donpat1to/Schichtenplaner
1
0
Fork 0
mirror of https://github.com/donpat1to/Schichtenplaner.git synced 2025-11-30 22:45:46 +01:00
Code Issues Packages Projects Releases Wiki Activity

Compare commits

base: donpat1to:v1.0.8
Branches Tags
donpat1to:main donpat1to:staging donpat1to:development donpat1to:feature/dev-mockdata donpat1to:feature/export-shiftplan
donpat1to:v1.1.2 donpat1to:v1.1.1 donpat1to:v1.0.27 donpat1to:v1.1.0 donpat1to:v1.0.26 donpat1to:v1.0.25 donpat1to:v1.0.24 donpat1to:v1.0.23 donpat1to:v1.0.22 donpat1to:v1.0.21 donpat1to:v1.0.20 donpat1to:v1.0.19 donpat1to:v1.0.18 donpat1to:v1.0.17 donpat1to:v1.0.16 donpat1to:v1.0.15 donpat1to:v1.0.14 donpat1to:v1.0.13 donpat1to:v1.0.12 donpat1to:v1.0.11 donpat1to:v1.0.10 donpat1to:v1.0.9 donpat1to:v1.0.8 donpat1to:v1.0.7 donpat1to:v1.0.6 donpat1to:v1.0.5 donpat1to:v1.0.4 donpat1to:v1.0.3 donpat1to:v1.0.2 donpat1to:v1.0.1 donpat1to:v0.8.0 donpat1to:v1.0.0 donpat1to:v0.7.0 donpat1to:v0.6.0 donpat1to:v0.5.0 donpat1to:v0.4.0 donpat1to:v0.3.0 donpat1to:v0.2.0 donpat1to:v0.1.0 donpat1to:v0.0.16 donpat1to:v0.0.15 donpat1to:v0.0.14 donpat1to:v0.0.13 donpat1to:v0.0.12 donpat1to:v0.0.11 donpat1to:v0.0.10 donpat1to:v0.0.9 donpat1to:v0.0.8 donpat1to:v0.0.7 donpat1to:v0.0.6 donpat1to:v0.0.5 donpat1to:v0.0.4 donpat1to:v0.0.3 donpat1to:v0.0.2 donpat1to:v0.0.1
...
compare: donpat1to:v1.0.24
Branches Tags
donpat1to:staging donpat1to:development donpat1to:feature/dev-mockdata donpat1to:feature/export-shiftplan donpat1to:main
donpat1to:v1.1.2 donpat1to:v1.1.1 donpat1to:v1.0.27 donpat1to:v1.1.0 donpat1to:v1.0.26 donpat1to:v1.0.25 donpat1to:v1.0.24 donpat1to:v1.0.23 donpat1to:v1.0.22 donpat1to:v1.0.21 donpat1to:v1.0.20 donpat1to:v1.0.19 donpat1to:v1.0.18 donpat1to:v1.0.17 donpat1to:v1.0.16 donpat1to:v1.0.15 donpat1to:v1.0.14 donpat1to:v1.0.13 donpat1to:v1.0.12 donpat1to:v1.0.11 donpat1to:v1.0.10 donpat1to:v1.0.9 donpat1to:v1.0.8 donpat1to:v1.0.7 donpat1to:v1.0.6 donpat1to:v1.0.5 donpat1to:v1.0.4 donpat1to:v1.0.3 donpat1to:v1.0.2 donpat1to:v1.0.1 donpat1to:v0.8.0 donpat1to:v1.0.0 donpat1to:v0.7.0 donpat1to:v0.6.0 donpat1to:v0.5.0 donpat1to:v0.4.0 donpat1to:v0.3.0 donpat1to:v0.2.0 donpat1to:v0.1.0 donpat1to:v0.0.16 donpat1to:v0.0.15 donpat1to:v0.0.14 donpat1to:v0.0.13 donpat1to:v0.0.12 donpat1to:v0.0.11 donpat1to:v0.0.10 donpat1to:v0.0.9 donpat1to:v0.0.8 donpat1to:v0.0.7 donpat1to:v0.0.6 donpat1to:v0.0.5 donpat1to:v0.0.4 donpat1to:v0.0.3 donpat1to:v0.0.2 donpat1to:v0.0.1

34 Commits
v1.0.8 ... v1.0.24

Author SHA1 Message Date
donpat1to
badccb4f55 more fancy excel export 2025-11-05 08:31:39 +01:00
donpat1to
9eb9afce1e added timetable export to the export funciton 2025-11-04 23:25:26 +01:00
donpat1to
17d68c2426 Merge branch 'staging' of https://github.com/donpat1to/Schichtenplaner into staging 2025-11-04 22:31:23 +01:00
donpat1to
cff2374f41 fixed klammer usage 2025-11-04 22:28:39 +01:00
donpat1to
3a787875e6 implemented export with pdf and excel library 2025-11-04 15:33:51 +01:00
donpat1to
0b46919e46 fixed role handling in getshiftplanbyid 2025-11-03 23:16:53 +01:00
donpat1to
65cb3e72ba added backend for shiftplan export 2025-11-03 22:50:02 +01:00
donpat1to
dab5164704 added exporting files 2025-11-03 22:07:32 +01:00
donpat1to
7c63bee1b3 updated python installation to break system packages 2025-11-03 10:55:07 +01:00
donpat1to
4c275993e6 changing debian versions from bookworm to bullseye 2025-11-03 10:40:46 +01:00
donpat1to
5c925e3b54 copying python files seperate for scheduling mechanism 2025-11-03 10:33:07 +01:00
donpat1to
11b6ee7672 moved python installation from builder to image 2025-11-03 09:39:42 +01:00
donpat1to
19357d12c1 changed ci to create its own pakcage-lock 2025-11-02 21:14:34 +01:00
donpat1to
8ccd506b7d changed ci to create its own pakcage-lock 2025-11-02 21:13:32 +01:00
donpat1to
e09979aa77 put package-lock.json into the .gitignore 2025-11-02 21:09:25 +01:00
donpat1to
0eda1ac125 creating package lock package on every ci seperate 2025-11-02 20:59:35 +01:00
donpat1to
6aa9511fbe brought package.json back from the grave 2025-11-02 20:57:34 +01:00
donpat1to
ab24f5cf35 npm ci install for prod 2025-11-02 20:48:43 +01:00
donpat1to
2e81ed48c4 more lenient api rate limit 2025-11-02 20:40:59 +01:00
donpat1to
da2b3b0126 pushed new svg 2025-11-01 18:25:36 +01:00
donpat1to
7a87c49703 added configuration over https / http 2025-11-01 17:54:12 +01:00
donpat1to
52f559199d added configuration over https / http 2025-11-01 17:20:45 +01:00
donpat1to
ebe9d4aa19 added vite dependency to the backend 2025-11-01 15:58:14 +01:00
donpat1to
07ab9586cc removed unnecessary comments 2025-11-01 15:22:47 +01:00
donpat1to
72430462f6 fixed ipSecurityCheck 2025-11-01 15:17:09 +01:00
donpat1to
c7016b5d04 added simulatnously starting frontend backend dev 2025-11-01 14:29:55 +01:00
donpat1to
41ddad6fa9 added apiClient class handling api auth and validation response from backend 2025-11-01 13:47:29 +01:00
donpat1to
29c66f0228 cleaned up vite.config.ts 2025-11-01 12:06:55 +01:00
donpat1to
0614b2f3f8 updated network for proxy use 2025-11-01 11:28:16 +01:00
donpat1to
00b48c1f41 changed dev routing away from faulty proxy 2025-10-31 14:24:56 +01:00
donpat1to
cae2b83649 added seperate transaction for pragma statement 2025-10-31 13:33:12 +01:00
donpat1to
a69e934075 fixed handleSubmit missing input 2025-10-31 12:51:22 +01:00
donpat1to
3ad497dd76 changed static password length statements 6 -> 8 2025-10-31 12:37:52 +01:00
donpat1to
b302c447f8 admin has to confirm current password as well on self password change 2025-10-31 12:30:54 +01:00
51 changed files with 2753 additions and 6574 deletions
Expand all files Collapse all files

35
.env.template
View File

@@ -1,16 +1,29 @@
# === SCHICHTPLANER DOCKER COMPOSE ENVIRONMENT VARIABLES === # .env.template
# Diese Datei wird von docker-compose automatisch geladen # ============================================
# DOCKER COMPOSE ENVIRONMENT TEMPLATE
# Copy this file to .env and adjust values
# ============================================
# Security # Application settings
JWT_SECRET=${JWT_SECRET:-your-secret-key-please-change} NODE_ENV=production
NODE_ENV=${NODE_ENV:-production} JWT_SECRET=your-secret-key-please-change
HOSTNAME=localhost
# Security & Network
TRUST_PROXY_ENABLED=false
TRUSTED_PROXY_IPS=127.0.0.1,::1
FORCE_HTTPS=false
# Database # Database
DB_PATH=${DB_PATH:-/app/data/database.db} DATABASE_PATH=/app/data/schichtplaner.db
# Server # Optional features
PORT=${PORT:-3002} ENABLE_PRO=false
DEBUG=false
# App Configuration # Port configuration
APP_TITLE="Shift Planning App" APP_PORT=3002
ENABLE_PRO=${ENABLE_PRO:-false}
# ============================================
# END OF TEMPLATE
# ============================================

6
.github/workflows/docker.yml vendored
View File

@@ -83,9 +83,13 @@ jobs:
with: with:
node-version: '20' node-version: '20'
- name: Create package-lock.json
working-directory: .
run: npm i --package-lock-only
- name: Install backend dependencies - name: Install backend dependencies
working-directory: ./backend working-directory: ./backend
run: npm install run: npm ci
- name: Run TypeScript check - name: Run TypeScript check
working-directory: ./backend working-directory: ./backend

1
.gitignore vendored
View File

@@ -57,6 +57,7 @@ yarn-error.log*
# Build outputs # Build outputs
dist/ dist/
build/ build/
package-lock.json
# Environment variables # Environment variables
.env .env

33
Dockerfile
View File

@@ -1,22 +1,17 @@
# Single stage build for workspaces # Single stage build for workspaces
FROM node:20-bullseye AS builder FROM node:20-bookworm AS builder
WORKDIR /app WORKDIR /app
# Install Python + OR-Tools
RUN apt-get update && apt-get install -y python3 python3-pip build-essential \
&& pip install --no-cache-dir ortools
# Create symlink so python3 is callable as python
RUN ln -sf /usr/bin/python3 /usr/bin/python
# Copy root package files first # Copy root package files first
COPY package*.json ./ COPY package*.json ./
COPY tsconfig.base.json ./ COPY tsconfig.base.json ./
COPY ecosystem.config.cjs ./ COPY ecosystem.config.cjs ./
# Install root dependencies # Install root dependencies
RUN npm install --only=production #RUN npm install --only=production
RUN npm i --package-lock-only
RUN npm ci
# Copy workspace files # Copy workspace files
COPY backend/ ./backend/ COPY backend/ ./backend/
@@ -30,10 +25,7 @@ RUN npm install --workspace=frontend
RUN npm run build --only=production --workspace=backend RUN npm run build --only=production --workspace=backend
# Build frontend # Build frontend
RUN npm run build --workspace=frontend RUN npm run build --only=production --workspace=frontend
# Verify Python and OR-Tools installation
RUN python -c "from ortools.sat.python import cp_model; print('OR-Tools installed successfully')"
# Production stage # Production stage
FROM node:20-bookworm FROM node:20-bookworm
@@ -57,7 +49,20 @@ COPY --from=builder /app/frontend/dist/ ./frontend-build/
COPY --from=builder /app/ecosystem.config.cjs ./ COPY --from=builder /app/ecosystem.config.cjs ./
COPY --from=builder /app/backend/src/database/ ./dist/database/ COPY --from=builder /app/backend/src/database/ ./dist/database/
COPY --from=builder /app/backend/src/database/ ./database/ # should be obsolete with the line above
#COPY --from=builder /app/backend/src/database/ ./database/
COPY --from=builder /app/backend/src/python-scripts/ ./python-scripts/
# Install Python + OR-Tools
RUN apt-get update && apt-get install -y python3 python3-pip build-essential \
&& pip install --no-cache-dir --break-system-packages ortools
# Create symlink so python3 is callable as python
RUN ln -sf /usr/bin/python3 /usr/bin/python
# Verify Python and OR-Tools installation
RUN python -c "from ortools.sat.python import cp_model; print('OR-Tools installed successfully')"
# Copy init script and env template # Copy init script and env template
COPY docker-init.sh /usr/local/bin/ COPY docker-init.sh /usr/local/bin/

11
backend/package.json
View File

@@ -4,6 +4,7 @@
"type": "module", "type": "module",
"scripts": { "scripts": {
"dev": "npm run build && npx tsx src/server.ts", "dev": "npm run build && npx tsx src/server.ts",
"dev:single": "cross-env NODE_ENV=development TRUST_PROXY_ENABLED=false npx tsx src/server.ts",
"build": "tsc", "build": "tsc",
"start": "node dist/server.js", "start": "node dist/server.js",
"prestart": "npm run build", "prestart": "npm run build",
@@ -14,6 +15,8 @@
}, },
"dependencies": { "dependencies": {
"@types/bcrypt": "^6.0.0", "@types/bcrypt": "^6.0.0",
"@types/node": "24.9.2",
"vite": "7.1.12",
"bcrypt": "^6.0.0", "bcrypt": "^6.0.0",
"bcryptjs": "^2.4.3", "bcryptjs": "^2.4.3",
"express": "^4.18.2", "express": "^4.18.2",
@@ -22,7 +25,10 @@
"uuid": "^9.0.0", "uuid": "^9.0.0",
"express-rate-limit": "8.1.0", "express-rate-limit": "8.1.0",
"helmet": "8.1.0", "helmet": "8.1.0",
"express-validator": "7.3.0" "express-validator": "7.3.0",
"exceljs": "4.4.0",
"pdfkit": "0.12.3",
"@types/pdfkit": "^0.12.3"
}, },
"devDependencies": { "devDependencies": {
"@types/bcryptjs": "^2.4.2", "@types/bcryptjs": "^2.4.2",
@@ -32,6 +38,7 @@
"@types/jest": "^29.5.0", "@types/jest": "^29.5.0",
"ts-node": "^10.9.0", "ts-node": "^10.9.0",
"typescript": "^5.0.0", "typescript": "^5.0.0",
"tsx": "^4.0.0" "tsx": "^4.0.0",
"cross-env": "10.1.0"
} }
} }

4
backend/src/controllers/authController.ts
View File

@@ -64,7 +64,7 @@ export const login = async (req: Request, res: Response) => {
return res.status(400).json({ error: 'E-Mail und Passwort sind erforderlich' }); return res.status(400).json({ error: 'E-Mail und Passwort sind erforderlich' });
} }
// UPDATED: Get user from database with role from employee_roles table // Get user from database with role from employee_roles table
const user = await db.get<any>( const user = await db.get<any>(
`SELECT `SELECT
e.id, e.email, e.password, e.firstname, e.lastname, e.id, e.email, e.password, e.firstname, e.lastname,
@@ -155,7 +155,7 @@ export const getCurrentUser = async (req: Request, res: Response) => {
return res.status(401).json({ error: 'Nicht authentifiziert' }); return res.status(401).json({ error: 'Nicht authentifiziert' });
} }
// UPDATED: Get user with role from employee_roles table // Get user with role from employee_roles table
const user = await db.get<any>( const user = await db.get<any>(
`SELECT `SELECT
e.id, e.email, e.firstname, e.lastname, e.id, e.email, e.firstname, e.lastname,

10
backend/src/controllers/employeeController.ts
View File

@@ -153,7 +153,7 @@ export const createEmployee = async (req: AuthRequest, res: Response): Promise<v
} }
// ✅ ENHANCED: Validate employee type exists and get category info // ✅ ENHANCED: Validate employee type exists and get category info
const employeeTypeInfo = await db.get<{type: string, category: string, has_contract_type: number}>( const employeeTypeInfo = await db.get<{ type: string, category: string, has_contract_type: number }>(
'SELECT type, category, has_contract_type FROM employee_types WHERE type = ?', 'SELECT type, category, has_contract_type FROM employee_types WHERE type = ?',
[employeeType] [employeeType]
); );
@@ -756,8 +756,8 @@ export const changePassword = async (req: AuthRequest, res: Response): Promise<v
return; return;
} }
// For non-admin users, verify current password // Verify current password
if (currentUser?.role !== 'admin') { if (employee) {
const isValidPassword = await bcrypt.compare(currentPassword, employee.password); const isValidPassword = await bcrypt.compare(currentPassword, employee.password);
if (!isValidPassword) { if (!isValidPassword) {
res.status(400).json({ error: 'Current password is incorrect' }); res.status(400).json({ error: 'Current password is incorrect' });
@@ -766,8 +766,8 @@ export const changePassword = async (req: AuthRequest, res: Response): Promise<v
} }
// Validate new password // Validate new password
if (!newPassword || newPassword.length < 6) { if (!newPassword || newPassword.length < 8) {
res.status(400).json({ error: 'New password must be at least 6 characters long' }); res.status(400).json({ error: 'New password must be at least 8 characters long' });
return; return;
} }

4
backend/src/controllers/setupController.ts
View File

@@ -75,8 +75,8 @@ export const setupAdmin = async (req: Request, res: Response): Promise<void> =>
} }
// Password length validation // Password length validation
if (password.length < 6) { if (password.length < 8) {
res.status(400).json({ error: 'Das Passwort muss mindestens 6 Zeichen lang sein' }); res.status(400).json({ error: 'Das Passwort muss mindestens 8 Zeichen lang sein' });
return; return;
} }

628
backend/src/controllers/shiftPlanController.ts
View File

@@ -8,6 +8,8 @@ import {
} from '../models/ShiftPlan.js'; } from '../models/ShiftPlan.js';
import { AuthRequest } from '../middleware/auth.js'; import { AuthRequest } from '../middleware/auth.js';
import { TEMPLATE_PRESETS } from '../models/defaults/shiftPlanDefaults.js'; import { TEMPLATE_PRESETS } from '../models/defaults/shiftPlanDefaults.js';
import ExcelJS from 'exceljs';
import PDFDocument from 'pdfkit';
async function getPlanWithDetails(planId: string) { async function getPlanWithDetails(planId: string) {
const plan = await db.get<any>(` const plan = await db.get<any>(`
@@ -592,6 +594,26 @@ async function getShiftPlanById(planId: string): Promise<any> {
`, [planId]); `, [planId]);
} }
// Load employees without role column + join with employee_roles
const employees = await db.all<any>(`
SELECT
e.id,
e.firstname,
e.lastname,
e.email,
e.employee_type,
e.contract_type,
e.can_work_alone,
e.is_trainee,
e.is_active as isActive,
GROUP_CONCAT(er.role) as roles
FROM employees e
LEFT JOIN employee_roles er ON e.id = er.employee_id
WHERE e.is_active = 1
GROUP BY e.id
ORDER BY e.firstname, e.lastname
`, []);
return { return {
...plan, ...plan,
isTemplate: plan.is_template === 1, isTemplate: plan.is_template === 1,
@@ -629,12 +651,25 @@ async function getShiftPlanById(planId: string): Promise<any> {
requiredEmployees: shift.required_employees, requiredEmployees: shift.required_employees,
assignedEmployees: JSON.parse(shift.assigned_employees || '[]'), assignedEmployees: JSON.parse(shift.assigned_employees || '[]'),
timeSlotName: shift.time_slot_name timeSlotName: shift.time_slot_name
})),
// Include employees with proper role handling
employees: employees.map(emp => ({
id: emp.id,
firstname: emp.firstname,
lastname: emp.lastname,
email: emp.email,
employeeType: emp.employee_type,
contractType: emp.contract_type,
canWorkAlone: emp.can_work_alone === 1,
isTrainee: emp.is_trainee === 1,
isActive: emp.isActive === 1,
roles: emp.roles ? emp.roles.split(',') : [] // Convert comma-separated roles to array
})) }))
}; };
} }
// Helper function to generate scheduled shifts from template // Helper function to generate scheduled shifts from template
export const generateScheduledShifts = async(planId: string, startDate: string, endDate: string): Promise<void> => { export const generateScheduledShifts = async (planId: string, startDate: string, endDate: string): Promise<void> => {
try { try {
console.log(`🔄 Generating scheduled shifts for Plan ${planId} from ${startDate} to ${endDate}`); console.log(`🔄 Generating scheduled shifts for Plan ${planId} from ${startDate} to ${endDate}`);
@@ -933,3 +968,594 @@ export const clearAssignments = async (req: Request, res: Response): Promise<voi
res.status(500).json({ error: 'Internal server error' }); res.status(500).json({ error: 'Internal server error' });
} }
}; };
// Helper interfaces for export
interface ExportDay {
id: number;
name: string;
}
interface ExportTimeSlot {
id: string;
name: string;
startTime: string;
endTime: string;
shiftsByDay: { [dayId: number]: any };
}
interface ExportTimetableData {
days: ExportDay[];
allTimeSlots: ExportTimeSlot[];
}
function getTimetableDataForExport(plan: any): ExportTimetableData {
const weekdays = [
{ id: 1, name: 'Montag' },
{ id: 2, name: 'Dienstag' },
{ id: 3, name: 'Mittwoch' },
{ id: 4, name: 'Donnerstag' },
{ id: 5, name: 'Freitag' },
{ id: 6, name: 'Samstag' },
{ id: 7, name: 'Sonntag' }
];
if (!plan.shifts || !plan.timeSlots) {
return { days: [], allTimeSlots: [] };
}
// Create a map for quick time slot lookups with proper typing
const timeSlotMap = new Map<string, any>();
plan.timeSlots.forEach((ts: any) => {
timeSlotMap.set(ts.id, ts);
});
// Group shifts by day
const shiftsByDay: { [dayId: number]: any[] } = plan.shifts.reduce((acc: any, shift: any) => {
if (!acc[shift.dayOfWeek]) {
acc[shift.dayOfWeek] = [];
}
const timeSlot = timeSlotMap.get(shift.timeSlotId);
const enhancedShift = {
...shift,
timeSlotName: timeSlot?.name,
startTime: timeSlot?.startTime,
endTime: timeSlot?.endTime
};
acc[shift.dayOfWeek].push(enhancedShift);
return acc;
}, {});
// Sort shifts within each day by start time
Object.keys(shiftsByDay).forEach(day => {
const dayNum = parseInt(day);
shiftsByDay[dayNum].sort((a: any, b: any) => {
const timeA = a.startTime || '';
const timeB = b.startTime || '';
return timeA.localeCompare(timeB);
});
});
// Get unique days that have shifts
const days: ExportDay[] = Array.from(new Set(plan.shifts.map((shift: any) => shift.dayOfWeek)))
.sort()
.map(dayId => {
return weekdays.find(day => day.id === dayId) || { id: dayId as number, name: `Tag ${dayId}` };
});
// Get all unique time slots (rows) by collecting from all shifts
const allTimeSlotsMap = new Map<string, ExportTimeSlot>();
days.forEach(day => {
shiftsByDay[day.id]?.forEach((shift: any) => {
const timeSlot = timeSlotMap.get(shift.timeSlotId);
if (timeSlot && !allTimeSlotsMap.has(timeSlot.id)) {
const exportTimeSlot: ExportTimeSlot = {
id: timeSlot.id,
name: timeSlot.name,
startTime: timeSlot.startTime,
endTime: timeSlot.endTime,
shiftsByDay: {}
};
allTimeSlotsMap.set(timeSlot.id, exportTimeSlot);
}
});
});
// Populate shifts for each time slot by day
days.forEach(day => {
shiftsByDay[day.id]?.forEach((shift: any) => {
const timeSlot = allTimeSlotsMap.get(shift.timeSlotId);
if (timeSlot) {
timeSlot.shiftsByDay[day.id] = shift;
}
});
});
// Convert to array and sort by start time
const allTimeSlots = Array.from(allTimeSlotsMap.values()).sort((a: ExportTimeSlot, b: ExportTimeSlot) => {
return (a.startTime || '').localeCompare(b.startTime || '');
});
return { days, allTimeSlots };
}
// Export shift plan to Excel
export const exportShiftPlanToExcel = async (req: Request, res: Response): Promise<void> => {
try {
const { id } = req.params;
console.log('📊 Starting Excel export for plan:', id);
const plan = await getShiftPlanById(id);
if (!plan) {
res.status(404).json({ error: 'Shift plan not found' });
return;
}
if (plan.status !== 'published') {
res.status(400).json({ error: 'Can only export published shift plans' });
return;
}
// Create workbook
const workbook = new ExcelJS.Workbook();
workbook.creator = 'Schichtplaner System';
workbook.created = new Date();
/* -------------------------------------------------------------------------- */
/* 🧾 1. Summary Sheet */
/* -------------------------------------------------------------------------- */
const summarySheet = workbook.addWorksheet('Planübersicht');
summarySheet.columns = [
{ header: 'Eigenschaft', key: 'property', width: 25 },
{ header: 'Wert', key: 'value', width: 35 }
];
summarySheet.addRows([
{ property: 'Plan Name', value: plan.name },
{ property: 'Beschreibung', value: plan.description || 'Keine' },
{ property: 'Zeitraum', value: `${plan.startDate} bis ${plan.endDate}` },
{ property: 'Status', value: plan.status },
{ property: 'Erstellt von', value: plan.created_by_name || 'Unbekannt' },
{ property: 'Erstellt am', value: new Date(plan.createdAt).toLocaleString('de-DE') },
{ property: 'Anzahl Schichten', value: plan.scheduledShifts?.length || 0 },
{ property: 'Anzahl Mitarbeiter', value: plan.employees?.length || 0 }
]);
// Style header
const header1 = summarySheet.getRow(1);
header1.font = { bold: true, color: { argb: 'FFFFFFFF' } };
header1.fill = { type: 'pattern', pattern: 'solid', fgColor: { argb: 'FF2C3E50' } };
summarySheet.columns.forEach(col => (col.alignment = { vertical: 'middle', wrapText: true }));
/* -------------------------------------------------------------------------- */
/* 📅 2. Timetable / Schichtplan Sheet */
/* -------------------------------------------------------------------------- */
const timetableSheet = workbook.addWorksheet('Schichtplan');
const timetableData = getTimetableDataForExport(plan);
const { days, allTimeSlots } = timetableData;
// Header
const headerRow = ['Schicht (Zeit)', ...days.map(d => d.name)];
const header = timetableSheet.addRow(headerRow);
header.eachCell(cell => {
cell.font = { bold: true, color: { argb: 'FFFFFFFF' } };
cell.fill = { type: 'pattern', pattern: 'solid', fgColor: { argb: 'FF2C3E50' } };
cell.alignment = { horizontal: 'center', vertical: 'middle' };
cell.border = {
top: { style: 'thin' },
left: { style: 'thin' },
bottom: { style: 'thin' },
right: { style: 'thin' }
};
});
// Content rows
for (const timeSlot of allTimeSlots) {
const rowData: any[] = [`${timeSlot.name}\n${timeSlot.startTime} - ${timeSlot.endTime}`];
for (const day of days) {
const shift = timeSlot.shiftsByDay[day.id];
if (!shift) {
rowData.push('Keine Schicht');
continue;
}
const scheduledShift = plan.scheduledShifts?.find(
(s: any) => getDayOfWeek(s.date) === day.id && s.timeSlotId === timeSlot.id
);
if (scheduledShift && scheduledShift.assignedEmployees?.length > 0) {
const employees = scheduledShift.assignedEmployees.map((empId: string) => {
const emp = plan.employees?.find((e: any) => e.id === empId);
if (!emp) return { text: 'Unbekannt', color: 'FF888888' };
if (emp.isTrainee)
return { text: `${emp.firstname} ${emp.lastname} (T)`, color: 'FFCDA8F0' };
if (emp.employee_type === 'manager')
return { text: `${emp.firstname} ${emp.lastname} (M)`, color: 'FFCC0000' };
return { text: `${emp.firstname} ${emp.lastname}`, color: 'FF642AB5' };
});
rowData.push(employees);
} else {
const shiftsForSlot =
plan.shifts?.filter(
(s: any) => s.dayOfWeek === day.id && s.timeSlotId === timeSlot.id
) || [];
const totalRequired = shiftsForSlot.reduce(
(sum: number, s: any) => sum + s.requiredEmployees,
0
);
rowData.push(totalRequired === 0 ? '-' : `0/${totalRequired}`);
}
}
const row = timetableSheet.addRow(rowData);
row.eachCell((cell, colNumber) => {
cell.border = {
top: { style: 'thin' },
left: { style: 'thin' },
bottom: { style: 'thin' },
right: { style: 'thin' }
};
cell.alignment = { vertical: 'top', wrapText: true };
if (cell.value === 'Keine Schicht') {
cell.fill = { type: 'pattern', pattern: 'solid', fgColor: { argb: 'FFEDEDED' } };
cell.font = { color: { argb: 'FF888888' }, italic: true };
}
if (Array.isArray(cell.value)) {
cell.value = {
richText: cell.value.map((e: any) => ({
text: e.text + '\n',
font: { color: { argb: e.color } }
}))
};
}
if (colNumber === 1) {
cell.alignment = { horizontal: 'left', vertical: 'middle', wrapText: true };
}
});
}
// Adjust layout
timetableSheet.eachRow((row, i) => (row.height = i === 1 ? 30 : 70));
timetableSheet.columns.forEach(col => {
let max = 12;
col.eachCell?.({ includeEmpty: true }, c => {
const len = typeof c.value === 'string' ? c.value.length : 10;
if (len > max) max = len;
});
col.width = Math.min(max + 5, 40);
});
// Add legend row at bottom
const legendRow = timetableSheet.addRow([
'Legende:',
'■ Manager',
'■ Trainee',
'■ Mitarbeiter',
'■ Keine Schicht'
]);
// Style each square with its respective color
legendRow.getCell(1).font = { bold: true };
legendRow.getCell(2).font = { color: { argb: 'FFCC0000' } }; // Red = Manager
legendRow.getCell(3).font = { color: { argb: 'FFCDA8F0' } }; // Purple = Trainee
legendRow.getCell(4).font = { color: { argb: 'FF642AB5' } }; // Blue = Mitarbeiter
legendRow.getCell(5).font = { color: { argb: 'FF888888' } }; // Gray = Keine Schicht
legendRow.eachCell(cell => {
cell.alignment = { vertical: 'middle', horizontal: 'left' };
cell.font = { ...cell.font, italic: true };
});
/* -------------------------------------------------------------------------- */
/* 👥 3. Employee Overview Sheet */
/* -------------------------------------------------------------------------- */
const employeeSheet = workbook.addWorksheet('Mitarbeiterübersicht');
employeeSheet.columns = [
{ header: 'Name', key: 'name', width: 25 },
{ header: 'E-Mail', key: 'email', width: 25 },
{ header: 'Rolle', key: 'role', width: 18 },
{ header: 'Mitarbeiter Typ', key: 'type', width: 15 },
{ header: 'Vertragstyp', key: 'contract', width: 18 },
{ header: 'Trainee', key: 'trainee', width: 10 }
];
plan.employees?.forEach((e: any) =>
employeeSheet.addRow({
name: `${e.firstname} ${e.lastname}`,
email: e.email,
role: e.roles?.join(', ') || 'Benutzer',
type: e.employee_type || 'Unbekannt',
contract: e.contractType || 'Nicht angegeben',
trainee: e.isTrainee ? 'Ja' : 'Nein'
})
);
const empHeader = employeeSheet.getRow(1);
empHeader.font = { bold: true, color: { argb: 'FFFFFFFF' } };
empHeader.fill = { type: 'pattern', pattern: 'solid', fgColor: { argb: 'FF34495E' } };
empHeader.alignment = { horizontal: 'center', vertical: 'middle' };
/* -------------------------------------------------------------------------- */
/* 📤 4. Send Response */
/* -------------------------------------------------------------------------- */
const fileName = `Schichtplan_${plan.name}_${new Date().toISOString().split('T')[0]}.xlsx`;
res.setHeader('Content-Type', 'application/vnd.openxmlformats-officedocument.spreadsheetml.sheet');
res.setHeader('Content-Disposition', `attachment; filename="${fileName}"`);
await workbook.xlsx.write(res);
console.log('✅ Excel export completed for plan:', id);
} catch (error) {
console.error('❌ Error exporting to Excel:', error);
res.status(500).json({ error: 'Internal server error during Excel export' });
}
};
export const exportShiftPlanToPDF = async (req: Request, res: Response): Promise<void> => {
try {
const { id } = req.params;
console.log('📄 Starting PDF export for plan:', id);
// Check if plan exists
const plan = await getShiftPlanById(id);
if (!plan) {
res.status(404).json({ error: 'Shift plan not found' });
return;
}
if (plan.status !== 'published') {
res.status(400).json({ error: 'Can only export published shift plans' });
return;
}
// Create PDF document
const doc = new PDFDocument({ margin: 50 });
// Set response headers
res.setHeader('Content-Type', 'application/pdf');
res.setHeader('Content-Disposition', `attachment; filename="Schichtplan_${plan.name}_${new Date().toISOString().split('T')[0]}.pdf"`);
// Pipe PDF to response
doc.pipe(res);
// Add title
doc.fontSize(20).font('Helvetica-Bold').text(`Schichtplan: ${plan.name}`, 50, 50);
doc.fontSize(12).font('Helvetica').text(`Erstellt am: ${new Date().toLocaleDateString('de-DE')}`, 50, 80);
// Plan summary
let yPosition = 120;
doc.fontSize(14).font('Helvetica-Bold').text('Plan Informationen', 50, yPosition);
yPosition += 30;
doc.fontSize(10).font('Helvetica');
doc.text(`Plan Name: ${plan.name}`, 50, yPosition);
yPosition += 20;
if (plan.description) {
doc.text(`Beschreibung: ${plan.description}`, 50, yPosition);
yPosition += 20;
}
doc.text(`Zeitraum: ${plan.startDate} bis ${plan.endDate}`, 50, yPosition);
yPosition += 20;
doc.text(`Status: ${plan.status}`, 50, yPosition);
yPosition += 20;
doc.text(`Erstellt von: ${plan.created_by_name || 'Unbekannt'}`, 50, yPosition);
yPosition += 20;
doc.text(`Erstellt am: ${plan.createdAt}`, 50, yPosition);
yPosition += 20;
doc.text(`Anzahl Schichten: ${plan.scheduledShifts?.length || 0}`, 50, yPosition);
yPosition += 20;
doc.text(`Anzahl Mitarbeiter: ${plan.employees?.length || 0}`, 50, yPosition);
yPosition += 40;
// Get timetable data for PDF
const timetableData = getTimetableDataForExport(plan);
const { days, allTimeSlots } = timetableData;
// Add timetable section
doc.addPage();
doc.fontSize(16).font('Helvetica-Bold').text('Schichtplan Timetable', 50, 50);
let currentY = 80;
// Define column widths
const timeSlotColWidth = 100;
const dayColWidth = (500 - timeSlotColWidth) / days.length;
// Table headers
doc.fontSize(10).font('Helvetica-Bold');
// Time slot header
doc.rect(50, currentY, timeSlotColWidth, 20).fillAndStroke('#2c3e50', '#2c3e50');
doc.fillColor('white').text('Schicht (Zeit)', 55, currentY + 5, { width: timeSlotColWidth - 10, align: 'left' });
// Day headers
days.forEach((day, index) => {
const xPos = 50 + timeSlotColWidth + (index * dayColWidth);
doc.rect(xPos, currentY, dayColWidth, 20).fillAndStroke('#2c3e50', '#2c3e50');
doc.fillColor('white').text(day.name, xPos + 5, currentY + 5, { width: dayColWidth - 10, align: 'center' });
});
doc.fillColor('black');
currentY += 20;
// Time slot rows
allTimeSlots.forEach((timeSlot, rowIndex) => {
// Check if we need a new page
if (currentY > 650) {
doc.addPage();
currentY = 50;
// Redraw headers on new page
doc.fontSize(10).font('Helvetica-Bold');
doc.rect(50, currentY, timeSlotColWidth, 20).fillAndStroke('#2c3e50', '#2c3e50');
doc.fillColor('white').text('Schicht (Zeit)', 55, currentY + 5, { width: timeSlotColWidth - 10, align: 'left' });
days.forEach((day, index) => {
const xPos = 50 + timeSlotColWidth + (index * dayColWidth);
doc.rect(xPos, currentY, dayColWidth, 20).fillAndStroke('#2c3e50', '#2c3e50');
doc.fillColor('white').text(day.name, xPos + 5, currentY + 5, { width: dayColWidth - 10, align: 'center' });
});
doc.fillColor('black');
currentY += 20;
}
// Alternate row background
const rowBgColor = rowIndex % 2 === 0 ? '#f8f9fa' : 'white';
// Time slot cell
doc.rect(50, currentY, timeSlotColWidth, 40).fillAndStroke(rowBgColor, '#dee2e6');
doc.fontSize(9).font('Helvetica-Bold').text(timeSlot.name, 55, currentY + 5, { width: timeSlotColWidth - 10 });
doc.fontSize(8).font('Helvetica').text(`${timeSlot.startTime} - ${timeSlot.endTime}`, 55, currentY + 18, { width: timeSlotColWidth - 10 });
// Day cells
days.forEach((day, colIndex) => {
const xPos = 50 + timeSlotColWidth + (colIndex * dayColWidth);
const shift = timeSlot.shiftsByDay[day.id];
doc.rect(xPos, currentY, dayColWidth, 40).fillAndStroke(rowBgColor, '#dee2e6');
if (!shift) {
doc.fontSize(8).font('Helvetica-Oblique').fillColor('#ccc').text('Keine Schicht', xPos + 5, currentY + 15, {
width: dayColWidth - 10,
align: 'center'
});
} else {
// Get assignments for this time slot and day
const scheduledShift = plan.scheduledShifts?.find((scheduled: any) => {
const scheduledDayOfWeek = getDayOfWeek(scheduled.date);
return scheduledDayOfWeek === day.id &&
scheduled.timeSlotId === timeSlot.id;
});
doc.fillColor('black').fontSize(8).font('Helvetica');
if (scheduledShift && scheduledShift.assignedEmployees.length > 0) {
let textY = currentY + 5;
scheduledShift.assignedEmployees.forEach((empId: string, empIndex: number) => {
if (textY < currentY + 35) { // Don't overflow cell
const employee = plan.employees?.find((emp: any) => emp.id === empId);
if (employee) {
let roleIndicator = '';
if (employee.isTrainee) {
roleIndicator = ' (T)';
doc.fillColor('#cda8f0'); // Trainee color
} else if (employee.employee_type === 'manager') {
roleIndicator = ' (M)';
doc.fillColor('#CC0000'); // Manager color
} else {
doc.fillColor('#642ab5'); // Regular personnel color
}
const name = `${employee.firstname} ${employee.lastname}${roleIndicator}`;
doc.text(name, xPos + 5, textY, { width: dayColWidth - 10, align: 'left' });
textY += 10;
}
}
});
doc.fillColor('black');
} else {
// Show required count like in React component
const shiftsForSlot = plan.shifts?.filter((s: any) =>
s.dayOfWeek === day.id &&
s.timeSlotId === timeSlot.id
) || [];
const totalRequired = shiftsForSlot.reduce((sum: number, s: any) => sum + s.requiredEmployees, 0);
const displayText = totalRequired === 0 ? '-' : `0/${totalRequired}`;
doc.fillColor('#666').fontSize(9).font('Helvetica-Oblique')
.text(displayText, xPos + 5, currentY + 15, { width: dayColWidth - 10, align: 'center' });
doc.fillColor('black');
}
}
});
currentY += 40;
});
// Add employee overview page
doc.addPage();
doc.fontSize(16).font('Helvetica-Bold').text('Mitarbeiterübersicht', 50, 50);
currentY = 80;
// Table headers
doc.fontSize(10).font('Helvetica-Bold');
doc.text('Name', 50, currentY);
doc.text('E-Mail', 200, currentY);
doc.text('Rolle', 350, currentY);
doc.text('Typ', 450, currentY);
currentY += 15;
// Horizontal line
doc.moveTo(50, currentY).lineTo(550, currentY).stroke();
currentY += 10;
doc.fontSize(9).font('Helvetica');
plan.employees?.forEach((employee: any) => {
if (currentY > 700) {
doc.addPage();
currentY = 50;
// Re-add headers
doc.fontSize(10).font('Helvetica-Bold');
doc.text('Name', 50, currentY);
doc.text('E-Mail', 200, currentY);
doc.text('Rolle', 350, currentY);
doc.text('Typ', 450, currentY);
currentY += 25;
}
doc.text(`${employee.firstname} ${employee.lastname}`, 50, currentY);
doc.text(employee.email, 200, currentY, { width: 140 });
doc.text(employee.roles?.join(', ') || 'Benutzer', 350, currentY, { width: 90 });
doc.text(employee.employeeType, 450, currentY);
currentY += 20;
});
// Add footer to each page
const pages = doc.bufferedPageRange();
for (let i = 0; i < pages.count; i++) {
doc.switchToPage(i);
doc.fontSize(8).font('Helvetica');
doc.text(
`Seite ${i + 1} von ${pages.count} • Erstellt am: ${new Date().toLocaleString('de-DE')} • Schichtplaner System`,
50,
800,
{ align: 'center', width: 500 }
);
}
// Finalize PDF
doc.end();
console.log('✅ PDF export completed for plan:', id);
} catch (error) {
console.error('❌ Error exporting to PDF:', error);
res.status(500).json({ error: 'Internal server error during PDF export' });
}
};
// Helper function to get day of week from date string
function getDayOfWeek(dateString: string): number {
const date = new Date(dateString);
return date.getDay() === 0 ? 7 : date.getDay();
}
// Helper function to get German day names
function getGermanDayName(dayIndex: number): string {
const days = ['Sonntag', 'Montag', 'Dienstag', 'Mittwoch', 'Donnerstag', 'Freitag', 'Samstag'];
return days[dayIndex];
}

2
backend/src/middleware/Validation/Employee.md
View File

@@ -23,7 +23,7 @@
### \[CREATE\] Employee ### \[CREATE\] Employee
* `firstname` 1-100 characters and must not be empty * `firstname` 1-100 characters and must not be empty
* `lastname` 1-100 characters and must not be empty * `lastname` 1-100 characters and must not be empty
* `password` must be at least 6 characters (in create mode) * `password` must be at least 8 characters (in create mode)
* `employeeType` must be `manager`, `personell`, `apprentice`, or `guest` * `employeeType` must be `manager`, `personell`, `apprentice`, or `guest`
* `canWorkAlone` optional boolean * `canWorkAlone` optional boolean
* `isTrainee` optional boolean * `isTrainee` optional boolean

32
backend/src/middleware/auth.ts
View File

@@ -52,3 +52,35 @@ export const requireRole = (roles: string[]) => {
next(); next();
}; };
}; };
export const getClientIP = (req: Request): string => {
const trustedHeader = process.env.TRUSTED_PROXY_HEADER || 'x-forwarded-for';
const forwarded = req.headers[trustedHeader];
const realIp = req.headers['x-real-ip'];
if (forwarded) {
if (Array.isArray(forwarded)) {
return forwarded[0].split(',')[0].trim();
} else if (typeof forwarded === 'string') {
return forwarded.split(',')[0].trim();
}
}
if (realIp) {
return realIp.toString();
}
return req.socket.remoteAddress || req.ip || 'unknown';
};
export const ipSecurityCheck = (req: AuthRequest, res: Response, next: NextFunction): void => {
const clientIP = getClientIP(req);
// Log suspicious activity
const suspiciousPaths = ['/api/auth/login', '/api/auth/register'];
if (suspiciousPaths.includes(req.path)) {
console.log(`🔐 Auth attempt from IP: ${clientIP}, Path: ${req.path}`);
}
next();
}

113
backend/src/middleware/rateLimit.ts
View File

@@ -1,6 +1,46 @@
import rateLimit from 'express-rate-limit'; import rateLimit from 'express-rate-limit';
import { Request } from 'express'; import { Request } from 'express';
// Secure IP extraction that works with proxy settings
const getClientIP = (req: Request): string => {
// Read from environment which header to trust
const trustedHeader = process.env.TRUSTED_PROXY_HEADER || 'x-forwarded-for';
const forwarded = req.headers[trustedHeader];
const realIp = req.headers['x-real-ip'];
const cfConnectingIp = req.headers['cf-connecting-ip']; // Cloudflare
// If we have a forwarded header and trust proxy is configured
if (forwarded) {
if (Array.isArray(forwarded)) {
const firstIP = forwarded[0].split(',')[0].trim();
console.log(`🔍 Extracted IP from ${trustedHeader}: ${firstIP} (from: ${forwarded[0]})`);
return firstIP;
} else if (typeof forwarded === 'string') {
const firstIP = forwarded.split(',')[0].trim();
console.log(`🔍 Extracted IP from ${trustedHeader}: ${firstIP} (from: ${forwarded})`);
return firstIP;
}
}
// Cloudflare support
if (cfConnectingIp) {
console.log(`🔍 Using Cloudflare IP: ${cfConnectingIp}`);
return cfConnectingIp.toString();
}
// Fallback to x-real-ip
if (realIp) {
console.log(`🔍 Using x-real-ip: ${realIp}`);
return realIp.toString();
}
// Final fallback to connection remote address
const remoteAddress = req.socket.remoteAddress || req.ip || 'unknown';
console.log(`🔍 Using remote address: ${remoteAddress}`);
return remoteAddress;
};
// Helper to check if request should be limited // Helper to check if request should be limited
const shouldSkipLimit = (req: Request): boolean => { const shouldSkipLimit = (req: Request): boolean => {
const skipPaths = [ const skipPaths = [
@@ -14,35 +54,92 @@ const shouldSkipLimit = (req: Request): boolean => {
return true; return true;
} }
// Skip for whitelisted IPs from environment
const whitelist = process.env.RATE_LIMIT_WHITELIST?.split(',') || [];
const clientIP = getClientIP(req);
if (whitelist.includes(clientIP)) {
console.log(`✅ IP whitelisted: ${clientIP}`);
return true;
}
return skipPaths.includes(req.path); return skipPaths.includes(req.path);
}; };
// Environment-based configuration
const getRateLimitConfig = () => {
const isProduction = process.env.NODE_ENV === 'production';
return {
windowMs: parseInt(process.env.RATE_LIMIT_WINDOW_MS || '900000'), // 15 minutes default
max: isProduction
? parseInt(process.env.RATE_LIMIT_MAX_REQUESTS || '1000') // Stricter in production
: parseInt(process.env.RATE_LIMIT_MAX_REQUESTS || '5000'), // More lenient in development
// Development-specific relaxations
skip: (req: Request) => {
// Skip all GET requests in development for easier testing
if (!isProduction && req.method === 'GET') {
return true;
}
return shouldSkipLimit(req);
}
};
};
// Main API limiter - nur für POST/PUT/DELETE // Main API limiter - nur für POST/PUT/DELETE
export const apiLimiter = rateLimit({ export const apiLimiter = rateLimit({
windowMs: 15 * 60 * 1000, // 15 minutes ...getRateLimitConfig(),
max: 200, // 200 non-GET requests per 15 minutes
message: { message: {
error: 'Zu viele Anfragen, bitte verlangsamen Sie Ihre Aktionen' error: 'Zu viele Anfragen, bitte verlangsamen Sie Ihre Aktionen'
}, },
standardHeaders: true, standardHeaders: true,
legacyHeaders: false, legacyHeaders: false,
skip: (req) => { keyGenerator: (req) => getClientIP(req),
// ✅ Skip für GET requests (Data Fetching) handler: (req, res) => {
if (req.method === 'GET') return true; const clientIP = getClientIP(req);
console.warn(`🚨 Rate limit exceeded for IP: ${clientIP}, Path: ${req.path}, Method: ${req.method}`);
// ✅ Skip für Health/Status Checks res.status(429).json({
return shouldSkipLimit(req); error: 'Zu viele Anfragen',
message: 'Bitte versuchen Sie es später erneut',
retryAfter: '15 Minuten',
clientIP: process.env.NODE_ENV === 'development' ? clientIP : undefined // Only expose IP in dev
});
} }
}); });
// Strict limiter for auth endpoints // Strict limiter for auth endpoints
export const authLimiter = rateLimit({ export const authLimiter = rateLimit({
windowMs: 15 * 60 * 1000, windowMs: 15 * 60 * 1000,
max: 5, max: parseInt(process.env.AUTH_RATE_LIMIT_MAX_REQUESTS || '100'),
message: { message: {
error: 'Zu viele Login-Versuche, bitte versuchen Sie es später erneut' error: 'Zu viele Login-Versuche, bitte versuchen Sie es später erneut'
}, },
standardHeaders: true, standardHeaders: true,
legacyHeaders: false, legacyHeaders: false,
skipSuccessfulRequests: true, skipSuccessfulRequests: true,
keyGenerator: (req) => getClientIP(req),
handler: (req, res) => {
const clientIP = getClientIP(req);
console.warn(`🚨 Auth rate limit exceeded for IP: ${clientIP}`);
res.status(429).json({
error: 'Zu viele Login-Versuche',
message: 'Aus Sicherheitsgründen wurde Ihr Konto temporär gesperrt',
retryAfter: '15 Minuten'
});
}
});
// Separate limiter for expensive endpoints
export const expensiveEndpointLimiter = rateLimit({
windowMs: 15 * 60 * 1000,
max: parseInt(process.env.EXPENSIVE_ENDPOINT_LIMIT || '100'),
message: {
error: 'Zu viele Anfragen für diese Ressource'
},
standardHeaders: true,
legacyHeaders: false,
keyGenerator: (req) => getClientIP(req)
}); });

4
backend/src/middleware/validation.ts
View File

@@ -209,7 +209,7 @@ export const validateChangePassword = [
.isLength({ min: 1 }) .isLength({ min: 1 })
.withMessage('Current password is required for self-password change'), .withMessage('Current password is required for self-password change'),
body('password') body('newPassword')
.isLength({ min: 8 }) .isLength({ min: 8 })
.withMessage('Password must be at least 8 characters') .withMessage('Password must be at least 8 characters')
.matches(/^(?=.*[a-z])(?=.*[A-Z])(?=.*\d)(?=.*[!@#$%^&*()_+\-=\[\]{};':"\\|,.<>\/?])/) .matches(/^(?=.*[a-z])(?=.*[A-Z])(?=.*\d)(?=.*[!@#$%^&*()_+\-=\[\]{};':"\\|,.<>\/?])/)
@@ -217,7 +217,7 @@ export const validateChangePassword = [
body('confirmPassword') body('confirmPassword')
.custom((value, { req }) => { .custom((value, { req }) => {
if (value !== req.body.password) { if (value !== req.body.newPassword) {
throw new Error('Passwords do not match'); throw new Error('Passwords do not match');
} }
return true; return true;

14
backend/src/models/helpers/employeeHelpers.ts
View File

@@ -18,12 +18,12 @@ function generateEmail(firstname: string, lastname: string): string {
return `${cleanFirstname}.${cleanLastname}@sp.de`; return `${cleanFirstname}.${cleanLastname}@sp.de`;
} }
// UPDATED: Validation for new employee model with employee types // Validation for new employee model with employee types
export function validateEmployeeData(employee: CreateEmployeeRequest): string[] { export function validateEmployeeData(employee: CreateEmployeeRequest): string[] {
const errors: string[] = []; const errors: string[] = [];
if (employee.password?.length < 6) { if (employee.password?.length < 8) {
errors.push('Password must be at least 6 characters long'); errors.push('Password must be at least 8 characters long');
} }
if (!employee.firstname?.trim() || employee.firstname.trim().length < 2) { if (!employee.firstname?.trim() || employee.firstname.trim().length < 2) {
@@ -71,7 +71,7 @@ export function generateEmployeeEmail(firstname: string, lastname: string): stri
return generateEmail(firstname, lastname); return generateEmail(firstname, lastname);
} }
// UPDATED: Business logic helpers for new employee types // Business logic helpers for new employee types
export const isManager = (employee: Employee): boolean => export const isManager = (employee: Employee): boolean =>
employee.employeeType === 'manager'; employee.employeeType === 'manager';
@@ -90,7 +90,7 @@ export const isInternal = (employee: Employee): boolean =>
export const isExternal = (employee: Employee): boolean => export const isExternal = (employee: Employee): boolean =>
employee.employeeType === 'guest'; employee.employeeType === 'guest';
// UPDATED: Trainee logic - now based on isTrainee field for personell type // Trainee logic - now based on isTrainee field for personell type
export const isTrainee = (employee: Employee): boolean => export const isTrainee = (employee: Employee): boolean =>
employee.employeeType === 'personell' && employee.isTrainee; employee.employeeType === 'personell' && employee.isTrainee;
@@ -107,7 +107,7 @@ export const isMaintenance = (employee: Employee): boolean =>
export const isUser = (employee: Employee): boolean => export const isUser = (employee: Employee): boolean =>
employee.roles?.includes('user') || false; employee.roles?.includes('user') || false;
// UPDATED: Work alone permission - managers and experienced personell can work alone // Work alone permission - managers and experienced personell can work alone
export const canEmployeeWorkAlone = (employee: Employee): boolean => export const canEmployeeWorkAlone = (employee: Employee): boolean =>
employee.canWorkAlone && (isManager(employee) || isExperienced(employee)); employee.canWorkAlone && (isManager(employee) || isExperienced(employee));
@@ -134,7 +134,7 @@ export function validateAvailabilityData(availability: Omit<EmployeeAvailability
return errors; return errors;
} }
// UPDATED: Helper to get employee type category // Helper to get employee type category
export const getEmployeeCategory = (employee: Employee): 'internal' | 'external' => { export const getEmployeeCategory = (employee: Employee): 'internal' | 'external' => {
return isInternal(employee) ? 'internal' : 'external'; return isInternal(employee) ? 'internal' : 'external';
}; };

2
backend/src/models/helpers/shiftPlanHelpers.ts
View File

@@ -78,7 +78,7 @@ export function calculateTotalRequiredEmployees(plan: ShiftPlan): number {
return plan.shifts.reduce((total, shift) => total + shift.requiredEmployees, 0); return plan.shifts.reduce((total, shift) => total + shift.requiredEmployees, 0);
} }
// UPDATED: Get scheduled shift by date and time slot // Get scheduled shift by date and time slot
export function getScheduledShiftByDateAndTime( export function getScheduledShiftByDateAndTime(
plan: ShiftPlan, plan: ShiftPlan,
date: string, date: string,

2
backend/src/models/scheduling.ts
View File

@@ -2,7 +2,7 @@
import { Employee } from './Employee.js'; import { Employee } from './Employee.js';
import { ShiftPlan } from './ShiftPlan.js'; import { ShiftPlan } from './ShiftPlan.js';
// Updated Availability interface to match new schema // Availability interface
export interface Availability { export interface Availability {
id: string; id: string;
employeeId: string; employeeId: string;

10
backend/src/routes/employees.ts
View File

@@ -28,18 +28,18 @@ const router = express.Router();
router.use(authMiddleware); router.use(authMiddleware);
// Employee CRUD Routes // Employee CRUD Routes
router.get('/', validatePagination, handleValidationErrors, getEmployees); router.get('/', validatePagination, handleValidationErrors, authMiddleware, getEmployees);
router.get('/:id', validateId, handleValidationErrors, requireRole(['admin', 'maintenance']), getEmployee); router.get('/:id', validateId, handleValidationErrors, requireRole(['admin', 'maintenance']), getEmployee);
router.post('/', validateEmployee, handleValidationErrors, requireRole(['admin']), createEmployee); router.post('/', validateEmployee, handleValidationErrors, requireRole(['admin']), createEmployee);
router.put('/:id', validateId, validateEmployeeUpdate, handleValidationErrors, requireRole(['admin', 'maintenance']), updateEmployee); router.put('/:id', validateId, validateEmployeeUpdate, handleValidationErrors, requireRole(['admin', 'maintenance']), updateEmployee);
router.delete('/:id', validateId, handleValidationErrors, requireRole(['admin']), deleteEmployee); router.delete('/:id', validateId, handleValidationErrors, requireRole(['admin']), deleteEmployee);
// Password & Login Routes // Password & Login Routes
router.put('/:id/password', validateId, validateChangePassword, handleValidationErrors, changePassword); router.put('/:id/password', validateId, validateChangePassword, handleValidationErrors, authMiddleware, changePassword);
router.put('/:id/last-login', validateId, handleValidationErrors, updateLastLogin); router.put('/:id/last-login', validateId, handleValidationErrors, authMiddleware, updateLastLogin);
// Availability Routes // Availability Routes
router.get('/:employeeId/availabilities', validateEmployeeId, handleValidationErrors, getAvailabilities); router.get('/:employeeId/availabilities', validateEmployeeId, handleValidationErrors, authMiddleware, getAvailabilities);
router.put('/:employeeId/availabilities', validateEmployeeId, validateAvailabilities, handleValidationErrors, updateAvailabilities); router.put('/:employeeId/availabilities', validateEmployeeId, validateAvailabilities, handleValidationErrors, authMiddleware, updateAvailabilities);
export default router; export default router;

7
backend/src/routes/shiftPlans.ts
View File

@@ -7,7 +7,9 @@ import {
updateShiftPlan, updateShiftPlan,
deleteShiftPlan, deleteShiftPlan,
createFromPreset, createFromPreset,
clearAssignments clearAssignments,
exportShiftPlanToExcel,
exportShiftPlanToPDF
} from '../controllers/shiftPlanController.js'; } from '../controllers/shiftPlanController.js';
import { import {
validateShiftPlan, validateShiftPlan,
@@ -30,4 +32,7 @@ router.put('/:id', validateId, validateShiftPlanUpdate, handleValidationErrors,
router.delete('/:id', validateId, handleValidationErrors, requireRole(['admin', 'maintenance']), deleteShiftPlan); router.delete('/:id', validateId, handleValidationErrors, requireRole(['admin', 'maintenance']), deleteShiftPlan);
router.post('/:id/clear-assignments', validateId, handleValidationErrors, requireRole(['admin', 'maintenance']), clearAssignments); router.post('/:id/clear-assignments', validateId, handleValidationErrors, requireRole(['admin', 'maintenance']), clearAssignments);
router.get('/:id/export/excel', validateId, handleValidationErrors, requireRole(['admin', 'maintenance']), exportShiftPlanToExcel);
router.get('/:id/export/pdf', validateId, handleValidationErrors, requireRole(['admin', 'maintenance']), exportShiftPlanToPDF);
export default router; export default router;

4
backend/src/scripts/applyMigration.ts
View File

@@ -53,7 +53,7 @@ async function markMigrationAsApplied(migrationName: string) {
); );
} }
// UPDATED: Function to handle schema changes for the new employee type system // Function to handle schema changes for the new employee type system
async function applySchemaUpdates() { async function applySchemaUpdates() {
console.log('🔄 Applying schema updates for new employee type system...'); console.log('🔄 Applying schema updates for new employee type system...');
@@ -80,7 +80,7 @@ async function applySchemaUpdates() {
PRAGMA table_info(employees) PRAGMA table_info(employees)
`); `);
// FIXED: Check for employee_type column (not roles column) // Check for employee_type column (not roles column)
const hasEmployeeType = employeesTableInfo.some((col: TableColumnInfo) => col.name === 'employee_type'); const hasEmployeeType = employeesTableInfo.some((col: TableColumnInfo) => col.name === 'employee_type');
const hasIsTrainee = employeesTableInfo.some((col: TableColumnInfo) => col.name === 'is_trainee'); const hasIsTrainee = employeesTableInfo.some((col: TableColumnInfo) => col.name === 'is_trainee');

42
backend/src/scripts/initializeDatabase.ts
View File

@@ -65,7 +65,7 @@ export async function initializeDatabase(): Promise<void> {
console.log('Existing tables found:', existingTables.map(t => t.name).join(', ') || 'none'); console.log('Existing tables found:', existingTables.map(t => t.name).join(', ') || 'none');
// UPDATED: Drop tables in correct dependency order for new schema // Drop tables in correct dependency order for new schema
const tablesToDrop = [ const tablesToDrop = [
'employee_availability', 'employee_availability',
'shift_assignments', 'shift_assignments',
@@ -95,16 +95,40 @@ export async function initializeDatabase(): Promise<void> {
// Continue with schema creation even if table dropping fails // Continue with schema creation even if table dropping fails
} }
// Execute schema creation in a transaction // NEU: PRAGMA-Anweisungen außerhalb der Transaktion ausführen
await db.run('BEGIN EXCLUSIVE TRANSACTION'); console.log('Executing PRAGMA statements outside transaction...');
const pragmaStatements = schema
// Execute each statement separately for better error reporting
const statements = schema
.split(';') .split(';')
.map(stmt => stmt.trim()) .map(stmt => stmt.trim())
.filter(stmt => stmt.length > 0) .filter(stmt => stmt.length > 0)
.filter(stmt => stmt.toUpperCase().startsWith('PRAGMA'))
.map(stmt => {
return stmt.split('\n')
.filter(line => !line.trim().startsWith('--'))
.join('\n')
.trim();
});
for (const statement of pragmaStatements) {
try {
console.log('Executing PRAGMA:', statement);
await db.run(statement);
} catch (error) {
console.warn('PRAGMA statement might have failed:', statement, error);
// Continue even if PRAGMA fails
}
}
// Schema-Erstellung in Transaktion
await db.run('BEGIN EXCLUSIVE TRANSACTION');
// Nur die CREATE TABLE und andere Anweisungen (ohne PRAGMA)
const schemaStatements = schema
.split(';')
.map(stmt => stmt.trim())
.filter(stmt => stmt.length > 0)
.filter(stmt => !stmt.toUpperCase().startsWith('PRAGMA'))
.map(stmt => { .map(stmt => {
// Remove any single-line comments
return stmt.split('\n') return stmt.split('\n')
.filter(line => !line.trim().startsWith('--')) .filter(line => !line.trim().startsWith('--'))
.join('\n') .join('\n')
@@ -112,7 +136,7 @@ export async function initializeDatabase(): Promise<void> {
}) })
.filter(stmt => stmt.length > 0); .filter(stmt => stmt.length > 0);
for (const statement of statements) { for (const statement of schemaStatements) {
try { try {
console.log('Executing statement:', statement.substring(0, 50) + '...'); console.log('Executing statement:', statement.substring(0, 50) + '...');
await db.run(statement); await db.run(statement);
@@ -124,7 +148,7 @@ export async function initializeDatabase(): Promise<void> {
} }
} }
// UPDATED: Insert default data in correct order // Insert default data in correct order
try { try {
console.log('Inserting default employee types...'); console.log('Inserting default employee types...');
await db.run(`INSERT OR IGNORE INTO employee_types (type, category, has_contract_type) VALUES ('manager', 'internal', 1)`); await db.run(`INSERT OR IGNORE INTO employee_types (type, category, has_contract_type) VALUES ('manager', 'internal', 1)`);

160
backend/src/server.ts
View File

@@ -5,6 +5,7 @@ import { fileURLToPath } from 'url';
import { initializeDatabase } from './scripts/initializeDatabase.js'; import { initializeDatabase } from './scripts/initializeDatabase.js';
import fs from 'fs'; import fs from 'fs';
import helmet from 'helmet'; import helmet from 'helmet';
import type { ViteDevServer } from 'vite';
// Route imports // Route imports
import authRoutes from './routes/auth.js'; import authRoutes from './routes/auth.js';
@@ -13,7 +14,12 @@ import shiftPlanRoutes from './routes/shiftPlans.js';
import setupRoutes from './routes/setup.js'; import setupRoutes from './routes/setup.js';
import scheduledShifts from './routes/scheduledShifts.js'; import scheduledShifts from './routes/scheduledShifts.js';
import schedulingRoutes from './routes/scheduling.js'; import schedulingRoutes from './routes/scheduling.js';
import { authLimiter, apiLimiter } from './middleware/rateLimit.js'; import {
apiLimiter,
authLimiter,
expensiveEndpointLimiter
} from './middleware/rateLimit.js';
import { ipSecurityCheck as authIpCheck } from './middleware/auth.js';
const __filename = fileURLToPath(import.meta.url); const __filename = fileURLToPath(import.meta.url);
const __dirname = path.dirname(__filename); const __dirname = path.dirname(__filename);
@@ -22,7 +28,50 @@ const app = express();
const PORT = 3002; const PORT = 3002;
const isDevelopment = process.env.NODE_ENV === 'development'; const isDevelopment = process.env.NODE_ENV === 'development';
app.set('trust proxy', true); app.use(authIpCheck);
let vite: ViteDevServer | undefined;
if (isDevelopment) {
// Dynamically import and setup Vite middleware
const setupViteDevServer = async () => {
try {
const { createServer } = await import('vite');
vite = await createServer({
server: { middlewareMode: true },
appType: 'spa'
});
app.use(vite.middlewares);
console.log('🔧 Vite dev server integrated with Express');
} catch (error) {
console.warn('⚠️ Vite integration failed, using static files:', error);
}
};
setupViteDevServer();
}
const configureStaticFiles = () => {
const staticConfig = {
maxAge: '1y',
etag: false,
immutable: true,
index: false
};
// Serve frontend build
const frontendPath = '/app/frontend-build';
if (fs.existsSync(frontendPath)) {
console.log('✅ Serving frontend from:', frontendPath);
app.use(express.static(frontendPath, staticConfig));
}
// Serve premium assets if available
const premiumPath = '/app/premium-dist';
if (fs.existsSync(premiumPath)) {
console.log('✅ Serving premium assets from:', premiumPath);
app.use('/premium-assets', express.static(premiumPath, staticConfig));
}
};
// Security configuration // Security configuration
if (process.env.NODE_ENV === 'production') { if (process.env.NODE_ENV === 'production') {
@@ -34,6 +83,51 @@ if (process.env.NODE_ENV === 'production') {
} }
} }
const configureTrustProxy = (): string | string[] | boolean | number => {
const trustedProxyIps = process.env.TRUSTED_PROXY_IPS;
const trustProxyEnabled = process.env.TRUST_PROXY_ENABLED !== 'false';
// If explicitly disabled
if (!trustProxyEnabled) {
console.log('🔒 Trust proxy: Disabled');
return false;
}
// If specific IPs are provided via environment variable
if (trustedProxyIps) {
console.log('🔒 Trust proxy: Using configured IPs:', trustedProxyIps);
// Handle comma-separated list of IPs/CIDR ranges
if (trustedProxyIps.includes(',')) {
return trustedProxyIps.split(',').map(ip => ip.trim());
}
// Handle single IP/CIDR
return trustedProxyIps.trim();
}
// Default behavior for reverse proxy setup
console.log('🔒 Trust proxy: Using reverse proxy defaults (trust all)');
return true; // Trust all proxies when behind nginx
};
app.set('trust proxy', configureTrustProxy());
app.use((req, res, next) => {
const protocol = req.headers['x-forwarded-proto'] || req.protocol;
const isHttps = protocol === 'https';
// Add security warning for HTTP requests
if (!isHttps && process.env.NODE_ENV === 'production') {
res.setHeader('X-Security-Warning', 'This application is being accessed over HTTP. For secure communication, please use HTTPS.');
// Log HTTP access in production
console.warn(`⚠️ HTTP access detected: ${req.method} ${req.path} from ${req.ip}`);
}
next();
});
// Security headers // Security headers
app.use(helmet({ app.use(helmet({
contentSecurityPolicy: { contentSecurityPolicy: {
@@ -47,9 +141,14 @@ app.use(helmet({
objectSrc: ["'none'"], objectSrc: ["'none'"],
mediaSrc: ["'self'"], mediaSrc: ["'self'"],
frameSrc: ["'none'"], frameSrc: ["'none'"],
upgradeInsecureRequests: process.env.FORCE_HTTPS === 'true' ? [] : null
}, },
}, },
hsts: false, hsts: {
maxAge: 31536000,
includeSubDomains: true,
preload: true
}, // Enable HSTS for HTTPS
crossOriginEmbedderPolicy: false crossOriginEmbedderPolicy: false
})); }));
@@ -66,9 +165,12 @@ app.use(express.json());
// Rate limiting - weniger restriktiv in Development // Rate limiting - weniger restriktiv in Development
if (process.env.NODE_ENV === 'production') { if (process.env.NODE_ENV === 'production') {
console.log('🔒 Applying production rate limiting');
app.use('/api/', apiLimiter); app.use('/api/', apiLimiter);
} else { } else {
console.log('🔧 Development: Rate limiting relaxed'); console.log('🔧 Development: Relaxed rate limiting applied');
// In development, you might want to be more permissive
app.use('/api/', apiLimiter);
} }
// API Routes // API Routes
@@ -77,7 +179,7 @@ app.use('/api/auth', authLimiter, authRoutes);
app.use('/api/employees', employeeRoutes); app.use('/api/employees', employeeRoutes);
app.use('/api/shift-plans', shiftPlanRoutes); app.use('/api/shift-plans', shiftPlanRoutes);
app.use('/api/scheduled-shifts', scheduledShifts); app.use('/api/scheduled-shifts', scheduledShifts);
app.use('/api/scheduling', schedulingRoutes); app.use('/api/scheduling', expensiveEndpointLimiter, schedulingRoutes);
// Health route // Health route
app.get('/api/health', (req: express.Request, res: express.Response) => { app.get('/api/health', (req: express.Request, res: express.Response) => {
@@ -118,6 +220,7 @@ const findFrontendBuildPath = (): string | null => {
}; };
const frontendBuildPath = findFrontendBuildPath(); const frontendBuildPath = findFrontendBuildPath();
configureStaticFiles();
if (frontendBuildPath) { if (frontendBuildPath) {
app.use(express.static(frontendBuildPath)); app.use(express.static(frontendBuildPath));
@@ -130,12 +233,25 @@ if (frontendBuildPath) {
} }
// Root route // Root route
app.get('/', (req, res) => { app.get('/', async (req, res) => {
if (!frontendBuildPath) { // In development with Vite middleware
if (isDevelopment) { if (vite) {
return res.redirect('http://localhost:3003'); try {
const template = fs.readFileSync(
path.resolve(__dirname, '../../frontend/index.html'),
'utf-8'
);
const html = await vite.transformIndexHtml(req.url, template);
res.send(html);
} catch (error) {
res.status(500).send('Vite dev server error');
} }
return res.status(500).send('Frontend build not found'); return;
}
// Fallback to static file serving
if (!frontendBuildPath) {
return res.status(500).send('Frontend not available');
} }
const indexPath = path.join(frontendBuildPath, 'index.html'); const indexPath = path.join(frontendBuildPath, 'index.html');
@@ -143,20 +259,26 @@ app.get('/', (req, res) => {
}); });
// Client-side routing fallback // Client-side routing fallback
app.get('*', (req, res) => { app.get('*', (req, res, next) => {
// Skip API routes
if (req.path.startsWith('/api/')) { if (req.path.startsWith('/api/')) {
return res.status(404).json({ error: 'API endpoint not found' }); return next();
} }
if (!frontendBuildPath) { // Skip file extensions (assets)
if (isDevelopment) { if (req.path.match(/\.[a-z0-9]+$/i)) {
return res.redirect(`http://localhost:3003${req.path}`); return next();
}
return res.status(500).json({ error: 'Frontend application not available' });
} }
const indexPath = path.join(frontendBuildPath, 'index.html'); // Serve React app for all other routes
res.sendFile(indexPath); const frontendPath = '/app/frontend-build';
const indexPath = path.join(frontendPath, 'index.html');
if (fs.existsSync(indexPath)) {
res.sendFile(indexPath);
} else {
res.status(404).send('Frontend not available');
}
}); });
// Error handling // Error handling

13
docker-compose.yml
View File

@@ -6,17 +6,22 @@ services:
image: ghcr.io/donpat1to/schichtenplaner:v1.0.0 image: ghcr.io/donpat1to/schichtenplaner:v1.0.0
environment: environment:
- NODE_ENV=production - NODE_ENV=production
- JWT_SECRET=${JWT_SECRET:-your-secret-key-please-change} - JWT_SECRET=${JWT_SECRET}
ports: - TRUST_PROXY_ENABLED=true
- "3002:3002" - TRUSTED_PROXY_IPS=nginx-proxy,172.0.0.0/8,10.0.0.0/8,192.168.0.0/16
- FORCE_HTTPS=${FORCE_HTTPS:-false}
networks:
- app-network
volumes: volumes:
- app_data:/app/data - app_data:/app/data
restart: unless-stopped restart: unless-stopped
healthcheck: healthcheck:
test: ["CMD", "curl", "-f", "http://localhost:3002/api/health"] test: ["CMD", "wget", "--no-verbose", "--tries=1", "--spider", "http://localhost:3002/api/health"]
interval: 30s interval: 30s
timeout: 10s timeout: 10s
retries: 3 retries: 3
expose:
- "3002"
volumes: volumes:
app_data: app_data:

25
docker-init.sh
View File

@@ -3,17 +3,15 @@ set -e
echo "🚀 Container Initialisierung gestartet..." echo "🚀 Container Initialisierung gestartet..."
# Funktion zum Generieren eines sicheren Secrets
generate_secret() { generate_secret() {
length=$1 length=$1
tr -dc 'A-Za-z0-9!@#$%^&*()_+-=' < /dev/urandom | head -c $length tr -dc 'A-Za-z0-9!@#$%^&*()_+-=' < /dev/urandom | head -c $length
} }
# Prüfe ob .env existiert # Create .env if it doesn't exist
if [ ! -f /app/.env ]; then if [ ! -f /app/.env ]; then
echo "📝 Erstelle .env Datei..." echo "📝 Erstelle .env Datei..."
# Verwende vorhandenes JWT_SECRET oder generiere ein neues
if [ -z "$JWT_SECRET" ] || [ "$JWT_SECRET" = "your-secret-key-please-change" ]; then if [ -z "$JWT_SECRET" ] || [ "$JWT_SECRET" = "your-secret-key-please-change" ]; then
export JWT_SECRET=$(generate_secret 64) export JWT_SECRET=$(generate_secret 64)
echo "🔑 Automatisch sicheres JWT Secret generiert" echo "🔑 Automatisch sicheres JWT Secret generiert"
@@ -21,30 +19,37 @@ if [ ! -f /app/.env ]; then
echo "🔑 Verwende vorhandenes JWT Secret aus Umgebungsvariable" echo "🔑 Verwende vorhandenes JWT Secret aus Umgebungsvariable"
fi fi
# Erstelle .env aus Template mit envsubst # Create .env with all proxy settings
envsubst < /app/.env.template > /app/.env cat > /app/.env << EOF
echo "✅ .env Datei erstellt" NODE_ENV=production
JWT_SECRET=${JWT_SECRET}
TRUST_PROXY_ENABLED=${TRUST_PROXY_ENABLED:-true}
TRUSTED_PROXY_IPS=${TRUSTED_PROXY_IPS:-172.0.0.0/8,10.0.0.0/8,192.168.0.0/16}
HOSTNAME=${HOSTNAME:-localhost}
EOF
echo "✅ .env Datei erstellt"
else else
echo " .env Datei existiert bereits" echo " .env Datei existiert bereits"
# Wenn .env existiert, aber JWT_SECRET Umgebungsvariable gesetzt ist, aktualisiere sie # Update JWT_SECRET if provided
if [ -n "$JWT_SECRET" ] && [ "$JWT_SECRET" != "your-secret-key-please-change" ]; then if [ -n "$JWT_SECRET" ] && [ "$JWT_SECRET" != "your-secret-key-please-change" ]; then
echo "🔑 Aktualisiere JWT Secret in .env Datei" echo "🔑 Aktualisiere JWT Secret in .env Datei"
# Aktualisiere nur das JWT_SECRET in der .env Datei
sed -i "s/^JWT_SECRET=.*/JWT_SECRET=$JWT_SECRET/" /app/.env sed -i "s/^JWT_SECRET=.*/JWT_SECRET=$JWT_SECRET/" /app/.env
fi fi
fi fi
# Validiere dass JWT_SECERT nicht der Standardwert ist # Validate JWT_SECRET
if grep -q "JWT_SECRET=your-secret-key-please-change" /app/.env; then if grep -q "JWT_SECRET=your-secret-key-please-change" /app/.env; then
echo "❌ FEHLER: Standard JWT Secret in .env gefunden!" echo "❌ FEHLER: Standard JWT Secret in .env gefunden!"
echo "❌ Bitte setzen Sie JWT_SECRET Umgebungsvariable" echo "❌ Bitte setzen Sie JWT_SECRET Umgebungsvariable"
exit 1 exit 1
fi fi
# Setze sichere Berechtigungen
chmod 600 /app/.env chmod 600 /app/.env
echo "🔧 Proxy Configuration:"
echo " - TRUST_PROXY_ENABLED: ${TRUST_PROXY_ENABLED:-true}"
echo " - TRUSTED_PROXY_IPS: ${TRUSTED_PROXY_IPS:-172.0.0.0/8,10.0.0.0/8,192.168.0.0/16}"
echo "🔧 Starte Anwendung..." echo "🔧 Starte Anwendung..."
exec "$@" exec "$@"

178
frontend/donpat1to.svg Normal file
View File

File diff suppressed because one or more lines are too long
Side by Side

After

Width:  |  Height:  |  Size: 102 KiB

2
frontend/index.html
View File

@@ -2,7 +2,7 @@
<html lang="en"> <html lang="en">
<head> <head>
<meta charset="UTF-8" /> <meta charset="UTF-8" />
<link rel="icon" type="image/svg+xml" href="/vite.svg" /> <link rel="icon" type="image/svg+xml" href="/donpat1to.svg" />
<meta name="viewport" content="width=device-width, initial-scale=1.0" /> <meta name="viewport" content="width=device-width, initial-scale=1.0" />
<title>Shift Planning App</title> <title>Shift Planning App</title>
</head> </head>

10
frontend/package.json
View File

@@ -7,7 +7,9 @@
"react": "^19.0.0", "react": "^19.0.0",
"react-dom": "^19.0.0", "react-dom": "^19.0.0",
"react-router-dom": "^6.28.0", "react-router-dom": "^6.28.0",
"date-fns": "4.1.0" "date-fns": "4.1.0",
"@vitejs/plugin-react": "^4.3.3",
"vite": "^6.0.7"
}, },
"devDependencies": { "devDependencies": {
"@types/node": "20.19.23", "@types/node": "20.19.23",
@@ -25,10 +27,12 @@
"esbuild": "^0.21.0", "esbuild": "^0.21.0",
"terser": "5.44.0", "terser": "5.44.0",
"babel-plugin-transform-remove-console": "6.9.4", "babel-plugin-transform-remove-console": "6.9.4",
"framer-motion": "12.23.24" "framer-motion": "12.23.24",
"file-saver": "2.0.5",
"@types/file-saver": "2.0.5"
}, },
"scripts": { "scripts": {
"dev": "vite", "dev": "vite dev",
"build": "tsc && vite build", "build": "tsc && vite build",
"preview": "vite preview" "preview": "vite preview"
} }

21
frontend/src/App.tsx
View File

@@ -15,6 +15,8 @@ import EmployeeManagement from './pages/Employees/EmployeeManagement';
import Settings from './pages/Settings/Settings'; import Settings from './pages/Settings/Settings';
import Help from './pages/Help/Help'; import Help from './pages/Help/Help';
import Setup from './pages/Setup/Setup'; import Setup from './pages/Setup/Setup';
import ErrorBoundary from './components/ErrorBoundary/ErrorBoundary';
import SecurityWarning from './components/SecurityWarning/SecurityWarning';
// Free Footer Link Pages (always available) // Free Footer Link Pages (always available)
import FAQ from './components/Layout/FooterLinks/FAQ/FAQ'; import FAQ from './components/Layout/FooterLinks/FAQ/FAQ';
@@ -160,14 +162,17 @@ const AppContent: React.FC = () => {
function App() { function App() {
return ( return (
<NotificationProvider> <ErrorBoundary>
<AuthProvider> <NotificationProvider>
<Router> <AuthProvider>
<NotificationContainer /> <Router>
<AppContent /> <SecurityWarning />
</Router> <NotificationContainer />
</AuthProvider> <AppContent />
</NotificationProvider> </Router>
</AuthProvider>
</NotificationProvider>
</ErrorBoundary>
); );
} }

101
frontend/src/components/ErrorBoundary/ErrorBoundary.tsx Normal file
View File

@@ -0,0 +1,101 @@
// src/components/ErrorBoundary/ErrorBoundary.tsx
import React from 'react';
interface Props {
children: React.ReactNode;
fallback?: React.ReactNode;
}
interface State {
hasError: boolean;
error?: Error;
}
class ErrorBoundary extends React.Component<Props, State> {
constructor(props: Props) {
super(props);
this.state = { hasError: false };
}
static getDerivedStateFromError(error: Error): State {
return { hasError: true, error };
}
componentDidCatch(error: Error, errorInfo: React.ErrorInfo) {
console.error('🚨 Application Error:', error);
console.error('📋 Error Details:', errorInfo);
// In production, send to your error reporting service
// logErrorToService(error, errorInfo);
}
render() {
if (this.state.hasError) {
// You can render any custom fallback UI
return this.props.fallback || (
<div style={{
padding: '40px',
textAlign: 'center',
fontFamily: 'Arial, sans-serif'
}}>
<div style={{ fontSize: '48px', marginBottom: '20px' }}></div>
<h2>Oops! Something went wrong</h2>
<p style={{ margin: '20px 0', color: '#666' }}>
We encountered an unexpected error. Please try refreshing the page.
</p>
<div style={{ marginTop: '30px' }}>
<button
onClick={() => window.location.reload()}
style={{
padding: '10px 20px',
backgroundColor: '#007bff',
color: 'white',
border: 'none',
borderRadius: '4px',
cursor: 'pointer',
marginRight: '10px'
}}
>
Refresh Page
</button>
<button
onClick={() => this.setState({ hasError: false })}
style={{
padding: '10px 20px',
backgroundColor: '#6c757d',
color: 'white',
border: 'none',
borderRadius: '4px',
cursor: 'pointer'
}}
>
Try Again
</button>
</div>
{process.env.NODE_ENV === 'development' && this.state.error && (
<details style={{
marginTop: '20px',
textAlign: 'left',
background: '#f8f9fa',
padding: '15px',
borderRadius: '4px'
}}>
<summary>Error Details (Development)</summary>
<pre style={{
whiteSpace: 'pre-wrap',
fontSize: '12px',
color: '#dc3545'
}}>
{this.state.error.stack}
</pre>
</details>
)}
</div>
);
}
return this.props.children;
}
}
export default ErrorBoundary;

59
frontend/src/components/SecurityWarning/SecurityWarning.tsx Normal file
View File

@@ -0,0 +1,59 @@
// src/components/SecurityWarning/SecurityWarning.tsx
import React, { useState, useEffect } from 'react';
const SecurityWarning: React.FC = () => {
const [isHttp, setIsHttp] = useState(false);
const [isDismissed, setIsDismissed] = useState(false);
useEffect(() => {
// Check if current protocol is HTTP
const checkProtocol = () => {
setIsHttp(window.location.protocol === 'http:');
};
checkProtocol();
window.addEventListener('load', checkProtocol);
return () => window.removeEventListener('load', checkProtocol);
}, []);
if (!isHttp || isDismissed) {
return null;
}
return (
<div style={{
position: 'fixed',
top: 0,
left: 0,
right: 0,
backgroundColor: '#ff6b35',
color: 'white',
padding: '10px 20px',
textAlign: 'center',
zIndex: 10000,
fontSize: '14px',
fontWeight: 'bold',
boxShadow: '0 2px 4px rgba(0,0,0,0.2)'
}}>
SECURITY WARNING: This site is being accessed over HTTP.
For secure communication, please use HTTPS.
<button
onClick={() => setIsDismissed(true)}
style={{
marginLeft: '15px',
background: 'rgba(255,255,255,0.2)',
border: '1px solid white',
color: 'white',
padding: '2px 8px',
borderRadius: '3px',
cursor: 'pointer'
}}
>
Dismiss
</button>
</div>
);
};
export default SecurityWarning;

18
frontend/src/contexts/AuthContext.tsx
View File

@@ -49,12 +49,21 @@ export const AuthProvider: React.FC<AuthProviderProps> = ({ children }) => {
const checkSetupStatus = async (): Promise<void> => { const checkSetupStatus = async (): Promise<void> => {
try { try {
console.log('🔍 Checking setup status...'); console.log('🔍 Checking setup status...');
const response = await fetch(`${API_BASE_URL}/setup/status`); const startTime = Date.now();
const response = await fetch(`${API_BASE_URL}/setup/status`, {
signal: AbortSignal.timeout(5000)
});
console.log(`✅ Setup status response received in ${Date.now() - startTime}ms`);
if (!response.ok) { if (!response.ok) {
console.error('❌ Setup status response not OK:', response.status, response.statusText);
throw new Error('Setup status check failed'); throw new Error('Setup status check failed');
} }
const data = await response.json(); const data = await response.json();
console.log('✅ Setup status response:', data); console.log('✅ Setup status response data:', data);
setNeedsSetup(data.needsSetup === true); setNeedsSetup(data.needsSetup === true);
} catch (error) { } catch (error) {
console.error('❌ Error checking setup status:', error); console.error('❌ Error checking setup status:', error);
@@ -95,7 +104,6 @@ export const AuthProvider: React.FC<AuthProviderProps> = ({ children }) => {
} }
}; };
// Add the updateUser function
const updateUser = (userData: Employee) => { const updateUser = (userData: Employee) => {
console.log('🔄 Updating user in auth context:', userData); console.log('🔄 Updating user in auth context:', userData);
setUser(userData); setUser(userData);
@@ -161,6 +169,8 @@ export const AuthProvider: React.FC<AuthProviderProps> = ({ children }) => {
initializeAuth(); initializeAuth();
}, []); }, []);
const calculatedNeedsSetup = needsSetup === null ? true : needsSetup;
const value: AuthContextType = { const value: AuthContextType = {
user, user,
login, login,
@@ -168,7 +178,7 @@ export const AuthProvider: React.FC<AuthProviderProps> = ({ children }) => {
hasRole, hasRole,
loading, loading,
refreshUser, refreshUser,
needsSetup: needsSetup === null ? true : needsSetup, needsSetup: calculatedNeedsSetup,
checkSetupStatus, checkSetupStatus,
updateUser, updateUser,
}; };

2
frontend/src/design/DesignSystem.txt
View File

@@ -20,6 +20,8 @@ export const designTokens = {
10: '#ebd7fa', 10: '#ebd7fa',
}, },
manager: '#CC0000',
// Semantic Colors // Semantic Colors
primary: '#51258f', primary: '#51258f',
secondary: '#642ab5', secondary: '#642ab5',

38
frontend/src/hooks/useBackendValidation.ts
View File

@@ -33,35 +33,19 @@ export const useBackendValidation = () => {
const result = await apiCall(); const result = await apiCall();
return result; return result;
} catch (error: any) { } catch (error: any) {
if (error.validationErrors) { if (error.validationErrors && Array.isArray(error.validationErrors)) {
setValidationErrors(error.validationErrors); setValidationErrors(error.validationErrors);
// Show specific validation error messages // Show specific validation error messages from backend
if (error.validationErrors.length > 0) { error.validationErrors.forEach((validationError: ValidationError, index: number) => {
// Show the first validation error as the main notification setTimeout(() => {
const firstError = error.validationErrors[0]; showNotification({
showNotification({ type: 'error',
type: 'error', title: 'Validierungsfehler',
title: 'Validierungsfehler', message: `${validationError.field ? `${validationError.field}: ` : ''}${validationError.message}`
message: firstError.message });
}); }, index * 500); // Stagger the notifications
});
// If there are multiple errors, show additional notifications for each
if (error.validationErrors.length > 1) {
// Wait a bit before showing additional notifications to avoid overlap
setTimeout(() => {
error.validationErrors.slice(1).forEach((validationError: ValidationError, index: number) => {
setTimeout(() => {
showNotification({
type: 'error',
title: 'Weiterer Fehler',
message: validationError.message
});
}, index * 300); // Stagger the notifications
});
}, 500);
}
}
} else { } else {
// Show notification for other errors // Show notification for other errors
showNotification({ showNotification({

2
frontend/src/models/defaults/employeeDefaults.ts
View File

@@ -102,7 +102,7 @@ export const AVAILABILITY_PREFERENCES = {
} as const; } as const;
// Default availability for new employees (all shifts unavailable as level 3) // Default availability for new employees (all shifts unavailable as level 3)
// UPDATED: Now uses shiftId instead of timeSlotId + dayOfWeek // Now uses shiftId instead of timeSlotId + dayOfWeek
export function createDefaultAvailabilities(employeeId: string, planId: string, shiftIds: string[]): Omit<EmployeeAvailability, 'id'>[] { export function createDefaultAvailabilities(employeeId: string, planId: string, shiftIds: string[]): Omit<EmployeeAvailability, 'id'>[] {
const availabilities: Omit<EmployeeAvailability, 'id'>[] = []; const availabilities: Omit<EmployeeAvailability, 'id'>[] = [];

14
frontend/src/models/helpers/employeeHelpers.ts
View File

@@ -18,12 +18,12 @@ function generateEmail(firstname: string, lastname: string): string {
return `${cleanFirstname}.${cleanLastname}@sp.de`; return `${cleanFirstname}.${cleanLastname}@sp.de`;
} }
// UPDATED: Validation for new employee model with employee types // Validation for new employee model with employee types
export function validateEmployeeData(employee: CreateEmployeeRequest): string[] { export function validateEmployeeData(employee: CreateEmployeeRequest): string[] {
const errors: string[] = []; const errors: string[] = [];
if (employee.password?.length < 6) { if (employee.password?.length < 8) {
errors.push('Password must be at least 6 characters long'); errors.push('Password must be at least 8 characters long');
} }
if (!employee.firstname?.trim() || employee.firstname.trim().length < 2) { if (!employee.firstname?.trim() || employee.firstname.trim().length < 2) {
@@ -71,7 +71,7 @@ export function generateEmployeeEmail(firstname: string, lastname: string): stri
return generateEmail(firstname, lastname); return generateEmail(firstname, lastname);
} }
// UPDATED: Business logic helpers for new employee types // Business logic helpers for new employee types
export const isManager = (employee: Employee): boolean => export const isManager = (employee: Employee): boolean =>
employee.employeeType === 'manager'; employee.employeeType === 'manager';
@@ -90,7 +90,7 @@ export const isInternal = (employee: Employee): boolean =>
export const isExternal = (employee: Employee): boolean => export const isExternal = (employee: Employee): boolean =>
employee.employeeType === 'guest'; employee.employeeType === 'guest';
// UPDATED: Trainee logic - now based on isTrainee field for personell type // Trainee logic - now based on isTrainee field for personell type
export const isTrainee = (employee: Employee): boolean => export const isTrainee = (employee: Employee): boolean =>
employee.employeeType === 'personell' && employee.isTrainee; employee.employeeType === 'personell' && employee.isTrainee;
@@ -107,7 +107,7 @@ export const isMaintenance = (employee: Employee): boolean =>
export const isUser = (employee: Employee): boolean => export const isUser = (employee: Employee): boolean =>
employee.roles?.includes('user') || false; employee.roles?.includes('user') || false;
// UPDATED: Work alone permission - managers and experienced personell can work alone // Work alone permission - managers and experienced personell can work alone
export const canEmployeeWorkAlone = (employee: Employee): boolean => export const canEmployeeWorkAlone = (employee: Employee): boolean =>
employee.canWorkAlone && (isManager(employee) || isExperienced(employee)); employee.canWorkAlone && (isManager(employee) || isExperienced(employee));
@@ -134,7 +134,7 @@ export function validateAvailabilityData(availability: Omit<EmployeeAvailability
return errors; return errors;
} }
// UPDATED: Helper to get employee type category // Helper to get employee type category
export const getEmployeeCategory = (employee: Employee): 'internal' | 'external' => { export const getEmployeeCategory = (employee: Employee): 'internal' | 'external' => {
return isInternal(employee) ? 'internal' : 'external'; return isInternal(employee) ? 'internal' : 'external';
}; };

2
frontend/src/models/helpers/shiftPlanHelpers.ts
View File

@@ -78,7 +78,7 @@ export function calculateTotalRequiredEmployees(plan: ShiftPlan): number {
return plan.shifts.reduce((total, shift) => total + shift.requiredEmployees, 0); return plan.shifts.reduce((total, shift) => total + shift.requiredEmployees, 0);
} }
// UPDATED: Get scheduled shift by date and time slot // Get scheduled shift by date and time slot
export function getScheduledShiftByDateAndTime( export function getScheduledShiftByDateAndTime(
plan: ShiftPlan, plan: ShiftPlan,
date: string, date: string,

2
frontend/src/models/scheduling.ts
View File

@@ -2,7 +2,7 @@
import { Employee } from './Employee.js'; import { Employee } from './Employee.js';
import { ShiftPlan } from './ShiftPlan.js'; import { ShiftPlan } from './ShiftPlan.js';
// Updated Availability interface to match new schema // Availability interface to match
export interface Availability { export interface Availability {
id: string; id: string;
employeeId: string; employeeId: string;

2
frontend/src/pages/Auth/Login.tsx
View File

@@ -1,4 +1,4 @@
// frontend/src/pages/Auth/Login.tsx - UPDATED PASSWORD SECTION // frontend/src/pages/Auth/Login.tsx
import React, { useState, useEffect, useRef } from 'react'; import React, { useState, useEffect, useRef } from 'react';
import { useNavigate } from 'react-router-dom'; import { useNavigate } from 'react-router-dom';
import { useAuth } from '../../contexts/AuthContext'; import { useAuth } from '../../contexts/AuthContext';

15
frontend/src/pages/Employees/components/EmployeeForm.tsx
View File

@@ -265,7 +265,7 @@ const useEmployeeForm = (mode: 'create' | 'edit', employee?: Employee) => {
// Determine if can work alone based on employee type // Determine if can work alone based on employee type
const canWorkAlone = employeeType === 'manager' || const canWorkAlone = employeeType === 'manager' ||
(employeeType === 'personell' && !formData.isTrainee); (employeeType === 'personell' && !formData.isTrainee);
// Reset isTrainee if not personell // Reset isTrainee if not personell
const isTrainee = employeeType === 'personell' ? formData.isTrainee : false; const isTrainee = employeeType === 'personell' ? formData.isTrainee : false;
@@ -343,7 +343,8 @@ const useEmployeeForm = (mode: 'create' | 'edit', employee?: Employee) => {
await executeWithValidation(() => await executeWithValidation(() =>
employeeService.changePassword(employee.id, { employeeService.changePassword(employee.id, {
currentPassword: '', currentPassword: '',
newPassword: passwordForm.newPassword newPassword: passwordForm.newPassword,
confirmPassword: passwordForm.confirmPassword
}) })
); );
} }
@@ -365,8 +366,8 @@ const useEmployeeForm = (mode: 'create' | 'edit', employee?: Employee) => {
switch (stepIndex) { switch (stepIndex) {
case 0: case 0:
return !!formData.firstname.trim() && return !!formData.firstname.trim() &&
!!formData.lastname.trim(); !!formData.lastname.trim();
// REMOVE: (mode === 'edit' || formData.password.length >= 6) // REMOVE: (mode === 'edit' || formData.password.length >= 6)
case 1: case 1:
return !!formData.employeeType; return !!formData.employeeType;
case 2: case 2:
@@ -711,7 +712,7 @@ const Step2Content: React.FC<StepContentProps> = ({
{contractTypeOptions.map(contract => { {contractTypeOptions.map(contract => {
const isFlexibleDisabled = contract.value === 'flexible' && formData.employeeType === 'personell'; const isFlexibleDisabled = contract.value === 'flexible' && formData.employeeType === 'personell';
const isSmallLargeDisabled = (contract.value === 'small' || contract.value === 'large') && const isSmallLargeDisabled = (contract.value === 'small' || contract.value === 'large') &&
(formData.employeeType === 'manager' || formData.employeeType === 'apprentice'); (formData.employeeType === 'manager' || formData.employeeType === 'apprentice');
const isDisabled = isFlexibleDisabled || isSmallLargeDisabled; const isDisabled = isFlexibleDisabled || isSmallLargeDisabled;
return ( return (
@@ -867,8 +868,8 @@ const Step3Content: React.FC<StepContentProps> = ({
{formData.employeeType === 'manager' {formData.employeeType === 'manager'
? 'Chefs sind automatisch als eigenständig markiert.' ? 'Chefs sind automatisch als eigenständig markiert.'
: formData.employeeType === 'personell' && formData.isTrainee : formData.employeeType === 'personell' && formData.isTrainee
? 'Auszubildende können nicht als eigenständig markiert werden.' ? 'Auszubildende können nicht als eigenständig markiert werden.'
: 'Dieser Mitarbeiter kann komplexe Aufgaben eigenständig lösen und benötigt keine ständige Betreuung.' : 'Dieser Mitarbeiter kann komplexe Aufgaben eigenständig lösen und benötigt keine ständige Betreuung.'
} }
</div> </div>
</div> </div>

6
frontend/src/pages/Employees/components/EmployeeList.tsx
View File

@@ -15,7 +15,7 @@ interface EmployeeListProps {
type SortField = 'name' | 'employeeType' | 'canWorkAlone' | 'role' | 'lastLogin'; type SortField = 'name' | 'employeeType' | 'canWorkAlone' | 'role' | 'lastLogin';
type SortDirection = 'asc' | 'desc'; type SortDirection = 'asc' | 'desc';
// FIXED: Use the actual employee types from the Employee interface // Use the actual employee types from the Employee interface
type EmployeeType = 'manager' | 'personell' | 'apprentice' | 'guest'; type EmployeeType = 'manager' | 'personell' | 'apprentice' | 'guest';
const EmployeeList: React.FC<EmployeeListProps> = ({ const EmployeeList: React.FC<EmployeeListProps> = ({
@@ -130,7 +130,7 @@ const EmployeeList: React.FC<EmployeeListProps> = ({
const getEmployeeTypeBadge = (type: EmployeeType, isTrainee: boolean = false) => { const getEmployeeTypeBadge = (type: EmployeeType, isTrainee: boolean = false) => {
const config = EMPLOYEE_TYPE_CONFIG[type]; const config = EMPLOYEE_TYPE_CONFIG[type];
// FIXED: Updated color mapping for actual employee types // Color mapping for actual employee types
const bgColor = const bgColor =
type === 'manager' type === 'manager'
? '#fadbd8' // light red ? '#fadbd8' // light red
@@ -326,7 +326,7 @@ const EmployeeList: React.FC<EmployeeListProps> = ({
</div> </div>
{sortedEmployees.map(employee => { {sortedEmployees.map(employee => {
// FIXED: Type assertion to ensure type safety // Type assertion to ensure type safety
const employeeType = getEmployeeTypeBadge(employee.employeeType as EmployeeType, employee.isTrainee); const employeeType = getEmployeeTypeBadge(employee.employeeType as EmployeeType, employee.isTrainee);
const independence = getIndependenceBadge(employee.canWorkAlone); const independence = getIndependenceBadge(employee.canWorkAlone);
const roleInfo = getRoleBadge(employee.roles); const roleInfo = getRoleBadge(employee.roles);

173
frontend/src/pages/Settings/Settings.tsx
View File

@@ -1,8 +1,9 @@
// frontend/src/pages/Settings/Settings.tsx - UPDATED WITH NEW STYLES // frontend/src/pages/Settings/Settings.tsx - UPDATED WITH VALIDATION STRATEGY
import React, { useState, useEffect, useRef } from 'react'; import React, { useState, useEffect, useRef } from 'react';
import { useAuth } from '../../contexts/AuthContext'; import { useAuth } from '../../contexts/AuthContext';
import { employeeService } from '../../services/employeeService'; import { employeeService } from '../../services/employeeService';
import { useNotification } from '../../contexts/NotificationContext'; import { useNotification } from '../../contexts/NotificationContext';
import { useBackendValidation } from '../../hooks/useBackendValidation';
import AvailabilityManager from '../Employees/components/AvailabilityManager'; import AvailabilityManager from '../Employees/components/AvailabilityManager';
import { Employee } from '../../models/Employee'; import { Employee } from '../../models/Employee';
import { styles } from './type/SettingsType'; import { styles } from './type/SettingsType';
@@ -10,11 +11,12 @@ import { styles } from './type/SettingsType';
const Settings: React.FC = () => { const Settings: React.FC = () => {
const { user: currentUser, updateUser } = useAuth(); const { user: currentUser, updateUser } = useAuth();
const { showNotification } = useNotification(); const { showNotification } = useNotification();
const { executeWithValidation, clearErrors, isSubmitting } = useBackendValidation();
const [activeTab, setActiveTab] = useState<'profile' | 'password' | 'availability'>('profile'); const [activeTab, setActiveTab] = useState<'profile' | 'password' | 'availability'>('profile');
const [loading, setLoading] = useState(false);
const [showAvailabilityManager, setShowAvailabilityManager] = useState(false); const [showAvailabilityManager, setShowAvailabilityManager] = useState(false);
// Profile form state - updated for firstname/lastname // Profile form state
const [profileForm, setProfileForm] = useState({ const [profileForm, setProfileForm] = useState({
firstname: currentUser?.firstname || '', firstname: currentUser?.firstname || '',
lastname: currentUser?.lastname || '' lastname: currentUser?.lastname || ''
@@ -73,7 +75,7 @@ const Settings: React.FC = () => {
})); }));
}; };
// Password visibility handlers for current password // Password visibility handlers
const handleCurrentPasswordMouseDown = () => { const handleCurrentPasswordMouseDown = () => {
currentPasswordTimeoutRef.current = setTimeout(() => { currentPasswordTimeoutRef.current = setTimeout(() => {
setShowCurrentPassword(true); setShowCurrentPassword(true);
@@ -88,7 +90,6 @@ const Settings: React.FC = () => {
setShowCurrentPassword(false); setShowCurrentPassword(false);
}; };
// Password visibility handlers for new password
const handleNewPasswordMouseDown = () => { const handleNewPasswordMouseDown = () => {
newPasswordTimeoutRef.current = setTimeout(() => { newPasswordTimeoutRef.current = setTimeout(() => {
setShowNewPassword(true); setShowNewPassword(true);
@@ -103,7 +104,6 @@ const Settings: React.FC = () => {
setShowNewPassword(false); setShowNewPassword(false);
}; };
// Password visibility handlers for confirm password
const handleConfirmPasswordMouseDown = () => { const handleConfirmPasswordMouseDown = () => {
confirmPasswordTimeoutRef.current = setTimeout(() => { confirmPasswordTimeoutRef.current = setTimeout(() => {
setShowConfirmPassword(true); setShowConfirmPassword(true);
@@ -129,7 +129,6 @@ const Settings: React.FC = () => {
cleanup(); cleanup();
}; };
// Prevent context menu
const handleContextMenu = (e: React.MouseEvent) => { const handleContextMenu = (e: React.MouseEvent) => {
e.preventDefault(); e.preventDefault();
}; };
@@ -138,40 +137,46 @@ const Settings: React.FC = () => {
e.preventDefault(); e.preventDefault();
if (!currentUser) return; if (!currentUser) return;
// Validation // BASIC FRONTEND VALIDATION: Only check required fields
if (!profileForm.firstname.trim() || !profileForm.lastname.trim()) { if (!profileForm.firstname.trim()) {
showNotification({ showNotification({
type: 'error', type: 'error',
title: 'Fehler', title: 'Fehler',
message: 'Vorname und Nachname sind erforderlich' message: 'Vorname ist erforderlich'
});
return;
}
if (!profileForm.lastname.trim()) {
showNotification({
type: 'error',
title: 'Fehler',
message: 'Nachname ist erforderlich'
}); });
return; return;
} }
try { try {
setLoading(true); // Use executeWithValidation to handle backend validation
await employeeService.updateEmployee(currentUser.id, { await executeWithValidation(async () => {
firstname: profileForm.firstname.trim(), const updatedEmployee = await employeeService.updateEmployee(currentUser.id, {
lastname: profileForm.lastname.trim() firstname: profileForm.firstname.trim(),
}); lastname: profileForm.lastname.trim()
});
// Update the auth context with new user data // Update the auth context with new user data
const updatedUser = await employeeService.getEmployee(currentUser.id); updateUser(updatedEmployee);
updateUser(updatedUser);
showNotification({ showNotification({
type: 'success', type: 'success',
title: 'Erfolg', title: 'Erfolg',
message: 'Profil erfolgreich aktualisiert' message: 'Profil erfolgreich aktualisiert'
});
}); });
} catch (error: any) { } catch (error) {
showNotification({ // Backend validation errors are already handled by executeWithValidation
type: 'error', // We only need to handle unexpected errors here
title: 'Fehler', console.error('Unexpected error:', error);
message: error.message || 'Profil konnte nicht aktualisiert werden'
});
} finally {
setLoading(false);
} }
}; };
@@ -179,12 +184,30 @@ const Settings: React.FC = () => {
e.preventDefault(); e.preventDefault();
if (!currentUser) return; if (!currentUser) return;
// Validation // BASIC FRONTEND VALIDATION: Only check minimum requirements
if (passwordForm.newPassword.length < 6) { if (!passwordForm.currentPassword) {
showNotification({ showNotification({
type: 'error', type: 'error',
title: 'Fehler', title: 'Fehler',
message: 'Das neue Passwort muss mindestens 6 Zeichen lang sein' message: 'Aktuelles Passwort ist erforderlich'
});
return;
}
if (!passwordForm.newPassword) {
showNotification({
type: 'error',
title: 'Fehler',
message: 'Neues Passwort ist erforderlich'
});
return;
}
if (passwordForm.newPassword.length < 8) {
showNotification({
type: 'error',
title: 'Fehler',
message: 'Das neue Passwort muss mindestens 8 Zeichen lang sein'
}); });
return; return;
} }
@@ -199,34 +222,30 @@ const Settings: React.FC = () => {
} }
try { try {
setLoading(true); // Use executeWithValidation to handle backend validation
await executeWithValidation(async () => {
await employeeService.changePassword(currentUser.id, {
currentPassword: passwordForm.currentPassword,
newPassword: passwordForm.newPassword,
confirmPassword: passwordForm.confirmPassword
});
// Use the actual password change endpoint showNotification({
await employeeService.changePassword(currentUser.id, { type: 'success',
currentPassword: passwordForm.currentPassword, title: 'Erfolg',
newPassword: passwordForm.newPassword message: 'Passwort erfolgreich geändert'
}); });
showNotification({ // Clear password form
type: 'success', setPasswordForm({
title: 'Erfolg', currentPassword: '',
message: 'Passwort erfolgreich geändert' newPassword: '',
confirmPassword: ''
});
}); });
} catch (error) {
// Clear password form // Backend validation errors are already handled by executeWithValidation
setPasswordForm({ console.error('Unexpected error:', error);
currentPassword: '',
newPassword: '',
confirmPassword: ''
});
} catch (error: any) {
showNotification({
type: 'error',
title: 'Fehler',
message: error.message || 'Passwort konnte nicht geändert werden'
});
} finally {
setLoading(false);
} }
}; };
@@ -243,6 +262,12 @@ const Settings: React.FC = () => {
setShowAvailabilityManager(false); setShowAvailabilityManager(false);
}; };
// Clear validation errors when switching tabs
const handleTabChange = (tab: 'profile' | 'password' | 'availability') => {
clearErrors();
setActiveTab(tab);
};
if (!currentUser) { if (!currentUser) {
return <div style={{ return <div style={{
textAlign: 'center', textAlign: 'center',
@@ -273,7 +298,7 @@ const Settings: React.FC = () => {
<div style={styles.tabs}> <div style={styles.tabs}>
<button <button
onClick={() => setActiveTab('profile')} onClick={() => handleTabChange('profile')}
style={{ style={{
...styles.tab, ...styles.tab,
...(activeTab === 'profile' ? styles.tabActive : {}) ...(activeTab === 'profile' ? styles.tabActive : {})
@@ -301,7 +326,7 @@ const Settings: React.FC = () => {
</button> </button>
<button <button
onClick={() => setActiveTab('password')} onClick={() => handleTabChange('password')}
style={{ style={{
...styles.tab, ...styles.tab,
...(activeTab === 'password' ? styles.tabActive : {}) ...(activeTab === 'password' ? styles.tabActive : {})
@@ -329,7 +354,7 @@ const Settings: React.FC = () => {
</button> </button>
<button <button
onClick={() => setActiveTab('availability')} onClick={() => handleTabChange('availability')}
style={{ style={{
...styles.tab, ...styles.tab,
...(activeTab === 'availability' ? styles.tabActive : {}) ...(activeTab === 'availability' ? styles.tabActive : {})
@@ -480,28 +505,28 @@ const Settings: React.FC = () => {
<div style={styles.actions}> <div style={styles.actions}>
<button <button
type="submit" type="submit"
disabled={loading || !profileForm.firstname.trim() || !profileForm.lastname.trim()} disabled={isSubmitting || !profileForm.firstname.trim() || !profileForm.lastname.trim()}
style={{ style={{
...styles.button, ...styles.button,
...styles.buttonPrimary, ...styles.buttonPrimary,
...((loading || !profileForm.firstname.trim() || !profileForm.lastname.trim()) ? styles.buttonDisabled : {}) ...((isSubmitting || !profileForm.firstname.trim() || !profileForm.lastname.trim()) ? styles.buttonDisabled : {})
}} }}
onMouseEnter={(e) => { onMouseEnter={(e) => {
if (!loading && profileForm.firstname.trim() && profileForm.lastname.trim()) { if (!isSubmitting && profileForm.firstname.trim() && profileForm.lastname.trim()) {
e.currentTarget.style.background = styles.buttonPrimaryHover.background; e.currentTarget.style.background = styles.buttonPrimaryHover.background;
e.currentTarget.style.transform = styles.buttonPrimaryHover.transform; e.currentTarget.style.transform = styles.buttonPrimaryHover.transform;
e.currentTarget.style.boxShadow = styles.buttonPrimaryHover.boxShadow; e.currentTarget.style.boxShadow = styles.buttonPrimaryHover.boxShadow;
} }
}} }}
onMouseLeave={(e) => { onMouseLeave={(e) => {
if (!loading && profileForm.firstname.trim() && profileForm.lastname.trim()) { if (!isSubmitting && profileForm.firstname.trim() && profileForm.lastname.trim()) {
e.currentTarget.style.background = styles.buttonPrimary.background; e.currentTarget.style.background = styles.buttonPrimary.background;
e.currentTarget.style.transform = 'none'; e.currentTarget.style.transform = 'none';
e.currentTarget.style.boxShadow = styles.buttonPrimary.boxShadow; e.currentTarget.style.boxShadow = styles.buttonPrimary.boxShadow;
} }
}} }}
> >
{loading ? '⏳ Wird gespeichert...' : 'Profil aktualisieren'} {isSubmitting ? '⏳ Wird gespeichert...' : 'Profil aktualisieren'}
</button> </button>
</div> </div>
</form> </form>
@@ -575,9 +600,9 @@ const Settings: React.FC = () => {
value={passwordForm.newPassword} value={passwordForm.newPassword}
onChange={handlePasswordChange} onChange={handlePasswordChange}
required required
minLength={6} minLength={8}
style={styles.fieldInputWithIcon} style={styles.fieldInputWithIcon}
placeholder="Mindestens 6 Zeichen" placeholder="Mindestens 8 Zeichen"
onFocus={(e) => { onFocus={(e) => {
e.target.style.borderColor = '#1a1325'; e.target.style.borderColor = '#1a1325';
e.target.style.boxShadow = '0 0 0 3px rgba(26, 19, 37, 0.1)'; e.target.style.boxShadow = '0 0 0 3px rgba(26, 19, 37, 0.1)';
@@ -606,7 +631,7 @@ const Settings: React.FC = () => {
</button> </button>
</div> </div>
<div style={styles.fieldHint}> <div style={styles.fieldHint}>
Das Passwort muss mindestens 6 Zeichen lang sein. Das Passwort muss mindestens 8 Zeichen lang sein.
</div> </div>
</div> </div>
@@ -657,28 +682,28 @@ const Settings: React.FC = () => {
<div style={styles.actions}> <div style={styles.actions}>
<button <button
type="submit" type="submit"
disabled={loading || !passwordForm.currentPassword || !passwordForm.newPassword || !passwordForm.confirmPassword} disabled={isSubmitting || !passwordForm.currentPassword || !passwordForm.newPassword || !passwordForm.confirmPassword}
style={{ style={{
...styles.button, ...styles.button,
...styles.buttonPrimary, ...styles.buttonPrimary,
...((loading || !passwordForm.currentPassword || !passwordForm.newPassword || !passwordForm.confirmPassword) ? styles.buttonDisabled : {}) ...((isSubmitting || !passwordForm.currentPassword || !passwordForm.newPassword || !passwordForm.confirmPassword) ? styles.buttonDisabled : {})
}} }}
onMouseEnter={(e) => { onMouseEnter={(e) => {
if (!loading && passwordForm.currentPassword && passwordForm.newPassword && passwordForm.confirmPassword) { if (!isSubmitting && passwordForm.currentPassword && passwordForm.newPassword && passwordForm.confirmPassword) {
e.currentTarget.style.background = styles.buttonPrimaryHover.background; e.currentTarget.style.background = styles.buttonPrimaryHover.background;
e.currentTarget.style.transform = styles.buttonPrimaryHover.transform; e.currentTarget.style.transform = styles.buttonPrimaryHover.transform;
e.currentTarget.style.boxShadow = styles.buttonPrimaryHover.boxShadow; e.currentTarget.style.boxShadow = styles.buttonPrimaryHover.boxShadow;
} }
}} }}
onMouseLeave={(e) => { onMouseLeave={(e) => {
if (!loading && passwordForm.currentPassword && passwordForm.newPassword && passwordForm.confirmPassword) { if (!isSubmitting && passwordForm.currentPassword && passwordForm.newPassword && passwordForm.confirmPassword) {
e.currentTarget.style.background = styles.buttonPrimary.background; e.currentTarget.style.background = styles.buttonPrimary.background;
e.currentTarget.style.transform = 'none'; e.currentTarget.style.transform = 'none';
e.currentTarget.style.boxShadow = styles.buttonPrimary.boxShadow; e.currentTarget.style.boxShadow = styles.buttonPrimary.boxShadow;
} }
}} }}
> >
{loading ? '⏳ Wird geändert...' : 'Passwort ändern'} {isSubmitting ? '⏳ Wird geändert...' : 'Passwort ändern'}
</button> </button>
</div> </div>
</form> </form>

548
frontend/src/pages/Settings/type/SettingsType.tsx
View File

@@ -1,275 +1,275 @@
// frontend/src/pages/Settings/type/SettingsType.tsx - CORRECTED // frontend/src/pages/Settings/type/SettingsType.tsx
export const styles = { export const styles = {
container: { container: {
display: 'flex', display: 'flex',
minHeight: 'calc(100vh - 120px)', minHeight: 'calc(100vh - 120px)',
background: '#FBFAF6', background: '#FBFAF6',
padding: '2rem', padding: '2rem',
maxWidth: '1200px', maxWidth: '1200px',
margin: '0 auto', margin: '0 auto',
gap: '2rem', gap: '2rem',
}, },
sidebar: { sidebar: {
width: '280px', width: '280px',
background: '#FBFAF6', background: '#FBFAF6',
borderRadius: '16px', borderRadius: '16px',
border: '1px solid rgba(255, 255, 255, 0.8)', border: '1px solid rgba(255, 255, 255, 0.8)',
boxShadow: '0 4px 20px rgba(0, 0, 0, 0.06), 0 1px 4px rgba(0, 0, 0, 0.04)', boxShadow: '0 4px 20px rgba(0, 0, 0, 0.06), 0 1px 4px rgba(0, 0, 0, 0.04)',
padding: '1.5rem', padding: '1.5rem',
height: 'fit-content', height: 'fit-content',
position: 'sticky' as const, position: 'sticky' as const,
top: '2rem', top: '2rem',
}, },
header: { header: {
marginBottom: '2rem', marginBottom: '2rem',
paddingBottom: '1.5rem', paddingBottom: '1.5rem',
borderBottom: '1px solid rgba(26, 19, 37, 0.1)', borderBottom: '1px solid rgba(26, 19, 37, 0.1)',
}, },
title: { title: {
fontSize: '1.5rem', fontSize: '1.5rem',
fontWeight: 600, fontWeight: 600,
color: '#161718', color: '#161718',
margin: '0 0 0.5rem 0', margin: '0 0 0.5rem 0',
}, },
subtitle: { subtitle: {
fontSize: '0.95rem', fontSize: '0.95rem',
color: '#666', color: '#666',
fontWeight: 400, fontWeight: 400,
lineHeight: 1.5, lineHeight: 1.5,
}, },
tabs: { tabs: {
display: 'flex', display: 'flex',
flexDirection: 'column' as const, flexDirection: 'column' as const,
gap: '0.5rem', gap: '0.5rem',
}, },
tab: { tab: {
display: 'flex', display: 'flex',
alignItems: 'center', alignItems: 'center',
gap: '1rem', gap: '1rem',
padding: '1rem 1.25rem', padding: '1rem 1.25rem',
background: 'transparent', background: 'transparent',
color: '#666', color: '#666',
border: 'none', border: 'none',
borderRadius: '8px', borderRadius: '8px',
cursor: 'pointer', cursor: 'pointer',
fontWeight: 500, fontWeight: 500,
transition: 'all 0.3s cubic-bezier(0.4, 0, 0.2, 1)', transition: 'all 0.3s cubic-bezier(0.4, 0, 0.2, 1)',
textAlign: 'left' as const, textAlign: 'left' as const,
width: '100%', width: '100%',
}, },
tabActive: { tabActive: {
background: '#51258f', background: '#51258f',
color: '#FBFAF6', color: '#FBFAF6',
boxShadow: '0 4px 12px rgba(26, 19, 37, 0.15)', boxShadow: '0 4px 12px rgba(26, 19, 37, 0.15)',
}, },
tabHover: { tabHover: {
background: 'rgba(81, 37, 143, 0.1)', background: 'rgba(81, 37, 143, 0.1)',
color: '#1a1325', color: '#1a1325',
transform: 'translateX(4px)', transform: 'translateX(4px)',
}, },
content: { content: {
flex: 1, flex: 1,
background: '#FBFAF6', background: '#FBFAF6',
padding: '2.5rem', padding: '2.5rem',
borderRadius: '16px', borderRadius: '16px',
border: '1px solid rgba(255, 255, 255, 0.8)', border: '1px solid rgba(255, 255, 255, 0.8)',
boxShadow: '0 4px 20px rgba(0, 0, 0, 0.06), 0 1px 4px rgba(0, 0, 0, 0.04)', boxShadow: '0 4px 20px rgba(0, 0, 0, 0.06), 0 1px 4px rgba(0, 0, 0, 0.04)',
backdropFilter: 'blur(10px)', backdropFilter: 'blur(10px)',
minHeight: '100px', minHeight: '100px',
}, },
section: { section: {
marginBottom: '2rem', marginBottom: '2rem',
}, },
sectionTitle: { sectionTitle: {
fontSize: '1.75rem', fontSize: '1.75rem',
fontWeight: 600, fontWeight: 600,
color: '#161718', color: '#161718',
margin: '0 0 0.5rem 0', margin: '0 0 0.5rem 0',
}, },
sectionDescription: { sectionDescription: {
color: '#666', color: '#666',
fontSize: '1rem', fontSize: '1rem',
margin: 0, margin: 0,
lineHeight: 1.5, lineHeight: 1.5,
}, },
formGrid: { formGrid: {
display: 'grid', display: 'grid',
gap: '1.5rem', gap: '1.5rem',
}, },
formGridCompact: { formGridCompact: {
display: 'grid', display: 'grid',
gap: '1.5rem', gap: '1.5rem',
maxWidth: '500px', maxWidth: '500px',
}, },
infoCard: { infoCard: {
padding: '1.5rem', padding: '1.5rem',
background: 'rgba(26, 19, 37, 0.02)', background: 'rgba(26, 19, 37, 0.02)',
borderRadius: '12px', borderRadius: '12px',
border: '1px solid rgba(26, 19, 37, 0.1)', border: '1px solid rgba(26, 19, 37, 0.1)',
}, },
infoCardTitle: { infoCardTitle: {
fontSize: '1rem', fontSize: '1rem',
fontWeight: 600, fontWeight: 600,
color: '#1a1325', color: '#1a1325',
margin: '0 0 1rem 0', margin: '0 0 1rem 0',
}, },
infoGrid: { infoGrid: {
display: 'grid', display: 'grid',
gridTemplateColumns: '1fr 1fr', gridTemplateColumns: '1fr 1fr',
gap: '1rem', gap: '1rem',
}, },
field: { field: {
display: 'flex', display: 'flex',
flexDirection: 'column' as const, flexDirection: 'column' as const,
gap: '0.5rem', gap: '0.5rem',
width: '100%', width: '100%',
}, },
fieldLabel: { fieldLabel: {
fontSize: '0.9rem', fontSize: '0.9rem',
fontWeight: 600, fontWeight: 600,
color: '#161718', color: '#161718',
width: '100%', width: '100%',
}, },
fieldInputContainer: { fieldInputContainer: {
position: 'relative' as const, position: 'relative' as const,
width: '100%', width: '100%',
}, },
fieldInput: { fieldInput: {
padding: '0.875rem 1rem', padding: '0.875rem 1rem',
border: '1.5px solid #e8e8e8', border: '1.5px solid #e8e8e8',
borderRadius: '8px', borderRadius: '8px',
fontSize: '0.95rem', fontSize: '0.95rem',
background: '#FBFAF6', background: '#FBFAF6',
transition: 'all 0.3s cubic-bezier(0.4, 0, 0.2, 1)', transition: 'all 0.3s cubic-bezier(0.4, 0, 0.2, 1)',
color: '#161718', color: '#161718',
width: '100%', width: '100%',
boxSizing: 'border-box' as const, boxSizing: 'border-box' as const,
}, },
fieldInputWithIcon: { fieldInputWithIcon: {
padding: '0.875rem 1rem', padding: '0.875rem 1rem',
border: '1.5px solid #e8e8e8', border: '1.5px solid #e8e8e8',
borderRadius: '8px', borderRadius: '8px',
fontSize: '0.95rem', fontSize: '0.95rem',
background: '#FBFAF6', background: '#FBFAF6',
transition: 'all 0.3s cubic-bezier(0.4, 0, 0.2, 1)', transition: 'all 0.3s cubic-bezier(0.4, 0, 0.2, 1)',
color: '#161718', color: '#161718',
width: '100%', width: '100%',
paddingRight: '40px', paddingRight: '40px',
boxSizing: 'border-box' as const, boxSizing: 'border-box' as const,
}, },
fieldInputDisabled: { fieldInputDisabled: {
padding: '0.875rem 1rem', padding: '0.875rem 1rem',
border: '1.5px solid rgba(26, 19, 37, 0.1)', border: '1.5px solid rgba(26, 19, 37, 0.1)',
borderRadius: '8px', borderRadius: '8px',
fontSize: '0.95rem', fontSize: '0.95rem',
background: 'rgba(26, 19, 37, 0.05)', background: 'rgba(26, 19, 37, 0.05)',
color: '#666', color: '#666',
cursor: 'not-allowed', cursor: 'not-allowed',
width: '100%', width: '100%',
boxSizing: 'border-box' as const, boxSizing: 'border-box' as const,
}, },
fieldHint: { fieldHint: {
fontSize: '0.8rem', fontSize: '0.8rem',
color: '#888', color: '#888',
marginTop: '0.25rem', marginTop: '0.25rem',
width: '100%', width: '100%',
}, },
passwordToggleButton: { passwordToggleButton: {
position: 'absolute' as const, position: 'absolute' as const,
right: '10px', right: '10px',
top: '50%', top: '50%',
transform: 'translateY(-50%)', transform: 'translateY(-50%)',
background: 'none', background: 'none',
border: 'none', border: 'none',
cursor: 'pointer', cursor: 'pointer',
padding: '5px', padding: '5px',
borderRadius: '4px', borderRadius: '4px',
transition: 'background-color 0.2s', transition: 'background-color 0.2s',
userSelect: 'none' as const, userSelect: 'none' as const,
WebkitUserSelect: 'none' as const, WebkitUserSelect: 'none' as const,
touchAction: 'manipulation' as const, touchAction: 'manipulation' as const,
}, },
actions: { actions: {
display: 'flex', display: 'flex',
justifyContent: 'flex-end', justifyContent: 'flex-end',
marginTop: '2.5rem', marginTop: '2.5rem',
paddingTop: '1.5rem', paddingTop: '1.5rem',
borderTop: '1px solid rgba(26, 19, 37, 0.1)', borderTop: '1px solid rgba(26, 19, 37, 0.1)',
}, },
button: { button: {
padding: '0.875rem 2rem', padding: '0.875rem 2rem',
border: 'none', border: 'none',
borderRadius: '8px', borderRadius: '8px',
fontSize: '0.95rem', fontSize: '0.95rem',
fontWeight: 600, fontWeight: 600,
cursor: 'pointer', cursor: 'pointer',
transition: 'all 0.3s cubic-bezier(0.4, 0, 0.2, 1)', transition: 'all 0.3s cubic-bezier(0.4, 0, 0.2, 1)',
position: 'relative' as const, position: 'relative' as const,
overflow: 'hidden' as const, overflow: 'hidden' as const,
}, },
buttonPrimary: { buttonPrimary: {
background: '#1a1325', background: '#1a1325',
color: '#FBFAF6', color: '#FBFAF6',
boxShadow: '0 2px 8px rgba(26, 19, 37, 0.2)', boxShadow: '0 2px 8px rgba(26, 19, 37, 0.2)',
}, },
buttonPrimaryHover: { buttonPrimaryHover: {
background: '#24163a', background: '#24163a',
transform: 'translateY(-1px)', transform: 'translateY(-1px)',
boxShadow: '0 4px 16px rgba(26, 19, 37, 0.3)', boxShadow: '0 4px 16px rgba(26, 19, 37, 0.3)',
}, },
buttonDisabled: { buttonDisabled: {
background: '#ccc', background: '#ccc',
color: '#666', color: '#666',
cursor: 'not-allowed', cursor: 'not-allowed',
transform: 'none', transform: 'none',
boxShadow: 'none', boxShadow: 'none',
}, },
availabilityCard: { availabilityCard: {
padding: '3rem 2rem', padding: '3rem 2rem',
textAlign: 'center' as const, textAlign: 'center' as const,
background: 'rgba(26, 19, 37, 0.03)', background: 'rgba(26, 19, 37, 0.03)',
borderRadius: '16px', borderRadius: '16px',
border: '2px dashed rgba(26, 19, 37, 0.1)', border: '2px dashed rgba(26, 19, 37, 0.1)',
backdropFilter: 'blur(10px)', backdropFilter: 'blur(10px)',
}, },
availabilityIcon: { availabilityIcon: {
fontSize: '3rem', fontSize: '3rem',
marginBottom: '1.5rem', marginBottom: '1.5rem',
opacity: 0.8, opacity: 0.8,
}, },
availabilityTitle: { availabilityTitle: {
fontSize: '1.5rem', fontSize: '1.5rem',
fontWeight: 600, fontWeight: 600,
color: '#161718', color: '#161718',
margin: '0 0 1rem 0', margin: '0 0 1rem 0',
}, },
availabilityDescription: { availabilityDescription: {
color: '#666', color: '#666',
marginBottom: '2rem', marginBottom: '2rem',
lineHeight: 1.6, lineHeight: 1.6,
maxWidth: '500px', maxWidth: '500px',
marginLeft: 'auto', marginLeft: 'auto',
marginRight: 'auto', marginRight: 'auto',
}, },
infoHint: { infoHint: {
padding: '1.25rem', padding: '1.25rem',
background: 'rgba(26, 19, 37, 0.05)', background: 'rgba(26, 19, 37, 0.05)',
border: '1px solid rgba(26, 19, 37, 0.1)', border: '1px solid rgba(26, 19, 37, 0.1)',
borderRadius: '12px', borderRadius: '12px',
fontSize: '0.9rem', fontSize: '0.9rem',
color: '#161718', color: '#161718',
textAlign: 'left' as const, textAlign: 'left' as const,
maxWidth: '400px', maxWidth: '400px',
margin: '0 auto', margin: '0 auto',
}, },
infoList: { infoList: {
margin: '0.75rem 0 0 1rem', margin: '0.75rem 0 0 1rem',
padding: 0, padding: 0,
listStyle: 'none', listStyle: 'none',
}, },
infoListItem: { infoListItem: {
marginBottom: '0.5rem', marginBottom: '0.5rem',
position: 'relative' as const, position: 'relative' as const,
paddingLeft: '1rem', paddingLeft: '1rem',
}, },
}; };

10
frontend/src/pages/Setup/Setup.tsx
View File

@@ -62,8 +62,8 @@ const useSetup = () => {
}; };
const validateStep2 = (): boolean => { const validateStep2 = (): boolean => {
if (formData.password.length < 6) { if (formData.password.length < 8) {
setError('Das Passwort muss mindestens 6 Zeichen lang sein.'); setError('Das Passwort muss mindestens 8 Zeichen lang sein.');
return false; return false;
} }
if (formData.password !== formData.confirmPassword) { if (formData.password !== formData.confirmPassword) {
@@ -186,8 +186,8 @@ const useSetup = () => {
const isStepCompleted = (stepIndex: number): boolean => { const isStepCompleted = (stepIndex: number): boolean => {
switch (stepIndex) { switch (stepIndex) {
case 0: case 0:
return formData.password.length >= 6 && return formData.password.length >= 8 &&
formData.password === formData.confirmPassword; formData.password === formData.confirmPassword;
case 1: case 1:
return !!formData.firstname.trim() && !!formData.lastname.trim(); return !!formData.firstname.trim() && !!formData.lastname.trim();
default: default:
@@ -342,7 +342,7 @@ const Step2Content: React.FC<StepContentProps> = ({
fontSize: '1rem', fontSize: '1rem',
transition: 'border-color 0.3s ease' transition: 'border-color 0.3s ease'
}} }}
placeholder="Mindestens 6 Zeichen" placeholder="Mindestens 8 Zeichen"
required required
autoComplete="new-password" autoComplete="new-password"
/> />

265
frontend/src/pages/ShiftPlans/ShiftPlanView.tsx
View File

@@ -1,4 +1,4 @@
// frontend/src/pages/ShiftPlans/ShiftPlanView.tsx - UPDATED // frontend/src/pages/ShiftPlans/ShiftPlanView.tsx
import React, { useState, useEffect } from 'react'; import React, { useState, useEffect } from 'react';
import { useParams, useNavigate } from 'react-router-dom'; import { useParams, useNavigate } from 'react-router-dom';
import { useAuth } from '../../contexts/AuthContext'; import { useAuth } from '../../contexts/AuthContext';
@@ -10,6 +10,7 @@ import { ShiftPlan, TimeSlot, ScheduledShift } from '../../models/ShiftPlan';
import { Employee, EmployeeAvailability } from '../../models/Employee'; import { Employee, EmployeeAvailability } from '../../models/Employee';
import { useNotification } from '../../contexts/NotificationContext'; import { useNotification } from '../../contexts/NotificationContext';
import { formatDate, formatTime } from '../../utils/foramatters'; import { formatDate, formatTime } from '../../utils/foramatters';
import { saveAs } from 'file-saver';
// Local interface extensions (same as AvailabilityManager) // Local interface extensions (same as AvailabilityManager)
interface ExtendedTimeSlot extends TimeSlot { interface ExtendedTimeSlot extends TimeSlot {
@@ -54,6 +55,7 @@ const ShiftPlanView: React.FC = () => {
const [scheduledShifts, setScheduledShifts] = useState<ScheduledShift[]>([]); const [scheduledShifts, setScheduledShifts] = useState<ScheduledShift[]>([]);
const [showAssignmentPreview, setShowAssignmentPreview] = useState(false); const [showAssignmentPreview, setShowAssignmentPreview] = useState(false);
const [recreating, setRecreating] = useState(false); const [recreating, setRecreating] = useState(false);
const [exporting, setExporting] = useState(false);
useEffect(() => { useEffect(() => {
loadShiftPlanData(); loadShiftPlanData();
@@ -240,6 +242,66 @@ const ShiftPlanView: React.FC = () => {
}; };
}; };
const handleExportExcel = async () => {
if (!shiftPlan) return;
try {
setExporting(true);
// Call the export service
const blob = await shiftPlanService.exportShiftPlanToExcel(shiftPlan.id);
// Use file-saver to download the file
saveAs(blob, `Schichtplan_${shiftPlan.name}_${new Date().toISOString().split('T')[0]}.xlsx`);
showNotification({
type: 'success',
title: 'Export erfolgreich',
message: 'Der Schichtplan wurde als Excel-Datei exportiert.'
});
} catch (error) {
console.error('Error exporting to Excel:', error);
showNotification({
type: 'error',
title: 'Export fehlgeschlagen',
message: 'Der Excel-Export konnte nicht durchgeführt werden.'
});
} finally {
setExporting(false);
}
};
const handleExportPDF = async () => {
if (!shiftPlan) return;
try {
setExporting(true);
// Call the PDF export service
const blob = await shiftPlanService.exportShiftPlanToPDF(shiftPlan.id);
// Use file-saver to download the file
saveAs(blob, `Schichtplan_${shiftPlan.name}_${new Date().toISOString().split('T')[0]}.pdf`);
showNotification({
type: 'success',
title: 'Export erfolgreich',
message: 'Der Schichtplan wurde als PDF exportiert.'
});
} catch (error) {
console.error('Error exporting to PDF:', error);
showNotification({
type: 'error',
title: 'Export fehlgeschlagen',
message: 'Der PDF-Export konnte nicht durchgeführt werden.'
});
} finally {
setExporting(false);
}
};
const loadShiftPlanData = async () => { const loadShiftPlanData = async () => {
if (!id) return; if (!id) return;
@@ -399,12 +461,12 @@ const ShiftPlanView: React.FC = () => {
console.log('- Scheduled Shifts:', scheduledShifts.length); console.log('- Scheduled Shifts:', scheduledShifts.length);
// DEBUG: Show shift pattern IDs // DEBUG: Show shift pattern IDs
if (shiftPlan.shifts) { /*if (shiftPlan.shifts) {
console.log('📋 SHIFT PATTERN IDs:'); console.log('📋 SHIFT PATTERN IDs:');
shiftPlan.shifts.forEach((shift, index) => { shiftPlan.shifts.forEach((shift, index) => {
console.log(` ${index + 1}. ${shift.id} (Day ${shift.dayOfWeek}, TimeSlot ${shift.timeSlotId})`); console.log(` ${index + 1}. ${shift.id} (Day ${shift.dayOfWeek}, TimeSlot ${shift.timeSlotId})`);
}); });
} }*/
const constraints = { const constraints = {
enforceNoTraineeAlone: true, enforceNoTraineeAlone: true,
@@ -650,6 +712,20 @@ const ShiftPlanView: React.FC = () => {
return employeesWithoutAvailabilities.length === 0; return employeesWithoutAvailabilities.length === 0;
}; };
const canPublishAssignment = (): boolean => {
if (!assignmentResult) return false;
// Check if assignment was successful
if (assignmentResult.success === false) return false;
// Check if there are any critical violations
const hasCriticalViolations = assignmentResult.violations.some(v =>
v.includes('ERROR:') || v.includes('KRITISCH:')
);
return !hasCriticalViolations;
};
const getAvailabilityStatus = () => { const getAvailabilityStatus = () => {
const totalEmployees = employees.length; const totalEmployees = employees.length;
const employeesWithAvailabilities = new Set( const employeesWithAvailabilities = new Set(
@@ -820,9 +896,6 @@ const ShiftPlanView: React.FC = () => {
<div style={{ fontSize: '14px', color: '#666' }}> <div style={{ fontSize: '14px', color: '#666' }}>
{formatTime(timeSlot.startTime)} - {formatTime(timeSlot.endTime)} {formatTime(timeSlot.startTime)} - {formatTime(timeSlot.endTime)}
</div> </div>
<div style={{ fontSize: '11px', color: '#999', marginTop: '4px' }}>
ID: {timeSlot.id.substring(0, 8)}...
</div>
</td> </td>
{days.map(weekday => { {days.map(weekday => {
const shift = timeSlot.shiftsByDay[weekday.id]; const shift = timeSlot.shiftsByDay[weekday.id];
@@ -846,7 +919,55 @@ const ShiftPlanView: React.FC = () => {
const isValidShift = shift.timeSlotId === timeSlot.id && shift.dayOfWeek === weekday.id; const isValidShift = shift.timeSlotId === timeSlot.id && shift.dayOfWeek === weekday.id;
let assignedEmployees: string[] = []; let assignedEmployees: string[] = [];
let displayText = ''; let displayContent: React.ReactNode = null;
// Helper function to create employee boxes
const createEmployeeBoxes = (employeeIds: string[]) => {
return employeeIds.map(empId => {
const employee = employees.find(emp => emp.id === empId);
if (!employee) return null;
// Determine background color based on employee role
let backgroundColor = '#642ab5'; // Default: non-trainee personnel (purple)
if (employee.isTrainee) {
backgroundColor = '#cda8f0'; // Trainee
} else if (employee.roles?.includes('manager')) {
backgroundColor = '#CC0000'; // Manager
}
return (
<div
key={empId}
style={{
backgroundColor,
color: 'white',
padding: '4px 8px',
borderRadius: '4px',
marginBottom: '2px',
fontSize: '12px',
textAlign: 'center',
whiteSpace: 'nowrap',
overflow: 'hidden',
textOverflow: 'ellipsis'
}}
title={`${employee.firstname} ${employee.lastname}${employee.isTrainee ? ' (Trainee)' : ''}`}
>
{employee.firstname} {employee.lastname}
</div>
);
}).filter(Boolean);
};
// Helper function to get fallback content
const getFallbackContent = () => {
const shiftsForSlot = shiftPlan?.shifts?.filter(s =>
s.dayOfWeek === weekday.id &&
s.timeSlotId === timeSlot.id
) || [];
const totalRequired = shiftsForSlot.reduce((sum, s) => sum + s.requiredEmployees, 0);
return totalRequired === 0 ? '-' : `0/${totalRequired}`;
};
if (shiftPlan?.status === 'published') { if (shiftPlan?.status === 'published') {
// For published plans, use actual assignments from scheduled shifts // For published plans, use actual assignments from scheduled shifts
@@ -859,15 +980,21 @@ const ShiftPlanView: React.FC = () => {
if (scheduledShift) { if (scheduledShift) {
assignedEmployees = scheduledShift.assignedEmployees || []; assignedEmployees = scheduledShift.assignedEmployees || [];
// DEBUG: Log if we're still seeing old data // Log if we're still seeing old data
if (assignedEmployees.length > 0) { if (assignedEmployees.length > 0) {
console.warn(`⚠️ Found non-empty assignments for ${weekday.name} ${timeSlot.name}:`, assignedEmployees); console.warn(`⚠️ Found non-empty assignments for ${weekday.name} ${timeSlot.name}:`, assignedEmployees);
} }
displayText = assignedEmployees.map(empId => { const employeeBoxes = createEmployeeBoxes(assignedEmployees);
const employee = employees.find(emp => emp.id === empId); displayContent = employeeBoxes.length > 0 ? (
return employee ? `${employee.firstname} ${employee.lastname}` : 'Unbekannt'; <div style={{ display: 'flex', flexDirection: 'column', gap: '2px' }}>
}).join(', '); {employeeBoxes}
</div>
) : (
<div style={{ color: '#666', fontStyle: 'italic' }}>
{getFallbackContent()}
</div>
);
} }
} else if (assignmentResult) { } else if (assignmentResult) {
// For draft with preview, use assignment result // For draft with preview, use assignment result
@@ -879,30 +1006,26 @@ const ShiftPlanView: React.FC = () => {
if (scheduledShift) { if (scheduledShift) {
assignedEmployees = getAssignmentsForScheduledShift(scheduledShift); assignedEmployees = getAssignmentsForScheduledShift(scheduledShift);
displayText = assignedEmployees.map(empId => { const employeeBoxes = createEmployeeBoxes(assignedEmployees);
const employee = employees.find(emp => emp.id === empId); displayContent = employeeBoxes.length > 0 ? (
return employee ? `${employee.firstname} ${employee.lastname}` : 'Unbekannt'; <div style={{ display: 'flex', flexDirection: 'column', gap: '2px' }}>
}).join(', '); {employeeBoxes}
</div>
) : (
<div style={{ color: '#666', fontStyle: 'italic' }}>
{getFallbackContent()}
</div>
);
} }
} }
// If no assignments yet, show empty or required count // If no display content set yet, use fallback
if (!displayText) { if (!displayContent) {
const shiftsForSlot = shiftPlan?.shifts?.filter(s => displayContent = (
s.dayOfWeek === weekday.id && <div style={{ color: '#666', fontStyle: 'italic' }}>
s.timeSlotId === timeSlot.id {getFallbackContent()}
) || []; </div>
);
const totalRequired = shiftsForSlot.reduce((sum, s) =>
sum + s.requiredEmployees, 0);
// Show "0/2" instead of just "0" to indicate it's empty
displayText = `0/${totalRequired}`;
// Optional: Show empty state more clearly
if (totalRequired === 0) {
displayText = '-';
}
} }
return ( return (
@@ -937,7 +1060,7 @@ const ShiftPlanView: React.FC = () => {
</div> </div>
)} )}
{displayText} {displayContent}
{/* Shift debug info - SAME AS AVAILABILITYMANAGER */} {/* Shift debug info - SAME AS AVAILABILITYMANAGER */}
<div style={{ <div style={{
@@ -947,8 +1070,6 @@ const ShiftPlanView: React.FC = () => {
textAlign: 'left', textAlign: 'left',
fontFamily: 'monospace' fontFamily: 'monospace'
}}> }}>
<div>Shift: {shift.id.substring(0, 6)}...</div>
<div>Day: {shift.dayOfWeek}</div>
{!isValidShift && ( {!isValidShift && (
<div style={{ color: '#e74c3c', fontWeight: 'bold' }}> <div style={{ color: '#e74c3c', fontWeight: 'bold' }}>
VALIDATION ERROR VALIDATION ERROR
@@ -963,7 +1084,6 @@ const ShiftPlanView: React.FC = () => {
</tbody> </tbody>
</table> </table>
</div> </div>
</div> </div>
); );
}; };
@@ -1005,7 +1125,50 @@ const ShiftPlanView: React.FC = () => {
</div> </div>
</div> </div>
<div style={{ display: 'flex', gap: '10px', alignItems: 'center' }}> <div style={{ display: 'flex', gap: '10px', alignItems: 'center' }}>
{shiftPlan.status === 'published' && hasRole(['admin', 'maintenance']) && ( {shiftPlan.status === 'published' && hasRole(['admin', 'maintenance']) && (
<>
<button
onClick={handleExportExcel}
disabled={exporting}
style={{
padding: '10px 20px',
backgroundColor: '#27ae60',
color: 'white',
border: 'none',
borderRadius: '4px',
cursor: exporting ? 'not-allowed' : 'pointer',
fontWeight: 'bold',
display: 'flex',
alignItems: 'center',
gap: '8px'
}}
>
{exporting ? '🔄' : '📊'} {exporting ? 'Exportiert...' : 'Excel Export'}
</button>
<button
onClick={handleExportPDF}
disabled={exporting}
style={{
padding: '10px 20px',
backgroundColor: '#e74c3c',
color: 'white',
border: 'none',
borderRadius: '4px',
cursor: exporting ? 'not-allowed' : 'pointer',
fontWeight: 'bold',
display: 'flex',
alignItems: 'center',
gap: '8px'
}}
>
{exporting ? '🔄' : '📄'} {exporting ? 'Exportiert...' : 'PDF Export'}
</button>
</>
)}
{/* "Zuweisungen neu berechnen" button */}
{shiftPlan.status === 'published' && hasRole(['admin', 'maintenance']) && (
<button <button
onClick={handleRecreateAssignments} onClick={handleRecreateAssignments}
disabled={recreating} disabled={recreating}
@@ -1118,7 +1281,7 @@ const ShiftPlanView: React.FC = () => {
</div> </div>
)} )}
{/* Assignment Preview Modal - FIXED CONDITION */} {/* Assignment Preview Modal */}
{(showAssignmentPreview || assignmentResult) && ( {(showAssignmentPreview || assignmentResult) && (
<div style={{ <div style={{
position: 'fixed', position: 'fixed',
@@ -1197,15 +1360,13 @@ const ShiftPlanView: React.FC = () => {
</div> </div>
)} )}
{/* KORRIGIERTE ZUSAMMENFASSUNG */} {/* ZUSAMMENFASSUNG */}
{assignmentResult && ( {assignmentResult && (
<div style={{ marginBottom: '20px' }}> <div style={{ marginBottom: '20px' }}>
<h4>Zusammenfassung:</h4> <h4>Zusammenfassung:</h4>
{/* Entscheidung basierend auf tatsächlichen kritischen Problemen */} {/* Entscheidung basierend auf tatsächlichen kritischen Problemen */}
{assignmentResult.violations.filter(v => {(assignmentResult.violations.length === 0) || assignmentResult.success == true ? (
v.includes('ERROR:') || v.includes('❌ KRITISCH:')
).length === 0 ? (
<div style={{ <div style={{
padding: '15px', padding: '15px',
backgroundColor: '#d4edda', backgroundColor: '#d4edda',
@@ -1288,32 +1449,24 @@ const ShiftPlanView: React.FC = () => {
Abbrechen Abbrechen
</button> </button>
{/* KORRIGIERTER BUTTON MIT TYPESCRIPT-FIX */} {/* BUTTON zum publishen */}
<button <button
onClick={handlePublish} onClick={handlePublish}
disabled={publishing || (assignmentResult ? assignmentResult.violations.filter(v => disabled={publishing || !canPublishAssignment()}
v.includes('ERROR:') || v.includes('❌ KRITISCH:')
).length > 0 : true)}
style={{ style={{
padding: '10px 20px', padding: '10px 20px',
backgroundColor: assignmentResult ? (assignmentResult.violations.filter(v => backgroundColor: canPublishAssignment() ? '#2ecc71' : '#95a5a6',
v.includes('ERROR:') || v.includes('❌ KRITISCH:')
).length === 0 ? '#2ecc71' : '#95a5a6') : '#95a5a6',
color: 'white', color: 'white',
border: 'none', border: 'none',
borderRadius: '4px', borderRadius: '4px',
cursor: assignmentResult ? (assignmentResult.violations.filter(v => cursor: canPublishAssignment() ? 'pointer' : 'not-allowed',
v.includes('ERROR:') || v.includes('❌ KRITISCH:')
).length === 0 ? 'pointer' : 'not-allowed') : 'not-allowed',
fontWeight: 'bold', fontWeight: 'bold',
fontSize: '16px' fontSize: '16px'
}} }}
> >
{publishing ? 'Veröffentliche...' : ( {publishing ? 'Veröffentliche...' : (
assignmentResult ? ( assignmentResult ? (
assignmentResult.violations.filter(v => canPublishAssignment()
v.includes('ERROR:') || v.includes('❌ KRITISCH:')
).length === 0
? 'Schichtplan veröffentlichen' ? 'Schichtplan veröffentlichen'
: 'Kritische Probleme müssen behoben werden' : 'Kritische Probleme müssen behoben werden'
) : 'Lade Zuordnungen...' ) : 'Lade Zuordnungen...'

135
frontend/src/services/apiClient.ts Normal file
View File

@@ -0,0 +1,135 @@
import { ValidationError, ErrorService } from './errorService';
export class ApiError extends Error {
public validationErrors: ValidationError[];
public statusCode: number;
public originalError?: any;
constructor(message: string, validationErrors: ValidationError[] = [], statusCode: number = 0, originalError?: any) {
super(message);
this.name = 'ApiError';
this.validationErrors = validationErrors;
this.statusCode = statusCode;
this.originalError = originalError;
}
}
export class ApiClient {
private baseURL: string;
constructor() {
this.baseURL = import.meta.env.VITE_API_URL || '/api';
}
private getAuthHeaders(): HeadersInit {
const token = localStorage.getItem('token');
return token ? { 'Authorization': `Bearer ${token}` } : {};
}
private async handleApiResponse<T>(response: Response, responseType: 'json' | 'blob' = 'json'): Promise<T> {
if (!response.ok) {
let errorData;
try {
// Try to parse error response as JSON
const responseText = await response.text();
errorData = responseText ? JSON.parse(responseText) : {};
} catch {
// If not JSON, create a generic error object
errorData = { error: `HTTP ${response.status}: ${response.statusText}` };
}
// Extract validation errors using your existing ErrorService
const validationErrors = ErrorService.extractValidationErrors(errorData);
if (validationErrors.length > 0) {
// Throw error with validationErrors property for useBackendValidation hook
throw new ApiError(
errorData.error || 'Validation failed',
validationErrors,
response.status,
errorData
);
}
// Throw regular error for non-validation errors
throw new ApiError(
errorData.error || errorData.message || `HTTP error! status: ${response.status}`,
[],
response.status,
errorData
);
}
// Handle blob responses (for file downloads)
if (responseType === 'blob') {
return response.blob() as Promise<T>;
}
// For successful JSON responses, try to parse as JSON
try {
const responseText = await response.text();
return responseText ? JSON.parse(responseText) : {} as T;
} catch (error) {
// If response is not JSON but request succeeded (e.g., 204 No Content)
return {} as T;
}
}
async request<T>(endpoint: string, options: RequestInit = {}, responseType: 'json' | 'blob' = 'json'): Promise<T> {
const url = `${this.baseURL}${endpoint}`;
const config: RequestInit = {
headers: {
'Content-Type': 'application/json',
...this.getAuthHeaders(),
...options.headers,
},
...options,
};
try {
const response = await fetch(url, config);
return await this.handleApiResponse<T>(response, responseType);
} catch (error) {
// Re-throw the error to be caught by useBackendValidation
if (error instanceof ApiError) {
throw error;
}
// Wrap non-ApiError errors
throw new ApiError(
error instanceof Error ? error.message : 'Unknown error occurred',
[],
0,
error
);
}
}
// Standardized HTTP methods
get = <T>(endpoint: string) => this.request<T>(endpoint);
post = <T>(endpoint: string, data?: any) =>
this.request<T>(endpoint, {
method: 'POST',
body: data ? JSON.stringify(data) : undefined
});
put = <T>(endpoint: string, data?: any) =>
this.request<T>(endpoint, {
method: 'PUT',
body: data ? JSON.stringify(data) : undefined
});
patch = <T>(endpoint: string, data?: any) =>
this.request<T>(endpoint, {
method: 'PATCH',
body: data ? JSON.stringify(data) : undefined
});
delete = <T>(endpoint: string) =>
this.request<T>(endpoint, { method: 'DELETE' });
}
export const apiClient = new ApiClient();

51
frontend/src/services/authService.ts
View File

@@ -1,6 +1,5 @@
// frontend/src/services/authService.ts
import { Employee } from '../models/Employee'; import { Employee } from '../models/Employee';
const API_BASE_URL = import.meta.env.VITE_API_URL || '/api'; import { apiClient } from './apiClient';
export interface LoginRequest { export interface LoginRequest {
email: string; email: string;
@@ -24,18 +23,7 @@ class AuthService {
private token: string | null = null; private token: string | null = null;
async login(credentials: LoginRequest): Promise<AuthResponse> { async login(credentials: LoginRequest): Promise<AuthResponse> {
const response = await fetch(`${API_BASE_URL}/auth/login`, { const data = await apiClient.post<AuthResponse>('/auth/login', credentials);
method: 'POST',
headers: { 'Content-Type': 'application/json' },
body: JSON.stringify(credentials)
});
if (!response.ok) {
const errorData = await response.json();
throw new Error(errorData.error || 'Login fehlgeschlagen');
}
const data: AuthResponse = await response.json();
this.token = data.token; this.token = data.token;
localStorage.setItem('token', data.token); localStorage.setItem('token', data.token);
localStorage.setItem('employee', JSON.stringify(data.employee)); localStorage.setItem('employee', JSON.stringify(data.employee));
@@ -43,17 +31,7 @@ class AuthService {
} }
async register(userData: RegisterRequest): Promise<AuthResponse> { async register(userData: RegisterRequest): Promise<AuthResponse> {
const response = await fetch(`${API_BASE_URL}/employees`, { await apiClient.post('/employees', userData);
method: 'POST',
headers: { 'Content-Type': 'application/json' },
body: JSON.stringify(userData)
});
if (!response.ok) {
const errorData = await response.json();
throw new Error(errorData.error || 'Registrierung fehlgeschlagen');
}
return this.login({ return this.login({
email: userData.email, email: userData.email,
password: userData.password password: userData.password
@@ -67,34 +45,23 @@ class AuthService {
async fetchCurrentEmployee(): Promise<Employee | null> { async fetchCurrentEmployee(): Promise<Employee | null> {
const token = this.getToken(); const token = this.getToken();
if (!token) { if (!token) return null;
return null;
}
try { try {
const response = await fetch(`${API_BASE_URL}/auth/me`, { const data = await apiClient.get<{ user: Employee }>('/auth/me');
headers: { localStorage.setItem('user', JSON.stringify(data.user));
'Authorization': `Bearer ${token}` return data.user;
}
});
if (response.ok) {
const data = await response.json();
const user = data.user;
localStorage.setItem('user', JSON.stringify(user));
return user;
}
} catch (error) { } catch (error) {
console.error('Error fetching current user:', error); console.error('Error fetching current user:', error);
return null;
} }
return null;
} }
logout(): void { logout(): void {
this.token = null; this.token = null;
localStorage.removeItem('token'); localStorage.removeItem('token');
localStorage.removeItem('user'); localStorage.removeItem('user');
localStorage.removeItem('employee');
} }
getToken(): string | null { getToken(): string | null {

144
frontend/src/services/employeeService.ts
View File

@@ -1,154 +1,58 @@
// frontend/src/services/employeeService.ts
import { Employee, CreateEmployeeRequest, UpdateEmployeeRequest, EmployeeAvailability } from '../models/Employee'; import { Employee, CreateEmployeeRequest, UpdateEmployeeRequest, EmployeeAvailability } from '../models/Employee';
import { ErrorService, ValidationError } from './errorService'; import { apiClient } from './apiClient';
const API_BASE_URL = '/api';
const getAuthHeaders = () => {
const token = localStorage.getItem('token');
return {
'Content-Type': 'application/json',
'Authorization': `Bearer ${token}`
};
};
export class EmployeeService { export class EmployeeService {
private async handleApiResponse<T>(response: Response): Promise<T> {
if (!response.ok) {
const errorData = await response.json().catch(() => ({}));
const validationErrors = ErrorService.extractValidationErrors(errorData);
if (validationErrors.length > 0) {
const error = new Error('Validation failed');
(error as any).validationErrors = validationErrors;
throw error;
}
throw new Error(errorData.error || `HTTP error! status: ${response.status}`);
}
return response.json();
}
async getEmployees(includeInactive: boolean = false): Promise<Employee[]> { async getEmployees(includeInactive: boolean = false): Promise<Employee[]> {
console.log('🔄 Fetching employees from API...'); console.log('🔄 Fetching employees from API...');
const token = localStorage.getItem('token'); try {
console.log('🔑 Token exists:', !!token); const employees = await apiClient.get<Employee[]>(`/employees?includeInactive=${includeInactive}`);
console.log('✅ Employees received:', employees.length);
const response = await fetch(`${API_BASE_URL}/employees?includeInactive=${includeInactive}`, { return employees;
headers: getAuthHeaders(), } catch (error) {
}); console.error('❌ Error fetching employees:', error);
throw error; // Let useBackendValidation handle this
console.log('📡 Response status:', response.status);
if (!response.ok) {
const errorText = await response.text();
console.error('❌ API Error:', errorText);
throw new Error('Failed to fetch employees');
} }
const employees = await response.json();
console.log('✅ Employees received:', employees.length);
return employees;
} }
async getEmployee(id: string): Promise<Employee> { async getEmployee(id: string): Promise<Employee> {
const response = await fetch(`${API_BASE_URL}/employees/${id}`, { return apiClient.get<Employee>(`/employees/${id}`);
headers: getAuthHeaders(),
});
if (!response.ok) {
throw new Error('Failed to fetch employee');
}
return response.json();
} }
async createEmployee(employee: CreateEmployeeRequest): Promise<Employee> { async createEmployee(employee: CreateEmployeeRequest): Promise<Employee> {
const response = await fetch(`${API_BASE_URL}/employees`, { return apiClient.post<Employee>('/employees', employee);
method: 'POST',
headers: getAuthHeaders(),
body: JSON.stringify(employee),
});
return this.handleApiResponse<Employee>(response);
} }
async updateEmployee(id: string, employee: UpdateEmployeeRequest): Promise<Employee> { async updateEmployee(id: string, employee: UpdateEmployeeRequest): Promise<Employee> {
const response = await fetch(`${API_BASE_URL}/employees/${id}`, { return apiClient.put<Employee>(`/employees/${id}`, employee);
method: 'PUT',
headers: getAuthHeaders(),
body: JSON.stringify(employee),
});
return this.handleApiResponse<Employee>(response);
} }
async deleteEmployee(id: string): Promise<void> { async deleteEmployee(id: string): Promise<void> {
const response = await fetch(`${API_BASE_URL}/employees/${id}`, { await apiClient.delete(`/employees/${id}`);
method: 'DELETE',
headers: getAuthHeaders(),
});
if (!response.ok) {
const error = await response.json();
throw new Error(error.error || 'Failed to delete employee');
}
} }
async getAvailabilities(employeeId: string): Promise<EmployeeAvailability[]> { async getAvailabilities(employeeId: string): Promise<EmployeeAvailability[]> {
const response = await fetch(`${API_BASE_URL}/employees/${employeeId}/availabilities`, { return apiClient.get<EmployeeAvailability[]>(`/employees/${employeeId}/availabilities`);
headers: getAuthHeaders(),
});
if (!response.ok) {
throw new Error('Failed to fetch availabilities');
}
return response.json();
} }
async updateAvailabilities(employeeId: string, data: { planId: string, availabilities: Omit<EmployeeAvailability, 'id' | 'employeeId'>[] }): Promise<EmployeeAvailability[]> { async updateAvailabilities(
employeeId: string,
data: { planId: string, availabilities: Omit<EmployeeAvailability, 'id' | 'employeeId'>[] }
): Promise<EmployeeAvailability[]> {
console.log('🔄 Updating availabilities for employee:', employeeId); console.log('🔄 Updating availabilities for employee:', employeeId);
const response = await fetch(`${API_BASE_URL}/employees/${employeeId}/availabilities`, { return apiClient.put<EmployeeAvailability[]>(`/employees/${employeeId}/availabilities`, data);
method: 'PUT',
headers: getAuthHeaders(),
body: JSON.stringify(data),
});
if (!response.ok) {
const error = await response.json();
throw new Error(error.error || 'Failed to update availabilities');
}
return response.json();
} }
async changePassword(id: string, data: { currentPassword: string, newPassword: string }): Promise<void> { async changePassword(
const response = await fetch(`${API_BASE_URL}/employees/${id}/password`, { id: string,
method: 'PUT', data: { currentPassword: string, newPassword: string, confirmPassword: string }
headers: getAuthHeaders(), ): Promise<void> {
body: JSON.stringify(data), return apiClient.put<void>(`/employees/${id}/password`, data);
});
if (!response.ok) {
const error = await response.json();
throw new Error(error.error || 'Failed to change password');
}
} }
async updateLastLogin(employeeId: string): Promise<void> { async updateLastLogin(employeeId: string): Promise<void> {
try { try {
const response = await fetch(`${API_BASE_URL}/employees/${employeeId}/last-login`, { await apiClient.patch(`/employees/${employeeId}/last-login`);
method: 'PATCH',
headers: getAuthHeaders(),
});
if (!response.ok) {
throw new Error('Failed to update last login');
}
} catch (error) { } catch (error) {
console.error('Error updating last login:', error); console.error('Error updating last login:', error);
throw error; throw error;

110
frontend/src/services/shiftAssignmentService.ts
View File

@@ -1,65 +1,15 @@
// frontend/src/services/shiftAssignmentService.ts - WEEKLY PATTERN VERSION
import { ShiftPlan, ScheduledShift } from '../models/ShiftPlan'; import { ShiftPlan, ScheduledShift } from '../models/ShiftPlan';
import { Employee, EmployeeAvailability } from '../models/Employee'; import { Employee, EmployeeAvailability } from '../models/Employee';
import { authService } from './authService';
import { AssignmentResult, ScheduleRequest } from '../models/scheduling'; import { AssignmentResult, ScheduleRequest } from '../models/scheduling';
import { apiClient } from './apiClient';
const API_BASE_URL = '/api';
// Helper function to get auth headers
const getAuthHeaders = () => {
const token = localStorage.getItem('token');
return {
'Content-Type': 'application/json',
...(token && { 'Authorization': `Bearer ${token}` })
};
};
export class ShiftAssignmentService { export class ShiftAssignmentService {
async updateScheduledShift(id: string, updates: { assignedEmployees: string[] }): Promise<void> { async updateScheduledShift(id: string, updates: { assignedEmployees: string[] }): Promise<void> {
try { try {
//console.log('🔄 Updating scheduled shift via API:', { id, updates }); console.log('🔄 Updating scheduled shift via API:', { id, updates });
const response = await fetch(`${API_BASE_URL}/scheduled-shifts/${id}`, { await apiClient.put(`/scheduled-shifts/${id}`, updates);
method: 'PUT', console.log('✅ Scheduled shift updated successfully');
headers: {
'Content-Type': 'application/json',
...authService.getAuthHeaders()
},
body: JSON.stringify(updates)
});
// First, check if we got any response
if (!response.ok) {
// Try to get error message from response
const responseText = await response.text();
console.error('❌ Server response:', responseText);
let errorMessage = `HTTP ${response.status}: ${response.statusText}`;
// Try to parse as JSON if possible
try {
const errorData = JSON.parse(responseText);
errorMessage = errorData.error || errorMessage;
} catch (e) {
// If not JSON, use the text as is
errorMessage = responseText || errorMessage;
}
throw new Error(errorMessage);
}
// Try to parse successful response
const responseText = await response.text();
let result;
try {
result = responseText ? JSON.parse(responseText) : {};
} catch (e) {
console.warn('⚠️ Response was not JSON, but request succeeded');
result = { message: 'Update successful' };
}
console.log('✅ Scheduled shift updated successfully:', result);
} catch (error) { } catch (error) {
console.error('❌ Error updating scheduled shift:', error); console.error('❌ Error updating scheduled shift:', error);
@@ -69,48 +19,16 @@ export class ShiftAssignmentService {
async getScheduledShift(id: string): Promise<any> { async getScheduledShift(id: string): Promise<any> {
try { try {
const response = await fetch(`${API_BASE_URL}/scheduled-shifts/${id}`, { return await apiClient.get(`/scheduled-shifts/${id}`);
headers: {
'Authorization': `Bearer ${localStorage.getItem('token')}`
}
});
if (!response.ok) {
const responseText = await response.text();
let errorMessage = `HTTP ${response.status}: ${response.statusText}`;
try {
const errorData = JSON.parse(responseText);
errorMessage = errorData.error || errorMessage;
} catch (e) {
errorMessage = responseText || errorMessage;
}
throw new Error(errorMessage);
}
const responseText = await response.text();
return responseText ? JSON.parse(responseText) : {};
} catch (error) { } catch (error) {
console.error('Error fetching scheduled shift:', error); console.error('Error fetching scheduled shift:', error);
throw error; throw error;
} }
} }
// New method to get all scheduled shifts for a plan
async getScheduledShiftsForPlan(planId: string): Promise<ScheduledShift[]> { async getScheduledShiftsForPlan(planId: string): Promise<ScheduledShift[]> {
try { try {
const response = await fetch(`${API_BASE_URL}/scheduled-shifts/plan/${planId}`, { const shifts = await apiClient.get<ScheduledShift[]>(`/scheduled-shifts/plan/${planId}`);
headers: {
'Authorization': `Bearer ${localStorage.getItem('token')}`
}
});
if (!response.ok) {
throw new Error(`Failed to fetch scheduled shifts: ${response.status}`);
}
const shifts = await response.json();
// DEBUG: Check the structure of returned shifts // DEBUG: Check the structure of returned shifts
console.log('🔍 SCHEDULED SHIFTS STRUCTURE:', shifts.slice(0, 3)); console.log('🔍 SCHEDULED SHIFTS STRUCTURE:', shifts.slice(0, 3));
@@ -132,21 +50,7 @@ export class ShiftAssignmentService {
} }
private async callSchedulingAPI(request: ScheduleRequest): Promise<AssignmentResult> { private async callSchedulingAPI(request: ScheduleRequest): Promise<AssignmentResult> {
const response = await fetch(`${API_BASE_URL}/scheduling/generate-schedule`, { return await apiClient.post<AssignmentResult>('/scheduling/generate-schedule', request);
method: 'POST',
headers: {
'Content-Type': 'application/json',
...authService.getAuthHeaders()
},
body: JSON.stringify(request)
});
if (!response.ok) {
const errorData = await response.json();
throw new Error(errorData.error || 'Scheduling failed');
}
return response.json();
} }
async assignShifts( async assignShifts(

266
frontend/src/services/shiftPlanService.ts
View File

@@ -1,199 +1,115 @@
// frontend/src/services/shiftPlanService.ts
import { authService } from './authService';
import { ShiftPlan, CreateShiftPlanRequest } from '../models/ShiftPlan'; import { ShiftPlan, CreateShiftPlanRequest } from '../models/ShiftPlan';
import { TEMPLATE_PRESETS } from '../models/defaults/shiftPlanDefaults'; import { TEMPLATE_PRESETS } from '../models/defaults/shiftPlanDefaults';
import { apiClient } from './apiClient';
const API_BASE_URL = '/api/shift-plans';
// Helper function to get auth headers
const getAuthHeaders = () => {
const token = localStorage.getItem('token');
return {
'Content-Type': 'application/json',
...(token && { 'Authorization': `Bearer ${token}` })
};
};
// Helper function to handle responses
const handleResponse = async (response: Response) => {
if (!response.ok) {
const errorData = await response.json().catch(() => ({ error: 'Unknown error' }));
throw new Error(errorData.error || `HTTP error! status: ${response.status}`);
}
return response.json();
};
export const shiftPlanService = { export const shiftPlanService = {
async getShiftPlans(): Promise<ShiftPlan[]> { async getShiftPlans(): Promise<ShiftPlan[]> {
const response = await fetch(API_BASE_URL, { try {
headers: { const plans = await apiClient.get<ShiftPlan[]>('/shift-plans');
'Content-Type': 'application/json',
...authService.getAuthHeaders()
}
});
if (!response.ok) { // Ensure scheduledShifts is always an array
if (response.status === 401) { return plans.map((plan: any) => ({
authService.logout(); ...plan,
scheduledShifts: plan.scheduledShifts || []
}));
} catch (error: any) {
if (error.statusCode === 401) {
// You might want to import and use authService here if needed
localStorage.removeItem('token');
localStorage.removeItem('employee');
throw new Error('Nicht authorisiert - bitte erneut anmelden'); throw new Error('Nicht authorisiert - bitte erneut anmelden');
} }
throw new Error('Fehler beim Laden der Schichtpläne'); throw new Error('Fehler beim Laden der Schichtpläne');
} }
const plans = await response.json();
// Ensure scheduledShifts is always an array
return plans.map((plan: any) => ({
...plan,
scheduledShifts: plan.scheduledShifts || []
}));
}, },
async getShiftPlan(id: string): Promise<ShiftPlan> { async getShiftPlan(id: string): Promise<ShiftPlan> {
const response = await fetch(`${API_BASE_URL}/${id}`, { try {
headers: { return await apiClient.get<ShiftPlan>(`/shift-plans/${id}`);
'Content-Type': 'application/json', } catch (error: any) {
...authService.getAuthHeaders() if (error.statusCode === 401) {
} localStorage.removeItem('token');
}); localStorage.removeItem('employee');
if (!response.ok) {
if (response.status === 401) {
authService.logout();
throw new Error('Nicht authorisiert - bitte erneut anmelden'); throw new Error('Nicht authorisiert - bitte erneut anmelden');
} }
throw new Error('Schichtplan nicht gefunden'); throw new Error('Schichtplan nicht gefunden');
} }
return await response.json();
}, },
async createShiftPlan(plan: CreateShiftPlanRequest): Promise<ShiftPlan> { async createShiftPlan(plan: CreateShiftPlanRequest): Promise<ShiftPlan> {
const response = await fetch(API_BASE_URL, { try {
method: 'POST', return await apiClient.post<ShiftPlan>('/shift-plans', plan);
headers: { } catch (error: any) {
'Content-Type': 'application/json', if (error.statusCode === 401) {
...authService.getAuthHeaders() localStorage.removeItem('token');
}, localStorage.removeItem('employee');
body: JSON.stringify(plan)
});
if (!response.ok) {
if (response.status === 401) {
authService.logout();
throw new Error('Nicht authorisiert - bitte erneut anmelden'); throw new Error('Nicht authorisiert - bitte erneut anmelden');
} }
throw new Error('Fehler beim Erstellen des Schichtplans'); throw new Error('Fehler beim Erstellen des Schichtplans');
} }
return response.json();
}, },
async updateShiftPlan(id: string, plan: Partial<ShiftPlan>): Promise<ShiftPlan> { async updateShiftPlan(id: string, plan: Partial<ShiftPlan>): Promise<ShiftPlan> {
const response = await fetch(`${API_BASE_URL}/${id}`, { try {
method: 'PUT', return await apiClient.put<ShiftPlan>(`/shift-plans/${id}`, plan);
headers: { } catch (error: any) {
'Content-Type': 'application/json', if (error.statusCode === 401) {
...authService.getAuthHeaders() localStorage.removeItem('token');
}, localStorage.removeItem('employee');
body: JSON.stringify(plan)
});
if (!response.ok) {
if (response.status === 401) {
authService.logout();
throw new Error('Nicht authorisiert - bitte erneut anmelden'); throw new Error('Nicht authorisiert - bitte erneut anmelden');
} }
throw new Error('Fehler beim Aktualisieren des Schichtplans'); throw new Error('Fehler beim Aktualisieren des Schichtplans');
} }
return response.json();
}, },
async deleteShiftPlan(id: string): Promise<void> { async deleteShiftPlan(id: string): Promise<void> {
const response = await fetch(`${API_BASE_URL}/${id}`, { try {
method: 'DELETE', await apiClient.delete(`/shift-plans/${id}`);
headers: { } catch (error: any) {
'Content-Type': 'application/json', if (error.statusCode === 401) {
...authService.getAuthHeaders() localStorage.removeItem('token');
} localStorage.removeItem('employee');
});
if (!response.ok) {
if (response.status === 401) {
authService.logout();
throw new Error('Nicht authorisiert - bitte erneut anmelden'); throw new Error('Nicht authorisiert - bitte erneut anmelden');
} }
throw new Error('Fehler beim Löschen des Schichtplans'); throw new Error('Fehler beim Löschen des Schichtplans');
} }
}, },
// Get specific template or plan async getTemplate(id: string): Promise<ShiftPlan> {
getTemplate: async (id: string): Promise<ShiftPlan> => { return await apiClient.get<ShiftPlan>(`/shift-plans/${id}`);
const response = await fetch(`${API_BASE_URL}/${id}`, {
headers: getAuthHeaders()
});
return handleResponse(response);
}, },
async regenerateScheduledShifts(planId: string): Promise<void> {
async regenerateScheduledShifts(planId: string):Promise<void> {
try { try {
console.log('🔄 Attempting to regenerate scheduled shifts...'); console.log('🔄 Attempting to regenerate scheduled shifts...');
await apiClient.post(`/shift-plans/${planId}/regenerate-shifts`);
// You'll need to add this API endpoint to your backend console.log('✅ Scheduled shifts regenerated');
const response = await fetch(`${API_BASE_URL}/${planId}/regenerate-shifts`, {
method: 'POST',
headers: {
'Content-Type': 'application/json',
'Authorization': `Bearer ${localStorage.getItem('token')}`
}
});
if (response.ok) {
console.log('✅ Scheduled shifts regenerated');
} else {
console.error('❌ Failed to regenerate shifts');
}
} catch (error) { } catch (error) {
console.error('❌ Error regenerating shifts:', error); console.error('❌ Error regenerating shifts:', error);
throw error;
} }
}, },
// Create new plan async createPlan(data: CreateShiftPlanRequest): Promise<ShiftPlan> {
createPlan: async (data: CreateShiftPlanRequest): Promise<ShiftPlan> => { return await apiClient.post<ShiftPlan>('/shift-plans', data);
const response = await fetch(`${API_BASE_URL}`, {
method: 'POST',
headers: getAuthHeaders(),
body: JSON.stringify(data),
});
return handleResponse(response);
}, },
createFromPreset: async (data: { async createFromPreset(data: {
presetName: string; presetName: string;
name: string; name: string;
startDate: string; startDate: string;
endDate: string; endDate: string;
isTemplate?: boolean; isTemplate?: boolean;
}): Promise<ShiftPlan> => { }): Promise<ShiftPlan> {
const response = await fetch(`${API_BASE_URL}/from-preset`, { try {
method: 'POST', return await apiClient.post<ShiftPlan>('/shift-plans/from-preset', data);
headers: getAuthHeaders(), } catch (error: any) {
body: JSON.stringify(data), throw new Error(error.message || `HTTP error! status: ${error.statusCode}`);
});
if (!response.ok) {
const errorData = await response.json().catch(() => ({ error: 'Unknown error' }));
throw new Error(errorData.error || `HTTP error! status: ${response.status}`);
} }
return response.json();
}, },
getTemplatePresets: async (): Promise<{name: string, label: string, description: string}[]> => { async getTemplatePresets(): Promise<{name: string, label: string, description: string}[]> {
// name = label return Object.entries(TEMPLATE_PRESETS).map(([key, preset]) => ({
return Object.entries(TEMPLATE_PRESETS).map(([key, preset]) => ({
name: key, name: key,
label: preset.name, label: preset.name,
description: preset.description description: preset.description
@@ -203,25 +119,67 @@ export const shiftPlanService = {
async clearAssignments(planId: string): Promise<void> { async clearAssignments(planId: string): Promise<void> {
try { try {
console.log('🔄 Clearing assignments for plan:', planId); console.log('🔄 Clearing assignments for plan:', planId);
await apiClient.post(`/shift-plans/${planId}/clear-assignments`);
const response = await fetch(`${API_BASE_URL}/${planId}/clear-assignments`, {
method: 'POST',
headers: {
'Content-Type': 'application/json',
...authService.getAuthHeaders()
}
});
if (!response.ok) {
const errorData = await response.json().catch(() => ({ error: 'Unknown error' }));
throw new Error(errorData.error || `Failed to clear assignments: ${response.status}`);
}
console.log('✅ Assignments cleared successfully'); console.log('✅ Assignments cleared successfully');
} catch (error) { } catch (error) {
console.error('❌ Error clearing assignments:', error); console.error('❌ Error clearing assignments:', error);
throw error; throw error;
} }
}, },
async exportShiftPlanToExcel(planId: string): Promise<Blob> {
try {
console.log('📊 Exporting shift plan to Excel:', planId);
// Use the apiClient with blob response handling
const blob = await apiClient.request<Blob>(`/shift-plans/${planId}/export/excel`, {
method: 'GET',
}, 'blob');
console.log('✅ Excel export successful');
return blob;
} catch (error: any) {
console.error('❌ Error exporting to Excel:', error);
if (error.statusCode === 401) {
localStorage.removeItem('token');
localStorage.removeItem('employee');
throw new Error('Nicht authorisiert - bitte erneut anmelden');
}
if (error.statusCode === 404) {
throw new Error('Schichtplan nicht gefunden');
}
throw new Error('Fehler beim Excel-Export des Schichtplans');
}
},
async exportShiftPlanToPDF(planId: string): Promise<Blob> {
try {
console.log('📄 Exporting shift plan to PDF:', planId);
// Use the apiClient with blob response handling
const blob = await apiClient.request<Blob>(`/shift-plans/${planId}/export/pdf`, {
method: 'GET',
}, 'blob');
console.log('✅ PDF export successful');
return blob;
} catch (error: any) {
console.error('❌ Error exporting to PDF:', error);
if (error.statusCode === 401) {
localStorage.removeItem('token');
localStorage.removeItem('employee');
throw new Error('Nicht authorisiert - bitte erneut anmelden');
}
if (error.statusCode === 404) {
throw new Error('Schichtplan nicht gefunden');
}
throw new Error('Fehler beim PDF-Export des Schichtplans');
}
},
}; };

50
frontend/vite.config.ts
View File

@@ -1,29 +1,18 @@
// vite.config.ts
import { defineConfig, loadEnv } from 'vite' import { defineConfig, loadEnv } from 'vite'
import react from '@vitejs/plugin-react' import react from '@vitejs/plugin-react'
import { resolve } from 'path' import { resolve } from 'path'
export default defineConfig(({ mode }) => { export default defineConfig(({ mode }) => {
const isProduction = mode === 'production' const isProduction = mode === 'production'
const isDevelopment = mode === 'development'
const env = loadEnv(mode, process.cwd(), '') const env = loadEnv(mode, process.cwd(), '')
// 🆕 WICHTIG: Relative Pfade für Production
const clientEnv = {
NODE_ENV: mode,
ENABLE_PRO: env.ENABLE_PRO || 'false',
VITE_APP_TITLE: env.APP_TITLE || 'Shift Planning App',
VITE_API_URL: isProduction ? '/api' : '/api',
}
return { return {
plugins: [react()], plugins: [react()],
server: { // Development proxy
server: isProduction ? undefined : {
port: 3003, port: 3003,
host: true, host: true,
//open: isDevelopment,
proxy: { proxy: {
'/api': { '/api': {
target: 'http://localhost:3002', target: 'http://localhost:3002',
@@ -33,25 +22,38 @@ export default defineConfig(({ mode }) => {
} }
}, },
// Production build optimized for Express serving
build: { build: {
outDir: 'dist', outDir: 'dist',
sourcemap: isDevelopment, sourcemap: false, // Disable in production
base: isProduction ? '/' : '/', minify: 'terser',
// Bundle optimization
rollupOptions: { rollupOptions: {
output: { output: {
// Efficient chunking
manualChunks: {
vendor: ['react', 'react-dom', 'react-router-dom'],
utils: ['date-fns']
},
// Cache-friendly naming
chunkFileNames: 'assets/[name]-[hash].js', chunkFileNames: 'assets/[name]-[hash].js',
entryFileNames: 'assets/[name]-[hash].js', entryFileNames: 'assets/[name]-[hash].js',
assetFileNames: 'assets/[name]-[hash].[ext]', assetFileNames: 'assets/[name]-[hash].[ext]',
} }
}, },
minify: isProduction ? 'terser' : false,
terserOptions: isProduction ? { // Performance optimizations
terserOptions: {
compress: { compress: {
drop_console: true, drop_console: true,
drop_debugger: true, drop_debugger: true,
pure_funcs: ['console.log', 'console.debug', 'console.info'] pure_funcs: ['console.log', 'console.debug']
} }
} : undefined, },
// Reduce chunking overhead
chunkSizeWarningLimit: 800
}, },
resolve: { resolve: {
@@ -67,9 +69,11 @@ export default defineConfig(({ mode }) => {
} }
}, },
define: Object.keys(clientEnv).reduce((acc, key) => { // Environment variables
acc[`import.meta.env.${key}`] = JSON.stringify(clientEnv[key]) define: {
return acc 'import.meta.env.VITE_API_URL': JSON.stringify(isProduction ? '/api' : '/api'),
}, {} as Record<string, string>) 'import.meta.env.ENABLE_PRO': JSON.stringify(env.ENABLE_PRO || 'false'),
'import.meta.env.NODE_ENV': JSON.stringify(mode)
}
} }
}) })

5165
package-lock.json generated
View File

File diff suppressed because it is too large Load Diff

8
package.json
View File

@@ -9,9 +9,13 @@
"scripts": { "scripts": {
"docker:build": "docker build -t schichtplan-app .", "docker:build": "docker build -t schichtplan-app .",
"docker:run": "docker run -p 3002:3002 schichtplan-app", "docker:run": "docker run -p 3002:3002 schichtplan-app",
"build:all": "npm run build --workspace=backend && npm run build --workspace=frontend" "build:all": "npm run build --workspace=backend && npm run build --workspace=frontend",
"dev": "concurrently \"npm run dev:backend\" \"npm run dev:frontend\"",
"dev:frontend": "cd frontend && npm run dev",
"dev:backend": "cd backend && npm run dev:single"
}, },
"devDependencies": { "devDependencies": {
"typescript": "^5.3.3" "typescript": "^5.3.3",
"concurrently": "9.2.1"
} }
} }