  // t-paliad-251 Part 4 — Standardtitel button.
+  // Recipe (mirror of computeDefaultTitle in deadlines-new.ts):
+  //   head = event_type label (if exactly one Typ chip is in edit)
+  //       || rule code+name (when deadline carries a rule)
+  //       || "Neue Frist" fallback
+  //   suffix = " — <project.reference>" when not already in head
+  titleDefaultBtn?.addEventListener("click", () => {
+    if (!deadline) return;
+    let head = "";
+    const ids = eventTypePicker?.getIDs() ?? deadline.event_type_ids ?? [];
+    if (ids.length === 1) {
+      const et = eventTypeByID.get(ids[0]);
+      if (et) head = eventTypeLabel(et);
+    }
+    if (!head && rule) {
+      const code = rule.rule_code || rule.code || "";
+      head = code ? `${code} — ${rule.name}` : rule.name;
+    }
+    if (!head && deadline.rule_code) {
+      head = deadline.rule_code;
+    }
+    if (!head) head = t("deadlines.field.title.default_fallback");
+    const ref = project?.reference?.trim() || "";
+    if (ref && !head.includes(ref)) head = `${head} — ${ref}`;
+    titleEdit.value = head;
+    titleEdit.focus();
+  });
+
   saveBtn.addEventListener("click", async () => {
     if (!deadline) return;
     const newTitle = titleEdit.value.trim();
@@ -424,6 +480,35 @@ function initEdit() {
       if (projectEdit && projectEdit.value && projectEdit.value !== deadline.project_id) {
         payload.project_id = projectEdit.value;
       }
+
+      // t-paliad-252 — pending-edit mode routes through the new endpoint
+      // that updates the entity + merges payload into the still-pending
+      // approval_request. Outside pending-edit mode the regular PATCH
+      // path remains the authoritative one (with its existing 409-on-
+      // pending guard).
+      if (pendingEditMode && pendingRequest) {
+        const resp = await fetch(
+          `/api/approval-requests/${pendingRequest.id}/edit-entity`,
+          {
+            method: "POST",
+            headers: { "Content-Type": "application/json" },
+            body: JSON.stringify({ fields: payload }),
+          },
+        );
+        if (resp.ok) {
+          const fresh = await fetch(`/api/deadlines/${deadline.id}`);
+          if (fresh.ok) deadline = await fresh.json();
+          await loadPendingRequest();
+          render();
+        } else {
+          const body = await resp.json().catch(() => null);
+          const msg = (body && (body.message || body.error))
+            || (t("approvals.withdraw.error") || "Fehler");
+          window.alert(msg);
+        }
+        return;
+      }
+
       const resp = await fetch(`/api/deadlines/${deadline.id}`, {
         method: "PATCH",
         headers: { "Content-Type": "application/json" },
@@ -501,19 +586,39 @@ function initReopen() {
   });
 }
 
-// initWithdraw — t-paliad-160 §C+E. Reuses the existing
-// /api/approval-requests/{id}/revoke endpoint (no new server route
-// needed). After the revoke lands, the entity goes back to
-// approval_status='approved' and the page reloads to refresh the
-// in-memory state cleanly.
+// initWithdraw — t-paliad-160 §C+E + t-paliad-252.
+//
+// Click flow: open the withdraw warning modal (replaces the old
+// confirm()). The modal returns one of:
+//
+//   "edit"     — open the edit form in pending-edit mode; Save calls
+//                /api/approval-requests/{id}/edit-entity which keeps the
+//                request pending + merges the new fields into payload
+//   "withdraw" — destructive: call the existing /revoke endpoint
+//                (DELETE entity for CREATE, revert for UPDATE/COMPLETE,
+//                cancel-delete for DELETE lifecycle)
+//   null       — user cancelled; nothing happens
 function initWithdraw() {
   const btn = document.getElementById("deadline-withdraw-btn") as HTMLButtonElement | null;
   if (!btn) return;
   btn.addEventListener("click", async () => {
     if (!deadline || !pendingRequest) return;
-    if (!window.confirm(t("approvals.withdraw.confirm") || "Anfrage wirklich zurückziehen?")) return;
     btn.disabled = true;
     try {
+      const action = await openWithdrawWarningModal({
+        entityType: "deadline",
+        lifecycleEvent: pendingRequest.lifecycle_event ?? "create",
+      });
+      if (action === null) {
+        btn.disabled = false;
+        return;
+      }
+      if (action === "edit") {
+        btn.disabled = false;
+        pendingEnterEdit?.();
+        return;
+      }
+      // action === "withdraw" → existing destructive path.
       const resp = await fetch(`/api/approval-requests/${pendingRequest.id}/revoke`, {
         method: "POST",
         headers: { "Content-Type": "application/json" },
@@ -521,14 +626,16 @@ function initWithdraw() {
       });
       if (resp.ok) {
         // Re-fetch the entity so approval_status flips back to 'approved'
-        // and the badge / buttons rerender accordingly.
+        // and the badge / buttons rerender accordingly. For CREATE
+        // lifecycle the entity is gone, so the 404 surfaces as a reload.
         const r = await fetch(`/api/deadlines/${deadline.id}`);
         if (r.ok) {
           deadline = await r.json();
           await loadPendingRequest();
           render();
         } else {
-          window.location.reload();
+          // CREATE lifecycle deleted the entity — bounce to the list.
+          window.location.href = "/events?type=deadline";
         }
       } else {
         btn.disabled = false;

frontend/src/client/deadlines-new.ts

@@ -1,4 +1,4 @@
-import { initI18n, t, tDyn } from "./i18n";
+import { initI18n, t, tDyn, getLang } from "./i18n";
 import { initSidebar } from "./sidebar";
 import {
   attachEventTypePicker,
@@ -24,6 +24,10 @@ interface Project {
   reference?: string | null;
   title: string;
   path: string;
+  // t-paliad-251 — used by Type→Rule autofill to narrow rule candidates
+  // to the project's own proceeding. Optional because not every project
+  // is a case/proceeding (clients + matters carry no proceeding type).
+  proceeding_type_id?: number | null;
 }
 
 interface DeadlineRule {
@@ -32,15 +36,32 @@ interface DeadlineRule {
   name: string;
   name_en: string;
   rule_code?: string;
+  proceeding_type_id?: number | null;
+  sequence_order?: number;
   // t-paliad-165 — canonical event_type for this rule's concept,
   // hydrated server-side from paliad.deadline_concept_event_types.
-  // Drives auto-fill of the Typ chip when the user picks this rule.
+  // Drives auto-fill of the Typ chip when the user picks this rule,
+  // AND is inverted to power Typ→Regel auto-fill (t-paliad-251 Part 2):
+  // given a chosen event_type X, candidate rules are those whose
+  // concept_default_event_type_id === X.
   concept_default_event_type_id?: string | null;
 }
 
+interface ProceedingType {
+  id: number;
+  code: string;
+  name: string;
+  name_en?: string;
+  jurisdiction: string;
+  sort_order?: number;
+}
+
 // Rules indexed by id so the Regel-change handler can look up the
 // concept's canonical event_type without re-fetching.
 let rulesByID = new Map<string, DeadlineRule>();
+let allRules: DeadlineRule[] = [];
+let proceedingTypesByID = new Map<number, ProceedingType>();
+let projectsByID = new Map<string, Project>();
 
 // Last event_type the rule auto-filled. Tracked so we can tell whether
 // the picker still reflects the rule's suggestion (replace silently on
@@ -48,6 +69,17 @@ let rulesByID = new Map<string, DeadlineRule>();
 // surface the mismatch warning instead).
 let lastAutoFilledEventTypeID: string | null = null;
 
+// t-paliad-251 — symmetric flag for the inverse direction. Tracks the
+// rule ID we most recently injected as the Auto-derived default for the
+// chosen event_type, so we can replace it silently when the user picks
+// a different type but leave manual rule picks alone.
+let lastAutoFilledRuleID: string | null = null;
+
+// Current sort mode for the Rule select. Persisted to localStorage so
+// repeat-form users don't have to re-pick their preferred ordering.
+type RuleSort = "by_proceeding" | "by_court" | "alpha";
+const RULE_SORT_KEY = "paliad.deadline.rule.sort";
+
 let preselectedProjectID = "";
 
 function esc(s: string): string {
@@ -62,6 +94,20 @@ function showError(msg: string) {
   el.className = "form-msg form-msg-error";
 }
 
+function ruleLabel(r: DeadlineRule): string {
+  const lang = getLang();
+  const name = (lang === "en" && r.name_en) ? r.name_en : r.name;
+  const code = r.rule_code || r.code || "";
+  return code ? `${code} — ${name}` : name;
+}
+
+function proceedingLabel(pt: ProceedingType | undefined): string {
+  if (!pt) return "";
+  const lang = getLang();
+  const name = (lang === "en" && pt.name_en) ? pt.name_en : pt.name;
+  return `${pt.jurisdiction} — ${name}`;
+}
+
 async function loadProjects() {
   const sel = document.getElementById("deadline-project") as HTMLSelectElement;
   const hint = document.getElementById("deadline-project-empty-hint")!;
@@ -69,6 +115,7 @@ async function loadProjects() {
     const resp = await fetch("/api/projects");
     if (!resp.ok) return;
     const projects: Project[] = await resp.json();
+    projectsByID = new Map(projects.map((p) => [p.id, p]));
     if (projects.length === 0) {
       hint.style.display = "";
       hint.innerHTML = `${esc(t("deadlines.field.akte.empty"))} <a href="/projects/new">${esc(t("deadlines.field.akte.empty.link"))}</a>`;
@@ -82,7 +129,7 @@ async function loadProjects() {
       const ref = p.reference || "";
       const indent = projectIndent(p.path);
       options.push(
-        `<option value="${esc(p.id)}"${isSelected}>${indent}${esc(ref)} \u2014 ${esc(p.title)}</option>`,
+        `<option value="${esc(p.id)}"${isSelected}>${indent}${esc(ref)} — ${esc(p.title)}</option>`,
       );
     }
     sel.innerHTML = options.join("");
@@ -91,28 +138,186 @@ async function loadProjects() {
   }
 }
 
+async function loadProceedingTypes() {
+  try {
+    const resp = await fetch("/api/proceeding-types-db");
+    if (!resp.ok) return;
+    const types: ProceedingType[] = await resp.json();
+    proceedingTypesByID = new Map(types.map((pt) => [pt.id, pt]));
+  } catch {
+    /* non-fatal — rule sort falls back to alpha when proceeding-type
+       metadata is missing */
+  }
+}
+
 async function loadRules() {
   // Optional: load rules so user can attach. We pull all rules; small set.
-  const sel = document.getElementById("deadline-rule") as HTMLSelectElement;
   try {
     const resp = await fetch("/api/deadline-rules");
     if (!resp.ok) return;
-    const rules: DeadlineRule[] = await resp.json();
-    rulesByID = new Map(rules.map((r) => [r.id, r]));
-    const opts: string[] = [
-      `<option value="" data-i18n="deadlines.field.rule.none">${esc(t("deadlines.field.rule.none"))}</option>`,
-    ];
-    for (const r of rules) {
-      const code = r.rule_code || r.code || "";
-      const label = code ? `${code} \u2014 ${r.name}` : r.name;
-      opts.push(`<option value="${esc(r.id)}">${esc(label)}</option>`);
-    }
-    sel.innerHTML = opts.join("");
+    allRules = (await resp.json()) as DeadlineRule[];
+    rulesByID = new Map(allRules.map((r) => [r.id, r]));
+    renderRuleSelect();
   } catch {
     /* non-fatal — rule select stays at "no rule" */
   }
 }
 
+// renderRuleSelect rebuilds the Rule <select> from the current sort
+// mode + the cached rule set. Called whenever the user changes the sort
+// dropdown, when the language flips, or after rules + proceeding types
+// finish loading. The "Keine Regel" sentinel always stays at the top.
+function renderRuleSelect(): void {
+  const sel = document.getElementById("deadline-rule") as HTMLSelectElement | null;
+  if (!sel) return;
+  const previous = sel.value;
+
+  const sort = readRuleSort();
+  const opts: string[] = [
+    `<option value="" data-i18n="deadlines.field.rule.none">${esc(t("deadlines.field.rule.none"))}</option>`,
+  ];
+
+  if (sort === "alpha") {
+    const sorted = [...allRules].sort((a, b) => ruleLabel(a).localeCompare(ruleLabel(b)));
+    for (const r of sorted) {
+      opts.push(`<option value="${esc(r.id)}">${esc(ruleLabel(r))}</option>`);
+    }
+  } else if (sort === "by_court") {
+    // Group by proceeding_type.jurisdiction (UPC / EPA / DPMA / DE /
+    // other). Within each group, sort alpha by rule label so the user
+    // can scan a court's rules in stable order.
+    const byJurisdiction = new Map<string, DeadlineRule[]>();
+    for (const r of allRules) {
+      const pt = r.proceeding_type_id ? proceedingTypesByID.get(r.proceeding_type_id) : undefined;
+      const j = pt?.jurisdiction || t("event_types.browse.jurisdiction.none");
+      const list = byJurisdiction.get(j) ?? [];
+      list.push(r);
+      byJurisdiction.set(j, list);
+    }
+    const order = ["UPC", "EPA", "EPO", "DPMA", "DE"];
+    const keys = [...byJurisdiction.keys()].sort((a, b) => {
+      const ai = order.indexOf(a);
+      const bi = order.indexOf(b);
+      if (ai === -1 && bi === -1) return a.localeCompare(b);
+      if (ai === -1) return 1;
+      if (bi === -1) return -1;
+      return ai - bi;
+    });
+    for (const k of keys) {
+      const list = byJurisdiction.get(k)!.sort((a, b) => ruleLabel(a).localeCompare(ruleLabel(b)));
+      opts.push(`<optgroup label="${esc(k === "EPO" ? "EPA" : k)}">`);
+      for (const r of list) {
+        opts.push(`<option value="${esc(r.id)}">${esc(ruleLabel(r))}</option>`);
+      }
+      opts.push(`</optgroup>`);
+    }
+  } else {
+    // by_proceeding — group by proceeding_type, within each preserve the
+    // canonical sequence_order so the user reads "Klageerwiderung →
+    // Replik → Duplik → Verhandlung" in chronological order.
+    const byProceeding = new Map<number | string, DeadlineRule[]>();
+    const noProceedingKey = "__none__";
+    for (const r of allRules) {
+      const k: number | string = r.proceeding_type_id ?? noProceedingKey;
+      const list = byProceeding.get(k) ?? [];
+      list.push(r);
+      byProceeding.set(k, list);
+    }
+    const keys = [...byProceeding.keys()].sort((a, b) => {
+      if (a === noProceedingKey) return 1;
+      if (b === noProceedingKey) return -1;
+      const pa = proceedingTypesByID.get(a as number);
+      const pb = proceedingTypesByID.get(b as number);
+      const sa = pa?.sort_order ?? 9999;
+      const sb = pb?.sort_order ?? 9999;
+      if (sa !== sb) return sa - sb;
+      return (pa?.code ?? "").localeCompare(pb?.code ?? "");
+    });
+    for (const k of keys) {
+      const list = (byProceeding.get(k)!).slice().sort(
+        (a, b) => (a.sequence_order ?? 0) - (b.sequence_order ?? 0),
+      );
+      const pt = typeof k === "number" ? proceedingTypesByID.get(k) : undefined;
+      const groupLabel = pt ? proceedingLabel(pt) : t("deadlines.field.rule.sort.other_proceeding");
+      opts.push(`<optgroup label="${esc(groupLabel)}">`);
+      for (const r of list) {
+        opts.push(`<option value="${esc(r.id)}">${esc(ruleLabel(r))}</option>`);
+      }
+      opts.push(`</optgroup>`);
+    }
+  }
+
+  sel.innerHTML = opts.join("");
+  // Restore previous selection if it still exists in the new order.
+  if (previous && rulesByID.has(previous)) {
+    sel.value = previous;
+  }
+}
+
+function readRuleSort(): RuleSort {
+  try {
+    const raw = localStorage.getItem(RULE_SORT_KEY);
+    if (raw === "by_proceeding" || raw === "by_court" || raw === "alpha") return raw;
+  } catch {
+    /* non-fatal */
+  }
+  return "by_court";
+}
+
+function writeRuleSort(s: RuleSort): void {
+  try {
+    localStorage.setItem(RULE_SORT_KEY, s);
+  } catch {
+    /* non-fatal */
+  }
+}
+
+// resolveAutoRuleForType picks the best-match rule for the chosen event
+// type, scoring by:
+//   1. project's proceeding_type_id (if known) — exact match wins,
+//   2. otherwise event_type.jurisdiction matches the rule's
+//      proceeding's jurisdiction (EPA→EPO canonicalised),
+//   3. otherwise just the first candidate in the canonical ordering.
+//
+// Returns null when no rule maps to this event_type. The caller surfaces
+// this as "no Auto rule available — pick one manually" rather than
+// silently leaving the dropdown stuck on whatever the user picked before.
+function resolveAutoRuleForType(eventTypeID: string, projectID: string): DeadlineRule | null {
+  const candidates = allRules.filter((r) => r.concept_default_event_type_id === eventTypeID);
+  if (candidates.length === 0) return null;
+  if (candidates.length === 1) return candidates[0];
+
+  const project = projectID ? projectsByID.get(projectID) : undefined;
+  if (project?.proceeding_type_id) {
+    const exact = candidates.find((r) => r.proceeding_type_id === project.proceeding_type_id);
+    if (exact) return exact;
+  }
+
+  const et = eventTypesByID.get(eventTypeID);
+  if (et?.jurisdiction && et.jurisdiction !== "any") {
+    const want = et.jurisdiction === "EPO" ? "EPA" : et.jurisdiction;
+    const jurMatch = candidates.find((r) => {
+      const pt = r.proceeding_type_id ? proceedingTypesByID.get(r.proceeding_type_id) : undefined;
+      return pt?.jurisdiction === want;
+    });
+    if (jurMatch) return jurMatch;
+  }
+
+  return candidates[0];
+}
+
+let preselectedProjectIDLocal = "";
+
+function initBackLinks() {
+  if (preselectedProjectID) {
+    const back = document.getElementById("deadline-new-back") as HTMLAnchorElement;
+    const cancel = document.getElementById("deadline-new-cancel") as HTMLAnchorElement;
+    back.href = `/projects/${preselectedProjectID}/deadlines`;
+    cancel.href = `/projects/${preselectedProjectID}/deadlines`;
+  }
+  preselectedProjectIDLocal = preselectedProjectID;
+}
+
 // t-paliad-165 follow-up — drive the collapsed/expanded view of the Typ
 // picker. The two modes are mutually exclusive:
 //
@@ -140,8 +345,14 @@ function refreshRuleView(): void {
 
   const pickerMatchesDefault =
     expected !== null && picked.length === 1 && picked[0] === expected;
+  // t-paliad-251 — when the rule was auto-derived from a user-picked
+  // type (Typ→Regel direction), the collapsed "vorgegeben durch Regel"
+  // copy reads backwards. Show the picker explicitly + surface the
+  // Auto badge on the Rule field instead.
+  const ruleWasAutoDerivedFromType =
+    lastAutoFilledRuleID !== null && ruleID === lastAutoFilledRuleID;
   const wantsCollapsed =
-    !expandedOverride && ruleID !== "" && expected !== null && pickerMatchesDefault;
+    !expandedOverride && ruleID !== "" && expected !== null && pickerMatchesDefault && !ruleWasAutoDerivedFromType;
 
   if (wantsCollapsed) {
     const et = eventTypesByID.get(expected!);
@@ -164,6 +375,58 @@ function refreshRuleView(): void {
   }
 }
 
+// refreshRuleAutoBadgeAndWarning surfaces the Auto badge whenever the
+// Rule was derived from the Typ (i.e. lastAutoFilledRuleID is currently
+// selected) AND the warning whenever the user has manually picked a
+// non-Auto rule that contradicts the Type's derived rule. Both end up
+// inert when there's no Type chosen.
+function refreshRuleAutoBadgeAndWarning(): void {
+  const autoEl = document.getElementById("deadline-rule-auto-hint");
+  const autoTextEl = document.getElementById("deadline-rule-auto-hint-text");
+  const warnEl = document.getElementById("deadline-rule-override-warn");
+  if (!autoEl || !autoTextEl || !warnEl) return;
+
+  const ruleSel = document.getElementById("deadline-rule") as HTMLSelectElement | null;
+  if (!ruleSel) return;
+
+  const picked = eventTypePicker?.getIDs() ?? [];
+  if (picked.length !== 1) {
+    autoEl.style.display = "none";
+    warnEl.style.display = "none";
+    return;
+  }
+  const projectID = (document.getElementById("deadline-project") as HTMLSelectElement | null)?.value || "";
+  const derived = resolveAutoRuleForType(picked[0], projectID);
+  const currentRuleID = ruleSel.value || "";
+
+  if (currentRuleID && currentRuleID === lastAutoFilledRuleID) {
+    // The current rule was auto-derived (and the user hasn't touched it).
+    autoEl.style.display = "";
+    autoTextEl.textContent = derived ? ` — ${ruleLabel(derived)}` : "";
+    warnEl.style.display = "none";
+    return;
+  }
+
+  autoEl.style.display = "none";
+
+  // Override warning: derived rule exists AND user has picked a
+  // different non-empty rule. The copy names BOTH so the user knows
+  // exactly what's happening — and which one will be applied.
+  if (derived && currentRuleID && currentRuleID !== derived.id) {
+    const current = rulesByID.get(currentRuleID);
+    if (current) {
+      const tmpl = t("deadlines.field.rule.override_warn");
+      const msg = tmpl
+        .replace("{derived}", ruleLabel(derived))
+        .replace("{selected}", ruleLabel(current));
+      warnEl.textContent = msg;
+      warnEl.style.display = "";
+      return;
+    }
+  }
+  warnEl.style.display = "none";
+}
+
 // applyRuleAutoFill replaces the picker silently when it still reflects
 // the previous rule's suggestion (or is empty); leaves a manually-edited
 // picker alone. Called whenever the Regel select changes.
@@ -200,13 +463,97 @@ function applyRuleAutoFill(): void {
   refreshRuleView();
 }
 
-function initBackLinks() {
-  if (preselectedProjectID) {
-    const back = document.getElementById("deadline-new-back") as HTMLAnchorElement;
-    const cancel = document.getElementById("deadline-new-cancel") as HTMLAnchorElement;
-    back.href = `/projects/${preselectedProjectID}/deadlines`;
-    cancel.href = `/projects/${preselectedProjectID}/deadlines`;
+// applyTypeAutoFillRule is the inverse direction (t-paliad-251 Part 2):
+// when the user picks a single Typ chip, derive the canonical Rule and
+// inject it into the Regel select. Like applyRuleAutoFill, it leaves
+// manual rule picks alone — only replaces when the current rule is the
+// previous auto-fill (sticky-replace pattern).
+function applyTypeAutoFillRule(): void {
+  const ruleSel = document.getElementById("deadline-rule") as HTMLSelectElement | null;
+  if (!ruleSel) return;
+
+  const picked = eventTypePicker?.getIDs() ?? [];
+  const projectID = (document.getElementById("deadline-project") as HTMLSelectElement | null)?.value || "";
+
+  if (picked.length !== 1) {
+    // 0 or 2+ Typ chips → no canonical rule to derive. Clear the
+    // sticky auto-fill so a stale Auto suggestion doesn't linger.
+    if (lastAutoFilledRuleID && ruleSel.value === lastAutoFilledRuleID) {
+      ruleSel.value = "";
+      lastAutoFilledRuleID = null;
+      // Mirror to the Regel→Typ path so its mismatch warning recomputes.
+      applyRuleAutoFill();
+    }
+    refreshRuleAutoBadgeAndWarning();
+    return;
   }
+
+  const derived = resolveAutoRuleForType(picked[0], projectID);
+  const currentRuleID = ruleSel.value || "";
+  const ruleStillReflectsLastSuggestion =
+    lastAutoFilledRuleID !== null && currentRuleID === lastAutoFilledRuleID;
+  const ruleIsEmpty = currentRuleID === "";
+
+  if (derived) {
+    if (ruleIsEmpty || ruleStillReflectsLastSuggestion) {
+      ruleSel.value = derived.id;
+      lastAutoFilledRuleID = derived.id;
+      // Mirror to the Regel→Typ direction — the new rule's collapsed
+      // view + mismatch state needs to recompute now that we changed
+      // the selection programmatically.
+      applyRuleAutoFill();
+    }
+  } else if (ruleStillReflectsLastSuggestion) {
+    // No derived rule for the new type — drop the stale auto-fill.
+    ruleSel.value = "";
+    lastAutoFilledRuleID = null;
+    applyRuleAutoFill();
+  }
+  refreshRuleAutoBadgeAndWarning();
+}
+
+// computeDefaultTitle — t-paliad-251 Part 4. Recipe (documented also in
+// the commit message so future title templates can mirror it):
+//
+//   priority order picks the head of the title:
+//     1. event_type label (when exactly one Typ chip is set)
+//     2. rule name (when a Rule is set — uses ruleLabel = "code — name")
+//     3. proceeding type name (when project carries a proceeding_type_id)
+//     4. fallback: t("deadlines.field.title.default_fallback")
+//
+//   suffix: " — <project-reference>" when the project has a reference
+//   string and the title doesn't already contain it.
+//
+// Returns "" only when even the fallback fails (i18n unavailable) —
+// callers handle that by leaving the field untouched.
+function computeDefaultTitle(): string {
+  const projectID = (document.getElementById("deadline-project") as HTMLSelectElement | null)?.value || "";
+  const project = projectID ? projectsByID.get(projectID) : undefined;
+  const ruleID = (document.getElementById("deadline-rule") as HTMLSelectElement | null)?.value || "";
+  const rule = ruleID ? rulesByID.get(ruleID) : undefined;
+  const picked = eventTypePicker?.getIDs() ?? [];
+
+  let head = "";
+  if (picked.length === 1) {
+    const et = eventTypesByID.get(picked[0]);
+    if (et) head = eventTypeLabel(et);
+  }
+  if (!head && rule) {
+    head = ruleLabel(rule);
+  }
+  if (!head && project?.proceeding_type_id) {
+    const pt = proceedingTypesByID.get(project.proceeding_type_id);
+    if (pt) head = proceedingLabel(pt);
+  }
+  if (!head) {
+    head = t("deadlines.field.title.default_fallback");
+  }
+
+  const ref = project?.reference?.trim() || "";
+  if (ref && !head.includes(ref)) {
+    return `${head} — ${ref}`;
+  }
+  return head;
 }
 
 async function submitForm(e: Event) {
@@ -252,8 +599,8 @@ async function submitForm(e: Event) {
       return;
     }
     const created = await resp.json();
-    if (preselectedProjectID) {
-      window.location.href = `/projects/${preselectedProjectID}/deadlines`;
+    if (preselectedProjectIDLocal) {
+      window.location.href = `/projects/${preselectedProjectIDLocal}/deadlines`;
     } else {
       window.location.href = `/deadlines/${created.id}`;
     }
@@ -343,12 +690,33 @@ document.addEventListener("DOMContentLoaded", async () => {
   // Default due to today
   const dueInput = document.getElementById("deadline-due") as HTMLInputElement;
   if (!dueInput.value) dueInput.value = new Date().toISOString().split("T")[0];
-  await Promise.all([loadProjects(), loadRules(), loadMe()]);
+
+  // Wire the sort dropdown to read its initial value from localStorage and
+  // persist user picks back.
+  const sortSel = document.getElementById("deadline-rule-sort") as HTMLSelectElement | null;
+  if (sortSel) {
+    sortSel.value = readRuleSort();
+    sortSel.addEventListener("change", () => {
+      writeRuleSort(sortSel.value as RuleSort);
+      renderRuleSelect();
+    });
+  }
+
+  await Promise.all([loadProjects(), loadProceedingTypes(), loadRules(), loadMe()]);
+  // After both rules + proceeding types are in, re-render with the
+  // chosen sort so groups carry proper labels.
+  renderRuleSelect();
+
   const pickerHost = document.getElementById("deadline-event-types");
   if (pickerHost) {
     eventTypePicker = attachEventTypePicker(pickerHost, {
       currentUserAdmin,
-      onChange: () => refreshRuleView(),
+      onChange: () => {
+        // Both directions trigger off picker change: refresh the
+        // Regel→Typ collapsed/expanded state AND the Typ→Regel auto-fill.
+        refreshRuleView();
+        applyTypeAutoFillRule();
+      },
     });
   }
   // t-paliad-165 follow-up — preload event_types so the collapsed
@@ -358,13 +726,18 @@ document.addEventListener("DOMContentLoaded", async () => {
     .then((types) => {
       eventTypesByID = new Map(types.map((et) => [et.id, et]));
       refreshRuleView();
+      refreshRuleAutoBadgeAndWarning();
     })
     .catch(() => {/* non-fatal — collapsed view falls back to empty label */});
   // t-paliad-165 — Regel change auto-fills the Typ chip from the rule's
   // concept's canonical event_type, when the picker hasn't been
-  // manually edited away from the previous rule's suggestion.
+  // manually edited away from the previous rule's suggestion. ALSO
+  // resets the Typ→Regel auto-fill marker since the user just made a
+  // manual rule pick.
   document.getElementById("deadline-rule")?.addEventListener("change", () => {
+    lastAutoFilledRuleID = null;
     applyRuleAutoFill();
+    refreshRuleAutoBadgeAndWarning();
   });
   // "Anderen Typ wählen" — sticky expanded mode so the picker stays
   // visible even when the chip still matches the rule's default.
@@ -381,6 +754,20 @@ document.addEventListener("DOMContentLoaded", async () => {
   // Wire approval-hint refresh: on first render + on project change.
   void refreshApprovalHint();
   document.getElementById("deadline-project")?.addEventListener("change", () => {
+    // Project change can shift which rule the Type maps to (via the
+    // project's proceeding_type_id), so re-run the auto-fill.
     void refreshApprovalHint();
+    applyTypeAutoFillRule();
+  });
+
+  // t-paliad-251 Part 4 — Standardtitel button replaces the title with
+  // a derived default. No destructive confirmation because the user
+  // invoked it explicitly.
+  document.getElementById("deadline-title-default-btn")?.addEventListener("click", () => {
+    const titleInput = document.getElementById("deadline-title") as HTMLInputElement | null;
+    if (!titleInput) return;
+    const derived = computeDefaultTitle();
+    if (derived) titleInput.value = derived;
+    titleInput.focus();
   });
 });

frontend/src/client/event-types.ts

@@ -686,6 +686,33 @@ export function openBrowseEventTypesModal(
   return new Promise<string[] | null>((resolve) => {
     let selected = new Set<string>(opts.initialIDs);
     let searchQuery = "";
+    // t-paliad-251 — court-type filter chips. `null` = "Alle" (any
+    // jurisdiction). Any non-null value matches event_types.jurisdiction;
+    // "any" is mapped to NULL/missing rows via jurisdictionMatches().
+    let activeJurisdiction: string | null = null;
+
+    // Surface every jurisdiction present in the data — "any" stays bucketed
+    // separately so users still have a "show generic-only" chip. EPA is
+    // canonicalised to EPO in event_types (see mig 074); the chip label
+    // shows EPA to match the legal vocabulary the lawyers use.
+    const jurisdictionsPresent = new Set<string>();
+    for (const et of opts.types) {
+      const j = (et.jurisdiction ?? "").trim();
+      if (j) jurisdictionsPresent.add(j);
+    }
+    const JURISDICTION_ORDER = ["UPC", "EPO", "DPMA", "DE", "any"];
+    const chipJurisdictions = JURISDICTION_ORDER.filter((j) => jurisdictionsPresent.has(j));
+    // Any jurisdiction in the data that isn't in our ordered list lands at
+    // the end so the chip row never silently drops a court flavour.
+    for (const j of jurisdictionsPresent) {
+      if (!chipJurisdictions.includes(j)) chipJurisdictions.push(j);
+    }
+
+    function chipLabel(j: string): string {
+      if (j === "EPO") return "EPA";
+      if (j === "any") return t("event_types.browse.jurisdiction.none");
+      return j;
+    }
 
     const overlay = document.createElement("div");
     overlay.className = "modal-overlay event-type-browse-overlay";
@@ -694,6 +721,15 @@ export function openBrowseEventTypesModal(
         <div class="event-type-browse-header">
           <h2 id="event-type-browse-title">${esc(t("event_types.browse.title"))}</h2>
           <input type="text" class="event-type-browse-search" data-role="search" placeholder="${esc(t("event_types.browse.search"))}" autocomplete="off" />
+          <div class="event-type-browse-chips" data-role="chips" role="group" aria-label="${esc(t("event_types.browse.jurisdiction.filter_label"))}">
+            <button type="button" class="event-type-browse-chip event-type-browse-chip--active" data-jurisdiction="" data-role="chip-all">${esc(t("event_types.browse.jurisdiction.all"))}</button>
+            ${chipJurisdictions
+              .map(
+                (j) =>
+                  `<button type="button" class="event-type-browse-chip" data-jurisdiction="${esc(j)}">${esc(chipLabel(j))}</button>`,
+              )
+              .join("")}
+          </div>
         </div>
         <div class="event-type-browse-list" data-role="list" tabindex="-1"></div>
         <div class="event-type-browse-actions">
@@ -711,6 +747,7 @@ export function openBrowseEventTypesModal(
     const countEl = overlay.querySelector<HTMLElement>("[data-role=count]")!;
     const cancelBtn = overlay.querySelector<HTMLButtonElement>("[data-role=cancel]")!;
     const applyBtn = overlay.querySelector<HTMLButtonElement>("[data-role=apply]")!;
+    const chipButtons = overlay.querySelectorAll<HTMLButtonElement>(".event-type-browse-chip");
 
     const groups = groupByCategory(opts.types);
 
@@ -721,6 +758,12 @@ export function openBrowseEventTypesModal(
       return j;
     }
 
+    function jurisdictionMatches(et: EventType): boolean {
+      if (activeJurisdiction === null) return true;
+      const j = (et.jurisdiction ?? "").trim();
+      return j === activeJurisdiction;
+    }
+
     function updateCount() {
       countEl.textContent = t("event_types.browse.selected_count").replace(
         "{n}",
@@ -731,6 +774,7 @@ export function openBrowseEventTypesModal(
     function renderList() {
       const q = searchQuery.trim().toLowerCase();
       const matches = (et: EventType) => {
+        if (!jurisdictionMatches(et)) return false;
         if (!q) return true;
         return (
           et.label_de.toLowerCase().includes(q) ||
@@ -783,6 +827,16 @@ export function openBrowseEventTypesModal(
       renderList();
     });
 
+    chipButtons.forEach((btn) => {
+      btn.addEventListener("click", () => {
+        const raw = btn.dataset.jurisdiction ?? "";
+        activeJurisdiction = raw === "" ? null : raw;
+        chipButtons.forEach((b) => b.classList.remove("event-type-browse-chip--active"));
+        btn.classList.add("event-type-browse-chip--active");
+        renderList();
+      });
+    });
+
     function close(value: string[] | null) {
       document.removeEventListener("keydown", onKey);
       overlay.remove();

frontend/src/client/i18n.ts

@@ -302,9 +302,11 @@ const translations: Record<Lang, Record<string, string>> = {
     "deadlines.view.timeline": "Zeitstrahl",
     "deadlines.view.columns": "Spalten",
     "deadlines.notes.show": "Hinweise anzeigen",
-    "deadlines.col.proactive": "Proaktiv",
+    "deadlines.col.proactive": "Proaktiv (Klägerseite)",
+    "deadlines.col.proactive.defendant": "Proaktiv (Beklagtenseite)",
     "deadlines.col.court": "Gericht",
-    "deadlines.col.reactive": "Reaktiv",
+    "deadlines.col.reactive": "Reaktiv (Beklagtenseite)",
+    "deadlines.col.reactive.claimant": "Reaktiv (Klägerseite)",
     "deadlines.col.both": "Beide Parteien",
     // Trigger-event mode (PR-2 \u2014 youpc-parity)
     "deadlines.mode.procedure": "Verfahrensablauf",
@@ -417,6 +419,14 @@ const translations: Record<Lang, Record<string, string>> = {
     "deadlines.perspective.defendant.title": "Beklagtenseite — versteckt typische Kläger-Schriftsätze",
     "deadlines.perspective.appeal_filed_by.label": "Berufung eingelegt durch:",
     "deadlines.perspective.predefined_hint": "vorgegeben durch Akte",
+    "deadlines.side.label": "Seite:",
+    "deadlines.side.claimant": "Klägerseite",
+    "deadlines.side.defendant": "Beklagtenseite",
+    "deadlines.side.both": "Beide",
+    "deadlines.appellant.label": "Berufung durch:",
+    "deadlines.appellant.claimant": "Klägerseite",
+    "deadlines.appellant.defendant": "Beklagtenseite",
+    "deadlines.appellant.none": "—",
     "deadlines.event.composite.label": "Zusammengesetzt:",
     "deadlines.event.unit.days.one": "Tag",
     "deadlines.event.unit.days.many": "Tage",
@@ -879,6 +889,14 @@ const translations: Record<Lang, Record<string, string>> = {
     "deadlines.field.rule.autofill_inline": " (vorgegeben durch Regel)",
     "deadlines.field.rule.mismatch": "Hinweis: Typ widerspricht Regel — Sie haben den Typ überschrieben.",
     "deadlines.field.rule.override": "Anderen Typ wählen",
+    "deadlines.field.rule.auto_badge": "Auto",
+    "deadlines.field.rule.override_warn": "Typ ergibt Regel: {derived}. Gewählte Regel: {selected}. Es wird {selected} angewendet.",
+    "deadlines.field.rule.sort.by_proceeding": "Nach Verfahrensablauf",
+    "deadlines.field.rule.sort.by_court": "Nach Gerichtsart",
+    "deadlines.field.rule.sort.alpha": "Alphabetisch",
+    "deadlines.field.rule.sort.other_proceeding": "Sonstige Regeln",
+    "deadlines.field.title.default_btn": "Standardtitel",
+    "deadlines.field.title.default_fallback": "Neue Frist",
     "deadlines.field.notes": "Notizen (optional)",
     "deadlines.field.notes.placeholder": "Hinweise, Verweise, n\u00e4chste Schritte\u2026",
     "deadlines.error.required": "Akte, Titel und F\u00e4lligkeitsdatum sind Pflichtfelder.",
@@ -1426,8 +1444,14 @@ const translations: Record<Lang, Record<string, string>> = {
     "projects.detail.tab.notizen": "Notizen",
     "projects.detail.tab.checklisten": "Checklisten",
     "projects.detail.tab.submissions": "Schriftsätze",
+    "projects.detail.tab.settings": "Verwaltung",
     "projects.detail.export.button": "Daten exportieren",
     "projects.detail.export.tooltip": "Daten dieses Projekts (mit Unter-Projekten) als Excel + JSON + CSV herunterladen.",
+    "projects.detail.settings.export.heading": "Daten exportieren",
+    "projects.detail.settings.export.description": "Lade alle Daten dieses Projekts (inkl. Unter-Projekten) als Excel + JSON + CSV-Archiv herunter.",
+    "projects.detail.settings.archive.heading": "Projekt archivieren",
+    "projects.detail.settings.archive.description": "Archivieren erfolgt aus dem Bearbeiten-Dialog (Gefahrenbereich).",
+    "projects.detail.settings.archive.cta": "Bearbeiten öffnen",
     "projects.detail.submissions.empty": "Es sind aktuell keine Schriftsatzvorlagen hinterlegt.",
     "projects.detail.submissions.empty.no_proceeding": "Für dieses Projekt ist noch kein Verfahrenstyp gesetzt — der Katalog unten zeigt trotzdem alle Vorlagen.",
     "projects.detail.submissions.empty.no_proceeding.cta": "Projekt bearbeiten",
@@ -2431,6 +2455,8 @@ const translations: Record<Lang, Record<string, string>> = {
     "event_types.browse.cancel": "Abbrechen",
     "event_types.browse.selected_count": "{n} ausgewählt",
     "event_types.browse.jurisdiction.none": "Allgemein",
+    "event_types.browse.jurisdiction.all": "Alle Gerichte",
+    "event_types.browse.jurisdiction.filter_label": "Nach Gerichtsart filtern",
     "event_types.filter.all": "Alle Typen",
     "event_types.filter.untyped": "— Ohne Typ —",
     "event_types.filter.search": "Typ suchen…",
@@ -2576,6 +2602,17 @@ const translations: Record<Lang, Record<string, string>> = {
     "approvals.withdraw.cta": "Genehmigungsanfrage zurückziehen",
     "approvals.withdraw.confirm": "Genehmigungsanfrage wirklich zurückziehen?",
     "approvals.withdraw.error": "Fehler beim Zurückziehen",
+    "approvals.withdraw.cancel": "Abbrechen",
+    "approvals.withdraw.modal.title": "Genehmigungsanfrage zurückziehen?",
+    "approvals.withdraw.primary.label": "Termin bearbeiten",
+    "approvals.withdraw.destructive.label": "Endgültig zurückziehen und löschen",
+    "approvals.withdraw.lead.create.deadline": "Wenn Sie die Anfrage zurückziehen, wird die Frist gelöscht.",
+    "approvals.withdraw.lead.create.appointment": "Wenn Sie die Anfrage zurückziehen, wird der Termin gelöscht.",
+    "approvals.withdraw.lead.update": "Wenn Sie die Anfrage zurückziehen, werden die vorgeschlagenen Änderungen verworfen — der Eintrag kehrt in den Zustand vor Ihrer Bearbeitung zurück.",
+    "approvals.withdraw.lead.delete": "Wenn Sie die Löschanfrage zurückziehen, bleibt der Eintrag bestehen.",
+    "approvals.withdraw.sub.create": "Alternativ können Sie den Eintrag stattdessen bearbeiten. Die Anfrage bleibt offen und der Genehmiger sieht Ihre neuen Werte.",
+    "approvals.withdraw.sub.update": "Alternativ können Sie Ihre Änderungen bearbeiten und neu absenden. Die Anfrage bleibt offen.",
+    "approvals.withdraw.sub.delete": "Sind Sie sicher, dass Sie die Löschanfrage zurückziehen möchten?",
     "approvals.pending_create.label": "Erstellung wartet auf Genehmigung",
     "approvals.pending_update.label": "Änderung wartet auf Genehmigung",
     "approvals.pending_complete.label": "Erledigung wartet auf Genehmigung",
@@ -3242,9 +3279,11 @@ const translations: Record<Lang, Record<string, string>> = {
     "deadlines.view.timeline": "Timeline",
     "deadlines.view.columns": "Columns",
     "deadlines.notes.show": "Show details",
-    "deadlines.col.proactive": "Proactive",
+    "deadlines.col.proactive": "Proactive (Claimant side)",
+    "deadlines.col.proactive.defendant": "Proactive (Defendant side)",
     "deadlines.col.court": "Court",
-    "deadlines.col.reactive": "Reactive",
+    "deadlines.col.reactive": "Reactive (Defendant side)",
+    "deadlines.col.reactive.claimant": "Reactive (Claimant side)",
     "deadlines.col.both": "Both parties",
     "deadlines.adjusted": "Adjusted",
     "deadlines.adjusted.reason": "weekend/holiday",
@@ -3364,6 +3403,14 @@ const translations: Record<Lang, Record<string, string>> = {
     "deadlines.perspective.defendant.title": "Defendant side — hides typical claimant submissions",
     "deadlines.perspective.appeal_filed_by.label": "Appeal filed by:",
     "deadlines.perspective.predefined_hint": "predefined from project",
+    "deadlines.side.label": "Side:",
+    "deadlines.side.claimant": "Claimant",
+    "deadlines.side.defendant": "Defendant",
+    "deadlines.side.both": "Both",
+    "deadlines.appellant.label": "Appeal filed by:",
+    "deadlines.appellant.claimant": "Claimant",
+    "deadlines.appellant.defendant": "Defendant",
+    "deadlines.appellant.none": "—",
     "deadlines.event.composite.label": "Composite:",
     "deadlines.event.unit.days.one": "day",
     "deadlines.event.unit.days.many": "days",
@@ -3819,6 +3866,14 @@ const translations: Record<Lang, Record<string, string>> = {
     "deadlines.field.rule.autofill_inline": " (set by rule)",
     "deadlines.field.rule.mismatch": "Note: type contradicts rule — you have overridden the type.",
     "deadlines.field.rule.override": "Choose another type",
+    "deadlines.field.rule.auto_badge": "Auto",
+    "deadlines.field.rule.override_warn": "Type derives rule: {derived}. Selected rule: {selected}. {selected} will be applied.",
+    "deadlines.field.rule.sort.by_proceeding": "By proceeding sequence",
+    "deadlines.field.rule.sort.by_court": "By court type",
+    "deadlines.field.rule.sort.alpha": "Alphabetical",
+    "deadlines.field.rule.sort.other_proceeding": "Other rules",
+    "deadlines.field.title.default_btn": "Default title",
+    "deadlines.field.title.default_fallback": "New deadline",
     "deadlines.field.notes": "Notes (optional)",
     "deadlines.field.notes.placeholder": "References, hints, next steps\u2026",
     "deadlines.error.required": "Matter, title and due date are required.",
@@ -4347,8 +4402,14 @@ const translations: Record<Lang, Record<string, string>> = {
     "projects.detail.tab.notizen": "Notes",
     "projects.detail.tab.checklisten": "Checklists",
     "projects.detail.tab.submissions": "Submissions",
+    "projects.detail.tab.settings": "Settings",
     "projects.detail.export.button": "Export data",
     "projects.detail.export.tooltip": "Download this project's data (including sub-projects) as Excel + JSON + CSV.",
+    "projects.detail.settings.export.heading": "Export data",
+    "projects.detail.settings.export.description": "Download all data for this project (including sub-projects) as an Excel + JSON + CSV archive.",
+    "projects.detail.settings.archive.heading": "Archive project",
+    "projects.detail.settings.archive.description": "Archiving happens in the edit dialog (danger zone).",
+    "projects.detail.settings.archive.cta": "Open edit dialog",
     "projects.detail.submissions.empty": "No submission templates are configured yet.",
     "projects.detail.submissions.empty.no_proceeding": "No proceeding type is set for this project yet — the catalog below still lists every template.",
     "projects.detail.submissions.empty.no_proceeding.cta": "Edit project",
@@ -5343,6 +5404,8 @@ const translations: Record<Lang, Record<string, string>> = {
     "event_types.browse.cancel": "Cancel",
     "event_types.browse.selected_count": "{n} selected",
     "event_types.browse.jurisdiction.none": "Any",
+    "event_types.browse.jurisdiction.all": "All courts",
+    "event_types.browse.jurisdiction.filter_label": "Filter by court type",
     "event_types.filter.all": "All types",
     "event_types.filter.untyped": "— Untyped —",
     "event_types.filter.search": "Search type…",
@@ -5488,6 +5551,17 @@ const translations: Record<Lang, Record<string, string>> = {
     "approvals.withdraw.cta": "Withdraw approval request",
     "approvals.withdraw.confirm": "Withdraw the approval request?",
     "approvals.withdraw.error": "Failed to withdraw",
+    "approvals.withdraw.cancel": "Cancel",
+    "approvals.withdraw.modal.title": "Withdraw approval request?",
+    "approvals.withdraw.primary.label": "Edit event",
+    "approvals.withdraw.destructive.label": "Withdraw permanently and delete",
+    "approvals.withdraw.lead.create.deadline": "Withdrawing this request will delete the deadline.",
+    "approvals.withdraw.lead.create.appointment": "Withdrawing this request will delete the appointment.",
+    "approvals.withdraw.lead.update": "Withdrawing this request will discard your proposed changes — the entry will revert to its state before your edit.",
+    "approvals.withdraw.lead.delete": "Withdrawing the delete request will keep the entry alive.",
+    "approvals.withdraw.sub.create": "Alternatively, you can edit the entry instead. The request stays open and the approver will see your new values.",
+    "approvals.withdraw.sub.update": "Alternatively, you can edit your changes and resubmit. The request stays open.",
+    "approvals.withdraw.sub.delete": "Are you sure you want to withdraw the delete request?",
     "approvals.pending_create.label": "Awaits approval (creation)",
     "approvals.pending_update.label": "Awaits approval (change)",
     "approvals.pending_complete.label": "Awaits approval (completion)",

frontend/src/client/projects-detail.ts

@@ -175,7 +175,8 @@ type TabId =
   | "appointments"
   | "notes"
   | "checklists"
-  | "submissions";
+  | "submissions"
+  | "settings";
 
 const VALID_TABS: TabId[] = [
   "history",
@@ -187,6 +188,7 @@ const VALID_TABS: TabId[] = [
   "notes",
   "checklists",
   "submissions",
+  "settings",
 ];
 
 // Legacy German tab slugs that may appear in bookmarked URLs after the
@@ -1185,13 +1187,16 @@ function renderHeader() {
     netdocs.style.display = "none";
   }
 
-  // Delete visibility: partner/admin only
+  // Delete visibility: partner/admin only. The Verwaltung tab's archive
+  // sub-section mirrors the same gate (t-paliad-245) — it only points at
+  // the Edit-modal danger zone, so it's pointless to show when the danger
+  // zone itself is hidden.
   const deleteWrap = document.getElementById("project-delete-wrap")!;
-  if (me && (me.global_role === "global_admin")) {
-    deleteWrap.style.display = "";
-  } else {
-    deleteWrap.style.display = "none";
-  }
+  const archiveSection = document.getElementById("project-settings-archive");
+  const canArchive = !!me && me.global_role === "global_admin";
+  deleteWrap.style.display = canArchive ? "" : "none";
+  if (archiveSection) archiveSection.style.display = canArchive ? "" : "none";
+  updateSettingsTabVisibility();
 }
 
 // wrapEventTitleLink — kept for the dashboard activity feed which reuses
@@ -2045,6 +2050,17 @@ function initEditModal() {
     });
   }
 
+  // Verwaltung → Projekt archivieren — opens the edit modal scrolled to
+  // the danger-zone archive button (t-paliad-245).
+  const archiveLink = document.getElementById(
+    "project-settings-archive-link",
+  ) as HTMLButtonElement | null;
+  if (archiveLink) {
+    archiveLink.addEventListener("click", () => {
+      openEditModal("project-delete-btn");
+    });
+  }
+
   form.addEventListener("submit", async (e) => {
     e.preventDefault();
     if (!project) return;
@@ -2991,17 +3007,21 @@ function canExportProject(): boolean {
   );
 }
 
-// wireExportButton reveals + hooks up the project-export button on the
-// tabs nav. Triggers a download via a transient <a download> — same
-// pattern as the personal export in client/settings.ts.
+// wireExportButton reveals the Export sub-section of the Verwaltung tab
+// (t-paliad-245) and hooks up the project-export button. Triggers a
+// download via a transient <a download> — same pattern as the personal
+// export in client/settings.ts.
 function wireExportButton(projectID: string): void {
+  const section = document.getElementById("project-settings-export") as HTMLElement | null;
   const btn = document.getElementById("project-export-btn") as HTMLButtonElement | null;
-  if (!btn) return;
+  if (!section || !btn) return;
   if (!canExportProject()) {
-    btn.style.display = "none";
+    section.style.display = "none";
+    updateSettingsTabVisibility();
     return;
   }
-  btn.style.display = "";
+  section.style.display = "";
+  updateSettingsTabVisibility();
   btn.addEventListener("click", () => {
     const a = document.createElement("a");
     a.href = `/api/projects/${encodeURIComponent(projectID)}/export`;
@@ -3012,6 +3032,17 @@ function wireExportButton(projectID: string): void {
   });
 }
 
+// updateSettingsTabVisibility hides the Verwaltung tab when none of its
+// sub-sections are visible to the current user — an empty tab is worse
+// UX than no tab. Called whenever a sub-section's visibility flips.
+function updateSettingsTabVisibility(): void {
+  const tab = document.querySelector<HTMLElement>('.entity-tab[data-tab="settings"]');
+  if (!tab) return;
+  const exportShown = document.getElementById("project-settings-export")?.style.display !== "none";
+  const archiveShown = document.getElementById("project-settings-archive")?.style.display !== "none";
+  tab.style.display = exportShown || archiveShown ? "" : "none";
+}
+
 function canRemoveTeamMember(m: ProjectTeamMember): boolean {
   if (!me) return false;
   if (m.user_id === me.id) return true;

frontend/src/client/sidebar.ts

@@ -11,6 +11,13 @@ const WIDTH_KEY = "paliad-sidebar-width";
 const SIDEBAR_WIDTH_MIN = 180;
 const SIDEBAR_WIDTH_MAX = 480;
 const SIDEBAR_WIDTH_DEFAULT = 240;
+// Per-tab scroll position of the .sidebar-nav scroll container. Persisted
+// on every scroll event, restored on initSidebar() so a full-page nav
+// click doesn't bounce the user back to the top of a long sidebar
+// (Werkzeuge + projects + user views can easily overflow). sessionStorage
+// scopes it to the tab — opening a sidebar link in a new tab (Cmd-click)
+// starts that tab fresh at the top, which matches user expectation.
+const SCROLL_KEY = "paliad.sidebar.scroll";
 
 // toggleMobileSidebar opens or closes the slide-out drawer. Exposed so the
 // BottomNav menu slot can call it without duplicating the open/close
@@ -49,6 +56,23 @@ function applySidebarWidth(px: number): void {
   document.documentElement.style.setProperty("--sidebar-width", `${px}px`);
 }
 
+// readStoredScroll returns the persisted scrollTop or 0 when missing /
+// malformed. Bounds are checked at apply time against the actual
+// scrollHeight, so a stale value pointing past the current scroll range
+// is harmless (the browser clamps assignments to [0, max]).
+function readStoredScroll(): number {
+  const raw = sessionStorage.getItem(SCROLL_KEY);
+  if (raw === null) return 0;
+  const n = parseInt(raw, 10);
+  if (!Number.isFinite(n) || n < 0) return 0;
+  return n;
+}
+
+function applySidebarScroll(nav: HTMLElement, px: number): void {
+  if (px <= 0) return;
+  nav.scrollTop = px;
+}
+
 // migrateLegacyPinKey copies the pre-rebrand pin state into the new key on
 // first load and removes the stale entry. Drop this fallback once the rename
 // grace period is over.
@@ -79,6 +103,7 @@ export function initSidebar() {
   const sidebar = document.querySelector<HTMLElement>(".sidebar");
   if (!sidebar) return;
   initSidebarResize(sidebar);
+  initSidebarScrollRestore(sidebar);
 
   const pinBtn = sidebar.querySelector<HTMLButtonElement>(".sidebar-pin");
   const hamburger = document.querySelector<HTMLButtonElement>(".sidebar-hamburger");
@@ -293,6 +318,29 @@ function initSidebarResize(sidebar: HTMLElement): void {
   });
 }
 
+// initSidebarScrollRestore wires the .sidebar-nav scroll container to
+// sessionStorage so the user's scroll position survives a full-page
+// navigation (every sidebar link click is a real reload — see m/paliad#85).
+// Restore is synchronous on init so the first paint is already at the
+// right offset; the passive scroll listener persists subsequent moves.
+// reapplySidebarScroll() exists so callers that mutate sidebar content
+// async (initUserViewsGroup appending /api/user-views into the Ansichten
+// group) can nudge the scroll back to where it was after the layout shift.
+function initSidebarScrollRestore(sidebar: HTMLElement): void {
+  const nav = sidebar.querySelector<HTMLElement>(".sidebar-nav");
+  if (!nav) return;
+  applySidebarScroll(nav, readStoredScroll());
+  nav.addEventListener("scroll", () => {
+    sessionStorage.setItem(SCROLL_KEY, String(nav.scrollTop));
+  }, { passive: true });
+}
+
+function reapplySidebarScroll(): void {
+  const nav = document.querySelector<HTMLElement>(".sidebar .sidebar-nav");
+  if (!nav) return;
+  applySidebarScroll(nav, readStoredScroll());
+}
+
 // Changelog badge — fetches the count of entries newer than the locally
 // stored "last seen" stamp and renders a dot + number on the Neuigkeiten
 // link. Skipped on the changelog page itself because changelog.ts stamps
@@ -432,6 +480,11 @@ function initUserViewsGroup(): void {
       for (const view of views) {
         items.appendChild(renderUserViewItem(view, currentPath));
       }
+      // The synchronous restore in initSidebarScrollRestore() happened
+      // before these views were appended, so a saved scrollTop that
+      // pointed below the Ansichten group would now sit on the wrong
+      // row. Re-apply once the layout has stabilised.
+      reapplySidebarScroll();
       // After rendering, kick off count refresh for views that opted in.
       for (const view of views) {
         if (view.show_count) {

frontend/src/client/team.ts

@@ -1,6 +1,6 @@
 import { initI18n, onLangChange, t, tDyn } from "./i18n";
 import { initSidebar } from "./sidebar";
-import { openBroadcastModal, firstName, type BroadcastRecipient } from "./broadcast";
+import { openBroadcastModal, firstName, buildMailtoHref, type BroadcastRecipient } from "./broadcast";
 
 interface User {
   id: string;
@@ -341,28 +341,64 @@ function buildProjectFilter() {
 function buildBroadcastButton() {
   const wrap = document.getElementById("team-broadcast-wrap");
   if (!wrap) return;
-  if (!canBroadcast()) {
+  // Wait for /api/me so the affordance never flickers between admin (form)
+  // and non-admin (mailto) on initial paint. canBroadcast() already returns
+  // false when me is null but we'd briefly render the mailto anchor before
+  // the admin form, which is visually jarring.
+  if (!me) {
     wrap.innerHTML = "";
     wrap.style.display = "none";
     return;
   }
   wrap.style.display = "";
-  wrap.innerHTML = `
-    <button type="button" class="btn btn-primary" id="team-broadcast-btn">
-      ${esc(t("team.broadcast.button") || "E-Mail an Auswahl")} <span class="team-broadcast-count" id="team-broadcast-count">0</span>
-    </button>
-  `;
-  document.getElementById("team-broadcast-btn")?.addEventListener("click", () => onBroadcastClick());
+  const label = esc(t("team.broadcast.button") || "E-Mail an Auswahl");
+  const counter = `<span class="team-broadcast-count" id="team-broadcast-count">0</span>`;
+  if (canBroadcast()) {
+    // Admin path (global_admin or project-lead-of-selected): opens the
+    // in-app compose modal that POSTs to /api/team/broadcast.
+    wrap.innerHTML = `
+      <button type="button" class="btn btn-primary" id="team-broadcast-btn">
+        ${label} ${counter}
+      </button>
+    `;
+    document.getElementById("team-broadcast-btn")?.addEventListener("click", () => onBroadcastClick());
+  } else {
+    // Non-admin path (t-paliad-244): native mailto: anchor pre-filled with
+    // the current filter set. href is refreshed in updateBroadcastButton()
+    // whenever filters change so the link always reflects what's visible.
+    wrap.innerHTML = `
+      <a class="btn btn-primary" id="team-broadcast-btn" href="mailto:">
+        ${label} ${counter}
+      </a>
+    `;
+  }
 }
 
 function updateBroadcastButton() {
   buildBroadcastButton();
+  const recipients = displayedRecipients();
   const countEl = document.getElementById("team-broadcast-count");
-  if (countEl) {
-    const n = displayedRecipients().length;
-    countEl.textContent = String(n);
-    const btn = document.getElementById("team-broadcast-btn") as HTMLButtonElement | null;
-    if (btn) btn.disabled = n === 0;
+  if (countEl) countEl.textContent = String(recipients.length);
+  const btn = document.getElementById("team-broadcast-btn");
+  if (!btn) return;
+  if (btn.tagName === "BUTTON") {
+    (btn as HTMLButtonElement).disabled = recipients.length === 0;
+  } else {
+    // Anchor (non-admin): regenerate the mailto: href against the current
+    // visible recipients, and disable the affordance when empty so a click
+    // doesn't open an empty mail composer.
+    const a = btn as HTMLAnchorElement;
+    if (recipients.length === 0) {
+      a.setAttribute("href", "mailto:");
+      a.setAttribute("aria-disabled", "true");
+      a.style.pointerEvents = "none";
+      a.style.opacity = "0.5";
+    } else {
+      a.setAttribute("href", buildMailtoHref(recipients));
+      a.removeAttribute("aria-disabled");
+      a.style.pointerEvents = "";
+      a.style.opacity = "";
+    }
   }
 }
 
@@ -673,14 +709,21 @@ function renderSelectionFooter(): void {
     "{n}",
     String(n),
   );
+  const sendLabel = esc(t("team.selection.send") || "E-Mail an Auswahl");
+  // t-paliad-244: mirror buildBroadcastButton() so the bottom send button
+  // behaves the same as the filter-bar one. Admin (canBroadcast) opens the
+  // compose modal; non-admin gets a native mailto: anchor pre-filled with
+  // the explicit selection.
+  const adminPath = canBroadcast();
+  const sendAction = adminPath
+    ? `<button type="button" class="btn-primary" id="team-selection-send">${sendLabel}</button>`
+    : `<a class="btn-primary" id="team-selection-send" href="${buildMailtoHref(selectedRecipients())}">${sendLabel}</a>`;
   footer.innerHTML = `
     <span class="team-selection-count">${esc(countLabel)}</span>
     <button type="button" class="btn-secondary btn-small" id="team-selection-clear">
       ${esc(t("team.selection.clear") || "Auswahl aufheben")}
     </button>
-    <button type="button" class="btn-primary" id="team-selection-send">
-      ${esc(t("team.selection.send") || "E-Mail an Auswahl")}
-    </button>
+    ${sendAction}
   `;
   footer.style.display = "";
   document.body.classList.add("team-has-selection");
@@ -691,9 +734,12 @@ function renderSelectionFooter(): void {
     syncMasterCheckbox();
     renderSelectionFooter();
   });
-  document.getElementById("team-selection-send")?.addEventListener("click", () => {
-    onBroadcastFromSelection();
-  });
+  if (adminPath) {
+    document.getElementById("team-selection-send")?.addEventListener("click", () => {
+      onBroadcastFromSelection();
+    });
+  }
+  // Anchor path has no click handler — native href open is the action.
 }
 
 // selectedRecipients maps the explicit selection Set into the

frontend/src/client/verfahrensablauf.ts

@@ -12,6 +12,7 @@ import { initI18n, t, tDyn, getLang, onLangChange } from "./i18n";
 import { initSidebar } from "./sidebar";
 import {
   type DeadlineResponse,
+  type Side,
   calculateDeadlines,
   escHtml,
   formatDate,
@@ -24,6 +25,70 @@ import {
 let selectedType = "";
 let lastResponse: DeadlineResponse | null = null;
 
+// Perspective state (t-paliad-250 / m/paliad#81). URL-driven so the
+// view is shareable and survives reload:
+//   ?side=claimant|defendant      → swaps which column owns the user's
+//                                    side (proactive vs reactive label).
+//                                    Default null = claimant-on-the-left.
+//   ?appellant=claimant|defendant → collapses party=both rows into the
+//                                    appellant's column (no mirror).
+//                                    Only meaningful for role-swap
+//                                    proceedings (Appeal etc.). Default
+//                                    null = legacy mirror behaviour.
+let currentSide: Side = null;
+let currentAppellant: Side = null;
+
+// Proceedings where one party initiates and "both" rows are role-swap
+// (i.e. either party files depending on who acted at the lower
+// instance). For these proceedings the appellant selector is meaningful
+// — when set, "both" rows collapse to a single row in the appellant's
+// column. For first-instance proceedings (Inf, Rev, …) the selector is
+// hidden because there's no appellant axis.
+//
+// Today: every upc.apl.* family member plus dpma.appeal.* and
+// de.inf.olg / de.inf.bgh / de.null.bgh (DE Berufung / Revision).
+// Conservative — false negatives just hide a control; false positives
+// would show an irrelevant control.
+const APPELLANT_AXIS_PROCEEDINGS = new Set([
+  "upc.apl.merits",
+  "upc.apl.cost",
+  "upc.apl.order",
+  "de.inf.olg",
+  "de.inf.bgh",
+  "de.null.bgh",
+  "dpma.appeal.bpatg",
+  "dpma.appeal.bgh",
+  "epa.opp.boa",
+]);
+
+function hasAppellantAxis(proceedingType: string): boolean {
+  return APPELLANT_AXIS_PROCEEDINGS.has(proceedingType);
+}
+
+function readSideFromURL(): Side {
+  const raw = new URLSearchParams(window.location.search).get("side");
+  return raw === "claimant" || raw === "defendant" ? raw : null;
+}
+
+function readAppellantFromURL(): Side {
+  const raw = new URLSearchParams(window.location.search).get("appellant");
+  return raw === "claimant" || raw === "defendant" ? raw : null;
+}
+
+function writeSideToURL(s: Side) {
+  const url = new URL(window.location.href);
+  if (s === null) url.searchParams.delete("side");
+  else url.searchParams.set("side", s);
+  window.history.replaceState(null, "", url.pathname + (url.search ? url.search : "") + url.hash);
+}
+
+function writeAppellantToURL(a: Side) {
+  const url = new URL(window.location.href);
+  if (a === null) url.searchParams.delete("appellant");
+  else url.searchParams.set("appellant", a);
+  window.history.replaceState(null, "", url.pathname + (url.search ? url.search : "") + url.hash);
+}
+
 // Per-rule anchor overrides set by the click-to-edit affordance on
 // timeline / column date cells. Posted as `anchorOverrides` to the
 // /api/tools/fristenrechner calc so downstream rules re-anchor off the
@@ -154,20 +219,31 @@ async function doCalc() {
 }
 
 // triggerEventLabelFor picks the user-facing "Auslösendes Ereignis"
-// label from the calc response. The root rule (isRootEvent=true) is
-// the first event in the proceeding — e.g. Klageerhebung for
-// upc.inf.cfi, Nichtigkeitsklage for upc.rev.cfi. Falls back to the
-// active proceeding name if no root rule fires (shouldn't happen for
-// healthy data, but safer than a blank). Fallback respects language —
-// proceedingNameEN is consulted on EN before the DE proceedingName
-// (m/paliad#58: prior fallback rendered DE on EN for sub-track
-// proceedings like upc.ccr.cfi which had no rules → no root).
+// label from the calc response. Precedence:
+//
+//   1. Server-supplied triggerEventLabel from proceeding_types
+//      (mig 121, m/paliad#81). UPC Appeal sets this to
+//      "Anfechtbare Entscheidung" / "Appealable Decision" — its rules
+//      all carry a non-zero duration off the trigger date so none is
+//      the root, and the proceedingName fallback ("Berufungsverfahren")
+//      misnamed the input as the proceeding itself.
+//   2. Root rule (isRootEvent=true) — the first event in the
+//      proceeding, e.g. Klageerhebung for upc.inf.cfi,
+//      Nichtigkeitsklage for upc.rev.cfi.
+//   3. Active proceeding name — last-resort fallback. Language-aware
+//      (m/paliad#58: prior code rendered DE on EN for sub-track
+//      proceedings like upc.ccr.cfi which had no rules → no root).
 function triggerEventLabelFor(data: DeadlineResponse): string {
+  const lang = getLang();
+  const curated = lang === "en"
+    ? (data.triggerEventLabelEN || data.triggerEventLabel)
+    : (data.triggerEventLabel || data.triggerEventLabelEN);
+  if (curated) return curated;
   const root = data.deadlines.find((d) => d.isRootEvent);
   if (root) {
-    return getLang() === "en" ? (root.nameEN || root.name) : (root.name || root.nameEN);
+    return lang === "en" ? (root.nameEN || root.name) : (root.name || root.nameEN);
   }
-  if (getLang() === "en") {
+  if (lang === "en") {
     return data.proceedingNameEN || data.proceedingName || "";
   }
   return data.proceedingName || data.proceedingNameEN || "";
@@ -213,7 +289,12 @@ function renderResults(data: DeadlineResponse) {
     : "";
 
   const bodyHtml = procedureView === "columns"
-    ? renderColumnsBody(data, { editable: true, showNotes })
+    ? renderColumnsBody(data, {
+        editable: true,
+        showNotes,
+        side: currentSide,
+        appellant: hasAppellantAxis(selectedType) ? currentAppellant : null,
+      })
     : renderTimelineBody(data, { showParty: true, editable: true, showNotes });
 
   container.innerHTML = headerHtml + noteHtml + bodyHtml;
@@ -276,6 +357,7 @@ function selectProceeding(btn: HTMLButtonElement) {
 
   void populateCourtPicker("court-picker-row", "court-picker", selectedType);
   syncFlagRows();
+  syncAppellantRowVisibility();
 
   setProceedingPickerCollapsed(true, proceedingDisplayName(btn));
 
@@ -283,6 +365,29 @@ function selectProceeding(btn: HTMLButtonElement) {
   scheduleCalc(0);
 }
 
+// syncAppellantRowVisibility hides the appellant selector for
+// proceedings that have no appellant axis (first-instance Inf, Rev,
+// …). Clears the in-memory state and the URL param when hidden so a
+// shared link with ?appellant= doesn't leak into an unrelated
+// proceeding's render.
+function syncAppellantRowVisibility() {
+  const row = document.getElementById("appellant-row");
+  if (!row) return;
+  const visible = hasAppellantAxis(selectedType);
+  row.style.display = visible ? "" : "none";
+  if (!visible && currentAppellant !== null) {
+    currentAppellant = null;
+    writeAppellantToURL(null);
+    syncRadioGroup("appellant", "");
+  }
+}
+
+function syncRadioGroup(name: string, value: string) {
+  document.querySelectorAll<HTMLInputElement>(`input[type=radio][name=${name}]`).forEach((input) => {
+    input.checked = input.value === value;
+  });
+}
+
 function applyVerfahrensablaufViewBodyClass(view: ProcedureView) {
   // Mirrors the events.ts pattern (body.events-view-*). The print
   // stylesheet keys `body.verfahrensablauf-view-timeline` to
@@ -321,6 +426,38 @@ function initViewToggle() {
   toggle.style.display = "none";
 }
 
+// initPerspectiveControls hydrates side+appellant from the URL,
+// reflects state into the radio inputs, and wires onchange handlers
+// that update state + URL + re-render. Re-render path skips the
+// /api/tools/fristenrechner round-trip — perspective is a pure
+// projection of the last response, no backend involved.
+function initPerspectiveControls() {
+  currentSide = readSideFromURL();
+  currentAppellant = readAppellantFromURL();
+  syncRadioGroup("side", currentSide ?? "");
+  syncRadioGroup("appellant", currentAppellant ?? "");
+
+  document.querySelectorAll<HTMLInputElement>("input[type=radio][name=side]").forEach((input) => {
+    input.addEventListener("change", () => {
+      if (!input.checked) return;
+      const v = input.value;
+      currentSide = (v === "claimant" || v === "defendant") ? v : null;
+      writeSideToURL(currentSide);
+      if (lastResponse) renderResults(lastResponse);
+    });
+  });
+
+  document.querySelectorAll<HTMLInputElement>("input[type=radio][name=appellant]").forEach((input) => {
+    input.addEventListener("change", () => {
+      if (!input.checked) return;
+      const v = input.value;
+      currentAppellant = (v === "claimant" || v === "defendant") ? v : null;
+      writeAppellantToURL(currentAppellant);
+      if (lastResponse) renderResults(lastResponse);
+    });
+  });
+}
+
 document.addEventListener("DOMContentLoaded", () => {
   initI18n();
   initSidebar();
@@ -390,6 +527,7 @@ document.addEventListener("DOMContentLoaded", () => {
   }
 
   initViewToggle();
+  initPerspectiveControls();
 
   onLangChange(() => {
     // Active-button name updates with language change (the data-i18n

frontend/src/client/views/verfahrensablauf-core.test.ts

@@ -1,6 +1,7 @@
 import { describe, expect, test } from "bun:test";
 import {
   type CalculatedDeadline,
+  bucketDeadlinesIntoColumns,
   deadlineCardHtml,
 } from "./verfahrensablauf-core";
 
@@ -65,3 +66,116 @@ describe("deadlineCardHtml — editable=true emits click-to-edit attrs", () => {
     expect(html).not.toContain("data-rule-code=");
   });
 });
+
+// Pure column-routing behaviour pinned by m/paliad#81. Hits
+// bucketDeadlinesIntoColumns directly so the assertions stay in
+// pure-Node territory (renderColumnsBody goes through escHtml ->
+// document.createElement which isn't available in plain bun test).
+//
+// Scenario fixture mirrors the UPC Appeal "both parties" case m
+// pasted into #81: every filing rule carries party='both' so the
+// legacy mirror path duplicates every row across proactive +
+// reactive. With ?appellant= set, the duplicate must collapse to a
+// single row in the appellant's column.
+describe("bucketDeadlinesIntoColumns — side+appellant column routing (m/paliad#81)", () => {
+  const both = (name: string, due: string): CalculatedDeadline => ({
+    code: name,
+    name,
+    nameEN: name,
+    party: "both",
+    priority: "mandatory",
+    ruleRef: "",
+    dueDate: due,
+    originalDate: due,
+    wasAdjusted: false,
+    isRootEvent: false,
+    isCourtSet: false,
+  });
+  const partySpecific = (party: string, name: string, due: string): CalculatedDeadline => ({
+    ...both(name, due),
+    party,
+  });
+
+  test("default (no opts) mirrors 'both' rules into proactive AND reactive — legacy behaviour preserved", () => {
+    const rows = bucketDeadlinesIntoColumns([both("Notice of Appeal", "2026-07-23")]);
+    expect(rows).toHaveLength(1);
+    expect(rows[0].proactive.map((d) => d.name)).toEqual(["Notice of Appeal"]);
+    expect(rows[0].reactive.map((d) => d.name)).toEqual(["Notice of Appeal"]);
+    expect(rows[0].court).toHaveLength(0);
+  });
+
+  test("appellant=claimant collapses 'both' rules into proactive only — no mirror", () => {
+    const rows = bucketDeadlinesIntoColumns(
+      [both("Notice of Appeal", "2026-07-23"), both("Statement of Grounds", "2026-09-23")],
+      { appellant: "claimant" },
+    );
+    expect(rows.map((r) => r.proactive.map((d) => d.name))).toEqual([
+      ["Notice of Appeal"],
+      ["Statement of Grounds"],
+    ]);
+    rows.forEach((r) => expect(r.reactive).toHaveLength(0));
+  });
+
+  test("appellant=defendant collapses 'both' rules into reactive only", () => {
+    const rows = bucketDeadlinesIntoColumns(
+      [both("Notice of Appeal", "2026-07-23")],
+      { appellant: "defendant" },
+    );
+    expect(rows[0].proactive).toHaveLength(0);
+    expect(rows[0].reactive.map((d) => d.name)).toEqual(["Notice of Appeal"]);
+  });
+
+  test("side=defendant swaps which column owns claimant vs defendant rules", () => {
+    // claimant filing must land in REACTIVE (claimant is the opposing
+    // side from the defendant user's perspective), defendant filing in
+    // PROACTIVE. Court rules always go to court.
+    const rows = bucketDeadlinesIntoColumns(
+      [
+        partySpecific("claimant", "Klageschrift", "2026-01-01"),
+        partySpecific("defendant", "Klageerwiderung", "2026-04-01"),
+        partySpecific("court", "Urteil", "2026-10-01"),
+      ],
+      { side: "defendant" },
+    );
+    expect(rows[0].reactive.map((d) => d.name)).toEqual(["Klageschrift"]);
+    expect(rows[1].proactive.map((d) => d.name)).toEqual(["Klageerwiderung"]);
+    expect(rows[2].court.map((d) => d.name)).toEqual(["Urteil"]);
+  });
+
+  test("side=defendant + appellant=defendant routes 'both' into PROACTIVE (user's own column)", () => {
+    // The user is the defendant AND the appellant, so the appellant's
+    // column == the user's own column == proactive after the swap.
+    const rows = bucketDeadlinesIntoColumns(
+      [both("Notice of Appeal", "2026-07-23")],
+      { side: "defendant", appellant: "defendant" },
+    );
+    expect(rows[0].proactive.map((d) => d.name)).toEqual(["Notice of Appeal"]);
+    expect(rows[0].reactive).toHaveLength(0);
+  });
+
+  test("rows align across columns by dueDate so same-day events stay on one grid row", () => {
+    const sameDate = "2026-07-23";
+    const rows = bucketDeadlinesIntoColumns([
+      partySpecific("claimant", "A", sameDate),
+      partySpecific("defendant", "B", sameDate),
+      partySpecific("court", "C", sameDate),
+    ]);
+    expect(rows).toHaveLength(1);
+    expect(rows[0].proactive.map((d) => d.name)).toEqual(["A"]);
+    expect(rows[0].reactive.map((d) => d.name)).toEqual(["B"]);
+    expect(rows[0].court.map((d) => d.name)).toEqual(["C"]);
+  });
+
+  test("unscheduled rows (no dueDate) trail dated rows, preserving declaration order", () => {
+    const rows = bucketDeadlinesIntoColumns([
+      partySpecific("court", "Oral Hearing", ""),
+      partySpecific("claimant", "Statement of Claim", "2026-01-01"),
+      partySpecific("court", "Decision", ""),
+    ]);
+    expect(rows.map((r) => [r.proactive, r.court, r.reactive].flat().map((d) => d.name))).toEqual([
+      ["Statement of Claim"],
+      ["Oral Hearing"],
+      ["Decision"],
+    ]);
+  });
+});

frontend/src/client/views/verfahrensablauf-core.ts

@@ -110,6 +110,16 @@ export interface DeadlineResponse {
   // explains the framing. (m/paliad#58)
   contextualNote?: string;
   contextualNoteEN?: string;
+  // triggerEventLabel / triggerEventLabelEN: optional caption for the
+  // "Auslösendes Ereignis" / "Triggering event" field on
+  // /tools/verfahrensablauf. Populated from paliad.proceeding_types
+  // when set (mig 121). The page prefers this over the proceedingName
+  // fallback that fires when no rule has isRootEvent=true. UPC Appeal
+  // uses this so the field reads "Anfechtbare Entscheidung" /
+  // "Appealable Decision" instead of "Berufungsverfahren" / "Appeal".
+  // (m/paliad#81)
+  triggerEventLabel?: string;
+  triggerEventLabelEN?: string;
 }
 
 export interface CourtRow {
@@ -412,42 +422,116 @@ export function renderTimelineBody(data: DeadlineResponse, opts: CardOpts = { sh
   return html;
 }
 
-// Three-column timeline layout: Proactive (claimant) | Court | Reactive
-// (defendant). Each grid row shares a dueDate so same-day events line up
-// across columns; party=both renders in BOTH the Proactive and Reactive
-// cells of the row. Undated rows (Urteil etc.) trail the dated tail, each
-// keyed by sequence-order so e.g. Urteil precedes Berufungseinlegung.
-export function renderColumnsBody(data: DeadlineResponse, opts: Omit<CardOpts, "showParty"> = {}): string {
-  type Cell = CalculatedDeadline[];
-  type Row = { proactive: Cell; court: Cell; reactive: Cell };
+// Three-column timeline layout: Proactive | Court | Reactive.
+//
+// Column assignment per deadline (see m/paliad#81):
+//
+//   - party=claimant  → proactive
+//   - party=defendant → reactive
+//   - party=court     → court
+//   - party=both      → BOTH proactive AND reactive (mirror).
+//
+// When `opts.appellant` is set (claimant|defendant), "both" rows
+// collapse to a single row in the appellant's column. The intent is
+// role-swap proceedings (UPC Appeal, Counterclaim, …) where the
+// "both" tag really means "either party files, depending on who
+// initiated" — once you pick the initiator, the duplicate goes away.
+// Hard rule from the issue: "When set, 'both parties' rows collapse
+// to one row in the appellant's column." This is a UI projection
+// only; the deadline_rules schema is unchanged. A follow-up issue
+// can enrich per-rule role tagging so respondent-side filings
+// (Response to Appeal, Cross-Appeal) land in the respondent's
+// column — out of scope for #81.
+//
+// `opts.side` controls the column LABELS: side=defendant swaps the
+// "Proactive (Klägerseite)" / "Reactive (Beklagtenseite)" headers
+// so the user's own side is the proactive (= "your filings") column.
+// It does NOT filter deadlines — the user still sees all deadlines
+// in the proceeding. Default `side=null` keeps the legacy
+// claimant-on-the-left layout. Unscheduled (court-set) rows trail
+// the dated tail, each keyed by sequence-order so e.g. Urteil
+// precedes Berufungseinlegung.
+export type Side = "claimant" | "defendant" | null;
+
+export interface ColumnsBodyOpts {
+  editable?: boolean;
+  showNotes?: boolean;
+  // side: which side the user is on. Drives column-label swap;
+  // does NOT filter rows. Default null = claimant-on-the-left.
+  side?: Side;
+  // appellant: which side initiated the appeal / counterclaim.
+  // When set, party=both rows go to the appellant's column ONLY
+  // (no mirror). Default null = mirror "both" into both cells
+  // (legacy behaviour). Independent of `side`.
+  appellant?: Side;
+}
+
+// ColumnsRow is the per-due-date bucket the renderer consumes. Public
+// so unit tests can hit the pure routing logic without going through
+// document.createElement (no jsdom in this repo).
+export interface ColumnsRow {
+  key: string;
+  proactive: CalculatedDeadline[];
+  court: CalculatedDeadline[];
+  reactive: CalculatedDeadline[];
+}
+
+export interface BucketingOpts {
+  side?: Side;
+  appellant?: Side;
+}
+
+// bucketDeadlinesIntoColumns is the pure routing primitive that
+// renderColumnsBody uses. Extracted as its own export so the per-row
+// column placement (including the side-swap + appellant-collapse
+// logic from m/paliad#81) is unit-testable without a DOM. The
+// returned rows are sorted: dated rows ascending by dueDate, then
+// unscheduled rows in declaration order (each keyed by sequence).
+export function bucketDeadlinesIntoColumns(
+  deadlines: CalculatedDeadline[],
+  opts: BucketingOpts = {},
+): ColumnsRow[] {
+  const userSide: Side = opts.side ?? null;
+  const claimantColumn: "proactive" | "reactive" = userSide === "defendant" ? "reactive" : "proactive";
+  const defendantColumn: "proactive" | "reactive" = claimantColumn === "proactive" ? "reactive" : "proactive";
+  const appellantColumn: "proactive" | "reactive" | null =
+    opts.appellant === "claimant" ? claimantColumn
+    : opts.appellant === "defendant" ? defendantColumn
+    : null;
 
   const UNSCHEDULED_PREFIX = "__unscheduled__";
-  const rowsMap = new Map<string, Row>();
-  const ensureRow = (key: string): Row => {
+  const rowsMap = new Map<string, ColumnsRow>();
+  const ensureRow = (key: string): ColumnsRow => {
     let r = rowsMap.get(key);
     if (!r) {
-      r = { proactive: [], court: [], reactive: [] };
+      r = { key, proactive: [], court: [], reactive: [] };
       rowsMap.set(key, r);
     }
     return r;
   };
 
-  data.deadlines.forEach((dl, idx) => {
+  deadlines.forEach((dl, idx) => {
     const key = dl.dueDate || `${UNSCHEDULED_PREFIX}${String(idx).padStart(4, "0")}`;
     const row = ensureRow(key);
     switch (dl.party) {
       case "claimant":
-        row.proactive.push(dl);
+        row[claimantColumn].push(dl);
         break;
       case "defendant":
-        row.reactive.push(dl);
+        row[defendantColumn].push(dl);
         break;
       case "court":
         row.court.push(dl);
         break;
       case "both":
-        row.proactive.push(dl);
-        row.reactive.push(dl);
+        if (appellantColumn !== null) {
+          // Role-swap collapse: appellant initiated → both → one row
+          // in appellant's column. Mirror suppressed.
+          row[appellantColumn].push(dl);
+        } else {
+          row.proactive.push(dl);
+          row.reactive.push(dl);
+        }
         break;
       default:
         row.court.push(dl);
@@ -462,17 +546,31 @@ export function renderColumnsBody(data: DeadlineResponse, opts: Omit<CardOpts, "
   }
   datedKeys.sort();
   unscheduledKeys.sort();
-  const keys = [...datedKeys, ...unscheduledKeys];
+  return [...datedKeys, ...unscheduledKeys].map((k) => rowsMap.get(k)!);
+}
+
+export function renderColumnsBody(data: DeadlineResponse, opts: ColumnsBodyOpts = {}): string {
+  const userSide: Side = opts.side ?? null;
+  const rows = bucketDeadlinesIntoColumns(data.deadlines, { side: userSide, appellant: opts.appellant });
+  const appellantColumn: "proactive" | "reactive" | null =
+    opts.appellant === "claimant" ? (userSide === "defendant" ? "reactive" : "proactive")
+    : opts.appellant === "defendant" ? (userSide === "defendant" ? "proactive" : "reactive")
+    : null;
 
   const cardOpts: CardOpts = { showParty: false, editable: opts.editable, showNotes: opts.showNotes };
 
+  // Collapsed "both" rows lose their mirror tag — there's no longer
+  // a sibling row to mirror to, so the "↔ beide Seiten" hint would
+  // be misleading. Keep it for the legacy mirror path.
+  const showMirrorTag = appellantColumn === null;
+
   const renderCell = (items: CalculatedDeadline[]): string => {
     if (items.length === 0) {
       return `<div class="fr-col-cell fr-col-cell--empty"></div>`;
     }
     const cards = items
       .map((dl) => {
-        const mirrorTag = dl.party === "both"
+        const mirrorTag = showMirrorTag && dl.party === "both"
           ? `<div class="fr-col-mirror">↔ ${escHtml(t("deadlines.party.both.label"))}</div>`
           : "";
         return `<div class="fr-col-item ${dl.isRootEvent ? "fr-col-root" : ""}">
@@ -487,13 +585,22 @@ export function renderColumnsBody(data: DeadlineResponse, opts: Omit<CardOpts, "
   const headerCell = (label: string, cls: string) =>
     `<div class="fr-col-header ${cls}">${escHtml(label)}</div>`;
 
-  let html = '<div class="fr-columns-view">';
-  html += headerCell(t("deadlines.col.proactive"), "fr-col-proactive");
-  html += headerCell(t("deadlines.col.court"), "fr-col-court");
-  html += headerCell(t("deadlines.col.reactive"), "fr-col-reactive");
+  // Column-label swap when side=defendant: the user's own side stays
+  // labelled "Proaktiv" (their filings) and the opposing side is
+  // "Reaktiv". Default keeps the legacy claimant=proactive labels.
+  const proactiveLabel = userSide === "defendant"
+    ? t("deadlines.col.proactive.defendant")
+    : t("deadlines.col.proactive");
+  const reactiveLabel = userSide === "defendant"
+    ? t("deadlines.col.reactive.claimant")
+    : t("deadlines.col.reactive");
 
-  for (const key of keys) {
-    const row = rowsMap.get(key)!;
+  let html = '<div class="fr-columns-view">';
+  html += headerCell(proactiveLabel, "fr-col-proactive");
+  html += headerCell(t("deadlines.col.court"), "fr-col-court");
+  html += headerCell(reactiveLabel, "fr-col-reactive");
+
+  for (const row of rows) {
     html += renderCell(row.proactive);
     html += renderCell(row.court);
     html += renderCell(row.reactive);

frontend/src/deadlines-detail.tsx

@@ -41,6 +41,19 @@ export function renderDeadlinesDetail(): string {
                     <div className="entity-detail-title-col">
                       <h1 id="deadline-title-display" />
                       <input type="text" id="deadline-title-edit" className="entity-title-input" style="display:none" />
+                      {/* t-paliad-251 Part 4 — Standardtitel button only
+                          visible in edit mode; clicking replaces the
+                          title with a default derived from the project
+                          and the deadline's event types / rule. */}
+                      <button
+                        type="button"
+                        id="deadline-title-default-btn"
+                        className="btn-link-action"
+                        style="display:none"
+                        data-i18n="deadlines.field.title.default_btn"
+                      >
+                        Standardtitel
+                      </button>
                       <div className="entity-detail-meta">
                         <span id="deadline-due-chip" className="frist-due-chip" />
                         <span id="deadline-status-chip" className="entity-status-chip" />

frontend/src/deadlines-new.tsx

@@ -45,7 +45,22 @@ export function renderDeadlinesNew(): string {
                 </div>
 
                 <div className="form-field">
-                  <label htmlFor="deadline-title" data-i18n="deadlines.field.title">Titel</label>
+                  <div className="form-field-label-row">
+                    <label htmlFor="deadline-title" data-i18n="deadlines.field.title">Titel</label>
+                    {/* t-paliad-251 Part 4 — derive a Standardtitel from the
+                        currently-known context (event type → rule → proceeding
+                        type → fallback) with the project reference as suffix.
+                        Always replaces the title; no destructive confirmation
+                        because the user invoked it explicitly. */}
+                    <button
+                      type="button"
+                      id="deadline-title-default-btn"
+                      className="btn-link-action"
+                      data-i18n="deadlines.field.title.default_btn"
+                    >
+                      Standardtitel
+                    </button>
+                  </div>
                   <input
                     type="text"
                     id="deadline-title"
@@ -105,10 +120,44 @@ export function renderDeadlinesNew(): string {
                     picker so the parent/child relationship reads at a
                     glance. Due date is its own row below. */}
                 <div className="form-field">
-                  <label htmlFor="deadline-rule" data-i18n="deadlines.field.rule">Regel (optional)</label>
+                  <div className="form-field-label-row">
+                    <label htmlFor="deadline-rule" data-i18n="deadlines.field.rule">Regel (optional)</label>
+                    {/* t-paliad-251 Part 2 — sort options for the Rule
+                        select. Defaults to "by_court" so users in the
+                        UPC bucket find UPC rules quickly. */}
+                    <select id="deadline-rule-sort" className="rule-sort-select" aria-label="Sortierung">
+                      <option value="by_proceeding" data-i18n="deadlines.field.rule.sort.by_proceeding">Nach Verfahrensablauf</option>
+                      <option value="by_court" data-i18n="deadlines.field.rule.sort.by_court" selected>Nach Gerichtsart</option>
+                      <option value="alpha" data-i18n="deadlines.field.rule.sort.alpha">Alphabetisch</option>
+                    </select>
+                  </div>
                   <select id="deadline-rule">
                     <option value="" data-i18n="deadlines.field.rule.none">Keine Regel</option>
                   </select>
+                  {/* t-paliad-251 Part 3 — explicit Auto badge surfaces
+                      whenever the Rule was auto-derived from the Typ.
+                      Hidden when the user has manually picked a rule. */}
+                  <p
+                    className="form-hint form-hint--auto"
+                    id="deadline-rule-auto-hint"
+                    style="display:none"
+                  >
+                    <span
+                      className="form-hint-badge"
+                      data-i18n="deadlines.field.rule.auto_badge"
+                    >Auto</span>
+                    <span id="deadline-rule-auto-hint-text" />
+                  </p>
+                  {/* t-paliad-251 Part 3 — clearer override warning that
+                      names BOTH the type-derived rule and the actually-
+                      applied rule. Replaces the older Regel→Typ-only
+                      mismatch warning when the contradiction goes the
+                      other direction. */}
+                  <p
+                    className="form-hint form-hint--warning"
+                    id="deadline-rule-override-warn"
+                    style="display:none"
+                  />
                 </div>
 
                 <div className="form-field">

frontend/src/i18n-keys.ts

@@ -682,9 +682,20 @@ export type I18nKey =
   | "approvals.tab.mine"
   | "approvals.tab.pending_mine"
   | "approvals.title"
+  | "approvals.withdraw.cancel"
   | "approvals.withdraw.confirm"
   | "approvals.withdraw.cta"
+  | "approvals.withdraw.destructive.label"
   | "approvals.withdraw.error"
+  | "approvals.withdraw.lead.create.appointment"
+  | "approvals.withdraw.lead.create.deadline"
+  | "approvals.withdraw.lead.delete"
+  | "approvals.withdraw.lead.update"
+  | "approvals.withdraw.modal.title"
+  | "approvals.withdraw.primary.label"
+  | "approvals.withdraw.sub.create"
+  | "approvals.withdraw.sub.delete"
+  | "approvals.withdraw.sub.update"
   | "bottomnav.add"
   | "bottomnav.add.appointment"
   | "bottomnav.add.appointment.sub"
@@ -1112,6 +1123,10 @@ export type I18nKey =
   | "deadlines.adjusted.weekend"
   | "deadlines.adjusted.weekend.saturday"
   | "deadlines.adjusted.weekend.sunday"
+  | "deadlines.appellant.claimant"
+  | "deadlines.appellant.defendant"
+  | "deadlines.appellant.label"
+  | "deadlines.appellant.none"
   | "deadlines.calculate"
   | "deadlines.card.calc.add_to_project"
   | "deadlines.card.calc.add_to_project.disabled"
@@ -1139,7 +1154,9 @@ export type I18nKey =
   | "deadlines.col.due"
   | "deadlines.col.event_type"
   | "deadlines.col.proactive"
+  | "deadlines.col.proactive.defendant"
   | "deadlines.col.reactive"
+  | "deadlines.col.reactive.claimant"
   | "deadlines.col.rule"
   | "deadlines.col.status"
   | "deadlines.col.title"
@@ -1227,12 +1244,20 @@ export type I18nKey =
   | "deadlines.field.notes"
   | "deadlines.field.notes.placeholder"
   | "deadlines.field.rule"
+  | "deadlines.field.rule.auto_badge"
   | "deadlines.field.rule.autofill"
   | "deadlines.field.rule.autofill_inline"
   | "deadlines.field.rule.mismatch"
   | "deadlines.field.rule.none"
   | "deadlines.field.rule.override"
+  | "deadlines.field.rule.override_warn"
+  | "deadlines.field.rule.sort.alpha"
+  | "deadlines.field.rule.sort.by_court"
+  | "deadlines.field.rule.sort.by_proceeding"
+  | "deadlines.field.rule.sort.other_proceeding"
   | "deadlines.field.title"
+  | "deadlines.field.title.default_btn"
+  | "deadlines.field.title.default_fallback"
   | "deadlines.field.title.placeholder"
   | "deadlines.filter.akte"
   | "deadlines.filter.akte.all"
@@ -1366,6 +1391,10 @@ export type I18nKey =
   | "deadlines.search.placeholder"
   | "deadlines.search.results.count"
   | "deadlines.search.results.count_one"
+  | "deadlines.side.both"
+  | "deadlines.side.claimant"
+  | "deadlines.side.defendant"
+  | "deadlines.side.label"
   | "deadlines.source.caldav"
   | "deadlines.source.fristenrechner"
   | "deadlines.source.imported"
@@ -1574,6 +1603,8 @@ export type I18nKey =
   | "event_types.browse.apply"
   | "event_types.browse.cancel"
   | "event_types.browse.empty"
+  | "event_types.browse.jurisdiction.all"
+  | "event_types.browse.jurisdiction.filter_label"
   | "event_types.browse.jurisdiction.none"
   | "event_types.browse.search"
   | "event_types.browse.selected_count"
@@ -2188,6 +2219,11 @@ export type I18nKey =
   | "projects.detail.parteien.role.defendant"
   | "projects.detail.parteien.role.thirdparty"
   | "projects.detail.save"
+  | "projects.detail.settings.archive.cta"
+  | "projects.detail.settings.archive.description"
+  | "projects.detail.settings.archive.heading"
+  | "projects.detail.settings.export.description"
+  | "projects.detail.settings.export.heading"
   | "projects.detail.smarttimeline.add.cancel"
   | "projects.detail.smarttimeline.add.choice.amend"
   | "projects.detail.smarttimeline.add.choice.appointment"
@@ -2277,6 +2313,7 @@ export type I18nKey =
   | "projects.detail.tab.kinder"
   | "projects.detail.tab.notizen"
   | "projects.detail.tab.parteien"
+  | "projects.detail.tab.settings"
   | "projects.detail.tab.submissions"
   | "projects.detail.tab.team"
   | "projects.detail.tab.termine"

frontend/src/projects-detail.tsx

@@ -89,20 +89,9 @@ export function renderProjectsDetail(): string {
                   <a className="entity-tab" data-tab="notes" href="#" data-i18n="projects.detail.tab.notizen">Notizen</a>
                   <a className="entity-tab" data-tab="checklists" href="#" data-i18n="projects.detail.tab.checklisten">Checklisten</a>
                   <a className="entity-tab" data-tab="submissions" href="#" data-i18n="projects.detail.tab.submissions">Schriftsätze</a>
-                  {/* t-paliad-214 Slice 2 — project-subtree export button.
-                      Sits at the end of the tab nav. Hidden by default; the
-                      client unhides it after /api/me confirms the caller can
-                      extract (responsibility ∈ {lead, member} OR global_admin). */}
-                  <button
-                    type="button"
-                    id="project-export-btn"
-                    className="entity-tab entity-tab-action"
-                    style="display:none"
-                    title=""
-                    data-i18n-title="projects.detail.export.tooltip"
-                    data-i18n="projects.detail.export.button">
-                    Daten exportieren
-                  </button>
+                  {/* Verwaltung — rare admin actions (export, archive). Sits
+                      last in the tab list per t-paliad-245. */}
+                  <a className="entity-tab" data-tab="settings" href="#" data-i18n="projects.detail.tab.settings">Verwaltung</a>
                 </nav>
 
                 {/* History (Verlauf) — t-paliad-171 SmartTimeline Slice 1.
@@ -666,6 +655,39 @@ export function renderProjectsDetail(): string {
                     Schriftsätze werden direkt aus dem Projekt heraus als .docx generiert. Anpassen, drucken, einreichen.
                   </p>
                 </section>
+
+                {/* Verwaltung — rare admin actions (export, archive). Each
+                    sub-section hides itself if the caller is not entitled
+                    (export: §4 gate; archive: global_admin). */}
+                <section className="entity-tab-panel" id="tab-settings" style="display:none">
+                  <div className="settings-section" id="project-settings-export" style="display:none">
+                    <h3 className="entity-section-heading" data-i18n="projects.detail.settings.export.heading">Daten exportieren</h3>
+                    <p className="tool-subtitle" data-i18n="projects.detail.settings.export.description">
+                      Lade alle Daten dieses Projekts (inkl. Unter-Projekten) als Excel + JSON + CSV-Archiv herunter.
+                    </p>
+                    <button
+                      type="button"
+                      id="project-export-btn"
+                      className="btn-secondary"
+                      data-i18n="projects.detail.export.button">
+                      Daten exportieren
+                    </button>
+                  </div>
+
+                  <div className="settings-section" id="project-settings-archive" style="display:none">
+                    <h3 className="entity-section-heading" data-i18n="projects.detail.settings.archive.heading">Projekt archivieren</h3>
+                    <p className="tool-subtitle" data-i18n="projects.detail.settings.archive.description">
+                      Archivieren erfolgt aus dem Bearbeiten-Dialog (Gefahrenbereich).
+                    </p>
+                    <button
+                      type="button"
+                      id="project-settings-archive-link"
+                      className="btn-secondary"
+                      data-i18n="projects.detail.settings.archive.cta">
+                      Bearbeiten öffnen
+                    </button>
+                  </div>
+                </section>
               </div>
 
               {/* Full edit modal — same form as /projects/new, pre-filled. */}

frontend/src/styles/global.css

@@ -3548,6 +3548,30 @@ input[type="range"]::-moz-range-thumb {
     cursor: pointer;
 }
 
+/* Verfahrensablauf — perspective strip (side + appellant selectors,
+   t-paliad-250 / m/paliad#81). Two rows so the labels stack cleanly on
+   narrow viewports; each row reuses .fristen-view-toggle for the
+   chip-radio cluster so the visual language matches the view-toggle
+   above it. The appellant row hides for proceedings without an
+   appellant axis (Inf / Rev first-instance). */
+.verfahrensablauf-perspective {
+    display: flex;
+    flex-direction: column;
+    gap: 0.5rem;
+    margin-top: 0.75rem;
+}
+
+.verfahrensablauf-perspective-row {
+    display: flex;
+    align-items: center;
+    gap: 0.75rem;
+    flex-wrap: wrap;
+}
+
+.verfahrensablauf-perspective-row .fristen-view-toggle {
+    margin-bottom: 0;
+}
+
 /* Compact note hint — sits in the timeline-meta line when the notes
    toggle is off. Native browser tooltip via title= attribute carries
    the full text on hover; tabindex=0 + aria-label make it
@@ -7291,6 +7315,20 @@ dialog.modal::backdrop {
     padding: 0.5rem 0 2rem;
 }
 
+/* Verwaltung tab — rare admin actions (export, archive) live here as
+   stacked sections. No accent, no oversized buttons (t-paliad-245). */
+.settings-section {
+    margin-bottom: 2rem;
+}
+
+.settings-section:last-child {
+    margin-bottom: 0;
+}
+
+.settings-section .tool-subtitle {
+    margin-bottom: 0.75rem;
+}
+
 .entity-events {
     list-style: none;
     padding: 0;
@@ -7506,6 +7544,78 @@ dialog.modal::backdrop {
     border-left: 2px solid #b88800;
 }
 
+/* t-paliad-251 — Auto-derived hint variant. Lime-tint, sibling of the
+   yellow warning variant. Carries a small pill-badge in front (the
+   "Auto" label) followed by the derived rule name. */
+.form-hint--auto {
+    display: inline-flex;
+    align-items: center;
+    gap: 0.4rem;
+    background: var(--color-bg-lime-tint);
+    color: var(--color-text);
+    padding: 0.3rem 0.5rem;
+    border-radius: var(--radius-sm, 4px);
+    border-left: 2px solid var(--color-accent);
+}
+.form-hint-badge {
+    display: inline-block;
+    padding: 0.05rem 0.45rem;
+    border-radius: 999px;
+    background: var(--color-accent);
+    color: var(--color-text);
+    font-size: 0.7rem;
+    font-weight: 700;
+    letter-spacing: 0.04em;
+    text-transform: uppercase;
+}
+
+/* t-paliad-251 — label row that hosts both the form label and an
+   inline action (Standardtitel button, Rule-sort dropdown). The label
+   keeps growing to push the action to the right edge. */
+.form-field-label-row {
+    display: flex;
+    align-items: center;
+    justify-content: space-between;
+    gap: 0.5rem;
+    margin-bottom: 0.25rem;
+}
+.form-field-label-row > label {
+    margin: 0;
+}
+
+/* Inline action button rendered next to a form label (Standardtitel).
+   Text-link styling so it doesn't compete with the primary CTA. */
+.btn-link-action {
+    background: transparent;
+    border: none;
+    color: var(--color-link, var(--color-text));
+    padding: 0;
+    font-family: var(--font-sans);
+    font-size: 0.82rem;
+    cursor: pointer;
+    text-decoration: underline;
+    text-underline-offset: 2px;
+}
+.btn-link-action:hover {
+    color: var(--color-accent);
+}
+
+/* Small dropdown rendered alongside the Rule label to switch the
+   ordering. Tone-down sizing so it doesn't look like a co-equal
+   form field. Specificity-bumped to win over `.form-field select`'s
+   width: 100% baseline. */
+.form-field select.rule-sort-select,
+select.rule-sort-select {
+    width: auto;
+    padding: 0.2rem 0.4rem;
+    font-size: 0.82rem;
+    background: var(--color-surface);
+    border: 1px solid var(--color-border);
+    border-radius: var(--radius-sm, 4px);
+    color: var(--color-text);
+    font-family: var(--font-sans);
+}
+
 /* Inline checkbox label inside the attach-unit form. */
 .form-checkbox {
     display: inline-flex;
@@ -7613,6 +7723,42 @@ dialog.modal::backdrop {
     background: #b91c1c;
 }
 
+/* t-paliad-252 — withdraw warning modal body. The destructive button sits
+   inside the body (above the footer's Cancel + Edit primary) so the safe
+   "Edit event" path stays visually primary. The intro paragraph leads,
+   the muted sub-line explains consequences, then the red row makes the
+   destructive option discoverable without competing with the CTA. */
+.withdraw-warning-body {
+    display: flex;
+    flex-direction: column;
+    gap: 0.75rem;
+}
+.withdraw-warning-intro {
+    margin: 0;
+    color: var(--color-text);
+    font-size: 0.92rem;
+    line-height: 1.45;
+}
+.withdraw-warning-sub {
+    margin: 0;
+    color: var(--color-text-muted);
+    font-size: 0.85rem;
+    line-height: 1.45;
+}
+.withdraw-warning-destructive-row {
+    display: flex;
+    justify-content: flex-end;
+    margin-top: 0.5rem;
+    padding-top: 0.75rem;
+    border-top: 1px dashed var(--color-border);
+}
+.withdraw-warning-destructive-btn {
+    /* Inherits .btn .btn-danger, but bump the font size down a touch so
+       the body button doesn't crowd the footer's primary CTA. */
+    font-size: 0.82rem;
+    padding: 0.4rem 1rem;
+}
+
 .entity-soon {
     text-align: center;
     padding: 3rem 1.5rem;
@@ -12503,6 +12649,37 @@ dialog.quick-add-sheet::backdrop {
     transition: border-color 0.15s ease;
 }
 .event-type-browse-search:focus { border-color: var(--color-accent); }
+/* t-paliad-251 — jurisdiction filter chips inside the browse modal
+   header. Sits below the search input, between the search and the
+   results list. Active chip uses the lime-tint chip palette already
+   established by .event-type-collapsed* (t-paliad-165). */
+.event-type-browse-chips {
+    display: flex;
+    flex-wrap: wrap;
+    gap: 0.35rem;
+}
+.event-type-browse-chip {
+    padding: 0.2rem 0.7rem;
+    border: 1px solid var(--color-border);
+    border-radius: 999px;
+    background: var(--color-surface);
+    color: var(--color-text-muted);
+    font-family: var(--font-sans);
+    font-size: 0.78rem;
+    font-weight: 500;
+    cursor: pointer;
+    transition: background 0.12s ease, color 0.12s ease, border-color 0.12s ease;
+}
+.event-type-browse-chip:hover {
+    background: var(--color-bg-subtle);
+    color: var(--color-text);
+}
+.event-type-browse-chip--active {
+    background: var(--color-bg-lime-tint);
+    border-color: var(--color-accent);
+    color: var(--color-text);
+    font-weight: 600;
+}
 .event-type-browse-list {
     flex: 1 1 auto;
     overflow-y: auto;

frontend/src/verfahrensablauf.tsx

@@ -210,6 +210,53 @@ export function renderVerfahrensablauf(): string {
                       Fristen berechnen
                     </button>
                   </div>
+
+                  {/* Perspective strip (t-paliad-250 / m/paliad#81). Side
+                       swaps the column LABELS so the user's own side is
+                       proactive (= "your filings"). Appellant collapses
+                       party=both rows to a single column when set — only
+                       relevant for role-swap proceedings (Appeal etc.);
+                       the row hides itself when the picked proceeding has
+                       no appellant axis (see hasAppellantAxis() in the
+                       client). Both selectors are URL-driven (?side= +
+                       ?appellant=) so the perspective survives reload
+                       and is shareable. */}
+                  <div className="verfahrensablauf-perspective" id="verfahrensablauf-perspective">
+                    <div className="verfahrensablauf-perspective-row" id="side-row">
+                      <span className="date-label" data-i18n="deadlines.side.label">Seite:</span>
+                      <div className="fristen-view-toggle" role="radiogroup" aria-label="Side">
+                        <label className="fristen-view-option">
+                          <input type="radio" name="side" value="claimant" />
+                          <span data-i18n="deadlines.side.claimant">Klägerseite</span>
+                        </label>
+                        <label className="fristen-view-option">
+                          <input type="radio" name="side" value="defendant" />
+                          <span data-i18n="deadlines.side.defendant">Beklagtenseite</span>
+                        </label>
+                        <label className="fristen-view-option">
+                          <input type="radio" name="side" value="" checked />
+                          <span data-i18n="deadlines.side.both">Beide</span>
+                        </label>
+                      </div>
+                    </div>
+                    <div className="verfahrensablauf-perspective-row" id="appellant-row" style="display:none">
+                      <span className="date-label" data-i18n="deadlines.appellant.label">Berufung durch:</span>
+                      <div className="fristen-view-toggle" role="radiogroup" aria-label="Appellant">
+                        <label className="fristen-view-option">
+                          <input type="radio" name="appellant" value="claimant" />
+                          <span data-i18n="deadlines.appellant.claimant">Klägerseite</span>
+                        </label>
+                        <label className="fristen-view-option">
+                          <input type="radio" name="appellant" value="defendant" />
+                          <span data-i18n="deadlines.appellant.defendant">Beklagtenseite</span>
+                        </label>
+                        <label className="fristen-view-option">
+                          <input type="radio" name="appellant" value="" checked />
+                          <span data-i18n="deadlines.appellant.none">—</span>
+                        </label>
+                      </div>
+                    </div>
+                  </div>
                 </div>
 
                 <div className="wizard-step" id="step-3" style="display:none">

internal/db/migrations/121_proceeding_trigger_event_label.down.sql

@@ -0,0 +1,7 @@
+-- Drop the optional trigger-event label columns added in
+-- 121_proceeding_trigger_event_label.up.sql. Any populated rows lose
+-- their override; the frontend falls back to proceedingName.
+
+ALTER TABLE paliad.proceeding_types
+    DROP COLUMN IF EXISTS trigger_event_label_en,
+    DROP COLUMN IF EXISTS trigger_event_label_de;

internal/db/migrations/121_proceeding_trigger_event_label.up.sql

@@ -0,0 +1,27 @@
+-- t-paliad-250 / m/paliad#81 — Concern B: UPC Appeal trigger-event label.
+--
+-- The /tools/verfahrensablauf "Auslösendes Ereignis" caption falls back
+-- to `paliad.proceeding_types.name` whenever the calculator finds no
+-- root rule (duration_value=0 + parent_id=NULL + !is_court_set). For
+-- UPC Appeal (upc.apl.merits) all rules carry a non-zero duration off
+-- the trigger date, so the caption reads "Berufungsverfahren" /
+-- "Appeal" — the proceeding itself — instead of the appealable
+-- decision that actually starts the clock.
+--
+-- Fix: add an optional `trigger_event_label_de` / `trigger_event_label_en`
+-- pair on proceeding_types. When set, the calculator surfaces it on the
+-- response (TriggerEventLabel{,EN}) and the frontend prefers it over
+-- proceedingName. No deadline-rule additions, no slug changes; existing
+-- proceeding_type.code stays stable (hard rule from the issue).
+
+ALTER TABLE paliad.proceeding_types
+    ADD COLUMN IF NOT EXISTS trigger_event_label_de text,
+    ADD COLUMN IF NOT EXISTS trigger_event_label_en text;
+
+-- UPC Appeal: the trigger date is the date of the appealable first-instance
+-- decision (per UPC RoP R.224(1)(a) the 2-month appeal clock runs from
+-- service of the decision per R.220.1(a)/(b)).
+UPDATE paliad.proceeding_types
+   SET trigger_event_label_de = 'Anfechtbare Entscheidung',
+       trigger_event_label_en = 'Appealable Decision'
+ WHERE code = 'upc.apl.merits';

internal/handlers/approvals.go

@@ -326,6 +326,56 @@ func handleRevokeApprovalRequest(w http.ResponseWriter, r *http.Request) {
 	handleApprovalDecision(w, r, "revoke")
 }
 
+// POST /api/approval-requests/{id}/edit-entity — t-paliad-252 / m/paliad#83.
+//
+// Lets the requester revise the in-flight entity (e.g. tweak the title on a
+// pending create) without withdrawing the request. The non-destructive
+// sibling of /revoke that m asked for after noticing that withdraw silently
+// deletes the underlying event.
+//
+// Body: {"fields": {<entity-shape>}}
+// 200: {"status": "ok"}
+//
+// Status mapping (mapApprovalError):
+//
+//	400 suggestion_requires_change — payload has no allowlisted fields
+//	403 not_authorized             — caller isn't the requested_by
+//	404                            — request not found / not visible
+//	409 request_not_pending        — request already decided / revoked
+type editPendingEntityBody struct {
+	Fields map[string]any `json:"fields"`
+}
+
+func handleEditPendingEntity(w http.ResponseWriter, r *http.Request) {
+	if !requireDB(w) {
+		return
+	}
+	uid, ok := requireUser(w, r)
+	if !ok {
+		return
+	}
+	requestID, err := uuid.Parse(r.PathValue("id"))
+	if err != nil {
+		writeJSON(w, http.StatusBadRequest, map[string]string{"error": "invalid request id"})
+		return
+	}
+	var body editPendingEntityBody
+	if r.Body != nil && r.ContentLength > 0 {
+		if err := json.NewDecoder(r.Body).Decode(&body); err != nil {
+			writeJSON(w, http.StatusBadRequest, map[string]string{
+				"code":    "invalid_body",
+				"message": "Ungültiger Body.",
+			})
+			return
+		}
+	}
+	if err := dbSvc.approval.EditPendingEntity(r.Context(), requestID, uid, body.Fields); err != nil {
+		writeApprovalError(w, err)
+		return
+	}
+	writeJSON(w, http.StatusOK, map[string]string{"status": "ok"})
+}
+
 // suggestChangesBody is the JSON body for POST /api/approval-requests/{id}/suggest-changes.
 // counter_payload is an entity-shaped jsonb of the approver's edited
 // values (allowlist enforced server-side); note is the optional free-text

internal/handlers/handlers.go

@@ -658,6 +658,9 @@ func Register(mux *http.ServeMux, client *auth.Client, giteaAPIToken string, svc
 		protected.HandleFunc("POST /api/approval-requests/{id}/approve", handleApproveApprovalRequest)
 		protected.HandleFunc("POST /api/approval-requests/{id}/reject", handleRejectApprovalRequest)
 		protected.HandleFunc("POST /api/approval-requests/{id}/revoke", handleRevokeApprovalRequest)
+		// t-paliad-252 — non-destructive sibling of /revoke: lets the
+		// requester revise the in-flight entity without withdrawing.
+		protected.HandleFunc("POST /api/approval-requests/{id}/edit-entity", handleEditPendingEntity)
 		protected.HandleFunc("POST /api/approval-requests/{id}/suggest-changes", handleSuggestChangesApprovalRequest)
 
 		// t-paliad-154 — form-time effective policy lookup. Reachable by

internal/handlers/submissions.go

@@ -2,7 +2,8 @@ package handlers
 
 // Submission generator HTTP layer (t-paliad-230 — format-only scope
 // reduction of t-paliad-215; t-paliad-242 broadened the list endpoint
-// to the full cross-proceeding catalog).
+// to the full cross-proceeding catalog; t-paliad-253 promoted /generate
+// from format-only to the same merge engine the draft editor uses).
 //
 // Endpoints:
 //
@@ -15,17 +16,17 @@ package handlers
 //	       editor falls back to the universal HL Patents Style.
 //
 //	POST /api/projects/{id}/submissions/{code}/generate
-//	       Fetches the cached HL Patents Style .dotm (same proxy used
-//	       by /files/hl-patents-style.dotm), converts it to a clean
-//	       .docx via services.ConvertDotmToDocx, writes one
-//	       paliad.system_audit_log row, and streams the result as an
-//	       attachment download.
-//
-// No variable substitution, no per-submission templates, no
-// project_events/documents writes. Those layers are deferred to a
-// future "merge engine" slice; today's generator hands the lawyer a
-// clean .docx of the firm style and lets them edit and save under
-// their own filename.
+//	       Resolves the template through the cronus fallback chain
+//	       (per-firm `submissionTemplateRegistry[code]` first, HL
+//	       Patents Style as the universal fallback), builds a fresh
+//	       variable bag via SubmissionVarsService.Build, and runs the
+//	       SubmissionRenderer merge so every {{placeholder}} resolves
+//	       to project state (or `[KEIN WERT: key]` for empties). Writes
+//	       one paliad.system_audit_log row and streams the .docx as an
+//	       attachment download. The HL Patents Style fallback has no
+//	       placeholders today, so for codes without a per-firm template
+//	       the renderer is a no-op on substitution but still runs the
+//	       .dotm→.docx pre-pass.
 //
 // Visibility: every endpoint runs through ProjectService.GetByID
 // (paliad.can_see_project gate). Unauthorised callers get 404 — same
@@ -265,10 +266,16 @@ func hasPerSubmissionTemplate(submissionCode string) bool {
 	return ok
 }
 
-// handleGenerateProjectSubmission fetches the universal HL Patents
-// Style .dotm, converts it to a clean .docx, writes one audit row, and
-// streams the result. No variable substitution; the bytes that go down
-// the wire are the firm style template with macros stripped.
+// handleGenerateProjectSubmission resolves the per-submission template
+// (per-firm first, HL Patents Style fallback), builds a fresh variable
+// bag from project state via SubmissionVarsService, runs the merge
+// engine so every {{placeholder}} substitutes, writes one audit row,
+// and streams the result. Pre-t-paliad-253 this handler ignored the
+// per-firm registry and returned the bare HL Patents Style .dotm with
+// no substitution — the "Generieren" button on the Schriftsätze tab
+// therefore produced a generic firm-style .docx instead of a
+// project-merged Klageerwiderung, which is what m noticed in
+// m/paliad#84.
 func handleGenerateProjectSubmission(w http.ResponseWriter, r *http.Request) {
 	if !requireDB(w) {
 		return
@@ -277,6 +284,12 @@ func handleGenerateProjectSubmission(w http.ResponseWriter, r *http.Request) {
 	if !ok {
 		return
 	}
+	if dbSvc.submissionDraft == nil {
+		writeJSON(w, http.StatusServiceUnavailable, map[string]string{
+			"error": "submissions not configured",
+		})
+		return
+	}
 	projectID, err := uuid.Parse(r.PathValue("id"))
 	if err != nil {
 		writeJSON(w, http.StatusBadRequest, map[string]string{"error": "invalid project id"})
@@ -291,60 +304,37 @@ func handleGenerateProjectSubmission(w http.ResponseWriter, r *http.Request) {
 	ctx, cancel := context.WithTimeout(r.Context(), submissionRenderTimeout)
 	defer cancel()
 
-	project, err := dbSvc.projects.GetByID(ctx, uid, projectID)
+	tplBytes, _, err := resolveSubmissionTemplate(ctx, submissionCode)
 	if err != nil {
-		writeServiceError(w, err)
+		log.Printf("submissions: template fetch (project=%s code=%s): %v", projectID, submissionCode, err)
+		writeJSON(w, http.StatusBadGateway, map[string]string{"error": "template upstream unreachable"})
 		return
 	}
 
-	rule, err := loadPublishedRuleByCode(ctx, submissionCode)
+	docx, resolved, err := dbSvc.submissionDraft.RenderProjectSubmission(ctx, uid, projectID, submissionCode, tplBytes)
 	if err != nil {
-		if errors.Is(err, errRuleNotFound) {
+		if errors.Is(err, services.ErrSubmissionRuleNotFound) {
 			writeJSON(w, http.StatusNotFound, map[string]string{
 				"error": fmt.Sprintf("no published rule for submission_code %q", submissionCode),
 			})
 			return
 		}
-		log.Printf("submissions: load rule %q: %v", submissionCode, err)
-		writeJSON(w, http.StatusInternalServerError, map[string]string{"error": "rule lookup failed"})
+		// ErrNotVisible / project ErrNotFound from the visibility gate
+		// surface through writeServiceError as 404, matching the rest
+		// of the project surfaces.
+		log.Printf("submissions: render (project=%s code=%s): %v", projectID, submissionCode, err)
+		writeServiceError(w, err)
 		return
 	}
 
-	dotm, err := fetchHLPatentsStyleBytes(ctx)
-	if err != nil {
-		log.Printf("submissions: fetch HL Patents Style .dotm: %v", err)
-		writeJSON(w, http.StatusBadGateway, map[string]string{
-			"error": "template upstream unreachable",
-		})
-		return
-	}
-
-	docx, err := services.ConvertDotmToDocx(dotm)
-	if err != nil {
-		log.Printf("submissions: convert dotm for project %s code %s: %v", projectID, submissionCode, err)
-		writeJSON(w, http.StatusInternalServerError, map[string]string{
-			"error": "convert failed",
-		})
-		return
-	}
-
-	user, err := dbSvc.users.GetByID(ctx, uid)
-	if err != nil {
-		log.Printf("submissions: load user %s: %v", uid, err)
-	}
-	lang := "de"
-	if user != nil && user.Lang != "" {
-		lang = user.Lang
-	}
-
-	filename := submissionFileName(rule, project, lang)
+	filename := submissionFileName(resolved.Rule, resolved.Project, resolved.Lang)
 
 	// Audit write is best-effort with a background context so the
 	// download still succeeds if the DB races. Audit failure here only
 	// affects the system_audit_log feed — never the user's response.
 	bgCtx, cancelBG := context.WithTimeout(context.Background(), 10*time.Second)
 	defer cancelBG()
-	if err := writeSubmissionAuditRow(bgCtx, user, project.ID, submissionCode, rule.Name, filename); err != nil {
+	if err := writeSubmissionAuditRow(bgCtx, resolved.User, projectID, submissionCode, resolved.Rule.Name, filename); err != nil {
 		log.Printf("submissions: audit insert failed (project=%s code=%s): %v", projectID, submissionCode, err)
 	}
 
@@ -356,41 +346,6 @@ func handleGenerateProjectSubmission(w http.ResponseWriter, r *http.Request) {
 	}
 }
 
-// errRuleNotFound is the sentinel for "no published rule with that
-// submission_code" — distinguished from a generic DB error so the
-// handler returns 404 instead of 500.
-var errRuleNotFound = errors.New("submission rule not found")
-
-// loadPublishedRuleByCode fetches the rule the user requested. Only
-// published+active rows resolve; drafts and archived rules never feed
-// a real submission.
-func loadPublishedRuleByCode(ctx context.Context, submissionCode string) (*models.DeadlineRule, error) {
-	if submissionCode == "" {
-		return nil, errRuleNotFound
-	}
-	var rule models.DeadlineRule
-	err := dbSvc.projects.DB().GetContext(ctx, &rule,
-		`SELECT id, proceeding_type_id, parent_id, submission_code, name, name_en,
-		        description, primary_party, event_type, duration_value, duration_unit,
-		        timing, rule_code, deadline_notes, deadline_notes_en, sequence_order,
-		        alt_duration_value, alt_duration_unit, alt_rule_code, anchor_alt,
-		        concept_id, legal_source, is_spawn, spawn_label, is_active,
-		        created_at, updated_at, lifecycle_state
-		   FROM paliad.deadline_rules
-		  WHERE submission_code = $1
-		    AND lifecycle_state = 'published'
-		    AND is_active = true
-		  ORDER BY sequence_order
-		  LIMIT 1`, submissionCode)
-	if err != nil {
-		if strings.Contains(err.Error(), "no rows") {
-			return nil, errRuleNotFound
-		}
-		return nil, err
-	}
-	return &rule, nil
-}
-
 // submissionFileName produces the user-facing download name per
 // design §7: {rule.name}-{project.case_number}-{YYYY-MM-DD}.docx.
 // Empty case_number drops the segment entirely (no fallback hash —

internal/models/models.go

@@ -721,6 +721,14 @@ type ProceedingType struct {
 	DefaultColor string  `db:"default_color"  json:"default_color"`
 	SortOrder    int     `db:"sort_order"     json:"sort_order"`
 	IsActive     bool    `db:"is_active"      json:"is_active"`
+	// TriggerEventLabel{DE,EN}: optional caption for /tools/verfahrensablauf
+	// "Auslösendes Ereignis". When set, overrides the proceedingName fallback
+	// that fires when no rule has IsRootEvent=true. Populated for UPC Appeal
+	// (mig 121) so the caption reads "Anfechtbare Entscheidung" /
+	// "Appealable Decision" instead of "Berufungsverfahren" / "Appeal".
+	// NULL on most proceedings — they already carry a root rule.
+	TriggerEventLabelDE *string `db:"trigger_event_label_de" json:"trigger_event_label_de,omitempty"`
+	TriggerEventLabelEN *string `db:"trigger_event_label_en" json:"trigger_event_label_en,omitempty"`
 }
 
 // TriggerEvent is a UPC procedural event that can start one or more deadlines

internal/services/approval_service.go

@@ -41,6 +41,7 @@ import (
 	"encoding/json"
 	"errors"
 	"fmt"
+	"maps"
 	"strings"
 	"time"
 
@@ -364,6 +365,135 @@ func (s *ApprovalService) Revoke(ctx context.Context, requestID, callerID uuid.U
 	return s.decide(ctx, requestID, callerID, RequestStatusRevoked, "")
 }
 
+// EditPendingEntity lets the REQUESTER of a pending approval_request revise
+// the in-flight entity (e.g. tweak the title or due_date on a pending
+// create) without withdrawing the request. t-paliad-252 / m/paliad#83 added
+// this as the non-destructive sibling of Revoke — m's mental model is
+// "withdraw deletes the event; let me edit the event instead, keep the
+// approval request alive".
+//
+// Authorization: caller MUST be the original requested_by (no approver can
+// edit on the requester's behalf — that would collapse into SuggestChanges).
+// Request status MUST be pending.
+//
+// Allowlist: uses the WIDER counter-allowlist already maintained for
+// SuggestChanges (buildCounterSetClauses) — every editable field on the
+// entity, not just the date-bearing approval triggers. Unknown keys are
+// silently dropped. Returns ErrSuggestionRequiresChange when fields carries
+// no allowlisted key for the entity_type (would be a no-op write).
+//
+// Side effects in one tx: entity columns updated (and event_type_ids junction
+// rewritten for deadlines), approval_request.payload merged with the new
+// values so the approver sees what was revised, and a distinct
+// `<entity>_approval_edited_by_requester` project_event emitted so the
+// Verlauf shows the revision separately from the original *_requested row.
+//
+// The approval_request stays pending; entity.approval_status stays pending.
+// The approver inbox sees a fresh updated_at + the merged payload.
+func (s *ApprovalService) EditPendingEntity(ctx context.Context, requestID, callerID uuid.UUID, fields map[string]any) error {
+	tx, err := s.db.BeginTxx(ctx, nil)
+	if err != nil {
+		return fmt.Errorf("begin tx: %w", err)
+	}
+	defer tx.Rollback() //nolint:errcheck
+
+	req, err := s.getRequestForUpdate(ctx, tx, requestID)
+	if err != nil {
+		return err
+	}
+	if req.Status != RequestStatusPending {
+		return fmt.Errorf("%w: status=%s", ErrRequestNotPending, req.Status)
+	}
+	if callerID != req.RequestedBy {
+		return ErrNotApprover
+	}
+
+	// Validate the counter-allowlist intersect produces at least one
+	// settable column. applyEntityUpdate also wraps this check; pre-checking
+	// here lets us emit a cleaner error before opening the entity-write.
+	if _, _, err := buildCounterSetClauses(req.EntityType, fields); err != nil {
+		// Already wraps ErrSuggestionRequiresChange for empty / title-cleared
+		// cases. Propagate verbatim.
+		return err
+	}
+
+	// Apply the field updates to the entity row via the shared
+	// counter-allowlist path (same as SuggestChanges).
+	if err := s.applyEntityUpdate(ctx, tx, req.EntityType, req.EntityID, fields); err != nil {
+		return err
+	}
+
+	// Merge new fields into the request payload so the approver's inbox
+	// reflects what the requester revised to. Keys overwrite; event_type_ids
+	// is replaced wholesale per the same semantics applyEntityUpdate uses
+	// for the junction rewrite.
+	var existing map[string]any
+	if len(req.Payload) > 0 {
+		if err := json.Unmarshal(req.Payload, &existing); err != nil {
+			return fmt.Errorf("unmarshal payload: %w", err)
+		}
+	}
+	if existing == nil {
+		existing = map[string]any{}
+	}
+	maps.Copy(existing, fields)
+	merged, err := json.Marshal(existing)
+	if err != nil {
+		return fmt.Errorf("marshal merged payload: %w", err)
+	}
+	now := time.Now().UTC()
+	if _, err := tx.ExecContext(ctx,
+		`UPDATE paliad.approval_requests
+		   SET payload = $1, updated_at = $2
+		 WHERE id = $3`,
+		merged, now, requestID); err != nil {
+		return fmt.Errorf("update payload: %w", err)
+	}
+
+	// Audit emit. Distinct event_type so the Verlauf surfaces the revision
+	// separately from the original *_requested or any decision row.
+	verlaufKind := "edited_by_requester"
+	eventType := approvalEventType(req.EntityType, verlaufKind)
+	descPtr := approvalDescription(verlaufKind, req.RequiredRole, req.LifecycleEvent)
+	editedKeys := sortedKeys(fields)
+	meta := map[string]any{
+		"approval_request_id":  req.ID.String(),
+		"lifecycle_event":      req.LifecycleEvent,
+		req.EntityType + "_id": req.EntityID.String(),
+		"edited_fields":        editedKeys,
+	}
+	if err := insertProjectEventWithMeta(ctx, tx, req.ProjectID, callerID, eventType, eventType, descPtr, meta); err != nil {
+		return err
+	}
+	return tx.Commit()
+}
+
+// sortedKeys returns m's keys in stable alphabetical order so the audit-log
+// metadata is byte-for-byte stable across calls (helps when diffing audit
+// logs or asserting on them in tests).
+func sortedKeys(m map[string]any) []string {
+	out := make([]string, 0, len(m))
+	for k := range m {
+		out = append(out, k)
+	}
+	// Use the stdlib sort; the slice is small (≤ counter-allowlist size).
+	sortStrings(out)
+	return out
+}
+
+// sortStrings: indirection so we don't add a new top-level import group.
+// In Go 1.21+ slices.Sort exists; this package is currently importing
+// strings + standard libs and adding "sort" would re-fan the imports.
+// Kept as a one-line wrapper to localise the dependency if a later move
+// to slices.Sort feels right.
+func sortStrings(s []string) {
+	for i := 1; i < len(s); i++ {
+		for j := i; j > 0 && s[j-1] > s[j]; j-- {
+			s[j-1], s[j] = s[j], s[j-1]
+		}
+	}
+}
+
 // SuggestChanges is the fourth approval action (t-paliad-216). The caller
 // proposes a counter-payload + optional free-text note; in one transaction
 // we close the old request as 'changes_requested', revert the entity from

internal/services/fristenrechner.go

@@ -115,6 +115,16 @@ type UIResponse struct {
 	// note explaining the framing.
 	ContextualNote   string `json:"contextualNote,omitempty"`
 	ContextualNoteEN string `json:"contextualNoteEN,omitempty"`
+	// TriggerEventLabel / TriggerEventLabelEN: optional caption for the
+	// /tools/verfahrensablauf "Auslösendes Ereignis" field. Populated
+	// from paliad.proceeding_types.trigger_event_label_{de,en} (mig 121).
+	// The frontend prefers this over the proceedingName fallback that
+	// fires when no rule has IsRootEvent=true — UPC Appeal needed it
+	// because all its rules carry a non-zero duration off the trigger
+	// date so no rule is the "anchor". The trigger event for UPC Appeal
+	// is the appealable first-instance decision (m/paliad#81).
+	TriggerEventLabel   string `json:"triggerEventLabel,omitempty"`
+	TriggerEventLabelEN string `json:"triggerEventLabelEN,omitempty"`
 }
 
 // ErrUnknownProceedingType is returned when the UI sends an unrecognised code.
@@ -237,14 +247,17 @@ func (s *FristenrechnerService) Calculate(ctx context.Context, proceedingCode, t
 
 	// Look up proceeding type metadata.
 	var pt struct {
-		ID           int     `db:"id"`
-		Code         string  `db:"code"`
-		Name         string  `db:"name"`
-		NameEN       string  `db:"name_en"`
-		Jurisdiction *string `db:"jurisdiction"`
+		ID                  int     `db:"id"`
+		Code                string  `db:"code"`
+		Name                string  `db:"name"`
+		NameEN              string  `db:"name_en"`
+		Jurisdiction        *string `db:"jurisdiction"`
+		TriggerEventLabelDE *string `db:"trigger_event_label_de"`
+		TriggerEventLabelEN *string `db:"trigger_event_label_en"`
 	}
 	err = s.rules.db.GetContext(ctx, &pt,
-		`SELECT id, code, name, name_en, jurisdiction
+		`SELECT id, code, name, name_en, jurisdiction,
+		        trigger_event_label_de, trigger_event_label_en
 		   FROM paliad.proceeding_types
 		  WHERE code = $1 AND is_active = true`, proceedingCode)
 	if errors.Is(err, sql.ErrNoRows) {
@@ -271,7 +284,8 @@ func (s *FristenrechnerService) Calculate(ctx context.Context, proceedingCode, t
 		hasSubTrackNote = true
 		// Re-resolve to the parent proceeding for rule lookup.
 		err = s.rules.db.GetContext(ctx, &pt,
-			`SELECT id, code, name, name_en, jurisdiction
+			`SELECT id, code, name, name_en, jurisdiction,
+			        trigger_event_label_de, trigger_event_label_en
 			   FROM paliad.proceeding_types
 			  WHERE code = $1 AND is_active = true`, route.ParentCode)
 		if errors.Is(err, sql.ErrNoRows) {
@@ -604,6 +618,17 @@ func (s *FristenrechnerService) Calculate(ctx context.Context, proceedingCode, t
 		TriggerDate:      triggerDateStr,
 		Deadlines:        deadlines,
 	}
+	// Sub-track routing keeps the user-picked proceeding's identity,
+	// so the trigger-event label rides on `pickedProceeding` (e.g.
+	// upc.ccr.cfi inherits whatever upc.inf.cfi's caption is, not
+	// upc.ccr.cfi's own — which is fine: the sub-track note already
+	// explains the framing).
+	if pickedProceeding.TriggerEventLabelDE != nil {
+		resp.TriggerEventLabel = *pickedProceeding.TriggerEventLabelDE
+	}
+	if pickedProceeding.TriggerEventLabelEN != nil {
+		resp.TriggerEventLabelEN = *pickedProceeding.TriggerEventLabelEN
+	}
 	if hasSubTrackNote {
 		resp.ContextualNote = subTrackNote.NoteDE
 		resp.ContextualNoteEN = subTrackNote.NoteEN

internal/services/submission_draft_service.go

@@ -519,6 +519,34 @@ func (s *SubmissionDraftService) Export(ctx context.Context, draft *SubmissionDr
 	return out, resolved, nil
 }
 
+// RenderProjectSubmission renders the given .docx template with a fresh
+// variable bag for (user, project, submissionCode). No lawyer overrides
+// — the output reflects exactly what SubmissionVarsService resolves
+// from project state. Used by the one-click /api/projects/{id}/
+// submissions/{code}/generate path which has no saved draft row.
+//
+// Returns the merged bytes plus the resolved bag (for audit row + file
+// naming). Visibility is enforced by SubmissionVarsService.Build via
+// ProjectService.GetByID — callers get ErrNotFound on no-access.
+// ErrSubmissionRuleNotFound surfaces when no published rule matches the
+// requested submission_code.
+func (s *SubmissionDraftService) RenderProjectSubmission(ctx context.Context, userID, projectID uuid.UUID, submissionCode string, templateBytes []byte) ([]byte, *SubmissionVarsResult, error) {
+	pid := projectID
+	resolved, err := s.vars.Build(ctx, SubmissionVarsContext{
+		UserID:         userID,
+		ProjectID:      &pid,
+		SubmissionCode: submissionCode,
+	})
+	if err != nil {
+		return nil, nil, err
+	}
+	out, err := s.renderer.Render(templateBytes, resolved.Placeholders, DefaultMissingMarker(resolved.Lang))
+	if err != nil {
+		return nil, nil, err
+	}
+	return out, resolved, nil
+}
+
 // decodeVariables turns the raw jsonb bytes into the PlaceholderMap.
 // Called by every fetch path so the caller sees a populated Variables.
 func (d *SubmissionDraft) decodeVariables() error {

scripts/gen-demo-submission-template/main.go

@@ -232,12 +232,15 @@ func buildDocumentXML() string {
 
 	// English-locale exercise — lets the lawyer verify the EN long-form
 	// date and EN proceeding name resolve correctly when the user's
-	// preference is en.
+	// preference is en. Also exercises the bare {{today}} alias
+	// (identical to {{today.iso}}; included so every key the variable
+	// bag carries appears at least once in this demo template).
 	heading2(&b, "Locale-aware variants (DEMO)")
 	plain(&b, "EN long date: {{today.long_en}} · Deadline EN: {{deadline.due_date_long_en}}")
 	plain(&b, "Project our side (EN): {{project.our_side_en}} · Proceeding (EN): {{project.proceeding.name_en}}")
 	plain(&b, "Rule name (EN): {{rule.name_en}} · Project our side (DE): {{project.our_side_de}}")
 	plain(&b, "Proceeding (DE): {{project.proceeding.name_de}} · Rule name (DE): {{rule.name_de}}")
+	plain(&b, "Today (bare alias): {{today}}")
 
 	b.WriteString(`</w:body></w:document>`)
 	return b.String()