flfeders/FEDEO
2
1
Fork 0
Code Issues 95 Pull Requests Actions Packages Projects 22 Releases Wiki Activity

redone admin

Browse Source 
added branches
This commit is contained in:
florianfederspiel
2026-03-25 14:59:44 +01:00
parent 809a37a410
commit c29494dc0d
26 changed files with 1578 additions and 904 deletions
Download Patch File Download Diff File Expand all files Collapse all files

37
backend/db/migrations/0024_tenant_branches.sql Normal file
View File

@@ -0,0 +1,37 @@
CREATE TABLE "branches" (
"id" bigint GENERATED BY DEFAULT AS IDENTITY PRIMARY KEY NOT NULL,
"created_at" timestamp with time zone DEFAULT now() NOT NULL,
"tenant" bigint NOT NULL,
"name" text NOT NULL,
"number" text,
"description" text,
"archived" boolean DEFAULT false NOT NULL,
"updated_at" timestamp with time zone,
"updated_by" uuid
);
--> statement-breakpoint
ALTER TABLE "branches" ADD CONSTRAINT "branches_tenant_tenants_id_fk" FOREIGN KEY ("tenant") REFERENCES "public"."tenants"("id") ON DELETE no action ON UPDATE no action;
--> statement-breakpoint
ALTER TABLE "branches" ADD CONSTRAINT "branches_updated_by_auth_users_id_fk" FOREIGN KEY ("updated_by") REFERENCES "public"."auth_users"("id") ON DELETE no action ON UPDATE no action;
--> statement-breakpoint
ALTER TABLE "costcentres" ADD COLUMN "branch" bigint;
--> statement-breakpoint
ALTER TABLE "costcentres" ADD CONSTRAINT "costcentres_branch_branches_id_fk" FOREIGN KEY ("branch") REFERENCES "public"."branches"("id") ON DELETE no action ON UPDATE no action;
--> statement-breakpoint
ALTER TABLE "auth_profiles" ADD COLUMN "branch_id" bigint;
--> statement-breakpoint
ALTER TABLE "auth_profiles" ADD CONSTRAINT "auth_profiles_branch_id_branches_id_fk" FOREIGN KEY ("branch_id") REFERENCES "public"."branches"("id") ON DELETE no action ON UPDATE no action;
--> statement-breakpoint
CREATE TABLE "auth_profile_branches" (
"created_at" timestamp with time zone DEFAULT now() NOT NULL,
"profile_id" uuid NOT NULL,
"branch_id" bigint NOT NULL,
"created_by" uuid,
CONSTRAINT "auth_profile_branches_profile_id_branch_id_pk" PRIMARY KEY("profile_id","branch_id")
);
--> statement-breakpoint
ALTER TABLE "auth_profile_branches" ADD CONSTRAINT "auth_profile_branches_profile_id_auth_profiles_id_fk" FOREIGN KEY ("profile_id") REFERENCES "public"."auth_profiles"("id") ON DELETE cascade ON UPDATE no action;
--> statement-breakpoint
ALTER TABLE "auth_profile_branches" ADD CONSTRAINT "auth_profile_branches_branch_id_branches_id_fk" FOREIGN KEY ("branch_id") REFERENCES "public"."branches"("id") ON DELETE cascade ON UPDATE no action;
--> statement-breakpoint
ALTER TABLE "auth_profile_branches" ADD CONSTRAINT "auth_profile_branches_created_by_auth_users_id_fk" FOREIGN KEY ("created_by") REFERENCES "public"."auth_users"("id") ON DELETE no action ON UPDATE no action;

7
backend/db/migrations/meta/_journal.json
View File

@@ -162,6 +162,13 @@
"when": 1774080000000, "when": 1774080000000,
"tag": "0023_tax_evaluation_period", "tag": "0023_tax_evaluation_period",
"breakpoints": true "breakpoints": true
},
{
"idx": 23,
"version": "7",
"when": 1774393200000,
"tag": "0024_tenant_branches",
"breakpoints": true
} }
] ]
} }

30
backend/db/schema/auth_profile_branches.ts Normal file
View File

@@ -0,0 +1,30 @@
import { pgTable, uuid, bigint, timestamp } from "drizzle-orm/pg-core"
import { authProfiles } from "./auth_profiles"
import { branches } from "./branches"
import { authUsers } from "./auth_users"
export const authProfileBranches = pgTable(
"auth_profile_branches",
{
created_at: timestamp("created_at", { withTimezone: true })
.notNull()
.defaultNow(),
profile_id: uuid("profile_id")
.notNull()
.references(() => authProfiles.id, { onDelete: "cascade" }),
branch_id: bigint("branch_id", { mode: "number" })
.notNull()
.references(() => branches.id, { onDelete: "cascade" }),
created_by: uuid("created_by").references(() => authUsers.id),
},
(table) => ({
primaryKey: [table.profile_id, table.branch_id],
})
)
export type AuthProfileBranch = typeof authProfileBranches.$inferSelect
export type NewAuthProfileBranch = typeof authProfileBranches.$inferInsert

3
backend/db/schema/auth_profiles.ts
View File

@@ -10,6 +10,7 @@ import {
jsonb, jsonb,
} from "drizzle-orm/pg-core" } from "drizzle-orm/pg-core"
import { authUsers } from "./auth_users" import { authUsers } from "./auth_users"
import { branches } from "./branches"
export const authProfiles = pgTable("auth_profiles", { export const authProfiles = pgTable("auth_profiles", {
id: uuid("id").primaryKey().defaultRandom(), id: uuid("id").primaryKey().defaultRandom(),
@@ -18,6 +19,8 @@ export const authProfiles = pgTable("auth_profiles", {
tenant_id: bigint("tenant_id", { mode: "number" }).notNull(), tenant_id: bigint("tenant_id", { mode: "number" }).notNull(),
branch_id: bigint("branch_id", { mode: "number" }).references(() => branches.id),
created_at: timestamp("created_at", { withTimezone: true }) created_at: timestamp("created_at", { withTimezone: true })
.notNull() .notNull()
.defaultNow(), .defaultNow(),

37
backend/db/schema/branches.ts Normal file
View File

@@ -0,0 +1,37 @@
import {
pgTable,
bigint,
timestamp,
text,
boolean,
uuid,
} from "drizzle-orm/pg-core"
import { tenants } from "./tenants"
import { authUsers } from "./auth_users"
export const branches = pgTable("branches", {
id: bigint("id", { mode: "number" })
.primaryKey()
.generatedByDefaultAsIdentity(),
createdAt: timestamp("created_at", { withTimezone: true })
.notNull()
.defaultNow(),
tenant: bigint("tenant", { mode: "number" })
.notNull()
.references(() => tenants.id),
name: text("name").notNull(),
number: text("number"),
description: text("description"),
archived: boolean("archived").notNull().default(false),
updatedAt: timestamp("updated_at", { withTimezone: true }),
updatedBy: uuid("updated_by").references(() => authUsers.id),
})
export type Branch = typeof branches.$inferSelect
export type NewBranch = typeof branches.$inferInsert

3
backend/db/schema/costcentres.ts
View File

@@ -13,6 +13,7 @@ import { inventoryitems } from "./inventoryitems"
import { projects } from "./projects" import { projects } from "./projects"
import { vehicles } from "./vehicles" import { vehicles } from "./vehicles"
import { authUsers } from "./auth_users" import { authUsers } from "./auth_users"
import { branches } from "./branches"
export const costcentres = pgTable("costcentres", { export const costcentres = pgTable("costcentres", {
id: uuid("id").primaryKey().defaultRandom(), id: uuid("id").primaryKey().defaultRandom(),
@@ -32,6 +33,8 @@ export const costcentres = pgTable("costcentres", {
project: bigint("project", { mode: "number" }).references(() => projects.id), project: bigint("project", { mode: "number" }).references(() => projects.id),
branch: bigint("branch", { mode: "number" }).references(() => branches.id),
inventoryitem: bigint("inventoryitem", { mode: "number" }).references( inventoryitem: bigint("inventoryitem", { mode: "number" }).references(
() => inventoryitems.id () => inventoryitems.id
), ),

2
backend/db/schema/index.ts
View File

@@ -1,5 +1,6 @@
export * from "./accounts" export * from "./accounts"
export * from "./auth_profiles" export * from "./auth_profiles"
export * from "./auth_profile_branches"
export * from "./auth_role_permisssions" export * from "./auth_role_permisssions"
export * from "./auth_roles" export * from "./auth_roles"
export * from "./auth_tenant_users" export * from "./auth_tenant_users"
@@ -8,6 +9,7 @@ export * from "./auth_users"
export * from "./bankaccounts" export * from "./bankaccounts"
export * from "./bankrequisitions" export * from "./bankrequisitions"
export * from "./bankstatements" export * from "./bankstatements"
export * from "./branches"
export * from "./checkexecutions" export * from "./checkexecutions"
export * from "./checks" export * from "./checks"
export * from "./citys" export * from "./citys"

1
backend/db/schema/tenants.ts
View File

@@ -92,6 +92,7 @@ export const tenants = pgTable(
serialInvoice: true, serialInvoice: true,
incomingInvoices: true, incomingInvoices: true,
costcentres: true, costcentres: true,
branches: true,
accounts: true, accounts: true,
ownaccounts: true, ownaccounts: true,
banking: true, banking: true,

4
backend/src/routes/auth/me.ts
View File

@@ -9,6 +9,7 @@ import {
authRolePermissions, authRolePermissions,
} from "../../../db/schema" } from "../../../db/schema"
import { eq, and, or, isNull } from "drizzle-orm" import { eq, and, or, isNull } from "drizzle-orm"
import { enrichProfilesWithBranches } from "../../utils/profileBranches"
export default async function meRoutes(server: FastifyInstance) { export default async function meRoutes(server: FastifyInstance) {
server.get("/me", async (req, reply) => { server.get("/me", async (req, reply) => {
@@ -89,7 +90,8 @@ export default async function meRoutes(server: FastifyInstance) {
) )
.limit(1) .limit(1)
profile = profileResult?.[0] ?? null const enrichedProfiles = await enrichProfilesWithBranches(server, profileResult)
profile = enrichedProfiles?.[0] ?? null
} }
// ---------------------------------------------------- // ----------------------------------------------------

8
backend/src/routes/internal/tenant.ts
View File

@@ -8,6 +8,7 @@ import {
} from "../../../db/schema" } from "../../../db/schema"
import {and, eq, inArray} from "drizzle-orm" import {and, eq, inArray} from "drizzle-orm"
import { enrichProfilesWithBranches } from "../../utils/profileBranches"
export default async function tenantRoutesInternal(server: FastifyInstance) { export default async function tenantRoutesInternal(server: FastifyInstance) {
@@ -53,7 +54,7 @@ export default async function tenantRoutesInternal(server: FastifyInstance) {
.where(inArray(authUsers.id, userIds)) .where(inArray(authUsers.id, userIds))
// 3) auth_profiles pro Tenant laden // 3) auth_profiles pro Tenant laden
const profiles = await server.db const profileRows = await server.db
.select() .select()
.from(authProfiles) .from(authProfiles)
.where( .where(
@@ -61,6 +62,7 @@ export default async function tenantRoutesInternal(server: FastifyInstance) {
eq(authProfiles.tenant_id, tenantId), eq(authProfiles.tenant_id, tenantId),
inArray(authProfiles.user_id, userIds) inArray(authProfiles.user_id, userIds)
)) ))
const profiles = await enrichProfilesWithBranches(server, profileRows)
const combined = users.map(u => { const combined = users.map(u => {
const profile = profiles.find(p => p.user_id === u.id) const profile = profiles.find(p => p.user_id === u.id)
@@ -91,12 +93,12 @@ export default async function tenantRoutesInternal(server: FastifyInstance) {
const tenantId = req.params.id const tenantId = req.params.id
if (!tenantId) return reply.code(401).send({ error: "Unauthorized" }) if (!tenantId) return reply.code(401).send({ error: "Unauthorized" })
const data = await server.db const profileRows = await server.db
.select() .select()
.from(authProfiles) .from(authProfiles)
.where(eq(authProfiles.tenant_id, tenantId)) .where(eq(authProfiles.tenant_id, tenantId))
return data return await enrichProfilesWithBranches(server, profileRows)
} catch (err) { } catch (err) {
console.error("/tenant/profiles ERROR:", err) console.error("/tenant/profiles ERROR:", err)

42
backend/src/routes/profiles.ts
View File

@@ -4,6 +4,11 @@ import { eq, and } from "drizzle-orm";
import { import {
authProfiles, authProfiles,
} from "../../db/schema"; } from "../../db/schema";
import {
loadProfileWithBranches,
resolveTenantBranchIds,
syncProfileBranches,
} from "../utils/profileBranches";
export default async function authProfilesRoutes(server: FastifyInstance) { export default async function authProfilesRoutes(server: FastifyInstance) {
@@ -19,22 +24,13 @@ export default async function authProfilesRoutes(server: FastifyInstance) {
return reply.code(400).send({ error: "No tenant selected" }); return reply.code(400).send({ error: "No tenant selected" });
} }
const rows = await server.db const profile = await loadProfileWithBranches(server, id, tenantId)
.select()
.from(authProfiles)
.where(
and(
eq(authProfiles.id, id),
eq(authProfiles.tenant_id, tenantId)
)
)
.limit(1);
if (!rows.length) { if (!profile) {
return reply.code(404).send({ error: "User not found or not in tenant" }); return reply.code(404).send({ error: "User not found or not in tenant" });
} }
return rows[0]; return profile;
} catch (error) { } catch (error) {
console.error("GET /profiles/:id ERROR:", error); console.error("GET /profiles/:id ERROR:", error);
@@ -48,7 +44,8 @@ export default async function authProfilesRoutes(server: FastifyInstance) {
// ❌ Systemfelder entfernen // ❌ Systemfelder entfernen
const forbidden = [ const forbidden = [
"id", "user_id", "tenant_id", "created_at", "updated_at", "id", "user_id", "tenant_id", "created_at", "updated_at",
"updatedAt", "updatedBy", "old_profile_id", "full_name" "updatedAt", "updatedBy", "old_profile_id", "full_name",
"branch", "branches", "branch_ids"
] ]
forbidden.forEach(f => delete cleaned[f]) forbidden.forEach(f => delete cleaned[f])
@@ -89,8 +86,19 @@ export default async function authProfilesRoutes(server: FastifyInstance) {
// Clean + Normalize // Clean + Normalize
body = sanitizeProfileUpdate(body) body = sanitizeProfileUpdate(body)
const { primaryBranchId, branchIds } = await resolveTenantBranchIds(
server,
tenantId,
[
...(Array.isArray(body.branch_ids) ? body.branch_ids : []),
...(Array.isArray(body.branches) ? body.branches : []),
],
body.branch_id ?? body.branch?.id ?? null
)
const updateData = { const updateData = {
...body, ...body,
branch_id: primaryBranchId,
updatedAt: new Date(), updatedAt: new Date(),
updatedBy: userId updatedBy: userId
} }
@@ -110,10 +118,16 @@ export default async function authProfilesRoutes(server: FastifyInstance) {
return reply.code(404).send({ error: "User not found or not in tenant" }) return reply.code(404).send({ error: "User not found or not in tenant" })
} }
return updated[0] await syncProfileBranches(server, id, branchIds, userId)
const profile = await loadProfileWithBranches(server, id, tenantId)
return profile || updated[0]
} catch (err) { } catch (err) {
console.error("PUT /profiles/:id ERROR:", err) console.error("PUT /profiles/:id ERROR:", err)
if (err instanceof Error && ["INVALID_BRANCH_SELECTION", "INVALID_PRIMARY_BRANCH"].includes(err.message)) {
return reply.code(400).send({ error: "Ungültige Niederlassungsauswahl" })
}
return reply.code(500).send({ error: "Internal Server Error" }) return reply.code(500).send({ error: "Internal Server Error" })
} }
}) })

7
backend/src/routes/tenant.ts
View File

@@ -12,6 +12,7 @@ import {
} from "../../db/schema" } from "../../db/schema"
import {and, desc, eq, inArray} from "drizzle-orm" import {and, desc, eq, inArray} from "drizzle-orm"
import { enrichProfilesWithBranches } from "../utils/profileBranches"
export default async function tenantRoutes(server: FastifyInstance) { export default async function tenantRoutes(server: FastifyInstance) {
@@ -123,7 +124,7 @@ export default async function tenantRoutes(server: FastifyInstance) {
.where(inArray(authUsers.id, userIds)) .where(inArray(authUsers.id, userIds))
// 3) auth_profiles pro Tenant laden // 3) auth_profiles pro Tenant laden
const profiles = await server.db const profileRows = await server.db
.select() .select()
.from(authProfiles) .from(authProfiles)
.where( .where(
@@ -131,6 +132,7 @@ export default async function tenantRoutes(server: FastifyInstance) {
eq(authProfiles.tenant_id, tenantId), eq(authProfiles.tenant_id, tenantId),
inArray(authProfiles.user_id, userIds) inArray(authProfiles.user_id, userIds)
)) ))
const profiles = await enrichProfilesWithBranches(server, profileRows)
const combined = users.map(u => { const combined = users.map(u => {
const profile = profiles.find(p => p.user_id === u.id) const profile = profiles.find(p => p.user_id === u.id)
@@ -160,11 +162,12 @@ export default async function tenantRoutes(server: FastifyInstance) {
const tenantId = req.user?.tenant_id const tenantId = req.user?.tenant_id
if (!tenantId) return reply.code(401).send({ error: "Unauthorized" }) if (!tenantId) return reply.code(401).send({ error: "Unauthorized" })
const data = await server.db const profileRows = await server.db
.select() .select()
.from(authProfiles) .from(authProfiles)
.where(eq(authProfiles.tenant_id, tenantId)) .where(eq(authProfiles.tenant_id, tenantId))
const data = await enrichProfilesWithBranches(server, profileRows)
return { data } return { data }
} catch (err) { } catch (err) {

142
backend/src/utils/profileBranches.ts Normal file
View File

@@ -0,0 +1,142 @@
import { and, eq, inArray } from "drizzle-orm"
import { FastifyInstance } from "fastify"
import { authProfileBranches, authProfiles, branches } from "../../db/schema"
function normalizeBranchIds(values: any[]): number[] {
return [...new Set(
values
.map((value) => {
if (typeof value === "number") return value
if (typeof value === "string" && value.trim()) return Number(value)
if (value && typeof value === "object" && "id" in value) return Number(value.id)
return NaN
})
.filter((value) => Number.isFinite(value))
)]
}
export async function enrichProfilesWithBranches(server: FastifyInstance, profiles: any[]) {
if (!profiles.length) return profiles
const profileIds = profiles.map((profile) => profile.id).filter(Boolean)
if (!profileIds.length) return profiles
const profileBranchRows = await server.db
.select()
.from(authProfileBranches)
.where(inArray(authProfileBranches.profile_id, profileIds))
const branchIds = [...new Set(profileBranchRows.map((row) => row.branch_id).filter(Boolean))]
const branchRows = branchIds.length
? await server.db.select().from(branches).where(inArray(branches.id, branchIds))
: []
const branchMap = new Map(branchRows.map((branch) => [branch.id, branch]))
const branchIdsByProfile = new Map<string, number[]>()
for (const row of profileBranchRows) {
const current = branchIdsByProfile.get(row.profile_id) || []
current.push(row.branch_id)
branchIdsByProfile.set(row.profile_id, current)
}
return profiles.map((profile) => {
const assignedBranchIds = [...new Set(branchIdsByProfile.get(profile.id) || [])]
return {
...profile,
branch: profile.branch_id ? branchMap.get(profile.branch_id) || null : null,
branches: assignedBranchIds
.map((branchId) => branchMap.get(branchId))
.filter(Boolean),
branch_ids: assignedBranchIds,
}
})
}
export async function loadProfileWithBranches(server: FastifyInstance, profileId: string, tenantId: number) {
const rows = await server.db
.select()
.from(authProfiles)
.where(
and(
eq(authProfiles.id, profileId),
eq(authProfiles.tenant_id, tenantId)
)
)
.limit(1)
if (!rows.length) return null
const [profile] = await enrichProfilesWithBranches(server, rows)
return profile
}
export async function resolveTenantBranchIds(
server: FastifyInstance,
tenantId: number,
values: any[],
primaryBranchId?: any
) {
const normalizedPrimaryBranchId = primaryBranchId == null || primaryBranchId === ""
? null
: Number(primaryBranchId)
const requestedBranchIds = normalizeBranchIds([
...values,
normalizedPrimaryBranchId,
])
if (!requestedBranchIds.length) {
return {
primaryBranchId: normalizedPrimaryBranchId,
branchIds: [],
}
}
const validBranches = await server.db
.select({ id: branches.id })
.from(branches)
.where(
and(
eq(branches.tenant, tenantId),
inArray(branches.id, requestedBranchIds)
)
)
const validBranchIds = validBranches.map((branch) => branch.id)
if (validBranchIds.length !== requestedBranchIds.length) {
throw new Error("INVALID_BRANCH_SELECTION")
}
if (normalizedPrimaryBranchId != null && !validBranchIds.includes(normalizedPrimaryBranchId)) {
throw new Error("INVALID_PRIMARY_BRANCH")
}
return {
primaryBranchId: normalizedPrimaryBranchId,
branchIds: validBranchIds,
}
}
export async function syncProfileBranches(
server: FastifyInstance,
profileId: string,
branchIds: number[],
userId?: string | null
) {
await server.db
.delete(authProfileBranches)
.where(eq(authProfileBranches.profile_id, profileId))
if (!branchIds.length) return
await server.db
.insert(authProfileBranches)
.values(branchIds.map((branchId) => ({
profile_id: profileId,
branch_id: branchId,
created_by: userId || null,
})))
}

8
backend/src/utils/resource.config.ts
View File

@@ -4,6 +4,7 @@ import {
bankaccounts, bankaccounts,
bankrequisitions, bankrequisitions,
bankstatements, bankstatements,
branches,
entitybankaccounts, entitybankaccounts,
events, events,
contacts, contacts,
@@ -162,7 +163,12 @@ export const resourceConfig = {
costcentres: { costcentres: {
table: costcentres, table: costcentres,
searchColumns: ["name","number","description"], searchColumns: ["name","number","description"],
mtoLoad: ["vehicle","project","inventoryitem"], mtoLoad: ["vehicle","project","inventoryitem","branch"],
numberRangeHolder: "number",
},
branches: {
table: branches,
searchColumns: ["name","number","description"],
numberRangeHolder: "number", numberRangeHolder: "number",
}, },
tasks: { tasks: {

31
frontend/components/MainNav.vue
View File

@@ -229,6 +229,11 @@ const links = computed(() => {
to: "/standardEntity/memberrelations", to: "/standardEntity/memberrelations",
icon: "i-heroicons-identification" icon: "i-heroicons-identification"
} : null, } : null,
featureEnabled("branches") ? {
label: "Niederlassungen",
to: "/standardEntity/branches",
icon: "i-heroicons-building-office-2"
} : null,
featureEnabled("staffProfiles") ? { featureEnabled("staffProfiles") ? {
label: "Mitarbeiter", label: "Mitarbeiter",
to: "/staff/profiles", to: "/staff/profiles",
@@ -282,11 +287,6 @@ const links = computed(() => {
to: "/settings/tenant", to: "/settings/tenant",
icon: "i-heroicons-building-office", icon: "i-heroicons-building-office",
} : null, } : null,
isAdmin.value ? {
label: "Administration",
to: "/settings/admin",
icon: "i-heroicons-shield-check",
} : null,
featureEnabled("export") ? { featureEnabled("export") ? {
label: "Export", label: "Export",
to: "/export", to: "/export",
@@ -294,6 +294,19 @@ const links = computed(() => {
} : null, } : null,
] ]
const administrationChildren = isAdmin.value ? [
{
label: "Benutzer",
to: "/administration/users",
icon: "i-heroicons-users",
},
{
label: "Tenants",
to: "/administration/tenants",
icon: "i-heroicons-building-office-2",
},
] : []
const visibleOrganisationChildren = visibleItems(organisationChildren) const visibleOrganisationChildren = visibleItems(organisationChildren)
const visibleDocumentChildren = visibleItems(documentChildren) const visibleDocumentChildren = visibleItems(documentChildren)
const visibleCommunicationChildren = visibleItems(communicationChildren) const visibleCommunicationChildren = visibleItems(communicationChildren)
@@ -303,6 +316,7 @@ const links = computed(() => {
const visibleInventoryChildren = visibleItems(inventoryChildren) const visibleInventoryChildren = visibleItems(inventoryChildren)
const visibleMasterDataChildren = visibleItems(masterDataChildren) const visibleMasterDataChildren = visibleItems(masterDataChildren)
const visibleSettingsChildren = visibleItems(settingsChildren) const visibleSettingsChildren = visibleItems(settingsChildren)
const visibleAdministrationChildren = visibleItems(administrationChildren)
return visibleItems([ return visibleItems([
...(auth.profile?.pinned_on_navigation || []).map(pin => { ...(auth.profile?.pinned_on_navigation || []).map(pin => {
@@ -397,7 +411,12 @@ const links = computed(() => {
icon: "i-heroicons-clipboard-document", icon: "i-heroicons-clipboard-document",
children: visibleMasterDataChildren children: visibleMasterDataChildren
}] : []), }] : []),
...(visibleAdministrationChildren.length > 0 ? [{
label: "Administration",
defaultOpen: false,
icon: "i-heroicons-shield-check",
children: visibleAdministrationChildren
}] : []),
...(visibleSettingsChildren.length > 0 ? [{ ...(visibleSettingsChildren.length > 0 ? [{
label: "Einstellungen", label: "Einstellungen",

13
frontend/components/columnRenderings/branch.vue Normal file
View File

@@ -0,0 +1,13 @@
<script setup>
const props = defineProps({
row: {
type: Object,
required: true,
default: {}
}
})
</script>
<template>
<span>{{ props.row.branch?.name || '' }}</span>
</template>

108
frontend/composables/useAdmin.ts Normal file
View File

@@ -0,0 +1,108 @@
export type AdminRole = {
id: string
name: string
description?: string | null
tenant_id: number | null
}
export type AdminTenant = {
id: number
name: string
short: string
user_count: number
locked?: string | null
}
export type AdminUserProfile = {
id: string
user_id: string | null
tenant_id: number
full_name: string | null
first_name: string
last_name: string
email?: string | null
active: boolean
}
export type AdminUser = {
id: string
email: string
display_name: string
multiTenant: boolean
must_change_password: boolean
is_admin: boolean
profile_defaults: {
first_name: string
last_name: string
}
tenant_ids: number[]
role_assignments: { tenant_id: number; role_id: string }[]
profile_assignments?: { tenant_id: number; profile_id?: string | null }[]
profiles: AdminUserProfile[]
}
export type AdminOverview = {
users: AdminUser[]
tenants: AdminTenant[]
roles: AdminRole[]
unassignedProfiles: AdminUserProfile[]
}
export const useAdmin = () => {
const { $api } = useNuxtApp()
const getOverview = async (): Promise<AdminOverview> => {
const response = await $api("/api/admin/overview")
return {
users: response?.users || [],
tenants: response?.tenants || [],
roles: response?.roles || [],
unassignedProfiles: response?.unassignedProfiles || [],
}
}
const createUser = async (body: Record<string, any>) => {
return await $api("/api/admin/users", {
method: "POST",
body,
})
}
const updateUser = async (id: string, body: Record<string, any>) => {
return await $api(`/api/admin/users/${id}`, {
method: "PUT",
body,
})
}
const updateUserAccess = async (id: string, body: Record<string, any>) => {
return await $api(`/api/admin/users/${id}/access`, {
method: "PUT",
body,
})
}
const createTenant = async (body: Record<string, any>) => {
return await $api("/api/admin/tenants", {
method: "POST",
body,
})
}
const updateTenant = async (id: number, body: Record<string, any>) => {
return await $api(`/api/admin/tenants/${id}`, {
method: "PUT",
body,
})
}
return {
getOverview,
createUser,
updateUser,
updateUserAccess,
createTenant,
updateTenant,
}
}

279
frontend/pages/administration/tenants/[id].vue Normal file
View File

@@ -0,0 +1,279 @@
<script setup lang="ts">
import type { AdminTenant, AdminUser } from "~/composables/useAdmin"
const auth = useAuthStore()
const route = useRoute()
const router = useRouter()
const toast = useToast()
const admin = useAdmin()
const tenantId = Number(route.params.id)
const loading = ref(true)
const saving = ref(false)
const creatingUser = ref(false)
const createUserModalOpen = ref(false)
const createdUserPassword = ref("")
const tenantForm = ref<AdminTenant | null>(null)
const assignedUsers = ref<AdminUser[]>([])
const createUserForm = ref({
email: "",
password: "",
first_name: "",
last_name: "",
is_admin: false,
multiTenant: false,
})
const fetchTenant = async () => {
loading.value = true
try {
const overview = await admin.getOverview()
const tenant = overview.tenants.find((entry) => entry.id === tenantId)
if (!tenant) {
toast.add({ title: "Tenant nicht gefunden", color: "red" })
await router.push("/administration/tenants")
return
}
tenantForm.value = { ...tenant }
assignedUsers.value = overview.users.filter((user) => user.tenant_ids.includes(tenantId))
} catch (err: any) {
console.error("[administration/tenants/show]", err)
toast.add({
title: "Tenant konnte nicht geladen werden",
description: err?.data?.error || err?.message || "Unbekannter Fehler",
color: "red",
})
} finally {
loading.value = false
}
}
const saveTenant = async () => {
if (!tenantForm.value || saving.value) return
saving.value = true
try {
await admin.updateTenant(tenantForm.value.id, {
name: tenantForm.value.name,
short: tenantForm.value.short,
})
await fetchTenant()
await auth.fetchMe()
toast.add({ title: "Tenant gespeichert", color: "green" })
} catch (err: any) {
console.error("[administration/tenants/save]", err)
toast.add({
title: "Tenant konnte nicht gespeichert werden",
description: err?.data?.error || err?.message || "Unbekannter Fehler",
color: "red",
})
} finally {
saving.value = false
}
}
const createTenantUser = async () => {
if (!tenantForm.value || creatingUser.value) return
creatingUser.value = true
try {
const response = await admin.createUser(createUserForm.value)
const createdUserId = response?.user?.id
if (!createdUserId) {
throw new Error("Benutzer konnte nach dem Anlegen nicht zugeordnet werden.")
}
await admin.updateUserAccess(createdUserId, {
tenant_ids: [tenantForm.value.id],
role_assignments: [],
profile_defaults: {
first_name: createUserForm.value.first_name,
last_name: createUserForm.value.last_name,
},
profile_assignments: [
{
tenant_id: tenantForm.value.id,
profile_id: null,
},
],
})
createdUserPassword.value = response.initialPassword || ""
createUserModalOpen.value = false
createUserForm.value = {
email: "",
password: "",
first_name: "",
last_name: "",
is_admin: false,
multiTenant: false,
}
await fetchTenant()
toast.add({
title: "Benutzer angelegt",
description: "Der Benutzer wurde direkt diesem Tenant zugeordnet und das Profil wurde erstellt.",
color: "green",
})
} catch (err: any) {
console.error("[administration/tenants/create-user]", err)
toast.add({
title: "Benutzer konnte nicht angelegt werden",
description: err?.data?.error || err?.message || "Unbekannter Fehler",
color: "red",
})
} finally {
creatingUser.value = false
}
}
onMounted(async () => {
if (!auth.user?.is_admin) {
await router.push("/")
return
}
await fetchTenant()
})
</script>
<template>
<UDashboardNavbar title="Administration: Tenants">
<template #left>
<UButton icon="i-heroicons-chevron-left" variant="outline" @click="router.push('/administration/tenants')">
Tenants
</UButton>
</template>
<template #right>
<UButton icon="i-heroicons-user-plus" variant="soft" @click="createUserModalOpen = true">
Benutzer anlegen
</UButton>
<UButton color="primary" :loading="saving" @click="saveTenant">
Speichern
</UButton>
</template>
</UDashboardNavbar>
<UDashboardPanelContent>
<UCard v-if="!loading && tenantForm">
<div class="flex items-start justify-between gap-4 mb-6">
<div>
<h2 class="text-xl font-semibold">{{ tenantForm.name }}</h2>
<p class="text-sm text-gray-500">Tenant-ID {{ tenantForm.id }}</p>
</div>
</div>
<USeparator label="Tenant" />
<UForm :state="tenantForm" class="grid grid-cols-1 md:grid-cols-2 gap-6 mt-4">
<UFormField label="Name">
<UInput v-model="tenantForm.name" />
</UFormField>
<UFormField label="Kürzel">
<UInput v-model="tenantForm.short" />
</UFormField>
</UForm>
</UCard>
<UCard v-if="!loading && tenantForm" class="mt-3">
<USeparator label="Zugeordnete Benutzer" />
<UTable
:data="assignedUsers"
:columns="normalizeTableColumns([
{ key: 'display_name', label: 'Benutzer' },
{ key: 'email', label: 'E-Mail' }
])"
:on-select="(row) => router.push(`/administration/users/${row.original?.id || row.id}`)"
class="mt-4"
/>
</UCard>
<USkeleton v-if="loading" class="h-80" />
</UDashboardPanelContent>
<UModal v-model:open="createUserModalOpen">
<template #content>
<UCard>
<template #header>
<div class="text-lg font-semibold">Benutzer in Tenant anlegen</div>
</template>
<UForm :state="createUserForm" class="space-y-4" @submit.prevent="createTenantUser">
<UFormField label="Tenant">
<UInput :model-value="tenantForm?.name || ''" readonly />
</UFormField>
<UFormField label="E-Mail">
<UInput v-model="createUserForm.email" type="email" />
</UFormField>
<UFormField label="Initialpasswort">
<UInput v-model="createUserForm.password" placeholder="Leer lassen für automatisches Passwort" />
</UFormField>
<UFormField label="Vorname für Profil">
<UInput v-model="createUserForm.first_name" />
</UFormField>
<UFormField label="Nachname für Profil">
<UInput v-model="createUserForm.last_name" />
</UFormField>
<UFormField label="Administrative Freigabe">
<div class="flex items-center gap-3 h-10">
<USwitch v-model="createUserForm.is_admin" />
<span class="text-sm text-gray-600">Benutzer darf die Administration öffnen</span>
</div>
</UFormField>
<UFormField label="Multi-Tenant">
<div class="flex items-center gap-3 h-10">
<USwitch v-model="createUserForm.multiTenant" />
<span class="text-sm text-gray-600">Weitere Tenant-Zuordnungen sind erlaubt</span>
</div>
</UFormField>
<UAlert
title="Automatische Zuordnung"
description="Der Benutzer wird nach dem Anlegen direkt diesem Tenant zugeordnet und bekommt dort automatisch ein Profil mit den angegebenen Stammdaten."
color="primary"
variant="soft"
/>
<div class="flex justify-end gap-3 pt-2">
<UButton color="gray" variant="soft" @click="createUserModalOpen = false">
Abbrechen
</UButton>
<UButton type="submit" color="primary" :loading="creatingUser">
Benutzer anlegen
</UButton>
</div>
</UForm>
</UCard>
</template>
</UModal>
<div class="mx-5 mb-5">
<UAlert
v-if="createdUserPassword"
title="Initialpasswort für neuen Benutzer"
:description="createdUserPassword"
color="amber"
variant="soft"
close-button
@close="createdUserPassword = ''"
/>
</div>
</template>

160
frontend/pages/administration/tenants/index.vue Normal file
View File

@@ -0,0 +1,160 @@
<script setup lang="ts">
import type { AdminTenant } from "~/composables/useAdmin"
const auth = useAuthStore()
const toast = useToast()
const router = useRouter()
const admin = useAdmin()
const loading = ref(true)
const creatingTenant = ref(false)
const createTenantModalOpen = ref(false)
const tenants = ref<AdminTenant[]>([])
const searchString = ref("")
const createTenantForm = ref({
name: "",
short: "",
})
const templateColumns = [
{ key: "name", label: "Tenant" },
{ key: "short", label: "Kürzel" },
{ key: "user_count", label: "Benutzer" },
]
const filteredRows = computed(() => {
const search = searchString.value.trim().toLowerCase()
if (!search) return tenants.value
return tenants.value.filter((tenant) =>
[tenant.name, tenant.short]
.filter(Boolean)
.some((value) => String(value).toLowerCase().includes(search))
)
})
const fetchTenants = async () => {
loading.value = true
try {
const overview = await admin.getOverview()
tenants.value = overview.tenants
} catch (err: any) {
console.error("[administration/tenants/index]", err)
toast.add({
title: "Tenants konnten nicht geladen werden",
description: err?.data?.error || err?.message || "Unbekannter Fehler",
color: "red",
})
} finally {
loading.value = false
}
}
const createTenant = async () => {
if (creatingTenant.value) return
creatingTenant.value = true
try {
const response = await admin.createTenant(createTenantForm.value)
createTenantModalOpen.value = false
createTenantForm.value = {
name: "",
short: "",
}
await fetchTenants()
toast.add({
title: "Tenant angelegt",
description: "Standardordner und Datei-Tags wurden erstellt.",
color: "green",
})
if (response.tenant?.id) {
await router.push(`/administration/tenants/${response.tenant.id}`)
}
} catch (err: any) {
console.error("[administration/tenants/create]", err)
toast.add({
title: "Tenant konnte nicht angelegt werden",
description: err?.data?.error || err?.message || "Unbekannter Fehler",
color: "red",
})
} finally {
creatingTenant.value = false
}
}
onMounted(async () => {
if (!auth.user?.is_admin) {
await router.push("/")
return
}
await fetchTenants()
})
</script>
<template>
<UDashboardNavbar title="Administration: Tenants" :badge="filteredRows.length">
<template #right>
<UInput
v-model="searchString"
icon="i-heroicons-magnifying-glass"
placeholder="Tenants suchen"
class="hidden lg:block"
/>
<UButton icon="i-heroicons-plus" @click="createTenantModalOpen = true">
Tenant
</UButton>
</template>
</UDashboardNavbar>
<UTable
:data="filteredRows"
:columns="normalizeTableColumns(templateColumns)"
:loading="loading"
:on-select="(row) => router.push(`/administration/tenants/${row.original?.id || row.id}`)"
:empty="{ icon: 'i-heroicons-building-office-2', label: 'Keine Tenants gefunden' }"
/>
<UModal v-model:open="createTenantModalOpen">
<template #content>
<UCard>
<template #header>
<div class="text-lg font-semibold">Tenant anlegen</div>
</template>
<UForm :state="createTenantForm" class="space-y-4" @submit.prevent="createTenant">
<UFormField label="Name">
<UInput v-model="createTenantForm.name" />
</UFormField>
<UFormField label="Kürzel">
<UInput v-model="createTenantForm.short" />
</UFormField>
<UAlert
title="Seed-Daten"
description="Beim Anlegen werden Standard-Datei-Tags sowie Systemordner mit Jahresunterordnern erstellt."
color="primary"
variant="soft"
/>
<div class="flex justify-end gap-3 pt-2">
<UButton color="gray" variant="soft" @click="createTenantModalOpen = false">
Abbrechen
</UButton>
<UButton type="submit" color="primary" :loading="creatingTenant">
Tenant anlegen
</UButton>
</div>
</UForm>
</UCard>
</template>
</UModal>
</template>

330
frontend/pages/administration/users/[id].vue Normal file
View File

@@ -0,0 +1,330 @@
<script setup lang="ts">
import type { AdminRole, AdminUser, AdminUserProfile } from "~/composables/useAdmin"
const auth = useAuthStore()
const route = useRoute()
const router = useRouter()
const toast = useToast()
const admin = useAdmin()
const userId = route.params.id as string
const loading = ref(true)
const saving = ref(false)
const userForm = ref<AdminUser | null>(null)
const roles = ref<AdminRole[]>([])
const tenants = ref<{ id: number; name: string; short: string }[]>([])
const unassignedProfiles = ref<AdminUserProfile[]>([])
const tenantOptions = computed(() =>
tenants.value.map((tenant) => ({
label: `${tenant.name} (${tenant.short})`,
value: tenant.id,
}))
)
const getRoleOptionsForTenant = (tenantId: number) =>
roles.value
.filter((role) => role.tenant_id === null || role.tenant_id === tenantId)
.map((role) => ({
label: role.tenant_id === null ? `${role.name} (global)` : role.name,
value: role.id,
}))
const getFreeProfilesForTenant = (tenantId: number) =>
unassignedProfiles.value.filter((profile) => profile.tenant_id === tenantId)
const normalizeUserAssignments = () => {
if (!userForm.value) return
const uniqueTenantIds = Array.from(new Set((userForm.value.tenant_ids || []).map(Number))).sort((a, b) => a - b)
const assignmentsByTenant = new Map<number, string>()
const profileAssignmentByTenant = new Map<number, string | null>()
for (const assignment of userForm.value.role_assignments || []) {
if (!uniqueTenantIds.includes(Number(assignment.tenant_id))) continue
if (assignmentsByTenant.has(Number(assignment.tenant_id))) continue
assignmentsByTenant.set(Number(assignment.tenant_id), assignment.role_id)
}
for (const assignment of userForm.value.profile_assignments || []) {
if (!uniqueTenantIds.includes(Number(assignment.tenant_id))) continue
profileAssignmentByTenant.set(Number(assignment.tenant_id), assignment.profile_id || null)
}
userForm.value.tenant_ids = uniqueTenantIds
userForm.value.role_assignments = uniqueTenantIds
.map((tenantId) => {
const roleId = assignmentsByTenant.get(tenantId)
return roleId ? { tenant_id: tenantId, role_id: roleId } : null
})
.filter(Boolean) as { tenant_id: number; role_id: string }[]
userForm.value.profile_assignments = uniqueTenantIds.map((tenantId) => ({
tenant_id: tenantId,
profile_id: profileAssignmentByTenant.get(tenantId) || null,
}))
}
const updateUserTenants = (tenantIds: number[] = []) => {
if (!userForm.value) return
userForm.value.tenant_ids = tenantIds
normalizeUserAssignments()
}
const setRoleForTenant = (tenantId: number, roleId?: string | null) => {
if (!userForm.value) return
userForm.value.role_assignments = (userForm.value.role_assignments || []).filter((assignment) => assignment.tenant_id !== tenantId)
if (roleId) {
userForm.value.role_assignments.push({ tenant_id: tenantId, role_id: roleId })
}
}
const getRoleForTenant = (tenantId: number) =>
userForm.value?.role_assignments?.find((assignment) => assignment.tenant_id === tenantId)?.role_id || null
const setProfileAssignmentForTenant = (tenantId: number, profileId?: string | null) => {
if (!userForm.value) return
userForm.value.profile_assignments = (userForm.value.profile_assignments || []).filter((assignment) => assignment.tenant_id !== tenantId)
userForm.value.profile_assignments.push({
tenant_id: tenantId,
profile_id: profileId || null,
})
}
const getProfileAssignmentForTenant = (tenantId: number) =>
userForm.value?.profile_assignments?.find((assignment) => assignment.tenant_id === tenantId)?.profile_id || null
const fetchUser = async () => {
loading.value = true
try {
const overview = await admin.getOverview()
roles.value = overview.roles
tenants.value = overview.tenants
unassignedProfiles.value = overview.unassignedProfiles
const user = overview.users.find((entry) => entry.id === userId)
if (!user) {
toast.add({ title: "Benutzer nicht gefunden", color: "red" })
await router.push("/administration/users")
return
}
userForm.value = {
...user,
profile_defaults: { ...user.profile_defaults },
tenant_ids: [...user.tenant_ids],
role_assignments: [...user.role_assignments],
profile_assignments: [...(user.profile_assignments || [])],
profiles: [...user.profiles],
}
normalizeUserAssignments()
} catch (err: any) {
console.error("[administration/users/show]", err)
toast.add({
title: "Benutzer konnte nicht geladen werden",
description: err?.data?.error || err?.message || "Unbekannter Fehler",
color: "red",
})
} finally {
loading.value = false
}
}
const saveUser = async () => {
if (!userForm.value || saving.value) return
saving.value = true
normalizeUserAssignments()
try {
await admin.updateUser(userForm.value.id, {
email: userForm.value.email,
multiTenant: userForm.value.multiTenant,
must_change_password: userForm.value.must_change_password,
is_admin: userForm.value.is_admin,
})
await admin.updateUserAccess(userForm.value.id, {
tenant_ids: userForm.value.tenant_ids,
role_assignments: userForm.value.role_assignments,
profile_defaults: userForm.value.profile_defaults,
profile_assignments: userForm.value.profile_assignments,
})
await fetchUser()
await auth.fetchMe()
toast.add({ title: "Benutzer gespeichert", color: "green" })
} catch (err: any) {
console.error("[administration/users/save]", err)
toast.add({
title: "Benutzer konnte nicht gespeichert werden",
description: err?.data?.error || err?.message || "Unbekannter Fehler",
color: "red",
})
} finally {
saving.value = false
}
}
onMounted(async () => {
if (!auth.user?.is_admin) {
await router.push("/")
return
}
await fetchUser()
})
</script>
<template>
<UDashboardNavbar title="Administration: Benutzer">
<template #left>
<UButton icon="i-heroicons-chevron-left" variant="outline" @click="router.push('/administration/users')">
Benutzer
</UButton>
</template>
<template #right>
<UButton color="primary" :loading="saving" @click="saveUser">
Speichern
</UButton>
</template>
</UDashboardNavbar>
<UDashboardPanelContent>
<UCard v-if="!loading && userForm">
<div class="flex items-start justify-between gap-4 mb-6">
<div>
<h2 class="text-xl font-semibold">{{ userForm.display_name }}</h2>
<p class="text-sm text-gray-500">{{ userForm.email }}</p>
</div>
</div>
<USeparator label="Benutzer" />
<UForm :state="userForm" class="grid grid-cols-1 md:grid-cols-2 gap-6 mt-4">
<UFormField label="E-Mail">
<UInput v-model="userForm.email" />
</UFormField>
<UFormField label="Profil Vorname">
<UInput v-model="userForm.profile_defaults.first_name" />
</UFormField>
<UFormField label="Profil Nachname">
<UInput v-model="userForm.profile_defaults.last_name" />
</UFormField>
<UFormField label="Tenants">
<USelectMenu
:model-value="userForm.tenant_ids"
:items="tenantOptions"
value-key="value"
label-key="label"
multiple
@update:model-value="updateUserTenants"
/>
</UFormField>
<UFormField label="Administrative Freigabe">
<div class="flex items-center gap-3 h-10">
<USwitch v-model="userForm.is_admin" />
<span class="text-sm text-gray-600">Darf Administrationsseiten und Admin-API nutzen</span>
</div>
</UFormField>
<UFormField label="Multi-Tenant">
<div class="flex items-center gap-3 h-10">
<USwitch v-model="userForm.multiTenant" />
<span class="text-sm text-gray-600">Mehrere Tenant-Zuordnungen erlauben</span>
</div>
</UFormField>
<UFormField label="Passwortwechsel erzwingen">
<div class="flex items-center gap-3 h-10">
<USwitch v-model="userForm.must_change_password" />
<span class="text-sm text-gray-600">Beim nächsten Login muss das Passwort geändert werden</span>
</div>
</UFormField>
</UForm>
</UCard>
<UCard v-if="!loading && userForm" class="mt-3">
<USeparator label="Rollen und Profile" />
<div v-if="userForm.tenant_ids.length" class="grid grid-cols-1 md:grid-cols-2 gap-4 mt-4">
<UCard
v-for="tenantId in userForm.tenant_ids"
:key="tenantId"
class="border border-gray-200"
>
<div class="space-y-3">
<div>
<div class="font-medium">
{{ tenants.find((tenant) => tenant.id === tenantId)?.name || `Tenant ${tenantId}` }}
</div>
<div class="text-sm text-gray-500">
{{ tenants.find((tenant) => tenant.id === tenantId)?.short || "" }}
</div>
</div>
<UFormField label="Rolle">
<USelectMenu
:model-value="getRoleForTenant(tenantId)"
:items="getRoleOptionsForTenant(tenantId)"
value-key="value"
label-key="label"
placeholder="Rolle auswählen"
@update:model-value="(value) => setRoleForTenant(tenantId, value)"
/>
</UFormField>
<UFormField label="Freies Profil">
<USelectMenu
:model-value="getProfileAssignmentForTenant(tenantId)"
:items="[
{ label: 'Neues Profil erzeugen', value: null },
...getFreeProfilesForTenant(tenantId).map((profile) => ({
label: profile.full_name || `${profile.first_name} ${profile.last_name}`,
value: profile.id,
}))
]"
value-key="value"
label-key="label"
placeholder="Profil auswählen"
@update:model-value="(value) => setProfileAssignmentForTenant(tenantId, value)"
/>
</UFormField>
</div>
</UCard>
</div>
<UAlert
v-else-if="!loading"
title="Keine Tenant-Zuordnung"
description="Weise dem Benutzer zuerst mindestens einen Tenant zu."
color="amber"
variant="soft"
class="mt-4"
/>
</UCard>
<UCard v-if="!loading && userForm" class="mt-3">
<USeparator label="Profile im System" />
<div class="flex flex-wrap gap-2 mt-4">
<UBadge
v-for="profile in userForm.profiles"
:key="profile.id"
variant="subtle"
color="gray"
>
{{ profile.full_name || `${profile.first_name} ${profile.last_name}` }} · Tenant {{ profile.tenant_id }}
</UBadge>
</div>
</UCard>
<USkeleton v-if="loading" class="h-80" />
</UDashboardPanelContent>
</template>

204
frontend/pages/administration/users/index.vue Normal file
View File

@@ -0,0 +1,204 @@
<script setup lang="ts">
import type { AdminUser } from "~/composables/useAdmin"
const auth = useAuthStore()
const toast = useToast()
const router = useRouter()
const admin = useAdmin()
const loading = ref(true)
const creatingUser = ref(false)
const createUserModalOpen = ref(false)
const createdUserPassword = ref("")
const users = ref<AdminUser[]>([])
const searchString = ref("")
const createUserForm = ref({
email: "",
password: "",
first_name: "",
last_name: "",
is_admin: false,
multiTenant: true,
})
const templateColumns = [
{ key: "display_name", label: "Benutzer" },
{ key: "email", label: "E-Mail" },
{ key: "tenant_count", label: "Tenants" },
{ key: "is_admin", label: "Admin" },
]
const filteredRows = computed(() => {
const search = searchString.value.trim().toLowerCase()
const rows = users.value.map((user) => ({
...user,
tenant_count: user.tenant_ids.length,
is_admin: user.is_admin ? "Ja" : "Nein",
}))
if (!search) return rows
return rows.filter((row) =>
[row.display_name, row.email]
.filter(Boolean)
.some((value) => String(value).toLowerCase().includes(search))
)
})
const fetchUsers = async () => {
loading.value = true
try {
const overview = await admin.getOverview()
users.value = overview.users
} catch (err: any) {
console.error("[administration/users/index]", err)
toast.add({
title: "Benutzer konnten nicht geladen werden",
description: err?.data?.error || err?.message || "Unbekannter Fehler",
color: "red",
})
} finally {
loading.value = false
}
}
const createUser = async () => {
if (creatingUser.value) return
creatingUser.value = true
try {
const response = await admin.createUser(createUserForm.value)
createdUserPassword.value = response.initialPassword || ""
createUserModalOpen.value = false
createUserForm.value = {
email: "",
password: "",
first_name: "",
last_name: "",
is_admin: false,
multiTenant: true,
}
await fetchUsers()
toast.add({
title: "Benutzer angelegt",
description: createdUserPassword.value ? `Initialpasswort: ${createdUserPassword.value}` : undefined,
color: "green",
})
if (response.user?.id) {
await router.push(`/administration/users/${response.user.id}`)
}
} catch (err: any) {
console.error("[administration/users/create]", err)
toast.add({
title: "Benutzer konnte nicht angelegt werden",
description: err?.data?.error || err?.message || "Unbekannter Fehler",
color: "red",
})
} finally {
creatingUser.value = false
}
}
onMounted(async () => {
if (!auth.user?.is_admin) {
await router.push("/")
return
}
await fetchUsers()
})
</script>
<template>
<UDashboardNavbar title="Administration: Benutzer" :badge="filteredRows.length">
<template #right>
<UInput
v-model="searchString"
icon="i-heroicons-magnifying-glass"
placeholder="Benutzer suchen"
class="hidden lg:block"
/>
<UButton icon="i-heroicons-plus" @click="createUserModalOpen = true">
Benutzer
</UButton>
</template>
</UDashboardNavbar>
<UTable
:data="filteredRows"
:columns="normalizeTableColumns(templateColumns)"
:loading="loading"
:on-select="(row) => router.push(`/administration/users/${row.original?.id || row.id}`)"
:empty="{ icon: 'i-heroicons-users', label: 'Keine Benutzer gefunden' }"
/>
<UModal v-model:open="createUserModalOpen">
<template #content>
<UCard>
<template #header>
<div class="text-lg font-semibold">Benutzer anlegen</div>
</template>
<UForm :state="createUserForm" class="space-y-4" @submit.prevent="createUser">
<UFormField label="E-Mail">
<UInput v-model="createUserForm.email" type="email" />
</UFormField>
<UFormField label="Initialpasswort">
<UInput v-model="createUserForm.password" placeholder="Leer lassen für automatisches Passwort" />
</UFormField>
<UFormField label="Vorname für neues Profil">
<UInput v-model="createUserForm.first_name" />
</UFormField>
<UFormField label="Nachname für neues Profil">
<UInput v-model="createUserForm.last_name" />
</UFormField>
<UFormField label="Administrative Freigabe">
<div class="flex items-center gap-3 h-10">
<USwitch v-model="createUserForm.is_admin" />
<span class="text-sm text-gray-600">Benutzer darf die Administration öffnen</span>
</div>
</UFormField>
<UFormField label="Multi-Tenant">
<div class="flex items-center gap-3 h-10">
<USwitch v-model="createUserForm.multiTenant" />
<span class="text-sm text-gray-600">Mehrere Tenant-Zuordnungen erlauben</span>
</div>
</UFormField>
<div class="flex justify-end gap-3 pt-2">
<UButton color="gray" variant="soft" @click="createUserModalOpen = false">
Abbrechen
</UButton>
<UButton type="submit" color="primary" :loading="creatingUser">
Benutzer anlegen
</UButton>
</div>
</UForm>
</UCard>
</template>
</UModal>
<div class="mx-5 mb-5">
<UAlert
v-if="createdUserPassword"
title="Initialpasswort für neuen Benutzer"
:description="createdUserPassword"
color="amber"
variant="soft"
close-button
@close="createdUserPassword = ''"
/>
</div>
</template>

880
frontend/pages/settings/admin.vue
View File

@@ -1,894 +1,26 @@
<script setup lang="ts"> <script setup lang="ts">
const auth = useAuthStore() const auth = useAuthStore()
const toast = useToast()
const router = useRouter() const router = useRouter()
type AdminRole = {
id: string
name: string
description?: string | null
tenant_id: number | null
}
type AdminTenant = {
id: number
name: string
short: string
user_count: number
locked?: string | null
}
type AdminUserProfile = {
id: string
user_id: string
tenant_id: number
full_name: string | null
first_name: string
last_name: string
email?: string | null
active: boolean
}
type AdminUser = {
id: string
email: string
display_name: string
multiTenant: boolean
must_change_password: boolean
is_admin: boolean
profile_defaults: {
first_name: string
last_name: string
}
tenant_ids: number[]
role_assignments: { tenant_id: number; role_id: string }[]
profile_assignments?: { tenant_id: number; profile_id?: string | null }[]
profiles: AdminUserProfile[]
}
const loading = ref(true)
const savingUser = ref(false)
const savingTenant = ref(false)
const creatingUser = ref(false)
const creatingTenant = ref(false)
const activeTab = ref("0")
const createUserModalOpen = ref(false)
const createTenantModalOpen = ref(false)
const createdUserPassword = ref("")
const users = ref<AdminUser[]>([])
const tenants = ref<AdminTenant[]>([])
const roles = ref<AdminRole[]>([])
const unassignedProfiles = ref<AdminUserProfile[]>([])
const selectedUserId = ref<string | null>(null)
const selectedTenantId = ref<number | null>(null)
const userForm = ref<AdminUser | null>(null)
const tenantForm = ref<AdminTenant | null>(null)
const createUserForm = ref({
email: "",
password: "",
first_name: "",
last_name: "",
is_admin: false,
multiTenant: true,
})
const createTenantForm = ref({
name: "",
short: "",
})
const tabItems = [
{ label: "Benutzer" },
{ label: "Tenants" },
]
const sortedUsers = computed(() =>
[...users.value].sort((a, b) => a.display_name.localeCompare(b.display_name, "de"))
)
const sortedTenants = computed(() =>
[...tenants.value].sort((a, b) => a.name.localeCompare(b.name, "de"))
)
const tenantOptions = computed(() =>
sortedTenants.value.map((tenant) => ({
label: `${tenant.name} (${tenant.short})`,
value: tenant.id,
}))
)
const userTableColumns = [
{ key: "display_name", label: "Benutzer" },
{ key: "email", label: "E-Mail" },
{ key: "tenant_count", label: "Tenants" },
{ key: "is_admin", label: "Admin" },
]
const normalizedUserTableColumns = normalizeTableColumns(userTableColumns)
const tenantTableColumns = [
{ key: "name", label: "Tenant" },
{ key: "short", label: "Kürzel" },
{ key: "user_count", label: "Benutzer" },
]
const normalizedTenantTableColumns = normalizeTableColumns(tenantTableColumns)
const userTableRows = computed(() =>
sortedUsers.value.map((user) => ({
...user,
tenant_count: user.tenant_ids.length,
is_admin: user.is_admin ? "Ja" : "Nein",
}))
)
const tenantTableRows = computed(() => sortedTenants.value)
const getRoleOptionsForTenant = (tenantId: number) =>
roles.value
.filter((role) => role.tenant_id === null || role.tenant_id === tenantId)
.map((role) => ({
label: role.tenant_id === null ? `${role.name} (global)` : role.name,
value: role.id,
}))
const getUsersForTenant = (tenantId: number) =>
sortedUsers.value.filter((user) => user.tenant_ids.includes(tenantId))
const getFreeProfilesForTenant = (tenantId: number) =>
unassignedProfiles.value.filter((profile) => profile.tenant_id === tenantId)
const cloneUser = (user: AdminUser): AdminUser => ({
...user,
profile_defaults: { ...user.profile_defaults },
tenant_ids: [...(user.tenant_ids || [])],
role_assignments: [...(user.role_assignments || [])],
profile_assignments: [...(user.profile_assignments || [])],
profiles: [...(user.profiles || [])],
})
const cloneTenant = (tenant: AdminTenant): AdminTenant => ({
...tenant,
})
const normalizeUserAssignments = () => {
if (!userForm.value) return
const uniqueTenantIds = Array.from(new Set((userForm.value.tenant_ids || []).map(Number))).sort((a, b) => a - b)
const assignmentsByTenant = new Map<number, string>()
const profileAssignmentByTenant = new Map<number, string | null>()
for (const assignment of userForm.value.role_assignments || []) {
if (!uniqueTenantIds.includes(Number(assignment.tenant_id))) continue
if (assignmentsByTenant.has(Number(assignment.tenant_id))) continue
assignmentsByTenant.set(Number(assignment.tenant_id), assignment.role_id)
}
for (const assignment of userForm.value.profile_assignments || []) {
if (!uniqueTenantIds.includes(Number(assignment.tenant_id))) continue
profileAssignmentByTenant.set(Number(assignment.tenant_id), assignment.profile_id || null)
}
userForm.value.tenant_ids = uniqueTenantIds
userForm.value.role_assignments = uniqueTenantIds
.map((tenantId) => {
const roleId = assignmentsByTenant.get(tenantId)
return roleId ? { tenant_id: tenantId, role_id: roleId } : null
})
.filter(Boolean) as { tenant_id: number; role_id: string }[]
userForm.value.profile_assignments = uniqueTenantIds.map((tenantId) => ({
tenant_id: tenantId,
profile_id: profileAssignmentByTenant.get(tenantId) || null,
}))
}
const updateUserTenants = (tenantIds: number[] = []) => {
if (!userForm.value) return
userForm.value.tenant_ids = tenantIds
normalizeUserAssignments()
}
const setRoleForTenant = (tenantId: number, roleId?: string | null) => {
if (!userForm.value) return
userForm.value.role_assignments = (userForm.value.role_assignments || []).filter((assignment) => assignment.tenant_id !== tenantId)
if (roleId) {
userForm.value.role_assignments.push({
tenant_id: tenantId,
role_id: roleId,
})
}
}
const getRoleForTenant = (tenantId: number) => {
return userForm.value?.role_assignments?.find((assignment) => assignment.tenant_id === tenantId)?.role_id || null
}
const setProfileAssignmentForTenant = (tenantId: number, profileId?: string | null) => {
if (!userForm.value) return
userForm.value.profile_assignments = (userForm.value.profile_assignments || []).filter((assignment) => assignment.tenant_id !== tenantId)
userForm.value.profile_assignments.push({
tenant_id: tenantId,
profile_id: profileId || null,
})
}
const getProfileAssignmentForTenant = (tenantId: number) => {
return userForm.value?.profile_assignments?.find((assignment) => assignment.tenant_id === tenantId)?.profile_id || null
}
const selectUser = (row: any) => {
const user = users.value.find((entry) => entry.id === row.id)
if (!user) return
selectedUserId.value = user.id
userForm.value = cloneUser(user)
normalizeUserAssignments()
}
const selectTenant = (row: any) => {
const tenant = tenants.value.find((entry) => entry.id === row.id)
if (!tenant) return
selectedTenantId.value = tenant.id
tenantForm.value = cloneTenant(tenant)
}
const fetchOverview = async () => {
loading.value = true
try {
const response = await useNuxtApp().$api("/api/admin/overview")
users.value = response.users || []
tenants.value = response.tenants || []
roles.value = response.roles || []
unassignedProfiles.value = response.unassignedProfiles || []
if (!selectedUserId.value && users.value.length) {
selectUser(users.value[0])
} else if (selectedUserId.value) {
const currentUser = users.value.find((user) => user.id === selectedUserId.value)
if (currentUser) selectUser(currentUser)
}
if (!selectedTenantId.value && tenants.value.length) {
selectTenant(tenants.value[0])
} else if (selectedTenantId.value) {
const currentTenant = tenants.value.find((tenant) => tenant.id === selectedTenantId.value)
if (currentTenant) selectTenant(currentTenant)
}
} catch (err: any) {
console.error("[admin/fetchOverview]", err)
toast.add({
title: "Administration konnte nicht geladen werden",
description: err?.data?.error || err?.message || "Unbekannter Fehler",
color: "red",
})
} finally {
loading.value = false
}
}
const saveUser = async () => {
if (!userForm.value || savingUser.value) return
savingUser.value = true
normalizeUserAssignments()
try {
await useNuxtApp().$api(`/api/admin/users/${userForm.value.id}`, {
method: "PUT",
body: {
email: userForm.value.email,
multiTenant: userForm.value.multiTenant,
must_change_password: userForm.value.must_change_password,
is_admin: userForm.value.is_admin,
},
})
await useNuxtApp().$api(`/api/admin/users/${userForm.value.id}/access`, {
method: "PUT",
body: {
tenant_ids: userForm.value.tenant_ids,
role_assignments: userForm.value.role_assignments,
profile_defaults: userForm.value.profile_defaults,
profile_assignments: userForm.value.profile_assignments,
},
})
await fetchOverview()
await auth.fetchMe()
toast.add({
title: "Benutzer gespeichert",
color: "green",
})
} catch (err: any) {
console.error("[admin/saveUser]", err)
toast.add({
title: "Benutzer konnte nicht gespeichert werden",
description: err?.data?.error || err?.message || "Unbekannter Fehler",
color: "red",
})
} finally {
savingUser.value = false
}
}
const createUser = async () => {
if (creatingUser.value) return
creatingUser.value = true
try {
const response = await useNuxtApp().$api("/api/admin/users", {
method: "POST",
body: createUserForm.value,
})
createdUserPassword.value = response.initialPassword || ""
createUserModalOpen.value = false
createUserForm.value = {
email: "",
password: "",
first_name: "",
last_name: "",
is_admin: false,
multiTenant: true,
}
await fetchOverview()
if (response.user?.id) {
const createdUser = users.value.find((user) => user.id === response.user.id)
if (createdUser) selectUser(createdUser)
}
toast.add({
title: "Benutzer angelegt",
description: createdUserPassword.value ? `Initialpasswort: ${createdUserPassword.value}` : undefined,
color: "green",
})
} catch (err: any) {
console.error("[admin/createUser]", err)
toast.add({
title: "Benutzer konnte nicht angelegt werden",
description: err?.data?.error || err?.message || "Unbekannter Fehler",
color: "red",
})
} finally {
creatingUser.value = false
}
}
const saveTenant = async () => {
if (!tenantForm.value || savingTenant.value) return
savingTenant.value = true
try {
await useNuxtApp().$api(`/api/admin/tenants/${tenantForm.value.id}`, {
method: "PUT",
body: {
name: tenantForm.value.name,
short: tenantForm.value.short,
},
})
await fetchOverview()
await auth.fetchMe()
toast.add({
title: "Tenant gespeichert",
color: "green",
})
} catch (err: any) {
console.error("[admin/saveTenant]", err)
toast.add({
title: "Tenant konnte nicht gespeichert werden",
description: err?.data?.error || err?.message || "Unbekannter Fehler",
color: "red",
})
} finally {
savingTenant.value = false
}
}
const createTenant = async () => {
if (creatingTenant.value) return
creatingTenant.value = true
try {
const response = await useNuxtApp().$api("/api/admin/tenants", {
method: "POST",
body: createTenantForm.value,
})
createTenantModalOpen.value = false
createTenantForm.value = {
name: "",
short: "",
}
await fetchOverview()
if (response.tenant?.id) {
const createdTenant = tenants.value.find((tenant) => tenant.id === response.tenant.id)
if (createdTenant) selectTenant(createdTenant)
}
toast.add({
title: "Tenant angelegt",
description: "Standardordner und Datei-Tags wurden erstellt.",
color: "green",
})
} catch (err: any) {
console.error("[admin/createTenant]", err)
toast.add({
title: "Tenant konnte nicht angelegt werden",
description: err?.data?.error || err?.message || "Unbekannter Fehler",
color: "red",
})
} finally {
creatingTenant.value = false
}
}
onMounted(async () => { onMounted(async () => {
if (!auth.user?.is_admin) { if (!auth.user?.is_admin) {
toast.add({ await router.replace("/")
title: "Zugriff verweigert",
description: "Diese Seite ist nur für administrative Benutzer verfügbar.",
color: "red",
})
await router.push("/")
return return
} }
await fetchOverview() await router.replace("/administration/users")
}) })
</script> </script>
<template> <template>
<UDashboardNavbar title="Administration" /> <UDashboardNavbar title="Administration" />
<UDashboardPanelContent class="p-5 overflow-hidden"> <UDashboardPanelContent>
<UAlert <UAlert
v-if="!auth.user?.is_admin" title="Weiterleitung"
title="Kein Zugriff" description="Die Administration wurde in eigene Bereiche fuer Benutzer und Tenants verschoben."
description="Für diese Seite wird ein administrativer Benutzer benötigt." color="primary"
color="red"
variant="soft" variant="soft"
/> />
<UTabs
v-else
v-model="activeTab"
:items="tabItems"
class="admin-tabs h-full"
>
<template #content="{ item }">
<div v-if="item.label === 'Benutzer'" class="admin-grid mt-5 grid grid-cols-1 xl:grid-cols-3 gap-5">
<UCard class="admin-card xl:col-span-1">
<div class="flex items-center justify-between mb-4">
<h2 class="text-lg font-semibold">Benutzer</h2>
<div class="flex items-center gap-2">
<UBadge variant="subtle">{{ users.length }}</UBadge>
<UButton
size="sm"
icon="i-heroicons-plus"
@click="createUserModalOpen = true"
>
Benutzer
</UButton>
</div>
</div>
<div class="admin-scroll">
<UTable
v-if="!loading"
:data="userTableRows"
:columns="normalizedUserTableColumns"
:on-select="selectUser"
/>
<USkeleton v-else class="h-80" />
</div>
</UCard>
<UCard class="admin-card xl:col-span-2">
<div v-if="userForm" class="admin-scroll space-y-6">
<div class="flex items-start justify-between gap-4">
<div>
<h2 class="text-lg font-semibold">{{ userForm.display_name }}</h2>
<p class="text-sm text-gray-500">{{ userForm.email }}</p>
</div>
<UButton
color="primary"
:loading="savingUser"
@click="saveUser"
>
Benutzer speichern
</UButton>
</div>
<UForm :state="userForm" class="grid grid-cols-1 md:grid-cols-2 gap-6">
<UFormField label="E-Mail">
<UInput v-model="userForm.email" />
</UFormField>
<UFormField label="Profil Vorname">
<UInput v-model="userForm.profile_defaults.first_name" />
</UFormField>
<UFormField label="Profil Nachname">
<UInput v-model="userForm.profile_defaults.last_name" />
</UFormField>
<UFormField label="Tenants">
<USelectMenu
:model-value="userForm.tenant_ids"
:items="tenantOptions"
value-key="value"
label-key="label"
multiple
@update:model-value="updateUserTenants"
/>
</UFormField>
<UFormField label="Administrative Freigabe">
<div class="flex items-center gap-3 h-10">
<USwitch v-model="userForm.is_admin" />
<span class="text-sm text-gray-600">Darf Administrationsseite und Admin-API nutzen</span>
</div>
</UFormField>
<UFormField label="Multi-Tenant">
<div class="flex items-center gap-3 h-10">
<USwitch v-model="userForm.multiTenant" />
<span class="text-sm text-gray-600">Benutzer darf mehreren Tenants zugeordnet sein</span>
</div>
</UFormField>
<UFormField label="Passwortwechsel erzwingen">
<div class="flex items-center gap-3 h-10">
<USwitch v-model="userForm.must_change_password" />
<span class="text-sm text-gray-600">Beim nächsten Login muss das Passwort geändert werden</span>
</div>
</UFormField>
</UForm>
<div>
<USeparator label="Rollen pro Tenant" class="mb-4" />
<div
v-if="userForm.tenant_ids.length"
class="grid grid-cols-1 md:grid-cols-2 gap-4"
>
<UCard
v-for="tenantId in userForm.tenant_ids"
:key="tenantId"
class="border border-gray-200"
>
<div class="space-y-3">
<div>
<div class="font-medium">
{{ tenants.find((tenant) => tenant.id === tenantId)?.name || `Tenant ${tenantId}` }}
</div>
<div class="text-sm text-gray-500">
{{ tenants.find((tenant) => tenant.id === tenantId)?.short || "" }}
</div>
</div>
<UFormField label="Rolle">
<USelectMenu
:model-value="getRoleForTenant(tenantId)"
:items="getRoleOptionsForTenant(tenantId)"
value-key="value"
label-key="label"
placeholder="Rolle auswählen"
@update:model-value="(value) => setRoleForTenant(tenantId, value)"
/>
</UFormField>
<UFormField label="Freies Profil">
<USelectMenu
:model-value="getProfileAssignmentForTenant(tenantId)"
:items="[
{ label: 'Neues Profil erzeugen', value: null },
...getFreeProfilesForTenant(tenantId).map((profile) => ({
label: profile.full_name || `${profile.first_name} ${profile.last_name}`,
value: profile.id,
}))
]"
value-key="value"
label-key="label"
placeholder="Profil auswählen"
@update:model-value="(value) => setProfileAssignmentForTenant(tenantId, value)"
/>
</UFormField>
</div>
</UCard>
</div>
<UAlert
v-else
title="Keine Tenant-Zuordnung"
description="Weise dem Benutzer zuerst mindestens einen Tenant zu."
color="amber"
variant="soft"
/>
</div>
<div>
<USeparator label="Profile im System" class="mb-4" />
<div class="flex flex-wrap gap-2">
<UBadge
v-for="profile in userForm.profiles"
:key="profile.id"
variant="subtle"
color="gray"
>
{{ profile.full_name || `${profile.first_name} ${profile.last_name}` }} · Tenant {{ profile.tenant_id }}
</UBadge>
</div>
</div>
</div>
<UAlert
v-else-if="!loading"
title="Kein Benutzer ausgewählt"
description="Wähle links einen Benutzer aus, um seine Zuordnungen zu bearbeiten."
color="gray"
variant="soft"
/>
<div v-else class="admin-scroll">
<USkeleton class="h-80" />
</div>
</UCard>
</div>
<div v-else-if="item.label === 'Tenants'" class="admin-grid mt-5 grid grid-cols-1 xl:grid-cols-3 gap-5">
<UCard class="admin-card xl:col-span-1">
<div class="flex items-center justify-between mb-4">
<h2 class="text-lg font-semibold">Tenants</h2>
<div class="flex items-center gap-2">
<UBadge variant="subtle">{{ tenants.length }}</UBadge>
<UButton
size="sm"
icon="i-heroicons-plus"
@click="createTenantModalOpen = true"
>
Tenant
</UButton>
</div>
</div>
<div class="admin-scroll">
<UTable
v-if="!loading"
:data="tenantTableRows"
:columns="normalizedTenantTableColumns"
:on-select="selectTenant"
/>
<USkeleton v-else class="h-80" />
</div>
</UCard>
<UCard class="admin-card xl:col-span-2">
<div v-if="tenantForm" class="admin-scroll space-y-6">
<div class="flex items-start justify-between gap-4">
<div>
<h2 class="text-lg font-semibold">{{ tenantForm.name }}</h2>
<p class="text-sm text-gray-500">Tenant-ID {{ tenantForm.id }}</p>
</div>
<UButton
color="primary"
:loading="savingTenant"
@click="saveTenant"
>
Tenant speichern
</UButton>
</div>
<UForm :state="tenantForm" class="grid grid-cols-1 md:grid-cols-2 gap-6">
<UFormField label="Name">
<UInput v-model="tenantForm.name" />
</UFormField>
<UFormField label="Kürzel">
<UInput v-model="tenantForm.short" />
</UFormField>
</UForm>
<div>
<USeparator label="Zugeordnete Benutzer" class="mb-4" />
<div class="flex flex-wrap gap-2">
<UBadge
v-for="user in getUsersForTenant(tenantForm.id)"
:key="`${tenantForm.id}-${user.id}`"
:color="user.is_admin ? 'primary' : 'gray'"
variant="subtle"
>
{{ user.display_name }}
</UBadge>
</div>
</div>
</div>
<UAlert
v-else-if="!loading"
title="Kein Tenant ausgewählt"
description="Wähle links einen Tenant aus, um ihn zu bearbeiten."
color="gray"
variant="soft"
/>
<div v-else class="admin-scroll">
<USkeleton class="h-80" />
</div>
</UCard>
</div>
</template>
</UTabs>
</UDashboardPanelContent> </UDashboardPanelContent>
<UModal v-model:open="createUserModalOpen">
<template #content>
<UCard>
<template #header>
<div class="text-lg font-semibold">Benutzer anlegen</div>
</template>
<UForm
:state="createUserForm"
class="space-y-4"
@submit.prevent="createUser"
>
<UFormField label="E-Mail">
<UInput v-model="createUserForm.email" type="email" />
</UFormField>
<UFormField label="Initialpasswort">
<UInput
v-model="createUserForm.password"
type="text"
placeholder="Leer lassen für automatisches Passwort"
/>
</UFormField>
<UFormField label="Vorname für neues Profil">
<UInput v-model="createUserForm.first_name" />
</UFormField>
<UFormField label="Nachname für neues Profil">
<UInput v-model="createUserForm.last_name" />
</UFormField>
<UFormField label="Administrative Freigabe">
<div class="flex items-center gap-3 h-10">
<USwitch v-model="createUserForm.is_admin" />
<span class="text-sm text-gray-600">Benutzer darf die Administration öffnen</span>
</div>
</UFormField>
<UFormField label="Multi-Tenant">
<div class="flex items-center gap-3 h-10">
<USwitch v-model="createUserForm.multiTenant" />
<span class="text-sm text-gray-600">Mehrere Tenant-Zuordnungen erlauben</span>
</div>
</UFormField>
<div class="flex justify-end gap-3 pt-2">
<UButton color="gray" variant="soft" @click="createUserModalOpen = false">
Abbrechen
</UButton>
<UButton type="submit" color="primary" :loading="creatingUser">
Benutzer anlegen
</UButton>
</div>
</UForm>
</UCard>
</template>
</UModal>
<UModal v-model:open="createTenantModalOpen">
<template #content>
<UCard>
<template #header>
<div class="text-lg font-semibold">Tenant anlegen</div>
</template>
<UForm
:state="createTenantForm"
class="space-y-4"
@submit.prevent="createTenant"
>
<UFormField label="Name">
<UInput v-model="createTenantForm.name" />
</UFormField>
<UFormField label="Kürzel">
<UInput v-model="createTenantForm.short" />
</UFormField>
<UAlert
title="Seed-Daten"
description="Beim Anlegen werden Standard-Datei-Tags und Systemordner für Dokumente und Eingangsbelege erzeugt."
color="primary"
variant="soft"
/>
<div class="flex justify-end gap-3 pt-2">
<UButton color="gray" variant="soft" @click="createTenantModalOpen = false">
Abbrechen
</UButton>
<UButton type="submit" color="primary" :loading="creatingTenant">
Tenant anlegen
</UButton>
</div>
</UForm>
</UCard>
</template>
</UModal>
<div class="mx-5 mb-5">
<UAlert
v-if="createdUserPassword"
title="Initialpasswort für neuen Benutzer"
:description="createdUserPassword"
color="amber"
variant="soft"
close-button
@close="createdUserPassword = ''"
/>
</div>
</template> </template>
<style scoped>
.admin-tabs :deep(.tabs-content) {
height: 100%;
min-height: 0;
}
.admin-tabs :deep(.tab-pane) {
height: 100%;
min-height: 0;
}
.admin-grid {
height: calc(100vh - 13rem);
min-height: 0;
}
.admin-card {
height: 100%;
min-height: 0;
}
.admin-card :deep(.divide-y) {
height: 100%;
}
.admin-card :deep(.px-4.py-5.sm\:p-6) {
height: 100%;
min-height: 0;
display: flex;
flex-direction: column;
}
.admin-scroll {
min-height: 0;
flex: 1;
overflow-y: auto;
}
</style>

2
frontend/pages/settings/tenant.vue
View File

@@ -35,6 +35,7 @@ const defaultFeatures = {
serialInvoice: true, serialInvoice: true,
incomingInvoices: true, incomingInvoices: true,
costcentres: true, costcentres: true,
branches: true,
accounts: true, accounts: true,
ownaccounts: true, ownaccounts: true,
banking: true, banking: true,
@@ -80,6 +81,7 @@ const featureOptions = [
{ key: "serialInvoice", label: "Buchhaltung: Serienvorlagen" }, { key: "serialInvoice", label: "Buchhaltung: Serienvorlagen" },
{ key: "incomingInvoices", label: "Buchhaltung: Eingangsbelege" }, { key: "incomingInvoices", label: "Buchhaltung: Eingangsbelege" },
{ key: "costcentres", label: "Buchhaltung: Kostenstellen" }, { key: "costcentres", label: "Buchhaltung: Kostenstellen" },
{ key: "branches", label: "Stammdaten: Niederlassungen" },
{ key: "accounts", label: "Buchhaltung: Buchungskonten" }, { key: "accounts", label: "Buchhaltung: Buchungskonten" },
{ key: "ownaccounts", label: "Buchhaltung: Zusätzliche Buchungskonten" }, { key: "ownaccounts", label: "Buchhaltung: Zusätzliche Buchungskonten" },
{ key: "banking", label: "Buchhaltung: Bank" }, { key: "banking", label: "Buchhaltung: Bank" },

81
frontend/pages/staff/profiles/[id].vue
View File

@@ -6,15 +6,26 @@ const { $api } = useNuxtApp()
const id = route.params.id as string const id = route.params.id as string
const profile = ref<any>(null) const profile = ref<any>(null)
const branches = ref<any[]>([])
const pending = ref(true) const pending = ref(true)
const saving = ref(false) const saving = ref(false)
async function fetchBranches() {
try {
branches.value = await useEntities("branches").select()
} catch (err) {
console.error('[fetchBranches]', err)
branches.value = []
}
}
/** Profil laden **/ /** Profil laden **/
async function fetchProfile() { async function fetchProfile() {
pending.value = true pending.value = true
try { try {
profile.value = await $api(`/api/profiles/${id}`) profile.value = await $api(`/api/profiles/${id}`)
ensureWorkingHoursStructure() ensureWorkingHoursStructure()
ensureBranchStructure()
} catch (err: any) { } catch (err: any) {
console.error('[fetchProfile]', err) console.error('[fetchProfile]', err)
toast.add({ toast.add({
@@ -27,6 +38,45 @@ async function fetchProfile() {
} }
} }
function ensureBranchStructure() {
if (!profile.value) return
profile.value.branch_id = profile.value.branch_id ?? profile.value.branch?.id ?? null
if (!Array.isArray(profile.value.branch_ids)) {
if (Array.isArray(profile.value.branches)) {
profile.value.branch_ids = profile.value.branches
.map((entry: any) => entry?.id ?? entry)
.filter((entry: any) => entry != null)
} else {
profile.value.branch_ids = []
}
}
if (profile.value.branch_id && !profile.value.branch_ids.includes(profile.value.branch_id)) {
profile.value.branch_ids = [...profile.value.branch_ids, profile.value.branch_id]
}
}
const updatePrimaryBranch = (value: number | null) => {
if (!profile.value) return
profile.value.branch_id = value
if (value && !profile.value.branch_ids.includes(value)) {
profile.value.branch_ids = [...profile.value.branch_ids, value]
}
}
const updateBranchMemberships = (values: number[]) => {
if (!profile.value) return
profile.value.branch_ids = values || []
if (profile.value.branch_id && !profile.value.branch_ids.includes(profile.value.branch_id)) {
profile.value.branch_id = null
}
}
/** Profil speichern **/ /** Profil speichern **/
async function saveProfile() { async function saveProfile() {
if (saving.value) return if (saving.value) return
@@ -129,7 +179,9 @@ const checkZip = async () => {
} }
} }
onMounted(fetchProfile) onMounted(async () => {
await Promise.all([fetchBranches(), fetchProfile()])
})
</script> </script>
@@ -255,6 +307,33 @@ onMounted(fetchProfile)
</UCard> </UCard>
<UCard v-if="!pending && profile" class="mt-3">
<USeparator label="Niederlassungen" />
<UForm :state="profile" @submit.prevent="saveProfile" class="grid grid-cols-1 md:grid-cols-2 gap-6 mt-4">
<UFormField label="Primäre Niederlassung">
<USelectMenu
:model-value="profile.branch_id"
:items="branches"
label-key="name"
value-key="id"
@update:model-value="updatePrimaryBranch"
/>
</UFormField>
<UFormField label="Weitere Niederlassungen">
<USelectMenu
:model-value="profile.branch_ids"
:items="branches"
label-key="name"
value-key="id"
multiple
@update:model-value="updateBranchMemberships"
/>
</UFormField>
</UForm>
</UCard>
<UCard v-if="!pending && profile" class="mt-3"> <UCard v-if="!pending && profile" class="mt-3">
<USeparator label="Adresse & Standort" /> <USeparator label="Adresse & Standort" />

6
frontend/pages/staff/profiles/index.vue
View File

@@ -12,7 +12,8 @@
id: profile?.id || null, id: profile?.id || null,
employee_number: profile?.employee_number || '', employee_number: profile?.employee_number || '',
full_name: profile?.full_name || user?.full_name || user?.email || 'Ohne Profil', full_name: profile?.full_name || user?.full_name || user?.email || 'Ohne Profil',
email: user?.email || profile?.email || '' email: user?.email || profile?.email || '',
branch_name: profile?.branch?.name || ''
} }
} }
@@ -48,6 +49,9 @@
},{ },{
key: "email", key: "email",
label: "E-Mail", label: "E-Mail",
},{
key: "branch_name",
label: "Niederlassung",
} }
] ]
const selectedColumns = ref(templateColumns) const selectedColumns = ref(templateColumns)

57
frontend/stores/data.js
View File

@@ -21,6 +21,7 @@ import recurring from "~/components/columnRenderings/recurring.vue"
import description from "~/components/columnRenderings/description.vue" import description from "~/components/columnRenderings/description.vue"
import purchasePrice from "~/components/columnRenderings/purchasePrice.vue"; import purchasePrice from "~/components/columnRenderings/purchasePrice.vue";
import project from "~/components/columnRenderings/project.vue"; import project from "~/components/columnRenderings/project.vue";
import branch from "~/components/columnRenderings/branch.vue";
import created_at from "~/components/columnRenderings/created_at.vue"; import created_at from "~/components/columnRenderings/created_at.vue";
import profile from "~/components/columnRenderings/profile.vue"; import profile from "~/components/columnRenderings/profile.vue";
import profiles from "~/components/columnRenderings/profiles.vue"; import profiles from "~/components/columnRenderings/profiles.vue";
@@ -2970,6 +2971,51 @@ export const useDataStore = defineStore('data', () => {
redirect: true, redirect: true,
historyItemHolder: "profile" historyItemHolder: "profile"
}, },
branches: {
isArchivable: true,
label: "Niederlassungen",
labelSingle: "Niederlassung",
isStandardEntity: true,
redirect: true,
numberRangeHolder: "number",
historyItemHolder: "branch",
sortColumn: "name",
selectWithInformation: "*",
filters: [{
name: "Archivierte ausblenden",
default: true,
"filterFunction": function (row) {
if(!row.archived) {
return true
} else {
return false
}
}
}],
templateColumns: [
{
key: "number",
label: "Nummer",
inputType: "text",
inputIsNumberRange: true,
sortable: true
},
{
key: "name",
label: "Name",
required: true,
title: true,
inputType: "text",
sortable: true
},
{
key: "description",
label: "Beschreibung",
inputType: "textarea"
}
],
showTabs: [{label: 'Informationen'},{label: 'Wiki'}]
},
workingtimes: { workingtimes: {
isArchivable: true, isArchivable: true,
label: "Anwesenheiten", label: "Anwesenheiten",
@@ -3178,7 +3224,7 @@ export const useDataStore = defineStore('data', () => {
numberRangeHolder: "number", numberRangeHolder: "number",
historyItemHolder: "costcentre", historyItemHolder: "costcentre",
sortColumn: "number", sortColumn: "number",
selectWithInformation: "*, project(*), vehicle(*), inventoryitem(*)", selectWithInformation: "*, project(*), vehicle(*), inventoryitem(*), branch(*)",
filters: [{ filters: [{
name: "Archivierte ausblenden", name: "Archivierte ausblenden",
default: true, default: true,
@@ -3236,6 +3282,15 @@ export const useDataStore = defineStore('data', () => {
selectOptionAttribute: "name", selectOptionAttribute: "name",
selectSearchAttributes: ['name'], selectSearchAttributes: ['name'],
}, },
{
key: "branch",
label: "Niederlassung",
component: branch,
inputType: "select",
selectDataType: "branches",
selectOptionAttribute: "name",
selectSearchAttributes: ['name', 'number'],
},
/*{ /*{
key: "profiles", key: "profiles",
label: "Berechtigte Benutzer", label: "Berechtigte Benutzer",