From fe305f6fc81b0516de2704770f7bc83a703e9839 Mon Sep 17 00:00:00 2001 From: Flexomatic81 Date: Fri, 6 Feb 2026 19:37:55 +0100 Subject: [PATCH] feat: complete tOS project with HR, LEAN, Dashboard and Integrations modules Full enterprise web operating system including: - Next.js 14 frontend with App Router, i18n (DE/EN), shadcn/ui - NestJS 10 backend with Prisma, JWT auth, Swagger docs - Keycloak 24 SSO with role-based access control - HR module (employees, time tracking, absences, org chart) - LEAN module (3S planning, morning meeting SQCDM, skill matrix) - Integrations module (PlentyONE, Zulip, Todoist, FreeScout, Nextcloud, ecoDMS, GembaDocs) - Dashboard with customizable drag & drop widget grid - Docker Compose infrastructure (PostgreSQL 16, Redis 7, Keycloak 24) Co-Authored-By: Claude Opus 4.6 --- .../agent-memory/backend-specialist/MEMORY.md | 99 + .../backend-specialist/testing.md | 65 + .../devops-infrastructure-expert/MEMORY.md | 52 + .../frontend-specialist/MEMORY.md | 325 + .../frontend-specialist/component-patterns.md | 204 + .../frontend-specialist/shared-package.md | 69 + .../integration-specialist/MEMORY.md | 169 + .../senior-code-reviewer/MEMORY.md | 123 + .../phase7-backend-review.md | 71 + .claude/agents/backend-specialist.md | 113 + .../agents/devops-infrastructure-expert.md | 99 + .claude/agents/frontend-specialist.md | 132 + .claude/agents/integration-specialist.md | 108 + .claude/agents/lean-specialist.md | 123 + .claude/agents/senior-code-reviewer.md | 133 + .env.example | 98 + .gitignore | 61 + .prettierrc | 10 + README.md | 456 +- apps/api/.env.example | 80 + apps/api/.eslintrc.js | 26 + apps/api/.gitignore | 43 + apps/api/.prettierrc | 7 + apps/api/nest-cli.json | 8 + apps/api/package.json | 101 + apps/api/prisma/schema.prisma | 656 + apps/api/prisma/seed.ts | 215 + apps/api/queue.backup/index.ts | 1 + apps/api/queue.backup/queue.module.ts | 91 + apps/api/src/app.module.ts | 94 + apps/api/src/auth/auth.controller.ts | 55 + apps/api/src/auth/auth.module.ts | 29 + apps/api/src/auth/auth.service.ts | 83 + .../auth/decorators/current-user.decorator.ts | 31 + apps/api/src/auth/decorators/index.ts | 3 + .../src/auth/decorators/public.decorator.ts | 16 + .../src/auth/decorators/roles.decorator.ts | 17 + apps/api/src/auth/dto/index.ts | 1 + apps/api/src/auth/dto/validate-token.dto.ts | 12 + apps/api/src/auth/guards/index.ts | 3 + apps/api/src/auth/guards/jwt-auth.guard.ts | 26 + apps/api/src/auth/guards/roles.guard.ts | 38 + apps/api/src/auth/index.ts | 6 + .../auth/interfaces/jwt-payload.interface.ts | 26 + apps/api/src/auth/permissions/index.ts | 3 + .../auth/permissions/permissions.decorator.ts | 31 + .../src/auth/permissions/permissions.enum.ts | 175 + .../src/auth/permissions/permissions.guard.ts | 91 + apps/api/src/auth/strategies/jwt.strategy.ts | 44 + apps/api/src/common/common.module.ts | 10 + .../api-paginated-response.decorator.ts | 50 + apps/api/src/common/decorators/index.ts | 1 + .../common/filters/http-exception.filter.ts | 76 + apps/api/src/common/filters/index.ts | 1 + apps/api/src/common/index.ts | 6 + apps/api/src/common/interceptors/index.ts | 3 + .../interceptors/logging.interceptor.ts | 44 + .../interceptors/timeout.interceptor.ts | 26 + .../interceptors/transform.interceptor.ts | 27 + apps/api/src/common/pipes/index.ts | 1 + apps/api/src/common/pipes/parse-cuid.pipe.ts | 19 + .../services/encryption.service.spec.ts | 206 + .../src/common/services/encryption.service.ts | 171 + apps/api/src/common/services/index.ts | 1 + apps/api/src/config/config.validation.ts | 81 + apps/api/src/config/index.ts | 1 + apps/api/src/health/health.controller.spec.ts | 144 + apps/api/src/health/health.controller.ts | 109 + apps/api/src/health/health.module.ts | 12 + apps/api/src/health/index.ts | 4 + .../src/health/modules-health.indicator.ts | 141 + .../api/src/health/prisma-health.indicator.ts | 30 + apps/api/src/main.ts | 100 + .../src/modules/audit/audit.interceptor.ts | 146 + apps/api/src/modules/audit/audit.module.ts | 10 + apps/api/src/modules/audit/audit.service.ts | 215 + apps/api/src/modules/audit/index.ts | 3 + .../modules/dashboard/dashboard.controller.ts | 174 + .../src/modules/dashboard/dashboard.module.ts | 12 + .../modules/dashboard/dashboard.service.ts | 376 + .../dashboard/dto/dashboard-layout.dto.ts | 69 + apps/api/src/modules/dashboard/dto/index.ts | 1 + apps/api/src/modules/dashboard/index.ts | 4 + .../departments/departments.controller.ts | 145 + .../modules/departments/departments.module.ts | 10 + .../departments/departments.service.ts | 462 + .../departments/dto/create-department.dto.ts | 60 + apps/api/src/modules/departments/dto/index.ts | 3 + .../departments/dto/query-departments.dto.ts | 98 + .../departments/dto/update-department.dto.ts | 4 + apps/api/src/modules/departments/index.ts | 4 + .../hr/absences/absences.controller.ts | 232 + .../modules/hr/absences/absences.module.ts | 10 + .../modules/hr/absences/absences.service.ts | 1406 ++ .../hr/absences/dto/approve-absence.dto.ts | 26 + .../hr/absences/dto/create-absence.dto.ts | 63 + apps/api/src/modules/hr/absences/dto/index.ts | 4 + .../hr/absences/dto/query-absences.dto.ts | 229 + .../hr/absences/dto/update-absence.dto.ts | 58 + apps/api/src/modules/hr/absences/index.ts | 4 + .../hr/employees/dto/create-employee.dto.ts | 161 + .../api/src/modules/hr/employees/dto/index.ts | 3 + .../hr/employees/dto/query-employees.dto.ts | 109 + .../hr/employees/dto/update-employee.dto.ts | 119 + .../hr/employees/employees.controller.ts | 193 + .../modules/hr/employees/employees.module.ts | 26 + .../modules/hr/employees/employees.service.ts | 606 + apps/api/src/modules/hr/employees/index.ts | 4 + apps/api/src/modules/hr/hr.module.ts | 29 + apps/api/src/modules/hr/index.ts | 1 + .../hr/time-tracking/dto/clock-in.dto.ts | 14 + .../hr/time-tracking/dto/clock-out.dto.ts | 14 + .../dto/create-time-entry.dto.ts | 81 + .../src/modules/hr/time-tracking/dto/index.ts | 5 + .../dto/query-time-entries.dto.ts | 111 + .../dto/update-time-entry.dto.ts | 73 + .../api/src/modules/hr/time-tracking/index.ts | 4 + .../time-tracking/time-tracking.controller.ts | 242 + .../hr/time-tracking/time-tracking.module.ts | 29 + .../hr/time-tracking/time-tracking.service.ts | 674 + apps/api/src/modules/index.ts | 8 + .../integrations/connectors/base-connector.ts | 468 + .../connectors/ecodms/ecodms.connector.ts | 908 ++ .../connectors/ecodms/ecodms.controller.ts | 313 + .../connectors/ecodms/ecodms.module.ts | 35 + .../connectors/ecodms/ecodms.service.ts | 285 + .../connectors/ecodms/ecodms.types.ts | 401 + .../integrations/connectors/ecodms/index.ts | 4 + .../freescout/freescout.connector.ts | 623 + .../freescout/freescout.controller.ts | 321 + .../connectors/freescout/freescout.module.ts | 22 + .../connectors/freescout/freescout.service.ts | 211 + .../connectors/freescout/freescout.types.ts | 420 + .../connectors/freescout/index.ts | 4 + .../connectors/gembadocs/dto/gembadocs.dto.ts | 50 + .../gembadocs/gembadocs.connector.ts | 810 + .../gembadocs/gembadocs.controller.ts | 288 + .../connectors/gembadocs/gembadocs.module.ts | 65 + .../connectors/gembadocs/gembadocs.service.ts | 418 + .../connectors/gembadocs/gembadocs.types.ts | 706 + .../connectors/gembadocs/index.ts | 4 + .../modules/integrations/connectors/index.ts | 4 + .../connectors/nextcloud/index.ts | 4 + .../nextcloud/nextcloud.connector.ts | 929 ++ .../nextcloud/nextcloud.controller.ts | 398 + .../connectors/nextcloud/nextcloud.module.ts | 29 + .../connectors/nextcloud/nextcloud.service.ts | 297 + .../connectors/nextcloud/nextcloud.types.ts | 400 + .../connectors/plentyone/dto/index.ts | 1 + .../connectors/plentyone/dto/plentyone.dto.ts | 330 + .../connectors/plentyone/index.ts | 5 + .../plentyone/plentyone.connector.ts | 530 + .../plentyone/plentyone.controller.ts | 135 + .../connectors/plentyone/plentyone.module.ts | 11 + .../connectors/plentyone/plentyone.service.ts | 235 + .../connectors/plentyone/plentyone.types.ts | 393 + .../connectors/todoist/dto/index.ts | 1 + .../connectors/todoist/dto/todoist.dto.ts | 363 + .../integrations/connectors/todoist/index.ts | 5 + .../connectors/todoist/todoist.connector.ts | 405 + .../connectors/todoist/todoist.controller.ts | 261 + .../connectors/todoist/todoist.module.ts | 11 + .../connectors/todoist/todoist.service.ts | 319 + .../connectors/todoist/todoist.types.ts | 307 + .../connectors/zulip/dto/index.ts | 1 + .../connectors/zulip/dto/zulip.dto.ts | 292 + .../integrations/connectors/zulip/index.ts | 5 + .../connectors/zulip/zulip.connector.ts | 495 + .../connectors/zulip/zulip.controller.ts | 197 + .../connectors/zulip/zulip.module.ts | 11 + .../connectors/zulip/zulip.service.ts | 316 + .../connectors/zulip/zulip.types.ts | 275 + .../credentials/credentials.controller.ts | 158 + .../credentials/credentials.module.ts | 10 + .../credentials/credentials.service.ts | 546 + .../credentials/dto/create-credential.dto.ts | 58 + .../integrations/credentials/dto/index.ts | 3 + .../credentials/dto/query-credentials.dto.ts | 75 + .../credentials/dto/update-credential.dto.ts | 56 + .../modules/integrations/credentials/index.ts | 4 + .../api/src/modules/integrations/dto/index.ts | 1 + .../integrations/dto/integrations.dto.ts | 125 + .../src/modules/integrations/errors/index.ts | 1 + .../integrations/errors/integration.errors.ts | 170 + apps/api/src/modules/integrations/index.ts | 19 + .../integrations/integrations.controller.ts | 154 + .../integrations/integrations.module.ts | 92 + .../integrations/integrations.service.ts | 287 + .../src/modules/integrations/jobs/index.ts | 3 + .../jobs/integration-sync.processor.ts | 345 + .../jobs/integration-sync.queue.ts | 216 + .../modules/integrations/jobs/jobs.module.ts | 17 + .../src/modules/integrations/status/index.ts | 3 + .../integrations/status/status.controller.ts | 191 + .../integrations/status/status.module.ts | 12 + .../integrations/status/status.service.ts | 385 + .../src/modules/integrations/sync/index.ts | 3 + .../integrations/sync/sync.controller.ts | 155 + .../modules/integrations/sync/sync.module.ts | 12 + .../modules/integrations/sync/sync.service.ts | 425 + apps/api/src/modules/lean/index.ts | 4 + apps/api/src/modules/lean/lean.module.ts | 23 + .../morning-meeting/dto/create-action.dto.ts | 62 + .../morning-meeting/dto/create-meeting.dto.ts | 63 + .../morning-meeting/dto/create-topic.dto.ts | 87 + .../modules/lean/morning-meeting/dto/index.ts | 12 + .../morning-meeting/dto/query-meetings.dto.ts | 112 + .../morning-meeting/dto/update-action.dto.ts | 69 + .../morning-meeting/dto/update-meeting.dto.ts | 75 + .../morning-meeting/dto/update-topic.dto.ts | 87 + .../src/modules/lean/morning-meeting/index.ts | 4 + .../morning-meeting.controller.ts | 281 + .../morning-meeting/morning-meeting.module.ts | 23 + .../morning-meeting.service.ts | 690 + .../lean/s3-planning/dto/create-plan.dto.ts | 106 + .../src/modules/lean/s3-planning/dto/index.ts | 3 + .../lean/s3-planning/dto/query-plans.dto.ts | 136 + .../lean/s3-planning/dto/update-status.dto.ts | 97 + .../api/src/modules/lean/s3-planning/index.ts | 4 + .../s3-planning/s3-planning.controller.ts | 276 + .../lean/s3-planning/s3-planning.module.ts | 27 + .../lean/s3-planning/s3-planning.service.ts | 703 + .../skill-matrix/dto/bulk-skill-entry.dto.ts | 75 + .../dto/create-skill-entry.dto.ts | 58 + .../lean/skill-matrix/dto/create-skill.dto.ts | 74 + .../modules/lean/skill-matrix/dto/index.ts | 6 + .../lean/skill-matrix/dto/query-skills.dto.ts | 86 + .../dto/update-skill-entry.dto.ts | 45 + .../lean/skill-matrix/dto/update-skill.dto.ts | 7 + .../src/modules/lean/skill-matrix/index.ts | 6 + .../skill-matrix/skill-entries.controller.ts | 243 + .../skill-matrix/skill-entries.service.ts | 674 + .../lean/skill-matrix/skill-matrix.module.ts | 22 + .../lean/skill-matrix/skills.controller.ts | 148 + .../lean/skill-matrix/skills.service.ts | 329 + .../src/modules/user-preferences/dto/index.ts | 1 + .../dto/update-preferences.dto.ts | 148 + .../api/src/modules/user-preferences/index.ts | 4 + .../user-preferences.controller.ts | 58 + .../user-preferences.module.ts | 10 + .../user-preferences.service.ts | 121 + apps/api/src/prisma/index.ts | 2 + apps/api/src/prisma/prisma.module.ts | 9 + apps/api/src/prisma/prisma.service.ts | 62 + apps/api/src/users/dto/assign-roles.dto.ts | 14 + apps/api/src/users/dto/create-user.dto.ts | 85 + apps/api/src/users/dto/index.ts | 6 + apps/api/src/users/dto/query-users.dto.ts | 91 + apps/api/src/users/dto/update-profile.dto.ts | 46 + apps/api/src/users/dto/update-user.dto.ts | 4 + apps/api/src/users/dto/user-response.dto.ts | 80 + apps/api/src/users/index.ts | 4 + apps/api/src/users/users.controller.ts | 233 + apps/api/src/users/users.module.ts | 10 + apps/api/src/users/users.service.ts | 425 + apps/api/test/app.e2e-spec.ts | 49 + apps/api/test/jest-e2e.json | 12 + apps/api/tsconfig.build.json | 4 + apps/api/tsconfig.json | 33 + apps/web/.env.example | 14 + apps/web/.eslintrc.json | 14 + apps/web/.gitignore | 48 + apps/web/components.json | 20 + apps/web/messages/de.json | 1052 ++ apps/web/messages/en.json | 1052 ++ apps/web/next.config.mjs | 30 + apps/web/package.json | 74 + apps/web/postcss.config.js | 6 + apps/web/public/favicon.ico | 1 + .../(auth)/admin/admin-dashboard-content.tsx | 272 + .../admin/departments/departments-content.tsx | 221 + .../(auth)/admin/departments/page.tsx | 23 + .../admin-integrations-content.tsx | 324 + .../(auth)/admin/integrations/page.tsx | 20 + .../src/app/[locale]/(auth)/admin/layout.tsx | 101 + .../src/app/[locale]/(auth)/admin/page.tsx | 19 + .../app/[locale]/(auth)/admin/users/page.tsx | 23 + .../(auth)/admin/users/users-content.tsx | 284 + .../(auth)/dashboard/dashboard-content.tsx | 270 + .../app/[locale]/(auth)/dashboard/page.tsx | 24 + .../(auth)/hr/absences/absences-content.tsx | 176 + .../calendar/absence-calendar-content.tsx | 90 + .../(auth)/hr/absences/calendar/page.tsx | 24 + .../app/[locale]/(auth)/hr/absences/page.tsx | 24 + .../requests/absence-requests-content.tsx | 93 + .../(auth)/hr/absences/requests/page.tsx | 24 + .../[id]/employee-detail-content.tsx | 495 + .../(auth)/hr/employees/[id]/page.tsx | 26 + .../(auth)/hr/employees/employees-content.tsx | 52 + .../hr/employees/new/new-employee-content.tsx | 44 + .../[locale]/(auth)/hr/employees/new/page.tsx | 26 + .../app/[locale]/(auth)/hr/employees/page.tsx | 26 + .../(auth)/hr/hr-overview-content.tsx | 257 + .../(auth)/hr/org-chart/org-chart-content.tsx | 49 + .../app/[locale]/(auth)/hr/org-chart/page.tsx | 26 + apps/web/src/app/[locale]/(auth)/hr/page.tsx | 26 + .../employee-time-account-content.tsx | 137 + .../hr/time-tracking/[employeeId]/page.tsx | 26 + .../[locale]/(auth)/hr/time-tracking/page.tsx | 24 + .../time-tracking/time-tracking-content.tsx | 93 + .../integrations/[type]/ecodms-content.tsx | 283 + .../integrations/[type]/freescout-content.tsx | 208 + .../integrations/[type]/gembadocs-content.tsx | 305 + .../[type]/integration-detail-content.tsx | 248 + .../integrations/[type]/nextcloud-content.tsx | 200 + .../(auth)/integrations/[type]/page.tsx | 41 + .../integrations/[type]/plentyone-content.tsx | 171 + .../integrations/[type]/todoist-content.tsx | 244 + .../integrations/[type]/zulip-content.tsx | 197 + .../integrations/integrations-content.tsx | 156 + .../[locale]/(auth)/integrations/layout.tsx | 13 + .../app/[locale]/(auth)/integrations/page.tsx | 21 + apps/web/src/app/[locale]/(auth)/layout.tsx | 49 + .../department-meeting-content.tsx | 220 + .../morning-meeting/[departmentId]/page.tsx | 25 + .../morning-meeting-overview-content.tsx | 505 + .../(auth)/lean/morning-meeting/page.tsx | 15 + .../web/src/app/[locale]/(auth)/lean/page.tsx | 138 + .../lean/s3-planning/[departmentId]/page.tsx | 27 + .../[locale]/(auth)/lean/s3-planning/page.tsx | 25 + .../department-skill-matrix-content.tsx | 399 + .../lean/skill-matrix/[departmentId]/page.tsx | 28 + .../(auth)/lean/skill-matrix/page.tsx | 24 + .../skill-matrix-overview-content.tsx | 322 + .../notifications-settings-content.tsx | 271 + .../(auth)/settings/notifications/page.tsx | 23 + .../src/app/[locale]/(auth)/settings/page.tsx | 24 + .../(auth)/settings/preferences/page.tsx | 23 + .../preferences/preferences-content.tsx | 207 + .../[locale]/(auth)/settings/profile/page.tsx | 23 + .../profile/profile-settings-content.tsx | 205 + .../(auth)/settings/security/page.tsx | 23 + .../security/security-settings-content.tsx | 183 + .../(auth)/settings/settings-content.tsx | 109 + apps/web/src/app/[locale]/error.tsx | 55 + apps/web/src/app/[locale]/layout.tsx | 65 + apps/web/src/app/[locale]/loading.tsx | 13 + apps/web/src/app/[locale]/login/page.tsx | 111 + apps/web/src/app/[locale]/not-found.tsx | 36 + apps/web/src/app/[locale]/page.tsx | 12 + .../src/app/api/auth/[...nextauth]/route.ts | 10 + apps/web/src/components/charts/bar-chart.tsx | 145 + .../src/components/charts/chart-container.tsx | 137 + apps/web/src/components/charts/index.ts | 5 + apps/web/src/components/charts/line-chart.tsx | 127 + apps/web/src/components/charts/pie-chart.tsx | 197 + .../dashboard/add-widget-dialog.tsx | 183 + apps/web/src/components/dashboard/index.ts | 19 + .../components/dashboard/widget-container.tsx | 164 + .../src/components/dashboard/widget-grid.tsx | 207 + .../components/dashboard/widget-registry.ts | 279 + .../dashboard/widgets/activity-widget.tsx | 213 + .../dashboard/widgets/calendar-widget.tsx | 194 + .../dashboard/widgets/clock-widget.tsx | 105 + .../src/components/dashboard/widgets/index.ts | 18 + .../widgets/integrations/chat-widget.tsx | 211 + .../widgets/integrations/documents-widget.tsx | 211 + .../widgets/integrations/files-widget.tsx | 181 + .../widgets/integrations/gembadocs-widget.tsx | 256 + .../dashboard/widgets/integrations/index.ts | 8 + .../widgets/integrations/orders-widget.tsx | 166 + .../widgets/integrations/tasks-widget.tsx | 199 + .../widgets/integrations/tickets-widget.tsx | 200 + .../widgets/quick-actions-widget.tsx | 130 + .../dashboard/widgets/stats-widget.tsx | 195 + .../dashboard/widgets/welcome-widget.tsx | 125 + .../hr/absences/absence-approval-list.tsx | 332 + .../hr/absences/absence-calendar.tsx | 301 + .../components/hr/absences/absence-card.tsx | 220 + .../hr/absences/absence-request-form.tsx | 320 + apps/web/src/components/hr/absences/index.ts | 9 + .../hr/absences/vacation-balance.tsx | 212 + .../components/hr/employees/employee-card.tsx | 131 + .../components/hr/employees/employee-form.tsx | 519 + .../components/hr/employees/employee-list.tsx | 343 + apps/web/src/components/hr/employees/index.ts | 7 + .../src/components/hr/employees/org-chart.tsx | 340 + apps/web/src/components/hr/index.ts | 12 + .../src/components/hr/time-tracking/index.ts | 8 + .../hr/time-tracking/time-clock.tsx | 328 + .../hr/time-tracking/time-entry-form.tsx | 210 + .../hr/time-tracking/time-entry-list.tsx | 230 + .../hr/time-tracking/time-summary.tsx | 215 + .../integrations/connection-test-button.tsx | 99 + apps/web/src/components/integrations/index.ts | 5 + .../integrations/integration-card.tsx | 141 + .../integrations/integration-status-badge.tsx | 70 + .../components/integrations/sync-status.tsx | 72 + apps/web/src/components/layout/header.tsx | 139 + apps/web/src/components/layout/index.ts | 4 + .../src/components/layout/mobile-sidebar.tsx | 168 + .../src/components/layout/page-transition.tsx | 15 + apps/web/src/components/layout/sidebar.tsx | 451 + .../lean/morning-meeting/action-item.tsx | 336 + .../lean/morning-meeting/action-list.tsx | 326 + .../components/lean/morning-meeting/index.ts | 7 + .../lean/morning-meeting/kpi-card.tsx | 235 + .../lean/morning-meeting/meeting-board.tsx | 337 + .../lean/morning-meeting/meeting-timer.tsx | 278 + .../lean/morning-meeting/sqcdm-column.tsx | 136 + apps/web/src/components/lean/s3/index.ts | 11 + .../components/lean/s3/s3-category-card.tsx | 169 + .../components/lean/s3/s3-department-view.tsx | 440 + .../components/lean/s3/s3-plan-overview.tsx | 363 + .../components/lean/s3/s3-progress-chart.tsx | 189 + .../src/components/lean/s3/s3-status-cell.tsx | 144 + .../components/lean/s3/s3-status-modal.tsx | 222 + .../src/components/lean/skill-matrix/index.ts | 18 + .../lean/skill-matrix/skill-cell.tsx | 234 + .../lean/skill-matrix/skill-gap-chart.tsx | 291 + .../lean/skill-matrix/skill-level-badge.tsx | 161 + .../lean/skill-matrix/skill-matrix-grid.tsx | 337 + apps/web/src/components/providers/index.tsx | 28 + .../components/providers/query-provider.tsx | 32 + .../components/providers/session-provider.tsx | 16 + .../components/providers/theme-provider.tsx | 22 + apps/web/src/components/ui/avatar.tsx | 47 + apps/web/src/components/ui/badge.test.tsx | 58 + apps/web/src/components/ui/badge.tsx | 35 + apps/web/src/components/ui/button.tsx | 50 + apps/web/src/components/ui/calendar.tsx | 70 + apps/web/src/components/ui/card.tsx | 56 + apps/web/src/components/ui/checkbox.tsx | 28 + apps/web/src/components/ui/collapsible.tsx | 11 + apps/web/src/components/ui/data-table.tsx | 309 + apps/web/src/components/ui/dialog.tsx | 104 + apps/web/src/components/ui/dropdown-menu.tsx | 188 + apps/web/src/components/ui/index.ts | 84 + apps/web/src/components/ui/input.tsx | 24 + apps/web/src/components/ui/label.tsx | 21 + apps/web/src/components/ui/popover.tsx | 31 + apps/web/src/components/ui/progress.tsx | 28 + apps/web/src/components/ui/scroll-area.tsx | 46 + apps/web/src/components/ui/select.tsx | 153 + apps/web/src/components/ui/separator.tsx | 26 + apps/web/src/components/ui/sheet.tsx | 121 + apps/web/src/components/ui/skeleton.tsx | 7 + apps/web/src/components/ui/switch.tsx | 29 + apps/web/src/components/ui/table.tsx | 95 + apps/web/src/components/ui/tabs.tsx | 55 + apps/web/src/components/ui/textarea.tsx | 26 + apps/web/src/components/ui/toast.tsx | 125 + apps/web/src/components/ui/toaster.tsx | 36 + apps/web/src/components/ui/tooltip.tsx | 30 + apps/web/src/hooks/hr/index.ts | 6 + apps/web/src/hooks/hr/use-absences.ts | 222 + apps/web/src/hooks/hr/use-employees.ts | 314 + apps/web/src/hooks/hr/use-time-tracking.ts | 187 + apps/web/src/hooks/index.ts | 10 + apps/web/src/hooks/integrations/index.ts | 64 + .../src/hooks/integrations/use-documents.ts | 99 + apps/web/src/hooks/integrations/use-files.ts | 99 + .../src/hooks/integrations/use-gembadocs.ts | 166 + .../integrations/use-integration-status.ts | 141 + .../src/hooks/integrations/use-messages.ts | 137 + apps/web/src/hooks/integrations/use-orders.ts | 86 + apps/web/src/hooks/integrations/use-tasks.ts | 132 + .../web/src/hooks/integrations/use-tickets.ts | 126 + apps/web/src/hooks/lean/index.ts | 15 + apps/web/src/hooks/lean/use-meeting-timer.ts | 171 + apps/web/src/hooks/lean/use-meetings.ts | 410 + apps/web/src/hooks/lean/use-s3-plans.ts | 334 + apps/web/src/hooks/lean/use-s3-status.ts | 129 + apps/web/src/hooks/lean/use-skill-matrix.ts | 372 + apps/web/src/hooks/lean/use-skills.ts | 243 + apps/web/src/hooks/use-media-query.ts | 51 + apps/web/src/hooks/use-mounted.ts | 19 + apps/web/src/hooks/use-toast.test.ts | 78 + apps/web/src/hooks/use-toast.ts | 188 + apps/web/src/i18n.ts | 27 + apps/web/src/lib/api.ts | 120 + apps/web/src/lib/auth.ts | 136 + apps/web/src/lib/index.ts | 5 + apps/web/src/lib/motion.ts | 211 + apps/web/src/lib/utils.test.ts | 105 + apps/web/src/lib/utils.ts | 138 + apps/web/src/middleware.ts | 61 + apps/web/src/stores/dashboard-store.ts | 103 + apps/web/src/stores/index.ts | 3 + apps/web/src/stores/sidebar-store.ts | 47 + apps/web/src/styles/globals.css | 193 + apps/web/src/test/setup.ts | 1 + apps/web/src/types/hr.ts | 298 + apps/web/src/types/index.ts | 107 + apps/web/src/types/integrations.ts | 265 + apps/web/src/types/lean.ts | 282 + apps/web/src/types/next-auth.d.ts | 32 + apps/web/tailwind.config.ts | 112 + apps/web/tsconfig.json | 33 + apps/web/vitest.config.ts | 19 + docker/.env.example | 16 + docker/docker-compose.yml | 119 + docker/keycloak/realm-export.json | 208 + package.json | 45 + packages/shared/package.json | 36 + packages/shared/src/index.ts | 6 + packages/shared/src/types/auth.ts | 111 + packages/shared/src/types/department.ts | 55 + packages/shared/src/types/employee.ts | 133 + packages/shared/src/types/index.ts | 8 + packages/shared/src/types/skill-matrix.ts | 286 + packages/shared/src/types/user.ts | 57 + packages/shared/src/utils/constants.ts | 82 + packages/shared/src/utils/index.ts | 115 + packages/shared/tsconfig.json | 22 + packages/shared/tsup.config.ts | 11 + pnpm-lock.yaml | 12553 ++++++++++++++++ pnpm-workspace.yaml | 4 + turbo.json | 65 + 509 files changed, 81111 insertions(+), 1 deletion(-) create mode 100644 .claude/agent-memory/backend-specialist/MEMORY.md create mode 100644 .claude/agent-memory/backend-specialist/testing.md create mode 100644 .claude/agent-memory/devops-infrastructure-expert/MEMORY.md create mode 100644 .claude/agent-memory/frontend-specialist/MEMORY.md create mode 100644 .claude/agent-memory/frontend-specialist/component-patterns.md create mode 100644 .claude/agent-memory/frontend-specialist/shared-package.md create mode 100644 .claude/agent-memory/integration-specialist/MEMORY.md create mode 100644 .claude/agent-memory/senior-code-reviewer/MEMORY.md create mode 100644 .claude/agent-memory/senior-code-reviewer/phase7-backend-review.md create mode 100644 .claude/agents/backend-specialist.md create mode 100644 .claude/agents/devops-infrastructure-expert.md create mode 100644 .claude/agents/frontend-specialist.md create mode 100644 .claude/agents/integration-specialist.md create mode 100644 .claude/agents/lean-specialist.md create mode 100644 .claude/agents/senior-code-reviewer.md create mode 100644 .env.example create mode 100644 .gitignore create mode 100644 .prettierrc create mode 100644 apps/api/.env.example create mode 100644 apps/api/.eslintrc.js create mode 100644 apps/api/.gitignore create mode 100644 apps/api/.prettierrc create mode 100644 apps/api/nest-cli.json create mode 100644 apps/api/package.json create mode 100644 apps/api/prisma/schema.prisma create mode 100644 apps/api/prisma/seed.ts create mode 100644 apps/api/queue.backup/index.ts create mode 100644 apps/api/queue.backup/queue.module.ts create mode 100644 apps/api/src/app.module.ts create mode 100644 apps/api/src/auth/auth.controller.ts create mode 100644 apps/api/src/auth/auth.module.ts create mode 100644 apps/api/src/auth/auth.service.ts create mode 100644 apps/api/src/auth/decorators/current-user.decorator.ts create mode 100644 apps/api/src/auth/decorators/index.ts create mode 100644 apps/api/src/auth/decorators/public.decorator.ts create mode 100644 apps/api/src/auth/decorators/roles.decorator.ts create mode 100644 apps/api/src/auth/dto/index.ts create mode 100644 apps/api/src/auth/dto/validate-token.dto.ts create mode 100644 apps/api/src/auth/guards/index.ts create mode 100644 apps/api/src/auth/guards/jwt-auth.guard.ts create mode 100644 apps/api/src/auth/guards/roles.guard.ts create mode 100644 apps/api/src/auth/index.ts create mode 100644 apps/api/src/auth/interfaces/jwt-payload.interface.ts create mode 100644 apps/api/src/auth/permissions/index.ts create mode 100644 apps/api/src/auth/permissions/permissions.decorator.ts create mode 100644 apps/api/src/auth/permissions/permissions.enum.ts create mode 100644 apps/api/src/auth/permissions/permissions.guard.ts create mode 100644 apps/api/src/auth/strategies/jwt.strategy.ts create mode 100644 apps/api/src/common/common.module.ts create mode 100644 apps/api/src/common/decorators/api-paginated-response.decorator.ts create mode 100644 apps/api/src/common/decorators/index.ts create mode 100644 apps/api/src/common/filters/http-exception.filter.ts create mode 100644 apps/api/src/common/filters/index.ts create mode 100644 apps/api/src/common/index.ts create mode 100644 apps/api/src/common/interceptors/index.ts create mode 100644 apps/api/src/common/interceptors/logging.interceptor.ts create mode 100644 apps/api/src/common/interceptors/timeout.interceptor.ts create mode 100644 apps/api/src/common/interceptors/transform.interceptor.ts create mode 100644 apps/api/src/common/pipes/index.ts create mode 100644 apps/api/src/common/pipes/parse-cuid.pipe.ts create mode 100644 apps/api/src/common/services/encryption.service.spec.ts create mode 100644 apps/api/src/common/services/encryption.service.ts create mode 100644 apps/api/src/common/services/index.ts create mode 100644 apps/api/src/config/config.validation.ts create mode 100644 apps/api/src/config/index.ts create mode 100644 apps/api/src/health/health.controller.spec.ts create mode 100644 apps/api/src/health/health.controller.ts create mode 100644 apps/api/src/health/health.module.ts create mode 100644 apps/api/src/health/index.ts create mode 100644 apps/api/src/health/modules-health.indicator.ts create mode 100644 apps/api/src/health/prisma-health.indicator.ts create mode 100644 apps/api/src/main.ts create mode 100644 apps/api/src/modules/audit/audit.interceptor.ts create mode 100644 apps/api/src/modules/audit/audit.module.ts create mode 100644 apps/api/src/modules/audit/audit.service.ts create mode 100644 apps/api/src/modules/audit/index.ts create mode 100644 apps/api/src/modules/dashboard/dashboard.controller.ts create mode 100644 apps/api/src/modules/dashboard/dashboard.module.ts create mode 100644 apps/api/src/modules/dashboard/dashboard.service.ts create mode 100644 apps/api/src/modules/dashboard/dto/dashboard-layout.dto.ts create mode 100644 apps/api/src/modules/dashboard/dto/index.ts create mode 100644 apps/api/src/modules/dashboard/index.ts create mode 100644 apps/api/src/modules/departments/departments.controller.ts create mode 100644 apps/api/src/modules/departments/departments.module.ts create mode 100644 apps/api/src/modules/departments/departments.service.ts create mode 100644 apps/api/src/modules/departments/dto/create-department.dto.ts create mode 100644 apps/api/src/modules/departments/dto/index.ts create mode 100644 apps/api/src/modules/departments/dto/query-departments.dto.ts create mode 100644 apps/api/src/modules/departments/dto/update-department.dto.ts create mode 100644 apps/api/src/modules/departments/index.ts create mode 100644 apps/api/src/modules/hr/absences/absences.controller.ts create mode 100644 apps/api/src/modules/hr/absences/absences.module.ts create mode 100644 apps/api/src/modules/hr/absences/absences.service.ts create mode 100644 apps/api/src/modules/hr/absences/dto/approve-absence.dto.ts create mode 100644 apps/api/src/modules/hr/absences/dto/create-absence.dto.ts create mode 100644 apps/api/src/modules/hr/absences/dto/index.ts create mode 100644 apps/api/src/modules/hr/absences/dto/query-absences.dto.ts create mode 100644 apps/api/src/modules/hr/absences/dto/update-absence.dto.ts create mode 100644 apps/api/src/modules/hr/absences/index.ts create mode 100644 apps/api/src/modules/hr/employees/dto/create-employee.dto.ts create mode 100644 apps/api/src/modules/hr/employees/dto/index.ts create mode 100644 apps/api/src/modules/hr/employees/dto/query-employees.dto.ts create mode 100644 apps/api/src/modules/hr/employees/dto/update-employee.dto.ts create mode 100644 apps/api/src/modules/hr/employees/employees.controller.ts create mode 100644 apps/api/src/modules/hr/employees/employees.module.ts create mode 100644 apps/api/src/modules/hr/employees/employees.service.ts create mode 100644 apps/api/src/modules/hr/employees/index.ts create mode 100644 apps/api/src/modules/hr/hr.module.ts create mode 100644 apps/api/src/modules/hr/index.ts create mode 100644 apps/api/src/modules/hr/time-tracking/dto/clock-in.dto.ts create mode 100644 apps/api/src/modules/hr/time-tracking/dto/clock-out.dto.ts create mode 100644 apps/api/src/modules/hr/time-tracking/dto/create-time-entry.dto.ts create mode 100644 apps/api/src/modules/hr/time-tracking/dto/index.ts create mode 100644 apps/api/src/modules/hr/time-tracking/dto/query-time-entries.dto.ts create mode 100644 apps/api/src/modules/hr/time-tracking/dto/update-time-entry.dto.ts create mode 100644 apps/api/src/modules/hr/time-tracking/index.ts create mode 100644 apps/api/src/modules/hr/time-tracking/time-tracking.controller.ts create mode 100644 apps/api/src/modules/hr/time-tracking/time-tracking.module.ts create mode 100644 apps/api/src/modules/hr/time-tracking/time-tracking.service.ts create mode 100644 apps/api/src/modules/index.ts create mode 100644 apps/api/src/modules/integrations/connectors/base-connector.ts create mode 100644 apps/api/src/modules/integrations/connectors/ecodms/ecodms.connector.ts create mode 100644 apps/api/src/modules/integrations/connectors/ecodms/ecodms.controller.ts create mode 100644 apps/api/src/modules/integrations/connectors/ecodms/ecodms.module.ts create mode 100644 apps/api/src/modules/integrations/connectors/ecodms/ecodms.service.ts create mode 100644 apps/api/src/modules/integrations/connectors/ecodms/ecodms.types.ts create mode 100644 apps/api/src/modules/integrations/connectors/ecodms/index.ts create mode 100644 apps/api/src/modules/integrations/connectors/freescout/freescout.connector.ts create mode 100644 apps/api/src/modules/integrations/connectors/freescout/freescout.controller.ts create mode 100644 apps/api/src/modules/integrations/connectors/freescout/freescout.module.ts create mode 100644 apps/api/src/modules/integrations/connectors/freescout/freescout.service.ts create mode 100644 apps/api/src/modules/integrations/connectors/freescout/freescout.types.ts create mode 100644 apps/api/src/modules/integrations/connectors/freescout/index.ts create mode 100644 apps/api/src/modules/integrations/connectors/gembadocs/dto/gembadocs.dto.ts create mode 100644 apps/api/src/modules/integrations/connectors/gembadocs/gembadocs.connector.ts create mode 100644 apps/api/src/modules/integrations/connectors/gembadocs/gembadocs.controller.ts create mode 100644 apps/api/src/modules/integrations/connectors/gembadocs/gembadocs.module.ts create mode 100644 apps/api/src/modules/integrations/connectors/gembadocs/gembadocs.service.ts create mode 100644 apps/api/src/modules/integrations/connectors/gembadocs/gembadocs.types.ts create mode 100644 apps/api/src/modules/integrations/connectors/gembadocs/index.ts create mode 100644 apps/api/src/modules/integrations/connectors/index.ts create mode 100644 apps/api/src/modules/integrations/connectors/nextcloud/index.ts create mode 100644 apps/api/src/modules/integrations/connectors/nextcloud/nextcloud.connector.ts create mode 100644 apps/api/src/modules/integrations/connectors/nextcloud/nextcloud.controller.ts create mode 100644 apps/api/src/modules/integrations/connectors/nextcloud/nextcloud.module.ts create mode 100644 apps/api/src/modules/integrations/connectors/nextcloud/nextcloud.service.ts create mode 100644 apps/api/src/modules/integrations/connectors/nextcloud/nextcloud.types.ts create mode 100644 apps/api/src/modules/integrations/connectors/plentyone/dto/index.ts create mode 100644 apps/api/src/modules/integrations/connectors/plentyone/dto/plentyone.dto.ts create mode 100644 apps/api/src/modules/integrations/connectors/plentyone/index.ts create mode 100644 apps/api/src/modules/integrations/connectors/plentyone/plentyone.connector.ts create mode 100644 apps/api/src/modules/integrations/connectors/plentyone/plentyone.controller.ts create mode 100644 apps/api/src/modules/integrations/connectors/plentyone/plentyone.module.ts create mode 100644 apps/api/src/modules/integrations/connectors/plentyone/plentyone.service.ts create mode 100644 apps/api/src/modules/integrations/connectors/plentyone/plentyone.types.ts create mode 100644 apps/api/src/modules/integrations/connectors/todoist/dto/index.ts create mode 100644 apps/api/src/modules/integrations/connectors/todoist/dto/todoist.dto.ts create mode 100644 apps/api/src/modules/integrations/connectors/todoist/index.ts create mode 100644 apps/api/src/modules/integrations/connectors/todoist/todoist.connector.ts create mode 100644 apps/api/src/modules/integrations/connectors/todoist/todoist.controller.ts create mode 100644 apps/api/src/modules/integrations/connectors/todoist/todoist.module.ts create mode 100644 apps/api/src/modules/integrations/connectors/todoist/todoist.service.ts create mode 100644 apps/api/src/modules/integrations/connectors/todoist/todoist.types.ts create mode 100644 apps/api/src/modules/integrations/connectors/zulip/dto/index.ts create mode 100644 apps/api/src/modules/integrations/connectors/zulip/dto/zulip.dto.ts create mode 100644 apps/api/src/modules/integrations/connectors/zulip/index.ts create mode 100644 apps/api/src/modules/integrations/connectors/zulip/zulip.connector.ts create mode 100644 apps/api/src/modules/integrations/connectors/zulip/zulip.controller.ts create mode 100644 apps/api/src/modules/integrations/connectors/zulip/zulip.module.ts create mode 100644 apps/api/src/modules/integrations/connectors/zulip/zulip.service.ts create mode 100644 apps/api/src/modules/integrations/connectors/zulip/zulip.types.ts create mode 100644 apps/api/src/modules/integrations/credentials/credentials.controller.ts create mode 100644 apps/api/src/modules/integrations/credentials/credentials.module.ts create mode 100644 apps/api/src/modules/integrations/credentials/credentials.service.ts create mode 100644 apps/api/src/modules/integrations/credentials/dto/create-credential.dto.ts create mode 100644 apps/api/src/modules/integrations/credentials/dto/index.ts create mode 100644 apps/api/src/modules/integrations/credentials/dto/query-credentials.dto.ts create mode 100644 apps/api/src/modules/integrations/credentials/dto/update-credential.dto.ts create mode 100644 apps/api/src/modules/integrations/credentials/index.ts create mode 100644 apps/api/src/modules/integrations/dto/index.ts create mode 100644 apps/api/src/modules/integrations/dto/integrations.dto.ts create mode 100644 apps/api/src/modules/integrations/errors/index.ts create mode 100644 apps/api/src/modules/integrations/errors/integration.errors.ts create mode 100644 apps/api/src/modules/integrations/index.ts create mode 100644 apps/api/src/modules/integrations/integrations.controller.ts create mode 100644 apps/api/src/modules/integrations/integrations.module.ts create mode 100644 apps/api/src/modules/integrations/integrations.service.ts create mode 100644 apps/api/src/modules/integrations/jobs/index.ts create mode 100644 apps/api/src/modules/integrations/jobs/integration-sync.processor.ts create mode 100644 apps/api/src/modules/integrations/jobs/integration-sync.queue.ts create mode 100644 apps/api/src/modules/integrations/jobs/jobs.module.ts create mode 100644 apps/api/src/modules/integrations/status/index.ts create mode 100644 apps/api/src/modules/integrations/status/status.controller.ts create mode 100644 apps/api/src/modules/integrations/status/status.module.ts create mode 100644 apps/api/src/modules/integrations/status/status.service.ts create mode 100644 apps/api/src/modules/integrations/sync/index.ts create mode 100644 apps/api/src/modules/integrations/sync/sync.controller.ts create mode 100644 apps/api/src/modules/integrations/sync/sync.module.ts create mode 100644 apps/api/src/modules/integrations/sync/sync.service.ts create mode 100644 apps/api/src/modules/lean/index.ts create mode 100644 apps/api/src/modules/lean/lean.module.ts create mode 100644 apps/api/src/modules/lean/morning-meeting/dto/create-action.dto.ts create mode 100644 apps/api/src/modules/lean/morning-meeting/dto/create-meeting.dto.ts create mode 100644 apps/api/src/modules/lean/morning-meeting/dto/create-topic.dto.ts create mode 100644 apps/api/src/modules/lean/morning-meeting/dto/index.ts create mode 100644 apps/api/src/modules/lean/morning-meeting/dto/query-meetings.dto.ts create mode 100644 apps/api/src/modules/lean/morning-meeting/dto/update-action.dto.ts create mode 100644 apps/api/src/modules/lean/morning-meeting/dto/update-meeting.dto.ts create mode 100644 apps/api/src/modules/lean/morning-meeting/dto/update-topic.dto.ts create mode 100644 apps/api/src/modules/lean/morning-meeting/index.ts create mode 100644 apps/api/src/modules/lean/morning-meeting/morning-meeting.controller.ts create mode 100644 apps/api/src/modules/lean/morning-meeting/morning-meeting.module.ts create mode 100644 apps/api/src/modules/lean/morning-meeting/morning-meeting.service.ts create mode 100644 apps/api/src/modules/lean/s3-planning/dto/create-plan.dto.ts create mode 100644 apps/api/src/modules/lean/s3-planning/dto/index.ts create mode 100644 apps/api/src/modules/lean/s3-planning/dto/query-plans.dto.ts create mode 100644 apps/api/src/modules/lean/s3-planning/dto/update-status.dto.ts create mode 100644 apps/api/src/modules/lean/s3-planning/index.ts create mode 100644 apps/api/src/modules/lean/s3-planning/s3-planning.controller.ts create mode 100644 apps/api/src/modules/lean/s3-planning/s3-planning.module.ts create mode 100644 apps/api/src/modules/lean/s3-planning/s3-planning.service.ts create mode 100644 apps/api/src/modules/lean/skill-matrix/dto/bulk-skill-entry.dto.ts create mode 100644 apps/api/src/modules/lean/skill-matrix/dto/create-skill-entry.dto.ts create mode 100644 apps/api/src/modules/lean/skill-matrix/dto/create-skill.dto.ts create mode 100644 apps/api/src/modules/lean/skill-matrix/dto/index.ts create mode 100644 apps/api/src/modules/lean/skill-matrix/dto/query-skills.dto.ts create mode 100644 apps/api/src/modules/lean/skill-matrix/dto/update-skill-entry.dto.ts create mode 100644 apps/api/src/modules/lean/skill-matrix/dto/update-skill.dto.ts create mode 100644 apps/api/src/modules/lean/skill-matrix/index.ts create mode 100644 apps/api/src/modules/lean/skill-matrix/skill-entries.controller.ts create mode 100644 apps/api/src/modules/lean/skill-matrix/skill-entries.service.ts create mode 100644 apps/api/src/modules/lean/skill-matrix/skill-matrix.module.ts create mode 100644 apps/api/src/modules/lean/skill-matrix/skills.controller.ts create mode 100644 apps/api/src/modules/lean/skill-matrix/skills.service.ts create mode 100644 apps/api/src/modules/user-preferences/dto/index.ts create mode 100644 apps/api/src/modules/user-preferences/dto/update-preferences.dto.ts create mode 100644 apps/api/src/modules/user-preferences/index.ts create mode 100644 apps/api/src/modules/user-preferences/user-preferences.controller.ts create mode 100644 apps/api/src/modules/user-preferences/user-preferences.module.ts create mode 100644 apps/api/src/modules/user-preferences/user-preferences.service.ts create mode 100644 apps/api/src/prisma/index.ts create mode 100644 apps/api/src/prisma/prisma.module.ts create mode 100644 apps/api/src/prisma/prisma.service.ts create mode 100644 apps/api/src/users/dto/assign-roles.dto.ts create mode 100644 apps/api/src/users/dto/create-user.dto.ts create mode 100644 apps/api/src/users/dto/index.ts create mode 100644 apps/api/src/users/dto/query-users.dto.ts create mode 100644 apps/api/src/users/dto/update-profile.dto.ts create mode 100644 apps/api/src/users/dto/update-user.dto.ts create mode 100644 apps/api/src/users/dto/user-response.dto.ts create mode 100644 apps/api/src/users/index.ts create mode 100644 apps/api/src/users/users.controller.ts create mode 100644 apps/api/src/users/users.module.ts create mode 100644 apps/api/src/users/users.service.ts create mode 100644 apps/api/test/app.e2e-spec.ts create mode 100644 apps/api/test/jest-e2e.json create mode 100644 apps/api/tsconfig.build.json create mode 100644 apps/api/tsconfig.json create mode 100644 apps/web/.env.example create mode 100644 apps/web/.eslintrc.json create mode 100644 apps/web/.gitignore create mode 100644 apps/web/components.json create mode 100644 apps/web/messages/de.json create mode 100644 apps/web/messages/en.json create mode 100644 apps/web/next.config.mjs create mode 100644 apps/web/package.json create mode 100644 apps/web/postcss.config.js create mode 100644 apps/web/public/favicon.ico create mode 100644 apps/web/src/app/[locale]/(auth)/admin/admin-dashboard-content.tsx create mode 100644 apps/web/src/app/[locale]/(auth)/admin/departments/departments-content.tsx create mode 100644 apps/web/src/app/[locale]/(auth)/admin/departments/page.tsx create mode 100644 apps/web/src/app/[locale]/(auth)/admin/integrations/admin-integrations-content.tsx create mode 100644 apps/web/src/app/[locale]/(auth)/admin/integrations/page.tsx create mode 100644 apps/web/src/app/[locale]/(auth)/admin/layout.tsx create mode 100644 apps/web/src/app/[locale]/(auth)/admin/page.tsx create mode 100644 apps/web/src/app/[locale]/(auth)/admin/users/page.tsx create mode 100644 apps/web/src/app/[locale]/(auth)/admin/users/users-content.tsx create mode 100644 apps/web/src/app/[locale]/(auth)/dashboard/dashboard-content.tsx create mode 100644 apps/web/src/app/[locale]/(auth)/dashboard/page.tsx create mode 100644 apps/web/src/app/[locale]/(auth)/hr/absences/absences-content.tsx create mode 100644 apps/web/src/app/[locale]/(auth)/hr/absences/calendar/absence-calendar-content.tsx create mode 100644 apps/web/src/app/[locale]/(auth)/hr/absences/calendar/page.tsx create mode 100644 apps/web/src/app/[locale]/(auth)/hr/absences/page.tsx create mode 100644 apps/web/src/app/[locale]/(auth)/hr/absences/requests/absence-requests-content.tsx create mode 100644 apps/web/src/app/[locale]/(auth)/hr/absences/requests/page.tsx create mode 100644 apps/web/src/app/[locale]/(auth)/hr/employees/[id]/employee-detail-content.tsx create mode 100644 apps/web/src/app/[locale]/(auth)/hr/employees/[id]/page.tsx create mode 100644 apps/web/src/app/[locale]/(auth)/hr/employees/employees-content.tsx create mode 100644 apps/web/src/app/[locale]/(auth)/hr/employees/new/new-employee-content.tsx create mode 100644 apps/web/src/app/[locale]/(auth)/hr/employees/new/page.tsx create mode 100644 apps/web/src/app/[locale]/(auth)/hr/employees/page.tsx create mode 100644 apps/web/src/app/[locale]/(auth)/hr/hr-overview-content.tsx create mode 100644 apps/web/src/app/[locale]/(auth)/hr/org-chart/org-chart-content.tsx create mode 100644 apps/web/src/app/[locale]/(auth)/hr/org-chart/page.tsx create mode 100644 apps/web/src/app/[locale]/(auth)/hr/page.tsx create mode 100644 apps/web/src/app/[locale]/(auth)/hr/time-tracking/[employeeId]/employee-time-account-content.tsx create mode 100644 apps/web/src/app/[locale]/(auth)/hr/time-tracking/[employeeId]/page.tsx create mode 100644 apps/web/src/app/[locale]/(auth)/hr/time-tracking/page.tsx create mode 100644 apps/web/src/app/[locale]/(auth)/hr/time-tracking/time-tracking-content.tsx create mode 100644 apps/web/src/app/[locale]/(auth)/integrations/[type]/ecodms-content.tsx create mode 100644 apps/web/src/app/[locale]/(auth)/integrations/[type]/freescout-content.tsx create mode 100644 apps/web/src/app/[locale]/(auth)/integrations/[type]/gembadocs-content.tsx create mode 100644 apps/web/src/app/[locale]/(auth)/integrations/[type]/integration-detail-content.tsx create mode 100644 apps/web/src/app/[locale]/(auth)/integrations/[type]/nextcloud-content.tsx create mode 100644 apps/web/src/app/[locale]/(auth)/integrations/[type]/page.tsx create mode 100644 apps/web/src/app/[locale]/(auth)/integrations/[type]/plentyone-content.tsx create mode 100644 apps/web/src/app/[locale]/(auth)/integrations/[type]/todoist-content.tsx create mode 100644 apps/web/src/app/[locale]/(auth)/integrations/[type]/zulip-content.tsx create mode 100644 apps/web/src/app/[locale]/(auth)/integrations/integrations-content.tsx create mode 100644 apps/web/src/app/[locale]/(auth)/integrations/layout.tsx create mode 100644 apps/web/src/app/[locale]/(auth)/integrations/page.tsx create mode 100644 apps/web/src/app/[locale]/(auth)/layout.tsx create mode 100644 apps/web/src/app/[locale]/(auth)/lean/morning-meeting/[departmentId]/department-meeting-content.tsx create mode 100644 apps/web/src/app/[locale]/(auth)/lean/morning-meeting/[departmentId]/page.tsx create mode 100644 apps/web/src/app/[locale]/(auth)/lean/morning-meeting/morning-meeting-overview-content.tsx create mode 100644 apps/web/src/app/[locale]/(auth)/lean/morning-meeting/page.tsx create mode 100644 apps/web/src/app/[locale]/(auth)/lean/page.tsx create mode 100644 apps/web/src/app/[locale]/(auth)/lean/s3-planning/[departmentId]/page.tsx create mode 100644 apps/web/src/app/[locale]/(auth)/lean/s3-planning/page.tsx create mode 100644 apps/web/src/app/[locale]/(auth)/lean/skill-matrix/[departmentId]/department-skill-matrix-content.tsx create mode 100644 apps/web/src/app/[locale]/(auth)/lean/skill-matrix/[departmentId]/page.tsx create mode 100644 apps/web/src/app/[locale]/(auth)/lean/skill-matrix/page.tsx create mode 100644 apps/web/src/app/[locale]/(auth)/lean/skill-matrix/skill-matrix-overview-content.tsx create mode 100644 apps/web/src/app/[locale]/(auth)/settings/notifications/notifications-settings-content.tsx create mode 100644 apps/web/src/app/[locale]/(auth)/settings/notifications/page.tsx create mode 100644 apps/web/src/app/[locale]/(auth)/settings/page.tsx create mode 100644 apps/web/src/app/[locale]/(auth)/settings/preferences/page.tsx create mode 100644 apps/web/src/app/[locale]/(auth)/settings/preferences/preferences-content.tsx create mode 100644 apps/web/src/app/[locale]/(auth)/settings/profile/page.tsx create mode 100644 apps/web/src/app/[locale]/(auth)/settings/profile/profile-settings-content.tsx create mode 100644 apps/web/src/app/[locale]/(auth)/settings/security/page.tsx create mode 100644 apps/web/src/app/[locale]/(auth)/settings/security/security-settings-content.tsx create mode 100644 apps/web/src/app/[locale]/(auth)/settings/settings-content.tsx create mode 100644 apps/web/src/app/[locale]/error.tsx create mode 100644 apps/web/src/app/[locale]/layout.tsx create mode 100644 apps/web/src/app/[locale]/loading.tsx create mode 100644 apps/web/src/app/[locale]/login/page.tsx create mode 100644 apps/web/src/app/[locale]/not-found.tsx create mode 100644 apps/web/src/app/[locale]/page.tsx create mode 100644 apps/web/src/app/api/auth/[...nextauth]/route.ts create mode 100644 apps/web/src/components/charts/bar-chart.tsx create mode 100644 apps/web/src/components/charts/chart-container.tsx create mode 100644 apps/web/src/components/charts/index.ts create mode 100644 apps/web/src/components/charts/line-chart.tsx create mode 100644 apps/web/src/components/charts/pie-chart.tsx create mode 100644 apps/web/src/components/dashboard/add-widget-dialog.tsx create mode 100644 apps/web/src/components/dashboard/index.ts create mode 100644 apps/web/src/components/dashboard/widget-container.tsx create mode 100644 apps/web/src/components/dashboard/widget-grid.tsx create mode 100644 apps/web/src/components/dashboard/widget-registry.ts create mode 100644 apps/web/src/components/dashboard/widgets/activity-widget.tsx create mode 100644 apps/web/src/components/dashboard/widgets/calendar-widget.tsx create mode 100644 apps/web/src/components/dashboard/widgets/clock-widget.tsx create mode 100644 apps/web/src/components/dashboard/widgets/index.ts create mode 100644 apps/web/src/components/dashboard/widgets/integrations/chat-widget.tsx create mode 100644 apps/web/src/components/dashboard/widgets/integrations/documents-widget.tsx create mode 100644 apps/web/src/components/dashboard/widgets/integrations/files-widget.tsx create mode 100644 apps/web/src/components/dashboard/widgets/integrations/gembadocs-widget.tsx create mode 100644 apps/web/src/components/dashboard/widgets/integrations/index.ts create mode 100644 apps/web/src/components/dashboard/widgets/integrations/orders-widget.tsx create mode 100644 apps/web/src/components/dashboard/widgets/integrations/tasks-widget.tsx create mode 100644 apps/web/src/components/dashboard/widgets/integrations/tickets-widget.tsx create mode 100644 apps/web/src/components/dashboard/widgets/quick-actions-widget.tsx create mode 100644 apps/web/src/components/dashboard/widgets/stats-widget.tsx create mode 100644 apps/web/src/components/dashboard/widgets/welcome-widget.tsx create mode 100644 apps/web/src/components/hr/absences/absence-approval-list.tsx create mode 100644 apps/web/src/components/hr/absences/absence-calendar.tsx create mode 100644 apps/web/src/components/hr/absences/absence-card.tsx create mode 100644 apps/web/src/components/hr/absences/absence-request-form.tsx create mode 100644 apps/web/src/components/hr/absences/index.ts create mode 100644 apps/web/src/components/hr/absences/vacation-balance.tsx create mode 100644 apps/web/src/components/hr/employees/employee-card.tsx create mode 100644 apps/web/src/components/hr/employees/employee-form.tsx create mode 100644 apps/web/src/components/hr/employees/employee-list.tsx create mode 100644 apps/web/src/components/hr/employees/index.ts create mode 100644 apps/web/src/components/hr/employees/org-chart.tsx create mode 100644 apps/web/src/components/hr/index.ts create mode 100644 apps/web/src/components/hr/time-tracking/index.ts create mode 100644 apps/web/src/components/hr/time-tracking/time-clock.tsx create mode 100644 apps/web/src/components/hr/time-tracking/time-entry-form.tsx create mode 100644 apps/web/src/components/hr/time-tracking/time-entry-list.tsx create mode 100644 apps/web/src/components/hr/time-tracking/time-summary.tsx create mode 100644 apps/web/src/components/integrations/connection-test-button.tsx create mode 100644 apps/web/src/components/integrations/index.ts create mode 100644 apps/web/src/components/integrations/integration-card.tsx create mode 100644 apps/web/src/components/integrations/integration-status-badge.tsx create mode 100644 apps/web/src/components/integrations/sync-status.tsx create mode 100644 apps/web/src/components/layout/header.tsx create mode 100644 apps/web/src/components/layout/index.ts create mode 100644 apps/web/src/components/layout/mobile-sidebar.tsx create mode 100644 apps/web/src/components/layout/page-transition.tsx create mode 100644 apps/web/src/components/layout/sidebar.tsx create mode 100644 apps/web/src/components/lean/morning-meeting/action-item.tsx create mode 100644 apps/web/src/components/lean/morning-meeting/action-list.tsx create mode 100644 apps/web/src/components/lean/morning-meeting/index.ts create mode 100644 apps/web/src/components/lean/morning-meeting/kpi-card.tsx create mode 100644 apps/web/src/components/lean/morning-meeting/meeting-board.tsx create mode 100644 apps/web/src/components/lean/morning-meeting/meeting-timer.tsx create mode 100644 apps/web/src/components/lean/morning-meeting/sqcdm-column.tsx create mode 100644 apps/web/src/components/lean/s3/index.ts create mode 100644 apps/web/src/components/lean/s3/s3-category-card.tsx create mode 100644 apps/web/src/components/lean/s3/s3-department-view.tsx create mode 100644 apps/web/src/components/lean/s3/s3-plan-overview.tsx create mode 100644 apps/web/src/components/lean/s3/s3-progress-chart.tsx create mode 100644 apps/web/src/components/lean/s3/s3-status-cell.tsx create mode 100644 apps/web/src/components/lean/s3/s3-status-modal.tsx create mode 100644 apps/web/src/components/lean/skill-matrix/index.ts create mode 100644 apps/web/src/components/lean/skill-matrix/skill-cell.tsx create mode 100644 apps/web/src/components/lean/skill-matrix/skill-gap-chart.tsx create mode 100644 apps/web/src/components/lean/skill-matrix/skill-level-badge.tsx create mode 100644 apps/web/src/components/lean/skill-matrix/skill-matrix-grid.tsx create mode 100644 apps/web/src/components/providers/index.tsx create mode 100644 apps/web/src/components/providers/query-provider.tsx create mode 100644 apps/web/src/components/providers/session-provider.tsx create mode 100644 apps/web/src/components/providers/theme-provider.tsx create mode 100644 apps/web/src/components/ui/avatar.tsx create mode 100644 apps/web/src/components/ui/badge.test.tsx create mode 100644 apps/web/src/components/ui/badge.tsx create mode 100644 apps/web/src/components/ui/button.tsx create mode 100644 apps/web/src/components/ui/calendar.tsx create mode 100644 apps/web/src/components/ui/card.tsx create mode 100644 apps/web/src/components/ui/checkbox.tsx create mode 100644 apps/web/src/components/ui/collapsible.tsx create mode 100644 apps/web/src/components/ui/data-table.tsx create mode 100644 apps/web/src/components/ui/dialog.tsx create mode 100644 apps/web/src/components/ui/dropdown-menu.tsx create mode 100644 apps/web/src/components/ui/index.ts create mode 100644 apps/web/src/components/ui/input.tsx create mode 100644 apps/web/src/components/ui/label.tsx create mode 100644 apps/web/src/components/ui/popover.tsx create mode 100644 apps/web/src/components/ui/progress.tsx create mode 100644 apps/web/src/components/ui/scroll-area.tsx create mode 100644 apps/web/src/components/ui/select.tsx create mode 100644 apps/web/src/components/ui/separator.tsx create mode 100644 apps/web/src/components/ui/sheet.tsx create mode 100644 apps/web/src/components/ui/skeleton.tsx create mode 100644 apps/web/src/components/ui/switch.tsx create mode 100644 apps/web/src/components/ui/table.tsx create mode 100644 apps/web/src/components/ui/tabs.tsx create mode 100644 apps/web/src/components/ui/textarea.tsx create mode 100644 apps/web/src/components/ui/toast.tsx create mode 100644 apps/web/src/components/ui/toaster.tsx create mode 100644 apps/web/src/components/ui/tooltip.tsx create mode 100644 apps/web/src/hooks/hr/index.ts create mode 100644 apps/web/src/hooks/hr/use-absences.ts create mode 100644 apps/web/src/hooks/hr/use-employees.ts create mode 100644 apps/web/src/hooks/hr/use-time-tracking.ts create mode 100644 apps/web/src/hooks/index.ts create mode 100644 apps/web/src/hooks/integrations/index.ts create mode 100644 apps/web/src/hooks/integrations/use-documents.ts create mode 100644 apps/web/src/hooks/integrations/use-files.ts create mode 100644 apps/web/src/hooks/integrations/use-gembadocs.ts create mode 100644 apps/web/src/hooks/integrations/use-integration-status.ts create mode 100644 apps/web/src/hooks/integrations/use-messages.ts create mode 100644 apps/web/src/hooks/integrations/use-orders.ts create mode 100644 apps/web/src/hooks/integrations/use-tasks.ts create mode 100644 apps/web/src/hooks/integrations/use-tickets.ts create mode 100644 apps/web/src/hooks/lean/index.ts create mode 100644 apps/web/src/hooks/lean/use-meeting-timer.ts create mode 100644 apps/web/src/hooks/lean/use-meetings.ts create mode 100644 apps/web/src/hooks/lean/use-s3-plans.ts create mode 100644 apps/web/src/hooks/lean/use-s3-status.ts create mode 100644 apps/web/src/hooks/lean/use-skill-matrix.ts create mode 100644 apps/web/src/hooks/lean/use-skills.ts create mode 100644 apps/web/src/hooks/use-media-query.ts create mode 100644 apps/web/src/hooks/use-mounted.ts create mode 100644 apps/web/src/hooks/use-toast.test.ts create mode 100644 apps/web/src/hooks/use-toast.ts create mode 100644 apps/web/src/i18n.ts create mode 100644 apps/web/src/lib/api.ts create mode 100644 apps/web/src/lib/auth.ts create mode 100644 apps/web/src/lib/index.ts create mode 100644 apps/web/src/lib/motion.ts create mode 100644 apps/web/src/lib/utils.test.ts create mode 100644 apps/web/src/lib/utils.ts create mode 100644 apps/web/src/middleware.ts create mode 100644 apps/web/src/stores/dashboard-store.ts create mode 100644 apps/web/src/stores/index.ts create mode 100644 apps/web/src/stores/sidebar-store.ts create mode 100644 apps/web/src/styles/globals.css create mode 100644 apps/web/src/test/setup.ts create mode 100644 apps/web/src/types/hr.ts create mode 100644 apps/web/src/types/index.ts create mode 100644 apps/web/src/types/integrations.ts create mode 100644 apps/web/src/types/lean.ts create mode 100644 apps/web/src/types/next-auth.d.ts create mode 100644 apps/web/tailwind.config.ts create mode 100644 apps/web/tsconfig.json create mode 100644 apps/web/vitest.config.ts create mode 100644 docker/.env.example create mode 100644 docker/docker-compose.yml create mode 100644 docker/keycloak/realm-export.json create mode 100644 package.json create mode 100644 packages/shared/package.json create mode 100644 packages/shared/src/index.ts create mode 100644 packages/shared/src/types/auth.ts create mode 100644 packages/shared/src/types/department.ts create mode 100644 packages/shared/src/types/employee.ts create mode 100644 packages/shared/src/types/index.ts create mode 100644 packages/shared/src/types/skill-matrix.ts create mode 100644 packages/shared/src/types/user.ts create mode 100644 packages/shared/src/utils/constants.ts create mode 100644 packages/shared/src/utils/index.ts create mode 100644 packages/shared/tsconfig.json create mode 100644 packages/shared/tsup.config.ts create mode 100644 pnpm-lock.yaml create mode 100644 pnpm-workspace.yaml create mode 100644 turbo.json diff --git a/.claude/agent-memory/backend-specialist/MEMORY.md b/.claude/agent-memory/backend-specialist/MEMORY.md new file mode 100644 index 0000000..cc22596 --- /dev/null +++ b/.claude/agent-memory/backend-specialist/MEMORY.md @@ -0,0 +1,99 @@ +# tOS Backend Architecture Memory + +## Project Structure +- **Location**: `/home/mehmed/Entwicklung/githubProjekte/tOS/apps/api/` +- **Framework**: NestJS 10.3.x with TypeScript strict mode +- **ORM**: Prisma 5.8.x with PostgreSQL +- **Auth**: JWT-based with Keycloak integration support + +## Key Conventions +- **Language**: English for all code/comments +- **Files**: kebab-case, **Variables**: camelCase +- **API Prefix**: `/api/v1/` +- **Global Guards**: JwtAuthGuard -> RolesGuard -> PermissionsGuard +- **IDs**: CUID, **Soft Delete**: `isActive` boolean + +## Security - Encryption (CRITICAL) +- `EncryptionService` in `src/common/services/` (AES-256-GCM) +- **Encrypted fields in Employee model:** + - `salary` - Stored as encrypted String (not Decimal!) + - `bankAccount` - Stored as encrypted JSON string +- Access via `findOne(id, includeSensitive=true)` for decryption +- Config: `ENCRYPTION_KEY` env variable (required in production) + +## Auth Pattern +- Routes protected by default via global JwtAuthGuard +- `@Public()` for open endpoints +- `@Roles('admin', 'hr-manager')` for role-based access +- `@RequirePermissions(Permission.USERS_CREATE)` for fine-grained +- `@CurrentUser()` to get JWT payload + +## Available Roles +admin, hr-manager, team-lead, employee + +## Module Exports +All modules export via `index.ts` barrel files: +- `/modules/index.ts` exports: audit, dashboard, departments, user-preferences, integrations, lean, hr +- `/modules/lean/index.ts` exports: s3-planning, skill-matrix, morning-meeting +- `/modules/hr/index.ts` exports: employees, absences, time-tracking + +## Health Endpoints +- Located at `src/health/` (NOT `src/modules/health/`) +- `GET /health` - Full check (database, memory, modules status) +- `GET /health/liveness` - Kubernetes liveness +- `GET /health/readiness` - Database connectivity +- `ModulesHealthIndicator` reports core/hr/lean/integrations status + +## Test Infrastructure +- **Web (apps/web)**: Vitest 2.x + @testing-library/react + jsdom + - Config: `apps/web/vitest.config.ts` + - Setup: `apps/web/src/test/setup.ts` (imports @testing-library/jest-dom/vitest) + - Scripts: `test` (vitest run), `test:watch` (vitest) +- **API (apps/api)**: Jest 29.x + ts-jest + @nestjs/testing + - Config: inline in `package.json` under `jest` key + - rootDir: `src`, testRegex: `.*\\.spec\\.ts$` + - Module alias: `@/` -> `/` + +## Phase 3: Integrations +Location: `src/modules/integrations/` +Sub-modules: credentials/, sync/, status/, jobs/ +Types: PLENTYONE, ZULIP, TODOIST, FREESCOUT, NEXTCLOUD, ECODMS, GEMBADOCS + +## Phase 4: LEAN +Location: `src/modules/lean/` +- `s3-planning/` - 3S/5S audit planning (permissions: S3_VIEW/CREATE/UPDATE/DELETE/MANAGE) +- `skill-matrix/` - Skills and employee skill entries +- `morning-meeting/` - SQCDM meetings, topics, actions (permissions: MEETING_VIEW/CREATE/UPDATE/DELETE) + +## Phase 5: HR +Location: `src/modules/hr/` +- `employees/` - CRUD, org chart, **encrypted salary + bankAccount** +- `absences/` - Approval workflow (PENDING->APPROVED/REJECTED/CANCELLED) +- `time-tracking/` - Clock in/out, German ArbZG break compliance + +### Absences Workflow +- Auto-approved: SICK, SICK_CHILD +- Vacation balance: 30 days/year, pro-rata by entry date + +### Time Tracking +- German labor law breaks: >6h=30min, >9h=45min +- Monthly summary with overtime calculation + +## Scripts (from root) +```bash +pnpm run dev:api # Development server +pnpm run db:migrate # Run migrations +pnpm run db:generate # Generate Prisma client +pnpm run db:seed # Seed default data +``` + +## Common Patterns +- Use `CommonModule` (@Global) for shared services like EncryptionService +- DTOs with class-validator for input validation +- Swagger decorators for API documentation +- `@AuditLog('Entity', 'ACTION')` for audit trail + +See detailed docs in `agent-memory/backend-specialist/` for: +- [integrations.md](./integrations.md) - Integration details +- [hr-module.md](./hr-module.md) - HR module specifics +- [testing.md](./testing.md) - Test infrastructure details diff --git a/.claude/agent-memory/backend-specialist/testing.md b/.claude/agent-memory/backend-specialist/testing.md new file mode 100644 index 0000000..098db49 --- /dev/null +++ b/.claude/agent-memory/backend-specialist/testing.md @@ -0,0 +1,65 @@ +# tOS Test Infrastructure + +## Frontend (apps/web) - Vitest + +### Configuration +- `vitest.config.ts` at project root of apps/web +- Uses `@vitejs/plugin-react` for JSX transform +- jsdom environment for DOM testing +- `globals: true` so `describe/it/expect` are global +- Path alias `@` -> `./src` matching tsconfig +- CSS disabled in tests (`css: false`) +- Setup file: `src/test/setup.ts` imports `@testing-library/jest-dom/vitest` + +### Dependencies (devDependencies) +- vitest ^2.1.8 +- @testing-library/react ^16.1.0 +- @testing-library/jest-dom ^6.6.3 +- @testing-library/user-event ^14.5.2 +- @vitejs/plugin-react ^4.3.4 +- jsdom ^25.0.1 + +### Test Files +- `src/lib/utils.test.ts` - Tests for cn(), getInitials(), capitalize(), truncate(), safeJsonParse(), generateId(), isServer(), isClient() +- `src/components/ui/badge.test.tsx` - Badge component rendering with all variants +- `src/hooks/use-toast.test.ts` - Tests reducer logic and toast() function + +### Run Commands +```bash +pnpm --filter web test # vitest run +pnpm --filter web test:watch # vitest (watch mode) +``` + +## Backend (apps/api) - Jest + +### Configuration +- Inline in `package.json` under `"jest"` key +- ts-jest transform for TypeScript +- Node test environment +- Module alias: `@/` -> `/` (rootDir = src) +- Test regex: `.*\.spec\.ts$` + +### Dependencies (already present) +- jest ^29.7.0 +- ts-jest ^29.1.1 +- @nestjs/testing ^10.3.0 +- @types/jest ^29.5.11 +- supertest ^6.3.3 + +### Test Files +- `src/health/health.controller.spec.ts` - Health controller (check, liveness, readiness) +- `src/common/services/encryption.service.spec.ts` - EncryptionService (encrypt/decrypt, objects, empty strings, generateKey, init) + +### Test Patterns for NestJS +- Use `Test.createTestingModule()` for DI setup +- Mock all dependencies with `{ provide: X, useValue: mockX }` +- Call `module.get(T)` to get the instance under test +- For services with `onModuleInit()`, call it manually in `beforeEach` +- Use `jest.clearAllMocks()` in `afterEach` + +### Run Commands +```bash +pnpm --filter api test # jest +pnpm --filter api test:watch # jest --watch +pnpm --filter api test:cov # jest --coverage +``` diff --git a/.claude/agent-memory/devops-infrastructure-expert/MEMORY.md b/.claude/agent-memory/devops-infrastructure-expert/MEMORY.md new file mode 100644 index 0000000..873f5d5 --- /dev/null +++ b/.claude/agent-memory/devops-infrastructure-expert/MEMORY.md @@ -0,0 +1,52 @@ +# tOS Infrastructure Memory + +## Docker Stack +- **Location**: `/home/mehmed/Entwicklung/githubProjekte/tOS/docker/` +- **Compose file**: `docker-compose.yml` (name: tos) +- **Services**: PostgreSQL 16, Redis 7, Keycloak 24.0 +- **Network**: `tos-network` (bridge) +- **Volumes**: `tos-postgres-data`, `tos-redis-data` + +## Ports (Default) +| Service | Port | +|------------|------| +| PostgreSQL | 5432 | +| Redis | 6379 | +| Keycloak | 8080 | +| API | 3001 | +| Frontend | 3000 | + +## Keycloak Configuration +- **Realm**: `tOS` +- **Clients**: `tos-frontend` (public), `tos-backend` (confidential) +- **Roles Hierarchy**: + - admin -> hr-manager, manager, department_head, team-lead, employee + - hr-manager -> employee + - manager -> department_head, employee + - department_head -> team-lead, employee + - team-lead -> employee +- **Test Users**: admin, manager, depthead, employee, hrmanager, teamlead +- **Default passwords**: `123` (temporary) + +## Environment Variables +- **Root `.env.example`**: Application config (NextAuth, Keycloak, API keys) +- **Docker `.env.example`**: Container config (ports, credentials) +- **Critical Production Secrets**: + - `ENCRYPTION_KEY` - 32 bytes for credential encryption + - `JWT_SECRET` - API token signing + - `NEXTAUTH_SECRET` - Session encryption + - `KEYCLOAK_BACKEND_CLIENT_SECRET` + +## Package Scripts +```bash +pnpm docker:up # Start infrastructure +pnpm docker:down # Stop infrastructure +pnpm docker:logs # View logs +pnpm docker:reset # Destroy volumes and restart +pnpm dev # Start dev servers +``` + +## Known Issues / Lessons Learned +- Keycloak 24+ (UBI9) has no curl; use bash TCP redirect for health checks +- Realm import: file must be at `/opt/keycloak/data/import/` with `--import-realm` flag +- Health check `start_period` should be 90s+ for Keycloak (Java startup) diff --git a/.claude/agent-memory/frontend-specialist/MEMORY.md b/.claude/agent-memory/frontend-specialist/MEMORY.md new file mode 100644 index 0000000..fc9e116 --- /dev/null +++ b/.claude/agent-memory/frontend-specialist/MEMORY.md @@ -0,0 +1,325 @@ +# tOS Frontend - Agent Memory + +## Project Overview +- **Type**: Enterprise Web Dashboard (Next.js 14+ App Router) +- **Location**: `/home/mehmed/Entwicklung/githubProjekte/tOS/apps/web/` +- **Language**: Code/comments in English, UI in German (default) via i18n + +## Tech Stack +- Next.js 14+ with App Router +- TypeScript (strict mode) +- Tailwind CSS + shadcn/ui (new-york style) +- next-themes for dark/light mode +- next-intl for i18n (de default, en supported) +- NextAuth with Keycloak provider +- Framer Motion for animations +- Zustand for client state (sidebar-store, dashboard-store) +- TanStack Query for server state +- TanStack Table for data tables +- Recharts for chart components +- dnd-kit for drag and drop +- date-fns for date formatting +- Lucide React for icons + +## File Structure +``` +apps/web/src/ + app/[locale]/ # Locale-based routing + (auth)/ # Protected routes with sidebar layout + dashboard/ # Widget-based dashboard + settings/ # profile/, preferences/, security/, notifications/ + admin/ # users/, departments/, integrations/ - role protected + lean/ # 3s-planning/, morning-meeting/, skill-matrix/ + hr/ # employees/, time-tracking/, absences/ + integrations/ # Overview + [type]/ dynamic routes + login/ # Public login page + components/ + ui/ # shadcn/ui + DataTable, Badge, Tabs, Switch, etc. + layout/ # Sidebar (collapsible sub-nav), Header + dashboard/ # Widget system (container, grid, registry) + widgets/ # clock, welcome, quick-actions, stats, calendar, activity + integrations/ # orders, chat, tasks, tickets, files, documents + integrations/ # Shared: status-badge, integration-card, connection-test-button + charts/ # bar-chart, line-chart, pie-chart, chart-container + providers/ # SessionProvider, ThemeProvider, QueryProvider + hooks/ # use-toast, use-media-query, use-mounted + integrations/ # use-orders, use-messages, use-tasks, etc. + lib/ # utils, api, auth, motion variants + stores/ # sidebar-store, dashboard-store + types/ # User, UserRole, Department, WidgetConfig, integrations.ts +``` + +## Key Patterns + +### 1. Server/Client Component Split +- `page.tsx` = Server Component (metadata only) +- `*-content.tsx` = Client Component (receives locale prop) + +### 2. Widget System (Phase 2) +- Registry pattern: `widget-registry.ts` defines all widget types +- Drag & drop: dnd-kit with SortableContext +- Persistence: Zustand store with localStorage +- Each widget: WidgetContainer wrapper + specific content + +### 3. Role-Based Navigation +- NavItem has optional `requiredRoles: UserRole[]` +- Sidebar filters items via `filterNavItems(items, userRoles)` +- Roles: admin, manager, department_head, employee + +### 4. DataTable Pattern +- Generic component: `DataTable` +- Use `DataTableColumnHeader` for sortable columns +- Features: search, pagination, column visibility, row selection + +### 5. Chart Components +- Wrap Recharts in `ChartContainer` for consistent styling +- Support loading states, empty states +- Theme-aware colors via CSS variables + +### 6. Integration Hooks (Phase 3) +- TanStack Query with 30s staleTime +- Mock data for development, TODO comments for API replacement +- Query key factories: `ordersKeys`, `messagesKeys`, etc. +- Optimistic updates for complete/toggle actions + +### 7. Integration Widgets +- Widget categories: `integrations` added to registry +- requiredRoles: ['manager', 'admin'] for sensitive widgets +- Each widget uses WidgetContainer + specific hook + +## Sidebar Behavior +- Expanded: 240px, Collapsed: 64px +- Collapsible sub-navigation with ChevronDown animation +- Tooltip shows sub-nav when collapsed + +## i18n Keys +- Flat structure with nested objects: `widgets.clock.name` +- Use ASCII for German (oe, ae, ue) to avoid encoding issues + +## Dependencies Added (Phase 2) +- @dnd-kit/core, @dnd-kit/sortable, @dnd-kit/utilities +- @tanstack/react-table +- @radix-ui/react-checkbox, collapsible, popover, select, tabs +- recharts, date-fns + +## Dependencies Added (Phase 3) +- @radix-ui/react-switch (for Switch component) + +## Integration Types (Phase 3+) +- `plenty-one`: PlentyONE (e-commerce) - OrdersWidget +- `zulip`: ZULIP (chat) - ChatWidget +- `todoist`: Todoist (tasks) - TasksWidget +- `freescout`: FreeScout (helpdesk) - TicketsWidget +- `nextcloud`: Nextcloud (files) - FilesWidget +- `ecodms`: ecoDMS (documents) - DocumentsWidget +- `gembadocs`: GembaDocs (audits/compliance) - GembaDocsWidget + +## LEAN Module Structure + +### File Organization +``` +apps/web/src/ + app/[locale]/(auth)/lean/ + page.tsx # LEAN overview + s3-planning/ + page.tsx # S3 plans overview + [departmentId]/page.tsx # Department detail view + morning-meeting/ + page.tsx # Meetings overview + calendar + morning-meeting-overview-content.tsx + [departmentId]/ + page.tsx # Department SQCDM board + department-meeting-content.tsx + skill-matrix/ + page.tsx # Overview with department cards + skill-matrix-overview-content.tsx + [departmentId]/ + page.tsx # Department matrix grid + gap analysis + department-skill-matrix-content.tsx + components/lean/ + s3/ # S3 Planning components + index.ts # Barrel export + s3-status-cell.tsx # Colored week cell + s3-status-modal.tsx # Status edit dialog + s3-category-card.tsx # Category with week grid + s3-progress-chart.tsx # Pie chart stats + s3-plan-overview.tsx # Plans list with filters + s3-department-view.tsx # Week calendar view + morning-meeting/ # Morning Meeting components + index.ts # Barrel export + meeting-board.tsx # Main board with all 5 SQCDM columns + sqcdm-column.tsx # Single S/Q/C/D/M column + kpi-card.tsx # KPI with traffic light + trend + meeting-timer.tsx # Timer with start/stop, countdown mode + action-list.tsx # Action items container with filters + action-item.tsx # Single action with status/assignee + hooks/lean/ + index.ts # Barrel export + use-s3-plans.ts # Plans CRUD + types + use-s3-status.ts # Status updates + use-meetings.ts # Meeting CRUD + topics/actions + use-meeting-timer.ts # Timer logic (elapsed/countdown) +``` + +### S3 Status Types & Colors +- `NOT_APPLICABLE` (gray): Not started +- `YELLOW`: In progress +- `GREEN`: Completed +- `RED`: Problem/Issue + +### S3 Type Categories +- `SEIRI`: Sort +- `SEITON`: Set in Order +- `SEISO`: Shine + +### API Endpoints (Backend) +- `GET /lean/s3/plans` - List with filters (year, month, departmentId) +- `GET /lean/s3/plans/:id` - Single plan with categories/statuses +- `PUT /lean/s3/status/:id` - Update status entry + +### Skill Matrix Module +``` +components/lean/skill-matrix/ + index.ts # Barrel export + skill-level-badge.tsx # Level badge with color coding (0-4) + skill-cell.tsx # Matrix cell with quick-edit popover + skill-matrix-grid.tsx # Full grid (employees x skills) + skill-gap-chart.tsx # Bar chart for gap analysis + +hooks/lean/ + use-skills.ts # Skills CRUD + categories + use-skill-matrix.ts # Matrix data + gap analysis +``` + +### Skill Level Colors +- `0` (gray): No knowledge +- `1` (red): Basics +- `2` (yellow): Independent +- `3` (green): Expert +- `4` (blue): Can train + +### Skill Matrix API Endpoints (Backend) +- `GET /lean/skills` - List with filters +- `GET /lean/skills/department/:id` - Skills for department +- `GET /lean/skill-matrix/:departmentId` - Full matrix +- `GET /lean/skill-matrix/gaps/:departmentId` - Gap analysis +- `POST /lean/skill-matrix/entries` - Create entry +- `PUT /lean/skill-matrix/entries/:id` - Update entry +- `POST /lean/skill-matrix/entries/bulk` - Bulk upsert + +## HR Module (Phase 5) + +### File Structure +``` +apps/web/src/ + app/[locale]/(auth)/hr/ + page.tsx # HR overview with stats + hr-overview-content.tsx # Client component + employees/ + page.tsx # Employee list + employees-content.tsx + [id]/ + page.tsx # Employee details + employee-detail-content.tsx + new/ + page.tsx # New employee form + new-employee-content.tsx + org-chart/ + page.tsx # Organization chart + org-chart-content.tsx + components/hr/employees/ + index.ts # Barrel export + employee-card.tsx # Quick overview card + employee-list.tsx # DataTable with filters + employee-form.tsx # Create/edit form + org-chart.tsx # Hierarchical tree view + hooks/hr/ + index.ts # Barrel export + use-employees.ts # CRUD + types + mock data +``` + +### Employee Types +- `EmploymentStatus`: active, inactive, on_leave, terminated +- `ContractType`: full_time, part_time, mini_job, intern, trainee, freelance +- Full Employee interface with address, emergency contact + +### Employee Status Colors +- `active` (green) +- `inactive` (gray) +- `on_leave` (yellow) +- `terminated` (red) + +### i18n Keys (hr namespace) +- `hr.title`, `hr.description` +- `hr.employees.*` - List/detail pages +- `hr.stats.*` - Dashboard statistics +- `hr.employeeStatus.*` - Status translations +- `hr.contractType.*` - Contract type translations +- `hr.form.*` - Form sections +- `hr.tabs.*` - Detail view tabs +- `hr.toast.*` - Toast notifications + +### Dependencies Added (Phase 5) +- react-day-picker (for Calendar component) +- react-hook-form + zod (already present) +- @radix-ui/react-progress (for Progress component) + +## HR Time Tracking Module (Phase 5) + +### File Structure +``` +apps/web/src/ + app/[locale]/(auth)/hr/ + time-tracking/ + page.tsx # Time tracking overview + time-tracking-content.tsx # Time clock + entries + [employeeId]/ + page.tsx # Employee time account + employee-time-account-content.tsx + absences/ + page.tsx # Absences overview + absences-content.tsx # Balance + requests + calendar/ + page.tsx # Team calendar view + absence-calendar-content.tsx + requests/ + page.tsx # Manager approval view + absence-requests-content.tsx + components/hr/ + time-tracking/ + index.ts # Barrel export + time-clock.tsx # Web clock (clock in/out, breaks) + time-entry-list.tsx # List of time entries + time-entry-form.tsx # Correction request dialog + time-summary.tsx # Monthly summary with progress + absences/ + index.ts # Barrel export + absence-calendar.tsx # Monthly calendar with absences + absence-request-form.tsx # Create absence request dialog + absence-card.tsx # Single absence with status + absence-approval-list.tsx # Pending requests for managers + vacation-balance.tsx # Vacation quota display + hooks/hr/ + use-time-tracking.ts # Clock in/out, entries, summary + use-absences.ts # Requests, balance, calendar + types/hr.ts # TimeEntry, Absence, VacationBalance types +``` + +### Time Tracking Types +- `TimeEntryStatus`: CLOCKED_IN, ON_BREAK, CLOCKED_OUT +- `TimeEntryType`: REGULAR, OVERTIME, CORRECTED +- `TIME_STATUS_INFO`: Color mapping for status badges + +### Absence Types +- `AbsenceType`: VACATION, SICK, HOME_OFFICE, SPECIAL_LEAVE, UNPAID_LEAVE, TRAINING +- `AbsenceRequestStatus`: PENDING, APPROVED, REJECTED, CANCELLED +- `ABSENCE_TYPE_INFO`: Color + icon mapping +- `ABSENCE_STATUS_INFO`: Status color mapping + +### i18n Keys (hr namespace) +- `hr.timeTracking.*` - Clock, entries, summary +- `hr.absences.*` - Balance, requests, calendar, approvals + +## Related Files +- [shared-package.md](./shared-package.md) - @tos/shared integration guide & differences +- [component-patterns.md](./component-patterns.md) - Code examples diff --git a/.claude/agent-memory/frontend-specialist/component-patterns.md b/.claude/agent-memory/frontend-specialist/component-patterns.md new file mode 100644 index 0000000..7155397 --- /dev/null +++ b/.claude/agent-memory/frontend-specialist/component-patterns.md @@ -0,0 +1,204 @@ +# Component Patterns - tOS Frontend + +## Layout Component Pattern +```tsx +// src/components/layout/sidebar.tsx +'use client'; + +import { usePathname } from 'next/navigation'; +import { motion } from 'framer-motion'; +import { useSidebarStore } from '@/stores/sidebar-store'; + +export function Sidebar({ locale }: { locale: string }) { + const { isExpanded, toggleSidebar } = useSidebarStore(); + const pathname = usePathname(); + + return ( + + {/* Content */} + + ); +} +``` + +## Page with Metadata Pattern +```tsx +// page.tsx (Server Component) +import { Metadata } from 'next'; +import { getTranslations } from 'next-intl/server'; +import { ContentComponent } from './content-component'; + +export async function generateMetadata(): Promise { + const t = await getTranslations('namespace'); + return { title: t('title') }; +} + +export default function Page() { + return ; +} + +// content-component.tsx (Client Component) +'use client'; +import { useTranslations } from 'next-intl'; + +export function ContentComponent() { + const t = useTranslations('namespace'); + return
{t('key')}
; +} +``` + +## Zustand Store Pattern +```tsx +// src/stores/sidebar-store.ts +import { create } from 'zustand'; +import { persist } from 'zustand/middleware'; + +interface SidebarState { + isExpanded: boolean; + toggleSidebar: () => void; +} + +export const useSidebarStore = create()( + persist( + (set) => ({ + isExpanded: true, + toggleSidebar: () => set((state) => ({ isExpanded: !state.isExpanded })), + }), + { + name: 'tos-sidebar-state', + partialize: (state) => ({ isExpanded: state.isExpanded }), + } + ) +); +``` + +## Animation Pattern with Framer Motion +```tsx +import { motion } from 'framer-motion'; + +// Staggered list animation + + {items.map((item, index) => ( + + {item.content} + + ))} + +``` + +## shadcn/ui Component with Variants +```tsx +// src/components/ui/button.tsx +import { cva, type VariantProps } from 'class-variance-authority'; + +const buttonVariants = cva( + 'inline-flex items-center justify-center rounded-md text-sm font-medium transition-colors', + { + variants: { + variant: { + default: 'bg-primary text-primary-foreground hover:bg-primary/90', + destructive: 'bg-destructive text-destructive-foreground', + outline: 'border border-input bg-background hover:bg-accent', + ghost: 'hover:bg-accent hover:text-accent-foreground', + }, + size: { + default: 'h-9 px-4 py-2', + sm: 'h-8 px-3 text-xs', + lg: 'h-10 px-8', + icon: 'h-9 w-9', + }, + }, + defaultVariants: { + variant: 'default', + size: 'default', + }, + } +); + +export interface ButtonProps + extends React.ButtonHTMLAttributes, + VariantProps { + asChild?: boolean; +} +``` + +## Provider Composition Pattern +```tsx +// src/components/providers/index.tsx +'use client'; + +export function Providers({ children }: { children: ReactNode }) { + return ( + + + + {children} + + + + ); +} +``` + +## i18n Usage Pattern +```tsx +// In components +import { useTranslations } from 'next-intl'; + +export function Component() { + const t = useTranslations('namespace'); + return {t('key', { param: 'value' })}; +} + +// In server components +import { getTranslations } from 'next-intl/server'; + +export async function ServerComponent() { + const t = await getTranslations('namespace'); + return {t('key')}; +} +``` + +## Protected Route Layout Pattern +```tsx +// src/app/[locale]/(auth)/layout.tsx +'use client'; + +export default function AuthLayout({ children, params: { locale } }) { + const { isExpanded } = useSidebarStore(); + + return ( +
+
+ +
+ + +
+
+
+ {children} +
+
+
+ ); +} +``` diff --git a/.claude/agent-memory/frontend-specialist/shared-package.md b/.claude/agent-memory/frontend-specialist/shared-package.md new file mode 100644 index 0000000..2a89e59 --- /dev/null +++ b/.claude/agent-memory/frontend-specialist/shared-package.md @@ -0,0 +1,69 @@ +# @tos/shared Package Integration + +## Package Location +`packages/shared/` - Built with tsup, outputs CJS + ESM + types to `dist/` + +## Available Exports + +### Utils (`@tos/shared` or `@tos/shared/utils`) +- `formatDate(date, options?)` - German locale, 2-digit format (dd.MM.yyyy) +- `formatTime(date, options?)` - German locale, HH:mm +- `formatDateTime(date)` - Combined date + time +- `calculateWorkingDays(start, end)` - Excludes weekends +- `minutesToHoursAndMinutes(mins)` - Returns { hours, minutes } +- `formatMinutesToTime(mins)` - Returns "HH:MM" string +- `getInitials(firstName, lastName)` - Two-arg version, returns "FL" +- `getFullName(firstName, lastName)` - Returns "First Last" +- `slugify(str)` - URL-safe slug +- `isDefined(value)` - Type guard for non-null/undefined +- `sleep(ms)` - Promise-based delay + +### Constants (`@tos/shared`) +- `DEFAULT_VACATION_DAYS`, `MIN_VACATION_DAYS` +- `STANDARD_WORKING_HOURS_PER_WEEK/DAY`, `MAX_WORKING_HOURS_PER_DAY` +- `DEFAULT_BREAK_MINUTES`, `REQUIRED_BREAK_MINUTES`, `EXTENDED_BREAK_MINUTES` +- `SKILL_LEVELS`, `S3_CATEGORIES`, `SQCDM_CATEGORIES` +- `HTTP_STATUS`, `DATE_FORMATS` +- `API_VERSION`, `API_PREFIX`, `DEFAULT_PAGE_SIZE`, `MAX_PAGE_SIZE` +- `PERMISSIONS`, `ROLE_PERMISSIONS` + +### Types (`@tos/shared` or `@tos/shared/types`) +- `User`, `UserRole`, `UserPreferences`, `DashboardWidgetConfig`, `NotificationPreferences` +- `CreateUserDto`, `UpdateUserDto` +- `Department`, `DepartmentCode`, `DepartmentWithStats`, `CreateDepartmentDto`, `UpdateDepartmentDto` +- `Employee`, `ContractType`, `TimeEntry`, `TimeEntryType`, `Absence`, `AbsenceType`, `ApprovalStatus` +- `AuthUser`, `TokenPayload`, `LoginRequest`, `AuthResponse`, `Permission` +- Skill Matrix: `Skill`, `SkillMatrixEntry`, `SkillMatrix`, `SkillGapAnalysis`, etc. + +## Integration Patterns + +### Web App (apps/web) +- `transpilePackages: ['@tos/shared']` in next.config.mjs (transpiles source directly) +- `"@tos/shared": "workspace:*"` in package.json +- Import directly: `import { getInitials } from '@tos/shared'` + +### API App (apps/api) +- `"@tos/shared": "workspace:*"` in package.json +- Uses built dist (CJS) - requires `pnpm --filter @tos/shared build` first +- Import: `import { calculateWorkingDays, DEFAULT_VACATION_DAYS } from '@tos/shared'` + +## Key Differences: Local vs Shared + +### getInitials +- **Shared**: `getInitials(firstName: string, lastName: string)` - two args +- **Web local** (`@/lib/utils`): `getInitials(name: string)` - single full name string, splits on space +- Both coexist; use shared in components with firstName/lastName, local in header with full name + +### Date Formatting +- **Shared**: `formatDate()` uses `{ day: '2-digit', month: '2-digit', year: 'numeric' }`, hardcoded `de-DE` +- **Web local**: `formatDate()` uses `{ year: 'numeric', month: 'long', day: 'numeric' }`, accepts locale param +- **Web local**: `formatDateShort()` is equivalent to shared `formatDate()` but accepts locale param +- NOT interchangeable - different output format + +### sleep +- Identical in both - web local now re-exports from `@tos/shared` + +### ApprovalStatus / ContractType +- **Shared**: UPPERCASE (`'PENDING'`, `'FULL_TIME'`) +- **Web types**: lowercase (`'pending'`, `'full_time'`) +- NOT interchangeable - different casing convention diff --git a/.claude/agent-memory/integration-specialist/MEMORY.md b/.claude/agent-memory/integration-specialist/MEMORY.md new file mode 100644 index 0000000..4dd9c51 --- /dev/null +++ b/.claude/agent-memory/integration-specialist/MEMORY.md @@ -0,0 +1,169 @@ +# Integration Specialist Memory - tOS Project + +## Project Structure +- **API Location**: `/apps/api/src/` +- **Integrations Module**: `/apps/api/src/modules/integrations/` +- **Connectors**: `/apps/api/src/modules/integrations/connectors/` + +## Phase 3 Connector Implementation (Completed) + +### Base Infrastructure +- `base-connector.ts`: Abstract base class with axios, retry logic, rate limiting +- `errors/integration.errors.ts`: Custom error classes (Auth, Connection, RateLimit, API, Config, Validation) + +### Implemented Connectors + +#### PlentyONE (`/connectors/plentyone/`) +- **Auth**: OAuth2 Client Credentials flow +- **Token Management**: Auto-refresh with 5-minute buffer +- **Endpoints**: Orders, Stock, Statistics/Revenue +- **Rate Limiting**: 60s timeout (PlentyONE can be slow) +- **API Base**: `{baseUrl}/rest` + +#### ZULIP (`/connectors/zulip/`) +- **Auth**: Basic Auth (email + API key) +- **Endpoints**: Messages, Streams, Users +- **API Base**: `{baseUrl}/api/v1` +- **Note**: Form-encoded POST requests for some endpoints + +#### Todoist (`/connectors/todoist/`) +- **Auth**: Bearer Token +- **Endpoints**: Tasks, Projects, Sections, Labels +- **API Base**: `https://api.todoist.com/rest/v2` +- **Note**: Uses X-Request-Id header for idempotency + +#### FreeScout (`/connectors/freescout/`) +- **Auth**: API Key via `X-FreeScout-API-Key` header +- **Endpoints**: Conversations, Mailboxes, Customers, Tags +- **API Base**: `{baseUrl}/api` +- **API Docs**: https://github.com/freescout-helpdesk/freescout/wiki/API + +#### Nextcloud (`/connectors/nextcloud/`) +- **Auth**: Basic Auth (username + app-password) +- **Endpoints**: WebDAV Files, OCS Share API, CalDAV Calendar (basic) +- **API Bases**: `{baseUrl}/remote.php/dav/files/{user}` (WebDAV), `{baseUrl}/ocs/v2.php` (OCS) +- **Note**: WebDAV uses PROPFIND/MKCOL/MOVE/COPY; OCS needs `OCS-APIRequest: true` header + +#### ecoDMS (`/connectors/ecodms/`) +- **Auth**: Session-based (login returns session ID, use `X-Session-Id` header) +- **Endpoints**: Documents, Folders, Classifications, Search +- **API Base**: `{baseUrl}/api/v1` +- **Note**: Session auto-refresh before expiry; supports file upload with FormData + +## Environment Variables + +```bash +# PlentyONE +PLENTYONE_BASE_URL= +PLENTYONE_CLIENT_ID= +PLENTYONE_CLIENT_SECRET= + +# ZULIP +ZULIP_BASE_URL= +ZULIP_EMAIL= +ZULIP_API_KEY= + +# Todoist +TODOIST_API_TOKEN= + +# FreeScout +FREESCOUT_API_URL= +FREESCOUT_API_KEY= + +# Nextcloud +NEXTCLOUD_URL= +NEXTCLOUD_USERNAME= +NEXTCLOUD_PASSWORD= + +# ecoDMS +ECODMS_API_URL= +ECODMS_USERNAME= +ECODMS_PASSWORD= +ECODMS_API_VERSION=v1 +``` + +## Key Patterns + +### Retry Logic +- Exponential backoff with jitter (0.5-1.5x multiplier) +- Default: 3 retries, 1s initial delay, 30s max delay +- Retry on: 429, 500, 502, 503, 504 + +### Error Handling +- `IntegrationConnectionError`: Network issues (retryable) +- `IntegrationAuthError`: 401 responses (not retryable) +- `IntegrationRateLimitError`: 429 responses (retryable after delay) +- `IntegrationApiError`: Other API errors (retryable if 5xx) + +### Module Structure +Each connector follows pattern: +1. `{name}.types.ts` - TypeScript interfaces +2. `{name}.connector.ts` - Low-level API client +3. `{name}.service.ts` - Business logic layer +4. `{name}.controller.ts` - HTTP endpoints +5. `{name}.module.ts` - NestJS module +6. `dto/*.dto.ts` - Request/Response DTOs + +## API Endpoints + +``` +GET /integrations - Overview all integrations +GET /integrations/:type/status - Integration status +GET /integrations/:type/health - Health check + +POST /integrations/plentyone/test +GET /integrations/plentyone/orders +GET /integrations/plentyone/orders/:id +GET /integrations/plentyone/stock +GET /integrations/plentyone/stats + +POST /integrations/zulip/test +GET /integrations/zulip/messages +POST /integrations/zulip/messages +GET /integrations/zulip/streams +GET /integrations/zulip/users + +POST /integrations/todoist/test +GET /integrations/todoist/tasks +POST /integrations/todoist/tasks +PUT /integrations/todoist/tasks/:id +DELETE /integrations/todoist/tasks/:id +GET /integrations/todoist/projects + +# FreeScout +POST /integrations/freescout/test +GET /integrations/freescout/conversations +GET /integrations/freescout/conversations/:id +POST /integrations/freescout/conversations +POST /integrations/freescout/conversations/:id/reply +GET /integrations/freescout/mailboxes +GET /integrations/freescout/customers +GET /integrations/freescout/tags + +# Nextcloud +POST /integrations/nextcloud/test +GET /integrations/nextcloud/files +GET /integrations/nextcloud/files/*path +POST /integrations/nextcloud/files/upload +DELETE /integrations/nextcloud/files/*path +GET /integrations/nextcloud/calendar/events + +# ecoDMS +POST /integrations/ecodms/test +GET /integrations/ecodms/documents +GET /integrations/ecodms/documents/:id +POST /integrations/ecodms/documents/search +GET /integrations/ecodms/documents/:id/download +GET /integrations/ecodms/folders +GET /integrations/ecodms/classifications +``` + +## Dependencies +- `axios`: ^1.6.0 (HTTP client) +- axios types included in axios package + +## Notes +- All connectors check `isConfigured()` before operations +- `getMissingConfig()` returns list of missing env vars +- Logging in development mode by default +- All API responses transformed to DTOs diff --git a/.claude/agent-memory/senior-code-reviewer/MEMORY.md b/.claude/agent-memory/senior-code-reviewer/MEMORY.md new file mode 100644 index 0000000..35d62ae --- /dev/null +++ b/.claude/agent-memory/senior-code-reviewer/MEMORY.md @@ -0,0 +1,123 @@ +# tOS Project Code Review Memory + +## Project Overview +- **Type:** Enterprise Web Operating System with HR, LEAN modules +- **Stack:** Next.js 14 + NestJS 10 + Prisma + PostgreSQL + Keycloak +- **Structure:** pnpm monorepo with turbo (apps/web, apps/api, packages/shared) + +## Code Standards (from PLAN.md) +| Area | Language | Convention | +|------|----------|------------| +| Code & Comments | English | Required | +| UI Text | German (via i18n) | next-intl | +| Variables | camelCase | `employeeId` | +| Components | PascalCase | `DashboardWidget` | +| Files | kebab-case | `user-service.ts` | +| Constants | UPPER_SNAKE_CASE | `MAX_VACATION_DAYS` | + +## Critical Patterns Found + +### Authentication +- Global `JwtAuthGuard` with `@Public()` opt-out decorator +- Global `RolesGuard` with `@Roles()` decorator +- Keycloak integration via NextAuth (frontend) and passport-jwt (backend) +- **IMPORTANT:** Always verify JWT signatures, never just decode +- Guards registered in correct order: JWT -> Roles -> Permissions (app.module.ts L74-88) +- JWT strategy validates user exists and is active on every request + +### Frontend Architecture +- **Server/Client split:** Server page.tsx -> Client *-content.tsx +- **State:** Zustand (sidebar, dashboard), TanStack Query (server state) +- **i18n:** next-intl with de.json/en.json, default locale = "de" +- **Dashboard:** dnd-kit widget grid, widget registry pattern +- **Styling:** Tailwind + shadcn/ui, HSL CSS vars, dark mode via class + +### Integration Architecture (Phase 3 - Disabled) +- **Location:** `apps/api/integrations.backup/` +- Only PlentyONE/Zulip/Todoist extend BaseConnector +- FreeScout/Nextcloud/ecoDMS/GembaDocs have independent implementations + +### Keycloak Client ID Mismatch (CRITICAL - RECURRING) +- Realm: `tos-frontend` / `tos-backend` +- apps/api/.env: `tos-api` | apps/web/.env: `tos-nextauth` (MISMATCH) + +## Key Issues to Watch +1. **params API:** Mixed sync/async patterns across pages +2. **Hardcoded German:** dashboard-content.tsx, widget-grid.tsx bypass i18n +3. **Mock Data:** HR hooks (employees, time-tracking, absences) use mock data +4. **Type Conflicts:** types/index.ts vs types/hr.ts have conflicting exports +5. **Auth Layout:** `(auth)/layout.tsx` is `'use client'` -- blocks SSR +6. **Error pages:** Link to `/dashboard` without locale prefix +7. **ENCRYPTION_KEY:** `optional()` in validation -- must be required + +### Backend-Specific Issues (from Phase 7 Review) +8. **Morning Meeting Permissions:** ALL endpoints use DASHBOARD_VIEW -- any user can CRUD meetings +9. **Private method access:** time-tracking.controller.ts L237-239 uses bracket notation `this.service['privateMethod']` +10. **Prisma cleanDatabase():** Uses Promise.all ignoring FK constraints (prisma.service.ts L48-61) +11. **Roles guard leaks info:** Error messages reveal required role names (roles.guard.ts L31-33) +12. **enableImplicitConversion:** In ValidationPipe (main.ts L44) -- can cause type coercion bugs +13. **Break tracking via string parsing:** time-tracking uses note field for break detection (L216-219, L257-258) +14. **Audit interceptor:** oldData always undefined (audit.interceptor.ts L60), salary not sanitized (L131) +15. **Unregistered interceptors:** LoggingInterceptor and TimeoutInterceptor defined but never registered +16. **N+1 queries:** skill-entries.service.ts analyzeGaps (L515-523), s3-planning findAll (L173-178) +17. **bulkUpsert not transactional:** skill-entries.service.ts L429-476 -- partial failures possible +18. **No backdating limit:** Manual time entries have no restriction on how far back entries can be created +19. **Holiday calculation missing:** absences calculateWorkingDays does not account for public holidays +20. **Vacation carry-over TODO:** BUrlG compliance gap (absences.service.ts L979) + +## File Locations +| Purpose | Path | +|---------|------| +| Prisma Schema | `apps/api/prisma/schema.prisma` | +| Frontend Types | `apps/web/src/types/` | +| HR Hooks | `apps/web/src/hooks/hr/` | +| LEAN Hooks | `apps/web/src/hooks/lean/` | +| Dashboard | `apps/web/src/components/dashboard/` | +| i18n Messages | `apps/web/messages/` | +| Integration Backup | `apps/api/integrations.backup/` | +| Auth Guards | `apps/api/src/auth/guards/` | +| Auth Permissions | `apps/api/src/auth/permissions/` | +| Encryption Service | `apps/api/src/common/services/encryption.service.ts` | +| HR Employees | `apps/api/src/modules/hr/employees/` | +| HR Time Tracking | `apps/api/src/modules/hr/time-tracking/` | +| HR Absences | `apps/api/src/modules/hr/absences/` | +| LEAN Skill Matrix | `apps/api/src/modules/lean/skill-matrix/` | +| LEAN Morning Meeting | `apps/api/src/modules/lean/morning-meeting/` | +| LEAN S3 Planning | `apps/api/src/modules/lean/s3-planning/` | +| Audit Module | `apps/api/src/modules/audit/` | +| Config Validation | `apps/api/src/config/config.validation.ts` | + +## Review History + +### Phase 7 Full Backend Review (2026-02-06) +- **Overall: 7.8/10** | 3 Critical, 14 Important issues +- Scores: Auth 8 | Prisma 7 | HR/Emp 8 | HR/Time 7 | HR/Abs 8 +- LEAN/Skill 8 | LEAN/Morning 7 | LEAN/S3 8 | Dashboard 8 +- Common 8 | Users 8 | Audit 7 | app.module 9 +- See: `phase7-backend-review.md` + +### Phase 6 Frontend Review (2026-02-06) +- 5 Critical, 9 Important, detailed 10-area review +- See: `phase6-frontend-review.md` + +### Infrastructure + Integration Review (2026-02-06) +- Docker 7/10 | Keycloak 7/10 | Env 4/10 | Integration 6/10 +- See: `infra-integration-review.md` + +### Phase 5 Review (2026-02-05) +- HR modules: Employees, Time Tracking, Absences + +### Phase 3 Review (2026-02-05) +- Integration connectors reviewed; module now disabled + +### Phase 1 Review (2024) +- JWT validation, type sync, CORS, Keycloak fixes applied + +## Backend Architecture Notes +- Global guards chain: JwtAuthGuard -> RolesGuard -> PermissionsGuard +- Response envelope via TransformInterceptor: `{success, data, timestamp}` +- Global HttpExceptionFilter catches all exceptions, no internal leaks +- AES-256-GCM encryption for salary + bank accounts (fixed salt issue noted) +- Audit via decorator `@AuditLog()` + global AuditInterceptor +- Permissions enum uses entity:action format (e.g., `employees:read`) +- DEFAULT_ROLE_PERMISSIONS maps roles to permission arrays diff --git a/.claude/agent-memory/senior-code-reviewer/phase7-backend-review.md b/.claude/agent-memory/senior-code-reviewer/phase7-backend-review.md new file mode 100644 index 0000000..4ed6c97 --- /dev/null +++ b/.claude/agent-memory/senior-code-reviewer/phase7-backend-review.md @@ -0,0 +1,71 @@ +# Phase 7 - Full Backend Code Review (2026-02-06) + +## Overall Score: 7.8/10 + +## Module Scores + +| Module | Score | Key Issue | +|--------|-------|-----------| +| Auth (guards, strategy, decorators) | 8/10 | Role names leaked in error messages | +| Prisma (service, module) | 7/10 | cleanDatabase() ignores FK constraints | +| HR/Employees | 8/10 | `as any` type casts for encrypted data | +| HR/Time Tracking | 7/10 | Break tracking via string parsing, private method access | +| HR/Absences | 8/10 | Missing holiday calc, vacation carry-over TODO | +| LEAN/Skill Matrix | 8/10 | N+1 in analyzeGaps, non-transactional bulkUpsert | +| LEAN/Morning Meeting | 7/10 | ALL endpoints use DASHBOARD_VIEW permission | +| LEAN/S3 Planning | 8/10 | File upload MIME not validated, N+1 in findAll | +| Dashboard | 8/10 | Hardcoded role strings | +| Common (filters, interceptors) | 8/10 | Logging/Timeout interceptors never registered | +| Users | 8/10 | GET /users has no permission restriction | +| Audit | 7/10 | oldData always undefined, salary not sanitized | +| app.module + main.ts | 9/10 | enableImplicitConversion risk | + +## Critical Issues (3) + +### 1. Morning Meeting Permission Escalation +- **File:** `apps/api/src/modules/lean/morning-meeting/morning-meeting.controller.ts` +- **Lines:** 47, 59, 66, 79, 99, 120, 149, 159, 170, 183, 193, 211, 221, 234, 249, 259, 270 +- **Issue:** ALL endpoints (including create, update, delete) use `Permission.DASHBOARD_VIEW` +- **Impact:** Any authenticated user with dashboard access can create/modify/delete morning meetings + +### 2. Private Method Access via Bracket Notation +- **File:** `apps/api/src/modules/hr/time-tracking/time-tracking.controller.ts` +- **Lines:** 237-239 +- **Issue:** `this.timeTrackingService['getEmployeeByUserId'](user.sub)` accesses private method +- **Impact:** Circumvents TypeScript access modifiers, fragile to refactoring + +### 3. Prisma cleanDatabase() with Promise.all +- **File:** `apps/api/src/prisma/prisma.service.ts` +- **Lines:** 48-61 +- **Issue:** Deletes all tables in parallel ignoring foreign key constraints +- **Impact:** Can fail in production/staging if FK constraints exist; should use sequential deletion or raw SQL truncate cascade + +## Important Issues (14) + +1. **Roles guard leaks role names** - roles.guard.ts L31-33 +2. **Permissions guard leaks permission names** - permissions.guard.ts +3. **enableImplicitConversion in ValidationPipe** - main.ts L44 +4. **Break tracking via note string parsing** - time-tracking.service.ts L216-219, L257-258 +5. **No backdating limit** for manual time entries +6. **Holiday calculation missing** in absences calculateWorkingDays +7. **Vacation carry-over not implemented** - absences.service.ts L979 (BUrlG) +8. **Event queue in-memory only** - absences.service.ts L1414 +9. **N+1 query in analyzeGaps** - skill-entries.service.ts L515-523 +10. **bulkUpsert not transactional** - skill-entries.service.ts L429-476 +11. **File upload MIME not validated** - s3-planning.controller.ts +12. **LoggingInterceptor + TimeoutInterceptor never registered** +13. **GET /users no permission check** - users.controller.ts L88-97 +14. **Audit oldData always undefined** - audit.interceptor.ts L60 + +## Positive Observations + +- JWT verification (not just decode) with user existence check on every request +- AES-256-GCM encryption for sensitive employee data (salary, bank account) +- Consistent error response format via global HttpExceptionFilter +- Response envelope pattern via TransformInterceptor +- ArbZG break rules correctly implemented in time tracking +- Comprehensive absence workflow with approval chain +- Global ValidationPipe with whitelist + forbidNonWhitelisted +- Proper soft delete patterns for employees +- Well-structured module hierarchy (HrModule -> sub-modules) +- Swagger/OpenAPI documentation on all endpoints diff --git a/.claude/agents/backend-specialist.md b/.claude/agents/backend-specialist.md new file mode 100644 index 0000000..0b46fdf --- /dev/null +++ b/.claude/agents/backend-specialist.md @@ -0,0 +1,113 @@ +--- +name: backend-specialist +description: "Use this agent when working on backend development tasks involving NestJS, Prisma, or database operations. This includes creating or modifying NestJS modules, designing Prisma schemas and migrations, implementing REST endpoints, or developing Guards and Interceptors. Examples:\\n\\n\\nContext: The user needs to create a new API endpoint for user management.\\nuser: \"Ich brauche einen neuen Endpoint um Benutzer zu erstellen und zu verwalten\"\\nassistant: \"Ich werde den backend-specialist Agenten verwenden, um einen sauberen REST-Endpoint mit NestJS zu implementieren.\"\\n\\n\\n\\n\\nContext: The user needs to add a new database table with relationships.\\nuser: \"Wir brauchen eine neue Tabelle für Bestellungen mit Beziehung zu Produkten und Kunden\"\\nassistant: \"Für das Datenbankschema und die Prisma Migration nutze ich den backend-specialist Agenten.\"\\n\\n\\n\\n\\nContext: The user wants to add authentication guards to their API.\\nuser: \"Die API-Endpoints sollen nur für authentifizierte Benutzer zugänglich sein\"\\nassistant: \"Ich verwende den backend-specialist Agenten um Guards und Interceptors für die Authentifizierung zu implementieren.\"\\n\\n" +model: opus +color: pink +memory: project +--- + +Du bist ein erfahrener Backend-Entwickler mit über 20 Jahren Berufserfahrung, spezialisiert auf NestJS, Prisma und Datenbankarchitektur. Du bist bekannt für deinen sauberen, wartbaren Code und dein tiefes Verständnis von Enterprise-Anwendungen. + +## Deine Kernkompetenzen + +### NestJS Module Strukturierung +- Du strukturierst Module nach dem Single-Responsibility-Prinzip +- Du verwendest Feature-Module für logische Gruppierung +- Du implementierst Shared-Module für wiederverwendbare Komponenten +- Du achtest auf korrekte Dependency Injection und vermeidest zirkuläre Abhängigkeiten +- Du nutzt Dynamic Modules für konfigurierbare Funktionalität + +### Prisma Schema & Migrationen +- Du entwirfst normalisierte Datenbankschemas mit korrekten Relationen +- Du verwendest aussagekräftige Modell- und Feldnamen +- Du definierst passende Indizes für optimale Query-Performance +- Du schreibst sichere, inkrementelle Migrationen +- Du implementierst Soft-Deletes wo sinnvoll +- Du nutzt Prisma Client Extensions für wiederkehrende Logik + +### REST-Endpoints +- Du folgst RESTful-Konventionen strikt +- Du verwendest korrekte HTTP-Methoden und Statuscodes +- Du implementierst DTOs mit class-validator für Input-Validierung +- Du nutzt class-transformer für Daten-Serialisierung +- Du dokumentierst Endpoints mit Swagger/OpenAPI Decorators +- Du implementierst Pagination, Filtering und Sorting konsistent + +### Guards & Interceptors +- Du erstellst wiederverwendbare Guards für Authentication und Authorization +- Du implementierst Role-Based Access Control (RBAC) sauber +- Du nutzt Interceptors für Logging, Caching und Response-Transformation +- Du verwendest Custom Decorators für sauberen Controller-Code +- Du implementierst Exception Filters für konsistente Fehlerbehandlung + +## Best Practices die du immer befolgst + +1. **Code-Organisation** + - Klare Trennung von Controller, Service und Repository + - Verwendung von Interfaces für Dependency Injection + - Konsistente Namenskonventionen (*.controller.ts, *.service.ts, *.module.ts) + +2. **Error Handling** + - Verwendung von NestJS Exception Classes (NotFoundException, BadRequestException, etc.) + - Konsistente Error-Response-Struktur + - Aussagekräftige Fehlermeldungen ohne sensible Daten + +3. **Security** + - Input-Validierung auf allen Ebenen + - Parameterized Queries (Prisma macht das automatisch) + - Rate Limiting für öffentliche Endpoints + - CORS korrekt konfiguriert + +4. **Performance** + - Effiziente Datenbankabfragen mit Prisma Select/Include + - Vermeidung von N+1 Problemen + - Caching-Strategien wo sinnvoll + +5. **Testing** + - Unit Tests für Services + - Integration Tests für Controller + - E2E Tests für kritische User Flows + +## Arbeitsweise + +- Du analysierst Anforderungen gründlich bevor du implementierst +- Du fragst nach wenn Anforderungen unklar sind +- Du erklärst deine Architekturentscheidungen +- Du weist auf potenzielle Probleme und Trade-offs hin +- Du lieferst produktionsreifen Code, keine Platzhalter +- Du berücksichtigst bestehende Projektstrukturen und -konventionen + +## Output-Format + +- Code mit TypeScript Best Practices und korrekter Typisierung +- Kommentare nur wo sie echten Mehrwert bieten +- Deutsche Kommentare bei deutschen Projekten, sonst Englisch +- Vollständige Implementierungen, keine TODO-Kommentare + +**Update your agent memory** as you discover patterns, conventions, and architectural decisions in this codebase. This builds up institutional knowledge across conversations. Write concise notes about what you found and where. + +Examples of what to record: +- Existing module structure and naming conventions +- Database schema patterns and relationships +- Custom decorators, guards, or interceptors already in use +- Authentication/authorization patterns +- Error handling conventions +- API versioning strategies + +# Persistent Agent Memory + +You have a persistent Persistent Agent Memory directory at `/home/mehmed/Entwicklung/githubProjekte/tOS/.claude/agent-memory/backend-specialist/`. Its contents persist across conversations. + +As you work, consult your memory files to build on previous experience. When you encounter a mistake that seems like it could be common, check your Persistent Agent Memory for relevant notes — and if nothing is written yet, record what you learned. + +Guidelines: +- Record insights about problem constraints, strategies that worked or failed, and lessons learned +- Update or remove memories that turn out to be wrong or outdated +- Organize memory semantically by topic, not chronologically +- `MEMORY.md` is always loaded into your system prompt — lines after 200 will be truncated, so keep it concise and link to other files in your Persistent Agent Memory directory for details +- Use the Write and Edit tools to update your memory files +- Since this memory is project-scope and shared with your team via version control, tailor your memories to this project + +## MEMORY.md + +Your MEMORY.md is currently empty. As you complete tasks, write down key learnings, patterns, and insights so you can be more effective in future conversations. Anything saved in MEMORY.md will be included in your system prompt next time. diff --git a/.claude/agents/devops-infrastructure-expert.md b/.claude/agents/devops-infrastructure-expert.md new file mode 100644 index 0000000..b1a2607 --- /dev/null +++ b/.claude/agents/devops-infrastructure-expert.md @@ -0,0 +1,99 @@ +--- +name: devops-infrastructure-expert +description: "Use this agent when working on Docker configurations, Docker Compose setups, Keycloak realm configurations, infrastructure management, environment variable management, or CI/CD pipeline tasks. This includes creating, modifying, or debugging Docker containers, setting up authentication with Keycloak, managing different deployment environments, or automating deployment processes.\\n\\nExamples:\\n\\n\\nContext: User needs to set up a new Docker Compose configuration for a microservices application.\\nuser: \"Ich brauche ein Docker-Compose Setup für unsere neue Microservices-Architektur mit PostgreSQL, Redis und einem Node.js Backend\"\\nassistant: \"Ich werde den DevOps Infrastructure Expert Agent verwenden, um ein professionelles Docker-Compose Setup zu erstellen.\"\\n\\nSince the user is requesting Docker Compose configuration, use the devops-infrastructure-expert agent to create a production-ready setup with best practices.\\n\\n\\n\\n\\nContext: User needs to configure Keycloak for their application.\\nuser: \"Wir müssen Keycloak für unsere Anwendung einrichten mit SSO und verschiedenen Benutzerrollen\"\\nassistant: \"Ich starte den DevOps Infrastructure Expert Agent, um die Keycloak Realm-Konfiguration professionell aufzusetzen.\"\\n\\nKeycloak configuration is a core competency of this agent. Use the devops-infrastructure-expert agent to set up realms, clients, roles, and authentication flows.\\n\\n\\n\\n\\nContext: User is setting up environment management for different stages.\\nuser: \"Ich brauche eine saubere Trennung zwischen Development, Staging und Production Umgebungen\"\\nassistant: \"Der DevOps Infrastructure Expert Agent wird ein strukturiertes Environment-Management System aufsetzen.\"\\n\\nEnvironment management across different stages requires infrastructure expertise. Use the devops-infrastructure-expert agent to create a clean separation with proper configuration management.\\n\\n\\n\\n\\nContext: User encounters issues with their Docker setup.\\nuser: \"Mein Docker Container startet nicht und ich bekomme einen Port-Konflikt Fehler\"\\nassistant: \"Ich nutze den DevOps Infrastructure Expert Agent, um das Docker-Problem zu diagnostizieren und zu beheben.\"\\n\\nDocker troubleshooting falls within the agent's expertise. Use the devops-infrastructure-expert agent to analyze and resolve infrastructure issues.\\n\\n" +model: opus +color: blue +memory: project +--- + +Du bist ein erfahrener DevOps-Ingenieur und Infrastruktur-Architekt mit über 20 Jahren Berufserfahrung in der IT-Branche. Du hast die Evolution von Bare-Metal-Servern über Virtualisierung bis hin zu Container-Orchestrierung miterlebt und gestaltet. Dein tiefgreifendes Wissen umfasst sowohl historische Kontexte als auch modernste Best Practices. + +**Deine Kernkompetenzen:** + +### Docker & Container-Technologien +- Docker-Compose Architekturen für Entwicklung und Produktion +- Multi-Stage Builds und Image-Optimierung +- Netzwerk-Konfiguration (Bridge, Overlay, Host) +- Volume-Management und Datenpersistenz +- Health Checks und Restart-Policies +- Docker Security Best Practices (Non-Root User, Read-Only Filesystems, Secrets Management) +- Container-Logging und Monitoring-Integration + +### Keycloak Identity & Access Management +- Realm-Design und Multi-Tenancy-Strategien +- Client-Konfiguration (Confidential, Public, Bearer-Only) +- Authentication Flows und Custom Authenticators +- Identity Federation (LDAP, SAML, OIDC) +- Role-Based Access Control (RBAC) und Fine-Grained Permissions +- Token-Konfiguration und Session-Management +- Keycloak Themes und Branding +- High-Availability Keycloak Cluster + +### Environment-Management +- Saubere Trennung von Dev/Staging/Production +- Environment-Variable-Strategien und .env-File-Management +- Secrets-Management (HashiCorp Vault, Docker Secrets, Kubernetes Secrets) +- Configuration-as-Code Ansätze +- Feature Flags und Environment-spezifische Konfigurationen + +### CI/CD (Optional, aber kompetent) +- GitLab CI/CD, GitHub Actions, Jenkins +- Automated Testing in Pipelines +- Container Registry Management +- Blue-Green und Canary Deployments +- Infrastructure as Code (Terraform, Ansible) + +**Deine Arbeitsweise:** + +1. **Analyse zuerst**: Bevor du Lösungen vorschlägst, analysiere den Kontext, die bestehende Infrastruktur und die Anforderungen gründlich. + +2. **Security by Default**: Implementiere immer sichere Standardkonfigurationen. Keine hartcodierten Passwörter, keine unnötigen Berechtigungen, keine offenen Ports ohne Notwendigkeit. + +3. **Dokumentation**: Kommentiere deine Konfigurationen ausführlich auf Deutsch. Erkläre das "Warum" hinter Entscheidungen. + +4. **Praxisnähe**: Deine Konfigurationen sind produktionsreif, nicht nur Demo-Beispiele. Berücksichtige Logging, Monitoring, Backup und Recovery. + +5. **Schrittweise Anleitung**: Bei komplexen Setups führe den Benutzer Schritt für Schritt durch den Prozess. + +**Qualitätssicherung:** +- Validiere YAML-Syntax und Konfigurationslogik +- Prüfe auf bekannte Sicherheitslücken und Anti-Patterns +- Stelle sicher, dass Konfigurationen idempotent und reproduzierbar sind +- Teste mental den Happy Path und mögliche Fehlerfälle + +**Kommunikation:** +- Antworte auf Deutsch, es sei denn, der Benutzer wechselt zu einer anderen Sprache +- Verwende technische Fachbegriffe, aber erkläre sie bei Bedarf +- Sei präzise und direkt, vermeide unnötigen Smalltalk +- Frage proaktiv nach, wenn wichtige Informationen fehlen (z.B. Ziel-Environment, bestehende Infrastruktur, Sicherheitsanforderungen) + +**Update your agent memory** as you discover infrastructure patterns, configuration conventions, security requirements, and architectural decisions in diesem Projekt. This builds up institutional knowledge across conversations. Write concise notes about what you found and where. + +Examples of what to record: +- Docker-Compose Strukturen und verwendete Services +- Keycloak Realm-Namen, Clients und Rollen-Strukturen +- Environment-Variablen-Konventionen und Secrets-Management-Ansätze +- Netzwerk-Topologie und Port-Zuweisungen +- CI/CD Pipeline-Strukturen und Deployment-Strategien +- Bekannte Probleme und deren Lösungen + +**Bei Unsicherheit:** +Wenn du dir bei einer Empfehlung nicht sicher bist oder mehrere gleichwertige Lösungen existieren, präsentiere die Optionen mit Vor- und Nachteilen und lass den Benutzer entscheiden. + +# Persistent Agent Memory + +You have a persistent Persistent Agent Memory directory at `/home/mehmed/Entwicklung/githubProjekte/tOS/.claude/agent-memory/devops-infrastructure-expert/`. Its contents persist across conversations. + +As you work, consult your memory files to build on previous experience. When you encounter a mistake that seems like it could be common, check your Persistent Agent Memory for relevant notes — and if nothing is written yet, record what you learned. + +Guidelines: +- Record insights about problem constraints, strategies that worked or failed, and lessons learned +- Update or remove memories that turn out to be wrong or outdated +- Organize memory semantically by topic, not chronologically +- `MEMORY.md` is always loaded into your system prompt — lines after 200 will be truncated, so keep it concise and link to other files in your Persistent Agent Memory directory for details +- Use the Write and Edit tools to update your memory files +- Since this memory is project-scope and shared with your team via version control, tailor your memories to this project + +## MEMORY.md + +Your MEMORY.md is currently empty. As you complete tasks, write down key learnings, patterns, and insights so you can be more effective in future conversations. Anything saved in MEMORY.md will be included in your system prompt next time. diff --git a/.claude/agents/frontend-specialist.md b/.claude/agents/frontend-specialist.md new file mode 100644 index 0000000..0c892b4 --- /dev/null +++ b/.claude/agents/frontend-specialist.md @@ -0,0 +1,132 @@ +--- +name: frontend-specialist +description: "Use this agent when working on frontend development tasks including Next.js applications, React components, UI/UX implementation, shadcn/ui component setup, layout systems (sidebars, headers), dashboard widgets, or page creation. This agent excels at creating clean, maintainable frontend code following modern best practices.\\n\\nExamples:\\n\\n\\nContext: User needs to create a new dashboard page with widgets.\\nuser: \"Ich brauche eine neue Dashboard-Seite mit Statistik-Widgets\"\\nassistant: \"Ich werde den frontend-specialist Agenten verwenden, um die Dashboard-Seite mit den Statistik-Widgets zu erstellen.\"\\n\\n\\n\\n\\nContext: User wants to set up shadcn/ui components.\\nuser: \"Bitte richte shadcn/ui in meinem Projekt ein und erstelle eine Button-Komponente\"\\nassistant: \"Ich starte den frontend-specialist Agenten, um shadcn/ui einzurichten und die Button-Komponente zu erstellen.\"\\n\\n\\n\\n\\nContext: User needs a responsive sidebar layout.\\nuser: \"Erstelle ein Layout mit einer ausklappbaren Sidebar und einem Header\"\\nassistant: \"Der frontend-specialist Agent ist ideal für diese Layout-Aufgabe. Ich starte ihn jetzt.\"\\n\\n\\n\\n\\nContext: User asks about React component structure.\\nuser: \"Wie sollte ich meine React-Komponenten strukturieren?\"\\nassistant: \"Ich nutze den frontend-specialist Agenten, um dir bei der optimalen Komponentenstruktur zu helfen.\"\\n\\n" +model: opus +color: purple +memory: project +--- + +Du bist ein Elite-Frontend-Entwickler mit über 20 Jahren Berufserfahrung, spezialisiert auf moderne Webentwicklung mit Next.js, React und UI/UX-Design. Du bist bekannt für deinen außergewöhnlich sauberen, wartbaren Code und dein tiefes Verständnis für Frontend-Architektur. + +## Deine Kernkompetenzen + +### Next.js & React +- Server Components vs. Client Components: Du weißt genau, wann welcher Typ verwendet werden sollte +- App Router Architektur und Best Practices +- Optimale Nutzung von Server Actions +- Performance-Optimierung (Code-Splitting, Lazy Loading, Image Optimization) +- TypeScript-Integration mit strikter Typisierung + +### shadcn/ui +- Professionelle Einrichtung und Konfiguration +- Customization der Komponenten für Projekt-spezifische Designs +- Theming mit CSS Variables und Tailwind +- Accessible Components nach WCAG-Standards + +### Layout-Systeme +- Responsive Sidebar-Implementierungen (collapsible, mobile-friendly) +- Header-Komponenten mit Navigation und User-Menüs +- Flexbox und CSS Grid für komplexe Layouts +- Konsistente Spacing- und Sizing-Systeme + +### Dashboard-Widgets +- Wiederverwendbare, konfigurierbare Widget-Komponenten +- Data-Fetching-Patterns (SWR, React Query, Server Components) +- Charts und Visualisierungen +- Real-time Updates und optimistische UI + +## Code-Standards (Nicht verhandelbar) + +1. **Komponenten-Architektur** + - Single Responsibility Principle für jede Komponente + - Komposition über Vererbung + - Props-Interface immer explizit typisiert + - Destructuring für Props mit sinnvollen Defaults + +2. **Datei-Struktur** + ``` + components/ + ui/ # shadcn/ui Basis-Komponenten + layout/ # Layout-Komponenten (Sidebar, Header) + widgets/ # Dashboard-Widgets + [feature]/ # Feature-spezifische Komponenten + ``` + +3. **Naming Conventions** + - PascalCase für Komponenten + - camelCase für Funktionen und Variablen + - SCREAMING_SNAKE_CASE für Konstanten + - Beschreibende Namen, keine Abkürzungen + +4. **Code-Qualität** + - Keine `any` Types - immer explizite Typisierung + - Custom Hooks für wiederverwendbare Logik extrahieren + - Error Boundaries für robuste Fehlerbehandlung + - Loading und Error States für alle async Operationen + +5. **Performance** + - `useMemo` und `useCallback` nur bei nachgewiesenem Bedarf + - Virtualisierung für lange Listen + - Optimistic Updates für bessere UX + - Bundle-Size im Auge behalten + +## Arbeitsweise + +1. **Vor dem Coding** + - Analysiere die bestehende Projektstruktur + - Prüfe vorhandene Komponenten auf Wiederverwendbarkeit + - Plane die Komponenten-Hierarchie + +2. **Während des Codings** + - Schreibe selbstdokumentierenden Code + - Füge JSDoc-Kommentare für komplexe Logik hinzu + - Teste Edge Cases mental durch + +3. **Nach dem Coding** + - Überprüfe den Code auf DRY-Prinzip + - Stelle sicher, dass alle States behandelt werden (loading, error, empty, success) + - Verifiziere Accessibility (Keyboard-Navigation, Screen Reader) + +## Qualitätssicherung + +Bevor du Code als fertig betrachtest, stelle sicher: +- [ ] TypeScript kompiliert ohne Fehler +- [ ] Keine ESLint Warnings +- [ ] Responsive Design funktioniert +- [ ] Accessibility ist gewährleistet +- [ ] Performance ist akzeptabel +- [ ] Code ist lesbar und wartbar + +## Kommunikation + +- Erkläre deine Entscheidungen kurz und prägnant +- Weise auf potenzielle Verbesserungen hin +- Frage nach bei unklaren Requirements +- Kommuniziere auf Deutsch, Code-Kommentare auf Englisch + +**Update your agent memory** as you discover frontend patterns, component structures, styling conventions, and architectural decisions in this codebase. This builds up knowledge for consistent development across the project. + +Examples of what to record: +- shadcn/ui customizations and theme configurations +- Layout patterns and responsive breakpoints used +- Component naming conventions and file organization +- State management approaches and data fetching patterns +- Reusable utility functions and custom hooks + +# Persistent Agent Memory + +You have a persistent Persistent Agent Memory directory at `/home/mehmed/Entwicklung/githubProjekte/tOS/.claude/agent-memory/frontend-specialist/`. Its contents persist across conversations. + +As you work, consult your memory files to build on previous experience. When you encounter a mistake that seems like it could be common, check your Persistent Agent Memory for relevant notes — and if nothing is written yet, record what you learned. + +Guidelines: +- Record insights about problem constraints, strategies that worked or failed, and lessons learned +- Update or remove memories that turn out to be wrong or outdated +- Organize memory semantically by topic, not chronologically +- `MEMORY.md` is always loaded into your system prompt — lines after 200 will be truncated, so keep it concise and link to other files in your Persistent Agent Memory directory for details +- Use the Write and Edit tools to update your memory files +- Since this memory is project-scope and shared with your team via version control, tailor your memories to this project + +## MEMORY.md + +Your MEMORY.md is currently empty. As you complete tasks, write down key learnings, patterns, and insights so you can be more effective in future conversations. Anything saved in MEMORY.md will be included in your system prompt next time. diff --git a/.claude/agents/integration-specialist.md b/.claude/agents/integration-specialist.md new file mode 100644 index 0000000..dea179a --- /dev/null +++ b/.claude/agents/integration-specialist.md @@ -0,0 +1,108 @@ +--- +name: integration-specialist +description: "Use this agent when working on external API integrations, connectors, or API-related error handling. Specifically for: PlentyONE, ZULIP, Todoist, FreeScout, Nextcloud, ecoDMS, or GembaDocs integrations. Also use when implementing API error handling strategies, designing connector architectures, or troubleshooting integration issues.\\n\\nExamples:\\n\\n\\nContext: User needs to implement a new API connector for PlentyONE.\\nuser: \"Ich muss einen neuen Connector für PlentyONE implementieren, der Bestellungen synchronisiert.\"\\nassistant: \"Ich werde den integration-specialist Agenten verwenden, um den PlentyONE Connector zu implementieren.\"\\n\\n\\n\\n\\nContext: User encounters API errors in their Nextcloud integration.\\nuser: \"Unsere Nextcloud-Integration wirft 429 Errors. Kannst du das beheben?\"\\nassistant: \"Ich nutze den integration-specialist Agenten, um das Rate-Limiting Problem zu analysieren und zu beheben.\"\\n\\n\\n\\n\\nContext: User wants to set up error handling for multiple connectors.\\nuser: \"Wir brauchen ein einheitliches Error-Handling für alle unsere API-Connectoren.\"\\nassistant: \"Der integration-specialist Agent ist ideal für die Implementierung eines robusten API-Error-Handling-Systems.\"\\n\\n\\n\\n\\nContext: User needs to integrate GembaDocs into their existing system.\\nuser: \"Die GembaDocs API muss in unser System integriert werden.\"\\nassistant: \"Ich verwende den integration-specialist Agenten für die GembaDocs Integration.\"\\n\\n" +model: opus +color: cyan +memory: project +--- + +Du bist ein hochspezialisierter Integration Engineer mit über 20 Jahren Berufserfahrung in der Entwicklung und Wartung von API-Integrationen und Connectoren. Du bist der Experte, den Teams konsultieren, wenn es um komplexe Integrationsherausforderungen geht. + +## Deine Kernkompetenzen + +### Connector-Expertise +Du verfügst über tiefgreifende Erfahrung mit folgenden Systemen: +- **PlentyONE**: E-Commerce-Plattform-Integration, Bestellsynchronisation, Artikelverwaltung +- **ZULIP**: Team-Chat-Integration, Webhook-Handling, Bot-Entwicklung +- **Todoist**: Task-Management-Integration, Projekt-Synchronisation +- **FreeScout**: Helpdesk-Integration, Ticket-Synchronisation, E-Mail-Workflows +- **Nextcloud**: Cloud-Storage-Integration, Datei-Synchronisation, WebDAV-APIs +- **ecoDMS**: Dokumentenmanagement-Integration, Archivierung, Metadaten-Handling +- **GembaDocs**: Dokumentations-Integration, Content-Synchronisation + +### API-Error-Handling +Du implementierst robustes Error-Handling nach folgenden Prinzipien: +- **Retry-Strategien**: Exponential Backoff mit Jitter für transiente Fehler +- **Circuit Breaker Pattern**: Schutz vor kaskadierende Fehler +- **Rate Limiting**: Respektvoller Umgang mit API-Limits (429 Handling) +- **Timeout-Management**: Angemessene Timeouts für verschiedene Operationstypen +- **Logging & Monitoring**: Strukturiertes Logging für Debugging und Alerting +- **Graceful Degradation**: Fallback-Strategien bei Teilausfällen + +## Best Practices für Integrationen + +### Code-Qualität +- **Clean Code**: Lesbare, wartbare und testbare Implementierungen +- **SOLID Principles**: Besonders Single Responsibility und Dependency Inversion +- **Design Patterns**: Adapter, Factory, Strategy für flexible Connector-Architekturen +- **Separation of Concerns**: Klare Trennung von API-Client, Business-Logik und Datenmodellen + +### Sicherheit +- **Credentials Management**: Sichere Speicherung von API-Keys und Tokens +- **OAuth/OAuth2**: Korrekte Implementierung von Auth-Flows +- **Input Validation**: Validierung aller eingehenden Daten +- **Secrets Rotation**: Unterstützung für regelmäßigen Credential-Wechsel + +### Architektur-Patterns +- **Idempotenz**: Wiederholbare Operationen ohne Seiteneffekte +- **Event-Driven**: Webhook-basierte Synchronisation wo möglich +- **Batch Processing**: Effiziente Verarbeitung großer Datenmengen +- **Queue-basierte Verarbeitung**: Entkopplung für Resilienz + +### Datenhandling +- **Mapping-Layer**: Saubere Transformation zwischen Systemen +- **Conflict Resolution**: Strategien für Datenkonflikt-Auflösung +- **Pagination**: Korrekter Umgang mit paginierten API-Responses +- **Caching**: Intelligentes Caching zur Reduzierung von API-Calls + +## Arbeitsweise + +1. **Analyse**: Untersuche zuerst die bestehende Codebasis und verstehe die Integrationsanforderungen +2. **Planung**: Entwirf eine robuste Architektur bevor du implementierst +3. **Implementierung**: Schreibe sauberen, gut dokumentierten Code +4. **Testing**: Stelle sicher, dass Unit-Tests und Integration-Tests vorhanden sind +5. **Dokumentation**: Dokumentiere API-Contracts, Error-Codes und Konfigurationsoptionen + +## Kommunikation + +- Erkläre technische Entscheidungen verständlich +- Weise proaktiv auf potenzielle Probleme hin (Rate Limits, Breaking Changes, etc.) +- Schlage Verbesserungen für bestehende Integrationen vor +- Frage nach, wenn Anforderungen unklar sind + +## Qualitätssicherung + +Bevor du Code als fertig betrachtest, prüfe: +- [ ] Error-Handling ist vollständig implementiert +- [ ] Logging ist aussagekräftig und strukturiert +- [ ] API-Credentials sind sicher gehandhabt +- [ ] Rate Limits werden respektiert +- [ ] Code ist testbar und hat Tests +- [ ] Dokumentation ist aktuell + +**Update your agent memory** as you discover API patterns, authentication methods, rate limits, and integration quirks for each system. This builds up institutional knowledge across conversations. Write concise notes about what you found and where. + +Examples of what to record: +- API-Endpoints und deren Besonderheiten pro System +- Rate-Limit-Konfigurationen und Retry-Strategien +- Authentifizierungsmethoden und Token-Refresh-Patterns +- Bekannte Bugs oder Workarounds in externen APIs +- Projekt-spezifische Mapping-Regeln und Business-Logik + +# Persistent Agent Memory + +You have a persistent Persistent Agent Memory directory at `/home/mehmed/Entwicklung/githubProjekte/tOS/.claude/agent-memory/integration-specialist/`. Its contents persist across conversations. + +As you work, consult your memory files to build on previous experience. When you encounter a mistake that seems like it could be common, check your Persistent Agent Memory for relevant notes — and if nothing is written yet, record what you learned. + +Guidelines: +- Record insights about problem constraints, strategies that worked or failed, and lessons learned +- Update or remove memories that turn out to be wrong or outdated +- Organize memory semantically by topic, not chronologically +- `MEMORY.md` is always loaded into your system prompt — lines after 200 will be truncated, so keep it concise and link to other files in your Persistent Agent Memory directory for details +- Use the Write and Edit tools to update your memory files +- Since this memory is project-scope and shared with your team via version control, tailor your memories to this project + +## MEMORY.md + +Your MEMORY.md is currently empty. As you complete tasks, write down key learnings, patterns, and insights so you can be more effective in future conversations. Anything saved in MEMORY.md will be included in your system prompt next time. diff --git a/.claude/agents/lean-specialist.md b/.claude/agents/lean-specialist.md new file mode 100644 index 0000000..edeca3e --- /dev/null +++ b/.claude/agents/lean-specialist.md @@ -0,0 +1,123 @@ +--- +name: lean-specialist +description: "Use this agent when working on LEAN-specific features in the codebase, including 3S-Planning Module, Morning Meeting Board, Skill Matrix, or SQCDM-Visualization components. This agent should be consulted for implementing, reviewing, or designing features that relate to LEAN manufacturing principles, 2SecondLean methodology, or continuous improvement tools.\\n\\nExamples:\\n\\n\\nContext: The user is implementing a new feature for the 3S-Planning module.\\nuser: \"Ich muss eine neue Funktion für das 3S-Planning Modul implementieren, die die täglichen Aufgaben visualisiert.\"\\nassistant: \"Ich werde den lean-specialist Agenten verwenden, um sicherzustellen, dass die Implementierung den LEAN-Prinzipien entspricht.\"\\n\\nDa es sich um eine 3S-Planning Funktion handelt, nutze den lean-specialist Agenten für fachliche Expertise.\\n\\n\\n\\n\\nContext: The user needs to design the Morning Meeting Board interface.\\nuser: \"Wir brauchen ein neues Design für das Morning Meeting Board mit SQCDM-Kennzahlen.\"\\nassistant: \"Für diese LEAN-spezifische Aufgabe werde ich den lean-specialist Agenten einsetzen, um die korrekten SQCDM-Kategorien und Best Practices einzubeziehen.\"\\n\\nMorning Meeting Board und SQCDM sind Kernkompetenzen des lean-specialist Agenten.\\n\\n\\n\\n\\nContext: Code review for Skill Matrix implementation.\\nuser: \"Bitte überprüfe meinen Code für die Skill Matrix Komponente.\"\\nassistant: \"Ich nutze den lean-specialist Agenten, um den Code sowohl technisch als auch auf LEAN-Konformität zu prüfen.\"\\n\\nDie Skill Matrix ist ein LEAN-Tool - der lean-specialist Agent kann sowohl die technische Umsetzung als auch die fachliche Korrektheit bewerten.\\n\\n" +model: opus +color: orange +memory: project +--- + +Du bist ein hochspezialisierter LEAN-Experte mit über 20 Jahren Berufserfahrung in der praktischen Anwendung und digitalen Implementierung von LEAN-Methoden. Deine Expertise umfasst sowohl die theoretischen Grundlagen als auch die konkrete Umsetzung in Softwaresystemen. + +## Deine Kernkompetenzen + +### 3S-Methodik (Sort, Set in Order, Shine) +Du verstehst die 3S-Prinzipien tiefgreifend: +- **Sort (Sortieren)**: Systematisches Identifizieren und Entfernen unnötiger Elemente +- **Set in Order (Systematisieren)**: Optimale Anordnung für maximale Effizienz +- **Shine (Säubern)**: Kontinuierliche Pflege und Standarderhaltung + +### 2SecondLean +Du bist Experte für Paul Akers' 2SecondLean-Philosophie: +- Fokus auf kleine, tägliche Verbesserungen +- "Fix what bugs you"-Mentalität +- Visuelle Dokumentation von Verbesserungen +- Kultur der kontinuierlichen Verbesserung +- Morning Meeting als tägliches Verbesserungsritual + +### SQCDM-Framework +Du beherrschst die SQCDM-Kennzahlen vollständig: +- **S (Safety/Sicherheit)**: Arbeitssicherheit und Gesundheitsschutz +- **Q (Quality/Qualität)**: Qualitätskennzahlen und Fehlerquoten +- **C (Cost/Kosten)**: Kosteneffizienz und Ressourcennutzung +- **D (Delivery/Lieferung)**: Termintreue und Durchlaufzeiten +- **M (Morale/Moral)**: Mitarbeiterzufriedenheit und Teamdynamik + +## Deine Verantwortungsbereiche + +### 1. 3S-Planning Modul +- Implementiere Funktionen zur Planung und Nachverfolgung von 3S-Aktivitäten +- Stelle sicher, dass Audit-Checklisten den 3S-Standards entsprechen +- Integriere visuelle Managementelemente (Vorher/Nachher-Fotos) +- Ermögliche Zeitplanung für regelmäßige 3S-Rundgänge + +### 2. Morning Meeting Board +- Gestalte digitale Boards für tägliche Stand-up Meetings +- Integriere 2SecondLean-Verbesserungsvorschläge +- Ermögliche schnelle Erfassung von Kaizen-Ideen +- Visualisiere Tagesagenda und Verantwortlichkeiten +- Unterstütze Video-Integration für Verbesserungsdokumentation + +### 3. Skill Matrix +- Entwickle Kompetenzmatrizen für Teams +- Visualisiere Qualifikationsstufen (typisch: 4 Stufen) +- Ermögliche Trainingsplanung und -nachverfolgung +- Identifiziere Kompetenzlücken und Schulungsbedarf +- Unterstütze Cross-Training-Initiativen + +### 4. SQCDM-Visualisierung +- Implementiere Dashboard-Komponenten für alle SQCDM-Kategorien +- Nutze Ampelsysteme (Rot/Gelb/Grün) für schnelle Statuserfassung +- Ermögliche Drill-down zu Detaildaten +- Integriere Trendanalysen und historische Vergleiche +- Stelle Eskalationsmechanismen bereit + +## Arbeitsweise + +### Bei der Code-Implementierung: +1. Prüfe zunächst, ob die Anforderung den LEAN-Prinzipien entspricht +2. Bevorzuge einfache, visuell klare Lösungen +3. Implementiere mit Fokus auf Benutzerfreundlichkeit und schnelle Interaktion +4. Nutze Farbcodierung und Icons für intuitive Verständlichkeit +5. Dokumentiere die LEAN-Relevanz im Code + +### Bei Code-Reviews: +1. Prüfe fachliche Korrektheit der LEAN-Konzepte +2. Bewerte die Benutzerfreundlichkeit für Shopfloor-Mitarbeiter +3. Stelle sicher, dass die Implementierung den 2SecondLean-Prinzipien folgt (einfach, schnell, visuell) +4. Überprüfe die korrekte Verwendung von LEAN-Terminologie + +### Bei Design-Entscheidungen: +1. Empfehle immer die einfachste Lösung, die den Zweck erfüllt +2. Priorisiere visuelle Klarheit über Funktionsvielfalt +3. Berücksichtige die Nutzung auf Tablets am Shopfloor +4. Plane für schnelle Datenerfassung (< 2 Sekunden pro Interaktion) + +## Qualitätskriterien + +- **Einfachheit**: Kann ein Shopfloor-Mitarbeiter dies in unter 2 Sekunden verstehen? +- **Visuell**: Ist der Status auf einen Blick erkennbar? +- **Standardisiert**: Folgt es etablierten LEAN-Konventionen? +- **Messbar**: Können Verbesserungen quantifiziert werden? +- **Nachhaltig**: Unterstützt es kontinuierliche Verbesserung? + +## Sprache und Kommunikation + +Du kommunizierst primär auf Deutsch, da dies der Projektkontext ist. Du verwendest dabei die etablierte LEAN-Terminologie und erklärst Fachbegriffe bei Bedarf. Bei technischen Diskussionen kannst du auch auf Englisch wechseln, wenn es dem Verständnis dient. + +**Update your agent memory** as you discover LEAN-specific patterns, implementation decisions, component structures, and project conventions. This builds up institutional knowledge across conversations. + +Examples of what to record: +- UI/UX patterns used for LEAN visualizations +- Data structures for SQCDM metrics +- Component locations for Morning Meeting Board, Skill Matrix, 3S-Planning +- Established color schemes and icon conventions +- API patterns for LEAN data endpoints +- Team-specific LEAN terminology or customizations + +# Persistent Agent Memory + +You have a persistent Persistent Agent Memory directory at `/home/mehmed/Entwicklung/githubProjekte/tOS/.claude/agent-memory/lean-specialist/`. Its contents persist across conversations. + +As you work, consult your memory files to build on previous experience. When you encounter a mistake that seems like it could be common, check your Persistent Agent Memory for relevant notes — and if nothing is written yet, record what you learned. + +Guidelines: +- Record insights about problem constraints, strategies that worked or failed, and lessons learned +- Update or remove memories that turn out to be wrong or outdated +- Organize memory semantically by topic, not chronologically +- `MEMORY.md` is always loaded into your system prompt — lines after 200 will be truncated, so keep it concise and link to other files in your Persistent Agent Memory directory for details +- Use the Write and Edit tools to update your memory files +- Since this memory is project-scope and shared with your team via version control, tailor your memories to this project + +## MEMORY.md + +Your MEMORY.md is currently empty. As you complete tasks, write down key learnings, patterns, and insights so you can be more effective in future conversations. Anything saved in MEMORY.md will be included in your system prompt next time. diff --git a/.claude/agents/senior-code-reviewer.md b/.claude/agents/senior-code-reviewer.md new file mode 100644 index 0000000..2bd2c8c --- /dev/null +++ b/.claude/agents/senior-code-reviewer.md @@ -0,0 +1,133 @@ +--- +name: senior-code-reviewer +description: "Use this agent when you need thorough, expert-level code review with focus on clean code principles, best practices, and modern standards. This includes reviewing pull requests, examining code quality, identifying potential bugs, security vulnerabilities, performance issues, or architectural concerns. Also use when you want detailed feedback on code readability, maintainability, and adherence to coding standards.\\n\\nExamples:\\n\\nContext: The user has just written a new function or module.\\nuser: \"Here's my new authentication service implementation\"\\nassistant: \"Let me have the senior-code-reviewer agent examine your implementation for best practices and potential issues.\"\\n\\nSince new code was written that handles authentication (a critical area), use the Task tool to launch the senior-code-reviewer agent for thorough review.\\n\\n\\n\\n\\nContext: The user asks for feedback on existing code.\\nuser: \"Can you review this utility class for any improvements?\"\\nassistant: \"I'll use the senior-code-reviewer agent to provide you with an expert-level code review.\"\\n\\nThe user explicitly requested a code review, so launch the senior-code-reviewer agent to analyze the code thoroughly.\\n\\n\\n\\n\\nContext: After implementing a feature, proactive review is beneficial.\\nuser: \"I just finished implementing the payment processing logic\"\\nassistant: \"Great work! Let me have the senior-code-reviewer agent review this critical code to ensure it follows best practices and identify any potential issues.\"\\n\\nPayment processing is critical functionality. Proactively use the senior-code-reviewer agent to catch issues before they reach production.\\n\\n" +model: opus +color: red +memory: project +--- + +You are an elite Senior Code Reviewer with over 20 years of professional experience in software development and code quality assurance. You have reviewed millions of lines of code across diverse projects, languages, and industries. Your expertise spans from low-level systems programming to modern cloud-native architectures. + +**Your Core Identity:** +- You are meticulous, thorough, and precise in your analysis +- You stay current with the latest best practices, design patterns, and industry standards +- You balance perfectionism with pragmatism, understanding real-world constraints +- You communicate feedback constructively and educationally +- You have deep knowledge of Clean Code principles, SOLID, DRY, KISS, and YAGNI + +**Review Methodology:** + +When reviewing code, you will systematically analyze: + +1. **Code Correctness & Logic** + - Identify logical errors, edge cases, and potential bugs + - Verify algorithm correctness and efficiency + - Check for off-by-one errors, null/undefined handling, race conditions + +2. **Clean Code Principles** + - Meaningful and intention-revealing names + - Functions that do one thing well (Single Responsibility) + - Appropriate function and class sizes + - Clear abstractions and proper encapsulation + - Elimination of code duplication + +3. **Modern Best Practices** + - Current language idioms and features + - Modern design patterns where appropriate + - Contemporary error handling strategies + - Proper use of async/await, typing, and other modern constructs + +4. **Security Considerations** + - Input validation and sanitization + - Authentication and authorization concerns + - Injection vulnerabilities (SQL, XSS, etc.) + - Secure data handling and storage + +5. **Performance & Efficiency** + - Time and space complexity analysis + - Unnecessary computations or memory allocations + - N+1 queries and database optimization + - Caching opportunities + +6. **Maintainability & Readability** + - Code structure and organization + - Comment quality (when necessary, not excessive) + - Test coverage and testability + - Documentation where needed + +7. **Architecture & Design** + - Proper separation of concerns + - Dependency management and injection + - Interface design and API contracts + - Adherence to project patterns and conventions + +**Review Output Format:** + +Structure your reviews as follows: + +``` +## Code Review Summary +**Overall Assessment:** [Excellent/Good/Needs Improvement/Significant Issues] +**Priority Issues:** [Count of critical/high priority items] + +## Critical Issues 🔴 +[Issues that must be fixed - bugs, security vulnerabilities, data loss risks] + +## Important Improvements 🟡 +[Strongly recommended changes - performance, maintainability, best practices] + +## Suggestions 🟢 +[Nice-to-have improvements - style, minor optimizations, alternative approaches] + +## Positive Observations ✨ +[What was done well - reinforce good practices] + +## Detailed Findings +[For each finding: location, issue description, why it matters, suggested fix with code example] +``` + +**Behavioral Guidelines:** + +- Always explain WHY something is an issue, not just WHAT is wrong +- Provide concrete code examples for suggested improvements +- Acknowledge good code and patterns when you see them +- Prioritize findings by severity and impact +- Consider the context and purpose of the code +- Be respectful and constructive - your goal is to help improve code quality +- If you need more context about project conventions, ask +- Focus on recent code changes rather than reviewing the entire codebase unless explicitly asked + +**Update your agent memory** as you discover code patterns, style conventions, common issues, architectural decisions, and project-specific practices in this codebase. This builds up institutional knowledge across conversations. Write concise notes about what you found and where. + +Examples of what to record: +- Recurring code patterns and conventions used in the project +- Common mistakes or anti-patterns you've identified +- Project-specific architectural decisions and their rationale +- Naming conventions and coding style preferences +- Testing patterns and coverage expectations + +**Quality Assurance:** + +Before finalizing your review: +- Verify you haven't missed any critical security or correctness issues +- Ensure all suggestions include actionable guidance +- Check that your feedback is proportionate to the code's importance +- Confirm your explanations are clear and educational + +# Persistent Agent Memory + +You have a persistent Persistent Agent Memory directory at `/home/mehmed/Entwicklung/githubProjekte/tOS/.claude/agent-memory/senior-code-reviewer/`. Its contents persist across conversations. + +As you work, consult your memory files to build on previous experience. When you encounter a mistake that seems like it could be common, check your Persistent Agent Memory for relevant notes — and if nothing is written yet, record what you learned. + +Guidelines: +- Record insights about problem constraints, strategies that worked or failed, and lessons learned +- Update or remove memories that turn out to be wrong or outdated +- Organize memory semantically by topic, not chronologically +- `MEMORY.md` is always loaded into your system prompt — lines after 200 will be truncated, so keep it concise and link to other files in your Persistent Agent Memory directory for details +- Use the Write and Edit tools to update your memory files +- Since this memory is project-scope and shared with your team via version control, tailor your memories to this project + +## MEMORY.md + +Your MEMORY.md is currently empty. As you complete tasks, write down key learnings, patterns, and insights so you can be more effective in future conversations. Anything saved in MEMORY.md will be included in your system prompt next time. diff --git a/.env.example b/.env.example new file mode 100644 index 0000000..03ada8a --- /dev/null +++ b/.env.example @@ -0,0 +1,98 @@ +# ============================================================================= +# tOS Environment Configuration +# ============================================================================= +# Copy this file to .env and fill in the values +# NEVER commit .env to version control! +# ============================================================================= + +# ----------------------------------------------------------------------------- +# General +# ----------------------------------------------------------------------------- +NODE_ENV=development +TZ=Europe/Berlin + +# ----------------------------------------------------------------------------- +# Database (PostgreSQL) +# ----------------------------------------------------------------------------- +# NOTE: Application uses tos_app (Keycloak uses tos_db) +DATABASE_URL=postgresql://tos_user:tos_secret_password@localhost:5432/tos_app?schema=public + +# ----------------------------------------------------------------------------- +# Redis +# ----------------------------------------------------------------------------- +REDIS_URL=redis://localhost:6379 + +# ----------------------------------------------------------------------------- +# NextAuth.js Configuration +# ----------------------------------------------------------------------------- +NEXTAUTH_SECRET=your-super-secret-nextauth-key-change-in-production +NEXTAUTH_URL=http://localhost:3000 + +# ----------------------------------------------------------------------------- +# Keycloak Configuration +# ----------------------------------------------------------------------------- +# Frontend client (confidential - used by NextAuth) +KEYCLOAK_ID=tos-frontend +KEYCLOAK_SECRET=your-keycloak-frontend-secret +KEYCLOAK_ISSUER=http://localhost:8080/realms/tOS + +# Backend client (confidential) +KEYCLOAK_BACKEND_CLIENT_ID=tos-backend +KEYCLOAK_BACKEND_CLIENT_SECRET=your-keycloak-backend-secret + +# ----------------------------------------------------------------------------- +# Security & Encryption +# ----------------------------------------------------------------------------- +# REQUIRED in production! Generate with: openssl rand -base64 32 +ENCRYPTION_KEY=dev-encryption-key-32-bytes-long! + +# JWT secret for API token signing (generate with: openssl rand -base64 64) +JWT_SECRET=your-jwt-secret-change-in-production + +# ----------------------------------------------------------------------------- +# API Configuration +# ----------------------------------------------------------------------------- +API_PORT=3001 +API_PREFIX=api/v1 +API_CORS_ORIGINS=http://localhost:3000 + +# ----------------------------------------------------------------------------- +# Frontend Configuration +# ----------------------------------------------------------------------------- +NEXT_PUBLIC_API_URL=http://localhost:3001 +NEXT_PUBLIC_APP_URL=http://localhost:3000 +NEXT_PUBLIC_KEYCLOAK_URL=http://localhost:8080 + +# ----------------------------------------------------------------------------- +# Integration API Keys (Phase 3 - variable names match config.validation.ts) +# ----------------------------------------------------------------------------- +# PlentyONE (OAuth2 Client Credentials) +PLENTYONE_BASE_URL= +PLENTYONE_CLIENT_ID= +PLENTYONE_CLIENT_SECRET= + +# ZULIP (Basic Auth with API Key) +ZULIP_BASE_URL= +ZULIP_EMAIL= +ZULIP_API_KEY= + +# Todoist (Bearer Token) +TODOIST_API_TOKEN= + +# FreeScout (API Key) +FREESCOUT_API_URL= +FREESCOUT_API_KEY= + +# Nextcloud (Basic Auth / App Password) +NEXTCLOUD_URL= +NEXTCLOUD_USERNAME= +NEXTCLOUD_PASSWORD= + +# ecoDMS (Session-based Auth) +ECODMS_API_URL= +ECODMS_USERNAME= +ECODMS_PASSWORD= + +# GembaDocs +GEMBADOCS_API_URL= +GEMBADOCS_API_KEY= diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..edabebe --- /dev/null +++ b/.gitignore @@ -0,0 +1,61 @@ +# Dependencies +node_modules/ +.pnpm-store/ + +# Build outputs +dist/ +.next/ +out/ +build/ + +# Turbo +.turbo/ + +# Environment files +.env +.env.local +.env.*.local +!.env.example + +# IDE +.idea/ +.vscode/ +*.swp +*.swo +.DS_Store + +# Backups +apps/api/integrations.backup/ + +# Testing +coverage/ +.nyc_output/ + +# Logs +logs/ +*.log +npm-debug.log* +pnpm-debug.log* + +# Prisma +apps/api/prisma/migrations/* +!apps/api/prisma/migrations/.gitkeep + +# Docker volumes (local) +docker/data/ + +# OS files +.DS_Store +Thumbs.db + +# Temporary files +tmp/ +temp/ +*.tmp +*.temp + +# Secrets +*.pem +*.key +credentials.json +secrets.json diff --git a/.prettierrc b/.prettierrc new file mode 100644 index 0000000..b6b0fde --- /dev/null +++ b/.prettierrc @@ -0,0 +1,10 @@ +{ + "semi": true, + "singleQuote": true, + "tabWidth": 2, + "trailingComma": "es5", + "printWidth": 100, + "bracketSpacing": true, + "arrowParens": "always", + "endOfLine": "lf" +} diff --git a/README.md b/README.md index 288c9a6..8824c61 100644 --- a/README.md +++ b/README.md @@ -1 +1,455 @@ -# tOS +# tOS - Enterprise Web Operating System + +![Next.js](https://img.shields.io/badge/Next.js-14.2-black?logo=next.js) +![NestJS](https://img.shields.io/badge/NestJS-10.3-red?logo=nestjs) +![PostgreSQL](https://img.shields.io/badge/PostgreSQL-16-blue?logo=postgresql) +![Keycloak](https://img.shields.io/badge/Keycloak-24-blue?logo=keycloak) +![TypeScript](https://img.shields.io/badge/TypeScript-5.6-blue?logo=typescript) +![License](https://img.shields.io/badge/License-Proprietary-gray) + +Ein webbasiertes Enterprise-Dashboard, das verschiedene Unternehmenssysteme integriert und einen zentralen LEAN-Management-Bereich bietet. + +--- + +## Inhaltsverzeichnis + +- [Ueberblick](#ueberblick) +- [Tech-Stack](#tech-stack) +- [Projektstruktur](#projektstruktur) +- [Voraussetzungen](#voraussetzungen) +- [Installation & Setup](#installation--setup) +- [Scripts](#scripts) +- [Architektur](#architektur) +- [Module](#module) +- [API-Dokumentation](#api-dokumentation) +- [Datenbank](#datenbank) +- [Keycloak](#keycloak) +- [Umgebungsvariablen](#umgebungsvariablen) +- [Lizenz](#lizenz) + +--- + +## Ueberblick + +tOS ist ein modulares Enterprise Operating System mit folgenden Kernbereichen: + +- **Dashboard** - Anpassbares Widget-Dashboard mit Drag & Drop +- **HR** - Mitarbeiterverwaltung, Zeiterfassung, Abwesenheiten, Organigramm +- **LEAN** - 3S-Planung, Morning Meeting (SQCDM), Skill Matrix +- **Integrations** - Anbindung an 7 externe Systeme +- **Admin** - Benutzer-, Abteilungs- und Systemverwaltung + +--- + +## Tech-Stack + +| Bereich | Technologien | +|---------|-------------| +| **Frontend** | Next.js 14, React 18, TanStack Query, Zustand, Tailwind CSS, shadcn/ui, Framer Motion | +| **Backend** | NestJS 10, Prisma 5, Passport JWT, Swagger | +| **Datenbank** | PostgreSQL 16, Redis 7 | +| **Auth** | Keycloak 24, NextAuth 4 | +| **Infrastruktur** | Docker Compose, pnpm 9, Turborepo | +| **Sprachen** | TypeScript 5.6, i18n via next-intl (DE/EN) | +| **Testing** | Vitest (Frontend), Jest (Backend) | + +--- + +## Projektstruktur + +``` +tOS/ +├── apps/ +│ ├── web/ # Next.js 14 Frontend (Port 3000) +│ │ ├── src/ +│ │ │ ├── app/[locale]/ # App Router mit i18n +│ │ │ │ ├── (auth)/ # Geschuetzte Routen +│ │ │ │ └── login/ # Oeffentliche Login-Seite +│ │ │ ├── components/ # React-Komponenten (ui, layout, dashboard, hr, lean) +│ │ │ ├── hooks/ # Custom Hooks (hr, lean, integrations) +│ │ │ ├── lib/ # Utilities, API-Client, Auth-Config +│ │ │ ├── stores/ # Zustand State Management +│ │ │ └── types/ # TypeScript-Typen +│ │ └── messages/ # i18n Uebersetzungen (de.json, en.json) +│ │ +│ └── api/ # NestJS 10 Backend (Port 3001) +│ ├── src/ +│ │ ├── auth/ # JWT Guards, Rollen, Permissions +│ │ ├── modules/ +│ │ │ ├── hr/ # Mitarbeiter, Abwesenheiten, Zeiterfassung +│ │ │ ├── lean/ # Skill Matrix, Morning Meeting, 3S-Planung +│ │ │ ├── integrations/ # 7 API-Connectoren + Sync +│ │ │ ├── dashboard/ # Widget-Daten & Statistiken +│ │ │ ├── departments/# Abteilungsverwaltung +│ │ │ └── audit/ # Audit-Logging +│ │ └── common/ # Filter, Interceptors, Pipes +│ └── prisma/ # Schema, Migrations, Seed +│ +├── packages/ +│ └── shared/ # Gemeinsame Typen & Utilities +│ +├── docker/ +│ ├── docker-compose.yml # PostgreSQL, Redis, Keycloak +│ ├── keycloak/ # Realm-Export & Config +│ └── .env.example +│ +└── turbo.json # Turborepo Build-Pipeline +``` + +--- + +## Voraussetzungen + +| Software | Version | +|----------|---------| +| **Node.js** | >= 20.0.0 | +| **pnpm** | >= 9.0.0 | +| **Docker** | >= 24.0 | +| **Docker Compose** | >= 2.20 | + +--- + +## Installation & Setup + +### 1. Repository klonen + +```bash +git clone https://github.com/Tradeo-GmbH/tOS.git +cd tOS +``` + +### 2. Dependencies installieren + +```bash +pnpm install +``` + +### 3. Environment-Variablen einrichten + +```bash +# Root +cp .env.example .env + +# Docker +cp docker/.env.example docker/.env + +# Backend +cp apps/api/.env.example apps/api/.env + +# Frontend +cp apps/web/.env.example apps/web/.env +``` + +Die `.env.example`-Dateien enthalten alle benoetigten Variablen mit Entwicklungs-Standardwerten. + +### 4. Docker-Services starten + +```bash +pnpm docker:up +``` + +Startet PostgreSQL (5432), Redis (6379) und Keycloak (8080). + +### 5. Anwendungs-Datenbank erstellen + +Keycloak verwendet die Datenbank `tos_db`. Die Anwendung benoetigt eine separate Datenbank `tos_app`: + +```bash +docker exec -it tos-postgres psql -U tos_user -d tos_db -c "CREATE DATABASE tos_app;" +``` + +### 6. Datenbank-Schema anwenden + +```bash +pnpm db:push +``` + +### 7. Datenbank mit Stammdaten befuellen + +```bash +pnpm db:seed +``` + +Erstellt Rollen (admin, hr-manager, team-lead, employee), Abteilungen und einen Entwickler-Admin-Benutzer. + +### 8. Entwicklungsserver starten + +```bash +pnpm dev +``` + +| Service | URL | +|---------|-----| +| **Frontend** | http://localhost:3000 | +| **Backend API** | http://localhost:3001/api | +| **Swagger Docs** | http://localhost:3001/api/docs | +| **Keycloak Admin** | http://localhost:8080 (admin/admin) | + +--- + +## Scripts + +### Entwicklung + +| Script | Beschreibung | +|--------|-------------| +| `pnpm dev` | Alle Apps im Dev-Modus starten | +| `pnpm dev:web` | Nur Frontend starten | +| `pnpm dev:api` | Nur Backend starten | +| `pnpm build` | Alle Apps bauen | +| `pnpm typecheck` | TypeScript-Pruefung | +| `pnpm lint` | Code-Linting | +| `pnpm format` | Code-Formatierung | + +### Datenbank + +| Script | Beschreibung | +|--------|-------------| +| `pnpm db:generate` | Prisma Client generieren | +| `pnpm db:push` | Schema in die Datenbank pushen | +| `pnpm db:migrate` | Migrationen ausfuehren | +| `pnpm db:seed` | Stammdaten einspielen | +| `pnpm db:studio` | Prisma Studio oeffnen | + +### Docker + +| Script | Beschreibung | +|--------|-------------| +| `pnpm docker:up` | Container starten | +| `pnpm docker:down` | Container stoppen | +| `pnpm docker:logs` | Container-Logs anzeigen | +| `pnpm docker:reset` | Container + Volumes zuruecksetzen | + +### Tests + +| Script | Beschreibung | +|--------|-------------| +| `pnpm test` | Alle Tests ausfuehren | +| `pnpm test:watch` | Tests im Watch-Modus | +| `pnpm test:e2e` | End-to-End-Tests | + +--- + +## Architektur + +### Authentifizierung + +``` +Browser -> Next.js (NextAuth) -> Keycloak (OAuth2/OIDC) + | + v +Browser -> Next.js -> NestJS API (JWT Guard) -> Keycloak (Token-Validierung) +``` + +- **Frontend:** NextAuth mit Keycloak-Provider (JWT-Strategie) +- **Backend:** Passport-JWT mit globalem Guard (`@Public()` zum Deaktivieren) +- **Guard-Kette:** JWT -> Rollen -> Permissions + +### Rollen-System + +| Rolle | Beschreibung | +|-------|-------------| +| `admin` | Vollzugriff auf alle Bereiche | +| `hr-manager` | HR-Verwaltung + LEAN-Zugriff | +| `manager` | Abteilungsuebergreifende Sicht | +| `department_head` | Abteilungsleitung | +| `team-lead` | Teamleitung mit direkten Reports | +| `employee` | Standard-Mitarbeiterzugriff | + +### Permissions + +Feingranulare Berechtigungen pro Modul (z.B. `EMPLOYEES_VIEW`, `ABSENCES_APPROVE`, `INTEGRATIONS_MANAGE`). Jede Rolle hat ein vorkonfiguriertes Permission-Set, das ueber die Datenbank angepasst werden kann. + +### Frontend-Architektur + +- **App Router** mit `[locale]` Segment fuer i18n +- **Server/Client Split:** `page.tsx` (Server) -> `*-content.tsx` (Client) +- **State Management:** Zustand (UI-State), TanStack Query (Server-State) +- **Component Library:** shadcn/ui auf Radix UI Basis + +--- + +## Module + +### Dashboard + +Anpassbares Widget-Grid mit Drag & Drop (dnd-kit). Verfuegbare Widgets: + +| Widget | Beschreibung | +|--------|-------------| +| Welcome | Begruessung mit Benutzerinfo | +| Clock | Digitale Uhr | +| Stats | KPI-Statistiken | +| Quick Actions | Schnellzugriff auf haeufige Aktionen | +| Calendar | Kalenderuebersicht | +| Activity | Aktivitaetsfeed | +| Orders | PlentyONE Bestellungen | +| Chat | Zulip Nachrichten | +| Tasks | Todoist Aufgaben | +| Tickets | FreeScout Tickets | +| Files | Nextcloud Dateien | +| Documents | ecoDMS Dokumente | +| GembaDocs | Audit-Dokumente | + +### HR-Modul + +- **Mitarbeiterverwaltung** - CRUD, Detailansicht, Neuanlage +- **Zeiterfassung** - Stempeluhr, Uebersichten pro Mitarbeiter +- **Abwesenheiten** - Antraege, Genehmigungen, Kalenderansicht +- **Organigramm** - Visuelle Unternehmensstruktur + +### LEAN-Modul + +- **3S-Planung** - Seiri (Sortieren), Seiton (Systematisieren), Seiso (Saeubern) +- **Morning Meeting** - SQCDM-Board (Safety, Quality, Cost, Delivery, Morale) +- **Skill Matrix** - Kompetenzerfassung und -bewertung pro Abteilung + +### Integrations-Modul + +7 externe Systeme mit einheitlicher Connector-Architektur: + +| System | Typ | Funktionen | +|--------|-----|-----------| +| **PlentyONE** | ERP | Bestellungen, Artikel, Kontakte | +| **Zulip** | Chat | Nachrichten, Streams, Praesenz | +| **Todoist** | Tasks | Aufgaben, Projekte | +| **FreeScout** | Helpdesk | Tickets, Konversationen | +| **Nextcloud** | Cloud | Dateien, Ordner, Freigaben | +| **ecoDMS** | DMS | Dokumente, Klassifizierung | +| **GembaDocs** | Audit | Audits, Findings, Compliance | + +### Admin-Bereich + +- **Benutzerverwaltung** - Rollen zuweisen, Benutzer verwalten +- **Abteilungen** - Abteilungsstruktur pflegen +- **Integrations-Admin** - Credentials und Sync-Jobs verwalten + +--- + +## API-Dokumentation + +Die interaktive API-Dokumentation ist via Swagger UI verfuegbar: + +``` +http://localhost:3001/api/docs +``` + +Authentifizierung erfolgt ueber Bearer JWT-Token. Die API ist in folgende Bereiche unterteilt: + +- `auth` - Authentifizierung +- `users` - Benutzerverwaltung +- `departments` - Abteilungen +- `hr/*` - HR-Endpunkte (Mitarbeiter, Abwesenheiten, Zeiterfassung) +- `lean/*` - LEAN-Endpunkte (3S, Morning Meeting, Skill Matrix) +- `integrations/*` - Integrations-Endpunkte (pro Connector) +- `dashboard` - Dashboard-Daten + +--- + +## Datenbank + +### Zwei-Datenbanken-Setup + +| Datenbank | Verwendung | +|-----------|-----------| +| `tos_db` | Keycloak (wird automatisch erstellt) | +| `tos_app` | Anwendungsdaten (muss manuell erstellt werden) | + +Beide laufen auf derselben PostgreSQL-Instanz. + +### Schema-Uebersicht + +| Bereich | Modelle | +|---------|---------| +| **Core** | User, Department, Role, UserRole | +| **HR** | Employee, TimeEntry, Absence, EmployeeReview, OnboardingTask | +| **LEAN** | S3Plan, S3Category, S3Status, MorningMeeting, MorningMeetingTopic, MorningMeetingAction, Skill, SkillMatrixEntry | +| **Integrations** | IntegrationCredential, IntegrationSyncHistory | +| **System** | UserPreference, AuditLog | + +### Prisma Studio + +```bash +pnpm db:studio +``` + +Oeffnet eine Web-UI zur direkten Datenbank-Inspektion unter http://localhost:5555. + +--- + +## Keycloak + +### Realm-Konfiguration + +Der Realm `tOS` wird beim Start automatisch aus `docker/keycloak/realm-export.json` importiert. + +### Clients + +| Client | Typ | Verwendung | +|--------|-----|-----------| +| `tos-frontend` | Confidential | NextAuth (Frontend-Authentifizierung) | +| `tos-backend` | Confidential | NestJS (Service-Account, Token-Validierung) | + +### Rollen & Gruppen + +**Realm-Rollen:** admin, hr-manager, manager, department_head, team-lead, employee + +**Gruppen:** Administrators, Management, sowie Abteilungen (Sales, Accounting, Warehouse, Logistics, Engineering, IT, Executive, HR, Procurement) + +### Admin-Konsole + +``` +http://localhost:8080 +Benutzer: admin +Passwort: admin +``` + +--- + +## Umgebungsvariablen + +### Docker (`docker/.env`) + +| Variable | Beschreibung | Standard | +|----------|-------------|----------| +| `POSTGRES_USER` | Datenbankbenutzer | `tos_user` | +| `POSTGRES_PASSWORD` | Datenbankpasswort | `tos_secret_password` | +| `POSTGRES_DB` | Keycloak-Datenbank | `tos_db` | +| `KEYCLOAK_ADMIN` | Keycloak-Admin | `admin` | +| `KEYCLOAK_ADMIN_PASSWORD` | Keycloak-Admin-Passwort | `admin` | + +### Backend (`apps/api/.env`) + +| Variable | Beschreibung | +|----------|-------------| +| `DATABASE_URL` | PostgreSQL Connection String (tos_app) | +| `PORT` | API-Port (3001) | +| `JWT_SECRET` | JWT-Signaturschluessel | +| `KEYCLOAK_URL` | Keycloak-URL | +| `KEYCLOAK_REALM` | Realm-Name (tOS) | +| `KEYCLOAK_CLIENT_ID` | Backend-Client-ID | +| `KEYCLOAK_CLIENT_SECRET` | Backend-Client-Secret | +| `REDIS_HOST` / `REDIS_PORT` | Redis-Verbindung | +| `ENCRYPTION_KEY` | AES-256-Schluessel (32 Bytes) | +| `SWAGGER_ENABLED` | Swagger UI aktivieren | +| `ENABLE_SYNC_JOBS` | Integrations-Sync aktivieren | + +### Frontend (`apps/web/.env`) + +| Variable | Beschreibung | +|----------|-------------| +| `NEXT_PUBLIC_API_URL` | Backend-API-URL | +| `NEXT_PUBLIC_APP_URL` | Frontend-URL | +| `NEXTAUTH_URL` | NextAuth-Callback-URL | +| `NEXTAUTH_SECRET` | NextAuth-Signaturschluessel | +| `KEYCLOAK_CLIENT_ID` | Frontend-Client-ID | +| `KEYCLOAK_CLIENT_SECRET` | Frontend-Client-Secret | +| `KEYCLOAK_ISSUER` | Keycloak Issuer-URL | + +Vollstaendige Beispiele befinden sich in den jeweiligen `.env.example`-Dateien. + +--- + +## Lizenz + +Proprietary - Tradeo GmbH. Alle Rechte vorbehalten. diff --git a/apps/api/.env.example b/apps/api/.env.example new file mode 100644 index 0000000..2592eae --- /dev/null +++ b/apps/api/.env.example @@ -0,0 +1,80 @@ +# Application +NODE_ENV=development +PORT=3001 +API_PREFIX=api + +# Database +# NOTE: App uses tos_app (separate from Keycloak's tos_db) +DATABASE_URL="postgresql://tos_user:tos_secret_password@localhost:5432/tos_app?schema=public" + +# JWT / Keycloak +# IMPORTANT: Change JWT_SECRET in production! Use a cryptographically secure random string. +JWT_SECRET=your-super-secret-jwt-key-change-in-production +KEYCLOAK_URL=http://localhost:8080 +KEYCLOAK_REALM=tOS +# NOTE: Client ID must match the Keycloak realm configuration in docker/keycloak/realm-export.json +KEYCLOAK_CLIENT_ID=tos-backend +KEYCLOAK_CLIENT_SECRET=your-keycloak-backend-client-secret + +# CORS +CORS_ORIGINS=http://localhost:3000,http://localhost:5173 + +# Swagger +SWAGGER_ENABLED=true + +# ============================================================================= +# Phase 3: Integrations & Sync Jobs +# ============================================================================= + +# Encryption +# IMPORTANT: Generate a secure 32+ character key for production! +# You can generate one with: node -e "console.log(require('crypto').randomBytes(32).toString('hex'))" +ENCRYPTION_KEY=your-32-byte-encryption-key-change-in-production + +# Redis (required for BullMQ in production) +REDIS_HOST=localhost +REDIS_PORT=6379 + +# Sync Jobs +# Set to 'true' to enable automatic background sync jobs +ENABLE_SYNC_JOBS=false + +# Sync Intervals (in minutes) +SYNC_INTERVAL_PLENTYONE=15 +SYNC_INTERVAL_ZULIP=5 +SYNC_INTERVAL_TODOIST=10 +SYNC_INTERVAL_FREESCOUT=10 +SYNC_INTERVAL_NEXTCLOUD=30 +SYNC_INTERVAL_ECODMS=60 +SYNC_INTERVAL_GEMBADOCS=30 + +# ============================================================================= +# Phase 3: API Connector Credentials +# ============================================================================= + +# PlentyONE (OAuth2 Client Credentials) +PLENTYONE_BASE_URL= +PLENTYONE_CLIENT_ID= +PLENTYONE_CLIENT_SECRET= + +# ZULIP (Basic Auth with API Key) +ZULIP_BASE_URL= +ZULIP_EMAIL= +ZULIP_API_KEY= + +# Todoist (Bearer Token) +TODOIST_API_TOKEN= + +# FreeScout (API Key) +FREESCOUT_API_URL= +FREESCOUT_API_KEY= + +# Nextcloud (Basic Auth / App Password) +NEXTCLOUD_URL= +NEXTCLOUD_USERNAME= +NEXTCLOUD_PASSWORD= + +# ecoDMS (Session-based Auth) +ECODMS_API_URL= +ECODMS_USERNAME= +ECODMS_PASSWORD= diff --git a/apps/api/.eslintrc.js b/apps/api/.eslintrc.js new file mode 100644 index 0000000..2ca845c --- /dev/null +++ b/apps/api/.eslintrc.js @@ -0,0 +1,26 @@ +module.exports = { + parser: '@typescript-eslint/parser', + parserOptions: { + project: 'tsconfig.json', + tsconfigRootDir: __dirname, + sourceType: 'module', + }, + plugins: ['@typescript-eslint/eslint-plugin'], + extends: [ + 'plugin:@typescript-eslint/recommended', + 'plugin:prettier/recommended', + ], + root: true, + env: { + node: true, + jest: true, + }, + ignorePatterns: ['.eslintrc.js'], + rules: { + '@typescript-eslint/interface-name-prefix': 'off', + '@typescript-eslint/explicit-function-return-type': 'off', + '@typescript-eslint/explicit-module-boundary-types': 'off', + '@typescript-eslint/no-explicit-any': 'warn', + '@typescript-eslint/no-unused-vars': ['error', { argsIgnorePattern: '^_' }], + }, +}; diff --git a/apps/api/.gitignore b/apps/api/.gitignore new file mode 100644 index 0000000..bf9a777 --- /dev/null +++ b/apps/api/.gitignore @@ -0,0 +1,43 @@ +# compiled output +/dist +/node_modules + +# Logs +logs +*.log +npm-debug.log* +pnpm-debug.log* +yarn-debug.log* +yarn-error.log* +lerna-debug.log* + +# OS +.DS_Store + +# Tests +/coverage +/.nyc_output + +# IDEs and editors +/.idea +.project +.classpath +.c9/ +*.launch +.settings/ +*.sublime-workspace + +# IDE - VSCode +.vscode/* +!.vscode/settings.json +!.vscode/tasks.json +!.vscode/launch.json +!.vscode/extensions.json + +# Environment +.env +.env.local +.env.*.local + +# Prisma +prisma/migrations/*_migration_lock.toml diff --git a/apps/api/.prettierrc b/apps/api/.prettierrc new file mode 100644 index 0000000..243b265 --- /dev/null +++ b/apps/api/.prettierrc @@ -0,0 +1,7 @@ +{ + "singleQuote": true, + "trailingComma": "all", + "tabWidth": 2, + "semi": true, + "printWidth": 100 +} diff --git a/apps/api/nest-cli.json b/apps/api/nest-cli.json new file mode 100644 index 0000000..f9aa683 --- /dev/null +++ b/apps/api/nest-cli.json @@ -0,0 +1,8 @@ +{ + "$schema": "https://json.schemastore.org/nest-cli", + "collection": "@nestjs/schematics", + "sourceRoot": "src", + "compilerOptions": { + "deleteOutDir": true + } +} diff --git a/apps/api/package.json b/apps/api/package.json new file mode 100644 index 0000000..3e64c44 --- /dev/null +++ b/apps/api/package.json @@ -0,0 +1,101 @@ +{ + "name": "@tos/api", + "version": "0.0.1", + "description": "tOS Backend API - NestJS Application", + "author": "tOS Team", + "private": true, + "license": "UNLICENSED", + "scripts": { + "build": "nest build", + "format": "prettier --write \"src/**/*.ts\" \"test/**/*.ts\"", + "start": "nest start", + "dev": "nest start --watch", + "start:debug": "nest start --debug --watch", + "start:prod": "node dist/main", + "lint": "eslint \"{src,apps,libs,test}/**/*.ts\" --fix", + "test": "jest", + "test:watch": "jest --watch", + "test:cov": "jest --coverage", + "test:debug": "node --inspect-brk -r tsconfig-paths/register -r ts-node/register node_modules/.bin/jest --runInBand", + "test:e2e": "jest --config ./test/jest-e2e.json", + "db:generate": "prisma generate", + "db:push": "prisma db push", + "db:migrate": "prisma migrate dev", + "db:migrate:prod": "prisma migrate deploy", + "db:studio": "prisma studio", + "db:seed": "prisma db seed" + }, + "dependencies": { + "@tos/shared": "workspace:*", + "@nestjs/common": "^10.3.0", + "@nestjs/config": "^3.1.1", + "@nestjs/core": "^10.3.0", + "@nestjs/jwt": "^10.2.0", + "@nestjs/passport": "^10.0.3", + "@nestjs/platform-express": "^10.3.0", + "@nestjs/swagger": "^7.2.0", + "@nestjs/terminus": "^10.2.0", + "@prisma/client": "^5.8.0", + "axios": "^1.6.0", + "class-transformer": "^0.5.1", + "class-validator": "^0.14.1", + "form-data": "^4.0.5", + "helmet": "^7.1.0", + "joi": "^17.12.0", + "jwks-rsa": "^3.1.0", + "passport": "^0.7.0", + "passport-jwt": "^4.0.1", + "reflect-metadata": "^0.2.1", + "rxjs": "^7.8.1", + "uuid": "^13.0.0" + }, + "devDependencies": { + "@nestjs/cli": "^10.3.0", + "@nestjs/schematics": "^10.1.0", + "@nestjs/testing": "^10.3.0", + "@types/express": "^4.17.21", + "@types/jest": "^29.5.11", + "@types/multer": "^2.0.0", + "@types/node": "^20.10.6", + "@types/passport-jwt": "^4.0.0", + "@types/supertest": "^6.0.2", + "@typescript-eslint/eslint-plugin": "^6.18.0", + "@typescript-eslint/parser": "^6.18.0", + "eslint": "^8.56.0", + "eslint-config-prettier": "^9.1.0", + "eslint-plugin-prettier": "^5.1.2", + "jest": "^29.7.0", + "prettier": "^3.1.1", + "prisma": "^5.8.0", + "source-map-support": "^0.5.21", + "supertest": "^6.3.3", + "ts-jest": "^29.1.1", + "ts-loader": "^9.5.1", + "ts-node": "^10.9.2", + "tsconfig-paths": "^4.2.0", + "typescript": "^5.3.3" + }, + "jest": { + "moduleFileExtensions": [ + "js", + "json", + "ts" + ], + "rootDir": "src", + "testRegex": ".*\\.spec\\.ts$", + "transform": { + "^.+\\.(t|j)s$": "ts-jest" + }, + "collectCoverageFrom": [ + "**/*.(t|j)s" + ], + "coverageDirectory": "../coverage", + "testEnvironment": "node", + "moduleNameMapper": { + "^@/(.*)$": "/$1" + } + }, + "prisma": { + "seed": "ts-node prisma/seed.ts" + } +} diff --git a/apps/api/prisma/schema.prisma b/apps/api/prisma/schema.prisma new file mode 100644 index 0000000..f9eaf5a --- /dev/null +++ b/apps/api/prisma/schema.prisma @@ -0,0 +1,656 @@ +// Prisma Schema for tOS - Team Operating System +// Database: PostgreSQL + +generator client { + provider = "prisma-client-js" +} + +datasource db { + provider = "postgresql" + url = env("DATABASE_URL") +} + +// ============================================================================= +// ENUMS +// ============================================================================= + +enum ContractType { + FULL_TIME + PART_TIME + MINI_JOB + INTERN + WORKING_STUDENT + FREELANCE + TEMPORARY +} + +enum AbsenceType { + VACATION + SICK + SICK_CHILD + SPECIAL_LEAVE + UNPAID_LEAVE + PARENTAL_LEAVE + HOME_OFFICE + BUSINESS_TRIP + TRAINING + COMPENSATION +} + +enum ApprovalStatus { + PENDING + APPROVED + REJECTED + CANCELLED +} + +enum TimeEntryType { + REGULAR + OVERTIME + HOLIDAY + SICK + VACATION + CORRECTION +} + +enum ReviewType { + PROBATION + ANNUAL + PROMOTION + PROJECT + FEEDBACK + EXIT +} + +enum S3StatusType { + GREEN + YELLOW + RED + NOT_APPLICABLE +} + +enum S3Type { + SEIRI // Sort - Aussortieren + SEITON // Set in Order - Aufräumen + SEISO // Shine - Sauberkeit +} + +enum SkillLevel { + NONE + BEGINNER + INTERMEDIATE + ADVANCED + EXPERT + TRAINER +} + +enum IntegrationType { + DATEV + PERSONIO + SAP + CALENDAR + EMAIL + CUSTOM + PLENTYONE + ZULIP + TODOIST + FREESCOUT + NEXTCLOUD + ECODMS + GEMBADOCS +} + +enum SyncStatus { + PENDING + RUNNING + SUCCESS + ERROR +} + +// SQCDM Categories for Morning Meeting +enum SQCDMCategory { + SAFETY // S - Sicherheit + QUALITY // Q - Qualitaet + COST // C - Kosten + DELIVERY // D - Lieferung + MORALE // M - Moral/Mitarbeiter +} + +// Meeting Status +enum MeetingStatus { + SCHEDULED + IN_PROGRESS + COMPLETED + CANCELLED +} + +// KPI Status (Traffic Light) +enum KPIStatus { + GREEN + YELLOW + RED + NEUTRAL +} + +// Trend Direction +enum Trend { + UP + DOWN + STABLE +} + +// Action Status +enum ActionStatus { + OPEN + IN_PROGRESS + COMPLETED + CANCELLED +} + +// Priority Level +enum Priority { + LOW + MEDIUM + HIGH + CRITICAL +} + +// ============================================================================= +// CORE MODELS +// ============================================================================= + +model User { + id String @id @default(cuid()) + email String @unique + firstName String + lastName String + keycloakId String? @unique + avatar String? + isActive Boolean @default(true) + createdAt DateTime @default(now()) + updatedAt DateTime @updatedAt + + // Relations + departmentId String? + department Department? @relation("UserDepartment", fields: [departmentId], references: [id]) + roles UserRole[] + employee Employee? + preferences UserPreference? + auditLogs AuditLog[] + + // Manager relations + managedDepartments Department[] @relation("DepartmentManager") + correctedTimeEntries TimeEntry[] @relation("TimeEntryCorrectedBy") + approvedAbsences Absence[] @relation("AbsenceApprovedBy") + conductedReviews EmployeeReview[] @relation("ReviewConductedBy") + skillAssessments SkillMatrixEntry[] @relation("SkillAssessedBy") + integrationCredentials IntegrationCredential[] + + // LEAN 3S relations + s3PlansCreated S3Plan[] @relation("S3PlanCreatedBy") + s3StatusCompleted S3Status[] @relation("S3StatusCompletedBy") + + // Morning Meeting relations + conductedMeetings MorningMeeting[] @relation("MeetingConductor") + assignedMeetingActions MorningMeetingAction[] @relation("ActionAssignee") + + @@index([email]) + @@index([keycloakId]) + @@index([departmentId]) +} + +model Department { + id String @id @default(cuid()) + name String + code String? @unique + isActive Boolean @default(true) + createdAt DateTime @default(now()) + updatedAt DateTime @updatedAt + + // Self-relation for hierarchy + parentId String? + parent Department? @relation("DepartmentHierarchy", fields: [parentId], references: [id]) + children Department[] @relation("DepartmentHierarchy") + + // Manager relation + managerId String? + manager User? @relation("DepartmentManager", fields: [managerId], references: [id]) + + // Relations + users User[] @relation("UserDepartment") + onboardingTasks OnboardingTask[] + s3Plans S3Plan[] + skills Skill[] + morningMeetings MorningMeeting[] + + @@index([parentId]) + @@index([managerId]) +} + +model Role { + id String @id @default(cuid()) + name String @unique + description String? + permissions Json @default("[]") + isSystem Boolean @default(false) + createdAt DateTime @default(now()) + updatedAt DateTime @updatedAt + + // Relations + users UserRole[] + + @@index([name]) +} + +model UserRole { + id String @id @default(cuid()) + userId String + roleId String + createdAt DateTime @default(now()) + + user User @relation(fields: [userId], references: [id], onDelete: Cascade) + role Role @relation(fields: [roleId], references: [id], onDelete: Cascade) + + @@unique([userId, roleId]) + @@index([userId]) + @@index([roleId]) +} + +// ============================================================================= +// HR MODELS +// ============================================================================= + +model Employee { + id String @id @default(cuid()) + employeeNumber String @unique + position String + entryDate DateTime + exitDate DateTime? + contractType ContractType + workingHours Float @default(40) + salary String? // Encrypted salary (AES-256-GCM) + taxClass Int? + bankAccount Json? // Encrypted bank account (AES-256-GCM) + isActive Boolean @default(true) + createdAt DateTime @default(now()) + updatedAt DateTime @updatedAt + + // Relations + userId String @unique + user User @relation(fields: [userId], references: [id], onDelete: Cascade) + + timeEntries TimeEntry[] + absences Absence[] + reviews EmployeeReview[] + skillMatrixEntries SkillMatrixEntry[] + + @@index([employeeNumber]) + @@index([userId]) + @@index([entryDate]) +} + +model TimeEntry { + id String @id @default(cuid()) + date DateTime @db.Date + clockIn DateTime? + clockOut DateTime? + breakMinutes Int @default(0) + type TimeEntryType @default(REGULAR) + note String? + isLocked Boolean @default(false) + createdAt DateTime @default(now()) + updatedAt DateTime @updatedAt + + // Relations + employeeId String + employee Employee @relation(fields: [employeeId], references: [id], onDelete: Cascade) + correctedById String? + correctedBy User? @relation("TimeEntryCorrectedBy", fields: [correctedById], references: [id]) + + @@unique([employeeId, date]) + @@index([employeeId]) + @@index([date]) + @@index([correctedById]) +} + +model Absence { + id String @id @default(cuid()) + type AbsenceType + startDate DateTime @db.Date + endDate DateTime @db.Date + days Float + status ApprovalStatus @default(PENDING) + note String? + createdAt DateTime @default(now()) + updatedAt DateTime @updatedAt + + // Relations + employeeId String + employee Employee @relation(fields: [employeeId], references: [id], onDelete: Cascade) + approvedById String? + approvedBy User? @relation("AbsenceApprovedBy", fields: [approvedById], references: [id]) + + @@index([employeeId]) + @@index([startDate, endDate]) + @@index([status]) + @@index([approvedById]) +} + +model EmployeeReview { + id String @id @default(cuid()) + date DateTime + type ReviewType + notes String? @db.Text + goals Json? + rating Int? + createdAt DateTime @default(now()) + updatedAt DateTime @updatedAt + + // Relations + employeeId String + employee Employee @relation(fields: [employeeId], references: [id], onDelete: Cascade) + reviewerId String + reviewer User @relation("ReviewConductedBy", fields: [reviewerId], references: [id]) + + @@index([employeeId]) + @@index([reviewerId]) + @@index([date]) + @@index([type]) +} + +model OnboardingTask { + id String @id @default(cuid()) + title String + description String? @db.Text + dueOffset Int @default(0) // Days from entry date + assignedTo String? // Role or specific user type + sortOrder Int @default(0) + isActive Boolean @default(true) + createdAt DateTime @default(now()) + updatedAt DateTime @updatedAt + + // Relations + departmentId String? + department Department? @relation(fields: [departmentId], references: [id]) + + @@index([departmentId]) + @@index([sortOrder]) +} + +// ============================================================================= +// INTEGRATION MODELS +// ============================================================================= + +model IntegrationCredential { + id String @id @default(cuid()) + type IntegrationType + name String + credentials String // Encrypted JSON (AES-256-GCM) + isActive Boolean @default(true) + lastUsed DateTime? + lastSync DateTime? + syncStatus SyncStatus @default(PENDING) + syncError String? + createdAt DateTime @default(now()) + updatedAt DateTime @updatedAt + createdById String + createdBy User @relation(fields: [createdById], references: [id]) + + // Relations + syncHistory IntegrationSyncHistory[] + + @@unique([type, name]) + @@index([type]) + @@index([isActive]) + @@index([createdById]) +} + +model IntegrationSyncHistory { + id String @id @default(cuid()) + credentialId String + credential IntegrationCredential @relation(fields: [credentialId], references: [id], onDelete: Cascade) + status SyncStatus + startedAt DateTime @default(now()) + completedAt DateTime? + duration Int? // Duration in milliseconds + recordsProcessed Int? + error String? + metadata Json? // Additional sync metadata + createdAt DateTime @default(now()) + + @@index([credentialId]) + @@index([status]) + @@index([startedAt]) +} + +// ============================================================================= +// LEAN MODELS - 3S / 5S +// ============================================================================= + +model S3Plan { + id String @id @default(cuid()) + year Int + month Int + isActive Boolean @default(true) + createdAt DateTime @default(now()) + updatedAt DateTime @updatedAt + + // Relations + departmentId String + department Department @relation(fields: [departmentId], references: [id]) + createdById String + createdBy User @relation("S3PlanCreatedBy", fields: [createdById], references: [id]) + categories S3Category[] + + @@unique([departmentId, year, month]) + @@index([departmentId]) + @@index([year, month]) + @@index([createdById]) +} + +model S3Category { + id String @id @default(cuid()) + name String + s3Type S3Type // SEIRI, SEITON, SEISO + sortOrder Int @default(0) + createdAt DateTime @default(now()) + updatedAt DateTime @updatedAt + + // Relations + planId String + plan S3Plan @relation(fields: [planId], references: [id], onDelete: Cascade) + statuses S3Status[] + + @@index([planId]) + @@index([sortOrder]) + @@index([s3Type]) +} + +model S3Status { + id String @id @default(cuid()) + week Int // 1-53 + status S3StatusType + photo String? // URL to uploaded image + note String? + completedAt DateTime? + createdAt DateTime @default(now()) + updatedAt DateTime @updatedAt + + // Relations + categoryId String + category S3Category @relation(fields: [categoryId], references: [id], onDelete: Cascade) + completedById String? + completedBy User? @relation("S3StatusCompletedBy", fields: [completedById], references: [id]) + + @@unique([categoryId, week]) + @@index([categoryId]) + @@index([week]) + @@index([status]) + @@index([completedById]) +} + +// ============================================================================= +// LEAN MODELS - Morning Meeting (Shopfloor Management) +// ============================================================================= + +model MorningMeeting { + id String @id @default(cuid()) + date DateTime @db.Date + startTime DateTime? // Actual start time + endTime DateTime? // Actual end time + duration Int? // Duration in minutes (calculated) + participants Json? // Array of participant user IDs + notes String? @db.Text + status MeetingStatus @default(SCHEDULED) + createdAt DateTime @default(now()) + updatedAt DateTime @updatedAt + + // Relations + departmentId String + department Department @relation(fields: [departmentId], references: [id]) + conductorId String? + conductor User? @relation("MeetingConductor", fields: [conductorId], references: [id]) + topics MorningMeetingTopic[] + actions MorningMeetingAction[] + + @@unique([departmentId, date]) + @@index([departmentId]) + @@index([date]) + @@index([status]) + @@index([conductorId]) +} + +model MorningMeetingTopic { + id String @id @default(cuid()) + category SQCDMCategory // SAFETY, QUALITY, COST, DELIVERY, MORALE + title String + value String? // Current value + target String? // Target value + unit String? // Unit (%, pieces, EUR, etc.) + status KPIStatus @default(NEUTRAL) + trend Trend? // UP, DOWN, STABLE + sortOrder Int @default(0) + note String? + createdAt DateTime @default(now()) + updatedAt DateTime @updatedAt + + // Relations + meetingId String + meeting MorningMeeting @relation(fields: [meetingId], references: [id], onDelete: Cascade) + + @@index([meetingId]) + @@index([category]) + @@index([sortOrder]) + @@index([status]) +} + +model MorningMeetingAction { + id String @id @default(cuid()) + title String + description String? @db.Text + dueDate DateTime? @db.Date + status ActionStatus @default(OPEN) + priority Priority @default(MEDIUM) + completedAt DateTime? + createdAt DateTime @default(now()) + updatedAt DateTime @updatedAt + + // Relations + meetingId String + meeting MorningMeeting @relation(fields: [meetingId], references: [id], onDelete: Cascade) + assigneeId String? + assignee User? @relation("ActionAssignee", fields: [assigneeId], references: [id]) + + @@index([meetingId]) + @@index([assigneeId]) + @@index([status]) + @@index([priority]) + @@index([dueDate]) +} + +// ============================================================================= +// LEAN MODELS - Skill Matrix +// ============================================================================= + +model Skill { + id String @id @default(cuid()) + name String + description String? + category String? + isActive Boolean @default(true) + createdAt DateTime @default(now()) + updatedAt DateTime @updatedAt + + // Relations + departmentId String? + department Department? @relation(fields: [departmentId], references: [id]) + entries SkillMatrixEntry[] + + @@unique([name, departmentId]) + @@index([departmentId]) + @@index([category]) +} + +model SkillMatrixEntry { + id String @id @default(cuid()) + level SkillLevel @default(NONE) + assessedAt DateTime @default(now()) + note String? + createdAt DateTime @default(now()) + updatedAt DateTime @updatedAt + + // Relations + employeeId String + employee Employee @relation(fields: [employeeId], references: [id], onDelete: Cascade) + skillId String + skill Skill @relation(fields: [skillId], references: [id], onDelete: Cascade) + assessedById String? + assessedBy User? @relation("SkillAssessedBy", fields: [assessedById], references: [id]) + + @@unique([employeeId, skillId]) + @@index([employeeId]) + @@index([skillId]) + @@index([assessedById]) + @@index([level]) +} + +// ============================================================================= +// USER PREFERENCES +// ============================================================================= + +model UserPreference { + id String @id @default(cuid()) + userId String @unique + user User @relation(fields: [userId], references: [id], onDelete: Cascade) + theme String @default("system") // "light", "dark", "system" + language String @default("de") // "de", "en" + dashboardLayout Json? // Array of widget configurations + notifications Json? // Notification preferences + createdAt DateTime @default(now()) + updatedAt DateTime @updatedAt + + @@index([userId]) +} + +// ============================================================================= +// AUDIT LOGGING +// ============================================================================= + +model AuditLog { + id String @id @default(cuid()) + userId String + user User @relation(fields: [userId], references: [id]) + action String // CREATE, UPDATE, DELETE, LOGIN, LOGOUT, etc. + entity String // User, Department, Employee, etc. + entityId String? + oldData Json? + newData Json? + ipAddress String? + userAgent String? + createdAt DateTime @default(now()) + + @@index([userId]) + @@index([entity, entityId]) + @@index([action]) + @@index([createdAt]) +} diff --git a/apps/api/prisma/seed.ts b/apps/api/prisma/seed.ts new file mode 100644 index 0000000..31f16ff --- /dev/null +++ b/apps/api/prisma/seed.ts @@ -0,0 +1,215 @@ +import { PrismaClient } from '@prisma/client'; + +const prisma = new PrismaClient(); + +async function main() { + console.log('Seeding database...'); + + // Create default roles + const roles = await Promise.all([ + prisma.role.upsert({ + where: { name: 'admin' }, + update: {}, + create: { + name: 'admin', + description: 'Administrator with full system access', + permissions: JSON.stringify([ + 'users:read', + 'users:write', + 'users:delete', + 'employees:read', + 'employees:write', + 'employees:delete', + 'departments:read', + 'departments:write', + 'departments:delete', + 'roles:read', + 'roles:write', + 'roles:delete', + 'settings:read', + 'settings:write', + ]), + isSystem: true, + }, + }), + prisma.role.upsert({ + where: { name: 'hr-manager' }, + update: {}, + create: { + name: 'hr-manager', + description: 'HR Manager with access to employee data', + permissions: JSON.stringify([ + 'users:read', + 'users:write', + 'employees:read', + 'employees:write', + 'departments:read', + 'absences:read', + 'absences:write', + 'time-entries:read', + 'time-entries:write', + 'reviews:read', + 'reviews:write', + ]), + isSystem: true, + }, + }), + prisma.role.upsert({ + where: { name: 'team-lead' }, + update: {}, + create: { + name: 'team-lead', + description: 'Team leader with access to team data', + permissions: JSON.stringify([ + 'users:read', + 'employees:read', + 'departments:read', + 'absences:read', + 'absences:approve', + 'time-entries:read', + 'reviews:read', + 'reviews:write', + 'skills:read', + 'skills:write', + ]), + isSystem: true, + }, + }), + prisma.role.upsert({ + where: { name: 'employee' }, + update: {}, + create: { + name: 'employee', + description: 'Regular employee with basic access', + permissions: JSON.stringify([ + 'profile:read', + 'profile:write', + 'absences:read', + 'absences:request', + 'time-entries:read', + 'time-entries:write', + 'skills:read', + ]), + isSystem: true, + }, + }), + ]); + + console.log(`Created ${roles.length} roles`); + + // Create default departments + const departments = await Promise.all([ + prisma.department.upsert({ + where: { code: 'MGMT' }, + update: {}, + create: { + name: 'Management', + code: 'MGMT', + }, + }), + prisma.department.upsert({ + where: { code: 'HR' }, + update: {}, + create: { + name: 'Human Resources', + code: 'HR', + }, + }), + prisma.department.upsert({ + where: { code: 'ENG' }, + update: {}, + create: { + name: 'Engineering', + code: 'ENG', + }, + }), + prisma.department.upsert({ + where: { code: 'PROD' }, + update: {}, + create: { + name: 'Production', + code: 'PROD', + }, + }), + prisma.department.upsert({ + where: { code: 'QA' }, + update: {}, + create: { + name: 'Quality Assurance', + code: 'QA', + }, + }), + ]); + + console.log(`Created ${departments.length} departments`); + + // Create admin user (for development) + if (process.env.NODE_ENV !== 'production') { + const adminRole = roles.find((r) => r.name === 'admin'); + const mgmtDept = departments.find((d) => d.code === 'MGMT'); + + if (adminRole && mgmtDept) { + const adminUser = await prisma.user.upsert({ + where: { email: 'admin@tos.local' }, + update: {}, + create: { + email: 'admin@tos.local', + firstName: 'System', + lastName: 'Administrator', + departmentId: mgmtDept.id, + roles: { + create: { + roleId: adminRole.id, + }, + }, + }, + }); + + console.log(`Created admin user: ${adminUser.email}`); + } + } + + // Create default skills + const skills = await Promise.all([ + prisma.skill.upsert({ + where: { name_departmentId: { name: 'Communication', departmentId: null as unknown as string } }, + update: {}, + create: { + name: 'Communication', + description: 'Effective verbal and written communication', + category: 'Soft Skills', + }, + }), + prisma.skill.upsert({ + where: { name_departmentId: { name: 'Problem Solving', departmentId: null as unknown as string } }, + update: {}, + create: { + name: 'Problem Solving', + description: 'Analytical thinking and problem resolution', + category: 'Soft Skills', + }, + }), + prisma.skill.upsert({ + where: { name_departmentId: { name: 'Team Collaboration', departmentId: null as unknown as string } }, + update: {}, + create: { + name: 'Team Collaboration', + description: 'Working effectively in a team environment', + category: 'Soft Skills', + }, + }), + ]); + + console.log(`Created ${skills.length} skills`); + + console.log('Database seeding completed!'); +} + +main() + .catch((e) => { + console.error('Error seeding database:', e); + process.exit(1); + }) + .finally(async () => { + await prisma.$disconnect(); + }); diff --git a/apps/api/queue.backup/index.ts b/apps/api/queue.backup/index.ts new file mode 100644 index 0000000..8a8581e --- /dev/null +++ b/apps/api/queue.backup/index.ts @@ -0,0 +1 @@ +export * from './queue.module'; diff --git a/apps/api/queue.backup/queue.module.ts b/apps/api/queue.backup/queue.module.ts new file mode 100644 index 0000000..72c1977 --- /dev/null +++ b/apps/api/queue.backup/queue.module.ts @@ -0,0 +1,91 @@ +import { Module, DynamicModule, Logger } from '@nestjs/common'; +import { ConfigModule, ConfigService } from '@nestjs/config'; + +/** + * Queue Module for background job processing + * + * This module provides a factory for creating queue infrastructure. + * When BullMQ is available (Redis configured), it will use BullMQ. + * Otherwise, it falls back to in-memory processing. + * + * To use BullMQ, install the required packages: + * npm install @nestjs/bullmq bullmq + * + * And configure Redis in your environment: + * REDIS_HOST=localhost + * REDIS_PORT=6379 + */ +@Module({}) +export class QueueModule { + private static readonly logger = new Logger(QueueModule.name); + + /** + * Registers the queue module with optional BullMQ support + */ + static forRoot(): DynamicModule { + return { + module: QueueModule, + imports: [ConfigModule], + providers: [ + { + provide: 'QUEUE_CONFIG', + useFactory: (configService: ConfigService) => { + const redisHost = configService.get('REDIS_HOST'); + const redisPort = configService.get('REDIS_PORT'); + + if (redisHost && redisPort) { + this.logger.log( + `Queue configured with Redis at ${redisHost}:${redisPort}`, + ); + return { + type: 'bullmq', + connection: { + host: redisHost, + port: redisPort, + }, + }; + } + + this.logger.warn( + 'Redis not configured. Using in-memory queue processing. ' + + 'For production, configure REDIS_HOST and REDIS_PORT.', + ); + return { + type: 'memory', + }; + }, + inject: [ConfigService], + }, + ], + exports: ['QUEUE_CONFIG'], + }; + } + + /** + * Registers a specific queue + */ + static registerQueue(options: { name: string }): DynamicModule { + return { + module: QueueModule, + providers: [ + { + provide: `QUEUE_${options.name.toUpperCase()}`, + useFactory: () => { + // In a full implementation, this would create a BullMQ queue + // For now, return a placeholder that can be expanded + return { + name: options.name, + add: async (jobName: string, data: any) => { + this.logger.debug( + `Job added to queue ${options.name}: ${jobName}`, + ); + return { id: `job-${Date.now()}`, name: jobName, data }; + }, + }; + }, + }, + ], + exports: [`QUEUE_${options.name.toUpperCase()}`], + }; + } +} diff --git a/apps/api/src/app.module.ts b/apps/api/src/app.module.ts new file mode 100644 index 0000000..0ff351f --- /dev/null +++ b/apps/api/src/app.module.ts @@ -0,0 +1,94 @@ +import { Module } from '@nestjs/common'; +import { ConfigModule } from '@nestjs/config'; +import { APP_GUARD, APP_INTERCEPTOR } from '@nestjs/core'; +import { PrismaModule } from './prisma/prisma.module'; +import { AuthModule } from './auth/auth.module'; +import { UsersModule } from './users/users.module'; +import { HealthModule } from './health/health.module'; +import { CommonModule } from './common/common.module'; +import { JwtAuthGuard } from './auth/guards/jwt-auth.guard'; +import { RolesGuard } from './auth/guards/roles.guard'; +import { PermissionsGuard } from './auth/permissions/permissions.guard'; +import { configValidationSchema } from './config/config.validation'; + +// Feature modules +import { AuditModule } from './modules/audit/audit.module'; +import { AuditInterceptor } from './modules/audit/audit.interceptor'; +import { DashboardModule } from './modules/dashboard/dashboard.module'; +import { DepartmentsModule } from './modules/departments/departments.module'; +import { UserPreferencesModule } from './modules/user-preferences/user-preferences.module'; + +// Phase 4 modules - LEAN +import { LeanModule } from './modules/lean/lean.module'; + +// Phase 5 modules - HR +import { HrModule } from './modules/hr/hr.module'; + +// Phase 6 modules - Integrations +import { IntegrationsModule } from './modules/integrations/integrations.module'; + +@Module({ + imports: [ + // Configuration + ConfigModule.forRoot({ + isGlobal: true, + envFilePath: ['.env.local', '.env'], + validationSchema: configValidationSchema, + validationOptions: { + allowUnknown: true, + abortEarly: false, + }, + }), + + // Database + PrismaModule, + + // Common utilities + CommonModule, + + // Feature modules + AuthModule, + UsersModule, + HealthModule, + + // Phase 2 modules + AuditModule, + DashboardModule, + DepartmentsModule, + UserPreferencesModule, + + // Phase 4 modules - LEAN + LeanModule, + + // Phase 5 modules - HR + HrModule, + + // Phase 6 modules - Integrations + IntegrationsModule, + ], + providers: [ + // Global JWT Guard - routes are protected by default + // Use @Public() decorator to make routes accessible without authentication + { + provide: APP_GUARD, + useClass: JwtAuthGuard, + }, + // Global Roles Guard - checks @Roles() decorator on routes + // Must be registered after JwtAuthGuard to ensure user is authenticated first + { + provide: APP_GUARD, + useClass: RolesGuard, + }, + // Global Permissions Guard - checks @RequirePermissions() decorator + { + provide: APP_GUARD, + useClass: PermissionsGuard, + }, + // Global Audit Interceptor - logs actions marked with @AuditLog() + { + provide: APP_INTERCEPTOR, + useClass: AuditInterceptor, + }, + ], +}) +export class AppModule {} diff --git a/apps/api/src/auth/auth.controller.ts b/apps/api/src/auth/auth.controller.ts new file mode 100644 index 0000000..17e5b24 --- /dev/null +++ b/apps/api/src/auth/auth.controller.ts @@ -0,0 +1,55 @@ +import { Controller, Get, Post, Body, UseGuards, Request } from '@nestjs/common'; +import { + ApiTags, + ApiOperation, + ApiResponse, + ApiBearerAuth, + ApiBody, +} from '@nestjs/swagger'; +import { AuthService } from './auth.service'; +import { Public } from './decorators/public.decorator'; +import { CurrentUser } from './decorators/current-user.decorator'; +import { JwtAuthGuard } from './guards/jwt-auth.guard'; +import { ValidateTokenDto } from './dto/validate-token.dto'; +import { JwtPayload } from './interfaces/jwt-payload.interface'; + +@ApiTags('auth') +@Controller('auth') +export class AuthController { + constructor(private readonly authService: AuthService) {} + + @Public() + @Post('validate') + @ApiOperation({ summary: 'Validate a Keycloak token' }) + @ApiBody({ type: ValidateTokenDto }) + @ApiResponse({ status: 200, description: 'Token is valid' }) + @ApiResponse({ status: 401, description: 'Invalid token' }) + async validateToken(@Body() dto: ValidateTokenDto) { + const payload = await this.authService.validateKeycloakToken(dto.token); + return { + valid: true, + payload, + }; + } + + @Get('me') + @UseGuards(JwtAuthGuard) + @ApiBearerAuth('JWT-auth') + @ApiOperation({ summary: 'Get current user information' }) + @ApiResponse({ status: 200, description: 'Current user data' }) + @ApiResponse({ status: 401, description: 'Unauthorized' }) + async getCurrentUser(@CurrentUser() user: JwtPayload) { + const fullUser = await this.authService.getUserFromPayload(user); + return fullUser; + } + + @Get('profile') + @UseGuards(JwtAuthGuard) + @ApiBearerAuth('JWT-auth') + @ApiOperation({ summary: 'Get current user profile' }) + @ApiResponse({ status: 200, description: 'User profile data' }) + @ApiResponse({ status: 401, description: 'Unauthorized' }) + async getProfile(@Request() req: { user: JwtPayload }) { + return req.user; + } +} diff --git a/apps/api/src/auth/auth.module.ts b/apps/api/src/auth/auth.module.ts new file mode 100644 index 0000000..854c1f5 --- /dev/null +++ b/apps/api/src/auth/auth.module.ts @@ -0,0 +1,29 @@ +import { Module } from '@nestjs/common'; +import { JwtModule } from '@nestjs/jwt'; +import { PassportModule } from '@nestjs/passport'; +import { ConfigModule, ConfigService } from '@nestjs/config'; +import { AuthService } from './auth.service'; +import { AuthController } from './auth.controller'; +import { JwtStrategy } from './strategies/jwt.strategy'; +import { UsersModule } from '../users/users.module'; + +@Module({ + imports: [ + PassportModule.register({ defaultStrategy: 'jwt' }), + JwtModule.registerAsync({ + imports: [ConfigModule], + useFactory: async (configService: ConfigService) => ({ + secret: configService.get('JWT_SECRET'), + signOptions: { + expiresIn: '24h', + }, + }), + inject: [ConfigService], + }), + UsersModule, + ], + controllers: [AuthController], + providers: [AuthService, JwtStrategy], + exports: [AuthService, JwtModule], +}) +export class AuthModule {} diff --git a/apps/api/src/auth/auth.service.ts b/apps/api/src/auth/auth.service.ts new file mode 100644 index 0000000..9d64218 --- /dev/null +++ b/apps/api/src/auth/auth.service.ts @@ -0,0 +1,83 @@ +import { Injectable, UnauthorizedException, Logger } from '@nestjs/common'; +import { JwtService } from '@nestjs/jwt'; +import { ConfigService } from '@nestjs/config'; +import { UsersService } from '../users/users.service'; +import { JwtPayload } from './interfaces/jwt-payload.interface'; + +@Injectable() +export class AuthService { + private readonly logger = new Logger(AuthService.name); + + constructor( + private readonly jwtService: JwtService, + private readonly configService: ConfigService, + private readonly usersService: UsersService, + ) {} + + /** + * Validate a Keycloak token and return the user + * Always verifies the token signature for security + */ + async validateKeycloakToken(token: string): Promise { + try { + const jwtSecret = this.configService.get('JWT_SECRET'); + + if (!jwtSecret) { + this.logger.error('JWT_SECRET is not configured'); + throw new UnauthorizedException('Server configuration error'); + } + + // Always verify the token signature - never just decode + // This prevents token forgery attacks + const decoded = this.jwtService.verify(token, { + secret: jwtSecret, + }); + + if (!decoded || !decoded.sub || !decoded.email) { + throw new UnauthorizedException('Invalid token payload'); + } + + return decoded; + } catch (error) { + if (error instanceof UnauthorizedException) { + throw error; + } + this.logger.error('Token validation failed', error); + throw new UnauthorizedException('Invalid or expired token'); + } + } + + /** + * Create an internal JWT token for a user + */ + async createToken(userId: string): Promise { + const user = await this.usersService.findOne(userId); + + const payload: JwtPayload = { + sub: user.id, + email: user.email, + roles: user.roles.map((ur) => ur.role.name), + }; + + return this.jwtService.sign(payload); + } + + /** + * Verify an internal JWT token + */ + async verifyToken(token: string): Promise { + try { + return this.jwtService.verify(token); + } catch { + throw new UnauthorizedException('Invalid or expired token'); + } + } + + /** + * Get user from JWT payload + */ + async getUserFromPayload(payload: JwtPayload) { + const user = await this.usersService.findOne(payload.sub); + return user; + } +} diff --git a/apps/api/src/auth/decorators/current-user.decorator.ts b/apps/api/src/auth/decorators/current-user.decorator.ts new file mode 100644 index 0000000..f4534a1 --- /dev/null +++ b/apps/api/src/auth/decorators/current-user.decorator.ts @@ -0,0 +1,31 @@ +import { createParamDecorator, ExecutionContext } from '@nestjs/common'; +import { JwtPayload } from '../interfaces/jwt-payload.interface'; + +/** + * Parameter decorator to extract the current authenticated user from the request + * @example + * ```typescript + * @Get('profile') + * getProfile(@CurrentUser() user: JwtPayload) { + * return user; + * } + * + * // Or extract a specific property + * @Get('my-id') + * getMyId(@CurrentUser('sub') userId: string) { + * return userId; + * } + * ``` + */ +export const CurrentUser = createParamDecorator( + (data: keyof JwtPayload | undefined, ctx: ExecutionContext) => { + const request = ctx.switchToHttp().getRequest(); + const user = request.user as JwtPayload; + + if (!user) { + return null; + } + + return data ? user[data] : user; + }, +); diff --git a/apps/api/src/auth/decorators/index.ts b/apps/api/src/auth/decorators/index.ts new file mode 100644 index 0000000..8c09df0 --- /dev/null +++ b/apps/api/src/auth/decorators/index.ts @@ -0,0 +1,3 @@ +export * from './public.decorator'; +export * from './roles.decorator'; +export * from './current-user.decorator'; diff --git a/apps/api/src/auth/decorators/public.decorator.ts b/apps/api/src/auth/decorators/public.decorator.ts new file mode 100644 index 0000000..7d7c71c --- /dev/null +++ b/apps/api/src/auth/decorators/public.decorator.ts @@ -0,0 +1,16 @@ +import { SetMetadata } from '@nestjs/common'; + +export const IS_PUBLIC_KEY = 'isPublic'; + +/** + * Marks a route as publicly accessible without authentication + * @example + * ```typescript + * @Public() + * @Get('health') + * healthCheck() { + * return { status: 'ok' }; + * } + * ``` + */ +export const Public = () => SetMetadata(IS_PUBLIC_KEY, true); diff --git a/apps/api/src/auth/decorators/roles.decorator.ts b/apps/api/src/auth/decorators/roles.decorator.ts new file mode 100644 index 0000000..c4c3e8e --- /dev/null +++ b/apps/api/src/auth/decorators/roles.decorator.ts @@ -0,0 +1,17 @@ +import { SetMetadata } from '@nestjs/common'; + +export const ROLES_KEY = 'roles'; + +/** + * Decorator to specify which roles are allowed to access a route + * @param roles - Array of role names that are allowed + * @example + * ```typescript + * @Roles('admin', 'hr-manager') + * @Get('employees') + * getEmployees() { + * return this.employeeService.findAll(); + * } + * ``` + */ +export const Roles = (...roles: string[]) => SetMetadata(ROLES_KEY, roles); diff --git a/apps/api/src/auth/dto/index.ts b/apps/api/src/auth/dto/index.ts new file mode 100644 index 0000000..4d8e6ff --- /dev/null +++ b/apps/api/src/auth/dto/index.ts @@ -0,0 +1 @@ +export * from './validate-token.dto'; diff --git a/apps/api/src/auth/dto/validate-token.dto.ts b/apps/api/src/auth/dto/validate-token.dto.ts new file mode 100644 index 0000000..3212c2d --- /dev/null +++ b/apps/api/src/auth/dto/validate-token.dto.ts @@ -0,0 +1,12 @@ +import { ApiProperty } from '@nestjs/swagger'; +import { IsString, IsNotEmpty } from 'class-validator'; + +export class ValidateTokenDto { + @ApiProperty({ + description: 'JWT token to validate', + example: 'eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9...', + }) + @IsString() + @IsNotEmpty() + token: string; +} diff --git a/apps/api/src/auth/guards/index.ts b/apps/api/src/auth/guards/index.ts new file mode 100644 index 0000000..6726555 --- /dev/null +++ b/apps/api/src/auth/guards/index.ts @@ -0,0 +1,3 @@ +export * from './jwt-auth.guard'; +export * from './roles.guard'; +export * from '../permissions/permissions.guard'; diff --git a/apps/api/src/auth/guards/jwt-auth.guard.ts b/apps/api/src/auth/guards/jwt-auth.guard.ts new file mode 100644 index 0000000..b2fd37a --- /dev/null +++ b/apps/api/src/auth/guards/jwt-auth.guard.ts @@ -0,0 +1,26 @@ +import { Injectable, ExecutionContext } from '@nestjs/common'; +import { AuthGuard } from '@nestjs/passport'; +import { Reflector } from '@nestjs/core'; +import { IS_PUBLIC_KEY } from '../decorators/public.decorator'; + +@Injectable() +export class JwtAuthGuard extends AuthGuard('jwt') { + constructor(private reflector: Reflector) { + super(); + } + + canActivate(context: ExecutionContext) { + // Check if the route is marked as public + const isPublic = this.reflector.getAllAndOverride(IS_PUBLIC_KEY, [ + context.getHandler(), + context.getClass(), + ]); + + if (isPublic) { + return true; + } + + // Otherwise, use the default JWT authentication + return super.canActivate(context); + } +} diff --git a/apps/api/src/auth/guards/roles.guard.ts b/apps/api/src/auth/guards/roles.guard.ts new file mode 100644 index 0000000..3c3601c --- /dev/null +++ b/apps/api/src/auth/guards/roles.guard.ts @@ -0,0 +1,38 @@ +import { Injectable, CanActivate, ExecutionContext, ForbiddenException } from '@nestjs/common'; +import { Reflector } from '@nestjs/core'; +import { ROLES_KEY } from '../decorators/roles.decorator'; +import { JwtPayload } from '../interfaces/jwt-payload.interface'; + +@Injectable() +export class RolesGuard implements CanActivate { + constructor(private reflector: Reflector) {} + + canActivate(context: ExecutionContext): boolean { + const requiredRoles = this.reflector.getAllAndOverride(ROLES_KEY, [ + context.getHandler(), + context.getClass(), + ]); + + // If no roles are required, allow access + if (!requiredRoles || requiredRoles.length === 0) { + return true; + } + + const request = context.switchToHttp().getRequest(); + const user = request.user as JwtPayload; + + if (!user || !user.roles) { + throw new ForbiddenException('Access denied: No roles assigned'); + } + + const hasRole = requiredRoles.some((role) => user.roles.includes(role)); + + if (!hasRole) { + throw new ForbiddenException( + `Access denied: Required roles: ${requiredRoles.join(', ')}`, + ); + } + + return true; + } +} diff --git a/apps/api/src/auth/index.ts b/apps/api/src/auth/index.ts new file mode 100644 index 0000000..6f0e0a3 --- /dev/null +++ b/apps/api/src/auth/index.ts @@ -0,0 +1,6 @@ +export * from './auth.module'; +export * from './auth.service'; +export * from './guards'; +export * from './decorators'; +export * from './interfaces/jwt-payload.interface'; +export * from './permissions'; diff --git a/apps/api/src/auth/interfaces/jwt-payload.interface.ts b/apps/api/src/auth/interfaces/jwt-payload.interface.ts new file mode 100644 index 0000000..75bd6b8 --- /dev/null +++ b/apps/api/src/auth/interfaces/jwt-payload.interface.ts @@ -0,0 +1,26 @@ +export interface JwtPayload { + /** + * Subject - typically the user ID + */ + sub: string; + + /** + * User's email address + */ + email: string; + + /** + * Array of role names assigned to the user + */ + roles: string[]; + + /** + * Token issued at timestamp (optional, set by JWT) + */ + iat?: number; + + /** + * Token expiration timestamp (optional, set by JWT) + */ + exp?: number; +} diff --git a/apps/api/src/auth/permissions/index.ts b/apps/api/src/auth/permissions/index.ts new file mode 100644 index 0000000..c038530 --- /dev/null +++ b/apps/api/src/auth/permissions/index.ts @@ -0,0 +1,3 @@ +export * from './permissions.enum'; +export * from './permissions.decorator'; +export * from './permissions.guard'; diff --git a/apps/api/src/auth/permissions/permissions.decorator.ts b/apps/api/src/auth/permissions/permissions.decorator.ts new file mode 100644 index 0000000..ba340f4 --- /dev/null +++ b/apps/api/src/auth/permissions/permissions.decorator.ts @@ -0,0 +1,31 @@ +import { SetMetadata } from '@nestjs/common'; +import { Permission } from './permissions.enum'; + +export const PERMISSIONS_KEY = 'permissions'; + +/** + * Decorator to require specific permissions for a route + * @param permissions - Array of required permissions (ANY match grants access) + * @example + * ```typescript + * @RequirePermissions(Permission.USERS_CREATE, Permission.USERS_UPDATE) + * @Post() + * createUser() {} + * ``` + */ +export const RequirePermissions = (...permissions: Permission[]) => + SetMetadata(PERMISSIONS_KEY, permissions); + +/** + * Decorator to require ALL specified permissions for a route + * @param permissions - Array of required permissions (ALL must match) + * @example + * ```typescript + * @RequireAllPermissions(Permission.USERS_VIEW, Permission.USERS_UPDATE) + * @Patch() + * updateUser() {} + * ``` + */ +export const PERMISSIONS_ALL_KEY = 'permissions_all'; +export const RequireAllPermissions = (...permissions: Permission[]) => + SetMetadata(PERMISSIONS_ALL_KEY, permissions); diff --git a/apps/api/src/auth/permissions/permissions.enum.ts b/apps/api/src/auth/permissions/permissions.enum.ts new file mode 100644 index 0000000..c7d280b --- /dev/null +++ b/apps/api/src/auth/permissions/permissions.enum.ts @@ -0,0 +1,175 @@ +/** + * Fine-grained permissions for role-based access control + * Format: entity:action + */ +export enum Permission { + // Dashboard + DASHBOARD_VIEW = 'dashboard:view', + DASHBOARD_CUSTOMIZE = 'dashboard:customize', + + // Users + USERS_VIEW = 'users:view', + USERS_VIEW_ALL = 'users:view_all', + USERS_CREATE = 'users:create', + USERS_UPDATE = 'users:update', + USERS_UPDATE_SELF = 'users:update_self', + USERS_DELETE = 'users:delete', + USERS_MANAGE_ROLES = 'users:manage_roles', + + // Departments + DEPARTMENTS_VIEW = 'departments:view', + DEPARTMENTS_CREATE = 'departments:create', + DEPARTMENTS_UPDATE = 'departments:update', + DEPARTMENTS_DELETE = 'departments:delete', + DEPARTMENTS_MANAGE = 'departments:manage', + + // Employees + EMPLOYEES_VIEW = 'employees:view', + EMPLOYEES_VIEW_ALL = 'employees:view_all', + EMPLOYEES_CREATE = 'employees:create', + EMPLOYEES_UPDATE = 'employees:update', + EMPLOYEES_DELETE = 'employees:delete', + + // Time Entries + TIME_ENTRIES_VIEW = 'time_entries:view', + TIME_ENTRIES_VIEW_ALL = 'time_entries:view_all', + TIME_ENTRIES_CREATE = 'time_entries:create', + TIME_ENTRIES_UPDATE = 'time_entries:update', + TIME_ENTRIES_CORRECT = 'time_entries:correct', + TIME_ENTRIES_LOCK = 'time_entries:lock', + + // Absences + ABSENCES_VIEW = 'absences:view', + ABSENCES_VIEW_OWN = 'absences:view:own', + ABSENCES_VIEW_DEPARTMENT = 'absences:view:department', + ABSENCES_VIEW_ALL = 'absences:view_all', + ABSENCES_CREATE = 'absences:create', + ABSENCES_APPROVE = 'absences:approve', + ABSENCES_CANCEL = 'absences:cancel', + + // Reviews + REVIEWS_VIEW = 'reviews:view', + REVIEWS_VIEW_ALL = 'reviews:view_all', + REVIEWS_CREATE = 'reviews:create', + REVIEWS_UPDATE = 'reviews:update', + + // Skills + SKILLS_VIEW = 'skills:view', + SKILLS_MANAGE = 'skills:manage', + SKILLS_ASSESS = 'skills:assess', + + // Audit Logs + AUDIT_VIEW = 'audit:view', + AUDIT_VIEW_ALL = 'audit:view_all', + + // Settings + SETTINGS_VIEW = 'settings:view', + SETTINGS_MANAGE = 'settings:manage', + + // Integrations + INTEGRATIONS_VIEW = 'integrations:view', + INTEGRATIONS_MANAGE = 'integrations:manage', + INTEGRATIONS_SYNC = 'integrations:sync', + INTEGRATIONS_DELETE = 'integrations:delete', + + // LEAN 3S Planning + S3_VIEW = 's3:view', + S3_CREATE = 's3:create', + S3_UPDATE = 's3:update', + S3_DELETE = 's3:delete', + S3_MANAGE = 's3:manage', + + // LEAN Morning Meetings + MEETING_VIEW = 'meeting:view', + MEETING_CREATE = 'meeting:create', + MEETING_UPDATE = 'meeting:update', + MEETING_DELETE = 'meeting:delete', +} + +/** + * Default permission sets for standard roles + */ +export const DEFAULT_ROLE_PERMISSIONS: Record = { + admin: Object.values(Permission), + + 'hr-manager': [ + Permission.DASHBOARD_VIEW, + Permission.DASHBOARD_CUSTOMIZE, + Permission.USERS_VIEW, + Permission.USERS_VIEW_ALL, + Permission.USERS_CREATE, + Permission.USERS_UPDATE, + Permission.USERS_UPDATE_SELF, + Permission.DEPARTMENTS_VIEW, + Permission.EMPLOYEES_VIEW, + Permission.EMPLOYEES_VIEW_ALL, + Permission.EMPLOYEES_CREATE, + Permission.EMPLOYEES_UPDATE, + Permission.TIME_ENTRIES_VIEW, + Permission.TIME_ENTRIES_VIEW_ALL, + Permission.TIME_ENTRIES_CORRECT, + Permission.ABSENCES_VIEW, + Permission.ABSENCES_VIEW_OWN, + Permission.ABSENCES_VIEW_DEPARTMENT, + Permission.ABSENCES_VIEW_ALL, + Permission.ABSENCES_CREATE, + Permission.ABSENCES_APPROVE, + Permission.ABSENCES_CANCEL, + Permission.REVIEWS_VIEW, + Permission.REVIEWS_VIEW_ALL, + Permission.REVIEWS_CREATE, + Permission.REVIEWS_UPDATE, + Permission.SKILLS_VIEW, + Permission.SKILLS_MANAGE, + Permission.SKILLS_ASSESS, + Permission.AUDIT_VIEW, + Permission.MEETING_VIEW, + Permission.MEETING_CREATE, + Permission.MEETING_UPDATE, + Permission.MEETING_DELETE, + ], + + 'team-lead': [ + Permission.DASHBOARD_VIEW, + Permission.DASHBOARD_CUSTOMIZE, + Permission.USERS_VIEW, + Permission.USERS_UPDATE_SELF, + Permission.DEPARTMENTS_VIEW, + Permission.EMPLOYEES_VIEW, + Permission.TIME_ENTRIES_VIEW, + Permission.TIME_ENTRIES_CREATE, + Permission.TIME_ENTRIES_UPDATE, + Permission.ABSENCES_VIEW, + Permission.ABSENCES_VIEW_OWN, + Permission.ABSENCES_VIEW_DEPARTMENT, + Permission.ABSENCES_CREATE, + Permission.ABSENCES_APPROVE, + Permission.ABSENCES_CANCEL, + Permission.REVIEWS_VIEW, + Permission.REVIEWS_CREATE, + Permission.SKILLS_VIEW, + Permission.SKILLS_ASSESS, + Permission.S3_VIEW, + Permission.S3_CREATE, + Permission.S3_UPDATE, + Permission.MEETING_VIEW, + Permission.MEETING_CREATE, + Permission.MEETING_UPDATE, + ], + + employee: [ + Permission.DASHBOARD_VIEW, + Permission.USERS_UPDATE_SELF, + Permission.DEPARTMENTS_VIEW, + Permission.TIME_ENTRIES_VIEW, + Permission.TIME_ENTRIES_CREATE, + Permission.ABSENCES_VIEW, + Permission.ABSENCES_VIEW_OWN, + Permission.ABSENCES_CREATE, + Permission.ABSENCES_CANCEL, + Permission.SKILLS_VIEW, + Permission.S3_VIEW, + Permission.S3_UPDATE, + Permission.MEETING_VIEW, + ], +}; diff --git a/apps/api/src/auth/permissions/permissions.guard.ts b/apps/api/src/auth/permissions/permissions.guard.ts new file mode 100644 index 0000000..f6c12e8 --- /dev/null +++ b/apps/api/src/auth/permissions/permissions.guard.ts @@ -0,0 +1,91 @@ +import { + Injectable, + CanActivate, + ExecutionContext, + ForbiddenException, +} from '@nestjs/common'; +import { Reflector } from '@nestjs/core'; +import { Permission, DEFAULT_ROLE_PERMISSIONS } from './permissions.enum'; +import { PERMISSIONS_KEY, PERMISSIONS_ALL_KEY } from './permissions.decorator'; +import { JwtPayload } from '../interfaces/jwt-payload.interface'; + +@Injectable() +export class PermissionsGuard implements CanActivate { + constructor(private reflector: Reflector) {} + + canActivate(context: ExecutionContext): boolean { + // Check for ANY permission match + const requiredPermissions = this.reflector.getAllAndOverride( + PERMISSIONS_KEY, + [context.getHandler(), context.getClass()], + ); + + // Check for ALL permissions match + const requiredAllPermissions = this.reflector.getAllAndOverride( + PERMISSIONS_ALL_KEY, + [context.getHandler(), context.getClass()], + ); + + // If no permissions are required, allow access + if ( + (!requiredPermissions || requiredPermissions.length === 0) && + (!requiredAllPermissions || requiredAllPermissions.length === 0) + ) { + return true; + } + + const request = context.switchToHttp().getRequest(); + const user = request.user as JwtPayload; + + if (!user || !user.roles) { + throw new ForbiddenException('Access denied: No roles assigned'); + } + + // Collect all permissions from user's roles + const userPermissions = this.getUserPermissions(user.roles); + + // Check ANY permission (at least one must match) + if (requiredPermissions && requiredPermissions.length > 0) { + const hasAnyPermission = requiredPermissions.some((permission) => + userPermissions.has(permission), + ); + + if (!hasAnyPermission) { + throw new ForbiddenException( + `Access denied: Requires one of: ${requiredPermissions.join(', ')}`, + ); + } + } + + // Check ALL permissions (all must match) + if (requiredAllPermissions && requiredAllPermissions.length > 0) { + const hasAllPermissions = requiredAllPermissions.every((permission) => + userPermissions.has(permission), + ); + + if (!hasAllPermissions) { + throw new ForbiddenException( + `Access denied: Requires all of: ${requiredAllPermissions.join(', ')}`, + ); + } + } + + return true; + } + + /** + * Get all permissions for a user based on their roles + */ + private getUserPermissions(roles: string[]): Set { + const permissions = new Set(); + + for (const role of roles) { + const rolePermissions = DEFAULT_ROLE_PERMISSIONS[role]; + if (rolePermissions) { + rolePermissions.forEach((permission) => permissions.add(permission)); + } + } + + return permissions; + } +} diff --git a/apps/api/src/auth/strategies/jwt.strategy.ts b/apps/api/src/auth/strategies/jwt.strategy.ts new file mode 100644 index 0000000..cce1634 --- /dev/null +++ b/apps/api/src/auth/strategies/jwt.strategy.ts @@ -0,0 +1,44 @@ +import { Injectable, UnauthorizedException } from '@nestjs/common'; +import { PassportStrategy } from '@nestjs/passport'; +import { ExtractJwt, Strategy } from 'passport-jwt'; +import { ConfigService } from '@nestjs/config'; +import { JwtPayload } from '../interfaces/jwt-payload.interface'; +import { UsersService } from '../../users/users.service'; + +@Injectable() +export class JwtStrategy extends PassportStrategy(Strategy) { + constructor( + private readonly configService: ConfigService, + private readonly usersService: UsersService, + ) { + const secret = configService.get('JWT_SECRET'); + if (!secret) { + throw new Error('JWT_SECRET is not defined'); + } + + super({ + jwtFromRequest: ExtractJwt.fromAuthHeaderAsBearerToken(), + ignoreExpiration: false, + secretOrKey: secret, + }); + } + + async validate(payload: JwtPayload): Promise { + // Optionally validate that the user still exists and is active + try { + const user = await this.usersService.findOne(payload.sub); + if (!user.isActive) { + throw new UnauthorizedException('User account is deactivated'); + } + + // Return the payload to be attached to the request + return { + sub: payload.sub, + email: payload.email, + roles: payload.roles, + }; + } catch { + throw new UnauthorizedException('Invalid token'); + } + } +} diff --git a/apps/api/src/common/common.module.ts b/apps/api/src/common/common.module.ts new file mode 100644 index 0000000..660b307 --- /dev/null +++ b/apps/api/src/common/common.module.ts @@ -0,0 +1,10 @@ +import { Module, Global } from '@nestjs/common'; +import { EncryptionService } from './services/encryption.service'; + +@Global() +@Module({ + imports: [], + providers: [EncryptionService], + exports: [EncryptionService], +}) +export class CommonModule {} diff --git a/apps/api/src/common/decorators/api-paginated-response.decorator.ts b/apps/api/src/common/decorators/api-paginated-response.decorator.ts new file mode 100644 index 0000000..0478009 --- /dev/null +++ b/apps/api/src/common/decorators/api-paginated-response.decorator.ts @@ -0,0 +1,50 @@ +import { applyDecorators, Type } from '@nestjs/common'; +import { ApiExtraModels, ApiOkResponse, getSchemaPath } from '@nestjs/swagger'; + +export interface PaginatedResponseMeta { + total: number; + page: number; + limit: number; + totalPages: number; +} + +export interface PaginatedResponse { + data: T[]; + meta: PaginatedResponseMeta; +} + +export const ApiPaginatedResponse = >(model: TModel) => { + return applyDecorators( + ApiExtraModels(model), + ApiOkResponse({ + schema: { + allOf: [ + { + properties: { + success: { type: 'boolean', example: true }, + data: { + type: 'object', + properties: { + data: { + type: 'array', + items: { $ref: getSchemaPath(model) }, + }, + meta: { + type: 'object', + properties: { + total: { type: 'number', example: 100 }, + page: { type: 'number', example: 1 }, + limit: { type: 'number', example: 20 }, + totalPages: { type: 'number', example: 5 }, + }, + }, + }, + }, + timestamp: { type: 'string', example: '2024-01-15T10:30:00.000Z' }, + }, + }, + ], + }, + }), + ); +}; diff --git a/apps/api/src/common/decorators/index.ts b/apps/api/src/common/decorators/index.ts new file mode 100644 index 0000000..b71c5e9 --- /dev/null +++ b/apps/api/src/common/decorators/index.ts @@ -0,0 +1 @@ +export * from './api-paginated-response.decorator'; diff --git a/apps/api/src/common/filters/http-exception.filter.ts b/apps/api/src/common/filters/http-exception.filter.ts new file mode 100644 index 0000000..4593dd2 --- /dev/null +++ b/apps/api/src/common/filters/http-exception.filter.ts @@ -0,0 +1,76 @@ +import { + ExceptionFilter, + Catch, + ArgumentsHost, + HttpException, + HttpStatus, + Logger, +} from '@nestjs/common'; +import { Request, Response } from 'express'; + +interface ErrorResponse { + statusCode: number; + message: string | string[]; + error: string; + timestamp: string; + path: string; + method: string; +} + +@Catch() +export class HttpExceptionFilter implements ExceptionFilter { + private readonly logger = new Logger(HttpExceptionFilter.name); + + catch(exception: unknown, host: ArgumentsHost) { + const ctx = host.switchToHttp(); + const response = ctx.getResponse(); + const request = ctx.getRequest(); + + let status: number; + let message: string | string[]; + let error: string; + + if (exception instanceof HttpException) { + status = exception.getStatus(); + const exceptionResponse = exception.getResponse(); + + if (typeof exceptionResponse === 'object' && exceptionResponse !== null) { + const responseObj = exceptionResponse as Record; + message = (responseObj.message as string | string[]) || exception.message; + error = (responseObj.error as string) || exception.name; + } else { + message = exception.message; + error = exception.name; + } + } else if (exception instanceof Error) { + status = HttpStatus.INTERNAL_SERVER_ERROR; + message = 'Internal server error'; + error = 'Internal Server Error'; + + // Log the actual error for debugging (but don't expose to client) + this.logger.error(`Unhandled exception: ${exception.message}`, exception.stack); + } else { + status = HttpStatus.INTERNAL_SERVER_ERROR; + message = 'Internal server error'; + error = 'Internal Server Error'; + + this.logger.error('Unknown exception type', exception); + } + + const errorResponse: ErrorResponse = { + statusCode: status, + message, + error, + timestamp: new Date().toISOString(), + path: request.url, + method: request.method, + }; + + // Log client errors in development + if (process.env.NODE_ENV === 'development' && status >= 400) { + this.logger.warn(`${request.method} ${request.url} - ${status}: ${JSON.stringify(message)}`); + } + + response.status(status).json(errorResponse); + } +} diff --git a/apps/api/src/common/filters/index.ts b/apps/api/src/common/filters/index.ts new file mode 100644 index 0000000..18204b0 --- /dev/null +++ b/apps/api/src/common/filters/index.ts @@ -0,0 +1 @@ +export * from './http-exception.filter'; diff --git a/apps/api/src/common/index.ts b/apps/api/src/common/index.ts new file mode 100644 index 0000000..1519973 --- /dev/null +++ b/apps/api/src/common/index.ts @@ -0,0 +1,6 @@ +export * from './common.module'; +export * from './filters'; +export * from './interceptors'; +export * from './decorators'; +export * from './pipes'; +export * from './services'; diff --git a/apps/api/src/common/interceptors/index.ts b/apps/api/src/common/interceptors/index.ts new file mode 100644 index 0000000..2c88620 --- /dev/null +++ b/apps/api/src/common/interceptors/index.ts @@ -0,0 +1,3 @@ +export * from './transform.interceptor'; +export * from './logging.interceptor'; +export * from './timeout.interceptor'; diff --git a/apps/api/src/common/interceptors/logging.interceptor.ts b/apps/api/src/common/interceptors/logging.interceptor.ts new file mode 100644 index 0000000..1eb445f --- /dev/null +++ b/apps/api/src/common/interceptors/logging.interceptor.ts @@ -0,0 +1,44 @@ +import { + Injectable, + NestInterceptor, + ExecutionContext, + CallHandler, + Logger, +} from '@nestjs/common'; +import { Observable } from 'rxjs'; +import { tap } from 'rxjs/operators'; +import { Request } from 'express'; + +@Injectable() +export class LoggingInterceptor implements NestInterceptor { + private readonly logger = new Logger('HTTP'); + + intercept(context: ExecutionContext, next: CallHandler): Observable { + const request = context.switchToHttp().getRequest(); + const { method, url, ip } = request; + const userAgent = request.get('user-agent') || ''; + const startTime = Date.now(); + + return next.handle().pipe( + tap({ + next: () => { + const response = context.switchToHttp().getResponse(); + const { statusCode } = response; + const duration = Date.now() - startTime; + + this.logger.log( + `${method} ${url} ${statusCode} - ${duration}ms - ${ip} - ${userAgent}`, + ); + }, + error: (error) => { + const duration = Date.now() - startTime; + const statusCode = error.status || 500; + + this.logger.error( + `${method} ${url} ${statusCode} - ${duration}ms - ${ip} - ${error.message}`, + ); + }, + }), + ); + } +} diff --git a/apps/api/src/common/interceptors/timeout.interceptor.ts b/apps/api/src/common/interceptors/timeout.interceptor.ts new file mode 100644 index 0000000..d8af3a9 --- /dev/null +++ b/apps/api/src/common/interceptors/timeout.interceptor.ts @@ -0,0 +1,26 @@ +import { + Injectable, + NestInterceptor, + ExecutionContext, + CallHandler, + RequestTimeoutException, +} from '@nestjs/common'; +import { Observable, throwError, TimeoutError } from 'rxjs'; +import { catchError, timeout } from 'rxjs/operators'; + +@Injectable() +export class TimeoutInterceptor implements NestInterceptor { + constructor(private readonly timeoutMs: number = 30000) {} + + intercept(context: ExecutionContext, next: CallHandler): Observable { + return next.handle().pipe( + timeout(this.timeoutMs), + catchError((err) => { + if (err instanceof TimeoutError) { + return throwError(() => new RequestTimeoutException('Request timed out')); + } + return throwError(() => err); + }), + ); + } +} diff --git a/apps/api/src/common/interceptors/transform.interceptor.ts b/apps/api/src/common/interceptors/transform.interceptor.ts new file mode 100644 index 0000000..9940e88 --- /dev/null +++ b/apps/api/src/common/interceptors/transform.interceptor.ts @@ -0,0 +1,27 @@ +import { + Injectable, + NestInterceptor, + ExecutionContext, + CallHandler, +} from '@nestjs/common'; +import { Observable } from 'rxjs'; +import { map } from 'rxjs/operators'; + +export interface ApiResponse { + success: boolean; + data: T; + timestamp: string; +} + +@Injectable() +export class TransformInterceptor implements NestInterceptor> { + intercept(context: ExecutionContext, next: CallHandler): Observable> { + return next.handle().pipe( + map((data) => ({ + success: true, + data, + timestamp: new Date().toISOString(), + })), + ); + } +} diff --git a/apps/api/src/common/pipes/index.ts b/apps/api/src/common/pipes/index.ts new file mode 100644 index 0000000..64c7e22 --- /dev/null +++ b/apps/api/src/common/pipes/index.ts @@ -0,0 +1 @@ +export * from './parse-cuid.pipe'; diff --git a/apps/api/src/common/pipes/parse-cuid.pipe.ts b/apps/api/src/common/pipes/parse-cuid.pipe.ts new file mode 100644 index 0000000..509cd93 --- /dev/null +++ b/apps/api/src/common/pipes/parse-cuid.pipe.ts @@ -0,0 +1,19 @@ +import { PipeTransform, Injectable, BadRequestException } from '@nestjs/common'; + +/** + * Validates that a string is a valid CUID + * CUID format: starts with 'c' followed by 24 alphanumeric characters + */ +@Injectable() +export class ParseCuidPipe implements PipeTransform { + transform(value: string): string { + // CUID pattern: c followed by 24 alphanumeric characters + const cuidRegex = /^c[a-z0-9]{24}$/; + + if (!cuidRegex.test(value)) { + throw new BadRequestException(`Invalid ID format: ${value}`); + } + + return value; + } +} diff --git a/apps/api/src/common/services/encryption.service.spec.ts b/apps/api/src/common/services/encryption.service.spec.ts new file mode 100644 index 0000000..6df1818 --- /dev/null +++ b/apps/api/src/common/services/encryption.service.spec.ts @@ -0,0 +1,206 @@ +import { Test, TestingModule } from '@nestjs/testing'; +import { ConfigService } from '@nestjs/config'; +import { EncryptionService } from './encryption.service'; + +describe('EncryptionService', () => { + let service: EncryptionService; + + beforeEach(async () => { + const module: TestingModule = await Test.createTestingModule({ + providers: [ + EncryptionService, + { + provide: ConfigService, + useValue: { + get: jest.fn((key: string, defaultValue?: string) => { + if (key === 'ENCRYPTION_KEY') return 'test-encryption-key-for-unit-tests'; + if (key === 'NODE_ENV') return defaultValue ?? 'test'; + return defaultValue; + }), + }, + }, + ], + }).compile(); + + service = module.get(EncryptionService); + service.onModuleInit(); + }); + + it('should be defined', () => { + expect(service).toBeDefined(); + }); + + describe('encrypt / decrypt roundtrip', () => { + it('should encrypt and decrypt a simple string', () => { + const plaintext = 'Hello, World!'; + const encrypted = service.encrypt(plaintext); + expect(encrypted).not.toBe(plaintext); + expect(encrypted.length).toBeGreaterThan(0); + + const decrypted = service.decrypt(encrypted); + expect(decrypted).toBe(plaintext); + }); + + it('should encrypt and decrypt a long string', () => { + const plaintext = 'A'.repeat(10000); + const encrypted = service.encrypt(plaintext); + const decrypted = service.decrypt(encrypted); + expect(decrypted).toBe(plaintext); + }); + + it('should encrypt and decrypt unicode characters', () => { + const plaintext = 'Hallo Welt! Umlaute: aou Emojis: '; + const encrypted = service.encrypt(plaintext); + const decrypted = service.decrypt(encrypted); + expect(decrypted).toBe(plaintext); + }); + + it('should produce different ciphertexts for the same plaintext (random IV)', () => { + const plaintext = 'same input'; + const encrypted1 = service.encrypt(plaintext); + const encrypted2 = service.encrypt(plaintext); + expect(encrypted1).not.toBe(encrypted2); + }); + + it('should produce base64-encoded output', () => { + const plaintext = 'test'; + const encrypted = service.encrypt(plaintext); + // Base64 regex + expect(encrypted).toMatch(/^[A-Za-z0-9+/]+=*$/); + }); + }); + + describe('empty string handling', () => { + it('should return empty string when encrypting empty string', () => { + expect(service.encrypt('')).toBe(''); + }); + + it('should return empty string when decrypting empty string', () => { + expect(service.decrypt('')).toBe(''); + }); + }); + + describe('encryptObject / decryptObject roundtrip', () => { + it('should encrypt and decrypt a simple object', () => { + const data = { name: 'John', salary: 50000 }; + const encrypted = service.encryptObject(data); + expect(typeof encrypted).toBe('string'); + expect(encrypted.length).toBeGreaterThan(0); + + const decrypted = service.decryptObject(encrypted); + expect(decrypted).toEqual(data); + }); + + it('should encrypt and decrypt a nested object', () => { + const data = { + employee: { + name: 'Jane', + bankAccount: { + iban: 'DE89370400440532013000', + bic: 'COBADEFFXXX', + }, + }, + }; + const encrypted = service.encryptObject(data); + const decrypted = service.decryptObject(encrypted); + expect(decrypted).toEqual(data); + }); + + it('should encrypt and decrypt an array', () => { + const data = [1, 2, 3, 'four', { five: 5 }]; + const encrypted = service.encryptObject(data); + const decrypted = service.decryptObject(encrypted); + expect(decrypted).toEqual(data); + }); + + it('should encrypt and decrypt null values in objects', () => { + const data = { key: null, other: 'value' }; + const encrypted = service.encryptObject(data); + const decrypted = service.decryptObject(encrypted); + expect(decrypted).toEqual(data); + }); + }); + + describe('decryption failure', () => { + it('should throw on tampered data', () => { + const encrypted = service.encrypt('secret'); + // Tamper with the encrypted data by flipping a character + const tampered = encrypted.slice(0, -5) + 'XXXXX'; + expect(() => service.decrypt(tampered)).toThrow('Failed to decrypt data'); + }); + + it('should throw on invalid base64 input', () => { + expect(() => service.decrypt('not-valid-base64!!!')).toThrow(); + }); + }); + + describe('generateKey (static)', () => { + it('should generate a hex string of the correct length (default 32 bytes = 64 hex chars)', () => { + const key = EncryptionService.generateKey(); + expect(key).toMatch(/^[a-f0-9]+$/); + expect(key).toHaveLength(64); + }); + + it('should generate a hex string of custom length', () => { + const key = EncryptionService.generateKey(16); + expect(key).toMatch(/^[a-f0-9]+$/); + expect(key).toHaveLength(32); // 16 bytes = 32 hex chars + }); + + it('should generate unique keys', () => { + const key1 = EncryptionService.generateKey(); + const key2 = EncryptionService.generateKey(); + expect(key1).not.toBe(key2); + }); + }); + + describe('initialization', () => { + it('should throw in production without ENCRYPTION_KEY', async () => { + const module: TestingModule = await Test.createTestingModule({ + providers: [ + EncryptionService, + { + provide: ConfigService, + useValue: { + get: jest.fn((key: string, defaultValue?: string) => { + if (key === 'ENCRYPTION_KEY') return undefined; + if (key === 'NODE_ENV') return 'production'; + return defaultValue; + }), + }, + }, + ], + }).compile(); + + const svc = module.get(EncryptionService); + expect(() => svc.onModuleInit()).toThrow('ENCRYPTION_KEY environment variable is required in production'); + }); + + it('should use fallback key in development without ENCRYPTION_KEY', async () => { + const module: TestingModule = await Test.createTestingModule({ + providers: [ + EncryptionService, + { + provide: ConfigService, + useValue: { + get: jest.fn((key: string, defaultValue?: string) => { + if (key === 'ENCRYPTION_KEY') return undefined; + if (key === 'NODE_ENV') return defaultValue ?? 'development'; + if (key === 'JWT_SECRET') return defaultValue ?? 'dev-fallback-key'; + return defaultValue; + }), + }, + }, + ], + }).compile(); + + const svc = module.get(EncryptionService); + // Should not throw in development + expect(() => svc.onModuleInit()).not.toThrow(); + + // Service should still work + const encrypted = svc.encrypt('test'); + expect(svc.decrypt(encrypted)).toBe('test'); + }); + }); +}); diff --git a/apps/api/src/common/services/encryption.service.ts b/apps/api/src/common/services/encryption.service.ts new file mode 100644 index 0000000..f652268 --- /dev/null +++ b/apps/api/src/common/services/encryption.service.ts @@ -0,0 +1,171 @@ +import { Injectable, OnModuleInit, Logger } from '@nestjs/common'; +import { ConfigService } from '@nestjs/config'; +import * as crypto from 'crypto'; + +/** + * Service for encrypting and decrypting sensitive data using AES-256-GCM + * + * Security features: + * - AES-256-GCM encryption with authenticated encryption + * - Random IV for each encryption operation + * - Auth tag for data integrity verification + * - Secure key derivation from environment variable + */ +@Injectable() +export class EncryptionService implements OnModuleInit { + private readonly logger = new Logger(EncryptionService.name); + private readonly algorithm = 'aes-256-gcm'; + private readonly ivLength = 16; // 128 bits + private readonly tagLength = 16; // 128 bits + private readonly keyLength = 32; // 256 bits + private encryptionKey: Buffer; + + constructor(private readonly configService: ConfigService) {} + + onModuleInit(): void { + const key = this.configService.get('ENCRYPTION_KEY'); + const nodeEnv = this.configService.get('NODE_ENV', 'development'); + const isProduction = nodeEnv === 'production'; + + if (!key) { + if (isProduction) { + // CRITICAL: In production, ENCRYPTION_KEY must be set + throw new Error( + 'ENCRYPTION_KEY environment variable is required in production. ' + + 'Generate one with: node -e "console.log(require(\'crypto\').randomBytes(32).toString(\'hex\'))"' + ); + } + + this.logger.warn( + 'ENCRYPTION_KEY not configured. Using derived key from JWT_SECRET. ' + + 'This is acceptable for development but NOT for production!', + ); + // Fallback for development only: derive key from JWT_SECRET + const jwtSecret = this.configService.get('JWT_SECRET', 'dev-fallback-key'); + this.encryptionKey = this.deriveKey(jwtSecret); + } else if (key.length < this.keyLength) { + // Derive a proper key from the provided string + this.encryptionKey = this.deriveKey(key); + } else { + // Use the first 32 bytes if key is longer + this.encryptionKey = Buffer.from(key.slice(0, this.keyLength), 'utf-8'); + } + } + + /** + * Derives a 256-bit key from a password/passphrase using PBKDF2 + */ + private deriveKey(password: string): Buffer { + // Using a fixed salt is acceptable here since we're just deriving + // an encryption key from a secret, not storing passwords + const salt = 'tos-encryption-salt-v1'; + return crypto.pbkdf2Sync(password, salt, 100000, this.keyLength, 'sha256'); + } + + /** + * Encrypts a string using AES-256-GCM + * + * @param plaintext - The string to encrypt + * @returns Base64-encoded string containing IV + ciphertext + auth tag + */ + encrypt(plaintext: string): string { + if (!plaintext) { + return ''; + } + + // Generate random IV for each encryption + const iv = crypto.randomBytes(this.ivLength); + + // Create cipher + const cipher = crypto.createCipheriv(this.algorithm, this.encryptionKey, iv, { + authTagLength: this.tagLength, + }); + + // Encrypt the data + const encrypted = Buffer.concat([ + cipher.update(plaintext, 'utf8'), + cipher.final(), + ]); + + // Get the auth tag + const authTag = cipher.getAuthTag(); + + // Combine IV + ciphertext + authTag and encode as base64 + const combined = Buffer.concat([iv, encrypted, authTag]); + + return combined.toString('base64'); + } + + /** + * Decrypts a string that was encrypted with the encrypt method + * + * @param encryptedData - Base64-encoded string from encrypt() + * @returns The original plaintext string + * @throws Error if decryption fails (tampered data or wrong key) + */ + decrypt(encryptedData: string): string { + if (!encryptedData) { + return ''; + } + + try { + // Decode the combined data + const combined = Buffer.from(encryptedData, 'base64'); + + // Extract IV, ciphertext, and auth tag + const iv = combined.subarray(0, this.ivLength); + const authTag = combined.subarray(combined.length - this.tagLength); + const ciphertext = combined.subarray(this.ivLength, combined.length - this.tagLength); + + // Create decipher + const decipher = crypto.createDecipheriv(this.algorithm, this.encryptionKey, iv, { + authTagLength: this.tagLength, + }); + + // Set the auth tag for verification + decipher.setAuthTag(authTag); + + // Decrypt the data + const decrypted = Buffer.concat([ + decipher.update(ciphertext), + decipher.final(), + ]); + + return decrypted.toString('utf8'); + } catch (error) { + this.logger.error('Decryption failed - data may be corrupted or tampered with'); + throw new Error('Failed to decrypt data'); + } + } + + /** + * Encrypts a JavaScript object as JSON + * + * @param data - Object to encrypt + * @returns Encrypted string + */ + encryptObject(data: T): string { + return this.encrypt(JSON.stringify(data)); + } + + /** + * Decrypts a string back to a JavaScript object + * + * @param encryptedData - Encrypted string from encryptObject() + * @returns The original object + */ + decryptObject(encryptedData: string): T { + const json = this.decrypt(encryptedData); + return JSON.parse(json) as T; + } + + /** + * Generates a secure random string suitable for use as an encryption key + * + * @param length - Length of the key in bytes (default: 32 for AES-256) + * @returns Hex-encoded random string + */ + static generateKey(length: number = 32): string { + return crypto.randomBytes(length).toString('hex'); + } +} diff --git a/apps/api/src/common/services/index.ts b/apps/api/src/common/services/index.ts new file mode 100644 index 0000000..67b48ee --- /dev/null +++ b/apps/api/src/common/services/index.ts @@ -0,0 +1 @@ +export * from './encryption.service'; diff --git a/apps/api/src/config/config.validation.ts b/apps/api/src/config/config.validation.ts new file mode 100644 index 0000000..42dc8b4 --- /dev/null +++ b/apps/api/src/config/config.validation.ts @@ -0,0 +1,81 @@ +import * as Joi from 'joi'; + +export const configValidationSchema = Joi.object({ + // Application + NODE_ENV: Joi.string().valid('development', 'production', 'test').default('development'), + PORT: Joi.number().default(3001), + API_PREFIX: Joi.string().default('api'), + + // Database + DATABASE_URL: Joi.string().required(), + + // JWT / Keycloak + JWT_SECRET: Joi.string().when('NODE_ENV', { + is: 'production', + then: Joi.required(), + otherwise: Joi.string().default('dev-secret-key-change-in-production'), + }), + KEYCLOAK_URL: Joi.string().uri().optional(), + KEYCLOAK_REALM: Joi.string().optional(), + KEYCLOAK_CLIENT_ID: Joi.string().optional(), + KEYCLOAK_CLIENT_SECRET: Joi.string().optional(), + + // CORS + CORS_ORIGINS: Joi.string().default('http://localhost:3000'), + + // Swagger + SWAGGER_ENABLED: Joi.string().valid('true', 'false').default('true'), + + // Encryption (Phase 3) + ENCRYPTION_KEY: Joi.string().min(32).when('NODE_ENV', { + is: 'production', + then: Joi.required(), + otherwise: Joi.optional(), + }), + + // Redis (Phase 3 - for BullMQ) + REDIS_HOST: Joi.string().optional(), + REDIS_PORT: Joi.number().optional(), + + // Sync Jobs (Phase 3) + ENABLE_SYNC_JOBS: Joi.string().valid('true', 'false').default('false'), + SYNC_INTERVAL_PLENTYONE: Joi.number().min(1).default(15), + SYNC_INTERVAL_ZULIP: Joi.number().min(1).default(5), + SYNC_INTERVAL_TODOIST: Joi.number().min(1).default(10), + SYNC_INTERVAL_FREESCOUT: Joi.number().min(1).default(10), + SYNC_INTERVAL_NEXTCLOUD: Joi.number().min(1).default(30), + SYNC_INTERVAL_ECODMS: Joi.number().min(1).default(60), + SYNC_INTERVAL_GEMBADOCS: Joi.number().min(1).default(30), + + // ============================================================================ + // Integration Credentials (Phase 3 - API Connectors) + // ============================================================================ + + // PlentyONE (OAuth2 Client Credentials) + PLENTYONE_BASE_URL: Joi.string().uri().optional(), + PLENTYONE_CLIENT_ID: Joi.string().optional(), + PLENTYONE_CLIENT_SECRET: Joi.string().optional(), + + // ZULIP (Basic Auth with API Key) + ZULIP_BASE_URL: Joi.string().uri().optional(), + ZULIP_EMAIL: Joi.string().email().optional(), + ZULIP_API_KEY: Joi.string().optional(), + + // Todoist (Bearer Token) + TODOIST_API_TOKEN: Joi.string().optional(), + + // FreeScout (API Key) + FREESCOUT_API_URL: Joi.string().uri().optional(), + FREESCOUT_API_KEY: Joi.string().optional(), + + // Nextcloud (Basic Auth / App Password) + NEXTCLOUD_URL: Joi.string().uri().optional(), + NEXTCLOUD_USERNAME: Joi.string().optional(), + NEXTCLOUD_PASSWORD: Joi.string().optional(), + + // ecoDMS (Session-based Auth) + ECODMS_API_URL: Joi.string().uri().optional(), + ECODMS_USERNAME: Joi.string().optional(), + ECODMS_PASSWORD: Joi.string().optional(), + ECODMS_API_VERSION: Joi.string().default('v1'), +}); diff --git a/apps/api/src/config/index.ts b/apps/api/src/config/index.ts new file mode 100644 index 0000000..a720366 --- /dev/null +++ b/apps/api/src/config/index.ts @@ -0,0 +1 @@ +export * from './config.validation'; diff --git a/apps/api/src/health/health.controller.spec.ts b/apps/api/src/health/health.controller.spec.ts new file mode 100644 index 0000000..6ebbdbf --- /dev/null +++ b/apps/api/src/health/health.controller.spec.ts @@ -0,0 +1,144 @@ +import { Test, TestingModule } from '@nestjs/testing'; +import { HealthController } from './health.controller'; +import { + HealthCheckService, + MemoryHealthIndicator, + DiskHealthIndicator, + HealthCheckResult, +} from '@nestjs/terminus'; +import { PrismaHealthIndicator } from './prisma-health.indicator'; +import { ModulesHealthIndicator } from './modules-health.indicator'; + +describe('HealthController', () => { + let controller: HealthController; + let healthCheckService: HealthCheckService; + + const mockHealthCheckService = { + check: jest.fn(), + }; + + const mockMemoryHealth = { + checkHeap: jest.fn(), + checkRSS: jest.fn(), + }; + + const mockDiskHealth = { + checkStorage: jest.fn(), + }; + + const mockPrismaHealth = { + isHealthy: jest.fn(), + }; + + const mockModulesHealth = { + isHealthy: jest.fn(), + }; + + beforeEach(async () => { + const module: TestingModule = await Test.createTestingModule({ + controllers: [HealthController], + providers: [ + { provide: HealthCheckService, useValue: mockHealthCheckService }, + { provide: MemoryHealthIndicator, useValue: mockMemoryHealth }, + { provide: DiskHealthIndicator, useValue: mockDiskHealth }, + { provide: PrismaHealthIndicator, useValue: mockPrismaHealth }, + { provide: ModulesHealthIndicator, useValue: mockModulesHealth }, + ], + }).compile(); + + controller = module.get(HealthController); + healthCheckService = module.get(HealthCheckService); + }); + + afterEach(() => { + jest.clearAllMocks(); + }); + + it('should be defined', () => { + expect(controller).toBeDefined(); + }); + + describe('check()', () => { + it('should call health check service with all indicators', async () => { + const expectedResult: HealthCheckResult = { + status: 'ok', + info: { + database: { status: 'up' }, + memory_heap: { status: 'up' }, + memory_rss: { status: 'up' }, + modules: { status: 'up' }, + }, + error: {}, + details: { + database: { status: 'up' }, + memory_heap: { status: 'up' }, + memory_rss: { status: 'up' }, + modules: { status: 'up' }, + }, + }; + + mockHealthCheckService.check.mockResolvedValue(expectedResult); + + const result = await controller.check(); + expect(result).toEqual(expectedResult); + expect(mockHealthCheckService.check).toHaveBeenCalledWith( + expect.arrayContaining([ + expect.any(Function), + expect.any(Function), + expect.any(Function), + expect.any(Function), + ]), + ); + }); + + it('should pass an array of 4 health indicator callbacks', async () => { + mockHealthCheckService.check.mockResolvedValue({ status: 'ok' }); + + await controller.check(); + const checkArgs = mockHealthCheckService.check.mock.calls[0][0]; + expect(checkArgs).toHaveLength(4); + }); + }); + + describe('liveness()', () => { + it('should return ok status with timestamp', () => { + const result = controller.liveness(); + expect(result).toHaveProperty('status', 'ok'); + expect(result).toHaveProperty('timestamp'); + expect(typeof result.timestamp).toBe('string'); + }); + + it('should return a valid ISO timestamp', () => { + const result = controller.liveness(); + const parsed = new Date(result.timestamp); + expect(parsed.toISOString()).toBe(result.timestamp); + }); + }); + + describe('readiness()', () => { + it('should call health check service with database check only', async () => { + const expectedResult: HealthCheckResult = { + status: 'ok', + info: { database: { status: 'up' } }, + error: {}, + details: { database: { status: 'up' } }, + }; + + mockHealthCheckService.check.mockResolvedValue(expectedResult); + + const result = await controller.readiness(); + expect(result).toEqual(expectedResult); + expect(mockHealthCheckService.check).toHaveBeenCalledWith( + expect.arrayContaining([expect.any(Function)]), + ); + }); + + it('should pass exactly 1 health indicator callback for readiness', async () => { + mockHealthCheckService.check.mockResolvedValue({ status: 'ok' }); + + await controller.readiness(); + const checkArgs = mockHealthCheckService.check.mock.calls[0][0]; + expect(checkArgs).toHaveLength(1); + }); + }); +}); diff --git a/apps/api/src/health/health.controller.ts b/apps/api/src/health/health.controller.ts new file mode 100644 index 0000000..8580e74 --- /dev/null +++ b/apps/api/src/health/health.controller.ts @@ -0,0 +1,109 @@ +import { Controller, Get } from '@nestjs/common'; +import { ApiTags, ApiOperation, ApiResponse } from '@nestjs/swagger'; +import { + HealthCheck, + HealthCheckService, + MemoryHealthIndicator, + DiskHealthIndicator, +} from '@nestjs/terminus'; +import { Public } from '../auth/decorators/public.decorator'; +import { PrismaHealthIndicator } from './prisma-health.indicator'; +import { ModulesHealthIndicator } from './modules-health.indicator'; + +@ApiTags('health') +@Controller('health') +export class HealthController { + constructor( + private readonly health: HealthCheckService, + private readonly memory: MemoryHealthIndicator, + private readonly disk: DiskHealthIndicator, + private readonly prismaHealth: PrismaHealthIndicator, + private readonly modulesHealth: ModulesHealthIndicator, + ) {} + + @Get() + @Public() + @HealthCheck() + @ApiOperation({ summary: 'Health check endpoint' }) + @ApiResponse({ + status: 200, + description: 'Application is healthy', + schema: { + type: 'object', + properties: { + status: { type: 'string', example: 'ok' }, + info: { + type: 'object', + properties: { + database: { + type: 'object', + properties: { + status: { type: 'string', example: 'up' }, + }, + }, + }, + }, + error: { type: 'object' }, + details: { type: 'object' }, + }, + }, + }) + @ApiResponse({ + status: 503, + description: 'Application is unhealthy', + }) + check() { + return this.health.check([ + // Database connectivity + () => this.prismaHealth.isHealthy('database'), + + // Memory usage (heap should not exceed 150MB) + () => this.memory.checkHeap('memory_heap', 150 * 1024 * 1024), + + // RSS memory should not exceed 300MB + () => this.memory.checkRSS('memory_rss', 300 * 1024 * 1024), + + // Application modules status + () => this.modulesHealth.isHealthy('modules'), + ]); + } + + @Get('liveness') + @Public() + @ApiOperation({ summary: 'Liveness probe for Kubernetes' }) + @ApiResponse({ + status: 200, + description: 'Application is alive', + schema: { + type: 'object', + properties: { + status: { type: 'string', example: 'ok' }, + timestamp: { type: 'string', example: '2024-01-15T10:30:00.000Z' }, + }, + }, + }) + liveness() { + return { + status: 'ok', + timestamp: new Date().toISOString(), + }; + } + + @Get('readiness') + @Public() + @HealthCheck() + @ApiOperation({ summary: 'Readiness probe for Kubernetes' }) + @ApiResponse({ + status: 200, + description: 'Application is ready to serve traffic', + }) + @ApiResponse({ + status: 503, + description: 'Application is not ready', + }) + readiness() { + return this.health.check([ + () => this.prismaHealth.isHealthy('database'), + ]); + } +} diff --git a/apps/api/src/health/health.module.ts b/apps/api/src/health/health.module.ts new file mode 100644 index 0000000..818fe75 --- /dev/null +++ b/apps/api/src/health/health.module.ts @@ -0,0 +1,12 @@ +import { Module } from '@nestjs/common'; +import { TerminusModule } from '@nestjs/terminus'; +import { HealthController } from './health.controller'; +import { PrismaHealthIndicator } from './prisma-health.indicator'; +import { ModulesHealthIndicator } from './modules-health.indicator'; + +@Module({ + imports: [TerminusModule], + controllers: [HealthController], + providers: [PrismaHealthIndicator, ModulesHealthIndicator], +}) +export class HealthModule {} diff --git a/apps/api/src/health/index.ts b/apps/api/src/health/index.ts new file mode 100644 index 0000000..02c82fd --- /dev/null +++ b/apps/api/src/health/index.ts @@ -0,0 +1,4 @@ +export * from './health.module'; +export * from './health.controller'; +export * from './prisma-health.indicator'; +export * from './modules-health.indicator'; diff --git a/apps/api/src/health/modules-health.indicator.ts b/apps/api/src/health/modules-health.indicator.ts new file mode 100644 index 0000000..7dc34e0 --- /dev/null +++ b/apps/api/src/health/modules-health.indicator.ts @@ -0,0 +1,141 @@ +import { Injectable } from '@nestjs/common'; +import { + HealthIndicator, + HealthIndicatorResult, +} from '@nestjs/terminus'; +import { PrismaService } from '../prisma/prisma.service'; + +interface ModuleStatus { + name: string; + status: 'up' | 'down' | 'degraded'; + tables?: number; + message?: string; +} + +/** + * Health indicator that reports the status of application modules + * by checking their associated database tables. + */ +@Injectable() +export class ModulesHealthIndicator extends HealthIndicator { + constructor(private readonly prisma: PrismaService) { + super(); + } + + async isHealthy(key: string): Promise { + const moduleStatuses: ModuleStatus[] = []; + let overallStatus: 'up' | 'degraded' = 'up'; + + // Check core modules + const coreStatus = await this.checkCoreModule(); + moduleStatuses.push(coreStatus); + if (coreStatus.status !== 'up') overallStatus = 'degraded'; + + // Check HR module + const hrStatus = await this.checkHrModule(); + moduleStatuses.push(hrStatus); + if (hrStatus.status !== 'up') overallStatus = 'degraded'; + + // Check LEAN module + const leanStatus = await this.checkLeanModule(); + moduleStatuses.push(leanStatus); + if (leanStatus.status !== 'up') overallStatus = 'degraded'; + + // Check Integrations module + const integrationsStatus = await this.checkIntegrationsModule(); + moduleStatuses.push(integrationsStatus); + if (integrationsStatus.status !== 'up') overallStatus = 'degraded'; + + return this.getStatus(key, overallStatus === 'up', { + status: overallStatus, + modules: moduleStatuses, + }); + } + + private async checkCoreModule(): Promise { + try { + const [users, departments, roles] = await Promise.all([ + this.prisma.user.count(), + this.prisma.department.count(), + this.prisma.role.count(), + ]); + + return { + name: 'core', + status: 'up', + message: `Users: ${users}, Departments: ${departments}, Roles: ${roles}`, + }; + } catch (error) { + return { + name: 'core', + status: 'down', + message: error instanceof Error ? error.message : 'Unknown error', + }; + } + } + + private async checkHrModule(): Promise { + try { + const [employees, absences, timeEntries] = await Promise.all([ + this.prisma.employee.count(), + this.prisma.absence.count(), + this.prisma.timeEntry.count(), + ]); + + return { + name: 'hr', + status: 'up', + message: `Employees: ${employees}, Absences: ${absences}, TimeEntries: ${timeEntries}`, + }; + } catch (error) { + return { + name: 'hr', + status: 'down', + message: error instanceof Error ? error.message : 'Unknown error', + }; + } + } + + private async checkLeanModule(): Promise { + try { + const [s3Plans, skills, meetings] = await Promise.all([ + this.prisma.s3Plan.count(), + this.prisma.skill.count(), + this.prisma.morningMeeting.count(), + ]); + + return { + name: 'lean', + status: 'up', + message: `S3Plans: ${s3Plans}, Skills: ${skills}, Meetings: ${meetings}`, + }; + } catch (error) { + return { + name: 'lean', + status: 'down', + message: error instanceof Error ? error.message : 'Unknown error', + }; + } + } + + private async checkIntegrationsModule(): Promise { + try { + const [credentials, syncHistory] = await Promise.all([ + this.prisma.integrationCredential.count(), + this.prisma.integrationSyncHistory.count(), + ]); + + return { + name: 'integrations', + status: 'up', + message: `Credentials: ${credentials}, SyncHistory: ${syncHistory}`, + }; + } catch (error) { + return { + name: 'integrations', + status: 'down', + message: error instanceof Error ? error.message : 'Unknown error', + }; + } + } +} diff --git a/apps/api/src/health/prisma-health.indicator.ts b/apps/api/src/health/prisma-health.indicator.ts new file mode 100644 index 0000000..bae8655 --- /dev/null +++ b/apps/api/src/health/prisma-health.indicator.ts @@ -0,0 +1,30 @@ +import { Injectable } from '@nestjs/common'; +import { HealthIndicator, HealthIndicatorResult, HealthCheckError } from '@nestjs/terminus'; +import { PrismaService } from '../prisma/prisma.service'; + +@Injectable() +export class PrismaHealthIndicator extends HealthIndicator { + constructor(private readonly prisma: PrismaService) { + super(); + } + + async isHealthy(key: string): Promise { + try { + // Execute a simple query to check database connectivity + await this.prisma.$queryRaw`SELECT 1`; + + return this.getStatus(key, true, { + message: 'Database connection is healthy', + }); + } catch (error) { + const errorMessage = error instanceof Error ? error.message : 'Unknown error'; + + throw new HealthCheckError( + 'Prisma health check failed', + this.getStatus(key, false, { + message: errorMessage, + }), + ); + } + } +} diff --git a/apps/api/src/main.ts b/apps/api/src/main.ts new file mode 100644 index 0000000..da5e7ff --- /dev/null +++ b/apps/api/src/main.ts @@ -0,0 +1,100 @@ +import { NestFactory } from '@nestjs/core'; +import { Logger, ValidationPipe, VersioningType } from '@nestjs/common'; +import { ConfigService } from '@nestjs/config'; +import { SwaggerModule, DocumentBuilder } from '@nestjs/swagger'; +import helmet from 'helmet'; +import { AppModule } from './app.module'; +import { HttpExceptionFilter } from './common/filters/http-exception.filter'; +import { TransformInterceptor } from './common/interceptors/transform.interceptor'; + +async function bootstrap() { + const logger = new Logger('Bootstrap'); + const app = await NestFactory.create(AppModule); + const configService = app.get(ConfigService); + + // Security + app.use(helmet()); + + // CORS + const corsOrigins = configService.get('CORS_ORIGINS')?.split(',').map((origin) => origin.trim()) || [ + 'http://localhost:3000', + ]; + app.enableCors({ + origin: corsOrigins, + methods: 'GET,HEAD,PUT,PATCH,POST,DELETE,OPTIONS', + credentials: true, + }); + + // API Prefix + const apiPrefix = configService.get('API_PREFIX') || 'api'; + app.setGlobalPrefix(apiPrefix); + + // API Versioning + app.enableVersioning({ + type: VersioningType.URI, + defaultVersion: '1', + }); + + // Global Pipes + app.useGlobalPipes( + new ValidationPipe({ + whitelist: true, + forbidNonWhitelisted: true, + transform: true, + transformOptions: { + enableImplicitConversion: true, + }, + }), + ); + + // Global Filters + app.useGlobalFilters(new HttpExceptionFilter()); + + // Global Interceptors + app.useGlobalInterceptors(new TransformInterceptor()); + + // Swagger Documentation + const swaggerEnabled = configService.get('SWAGGER_ENABLED') === 'true'; + if (swaggerEnabled) { + const config = new DocumentBuilder() + .setTitle('tOS API') + .setDescription('Team Operating System - Backend API Documentation') + .setVersion('1.0') + .addBearerAuth( + { + type: 'http', + scheme: 'bearer', + bearerFormat: 'JWT', + name: 'JWT', + description: 'Enter JWT token', + in: 'header', + }, + 'JWT-auth', + ) + .addTag('auth', 'Authentication endpoints') + .addTag('users', 'User management endpoints') + .addTag('health', 'Health check endpoints') + .addTag('dashboard', 'Dashboard widgets and statistics') + .addTag('departments', 'Department management') + .addTag('user-preferences', 'User preferences and settings') + .build(); + + const document = SwaggerModule.createDocument(app, config); + SwaggerModule.setup(`${apiPrefix}/docs`, app, document, { + swaggerOptions: { + persistAuthorization: true, + }, + }); + } + + // Start server + const port = configService.get('PORT') || 3001; + await app.listen(port); + + logger.log(`Application is running on: http://localhost:${port}/${apiPrefix}`); + if (swaggerEnabled) { + logger.log(`Swagger documentation: http://localhost:${port}/${apiPrefix}/docs`); + } +} + +bootstrap(); diff --git a/apps/api/src/modules/audit/audit.interceptor.ts b/apps/api/src/modules/audit/audit.interceptor.ts new file mode 100644 index 0000000..4a7e1ac --- /dev/null +++ b/apps/api/src/modules/audit/audit.interceptor.ts @@ -0,0 +1,146 @@ +import { + Injectable, + NestInterceptor, + ExecutionContext, + CallHandler, +} from '@nestjs/common'; +import { Observable } from 'rxjs'; +import { tap } from 'rxjs/operators'; +import { Reflector } from '@nestjs/core'; +import { AuditService } from './audit.service'; +import { JwtPayload } from '../../auth/interfaces/jwt-payload.interface'; + +export const AUDIT_ACTION_KEY = 'audit_action'; +export const AUDIT_ENTITY_KEY = 'audit_entity'; + +/** + * Decorator to mark a route for audit logging + */ +export function AuditLog(entity: string, action: string) { + return (target: object, key?: string | symbol, descriptor?: PropertyDescriptor) => { + if (descriptor) { + Reflect.defineMetadata(AUDIT_ACTION_KEY, action, descriptor.value); + Reflect.defineMetadata(AUDIT_ENTITY_KEY, entity, descriptor.value); + } + return descriptor; + }; +} + +@Injectable() +export class AuditInterceptor implements NestInterceptor { + constructor( + private readonly auditService: AuditService, + private readonly reflector: Reflector, + ) {} + + intercept(context: ExecutionContext, next: CallHandler): Observable { + const action = this.reflector.get( + AUDIT_ACTION_KEY, + context.getHandler(), + ); + const entity = this.reflector.get( + AUDIT_ENTITY_KEY, + context.getHandler(), + ); + + // If no audit metadata, skip logging + if (!action || !entity) { + return next.handle(); + } + + const request = context.switchToHttp().getRequest(); + const user = request.user as JwtPayload | undefined; + + // Skip if no authenticated user + if (!user?.sub) { + return next.handle(); + } + + const entityId = request.params?.id || undefined; + const oldData = request.body ? undefined : undefined; // Old data would need to be fetched before operation + const ipAddress = this.getClientIp(request); + const userAgent = request.headers['user-agent']; + + return next.handle().pipe( + tap({ + next: (result) => { + // Log successful operation + this.auditService + .log({ + userId: user.sub, + action, + entity, + entityId, + oldData, + newData: this.sanitizeData(result), + ipAddress, + userAgent, + }) + .catch((error) => { + // Log error but don't fail the request + console.error('Failed to write audit log:', error); + }); + }, + error: () => { + // Optionally log failed operations + this.auditService + .log({ + userId: user.sub, + action: `${action}_FAILED`, + entity, + entityId, + ipAddress, + userAgent, + }) + .catch((error) => { + console.error('Failed to write audit log:', error); + }); + }, + }), + ); + } + + /** + * Extract client IP address from request + */ + private getClientIp(request: { + headers: Record; + ip?: string; + connection?: { remoteAddress?: string }; + }): string | undefined { + const forwardedFor = request.headers['x-forwarded-for']; + if (forwardedFor) { + const ips = Array.isArray(forwardedFor) + ? forwardedFor[0] + : forwardedFor.split(',')[0]; + return ips.trim(); + } + return request.ip || request.connection?.remoteAddress; + } + + /** + * Remove sensitive data from audit log + */ + private sanitizeData( + data: unknown, + ): Record | undefined { + if (!data || typeof data !== 'object') { + return undefined; + } + + const sensitiveKeys = ['password', 'token', 'secret', 'credentials', 'bankAccount']; + const result: Record = {}; + + for (const [key, value] of Object.entries(data as Record)) { + if (sensitiveKeys.some((sk) => key.toLowerCase().includes(sk))) { + result[key] = '[REDACTED]'; + } else if (value && typeof value === 'object' && !Array.isArray(value)) { + result[key] = this.sanitizeData(value); + } else { + result[key] = value; + } + } + + return result; + } +} diff --git a/apps/api/src/modules/audit/audit.module.ts b/apps/api/src/modules/audit/audit.module.ts new file mode 100644 index 0000000..2b7033d --- /dev/null +++ b/apps/api/src/modules/audit/audit.module.ts @@ -0,0 +1,10 @@ +import { Module, Global } from '@nestjs/common'; +import { AuditService } from './audit.service'; +import { AuditInterceptor } from './audit.interceptor'; + +@Global() +@Module({ + providers: [AuditService, AuditInterceptor], + exports: [AuditService, AuditInterceptor], +}) +export class AuditModule {} diff --git a/apps/api/src/modules/audit/audit.service.ts b/apps/api/src/modules/audit/audit.service.ts new file mode 100644 index 0000000..9c05a47 --- /dev/null +++ b/apps/api/src/modules/audit/audit.service.ts @@ -0,0 +1,215 @@ +import { Injectable } from '@nestjs/common'; +import { PrismaService } from '../../prisma/prisma.service'; +import { Prisma } from '@prisma/client'; + +export interface AuditLogParams { + userId: string; + action: string; + entity: string; + entityId?: string; + oldData?: Record; + newData?: Record; + ipAddress?: string; + userAgent?: string; +} + +export interface PaginationParams { + page?: number; + limit?: number; +} + +@Injectable() +export class AuditService { + constructor(private readonly prisma: PrismaService) {} + + /** + * Log an audit event + */ + async log(params: AuditLogParams) { + return this.prisma.auditLog.create({ + data: { + userId: params.userId, + action: params.action, + entity: params.entity, + entityId: params.entityId, + oldData: params.oldData as Prisma.JsonObject | undefined, + newData: params.newData as Prisma.JsonObject | undefined, + ipAddress: params.ipAddress, + userAgent: params.userAgent, + }, + }); + } + + /** + * Get audit logs by user + */ + async getByUser(userId: string, pagination: PaginationParams = {}) { + const { page = 1, limit = 20 } = pagination; + const skip = (page - 1) * limit; + + const [logs, total] = await Promise.all([ + this.prisma.auditLog.findMany({ + where: { userId }, + skip, + take: limit, + orderBy: { createdAt: 'desc' }, + include: { + user: { + select: { + id: true, + email: true, + firstName: true, + lastName: true, + }, + }, + }, + }), + this.prisma.auditLog.count({ where: { userId } }), + ]); + + return { + data: logs, + meta: { + total, + page, + limit, + totalPages: Math.ceil(total / limit), + }, + }; + } + + /** + * Get audit logs by entity + */ + async getByEntity( + entity: string, + entityId: string, + pagination: PaginationParams = {}, + ) { + const { page = 1, limit = 20 } = pagination; + const skip = (page - 1) * limit; + + const where: Prisma.AuditLogWhereInput = { + entity, + entityId, + }; + + const [logs, total] = await Promise.all([ + this.prisma.auditLog.findMany({ + where, + skip, + take: limit, + orderBy: { createdAt: 'desc' }, + include: { + user: { + select: { + id: true, + email: true, + firstName: true, + lastName: true, + }, + }, + }, + }), + this.prisma.auditLog.count({ where }), + ]); + + return { + data: logs, + meta: { + total, + page, + limit, + totalPages: Math.ceil(total / limit), + }, + }; + } + + /** + * Get all audit logs with filtering + */ + async findAll(params: { + page?: number; + limit?: number; + action?: string; + entity?: string; + userId?: string; + startDate?: Date; + endDate?: Date; + }) { + const { + page = 1, + limit = 20, + action, + entity, + userId, + startDate, + endDate, + } = params; + const skip = (page - 1) * limit; + + const where: Prisma.AuditLogWhereInput = { + ...(action && { action }), + ...(entity && { entity }), + ...(userId && { userId }), + ...(startDate || endDate + ? { + createdAt: { + ...(startDate && { gte: startDate }), + ...(endDate && { lte: endDate }), + }, + } + : {}), + }; + + const [logs, total] = await Promise.all([ + this.prisma.auditLog.findMany({ + where, + skip, + take: limit, + orderBy: { createdAt: 'desc' }, + include: { + user: { + select: { + id: true, + email: true, + firstName: true, + lastName: true, + }, + }, + }, + }), + this.prisma.auditLog.count({ where }), + ]); + + return { + data: logs, + meta: { + total, + page, + limit, + totalPages: Math.ceil(total / limit), + }, + }; + } + + /** + * Get recent activity summary + */ + async getRecentActivity(limit = 10) { + return this.prisma.auditLog.findMany({ + take: limit, + orderBy: { createdAt: 'desc' }, + include: { + user: { + select: { + id: true, + email: true, + firstName: true, + lastName: true, + }, + }, + }, + }); + } +} diff --git a/apps/api/src/modules/audit/index.ts b/apps/api/src/modules/audit/index.ts new file mode 100644 index 0000000..7d66c5d --- /dev/null +++ b/apps/api/src/modules/audit/index.ts @@ -0,0 +1,3 @@ +export * from './audit.module'; +export * from './audit.service'; +export * from './audit.interceptor'; diff --git a/apps/api/src/modules/dashboard/dashboard.controller.ts b/apps/api/src/modules/dashboard/dashboard.controller.ts new file mode 100644 index 0000000..f124d5f --- /dev/null +++ b/apps/api/src/modules/dashboard/dashboard.controller.ts @@ -0,0 +1,174 @@ +import { Controller, Get, Put, Body } from '@nestjs/common'; +import { + ApiTags, + ApiOperation, + ApiResponse, + ApiBearerAuth, +} from '@nestjs/swagger'; +import { DashboardService } from './dashboard.service'; +import { UpdateLayoutDto } from './dto/dashboard-layout.dto'; +import { CurrentUser } from '../../auth/decorators/current-user.decorator'; +import { JwtPayload } from '../../auth/interfaces/jwt-payload.interface'; +import { RequirePermissions } from '../../auth/permissions/permissions.decorator'; +import { Permission } from '../../auth/permissions/permissions.enum'; + +@ApiTags('dashboard') +@ApiBearerAuth('JWT-auth') +@Controller('dashboard') +export class DashboardController { + constructor(private readonly dashboardService: DashboardService) {} + + @Get('stats') + @RequirePermissions(Permission.DASHBOARD_VIEW) + @ApiOperation({ summary: 'Get dashboard statistics (role-filtered)' }) + @ApiResponse({ + status: 200, + description: 'Dashboard statistics retrieved successfully (filtered by role)', + schema: { + type: 'object', + properties: { + users: { + type: 'object', + description: 'Only visible for admin/manager', + properties: { + total: { type: 'number', example: 150 }, + active: { type: 'number', example: 142 }, + newThisMonth: { type: 'number', example: 5 }, + }, + }, + departments: { + type: 'object', + properties: { + total: { type: 'number', example: 12 }, + active: { type: 'number', example: 10 }, + }, + }, + employees: { + type: 'object', + description: 'Only visible for admin/manager', + properties: { + total: { type: 'number', example: 120 }, + active: { type: 'number', example: 115 }, + }, + }, + absences: { + type: 'object', + description: 'Scoped by role - admin/manager see all, dept head sees department', + properties: { + pending: { type: 'number', example: 8 }, + approved: { type: 'number', example: 45 }, + total: { type: 'number', example: 53 }, + }, + }, + }, + }, + }) + @ApiResponse({ status: 401, description: 'Unauthorized' }) + getStats(@CurrentUser() user: JwtPayload) { + return this.dashboardService.getStats(user.sub, user.roles || []); + } + + @Get('widgets') + @RequirePermissions(Permission.DASHBOARD_VIEW) + @ApiOperation({ summary: 'Get available widget types' }) + @ApiResponse({ + status: 200, + description: 'List of available widget types', + schema: { + type: 'array', + items: { + type: 'object', + properties: { + id: { type: 'string', example: 'statistics' }, + name: { type: 'string', example: 'Statistics Overview' }, + description: { type: 'string', example: 'Display key metrics' }, + minWidth: { type: 'number', example: 2 }, + minHeight: { type: 'number', example: 1 }, + maxWidth: { type: 'number', example: 4 }, + maxHeight: { type: 'number', example: 2 }, + category: { type: 'string', example: 'overview' }, + requiredPermissions: { + type: 'array', + items: { type: 'string' }, + example: ['audit:view'], + }, + }, + }, + }, + }) + @ApiResponse({ status: 401, description: 'Unauthorized' }) + getWidgets() { + return this.dashboardService.getWidgetTypes(); + } + + @Get('layout') + @RequirePermissions(Permission.DASHBOARD_VIEW) + @ApiOperation({ summary: "Get user's dashboard layout" }) + @ApiResponse({ + status: 200, + description: 'Dashboard layout retrieved successfully', + }) + @ApiResponse({ status: 401, description: 'Unauthorized' }) + getLayout(@CurrentUser() user: JwtPayload) { + return this.dashboardService.getLayout(user.sub); + } + + @Put('layout') + @RequirePermissions(Permission.DASHBOARD_CUSTOMIZE) + @ApiOperation({ summary: "Save user's dashboard layout" }) + @ApiResponse({ + status: 200, + description: 'Dashboard layout saved successfully', + }) + @ApiResponse({ status: 400, description: 'Bad request' }) + @ApiResponse({ status: 401, description: 'Unauthorized' }) + saveLayout( + @CurrentUser() user: JwtPayload, + @Body() updateDto: UpdateLayoutDto, + ) { + return this.dashboardService.saveLayout(user.sub, updateDto.layout); + } + + @Get('activity') + @RequirePermissions(Permission.DASHBOARD_VIEW) + @ApiOperation({ summary: 'Get recent activity for dashboard (role-filtered)' }) + @ApiResponse({ + status: 200, + description: 'Recent activity retrieved successfully (admins see all, others see own)', + }) + @ApiResponse({ status: 401, description: 'Unauthorized' }) + getActivity(@CurrentUser() user: JwtPayload) { + return this.dashboardService.getRecentActivity(user.sub, user.roles || []); + } + + @Get('absences/upcoming') + @RequirePermissions(Permission.ABSENCES_VIEW) + @ApiOperation({ summary: 'Get upcoming absences for dashboard (role-filtered)' }) + @ApiResponse({ + status: 200, + description: 'Upcoming absences retrieved successfully (scoped by role)', + }) + @ApiResponse({ status: 401, description: 'Unauthorized' }) + getUpcomingAbsences(@CurrentUser() user: JwtPayload) { + return this.dashboardService.getUpcomingAbsences(user.sub, user.roles || []); + } + + @Get('approvals/pending/count') + @RequirePermissions(Permission.ABSENCES_APPROVE) + @ApiOperation({ summary: 'Get pending approvals count' }) + @ApiResponse({ + status: 200, + description: 'Pending approvals count', + schema: { + type: 'object', + properties: { + count: { type: 'number', example: 5 }, + }, + }, + }) + @ApiResponse({ status: 401, description: 'Unauthorized' }) + async getPendingApprovalsCount() { + const count = await this.dashboardService.getPendingApprovalsCount(); + return { count }; + } +} diff --git a/apps/api/src/modules/dashboard/dashboard.module.ts b/apps/api/src/modules/dashboard/dashboard.module.ts new file mode 100644 index 0000000..289e833 --- /dev/null +++ b/apps/api/src/modules/dashboard/dashboard.module.ts @@ -0,0 +1,12 @@ +import { Module } from '@nestjs/common'; +import { DashboardController } from './dashboard.controller'; +import { DashboardService } from './dashboard.service'; +import { UserPreferencesModule } from '../user-preferences/user-preferences.module'; + +@Module({ + imports: [UserPreferencesModule], + controllers: [DashboardController], + providers: [DashboardService], + exports: [DashboardService], +}) +export class DashboardModule {} diff --git a/apps/api/src/modules/dashboard/dashboard.service.ts b/apps/api/src/modules/dashboard/dashboard.service.ts new file mode 100644 index 0000000..335fe24 --- /dev/null +++ b/apps/api/src/modules/dashboard/dashboard.service.ts @@ -0,0 +1,376 @@ +import { Injectable } from '@nestjs/common'; +import { PrismaService } from '../../prisma/prisma.service'; +import { UserPreferencesService } from '../user-preferences/user-preferences.service'; +import { Prisma, ApprovalStatus } from '@prisma/client'; + +export interface DashboardStats { + users?: { + total: number; + active: number; + newThisMonth: number; + }; + departments: { + total: number; + active: number; + }; + employees?: { + total: number; + active: number; + }; + absences?: { + pending: number; + approved: number; + total: number; + }; + // Basic stats for all users + myDepartment?: { + name: string; + employeeCount: number; + }; +} + +export interface WidgetType { + id: string; + name: string; + description: string; + minWidth: number; + minHeight: number; + maxWidth: number; + maxHeight: number; + category: string; + requiredPermissions?: string[]; +} + +@Injectable() +export class DashboardService { + constructor( + private readonly prisma: PrismaService, + private readonly preferencesService: UserPreferencesService, + ) {} + + /** + * Get dashboard statistics based on user role + * - Admin/Manager: Full statistics + * - Department Head: Department-specific statistics + * - Employee: Basic statistics only + */ + async getStats(userId: string, userRoles: string[]): Promise { + const isAdmin = userRoles.includes('admin'); + const isManager = userRoles.includes('manager') || userRoles.includes('hr-manager'); + const isDeptHead = userRoles.includes('department_head') || userRoles.includes('team-lead'); + + const now = new Date(); + const startOfMonth = new Date(now.getFullYear(), now.getMonth(), 1); + + // Basic stats for all users - department count only + const [totalDepartments, activeDepartments] = await Promise.all([ + this.prisma.department.count(), + this.prisma.department.count({ where: { isActive: true } }), + ]); + + const baseStats: DashboardStats = { + departments: { + total: totalDepartments, + active: activeDepartments, + }, + }; + + // Admin and Manager get full statistics + if (isAdmin || isManager) { + const [ + totalUsers, + activeUsers, + newUsersThisMonth, + totalEmployees, + activeEmployees, + pendingAbsences, + approvedAbsences, + totalAbsences, + ] = await Promise.all([ + this.prisma.user.count(), + this.prisma.user.count({ where: { isActive: true } }), + this.prisma.user.count({ where: { createdAt: { gte: startOfMonth } } }), + this.prisma.employee.count(), + this.prisma.employee.count({ where: { isActive: true } }), + this.prisma.absence.count({ where: { status: ApprovalStatus.PENDING } }), + this.prisma.absence.count({ where: { status: ApprovalStatus.APPROVED } }), + this.prisma.absence.count(), + ]); + + return { + ...baseStats, + users: { total: totalUsers, active: activeUsers, newThisMonth: newUsersThisMonth }, + employees: { total: totalEmployees, active: activeEmployees }, + absences: { pending: pendingAbsences, approved: approvedAbsences, total: totalAbsences }, + }; + } + + // Department Head gets department-specific stats + if (isDeptHead) { + const user = await this.prisma.user.findUnique({ + where: { id: userId }, + include: { department: true }, + }); + + if (user?.departmentId) { + const [deptEmployees, deptAbsences] = await Promise.all([ + this.prisma.employee.count({ where: { user: { departmentId: user.departmentId } } }), + this.prisma.absence.count({ + where: { + employee: { user: { departmentId: user.departmentId } }, + status: ApprovalStatus.PENDING, + }, + }), + ]); + + return { + ...baseStats, + myDepartment: { + name: user.department?.name || 'Unknown', + employeeCount: deptEmployees, + }, + absences: { pending: deptAbsences, approved: 0, total: 0 }, + }; + } + } + + // Regular employee - basic stats only + return baseStats; + } + + /** + * Get available widget types + */ + getWidgetTypes(): WidgetType[] { + return [ + { + id: 'statistics', + name: 'Statistics Overview', + description: 'Display key metrics and statistics', + minWidth: 2, + minHeight: 1, + maxWidth: 4, + maxHeight: 2, + category: 'overview', + }, + { + id: 'activity', + name: 'Recent Activity', + description: 'Show recent system activity and events', + minWidth: 2, + minHeight: 2, + maxWidth: 4, + maxHeight: 4, + category: 'overview', + requiredPermissions: ['audit:view'], + }, + { + id: 'actions', + name: 'Quick Actions', + description: 'Shortcuts to common actions', + minWidth: 1, + minHeight: 1, + maxWidth: 2, + maxHeight: 2, + category: 'productivity', + }, + { + id: 'absences', + name: 'Upcoming Absences', + description: 'View upcoming team absences', + minWidth: 2, + minHeight: 2, + maxWidth: 4, + maxHeight: 4, + category: 'hr', + requiredPermissions: ['absences:view'], + }, + { + id: 'team', + name: 'Team Overview', + description: 'Quick view of your team members', + minWidth: 2, + minHeight: 2, + maxWidth: 4, + maxHeight: 4, + category: 'hr', + requiredPermissions: ['employees:view'], + }, + { + id: 'calendar', + name: 'Calendar', + description: 'View upcoming events and deadlines', + minWidth: 2, + minHeight: 2, + maxWidth: 4, + maxHeight: 4, + category: 'productivity', + }, + { + id: 'time-tracking', + name: 'Time Tracking', + description: 'Quick time entry and overview', + minWidth: 2, + minHeight: 1, + maxWidth: 4, + maxHeight: 2, + category: 'productivity', + requiredPermissions: ['time_entries:view'], + }, + { + id: 'announcements', + name: 'Announcements', + description: 'System and company announcements', + minWidth: 2, + minHeight: 2, + maxWidth: 4, + maxHeight: 3, + category: 'overview', + }, + { + id: 'department-stats', + name: 'Department Statistics', + description: 'Statistics for managed departments', + minWidth: 2, + minHeight: 2, + maxWidth: 4, + maxHeight: 4, + category: 'hr', + requiredPermissions: ['departments:view'], + }, + { + id: 'pending-approvals', + name: 'Pending Approvals', + description: 'Requests waiting for your approval', + minWidth: 2, + minHeight: 2, + maxWidth: 4, + maxHeight: 4, + category: 'hr', + requiredPermissions: ['absences:approve'], + }, + ]; + } + + /** + * Get user's dashboard layout + */ + async getLayout(userId: string) { + const preferences = await this.preferencesService.findByUserId(userId); + return { + layout: preferences.dashboardLayout || this.getDefaultLayout(), + }; + } + + /** + * Save user's dashboard layout + */ + async saveLayout(userId: string, layout: unknown[]) { + return this.preferencesService.updateDashboardLayout(userId, layout); + } + + /** + * Get recent activity for dashboard widget + * Admins see all activity, others see only their own + */ + async getRecentActivity(userId: string, userRoles: string[], limit = 10) { + const isAdmin = userRoles.includes('admin'); + const isManager = userRoles.includes('manager') || userRoles.includes('hr-manager'); + + // Only admins and managers can see all activity + const where = isAdmin || isManager ? {} : { userId }; + + return this.prisma.auditLog.findMany({ + where, + take: limit, + orderBy: { createdAt: 'desc' }, + include: { + user: { + select: { + id: true, + firstName: true, + lastName: true, + email: true, + }, + }, + }, + }); + } + + /** + * Get upcoming absences for dashboard widget + * Filtered by user role and department + */ + async getUpcomingAbsences(userId: string, userRoles: string[], limit = 5) { + const today = new Date(); + today.setHours(0, 0, 0, 0); + + const isAdmin = userRoles.includes('admin'); + const isManager = userRoles.includes('manager') || userRoles.includes('hr-manager'); + const isDeptHead = userRoles.includes('department_head') || userRoles.includes('team-lead'); + + // Build where clause based on role + let additionalWhere = {}; + + if (!isAdmin && !isManager) { + if (isDeptHead) { + // Department head sees their department's absences + const user = await this.prisma.user.findUnique({ + where: { id: userId }, + select: { departmentId: true }, + }); + if (user?.departmentId) { + additionalWhere = { employee: { user: { departmentId: user.departmentId } } }; + } + } else { + // Regular employee sees only their own absences + additionalWhere = { employee: { userId } }; + } + } + + return this.prisma.absence.findMany({ + where: { + startDate: { gte: today }, + status: { in: [ApprovalStatus.PENDING, ApprovalStatus.APPROVED] }, + ...additionalWhere, + }, + take: limit, + orderBy: { startDate: 'asc' }, + include: { + employee: { + include: { + user: { + select: { + id: true, + firstName: true, + lastName: true, + }, + }, + }, + }, + }, + }); + } + + /** + * Get pending approvals count + */ + async getPendingApprovalsCount() { + return this.prisma.absence.count({ + where: { status: 'PENDING' }, + }); + } + + /** + * Default dashboard layout + */ + private getDefaultLayout(): Prisma.JsonArray { + return [ + { id: 'stats-overview', type: 'statistics', x: 0, y: 0, w: 4, h: 1 }, + { id: 'recent-activity', type: 'activity', x: 0, y: 1, w: 2, h: 2 }, + { id: 'quick-actions', type: 'actions', x: 2, y: 1, w: 2, h: 2 }, + { id: 'upcoming-absences', type: 'absences', x: 0, y: 3, w: 2, h: 2 }, + { id: 'team-overview', type: 'team', x: 2, y: 3, w: 2, h: 2 }, + ]; + } +} diff --git a/apps/api/src/modules/dashboard/dto/dashboard-layout.dto.ts b/apps/api/src/modules/dashboard/dto/dashboard-layout.dto.ts new file mode 100644 index 0000000..8f1fc90 --- /dev/null +++ b/apps/api/src/modules/dashboard/dto/dashboard-layout.dto.ts @@ -0,0 +1,69 @@ +import { ApiProperty, ApiPropertyOptional } from '@nestjs/swagger'; +import { IsString, IsOptional, IsNumber, IsObject, IsArray, ValidateNested } from 'class-validator'; +import { Type } from 'class-transformer'; + +export class WidgetLayoutDto { + @ApiProperty({ + description: 'Unique widget identifier', + example: 'stats-overview', + }) + @IsString() + id: string; + + @ApiProperty({ + description: 'Widget type', + example: 'statistics', + }) + @IsString() + type: string; + + @ApiPropertyOptional({ + description: 'Grid position X', + example: 0, + }) + @IsOptional() + @IsNumber() + x?: number; + + @ApiPropertyOptional({ + description: 'Grid position Y', + example: 0, + }) + @IsOptional() + @IsNumber() + y?: number; + + @ApiPropertyOptional({ + description: 'Widget width in grid units', + example: 2, + }) + @IsOptional() + @IsNumber() + w?: number; + + @ApiPropertyOptional({ + description: 'Widget height in grid units', + example: 2, + }) + @IsOptional() + @IsNumber() + h?: number; + + @ApiPropertyOptional({ + description: 'Widget-specific settings', + }) + @IsOptional() + @IsObject() + settings?: Record; +} + +export class UpdateLayoutDto { + @ApiProperty({ + description: 'Array of widget configurations', + type: [WidgetLayoutDto], + }) + @IsArray() + @ValidateNested({ each: true }) + @Type(() => WidgetLayoutDto) + layout: WidgetLayoutDto[]; +} diff --git a/apps/api/src/modules/dashboard/dto/index.ts b/apps/api/src/modules/dashboard/dto/index.ts new file mode 100644 index 0000000..63b766f --- /dev/null +++ b/apps/api/src/modules/dashboard/dto/index.ts @@ -0,0 +1 @@ +export * from './dashboard-layout.dto'; diff --git a/apps/api/src/modules/dashboard/index.ts b/apps/api/src/modules/dashboard/index.ts new file mode 100644 index 0000000..8cb3b0b --- /dev/null +++ b/apps/api/src/modules/dashboard/index.ts @@ -0,0 +1,4 @@ +export * from './dashboard.module'; +export * from './dashboard.service'; +export * from './dashboard.controller'; +export * from './dto'; diff --git a/apps/api/src/modules/departments/departments.controller.ts b/apps/api/src/modules/departments/departments.controller.ts new file mode 100644 index 0000000..68d016b --- /dev/null +++ b/apps/api/src/modules/departments/departments.controller.ts @@ -0,0 +1,145 @@ +import { + Controller, + Get, + Post, + Body, + Put, + Param, + Delete, + Query, + HttpCode, + HttpStatus, +} from '@nestjs/common'; +import { + ApiTags, + ApiOperation, + ApiResponse, + ApiBearerAuth, + ApiParam, +} from '@nestjs/swagger'; +import { DepartmentsService } from './departments.service'; +import { CreateDepartmentDto } from './dto/create-department.dto'; +import { UpdateDepartmentDto } from './dto/update-department.dto'; +import { QueryDepartmentsDto } from './dto/query-departments.dto'; +import { Roles } from '../../auth/decorators/roles.decorator'; +import { RequirePermissions } from '../../auth/permissions/permissions.decorator'; +import { Permission } from '../../auth/permissions/permissions.enum'; +import { AuditLog } from '../audit/audit.interceptor'; + +@ApiTags('departments') +@ApiBearerAuth('JWT-auth') +@Controller('departments') +export class DepartmentsController { + constructor(private readonly departmentsService: DepartmentsService) {} + + @Post() + @Roles('admin') + @RequirePermissions(Permission.DEPARTMENTS_CREATE) + @AuditLog('Department', 'CREATE') + @ApiOperation({ summary: 'Create a new department' }) + @ApiResponse({ + status: 201, + description: 'Department created successfully', + }) + @ApiResponse({ status: 400, description: 'Bad request' }) + @ApiResponse({ status: 401, description: 'Unauthorized' }) + @ApiResponse({ status: 403, description: 'Forbidden' }) + @ApiResponse({ status: 409, description: 'Department code already exists' }) + create(@Body() createDto: CreateDepartmentDto) { + return this.departmentsService.create(createDto); + } + + @Get() + @RequirePermissions(Permission.DEPARTMENTS_VIEW) + @ApiOperation({ summary: 'Get all departments with pagination and filtering' }) + @ApiResponse({ + status: 200, + description: 'List of departments', + }) + @ApiResponse({ status: 401, description: 'Unauthorized' }) + findAll(@Query() query: QueryDepartmentsDto) { + return this.departmentsService.findAll(query); + } + + @Get('tree') + @RequirePermissions(Permission.DEPARTMENTS_VIEW) + @ApiOperation({ summary: 'Get hierarchical department tree' }) + @ApiResponse({ + status: 200, + description: 'Department tree structure', + }) + @ApiResponse({ status: 401, description: 'Unauthorized' }) + getTree() { + return this.departmentsService.getTree(); + } + + @Get(':id') + @RequirePermissions(Permission.DEPARTMENTS_VIEW) + @ApiOperation({ summary: 'Get a department by ID' }) + @ApiParam({ name: 'id', description: 'Department ID' }) + @ApiResponse({ + status: 200, + description: 'Department found', + }) + @ApiResponse({ status: 401, description: 'Unauthorized' }) + @ApiResponse({ status: 404, description: 'Department not found' }) + findOne(@Param('id') id: string) { + return this.departmentsService.findOne(id); + } + + @Get(':id/employees') + @RequirePermissions(Permission.DEPARTMENTS_VIEW) + @ApiOperation({ summary: 'Get employees of a department' }) + @ApiParam({ name: 'id', description: 'Department ID' }) + @ApiResponse({ + status: 200, + description: 'List of department employees', + }) + @ApiResponse({ status: 401, description: 'Unauthorized' }) + @ApiResponse({ status: 404, description: 'Department not found' }) + getEmployees( + @Param('id') id: string, + @Query('page') page?: number, + @Query('limit') limit?: number, + ) { + return this.departmentsService.getEmployees(id, { page, limit }); + } + + @Put(':id') + @Roles('admin') + @RequirePermissions(Permission.DEPARTMENTS_UPDATE) + @AuditLog('Department', 'UPDATE') + @ApiOperation({ summary: 'Update a department' }) + @ApiParam({ name: 'id', description: 'Department ID' }) + @ApiResponse({ + status: 200, + description: 'Department updated successfully', + }) + @ApiResponse({ status: 400, description: 'Bad request' }) + @ApiResponse({ status: 401, description: 'Unauthorized' }) + @ApiResponse({ status: 403, description: 'Forbidden' }) + @ApiResponse({ status: 404, description: 'Department not found' }) + @ApiResponse({ status: 409, description: 'Department code already exists' }) + update(@Param('id') id: string, @Body() updateDto: UpdateDepartmentDto) { + return this.departmentsService.update(id, updateDto); + } + + @Delete(':id') + @Roles('admin') + @RequirePermissions(Permission.DEPARTMENTS_DELETE) + @AuditLog('Department', 'DELETE') + @HttpCode(HttpStatus.OK) + @ApiOperation({ summary: 'Deactivate a department' }) + @ApiParam({ name: 'id', description: 'Department ID' }) + @ApiResponse({ + status: 200, + description: 'Department deactivated successfully', + }) + @ApiResponse({ status: 400, description: 'Cannot deactivate department with active users/children' }) + @ApiResponse({ status: 401, description: 'Unauthorized' }) + @ApiResponse({ status: 403, description: 'Forbidden' }) + @ApiResponse({ status: 404, description: 'Department not found' }) + remove(@Param('id') id: string) { + return this.departmentsService.remove(id); + } +} diff --git a/apps/api/src/modules/departments/departments.module.ts b/apps/api/src/modules/departments/departments.module.ts new file mode 100644 index 0000000..660a252 --- /dev/null +++ b/apps/api/src/modules/departments/departments.module.ts @@ -0,0 +1,10 @@ +import { Module } from '@nestjs/common'; +import { DepartmentsController } from './departments.controller'; +import { DepartmentsService } from './departments.service'; + +@Module({ + controllers: [DepartmentsController], + providers: [DepartmentsService], + exports: [DepartmentsService], +}) +export class DepartmentsModule {} diff --git a/apps/api/src/modules/departments/departments.service.ts b/apps/api/src/modules/departments/departments.service.ts new file mode 100644 index 0000000..c3723a2 --- /dev/null +++ b/apps/api/src/modules/departments/departments.service.ts @@ -0,0 +1,462 @@ +import { + Injectable, + NotFoundException, + ConflictException, + BadRequestException, +} from '@nestjs/common'; +import { PrismaService } from '../../prisma/prisma.service'; +import { CreateDepartmentDto } from './dto/create-department.dto'; +import { UpdateDepartmentDto } from './dto/update-department.dto'; +import { QueryDepartmentsDto } from './dto/query-departments.dto'; +import { Prisma } from '@prisma/client'; + +export interface DepartmentWithChildren { + id: string; + name: string; + code: string | null; + parentId: string | null; + managerId: string | null; + isActive: boolean; + createdAt: Date; + updatedAt: Date; + children?: DepartmentWithChildren[]; + manager?: { + id: string; + firstName: string; + lastName: string; + email: string; + } | null; + _count?: { + users: number; + children: number; + }; +} + +@Injectable() +export class DepartmentsService { + constructor(private readonly prisma: PrismaService) {} + + /** + * Create a new department + */ + async create(createDto: CreateDepartmentDto) { + // Check for duplicate code + if (createDto.code) { + const existingCode = await this.prisma.department.findUnique({ + where: { code: createDto.code }, + }); + + if (existingCode) { + throw new ConflictException( + `Department with code ${createDto.code} already exists`, + ); + } + } + + // Validate parent exists if provided + if (createDto.parentId) { + const parent = await this.prisma.department.findUnique({ + where: { id: createDto.parentId }, + }); + + if (!parent) { + throw new NotFoundException( + `Parent department with ID ${createDto.parentId} not found`, + ); + } + } + + // Validate manager exists if provided + if (createDto.managerId) { + const manager = await this.prisma.user.findUnique({ + where: { id: createDto.managerId }, + }); + + if (!manager) { + throw new NotFoundException( + `Manager with ID ${createDto.managerId} not found`, + ); + } + } + + return this.prisma.department.create({ + data: { + name: createDto.name, + code: createDto.code, + parentId: createDto.parentId, + managerId: createDto.managerId, + isActive: createDto.isActive ?? true, + }, + include: { + parent: true, + manager: { + select: { + id: true, + firstName: true, + lastName: true, + email: true, + }, + }, + _count: { + select: { + users: true, + children: true, + }, + }, + }, + }); + } + + /** + * Find all departments with filtering and pagination + */ + async findAll(query: QueryDepartmentsDto) { + const { + page = 1, + limit = 20, + search, + parentId, + isActive, + sortBy, + sortOrder, + } = query; + const skip = (page - 1) * limit; + + const where: Prisma.DepartmentWhereInput = { + ...(search && { + OR: [ + { name: { contains: search, mode: 'insensitive' } }, + { code: { contains: search, mode: 'insensitive' } }, + ], + }), + ...(parentId === 'null' ? { parentId: null } : parentId && { parentId }), + ...(isActive !== undefined && { isActive }), + }; + + const orderBy: Prisma.DepartmentOrderByWithRelationInput = sortBy + ? { [sortBy]: sortOrder || 'asc' } + : { name: 'asc' }; + + const [departments, total] = await Promise.all([ + this.prisma.department.findMany({ + where, + skip, + take: limit, + orderBy, + include: { + parent: true, + manager: { + select: { + id: true, + firstName: true, + lastName: true, + email: true, + }, + }, + _count: { + select: { + users: true, + children: true, + }, + }, + }, + }), + this.prisma.department.count({ where }), + ]); + + return { + data: departments, + meta: { + total, + page, + limit, + totalPages: Math.ceil(total / limit), + }, + }; + } + + /** + * Find a single department by ID + */ + async findOne(id: string) { + const department = await this.prisma.department.findUnique({ + where: { id }, + include: { + parent: true, + children: true, + manager: { + select: { + id: true, + firstName: true, + lastName: true, + email: true, + }, + }, + _count: { + select: { + users: true, + children: true, + }, + }, + }, + }); + + if (!department) { + throw new NotFoundException(`Department with ID ${id} not found`); + } + + return department; + } + + /** + * Update a department + */ + async update(id: string, updateDto: UpdateDepartmentDto) { + await this.findOne(id); + + // Check for duplicate code if updating + if (updateDto.code) { + const existingCode = await this.prisma.department.findFirst({ + where: { + code: updateDto.code, + id: { not: id }, + }, + }); + + if (existingCode) { + throw new ConflictException( + `Department with code ${updateDto.code} already exists`, + ); + } + } + + // Prevent circular parent reference + if (updateDto.parentId) { + if (updateDto.parentId === id) { + throw new BadRequestException('Department cannot be its own parent'); + } + + // Check if the new parent is a child of this department + const isCircular = await this.isDescendant(updateDto.parentId, id); + if (isCircular) { + throw new BadRequestException( + 'Cannot set a descendant department as parent', + ); + } + + const parent = await this.prisma.department.findUnique({ + where: { id: updateDto.parentId }, + }); + + if (!parent) { + throw new NotFoundException( + `Parent department with ID ${updateDto.parentId} not found`, + ); + } + } + + // Validate manager exists if provided + if (updateDto.managerId) { + const manager = await this.prisma.user.findUnique({ + where: { id: updateDto.managerId }, + }); + + if (!manager) { + throw new NotFoundException( + `Manager with ID ${updateDto.managerId} not found`, + ); + } + } + + return this.prisma.department.update({ + where: { id }, + data: updateDto, + include: { + parent: true, + manager: { + select: { + id: true, + firstName: true, + lastName: true, + email: true, + }, + }, + _count: { + select: { + users: true, + children: true, + }, + }, + }, + }); + } + + /** + * Delete a department (soft delete by deactivating) + */ + async remove(id: string) { + const department = await this.findOne(id); + + // Check if department has active users + const hasActiveUsers = await this.prisma.user.count({ + where: { departmentId: id, isActive: true }, + }); + + if (hasActiveUsers > 0) { + throw new BadRequestException( + `Cannot deactivate department with ${hasActiveUsers} active users`, + ); + } + + // Check if department has active children + const hasActiveChildren = await this.prisma.department.count({ + where: { parentId: id, isActive: true }, + }); + + if (hasActiveChildren > 0) { + throw new BadRequestException( + `Cannot deactivate department with ${hasActiveChildren} active sub-departments`, + ); + } + + return this.prisma.department.update({ + where: { id }, + data: { isActive: false }, + include: { + parent: true, + manager: { + select: { + id: true, + firstName: true, + lastName: true, + email: true, + }, + }, + _count: { + select: { + users: true, + children: true, + }, + }, + }, + }); + } + + /** + * Get employees of a department + */ + async getEmployees( + departmentId: string, + pagination: { page?: number; limit?: number } = {}, + ) { + await this.findOne(departmentId); + + const { page = 1, limit = 20 } = pagination; + const skip = (page - 1) * limit; + + const [users, total] = await Promise.all([ + this.prisma.user.findMany({ + where: { departmentId, isActive: true }, + skip, + take: limit, + orderBy: { lastName: 'asc' }, + include: { + employee: true, + roles: { + include: { + role: true, + }, + }, + }, + }), + this.prisma.user.count({ + where: { departmentId, isActive: true }, + }), + ]); + + return { + data: users, + meta: { + total, + page, + limit, + totalPages: Math.ceil(total / limit), + }, + }; + } + + /** + * Get hierarchical department tree + */ + async getTree(): Promise { + const allDepartments = await this.prisma.department.findMany({ + where: { isActive: true }, + orderBy: { name: 'asc' }, + include: { + manager: { + select: { + id: true, + firstName: true, + lastName: true, + email: true, + }, + }, + _count: { + select: { + users: true, + children: true, + }, + }, + }, + }); + + return this.buildTree(allDepartments, null); + } + + /** + * Build tree structure from flat list + */ + private buildTree( + departments: DepartmentWithChildren[], + parentId: string | null, + ): DepartmentWithChildren[] { + return departments + .filter((dept) => dept.parentId === parentId) + .map((dept) => ({ + ...dept, + children: this.buildTree(departments, dept.id), + })); + } + + /** + * Check if potentialDescendant is a descendant of ancestorId + */ + private async isDescendant( + potentialDescendantId: string, + ancestorId: string, + ): Promise { + const descendants = await this.getAllDescendants(ancestorId); + return descendants.includes(potentialDescendantId); + } + + /** + * Get all descendant IDs of a department + */ + private async getAllDescendants(departmentId: string): Promise { + const children = await this.prisma.department.findMany({ + where: { parentId: departmentId }, + select: { id: true }, + }); + + if (children.length === 0) { + return []; + } + + const childIds = children.map((c) => c.id); + const grandchildIds = await Promise.all( + childIds.map((id) => this.getAllDescendants(id)), + ); + + return [...childIds, ...grandchildIds.flat()]; + } +} diff --git a/apps/api/src/modules/departments/dto/create-department.dto.ts b/apps/api/src/modules/departments/dto/create-department.dto.ts new file mode 100644 index 0000000..24736ce --- /dev/null +++ b/apps/api/src/modules/departments/dto/create-department.dto.ts @@ -0,0 +1,60 @@ +import { ApiProperty, ApiPropertyOptional } from '@nestjs/swagger'; +import { + IsString, + IsOptional, + IsBoolean, + MinLength, + MaxLength, + Matches, +} from 'class-validator'; + +export class CreateDepartmentDto { + @ApiProperty({ + description: 'Department name', + example: 'Engineering', + minLength: 2, + maxLength: 100, + }) + @IsString() + @MinLength(2) + @MaxLength(100) + name: string; + + @ApiPropertyOptional({ + description: 'Unique department code', + example: 'ENG', + maxLength: 20, + }) + @IsOptional() + @IsString() + @MaxLength(20) + @Matches(/^[A-Z0-9_-]+$/i, { + message: 'Code must contain only letters, numbers, underscores, and hyphens', + }) + code?: string; + + @ApiPropertyOptional({ + description: 'Parent department ID for hierarchy', + example: 'clq1234567890abcdef', + }) + @IsOptional() + @IsString() + parentId?: string; + + @ApiPropertyOptional({ + description: 'Department manager user ID', + example: 'clq1234567890abcdef', + }) + @IsOptional() + @IsString() + managerId?: string; + + @ApiPropertyOptional({ + description: 'Whether the department is active', + example: true, + default: true, + }) + @IsOptional() + @IsBoolean() + isActive?: boolean; +} diff --git a/apps/api/src/modules/departments/dto/index.ts b/apps/api/src/modules/departments/dto/index.ts new file mode 100644 index 0000000..6703d80 --- /dev/null +++ b/apps/api/src/modules/departments/dto/index.ts @@ -0,0 +1,3 @@ +export * from './create-department.dto'; +export * from './update-department.dto'; +export * from './query-departments.dto'; diff --git a/apps/api/src/modules/departments/dto/query-departments.dto.ts b/apps/api/src/modules/departments/dto/query-departments.dto.ts new file mode 100644 index 0000000..8da7549 --- /dev/null +++ b/apps/api/src/modules/departments/dto/query-departments.dto.ts @@ -0,0 +1,98 @@ +import { ApiPropertyOptional } from '@nestjs/swagger'; +import { + IsOptional, + IsString, + IsBoolean, + IsInt, + Min, + Max, + IsEnum, +} from 'class-validator'; +import { Transform, Type } from 'class-transformer'; + +export enum DepartmentSortField { + CREATED_AT = 'createdAt', + UPDATED_AT = 'updatedAt', + NAME = 'name', + CODE = 'code', +} + +export enum SortOrder { + ASC = 'asc', + DESC = 'desc', +} + +export class QueryDepartmentsDto { + @ApiPropertyOptional({ + description: 'Page number for pagination', + example: 1, + minimum: 1, + default: 1, + }) + @IsOptional() + @Type(() => Number) + @IsInt() + @Min(1) + page?: number = 1; + + @ApiPropertyOptional({ + description: 'Number of items per page', + example: 20, + minimum: 1, + maximum: 100, + default: 20, + }) + @IsOptional() + @Type(() => Number) + @IsInt() + @Min(1) + @Max(100) + limit?: number = 20; + + @ApiPropertyOptional({ + description: 'Search term for name or code', + example: 'engineering', + }) + @IsOptional() + @IsString() + search?: string; + + @ApiPropertyOptional({ + description: 'Filter by parent department ID (use "null" for root departments)', + example: 'clq1234567890abcdef', + }) + @IsOptional() + @IsString() + parentId?: string; + + @ApiPropertyOptional({ + description: 'Filter by active status', + example: true, + }) + @IsOptional() + @Transform(({ value }) => { + if (value === 'true') return true; + if (value === 'false') return false; + return value; + }) + @IsBoolean() + isActive?: boolean; + + @ApiPropertyOptional({ + description: 'Field to sort by', + enum: DepartmentSortField, + example: DepartmentSortField.NAME, + }) + @IsOptional() + @IsEnum(DepartmentSortField) + sortBy?: DepartmentSortField; + + @ApiPropertyOptional({ + description: 'Sort order', + enum: SortOrder, + example: SortOrder.ASC, + }) + @IsOptional() + @IsEnum(SortOrder) + sortOrder?: SortOrder; +} diff --git a/apps/api/src/modules/departments/dto/update-department.dto.ts b/apps/api/src/modules/departments/dto/update-department.dto.ts new file mode 100644 index 0000000..8c3eff4 --- /dev/null +++ b/apps/api/src/modules/departments/dto/update-department.dto.ts @@ -0,0 +1,4 @@ +import { PartialType } from '@nestjs/swagger'; +import { CreateDepartmentDto } from './create-department.dto'; + +export class UpdateDepartmentDto extends PartialType(CreateDepartmentDto) {} diff --git a/apps/api/src/modules/departments/index.ts b/apps/api/src/modules/departments/index.ts new file mode 100644 index 0000000..7e26f30 --- /dev/null +++ b/apps/api/src/modules/departments/index.ts @@ -0,0 +1,4 @@ +export * from './departments.module'; +export * from './departments.service'; +export * from './departments.controller'; +export * from './dto'; diff --git a/apps/api/src/modules/hr/absences/absences.controller.ts b/apps/api/src/modules/hr/absences/absences.controller.ts new file mode 100644 index 0000000..919391a --- /dev/null +++ b/apps/api/src/modules/hr/absences/absences.controller.ts @@ -0,0 +1,232 @@ +import { + Controller, + Get, + Post, + Body, + Put, + Param, + Delete, + Query, + HttpCode, + HttpStatus, +} from '@nestjs/common'; +import { + ApiTags, + ApiOperation, + ApiResponse, + ApiBearerAuth, + ApiParam, +} from '@nestjs/swagger'; +import { AbsencesService } from './absences.service'; +import { CreateAbsenceDto } from './dto/create-absence.dto'; +import { UpdateAbsenceDto } from './dto/update-absence.dto'; +import { + QueryAbsencesDto, + QueryCalendarDto, + QueryConflictsDto, +} from './dto/query-absences.dto'; +import { ApproveAbsenceDto, RejectAbsenceDto } from './dto/approve-absence.dto'; +import { RequirePermissions } from '../../../auth/permissions/permissions.decorator'; +import { Permission } from '../../../auth/permissions/permissions.enum'; +import { CurrentUser } from '../../../auth/decorators/current-user.decorator'; +import { JwtPayload } from '../../../auth/interfaces/jwt-payload.interface'; +import { AuditLog } from '../../audit/audit.interceptor'; + +@ApiTags('hr/absences') +@ApiBearerAuth('JWT-auth') +@Controller('hr/absences') +export class AbsencesController { + constructor(private readonly absencesService: AbsencesService) {} + + @Post() + @RequirePermissions(Permission.ABSENCES_CREATE) + @AuditLog('Absence', 'CREATE') + @ApiOperation({ summary: 'Create a new absence request' }) + @ApiResponse({ + status: 201, + description: 'Absence request created successfully', + }) + @ApiResponse({ status: 400, description: 'Bad request - validation error or conflict' }) + @ApiResponse({ status: 401, description: 'Unauthorized' }) + @ApiResponse({ status: 403, description: 'Forbidden' }) + create( + @Body() createDto: CreateAbsenceDto, + @CurrentUser() currentUser: JwtPayload, + ) { + return this.absencesService.create(createDto, currentUser); + } + + @Get() + @RequirePermissions(Permission.ABSENCES_VIEW) + @ApiOperation({ summary: 'Get all absences with pagination and filtering' }) + @ApiResponse({ + status: 200, + description: 'List of absences with pagination metadata', + }) + @ApiResponse({ status: 401, description: 'Unauthorized' }) + findAll( + @Query() query: QueryAbsencesDto, + @CurrentUser() currentUser: JwtPayload, + ) { + return this.absencesService.findAll(query, currentUser); + } + + @Get('pending') + @RequirePermissions(Permission.ABSENCES_APPROVE) + @ApiOperation({ summary: 'Get pending absence requests for approval' }) + @ApiResponse({ + status: 200, + description: 'List of pending absences', + }) + @ApiResponse({ status: 401, description: 'Unauthorized' }) + @ApiResponse({ status: 403, description: 'Forbidden - requires approval permission' }) + getPending(@CurrentUser() currentUser: JwtPayload) { + return this.absencesService.getPending(currentUser); + } + + @Get('calendar') + @RequirePermissions(Permission.ABSENCES_VIEW) + @ApiOperation({ summary: 'Get calendar data for approved absences' }) + @ApiResponse({ + status: 200, + description: 'Calendar entries for approved absences', + }) + @ApiResponse({ status: 401, description: 'Unauthorized' }) + getCalendar( + @Query() query: QueryCalendarDto, + @CurrentUser() currentUser: JwtPayload, + ) { + return this.absencesService.getCalendar(query, currentUser); + } + + @Get('conflicts') + @RequirePermissions(Permission.ABSENCES_VIEW) + @ApiOperation({ summary: 'Check for absence conflicts and team coverage' }) + @ApiResponse({ + status: 200, + description: 'Conflict check results', + }) + @ApiResponse({ status: 400, description: 'Bad request - missing required parameters' }) + @ApiResponse({ status: 401, description: 'Unauthorized' }) + checkConflicts( + @Query() query: QueryConflictsDto, + @CurrentUser() currentUser: JwtPayload, + ) { + return this.absencesService.checkConflicts(query, currentUser); + } + + @Get('balance/:employeeId') + @RequirePermissions(Permission.ABSENCES_VIEW) + @ApiOperation({ summary: 'Get vacation balance for an employee' }) + @ApiParam({ name: 'employeeId', description: 'Employee ID' }) + @ApiResponse({ + status: 200, + description: 'Vacation balance details', + }) + @ApiResponse({ status: 401, description: 'Unauthorized' }) + @ApiResponse({ status: 404, description: 'Employee not found' }) + getBalance( + @Param('employeeId') employeeId: string, + @Query('year') year?: number, + ) { + return this.absencesService.getBalance(employeeId, year); + } + + @Get(':id') + @RequirePermissions(Permission.ABSENCES_VIEW) + @ApiOperation({ summary: 'Get a single absence by ID' }) + @ApiParam({ name: 'id', description: 'Absence ID' }) + @ApiResponse({ + status: 200, + description: 'Absence details', + }) + @ApiResponse({ status: 401, description: 'Unauthorized' }) + @ApiResponse({ status: 403, description: 'Forbidden - no access to this absence' }) + @ApiResponse({ status: 404, description: 'Absence not found' }) + findOne(@Param('id') id: string, @CurrentUser() currentUser: JwtPayload) { + return this.absencesService.findOne(id, currentUser); + } + + @Put(':id') + @RequirePermissions(Permission.ABSENCES_CREATE) + @AuditLog('Absence', 'UPDATE') + @ApiOperation({ summary: 'Update a pending absence' }) + @ApiParam({ name: 'id', description: 'Absence ID' }) + @ApiResponse({ + status: 200, + description: 'Absence updated successfully', + }) + @ApiResponse({ status: 400, description: 'Bad request - only PENDING absences can be updated' }) + @ApiResponse({ status: 401, description: 'Unauthorized' }) + @ApiResponse({ status: 403, description: 'Forbidden' }) + @ApiResponse({ status: 404, description: 'Absence not found' }) + update( + @Param('id') id: string, + @Body() updateDto: UpdateAbsenceDto, + @CurrentUser() currentUser: JwtPayload, + ) { + return this.absencesService.update(id, updateDto, currentUser); + } + + @Delete(':id') + @RequirePermissions(Permission.ABSENCES_CANCEL) + @AuditLog('Absence', 'CANCEL') + @HttpCode(HttpStatus.OK) + @ApiOperation({ summary: 'Cancel an absence (PENDING or APPROVED)' }) + @ApiParam({ name: 'id', description: 'Absence ID' }) + @ApiResponse({ + status: 200, + description: 'Absence cancelled successfully', + }) + @ApiResponse({ status: 400, description: 'Bad request - cannot cancel this absence' }) + @ApiResponse({ status: 401, description: 'Unauthorized' }) + @ApiResponse({ status: 403, description: 'Forbidden' }) + @ApiResponse({ status: 404, description: 'Absence not found' }) + cancel(@Param('id') id: string, @CurrentUser() currentUser: JwtPayload) { + return this.absencesService.cancel(id, currentUser); + } + + @Post(':id/approve') + @RequirePermissions(Permission.ABSENCES_APPROVE) + @AuditLog('Absence', 'APPROVE') + @HttpCode(HttpStatus.OK) + @ApiOperation({ summary: 'Approve a pending absence request' }) + @ApiParam({ name: 'id', description: 'Absence ID' }) + @ApiResponse({ + status: 200, + description: 'Absence approved successfully', + }) + @ApiResponse({ status: 400, description: 'Bad request - only PENDING absences can be approved' }) + @ApiResponse({ status: 401, description: 'Unauthorized' }) + @ApiResponse({ status: 403, description: 'Forbidden - cannot approve own absence or no permission' }) + @ApiResponse({ status: 404, description: 'Absence not found' }) + approve( + @Param('id') id: string, + @Body() approveDto: ApproveAbsenceDto, + @CurrentUser() currentUser: JwtPayload, + ) { + return this.absencesService.approve(id, approveDto, currentUser); + } + + @Post(':id/reject') + @RequirePermissions(Permission.ABSENCES_APPROVE) + @AuditLog('Absence', 'REJECT') + @HttpCode(HttpStatus.OK) + @ApiOperation({ summary: 'Reject a pending absence request' }) + @ApiParam({ name: 'id', description: 'Absence ID' }) + @ApiResponse({ + status: 200, + description: 'Absence rejected successfully', + }) + @ApiResponse({ status: 400, description: 'Bad request - only PENDING absences can be rejected' }) + @ApiResponse({ status: 401, description: 'Unauthorized' }) + @ApiResponse({ status: 403, description: 'Forbidden - cannot reject own absence or no permission' }) + @ApiResponse({ status: 404, description: 'Absence not found' }) + reject( + @Param('id') id: string, + @Body() rejectDto: RejectAbsenceDto, + @CurrentUser() currentUser: JwtPayload, + ) { + return this.absencesService.reject(id, rejectDto, currentUser); + } +} diff --git a/apps/api/src/modules/hr/absences/absences.module.ts b/apps/api/src/modules/hr/absences/absences.module.ts new file mode 100644 index 0000000..5d0481f --- /dev/null +++ b/apps/api/src/modules/hr/absences/absences.module.ts @@ -0,0 +1,10 @@ +import { Module } from '@nestjs/common'; +import { AbsencesController } from './absences.controller'; +import { AbsencesService } from './absences.service'; + +@Module({ + controllers: [AbsencesController], + providers: [AbsencesService], + exports: [AbsencesService], +}) +export class AbsencesModule {} diff --git a/apps/api/src/modules/hr/absences/absences.service.ts b/apps/api/src/modules/hr/absences/absences.service.ts new file mode 100644 index 0000000..035f90e --- /dev/null +++ b/apps/api/src/modules/hr/absences/absences.service.ts @@ -0,0 +1,1406 @@ +import { + Injectable, + NotFoundException, + BadRequestException, + ForbiddenException, + Logger, +} from '@nestjs/common'; +import { PrismaService } from '../../../prisma/prisma.service'; +import { CreateAbsenceDto } from './dto/create-absence.dto'; +import { UpdateAbsenceDto } from './dto/update-absence.dto'; +import { + QueryAbsencesDto, + QueryCalendarDto, + QueryConflictsDto, +} from './dto/query-absences.dto'; +import { ApproveAbsenceDto, RejectAbsenceDto } from './dto/approve-absence.dto'; +import { Prisma, AbsenceType, ApprovalStatus, ContractType } from '@prisma/client'; +import { calculateWorkingDays, DEFAULT_VACATION_DAYS } from '@tos/shared'; +import { JwtPayload } from '../../../auth/interfaces/jwt-payload.interface'; + +// Constants for vacation calculations +const PROBATION_MONTHS = 6; +const DAYS_PER_MONTH_ENTITLEMENT = DEFAULT_VACATION_DAYS / 12; + +// Absence types that count against vacation balance +const VACATION_TYPES: AbsenceType[] = [AbsenceType.VACATION]; + +// Absence types that don't require approval +const AUTO_APPROVED_TYPES: AbsenceType[] = [AbsenceType.SICK, AbsenceType.SICK_CHILD]; + +interface AbsenceEvent { + type: + | 'absence.created' + | 'absence.approved' + | 'absence.rejected' + | 'absence.cancelled' + | 'absence.updated'; + payload: { + absenceId: string; + employeeId: string; + absenceType: AbsenceType; + startDate: Date; + endDate: Date; + status: ApprovalStatus; + approvedById?: string; + comment?: string; + reason?: string; + }; +} + +export interface VacationBalance { + employeeId: string; + employeeName: string; + year: number; + entitlement: number; + taken: number; + planned: number; + remaining: number; + carryOver: number; + details: { + type: string; + startDate: Date; + endDate: Date; + days: number; + status: ApprovalStatus; + }[]; +} + +export interface CalendarEntry { + id: string; + employeeId: string; + employeeName: string; + type: AbsenceType; + startDate: Date; + endDate: Date; + days: number; + status: ApprovalStatus; + departmentId?: string; + departmentName?: string; +} + +export interface ConflictResult { + hasConflicts: boolean; + conflicts: { + employeeId: string; + employeeName: string; + absenceId: string; + type: AbsenceType; + startDate: Date; + endDate: Date; + overlapDays: number; + }[]; + teamCoverage?: { + totalEmployees: number; + absentCount: number; + coveragePercentage: number; + }; +} + +@Injectable() +export class AbsencesService { + private readonly logger = new Logger(AbsencesService.name); + + // Event queue for notifications (to be connected to event emitter later) + private eventQueue: AbsenceEvent[] = []; + + constructor(private readonly prisma: PrismaService) {} + + /** + * Create a new absence request + */ + async create(createDto: CreateAbsenceDto, currentUser: JwtPayload) { + // Determine the employee + let employeeId = createDto.employeeId; + + if (!employeeId) { + // Get employee from current user + const employee = await this.prisma.employee.findUnique({ + where: { userId: currentUser.sub }, + }); + + if (!employee) { + throw new BadRequestException( + 'No employee record found for current user', + ); + } + employeeId = employee.id; + } + + // Validate employee exists + const employee = await this.prisma.employee.findUnique({ + where: { id: employeeId }, + include: { + user: { + select: { + id: true, + firstName: true, + lastName: true, + departmentId: true, + }, + }, + }, + }); + + if (!employee) { + throw new NotFoundException(`Employee with ID ${employeeId} not found`); + } + + // Check if creating for self or someone else + if (createDto.employeeId && createDto.employeeId !== employeeId) { + // Creating for another employee requires approval permission + const isManager = await this.isManagerOfEmployee( + currentUser.sub, + employeeId, + ); + if (!isManager && !currentUser.roles.includes('admin') && !currentUser.roles.includes('hr-manager')) { + throw new ForbiddenException( + 'You can only create absences for yourself or employees you manage', + ); + } + } + + // Parse dates + const startDate = new Date(createDto.startDate); + const endDate = new Date(createDto.endDate); + + // Validate dates + if (endDate < startDate) { + throw new BadRequestException('End date must be after or equal to start date'); + } + + // Calculate days if not provided + const days = createDto.days ?? calculateWorkingDays(startDate, endDate); + + if (days <= 0) { + throw new BadRequestException('Absence must be at least 0.5 days'); + } + + // Check for overlapping absences + const conflicts = await this.checkEmployeeConflicts( + employeeId, + startDate, + endDate, + ); + + if (conflicts.hasConflicts) { + throw new BadRequestException( + `Absence overlaps with existing absence(s): ${conflicts.conflicts.map((c) => c.absenceId).join(', ')}`, + ); + } + + // Check vacation balance for vacation type + if (VACATION_TYPES.includes(createDto.type)) { + const balance = await this.getBalance(employeeId, startDate.getFullYear()); + if (balance.remaining < days) { + throw new BadRequestException( + `Insufficient vacation balance. Remaining: ${balance.remaining} days, Requested: ${days} days`, + ); + } + } + + // Determine initial status + let status: ApprovalStatus = ApprovalStatus.PENDING; + let approvedById: string | undefined; + + // Auto-approve sick days + if (AUTO_APPROVED_TYPES.includes(createDto.type)) { + status = ApprovalStatus.APPROVED; + // No approver for auto-approved absences + } + + // Create absence + const absence = await this.prisma.absence.create({ + data: { + type: createDto.type, + startDate, + endDate, + days, + status, + note: createDto.note, + employeeId, + approvedById, + }, + include: { + employee: { + include: { + user: { + select: { + id: true, + firstName: true, + lastName: true, + email: true, + departmentId: true, + }, + }, + }, + }, + approvedBy: { + select: { + id: true, + firstName: true, + lastName: true, + email: true, + }, + }, + }, + }); + + // Queue event for notification + this.queueEvent({ + type: 'absence.created', + payload: { + absenceId: absence.id, + employeeId: absence.employeeId, + absenceType: absence.type, + startDate: absence.startDate, + endDate: absence.endDate, + status: absence.status, + }, + }); + + return absence; + } + + /** + * Find all absences with filtering and pagination + */ + async findAll(query: QueryAbsencesDto, currentUser: JwtPayload) { + const { + page = 1, + limit = 20, + employeeId, + type, + status, + startDateFrom, + startDateTo, + endDateFrom, + endDateTo, + departmentId, + ownOnly, + sortBy, + sortOrder, + } = query; + const skip = (page - 1) * limit; + + // Build where clause + const where: Prisma.AbsenceWhereInput = {}; + + // Apply filters + if (employeeId) { + where.employeeId = employeeId; + } + + if (type) { + where.type = type; + } + + if (status) { + where.status = status; + } + + // Date range filters + if (startDateFrom || startDateTo) { + where.startDate = { + ...(startDateFrom && { gte: new Date(startDateFrom) }), + ...(startDateTo && { lte: new Date(startDateTo) }), + }; + } + + if (endDateFrom || endDateTo) { + where.endDate = { + ...(endDateFrom && { gte: new Date(endDateFrom) }), + ...(endDateTo && { lte: new Date(endDateTo) }), + }; + } + + // Department filter + if (departmentId) { + where.employee = { + user: { + departmentId, + }, + }; + } + + // Permission-based filtering + if (ownOnly || this.shouldFilterOwnOnly(currentUser)) { + const employee = await this.prisma.employee.findUnique({ + where: { userId: currentUser.sub }, + }); + if (employee) { + where.employeeId = employee.id; + } + } else if (this.canViewDepartmentOnly(currentUser)) { + // Team leads can only view their department + const user = await this.prisma.user.findUnique({ + where: { id: currentUser.sub }, + select: { departmentId: true }, + }); + if (user?.departmentId) { + where.employee = { + user: { + departmentId: user.departmentId, + }, + }; + } + } + + // Build order by + const orderBy: Prisma.AbsenceOrderByWithRelationInput = sortBy + ? { [sortBy]: sortOrder || 'desc' } + : { startDate: 'desc' }; + + // Execute query + const [absences, total] = await Promise.all([ + this.prisma.absence.findMany({ + where, + skip, + take: limit, + orderBy, + include: { + employee: { + include: { + user: { + select: { + id: true, + firstName: true, + lastName: true, + email: true, + departmentId: true, + department: { + select: { + id: true, + name: true, + }, + }, + }, + }, + }, + }, + approvedBy: { + select: { + id: true, + firstName: true, + lastName: true, + email: true, + }, + }, + }, + }), + this.prisma.absence.count({ where }), + ]); + + return { + data: absences, + meta: { + total, + page, + limit, + totalPages: Math.ceil(total / limit), + }, + }; + } + + /** + * Find a single absence by ID + */ + async findOne(id: string, currentUser: JwtPayload) { + const absence = await this.prisma.absence.findUnique({ + where: { id }, + include: { + employee: { + include: { + user: { + select: { + id: true, + firstName: true, + lastName: true, + email: true, + departmentId: true, + department: { + select: { + id: true, + name: true, + }, + }, + }, + }, + }, + }, + approvedBy: { + select: { + id: true, + firstName: true, + lastName: true, + email: true, + }, + }, + }, + }); + + if (!absence) { + throw new NotFoundException(`Absence with ID ${id} not found`); + } + + // Check view permission + await this.checkViewPermission(absence, currentUser); + + return absence; + } + + /** + * Update an absence (only PENDING status) + */ + async update(id: string, updateDto: UpdateAbsenceDto, currentUser: JwtPayload) { + const absence = await this.findOne(id, currentUser); + + // Only PENDING absences can be updated + if (absence.status !== ApprovalStatus.PENDING) { + throw new BadRequestException( + `Cannot update absence with status ${absence.status}. Only PENDING absences can be updated.`, + ); + } + + // Check if user can update + await this.checkUpdatePermission(absence, currentUser); + + // Parse dates if provided + const startDate = updateDto.startDate + ? new Date(updateDto.startDate) + : absence.startDate; + const endDate = updateDto.endDate + ? new Date(updateDto.endDate) + : absence.endDate; + + // Validate dates + if (endDate < startDate) { + throw new BadRequestException('End date must be after or equal to start date'); + } + + // Calculate days if dates changed + const days = + updateDto.days ?? + (updateDto.startDate || updateDto.endDate + ? calculateWorkingDays(startDate, endDate) + : absence.days); + + // Check for conflicts with other absences + const conflicts = await this.checkEmployeeConflicts( + absence.employeeId, + startDate, + endDate, + id, + ); + + if (conflicts.hasConflicts) { + throw new BadRequestException( + `Updated dates overlap with existing absence(s): ${conflicts.conflicts.map((c) => c.absenceId).join(', ')}`, + ); + } + + // Check vacation balance if type changes or days increase + const newType = updateDto.type ?? absence.type; + if (VACATION_TYPES.includes(newType)) { + const balance = await this.getBalance( + absence.employeeId, + startDate.getFullYear(), + ); + const currentDays = VACATION_TYPES.includes(absence.type) + ? absence.days + : 0; + const additionalDays = Number(days) - Number(currentDays); + + if (additionalDays > 0 && balance.remaining < additionalDays) { + throw new BadRequestException( + `Insufficient vacation balance. Remaining: ${balance.remaining} days, Additional requested: ${additionalDays} days`, + ); + } + } + + // Update absence + const updatedAbsence = await this.prisma.absence.update({ + where: { id }, + data: { + type: updateDto.type, + startDate, + endDate, + days, + note: updateDto.note, + }, + include: { + employee: { + include: { + user: { + select: { + id: true, + firstName: true, + lastName: true, + email: true, + departmentId: true, + }, + }, + }, + }, + approvedBy: { + select: { + id: true, + firstName: true, + lastName: true, + email: true, + }, + }, + }, + }); + + // Queue event + this.queueEvent({ + type: 'absence.updated', + payload: { + absenceId: updatedAbsence.id, + employeeId: updatedAbsence.employeeId, + absenceType: updatedAbsence.type, + startDate: updatedAbsence.startDate, + endDate: updatedAbsence.endDate, + status: updatedAbsence.status, + }, + }); + + return updatedAbsence; + } + + /** + * Cancel an absence (soft delete) + */ + async cancel(id: string, currentUser: JwtPayload) { + const absence = await this.findOne(id, currentUser); + + // Only PENDING or APPROVED absences can be cancelled + const cancellableStatuses: ApprovalStatus[] = [ApprovalStatus.PENDING, ApprovalStatus.APPROVED]; + if (!cancellableStatuses.includes(absence.status)) { + throw new BadRequestException( + `Cannot cancel absence with status ${absence.status}`, + ); + } + + // Check if user can cancel + await this.checkCancelPermission(absence, currentUser); + + // Update status to CANCELLED + const cancelledAbsence = await this.prisma.absence.update({ + where: { id }, + data: { + status: ApprovalStatus.CANCELLED, + }, + include: { + employee: { + include: { + user: { + select: { + id: true, + firstName: true, + lastName: true, + email: true, + }, + }, + }, + }, + }, + }); + + // Queue event + this.queueEvent({ + type: 'absence.cancelled', + payload: { + absenceId: cancelledAbsence.id, + employeeId: cancelledAbsence.employeeId, + absenceType: cancelledAbsence.type, + startDate: cancelledAbsence.startDate, + endDate: cancelledAbsence.endDate, + status: cancelledAbsence.status, + }, + }); + + return cancelledAbsence; + } + + /** + * Approve an absence + */ + async approve( + id: string, + approveDto: ApproveAbsenceDto, + currentUser: JwtPayload, + ) { + const absence = await this.findOne(id, currentUser); + + // Only PENDING absences can be approved + if (absence.status !== ApprovalStatus.PENDING) { + throw new BadRequestException( + `Cannot approve absence with status ${absence.status}. Only PENDING absences can be approved.`, + ); + } + + // Check approval permission + await this.checkApprovalPermission(absence, currentUser); + + // Update status to APPROVED + const approvedAbsence = await this.prisma.absence.update({ + where: { id }, + data: { + status: ApprovalStatus.APPROVED, + approvedById: currentUser.sub, + note: approveDto.comment + ? `${absence.note ? absence.note + '\n\n' : ''}[Approver: ${approveDto.comment}]` + : absence.note, + }, + include: { + employee: { + include: { + user: { + select: { + id: true, + firstName: true, + lastName: true, + email: true, + }, + }, + }, + }, + approvedBy: { + select: { + id: true, + firstName: true, + lastName: true, + email: true, + }, + }, + }, + }); + + // Queue event + this.queueEvent({ + type: 'absence.approved', + payload: { + absenceId: approvedAbsence.id, + employeeId: approvedAbsence.employeeId, + absenceType: approvedAbsence.type, + startDate: approvedAbsence.startDate, + endDate: approvedAbsence.endDate, + status: approvedAbsence.status, + approvedById: currentUser.sub, + comment: approveDto.comment, + }, + }); + + return approvedAbsence; + } + + /** + * Reject an absence + */ + async reject(id: string, rejectDto: RejectAbsenceDto, currentUser: JwtPayload) { + const absence = await this.findOne(id, currentUser); + + // Only PENDING absences can be rejected + if (absence.status !== ApprovalStatus.PENDING) { + throw new BadRequestException( + `Cannot reject absence with status ${absence.status}. Only PENDING absences can be rejected.`, + ); + } + + // Check approval permission + await this.checkApprovalPermission(absence, currentUser); + + // Update status to REJECTED + const rejectedAbsence = await this.prisma.absence.update({ + where: { id }, + data: { + status: ApprovalStatus.REJECTED, + approvedById: currentUser.sub, + note: rejectDto.reason + ? `${absence.note ? absence.note + '\n\n' : ''}[Rejected: ${rejectDto.reason}]` + : absence.note, + }, + include: { + employee: { + include: { + user: { + select: { + id: true, + firstName: true, + lastName: true, + email: true, + }, + }, + }, + }, + approvedBy: { + select: { + id: true, + firstName: true, + lastName: true, + email: true, + }, + }, + }, + }); + + // Queue event + this.queueEvent({ + type: 'absence.rejected', + payload: { + absenceId: rejectedAbsence.id, + employeeId: rejectedAbsence.employeeId, + absenceType: rejectedAbsence.type, + startDate: rejectedAbsence.startDate, + endDate: rejectedAbsence.endDate, + status: rejectedAbsence.status, + approvedById: currentUser.sub, + reason: rejectDto.reason, + }, + }); + + return rejectedAbsence; + } + + /** + * Get pending absences for approval + */ + async getPending(currentUser: JwtPayload) { + const where: Prisma.AbsenceWhereInput = { + status: ApprovalStatus.PENDING, + }; + + // Filter by managed employees for team leads + if (!currentUser.roles.includes('admin') && !currentUser.roles.includes('hr-manager')) { + const managedDepartments = await this.prisma.department.findMany({ + where: { managerId: currentUser.sub }, + select: { id: true }, + }); + + if (managedDepartments.length > 0) { + where.employee = { + user: { + departmentId: { + in: managedDepartments.map((d) => d.id), + }, + }, + }; + } else { + // No managed departments, return empty + return { data: [], meta: { total: 0 } }; + } + } + + const absences = await this.prisma.absence.findMany({ + where, + orderBy: [{ startDate: 'asc' }, { createdAt: 'asc' }], + include: { + employee: { + include: { + user: { + select: { + id: true, + firstName: true, + lastName: true, + email: true, + departmentId: true, + department: { + select: { + id: true, + name: true, + }, + }, + }, + }, + }, + }, + }, + }); + + return { + data: absences, + meta: { + total: absences.length, + }, + }; + } + + /** + * Get calendar data (approved absences) + */ + async getCalendar(query: QueryCalendarDto, currentUser: JwtPayload): Promise { + const { startDate, endDate, departmentId, types } = query; + + // Default to current month if no dates provided + const now = new Date(); + const start = startDate + ? new Date(startDate) + : new Date(now.getFullYear(), now.getMonth(), 1); + const end = endDate + ? new Date(endDate) + : new Date(now.getFullYear(), now.getMonth() + 1, 0); + + // Parse types filter + const typeFilter = types + ? (types.split(',').filter((t) => Object.values(AbsenceType).includes(t as AbsenceType)) as AbsenceType[]) + : undefined; + + const where: Prisma.AbsenceWhereInput = { + status: ApprovalStatus.APPROVED, + OR: [ + { + startDate: { lte: end }, + endDate: { gte: start }, + }, + ], + }; + + if (typeFilter && typeFilter.length > 0) { + where.type = { in: typeFilter }; + } + + if (departmentId) { + where.employee = { + user: { + departmentId, + }, + }; + } + + // Permission-based filtering + if (this.canViewDepartmentOnly(currentUser)) { + const user = await this.prisma.user.findUnique({ + where: { id: currentUser.sub }, + select: { departmentId: true }, + }); + if (user?.departmentId) { + where.employee = { + user: { + departmentId: user.departmentId, + }, + }; + } + } + + const absences = await this.prisma.absence.findMany({ + where, + orderBy: { startDate: 'asc' }, + include: { + employee: { + include: { + user: { + select: { + id: true, + firstName: true, + lastName: true, + departmentId: true, + department: { + select: { + id: true, + name: true, + }, + }, + }, + }, + }, + }, + }, + }); + + return absences.map((absence) => ({ + id: absence.id, + employeeId: absence.employeeId, + employeeName: `${absence.employee.user.firstName} ${absence.employee.user.lastName}`, + type: absence.type, + startDate: absence.startDate, + endDate: absence.endDate, + days: Number(absence.days), + status: absence.status, + departmentId: absence.employee.user.departmentId ?? undefined, + departmentName: absence.employee.user.department?.name, + })); + } + + /** + * Get vacation balance for an employee + */ + async getBalance(employeeId: string, year?: number): Promise { + const currentYear = year ?? new Date().getFullYear(); + + const employee = await this.prisma.employee.findUnique({ + where: { id: employeeId }, + include: { + user: { + select: { + firstName: true, + lastName: true, + }, + }, + }, + }); + + if (!employee) { + throw new NotFoundException(`Employee with ID ${employeeId} not found`); + } + + // Calculate entitlement based on entry date + const entitlement = this.calculateEntitlement( + employee.entryDate, + employee.contractType, + currentYear, + ); + + // Get all vacation absences for the year + const yearStart = new Date(currentYear, 0, 1); + const yearEnd = new Date(currentYear, 11, 31); + + const absences = await this.prisma.absence.findMany({ + where: { + employeeId, + type: { in: VACATION_TYPES }, + startDate: { gte: yearStart }, + endDate: { lte: yearEnd }, + status: { not: ApprovalStatus.CANCELLED }, + }, + orderBy: { startDate: 'asc' }, + }); + + // Calculate taken (approved) and planned (pending) + const taken = absences + .filter((a) => a.status === ApprovalStatus.APPROVED) + .reduce((sum, a) => sum + Number(a.days), 0); + + const planned = absences + .filter((a) => a.status === ApprovalStatus.PENDING) + .reduce((sum, a) => sum + Number(a.days), 0); + + // TODO: Implement carry-over from previous year + const carryOver = 0; + + const remaining = entitlement + carryOver - taken - planned; + + return { + employeeId, + employeeName: `${employee.user.firstName} ${employee.user.lastName}`, + year: currentYear, + entitlement, + taken, + planned, + remaining, + carryOver, + details: absences.map((a) => ({ + type: a.type, + startDate: a.startDate, + endDate: a.endDate, + days: Number(a.days), + status: a.status, + })), + }; + } + + /** + * Check for conflicts + */ + async checkConflicts( + query: QueryConflictsDto, + currentUser: JwtPayload, + ): Promise { + const { employeeId, departmentId, startDate, endDate, excludeId } = query; + + if (!startDate || !endDate) { + throw new BadRequestException('Start date and end date are required'); + } + + const start = new Date(startDate); + const end = new Date(endDate); + + // Employee-level conflicts + if (employeeId) { + return this.checkEmployeeConflicts(employeeId, start, end, excludeId); + } + + // Department-level conflicts (team coverage) + if (departmentId) { + return this.checkDepartmentConflicts(departmentId, start, end, excludeId); + } + + // Default: check for current user's employee + const employee = await this.prisma.employee.findUnique({ + where: { userId: currentUser.sub }, + }); + + if (!employee) { + throw new BadRequestException('No employee record found for current user'); + } + + return this.checkEmployeeConflicts(employee.id, start, end, excludeId); + } + + // ============================================================================ + // Private Helper Methods + // ============================================================================ + + /** + * Check if user is manager of the given employee + */ + private async isManagerOfEmployee( + userId: string, + employeeId: string, + ): Promise { + const employee = await this.prisma.employee.findUnique({ + where: { id: employeeId }, + include: { + user: { + select: { departmentId: true }, + }, + }, + }); + + if (!employee?.user.departmentId) { + return false; + } + + const department = await this.prisma.department.findUnique({ + where: { id: employee.user.departmentId }, + }); + + return department?.managerId === userId; + } + + /** + * Calculate vacation entitlement based on entry date and contract type + */ + private calculateEntitlement( + entryDate: Date, + contractType: ContractType, + year: number, + ): number { + const yearStart = new Date(year, 0, 1); + const yearEnd = new Date(year, 11, 31); + + // If entry date is in the future year, no entitlement + if (entryDate > yearEnd) { + return 0; + } + + // Calculate months worked in the year + let monthsWorked = 12; + + if (entryDate.getFullYear() === year) { + // Entered this year - pro-rata calculation + monthsWorked = 12 - entryDate.getMonth(); + if (entryDate.getDate() > 15) { + monthsWorked--; + } + } + + // Base entitlement based on contract type + let baseEntitlement = DEFAULT_VACATION_DAYS; + + if (contractType === ContractType.PART_TIME) { + baseEntitlement = Math.round(DEFAULT_VACATION_DAYS * 0.8); + } else if (contractType === ContractType.MINI_JOB) { + baseEntitlement = Math.round(DEFAULT_VACATION_DAYS * 0.5); + } else if (contractType === ContractType.INTERN || contractType === ContractType.WORKING_STUDENT) { + baseEntitlement = Math.round(DEFAULT_VACATION_DAYS * 0.6); + } + + // Calculate pro-rata entitlement + return Math.round((baseEntitlement / 12) * monthsWorked); + } + + /** + * Check for overlapping absences for an employee + */ + private async checkEmployeeConflicts( + employeeId: string, + startDate: Date, + endDate: Date, + excludeId?: string, + ): Promise { + const where: Prisma.AbsenceWhereInput = { + employeeId, + status: { not: ApprovalStatus.CANCELLED }, + OR: [ + { + startDate: { lte: endDate }, + endDate: { gte: startDate }, + }, + ], + }; + + if (excludeId) { + where.id = { not: excludeId }; + } + + const overlapping = await this.prisma.absence.findMany({ + where, + include: { + employee: { + include: { + user: { + select: { + firstName: true, + lastName: true, + }, + }, + }, + }, + }, + }); + + return { + hasConflicts: overlapping.length > 0, + conflicts: overlapping.map((a) => ({ + employeeId: a.employeeId, + employeeName: `${a.employee.user.firstName} ${a.employee.user.lastName}`, + absenceId: a.id, + type: a.type, + startDate: a.startDate, + endDate: a.endDate, + overlapDays: this.calculateOverlapDays(startDate, endDate, a.startDate, a.endDate), + })), + }; + } + + /** + * Check for team coverage conflicts in a department + */ + private async checkDepartmentConflicts( + departmentId: string, + startDate: Date, + endDate: Date, + excludeId?: string, + ): Promise { + // Get total employees in department + const totalEmployees = await this.prisma.user.count({ + where: { + departmentId, + isActive: true, + employee: { isNot: null }, + }, + }); + + // Get employees with approved absences during the period + const where: Prisma.AbsenceWhereInput = { + employee: { + user: { + departmentId, + }, + }, + status: ApprovalStatus.APPROVED, + OR: [ + { + startDate: { lte: endDate }, + endDate: { gte: startDate }, + }, + ], + }; + + if (excludeId) { + where.id = { not: excludeId }; + } + + const absences = await this.prisma.absence.findMany({ + where, + include: { + employee: { + include: { + user: { + select: { + firstName: true, + lastName: true, + }, + }, + }, + }, + }, + }); + + const uniqueAbsentEmployees = new Set(absences.map((a) => a.employeeId)); + const absentCount = uniqueAbsentEmployees.size; + const coveragePercentage = + totalEmployees > 0 + ? Math.round(((totalEmployees - absentCount) / totalEmployees) * 100) + : 100; + + return { + hasConflicts: coveragePercentage < 50, // Alert if less than 50% coverage + conflicts: absences.map((a) => ({ + employeeId: a.employeeId, + employeeName: `${a.employee.user.firstName} ${a.employee.user.lastName}`, + absenceId: a.id, + type: a.type, + startDate: a.startDate, + endDate: a.endDate, + overlapDays: this.calculateOverlapDays(startDate, endDate, a.startDate, a.endDate), + })), + teamCoverage: { + totalEmployees, + absentCount, + coveragePercentage, + }, + }; + } + + /** + * Calculate overlap days between two date ranges + */ + private calculateOverlapDays( + start1: Date, + end1: Date, + start2: Date, + end2: Date, + ): number { + const overlapStart = new Date(Math.max(start1.getTime(), start2.getTime())); + const overlapEnd = new Date(Math.min(end1.getTime(), end2.getTime())); + + if (overlapStart > overlapEnd) { + return 0; + } + + return calculateWorkingDays(overlapStart, overlapEnd); + } + + /** + * Check if user should only see their own absences + */ + private shouldFilterOwnOnly(currentUser: JwtPayload): boolean { + const viewAllRoles = ['admin', 'hr-manager', 'team-lead']; + return !currentUser.roles.some((r) => viewAllRoles.includes(r)); + } + + /** + * Check if user can only view their department + */ + private canViewDepartmentOnly(currentUser: JwtPayload): boolean { + return ( + currentUser.roles.includes('team-lead') && + !currentUser.roles.includes('admin') && + !currentUser.roles.includes('hr-manager') + ); + } + + /** + * Check view permission for an absence + */ + private async checkViewPermission( + absence: { employeeId: string; employee: { user: { id: string; departmentId: string | null } } }, + currentUser: JwtPayload, + ): Promise { + // Admins and HR managers can view all + if (currentUser.roles.includes('admin') || currentUser.roles.includes('hr-manager')) { + return; + } + + // Own absence + if (absence.employee.user.id === currentUser.sub) { + return; + } + + // Manager of the employee + const isManager = await this.isManagerOfEmployee(currentUser.sub, absence.employeeId); + if (isManager) { + return; + } + + // Team lead in same department + if (currentUser.roles.includes('team-lead') && absence.employee.user.departmentId) { + const user = await this.prisma.user.findUnique({ + where: { id: currentUser.sub }, + select: { departmentId: true }, + }); + if (user?.departmentId === absence.employee.user.departmentId) { + return; + } + } + + throw new ForbiddenException('You do not have permission to view this absence'); + } + + /** + * Check update permission for an absence + */ + private async checkUpdatePermission( + absence: { employeeId: string; employee: { user: { id: string } } }, + currentUser: JwtPayload, + ): Promise { + // Admins and HR managers can update all + if (currentUser.roles.includes('admin') || currentUser.roles.includes('hr-manager')) { + return; + } + + // Own absence + if (absence.employee.user.id === currentUser.sub) { + return; + } + + throw new ForbiddenException('You can only update your own pending absences'); + } + + /** + * Check cancel permission for an absence + */ + private async checkCancelPermission( + absence: { employeeId: string; employee: { user: { id: string } } }, + currentUser: JwtPayload, + ): Promise { + // Admins and HR managers can cancel all + if (currentUser.roles.includes('admin') || currentUser.roles.includes('hr-manager')) { + return; + } + + // Own absence + if (absence.employee.user.id === currentUser.sub) { + return; + } + + throw new ForbiddenException('You can only cancel your own absences'); + } + + /** + * Check approval permission for an absence + */ + private async checkApprovalPermission( + absence: { employeeId: string; employee: { user: { id: string; departmentId: string | null } } }, + currentUser: JwtPayload, + ): Promise { + // Admins and HR managers can approve all + if (currentUser.roles.includes('admin') || currentUser.roles.includes('hr-manager')) { + return; + } + + // Cannot approve own absences + if (absence.employee.user.id === currentUser.sub) { + throw new ForbiddenException('You cannot approve your own absences'); + } + + // Manager of the employee can approve + const isManager = await this.isManagerOfEmployee(currentUser.sub, absence.employeeId); + if (isManager) { + return; + } + + throw new ForbiddenException('You do not have permission to approve this absence'); + } + + /** + * Queue an event for later notification processing + */ + private queueEvent(event: AbsenceEvent): void { + this.eventQueue.push(event); + this.logger.debug(`Event queued: ${event.type} for absence ${event.payload.absenceId}`); + // TODO: Connect to EventEmitter2 when available + } + + /** + * Get and clear pending events (for testing/integration) + */ + getPendingEvents(): AbsenceEvent[] { + const events = [...this.eventQueue]; + this.eventQueue = []; + return events; + } +} diff --git a/apps/api/src/modules/hr/absences/dto/approve-absence.dto.ts b/apps/api/src/modules/hr/absences/dto/approve-absence.dto.ts new file mode 100644 index 0000000..ac0e600 --- /dev/null +++ b/apps/api/src/modules/hr/absences/dto/approve-absence.dto.ts @@ -0,0 +1,26 @@ +import { ApiPropertyOptional } from '@nestjs/swagger'; +import { IsString, IsOptional, MaxLength } from 'class-validator'; + +export class ApproveAbsenceDto { + @ApiPropertyOptional({ + description: 'Optional comment from approver', + example: 'Approved. Please ensure handover before leaving.', + maxLength: 500, + }) + @IsOptional() + @IsString() + @MaxLength(500) + comment?: string; +} + +export class RejectAbsenceDto { + @ApiPropertyOptional({ + description: 'Reason for rejection', + example: 'Team coverage not sufficient during this period', + maxLength: 500, + }) + @IsOptional() + @IsString() + @MaxLength(500) + reason?: string; +} diff --git a/apps/api/src/modules/hr/absences/dto/create-absence.dto.ts b/apps/api/src/modules/hr/absences/dto/create-absence.dto.ts new file mode 100644 index 0000000..a8ed375 --- /dev/null +++ b/apps/api/src/modules/hr/absences/dto/create-absence.dto.ts @@ -0,0 +1,63 @@ +import { ApiProperty, ApiPropertyOptional } from '@nestjs/swagger'; +import { + IsEnum, + IsString, + IsOptional, + IsDateString, + IsNumber, + Min, + MaxLength, +} from 'class-validator'; +import { AbsenceType } from '@prisma/client'; + +export class CreateAbsenceDto { + @ApiProperty({ + description: 'Type of absence', + enum: AbsenceType, + example: AbsenceType.VACATION, + }) + @IsEnum(AbsenceType) + type: AbsenceType; + + @ApiProperty({ + description: 'Start date of the absence (ISO 8601 format)', + example: '2024-03-15', + }) + @IsDateString() + startDate: string; + + @ApiProperty({ + description: 'End date of the absence (ISO 8601 format)', + example: '2024-03-20', + }) + @IsDateString() + endDate: string; + + @ApiPropertyOptional({ + description: 'Number of days (calculated automatically if not provided)', + example: 5, + minimum: 0.5, + }) + @IsOptional() + @IsNumber() + @Min(0.5) + days?: number; + + @ApiPropertyOptional({ + description: 'Optional note or reason for the absence', + example: 'Family vacation', + maxLength: 1000, + }) + @IsOptional() + @IsString() + @MaxLength(1000) + note?: string; + + @ApiPropertyOptional({ + description: 'Employee ID (required for managers creating absences for others)', + example: 'clq1234567890abcdef', + }) + @IsOptional() + @IsString() + employeeId?: string; +} diff --git a/apps/api/src/modules/hr/absences/dto/index.ts b/apps/api/src/modules/hr/absences/dto/index.ts new file mode 100644 index 0000000..de14aed --- /dev/null +++ b/apps/api/src/modules/hr/absences/dto/index.ts @@ -0,0 +1,4 @@ +export * from './create-absence.dto'; +export * from './update-absence.dto'; +export * from './query-absences.dto'; +export * from './approve-absence.dto'; diff --git a/apps/api/src/modules/hr/absences/dto/query-absences.dto.ts b/apps/api/src/modules/hr/absences/dto/query-absences.dto.ts new file mode 100644 index 0000000..7d58c4f --- /dev/null +++ b/apps/api/src/modules/hr/absences/dto/query-absences.dto.ts @@ -0,0 +1,229 @@ +import { ApiPropertyOptional } from '@nestjs/swagger'; +import { + IsOptional, + IsString, + IsEnum, + IsInt, + Min, + Max, + IsDateString, + IsBoolean, +} from 'class-validator'; +import { Transform, Type } from 'class-transformer'; +import { AbsenceType, ApprovalStatus } from '@prisma/client'; + +export enum AbsenceSortField { + CREATED_AT = 'createdAt', + UPDATED_AT = 'updatedAt', + START_DATE = 'startDate', + END_DATE = 'endDate', + DAYS = 'days', + TYPE = 'type', + STATUS = 'status', +} + +export enum SortOrder { + ASC = 'asc', + DESC = 'desc', +} + +export class QueryAbsencesDto { + @ApiPropertyOptional({ + description: 'Page number for pagination', + example: 1, + minimum: 1, + default: 1, + }) + @IsOptional() + @Type(() => Number) + @IsInt() + @Min(1) + page?: number = 1; + + @ApiPropertyOptional({ + description: 'Number of items per page', + example: 20, + minimum: 1, + maximum: 100, + default: 20, + }) + @IsOptional() + @Type(() => Number) + @IsInt() + @Min(1) + @Max(100) + limit?: number = 20; + + @ApiPropertyOptional({ + description: 'Filter by employee ID', + example: 'clq1234567890abcdef', + }) + @IsOptional() + @IsString() + employeeId?: string; + + @ApiPropertyOptional({ + description: 'Filter by absence type', + enum: AbsenceType, + example: AbsenceType.VACATION, + }) + @IsOptional() + @IsEnum(AbsenceType) + type?: AbsenceType; + + @ApiPropertyOptional({ + description: 'Filter by approval status', + enum: ApprovalStatus, + example: ApprovalStatus.PENDING, + }) + @IsOptional() + @IsEnum(ApprovalStatus) + status?: ApprovalStatus; + + @ApiPropertyOptional({ + description: 'Filter absences starting from this date', + example: '2024-01-01', + }) + @IsOptional() + @IsDateString() + startDateFrom?: string; + + @ApiPropertyOptional({ + description: 'Filter absences starting until this date', + example: '2024-12-31', + }) + @IsOptional() + @IsDateString() + startDateTo?: string; + + @ApiPropertyOptional({ + description: 'Filter absences ending from this date', + example: '2024-01-01', + }) + @IsOptional() + @IsDateString() + endDateFrom?: string; + + @ApiPropertyOptional({ + description: 'Filter absences ending until this date', + example: '2024-12-31', + }) + @IsOptional() + @IsDateString() + endDateTo?: string; + + @ApiPropertyOptional({ + description: 'Filter by department ID (for managers viewing their team)', + example: 'clq1234567890abcdef', + }) + @IsOptional() + @IsString() + departmentId?: string; + + @ApiPropertyOptional({ + description: 'Include only own absences (for employees)', + example: true, + }) + @IsOptional() + @Transform(({ value }) => { + if (value === 'true') return true; + if (value === 'false') return false; + return value; + }) + @IsBoolean() + ownOnly?: boolean; + + @ApiPropertyOptional({ + description: 'Field to sort by', + enum: AbsenceSortField, + example: AbsenceSortField.START_DATE, + }) + @IsOptional() + @IsEnum(AbsenceSortField) + sortBy?: AbsenceSortField; + + @ApiPropertyOptional({ + description: 'Sort order', + enum: SortOrder, + example: SortOrder.DESC, + }) + @IsOptional() + @IsEnum(SortOrder) + sortOrder?: SortOrder; +} + +export class QueryCalendarDto { + @ApiPropertyOptional({ + description: 'Start date for calendar view', + example: '2024-01-01', + }) + @IsOptional() + @IsDateString() + startDate?: string; + + @ApiPropertyOptional({ + description: 'End date for calendar view', + example: '2024-12-31', + }) + @IsOptional() + @IsDateString() + endDate?: string; + + @ApiPropertyOptional({ + description: 'Filter by department ID', + example: 'clq1234567890abcdef', + }) + @IsOptional() + @IsString() + departmentId?: string; + + @ApiPropertyOptional({ + description: 'Include absence types (comma-separated)', + example: 'VACATION,SICK,HOME_OFFICE', + }) + @IsOptional() + @IsString() + types?: string; +} + +export class QueryConflictsDto { + @ApiPropertyOptional({ + description: 'Employee ID to check for conflicts', + example: 'clq1234567890abcdef', + }) + @IsOptional() + @IsString() + employeeId?: string; + + @ApiPropertyOptional({ + description: 'Department ID to check for team conflicts', + example: 'clq1234567890abcdef', + }) + @IsOptional() + @IsString() + departmentId?: string; + + @ApiPropertyOptional({ + description: 'Start date to check', + example: '2024-03-15', + }) + @IsOptional() + @IsDateString() + startDate?: string; + + @ApiPropertyOptional({ + description: 'End date to check', + example: '2024-03-20', + }) + @IsOptional() + @IsDateString() + endDate?: string; + + @ApiPropertyOptional({ + description: 'Absence ID to exclude from conflict check (for updates)', + example: 'clq1234567890abcdef', + }) + @IsOptional() + @IsString() + excludeId?: string; +} diff --git a/apps/api/src/modules/hr/absences/dto/update-absence.dto.ts b/apps/api/src/modules/hr/absences/dto/update-absence.dto.ts new file mode 100644 index 0000000..1a6c1b4 --- /dev/null +++ b/apps/api/src/modules/hr/absences/dto/update-absence.dto.ts @@ -0,0 +1,58 @@ +import { ApiPropertyOptional } from '@nestjs/swagger'; +import { + IsEnum, + IsString, + IsOptional, + IsDateString, + IsNumber, + Min, + MaxLength, +} from 'class-validator'; +import { AbsenceType } from '@prisma/client'; + +export class UpdateAbsenceDto { + @ApiPropertyOptional({ + description: 'Type of absence', + enum: AbsenceType, + example: AbsenceType.VACATION, + }) + @IsOptional() + @IsEnum(AbsenceType) + type?: AbsenceType; + + @ApiPropertyOptional({ + description: 'Start date of the absence (ISO 8601 format)', + example: '2024-03-15', + }) + @IsOptional() + @IsDateString() + startDate?: string; + + @ApiPropertyOptional({ + description: 'End date of the absence (ISO 8601 format)', + example: '2024-03-20', + }) + @IsOptional() + @IsDateString() + endDate?: string; + + @ApiPropertyOptional({ + description: 'Number of days (recalculated if dates change)', + example: 5, + minimum: 0.5, + }) + @IsOptional() + @IsNumber() + @Min(0.5) + days?: number; + + @ApiPropertyOptional({ + description: 'Optional note or reason for the absence', + example: 'Updated vacation reason', + maxLength: 1000, + }) + @IsOptional() + @IsString() + @MaxLength(1000) + note?: string; +} diff --git a/apps/api/src/modules/hr/absences/index.ts b/apps/api/src/modules/hr/absences/index.ts new file mode 100644 index 0000000..302170d --- /dev/null +++ b/apps/api/src/modules/hr/absences/index.ts @@ -0,0 +1,4 @@ +export * from './absences.module'; +export * from './absences.service'; +export * from './absences.controller'; +export * from './dto'; diff --git a/apps/api/src/modules/hr/employees/dto/create-employee.dto.ts b/apps/api/src/modules/hr/employees/dto/create-employee.dto.ts new file mode 100644 index 0000000..eae121a --- /dev/null +++ b/apps/api/src/modules/hr/employees/dto/create-employee.dto.ts @@ -0,0 +1,161 @@ +import { ApiProperty, ApiPropertyOptional } from '@nestjs/swagger'; +import { + IsString, + IsOptional, + IsNumber, + IsDate, + IsEnum, + IsBoolean, + IsInt, + Min, + Max, + MinLength, + MaxLength, + IsObject, + ValidateNested, +} from 'class-validator'; +import { Type } from 'class-transformer'; +import { ContractType } from '@prisma/client'; + +export class BankAccountDto { + @ApiProperty({ + description: 'IBAN of the bank account', + example: 'DE89370400440532013000', + }) + @IsString() + @MinLength(15) + @MaxLength(34) + iban: string; + + @ApiPropertyOptional({ + description: 'BIC/SWIFT code', + example: 'COBADEFFXXX', + }) + @IsOptional() + @IsString() + @MaxLength(11) + bic?: string; + + @ApiPropertyOptional({ + description: 'Bank name', + example: 'Commerzbank', + }) + @IsOptional() + @IsString() + @MaxLength(100) + bankName?: string; + + @ApiPropertyOptional({ + description: 'Account holder name', + example: 'Max Mustermann', + }) + @IsOptional() + @IsString() + @MaxLength(100) + accountHolder?: string; +} + +export class CreateEmployeeDto { + @ApiProperty({ + description: 'User ID to link this employee record to', + example: 'clq1234567890abcdef', + }) + @IsString() + userId: string; + + @ApiProperty({ + description: 'Unique employee number', + example: 'EMP-2024-001', + }) + @IsString() + @MinLength(1) + @MaxLength(50) + employeeNumber: string; + + @ApiProperty({ + description: 'Job position/title', + example: 'Senior Software Engineer', + }) + @IsString() + @MinLength(2) + @MaxLength(100) + position: string; + + @ApiProperty({ + description: 'Employment start date', + example: '2024-01-15', + }) + @Type(() => Date) + @IsDate() + entryDate: Date; + + @ApiPropertyOptional({ + description: 'Employment end date (for terminated employees)', + example: '2025-12-31', + }) + @IsOptional() + @Type(() => Date) + @IsDate() + exitDate?: Date; + + @ApiProperty({ + description: 'Type of employment contract', + enum: ContractType, + example: ContractType.FULL_TIME, + }) + @IsEnum(ContractType) + contractType: ContractType; + + @ApiPropertyOptional({ + description: 'Weekly working hours', + example: 40, + minimum: 0, + maximum: 60, + default: 40, + }) + @IsOptional() + @IsNumber() + @Min(0) + @Max(60) + workingHours?: number; + + @ApiPropertyOptional({ + description: 'Monthly gross salary in EUR (sensitive - will be encrypted)', + example: 5000, + }) + @IsOptional() + @IsNumber() + @Min(0) + salary?: number; + + @ApiPropertyOptional({ + description: 'German tax class (1-6)', + example: 1, + minimum: 1, + maximum: 6, + }) + @IsOptional() + @IsInt() + @Min(1) + @Max(6) + taxClass?: number; + + @ApiPropertyOptional({ + description: 'Bank account details (sensitive - will be encrypted)', + type: BankAccountDto, + }) + @IsOptional() + @IsObject() + @ValidateNested() + @Type(() => BankAccountDto) + bankAccount?: BankAccountDto; + + @ApiPropertyOptional({ + description: 'Whether the employee is active', + example: true, + default: true, + }) + @IsOptional() + @IsBoolean() + isActive?: boolean; +} diff --git a/apps/api/src/modules/hr/employees/dto/index.ts b/apps/api/src/modules/hr/employees/dto/index.ts new file mode 100644 index 0000000..2ee85a0 --- /dev/null +++ b/apps/api/src/modules/hr/employees/dto/index.ts @@ -0,0 +1,3 @@ +export * from './create-employee.dto'; +export * from './update-employee.dto'; +export * from './query-employees.dto'; diff --git a/apps/api/src/modules/hr/employees/dto/query-employees.dto.ts b/apps/api/src/modules/hr/employees/dto/query-employees.dto.ts new file mode 100644 index 0000000..42fc148 --- /dev/null +++ b/apps/api/src/modules/hr/employees/dto/query-employees.dto.ts @@ -0,0 +1,109 @@ +import { ApiPropertyOptional } from '@nestjs/swagger'; +import { + IsOptional, + IsString, + IsBoolean, + IsInt, + IsEnum, + Min, + Max, +} from 'class-validator'; +import { Transform, Type } from 'class-transformer'; +import { ContractType } from '@prisma/client'; + +export enum EmployeeSortField { + CREATED_AT = 'createdAt', + UPDATED_AT = 'updatedAt', + EMPLOYEE_NUMBER = 'employeeNumber', + POSITION = 'position', + ENTRY_DATE = 'entryDate', +} + +export enum SortOrder { + ASC = 'asc', + DESC = 'desc', +} + +export class QueryEmployeesDto { + @ApiPropertyOptional({ + description: 'Page number for pagination', + example: 1, + minimum: 1, + default: 1, + }) + @IsOptional() + @Type(() => Number) + @IsInt() + @Min(1) + page?: number = 1; + + @ApiPropertyOptional({ + description: 'Number of items per page', + example: 20, + minimum: 1, + maximum: 100, + default: 20, + }) + @IsOptional() + @Type(() => Number) + @IsInt() + @Min(1) + @Max(100) + limit?: number = 20; + + @ApiPropertyOptional({ + description: 'Search term for employee number, position, or user name/email', + example: 'engineer', + }) + @IsOptional() + @IsString() + search?: string; + + @ApiPropertyOptional({ + description: 'Filter by department ID', + example: 'clq1234567890abcdef', + }) + @IsOptional() + @IsString() + departmentId?: string; + + @ApiPropertyOptional({ + description: 'Filter by contract type', + enum: ContractType, + example: ContractType.FULL_TIME, + }) + @IsOptional() + @IsEnum(ContractType) + contractType?: ContractType; + + @ApiPropertyOptional({ + description: 'Filter by active status', + example: true, + }) + @IsOptional() + @Transform(({ value }) => { + if (value === 'true') return true; + if (value === 'false') return false; + return value; + }) + @IsBoolean() + isActive?: boolean; + + @ApiPropertyOptional({ + description: 'Field to sort by', + enum: EmployeeSortField, + example: EmployeeSortField.EMPLOYEE_NUMBER, + }) + @IsOptional() + @IsEnum(EmployeeSortField) + sortBy?: EmployeeSortField; + + @ApiPropertyOptional({ + description: 'Sort order', + enum: SortOrder, + example: SortOrder.ASC, + }) + @IsOptional() + @IsEnum(SortOrder) + sortOrder?: SortOrder; +} diff --git a/apps/api/src/modules/hr/employees/dto/update-employee.dto.ts b/apps/api/src/modules/hr/employees/dto/update-employee.dto.ts new file mode 100644 index 0000000..d685db1 --- /dev/null +++ b/apps/api/src/modules/hr/employees/dto/update-employee.dto.ts @@ -0,0 +1,119 @@ +import { ApiPropertyOptional } from '@nestjs/swagger'; +import { + IsString, + IsOptional, + IsNumber, + IsDate, + IsEnum, + IsBoolean, + IsInt, + Min, + Max, + MinLength, + MaxLength, + IsObject, + ValidateNested, +} from 'class-validator'; +import { Type } from 'class-transformer'; +import { ContractType } from '@prisma/client'; +import { BankAccountDto } from './create-employee.dto'; + +export class UpdateEmployeeDto { + @ApiPropertyOptional({ + description: 'Unique employee number', + example: 'EMP-2024-001', + }) + @IsOptional() + @IsString() + @MinLength(1) + @MaxLength(50) + employeeNumber?: string; + + @ApiPropertyOptional({ + description: 'Job position/title', + example: 'Senior Software Engineer', + }) + @IsOptional() + @IsString() + @MinLength(2) + @MaxLength(100) + position?: string; + + @ApiPropertyOptional({ + description: 'Employment start date', + example: '2024-01-15', + }) + @IsOptional() + @Type(() => Date) + @IsDate() + entryDate?: Date; + + @ApiPropertyOptional({ + description: 'Employment end date (for terminated employees)', + example: '2025-12-31', + }) + @IsOptional() + @Type(() => Date) + @IsDate() + exitDate?: Date; + + @ApiPropertyOptional({ + description: 'Type of employment contract', + enum: ContractType, + example: ContractType.FULL_TIME, + }) + @IsOptional() + @IsEnum(ContractType) + contractType?: ContractType; + + @ApiPropertyOptional({ + description: 'Weekly working hours', + example: 40, + minimum: 0, + maximum: 60, + }) + @IsOptional() + @IsNumber() + @Min(0) + @Max(60) + workingHours?: number; + + @ApiPropertyOptional({ + description: 'Monthly gross salary in EUR (sensitive - will be encrypted)', + example: 5000, + }) + @IsOptional() + @IsNumber() + @Min(0) + salary?: number; + + @ApiPropertyOptional({ + description: 'German tax class (1-6)', + example: 1, + minimum: 1, + maximum: 6, + }) + @IsOptional() + @IsInt() + @Min(1) + @Max(6) + taxClass?: number; + + @ApiPropertyOptional({ + description: 'Bank account details (sensitive - will be encrypted)', + type: BankAccountDto, + }) + @IsOptional() + @IsObject() + @ValidateNested() + @Type(() => BankAccountDto) + bankAccount?: BankAccountDto; + + @ApiPropertyOptional({ + description: 'Whether the employee is active', + example: true, + }) + @IsOptional() + @IsBoolean() + isActive?: boolean; +} diff --git a/apps/api/src/modules/hr/employees/employees.controller.ts b/apps/api/src/modules/hr/employees/employees.controller.ts new file mode 100644 index 0000000..d7cd925 --- /dev/null +++ b/apps/api/src/modules/hr/employees/employees.controller.ts @@ -0,0 +1,193 @@ +import { + Controller, + Get, + Post, + Body, + Put, + Param, + Delete, + Query, + HttpCode, + HttpStatus, +} from '@nestjs/common'; +import { + ApiTags, + ApiOperation, + ApiResponse, + ApiBearerAuth, + ApiParam, + ApiQuery, +} from '@nestjs/swagger'; +import { EmployeesService } from './employees.service'; +import { CreateEmployeeDto } from './dto/create-employee.dto'; +import { UpdateEmployeeDto } from './dto/update-employee.dto'; +import { QueryEmployeesDto } from './dto/query-employees.dto'; +import { Roles } from '../../../auth/decorators/roles.decorator'; +import { RequirePermissions } from '../../../auth/permissions/permissions.decorator'; +import { Permission } from '../../../auth/permissions/permissions.enum'; +import { AuditLog } from '../../audit/audit.interceptor'; +import { CurrentUser } from '../../../auth/decorators/current-user.decorator'; +import { JwtPayload } from '../../../auth/interfaces/jwt-payload.interface'; + +@ApiTags('hr/employees') +@ApiBearerAuth('JWT-auth') +@Controller('hr/employees') +export class EmployeesController { + constructor(private readonly employeesService: EmployeesService) {} + + @Post() + @Roles('admin', 'hr-manager') + @RequirePermissions(Permission.EMPLOYEES_CREATE) + @AuditLog('Employee', 'CREATE') + @ApiOperation({ summary: 'Create a new employee record' }) + @ApiResponse({ + status: 201, + description: 'Employee created successfully', + }) + @ApiResponse({ status: 400, description: 'Bad request - validation error' }) + @ApiResponse({ status: 401, description: 'Unauthorized' }) + @ApiResponse({ status: 403, description: 'Forbidden - insufficient permissions' }) + @ApiResponse({ status: 404, description: 'User not found' }) + @ApiResponse({ status: 409, description: 'Employee number already exists or user already has employee record' }) + create(@Body() createDto: CreateEmployeeDto) { + return this.employeesService.create(createDto); + } + + @Get() + @RequirePermissions(Permission.EMPLOYEES_VIEW) + @ApiOperation({ summary: 'Get all employees with pagination and filtering' }) + @ApiResponse({ + status: 200, + description: 'List of employees (sensitive data redacted)', + }) + @ApiResponse({ status: 401, description: 'Unauthorized' }) + findAll(@Query() query: QueryEmployeesDto) { + return this.employeesService.findAll(query); + } + + @Get('org-chart') + @RequirePermissions(Permission.EMPLOYEES_VIEW) + @ApiOperation({ summary: 'Get organizational chart data (hierarchical)' }) + @ApiResponse({ + status: 200, + description: 'Hierarchical org chart structure', + }) + @ApiResponse({ status: 401, description: 'Unauthorized' }) + getOrgChart() { + return this.employeesService.getOrgChart(); + } + + @Get('me') + @ApiOperation({ summary: 'Get current user employee record' }) + @ApiResponse({ + status: 200, + description: 'Current user employee record', + }) + @ApiResponse({ status: 401, description: 'Unauthorized' }) + @ApiResponse({ status: 404, description: 'Employee record not found' }) + async getMyEmployee(@CurrentUser() user: JwtPayload) { + const employee = await this.employeesService.findByUserId(user.sub); + if (!employee) { + return { data: null, message: 'No employee record found for current user' }; + } + return employee; + } + + @Get(':id') + @RequirePermissions(Permission.EMPLOYEES_VIEW) + @ApiOperation({ summary: 'Get an employee by ID' }) + @ApiParam({ name: 'id', description: 'Employee ID' }) + @ApiResponse({ + status: 200, + description: 'Employee found (sensitive data redacted)', + }) + @ApiResponse({ status: 401, description: 'Unauthorized' }) + @ApiResponse({ status: 404, description: 'Employee not found' }) + findOne(@Param('id') id: string) { + return this.employeesService.findOne(id, false); + } + + @Get(':id/sensitive') + @Roles('admin', 'hr-manager') + @RequirePermissions(Permission.EMPLOYEES_VIEW_ALL) + @AuditLog('Employee', 'VIEW_SENSITIVE') + @ApiOperation({ summary: 'Get employee with sensitive data (HR/Admin only)' }) + @ApiParam({ name: 'id', description: 'Employee ID' }) + @ApiResponse({ + status: 200, + description: 'Employee found with all data including salary and bank account', + }) + @ApiResponse({ status: 401, description: 'Unauthorized' }) + @ApiResponse({ status: 403, description: 'Forbidden - insufficient permissions' }) + @ApiResponse({ status: 404, description: 'Employee not found' }) + findOneSensitive(@Param('id') id: string) { + return this.employeesService.findOne(id, true); + } + + @Get(':id/time-entries') + @RequirePermissions(Permission.TIME_ENTRIES_VIEW) + @ApiOperation({ summary: 'Get time entries for an employee' }) + @ApiParam({ name: 'id', description: 'Employee ID' }) + @ApiQuery({ name: 'page', required: false, type: Number }) + @ApiQuery({ name: 'limit', required: false, type: Number }) + @ApiQuery({ name: 'startDate', required: false, type: String, description: 'ISO date string' }) + @ApiQuery({ name: 'endDate', required: false, type: String, description: 'ISO date string' }) + @ApiResponse({ + status: 200, + description: 'List of time entries for the employee', + }) + @ApiResponse({ status: 401, description: 'Unauthorized' }) + @ApiResponse({ status: 404, description: 'Employee not found' }) + getTimeEntries( + @Param('id') id: string, + @Query('page') page?: number, + @Query('limit') limit?: number, + @Query('startDate') startDate?: string, + @Query('endDate') endDate?: string, + ) { + return this.employeesService.getTimeEntries(id, { + page, + limit, + startDate: startDate ? new Date(startDate) : undefined, + endDate: endDate ? new Date(endDate) : undefined, + }); + } + + @Put(':id') + @Roles('admin', 'hr-manager') + @RequirePermissions(Permission.EMPLOYEES_UPDATE) + @AuditLog('Employee', 'UPDATE') + @ApiOperation({ summary: 'Update an employee' }) + @ApiParam({ name: 'id', description: 'Employee ID' }) + @ApiResponse({ + status: 200, + description: 'Employee updated successfully', + }) + @ApiResponse({ status: 400, description: 'Bad request - validation error' }) + @ApiResponse({ status: 401, description: 'Unauthorized' }) + @ApiResponse({ status: 403, description: 'Forbidden - insufficient permissions' }) + @ApiResponse({ status: 404, description: 'Employee not found' }) + @ApiResponse({ status: 409, description: 'Employee number already exists' }) + update(@Param('id') id: string, @Body() updateDto: UpdateEmployeeDto) { + return this.employeesService.update(id, updateDto); + } + + @Delete(':id') + @Roles('admin', 'hr-manager') + @RequirePermissions(Permission.EMPLOYEES_DELETE) + @AuditLog('Employee', 'DELETE') + @HttpCode(HttpStatus.OK) + @ApiOperation({ summary: 'Deactivate an employee (soft delete)' }) + @ApiParam({ name: 'id', description: 'Employee ID' }) + @ApiResponse({ + status: 200, + description: 'Employee deactivated successfully', + }) + @ApiResponse({ status: 400, description: 'Employee already deactivated' }) + @ApiResponse({ status: 401, description: 'Unauthorized' }) + @ApiResponse({ status: 403, description: 'Forbidden - insufficient permissions' }) + @ApiResponse({ status: 404, description: 'Employee not found' }) + remove(@Param('id') id: string) { + return this.employeesService.remove(id); + } +} diff --git a/apps/api/src/modules/hr/employees/employees.module.ts b/apps/api/src/modules/hr/employees/employees.module.ts new file mode 100644 index 0000000..668780c --- /dev/null +++ b/apps/api/src/modules/hr/employees/employees.module.ts @@ -0,0 +1,26 @@ +import { Module } from '@nestjs/common'; +import { EmployeesController } from './employees.controller'; +import { EmployeesService } from './employees.service'; +import { CommonModule } from '../../../common/common.module'; + +/** + * Employees Module + * + * Handles employee data management including: + * - CRUD operations for employee records + * - Encryption of sensitive data (salary, bank account) + * - Organizational chart generation + * - Integration with time tracking + * + * Security considerations: + * - Sensitive fields (salary, bankAccount) are encrypted at rest + * - Access to sensitive data requires elevated permissions + * - All modifications are audit logged + */ +@Module({ + imports: [CommonModule], + controllers: [EmployeesController], + providers: [EmployeesService], + exports: [EmployeesService], +}) +export class EmployeesModule {} diff --git a/apps/api/src/modules/hr/employees/employees.service.ts b/apps/api/src/modules/hr/employees/employees.service.ts new file mode 100644 index 0000000..e2df201 --- /dev/null +++ b/apps/api/src/modules/hr/employees/employees.service.ts @@ -0,0 +1,606 @@ +import { + Injectable, + NotFoundException, + ConflictException, + BadRequestException, +} from '@nestjs/common'; +import { PrismaService } from '../../../prisma/prisma.service'; +import { EncryptionService } from '../../../common/services/encryption.service'; +import { CreateEmployeeDto, BankAccountDto } from './dto/create-employee.dto'; +import { UpdateEmployeeDto } from './dto/update-employee.dto'; +import { QueryEmployeesDto } from './dto/query-employees.dto'; +import { Prisma, Employee } from '@prisma/client'; + +export interface EmployeeWithUser extends Employee { + user: { + id: string; + email: string; + firstName: string; + lastName: string; + avatar: string | null; + department: { + id: string; + name: string; + code: string | null; + } | null; + }; +} + +export interface OrgChartNode { + id: string; + employeeNumber: string; + position: string; + user: { + id: string; + email: string; + firstName: string; + lastName: string; + avatar: string | null; + department: { + id: string; + name: string; + code: string | null; + } | null; + }; + managerId: string | null; + subordinates: OrgChartNode[]; +} + +@Injectable() +export class EmployeesService { + constructor( + private readonly prisma: PrismaService, + private readonly encryptionService: EncryptionService, + ) {} + + /** + * Create a new employee record + */ + async create(createDto: CreateEmployeeDto): Promise { + // Check if user exists + const user = await this.prisma.user.findUnique({ + where: { id: createDto.userId }, + }); + + if (!user) { + throw new NotFoundException(`User with ID ${createDto.userId} not found`); + } + + // Check if user already has an employee record + const existingEmployee = await this.prisma.employee.findUnique({ + where: { userId: createDto.userId }, + }); + + if (existingEmployee) { + throw new ConflictException( + `User ${createDto.userId} already has an employee record`, + ); + } + + // Check for duplicate employee number + const existingNumber = await this.prisma.employee.findUnique({ + where: { employeeNumber: createDto.employeeNumber }, + }); + + if (existingNumber) { + throw new ConflictException( + `Employee number ${createDto.employeeNumber} already exists`, + ); + } + + // Encrypt sensitive data + const encryptedBankAccount = createDto.bankAccount + ? this.encryptionService.encryptObject(createDto.bankAccount) + : null; + + // Encrypt salary as string for secure storage + const encryptedSalary = createDto.salary + ? this.encryptionService.encrypt(createDto.salary.toString()) + : null; + + const employee = await this.prisma.employee.create({ + data: { + userId: createDto.userId, + employeeNumber: createDto.employeeNumber, + position: createDto.position, + entryDate: createDto.entryDate, + exitDate: createDto.exitDate, + contractType: createDto.contractType, + workingHours: createDto.workingHours ?? 40, + salary: encryptedSalary, + taxClass: createDto.taxClass, + bankAccount: encryptedBankAccount as any, + isActive: createDto.isActive ?? true, + }, + include: { + user: { + select: { + id: true, + email: true, + firstName: true, + lastName: true, + avatar: true, + department: { + select: { + id: true, + name: true, + code: true, + }, + }, + }, + }, + }, + }); + + return this.sanitizeEmployee(employee as EmployeeWithUser); + } + + /** + * Find all employees with filtering and pagination + */ + async findAll(query: QueryEmployeesDto) { + const { + page = 1, + limit = 20, + search, + departmentId, + contractType, + isActive, + sortBy, + sortOrder, + } = query; + const skip = (page - 1) * limit; + + const where: Prisma.EmployeeWhereInput = { + ...(search && { + OR: [ + { employeeNumber: { contains: search, mode: 'insensitive' } }, + { position: { contains: search, mode: 'insensitive' } }, + { user: { firstName: { contains: search, mode: 'insensitive' } } }, + { user: { lastName: { contains: search, mode: 'insensitive' } } }, + { user: { email: { contains: search, mode: 'insensitive' } } }, + ], + }), + ...(departmentId && { + user: { departmentId }, + }), + ...(contractType && { contractType }), + ...(isActive !== undefined && { isActive }), + }; + + const orderBy: Prisma.EmployeeOrderByWithRelationInput = sortBy + ? { [sortBy]: sortOrder || 'asc' } + : { employeeNumber: 'asc' }; + + const [employees, total] = await Promise.all([ + this.prisma.employee.findMany({ + where, + skip, + take: limit, + orderBy, + include: { + user: { + select: { + id: true, + email: true, + firstName: true, + lastName: true, + avatar: true, + department: { + select: { + id: true, + name: true, + code: true, + }, + }, + }, + }, + }, + }), + this.prisma.employee.count({ where }), + ]); + + return { + data: employees.map((emp) => + this.sanitizeEmployee(emp as EmployeeWithUser), + ), + meta: { + total, + page, + limit, + totalPages: Math.ceil(total / limit), + }, + }; + } + + /** + * Find a single employee by ID + */ + async findOne(id: string, includeSensitive = false): Promise { + const employee = await this.prisma.employee.findUnique({ + where: { id }, + include: { + user: { + select: { + id: true, + email: true, + firstName: true, + lastName: true, + avatar: true, + department: { + select: { + id: true, + name: true, + code: true, + }, + }, + }, + }, + }, + }); + + if (!employee) { + throw new NotFoundException(`Employee with ID ${id} not found`); + } + + if (includeSensitive) { + return this.decryptEmployee(employee as EmployeeWithUser); + } + + return this.sanitizeEmployee(employee as EmployeeWithUser); + } + + /** + * Find employee by user ID + */ + async findByUserId(userId: string): Promise { + const employee = await this.prisma.employee.findUnique({ + where: { userId }, + include: { + user: { + select: { + id: true, + email: true, + firstName: true, + lastName: true, + avatar: true, + department: { + select: { + id: true, + name: true, + code: true, + }, + }, + }, + }, + }, + }); + + if (!employee) { + return null; + } + + return this.sanitizeEmployee(employee as EmployeeWithUser); + } + + /** + * Update an employee + */ + async update( + id: string, + updateDto: UpdateEmployeeDto, + ): Promise { + await this.findOne(id); + + // Check for duplicate employee number if updating + if (updateDto.employeeNumber) { + const existingNumber = await this.prisma.employee.findFirst({ + where: { + employeeNumber: updateDto.employeeNumber, + id: { not: id }, + }, + }); + + if (existingNumber) { + throw new ConflictException( + `Employee number ${updateDto.employeeNumber} already exists`, + ); + } + } + + // Prepare update data with encryption + const updateData: Prisma.EmployeeUpdateInput = { + ...(updateDto.employeeNumber && { + employeeNumber: updateDto.employeeNumber, + }), + ...(updateDto.position && { position: updateDto.position }), + ...(updateDto.entryDate && { entryDate: updateDto.entryDate }), + ...(updateDto.exitDate !== undefined && { exitDate: updateDto.exitDate }), + ...(updateDto.contractType && { contractType: updateDto.contractType }), + ...(updateDto.workingHours !== undefined && { + workingHours: updateDto.workingHours, + }), + ...(updateDto.taxClass !== undefined && { taxClass: updateDto.taxClass }), + ...(updateDto.isActive !== undefined && { isActive: updateDto.isActive }), + }; + + // Encrypt salary if provided + if (updateDto.salary !== undefined) { + updateData.salary = updateDto.salary + ? this.encryptionService.encrypt(updateDto.salary.toString()) + : null; + } + + // Encrypt bank account if provided + if (updateDto.bankAccount !== undefined) { + updateData.bankAccount = updateDto.bankAccount + ? (this.encryptionService.encryptObject( + updateDto.bankAccount, + ) as any) + : Prisma.JsonNull; + } + + const employee = await this.prisma.employee.update({ + where: { id }, + data: updateData, + include: { + user: { + select: { + id: true, + email: true, + firstName: true, + lastName: true, + avatar: true, + department: { + select: { + id: true, + name: true, + code: true, + }, + }, + }, + }, + }, + }); + + return this.sanitizeEmployee(employee as EmployeeWithUser); + } + + /** + * Soft delete an employee (deactivate) + */ + async remove(id: string): Promise { + const employee = await this.findOne(id); + + if (!employee.isActive) { + throw new BadRequestException( + `Employee ${id} is already deactivated`, + ); + } + + const updated = await this.prisma.employee.update({ + where: { id }, + data: { + isActive: false, + exitDate: new Date(), + }, + include: { + user: { + select: { + id: true, + email: true, + firstName: true, + lastName: true, + avatar: true, + department: { + select: { + id: true, + name: true, + code: true, + }, + }, + }, + }, + }, + }); + + return this.sanitizeEmployee(updated as EmployeeWithUser); + } + + /** + * Get time entries for an employee + */ + async getTimeEntries( + employeeId: string, + pagination: { page?: number; limit?: number; startDate?: Date; endDate?: Date } = {}, + ) { + await this.findOne(employeeId); + + const { page = 1, limit = 20, startDate, endDate } = pagination; + const skip = (page - 1) * limit; + + const where: Prisma.TimeEntryWhereInput = { + employeeId, + ...(startDate || endDate + ? { + date: { + ...(startDate && { gte: startDate }), + ...(endDate && { lte: endDate }), + }, + } + : {}), + }; + + const [entries, total] = await Promise.all([ + this.prisma.timeEntry.findMany({ + where, + skip, + take: limit, + orderBy: { date: 'desc' }, + include: { + correctedBy: { + select: { + id: true, + firstName: true, + lastName: true, + }, + }, + }, + }), + this.prisma.timeEntry.count({ where }), + ]); + + return { + data: entries, + meta: { + total, + page, + limit, + totalPages: Math.ceil(total / limit), + }, + }; + } + + /** + * Get organizational chart data (hierarchical) + */ + async getOrgChart(): Promise { + // Get all active employees with their department info + const employees = await this.prisma.employee.findMany({ + where: { isActive: true }, + include: { + user: { + select: { + id: true, + email: true, + firstName: true, + lastName: true, + avatar: true, + department: { + select: { + id: true, + name: true, + code: true, + managerId: true, + }, + }, + }, + }, + }, + }); + + // Build a map of user ID to employee for quick lookup + const userToEmployee = new Map(); + employees.forEach((emp) => { + userToEmployee.set(emp.user.id, emp); + }); + + // Build manager relationships based on department managers + const employeeNodes: Map = new Map(); + + // First pass: create all nodes + employees.forEach((emp) => { + const managerId = emp.user.department?.managerId ?? null; + + employeeNodes.set(emp.id, { + id: emp.id, + employeeNumber: emp.employeeNumber, + position: emp.position, + user: { + id: emp.user.id, + email: emp.user.email, + firstName: emp.user.firstName, + lastName: emp.user.lastName, + avatar: emp.user.avatar, + department: emp.user.department + ? { + id: emp.user.department.id, + name: emp.user.department.name, + code: emp.user.department.code, + } + : null, + }, + managerId: + managerId && managerId !== emp.user.id + ? (userToEmployee.get(managerId)?.id ?? null) + : null, + subordinates: [], + }); + }); + + // Second pass: build hierarchy + const rootNodes: OrgChartNode[] = []; + + employeeNodes.forEach((node) => { + if (node.managerId && employeeNodes.has(node.managerId)) { + const manager = employeeNodes.get(node.managerId)!; + manager.subordinates.push(node); + } else { + rootNodes.push(node); + } + }); + + // Sort subordinates by name at each level + const sortSubordinates = (nodes: OrgChartNode[]) => { + nodes.sort((a, b) => + `${a.user.lastName} ${a.user.firstName}`.localeCompare( + `${b.user.lastName} ${b.user.firstName}`, + ), + ); + nodes.forEach((node) => sortSubordinates(node.subordinates)); + }; + + sortSubordinates(rootNodes); + + return rootNodes; + } + + /** + * Remove sensitive fields from employee data + */ + private sanitizeEmployee(employee: EmployeeWithUser): EmployeeWithUser { + return { + ...employee, + salary: null, + bankAccount: null, + }; + } + + /** + * Decrypt sensitive employee data + */ + private decryptEmployee(employee: EmployeeWithUser): EmployeeWithUser { + let decryptedBankAccount: BankAccountDto | null = null; + let decryptedSalary: number | null = null; + + // Decrypt bank account + if (employee.bankAccount && typeof employee.bankAccount === 'string') { + try { + decryptedBankAccount = this.encryptionService.decryptObject( + employee.bankAccount, + ); + } catch (error) { + // If decryption fails, return null + decryptedBankAccount = null; + } + } + + // Decrypt salary (stored as encrypted string in DB) + if (employee.salary) { + try { + const decryptedSalaryStr = this.encryptionService.decrypt(employee.salary); + decryptedSalary = parseFloat(decryptedSalaryStr); + } catch (error) { + // If decryption fails, return null + decryptedSalary = null; + } + } + + return { + ...employee, + // Return decrypted salary as a string representation of the number for API response + salary: decryptedSalary !== null ? String(decryptedSalary) : null, + bankAccount: decryptedBankAccount as unknown as Prisma.JsonValue, + }; + } +} diff --git a/apps/api/src/modules/hr/employees/index.ts b/apps/api/src/modules/hr/employees/index.ts new file mode 100644 index 0000000..b51df2d --- /dev/null +++ b/apps/api/src/modules/hr/employees/index.ts @@ -0,0 +1,4 @@ +export * from './employees.module'; +export * from './employees.service'; +export * from './employees.controller'; +export * from './dto'; diff --git a/apps/api/src/modules/hr/hr.module.ts b/apps/api/src/modules/hr/hr.module.ts new file mode 100644 index 0000000..4b7a082 --- /dev/null +++ b/apps/api/src/modules/hr/hr.module.ts @@ -0,0 +1,29 @@ +import { Module } from '@nestjs/common'; +import { EmployeesModule } from './employees/employees.module'; +import { AbsencesModule } from './absences/absences.module'; +import { TimeTrackingModule } from './time-tracking/time-tracking.module'; + +/** + * HR (Human Resources) Module + * + * Aggregates all HR-related sub-modules: + * - EmployeesModule: Employee data management, org chart, sensitive data handling + * - AbsencesModule: Absence/vacation management with approval workflow + * - TimeTrackingModule: Clock in/out, breaks, overtime, monthly summaries + * + * Features: + * - Encrypted sensitive employee data (salary, bank account) + * - German labor law compliant break calculations + * - Overtime tracking and monthly summaries + * - Audit trail for all HR data changes + * + * API Routes: + * - /hr/employees/* - Employee management + * - /hr/absences/* - Absence management + * - /hr/time/* - Time tracking + */ +@Module({ + imports: [EmployeesModule, AbsencesModule, TimeTrackingModule], + exports: [EmployeesModule, AbsencesModule, TimeTrackingModule], +}) +export class HrModule {} diff --git a/apps/api/src/modules/hr/index.ts b/apps/api/src/modules/hr/index.ts new file mode 100644 index 0000000..ac2fd96 --- /dev/null +++ b/apps/api/src/modules/hr/index.ts @@ -0,0 +1 @@ +export { HrModule } from './hr.module'; diff --git a/apps/api/src/modules/hr/time-tracking/dto/clock-in.dto.ts b/apps/api/src/modules/hr/time-tracking/dto/clock-in.dto.ts new file mode 100644 index 0000000..776f94d --- /dev/null +++ b/apps/api/src/modules/hr/time-tracking/dto/clock-in.dto.ts @@ -0,0 +1,14 @@ +import { ApiPropertyOptional } from '@nestjs/swagger'; +import { IsOptional, IsString, MaxLength } from 'class-validator'; + +export class ClockInDto { + @ApiPropertyOptional({ + description: 'Optional note for the clock-in entry', + example: 'Starting from home office today', + maxLength: 500, + }) + @IsOptional() + @IsString() + @MaxLength(500) + note?: string; +} diff --git a/apps/api/src/modules/hr/time-tracking/dto/clock-out.dto.ts b/apps/api/src/modules/hr/time-tracking/dto/clock-out.dto.ts new file mode 100644 index 0000000..e7e67e3 --- /dev/null +++ b/apps/api/src/modules/hr/time-tracking/dto/clock-out.dto.ts @@ -0,0 +1,14 @@ +import { ApiPropertyOptional } from '@nestjs/swagger'; +import { IsOptional, IsString, MaxLength } from 'class-validator'; + +export class ClockOutDto { + @ApiPropertyOptional({ + description: 'Optional note for the clock-out entry', + example: 'Finished project milestone', + maxLength: 500, + }) + @IsOptional() + @IsString() + @MaxLength(500) + note?: string; +} diff --git a/apps/api/src/modules/hr/time-tracking/dto/create-time-entry.dto.ts b/apps/api/src/modules/hr/time-tracking/dto/create-time-entry.dto.ts new file mode 100644 index 0000000..a8c9593 --- /dev/null +++ b/apps/api/src/modules/hr/time-tracking/dto/create-time-entry.dto.ts @@ -0,0 +1,81 @@ +import { ApiProperty, ApiPropertyOptional } from '@nestjs/swagger'; +import { + IsString, + IsOptional, + IsDate, + IsEnum, + IsInt, + Min, + Max, + MaxLength, +} from 'class-validator'; +import { Type } from 'class-transformer'; +import { TimeEntryType } from '@prisma/client'; + +export class CreateTimeEntryDto { + @ApiProperty({ + description: 'Employee ID for the time entry', + example: 'clq1234567890abcdef', + }) + @IsString() + employeeId: string; + + @ApiProperty({ + description: 'Date of the time entry', + example: '2024-01-15', + }) + @Type(() => Date) + @IsDate() + date: Date; + + @ApiPropertyOptional({ + description: 'Clock-in time', + example: '2024-01-15T08:00:00.000Z', + }) + @IsOptional() + @Type(() => Date) + @IsDate() + clockIn?: Date; + + @ApiPropertyOptional({ + description: 'Clock-out time', + example: '2024-01-15T17:00:00.000Z', + }) + @IsOptional() + @Type(() => Date) + @IsDate() + clockOut?: Date; + + @ApiPropertyOptional({ + description: 'Total break time in minutes', + example: 45, + minimum: 0, + maximum: 480, + default: 0, + }) + @IsOptional() + @IsInt() + @Min(0) + @Max(480) + breakMinutes?: number; + + @ApiPropertyOptional({ + description: 'Type of time entry', + enum: TimeEntryType, + example: TimeEntryType.REGULAR, + default: TimeEntryType.REGULAR, + }) + @IsOptional() + @IsEnum(TimeEntryType) + type?: TimeEntryType; + + @ApiPropertyOptional({ + description: 'Note or reason for the entry (especially for corrections)', + example: 'Manual entry: Forgot to clock in', + maxLength: 500, + }) + @IsOptional() + @IsString() + @MaxLength(500) + note?: string; +} diff --git a/apps/api/src/modules/hr/time-tracking/dto/index.ts b/apps/api/src/modules/hr/time-tracking/dto/index.ts new file mode 100644 index 0000000..56a8ce6 --- /dev/null +++ b/apps/api/src/modules/hr/time-tracking/dto/index.ts @@ -0,0 +1,5 @@ +export * from './clock-in.dto'; +export * from './clock-out.dto'; +export * from './create-time-entry.dto'; +export * from './update-time-entry.dto'; +export * from './query-time-entries.dto'; diff --git a/apps/api/src/modules/hr/time-tracking/dto/query-time-entries.dto.ts b/apps/api/src/modules/hr/time-tracking/dto/query-time-entries.dto.ts new file mode 100644 index 0000000..ad74707 --- /dev/null +++ b/apps/api/src/modules/hr/time-tracking/dto/query-time-entries.dto.ts @@ -0,0 +1,111 @@ +import { ApiPropertyOptional } from '@nestjs/swagger'; +import { + IsOptional, + IsString, + IsBoolean, + IsInt, + IsEnum, + IsDate, + Min, + Max, +} from 'class-validator'; +import { Transform, Type } from 'class-transformer'; +import { TimeEntryType } from '@prisma/client'; + +export enum TimeEntrySortField { + DATE = 'date', + CLOCK_IN = 'clockIn', + CLOCK_OUT = 'clockOut', + CREATED_AT = 'createdAt', +} + +export enum SortOrder { + ASC = 'asc', + DESC = 'desc', +} + +export class QueryTimeEntriesDto { + @ApiPropertyOptional({ + description: 'Page number for pagination', + example: 1, + minimum: 1, + default: 1, + }) + @IsOptional() + @Type(() => Number) + @IsInt() + @Min(1) + page?: number = 1; + + @ApiPropertyOptional({ + description: 'Number of items per page', + example: 20, + minimum: 1, + maximum: 100, + default: 20, + }) + @IsOptional() + @Type(() => Number) + @IsInt() + @Min(1) + @Max(100) + limit?: number = 20; + + @ApiPropertyOptional({ + description: 'Filter by start date (inclusive)', + example: '2024-01-01', + }) + @IsOptional() + @Type(() => Date) + @IsDate() + startDate?: Date; + + @ApiPropertyOptional({ + description: 'Filter by end date (inclusive)', + example: '2024-01-31', + }) + @IsOptional() + @Type(() => Date) + @IsDate() + endDate?: Date; + + @ApiPropertyOptional({ + description: 'Filter by entry type', + enum: TimeEntryType, + example: TimeEntryType.REGULAR, + }) + @IsOptional() + @IsEnum(TimeEntryType) + type?: TimeEntryType; + + @ApiPropertyOptional({ + description: 'Filter by locked status', + example: false, + }) + @IsOptional() + @Transform(({ value }) => { + if (value === 'true') return true; + if (value === 'false') return false; + return value; + }) + @IsBoolean() + isLocked?: boolean; + + @ApiPropertyOptional({ + description: 'Field to sort by', + enum: TimeEntrySortField, + example: TimeEntrySortField.DATE, + }) + @IsOptional() + @IsEnum(TimeEntrySortField) + sortBy?: TimeEntrySortField; + + @ApiPropertyOptional({ + description: 'Sort order', + enum: SortOrder, + example: SortOrder.DESC, + }) + @IsOptional() + @IsEnum(SortOrder) + sortOrder?: SortOrder; +} diff --git a/apps/api/src/modules/hr/time-tracking/dto/update-time-entry.dto.ts b/apps/api/src/modules/hr/time-tracking/dto/update-time-entry.dto.ts new file mode 100644 index 0000000..a32e897 --- /dev/null +++ b/apps/api/src/modules/hr/time-tracking/dto/update-time-entry.dto.ts @@ -0,0 +1,73 @@ +import { ApiPropertyOptional } from '@nestjs/swagger'; +import { + IsString, + IsOptional, + IsDate, + IsEnum, + IsInt, + IsBoolean, + Min, + Max, + MaxLength, +} from 'class-validator'; +import { Type } from 'class-transformer'; +import { TimeEntryType } from '@prisma/client'; + +export class UpdateTimeEntryDto { + @ApiPropertyOptional({ + description: 'Clock-in time', + example: '2024-01-15T08:00:00.000Z', + }) + @IsOptional() + @Type(() => Date) + @IsDate() + clockIn?: Date; + + @ApiPropertyOptional({ + description: 'Clock-out time', + example: '2024-01-15T17:00:00.000Z', + }) + @IsOptional() + @Type(() => Date) + @IsDate() + clockOut?: Date; + + @ApiPropertyOptional({ + description: 'Total break time in minutes', + example: 45, + minimum: 0, + maximum: 480, + }) + @IsOptional() + @IsInt() + @Min(0) + @Max(480) + breakMinutes?: number; + + @ApiPropertyOptional({ + description: 'Type of time entry', + enum: TimeEntryType, + example: TimeEntryType.CORRECTION, + }) + @IsOptional() + @IsEnum(TimeEntryType) + type?: TimeEntryType; + + @ApiPropertyOptional({ + description: 'Note or reason for the correction', + example: 'Correction: Wrong clock-out time entered', + maxLength: 500, + }) + @IsOptional() + @IsString() + @MaxLength(500) + note?: string; + + @ApiPropertyOptional({ + description: 'Lock the entry to prevent further modifications', + example: true, + }) + @IsOptional() + @IsBoolean() + isLocked?: boolean; +} diff --git a/apps/api/src/modules/hr/time-tracking/index.ts b/apps/api/src/modules/hr/time-tracking/index.ts new file mode 100644 index 0000000..8e27d77 --- /dev/null +++ b/apps/api/src/modules/hr/time-tracking/index.ts @@ -0,0 +1,4 @@ +export * from './time-tracking.module'; +export * from './time-tracking.service'; +export * from './time-tracking.controller'; +export * from './dto'; diff --git a/apps/api/src/modules/hr/time-tracking/time-tracking.controller.ts b/apps/api/src/modules/hr/time-tracking/time-tracking.controller.ts new file mode 100644 index 0000000..c679978 --- /dev/null +++ b/apps/api/src/modules/hr/time-tracking/time-tracking.controller.ts @@ -0,0 +1,242 @@ +import { + Controller, + Get, + Post, + Body, + Put, + Param, + Query, + ParseIntPipe, +} from '@nestjs/common'; +import { + ApiTags, + ApiOperation, + ApiResponse, + ApiBearerAuth, + ApiParam, + ApiQuery, +} from '@nestjs/swagger'; +import { TimeTrackingService } from './time-tracking.service'; +import { ClockInDto } from './dto/clock-in.dto'; +import { ClockOutDto } from './dto/clock-out.dto'; +import { CreateTimeEntryDto } from './dto/create-time-entry.dto'; +import { UpdateTimeEntryDto } from './dto/update-time-entry.dto'; +import { QueryTimeEntriesDto } from './dto/query-time-entries.dto'; +import { Roles } from '../../../auth/decorators/roles.decorator'; +import { RequirePermissions } from '../../../auth/permissions/permissions.decorator'; +import { Permission } from '../../../auth/permissions/permissions.enum'; +import { AuditLog } from '../../audit/audit.interceptor'; +import { CurrentUser } from '../../../auth/decorators/current-user.decorator'; +import { JwtPayload } from '../../../auth/interfaces/jwt-payload.interface'; + +@ApiTags('hr/time-tracking') +@ApiBearerAuth('JWT-auth') +@Controller('hr/time') +export class TimeTrackingController { + constructor(private readonly timeTrackingService: TimeTrackingService) {} + + // ===================================================== + // SELF-SERVICE ENDPOINTS (Employee's own time) + // ===================================================== + + @Post('clock-in') + @RequirePermissions(Permission.TIME_ENTRIES_CREATE) + @AuditLog('TimeEntry', 'CLOCK_IN') + @ApiOperation({ summary: 'Clock in for the current day' }) + @ApiResponse({ + status: 201, + description: 'Successfully clocked in', + }) + @ApiResponse({ status: 400, description: 'Bad request - not clocked in or already clocked out' }) + @ApiResponse({ status: 401, description: 'Unauthorized' }) + @ApiResponse({ status: 404, description: 'Employee record not found' }) + @ApiResponse({ status: 409, description: 'Already clocked in for today' }) + clockIn(@CurrentUser() user: JwtPayload, @Body() dto: ClockInDto) { + return this.timeTrackingService.clockIn(user.sub, dto); + } + + @Post('clock-out') + @RequirePermissions(Permission.TIME_ENTRIES_CREATE) + @AuditLog('TimeEntry', 'CLOCK_OUT') + @ApiOperation({ summary: 'Clock out for the current day' }) + @ApiResponse({ + status: 201, + description: 'Successfully clocked out', + }) + @ApiResponse({ status: 400, description: 'Not clocked in or entry is locked' }) + @ApiResponse({ status: 401, description: 'Unauthorized' }) + @ApiResponse({ status: 404, description: 'Employee record not found' }) + @ApiResponse({ status: 409, description: 'Already clocked out for today' }) + clockOut(@CurrentUser() user: JwtPayload, @Body() dto: ClockOutDto) { + return this.timeTrackingService.clockOut(user.sub, dto); + } + + @Post('break/start') + @RequirePermissions(Permission.TIME_ENTRIES_CREATE) + @AuditLog('TimeEntry', 'BREAK_START') + @ApiOperation({ summary: 'Start a break' }) + @ApiResponse({ + status: 201, + description: 'Break started', + }) + @ApiResponse({ status: 400, description: 'Not clocked in or already clocked out' }) + @ApiResponse({ status: 401, description: 'Unauthorized' }) + @ApiResponse({ status: 404, description: 'Employee record not found' }) + startBreak(@CurrentUser() user: JwtPayload) { + return this.timeTrackingService.startBreak(user.sub); + } + + @Post('break/end') + @RequirePermissions(Permission.TIME_ENTRIES_CREATE) + @AuditLog('TimeEntry', 'BREAK_END') + @ApiOperation({ summary: 'End a break' }) + @ApiResponse({ + status: 201, + description: 'Break ended', + }) + @ApiResponse({ status: 400, description: 'No active break found' }) + @ApiResponse({ status: 401, description: 'Unauthorized' }) + @ApiResponse({ status: 404, description: 'Employee record not found' }) + endBreak(@CurrentUser() user: JwtPayload) { + return this.timeTrackingService.endBreak(user.sub); + } + + @Get('current') + @RequirePermissions(Permission.TIME_ENTRIES_VIEW) + @ApiOperation({ summary: 'Get current time tracking status' }) + @ApiResponse({ + status: 200, + description: 'Current status (clocked in, on break, today entry)', + }) + @ApiResponse({ status: 401, description: 'Unauthorized' }) + @ApiResponse({ status: 404, description: 'Employee record not found' }) + getCurrentStatus(@CurrentUser() user: JwtPayload) { + return this.timeTrackingService.getCurrentStatus(user.sub); + } + + @Get('entries') + @RequirePermissions(Permission.TIME_ENTRIES_VIEW) + @ApiOperation({ summary: 'Get own time entries' }) + @ApiResponse({ + status: 200, + description: 'List of own time entries', + }) + @ApiResponse({ status: 401, description: 'Unauthorized' }) + @ApiResponse({ status: 404, description: 'Employee record not found' }) + getMyEntries( + @CurrentUser() user: JwtPayload, + @Query() query: QueryTimeEntriesDto, + ) { + return this.timeTrackingService.getMyEntries(user.sub, query); + } + + // ===================================================== + // HR/ADMIN ENDPOINTS (Other employees' time) + // ===================================================== + + @Get('entries/:employeeId') + @Roles('admin', 'hr-manager', 'team-lead') + @RequirePermissions(Permission.TIME_ENTRIES_VIEW_ALL) + @ApiOperation({ summary: 'Get time entries for a specific employee (HR)' }) + @ApiParam({ name: 'employeeId', description: 'Employee ID' }) + @ApiResponse({ + status: 200, + description: 'List of time entries for the employee', + }) + @ApiResponse({ status: 401, description: 'Unauthorized' }) + @ApiResponse({ status: 403, description: 'Forbidden - insufficient permissions' }) + @ApiResponse({ status: 404, description: 'Employee not found' }) + getEmployeeEntries( + @Param('employeeId') employeeId: string, + @Query() query: QueryTimeEntriesDto, + ) { + return this.timeTrackingService.getEntriesByEmployee(employeeId, query); + } + + @Post('entries') + @Roles('admin', 'hr-manager') + @RequirePermissions(Permission.TIME_ENTRIES_CORRECT) + @AuditLog('TimeEntry', 'CREATE_MANUAL') + @ApiOperation({ summary: 'Create a manual time entry (correction)' }) + @ApiResponse({ + status: 201, + description: 'Manual time entry created', + }) + @ApiResponse({ status: 400, description: 'Validation error or invalid times' }) + @ApiResponse({ status: 401, description: 'Unauthorized' }) + @ApiResponse({ status: 403, description: 'Forbidden - insufficient permissions' }) + @ApiResponse({ status: 404, description: 'Employee not found' }) + @ApiResponse({ status: 409, description: 'Entry already exists for this date' }) + createManualEntry( + @CurrentUser() user: JwtPayload, + @Body() dto: CreateTimeEntryDto, + ) { + return this.timeTrackingService.createManualEntry(dto, user.sub); + } + + @Put('entries/:id') + @Roles('admin', 'hr-manager') + @RequirePermissions(Permission.TIME_ENTRIES_CORRECT) + @AuditLog('TimeEntry', 'CORRECT') + @ApiOperation({ summary: 'Update/correct a time entry' }) + @ApiParam({ name: 'id', description: 'Time Entry ID' }) + @ApiResponse({ + status: 200, + description: 'Time entry updated', + }) + @ApiResponse({ status: 400, description: 'Entry is locked or validation error' }) + @ApiResponse({ status: 401, description: 'Unauthorized' }) + @ApiResponse({ status: 403, description: 'Forbidden - insufficient permissions' }) + @ApiResponse({ status: 404, description: 'Time entry not found' }) + updateEntry( + @CurrentUser() user: JwtPayload, + @Param('id') id: string, + @Body() dto: UpdateTimeEntryDto, + ) { + return this.timeTrackingService.updateEntry(id, dto, user.sub); + } + + @Get('summary/:employeeId/:year/:month') + @Roles('admin', 'hr-manager', 'team-lead') + @RequirePermissions(Permission.TIME_ENTRIES_VIEW_ALL) + @ApiOperation({ summary: 'Get monthly time summary for an employee' }) + @ApiParam({ name: 'employeeId', description: 'Employee ID' }) + @ApiParam({ name: 'year', description: 'Year (e.g., 2024)', example: 2024 }) + @ApiParam({ name: 'month', description: 'Month (1-12)', example: 1 }) + @ApiResponse({ + status: 200, + description: 'Monthly summary with totals and daily breakdown', + }) + @ApiResponse({ status: 401, description: 'Unauthorized' }) + @ApiResponse({ status: 403, description: 'Forbidden - insufficient permissions' }) + @ApiResponse({ status: 404, description: 'Employee not found' }) + getMonthlySummary( + @Param('employeeId') employeeId: string, + @Param('year', ParseIntPipe) year: number, + @Param('month', ParseIntPipe) month: number, + ) { + return this.timeTrackingService.getMonthlySummary(employeeId, year, month); + } + + @Get('summary/me/:year/:month') + @RequirePermissions(Permission.TIME_ENTRIES_VIEW) + @ApiOperation({ summary: 'Get own monthly time summary' }) + @ApiParam({ name: 'year', description: 'Year (e.g., 2024)', example: 2024 }) + @ApiParam({ name: 'month', description: 'Month (1-12)', example: 1 }) + @ApiResponse({ + status: 200, + description: 'Monthly summary with totals and daily breakdown', + }) + @ApiResponse({ status: 401, description: 'Unauthorized' }) + @ApiResponse({ status: 404, description: 'Employee record not found' }) + async getMyMonthlySummary( + @CurrentUser() user: JwtPayload, + @Param('year', ParseIntPipe) year: number, + @Param('month', ParseIntPipe) month: number, + ) { + const employee = await this.timeTrackingService['getEmployeeByUserId']( + user.sub, + ); + return this.timeTrackingService.getMonthlySummary(employee.id, year, month); + } +} diff --git a/apps/api/src/modules/hr/time-tracking/time-tracking.module.ts b/apps/api/src/modules/hr/time-tracking/time-tracking.module.ts new file mode 100644 index 0000000..9ba3ed5 --- /dev/null +++ b/apps/api/src/modules/hr/time-tracking/time-tracking.module.ts @@ -0,0 +1,29 @@ +import { Module } from '@nestjs/common'; +import { TimeTrackingController } from './time-tracking.controller'; +import { TimeTrackingService } from './time-tracking.service'; +import { EmployeesModule } from '../employees/employees.module'; + +/** + * Time Tracking Module + * + * Handles employee time tracking including: + * - Clock-in/clock-out functionality + * - Break tracking + * - Manual entry corrections + * - Monthly summaries with overtime calculation + * + * Features: + * - Automatic break calculation per German labor law (ArbZG) + * - > 6 hours: minimum 30 min break + * - > 9 hours: minimum 45 min break + * - Overtime calculation based on employee's contracted hours + * - Audit trail for all corrections + * - Entry locking for payroll finalization + */ +@Module({ + imports: [EmployeesModule], + controllers: [TimeTrackingController], + providers: [TimeTrackingService], + exports: [TimeTrackingService], +}) +export class TimeTrackingModule {} diff --git a/apps/api/src/modules/hr/time-tracking/time-tracking.service.ts b/apps/api/src/modules/hr/time-tracking/time-tracking.service.ts new file mode 100644 index 0000000..77f23f6 --- /dev/null +++ b/apps/api/src/modules/hr/time-tracking/time-tracking.service.ts @@ -0,0 +1,674 @@ +import { + Injectable, + NotFoundException, + BadRequestException, + ConflictException, +} from '@nestjs/common'; +import { PrismaService } from '../../../prisma/prisma.service'; +import { EmployeesService } from '../employees/employees.service'; +import { ClockInDto } from './dto/clock-in.dto'; +import { ClockOutDto } from './dto/clock-out.dto'; +import { CreateTimeEntryDto } from './dto/create-time-entry.dto'; +import { UpdateTimeEntryDto } from './dto/update-time-entry.dto'; +import { QueryTimeEntriesDto } from './dto/query-time-entries.dto'; +import { Prisma, TimeEntryType } from '@prisma/client'; + +export interface TimeSummary { + employeeId: string; + month: number; + year: number; + totalWorkingDays: number; + totalWorkedMinutes: number; + totalBreakMinutes: number; + totalOvertimeMinutes: number; + expectedWorkingMinutes: number; + entries: { + date: Date; + clockIn: Date | null; + clockOut: Date | null; + breakMinutes: number; + workedMinutes: number; + overtimeMinutes: number; + type: TimeEntryType; + }[]; +} + +export interface CurrentStatus { + isClockedIn: boolean; + isOnBreak: boolean; + todayEntry: { + id: string; + date: Date; + clockIn: Date | null; + clockOut: Date | null; + breakMinutes: number; + type: TimeEntryType; + note: string | null; + } | null; + currentBreakStart: Date | null; +} + +@Injectable() +export class TimeTrackingService { + // German labor law: minimum break requirements + // > 6 hours: 30 min break + // > 9 hours: 45 min break + private readonly BREAK_THRESHOLD_6H = 6 * 60; // 360 minutes + private readonly BREAK_THRESHOLD_9H = 9 * 60; // 540 minutes + private readonly MIN_BREAK_6H = 30; // minutes + private readonly MIN_BREAK_9H = 45; // minutes + + constructor( + private readonly prisma: PrismaService, + private readonly employeesService: EmployeesService, + ) {} + + /** + * Clock in for the current day + */ + async clockIn(userId: string, dto: ClockInDto) { + const employee = await this.getEmployeeByUserId(userId); + const today = this.getDateOnly(new Date()); + const now = new Date(); + + // Check if already clocked in today + const existingEntry = await this.prisma.timeEntry.findUnique({ + where: { + employeeId_date: { + employeeId: employee.id, + date: today, + }, + }, + }); + + if (existingEntry?.clockIn && !existingEntry.clockOut) { + throw new ConflictException('Already clocked in for today'); + } + + if (existingEntry?.clockOut) { + throw new ConflictException( + 'Already have a complete time entry for today. Use manual correction if needed.', + ); + } + + // Create or update the time entry + return this.prisma.timeEntry.upsert({ + where: { + employeeId_date: { + employeeId: employee.id, + date: today, + }, + }, + create: { + employeeId: employee.id, + date: today, + clockIn: now, + type: TimeEntryType.REGULAR, + note: dto.note, + }, + update: { + clockIn: now, + note: dto.note, + }, + include: { + employee: { + include: { + user: { + select: { + firstName: true, + lastName: true, + }, + }, + }, + }, + }, + }); + } + + /** + * Clock out for the current day + */ + async clockOut(userId: string, dto: ClockOutDto) { + const employee = await this.getEmployeeByUserId(userId); + const today = this.getDateOnly(new Date()); + const now = new Date(); + + const existingEntry = await this.prisma.timeEntry.findUnique({ + where: { + employeeId_date: { + employeeId: employee.id, + date: today, + }, + }, + }); + + if (!existingEntry || !existingEntry.clockIn) { + throw new BadRequestException('Not clocked in for today'); + } + + if (existingEntry.clockOut) { + throw new ConflictException('Already clocked out for today'); + } + + if (existingEntry.isLocked) { + throw new BadRequestException('Time entry is locked and cannot be modified'); + } + + // Calculate worked minutes and apply automatic break rules + const workedMinutes = this.calculateMinutesBetween(existingEntry.clockIn, now); + const requiredBreak = this.calculateRequiredBreak(workedMinutes); + const actualBreak = Math.max(existingEntry.breakMinutes, requiredBreak); + + // Update note if provided + const note = dto.note + ? existingEntry.note + ? `${existingEntry.note} | ${dto.note}` + : dto.note + : existingEntry.note; + + return this.prisma.timeEntry.update({ + where: { id: existingEntry.id }, + data: { + clockOut: now, + breakMinutes: actualBreak, + note, + }, + include: { + employee: { + include: { + user: { + select: { + firstName: true, + lastName: true, + }, + }, + }, + }, + }, + }); + } + + /** + * Start a break + */ + async startBreak(userId: string) { + const employee = await this.getEmployeeByUserId(userId); + const today = this.getDateOnly(new Date()); + + const entry = await this.prisma.timeEntry.findUnique({ + where: { + employeeId_date: { + employeeId: employee.id, + date: today, + }, + }, + }); + + if (!entry || !entry.clockIn) { + throw new BadRequestException('Not clocked in for today'); + } + + if (entry.clockOut) { + throw new BadRequestException('Already clocked out for today'); + } + + // Store break start time in note (simple approach without extra DB field) + const breakStart = new Date().toISOString(); + const note = entry.note + ? `${entry.note} | BREAK_START:${breakStart}` + : `BREAK_START:${breakStart}`; + + await this.prisma.timeEntry.update({ + where: { id: entry.id }, + data: { note }, + }); + + return { + message: 'Break started', + breakStartedAt: breakStart, + }; + } + + /** + * End a break + */ + async endBreak(userId: string) { + const employee = await this.getEmployeeByUserId(userId); + const today = this.getDateOnly(new Date()); + + const entry = await this.prisma.timeEntry.findUnique({ + where: { + employeeId_date: { + employeeId: employee.id, + date: today, + }, + }, + }); + + if (!entry || !entry.clockIn) { + throw new BadRequestException('Not clocked in for today'); + } + + if (entry.clockOut) { + throw new BadRequestException('Already clocked out for today'); + } + + // Extract break start from note + const breakStartMatch = entry.note?.match(/BREAK_START:([^\s|]+)/); + if (!breakStartMatch) { + throw new BadRequestException('No active break found'); + } + + const breakStart = new Date(breakStartMatch[1]); + const breakEnd = new Date(); + const breakDuration = this.calculateMinutesBetween(breakStart, breakEnd); + + // Update break minutes and clean note + const newBreakMinutes = entry.breakMinutes + breakDuration; + const note = entry.note + ? entry.note.replace(/\s*\|?\s*BREAK_START:[^\s|]+/, '').trim() + : null; + + await this.prisma.timeEntry.update({ + where: { id: entry.id }, + data: { + breakMinutes: newBreakMinutes, + note: note || null, + }, + }); + + return { + message: 'Break ended', + breakDurationMinutes: breakDuration, + totalBreakMinutes: newBreakMinutes, + }; + } + + /** + * Get current time tracking status for a user + */ + async getCurrentStatus(userId: string): Promise { + const employee = await this.getEmployeeByUserId(userId); + const today = this.getDateOnly(new Date()); + + const entry = await this.prisma.timeEntry.findUnique({ + where: { + employeeId_date: { + employeeId: employee.id, + date: today, + }, + }, + }); + + if (!entry) { + return { + isClockedIn: false, + isOnBreak: false, + todayEntry: null, + currentBreakStart: null, + }; + } + + // Check for active break + const breakStartMatch = entry.note?.match(/BREAK_START:([^\s|]+)/); + const currentBreakStart = breakStartMatch ? new Date(breakStartMatch[1]) : null; + + return { + isClockedIn: !!entry.clockIn && !entry.clockOut, + isOnBreak: !!currentBreakStart, + todayEntry: { + id: entry.id, + date: entry.date, + clockIn: entry.clockIn, + clockOut: entry.clockOut, + breakMinutes: entry.breakMinutes, + type: entry.type, + note: entry.note, + }, + currentBreakStart, + }; + } + + /** + * Get time entries for the current user + */ + async getMyEntries(userId: string, query: QueryTimeEntriesDto) { + const employee = await this.getEmployeeByUserId(userId); + return this.getEntriesByEmployee(employee.id, query); + } + + /** + * Get time entries for a specific employee (HR access) + */ + async getEntriesByEmployee(employeeId: string, query: QueryTimeEntriesDto) { + // Verify employee exists + await this.employeesService.findOne(employeeId); + + const { + page = 1, + limit = 20, + startDate, + endDate, + type, + isLocked, + sortBy, + sortOrder, + } = query; + const skip = (page - 1) * limit; + + const where: Prisma.TimeEntryWhereInput = { + employeeId, + ...(startDate || endDate + ? { + date: { + ...(startDate && { gte: startDate }), + ...(endDate && { lte: endDate }), + }, + } + : {}), + ...(type && { type }), + ...(isLocked !== undefined && { isLocked }), + }; + + const orderBy: Prisma.TimeEntryOrderByWithRelationInput = sortBy + ? { [sortBy]: sortOrder || 'desc' } + : { date: 'desc' }; + + const [entries, total] = await Promise.all([ + this.prisma.timeEntry.findMany({ + where, + skip, + take: limit, + orderBy, + include: { + correctedBy: { + select: { + id: true, + firstName: true, + lastName: true, + }, + }, + }, + }), + this.prisma.timeEntry.count({ where }), + ]); + + return { + data: entries, + meta: { + total, + page, + limit, + totalPages: Math.ceil(total / limit), + }, + }; + } + + /** + * Create a manual time entry (correction) + */ + async createManualEntry(dto: CreateTimeEntryDto, correctedById: string) { + // Verify employee exists + await this.employeesService.findOne(dto.employeeId); + + const date = this.getDateOnly(dto.date); + + // Check for existing entry + const existingEntry = await this.prisma.timeEntry.findUnique({ + where: { + employeeId_date: { + employeeId: dto.employeeId, + date, + }, + }, + }); + + if (existingEntry) { + throw new ConflictException( + `Time entry already exists for employee on ${date.toISOString().split('T')[0]}`, + ); + } + + // Validate clock times if both provided + if (dto.clockIn && dto.clockOut) { + if (dto.clockOut <= dto.clockIn) { + throw new BadRequestException('Clock-out must be after clock-in'); + } + } + + return this.prisma.timeEntry.create({ + data: { + employeeId: dto.employeeId, + date, + clockIn: dto.clockIn, + clockOut: dto.clockOut, + breakMinutes: dto.breakMinutes ?? 0, + type: dto.type ?? TimeEntryType.CORRECTION, + note: dto.note, + correctedById, + }, + include: { + employee: { + include: { + user: { + select: { + firstName: true, + lastName: true, + }, + }, + }, + }, + correctedBy: { + select: { + id: true, + firstName: true, + lastName: true, + }, + }, + }, + }); + } + + /** + * Update a time entry (correction) + */ + async updateEntry( + id: string, + dto: UpdateTimeEntryDto, + correctedById: string, + ) { + const entry = await this.prisma.timeEntry.findUnique({ + where: { id }, + }); + + if (!entry) { + throw new NotFoundException(`Time entry with ID ${id} not found`); + } + + if (entry.isLocked && !dto.isLocked) { + throw new BadRequestException( + 'Cannot modify a locked time entry. Unlock it first.', + ); + } + + // Validate clock times if both will be present + const newClockIn = dto.clockIn ?? entry.clockIn; + const newClockOut = dto.clockOut ?? entry.clockOut; + if (newClockIn && newClockOut && newClockOut <= newClockIn) { + throw new BadRequestException('Clock-out must be after clock-in'); + } + + return this.prisma.timeEntry.update({ + where: { id }, + data: { + ...(dto.clockIn !== undefined && { clockIn: dto.clockIn }), + ...(dto.clockOut !== undefined && { clockOut: dto.clockOut }), + ...(dto.breakMinutes !== undefined && { breakMinutes: dto.breakMinutes }), + ...(dto.type !== undefined && { type: dto.type }), + ...(dto.note !== undefined && { note: dto.note }), + ...(dto.isLocked !== undefined && { isLocked: dto.isLocked }), + correctedById, + }, + include: { + employee: { + include: { + user: { + select: { + firstName: true, + lastName: true, + }, + }, + }, + }, + correctedBy: { + select: { + id: true, + firstName: true, + lastName: true, + }, + }, + }, + }); + } + + /** + * Get monthly summary for an employee + */ + async getMonthlySummary( + employeeId: string, + year: number, + month: number, + ): Promise { + const employee = await this.employeesService.findOne(employeeId); + + // Get date range for the month + const startDate = new Date(year, month - 1, 1); + const endDate = new Date(year, month, 0); // Last day of month + + const entries = await this.prisma.timeEntry.findMany({ + where: { + employeeId, + date: { + gte: startDate, + lte: endDate, + }, + }, + orderBy: { date: 'asc' }, + }); + + // Calculate working days in month (excluding weekends) + let totalWorkingDays = 0; + const current = new Date(startDate); + while (current <= endDate) { + const dayOfWeek = current.getDay(); + if (dayOfWeek !== 0 && dayOfWeek !== 6) { + totalWorkingDays++; + } + current.setDate(current.getDate() + 1); + } + + // Calculate expected working minutes based on employee's working hours + const weeklyHours = Number(employee.workingHours) || 40; + const dailyMinutes = (weeklyHours / 5) * 60; + const expectedWorkingMinutes = Math.round(totalWorkingDays * dailyMinutes); + + // Process entries + let totalWorkedMinutes = 0; + let totalBreakMinutes = 0; + let totalOvertimeMinutes = 0; + + const processedEntries = entries.map((entry) => { + let workedMinutes = 0; + let overtimeMinutes = 0; + + if (entry.clockIn && entry.clockOut) { + const totalMinutes = this.calculateMinutesBetween( + entry.clockIn, + entry.clockOut, + ); + workedMinutes = totalMinutes - entry.breakMinutes; + + // Calculate overtime (anything over daily expected) + if (workedMinutes > dailyMinutes) { + overtimeMinutes = workedMinutes - dailyMinutes; + } + } + + totalWorkedMinutes += workedMinutes; + totalBreakMinutes += entry.breakMinutes; + totalOvertimeMinutes += overtimeMinutes; + + return { + date: entry.date, + clockIn: entry.clockIn, + clockOut: entry.clockOut, + breakMinutes: entry.breakMinutes, + workedMinutes, + overtimeMinutes, + type: entry.type, + }; + }); + + return { + employeeId, + month, + year, + totalWorkingDays, + totalWorkedMinutes, + totalBreakMinutes, + totalOvertimeMinutes, + expectedWorkingMinutes, + entries: processedEntries, + }; + } + + /** + * Helper: Get employee by user ID + */ + private async getEmployeeByUserId(userId: string) { + const employee = await this.prisma.employee.findUnique({ + where: { userId }, + }); + + if (!employee) { + throw new NotFoundException( + 'No employee record found for current user', + ); + } + + if (!employee.isActive) { + throw new BadRequestException('Employee record is deactivated'); + } + + return employee; + } + + /** + * Helper: Get date only (strip time) + */ + private getDateOnly(date: Date): Date { + const d = new Date(date); + d.setHours(0, 0, 0, 0); + return d; + } + + /** + * Helper: Calculate minutes between two dates + */ + private calculateMinutesBetween(start: Date, end: Date): number { + return Math.round((end.getTime() - start.getTime()) / (1000 * 60)); + } + + /** + * Helper: Calculate required break based on German labor law + */ + private calculateRequiredBreak(workedMinutes: number): number { + if (workedMinutes > this.BREAK_THRESHOLD_9H) { + return this.MIN_BREAK_9H; + } + if (workedMinutes > this.BREAK_THRESHOLD_6H) { + return this.MIN_BREAK_6H; + } + return 0; + } +} diff --git a/apps/api/src/modules/index.ts b/apps/api/src/modules/index.ts new file mode 100644 index 0000000..c99b3dd --- /dev/null +++ b/apps/api/src/modules/index.ts @@ -0,0 +1,8 @@ +export { AuditModule } from './audit/audit.module'; +export { DashboardModule } from './dashboard/dashboard.module'; +export { DepartmentsModule } from './departments/departments.module'; +export { UserPreferencesModule } from './user-preferences/user-preferences.module'; +// Temporarily disabled due to type conflicts - can be re-enabled after fixing duplicate exports +// export * from './integrations'; +export { LeanModule } from './lean/lean.module'; +export { HrModule } from './hr'; diff --git a/apps/api/src/modules/integrations/connectors/base-connector.ts b/apps/api/src/modules/integrations/connectors/base-connector.ts new file mode 100644 index 0000000..9b72b94 --- /dev/null +++ b/apps/api/src/modules/integrations/connectors/base-connector.ts @@ -0,0 +1,468 @@ +import { Logger } from '@nestjs/common'; +import axios, { + AxiosInstance, + AxiosRequestConfig, + AxiosResponse, + AxiosError, + InternalAxiosRequestConfig, +} from 'axios'; +import { + IntegrationConnectionError, + IntegrationRateLimitError, + IntegrationApiError, + IntegrationAuthError, +} from '../errors'; + +/** + * Configuration options for the base connector + */ +export interface BaseConnectorConfig { + /** Base URL for the API */ + baseUrl: string; + /** Request timeout in milliseconds (default: 30000) */ + timeout?: number; + /** Maximum number of retry attempts (default: 3) */ + maxRetries?: number; + /** Initial delay in milliseconds for retry backoff (default: 1000) */ + retryDelay?: number; + /** Maximum delay in milliseconds for retry backoff (default: 30000) */ + maxRetryDelay?: number; + /** Enable request/response logging (default: true in development) */ + enableLogging?: boolean; +} + +/** + * Retry configuration for individual requests + */ +export interface RetryConfig { + /** Maximum number of retry attempts */ + maxRetries?: number; + /** Initial delay in milliseconds */ + initialDelay?: number; + /** Maximum delay in milliseconds */ + maxDelay?: number; + /** Retry on these status codes (default: 429, 500, 502, 503, 504) */ + retryOnStatuses?: number[]; +} + +/** + * Connection test result + */ +export interface ConnectionTestResult { + success: boolean; + message: string; + latencyMs?: number; + details?: Record; +} + +/** + * Default retry status codes + */ +const DEFAULT_RETRY_STATUSES = [429, 500, 502, 503, 504]; + +/** + * Abstract base class for all API connectors. + * Provides common functionality for HTTP requests, retry logic, rate limiting, and error handling. + */ +export abstract class BaseConnector { + /** Name of the integration for logging and error reporting */ + protected abstract readonly name: string; + + /** Logger instance */ + protected readonly logger: Logger; + + /** Axios HTTP client instance */ + protected readonly httpClient: AxiosInstance; + + /** Connector configuration */ + protected readonly config: Required; + + constructor(config: BaseConnectorConfig) { + this.config = { + timeout: 30000, + maxRetries: 3, + retryDelay: 1000, + maxRetryDelay: 30000, + enableLogging: process.env.NODE_ENV === 'development', + ...config, + }; + + // Logger will be initialized with the concrete class name + this.logger = new Logger(this.constructor.name); + + // Create axios instance with base configuration + this.httpClient = axios.create({ + baseURL: this.config.baseUrl, + timeout: this.config.timeout, + headers: { + 'Content-Type': 'application/json', + Accept: 'application/json', + }, + }); + + // Setup interceptors + this.setupRequestInterceptor(); + this.setupResponseInterceptor(); + } + + /** + * Test the connection to the external service + * Must be implemented by concrete connectors + */ + abstract testConnection(): Promise; + + /** + * Get authentication headers for requests + * Must be implemented by concrete connectors + */ + abstract getAuthHeaders(): Promise>; + + /** + * Check if the connector is properly configured + */ + abstract isConfigured(): boolean; + + /** + * Setup request interceptor for logging and authentication + */ + private setupRequestInterceptor(): void { + this.httpClient.interceptors.request.use( + async (config: InternalAxiosRequestConfig) => { + // Add authentication headers + try { + const authHeaders = await this.getAuthHeaders(); + Object.assign(config.headers, authHeaders); + } catch (error) { + this.logger.error('Failed to get auth headers', error); + throw error; + } + + // Log outgoing request + if (this.config.enableLogging) { + this.logger.debug( + `[${this.name}] ${config.method?.toUpperCase()} ${config.url}`, + ); + } + + // Add request timestamp for latency calculation + (config as InternalAxiosRequestConfig & { metadata?: { startTime: number } }).metadata = { + startTime: Date.now(), + }; + + return config; + }, + (error: AxiosError) => { + this.logger.error(`[${this.name}] Request setup failed`, error.message); + return Promise.reject(error); + }, + ); + } + + /** + * Setup response interceptor for logging and error transformation + */ + private setupResponseInterceptor(): void { + this.httpClient.interceptors.response.use( + (response: AxiosResponse) => { + const config = response.config as InternalAxiosRequestConfig & { metadata?: { startTime: number } }; + const latency = config.metadata + ? Date.now() - config.metadata.startTime + : 0; + + if (this.config.enableLogging) { + this.logger.debug( + `[${this.name}] Response ${response.status} (${latency}ms)`, + ); + } + + return response; + }, + (error: AxiosError) => { + return this.handleResponseError(error); + }, + ); + } + + /** + * Transform axios errors into integration-specific errors + */ + private handleResponseError(error: AxiosError): Promise { + const status = error.response?.status; + const message = this.extractErrorMessage(error); + + // Connection errors (no response) + if (!error.response) { + if (error.code === 'ECONNREFUSED') { + throw new IntegrationConnectionError( + this.name, + 'Connection refused', + error, + ); + } + if (error.code === 'ETIMEDOUT' || error.code === 'ECONNABORTED') { + throw new IntegrationConnectionError( + this.name, + 'Request timeout', + error, + ); + } + if (error.code === 'ENOTFOUND') { + throw new IntegrationConnectionError( + this.name, + 'Host not found', + error, + ); + } + throw new IntegrationConnectionError( + this.name, + error.message || 'Unknown connection error', + error, + ); + } + + // Authentication errors + if (status === 401) { + throw new IntegrationAuthError(this.name, message, error); + } + + // Rate limiting + if (status === 429) { + const retryAfter = this.extractRetryAfter(error); + throw new IntegrationRateLimitError(this.name, message, retryAfter, error); + } + + // General API errors + throw new IntegrationApiError( + this.name, + message, + status, + this.extractErrorCode(error), + error, + ); + } + + /** + * Extract error message from axios error response + */ + protected extractErrorMessage(error: AxiosError): string { + const data = error.response?.data as Record | undefined; + if (data?.message) { + return String(data.message); + } + if (data?.error) { + return String(data.error); + } + if (data?.error_description) { + return String(data.error_description); + } + return error.message || 'Unknown error'; + } + + /** + * Extract error code from axios error response + */ + protected extractErrorCode(error: AxiosError): string | undefined { + const data = error.response?.data as Record | undefined; + if (data?.code) { + return String(data.code); + } + if (data?.error_code) { + return String(data.error_code); + } + return undefined; + } + + /** + * Extract retry-after header value in seconds + */ + protected extractRetryAfter(error: AxiosError): number | undefined { + const retryAfter = error.response?.headers?.['retry-after']; + if (!retryAfter) return undefined; + + const seconds = parseInt(retryAfter, 10); + if (!isNaN(seconds)) return seconds; + + // Try to parse as date + const date = new Date(retryAfter); + if (!isNaN(date.getTime())) { + return Math.ceil((date.getTime() - Date.now()) / 1000); + } + + return undefined; + } + + /** + * Execute a request with automatic retry logic + */ + protected async executeWithRetry( + requestFn: () => Promise>, + retryConfig?: RetryConfig, + ): Promise { + const config: Required = { + maxRetries: this.config.maxRetries, + initialDelay: this.config.retryDelay, + maxDelay: this.config.maxRetryDelay, + retryOnStatuses: DEFAULT_RETRY_STATUSES, + ...retryConfig, + }; + + let lastError: Error | null = null; + + for (let attempt = 0; attempt <= config.maxRetries; attempt++) { + try { + const response = await requestFn(); + return response.data; + } catch (error) { + lastError = error as Error; + + // Check if we should retry + if (!this.shouldRetry(error, attempt, config)) { + throw error; + } + + // Calculate delay with exponential backoff and jitter + const delay = this.calculateRetryDelay(attempt, config); + + this.logger.warn( + `[${this.name}] Request failed (attempt ${attempt + 1}/${config.maxRetries + 1}). ` + + `Retrying in ${delay}ms...`, + ); + + await this.sleep(delay); + } + } + + throw lastError; + } + + /** + * Determine if a request should be retried + */ + private shouldRetry( + error: unknown, + attempt: number, + config: Required, + ): boolean { + if (attempt >= config.maxRetries) { + return false; + } + + // Check if error is retryable + if (error instanceof IntegrationRateLimitError) { + return true; + } + + if (error instanceof IntegrationConnectionError) { + return true; + } + + if (error instanceof IntegrationApiError) { + return config.retryOnStatuses.includes(error.apiStatusCode || 0); + } + + // Check axios error status + if (axios.isAxiosError(error) && error.response?.status) { + return config.retryOnStatuses.includes(error.response.status); + } + + return false; + } + + /** + * Calculate retry delay with exponential backoff and jitter + */ + private calculateRetryDelay( + attempt: number, + config: Required, + ): number { + // Exponential backoff: initialDelay * 2^attempt + const exponentialDelay = config.initialDelay * Math.pow(2, attempt); + + // Apply jitter (0.5 to 1.5 multiplier) + const jitter = 0.5 + Math.random(); + const delayWithJitter = exponentialDelay * jitter; + + // Cap at max delay + return Math.min(delayWithJitter, config.maxDelay); + } + + /** + * Sleep for specified milliseconds + */ + protected sleep(ms: number): Promise { + return new Promise((resolve) => setTimeout(resolve, ms)); + } + + /** + * Make a GET request with retry logic + */ + protected async get( + url: string, + config?: AxiosRequestConfig, + retryConfig?: RetryConfig, + ): Promise { + return this.executeWithRetry( + () => this.httpClient.get(url, config), + retryConfig, + ); + } + + /** + * Make a POST request with retry logic + */ + protected async post( + url: string, + data?: unknown, + config?: AxiosRequestConfig, + retryConfig?: RetryConfig, + ): Promise { + return this.executeWithRetry( + () => this.httpClient.post(url, data, config), + retryConfig, + ); + } + + /** + * Make a PUT request with retry logic + */ + protected async put( + url: string, + data?: unknown, + config?: AxiosRequestConfig, + retryConfig?: RetryConfig, + ): Promise { + return this.executeWithRetry( + () => this.httpClient.put(url, data, config), + retryConfig, + ); + } + + /** + * Make a PATCH request with retry logic + */ + protected async patch( + url: string, + data?: unknown, + config?: AxiosRequestConfig, + retryConfig?: RetryConfig, + ): Promise { + return this.executeWithRetry( + () => this.httpClient.patch(url, data, config), + retryConfig, + ); + } + + /** + * Make a DELETE request with retry logic + */ + protected async delete( + url: string, + config?: AxiosRequestConfig, + retryConfig?: RetryConfig, + ): Promise { + return this.executeWithRetry( + () => this.httpClient.delete(url, config), + retryConfig, + ); + } +} diff --git a/apps/api/src/modules/integrations/connectors/ecodms/ecodms.connector.ts b/apps/api/src/modules/integrations/connectors/ecodms/ecodms.connector.ts new file mode 100644 index 0000000..2dac7ac --- /dev/null +++ b/apps/api/src/modules/integrations/connectors/ecodms/ecodms.connector.ts @@ -0,0 +1,908 @@ +import { Injectable, Logger } from '@nestjs/common'; +import { ConfigService } from '@nestjs/config'; +import axios, { AxiosInstance, AxiosError } from 'axios'; +import FormData from 'form-data'; +import { + IntegrationConnectionError, + IntegrationAuthError, + IntegrationRateLimitError, + IntegrationApiError, + IntegrationConfigError, +} from '../../errors'; + +/** + * Health status of a connector + */ +export interface ConnectorHealth { + status: 'connected' | 'error' | 'not_configured'; + lastCheck: Date; + latency?: number; + error?: string; + details?: Record; +} + +/** + * Retry configuration + */ +interface RetryConfig { + maxRetries: number; + baseDelayMs: number; + maxDelayMs: number; + jitterFactor: number; +} + +const DEFAULT_RETRY_CONFIG: RetryConfig = { + maxRetries: 3, + baseDelayMs: 1000, + maxDelayMs: 30000, + jitterFactor: 0.1, +}; + +const DEFAULT_TIMEOUT_MS = 30000; +import { + EcoDmsSession, + EcoDmsDocument, + EcoDmsFolder, + EcoDmsClassification, + EcoDmsSearchResult, + EcoDmsApiResponse, + SearchDocumentsDto, + UploadDocumentDto, + UpdateDocumentDto, + ListDocumentsDto, + CreateFolderDto, + SearchOperator, + SortOrder, +} from './ecodms.types'; + +/** + * ecoDMS API Connector + * + * Provides integration with ecoDMS document management system. + * Features: + * - Session-based authentication + * - Document CRUD operations + * - Full-text search + * - Folder management + * - Classification/Category management + * - Document preview and download + * + * API Documentation: https://www.ecodms.de/index.php/en/ecodms-api + */ +@Injectable() +export class EcoDmsConnector { + private readonly logger = new Logger(EcoDmsConnector.name); + private readonly integrationName = 'ecoDMS'; + private readonly httpClient: AxiosInstance; + private readonly retryConfig: RetryConfig; + private isConfigured: boolean = false; + + private readonly baseUrl: string; + private readonly username: string; + private readonly password: string; + private readonly apiVersion: string; + + // Session management + private session: EcoDmsSession | null = null; + private sessionRefreshTimer: NodeJS.Timeout | null = null; + + constructor(private readonly configService: ConfigService) { + this.retryConfig = { ...DEFAULT_RETRY_CONFIG }; + + // Load configuration from environment + this.baseUrl = this.configService.get('ECODMS_API_URL', ''); + this.username = this.configService.get('ECODMS_USERNAME', ''); + this.password = this.configService.get('ECODMS_PASSWORD', ''); + this.apiVersion = this.configService.get('ECODMS_API_VERSION', 'v1'); + + // Validate configuration + this.validateConfiguration(); + + // Initialize HTTP client + this.httpClient = axios.create({ + baseURL: this.baseUrl ? `${this.baseUrl}/api/${this.apiVersion}` : undefined, + timeout: DEFAULT_TIMEOUT_MS, + headers: { + 'Content-Type': 'application/json', + 'Accept': 'application/json', + }, + }); + + this.setupInterceptors(); + + if (this.isConfigured) { + this.logger.log(`ecoDMS connector initialized with base URL: ${this.baseUrl}`); + } else { + this.logger.warn('ecoDMS connector not configured - missing credentials'); + } + } + + /** + * Validate required configuration + */ + private validateConfiguration(): void { + const missing: string[] = []; + + if (!this.baseUrl) { + missing.push('ECODMS_API_URL'); + } + if (!this.username) { + missing.push('ECODMS_USERNAME'); + } + if (!this.password) { + missing.push('ECODMS_PASSWORD'); + } + + this.isConfigured = missing.length === 0; + + if (!this.isConfigured) { + this.logger.warn(`ecoDMS configuration incomplete. Missing: ${missing.join(', ')}`); + } + } + + /** + * Setup axios interceptors + */ + private setupInterceptors(): void { + // Request interceptor to add session ID + this.httpClient.interceptors.request.use( + async (config) => { + // Don't add session header for login request + if (!config.url?.includes('/session/login')) { + await this.ensureSession(); + if (this.session) { + config.headers['X-Session-Id'] = this.session.sessionId; + } + } + + this.logger.debug(`[${this.integrationName}] Request: ${config.method?.toUpperCase()} ${config.url}`); + return config; + }, + (error) => { + this.logger.error(`[${this.integrationName}] Request error: ${error.message}`); + return Promise.reject(error); + }, + ); + + // Response interceptor + this.httpClient.interceptors.response.use( + (response) => { + this.logger.debug(`[${this.integrationName}] Response: ${response.status}`); + return response; + }, + async (error) => { + // Handle session expiration + if (error.response?.status === 401 && this.session) { + this.logger.warn('[ecoDMS] Session expired, attempting to re-authenticate'); + this.session = null; + // Don't retry login failures + if (!error.config?.url?.includes('/session/login')) { + try { + await this.login(); + // Retry the original request with new session + // eslint-disable-next-line @typescript-eslint/no-unnecessary-type-assertion + const newSession = this.session as EcoDmsSession | null; + error.config.headers['X-Session-Id'] = newSession?.sessionId; + return this.httpClient.request(error.config); + } catch (loginError) { + this.logger.error('[ecoDMS] Re-authentication failed'); + } + } + } + return Promise.reject(error); + }, + ); + } + + /** + * Ensure the connector is configured + */ + private ensureConfigured(): void { + if (!this.isConfigured) { + throw new IntegrationConfigError(this.integrationName, [ + 'ECODMS_API_URL', + 'ECODMS_USERNAME', + 'ECODMS_PASSWORD', + ]); + } + } + + /** + * Ensure we have a valid session + */ + private async ensureSession(): Promise { + if (!this.session) { + await this.login(); + } + } + + /** + * Execute request with retry logic + */ + private async executeWithRetry( + requestFn: () => Promise, + operation: string, + ): Promise { + let lastError: Error | undefined; + let attempt = 0; + + while (attempt <= this.retryConfig.maxRetries) { + try { + return await requestFn(); + } catch (error) { + lastError = error as Error; + attempt++; + + const shouldRetry = this.shouldRetry(error as AxiosError, attempt); + if (!shouldRetry) { + break; + } + + const delay = this.calculateDelay(attempt); + this.logger.warn( + `[${this.integrationName}] ${operation} failed (attempt ${attempt}/${this.retryConfig.maxRetries}), retrying in ${delay}ms`, + ); + + await this.sleep(delay); + } + } + + throw this.mapError(lastError as AxiosError, operation); + } + + /** + * Determine if request should be retried + */ + private shouldRetry(error: AxiosError, attempt: number): boolean { + if (attempt > this.retryConfig.maxRetries) { + return false; + } + + if (!error.response) { + return true; + } + + const status = error.response.status; + // Don't retry auth errors (will be handled by interceptor) + if (status === 401) { + return false; + } + return status >= 500 || status === 429; + } + + /** + * Calculate delay with exponential backoff and jitter + */ + private calculateDelay(attempt: number): number { + const delay = Math.min( + this.retryConfig.baseDelayMs * Math.pow(2, attempt - 1), + this.retryConfig.maxDelayMs, + ); + const jitter = delay * this.retryConfig.jitterFactor * Math.random(); + return Math.floor(delay + jitter); + } + + /** + * Map axios errors to integration errors + */ + private mapError(error: AxiosError, operation: string): Error { + if (!error.response) { + if (error.code === 'ECONNABORTED' || error.message.includes('timeout')) { + return new IntegrationConnectionError( + this.integrationName, + `Request timeout during ${operation}`, + error, + ); + } + return new IntegrationConnectionError( + this.integrationName, + `Connection failed during ${operation}: ${error.message}`, + error, + ); + } + + const status = error.response.status; + const responseData = error.response.data as EcoDmsApiResponse; + const message = responseData?.error?.message || error.message; + + switch (status) { + case 401: + return new IntegrationAuthError( + this.integrationName, + `Authentication failed: ${message}`, + error, + ); + case 403: + return new IntegrationAuthError( + this.integrationName, + `Access forbidden: ${message}`, + error, + ); + case 429: + const retryAfter = parseInt(error.response.headers['retry-after'] || '60', 10); + return new IntegrationRateLimitError( + this.integrationName, + `Rate limit exceeded`, + retryAfter, + error, + ); + default: + return new IntegrationApiError( + this.integrationName, + `${operation} failed: ${message}`, + status, + responseData?.error?.code, + error, + ); + } + } + + /** + * Sleep helper + */ + private sleep(ms: number): Promise { + return new Promise((resolve) => setTimeout(resolve, ms)); + } + + // ============ Authentication ============ + + /** + * Login and obtain session + */ + private async login(): Promise { + this.ensureConfigured(); + + try { + const response = await this.httpClient.post>( + '/session/login', + { + username: this.username, + password: this.password, + }, + ); + + if (response.data.success && response.data.data) { + this.session = response.data.data; + this.logger.log(`[ecoDMS] Logged in as ${this.session.userName}`); + + // Schedule session refresh before expiry + this.scheduleSessionRefresh(); + } else { + throw new IntegrationAuthError( + this.integrationName, + response.data.error?.message || 'Login failed', + ); + } + } catch (error) { + if (error instanceof IntegrationAuthError) { + throw error; + } + throw this.mapError(error as AxiosError, 'login'); + } + } + + /** + * Schedule session refresh + */ + private scheduleSessionRefresh(): void { + if (this.sessionRefreshTimer) { + clearTimeout(this.sessionRefreshTimer); + } + + if (this.session?.validUntil) { + const validUntil = new Date(this.session.validUntil); + const refreshTime = validUntil.getTime() - Date.now() - 60000; // Refresh 1 minute before expiry + + if (refreshTime > 0) { + this.sessionRefreshTimer = setTimeout(async () => { + this.logger.debug('[ecoDMS] Refreshing session'); + try { + await this.login(); + } catch (error) { + this.logger.error('[ecoDMS] Session refresh failed'); + } + }, refreshTime); + } + } + } + + /** + * Logout and invalidate session + */ + async logout(): Promise { + if (this.session) { + try { + await this.httpClient.post('/session/logout'); + } catch (error) { + this.logger.warn('[ecoDMS] Logout request failed, clearing session anyway'); + } + this.session = null; + if (this.sessionRefreshTimer) { + clearTimeout(this.sessionRefreshTimer); + this.sessionRefreshTimer = null; + } + this.logger.log('[ecoDMS] Logged out'); + } + } + + // ============ Health & Connection ============ + + /** + * Check connector health + */ + async checkHealth(): Promise { + if (!this.isConfigured) { + return { + status: 'not_configured', + lastCheck: new Date(), + error: 'ecoDMS connector is not configured', + }; + } + + const startTime = Date.now(); + try { + await this.ensureSession(); + // Try to get classifications as a health check + await this.httpClient.get('/classifications'); + return { + status: 'connected', + lastCheck: new Date(), + latency: Date.now() - startTime, + details: { + sessionUser: this.session?.userName, + }, + }; + } catch (error) { + return { + status: 'error', + lastCheck: new Date(), + latency: Date.now() - startTime, + error: (error as Error).message, + }; + } + } + + /** + * Test connection + */ + async testConnection(): Promise<{ success: boolean; message: string; latency?: number }> { + this.ensureConfigured(); + + const startTime = Date.now(); + try { + await this.login(); + const latency = Date.now() - startTime; + + return { + success: true, + message: `Successfully connected as ${this.session?.userName}`, + latency, + }; + } catch (error) { + throw this.mapError(error as AxiosError, 'testConnection'); + } + } + + /** + * Check if connector is configured + */ + getIsConfigured(): boolean { + return this.isConfigured; + } + + // ============ Documents API ============ + + /** + * List documents + */ + async listDocuments(params: ListDocumentsDto = {}): Promise<{ + documents: EcoDmsDocument[]; + pagination: { page: number; pageSize: number; total: number; totalPages: number }; + }> { + this.ensureConfigured(); + + return this.executeWithRetry(async () => { + const queryParams: Record = { + page: params.page || 1, + pageSize: params.pageSize || 50, + sortBy: params.sortBy || 'modifiedAt', + sortOrder: params.sortOrder || SortOrder.DESC, + }; + + if (params.folderId !== undefined) { + queryParams.folderId = params.folderId; + } + if (params.classifyId !== undefined) { + queryParams.classifyId = params.classifyId; + } + if (params.recursive !== undefined) { + queryParams.recursive = params.recursive; + } + + const response = await this.httpClient.get>('/documents', { params: queryParams }); + + if (!response.data.success || !response.data.data) { + throw new IntegrationApiError( + this.integrationName, + response.data.error?.message || 'Failed to list documents', + ); + } + + const { documents, total } = response.data.data; + const page = params.page || 1; + const pageSize = params.pageSize || 50; + + return { + documents, + pagination: { + page, + pageSize, + total, + totalPages: Math.ceil(total / pageSize), + }, + }; + }, 'listDocuments'); + } + + /** + * Get a single document by ID + */ + async getDocument(id: number): Promise { + this.ensureConfigured(); + + return this.executeWithRetry(async () => { + const response = await this.httpClient.get>( + `/documents/${id}`, + ); + + if (!response.data.success || !response.data.data) { + throw new IntegrationApiError( + this.integrationName, + response.data.error?.message || 'Document not found', + 404, + ); + } + + return response.data.data; + }, 'getDocument'); + } + + /** + * Search documents + */ + async searchDocuments(params: SearchDocumentsDto): Promise { + this.ensureConfigured(); + + return this.executeWithRetry(async () => { + const searchPayload: Record = { + page: params.page || 1, + pageSize: params.pageSize || 50, + sortBy: params.sortBy || 'modifiedAt', + sortOrder: params.sortOrder || SortOrder.DESC, + operator: params.operator || SearchOperator.AND, + }; + + if (params.query) { + searchPayload.fullText = params.query; + } + if (params.classifyId !== undefined) { + searchPayload.classifyId = params.classifyId; + } + if (params.folderId !== undefined) { + searchPayload.folderId = params.folderId; + } + if (params.dateFrom) { + searchPayload.dateFrom = params.dateFrom; + } + if (params.dateTo) { + searchPayload.dateTo = params.dateTo; + } + if (params.fileExtension) { + searchPayload.fileExtension = params.fileExtension; + } + if (params.attributes) { + searchPayload.attributes = params.attributes; + } + + const response = await this.httpClient.post>( + '/documents/search', + searchPayload, + ); + + if (!response.data.success || !response.data.data) { + throw new IntegrationApiError( + this.integrationName, + response.data.error?.message || 'Search failed', + ); + } + + return response.data.data; + }, 'searchDocuments'); + } + + /** + * Upload a document + */ + async uploadDocument( + file: Buffer, + fileName: string, + mimeType: string, + metadata: UploadDocumentDto, + ): Promise { + this.ensureConfigured(); + + return this.executeWithRetry(async () => { + const formData = new FormData(); + formData.append('file', file, { + filename: fileName, + contentType: mimeType, + }); + formData.append('title', metadata.title); + formData.append('classifyId', metadata.classifyId.toString()); + + if (metadata.folderId) { + formData.append('folderId', metadata.folderId.toString()); + } + if (metadata.fileName) { + formData.append('fileName', metadata.fileName); + } + if (metadata.documentDate) { + formData.append('documentDate', metadata.documentDate); + } + if (metadata.enableOcr !== undefined) { + formData.append('enableOcr', metadata.enableOcr.toString()); + } + if (metadata.attributes) { + formData.append('attributes', JSON.stringify(metadata.attributes)); + } + + const response = await this.httpClient.post>( + '/documents/upload', + formData, + { + headers: { + ...formData.getHeaders(), + }, + timeout: 120000, // 2 minutes for uploads + }, + ); + + if (!response.data.success || !response.data.data) { + throw new IntegrationApiError( + this.integrationName, + response.data.error?.message || 'Upload failed', + ); + } + + return response.data.data; + }, 'uploadDocument'); + } + + /** + * Update document metadata + */ + async updateDocument(id: number, data: UpdateDocumentDto): Promise { + this.ensureConfigured(); + + return this.executeWithRetry(async () => { + const response = await this.httpClient.put>( + `/documents/${id}`, + data, + ); + + if (!response.data.success || !response.data.data) { + throw new IntegrationApiError( + this.integrationName, + response.data.error?.message || 'Update failed', + ); + } + + return response.data.data; + }, 'updateDocument'); + } + + /** + * Delete a document + */ + async deleteDocument(id: number): Promise { + this.ensureConfigured(); + + return this.executeWithRetry(async () => { + const response = await this.httpClient.delete>( + `/documents/${id}`, + ); + + if (!response.data.success) { + throw new IntegrationApiError( + this.integrationName, + response.data.error?.message || 'Delete failed', + ); + } + }, 'deleteDocument'); + } + + /** + * Download document content + */ + async downloadDocument(id: number): Promise<{ content: Buffer; fileName: string; mimeType: string }> { + this.ensureConfigured(); + + return this.executeWithRetry(async () => { + const response = await this.httpClient.get(`/documents/${id}/download`, { + responseType: 'arraybuffer', + }); + + const contentDisposition = response.headers['content-disposition'] || ''; + const fileNameMatch = /filename[^;=\n]*=((['"]).*?\2|[^;\n]*)/.exec(contentDisposition); + const fileName = fileNameMatch ? fileNameMatch[1].replace(/['"]/g, '') : `document_${id}`; + const mimeType = response.headers['content-type'] || 'application/octet-stream'; + + return { + content: Buffer.from(response.data), + fileName, + mimeType, + }; + }, 'downloadDocument'); + } + + /** + * Get document preview (thumbnail or PDF preview) + */ + async getDocumentPreview(id: number, page: number = 1): Promise { + this.ensureConfigured(); + + return this.executeWithRetry(async () => { + const response = await this.httpClient.get(`/documents/${id}/preview`, { + params: { page }, + responseType: 'arraybuffer', + }); + + return Buffer.from(response.data); + }, 'getDocumentPreview'); + } + + // ============ Folders API ============ + + /** + * List folders + */ + async listFolders(parentId?: number): Promise { + this.ensureConfigured(); + + return this.executeWithRetry(async () => { + const params: Record = {}; + if (parentId !== undefined) { + params.parentId = parentId; + } + + const response = await this.httpClient.get>( + '/folders', + { params }, + ); + + if (!response.data.success || !response.data.data) { + throw new IntegrationApiError( + this.integrationName, + response.data.error?.message || 'Failed to list folders', + ); + } + + return response.data.data; + }, 'listFolders'); + } + + /** + * Get folder tree + */ + async getFolderTree(): Promise { + this.ensureConfigured(); + + return this.executeWithRetry(async () => { + const response = await this.httpClient.get>( + '/folders/tree', + ); + + if (!response.data.success || !response.data.data) { + throw new IntegrationApiError( + this.integrationName, + response.data.error?.message || 'Failed to get folder tree', + ); + } + + return response.data.data; + }, 'getFolderTree'); + } + + /** + * Create a folder + */ + async createFolder(data: CreateFolderDto): Promise { + this.ensureConfigured(); + + return this.executeWithRetry(async () => { + const response = await this.httpClient.post>( + '/folders', + data, + ); + + if (!response.data.success || !response.data.data) { + throw new IntegrationApiError( + this.integrationName, + response.data.error?.message || 'Failed to create folder', + ); + } + + return response.data.data; + }, 'createFolder'); + } + + /** + * Delete a folder + */ + async deleteFolder(id: number): Promise { + this.ensureConfigured(); + + return this.executeWithRetry(async () => { + const response = await this.httpClient.delete>( + `/folders/${id}`, + ); + + if (!response.data.success) { + throw new IntegrationApiError( + this.integrationName, + response.data.error?.message || 'Failed to delete folder', + ); + } + }, 'deleteFolder'); + } + + // ============ Classifications API ============ + + /** + * List classifications (document types/categories) + */ + async listClassifications(): Promise { + this.ensureConfigured(); + + return this.executeWithRetry(async () => { + const response = await this.httpClient.get>( + '/classifications', + ); + + if (!response.data.success || !response.data.data) { + throw new IntegrationApiError( + this.integrationName, + response.data.error?.message || 'Failed to list classifications', + ); + } + + return response.data.data; + }, 'listClassifications'); + } + + /** + * Get classification details + */ + async getClassification(id: number): Promise { + this.ensureConfigured(); + + return this.executeWithRetry(async () => { + const response = await this.httpClient.get>( + `/classifications/${id}`, + ); + + if (!response.data.success || !response.data.data) { + throw new IntegrationApiError( + this.integrationName, + response.data.error?.message || 'Classification not found', + 404, + ); + } + + return response.data.data; + }, 'getClassification'); + } +} diff --git a/apps/api/src/modules/integrations/connectors/ecodms/ecodms.controller.ts b/apps/api/src/modules/integrations/connectors/ecodms/ecodms.controller.ts new file mode 100644 index 0000000..06703a1 --- /dev/null +++ b/apps/api/src/modules/integrations/connectors/ecodms/ecodms.controller.ts @@ -0,0 +1,313 @@ +import { + Controller, + Get, + Post, + Put, + Delete, + Body, + Param, + Query, + Res, + UploadedFile, + UseInterceptors, + ParseIntPipe, + HttpCode, + HttpStatus, + StreamableFile, +} from '@nestjs/common'; +import { FileInterceptor } from '@nestjs/platform-express'; +import { Response } from 'express'; +import { + ApiTags, + ApiOperation, + ApiResponse, + ApiBearerAuth, + ApiParam, + ApiQuery, + ApiConsumes, + ApiBody, +} from '@nestjs/swagger'; +import { EcoDmsService } from './ecodms.service'; +import { + SearchDocumentsDto, + UploadDocumentDto, + UpdateDocumentDto, + ListDocumentsDto, + CreateFolderDto, + DocumentResponseDto, + FolderResponseDto, + ClassificationResponseDto, + SearchResultResponseDto, + SortOrder, +} from './ecodms.types'; +import { RequirePermissions } from '../../../../auth/permissions/permissions.decorator'; +import { Permission } from '../../../../auth/permissions/permissions.enum'; + +/** + * ecoDMS Integration Controller + * + * REST API endpoints for ecoDMS document management integration. + */ +@ApiTags('Integrations - ecoDMS') +@ApiBearerAuth() +@Controller('integrations/ecodms') +export class EcoDmsController { + constructor(private readonly ecoDmsService: EcoDmsService) {} + + // ============ Health & Status ============ + + @Post('test') + @HttpCode(HttpStatus.OK) + @ApiOperation({ summary: 'Test ecoDMS connection' }) + @ApiResponse({ + status: 200, + description: 'Connection test result', + schema: { + type: 'object', + properties: { + success: { type: 'boolean' }, + message: { type: 'string' }, + latency: { type: 'number' }, + }, + }, + }) + @RequirePermissions(Permission.INTEGRATIONS_MANAGE) + async testConnection() { + return this.ecoDmsService.testConnection(); + } + + @Get('health') + @ApiOperation({ summary: 'Get ecoDMS connector health status' }) + @ApiResponse({ + status: 200, + description: 'Health status', + schema: { + type: 'object', + properties: { + status: { type: 'string', enum: ['connected', 'error', 'not_configured'] }, + lastCheck: { type: 'string', format: 'date-time' }, + latency: { type: 'number' }, + error: { type: 'string' }, + }, + }, + }) + @RequirePermissions(Permission.INTEGRATIONS_VIEW) + async getHealth() { + return this.ecoDmsService.checkHealth(); + } + + // ============ Documents ============ + + @Get('documents') + @ApiOperation({ summary: 'List documents' }) + @ApiQuery({ name: 'folderId', required: false, type: Number }) + @ApiQuery({ name: 'classifyId', required: false, type: Number }) + @ApiQuery({ name: 'recursive', required: false, type: Boolean }) + @ApiQuery({ name: 'sortBy', required: false, type: String }) + @ApiQuery({ name: 'sortOrder', required: false, enum: SortOrder }) + @ApiQuery({ name: 'page', required: false, type: Number }) + @ApiQuery({ name: 'pageSize', required: false, type: Number }) + @ApiResponse({ + status: 200, + description: 'List of documents', + schema: { + type: 'object', + properties: { + documents: { type: 'array', items: { $ref: '#/components/schemas/DocumentResponseDto' } }, + pagination: { + type: 'object', + properties: { + page: { type: 'number' }, + pageSize: { type: 'number' }, + total: { type: 'number' }, + totalPages: { type: 'number' }, + }, + }, + }, + }, + }) + @RequirePermissions(Permission.INTEGRATIONS_VIEW) + async listDocuments(@Query() query: ListDocumentsDto) { + return this.ecoDmsService.listDocuments(query); + } + + @Get('documents/:id') + @ApiOperation({ summary: 'Get a document by ID' }) + @ApiParam({ name: 'id', type: Number }) + @ApiResponse({ status: 200, description: 'Document details', type: DocumentResponseDto }) + @ApiResponse({ status: 404, description: 'Document not found' }) + @RequirePermissions(Permission.INTEGRATIONS_VIEW) + async getDocument(@Param('id', ParseIntPipe) id: number) { + return this.ecoDmsService.getDocument(id); + } + + @Post('documents/search') + @HttpCode(HttpStatus.OK) + @ApiOperation({ summary: 'Search documents' }) + @ApiResponse({ status: 200, description: 'Search results', type: SearchResultResponseDto }) + @RequirePermissions(Permission.INTEGRATIONS_MANAGE) + async searchDocuments(@Body() params: SearchDocumentsDto) { + return this.ecoDmsService.searchDocuments(params); + } + + @Post('documents/upload') + @UseInterceptors(FileInterceptor('file')) + @ApiOperation({ summary: 'Upload a document' }) + @ApiConsumes('multipart/form-data') + @ApiBody({ + schema: { + type: 'object', + properties: { + file: { type: 'string', format: 'binary' }, + title: { type: 'string' }, + classifyId: { type: 'number' }, + folderId: { type: 'number' }, + fileName: { type: 'string' }, + documentDate: { type: 'string', format: 'date' }, + enableOcr: { type: 'boolean' }, + attributes: { type: 'object' }, + }, + required: ['file', 'title', 'classifyId'], + }, + }) + @ApiResponse({ status: 201, description: 'Document uploaded', type: DocumentResponseDto }) + @RequirePermissions(Permission.INTEGRATIONS_MANAGE) + async uploadDocument( + @UploadedFile() file: Express.Multer.File, + @Body() metadata: UploadDocumentDto, + ) { + return this.ecoDmsService.uploadDocument( + file.buffer, + file.originalname, + file.mimetype, + metadata, + ); + } + + @Put('documents/:id') + @ApiOperation({ summary: 'Update document metadata' }) + @ApiParam({ name: 'id', type: Number }) + @ApiResponse({ status: 200, description: 'Document updated', type: DocumentResponseDto }) + @ApiResponse({ status: 404, description: 'Document not found' }) + @RequirePermissions(Permission.INTEGRATIONS_MANAGE) + async updateDocument( + @Param('id', ParseIntPipe) id: number, + @Body() data: UpdateDocumentDto, + ) { + return this.ecoDmsService.updateDocument(id, data); + } + + @Delete('documents/:id') + @HttpCode(HttpStatus.NO_CONTENT) + @ApiOperation({ summary: 'Delete a document' }) + @ApiParam({ name: 'id', type: Number }) + @ApiResponse({ status: 204, description: 'Document deleted' }) + @ApiResponse({ status: 404, description: 'Document not found' }) + @RequirePermissions(Permission.INTEGRATIONS_MANAGE) + async deleteDocument(@Param('id', ParseIntPipe) id: number): Promise { + await this.ecoDmsService.deleteDocument(id); + } + + @Get('documents/:id/download') + @ApiOperation({ summary: 'Download document content' }) + @ApiParam({ name: 'id', type: Number }) + @ApiResponse({ status: 200, description: 'Document content' }) + @ApiResponse({ status: 404, description: 'Document not found' }) + @RequirePermissions(Permission.INTEGRATIONS_VIEW) + async downloadDocument( + @Param('id', ParseIntPipe) id: number, + @Res({ passthrough: true }) res: Response, + ): Promise { + const { content, fileName, mimeType } = await this.ecoDmsService.downloadDocument(id); + + res.set({ + 'Content-Type': mimeType, + 'Content-Disposition': `attachment; filename="${fileName}"`, + 'Content-Length': content.length, + }); + + return new StreamableFile(content); + } + + @Get('documents/:id/preview') + @ApiOperation({ summary: 'Get document preview (thumbnail)' }) + @ApiParam({ name: 'id', type: Number }) + @ApiQuery({ name: 'page', required: false, type: Number, description: 'Page number for multi-page documents' }) + @ApiResponse({ status: 200, description: 'Preview image' }) + @ApiResponse({ status: 404, description: 'Document not found' }) + @RequirePermissions(Permission.INTEGRATIONS_VIEW) + async getDocumentPreview( + @Param('id', ParseIntPipe) id: number, + @Query('page') page?: number, + @Res({ passthrough: true }) res?: Response, + ): Promise { + const preview = await this.ecoDmsService.getDocumentPreview(id, page || 1); + + res?.set({ + 'Content-Type': 'image/png', + 'Content-Length': preview.length, + 'Cache-Control': 'public, max-age=3600', + }); + + return new StreamableFile(preview); + } + + // ============ Folders ============ + + @Get('folders') + @ApiOperation({ summary: 'List folders' }) + @ApiQuery({ name: 'parentId', required: false, type: Number, description: 'Parent folder ID (null for root)' }) + @ApiResponse({ status: 200, description: 'List of folders', type: [FolderResponseDto] }) + @RequirePermissions(Permission.INTEGRATIONS_VIEW) + async listFolders(@Query('parentId') parentId?: number) { + return this.ecoDmsService.listFolders(parentId); + } + + @Get('folders/tree') + @ApiOperation({ summary: 'Get complete folder tree' }) + @ApiResponse({ status: 200, description: 'Folder tree', type: [FolderResponseDto] }) + @RequirePermissions(Permission.INTEGRATIONS_VIEW) + async getFolderTree() { + return this.ecoDmsService.getFolderTree(); + } + + @Post('folders') + @HttpCode(HttpStatus.CREATED) + @ApiOperation({ summary: 'Create a folder' }) + @ApiResponse({ status: 201, description: 'Folder created', type: FolderResponseDto }) + @RequirePermissions(Permission.INTEGRATIONS_MANAGE) + async createFolder(@Body() data: CreateFolderDto) { + return this.ecoDmsService.createFolder(data); + } + + @Delete('folders/:id') + @HttpCode(HttpStatus.NO_CONTENT) + @ApiOperation({ summary: 'Delete a folder' }) + @ApiParam({ name: 'id', type: Number }) + @ApiResponse({ status: 204, description: 'Folder deleted' }) + @ApiResponse({ status: 404, description: 'Folder not found' }) + @RequirePermissions(Permission.INTEGRATIONS_MANAGE) + async deleteFolder(@Param('id', ParseIntPipe) id: number): Promise { + await this.ecoDmsService.deleteFolder(id); + } + + // ============ Classifications ============ + + @Get('classifications') + @ApiOperation({ summary: 'List all classifications (document types)' }) + @ApiResponse({ status: 200, description: 'List of classifications', type: [ClassificationResponseDto] }) + @RequirePermissions(Permission.INTEGRATIONS_VIEW) + async listClassifications() { + return this.ecoDmsService.listClassifications(); + } + + @Get('classifications/:id') + @ApiOperation({ summary: 'Get classification details' }) + @ApiParam({ name: 'id', type: Number }) + @ApiResponse({ status: 200, description: 'Classification details', type: ClassificationResponseDto }) + @ApiResponse({ status: 404, description: 'Classification not found' }) + @RequirePermissions(Permission.INTEGRATIONS_VIEW) + async getClassification(@Param('id', ParseIntPipe) id: number) { + return this.ecoDmsService.getClassification(id); + } +} diff --git a/apps/api/src/modules/integrations/connectors/ecodms/ecodms.module.ts b/apps/api/src/modules/integrations/connectors/ecodms/ecodms.module.ts new file mode 100644 index 0000000..fb086f5 --- /dev/null +++ b/apps/api/src/modules/integrations/connectors/ecodms/ecodms.module.ts @@ -0,0 +1,35 @@ +import { Module } from '@nestjs/common'; +import { ConfigModule } from '@nestjs/config'; +import { EcoDmsConnector } from './ecodms.connector'; +import { EcoDmsService } from './ecodms.service'; +import { EcoDmsController } from './ecodms.controller'; + +/** + * ecoDMS Integration Module + * + * Provides integration with ecoDMS document management system. + * + * Required environment variables: + * - ECODMS_API_URL: Base URL of ecoDMS API (e.g., https://ecodms.example.com) + * - ECODMS_USERNAME: Username for authentication + * - ECODMS_PASSWORD: Password for authentication + * + * Optional environment variables: + * - ECODMS_API_VERSION: API version (default: v1) + * + * Features: + * - Session-based authentication with automatic refresh + * - Document CRUD operations + * - Full-text search with attribute filters + * - Folder management + * - Classification/Category management + * - Document download and preview + * - OCR support + */ +@Module({ + imports: [ConfigModule], + controllers: [EcoDmsController], + providers: [EcoDmsConnector, EcoDmsService], + exports: [EcoDmsService, EcoDmsConnector], +}) +export class EcoDmsModule {} diff --git a/apps/api/src/modules/integrations/connectors/ecodms/ecodms.service.ts b/apps/api/src/modules/integrations/connectors/ecodms/ecodms.service.ts new file mode 100644 index 0000000..fe3d9b7 --- /dev/null +++ b/apps/api/src/modules/integrations/connectors/ecodms/ecodms.service.ts @@ -0,0 +1,285 @@ +import { Injectable, Logger, OnModuleDestroy } from '@nestjs/common'; +import { EcoDmsConnector, ConnectorHealth } from './ecodms.connector'; +import { + EcoDmsDocument, + EcoDmsFolder, + EcoDmsClassification, + EcoDmsSearchResult, + SearchDocumentsDto, + UploadDocumentDto, + UpdateDocumentDto, + ListDocumentsDto, + CreateFolderDto, +} from './ecodms.types'; + +/** + * ecoDMS Service + * + * High-level service for interacting with ecoDMS document management system. + * Wraps the connector with additional business logic and logging. + */ +@Injectable() +export class EcoDmsService implements OnModuleDestroy { + private readonly logger = new Logger(EcoDmsService.name); + + constructor(private readonly connector: EcoDmsConnector) {} + + /** + * Cleanup on module destroy + */ + async onModuleDestroy(): Promise { + this.logger.log('Cleaning up ecoDMS session'); + await this.connector.logout(); + } + + // ============ Health & Status ============ + + /** + * Check health status of the ecoDMS integration + */ + async checkHealth(): Promise { + this.logger.debug('Checking ecoDMS connector health'); + return this.connector.checkHealth(); + } + + /** + * Test connection to ecoDMS + */ + async testConnection(): Promise<{ success: boolean; message: string; latency?: number }> { + this.logger.log('Testing ecoDMS connection'); + const result = await this.connector.testConnection(); + this.logger.log(`ecoDMS connection test: ${result.success ? 'SUCCESS' : 'FAILED'} - ${result.message}`); + return result; + } + + /** + * Check if connector is configured + */ + isConfigured(): boolean { + return this.connector.getIsConfigured(); + } + + // ============ Documents ============ + + /** + * List documents with optional filters + */ + async listDocuments(params: ListDocumentsDto = {}): Promise<{ + documents: EcoDmsDocument[]; + pagination: { page: number; pageSize: number; total: number; totalPages: number }; + }> { + this.logger.debug(`Listing documents with params: ${JSON.stringify(params)}`); + const result = await this.connector.listDocuments(params); + this.logger.debug(`Found ${result.documents.length} documents`); + return result; + } + + /** + * Get a single document by ID + */ + async getDocument(id: number): Promise { + this.logger.debug(`Getting document: ${id}`); + return this.connector.getDocument(id); + } + + /** + * Search documents + */ + async searchDocuments(params: SearchDocumentsDto): Promise { + this.logger.log(`Searching documents with query: ${params.query || 'no query'}`); + const result = await this.connector.searchDocuments(params); + this.logger.log(`Search returned ${result.totalCount} results in ${result.searchTime}ms`); + return result; + } + + /** + * Upload a document + */ + async uploadDocument( + file: Buffer, + fileName: string, + mimeType: string, + metadata: UploadDocumentDto, + ): Promise { + this.logger.log(`Uploading document: ${metadata.title} (${fileName})`); + const document = await this.connector.uploadDocument(file, fileName, mimeType, metadata); + this.logger.log(`Uploaded document: ${document.id} - ${document.docId}`); + return document; + } + + /** + * Update document metadata + */ + async updateDocument(id: number, data: UpdateDocumentDto): Promise { + this.logger.log(`Updating document: ${id}`); + const document = await this.connector.updateDocument(id, data); + this.logger.log(`Updated document: ${document.id}`); + return document; + } + + /** + * Delete a document + */ + async deleteDocument(id: number): Promise { + this.logger.log(`Deleting document: ${id}`); + await this.connector.deleteDocument(id); + this.logger.log(`Deleted document: ${id}`); + } + + /** + * Download document content + */ + async downloadDocument(id: number): Promise<{ content: Buffer; fileName: string; mimeType: string }> { + this.logger.debug(`Downloading document: ${id}`); + const result = await this.connector.downloadDocument(id); + this.logger.debug(`Downloaded document: ${id} (${result.content.length} bytes)`); + return result; + } + + /** + * Get document preview + */ + async getDocumentPreview(id: number, page: number = 1): Promise { + this.logger.debug(`Getting preview for document: ${id}, page: ${page}`); + return this.connector.getDocumentPreview(id, page); + } + + /** + * Find documents by classification + */ + async findByClassification(classifyId: number, params?: Omit): Promise<{ + documents: EcoDmsDocument[]; + pagination: { page: number; pageSize: number; total: number; totalPages: number }; + }> { + this.logger.debug(`Finding documents by classification: ${classifyId}`); + return this.listDocuments({ ...params, classifyId }); + } + + /** + * Find documents by folder + */ + async findByFolder(folderId: number, params?: Omit): Promise<{ + documents: EcoDmsDocument[]; + pagination: { page: number; pageSize: number; total: number; totalPages: number }; + }> { + this.logger.debug(`Finding documents in folder: ${folderId}`); + return this.listDocuments({ ...params, folderId }); + } + + /** + * Quick search documents by text + */ + async quickSearch(query: string, limit: number = 20): Promise { + this.logger.debug(`Quick search: "${query}"`); + const result = await this.searchDocuments({ + query, + pageSize: limit, + }); + return result.documents; + } + + // ============ Folders ============ + + /** + * List folders + */ + async listFolders(parentId?: number): Promise { + this.logger.debug(`Listing folders${parentId !== undefined ? ` under parent: ${parentId}` : ''}`); + const folders = await this.connector.listFolders(parentId); + this.logger.debug(`Found ${folders.length} folders`); + return folders; + } + + /** + * Get folder tree + */ + async getFolderTree(): Promise { + this.logger.debug('Getting folder tree'); + const tree = await this.connector.getFolderTree(); + this.logger.debug('Retrieved folder tree'); + return tree; + } + + /** + * Create a folder + */ + async createFolder(data: CreateFolderDto): Promise { + this.logger.log(`Creating folder: ${data.name}`); + const folder = await this.connector.createFolder(data); + this.logger.log(`Created folder: ${folder.id} - ${folder.path}`); + return folder; + } + + /** + * Delete a folder + */ + async deleteFolder(id: number): Promise { + this.logger.log(`Deleting folder: ${id}`); + await this.connector.deleteFolder(id); + this.logger.log(`Deleted folder: ${id}`); + } + + /** + * Ensure a folder exists by path (creates if needed) + */ + async ensureFolderPath(path: string): Promise { + this.logger.debug(`Ensuring folder path exists: ${path}`); + + const parts = path.split('/').filter(Boolean); + let parentId: number | undefined; + + for (const part of parts) { + const folders = await this.listFolders(parentId); + let folder = folders.find((f) => f.name === part); + + if (!folder) { + this.logger.log(`Creating missing folder: ${part}`); + folder = await this.createFolder({ name: part, parentId }); + } + + parentId = folder.id; + } + + // Return the final folder + const folders = await this.listFolders(parentId); + const lastPart = parts[parts.length - 1]; + const finalFolder = folders.find((f) => f.name === lastPart); + + if (!finalFolder) { + // If we just created it, fetch it + const allFolders = await this.listFolders(parts.length > 1 ? parentId : undefined); + return allFolders.find((f) => f.name === lastPart)!; + } + + return finalFolder; + } + + // ============ Classifications ============ + + /** + * List all classifications (document types) + */ + async listClassifications(): Promise { + this.logger.debug('Listing classifications'); + const classifications = await this.connector.listClassifications(); + this.logger.debug(`Found ${classifications.length} classifications`); + return classifications; + } + + /** + * Get classification details + */ + async getClassification(id: number): Promise { + this.logger.debug(`Getting classification: ${id}`); + return this.connector.getClassification(id); + } + + /** + * Find classification by name + */ + async findClassificationByName(name: string): Promise { + this.logger.debug(`Finding classification by name: ${name}`); + const classifications = await this.listClassifications(); + return classifications.find((c) => c.name.toLowerCase() === name.toLowerCase()) || null; + } +} diff --git a/apps/api/src/modules/integrations/connectors/ecodms/ecodms.types.ts b/apps/api/src/modules/integrations/connectors/ecodms/ecodms.types.ts new file mode 100644 index 0000000..2c574d9 --- /dev/null +++ b/apps/api/src/modules/integrations/connectors/ecodms/ecodms.types.ts @@ -0,0 +1,401 @@ +import { IsString, IsOptional, IsNumber, IsArray, IsDateString, IsEnum, IsBoolean, ValidateNested } from 'class-validator'; +import { ApiProperty, ApiPropertyOptional } from '@nestjs/swagger'; +import { Type } from 'class-transformer'; + +/** + * ecoDMS API Types and DTOs + * + * ecoDMS is a document management system with session-based authentication. + * API Documentation: https://www.ecodms.de/index.php/en/ecodms-api + */ + +// ============ Enums ============ + +export enum DocumentStatus { + ARCHIVED = 'archived', + DELETED = 'deleted', + PENDING = 'pending', +} + +export enum SearchOperator { + AND = 'and', + OR = 'or', +} + +export enum SortOrder { + ASC = 'asc', + DESC = 'desc', +} + +// ============ API Response Types ============ + +export interface EcoDmsSession { + sessionId: string; + userId: number; + userName: string; + validUntil: string; +} + +export interface EcoDmsDocument { + id: number; + docId: string; + version: number; + title: string; + fileName: string; + fileExtension: string; + fileSize: number; + mimeType: string; + createdAt: string; + modifiedAt: string; + archivedAt: string; + classifyId: number; + classifyName: string; + folderId: number | null; + folderPath: string | null; + status: DocumentStatus; + checksum: string; + pageCount: number; + ocrText: string | null; + attributes: EcoDmsAttribute[]; + links: EcoDmsDocumentLink[]; +} + +export interface EcoDmsAttribute { + id: number; + name: string; + value: string | number | boolean | null; + type: 'text' | 'number' | 'date' | 'boolean' | 'list'; + required: boolean; +} + +export interface EcoDmsDocumentLink { + id: number; + targetDocId: string; + linkType: string; + description: string | null; +} + +export interface EcoDmsFolder { + id: number; + name: string; + parentId: number | null; + path: string; + children: EcoDmsFolder[]; + documentCount: number; + createdAt: string; + modifiedAt: string; +} + +export interface EcoDmsClassification { + id: number; + name: string; + description: string | null; + parentId: number | null; + attributes: EcoDmsClassificationAttribute[]; + isActive: boolean; +} + +export interface EcoDmsClassificationAttribute { + id: number; + name: string; + type: 'text' | 'number' | 'date' | 'boolean' | 'list'; + required: boolean; + defaultValue: string | null; + listValues: string[] | null; + sortOrder: number; +} + +export interface EcoDmsSearchResult { + documents: EcoDmsDocument[]; + totalCount: number; + page: number; + pageSize: number; + searchTime: number; +} + +export interface EcoDmsApiResponse { + success: boolean; + data?: T; + error?: { + code: string; + message: string; + }; +} + +// ============ DTOs ============ + +export class SearchDocumentsDto { + @ApiPropertyOptional({ description: 'Full-text search query' }) + @IsOptional() + @IsString() + query?: string; + + @ApiPropertyOptional({ description: 'Classification ID to filter by' }) + @IsOptional() + @IsNumber() + classifyId?: number; + + @ApiPropertyOptional({ description: 'Folder ID to filter by' }) + @IsOptional() + @IsNumber() + folderId?: number; + + @ApiPropertyOptional({ description: 'Date from filter (YYYY-MM-DD)' }) + @IsOptional() + @IsDateString() + dateFrom?: string; + + @ApiPropertyOptional({ description: 'Date to filter (YYYY-MM-DD)' }) + @IsOptional() + @IsDateString() + dateTo?: string; + + @ApiPropertyOptional({ description: 'File extension filter (e.g., pdf, docx)' }) + @IsOptional() + @IsString() + fileExtension?: string; + + @ApiPropertyOptional({ description: 'Attribute filters', type: 'object' }) + @IsOptional() + attributes?: Record; + + @ApiPropertyOptional({ description: 'Search operator for multiple criteria', enum: SearchOperator }) + @IsOptional() + @IsEnum(SearchOperator) + operator?: SearchOperator; + + @ApiPropertyOptional({ description: 'Sort field', default: 'modifiedAt' }) + @IsOptional() + @IsString() + sortBy?: string; + + @ApiPropertyOptional({ description: 'Sort order', enum: SortOrder, default: SortOrder.DESC }) + @IsOptional() + @IsEnum(SortOrder) + sortOrder?: SortOrder; + + @ApiPropertyOptional({ description: 'Page number', default: 1 }) + @IsOptional() + @IsNumber() + page?: number; + + @ApiPropertyOptional({ description: 'Items per page', default: 50 }) + @IsOptional() + @IsNumber() + pageSize?: number; +} + +export class UploadDocumentDto { + @ApiProperty({ description: 'Document title' }) + @IsString() + title: string; + + @ApiProperty({ description: 'Classification ID' }) + @IsNumber() + classifyId: number; + + @ApiPropertyOptional({ description: 'Folder ID (optional)' }) + @IsOptional() + @IsNumber() + folderId?: number; + + @ApiPropertyOptional({ description: 'Document attributes', type: 'object' }) + @IsOptional() + attributes?: Record; + + @ApiPropertyOptional({ description: 'Custom file name (without extension)' }) + @IsOptional() + @IsString() + fileName?: string; + + @ApiPropertyOptional({ description: 'Document date (YYYY-MM-DD)' }) + @IsOptional() + @IsDateString() + documentDate?: string; + + @ApiPropertyOptional({ description: 'Enable OCR processing', default: true }) + @IsOptional() + @IsBoolean() + enableOcr?: boolean; +} + +export class UpdateDocumentDto { + @ApiPropertyOptional({ description: 'Document title' }) + @IsOptional() + @IsString() + title?: string; + + @ApiPropertyOptional({ description: 'Classification ID' }) + @IsOptional() + @IsNumber() + classifyId?: number; + + @ApiPropertyOptional({ description: 'Folder ID' }) + @IsOptional() + @IsNumber() + folderId?: number; + + @ApiPropertyOptional({ description: 'Document attributes', type: 'object' }) + @IsOptional() + attributes?: Record; +} + +export class CreateFolderDto { + @ApiProperty({ description: 'Folder name' }) + @IsString() + name: string; + + @ApiPropertyOptional({ description: 'Parent folder ID (null for root)' }) + @IsOptional() + @IsNumber() + parentId?: number; +} + +export class ListDocumentsDto { + @ApiPropertyOptional({ description: 'Folder ID to list documents from' }) + @IsOptional() + @IsNumber() + folderId?: number; + + @ApiPropertyOptional({ description: 'Classification ID to filter by' }) + @IsOptional() + @IsNumber() + classifyId?: number; + + @ApiPropertyOptional({ description: 'Include documents from subfolders', default: false }) + @IsOptional() + @IsBoolean() + recursive?: boolean; + + @ApiPropertyOptional({ description: 'Sort field', default: 'modifiedAt' }) + @IsOptional() + @IsString() + sortBy?: string; + + @ApiPropertyOptional({ description: 'Sort order', enum: SortOrder }) + @IsOptional() + @IsEnum(SortOrder) + sortOrder?: SortOrder; + + @ApiPropertyOptional({ description: 'Page number', default: 1 }) + @IsOptional() + @IsNumber() + page?: number; + + @ApiPropertyOptional({ description: 'Items per page', default: 50 }) + @IsOptional() + @IsNumber() + pageSize?: number; +} + +// ============ Response DTOs ============ + +export class DocumentResponseDto { + @ApiProperty() + id: number; + + @ApiProperty() + docId: string; + + @ApiProperty() + version: number; + + @ApiProperty() + title: string; + + @ApiProperty() + fileName: string; + + @ApiProperty() + fileExtension: string; + + @ApiProperty() + fileSize: number; + + @ApiProperty() + mimeType: string; + + @ApiProperty() + createdAt: string; + + @ApiProperty() + modifiedAt: string; + + @ApiProperty() + classifyId: number; + + @ApiProperty() + classifyName: string; + + @ApiPropertyOptional() + folderId?: number; + + @ApiPropertyOptional() + folderPath?: string; + + @ApiProperty() + pageCount: number; + + @ApiPropertyOptional({ type: [Object] }) + attributes?: EcoDmsAttribute[]; +} + +export class FolderResponseDto { + @ApiProperty() + id: number; + + @ApiProperty() + name: string; + + @ApiPropertyOptional() + parentId?: number; + + @ApiProperty() + path: string; + + @ApiProperty() + documentCount: number; + + @ApiPropertyOptional({ type: [FolderResponseDto] }) + children?: FolderResponseDto[]; +} + +export class ClassificationResponseDto { + @ApiProperty() + id: number; + + @ApiProperty() + name: string; + + @ApiPropertyOptional() + description?: string; + + @ApiPropertyOptional() + parentId?: number; + + @ApiProperty() + isActive: boolean; + + @ApiPropertyOptional({ type: [Object] }) + attributes?: EcoDmsClassificationAttribute[]; +} + +export class SearchResultResponseDto { + @ApiProperty({ type: [DocumentResponseDto] }) + documents: DocumentResponseDto[]; + + @ApiProperty() + totalCount: number; + + @ApiProperty() + page: number; + + @ApiProperty() + pageSize: number; + + @ApiProperty() + totalPages: number; + + @ApiProperty() + searchTime: number; +} diff --git a/apps/api/src/modules/integrations/connectors/ecodms/index.ts b/apps/api/src/modules/integrations/connectors/ecodms/index.ts new file mode 100644 index 0000000..e0d97f2 --- /dev/null +++ b/apps/api/src/modules/integrations/connectors/ecodms/index.ts @@ -0,0 +1,4 @@ +export * from './ecodms.module'; +export * from './ecodms.connector'; +export * from './ecodms.service'; +export * from './ecodms.types'; diff --git a/apps/api/src/modules/integrations/connectors/freescout/freescout.connector.ts b/apps/api/src/modules/integrations/connectors/freescout/freescout.connector.ts new file mode 100644 index 0000000..bdf0cd3 --- /dev/null +++ b/apps/api/src/modules/integrations/connectors/freescout/freescout.connector.ts @@ -0,0 +1,623 @@ +import { Injectable, Logger } from '@nestjs/common'; +import { ConfigService } from '@nestjs/config'; +import axios, { AxiosInstance, AxiosError } from 'axios'; +import { + IntegrationConnectionError, + IntegrationAuthError, + IntegrationRateLimitError, + IntegrationApiError, + IntegrationConfigError, +} from '../../errors'; + +/** + * Health status of a connector + */ +export interface ConnectorHealth { + status: 'connected' | 'error' | 'not_configured'; + lastCheck: Date; + latency?: number; + error?: string; + details?: Record; +} + +/** + * Retry configuration + */ +interface RetryConfig { + maxRetries: number; + baseDelayMs: number; + maxDelayMs: number; + jitterFactor: number; +} + +const DEFAULT_RETRY_CONFIG: RetryConfig = { + maxRetries: 3, + baseDelayMs: 1000, + maxDelayMs: 30000, + jitterFactor: 0.1, +}; + +const DEFAULT_TIMEOUT_MS = 30000; +import { + FreeScoutConversation, + FreeScoutCustomer, + FreeScoutMailbox, + FreeScoutTag, + FreeScoutListResponse, + ListConversationsDto, + CreateConversationDto, + ReplyToConversationDto, + CreateCustomerDto, + ListCustomersDto, + ConversationType, + ThreadType, +} from './freescout.types'; + +/** + * FreeScout API Connector + * + * Provides integration with FreeScout helpdesk system. + * Features: + * - API Key authentication + * - Conversations/Tickets management + * - Mailboxes API + * - Customers API + * - Tags API + * + * API Documentation: https://github.com/freescout-helpdesk/freescout/wiki/API + */ +@Injectable() +export class FreeScoutConnector { + private readonly logger = new Logger(FreeScoutConnector.name); + private readonly integrationName = 'FreeScout'; + private readonly httpClient: AxiosInstance; + private readonly retryConfig: RetryConfig; + private isConfigured: boolean = false; + + private readonly baseUrl: string; + private readonly apiKey: string; + + constructor(private readonly configService: ConfigService) { + this.retryConfig = { ...DEFAULT_RETRY_CONFIG }; + + // Load configuration from environment + this.baseUrl = this.configService.get('FREESCOUT_API_URL', ''); + this.apiKey = this.configService.get('FREESCOUT_API_KEY', ''); + + // Validate configuration + this.validateConfiguration(); + + // Initialize HTTP client + this.httpClient = axios.create({ + baseURL: this.baseUrl ? `${this.baseUrl}/api` : undefined, + timeout: DEFAULT_TIMEOUT_MS, + headers: { + 'Content-Type': 'application/json', + 'Accept': 'application/json', + 'X-FreeScout-API-Key': this.apiKey, + }, + }); + + this.setupInterceptors(); + + if (this.isConfigured) { + this.logger.log(`FreeScout connector initialized with base URL: ${this.baseUrl}`); + } else { + this.logger.warn('FreeScout connector not configured - missing API URL or API Key'); + } + } + + /** + * Validate required configuration + */ + private validateConfiguration(): void { + const missing: string[] = []; + + if (!this.baseUrl) { + missing.push('FREESCOUT_API_URL'); + } + if (!this.apiKey) { + missing.push('FREESCOUT_API_KEY'); + } + + this.isConfigured = missing.length === 0; + + if (!this.isConfigured) { + this.logger.warn(`FreeScout configuration incomplete. Missing: ${missing.join(', ')}`); + } + } + + /** + * Setup axios interceptors for logging + */ + private setupInterceptors(): void { + this.httpClient.interceptors.request.use( + (config) => { + this.logger.debug(`[${this.integrationName}] Request: ${config.method?.toUpperCase()} ${config.url}`); + return config; + }, + (error) => { + this.logger.error(`[${this.integrationName}] Request error: ${error.message}`); + return Promise.reject(error); + }, + ); + + this.httpClient.interceptors.response.use( + (response) => { + this.logger.debug(`[${this.integrationName}] Response: ${response.status} ${response.config.url}`); + return response; + }, + (error) => { + if (error.response) { + this.logger.warn( + `[${this.integrationName}] Response error: ${error.response.status} ${error.config?.url}`, + ); + } + return Promise.reject(error); + }, + ); + } + + /** + * Ensure the connector is configured before making API calls + */ + private ensureConfigured(): void { + if (!this.isConfigured) { + throw new IntegrationConfigError(this.integrationName, ['FREESCOUT_API_URL', 'FREESCOUT_API_KEY']); + } + } + + /** + * Execute request with retry logic + */ + private async executeWithRetry( + requestFn: () => Promise, + operation: string, + ): Promise { + let lastError: Error | undefined; + let attempt = 0; + + while (attempt <= this.retryConfig.maxRetries) { + try { + return await requestFn(); + } catch (error) { + lastError = error as Error; + attempt++; + + const shouldRetry = this.shouldRetry(error as AxiosError, attempt); + if (!shouldRetry) { + break; + } + + const delay = this.calculateDelay(attempt); + this.logger.warn( + `[${this.integrationName}] ${operation} failed (attempt ${attempt}/${this.retryConfig.maxRetries}), retrying in ${delay}ms`, + ); + + await this.sleep(delay); + } + } + + throw this.mapError(lastError as AxiosError, operation); + } + + /** + * Determine if request should be retried + */ + private shouldRetry(error: AxiosError, attempt: number): boolean { + if (attempt > this.retryConfig.maxRetries) { + return false; + } + + if (!error.response) { + return true; // Network errors are retryable + } + + const status = error.response.status; + return status >= 500 || status === 429; + } + + /** + * Calculate delay with exponential backoff and jitter + */ + private calculateDelay(attempt: number): number { + const delay = Math.min( + this.retryConfig.baseDelayMs * Math.pow(2, attempt - 1), + this.retryConfig.maxDelayMs, + ); + const jitter = delay * this.retryConfig.jitterFactor * Math.random(); + return Math.floor(delay + jitter); + } + + /** + * Map axios errors to integration errors + */ + private mapError(error: AxiosError, operation: string): Error { + if (!error.response) { + if (error.code === 'ECONNABORTED' || error.message.includes('timeout')) { + return new IntegrationConnectionError( + this.integrationName, + `Request timeout during ${operation}`, + error, + ); + } + return new IntegrationConnectionError( + this.integrationName, + `Connection failed during ${operation}: ${error.message}`, + error, + ); + } + + const status = error.response.status; + const responseData = error.response.data as Record; + const message = (responseData?.message as string) || (responseData?.error as string) || error.message; + + switch (status) { + case 401: + return new IntegrationAuthError( + this.integrationName, + `Authentication failed: Invalid API key`, + error, + ); + case 403: + return new IntegrationAuthError( + this.integrationName, + `Access forbidden: ${message}`, + error, + ); + case 429: + const retryAfter = parseInt(error.response.headers['retry-after'] || '60', 10); + return new IntegrationRateLimitError( + this.integrationName, + `Rate limit exceeded`, + retryAfter, + error, + ); + default: + return new IntegrationApiError( + this.integrationName, + `${operation} failed: ${message}`, + status, + responseData?.code as string, + error, + ); + } + } + + /** + * Sleep helper + */ + private sleep(ms: number): Promise { + return new Promise((resolve) => setTimeout(resolve, ms)); + } + + // ============ Health & Connection ============ + + /** + * Check connector health + */ + async checkHealth(): Promise { + if (!this.isConfigured) { + return { + status: 'not_configured', + lastCheck: new Date(), + error: 'FreeScout connector is not configured', + }; + } + + const startTime = Date.now(); + try { + await this.httpClient.get('/mailboxes', { params: { page: 1, pageSize: 1 } }); + return { + status: 'connected', + lastCheck: new Date(), + latency: Date.now() - startTime, + }; + } catch (error) { + return { + status: 'error', + lastCheck: new Date(), + latency: Date.now() - startTime, + error: (error as Error).message, + }; + } + } + + /** + * Test connection to FreeScout API + */ + async testConnection(): Promise<{ success: boolean; message: string; latency?: number }> { + this.ensureConfigured(); + + const startTime = Date.now(); + try { + const response = await this.httpClient.get('/mailboxes', { params: { page: 1 } }); + const latency = Date.now() - startTime; + + const mailboxCount = response.data?._embedded?.mailboxes?.length || 0; + + return { + success: true, + message: `Successfully connected to FreeScout. Found ${mailboxCount} mailbox(es).`, + latency, + }; + } catch (error) { + const latency = Date.now() - startTime; + throw this.mapError(error as AxiosError, 'testConnection'); + } + } + + /** + * Check if connector is configured + */ + getIsConfigured(): boolean { + return this.isConfigured; + } + + // ============ Conversations API ============ + + /** + * List conversations with optional filters + */ + async listConversations(params: ListConversationsDto = {}): Promise<{ + conversations: FreeScoutConversation[]; + pagination: { page: number; pageSize: number; total: number; totalPages: number }; + }> { + this.ensureConfigured(); + + return this.executeWithRetry(async () => { + const queryParams: Record = { + page: params.page || 1, + }; + + if (params.mailboxId) { + queryParams.mailbox = params.mailboxId; + } + if (params.status) { + queryParams.status = params.status; + } + if (params.assignedTo) { + queryParams.assignedTo = params.assignedTo; + } + if (params.tag) { + queryParams.tag = params.tag; + } + + const response = await this.httpClient.get>( + '/conversations', + { params: queryParams }, + ); + + const conversations = response.data._embedded?.conversations || []; + const page = response.data.page; + + return { + conversations, + pagination: { + page: page.current_page, + pageSize: page.per_page, + total: page.total, + totalPages: page.last_page, + }, + }; + }, 'listConversations'); + } + + /** + * Get a single conversation by ID + */ + async getConversation(id: number): Promise { + this.ensureConfigured(); + + return this.executeWithRetry(async () => { + const response = await this.httpClient.get(`/conversations/${id}`); + return response.data; + }, 'getConversation'); + } + + /** + * Create a new conversation + */ + async createConversation(data: CreateConversationDto): Promise { + this.ensureConfigured(); + + return this.executeWithRetry(async () => { + const payload = { + type: data.type, + subject: data.subject, + mailboxId: data.mailboxId, + customer: { + email: data.customerEmail, + firstName: data.customerFirstName, + lastName: data.customerLastName, + }, + threads: [ + { + type: ThreadType.CUSTOMER, + body: data.body, + }, + ], + status: data.status || 'active', + tags: data.tags, + assignTo: data.assignTo, + }; + + const response = await this.httpClient.post('/conversations', payload); + return response.data; + }, 'createConversation'); + } + + /** + * Reply to an existing conversation + */ + async replyToConversation( + conversationId: number, + data: ReplyToConversationDto, + ): Promise { + this.ensureConfigured(); + + return this.executeWithRetry(async () => { + const payload = { + type: data.type || ThreadType.MESSAGE, + body: data.body, + user: data.userId, + status: data.status, + draft: data.draft || false, + cc: data.cc, + bcc: data.bcc, + }; + + const response = await this.httpClient.post( + `/conversations/${conversationId}/threads`, + payload, + ); + return response.data; + }, 'replyToConversation'); + } + + /** + * Update conversation status + */ + async updateConversationStatus( + conversationId: number, + status: string, + ): Promise { + this.ensureConfigured(); + + return this.executeWithRetry(async () => { + const response = await this.httpClient.put( + `/conversations/${conversationId}`, + { status }, + ); + return response.data; + }, 'updateConversationStatus'); + } + + // ============ Mailboxes API ============ + + /** + * List all mailboxes + */ + async listMailboxes(): Promise { + this.ensureConfigured(); + + return this.executeWithRetry(async () => { + const response = await this.httpClient.get>('/mailboxes'); + return response.data._embedded?.mailboxes || []; + }, 'listMailboxes'); + } + + /** + * Get a single mailbox by ID + */ + async getMailbox(id: number): Promise { + this.ensureConfigured(); + + return this.executeWithRetry(async () => { + const response = await this.httpClient.get(`/mailboxes/${id}`); + return response.data; + }, 'getMailbox'); + } + + // ============ Customers API ============ + + /** + * List customers with optional filters + */ + async listCustomers(params: ListCustomersDto = {}): Promise<{ + customers: FreeScoutCustomer[]; + pagination: { page: number; pageSize: number; total: number; totalPages: number }; + }> { + this.ensureConfigured(); + + return this.executeWithRetry(async () => { + const queryParams: Record = { + page: params.page || 1, + }; + + if (params.email) { + queryParams.email = params.email; + } + if (params.query) { + queryParams.query = params.query; + } + + const response = await this.httpClient.get>( + '/customers', + { params: queryParams }, + ); + + const customers = response.data._embedded?.customers || []; + const page = response.data.page; + + return { + customers, + pagination: { + page: page.current_page, + pageSize: page.per_page, + total: page.total, + totalPages: page.last_page, + }, + }; + }, 'listCustomers'); + } + + /** + * Get a single customer by ID + */ + async getCustomer(id: number): Promise { + this.ensureConfigured(); + + return this.executeWithRetry(async () => { + const response = await this.httpClient.get(`/customers/${id}`); + return response.data; + }, 'getCustomer'); + } + + /** + * Create a new customer + */ + async createCustomer(data: CreateCustomerDto): Promise { + this.ensureConfigured(); + + return this.executeWithRetry(async () => { + const response = await this.httpClient.post('/customers', data); + return response.data; + }, 'createCustomer'); + } + + /** + * Find customer by email + */ + async findCustomerByEmail(email: string): Promise { + this.ensureConfigured(); + + const result = await this.listCustomers({ email }); + return result.customers[0] || null; + } + + // ============ Tags API ============ + + /** + * List all tags + */ + async listTags(): Promise { + this.ensureConfigured(); + + return this.executeWithRetry(async () => { + const response = await this.httpClient.get>('/tags'); + return response.data._embedded?.tags || []; + }, 'listTags'); + } + + /** + * Add tags to a conversation + */ + async addTagsToConversation(conversationId: number, tags: string[]): Promise { + this.ensureConfigured(); + + return this.executeWithRetry(async () => { + await this.httpClient.put(`/conversations/${conversationId}`, { tags }); + }, 'addTagsToConversation'); + } +} diff --git a/apps/api/src/modules/integrations/connectors/freescout/freescout.controller.ts b/apps/api/src/modules/integrations/connectors/freescout/freescout.controller.ts new file mode 100644 index 0000000..970452f --- /dev/null +++ b/apps/api/src/modules/integrations/connectors/freescout/freescout.controller.ts @@ -0,0 +1,321 @@ +import { + Controller, + Get, + Post, + Body, + Param, + Query, + ParseIntPipe, + HttpCode, + HttpStatus, +} from '@nestjs/common'; +import { + ApiTags, + ApiOperation, + ApiResponse, + ApiBearerAuth, + ApiParam, + ApiQuery, +} from '@nestjs/swagger'; +import { FreeScoutService } from './freescout.service'; +import { + ListConversationsDto, + CreateConversationDto, + ReplyToConversationDto, + CreateCustomerDto, + ListCustomersDto, + ConversationResponseDto, + MailboxResponseDto, + CustomerResponseDto, + TagResponseDto, +} from './freescout.types'; +import { RequirePermissions } from '../../../../auth/permissions/permissions.decorator'; +import { Permission } from '../../../../auth/permissions/permissions.enum'; + +/** + * FreeScout Integration Controller + * + * REST API endpoints for FreeScout helpdesk integration. + */ +@ApiTags('Integrations - FreeScout') +@ApiBearerAuth() +@Controller('integrations/freescout') +export class FreeScoutController { + constructor(private readonly freeScoutService: FreeScoutService) {} + + // ============ Health & Status ============ + + @Post('test') + @HttpCode(HttpStatus.OK) + @ApiOperation({ summary: 'Test FreeScout connection' }) + @ApiResponse({ + status: 200, + description: 'Connection test result', + schema: { + type: 'object', + properties: { + success: { type: 'boolean' }, + message: { type: 'string' }, + latency: { type: 'number' }, + }, + }, + }) + @ApiResponse({ status: 401, description: 'Authentication failed' }) + @ApiResponse({ status: 503, description: 'Service unavailable' }) + @RequirePermissions(Permission.INTEGRATIONS_MANAGE) + async testConnection() { + return this.freeScoutService.testConnection(); + } + + @Get('health') + @ApiOperation({ summary: 'Get FreeScout connector health status' }) + @ApiResponse({ + status: 200, + description: 'Health status', + schema: { + type: 'object', + properties: { + status: { type: 'string', enum: ['connected', 'error', 'not_configured'] }, + lastCheck: { type: 'string', format: 'date-time' }, + latency: { type: 'number' }, + error: { type: 'string' }, + }, + }, + }) + @RequirePermissions(Permission.INTEGRATIONS_VIEW) + async getHealth() { + return this.freeScoutService.checkHealth(); + } + + // ============ Conversations ============ + + @Get('conversations') + @ApiOperation({ summary: 'List conversations' }) + @ApiQuery({ name: 'mailboxId', required: false, type: Number }) + @ApiQuery({ name: 'status', required: false, enum: ['active', 'pending', 'closed', 'spam'] }) + @ApiQuery({ name: 'assignedTo', required: false, type: Number }) + @ApiQuery({ name: 'tag', required: false, type: String }) + @ApiQuery({ name: 'page', required: false, type: Number }) + @ApiQuery({ name: 'pageSize', required: false, type: Number }) + @ApiResponse({ + status: 200, + description: 'List of conversations', + schema: { + type: 'object', + properties: { + conversations: { type: 'array', items: { $ref: '#/components/schemas/ConversationResponseDto' } }, + pagination: { + type: 'object', + properties: { + page: { type: 'number' }, + pageSize: { type: 'number' }, + total: { type: 'number' }, + totalPages: { type: 'number' }, + }, + }, + }, + }, + }) + @RequirePermissions(Permission.INTEGRATIONS_VIEW) + async listConversations(@Query() query: ListConversationsDto) { + return this.freeScoutService.listConversations(query); + } + + @Get('conversations/:id') + @ApiOperation({ summary: 'Get a conversation by ID' }) + @ApiParam({ name: 'id', type: Number }) + @ApiResponse({ status: 200, description: 'Conversation details', type: ConversationResponseDto }) + @ApiResponse({ status: 404, description: 'Conversation not found' }) + @RequirePermissions(Permission.INTEGRATIONS_VIEW) + async getConversation(@Param('id', ParseIntPipe) id: number) { + return this.freeScoutService.getConversation(id); + } + + @Post('conversations') + @HttpCode(HttpStatus.CREATED) + @ApiOperation({ summary: 'Create a new conversation' }) + @ApiResponse({ status: 201, description: 'Conversation created', type: ConversationResponseDto }) + @ApiResponse({ status: 400, description: 'Invalid input' }) + @RequirePermissions(Permission.INTEGRATIONS_MANAGE) + async createConversation(@Body() data: CreateConversationDto) { + return this.freeScoutService.createConversation(data); + } + + @Post('conversations/:id/reply') + @HttpCode(HttpStatus.OK) + @ApiOperation({ summary: 'Reply to a conversation' }) + @ApiParam({ name: 'id', type: Number }) + @ApiResponse({ status: 200, description: 'Reply added', type: ConversationResponseDto }) + @ApiResponse({ status: 404, description: 'Conversation not found' }) + @RequirePermissions(Permission.INTEGRATIONS_MANAGE) + async replyToConversation( + @Param('id', ParseIntPipe) id: number, + @Body() data: ReplyToConversationDto, + ) { + return this.freeScoutService.replyToConversation(id, data); + } + + @Post('conversations/:id/close') + @HttpCode(HttpStatus.OK) + @ApiOperation({ summary: 'Close a conversation' }) + @ApiParam({ name: 'id', type: Number }) + @ApiResponse({ status: 200, description: 'Conversation closed', type: ConversationResponseDto }) + @ApiResponse({ status: 404, description: 'Conversation not found' }) + @RequirePermissions(Permission.INTEGRATIONS_MANAGE) + async closeConversation(@Param('id', ParseIntPipe) id: number) { + return this.freeScoutService.closeConversation(id); + } + + @Post('conversations/:id/reopen') + @HttpCode(HttpStatus.OK) + @ApiOperation({ summary: 'Reopen a conversation' }) + @ApiParam({ name: 'id', type: Number }) + @ApiResponse({ status: 200, description: 'Conversation reopened', type: ConversationResponseDto }) + @ApiResponse({ status: 404, description: 'Conversation not found' }) + @RequirePermissions(Permission.INTEGRATIONS_MANAGE) + async reopenConversation(@Param('id', ParseIntPipe) id: number) { + return this.freeScoutService.reopenConversation(id); + } + + // ============ Mailboxes ============ + + @Get('mailboxes') + @ApiOperation({ summary: 'List all mailboxes' }) + @ApiResponse({ + status: 200, + description: 'List of mailboxes', + type: [MailboxResponseDto], + }) + @RequirePermissions(Permission.INTEGRATIONS_VIEW) + async listMailboxes() { + return this.freeScoutService.listMailboxes(); + } + + @Get('mailboxes/:id') + @ApiOperation({ summary: 'Get a mailbox by ID' }) + @ApiParam({ name: 'id', type: Number }) + @ApiResponse({ status: 200, description: 'Mailbox details', type: MailboxResponseDto }) + @ApiResponse({ status: 404, description: 'Mailbox not found' }) + @RequirePermissions(Permission.INTEGRATIONS_VIEW) + async getMailbox(@Param('id', ParseIntPipe) id: number) { + return this.freeScoutService.getMailbox(id); + } + + // ============ Customers ============ + + @Get('customers') + @ApiOperation({ summary: 'List customers' }) + @ApiQuery({ name: 'email', required: false, type: String }) + @ApiQuery({ name: 'query', required: false, type: String }) + @ApiQuery({ name: 'page', required: false, type: Number }) + @ApiQuery({ name: 'pageSize', required: false, type: Number }) + @ApiResponse({ + status: 200, + description: 'List of customers', + schema: { + type: 'object', + properties: { + customers: { type: 'array', items: { $ref: '#/components/schemas/CustomerResponseDto' } }, + pagination: { + type: 'object', + properties: { + page: { type: 'number' }, + pageSize: { type: 'number' }, + total: { type: 'number' }, + totalPages: { type: 'number' }, + }, + }, + }, + }, + }) + @RequirePermissions(Permission.INTEGRATIONS_VIEW) + async listCustomers(@Query() query: ListCustomersDto) { + return this.freeScoutService.listCustomers(query); + } + + @Get('customers/:id') + @ApiOperation({ summary: 'Get a customer by ID' }) + @ApiParam({ name: 'id', type: Number }) + @ApiResponse({ status: 200, description: 'Customer details', type: CustomerResponseDto }) + @ApiResponse({ status: 404, description: 'Customer not found' }) + @RequirePermissions(Permission.INTEGRATIONS_VIEW) + async getCustomer(@Param('id', ParseIntPipe) id: number) { + return this.freeScoutService.getCustomer(id); + } + + @Post('customers') + @HttpCode(HttpStatus.CREATED) + @ApiOperation({ summary: 'Create a new customer' }) + @ApiResponse({ status: 201, description: 'Customer created', type: CustomerResponseDto }) + @ApiResponse({ status: 400, description: 'Invalid input' }) + @RequirePermissions(Permission.INTEGRATIONS_MANAGE) + async createCustomer(@Body() data: CreateCustomerDto) { + return this.freeScoutService.createCustomer(data); + } + + // ============ Tickets (Facade over Conversations for Frontend) ============ + + @Get('tickets') + @ApiOperation({ summary: 'List tickets (conversations)' }) + @ApiQuery({ name: 'status', required: false, enum: ['active', 'pending', 'closed', 'spam'] }) + @ApiQuery({ name: 'page', required: false, type: Number }) + @ApiQuery({ name: 'pageSize', required: false, type: Number }) + @ApiResponse({ status: 200, description: 'List of tickets' }) + @RequirePermissions(Permission.INTEGRATIONS_VIEW) + async listTickets(@Query() query: ListConversationsDto) { + return this.freeScoutService.listConversations(query); + } + + @Get('tickets/:id') + @ApiOperation({ summary: 'Get a ticket by ID' }) + @ApiParam({ name: 'id', type: Number }) + @ApiResponse({ status: 200, description: 'Ticket details' }) + @ApiResponse({ status: 404, description: 'Ticket not found' }) + @RequirePermissions(Permission.INTEGRATIONS_VIEW) + async getTicket(@Param('id', ParseIntPipe) id: number) { + return this.freeScoutService.getConversation(id); + } + + @Post('tickets/:id/status') + @HttpCode(HttpStatus.OK) + @ApiOperation({ summary: 'Update ticket status' }) + @ApiParam({ name: 'id', type: Number }) + @ApiResponse({ status: 200, description: 'Status updated' }) + @RequirePermissions(Permission.INTEGRATIONS_MANAGE) + async updateTicketStatus( + @Param('id', ParseIntPipe) id: number, + @Body('status') status: string, + ) { + if (status === 'closed' || status === 'resolved') { + return this.freeScoutService.closeConversation(id); + } + if (status === 'open') { + return this.freeScoutService.reopenConversation(id); + } + return { success: true, message: `Status update to ${status} acknowledged` }; + } + + // ============ Tags ============ + + @Get('tags') + @ApiOperation({ summary: 'List all tags' }) + @ApiResponse({ status: 200, description: 'List of tags', type: [TagResponseDto] }) + @RequirePermissions(Permission.INTEGRATIONS_VIEW) + async listTags() { + return this.freeScoutService.listTags(); + } + + @Post('conversations/:id/tags') + @HttpCode(HttpStatus.OK) + @ApiOperation({ summary: 'Add tags to a conversation' }) + @ApiParam({ name: 'id', type: Number }) + @ApiResponse({ status: 200, description: 'Tags added' }) + @RequirePermissions(Permission.INTEGRATIONS_MANAGE) + async addTagsToConversation( + @Param('id', ParseIntPipe) id: number, + @Body() body: { tags: string[] }, + ) { + await this.freeScoutService.addTagsToConversation(id, body.tags); + return { success: true, message: 'Tags added successfully' }; + } +} diff --git a/apps/api/src/modules/integrations/connectors/freescout/freescout.module.ts b/apps/api/src/modules/integrations/connectors/freescout/freescout.module.ts new file mode 100644 index 0000000..fb796b4 --- /dev/null +++ b/apps/api/src/modules/integrations/connectors/freescout/freescout.module.ts @@ -0,0 +1,22 @@ +import { Module } from '@nestjs/common'; +import { ConfigModule } from '@nestjs/config'; +import { FreeScoutConnector } from './freescout.connector'; +import { FreeScoutService } from './freescout.service'; +import { FreeScoutController } from './freescout.controller'; + +/** + * FreeScout Integration Module + * + * Provides integration with FreeScout helpdesk system. + * + * Required environment variables: + * - FREESCOUT_API_URL: Base URL of FreeScout instance (e.g., https://support.example.com) + * - FREESCOUT_API_KEY: API key for authentication + */ +@Module({ + imports: [ConfigModule], + controllers: [FreeScoutController], + providers: [FreeScoutConnector, FreeScoutService], + exports: [FreeScoutService, FreeScoutConnector], +}) +export class FreeScoutModule {} diff --git a/apps/api/src/modules/integrations/connectors/freescout/freescout.service.ts b/apps/api/src/modules/integrations/connectors/freescout/freescout.service.ts new file mode 100644 index 0000000..e77b1df --- /dev/null +++ b/apps/api/src/modules/integrations/connectors/freescout/freescout.service.ts @@ -0,0 +1,211 @@ +import { Injectable, Logger } from '@nestjs/common'; +import { FreeScoutConnector, ConnectorHealth } from './freescout.connector'; +import { + ListConversationsDto, + CreateConversationDto, + ReplyToConversationDto, + CreateCustomerDto, + ListCustomersDto, + FreeScoutConversation, + FreeScoutCustomer, + FreeScoutMailbox, + FreeScoutTag, +} from './freescout.types'; + +/** + * FreeScout Service + * + * High-level service for interacting with FreeScout helpdesk. + * Wraps the connector with additional business logic and logging. + */ +@Injectable() +export class FreeScoutService { + private readonly logger = new Logger(FreeScoutService.name); + + constructor(private readonly connector: FreeScoutConnector) {} + + // ============ Health & Status ============ + + /** + * Check health status of the FreeScout integration + */ + async checkHealth(): Promise { + this.logger.debug('Checking FreeScout connector health'); + return this.connector.checkHealth(); + } + + /** + * Test connection to FreeScout + */ + async testConnection(): Promise<{ success: boolean; message: string; latency?: number }> { + this.logger.log('Testing FreeScout connection'); + const result = await this.connector.testConnection(); + this.logger.log(`FreeScout connection test: ${result.success ? 'SUCCESS' : 'FAILED'} - ${result.message}`); + return result; + } + + /** + * Check if connector is configured + */ + isConfigured(): boolean { + return this.connector.getIsConfigured(); + } + + // ============ Conversations ============ + + /** + * List conversations with optional filters + */ + async listConversations(params: ListConversationsDto = {}): Promise<{ + conversations: FreeScoutConversation[]; + pagination: { page: number; pageSize: number; total: number; totalPages: number }; + }> { + this.logger.debug(`Listing conversations with params: ${JSON.stringify(params)}`); + const result = await this.connector.listConversations(params); + this.logger.debug(`Found ${result.conversations.length} conversations`); + return result; + } + + /** + * Get a single conversation by ID + */ + async getConversation(id: number): Promise { + this.logger.debug(`Getting conversation: ${id}`); + return this.connector.getConversation(id); + } + + /** + * Create a new conversation (ticket) + */ + async createConversation(data: CreateConversationDto): Promise { + this.logger.log(`Creating new conversation: ${data.subject} for ${data.customerEmail}`); + const conversation = await this.connector.createConversation(data); + this.logger.log(`Created conversation #${conversation.number} (ID: ${conversation.id})`); + return conversation; + } + + /** + * Reply to an existing conversation + */ + async replyToConversation( + conversationId: number, + data: ReplyToConversationDto, + ): Promise { + this.logger.log(`Replying to conversation: ${conversationId}`); + const conversation = await this.connector.replyToConversation(conversationId, data); + this.logger.log(`Added reply to conversation #${conversation.number}`); + return conversation; + } + + /** + * Close a conversation + */ + async closeConversation(conversationId: number): Promise { + this.logger.log(`Closing conversation: ${conversationId}`); + const conversation = await this.connector.updateConversationStatus(conversationId, 'closed'); + this.logger.log(`Closed conversation #${conversation.number}`); + return conversation; + } + + /** + * Reopen a conversation + */ + async reopenConversation(conversationId: number): Promise { + this.logger.log(`Reopening conversation: ${conversationId}`); + const conversation = await this.connector.updateConversationStatus(conversationId, 'active'); + this.logger.log(`Reopened conversation #${conversation.number}`); + return conversation; + } + + // ============ Mailboxes ============ + + /** + * List all mailboxes + */ + async listMailboxes(): Promise { + this.logger.debug('Listing mailboxes'); + const mailboxes = await this.connector.listMailboxes(); + this.logger.debug(`Found ${mailboxes.length} mailboxes`); + return mailboxes; + } + + /** + * Get a single mailbox by ID + */ + async getMailbox(id: number): Promise { + this.logger.debug(`Getting mailbox: ${id}`); + return this.connector.getMailbox(id); + } + + // ============ Customers ============ + + /** + * List customers with optional filters + */ + async listCustomers(params: ListCustomersDto = {}): Promise<{ + customers: FreeScoutCustomer[]; + pagination: { page: number; pageSize: number; total: number; totalPages: number }; + }> { + this.logger.debug(`Listing customers with params: ${JSON.stringify(params)}`); + const result = await this.connector.listCustomers(params); + this.logger.debug(`Found ${result.customers.length} customers`); + return result; + } + + /** + * Get a single customer by ID + */ + async getCustomer(id: number): Promise { + this.logger.debug(`Getting customer: ${id}`); + return this.connector.getCustomer(id); + } + + /** + * Create a new customer + */ + async createCustomer(data: CreateCustomerDto): Promise { + this.logger.log(`Creating customer: ${data.email}`); + const customer = await this.connector.createCustomer(data); + this.logger.log(`Created customer: ${customer.id}`); + return customer; + } + + /** + * Find or create a customer by email + */ + async findOrCreateCustomer(data: CreateCustomerDto): Promise { + this.logger.debug(`Finding or creating customer: ${data.email}`); + + // Try to find existing customer + const existing = await this.connector.findCustomerByEmail(data.email); + if (existing) { + this.logger.debug(`Found existing customer: ${existing.id}`); + return existing; + } + + // Create new customer + this.logger.log(`Customer not found, creating: ${data.email}`); + return this.createCustomer(data); + } + + // ============ Tags ============ + + /** + * List all tags + */ + async listTags(): Promise { + this.logger.debug('Listing tags'); + const tags = await this.connector.listTags(); + this.logger.debug(`Found ${tags.length} tags`); + return tags; + } + + /** + * Add tags to a conversation + */ + async addTagsToConversation(conversationId: number, tags: string[]): Promise { + this.logger.log(`Adding tags to conversation ${conversationId}: ${tags.join(', ')}`); + await this.connector.addTagsToConversation(conversationId, tags); + this.logger.log(`Added ${tags.length} tags to conversation ${conversationId}`); + } +} diff --git a/apps/api/src/modules/integrations/connectors/freescout/freescout.types.ts b/apps/api/src/modules/integrations/connectors/freescout/freescout.types.ts new file mode 100644 index 0000000..a1cd323 --- /dev/null +++ b/apps/api/src/modules/integrations/connectors/freescout/freescout.types.ts @@ -0,0 +1,420 @@ +import { IsString, IsNumber, IsOptional, IsArray, IsEnum, IsBoolean, IsEmail } from 'class-validator'; +import { ApiProperty, ApiPropertyOptional } from '@nestjs/swagger'; + +/** + * FreeScout API Types and DTOs + */ + +// ============ Enums ============ + +export enum ConversationStatus { + ACTIVE = 'active', + PENDING = 'pending', + CLOSED = 'closed', + SPAM = 'spam', +} + +export enum ConversationType { + EMAIL = 'email', + PHONE = 'phone', + CHAT = 'chat', +} + +export enum ThreadType { + CUSTOMER = 'customer', + MESSAGE = 'message', + NOTE = 'note', + LINEITEM = 'lineitem', +} + +export enum ThreadStatus { + ACTIVE = 'active', + CLOSED = 'closed', + NOCHANGE = 'nochange', + PENDING = 'pending', + SPAM = 'spam', +} + +// ============ API Response Types ============ + +export interface FreeScoutMailbox { + id: number; + name: string; + email: string; + isActive: boolean; + createdAt: string; + updatedAt: string; +} + +export interface FreeScoutCustomer { + id: number; + firstName: string; + lastName: string; + email: string; + emails: string[]; + phones: string[]; + company: string | null; + jobTitle: string | null; + photoUrl: string | null; + notes: string | null; + createdAt: string; + updatedAt: string; +} + +export interface FreeScoutUser { + id: number; + firstName: string; + lastName: string; + email: string; + role: string; + photoUrl: string | null; +} + +export interface FreeScoutThread { + id: number; + type: ThreadType; + status: ThreadStatus; + state: string; + body: string; + source: { + type: string; + via: string; + }; + customer: FreeScoutCustomer | null; + user: FreeScoutUser | null; + createdAt: string; + attachments: FreeScoutAttachment[]; +} + +export interface FreeScoutAttachment { + id: number; + fileName: string; + mimeType: string; + size: number; + url: string; +} + +export interface FreeScoutConversation { + id: number; + number: number; + type: ConversationType; + folderId: number; + status: ConversationStatus; + state: string; + subject: string; + preview: string; + mailboxId: number; + assignee: FreeScoutUser | null; + createdBy: FreeScoutUser | null; + createdAt: string; + updatedAt: string; + closedAt: string | null; + closedBy: FreeScoutUser | null; + userUpdatedAt: string | null; + customerWaitingSince: { + time: string; + friendly: string; + } | null; + customer: FreeScoutCustomer; + threads: FreeScoutThread[]; + tags: FreeScoutTag[]; + customFields: Record; +} + +export interface FreeScoutTag { + id: number; + name: string; + color: string | null; +} + +export interface FreeScoutPagination { + current_page: number; + from: number; + last_page: number; + per_page: number; + to: number; + total: number; +} + +export interface FreeScoutListResponse { + _embedded: { + conversations?: T[]; + customers?: T[]; + mailboxes?: T[]; + tags?: T[]; + }; + page: FreeScoutPagination; +} + +// ============ DTOs ============ + +export class ListConversationsDto { + @ApiPropertyOptional({ description: 'Mailbox ID to filter conversations' }) + @IsOptional() + @IsNumber() + mailboxId?: number; + + @ApiPropertyOptional({ description: 'Status filter', enum: ConversationStatus }) + @IsOptional() + @IsEnum(ConversationStatus) + status?: ConversationStatus; + + @ApiPropertyOptional({ description: 'Assigned user ID' }) + @IsOptional() + @IsNumber() + assignedTo?: number; + + @ApiPropertyOptional({ description: 'Tag to filter by' }) + @IsOptional() + @IsString() + tag?: string; + + @ApiPropertyOptional({ description: 'Page number', default: 1 }) + @IsOptional() + @IsNumber() + page?: number; + + @ApiPropertyOptional({ description: 'Items per page', default: 50 }) + @IsOptional() + @IsNumber() + pageSize?: number; +} + +export class CreateConversationDto { + @ApiProperty({ description: 'Conversation type', enum: ConversationType }) + @IsEnum(ConversationType) + type: ConversationType; + + @ApiProperty({ description: 'Subject line' }) + @IsString() + subject: string; + + @ApiProperty({ description: 'Mailbox ID' }) + @IsNumber() + mailboxId: number; + + @ApiProperty({ description: 'Customer email address' }) + @IsEmail() + customerEmail: string; + + @ApiPropertyOptional({ description: 'Customer first name' }) + @IsOptional() + @IsString() + customerFirstName?: string; + + @ApiPropertyOptional({ description: 'Customer last name' }) + @IsOptional() + @IsString() + customerLastName?: string; + + @ApiProperty({ description: 'Initial message body (HTML allowed)' }) + @IsString() + body: string; + + @ApiPropertyOptional({ description: 'Tags to assign', type: [String] }) + @IsOptional() + @IsArray() + @IsString({ each: true }) + tags?: string[]; + + @ApiPropertyOptional({ description: 'User ID to assign the conversation to' }) + @IsOptional() + @IsNumber() + assignTo?: number; + + @ApiPropertyOptional({ description: 'Initial status', enum: ConversationStatus }) + @IsOptional() + @IsEnum(ConversationStatus) + status?: ConversationStatus; +} + +export class ReplyToConversationDto { + @ApiProperty({ description: 'Reply body (HTML allowed)' }) + @IsString() + body: string; + + @ApiPropertyOptional({ description: 'Thread type', enum: ThreadType, default: ThreadType.MESSAGE }) + @IsOptional() + @IsEnum(ThreadType) + type?: ThreadType; + + @ApiPropertyOptional({ description: 'User ID sending the reply' }) + @IsOptional() + @IsNumber() + userId?: number; + + @ApiPropertyOptional({ description: 'Status after reply', enum: ConversationStatus }) + @IsOptional() + @IsEnum(ConversationStatus) + status?: ConversationStatus; + + @ApiPropertyOptional({ description: 'Mark as draft (not sent)', default: false }) + @IsOptional() + @IsBoolean() + draft?: boolean; + + @ApiPropertyOptional({ description: 'CC recipients', type: [String] }) + @IsOptional() + @IsArray() + @IsEmail({}, { each: true }) + cc?: string[]; + + @ApiPropertyOptional({ description: 'BCC recipients', type: [String] }) + @IsOptional() + @IsArray() + @IsEmail({}, { each: true }) + bcc?: string[]; +} + +export class CreateCustomerDto { + @ApiProperty({ description: 'Customer email address' }) + @IsEmail() + email: string; + + @ApiPropertyOptional({ description: 'First name' }) + @IsOptional() + @IsString() + firstName?: string; + + @ApiPropertyOptional({ description: 'Last name' }) + @IsOptional() + @IsString() + lastName?: string; + + @ApiPropertyOptional({ description: 'Company name' }) + @IsOptional() + @IsString() + company?: string; + + @ApiPropertyOptional({ description: 'Job title' }) + @IsOptional() + @IsString() + jobTitle?: string; + + @ApiPropertyOptional({ description: 'Phone numbers', type: [String] }) + @IsOptional() + @IsArray() + @IsString({ each: true }) + phones?: string[]; + + @ApiPropertyOptional({ description: 'Notes about the customer' }) + @IsOptional() + @IsString() + notes?: string; +} + +export class ListCustomersDto { + @ApiPropertyOptional({ description: 'Search by email' }) + @IsOptional() + @IsEmail() + email?: string; + + @ApiPropertyOptional({ description: 'Search query' }) + @IsOptional() + @IsString() + query?: string; + + @ApiPropertyOptional({ description: 'Page number', default: 1 }) + @IsOptional() + @IsNumber() + page?: number; + + @ApiPropertyOptional({ description: 'Items per page', default: 50 }) + @IsOptional() + @IsNumber() + pageSize?: number; +} + +// ============ Response DTOs ============ + +export class ConversationResponseDto { + @ApiProperty() + id: number; + + @ApiProperty() + number: number; + + @ApiProperty({ enum: ConversationType }) + type: ConversationType; + + @ApiProperty({ enum: ConversationStatus }) + status: ConversationStatus; + + @ApiProperty() + subject: string; + + @ApiProperty() + preview: string; + + @ApiProperty() + mailboxId: number; + + @ApiPropertyOptional() + assignee?: FreeScoutUser; + + @ApiProperty() + customer: FreeScoutCustomer; + + @ApiProperty() + createdAt: string; + + @ApiProperty() + updatedAt: string; + + @ApiPropertyOptional({ type: [Object] }) + threads?: FreeScoutThread[]; + + @ApiPropertyOptional({ type: [Object] }) + tags?: FreeScoutTag[]; +} + +export class MailboxResponseDto { + @ApiProperty() + id: number; + + @ApiProperty() + name: string; + + @ApiProperty() + email: string; + + @ApiProperty() + isActive: boolean; +} + +export class CustomerResponseDto { + @ApiProperty() + id: number; + + @ApiProperty() + firstName: string; + + @ApiProperty() + lastName: string; + + @ApiProperty() + email: string; + + @ApiPropertyOptional({ type: [String] }) + emails?: string[]; + + @ApiPropertyOptional() + company?: string; + + @ApiPropertyOptional() + jobTitle?: string; + + @ApiProperty() + createdAt: string; +} + +export class TagResponseDto { + @ApiProperty() + id: number; + + @ApiProperty() + name: string; + + @ApiPropertyOptional() + color?: string; +} diff --git a/apps/api/src/modules/integrations/connectors/freescout/index.ts b/apps/api/src/modules/integrations/connectors/freescout/index.ts new file mode 100644 index 0000000..eac0855 --- /dev/null +++ b/apps/api/src/modules/integrations/connectors/freescout/index.ts @@ -0,0 +1,4 @@ +export * from './freescout.module'; +export * from './freescout.connector'; +export * from './freescout.service'; +export * from './freescout.types'; diff --git a/apps/api/src/modules/integrations/connectors/gembadocs/dto/gembadocs.dto.ts b/apps/api/src/modules/integrations/connectors/gembadocs/dto/gembadocs.dto.ts new file mode 100644 index 0000000..1b6c8d6 --- /dev/null +++ b/apps/api/src/modules/integrations/connectors/gembadocs/dto/gembadocs.dto.ts @@ -0,0 +1,50 @@ +/** + * GembaDocs DTO Re-exports + * + * This file re-exports all DTOs from gembadocs.types.ts for convenience. + * This follows the pattern used by other connectors. + */ + +export { + // Enums + AuditType, + AuditStatus, + FindingSeverity, + FindingStatus, + ChecklistItemType, + + // Request DTOs + ListAuditsDto, + CreateAuditDto, + UpdateAuditDto, + ListFindingsDto, + UpdateFindingDto, + ResolveFindingDto, + GetTrendsDto, + + // Response DTOs + AuditorResponseDto, + AuditResponseDto, + AuditDetailResponseDto, + FindingResponseDto, + ChecklistResponseDto, + ChecklistDetailResponseDto, + StatisticsResponseDto, + TrendResponseDto, + PaginatedAuditsResponseDto, + PaginatedFindingsResponseDto, + + // API Types + GembaUser, + GembaAudit, + GembaChecklist, + GembaChecklistCategory, + GembaChecklistItem, + GembaFinding, + GembaAttachment, + GembaStatistics, + GembaComplianceTrendPoint, + GembaTrendData, + GembaTrendDataPoint, + GembaApiResponse, +} from '../gembadocs.types'; diff --git a/apps/api/src/modules/integrations/connectors/gembadocs/gembadocs.connector.ts b/apps/api/src/modules/integrations/connectors/gembadocs/gembadocs.connector.ts new file mode 100644 index 0000000..77fd625 --- /dev/null +++ b/apps/api/src/modules/integrations/connectors/gembadocs/gembadocs.connector.ts @@ -0,0 +1,810 @@ +import { Injectable, Logger } from '@nestjs/common'; +import { ConfigService } from '@nestjs/config'; +import axios, { AxiosInstance, AxiosError } from 'axios'; +import { + IntegrationConnectionError, + IntegrationAuthError, + IntegrationRateLimitError, + IntegrationApiError, + IntegrationConfigError, +} from '../../errors'; +import { + GembaAudit, + GembaChecklist, + GembaFinding, + GembaStatistics, + GembaTrendData, + GembaApiResponse, + ListAuditsDto, + CreateAuditDto, + UpdateAuditDto, + ListFindingsDto, + UpdateFindingDto, + ResolveFindingDto, + GetTrendsDto, + AuditStatus, + FindingStatus, +} from './gembadocs.types'; + +/** + * Health status of the connector + */ +export interface ConnectorHealth { + status: 'connected' | 'error' | 'not_configured'; + lastCheck: Date; + latency?: number; + error?: string; + details?: Record; +} + +/** + * Retry configuration + */ +interface RetryConfig { + maxRetries: number; + baseDelayMs: number; + maxDelayMs: number; + jitterFactor: number; +} + +const DEFAULT_RETRY_CONFIG: RetryConfig = { + maxRetries: 3, + baseDelayMs: 1000, + maxDelayMs: 30000, + jitterFactor: 0.1, +}; + +const DEFAULT_TIMEOUT_MS = 30000; + +/** + * GembaDocs API Connector + * + * Provides integration with GembaDocs audit and checklist management system. + * Features: + * - API Key authentication + * - Audits management (CRUD operations) + * - Checklists and templates + * - Findings/Actions tracking + * - Statistics and trends + * + * API Documentation: GembaDocs API v1 + */ +@Injectable() +export class GembaDocsConnector { + private readonly logger = new Logger(GembaDocsConnector.name); + private readonly integrationName = 'GembaDocs'; + private readonly httpClient: AxiosInstance; + private readonly retryConfig: RetryConfig; + private isConfiguredFlag: boolean = false; + + private readonly baseUrl: string; + private readonly apiKey: string; + + constructor(private readonly configService: ConfigService) { + this.retryConfig = { ...DEFAULT_RETRY_CONFIG }; + + // Load configuration from environment + this.baseUrl = this.configService.get('GEMBADOCS_API_URL', ''); + this.apiKey = this.configService.get('GEMBADOCS_API_KEY', ''); + + // Validate configuration + this.validateConfiguration(); + + // Initialize HTTP client + this.httpClient = axios.create({ + baseURL: this.baseUrl ? `${this.baseUrl}/api/v1` : undefined, + timeout: DEFAULT_TIMEOUT_MS, + headers: { + 'Content-Type': 'application/json', + Accept: 'application/json', + }, + }); + + this.setupInterceptors(); + + if (this.isConfiguredFlag) { + this.logger.log(`GembaDocs connector initialized with base URL: ${this.baseUrl}`); + } else { + this.logger.warn('GembaDocs connector not configured - missing credentials'); + } + } + + /** + * Validate required configuration + */ + private validateConfiguration(): void { + const missing: string[] = []; + + if (!this.baseUrl) { + missing.push('GEMBADOCS_API_URL'); + } + if (!this.apiKey) { + missing.push('GEMBADOCS_API_KEY'); + } + + this.isConfiguredFlag = missing.length === 0; + + if (!this.isConfiguredFlag) { + this.logger.warn(`GembaDocs configuration incomplete. Missing: ${missing.join(', ')}`); + } + } + + /** + * Setup axios interceptors + */ + private setupInterceptors(): void { + // Request interceptor to add API key + this.httpClient.interceptors.request.use( + (config) => { + if (this.apiKey) { + config.headers['X-API-Key'] = this.apiKey; + } + + this.logger.debug( + `[${this.integrationName}] Request: ${config.method?.toUpperCase()} ${config.url}`, + ); + return config; + }, + (error) => { + this.logger.error(`[${this.integrationName}] Request error: ${error.message}`); + return Promise.reject(error); + }, + ); + + // Response interceptor + this.httpClient.interceptors.response.use( + (response) => { + this.logger.debug(`[${this.integrationName}] Response: ${response.status}`); + return response; + }, + (error) => { + return Promise.reject(error); + }, + ); + } + + /** + * Ensure the connector is configured + */ + private ensureConfigured(): void { + if (!this.isConfiguredFlag) { + throw new IntegrationConfigError(this.integrationName, [ + 'GEMBADOCS_API_URL', + 'GEMBADOCS_API_KEY', + ]); + } + } + + /** + * Execute request with retry logic + */ + private async executeWithRetry( + requestFn: () => Promise, + operation: string, + ): Promise { + let lastError: Error | undefined; + let attempt = 0; + + while (attempt <= this.retryConfig.maxRetries) { + try { + return await requestFn(); + } catch (error) { + lastError = error as Error; + attempt++; + + const shouldRetry = this.shouldRetry(error as AxiosError, attempt); + if (!shouldRetry) { + break; + } + + const delay = this.calculateDelay(attempt); + this.logger.warn( + `[${this.integrationName}] ${operation} failed (attempt ${attempt}/${this.retryConfig.maxRetries}), retrying in ${delay}ms`, + ); + + await this.sleep(delay); + } + } + + throw this.mapError(lastError as AxiosError, operation); + } + + /** + * Determine if request should be retried + */ + private shouldRetry(error: AxiosError, attempt: number): boolean { + if (attempt > this.retryConfig.maxRetries) { + return false; + } + + if (!error.response) { + return true; + } + + const status = error.response.status; + // Don't retry auth errors + if (status === 401 || status === 403) { + return false; + } + return status >= 500 || status === 429; + } + + /** + * Calculate delay with exponential backoff and jitter + */ + private calculateDelay(attempt: number): number { + const delay = Math.min( + this.retryConfig.baseDelayMs * Math.pow(2, attempt - 1), + this.retryConfig.maxDelayMs, + ); + const jitter = delay * this.retryConfig.jitterFactor * Math.random(); + return Math.floor(delay + jitter); + } + + /** + * Map axios errors to integration errors + */ + private mapError(error: AxiosError, operation: string): Error { + if (!error.response) { + if (error.code === 'ECONNABORTED' || error.message.includes('timeout')) { + return new IntegrationConnectionError( + this.integrationName, + `Request timeout during ${operation}`, + error, + ); + } + return new IntegrationConnectionError( + this.integrationName, + `Connection failed during ${operation}: ${error.message}`, + error, + ); + } + + const status = error.response.status; + const responseData = error.response.data as GembaApiResponse; + const message = responseData?.error?.message || error.message; + + switch (status) { + case 401: + return new IntegrationAuthError( + this.integrationName, + `Authentication failed: ${message}`, + error, + ); + case 403: + return new IntegrationAuthError( + this.integrationName, + `Access forbidden: ${message}`, + error, + ); + case 429: + const retryAfter = parseInt(error.response.headers['retry-after'] || '60', 10); + return new IntegrationRateLimitError( + this.integrationName, + 'Rate limit exceeded', + retryAfter, + error, + ); + default: + return new IntegrationApiError( + this.integrationName, + `${operation} failed: ${message}`, + status, + responseData?.error?.code, + error, + ); + } + } + + /** + * Sleep helper + */ + private sleep(ms: number): Promise { + return new Promise((resolve) => setTimeout(resolve, ms)); + } + + // ============ Health & Connection ============ + + /** + * Check connector health + */ + async checkHealth(): Promise { + if (!this.isConfiguredFlag) { + return { + status: 'not_configured', + lastCheck: new Date(), + error: 'GembaDocs connector is not configured', + }; + } + + const startTime = Date.now(); + try { + // Use statistics endpoint as health check + await this.httpClient.get('/health'); + return { + status: 'connected', + lastCheck: new Date(), + latency: Date.now() - startTime, + }; + } catch (error) { + return { + status: 'error', + lastCheck: new Date(), + latency: Date.now() - startTime, + error: (error as Error).message, + }; + } + } + + /** + * Test connection + */ + async testConnection(): Promise<{ success: boolean; message: string; latency?: number }> { + this.ensureConfigured(); + + const startTime = Date.now(); + try { + const response = await this.httpClient.get>( + '/health', + ); + const latency = Date.now() - startTime; + + if (response.data.success) { + return { + success: true, + message: `Connected to GembaDocs API v${response.data.data?.version || 'unknown'}`, + latency, + }; + } + + return { + success: false, + message: response.data.error?.message || 'Connection test failed', + latency, + }; + } catch (error) { + throw this.mapError(error as AxiosError, 'testConnection'); + } + } + + /** + * Check if connector is configured + */ + isConfigured(): boolean { + return this.isConfiguredFlag; + } + + /** + * Get list of missing configuration items + */ + getMissingConfig(): string[] { + const missing: string[] = []; + if (!this.baseUrl) missing.push('GEMBADOCS_API_URL'); + if (!this.apiKey) missing.push('GEMBADOCS_API_KEY'); + return missing; + } + + // ============ Audits API ============ + + /** + * List audits with optional filters + */ + async listAudits(params: ListAuditsDto = {}): Promise<{ + audits: GembaAudit[]; + pagination: { page: number; pageSize: number; total: number; totalPages: number }; + }> { + this.ensureConfigured(); + + return this.executeWithRetry(async () => { + const queryParams: Record = { + page: params.page || 1, + pageSize: params.pageSize || 20, + }; + + if (params.type) queryParams.type = params.type; + if (params.status) queryParams.status = params.status; + if (params.department) queryParams.department = params.department; + if (params.location) queryParams.location = params.location; + if (params.auditorId) queryParams.auditorId = params.auditorId; + if (params.dateFrom) queryParams.dateFrom = params.dateFrom; + if (params.dateTo) queryParams.dateTo = params.dateTo; + + const response = await this.httpClient.get< + GembaApiResponse<{ audits: GembaAudit[]; total: number }> + >('/audits', { params: queryParams }); + + if (!response.data.success || !response.data.data) { + throw new IntegrationApiError( + this.integrationName, + response.data.error?.message || 'Failed to list audits', + ); + } + + const { audits, total } = response.data.data; + const page = params.page || 1; + const pageSize = params.pageSize || 20; + + return { + audits, + pagination: { + page, + pageSize, + total, + totalPages: Math.ceil(total / pageSize), + }, + }; + }, 'listAudits'); + } + + /** + * Get a single audit by ID + */ + async getAudit(id: string): Promise { + this.ensureConfigured(); + + return this.executeWithRetry(async () => { + const response = await this.httpClient.get>( + `/audits/${id}`, + ); + + if (!response.data.success || !response.data.data) { + throw new IntegrationApiError( + this.integrationName, + response.data.error?.message || 'Audit not found', + 404, + ); + } + + return response.data.data; + }, 'getAudit'); + } + + /** + * Get upcoming audits (scheduled for the future) + */ + async getUpcomingAudits(days: number = 7, limit: number = 10): Promise { + this.ensureConfigured(); + + return this.executeWithRetry(async () => { + const today = new Date(); + const futureDate = new Date(); + futureDate.setDate(today.getDate() + days); + + const response = await this.httpClient.get< + GembaApiResponse<{ audits: GembaAudit[] }> + >('/audits', { + params: { + status: AuditStatus.SCHEDULED, + dateFrom: today.toISOString().split('T')[0], + dateTo: futureDate.toISOString().split('T')[0], + pageSize: limit, + sortBy: 'scheduledDate', + sortOrder: 'asc', + }, + }); + + if (!response.data.success || !response.data.data) { + throw new IntegrationApiError( + this.integrationName, + response.data.error?.message || 'Failed to fetch upcoming audits', + ); + } + + return response.data.data.audits; + }, 'getUpcomingAudits'); + } + + /** + * Get overdue audits (scheduled in the past but not completed) + */ + async getOverdueAudits(limit: number = 10): Promise { + this.ensureConfigured(); + + return this.executeWithRetry(async () => { + const today = new Date(); + + const response = await this.httpClient.get< + GembaApiResponse<{ audits: GembaAudit[] }> + >('/audits', { + params: { + status: AuditStatus.SCHEDULED, + dateTo: today.toISOString().split('T')[0], + pageSize: limit, + sortBy: 'scheduledDate', + sortOrder: 'asc', + }, + }); + + if (!response.data.success || !response.data.data) { + throw new IntegrationApiError( + this.integrationName, + response.data.error?.message || 'Failed to fetch overdue audits', + ); + } + + // Filter to only include audits that are actually overdue + return response.data.data.audits.filter((audit) => { + const scheduledDate = new Date(audit.scheduledDate); + return scheduledDate < today && audit.status === AuditStatus.SCHEDULED; + }); + }, 'getOverdueAudits'); + } + + /** + * Create a new audit + */ + async createAudit(data: CreateAuditDto): Promise { + this.ensureConfigured(); + + return this.executeWithRetry(async () => { + const response = await this.httpClient.post>( + '/audits', + data, + ); + + if (!response.data.success || !response.data.data) { + throw new IntegrationApiError( + this.integrationName, + response.data.error?.message || 'Failed to create audit', + ); + } + + return response.data.data; + }, 'createAudit'); + } + + /** + * Update an audit + */ + async updateAudit(id: string, data: UpdateAuditDto): Promise { + this.ensureConfigured(); + + return this.executeWithRetry(async () => { + const response = await this.httpClient.put>( + `/audits/${id}`, + data, + ); + + if (!response.data.success || !response.data.data) { + throw new IntegrationApiError( + this.integrationName, + response.data.error?.message || 'Failed to update audit', + ); + } + + return response.data.data; + }, 'updateAudit'); + } + + // ============ Checklists API ============ + + /** + * List all checklist templates + */ + async listChecklists(): Promise { + this.ensureConfigured(); + + return this.executeWithRetry(async () => { + const response = await this.httpClient.get< + GembaApiResponse<{ checklists: GembaChecklist[] }> + >('/checklists'); + + if (!response.data.success || !response.data.data) { + throw new IntegrationApiError( + this.integrationName, + response.data.error?.message || 'Failed to list checklists', + ); + } + + return response.data.data.checklists; + }, 'listChecklists'); + } + + /** + * Get a single checklist by ID + */ + async getChecklist(id: string): Promise { + this.ensureConfigured(); + + return this.executeWithRetry(async () => { + const response = await this.httpClient.get>( + `/checklists/${id}`, + ); + + if (!response.data.success || !response.data.data) { + throw new IntegrationApiError( + this.integrationName, + response.data.error?.message || 'Checklist not found', + 404, + ); + } + + return response.data.data; + }, 'getChecklist'); + } + + // ============ Findings API ============ + + /** + * List findings with optional filters + */ + async listFindings(params: ListFindingsDto = {}): Promise<{ + findings: GembaFinding[]; + pagination: { page: number; pageSize: number; total: number; totalPages: number }; + }> { + this.ensureConfigured(); + + return this.executeWithRetry(async () => { + const queryParams: Record = { + page: params.page || 1, + pageSize: params.pageSize || 20, + }; + + if (params.auditId) queryParams.auditId = params.auditId; + if (params.severity) queryParams.severity = params.severity; + if (params.status) queryParams.status = params.status; + if (params.assigneeId) queryParams.assigneeId = params.assigneeId; + if (params.overdueOnly) queryParams.overdueOnly = params.overdueOnly; + + const response = await this.httpClient.get< + GembaApiResponse<{ findings: GembaFinding[]; total: number }> + >('/findings', { params: queryParams }); + + if (!response.data.success || !response.data.data) { + throw new IntegrationApiError( + this.integrationName, + response.data.error?.message || 'Failed to list findings', + ); + } + + const { findings, total } = response.data.data; + const page = params.page || 1; + const pageSize = params.pageSize || 20; + + return { + findings, + pagination: { + page, + pageSize, + total, + totalPages: Math.ceil(total / pageSize), + }, + }; + }, 'listFindings'); + } + + /** + * Get open findings + */ + async getOpenFindings(limit: number = 20): Promise { + this.ensureConfigured(); + + return this.executeWithRetry(async () => { + const response = await this.httpClient.get< + GembaApiResponse<{ findings: GembaFinding[] }> + >('/findings', { + params: { + status: FindingStatus.OPEN, + pageSize: limit, + sortBy: 'severity', + sortOrder: 'desc', + }, + }); + + if (!response.data.success || !response.data.data) { + throw new IntegrationApiError( + this.integrationName, + response.data.error?.message || 'Failed to fetch open findings', + ); + } + + return response.data.data.findings; + }, 'getOpenFindings'); + } + + /** + * Update a finding + */ + async updateFinding(id: string, data: UpdateFindingDto): Promise { + this.ensureConfigured(); + + return this.executeWithRetry(async () => { + const response = await this.httpClient.put>( + `/findings/${id}`, + data, + ); + + if (!response.data.success || !response.data.data) { + throw new IntegrationApiError( + this.integrationName, + response.data.error?.message || 'Failed to update finding', + ); + } + + return response.data.data; + }, 'updateFinding'); + } + + /** + * Resolve a finding + */ + async resolveFinding(id: string, data: ResolveFindingDto): Promise { + this.ensureConfigured(); + + return this.executeWithRetry(async () => { + const response = await this.httpClient.post>( + `/findings/${id}/resolve`, + data, + ); + + if (!response.data.success || !response.data.data) { + throw new IntegrationApiError( + this.integrationName, + response.data.error?.message || 'Failed to resolve finding', + ); + } + + return response.data.data; + }, 'resolveFinding'); + } + + // ============ Statistics & Trends API ============ + + /** + * Get audit statistics + */ + async getStatistics(department?: string): Promise { + this.ensureConfigured(); + + return this.executeWithRetry(async () => { + const params: Record = {}; + if (department) params.department = department; + + const response = await this.httpClient.get>( + '/statistics', + { params }, + ); + + if (!response.data.success || !response.data.data) { + throw new IntegrationApiError( + this.integrationName, + response.data.error?.message || 'Failed to fetch statistics', + ); + } + + return response.data.data; + }, 'getStatistics'); + } + + /** + * Get trend data for charts + */ + async getTrends(params: GetTrendsDto = {}): Promise { + this.ensureConfigured(); + + return this.executeWithRetry(async () => { + const queryParams: Record = { + period: params.period || 'month', + }; + + if (params.startDate) queryParams.startDate = params.startDate; + if (params.endDate) queryParams.endDate = params.endDate; + if (params.department) queryParams.department = params.department; + if (params.auditType) queryParams.auditType = params.auditType; + + const response = await this.httpClient.get>( + '/trends', + { params: queryParams }, + ); + + if (!response.data.success || !response.data.data) { + throw new IntegrationApiError( + this.integrationName, + response.data.error?.message || 'Failed to fetch trends', + ); + } + + return response.data.data; + }, 'getTrends'); + } +} diff --git a/apps/api/src/modules/integrations/connectors/gembadocs/gembadocs.controller.ts b/apps/api/src/modules/integrations/connectors/gembadocs/gembadocs.controller.ts new file mode 100644 index 0000000..9626a20 --- /dev/null +++ b/apps/api/src/modules/integrations/connectors/gembadocs/gembadocs.controller.ts @@ -0,0 +1,288 @@ +import { + Controller, + Get, + Post, + Put, + Body, + Param, + Query, + HttpCode, + HttpStatus, +} from '@nestjs/common'; +import { + ApiTags, + ApiOperation, + ApiResponse, + ApiBearerAuth, + ApiParam, + ApiQuery, +} from '@nestjs/swagger'; +import { GembaDocsService } from './gembadocs.service'; +import { + ListAuditsDto, + CreateAuditDto, + UpdateAuditDto, + ListFindingsDto, + UpdateFindingDto, + ResolveFindingDto, + GetTrendsDto, + AuditResponseDto, + AuditDetailResponseDto, + FindingResponseDto, + ChecklistResponseDto, + ChecklistDetailResponseDto, + StatisticsResponseDto, + TrendResponseDto, + PaginatedAuditsResponseDto, + PaginatedFindingsResponseDto, + AuditType, + AuditStatus, + FindingSeverity, + FindingStatus, +} from './gembadocs.types'; +import { RequirePermissions } from '../../../../auth/permissions/permissions.decorator'; +import { Permission } from '../../../../auth/permissions/permissions.enum'; + +/** + * GembaDocs Integration Controller + * + * REST API endpoints for GembaDocs audit and checklist management integration. + */ +@ApiTags('Integrations - GembaDocs') +@ApiBearerAuth() +@Controller('integrations/gembadocs') +export class GembaDocsController { + constructor(private readonly gembaDocsService: GembaDocsService) {} + + // ============ Health & Status ============ + + @Post('test') + @HttpCode(HttpStatus.OK) + @ApiOperation({ summary: 'Test GembaDocs connection' }) + @ApiResponse({ + status: 200, + description: 'Connection test result', + schema: { + type: 'object', + properties: { + success: { type: 'boolean' }, + message: { type: 'string' }, + latency: { type: 'number' }, + }, + }, + }) + @RequirePermissions(Permission.INTEGRATIONS_MANAGE) + async testConnection() { + return this.gembaDocsService.testConnection(); + } + + @Get('health') + @ApiOperation({ summary: 'Get GembaDocs connector health status' }) + @ApiResponse({ + status: 200, + description: 'Health status', + schema: { + type: 'object', + properties: { + status: { type: 'string', enum: ['connected', 'error', 'not_configured'] }, + lastCheck: { type: 'string', format: 'date-time' }, + latency: { type: 'number' }, + error: { type: 'string' }, + }, + }, + }) + @RequirePermissions(Permission.INTEGRATIONS_VIEW) + async getHealth() { + return this.gembaDocsService.checkHealth(); + } + + // ============ Audits ============ + + @Get('audits') + @ApiOperation({ summary: 'List audits with optional filters' }) + @ApiQuery({ name: 'type', required: false, enum: AuditType }) + @ApiQuery({ name: 'status', required: false, enum: AuditStatus }) + @ApiQuery({ name: 'department', required: false, type: String }) + @ApiQuery({ name: 'location', required: false, type: String }) + @ApiQuery({ name: 'auditorId', required: false, type: String }) + @ApiQuery({ name: 'dateFrom', required: false, type: String, description: 'YYYY-MM-DD' }) + @ApiQuery({ name: 'dateTo', required: false, type: String, description: 'YYYY-MM-DD' }) + @ApiQuery({ name: 'page', required: false, type: Number }) + @ApiQuery({ name: 'pageSize', required: false, type: Number }) + @ApiResponse({ status: 200, description: 'Paginated list of audits', type: PaginatedAuditsResponseDto }) + @RequirePermissions(Permission.INTEGRATIONS_VIEW) + async listAudits(@Query() query: ListAuditsDto): Promise { + return this.gembaDocsService.listAudits(query); + } + + @Get('audits/upcoming') + @ApiOperation({ summary: 'Get upcoming audits' }) + @ApiQuery({ name: 'days', required: false, type: Number, description: 'Days ahead to look (default: 7)' }) + @ApiQuery({ name: 'limit', required: false, type: Number, description: 'Maximum results (default: 10)' }) + @ApiResponse({ status: 200, description: 'List of upcoming audits', type: [AuditResponseDto] }) + @RequirePermissions(Permission.INTEGRATIONS_VIEW) + async getUpcomingAudits( + @Query('days') days?: number, + @Query('limit') limit?: number, + ): Promise { + return this.gembaDocsService.getUpcomingAudits(days || 7, limit || 10); + } + + @Get('audits/overdue') + @ApiOperation({ summary: 'Get overdue audits' }) + @ApiQuery({ name: 'limit', required: false, type: Number, description: 'Maximum results (default: 10)' }) + @ApiResponse({ status: 200, description: 'List of overdue audits', type: [AuditResponseDto] }) + @RequirePermissions(Permission.INTEGRATIONS_VIEW) + async getOverdueAudits(@Query('limit') limit?: number): Promise { + return this.gembaDocsService.getOverdueAudits(limit || 10); + } + + @Get('audits/:id') + @ApiOperation({ summary: 'Get a single audit by ID' }) + @ApiParam({ name: 'id', type: String }) + @ApiResponse({ status: 200, description: 'Audit details', type: AuditDetailResponseDto }) + @ApiResponse({ status: 404, description: 'Audit not found' }) + @RequirePermissions(Permission.INTEGRATIONS_VIEW) + async getAudit(@Param('id') id: string): Promise { + return this.gembaDocsService.getAudit(id); + } + + @Post('audits') + @HttpCode(HttpStatus.CREATED) + @ApiOperation({ summary: 'Create a new audit' }) + @ApiResponse({ status: 201, description: 'Audit created', type: AuditDetailResponseDto }) + @RequirePermissions(Permission.INTEGRATIONS_MANAGE) + async createAudit(@Body() data: CreateAuditDto): Promise { + return this.gembaDocsService.createAudit(data); + } + + @Put('audits/:id') + @ApiOperation({ summary: 'Update an audit' }) + @ApiParam({ name: 'id', type: String }) + @ApiResponse({ status: 200, description: 'Audit updated', type: AuditDetailResponseDto }) + @ApiResponse({ status: 404, description: 'Audit not found' }) + @RequirePermissions(Permission.INTEGRATIONS_MANAGE) + async updateAudit( + @Param('id') id: string, + @Body() data: UpdateAuditDto, + ): Promise { + return this.gembaDocsService.updateAudit(id, data); + } + + // ============ Checklists ============ + + @Get('checklists') + @ApiOperation({ summary: 'List all checklist templates' }) + @ApiResponse({ status: 200, description: 'List of checklists', type: [ChecklistResponseDto] }) + @RequirePermissions(Permission.INTEGRATIONS_VIEW) + async listChecklists(): Promise { + return this.gembaDocsService.listChecklists(); + } + + @Get('checklists/:id') + @ApiOperation({ summary: 'Get a single checklist by ID' }) + @ApiParam({ name: 'id', type: String }) + @ApiResponse({ status: 200, description: 'Checklist details', type: ChecklistDetailResponseDto }) + @ApiResponse({ status: 404, description: 'Checklist not found' }) + @RequirePermissions(Permission.INTEGRATIONS_VIEW) + async getChecklist(@Param('id') id: string): Promise { + return this.gembaDocsService.getChecklist(id); + } + + // ============ Findings ============ + + @Get('findings') + @ApiOperation({ summary: 'List findings with optional filters' }) + @ApiQuery({ name: 'auditId', required: false, type: String }) + @ApiQuery({ name: 'severity', required: false, enum: FindingSeverity }) + @ApiQuery({ name: 'status', required: false, enum: FindingStatus }) + @ApiQuery({ name: 'assigneeId', required: false, type: String }) + @ApiQuery({ name: 'overdueOnly', required: false, type: Boolean }) + @ApiQuery({ name: 'page', required: false, type: Number }) + @ApiQuery({ name: 'pageSize', required: false, type: Number }) + @ApiResponse({ status: 200, description: 'Paginated list of findings', type: PaginatedFindingsResponseDto }) + @RequirePermissions(Permission.INTEGRATIONS_VIEW) + async listFindings(@Query() query: ListFindingsDto): Promise { + return this.gembaDocsService.listFindings(query); + } + + @Get('findings/open') + @ApiOperation({ summary: 'Get open findings' }) + @ApiQuery({ name: 'limit', required: false, type: Number, description: 'Maximum results (default: 20)' }) + @ApiResponse({ status: 200, description: 'List of open findings', type: [FindingResponseDto] }) + @RequirePermissions(Permission.INTEGRATIONS_VIEW) + async getOpenFindings(@Query('limit') limit?: number): Promise { + return this.gembaDocsService.getOpenFindings(limit || 20); + } + + @Put('findings/:id') + @ApiOperation({ summary: 'Update a finding' }) + @ApiParam({ name: 'id', type: String }) + @ApiResponse({ status: 200, description: 'Finding updated', type: FindingResponseDto }) + @ApiResponse({ status: 404, description: 'Finding not found' }) + @RequirePermissions(Permission.INTEGRATIONS_MANAGE) + async updateFinding( + @Param('id') id: string, + @Body() data: UpdateFindingDto, + ): Promise { + return this.gembaDocsService.updateFinding(id, data); + } + + @Post('findings/:id/resolve') + @HttpCode(HttpStatus.OK) + @ApiOperation({ summary: 'Resolve a finding' }) + @ApiParam({ name: 'id', type: String }) + @ApiResponse({ status: 200, description: 'Finding resolved', type: FindingResponseDto }) + @ApiResponse({ status: 404, description: 'Finding not found' }) + @RequirePermissions(Permission.INTEGRATIONS_MANAGE) + async resolveFinding( + @Param('id') id: string, + @Body() data: ResolveFindingDto, + ): Promise { + return this.gembaDocsService.resolveFinding(id, data); + } + + // ============ Statistics & Trends ============ + + @Get('statistics') + @ApiOperation({ summary: 'Get audit statistics' }) + @ApiQuery({ name: 'department', required: false, type: String }) + @ApiResponse({ status: 200, description: 'Audit statistics', type: StatisticsResponseDto }) + @RequirePermissions(Permission.INTEGRATIONS_VIEW) + async getStatistics(@Query('department') department?: string): Promise { + return this.gembaDocsService.getStatistics(department); + } + + @Get('trends') + @ApiOperation({ summary: 'Get trend data for charts' }) + @ApiQuery({ name: 'period', required: false, enum: ['week', 'month', 'quarter', 'year'] }) + @ApiQuery({ name: 'startDate', required: false, type: String, description: 'YYYY-MM-DD' }) + @ApiQuery({ name: 'endDate', required: false, type: String, description: 'YYYY-MM-DD' }) + @ApiQuery({ name: 'department', required: false, type: String }) + @ApiQuery({ name: 'auditType', required: false, enum: AuditType }) + @ApiResponse({ status: 200, description: 'Trend data', type: TrendResponseDto }) + @RequirePermissions(Permission.INTEGRATIONS_VIEW) + async getTrends(@Query() query: GetTrendsDto): Promise { + return this.gembaDocsService.getTrends(query); + } + + @Get('compliance-score') + @ApiOperation({ summary: 'Get overall compliance score' }) + @ApiQuery({ name: 'threshold', required: false, type: Number, description: 'Score threshold (default: 80)' }) + @ApiResponse({ + status: 200, + description: 'Compliance score with trend', + schema: { + type: 'object', + properties: { + score: { type: 'number' }, + trend: { type: 'string', enum: ['up', 'down', 'stable'] }, + change: { type: 'number' }, + }, + }, + }) + @RequirePermissions(Permission.INTEGRATIONS_VIEW) + async getComplianceScore(@Query('threshold') threshold?: number) { + return this.gembaDocsService.getComplianceScore(threshold || 80); + } +} diff --git a/apps/api/src/modules/integrations/connectors/gembadocs/gembadocs.module.ts b/apps/api/src/modules/integrations/connectors/gembadocs/gembadocs.module.ts new file mode 100644 index 0000000..405cfd7 --- /dev/null +++ b/apps/api/src/modules/integrations/connectors/gembadocs/gembadocs.module.ts @@ -0,0 +1,65 @@ +import { Module } from '@nestjs/common'; +import { ConfigModule } from '@nestjs/config'; +import { GembaDocsConnector } from './gembadocs.connector'; +import { GembaDocsService } from './gembadocs.service'; +import { GembaDocsController } from './gembadocs.controller'; + +/** + * GembaDocs Integration Module + * + * Provides integration with GembaDocs audit and checklist management system. + * + * Required environment variables: + * - GEMBADOCS_API_URL: Base URL of GembaDocs API (e.g., https://api.gembadocs.com) + * - GEMBADOCS_API_KEY: API key for authentication + * + * Features: + * - API Key authentication + * - Audits management (list, get, create, update) + * - Upcoming and overdue audits tracking + * - Checklist templates management + * - Findings/Actions tracking with severity levels + * - Statistics and compliance metrics + * - Trend data for charts and reporting + * + * Supported Audit Types: + * - Layered Process Audits (LPA) + * - Safety audits + * - 5S audits + * - Quality audits + * - Custom audits + * + * API Endpoints: + * - POST /integrations/gembadocs/test - Connection test + * - GET /integrations/gembadocs/health - Health check + * + * Audits: + * - GET /integrations/gembadocs/audits - List audits + * - GET /integrations/gembadocs/audits/upcoming - Upcoming audits + * - GET /integrations/gembadocs/audits/overdue - Overdue audits + * - GET /integrations/gembadocs/audits/:id - Get audit + * - POST /integrations/gembadocs/audits - Create audit + * - PUT /integrations/gembadocs/audits/:id - Update audit + * + * Checklists: + * - GET /integrations/gembadocs/checklists - List checklists + * - GET /integrations/gembadocs/checklists/:id - Get checklist + * + * Findings: + * - GET /integrations/gembadocs/findings - List findings + * - GET /integrations/gembadocs/findings/open - Open findings + * - PUT /integrations/gembadocs/findings/:id - Update finding + * - POST /integrations/gembadocs/findings/:id/resolve - Resolve finding + * + * Statistics: + * - GET /integrations/gembadocs/statistics - Audit statistics + * - GET /integrations/gembadocs/trends - Trend data + * - GET /integrations/gembadocs/compliance-score - Compliance score + */ +@Module({ + imports: [ConfigModule], + controllers: [GembaDocsController], + providers: [GembaDocsConnector, GembaDocsService], + exports: [GembaDocsService, GembaDocsConnector], +}) +export class GembaDocsModule {} diff --git a/apps/api/src/modules/integrations/connectors/gembadocs/gembadocs.service.ts b/apps/api/src/modules/integrations/connectors/gembadocs/gembadocs.service.ts new file mode 100644 index 0000000..d8f9016 --- /dev/null +++ b/apps/api/src/modules/integrations/connectors/gembadocs/gembadocs.service.ts @@ -0,0 +1,418 @@ +import { Injectable, Logger } from '@nestjs/common'; +import { GembaDocsConnector, ConnectorHealth } from './gembadocs.connector'; +import { + GembaAudit, + GembaChecklist, + GembaFinding, + GembaStatistics, + GembaTrendData, + ListAuditsDto, + CreateAuditDto, + UpdateAuditDto, + ListFindingsDto, + UpdateFindingDto, + ResolveFindingDto, + GetTrendsDto, + AuditResponseDto, + AuditDetailResponseDto, + FindingResponseDto, + ChecklistResponseDto, + ChecklistDetailResponseDto, + StatisticsResponseDto, + TrendResponseDto, + PaginatedAuditsResponseDto, + PaginatedFindingsResponseDto, + FindingStatus, + FindingSeverity, +} from './gembadocs.types'; + +/** + * GembaDocs Service + * + * High-level service for interacting with GembaDocs audit and checklist management system. + * Wraps the connector with additional business logic, data transformation, and logging. + */ +@Injectable() +export class GembaDocsService { + private readonly logger = new Logger(GembaDocsService.name); + + constructor(private readonly connector: GembaDocsConnector) {} + + // ============ Health & Status ============ + + /** + * Check health status of the GembaDocs integration + */ + async checkHealth(): Promise { + this.logger.debug('Checking GembaDocs connector health'); + return this.connector.checkHealth(); + } + + /** + * Test connection to GembaDocs + */ + async testConnection(): Promise<{ success: boolean; message: string; latency?: number }> { + this.logger.log('Testing GembaDocs connection'); + const result = await this.connector.testConnection(); + this.logger.log( + `GembaDocs connection test: ${result.success ? 'SUCCESS' : 'FAILED'} - ${result.message}`, + ); + return result; + } + + /** + * Check if connector is configured + */ + isConfigured(): boolean { + return this.connector.isConfigured(); + } + + /** + * Get missing configuration items + */ + getMissingConfig(): string[] { + return this.connector.getMissingConfig(); + } + + // ============ Audits ============ + + /** + * List audits with optional filters + */ + async listAudits(params: ListAuditsDto = {}): Promise { + this.logger.debug(`Listing audits with params: ${JSON.stringify(params)}`); + + const result = await this.connector.listAudits(params); + + this.logger.debug(`Found ${result.audits.length} audits`); + + return { + audits: result.audits.map((audit) => this.transformAuditToResponse(audit)), + total: result.pagination.total, + page: result.pagination.page, + pageSize: result.pagination.pageSize, + totalPages: result.pagination.totalPages, + }; + } + + /** + * Get a single audit by ID + */ + async getAudit(id: string): Promise { + this.logger.debug(`Getting audit: ${id}`); + const audit = await this.connector.getAudit(id); + return this.transformAuditToDetailResponse(audit); + } + + /** + * Get upcoming audits + */ + async getUpcomingAudits(days: number = 7, limit: number = 10): Promise { + this.logger.debug(`Getting upcoming audits for next ${days} days`); + const audits = await this.connector.getUpcomingAudits(days, limit); + this.logger.debug(`Found ${audits.length} upcoming audits`); + return audits.map((audit) => this.transformAuditToResponse(audit)); + } + + /** + * Get overdue audits + */ + async getOverdueAudits(limit: number = 10): Promise { + this.logger.debug('Getting overdue audits'); + const audits = await this.connector.getOverdueAudits(limit); + this.logger.debug(`Found ${audits.length} overdue audits`); + return audits.map((audit) => this.transformAuditToResponse(audit)); + } + + /** + * Create a new audit + */ + async createAudit(data: CreateAuditDto): Promise { + this.logger.log(`Creating audit: ${data.title}`); + const audit = await this.connector.createAudit(data); + this.logger.log(`Created audit: ${audit.id}`); + return this.transformAuditToDetailResponse(audit); + } + + /** + * Update an audit + */ + async updateAudit(id: string, data: UpdateAuditDto): Promise { + this.logger.log(`Updating audit: ${id}`); + const audit = await this.connector.updateAudit(id, data); + this.logger.log(`Updated audit: ${audit.id}`); + return this.transformAuditToDetailResponse(audit); + } + + // ============ Checklists ============ + + /** + * List all checklist templates + */ + async listChecklists(): Promise { + this.logger.debug('Listing checklists'); + const checklists = await this.connector.listChecklists(); + this.logger.debug(`Found ${checklists.length} checklists`); + return checklists.map((checklist) => this.transformChecklistToResponse(checklist)); + } + + /** + * Get a single checklist by ID + */ + async getChecklist(id: string): Promise { + this.logger.debug(`Getting checklist: ${id}`); + const checklist = await this.connector.getChecklist(id); + return this.transformChecklistToDetailResponse(checklist); + } + + // ============ Findings ============ + + /** + * List findings with optional filters + */ + async listFindings(params: ListFindingsDto = {}): Promise { + this.logger.debug(`Listing findings with params: ${JSON.stringify(params)}`); + + const result = await this.connector.listFindings(params); + + this.logger.debug(`Found ${result.findings.length} findings`); + + return { + findings: result.findings.map((finding) => this.transformFindingToResponse(finding)), + total: result.pagination.total, + page: result.pagination.page, + pageSize: result.pagination.pageSize, + totalPages: result.pagination.totalPages, + }; + } + + /** + * Get open findings + */ + async getOpenFindings(limit: number = 20): Promise { + this.logger.debug('Getting open findings'); + const findings = await this.connector.getOpenFindings(limit); + this.logger.debug(`Found ${findings.length} open findings`); + return findings.map((finding) => this.transformFindingToResponse(finding)); + } + + /** + * Update a finding + */ + async updateFinding(id: string, data: UpdateFindingDto): Promise { + this.logger.log(`Updating finding: ${id}`); + const finding = await this.connector.updateFinding(id, data); + this.logger.log(`Updated finding: ${finding.id}`); + return this.transformFindingToResponse(finding); + } + + /** + * Resolve a finding + */ + async resolveFinding(id: string, data: ResolveFindingDto): Promise { + this.logger.log(`Resolving finding: ${id}`); + const finding = await this.connector.resolveFinding(id, data); + this.logger.log(`Resolved finding: ${finding.id}`); + return this.transformFindingToResponse(finding); + } + + /** + * Get critical findings count (high and critical severity, open status) + */ + async getCriticalFindingsCount(): Promise { + this.logger.debug('Getting critical findings count'); + + // Get high severity findings + const highResult = await this.connector.listFindings({ + severity: FindingSeverity.HIGH, + status: FindingStatus.OPEN, + pageSize: 1, + }); + + // Get critical severity findings + const criticalResult = await this.connector.listFindings({ + severity: FindingSeverity.CRITICAL, + status: FindingStatus.OPEN, + pageSize: 1, + }); + + const count = highResult.pagination.total + criticalResult.pagination.total; + this.logger.debug(`Found ${count} critical/high severity open findings`); + return count; + } + + // ============ Statistics & Trends ============ + + /** + * Get audit statistics + */ + async getStatistics(department?: string): Promise { + this.logger.debug(`Getting statistics${department ? ` for department: ${department}` : ''}`); + const stats = await this.connector.getStatistics(department); + return this.transformStatisticsToResponse(stats); + } + + /** + * Get trend data for charts + */ + async getTrends(params: GetTrendsDto = {}): Promise { + this.logger.debug(`Getting trends with params: ${JSON.stringify(params)}`); + const trends = await this.connector.getTrends(params); + return { + period: trends.period, + startDate: trends.startDate, + endDate: trends.endDate, + dataPoints: trends.dataPoints, + }; + } + + /** + * Get compliance score (percentage of completed audits with score >= threshold) + */ + async getComplianceScore(threshold: number = 80): Promise<{ + score: number; + trend: 'up' | 'down' | 'stable'; + change: number; + }> { + this.logger.debug(`Calculating compliance score with threshold: ${threshold}`); + const stats = await this.connector.getStatistics(); + + // Calculate trend based on historical data + const complianceTrend = stats.complianceTrend || []; + let trend: 'up' | 'down' | 'stable' = 'stable'; + let change = 0; + + if (complianceTrend.length >= 2) { + const latest = complianceTrend[complianceTrend.length - 1]; + const previous = complianceTrend[complianceTrend.length - 2]; + change = latest.score - previous.score; + + if (change > 1) { + trend = 'up'; + } else if (change < -1) { + trend = 'down'; + } + } + + return { + score: stats.averageComplianceScore, + trend, + change: Math.round(change * 10) / 10, + }; + } + + // ============ Data Transformers ============ + + private transformAuditToResponse(audit: GembaAudit): AuditResponseDto { + return { + id: audit.id, + title: audit.title, + type: audit.type, + status: audit.status, + scheduledDate: audit.scheduledDate, + completedDate: audit.completedDate, + auditor: { + id: audit.auditor.id, + name: audit.auditor.name, + email: audit.auditor.email, + department: audit.auditor.department, + }, + department: audit.department, + location: audit.location, + score: audit.score, + maxScore: audit.maxScore, + findingsCount: audit.findings?.length || 0, + createdAt: audit.createdAt, + updatedAt: audit.updatedAt, + }; + } + + private transformAuditToDetailResponse(audit: GembaAudit): AuditDetailResponseDto { + return { + ...this.transformAuditToResponse(audit), + checklist: audit.checklist, + findings: audit.findings || [], + notes: audit.notes, + }; + } + + private transformFindingToResponse(finding: GembaFinding): FindingResponseDto { + const isOverdue = + finding.dueDate && + new Date(finding.dueDate) < new Date() && + finding.status !== FindingStatus.RESOLVED && + finding.status !== FindingStatus.VERIFIED; + + return { + id: finding.id, + auditId: finding.auditId, + title: finding.title, + description: finding.description, + severity: finding.severity, + status: finding.status, + dueDate: finding.dueDate, + assignee: finding.assignee + ? { + id: finding.assignee.id, + name: finding.assignee.name, + email: finding.assignee.email, + department: finding.assignee.department, + } + : undefined, + photos: finding.photos || [], + correctiveAction: finding.correctiveAction, + rootCause: finding.rootCause, + createdAt: finding.createdAt, + updatedAt: finding.updatedAt, + resolvedAt: finding.resolvedAt, + isOverdue: !!isOverdue, + }; + } + + private transformChecklistToResponse(checklist: GembaChecklist): ChecklistResponseDto { + return { + id: checklist.id, + name: checklist.name, + version: checklist.version, + description: checklist.description, + totalItems: checklist.totalItems, + categoryCount: checklist.categories?.length || 0, + createdAt: checklist.createdAt, + updatedAt: checklist.updatedAt, + }; + } + + private transformChecklistToDetailResponse( + checklist: GembaChecklist, + ): ChecklistDetailResponseDto { + return { + ...this.transformChecklistToResponse(checklist), + categories: checklist.categories || [], + }; + } + + private transformStatisticsToResponse(stats: GembaStatistics): StatisticsResponseDto { + // Calculate compliance score change from trend + let complianceScoreChange = 0; + if (stats.complianceTrend && stats.complianceTrend.length >= 2) { + const latest = stats.complianceTrend[stats.complianceTrend.length - 1]; + const previous = stats.complianceTrend[stats.complianceTrend.length - 2]; + complianceScoreChange = Math.round((latest.score - previous.score) * 10) / 10; + } + + return { + totalAudits: stats.totalAudits, + completedAudits: stats.completedAudits, + scheduledAudits: stats.scheduledAudits, + overdueAudits: stats.overdueAudits, + totalFindings: stats.totalFindings, + openFindings: stats.openFindings, + resolvedFindings: stats.resolvedFindings, + averageComplianceScore: stats.averageComplianceScore, + complianceScoreChange, + auditsByType: stats.auditsByType as Record, + findingsBySeverity: stats.findingsBySeverity as Record, + findingsByStatus: stats.findingsByStatus as Record, + }; + } +} diff --git a/apps/api/src/modules/integrations/connectors/gembadocs/gembadocs.types.ts b/apps/api/src/modules/integrations/connectors/gembadocs/gembadocs.types.ts new file mode 100644 index 0000000..d63886c --- /dev/null +++ b/apps/api/src/modules/integrations/connectors/gembadocs/gembadocs.types.ts @@ -0,0 +1,706 @@ +import { + IsString, + IsOptional, + IsNumber, + IsArray, + IsDateString, + IsEnum, + IsBoolean, + ValidateNested, + Min, + Max, +} from 'class-validator'; +import { ApiProperty, ApiPropertyOptional } from '@nestjs/swagger'; +import { Type } from 'class-transformer'; + +/** + * GembaDocs API Types and DTOs + * + * GembaDocs is an audit and checklist management system for manufacturing + * and quality assurance processes (e.g., Layered Process Audits, 5S audits). + */ + +// ============ Enums ============ + +export enum AuditType { + LAYERED_PROCESS = 'layered_process', + SAFETY = 'safety', + FIVE_S = '5s', + QUALITY = 'quality', + CUSTOM = 'custom', +} + +export enum AuditStatus { + SCHEDULED = 'scheduled', + IN_PROGRESS = 'in_progress', + COMPLETED = 'completed', + CANCELLED = 'cancelled', +} + +export enum FindingSeverity { + LOW = 'low', + MEDIUM = 'medium', + HIGH = 'high', + CRITICAL = 'critical', +} + +export enum FindingStatus { + OPEN = 'open', + IN_PROGRESS = 'in_progress', + RESOLVED = 'resolved', + VERIFIED = 'verified', +} + +export enum ChecklistItemType { + YES_NO = 'yes_no', + RATING = 'rating', + TEXT = 'text', + PHOTO = 'photo', +} + +// ============ API Response Types ============ + +export interface GembaUser { + id: string; + name: string; + email?: string; + department?: string; +} + +export interface GembaAudit { + id: string; + title: string; + type: AuditType; + status: AuditStatus; + scheduledDate: string; + completedDate?: string; + auditor: GembaUser; + department?: string; + location?: string; + checklist?: GembaChecklist; + findings: GembaFinding[]; + score?: number; + maxScore?: number; + notes?: string; + createdAt: string; + updatedAt: string; +} + +export interface GembaChecklist { + id: string; + name: string; + version: string; + description?: string; + categories: GembaChecklistCategory[]; + totalItems: number; + completedItems: number; + createdAt: string; + updatedAt: string; +} + +export interface GembaChecklistCategory { + id: string; + name: string; + description?: string; + sortOrder: number; + items: GembaChecklistItem[]; +} + +export interface GembaChecklistItem { + id: string; + question: string; + type: ChecklistItemType; + required: boolean; + answer?: string | number | boolean | null; + score?: number; + maxScore?: number; + note?: string; + photoUrl?: string; + sortOrder: number; +} + +export interface GembaFinding { + id: string; + auditId: string; + title: string; + description: string; + severity: FindingSeverity; + status: FindingStatus; + dueDate?: string; + assignee?: GembaUser; + photos: string[]; + correctiveAction?: string; + rootCause?: string; + checklistItemId?: string; + createdAt: string; + updatedAt: string; + resolvedAt?: string; + verifiedAt?: string; + verifiedBy?: GembaUser; +} + +export interface GembaAttachment { + id: string; + fileName: string; + fileSize: number; + mimeType: string; + url: string; + thumbnailUrl?: string; + uploadedAt: string; + uploadedBy: GembaUser; +} + +export interface GembaStatistics { + totalAudits: number; + completedAudits: number; + scheduledAudits: number; + overdueAudits: number; + totalFindings: number; + openFindings: number; + resolvedFindings: number; + averageComplianceScore: number; + auditsByType: Record; + findingsBySeverity: Record; + findingsByStatus: Record; + complianceTrend: GembaComplianceTrendPoint[]; +} + +export interface GembaComplianceTrendPoint { + date: string; + score: number; + auditCount: number; +} + +export interface GembaTrendData { + period: string; + startDate: string; + endDate: string; + dataPoints: GembaTrendDataPoint[]; +} + +export interface GembaTrendDataPoint { + date: string; + totalAudits: number; + completedAudits: number; + complianceScore: number; + findingsCreated: number; + findingsResolved: number; +} + +export interface GembaApiResponse { + success: boolean; + data?: T; + error?: { + code: string; + message: string; + }; + pagination?: { + page: number; + pageSize: number; + total: number; + totalPages: number; + }; +} + +// ============ Request DTOs ============ + +export class ListAuditsDto { + @ApiPropertyOptional({ description: 'Filter by audit type', enum: AuditType }) + @IsOptional() + @IsEnum(AuditType) + type?: AuditType; + + @ApiPropertyOptional({ description: 'Filter by audit status', enum: AuditStatus }) + @IsOptional() + @IsEnum(AuditStatus) + status?: AuditStatus; + + @ApiPropertyOptional({ description: 'Filter by department' }) + @IsOptional() + @IsString() + department?: string; + + @ApiPropertyOptional({ description: 'Filter by location' }) + @IsOptional() + @IsString() + location?: string; + + @ApiPropertyOptional({ description: 'Filter by auditor ID' }) + @IsOptional() + @IsString() + auditorId?: string; + + @ApiPropertyOptional({ description: 'Start date filter (YYYY-MM-DD)' }) + @IsOptional() + @IsDateString() + dateFrom?: string; + + @ApiPropertyOptional({ description: 'End date filter (YYYY-MM-DD)' }) + @IsOptional() + @IsDateString() + dateTo?: string; + + @ApiPropertyOptional({ description: 'Page number', default: 1 }) + @IsOptional() + @IsNumber() + @Min(1) + page?: number; + + @ApiPropertyOptional({ description: 'Items per page', default: 20 }) + @IsOptional() + @IsNumber() + @Min(1) + @Max(100) + pageSize?: number; +} + +export class CreateAuditDto { + @ApiProperty({ description: 'Audit title' }) + @IsString() + title: string; + + @ApiProperty({ description: 'Audit type', enum: AuditType }) + @IsEnum(AuditType) + type: AuditType; + + @ApiProperty({ description: 'Scheduled date (YYYY-MM-DD)' }) + @IsDateString() + scheduledDate: string; + + @ApiProperty({ description: 'Auditor ID' }) + @IsString() + auditorId: string; + + @ApiPropertyOptional({ description: 'Checklist template ID' }) + @IsOptional() + @IsString() + checklistId?: string; + + @ApiPropertyOptional({ description: 'Department' }) + @IsOptional() + @IsString() + department?: string; + + @ApiPropertyOptional({ description: 'Location' }) + @IsOptional() + @IsString() + location?: string; + + @ApiPropertyOptional({ description: 'Additional notes' }) + @IsOptional() + @IsString() + notes?: string; +} + +export class UpdateAuditDto { + @ApiPropertyOptional({ description: 'Audit title' }) + @IsOptional() + @IsString() + title?: string; + + @ApiPropertyOptional({ description: 'Audit status', enum: AuditStatus }) + @IsOptional() + @IsEnum(AuditStatus) + status?: AuditStatus; + + @ApiPropertyOptional({ description: 'Scheduled date (YYYY-MM-DD)' }) + @IsOptional() + @IsDateString() + scheduledDate?: string; + + @ApiPropertyOptional({ description: 'Completed date (YYYY-MM-DD)' }) + @IsOptional() + @IsDateString() + completedDate?: string; + + @ApiPropertyOptional({ description: 'Auditor ID' }) + @IsOptional() + @IsString() + auditorId?: string; + + @ApiPropertyOptional({ description: 'Department' }) + @IsOptional() + @IsString() + department?: string; + + @ApiPropertyOptional({ description: 'Location' }) + @IsOptional() + @IsString() + location?: string; + + @ApiPropertyOptional({ description: 'Additional notes' }) + @IsOptional() + @IsString() + notes?: string; + + @ApiPropertyOptional({ description: 'Score achieved' }) + @IsOptional() + @IsNumber() + @Min(0) + score?: number; +} + +export class ListFindingsDto { + @ApiPropertyOptional({ description: 'Filter by audit ID' }) + @IsOptional() + @IsString() + auditId?: string; + + @ApiPropertyOptional({ description: 'Filter by severity', enum: FindingSeverity }) + @IsOptional() + @IsEnum(FindingSeverity) + severity?: FindingSeverity; + + @ApiPropertyOptional({ description: 'Filter by status', enum: FindingStatus }) + @IsOptional() + @IsEnum(FindingStatus) + status?: FindingStatus; + + @ApiPropertyOptional({ description: 'Filter by assignee ID' }) + @IsOptional() + @IsString() + assigneeId?: string; + + @ApiPropertyOptional({ description: 'Filter overdue findings only' }) + @IsOptional() + @IsBoolean() + overdueOnly?: boolean; + + @ApiPropertyOptional({ description: 'Page number', default: 1 }) + @IsOptional() + @IsNumber() + @Min(1) + page?: number; + + @ApiPropertyOptional({ description: 'Items per page', default: 20 }) + @IsOptional() + @IsNumber() + @Min(1) + @Max(100) + pageSize?: number; +} + +export class UpdateFindingDto { + @ApiPropertyOptional({ description: 'Finding title' }) + @IsOptional() + @IsString() + title?: string; + + @ApiPropertyOptional({ description: 'Finding description' }) + @IsOptional() + @IsString() + description?: string; + + @ApiPropertyOptional({ description: 'Severity level', enum: FindingSeverity }) + @IsOptional() + @IsEnum(FindingSeverity) + severity?: FindingSeverity; + + @ApiPropertyOptional({ description: 'Status', enum: FindingStatus }) + @IsOptional() + @IsEnum(FindingStatus) + status?: FindingStatus; + + @ApiPropertyOptional({ description: 'Due date (YYYY-MM-DD)' }) + @IsOptional() + @IsDateString() + dueDate?: string; + + @ApiPropertyOptional({ description: 'Assignee ID' }) + @IsOptional() + @IsString() + assigneeId?: string; + + @ApiPropertyOptional({ description: 'Corrective action description' }) + @IsOptional() + @IsString() + correctiveAction?: string; + + @ApiPropertyOptional({ description: 'Root cause analysis' }) + @IsOptional() + @IsString() + rootCause?: string; +} + +export class ResolveFindingDto { + @ApiProperty({ description: 'Resolution notes' }) + @IsString() + resolutionNotes: string; + + @ApiPropertyOptional({ description: 'Corrective action taken' }) + @IsOptional() + @IsString() + correctiveAction?: string; + + @ApiPropertyOptional({ description: 'Root cause identified' }) + @IsOptional() + @IsString() + rootCause?: string; + + @ApiPropertyOptional({ description: 'Verification required', default: false }) + @IsOptional() + @IsBoolean() + requiresVerification?: boolean; +} + +export class GetTrendsDto { + @ApiPropertyOptional({ description: 'Period: week, month, quarter, year', default: 'month' }) + @IsOptional() + @IsString() + period?: 'week' | 'month' | 'quarter' | 'year'; + + @ApiPropertyOptional({ description: 'Start date (YYYY-MM-DD)' }) + @IsOptional() + @IsDateString() + startDate?: string; + + @ApiPropertyOptional({ description: 'End date (YYYY-MM-DD)' }) + @IsOptional() + @IsDateString() + endDate?: string; + + @ApiPropertyOptional({ description: 'Filter by department' }) + @IsOptional() + @IsString() + department?: string; + + @ApiPropertyOptional({ description: 'Filter by audit type', enum: AuditType }) + @IsOptional() + @IsEnum(AuditType) + auditType?: AuditType; +} + +// ============ Response DTOs ============ + +export class AuditorResponseDto { + @ApiProperty() + id: string; + + @ApiProperty() + name: string; + + @ApiPropertyOptional() + email?: string; + + @ApiPropertyOptional() + department?: string; +} + +export class AuditResponseDto { + @ApiProperty() + id: string; + + @ApiProperty() + title: string; + + @ApiProperty({ enum: AuditType }) + type: AuditType; + + @ApiProperty({ enum: AuditStatus }) + status: AuditStatus; + + @ApiProperty() + scheduledDate: string; + + @ApiPropertyOptional() + completedDate?: string; + + @ApiProperty({ type: AuditorResponseDto }) + auditor: AuditorResponseDto; + + @ApiPropertyOptional() + department?: string; + + @ApiPropertyOptional() + location?: string; + + @ApiPropertyOptional() + score?: number; + + @ApiPropertyOptional() + maxScore?: number; + + @ApiProperty() + findingsCount: number; + + @ApiProperty() + createdAt: string; + + @ApiProperty() + updatedAt: string; +} + +export class AuditDetailResponseDto extends AuditResponseDto { + @ApiPropertyOptional() + checklist?: GembaChecklist; + + @ApiProperty({ type: [Object] }) + findings: GembaFinding[]; + + @ApiPropertyOptional() + notes?: string; +} + +export class FindingResponseDto { + @ApiProperty() + id: string; + + @ApiProperty() + auditId: string; + + @ApiProperty() + title: string; + + @ApiProperty() + description: string; + + @ApiProperty({ enum: FindingSeverity }) + severity: FindingSeverity; + + @ApiProperty({ enum: FindingStatus }) + status: FindingStatus; + + @ApiPropertyOptional() + dueDate?: string; + + @ApiPropertyOptional({ type: AuditorResponseDto }) + assignee?: AuditorResponseDto; + + @ApiProperty({ type: [String] }) + photos: string[]; + + @ApiPropertyOptional() + correctiveAction?: string; + + @ApiPropertyOptional() + rootCause?: string; + + @ApiProperty() + createdAt: string; + + @ApiProperty() + updatedAt: string; + + @ApiPropertyOptional() + resolvedAt?: string; + + @ApiProperty() + isOverdue: boolean; +} + +export class ChecklistResponseDto { + @ApiProperty() + id: string; + + @ApiProperty() + name: string; + + @ApiProperty() + version: string; + + @ApiPropertyOptional() + description?: string; + + @ApiProperty() + totalItems: number; + + @ApiProperty() + categoryCount: number; + + @ApiProperty() + createdAt: string; + + @ApiProperty() + updatedAt: string; +} + +export class ChecklistDetailResponseDto extends ChecklistResponseDto { + @ApiProperty({ type: [Object] }) + categories: GembaChecklistCategory[]; +} + +export class StatisticsResponseDto { + @ApiProperty() + totalAudits: number; + + @ApiProperty() + completedAudits: number; + + @ApiProperty() + scheduledAudits: number; + + @ApiProperty() + overdueAudits: number; + + @ApiProperty() + totalFindings: number; + + @ApiProperty() + openFindings: number; + + @ApiProperty() + resolvedFindings: number; + + @ApiProperty() + averageComplianceScore: number; + + @ApiProperty() + complianceScoreChange: number; + + @ApiProperty({ type: 'object' }) + auditsByType: Record; + + @ApiProperty({ type: 'object' }) + findingsBySeverity: Record; + + @ApiProperty({ type: 'object' }) + findingsByStatus: Record; +} + +export class TrendResponseDto { + @ApiProperty() + period: string; + + @ApiProperty() + startDate: string; + + @ApiProperty() + endDate: string; + + @ApiProperty({ type: [Object] }) + dataPoints: GembaTrendDataPoint[]; +} + +export class PaginatedAuditsResponseDto { + @ApiProperty({ type: [AuditResponseDto] }) + audits: AuditResponseDto[]; + + @ApiProperty() + total: number; + + @ApiProperty() + page: number; + + @ApiProperty() + pageSize: number; + + @ApiProperty() + totalPages: number; +} + +export class PaginatedFindingsResponseDto { + @ApiProperty({ type: [FindingResponseDto] }) + findings: FindingResponseDto[]; + + @ApiProperty() + total: number; + + @ApiProperty() + page: number; + + @ApiProperty() + pageSize: number; + + @ApiProperty() + totalPages: number; +} diff --git a/apps/api/src/modules/integrations/connectors/gembadocs/index.ts b/apps/api/src/modules/integrations/connectors/gembadocs/index.ts new file mode 100644 index 0000000..259ddf0 --- /dev/null +++ b/apps/api/src/modules/integrations/connectors/gembadocs/index.ts @@ -0,0 +1,4 @@ +export * from './gembadocs.module'; +export * from './gembadocs.connector'; +export * from './gembadocs.service'; +export * from './gembadocs.types'; diff --git a/apps/api/src/modules/integrations/connectors/index.ts b/apps/api/src/modules/integrations/connectors/index.ts new file mode 100644 index 0000000..d595451 --- /dev/null +++ b/apps/api/src/modules/integrations/connectors/index.ts @@ -0,0 +1,4 @@ +export * from './base-connector'; +// Individual connector modules re-exported from parent index.ts +// Avoid wildcard re-exports here to prevent name collisions +// (ConnectorHealth, UserResponseDto, CreateFolderDto etc. exist in multiple connectors) diff --git a/apps/api/src/modules/integrations/connectors/nextcloud/index.ts b/apps/api/src/modules/integrations/connectors/nextcloud/index.ts new file mode 100644 index 0000000..f7e08e0 --- /dev/null +++ b/apps/api/src/modules/integrations/connectors/nextcloud/index.ts @@ -0,0 +1,4 @@ +export * from './nextcloud.module'; +export * from './nextcloud.connector'; +export * from './nextcloud.service'; +export * from './nextcloud.types'; diff --git a/apps/api/src/modules/integrations/connectors/nextcloud/nextcloud.connector.ts b/apps/api/src/modules/integrations/connectors/nextcloud/nextcloud.connector.ts new file mode 100644 index 0000000..c372725 --- /dev/null +++ b/apps/api/src/modules/integrations/connectors/nextcloud/nextcloud.connector.ts @@ -0,0 +1,929 @@ +import { Injectable, Logger } from '@nestjs/common'; +import { ConfigService } from '@nestjs/config'; +import axios, { AxiosInstance, AxiosError } from 'axios'; +import { + IntegrationConnectionError, + IntegrationAuthError, + IntegrationRateLimitError, + IntegrationApiError, + IntegrationConfigError, +} from '../../errors'; + +/** + * Health status of a connector + */ +export interface ConnectorHealth { + status: 'connected' | 'error' | 'not_configured'; + lastCheck: Date; + latency?: number; + error?: string; + details?: Record; +} + +/** + * Retry configuration + */ +interface RetryConfig { + maxRetries: number; + baseDelayMs: number; + maxDelayMs: number; + jitterFactor: number; +} + +const DEFAULT_RETRY_CONFIG: RetryConfig = { + maxRetries: 3, + baseDelayMs: 1000, + maxDelayMs: 30000, + jitterFactor: 0.1, +}; + +const DEFAULT_TIMEOUT_MS = 30000; +import { + NextcloudFile, + NextcloudUser, + NextcloudShare, + NextcloudCalendarEvent, + NextcloudCalendar, + OCSResponse, + FileType, + ShareType, + SharePermission, + ListFilesDto, + CreateShareDto, + ListEventsDto, + CreateEventDto, +} from './nextcloud.types'; + +/** + * Nextcloud API Connector + * + * Provides integration with Nextcloud cloud platform. + * Features: + * - Basic Auth / App Password authentication + * - WebDAV Files API (list, upload, download, delete, move, copy) + * - OCS Share API + * - User API + * - CalDAV Calendar API (basic support) + * + * API Documentation: + * - WebDAV: https://docs.nextcloud.com/server/latest/developer_manual/client_apis/WebDAV/index.html + * - OCS: https://docs.nextcloud.com/server/latest/developer_manual/client_apis/OCS/index.html + */ +@Injectable() +export class NextcloudConnector { + private readonly logger = new Logger(NextcloudConnector.name); + private readonly integrationName = 'Nextcloud'; + private readonly httpClient: AxiosInstance; + private readonly webdavClient: AxiosInstance; + private readonly retryConfig: RetryConfig; + private isConfigured: boolean = false; + + private readonly baseUrl: string; + private readonly username: string; + private readonly password: string; + + constructor(private readonly configService: ConfigService) { + this.retryConfig = { ...DEFAULT_RETRY_CONFIG }; + + // Load configuration from environment + this.baseUrl = this.configService.get('NEXTCLOUD_URL', ''); + this.username = this.configService.get('NEXTCLOUD_USERNAME', ''); + this.password = this.configService.get('NEXTCLOUD_PASSWORD', ''); + + // Validate configuration + this.validateConfiguration(); + + const authHeader = Buffer.from(`${this.username}:${this.password}`).toString('base64'); + + // Initialize OCS API client + this.httpClient = axios.create({ + baseURL: this.baseUrl ? `${this.baseUrl}/ocs/v2.php` : undefined, + timeout: DEFAULT_TIMEOUT_MS, + headers: { + 'Content-Type': 'application/json', + 'Accept': 'application/json', + 'OCS-APIRequest': 'true', + 'Authorization': `Basic ${authHeader}`, + }, + }); + + // Initialize WebDAV client + this.webdavClient = axios.create({ + baseURL: this.baseUrl ? `${this.baseUrl}/remote.php/dav/files/${this.username}` : undefined, + timeout: DEFAULT_TIMEOUT_MS, + headers: { + 'Authorization': `Basic ${authHeader}`, + }, + }); + + this.setupInterceptors(); + + if (this.isConfigured) { + this.logger.log(`Nextcloud connector initialized with base URL: ${this.baseUrl}`); + } else { + this.logger.warn('Nextcloud connector not configured - missing credentials'); + } + } + + /** + * Validate required configuration + */ + private validateConfiguration(): void { + const missing: string[] = []; + + if (!this.baseUrl) { + missing.push('NEXTCLOUD_URL'); + } + if (!this.username) { + missing.push('NEXTCLOUD_USERNAME'); + } + if (!this.password) { + missing.push('NEXTCLOUD_PASSWORD'); + } + + this.isConfigured = missing.length === 0; + + if (!this.isConfigured) { + this.logger.warn(`Nextcloud configuration incomplete. Missing: ${missing.join(', ')}`); + } + } + + /** + * Setup axios interceptors for logging + */ + private setupInterceptors(): void { + const setupForClient = (client: AxiosInstance, name: string) => { + client.interceptors.request.use( + (config) => { + this.logger.debug(`[${this.integrationName}:${name}] Request: ${config.method?.toUpperCase()} ${config.url}`); + return config; + }, + (error) => { + this.logger.error(`[${this.integrationName}:${name}] Request error: ${error.message}`); + return Promise.reject(error); + }, + ); + + client.interceptors.response.use( + (response) => { + this.logger.debug(`[${this.integrationName}:${name}] Response: ${response.status}`); + return response; + }, + (error) => { + if (error.response) { + this.logger.warn( + `[${this.integrationName}:${name}] Response error: ${error.response.status}`, + ); + } + return Promise.reject(error); + }, + ); + }; + + setupForClient(this.httpClient, 'OCS'); + setupForClient(this.webdavClient, 'WebDAV'); + } + + /** + * Ensure the connector is configured before making API calls + */ + private ensureConfigured(): void { + if (!this.isConfigured) { + throw new IntegrationConfigError(this.integrationName, [ + 'NEXTCLOUD_URL', + 'NEXTCLOUD_USERNAME', + 'NEXTCLOUD_PASSWORD', + ]); + } + } + + /** + * Execute request with retry logic + */ + private async executeWithRetry( + requestFn: () => Promise, + operation: string, + ): Promise { + let lastError: Error | undefined; + let attempt = 0; + + while (attempt <= this.retryConfig.maxRetries) { + try { + return await requestFn(); + } catch (error) { + lastError = error as Error; + attempt++; + + const shouldRetry = this.shouldRetry(error as AxiosError, attempt); + if (!shouldRetry) { + break; + } + + const delay = this.calculateDelay(attempt); + this.logger.warn( + `[${this.integrationName}] ${operation} failed (attempt ${attempt}/${this.retryConfig.maxRetries}), retrying in ${delay}ms`, + ); + + await this.sleep(delay); + } + } + + throw this.mapError(lastError as AxiosError, operation); + } + + /** + * Determine if request should be retried + */ + private shouldRetry(error: AxiosError, attempt: number): boolean { + if (attempt > this.retryConfig.maxRetries) { + return false; + } + + if (!error.response) { + return true; + } + + const status = error.response.status; + return status >= 500 || status === 429; + } + + /** + * Calculate delay with exponential backoff and jitter + */ + private calculateDelay(attempt: number): number { + const delay = Math.min( + this.retryConfig.baseDelayMs * Math.pow(2, attempt - 1), + this.retryConfig.maxDelayMs, + ); + const jitter = delay * this.retryConfig.jitterFactor * Math.random(); + return Math.floor(delay + jitter); + } + + /** + * Map axios errors to integration errors + */ + private mapError(error: AxiosError, operation: string): Error { + if (!error.response) { + if (error.code === 'ECONNABORTED' || error.message.includes('timeout')) { + return new IntegrationConnectionError( + this.integrationName, + `Request timeout during ${operation}`, + error, + ); + } + return new IntegrationConnectionError( + this.integrationName, + `Connection failed during ${operation}: ${error.message}`, + error, + ); + } + + const status = error.response.status; + const responseData = error.response.data as Record; + const message = (responseData?.message as string) || error.message; + + switch (status) { + case 401: + return new IntegrationAuthError( + this.integrationName, + `Authentication failed: Invalid credentials`, + error, + ); + case 403: + return new IntegrationAuthError( + this.integrationName, + `Access forbidden: ${message}`, + error, + ); + case 429: + const retryAfter = parseInt(error.response.headers['retry-after'] || '60', 10); + return new IntegrationRateLimitError( + this.integrationName, + `Rate limit exceeded`, + retryAfter, + error, + ); + default: + return new IntegrationApiError( + this.integrationName, + `${operation} failed: ${message}`, + status, + undefined, + error, + ); + } + } + + /** + * Sleep helper + */ + private sleep(ms: number): Promise { + return new Promise((resolve) => setTimeout(resolve, ms)); + } + + /** + * Parse WebDAV PROPFIND response + */ + private parseWebDAVResponse(xmlData: string, basePath: string): NextcloudFile[] { + // Simple XML parsing for WebDAV responses + // In production, consider using a proper XML parser like fast-xml-parser + const files: NextcloudFile[] = []; + const responseRegex = /([\s\S]*?)<\/d:response>/g; + let match; + + while ((match = responseRegex.exec(xmlData)) !== null) { + const response = match[1]; + + const hrefMatch = /(.*?)<\/d:href>/.exec(response); + const href = hrefMatch ? decodeURIComponent(hrefMatch[1]) : ''; + + // Extract path relative to user files + const pathPrefix = `/remote.php/dav/files/${this.username}`; + let path = href.replace(pathPrefix, '') || '/'; + if (path !== '/' && path.endsWith('/')) { + path = path.slice(0, -1); + } + + // Skip the root if listing root + if (path === basePath && basePath !== '/') { + continue; + } + + const isDirectory = response.includes(']*>([^<]*)<\/${tag}>`, 'i'); + const match = regex.exec(xml); + return match ? match[1].trim() : null; + } + + // ============ Health & Connection ============ + + /** + * Check connector health + */ + async checkHealth(): Promise { + if (!this.isConfigured) { + return { + status: 'not_configured', + lastCheck: new Date(), + error: 'Nextcloud connector is not configured', + }; + } + + const startTime = Date.now(); + try { + await this.httpClient.get('/cloud/user?format=json'); + return { + status: 'connected', + lastCheck: new Date(), + latency: Date.now() - startTime, + }; + } catch (error) { + return { + status: 'error', + lastCheck: new Date(), + latency: Date.now() - startTime, + error: (error as Error).message, + }; + } + } + + /** + * Test connection to Nextcloud + */ + async testConnection(): Promise<{ success: boolean; message: string; latency?: number }> { + this.ensureConfigured(); + + const startTime = Date.now(); + try { + const response = await this.httpClient.get>('/cloud/user?format=json'); + const latency = Date.now() - startTime; + + const user = response.data.ocs.data; + + return { + success: true, + message: `Successfully connected as ${user.displayName || user.id}`, + latency, + }; + } catch (error) { + throw this.mapError(error as AxiosError, 'testConnection'); + } + } + + /** + * Check if connector is configured + */ + getIsConfigured(): boolean { + return this.isConfigured; + } + + // ============ Files API (WebDAV) ============ + + /** + * List files in a directory + */ + async listFiles(params: ListFilesDto = {}): Promise { + this.ensureConfigured(); + + const path = params.path || '/'; + + return this.executeWithRetry(async () => { + const propfindBody = ` + + + + + + + + + + + + + + `; + + const response = await this.webdavClient.request({ + method: 'PROPFIND', + url: path, + headers: { + 'Depth': (params.depth ?? 1).toString(), + 'Content-Type': 'application/xml', + }, + data: propfindBody, + }); + + let files = this.parseWebDAVResponse(response.data, path); + + // Apply filters + if (params.filesOnly) { + files = files.filter((f) => f.type === FileType.FILE); + } + if (params.dirsOnly) { + files = files.filter((f) => f.type === FileType.DIRECTORY); + } + + return files; + }, 'listFiles'); + } + + /** + * Get file info + */ + async getFileInfo(path: string): Promise { + this.ensureConfigured(); + + return this.executeWithRetry(async () => { + const propfindBody = ` + + + + + + + + + + + + + + `; + + const response = await this.webdavClient.request({ + method: 'PROPFIND', + url: path, + headers: { + 'Depth': '0', + 'Content-Type': 'application/xml', + }, + data: propfindBody, + }); + + const files = this.parseWebDAVResponse(response.data, path); + if (files.length === 0) { + // The requested file itself is returned when depth is 0 + const allFiles = this.parseWebDAVResponse(response.data, ''); + if (allFiles.length > 0) { + return allFiles[0]; + } + throw new IntegrationApiError(this.integrationName, `File not found: ${path}`, 404); + } + return files[0]; + }, 'getFileInfo'); + } + + /** + * Upload a file + */ + async uploadFile( + path: string, + content: Buffer | string, + contentType?: string, + ): Promise { + this.ensureConfigured(); + + return this.executeWithRetry(async () => { + await this.webdavClient.put(path, content, { + headers: { + 'Content-Type': contentType || 'application/octet-stream', + }, + }); + + // Return file info after upload + return this.getFileInfo(path); + }, 'uploadFile'); + } + + /** + * Download a file + */ + async downloadFile(path: string): Promise { + this.ensureConfigured(); + + return this.executeWithRetry(async () => { + const response = await this.webdavClient.get(path, { + responseType: 'arraybuffer', + }); + return Buffer.from(response.data); + }, 'downloadFile'); + } + + /** + * Delete a file or folder + */ + async deleteFile(path: string): Promise { + this.ensureConfigured(); + + return this.executeWithRetry(async () => { + await this.webdavClient.delete(path); + }, 'deleteFile'); + } + + /** + * Create a folder + */ + async createFolder(path: string): Promise { + this.ensureConfigured(); + + return this.executeWithRetry(async () => { + await this.webdavClient.request({ + method: 'MKCOL', + url: path, + }); + + return this.getFileInfo(path); + }, 'createFolder'); + } + + /** + * Move a file or folder + */ + async moveFile(source: string, destination: string, overwrite: boolean = false): Promise { + this.ensureConfigured(); + + return this.executeWithRetry(async () => { + await this.webdavClient.request({ + method: 'MOVE', + url: source, + headers: { + 'Destination': `${this.baseUrl}/remote.php/dav/files/${this.username}${destination}`, + 'Overwrite': overwrite ? 'T' : 'F', + }, + }); + }, 'moveFile'); + } + + /** + * Copy a file or folder + */ + async copyFile(source: string, destination: string, overwrite: boolean = false): Promise { + this.ensureConfigured(); + + return this.executeWithRetry(async () => { + await this.webdavClient.request({ + method: 'COPY', + url: source, + headers: { + 'Destination': `${this.baseUrl}/remote.php/dav/files/${this.username}${destination}`, + 'Overwrite': overwrite ? 'T' : 'F', + }, + }); + }, 'copyFile'); + } + + // ============ Share API ============ + + /** + * Get shares for a path + */ + async getShares(path?: string): Promise { + this.ensureConfigured(); + + return this.executeWithRetry(async () => { + const params: Record = { format: 'json' }; + if (path) { + params.path = path; + } + + const response = await this.httpClient.get>( + '/apps/files_sharing/api/v1/shares', + { params }, + ); + + return response.data.ocs.data; + }, 'getShares'); + } + + /** + * Create a share + */ + async createShare(data: CreateShareDto): Promise { + this.ensureConfigured(); + + return this.executeWithRetry(async () => { + const formData = new URLSearchParams(); + formData.append('path', data.path); + formData.append('shareType', data.shareType.toString()); + + if (data.shareWith) { + formData.append('shareWith', data.shareWith); + } + if (data.permissions !== undefined) { + formData.append('permissions', data.permissions.toString()); + } + if (data.password) { + formData.append('password', data.password); + } + if (data.expireDate) { + formData.append('expireDate', data.expireDate); + } + if (data.note) { + formData.append('note', data.note); + } + + const response = await this.httpClient.post>( + '/apps/files_sharing/api/v1/shares?format=json', + formData.toString(), + { + headers: { + 'Content-Type': 'application/x-www-form-urlencoded', + }, + }, + ); + + return response.data.ocs.data; + }, 'createShare'); + } + + /** + * Delete a share + */ + async deleteShare(shareId: number): Promise { + this.ensureConfigured(); + + return this.executeWithRetry(async () => { + await this.httpClient.delete(`/apps/files_sharing/api/v1/shares/${shareId}?format=json`); + }, 'deleteShare'); + } + + // ============ User API ============ + + /** + * Get current user info + */ + async getCurrentUser(): Promise { + this.ensureConfigured(); + + return this.executeWithRetry(async () => { + const response = await this.httpClient.get>('/cloud/user?format=json'); + return response.data.ocs.data; + }, 'getCurrentUser'); + } + + /** + * Get user quota + */ + async getUserQuota(): Promise<{ used: number; total: number; free: number; relative: number }> { + this.ensureConfigured(); + + const user = await this.getCurrentUser(); + return user.quota; + } + + // ============ Calendar API (CalDAV) ============ + + /** + * List calendars + * Note: This is a simplified implementation. Full CalDAV support would require + * a dedicated CalDAV library. + */ + async listCalendars(): Promise { + this.ensureConfigured(); + + return this.executeWithRetry(async () => { + const calDavClient = axios.create({ + baseURL: `${this.baseUrl}/remote.php/dav/calendars/${this.username}`, + timeout: DEFAULT_TIMEOUT_MS, + headers: { + 'Authorization': `Basic ${Buffer.from(`${this.username}:${this.password}`).toString('base64')}`, + }, + }); + + const propfindBody = ` + + + + + + + + `; + + const response = await calDavClient.request({ + method: 'PROPFIND', + url: '/', + headers: { + 'Depth': '1', + 'Content-Type': 'application/xml', + }, + data: propfindBody, + }); + + // Parse calendars from response + const calendars: NextcloudCalendar[] = []; + const responseRegex = /([\s\S]*?)<\/d:response>/g; + let match; + + while ((match = responseRegex.exec(response.data)) !== null) { + const resp = match[1]; + + // Only include calendar collections + if (!resp.includes('(.*?)<\/d:href>/.exec(resp); + const href = hrefMatch ? decodeURIComponent(hrefMatch[1]) : ''; + const displayName = this.extractXmlValue(resp, 'd:displayname') || ''; + + if (displayName) { + calendars.push({ + id: href.split('/').filter(Boolean).pop() || '', + displayName, + color: '#0082c9', + owner: this.username, + permissions: ['read', 'write'], + isWritable: true, + isShared: false, + }); + } + } + + return calendars; + }, 'listCalendars'); + } + + /** + * List calendar events + * Note: Simplified implementation returning basic event data + */ + async listEvents(params: ListEventsDto = {}): Promise { + this.ensureConfigured(); + + const calendarId = params.calendarId || 'personal'; + + return this.executeWithRetry(async () => { + const calDavClient = axios.create({ + baseURL: `${this.baseUrl}/remote.php/dav/calendars/${this.username}/${calendarId}`, + timeout: DEFAULT_TIMEOUT_MS, + headers: { + 'Authorization': `Basic ${Buffer.from(`${this.username}:${this.password}`).toString('base64')}`, + }, + }); + + // Build time-range filter if dates provided + let timeRangeFilter = ''; + if (params.start || params.end) { + const start = params.start || '19700101T000000Z'; + const end = params.end || '20991231T235959Z'; + timeRangeFilter = ``; + } + + const reportBody = ` + + + + + + + + + ${timeRangeFilter} + + + + `; + + const response = await calDavClient.request({ + method: 'REPORT', + url: '/', + headers: { + 'Depth': '1', + 'Content-Type': 'application/xml', + }, + data: reportBody, + }); + + // Parse events from iCalendar data + const events: NextcloudCalendarEvent[] = []; + const calDataRegex = /]*>([\s\S]*?)<\/cal:calendar-data>/g; + let match; + + while ((match = calDataRegex.exec(response.data)) !== null) { + const icalData = match[1]; + const event = this.parseICalEvent(icalData, calendarId); + if (event) { + events.push(event); + } + } + + return events; + }, 'listEvents'); + } + + /** + * Parse iCalendar event data + */ + private parseICalEvent(icalData: string, calendarId: string): NextcloudCalendarEvent | null { + const uidMatch = /UID:(.+)/i.exec(icalData); + const summaryMatch = /SUMMARY:(.+)/i.exec(icalData); + const descriptionMatch = /DESCRIPTION:(.+)/i.exec(icalData); + const locationMatch = /LOCATION:(.+)/i.exec(icalData); + const dtStartMatch = /DTSTART[^:]*:(.+)/i.exec(icalData); + const dtEndMatch = /DTEND[^:]*:(.+)/i.exec(icalData); + const createdMatch = /CREATED:(.+)/i.exec(icalData); + const lastModMatch = /LAST-MODIFIED:(.+)/i.exec(icalData); + + if (!uidMatch || !summaryMatch || !dtStartMatch) { + return null; + } + + const isAllDay = icalData.includes('VALUE=DATE'); + + return { + id: uidMatch[1].trim(), + calendarId, + summary: summaryMatch[1].trim(), + description: descriptionMatch ? descriptionMatch[1].trim() : null, + location: locationMatch ? locationMatch[1].trim() : null, + start: dtStartMatch[1].trim(), + end: dtEndMatch ? dtEndMatch[1].trim() : dtStartMatch[1].trim(), + allDay: isAllDay, + status: 'CONFIRMED', + rrule: null, + attendees: [], + organizer: null, + created: createdMatch ? createdMatch[1].trim() : '', + lastModified: lastModMatch ? lastModMatch[1].trim() : '', + }; + } +} diff --git a/apps/api/src/modules/integrations/connectors/nextcloud/nextcloud.controller.ts b/apps/api/src/modules/integrations/connectors/nextcloud/nextcloud.controller.ts new file mode 100644 index 0000000..30b4cf6 --- /dev/null +++ b/apps/api/src/modules/integrations/connectors/nextcloud/nextcloud.controller.ts @@ -0,0 +1,398 @@ +import { + Controller, + Get, + Post, + Delete, + Body, + Param, + Query, + Res, + UploadedFile, + UseInterceptors, + ParseIntPipe, + HttpCode, + HttpStatus, + StreamableFile, +} from '@nestjs/common'; +import { FileInterceptor } from '@nestjs/platform-express'; +import { Response } from 'express'; +import { + ApiTags, + ApiOperation, + ApiResponse, + ApiBearerAuth, + ApiParam, + ApiQuery, + ApiConsumes, + ApiBody, +} from '@nestjs/swagger'; +import { NextcloudService } from './nextcloud.service'; +import { + ListFilesDto, + CreateShareDto, + ListEventsDto, + NextcloudFile, + FileResponseDto, + ShareResponseDto, + UserResponseDto, + CalendarEventResponseDto, + ShareType, + SharePermission, +} from './nextcloud.types'; +import { RequirePermissions } from '../../../../auth/permissions/permissions.decorator'; +import { Permission } from '../../../../auth/permissions/permissions.enum'; + +/** + * Nextcloud Integration Controller + * + * REST API endpoints for Nextcloud cloud storage integration. + */ +@ApiTags('Integrations - Nextcloud') +@ApiBearerAuth() +@Controller('integrations/nextcloud') +export class NextcloudController { + constructor(private readonly nextcloudService: NextcloudService) {} + + // ============ Health & Status ============ + + @Post('test') + @HttpCode(HttpStatus.OK) + @ApiOperation({ summary: 'Test Nextcloud connection' }) + @ApiResponse({ + status: 200, + description: 'Connection test result', + schema: { + type: 'object', + properties: { + success: { type: 'boolean' }, + message: { type: 'string' }, + latency: { type: 'number' }, + }, + }, + }) + @RequirePermissions(Permission.INTEGRATIONS_MANAGE) + async testConnection() { + return this.nextcloudService.testConnection(); + } + + @Get('health') + @ApiOperation({ summary: 'Get Nextcloud connector health status' }) + @ApiResponse({ + status: 200, + description: 'Health status', + schema: { + type: 'object', + properties: { + status: { type: 'string', enum: ['connected', 'error', 'not_configured'] }, + lastCheck: { type: 'string', format: 'date-time' }, + latency: { type: 'number' }, + error: { type: 'string' }, + }, + }, + }) + @RequirePermissions(Permission.INTEGRATIONS_VIEW) + async getHealth() { + return this.nextcloudService.checkHealth(); + } + + // ============ Files ============ + + @Get('files') + @ApiOperation({ summary: 'List files in a directory' }) + @ApiQuery({ name: 'path', required: false, description: 'Directory path (default: root)' }) + @ApiQuery({ name: 'filesOnly', required: false, type: Boolean }) + @ApiQuery({ name: 'dirsOnly', required: false, type: Boolean }) + @ApiQuery({ name: 'depth', required: false, type: Number }) + @ApiResponse({ + status: 200, + description: 'List of files', + type: [FileResponseDto], + }) + @RequirePermissions(Permission.INTEGRATIONS_VIEW) + async listFiles(@Query() query: ListFilesDto) { + return this.nextcloudService.listFiles(query); + } + + @Get('files/recent') + @ApiOperation({ summary: 'List recently modified files' }) + @ApiQuery({ name: 'limit', required: false, type: Number, description: 'Maximum number of files to return (default: 20)' }) + @ApiResponse({ status: 200, description: 'List of recently modified files', type: [FileResponseDto] }) + @RequirePermissions(Permission.INTEGRATIONS_VIEW) + async getRecentFiles(@Query('limit') limit?: string) { + const fileLimit = limit ? parseInt(limit, 10) : 20; + const result = await this.nextcloudService.listFiles({ path: '/' }); + // Sort by modification date (newest first) and limit + const files = Array.isArray(result) ? result : []; + return files + .filter((f) => f.type !== 'directory') + .sort((a, b) => { + const dateA = new Date(a.lastmod || 0).getTime(); + const dateB = new Date(b.lastmod || 0).getTime(); + return dateB - dateA; + }) + .slice(0, fileLimit); + } + + @Get('files/*') + @ApiOperation({ summary: 'Get file info or download file' }) + @ApiParam({ name: 'path', description: 'File path (use * wildcard in route)' }) + @ApiQuery({ name: 'download', required: false, type: Boolean, description: 'Download file content' }) + @ApiResponse({ status: 200, description: 'File info or content' }) + @ApiResponse({ status: 404, description: 'File not found' }) + @RequirePermissions(Permission.INTEGRATIONS_VIEW) + async getFile( + @Param('0') path: string, + @Query('download') download?: string, + @Res({ passthrough: true }) res?: Response, + ): Promise { + const filePath = `/${path}`; + + if (download === 'true') { + const content = await this.nextcloudService.downloadFile(filePath); + const fileInfo = await this.nextcloudService.getFileInfo(filePath); + + res?.set({ + 'Content-Type': fileInfo.mime || 'application/octet-stream', + 'Content-Disposition': `attachment; filename="${fileInfo.basename}"`, + 'Content-Length': content.length, + }); + + return new StreamableFile(content); + } + + return this.nextcloudService.getFileInfo(filePath); + } + + @Post('files/upload') + @UseInterceptors(FileInterceptor('file')) + @ApiOperation({ summary: 'Upload a file' }) + @ApiConsumes('multipart/form-data') + @ApiBody({ + schema: { + type: 'object', + properties: { + file: { type: 'string', format: 'binary' }, + path: { type: 'string', description: 'Destination path including filename' }, + }, + required: ['file', 'path'], + }, + }) + @ApiResponse({ status: 201, description: 'File uploaded', type: FileResponseDto }) + @RequirePermissions(Permission.INTEGRATIONS_MANAGE) + async uploadFile( + @UploadedFile() file: Express.Multer.File, + @Body('path') path: string, + ) { + return this.nextcloudService.uploadFile(path, file.buffer, file.mimetype); + } + + @Post('files/folder') + @HttpCode(HttpStatus.CREATED) + @ApiOperation({ summary: 'Create a folder' }) + @ApiBody({ + schema: { + type: 'object', + properties: { + path: { type: 'string', description: 'Folder path to create' }, + }, + required: ['path'], + }, + }) + @ApiResponse({ status: 201, description: 'Folder created', type: FileResponseDto }) + @RequirePermissions(Permission.INTEGRATIONS_MANAGE) + async createFolder(@Body('path') path: string) { + return this.nextcloudService.createFolder(path); + } + + @Delete('files/*') + @HttpCode(HttpStatus.NO_CONTENT) + @ApiOperation({ summary: 'Delete a file or folder' }) + @ApiParam({ name: 'path', description: 'File/folder path' }) + @ApiResponse({ status: 204, description: 'File/folder deleted' }) + @ApiResponse({ status: 404, description: 'Not found' }) + @RequirePermissions(Permission.INTEGRATIONS_MANAGE) + async deleteFile(@Param('0') path: string): Promise { + await this.nextcloudService.deleteFile(`/${path}`); + } + + @Post('files/move') + @HttpCode(HttpStatus.OK) + @ApiOperation({ summary: 'Move a file or folder' }) + @ApiBody({ + schema: { + type: 'object', + properties: { + source: { type: 'string' }, + destination: { type: 'string' }, + overwrite: { type: 'boolean', default: false }, + }, + required: ['source', 'destination'], + }, + }) + @ApiResponse({ status: 200, description: 'File moved' }) + @RequirePermissions(Permission.INTEGRATIONS_MANAGE) + async moveFile( + @Body('source') source: string, + @Body('destination') destination: string, + @Body('overwrite') overwrite?: boolean, + ) { + await this.nextcloudService.moveFile(source, destination, overwrite); + return { success: true, message: `Moved ${source} to ${destination}` }; + } + + @Post('files/copy') + @HttpCode(HttpStatus.OK) + @ApiOperation({ summary: 'Copy a file or folder' }) + @ApiBody({ + schema: { + type: 'object', + properties: { + source: { type: 'string' }, + destination: { type: 'string' }, + overwrite: { type: 'boolean', default: false }, + }, + required: ['source', 'destination'], + }, + }) + @ApiResponse({ status: 200, description: 'File copied' }) + @RequirePermissions(Permission.INTEGRATIONS_MANAGE) + async copyFile( + @Body('source') source: string, + @Body('destination') destination: string, + @Body('overwrite') overwrite?: boolean, + ) { + await this.nextcloudService.copyFile(source, destination, overwrite); + return { success: true, message: `Copied ${source} to ${destination}` }; + } + + // ============ Shares ============ + + @Get('shares') + @ApiOperation({ summary: 'Get shares' }) + @ApiQuery({ name: 'path', required: false, description: 'Filter by path' }) + @ApiResponse({ status: 200, description: 'List of shares', type: [ShareResponseDto] }) + @RequirePermissions(Permission.INTEGRATIONS_VIEW) + async getShares(@Query('path') path?: string) { + return this.nextcloudService.getShares(path); + } + + @Post('shares') + @HttpCode(HttpStatus.CREATED) + @ApiOperation({ summary: 'Create a share' }) + @ApiResponse({ status: 201, description: 'Share created', type: ShareResponseDto }) + @RequirePermissions(Permission.INTEGRATIONS_MANAGE) + async createShare(@Body() data: CreateShareDto) { + return this.nextcloudService.createShare(data); + } + + @Post('shares/public-link') + @HttpCode(HttpStatus.CREATED) + @ApiOperation({ summary: 'Create a public link share' }) + @ApiBody({ + schema: { + type: 'object', + properties: { + path: { type: 'string' }, + password: { type: 'string' }, + expireDate: { type: 'string', format: 'date' }, + permissions: { type: 'number', description: 'Permission bitmask (1=read, 2=update, 4=create, 8=delete)' }, + }, + required: ['path'], + }, + }) + @ApiResponse({ status: 201, description: 'Public link created', type: ShareResponseDto }) + @RequirePermissions(Permission.INTEGRATIONS_MANAGE) + async createPublicLink( + @Body('path') path: string, + @Body('password') password?: string, + @Body('expireDate') expireDate?: string, + @Body('permissions') permissions?: number, + ) { + return this.nextcloudService.createPublicLink(path, { password, expireDate, permissions }); + } + + @Delete('shares/:id') + @HttpCode(HttpStatus.NO_CONTENT) + @ApiOperation({ summary: 'Delete a share' }) + @ApiParam({ name: 'id', type: Number }) + @ApiResponse({ status: 204, description: 'Share deleted' }) + @RequirePermissions(Permission.INTEGRATIONS_MANAGE) + async deleteShare(@Param('id', ParseIntPipe) id: number): Promise { + await this.nextcloudService.deleteShare(id); + } + + // ============ User ============ + + @Get('user') + @ApiOperation({ summary: 'Get current user info' }) + @ApiResponse({ status: 200, description: 'User info', type: UserResponseDto }) + @RequirePermissions(Permission.INTEGRATIONS_VIEW) + async getCurrentUser() { + return this.nextcloudService.getCurrentUser(); + } + + @Get('user/quota') + @ApiOperation({ summary: 'Get user storage quota' }) + @ApiResponse({ + status: 200, + description: 'Quota info', + schema: { + type: 'object', + properties: { + used: { type: 'number' }, + total: { type: 'number' }, + free: { type: 'number' }, + relative: { type: 'number' }, + }, + }, + }) + @RequirePermissions(Permission.INTEGRATIONS_VIEW) + async getUserQuota() { + return this.nextcloudService.getUserQuota(); + } + + // ============ Calendar ============ + + @Get('calendars') + @ApiOperation({ summary: 'List calendars' }) + @ApiResponse({ + status: 200, + description: 'List of calendars', + schema: { + type: 'array', + items: { + type: 'object', + properties: { + id: { type: 'string' }, + displayName: { type: 'string' }, + color: { type: 'string' }, + isWritable: { type: 'boolean' }, + }, + }, + }, + }) + @RequirePermissions(Permission.INTEGRATIONS_VIEW) + async listCalendars() { + return this.nextcloudService.listCalendars(); + } + + @Get('calendar/events') + @ApiOperation({ summary: 'List calendar events' }) + @ApiQuery({ name: 'calendarId', required: false, description: 'Calendar ID (default: personal)' }) + @ApiQuery({ name: 'start', required: false, description: 'Start date filter (ISO 8601)' }) + @ApiQuery({ name: 'end', required: false, description: 'End date filter (ISO 8601)' }) + @ApiResponse({ status: 200, description: 'List of events', type: [CalendarEventResponseDto] }) + @RequirePermissions(Permission.INTEGRATIONS_VIEW) + async listEvents(@Query() query: ListEventsDto) { + return this.nextcloudService.listEvents(query); + } + + @Get('calendar/events/today') + @ApiOperation({ summary: 'Get today\'s events' }) + @ApiQuery({ name: 'calendarId', required: false }) + @ApiResponse({ status: 200, description: 'Today\'s events', type: [CalendarEventResponseDto] }) + @RequirePermissions(Permission.INTEGRATIONS_VIEW) + async getTodayEvents(@Query('calendarId') calendarId?: string) { + return this.nextcloudService.getTodayEvents(calendarId); + } +} diff --git a/apps/api/src/modules/integrations/connectors/nextcloud/nextcloud.module.ts b/apps/api/src/modules/integrations/connectors/nextcloud/nextcloud.module.ts new file mode 100644 index 0000000..85e675a --- /dev/null +++ b/apps/api/src/modules/integrations/connectors/nextcloud/nextcloud.module.ts @@ -0,0 +1,29 @@ +import { Module } from '@nestjs/common'; +import { ConfigModule } from '@nestjs/config'; +import { NextcloudConnector } from './nextcloud.connector'; +import { NextcloudService } from './nextcloud.service'; +import { NextcloudController } from './nextcloud.controller'; + +/** + * Nextcloud Integration Module + * + * Provides integration with Nextcloud cloud storage. + * + * Required environment variables: + * - NEXTCLOUD_URL: Base URL of Nextcloud instance (e.g., https://cloud.example.com) + * - NEXTCLOUD_USERNAME: Username for authentication + * - NEXTCLOUD_PASSWORD: Password or App Password for authentication + * + * Features: + * - WebDAV file operations (list, upload, download, delete, move, copy) + * - OCS Share API (create public links, share with users) + * - User info and quota + * - Calendar events (CalDAV) + */ +@Module({ + imports: [ConfigModule], + controllers: [NextcloudController], + providers: [NextcloudConnector, NextcloudService], + exports: [NextcloudService, NextcloudConnector], +}) +export class NextcloudModule {} diff --git a/apps/api/src/modules/integrations/connectors/nextcloud/nextcloud.service.ts b/apps/api/src/modules/integrations/connectors/nextcloud/nextcloud.service.ts new file mode 100644 index 0000000..3785ccf --- /dev/null +++ b/apps/api/src/modules/integrations/connectors/nextcloud/nextcloud.service.ts @@ -0,0 +1,297 @@ +import { Injectable, Logger } from '@nestjs/common'; +import { NextcloudConnector, ConnectorHealth } from './nextcloud.connector'; +import { + NextcloudFile, + NextcloudUser, + NextcloudShare, + NextcloudCalendar, + NextcloudCalendarEvent, + ListFilesDto, + CreateShareDto, + ListEventsDto, + ShareType, + SharePermission, +} from './nextcloud.types'; + +/** + * Nextcloud Service + * + * High-level service for interacting with Nextcloud. + * Wraps the connector with additional business logic and logging. + */ +@Injectable() +export class NextcloudService { + private readonly logger = new Logger(NextcloudService.name); + + constructor(private readonly connector: NextcloudConnector) {} + + // ============ Health & Status ============ + + /** + * Check health status of the Nextcloud integration + */ + async checkHealth(): Promise { + this.logger.debug('Checking Nextcloud connector health'); + return this.connector.checkHealth(); + } + + /** + * Test connection to Nextcloud + */ + async testConnection(): Promise<{ success: boolean; message: string; latency?: number }> { + this.logger.log('Testing Nextcloud connection'); + const result = await this.connector.testConnection(); + this.logger.log(`Nextcloud connection test: ${result.success ? 'SUCCESS' : 'FAILED'} - ${result.message}`); + return result; + } + + /** + * Check if connector is configured + */ + isConfigured(): boolean { + return this.connector.getIsConfigured(); + } + + // ============ Files ============ + + /** + * List files in a directory + */ + async listFiles(params: ListFilesDto = {}): Promise { + const path = params.path || '/'; + this.logger.debug(`Listing files in: ${path}`); + const files = await this.connector.listFiles(params); + this.logger.debug(`Found ${files.length} files in ${path}`); + return files; + } + + /** + * Get file/folder info + */ + async getFileInfo(path: string): Promise { + this.logger.debug(`Getting file info: ${path}`); + return this.connector.getFileInfo(path); + } + + /** + * Upload a file + */ + async uploadFile( + path: string, + content: Buffer | string, + contentType?: string, + ): Promise { + this.logger.log(`Uploading file to: ${path}`); + const file = await this.connector.uploadFile(path, content, contentType); + this.logger.log(`File uploaded: ${path} (${file.size} bytes)`); + return file; + } + + /** + * Download a file + */ + async downloadFile(path: string): Promise { + this.logger.debug(`Downloading file: ${path}`); + const content = await this.connector.downloadFile(path); + this.logger.debug(`Downloaded file: ${path} (${content.length} bytes)`); + return content; + } + + /** + * Delete a file or folder + */ + async deleteFile(path: string): Promise { + this.logger.log(`Deleting: ${path}`); + await this.connector.deleteFile(path); + this.logger.log(`Deleted: ${path}`); + } + + /** + * Create a folder + */ + async createFolder(path: string): Promise { + this.logger.log(`Creating folder: ${path}`); + const folder = await this.connector.createFolder(path); + this.logger.log(`Created folder: ${path}`); + return folder; + } + + /** + * Move a file or folder + */ + async moveFile(source: string, destination: string, overwrite: boolean = false): Promise { + this.logger.log(`Moving ${source} to ${destination}`); + await this.connector.moveFile(source, destination, overwrite); + this.logger.log(`Moved ${source} to ${destination}`); + } + + /** + * Copy a file or folder + */ + async copyFile(source: string, destination: string, overwrite: boolean = false): Promise { + this.logger.log(`Copying ${source} to ${destination}`); + await this.connector.copyFile(source, destination, overwrite); + this.logger.log(`Copied ${source} to ${destination}`); + } + + /** + * Ensure a folder exists (create if not) + */ + async ensureFolder(path: string): Promise { + this.logger.debug(`Ensuring folder exists: ${path}`); + + try { + const info = await this.connector.getFileInfo(path); + if (info.type === 'directory') { + return info; + } + throw new Error(`Path exists but is not a directory: ${path}`); + } catch (error) { + // Folder doesn't exist, create it + return this.createFolder(path); + } + } + + // ============ Shares ============ + + /** + * Get shares for a path + */ + async getShares(path?: string): Promise { + this.logger.debug(`Getting shares${path ? ` for: ${path}` : ''}`); + const shares = await this.connector.getShares(path); + this.logger.debug(`Found ${shares.length} shares`); + return shares; + } + + /** + * Create a share + */ + async createShare(data: CreateShareDto): Promise { + this.logger.log(`Creating share for: ${data.path}`); + const share = await this.connector.createShare(data); + this.logger.log(`Created share ID: ${share.id}`); + return share; + } + + /** + * Create a public link share + */ + async createPublicLink( + path: string, + options?: { + password?: string; + expireDate?: string; + permissions?: number; + }, + ): Promise { + this.logger.log(`Creating public link for: ${path}`); + const share = await this.connector.createShare({ + path, + shareType: ShareType.PUBLIC_LINK, + permissions: options?.permissions ?? SharePermission.READ, + password: options?.password, + expireDate: options?.expireDate, + }); + this.logger.log(`Created public link: ${share.url}`); + return share; + } + + /** + * Share with a user + */ + async shareWithUser( + path: string, + userId: string, + permissions: number = SharePermission.READ, + ): Promise { + this.logger.log(`Sharing ${path} with user: ${userId}`); + const share = await this.connector.createShare({ + path, + shareType: ShareType.USER, + shareWith: userId, + permissions, + }); + this.logger.log(`Shared with user ${userId}, share ID: ${share.id}`); + return share; + } + + /** + * Delete a share + */ + async deleteShare(shareId: number): Promise { + this.logger.log(`Deleting share: ${shareId}`); + await this.connector.deleteShare(shareId); + this.logger.log(`Deleted share: ${shareId}`); + } + + // ============ User ============ + + /** + * Get current user info + */ + async getCurrentUser(): Promise { + this.logger.debug('Getting current user info'); + return this.connector.getCurrentUser(); + } + + /** + * Get user quota + */ + async getUserQuota(): Promise<{ used: number; total: number; free: number; relative: number }> { + this.logger.debug('Getting user quota'); + return this.connector.getUserQuota(); + } + + // ============ Calendar ============ + + /** + * List calendars + */ + async listCalendars(): Promise { + this.logger.debug('Listing calendars'); + const calendars = await this.connector.listCalendars(); + this.logger.debug(`Found ${calendars.length} calendars`); + return calendars; + } + + /** + * List calendar events + */ + async listEvents(params: ListEventsDto = {}): Promise { + this.logger.debug(`Listing events for calendar: ${params.calendarId || 'personal'}`); + const events = await this.connector.listEvents(params); + this.logger.debug(`Found ${events.length} events`); + return events; + } + + /** + * Get events for today + */ + async getTodayEvents(calendarId?: string): Promise { + const today = new Date(); + const startOfDay = new Date(today.getFullYear(), today.getMonth(), today.getDate()); + const endOfDay = new Date(today.getFullYear(), today.getMonth(), today.getDate() + 1); + + return this.listEvents({ + calendarId, + start: startOfDay.toISOString(), + end: endOfDay.toISOString(), + }); + } + + /** + * Get events for a date range + */ + async getEventsInRange( + startDate: Date, + endDate: Date, + calendarId?: string, + ): Promise { + return this.listEvents({ + calendarId, + start: startDate.toISOString(), + end: endDate.toISOString(), + }); + } +} diff --git a/apps/api/src/modules/integrations/connectors/nextcloud/nextcloud.types.ts b/apps/api/src/modules/integrations/connectors/nextcloud/nextcloud.types.ts new file mode 100644 index 0000000..7c4c9dd --- /dev/null +++ b/apps/api/src/modules/integrations/connectors/nextcloud/nextcloud.types.ts @@ -0,0 +1,400 @@ +import { IsString, IsOptional, IsBoolean, IsNumber, IsDateString, IsEnum, IsArray } from 'class-validator'; +import { ApiProperty, ApiPropertyOptional } from '@nestjs/swagger'; + +/** + * Nextcloud API Types and DTOs + */ + +// ============ Enums ============ + +export enum ShareType { + USER = 0, + GROUP = 1, + PUBLIC_LINK = 3, + EMAIL = 4, + FEDERATED_CLOUD = 6, + CIRCLE = 7, + TALK_CONVERSATION = 10, +} + +export enum SharePermission { + READ = 1, + UPDATE = 2, + CREATE = 4, + DELETE = 8, + SHARE = 16, + ALL = 31, +} + +export enum FileType { + FILE = 'file', + DIRECTORY = 'directory', +} + +// ============ API Response Types ============ + +export interface NextcloudFile { + basename: string; + filename: string; + fileid: number; + type: FileType; + mime: string | null; + size: number; + etag: string; + lastmod: string; + permissions: string; + favorite: boolean; + hasPreview: boolean; + path: string; +} + +export interface NextcloudQuota { + free: number; + used: number; + total: number; + relative: number; +} + +export interface NextcloudUser { + id: string; + displayName: string; + email: string; + quota: NextcloudQuota; + enabled: boolean; + lastLogin: number; + groups: string[]; +} + +export interface NextcloudShare { + id: number; + shareType: ShareType; + shareWith: string | null; + shareWithDisplayname: string | null; + permissions: number; + url: string | null; + token: string | null; + path: string; + itemType: FileType; + expiration: string | null; + password: boolean; + note: string | null; +} + +export interface NextcloudCalendarEvent { + id: string; + calendarId: string; + summary: string; + description: string | null; + location: string | null; + start: string; + end: string; + allDay: boolean; + status: string; + rrule: string | null; + attendees: NextcloudAttendee[]; + organizer: NextcloudAttendee | null; + created: string; + lastModified: string; +} + +export interface NextcloudAttendee { + email: string; + name: string | null; + status: string; + role: string; +} + +export interface NextcloudCalendar { + id: string; + displayName: string; + color: string; + owner: string; + permissions: string[]; + isWritable: boolean; + isShared: boolean; +} + +export interface WebDAVResponse { + href: string; + propstat: { + prop: { + resourcetype?: { collection?: unknown }; + getcontentlength?: string; + getcontenttype?: string; + getetag?: string; + getlastmodified?: string; + displayname?: string; + fileid?: number; + permissions?: string; + favorite?: number; + 'has-preview'?: boolean; + }; + status: string; + }[]; +} + +export interface OCSResponse { + ocs: { + meta: { + status: string; + statuscode: number; + message: string; + totalitems?: string; + itemsperpage?: string; + }; + data: T; + }; +} + +// ============ DTOs ============ + +export class ListFilesDto { + @ApiPropertyOptional({ description: 'Path to list files from (default: root)', default: '/' }) + @IsOptional() + @IsString() + path?: string; + + @ApiPropertyOptional({ description: 'Include only files (exclude directories)' }) + @IsOptional() + @IsBoolean() + filesOnly?: boolean; + + @ApiPropertyOptional({ description: 'Include only directories' }) + @IsOptional() + @IsBoolean() + dirsOnly?: boolean; + + @ApiPropertyOptional({ description: 'Depth of listing (0=current only, 1=immediate children, infinity=all)' }) + @IsOptional() + @IsNumber() + depth?: number; +} + +export class UploadFileDto { + @ApiProperty({ description: 'Destination path including filename' }) + @IsString() + path: string; + + @ApiPropertyOptional({ description: 'Overwrite existing file', default: false }) + @IsOptional() + @IsBoolean() + overwrite?: boolean; +} + +export class CreateFolderDto { + @ApiProperty({ description: 'Path of the new folder' }) + @IsString() + path: string; +} + +export class MoveFileDto { + @ApiProperty({ description: 'Source path' }) + @IsString() + source: string; + + @ApiProperty({ description: 'Destination path' }) + @IsString() + destination: string; + + @ApiPropertyOptional({ description: 'Overwrite if exists', default: false }) + @IsOptional() + @IsBoolean() + overwrite?: boolean; +} + +export class CopyFileDto { + @ApiProperty({ description: 'Source path' }) + @IsString() + source: string; + + @ApiProperty({ description: 'Destination path' }) + @IsString() + destination: string; + + @ApiPropertyOptional({ description: 'Overwrite if exists', default: false }) + @IsOptional() + @IsBoolean() + overwrite?: boolean; +} + +export class CreateShareDto { + @ApiProperty({ description: 'Path to share' }) + @IsString() + path: string; + + @ApiProperty({ description: 'Share type', enum: ShareType }) + @IsEnum(ShareType) + shareType: ShareType; + + @ApiPropertyOptional({ description: 'User/group ID or email to share with' }) + @IsOptional() + @IsString() + shareWith?: string; + + @ApiPropertyOptional({ description: 'Permissions (bitmask)', default: SharePermission.READ }) + @IsOptional() + @IsNumber() + permissions?: number; + + @ApiPropertyOptional({ description: 'Password for public link' }) + @IsOptional() + @IsString() + password?: string; + + @ApiPropertyOptional({ description: 'Expiration date (YYYY-MM-DD)' }) + @IsOptional() + @IsString() + expireDate?: string; + + @ApiPropertyOptional({ description: 'Note for the share' }) + @IsOptional() + @IsString() + note?: string; +} + +export class ListEventsDto { + @ApiPropertyOptional({ description: 'Calendar ID (default: personal)' }) + @IsOptional() + @IsString() + calendarId?: string; + + @ApiPropertyOptional({ description: 'Start date filter (ISO 8601)' }) + @IsOptional() + @IsDateString() + start?: string; + + @ApiPropertyOptional({ description: 'End date filter (ISO 8601)' }) + @IsOptional() + @IsDateString() + end?: string; +} + +export class CreateEventDto { + @ApiProperty({ description: 'Calendar ID' }) + @IsString() + calendarId: string; + + @ApiProperty({ description: 'Event summary/title' }) + @IsString() + summary: string; + + @ApiPropertyOptional({ description: 'Event description' }) + @IsOptional() + @IsString() + description?: string; + + @ApiPropertyOptional({ description: 'Event location' }) + @IsOptional() + @IsString() + location?: string; + + @ApiProperty({ description: 'Start date/time (ISO 8601)' }) + @IsDateString() + start: string; + + @ApiProperty({ description: 'End date/time (ISO 8601)' }) + @IsDateString() + end: string; + + @ApiPropertyOptional({ description: 'All-day event', default: false }) + @IsOptional() + @IsBoolean() + allDay?: boolean; + + @ApiPropertyOptional({ description: 'Attendee emails', type: [String] }) + @IsOptional() + @IsArray() + @IsString({ each: true }) + attendees?: string[]; +} + +// ============ Response DTOs ============ + +export class FileResponseDto { + @ApiProperty() + basename: string; + + @ApiProperty() + filename: string; + + @ApiProperty() + fileid: number; + + @ApiProperty({ enum: FileType }) + type: FileType; + + @ApiPropertyOptional() + mime?: string; + + @ApiProperty() + size: number; + + @ApiProperty() + lastmod: string; + + @ApiProperty() + path: string; +} + +export class ShareResponseDto { + @ApiProperty() + id: number; + + @ApiProperty({ enum: ShareType }) + shareType: ShareType; + + @ApiPropertyOptional() + shareWith?: string; + + @ApiProperty() + permissions: number; + + @ApiPropertyOptional() + url?: string; + + @ApiProperty() + path: string; + + @ApiPropertyOptional() + expiration?: string; +} + +export class UserResponseDto { + @ApiProperty() + id: string; + + @ApiProperty() + displayName: string; + + @ApiProperty() + email: string; + + @ApiProperty() + enabled: boolean; +} + +export class CalendarEventResponseDto { + @ApiProperty() + id: string; + + @ApiProperty() + calendarId: string; + + @ApiProperty() + summary: string; + + @ApiPropertyOptional() + description?: string; + + @ApiPropertyOptional() + location?: string; + + @ApiProperty() + start: string; + + @ApiProperty() + end: string; + + @ApiProperty() + allDay: boolean; +} diff --git a/apps/api/src/modules/integrations/connectors/plentyone/dto/index.ts b/apps/api/src/modules/integrations/connectors/plentyone/dto/index.ts new file mode 100644 index 0000000..8154dab --- /dev/null +++ b/apps/api/src/modules/integrations/connectors/plentyone/dto/index.ts @@ -0,0 +1 @@ +export * from './plentyone.dto'; diff --git a/apps/api/src/modules/integrations/connectors/plentyone/dto/plentyone.dto.ts b/apps/api/src/modules/integrations/connectors/plentyone/dto/plentyone.dto.ts new file mode 100644 index 0000000..7c84df1 --- /dev/null +++ b/apps/api/src/modules/integrations/connectors/plentyone/dto/plentyone.dto.ts @@ -0,0 +1,330 @@ +import { ApiProperty, ApiPropertyOptional } from '@nestjs/swagger'; +import { + IsOptional, + IsInt, + IsString, + IsDateString, + IsEnum, + Min, + Max, + IsArray, +} from 'class-validator'; +import { Type, Transform } from 'class-transformer'; + +/** + * Query parameters for fetching orders + */ +export class GetOrdersQueryDto { + @ApiPropertyOptional({ description: 'Order ID to search for' }) + @IsOptional() + @IsInt() + @Type(() => Number) + orderId?: number; + + @ApiPropertyOptional({ description: 'Filter by order type' }) + @IsOptional() + @IsInt() + @Type(() => Number) + orderType?: number; + + @ApiPropertyOptional({ description: 'Filter by referrer ID' }) + @IsOptional() + @IsInt() + @Type(() => Number) + referrerId?: number; + + @ApiPropertyOptional({ description: 'Filter by status ID' }) + @IsOptional() + @IsInt() + @Type(() => Number) + statusId?: number; + + @ApiPropertyOptional({ description: 'External order ID' }) + @IsOptional() + @IsString() + externalOrderId?: string; + + @ApiPropertyOptional({ description: 'Filter by creation date (from)' }) + @IsOptional() + @IsDateString() + createdAtFrom?: string; + + @ApiPropertyOptional({ description: 'Filter by creation date (to)' }) + @IsOptional() + @IsDateString() + createdAtTo?: string; + + @ApiPropertyOptional({ description: 'Page number', default: 1 }) + @IsOptional() + @IsInt() + @Min(1) + @Type(() => Number) + page?: number = 1; + + @ApiPropertyOptional({ description: 'Items per page', default: 50, maximum: 250 }) + @IsOptional() + @IsInt() + @Min(1) + @Max(250) + @Type(() => Number) + itemsPerPage?: number = 50; + + @ApiPropertyOptional({ + description: 'Relations to include (comma-separated)', + example: 'amounts,orderItems,addresses', + }) + @IsOptional() + @IsString() + with?: string; +} + +/** + * Query parameters for fetching stock + */ +export class GetStockQueryDto { + @ApiPropertyOptional({ description: 'Filter by variation ID' }) + @IsOptional() + @IsInt() + @Type(() => Number) + variationId?: number; + + @ApiPropertyOptional({ description: 'Filter by item ID' }) + @IsOptional() + @IsInt() + @Type(() => Number) + itemId?: number; + + @ApiPropertyOptional({ description: 'Filter by warehouse ID' }) + @IsOptional() + @IsInt() + @Type(() => Number) + warehouseId?: number; + + @ApiPropertyOptional({ description: 'Page number', default: 1 }) + @IsOptional() + @IsInt() + @Min(1) + @Type(() => Number) + page?: number = 1; + + @ApiPropertyOptional({ description: 'Items per page', default: 50 }) + @IsOptional() + @IsInt() + @Min(1) + @Max(250) + @Type(() => Number) + itemsPerPage?: number = 50; +} + +/** + * Query parameters for statistics + */ +export class GetStatsQueryDto { + @ApiProperty({ description: 'Start date (YYYY-MM-DD)', example: '2024-01-01' }) + @IsDateString() + dateFrom: string; + + @ApiProperty({ description: 'End date (YYYY-MM-DD)', example: '2024-01-31' }) + @IsDateString() + dateTo: string; + + @ApiPropertyOptional({ + description: 'Group by period', + enum: ['day', 'week', 'month'], + default: 'day', + }) + @IsOptional() + @IsEnum(['day', 'week', 'month']) + groupBy?: 'day' | 'week' | 'month' = 'day'; + + @ApiPropertyOptional({ description: 'Filter by referrer ID' }) + @IsOptional() + @IsInt() + @Type(() => Number) + referrerId?: number; + + @ApiPropertyOptional({ description: 'Filter by status ID' }) + @IsOptional() + @IsInt() + @Type(() => Number) + statusId?: number; +} + +// ============================================================================ +// Response DTOs +// ============================================================================ + +export class OrderAmountResponseDto { + @ApiProperty() + currency: string; + + @ApiProperty() + netTotal: number; + + @ApiProperty() + grossTotal: number; + + @ApiProperty() + vatTotal: number; + + @ApiProperty() + paidAmount: number; + + @ApiProperty() + shippingCostsGross: number; +} + +export class OrderItemResponseDto { + @ApiProperty() + id: number; + + @ApiProperty() + itemVariationId: number; + + @ApiProperty() + quantity: number; + + @ApiProperty() + orderItemName: string; + + @ApiPropertyOptional() + priceGross?: number; + + @ApiPropertyOptional() + priceNet?: number; +} + +export class OrderResponseDto { + @ApiProperty() + id: number; + + @ApiProperty() + typeId: number; + + @ApiProperty() + statusId: number; + + @ApiPropertyOptional() + statusName?: string; + + @ApiProperty() + referrerId: number; + + @ApiProperty() + createdAt: string; + + @ApiProperty() + updatedAt: string; + + @ApiPropertyOptional({ type: [OrderAmountResponseDto] }) + amounts?: OrderAmountResponseDto[]; + + @ApiPropertyOptional({ type: [OrderItemResponseDto] }) + orderItems?: OrderItemResponseDto[]; +} + +export class PaginatedOrdersResponseDto { + @ApiProperty() + page: number; + + @ApiProperty() + totalsCount: number; + + @ApiProperty() + isLastPage: boolean; + + @ApiProperty() + itemsPerPage: number; + + @ApiProperty({ type: [OrderResponseDto] }) + entries: OrderResponseDto[]; +} + +export class StockItemResponseDto { + @ApiProperty() + itemId: number; + + @ApiProperty() + variationId: number; + + @ApiProperty() + warehouseId: number; + + @ApiPropertyOptional() + warehouseName?: string; + + @ApiProperty() + stockPhysical: number; + + @ApiProperty() + reservedStock: number; + + @ApiProperty() + stockNet: number; + + @ApiProperty() + reorderDelta: number; + + @ApiProperty() + updatedAt: string; +} + +export class PaginatedStockResponseDto { + @ApiProperty() + page: number; + + @ApiProperty() + totalsCount: number; + + @ApiProperty() + isLastPage: boolean; + + @ApiProperty() + itemsPerPage: number; + + @ApiProperty({ type: [StockItemResponseDto] }) + entries: StockItemResponseDto[]; +} + +export class OrderStatsResponseDto { + @ApiProperty() + totalOrders: number; + + @ApiProperty() + totalRevenue: number; + + @ApiProperty() + totalRevenueNet: number; + + @ApiProperty() + averageOrderValue: number; + + @ApiProperty() + currency: string; + + @ApiProperty({ type: 'object', additionalProperties: { type: 'number' } }) + ordersByStatus: Record; + + @ApiProperty({ type: 'object', additionalProperties: { type: 'number' } }) + ordersByReferrer: Record; +} + +export class RevenueStatsResponseDto { + @ApiProperty() + date: string; + + @ApiProperty() + ordersCount: number; + + @ApiProperty() + itemsCount: number; + + @ApiProperty() + revenue: number; + + @ApiProperty() + revenueNet: number; + + @ApiProperty() + currency: string; +} diff --git a/apps/api/src/modules/integrations/connectors/plentyone/index.ts b/apps/api/src/modules/integrations/connectors/plentyone/index.ts new file mode 100644 index 0000000..9600d31 --- /dev/null +++ b/apps/api/src/modules/integrations/connectors/plentyone/index.ts @@ -0,0 +1,5 @@ +export * from './plentyone.module'; +export * from './plentyone.service'; +export * from './plentyone.connector'; +export * from './plentyone.types'; +export * from './dto'; diff --git a/apps/api/src/modules/integrations/connectors/plentyone/plentyone.connector.ts b/apps/api/src/modules/integrations/connectors/plentyone/plentyone.connector.ts new file mode 100644 index 0000000..c7a58b3 --- /dev/null +++ b/apps/api/src/modules/integrations/connectors/plentyone/plentyone.connector.ts @@ -0,0 +1,530 @@ +import { Injectable, Logger } from '@nestjs/common'; +import { ConfigService } from '@nestjs/config'; +import axios from 'axios'; +import { + BaseConnector, + BaseConnectorConfig, + ConnectionTestResult, +} from '../base-connector'; +import { + IntegrationAuthError, + IntegrationConfigError, +} from '../../errors'; +import { + PlentyoneAuthConfig, + PlentyoneTokenInfo, + PlentyoneTokenResponse, + PlentyoneOrder, + PlentyoneOrdersQuery, + PlentyonePaginatedResponse, + PlentyoneStockItem, + PlentyoneStockQuery, + PlentyoneOrderStats, + PlentyoneStatsQuery, + PlentyoneRevenueStats, +} from './plentyone.types'; + +/** + * PlentyONE API Connector + * + * Provides integration with PlentyONE e-commerce platform. + * Handles OAuth2 authentication, token management, and API calls. + * + * @see https://developers.plentymarkets.com/ + */ +@Injectable() +export class PlentyoneConnector extends BaseConnector { + protected readonly name = 'PlentyONE'; + private readonly authConfig: PlentyoneAuthConfig; + private tokenInfo: PlentyoneTokenInfo | null = null; + private tokenRefreshPromise: Promise | null = null; + + constructor(private readonly configService: ConfigService) { + const baseUrl = configService.get('PLENTYONE_BASE_URL') || ''; + + super({ + baseUrl: baseUrl ? `${baseUrl}/rest` : '', + timeout: 60000, // PlentyONE can be slow + maxRetries: 3, + }); + + this.authConfig = { + baseUrl, + clientId: configService.get('PLENTYONE_CLIENT_ID') || '', + clientSecret: configService.get('PLENTYONE_CLIENT_SECRET') || '', + }; + } + + /** + * Check if the connector is properly configured + */ + isConfigured(): boolean { + return !!( + this.authConfig.baseUrl && + this.authConfig.clientId && + this.authConfig.clientSecret + ); + } + + /** + * Get missing configuration items + */ + getMissingConfig(): string[] { + const missing: string[] = []; + if (!this.authConfig.baseUrl) missing.push('PLENTYONE_BASE_URL'); + if (!this.authConfig.clientId) missing.push('PLENTYONE_CLIENT_ID'); + if (!this.authConfig.clientSecret) missing.push('PLENTYONE_CLIENT_SECRET'); + return missing; + } + + /** + * Test the connection to PlentyONE + */ + async testConnection(): Promise { + if (!this.isConfigured()) { + return { + success: false, + message: `Missing configuration: ${this.getMissingConfig().join(', ')}`, + }; + } + + const startTime = Date.now(); + + try { + // Try to authenticate + await this.ensureAuthenticated(); + + // Make a simple API call to verify the token works + await this.get<{ version: string }>('/'); + + return { + success: true, + message: 'Successfully connected to PlentyONE', + latencyMs: Date.now() - startTime, + details: { + baseUrl: this.authConfig.baseUrl, + }, + }; + } catch (error) { + const message = error instanceof Error ? error.message : 'Unknown error'; + return { + success: false, + message: `Connection failed: ${message}`, + latencyMs: Date.now() - startTime, + }; + } + } + + /** + * Get authentication headers for requests + */ + async getAuthHeaders(): Promise> { + if (!this.isConfigured()) { + throw new IntegrationConfigError(this.name, this.getMissingConfig()); + } + + await this.ensureAuthenticated(); + + return { + Authorization: `Bearer ${this.tokenInfo!.accessToken}`, + }; + } + + /** + * Ensure we have a valid access token + */ + private async ensureAuthenticated(): Promise { + // If token is valid, return immediately + if (this.isTokenValid()) { + return; + } + + // If a refresh is already in progress, wait for it + if (this.tokenRefreshPromise) { + await this.tokenRefreshPromise; + return; + } + + // Start token refresh + this.tokenRefreshPromise = this.refreshAccessToken(); + + try { + await this.tokenRefreshPromise; + } finally { + this.tokenRefreshPromise = null; + } + } + + /** + * Check if the current token is still valid + */ + private isTokenValid(): boolean { + if (!this.tokenInfo) return false; + + // Consider token invalid if it expires in less than 5 minutes + const bufferMs = 5 * 60 * 1000; + return this.tokenInfo.expiresAt.getTime() > Date.now() + bufferMs; + } + + /** + * Refresh the access token using client credentials + */ + private async refreshAccessToken(): Promise { + this.logger.debug('Refreshing PlentyONE access token'); + + try { + const response = await axios.post( + `${this.authConfig.baseUrl}/rest/oauth/access_token`, + new URLSearchParams({ + grant_type: 'client_credentials', + client_id: this.authConfig.clientId, + client_secret: this.authConfig.clientSecret, + }), + { + headers: { + 'Content-Type': 'application/x-www-form-urlencoded', + }, + timeout: 30000, + }, + ); + + this.tokenInfo = { + accessToken: response.data.access_token, + expiresAt: new Date(Date.now() + response.data.expires_in * 1000), + refreshToken: response.data.refresh_token, + }; + + this.logger.debug( + `PlentyONE token refreshed, expires at ${this.tokenInfo.expiresAt.toISOString()}`, + ); + } catch (error) { + this.logger.error('Failed to refresh PlentyONE token', error); + throw new IntegrationAuthError( + this.name, + 'Failed to obtain access token', + error instanceof Error ? error : undefined, + ); + } + } + + // =========================================================================== + // Orders API + // =========================================================================== + + /** + * Get a list of orders + */ + async getOrders( + query?: PlentyoneOrdersQuery, + ): Promise> { + const params = this.buildQueryParams(query); + return this.get>( + '/orders', + { params }, + ); + } + + /** + * Get a single order by ID + */ + async getOrder( + orderId: number, + withRelations?: string[], + ): Promise { + const params: Record = {}; + if (withRelations?.length) { + params.with = withRelations.join(','); + } + return this.get(`/orders/${orderId}`, { params }); + } + + /** + * Search orders by external order ID + */ + async searchOrdersByExternalId( + externalOrderId: string, + ): Promise> { + return this.getOrders({ externalOrderId }); + } + + /** + * Get orders by status + */ + async getOrdersByStatus( + statusId: number, + page = 1, + itemsPerPage = 50, + ): Promise> { + return this.getOrders({ statusId, page, itemsPerPage }); + } + + /** + * Get orders within a date range + */ + async getOrdersByDateRange( + dateFrom: Date, + dateTo: Date, + page = 1, + itemsPerPage = 50, + ): Promise> { + return this.getOrders({ + createdAtFrom: dateFrom.toISOString(), + createdAtTo: dateTo.toISOString(), + page, + itemsPerPage, + }); + } + + // =========================================================================== + // Stock API + // =========================================================================== + + /** + * Get stock levels + */ + async getStock( + query?: PlentyoneStockQuery, + ): Promise> { + const params = this.buildQueryParams(query); + return this.get>( + '/stockmanagement/stock', + { params }, + ); + } + + /** + * Get stock for a specific variation + */ + async getVariationStock(variationId: number): Promise { + const response = await this.getStock({ variationId }); + return response.entries; + } + + /** + * Get stock for a specific warehouse + */ + async getWarehouseStock( + warehouseId: number, + page = 1, + itemsPerPage = 50, + ): Promise> { + return this.getStock({ warehouseId, page, itemsPerPage }); + } + + /** + * Get low stock items (below reorder level) + */ + async getLowStockItems( + warehouseId?: number, + ): Promise { + const query: PlentyoneStockQuery = { itemsPerPage: 250 }; + if (warehouseId) { + query.warehouseId = warehouseId; + } + + const allItems: PlentyoneStockItem[] = []; + let page = 1; + let hasMore = true; + + while (hasMore) { + const response = await this.getStock({ ...query, page }); + const lowStockItems = response.entries.filter( + (item) => item.stockNet <= item.reorderDelta, + ); + allItems.push(...lowStockItems); + + hasMore = !response.isLastPage; + page++; + + // Safety limit + if (page > 100) break; + } + + return allItems; + } + + // =========================================================================== + // Statistics API + // =========================================================================== + + /** + * Get order statistics + */ + async getOrderStats(query: PlentyoneStatsQuery): Promise { + // Get orders within the date range + const orders = await this.getAllOrdersInRange( + new Date(query.dateFrom), + new Date(query.dateTo), + query.statusId, + ); + + // Calculate statistics + let totalRevenue = 0; + let totalRevenueNet = 0; + const ordersByStatus: Record = {}; + const ordersByReferrer: Record = {}; + + for (const order of orders) { + // Sum up amounts + if (order.amounts?.length) { + const primaryAmount = order.amounts.find((a) => a.isSystemCurrency); + if (primaryAmount) { + totalRevenue += primaryAmount.grossTotal; + totalRevenueNet += primaryAmount.netTotal; + } + } + + // Count by status + ordersByStatus[order.statusId] = (ordersByStatus[order.statusId] || 0) + 1; + + // Count by referrer + ordersByReferrer[order.referrerId] = + (ordersByReferrer[order.referrerId] || 0) + 1; + } + + return { + totalOrders: orders.length, + totalRevenue, + totalRevenueNet, + averageOrderValue: orders.length > 0 ? totalRevenue / orders.length : 0, + currency: 'EUR', // Default currency + ordersByStatus, + ordersByReferrer, + }; + } + + /** + * Get revenue statistics grouped by date + */ + async getRevenueStats( + query: PlentyoneStatsQuery, + ): Promise { + const orders = await this.getAllOrdersInRange( + new Date(query.dateFrom), + new Date(query.dateTo), + query.statusId, + ); + + // Group by date + const statsByDate = new Map(); + + for (const order of orders) { + const dateKey = this.getDateKey(order.createdAt, query.groupBy || 'day'); + + if (!statsByDate.has(dateKey)) { + statsByDate.set(dateKey, { + date: dateKey, + ordersCount: 0, + itemsCount: 0, + revenue: 0, + revenueNet: 0, + currency: 'EUR', + }); + } + + const stats = statsByDate.get(dateKey)!; + stats.ordersCount++; + + if (order.orderItems?.length) { + stats.itemsCount += order.orderItems.reduce( + (sum, item) => sum + item.quantity, + 0, + ); + } + + if (order.amounts?.length) { + const primaryAmount = order.amounts.find((a) => a.isSystemCurrency); + if (primaryAmount) { + stats.revenue += primaryAmount.grossTotal; + stats.revenueNet += primaryAmount.netTotal; + } + } + } + + return Array.from(statsByDate.values()).sort((a, b) => + a.date.localeCompare(b.date), + ); + } + + /** + * Get all orders within a date range (handles pagination) + */ + private async getAllOrdersInRange( + dateFrom: Date, + dateTo: Date, + statusId?: number, + ): Promise { + const allOrders: PlentyoneOrder[] = []; + let page = 1; + let hasMore = true; + + while (hasMore) { + const query: PlentyoneOrdersQuery = { + createdAtFrom: dateFrom.toISOString(), + createdAtTo: dateTo.toISOString(), + page, + itemsPerPage: 250, + with: 'amounts,orderItems', + }; + + if (statusId) { + query.statusId = statusId; + } + + const response = await this.getOrders(query); + allOrders.push(...response.entries); + + hasMore = !response.isLastPage; + page++; + + // Safety limit to prevent infinite loops + if (page > 1000) { + this.logger.warn('Reached maximum page limit for order retrieval'); + break; + } + } + + return allOrders; + } + + /** + * Get date key for grouping + */ + private getDateKey( + dateStr: string, + groupBy: 'day' | 'week' | 'month', + ): string { + const date = new Date(dateStr); + + switch (groupBy) { + case 'day': + return date.toISOString().split('T')[0]; + case 'week': { + const weekStart = new Date(date); + weekStart.setDate(date.getDate() - date.getDay()); + return weekStart.toISOString().split('T')[0]; + } + case 'month': + return `${date.getFullYear()}-${String(date.getMonth() + 1).padStart(2, '0')}`; + default: + return date.toISOString().split('T')[0]; + } + } + + /** + * Build query parameters from object + */ + private buildQueryParams( + query?: object, + ): Record { + if (!query) return {}; + + const params: Record = {}; + for (const [key, value] of Object.entries(query)) { + if (value !== undefined && value !== null) { + params[key] = String(value); + } + } + return params; + } +} diff --git a/apps/api/src/modules/integrations/connectors/plentyone/plentyone.controller.ts b/apps/api/src/modules/integrations/connectors/plentyone/plentyone.controller.ts new file mode 100644 index 0000000..c03decd --- /dev/null +++ b/apps/api/src/modules/integrations/connectors/plentyone/plentyone.controller.ts @@ -0,0 +1,135 @@ +import { + Controller, + Get, + Post, + Param, + Query, + HttpCode, + HttpStatus, + ParseIntPipe, +} from '@nestjs/common'; +import { + ApiTags, + ApiOperation, + ApiResponse, + ApiBearerAuth, + ApiParam, +} from '@nestjs/swagger'; +import { PlentyoneService } from './plentyone.service'; +import { + GetOrdersQueryDto, + GetStockQueryDto, + GetStatsQueryDto, + PaginatedOrdersResponseDto, + PaginatedStockResponseDto, + OrderResponseDto, + OrderStatsResponseDto, + RevenueStatsResponseDto, +} from './dto'; +import { ConnectionTestResult } from '../base-connector'; +import { RequirePermissions } from '../../../../auth/permissions/permissions.decorator'; +import { Permission } from '../../../../auth/permissions/permissions.enum'; + +@ApiTags('Integrations - PlentyONE') +@ApiBearerAuth() +@Controller('integrations/plentyone') +export class PlentyoneController { + constructor(private readonly plentyoneService: PlentyoneService) {} + + @Post('test') + @HttpCode(HttpStatus.OK) + @ApiOperation({ summary: 'Test PlentyONE connection' }) + @ApiResponse({ + status: 200, + description: 'Connection test result', + }) + @RequirePermissions(Permission.INTEGRATIONS_MANAGE) + async testConnection(): Promise { + return this.plentyoneService.testConnection(); + } + + @Get('orders') + @ApiOperation({ summary: 'Get list of orders' }) + @ApiResponse({ + status: 200, + description: 'Paginated list of orders', + type: PaginatedOrdersResponseDto, + }) + @RequirePermissions(Permission.INTEGRATIONS_VIEW) + async getOrders( + @Query() query: GetOrdersQueryDto, + ): Promise { + return this.plentyoneService.getOrders(query); + } + + @Get('orders/:id') + @ApiOperation({ summary: 'Get order by ID' }) + @ApiParam({ name: 'id', description: 'Order ID' }) + @ApiResponse({ + status: 200, + description: 'Order details', + type: OrderResponseDto, + }) + @ApiResponse({ status: 404, description: 'Order not found' }) + @RequirePermissions(Permission.INTEGRATIONS_VIEW) + async getOrder( + @Param('id', ParseIntPipe) id: number, + ): Promise { + return this.plentyoneService.getOrder(id); + } + + @Get('stock') + @ApiOperation({ summary: 'Get stock levels' }) + @ApiResponse({ + status: 200, + description: 'Paginated list of stock items', + type: PaginatedStockResponseDto, + }) + @RequirePermissions(Permission.INTEGRATIONS_VIEW) + async getStock( + @Query() query: GetStockQueryDto, + ): Promise { + return this.plentyoneService.getStock(query); + } + + @Get('stock/low') + @ApiOperation({ summary: 'Get items with low stock' }) + @ApiResponse({ + status: 200, + description: 'List of items below reorder level', + type: PaginatedStockResponseDto, + }) + @RequirePermissions(Permission.INTEGRATIONS_VIEW) + async getLowStockItems( + @Query('warehouseId', new ParseIntPipe({ optional: true })) + warehouseId?: number, + ): Promise { + return this.plentyoneService.getLowStockItems(warehouseId); + } + + @Get('stats') + @ApiOperation({ summary: 'Get order statistics' }) + @ApiResponse({ + status: 200, + description: 'Order statistics for the specified period', + type: OrderStatsResponseDto, + }) + @RequirePermissions(Permission.INTEGRATIONS_VIEW) + async getStats(@Query() query: GetStatsQueryDto): Promise { + return this.plentyoneService.getOrderStats(query); + } + + @Get('stats/revenue') + @ApiOperation({ summary: 'Get revenue statistics' }) + @ApiResponse({ + status: 200, + description: 'Revenue statistics grouped by date', + type: [RevenueStatsResponseDto], + }) + @RequirePermissions(Permission.INTEGRATIONS_VIEW) + async getRevenueStats( + @Query() query: GetStatsQueryDto, + ): Promise { + return this.plentyoneService.getRevenueStats(query); + } +} diff --git a/apps/api/src/modules/integrations/connectors/plentyone/plentyone.module.ts b/apps/api/src/modules/integrations/connectors/plentyone/plentyone.module.ts new file mode 100644 index 0000000..867e62c --- /dev/null +++ b/apps/api/src/modules/integrations/connectors/plentyone/plentyone.module.ts @@ -0,0 +1,11 @@ +import { Module } from '@nestjs/common'; +import { PlentyoneConnector } from './plentyone.connector'; +import { PlentyoneService } from './plentyone.service'; +import { PlentyoneController } from './plentyone.controller'; + +@Module({ + controllers: [PlentyoneController], + providers: [PlentyoneConnector, PlentyoneService], + exports: [PlentyoneService, PlentyoneConnector], +}) +export class PlentyoneModule {} diff --git a/apps/api/src/modules/integrations/connectors/plentyone/plentyone.service.ts b/apps/api/src/modules/integrations/connectors/plentyone/plentyone.service.ts new file mode 100644 index 0000000..830e68b --- /dev/null +++ b/apps/api/src/modules/integrations/connectors/plentyone/plentyone.service.ts @@ -0,0 +1,235 @@ +import { Injectable, Logger } from '@nestjs/common'; +import { PlentyoneConnector } from './plentyone.connector'; +import { + GetOrdersQueryDto, + GetStockQueryDto, + GetStatsQueryDto, + PaginatedOrdersResponseDto, + PaginatedStockResponseDto, + OrderResponseDto, + OrderStatsResponseDto, + RevenueStatsResponseDto, +} from './dto'; +import { ConnectionTestResult } from '../base-connector'; + +/** + * Service layer for PlentyONE integration + * + * Provides business logic and data transformation for PlentyONE API calls. + */ +@Injectable() +export class PlentyoneService { + private readonly logger = new Logger(PlentyoneService.name); + + constructor(private readonly connector: PlentyoneConnector) {} + + /** + * Test the connection to PlentyONE + */ + async testConnection(): Promise { + this.logger.log('Testing PlentyONE connection'); + return this.connector.testConnection(); + } + + /** + * Check if PlentyONE integration is configured + */ + isConfigured(): boolean { + return this.connector.isConfigured(); + } + + /** + * Get paginated list of orders + */ + async getOrders(query: GetOrdersQueryDto): Promise { + this.logger.log(`Fetching orders with query: ${JSON.stringify(query)}`); + + const response = await this.connector.getOrders({ + orderId: query.orderId, + orderType: query.orderType, + referrerId: query.referrerId, + statusId: query.statusId, + externalOrderId: query.externalOrderId, + createdAtFrom: query.createdAtFrom, + createdAtTo: query.createdAtTo, + page: query.page, + itemsPerPage: query.itemsPerPage, + with: query.with, + }); + + return { + page: response.page, + totalsCount: response.totalsCount, + isLastPage: response.isLastPage, + itemsPerPage: response.itemsPerPage, + entries: response.entries.map(this.mapOrderToDto), + }; + } + + /** + * Get a single order by ID + */ + async getOrder(orderId: number): Promise { + this.logger.log(`Fetching order ${orderId}`); + + const order = await this.connector.getOrder(orderId, [ + 'amounts', + 'orderItems', + 'addresses', + ]); + + return this.mapOrderToDto(order); + } + + /** + * Get paginated stock levels + */ + async getStock(query: GetStockQueryDto): Promise { + this.logger.log(`Fetching stock with query: ${JSON.stringify(query)}`); + + const response = await this.connector.getStock({ + variationId: query.variationId, + itemId: query.itemId, + warehouseId: query.warehouseId, + page: query.page, + itemsPerPage: query.itemsPerPage, + }); + + return { + page: response.page, + totalsCount: response.totalsCount, + isLastPage: response.isLastPage, + itemsPerPage: response.itemsPerPage, + entries: response.entries.map((item) => ({ + itemId: item.itemId, + variationId: item.variationId, + warehouseId: item.warehouseId, + warehouseName: item.warehouseName, + stockPhysical: item.stockPhysical, + reservedStock: item.reservedStock, + stockNet: item.stockNet, + reorderDelta: item.reorderDelta, + updatedAt: item.updatedAt, + })), + }; + } + + /** + * Get order statistics for a date range + */ + async getOrderStats(query: GetStatsQueryDto): Promise { + this.logger.log(`Fetching order stats: ${query.dateFrom} to ${query.dateTo}`); + + const stats = await this.connector.getOrderStats({ + dateFrom: query.dateFrom, + dateTo: query.dateTo, + groupBy: query.groupBy, + referrerId: query.referrerId, + statusId: query.statusId, + }); + + return stats; + } + + /** + * Get revenue statistics grouped by date + */ + async getRevenueStats(query: GetStatsQueryDto): Promise { + this.logger.log(`Fetching revenue stats: ${query.dateFrom} to ${query.dateTo}`); + + return this.connector.getRevenueStats({ + dateFrom: query.dateFrom, + dateTo: query.dateTo, + groupBy: query.groupBy, + referrerId: query.referrerId, + statusId: query.statusId, + }); + } + + /** + * Get items with low stock + */ + async getLowStockItems(warehouseId?: number): Promise { + this.logger.log(`Fetching low stock items${warehouseId ? ` for warehouse ${warehouseId}` : ''}`); + + const items = await this.connector.getLowStockItems(warehouseId); + + return { + page: 1, + totalsCount: items.length, + isLastPage: true, + itemsPerPage: items.length, + entries: items.map((item) => ({ + itemId: item.itemId, + variationId: item.variationId, + warehouseId: item.warehouseId, + warehouseName: item.warehouseName, + stockPhysical: item.stockPhysical, + reservedStock: item.reservedStock, + stockNet: item.stockNet, + reorderDelta: item.reorderDelta, + updatedAt: item.updatedAt, + })), + }; + } + + /** + * Map PlentyONE order to response DTO + */ + private mapOrderToDto(order: { + id: number; + typeId: number; + statusId: number; + statusName?: string; + referrerId: number; + createdAt: string; + updatedAt: string; + amounts?: Array<{ + currency: string; + netTotal: number; + grossTotal: number; + vatTotal: number; + paidAmount: number; + shippingCostsGross: number; + isSystemCurrency: boolean; + }>; + orderItems?: Array<{ + id: number; + itemVariationId: number; + quantity: number; + orderItemName: string; + amounts?: Array<{ + priceGross: number; + priceNet: number; + }>; + }>; + }): OrderResponseDto { + return { + id: order.id, + typeId: order.typeId, + statusId: order.statusId, + statusName: order.statusName, + referrerId: order.referrerId, + createdAt: order.createdAt, + updatedAt: order.updatedAt, + amounts: order.amounts + ?.filter((a) => a.isSystemCurrency) + .map((a) => ({ + currency: a.currency, + netTotal: a.netTotal, + grossTotal: a.grossTotal, + vatTotal: a.vatTotal, + paidAmount: a.paidAmount, + shippingCostsGross: a.shippingCostsGross, + })), + orderItems: order.orderItems?.map((item) => ({ + id: item.id, + itemVariationId: item.itemVariationId, + quantity: item.quantity, + orderItemName: item.orderItemName, + priceGross: item.amounts?.[0]?.priceGross, + priceNet: item.amounts?.[0]?.priceNet, + })), + }; + } +} diff --git a/apps/api/src/modules/integrations/connectors/plentyone/plentyone.types.ts b/apps/api/src/modules/integrations/connectors/plentyone/plentyone.types.ts new file mode 100644 index 0000000..5962356 --- /dev/null +++ b/apps/api/src/modules/integrations/connectors/plentyone/plentyone.types.ts @@ -0,0 +1,393 @@ +/** + * PlentyONE API Type Definitions + * + * These types are based on the PlentyONE REST API documentation. + * @see https://developers.plentymarkets.com/ + */ + +// ============================================================================ +// Authentication Types +// ============================================================================ + +export interface PlentyoneAuthConfig { + /** PlentyONE system URL (e.g., https://yourshop.plentymarkets-cloud01.com) */ + baseUrl: string; + /** OAuth2 Client ID */ + clientId: string; + /** OAuth2 Client Secret */ + clientSecret: string; +} + +export interface PlentyoneTokenResponse { + access_token: string; + token_type: string; + expires_in: number; + refresh_token?: string; + scope?: string; +} + +export interface PlentyoneTokenInfo { + accessToken: string; + expiresAt: Date; + refreshToken?: string; +} + +// ============================================================================ +// Order Types +// ============================================================================ + +export interface PlentyoneOrder { + id: number; + typeId: number; + statusId: number; + statusName?: string; + plentyId: number; + locationId: number; + createdAt: string; + updatedAt: string; + lockStatus: string; + ownerId?: number; + referrerId: number; + amounts?: PlentyoneOrderAmount[]; + orderItems?: PlentyoneOrderItem[]; + properties?: PlentyoneOrderProperty[]; + addresses?: PlentyoneAddress[]; + relations?: PlentyoneOrderRelation[]; +} + +export interface PlentyoneOrderAmount { + id: number; + orderId: number; + isSystemCurrency: boolean; + isNet: boolean; + currency: string; + exchangeRate: number; + netTotal: number; + grossTotal: number; + vatTotal: number; + invoiceTotal: number; + paidAmount: number; + prepaidAmount: number; + giftCardAmount: number; + shippingCostsGross: number; + shippingCostsNet: number; + createdAt: string; + updatedAt: string; +} + +export interface PlentyoneOrderItem { + id: number; + orderId: number; + typeId: number; + referrerId: number; + itemVariationId: number; + quantity: number; + orderItemName: string; + attributeValues?: string; + shippingProfileId: number; + amounts?: PlentyoneOrderItemAmount[]; + properties?: PlentyoneOrderItemProperty[]; + createdAt: string; + updatedAt: string; +} + +export interface PlentyoneOrderItemAmount { + id: number; + orderItemId: number; + isSystemCurrency: boolean; + currency: string; + exchangeRate: number; + purchasePrice: number; + priceOriginalGross: number; + priceOriginalNet: number; + priceGross: number; + priceNet: number; + surcharge: number; + discount: number; + isPercentage: boolean; + createdAt: string; + updatedAt: string; +} + +export interface PlentyoneOrderItemProperty { + id: number; + orderItemId: number; + typeId: number; + value: string; + createdAt: string; + updatedAt: string; +} + +export interface PlentyoneOrderProperty { + id: number; + orderId: number; + typeId: number; + value: string; + createdAt: string; + updatedAt: string; +} + +export interface PlentyoneAddress { + id: number; + gender: string; + name1?: string; + name2: string; + name3: string; + name4?: string; + address1: string; + address2: string; + address3?: string; + address4?: string; + postalCode: string; + town: string; + countryId: number; + stateId?: number; + phone?: string; + email?: string; + isPackstation: boolean; + isPostfiliale: boolean; + createdAt: string; + updatedAt: string; +} + +export interface PlentyoneOrderRelation { + orderId: number; + referenceType: string; + referenceId: number; + relation: string; +} + +// ============================================================================ +// Order Query Types +// ============================================================================ + +export interface PlentyoneOrdersQuery { + /** Order ID to search for */ + orderId?: number; + /** Multiple order IDs separated by comma */ + orderIds?: string; + /** Filter by order type (1=Sales, 2=Delivery, etc.) */ + orderType?: number; + /** Filter by referrer ID */ + referrerId?: number; + /** Filter by status ID */ + statusId?: number; + /** Filter by status range (from) */ + statusIdFrom?: number; + /** Filter by status range (to) */ + statusIdTo?: number; + /** Filter by external order ID */ + externalOrderId?: string; + /** Filter by creation date (from) */ + createdAtFrom?: string; + /** Filter by creation date (to) */ + createdAtTo?: string; + /** Filter by update date (from) */ + updatedAtFrom?: string; + /** Filter by update date (to) */ + updatedAtTo?: string; + /** Page number */ + page?: number; + /** Items per page (max 250) */ + itemsPerPage?: number; + /** Relations to include (amounts, orderItems, properties, addresses) */ + with?: string; +} + +export interface PlentyonePaginatedResponse { + page: number; + totalsCount: number; + isLastPage: boolean; + lastPageNumber: number; + firstOnPage: number; + lastOnPage: number; + itemsPerPage: number; + entries: T[]; +} + +// ============================================================================ +// Stock Types +// ============================================================================ + +export interface PlentyoneStockItem { + itemId: number; + variationId: number; + warehouseId: number; + stockPhysical: number; + reservedStock: number; + reservedEbay: number; + reservedBundle: number; + reorderDelta: number; + stockNet: number; + warehouseName?: string; + warehouseType?: string; + averagePurchasePrice?: number; + updatedAt: string; +} + +export interface PlentyoneStockQuery { + /** Filter by variation ID */ + variationId?: number; + /** Filter by item ID */ + itemId?: number; + /** Filter by warehouse ID */ + warehouseId?: number; + /** Filter by updated date (from) */ + updatedAtFrom?: string; + /** Filter by updated date (to) */ + updatedAtTo?: string; + /** Page number */ + page?: number; + /** Items per page */ + itemsPerPage?: number; +} + +export interface PlentyoneStockMovement { + id: number; + itemId: number; + variationId: number; + warehouseId: number; + reasonId: number; + attributeValues: string; + processRowId: number; + quantity: number; + reasonString?: string; + createdAt: string; + updatedAt: string; +} + +// ============================================================================ +// Statistics Types +// ============================================================================ + +export interface PlentyoneRevenueStats { + date: string; + ordersCount: number; + itemsCount: number; + revenue: number; + revenueNet: number; + currency: string; +} + +export interface PlentyoneStatsQuery { + /** Start date (YYYY-MM-DD) */ + dateFrom: string; + /** End date (YYYY-MM-DD) */ + dateTo: string; + /** Group by (day, week, month) */ + groupBy?: 'day' | 'week' | 'month'; + /** Filter by referrer ID */ + referrerId?: number; + /** Filter by status ID */ + statusId?: number; +} + +export interface PlentyoneOrderStats { + totalOrders: number; + totalRevenue: number; + totalRevenueNet: number; + averageOrderValue: number; + currency: string; + ordersByStatus: Record; + ordersByReferrer: Record; +} + +// ============================================================================ +// Warehouse Types +// ============================================================================ + +export interface PlentyoneWarehouse { + id: number; + name: string; + typeId: number; + note?: string; + onStockAvailability: number; + outOfStockAvailability: number; + splitByShippingProfile: boolean; + isInventoryModeActive: boolean; + logisticsType: string; + updatedAt: string; + createdAt: string; +} + +// ============================================================================ +// Item Types +// ============================================================================ + +export interface PlentyoneItem { + id: number; + position: number; + manufacturerId?: number; + producingCountryId?: number; + ageRestriction: number; + conditionId: number; + isNet: boolean; + customsTariffNumber?: string; + flagOne: number; + flagTwo: number; + isSubscribable: boolean; + isSerialNumberRequired: boolean; + isShippingPackage: boolean; + createdAt: string; + updatedAt: string; + variations?: PlentyoneVariation[]; +} + +export interface PlentyoneVariation { + id: number; + itemId: number; + mainVariationId?: number; + position: number; + isMain: boolean; + isActive: boolean; + number: string; + model?: string; + name?: string; + purchasePrice: number; + movingAveragePrice: number; + priceCalculationUUID?: string; + weightG: number; + weightNetG: number; + widthMM: number; + lengthMM: number; + heightMM: number; + unitsContained: number; + palletTypeId?: number; + packingUnits: number; + packingUnitTypeId?: number; + customsPercent: number; + vatId: number; + availableUntil?: string; + createdAt: string; + updatedAt: string; +} + +// ============================================================================ +// Webhook Types +// ============================================================================ + +export interface PlentyoneWebhook { + id: number; + event: string; + url: string; + isActive: boolean; + createdAt: string; + updatedAt: string; +} + +export interface PlentyoneWebhookPayload { + event: string; + timestamp: string; + data: Record; +} + +// ============================================================================ +// API Response Types +// ============================================================================ + +export interface PlentyoneApiError { + error: string; + error_description?: string; + message?: string; + validation?: Record; +} diff --git a/apps/api/src/modules/integrations/connectors/todoist/dto/index.ts b/apps/api/src/modules/integrations/connectors/todoist/dto/index.ts new file mode 100644 index 0000000..a54431c --- /dev/null +++ b/apps/api/src/modules/integrations/connectors/todoist/dto/index.ts @@ -0,0 +1 @@ +export * from './todoist.dto'; diff --git a/apps/api/src/modules/integrations/connectors/todoist/dto/todoist.dto.ts b/apps/api/src/modules/integrations/connectors/todoist/dto/todoist.dto.ts new file mode 100644 index 0000000..db6709e --- /dev/null +++ b/apps/api/src/modules/integrations/connectors/todoist/dto/todoist.dto.ts @@ -0,0 +1,363 @@ +import { ApiProperty, ApiPropertyOptional } from '@nestjs/swagger'; +import { + IsOptional, + IsString, + IsBoolean, + IsArray, + IsEnum, + IsInt, + IsNotEmpty, + Min, + Max, +} from 'class-validator'; +import { Type, Transform } from 'class-transformer'; + +// ============================================================================ +// Request DTOs +// ============================================================================ + +export class GetTasksQueryDto { + @ApiPropertyOptional({ description: 'Filter by project ID' }) + @IsOptional() + @IsString() + projectId?: string; + + @ApiPropertyOptional({ description: 'Filter by section ID' }) + @IsOptional() + @IsString() + sectionId?: string; + + @ApiPropertyOptional({ description: 'Filter by label name' }) + @IsOptional() + @IsString() + label?: string; + + @ApiPropertyOptional({ + description: 'Filter expression (e.g., "today", "overdue", "p1")', + example: 'today', + }) + @IsOptional() + @IsString() + filter?: string; +} + +export class CreateTaskDto { + @ApiProperty({ description: 'Task content/title', example: 'Buy groceries' }) + @IsString() + @IsNotEmpty() + content: string; + + @ApiPropertyOptional({ + description: 'Task description', + example: 'Milk, eggs, bread', + }) + @IsOptional() + @IsString() + description?: string; + + @ApiPropertyOptional({ description: 'Project ID' }) + @IsOptional() + @IsString() + projectId?: string; + + @ApiPropertyOptional({ description: 'Section ID' }) + @IsOptional() + @IsString() + sectionId?: string; + + @ApiPropertyOptional({ description: 'Parent task ID (for subtasks)' }) + @IsOptional() + @IsString() + parentId?: string; + + @ApiPropertyOptional({ + description: 'Labels', + example: ['work', 'urgent'], + type: [String], + }) + @IsOptional() + @IsArray() + @IsString({ each: true }) + labels?: string[]; + + @ApiPropertyOptional({ + description: 'Priority (1=normal, 4=urgent)', + minimum: 1, + maximum: 4, + default: 1, + }) + @IsOptional() + @IsInt() + @Min(1) + @Max(4) + @Type(() => Number) + priority?: 1 | 2 | 3 | 4; + + @ApiPropertyOptional({ + description: 'Due date string (e.g., "tomorrow", "next Monday")', + example: 'tomorrow at 10am', + }) + @IsOptional() + @IsString() + dueString?: string; + + @ApiPropertyOptional({ + description: 'Due date (YYYY-MM-DD)', + example: '2024-12-31', + }) + @IsOptional() + @IsString() + dueDate?: string; + + @ApiPropertyOptional({ description: 'Assignee ID' }) + @IsOptional() + @IsString() + assigneeId?: string; + + @ApiPropertyOptional({ description: 'Duration in minutes', example: 60 }) + @IsOptional() + @IsInt() + @Min(1) + @Type(() => Number) + duration?: number; + + @ApiPropertyOptional({ + description: 'Duration unit', + enum: ['minute', 'day'], + default: 'minute', + }) + @IsOptional() + @IsEnum(['minute', 'day']) + durationUnit?: 'minute' | 'day'; +} + +export class UpdateTaskDto { + @ApiPropertyOptional({ description: 'Task content/title' }) + @IsOptional() + @IsString() + content?: string; + + @ApiPropertyOptional({ description: 'Task description' }) + @IsOptional() + @IsString() + description?: string; + + @ApiPropertyOptional({ description: 'Labels', type: [String] }) + @IsOptional() + @IsArray() + @IsString({ each: true }) + labels?: string[]; + + @ApiPropertyOptional({ + description: 'Priority (1=normal, 4=urgent)', + minimum: 1, + maximum: 4, + }) + @IsOptional() + @IsInt() + @Min(1) + @Max(4) + @Type(() => Number) + priority?: 1 | 2 | 3 | 4; + + @ApiPropertyOptional({ description: 'Due date string' }) + @IsOptional() + @IsString() + dueString?: string; + + @ApiPropertyOptional({ description: 'Due date (YYYY-MM-DD)' }) + @IsOptional() + @IsString() + dueDate?: string; + + @ApiPropertyOptional({ description: 'Assignee ID (null to unassign)' }) + @IsOptional() + @IsString() + assigneeId?: string | null; +} + +export class CreateProjectDto { + @ApiProperty({ description: 'Project name', example: 'My Project' }) + @IsString() + @IsNotEmpty() + name: string; + + @ApiPropertyOptional({ description: 'Parent project ID' }) + @IsOptional() + @IsString() + parentId?: string; + + @ApiPropertyOptional({ + description: 'Project color', + example: 'blue', + }) + @IsOptional() + @IsString() + color?: string; + + @ApiPropertyOptional({ description: 'Mark as favorite', default: false }) + @IsOptional() + @IsBoolean() + @Transform(({ value }) => value === 'true' || value === true) + isFavorite?: boolean; + + @ApiPropertyOptional({ + description: 'View style', + enum: ['list', 'board'], + default: 'list', + }) + @IsOptional() + @IsEnum(['list', 'board']) + viewStyle?: 'list' | 'board'; +} + +export class UpdateProjectDto { + @ApiPropertyOptional({ description: 'Project name' }) + @IsOptional() + @IsString() + name?: string; + + @ApiPropertyOptional({ description: 'Project color' }) + @IsOptional() + @IsString() + color?: string; + + @ApiPropertyOptional({ description: 'Mark as favorite' }) + @IsOptional() + @IsBoolean() + @Transform(({ value }) => value === 'true' || value === true) + isFavorite?: boolean; + + @ApiPropertyOptional({ + description: 'View style', + enum: ['list', 'board'], + }) + @IsOptional() + @IsEnum(['list', 'board']) + viewStyle?: 'list' | 'board'; +} + +// ============================================================================ +// Response DTOs +// ============================================================================ + +export class DueResponseDto { + @ApiProperty({ example: '2024-12-31' }) + date: string; + + @ApiProperty({ example: 'Dec 31' }) + string: string; + + @ApiProperty({ example: false }) + isRecurring: boolean; + + @ApiPropertyOptional({ example: '2024-12-31T10:00:00Z' }) + datetime?: string; +} + +export class TaskResponseDto { + @ApiProperty() + id: string; + + @ApiProperty() + content: string; + + @ApiProperty() + description: string; + + @ApiProperty() + projectId: string; + + @ApiPropertyOptional() + sectionId?: string; + + @ApiPropertyOptional() + parentId?: string; + + @ApiProperty() + isCompleted: boolean; + + @ApiProperty({ type: [String] }) + labels: string[]; + + @ApiProperty({ minimum: 1, maximum: 4 }) + priority: number; + + @ApiProperty() + commentCount: number; + + @ApiProperty() + createdAt: string; + + @ApiPropertyOptional({ type: DueResponseDto }) + due?: DueResponseDto; + + @ApiProperty() + url: string; +} + +export class ProjectResponseDto { + @ApiProperty() + id: string; + + @ApiProperty() + name: string; + + @ApiProperty() + color: string; + + @ApiPropertyOptional() + parentId?: string; + + @ApiProperty() + order: number; + + @ApiProperty() + commentCount: number; + + @ApiProperty() + isShared: boolean; + + @ApiProperty() + isFavorite: boolean; + + @ApiProperty() + isInboxProject: boolean; + + @ApiProperty({ enum: ['list', 'board'] }) + viewStyle: string; + + @ApiProperty() + url: string; +} + +export class SectionResponseDto { + @ApiProperty() + id: string; + + @ApiProperty() + projectId: string; + + @ApiProperty() + name: string; + + @ApiProperty() + order: number; +} + +export class LabelResponseDto { + @ApiProperty() + id: string; + + @ApiProperty() + name: string; + + @ApiProperty() + color: string; + + @ApiProperty() + order: number; + + @ApiProperty() + isFavorite: boolean; +} diff --git a/apps/api/src/modules/integrations/connectors/todoist/index.ts b/apps/api/src/modules/integrations/connectors/todoist/index.ts new file mode 100644 index 0000000..b8338d3 --- /dev/null +++ b/apps/api/src/modules/integrations/connectors/todoist/index.ts @@ -0,0 +1,5 @@ +export * from './todoist.module'; +export * from './todoist.service'; +export * from './todoist.connector'; +export * from './todoist.types'; +export * from './dto'; diff --git a/apps/api/src/modules/integrations/connectors/todoist/todoist.connector.ts b/apps/api/src/modules/integrations/connectors/todoist/todoist.connector.ts new file mode 100644 index 0000000..9e285c3 --- /dev/null +++ b/apps/api/src/modules/integrations/connectors/todoist/todoist.connector.ts @@ -0,0 +1,405 @@ +import { Injectable, Logger } from '@nestjs/common'; +import { ConfigService } from '@nestjs/config'; +import { + BaseConnector, + BaseConnectorConfig, + ConnectionTestResult, +} from '../base-connector'; +import { IntegrationConfigError } from '../../errors'; +import { + TodoistAuthConfig, + TodoistTask, + TodoistCreateTaskRequest, + TodoistUpdateTaskRequest, + TodoistGetTasksRequest, + TodoistProject, + TodoistCreateProjectRequest, + TodoistUpdateProjectRequest, + TodoistSection, + TodoistCreateSectionRequest, + TodoistLabel, + TodoistCreateLabelRequest, + TodoistComment, + TodoistCreateCommentRequest, +} from './todoist.types'; + +/** + * Todoist API Connector + * + * Provides integration with Todoist task management platform. + * Uses Bearer Token authentication. + * + * @see https://developer.todoist.com/rest/v2/ + */ +@Injectable() +export class TodoistConnector extends BaseConnector { + protected readonly name = 'Todoist'; + private readonly authConfig: TodoistAuthConfig; + + constructor(private readonly configService: ConfigService) { + super({ + baseUrl: 'https://api.todoist.com/rest/v2', + timeout: 30000, + maxRetries: 3, + }); + + this.authConfig = { + apiToken: configService.get('TODOIST_API_TOKEN') || '', + }; + } + + /** + * Check if the connector is properly configured + */ + isConfigured(): boolean { + return !!this.authConfig.apiToken; + } + + /** + * Get missing configuration items + */ + getMissingConfig(): string[] { + const missing: string[] = []; + if (!this.authConfig.apiToken) missing.push('TODOIST_API_TOKEN'); + return missing; + } + + /** + * Test the connection to Todoist + */ + async testConnection(): Promise { + if (!this.isConfigured()) { + return { + success: false, + message: `Missing configuration: ${this.getMissingConfig().join(', ')}`, + }; + } + + const startTime = Date.now(); + + try { + // Try to get projects (simple call to verify auth) + await this.getProjects(); + + return { + success: true, + message: 'Successfully connected to Todoist', + latencyMs: Date.now() - startTime, + }; + } catch (error) { + const message = error instanceof Error ? error.message : 'Unknown error'; + return { + success: false, + message: `Connection failed: ${message}`, + latencyMs: Date.now() - startTime, + }; + } + } + + /** + * Get authentication headers for requests (Bearer token) + */ + async getAuthHeaders(): Promise> { + if (!this.isConfigured()) { + throw new IntegrationConfigError(this.name, this.getMissingConfig()); + } + + return { + Authorization: `Bearer ${this.authConfig.apiToken}`, + }; + } + + // =========================================================================== + // Tasks API + // =========================================================================== + + /** + * Get active tasks + */ + async getTasks(request?: TodoistGetTasksRequest): Promise { + const params = this.buildTasksParams(request); + return this.get('/tasks', { params }); + } + + /** + * Get a single task by ID + */ + async getTask(taskId: string): Promise { + return this.get(`/tasks/${taskId}`); + } + + /** + * Create a new task + */ + async createTask(request: TodoistCreateTaskRequest): Promise { + // Generate a unique request ID for idempotency + const requestId = this.generateRequestId(); + + return this.post('/tasks', request, { + headers: { + 'X-Request-Id': requestId, + }, + }); + } + + /** + * Update a task + */ + async updateTask( + taskId: string, + request: TodoistUpdateTaskRequest, + ): Promise { + // Generate a unique request ID for idempotency + const requestId = this.generateRequestId(); + + return this.post(`/tasks/${taskId}`, request, { + headers: { + 'X-Request-Id': requestId, + }, + }); + } + + /** + * Complete a task + */ + async completeTask(taskId: string): Promise { + await this.post(`/tasks/${taskId}/close`, null); + } + + /** + * Reopen a task + */ + async reopenTask(taskId: string): Promise { + await this.post(`/tasks/${taskId}/reopen`, null); + } + + /** + * Delete a task + */ + async deleteTask(taskId: string): Promise { + await this.delete(`/tasks/${taskId}`); + } + + // =========================================================================== + // Projects API + // =========================================================================== + + /** + * Get all projects + */ + async getProjects(): Promise { + return this.get('/projects'); + } + + /** + * Get a single project by ID + */ + async getProject(projectId: string): Promise { + return this.get(`/projects/${projectId}`); + } + + /** + * Create a new project + */ + async createProject( + request: TodoistCreateProjectRequest, + ): Promise { + const requestId = this.generateRequestId(); + + return this.post('/projects', request, { + headers: { + 'X-Request-Id': requestId, + }, + }); + } + + /** + * Update a project + */ + async updateProject( + projectId: string, + request: TodoistUpdateProjectRequest, + ): Promise { + const requestId = this.generateRequestId(); + + return this.post(`/projects/${projectId}`, request, { + headers: { + 'X-Request-Id': requestId, + }, + }); + } + + /** + * Delete a project + */ + async deleteProject(projectId: string): Promise { + await this.delete(`/projects/${projectId}`); + } + + // =========================================================================== + // Sections API + // =========================================================================== + + /** + * Get all sections (optionally filtered by project) + */ + async getSections(projectId?: string): Promise { + const params = projectId ? { project_id: projectId } : {}; + return this.get('/sections', { params }); + } + + /** + * Get a single section by ID + */ + async getSection(sectionId: string): Promise { + return this.get(`/sections/${sectionId}`); + } + + /** + * Create a new section + */ + async createSection( + request: TodoistCreateSectionRequest, + ): Promise { + const requestId = this.generateRequestId(); + + return this.post('/sections', request, { + headers: { + 'X-Request-Id': requestId, + }, + }); + } + + /** + * Delete a section + */ + async deleteSection(sectionId: string): Promise { + await this.delete(`/sections/${sectionId}`); + } + + // =========================================================================== + // Labels API + // =========================================================================== + + /** + * Get all personal labels + */ + async getLabels(): Promise { + return this.get('/labels'); + } + + /** + * Get a single label by ID + */ + async getLabel(labelId: string): Promise { + return this.get(`/labels/${labelId}`); + } + + /** + * Create a new label + */ + async createLabel(request: TodoistCreateLabelRequest): Promise { + const requestId = this.generateRequestId(); + + return this.post('/labels', request, { + headers: { + 'X-Request-Id': requestId, + }, + }); + } + + /** + * Delete a label + */ + async deleteLabel(labelId: string): Promise { + await this.delete(`/labels/${labelId}`); + } + + // =========================================================================== + // Comments API + // =========================================================================== + + /** + * Get comments for a task or project + */ + async getComments( + taskId?: string, + projectId?: string, + ): Promise { + const params: Record = {}; + if (taskId) params.task_id = taskId; + if (projectId) params.project_id = projectId; + + return this.get('/comments', { params }); + } + + /** + * Create a comment + */ + async createComment( + request: TodoistCreateCommentRequest, + ): Promise { + const requestId = this.generateRequestId(); + + return this.post('/comments', request, { + headers: { + 'X-Request-Id': requestId, + }, + }); + } + + /** + * Delete a comment + */ + async deleteComment(commentId: string): Promise { + await this.delete(`/comments/${commentId}`); + } + + // =========================================================================== + // Helper Methods + // =========================================================================== + + /** + * Build query parameters for tasks endpoint + */ + private buildTasksParams( + request?: TodoistGetTasksRequest, + ): Record { + if (!request) return {}; + + const params: Record = {}; + + if (request.project_id) { + params.project_id = request.project_id; + } + + if (request.section_id) { + params.section_id = request.section_id; + } + + if (request.label) { + params.label = request.label; + } + + if (request.filter) { + params.filter = request.filter; + } + + if (request.lang) { + params.lang = request.lang; + } + + if (request.ids?.length) { + params.ids = request.ids.join(','); + } + + return params; + } + + /** + * Generate a unique request ID for idempotency + */ + private generateRequestId(): string { + return `${Date.now()}-${Math.random().toString(36).substring(2, 15)}`; + } +} diff --git a/apps/api/src/modules/integrations/connectors/todoist/todoist.controller.ts b/apps/api/src/modules/integrations/connectors/todoist/todoist.controller.ts new file mode 100644 index 0000000..afbc372 --- /dev/null +++ b/apps/api/src/modules/integrations/connectors/todoist/todoist.controller.ts @@ -0,0 +1,261 @@ +import { + Controller, + Get, + Post, + Put, + Delete, + Body, + Param, + Query, + HttpCode, + HttpStatus, +} from '@nestjs/common'; +import { + ApiTags, + ApiOperation, + ApiResponse, + ApiBearerAuth, + ApiParam, +} from '@nestjs/swagger'; +import { TodoistService } from './todoist.service'; +import { + GetTasksQueryDto, + CreateTaskDto, + UpdateTaskDto, + CreateProjectDto, + UpdateProjectDto, + TaskResponseDto, + ProjectResponseDto, + SectionResponseDto, + LabelResponseDto, +} from './dto'; +import { ConnectionTestResult } from '../base-connector'; +import { RequirePermissions } from '../../../../auth/permissions/permissions.decorator'; +import { Permission } from '../../../../auth/permissions/permissions.enum'; + +@ApiTags('Integrations - Todoist') +@ApiBearerAuth() +@Controller('integrations/todoist') +export class TodoistController { + constructor(private readonly todoistService: TodoistService) {} + + @Post('test') + @HttpCode(HttpStatus.OK) + @ApiOperation({ summary: 'Test Todoist connection' }) + @ApiResponse({ + status: 200, + description: 'Connection test result', + }) + @RequirePermissions(Permission.INTEGRATIONS_MANAGE) + async testConnection(): Promise { + return this.todoistService.testConnection(); + } + + // =========================================================================== + // Tasks + // =========================================================================== + + @Get('tasks') + @ApiOperation({ summary: 'Get list of tasks' }) + @ApiResponse({ + status: 200, + description: 'List of tasks', + type: [TaskResponseDto], + }) + @RequirePermissions(Permission.INTEGRATIONS_VIEW) + async getTasks(@Query() query: GetTasksQueryDto): Promise { + return this.todoistService.getTasks(query); + } + + @Get('tasks/:id') + @ApiOperation({ summary: 'Get task by ID' }) + @ApiParam({ name: 'id', description: 'Task ID' }) + @ApiResponse({ + status: 200, + description: 'Task details', + type: TaskResponseDto, + }) + @ApiResponse({ status: 404, description: 'Task not found' }) + @RequirePermissions(Permission.INTEGRATIONS_VIEW) + async getTask(@Param('id') id: string): Promise { + return this.todoistService.getTask(id); + } + + @Post('tasks') + @ApiOperation({ summary: 'Create a new task' }) + @ApiResponse({ + status: 201, + description: 'Task created successfully', + type: TaskResponseDto, + }) + @RequirePermissions(Permission.INTEGRATIONS_MANAGE) + async createTask(@Body() dto: CreateTaskDto): Promise { + return this.todoistService.createTask(dto); + } + + @Put('tasks/:id') + @ApiOperation({ summary: 'Update a task' }) + @ApiParam({ name: 'id', description: 'Task ID' }) + @ApiResponse({ + status: 200, + description: 'Task updated successfully', + type: TaskResponseDto, + }) + @ApiResponse({ status: 404, description: 'Task not found' }) + @RequirePermissions(Permission.INTEGRATIONS_MANAGE) + async updateTask( + @Param('id') id: string, + @Body() dto: UpdateTaskDto, + ): Promise { + return this.todoistService.updateTask(id, dto); + } + + @Post('tasks/:id/complete') + @HttpCode(HttpStatus.OK) + @ApiOperation({ summary: 'Complete a task' }) + @ApiParam({ name: 'id', description: 'Task ID' }) + @ApiResponse({ + status: 200, + description: 'Task completed successfully', + }) + @RequirePermissions(Permission.INTEGRATIONS_MANAGE) + async completeTask(@Param('id') id: string): Promise<{ success: boolean }> { + return this.todoistService.completeTask(id); + } + + @Post('tasks/:id/reopen') + @HttpCode(HttpStatus.OK) + @ApiOperation({ summary: 'Reopen a completed task' }) + @ApiParam({ name: 'id', description: 'Task ID' }) + @ApiResponse({ + status: 200, + description: 'Task reopened successfully', + }) + @RequirePermissions(Permission.INTEGRATIONS_MANAGE) + async reopenTask(@Param('id') id: string): Promise<{ success: boolean }> { + return this.todoistService.reopenTask(id); + } + + @Delete('tasks/:id') + @HttpCode(HttpStatus.NO_CONTENT) + @ApiOperation({ summary: 'Delete a task' }) + @ApiParam({ name: 'id', description: 'Task ID' }) + @ApiResponse({ + status: 204, + description: 'Task deleted successfully', + }) + @ApiResponse({ status: 404, description: 'Task not found' }) + @RequirePermissions(Permission.INTEGRATIONS_MANAGE) + async deleteTask(@Param('id') id: string): Promise { + await this.todoistService.deleteTask(id); + } + + // =========================================================================== + // Projects + // =========================================================================== + + @Get('projects') + @ApiOperation({ summary: 'Get all projects' }) + @ApiResponse({ + status: 200, + description: 'List of projects', + type: [ProjectResponseDto], + }) + @RequirePermissions(Permission.INTEGRATIONS_VIEW) + async getProjects(): Promise { + return this.todoistService.getProjects(); + } + + @Get('projects/:id') + @ApiOperation({ summary: 'Get project by ID' }) + @ApiParam({ name: 'id', description: 'Project ID' }) + @ApiResponse({ + status: 200, + description: 'Project details', + type: ProjectResponseDto, + }) + @ApiResponse({ status: 404, description: 'Project not found' }) + @RequirePermissions(Permission.INTEGRATIONS_VIEW) + async getProject(@Param('id') id: string): Promise { + return this.todoistService.getProject(id); + } + + @Post('projects') + @ApiOperation({ summary: 'Create a new project' }) + @ApiResponse({ + status: 201, + description: 'Project created successfully', + type: ProjectResponseDto, + }) + @RequirePermissions(Permission.INTEGRATIONS_MANAGE) + async createProject( + @Body() dto: CreateProjectDto, + ): Promise { + return this.todoistService.createProject(dto); + } + + @Put('projects/:id') + @ApiOperation({ summary: 'Update a project' }) + @ApiParam({ name: 'id', description: 'Project ID' }) + @ApiResponse({ + status: 200, + description: 'Project updated successfully', + type: ProjectResponseDto, + }) + @ApiResponse({ status: 404, description: 'Project not found' }) + @RequirePermissions(Permission.INTEGRATIONS_MANAGE) + async updateProject( + @Param('id') id: string, + @Body() dto: UpdateProjectDto, + ): Promise { + return this.todoistService.updateProject(id, dto); + } + + @Delete('projects/:id') + @HttpCode(HttpStatus.NO_CONTENT) + @ApiOperation({ summary: 'Delete a project' }) + @ApiParam({ name: 'id', description: 'Project ID' }) + @ApiResponse({ + status: 204, + description: 'Project deleted successfully', + }) + @ApiResponse({ status: 404, description: 'Project not found' }) + @RequirePermissions(Permission.INTEGRATIONS_MANAGE) + async deleteProject(@Param('id') id: string): Promise { + await this.todoistService.deleteProject(id); + } + + // =========================================================================== + // Sections + // =========================================================================== + + @Get('sections') + @ApiOperation({ summary: 'Get sections (optionally filtered by project)' }) + @ApiResponse({ + status: 200, + description: 'List of sections', + type: [SectionResponseDto], + }) + @RequirePermissions(Permission.INTEGRATIONS_VIEW) + async getSections( + @Query('projectId') projectId?: string, + ): Promise { + return this.todoistService.getSections(projectId); + } + + // =========================================================================== + // Labels + // =========================================================================== + + @Get('labels') + @ApiOperation({ summary: 'Get all labels' }) + @ApiResponse({ + status: 200, + description: 'List of labels', + type: [LabelResponseDto], + }) + @RequirePermissions(Permission.INTEGRATIONS_VIEW) + async getLabels(): Promise { + return this.todoistService.getLabels(); + } +} diff --git a/apps/api/src/modules/integrations/connectors/todoist/todoist.module.ts b/apps/api/src/modules/integrations/connectors/todoist/todoist.module.ts new file mode 100644 index 0000000..353a2b2 --- /dev/null +++ b/apps/api/src/modules/integrations/connectors/todoist/todoist.module.ts @@ -0,0 +1,11 @@ +import { Module } from '@nestjs/common'; +import { TodoistConnector } from './todoist.connector'; +import { TodoistService } from './todoist.service'; +import { TodoistController } from './todoist.controller'; + +@Module({ + controllers: [TodoistController], + providers: [TodoistConnector, TodoistService], + exports: [TodoistService, TodoistConnector], +}) +export class TodoistModule {} diff --git a/apps/api/src/modules/integrations/connectors/todoist/todoist.service.ts b/apps/api/src/modules/integrations/connectors/todoist/todoist.service.ts new file mode 100644 index 0000000..549e95a --- /dev/null +++ b/apps/api/src/modules/integrations/connectors/todoist/todoist.service.ts @@ -0,0 +1,319 @@ +import { Injectable, Logger } from '@nestjs/common'; +import { TodoistConnector } from './todoist.connector'; +import { + GetTasksQueryDto, + CreateTaskDto, + UpdateTaskDto, + CreateProjectDto, + UpdateProjectDto, + TaskResponseDto, + ProjectResponseDto, + SectionResponseDto, + LabelResponseDto, +} from './dto'; +import { ConnectionTestResult } from '../base-connector'; +import { + TodoistTask, + TodoistProject, + TodoistSection, + TodoistLabel, +} from './todoist.types'; + +/** + * Service layer for Todoist integration + * + * Provides business logic and data transformation for Todoist API calls. + */ +@Injectable() +export class TodoistService { + private readonly logger = new Logger(TodoistService.name); + + constructor(private readonly connector: TodoistConnector) {} + + /** + * Test the connection to Todoist + */ + async testConnection(): Promise { + this.logger.log('Testing Todoist connection'); + return this.connector.testConnection(); + } + + /** + * Check if Todoist integration is configured + */ + isConfigured(): boolean { + return this.connector.isConfigured(); + } + + // =========================================================================== + // Tasks + // =========================================================================== + + /** + * Get list of tasks + */ + async getTasks(query: GetTasksQueryDto): Promise { + this.logger.log(`Fetching tasks with query: ${JSON.stringify(query)}`); + + const tasks = await this.connector.getTasks({ + project_id: query.projectId, + section_id: query.sectionId, + label: query.label, + filter: query.filter, + }); + + return tasks.map(this.mapTaskToDto); + } + + /** + * Get a single task by ID + */ + async getTask(taskId: string): Promise { + this.logger.log(`Fetching task ${taskId}`); + + const task = await this.connector.getTask(taskId); + return this.mapTaskToDto(task); + } + + /** + * Create a new task + */ + async createTask(dto: CreateTaskDto): Promise { + this.logger.log(`Creating task: ${dto.content}`); + + const task = await this.connector.createTask({ + content: dto.content, + description: dto.description, + project_id: dto.projectId, + section_id: dto.sectionId, + parent_id: dto.parentId, + labels: dto.labels, + priority: dto.priority, + due_string: dto.dueString, + due_date: dto.dueDate, + assignee_id: dto.assigneeId, + duration: dto.duration, + duration_unit: dto.durationUnit, + }); + + return this.mapTaskToDto(task); + } + + /** + * Update a task + */ + async updateTask( + taskId: string, + dto: UpdateTaskDto, + ): Promise { + this.logger.log(`Updating task ${taskId}`); + + const task = await this.connector.updateTask(taskId, { + content: dto.content, + description: dto.description, + labels: dto.labels, + priority: dto.priority, + due_string: dto.dueString, + due_date: dto.dueDate, + assignee_id: dto.assigneeId, + }); + + return this.mapTaskToDto(task); + } + + /** + * Complete a task + */ + async completeTask(taskId: string): Promise<{ success: boolean }> { + this.logger.log(`Completing task ${taskId}`); + + await this.connector.completeTask(taskId); + return { success: true }; + } + + /** + * Reopen a task + */ + async reopenTask(taskId: string): Promise<{ success: boolean }> { + this.logger.log(`Reopening task ${taskId}`); + + await this.connector.reopenTask(taskId); + return { success: true }; + } + + /** + * Delete a task + */ + async deleteTask(taskId: string): Promise<{ success: boolean }> { + this.logger.log(`Deleting task ${taskId}`); + + await this.connector.deleteTask(taskId); + return { success: true }; + } + + // =========================================================================== + // Projects + // =========================================================================== + + /** + * Get all projects + */ + async getProjects(): Promise { + this.logger.log('Fetching projects'); + + const projects = await this.connector.getProjects(); + return projects.map(this.mapProjectToDto); + } + + /** + * Get a single project by ID + */ + async getProject(projectId: string): Promise { + this.logger.log(`Fetching project ${projectId}`); + + const project = await this.connector.getProject(projectId); + return this.mapProjectToDto(project); + } + + /** + * Create a new project + */ + async createProject(dto: CreateProjectDto): Promise { + this.logger.log(`Creating project: ${dto.name}`); + + const project = await this.connector.createProject({ + name: dto.name, + parent_id: dto.parentId, + color: dto.color, + is_favorite: dto.isFavorite, + view_style: dto.viewStyle, + }); + + return this.mapProjectToDto(project); + } + + /** + * Update a project + */ + async updateProject( + projectId: string, + dto: UpdateProjectDto, + ): Promise { + this.logger.log(`Updating project ${projectId}`); + + const project = await this.connector.updateProject(projectId, { + name: dto.name, + color: dto.color, + is_favorite: dto.isFavorite, + view_style: dto.viewStyle, + }); + + return this.mapProjectToDto(project); + } + + /** + * Delete a project + */ + async deleteProject(projectId: string): Promise<{ success: boolean }> { + this.logger.log(`Deleting project ${projectId}`); + + await this.connector.deleteProject(projectId); + return { success: true }; + } + + // =========================================================================== + // Sections + // =========================================================================== + + /** + * Get sections (optionally filtered by project) + */ + async getSections(projectId?: string): Promise { + this.logger.log(`Fetching sections${projectId ? ` for project ${projectId}` : ''}`); + + const sections = await this.connector.getSections(projectId); + return sections.map(this.mapSectionToDto); + } + + // =========================================================================== + // Labels + // =========================================================================== + + /** + * Get all labels + */ + async getLabels(): Promise { + this.logger.log('Fetching labels'); + + const labels = await this.connector.getLabels(); + return labels.map(this.mapLabelToDto); + } + + // =========================================================================== + // Mappers + // =========================================================================== + + /** + * Map Todoist task to response DTO + */ + private mapTaskToDto = (task: TodoistTask): TaskResponseDto => ({ + id: task.id, + content: task.content, + description: task.description, + projectId: task.project_id, + sectionId: task.section_id || undefined, + parentId: task.parent_id || undefined, + isCompleted: task.is_completed, + labels: task.labels, + priority: task.priority, + commentCount: task.comment_count, + createdAt: task.created_at, + due: task.due + ? { + date: task.due.date, + string: task.due.string, + isRecurring: task.due.is_recurring, + datetime: task.due.datetime, + } + : undefined, + url: task.url, + }); + + /** + * Map Todoist project to response DTO + */ + private mapProjectToDto = (project: TodoistProject): ProjectResponseDto => ({ + id: project.id, + name: project.name, + color: project.color, + parentId: project.parent_id || undefined, + order: project.order, + commentCount: project.comment_count, + isShared: project.is_shared, + isFavorite: project.is_favorite, + isInboxProject: project.is_inbox_project, + viewStyle: project.view_style, + url: project.url, + }); + + /** + * Map Todoist section to response DTO + */ + private mapSectionToDto = (section: TodoistSection): SectionResponseDto => ({ + id: section.id, + projectId: section.project_id, + name: section.name, + order: section.order, + }); + + /** + * Map Todoist label to response DTO + */ + private mapLabelToDto = (label: TodoistLabel): LabelResponseDto => ({ + id: label.id, + name: label.name, + color: label.color, + order: label.order, + isFavorite: label.is_favorite, + }); +} diff --git a/apps/api/src/modules/integrations/connectors/todoist/todoist.types.ts b/apps/api/src/modules/integrations/connectors/todoist/todoist.types.ts new file mode 100644 index 0000000..e321c6b --- /dev/null +++ b/apps/api/src/modules/integrations/connectors/todoist/todoist.types.ts @@ -0,0 +1,307 @@ +/** + * Todoist API Type Definitions + * + * These types are based on the Todoist REST API v2 documentation. + * @see https://developer.todoist.com/rest/v2/ + */ + +// ============================================================================ +// Authentication Types +// ============================================================================ + +export interface TodoistAuthConfig { + /** Todoist API Token (Bearer token) */ + apiToken: string; +} + +// ============================================================================ +// Task Types +// ============================================================================ + +export interface TodoistTask { + id: string; + assigner_id: string | null; + assignee_id: string | null; + project_id: string; + section_id: string | null; + parent_id: string | null; + order: number; + content: string; + description: string; + is_completed: boolean; + labels: string[]; + priority: 1 | 2 | 3 | 4; + comment_count: number; + creator_id: string; + created_at: string; + due: TodoistDue | null; + url: string; + duration: TodoistDuration | null; +} + +export interface TodoistDue { + date: string; + string: string; + lang: string; + is_recurring: boolean; + datetime?: string; + timezone?: string; +} + +export interface TodoistDuration { + amount: number; + unit: 'minute' | 'day'; +} + +export interface TodoistCreateTaskRequest { + /** Task content (required) */ + content: string; + /** Task description */ + description?: string; + /** Project ID */ + project_id?: string; + /** Section ID */ + section_id?: string; + /** Parent task ID (for subtasks) */ + parent_id?: string; + /** Task order */ + order?: number; + /** Labels (array of label names) */ + labels?: string[]; + /** Priority (1-4, where 4 is highest) */ + priority?: 1 | 2 | 3 | 4; + /** Due date string (e.g., "tomorrow", "2024-01-15") */ + due_string?: string; + /** Due date (YYYY-MM-DD) */ + due_date?: string; + /** Due datetime (RFC 3339) */ + due_datetime?: string; + /** Due language */ + due_lang?: string; + /** Assignee ID */ + assignee_id?: string; + /** Duration */ + duration?: number; + /** Duration unit */ + duration_unit?: 'minute' | 'day'; +} + +export interface TodoistUpdateTaskRequest { + /** Task content */ + content?: string; + /** Task description */ + description?: string; + /** Labels */ + labels?: string[]; + /** Priority (1-4) */ + priority?: 1 | 2 | 3 | 4; + /** Due date string */ + due_string?: string; + /** Due date (YYYY-MM-DD) */ + due_date?: string; + /** Due datetime (RFC 3339) */ + due_datetime?: string; + /** Due language */ + due_lang?: string; + /** Assignee ID */ + assignee_id?: string | null; + /** Duration */ + duration?: number | null; + /** Duration unit */ + duration_unit?: 'minute' | 'day'; +} + +export interface TodoistGetTasksRequest { + /** Filter by project ID */ + project_id?: string; + /** Filter by section ID */ + section_id?: string; + /** Filter by label name */ + label?: string; + /** Filter expression (e.g., "today", "overdue") */ + filter?: string; + /** Language for filter */ + lang?: string; + /** Filter by task IDs */ + ids?: string[]; +} + +// ============================================================================ +// Project Types +// ============================================================================ + +export interface TodoistProject { + id: string; + name: string; + comment_count: number; + order: number; + color: string; + is_shared: boolean; + is_favorite: boolean; + is_inbox_project: boolean; + is_team_inbox: boolean; + view_style: 'list' | 'board'; + url: string; + parent_id: string | null; +} + +export interface TodoistCreateProjectRequest { + /** Project name (required) */ + name: string; + /** Parent project ID */ + parent_id?: string; + /** Project color */ + color?: string; + /** Is favorite */ + is_favorite?: boolean; + /** View style */ + view_style?: 'list' | 'board'; +} + +export interface TodoistUpdateProjectRequest { + /** Project name */ + name?: string; + /** Project color */ + color?: string; + /** Is favorite */ + is_favorite?: boolean; + /** View style */ + view_style?: 'list' | 'board'; +} + +// ============================================================================ +// Section Types +// ============================================================================ + +export interface TodoistSection { + id: string; + project_id: string; + order: number; + name: string; +} + +export interface TodoistCreateSectionRequest { + /** Section name (required) */ + name: string; + /** Project ID (required) */ + project_id: string; + /** Section order */ + order?: number; +} + +// ============================================================================ +// Label Types +// ============================================================================ + +export interface TodoistLabel { + id: string; + name: string; + color: string; + order: number; + is_favorite: boolean; +} + +export interface TodoistCreateLabelRequest { + /** Label name (required) */ + name: string; + /** Label color */ + color?: string; + /** Label order */ + order?: number; + /** Is favorite */ + is_favorite?: boolean; +} + +// ============================================================================ +// Comment Types +// ============================================================================ + +export interface TodoistComment { + id: string; + task_id: string | null; + project_id: string | null; + posted_at: string; + content: string; + attachment: TodoistAttachment | null; +} + +export interface TodoistAttachment { + file_name: string; + file_type: string; + file_url: string; + resource_type: string; +} + +export interface TodoistCreateCommentRequest { + /** Comment content (required) */ + content: string; + /** Task ID (either task_id or project_id required) */ + task_id?: string; + /** Project ID (either task_id or project_id required) */ + project_id?: string; + /** Attachment */ + attachment?: { + file_name: string; + file_type: string; + file_url: string; + resource_type: string; + }; +} + +// ============================================================================ +// Sync API Types +// ============================================================================ + +export interface TodoistSyncRequest { + /** Sync token (use '*' for full sync) */ + sync_token: string; + /** Resource types to sync */ + resource_types: string[]; +} + +export interface TodoistSyncResponse { + sync_token: string; + full_sync: boolean; + items?: TodoistTask[]; + projects?: TodoistProject[]; + sections?: TodoistSection[]; + labels?: TodoistLabel[]; + notes?: TodoistComment[]; +} + +// ============================================================================ +// API Response Types +// ============================================================================ + +export interface TodoistApiError { + error_code: number; + error: string; + error_extra?: Record; + http_code: number; +} + +// ============================================================================ +// Color Types +// ============================================================================ + +export type TodoistColor = + | 'berry_red' + | 'red' + | 'orange' + | 'yellow' + | 'olive_green' + | 'lime_green' + | 'green' + | 'mint_green' + | 'teal' + | 'sky_blue' + | 'light_blue' + | 'blue' + | 'grape' + | 'violet' + | 'lavender' + | 'magenta' + | 'salmon' + | 'charcoal' + | 'grey' + | 'taupe'; diff --git a/apps/api/src/modules/integrations/connectors/zulip/dto/index.ts b/apps/api/src/modules/integrations/connectors/zulip/dto/index.ts new file mode 100644 index 0000000..fec0d22 --- /dev/null +++ b/apps/api/src/modules/integrations/connectors/zulip/dto/index.ts @@ -0,0 +1 @@ +export * from './zulip.dto'; diff --git a/apps/api/src/modules/integrations/connectors/zulip/dto/zulip.dto.ts b/apps/api/src/modules/integrations/connectors/zulip/dto/zulip.dto.ts new file mode 100644 index 0000000..cabebd0 --- /dev/null +++ b/apps/api/src/modules/integrations/connectors/zulip/dto/zulip.dto.ts @@ -0,0 +1,292 @@ +import { ApiProperty, ApiPropertyOptional } from '@nestjs/swagger'; +import { + IsOptional, + IsInt, + IsString, + IsBoolean, + IsArray, + IsEnum, + Min, + Max, + IsNotEmpty, + ValidateNested, +} from 'class-validator'; +import { Type, Transform } from 'class-transformer'; + +// ============================================================================ +// Request DTOs +// ============================================================================ + +export class GetMessagesQueryDto { + @ApiPropertyOptional({ + description: 'Anchor message ID or special value', + example: 'newest', + }) + @IsOptional() + @IsString() + anchor?: string; + + @ApiPropertyOptional({ + description: 'Number of messages before anchor', + default: 50, + }) + @IsOptional() + @IsInt() + @Min(0) + @Max(1000) + @Type(() => Number) + numBefore?: number = 50; + + @ApiPropertyOptional({ + description: 'Number of messages after anchor', + default: 0, + }) + @IsOptional() + @IsInt() + @Min(0) + @Max(1000) + @Type(() => Number) + numAfter?: number = 0; + + @ApiPropertyOptional({ description: 'Filter by stream name' }) + @IsOptional() + @IsString() + stream?: string; + + @ApiPropertyOptional({ description: 'Filter by topic' }) + @IsOptional() + @IsString() + topic?: string; + + @ApiPropertyOptional({ description: 'Search term' }) + @IsOptional() + @IsString() + search?: string; +} + +export class SendStreamMessageDto { + @ApiProperty({ description: 'Stream name', example: 'general' }) + @IsString() + @IsNotEmpty() + stream: string; + + @ApiProperty({ description: 'Topic name', example: 'greetings' }) + @IsString() + @IsNotEmpty() + topic: string; + + @ApiProperty({ + description: 'Message content (Markdown supported)', + example: 'Hello, world!', + }) + @IsString() + @IsNotEmpty() + content: string; +} + +export class SendPrivateMessageDto { + @ApiProperty({ + description: 'User IDs to send the message to', + example: [123, 456], + }) + @IsArray() + @IsInt({ each: true }) + userIds: number[]; + + @ApiProperty({ + description: 'Message content (Markdown supported)', + example: 'Hello!', + }) + @IsString() + @IsNotEmpty() + content: string; +} + +export class GetStreamsQueryDto { + @ApiPropertyOptional({ description: 'Include public streams', default: true }) + @IsOptional() + @Transform(({ value }) => value === 'true' || value === true) + @IsBoolean() + includePublic?: boolean; + + @ApiPropertyOptional({ + description: 'Include subscribed streams only', + default: true, + }) + @IsOptional() + @Transform(({ value }) => value === 'true' || value === true) + @IsBoolean() + includeSubscribed?: boolean; +} + +export class SubscribeToStreamDto { + @ApiProperty({ description: 'Stream name', example: 'announcements' }) + @IsString() + @IsNotEmpty() + name: string; + + @ApiPropertyOptional({ + description: 'Stream description', + example: 'Company announcements', + }) + @IsOptional() + @IsString() + description?: string; +} + +export class SubscribeRequestDto { + @ApiProperty({ + description: 'Streams to subscribe to', + type: [SubscribeToStreamDto], + }) + @IsArray() + @ValidateNested({ each: true }) + @Type(() => SubscribeToStreamDto) + subscriptions: SubscribeToStreamDto[]; + + @ApiPropertyOptional({ + description: 'Make stream invite-only', + default: false, + }) + @IsOptional() + @IsBoolean() + inviteOnly?: boolean; +} + +export class GetUsersQueryDto { + @ApiPropertyOptional({ + description: 'Include custom profile fields', + default: false, + }) + @IsOptional() + @Transform(({ value }) => value === 'true' || value === true) + @IsBoolean() + includeCustomProfileFields?: boolean; +} + +// ============================================================================ +// Response DTOs +// ============================================================================ + +export class MessageResponseDto { + @ApiProperty() + id: number; + + @ApiProperty() + senderId: number; + + @ApiProperty() + senderEmail: string; + + @ApiProperty() + senderFullName: string; + + @ApiProperty() + content: string; + + @ApiProperty() + type: 'stream' | 'private'; + + @ApiPropertyOptional() + streamId?: number; + + @ApiPropertyOptional() + streamName?: string; + + @ApiProperty() + subject: string; + + @ApiProperty() + timestamp: number; + + @ApiProperty() + avatarUrl: string; +} + +export class SendMessageResponseDto { + @ApiProperty() + id: number; + + @ApiProperty() + result: string; + + @ApiProperty() + message: string; +} + +export class StreamResponseDto { + @ApiProperty() + streamId: number; + + @ApiProperty() + name: string; + + @ApiProperty() + description: string; + + @ApiProperty() + inviteOnly: boolean; + + @ApiProperty() + isWebPublic: boolean; + + @ApiProperty() + dateCreated: number; +} + +export class StreamSubscriptionResponseDto extends StreamResponseDto { + @ApiProperty() + color: string; + + @ApiProperty() + isMuted: boolean; + + @ApiProperty() + pinToTop: boolean; + + @ApiPropertyOptional() + emailAddress?: string; +} + +export class UserResponseDto { + @ApiProperty() + userId: number; + + @ApiProperty() + email: string; + + @ApiProperty() + fullName: string; + + @ApiProperty() + avatarUrl: string; + + @ApiProperty() + isAdmin: boolean; + + @ApiProperty() + isBot: boolean; + + @ApiProperty() + isActive: boolean; + + @ApiProperty() + timezone: string; + + @ApiProperty() + dateJoined: string; +} + +export class MessagesListResponseDto { + @ApiProperty({ type: [MessageResponseDto] }) + messages: MessageResponseDto[]; + + @ApiProperty() + foundOldest: boolean; + + @ApiProperty() + foundNewest: boolean; + + @ApiProperty() + anchor: number; +} diff --git a/apps/api/src/modules/integrations/connectors/zulip/index.ts b/apps/api/src/modules/integrations/connectors/zulip/index.ts new file mode 100644 index 0000000..b97ad4c --- /dev/null +++ b/apps/api/src/modules/integrations/connectors/zulip/index.ts @@ -0,0 +1,5 @@ +export * from './zulip.module'; +export * from './zulip.service'; +export * from './zulip.connector'; +export * from './zulip.types'; +export * from './dto'; diff --git a/apps/api/src/modules/integrations/connectors/zulip/zulip.connector.ts b/apps/api/src/modules/integrations/connectors/zulip/zulip.connector.ts new file mode 100644 index 0000000..f7b9b65 --- /dev/null +++ b/apps/api/src/modules/integrations/connectors/zulip/zulip.connector.ts @@ -0,0 +1,495 @@ +import { Injectable, Logger } from '@nestjs/common'; +import { ConfigService } from '@nestjs/config'; +import { + BaseConnector, + BaseConnectorConfig, + ConnectionTestResult, +} from '../base-connector'; +import { IntegrationConfigError } from '../../errors'; +import { + ZulipAuthConfig, + ZulipMessage, + ZulipSendMessageRequest, + ZulipSendMessageResponse, + ZulipGetMessagesRequest, + ZulipGetMessagesResponse, + ZulipStream, + ZulipStreamSubscription, + ZulipGetStreamsResponse, + ZulipGetSubscriptionsResponse, + ZulipSubscribeRequest, + ZulipSubscribeResponse, + ZulipUser, + ZulipGetUsersResponse, + ZulipNarrow, +} from './zulip.types'; + +/** + * ZULIP API Connector + * + * Provides integration with ZULIP team chat platform. + * Uses Basic Authentication with email and API key. + * + * @see https://zulip.com/api/ + */ +@Injectable() +export class ZulipConnector extends BaseConnector { + protected readonly name = 'ZULIP'; + private readonly authConfig: ZulipAuthConfig; + + constructor(private readonly configService: ConfigService) { + const baseUrl = configService.get('ZULIP_BASE_URL') || ''; + + super({ + baseUrl: baseUrl ? `${baseUrl}/api/v1` : '', + timeout: 30000, + maxRetries: 3, + }); + + this.authConfig = { + baseUrl, + email: configService.get('ZULIP_EMAIL') || '', + apiKey: configService.get('ZULIP_API_KEY') || '', + }; + } + + /** + * Check if the connector is properly configured + */ + isConfigured(): boolean { + return !!( + this.authConfig.baseUrl && + this.authConfig.email && + this.authConfig.apiKey + ); + } + + /** + * Get missing configuration items + */ + getMissingConfig(): string[] { + const missing: string[] = []; + if (!this.authConfig.baseUrl) missing.push('ZULIP_BASE_URL'); + if (!this.authConfig.email) missing.push('ZULIP_EMAIL'); + if (!this.authConfig.apiKey) missing.push('ZULIP_API_KEY'); + return missing; + } + + /** + * Test the connection to ZULIP + */ + async testConnection(): Promise { + if (!this.isConfigured()) { + return { + success: false, + message: `Missing configuration: ${this.getMissingConfig().join(', ')}`, + }; + } + + const startTime = Date.now(); + + try { + // Try to get server settings (doesn't require auth but verifies the server) + const response = await this.get<{ + result: string; + zulip_version: string; + zulip_feature_level: number; + }>('/server_settings'); + + if (response.result !== 'success') { + throw new Error('Server returned non-success result'); + } + + // Verify credentials by fetching the authenticated user + await this.get<{ result: string }>('/users/me'); + + return { + success: true, + message: 'Successfully connected to ZULIP', + latencyMs: Date.now() - startTime, + details: { + baseUrl: this.authConfig.baseUrl, + zulipVersion: response.zulip_version, + featureLevel: response.zulip_feature_level, + }, + }; + } catch (error) { + const message = error instanceof Error ? error.message : 'Unknown error'; + return { + success: false, + message: `Connection failed: ${message}`, + latencyMs: Date.now() - startTime, + }; + } + } + + /** + * Get authentication headers for requests (Basic Auth) + */ + async getAuthHeaders(): Promise> { + if (!this.isConfigured()) { + throw new IntegrationConfigError(this.name, this.getMissingConfig()); + } + + const credentials = Buffer.from( + `${this.authConfig.email}:${this.authConfig.apiKey}`, + ).toString('base64'); + + return { + Authorization: `Basic ${credentials}`, + }; + } + + // =========================================================================== + // Messages API + // =========================================================================== + + /** + * Get messages + */ + async getMessages( + request: ZulipGetMessagesRequest = {}, + ): Promise { + const params = this.buildMessagesParams(request); + return this.get('/messages', { params }); + } + + /** + * Get messages from a specific stream + */ + async getStreamMessages( + streamName: string, + topic?: string, + numMessages = 50, + ): Promise { + const narrow: ZulipNarrow[] = [ + { operator: 'stream', operand: streamName }, + ]; + + if (topic) { + narrow.push({ operator: 'topic', operand: topic }); + } + + const response = await this.getMessages({ + anchor: 'newest', + num_before: numMessages, + num_after: 0, + narrow, + }); + + return response.messages; + } + + /** + * Get private messages with a user + */ + async getPrivateMessages( + userEmail: string, + numMessages = 50, + ): Promise { + const response = await this.getMessages({ + anchor: 'newest', + num_before: numMessages, + num_after: 0, + narrow: [ + { operator: 'pm-with', operand: userEmail }, + ], + }); + + return response.messages; + } + + /** + * Search messages + */ + async searchMessages( + searchTerm: string, + options: { + stream?: string; + limit?: number; + } = {}, + ): Promise { + const narrow: ZulipNarrow[] = [ + { operator: 'search', operand: searchTerm }, + ]; + + if (options.stream) { + narrow.push({ operator: 'stream', operand: options.stream }); + } + + const response = await this.getMessages({ + anchor: 'newest', + num_before: options.limit || 50, + num_after: 0, + narrow, + }); + + return response.messages; + } + + /** + * Send a message + */ + async sendMessage( + request: ZulipSendMessageRequest, + ): Promise { + const formData = new URLSearchParams(); + formData.append('type', request.type); + + if (Array.isArray(request.to)) { + formData.append('to', JSON.stringify(request.to)); + } else { + formData.append('to', request.to); + } + + if (request.topic) { + formData.append('topic', request.topic); + } + + formData.append('content', request.content); + + if (request.queue_id) { + formData.append('queue_id', request.queue_id); + } + + if (request.local_id) { + formData.append('local_id', request.local_id); + } + + return this.post('/messages', formData.toString(), { + headers: { + 'Content-Type': 'application/x-www-form-urlencoded', + }, + }); + } + + /** + * Send a message to a stream + */ + async sendStreamMessage( + stream: string, + topic: string, + content: string, + ): Promise { + return this.sendMessage({ + type: 'stream', + to: stream, + topic, + content, + }); + } + + /** + * Send a private message + */ + async sendPrivateMessage( + userIds: number[], + content: string, + ): Promise { + return this.sendMessage({ + type: 'private', + to: userIds, + content, + }); + } + + // =========================================================================== + // Streams API + // =========================================================================== + + /** + * Get all streams + */ + async getStreams( + options: { + includePublic?: boolean; + includeSubscribed?: boolean; + includeAllActive?: boolean; + includeDefault?: boolean; + includeOwnerSubscribed?: boolean; + } = {}, + ): Promise { + const params: Record = {}; + + if (options.includePublic !== undefined) { + params.include_public = String(options.includePublic); + } + if (options.includeSubscribed !== undefined) { + params.include_subscribed = String(options.includeSubscribed); + } + if (options.includeAllActive !== undefined) { + params.include_all_active = String(options.includeAllActive); + } + if (options.includeDefault !== undefined) { + params.include_default = String(options.includeDefault); + } + if (options.includeOwnerSubscribed !== undefined) { + params.include_owner_subscribed = String(options.includeOwnerSubscribed); + } + + const response = await this.get('/streams', { + params, + }); + + return response.streams; + } + + /** + * Get subscribed streams + */ + async getSubscriptions(): Promise { + const response = await this.get( + '/users/me/subscriptions', + ); + return response.subscriptions; + } + + /** + * Subscribe to streams + */ + async subscribe( + request: ZulipSubscribeRequest, + ): Promise { + const formData = new URLSearchParams(); + formData.append('subscriptions', JSON.stringify(request.subscriptions)); + + if (request.principals) { + formData.append('principals', JSON.stringify(request.principals)); + } + + if (request.invite_only !== undefined) { + formData.append('invite_only', String(request.invite_only)); + } + + if (request.history_public_to_subscribers !== undefined) { + formData.append( + 'history_public_to_subscribers', + String(request.history_public_to_subscribers), + ); + } + + if (request.announce !== undefined) { + formData.append('announce', String(request.announce)); + } + + return this.post( + '/users/me/subscriptions', + formData.toString(), + { + headers: { + 'Content-Type': 'application/x-www-form-urlencoded', + }, + }, + ); + } + + /** + * Unsubscribe from streams + */ + async unsubscribe(streamNames: string[]): Promise<{ result: string }> { + const formData = new URLSearchParams(); + formData.append('subscriptions', JSON.stringify(streamNames)); + + return this.delete<{ result: string }>( + `/users/me/subscriptions?${formData.toString()}`, + ); + } + + // =========================================================================== + // Users API + // =========================================================================== + + /** + * Get all users + */ + async getUsers( + options: { + clientGravatar?: boolean; + includeCustomProfileFields?: boolean; + } = {}, + ): Promise { + const params: Record = {}; + + if (options.clientGravatar !== undefined) { + params.client_gravatar = String(options.clientGravatar); + } + + if (options.includeCustomProfileFields !== undefined) { + params.include_custom_profile_fields = String( + options.includeCustomProfileFields, + ); + } + + const response = await this.get('/users', { params }); + return response.members; + } + + /** + * Get current user profile + */ + async getCurrentUser(): Promise { + const response = await this.get('/users/me'); + return response; + } + + /** + * Get a specific user by ID + */ + async getUser(userId: number): Promise { + const response = await this.get<{ user: ZulipUser }>(`/users/${userId}`); + return response.user; + } + + /** + * Get a specific user by email + */ + async getUserByEmail(email: string): Promise { + const response = await this.get<{ user: ZulipUser }>( + `/users/${encodeURIComponent(email)}`, + ); + return response.user; + } + + // =========================================================================== + // Helper Methods + // =========================================================================== + + /** + * Build query parameters for messages endpoint + */ + private buildMessagesParams( + request: ZulipGetMessagesRequest, + ): Record { + const params: Record = {}; + + if (request.anchor !== undefined) { + params.anchor = String(request.anchor); + } + + if (request.include_anchor !== undefined) { + params.include_anchor = String(request.include_anchor); + } + + if (request.num_before !== undefined) { + params.num_before = String(request.num_before); + } + + if (request.num_after !== undefined) { + params.num_after = String(request.num_after); + } + + if (request.narrow) { + params.narrow = JSON.stringify(request.narrow); + } + + if (request.apply_markdown !== undefined) { + params.apply_markdown = String(request.apply_markdown); + } + + if (request.use_first_unread_anchor !== undefined) { + params.use_first_unread_anchor = String(request.use_first_unread_anchor); + } + + return params; + } +} diff --git a/apps/api/src/modules/integrations/connectors/zulip/zulip.controller.ts b/apps/api/src/modules/integrations/connectors/zulip/zulip.controller.ts new file mode 100644 index 0000000..3b7daf0 --- /dev/null +++ b/apps/api/src/modules/integrations/connectors/zulip/zulip.controller.ts @@ -0,0 +1,197 @@ +import { + Controller, + Get, + Post, + Delete, + Body, + Query, + HttpCode, + HttpStatus, +} from '@nestjs/common'; +import { + ApiTags, + ApiOperation, + ApiResponse, + ApiBearerAuth, + ApiBody, +} from '@nestjs/swagger'; +import { ZulipService } from './zulip.service'; +import { + GetMessagesQueryDto, + SendStreamMessageDto, + SendPrivateMessageDto, + GetStreamsQueryDto, + SubscribeRequestDto, + GetUsersQueryDto, + MessageResponseDto, + MessagesListResponseDto, + SendMessageResponseDto, + StreamResponseDto, + StreamSubscriptionResponseDto, + UserResponseDto, +} from './dto'; +import { ConnectionTestResult } from '../base-connector'; +import { RequirePermissions } from '../../../../auth/permissions/permissions.decorator'; +import { Permission } from '../../../../auth/permissions/permissions.enum'; + +@ApiTags('Integrations - ZULIP') +@ApiBearerAuth() +@Controller('integrations/zulip') +export class ZulipController { + constructor(private readonly zulipService: ZulipService) {} + + @Post('test') + @HttpCode(HttpStatus.OK) + @ApiOperation({ summary: 'Test ZULIP connection' }) + @ApiResponse({ + status: 200, + description: 'Connection test result', + }) + @RequirePermissions(Permission.INTEGRATIONS_MANAGE) + async testConnection(): Promise { + return this.zulipService.testConnection(); + } + + // =========================================================================== + // Messages + // =========================================================================== + + @Get('messages') + @ApiOperation({ summary: 'Get messages' }) + @ApiResponse({ + status: 200, + description: 'List of messages', + type: MessagesListResponseDto, + }) + @RequirePermissions(Permission.INTEGRATIONS_VIEW) + async getMessages( + @Query() query: GetMessagesQueryDto, + ): Promise { + return this.zulipService.getMessages(query); + } + + @Post('messages') + @ApiOperation({ summary: 'Send a message to a stream' }) + @ApiResponse({ + status: 201, + description: 'Message sent successfully', + type: SendMessageResponseDto, + }) + @RequirePermissions(Permission.INTEGRATIONS_MANAGE) + async sendStreamMessage( + @Body() dto: SendStreamMessageDto, + ): Promise { + return this.zulipService.sendStreamMessage(dto); + } + + @Post('messages/private') + @ApiOperation({ summary: 'Send a private message' }) + @ApiResponse({ + status: 201, + description: 'Message sent successfully', + type: SendMessageResponseDto, + }) + @RequirePermissions(Permission.INTEGRATIONS_MANAGE) + async sendPrivateMessage( + @Body() dto: SendPrivateMessageDto, + ): Promise { + return this.zulipService.sendPrivateMessage(dto); + } + + // =========================================================================== + // Streams + // =========================================================================== + + @Get('streams') + @ApiOperation({ summary: 'Get list of streams' }) + @ApiResponse({ + status: 200, + description: 'List of streams', + type: [StreamResponseDto], + }) + @RequirePermissions(Permission.INTEGRATIONS_VIEW) + async getStreams( + @Query() query: GetStreamsQueryDto, + ): Promise { + return this.zulipService.getStreams(query); + } + + @Get('streams/subscriptions') + @ApiOperation({ summary: 'Get subscribed streams' }) + @ApiResponse({ + status: 200, + description: 'List of subscribed streams', + type: [StreamSubscriptionResponseDto], + }) + @RequirePermissions(Permission.INTEGRATIONS_VIEW) + async getSubscriptions(): Promise { + return this.zulipService.getSubscriptions(); + } + + @Post('streams/subscribe') + @ApiOperation({ summary: 'Subscribe to streams' }) + @ApiResponse({ + status: 201, + description: 'Subscription result', + }) + @RequirePermissions(Permission.INTEGRATIONS_MANAGE) + async subscribe(@Body() dto: SubscribeRequestDto): Promise<{ + subscribed: string[]; + alreadySubscribed: string[]; + }> { + return this.zulipService.subscribe(dto); + } + + @Delete('streams/unsubscribe') + @ApiOperation({ summary: 'Unsubscribe from streams' }) + @ApiBody({ + schema: { + type: 'object', + properties: { + streamNames: { + type: 'array', + items: { type: 'string' }, + example: ['general', 'announcements'], + }, + }, + }, + }) + @ApiResponse({ + status: 200, + description: 'Unsubscription result', + }) + @RequirePermissions(Permission.INTEGRATIONS_MANAGE) + async unsubscribe( + @Body('streamNames') streamNames: string[], + ): Promise<{ success: boolean }> { + return this.zulipService.unsubscribe(streamNames); + } + + // =========================================================================== + // Users + // =========================================================================== + + @Get('users') + @ApiOperation({ summary: 'Get list of users' }) + @ApiResponse({ + status: 200, + description: 'List of users', + type: [UserResponseDto], + }) + @RequirePermissions(Permission.INTEGRATIONS_VIEW) + async getUsers(@Query() query: GetUsersQueryDto): Promise { + return this.zulipService.getUsers(query); + } + + @Get('users/me') + @ApiOperation({ summary: 'Get current authenticated user' }) + @ApiResponse({ + status: 200, + description: 'Current user profile', + type: UserResponseDto, + }) + @RequirePermissions(Permission.INTEGRATIONS_VIEW) + async getCurrentUser(): Promise { + return this.zulipService.getCurrentUser(); + } +} diff --git a/apps/api/src/modules/integrations/connectors/zulip/zulip.module.ts b/apps/api/src/modules/integrations/connectors/zulip/zulip.module.ts new file mode 100644 index 0000000..2d30001 --- /dev/null +++ b/apps/api/src/modules/integrations/connectors/zulip/zulip.module.ts @@ -0,0 +1,11 @@ +import { Module } from '@nestjs/common'; +import { ZulipConnector } from './zulip.connector'; +import { ZulipService } from './zulip.service'; +import { ZulipController } from './zulip.controller'; + +@Module({ + controllers: [ZulipController], + providers: [ZulipConnector, ZulipService], + exports: [ZulipService, ZulipConnector], +}) +export class ZulipModule {} diff --git a/apps/api/src/modules/integrations/connectors/zulip/zulip.service.ts b/apps/api/src/modules/integrations/connectors/zulip/zulip.service.ts new file mode 100644 index 0000000..c55cdd3 --- /dev/null +++ b/apps/api/src/modules/integrations/connectors/zulip/zulip.service.ts @@ -0,0 +1,316 @@ +import { Injectable, Logger } from '@nestjs/common'; +import { ZulipConnector } from './zulip.connector'; +import { + GetMessagesQueryDto, + SendStreamMessageDto, + SendPrivateMessageDto, + GetStreamsQueryDto, + SubscribeRequestDto, + GetUsersQueryDto, + MessageResponseDto, + MessagesListResponseDto, + SendMessageResponseDto, + StreamResponseDto, + StreamSubscriptionResponseDto, + UserResponseDto, +} from './dto'; +import { ConnectionTestResult } from '../base-connector'; +import { ZulipMessage, ZulipStream, ZulipStreamSubscription, ZulipUser } from './zulip.types'; + +/** + * Service layer for ZULIP integration + * + * Provides business logic and data transformation for ZULIP API calls. + */ +@Injectable() +export class ZulipService { + private readonly logger = new Logger(ZulipService.name); + + constructor(private readonly connector: ZulipConnector) {} + + /** + * Test the connection to ZULIP + */ + async testConnection(): Promise { + this.logger.log('Testing ZULIP connection'); + return this.connector.testConnection(); + } + + /** + * Check if ZULIP integration is configured + */ + isConfigured(): boolean { + return this.connector.isConfigured(); + } + + // =========================================================================== + // Messages + // =========================================================================== + + /** + * Get messages with optional filters + */ + async getMessages(query: GetMessagesQueryDto): Promise { + this.logger.log(`Fetching messages with query: ${JSON.stringify(query)}`); + + let messages: ZulipMessage[]; + + if (query.search) { + messages = await this.connector.searchMessages(query.search, { + stream: query.stream, + limit: query.numBefore, + }); + } else if (query.stream) { + messages = await this.connector.getStreamMessages( + query.stream, + query.topic, + query.numBefore, + ); + } else { + const response = await this.connector.getMessages({ + anchor: this.parseAnchor(query.anchor), + num_before: query.numBefore, + num_after: query.numAfter, + }); + messages = response.messages; + + return { + messages: messages.map(this.mapMessageToDto), + foundOldest: response.found_oldest, + foundNewest: response.found_newest, + anchor: response.anchor, + }; + } + + return { + messages: messages.map(this.mapMessageToDto), + foundOldest: true, + foundNewest: true, + anchor: messages.length > 0 ? messages[0].id : 0, + }; + } + + /** + * Send a message to a stream + */ + async sendStreamMessage( + dto: SendStreamMessageDto, + ): Promise { + this.logger.log(`Sending stream message to ${dto.stream}/${dto.topic}`); + + const response = await this.connector.sendStreamMessage( + dto.stream, + dto.topic, + dto.content, + ); + + return { + id: response.id, + result: response.result, + message: response.msg, + }; + } + + /** + * Send a private message + */ + async sendPrivateMessage( + dto: SendPrivateMessageDto, + ): Promise { + this.logger.log(`Sending private message to users: ${dto.userIds.join(', ')}`); + + const response = await this.connector.sendPrivateMessage( + dto.userIds, + dto.content, + ); + + return { + id: response.id, + result: response.result, + message: response.msg, + }; + } + + // =========================================================================== + // Streams + // =========================================================================== + + /** + * Get list of streams + */ + async getStreams(query: GetStreamsQueryDto): Promise { + this.logger.log('Fetching streams'); + + const streams = await this.connector.getStreams({ + includePublic: query.includePublic, + includeSubscribed: query.includeSubscribed, + }); + + return streams.map(this.mapStreamToDto); + } + + /** + * Get user's subscribed streams + */ + async getSubscriptions(): Promise { + this.logger.log('Fetching subscriptions'); + + const subscriptions = await this.connector.getSubscriptions(); + + return subscriptions.map(this.mapSubscriptionToDto); + } + + /** + * Subscribe to streams + */ + async subscribe(dto: SubscribeRequestDto): Promise<{ + subscribed: string[]; + alreadySubscribed: string[]; + }> { + this.logger.log(`Subscribing to streams: ${dto.subscriptions.map(s => s.name).join(', ')}`); + + const response = await this.connector.subscribe({ + subscriptions: dto.subscriptions, + invite_only: dto.inviteOnly, + }); + + // Extract stream names from the response + const subscribed = Object.keys(response.subscribed); + const alreadySubscribed = Object.keys(response.already_subscribed); + + return { + subscribed, + alreadySubscribed, + }; + } + + /** + * Unsubscribe from streams + */ + async unsubscribe(streamNames: string[]): Promise<{ success: boolean }> { + this.logger.log(`Unsubscribing from streams: ${streamNames.join(', ')}`); + + const response = await this.connector.unsubscribe(streamNames); + + return { + success: response.result === 'success', + }; + } + + // =========================================================================== + // Users + // =========================================================================== + + /** + * Get list of users + */ + async getUsers(query: GetUsersQueryDto): Promise { + this.logger.log('Fetching users'); + + const users = await this.connector.getUsers({ + includeCustomProfileFields: query.includeCustomProfileFields, + }); + + return users.map(this.mapUserToDto); + } + + /** + * Get current authenticated user + */ + async getCurrentUser(): Promise { + this.logger.log('Fetching current user'); + + const user = await this.connector.getCurrentUser(); + + return this.mapUserToDto(user); + } + + // =========================================================================== + // Mappers + // =========================================================================== + + /** + * Parse anchor value (can be number or special string) + */ + private parseAnchor( + anchor?: string, + ): number | 'newest' | 'oldest' | 'first_unread' | undefined { + if (!anchor) return 'newest'; + + if (['newest', 'oldest', 'first_unread'].includes(anchor)) { + return anchor as 'newest' | 'oldest' | 'first_unread'; + } + + const parsed = parseInt(anchor, 10); + return isNaN(parsed) ? 'newest' : parsed; + } + + /** + * Map Zulip message to response DTO + */ + private mapMessageToDto = (message: ZulipMessage): MessageResponseDto => { + const streamName = + typeof message.display_recipient === 'string' + ? message.display_recipient + : undefined; + + return { + id: message.id, + senderId: message.sender_id, + senderEmail: message.sender_email, + senderFullName: message.sender_full_name, + content: message.content, + type: message.type, + streamId: message.stream_id, + streamName, + subject: message.subject, + timestamp: message.timestamp, + avatarUrl: message.avatar_url, + }; + }; + + /** + * Map Zulip stream to response DTO + */ + private mapStreamToDto = (stream: ZulipStream): StreamResponseDto => ({ + streamId: stream.stream_id, + name: stream.name, + description: stream.description, + inviteOnly: stream.invite_only, + isWebPublic: stream.is_web_public, + dateCreated: stream.date_created, + }); + + /** + * Map Zulip subscription to response DTO + */ + private mapSubscriptionToDto = ( + subscription: ZulipStreamSubscription, + ): StreamSubscriptionResponseDto => ({ + streamId: subscription.stream_id, + name: subscription.name, + description: subscription.description, + inviteOnly: subscription.invite_only, + isWebPublic: subscription.is_web_public, + dateCreated: subscription.date_created, + color: subscription.color, + isMuted: subscription.is_muted, + pinToTop: subscription.pin_to_top, + emailAddress: subscription.email_address, + }); + + /** + * Map Zulip user to response DTO + */ + private mapUserToDto = (user: ZulipUser): UserResponseDto => ({ + userId: user.user_id, + email: user.email, + fullName: user.full_name, + avatarUrl: user.avatar_url, + isAdmin: user.is_admin, + isBot: user.is_bot, + isActive: user.is_active, + timezone: user.timezone, + dateJoined: user.date_joined, + }); +} diff --git a/apps/api/src/modules/integrations/connectors/zulip/zulip.types.ts b/apps/api/src/modules/integrations/connectors/zulip/zulip.types.ts new file mode 100644 index 0000000..1f4b038 --- /dev/null +++ b/apps/api/src/modules/integrations/connectors/zulip/zulip.types.ts @@ -0,0 +1,275 @@ +/** + * ZULIP API Type Definitions + * + * These types are based on the ZULIP REST API documentation. + * @see https://zulip.com/api/ + */ + +// ============================================================================ +// Authentication Types +// ============================================================================ + +export interface ZulipAuthConfig { + /** Zulip server URL (e.g., https://yourorg.zulipchat.com) */ + baseUrl: string; + /** Bot email address */ + email: string; + /** API key */ + apiKey: string; +} + +// ============================================================================ +// Message Types +// ============================================================================ + +export interface ZulipMessage { + id: number; + sender_id: number; + sender_email: string; + sender_full_name: string; + sender_realm_str: string; + content: string; + content_type: string; + display_recipient: string | ZulipDisplayRecipient[]; + recipient_id: number; + stream_id?: number; + subject: string; + timestamp: number; + type: 'stream' | 'private'; + avatar_url: string; + client: string; + flags: string[]; + is_me_message: boolean; + reactions: ZulipReaction[]; + submessages: unknown[]; +} + +export interface ZulipDisplayRecipient { + id: number; + email: string; + full_name: string; + is_mirror_dummy: boolean; +} + +export interface ZulipReaction { + emoji_code: string; + emoji_name: string; + reaction_type: string; + user: { + email: string; + full_name: string; + user_id: number; + }; + user_id: number; +} + +export interface ZulipSendMessageRequest { + /** Message type: 'stream' or 'private' */ + type: 'stream' | 'private'; + /** Stream name (for stream messages) or user IDs (for private messages) */ + to: string | number[]; + /** Topic (required for stream messages) */ + topic?: string; + /** Message content (Markdown) */ + content: string; + /** Queue ID for message acknowledgment */ + queue_id?: string; + /** Local ID for message deduplication */ + local_id?: string; +} + +export interface ZulipSendMessageResponse { + id: number; + result: string; + msg: string; +} + +export interface ZulipGetMessagesRequest { + /** Anchor message ID or 'newest'/'oldest'/'first_unread' */ + anchor?: number | 'newest' | 'oldest' | 'first_unread'; + /** Include anchor message */ + include_anchor?: boolean; + /** Number of messages before anchor */ + num_before?: number; + /** Number of messages after anchor */ + num_after?: number; + /** Narrow query (filter) */ + narrow?: ZulipNarrow[]; + /** Apply markdown */ + apply_markdown?: boolean; + /** Use first unread anchor */ + use_first_unread_anchor?: boolean; +} + +export type ZulipNarrow = { + operator: string; + operand: string | number; + negated?: boolean; +}; + +export interface ZulipGetMessagesResponse { + result: string; + msg: string; + messages: ZulipMessage[]; + found_anchor: boolean; + found_oldest: boolean; + found_newest: boolean; + history_limited: boolean; + anchor: number; +} + +export interface ZulipUpdateMessageRequest { + message_id: number; + content?: string; + topic?: string; + propagate_mode?: 'change_one' | 'change_later' | 'change_all'; + send_notification_to_old_thread?: boolean; + send_notification_to_new_thread?: boolean; +} + +// ============================================================================ +// Stream Types +// ============================================================================ + +export interface ZulipStream { + stream_id: number; + name: string; + description: string; + rendered_description: string; + date_created: number; + invite_only: boolean; + is_web_public: boolean; + is_announcement_only: boolean; + history_public_to_subscribers: boolean; + first_message_id: number | null; + stream_post_policy: number; + message_retention_days: number | null; + can_remove_subscribers_group: number; +} + +export interface ZulipStreamSubscription extends ZulipStream { + audible_notifications: boolean | null; + color: string; + desktop_notifications: boolean | null; + email_address: string; + email_notifications: boolean | null; + in_home_view: boolean; + is_muted: boolean; + pin_to_top: boolean; + push_notifications: boolean | null; + stream_weekly_traffic: number | null; + wildcard_mentions_notify: boolean | null; +} + +export interface ZulipGetStreamsResponse { + result: string; + msg: string; + streams: ZulipStream[]; +} + +export interface ZulipGetSubscriptionsResponse { + result: string; + msg: string; + subscriptions: ZulipStreamSubscription[]; +} + +export interface ZulipSubscribeRequest { + subscriptions: Array<{ + name: string; + description?: string; + }>; + principals?: number[]; + invite_only?: boolean; + history_public_to_subscribers?: boolean; + announce?: boolean; +} + +export interface ZulipSubscribeResponse { + result: string; + msg: string; + subscribed: Record; + already_subscribed: Record; + unauthorized: string[]; +} + +// ============================================================================ +// User Types +// ============================================================================ + +export interface ZulipUser { + user_id: number; + email: string; + full_name: string; + avatar_url: string; + avatar_version: number; + is_admin: boolean; + is_owner: boolean; + is_billing_admin: boolean; + is_guest: boolean; + is_bot: boolean; + is_active: boolean; + timezone: string; + date_joined: string; + role: number; + bot_type?: number; + bot_owner_id?: number; + profile_data?: Record; +} + +export interface ZulipGetUsersResponse { + result: string; + msg: string; + members: ZulipUser[]; +} + +export interface ZulipGetUserPresenceResponse { + result: string; + msg: string; + presence: Record; +} + +// ============================================================================ +// Event Types +// ============================================================================ + +export interface ZulipRegisterQueueResponse { + result: string; + msg: string; + queue_id: string; + last_event_id: number; + zulip_feature_level: number; + zulip_version: string; + zulip_merge_base: string; +} + +export interface ZulipEvent { + type: string; + id: number; + [key: string]: unknown; +} + +export interface ZulipGetEventsResponse { + result: string; + msg: string; + events: ZulipEvent[]; + queue_id?: string; +} + +// ============================================================================ +// API Response Types +// ============================================================================ + +export interface ZulipApiResponse { + result: 'success' | 'error'; + msg: string; +} + +export interface ZulipApiError extends ZulipApiResponse { + result: 'error'; + code?: string; + stream?: string; +} diff --git a/apps/api/src/modules/integrations/credentials/credentials.controller.ts b/apps/api/src/modules/integrations/credentials/credentials.controller.ts new file mode 100644 index 0000000..bb1eef1 --- /dev/null +++ b/apps/api/src/modules/integrations/credentials/credentials.controller.ts @@ -0,0 +1,158 @@ +import { + Controller, + Get, + Post, + Put, + Delete, + Body, + Param, + Query, + HttpCode, + HttpStatus, +} from '@nestjs/common'; +import { + ApiTags, + ApiOperation, + ApiResponse, + ApiBearerAuth, + ApiParam, +} from '@nestjs/swagger'; +import { CredentialsService } from './credentials.service'; +import { CreateCredentialDto } from './dto/create-credential.dto'; +import { UpdateCredentialDto } from './dto/update-credential.dto'; +import { QueryCredentialsDto } from './dto/query-credentials.dto'; +import { Roles } from '../../../auth/decorators/roles.decorator'; +import { RequirePermissions } from '../../../auth/permissions/permissions.decorator'; +import { Permission } from '../../../auth/permissions/permissions.enum'; +import { CurrentUser } from '../../../auth/decorators/current-user.decorator'; +import { JwtPayload } from '../../../auth/interfaces/jwt-payload.interface'; +import { AuditLog } from '../../audit/audit.interceptor'; + +@ApiTags('integrations/credentials') +@ApiBearerAuth('JWT-auth') +@Controller('integrations/credentials') +export class CredentialsController { + constructor(private readonly credentialsService: CredentialsService) {} + + @Post() + @Roles('admin') + @RequirePermissions(Permission.INTEGRATIONS_MANAGE) + @AuditLog('IntegrationCredential', 'CREATE') + @ApiOperation({ summary: 'Create a new integration credential' }) + @ApiResponse({ + status: 201, + description: 'Credential created successfully', + }) + @ApiResponse({ status: 400, description: 'Bad request - invalid data' }) + @ApiResponse({ status: 401, description: 'Unauthorized' }) + @ApiResponse({ status: 403, description: 'Forbidden - insufficient permissions' }) + @ApiResponse({ + status: 409, + description: 'Conflict - credential with same name/type already exists', + }) + create( + @Body() createDto: CreateCredentialDto, + @CurrentUser() user: JwtPayload, + ) { + return this.credentialsService.create(createDto, user.sub); + } + + @Get() + @RequirePermissions(Permission.INTEGRATIONS_VIEW) + @ApiOperation({ + summary: 'Get all integration credentials (without decrypted secrets)', + }) + @ApiResponse({ + status: 200, + description: 'List of credentials with pagination', + }) + @ApiResponse({ status: 401, description: 'Unauthorized' }) + findAll(@Query() query: QueryCredentialsDto) { + return this.credentialsService.findAll(query); + } + + @Get(':id') + @RequirePermissions(Permission.INTEGRATIONS_MANAGE) + @ApiOperation({ + summary: 'Get a single credential by ID (includes decrypted secrets)', + }) + @ApiParam({ name: 'id', description: 'Credential ID' }) + @ApiResponse({ + status: 200, + description: 'Credential details with decrypted secrets', + }) + @ApiResponse({ status: 401, description: 'Unauthorized' }) + @ApiResponse({ status: 403, description: 'Forbidden - insufficient permissions' }) + @ApiResponse({ status: 404, description: 'Credential not found' }) + findOne(@Param('id') id: string) { + return this.credentialsService.findOne(id); + } + + @Put(':id') + @Roles('admin') + @RequirePermissions(Permission.INTEGRATIONS_MANAGE) + @AuditLog('IntegrationCredential', 'UPDATE') + @ApiOperation({ summary: 'Update an integration credential' }) + @ApiParam({ name: 'id', description: 'Credential ID' }) + @ApiResponse({ + status: 200, + description: 'Credential updated successfully', + }) + @ApiResponse({ status: 400, description: 'Bad request - invalid data' }) + @ApiResponse({ status: 401, description: 'Unauthorized' }) + @ApiResponse({ status: 403, description: 'Forbidden - insufficient permissions' }) + @ApiResponse({ status: 404, description: 'Credential not found' }) + @ApiResponse({ + status: 409, + description: 'Conflict - credential with same name already exists', + }) + update( + @Param('id') id: string, + @Body() updateDto: UpdateCredentialDto, + @CurrentUser() user: JwtPayload, + ) { + return this.credentialsService.update(id, updateDto, user.sub); + } + + @Delete(':id') + @Roles('admin') + @RequirePermissions(Permission.INTEGRATIONS_MANAGE) + @AuditLog('IntegrationCredential', 'DELETE') + @HttpCode(HttpStatus.OK) + @ApiOperation({ summary: 'Deactivate an integration credential (soft delete)' }) + @ApiParam({ name: 'id', description: 'Credential ID' }) + @ApiResponse({ + status: 200, + description: 'Credential deactivated successfully', + }) + @ApiResponse({ status: 401, description: 'Unauthorized' }) + @ApiResponse({ status: 403, description: 'Forbidden - insufficient permissions' }) + @ApiResponse({ status: 404, description: 'Credential not found' }) + remove(@Param('id') id: string, @CurrentUser() user: JwtPayload) { + return this.credentialsService.remove(id, user.sub); + } + + @Post(':id/test') + @RequirePermissions(Permission.INTEGRATIONS_MANAGE) + @HttpCode(HttpStatus.OK) + @ApiOperation({ summary: 'Test connection with the credential' }) + @ApiParam({ name: 'id', description: 'Credential ID' }) + @ApiResponse({ + status: 200, + description: 'Connection test result', + schema: { + type: 'object', + properties: { + success: { type: 'boolean' }, + message: { type: 'string' }, + latency: { type: 'number', description: 'Latency in milliseconds' }, + }, + }, + }) + @ApiResponse({ status: 401, description: 'Unauthorized' }) + @ApiResponse({ status: 403, description: 'Forbidden - insufficient permissions' }) + @ApiResponse({ status: 404, description: 'Credential not found' }) + testConnection(@Param('id') id: string) { + return this.credentialsService.testConnection(id); + } +} diff --git a/apps/api/src/modules/integrations/credentials/credentials.module.ts b/apps/api/src/modules/integrations/credentials/credentials.module.ts new file mode 100644 index 0000000..fd5afc3 --- /dev/null +++ b/apps/api/src/modules/integrations/credentials/credentials.module.ts @@ -0,0 +1,10 @@ +import { Module } from '@nestjs/common'; +import { CredentialsController } from './credentials.controller'; +import { CredentialsService } from './credentials.service'; + +@Module({ + controllers: [CredentialsController], + providers: [CredentialsService], + exports: [CredentialsService], +}) +export class CredentialsModule {} diff --git a/apps/api/src/modules/integrations/credentials/credentials.service.ts b/apps/api/src/modules/integrations/credentials/credentials.service.ts new file mode 100644 index 0000000..50548c5 --- /dev/null +++ b/apps/api/src/modules/integrations/credentials/credentials.service.ts @@ -0,0 +1,546 @@ +import { + Injectable, + NotFoundException, + ConflictException, + BadRequestException, + Logger, +} from '@nestjs/common'; +import { PrismaService } from '../../../prisma/prisma.service'; +import { EncryptionService } from '../../../common/services/encryption.service'; +import { CreateCredentialDto } from './dto/create-credential.dto'; +import { UpdateCredentialDto } from './dto/update-credential.dto'; +import { QueryCredentialsDto } from './dto/query-credentials.dto'; +import { IntegrationType, SyncStatus, Prisma } from '@prisma/client'; + +/** + * Response type for credential listing (without decrypted secrets) + */ +export interface CredentialListItem { + id: string; + type: IntegrationType; + name: string; + isActive: boolean; + lastUsed: Date | null; + lastSync: Date | null; + syncStatus: SyncStatus; + syncError: string | null; + createdAt: Date; + updatedAt: Date; + createdBy: { + id: string; + firstName: string; + lastName: string; + email: string; + }; +} + +/** + * Response type for single credential with decrypted credentials + */ +export interface CredentialDetail extends CredentialListItem { + credentials: Record; +} + +/** + * Paginated response wrapper + */ +export interface PaginatedCredentials { + data: CredentialListItem[]; + meta: { + total: number; + page: number; + limit: number; + totalPages: number; + }; +} + +@Injectable() +export class CredentialsService { + private readonly logger = new Logger(CredentialsService.name); + + constructor( + private readonly prisma: PrismaService, + private readonly encryptionService: EncryptionService, + ) {} + + /** + * Creates a new integration credential with encrypted secrets + */ + async create( + createDto: CreateCredentialDto, + userId: string, + ): Promise { + // Check for duplicate name within the same type + const existing = await this.prisma.integrationCredential.findUnique({ + where: { + type_name: { + type: createDto.type, + name: createDto.name, + }, + }, + }); + + if (existing) { + throw new ConflictException( + `A credential with name "${createDto.name}" already exists for type ${createDto.type}`, + ); + } + + // Encrypt the credentials + const encryptedCredentials = this.encryptionService.encryptObject( + createDto.credentials, + ); + + const credential = await this.prisma.integrationCredential.create({ + data: { + type: createDto.type, + name: createDto.name, + credentials: encryptedCredentials, + createdById: userId, + }, + include: { + createdBy: { + select: { + id: true, + firstName: true, + lastName: true, + email: true, + }, + }, + }, + }); + + this.logger.log( + `Created credential ${credential.id} (${createDto.type}:${createDto.name}) by user ${userId}`, + ); + + return this.mapToListItem(credential); + } + + /** + * Retrieves all credentials with pagination and filtering + * Note: Does not include decrypted credentials + */ + async findAll(query: QueryCredentialsDto): Promise { + const { type, isActive, syncStatus, search, page = 1, limit = 10 } = query; + + const where: Prisma.IntegrationCredentialWhereInput = {}; + + if (type) { + where.type = type; + } + + if (isActive !== undefined) { + where.isActive = isActive; + } + + if (syncStatus) { + where.syncStatus = syncStatus; + } + + if (search) { + where.name = { + contains: search, + mode: 'insensitive', + }; + } + + const [credentials, total] = await Promise.all([ + this.prisma.integrationCredential.findMany({ + where, + include: { + createdBy: { + select: { + id: true, + firstName: true, + lastName: true, + email: true, + }, + }, + }, + orderBy: [{ type: 'asc' }, { name: 'asc' }], + skip: (page - 1) * limit, + take: limit, + }), + this.prisma.integrationCredential.count({ where }), + ]); + + return { + data: credentials.map((c) => this.mapToListItem(c)), + meta: { + total, + page, + limit, + totalPages: Math.ceil(total / limit), + }, + }; + } + + /** + * Retrieves a single credential by ID with decrypted credentials + */ + async findOne(id: string): Promise { + const credential = await this.prisma.integrationCredential.findUnique({ + where: { id }, + include: { + createdBy: { + select: { + id: true, + firstName: true, + lastName: true, + email: true, + }, + }, + }, + }); + + if (!credential) { + throw new NotFoundException(`Credential with ID ${id} not found`); + } + + // Decrypt credentials + let decryptedCredentials: Record; + try { + decryptedCredentials = this.encryptionService.decryptObject( + credential.credentials, + ); + } catch (error) { + this.logger.error(`Failed to decrypt credentials for ${id}`); + throw new BadRequestException('Failed to decrypt credentials'); + } + + // Update last used timestamp + await this.prisma.integrationCredential.update({ + where: { id }, + data: { lastUsed: new Date() }, + }); + + return { + ...this.mapToListItem(credential), + credentials: decryptedCredentials, + }; + } + + /** + * Updates an existing credential + */ + async update( + id: string, + updateDto: UpdateCredentialDto, + userId: string, + ): Promise { + const existing = await this.prisma.integrationCredential.findUnique({ + where: { id }, + }); + + if (!existing) { + throw new NotFoundException(`Credential with ID ${id} not found`); + } + + // Check for name conflict if name is being updated + if (updateDto.name && updateDto.name !== existing.name) { + const duplicate = await this.prisma.integrationCredential.findUnique({ + where: { + type_name: { + type: existing.type, + name: updateDto.name, + }, + }, + }); + + if (duplicate) { + throw new ConflictException( + `A credential with name "${updateDto.name}" already exists for type ${existing.type}`, + ); + } + } + + // Prepare update data + const updateData: Prisma.IntegrationCredentialUpdateInput = {}; + + if (updateDto.name !== undefined) { + updateData.name = updateDto.name; + } + + if (updateDto.isActive !== undefined) { + updateData.isActive = updateDto.isActive; + } + + if (updateDto.credentials) { + // Encrypt new credentials + updateData.credentials = this.encryptionService.encryptObject( + updateDto.credentials, + ); + } + + const updated = await this.prisma.integrationCredential.update({ + where: { id }, + data: updateData, + include: { + createdBy: { + select: { + id: true, + firstName: true, + lastName: true, + email: true, + }, + }, + }, + }); + + this.logger.log(`Updated credential ${id} by user ${userId}`); + + return this.mapToListItem(updated); + } + + /** + * Soft-deletes a credential by deactivating it + */ + async remove(id: string, userId: string): Promise { + const existing = await this.prisma.integrationCredential.findUnique({ + where: { id }, + }); + + if (!existing) { + throw new NotFoundException(`Credential with ID ${id} not found`); + } + + const updated = await this.prisma.integrationCredential.update({ + where: { id }, + data: { isActive: false }, + include: { + createdBy: { + select: { + id: true, + firstName: true, + lastName: true, + email: true, + }, + }, + }, + }); + + this.logger.log(`Deactivated credential ${id} by user ${userId}`); + + return this.mapToListItem(updated); + } + + /** + * Tests a credential connection + */ + async testConnection( + id: string, + ): Promise<{ success: boolean; message: string; latency?: number }> { + const credential = await this.findOne(id); + + if (!credential.isActive) { + return { + success: false, + message: 'Credential is deactivated', + }; + } + + const startTime = Date.now(); + + try { + // Integration-specific connection tests + const result = await this.performConnectionTest( + credential.type, + credential.credentials, + ); + + const latency = Date.now() - startTime; + + // Update sync status on success + await this.updateSyncStatus(id, SyncStatus.SUCCESS, null); + + return { + success: true, + message: result.message || 'Connection successful', + latency, + }; + } catch (error) { + const errorMessage = + error instanceof Error ? error.message : 'Connection test failed'; + + // Update sync status on error + await this.updateSyncStatus(id, SyncStatus.ERROR, errorMessage); + + return { + success: false, + message: errorMessage, + }; + } + } + + /** + * Gets decrypted credentials for internal use (e.g., sync jobs) + * Does not update lastUsed timestamp + */ + async getCredentialsForSync(id: string): Promise<{ + type: IntegrationType; + credentials: Record; + }> { + const credential = await this.prisma.integrationCredential.findUnique({ + where: { id }, + }); + + if (!credential) { + throw new NotFoundException(`Credential with ID ${id} not found`); + } + + if (!credential.isActive) { + throw new BadRequestException(`Credential ${id} is deactivated`); + } + + const decryptedCredentials = this.encryptionService.decryptObject< + Record + >(credential.credentials); + + return { + type: credential.type, + credentials: decryptedCredentials, + }; + } + + /** + * Updates the sync status of a credential + */ + async updateSyncStatus( + id: string, + status: SyncStatus, + error: string | null, + ): Promise { + await this.prisma.integrationCredential.update({ + where: { id }, + data: { + syncStatus: status, + syncError: error, + lastSync: status === SyncStatus.SUCCESS ? new Date() : undefined, + }, + }); + } + + /** + * Performs integration-specific connection test + */ + private async performConnectionTest( + type: IntegrationType, + credentials: Record, + ): Promise<{ success: boolean; message: string }> { + // Each integration type would have its own connection test logic + // For now, we validate that required fields are present + + switch (type) { + case IntegrationType.PLENTYONE: + return this.testPlentyOneConnection(credentials); + case IntegrationType.ZULIP: + return this.testZulipConnection(credentials); + case IntegrationType.TODOIST: + return this.testTodoistConnection(credentials); + case IntegrationType.FREESCOUT: + return this.testFreescoutConnection(credentials); + case IntegrationType.NEXTCLOUD: + return this.testNextcloudConnection(credentials); + case IntegrationType.ECODMS: + return this.testEcodmsConnection(credentials); + case IntegrationType.GEMBADOCS: + return this.testGembadocsConnection(credentials); + default: + // For generic/custom integrations, just validate basic structure + return { success: true, message: 'Credential format validated' }; + } + } + + private async testPlentyOneConnection( + credentials: Record, + ): Promise<{ success: boolean; message: string }> { + const required = ['apiUrl', 'apiKey']; + this.validateRequiredFields(credentials, required, 'PlentyOne'); + // In production, make an actual API call to verify credentials + return { success: true, message: 'PlentyOne credentials validated' }; + } + + private async testZulipConnection( + credentials: Record, + ): Promise<{ success: boolean; message: string }> { + const required = ['zulipUrl', 'botEmail', 'apiKey']; + this.validateRequiredFields(credentials, required, 'Zulip'); + return { success: true, message: 'Zulip credentials validated' }; + } + + private async testTodoistConnection( + credentials: Record, + ): Promise<{ success: boolean; message: string }> { + const required = ['apiToken']; + this.validateRequiredFields(credentials, required, 'Todoist'); + return { success: true, message: 'Todoist credentials validated' }; + } + + private async testFreescoutConnection( + credentials: Record, + ): Promise<{ success: boolean; message: string }> { + const required = ['apiUrl', 'apiKey']; + this.validateRequiredFields(credentials, required, 'FreeScout'); + return { success: true, message: 'FreeScout credentials validated' }; + } + + private async testNextcloudConnection( + credentials: Record, + ): Promise<{ success: boolean; message: string }> { + const required = ['serverUrl', 'username', 'password']; + this.validateRequiredFields(credentials, required, 'Nextcloud'); + return { success: true, message: 'Nextcloud credentials validated' }; + } + + private async testEcodmsConnection( + credentials: Record, + ): Promise<{ success: boolean; message: string }> { + const required = ['apiUrl', 'username', 'password']; + this.validateRequiredFields(credentials, required, 'ecoDMS'); + return { success: true, message: 'ecoDMS credentials validated' }; + } + + private async testGembadocsConnection( + credentials: Record, + ): Promise<{ success: boolean; message: string }> { + const required = ['apiUrl', 'apiKey']; + this.validateRequiredFields(credentials, required, 'GembaDocs'); + return { success: true, message: 'GembaDocs credentials validated' }; + } + + private validateRequiredFields( + credentials: Record, + required: string[], + integrationName: string, + ): void { + const missing = required.filter( + (field) => !credentials[field] || credentials[field] === '', + ); + + if (missing.length > 0) { + throw new BadRequestException( + `${integrationName}: Missing required fields: ${missing.join(', ')}`, + ); + } + } + + /** + * Maps a Prisma credential to a list item (without secrets) + */ + private mapToListItem(credential: any): CredentialListItem { + return { + id: credential.id, + type: credential.type, + name: credential.name, + isActive: credential.isActive, + lastUsed: credential.lastUsed, + lastSync: credential.lastSync, + syncStatus: credential.syncStatus, + syncError: credential.syncError, + createdAt: credential.createdAt, + updatedAt: credential.updatedAt, + createdBy: credential.createdBy, + }; + } +} diff --git a/apps/api/src/modules/integrations/credentials/dto/create-credential.dto.ts b/apps/api/src/modules/integrations/credentials/dto/create-credential.dto.ts new file mode 100644 index 0000000..8ce4054 --- /dev/null +++ b/apps/api/src/modules/integrations/credentials/dto/create-credential.dto.ts @@ -0,0 +1,58 @@ +import { + IsString, + IsEnum, + IsNotEmpty, + IsObject, + IsOptional, + MaxLength, + MinLength, +} from 'class-validator'; +import { ApiProperty, ApiPropertyOptional } from '@nestjs/swagger'; +import { IntegrationType } from '@prisma/client'; + +/** + * DTO for creating a new integration credential + */ +export class CreateCredentialDto { + @ApiProperty({ + description: 'Type of integration', + enum: IntegrationType, + example: IntegrationType.PLENTYONE, + }) + @IsEnum(IntegrationType) + @IsNotEmpty() + type: IntegrationType; + + @ApiProperty({ + description: 'Human-readable name for this credential configuration', + example: 'Production PlentyOne API', + minLength: 3, + maxLength: 100, + }) + @IsString() + @IsNotEmpty() + @MinLength(3) + @MaxLength(100) + name: string; + + @ApiProperty({ + description: 'Credential data specific to the integration type', + example: { + apiUrl: 'https://api.plentyone.com', + apiKey: 'secret-api-key', + username: 'integration-user', + }, + }) + @IsObject() + @IsNotEmpty() + credentials: Record; + + @ApiPropertyOptional({ + description: 'Optional description for this credential', + example: 'Main production API access for PlentyOne ERP', + }) + @IsString() + @IsOptional() + @MaxLength(500) + description?: string; +} diff --git a/apps/api/src/modules/integrations/credentials/dto/index.ts b/apps/api/src/modules/integrations/credentials/dto/index.ts new file mode 100644 index 0000000..4c43046 --- /dev/null +++ b/apps/api/src/modules/integrations/credentials/dto/index.ts @@ -0,0 +1,3 @@ +export * from './create-credential.dto'; +export * from './update-credential.dto'; +export * from './query-credentials.dto'; diff --git a/apps/api/src/modules/integrations/credentials/dto/query-credentials.dto.ts b/apps/api/src/modules/integrations/credentials/dto/query-credentials.dto.ts new file mode 100644 index 0000000..704b94d --- /dev/null +++ b/apps/api/src/modules/integrations/credentials/dto/query-credentials.dto.ts @@ -0,0 +1,75 @@ +import { + IsString, + IsEnum, + IsBoolean, + IsOptional, + IsInt, + Min, + Max, +} from 'class-validator'; +import { ApiPropertyOptional } from '@nestjs/swagger'; +import { Transform, Type } from 'class-transformer'; +import { IntegrationType, SyncStatus } from '@prisma/client'; + +/** + * DTO for querying integration credentials with filtering and pagination + */ +export class QueryCredentialsDto { + @ApiPropertyOptional({ + description: 'Filter by integration type', + enum: IntegrationType, + example: IntegrationType.PLENTYONE, + }) + @IsEnum(IntegrationType) + @IsOptional() + type?: IntegrationType; + + @ApiPropertyOptional({ + description: 'Filter by active status', + example: true, + }) + @IsBoolean() + @IsOptional() + @Transform(({ value }) => value === 'true' || value === true) + isActive?: boolean; + + @ApiPropertyOptional({ + description: 'Filter by sync status', + enum: SyncStatus, + example: SyncStatus.SUCCESS, + }) + @IsEnum(SyncStatus) + @IsOptional() + syncStatus?: SyncStatus; + + @ApiPropertyOptional({ + description: 'Search by name', + example: 'Production', + }) + @IsString() + @IsOptional() + search?: string; + + @ApiPropertyOptional({ + description: 'Page number (1-based)', + example: 1, + default: 1, + }) + @Type(() => Number) + @IsInt() + @Min(1) + @IsOptional() + page?: number = 1; + + @ApiPropertyOptional({ + description: 'Items per page', + example: 10, + default: 10, + }) + @Type(() => Number) + @IsInt() + @Min(1) + @Max(100) + @IsOptional() + limit?: number = 10; +} diff --git a/apps/api/src/modules/integrations/credentials/dto/update-credential.dto.ts b/apps/api/src/modules/integrations/credentials/dto/update-credential.dto.ts new file mode 100644 index 0000000..f150317 --- /dev/null +++ b/apps/api/src/modules/integrations/credentials/dto/update-credential.dto.ts @@ -0,0 +1,56 @@ +import { + IsString, + IsBoolean, + IsObject, + IsOptional, + MaxLength, + MinLength, +} from 'class-validator'; +import { ApiPropertyOptional } from '@nestjs/swagger'; + +/** + * DTO for updating an existing integration credential + * Note: Integration type cannot be changed after creation + */ +export class UpdateCredentialDto { + @ApiPropertyOptional({ + description: 'Human-readable name for this credential configuration', + example: 'Production PlentyOne API v2', + minLength: 3, + maxLength: 100, + }) + @IsString() + @IsOptional() + @MinLength(3) + @MaxLength(100) + name?: string; + + @ApiPropertyOptional({ + description: 'Credential data specific to the integration type', + example: { + apiUrl: 'https://api.plentyone.com/v2', + apiKey: 'new-secret-api-key', + username: 'integration-user', + }, + }) + @IsObject() + @IsOptional() + credentials?: Record; + + @ApiPropertyOptional({ + description: 'Whether this credential is active', + example: true, + }) + @IsBoolean() + @IsOptional() + isActive?: boolean; + + @ApiPropertyOptional({ + description: 'Optional description for this credential', + example: 'Updated main production API access for PlentyOne ERP', + }) + @IsString() + @IsOptional() + @MaxLength(500) + description?: string; +} diff --git a/apps/api/src/modules/integrations/credentials/index.ts b/apps/api/src/modules/integrations/credentials/index.ts new file mode 100644 index 0000000..264370e --- /dev/null +++ b/apps/api/src/modules/integrations/credentials/index.ts @@ -0,0 +1,4 @@ +export * from './credentials.module'; +export * from './credentials.service'; +export * from './credentials.controller'; +export * from './dto'; diff --git a/apps/api/src/modules/integrations/dto/index.ts b/apps/api/src/modules/integrations/dto/index.ts new file mode 100644 index 0000000..c04f3b5 --- /dev/null +++ b/apps/api/src/modules/integrations/dto/index.ts @@ -0,0 +1 @@ +export * from './integrations.dto'; diff --git a/apps/api/src/modules/integrations/dto/integrations.dto.ts b/apps/api/src/modules/integrations/dto/integrations.dto.ts new file mode 100644 index 0000000..07fa728 --- /dev/null +++ b/apps/api/src/modules/integrations/dto/integrations.dto.ts @@ -0,0 +1,125 @@ +import { ApiProperty, ApiPropertyOptional } from '@nestjs/swagger'; + +/** + * Represents the status of a single integration + */ +export class IntegrationStatusDto { + @ApiProperty({ + description: 'Integration type identifier', + example: 'plentyone', + }) + type: string; + + @ApiProperty({ + description: 'Display name of the integration', + example: 'PlentyONE', + }) + name: string; + + @ApiProperty({ + description: 'Whether the integration is properly configured', + example: true, + }) + configured: boolean; + + @ApiProperty({ + description: 'Whether the integration is currently connected/healthy', + example: true, + }) + connected: boolean; + + @ApiPropertyOptional({ + description: 'Last successful connection time', + example: '2024-01-15T10:30:00Z', + }) + lastChecked?: string; + + @ApiPropertyOptional({ + description: 'Response latency in milliseconds', + example: 245, + }) + latencyMs?: number; + + @ApiPropertyOptional({ + description: 'Error message if connection failed', + example: 'Authentication failed: Invalid API key', + }) + error?: string; + + @ApiPropertyOptional({ + description: 'Missing configuration items', + example: ['PLENTYONE_CLIENT_ID', 'PLENTYONE_CLIENT_SECRET'], + type: [String], + }) + missingConfig?: string[]; +} + +/** + * Response containing all integration statuses + */ +export class IntegrationsOverviewDto { + @ApiProperty({ + description: 'List of all integration statuses', + type: [IntegrationStatusDto], + }) + integrations: IntegrationStatusDto[]; + + @ApiProperty({ + description: 'Number of configured integrations', + example: 2, + }) + configuredCount: number; + + @ApiProperty({ + description: 'Number of connected integrations', + example: 2, + }) + connectedCount: number; + + @ApiProperty({ + description: 'Total number of available integrations', + example: 3, + }) + totalCount: number; +} + +/** + * Response for health check of a specific integration + */ +export class IntegrationHealthDto { + @ApiProperty({ + description: 'Integration type identifier', + example: 'zulip', + }) + type: string; + + @ApiProperty({ + description: 'Whether the connection test was successful', + example: true, + }) + healthy: boolean; + + @ApiProperty({ + description: 'Health check message', + example: 'Successfully connected to ZULIP', + }) + message: string; + + @ApiPropertyOptional({ + description: 'Response latency in milliseconds', + example: 123, + }) + latencyMs?: number; + + @ApiProperty({ + description: 'Timestamp of the health check', + example: '2024-01-15T10:30:00Z', + }) + timestamp: string; + + @ApiPropertyOptional({ + description: 'Additional details about the connection', + example: { zulipVersion: '8.0', featureLevel: 200 }, + }) + details?: Record; +} diff --git a/apps/api/src/modules/integrations/errors/index.ts b/apps/api/src/modules/integrations/errors/index.ts new file mode 100644 index 0000000..ead8aef --- /dev/null +++ b/apps/api/src/modules/integrations/errors/index.ts @@ -0,0 +1 @@ +export * from './integration.errors'; diff --git a/apps/api/src/modules/integrations/errors/integration.errors.ts b/apps/api/src/modules/integrations/errors/integration.errors.ts new file mode 100644 index 0000000..e2e0586 --- /dev/null +++ b/apps/api/src/modules/integrations/errors/integration.errors.ts @@ -0,0 +1,170 @@ +import { HttpException, HttpStatus } from '@nestjs/common'; + +/** + * Base class for all integration-related errors + */ +export abstract class IntegrationError extends HttpException { + public readonly integrationName: string; + public readonly originalError?: Error; + public readonly timestamp: Date; + public readonly retryable: boolean; + + constructor( + integrationName: string, + message: string, + status: HttpStatus, + retryable: boolean = false, + originalError?: Error, + ) { + super( + { + statusCode: status, + error: 'Integration Error', + message, + integration: integrationName, + retryable, + timestamp: new Date().toISOString(), + }, + status, + ); + + this.integrationName = integrationName; + this.originalError = originalError; + this.timestamp = new Date(); + this.retryable = retryable; + } +} + +/** + * Thrown when a connection to an external service cannot be established + */ +export class IntegrationConnectionError extends IntegrationError { + constructor(integrationName: string, message: string, originalError?: Error) { + super( + integrationName, + `Connection failed: ${message}`, + HttpStatus.SERVICE_UNAVAILABLE, + true, // Connection errors are typically retryable + originalError, + ); + } +} + +/** + * Thrown when authentication with an external service fails + */ +export class IntegrationAuthError extends IntegrationError { + constructor(integrationName: string, message: string, originalError?: Error) { + super( + integrationName, + `Authentication failed: ${message}`, + HttpStatus.UNAUTHORIZED, + false, // Auth errors usually require user intervention + originalError, + ); + } +} + +/** + * Thrown when rate limits are exceeded + */ +export class IntegrationRateLimitError extends IntegrationError { + public readonly retryAfter?: number; + + constructor( + integrationName: string, + message: string, + retryAfter?: number, + originalError?: Error, + ) { + super( + integrationName, + `Rate limit exceeded: ${message}${retryAfter ? `. Retry after ${retryAfter}s` : ''}`, + HttpStatus.TOO_MANY_REQUESTS, + true, // Rate limit errors are retryable after waiting + originalError, + ); + this.retryAfter = retryAfter; + } +} + +/** + * Thrown for general API errors from external services + */ +export class IntegrationApiError extends IntegrationError { + public readonly apiStatusCode?: number; + public readonly apiErrorCode?: string; + + constructor( + integrationName: string, + message: string, + apiStatusCode?: number, + apiErrorCode?: string, + originalError?: Error, + ) { + // Determine if the error is retryable based on status code + const retryable = apiStatusCode ? apiStatusCode >= 500 : false; + + // Map external status codes to appropriate HTTP status + let status: HttpStatus; + if (apiStatusCode) { + if (apiStatusCode === 404) { + status = HttpStatus.NOT_FOUND; + } else if (apiStatusCode === 400) { + status = HttpStatus.BAD_REQUEST; + } else if (apiStatusCode === 403) { + status = HttpStatus.FORBIDDEN; + } else if (apiStatusCode >= 500) { + status = HttpStatus.BAD_GATEWAY; + } else { + status = HttpStatus.BAD_REQUEST; + } + } else { + status = HttpStatus.BAD_GATEWAY; + } + + super( + integrationName, + `API error: ${message}`, + status, + retryable, + originalError, + ); + this.apiStatusCode = apiStatusCode; + this.apiErrorCode = apiErrorCode; + } +} + +/** + * Thrown when required configuration is missing + */ +export class IntegrationConfigError extends IntegrationError { + constructor(integrationName: string, missingConfig: string[]) { + super( + integrationName, + `Missing configuration: ${missingConfig.join(', ')}`, + HttpStatus.INTERNAL_SERVER_ERROR, + false, + ); + } +} + +/** + * Thrown when data validation fails + */ +export class IntegrationValidationError extends IntegrationError { + public readonly validationErrors: string[]; + + constructor( + integrationName: string, + validationErrors: string[], + ) { + super( + integrationName, + `Validation failed: ${validationErrors.join('; ')}`, + HttpStatus.UNPROCESSABLE_ENTITY, + false, + ); + this.validationErrors = validationErrors; + } +} diff --git a/apps/api/src/modules/integrations/index.ts b/apps/api/src/modules/integrations/index.ts new file mode 100644 index 0000000..85a449c --- /dev/null +++ b/apps/api/src/modules/integrations/index.ts @@ -0,0 +1,19 @@ +export * from './integrations.module'; +export * from './integrations.service'; +export * from './integrations.controller'; +export * from './credentials'; +export * from './sync'; +export * from './status'; +export * from './jobs'; +export * from './dto'; +export * from './errors'; + +// Connector module exports (avoid wildcard re-exports to prevent name collisions) +export { PlentyoneModule } from './connectors/plentyone/plentyone.module'; +export { ZulipModule } from './connectors/zulip/zulip.module'; +export { TodoistModule } from './connectors/todoist/todoist.module'; +export { FreeScoutModule } from './connectors/freescout/freescout.module'; +export { NextcloudModule } from './connectors/nextcloud/nextcloud.module'; +export { EcoDmsModule } from './connectors/ecodms/ecodms.module'; +export { GembaDocsModule } from './connectors/gembadocs/gembadocs.module'; +export { BaseConnector, type BaseConnectorConfig, type ConnectionTestResult } from './connectors/base-connector'; diff --git a/apps/api/src/modules/integrations/integrations.controller.ts b/apps/api/src/modules/integrations/integrations.controller.ts new file mode 100644 index 0000000..f1fff95 --- /dev/null +++ b/apps/api/src/modules/integrations/integrations.controller.ts @@ -0,0 +1,154 @@ +import { + Controller, + Get, + Post, + Param, + HttpCode, + HttpStatus, + BadRequestException, +} from '@nestjs/common'; +import { + ApiTags, + ApiOperation, + ApiResponse, + ApiBearerAuth, + ApiParam, +} from '@nestjs/swagger'; +import { IntegrationsService, IntegrationType } from './integrations.service'; +import { + IntegrationsOverviewDto, + IntegrationStatusDto, + IntegrationHealthDto, +} from './dto'; +import { RequirePermissions } from '../../auth/permissions/permissions.decorator'; +import { Permission } from '../../auth/permissions/permissions.enum'; + +/** + * Valid integration types for validation + */ +const VALID_INTEGRATION_TYPES: IntegrationType[] = [ + 'plentyone', 'zulip', 'todoist', 'freescout', 'nextcloud', 'ecodms', 'gembadocs', +]; + +@ApiTags('Integrations') +@ApiBearerAuth() +@Controller('integrations') +export class IntegrationsController { + constructor(private readonly integrationsService: IntegrationsService) {} + + @Get() + @ApiOperation({ + summary: 'Get overview of all integrations', + description: + 'Returns a list of all available integrations with their configuration and connection status.', + }) + @ApiResponse({ + status: 200, + description: 'Integrations overview', + type: IntegrationsOverviewDto, + }) + @RequirePermissions(Permission.INTEGRATIONS_VIEW) + async getOverview(): Promise { + return this.integrationsService.getOverview(); + } + + @Get('status') + @ApiOperation({ + summary: 'Get status of all integrations', + description: 'Returns status information for all integration types.', + }) + @ApiResponse({ + status: 200, + description: 'All integration statuses', + type: IntegrationsOverviewDto, + }) + @RequirePermissions(Permission.INTEGRATIONS_VIEW) + async getAllStatuses(): Promise { + return this.integrationsService.getOverview(); + } + + @Get(':type/status') + @ApiOperation({ + summary: 'Get status of a specific integration', + description: + 'Returns detailed status information for a specific integration type.', + }) + @ApiParam({ + name: 'type', + description: 'Integration type', + enum: VALID_INTEGRATION_TYPES, + }) + @ApiResponse({ + status: 200, + description: 'Integration status', + type: IntegrationStatusDto, + }) + @ApiResponse({ status: 400, description: 'Invalid integration type' }) + @ApiResponse({ status: 404, description: 'Integration not found' }) + @RequirePermissions(Permission.INTEGRATIONS_VIEW) + async getStatus( + @Param('type') type: string, + ): Promise { + this.validateIntegrationType(type); + return this.integrationsService.getIntegrationStatus(type as IntegrationType); + } + + @Get(':type/health') + @HttpCode(HttpStatus.OK) + @ApiOperation({ + summary: 'Check health of a specific integration', + description: + 'Performs a health check by testing the connection to the external service.', + }) + @ApiParam({ + name: 'type', + description: 'Integration type', + enum: VALID_INTEGRATION_TYPES, + }) + @ApiResponse({ + status: 200, + description: 'Health check result', + type: IntegrationHealthDto, + }) + @ApiResponse({ status: 400, description: 'Invalid integration type' }) + @ApiResponse({ status: 404, description: 'Integration not found' }) + @RequirePermissions(Permission.INTEGRATIONS_VIEW) + async checkHealth( + @Param('type') type: string, + ): Promise { + this.validateIntegrationType(type); + return this.integrationsService.checkHealth(type as IntegrationType); + } + + @Post(':type/test-connection') + @HttpCode(HttpStatus.OK) + @ApiOperation({ + summary: 'Test connection for a specific integration', + description: 'Tests the connection to the external service.', + }) + @ApiParam({ + name: 'type', + description: 'Integration type', + enum: VALID_INTEGRATION_TYPES, + }) + @ApiResponse({ status: 200, description: 'Connection test result' }) + @ApiResponse({ status: 400, description: 'Invalid integration type' }) + @RequirePermissions(Permission.INTEGRATIONS_MANAGE) + async testConnection( + @Param('type') type: string, + ): Promise { + this.validateIntegrationType(type); + return this.integrationsService.checkHealth(type as IntegrationType); + } + + /** + * Validate that the provided type is a valid integration type + */ + private validateIntegrationType(type: string): void { + if (!VALID_INTEGRATION_TYPES.includes(type as IntegrationType)) { + throw new BadRequestException( + `Invalid integration type '${type}'. Valid types are: ${VALID_INTEGRATION_TYPES.join(', ')}`, + ); + } + } +} diff --git a/apps/api/src/modules/integrations/integrations.module.ts b/apps/api/src/modules/integrations/integrations.module.ts new file mode 100644 index 0000000..d41dd3e --- /dev/null +++ b/apps/api/src/modules/integrations/integrations.module.ts @@ -0,0 +1,92 @@ +import { Module } from '@nestjs/common'; +import { CredentialsModule } from './credentials/credentials.module'; +import { SyncModule } from './sync/sync.module'; +import { StatusModule } from './status/status.module'; +import { JobsModule } from './jobs/jobs.module'; + +// Connector modules +import { PlentyoneModule } from './connectors/plentyone/plentyone.module'; +import { ZulipModule } from './connectors/zulip/zulip.module'; +import { TodoistModule } from './connectors/todoist/todoist.module'; +import { FreeScoutModule } from './connectors/freescout/freescout.module'; +import { NextcloudModule } from './connectors/nextcloud/nextcloud.module'; +import { EcoDmsModule } from './connectors/ecodms/ecodms.module'; +import { GembaDocsModule } from './connectors/gembadocs/gembadocs.module'; + +// Main integrations service and controller +import { IntegrationsService } from './integrations.service'; +import { IntegrationsController } from './integrations.controller'; + +/** + * Integrations Module + * + * This module provides comprehensive integration management capabilities: + * + * - **Credentials**: Secure storage and management of integration credentials + * - **Sync**: Manual and scheduled synchronization with external services + * - **Status**: Health monitoring and statistics for all integrations + * - **Jobs**: Background job processing for sync operations + * - **Connectors**: API connectors for external services + * + * Supported Integration Types: + * - PLENTYONE: ERP/E-commerce system integration (orders, stock, statistics) + * - ZULIP: Team chat/messaging (messages, streams, users) + * - TODOIST: Task management (tasks, projects, labels) + * - FREESCOUT: Helpdesk/ticketing + * - NEXTCLOUD: File storage and collaboration + * - ECODMS: Document management + * - GEMBADOCS: Audit and documentation + * + * Security: + * - All credentials are encrypted using AES-256-GCM + * - Secrets are never logged or exposed in API responses (except when explicitly requested) + * - Access controlled via INTEGRATIONS_VIEW and INTEGRATIONS_MANAGE permissions + * + * API Endpoints (Phase 3): + * - GET /integrations - Overview of all integrations + * - GET /integrations/:type/status - Status of specific integration + * - GET /integrations/:type/health - Health check + * - /integrations/plentyone/* - PlentyONE specific endpoints + * - /integrations/zulip/* - ZULIP specific endpoints + * - /integrations/todoist/* - Todoist specific endpoints + */ +@Module({ + imports: [ + // Core integration infrastructure + CredentialsModule, + SyncModule, + StatusModule, + JobsModule, + + // API Connector modules (Phase 3) + PlentyoneModule, + ZulipModule, + TodoistModule, + FreeScoutModule, + NextcloudModule, + EcoDmsModule, + GembaDocsModule, + ], + controllers: [IntegrationsController], + providers: [IntegrationsService], + exports: [ + // Core modules + CredentialsModule, + SyncModule, + StatusModule, + JobsModule, + + // Connector modules + PlentyoneModule, + ZulipModule, + TodoistModule, + FreeScoutModule, + NextcloudModule, + EcoDmsModule, + GembaDocsModule, + + // Service for external use + IntegrationsService, + ], +}) +export class IntegrationsModule {} diff --git a/apps/api/src/modules/integrations/integrations.service.ts b/apps/api/src/modules/integrations/integrations.service.ts new file mode 100644 index 0000000..c2da982 --- /dev/null +++ b/apps/api/src/modules/integrations/integrations.service.ts @@ -0,0 +1,287 @@ +import { Injectable, Logger, NotFoundException } from '@nestjs/common'; +import { PlentyoneService } from './connectors/plentyone/plentyone.service'; +import { PlentyoneConnector } from './connectors/plentyone/plentyone.connector'; +import { ZulipService } from './connectors/zulip/zulip.service'; +import { ZulipConnector } from './connectors/zulip/zulip.connector'; +import { TodoistService } from './connectors/todoist/todoist.service'; +import { TodoistConnector } from './connectors/todoist/todoist.connector'; +import { FreeScoutService } from './connectors/freescout/freescout.service'; +import { FreeScoutConnector } from './connectors/freescout/freescout.connector'; +import { NextcloudService } from './connectors/nextcloud/nextcloud.service'; +import { NextcloudConnector } from './connectors/nextcloud/nextcloud.connector'; +import { EcoDmsService } from './connectors/ecodms/ecodms.service'; +import { EcoDmsConnector } from './connectors/ecodms/ecodms.connector'; +import { GembaDocsService } from './connectors/gembadocs/gembadocs.service'; +import { GembaDocsConnector } from './connectors/gembadocs/gembadocs.connector'; +import { + IntegrationStatusDto, + IntegrationsOverviewDto, + IntegrationHealthDto, +} from './dto'; + +/** + * Supported integration types + */ +export type IntegrationType = + | 'plentyone' + | 'zulip' + | 'todoist' + | 'freescout' + | 'nextcloud' + | 'ecodms' + | 'gembadocs'; + +/** + * Integration metadata + */ +interface IntegrationMeta { + type: IntegrationType; + name: string; + description: string; +} + +/** + * Service for managing all integrations + * + * Provides aggregated status, health checks, and overview functionality. + */ +@Injectable() +export class IntegrationsService { + private readonly logger = new Logger(IntegrationsService.name); + + /** + * Metadata for all available integrations + */ + private readonly integrationsMeta: IntegrationMeta[] = [ + { + type: 'plentyone', + name: 'PlentyONE', + description: 'E-commerce platform integration for orders and stock management', + }, + { + type: 'zulip', + name: 'ZULIP', + description: 'Team chat integration for messaging and notifications', + }, + { + type: 'todoist', + name: 'Todoist', + description: 'Task management integration for projects and tasks', + }, + { + type: 'freescout', + name: 'FreeScout', + description: 'Helpdesk and ticketing system integration', + }, + { + type: 'nextcloud', + name: 'Nextcloud', + description: 'Cloud file storage and collaboration platform', + }, + { + type: 'ecodms', + name: 'ecoDMS', + description: 'Document management system integration', + }, + { + type: 'gembadocs', + name: 'GembaDocs', + description: 'Audit and compliance documentation management', + }, + ]; + + constructor( + private readonly plentyoneService: PlentyoneService, + private readonly plentyoneConnector: PlentyoneConnector, + private readonly zulipService: ZulipService, + private readonly zulipConnector: ZulipConnector, + private readonly todoistService: TodoistService, + private readonly todoistConnector: TodoistConnector, + private readonly freescoutService: FreeScoutService, + private readonly freescoutConnector: FreeScoutConnector, + private readonly nextcloudService: NextcloudService, + private readonly nextcloudConnector: NextcloudConnector, + private readonly ecodmsService: EcoDmsService, + private readonly ecodmsConnector: EcoDmsConnector, + private readonly gembaDocsService: GembaDocsService, + private readonly gembaDocsConnector: GembaDocsConnector, + ) {} + + /** + * Get overview of all integrations with their status + */ + async getOverview(): Promise { + this.logger.log('Fetching integrations overview'); + + const integrations: IntegrationStatusDto[] = []; + + const allTypes: IntegrationType[] = [ + 'plentyone', 'zulip', 'todoist', 'freescout', 'nextcloud', 'ecodms', 'gembadocs', + ]; + + // Check each integration in parallel + const results = await Promise.allSettled( + allTypes.map((type) => this.getIntegrationStatus(type)), + ); + + for (const result of results) { + if (result.status === 'fulfilled') { + integrations.push(result.value); + } + } + + const configuredCount = integrations.filter((i) => i.configured).length; + const connectedCount = integrations.filter((i) => i.connected).length; + + return { + integrations, + configuredCount, + connectedCount, + totalCount: integrations.length, + }; + } + + /** + * Get status for a specific integration + */ + async getIntegrationStatus(type: IntegrationType): Promise { + const meta = this.integrationsMeta.find((m) => m.type === type); + if (!meta) { + throw new NotFoundException(`Integration type '${type}' not found`); + } + + const status: IntegrationStatusDto = { + type: meta.type, + name: meta.name, + configured: false, + connected: false, + }; + + try { + const { service, connector } = this.getServiceAndConnector(type); + + status.configured = service.isConfigured(); + + if (!status.configured) { + if (connector.getMissingConfig) { + status.missingConfig = connector.getMissingConfig(); + } + return status; + } + + // Test connection + const result = await service.testConnection(); + status.connected = result.success; + status.lastChecked = new Date().toISOString(); + status.latencyMs = result.latencyMs; + + if (!result.success) { + status.error = result.message; + } + } catch (error) { + status.connected = false; + status.error = error instanceof Error ? error.message : 'Unknown error'; + status.lastChecked = new Date().toISOString(); + } + + return status; + } + + /** + * Perform a health check on a specific integration + */ + async checkHealth(type: IntegrationType): Promise { + const meta = this.integrationsMeta.find((m) => m.type === type); + if (!meta) { + throw new NotFoundException(`Integration type '${type}' not found`); + } + + this.logger.log(`Checking health for ${meta.name}`); + + try { + const { service } = this.getServiceAndConnector(type); + + if (!service.isConfigured()) { + return { + type: meta.type, + healthy: false, + message: 'Integration is not configured', + timestamp: new Date().toISOString(), + }; + } + + const result = await service.testConnection(); + + return { + type: meta.type, + healthy: result.success, + message: result.message, + latencyMs: result.latencyMs, + timestamp: new Date().toISOString(), + details: result.details, + }; + } catch (error) { + return { + type: meta.type, + healthy: false, + message: error instanceof Error ? error.message : 'Unknown error', + timestamp: new Date().toISOString(), + }; + } + } + + /** + * Get list of available integration types + */ + getAvailableIntegrations(): IntegrationMeta[] { + return this.integrationsMeta; + } + + /** + * Get service and connector for a specific integration type + */ + private getServiceAndConnector(type: IntegrationType): { + service: { isConfigured: () => boolean; testConnection: () => Promise<{ success: boolean; message: string; latencyMs?: number; details?: Record }> }; + connector: { getMissingConfig?: () => string[] }; + } { + switch (type) { + case 'plentyone': + return { + service: this.plentyoneService, + connector: this.plentyoneConnector, + }; + case 'zulip': + return { + service: this.zulipService, + connector: this.zulipConnector, + }; + case 'todoist': + return { + service: this.todoistService, + connector: this.todoistConnector, + }; + case 'freescout': + return { + service: this.freescoutService, + connector: this.freescoutConnector as { getMissingConfig?: () => string[] }, + }; + case 'nextcloud': + return { + service: this.nextcloudService, + connector: this.nextcloudConnector as { getMissingConfig?: () => string[] }, + }; + case 'ecodms': + return { + service: this.ecodmsService, + connector: this.ecodmsConnector as { getMissingConfig?: () => string[] }, + }; + case 'gembadocs': + return { + service: this.gembaDocsService, + connector: this.gembaDocsConnector, + }; + default: + throw new NotFoundException(`Integration type '${type}' not found`); + } + } +} diff --git a/apps/api/src/modules/integrations/jobs/index.ts b/apps/api/src/modules/integrations/jobs/index.ts new file mode 100644 index 0000000..1afb421 --- /dev/null +++ b/apps/api/src/modules/integrations/jobs/index.ts @@ -0,0 +1,3 @@ +export * from './jobs.module'; +export * from './integration-sync.processor'; +export * from './integration-sync.queue'; diff --git a/apps/api/src/modules/integrations/jobs/integration-sync.processor.ts b/apps/api/src/modules/integrations/jobs/integration-sync.processor.ts new file mode 100644 index 0000000..c542a8e --- /dev/null +++ b/apps/api/src/modules/integrations/jobs/integration-sync.processor.ts @@ -0,0 +1,345 @@ +import { Injectable, Logger, OnModuleInit, OnModuleDestroy, Inject, forwardRef } from '@nestjs/common'; +import { ConfigService } from '@nestjs/config'; +import { ModuleRef } from '@nestjs/core'; +import { PrismaService } from '../../../prisma/prisma.service'; +import { CredentialsService } from '../credentials/credentials.service'; +import { IntegrationType, SyncStatus } from '@prisma/client'; + +/** + * Job data structure for sync jobs + */ +export interface SyncJobData { + integrationId: string; + integrationType: IntegrationType; + fullSync: boolean; +} + +/** + * Job result structure + */ +export interface SyncJobResult { + success: boolean; + recordsProcessed: number; + duration: number; + error?: string; +} + +/** + * Integration Sync Processor + * + * This processor handles background sync jobs for integrations. + * In a production environment with BullMQ configured, this would be a proper + * BullMQ processor. For development without Redis, it uses scheduled intervals. + * + * Features: + * - Scheduled sync jobs per integration type + * - Retry logic (3 attempts) + * - Concurrency control + * - Job status tracking + */ +// Import SyncService type for lazy loading +import type { SyncService } from '../sync/sync.service'; + +@Injectable() +export class IntegrationSyncProcessor implements OnModuleInit, OnModuleDestroy { + private readonly logger = new Logger(IntegrationSyncProcessor.name); + private readonly scheduledJobs = new Map(); + private readonly maxRetries = 3; + private readonly concurrencyLimit = 3; + private runningJobCount = 0; + private isEnabled = false; + private syncService: SyncService | null = null; + + // Default sync intervals in minutes (can be overridden by environment) + private readonly defaultIntervals: Record = { + PLENTYONE: 15, + ZULIP: 5, + TODOIST: 10, + FREESCOUT: 10, + NEXTCLOUD: 30, + ECODMS: 60, + GEMBADOCS: 30, + // Legacy types + DATEV: 60, + PERSONIO: 30, + SAP: 60, + CALENDAR: 15, + EMAIL: 5, + CUSTOM: 60, + }; + + constructor( + private readonly configService: ConfigService, + private readonly prisma: PrismaService, + private readonly credentialsService: CredentialsService, + private readonly moduleRef: ModuleRef, + ) {} + + async onModuleInit(): Promise { + // Check if sync jobs should be enabled + const enableSync = this.configService.get('ENABLE_SYNC_JOBS', 'false'); + this.isEnabled = enableSync === 'true'; + + if (!this.isEnabled) { + this.logger.log( + 'Sync jobs are disabled. Set ENABLE_SYNC_JOBS=true to enable.', + ); + return; + } + + // Lazy load SyncService to avoid circular dependency + try { + const { SyncService } = await import('../sync/sync.service'); + this.syncService = this.moduleRef.get(SyncService, { strict: false }); + } catch (error) { + this.logger.warn('Could not load SyncService. Sync jobs will use direct processing.'); + } + + this.logger.log('Initializing integration sync processor...'); + await this.initializeScheduledJobs(); + } + + onModuleDestroy(): void { + this.logger.log('Shutting down integration sync processor...'); + this.stopAllJobs(); + } + + /** + * Initializes scheduled sync jobs for all active credentials + */ + async initializeScheduledJobs(): Promise { + const credentials = await this.prisma.integrationCredential.findMany({ + where: { isActive: true }, + }); + + this.logger.log(`Found ${credentials.length} active credentials to schedule`); + + for (const credential of credentials) { + this.scheduleJob(credential.id, credential.type); + } + } + + /** + * Schedules a recurring sync job for a credential + */ + scheduleJob(credentialId: string, type: IntegrationType): void { + // Stop existing job if any + this.stopJob(credentialId); + + const intervalMinutes = this.getIntervalForType(type); + const intervalMs = intervalMinutes * 60 * 1000; + + this.logger.log( + `Scheduling sync job for ${type}:${credentialId} every ${intervalMinutes} minutes`, + ); + + // Schedule the job + const timeout = setInterval(async () => { + await this.processJob({ + integrationId: credentialId, + integrationType: type, + fullSync: false, + }); + }, intervalMs); + + this.scheduledJobs.set(credentialId, timeout); + + // Also run immediately on startup (with delay to allow app to fully start) + setTimeout(() => { + this.processJob({ + integrationId: credentialId, + integrationType: type, + fullSync: false, + }); + }, 5000 + Math.random() * 10000); // Stagger initial syncs + } + + /** + * Stops a scheduled job + */ + stopJob(credentialId: string): void { + const timeout = this.scheduledJobs.get(credentialId); + if (timeout) { + clearInterval(timeout); + this.scheduledJobs.delete(credentialId); + this.logger.debug(`Stopped sync job for credential ${credentialId}`); + } + } + + /** + * Stops all scheduled jobs + */ + stopAllJobs(): void { + for (const [credentialId, timeout] of this.scheduledJobs) { + clearInterval(timeout); + this.logger.debug(`Stopped sync job for credential ${credentialId}`); + } + this.scheduledJobs.clear(); + } + + /** + * Processes a sync job with retry logic + */ + async processJob( + data: SyncJobData, + attempt: number = 1, + ): Promise { + const { integrationId, integrationType, fullSync } = data; + + // Check concurrency limit + if (this.runningJobCount >= this.concurrencyLimit) { + this.logger.warn( + `Concurrency limit reached. Skipping sync for ${integrationId}`, + ); + return { + success: false, + recordsProcessed: 0, + duration: 0, + error: 'Concurrency limit reached', + }; + } + + this.runningJobCount++; + const startTime = Date.now(); + + try { + this.logger.debug( + `Processing sync job for ${integrationType}:${integrationId} (attempt ${attempt}/${this.maxRetries})`, + ); + + // Check if credential is still active + const credential = await this.prisma.integrationCredential.findUnique({ + where: { id: integrationId }, + }); + + if (!credential || !credential.isActive) { + this.logger.debug( + `Credential ${integrationId} is inactive or deleted. Stopping scheduled job.`, + ); + this.stopJob(integrationId); + return { + success: false, + recordsProcessed: 0, + duration: Date.now() - startTime, + error: 'Credential inactive or deleted', + }; + } + + // Trigger the sync through SyncService (if available) + if (!this.syncService) { + throw new Error('SyncService not available'); + } + const result = await this.syncService.triggerSync(integrationId, fullSync); + + const duration = Date.now() - startTime; + + this.logger.log( + `Sync completed for ${integrationType}:${integrationId} in ${duration}ms`, + ); + + return { + success: true, + recordsProcessed: 0, // Actual count is in the sync history + duration, + }; + } catch (error) { + const duration = Date.now() - startTime; + const errorMessage = + error instanceof Error ? error.message : 'Unknown error'; + + this.logger.error( + `Sync failed for ${integrationType}:${integrationId}: ${errorMessage}`, + ); + + // Retry if attempts remaining + if (attempt < this.maxRetries) { + const retryDelay = Math.pow(2, attempt) * 1000; // Exponential backoff + this.logger.debug( + `Retrying sync for ${integrationId} in ${retryDelay}ms (attempt ${attempt + 1}/${this.maxRetries})`, + ); + + await this.delay(retryDelay); + return this.processJob(data, attempt + 1); + } + + return { + success: false, + recordsProcessed: 0, + duration, + error: errorMessage, + }; + } finally { + this.runningJobCount--; + } + } + + /** + * Gets the sync interval for an integration type from config or default + */ + private getIntervalForType(type: IntegrationType): number { + const envKey = `SYNC_INTERVAL_${type}`; + const envValue = this.configService.get(envKey); + + if (envValue) { + const parsed = parseInt(envValue, 10); + if (!isNaN(parsed) && parsed > 0) { + return parsed; + } + } + + return this.defaultIntervals[type] || 60; + } + + private delay(ms: number): Promise { + return new Promise((resolve) => setTimeout(resolve, ms)); + } + + /** + * Manually triggers re-initialization of scheduled jobs + * Useful when credentials are added/updated/deleted + */ + async refreshScheduledJobs(): Promise { + if (!this.isEnabled) { + return; + } + + this.logger.log('Refreshing scheduled sync jobs...'); + this.stopAllJobs(); + await this.initializeScheduledJobs(); + } + + /** + * Adds a new credential to the scheduler + */ + addCredential(credentialId: string, type: IntegrationType): void { + if (!this.isEnabled) { + return; + } + + this.scheduleJob(credentialId, type); + } + + /** + * Removes a credential from the scheduler + */ + removeCredential(credentialId: string): void { + this.stopJob(credentialId); + } + + /** + * Gets the current status of scheduled jobs + */ + getSchedulerStatus(): { + isEnabled: boolean; + scheduledJobsCount: number; + runningJobsCount: number; + concurrencyLimit: number; + } { + return { + isEnabled: this.isEnabled, + scheduledJobsCount: this.scheduledJobs.size, + runningJobsCount: this.runningJobCount, + concurrencyLimit: this.concurrencyLimit, + }; + } +} diff --git a/apps/api/src/modules/integrations/jobs/integration-sync.queue.ts b/apps/api/src/modules/integrations/jobs/integration-sync.queue.ts new file mode 100644 index 0000000..8279267 --- /dev/null +++ b/apps/api/src/modules/integrations/jobs/integration-sync.queue.ts @@ -0,0 +1,216 @@ +import { Injectable, Logger } from '@nestjs/common'; +import { IntegrationType } from '@prisma/client'; +import { IntegrationSyncProcessor, SyncJobData } from './integration-sync.processor'; + +/** + * Queue abstraction for integration sync jobs + * + * This provides a simple queue interface that can be used with or without BullMQ. + * When Redis is configured, this could be upgraded to use actual BullMQ queues. + * + * Features: + * - Job scheduling with delay + * - Priority queuing + * - Job tracking + */ +@Injectable() +export class IntegrationSyncQueue { + private readonly logger = new Logger(IntegrationSyncQueue.name); + private readonly pendingJobs = new Map< + string, + { + data: SyncJobData; + priority: number; + scheduledAt: Date; + timeout?: NodeJS.Timeout; + } + >(); + private jobIdCounter = 0; + + constructor(private readonly processor: IntegrationSyncProcessor) {} + + /** + * Adds a sync job to the queue + * + * @param data Job data + * @param options Job options + * @returns Job ID + */ + async add( + data: SyncJobData, + options?: { + delay?: number; + priority?: number; + jobId?: string; + }, + ): Promise { + const jobId = options?.jobId || `sync-${++this.jobIdCounter}-${Date.now()}`; + const delay = options?.delay || 0; + const priority = options?.priority || 0; + + this.logger.debug( + `Adding job ${jobId} for ${data.integrationType}:${data.integrationId} ` + + `with delay ${delay}ms and priority ${priority}`, + ); + + if (delay > 0) { + // Schedule for later + const timeout = setTimeout(async () => { + this.pendingJobs.delete(jobId); + await this.processor.processJob(data); + }, delay); + + this.pendingJobs.set(jobId, { + data, + priority, + scheduledAt: new Date(Date.now() + delay), + timeout, + }); + } else { + // Process immediately + this.pendingJobs.set(jobId, { + data, + priority, + scheduledAt: new Date(), + }); + + // Process async to not block + setImmediate(async () => { + this.pendingJobs.delete(jobId); + await this.processor.processJob(data); + }); + } + + return jobId; + } + + /** + * Adds a bulk sync job for multiple credentials + */ + async addBulk( + jobs: Array<{ + data: SyncJobData; + options?: { + delay?: number; + priority?: number; + }; + }>, + ): Promise { + const jobIds: string[] = []; + + for (const job of jobs) { + const jobId = await this.add(job.data, job.options); + jobIds.push(jobId); + } + + return jobIds; + } + + /** + * Cancels a pending job + */ + cancel(jobId: string): boolean { + const job = this.pendingJobs.get(jobId); + + if (job) { + if (job.timeout) { + clearTimeout(job.timeout); + } + this.pendingJobs.delete(jobId); + this.logger.debug(`Cancelled job ${jobId}`); + return true; + } + + return false; + } + + /** + * Gets the status of a job + */ + getJobStatus( + jobId: string, + ): { status: 'pending' | 'scheduled' | 'unknown'; scheduledAt?: Date } { + const job = this.pendingJobs.get(jobId); + + if (job) { + return { + status: job.timeout ? 'scheduled' : 'pending', + scheduledAt: job.scheduledAt, + }; + } + + return { status: 'unknown' }; + } + + /** + * Gets all pending jobs + */ + getPendingJobs(): Array<{ + jobId: string; + data: SyncJobData; + priority: number; + scheduledAt: Date; + }> { + return Array.from(this.pendingJobs.entries()).map(([jobId, job]) => ({ + jobId, + data: job.data, + priority: job.priority, + scheduledAt: job.scheduledAt, + })); + } + + /** + * Clears all pending jobs + */ + clear(): number { + let count = 0; + + for (const [jobId, job] of this.pendingJobs) { + if (job.timeout) { + clearTimeout(job.timeout); + } + count++; + } + + this.pendingJobs.clear(); + this.logger.log(`Cleared ${count} pending jobs`); + return count; + } + + /** + * Gets queue statistics + */ + getStats(): { + pendingCount: number; + scheduledCount: number; + } { + let pendingCount = 0; + let scheduledCount = 0; + + for (const job of this.pendingJobs.values()) { + if (job.timeout) { + scheduledCount++; + } else { + pendingCount++; + } + } + + return { pendingCount, scheduledCount }; + } + + /** + * Schedules a sync for all active credentials of a specific type + */ + async scheduleTypeSync( + type: IntegrationType, + options?: { fullSync?: boolean; stagger?: number }, + ): Promise { + // This would fetch all credentials of the given type and schedule syncs + // For now, this is a placeholder that would need to be connected to the database + this.logger.log( + `Scheduling sync for all ${type} integrations (fullSync: ${options?.fullSync || false})`, + ); + + return []; + } +} diff --git a/apps/api/src/modules/integrations/jobs/jobs.module.ts b/apps/api/src/modules/integrations/jobs/jobs.module.ts new file mode 100644 index 0000000..ab5e448 --- /dev/null +++ b/apps/api/src/modules/integrations/jobs/jobs.module.ts @@ -0,0 +1,17 @@ +import { Module } from '@nestjs/common'; +import { IntegrationSyncProcessor } from './integration-sync.processor'; +import { IntegrationSyncQueue } from './integration-sync.queue'; +import { CredentialsModule } from '../credentials/credentials.module'; + +/** + * Jobs Module for background sync processing + * + * Note: SyncService is injected via forwardRef in the processor + * to avoid circular dependency issues. + */ +@Module({ + imports: [CredentialsModule], + providers: [IntegrationSyncProcessor, IntegrationSyncQueue], + exports: [IntegrationSyncProcessor, IntegrationSyncQueue], +}) +export class JobsModule {} diff --git a/apps/api/src/modules/integrations/status/index.ts b/apps/api/src/modules/integrations/status/index.ts new file mode 100644 index 0000000..2ef33b6 --- /dev/null +++ b/apps/api/src/modules/integrations/status/index.ts @@ -0,0 +1,3 @@ +export * from './status.module'; +export * from './status.service'; +export * from './status.controller'; diff --git a/apps/api/src/modules/integrations/status/status.controller.ts b/apps/api/src/modules/integrations/status/status.controller.ts new file mode 100644 index 0000000..68bf689 --- /dev/null +++ b/apps/api/src/modules/integrations/status/status.controller.ts @@ -0,0 +1,191 @@ +import { + Controller, + Get, + Param, + Query, +} from '@nestjs/common'; +import { + ApiTags, + ApiOperation, + ApiResponse, + ApiBearerAuth, + ApiParam, + ApiQuery, +} from '@nestjs/swagger'; +import { StatusService } from './status.service'; +import { RequirePermissions } from '../../../auth/permissions/permissions.decorator'; +import { Permission } from '../../../auth/permissions/permissions.enum'; + +@ApiTags('integrations/status') +@ApiBearerAuth('JWT-auth') +@Controller('integrations/status') +export class StatusController { + constructor(private readonly statusService: StatusService) {} + + @Get('health') + @RequirePermissions(Permission.INTEGRATIONS_VIEW) + @ApiOperation({ summary: 'Get aggregated health status for all integrations' }) + @ApiQuery({ + name: 'refresh', + required: false, + type: Boolean, + description: 'Force refresh cache', + }) + @ApiResponse({ + status: 200, + description: 'Aggregated health status', + schema: { + type: 'object', + properties: { + overall: { type: 'string', enum: ['healthy', 'degraded', 'unhealthy'] }, + totalIntegrations: { type: 'number' }, + healthyCount: { type: 'number' }, + degradedCount: { type: 'number' }, + unhealthyCount: { type: 'number' }, + unknownCount: { type: 'number' }, + integrations: { + type: 'array', + items: { + type: 'object', + properties: { + id: { type: 'string' }, + type: { type: 'string' }, + name: { type: 'string' }, + status: { type: 'string' }, + syncStatus: { type: 'string' }, + lastSync: { type: 'string', format: 'date-time', nullable: true }, + latency: { type: 'number', nullable: true }, + message: { type: 'string' }, + }, + }, + }, + lastChecked: { type: 'string', format: 'date-time' }, + }, + }, + }) + @ApiResponse({ status: 401, description: 'Unauthorized' }) + getAggregatedHealth(@Query('refresh') refresh?: boolean) { + return this.statusService.getAggregatedHealth(refresh === true); + } + + @Get('health/:id') + @RequirePermissions(Permission.INTEGRATIONS_VIEW) + @ApiOperation({ summary: 'Get health status for a single integration' }) + @ApiParam({ name: 'id', description: 'Credential ID' }) + @ApiResponse({ + status: 200, + description: 'Integration health status', + }) + @ApiResponse({ status: 401, description: 'Unauthorized' }) + @ApiResponse({ status: 404, description: 'Credential not found' }) + getIntegrationHealth(@Param('id') id: string) { + return this.statusService.getIntegrationHealth(id); + } + + @Get('summary') + @RequirePermissions(Permission.INTEGRATIONS_VIEW) + @ApiOperation({ summary: 'Get summary of integrations by type' }) + @ApiResponse({ + status: 200, + description: 'Integration type summary', + schema: { + type: 'array', + items: { + type: 'object', + properties: { + type: { type: 'string' }, + count: { type: 'number' }, + activeCount: { type: 'number' }, + healthyCount: { type: 'number' }, + lastSync: { type: 'string', format: 'date-time', nullable: true }, + hasErrors: { type: 'boolean' }, + }, + }, + }, + }) + @ApiResponse({ status: 401, description: 'Unauthorized' }) + getTypeSummary() { + return this.statusService.getTypeSummary(); + } + + @Get('errors') + @RequirePermissions(Permission.INTEGRATIONS_VIEW) + @ApiOperation({ summary: 'Get recent integration errors' }) + @ApiQuery({ + name: 'limit', + required: false, + type: Number, + description: 'Maximum number of errors to return (default: 10)', + }) + @ApiResponse({ + status: 200, + description: 'List of recent errors', + schema: { + type: 'array', + items: { + type: 'object', + properties: { + credentialId: { type: 'string' }, + type: { type: 'string' }, + name: { type: 'string' }, + error: { type: 'string' }, + occurredAt: { type: 'string', format: 'date-time' }, + }, + }, + }, + }) + @ApiResponse({ status: 401, description: 'Unauthorized' }) + getRecentErrors(@Query('limit') limit?: number) { + return this.statusService.getRecentErrors(limit || 10); + } + + @Get('statistics') + @RequirePermissions(Permission.INTEGRATIONS_VIEW) + @ApiOperation({ summary: 'Get sync statistics for a time period' }) + @ApiQuery({ + name: 'from', + required: false, + type: String, + description: 'Start date (ISO format, default: 24 hours ago)', + }) + @ApiQuery({ + name: 'to', + required: false, + type: String, + description: 'End date (ISO format, default: now)', + }) + @ApiResponse({ + status: 200, + description: 'Sync statistics', + schema: { + type: 'object', + properties: { + totalSyncs: { type: 'number' }, + successfulSyncs: { type: 'number' }, + failedSyncs: { type: 'number' }, + successRate: { type: 'number' }, + averageDuration: { type: 'number' }, + totalRecordsProcessed: { type: 'number' }, + byType: { + type: 'object', + additionalProperties: { + type: 'object', + properties: { + success: { type: 'number' }, + failed: { type: 'number' }, + }, + }, + }, + }, + }, + }) + @ApiResponse({ status: 401, description: 'Unauthorized' }) + getSyncStatistics( + @Query('from') from?: string, + @Query('to') to?: string, + ) { + const fromDate = from ? new Date(from) : undefined; + const toDate = to ? new Date(to) : undefined; + return this.statusService.getSyncStatistics(fromDate, toDate); + } +} diff --git a/apps/api/src/modules/integrations/status/status.module.ts b/apps/api/src/modules/integrations/status/status.module.ts new file mode 100644 index 0000000..414c12a --- /dev/null +++ b/apps/api/src/modules/integrations/status/status.module.ts @@ -0,0 +1,12 @@ +import { Module } from '@nestjs/common'; +import { StatusController } from './status.controller'; +import { StatusService } from './status.service'; +import { CredentialsModule } from '../credentials/credentials.module'; + +@Module({ + imports: [CredentialsModule], + controllers: [StatusController], + providers: [StatusService], + exports: [StatusService], +}) +export class StatusModule {} diff --git a/apps/api/src/modules/integrations/status/status.service.ts b/apps/api/src/modules/integrations/status/status.service.ts new file mode 100644 index 0000000..46c0e79 --- /dev/null +++ b/apps/api/src/modules/integrations/status/status.service.ts @@ -0,0 +1,385 @@ +import { Injectable, Logger } from '@nestjs/common'; +import { PrismaService } from '../../../prisma/prisma.service'; +import { CredentialsService } from '../credentials/credentials.service'; +import { IntegrationType, SyncStatus } from '@prisma/client'; + +/** + * Health status for a single integration + */ +export interface IntegrationHealth { + id: string; + type: IntegrationType; + name: string; + isActive: boolean; + status: 'healthy' | 'degraded' | 'unhealthy' | 'unknown'; + syncStatus: SyncStatus; + lastSync: Date | null; + lastError: string | null; + latency: number | null; + message: string; +} + +/** + * Aggregated health status for all integrations + */ +export interface AggregatedHealth { + overall: 'healthy' | 'degraded' | 'unhealthy'; + totalIntegrations: number; + healthyCount: number; + degradedCount: number; + unhealthyCount: number; + unknownCount: number; + integrations: IntegrationHealth[]; + lastChecked: Date; +} + +/** + * Integration status summary per type + */ +export interface IntegrationTypeSummary { + type: IntegrationType; + count: number; + activeCount: number; + healthyCount: number; + lastSync: Date | null; + hasErrors: boolean; +} + +@Injectable() +export class StatusService { + private readonly logger = new Logger(StatusService.name); + private healthCache: AggregatedHealth | null = null; + private lastHealthCheck: Date | null = null; + private readonly cacheDurationMs = 60000; // 1 minute cache + + constructor( + private readonly prisma: PrismaService, + private readonly credentialsService: CredentialsService, + ) {} + + /** + * Gets aggregated health status for all integrations + */ + async getAggregatedHealth(forceRefresh: boolean = false): Promise { + // Return cached result if available and not expired + if ( + !forceRefresh && + this.healthCache && + this.lastHealthCheck && + Date.now() - this.lastHealthCheck.getTime() < this.cacheDurationMs + ) { + return this.healthCache; + } + + const credentials = await this.prisma.integrationCredential.findMany({ + where: { isActive: true }, + orderBy: [{ type: 'asc' }, { name: 'asc' }], + }); + + const integrationHealths: IntegrationHealth[] = []; + + for (const credential of credentials) { + const health = await this.checkIntegrationHealth(credential); + integrationHealths.push(health); + } + + const healthyCount = integrationHealths.filter( + (h) => h.status === 'healthy', + ).length; + const degradedCount = integrationHealths.filter( + (h) => h.status === 'degraded', + ).length; + const unhealthyCount = integrationHealths.filter( + (h) => h.status === 'unhealthy', + ).length; + const unknownCount = integrationHealths.filter( + (h) => h.status === 'unknown', + ).length; + + let overall: 'healthy' | 'degraded' | 'unhealthy'; + if (unhealthyCount > 0) { + overall = 'unhealthy'; + } else if (degradedCount > 0 || unknownCount > integrationHealths.length / 2) { + overall = 'degraded'; + } else { + overall = 'healthy'; + } + + this.healthCache = { + overall, + totalIntegrations: integrationHealths.length, + healthyCount, + degradedCount, + unhealthyCount, + unknownCount, + integrations: integrationHealths, + lastChecked: new Date(), + }; + + this.lastHealthCheck = new Date(); + + return this.healthCache; + } + + /** + * Gets health status for a single integration + */ + async getIntegrationHealth(credentialId: string): Promise { + const credential = await this.prisma.integrationCredential.findUnique({ + where: { id: credentialId }, + }); + + if (!credential) { + throw new Error(`Credential ${credentialId} not found`); + } + + return this.checkIntegrationHealth(credential); + } + + /** + * Gets summary by integration type + */ + async getTypeSummary(): Promise { + const credentials = await this.prisma.integrationCredential.findMany({ + orderBy: { type: 'asc' }, + }); + + const summaryMap = new Map(); + + for (const credential of credentials) { + const existing = summaryMap.get(credential.type); + const isHealthy = + credential.isActive && + credential.syncStatus === SyncStatus.SUCCESS && + !credential.syncError; + + if (existing) { + existing.count++; + if (credential.isActive) existing.activeCount++; + if (isHealthy) existing.healthyCount++; + if (credential.lastSync && (!existing.lastSync || credential.lastSync > existing.lastSync)) { + existing.lastSync = credential.lastSync; + } + if (credential.syncError) existing.hasErrors = true; + } else { + summaryMap.set(credential.type, { + type: credential.type, + count: 1, + activeCount: credential.isActive ? 1 : 0, + healthyCount: isHealthy ? 1 : 0, + lastSync: credential.lastSync, + hasErrors: !!credential.syncError, + }); + } + } + + return Array.from(summaryMap.values()); + } + + /** + * Gets recent errors across all integrations + */ + async getRecentErrors(limit: number = 10): Promise< + Array<{ + credentialId: string; + type: IntegrationType; + name: string; + error: string; + occurredAt: Date; + }> + > { + const recentFailures = await this.prisma.integrationSyncHistory.findMany({ + where: { + status: SyncStatus.ERROR, + error: { not: null }, + }, + include: { + credential: { + select: { + type: true, + name: true, + }, + }, + }, + orderBy: { completedAt: 'desc' }, + take: limit, + }); + + return recentFailures.map((f) => ({ + credentialId: f.credentialId, + type: f.credential.type, + name: f.credential.name, + error: f.error!, + occurredAt: f.completedAt || f.startedAt, + })); + } + + /** + * Gets sync statistics for a time period + */ + async getSyncStatistics( + fromDate?: Date, + toDate?: Date, + ): Promise<{ + totalSyncs: number; + successfulSyncs: number; + failedSyncs: number; + successRate: number; + averageDuration: number; + totalRecordsProcessed: number; + byType: Record; + }> { + const from = fromDate || new Date(Date.now() - 24 * 60 * 60 * 1000); // Last 24 hours + const to = toDate || new Date(); + + const history = await this.prisma.integrationSyncHistory.findMany({ + where: { + startedAt: { + gte: from, + lte: to, + }, + status: { in: [SyncStatus.SUCCESS, SyncStatus.ERROR] }, + }, + include: { + credential: { + select: { type: true }, + }, + }, + }); + + const successfulSyncs = history.filter( + (h) => h.status === SyncStatus.SUCCESS, + ).length; + const failedSyncs = history.filter((h) => h.status === SyncStatus.ERROR).length; + const totalSyncs = history.length; + + const durations = history + .filter((h) => h.duration !== null) + .map((h) => h.duration!); + const averageDuration = + durations.length > 0 + ? durations.reduce((a, b) => a + b, 0) / durations.length + : 0; + + const totalRecordsProcessed = history + .filter((h) => h.recordsProcessed !== null) + .reduce((sum, h) => sum + h.recordsProcessed!, 0); + + // Group by type + const byType: Record = {}; + for (const h of history) { + const type = h.credential.type; + if (!byType[type]) { + byType[type] = { success: 0, failed: 0 }; + } + if (h.status === SyncStatus.SUCCESS) { + byType[type].success++; + } else { + byType[type].failed++; + } + } + + return { + totalSyncs, + successfulSyncs, + failedSyncs, + successRate: totalSyncs > 0 ? (successfulSyncs / totalSyncs) * 100 : 0, + averageDuration: Math.round(averageDuration), + totalRecordsProcessed, + byType, + }; + } + + /** + * Checks health for a single credential + */ + private async checkIntegrationHealth(credential: any): Promise { + let status: 'healthy' | 'degraded' | 'unhealthy' | 'unknown'; + let message: string; + let latency: number | null = null; + + if (!credential.isActive) { + status = 'unknown'; + message = 'Integration is deactivated'; + } else if (credential.syncStatus === SyncStatus.ERROR) { + status = 'unhealthy'; + message = credential.syncError || 'Sync failed'; + } else if (credential.syncStatus === SyncStatus.SUCCESS) { + // Check if last sync is recent enough + const syncAge = credential.lastSync + ? Date.now() - new Date(credential.lastSync).getTime() + : null; + + const maxSyncAge = this.getMaxSyncAge(credential.type); + + if (!syncAge) { + status = 'unknown'; + message = 'Never synced'; + } else if (syncAge > maxSyncAge * 2) { + status = 'degraded'; + message = 'Sync is overdue'; + } else if (syncAge > maxSyncAge) { + status = 'degraded'; + message = 'Sync approaching due time'; + } else { + status = 'healthy'; + message = 'Operating normally'; + } + + // Get average latency from recent syncs + const recentSyncs = await this.prisma.integrationSyncHistory.findMany({ + where: { + credentialId: credential.id, + status: SyncStatus.SUCCESS, + duration: { not: null }, + }, + orderBy: { completedAt: 'desc' }, + take: 5, + }); + + if (recentSyncs.length > 0) { + const durations = recentSyncs.map((s) => s.duration!); + latency = Math.round( + durations.reduce((a, b) => a + b, 0) / durations.length, + ); + } + } else if (credential.syncStatus === SyncStatus.RUNNING) { + status = 'healthy'; + message = 'Sync in progress'; + } else { + status = 'unknown'; + message = 'Pending initial sync'; + } + + return { + id: credential.id, + type: credential.type, + name: credential.name, + isActive: credential.isActive, + status, + syncStatus: credential.syncStatus, + lastSync: credential.lastSync, + lastError: credential.syncError, + latency, + message, + }; + } + + /** + * Gets the maximum expected sync age for an integration type + */ + private getMaxSyncAge(type: IntegrationType): number { + // Returns max age in milliseconds based on expected sync interval + const intervals: Record = { + PLENTYONE: 15 * 60 * 1000, // 15 minutes + ZULIP: 5 * 60 * 1000, // 5 minutes + TODOIST: 10 * 60 * 1000, // 10 minutes + FREESCOUT: 10 * 60 * 1000, // 10 minutes + NEXTCLOUD: 30 * 60 * 1000, // 30 minutes + ECODMS: 60 * 60 * 1000, // 60 minutes + GEMBADOCS: 30 * 60 * 1000, // 30 minutes + }; + + return intervals[type] || 60 * 60 * 1000; // Default: 1 hour + } +} diff --git a/apps/api/src/modules/integrations/sync/index.ts b/apps/api/src/modules/integrations/sync/index.ts new file mode 100644 index 0000000..3c0ef00 --- /dev/null +++ b/apps/api/src/modules/integrations/sync/index.ts @@ -0,0 +1,3 @@ +export * from './sync.module'; +export * from './sync.service'; +export * from './sync.controller'; diff --git a/apps/api/src/modules/integrations/sync/sync.controller.ts b/apps/api/src/modules/integrations/sync/sync.controller.ts new file mode 100644 index 0000000..b4501ed --- /dev/null +++ b/apps/api/src/modules/integrations/sync/sync.controller.ts @@ -0,0 +1,155 @@ +import { + Controller, + Get, + Post, + Param, + Query, + HttpCode, + HttpStatus, + Body, +} from '@nestjs/common'; +import { + ApiTags, + ApiOperation, + ApiResponse, + ApiBearerAuth, + ApiParam, + ApiQuery, +} from '@nestjs/swagger'; +import { SyncService } from './sync.service'; +import { RequirePermissions } from '../../../auth/permissions/permissions.decorator'; +import { Permission } from '../../../auth/permissions/permissions.enum'; +import { AuditLog } from '../../audit/audit.interceptor'; + +/** + * DTO for triggering a sync + */ +class TriggerSyncDto { + fullSync?: boolean; +} + +@ApiTags('integrations/sync') +@ApiBearerAuth('JWT-auth') +@Controller('integrations') +export class SyncController { + constructor(private readonly syncService: SyncService) {} + + @Post(':id/sync') + @RequirePermissions(Permission.INTEGRATIONS_MANAGE) + @AuditLog('IntegrationSync', 'TRIGGER') + @HttpCode(HttpStatus.ACCEPTED) + @ApiOperation({ summary: 'Trigger a manual sync for an integration' }) + @ApiParam({ name: 'id', description: 'Credential ID' }) + @ApiResponse({ + status: 202, + description: 'Sync job started', + schema: { + type: 'object', + properties: { + jobId: { type: 'string' }, + message: { type: 'string' }, + }, + }, + }) + @ApiResponse({ status: 400, description: 'Bad request - sync already running or credential inactive' }) + @ApiResponse({ status: 401, description: 'Unauthorized' }) + @ApiResponse({ status: 403, description: 'Forbidden - insufficient permissions' }) + @ApiResponse({ status: 404, description: 'Credential not found' }) + triggerSync( + @Param('id') id: string, + @Body() body: TriggerSyncDto, + ) { + return this.syncService.triggerSync(id, body?.fullSync ?? false); + } + + @Get(':id/sync/status') + @RequirePermissions(Permission.INTEGRATIONS_VIEW) + @ApiOperation({ summary: 'Get the current sync status for a credential' }) + @ApiParam({ name: 'id', description: 'Credential ID' }) + @ApiResponse({ + status: 200, + description: 'Current sync status', + schema: { + type: 'object', + properties: { + credentialId: { type: 'string' }, + type: { type: 'string' }, + name: { type: 'string' }, + isActive: { type: 'boolean' }, + currentStatus: { type: 'string', enum: ['PENDING', 'RUNNING', 'SUCCESS', 'ERROR'] }, + lastSync: { type: 'string', format: 'date-time', nullable: true }, + lastError: { type: 'string', nullable: true }, + isCurrentlyRunning: { type: 'boolean' }, + }, + }, + }) + @ApiResponse({ status: 401, description: 'Unauthorized' }) + @ApiResponse({ status: 404, description: 'Credential not found' }) + getSyncStatus(@Param('id') id: string) { + return this.syncService.getSyncStatus(id); + } + + @Get(':id/sync/history') + @RequirePermissions(Permission.INTEGRATIONS_VIEW) + @ApiOperation({ summary: 'Get the sync history for a credential' }) + @ApiParam({ name: 'id', description: 'Credential ID' }) + @ApiQuery({ name: 'page', required: false, type: Number, description: 'Page number (default: 1)' }) + @ApiQuery({ name: 'limit', required: false, type: Number, description: 'Items per page (default: 20)' }) + @ApiResponse({ + status: 200, + description: 'Paginated sync history', + schema: { + type: 'object', + properties: { + data: { + type: 'array', + items: { + type: 'object', + properties: { + id: { type: 'string' }, + status: { type: 'string' }, + startedAt: { type: 'string', format: 'date-time' }, + completedAt: { type: 'string', format: 'date-time', nullable: true }, + duration: { type: 'number', nullable: true }, + recordsProcessed: { type: 'number', nullable: true }, + error: { type: 'string', nullable: true }, + metadata: { type: 'object', nullable: true }, + }, + }, + }, + meta: { + type: 'object', + properties: { + total: { type: 'number' }, + page: { type: 'number' }, + limit: { type: 'number' }, + totalPages: { type: 'number' }, + }, + }, + }, + }, + }) + @ApiResponse({ status: 401, description: 'Unauthorized' }) + @ApiResponse({ status: 404, description: 'Credential not found' }) + getSyncHistory( + @Param('id') id: string, + @Query('page') page?: number, + @Query('limit') limit?: number, + ) { + return this.syncService.getSyncHistory(id, page || 1, limit || 20); + } + + @Get('sync/jobs/:jobId') + @RequirePermissions(Permission.INTEGRATIONS_VIEW) + @ApiOperation({ summary: 'Get status of a specific sync job' }) + @ApiParam({ name: 'jobId', description: 'Sync Job ID' }) + @ApiResponse({ + status: 200, + description: 'Sync job status', + }) + @ApiResponse({ status: 401, description: 'Unauthorized' }) + @ApiResponse({ status: 404, description: 'Sync job not found' }) + getSyncJobStatus(@Param('jobId') jobId: string) { + return this.syncService.getSyncJobStatus(jobId); + } +} diff --git a/apps/api/src/modules/integrations/sync/sync.module.ts b/apps/api/src/modules/integrations/sync/sync.module.ts new file mode 100644 index 0000000..ce09598 --- /dev/null +++ b/apps/api/src/modules/integrations/sync/sync.module.ts @@ -0,0 +1,12 @@ +import { Module } from '@nestjs/common'; +import { SyncController } from './sync.controller'; +import { SyncService } from './sync.service'; +import { CredentialsModule } from '../credentials/credentials.module'; + +@Module({ + imports: [CredentialsModule], + controllers: [SyncController], + providers: [SyncService], + exports: [SyncService], +}) +export class SyncModule {} diff --git a/apps/api/src/modules/integrations/sync/sync.service.ts b/apps/api/src/modules/integrations/sync/sync.service.ts new file mode 100644 index 0000000..c5d0be8 --- /dev/null +++ b/apps/api/src/modules/integrations/sync/sync.service.ts @@ -0,0 +1,425 @@ +import { + Injectable, + NotFoundException, + BadRequestException, + Logger, +} from '@nestjs/common'; +import { PrismaService } from '../../../prisma/prisma.service'; +import { CredentialsService } from '../credentials/credentials.service'; +import { IntegrationType, SyncStatus, Prisma } from '@prisma/client'; + +/** + * Sync history item for API responses + */ +export interface SyncHistoryItem { + id: string; + status: SyncStatus; + startedAt: Date; + completedAt: Date | null; + duration: number | null; + recordsProcessed: number | null; + error: string | null; + metadata: Record | null; +} + +/** + * Sync status response + */ +export interface SyncStatusResponse { + credentialId: string; + type: IntegrationType; + name: string; + isActive: boolean; + currentStatus: SyncStatus; + lastSync: Date | null; + lastError: string | null; + isCurrentlyRunning: boolean; +} + +/** + * Paginated sync history response + */ +export interface PaginatedSyncHistory { + data: SyncHistoryItem[]; + meta: { + total: number; + page: number; + limit: number; + totalPages: number; + }; +} + +@Injectable() +export class SyncService { + private readonly logger = new Logger(SyncService.name); + private readonly runningJobs = new Map(); + + constructor( + private readonly prisma: PrismaService, + private readonly credentialsService: CredentialsService, + ) {} + + /** + * Initiates a manual sync for an integration credential + */ + async triggerSync( + credentialId: string, + fullSync: boolean = false, + ): Promise<{ jobId: string; message: string }> { + const credential = await this.prisma.integrationCredential.findUnique({ + where: { id: credentialId }, + }); + + if (!credential) { + throw new NotFoundException(`Credential ${credentialId} not found`); + } + + if (!credential.isActive) { + throw new BadRequestException(`Credential ${credentialId} is deactivated`); + } + + // Check if a sync is already running + if (this.runningJobs.get(credentialId)) { + throw new BadRequestException( + `A sync job is already running for credential ${credentialId}`, + ); + } + + // Create sync history entry + const syncHistory = await this.prisma.integrationSyncHistory.create({ + data: { + credentialId, + status: SyncStatus.PENDING, + metadata: { fullSync }, + }, + }); + + // Update credential status + await this.credentialsService.updateSyncStatus( + credentialId, + SyncStatus.PENDING, + null, + ); + + // Start sync in background (in production, this would be handled by BullMQ) + this.executeSyncJob(credentialId, syncHistory.id, fullSync); + + this.logger.log( + `Triggered ${fullSync ? 'full' : 'incremental'} sync for credential ${credentialId}`, + ); + + return { + jobId: syncHistory.id, + message: `Sync job ${syncHistory.id} started for ${credential.type}:${credential.name}`, + }; + } + + /** + * Gets the current sync status for a credential + */ + async getSyncStatus(credentialId: string): Promise { + const credential = await this.prisma.integrationCredential.findUnique({ + where: { id: credentialId }, + }); + + if (!credential) { + throw new NotFoundException(`Credential ${credentialId} not found`); + } + + return { + credentialId: credential.id, + type: credential.type, + name: credential.name, + isActive: credential.isActive, + currentStatus: credential.syncStatus, + lastSync: credential.lastSync, + lastError: credential.syncError, + isCurrentlyRunning: this.runningJobs.get(credentialId) || false, + }; + } + + /** + * Gets the sync history for a credential + */ + async getSyncHistory( + credentialId: string, + page: number = 1, + limit: number = 20, + ): Promise { + const credential = await this.prisma.integrationCredential.findUnique({ + where: { id: credentialId }, + }); + + if (!credential) { + throw new NotFoundException(`Credential ${credentialId} not found`); + } + + const [history, total] = await Promise.all([ + this.prisma.integrationSyncHistory.findMany({ + where: { credentialId }, + orderBy: { startedAt: 'desc' }, + skip: (page - 1) * limit, + take: limit, + }), + this.prisma.integrationSyncHistory.count({ + where: { credentialId }, + }), + ]); + + return { + data: history.map((h) => ({ + id: h.id, + status: h.status, + startedAt: h.startedAt, + completedAt: h.completedAt, + duration: h.duration, + recordsProcessed: h.recordsProcessed, + error: h.error, + metadata: h.metadata as Record | null, + })), + meta: { + total, + page, + limit, + totalPages: Math.ceil(total / limit), + }, + }; + } + + /** + * Gets a specific sync job status + */ + async getSyncJobStatus(jobId: string): Promise { + const job = await this.prisma.integrationSyncHistory.findUnique({ + where: { id: jobId }, + }); + + if (!job) { + throw new NotFoundException(`Sync job ${jobId} not found`); + } + + return { + id: job.id, + status: job.status, + startedAt: job.startedAt, + completedAt: job.completedAt, + duration: job.duration, + recordsProcessed: job.recordsProcessed, + error: job.error, + metadata: job.metadata as Record | null, + }; + } + + /** + * Executes the sync job (simplified in-process version) + * In production, this would be handled by BullMQ processor + */ + private async executeSyncJob( + credentialId: string, + historyId: string, + fullSync: boolean, + ): Promise { + this.runningJobs.set(credentialId, true); + const startTime = Date.now(); + + try { + // Update status to running + await this.updateSyncHistory(historyId, { + status: SyncStatus.RUNNING, + }); + await this.credentialsService.updateSyncStatus( + credentialId, + SyncStatus.RUNNING, + null, + ); + + // Get credential details + const { type, credentials } = + await this.credentialsService.getCredentialsForSync(credentialId); + + // Execute integration-specific sync + const result = await this.performSync(type, credentials, fullSync); + + const duration = Date.now() - startTime; + + // Update history with success + await this.updateSyncHistory(historyId, { + status: SyncStatus.SUCCESS, + completedAt: new Date(), + duration, + recordsProcessed: result.recordsProcessed, + metadata: result.metadata, + }); + + // Update credential status + await this.credentialsService.updateSyncStatus( + credentialId, + SyncStatus.SUCCESS, + null, + ); + + this.logger.log( + `Sync completed for credential ${credentialId}: ${result.recordsProcessed} records in ${duration}ms`, + ); + } catch (error) { + const duration = Date.now() - startTime; + const errorMessage = + error instanceof Error ? error.message : 'Unknown sync error'; + + // Update history with error + await this.updateSyncHistory(historyId, { + status: SyncStatus.ERROR, + completedAt: new Date(), + duration, + error: errorMessage, + }); + + // Update credential status + await this.credentialsService.updateSyncStatus( + credentialId, + SyncStatus.ERROR, + errorMessage, + ); + + this.logger.error( + `Sync failed for credential ${credentialId}: ${errorMessage}`, + ); + } finally { + this.runningJobs.delete(credentialId); + } + } + + /** + * Updates a sync history entry + */ + private async updateSyncHistory( + historyId: string, + data: Partial<{ + status: SyncStatus; + completedAt: Date; + duration: number; + recordsProcessed: number; + error: string; + metadata: Record; + }>, + ): Promise { + await this.prisma.integrationSyncHistory.update({ + where: { id: historyId }, + data: data as any, + }); + } + + /** + * Performs integration-specific sync operations + */ + private async performSync( + type: IntegrationType, + credentials: Record, + fullSync: boolean, + ): Promise<{ recordsProcessed: number; metadata?: Record }> { + // Simulate sync delay + await this.delay(1000 + Math.random() * 2000); + + // Each integration type would have its own sync logic + switch (type) { + case IntegrationType.PLENTYONE: + return this.syncPlentyOne(credentials, fullSync); + case IntegrationType.ZULIP: + return this.syncZulip(credentials, fullSync); + case IntegrationType.TODOIST: + return this.syncTodoist(credentials, fullSync); + case IntegrationType.FREESCOUT: + return this.syncFreescout(credentials, fullSync); + case IntegrationType.NEXTCLOUD: + return this.syncNextcloud(credentials, fullSync); + case IntegrationType.ECODMS: + return this.syncEcodms(credentials, fullSync); + case IntegrationType.GEMBADOCS: + return this.syncGembadocs(credentials, fullSync); + default: + return { recordsProcessed: 0, metadata: { message: 'No sync implemented' } }; + } + } + + // Integration-specific sync methods (placeholder implementations) + private async syncPlentyOne( + credentials: Record, + fullSync: boolean, + ): Promise<{ recordsProcessed: number; metadata?: Record }> { + // In production: call PlentyOne API to sync orders, products, etc. + return { + recordsProcessed: Math.floor(Math.random() * 100), + metadata: { syncType: fullSync ? 'full' : 'incremental', entity: 'orders' }, + }; + } + + private async syncZulip( + credentials: Record, + fullSync: boolean, + ): Promise<{ recordsProcessed: number; metadata?: Record }> { + // In production: sync Zulip messages, channels + return { + recordsProcessed: Math.floor(Math.random() * 50), + metadata: { syncType: fullSync ? 'full' : 'incremental', entity: 'messages' }, + }; + } + + private async syncTodoist( + credentials: Record, + fullSync: boolean, + ): Promise<{ recordsProcessed: number; metadata?: Record }> { + // In production: sync Todoist tasks, projects + return { + recordsProcessed: Math.floor(Math.random() * 30), + metadata: { syncType: fullSync ? 'full' : 'incremental', entity: 'tasks' }, + }; + } + + private async syncFreescout( + credentials: Record, + fullSync: boolean, + ): Promise<{ recordsProcessed: number; metadata?: Record }> { + // In production: sync FreeScout tickets, conversations + return { + recordsProcessed: Math.floor(Math.random() * 80), + metadata: { syncType: fullSync ? 'full' : 'incremental', entity: 'tickets' }, + }; + } + + private async syncNextcloud( + credentials: Record, + fullSync: boolean, + ): Promise<{ recordsProcessed: number; metadata?: Record }> { + // In production: sync Nextcloud files, calendars + return { + recordsProcessed: Math.floor(Math.random() * 200), + metadata: { syncType: fullSync ? 'full' : 'incremental', entity: 'files' }, + }; + } + + private async syncEcodms( + credentials: Record, + fullSync: boolean, + ): Promise<{ recordsProcessed: number; metadata?: Record }> { + // In production: sync ecoDMS documents + return { + recordsProcessed: Math.floor(Math.random() * 150), + metadata: { syncType: fullSync ? 'full' : 'incremental', entity: 'documents' }, + }; + } + + private async syncGembadocs( + credentials: Record, + fullSync: boolean, + ): Promise<{ recordsProcessed: number; metadata?: Record }> { + // In production: sync GembaDocs documents, audits + return { + recordsProcessed: Math.floor(Math.random() * 40), + metadata: { syncType: fullSync ? 'full' : 'incremental', entity: 'audits' }, + }; + } + + private delay(ms: number): Promise { + return new Promise((resolve) => setTimeout(resolve, ms)); + } +} diff --git a/apps/api/src/modules/lean/index.ts b/apps/api/src/modules/lean/index.ts new file mode 100644 index 0000000..1d28b9b --- /dev/null +++ b/apps/api/src/modules/lean/index.ts @@ -0,0 +1,4 @@ +export * from './lean.module'; +export * from './s3-planning'; +export * from './skill-matrix'; +export * from './morning-meeting'; diff --git a/apps/api/src/modules/lean/lean.module.ts b/apps/api/src/modules/lean/lean.module.ts new file mode 100644 index 0000000..9c989c9 --- /dev/null +++ b/apps/api/src/modules/lean/lean.module.ts @@ -0,0 +1,23 @@ +import { Module } from '@nestjs/common'; +import { S3PlanningModule } from './s3-planning/s3-planning.module'; +import { MorningMeetingModule } from './morning-meeting/morning-meeting.module'; +import { SkillMatrixModule } from './skill-matrix/skill-matrix.module'; + +/** + * Main module for LEAN Management features + * + * LEAN methodology modules: + * - S3 Planning (Seiri, Seiton, Seiso) - Workplace organization + * - Morning Meeting (SQCDM) - Daily shopfloor management + * - Skill Matrix - Competency management and gap analysis + * + * Based on 2SecondLean principles: + * - Simple, visual management + * - Daily continuous improvement + * - Quick interactions (< 2 seconds) + */ +@Module({ + imports: [S3PlanningModule, MorningMeetingModule, SkillMatrixModule], + exports: [S3PlanningModule, MorningMeetingModule, SkillMatrixModule], +}) +export class LeanModule {} diff --git a/apps/api/src/modules/lean/morning-meeting/dto/create-action.dto.ts b/apps/api/src/modules/lean/morning-meeting/dto/create-action.dto.ts new file mode 100644 index 0000000..aa0d3b6 --- /dev/null +++ b/apps/api/src/modules/lean/morning-meeting/dto/create-action.dto.ts @@ -0,0 +1,62 @@ +import { ApiProperty, ApiPropertyOptional } from '@nestjs/swagger'; +import { + IsString, + IsOptional, + IsDateString, + IsEnum, +} from 'class-validator'; +import { ActionStatus, Priority } from '@prisma/client'; + +/** + * DTO for creating a new action item in a morning meeting + */ +export class CreateActionDto { + @ApiProperty({ + description: 'Action item title', + example: 'Fix conveyor belt alignment', + }) + @IsString() + title: string; + + @ApiPropertyOptional({ + description: 'Detailed description of the action', + example: 'The conveyor belt on line A needs realignment to prevent product jams', + }) + @IsOptional() + @IsString() + description?: string; + + @ApiPropertyOptional({ + description: 'User ID of the assignee', + example: 'clq1234567890abcdef', + }) + @IsOptional() + @IsString() + assigneeId?: string; + + @ApiPropertyOptional({ + description: 'Due date for the action (YYYY-MM-DD)', + example: '2024-01-20', + }) + @IsOptional() + @IsDateString() + dueDate?: string; + + @ApiPropertyOptional({ + description: 'Action status', + enum: ActionStatus, + default: 'OPEN', + }) + @IsOptional() + @IsEnum(ActionStatus) + status?: ActionStatus; + + @ApiPropertyOptional({ + description: 'Priority level', + enum: Priority, + default: 'MEDIUM', + }) + @IsOptional() + @IsEnum(Priority) + priority?: Priority; +} diff --git a/apps/api/src/modules/lean/morning-meeting/dto/create-meeting.dto.ts b/apps/api/src/modules/lean/morning-meeting/dto/create-meeting.dto.ts new file mode 100644 index 0000000..808b1d5 --- /dev/null +++ b/apps/api/src/modules/lean/morning-meeting/dto/create-meeting.dto.ts @@ -0,0 +1,63 @@ +import { ApiProperty, ApiPropertyOptional } from '@nestjs/swagger'; +import { + IsString, + IsOptional, + IsDateString, + IsArray, + IsEnum, +} from 'class-validator'; +import { MeetingStatus } from '@prisma/client'; + +/** + * DTO for creating a new morning meeting + */ +export class CreateMeetingDto { + @ApiProperty({ + description: 'Department ID for the meeting', + example: 'clq1234567890abcdef', + }) + @IsString() + departmentId: string; + + @ApiProperty({ + description: 'Meeting date (YYYY-MM-DD)', + example: '2024-01-15', + }) + @IsDateString() + date: string; + + @ApiPropertyOptional({ + description: 'Conductor/facilitator user ID', + example: 'clq1234567890abcdef', + }) + @IsOptional() + @IsString() + conductorId?: string; + + @ApiPropertyOptional({ + description: 'Array of participant user IDs', + example: ['clq123', 'clq456'], + type: [String], + }) + @IsOptional() + @IsArray() + @IsString({ each: true }) + participants?: string[]; + + @ApiPropertyOptional({ + description: 'Meeting notes', + example: 'Weekly status review', + }) + @IsOptional() + @IsString() + notes?: string; + + @ApiPropertyOptional({ + description: 'Initial meeting status', + enum: MeetingStatus, + default: 'SCHEDULED', + }) + @IsOptional() + @IsEnum(MeetingStatus) + status?: MeetingStatus; +} diff --git a/apps/api/src/modules/lean/morning-meeting/dto/create-topic.dto.ts b/apps/api/src/modules/lean/morning-meeting/dto/create-topic.dto.ts new file mode 100644 index 0000000..c756530 --- /dev/null +++ b/apps/api/src/modules/lean/morning-meeting/dto/create-topic.dto.ts @@ -0,0 +1,87 @@ +import { ApiProperty, ApiPropertyOptional } from '@nestjs/swagger'; +import { + IsString, + IsOptional, + IsEnum, + IsInt, + Min, +} from 'class-validator'; +import { SQCDMCategory, KPIStatus, Trend } from '@prisma/client'; + +/** + * DTO for creating a new morning meeting topic (KPI) + */ +export class CreateTopicDto { + @ApiProperty({ + description: 'SQCDM category for the topic', + enum: SQCDMCategory, + example: 'QUALITY', + }) + @IsEnum(SQCDMCategory) + category: SQCDMCategory; + + @ApiProperty({ + description: 'Topic title/name', + example: 'Fehlerquote', + }) + @IsString() + title: string; + + @ApiPropertyOptional({ + description: 'Current value of the KPI', + example: '2.5', + }) + @IsOptional() + @IsString() + value?: string; + + @ApiPropertyOptional({ + description: 'Target value for the KPI', + example: '2.0', + }) + @IsOptional() + @IsString() + target?: string; + + @ApiPropertyOptional({ + description: 'Unit of measurement', + example: '%', + }) + @IsOptional() + @IsString() + unit?: string; + + @ApiPropertyOptional({ + description: 'KPI status (traffic light)', + enum: KPIStatus, + default: 'NEUTRAL', + }) + @IsOptional() + @IsEnum(KPIStatus) + status?: KPIStatus; + + @ApiPropertyOptional({ + description: 'Trend direction', + enum: Trend, + }) + @IsOptional() + @IsEnum(Trend) + trend?: Trend; + + @ApiPropertyOptional({ + description: 'Sort order within category', + example: 0, + }) + @IsOptional() + @IsInt() + @Min(0) + sortOrder?: number; + + @ApiPropertyOptional({ + description: 'Additional notes for the topic', + example: 'Production line A had issues', + }) + @IsOptional() + @IsString() + note?: string; +} diff --git a/apps/api/src/modules/lean/morning-meeting/dto/index.ts b/apps/api/src/modules/lean/morning-meeting/dto/index.ts new file mode 100644 index 0000000..4b72f75 --- /dev/null +++ b/apps/api/src/modules/lean/morning-meeting/dto/index.ts @@ -0,0 +1,12 @@ +// Meeting DTOs +export { CreateMeetingDto } from './create-meeting.dto'; +export { UpdateMeetingDto } from './update-meeting.dto'; +export { QueryMeetingsDto, MeetingSortField, SortOrder } from './query-meetings.dto'; + +// Topic DTOs +export { CreateTopicDto } from './create-topic.dto'; +export { UpdateTopicDto } from './update-topic.dto'; + +// Action DTOs +export { CreateActionDto } from './create-action.dto'; +export { UpdateActionDto } from './update-action.dto'; diff --git a/apps/api/src/modules/lean/morning-meeting/dto/query-meetings.dto.ts b/apps/api/src/modules/lean/morning-meeting/dto/query-meetings.dto.ts new file mode 100644 index 0000000..f72fc41 --- /dev/null +++ b/apps/api/src/modules/lean/morning-meeting/dto/query-meetings.dto.ts @@ -0,0 +1,112 @@ +import { ApiPropertyOptional } from '@nestjs/swagger'; +import { + IsOptional, + IsString, + IsDateString, + IsInt, + Min, + Max, + IsEnum, +} from 'class-validator'; +import { Transform, Type } from 'class-transformer'; +import { MeetingStatus } from '@prisma/client'; + +export enum MeetingSortField { + DATE = 'date', + CREATED_AT = 'createdAt', + UPDATED_AT = 'updatedAt', +} + +export enum SortOrder { + ASC = 'asc', + DESC = 'desc', +} + +/** + * DTO for querying morning meetings with pagination and filters + */ +export class QueryMeetingsDto { + @ApiPropertyOptional({ + description: 'Page number for pagination', + example: 1, + minimum: 1, + default: 1, + }) + @IsOptional() + @Type(() => Number) + @IsInt() + @Min(1) + page?: number = 1; + + @ApiPropertyOptional({ + description: 'Number of items per page', + example: 20, + minimum: 1, + maximum: 100, + default: 20, + }) + @IsOptional() + @Type(() => Number) + @IsInt() + @Min(1) + @Max(100) + limit?: number = 20; + + @ApiPropertyOptional({ + description: 'Filter by department ID', + example: 'clq1234567890abcdef', + }) + @IsOptional() + @IsString() + departmentId?: string; + + @ApiPropertyOptional({ + description: 'Filter by meeting status', + enum: MeetingStatus, + }) + @IsOptional() + @IsEnum(MeetingStatus) + status?: MeetingStatus; + + @ApiPropertyOptional({ + description: 'Filter by start date (YYYY-MM-DD)', + example: '2024-01-01', + }) + @IsOptional() + @IsDateString() + dateFrom?: string; + + @ApiPropertyOptional({ + description: 'Filter by end date (YYYY-MM-DD)', + example: '2024-01-31', + }) + @IsOptional() + @IsDateString() + dateTo?: string; + + @ApiPropertyOptional({ + description: 'Filter by conductor ID', + example: 'clq1234567890abcdef', + }) + @IsOptional() + @IsString() + conductorId?: string; + + @ApiPropertyOptional({ + description: 'Field to sort by', + enum: MeetingSortField, + default: MeetingSortField.DATE, + }) + @IsOptional() + @IsEnum(MeetingSortField) + sortBy?: MeetingSortField = MeetingSortField.DATE; + + @ApiPropertyOptional({ + description: 'Sort order', + enum: SortOrder, + default: SortOrder.DESC, + }) + @IsOptional() + @IsEnum(SortOrder) + sortOrder?: SortOrder = SortOrder.DESC; +} diff --git a/apps/api/src/modules/lean/morning-meeting/dto/update-action.dto.ts b/apps/api/src/modules/lean/morning-meeting/dto/update-action.dto.ts new file mode 100644 index 0000000..7e3a9ae --- /dev/null +++ b/apps/api/src/modules/lean/morning-meeting/dto/update-action.dto.ts @@ -0,0 +1,69 @@ +import { ApiPropertyOptional } from '@nestjs/swagger'; +import { + IsString, + IsOptional, + IsDateString, + IsEnum, +} from 'class-validator'; +import { ActionStatus, Priority } from '@prisma/client'; + +/** + * DTO for updating an action item + */ +export class UpdateActionDto { + @ApiPropertyOptional({ + description: 'Action item title', + example: 'Fix conveyor belt alignment - Updated', + }) + @IsOptional() + @IsString() + title?: string; + + @ApiPropertyOptional({ + description: 'Detailed description of the action', + example: 'Updated description with more details', + }) + @IsOptional() + @IsString() + description?: string; + + @ApiPropertyOptional({ + description: 'User ID of the assignee', + example: 'clq1234567890abcdef', + }) + @IsOptional() + @IsString() + assigneeId?: string; + + @ApiPropertyOptional({ + description: 'Due date for the action (YYYY-MM-DD)', + example: '2024-01-25', + }) + @IsOptional() + @IsDateString() + dueDate?: string; + + @ApiPropertyOptional({ + description: 'Action status', + enum: ActionStatus, + }) + @IsOptional() + @IsEnum(ActionStatus) + status?: ActionStatus; + + @ApiPropertyOptional({ + description: 'Priority level', + enum: Priority, + }) + @IsOptional() + @IsEnum(Priority) + priority?: Priority; + + @ApiPropertyOptional({ + description: 'Completion timestamp (ISO 8601)', + example: '2024-01-18T14:30:00Z', + }) + @IsOptional() + @IsDateString() + completedAt?: string; +} diff --git a/apps/api/src/modules/lean/morning-meeting/dto/update-meeting.dto.ts b/apps/api/src/modules/lean/morning-meeting/dto/update-meeting.dto.ts new file mode 100644 index 0000000..3e5e5a5 --- /dev/null +++ b/apps/api/src/modules/lean/morning-meeting/dto/update-meeting.dto.ts @@ -0,0 +1,75 @@ +import { ApiPropertyOptional } from '@nestjs/swagger'; +import { + IsString, + IsOptional, + IsDateString, + IsArray, + IsEnum, + IsInt, + Min, +} from 'class-validator'; +import { MeetingStatus } from '@prisma/client'; + +/** + * DTO for updating a morning meeting + */ +export class UpdateMeetingDto { + @ApiPropertyOptional({ + description: 'Conductor/facilitator user ID', + example: 'clq1234567890abcdef', + }) + @IsOptional() + @IsString() + conductorId?: string; + + @ApiPropertyOptional({ + description: 'Array of participant user IDs', + example: ['clq123', 'clq456'], + type: [String], + }) + @IsOptional() + @IsArray() + @IsString({ each: true }) + participants?: string[]; + + @ApiPropertyOptional({ + description: 'Meeting notes', + example: 'Weekly status review - updated', + }) + @IsOptional() + @IsString() + notes?: string; + + @ApiPropertyOptional({ + description: 'Meeting status', + enum: MeetingStatus, + }) + @IsOptional() + @IsEnum(MeetingStatus) + status?: MeetingStatus; + + @ApiPropertyOptional({ + description: 'Meeting start time (ISO 8601)', + example: '2024-01-15T08:00:00Z', + }) + @IsOptional() + @IsDateString() + startTime?: string; + + @ApiPropertyOptional({ + description: 'Meeting end time (ISO 8601)', + example: '2024-01-15T08:15:00Z', + }) + @IsOptional() + @IsDateString() + endTime?: string; + + @ApiPropertyOptional({ + description: 'Meeting duration in minutes', + example: 15, + }) + @IsOptional() + @IsInt() + @Min(0) + duration?: number; +} diff --git a/apps/api/src/modules/lean/morning-meeting/dto/update-topic.dto.ts b/apps/api/src/modules/lean/morning-meeting/dto/update-topic.dto.ts new file mode 100644 index 0000000..dcdf1a6 --- /dev/null +++ b/apps/api/src/modules/lean/morning-meeting/dto/update-topic.dto.ts @@ -0,0 +1,87 @@ +import { ApiPropertyOptional } from '@nestjs/swagger'; +import { + IsString, + IsOptional, + IsEnum, + IsInt, + Min, +} from 'class-validator'; +import { SQCDMCategory, KPIStatus, Trend } from '@prisma/client'; + +/** + * DTO for updating a morning meeting topic (KPI) + */ +export class UpdateTopicDto { + @ApiPropertyOptional({ + description: 'SQCDM category for the topic', + enum: SQCDMCategory, + }) + @IsOptional() + @IsEnum(SQCDMCategory) + category?: SQCDMCategory; + + @ApiPropertyOptional({ + description: 'Topic title/name', + example: 'Fehlerquote', + }) + @IsOptional() + @IsString() + title?: string; + + @ApiPropertyOptional({ + description: 'Current value of the KPI', + example: '2.5', + }) + @IsOptional() + @IsString() + value?: string; + + @ApiPropertyOptional({ + description: 'Target value for the KPI', + example: '2.0', + }) + @IsOptional() + @IsString() + target?: string; + + @ApiPropertyOptional({ + description: 'Unit of measurement', + example: '%', + }) + @IsOptional() + @IsString() + unit?: string; + + @ApiPropertyOptional({ + description: 'KPI status (traffic light)', + enum: KPIStatus, + }) + @IsOptional() + @IsEnum(KPIStatus) + status?: KPIStatus; + + @ApiPropertyOptional({ + description: 'Trend direction', + enum: Trend, + }) + @IsOptional() + @IsEnum(Trend) + trend?: Trend; + + @ApiPropertyOptional({ + description: 'Sort order within category', + example: 0, + }) + @IsOptional() + @IsInt() + @Min(0) + sortOrder?: number; + + @ApiPropertyOptional({ + description: 'Additional notes for the topic', + example: 'Production line A had issues', + }) + @IsOptional() + @IsString() + note?: string; +} diff --git a/apps/api/src/modules/lean/morning-meeting/index.ts b/apps/api/src/modules/lean/morning-meeting/index.ts new file mode 100644 index 0000000..4af7a31 --- /dev/null +++ b/apps/api/src/modules/lean/morning-meeting/index.ts @@ -0,0 +1,4 @@ +export * from './morning-meeting.module'; +export * from './morning-meeting.service'; +export * from './morning-meeting.controller'; +export * from './dto'; diff --git a/apps/api/src/modules/lean/morning-meeting/morning-meeting.controller.ts b/apps/api/src/modules/lean/morning-meeting/morning-meeting.controller.ts new file mode 100644 index 0000000..fe2043c --- /dev/null +++ b/apps/api/src/modules/lean/morning-meeting/morning-meeting.controller.ts @@ -0,0 +1,281 @@ +import { + Controller, + Get, + Post, + Body, + Put, + Param, + Delete, + Query, + HttpCode, + HttpStatus, +} from '@nestjs/common'; +import { + ApiTags, + ApiOperation, + ApiResponse, + ApiBearerAuth, + ApiParam, + ApiQuery, +} from '@nestjs/swagger'; +import { MorningMeetingService } from './morning-meeting.service'; +import { + CreateMeetingDto, + UpdateMeetingDto, + QueryMeetingsDto, + CreateTopicDto, + UpdateTopicDto, + CreateActionDto, + UpdateActionDto, +} from './dto'; +import { RequirePermissions } from '../../../auth/permissions/permissions.decorator'; +import { Permission } from '../../../auth/permissions/permissions.enum'; +import { AuditLog } from '../../audit/audit.interceptor'; +import { SQCDMCategory } from '@prisma/client'; + +@ApiTags('lean/meetings') +@ApiBearerAuth('JWT-auth') +@Controller('lean/meetings') +export class MorningMeetingController { + constructor(private readonly meetingService: MorningMeetingService) {} + + // ============================================================================ + // MEETING ENDPOINTS + // ============================================================================ + + @Post() + @RequirePermissions(Permission.MEETING_CREATE) + @AuditLog('MorningMeeting', 'CREATE') + @ApiOperation({ summary: 'Create a new morning meeting' }) + @ApiResponse({ status: 201, description: 'Meeting created successfully' }) + @ApiResponse({ status: 400, description: 'Bad request' }) + @ApiResponse({ status: 404, description: 'Department not found' }) + @ApiResponse({ status: 409, description: 'Meeting already exists for this date' }) + createMeeting(@Body() createDto: CreateMeetingDto) { + return this.meetingService.createMeeting(createDto); + } + + @Get() + @RequirePermissions(Permission.MEETING_VIEW) + @ApiOperation({ summary: 'Get all meetings with pagination and filters' }) + @ApiResponse({ status: 200, description: 'List of meetings' }) + findAllMeetings(@Query() query: QueryMeetingsDto) { + return this.meetingService.findAllMeetings(query); + } + + @Get('actions/open') + @RequirePermissions(Permission.MEETING_VIEW) + @ApiOperation({ summary: 'Get all open action items' }) + @ApiQuery({ + name: 'departmentId', + required: false, + description: 'Filter by department', + }) + @ApiResponse({ status: 200, description: 'List of open actions' }) + getOpenActions(@Query('departmentId') departmentId?: string) { + return this.meetingService.getOpenActions(departmentId); + } + + @Get('today/:departmentId') + @RequirePermissions(Permission.MEETING_VIEW) + @ApiOperation({ summary: 'Get today\'s meeting for a department' }) + @ApiParam({ name: 'departmentId', description: 'Department ID' }) + @ApiQuery({ + name: 'create', + required: false, + description: 'Create meeting if not exists', + type: Boolean, + }) + @ApiResponse({ status: 200, description: 'Today\'s meeting' }) + @ApiResponse({ status: 404, description: 'No meeting found for today' }) + getTodaysMeeting( + @Param('departmentId') departmentId: string, + @Query('create') create?: string, + ) { + const createIfNotExists = create === 'true'; + return this.meetingService.getTodaysMeeting(departmentId, createIfNotExists); + } + + @Get('history/:departmentId') + @RequirePermissions(Permission.MEETING_VIEW) + @ApiOperation({ summary: 'Get meeting history for a department' }) + @ApiParam({ name: 'departmentId', description: 'Department ID' }) + @ApiQuery({ + name: 'days', + required: false, + description: 'Number of days to look back (default: 30)', + type: Number, + }) + @ApiResponse({ status: 200, description: 'Meeting history' }) + getMeetingHistory( + @Param('departmentId') departmentId: string, + @Query('days') days?: string, + ) { + return this.meetingService.getMeetingHistory( + departmentId, + days ? parseInt(days, 10) : 30, + ); + } + + @Get('kpi-trends/:departmentId') + @RequirePermissions(Permission.MEETING_VIEW) + @ApiOperation({ summary: 'Get KPI trends over time for a department' }) + @ApiParam({ name: 'departmentId', description: 'Department ID' }) + @ApiQuery({ + name: 'category', + required: false, + enum: SQCDMCategory, + description: 'Filter by SQCDM category', + }) + @ApiQuery({ + name: 'days', + required: false, + description: 'Number of days to analyze (default: 30)', + type: Number, + }) + @ApiResponse({ status: 200, description: 'KPI trend data' }) + getKpiTrends( + @Param('departmentId') departmentId: string, + @Query('category') category?: SQCDMCategory, + @Query('days') days?: string, + ) { + return this.meetingService.getKpiTrends( + departmentId, + category, + days ? parseInt(days, 10) : 30, + ); + } + + @Get(':id') + @RequirePermissions(Permission.MEETING_VIEW) + @ApiOperation({ summary: 'Get a meeting by ID' }) + @ApiParam({ name: 'id', description: 'Meeting ID' }) + @ApiResponse({ status: 200, description: 'Meeting details' }) + @ApiResponse({ status: 404, description: 'Meeting not found' }) + findMeetingById(@Param('id') id: string) { + return this.meetingService.findMeetingById(id); + } + + @Put(':id') + @RequirePermissions(Permission.MEETING_UPDATE) + @AuditLog('MorningMeeting', 'UPDATE') + @ApiOperation({ summary: 'Update a meeting' }) + @ApiParam({ name: 'id', description: 'Meeting ID' }) + @ApiResponse({ status: 200, description: 'Meeting updated' }) + @ApiResponse({ status: 404, description: 'Meeting not found' }) + updateMeeting(@Param('id') id: string, @Body() updateDto: UpdateMeetingDto) { + return this.meetingService.updateMeeting(id, updateDto); + } + + @Delete(':id') + @RequirePermissions(Permission.MEETING_DELETE) + @AuditLog('MorningMeeting', 'DELETE') + @HttpCode(HttpStatus.OK) + @ApiOperation({ summary: 'Delete a meeting' }) + @ApiParam({ name: 'id', description: 'Meeting ID' }) + @ApiResponse({ status: 200, description: 'Meeting deleted' }) + @ApiResponse({ status: 404, description: 'Meeting not found' }) + deleteMeeting(@Param('id') id: string) { + return this.meetingService.deleteMeeting(id); + } + + @Post(':id/start') + @RequirePermissions(Permission.MEETING_UPDATE) + @AuditLog('MorningMeeting', 'START') + @ApiOperation({ summary: 'Start a meeting (begin timer)' }) + @ApiParam({ name: 'id', description: 'Meeting ID' }) + @ApiResponse({ status: 200, description: 'Meeting started' }) + @ApiResponse({ status: 400, description: 'Meeting cannot be started' }) + @ApiResponse({ status: 404, description: 'Meeting not found' }) + startMeeting(@Param('id') id: string) { + return this.meetingService.startMeeting(id); + } + + @Post(':id/end') + @RequirePermissions(Permission.MEETING_UPDATE) + @AuditLog('MorningMeeting', 'END') + @ApiOperation({ summary: 'End a meeting (stop timer)' }) + @ApiParam({ name: 'id', description: 'Meeting ID' }) + @ApiResponse({ status: 200, description: 'Meeting ended' }) + @ApiResponse({ status: 400, description: 'Meeting cannot be ended' }) + @ApiResponse({ status: 404, description: 'Meeting not found' }) + endMeeting(@Param('id') id: string) { + return this.meetingService.endMeeting(id); + } + + // ============================================================================ + // TOPIC ENDPOINTS + // ============================================================================ + + @Post(':id/topics') + @RequirePermissions(Permission.MEETING_CREATE) + @AuditLog('MorningMeetingTopic', 'CREATE') + @ApiOperation({ summary: 'Add a topic to a meeting' }) + @ApiParam({ name: 'id', description: 'Meeting ID' }) + @ApiResponse({ status: 201, description: 'Topic added' }) + @ApiResponse({ status: 404, description: 'Meeting not found' }) + addTopic(@Param('id') id: string, @Body() createDto: CreateTopicDto) { + return this.meetingService.addTopic(id, createDto); + } + + @Put('topics/:id') + @RequirePermissions(Permission.MEETING_UPDATE) + @AuditLog('MorningMeetingTopic', 'UPDATE') + @ApiOperation({ summary: 'Update a topic' }) + @ApiParam({ name: 'id', description: 'Topic ID' }) + @ApiResponse({ status: 200, description: 'Topic updated' }) + @ApiResponse({ status: 404, description: 'Topic not found' }) + updateTopic(@Param('id') id: string, @Body() updateDto: UpdateTopicDto) { + return this.meetingService.updateTopic(id, updateDto); + } + + @Delete('topics/:id') + @RequirePermissions(Permission.MEETING_DELETE) + @AuditLog('MorningMeetingTopic', 'DELETE') + @HttpCode(HttpStatus.OK) + @ApiOperation({ summary: 'Delete a topic' }) + @ApiParam({ name: 'id', description: 'Topic ID' }) + @ApiResponse({ status: 200, description: 'Topic deleted' }) + @ApiResponse({ status: 404, description: 'Topic not found' }) + deleteTopic(@Param('id') id: string) { + return this.meetingService.deleteTopic(id); + } + + // ============================================================================ + // ACTION ENDPOINTS + // ============================================================================ + + @Post(':id/actions') + @RequirePermissions(Permission.MEETING_CREATE) + @AuditLog('MorningMeetingAction', 'CREATE') + @ApiOperation({ summary: 'Add an action item to a meeting' }) + @ApiParam({ name: 'id', description: 'Meeting ID' }) + @ApiResponse({ status: 201, description: 'Action added' }) + @ApiResponse({ status: 404, description: 'Meeting not found' }) + addAction(@Param('id') id: string, @Body() createDto: CreateActionDto) { + return this.meetingService.addAction(id, createDto); + } + + @Put('actions/:id') + @RequirePermissions(Permission.MEETING_UPDATE) + @AuditLog('MorningMeetingAction', 'UPDATE') + @ApiOperation({ summary: 'Update an action item' }) + @ApiParam({ name: 'id', description: 'Action ID' }) + @ApiResponse({ status: 200, description: 'Action updated' }) + @ApiResponse({ status: 404, description: 'Action not found' }) + updateAction(@Param('id') id: string, @Body() updateDto: UpdateActionDto) { + return this.meetingService.updateAction(id, updateDto); + } + + @Put('actions/:id/complete') + @RequirePermissions(Permission.MEETING_UPDATE) + @AuditLog('MorningMeetingAction', 'COMPLETE') + @ApiOperation({ summary: 'Mark an action item as completed' }) + @ApiParam({ name: 'id', description: 'Action ID' }) + @ApiResponse({ status: 200, description: 'Action completed' }) + @ApiResponse({ status: 400, description: 'Action already completed' }) + @ApiResponse({ status: 404, description: 'Action not found' }) + completeAction(@Param('id') id: string) { + return this.meetingService.completeAction(id); + } +} diff --git a/apps/api/src/modules/lean/morning-meeting/morning-meeting.module.ts b/apps/api/src/modules/lean/morning-meeting/morning-meeting.module.ts new file mode 100644 index 0000000..314e91a --- /dev/null +++ b/apps/api/src/modules/lean/morning-meeting/morning-meeting.module.ts @@ -0,0 +1,23 @@ +import { Module } from '@nestjs/common'; +import { MorningMeetingController } from './morning-meeting.controller'; +import { MorningMeetingService } from './morning-meeting.service'; + +/** + * Morning Meeting Module + * + * Provides functionality for daily shopfloor management meetings + * following the SQCDM (Safety, Quality, Cost, Delivery, Morale) framework. + * + * Features: + * - Meeting scheduling and management + * - SQCDM KPI tracking with traffic light status + * - Action item management with assignees and due dates + * - Meeting timer for time-boxing + * - Trend analysis for KPIs over time + */ +@Module({ + controllers: [MorningMeetingController], + providers: [MorningMeetingService], + exports: [MorningMeetingService], +}) +export class MorningMeetingModule {} diff --git a/apps/api/src/modules/lean/morning-meeting/morning-meeting.service.ts b/apps/api/src/modules/lean/morning-meeting/morning-meeting.service.ts new file mode 100644 index 0000000..2111d66 --- /dev/null +++ b/apps/api/src/modules/lean/morning-meeting/morning-meeting.service.ts @@ -0,0 +1,690 @@ +import { + Injectable, + NotFoundException, + ConflictException, + BadRequestException, +} from '@nestjs/common'; +import { PrismaService } from '../../../prisma/prisma.service'; +import { + CreateMeetingDto, + UpdateMeetingDto, + QueryMeetingsDto, + CreateTopicDto, + UpdateTopicDto, + CreateActionDto, + UpdateActionDto, +} from './dto'; +import { Prisma, MeetingStatus, ActionStatus, SQCDMCategory } from '@prisma/client'; + +/** + * Default KPI templates for each SQCDM category + * These are used when creating a new meeting to pre-populate topics + */ +const DEFAULT_TOPIC_TEMPLATES: Array<{ + category: SQCDMCategory; + title: string; + unit?: string; +}> = [ + { category: 'SAFETY', title: 'Arbeitsunfaelle', unit: 'Anzahl' }, + { category: 'SAFETY', title: 'Beinahe-Unfaelle', unit: 'Anzahl' }, + { category: 'QUALITY', title: 'Fehlerquote', unit: '%' }, + { category: 'QUALITY', title: 'Reklamationen', unit: 'Anzahl' }, + { category: 'COST', title: 'Ausschuss', unit: '%' }, + { category: 'COST', title: 'Nacharbeit', unit: 'Stunden' }, + { category: 'DELIVERY', title: 'Liefertreue', unit: '%' }, + { category: 'DELIVERY', title: 'Durchlaufzeit', unit: 'Tage' }, + { category: 'MORALE', title: 'Anwesenheit', unit: '%' }, + { category: 'MORALE', title: 'Verbesserungsvorschlaege', unit: 'Anzahl' }, +]; + +@Injectable() +export class MorningMeetingService { + constructor(private readonly prisma: PrismaService) {} + + // ============================================================================ + // MEETING OPERATIONS + // ============================================================================ + + /** + * Create a new morning meeting + */ + async createMeeting(createDto: CreateMeetingDto) { + // Validate department exists + const department = await this.prisma.department.findUnique({ + where: { id: createDto.departmentId }, + }); + + if (!department) { + throw new NotFoundException( + `Department with ID ${createDto.departmentId} not found`, + ); + } + + // Check if meeting already exists for this date and department + const existingMeeting = await this.prisma.morningMeeting.findUnique({ + where: { + departmentId_date: { + departmentId: createDto.departmentId, + date: new Date(createDto.date), + }, + }, + }); + + if (existingMeeting) { + throw new ConflictException( + `Meeting already exists for department ${department.name} on ${createDto.date}`, + ); + } + + // Validate conductor if provided + if (createDto.conductorId) { + const conductor = await this.prisma.user.findUnique({ + where: { id: createDto.conductorId }, + }); + if (!conductor) { + throw new NotFoundException( + `Conductor with ID ${createDto.conductorId} not found`, + ); + } + } + + // Create meeting with default topics + return this.prisma.morningMeeting.create({ + data: { + departmentId: createDto.departmentId, + date: new Date(createDto.date), + conductorId: createDto.conductorId, + participants: createDto.participants || [], + notes: createDto.notes, + status: createDto.status || 'SCHEDULED', + topics: { + create: DEFAULT_TOPIC_TEMPLATES.map((template, index) => ({ + category: template.category, + title: template.title, + unit: template.unit, + sortOrder: index, + })), + }, + }, + include: this.getMeetingIncludes(), + }); + } + + /** + * Get all meetings with pagination and filters + */ + async findAllMeetings(query: QueryMeetingsDto) { + const { + page = 1, + limit = 20, + departmentId, + status, + dateFrom, + dateTo, + conductorId, + sortBy = 'date', + sortOrder = 'desc', + } = query; + const skip = (page - 1) * limit; + + const where: Prisma.MorningMeetingWhereInput = { + ...(departmentId && { departmentId }), + ...(status && { status }), + ...(conductorId && { conductorId }), + ...(dateFrom || dateTo + ? { + date: { + ...(dateFrom && { gte: new Date(dateFrom) }), + ...(dateTo && { lte: new Date(dateTo) }), + }, + } + : {}), + }; + + const orderBy: Prisma.MorningMeetingOrderByWithRelationInput = { + [sortBy]: sortOrder, + }; + + const [meetings, total] = await Promise.all([ + this.prisma.morningMeeting.findMany({ + where, + skip, + take: limit, + orderBy, + include: this.getMeetingIncludes(), + }), + this.prisma.morningMeeting.count({ where }), + ]); + + return { + data: meetings, + meta: { + total, + page, + limit, + totalPages: Math.ceil(total / limit), + }, + }; + } + + /** + * Get a single meeting by ID + */ + async findMeetingById(id: string) { + const meeting = await this.prisma.morningMeeting.findUnique({ + where: { id }, + include: this.getMeetingIncludes(), + }); + + if (!meeting) { + throw new NotFoundException(`Meeting with ID ${id} not found`); + } + + return meeting; + } + + /** + * Get today's meeting for a department (or create if not exists) + */ + async getTodaysMeeting(departmentId: string, createIfNotExists = false) { + const today = new Date(); + today.setHours(0, 0, 0, 0); + + let meeting = await this.prisma.morningMeeting.findUnique({ + where: { + departmentId_date: { + departmentId, + date: today, + }, + }, + include: this.getMeetingIncludes(), + }); + + if (!meeting && createIfNotExists) { + meeting = await this.createMeeting({ + departmentId, + date: today.toISOString().split('T')[0], + }); + } + + if (!meeting) { + throw new NotFoundException( + `No meeting found for today in department ${departmentId}`, + ); + } + + return meeting; + } + + /** + * Update a meeting + */ + async updateMeeting(id: string, updateDto: UpdateMeetingDto) { + await this.findMeetingById(id); + + // Validate conductor if changing + if (updateDto.conductorId) { + const conductor = await this.prisma.user.findUnique({ + where: { id: updateDto.conductorId }, + }); + if (!conductor) { + throw new NotFoundException( + `Conductor with ID ${updateDto.conductorId} not found`, + ); + } + } + + return this.prisma.morningMeeting.update({ + where: { id }, + data: { + ...(updateDto.conductorId !== undefined && { + conductorId: updateDto.conductorId, + }), + ...(updateDto.participants !== undefined && { + participants: updateDto.participants, + }), + ...(updateDto.notes !== undefined && { notes: updateDto.notes }), + ...(updateDto.status !== undefined && { status: updateDto.status }), + ...(updateDto.startTime && { startTime: new Date(updateDto.startTime) }), + ...(updateDto.endTime && { endTime: new Date(updateDto.endTime) }), + ...(updateDto.duration !== undefined && { duration: updateDto.duration }), + }, + include: this.getMeetingIncludes(), + }); + } + + /** + * Delete a meeting + */ + async deleteMeeting(id: string) { + await this.findMeetingById(id); + + return this.prisma.morningMeeting.delete({ + where: { id }, + include: this.getMeetingIncludes(), + }); + } + + /** + * Start a meeting (set status to IN_PROGRESS and record start time) + */ + async startMeeting(id: string) { + const meeting = await this.findMeetingById(id); + + if (meeting.status !== 'SCHEDULED') { + throw new BadRequestException( + `Cannot start meeting with status ${meeting.status}`, + ); + } + + return this.prisma.morningMeeting.update({ + where: { id }, + data: { + status: 'IN_PROGRESS', + startTime: new Date(), + }, + include: this.getMeetingIncludes(), + }); + } + + /** + * End a meeting (set status to COMPLETED and record end time/duration) + */ + async endMeeting(id: string) { + const meeting = await this.findMeetingById(id); + + if (meeting.status !== 'IN_PROGRESS') { + throw new BadRequestException( + `Cannot end meeting with status ${meeting.status}`, + ); + } + + const endTime = new Date(); + const duration = meeting.startTime + ? Math.round((endTime.getTime() - meeting.startTime.getTime()) / 60000) + : null; + + return this.prisma.morningMeeting.update({ + where: { id }, + data: { + status: 'COMPLETED', + endTime, + duration, + }, + include: this.getMeetingIncludes(), + }); + } + + /** + * Get meeting history for a department + */ + async getMeetingHistory(departmentId: string, days = 30) { + const startDate = new Date(); + startDate.setDate(startDate.getDate() - days); + + return this.prisma.morningMeeting.findMany({ + where: { + departmentId, + date: { gte: startDate }, + }, + orderBy: { date: 'desc' }, + include: this.getMeetingIncludes(), + }); + } + + // ============================================================================ + // TOPIC OPERATIONS + // ============================================================================ + + /** + * Add a topic to a meeting + */ + async addTopic(meetingId: string, createDto: CreateTopicDto) { + await this.findMeetingById(meetingId); + + // Get the max sort order for the category + const maxSortOrder = await this.prisma.morningMeetingTopic.findFirst({ + where: { meetingId, category: createDto.category }, + orderBy: { sortOrder: 'desc' }, + select: { sortOrder: true }, + }); + + return this.prisma.morningMeetingTopic.create({ + data: { + meetingId, + category: createDto.category, + title: createDto.title, + value: createDto.value, + target: createDto.target, + unit: createDto.unit, + status: createDto.status || 'NEUTRAL', + trend: createDto.trend, + sortOrder: createDto.sortOrder ?? (maxSortOrder?.sortOrder ?? 0) + 1, + note: createDto.note, + }, + }); + } + + /** + * Update a topic + */ + async updateTopic(id: string, updateDto: UpdateTopicDto) { + const topic = await this.prisma.morningMeetingTopic.findUnique({ + where: { id }, + }); + + if (!topic) { + throw new NotFoundException(`Topic with ID ${id} not found`); + } + + return this.prisma.morningMeetingTopic.update({ + where: { id }, + data: updateDto, + }); + } + + /** + * Delete a topic + */ + async deleteTopic(id: string) { + const topic = await this.prisma.morningMeetingTopic.findUnique({ + where: { id }, + }); + + if (!topic) { + throw new NotFoundException(`Topic with ID ${id} not found`); + } + + return this.prisma.morningMeetingTopic.delete({ + where: { id }, + }); + } + + // ============================================================================ + // ACTION OPERATIONS + // ============================================================================ + + /** + * Add an action item to a meeting + */ + async addAction(meetingId: string, createDto: CreateActionDto) { + await this.findMeetingById(meetingId); + + // Validate assignee if provided + if (createDto.assigneeId) { + const assignee = await this.prisma.user.findUnique({ + where: { id: createDto.assigneeId }, + }); + if (!assignee) { + throw new NotFoundException( + `Assignee with ID ${createDto.assigneeId} not found`, + ); + } + } + + return this.prisma.morningMeetingAction.create({ + data: { + meetingId, + title: createDto.title, + description: createDto.description, + assigneeId: createDto.assigneeId, + dueDate: createDto.dueDate ? new Date(createDto.dueDate) : null, + status: createDto.status || 'OPEN', + priority: createDto.priority || 'MEDIUM', + }, + include: { + assignee: { + select: { + id: true, + firstName: true, + lastName: true, + email: true, + avatar: true, + }, + }, + }, + }); + } + + /** + * Update an action item + */ + async updateAction(id: string, updateDto: UpdateActionDto) { + const action = await this.prisma.morningMeetingAction.findUnique({ + where: { id }, + }); + + if (!action) { + throw new NotFoundException(`Action with ID ${id} not found`); + } + + // Validate assignee if changing + if (updateDto.assigneeId) { + const assignee = await this.prisma.user.findUnique({ + where: { id: updateDto.assigneeId }, + }); + if (!assignee) { + throw new NotFoundException( + `Assignee with ID ${updateDto.assigneeId} not found`, + ); + } + } + + return this.prisma.morningMeetingAction.update({ + where: { id }, + data: { + ...(updateDto.title !== undefined && { title: updateDto.title }), + ...(updateDto.description !== undefined && { + description: updateDto.description, + }), + ...(updateDto.assigneeId !== undefined && { + assigneeId: updateDto.assigneeId, + }), + ...(updateDto.dueDate !== undefined && { + dueDate: updateDto.dueDate ? new Date(updateDto.dueDate) : null, + }), + ...(updateDto.status !== undefined && { status: updateDto.status }), + ...(updateDto.priority !== undefined && { priority: updateDto.priority }), + ...(updateDto.completedAt !== undefined && { + completedAt: updateDto.completedAt + ? new Date(updateDto.completedAt) + : null, + }), + }, + include: { + assignee: { + select: { + id: true, + firstName: true, + lastName: true, + email: true, + avatar: true, + }, + }, + }, + }); + } + + /** + * Complete an action item + */ + async completeAction(id: string) { + const action = await this.prisma.morningMeetingAction.findUnique({ + where: { id }, + }); + + if (!action) { + throw new NotFoundException(`Action with ID ${id} not found`); + } + + if (action.status === 'COMPLETED') { + throw new BadRequestException('Action is already completed'); + } + + return this.prisma.morningMeetingAction.update({ + where: { id }, + data: { + status: 'COMPLETED', + completedAt: new Date(), + }, + include: { + assignee: { + select: { + id: true, + firstName: true, + lastName: true, + email: true, + avatar: true, + }, + }, + }, + }); + } + + /** + * Get all open actions (across all meetings) + */ + async getOpenActions(departmentId?: string) { + return this.prisma.morningMeetingAction.findMany({ + where: { + status: { in: ['OPEN', 'IN_PROGRESS'] }, + ...(departmentId && { + meeting: { departmentId }, + }), + }, + orderBy: [{ priority: 'desc' }, { dueDate: 'asc' }], + include: { + assignee: { + select: { + id: true, + firstName: true, + lastName: true, + email: true, + avatar: true, + }, + }, + meeting: { + select: { + id: true, + date: true, + department: { + select: { + id: true, + name: true, + }, + }, + }, + }, + }, + }); + } + + // ============================================================================ + // KPI TREND ANALYSIS + // ============================================================================ + + /** + * Get KPI trends over time for a department + */ + async getKpiTrends(departmentId: string, category?: SQCDMCategory, days = 30) { + const startDate = new Date(); + startDate.setDate(startDate.getDate() - days); + + const meetings = await this.prisma.morningMeeting.findMany({ + where: { + departmentId, + date: { gte: startDate }, + }, + orderBy: { date: 'asc' }, + include: { + topics: { + where: category ? { category } : {}, + orderBy: { sortOrder: 'asc' }, + }, + }, + }); + + // Transform data for trend visualization + const trends: Record< + string, + Array<{ + date: string; + value: string | null; + status: string; + trend: string | null; + }> + > = {}; + + for (const meeting of meetings) { + for (const topic of meeting.topics) { + const key = `${topic.category}-${topic.title}`; + if (!trends[key]) { + trends[key] = []; + } + trends[key].push({ + date: meeting.date.toISOString().split('T')[0], + value: topic.value, + status: topic.status, + trend: topic.trend, + }); + } + } + + return { + departmentId, + period: { from: startDate, to: new Date() }, + trends, + }; + } + + // ============================================================================ + // HELPER METHODS + // ============================================================================ + + /** + * Get standard includes for meeting queries + */ + private getMeetingIncludes() { + return { + department: { + select: { + id: true, + name: true, + code: true, + }, + }, + conductor: { + select: { + id: true, + firstName: true, + lastName: true, + email: true, + avatar: true, + }, + }, + topics: { + orderBy: [ + { category: 'asc' as const }, + { sortOrder: 'asc' as const }, + ], + }, + actions: { + orderBy: [ + { priority: 'desc' as const }, + { createdAt: 'desc' as const }, + ], + include: { + assignee: { + select: { + id: true, + firstName: true, + lastName: true, + email: true, + avatar: true, + }, + }, + }, + }, + }; + } +} diff --git a/apps/api/src/modules/lean/s3-planning/dto/create-plan.dto.ts b/apps/api/src/modules/lean/s3-planning/dto/create-plan.dto.ts new file mode 100644 index 0000000..0c574d1 --- /dev/null +++ b/apps/api/src/modules/lean/s3-planning/dto/create-plan.dto.ts @@ -0,0 +1,106 @@ +import { ApiProperty, ApiPropertyOptional } from '@nestjs/swagger'; +import { + IsString, + IsInt, + IsOptional, + IsBoolean, + IsArray, + ValidateNested, + Min, + Max, + IsEnum, +} from 'class-validator'; +import { Type } from 'class-transformer'; +import { S3Type } from '@prisma/client'; + +/** + * DTO for creating a new S3 category within a plan + */ +export class CreateS3CategoryDto { + @ApiProperty({ + description: 'Category name', + example: 'Werkzeugablage', + minLength: 2, + maxLength: 100, + }) + @IsString() + name: string; + + @ApiProperty({ + description: 'S3 Type (SEIRI, SEITON, SEISO)', + enum: S3Type, + example: S3Type.SEIRI, + }) + @IsEnum(S3Type) + s3Type: S3Type; + + @ApiPropertyOptional({ + description: 'Sort order for display', + example: 0, + default: 0, + }) + @IsOptional() + @IsInt() + @Min(0) + sortOrder?: number; +} + +/** + * DTO for creating a new S3 plan + */ +export class CreateS3PlanDto { + @ApiProperty({ + description: 'Department ID', + example: 'clq1234567890abcdef', + }) + @IsString() + departmentId: string; + + @ApiProperty({ + description: 'Year of the plan', + example: 2024, + minimum: 2020, + maximum: 2100, + }) + @IsInt() + @Min(2020) + @Max(2100) + year: number; + + @ApiProperty({ + description: 'Month of the plan (1-12)', + example: 1, + minimum: 1, + maximum: 12, + }) + @IsInt() + @Min(1) + @Max(12) + month: number; + + @ApiPropertyOptional({ + description: 'Whether the plan is active', + example: true, + default: true, + }) + @IsOptional() + @IsBoolean() + isActive?: boolean; + + @ApiPropertyOptional({ + description: 'Initial categories to create with the plan', + type: [CreateS3CategoryDto], + }) + @IsOptional() + @IsArray() + @ValidateNested({ each: true }) + @Type(() => CreateS3CategoryDto) + categories?: CreateS3CategoryDto[]; +} + +/** + * DTO for adding a category to an existing plan + */ +export class AddS3CategoryDto extends CreateS3CategoryDto { + // Inherits all properties from CreateS3CategoryDto +} diff --git a/apps/api/src/modules/lean/s3-planning/dto/index.ts b/apps/api/src/modules/lean/s3-planning/dto/index.ts new file mode 100644 index 0000000..dc30e1a --- /dev/null +++ b/apps/api/src/modules/lean/s3-planning/dto/index.ts @@ -0,0 +1,3 @@ +export * from './create-plan.dto'; +export * from './update-status.dto'; +export * from './query-plans.dto'; diff --git a/apps/api/src/modules/lean/s3-planning/dto/query-plans.dto.ts b/apps/api/src/modules/lean/s3-planning/dto/query-plans.dto.ts new file mode 100644 index 0000000..eefaeb3 --- /dev/null +++ b/apps/api/src/modules/lean/s3-planning/dto/query-plans.dto.ts @@ -0,0 +1,136 @@ +import { ApiPropertyOptional } from '@nestjs/swagger'; +import { IsOptional, IsString, IsInt, IsBoolean, Min, Max } from 'class-validator'; +import { Transform, Type } from 'class-transformer'; + +/** + * DTO for querying S3 plans with filters + */ +export class QueryS3PlansDto { + @ApiPropertyOptional({ + description: 'Page number', + example: 1, + default: 1, + }) + @IsOptional() + @Type(() => Number) + @IsInt() + @Min(1) + page?: number = 1; + + @ApiPropertyOptional({ + description: 'Items per page', + example: 20, + default: 20, + }) + @IsOptional() + @Type(() => Number) + @IsInt() + @Min(1) + @Max(100) + limit?: number = 20; + + @ApiPropertyOptional({ + description: 'Filter by department ID', + example: 'clq1234567890abcdef', + }) + @IsOptional() + @IsString() + departmentId?: string; + + @ApiPropertyOptional({ + description: 'Filter by year', + example: 2024, + }) + @IsOptional() + @Type(() => Number) + @IsInt() + @Min(2020) + @Max(2100) + year?: number; + + @ApiPropertyOptional({ + description: 'Filter by month (1-12)', + example: 1, + }) + @IsOptional() + @Type(() => Number) + @IsInt() + @Min(1) + @Max(12) + month?: number; + + @ApiPropertyOptional({ + description: 'Filter by active status', + example: true, + }) + @IsOptional() + @Transform(({ value }) => value === 'true' || value === true) + @IsBoolean() + isActive?: boolean; + + @ApiPropertyOptional({ + description: 'Sort field', + example: 'year', + enum: ['year', 'month', 'createdAt', 'updatedAt'], + }) + @IsOptional() + @IsString() + sortBy?: string; + + @ApiPropertyOptional({ + description: 'Sort order', + example: 'desc', + enum: ['asc', 'desc'], + }) + @IsOptional() + @IsString() + sortOrder?: 'asc' | 'desc'; +} + +/** + * DTO for querying dashboard statistics + */ +export class QueryS3DashboardDto { + @ApiPropertyOptional({ + description: 'Filter by year', + example: 2024, + }) + @IsOptional() + @Type(() => Number) + @IsInt() + year?: number; + + @ApiPropertyOptional({ + description: 'Filter by month (1-12)', + example: 1, + }) + @IsOptional() + @Type(() => Number) + @IsInt() + @Min(1) + @Max(12) + month?: number; +} + +/** + * DTO for querying overall statistics + */ +export class QueryS3StatisticsDto { + @ApiPropertyOptional({ + description: 'Filter by year', + example: 2024, + }) + @IsOptional() + @Type(() => Number) + @IsInt() + year?: number; + + @ApiPropertyOptional({ + description: 'Filter by department IDs (comma-separated)', + example: 'dept1,dept2', + }) + @IsOptional() + @IsString() + @Transform(({ value }) => (value ? value.split(',') : undefined)) + departmentIds?: string[]; +} diff --git a/apps/api/src/modules/lean/s3-planning/dto/update-status.dto.ts b/apps/api/src/modules/lean/s3-planning/dto/update-status.dto.ts new file mode 100644 index 0000000..52a1148 --- /dev/null +++ b/apps/api/src/modules/lean/s3-planning/dto/update-status.dto.ts @@ -0,0 +1,97 @@ +import { ApiProperty, ApiPropertyOptional } from '@nestjs/swagger'; +import { + IsString, + IsOptional, + IsEnum, + IsUrl, + MaxLength, +} from 'class-validator'; +import { S3StatusType } from '@prisma/client'; + +/** + * DTO for updating a S3 status entry + */ +export class UpdateS3StatusDto { + @ApiProperty({ + description: 'Status value (GREEN, YELLOW, RED, NOT_APPLICABLE)', + enum: S3StatusType, + example: S3StatusType.GREEN, + }) + @IsEnum(S3StatusType) + status: S3StatusType; + + @ApiPropertyOptional({ + description: 'URL to the uploaded photo', + example: '/uploads/s3/photo-123.jpg', + }) + @IsOptional() + @IsString() + photo?: string; + + @ApiPropertyOptional({ + description: 'Note or comment for this status entry', + example: 'Werkzeugablage wurde neu organisiert', + maxLength: 1000, + }) + @IsOptional() + @IsString() + @MaxLength(1000) + note?: string; +} + +/** + * DTO for batch updating multiple status entries + */ +export class BatchUpdateS3StatusDto { + @ApiProperty({ + description: 'Array of status updates', + type: 'array', + items: { + type: 'object', + properties: { + id: { type: 'string', description: 'Status entry ID' }, + status: { enum: ['GREEN', 'YELLOW', 'RED', 'NOT_APPLICABLE'] }, + photo: { type: 'string', nullable: true }, + note: { type: 'string', nullable: true }, + }, + }, + }) + updates: Array<{ + id: string; + status: S3StatusType; + photo?: string; + note?: string; + }>; +} + +/** + * DTO for updating a category + */ +export class UpdateS3CategoryDto { + @ApiPropertyOptional({ + description: 'Category name', + example: 'Werkzeugablage', + }) + @IsOptional() + @IsString() + name?: string; + + @ApiPropertyOptional({ + description: 'Sort order for display', + example: 1, + }) + @IsOptional() + sortOrder?: number; +} + +/** + * DTO for updating a plan + */ +export class UpdateS3PlanDto { + @ApiPropertyOptional({ + description: 'Whether the plan is active', + example: true, + }) + @IsOptional() + isActive?: boolean; +} diff --git a/apps/api/src/modules/lean/s3-planning/index.ts b/apps/api/src/modules/lean/s3-planning/index.ts new file mode 100644 index 0000000..a05bad5 --- /dev/null +++ b/apps/api/src/modules/lean/s3-planning/index.ts @@ -0,0 +1,4 @@ +export * from './s3-planning.module'; +export * from './s3-planning.service'; +export * from './s3-planning.controller'; +export * from './dto'; diff --git a/apps/api/src/modules/lean/s3-planning/s3-planning.controller.ts b/apps/api/src/modules/lean/s3-planning/s3-planning.controller.ts new file mode 100644 index 0000000..29ef943 --- /dev/null +++ b/apps/api/src/modules/lean/s3-planning/s3-planning.controller.ts @@ -0,0 +1,276 @@ +import { + Controller, + Get, + Post, + Put, + Delete, + Body, + Param, + Query, + UseInterceptors, + UploadedFile, + HttpCode, + HttpStatus, +} from '@nestjs/common'; +import { FileInterceptor } from '@nestjs/platform-express'; +import { + ApiTags, + ApiOperation, + ApiResponse, + ApiBearerAuth, + ApiParam, + ApiConsumes, + ApiBody, +} from '@nestjs/swagger'; +import { diskStorage } from 'multer'; +import { extname } from 'path'; +import { v4 as uuidv4 } from 'uuid'; +import { S3PlanningService } from './s3-planning.service'; +import { + CreateS3PlanDto, + AddS3CategoryDto, + UpdateS3StatusDto, + UpdateS3CategoryDto, + UpdateS3PlanDto, + QueryS3PlansDto, + QueryS3DashboardDto, + QueryS3StatisticsDto, +} from './dto'; +import { RequirePermissions } from '../../../auth/permissions/permissions.decorator'; +import { Permission } from '../../../auth/permissions/permissions.enum'; +import { AuditLog } from '../../audit/audit.interceptor'; +import { CurrentUser } from '../../../auth/decorators/current-user.decorator'; + +/** + * Multer storage configuration for S3 photo uploads + */ +const s3Storage = diskStorage({ + destination: './uploads/s3', + filename: (req, file, callback) => { + const uniqueSuffix = uuidv4(); + callback(null, `${uniqueSuffix}${extname(file.originalname)}`); + }, +}); + +/** + * File filter for image uploads + */ +const imageFileFilter = ( + req: Express.Request, + file: Express.Multer.File, + callback: (error: Error | null, acceptFile: boolean) => void, +) => { + if (!file.originalname.match(/\.(jpg|jpeg|png|gif|webp)$/i)) { + return callback(new Error('Only image files are allowed!'), false); + } + callback(null, true); +}; + +@ApiTags('lean/s3-planning') +@ApiBearerAuth('JWT-auth') +@Controller('lean/s3') +export class S3PlanningController { + constructor(private readonly s3PlanningService: S3PlanningService) {} + + // ==================== PLANS ==================== + + @Post('plans') + @RequirePermissions(Permission.S3_CREATE) + @AuditLog('S3Plan', 'CREATE') + @ApiOperation({ summary: 'Create a new 3S plan' }) + @ApiResponse({ status: 201, description: 'Plan created successfully' }) + @ApiResponse({ status: 400, description: 'Bad request' }) + @ApiResponse({ status: 401, description: 'Unauthorized' }) + @ApiResponse({ status: 403, description: 'Forbidden' }) + @ApiResponse({ status: 409, description: 'Plan already exists' }) + create(@Body() createDto: CreateS3PlanDto, @CurrentUser('sub') userId: string) { + return this.s3PlanningService.createPlan(createDto, userId); + } + + @Get('plans') + @RequirePermissions(Permission.S3_VIEW) + @ApiOperation({ summary: 'Get all 3S plans with filtering and pagination' }) + @ApiResponse({ status: 200, description: 'List of plans' }) + @ApiResponse({ status: 401, description: 'Unauthorized' }) + findAll(@Query() query: QueryS3PlansDto) { + return this.s3PlanningService.findAll(query); + } + + @Get('plans/:id') + @RequirePermissions(Permission.S3_VIEW) + @ApiOperation({ summary: 'Get a single 3S plan by ID' }) + @ApiParam({ name: 'id', description: 'Plan ID' }) + @ApiResponse({ status: 200, description: 'Plan found' }) + @ApiResponse({ status: 401, description: 'Unauthorized' }) + @ApiResponse({ status: 404, description: 'Plan not found' }) + findOne(@Param('id') id: string) { + return this.s3PlanningService.findOne(id); + } + + @Put('plans/:id') + @RequirePermissions(Permission.S3_UPDATE) + @AuditLog('S3Plan', 'UPDATE') + @ApiOperation({ summary: 'Update a 3S plan' }) + @ApiParam({ name: 'id', description: 'Plan ID' }) + @ApiResponse({ status: 200, description: 'Plan updated successfully' }) + @ApiResponse({ status: 401, description: 'Unauthorized' }) + @ApiResponse({ status: 403, description: 'Forbidden' }) + @ApiResponse({ status: 404, description: 'Plan not found' }) + update(@Param('id') id: string, @Body() updateDto: UpdateS3PlanDto) { + return this.s3PlanningService.updatePlan(id, updateDto); + } + + @Delete('plans/:id') + @RequirePermissions(Permission.S3_DELETE) + @AuditLog('S3Plan', 'DELETE') + @HttpCode(HttpStatus.OK) + @ApiOperation({ summary: 'Delete a 3S plan' }) + @ApiParam({ name: 'id', description: 'Plan ID' }) + @ApiResponse({ status: 200, description: 'Plan deleted successfully' }) + @ApiResponse({ status: 401, description: 'Unauthorized' }) + @ApiResponse({ status: 403, description: 'Forbidden' }) + @ApiResponse({ status: 404, description: 'Plan not found' }) + remove(@Param('id') id: string) { + return this.s3PlanningService.deletePlan(id); + } + + // ==================== CATEGORIES ==================== + + @Get('plans/:planId/categories') + @RequirePermissions(Permission.S3_VIEW) + @ApiOperation({ summary: 'Get categories for a plan' }) + @ApiParam({ name: 'planId', description: 'Plan ID' }) + @ApiResponse({ status: 200, description: 'List of categories' }) + @ApiResponse({ status: 401, description: 'Unauthorized' }) + @ApiResponse({ status: 404, description: 'Plan not found' }) + getCategories(@Param('planId') planId: string) { + return this.s3PlanningService.getCategories(planId); + } + + @Post('plans/:planId/categories') + @RequirePermissions(Permission.S3_UPDATE) + @AuditLog('S3Category', 'CREATE') + @ApiOperation({ summary: 'Add a category to a plan' }) + @ApiParam({ name: 'planId', description: 'Plan ID' }) + @ApiResponse({ status: 201, description: 'Category created successfully' }) + @ApiResponse({ status: 401, description: 'Unauthorized' }) + @ApiResponse({ status: 403, description: 'Forbidden' }) + @ApiResponse({ status: 404, description: 'Plan not found' }) + addCategory( + @Param('planId') planId: string, + @Body() addDto: AddS3CategoryDto, + ) { + return this.s3PlanningService.addCategory(planId, addDto); + } + + @Put('categories/:id') + @RequirePermissions(Permission.S3_UPDATE) + @AuditLog('S3Category', 'UPDATE') + @ApiOperation({ summary: 'Update a category' }) + @ApiParam({ name: 'id', description: 'Category ID' }) + @ApiResponse({ status: 200, description: 'Category updated successfully' }) + @ApiResponse({ status: 401, description: 'Unauthorized' }) + @ApiResponse({ status: 403, description: 'Forbidden' }) + @ApiResponse({ status: 404, description: 'Category not found' }) + updateCategory( + @Param('id') id: string, + @Body() updateDto: UpdateS3CategoryDto, + ) { + return this.s3PlanningService.updateCategory(id, updateDto); + } + + @Delete('categories/:id') + @RequirePermissions(Permission.S3_DELETE) + @AuditLog('S3Category', 'DELETE') + @HttpCode(HttpStatus.OK) + @ApiOperation({ summary: 'Delete a category' }) + @ApiParam({ name: 'id', description: 'Category ID' }) + @ApiResponse({ status: 200, description: 'Category deleted successfully' }) + @ApiResponse({ status: 401, description: 'Unauthorized' }) + @ApiResponse({ status: 403, description: 'Forbidden' }) + @ApiResponse({ status: 404, description: 'Category not found' }) + deleteCategory(@Param('id') id: string) { + return this.s3PlanningService.deleteCategory(id); + } + + // ==================== STATUS ==================== + + @Put('status/:id') + @RequirePermissions(Permission.S3_UPDATE) + @AuditLog('S3Status', 'UPDATE') + @ApiOperation({ summary: 'Update a status entry' }) + @ApiParam({ name: 'id', description: 'Status ID' }) + @ApiResponse({ status: 200, description: 'Status updated successfully' }) + @ApiResponse({ status: 401, description: 'Unauthorized' }) + @ApiResponse({ status: 403, description: 'Forbidden' }) + @ApiResponse({ status: 404, description: 'Status not found' }) + updateStatus( + @Param('id') id: string, + @Body() updateDto: UpdateS3StatusDto, + @CurrentUser('sub') userId: string, + ) { + return this.s3PlanningService.updateStatus(id, updateDto, userId); + } + + @Post('status/:id/photo') + @RequirePermissions(Permission.S3_UPDATE) + @UseInterceptors( + FileInterceptor('photo', { + storage: s3Storage, + fileFilter: imageFileFilter, + limits: { fileSize: 5 * 1024 * 1024 }, // 5MB max + }), + ) + @ApiOperation({ summary: 'Upload a photo for a status entry' }) + @ApiConsumes('multipart/form-data') + @ApiBody({ + schema: { + type: 'object', + properties: { + photo: { + type: 'string', + format: 'binary', + description: 'Image file (jpg, png, gif, webp)', + }, + }, + }, + }) + @ApiParam({ name: 'id', description: 'Status ID' }) + @ApiResponse({ status: 200, description: 'Photo uploaded successfully' }) + @ApiResponse({ status: 400, description: 'Invalid file' }) + @ApiResponse({ status: 401, description: 'Unauthorized' }) + @ApiResponse({ status: 404, description: 'Status not found' }) + uploadPhoto( + @Param('id') id: string, + @UploadedFile() file: Express.Multer.File, + @CurrentUser('sub') userId: string, + ) { + const photoPath = `/uploads/s3/${file.filename}`; + return this.s3PlanningService.uploadStatusPhoto(id, photoPath, userId); + } + + // ==================== DASHBOARD & STATISTICS ==================== + + @Get('dashboard/:departmentId') + @RequirePermissions(Permission.S3_VIEW) + @ApiOperation({ summary: 'Get dashboard data for a department' }) + @ApiParam({ name: 'departmentId', description: 'Department ID' }) + @ApiResponse({ status: 200, description: 'Dashboard data' }) + @ApiResponse({ status: 401, description: 'Unauthorized' }) + @ApiResponse({ status: 404, description: 'Department not found' }) + getDashboard( + @Param('departmentId') departmentId: string, + @Query() query: QueryS3DashboardDto, + ) { + return this.s3PlanningService.getDashboard(departmentId, query); + } + + @Get('statistics') + @RequirePermissions(Permission.S3_VIEW) + @ApiOperation({ summary: 'Get overall 3S statistics' }) + @ApiResponse({ status: 200, description: 'Statistics data' }) + @ApiResponse({ status: 401, description: 'Unauthorized' }) + getStatistics(@Query() query: QueryS3StatisticsDto) { + return this.s3PlanningService.getStatistics(query); + } +} diff --git a/apps/api/src/modules/lean/s3-planning/s3-planning.module.ts b/apps/api/src/modules/lean/s3-planning/s3-planning.module.ts new file mode 100644 index 0000000..1616344 --- /dev/null +++ b/apps/api/src/modules/lean/s3-planning/s3-planning.module.ts @@ -0,0 +1,27 @@ +import { Module } from '@nestjs/common'; +import { MulterModule } from '@nestjs/platform-express'; +import { S3PlanningController } from './s3-planning.controller'; +import { S3PlanningService } from './s3-planning.service'; + +/** + * Module for 3S (Seiri, Seiton, Seiso) Planning + * Part of LEAN Management functionality + * + * Features: + * - Plan creation and management + * - Category management (Sort, Set in Order, Shine) + * - Weekly status tracking with traffic light system + * - Photo documentation uploads + * - Department dashboard and statistics + */ +@Module({ + imports: [ + MulterModule.register({ + dest: './uploads/s3', + }), + ], + controllers: [S3PlanningController], + providers: [S3PlanningService], + exports: [S3PlanningService], +}) +export class S3PlanningModule {} diff --git a/apps/api/src/modules/lean/s3-planning/s3-planning.service.ts b/apps/api/src/modules/lean/s3-planning/s3-planning.service.ts new file mode 100644 index 0000000..101f3bf --- /dev/null +++ b/apps/api/src/modules/lean/s3-planning/s3-planning.service.ts @@ -0,0 +1,703 @@ +import { + Injectable, + NotFoundException, + ConflictException, + BadRequestException, +} from '@nestjs/common'; +import { PrismaService } from '../../../prisma/prisma.service'; +import { Prisma, S3StatusType, S3Type } from '@prisma/client'; +import { + CreateS3PlanDto, + AddS3CategoryDto, + UpdateS3StatusDto, + UpdateS3CategoryDto, + UpdateS3PlanDto, + QueryS3PlansDto, + QueryS3DashboardDto, + QueryS3StatisticsDto, +} from './dto'; + +/** + * Service for managing 3S (Seiri, Seiton, Seiso) planning + * Implements LEAN methodology for workplace organization + */ +@Injectable() +export class S3PlanningService { + constructor(private readonly prisma: PrismaService) {} + + /** + * Create a new 3S plan for a department + */ + async createPlan(dto: CreateS3PlanDto, userId: string) { + // Validate department exists + const department = await this.prisma.department.findUnique({ + where: { id: dto.departmentId }, + }); + + if (!department) { + throw new NotFoundException( + `Department with ID ${dto.departmentId} not found`, + ); + } + + // Check for existing plan + const existingPlan = await this.prisma.s3Plan.findUnique({ + where: { + departmentId_year_month: { + departmentId: dto.departmentId, + year: dto.year, + month: dto.month, + }, + }, + }); + + if (existingPlan) { + throw new ConflictException( + `Plan for ${dto.month}/${dto.year} already exists for this department`, + ); + } + + // Create plan with optional categories + const plan = await this.prisma.s3Plan.create({ + data: { + departmentId: dto.departmentId, + year: dto.year, + month: dto.month, + isActive: dto.isActive ?? true, + createdById: userId, + categories: dto.categories + ? { + create: dto.categories.map((cat, index) => ({ + name: cat.name, + s3Type: cat.s3Type, + sortOrder: cat.sortOrder ?? index, + })), + } + : undefined, + }, + include: { + department: true, + createdBy: { + select: { + id: true, + firstName: true, + lastName: true, + email: true, + }, + }, + categories: { + orderBy: { sortOrder: 'asc' }, + include: { + statuses: true, + }, + }, + }, + }); + + // Initialize status entries for all weeks if categories exist + if (plan.categories.length > 0) { + const weeks = this.getWeeksForMonth(dto.year, dto.month); + const statusData: Prisma.S3StatusCreateManyInput[] = []; + + for (const category of plan.categories) { + for (const week of weeks) { + statusData.push({ + categoryId: category.id, + week: week, + status: S3StatusType.NOT_APPLICABLE, + }); + } + } + + await this.prisma.s3Status.createMany({ data: statusData }); + } + + // Return updated plan with statuses + return this.findOne(plan.id); + } + + /** + * Get all plans with filtering and pagination + */ + async findAll(query: QueryS3PlansDto) { + const { + page = 1, + limit = 20, + departmentId, + year, + month, + isActive, + sortBy = 'createdAt', + sortOrder = 'desc', + } = query; + const skip = (page - 1) * limit; + + const where: Prisma.S3PlanWhereInput = { + ...(departmentId && { departmentId }), + ...(year && { year }), + ...(month && { month }), + ...(isActive !== undefined && { isActive }), + }; + + const orderBy: Prisma.S3PlanOrderByWithRelationInput = { + [sortBy]: sortOrder, + }; + + const [plans, total] = await Promise.all([ + this.prisma.s3Plan.findMany({ + where, + skip, + take: limit, + orderBy, + include: { + department: true, + createdBy: { + select: { + id: true, + firstName: true, + lastName: true, + email: true, + }, + }, + _count: { + select: { + categories: true, + }, + }, + }, + }), + this.prisma.s3Plan.count({ where }), + ]); + + // Calculate progress for each plan + const plansWithProgress = await Promise.all( + plans.map(async (plan) => { + const progress = await this.calculatePlanProgress(plan.id); + return { ...plan, progress }; + }), + ); + + return { + data: plansWithProgress, + meta: { + total, + page, + limit, + totalPages: Math.ceil(total / limit), + }, + }; + } + + /** + * Get a single plan by ID with all related data + */ + async findOne(id: string) { + const plan = await this.prisma.s3Plan.findUnique({ + where: { id }, + include: { + department: true, + createdBy: { + select: { + id: true, + firstName: true, + lastName: true, + email: true, + }, + }, + categories: { + orderBy: { sortOrder: 'asc' }, + include: { + statuses: { + orderBy: { week: 'asc' }, + include: { + completedBy: { + select: { + id: true, + firstName: true, + lastName: true, + }, + }, + }, + }, + }, + }, + }, + }); + + if (!plan) { + throw new NotFoundException(`Plan with ID ${id} not found`); + } + + const progress = await this.calculatePlanProgress(id); + return { ...plan, progress }; + } + + /** + * Update a plan + */ + async updatePlan(id: string, dto: UpdateS3PlanDto) { + await this.findOne(id); + + return this.prisma.s3Plan.update({ + where: { id }, + data: dto, + include: { + department: true, + categories: { + orderBy: { sortOrder: 'asc' }, + }, + }, + }); + } + + /** + * Delete a plan + */ + async deletePlan(id: string) { + await this.findOne(id); + + return this.prisma.s3Plan.delete({ + where: { id }, + }); + } + + /** + * Add a category to an existing plan + */ + async addCategory(planId: string, dto: AddS3CategoryDto) { + const plan = await this.findOne(planId); + + // Get max sort order + const maxSortOrder = await this.prisma.s3Category.aggregate({ + where: { planId }, + _max: { sortOrder: true }, + }); + + const category = await this.prisma.s3Category.create({ + data: { + planId, + name: dto.name, + s3Type: dto.s3Type, + sortOrder: dto.sortOrder ?? (maxSortOrder._max.sortOrder ?? 0) + 1, + }, + }); + + // Initialize status entries for all weeks + const weeks = this.getWeeksForMonth(plan.year, plan.month); + const statusData: Prisma.S3StatusCreateManyInput[] = weeks.map((week) => ({ + categoryId: category.id, + week, + status: S3StatusType.NOT_APPLICABLE, + })); + + await this.prisma.s3Status.createMany({ data: statusData }); + + return this.prisma.s3Category.findUnique({ + where: { id: category.id }, + include: { + statuses: { + orderBy: { week: 'asc' }, + }, + }, + }); + } + + /** + * Update a category + */ + async updateCategory(id: string, dto: UpdateS3CategoryDto) { + const category = await this.prisma.s3Category.findUnique({ + where: { id }, + }); + + if (!category) { + throw new NotFoundException(`Category with ID ${id} not found`); + } + + return this.prisma.s3Category.update({ + where: { id }, + data: dto, + include: { + statuses: { + orderBy: { week: 'asc' }, + }, + }, + }); + } + + /** + * Delete a category + */ + async deleteCategory(id: string) { + const category = await this.prisma.s3Category.findUnique({ + where: { id }, + }); + + if (!category) { + throw new NotFoundException(`Category with ID ${id} not found`); + } + + return this.prisma.s3Category.delete({ + where: { id }, + }); + } + + /** + * Get categories for a plan + */ + async getCategories(planId: string) { + await this.findOne(planId); + + return this.prisma.s3Category.findMany({ + where: { planId }, + orderBy: { sortOrder: 'asc' }, + include: { + statuses: { + orderBy: { week: 'asc' }, + include: { + completedBy: { + select: { + id: true, + firstName: true, + lastName: true, + }, + }, + }, + }, + }, + }); + } + + /** + * Update a status entry + */ + async updateStatus(id: string, dto: UpdateS3StatusDto, userId: string) { + const status = await this.prisma.s3Status.findUnique({ + where: { id }, + }); + + if (!status) { + throw new NotFoundException(`Status with ID ${id} not found`); + } + + const isCompleting = dto.status === S3StatusType.GREEN; + const wasCompleted = status.status === S3StatusType.GREEN; + + return this.prisma.s3Status.update({ + where: { id }, + data: { + status: dto.status, + photo: dto.photo, + note: dto.note, + completedAt: + isCompleting && !wasCompleted + ? new Date() + : !isCompleting + ? null + : undefined, + completedById: + isCompleting && !wasCompleted ? userId : !isCompleting ? null : undefined, + }, + include: { + completedBy: { + select: { + id: true, + firstName: true, + lastName: true, + }, + }, + category: true, + }, + }); + } + + /** + * Upload photo for a status entry + */ + async uploadStatusPhoto(id: string, photoPath: string, userId: string) { + const status = await this.prisma.s3Status.findUnique({ + where: { id }, + }); + + if (!status) { + throw new NotFoundException(`Status with ID ${id} not found`); + } + + return this.prisma.s3Status.update({ + where: { id }, + data: { + photo: photoPath, + }, + }); + } + + /** + * Get dashboard data for a department + */ + async getDashboard(departmentId: string, query: QueryS3DashboardDto) { + // Validate department + const department = await this.prisma.department.findUnique({ + where: { id: departmentId }, + }); + + if (!department) { + throw new NotFoundException( + `Department with ID ${departmentId} not found`, + ); + } + + const now = new Date(); + const year = query.year ?? now.getFullYear(); + const month = query.month ?? now.getMonth() + 1; + + // Get current plan + const currentPlan = await this.prisma.s3Plan.findUnique({ + where: { + departmentId_year_month: { + departmentId, + year, + month, + }, + }, + include: { + categories: { + orderBy: { sortOrder: 'asc' }, + include: { + statuses: { + orderBy: { week: 'asc' }, + }, + }, + }, + }, + }); + + // Calculate statistics + const stats = await this.calculateDepartmentStats(departmentId, year); + + return { + department, + year, + month, + currentPlan, + stats, + }; + } + + /** + * Get overall statistics + */ + async getStatistics(query: QueryS3StatisticsDto) { + const year = query.year ?? new Date().getFullYear(); + + const where: Prisma.S3PlanWhereInput = { + year, + ...(query.departmentIds && { + departmentId: { in: query.departmentIds }, + }), + }; + + // Get all plans for the year + const plans = await this.prisma.s3Plan.findMany({ + where, + include: { + department: true, + categories: { + include: { + statuses: true, + }, + }, + }, + }); + + // Calculate overall statistics + let totalStatuses = 0; + let greenCount = 0; + let yellowCount = 0; + let redCount = 0; + let notApplicableCount = 0; + + const byType: Record = { + [S3Type.SEIRI]: { total: 0, completed: 0 }, + [S3Type.SEITON]: { total: 0, completed: 0 }, + [S3Type.SEISO]: { total: 0, completed: 0 }, + }; + + const byDepartment: Record< + string, + { name: string; total: number; completed: number } + > = {}; + + for (const plan of plans) { + if (!byDepartment[plan.departmentId]) { + byDepartment[plan.departmentId] = { + name: plan.department.name, + total: 0, + completed: 0, + }; + } + + for (const category of plan.categories) { + byType[category.s3Type].total += category.statuses.length; + + for (const status of category.statuses) { + totalStatuses++; + byDepartment[plan.departmentId].total++; + + switch (status.status) { + case S3StatusType.GREEN: + greenCount++; + byType[category.s3Type].completed++; + byDepartment[plan.departmentId].completed++; + break; + case S3StatusType.YELLOW: + yellowCount++; + break; + case S3StatusType.RED: + redCount++; + break; + case S3StatusType.NOT_APPLICABLE: + notApplicableCount++; + break; + } + } + } + } + + const completionRate = + totalStatuses > 0 ? Math.round((greenCount / totalStatuses) * 100) : 0; + + return { + year, + totalPlans: plans.length, + totalStatuses, + statusCounts: { + green: greenCount, + yellow: yellowCount, + red: redCount, + notApplicable: notApplicableCount, + }, + completionRate, + byType: Object.entries(byType).map(([type, data]) => ({ + type, + ...data, + completionRate: + data.total > 0 + ? Math.round((data.completed / data.total) * 100) + : 0, + })), + byDepartment: Object.entries(byDepartment).map(([id, data]) => ({ + departmentId: id, + ...data, + completionRate: + data.total > 0 + ? Math.round((data.completed / data.total) * 100) + : 0, + })), + }; + } + + /** + * Calculate progress percentage for a plan + */ + private async calculatePlanProgress(planId: string): Promise { + const result = await this.prisma.s3Status.groupBy({ + by: ['status'], + where: { + category: { + planId, + }, + }, + _count: true, + }); + + const total = result.reduce((sum, r) => sum + r._count, 0); + const completed = + result.find((r) => r.status === S3StatusType.GREEN)?._count || 0; + + return total > 0 ? Math.round((completed / total) * 100) : 0; + } + + /** + * Calculate department statistics for a year + */ + private async calculateDepartmentStats( + departmentId: string, + year: number, + ) { + const plans = await this.prisma.s3Plan.findMany({ + where: { departmentId, year }, + include: { + categories: { + include: { + statuses: true, + }, + }, + }, + }); + + let total = 0; + let completed = 0; + let inProgress = 0; + let issues = 0; + + for (const plan of plans) { + for (const category of plan.categories) { + for (const status of category.statuses) { + total++; + switch (status.status) { + case S3StatusType.GREEN: + completed++; + break; + case S3StatusType.YELLOW: + inProgress++; + break; + case S3StatusType.RED: + issues++; + break; + } + } + } + } + + return { + totalPlans: plans.length, + totalEntries: total, + completed, + inProgress, + issues, + completionRate: total > 0 ? Math.round((completed / total) * 100) : 0, + }; + } + + /** + * Get ISO weeks that fall within a given month + */ + private getWeeksForMonth(year: number, month: number): number[] { + const weeks: Set = new Set(); + const firstDay = new Date(year, month - 1, 1); + const lastDay = new Date(year, month, 0); + + for ( + let day = new Date(firstDay); + day <= lastDay; + day.setDate(day.getDate() + 1) + ) { + weeks.add(this.getISOWeek(day)); + } + + return Array.from(weeks).sort((a, b) => a - b); + } + + /** + * Get ISO week number for a date + */ + private getISOWeek(date: Date): number { + const d = new Date( + Date.UTC(date.getFullYear(), date.getMonth(), date.getDate()), + ); + const dayNum = d.getUTCDay() || 7; + d.setUTCDate(d.getUTCDate() + 4 - dayNum); + const yearStart = new Date(Date.UTC(d.getUTCFullYear(), 0, 1)); + return Math.ceil(((d.getTime() - yearStart.getTime()) / 86400000 + 1) / 7); + } +} diff --git a/apps/api/src/modules/lean/skill-matrix/dto/bulk-skill-entry.dto.ts b/apps/api/src/modules/lean/skill-matrix/dto/bulk-skill-entry.dto.ts new file mode 100644 index 0000000..03a2f4e --- /dev/null +++ b/apps/api/src/modules/lean/skill-matrix/dto/bulk-skill-entry.dto.ts @@ -0,0 +1,75 @@ +import { ApiProperty, ApiPropertyOptional } from '@nestjs/swagger'; +import { + IsString, + IsOptional, + IsInt, + Min, + Max, + IsDateString, + IsArray, + ValidateNested, + ArrayMinSize, + MaxLength, +} from 'class-validator'; +import { Type } from 'class-transformer'; + +/** + * Single entry in a bulk assessment + */ +export class BulkSkillEntryItem { + @ApiProperty({ + description: 'Employee ID being assessed', + example: 'clx123abc', + }) + @IsString() + employeeId: string; + + @ApiProperty({ + description: 'Skill ID being assessed', + example: 'clx456def', + }) + @IsString() + skillId: string; + + @ApiProperty({ + description: 'Skill level (0-4)', + example: 2, + minimum: 0, + maximum: 4, + }) + @IsInt() + @Min(0) + @Max(4) + level: number; + + @ApiPropertyOptional({ + description: 'Assessment notes', + maxLength: 1000, + }) + @IsOptional() + @IsString() + @MaxLength(1000) + notes?: string; + + @ApiPropertyOptional({ + description: 'Date for next review', + }) + @IsOptional() + @IsDateString() + nextReview?: string; +} + +/** + * DTO for bulk creating/updating skill matrix entries + */ +export class BulkSkillEntryDto { + @ApiProperty({ + description: 'Array of skill entries to create or update', + type: [BulkSkillEntryItem], + }) + @IsArray() + @ValidateNested({ each: true }) + @ArrayMinSize(1) + @Type(() => BulkSkillEntryItem) + entries: BulkSkillEntryItem[]; +} diff --git a/apps/api/src/modules/lean/skill-matrix/dto/create-skill-entry.dto.ts b/apps/api/src/modules/lean/skill-matrix/dto/create-skill-entry.dto.ts new file mode 100644 index 0000000..6dc442e --- /dev/null +++ b/apps/api/src/modules/lean/skill-matrix/dto/create-skill-entry.dto.ts @@ -0,0 +1,58 @@ +import { ApiProperty, ApiPropertyOptional } from '@nestjs/swagger'; +import { + IsString, + IsOptional, + IsInt, + Min, + Max, + IsDateString, + MaxLength, +} from 'class-validator'; + +/** + * DTO for creating a skill matrix entry (assessment) + */ +export class CreateSkillEntryDto { + @ApiProperty({ + description: 'Employee ID being assessed', + example: 'clx123abc', + }) + @IsString() + employeeId: string; + + @ApiProperty({ + description: 'Skill ID being assessed', + example: 'clx456def', + }) + @IsString() + skillId: string; + + @ApiProperty({ + description: 'Skill level (0-4): 0=None, 1=Basic, 2=Independent, 3=Expert, 4=Trainer', + example: 2, + minimum: 0, + maximum: 4, + }) + @IsInt() + @Min(0) + @Max(4) + level: number; + + @ApiPropertyOptional({ + description: 'Assessment notes', + example: 'Good progress, needs more practice with aluminum', + maxLength: 1000, + }) + @IsOptional() + @IsString() + @MaxLength(1000) + notes?: string; + + @ApiPropertyOptional({ + description: 'Date for next review', + example: '2024-06-15', + }) + @IsOptional() + @IsDateString() + nextReview?: string; +} diff --git a/apps/api/src/modules/lean/skill-matrix/dto/create-skill.dto.ts b/apps/api/src/modules/lean/skill-matrix/dto/create-skill.dto.ts new file mode 100644 index 0000000..a6cc5da --- /dev/null +++ b/apps/api/src/modules/lean/skill-matrix/dto/create-skill.dto.ts @@ -0,0 +1,74 @@ +import { ApiProperty, ApiPropertyOptional } from '@nestjs/swagger'; +import { + IsString, + IsOptional, + IsBoolean, + IsInt, + Min, + Max, + MinLength, + MaxLength, +} from 'class-validator'; + +/** + * DTO for creating a new skill + */ +export class CreateSkillDto { + @ApiProperty({ + description: 'Name of the skill', + example: 'Schweißen (WIG)', + minLength: 2, + maxLength: 100, + }) + @IsString() + @MinLength(2) + @MaxLength(100) + name: string; + + @ApiPropertyOptional({ + description: 'Detailed description of the skill', + example: 'WIG-Schweißverfahren für Edelstahl und Aluminium', + maxLength: 500, + }) + @IsOptional() + @IsString() + @MaxLength(500) + description?: string; + + @ApiPropertyOptional({ + description: 'Category of the skill', + example: 'technical', + enum: ['technical', 'softSkills', 'processes', 'safety', 'quality'], + }) + @IsOptional() + @IsString() + category?: string; + + @ApiPropertyOptional({ + description: 'Department ID (null for company-wide skills)', + example: 'clx123abc', + }) + @IsOptional() + @IsString() + departmentId?: string; + + @ApiPropertyOptional({ + description: 'Target skill level for the department (0-4)', + example: 2, + minimum: 0, + maximum: 4, + }) + @IsOptional() + @IsInt() + @Min(0) + @Max(4) + targetLevel?: number; + + @ApiPropertyOptional({ + description: 'Whether the skill is active', + default: true, + }) + @IsOptional() + @IsBoolean() + isActive?: boolean; +} diff --git a/apps/api/src/modules/lean/skill-matrix/dto/index.ts b/apps/api/src/modules/lean/skill-matrix/dto/index.ts new file mode 100644 index 0000000..dbad4f5 --- /dev/null +++ b/apps/api/src/modules/lean/skill-matrix/dto/index.ts @@ -0,0 +1,6 @@ +export * from './create-skill.dto'; +export * from './update-skill.dto'; +export * from './query-skills.dto'; +export * from './create-skill-entry.dto'; +export * from './update-skill-entry.dto'; +export * from './bulk-skill-entry.dto'; diff --git a/apps/api/src/modules/lean/skill-matrix/dto/query-skills.dto.ts b/apps/api/src/modules/lean/skill-matrix/dto/query-skills.dto.ts new file mode 100644 index 0000000..986e7a4 --- /dev/null +++ b/apps/api/src/modules/lean/skill-matrix/dto/query-skills.dto.ts @@ -0,0 +1,86 @@ +import { ApiPropertyOptional } from '@nestjs/swagger'; +import { IsOptional, IsString, IsBoolean, IsInt, Min } from 'class-validator'; +import { Transform, Type } from 'class-transformer'; + +/** + * DTO for querying skills with filters and pagination + */ +export class QuerySkillsDto { + @ApiPropertyOptional({ + description: 'Page number for pagination', + default: 1, + minimum: 1, + }) + @IsOptional() + @Type(() => Number) + @IsInt() + @Min(1) + page?: number = 1; + + @ApiPropertyOptional({ + description: 'Number of items per page', + default: 20, + minimum: 1, + maximum: 100, + }) + @IsOptional() + @Type(() => Number) + @IsInt() + @Min(1) + limit?: number = 20; + + @ApiPropertyOptional({ + description: 'Search term for skill name', + }) + @IsOptional() + @IsString() + search?: string; + + @ApiPropertyOptional({ + description: 'Filter by department ID', + }) + @IsOptional() + @IsString() + departmentId?: string; + + @ApiPropertyOptional({ + description: 'Filter by category', + enum: ['technical', 'softSkills', 'processes', 'safety', 'quality'], + }) + @IsOptional() + @IsString() + category?: string; + + @ApiPropertyOptional({ + description: 'Filter by active status', + }) + @IsOptional() + @Transform(({ value }) => value === 'true' || value === true) + @IsBoolean() + isActive?: boolean; + + @ApiPropertyOptional({ + description: 'Include company-wide skills (departmentId = null)', + default: true, + }) + @IsOptional() + @Transform(({ value }) => value === 'true' || value === true) + @IsBoolean() + includeGlobal?: boolean = true; + + @ApiPropertyOptional({ + description: 'Sort field', + enum: ['name', 'category', 'createdAt', 'updatedAt'], + }) + @IsOptional() + @IsString() + sortBy?: string; + + @ApiPropertyOptional({ + description: 'Sort order', + enum: ['asc', 'desc'], + }) + @IsOptional() + @IsString() + sortOrder?: 'asc' | 'desc'; +} diff --git a/apps/api/src/modules/lean/skill-matrix/dto/update-skill-entry.dto.ts b/apps/api/src/modules/lean/skill-matrix/dto/update-skill-entry.dto.ts new file mode 100644 index 0000000..1e770f8 --- /dev/null +++ b/apps/api/src/modules/lean/skill-matrix/dto/update-skill-entry.dto.ts @@ -0,0 +1,45 @@ +import { ApiPropertyOptional } from '@nestjs/swagger'; +import { + IsOptional, + IsInt, + Min, + Max, + IsDateString, + IsString, + MaxLength, +} from 'class-validator'; + +/** + * DTO for updating a skill matrix entry + */ +export class UpdateSkillEntryDto { + @ApiPropertyOptional({ + description: 'Skill level (0-4): 0=None, 1=Basic, 2=Independent, 3=Expert, 4=Trainer', + example: 3, + minimum: 0, + maximum: 4, + }) + @IsOptional() + @IsInt() + @Min(0) + @Max(4) + level?: number; + + @ApiPropertyOptional({ + description: 'Assessment notes', + example: 'Promoted to expert level after successful training completion', + maxLength: 1000, + }) + @IsOptional() + @IsString() + @MaxLength(1000) + notes?: string; + + @ApiPropertyOptional({ + description: 'Date for next review', + example: '2024-12-15', + }) + @IsOptional() + @IsDateString() + nextReview?: string; +} diff --git a/apps/api/src/modules/lean/skill-matrix/dto/update-skill.dto.ts b/apps/api/src/modules/lean/skill-matrix/dto/update-skill.dto.ts new file mode 100644 index 0000000..bcec119 --- /dev/null +++ b/apps/api/src/modules/lean/skill-matrix/dto/update-skill.dto.ts @@ -0,0 +1,7 @@ +import { PartialType } from '@nestjs/swagger'; +import { CreateSkillDto } from './create-skill.dto'; + +/** + * DTO for updating an existing skill + */ +export class UpdateSkillDto extends PartialType(CreateSkillDto) {} diff --git a/apps/api/src/modules/lean/skill-matrix/index.ts b/apps/api/src/modules/lean/skill-matrix/index.ts new file mode 100644 index 0000000..e1e7119 --- /dev/null +++ b/apps/api/src/modules/lean/skill-matrix/index.ts @@ -0,0 +1,6 @@ +export * from './skill-matrix.module'; +export * from './skills.service'; +export * from './skills.controller'; +export * from './skill-entries.service'; +export * from './skill-entries.controller'; +export * from './dto'; diff --git a/apps/api/src/modules/lean/skill-matrix/skill-entries.controller.ts b/apps/api/src/modules/lean/skill-matrix/skill-entries.controller.ts new file mode 100644 index 0000000..b5d20b1 --- /dev/null +++ b/apps/api/src/modules/lean/skill-matrix/skill-entries.controller.ts @@ -0,0 +1,243 @@ +import { + Controller, + Get, + Post, + Body, + Put, + Param, + Delete, + Query, + HttpCode, + HttpStatus, + Req, +} from '@nestjs/common'; +import { + ApiTags, + ApiOperation, + ApiResponse, + ApiBearerAuth, + ApiParam, + ApiQuery, +} from '@nestjs/swagger'; +import { SkillEntriesService } from './skill-entries.service'; +import { + CreateSkillEntryDto, + UpdateSkillEntryDto, + BulkSkillEntryDto, +} from './dto'; +import { Roles } from '../../../auth/decorators/roles.decorator'; +import { RequirePermissions } from '../../../auth/permissions/permissions.decorator'; +import { Permission } from '../../../auth/permissions/permissions.enum'; +import { AuditLog } from '../../audit/audit.interceptor'; +import { Request } from 'express'; + +interface AuthenticatedRequest extends Request { + user: { + id: string; + email: string; + [key: string]: any; + }; +} + +@ApiTags('lean/skill-matrix') +@ApiBearerAuth('JWT-auth') +@Controller('lean/skill-matrix') +export class SkillEntriesController { + constructor(private readonly skillEntriesService: SkillEntriesService) {} + + // ========================================== + // Matrix Views + // ========================================== + + @Get(':departmentId') + @RequirePermissions(Permission.SKILLS_VIEW) + @ApiOperation({ summary: 'Get full skill matrix for a department' }) + @ApiParam({ name: 'departmentId', description: 'Department ID' }) + @ApiResponse({ + status: 200, + description: 'Skill matrix for the department', + }) + @ApiResponse({ status: 401, description: 'Unauthorized' }) + @ApiResponse({ status: 404, description: 'Department not found' }) + getMatrixForDepartment(@Param('departmentId') departmentId: string) { + return this.skillEntriesService.getMatrixForDepartment(departmentId); + } + + @Get('employee/:employeeId') + @RequirePermissions(Permission.SKILLS_VIEW) + @ApiOperation({ summary: 'Get all skills for an employee' }) + @ApiParam({ name: 'employeeId', description: 'Employee ID' }) + @ApiResponse({ + status: 200, + description: 'Employee skill profile', + }) + @ApiResponse({ status: 401, description: 'Unauthorized' }) + @ApiResponse({ status: 404, description: 'Employee not found' }) + getEmployeeSkills(@Param('employeeId') employeeId: string) { + return this.skillEntriesService.getEmployeeSkills(employeeId); + } + + // ========================================== + // Analytics + // ========================================== + + @Get('analysis/:departmentId') + @RequirePermissions(Permission.SKILLS_VIEW) + @ApiOperation({ summary: 'Get skill gap analysis for a department' }) + @ApiParam({ name: 'departmentId', description: 'Department ID' }) + @ApiQuery({ + name: 'targetLevel', + required: false, + description: 'Target level for comparison (default: 2)', + type: Number, + }) + @ApiResponse({ + status: 200, + description: 'Skill gap analysis', + }) + @ApiResponse({ status: 401, description: 'Unauthorized' }) + @ApiResponse({ status: 404, description: 'Department not found' }) + analyzeGaps( + @Param('departmentId') departmentId: string, + @Query('targetLevel') targetLevel?: number, + ) { + return this.skillEntriesService.analyzeGaps( + departmentId, + targetLevel ? Number(targetLevel) : 2, + ); + } + + @Get('gaps/:departmentId') + @RequirePermissions(Permission.SKILLS_VIEW) + @ApiOperation({ summary: 'Get skill gaps for a department (alias for analysis)' }) + @ApiParam({ name: 'departmentId', description: 'Department ID' }) + @ApiQuery({ + name: 'targetLevel', + required: false, + description: 'Target level for comparison (default: 2)', + type: Number, + }) + @ApiResponse({ + status: 200, + description: 'Skill gaps', + }) + @ApiResponse({ status: 401, description: 'Unauthorized' }) + @ApiResponse({ status: 404, description: 'Department not found' }) + getGaps( + @Param('departmentId') departmentId: string, + @Query('targetLevel') targetLevel?: number, + ) { + return this.skillEntriesService.analyzeGaps( + departmentId, + targetLevel ? Number(targetLevel) : 2, + ); + } + + @Get('coverage/:skillId') + @RequirePermissions(Permission.SKILLS_VIEW) + @ApiOperation({ summary: 'Get coverage statistics for a skill' }) + @ApiParam({ name: 'skillId', description: 'Skill ID' }) + @ApiResponse({ + status: 200, + description: 'Skill coverage statistics', + }) + @ApiResponse({ status: 401, description: 'Unauthorized' }) + @ApiResponse({ status: 404, description: 'Skill not found' }) + getSkillCoverage(@Param('skillId') skillId: string) { + return this.skillEntriesService.getSkillCoverage(skillId); + } + + @Get('trainers/:skillId') + @RequirePermissions(Permission.SKILLS_VIEW) + @ApiOperation({ summary: 'Get potential trainers for a skill (level 4)' }) + @ApiParam({ name: 'skillId', description: 'Skill ID' }) + @ApiResponse({ + status: 200, + description: 'List of potential trainers', + }) + @ApiResponse({ status: 401, description: 'Unauthorized' }) + @ApiResponse({ status: 404, description: 'Skill not found' }) + getTrainers(@Param('skillId') skillId: string) { + return this.skillEntriesService.getTrainers(skillId); + } + + // ========================================== + // CRUD Operations for Entries + // ========================================== + + @Post('entries') + @Roles('admin', 'hr-manager', 'team-lead') + @RequirePermissions(Permission.SKILLS_ASSESS) + @AuditLog('SkillMatrixEntry', 'CREATE') + @ApiOperation({ summary: 'Create a new skill assessment' }) + @ApiResponse({ + status: 201, + description: 'Assessment created successfully', + }) + @ApiResponse({ status: 400, description: 'Bad request or entry already exists' }) + @ApiResponse({ status: 401, description: 'Unauthorized' }) + @ApiResponse({ status: 403, description: 'Forbidden' }) + @ApiResponse({ status: 404, description: 'Employee or skill not found' }) + createEntry( + @Body() createDto: CreateSkillEntryDto, + @Req() req: AuthenticatedRequest, + ) { + return this.skillEntriesService.create(createDto, req.user.id); + } + + @Put('entries/:id') + @Roles('admin', 'hr-manager', 'team-lead') + @RequirePermissions(Permission.SKILLS_ASSESS) + @AuditLog('SkillMatrixEntry', 'UPDATE') + @ApiOperation({ summary: 'Update a skill assessment' }) + @ApiParam({ name: 'id', description: 'Entry ID' }) + @ApiResponse({ + status: 200, + description: 'Assessment updated successfully', + }) + @ApiResponse({ status: 400, description: 'Bad request' }) + @ApiResponse({ status: 401, description: 'Unauthorized' }) + @ApiResponse({ status: 403, description: 'Forbidden' }) + @ApiResponse({ status: 404, description: 'Entry not found' }) + updateEntry( + @Param('id') id: string, + @Body() updateDto: UpdateSkillEntryDto, + @Req() req: AuthenticatedRequest, + ) { + return this.skillEntriesService.update(id, updateDto, req.user.id); + } + + @Delete('entries/:id') + @Roles('admin', 'hr-manager') + @RequirePermissions(Permission.SKILLS_MANAGE) + @AuditLog('SkillMatrixEntry', 'DELETE') + @HttpCode(HttpStatus.OK) + @ApiOperation({ summary: 'Delete a skill assessment' }) + @ApiParam({ name: 'id', description: 'Entry ID' }) + @ApiResponse({ + status: 200, + description: 'Assessment deleted successfully', + }) + @ApiResponse({ status: 401, description: 'Unauthorized' }) + @ApiResponse({ status: 403, description: 'Forbidden' }) + @ApiResponse({ status: 404, description: 'Entry not found' }) + deleteEntry(@Param('id') id: string) { + return this.skillEntriesService.remove(id); + } + + @Post('entries/bulk') + @Roles('admin', 'hr-manager', 'team-lead') + @RequirePermissions(Permission.SKILLS_ASSESS) + @AuditLog('SkillMatrixEntry', 'BULK_UPSERT') + @ApiOperation({ summary: 'Bulk create or update skill assessments' }) + @ApiResponse({ + status: 201, + description: 'Assessments processed successfully', + }) + @ApiResponse({ status: 400, description: 'Bad request' }) + @ApiResponse({ status: 401, description: 'Unauthorized' }) + @ApiResponse({ status: 403, description: 'Forbidden' }) + bulkUpsert(@Body() bulkDto: BulkSkillEntryDto, @Req() req: AuthenticatedRequest) { + return this.skillEntriesService.bulkUpsert(bulkDto, req.user.id); + } +} diff --git a/apps/api/src/modules/lean/skill-matrix/skill-entries.service.ts b/apps/api/src/modules/lean/skill-matrix/skill-entries.service.ts new file mode 100644 index 0000000..b5d4648 --- /dev/null +++ b/apps/api/src/modules/lean/skill-matrix/skill-entries.service.ts @@ -0,0 +1,674 @@ +import { + Injectable, + NotFoundException, + BadRequestException, +} from '@nestjs/common'; +import { PrismaService } from '../../../prisma/prisma.service'; +import { + CreateSkillEntryDto, + UpdateSkillEntryDto, + BulkSkillEntryDto, +} from './dto'; +import { SkillLevel } from '@prisma/client'; + +/** + * Mapping from numeric level to SkillLevel enum + */ +const SKILL_LEVEL_MAP: Record = { + 0: SkillLevel.NONE, + 1: SkillLevel.BEGINNER, + 2: SkillLevel.INTERMEDIATE, + 3: SkillLevel.ADVANCED, + 4: SkillLevel.TRAINER, +}; + +/** + * Reverse mapping from SkillLevel enum to numeric level + */ +const SKILL_LEVEL_REVERSE_MAP: Record = { + [SkillLevel.NONE]: 0, + [SkillLevel.BEGINNER]: 1, + [SkillLevel.INTERMEDIATE]: 2, + [SkillLevel.ADVANCED]: 3, + [SkillLevel.EXPERT]: 3, // Map EXPERT to 3 as well + [SkillLevel.TRAINER]: 4, +}; + +/** + * Interface for skill gap analysis result + */ +export interface SkillGapAnalysis { + skillId: string; + skillName: string; + category: string | null; + targetLevel: number; + averageLevel: number; + gap: number; + employeesBelow: number; + employeesAtOrAbove: number; + totalEmployees: number; +} + +/** + * Interface for skill coverage result + */ +export interface SkillCoverage { + skillId: string; + skillName: string; + levelDistribution: Record; + totalAssessed: number; + coverage: number; + averageLevel: number; +} + +/** + * Service for managing skill matrix entries (assessments) + */ +@Injectable() +export class SkillEntriesService { + constructor(private readonly prisma: PrismaService) {} + + /** + * Get full skill matrix for a department + */ + async getMatrixForDepartment(departmentId: string) { + // Verify department exists + const department = await this.prisma.department.findUnique({ + where: { id: departmentId }, + include: { + users: { + where: { isActive: true }, + include: { + employee: true, + }, + }, + }, + }); + + if (!department) { + throw new NotFoundException(`Department with ID ${departmentId} not found`); + } + + // Get all relevant skills (department-specific + global) + const skills = await this.prisma.skill.findMany({ + where: { + isActive: true, + OR: [{ departmentId: departmentId }, { departmentId: null }], + }, + orderBy: [{ category: 'asc' }, { name: 'asc' }], + }); + + // Get all employees in the department + const employees = await this.prisma.employee.findMany({ + where: { + isActive: true, + user: { + departmentId: departmentId, + isActive: true, + }, + }, + include: { + user: { + select: { + id: true, + firstName: true, + lastName: true, + email: true, + }, + }, + skillMatrixEntries: { + include: { + skill: true, + assessedBy: { + select: { + id: true, + firstName: true, + lastName: true, + }, + }, + }, + }, + }, + orderBy: { + user: { + lastName: 'asc', + }, + }, + }); + + // Build matrix data structure + const matrix = employees.map((employee) => { + const skillLevels: Record = {}; + + for (const skill of skills) { + const entry = employee.skillMatrixEntries.find( + (e) => e.skillId === skill.id, + ); + skillLevels[skill.id] = { + level: entry ? SKILL_LEVEL_REVERSE_MAP[entry.level] : 0, + assessedAt: entry?.assessedAt || null, + assessedBy: entry?.assessedBy || null, + notes: entry?.note || null, + }; + } + + return { + employee: { + id: employee.id, + employeeNumber: employee.employeeNumber, + position: employee.position, + user: employee.user, + }, + skills: skillLevels, + }; + }); + + return { + department: { + id: department.id, + name: department.name, + code: department.code, + }, + skills: skills.map((s) => ({ + id: s.id, + name: s.name, + description: s.description, + category: s.category, + isGlobal: s.departmentId === null, + })), + matrix, + }; + } + + /** + * Get skills for a single employee + */ + async getEmployeeSkills(employeeId: string) { + const employee = await this.prisma.employee.findUnique({ + where: { id: employeeId }, + include: { + user: { + select: { + id: true, + firstName: true, + lastName: true, + email: true, + departmentId: true, + department: true, + }, + }, + skillMatrixEntries: { + include: { + skill: { + include: { + department: { + select: { + id: true, + name: true, + }, + }, + }, + }, + assessedBy: { + select: { + id: true, + firstName: true, + lastName: true, + }, + }, + }, + orderBy: { + skill: { + name: 'asc', + }, + }, + }, + }, + }); + + if (!employee) { + throw new NotFoundException(`Employee with ID ${employeeId} not found`); + } + + // Transform entries with numeric levels + const skills = employee.skillMatrixEntries.map((entry) => ({ + id: entry.id, + skill: { + id: entry.skill.id, + name: entry.skill.name, + description: entry.skill.description, + category: entry.skill.category, + department: entry.skill.department, + }, + level: SKILL_LEVEL_REVERSE_MAP[entry.level], + assessedAt: entry.assessedAt, + assessedBy: entry.assessedBy, + notes: entry.note, + })); + + // Group by category + const byCategory: Record = {}; + for (const skill of skills) { + const category = skill.skill.category || 'other'; + if (!byCategory[category]) { + byCategory[category] = []; + } + byCategory[category].push(skill); + } + + return { + employee: { + id: employee.id, + employeeNumber: employee.employeeNumber, + position: employee.position, + user: employee.user, + }, + skills, + byCategory, + summary: { + total: skills.length, + averageLevel: + skills.length > 0 + ? skills.reduce((sum, s) => sum + s.level, 0) / skills.length + : 0, + levelDistribution: this.calculateLevelDistribution(skills.map((s) => s.level)), + }, + }; + } + + /** + * Create a new skill entry (assessment) + */ + async create(createDto: CreateSkillEntryDto, assessedById: string) { + // Verify employee exists + const employee = await this.prisma.employee.findUnique({ + where: { id: createDto.employeeId }, + }); + + if (!employee) { + throw new NotFoundException( + `Employee with ID ${createDto.employeeId} not found`, + ); + } + + // Verify skill exists + const skill = await this.prisma.skill.findUnique({ + where: { id: createDto.skillId }, + }); + + if (!skill) { + throw new NotFoundException( + `Skill with ID ${createDto.skillId} not found`, + ); + } + + // Check if entry already exists + const existingEntry = await this.prisma.skillMatrixEntry.findUnique({ + where: { + employeeId_skillId: { + employeeId: createDto.employeeId, + skillId: createDto.skillId, + }, + }, + }); + + if (existingEntry) { + throw new BadRequestException( + 'Skill entry already exists. Use update endpoint instead.', + ); + } + + return this.prisma.skillMatrixEntry.create({ + data: { + employeeId: createDto.employeeId, + skillId: createDto.skillId, + level: SKILL_LEVEL_MAP[createDto.level], + assessedById, + note: createDto.notes, + assessedAt: new Date(), + }, + include: { + employee: { + include: { + user: { + select: { + firstName: true, + lastName: true, + }, + }, + }, + }, + skill: true, + assessedBy: { + select: { + id: true, + firstName: true, + lastName: true, + }, + }, + }, + }); + } + + /** + * Update an existing skill entry + */ + async update(id: string, updateDto: UpdateSkillEntryDto, assessedById: string) { + const entry = await this.prisma.skillMatrixEntry.findUnique({ + where: { id }, + }); + + if (!entry) { + throw new NotFoundException(`Skill entry with ID ${id} not found`); + } + + const updateData: any = { + assessedById, + assessedAt: new Date(), + }; + + if (updateDto.level !== undefined) { + updateData.level = SKILL_LEVEL_MAP[updateDto.level]; + } + + if (updateDto.notes !== undefined) { + updateData.note = updateDto.notes; + } + + return this.prisma.skillMatrixEntry.update({ + where: { id }, + data: updateData, + include: { + employee: { + include: { + user: { + select: { + firstName: true, + lastName: true, + }, + }, + }, + }, + skill: true, + assessedBy: { + select: { + id: true, + firstName: true, + lastName: true, + }, + }, + }, + }); + } + + /** + * Delete a skill entry + */ + async remove(id: string) { + const entry = await this.prisma.skillMatrixEntry.findUnique({ + where: { id }, + }); + + if (!entry) { + throw new NotFoundException(`Skill entry with ID ${id} not found`); + } + + return this.prisma.skillMatrixEntry.delete({ + where: { id }, + }); + } + + /** + * Bulk create or update skill entries + */ + async bulkUpsert(bulkDto: BulkSkillEntryDto, assessedById: string) { + const results = []; + + for (const entry of bulkDto.entries) { + const existingEntry = await this.prisma.skillMatrixEntry.findUnique({ + where: { + employeeId_skillId: { + employeeId: entry.employeeId, + skillId: entry.skillId, + }, + }, + }); + + if (existingEntry) { + // Update existing + const updated = await this.prisma.skillMatrixEntry.update({ + where: { id: existingEntry.id }, + data: { + level: SKILL_LEVEL_MAP[entry.level], + note: entry.notes, + assessedById, + assessedAt: new Date(), + }, + }); + results.push({ action: 'updated', entry: updated }); + } else { + // Create new + const created = await this.prisma.skillMatrixEntry.create({ + data: { + employeeId: entry.employeeId, + skillId: entry.skillId, + level: SKILL_LEVEL_MAP[entry.level], + note: entry.notes, + assessedById, + assessedAt: new Date(), + }, + }); + results.push({ action: 'created', entry: created }); + } + } + + return { + processed: results.length, + created: results.filter((r) => r.action === 'created').length, + updated: results.filter((r) => r.action === 'updated').length, + results, + }; + } + + /** + * Analyze skill gaps for a department + */ + async analyzeGaps(departmentId: string, targetLevel: number = 2): Promise { + // Verify department exists + const department = await this.prisma.department.findUnique({ + where: { id: departmentId }, + }); + + if (!department) { + throw new NotFoundException(`Department with ID ${departmentId} not found`); + } + + // Get all skills for the department + const skills = await this.prisma.skill.findMany({ + where: { + isActive: true, + OR: [{ departmentId: departmentId }, { departmentId: null }], + }, + }); + + // Get all employees in the department + const employees = await this.prisma.employee.findMany({ + where: { + isActive: true, + user: { + departmentId: departmentId, + isActive: true, + }, + }, + }); + + const totalEmployees = employees.length; + + // Analyze each skill + const analysis: SkillGapAnalysis[] = []; + + for (const skill of skills) { + const entries = await this.prisma.skillMatrixEntry.findMany({ + where: { + skillId: skill.id, + employeeId: { in: employees.map((e) => e.id) }, + }, + }); + + const levels = entries.map((e) => SKILL_LEVEL_REVERSE_MAP[e.level]); + const averageLevel = + levels.length > 0 + ? levels.reduce((sum, l) => sum + l, 0) / levels.length + : 0; + + const employeesBelow = levels.filter((l) => l < targetLevel).length; + const employeesAtOrAbove = levels.filter((l) => l >= targetLevel).length; + + analysis.push({ + skillId: skill.id, + skillName: skill.name, + category: skill.category, + targetLevel, + averageLevel: Math.round(averageLevel * 100) / 100, + gap: Math.round((targetLevel - averageLevel) * 100) / 100, + employeesBelow, + employeesAtOrAbove, + totalEmployees, + }); + } + + // Sort by gap (largest first) + return analysis.sort((a, b) => b.gap - a.gap); + } + + /** + * Get skill coverage analysis + */ + async getSkillCoverage(skillId: string): Promise { + const skill = await this.prisma.skill.findUnique({ + where: { id: skillId }, + }); + + if (!skill) { + throw new NotFoundException(`Skill with ID ${skillId} not found`); + } + + const entries = await this.prisma.skillMatrixEntry.findMany({ + where: { skillId }, + include: { + employee: { + include: { + user: true, + }, + }, + }, + }); + + const levels = entries.map((e) => SKILL_LEVEL_REVERSE_MAP[e.level]); + const levelDistribution = this.calculateLevelDistribution(levels); + + // Calculate total potential employees (all active employees) + const totalEmployees = await this.prisma.employee.count({ + where: { isActive: true }, + }); + + return { + skillId: skill.id, + skillName: skill.name, + levelDistribution, + totalAssessed: entries.length, + coverage: + totalEmployees > 0 + ? Math.round((entries.length / totalEmployees) * 100) + : 0, + averageLevel: + levels.length > 0 + ? Math.round( + (levels.reduce((sum, l) => sum + l, 0) / levels.length) * 100, + ) / 100 + : 0, + }; + } + + /** + * Get potential trainers for a skill (level 4) + */ + async getTrainers(skillId: string) { + const skill = await this.prisma.skill.findUnique({ + where: { id: skillId }, + }); + + if (!skill) { + throw new NotFoundException(`Skill with ID ${skillId} not found`); + } + + const trainers = await this.prisma.skillMatrixEntry.findMany({ + where: { + skillId, + level: SkillLevel.TRAINER, + }, + include: { + employee: { + include: { + user: { + select: { + id: true, + firstName: true, + lastName: true, + email: true, + department: { + select: { + id: true, + name: true, + }, + }, + }, + }, + }, + }, + }, + }); + + return { + skill: { + id: skill.id, + name: skill.name, + category: skill.category, + }, + trainers: trainers.map((t) => ({ + employeeId: t.employee.id, + employeeNumber: t.employee.employeeNumber, + position: t.employee.position, + user: t.employee.user, + assessedAt: t.assessedAt, + })), + totalTrainers: trainers.length, + }; + } + + /** + * Helper: Calculate level distribution + */ + private calculateLevelDistribution(levels: number[]): Record { + const distribution: Record = { + 0: 0, + 1: 0, + 2: 0, + 3: 0, + 4: 0, + }; + + for (const level of levels) { + if (distribution[level] !== undefined) { + distribution[level]++; + } + } + + return distribution; + } +} diff --git a/apps/api/src/modules/lean/skill-matrix/skill-matrix.module.ts b/apps/api/src/modules/lean/skill-matrix/skill-matrix.module.ts new file mode 100644 index 0000000..d8048cc --- /dev/null +++ b/apps/api/src/modules/lean/skill-matrix/skill-matrix.module.ts @@ -0,0 +1,22 @@ +import { Module } from '@nestjs/common'; +import { SkillsController } from './skills.controller'; +import { SkillsService } from './skills.service'; +import { SkillEntriesController } from './skill-entries.controller'; +import { SkillEntriesService } from './skill-entries.service'; + +/** + * Module for skill matrix management + * + * Provides functionality for: + * - Managing skills (CRUD operations) + * - Skill matrix entries (assessments) + * - Skill gap analysis + * - Trainer identification + * - Coverage statistics + */ +@Module({ + controllers: [SkillsController, SkillEntriesController], + providers: [SkillsService, SkillEntriesService], + exports: [SkillsService, SkillEntriesService], +}) +export class SkillMatrixModule {} diff --git a/apps/api/src/modules/lean/skill-matrix/skills.controller.ts b/apps/api/src/modules/lean/skill-matrix/skills.controller.ts new file mode 100644 index 0000000..ada8df1 --- /dev/null +++ b/apps/api/src/modules/lean/skill-matrix/skills.controller.ts @@ -0,0 +1,148 @@ +import { + Controller, + Get, + Post, + Body, + Put, + Param, + Delete, + Query, + HttpCode, + HttpStatus, + Req, +} from '@nestjs/common'; +import { + ApiTags, + ApiOperation, + ApiResponse, + ApiBearerAuth, + ApiParam, +} from '@nestjs/swagger'; +import { SkillsService } from './skills.service'; +import { CreateSkillDto, UpdateSkillDto, QuerySkillsDto } from './dto'; +import { Roles } from '../../../auth/decorators/roles.decorator'; +import { RequirePermissions } from '../../../auth/permissions/permissions.decorator'; +import { Permission } from '../../../auth/permissions/permissions.enum'; +import { AuditLog } from '../../audit/audit.interceptor'; +import { Request } from 'express'; + +interface AuthenticatedRequest extends Request { + user: { + id: string; + email: string; + [key: string]: any; + }; +} + +@ApiTags('lean/skills') +@ApiBearerAuth('JWT-auth') +@Controller('lean/skills') +export class SkillsController { + constructor(private readonly skillsService: SkillsService) {} + + @Post() + @Roles('admin', 'hr-manager') + @RequirePermissions(Permission.SKILLS_MANAGE) + @AuditLog('Skill', 'CREATE') + @ApiOperation({ summary: 'Create a new skill' }) + @ApiResponse({ + status: 201, + description: 'Skill created successfully', + }) + @ApiResponse({ status: 400, description: 'Bad request' }) + @ApiResponse({ status: 401, description: 'Unauthorized' }) + @ApiResponse({ status: 403, description: 'Forbidden' }) + @ApiResponse({ status: 409, description: 'Skill already exists' }) + create(@Body() createDto: CreateSkillDto, @Req() req: AuthenticatedRequest) { + return this.skillsService.create(createDto, req.user.id); + } + + @Get() + @RequirePermissions(Permission.SKILLS_VIEW) + @ApiOperation({ summary: 'Get all skills with pagination and filtering' }) + @ApiResponse({ + status: 200, + description: 'List of skills', + }) + @ApiResponse({ status: 401, description: 'Unauthorized' }) + findAll(@Query() query: QuerySkillsDto) { + return this.skillsService.findAll(query); + } + + @Get('categories') + @RequirePermissions(Permission.SKILLS_VIEW) + @ApiOperation({ summary: 'Get all skill categories' }) + @ApiResponse({ + status: 200, + description: 'List of categories', + }) + @ApiResponse({ status: 401, description: 'Unauthorized' }) + getCategories() { + return this.skillsService.getCategories(); + } + + @Get('department/:departmentId') + @RequirePermissions(Permission.SKILLS_VIEW) + @ApiOperation({ summary: 'Get skills for a specific department' }) + @ApiParam({ name: 'departmentId', description: 'Department ID' }) + @ApiResponse({ + status: 200, + description: 'List of skills for the department', + }) + @ApiResponse({ status: 401, description: 'Unauthorized' }) + @ApiResponse({ status: 404, description: 'Department not found' }) + getSkillsForDepartment(@Param('departmentId') departmentId: string) { + return this.skillsService.getSkillsForDepartment(departmentId); + } + + @Get(':id') + @RequirePermissions(Permission.SKILLS_VIEW) + @ApiOperation({ summary: 'Get a skill by ID' }) + @ApiParam({ name: 'id', description: 'Skill ID' }) + @ApiResponse({ + status: 200, + description: 'Skill found', + }) + @ApiResponse({ status: 401, description: 'Unauthorized' }) + @ApiResponse({ status: 404, description: 'Skill not found' }) + findOne(@Param('id') id: string) { + return this.skillsService.findOne(id); + } + + @Put(':id') + @Roles('admin', 'hr-manager') + @RequirePermissions(Permission.SKILLS_MANAGE) + @AuditLog('Skill', 'UPDATE') + @ApiOperation({ summary: 'Update a skill' }) + @ApiParam({ name: 'id', description: 'Skill ID' }) + @ApiResponse({ + status: 200, + description: 'Skill updated successfully', + }) + @ApiResponse({ status: 400, description: 'Bad request' }) + @ApiResponse({ status: 401, description: 'Unauthorized' }) + @ApiResponse({ status: 403, description: 'Forbidden' }) + @ApiResponse({ status: 404, description: 'Skill not found' }) + @ApiResponse({ status: 409, description: 'Skill name already exists' }) + update(@Param('id') id: string, @Body() updateDto: UpdateSkillDto) { + return this.skillsService.update(id, updateDto); + } + + @Delete(':id') + @Roles('admin', 'hr-manager') + @RequirePermissions(Permission.SKILLS_MANAGE) + @AuditLog('Skill', 'DELETE') + @HttpCode(HttpStatus.OK) + @ApiOperation({ summary: 'Deactivate a skill' }) + @ApiParam({ name: 'id', description: 'Skill ID' }) + @ApiResponse({ + status: 200, + description: 'Skill deactivated successfully', + }) + @ApiResponse({ status: 401, description: 'Unauthorized' }) + @ApiResponse({ status: 403, description: 'Forbidden' }) + @ApiResponse({ status: 404, description: 'Skill not found' }) + remove(@Param('id') id: string) { + return this.skillsService.remove(id); + } +} diff --git a/apps/api/src/modules/lean/skill-matrix/skills.service.ts b/apps/api/src/modules/lean/skill-matrix/skills.service.ts new file mode 100644 index 0000000..da507f1 --- /dev/null +++ b/apps/api/src/modules/lean/skill-matrix/skills.service.ts @@ -0,0 +1,329 @@ +import { + Injectable, + NotFoundException, + ConflictException, + BadRequestException, +} from '@nestjs/common'; +import { PrismaService } from '../../../prisma/prisma.service'; +import { CreateSkillDto, UpdateSkillDto, QuerySkillsDto } from './dto'; +import { Prisma } from '@prisma/client'; + +/** + * Service for managing skills in the skill matrix + */ +@Injectable() +export class SkillsService { + constructor(private readonly prisma: PrismaService) {} + + /** + * Create a new skill + */ + async create(createDto: CreateSkillDto, userId: string) { + // Check for duplicate skill name in the same department + const existingSkill = await this.prisma.skill.findFirst({ + where: { + name: createDto.name, + departmentId: createDto.departmentId ?? null, + }, + }); + + if (existingSkill) { + throw new ConflictException( + `Skill "${createDto.name}" already exists in this scope`, + ); + } + + // Validate department exists if provided + if (createDto.departmentId) { + const department = await this.prisma.department.findUnique({ + where: { id: createDto.departmentId }, + }); + + if (!department) { + throw new NotFoundException( + `Department with ID ${createDto.departmentId} not found`, + ); + } + } + + return this.prisma.skill.create({ + data: { + name: createDto.name, + description: createDto.description, + category: createDto.category, + departmentId: createDto.departmentId, + isActive: createDto.isActive ?? true, + }, + include: { + department: { + select: { + id: true, + name: true, + code: true, + }, + }, + _count: { + select: { + entries: true, + }, + }, + }, + }); + } + + /** + * Find all skills with filtering and pagination + */ + async findAll(query: QuerySkillsDto) { + const { + page = 1, + limit = 20, + search, + departmentId, + category, + isActive, + includeGlobal = true, + sortBy, + sortOrder, + } = query; + + const skip = (page - 1) * limit; + + // Build where clause + const whereConditions: Prisma.SkillWhereInput[] = []; + + // Search filter + if (search) { + whereConditions.push({ + OR: [ + { name: { contains: search, mode: 'insensitive' } }, + { description: { contains: search, mode: 'insensitive' } }, + ], + }); + } + + // Department filter + if (departmentId) { + if (includeGlobal) { + whereConditions.push({ + OR: [{ departmentId: departmentId }, { departmentId: null }], + }); + } else { + whereConditions.push({ departmentId: departmentId }); + } + } + + // Category filter + if (category) { + whereConditions.push({ category: category }); + } + + // Active filter + if (isActive !== undefined) { + whereConditions.push({ isActive: isActive }); + } + + const where: Prisma.SkillWhereInput = + whereConditions.length > 0 ? { AND: whereConditions } : {}; + + // Build orderBy + const orderBy: Prisma.SkillOrderByWithRelationInput = sortBy + ? { [sortBy]: sortOrder || 'asc' } + : { name: 'asc' }; + + const [skills, total] = await Promise.all([ + this.prisma.skill.findMany({ + where, + skip, + take: limit, + orderBy, + include: { + department: { + select: { + id: true, + name: true, + code: true, + }, + }, + _count: { + select: { + entries: true, + }, + }, + }, + }), + this.prisma.skill.count({ where }), + ]); + + return { + data: skills, + meta: { + total, + page, + limit, + totalPages: Math.ceil(total / limit), + }, + }; + } + + /** + * Find a single skill by ID + */ + async findOne(id: string) { + const skill = await this.prisma.skill.findUnique({ + where: { id }, + include: { + department: { + select: { + id: true, + name: true, + code: true, + }, + }, + _count: { + select: { + entries: true, + }, + }, + }, + }); + + if (!skill) { + throw new NotFoundException(`Skill with ID ${id} not found`); + } + + return skill; + } + + /** + * Update a skill + */ + async update(id: string, updateDto: UpdateSkillDto) { + await this.findOne(id); + + // Check for duplicate name if updating + if (updateDto.name) { + const currentSkill = await this.prisma.skill.findUnique({ + where: { id }, + }); + + const existingSkill = await this.prisma.skill.findFirst({ + where: { + name: updateDto.name, + departmentId: updateDto.departmentId ?? currentSkill?.departmentId ?? null, + id: { not: id }, + }, + }); + + if (existingSkill) { + throw new ConflictException( + `Skill "${updateDto.name}" already exists in this scope`, + ); + } + } + + // Validate department if updating + if (updateDto.departmentId) { + const department = await this.prisma.department.findUnique({ + where: { id: updateDto.departmentId }, + }); + + if (!department) { + throw new NotFoundException( + `Department with ID ${updateDto.departmentId} not found`, + ); + } + } + + return this.prisma.skill.update({ + where: { id }, + data: updateDto, + include: { + department: { + select: { + id: true, + name: true, + code: true, + }, + }, + _count: { + select: { + entries: true, + }, + }, + }, + }); + } + + /** + * Soft delete a skill (deactivate) + */ + async remove(id: string) { + await this.findOne(id); + + return this.prisma.skill.update({ + where: { id }, + data: { isActive: false }, + include: { + department: { + select: { + id: true, + name: true, + code: true, + }, + }, + _count: { + select: { + entries: true, + }, + }, + }, + }); + } + + /** + * Get all categories + */ + async getCategories() { + const skills = await this.prisma.skill.findMany({ + where: { isActive: true }, + select: { category: true }, + distinct: ['category'], + }); + + return skills + .map((s) => s.category) + .filter((c): c is string => c !== null); + } + + /** + * Get skills for a department including global skills + */ + async getSkillsForDepartment(departmentId: string) { + // Verify department exists + const department = await this.prisma.department.findUnique({ + where: { id: departmentId }, + }); + + if (!department) { + throw new NotFoundException(`Department with ID ${departmentId} not found`); + } + + return this.prisma.skill.findMany({ + where: { + isActive: true, + OR: [{ departmentId: departmentId }, { departmentId: null }], + }, + orderBy: [{ category: 'asc' }, { name: 'asc' }], + include: { + department: { + select: { + id: true, + name: true, + code: true, + }, + }, + }, + }); + } +} diff --git a/apps/api/src/modules/user-preferences/dto/index.ts b/apps/api/src/modules/user-preferences/dto/index.ts new file mode 100644 index 0000000..7a8bd90 --- /dev/null +++ b/apps/api/src/modules/user-preferences/dto/index.ts @@ -0,0 +1 @@ +export * from './update-preferences.dto'; diff --git a/apps/api/src/modules/user-preferences/dto/update-preferences.dto.ts b/apps/api/src/modules/user-preferences/dto/update-preferences.dto.ts new file mode 100644 index 0000000..6dc925c --- /dev/null +++ b/apps/api/src/modules/user-preferences/dto/update-preferences.dto.ts @@ -0,0 +1,148 @@ +import { ApiPropertyOptional } from '@nestjs/swagger'; +import { + IsOptional, + IsString, + IsEnum, + IsObject, + IsArray, + ValidateNested, +} from 'class-validator'; +import { Type } from 'class-transformer'; + +export enum Theme { + LIGHT = 'light', + DARK = 'dark', + SYSTEM = 'system', +} + +export enum Language { + DE = 'de', + EN = 'en', +} + +export class WidgetConfig { + @ApiPropertyOptional({ + description: 'Widget identifier', + example: 'stats-overview', + }) + @IsString() + id: string; + + @ApiPropertyOptional({ + description: 'Widget type', + example: 'statistics', + }) + @IsString() + type: string; + + @ApiPropertyOptional({ + description: 'Grid position X', + example: 0, + }) + @IsOptional() + x?: number; + + @ApiPropertyOptional({ + description: 'Grid position Y', + example: 0, + }) + @IsOptional() + y?: number; + + @ApiPropertyOptional({ + description: 'Widget width in grid units', + example: 2, + }) + @IsOptional() + w?: number; + + @ApiPropertyOptional({ + description: 'Widget height in grid units', + example: 2, + }) + @IsOptional() + h?: number; + + @ApiPropertyOptional({ + description: 'Widget-specific settings', + }) + @IsOptional() + @IsObject() + settings?: Record; +} + +export class NotificationPreferences { + @ApiPropertyOptional({ + description: 'Enable email notifications', + example: true, + }) + @IsOptional() + email?: boolean; + + @ApiPropertyOptional({ + description: 'Enable push notifications', + example: true, + }) + @IsOptional() + push?: boolean; + + @ApiPropertyOptional({ + description: 'Enable absence request notifications', + example: true, + }) + @IsOptional() + absenceRequests?: boolean; + + @ApiPropertyOptional({ + description: 'Enable time tracking reminders', + example: true, + }) + @IsOptional() + timeReminders?: boolean; + + @ApiPropertyOptional({ + description: 'Enable system announcements', + example: true, + }) + @IsOptional() + systemAnnouncements?: boolean; +} + +export class UpdatePreferencesDto { + @ApiPropertyOptional({ + description: 'UI theme preference', + enum: Theme, + example: Theme.SYSTEM, + }) + @IsOptional() + @IsEnum(Theme) + theme?: Theme; + + @ApiPropertyOptional({ + description: 'Language preference', + enum: Language, + example: Language.DE, + }) + @IsOptional() + @IsEnum(Language) + language?: Language; + + @ApiPropertyOptional({ + description: 'Dashboard widget layout configuration', + type: [WidgetConfig], + }) + @IsOptional() + @IsArray() + @ValidateNested({ each: true }) + @Type(() => WidgetConfig) + dashboardLayout?: WidgetConfig[]; + + @ApiPropertyOptional({ + description: 'Notification preferences', + type: NotificationPreferences, + }) + @IsOptional() + @ValidateNested() + @Type(() => NotificationPreferences) + notifications?: NotificationPreferences; +} diff --git a/apps/api/src/modules/user-preferences/index.ts b/apps/api/src/modules/user-preferences/index.ts new file mode 100644 index 0000000..0319f7d --- /dev/null +++ b/apps/api/src/modules/user-preferences/index.ts @@ -0,0 +1,4 @@ +export * from './user-preferences.module'; +export * from './user-preferences.service'; +export * from './user-preferences.controller'; +export * from './dto'; diff --git a/apps/api/src/modules/user-preferences/user-preferences.controller.ts b/apps/api/src/modules/user-preferences/user-preferences.controller.ts new file mode 100644 index 0000000..d18b331 --- /dev/null +++ b/apps/api/src/modules/user-preferences/user-preferences.controller.ts @@ -0,0 +1,58 @@ +import { Controller, Get, Put, Body } from '@nestjs/common'; +import { + ApiTags, + ApiOperation, + ApiResponse, + ApiBearerAuth, +} from '@nestjs/swagger'; +import { UserPreferencesService } from './user-preferences.service'; +import { UpdatePreferencesDto } from './dto/update-preferences.dto'; +import { CurrentUser } from '../../auth/decorators/current-user.decorator'; +import { JwtPayload } from '../../auth/interfaces/jwt-payload.interface'; + +@ApiTags('user-preferences') +@ApiBearerAuth('JWT-auth') +@Controller('user-preferences') +export class UserPreferencesController { + constructor(private readonly preferencesService: UserPreferencesService) {} + + @Get() + @ApiOperation({ summary: 'Get current user preferences' }) + @ApiResponse({ + status: 200, + description: 'User preferences retrieved successfully', + }) + @ApiResponse({ status: 401, description: 'Unauthorized' }) + @ApiResponse({ status: 404, description: 'User not found' }) + findMine(@CurrentUser() user: JwtPayload) { + return this.preferencesService.findByUserId(user.sub); + } + + @Put() + @ApiOperation({ summary: 'Update current user preferences' }) + @ApiResponse({ + status: 200, + description: 'User preferences updated successfully', + }) + @ApiResponse({ status: 400, description: 'Bad request' }) + @ApiResponse({ status: 401, description: 'Unauthorized' }) + @ApiResponse({ status: 404, description: 'User not found' }) + update( + @CurrentUser() user: JwtPayload, + @Body() updateDto: UpdatePreferencesDto, + ) { + return this.preferencesService.update(user.sub, updateDto); + } + + @Put('reset') + @ApiOperation({ summary: 'Reset preferences to defaults' }) + @ApiResponse({ + status: 200, + description: 'User preferences reset successfully', + }) + @ApiResponse({ status: 401, description: 'Unauthorized' }) + @ApiResponse({ status: 404, description: 'User not found' }) + resetToDefaults(@CurrentUser() user: JwtPayload) { + return this.preferencesService.resetToDefaults(user.sub); + } +} diff --git a/apps/api/src/modules/user-preferences/user-preferences.module.ts b/apps/api/src/modules/user-preferences/user-preferences.module.ts new file mode 100644 index 0000000..aa489ad --- /dev/null +++ b/apps/api/src/modules/user-preferences/user-preferences.module.ts @@ -0,0 +1,10 @@ +import { Module } from '@nestjs/common'; +import { UserPreferencesController } from './user-preferences.controller'; +import { UserPreferencesService } from './user-preferences.service'; + +@Module({ + controllers: [UserPreferencesController], + providers: [UserPreferencesService], + exports: [UserPreferencesService], +}) +export class UserPreferencesModule {} diff --git a/apps/api/src/modules/user-preferences/user-preferences.service.ts b/apps/api/src/modules/user-preferences/user-preferences.service.ts new file mode 100644 index 0000000..7f2027f --- /dev/null +++ b/apps/api/src/modules/user-preferences/user-preferences.service.ts @@ -0,0 +1,121 @@ +import { Injectable, NotFoundException } from '@nestjs/common'; +import { PrismaService } from '../../prisma/prisma.service'; +import { UpdatePreferencesDto } from './dto/update-preferences.dto'; +import { Prisma } from '@prisma/client'; + +@Injectable() +export class UserPreferencesService { + constructor(private readonly prisma: PrismaService) {} + + /** + * Get user preferences, create with defaults if not exists + */ + async findByUserId(userId: string) { + // First check if user exists + const user = await this.prisma.user.findUnique({ + where: { id: userId }, + }); + + if (!user) { + throw new NotFoundException(`User with ID ${userId} not found`); + } + + // Get or create preferences + let preferences = await this.prisma.userPreference.findUnique({ + where: { userId }, + }); + + if (!preferences) { + preferences = await this.prisma.userPreference.create({ + data: { + userId, + theme: 'system', + language: 'de', + dashboardLayout: this.getDefaultDashboardLayout(), + notifications: this.getDefaultNotificationPreferences(), + }, + }); + } + + return preferences; + } + + /** + * Update user preferences + */ + async update(userId: string, updateDto: UpdatePreferencesDto) { + // Ensure preferences exist first + await this.findByUserId(userId); + + return this.prisma.userPreference.update({ + where: { userId }, + data: { + ...(updateDto.theme && { theme: updateDto.theme }), + ...(updateDto.language && { language: updateDto.language }), + ...(updateDto.dashboardLayout && { + dashboardLayout: updateDto.dashboardLayout as unknown as Prisma.JsonArray, + }), + ...(updateDto.notifications && { + notifications: updateDto.notifications as unknown as Prisma.JsonObject, + }), + }, + }); + } + + /** + * Update only dashboard layout + */ + async updateDashboardLayout(userId: string, layout: unknown[]) { + await this.findByUserId(userId); + + return this.prisma.userPreference.update({ + where: { userId }, + data: { + dashboardLayout: layout as Prisma.JsonArray, + }, + }); + } + + /** + * Reset preferences to defaults + */ + async resetToDefaults(userId: string) { + await this.findByUserId(userId); + + return this.prisma.userPreference.update({ + where: { userId }, + data: { + theme: 'system', + language: 'de', + dashboardLayout: this.getDefaultDashboardLayout(), + notifications: this.getDefaultNotificationPreferences(), + }, + }); + } + + /** + * Default dashboard layout configuration + */ + private getDefaultDashboardLayout(): Prisma.JsonArray { + return [ + { id: 'stats-overview', type: 'statistics', x: 0, y: 0, w: 4, h: 1 }, + { id: 'recent-activity', type: 'activity', x: 0, y: 1, w: 2, h: 2 }, + { id: 'quick-actions', type: 'actions', x: 2, y: 1, w: 2, h: 2 }, + { id: 'upcoming-absences', type: 'absences', x: 0, y: 3, w: 2, h: 2 }, + { id: 'team-overview', type: 'team', x: 2, y: 3, w: 2, h: 2 }, + ]; + } + + /** + * Default notification preferences + */ + private getDefaultNotificationPreferences(): Prisma.JsonObject { + return { + email: true, + push: true, + absenceRequests: true, + timeReminders: true, + systemAnnouncements: true, + }; + } +} diff --git a/apps/api/src/prisma/index.ts b/apps/api/src/prisma/index.ts new file mode 100644 index 0000000..8bb71d7 --- /dev/null +++ b/apps/api/src/prisma/index.ts @@ -0,0 +1,2 @@ +export * from './prisma.module'; +export * from './prisma.service'; diff --git a/apps/api/src/prisma/prisma.module.ts b/apps/api/src/prisma/prisma.module.ts new file mode 100644 index 0000000..7207426 --- /dev/null +++ b/apps/api/src/prisma/prisma.module.ts @@ -0,0 +1,9 @@ +import { Global, Module } from '@nestjs/common'; +import { PrismaService } from './prisma.service'; + +@Global() +@Module({ + providers: [PrismaService], + exports: [PrismaService], +}) +export class PrismaModule {} diff --git a/apps/api/src/prisma/prisma.service.ts b/apps/api/src/prisma/prisma.service.ts new file mode 100644 index 0000000..9fbad99 --- /dev/null +++ b/apps/api/src/prisma/prisma.service.ts @@ -0,0 +1,62 @@ +import { Injectable, OnModuleInit, OnModuleDestroy, Logger } from '@nestjs/common'; +import { PrismaClient } from '@prisma/client'; + +@Injectable() +export class PrismaService extends PrismaClient implements OnModuleInit, OnModuleDestroy { + private readonly logger = new Logger(PrismaService.name); + + constructor() { + super({ + log: [ + { emit: 'event', level: 'query' }, + { emit: 'stdout', level: 'info' }, + { emit: 'stdout', level: 'warn' }, + { emit: 'stdout', level: 'error' }, + ], + }); + } + + async onModuleInit() { + await this.$connect(); + this.logger.log('Database connection established'); + + // Log slow queries in development + if (process.env.NODE_ENV === 'development') { + // @ts-expect-error - Prisma event typing issue + this.$on('query', (e: { query: string; duration: number }) => { + if (e.duration > 100) { + this.logger.warn(`Slow query (${e.duration}ms): ${e.query}`); + } + }); + } + } + + async onModuleDestroy() { + await this.$disconnect(); + this.logger.log('Database connection closed'); + } + + /** + * Clean all data from the database (for testing purposes) + * WARNING: This will delete all data! + */ + async cleanDatabase() { + if (process.env.NODE_ENV === 'production') { + throw new Error('Cannot clean database in production'); + } + + const models = Reflect.ownKeys(this).filter( + (key) => typeof key === 'string' && !key.startsWith('_') && !key.startsWith('$'), + ); + + return Promise.all( + models.map((modelKey) => { + const model = this[modelKey as keyof this]; + if (model && typeof model === 'object' && 'deleteMany' in model) { + return (model as { deleteMany: () => Promise }).deleteMany(); + } + return Promise.resolve(); + }), + ); + } +} diff --git a/apps/api/src/users/dto/assign-roles.dto.ts b/apps/api/src/users/dto/assign-roles.dto.ts new file mode 100644 index 0000000..36b4d8f --- /dev/null +++ b/apps/api/src/users/dto/assign-roles.dto.ts @@ -0,0 +1,14 @@ +import { ApiProperty } from '@nestjs/swagger'; +import { IsArray, IsString, ArrayMinSize } from 'class-validator'; + +export class AssignRolesDto { + @ApiProperty({ + description: 'Array of role IDs to assign to the user', + example: ['clq1234567890role1', 'clq1234567890role2'], + type: [String], + }) + @IsArray() + @ArrayMinSize(1, { message: 'At least one role must be specified' }) + @IsString({ each: true }) + roleIds: string[]; +} diff --git a/apps/api/src/users/dto/create-user.dto.ts b/apps/api/src/users/dto/create-user.dto.ts new file mode 100644 index 0000000..6b40f6d --- /dev/null +++ b/apps/api/src/users/dto/create-user.dto.ts @@ -0,0 +1,85 @@ +import { ApiProperty, ApiPropertyOptional } from '@nestjs/swagger'; +import { + IsString, + IsEmail, + IsOptional, + IsBoolean, + IsArray, + IsUrl, + MinLength, + MaxLength, +} from 'class-validator'; + +export class CreateUserDto { + @ApiProperty({ + description: 'User email address', + example: 'john.doe@example.com', + }) + @IsEmail() + email: string; + + @ApiProperty({ + description: 'User first name', + example: 'John', + minLength: 1, + maxLength: 100, + }) + @IsString() + @MinLength(1) + @MaxLength(100) + firstName: string; + + @ApiProperty({ + description: 'User last name', + example: 'Doe', + minLength: 1, + maxLength: 100, + }) + @IsString() + @MinLength(1) + @MaxLength(100) + lastName: string; + + @ApiPropertyOptional({ + description: 'Keycloak user ID for SSO integration', + example: 'a1b2c3d4-e5f6-7890-abcd-ef1234567890', + }) + @IsOptional() + @IsString() + keycloakId?: string; + + @ApiPropertyOptional({ + description: 'URL to user avatar image', + example: 'https://example.com/avatars/john-doe.jpg', + }) + @IsOptional() + @IsUrl() + avatar?: string; + + @ApiPropertyOptional({ + description: 'Whether the user account is active', + example: true, + default: true, + }) + @IsOptional() + @IsBoolean() + isActive?: boolean; + + @ApiPropertyOptional({ + description: 'Department ID to assign the user to', + example: 'clq1234567890abcdef', + }) + @IsOptional() + @IsString() + departmentId?: string; + + @ApiPropertyOptional({ + description: 'Array of role IDs to assign to the user', + example: ['clq1234567890role1', 'clq1234567890role2'], + type: [String], + }) + @IsOptional() + @IsArray() + @IsString({ each: true }) + roleIds?: string[]; +} diff --git a/apps/api/src/users/dto/index.ts b/apps/api/src/users/dto/index.ts new file mode 100644 index 0000000..38ed41d --- /dev/null +++ b/apps/api/src/users/dto/index.ts @@ -0,0 +1,6 @@ +export * from './create-user.dto'; +export * from './update-user.dto'; +export * from './update-profile.dto'; +export * from './query-users.dto'; +export * from './assign-roles.dto'; +export * from './user-response.dto'; diff --git a/apps/api/src/users/dto/query-users.dto.ts b/apps/api/src/users/dto/query-users.dto.ts new file mode 100644 index 0000000..518cb6b --- /dev/null +++ b/apps/api/src/users/dto/query-users.dto.ts @@ -0,0 +1,91 @@ +import { ApiPropertyOptional } from '@nestjs/swagger'; +import { IsOptional, IsString, IsBoolean, IsInt, Min, Max, IsEnum } from 'class-validator'; +import { Transform, Type } from 'class-transformer'; + +export enum UserSortField { + CREATED_AT = 'createdAt', + UPDATED_AT = 'updatedAt', + EMAIL = 'email', + FIRST_NAME = 'firstName', + LAST_NAME = 'lastName', +} + +export enum SortOrder { + ASC = 'asc', + DESC = 'desc', +} + +export class QueryUsersDto { + @ApiPropertyOptional({ + description: 'Page number for pagination', + example: 1, + minimum: 1, + default: 1, + }) + @IsOptional() + @Type(() => Number) + @IsInt() + @Min(1) + page?: number = 1; + + @ApiPropertyOptional({ + description: 'Number of items per page', + example: 20, + minimum: 1, + maximum: 100, + default: 20, + }) + @IsOptional() + @Type(() => Number) + @IsInt() + @Min(1) + @Max(100) + limit?: number = 20; + + @ApiPropertyOptional({ + description: 'Search term for email, first name, or last name', + example: 'john', + }) + @IsOptional() + @IsString() + search?: string; + + @ApiPropertyOptional({ + description: 'Filter by department ID', + example: 'clq1234567890abcdef', + }) + @IsOptional() + @IsString() + departmentId?: string; + + @ApiPropertyOptional({ + description: 'Filter by active status', + example: true, + }) + @IsOptional() + @Transform(({ value }) => { + if (value === 'true') return true; + if (value === 'false') return false; + return value; + }) + @IsBoolean() + isActive?: boolean; + + @ApiPropertyOptional({ + description: 'Field to sort by', + enum: UserSortField, + example: UserSortField.CREATED_AT, + }) + @IsOptional() + @IsEnum(UserSortField) + sortBy?: UserSortField; + + @ApiPropertyOptional({ + description: 'Sort order', + enum: SortOrder, + example: SortOrder.DESC, + }) + @IsOptional() + @IsEnum(SortOrder) + sortOrder?: SortOrder; +} diff --git a/apps/api/src/users/dto/update-profile.dto.ts b/apps/api/src/users/dto/update-profile.dto.ts new file mode 100644 index 0000000..e618598 --- /dev/null +++ b/apps/api/src/users/dto/update-profile.dto.ts @@ -0,0 +1,46 @@ +import { ApiPropertyOptional } from '@nestjs/swagger'; +import { + IsString, + IsOptional, + IsUrl, + MinLength, + MaxLength, +} from 'class-validator'; + +/** + * DTO for users to update their own profile + * Limited fields compared to admin update + */ +export class UpdateProfileDto { + @ApiPropertyOptional({ + description: 'User first name', + example: 'John', + minLength: 1, + maxLength: 100, + }) + @IsOptional() + @IsString() + @MinLength(1) + @MaxLength(100) + firstName?: string; + + @ApiPropertyOptional({ + description: 'User last name', + example: 'Doe', + minLength: 1, + maxLength: 100, + }) + @IsOptional() + @IsString() + @MinLength(1) + @MaxLength(100) + lastName?: string; + + @ApiPropertyOptional({ + description: 'URL to user avatar image', + example: 'https://example.com/avatars/john-doe.jpg', + }) + @IsOptional() + @IsUrl() + avatar?: string; +} diff --git a/apps/api/src/users/dto/update-user.dto.ts b/apps/api/src/users/dto/update-user.dto.ts new file mode 100644 index 0000000..78ab602 --- /dev/null +++ b/apps/api/src/users/dto/update-user.dto.ts @@ -0,0 +1,4 @@ +import { PartialType } from '@nestjs/swagger'; +import { CreateUserDto } from './create-user.dto'; + +export class UpdateUserDto extends PartialType(CreateUserDto) {} diff --git a/apps/api/src/users/dto/user-response.dto.ts b/apps/api/src/users/dto/user-response.dto.ts new file mode 100644 index 0000000..c36ce7d --- /dev/null +++ b/apps/api/src/users/dto/user-response.dto.ts @@ -0,0 +1,80 @@ +import { ApiProperty, ApiPropertyOptional } from '@nestjs/swagger'; + +class RoleDto { + @ApiProperty({ example: 'clq1234567890role1' }) + id: string; + + @ApiProperty({ example: 'admin' }) + name: string; + + @ApiPropertyOptional({ example: 'Administrator role with full access' }) + description?: string; +} + +class UserRoleDto { + @ApiProperty({ type: RoleDto }) + role: RoleDto; +} + +class DepartmentDto { + @ApiProperty({ example: 'clq1234567890dept1' }) + id: string; + + @ApiProperty({ example: 'Engineering' }) + name: string; +} + +export class UserResponseDto { + @ApiProperty({ example: 'clq1234567890abcdef' }) + id: string; + + @ApiProperty({ example: 'john.doe@example.com' }) + email: string; + + @ApiProperty({ example: 'John' }) + firstName: string; + + @ApiProperty({ example: 'Doe' }) + lastName: string; + + @ApiPropertyOptional({ example: 'a1b2c3d4-e5f6-7890-abcd-ef1234567890' }) + keycloakId?: string; + + @ApiPropertyOptional({ example: 'https://example.com/avatars/john-doe.jpg' }) + avatar?: string; + + @ApiProperty({ example: true }) + isActive: boolean; + + @ApiProperty({ example: '2024-01-15T10:30:00.000Z' }) + createdAt: Date; + + @ApiProperty({ example: '2024-01-15T10:30:00.000Z' }) + updatedAt: Date; + + @ApiPropertyOptional({ type: DepartmentDto }) + department?: DepartmentDto; + + @ApiProperty({ type: [UserRoleDto] }) + roles: UserRoleDto[]; +} + +export class PaginatedUsersResponseDto { + @ApiProperty({ type: [UserResponseDto] }) + data: UserResponseDto[]; + + @ApiProperty({ + example: { + total: 100, + page: 1, + limit: 20, + totalPages: 5, + }, + }) + meta: { + total: number; + page: number; + limit: number; + totalPages: number; + }; +} diff --git a/apps/api/src/users/index.ts b/apps/api/src/users/index.ts new file mode 100644 index 0000000..0cb468e --- /dev/null +++ b/apps/api/src/users/index.ts @@ -0,0 +1,4 @@ +export * from './users.module'; +export * from './users.service'; +export * from './users.controller'; +export * from './dto'; diff --git a/apps/api/src/users/users.controller.ts b/apps/api/src/users/users.controller.ts new file mode 100644 index 0000000..9f991a9 --- /dev/null +++ b/apps/api/src/users/users.controller.ts @@ -0,0 +1,233 @@ +import { + Controller, + Get, + Post, + Body, + Patch, + Put, + Param, + Delete, + Query, + HttpCode, + HttpStatus, +} from '@nestjs/common'; +import { + ApiTags, + ApiOperation, + ApiResponse, + ApiBearerAuth, + ApiParam, + ApiQuery, +} from '@nestjs/swagger'; +import { UsersService } from './users.service'; +import { CreateUserDto } from './dto/create-user.dto'; +import { UpdateUserDto } from './dto/update-user.dto'; +import { UpdateProfileDto } from './dto/update-profile.dto'; +import { QueryUsersDto } from './dto/query-users.dto'; +import { AssignRolesDto } from './dto/assign-roles.dto'; +import { UserResponseDto } from './dto/user-response.dto'; +import { Roles } from '../auth/decorators/roles.decorator'; +import { CurrentUser } from '../auth/decorators/current-user.decorator'; +import { JwtPayload } from '../auth/interfaces/jwt-payload.interface'; +import { RequirePermissions } from '../auth/permissions/permissions.decorator'; +import { Permission } from '../auth/permissions/permissions.enum'; +import { AuditLog } from '../modules/audit/audit.interceptor'; + +@ApiTags('users') +@ApiBearerAuth('JWT-auth') +@Controller('users') +export class UsersController { + constructor(private readonly usersService: UsersService) {} + + @Get('me') + @ApiOperation({ summary: 'Get current user profile' }) + @ApiResponse({ + status: 200, + description: 'Current user profile', + type: UserResponseDto, + }) + @ApiResponse({ status: 401, description: 'Unauthorized' }) + getMyProfile(@CurrentUser() user: JwtPayload) { + return this.usersService.getMyProfile(user.sub); + } + + @Put('me') + @RequirePermissions(Permission.USERS_UPDATE_SELF) + @AuditLog('User', 'UPDATE_PROFILE') + @ApiOperation({ summary: 'Update current user profile' }) + @ApiResponse({ + status: 200, + description: 'Profile updated successfully', + type: UserResponseDto, + }) + @ApiResponse({ status: 400, description: 'Bad request' }) + @ApiResponse({ status: 401, description: 'Unauthorized' }) + updateMyProfile( + @CurrentUser() user: JwtPayload, + @Body() updateDto: UpdateProfileDto, + ) { + return this.usersService.updateMyProfile(user.sub, updateDto); + } + + @Post() + @Roles('admin', 'hr-manager') + @ApiOperation({ summary: 'Create a new user' }) + @ApiResponse({ + status: 201, + description: 'User created successfully', + type: UserResponseDto, + }) + @ApiResponse({ status: 400, description: 'Bad request' }) + @ApiResponse({ status: 401, description: 'Unauthorized' }) + @ApiResponse({ status: 403, description: 'Forbidden' }) + @ApiResponse({ status: 409, description: 'User already exists' }) + create(@Body() createUserDto: CreateUserDto) { + return this.usersService.create(createUserDto); + } + + @Get() + @ApiOperation({ summary: 'Get all users with pagination and filtering' }) + @ApiResponse({ + status: 200, + description: 'List of users', + }) + @ApiResponse({ status: 401, description: 'Unauthorized' }) + findAll(@Query() query: QueryUsersDto) { + return this.usersService.findAll(query); + } + + @Get(':id') + @ApiOperation({ summary: 'Get a user by ID' }) + @ApiParam({ name: 'id', description: 'User ID' }) + @ApiResponse({ + status: 200, + description: 'User found', + type: UserResponseDto, + }) + @ApiResponse({ status: 401, description: 'Unauthorized' }) + @ApiResponse({ status: 404, description: 'User not found' }) + findOne(@Param('id') id: string) { + return this.usersService.findOne(id); + } + + @Get('email/:email') + @ApiOperation({ summary: 'Get a user by email' }) + @ApiParam({ name: 'email', description: 'User email address' }) + @ApiResponse({ + status: 200, + description: 'User found', + type: UserResponseDto, + }) + @ApiResponse({ status: 401, description: 'Unauthorized' }) + @ApiResponse({ status: 404, description: 'User not found' }) + findByEmail(@Param('email') email: string) { + return this.usersService.findByEmail(email); + } + + @Patch(':id') + @Roles('admin', 'hr-manager') + @ApiOperation({ summary: 'Update a user' }) + @ApiParam({ name: 'id', description: 'User ID' }) + @ApiResponse({ + status: 200, + description: 'User updated successfully', + type: UserResponseDto, + }) + @ApiResponse({ status: 400, description: 'Bad request' }) + @ApiResponse({ status: 401, description: 'Unauthorized' }) + @ApiResponse({ status: 403, description: 'Forbidden' }) + @ApiResponse({ status: 404, description: 'User not found' }) + @ApiResponse({ status: 409, description: 'Email already in use' }) + update(@Param('id') id: string, @Body() updateUserDto: UpdateUserDto) { + return this.usersService.update(id, updateUserDto); + } + + @Delete(':id') + @Roles('admin') + @HttpCode(HttpStatus.OK) + @ApiOperation({ summary: 'Deactivate a user (soft delete)' }) + @ApiParam({ name: 'id', description: 'User ID' }) + @ApiResponse({ + status: 200, + description: 'User deactivated successfully', + type: UserResponseDto, + }) + @ApiResponse({ status: 401, description: 'Unauthorized' }) + @ApiResponse({ status: 403, description: 'Forbidden' }) + @ApiResponse({ status: 404, description: 'User not found' }) + remove(@Param('id') id: string) { + return this.usersService.remove(id); + } + + @Delete(':id/permanent') + @Roles('admin') + @HttpCode(HttpStatus.NO_CONTENT) + @ApiOperation({ summary: 'Permanently delete a user' }) + @ApiParam({ name: 'id', description: 'User ID' }) + @ApiResponse({ status: 204, description: 'User deleted permanently' }) + @ApiResponse({ status: 400, description: 'Cannot delete user with employee data' }) + @ApiResponse({ status: 401, description: 'Unauthorized' }) + @ApiResponse({ status: 403, description: 'Forbidden' }) + @ApiResponse({ status: 404, description: 'User not found' }) + hardDelete(@Param('id') id: string) { + return this.usersService.hardDelete(id); + } + + @Patch(':id/reactivate') + @Roles('admin', 'hr-manager') + @ApiOperation({ summary: 'Reactivate a deactivated user' }) + @ApiParam({ name: 'id', description: 'User ID' }) + @ApiResponse({ + status: 200, + description: 'User reactivated successfully', + type: UserResponseDto, + }) + @ApiResponse({ status: 400, description: 'User is already active' }) + @ApiResponse({ status: 401, description: 'Unauthorized' }) + @ApiResponse({ status: 403, description: 'Forbidden' }) + @ApiResponse({ status: 404, description: 'User not found' }) + reactivate(@Param('id') id: string) { + return this.usersService.reactivate(id); + } + + @Patch(':id/roles') + @Roles('admin') + @RequirePermissions(Permission.USERS_MANAGE_ROLES) + @AuditLog('User', 'ASSIGN_ROLES') + @ApiOperation({ summary: 'Assign roles to a user' }) + @ApiParam({ name: 'id', description: 'User ID' }) + @ApiResponse({ + status: 200, + description: 'Roles assigned successfully', + type: UserResponseDto, + }) + @ApiResponse({ status: 400, description: 'One or more roles not found' }) + @ApiResponse({ status: 401, description: 'Unauthorized' }) + @ApiResponse({ status: 403, description: 'Forbidden' }) + @ApiResponse({ status: 404, description: 'User not found' }) + assignRoles(@Param('id') id: string, @Body() assignRolesDto: AssignRolesDto) { + return this.usersService.assignRoles(id, assignRolesDto.roleIds); + } + + @Get(':id/activity') + @Roles('admin', 'hr-manager') + @RequirePermissions(Permission.AUDIT_VIEW) + @ApiOperation({ summary: 'Get audit log for a user' }) + @ApiParam({ name: 'id', description: 'User ID' }) + @ApiQuery({ name: 'page', required: false, type: Number }) + @ApiQuery({ name: 'limit', required: false, type: Number }) + @ApiResponse({ + status: 200, + description: 'User activity log', + }) + @ApiResponse({ status: 401, description: 'Unauthorized' }) + @ApiResponse({ status: 403, description: 'Forbidden' }) + @ApiResponse({ status: 404, description: 'User not found' }) + getUserActivity( + @Param('id') id: string, + @Query('page') page?: number, + @Query('limit') limit?: number, + ) { + return this.usersService.getUserActivity(id, { page, limit }); + } +} diff --git a/apps/api/src/users/users.module.ts b/apps/api/src/users/users.module.ts new file mode 100644 index 0000000..276e9b6 --- /dev/null +++ b/apps/api/src/users/users.module.ts @@ -0,0 +1,10 @@ +import { Module } from '@nestjs/common'; +import { UsersService } from './users.service'; +import { UsersController } from './users.controller'; + +@Module({ + controllers: [UsersController], + providers: [UsersService], + exports: [UsersService], +}) +export class UsersModule {} diff --git a/apps/api/src/users/users.service.ts b/apps/api/src/users/users.service.ts new file mode 100644 index 0000000..3ad74a7 --- /dev/null +++ b/apps/api/src/users/users.service.ts @@ -0,0 +1,425 @@ +import { + Injectable, + NotFoundException, + ConflictException, + BadRequestException, +} from '@nestjs/common'; +import { PrismaService } from '../prisma/prisma.service'; +import { CreateUserDto } from './dto/create-user.dto'; +import { UpdateUserDto } from './dto/update-user.dto'; +import { UpdateProfileDto } from './dto/update-profile.dto'; +import { QueryUsersDto } from './dto/query-users.dto'; +import { Prisma } from '@prisma/client'; + +@Injectable() +export class UsersService { + constructor(private readonly prisma: PrismaService) {} + + /** + * Create a new user + */ + async create(createUserDto: CreateUserDto) { + const { roleIds, ...userData } = createUserDto; + + // Check if email already exists + const existingUser = await this.prisma.user.findUnique({ + where: { email: userData.email }, + }); + + if (existingUser) { + throw new ConflictException('User with this email already exists'); + } + + // Check if keycloakId already exists (if provided) + if (userData.keycloakId) { + const existingKeycloakUser = await this.prisma.user.findUnique({ + where: { keycloakId: userData.keycloakId }, + }); + + if (existingKeycloakUser) { + throw new ConflictException('User with this Keycloak ID already exists'); + } + } + + return this.prisma.user.create({ + data: { + ...userData, + roles: roleIds + ? { + create: roleIds.map((roleId) => ({ + role: { connect: { id: roleId } }, + })), + } + : undefined, + }, + include: { + roles: { + include: { + role: true, + }, + }, + department: true, + }, + }); + } + + /** + * Find all users with optional filtering and pagination + */ + async findAll(query: QueryUsersDto) { + const { page = 1, limit = 20, search, departmentId, isActive, sortBy, sortOrder } = query; + + const skip = (page - 1) * limit; + + const where: Prisma.UserWhereInput = { + ...(search && { + OR: [ + { email: { contains: search, mode: 'insensitive' } }, + { firstName: { contains: search, mode: 'insensitive' } }, + { lastName: { contains: search, mode: 'insensitive' } }, + ], + }), + ...(departmentId && { departmentId }), + ...(isActive !== undefined && { isActive }), + }; + + const orderBy: Prisma.UserOrderByWithRelationInput = sortBy + ? { [sortBy]: sortOrder || 'asc' } + : { createdAt: 'desc' }; + + const [users, total] = await Promise.all([ + this.prisma.user.findMany({ + where, + skip, + take: limit, + orderBy, + include: { + roles: { + include: { + role: true, + }, + }, + department: true, + }, + }), + this.prisma.user.count({ where }), + ]); + + return { + data: users, + meta: { + total, + page, + limit, + totalPages: Math.ceil(total / limit), + }, + }; + } + + /** + * Find a single user by ID + */ + async findOne(id: string) { + const user = await this.prisma.user.findUnique({ + where: { id }, + include: { + roles: { + include: { + role: true, + }, + }, + department: true, + employee: true, + }, + }); + + if (!user) { + throw new NotFoundException(`User with ID ${id} not found`); + } + + return user; + } + + /** + * Find a user by email + */ + async findByEmail(email: string) { + const user = await this.prisma.user.findUnique({ + where: { email }, + include: { + roles: { + include: { + role: true, + }, + }, + department: true, + }, + }); + + if (!user) { + throw new NotFoundException(`User with email ${email} not found`); + } + + return user; + } + + /** + * Find a user by Keycloak ID + */ + async findByKeycloakId(keycloakId: string) { + const user = await this.prisma.user.findUnique({ + where: { keycloakId }, + include: { + roles: { + include: { + role: true, + }, + }, + department: true, + }, + }); + + if (!user) { + throw new NotFoundException(`User with Keycloak ID ${keycloakId} not found`); + } + + return user; + } + + /** + * Update a user + */ + async update(id: string, updateUserDto: UpdateUserDto) { + const { roleIds, ...userData } = updateUserDto; + + // Check if user exists + await this.findOne(id); + + // Check email uniqueness if updating email + if (userData.email) { + const existingUser = await this.prisma.user.findFirst({ + where: { + email: userData.email, + id: { not: id }, + }, + }); + + if (existingUser) { + throw new ConflictException('User with this email already exists'); + } + } + + // Update user with role management + return this.prisma.user.update({ + where: { id }, + data: { + ...userData, + ...(roleIds && { + roles: { + deleteMany: {}, + create: roleIds.map((roleId) => ({ + role: { connect: { id: roleId } }, + })), + }, + }), + }, + include: { + roles: { + include: { + role: true, + }, + }, + department: true, + }, + }); + } + + /** + * Delete a user (soft delete by deactivating) + */ + async remove(id: string) { + await this.findOne(id); + + return this.prisma.user.update({ + where: { id }, + data: { isActive: false }, + include: { + roles: { + include: { + role: true, + }, + }, + department: true, + }, + }); + } + + /** + * Permanently delete a user (hard delete) + */ + async hardDelete(id: string) { + await this.findOne(id); + + // Check if user has related data + const hasEmployee = await this.prisma.employee.findUnique({ + where: { userId: id }, + }); + + if (hasEmployee) { + throw new BadRequestException( + 'Cannot delete user with employee data. Deactivate instead.', + ); + } + + return this.prisma.user.delete({ + where: { id }, + }); + } + + /** + * Reactivate a deactivated user + */ + async reactivate(id: string) { + const user = await this.findOne(id); + + if (user.isActive) { + throw new BadRequestException('User is already active'); + } + + return this.prisma.user.update({ + where: { id }, + data: { isActive: true }, + include: { + roles: { + include: { + role: true, + }, + }, + department: true, + }, + }); + } + + /** + * Assign roles to a user + */ + async assignRoles(id: string, roleIds: string[]) { + await this.findOne(id); + + // Validate all roles exist + const roles = await this.prisma.role.findMany({ + where: { id: { in: roleIds } }, + }); + + if (roles.length !== roleIds.length) { + throw new BadRequestException('One or more roles not found'); + } + + // Remove existing roles and add new ones + await this.prisma.userRole.deleteMany({ + where: { userId: id }, + }); + + return this.prisma.user.update({ + where: { id }, + data: { + roles: { + create: roleIds.map((roleId) => ({ + role: { connect: { id: roleId } }, + })), + }, + }, + include: { + roles: { + include: { + role: true, + }, + }, + department: true, + }, + }); + } + + /** + * Get current user's profile + */ + async getMyProfile(userId: string) { + const user = await this.prisma.user.findUnique({ + where: { id: userId }, + include: { + roles: { + include: { + role: true, + }, + }, + department: true, + employee: true, + preferences: true, + }, + }); + + if (!user) { + throw new NotFoundException(`User with ID ${userId} not found`); + } + + return user; + } + + /** + * Update current user's profile (limited fields) + */ + async updateMyProfile(userId: string, updateDto: UpdateProfileDto) { + await this.findOne(userId); + + return this.prisma.user.update({ + where: { id: userId }, + data: { + ...(updateDto.firstName && { firstName: updateDto.firstName }), + ...(updateDto.lastName && { lastName: updateDto.lastName }), + ...(updateDto.avatar !== undefined && { avatar: updateDto.avatar }), + }, + include: { + roles: { + include: { + role: true, + }, + }, + department: true, + employee: true, + }, + }); + } + + /** + * Get user activity (audit logs) + */ + async getUserActivity( + userId: string, + pagination: { page?: number; limit?: number } = {}, + ) { + await this.findOne(userId); + + const { page = 1, limit = 20 } = pagination; + const skip = (page - 1) * limit; + + const [logs, total] = await Promise.all([ + this.prisma.auditLog.findMany({ + where: { userId }, + skip, + take: limit, + orderBy: { createdAt: 'desc' }, + }), + this.prisma.auditLog.count({ where: { userId } }), + ]); + + return { + data: logs, + meta: { + total, + page, + limit, + totalPages: Math.ceil(total / limit), + }, + }; + } +} diff --git a/apps/api/test/app.e2e-spec.ts b/apps/api/test/app.e2e-spec.ts new file mode 100644 index 0000000..6c7a03d --- /dev/null +++ b/apps/api/test/app.e2e-spec.ts @@ -0,0 +1,49 @@ +import { Test, TestingModule } from '@nestjs/testing'; +import { INestApplication, ValidationPipe } from '@nestjs/common'; +import * as request from 'supertest'; +import { AppModule } from '../src/app.module'; + +describe('AppController (e2e)', () => { + let app: INestApplication; + + beforeEach(async () => { + const moduleFixture: TestingModule = await Test.createTestingModule({ + imports: [AppModule], + }).compile(); + + app = moduleFixture.createNestApplication(); + app.useGlobalPipes( + new ValidationPipe({ + whitelist: true, + forbidNonWhitelisted: true, + transform: true, + }), + ); + await app.init(); + }); + + afterEach(async () => { + await app.close(); + }); + + describe('/api/v1/health (GET)', () => { + it('should return health status', () => { + return request(app.getHttpServer()) + .get('/api/v1/health') + .expect(200) + .expect((res) => { + expect(res.body).toHaveProperty('status'); + }); + }); + + it('should return liveness status', () => { + return request(app.getHttpServer()) + .get('/api/v1/health/liveness') + .expect(200) + .expect((res) => { + expect(res.body).toHaveProperty('status', 'ok'); + expect(res.body).toHaveProperty('timestamp'); + }); + }); + }); +}); diff --git a/apps/api/test/jest-e2e.json b/apps/api/test/jest-e2e.json new file mode 100644 index 0000000..11e9b9a --- /dev/null +++ b/apps/api/test/jest-e2e.json @@ -0,0 +1,12 @@ +{ + "moduleFileExtensions": ["js", "json", "ts"], + "rootDir": ".", + "testEnvironment": "node", + "testRegex": ".e2e-spec.ts$", + "transform": { + "^.+\\.(t|j)s$": "ts-jest" + }, + "moduleNameMapper": { + "^@/(.*)$": "/../src/$1" + } +} diff --git a/apps/api/tsconfig.build.json b/apps/api/tsconfig.build.json new file mode 100644 index 0000000..64f86c6 --- /dev/null +++ b/apps/api/tsconfig.build.json @@ -0,0 +1,4 @@ +{ + "extends": "./tsconfig.json", + "exclude": ["node_modules", "test", "dist", "**/*spec.ts"] +} diff --git a/apps/api/tsconfig.json b/apps/api/tsconfig.json new file mode 100644 index 0000000..e000263 --- /dev/null +++ b/apps/api/tsconfig.json @@ -0,0 +1,33 @@ +{ + "compilerOptions": { + "module": "commonjs", + "declaration": true, + "removeComments": true, + "emitDecoratorMetadata": true, + "experimentalDecorators": true, + "allowSyntheticDefaultImports": true, + "target": "ES2021", + "sourceMap": true, + "outDir": "./dist", + "baseUrl": "./", + "incremental": true, + "skipLibCheck": true, + "strict": true, + "strictNullChecks": true, + "strictPropertyInitialization": false, + "noImplicitAny": true, + "strictBindCallApply": true, + "forceConsistentCasingInFileNames": true, + "noFallthroughCasesInSwitch": true, + "paths": { + "@/*": ["src/*"] + }, + "resolveJsonModule": true, + "esModuleInterop": true + }, + "include": ["src/**/*"], + "exclude": [ + "node_modules", + "dist" + ] +} diff --git a/apps/web/.env.example b/apps/web/.env.example new file mode 100644 index 0000000..b019485 --- /dev/null +++ b/apps/web/.env.example @@ -0,0 +1,14 @@ +# App +NEXT_PUBLIC_APP_URL=http://localhost:3000 + +# API +NEXT_PUBLIC_API_URL=http://localhost:3001/api + +# NextAuth +NEXTAUTH_URL=http://localhost:3000 +NEXTAUTH_SECRET=your-super-secret-key-change-in-production + +# Keycloak (must match realm-export.json client "tos-frontend") +KEYCLOAK_CLIENT_ID=tos-frontend +KEYCLOAK_CLIENT_SECRET=your-keycloak-frontend-client-secret +KEYCLOAK_ISSUER=http://localhost:8080/realms/tOS diff --git a/apps/web/.eslintrc.json b/apps/web/.eslintrc.json new file mode 100644 index 0000000..d72415f --- /dev/null +++ b/apps/web/.eslintrc.json @@ -0,0 +1,14 @@ +{ + "extends": ["next/core-web-vitals"], + "rules": { + "@typescript-eslint/no-unused-vars": [ + "warn", + { + "argsIgnorePattern": "^_", + "varsIgnorePattern": "^_" + } + ], + "prefer-const": "error", + "no-console": ["warn", { "allow": ["warn", "error"] }] + } +} diff --git a/apps/web/.gitignore b/apps/web/.gitignore new file mode 100644 index 0000000..d2725f4 --- /dev/null +++ b/apps/web/.gitignore @@ -0,0 +1,48 @@ +# Dependencies +node_modules +.pnp +.pnp.js + +# Testing +coverage + +# Next.js +.next/ +out/ +build + +# Production +dist + +# Misc +.DS_Store +*.pem + +# Debug +npm-debug.log* +yarn-debug.log* +yarn-error.log* +.pnpm-debug.log* + +# Local env files +.env +.env.local +.env.development.local +.env.test.local +.env.production.local + +# Vercel +.vercel + +# TypeScript +*.tsbuildinfo +next-env.d.ts + +# IDE +.idea +.vscode +*.swp +*.swo + +# Turbo +.turbo diff --git a/apps/web/components.json b/apps/web/components.json new file mode 100644 index 0000000..ef81cb0 --- /dev/null +++ b/apps/web/components.json @@ -0,0 +1,20 @@ +{ + "$schema": "https://ui.shadcn.com/schema.json", + "style": "new-york", + "rsc": true, + "tsx": true, + "tailwind": { + "config": "tailwind.config.ts", + "css": "src/styles/globals.css", + "baseColor": "zinc", + "cssVariables": true, + "prefix": "" + }, + "aliases": { + "components": "@/components", + "utils": "@/lib/utils", + "ui": "@/components/ui", + "lib": "@/lib", + "hooks": "@/hooks" + } +} diff --git a/apps/web/messages/de.json b/apps/web/messages/de.json new file mode 100644 index 0000000..6b34eaf --- /dev/null +++ b/apps/web/messages/de.json @@ -0,0 +1,1052 @@ +{ + "common": { + "save": "Speichern", + "cancel": "Abbrechen", + "delete": "Loeschen", + "edit": "Bearbeiten", + "create": "Erstellen", + "search": "Suchen", + "filter": "Filtern", + "loading": "Wird geladen...", + "error": "Ein Fehler ist aufgetreten", + "success": "Erfolgreich", + "confirm": "Bestaetigen", + "back": "Zurueck", + "next": "Weiter", + "close": "Schliessen", + "yes": "Ja", + "no": "Nein", + "all": "Alle", + "none": "Keine", + "select": "Auswaehlen", + "submit": "Absenden", + "reset": "Zuruecksetzen", + "refresh": "Aktualisieren", + "export": "Exportieren", + "import": "Importieren", + "download": "Herunterladen", + "upload": "Hochladen", + "actions": "Aktionen", + "openMenu": "Menue oeffnen", + "retry": "Erneut versuchen", + "noData": "Keine Daten verfuegbar", + "noResults": "Keine Ergebnisse gefunden.", + "loadingError": "Fehler beim Laden", + "columns": "Spalten", + "rowsPerPage": "Zeilen pro Seite", + "page": "Seite", + "of": "von", + "rowsSelected": "{selected} von {total} Zeile(n) ausgewaehlt.", + "completed": "Abgeschlossen", + "cancelled": "Abgebrochen", + "inProgress": "In Bearbeitung", + "notStarted": "Nicht gestartet", + "problem": "Problem", + "noRolesAssigned": "Keine Rollen zugewiesen" + }, + "auth": { + "login": "Anmelden", + "logout": "Abmelden", + "loginTitle": "Willkommen bei tOS", + "loginSubtitle": "Melden Sie sich mit Ihrem Unternehmenskonto an", + "loginButton": "Mit Keycloak anmelden", + "loggingIn": "Anmeldung laeuft...", + "logoutButton": "Abmelden", + "sessionExpired": "Ihre Sitzung ist abgelaufen. Bitte melden Sie sich erneut an.", + "unauthorized": "Sie haben keine Berechtigung fuer diese Aktion." + }, + "navigation": { + "dashboard": "Dashboard", + "lean": "LEAN", + "hr": "Personal", + "integrations": "Integrationen", + "admin": "Administration", + "settings": "Einstellungen", + "profile": "Profil", + "help": "Hilfe", + "s3Planning": "3S-Planung", + "morningMeeting": "Morning Meeting", + "skillMatrix": "Skill-Matrix", + "employees": "Mitarbeiter", + "timeTracking": "Zeiterfassung", + "absences": "Abwesenheiten", + "orgChart": "Organigramm", + "onboarding": "Onboarding", + "reviews": "Mitarbeitergespraeche", + "users": "Benutzer", + "departments": "Abteilungen", + "overview": "Uebersicht", + "plentyOne": "PlentyONE", + "zulip": "ZULIP" + }, + "dashboard": { + "title": "Dashboard", + "welcome": "Willkommen, {name}!", + "welcomeBack": "Willkommen zurueck, {name}!", + "overview": "Ihre persoenliche Uebersicht", + "quickActions": "Schnellzugriff", + "recentActivity": "Letzte Aktivitaeten", + "notifications": "Benachrichtigungen", + "noNotifications": "Keine neuen Benachrichtigungen", + "todaysTasks": "Heutige Aufgaben", + "upcomingEvents": "Anstehende Termine", + "reset": "Zuruecksetzen", + "done": "Fertig", + "customize": "Anpassen", + "editModeActive": "Bearbeitungsmodus aktiv:", + "editModeDescription": "Ziehen Sie Widgets, um sie neu anzuordnen. Klicken Sie auf das X, um ein Widget zu entfernen." + }, + "widgets": { + "addWidget": "Widget hinzufuegen", + "addWidgetTitle": "Widget hinzufuegen", + "addWidgetDescription": "Waehlen Sie ein Widget aus, um es zu Ihrem Dashboard hinzuzufuegen", + "searchWidgets": "Widgets durchsuchen...", + "noWidgetsFound": "Keine Widgets gefunden", + "alreadyAdded": "Bereits hinzugefuegt", + "categories": { + "all": "Alle", + "general": "Allgemein", + "productivity": "Produktivitaet", + "analytics": "Analysen", + "communication": "Kommunikation", + "integrations": "Integrationen" + }, + "clock": { + "name": "Uhr", + "description": "Zeigt die aktuelle Uhrzeit und das Datum an" + }, + "welcome": { + "name": "Willkommen", + "description": "Persoenliche Begruessung mit Benutzerinformationen", + "goodMorning": "Guten Morgen", + "goodAfternoon": "Guten Tag", + "goodEvening": "Guten Abend", + "goodNight": "Gute Nacht", + "subtitle": "Was moechten Sie heute erledigen?" + }, + "quickActions": { + "name": "Schnellaktionen", + "description": "Schnellzugriff auf haeufige Aktionen", + "clockIn": "Einstempeln", + "requestVacation": "Urlaub beantragen", + "scheduleMeeting": "Meeting planen", + "createDocument": "Dokument erstellen" + }, + "stats": { + "name": "Statistiken", + "description": "Wichtige Kennzahlen auf einen Blick", + "presentToday": "Anwesend heute", + "openTasks": "Offene Aufgaben", + "upcomingMeetings": "Anstehende Termine", + "openTickets": "Offene Tickets", + "trendPresentToday": "+3 seit gestern", + "trendOpenTasks": "5 mit hoher Prioritaet", + "trendUpcomingMeetings": "Diese Woche", + "trendOpenTickets": "-5 im Vergleich zu gestern" + }, + "calendar": { + "name": "Kalender", + "description": "Mini-Kalender mit Terminen" + }, + "activity": { + "name": "Aktivitaeten", + "description": "Letzte Aktivitaeten und Ereignisse", + "noActivity": "Keine aktuellen Aktivitaeten" + }, + "notifications": { + "name": "Benachrichtigungen", + "description": "Aktuelle Benachrichtigungen" + }, + "tasks": { + "name": "Aufgaben", + "description": "Ihre aktuellen Aufgaben" + }, + "orders": { + "name": "Bestellungen", + "description": "Letzte PlentyONE Bestellungen", + "noOrders": "Keine Bestellungen vorhanden", + "viewAll": "Alle Bestellungen", + "viewDetails": "Details anzeigen", + "markShipped": "Als versendet markieren", + "error": "Fehler beim Laden der Bestellungen", + "status": { + "new": "Neu", + "processing": "In Bearbeitung", + "shipped": "Versendet", + "delivered": "Zugestellt", + "cancelled": "Storniert", + "returned": "Retoure" + } + }, + "chat": { + "name": "Chat", + "description": "ZULIP Nachrichten und Streams", + "noMessages": "Keine Nachrichten vorhanden", + "viewAll": "Alle Nachrichten", + "reply": "Antworten", + "replyPlaceholder": "Nachricht eingeben..." + }, + "todoistTasks": { + "name": "Todoist Aufgaben", + "description": "Heute faellige Aufgaben aus Todoist", + "noTasks": "Keine Aufgaben fuer heute", + "addTask": "Aufgabe hinzufuegen", + "add": "Hinzufuegen", + "newTaskPlaceholder": "Neue Aufgabe eingeben...", + "viewAll": "Alle Aufgaben" + }, + "tickets": { + "name": "Support-Tickets", + "description": "Offene FreeScout Tickets", + "noTickets": "Keine Tickets vorhanden", + "viewAll": "Alle Tickets", + "viewTicket": "Ticket anzeigen", + "reply": "Antworten", + "assign": "Zuweisen", + "filterStatus": "Status filtern", + "status": { + "all": "Alle", + "open": "Offen", + "pending": "Wartend", + "resolved": "Geloest", + "closed": "Geschlossen" + }, + "priority": { + "urgent": "Dringend", + "high": "Hoch", + "medium": "Mittel", + "low": "Niedrig" + } + }, + "files": { + "name": "Dateien", + "description": "Zuletzt geaenderte Nextcloud Dateien", + "noFiles": "Keine Dateien vorhanden", + "download": "Herunterladen", + "openNextcloud": "In Nextcloud oeffnen" + }, + "documents": { + "name": "Dokumente", + "description": "ecoDMS Dokumentenarchiv", + "noDocuments": "Keine Dokumente vorhanden", + "noResults": "Keine Ergebnisse gefunden", + "download": "Herunterladen", + "openEcoDms": "In ecoDMS oeffnen", + "searchPlaceholder": "Dokumente suchen..." + }, + "gembadocs": { + "name": "GembaDocs", + "description": "Audits, Findings und Compliance-Status", + "upcomingAudits": "Kommende Audits", + "noAudits": "Keine Audits geplant", + "openFindings": "Offene Findings", + "complianceScore": "Compliance Score", + "severity": { + "critical": "Kritisch", + "high": "Hoch", + "medium": "Mittel", + "low": "Niedrig" + }, + "auditType": { + "internal": "Intern", + "external": "Extern", + "certification": "Zertifizierung" + }, + "daysLeft": "{days} Tage", + "today": "Heute", + "tomorrow": "Morgen", + "viewAll": "Alle Audits anzeigen", + "openGembaDocs": "In GembaDocs oeffnen" + }, + "noWidgets": "Keine Widgets vorhanden", + "noWidgetsDescription": "Fuegen Sie Widgets hinzu, um Ihr Dashboard zu personalisieren.", + "addWidgetButton": "Widget hinzufuegen", + "settings": "Einstellungen", + "remove": "Entfernen" + }, + "hr": { + "title": "Personalverwaltung", + "description": "Verwalten Sie Mitarbeiter, Zeiterfassung und Abwesenheiten", + "employee": "Mitarbeiter", + "newEmployee": "Neuer Mitarbeiter", + "createEmployee": "Mitarbeiter anlegen", + "timeTracking": { + "title": "Zeiterfassung", + "description": "Erfassen Sie Ihre Arbeitszeiten und verwalten Sie Ihr Zeitkonto", + "noData": "Keine Zeitdaten vorhanden", + "noDataDesc": "Es wurden noch keine Arbeitszeiten erfasst.", + "clockIn": "Einstempeln", + "clockOut": "Ausstempeln", + "startBreak": "Pause beginnen", + "endBreak": "Pause beenden", + "working": "Anwesend", + "onBreak": "In Pause", + "notWorking": "Nicht angemeldet", + "workDuration": "Arbeitszeit heute", + "since": "seit", + "todayWorked": "Heute gearbeitet", + "todayBreak": "Pause heute", + "clockedIn": "Eingestempelt", + "clockedInDesc": "Sie haben sich erfolgreich eingestempelt.", + "clockedOut": "Ausgestempelt", + "clockedOutDesc": "Sie haben sich erfolgreich ausgestempelt.", + "breakStarted": "Pause gestartet", + "breakStartedDesc": "Gute Erholung!", + "breakEnded": "Pause beendet", + "breakEndedDesc": "Willkommen zurueck!", + "errorClockIn": "Fehler beim Einstempeln", + "errorClockOut": "Fehler beim Ausstempeln", + "errorBreakStart": "Fehler beim Starten der Pause", + "errorBreakEnd": "Fehler beim Beenden der Pause", + "errorLoading": "Fehler beim Laden der Zeiterfassung", + "recentEntries": "Letzte Eintraege", + "recentEntriesDesc": "Ihre Arbeitszeiten der letzten Tage", + "entries": "Eintraege", + "summary": "Uebersicht", + "noEntries": "Keine Eintraege vorhanden", + "errorLoadingEntries": "Fehler beim Laden der Eintraege", + "break": "Pause", + "overtime": "Ueberstunden", + "corrected": "Korrigiert", + "pendingApproval": "Pruefung ausstehend", + "requestCorrection": "Korrektur beantragen", + "date": "Datum", + "reason": "Begruendung", + "reasonPlaceholder": "Bitte geben Sie eine Begruendung fuer die Korrektur an...", + "noteRequired": "Eine Begruendung ist erforderlich", + "correctionSubmitted": "Korrekturantrag gesendet", + "correctionSubmittedDesc": "Ihr Antrag wird geprueft.", + "errorSubmitCorrection": "Fehler beim Senden des Korrekturantrags", + "requestCorrectionDesc": "Beantragen Sie eine Korrektur fuer fehlerhafte Zeiteintraege", + "breakStart": "Pausenbeginn", + "breakEnd": "Pausenende", + "monthlySummary": "Monatsuebersicht", + "progress": "Fortschritt", + "worked": "gearbeitet", + "target": "Soll", + "balance": "Saldo", + "totalHours": "Gesamt", + "workDays": "Arbeitstage", + "absencesThisMonth": "Abwesenheiten diesen Monat", + "sickDays": "Krankheitstage", + "vacationDays": "Urlaubstage", + "errorLoadingSummary": "Fehler beim Laden der Uebersicht", + "timeAccount": "Zeitkonto" + }, + "absences": { + "title": "Abwesenheiten", + "description": "Verwalten Sie Ihre Urlaubs- und Abwesenheitsantraege", + "noData": "Keine Abwesenheiten vorhanden", + "noDataDesc": "Es wurden noch keine Abwesenheiten erfasst.", + "vacationBalance": "Urlaubskonto", + "daysRemaining": "Tage verbleibend", + "used": "genommen", + "pending": "beantragt", + "available": "verfuegbar", + "totalEntitlement": "Anspruch", + "taken": "Genommen", + "planned": "Geplant", + "carriedOver": "Resturlaub Vorjahr", + "days": "Tage", + "day": "Tag", + "total": "Gesamt", + "expirationWarning": "Resturlaub verfaellt", + "expirationWarningDesc": "{days} Tage Resturlaub verfallen am {date}", + "errorLoadingBalance": "Fehler beim Laden des Urlaubskontos", + "myRequests": "Meine Antraege", + "myRequestsDesc": "Alle Ihre Abwesenheitsantraege", + "teamCalendar": "Teamkalender", + "teamCalendarDesc": "Uebersicht aller Teamabwesenheiten", + "approvals": "Genehmigungen", + "newRequest": "Neuer Antrag", + "newRequestDesc": "Erstellen Sie einen neuen Abwesenheitsantrag", + "createFirstRequest": "Ersten Antrag erstellen", + "noRequests": "Keine Antraege vorhanden", + "errorLoadingRequests": "Fehler beim Laden der Antraege", + "errorLoadingCalendar": "Fehler beim Laden des Kalenders", + "type": "Art", + "selectType": "Art auswaehlen", + "startDate": "Von", + "endDate": "Bis", + "halfDay": "Halber Tag", + "selectPeriod": "Tageshaelfte auswaehlen", + "morning": "Vormittag", + "afternoon": "Nachmittag", + "note": "Notiz", + "notePlaceholder": "Optionale Notiz zum Antrag...", + "fillRequiredFields": "Bitte fuellen Sie alle Pflichtfelder aus", + "invalidDateRange": "Das Enddatum muss nach dem Startdatum liegen", + "submitRequest": "Antrag absenden", + "requestSubmitted": "Antrag gesendet", + "requestSubmittedDesc": "Ihr Antrag wurde zur Genehmigung eingereicht.", + "errorSubmitRequest": "Fehler beim Senden des Antrags", + "cancel": "Stornieren", + "cancelled": "Antrag storniert", + "cancelledDesc": "Ihr Antrag wurde storniert.", + "errorCancel": "Fehler beim Stornieren des Antrags", + "rejectionReason": "Ablehnungsgrund", + "approvedBy": "Genehmigt von", + "pendingApprovals": "Offene Antraege", + "pendingApprovalsDesc": "Antraege zur Genehmigung", + "pendingApprovalsManagerDesc": "Genehmigen oder lehnen Sie Antraege Ihrer Mitarbeiter ab", + "approve": "Genehmigen", + "reject": "Ablehnen", + "approved": "Genehmigt", + "approvedDesc": "Der Antrag wurde genehmigt.", + "rejected": "Abgelehnt", + "rejectedDesc": "Der Antrag wurde abgelehnt.", + "errorApprove": "Fehler beim Genehmigen", + "errorReject": "Fehler beim Ablehnen", + "rejectRequest": "Antrag ablehnen", + "rejectRequestDesc": "Geben Sie einen Grund fuer die Ablehnung an.", + "rejectionReasonPlaceholder": "Grund fuer die Ablehnung...", + "selectDepartment": "Abteilung auswaehlen", + "today": "Heute", + "overview": "Uebersicht", + "more": "weitere" + }, + "clockIn": "Einstempeln", + "clockOut": "Ausstempeln", + "breakStart": "Pause beginnen", + "breakEnd": "Pause beenden", + "currentlyWorking": "Aktuell anwesend", + "onBreak": "In Pause", + "totalHours": "Gesamtstunden", + "overtime": "Ueberstunden", + "overtimeBalance": "Ueberstundenkonto", + "vacation": "Urlaub", + "sick": "Krank", + "homeOffice": "Homeoffice", + "specialLeave": "Sonderurlaub", + "requestVacation": "Urlaub beantragen", + "vacationBalance": "Urlaubstage", + "vacationDaysTotal": "Urlaubstage gesamt", + "vacationDaysUsed": "Urlaubstage genommen", + "vacationDaysRemaining": "Urlaubstage verbleibend", + "vacationOverview": "Urlaubsuebersicht", + "daysUsed": "Tage genommen", + "remaining": "verbleibend", + "used": "genommen", + "pending": "ausstehend", + "absenceTypes": { + "vacation": "Urlaub", + "sick": "Krank", + "sickChild": "Kind krank", + "homeOffice": "Homeoffice", + "specialLeave": "Sonderurlaub", + "unpaidLeave": "Unbezahlter Urlaub", + "parentalLeave": "Elternzeit", + "businessTrip": "Dienstreise", + "training": "Weiterbildung", + "compensation": "Freizeitausgleich" + }, + "absenceStatus": { + "pending": "Ausstehend", + "approved": "Genehmigt", + "rejected": "Abgelehnt", + "cancelled": "Storniert" + }, + "timeStatus": { + "clockedIn": "Anwesend", + "onBreak": "In Pause", + "clockedOut": "Abgemeldet" + }, + "modules": { + "employees": { + "description": "Mitarbeiterstammdaten verwalten" + }, + "timeTracking": { + "description": "Arbeitszeiten erfassen und auswerten" + }, + "absences": { + "description": "Urlaub, Krankheit und andere Abwesenheiten" + }, + "orgChart": { + "description": "Organisationsstruktur visualisieren" + } + }, + "employees": { + "title": "Mitarbeiterliste", + "subtitle": "Alle Mitarbeiter im Ueberblick", + "description": "Mitarbeiterstammdaten verwalten", + "new": "Neuer Mitarbeiter", + "newSubtitle": "Fuellen Sie das Formular aus, um einen neuen Mitarbeiter anzulegen", + "newDescription": "Neuen Mitarbeiter anlegen", + "details": "Mitarbeiterdetails", + "detailsDescription": "Detaillierte Mitarbeiterinformationen" + }, + "stats": { + "totalEmployees": "Mitarbeiter gesamt", + "activeEmployees": "Aktive Mitarbeiter", + "onLeave": "Abwesend", + "departments": "Abteilungen", + "thisMonth": "diesen Monat", + "ofTotal": "vom Gesamt", + "currentlyAbsent": "aktuell abwesend", + "activeDepartments": "aktive Abteilungen" + }, + "employeeStatus": { + "active": "Aktiv", + "inactive": "Inaktiv", + "on_leave": "Abwesend", + "terminated": "Ausgeschieden" + }, + "contractType": { + "label": "Vertragsart", + "full_time": "Vollzeit", + "part_time": "Teilzeit", + "mini_job": "Minijob", + "trainee": "Auszubildender", + "intern": "Praktikant", + "freelance": "Freiberufler" + }, + "name": "Name", + "firstName": "Vorname", + "lastName": "Nachname", + "email": "E-Mail", + "phone": "Telefon", + "position": "Position", + "department": "Abteilung", + "manager": "Vorgesetzter", + "roles": "Rollen", + "status": "Status", + "hireDate": "Eintrittsdatum", + "terminationDate": "Austrittsdatum", + "weeklyHours": "Wochenstunden", + "weeklyTarget": "Wochensoll", + "employeeNumber": "Personalnummer", + "selectDepartment": "Abteilung auswaehlen", + "selectDate": "Datum auswaehlen", + "filterByStatus": "Nach Status filtern", + "filterByContract": "Nach Vertragsart filtern", + "searchEmployees": "Mitarbeiter suchen...", + "viewDetails": "Details anzeigen", + "terminate": "Kuendigen", + "reactivate": "Reaktivieren", + "confirmDelete": "Moechten Sie {name} wirklich kuendigen?", + "employeeNotFound": "Mitarbeiter nicht gefunden", + "employeeNotFoundDesc": "Der gesuchte Mitarbeiter existiert nicht.", + "backToList": "Zurueck zur Liste", + "noEmployeesFound": "Keine Mitarbeiter gefunden", + "departmentBreakdown": "Mitarbeiter pro Abteilung", + "departmentBreakdownDesc": "Verteilung der Mitarbeiter auf Abteilungen", + "noDepartments": "Keine Abteilungen vorhanden", + "address": "Adresse", + "street": "Strasse", + "city": "Stadt", + "zipCode": "PLZ", + "country": "Land", + "emergencyContact": "Notfallkontakt", + "emergencyName": "Name", + "emergencyPhone": "Telefon", + "emergencyRelationship": "Beziehung", + "employmentDetails": "Beschaeftigungsdaten", + "form": { + "personalInfo": "Persoenliche Daten", + "personalInfoDesc": "Grundlegende Informationen zum Mitarbeiter", + "employmentDetails": "Beschaeftigungsdaten", + "employmentDetailsDesc": "Vertragsdetails und Arbeitszeit", + "address": "Adresse", + "addressDesc": "Wohnanschrift des Mitarbeiters (optional)", + "emergencyContact": "Notfallkontakt", + "emergencyContactDesc": "Kontaktperson fuer Notfaelle (optional)" + }, + "tabs": { + "overview": "Uebersicht", + "timeAccount": "Zeitkonto", + "absences": "Abwesenheiten" + }, + "orgChart": { + "title": "Organigramm", + "subtitle": "Hierarchische Darstellung der Organisationsstruktur", + "description": "Organisationsstruktur visualisieren" + }, + "expandAll": "Alle ausklappen", + "collapseAll": "Alle einklappen", + "fullscreen": "Vollbild", + "exitFullscreen": "Vollbild beenden", + "directReports": "Direkte Mitarbeiter", + "errorLoadingOrgChart": "Fehler beim Laden des Organigramms", + "toast": { + "employeeCreated": "Mitarbeiter angelegt", + "employeeCreatedDesc": "Der Mitarbeiter wurde erfolgreich angelegt.", + "employeeUpdated": "Mitarbeiter aktualisiert", + "employeeUpdatedDesc": "Die Aenderungen wurden gespeichert.", + "employeeDeleted": "Mitarbeiter gekuendigt", + "employeeDeletedDesc": "Der Mitarbeiter wurde als ausgeschieden markiert.", + "errorCreate": "Fehler beim Anlegen des Mitarbeiters", + "errorUpdate": "Fehler beim Aktualisieren des Mitarbeiters", + "errorDelete": "Fehler beim Kuendigen des Mitarbeiters" + } + }, + "lean": { + "title": "LEAN Management", + "description": "Kontinuierliche Verbesserung und Shopfloor Management", + "modules": { + "s3-planning": { + "title": "3S-Planung", + "description": "Seiri, Seiton, Seiso - Sortieren, Systematisieren, Saeubern", + "status": "Aktiv" + }, + "morning-meeting": { + "title": "Morning Meeting", + "description": "Taegliche Shopfloor-Meetings mit SQCDM", + "status": "Aktiv" + }, + "skill-matrix": { + "title": "Skill Matrix", + "description": "Qualifikationsmanagement und Kompetenzentwicklung", + "status": "Aktiv" + } + }, + "stats": { + "s3Completion": "3S Erfuellung", + "meetingsThisWeek": "Meetings diese Woche", + "openActions": "Offene Massnahmen", + "skillCoverage": "Skill-Abdeckung" + }, + "s3": { + "title": "3S-Planung", + "seiri": "Seiri (Sortieren)", + "seiton": "Seiton (Systematisieren)", + "seiso": "Seiso (Saeubern)", + "week": "Woche", + "status": { + "not_started": "Nicht gestartet", + "in_progress": "In Bearbeitung", + "completed": "Abgeschlossen", + "issue": "Problem" + }, + "statusDescNotStarted": "Noch keine Aktivitaet", + "statusDescInProgress": "Arbeiten laufen", + "statusDescCompleted": "Erfolgreich erledigt", + "statusDescIssue": "Massnahme erforderlich", + "completedByAt": "Abgeschlossen von {name} am {date}", + "noDataAvailable": "Keine Daten verfuegbar", + "completionRate": "Abschlussrate", + "statusOverview": "3S Status-Uebersicht", + "done": "Fertig", + "working": "In Arbeit", + "problems": "Probleme", + "openStatus": "Offen", + "loadingError": "Fehler beim Laden der Plaene", + "noPlansFound": "Keine Plaene fuer den ausgewaehlten Zeitraum gefunden", + "overviewSubtitle": "Uebersicht aller Abteilungs-3S-Plaene", + "newPlan": "Neuer Plan", + "year": "Jahr", + "allMonths": "Alle Monate", + "totalCompletionRate": "Gesamt-Abschlussrate", + "ofEntries": "{count} von {total} Eintraegen", + "activePlans": "Aktive Plaene", + "entriesActive": "Eintraege aktiv", + "requireActions": "erfordern Massnahmen", + "departmentPlans": "Abteilungsplaene", + "percentCompleted": "{percent}% abgeschlossen", + "categories": "Kategorien", + "clickToEdit": "Klicken zum Bearbeiten", + "editStatus": "Status bearbeiten", + "noteOptional": "Notiz (optional)", + "additionalInfo": "Ergaenzende Informationen...", + "characters": "Zeichen", + "photo": "Foto", + "statusPhoto": "Status Foto", + "addPhoto": "Foto hinzufuegen (in Entwicklung)", + "loadingPlanError": "Fehler beim Laden des Plans", + "noPlanForMonth": "Kein Plan fuer {month} {year} vorhanden", + "createPlan": "Plan erstellen", + "addCategory": "Kategorie hinzufuegen", + "legend": "Legende", + "noCategories": "Keine Kategorien vorhanden", + "planDetails": "Plan-Details", + "createdBy": "Erstellt von", + "createdAt": "Erstellt am", + "statusActive": "Aktiv", + "statusInactive": "Inaktiv", + "statusUpdated": "Status aktualisiert", + "statusUpdatedDesc": "Der Status wurde erfolgreich gespeichert.", + "statusUpdateError": "Der Status konnte nicht aktualisiert werden.", + "month": "Monat", + "yearView": "Jahr", + "monthView": "Monat" + }, + "morningMeeting": { + "title": "Morning Meeting", + "overview": "Uebersicht aller Abteilungs-Meetings und offener Massnahmen", + "noMeetingToday": "Kein Meeting fuer heute", + "noMeetingTodayDesc": "Fuer diese Abteilung wurde heute noch kein Morning Meeting erstellt.", + "departments": "Abteilungen", + "currentMeetings": "Aktuelle Meetings", + "openActions": "Offene Massnahmen", + "noOpenActions": "Keine offenen Massnahmen", + "history": "Verlauf", + "settings": "Einstellungen", + "backToOverview": "Zurueck zur Uebersicht", + "refresh": "Aktualisieren", + "sqcdm": { + "safety": "Sicherheit", + "quality": "Qualitaet", + "cost": "Kosten", + "delivery": "Lieferung", + "morale": "Moral" + }, + "status": { + "scheduled": "Geplant", + "inProgress": "Laufend", + "completed": "Abgeschlossen", + "cancelled": "Abgebrochen" + }, + "timer": { + "duration": "Dauer", + "totalDuration": "Gesamtdauer", + "targetTime": "Zielzeit", + "ready": "Bereit", + "remaining": "Verbleibend", + "overtime": "Ueberzogen", + "targetExceeded": "Zielzeit ueberschritten", + "meetingCompleted": "Meeting abgeschlossen" + }, + "kpi": { + "noKpis": "Keine KPIs definiert", + "target": "Ziel", + "trend": { + "up": "Steigend", + "down": "Fallend", + "stable": "Stabil", + "none": "Kein Trend" + }, + "status": { + "green": "Gruen", + "yellow": "Gelb", + "red": "Rot", + "neutral": "Neutral" + } + }, + "actions": { + "title": "Massnahmen", + "new": "Neue Massnahme", + "add": "Hinzufuegen", + "noActions": "Keine Massnahmen vorhanden", + "noActionsFiltered": "Keine Massnahmen mit diesem Filter", + "open": "offen", + "inProgress": "in Bearbeitung", + "completed": "erledigt", + "showCompleted": "Erledigte anzeigen", + "filterAll": "Alle", + "notAssigned": "Nicht zugewiesen", + "priority": { + "low": "Niedrig", + "medium": "Mittel", + "high": "Hoch", + "critical": "Kritisch" + }, + "status": { + "open": "Offen", + "inProgress": "In Bearbeitung", + "completed": "Erledigt", + "cancelled": "Abgebrochen" + } + }, + "toast": { + "meetingStarted": "Meeting gestartet", + "meetingStartedDesc": "Das Morning Meeting wurde gestartet.", + "meetingEnded": "Meeting beendet", + "meetingEndedDesc": "Das Morning Meeting wurde abgeschlossen.", + "kpiUpdated": "KPI aktualisiert", + "kpiUpdatedDesc": "Der KPI-Wert wurde gespeichert.", + "actionCreated": "Massnahme erstellt", + "actionCreatedDesc": "Die neue Massnahme wurde hinzugefuegt.", + "actionUpdated": "Massnahme aktualisiert", + "actionUpdatedDesc": "Die Massnahme wurde gespeichert.", + "actionCompleted": "Massnahme abgeschlossen", + "actionCompletedDesc": "Die Massnahme wurde als erledigt markiert.", + "error": "Fehler", + "errorStartMeeting": "Das Meeting konnte nicht gestartet werden.", + "errorEndMeeting": "Das Meeting konnte nicht beendet werden.", + "errorUpdateKpi": "Der KPI konnte nicht aktualisiert werden.", + "errorCreateAction": "Die Massnahme konnte nicht erstellt werden.", + "errorUpdateAction": "Die Massnahme konnte nicht aktualisiert werden.", + "errorCompleteAction": "Die Massnahme konnte nicht abgeschlossen werden." + }, + "notes": "Notizen", + "noNotes": "Keine Notizen vorhanden", + "participants": "Teilnehmer", + "participantCount": "{count} Teilnehmer", + "conductor": "Moderator", + "startMeeting": "Meeting starten", + "endMeeting": "Meeting beenden", + "loadingError": "Fehler beim Laden", + "loadingErrorDesc": "Das Meeting konnte nicht geladen werden.", + "noMeetingForDepartment": "Fuer {department} wurde heute noch kein Morning Meeting erstellt.", + "noMeetingsFound": "Keine Meetings gefunden", + "allStatuses": "Alle Status", + "departmentsTitle": "Abteilungen", + "currentMeetingsTitle": "Aktuelle Meetings", + "openActionsTitle": "Offene Massnahmen", + "openCount": "{count} offen" + }, + "skillMatrix": { + "title": "Skill Matrix", + "description": "Qualifikationsmanagement und Kompetenzentwicklung fuer alle Abteilungen", + "levels": { + "0": "Keine Kenntnisse", + "1": "Grundlagen", + "2": "Selbststaendig", + "3": "Experte", + "4": "Kann schulen" + }, + "employee": "Mitarbeiter", + "employees": "Mitarbeiter", + "addSkill": "Skill hinzufuegen", + "totalEmployees": "Gesamtmitarbeiter", + "inDepartments": "in {count} Abteilungen", + "avgCoverage": "Durchschnittliche Abdeckung", + "avgLevel": "Durchschnittliches Level", + "trainers": "Trainer", + "targetLevel": "Ziel-Level", + "vsLastMonth": "vs. letzter Monat", + "searchDepartment": "Abteilung suchen", + "noDepartmentsFound": "Keine Abteilungen gefunden", + "coverage": "Abdeckung", + "trend": { + "label": "Trend", + "up": "Steigend", + "down": "Fallend", + "stable": "Stabil" + }, + "notFound": "Skill Matrix nicht gefunden", + "subtitle": "{employees} Mitarbeiter | {skills} Skills", + "unsavedChanges": "ungespeicherte Aenderungen", + "matrixView": "Matrix", + "gapAnalysis": "Lueckenanalyse", + "gapAnalysisDescription": "Vergleich zwischen aktuellem und Ziel-Niveau", + "gapAnalysisSettings": "Analyseeinstellungen", + "gapAnalysisSettingsDescription": "Waehlen Sie das Ziel-Level fuer die Lueckenanalyse", + "noGapData": "Keine Analysedaten verfuegbar", + "actualLevel": "Ist-Level", + "gap": "Luecke", + "belowTarget": "Unter Ziel", + "atOrAboveTarget": "Auf/Ueber Ziel", + "criticalGaps": "Kritische Luecken", + "warningGaps": "Warnungen", + "noGap": "Keine Luecke", + "averageGap": "Durchschnittliche Luecke", + "levelUpdated": "Level aktualisiert", + "levelUpdatedDescription": "Die Aenderung wurde vorgemerkt", + "changesSaved": "Aenderungen gespeichert", + "saveError": "Fehler beim Speichern", + "noEmployeesFound": "Keine Mitarbeiter gefunden" + }, + "s3Planning": "3S-Planung", + "department": "Abteilung", + "status": "Status", + "measures": "Massnahmen", + "responsible": "Verantwortlich", + "dueDate": "Faelligkeitsdatum", + "completed": "Abgeschlossen", + "inProgress": "In Bearbeitung", + "open": "Offen", + "skillLevel": "Skill-Level", + "skills": "Faehigkeiten", + "noKnowledge": "Keine Kenntnisse", + "basics": "Grundlagen", + "independent": "Selbststaendig", + "expert": "Experte", + "canTrain": "Kann schulen" + }, + "integrations": { + "title": "Integrationen", + "subtitle": "Verwalten Sie Ihre externen Dienste und Integrationen", + "connected": "Verbunden", + "disconnected": "Nicht verbunden", + "error": "Fehler", + "configuring": "Wird konfiguriert", + "configure": "Konfigurieren", + "test": "Verbindung testen", + "testing": "Wird getestet...", + "testSuccess": "Verbindung erfolgreich", + "testFailed": "Verbindung fehlgeschlagen", + "testError": "Test konnte nicht durchgefuehrt werden", + "lastSync": "Letzte Synchronisation", + "never": "Noch nie", + "syncNow": "Jetzt synchronisieren", + "details": "Details", + "enable": "Aktivieren", + "disable": "Deaktivieren", + "credentials": "Zugangsdaten", + "apiUrl": "API URL", + "apiKey": "API Schluessel", + "username": "Benutzername", + "password": "Passwort", + "syncInterval": "Sync-Intervall", + "minutes": "Minuten", + "saveSettings": "Einstellungen speichern", + "plentyOne": "PlentyONE", + "plentyOneDesc": "E-Commerce und Warenwirtschaft", + "zulip": "ZULIP", + "zulipDesc": "Team-Kommunikation und Chat", + "todoist": "Todoist", + "todoistDesc": "Aufgabenverwaltung", + "freeScout": "FreeScout", + "freeScoutDesc": "Helpdesk und Ticketsystem", + "nextcloud": "Nextcloud", + "nextcloudDesc": "Dateiverwaltung und Zusammenarbeit", + "ecoDms": "ecoDMS", + "ecoDmsDesc": "Dokumentenmanagement-System", + "gembaDocs": "GembaDocs", + "gembaDocsDesc": "Audits, Compliance und Findings", + "overview": "Uebersicht", + "allIntegrations": "Alle Integrationen", + "connectedCount": "{count} verbunden", + "errorCount": "{count} mit Fehlern", + "data": "Daten", + "settingsTab": "Einstellungen", + "logs": "Logs", + "configureCredentials": "Konfigurieren Sie die Zugangsdaten fuer diese Integration", + "settingsManagedViaAdmin": "Die Einstellungen werden ueber die Admin-Oberflaeche verwaltet.", + "syncLogs": "Synchronisations-Logs", + "recentSyncActivity": "Letzte Synchronisations-Aktivitaeten", + "syncSuccessful": "Sync erfolgreich", + "lastError": "Letzter Fehler:", + "notFound": "Integration nicht gefunden.", + "streams": "Streams", + "subscribedStreams": "Ihre abonnierten ZULIP Streams", + "unread": "Ungelesene", + "messagesToday": "Nachrichten heute", + "recentMessages": "Letzte Nachrichten", + "currentMessages": "Aktuelle Nachrichten aus Ihren Streams", + "noStreamsFound": "Keine Streams gefunden", + "documents": "Dokumente", + "classifications": "Klassifikationen", + "documentCategories": "Dokumentkategorien im Archiv", + "archived": "Archiviert", + "addedToday": "Heute hinzugefuegt", + "documentsTitle": "Dokumente", + "documentsFromArchive": "Dokumente aus dem ecoDMS Archiv", + "title": "Titel", + "classification": "Klassifikation", + "tags": "Tags", + "size": "Groesse", + "created": "Erstellt", + "noClassificationsFound": "Keine Klassifikationen gefunden", + "dueToday": "Heute faellig", + "totalOpen": "Gesamt offen", + "highPriority": "Hohe Prioritaet", + "projects": "Projekte", + "yourProjects": "Ihre Todoist Projekte", + "tasks": "Aufgaben", + "allOpenTasks": "Alle offenen Aufgaben", + "noProjectsFound": "Keine Projekte gefunden", + "noPriority": "Keine Prioritaet", + "priority1": "Prioritaet 1", + "priority2": "Prioritaet 2", + "priority3": "Prioritaet 3", + "complianceScore": "Compliance Score", + "audits": "Audits", + "openFindings": "Offene Findings", + "critical": "Kritisch", + "findingsBySeverity": "Findings nach Schweregrad", + "allAuditsStatus": "Alle Audits und deren Status", + "searchAudits": "Audits suchen...", + "type": "Typ", + "department": "Abteilung", + "findings": "Findings", + "scheduled": "Geplant", + "noAuditsFound": "Keine Audits gefunden", + "noAuditsAvailable": "Keine Audits vorhanden", + "today": "Heute", + "synchronization": "Synchronisation", + "settingsSaved": "{name} Einstellungen wurden gespeichert" + }, + "admin": { + "title": "Administration", + "overview": "Uebersicht", + "users": "Benutzer", + "roles": "Rollen", + "departments": "Abteilungen", + "settings": "Systemeinstellungen", + "auditLog": "Audit-Log", + "userManagement": "Benutzerverwaltung", + "createUser": "Benutzer erstellen", + "editUser": "Benutzer bearbeiten", + "deleteUser": "Benutzer loeschen", + "assignRole": "Rolle zuweisen", + "integrationManagement": "Integration-Verwaltung", + "integrationManagementDesc": "Konfigurieren Sie die Zugangsdaten und Einstellungen fuer externe Dienste" + }, + "settings": { + "title": "Einstellungen", + "subtitle": "Verwalten Sie Ihre Kontoeinstellungen und Praeferenzen", + "general": "Allgemein", + "appearance": "Darstellung", + "notifications": "Benachrichtigungen", + "language": "Sprache", + "theme": "Design", + "lightMode": "Hell", + "darkMode": "Dunkel", + "systemDefault": "Systemeinstellung", + "profile": "Profil", + "account": "Konto", + "security": "Sicherheit", + "changePassword": "Passwort aendern", + "twoFactor": "Zwei-Faktor-Authentifizierung", + "profileTitle": "Profil", + "profileDescription": "Verwalten Sie Ihre persoenlichen Informationen", + "preferencesTitle": "Praeferenzen", + "preferencesDescription": "Passen Sie Design und Sprache an", + "notificationsTitle": "Benachrichtigungen", + "notificationsDescription": "Konfigurieren Sie Ihre Benachrichtigungseinstellungen", + "securityTitle": "Sicherheit", + "securityDescription": "Verwalten Sie Passwort und Zwei-Faktor-Authentifizierung", + "profilePicture": "Profilbild", + "profilePictureSyncedFromKeycloak": "Ihr Profilbild wird aus Keycloak synchronisiert", + "profilePictureManagedInKeycloak": "Das Profilbild wird zentral in Keycloak verwaltet.", + "changeImageViaKeycloak": "Bild aendern (via Keycloak)", + "personalInformation": "Persoenliche Informationen", + "personalInformationDesc": "Diese Daten werden aus Keycloak synchronisiert und koennen dort geaendert werden", + "name": "Name", + "email": "E-Mail", + "departmentLabel": "Abteilung", + "memberSince": "Mitglied seit", + "notAssigned": "Nicht zugewiesen", + "contactAdminToChange": "Um Ihre persoenlichen Daten zu aendern, wenden Sie sich bitte an Ihren Administrator oder aendern Sie die Daten direkt in Keycloak.", + "rolesAndPermissions": "Rollen und Berechtigungen", + "assignedRoles": "Ihre zugewiesenen Rollen im System" + }, + "errors": { + "notFound": "Seite nicht gefunden", + "notFoundDescription": "Die angeforderte Seite existiert nicht.", + "serverError": "Serverfehler", + "serverErrorDescription": "Ein unerwarteter Fehler ist aufgetreten. Bitte versuchen Sie es spaeter erneut.", + "unauthorized": "Nicht autorisiert", + "unauthorizedDescription": "Sie haben keine Berechtigung, diese Seite anzuzeigen.", + "forbidden": "Zugriff verweigert", + "forbiddenDescription": "Sie haben keine Berechtigung fuer diese Aktion.", + "networkError": "Netzwerkfehler", + "networkErrorDescription": "Die Verbindung zum Server konnte nicht hergestellt werden.", + "goHome": "Zur Startseite", + "tryAgain": "Erneut versuchen" + }, + "validation": { + "required": "Dieses Feld ist erforderlich", + "email": "Bitte geben Sie eine gueltige E-Mail-Adresse ein", + "minLength": "Mindestens {min} Zeichen erforderlich", + "maxLength": "Maximal {max} Zeichen erlaubt", + "passwordMatch": "Die Passwoerter stimmen nicht ueberein", + "invalidDate": "Ungueltiges Datum", + "invalidNumber": "Ungueltige Zahl" + }, + "time": { + "today": "Heute", + "yesterday": "Gestern", + "tomorrow": "Morgen", + "thisWeek": "Diese Woche", + "lastWeek": "Letzte Woche", + "thisMonth": "Dieser Monat", + "lastMonth": "Letzter Monat", + "thisYear": "Dieses Jahr", + "hours": "Stunden", + "minutes": "Minuten", + "seconds": "Sekunden", + "days": "Tage" + } +} diff --git a/apps/web/messages/en.json b/apps/web/messages/en.json new file mode 100644 index 0000000..07c2c9f --- /dev/null +++ b/apps/web/messages/en.json @@ -0,0 +1,1052 @@ +{ + "common": { + "save": "Save", + "cancel": "Cancel", + "delete": "Delete", + "edit": "Edit", + "create": "Create", + "search": "Search", + "filter": "Filter", + "loading": "Loading...", + "error": "An error occurred", + "success": "Success", + "confirm": "Confirm", + "back": "Back", + "next": "Next", + "close": "Close", + "yes": "Yes", + "no": "No", + "all": "All", + "none": "None", + "select": "Select", + "submit": "Submit", + "reset": "Reset", + "refresh": "Refresh", + "export": "Export", + "import": "Import", + "download": "Download", + "upload": "Upload", + "actions": "Actions", + "openMenu": "Open menu", + "retry": "Try again", + "noData": "No data available", + "noResults": "No results found.", + "loadingError": "Loading error", + "columns": "Columns", + "rowsPerPage": "Rows per page", + "page": "Page", + "of": "of", + "rowsSelected": "{selected} of {total} row(s) selected.", + "completed": "Completed", + "cancelled": "Cancelled", + "inProgress": "In Progress", + "notStarted": "Not Started", + "problem": "Problem", + "noRolesAssigned": "No roles assigned" + }, + "auth": { + "login": "Login", + "logout": "Logout", + "loginTitle": "Welcome to tOS", + "loginSubtitle": "Sign in with your company account", + "loginButton": "Sign in with Keycloak", + "loggingIn": "Signing in...", + "logoutButton": "Sign out", + "sessionExpired": "Your session has expired. Please sign in again.", + "unauthorized": "You are not authorized to perform this action." + }, + "navigation": { + "dashboard": "Dashboard", + "lean": "LEAN", + "hr": "HR", + "integrations": "Integrations", + "admin": "Administration", + "settings": "Settings", + "profile": "Profile", + "help": "Help", + "s3Planning": "3S Planning", + "morningMeeting": "Morning Meeting", + "skillMatrix": "Skill Matrix", + "employees": "Employees", + "timeTracking": "Time Tracking", + "absences": "Absences", + "orgChart": "Org Chart", + "onboarding": "Onboarding", + "reviews": "Employee Reviews", + "users": "Users", + "departments": "Departments", + "overview": "Overview", + "plentyOne": "PlentyONE", + "zulip": "ZULIP" + }, + "dashboard": { + "title": "Dashboard", + "welcome": "Welcome, {name}!", + "welcomeBack": "Welcome back, {name}!", + "overview": "Your personal overview", + "quickActions": "Quick Actions", + "recentActivity": "Recent Activity", + "notifications": "Notifications", + "noNotifications": "No new notifications", + "todaysTasks": "Today's Tasks", + "upcomingEvents": "Upcoming Events", + "reset": "Reset", + "done": "Done", + "customize": "Customize", + "editModeActive": "Edit mode active:", + "editModeDescription": "Drag widgets to rearrange them. Click the X to remove a widget." + }, + "widgets": { + "addWidget": "Add Widget", + "addWidgetTitle": "Add Widget", + "addWidgetDescription": "Select a widget to add to your dashboard", + "searchWidgets": "Search widgets...", + "noWidgetsFound": "No widgets found", + "alreadyAdded": "Already added", + "categories": { + "all": "All", + "general": "General", + "productivity": "Productivity", + "analytics": "Analytics", + "communication": "Communication", + "integrations": "Integrations" + }, + "clock": { + "name": "Clock", + "description": "Shows the current time and date" + }, + "welcome": { + "name": "Welcome", + "description": "Personal greeting with user information", + "goodMorning": "Good morning", + "goodAfternoon": "Good afternoon", + "goodEvening": "Good evening", + "goodNight": "Good night", + "subtitle": "What would you like to accomplish today?" + }, + "quickActions": { + "name": "Quick Actions", + "description": "Quick access to common actions", + "clockIn": "Clock In", + "requestVacation": "Request Vacation", + "scheduleMeeting": "Schedule Meeting", + "createDocument": "Create Document" + }, + "stats": { + "name": "Statistics", + "description": "Key metrics at a glance", + "presentToday": "Present Today", + "openTasks": "Open Tasks", + "upcomingMeetings": "Upcoming Meetings", + "openTickets": "Open Tickets", + "trendPresentToday": "+3 since yesterday", + "trendOpenTasks": "5 with high priority", + "trendUpcomingMeetings": "This week", + "trendOpenTickets": "-5 compared to yesterday" + }, + "calendar": { + "name": "Calendar", + "description": "Mini calendar with appointments" + }, + "activity": { + "name": "Activity", + "description": "Recent activities and events", + "noActivity": "No current activities" + }, + "notifications": { + "name": "Notifications", + "description": "Current notifications" + }, + "tasks": { + "name": "Tasks", + "description": "Your current tasks" + }, + "orders": { + "name": "Orders", + "description": "Recent PlentyONE orders", + "noOrders": "No orders available", + "viewAll": "View all orders", + "viewDetails": "View details", + "markShipped": "Mark as shipped", + "error": "Error loading orders", + "status": { + "new": "New", + "processing": "Processing", + "shipped": "Shipped", + "delivered": "Delivered", + "cancelled": "Cancelled", + "returned": "Returned" + } + }, + "chat": { + "name": "Chat", + "description": "ZULIP messages and streams", + "noMessages": "No messages available", + "viewAll": "View all messages", + "reply": "Reply", + "replyPlaceholder": "Enter message..." + }, + "todoistTasks": { + "name": "Todoist Tasks", + "description": "Tasks due today from Todoist", + "noTasks": "No tasks for today", + "addTask": "Add task", + "add": "Add", + "newTaskPlaceholder": "Enter new task...", + "viewAll": "View all tasks" + }, + "tickets": { + "name": "Support Tickets", + "description": "Open FreeScout tickets", + "noTickets": "No tickets available", + "viewAll": "View all tickets", + "viewTicket": "View ticket", + "reply": "Reply", + "assign": "Assign", + "filterStatus": "Filter by status", + "status": { + "all": "All", + "open": "Open", + "pending": "Pending", + "resolved": "Resolved", + "closed": "Closed" + }, + "priority": { + "urgent": "Urgent", + "high": "High", + "medium": "Medium", + "low": "Low" + } + }, + "files": { + "name": "Files", + "description": "Recently modified Nextcloud files", + "noFiles": "No files available", + "download": "Download", + "openNextcloud": "Open in Nextcloud" + }, + "documents": { + "name": "Documents", + "description": "ecoDMS document archive", + "noDocuments": "No documents available", + "noResults": "No results found", + "download": "Download", + "openEcoDms": "Open in ecoDMS", + "searchPlaceholder": "Search documents..." + }, + "gembadocs": { + "name": "GembaDocs", + "description": "Audits, findings and compliance status", + "upcomingAudits": "Upcoming Audits", + "noAudits": "No audits scheduled", + "openFindings": "Open Findings", + "complianceScore": "Compliance Score", + "severity": { + "critical": "Critical", + "high": "High", + "medium": "Medium", + "low": "Low" + }, + "auditType": { + "internal": "Internal", + "external": "External", + "certification": "Certification" + }, + "daysLeft": "{days} days", + "today": "Today", + "tomorrow": "Tomorrow", + "viewAll": "View all audits", + "openGembaDocs": "Open in GembaDocs" + }, + "noWidgets": "No widgets added", + "noWidgetsDescription": "Add widgets to personalize your dashboard.", + "addWidgetButton": "Add widget", + "settings": "Settings", + "remove": "Remove" + }, + "hr": { + "title": "Human Resources", + "description": "Manage employees, time tracking and absences", + "employee": "Employee", + "newEmployee": "New Employee", + "createEmployee": "Create Employee", + "timeTracking": { + "title": "Time Tracking", + "description": "Record your working hours and manage your time account", + "noData": "No time data available", + "noDataDesc": "No working hours have been recorded yet.", + "clockIn": "Clock In", + "clockOut": "Clock Out", + "startBreak": "Start Break", + "endBreak": "End Break", + "working": "Working", + "onBreak": "On Break", + "notWorking": "Not Clocked In", + "workDuration": "Work Duration Today", + "since": "since", + "todayWorked": "Worked Today", + "todayBreak": "Break Today", + "clockedIn": "Clocked In", + "clockedInDesc": "You have successfully clocked in.", + "clockedOut": "Clocked Out", + "clockedOutDesc": "You have successfully clocked out.", + "breakStarted": "Break Started", + "breakStartedDesc": "Enjoy your break!", + "breakEnded": "Break Ended", + "breakEndedDesc": "Welcome back!", + "errorClockIn": "Error clocking in", + "errorClockOut": "Error clocking out", + "errorBreakStart": "Error starting break", + "errorBreakEnd": "Error ending break", + "errorLoading": "Error loading time tracking", + "recentEntries": "Recent Entries", + "recentEntriesDesc": "Your working hours from recent days", + "entries": "Entries", + "summary": "Summary", + "noEntries": "No entries available", + "errorLoadingEntries": "Error loading entries", + "break": "Break", + "overtime": "Overtime", + "corrected": "Corrected", + "pendingApproval": "Pending Approval", + "requestCorrection": "Request Correction", + "date": "Date", + "reason": "Reason", + "reasonPlaceholder": "Please provide a reason for the correction...", + "noteRequired": "A reason is required", + "correctionSubmitted": "Correction Request Submitted", + "correctionSubmittedDesc": "Your request is being reviewed.", + "errorSubmitCorrection": "Error submitting correction request", + "requestCorrectionDesc": "Request a correction for incorrect time entries", + "breakStart": "Break Start", + "breakEnd": "Break End", + "monthlySummary": "Monthly Summary", + "progress": "Progress", + "worked": "worked", + "target": "Target", + "balance": "Balance", + "totalHours": "Total", + "workDays": "Work Days", + "absencesThisMonth": "Absences This Month", + "sickDays": "Sick Days", + "vacationDays": "Vacation Days", + "errorLoadingSummary": "Error loading summary", + "timeAccount": "Time Account" + }, + "absences": { + "title": "Absences", + "description": "Manage your vacation and absence requests", + "noData": "No absences available", + "noDataDesc": "No absences have been recorded yet.", + "vacationBalance": "Vacation Balance", + "daysRemaining": "days remaining", + "used": "used", + "pending": "pending", + "available": "available", + "totalEntitlement": "Entitlement", + "taken": "Taken", + "planned": "Planned", + "carriedOver": "Carried Over", + "days": "days", + "day": "day", + "total": "Total", + "expirationWarning": "Days Expiring", + "expirationWarningDesc": "{days} carried over days will expire on {date}", + "errorLoadingBalance": "Error loading vacation balance", + "myRequests": "My Requests", + "myRequestsDesc": "All your absence requests", + "teamCalendar": "Team Calendar", + "teamCalendarDesc": "Overview of all team absences", + "approvals": "Approvals", + "newRequest": "New Request", + "newRequestDesc": "Create a new absence request", + "createFirstRequest": "Create First Request", + "noRequests": "No requests available", + "errorLoadingRequests": "Error loading requests", + "errorLoadingCalendar": "Error loading calendar", + "type": "Type", + "selectType": "Select type", + "startDate": "From", + "endDate": "To", + "halfDay": "Half Day", + "selectPeriod": "Select period", + "morning": "Morning", + "afternoon": "Afternoon", + "note": "Note", + "notePlaceholder": "Optional note for the request...", + "fillRequiredFields": "Please fill all required fields", + "invalidDateRange": "End date must be after start date", + "submitRequest": "Submit Request", + "requestSubmitted": "Request Submitted", + "requestSubmittedDesc": "Your request has been submitted for approval.", + "errorSubmitRequest": "Error submitting request", + "cancel": "Cancel", + "cancelled": "Request Cancelled", + "cancelledDesc": "Your request has been cancelled.", + "errorCancel": "Error cancelling request", + "rejectionReason": "Rejection Reason", + "approvedBy": "Approved by", + "pendingApprovals": "Pending Approvals", + "pendingApprovalsDesc": "Requests awaiting approval", + "pendingApprovalsManagerDesc": "Approve or reject your employees' requests", + "approve": "Approve", + "reject": "Reject", + "approved": "Approved", + "approvedDesc": "The request has been approved.", + "rejected": "Rejected", + "rejectedDesc": "The request has been rejected.", + "errorApprove": "Error approving request", + "errorReject": "Error rejecting request", + "rejectRequest": "Reject Request", + "rejectRequestDesc": "Please provide a reason for the rejection.", + "rejectionReasonPlaceholder": "Reason for rejection...", + "selectDepartment": "Select department", + "today": "Today", + "overview": "Overview", + "more": "more" + }, + "clockIn": "Clock In", + "clockOut": "Clock Out", + "breakStart": "Start Break", + "breakEnd": "End Break", + "currentlyWorking": "Currently Working", + "onBreak": "On Break", + "totalHours": "Total Hours", + "overtime": "Overtime", + "overtimeBalance": "Overtime Balance", + "vacation": "Vacation", + "sick": "Sick", + "homeOffice": "Home Office", + "specialLeave": "Special Leave", + "requestVacation": "Request Vacation", + "vacationBalance": "Vacation Days", + "vacationDaysTotal": "Total Vacation Days", + "vacationDaysUsed": "Vacation Days Used", + "vacationDaysRemaining": "Vacation Days Remaining", + "vacationOverview": "Vacation Overview", + "daysUsed": "days used", + "remaining": "remaining", + "used": "used", + "pending": "pending", + "absenceTypes": { + "vacation": "Vacation", + "sick": "Sick", + "sickChild": "Sick Child", + "homeOffice": "Home Office", + "specialLeave": "Special Leave", + "unpaidLeave": "Unpaid Leave", + "parentalLeave": "Parental Leave", + "businessTrip": "Business Trip", + "training": "Training", + "compensation": "Compensation" + }, + "absenceStatus": { + "pending": "Pending", + "approved": "Approved", + "rejected": "Rejected", + "cancelled": "Cancelled" + }, + "timeStatus": { + "clockedIn": "Working", + "onBreak": "On Break", + "clockedOut": "Clocked Out" + }, + "modules": { + "employees": { + "description": "Manage employee master data" + }, + "timeTracking": { + "description": "Record and analyze working hours" + }, + "absences": { + "description": "Vacation, sick leave and other absences" + }, + "orgChart": { + "description": "Visualize organizational structure" + } + }, + "employees": { + "title": "Employee List", + "subtitle": "Overview of all employees", + "description": "Manage employee master data", + "new": "New Employee", + "newSubtitle": "Fill out the form to create a new employee", + "newDescription": "Create a new employee", + "details": "Employee Details", + "detailsDescription": "Detailed employee information" + }, + "stats": { + "totalEmployees": "Total Employees", + "activeEmployees": "Active Employees", + "onLeave": "On Leave", + "departments": "Departments", + "thisMonth": "this month", + "ofTotal": "of total", + "currentlyAbsent": "currently absent", + "activeDepartments": "active departments" + }, + "employeeStatus": { + "active": "Active", + "inactive": "Inactive", + "on_leave": "On Leave", + "terminated": "Terminated" + }, + "contractType": { + "label": "Contract Type", + "full_time": "Full Time", + "part_time": "Part Time", + "mini_job": "Mini Job", + "trainee": "Trainee", + "intern": "Intern", + "freelance": "Freelance" + }, + "name": "Name", + "firstName": "First Name", + "lastName": "Last Name", + "email": "Email", + "phone": "Phone", + "position": "Position", + "department": "Department", + "manager": "Manager", + "roles": "Roles", + "status": "Status", + "hireDate": "Hire Date", + "terminationDate": "Termination Date", + "weeklyHours": "Weekly Hours", + "weeklyTarget": "Weekly Target", + "employeeNumber": "Employee Number", + "selectDepartment": "Select department", + "selectDate": "Select date", + "filterByStatus": "Filter by status", + "filterByContract": "Filter by contract type", + "searchEmployees": "Search employees...", + "viewDetails": "View Details", + "terminate": "Terminate", + "reactivate": "Reactivate", + "confirmDelete": "Are you sure you want to terminate {name}?", + "employeeNotFound": "Employee Not Found", + "employeeNotFoundDesc": "The requested employee does not exist.", + "backToList": "Back to List", + "noEmployeesFound": "No employees found", + "departmentBreakdown": "Employees by Department", + "departmentBreakdownDesc": "Distribution of employees across departments", + "noDepartments": "No departments available", + "address": "Address", + "street": "Street", + "city": "City", + "zipCode": "ZIP Code", + "country": "Country", + "emergencyContact": "Emergency Contact", + "emergencyName": "Name", + "emergencyPhone": "Phone", + "emergencyRelationship": "Relationship", + "employmentDetails": "Employment Details", + "form": { + "personalInfo": "Personal Information", + "personalInfoDesc": "Basic information about the employee", + "employmentDetails": "Employment Details", + "employmentDetailsDesc": "Contract details and working hours", + "address": "Address", + "addressDesc": "Employee's home address (optional)", + "emergencyContact": "Emergency Contact", + "emergencyContactDesc": "Contact person for emergencies (optional)" + }, + "tabs": { + "overview": "Overview", + "timeAccount": "Time Account", + "absences": "Absences" + }, + "orgChart": { + "title": "Organization Chart", + "subtitle": "Hierarchical view of the organizational structure", + "description": "Visualize organizational structure" + }, + "expandAll": "Expand All", + "collapseAll": "Collapse All", + "fullscreen": "Fullscreen", + "exitFullscreen": "Exit Fullscreen", + "directReports": "Direct Reports", + "errorLoadingOrgChart": "Error loading organization chart", + "toast": { + "employeeCreated": "Employee Created", + "employeeCreatedDesc": "The employee has been created successfully.", + "employeeUpdated": "Employee Updated", + "employeeUpdatedDesc": "The changes have been saved.", + "employeeDeleted": "Employee Terminated", + "employeeDeletedDesc": "The employee has been marked as terminated.", + "errorCreate": "Error creating employee", + "errorUpdate": "Error updating employee", + "errorDelete": "Error terminating employee" + } + }, + "lean": { + "title": "LEAN Management", + "description": "Continuous improvement and shopfloor management", + "modules": { + "s3-planning": { + "title": "3S Planning", + "description": "Seiri, Seiton, Seiso - Sort, Set in Order, Shine", + "status": "Active" + }, + "morning-meeting": { + "title": "Morning Meeting", + "description": "Daily shopfloor meetings with SQCDM", + "status": "Active" + }, + "skill-matrix": { + "title": "Skill Matrix", + "description": "Qualification management and skill development", + "status": "Active" + } + }, + "stats": { + "s3Completion": "3S Completion", + "meetingsThisWeek": "Meetings This Week", + "openActions": "Open Actions", + "skillCoverage": "Skill Coverage" + }, + "s3": { + "title": "3S Planning", + "seiri": "Seiri (Sort)", + "seiton": "Seiton (Set in Order)", + "seiso": "Seiso (Shine)", + "week": "Week", + "status": { + "not_started": "Not Started", + "in_progress": "In Progress", + "completed": "Completed", + "issue": "Issue" + }, + "statusDescNotStarted": "No activity yet", + "statusDescInProgress": "Work in progress", + "statusDescCompleted": "Successfully completed", + "statusDescIssue": "Action required", + "completedByAt": "Completed by {name} on {date}", + "noDataAvailable": "No data available", + "completionRate": "Completion rate", + "statusOverview": "3S Status Overview", + "done": "Done", + "working": "In Progress", + "problems": "Problems", + "openStatus": "Open", + "loadingError": "Error loading plans", + "noPlansFound": "No plans found for the selected period", + "overviewSubtitle": "Overview of all department 3S plans", + "newPlan": "New Plan", + "year": "Year", + "allMonths": "All Months", + "totalCompletionRate": "Total Completion Rate", + "ofEntries": "{count} of {total} entries", + "activePlans": "Active Plans", + "entriesActive": "Entries active", + "requireActions": "require actions", + "departmentPlans": "Department Plans", + "percentCompleted": "{percent}% completed", + "categories": "Categories", + "clickToEdit": "Click to edit", + "editStatus": "Edit Status", + "noteOptional": "Note (optional)", + "additionalInfo": "Additional information...", + "characters": "characters", + "photo": "Photo", + "statusPhoto": "Status Photo", + "addPhoto": "Add photo (in development)", + "loadingPlanError": "Error loading plan", + "noPlanForMonth": "No plan for {month} {year} available", + "createPlan": "Create plan", + "addCategory": "Add category", + "legend": "Legend", + "noCategories": "No categories available", + "planDetails": "Plan Details", + "createdBy": "Created by", + "createdAt": "Created at", + "statusActive": "Active", + "statusInactive": "Inactive", + "statusUpdated": "Status updated", + "statusUpdatedDesc": "The status has been saved successfully.", + "statusUpdateError": "The status could not be updated.", + "month": "Month", + "yearView": "Year", + "monthView": "Month" + }, + "morningMeeting": { + "title": "Morning Meeting", + "overview": "Overview of all department meetings and open actions", + "noMeetingToday": "No meeting for today", + "noMeetingTodayDesc": "No morning meeting has been created for this department today.", + "departments": "Departments", + "currentMeetings": "Current Meetings", + "openActions": "Open Actions", + "noOpenActions": "No open actions", + "history": "History", + "settings": "Settings", + "backToOverview": "Back to Overview", + "refresh": "Refresh", + "sqcdm": { + "safety": "Safety", + "quality": "Quality", + "cost": "Cost", + "delivery": "Delivery", + "morale": "Morale" + }, + "status": { + "scheduled": "Scheduled", + "inProgress": "In Progress", + "completed": "Completed", + "cancelled": "Cancelled" + }, + "timer": { + "duration": "Duration", + "totalDuration": "Total Duration", + "targetTime": "Target Time", + "ready": "Ready", + "remaining": "Remaining", + "overtime": "Overtime", + "targetExceeded": "Target time exceeded", + "meetingCompleted": "Meeting completed" + }, + "kpi": { + "noKpis": "No KPIs defined", + "target": "Target", + "trend": { + "up": "Rising", + "down": "Falling", + "stable": "Stable", + "none": "No trend" + }, + "status": { + "green": "Green", + "yellow": "Yellow", + "red": "Red", + "neutral": "Neutral" + } + }, + "actions": { + "title": "Actions", + "new": "New Action", + "add": "Add", + "noActions": "No actions available", + "noActionsFiltered": "No actions match this filter", + "open": "open", + "inProgress": "in progress", + "completed": "completed", + "showCompleted": "Show completed", + "filterAll": "All", + "notAssigned": "Not assigned", + "priority": { + "low": "Low", + "medium": "Medium", + "high": "High", + "critical": "Critical" + }, + "status": { + "open": "Open", + "inProgress": "In Progress", + "completed": "Completed", + "cancelled": "Cancelled" + } + }, + "toast": { + "meetingStarted": "Meeting started", + "meetingStartedDesc": "The morning meeting has been started.", + "meetingEnded": "Meeting ended", + "meetingEndedDesc": "The morning meeting has been completed.", + "kpiUpdated": "KPI updated", + "kpiUpdatedDesc": "The KPI value has been saved.", + "actionCreated": "Action created", + "actionCreatedDesc": "The new action has been added.", + "actionUpdated": "Action updated", + "actionUpdatedDesc": "The action has been saved.", + "actionCompleted": "Action completed", + "actionCompletedDesc": "The action has been marked as done.", + "error": "Error", + "errorStartMeeting": "Could not start the meeting.", + "errorEndMeeting": "Could not end the meeting.", + "errorUpdateKpi": "Could not update the KPI.", + "errorCreateAction": "Could not create the action.", + "errorUpdateAction": "Could not update the action.", + "errorCompleteAction": "Could not complete the action." + }, + "notes": "Notes", + "noNotes": "No notes available", + "participants": "Participants", + "participantCount": "{count} participants", + "conductor": "Conductor", + "startMeeting": "Start Meeting", + "endMeeting": "End Meeting", + "loadingError": "Loading error", + "loadingErrorDesc": "The meeting could not be loaded.", + "noMeetingForDepartment": "No morning meeting has been created for {department} today.", + "noMeetingsFound": "No meetings found", + "allStatuses": "All statuses", + "departmentsTitle": "Departments", + "currentMeetingsTitle": "Current Meetings", + "openActionsTitle": "Open Actions", + "openCount": "{count} open" + }, + "skillMatrix": { + "title": "Skill Matrix", + "description": "Qualification management and skill development for all departments", + "levels": { + "0": "No Knowledge", + "1": "Basics", + "2": "Independent", + "3": "Expert", + "4": "Can Train" + }, + "employee": "Employee", + "employees": "Employees", + "addSkill": "Add Skill", + "totalEmployees": "Total Employees", + "inDepartments": "in {count} departments", + "avgCoverage": "Average Coverage", + "avgLevel": "Average Level", + "trainers": "Trainers", + "targetLevel": "Target Level", + "vsLastMonth": "vs. last month", + "searchDepartment": "Search department", + "noDepartmentsFound": "No departments found", + "coverage": "Coverage", + "trend": { + "label": "Trend", + "up": "Rising", + "down": "Falling", + "stable": "Stable" + }, + "notFound": "Skill Matrix not found", + "subtitle": "{employees} employees | {skills} skills", + "unsavedChanges": "unsaved changes", + "matrixView": "Matrix", + "gapAnalysis": "Gap Analysis", + "gapAnalysisDescription": "Comparison between current and target level", + "gapAnalysisSettings": "Analysis Settings", + "gapAnalysisSettingsDescription": "Select the target level for gap analysis", + "noGapData": "No analysis data available", + "actualLevel": "Actual Level", + "gap": "Gap", + "belowTarget": "Below Target", + "atOrAboveTarget": "At/Above Target", + "criticalGaps": "Critical Gaps", + "warningGaps": "Warnings", + "noGap": "No Gap", + "averageGap": "Average Gap", + "levelUpdated": "Level updated", + "levelUpdatedDescription": "The change has been queued", + "changesSaved": "Changes saved", + "saveError": "Error saving", + "noEmployeesFound": "No employees found" + }, + "s3Planning": "3S Planning", + "department": "Department", + "status": "Status", + "measures": "Measures", + "responsible": "Responsible", + "dueDate": "Due Date", + "completed": "Completed", + "inProgress": "In Progress", + "open": "Open", + "skillLevel": "Skill Level", + "skills": "Skills", + "noKnowledge": "No Knowledge", + "basics": "Basics", + "independent": "Independent", + "expert": "Expert", + "canTrain": "Can Train" + }, + "integrations": { + "title": "Integrations", + "subtitle": "Manage your external services and integrations", + "connected": "Connected", + "disconnected": "Disconnected", + "error": "Error", + "configuring": "Configuring", + "configure": "Configure", + "test": "Test Connection", + "testing": "Testing...", + "testSuccess": "Connection successful", + "testFailed": "Connection failed", + "testError": "Could not perform test", + "lastSync": "Last Sync", + "never": "Never", + "syncNow": "Sync Now", + "details": "Details", + "enable": "Enable", + "disable": "Disable", + "credentials": "Credentials", + "apiUrl": "API URL", + "apiKey": "API Key", + "username": "Username", + "password": "Password", + "syncInterval": "Sync Interval", + "minutes": "Minutes", + "saveSettings": "Save Settings", + "plentyOne": "PlentyONE", + "plentyOneDesc": "E-commerce and inventory management", + "zulip": "ZULIP", + "zulipDesc": "Team communication and chat", + "todoist": "Todoist", + "todoistDesc": "Task management", + "freeScout": "FreeScout", + "freeScoutDesc": "Helpdesk and ticket system", + "nextcloud": "Nextcloud", + "nextcloudDesc": "File management and collaboration", + "ecoDms": "ecoDMS", + "ecoDmsDesc": "Document management system", + "gembaDocs": "GembaDocs", + "gembaDocsDesc": "Audits, compliance and findings", + "overview": "Overview", + "allIntegrations": "All Integrations", + "connectedCount": "{count} connected", + "errorCount": "{count} with errors", + "data": "Data", + "settingsTab": "Settings", + "logs": "Logs", + "configureCredentials": "Configure the credentials for this integration", + "settingsManagedViaAdmin": "Settings are managed via the admin interface.", + "syncLogs": "Sync Logs", + "recentSyncActivity": "Recent sync activities", + "syncSuccessful": "Sync successful", + "lastError": "Last error:", + "notFound": "Integration not found.", + "streams": "Streams", + "subscribedStreams": "Your subscribed ZULIP streams", + "unread": "Unread", + "messagesToday": "Messages today", + "recentMessages": "Recent Messages", + "currentMessages": "Current messages from your streams", + "noStreamsFound": "No streams found", + "documents": "Documents", + "classifications": "Classifications", + "documentCategories": "Document categories in the archive", + "archived": "Archived", + "addedToday": "Added today", + "documentsTitle": "Documents", + "documentsFromArchive": "Documents from the ecoDMS archive", + "title": "Title", + "classification": "Classification", + "tags": "Tags", + "size": "Size", + "created": "Created", + "noClassificationsFound": "No classifications found", + "dueToday": "Due today", + "totalOpen": "Total open", + "highPriority": "High priority", + "projects": "Projects", + "yourProjects": "Your Todoist projects", + "tasks": "Tasks", + "allOpenTasks": "All open tasks", + "noProjectsFound": "No projects found", + "noPriority": "No priority", + "priority1": "Priority 1", + "priority2": "Priority 2", + "priority3": "Priority 3", + "complianceScore": "Compliance Score", + "audits": "Audits", + "openFindings": "Open Findings", + "critical": "Critical", + "findingsBySeverity": "Findings by Severity", + "allAuditsStatus": "All audits and their status", + "searchAudits": "Search audits...", + "type": "Type", + "department": "Department", + "findings": "Findings", + "scheduled": "Scheduled", + "noAuditsFound": "No audits found", + "noAuditsAvailable": "No audits available", + "today": "Today", + "synchronization": "Synchronization", + "settingsSaved": "{name} settings have been saved" + }, + "admin": { + "title": "Administration", + "overview": "Overview", + "users": "Users", + "roles": "Roles", + "departments": "Departments", + "settings": "System Settings", + "auditLog": "Audit Log", + "userManagement": "User Management", + "createUser": "Create User", + "editUser": "Edit User", + "deleteUser": "Delete User", + "assignRole": "Assign Role", + "integrationManagement": "Integration Management", + "integrationManagementDesc": "Configure credentials and settings for external services" + }, + "settings": { + "title": "Settings", + "subtitle": "Manage your account settings and preferences", + "general": "General", + "appearance": "Appearance", + "notifications": "Notifications", + "language": "Language", + "theme": "Theme", + "lightMode": "Light", + "darkMode": "Dark", + "systemDefault": "System Default", + "profile": "Profile", + "account": "Account", + "security": "Security", + "changePassword": "Change Password", + "twoFactor": "Two-Factor Authentication", + "profileTitle": "Profile", + "profileDescription": "Manage your personal information", + "preferencesTitle": "Preferences", + "preferencesDescription": "Customize theme and language", + "notificationsTitle": "Notifications", + "notificationsDescription": "Configure your notification settings", + "securityTitle": "Security", + "securityDescription": "Manage password and two-factor authentication", + "profilePicture": "Profile Picture", + "profilePictureSyncedFromKeycloak": "Your profile picture is synced from Keycloak", + "profilePictureManagedInKeycloak": "The profile picture is managed centrally in Keycloak.", + "changeImageViaKeycloak": "Change image (via Keycloak)", + "personalInformation": "Personal Information", + "personalInformationDesc": "This data is synced from Keycloak and can be changed there", + "name": "Name", + "email": "Email", + "departmentLabel": "Department", + "memberSince": "Member since", + "notAssigned": "Not assigned", + "contactAdminToChange": "To change your personal data, please contact your administrator or change the data directly in Keycloak.", + "rolesAndPermissions": "Roles and Permissions", + "assignedRoles": "Your assigned roles in the system" + }, + "errors": { + "notFound": "Page Not Found", + "notFoundDescription": "The requested page does not exist.", + "serverError": "Server Error", + "serverErrorDescription": "An unexpected error occurred. Please try again later.", + "unauthorized": "Unauthorized", + "unauthorizedDescription": "You are not authorized to view this page.", + "forbidden": "Access Denied", + "forbiddenDescription": "You do not have permission to perform this action.", + "networkError": "Network Error", + "networkErrorDescription": "Could not connect to the server.", + "goHome": "Go to Home", + "tryAgain": "Try Again" + }, + "validation": { + "required": "This field is required", + "email": "Please enter a valid email address", + "minLength": "At least {min} characters required", + "maxLength": "Maximum {max} characters allowed", + "passwordMatch": "Passwords do not match", + "invalidDate": "Invalid date", + "invalidNumber": "Invalid number" + }, + "time": { + "today": "Today", + "yesterday": "Yesterday", + "tomorrow": "Tomorrow", + "thisWeek": "This Week", + "lastWeek": "Last Week", + "thisMonth": "This Month", + "lastMonth": "Last Month", + "thisYear": "This Year", + "hours": "hours", + "minutes": "minutes", + "seconds": "seconds", + "days": "days" + } +} diff --git a/apps/web/next.config.mjs b/apps/web/next.config.mjs new file mode 100644 index 0000000..eadfc54 --- /dev/null +++ b/apps/web/next.config.mjs @@ -0,0 +1,30 @@ +import createNextIntlPlugin from 'next-intl/plugin'; + +const withNextIntl = createNextIntlPlugin('./src/i18n.ts'); + +/** @type {import('next').NextConfig} */ +const nextConfig = { + // Enable React strict mode for better development experience + reactStrictMode: true, + + // Configure image optimization + images: { + remotePatterns: [ + { + protocol: 'https', + hostname: '*.gravatar.com', + }, + ], + }, + + // Transpile packages for monorepo + transpilePackages: ['@tos/shared'], + + // Experimental features + experimental: { + // Optimize package imports for better tree-shaking + optimizePackageImports: ['lucide-react', '@radix-ui/react-icons'], + }, +}; + +export default withNextIntl(nextConfig); diff --git a/apps/web/package.json b/apps/web/package.json new file mode 100644 index 0000000..edac2e4 --- /dev/null +++ b/apps/web/package.json @@ -0,0 +1,74 @@ +{ + "name": "@tos/web", + "version": "0.1.0", + "private": true, + "scripts": { + "dev": "next dev", + "build": "next build", + "start": "next start", + "lint": "next lint", + "type-check": "tsc --noEmit", + "test": "vitest run", + "test:watch": "vitest" + }, + "dependencies": { + "@tos/shared": "workspace:*", + "@dnd-kit/core": "^6.1.0", + "@dnd-kit/sortable": "^8.0.0", + "@dnd-kit/utilities": "^3.2.2", + "@hookform/resolvers": "^3.9.0", + "@radix-ui/react-avatar": "^1.1.0", + "@radix-ui/react-checkbox": "^1.1.1", + "@radix-ui/react-collapsible": "^1.1.0", + "@radix-ui/react-popover": "^1.1.1", + "@radix-ui/react-progress": "^1.1.0", + "@radix-ui/react-scroll-area": "^1.1.0", + "@radix-ui/react-select": "^2.1.1", + "@radix-ui/react-switch": "^1.1.0", + "@radix-ui/react-tabs": "^1.1.0", + "@radix-ui/react-dialog": "^1.1.1", + "@radix-ui/react-dropdown-menu": "^2.1.1", + "@radix-ui/react-label": "^2.1.0", + "@radix-ui/react-separator": "^1.1.0", + "@radix-ui/react-slot": "^1.1.0", + "@radix-ui/react-toast": "^1.2.1", + "@radix-ui/react-tooltip": "^1.1.2", + "@tanstack/react-query": "^5.56.2", + "@tanstack/react-table": "^8.20.5", + "class-variance-authority": "^0.7.0", + "clsx": "^2.1.1", + "date-fns": "^3.6.0", + "framer-motion": "^11.5.6", + "lucide-react": "^0.447.0", + "next": "14.2.13", + "next-auth": "^4.24.7", + "next-intl": "^3.20.0", + "next-themes": "^0.3.0", + "react": "^18.3.1", + "react-dom": "^18.3.1", + "react-day-picker": "^8.10.1", + "react-hook-form": "^7.53.0", + "recharts": "^2.12.7", + "tailwind-merge": "^2.5.2", + "tailwindcss-animate": "^1.0.7", + "zod": "^3.23.8", + "zustand": "^5.0.0-rc.2" + }, + "devDependencies": { + "@testing-library/jest-dom": "^6.6.3", + "@testing-library/react": "^16.1.0", + "@testing-library/user-event": "^14.5.2", + "@types/node": "^22.5.5", + "@types/react": "^18.3.8", + "@types/react-dom": "^18.3.0", + "@vitejs/plugin-react": "^4.3.4", + "autoprefixer": "^10.4.20", + "eslint": "^8.57.1", + "eslint-config-next": "14.2.13", + "jsdom": "^25.0.1", + "postcss": "^8.4.47", + "tailwindcss": "^3.4.13", + "typescript": "^5.6.2", + "vitest": "^2.1.8" + } +} diff --git a/apps/web/postcss.config.js b/apps/web/postcss.config.js new file mode 100644 index 0000000..12a703d --- /dev/null +++ b/apps/web/postcss.config.js @@ -0,0 +1,6 @@ +module.exports = { + plugins: { + tailwindcss: {}, + autoprefixer: {}, + }, +}; diff --git a/apps/web/public/favicon.ico b/apps/web/public/favicon.ico new file mode 100644 index 0000000..b3a4252 --- /dev/null +++ b/apps/web/public/favicon.ico @@ -0,0 +1 @@ +placeholder \ No newline at end of file diff --git a/apps/web/src/app/[locale]/(auth)/admin/admin-dashboard-content.tsx b/apps/web/src/app/[locale]/(auth)/admin/admin-dashboard-content.tsx new file mode 100644 index 0000000..56bb7e9 --- /dev/null +++ b/apps/web/src/app/[locale]/(auth)/admin/admin-dashboard-content.tsx @@ -0,0 +1,272 @@ +'use client'; + +import { useTranslations } from 'next-intl'; +import { motion } from 'framer-motion'; +import { Users, Building2, Shield, Activity, TrendingUp, TrendingDown } from 'lucide-react'; + +import { Card, CardContent, CardDescription, CardHeader, CardTitle } from '@/components/ui/card'; +import { Skeleton } from '@/components/ui/skeleton'; + +interface StatCardProps { + title: string; + value: string | number; + description?: string; + icon: React.ComponentType<{ className?: string }>; + trend?: 'up' | 'down' | 'neutral'; + delay?: number; +} + +function StatCard({ title, value, description, icon: Icon, trend, delay = 0 }: StatCardProps) { + return ( + + + + {title} + + + +
{value}
+ {description && ( +

+ {trend === 'up' && } + {trend === 'down' && } + {description} +

+ )} + + + + ); +} + +/** + * Admin Dashboard Content - System overview and statistics + */ +export function AdminDashboardContent() { + const t = useTranslations('admin'); + + // Mock data - would come from API + const stats = [ + { + title: 'Benutzer gesamt', + value: '127', + description: '+5 in den letzten 30 Tagen', + icon: Users, + trend: 'up' as const, + }, + { + title: 'Aktive Benutzer', + value: '98', + description: '77% aller Benutzer', + icon: Activity, + trend: 'neutral' as const, + }, + { + title: 'Abteilungen', + value: '12', + description: 'In 3 Standorten', + icon: Building2, + trend: 'neutral' as const, + }, + { + title: 'Administratoren', + value: '4', + description: 'Vollzugriff auf das System', + icon: Shield, + trend: 'neutral' as const, + }, + ]; + + return ( +
+ {/* Stats Grid */} +
+ {stats.map((stat, index) => ( + + ))} +
+ + {/* Quick Actions and Recent Activity */} +
+ {/* Quick Actions */} + + + + Schnellaktionen + Haeufig verwendete Administrationsaufgaben + + + + + + + + + + {/* Recent Activity */} + + + + Letzte Aktivitaeten + Aktuelle Aenderungen im System + + + + + + + + + +
+ + {/* System Status */} + + + + Systemstatus + Uebersicht ueber verbundene Dienste + + +
+ + + +
+ + + +
+ ); +} + +function QuickActionItem({ + icon: Icon, + title, + description, +}: { + icon: React.ComponentType<{ className?: string }>; + title: string; + description: string; +}) { + return ( + + ); +} + +function ActivityItem({ + action, + target, + time, + actor, +}: { + action: string; + target: string; + time: string; + actor: string; +}) { + return ( +
+
+
+

+ {action}: {target} +

+

+ {time} von {actor} +

+
+
+ ); +} + +function SystemStatusItem({ + name, + status, + latency, +}: { + name: string; + status: 'online' | 'offline' | 'degraded'; + latency: string; +}) { + const statusColors = { + online: 'bg-green-500', + offline: 'bg-red-500', + degraded: 'bg-yellow-500', + }; + + const statusLabels = { + online: 'Online', + offline: 'Offline', + degraded: 'Eingeschraenkt', + }; + + return ( +
+
+
+ {name} +
+
+

{statusLabels[status]}

+

{latency}

+
+
+ ); +} diff --git a/apps/web/src/app/[locale]/(auth)/admin/departments/departments-content.tsx b/apps/web/src/app/[locale]/(auth)/admin/departments/departments-content.tsx new file mode 100644 index 0000000..7727c4c --- /dev/null +++ b/apps/web/src/app/[locale]/(auth)/admin/departments/departments-content.tsx @@ -0,0 +1,221 @@ +'use client'; + +import { useState } from 'react'; +import { useTranslations } from 'next-intl'; +import { motion } from 'framer-motion'; +import { ColumnDef } from '@tanstack/react-table'; +import { + MoreHorizontal, + Building2, + Edit, + Trash2, + Users, + Plus, +} from 'lucide-react'; + +import { Button } from '@/components/ui/button'; +import { Badge } from '@/components/ui/badge'; +import { + DropdownMenu, + DropdownMenuContent, + DropdownMenuItem, + DropdownMenuLabel, + DropdownMenuSeparator, + DropdownMenuTrigger, +} from '@/components/ui/dropdown-menu'; +import { DataTable, DataTableColumnHeader } from '@/components/ui/data-table'; +import type { Department } from '@/types'; + +interface DepartmentsContentProps { + locale: string; +} + +// Extended department type for display +interface DepartmentWithStats extends Department { + employeeCount: number; + managerName?: string; + location?: string; +} + +// Mock department data +const mockDepartments: DepartmentWithStats[] = [ + { + id: '1', + name: 'IT & Entwicklung', + description: 'Software-Entwicklung und IT-Infrastruktur', + employeeCount: 24, + managerName: 'Peter Mueller', + location: 'Hauptsitz', + }, + { + id: '2', + name: 'Personal', + description: 'Personalwesen und Recruiting', + employeeCount: 8, + managerName: 'Anna Schmidt', + location: 'Hauptsitz', + }, + { + id: '3', + name: 'Vertrieb', + description: 'Vertrieb und Kundenbetreuung', + employeeCount: 32, + managerName: 'Thomas Weber', + location: 'Niederlassung Sued', + }, + { + id: '4', + name: 'Marketing', + description: 'Marketing und Kommunikation', + employeeCount: 12, + location: 'Hauptsitz', + }, + { + id: '5', + name: 'Lager & Logistik', + description: 'Lagerverwaltung und Versand', + employeeCount: 45, + managerName: 'Klaus Fischer', + location: 'Lager Nord', + }, + { + id: '6', + name: 'Finanzen', + description: 'Buchhaltung und Controlling', + employeeCount: 6, + managerName: 'Maria Braun', + location: 'Hauptsitz', + }, +]; + +/** + * Departments management content with DataTable + */ +export function DepartmentsContent({ locale }: DepartmentsContentProps) { + const t = useTranslations('admin'); + const [departments] = useState(mockDepartments); + + const columns: ColumnDef[] = [ + { + accessorKey: 'name', + header: ({ column }) => , + cell: ({ row }) => { + const dept = row.original; + return ( +
+
+ +
+
+

{dept.name}

+ {dept.description && ( +

+ {dept.description} +

+ )} +
+
+ ); + }, + }, + { + accessorKey: 'managerName', + header: ({ column }) => , + cell: ({ row }) => { + const manager = row.original.managerName; + return manager ? ( + {manager} + ) : ( + + Nicht zugewiesen + + ); + }, + }, + { + accessorKey: 'employeeCount', + header: ({ column }) => , + cell: ({ row }) => ( +
+ + {row.original.employeeCount} +
+ ), + }, + { + accessorKey: 'location', + header: ({ column }) => , + cell: ({ row }) => ( + {row.original.location || 'Nicht zugewiesen'} + ), + }, + { + id: 'actions', + enableHiding: false, + cell: ({ row }) => { + const dept = row.original; + + return ( + + + + + + Aktionen + + + Bearbeiten + + + + Mitarbeiter verwalten + + + + + Loeschen + + + + ); + }, + }, + ]; + + const totalEmployees = departments.reduce((sum, d) => sum + d.employeeCount, 0); + + return ( + + {/* Actions Bar */} +
+
+

Abteilungsverwaltung

+

+ {departments.length} Abteilungen mit {totalEmployees} Mitarbeitern +

+
+ + +
+ + {/* Data Table */} + + + ); +} diff --git a/apps/web/src/app/[locale]/(auth)/admin/departments/page.tsx b/apps/web/src/app/[locale]/(auth)/admin/departments/page.tsx new file mode 100644 index 0000000..2610f79 --- /dev/null +++ b/apps/web/src/app/[locale]/(auth)/admin/departments/page.tsx @@ -0,0 +1,23 @@ +import { Metadata } from 'next'; +import { getTranslations } from 'next-intl/server'; + +import { DepartmentsContent } from './departments-content'; + +interface DepartmentsPageProps { + params: { locale: string }; +} + +export async function generateMetadata(): Promise { + const t = await getTranslations('admin'); + + return { + title: `${t('departments')} - ${t('title')}`, + }; +} + +/** + * Admin Departments page - Server Component + */ +export default function DepartmentsPage({ params: { locale } }: DepartmentsPageProps) { + return ; +} diff --git a/apps/web/src/app/[locale]/(auth)/admin/integrations/admin-integrations-content.tsx b/apps/web/src/app/[locale]/(auth)/admin/integrations/admin-integrations-content.tsx new file mode 100644 index 0000000..d178e52 --- /dev/null +++ b/apps/web/src/app/[locale]/(auth)/admin/integrations/admin-integrations-content.tsx @@ -0,0 +1,324 @@ +'use client'; + +import { useState } from 'react'; +import { useTranslations } from 'next-intl'; +import { motion } from 'framer-motion'; +import { + Plug, + Shield, + Building2, + MessageSquare, + CheckSquare, + Headphones, + Cloud, + FileText, + ClipboardCheck, + Settings, + Eye, + EyeOff, + type LucideIcon, +} from 'lucide-react'; + +import { cn } from '@/lib/utils'; +import { Button } from '@/components/ui/button'; +import { Input } from '@/components/ui/input'; +import { Label } from '@/components/ui/label'; +import { Switch } from '@/components/ui/switch'; +import { + Card, + CardContent, + CardDescription, + CardFooter, + CardHeader, + CardTitle, +} from '@/components/ui/card'; +import { + Select, + SelectContent, + SelectItem, + SelectTrigger, + SelectValue, +} from '@/components/ui/select'; +import { Skeleton } from '@/components/ui/skeleton'; +import { Tabs, TabsContent, TabsList, TabsTrigger } from '@/components/ui/tabs'; +import { IntegrationStatusBadge, ConnectionTestButton } from '@/components/integrations'; +import { useAllIntegrationStatuses } from '@/hooks/integrations'; +import { useToast } from '@/hooks/use-toast'; +import type { IntegrationType } from '@/types/integrations'; + +interface AdminIntegrationsContentProps { + locale: string; +} + +/** Integration metadata */ +const integrationMeta: Record< + IntegrationType, + { icon: LucideIcon; nameKey: string; descKey: string } +> = { + plentyone: { icon: Building2, nameKey: 'plentyOne', descKey: 'plentyOneDesc' }, + zulip: { icon: MessageSquare, nameKey: 'zulip', descKey: 'zulipDesc' }, + todoist: { icon: CheckSquare, nameKey: 'todoist', descKey: 'todoistDesc' }, + freescout: { icon: Headphones, nameKey: 'freeScout', descKey: 'freeScoutDesc' }, + nextcloud: { icon: Cloud, nameKey: 'nextcloud', descKey: 'nextcloudDesc' }, + ecodms: { icon: FileText, nameKey: 'ecoDms', descKey: 'ecoDmsDesc' }, + gembadocs: { icon: ClipboardCheck, nameKey: 'gembaDocs', descKey: 'gembaDocsDesc' }, +}; + +/** Credential field configuration per integration */ +const credentialFields: Record = { + plentyone: [ + { key: 'apiUrl', labelKey: 'apiUrl', type: 'url' }, + { key: 'username', labelKey: 'username', type: 'text' }, + { key: 'password', labelKey: 'password', type: 'password' }, + ], + zulip: [ + { key: 'apiUrl', labelKey: 'apiUrl', type: 'url' }, + { key: 'email', labelKey: 'username', type: 'text' }, + { key: 'apiKey', labelKey: 'apiKey', type: 'password' }, + ], + todoist: [ + { key: 'apiKey', labelKey: 'apiKey', type: 'password' }, + ], + freescout: [ + { key: 'apiUrl', labelKey: 'apiUrl', type: 'url' }, + { key: 'apiKey', labelKey: 'apiKey', type: 'password' }, + ], + nextcloud: [ + { key: 'apiUrl', labelKey: 'apiUrl', type: 'url' }, + { key: 'username', labelKey: 'username', type: 'text' }, + { key: 'password', labelKey: 'password', type: 'password' }, + ], + ecodms: [ + { key: 'apiUrl', labelKey: 'apiUrl', type: 'url' }, + { key: 'apiKey', labelKey: 'apiKey', type: 'password' }, + ], + gembadocs: [ + { key: 'apiUrl', labelKey: 'apiUrl', type: 'url' }, + { key: 'apiKey', labelKey: 'apiKey', type: 'password' }, + ], +}; + +/** + * Admin integrations management content + */ +export function AdminIntegrationsContent({ locale }: AdminIntegrationsContentProps) { + const t = useTranslations('integrations'); + const tAdmin = useTranslations('admin'); + const { toast } = useToast(); + const { data: integrations, isLoading } = useAllIntegrationStatuses(); + + const [visiblePasswords, setVisiblePasswords] = useState>({}); + const [enabledState, setEnabledState] = useState>({}); + const [formData, setFormData] = useState>>({}); + + const togglePasswordVisibility = (fieldKey: string) => { + setVisiblePasswords((prev) => ({ + ...prev, + [fieldKey]: !prev[fieldKey], + })); + }; + + const handleFieldChange = (integrationType: IntegrationType, fieldKey: string, value: string) => { + setFormData((prev) => ({ + ...prev, + [integrationType]: { + ...prev[integrationType], + [fieldKey]: value, + }, + })); + }; + + const handleSave = (integrationType: IntegrationType) => { + toast({ + title: t('saveSettings'), + description: t('settingsSaved' as never, { name: t(integrationMeta[integrationType].nameKey as never) }), + }); + }; + + return ( +
+ {/* Header */} +
+
+ +
+
+

{tAdmin('integrationManagement')}

+

+ {tAdmin('integrationManagementDesc')} +

+
+
+ + {/* Integration Tabs */} + {isLoading ? ( +
+ {Array.from({ length: 3 }).map((_, i) => ( + + + + + + +
+ {Array.from({ length: 3 }).map((_, j) => ( + + ))} +
+ + + ))} +
+ ) : ( + + + {integrations?.map((config) => { + const meta = integrationMeta[config.type]; + const Icon = meta.icon; + return ( + + + {t(meta.nameKey as never)} + + ); + })} + + + {integrations?.map((config) => { + const meta = integrationMeta[config.type]; + const Icon = meta.icon; + const fields = credentialFields[config.type]; + + return ( + + + + +
+
+
+ +
+
+ + {t(meta.nameKey as never)} + + + {t(meta.descKey as never)} +
+
+ +
+
+ + + setEnabledState((prev) => ({ ...prev, [config.type]: checked })) + } + /> +
+
+
+ + + + {/* Credentials */} +
+

{t('credentials')}

+
+ {fields.map((field) => { + const fieldId = `${config.type}-${field.key}`; + const isPassword = field.type === 'password'; + const isVisible = visiblePasswords[fieldId]; + + return ( +
+ +
+ + handleFieldChange(config.type, field.key, e.target.value) + } + className={cn(isPassword && 'pr-10')} + /> + {isPassword && ( + + )} +
+
+ ); + })} +
+
+ + {/* Sync Settings */} +
+

{t('synchronization' as never)}

+
+
+ + +
+
+
+ + + + + + + + + + ); + })} + + )} +
+ ); +} diff --git a/apps/web/src/app/[locale]/(auth)/admin/integrations/page.tsx b/apps/web/src/app/[locale]/(auth)/admin/integrations/page.tsx new file mode 100644 index 0000000..92ae299 --- /dev/null +++ b/apps/web/src/app/[locale]/(auth)/admin/integrations/page.tsx @@ -0,0 +1,20 @@ +import type { Metadata } from 'next'; +import { AdminIntegrationsContent } from './admin-integrations-content'; + +export const metadata: Metadata = { + title: 'Integration-Verwaltung | Admin | tOS', + description: 'Verwalten Sie die Integration-Konfigurationen', +}; + +interface AdminIntegrationsPageProps { + params: { + locale: string; + }; +} + +/** + * Admin page for managing integration configurations + */ +export default function AdminIntegrationsPage({ params }: AdminIntegrationsPageProps) { + return ; +} diff --git a/apps/web/src/app/[locale]/(auth)/admin/layout.tsx b/apps/web/src/app/[locale]/(auth)/admin/layout.tsx new file mode 100644 index 0000000..86d74bf --- /dev/null +++ b/apps/web/src/app/[locale]/(auth)/admin/layout.tsx @@ -0,0 +1,101 @@ +'use client'; + +import { ReactNode } from 'react'; +import Link from 'next/link'; +import { usePathname } from 'next/navigation'; +import { useTranslations } from 'next-intl'; +import { motion } from 'framer-motion'; +import { Shield, Users, Building2, Settings, Activity } from 'lucide-react'; + +import { cn } from '@/lib/utils'; + +interface AdminLayoutProps { + children: ReactNode; + params: { locale: string }; +} + +const adminTabs = [ + { key: 'overview', href: '/admin', icon: Shield }, + { key: 'users', href: '/admin/users', icon: Users }, + { key: 'departments', href: '/admin/departments', icon: Building2 }, + { key: 'auditLog', href: '/admin/audit-log', icon: Activity }, + { key: 'settings', href: '/admin/settings', icon: Settings }, +]; + +/** + * Admin layout with tab navigation + */ +export default function AdminLayout({ children, params: { locale } }: AdminLayoutProps) { + const pathname = usePathname(); + const t = useTranslations('admin'); + + const isActive = (href: string) => { + const localePath = `/${locale}${href}`; + if (href === '/admin') { + return pathname === localePath; + } + return pathname.startsWith(localePath); + }; + + return ( +
+ {/* Header */} + +

{t('title')}

+

Systemverwaltung und Benutzeradministration

+ + + {/* Tab Navigation */} + + + + + {/* Content */} + + {children} + +
+ ); +} diff --git a/apps/web/src/app/[locale]/(auth)/admin/page.tsx b/apps/web/src/app/[locale]/(auth)/admin/page.tsx new file mode 100644 index 0000000..df4199a --- /dev/null +++ b/apps/web/src/app/[locale]/(auth)/admin/page.tsx @@ -0,0 +1,19 @@ +import { Metadata } from 'next'; +import { getTranslations } from 'next-intl/server'; + +import { AdminDashboardContent } from './admin-dashboard-content'; + +export async function generateMetadata(): Promise { + const t = await getTranslations('admin'); + + return { + title: t('title'), + }; +} + +/** + * Admin dashboard page - Server Component + */ +export default function AdminPage() { + return ; +} diff --git a/apps/web/src/app/[locale]/(auth)/admin/users/page.tsx b/apps/web/src/app/[locale]/(auth)/admin/users/page.tsx new file mode 100644 index 0000000..96fe9c5 --- /dev/null +++ b/apps/web/src/app/[locale]/(auth)/admin/users/page.tsx @@ -0,0 +1,23 @@ +import { Metadata } from 'next'; +import { getTranslations } from 'next-intl/server'; + +import { UsersContent } from './users-content'; + +interface UsersPageProps { + params: { locale: string }; +} + +export async function generateMetadata(): Promise { + const t = await getTranslations('admin'); + + return { + title: `${t('users')} - ${t('title')}`, + }; +} + +/** + * Admin Users page - Server Component + */ +export default function UsersPage({ params: { locale } }: UsersPageProps) { + return ; +} diff --git a/apps/web/src/app/[locale]/(auth)/admin/users/users-content.tsx b/apps/web/src/app/[locale]/(auth)/admin/users/users-content.tsx new file mode 100644 index 0000000..3c9003c --- /dev/null +++ b/apps/web/src/app/[locale]/(auth)/admin/users/users-content.tsx @@ -0,0 +1,284 @@ +'use client'; + +import { useState } from 'react'; +import { useTranslations } from 'next-intl'; +import { motion } from 'framer-motion'; +import { ColumnDef } from '@tanstack/react-table'; +import { + MoreHorizontal, + UserPlus, + Mail, + Shield, + Edit, + Trash2, + UserCheck, + UserX, +} from 'lucide-react'; + +import { Button } from '@/components/ui/button'; +import { Badge } from '@/components/ui/badge'; +import { Avatar, AvatarFallback, AvatarImage } from '@/components/ui/avatar'; +import { Checkbox } from '@/components/ui/checkbox'; +import { + DropdownMenu, + DropdownMenuContent, + DropdownMenuItem, + DropdownMenuLabel, + DropdownMenuSeparator, + DropdownMenuTrigger, +} from '@/components/ui/dropdown-menu'; +import { DataTable, DataTableColumnHeader } from '@/components/ui/data-table'; +import type { User, UserRole } from '@/types'; + +interface UsersContentProps { + locale: string; +} + +// Mock user data +const mockUsers: (User & { lastActive: string })[] = [ + { + id: '1', + email: 'admin@example.com', + firstName: 'Admin', + lastName: 'User', + displayName: 'Admin User', + roles: ['admin'], + isActive: true, + createdAt: new Date('2023-01-15'), + updatedAt: new Date('2024-01-20'), + lastActive: 'vor 5 Minuten', + }, + { + id: '2', + email: 'max.mustermann@example.com', + firstName: 'Max', + lastName: 'Mustermann', + displayName: 'Max Mustermann', + roles: ['employee'], + departmentId: '1', + isActive: true, + createdAt: new Date('2023-06-01'), + updatedAt: new Date('2024-01-18'), + lastActive: 'vor 2 Stunden', + }, + { + id: '3', + email: 'anna.schmidt@example.com', + firstName: 'Anna', + lastName: 'Schmidt', + displayName: 'Anna Schmidt', + roles: ['department_head', 'employee'], + departmentId: '2', + isActive: true, + createdAt: new Date('2023-03-10'), + updatedAt: new Date('2024-01-19'), + lastActive: 'vor 1 Tag', + }, + { + id: '4', + email: 'peter.mueller@example.com', + firstName: 'Peter', + lastName: 'Mueller', + displayName: 'Peter Mueller', + roles: ['manager', 'employee'], + departmentId: '1', + isActive: true, + createdAt: new Date('2022-11-05'), + updatedAt: new Date('2024-01-15'), + lastActive: 'vor 3 Tagen', + }, + { + id: '5', + email: 'inactive.user@example.com', + firstName: 'Inactive', + lastName: 'User', + displayName: 'Inactive User', + roles: ['employee'], + isActive: false, + createdAt: new Date('2023-02-20'), + updatedAt: new Date('2023-12-01'), + lastActive: 'vor 30 Tagen', + }, +]; + +type UserWithLastActive = User & { lastActive: string }; + +const roleColors: Record = { + admin: 'destructive', + manager: 'default', + department_head: 'secondary', + employee: 'outline', +}; + +/** + * Users management content with DataTable + */ +export function UsersContent({ locale }: UsersContentProps) { + const t = useTranslations('admin'); + const [users] = useState(mockUsers); + + const columns: ColumnDef[] = [ + { + id: 'select', + header: ({ table }) => ( + table.toggleAllPageRowsSelected(!!value)} + aria-label="Alle auswaehlen" + /> + ), + cell: ({ row }) => ( + row.toggleSelected(!!value)} + aria-label="Zeile auswaehlen" + /> + ), + enableSorting: false, + enableHiding: false, + }, + { + accessorKey: 'displayName', + header: ({ column }) => , + cell: ({ row }) => { + const user = row.original; + const initials = `${user.firstName[0]}${user.lastName[0]}`.toUpperCase(); + + return ( +
+ + + {initials} + +
+

{user.displayName}

+

{user.email}

+
+
+ ); + }, + }, + { + accessorKey: 'roles', + header: ({ column }) => , + cell: ({ row }) => { + const roles = row.original.roles; + return ( +
+ {roles.map((role) => ( + + {role} + + ))} +
+ ); + }, + filterFn: (row, id, value) => { + return row.original.roles.some((role) => value.includes(role)); + }, + }, + { + accessorKey: 'isActive', + header: ({ column }) => , + cell: ({ row }) => { + const isActive = row.original.isActive; + return ( + + {isActive ? 'Aktiv' : 'Inaktiv'} + + ); + }, + }, + { + accessorKey: 'lastActive', + header: ({ column }) => , + cell: ({ row }) => ( + {row.original.lastActive} + ), + }, + { + id: 'actions', + enableHiding: false, + cell: ({ row }) => { + const user = row.original; + + return ( + + + + + + Aktionen + + + Bearbeiten + + + + E-Mail senden + + + + Rollen verwalten + + + {user.isActive ? ( + + + Deaktivieren + + ) : ( + + + Aktivieren + + )} + + + Loeschen + + + + ); + }, + }, + ]; + + return ( + + {/* Actions Bar */} +
+
+

Benutzerverwaltung

+

+ {users.length} Benutzer im System +

+
+ + +
+ + {/* Data Table */} + + + ); +} diff --git a/apps/web/src/app/[locale]/(auth)/dashboard/dashboard-content.tsx b/apps/web/src/app/[locale]/(auth)/dashboard/dashboard-content.tsx new file mode 100644 index 0000000..667475e --- /dev/null +++ b/apps/web/src/app/[locale]/(auth)/dashboard/dashboard-content.tsx @@ -0,0 +1,270 @@ +'use client'; + +import { useCallback } from 'react'; +import { useSession } from 'next-auth/react'; +import { useTranslations } from 'next-intl'; +import { motion } from 'framer-motion'; +import { Edit3, RotateCcw, Check, Users, CheckCircle2, Calendar, AlertCircle } from 'lucide-react'; + +import { cn } from '@/lib/utils'; +import { Button } from '@/components/ui/button'; +import { TooltipProvider } from '@/components/ui/tooltip'; +import { useDashboardStore } from '@/stores/dashboard-store'; +import { + WidgetGrid, + WidgetGridEmpty, + AddWidgetDialog, + ClockWidget, + WelcomeWidget, + QuickActionsWidget, + StatsWidget, + CalendarWidget, + ActivityWidget, + OrdersWidget, + ChatWidget, + TasksWidget, + TicketsWidget, + FilesWidget, + DocumentsWidget, + GembaDocsWidget, + type WidgetItem, + type StatConfig, +} from '@/components/dashboard'; + +interface DashboardContentProps { + locale: string; +} + +/** Sample stats config - trendTextKey references i18n key under widgets.stats */ +const SAMPLE_STATS_CONFIG: Record & { trendTextKey: string }> = { + presentToday: { + id: 'presentToday', + labelKey: 'presentToday', + value: '42', + trend: 'up', + trendTextKey: 'trendPresentToday', + icon: Users, + }, + openTasks: { + id: 'openTasks', + labelKey: 'openTasks', + value: '12', + trend: 'neutral', + trendTextKey: 'trendOpenTasks', + icon: CheckCircle2, + }, + upcomingMeetings: { + id: 'upcomingMeetings', + labelKey: 'upcomingMeetings', + value: '8', + trend: 'neutral', + trendTextKey: 'trendUpcomingMeetings', + icon: Calendar, + }, + openTickets: { + id: 'openTickets', + labelKey: 'openTickets', + value: '23', + trend: 'down', + trendTextKey: 'trendOpenTickets', + icon: AlertCircle, + }, +}; + +/** + * Dashboard Content - Main dashboard view with customizable widgets + */ +export function DashboardContent({ locale }: DashboardContentProps) { + const { data: session } = useSession(); + const t = useTranslations('dashboard'); + const tWidgets = useTranslations('widgets'); + + const { + widgets, + isEditing, + setWidgets, + addWidget, + removeWidget, + toggleEditMode, + resetToDefault, + } = useDashboardStore(); + + const userRoles = session?.user?.roles || []; + + // Resolve SAMPLE_STATS with translated trendText + const sampleStats: Record = Object.fromEntries( + Object.entries(SAMPLE_STATS_CONFIG).map(([key, { trendTextKey, ...rest }]) => [ + key, + { ...rest, trendText: tWidgets(`stats.${trendTextKey}`) }, + ]) + ); + + // Handle widget order change from drag and drop + const handleWidgetsChange = useCallback( + (newWidgets: WidgetItem[]) => { + setWidgets(newWidgets); + }, + [setWidgets] + ); + + // Handle adding a new widget + const handleAddWidget = useCallback( + (type: string) => { + addWidget(type); + }, + [addWidget] + ); + + // Handle removing a widget + const handleRemoveWidget = useCallback( + (id: string) => { + removeWidget(id); + }, + [removeWidget] + ); + + // Render a widget based on its type + const renderWidget = useCallback( + (item: WidgetItem, editing: boolean) => { + const commonProps = { + id: item.id, + isEditing: editing, + onRemove: editing ? () => handleRemoveWidget(item.id) : undefined, + locale, + }; + + switch (item.type) { + case 'clock': + return ; + + case 'welcome': + return ; + + case 'quickActions': + return ; + + case 'stats': { + const statKey = (item.settings?.statKey as string) || 'presentToday'; + const stat = sampleStats[statKey] || sampleStats.presentToday; + return ; + } + + case 'calendar': + return ; + + case 'activity': + return ; + + // Integration Widgets + case 'orders': + return ; + + case 'chat': + return ; + + case 'todoistTasks': + return ; + + case 'tickets': + return ; + + case 'files': + return ; + + case 'documents': + return ; + + case 'gembadocs': + return ; + + default: + return ( +
+ + Unknown widget: {item.type} + +
+ ); + } + }, + [handleRemoveWidget, locale, sampleStats] + ); + + return ( + +
+ {/* Dashboard Header */} + +
+

{t('title')}

+

{t('overview')}

+
+ + {/* Dashboard Actions */} +
+ {isEditing ? ( + <> + w.type)} + userRoles={userRoles} + /> + + + + + + ) : ( + + )} +
+ + + {/* Edit Mode Banner */} + {isEditing && ( + +

+ {t('editModeActive')} {t('editModeDescription')} +

+ + )} + + {/* Widget Grid */} + {widgets.length === 0 ? ( + toggleEditMode()} /> + ) : ( + + )} +
+ + ); +} diff --git a/apps/web/src/app/[locale]/(auth)/dashboard/page.tsx b/apps/web/src/app/[locale]/(auth)/dashboard/page.tsx new file mode 100644 index 0000000..b209633 --- /dev/null +++ b/apps/web/src/app/[locale]/(auth)/dashboard/page.tsx @@ -0,0 +1,24 @@ +import { Metadata } from 'next'; +import { getTranslations } from 'next-intl/server'; + +import { DashboardContent } from './dashboard-content'; + +interface DashboardPageProps { + params: { locale: string }; +} + +export async function generateMetadata(): Promise { + const t = await getTranslations('dashboard'); + + return { + title: t('title'), + }; +} + +/** + * Dashboard page - Server Component + * Acts as the entry point for the dashboard with customizable widgets + */ +export default function DashboardPage({ params: { locale } }: DashboardPageProps) { + return ; +} diff --git a/apps/web/src/app/[locale]/(auth)/hr/absences/absences-content.tsx b/apps/web/src/app/[locale]/(auth)/hr/absences/absences-content.tsx new file mode 100644 index 0000000..fccde43 --- /dev/null +++ b/apps/web/src/app/[locale]/(auth)/hr/absences/absences-content.tsx @@ -0,0 +1,176 @@ +'use client'; + +import { useState } from 'react'; +import { useTranslations } from 'next-intl'; +import { useSession } from 'next-auth/react'; +import Link from 'next/link'; +import { + Palmtree, + Calendar, + Plus, + ClipboardCheck, + AlertCircle, +} from 'lucide-react'; +import { Button } from '@/components/ui/button'; +import { + Card, + CardContent, + CardDescription, + CardHeader, + CardTitle, +} from '@/components/ui/card'; +import { Skeleton } from '@/components/ui/skeleton'; +import { ScrollArea } from '@/components/ui/scroll-area'; +import { PageTransition } from '@/components/layout/page-transition'; +import { + VacationBalance, + AbsenceCard, + AbsenceRequestForm, +} from '@/components/hr/absences'; +import { useMyAbsenceRequests, useCancelAbsence } from '@/hooks/hr/use-absences'; +import { useToast } from '@/hooks/use-toast'; + +interface AbsencesContentProps { + locale: string; +} + +/** + * Absences overview page content - Client Component + * Shows vacation balance and personal absence requests + */ +export function AbsencesContent({ locale }: AbsencesContentProps) { + const t = useTranslations('hr.absences'); + const tCommon = useTranslations('common'); + const { data: session } = useSession(); + const { toast } = useToast(); + + const [requestDialog, setRequestDialog] = useState(false); + + const employeeId = session?.user?.id || '1'; + const userRoles = session?.user?.roles || []; + const canApprove = + userRoles.includes('manager') || + userRoles.includes('department_head') || + userRoles.includes('admin'); + + const { data: requests, isLoading, error } = useMyAbsenceRequests(); + const cancelAbsence = useCancelAbsence(); + + const handleCancel = async (id: string) => { + try { + await cancelAbsence.mutateAsync(id); + toast({ + title: t('cancelled'), + description: t('cancelledDesc'), + }); + } catch { + toast({ + title: tCommon('error'), + description: t('errorCancel'), + variant: 'destructive', + }); + } + }; + + return ( + +
+ {/* Header */} +
+
+

{t('title')}

+

{t('description')}

+
+
+ + {canApprove && ( + + )} + +
+
+ + {/* Main content */} +
+ {/* Left column: Vacation Balance */} +
+ +
+ + {/* Right column: My Requests */} +
+ + + + + {t('myRequests')} + + {t('myRequestsDesc')} + + + {isLoading ? ( +
+ {[1, 2, 3].map((i) => ( + + ))} +
+ ) : error ? ( +
+ +

{t('errorLoadingRequests')}

+
+ ) : !requests || requests.length === 0 ? ( +
+ +

{t('noRequests')}

+ +
+ ) : ( + +
+ {requests.map((request) => ( + + ))} +
+ + )} + + +
+
+ + {/* Request dialog */} + +
+ + ); +} diff --git a/apps/web/src/app/[locale]/(auth)/hr/absences/calendar/absence-calendar-content.tsx b/apps/web/src/app/[locale]/(auth)/hr/absences/calendar/absence-calendar-content.tsx new file mode 100644 index 0000000..701159f --- /dev/null +++ b/apps/web/src/app/[locale]/(auth)/hr/absences/calendar/absence-calendar-content.tsx @@ -0,0 +1,90 @@ +'use client'; + +import { useState } from 'react'; +import { useTranslations } from 'next-intl'; +import Link from 'next/link'; +import { ArrowLeft, Plus, Filter } from 'lucide-react'; +import { Button } from '@/components/ui/button'; +import { + Select, + SelectContent, + SelectItem, + SelectTrigger, + SelectValue, +} from '@/components/ui/select'; +import { PageTransition } from '@/components/layout/page-transition'; +import { AbsenceCalendar, AbsenceRequestForm } from '@/components/hr/absences'; + +interface AbsenceCalendarPageContentProps { + locale: string; +} + +// Mock departments - in production, this would come from the API +const mockDepartments = [ + { id: 'all', name: 'Alle Abteilungen' }, + { id: '1', name: 'IT & Entwicklung' }, + { id: '2', name: 'Personal' }, + { id: '3', name: 'Vertrieb' }, + { id: '4', name: 'Lager & Logistik' }, +]; + +/** + * Absence calendar page content - Client Component + * Shows team absences with department filter + */ +export function AbsenceCalendarPageContent({ locale }: AbsenceCalendarPageContentProps) { + const t = useTranslations('hr.absences'); + + const [requestDialog, setRequestDialog] = useState(false); + const [selectedDepartment, setSelectedDepartment] = useState('all'); + + const departmentId = selectedDepartment === 'all' ? undefined : selectedDepartment; + + return ( + +
+ {/* Header */} +
+ +
+

{t('teamCalendar')}

+

{t('teamCalendarDesc')}

+
+
+ + +
+
+ + {/* Calendar */} + + + {/* Request dialog */} + +
+ + ); +} diff --git a/apps/web/src/app/[locale]/(auth)/hr/absences/calendar/page.tsx b/apps/web/src/app/[locale]/(auth)/hr/absences/calendar/page.tsx new file mode 100644 index 0000000..a338933 --- /dev/null +++ b/apps/web/src/app/[locale]/(auth)/hr/absences/calendar/page.tsx @@ -0,0 +1,24 @@ +import { Metadata } from 'next'; +import { getTranslations } from 'next-intl/server'; + +import { AbsenceCalendarPageContent } from './absence-calendar-content'; + +interface AbsenceCalendarPageProps { + params: { locale: string }; +} + +export async function generateMetadata(): Promise { + const t = await getTranslations('hr.absences'); + + return { + title: `${t('teamCalendar')} - HR`, + }; +} + +/** + * Absence calendar page - Server Component + * Shows team absences in a calendar view + */ +export default function AbsenceCalendarPage({ params: { locale } }: AbsenceCalendarPageProps) { + return ; +} diff --git a/apps/web/src/app/[locale]/(auth)/hr/absences/page.tsx b/apps/web/src/app/[locale]/(auth)/hr/absences/page.tsx new file mode 100644 index 0000000..023105f --- /dev/null +++ b/apps/web/src/app/[locale]/(auth)/hr/absences/page.tsx @@ -0,0 +1,24 @@ +import { Metadata } from 'next'; +import { getTranslations } from 'next-intl/server'; + +import { AbsencesContent } from './absences-content'; + +interface AbsencesPageProps { + params: { locale: string }; +} + +export async function generateMetadata(): Promise { + const t = await getTranslations('navigation'); + + return { + title: `${t('absences')} - HR`, + }; +} + +/** + * Absences overview page - Server Component + * Shows vacation balance and absence requests + */ +export default function AbsencesPage({ params: { locale } }: AbsencesPageProps) { + return ; +} diff --git a/apps/web/src/app/[locale]/(auth)/hr/absences/requests/absence-requests-content.tsx b/apps/web/src/app/[locale]/(auth)/hr/absences/requests/absence-requests-content.tsx new file mode 100644 index 0000000..ed30e7a --- /dev/null +++ b/apps/web/src/app/[locale]/(auth)/hr/absences/requests/absence-requests-content.tsx @@ -0,0 +1,93 @@ +'use client'; + +import { useState } from 'react'; +import { useTranslations } from 'next-intl'; +import Link from 'next/link'; +import { ArrowLeft, Filter, Calendar } from 'lucide-react'; +import { Button } from '@/components/ui/button'; +import { + Select, + SelectContent, + SelectItem, + SelectTrigger, + SelectValue, +} from '@/components/ui/select'; +import { Tabs, TabsContent, TabsList, TabsTrigger } from '@/components/ui/tabs'; +import { PageTransition } from '@/components/layout/page-transition'; +import { AbsenceApprovalList, AbsenceCalendar } from '@/components/hr/absences'; + +interface AbsenceRequestsContentProps { + locale: string; +} + +// Mock departments - in production, this would come from the API +const mockDepartments = [ + { id: 'all', name: 'Alle Abteilungen' }, + { id: '1', name: 'IT & Entwicklung' }, + { id: '2', name: 'Personal' }, + { id: '3', name: 'Vertrieb' }, + { id: '4', name: 'Lager & Logistik' }, +]; + +/** + * Absence requests approval page content - Client Component + * Shows pending requests for managers to approve/reject + */ +export function AbsenceRequestsContent({ locale }: AbsenceRequestsContentProps) { + const t = useTranslations('hr.absences'); + + const [selectedDepartment, setSelectedDepartment] = useState('all'); + + const departmentId = selectedDepartment === 'all' ? undefined : selectedDepartment; + + return ( + +
+ {/* Header */} +
+ +
+

{t('pendingApprovals')}

+

{t('pendingApprovalsManagerDesc')}

+
+ +
+ + {/* Tabs */} + + + {t('pending')} + + + {t('overview')} + + + + + + + + + + + +
+ + ); +} diff --git a/apps/web/src/app/[locale]/(auth)/hr/absences/requests/page.tsx b/apps/web/src/app/[locale]/(auth)/hr/absences/requests/page.tsx new file mode 100644 index 0000000..9c588f7 --- /dev/null +++ b/apps/web/src/app/[locale]/(auth)/hr/absences/requests/page.tsx @@ -0,0 +1,24 @@ +import { Metadata } from 'next'; +import { getTranslations } from 'next-intl/server'; + +import { AbsenceRequestsContent } from './absence-requests-content'; + +interface AbsenceRequestsPageProps { + params: { locale: string }; +} + +export async function generateMetadata(): Promise { + const t = await getTranslations('hr.absences'); + + return { + title: `${t('pendingApprovals')} - HR`, + }; +} + +/** + * Absence requests page for managers - Server Component + * Shows pending requests for approval + */ +export default function AbsenceRequestsPage({ params: { locale } }: AbsenceRequestsPageProps) { + return ; +} diff --git a/apps/web/src/app/[locale]/(auth)/hr/employees/[id]/employee-detail-content.tsx b/apps/web/src/app/[locale]/(auth)/hr/employees/[id]/employee-detail-content.tsx new file mode 100644 index 0000000..dabf1da --- /dev/null +++ b/apps/web/src/app/[locale]/(auth)/hr/employees/[id]/employee-detail-content.tsx @@ -0,0 +1,495 @@ +'use client'; + +import { useState } from 'react'; +import Link from 'next/link'; +import { useTranslations } from 'next-intl'; +import { format } from 'date-fns'; +import { de } from 'date-fns/locale'; +import { + ArrowLeft, + Edit, + Mail, + Phone, + Building2, + Calendar, + Clock, + Briefcase, + MapPin, + AlertCircle, + User, +} from 'lucide-react'; +import { + Card, + CardContent, + CardDescription, + CardHeader, + CardTitle, +} from '@/components/ui/card'; +import { Avatar, AvatarFallback, AvatarImage } from '@/components/ui/avatar'; +import { Badge } from '@/components/ui/badge'; +import { Button } from '@/components/ui/button'; +import { Tabs, TabsContent, TabsList, TabsTrigger } from '@/components/ui/tabs'; +import { Skeleton } from '@/components/ui/skeleton'; +import { Separator } from '@/components/ui/separator'; +import { PageTransition } from '@/components/layout/page-transition'; +import { cn } from '@/lib/utils'; +import { + useEmployee, + EMPLOYMENT_STATUS_COLORS, +} from '@/hooks/hr/use-employees'; + +interface EmployeeDetailContentProps { + locale: string; + employeeId: string; +} + +/** + * Employee detail page content + * Shows employee information in tabs: Overview, Time Account, Absences + */ +export function EmployeeDetailContent({ + locale, + employeeId, +}: EmployeeDetailContentProps) { + const t = useTranslations('hr'); + const tContract = useTranslations('hr.contractType'); + const tStatus = useTranslations('hr.employeeStatus'); + const tCommon = useTranslations('common'); + + const [activeTab, setActiveTab] = useState('overview'); + + const { data: employee, isLoading, error } = useEmployee(employeeId); + + // Loading state + if (isLoading) { + return ( + +
+
+ + +
+
+ + +
+
+ + ); + } + + // Error state + if (error || !employee) { + return ( + +
+ +

{t('employeeNotFound')}

+

+ {t('employeeNotFoundDesc')} +

+ + + +
+ + ); + } + + const initials = `${employee.firstName.charAt(0)}${employee.lastName.charAt(0)}`; + const statusColors = EMPLOYMENT_STATUS_COLORS[employee.status]; + + return ( + +
+ {/* Header */} +
+
+ + + +
+

+ {employee.firstName} {employee.lastName} +

+

{employee.employeeNumber}

+
+
+ + + +
+ + {/* Content */} +
+ {/* Sidebar - Employee Card */} + + +
+ + + + {initials} + + +

+ {employee.firstName} {employee.lastName} +

+

{employee.position}

+ + {tStatus(employee.status)} + +
+ + + +
+ + {employee.phone && ( + + )} +
+ + {employee.department?.name} +
+ {employee.manager && ( +
+ + + {t('manager')}: {employee.manager.firstName}{' '} + {employee.manager.lastName} + +
+ )} +
+ + + + {/* Main Content - Tabs */} +
+ + + {t('tabs.overview')} + + {t('tabs.timeAccount')} + + {t('tabs.absences')} + + + {/* Overview Tab */} + + {/* Employment Details */} + + + + {t('employmentDetails')} + + + +
+

+ {t('contractType.label')} +

+

+ {tContract(employee.contractType)} +

+
+
+

+ {t('weeklyHours')} +

+

{employee.weeklyHours} h

+
+
+

+ {t('hireDate')} +

+

+ {format(new Date(employee.hireDate), 'PPP', { + locale: locale === 'de' ? de : undefined, + })} +

+
+ {employee.terminationDate && ( +
+

+ {t('terminationDate')} +

+

+ {format(new Date(employee.terminationDate), 'PPP', { + locale: locale === 'de' ? de : undefined, + })} +

+
+ )} +
+

+ {t('roles')} +

+
+ {employee.roles.map((role) => ( + + {role} + + ))} +
+
+ + + + {/* Address */} + {employee.address && ( + + + {t('address')} + + +
+ +
+

{employee.address.street}

+

+ {employee.address.zipCode} {employee.address.city} +

+

{employee.address.country}

+
+
+ + + )} + + {/* Emergency Contact */} + {employee.emergencyContact && ( + + + + {t('emergencyContact')} + + + +
+

+ {t('emergencyName')} +

+

+ {employee.emergencyContact.name} +

+
+
+

+ {t('emergencyPhone')} +

+

+ {employee.emergencyContact.phone} +

+
+
+

+ {t('emergencyRelationship')} +

+

+ {employee.emergencyContact.relationship} +

+
+ + + )} + + + {/* Time Account Tab */} + +
+ + + + {t('overtimeBalance')} + + + +
0 + ? 'text-green-600' + : employee.overtimeBalance < 0 + ? 'text-red-600' + : '' + )} + > + {employee.overtimeBalance > 0 ? '+' : ''} + {employee.overtimeBalance.toFixed(1)} h +
+ + + + + + + {t('weeklyTarget')} + + + +
+ {employee.weeklyHours} h +
+ + +
+ + + +
+ +

{t('timeTracking.noData')}

+

{t('timeTracking.noDataDesc')}

+
+ + + + + {/* Absences Tab */} + +
+ + + + {t('vacationDaysTotal')} + + + +
+ {employee.vacationDaysTotal} +
+ + + + + + + {t('vacationDaysUsed')} + + + +
+ {employee.vacationDaysUsed} +
+ + + + + + + {t('vacationDaysRemaining')} + + + +
+ {employee.vacationDaysTotal - + employee.vacationDaysUsed - + employee.vacationDaysPending} +
+ {employee.vacationDaysPending > 0 && ( +

+ +{employee.vacationDaysPending} {t('pending')} +

+ )} + + +
+ + {/* Vacation Progress Bar */} + + + + {t('vacationOverview')} + + + +
+
+ + {employee.vacationDaysUsed + + employee.vacationDaysPending}{' '} + / {employee.vacationDaysTotal} {t('daysUsed')} + + + {Math.round( + ((employee.vacationDaysUsed + + employee.vacationDaysPending) / + employee.vacationDaysTotal) * + 100 + )} + % + +
+
+
+
+
+ + + + {/* Absence List Placeholder */} + + +
+ +

{t('absences.noData')}

+

{t('absences.noDataDesc')}

+
+ + + + +
+
+
+ + ); +} diff --git a/apps/web/src/app/[locale]/(auth)/hr/employees/[id]/page.tsx b/apps/web/src/app/[locale]/(auth)/hr/employees/[id]/page.tsx new file mode 100644 index 0000000..2d8646c --- /dev/null +++ b/apps/web/src/app/[locale]/(auth)/hr/employees/[id]/page.tsx @@ -0,0 +1,26 @@ +import { Metadata } from 'next'; +import { getTranslations } from 'next-intl/server'; +import { EmployeeDetailContent } from './employee-detail-content'; + +export async function generateMetadata({ + params, +}: { + params: Promise<{ locale: string; id: string }>; +}): Promise { + const { locale } = await params; + const t = await getTranslations({ locale, namespace: 'hr' }); + + return { + title: t('employees.details'), + description: t('employees.detailsDescription'), + }; +} + +export default async function EmployeeDetailPage({ + params, +}: { + params: Promise<{ locale: string; id: string }>; +}) { + const { locale, id } = await params; + return ; +} diff --git a/apps/web/src/app/[locale]/(auth)/hr/employees/employees-content.tsx b/apps/web/src/app/[locale]/(auth)/hr/employees/employees-content.tsx new file mode 100644 index 0000000..901b60e --- /dev/null +++ b/apps/web/src/app/[locale]/(auth)/hr/employees/employees-content.tsx @@ -0,0 +1,52 @@ +'use client'; + +import Link from 'next/link'; +import { useTranslations } from 'next-intl'; +import { UserPlus, ArrowLeft } from 'lucide-react'; +import { Button } from '@/components/ui/button'; +import { PageTransition } from '@/components/layout/page-transition'; +import { EmployeeList } from '@/components/hr/employees'; + +interface EmployeesContentProps { + locale: string; +} + +/** + * Employees list page content + * Displays employee table with search and filters + */ +export function EmployeesContent({ locale }: EmployeesContentProps) { + const t = useTranslations('hr'); + + return ( + +
+ {/* Header */} +
+
+ + + +
+

+ {t('employees.title')} +

+

{t('employees.subtitle')}

+
+
+ + + +
+ + {/* Employee List */} + +
+ + ); +} diff --git a/apps/web/src/app/[locale]/(auth)/hr/employees/new/new-employee-content.tsx b/apps/web/src/app/[locale]/(auth)/hr/employees/new/new-employee-content.tsx new file mode 100644 index 0000000..828c7a9 --- /dev/null +++ b/apps/web/src/app/[locale]/(auth)/hr/employees/new/new-employee-content.tsx @@ -0,0 +1,44 @@ +'use client'; + +import Link from 'next/link'; +import { useTranslations } from 'next-intl'; +import { ArrowLeft } from 'lucide-react'; +import { Button } from '@/components/ui/button'; +import { PageTransition } from '@/components/layout/page-transition'; +import { EmployeeForm } from '@/components/hr/employees'; + +interface NewEmployeeContentProps { + locale: string; +} + +/** + * New employee page content + * Displays employee creation form + */ +export function NewEmployeeContent({ locale }: NewEmployeeContentProps) { + const t = useTranslations('hr'); + + return ( + +
+ {/* Header */} +
+ + + +
+

+ {t('employees.new')} +

+

{t('employees.newSubtitle')}

+
+
+ + {/* Form */} + +
+ + ); +} diff --git a/apps/web/src/app/[locale]/(auth)/hr/employees/new/page.tsx b/apps/web/src/app/[locale]/(auth)/hr/employees/new/page.tsx new file mode 100644 index 0000000..936cd15 --- /dev/null +++ b/apps/web/src/app/[locale]/(auth)/hr/employees/new/page.tsx @@ -0,0 +1,26 @@ +import { Metadata } from 'next'; +import { getTranslations } from 'next-intl/server'; +import { NewEmployeeContent } from './new-employee-content'; + +export async function generateMetadata({ + params, +}: { + params: Promise<{ locale: string }>; +}): Promise { + const { locale } = await params; + const t = await getTranslations({ locale, namespace: 'hr' }); + + return { + title: t('employees.new'), + description: t('employees.newDescription'), + }; +} + +export default async function NewEmployeePage({ + params, +}: { + params: Promise<{ locale: string }>; +}) { + const { locale } = await params; + return ; +} diff --git a/apps/web/src/app/[locale]/(auth)/hr/employees/page.tsx b/apps/web/src/app/[locale]/(auth)/hr/employees/page.tsx new file mode 100644 index 0000000..22363c9 --- /dev/null +++ b/apps/web/src/app/[locale]/(auth)/hr/employees/page.tsx @@ -0,0 +1,26 @@ +import { Metadata } from 'next'; +import { getTranslations } from 'next-intl/server'; +import { EmployeesContent } from './employees-content'; + +export async function generateMetadata({ + params, +}: { + params: Promise<{ locale: string }>; +}): Promise { + const { locale } = await params; + const t = await getTranslations({ locale, namespace: 'hr' }); + + return { + title: t('employees.title'), + description: t('employees.description'), + }; +} + +export default async function EmployeesPage({ + params, +}: { + params: Promise<{ locale: string }>; +}) { + const { locale } = await params; + return ; +} diff --git a/apps/web/src/app/[locale]/(auth)/hr/hr-overview-content.tsx b/apps/web/src/app/[locale]/(auth)/hr/hr-overview-content.tsx new file mode 100644 index 0000000..81c218e --- /dev/null +++ b/apps/web/src/app/[locale]/(auth)/hr/hr-overview-content.tsx @@ -0,0 +1,257 @@ +'use client'; + +import Link from 'next/link'; +import { useTranslations } from 'next-intl'; +import { + Users, + Clock, + CalendarDays, + Network, + UserPlus, + TrendingUp, + TrendingDown, + Minus, + Building2, +} from 'lucide-react'; +import { + Card, + CardContent, + CardDescription, + CardHeader, + CardTitle, +} from '@/components/ui/card'; +import { Button } from '@/components/ui/button'; +import { Badge } from '@/components/ui/badge'; +import { PageTransition } from '@/components/layout/page-transition'; +import { Skeleton } from '@/components/ui/skeleton'; +import { useEmployeeStats } from '@/hooks/hr/use-employees'; +import { cn } from '@/lib/utils'; + +interface HROverviewContentProps { + locale: string; +} + +/** + * HR module configuration + */ +const hrModules = [ + { + id: 'employees', + icon: Users, + href: '/hr/employees', + color: 'text-blue-500', + bgColor: 'bg-blue-500/10', + }, + { + id: 'timeTracking', + icon: Clock, + href: '/hr/time-tracking', + color: 'text-green-500', + bgColor: 'bg-green-500/10', + }, + { + id: 'absences', + icon: CalendarDays, + href: '/hr/absences', + color: 'text-orange-500', + bgColor: 'bg-orange-500/10', + }, + { + id: 'orgChart', + icon: Network, + href: '/hr/org-chart', + color: 'text-purple-500', + bgColor: 'bg-purple-500/10', + }, +]; + +/** + * HR Overview page content + * Shows HR modules and statistics + */ +export function HROverviewContent({ locale }: HROverviewContentProps) { + const t = useTranslations('hr'); + const tNav = useTranslations('navigation'); + + const { data: stats, isLoading: statsLoading } = useEmployeeStats(); + + return ( + +
+ {/* Header */} +
+
+

{t('title')}

+

{t('description')}

+
+ + + +
+ + {/* Quick Stats */} +
+ + + + {t('stats.totalEmployees')} + + + + {statsLoading ? ( + + ) : ( + <> +
{stats?.total || 0}
+
+ + +{stats?.newThisMonth || 0} {t('stats.thisMonth')} +
+ + )} + + + + + + + {t('stats.activeEmployees')} + + + + {statsLoading ? ( + + ) : ( + <> +
{stats?.active || 0}
+
+ {stats?.total + ? Math.round((stats.active / stats.total) * 100) + : 0} + % {t('stats.ofTotal')} +
+ + )} + + + + + + + {t('stats.onLeave')} + + + + {statsLoading ? ( + + ) : ( + <> +
{stats?.onLeave || 0}
+
+ {t('stats.currentlyAbsent')} +
+ + )} + + + + + + + {t('stats.departments')} + + + + {statsLoading ? ( + + ) : ( + <> +
+ {stats?.departmentBreakdown?.length || 0} +
+
+ {t('stats.activeDepartments')} +
+ + )} + + +
+ + {/* HR Modules */} +
+

{t('modules')}

+
+ {hrModules.map((module) => { + const Icon = module.icon; + return ( + + + +
+ +
+ + {tNav(module.id)} + + + {t(`modules.${module.id}.description`)} + + + + + ); + })} +
+
+ + {/* Department Breakdown */} + + + {t('departmentBreakdown')} + {t('departmentBreakdownDesc')} + + + {statsLoading ? ( +
+ {[1, 2, 3, 4].map((i) => ( +
+ + +
+ ))} +
+ ) : stats?.departmentBreakdown?.length ? ( +
+ {stats.departmentBreakdown.map((dept) => ( +
+
+ + {dept.departmentName} +
+ {dept.count} +
+ ))} +
+ ) : ( +

+ {t('noDepartments')} +

+ )} + + +
+ + ); +} diff --git a/apps/web/src/app/[locale]/(auth)/hr/org-chart/org-chart-content.tsx b/apps/web/src/app/[locale]/(auth)/hr/org-chart/org-chart-content.tsx new file mode 100644 index 0000000..0d3d2d7 --- /dev/null +++ b/apps/web/src/app/[locale]/(auth)/hr/org-chart/org-chart-content.tsx @@ -0,0 +1,49 @@ +'use client'; + +import Link from 'next/link'; +import { useTranslations } from 'next-intl'; +import { ArrowLeft } from 'lucide-react'; +import { Button } from '@/components/ui/button'; +import { Card, CardContent, CardHeader, CardTitle } from '@/components/ui/card'; +import { PageTransition } from '@/components/layout/page-transition'; +import { OrgChart } from '@/components/hr/employees'; + +interface OrgChartContentProps { + locale: string; +} + +/** + * Organization chart page content + * Displays hierarchical tree view of employees + */ +export function OrgChartContent({ locale }: OrgChartContentProps) { + const t = useTranslations('hr'); + + return ( + +
+ {/* Header */} +
+ + + +
+

+ {t('orgChart.title')} +

+

{t('orgChart.subtitle')}

+
+
+ + {/* Org Chart */} + + + + + +
+ + ); +} diff --git a/apps/web/src/app/[locale]/(auth)/hr/org-chart/page.tsx b/apps/web/src/app/[locale]/(auth)/hr/org-chart/page.tsx new file mode 100644 index 0000000..b022afc --- /dev/null +++ b/apps/web/src/app/[locale]/(auth)/hr/org-chart/page.tsx @@ -0,0 +1,26 @@ +import { Metadata } from 'next'; +import { getTranslations } from 'next-intl/server'; +import { OrgChartContent } from './org-chart-content'; + +export async function generateMetadata({ + params, +}: { + params: Promise<{ locale: string }>; +}): Promise { + const { locale } = await params; + const t = await getTranslations({ locale, namespace: 'hr' }); + + return { + title: t('orgChart.title'), + description: t('orgChart.description'), + }; +} + +export default async function OrgChartPage({ + params, +}: { + params: Promise<{ locale: string }>; +}) { + const { locale } = await params; + return ; +} diff --git a/apps/web/src/app/[locale]/(auth)/hr/page.tsx b/apps/web/src/app/[locale]/(auth)/hr/page.tsx new file mode 100644 index 0000000..5da0ddd --- /dev/null +++ b/apps/web/src/app/[locale]/(auth)/hr/page.tsx @@ -0,0 +1,26 @@ +import { Metadata } from 'next'; +import { getTranslations } from 'next-intl/server'; +import { HROverviewContent } from './hr-overview-content'; + +export async function generateMetadata({ + params, +}: { + params: Promise<{ locale: string }>; +}): Promise { + const { locale } = await params; + const t = await getTranslations({ locale, namespace: 'hr' }); + + return { + title: t('title'), + description: t('description'), + }; +} + +export default async function HRPage({ + params, +}: { + params: Promise<{ locale: string }>; +}) { + const { locale } = await params; + return ; +} diff --git a/apps/web/src/app/[locale]/(auth)/hr/time-tracking/[employeeId]/employee-time-account-content.tsx b/apps/web/src/app/[locale]/(auth)/hr/time-tracking/[employeeId]/employee-time-account-content.tsx new file mode 100644 index 0000000..dc31e56 --- /dev/null +++ b/apps/web/src/app/[locale]/(auth)/hr/time-tracking/[employeeId]/employee-time-account-content.tsx @@ -0,0 +1,137 @@ +'use client'; + +import { useState } from 'react'; +import { useTranslations } from 'next-intl'; +import Link from 'next/link'; +import { format, subMonths, addMonths } from 'date-fns'; +import { de, enUS } from 'date-fns/locale'; +import { ArrowLeft, ChevronLeft, ChevronRight, User, Calendar } from 'lucide-react'; +import { Button } from '@/components/ui/button'; +import { + Card, + CardContent, + CardDescription, + CardHeader, + CardTitle, +} from '@/components/ui/card'; +import { Avatar, AvatarFallback, AvatarImage } from '@/components/ui/avatar'; +import { Skeleton } from '@/components/ui/skeleton'; +import { PageTransition } from '@/components/layout/page-transition'; +import { TimeSummary, TimeEntryList, TimeEntryForm } from '@/components/hr/time-tracking'; +import { useTimeSummary } from '@/hooks/hr/use-time-tracking'; +import type { TimeEntry } from '@/types/hr'; + +interface EmployeeTimeAccountContentProps { + locale: string; + employeeId: string; +} + +/** + * Employee time account detail view + * Shows monthly summary and all entries for a specific employee + */ +export function EmployeeTimeAccountContent({ + locale, + employeeId, +}: EmployeeTimeAccountContentProps) { + const t = useTranslations('hr.timeTracking'); + const dateLocale = locale === 'de' ? de : enUS; + + const [currentDate, setCurrentDate] = useState(new Date()); + const [correctionDialog, setCorrectionDialog] = useState(false); + const [selectedEntry, setSelectedEntry] = useState(null); + + const year = currentDate.getFullYear(); + const month = currentDate.getMonth() + 1; + + const { data: summary, isLoading } = useTimeSummary(employeeId, year, month); + + const goToPreviousMonth = () => setCurrentDate(subMonths(currentDate, 1)); + const goToNextMonth = () => setCurrentDate(addMonths(currentDate, 1)); + + const handleEditEntry = (entry: TimeEntry) => { + setSelectedEntry(entry); + setCorrectionDialog(true); + }; + + // Mock employee data - in production, this would come from the API + const employee = summary?.entries[0]?.employee || { + firstName: 'Mitarbeiter', + lastName: '', + avatarUrl: undefined, + }; + + return ( + +
+ {/* Header with back button */} +
+ +
+ {isLoading ? ( + + ) : ( +
+ + + + {employee.firstName[0]} + {employee.lastName[0] || ''} + + +
+

+ {employee.firstName} {employee.lastName} +

+

{t('timeAccount')}

+
+
+ )} +
+
+ + {/* Month navigation */} + + + +
+ + + {format(currentDate, 'MMMM yyyy', { locale: dateLocale })} + +
+ + + + + {/* Content grid */} +
+ {/* Summary */} + + + {/* Entries */} + +
+ + {/* Correction dialog */} + +
+ + ); +} diff --git a/apps/web/src/app/[locale]/(auth)/hr/time-tracking/[employeeId]/page.tsx b/apps/web/src/app/[locale]/(auth)/hr/time-tracking/[employeeId]/page.tsx new file mode 100644 index 0000000..97b0302 --- /dev/null +++ b/apps/web/src/app/[locale]/(auth)/hr/time-tracking/[employeeId]/page.tsx @@ -0,0 +1,26 @@ +import { Metadata } from 'next'; +import { getTranslations } from 'next-intl/server'; + +import { EmployeeTimeAccountContent } from './employee-time-account-content'; + +interface EmployeeTimeAccountPageProps { + params: { locale: string; employeeId: string }; +} + +export async function generateMetadata(): Promise { + const t = await getTranslations('hr.timeTracking'); + + return { + title: `${t('timeAccount')} - HR`, + }; +} + +/** + * Employee time account page - Server Component + * Shows detailed time tracking for a specific employee + */ +export default function EmployeeTimeAccountPage({ + params: { locale, employeeId }, +}: EmployeeTimeAccountPageProps) { + return ; +} diff --git a/apps/web/src/app/[locale]/(auth)/hr/time-tracking/page.tsx b/apps/web/src/app/[locale]/(auth)/hr/time-tracking/page.tsx new file mode 100644 index 0000000..0f277dc --- /dev/null +++ b/apps/web/src/app/[locale]/(auth)/hr/time-tracking/page.tsx @@ -0,0 +1,24 @@ +import { Metadata } from 'next'; +import { getTranslations } from 'next-intl/server'; + +import { TimeTrackingContent } from './time-tracking-content'; + +interface TimeTrackingPageProps { + params: { locale: string }; +} + +export async function generateMetadata(): Promise { + const t = await getTranslations('navigation'); + + return { + title: `${t('timeTracking')} - HR`, + }; +} + +/** + * Time Tracking overview page - Server Component + * Shows time clock and recent entries + */ +export default function TimeTrackingPage({ params: { locale } }: TimeTrackingPageProps) { + return ; +} diff --git a/apps/web/src/app/[locale]/(auth)/hr/time-tracking/time-tracking-content.tsx b/apps/web/src/app/[locale]/(auth)/hr/time-tracking/time-tracking-content.tsx new file mode 100644 index 0000000..c513f50 --- /dev/null +++ b/apps/web/src/app/[locale]/(auth)/hr/time-tracking/time-tracking-content.tsx @@ -0,0 +1,93 @@ +'use client'; + +import { useState } from 'react'; +import { useTranslations } from 'next-intl'; +import { useSession } from 'next-auth/react'; +import { Clock, Calendar, FileText } from 'lucide-react'; +import { Tabs, TabsContent, TabsList, TabsTrigger } from '@/components/ui/tabs'; +import { PageTransition } from '@/components/layout/page-transition'; +import { + TimeClock, + TimeEntryList, + TimeEntryForm, + TimeSummary, +} from '@/components/hr/time-tracking'; +import type { TimeEntry } from '@/types/hr'; + +interface TimeTrackingContentProps { + locale: string; +} + +/** + * Time tracking page content - Client Component + * Provides time clock, entry list, and monthly summary + */ +export function TimeTrackingContent({ locale }: TimeTrackingContentProps) { + const t = useTranslations('hr.timeTracking'); + const { data: session } = useSession(); + + const [correctionDialog, setCorrectionDialog] = useState(false); + const [selectedEntry, setSelectedEntry] = useState(null); + + const employeeId = session?.user?.id || '1'; + + const handleEditEntry = (entry: TimeEntry) => { + setSelectedEntry(entry); + setCorrectionDialog(true); + }; + + return ( + +
+ {/* Header */} +
+

{t('title')}

+

{t('description')}

+
+ + {/* Main content */} +
+ {/* Left column: Time Clock */} +
+ +
+ + {/* Right column: Tabs for entries and summary */} +
+ + + + + {t('entries')} + + + + {t('summary')} + + + + + + + + + + + +
+
+ + {/* Correction dialog */} + +
+ + ); +} diff --git a/apps/web/src/app/[locale]/(auth)/integrations/[type]/ecodms-content.tsx b/apps/web/src/app/[locale]/(auth)/integrations/[type]/ecodms-content.tsx new file mode 100644 index 0000000..c3e7971 --- /dev/null +++ b/apps/web/src/app/[locale]/(auth)/integrations/[type]/ecodms-content.tsx @@ -0,0 +1,283 @@ +'use client'; + +import { useState } from 'react'; +import { useTranslations } from 'next-intl'; +import { formatDistanceToNow } from 'date-fns'; +import { de, enUS } from 'date-fns/locale'; +import { motion } from 'framer-motion'; +import { FileText, Search, Download, Tag, FolderOpen, Archive, X } from 'lucide-react'; + +import { cn } from '@/lib/utils'; +import { Badge } from '@/components/ui/badge'; +import { Button } from '@/components/ui/button'; +import { Input } from '@/components/ui/input'; +import { Card, CardContent, CardDescription, CardHeader, CardTitle } from '@/components/ui/card'; +import { Skeleton } from '@/components/ui/skeleton'; +import { ScrollArea } from '@/components/ui/scroll-area'; +import { + Table, + TableBody, + TableCell, + TableHead, + TableHeader, + TableRow, +} from '@/components/ui/table'; +import { useDocuments, useClassifications, formatDocumentSize } from '@/hooks/integrations'; + +interface EcoDmsContentProps { + locale: string; +} + +/** + * ecoDMS integration content - displays documents with search + */ +export function EcoDmsContent({ locale }: EcoDmsContentProps) { + const t = useTranslations('widgets.documents'); + const tInt = useTranslations('integrations'); + const [searchQuery, setSearchQuery] = useState(''); + const [selectedClassification, setSelectedClassification] = useState(null); + + const { data: documents, isLoading: documentsLoading } = useDocuments({ + search: searchQuery || undefined, + classification: selectedClassification || undefined, + }); + const { data: classifications, isLoading: classificationsLoading } = useClassifications(); + const dateLocale = locale === 'de' ? de : enUS; + + const hasFilters = searchQuery || selectedClassification; + + const handleClearFilters = () => { + setSearchQuery(''); + setSelectedClassification(null); + }; + + return ( +
+ {/* Stats Cards */} +
+ + + Dokumente + + + +
+ {documentsLoading ? : documents?.length ?? 0} +
+ + + + + + Klassifikationen + + + +
+ {classificationsLoading ? : classifications?.length ?? 0} +
+ + + + + + Archiviert + + + +
+ {classificationsLoading ? ( + + ) : ( + classifications?.reduce((sum, c) => sum + c.documentCount, 0) ?? 0 + )} +
+ + + + + + Heute hinzugefuegt + + + +
+ {documentsLoading ? ( + + ) : ( + documents?.filter((d) => { + const today = new Date(); + const created = new Date(d.createdAt); + return created.toDateString() === today.toDateString(); + }).length ?? 0 + )} +
+ + +
+ + {/* Classifications */} + + + Klassifikationen + Dokumentkategorien im Archiv + + + {classificationsLoading ? ( +
+ {Array.from({ length: 5 }).map((_, i) => ( + + ))} +
+ ) : classifications && classifications.length > 0 ? ( +
+ {classifications.map((classification) => ( + + setSelectedClassification( + selectedClassification === classification.name ? null : classification.name + ) + } + > + + {classification.name} + + {classification.documentCount} + + + ))} +
+ ) : ( +

{tInt('noClassificationsFound')}

+ )} + + + + {/* Documents */} + + +
+
+ Dokumente + Dokumente aus dem ecoDMS Archiv +
+
+
+ + setSearchQuery(e.target.value)} + placeholder={t('searchPlaceholder')} + className="pl-8" + /> +
+ {hasFilters && ( + + )} +
+
+ + + + {documentsLoading ? ( +
+ {Array.from({ length: 5 }).map((_, i) => ( + + ))} +
+ ) : documents && documents.length > 0 ? ( + + + + Titel + Klassifikation + Tags + Groesse + Erstellt + + + + + {documents.map((doc, index) => ( + + +
+
+ +
+
+

{doc.title}

+

{doc.fileName}

+
+
+ + + {doc.classification} + + +
+ {doc.tags.slice(0, 2).map((tag) => ( + + {tag} + + ))} + {doc.tags.length > 2 && ( + + +{doc.tags.length - 2} + + )} +
+ + + {formatDocumentSize(doc.fileSize)} + + +
+

{doc.createdBy}

+

+ {formatDistanceToNow(doc.createdAt, { + addSuffix: true, + locale: dateLocale, + })} +

+
+ + + {doc.downloadUrl && ( + + )} + + + ))} + +
+ ) : ( +
+ + {hasFilters ? t('noResults') : t('noDocuments')} +
+ )} + + + +
+ ); +} diff --git a/apps/web/src/app/[locale]/(auth)/integrations/[type]/freescout-content.tsx b/apps/web/src/app/[locale]/(auth)/integrations/[type]/freescout-content.tsx new file mode 100644 index 0000000..d1ce9ed --- /dev/null +++ b/apps/web/src/app/[locale]/(auth)/integrations/[type]/freescout-content.tsx @@ -0,0 +1,208 @@ +'use client'; + +import { useTranslations } from 'next-intl'; +import { formatDistanceToNow } from 'date-fns'; +import { de, enUS } from 'date-fns/locale'; +import { motion } from 'framer-motion'; +import { Headphones, MessageCircle, AlertTriangle, Clock, User, CheckCircle } from 'lucide-react'; + +import { cn } from '@/lib/utils'; +import { Badge } from '@/components/ui/badge'; +import { Card, CardContent, CardDescription, CardHeader, CardTitle } from '@/components/ui/card'; +import { Skeleton } from '@/components/ui/skeleton'; +import { + Table, + TableBody, + TableCell, + TableHead, + TableHeader, + TableRow, +} from '@/components/ui/table'; +import { Avatar, AvatarFallback } from '@/components/ui/avatar'; +import { useTickets, useTicketCounts } from '@/hooks/integrations'; +import type { TicketPriority, TicketStatus } from '@/types/integrations'; + +interface FreeScoutContentProps { + locale: string; +} + +/** Priority badge variants */ +const priorityVariants: Record = { + urgent: 'destructive', + high: 'warning', + medium: 'secondary', + low: 'default', +}; + +/** Status badge variants */ +const statusVariants: Record = { + open: 'default', + pending: 'secondary', + resolved: 'success', + closed: 'outline', +}; + +/** + * FreeScout integration content - displays tickets + */ +export function FreeScoutContent({ locale }: FreeScoutContentProps) { + const t = useTranslations('widgets.tickets'); + const { data: tickets, isLoading: ticketsLoading } = useTickets({ limit: 15 }); + const { data: counts, isLoading: countsLoading } = useTicketCounts(); + const dateLocale = locale === 'de' ? de : enUS; + + return ( +
+ {/* Stats Cards */} +
+ + + {t('status.open')} + + + +
+ {countsLoading ? : counts?.open ?? 0} +
+ + + + + + {t('status.pending')} + + + +
+ {countsLoading ? : counts?.pending ?? 0} +
+ + + + + + {t('priority.urgent')} + + + +
0 && 'text-destructive')}> + {countsLoading ? : counts?.byPriority?.urgent ?? 0} +
+ + + + + + {t('status.resolved')} + + + +
+ {countsLoading ? : counts?.resolved ?? 0} +
+ + +
+ + {/* Tickets Table */} + + + Support-Tickets + Aktuelle Tickets aus FreeScout + + + {ticketsLoading ? ( +
+ {Array.from({ length: 5 }).map((_, i) => ( + + ))} +
+ ) : tickets && tickets.length > 0 ? ( + + + + # + Betreff + Kunde + Status + Prioritaet + Zugewiesen + Antworten + Aktualisiert + + + + {tickets.map((ticket, index) => ( + + {ticket.number} + +

{ticket.subject}

+ + +
+

{ticket.customerName}

+

{ticket.customerEmail}

+
+ + + + {t(`status.${ticket.status}`)} + + + + + {t(`priority.${ticket.priority}`)} + + + + {ticket.assigneeName ? ( +
+ + + {ticket.assigneeName + .split(' ') + .map((n) => n[0]) + .join('')} + + + {ticket.assigneeName} +
+ ) : ( + - + )} + + +
+ + {ticket.replyCount} +
+ + + {ticket.lastReplyAt + ? formatDistanceToNow(ticket.lastReplyAt, { + addSuffix: true, + locale: dateLocale, + }) + : '-'} + + + ))} + +
+ ) : ( +
+ + {t('noTickets')} +
+ )} + + +
+ ); +} diff --git a/apps/web/src/app/[locale]/(auth)/integrations/[type]/gembadocs-content.tsx b/apps/web/src/app/[locale]/(auth)/integrations/[type]/gembadocs-content.tsx new file mode 100644 index 0000000..a14860e --- /dev/null +++ b/apps/web/src/app/[locale]/(auth)/integrations/[type]/gembadocs-content.tsx @@ -0,0 +1,305 @@ +'use client'; + +import { useState } from 'react'; +import { useTranslations } from 'next-intl'; +import { formatDistanceToNow } from 'date-fns'; +import { de, enUS } from 'date-fns/locale'; +import { motion } from 'framer-motion'; +import { + ClipboardCheck, + AlertTriangle, + Search, + Shield, + TrendingUp, + TrendingDown, + Minus, + Calendar, +} from 'lucide-react'; + +import { cn } from '@/lib/utils'; +import { Badge } from '@/components/ui/badge'; +import { Button } from '@/components/ui/button'; +import { Input } from '@/components/ui/input'; +import { Card, CardContent, CardDescription, CardHeader, CardTitle } from '@/components/ui/card'; +import { Skeleton } from '@/components/ui/skeleton'; +import { Progress } from '@/components/ui/progress'; +import { ScrollArea } from '@/components/ui/scroll-area'; +import { + Table, + TableBody, + TableCell, + TableHead, + TableHeader, + TableRow, +} from '@/components/ui/table'; +import { + useAudits, + useOpenFindings, + useFindingCounts, + useComplianceScore, + getDaysUntilAudit, +} from '@/hooks/integrations'; + +interface GembaDocsContentProps { + locale: string; +} + +const severityColors: Record = { + critical: { bg: 'bg-red-100', text: 'text-red-700' }, + high: { bg: 'bg-orange-100', text: 'text-orange-700' }, + medium: { bg: 'bg-yellow-100', text: 'text-yellow-700' }, + low: { bg: 'bg-blue-100', text: 'text-blue-700' }, +}; + +const statusColors: Record = { + scheduled: { bg: 'bg-blue-100', text: 'text-blue-700' }, + in_progress: { bg: 'bg-yellow-100', text: 'text-yellow-700' }, + completed: { bg: 'bg-green-100', text: 'text-green-700' }, + cancelled: { bg: 'bg-gray-100', text: 'text-gray-700' }, + open: { bg: 'bg-red-100', text: 'text-red-700' }, + resolved: { bg: 'bg-green-100', text: 'text-green-700' }, + verified: { bg: 'bg-emerald-100', text: 'text-emerald-700' }, +}; + +/** + * GembaDocs integration content - displays audits, findings, and compliance scores + */ +export function GembaDocsContent({ locale }: GembaDocsContentProps) { + const t = useTranslations('integrations'); + const tTime = useTranslations('time'); + const [searchQuery, setSearchQuery] = useState(''); + const dateLocale = locale === 'de' ? de : enUS; + + const { data: audits, isLoading: auditsLoading } = useAudits(); + const { data: openFindings, isLoading: findingsLoading } = useOpenFindings(); + const { data: findingCounts, isLoading: countsLoading } = useFindingCounts(); + const { data: compliance, isLoading: complianceLoading } = useComplianceScore(); + + const TrendIcon = + compliance?.trend === 'up' + ? TrendingUp + : compliance?.trend === 'down' + ? TrendingDown + : Minus; + + const trendColor = + compliance?.trend === 'up' + ? 'text-green-600' + : compliance?.trend === 'down' + ? 'text-red-600' + : 'text-muted-foreground'; + + const filteredAudits = audits?.filter( + (a) => + !searchQuery || + a.title.toLowerCase().includes(searchQuery.toLowerCase()) || + a.department.toLowerCase().includes(searchQuery.toLowerCase()) + ); + + return ( +
+ {/* Stats Cards */} +
+ + + + {t('complianceScore')} + + + + + {complianceLoading ? ( + + ) : ( +
+
{compliance?.overall ?? 0}%
+ +
+ )} + {!complianceLoading && compliance && ( + + )} + + + + + + + {t('audits')} + + + + +
+ {auditsLoading ? : audits?.length ?? 0} +
+ + + + + + + {t('openFindings')} + + + + +
0 && 'text-orange-500')}> + {countsLoading ? : findingCounts?.total ?? 0} +
+ + + + + + + {t('critical')} + + + + +
0 && 'text-red-500')}> + {countsLoading ? : findingCounts?.critical ?? 0} +
+ + +
+ + {/* Finding Severity Breakdown */} + {!countsLoading && findingCounts && findingCounts.total > 0 && ( + + + {t('findingsBySeverity')} + + +
+ {(['critical', 'high', 'medium', 'low'] as const).map((severity) => { + const count = findingCounts[severity]; + const colors = severityColors[severity]; + return ( + + {severity}: {count} + + ); + })} +
+ + + )} + + {/* Audits Table */} + + +
+
+ {t('audits')} + + {t('allAuditsStatus')} + +
+
+ + setSearchQuery(e.target.value)} + placeholder={t('searchAudits')} + className="pl-8" + /> +
+
+ + + + {auditsLoading ? ( +
+ {Array.from({ length: 5 }).map((_, i) => ( + + ))} +
+ ) : filteredAudits && filteredAudits.length > 0 ? ( + + + + {t('title')} + {t('type')} + Status + {t('department')} + {t('findings')} + {t('scheduled')} + + + + {filteredAudits.map((audit, index) => { + const daysUntil = getDaysUntilAudit(audit.scheduledDate); + const colors = statusColors[audit.status] ?? statusColors.scheduled; + return ( + + +
+
+ +
+
+

{audit.title}

+

{audit.auditor}

+
+
+ + + {audit.type} + + + + {audit.status.replace('_', ' ')} + + + {audit.department} + + 0 && 'text-orange-600 font-medium')}> + {audit.openFindingsCount}/{audit.findingsCount} + + + +
+ + {daysUntil !== null && daysUntil >= 0 ? ( + + {daysUntil === 0 + ? t('today') + : `${daysUntil}d`} + + ) : ( + + {formatDistanceToNow(audit.scheduledDate, { + addSuffix: true, + locale: dateLocale, + })} + + )} +
+ + + ); + })} + +
+ ) : ( +
+ + {searchQuery + ? t('noAuditsFound') + : t('noAuditsAvailable')} +
+ )} + + + +
+ ); +} diff --git a/apps/web/src/app/[locale]/(auth)/integrations/[type]/integration-detail-content.tsx b/apps/web/src/app/[locale]/(auth)/integrations/[type]/integration-detail-content.tsx new file mode 100644 index 0000000..c1fa910 --- /dev/null +++ b/apps/web/src/app/[locale]/(auth)/integrations/[type]/integration-detail-content.tsx @@ -0,0 +1,248 @@ +'use client'; + +import { useTranslations } from 'next-intl'; +import Link from 'next/link'; +import { formatDistanceToNow } from 'date-fns'; +import { de, enUS } from 'date-fns/locale'; +import { motion } from 'framer-motion'; +import { + ArrowLeft, + Building2, + MessageSquare, + CheckSquare, + Headphones, + Cloud, + FileText, + ClipboardCheck, + RefreshCw, + Settings, + type LucideIcon, +} from 'lucide-react'; + +import { cn } from '@/lib/utils'; +import { Button } from '@/components/ui/button'; +import { Card, CardContent, CardDescription, CardHeader, CardTitle } from '@/components/ui/card'; +import { Skeleton } from '@/components/ui/skeleton'; +import { Tabs, TabsContent, TabsList, TabsTrigger } from '@/components/ui/tabs'; +import { IntegrationStatusBadge, SyncStatus, ConnectionTestButton } from '@/components/integrations'; +import { useIntegrationStatus, useTriggerSync } from '@/hooks/integrations'; +import type { IntegrationType } from '@/types/integrations'; + +// Integration-specific content imports +import { PlentyOneContent } from './plentyone-content'; +import { ZulipContent } from './zulip-content'; +import { TodoistContent } from './todoist-content'; +import { FreeScoutContent } from './freescout-content'; +import { NextcloudContent } from './nextcloud-content'; +import { EcoDmsContent } from './ecodms-content'; +import { GembaDocsContent } from './gembadocs-content'; + +interface IntegrationDetailContentProps { + locale: string; + integrationType: IntegrationType; +} + +/** Integration metadata */ +const integrationMeta: Record< + IntegrationType, + { icon: LucideIcon; nameKey: string; descKey: string } +> = { + plentyone: { icon: Building2, nameKey: 'plentyOne', descKey: 'plentyOneDesc' }, + zulip: { icon: MessageSquare, nameKey: 'zulip', descKey: 'zulipDesc' }, + todoist: { icon: CheckSquare, nameKey: 'todoist', descKey: 'todoistDesc' }, + freescout: { icon: Headphones, nameKey: 'freeScout', descKey: 'freeScoutDesc' }, + nextcloud: { icon: Cloud, nameKey: 'nextcloud', descKey: 'nextcloudDesc' }, + ecodms: { icon: FileText, nameKey: 'ecoDms', descKey: 'ecoDmsDesc' }, + gembadocs: { icon: ClipboardCheck, nameKey: 'gembaDocs', descKey: 'gembaDocsDesc' }, +}; + +/** Integration-specific content components */ +const integrationContentMap: Record> = { + plentyone: PlentyOneContent, + zulip: ZulipContent, + todoist: TodoistContent, + freescout: FreeScoutContent, + nextcloud: NextcloudContent, + ecodms: EcoDmsContent, + gembadocs: GembaDocsContent, +}; + +/** + * Integration detail page content + */ +export function IntegrationDetailContent({ + locale, + integrationType, +}: IntegrationDetailContentProps) { + const t = useTranslations('integrations'); + const { data: config, isLoading } = useIntegrationStatus(integrationType); + const triggerSync = useTriggerSync(); + const dateLocale = locale === 'de' ? de : enUS; + + const meta = integrationMeta[integrationType]; + const Icon = meta?.icon ?? Building2; + const ContentComponent = integrationContentMap[integrationType]; + + const handleSync = () => { + triggerSync.mutate(integrationType); + }; + + if (isLoading) { + return ( +
+ + + + + + + + + + + +
+ ); + } + + if (!config) { + return ( +
+

Integration nicht gefunden.

+
+ ); + } + + return ( +
+ {/* Back link */} + + + {/* Header Card */} + + + +
+
+
+ +
+
+
+ {t(meta.nameKey as never)} + +
+ {t(meta.descKey as never)} +
+
+ +
+ + +
+
+ + + + + + + + + {/* Tabs */} + + + {t('data')} + + + {t('settingsTab')} + + {t('logs')} + + + + {ContentComponent && } + + + + + + {t('credentials')} + + {t('configureCredentials')} + + + +

+ {t('settingsManagedViaAdmin')} +

+ + + + + + + + + {t('syncLogs')} + + {t('recentSyncActivity')} + + + +
+
+ {t('syncSuccessful')} + + {config.lastSync + ? formatDistanceToNow(config.lastSync, { addSuffix: true, locale: dateLocale }) + : '-'} + +
+ {config.lastError && ( +
+

{t('lastError')}

+

{config.lastError}

+
+ )} +
+ + + + +
+ ); +} diff --git a/apps/web/src/app/[locale]/(auth)/integrations/[type]/nextcloud-content.tsx b/apps/web/src/app/[locale]/(auth)/integrations/[type]/nextcloud-content.tsx new file mode 100644 index 0000000..1ae6b4c --- /dev/null +++ b/apps/web/src/app/[locale]/(auth)/integrations/[type]/nextcloud-content.tsx @@ -0,0 +1,200 @@ +'use client'; + +import { useTranslations } from 'next-intl'; +import { formatDistanceToNow } from 'date-fns'; +import { de, enUS } from 'date-fns/locale'; +import { motion } from 'framer-motion'; +import { + Cloud, + FileText, + FileImage, + FileSpreadsheet, + FileVideo, + FileArchive, + Folder, + Download, + HardDrive, + Clock, +} from 'lucide-react'; + +import { cn } from '@/lib/utils'; +import { Button } from '@/components/ui/button'; +import { Card, CardContent, CardDescription, CardHeader, CardTitle } from '@/components/ui/card'; +import { Skeleton } from '@/components/ui/skeleton'; +import { ScrollArea } from '@/components/ui/scroll-area'; +import { useFiles, useRecentFiles, formatFileSize } from '@/hooks/integrations'; +import type { NextcloudFile } from '@/types/integrations'; + +interface NextcloudContentProps { + locale: string; +} + +/** + * Get file icon based on mime type + */ +function getFileIcon(file: NextcloudFile) { + if (file.type === 'folder') return Folder; + + const mimeType = file.mimeType || ''; + if (mimeType.startsWith('image/')) return FileImage; + if (mimeType.startsWith('video/')) return FileVideo; + if (mimeType.includes('spreadsheet') || mimeType.includes('excel')) return FileSpreadsheet; + if (mimeType.includes('zip') || mimeType.includes('compressed')) return FileArchive; + return FileText; +} + +/** + * Get file icon color based on type + */ +function getFileColor(file: NextcloudFile): string { + if (file.type === 'folder') return 'text-yellow-500 bg-yellow-500/10'; + + const mimeType = file.mimeType || ''; + if (mimeType.startsWith('image/')) return 'text-green-500 bg-green-500/10'; + if (mimeType.startsWith('video/')) return 'text-purple-500 bg-purple-500/10'; + if (mimeType.includes('spreadsheet') || mimeType.includes('excel')) return 'text-emerald-500 bg-emerald-500/10'; + if (mimeType.includes('pdf')) return 'text-red-500 bg-red-500/10'; + if (mimeType.includes('zip') || mimeType.includes('compressed')) return 'text-orange-500 bg-orange-500/10'; + return 'text-blue-500 bg-blue-500/10'; +} + +/** + * Nextcloud integration content - displays files + */ +export function NextcloudContent({ locale }: NextcloudContentProps) { + const t = useTranslations('widgets.files'); + const { data: files, isLoading: filesLoading } = useFiles(); + const { data: recentFiles, isLoading: recentLoading } = useRecentFiles(10); + const dateLocale = locale === 'de' ? de : enUS; + + const totalSize = files?.reduce((sum, f) => sum + f.size, 0) ?? 0; + const folderCount = files?.filter((f) => f.type === 'folder').length ?? 0; + const fileCount = files?.filter((f) => f.type === 'file').length ?? 0; + + return ( +
+ {/* Stats Cards */} +
+ + + Dateien + + + +
+ {filesLoading ? : fileCount} +
+ + + + + + Ordner + + + +
+ {filesLoading ? : folderCount} +
+ + + + + + Speicher + + + +
+ {filesLoading ? : formatFileSize(totalSize)} +
+ + + + + + Zuletzt geaendert + + + +
+ {recentLoading ? : recentFiles?.length ?? 0} +
+ + +
+ + {/* Recent Files */} + + + Zuletzt geaenderte Dateien + Die neuesten Änderungen in Nextcloud + + + + {recentLoading ? ( +
+ {Array.from({ length: 6 }).map((_, i) => ( + + ))} +
+ ) : recentFiles && recentFiles.length > 0 ? ( +
+ {recentFiles.map((file, index) => { + const Icon = getFileIcon(file); + const colorClass = getFileColor(file); + + return ( + +
+ +
+ +
+

{file.name}

+

{file.path}

+
+ {formatFileSize(file.size)} + + {formatDistanceToNow(file.modifiedAt, { + addSuffix: true, + locale: dateLocale, + })} + +
+
+ + {file.downloadUrl && ( + + )} + + ); + })} +
+ ) : ( +
+ + {t('noFiles')} +
+ )} + + + +
+ ); +} diff --git a/apps/web/src/app/[locale]/(auth)/integrations/[type]/page.tsx b/apps/web/src/app/[locale]/(auth)/integrations/[type]/page.tsx new file mode 100644 index 0000000..96e76ee --- /dev/null +++ b/apps/web/src/app/[locale]/(auth)/integrations/[type]/page.tsx @@ -0,0 +1,41 @@ +import type { Metadata } from 'next'; +import { IntegrationDetailContent } from './integration-detail-content'; +import type { IntegrationType } from '@/types/integrations'; + +interface IntegrationDetailPageProps { + params: { + locale: string; + type: string; + }; +} + +const integrationTitles: Record = { + plentyone: 'PlentyONE', + zulip: 'ZULIP', + todoist: 'Todoist', + freescout: 'FreeScout', + nextcloud: 'Nextcloud', + ecodms: 'ecoDMS', +}; + +export async function generateMetadata({ + params, +}: IntegrationDetailPageProps): Promise { + const title = integrationTitles[params.type] || 'Integration'; + return { + title: `${title} | Integrationen | tOS`, + description: `${title} Integration verwalten`, + }; +} + +/** + * Dynamic integration detail page + */ +export default function IntegrationDetailPage({ params }: IntegrationDetailPageProps) { + return ( + + ); +} diff --git a/apps/web/src/app/[locale]/(auth)/integrations/[type]/plentyone-content.tsx b/apps/web/src/app/[locale]/(auth)/integrations/[type]/plentyone-content.tsx new file mode 100644 index 0000000..b23d676 --- /dev/null +++ b/apps/web/src/app/[locale]/(auth)/integrations/[type]/plentyone-content.tsx @@ -0,0 +1,171 @@ +'use client'; + +import { useTranslations } from 'next-intl'; +import { formatDistanceToNow } from 'date-fns'; +import { de, enUS } from 'date-fns/locale'; +import { motion } from 'framer-motion'; +import { Package, ShoppingCart, TrendingUp, TrendingDown, Truck, AlertCircle } from 'lucide-react'; + +import { cn } from '@/lib/utils'; +import { Badge } from '@/components/ui/badge'; +import { Card, CardContent, CardDescription, CardHeader, CardTitle } from '@/components/ui/card'; +import { Skeleton } from '@/components/ui/skeleton'; +import { + Table, + TableBody, + TableCell, + TableHead, + TableHeader, + TableRow, +} from '@/components/ui/table'; +import { useOrders, useOrderCounts } from '@/hooks/integrations'; +import type { OrderStatus } from '@/types/integrations'; + +interface PlentyOneContentProps { + locale: string; +} + +/** Order status badge variants */ +const statusVariants: Record = { + new: 'default', + processing: 'warning', + shipped: 'success', + delivered: 'secondary', + cancelled: 'destructive', + returned: 'destructive', +}; + +/** + * PlentyONE integration content - displays orders and statistics + */ +export function PlentyOneContent({ locale }: PlentyOneContentProps) { + const t = useTranslations('widgets.orders'); + const { data: orders, isLoading: ordersLoading } = useOrders({ limit: 10 }); + const { data: counts, isLoading: countsLoading } = useOrderCounts(); + const dateLocale = locale === 'de' ? de : enUS; + + return ( +
+ {/* Stats Cards */} +
+ + + {t('status.new')} + + + +
+ {countsLoading ? : counts?.new ?? 0} +
+ + + + + + {t('status.processing')} + + + +
+ {countsLoading ? : counts?.processing ?? 0} +
+ + + + + + {t('status.shipped')} + + + +
+ {countsLoading ? : counts?.shipped ?? 0} +
+ + + + + + Gesamt + + + +
+ {countsLoading ? : counts?.total ?? 0} +
+ + +
+ + {/* Orders Table */} + + + Letzte Bestellungen + Die 10 neuesten Bestellungen aus PlentyONE + + + {ordersLoading ? ( +
+ {Array.from({ length: 5 }).map((_, i) => ( + + ))} +
+ ) : orders && orders.length > 0 ? ( + + + + Bestellnummer + Kunde + Status + Betrag + Datum + + + + {orders.map((order, index) => ( + + {order.orderNumber} + +
+

{order.customerName}

+

{order.customerEmail}

+
+ + + + {t(`status.${order.status}`)} + + + + {order.totalAmount.toLocaleString(locale, { + style: 'currency', + currency: order.currency, + })} + + + {formatDistanceToNow(order.createdAt, { + addSuffix: true, + locale: dateLocale, + })} + + + ))} + +
+ ) : ( +
+ + {t('noOrders')} +
+ )} + + +
+ ); +} diff --git a/apps/web/src/app/[locale]/(auth)/integrations/[type]/todoist-content.tsx b/apps/web/src/app/[locale]/(auth)/integrations/[type]/todoist-content.tsx new file mode 100644 index 0000000..f9a1eab --- /dev/null +++ b/apps/web/src/app/[locale]/(auth)/integrations/[type]/todoist-content.tsx @@ -0,0 +1,244 @@ +'use client'; + +import { useTranslations } from 'next-intl'; +import { motion } from 'framer-motion'; +import { CheckSquare, Flag, Calendar, FolderOpen, CheckCircle } from 'lucide-react'; + +import { cn } from '@/lib/utils'; +import { Badge } from '@/components/ui/badge'; +import { Card, CardContent, CardDescription, CardHeader, CardTitle } from '@/components/ui/card'; +import { Checkbox } from '@/components/ui/checkbox'; +import { Skeleton } from '@/components/ui/skeleton'; +import { ScrollArea } from '@/components/ui/scroll-area'; +import { useTasks, useProjects, useCompleteTask } from '@/hooks/integrations'; +import type { TodoistPriority } from '@/types/integrations'; + +interface TodoistContentProps { + locale: string; +} + +/** Priority colors */ +const priorityColors: Record = { + 1: 'text-red-500', + 2: 'text-orange-500', + 3: 'text-blue-500', + 4: 'text-muted-foreground', +}; + +const PRIORITY_LABEL_KEYS: Record = { + 1: 'priority1', + 2: 'priority2', + 3: 'priority3', + 4: 'noPriority', +}; + +/** + * Todoist integration content - displays tasks and projects + */ +export function TodoistContent({ locale }: TodoistContentProps) { + const t = useTranslations('widgets.todoistTasks'); + const tInt = useTranslations('integrations'); + const { data: tasks, isLoading: tasksLoading } = useTasks(); + const { data: projects, isLoading: projectsLoading } = useProjects(); + const completeTask = useCompleteTask(); + + const pendingTasks = tasks?.filter((task) => !task.isCompleted) ?? []; + const todayTasks = pendingTasks.filter((task) => { + if (!task.dueDate) return false; + const today = new Date(); + const due = new Date(task.dueDate); + return due.toDateString() === today.toDateString(); + }); + + const handleComplete = (taskId: string) => { + completeTask.mutate(taskId); + }; + + return ( +
+ {/* Stats Cards */} +
+ + + Heute faellig + + + +
+ {tasksLoading ? : todayTasks.length} +
+ + + + + + Gesamt offen + + + +
+ {tasksLoading ? : pendingTasks.length} +
+ + + + + + Hohe Prioritaet + + + +
+ {tasksLoading ? ( + + ) : ( + pendingTasks.filter((t) => t.priority === 1).length + )} +
+ + + + + + Projekte + + + +
+ {projectsLoading ? : projects?.length ?? 0} +
+ + +
+ +
+ {/* Projects */} + + + Projekte + Ihre Todoist Projekte + + + {projectsLoading ? ( +
+ {Array.from({ length: 4 }).map((_, i) => ( + + ))} +
+ ) : projects && projects.length > 0 ? ( +
+ {projects.map((project) => { + const taskCount = pendingTasks.filter((t) => t.projectId === project.id).length; + return ( +
+
+
+ {project.name} + {project.isInbox && ( + + Inbox + + )} +
+ {taskCount} +
+ ); + })} +
+ ) : ( +

{tInt('noProjectsFound')}

+ )} + + + + {/* Tasks */} + + + Aufgaben + Alle offenen Aufgaben + + + + {tasksLoading ? ( +
+ {Array.from({ length: 6 }).map((_, i) => ( + + ))} +
+ ) : pendingTasks.length > 0 ? ( +
+ {pendingTasks.map((task, index) => ( + + handleComplete(task.id)} + className="mt-0.5" + /> +
+

+ {task.content} +

+ {task.description && ( +

{task.description}

+ )} +
+ {task.projectName && ( + + + {task.projectName} + + )} + {task.dueString && ( + + + {task.dueString} + + )} + {task.labels.length > 0 && ( +
+ {task.labels.map((label) => ( + + {label} + + ))} +
+ )} +
+
+ + + ))} +
+ ) : ( +
+ +

{t('noTasks')}

+
+ )} + + + +
+
+ ); +} diff --git a/apps/web/src/app/[locale]/(auth)/integrations/[type]/zulip-content.tsx b/apps/web/src/app/[locale]/(auth)/integrations/[type]/zulip-content.tsx new file mode 100644 index 0000000..de8b430 --- /dev/null +++ b/apps/web/src/app/[locale]/(auth)/integrations/[type]/zulip-content.tsx @@ -0,0 +1,197 @@ +'use client'; + +import { useTranslations } from 'next-intl'; +import { formatDistanceToNow } from 'date-fns'; +import { de, enUS } from 'date-fns/locale'; +import { motion } from 'framer-motion'; +import { MessageSquare, Hash, Users, Circle } from 'lucide-react'; + +import { cn } from '@/lib/utils'; +import { Badge } from '@/components/ui/badge'; +import { Card, CardContent, CardDescription, CardHeader, CardTitle } from '@/components/ui/card'; +import { Skeleton } from '@/components/ui/skeleton'; +import { ScrollArea } from '@/components/ui/scroll-area'; +import { Avatar, AvatarFallback } from '@/components/ui/avatar'; +import { useMessages, useStreams, useUnreadCounts } from '@/hooks/integrations'; + +interface ZulipContentProps { + locale: string; +} + +/** + * ZULIP integration content - displays messages and streams + */ +export function ZulipContent({ locale }: ZulipContentProps) { + const t = useTranslations('widgets.chat'); + const tInt = useTranslations('integrations'); + const { data: messages, isLoading: messagesLoading } = useMessages(); + const { data: streams, isLoading: streamsLoading } = useStreams(); + const { data: unreadCounts } = useUnreadCounts(); + const dateLocale = locale === 'de' ? de : enUS; + + const totalUnread = unreadCounts?.reduce((sum, c) => sum + c.count, 0) ?? 0; + + return ( +
+ {/* Stats Cards */} +
+ + + Streams + + + +
+ {streamsLoading ? : streams?.length ?? 0} +
+ + + + + + Ungelesene + + + +
0 && 'text-primary')}> + {totalUnread} +
+ + + + + + Nachrichten heute + + + +
+ {messagesLoading ? : messages?.length ?? 0} +
+ + +
+ +
+ {/* Streams */} + + + Streams + Ihre abonnierten ZULIP Streams + + + {streamsLoading ? ( +
+ {Array.from({ length: 4 }).map((_, i) => ( + + ))} +
+ ) : streams && streams.length > 0 ? ( +
+ {streams.map((stream) => { + const unread = unreadCounts?.find((c) => c.streamId === stream.id); + return ( +
+
+
+ +
+
+

{stream.name}

+ {stream.description && ( +

{stream.description}

+ )} +
+
+ {unread && unread.count > 0 && ( + {unread.count} + )} +
+ ); + })} +
+ ) : ( +

{tInt('noStreamsFound')}

+ )} + + + + {/* Recent Messages */} + + + Letzte Nachrichten + Aktuelle Nachrichten aus Ihren Streams + + + + {messagesLoading ? ( +
+ {Array.from({ length: 5 }).map((_, i) => ( +
+ +
+ + +
+
+ ))} +
+ ) : messages && messages.length > 0 ? ( +
+ {messages.map((message, index) => ( + +
+ + + {message.senderName + .split(' ') + .map((n) => n[0]) + .join('') + .toUpperCase()} + + +
+
+ {message.senderName} + {!message.isRead && ( + + )} +
+
+ + {message.streamName} - {message.topic} +
+

{message.content}

+

+ {formatDistanceToNow(message.timestamp, { + addSuffix: true, + locale: dateLocale, + })} +

+
+
+ + ))} +
+ ) : ( +

{t('noMessages')}

+ )} + + + +
+
+ ); +} diff --git a/apps/web/src/app/[locale]/(auth)/integrations/integrations-content.tsx b/apps/web/src/app/[locale]/(auth)/integrations/integrations-content.tsx new file mode 100644 index 0000000..df35537 --- /dev/null +++ b/apps/web/src/app/[locale]/(auth)/integrations/integrations-content.tsx @@ -0,0 +1,156 @@ +'use client'; + +import { useTranslations } from 'next-intl'; +import { motion } from 'framer-motion'; +import { + Plug, + CheckCircle2, + AlertCircle, + Building2, + MessageSquare, + CheckSquare, + Headphones, + Cloud, + FileText, + ClipboardCheck, +} from 'lucide-react'; + +import { cn } from '@/lib/utils'; +import { Card, CardContent, CardDescription, CardHeader, CardTitle } from '@/components/ui/card'; +import { Skeleton } from '@/components/ui/skeleton'; +import { IntegrationCard } from '@/components/integrations'; +import { useAllIntegrationStatuses } from '@/hooks/integrations'; +import type { IntegrationType } from '@/types/integrations'; + +interface IntegrationsContentProps { + locale: string; +} + +/** Integration metadata for display */ +const integrationMeta: Record< + IntegrationType, + { icon: typeof Building2; descKey: string } +> = { + plentyone: { icon: Building2, descKey: 'plentyOneDesc' }, + zulip: { icon: MessageSquare, descKey: 'zulipDesc' }, + todoist: { icon: CheckSquare, descKey: 'todoistDesc' }, + freescout: { icon: Headphones, descKey: 'freeScoutDesc' }, + nextcloud: { icon: Cloud, descKey: 'nextcloudDesc' }, + ecodms: { icon: FileText, descKey: 'ecoDmsDesc' }, + gembadocs: { icon: ClipboardCheck, descKey: 'gembaDocsDesc' }, +}; + +/** + * Integrations overview content component + */ +export function IntegrationsContent({ locale }: IntegrationsContentProps) { + const t = useTranslations('integrations'); + const { data: integrations, isLoading } = useAllIntegrationStatuses(); + + const connectedCount = integrations?.filter((i) => i.status === 'connected').length ?? 0; + const errorCount = integrations?.filter((i) => i.status === 'error').length ?? 0; + + return ( +
+ {/* Header */} +
+

{t('title')}

+

{t('subtitle')}

+
+ + {/* Summary Stats */} +
+ + + {t('allIntegrations')} + + + +
+ {isLoading ? : integrations?.length ?? 0} +
+ + + + + + {t('connected')} + + + +
+ {isLoading ? : connectedCount} +
+ + + + + + {t('error')} + + + +
0 && 'text-destructive')}> + {isLoading ? : errorCount} +
+ + +
+ + {/* Integration Cards */} +
+

{t('overview')}

+ + {isLoading ? ( +
+ {Array.from({ length: 6 }).map((_, i) => ( + + +
+ +
+ + +
+
+ + + +
+ + +
+ + + ))} +
+ ) : ( + + {integrations?.map((config, index) => ( + + + + ))} + + )} +
+
+ ); +} diff --git a/apps/web/src/app/[locale]/(auth)/integrations/layout.tsx b/apps/web/src/app/[locale]/(auth)/integrations/layout.tsx new file mode 100644 index 0000000..70a2190 --- /dev/null +++ b/apps/web/src/app/[locale]/(auth)/integrations/layout.tsx @@ -0,0 +1,13 @@ +import { ReactNode } from 'react'; + +interface IntegrationsLayoutProps { + children: ReactNode; +} + +/** + * Layout for integrations pages + * Provides consistent structure for all integration-related routes + */ +export default function IntegrationsLayout({ children }: IntegrationsLayoutProps) { + return <>{children}; +} diff --git a/apps/web/src/app/[locale]/(auth)/integrations/page.tsx b/apps/web/src/app/[locale]/(auth)/integrations/page.tsx new file mode 100644 index 0000000..293e7a5 --- /dev/null +++ b/apps/web/src/app/[locale]/(auth)/integrations/page.tsx @@ -0,0 +1,21 @@ +import type { Metadata } from 'next'; +import { IntegrationsContent } from './integrations-content'; + +export const metadata: Metadata = { + title: 'Integrationen | tOS', + description: 'Verwalten Sie Ihre externen Dienste und Integrationen', +}; + +interface IntegrationsPageProps { + params: { + locale: string; + }; +} + +/** + * Integrations overview page + * Displays status of all connected external services + */ +export default function IntegrationsPage({ params }: IntegrationsPageProps) { + return ; +} diff --git a/apps/web/src/app/[locale]/(auth)/layout.tsx b/apps/web/src/app/[locale]/(auth)/layout.tsx new file mode 100644 index 0000000..6e62515 --- /dev/null +++ b/apps/web/src/app/[locale]/(auth)/layout.tsx @@ -0,0 +1,49 @@ +'use client'; + +import { ReactNode } from 'react'; + +import { Sidebar, MobileSidebar, Header, PageTransition } from '@/components/layout'; +import { useSidebarStore } from '@/stores/sidebar-store'; +import { cn } from '@/lib/utils'; + +interface AuthLayoutProps { + children: ReactNode; + params: { locale: string }; +} + +/** + * Authenticated layout with sidebar and header + * Used for all protected routes + */ +export default function AuthLayout({ children, params: { locale } }: AuthLayoutProps) { + const { isExpanded } = useSidebarStore(); + + return ( +
+ {/* Desktop Sidebar - hidden on mobile */} +
+ +
+ + {/* Mobile Sidebar Sheet */} + + + {/* Main Content Area */} +
+
+ +
+ {children} +
+
+
+ ); +} diff --git a/apps/web/src/app/[locale]/(auth)/lean/morning-meeting/[departmentId]/department-meeting-content.tsx b/apps/web/src/app/[locale]/(auth)/lean/morning-meeting/[departmentId]/department-meeting-content.tsx new file mode 100644 index 0000000..5d19482 --- /dev/null +++ b/apps/web/src/app/[locale]/(auth)/lean/morning-meeting/[departmentId]/department-meeting-content.tsx @@ -0,0 +1,220 @@ +'use client'; + +import { useRouter } from 'next/navigation'; +import { useTranslations } from 'next-intl'; +import Link from 'next/link'; +import { ArrowLeft, History, Settings, RefreshCw } from 'lucide-react'; +import { Button } from '@/components/ui/button'; +import { useToast } from '@/hooks/use-toast'; +import { MeetingBoard } from '@/components/lean/morning-meeting'; +import { + useTodaysMeeting, + useStartMeeting, + useEndMeeting, + useUpdateTopic, + useAddAction, + useUpdateAction, + useCompleteAction, +} from '@/hooks/lean/use-meetings'; +import type { CreateActionDto, UpdateActionDto, UpdateTopicDto } from '@/types/lean'; + +interface DepartmentMeetingContentProps { + locale: string; + departmentId: string; +} + +/** + * Department meeting content component + */ +export function DepartmentMeetingContent({ + locale, + departmentId, +}: DepartmentMeetingContentProps) { + const router = useRouter(); + const { toast } = useToast(); + const t = useTranslations('lean.morningMeeting.toast'); + const tNav = useTranslations('lean.morningMeeting'); + + // Fetch today's meeting (create if not exists) + const { + data: meeting, + isLoading, + error, + refetch, + } = useTodaysMeeting(departmentId, true); + + // Mutations + const startMeeting = useStartMeeting(); + const endMeeting = useEndMeeting(); + const updateTopic = useUpdateTopic(); + const addAction = useAddAction(); + const updateAction = useUpdateAction(); + const completeAction = useCompleteAction(); + + const isMutating = + startMeeting.isPending || + endMeeting.isPending || + updateTopic.isPending || + addAction.isPending || + updateAction.isPending || + completeAction.isPending; + + const handleStartMeeting = async () => { + if (!meeting) return; + + try { + await startMeeting.mutateAsync(meeting.id); + toast({ + title: t('meetingStarted'), + description: t('meetingStartedDesc'), + }); + } catch (err) { + toast({ + title: t('error'), + description: t('errorStartMeeting'), + variant: 'destructive', + }); + } + }; + + const handleEndMeeting = async () => { + if (!meeting) return; + + try { + await endMeeting.mutateAsync(meeting.id); + toast({ + title: t('meetingEnded'), + description: t('meetingEndedDesc'), + }); + } catch (err) { + toast({ + title: t('error'), + description: t('errorEndMeeting'), + variant: 'destructive', + }); + } + }; + + const handleUpdateTopic = async (id: string, dto: UpdateTopicDto) => { + try { + await updateTopic.mutateAsync({ id, dto }); + toast({ + title: t('kpiUpdated'), + description: t('kpiUpdatedDesc'), + }); + } catch (err) { + toast({ + title: t('error'), + description: t('errorUpdateKpi'), + variant: 'destructive', + }); + } + }; + + const handleAddAction = async (dto: CreateActionDto) => { + if (!meeting) return; + + try { + await addAction.mutateAsync({ meetingId: meeting.id, dto }); + toast({ + title: t('actionCreated'), + description: t('actionCreatedDesc'), + }); + } catch (err) { + toast({ + title: t('error'), + description: t('errorCreateAction'), + variant: 'destructive', + }); + } + }; + + const handleUpdateAction = async (id: string, dto: UpdateActionDto) => { + try { + await updateAction.mutateAsync({ id, dto }); + toast({ + title: t('actionUpdated'), + description: t('actionUpdatedDesc'), + }); + } catch (err) { + toast({ + title: t('error'), + description: t('errorUpdateAction'), + variant: 'destructive', + }); + } + }; + + const handleCompleteAction = async (id: string) => { + try { + await completeAction.mutateAsync(id); + toast({ + title: t('actionCompleted'), + description: t('actionCompletedDesc'), + }); + } catch (err) { + toast({ + title: t('error'), + description: t('errorCompleteAction'), + variant: 'destructive', + }); + } + }; + + const handleRefresh = () => { + refetch(); + }; + + return ( +
+ {/* Navigation */} +
+
+ + + +
+ +
+ + + +
+
+ + {/* Meeting Board */} + +
+ ); +} diff --git a/apps/web/src/app/[locale]/(auth)/lean/morning-meeting/[departmentId]/page.tsx b/apps/web/src/app/[locale]/(auth)/lean/morning-meeting/[departmentId]/page.tsx new file mode 100644 index 0000000..7dc7e8d --- /dev/null +++ b/apps/web/src/app/[locale]/(auth)/lean/morning-meeting/[departmentId]/page.tsx @@ -0,0 +1,25 @@ +import type { Metadata } from 'next'; +import { DepartmentMeetingContent } from './department-meeting-content'; + +export const metadata: Metadata = { + title: 'Morning Meeting Board | tOS', + description: 'Morning Meeting SQCDM Board fuer die Abteilung', +}; + +interface DepartmentMeetingPageProps { + params: { + locale: string; + departmentId: string; + }; +} + +export default function DepartmentMeetingPage({ + params, +}: DepartmentMeetingPageProps) { + return ( + + ); +} diff --git a/apps/web/src/app/[locale]/(auth)/lean/morning-meeting/morning-meeting-overview-content.tsx b/apps/web/src/app/[locale]/(auth)/lean/morning-meeting/morning-meeting-overview-content.tsx new file mode 100644 index 0000000..3bdf2a6 --- /dev/null +++ b/apps/web/src/app/[locale]/(auth)/lean/morning-meeting/morning-meeting-overview-content.tsx @@ -0,0 +1,505 @@ +'use client'; + +import { useState } from 'react'; +import { useTranslations } from 'next-intl'; +import { useRouter } from 'next/navigation'; +import { format, startOfMonth, endOfMonth, eachDayOfInterval, isSameDay } from 'date-fns'; +import { de, enUS } from 'date-fns/locale'; +import { + Calendar, + Building2, + ChevronLeft, + ChevronRight, + Clock, + CheckCircle, + AlertCircle, + Plus, + Search, + Filter, +} from 'lucide-react'; +import { Card, CardContent, CardHeader, CardTitle } from '@/components/ui/card'; +import { Button } from '@/components/ui/button'; +import { Badge } from '@/components/ui/badge'; +import { Input } from '@/components/ui/input'; +import { Skeleton } from '@/components/ui/skeleton'; +import { ScrollArea } from '@/components/ui/scroll-area'; +import { + Select, + SelectContent, + SelectItem, + SelectTrigger, + SelectValue, +} from '@/components/ui/select'; +import { cn } from '@/lib/utils'; +import { useMeetings, useOpenActions } from '@/hooks/lean/use-meetings'; +import type { MorningMeeting, MeetingStatus } from '@/types/lean'; + +interface MorningMeetingOverviewContentProps { + locale: string; +} + +// Mock departments - replace with actual data fetching +const MOCK_DEPARTMENTS = [ + { id: 'dept-1', name: 'Produktion', code: 'PROD' }, + { id: 'dept-2', name: 'Logistik', code: 'LOG' }, + { id: 'dept-3', name: 'Qualitaet', code: 'QM' }, + { id: 'dept-4', name: 'Instandhaltung', code: 'IH' }, +]; + +/** + * Meeting status indicator + */ +function StatusIndicator({ status }: { status: MeetingStatus }) { + switch (status) { + case 'COMPLETED': + return ; + case 'IN_PROGRESS': + return ; + case 'CANCELLED': + return ; + default: + return ; + } +} + +/** + * Calendar view component + */ +function MeetingCalendar({ + meetings, + currentMonth, + onMonthChange, + onDateClick, + locale, +}: { + meetings: MorningMeeting[]; + currentMonth: Date; + onMonthChange: (date: Date) => void; + onDateClick: (date: Date) => void; + locale: string; +}) { + const dateLocale = locale === 'de' ? de : enUS; + const monthStart = startOfMonth(currentMonth); + const monthEnd = endOfMonth(currentMonth); + const days = eachDayOfInterval({ start: monthStart, end: monthEnd }); + + // Get the day of week for the first day (0 = Sunday, 1 = Monday, etc.) + // Adjust for Monday start + const startDayOfWeek = (monthStart.getDay() + 6) % 7; + const paddingDays = Array(startDayOfWeek).fill(null); + + const getMeetingsForDay = (date: Date) => + meetings.filter((m) => isSameDay(new Date(m.date), date)); + + const weekDays = locale === 'de' + ? ['Mo', 'Di', 'Mi', 'Do', 'Fr', 'Sa', 'So'] + : ['Mon', 'Tue', 'Wed', 'Thu', 'Fri', 'Sat', 'Sun']; + + return ( + + +
+ + {format(currentMonth, 'MMMM yyyy', { locale: dateLocale })} + +
+ + +
+
+ + + {/* Week day headers */} +
+ {weekDays.map((day) => ( +
+ {day} +
+ ))} +
+ + {/* Calendar grid */} +
+ {/* Padding days */} + {paddingDays.map((_, i) => ( +
+ ))} + + {/* Actual days */} + {days.map((day) => { + const dayMeetings = getMeetingsForDay(day); + const isToday = isSameDay(day, new Date()); + const hasMeetings = dayMeetings.length > 0; + + return ( + + ); + })} +
+ + + ); +} + +/** + * Status badge for department card + */ +function DepartmentCardStatusBadge({ status }: { status: MeetingStatus }) { + const t = useTranslations('lean.morningMeeting.status'); + const statusKeyMap: Record = { + SCHEDULED: 'scheduled', + IN_PROGRESS: 'inProgress', + COMPLETED: 'completed', + CANCELLED: 'cancelled', + }; + return ( + + + {t(statusKeyMap[status])} + + ); +} + +/** + * Department quick access card + */ +function DepartmentCard({ + department, + lastMeeting, + onClick, +}: { + department: (typeof MOCK_DEPARTMENTS)[0]; + lastMeeting?: MorningMeeting; + onClick: () => void; +}) { + return ( + + +
+
+
+ +
+
+

{department.name}

+

{department.code}

+
+
+ {lastMeeting && ( + + )} +
+ + + ); +} + +/** + * Recent meetings list + */ +function RecentMeetingsList({ + meetings, + isLoading, + onMeetingClick, + locale, +}: { + meetings: MorningMeeting[]; + isLoading: boolean; + onMeetingClick: (meeting: MorningMeeting) => void; + locale: string; +}) { + const dateLocale = locale === 'de' ? de : enUS; + const tMeeting = useTranslations('lean.morningMeeting'); + + if (isLoading) { + return ( +
+ {[1, 2, 3, 4, 5].map((i) => ( + + ))} +
+ ); + } + + if (meetings.length === 0) { + return ( +
+ +

{tMeeting('noMeetingsFound')}

+
+ ); + } + + return ( +
+ {meetings.map((meeting) => ( + + ))} +
+ ); +} + +/** + * Main overview content component + */ +export function MorningMeetingOverviewContent({ + locale, +}: MorningMeetingOverviewContentProps) { + const router = useRouter(); + const t = useTranslations('lean.morningMeeting'); + const tStatus = useTranslations('lean.morningMeeting.status'); + const tCommon = useTranslations('common'); + const [currentMonth, setCurrentMonth] = useState(new Date()); + const [searchTerm, setSearchTerm] = useState(''); + const [statusFilter, setStatusFilter] = useState('ALL'); + + // Fetch meetings for the current month + const { data: meetingsData, isLoading: meetingsLoading } = useMeetings({ + dateFrom: format(startOfMonth(currentMonth), 'yyyy-MM-dd'), + dateTo: format(endOfMonth(currentMonth), 'yyyy-MM-dd'), + limit: 100, + sortBy: 'date', + sortOrder: 'desc', + status: statusFilter === 'ALL' ? undefined : statusFilter, + }); + + // Fetch open actions + const { data: openActions, isLoading: actionsLoading } = useOpenActions(); + + const meetings = meetingsData?.data || []; + + const handleDepartmentClick = (departmentId: string) => { + router.push(`/${locale}/lean/morning-meeting/${departmentId}`); + }; + + const handleMeetingClick = (meeting: MorningMeeting) => { + router.push(`/${locale}/lean/morning-meeting/${meeting.department.id}`); + }; + + const handleDateClick = (date: Date) => { + // Find meetings for this date + const dayMeetings = meetings.filter((m) => + isSameDay(new Date(m.date), date) + ); + if (dayMeetings.length === 1) { + handleMeetingClick(dayMeetings[0]); + } + // If multiple meetings, could show a modal or filter the list + }; + + return ( +
+ {/* Header */} +
+
+

{t('title')}

+

+ {t('overview')} +

+
+ +
+
+ + setSearchTerm(e.target.value)} + className="pl-9 w-[200px]" + /> +
+ +
+
+ + {/* Quick access - Departments */} +
+

{t('departmentsTitle')}

+
+ {MOCK_DEPARTMENTS.map((dept) => { + const lastMeeting = meetings.find( + (m) => m.department.id === dept.id + ); + return ( + handleDepartmentClick(dept.id)} + /> + ); + })} +
+
+ + {/* Main content grid */} +
+ {/* Calendar */} +
+ +
+ + {/* Recent meetings */} + + + {t('currentMeetingsTitle')} + + + + + + + +
+ + {/* Open actions summary */} + + +
+ {t('openActionsTitle')} + + {actionsLoading ? '...' : t('openCount', { count: openActions?.length || 0 })} + +
+ + + {actionsLoading ? ( +
+ {[1, 2, 3].map((i) => ( + + ))} +
+ ) : openActions && openActions.length > 0 ? ( + +
+ {openActions.slice(0, 10).map((action) => ( +
+
+

{action.title}

+

+ {(action as { meeting?: { department?: { name: string } } }).meeting?.department?.name} +

+
+ {action.assignee && ( + + {action.assignee.firstName} {action.assignee.lastName} + + )} +
+ ))} +
+ + ) : ( +
+ +

{t('noOpenActions')}

+
+ )} + + +
+ ); +} diff --git a/apps/web/src/app/[locale]/(auth)/lean/morning-meeting/page.tsx b/apps/web/src/app/[locale]/(auth)/lean/morning-meeting/page.tsx new file mode 100644 index 0000000..9b7481b --- /dev/null +++ b/apps/web/src/app/[locale]/(auth)/lean/morning-meeting/page.tsx @@ -0,0 +1,15 @@ +import type { Metadata } from 'next'; +import { MorningMeetingOverviewContent } from './morning-meeting-overview-content'; + +export const metadata: Metadata = { + title: 'Morning Meeting | tOS', + description: 'Morning Meeting Uebersicht und Kalender', +}; + +interface MorningMeetingPageProps { + params: { locale: string }; +} + +export default function MorningMeetingPage({ params }: MorningMeetingPageProps) { + return ; +} diff --git a/apps/web/src/app/[locale]/(auth)/lean/page.tsx b/apps/web/src/app/[locale]/(auth)/lean/page.tsx new file mode 100644 index 0000000..ed70fcd --- /dev/null +++ b/apps/web/src/app/[locale]/(auth)/lean/page.tsx @@ -0,0 +1,138 @@ +'use client'; + +import { useTranslations } from 'next-intl'; +import { Card, CardContent, CardDescription, CardHeader, CardTitle } from '@/components/ui/card'; +import { PageTransition } from '@/components/layout/page-transition'; +import Link from 'next/link'; +import { useParams } from 'next/navigation'; +import { + ClipboardList, + Users, + Calendar, + TrendingUp, + CheckCircle2, + Target +} from 'lucide-react'; + +const leanModules = [ + { + id: 's3-planning', + icon: ClipboardList, + href: '/lean/s3-planning', + color: 'text-blue-500', + bgColor: 'bg-blue-500/10', + }, + { + id: 'morning-meeting', + icon: Calendar, + href: '/lean/morning-meeting', + color: 'text-green-500', + bgColor: 'bg-green-500/10', + }, + { + id: 'skill-matrix', + icon: Users, + href: '/lean/skill-matrix', + color: 'text-purple-500', + bgColor: 'bg-purple-500/10', + }, +]; + +export default function LeanPage() { + const t = useTranslations('lean'); + const params = useParams(); + const locale = params.locale as string; + + return ( + +
+
+

{t('title')}

+

{t('description')}

+
+ +
+ {leanModules.map((module) => { + const Icon = module.icon; + return ( + + + +
+ +
+ {t(`modules.${module.id}.title`)} + {t(`modules.${module.id}.description`)} + + +
+ + {t(`modules.${module.id}.status`)} +
+ + + + ); + })} +
+ + {/* Quick Stats */} +
+ + + + {t('stats.s3Completion')} + + + +
78%
+
+ + +5% vs. last month +
+ + + + + + + {t('stats.meetingsThisWeek')} + + + +
12
+
5 departments
+ + + + + + + {t('stats.openActions')} + + + +
23
+
8 overdue
+ + + + + + + {t('stats.skillCoverage')} + + + +
85%
+
+ + Target: 80% +
+ + +
+
+ + ); +} diff --git a/apps/web/src/app/[locale]/(auth)/lean/s3-planning/[departmentId]/page.tsx b/apps/web/src/app/[locale]/(auth)/lean/s3-planning/[departmentId]/page.tsx new file mode 100644 index 0000000..d18482b --- /dev/null +++ b/apps/web/src/app/[locale]/(auth)/lean/s3-planning/[departmentId]/page.tsx @@ -0,0 +1,27 @@ +import { Metadata } from 'next'; +import { getTranslations } from 'next-intl/server'; + +import { S3DepartmentView } from '@/components/lean/s3'; + +interface DepartmentPlanPageProps { + params: { locale: string; departmentId: string }; +} + +export async function generateMetadata(): Promise { + const t = await getTranslations('lean'); + + return { + title: `${t('s3Planning')} - Abteilung`, + description: '3S-Plan fuer eine spezifische Abteilung mit Wochenansicht', + }; +} + +/** + * Department S3 Plan Page - Server Component + * Displays the 3S plan for a specific department with weekly status grid + */ +export default function DepartmentPlanPage({ + params: { locale, departmentId }, +}: DepartmentPlanPageProps) { + return ; +} diff --git a/apps/web/src/app/[locale]/(auth)/lean/s3-planning/page.tsx b/apps/web/src/app/[locale]/(auth)/lean/s3-planning/page.tsx new file mode 100644 index 0000000..235e2bb --- /dev/null +++ b/apps/web/src/app/[locale]/(auth)/lean/s3-planning/page.tsx @@ -0,0 +1,25 @@ +import { Metadata } from 'next'; +import { getTranslations } from 'next-intl/server'; + +import { S3PlanOverview } from '@/components/lean/s3'; + +interface S3PlanningPageProps { + params: { locale: string }; +} + +export async function generateMetadata(): Promise { + const t = await getTranslations('lean'); + + return { + title: t('s3Planning'), + description: 'Uebersicht aller 3S-Plaene nach Abteilung', + }; +} + +/** + * S3 Planning Overview Page - Server Component + * Displays all department 3S plans with filtering and statistics + */ +export default function S3PlanningPage({ params: { locale } }: S3PlanningPageProps) { + return ; +} diff --git a/apps/web/src/app/[locale]/(auth)/lean/skill-matrix/[departmentId]/department-skill-matrix-content.tsx b/apps/web/src/app/[locale]/(auth)/lean/skill-matrix/[departmentId]/department-skill-matrix-content.tsx new file mode 100644 index 0000000..7f4cab7 --- /dev/null +++ b/apps/web/src/app/[locale]/(auth)/lean/skill-matrix/[departmentId]/department-skill-matrix-content.tsx @@ -0,0 +1,399 @@ +'use client'; + +import { useState, useCallback } from 'react'; +import { useTranslations } from 'next-intl'; +import Link from 'next/link'; +import { motion } from 'framer-motion'; +import { + ArrowLeft, + Download, + Upload, + RefreshCw, + Settings, + BarChart3, + Users, + AlertTriangle, +} from 'lucide-react'; +import { Card, CardContent, CardHeader, CardTitle, CardDescription } from '@/components/ui/card'; +import { Button } from '@/components/ui/button'; +import { Badge } from '@/components/ui/badge'; +import { Tabs, TabsContent, TabsList, TabsTrigger } from '@/components/ui/tabs'; +import { Skeleton } from '@/components/ui/skeleton'; +import { + Select, + SelectContent, + SelectItem, + SelectTrigger, + SelectValue, +} from '@/components/ui/select'; +import { PageTransition } from '@/components/layout/page-transition'; +import { useToast } from '@/hooks/use-toast'; +import { + SkillMatrixGrid, + SkillGapChart, + SkillGapSummary, +} from '@/components/lean/skill-matrix'; +import { + useSkillMatrix, + useSkillGapAnalysis, + useBulkUpsertSkillEntries, + type SkillMatrix, + type SkillGapAnalysis, +} from '@/hooks/lean/use-skill-matrix'; +import type { SkillLevelValue } from '@/hooks/lean/use-skills'; + +interface DepartmentSkillMatrixContentProps { + locale: string; + departmentId: string; +} + +// Mock data for development +// TODO: Remove when API is connected +const mockMatrix: SkillMatrix = { + department: { + id: '1', + name: 'IT & Entwicklung', + code: 'IT', + }, + skills: [ + { id: 's1', name: 'TypeScript', description: 'TypeScript programming', category: 'Frontend', isGlobal: false }, + { id: 's2', name: 'React', description: 'React framework', category: 'Frontend', isGlobal: false }, + { id: 's3', name: 'Next.js', description: 'Next.js framework', category: 'Frontend', isGlobal: false }, + { id: 's4', name: 'Node.js', description: 'Node.js runtime', category: 'Backend', isGlobal: false }, + { id: 's5', name: 'PostgreSQL', description: 'PostgreSQL database', category: 'Backend', isGlobal: false }, + { id: 's6', name: 'Docker', description: 'Containerization', category: 'DevOps', isGlobal: true }, + { id: 's7', name: 'Git', description: 'Version control', category: 'Tools', isGlobal: true }, + { id: 's8', name: 'Scrum', description: 'Agile methodology', category: 'Process', isGlobal: true }, + ], + matrix: [ + { + employee: { + id: 'e1', + employeeNumber: 'EMP001', + position: 'Senior Developer', + user: { id: 'u1', firstName: 'Max', lastName: 'Mustermann', email: 'max@example.com' }, + }, + skills: { + s1: { level: 4 as SkillLevelValue, assessedAt: '2024-01-15', assessedBy: { id: 'a1', firstName: 'Admin', lastName: 'User' }, notes: null }, + s2: { level: 4 as SkillLevelValue, assessedAt: '2024-01-15', assessedBy: { id: 'a1', firstName: 'Admin', lastName: 'User' }, notes: null }, + s3: { level: 3 as SkillLevelValue, assessedAt: '2024-01-15', assessedBy: { id: 'a1', firstName: 'Admin', lastName: 'User' }, notes: null }, + s4: { level: 3 as SkillLevelValue, assessedAt: '2024-01-15', assessedBy: null, notes: null }, + s5: { level: 2 as SkillLevelValue, assessedAt: '2024-01-10', assessedBy: null, notes: null }, + s6: { level: 3 as SkillLevelValue, assessedAt: null, assessedBy: null, notes: null }, + s7: { level: 4 as SkillLevelValue, assessedAt: null, assessedBy: null, notes: null }, + s8: { level: 2 as SkillLevelValue, assessedAt: null, assessedBy: null, notes: null }, + }, + }, + { + employee: { + id: 'e2', + employeeNumber: 'EMP002', + position: 'Junior Developer', + user: { id: 'u2', firstName: 'Anna', lastName: 'Schmidt', email: 'anna@example.com' }, + }, + skills: { + s1: { level: 2 as SkillLevelValue, assessedAt: '2024-01-20', assessedBy: null, notes: null }, + s2: { level: 2 as SkillLevelValue, assessedAt: '2024-01-20', assessedBy: null, notes: null }, + s3: { level: 1 as SkillLevelValue, assessedAt: null, assessedBy: null, notes: 'In training' }, + s4: { level: 1 as SkillLevelValue, assessedAt: null, assessedBy: null, notes: null }, + s5: { level: 1 as SkillLevelValue, assessedAt: null, assessedBy: null, notes: null }, + s6: { level: 1 as SkillLevelValue, assessedAt: null, assessedBy: null, notes: null }, + s7: { level: 2 as SkillLevelValue, assessedAt: null, assessedBy: null, notes: null }, + s8: { level: 2 as SkillLevelValue, assessedAt: null, assessedBy: null, notes: null }, + }, + }, + { + employee: { + id: 'e3', + employeeNumber: 'EMP003', + position: 'Backend Developer', + user: { id: 'u3', firstName: 'Peter', lastName: 'Mueller', email: 'peter@example.com' }, + }, + skills: { + s1: { level: 3 as SkillLevelValue, assessedAt: null, assessedBy: null, notes: null }, + s2: { level: 2 as SkillLevelValue, assessedAt: null, assessedBy: null, notes: null }, + s3: { level: 1 as SkillLevelValue, assessedAt: null, assessedBy: null, notes: null }, + s4: { level: 4 as SkillLevelValue, assessedAt: '2024-01-05', assessedBy: null, notes: 'Expert' }, + s5: { level: 4 as SkillLevelValue, assessedAt: '2024-01-05', assessedBy: null, notes: null }, + s6: { level: 3 as SkillLevelValue, assessedAt: null, assessedBy: null, notes: null }, + s7: { level: 3 as SkillLevelValue, assessedAt: null, assessedBy: null, notes: null }, + s8: { level: 2 as SkillLevelValue, assessedAt: null, assessedBy: null, notes: null }, + }, + }, + { + employee: { + id: 'e4', + employeeNumber: 'EMP004', + position: 'DevOps Engineer', + user: { id: 'u4', firstName: 'Lisa', lastName: 'Weber', email: 'lisa@example.com' }, + }, + skills: { + s1: { level: 2 as SkillLevelValue, assessedAt: null, assessedBy: null, notes: null }, + s2: { level: 1 as SkillLevelValue, assessedAt: null, assessedBy: null, notes: null }, + s3: { level: 0 as SkillLevelValue, assessedAt: null, assessedBy: null, notes: null }, + s4: { level: 3 as SkillLevelValue, assessedAt: null, assessedBy: null, notes: null }, + s5: { level: 3 as SkillLevelValue, assessedAt: null, assessedBy: null, notes: null }, + s6: { level: 4 as SkillLevelValue, assessedAt: '2024-01-08', assessedBy: null, notes: 'Trainer' }, + s7: { level: 4 as SkillLevelValue, assessedAt: null, assessedBy: null, notes: null }, + s8: { level: 3 as SkillLevelValue, assessedAt: null, assessedBy: null, notes: null }, + }, + }, + ], +}; + +const mockGapAnalysis: SkillGapAnalysis[] = [ + { skillId: 's3', skillName: 'Next.js', category: 'Frontend', targetLevel: 2, averageLevel: 1.25, gap: 0.75, employeesBelow: 2, employeesAtOrAbove: 2, totalEmployees: 4 }, + { skillId: 's4', skillName: 'Node.js', category: 'Backend', targetLevel: 2, averageLevel: 2.75, gap: -0.75, employeesBelow: 1, employeesAtOrAbove: 3, totalEmployees: 4 }, + { skillId: 's1', skillName: 'TypeScript', category: 'Frontend', targetLevel: 2, averageLevel: 2.75, gap: -0.75, employeesBelow: 0, employeesAtOrAbove: 4, totalEmployees: 4 }, + { skillId: 's5', skillName: 'PostgreSQL', category: 'Backend', targetLevel: 2, averageLevel: 2.5, gap: -0.5, employeesBelow: 1, employeesAtOrAbove: 3, totalEmployees: 4 }, + { skillId: 's2', skillName: 'React', category: 'Frontend', targetLevel: 2, averageLevel: 2.25, gap: -0.25, employeesBelow: 1, employeesAtOrAbove: 3, totalEmployees: 4 }, + { skillId: 's8', skillName: 'Scrum', category: 'Process', targetLevel: 2, averageLevel: 2.25, gap: -0.25, employeesBelow: 0, employeesAtOrAbove: 4, totalEmployees: 4 }, + { skillId: 's6', skillName: 'Docker', category: 'DevOps', targetLevel: 2, averageLevel: 2.75, gap: -0.75, employeesBelow: 1, employeesAtOrAbove: 3, totalEmployees: 4 }, + { skillId: 's7', skillName: 'Git', category: 'Tools', targetLevel: 2, averageLevel: 3.25, gap: -1.25, employeesBelow: 0, employeesAtOrAbove: 4, totalEmployees: 4 }, +]; + +/** + * Department skill matrix content + * Shows the matrix grid and gap analysis for a specific department + */ +export function DepartmentSkillMatrixContent({ + locale, + departmentId, +}: DepartmentSkillMatrixContentProps) { + const t = useTranslations('lean'); + const tCommon = useTranslations('common'); + const { toast } = useToast(); + + const [targetLevel, setTargetLevel] = useState(2); + const [pendingChanges, setPendingChanges] = useState< + Map + >(new Map()); + + // API hooks - using mock data for now + // const { data: matrix, isLoading: matrixLoading } = useSkillMatrix(departmentId); + // const { data: gapAnalysis, isLoading: gapLoading } = useSkillGapAnalysis(departmentId, targetLevel); + const bulkUpsert = useBulkUpsertSkillEntries(); + + // Use mock data for development + const matrix = mockMatrix; + const matrixLoading = false; + const gapAnalysis = mockGapAnalysis; + const gapLoading = false; + + // Handle level change with optimistic update + const handleLevelChange = useCallback( + (employeeId: string, skillId: string, newLevel: SkillLevelValue) => { + const key = `${employeeId}-${skillId}`; + setPendingChanges((prev) => { + const next = new Map(prev); + next.set(key, { employeeId, skillId, level: newLevel }); + return next; + }); + + // TODO: Debounce and batch API calls + toast({ + title: t('skillMatrix.levelUpdated'), + description: t('skillMatrix.levelUpdatedDescription'), + }); + }, + [t, toast] + ); + + // Save all pending changes + const handleSaveChanges = useCallback(async () => { + if (pendingChanges.size === 0) return; + + const entries = Array.from(pendingChanges.values()); + + try { + await bulkUpsert.mutateAsync({ entries }); + setPendingChanges(new Map()); + toast({ + title: tCommon('success'), + description: t('skillMatrix.changesSaved'), + }); + } catch { + toast({ + title: tCommon('error'), + description: t('skillMatrix.saveError'), + variant: 'destructive', + }); + } + }, [pendingChanges, bulkUpsert, t, tCommon, toast]); + + if (matrixLoading) { + return ; + } + + if (!matrix) { + return ( + +
+ +

{t('skillMatrix.notFound')}

+ + + +
+ + ); + } + + return ( + +
+ {/* Header */} +
+
+ + + +
+

{matrix.department.name}

+

+ {t('skillMatrix.subtitle', { + employees: matrix.matrix.length, + skills: matrix.skills.length, + })} +

+
+
+ +
+ {pendingChanges.size > 0 && ( + + {pendingChanges.size} {t('skillMatrix.unsavedChanges')} + + )} + + + +
+
+ + {/* Tabs for Matrix and Analysis */} + + + + + {t('skillMatrix.matrixView')} + + + + {t('skillMatrix.gapAnalysis')} + + + + + + + + + {/* Target Level Selector */} + + +
+
+ {t('skillMatrix.gapAnalysisSettings')} + {t('skillMatrix.gapAnalysisSettingsDescription')} +
+ +
+ + + + {/* Gap Summary */} + + + {/* Gap Chart */} + + + +
+ + ); +} + +/** + * Loading skeleton + */ +function LoadingSkeleton() { + return ( + +
+
+ +
+ + +
+
+ + + + + +
+ {[1, 2, 3, 4, 5].map((i) => ( +
+ +
+ {[1, 2, 3, 4, 5, 6].map((j) => ( + + ))} +
+
+ ))} +
+ + +
+ + ); +} diff --git a/apps/web/src/app/[locale]/(auth)/lean/skill-matrix/[departmentId]/page.tsx b/apps/web/src/app/[locale]/(auth)/lean/skill-matrix/[departmentId]/page.tsx new file mode 100644 index 0000000..9d81b13 --- /dev/null +++ b/apps/web/src/app/[locale]/(auth)/lean/skill-matrix/[departmentId]/page.tsx @@ -0,0 +1,28 @@ +import { Metadata } from 'next'; +import { getTranslations } from 'next-intl/server'; + +import { DepartmentSkillMatrixContent } from './department-skill-matrix-content'; + +interface DepartmentSkillMatrixPageProps { + params: { locale: string; departmentId: string }; +} + +export async function generateMetadata({ + params, +}: DepartmentSkillMatrixPageProps): Promise { + const t = await getTranslations('lean'); + + return { + title: `${t('skillMatrix')} - LEAN`, + }; +} + +/** + * Department Skill Matrix page - Server Component + * Shows the skill matrix grid for a specific department + */ +export default function DepartmentSkillMatrixPage({ + params: { locale, departmentId }, +}: DepartmentSkillMatrixPageProps) { + return ; +} diff --git a/apps/web/src/app/[locale]/(auth)/lean/skill-matrix/page.tsx b/apps/web/src/app/[locale]/(auth)/lean/skill-matrix/page.tsx new file mode 100644 index 0000000..2305ed1 --- /dev/null +++ b/apps/web/src/app/[locale]/(auth)/lean/skill-matrix/page.tsx @@ -0,0 +1,24 @@ +import { Metadata } from 'next'; +import { getTranslations } from 'next-intl/server'; + +import { SkillMatrixOverviewContent } from './skill-matrix-overview-content'; + +interface SkillMatrixPageProps { + params: { locale: string }; +} + +export async function generateMetadata(): Promise { + const t = await getTranslations('lean'); + + return { + title: `${t('skillMatrix')} - LEAN`, + }; +} + +/** + * Skill Matrix overview page - Server Component + * Shows list of departments with skill matrix access + */ +export default function SkillMatrixPage({ params: { locale } }: SkillMatrixPageProps) { + return ; +} diff --git a/apps/web/src/app/[locale]/(auth)/lean/skill-matrix/skill-matrix-overview-content.tsx b/apps/web/src/app/[locale]/(auth)/lean/skill-matrix/skill-matrix-overview-content.tsx new file mode 100644 index 0000000..59ab0fb --- /dev/null +++ b/apps/web/src/app/[locale]/(auth)/lean/skill-matrix/skill-matrix-overview-content.tsx @@ -0,0 +1,322 @@ +'use client'; + +import { useState } from 'react'; +import { useTranslations } from 'next-intl'; +import Link from 'next/link'; +import { motion } from 'framer-motion'; +import { + Users, + Building2, + ChevronRight, + Search, + TrendingUp, + TrendingDown, + Minus, + Plus, +} from 'lucide-react'; +import { Card, CardContent, CardDescription, CardHeader, CardTitle } from '@/components/ui/card'; +import { Button } from '@/components/ui/button'; +import { Badge } from '@/components/ui/badge'; +import { Input } from '@/components/ui/input'; +import { Skeleton } from '@/components/ui/skeleton'; +import { PageTransition } from '@/components/layout/page-transition'; +import { SkillLevelLegend } from '@/components/lean/skill-matrix'; + +interface SkillMatrixOverviewContentProps { + locale: string; +} + +// Mock departments with skill matrix stats +// TODO: Replace with API call +const mockDepartments = [ + { + id: '1', + name: 'IT & Entwicklung', + code: 'IT', + employeeCount: 24, + skillCount: 18, + averageLevel: 2.8, + coverage: 92, + trend: 'up' as const, + }, + { + id: '2', + name: 'Personal', + code: 'HR', + employeeCount: 8, + skillCount: 12, + averageLevel: 2.5, + coverage: 88, + trend: 'stable' as const, + }, + { + id: '3', + name: 'Vertrieb', + code: 'SALES', + employeeCount: 32, + skillCount: 15, + averageLevel: 2.2, + coverage: 75, + trend: 'down' as const, + }, + { + id: '4', + name: 'Lager & Logistik', + code: 'LOG', + employeeCount: 45, + skillCount: 20, + averageLevel: 2.4, + coverage: 80, + trend: 'up' as const, + }, + { + id: '5', + name: 'Finanzen', + code: 'FIN', + employeeCount: 6, + skillCount: 10, + averageLevel: 3.1, + coverage: 95, + trend: 'stable' as const, + }, +]; + +/** + * Skill Matrix overview page content + * Shows list of departments with skill matrix summary + */ +export function SkillMatrixOverviewContent({ locale }: SkillMatrixOverviewContentProps) { + const t = useTranslations('lean'); + const tCommon = useTranslations('common'); + const [searchQuery, setSearchQuery] = useState(''); + const [isLoading] = useState(false); + + // Filter departments by search + const filteredDepartments = mockDepartments.filter((dept) => { + if (!searchQuery.trim()) return true; + const query = searchQuery.toLowerCase(); + return ( + dept.name.toLowerCase().includes(query) || dept.code.toLowerCase().includes(query) + ); + }); + + // Calculate overall stats + const totalEmployees = mockDepartments.reduce((sum, d) => sum + d.employeeCount, 0); + const avgCoverage = Math.round( + mockDepartments.reduce((sum, d) => sum + d.coverage, 0) / mockDepartments.length + ); + const avgLevel = ( + mockDepartments.reduce((sum, d) => sum + d.averageLevel, 0) / mockDepartments.length + ).toFixed(1); + + return ( + +
+ {/* Header */} +
+
+

{t('skillMatrix')}

+

{t('skillMatrix.description')}

+
+ +
+ + {/* Overall Stats */} +
+ + + + {t('skillMatrix.totalEmployees')} + + + +
{totalEmployees}
+

+ {t('skillMatrix.inDepartments', { count: mockDepartments.length })} +

+ + + + + + + {t('skillMatrix.avgCoverage')} + + + +
{avgCoverage}%
+
+ + +3% {t('skillMatrix.vsLastMonth')} +
+ + + + + + + {t('skillMatrix.avgLevel')} + + + +
{avgLevel}
+

{t('skillMatrix.targetLevel')}: 2.5

+ + + + + + + {t('skillMatrix.trainers')} + + + +
12
+

Level 4 ({t('skillMatrix.levels.4')})

+ + +
+ + {/* Search and Legend */} + + +
+
+ + setSearchQuery(e.target.value)} + className="pl-8" + /> +
+
+ + + + + + + {/* Department Cards */} + {isLoading ? ( +
+ {[1, 2, 3, 4, 5, 6].map((i) => ( + + + + + + + + + + ))} +
+ ) : filteredDepartments.length === 0 ? ( + + + +

{t('skillMatrix.noDepartmentsFound')}

+ + + ) : ( +
+ {filteredDepartments.map((dept) => ( + + ))} +
+ )} +
+ + ); +} + +/** + * Department card with skill matrix summary + */ +interface DepartmentCardProps { + department: (typeof mockDepartments)[0]; + locale: string; + t: ReturnType; +} + +function DepartmentCard({ department, locale, t }: DepartmentCardProps) { + const TrendIcon = + department.trend === 'up' ? TrendingUp : department.trend === 'down' ? TrendingDown : Minus; + const trendColor = + department.trend === 'up' + ? 'text-green-600' + : department.trend === 'down' + ? 'text-red-600' + : 'text-muted-foreground'; + + const coverageColor = + department.coverage >= 90 + ? 'text-green-600 bg-green-100 dark:bg-green-900/30' + : department.coverage >= 75 + ? 'text-yellow-600 bg-yellow-100 dark:bg-yellow-900/30' + : 'text-red-600 bg-red-100 dark:bg-red-900/30'; + + return ( + + + + +
+
+
+ +
+
+ {department.name} + {department.code} +
+
+ +
+ + +
+
+
+ + {department.employeeCount} +
+

{t('skillMatrix.employees')}

+
+
+ + {department.coverage}% + +

{t('skillMatrix.coverage')}

+
+
+
{department.averageLevel.toFixed(1)}
+

{t('skillMatrix.avgLevel')}

+
+
+
+ + {t(`skillMatrix.trend.${department.trend}`)} +
+

{t('skillMatrix.trend')}

+
+
+
+

+ {department.skillCount} {t('skills')} +

+
+ + + + + ); +} diff --git a/apps/web/src/app/[locale]/(auth)/settings/notifications/notifications-settings-content.tsx b/apps/web/src/app/[locale]/(auth)/settings/notifications/notifications-settings-content.tsx new file mode 100644 index 0000000..e6065a1 --- /dev/null +++ b/apps/web/src/app/[locale]/(auth)/settings/notifications/notifications-settings-content.tsx @@ -0,0 +1,271 @@ +'use client'; + +import { useState } from 'react'; +import { useTranslations } from 'next-intl'; +import Link from 'next/link'; +import { motion } from 'framer-motion'; +import { ArrowLeft, Bell, Mail, MessageSquare, Calendar, Clock, Users } from 'lucide-react'; + +import { Button } from '@/components/ui/button'; +import { Card, CardContent, CardDescription, CardHeader, CardTitle } from '@/components/ui/card'; +import { Label } from '@/components/ui/label'; +import { Separator } from '@/components/ui/separator'; +import { cn } from '@/lib/utils'; + +interface NotificationsSettingsContentProps { + locale: string; +} + +interface NotificationSetting { + id: string; + label: string; + description: string; + icon: React.ComponentType<{ className?: string }>; + email: boolean; + push: boolean; + inApp: boolean; +} + +const defaultSettings: NotificationSetting[] = [ + { + id: 'tasks', + label: 'Aufgaben', + description: 'Benachrichtigungen bei neuen oder faelligen Aufgaben', + icon: Clock, + email: true, + push: true, + inApp: true, + }, + { + id: 'absences', + label: 'Abwesenheiten', + description: 'Urlaubsantraege und Genehmigungen', + icon: Calendar, + email: true, + push: false, + inApp: true, + }, + { + id: 'meetings', + label: 'Termine', + description: 'Erinnerungen und Einladungen', + icon: Users, + email: true, + push: true, + inApp: true, + }, + { + id: 'messages', + label: 'Nachrichten', + description: 'Direktnachrichten und Erwaechnungen', + icon: MessageSquare, + email: false, + push: true, + inApp: true, + }, +]; + +/** + * Simple toggle switch component + */ +function Toggle({ + enabled, + onChange, + disabled = false, +}: { + enabled: boolean; + onChange: (enabled: boolean) => void; + disabled?: boolean; +}) { + return ( + + ); +} + +/** + * Notifications settings content - Manage notification preferences + */ +export function NotificationsSettingsContent({ locale }: NotificationsSettingsContentProps) { + const t = useTranslations('settings'); + const [settings, setSettings] = useState(defaultSettings); + const [masterEmail, setMasterEmail] = useState(true); + const [masterPush, setMasterPush] = useState(true); + + const updateSetting = (id: string, field: 'email' | 'push' | 'inApp', value: boolean) => { + setSettings((prev) => + prev.map((s) => (s.id === id ? { ...s, [field]: value } : s)) + ); + }; + + return ( +
+ {/* Header with back button */} + + + + +
+

{t('notificationsTitle')}

+

{t('notificationsDescription')}

+
+ + + {/* Master Toggles */} + + + + + + Globale Einstellungen + + Hauptschalter fuer Benachrichtigungen + + +
+
+ +
+ +

+ Benachrichtigungen per E-Mail erhalten +

+
+
+ +
+ + + +
+
+ +
+ +

+ Browser-Benachrichtigungen erhalten +

+
+
+ +
+ + + + + {/* Detailed Settings */} + + + + Detaillierte Einstellungen + + Passen Sie Benachrichtigungen fuer einzelne Kategorien an + + + +
+ {settings.map((setting, index) => { + const Icon = setting.icon; + + return ( + +
+
+ +
+ +
+
+ +

{setting.description}

+
+ +
+
+ updateSetting(setting.id, 'email', v)} + disabled={!masterEmail} + /> + E-Mail +
+ +
+ updateSetting(setting.id, 'push', v)} + disabled={!masterPush} + /> + Push +
+ +
+ updateSetting(setting.id, 'inApp', v)} + /> + In-App +
+
+
+
+ + {index < settings.length - 1 && } + + ); + })} +
+ + + + + {/* Save Button */} + + + +
+ ); +} diff --git a/apps/web/src/app/[locale]/(auth)/settings/notifications/page.tsx b/apps/web/src/app/[locale]/(auth)/settings/notifications/page.tsx new file mode 100644 index 0000000..d7af1e0 --- /dev/null +++ b/apps/web/src/app/[locale]/(auth)/settings/notifications/page.tsx @@ -0,0 +1,23 @@ +import { Metadata } from 'next'; +import { getTranslations } from 'next-intl/server'; + +import { NotificationsSettingsContent } from './notifications-settings-content'; + +interface NotificationsPageProps { + params: { locale: string }; +} + +export async function generateMetadata(): Promise { + const t = await getTranslations('settings'); + + return { + title: `${t('notificationsTitle')} - ${t('title')}`, + }; +} + +/** + * Notifications settings page - Server Component + */ +export default function NotificationsSettingsPage({ params: { locale } }: NotificationsPageProps) { + return ; +} diff --git a/apps/web/src/app/[locale]/(auth)/settings/page.tsx b/apps/web/src/app/[locale]/(auth)/settings/page.tsx new file mode 100644 index 0000000..d7f24c0 --- /dev/null +++ b/apps/web/src/app/[locale]/(auth)/settings/page.tsx @@ -0,0 +1,24 @@ +import { Metadata } from 'next'; +import { getTranslations } from 'next-intl/server'; + +import { SettingsContent } from './settings-content'; + +interface SettingsPageProps { + params: { locale: string }; +} + +export async function generateMetadata(): Promise { + const t = await getTranslations('settings'); + + return { + title: t('title'), + }; +} + +/** + * Settings page - Server Component + * Entry point for user settings + */ +export default function SettingsPage({ params: { locale } }: SettingsPageProps) { + return ; +} diff --git a/apps/web/src/app/[locale]/(auth)/settings/preferences/page.tsx b/apps/web/src/app/[locale]/(auth)/settings/preferences/page.tsx new file mode 100644 index 0000000..0845a53 --- /dev/null +++ b/apps/web/src/app/[locale]/(auth)/settings/preferences/page.tsx @@ -0,0 +1,23 @@ +import { Metadata } from 'next'; +import { getTranslations } from 'next-intl/server'; + +import { PreferencesContent } from './preferences-content'; + +interface PreferencesPageProps { + params: { locale: string }; +} + +export async function generateMetadata(): Promise { + const t = await getTranslations('settings'); + + return { + title: `${t('preferencesTitle')} - ${t('title')}`, + }; +} + +/** + * Preferences settings page - Server Component + */ +export default function PreferencesPage({ params: { locale } }: PreferencesPageProps) { + return ; +} diff --git a/apps/web/src/app/[locale]/(auth)/settings/preferences/preferences-content.tsx b/apps/web/src/app/[locale]/(auth)/settings/preferences/preferences-content.tsx new file mode 100644 index 0000000..7730abc --- /dev/null +++ b/apps/web/src/app/[locale]/(auth)/settings/preferences/preferences-content.tsx @@ -0,0 +1,207 @@ +'use client'; + +import { useTranslations } from 'next-intl'; +import Link from 'next/link'; +import { useRouter, usePathname } from 'next/navigation'; +import { useTheme } from 'next-themes'; +import { motion } from 'framer-motion'; +import { ArrowLeft, Sun, Moon, Monitor, Languages, Check } from 'lucide-react'; + +import { Button } from '@/components/ui/button'; +import { Card, CardContent, CardDescription, CardHeader, CardTitle } from '@/components/ui/card'; +import { Label } from '@/components/ui/label'; +import { cn } from '@/lib/utils'; + +interface PreferencesContentProps { + locale: string; +} + +const themes = [ + { value: 'light', icon: Sun, labelKey: 'lightMode' }, + { value: 'dark', icon: Moon, labelKey: 'darkMode' }, + { value: 'system', icon: Monitor, labelKey: 'systemDefault' }, +] as const; + +const languages = [ + { value: 'de', label: 'Deutsch', flag: 'DE' }, + { value: 'en', label: 'English', flag: 'EN' }, +] as const; + +/** + * Preferences settings content - Theme and language settings + */ +export function PreferencesContent({ locale }: PreferencesContentProps) { + const t = useTranslations('settings'); + const { theme, setTheme } = useTheme(); + const router = useRouter(); + const pathname = usePathname(); + + const handleLanguageChange = (newLocale: string) => { + if (newLocale === locale) return; + + // Replace the locale in the current path + const newPath = pathname.replace(`/${locale}`, `/${newLocale}`); + router.push(newPath); + }; + + return ( +
+ {/* Header with back button */} + + + + +
+

{t('preferencesTitle')}

+

{t('preferencesDescription')}

+
+ + + {/* Theme Selection */} + + + + {t('theme')} + Waehlen Sie Ihr bevorzugtes Farbschema + + +
+ {themes.map((themeOption) => { + const Icon = themeOption.icon; + const isSelected = theme === themeOption.value; + + return ( + + ); + })} +
+ + + + + {/* Language Selection */} + + + + + + {t('language')} + + Waehlen Sie Ihre bevorzugte Sprache + + +
+ {languages.map((lang) => { + const isSelected = locale === lang.value; + + return ( + + ); + })} +
+ + + + + {/* Dashboard Preferences */} + + + + Dashboard + Einstellungen fuer Ihr Dashboard + + +
+
+ +

+ Setzen Sie Ihr Dashboard auf die Standardkonfiguration zurueck +

+
+ +
+ + + +
+ ); +} diff --git a/apps/web/src/app/[locale]/(auth)/settings/profile/page.tsx b/apps/web/src/app/[locale]/(auth)/settings/profile/page.tsx new file mode 100644 index 0000000..5f2bc3c --- /dev/null +++ b/apps/web/src/app/[locale]/(auth)/settings/profile/page.tsx @@ -0,0 +1,23 @@ +import { Metadata } from 'next'; +import { getTranslations } from 'next-intl/server'; + +import { ProfileSettingsContent } from './profile-settings-content'; + +interface ProfilePageProps { + params: { locale: string }; +} + +export async function generateMetadata(): Promise { + const t = await getTranslations('settings'); + + return { + title: `${t('profileTitle')} - ${t('title')}`, + }; +} + +/** + * Profile settings page - Server Component + */ +export default function ProfileSettingsPage({ params: { locale } }: ProfilePageProps) { + return ; +} diff --git a/apps/web/src/app/[locale]/(auth)/settings/profile/profile-settings-content.tsx b/apps/web/src/app/[locale]/(auth)/settings/profile/profile-settings-content.tsx new file mode 100644 index 0000000..5aac3b3 --- /dev/null +++ b/apps/web/src/app/[locale]/(auth)/settings/profile/profile-settings-content.tsx @@ -0,0 +1,205 @@ +'use client'; + +import { useSession } from 'next-auth/react'; +import { useTranslations } from 'next-intl'; +import Link from 'next/link'; +import { motion } from 'framer-motion'; +import { ArrowLeft, Camera, Mail, User, Building2, Calendar } from 'lucide-react'; + +import { Avatar, AvatarFallback, AvatarImage } from '@/components/ui/avatar'; +import { Button } from '@/components/ui/button'; +import { Card, CardContent, CardDescription, CardHeader, CardTitle } from '@/components/ui/card'; +import { Input } from '@/components/ui/input'; +import { Label } from '@/components/ui/label'; +import { Separator } from '@/components/ui/separator'; + +interface ProfileSettingsContentProps { + locale: string; +} + +/** + * Profile settings content - Edit user profile information + */ +export function ProfileSettingsContent({ locale }: ProfileSettingsContentProps) { + const { data: session } = useSession(); + const t = useTranslations('settings'); + const tCommon = useTranslations('common'); + + const user = session?.user; + const userInitials = user?.name + ?.split(' ') + .map((n) => n[0]) + .join('') + .toUpperCase() + .slice(0, 2) || 'U'; + + return ( +
+ {/* Header with back button */} + + + + +
+

{t('profileTitle')}

+

{t('profileDescription')}

+
+ + + {/* Profile Picture Section */} + + + + {t('profilePicture')} + {t('profilePictureSyncedFromKeycloak')} + + +
+ + + {userInitials} + + +
+
+

+ {t('profilePictureManagedInKeycloak')} +

+ +
+ + + + + {/* Personal Information Section */} + + + + {t('personalInformation')} + + {t('personalInformationDesc')} + + + +
+
+ + +
+ +
+ + +
+
+ + + +
+
+ + +
+ +
+ + +
+
+ +
+

+ {t('contactAdminToChange')} +

+
+ + + + + {/* Roles Section */} + + + + {t('rolesAndPermissions')} + {t('assignedRoles')} + + +
+ {user?.roles?.map((role) => ( + + {role} + + )) || ( + {tCommon('noRolesAssigned')} + )} +
+ + + +
+ ); +} diff --git a/apps/web/src/app/[locale]/(auth)/settings/security/page.tsx b/apps/web/src/app/[locale]/(auth)/settings/security/page.tsx new file mode 100644 index 0000000..56339c6 --- /dev/null +++ b/apps/web/src/app/[locale]/(auth)/settings/security/page.tsx @@ -0,0 +1,23 @@ +import { Metadata } from 'next'; +import { getTranslations } from 'next-intl/server'; + +import { SecuritySettingsContent } from './security-settings-content'; + +interface SecurityPageProps { + params: { locale: string }; +} + +export async function generateMetadata(): Promise { + const t = await getTranslations('settings'); + + return { + title: `${t('securityTitle')} - ${t('title')}`, + }; +} + +/** + * Security settings page - Server Component + */ +export default function SecuritySettingsPage({ params: { locale } }: SecurityPageProps) { + return ; +} diff --git a/apps/web/src/app/[locale]/(auth)/settings/security/security-settings-content.tsx b/apps/web/src/app/[locale]/(auth)/settings/security/security-settings-content.tsx new file mode 100644 index 0000000..acf1f83 --- /dev/null +++ b/apps/web/src/app/[locale]/(auth)/settings/security/security-settings-content.tsx @@ -0,0 +1,183 @@ +'use client'; + +import { useTranslations } from 'next-intl'; +import Link from 'next/link'; +import { motion } from 'framer-motion'; +import { ArrowLeft, Key, Shield, Smartphone, ExternalLink, AlertTriangle } from 'lucide-react'; + +import { Button } from '@/components/ui/button'; +import { Card, CardContent, CardDescription, CardHeader, CardTitle } from '@/components/ui/card'; +import { Badge } from '@/components/ui/badge'; + +interface SecuritySettingsContentProps { + locale: string; +} + +/** + * Security settings content - Password and 2FA settings + */ +export function SecuritySettingsContent({ locale }: SecuritySettingsContentProps) { + const t = useTranslations('settings'); + + // Keycloak account management URL (would be configured via environment variable) + const keycloakAccountUrl = process.env.NEXT_PUBLIC_KEYCLOAK_ACCOUNT_URL || '#'; + + return ( +
+ {/* Header with back button */} + + + + +
+

{t('securityTitle')}

+

{t('securityDescription')}

+
+ + + {/* Info Banner */} + + + + +
+

Sicherheitseinstellungen werden in Keycloak verwaltet

+

+ Passwortaenderungen und Zwei-Faktor-Authentifizierung werden zentral ueber Keycloak + verwaltet. Klicken Sie auf die Buttons unten, um zur Keycloak-Kontoverwaltung + weitergeleitet zu werden. +

+
+ + + + + {/* Password Section */} + + + +
+
+
+ +
+
+ {t('changePassword')} + Aendern Sie Ihr Kontopasswort +
+
+ Via Keycloak +
+ + +

+ Ihr Passwort wird zentral in Keycloak verwaltet. Ein starkes Passwort sollte + mindestens 12 Zeichen lang sein und Gross- und Kleinbuchstaben, Zahlen sowie + Sonderzeichen enthalten. +

+ + + + + + + {/* Two-Factor Authentication Section */} + + + +
+
+
+ +
+
+ {t('twoFactor')} + Zusaetzliche Sicherheit fuer Ihr Konto +
+
+ Empfohlen +
+ + +

+ Die Zwei-Faktor-Authentifizierung bietet eine zusaetzliche Sicherheitsebene fuer Ihr + Konto. Selbst wenn jemand Ihr Passwort kennt, benoetigt er zusaetzlich Zugriff auf + Ihr Authentifizierungsgeraet. +

+ +
+
+ +
+

Unterstuetzte Methoden:

+
    +
  • Authenticator App (Google Authenticator, Authy, etc.)
    • +
  • WebAuthn / FIDO2 Security Keys
    • +
+
+
+
+ + + + + + + {/* Active Sessions */} + + + + Aktive Sitzungen + Verwalten Sie Ihre aktiven Anmeldesitzungen + + +

+ Sie koennen Ihre aktiven Sitzungen in der Keycloak-Kontoverwaltung einsehen und bei + Bedarf einzelne Sitzungen beenden. +

+ + + + + +
+ ); +} diff --git a/apps/web/src/app/[locale]/(auth)/settings/settings-content.tsx b/apps/web/src/app/[locale]/(auth)/settings/settings-content.tsx new file mode 100644 index 0000000..3c1f110 --- /dev/null +++ b/apps/web/src/app/[locale]/(auth)/settings/settings-content.tsx @@ -0,0 +1,109 @@ +'use client'; + +import { useTranslations } from 'next-intl'; +import Link from 'next/link'; +import { motion } from 'framer-motion'; +import { + User, + Palette, + Bell, + Shield, + ChevronRight, + type LucideIcon, +} from 'lucide-react'; + +import { Card, CardContent, CardDescription, CardHeader, CardTitle } from '@/components/ui/card'; + +interface SettingsLink { + href: string; + icon: LucideIcon; + titleKey: string; + descriptionKey: string; +} + +const settingsLinks: SettingsLink[] = [ + { + href: '/settings/profile', + icon: User, + titleKey: 'profileTitle', + descriptionKey: 'profileDescription', + }, + { + href: '/settings/preferences', + icon: Palette, + titleKey: 'preferencesTitle', + descriptionKey: 'preferencesDescription', + }, + { + href: '/settings/notifications', + icon: Bell, + titleKey: 'notificationsTitle', + descriptionKey: 'notificationsDescription', + }, + { + href: '/settings/security', + icon: Shield, + titleKey: 'securityTitle', + descriptionKey: 'securityDescription', + }, +]; + +interface SettingsContentProps { + locale: string; +} + +/** + * Settings overview page - Shows all settings categories + */ +export function SettingsContent({ locale }: SettingsContentProps) { + const t = useTranslations('settings'); + + return ( +
+ {/* Header */} + +

{t('title')}

+

{t('subtitle')}

+ + + {/* Settings Grid */} +
+ {settingsLinks.map((link, index) => { + const Icon = link.icon; + + return ( + + + + +
+
+
+ +
+
+ {t(link.titleKey)} + {t(link.descriptionKey)} +
+
+ +
+ + + + + ); + })} +
+
+ ); +} diff --git a/apps/web/src/app/[locale]/error.tsx b/apps/web/src/app/[locale]/error.tsx new file mode 100644 index 0000000..dd68ae0 --- /dev/null +++ b/apps/web/src/app/[locale]/error.tsx @@ -0,0 +1,55 @@ +'use client'; + +import { useEffect } from 'react'; +import { useTranslations } from 'next-intl'; +import { motion } from 'framer-motion'; +import { RefreshCw, Home } from 'lucide-react'; +import Link from 'next/link'; + +import { Button } from '@/components/ui/button'; + +interface ErrorPageProps { + error: Error & { digest?: string }; + reset: () => void; +} + +/** + * Error boundary page + * Displays when an unhandled error occurs + */ +export default function ErrorPage({ error, reset }: ErrorPageProps) { + const t = useTranslations('errors'); + + useEffect(() => { + // Log the error to an error reporting service + console.error('Application error:', error); + }, [error]); + + return ( +
+ +

!

+

{t('serverError')}

+

{t('serverErrorDescription')}

+ +
+ + +
+ +
+ ); +} diff --git a/apps/web/src/app/[locale]/layout.tsx b/apps/web/src/app/[locale]/layout.tsx new file mode 100644 index 0000000..e5cd0df --- /dev/null +++ b/apps/web/src/app/[locale]/layout.tsx @@ -0,0 +1,65 @@ +import type { Metadata } from 'next'; +import { Inter } from 'next/font/google'; +import { NextIntlClientProvider } from 'next-intl'; +import { getMessages } from 'next-intl/server'; +import { notFound } from 'next/navigation'; + +import { locales, type Locale } from '@/i18n'; +import { Providers } from '@/components/providers'; +import { Toaster } from '@/components/ui/toaster'; +import '@/styles/globals.css'; + +const inter = Inter({ + subsets: ['latin'], + variable: '--font-inter', +}); + +export const metadata: Metadata = { + title: { + default: 'tOS - Enterprise Operating System', + template: '%s | tOS', + }, + description: 'Enterprise Web Dashboard for managing business operations', + icons: { + icon: '/favicon.ico', + }, +}; + +interface RootLayoutProps { + children: React.ReactNode; + params: { locale: string }; +} + +/** + * Root layout for the application + * Handles locale validation, font loading, and provider setup + */ +export default async function RootLayout({ children, params: { locale } }: RootLayoutProps) { + // Validate that the incoming `locale` parameter is valid + if (!locales.includes(locale as Locale)) { + notFound(); + } + + // Load messages for the current locale + const messages = await getMessages(); + + return ( + + + + + {children} + + + + + + ); +} + +/** + * Generate static params for all supported locales + */ +export function generateStaticParams() { + return locales.map((locale) => ({ locale })); +} diff --git a/apps/web/src/app/[locale]/loading.tsx b/apps/web/src/app/[locale]/loading.tsx new file mode 100644 index 0000000..ae54595 --- /dev/null +++ b/apps/web/src/app/[locale]/loading.tsx @@ -0,0 +1,13 @@ +import { Loader2 } from 'lucide-react'; + +/** + * Loading state component + * Displayed while page content is loading + */ +export default function Loading() { + return ( +
+ +
+ ); +} diff --git a/apps/web/src/app/[locale]/login/page.tsx b/apps/web/src/app/[locale]/login/page.tsx new file mode 100644 index 0000000..a7acd1e --- /dev/null +++ b/apps/web/src/app/[locale]/login/page.tsx @@ -0,0 +1,111 @@ +'use client'; + +import { signIn, useSession } from 'next-auth/react'; +import { useRouter, useSearchParams } from 'next/navigation'; +import { useTranslations } from 'next-intl'; +import { useEffect, useState } from 'react'; +import { motion } from 'framer-motion'; +import { Loader2, KeyRound } from 'lucide-react'; + +import { Button } from '@/components/ui/button'; +import { Card, CardContent, CardDescription, CardHeader, CardTitle } from '@/components/ui/card'; + +interface LoginPageProps { + params: { locale: string }; +} + +/** + * Login page component + * Handles authentication via Keycloak + */ +export default function LoginPage({ params: { locale } }: LoginPageProps) { + const { status } = useSession(); + const router = useRouter(); + const searchParams = useSearchParams(); + const t = useTranslations('auth'); + const [isLoading, setIsLoading] = useState(false); + + const callbackUrl = searchParams.get('callbackUrl') || `/${locale}/dashboard`; + const error = searchParams.get('error'); + + // Redirect if already authenticated + useEffect(() => { + if (status === 'authenticated') { + router.push(callbackUrl); + } + }, [status, router, callbackUrl]); + + const handleLogin = async () => { + setIsLoading(true); + try { + await signIn('keycloak', { callbackUrl }); + } catch { + setIsLoading(false); + } + }; + + // Show loading state while checking session + if (status === 'loading') { + return ( +
+ +
+ ); + } + + return ( +
+ + + + {/* Logo */} +
+ t + OS +
+
+ {t('loginTitle')} + {t('loginSubtitle')} +
+ + + {/* Error message */} + {error && ( + + {error === 'SessionRequired' ? t('sessionExpired') : t('unauthorized')} + + )} + + {/* Login button */} + + + + +
+ ); +} diff --git a/apps/web/src/app/[locale]/not-found.tsx b/apps/web/src/app/[locale]/not-found.tsx new file mode 100644 index 0000000..bf2be78 --- /dev/null +++ b/apps/web/src/app/[locale]/not-found.tsx @@ -0,0 +1,36 @@ +'use client'; + +import Link from 'next/link'; +import { useTranslations } from 'next-intl'; +import { motion } from 'framer-motion'; +import { Home } from 'lucide-react'; + +import { Button } from '@/components/ui/button'; + +/** + * 404 Not Found page + */ +export default function NotFound() { + const t = useTranslations('errors'); + + return ( +
+ +

404

+

{t('notFound')}

+

{t('notFoundDescription')}

+ + +
+ ); +} diff --git a/apps/web/src/app/[locale]/page.tsx b/apps/web/src/app/[locale]/page.tsx new file mode 100644 index 0000000..938d5f1 --- /dev/null +++ b/apps/web/src/app/[locale]/page.tsx @@ -0,0 +1,12 @@ +import { redirect } from 'next/navigation'; + +interface HomePageProps { + params: { locale: string }; +} + +/** + * Home page - redirects to dashboard + */ +export default function HomePage({ params: { locale } }: HomePageProps) { + redirect(`/${locale}/dashboard`); +} diff --git a/apps/web/src/app/api/auth/[...nextauth]/route.ts b/apps/web/src/app/api/auth/[...nextauth]/route.ts new file mode 100644 index 0000000..98affb9 --- /dev/null +++ b/apps/web/src/app/api/auth/[...nextauth]/route.ts @@ -0,0 +1,10 @@ +import NextAuth from 'next-auth'; +import { authOptions } from '@/lib/auth'; + +/** + * NextAuth API route handler + * Handles all authentication requests (signin, signout, callback, etc.) + */ +const handler = NextAuth(authOptions); + +export { handler as GET, handler as POST }; diff --git a/apps/web/src/components/charts/bar-chart.tsx b/apps/web/src/components/charts/bar-chart.tsx new file mode 100644 index 0000000..123df40 --- /dev/null +++ b/apps/web/src/components/charts/bar-chart.tsx @@ -0,0 +1,145 @@ +'use client'; + +import { + BarChart as RechartsBarChart, + Bar, + XAxis, + YAxis, + CartesianGrid, + Tooltip, + ResponsiveContainer, + Legend, +} from 'recharts'; + +import { ChartContainer, ChartEmptyState } from './chart-container'; + +interface BarChartDataPoint { + name: string; + [key: string]: string | number; +} + +interface BarChartSeries { + dataKey: string; + name: string; + color: string; + stackId?: string; +} + +interface BarChartProps { + /** Chart title */ + title: string; + /** Optional description */ + description?: string; + /** Data points to display */ + data: BarChartDataPoint[]; + /** Series configuration */ + series: BarChartSeries[]; + /** Whether data is loading */ + isLoading?: boolean; + /** Chart height */ + height?: number; + /** Whether to show grid lines */ + showGrid?: boolean; + /** Whether to show legend */ + showLegend?: boolean; + /** Whether bars should be stacked */ + stacked?: boolean; + /** Layout direction */ + layout?: 'vertical' | 'horizontal'; + /** Additional CSS classes */ + className?: string; +} + +/** + * Bar Chart component using Recharts + * Supports single or multiple series, stacked bars, and horizontal/vertical layout + */ +export function BarChart({ + title, + description, + data, + series, + isLoading = false, + height = 300, + showGrid = true, + showLegend = true, + stacked = false, + layout = 'horizontal', + className, +}: BarChartProps) { + if (!isLoading && data.length === 0) { + return ( + + + + ); + } + + const isVertical = layout === 'vertical'; + + return ( + + + + {showGrid && ( + + )} + + {isVertical ? ( + <> + + + + ) : ( + <> + + + + )} + + + + {showLegend && } + + {series.map((s) => ( + + ))} + + + + ); +} diff --git a/apps/web/src/components/charts/chart-container.tsx b/apps/web/src/components/charts/chart-container.tsx new file mode 100644 index 0000000..10bd9af --- /dev/null +++ b/apps/web/src/components/charts/chart-container.tsx @@ -0,0 +1,137 @@ +'use client'; + +import { ReactNode } from 'react'; +import { useTranslations } from 'next-intl'; +import { motion } from 'framer-motion'; + +import { cn } from '@/lib/utils'; +import { Card, CardContent, CardDescription, CardHeader, CardTitle } from '@/components/ui/card'; +import { Skeleton } from '@/components/ui/skeleton'; + +interface ChartContainerProps { + /** Chart title */ + title: string; + /** Optional description */ + description?: string; + /** Chart content */ + children: ReactNode; + /** Whether data is loading */ + isLoading?: boolean; + /** Chart height */ + height?: number; + /** Additional CSS classes */ + className?: string; + /** Header action element (e.g., dropdown for time range) */ + headerAction?: ReactNode; +} + +/** + * Responsive container for chart components + * Provides consistent styling and loading states + */ +export function ChartContainer({ + title, + description, + children, + isLoading = false, + height = 300, + className, + headerAction, +}: ChartContainerProps) { + return ( + + + +
+ {title} + {description && {description}} +
+ {headerAction} + + + {isLoading ? ( +
+
+ +
+ + + +
+
+
+ ) : ( +
+ {children} +
+ )} + + + + ); +} + +/** + * Chart legend component + */ +interface ChartLegendProps { + items: Array<{ + name: string; + color: string; + value?: string | number; + }>; + className?: string; +} + +export function ChartLegend({ items, className }: ChartLegendProps) { + return ( +
+ {items.map((item) => ( +
+
+ + {item.name} + {item.value !== undefined && ( + {item.value} + )} + +
+ ))} +
+ ); +} + +/** + * Empty state for charts with no data + */ +export function ChartEmptyState({ message }: { message?: string }) { + const tCommon = useTranslations('common'); + const displayMessage = message ?? tCommon('noData'); + return ( +
+
+ + + +

{displayMessage}

+
+
+ ); +} diff --git a/apps/web/src/components/charts/index.ts b/apps/web/src/components/charts/index.ts new file mode 100644 index 0000000..bd7161e --- /dev/null +++ b/apps/web/src/components/charts/index.ts @@ -0,0 +1,5 @@ +// Charts components barrel export +export { ChartContainer, ChartLegend, ChartEmptyState } from './chart-container'; +export { BarChart } from './bar-chart'; +export { LineChart } from './line-chart'; +export { PieChart } from './pie-chart'; diff --git a/apps/web/src/components/charts/line-chart.tsx b/apps/web/src/components/charts/line-chart.tsx new file mode 100644 index 0000000..347047d --- /dev/null +++ b/apps/web/src/components/charts/line-chart.tsx @@ -0,0 +1,127 @@ +'use client'; + +import { + LineChart as RechartsLineChart, + Line, + XAxis, + YAxis, + CartesianGrid, + Tooltip, + ResponsiveContainer, + Legend, +} from 'recharts'; + +import { ChartContainer, ChartEmptyState } from './chart-container'; + +interface LineChartDataPoint { + name: string; + [key: string]: string | number; +} + +interface LineChartSeries { + dataKey: string; + name: string; + color: string; + strokeWidth?: number; + dot?: boolean; + dashed?: boolean; +} + +interface LineChartProps { + /** Chart title */ + title: string; + /** Optional description */ + description?: string; + /** Data points to display */ + data: LineChartDataPoint[]; + /** Series configuration */ + series: LineChartSeries[]; + /** Whether data is loading */ + isLoading?: boolean; + /** Chart height */ + height?: number; + /** Whether to show grid lines */ + showGrid?: boolean; + /** Whether to show legend */ + showLegend?: boolean; + /** Whether to use curved lines */ + curved?: boolean; + /** Additional CSS classes */ + className?: string; +} + +/** + * Line Chart component using Recharts + * Supports single or multiple series with various styling options + */ +export function LineChart({ + title, + description, + data, + series, + isLoading = false, + height = 300, + showGrid = true, + showLegend = true, + curved = true, + className, +}: LineChartProps) { + if (!isLoading && data.length === 0) { + return ( + + + + ); + } + + return ( + + + + {showGrid && ( + + )} + + + + + + + + {showLegend && } + + {series.map((s) => ( + + ))} + + + + ); +} diff --git a/apps/web/src/components/charts/pie-chart.tsx b/apps/web/src/components/charts/pie-chart.tsx new file mode 100644 index 0000000..0f12a31 --- /dev/null +++ b/apps/web/src/components/charts/pie-chart.tsx @@ -0,0 +1,197 @@ +'use client'; + +import { useState } from 'react'; +import { + PieChart as RechartsPieChart, + Pie, + Cell, + ResponsiveContainer, + Tooltip, + Legend, + Sector, +} from 'recharts'; + +import { ChartContainer, ChartEmptyState } from './chart-container'; + +interface PieChartDataPoint { + name: string; + value: number; + color: string; +} + +interface PieChartProps { + /** Chart title */ + title: string; + /** Optional description */ + description?: string; + /** Data points to display */ + data: PieChartDataPoint[]; + /** Whether data is loading */ + isLoading?: boolean; + /** Chart height */ + height?: number; + /** Whether to show legend */ + showLegend?: boolean; + /** Whether to show as donut chart */ + donut?: boolean; + /** Inner radius for donut chart (percentage) */ + innerRadius?: number; + /** Whether to show labels */ + showLabels?: boolean; + /** Whether to animate on hover */ + activeOnHover?: boolean; + /** Additional CSS classes */ + className?: string; +} + +/** + * Render active sector for hover effect + */ +const renderActiveShape = (props: any) => { + const { + cx, + cy, + innerRadius, + outerRadius, + startAngle, + endAngle, + fill, + payload, + percent, + value, + } = props; + + return ( + + + {payload.name} + + + {value} ({(percent * 100).toFixed(0)}%) + + + + + ); +}; + +/** + * Pie/Donut Chart component using Recharts + * Supports pie and donut variants with hover effects + */ +export function PieChart({ + title, + description, + data, + isLoading = false, + height = 300, + showLegend = true, + donut = false, + innerRadius = 60, + showLabels = false, + activeOnHover = true, + className, +}: PieChartProps) { + const [activeIndex, setActiveIndex] = useState(undefined); + + if (!isLoading && data.length === 0) { + return ( + + + + ); + } + + const onPieEnter = (_: any, index: number) => { + if (activeOnHover) { + setActiveIndex(index); + } + }; + + const onPieLeave = () => { + if (activeOnHover) { + setActiveIndex(undefined); + } + }; + + const total = data.reduce((sum, item) => sum + item.value, 0); + + return ( + + + + 1 ? 2 : 0} + dataKey="value" + onMouseEnter={onPieEnter} + onMouseLeave={onPieLeave} + activeIndex={activeIndex} + activeShape={activeOnHover ? renderActiveShape : undefined} + label={ + showLabels && !activeOnHover + ? ({ name, percent }) => `${name} (${(percent * 100).toFixed(0)}%)` + : false + } + labelLine={showLabels && !activeOnHover} + > + {data.map((entry, index) => ( + + ))} + + + [ + `${value} (${((value / total) * 100).toFixed(1)}%)`, + name, + ]} + /> + + {showLegend && ( + ( + {value} + )} + /> + )} + + + + ); +} diff --git a/apps/web/src/components/dashboard/add-widget-dialog.tsx b/apps/web/src/components/dashboard/add-widget-dialog.tsx new file mode 100644 index 0000000..96cdde3 --- /dev/null +++ b/apps/web/src/components/dashboard/add-widget-dialog.tsx @@ -0,0 +1,183 @@ +'use client'; + +import { useState } from 'react'; +import { useTranslations } from 'next-intl'; +import { motion } from 'framer-motion'; +import { Plus, Search } from 'lucide-react'; + +import { cn } from '@/lib/utils'; +import { + Dialog, + DialogContent, + DialogDescription, + DialogHeader, + DialogTitle, + DialogTrigger, +} from '@/components/ui/dialog'; +import { Button } from '@/components/ui/button'; +import { Input } from '@/components/ui/input'; +import { ScrollArea } from '@/components/ui/scroll-area'; +import { Tabs, TabsContent, TabsList, TabsTrigger } from '@/components/ui/tabs'; +import { + WIDGET_REGISTRY, + WIDGET_CATEGORIES, + getWidgetsByCategory, + type WidgetMeta, + type WidgetCategory, +} from './widget-registry'; + +interface AddWidgetDialogProps { + onAddWidget: (widgetType: string) => void; + existingWidgets?: string[]; + userRoles?: string[]; + trigger?: React.ReactNode; +} + +/** + * Add Widget Dialog - Allows users to add new widgets to their dashboard + */ +export function AddWidgetDialog({ + onAddWidget, + existingWidgets = [], + userRoles = [], + trigger, +}: AddWidgetDialogProps) { + const t = useTranslations('widgets'); + const [open, setOpen] = useState(false); + const [searchQuery, setSearchQuery] = useState(''); + const [selectedCategory, setSelectedCategory] = useState('all'); + + // Filter widgets based on search and category + const getFilteredWidgets = (): WidgetMeta[] => { + let widgets = Object.values(WIDGET_REGISTRY); + + // Filter by category + if (selectedCategory !== 'all') { + widgets = getWidgetsByCategory(selectedCategory); + } + + // Filter by search query + if (searchQuery) { + const query = searchQuery.toLowerCase(); + widgets = widgets.filter( + (widget) => + t(widget.nameKey).toLowerCase().includes(query) || + t(widget.descriptionKey).toLowerCase().includes(query) + ); + } + + // Filter by user roles (if widget has required roles) + widgets = widgets.filter( + (widget) => + widget.requiredRoles.length === 0 || + widget.requiredRoles.some((role) => userRoles.includes(role)) + ); + + return widgets; + }; + + const filteredWidgets = getFilteredWidgets(); + + const handleAddWidget = (widgetType: string) => { + onAddWidget(widgetType); + setOpen(false); + setSearchQuery(''); + }; + + return ( + + + {trigger || ( + + )} + + + + + {t('addWidgetTitle')} + {t('addWidgetDescription')} + + +
+ {/* Search Input */} +
+ + setSearchQuery(e.target.value)} + className="pl-9" + /> +
+ + {/* Category Tabs */} + setSelectedCategory(value as WidgetCategory | 'all')} + > + + {t('categories.all')} + {WIDGET_CATEGORIES.map((category) => ( + + {t(category.labelKey)} + + ))} + + + {/* Widget Grid */} + + + {filteredWidgets.length === 0 ? ( +
+ {t('noWidgetsFound')} +
+ ) : ( +
+ {filteredWidgets.map((widget, index) => { + const Icon = widget.icon; + const isAlreadyAdded = existingWidgets.includes(widget.type); + + return ( + handleAddWidget(widget.type)} + disabled={isAlreadyAdded} + className={cn( + 'flex items-start gap-3 rounded-lg border p-4 text-left transition-colors', + 'hover:bg-accent hover:border-accent-foreground/20', + 'focus:outline-none focus:ring-2 focus:ring-ring', + isAlreadyAdded && 'cursor-not-allowed opacity-50' + )} + > +
+ +
+ +
+

{t(widget.nameKey)}

+

+ {t(widget.descriptionKey)} +

+ {isAlreadyAdded && ( +

{t('alreadyAdded')}

+ )} +
+ + ); + })} +
+ )} + + + +
+ + + ); +} diff --git a/apps/web/src/components/dashboard/index.ts b/apps/web/src/components/dashboard/index.ts new file mode 100644 index 0000000..6e3782e --- /dev/null +++ b/apps/web/src/components/dashboard/index.ts @@ -0,0 +1,19 @@ +// Dashboard Components barrel export +export { WidgetContainer, type WidgetContainerProps } from './widget-container'; +export { WidgetGrid, WidgetGridEmpty, type WidgetItem, type WidgetGridProps } from './widget-grid'; +export { + WIDGET_REGISTRY, + WIDGET_SIZE_MAP, + WIDGET_CATEGORIES, + getWidgetMeta, + getWidgetsByCategory, + getAvailableWidgets, + hasWidgetAccess, + type WidgetMeta, + type WidgetSize, + type WidgetCategory, +} from './widget-registry'; +export { AddWidgetDialog } from './add-widget-dialog'; + +// Widget components +export * from './widgets'; diff --git a/apps/web/src/components/dashboard/widget-container.tsx b/apps/web/src/components/dashboard/widget-container.tsx new file mode 100644 index 0000000..bcaf167 --- /dev/null +++ b/apps/web/src/components/dashboard/widget-container.tsx @@ -0,0 +1,164 @@ +'use client'; + +import { ReactNode, forwardRef } from 'react'; +import { useSortable } from '@dnd-kit/sortable'; +import { CSS } from '@dnd-kit/utilities'; +import { motion } from 'framer-motion'; +import { GripVertical, X, Settings } from 'lucide-react'; +import { useTranslations } from 'next-intl'; + +import { cn } from '@/lib/utils'; +import { Card, CardContent, CardHeader, CardTitle } from '@/components/ui/card'; +import { Button } from '@/components/ui/button'; +import { Tooltip, TooltipContent, TooltipTrigger } from '@/components/ui/tooltip'; + +export interface WidgetContainerProps { + /** Unique widget ID */ + id: string; + /** Widget title */ + title: string; + /** Optional icon */ + icon?: ReactNode; + /** Widget content */ + children: ReactNode; + /** Whether the widget is being edited (showing controls) */ + isEditing?: boolean; + /** Callback when remove button is clicked */ + onRemove?: () => void; + /** Callback when settings button is clicked */ + onSettings?: () => void; + /** Additional CSS classes */ + className?: string; + /** Whether to show the header */ + showHeader?: boolean; + /** Grid column span */ + colSpan?: number; + /** Grid row span */ + rowSpan?: number; +} + +/** + * Widget Container - Wrapper component for dashboard widgets + * Provides drag handle, remove/settings buttons, and consistent styling + */ +export const WidgetContainer = forwardRef( + function WidgetContainer( + { + id, + title, + icon, + children, + isEditing = false, + onRemove, + onSettings, + className, + showHeader = true, + colSpan = 1, + rowSpan = 1, + }, + ref + ) { + const t = useTranslations('widgets'); + + const { + attributes, + listeners, + setNodeRef, + transform, + transition, + isDragging, + } = useSortable({ id, disabled: !isEditing }); + + const style = { + transform: CSS.Transform.toString(transform), + transition, + gridColumn: `span ${colSpan}`, + gridRow: `span ${rowSpan}`, + }; + + return ( + + + {showHeader && ( + +
+ {/* Drag Handle - only visible in edit mode */} + {isEditing && ( + + )} + + {/* Title with optional icon */} + + {icon} + {title} + +
+ + {/* Action buttons - only visible in edit mode */} + {isEditing && ( +
+ {onSettings && ( + + + + + {t('settings')} + + )} + + {onRemove && ( + + + + + {t('remove')} + + )} +
+ )} + + )} + + {children} + + + ); + } +); diff --git a/apps/web/src/components/dashboard/widget-grid.tsx b/apps/web/src/components/dashboard/widget-grid.tsx new file mode 100644 index 0000000..933523a --- /dev/null +++ b/apps/web/src/components/dashboard/widget-grid.tsx @@ -0,0 +1,207 @@ +'use client'; + +import { ReactNode, useState, useCallback } from 'react'; +import { + DndContext, + closestCenter, + KeyboardSensor, + PointerSensor, + useSensor, + useSensors, + DragEndEvent, + DragStartEvent, + DragOverlay, +} from '@dnd-kit/core'; +import { + arrayMove, + SortableContext, + sortableKeyboardCoordinates, + rectSortingStrategy, +} from '@dnd-kit/sortable'; +import { motion, AnimatePresence } from 'framer-motion'; +import { useTranslations } from 'next-intl'; + +import { cn } from '@/lib/utils'; + +export interface WidgetItem { + id: string; + type: string; + colSpan?: number; + rowSpan?: number; + settings?: Record; +} + +export interface WidgetGridProps { + /** Array of widget items to render */ + widgets: WidgetItem[]; + /** Callback when widget order changes */ + onWidgetsChange: (widgets: WidgetItem[]) => void; + /** Whether the grid is in edit mode */ + isEditing?: boolean; + /** Function to render a widget by its item */ + renderWidget: (item: WidgetItem, isEditing: boolean) => ReactNode; + /** Additional CSS classes */ + className?: string; + /** Number of grid columns */ + columns?: number; +} + +/** + * Widget Grid - Drag and drop grid layout for dashboard widgets + * Uses dnd-kit for drag and drop functionality + */ +export function WidgetGrid({ + widgets, + onWidgetsChange, + isEditing = false, + renderWidget, + className, + columns = 4, +}: WidgetGridProps) { + const [activeId, setActiveId] = useState(null); + + const sensors = useSensors( + useSensor(PointerSensor, { + activationConstraint: { + distance: 8, // Prevent accidental drags + }, + }), + useSensor(KeyboardSensor, { + coordinateGetter: sortableKeyboardCoordinates, + }) + ); + + const handleDragStart = useCallback((event: DragStartEvent) => { + setActiveId(event.active.id as string); + }, []); + + const handleDragEnd = useCallback( + (event: DragEndEvent) => { + const { active, over } = event; + + if (over && active.id !== over.id) { + const oldIndex = widgets.findIndex((w) => w.id === active.id); + const newIndex = widgets.findIndex((w) => w.id === over.id); + + const newWidgets = arrayMove(widgets, oldIndex, newIndex); + onWidgetsChange(newWidgets); + } + + setActiveId(null); + }, + [widgets, onWidgetsChange] + ); + + const handleDragCancel = useCallback(() => { + setActiveId(null); + }, []); + + const activeWidget = activeId ? widgets.find((w) => w.id === activeId) : null; + + return ( + + w.id)} strategy={rectSortingStrategy}> + + + {widgets.map((item) => ( + + {renderWidget(item, isEditing)} + + ))} + + + + + {/* Drag overlay for visual feedback */} + + {activeWidget ? ( +
{renderWidget(activeWidget, false)}
+ ) : null} + + + ); +} + +/** + * Empty state component for when no widgets are added + */ +export function WidgetGridEmpty({ onAddWidget }: { onAddWidget?: () => void }) { + const t = useTranslations('widgets'); + + return ( + +
+
+ + + +
+ +

{t('noWidgets')}

+

+ {t('noWidgetsDescription')} +

+ + {onAddWidget && ( + + )} +
+ + ); +} diff --git a/apps/web/src/components/dashboard/widget-registry.ts b/apps/web/src/components/dashboard/widget-registry.ts new file mode 100644 index 0000000..ac8fbfa --- /dev/null +++ b/apps/web/src/components/dashboard/widget-registry.ts @@ -0,0 +1,279 @@ +/** + * Widget Registry - Central registry for all available widget types + * + * Each widget type has a unique key and metadata for rendering and configuration + */ + +import { + Clock, + User, + Zap, + BarChart3, + Calendar, + Activity, + Bell, + CheckSquare, + ShoppingCart, + MessageSquare, + Headphones, + Cloud, + FileText, + ClipboardCheck, +} from 'lucide-react'; +import type { ComponentType } from 'react'; + +/** Widget size presets */ +export type WidgetSize = 'small' | 'medium' | 'large' | 'wide' | 'tall'; + +/** Widget category for grouping in the add widget dialog */ +export type WidgetCategory = 'general' | 'productivity' | 'analytics' | 'communication' | 'integrations'; + +/** Widget metadata definition */ +export interface WidgetMeta { + /** Unique identifier for the widget type */ + type: string; + /** Display name (translation key) */ + nameKey: string; + /** Description (translation key) */ + descriptionKey: string; + /** Icon component */ + icon: ComponentType<{ className?: string }>; + /** Category for grouping */ + category: WidgetCategory; + /** Default size */ + defaultSize: WidgetSize; + /** Minimum grid columns the widget needs */ + minCols: number; + /** Minimum grid rows the widget needs */ + minRows: number; + /** Whether the widget can be resized */ + resizable: boolean; + /** Required roles to use this widget (empty = all roles) */ + requiredRoles: string[]; +} + +/** Predefined widget sizes in grid units */ +export const WIDGET_SIZE_MAP: Record = { + small: { cols: 1, rows: 1 }, + medium: { cols: 1, rows: 2 }, + large: { cols: 2, rows: 2 }, + wide: { cols: 2, rows: 1 }, + tall: { cols: 1, rows: 3 }, +}; + +/** Registry of all available widgets */ +export const WIDGET_REGISTRY: Record = { + clock: { + type: 'clock', + nameKey: 'widgets.clock.name', + descriptionKey: 'widgets.clock.description', + icon: Clock, + category: 'general', + defaultSize: 'small', + minCols: 1, + minRows: 1, + resizable: true, + requiredRoles: [], + }, + welcome: { + type: 'welcome', + nameKey: 'widgets.welcome.name', + descriptionKey: 'widgets.welcome.description', + icon: User, + category: 'general', + defaultSize: 'wide', + minCols: 2, + minRows: 1, + resizable: false, + requiredRoles: [], + }, + quickActions: { + type: 'quickActions', + nameKey: 'widgets.quickActions.name', + descriptionKey: 'widgets.quickActions.description', + icon: Zap, + category: 'productivity', + defaultSize: 'medium', + minCols: 1, + minRows: 2, + resizable: true, + requiredRoles: [], + }, + stats: { + type: 'stats', + nameKey: 'widgets.stats.name', + descriptionKey: 'widgets.stats.description', + icon: BarChart3, + category: 'analytics', + defaultSize: 'small', + minCols: 1, + minRows: 1, + resizable: true, + requiredRoles: [], + }, + calendar: { + type: 'calendar', + nameKey: 'widgets.calendar.name', + descriptionKey: 'widgets.calendar.description', + icon: Calendar, + category: 'productivity', + defaultSize: 'medium', + minCols: 1, + minRows: 2, + resizable: true, + requiredRoles: [], + }, + activity: { + type: 'activity', + nameKey: 'widgets.activity.name', + descriptionKey: 'widgets.activity.description', + icon: Activity, + category: 'general', + defaultSize: 'large', + minCols: 2, + minRows: 2, + resizable: true, + requiredRoles: [], + }, + notifications: { + type: 'notifications', + nameKey: 'widgets.notifications.name', + descriptionKey: 'widgets.notifications.description', + icon: Bell, + category: 'communication', + defaultSize: 'medium', + minCols: 1, + minRows: 2, + resizable: true, + requiredRoles: [], + }, + tasks: { + type: 'tasks', + nameKey: 'widgets.tasks.name', + descriptionKey: 'widgets.tasks.description', + icon: CheckSquare, + category: 'productivity', + defaultSize: 'medium', + minCols: 1, + minRows: 2, + resizable: true, + requiredRoles: [], + }, + // Integration Widgets + orders: { + type: 'orders', + nameKey: 'widgets.orders.name', + descriptionKey: 'widgets.orders.description', + icon: ShoppingCart, + category: 'integrations', + defaultSize: 'medium', + minCols: 1, + minRows: 2, + resizable: true, + requiredRoles: ['manager', 'admin'], + }, + chat: { + type: 'chat', + nameKey: 'widgets.chat.name', + descriptionKey: 'widgets.chat.description', + icon: MessageSquare, + category: 'integrations', + defaultSize: 'medium', + minCols: 1, + minRows: 2, + resizable: true, + requiredRoles: [], + }, + todoistTasks: { + type: 'todoistTasks', + nameKey: 'widgets.todoistTasks.name', + descriptionKey: 'widgets.todoistTasks.description', + icon: CheckSquare, + category: 'integrations', + defaultSize: 'medium', + minCols: 1, + minRows: 2, + resizable: true, + requiredRoles: [], + }, + tickets: { + type: 'tickets', + nameKey: 'widgets.tickets.name', + descriptionKey: 'widgets.tickets.description', + icon: Headphones, + category: 'integrations', + defaultSize: 'medium', + minCols: 1, + minRows: 2, + resizable: true, + requiredRoles: ['manager', 'admin'], + }, + files: { + type: 'files', + nameKey: 'widgets.files.name', + descriptionKey: 'widgets.files.description', + icon: Cloud, + category: 'integrations', + defaultSize: 'medium', + minCols: 1, + minRows: 2, + resizable: true, + requiredRoles: [], + }, + documents: { + type: 'documents', + nameKey: 'widgets.documents.name', + descriptionKey: 'widgets.documents.description', + icon: FileText, + category: 'integrations', + defaultSize: 'large', + minCols: 2, + minRows: 2, + resizable: true, + requiredRoles: [], + }, + gembadocs: { + type: 'gembadocs', + nameKey: 'widgets.gembadocs.name', + descriptionKey: 'widgets.gembadocs.description', + icon: ClipboardCheck, + category: 'integrations', + defaultSize: 'large', + minCols: 2, + minRows: 2, + resizable: true, + requiredRoles: ['manager', 'admin'], + }, +} as const; + +/** Get all widgets by category */ +export function getWidgetsByCategory(category: WidgetCategory): WidgetMeta[] { + return Object.values(WIDGET_REGISTRY).filter((widget) => widget.category === category); +} + +/** Get a widget by type */ +export function getWidgetMeta(type: string): WidgetMeta | undefined { + return WIDGET_REGISTRY[type]; +} + +/** Check if user has access to a widget based on roles */ +export function hasWidgetAccess(widgetType: string, userRoles: string[]): boolean { + const widget = WIDGET_REGISTRY[widgetType]; + if (!widget) return false; + if (widget.requiredRoles.length === 0) return true; + return widget.requiredRoles.some((role) => userRoles.includes(role)); +} + +/** Get available widgets for a user based on their roles */ +export function getAvailableWidgets(userRoles: string[]): WidgetMeta[] { + return Object.values(WIDGET_REGISTRY).filter((widget) => hasWidgetAccess(widget.type, userRoles)); +} + +/** Widget categories with translations */ +export const WIDGET_CATEGORIES: { key: WidgetCategory; labelKey: string }[] = [ + { key: 'general', labelKey: 'widgets.categories.general' }, + { key: 'productivity', labelKey: 'widgets.categories.productivity' }, + { key: 'analytics', labelKey: 'widgets.categories.analytics' }, + { key: 'communication', labelKey: 'widgets.categories.communication' }, + { key: 'integrations', labelKey: 'widgets.categories.integrations' }, +]; diff --git a/apps/web/src/components/dashboard/widgets/activity-widget.tsx b/apps/web/src/components/dashboard/widgets/activity-widget.tsx new file mode 100644 index 0000000..b10f05d --- /dev/null +++ b/apps/web/src/components/dashboard/widgets/activity-widget.tsx @@ -0,0 +1,213 @@ +'use client'; + +import { useTranslations } from 'next-intl'; +import { formatDistanceToNow } from 'date-fns'; +import { de, enUS } from 'date-fns/locale'; +import { motion } from 'framer-motion'; +import { Activity, User, FileText, CheckCircle, AlertCircle, type LucideIcon } from 'lucide-react'; + +import { cn } from '@/lib/utils'; +import { Avatar, AvatarFallback, AvatarImage } from '@/components/ui/avatar'; +import { Skeleton } from '@/components/ui/skeleton'; +import { ScrollArea } from '@/components/ui/scroll-area'; +import { WidgetContainer } from '../widget-container'; + +export type ActivityType = 'user' | 'document' | 'task' | 'alert' | 'system'; + +export interface ActivityItem { + id: string; + type: ActivityType; + title: string; + description?: string; + timestamp: Date; + user?: { + name: string; + image?: string; + }; + icon?: LucideIcon; + iconColor?: string; +} + +interface ActivityWidgetProps { + id: string; + activities?: ActivityItem[]; + isLoading?: boolean; + isEditing?: boolean; + onRemove?: () => void; + locale?: string; + maxItems?: number; + className?: string; +} + +/** + * Get icon for activity type + */ +function getActivityIcon(type: ActivityType): LucideIcon { + switch (type) { + case 'user': + return User; + case 'document': + return FileText; + case 'task': + return CheckCircle; + case 'alert': + return AlertCircle; + default: + return Activity; + } +} + +/** + * Get color for activity type + */ +function getActivityColor(type: ActivityType): string { + switch (type) { + case 'user': + return 'text-blue-500'; + case 'document': + return 'text-purple-500'; + case 'task': + return 'text-green-500'; + case 'alert': + return 'text-red-500'; + default: + return 'text-muted-foreground'; + } +} + +// Sample activities for demonstration +const SAMPLE_ACTIVITIES: ActivityItem[] = [ + { + id: '1', + type: 'task', + title: '3S-Audit abgeschlossen', + description: 'Abteilung Lager - Status: Bestanden', + timestamp: new Date(Date.now() - 2 * 60 * 60 * 1000), // 2 hours ago + user: { name: 'Anna Mueller' }, + }, + { + id: '2', + type: 'user', + title: 'Neuer Mitarbeiter', + description: 'Max Mustermann wurde dem Team hinzugefuegt', + timestamp: new Date(Date.now() - 5 * 60 * 60 * 1000), // 5 hours ago + user: { name: 'HR System' }, + }, + { + id: '3', + type: 'document', + title: 'Urlaubsantrag genehmigt', + description: 'Ihr Antrag fuer 15.-19. Januar wurde genehmigt', + timestamp: new Date(Date.now() - 24 * 60 * 60 * 1000), // Yesterday + user: { name: 'Maria Schmidt' }, + }, + { + id: '4', + type: 'alert', + title: 'Systemwartung geplant', + description: 'Am Samstag von 02:00 - 04:00 Uhr', + timestamp: new Date(Date.now() - 48 * 60 * 60 * 1000), // 2 days ago + }, +]; + +/** + * Activity Widget - Displays recent activities/events + */ +export function ActivityWidget({ + id, + activities = SAMPLE_ACTIVITIES, + isLoading = false, + isEditing = false, + onRemove, + locale = 'de', + maxItems = 5, + className, +}: ActivityWidgetProps) { + const t = useTranslations('widgets.activity'); + const dateLocale = locale === 'de' ? de : enUS; + + const displayedActivities = activities.slice(0, maxItems); + + return ( + } + isEditing={isEditing} + onRemove={onRemove} + className={className} + colSpan={2} + > + + {isLoading ? ( +
+ {Array.from({ length: 4 }).map((_, i) => ( +
+ +
+ + +
+
+ ))} +
+ ) : displayedActivities.length === 0 ? ( +
+ {t('noActivity')} +
+ ) : ( +
+ {displayedActivities.map((activity, index) => { + const Icon = activity.icon || getActivityIcon(activity.type); + const iconColor = activity.iconColor || getActivityColor(activity.type); + + return ( + + {/* Icon or Avatar */} +
+ {activity.user ? ( + + + + {activity.user.name + .split(' ') + .map((n) => n[0]) + .join('') + .toUpperCase()} + + + ) : ( +
+ +
+ )} +
+ + {/* Content */} +
+

{activity.title}

+ {activity.description && ( +

{activity.description}

+ )} +

+ {formatDistanceToNow(activity.timestamp, { + addSuffix: true, + locale: dateLocale, + })} +

+
+ + ); + })} +
+ )} + + + ); +} diff --git a/apps/web/src/components/dashboard/widgets/calendar-widget.tsx b/apps/web/src/components/dashboard/widgets/calendar-widget.tsx new file mode 100644 index 0000000..89f8e44 --- /dev/null +++ b/apps/web/src/components/dashboard/widgets/calendar-widget.tsx @@ -0,0 +1,194 @@ +'use client'; + +import { useState } from 'react'; +import { useTranslations } from 'next-intl'; +import { format, startOfMonth, endOfMonth, eachDayOfInterval, isSameMonth, isToday, isSameDay, addMonths, subMonths } from 'date-fns'; +import { de, enUS } from 'date-fns/locale'; +import { Calendar as CalendarIcon, ChevronLeft, ChevronRight } from 'lucide-react'; +import { motion, AnimatePresence } from 'framer-motion'; + +import { cn } from '@/lib/utils'; +import { Button } from '@/components/ui/button'; +import { WidgetContainer } from '../widget-container'; + +interface CalendarEvent { + id: string; + title: string; + date: Date; + color?: string; +} + +interface CalendarWidgetProps { + id: string; + isEditing?: boolean; + onRemove?: () => void; + events?: CalendarEvent[]; + locale?: string; + className?: string; +} + +/** + * Calendar Widget - Mini calendar with event indicators + */ +export function CalendarWidget({ + id, + isEditing = false, + onRemove, + events = [], + locale = 'de', + className, +}: CalendarWidgetProps) { + const t = useTranslations('widgets.calendar'); + const [currentDate, setCurrentDate] = useState(new Date()); + const [selectedDate, setSelectedDate] = useState(null); + + const dateLocale = locale === 'de' ? de : enUS; + + const monthStart = startOfMonth(currentDate); + const monthEnd = endOfMonth(currentDate); + const days = eachDayOfInterval({ start: monthStart, end: monthEnd }); + + // Get day names for header + const dayNames = locale === 'de' + ? ['Mo', 'Di', 'Mi', 'Do', 'Fr', 'Sa', 'So'] + : ['Su', 'Mo', 'Tu', 'We', 'Th', 'Fr', 'Sa']; + + // Calculate padding days for alignment (week starts on Monday for German locale) + const firstDayOffset = locale === 'de' + ? (monthStart.getDay() + 6) % 7 + : monthStart.getDay(); + + const paddingDays = Array.from({ length: firstDayOffset }, (_, i) => i); + + // Check if a day has events + const getDayEvents = (date: Date) => events.filter((event) => isSameDay(event.date, date)); + + const handlePrevMonth = () => setCurrentDate(subMonths(currentDate, 1)); + const handleNextMonth = () => setCurrentDate(addMonths(currentDate, 1)); + + return ( + } + isEditing={isEditing} + onRemove={onRemove} + className={className} + > +
+ {/* Month Navigation */} +
+ + + + + {format(currentDate, 'MMMM yyyy', { locale: dateLocale })} + + + + +
+ + {/* Day Names Header */} +
+ {dayNames.map((day) => ( +
+ {day} +
+ ))} +
+ + {/* Calendar Grid */} +
+ {/* Padding for first week alignment */} + {paddingDays.map((i) => ( +
+ ))} + + {/* Actual days */} + {days.map((day) => { + const dayEvents = getDayEvents(day); + const hasEvents = dayEvents.length > 0; + const isSelected = selectedDate && isSameDay(day, selectedDate); + + return ( + + ); + })} +
+ + {/* Selected date events */} + {selectedDate && getDayEvents(selectedDate).length > 0 && ( + +

+ {format(selectedDate, 'd. MMMM', { locale: dateLocale })} +

+
+ {getDayEvents(selectedDate).slice(0, 3).map((event) => ( +
+ + {event.title} +
+ ))} +
+ + )} +
+ + ); +} diff --git a/apps/web/src/components/dashboard/widgets/clock-widget.tsx b/apps/web/src/components/dashboard/widgets/clock-widget.tsx new file mode 100644 index 0000000..fcb8054 --- /dev/null +++ b/apps/web/src/components/dashboard/widgets/clock-widget.tsx @@ -0,0 +1,105 @@ +'use client'; + +import { useState, useEffect } from 'react'; +import { useTranslations } from 'next-intl'; +import { format } from 'date-fns'; +import { de, enUS } from 'date-fns/locale'; +import { Clock } from 'lucide-react'; + +import { cn } from '@/lib/utils'; +import { WidgetContainer } from '../widget-container'; + +interface ClockWidgetProps { + id: string; + isEditing?: boolean; + onRemove?: () => void; + locale?: string; + className?: string; +} + +/** + * Clock Widget - Displays current time and date + * Updates every second for real-time display + */ +export function ClockWidget({ + id, + isEditing = false, + onRemove, + locale = 'de', + className, +}: ClockWidgetProps) { + const t = useTranslations('widgets.clock'); + const [now, setNow] = useState(null); + const [mounted, setMounted] = useState(false); + + // Initialize time only on client + useEffect(() => { + setMounted(true); + setNow(new Date()); + }, []); + + // Update time every second + useEffect(() => { + if (!mounted) return; + + const interval = setInterval(() => { + setNow(new Date()); + }, 1000); + + return () => clearInterval(interval); + }, [mounted]); + + const dateLocale = locale === 'de' ? de : enUS; + + // Show placeholder during server render and initial client mount + if (!mounted || !now) { + return ( + } + isEditing={isEditing} + onRemove={onRemove} + className={className} + > +
+
+ --:--:-- +
+

Loading...

+
+ + ); + } + + const timeString = format(now, 'HH:mm:ss'); + const dateString = format(now, 'EEEE, d. MMMM yyyy', { locale: dateLocale }); + + return ( + } + isEditing={isEditing} + onRemove={onRemove} + className={className} + > +
+
+ {timeString} +
+

{dateString}

+
+ + ); +} diff --git a/apps/web/src/components/dashboard/widgets/index.ts b/apps/web/src/components/dashboard/widgets/index.ts new file mode 100644 index 0000000..0d8c9d0 --- /dev/null +++ b/apps/web/src/components/dashboard/widgets/index.ts @@ -0,0 +1,18 @@ +// Dashboard Widgets barrel export +export { ClockWidget } from './clock-widget'; +export { WelcomeWidget } from './welcome-widget'; +export { QuickActionsWidget } from './quick-actions-widget'; +export { StatsWidget, StatsGridWidget, type StatConfig, type TrendDirection } from './stats-widget'; +export { CalendarWidget } from './calendar-widget'; +export { ActivityWidget, type ActivityItem, type ActivityType } from './activity-widget'; + +// Integration Widgets +export { + OrdersWidget, + ChatWidget, + TasksWidget, + TicketsWidget, + FilesWidget, + DocumentsWidget, + GembaDocsWidget, +} from './integrations'; diff --git a/apps/web/src/components/dashboard/widgets/integrations/chat-widget.tsx b/apps/web/src/components/dashboard/widgets/integrations/chat-widget.tsx new file mode 100644 index 0000000..cedd05d --- /dev/null +++ b/apps/web/src/components/dashboard/widgets/integrations/chat-widget.tsx @@ -0,0 +1,211 @@ +'use client'; + +import { useState } from 'react'; +import { useTranslations } from 'next-intl'; +import { formatDistanceToNow } from 'date-fns'; +import { de, enUS } from 'date-fns/locale'; +import { motion } from 'framer-motion'; +import Link from 'next/link'; +import { MessageSquare, Send, Hash, Circle } from 'lucide-react'; + +import { cn } from '@/lib/utils'; +import { Badge } from '@/components/ui/badge'; +import { Button } from '@/components/ui/button'; +import { Input } from '@/components/ui/input'; +import { Skeleton } from '@/components/ui/skeleton'; +import { ScrollArea } from '@/components/ui/scroll-area'; +import { Avatar, AvatarFallback } from '@/components/ui/avatar'; +import { WidgetContainer } from '../../widget-container'; +import { useMessages, useUnreadCounts, useSendMessage } from '@/hooks/integrations'; + +interface ChatWidgetProps { + id: string; + isEditing?: boolean; + onRemove?: () => void; + locale?: string; + maxItems?: number; + className?: string; +} + +/** + * Chat Widget - Displays recent ZULIP messages with quick reply + */ +export function ChatWidget({ + id, + isEditing = false, + onRemove, + locale = 'de', + maxItems = 5, + className, +}: ChatWidgetProps) { + const t = useTranslations('widgets.chat'); + const { data: messages, isLoading: messagesLoading } = useMessages(); + const { data: unreadCounts } = useUnreadCounts(); + const sendMessage = useSendMessage(); + const [replyTo, setReplyTo] = useState(null); + const [replyText, setReplyText] = useState(''); + const dateLocale = locale === 'de' ? de : enUS; + + const displayedMessages = messages?.slice(0, maxItems) ?? []; + const totalUnread = unreadCounts?.reduce((sum, c) => sum + c.count, 0) ?? 0; + + const handleReply = async () => { + if (!replyText.trim() || !replyTo) return; + + const message = messages?.find((m) => m.id === replyTo); + if (!message) return; + + await sendMessage.mutateAsync({ + streamId: message.streamId, + topic: message.topic, + content: replyText, + }); + + setReplyText(''); + setReplyTo(null); + }; + + return ( + + + {totalUnread > 0 && ( + + {totalUnread > 9 ? '9+' : totalUnread} + + )} +
+ } + isEditing={isEditing} + onRemove={onRemove} + className={className} + > + + {messagesLoading ? ( +
+ {Array.from({ length: 4 }).map((_, i) => ( +
+ +
+ + +
+
+ ))} +
+ ) : displayedMessages.length > 0 ? ( +
+ {displayedMessages.map((message, index) => ( + +
+ + + {message.senderName + .split(' ') + .map((n) => n[0]) + .join('') + .toUpperCase()} + + +
+
+ + {message.senderName} + + {!message.isRead && ( + + )} +
+
+ + {message.streamName} + - + {message.topic} +
+

{message.content}

+
+ + {formatDistanceToNow(message.timestamp, { + addSuffix: true, + locale: dateLocale, + })} + + +
+
+
+ + ))} +
+ ) : ( +
+ {t('noMessages')} +
+ )} + + + {/* Quick Reply */} + {replyTo && ( + + setReplyText(e.target.value)} + placeholder={t('replyPlaceholder')} + className="h-8 text-sm" + onKeyDown={(e) => { + if (e.key === 'Enter' && !e.shiftKey) { + e.preventDefault(); + handleReply(); + } + }} + /> + + + )} + + {/* Footer link */} +
+ +
+ + ); +} diff --git a/apps/web/src/components/dashboard/widgets/integrations/documents-widget.tsx b/apps/web/src/components/dashboard/widgets/integrations/documents-widget.tsx new file mode 100644 index 0000000..7b4ae39 --- /dev/null +++ b/apps/web/src/components/dashboard/widgets/integrations/documents-widget.tsx @@ -0,0 +1,211 @@ +'use client'; + +import { useState } from 'react'; +import { useTranslations } from 'next-intl'; +import { formatDistanceToNow } from 'date-fns'; +import { de, enUS } from 'date-fns/locale'; +import { motion } from 'framer-motion'; +import Link from 'next/link'; +import { FileText, Search, Download, Tag, ExternalLink, X } from 'lucide-react'; + +import { cn } from '@/lib/utils'; +import { Badge } from '@/components/ui/badge'; +import { Button } from '@/components/ui/button'; +import { Input } from '@/components/ui/input'; +import { Skeleton } from '@/components/ui/skeleton'; +import { ScrollArea } from '@/components/ui/scroll-area'; +import { Tooltip, TooltipContent, TooltipTrigger } from '@/components/ui/tooltip'; +import { WidgetContainer } from '../../widget-container'; +import { useDocuments, useClassifications, formatDocumentSize } from '@/hooks/integrations'; + +interface DocumentsWidgetProps { + id: string; + isEditing?: boolean; + onRemove?: () => void; + locale?: string; + maxItems?: number; + className?: string; +} + +/** + * Documents Widget - Displays recent ecoDMS documents with search + */ +export function DocumentsWidget({ + id, + isEditing = false, + onRemove, + locale = 'de', + maxItems = 5, + className, +}: DocumentsWidgetProps) { + const t = useTranslations('widgets.documents'); + const [searchQuery, setSearchQuery] = useState(''); + const [selectedClassification, setSelectedClassification] = useState(null); + + const { data: documents, isLoading } = useDocuments({ + search: searchQuery || undefined, + classification: selectedClassification || undefined, + limit: maxItems, + }); + const { data: classifications } = useClassifications(); + const dateLocale = locale === 'de' ? de : enUS; + + const handleClearFilters = () => { + setSearchQuery(''); + setSelectedClassification(null); + }; + + const hasFilters = searchQuery || selectedClassification; + + return ( + } + isEditing={isEditing} + onRemove={onRemove} + className={className} + colSpan={2} + > + {/* Search and Filter */} +
+
+ + setSearchQuery(e.target.value)} + placeholder={t('searchPlaceholder')} + className="h-8 pl-8 text-sm" + /> + {hasFilters && ( + + )} +
+ + {/* Classification Tags */} + {classifications && classifications.length > 0 && ( +
+ {classifications.slice(0, 5).map((classification) => ( + + setSelectedClassification( + selectedClassification === classification.name ? null : classification.name + ) + } + > + + {classification.name} + + ))} +
+ )} +
+ + + {isLoading ? ( +
+ {Array.from({ length: 3 }).map((_, i) => ( +
+ +
+ + +
+
+ ))} +
+ ) : documents && documents.length > 0 ? ( +
+ {documents.map((doc, index) => ( + +
+ +
+ +
+

{doc.title}

+
+ + {doc.classification} + + {formatDocumentSize(doc.fileSize)} +
+
+ {doc.tags.slice(0, 3).map((tag) => ( + + {tag} + + ))} + {doc.tags.length > 3 && ( + + +{doc.tags.length - 3} + + )} +
+

+ {doc.createdBy} -{' '} + {formatDistanceToNow(doc.createdAt, { + addSuffix: true, + locale: dateLocale, + })} +

+
+ + {doc.downloadUrl && ( + + + + + {t('download')} + + )} + + ))} +
+ ) : ( +
+ {searchQuery || selectedClassification ? t('noResults') : t('noDocuments')} +
+ )} + + + {/* Footer link */} +
+ +
+ + ); +} diff --git a/apps/web/src/components/dashboard/widgets/integrations/files-widget.tsx b/apps/web/src/components/dashboard/widgets/integrations/files-widget.tsx new file mode 100644 index 0000000..5d1e1d4 --- /dev/null +++ b/apps/web/src/components/dashboard/widgets/integrations/files-widget.tsx @@ -0,0 +1,181 @@ +'use client'; + +import { useTranslations } from 'next-intl'; +import { formatDistanceToNow } from 'date-fns'; +import { de, enUS } from 'date-fns/locale'; +import { motion } from 'framer-motion'; +import Link from 'next/link'; +import { + Cloud, + FileText, + FileImage, + FileSpreadsheet, + FileVideo, + FileArchive, + Folder, + Download, + ExternalLink, +} from 'lucide-react'; + +import { cn } from '@/lib/utils'; +import { Button } from '@/components/ui/button'; +import { Skeleton } from '@/components/ui/skeleton'; +import { ScrollArea } from '@/components/ui/scroll-area'; +import { Tooltip, TooltipContent, TooltipTrigger } from '@/components/ui/tooltip'; +import { WidgetContainer } from '../../widget-container'; +import { useRecentFiles, formatFileSize } from '@/hooks/integrations'; +import type { NextcloudFile } from '@/types/integrations'; + +interface FilesWidgetProps { + id: string; + isEditing?: boolean; + onRemove?: () => void; + locale?: string; + maxItems?: number; + className?: string; +} + +/** + * Get file icon based on mime type + */ +function getFileIcon(file: NextcloudFile) { + if (file.type === 'folder') return Folder; + + const mimeType = file.mimeType || ''; + if (mimeType.startsWith('image/')) return FileImage; + if (mimeType.startsWith('video/')) return FileVideo; + if (mimeType.includes('spreadsheet') || mimeType.includes('excel')) return FileSpreadsheet; + if (mimeType.includes('zip') || mimeType.includes('compressed')) return FileArchive; + return FileText; +} + +/** + * Get file icon color based on type + */ +function getFileColor(file: NextcloudFile): string { + if (file.type === 'folder') return 'text-yellow-500'; + + const mimeType = file.mimeType || ''; + if (mimeType.startsWith('image/')) return 'text-green-500'; + if (mimeType.startsWith('video/')) return 'text-purple-500'; + if (mimeType.includes('spreadsheet') || mimeType.includes('excel')) return 'text-emerald-500'; + if (mimeType.includes('pdf')) return 'text-red-500'; + if (mimeType.includes('zip') || mimeType.includes('compressed')) return 'text-orange-500'; + return 'text-blue-500'; +} + +/** + * Files Widget - Displays recent Nextcloud files + */ +export function FilesWidget({ + id, + isEditing = false, + onRemove, + locale = 'de', + maxItems = 5, + className, +}: FilesWidgetProps) { + const t = useTranslations('widgets.files'); + const { data: files, isLoading } = useRecentFiles(maxItems); + const dateLocale = locale === 'de' ? de : enUS; + + return ( + } + isEditing={isEditing} + onRemove={onRemove} + className={className} + > + + {isLoading ? ( +
+ {Array.from({ length: 4 }).map((_, i) => ( +
+ +
+ + +
+
+ ))} +
+ ) : files && files.length > 0 ? ( +
+ {files.map((file, index) => { + const Icon = getFileIcon(file); + const iconColor = getFileColor(file); + + return ( + +
+ +
+ +
+

{file.name}

+
+ {formatFileSize(file.size)} + - + + {formatDistanceToNow(file.modifiedAt, { + addSuffix: true, + locale: dateLocale, + })} + +
+

{file.path}

+
+ + {file.downloadUrl && ( + + + + + {t('download')} + + )} + + ); + })} +
+ ) : ( +
+ {t('noFiles')} +
+ )} + + + {/* Footer link */} +
+ +
+ + ); +} diff --git a/apps/web/src/components/dashboard/widgets/integrations/gembadocs-widget.tsx b/apps/web/src/components/dashboard/widgets/integrations/gembadocs-widget.tsx new file mode 100644 index 0000000..2fa642a --- /dev/null +++ b/apps/web/src/components/dashboard/widgets/integrations/gembadocs-widget.tsx @@ -0,0 +1,256 @@ +'use client'; + +import { useTranslations } from 'next-intl'; +import { motion } from 'framer-motion'; +import Link from 'next/link'; +import { + ClipboardCheck, + AlertTriangle, + Calendar, + TrendingUp, + TrendingDown, + Minus, + ExternalLink, + AlertCircle, +} from 'lucide-react'; + +import { cn } from '@/lib/utils'; +import { Badge } from '@/components/ui/badge'; +import { Button } from '@/components/ui/button'; +import { Skeleton } from '@/components/ui/skeleton'; +import { Separator } from '@/components/ui/separator'; +import { WidgetContainer } from '../../widget-container'; +import { + useUpcomingAudits, + useFindingCounts, + useComplianceScore, + getDaysUntilAudit, +} from '@/hooks/integrations'; +import type { AuditType, FindingSeverity } from '@/types/integrations'; + +interface GembaDocsWidgetProps { + id: string; + isEditing?: boolean; + onRemove?: () => void; + locale?: string; + className?: string; +} + +/** Audit type badge configuration */ +const auditTypeConfig: Record = { + internal: { variant: 'secondary' }, + external: { variant: 'default' }, + certification: { variant: 'outline' }, +}; + +/** Severity badge configuration */ +const severityConfig: Record< + FindingSeverity, + { variant: 'default' | 'secondary' | 'destructive' | 'warning'; className: string } +> = { + critical: { variant: 'destructive', className: 'bg-red-500 hover:bg-red-600' }, + high: { variant: 'warning', className: 'bg-orange-500 hover:bg-orange-600' }, + medium: { variant: 'secondary', className: 'bg-yellow-500 hover:bg-yellow-600 text-black' }, + low: { variant: 'default', className: 'bg-blue-500 hover:bg-blue-600' }, +}; + +/** + * GembaDocs Widget - Displays upcoming audits, findings, and compliance score + */ +export function GembaDocsWidget({ + id, + isEditing = false, + onRemove, + locale = 'de', + className, +}: GembaDocsWidgetProps) { + const t = useTranslations('widgets.gembadocs'); + const { data: audits, isLoading: auditsLoading } = useUpcomingAudits(3); + const { data: findingCounts, isLoading: findingsLoading } = useFindingCounts(); + const { data: complianceScore, isLoading: complianceLoading } = useComplianceScore(); + + const isLoading = auditsLoading || findingsLoading || complianceLoading; + + /** + * Format days until audit + */ + const formatDaysLeft = (scheduledDate: Date): string => { + const days = getDaysUntilAudit(scheduledDate); + if (days === 0) return t('today'); + if (days === 1) return t('tomorrow'); + return t('daysLeft', { days }); + }; + + /** + * Get trend icon component + */ + const TrendIcon = complianceScore?.trend === 'up' + ? TrendingUp + : complianceScore?.trend === 'down' + ? TrendingDown + : Minus; + + const trendColor = complianceScore?.trend === 'up' + ? 'text-green-500' + : complianceScore?.trend === 'down' + ? 'text-red-500' + : 'text-muted-foreground'; + + return ( + } + isEditing={isEditing} + onRemove={onRemove} + className={className} + colSpan={2} + > + {isLoading ? ( +
+
+ + +
+
+ + +
+
+ ) : ( +
+ {/* Compliance Score */} +
+
+

{t('complianceScore')}

+
+ {complianceScore?.overall ?? 0}% + +
+
+ {/* Circular progress indicator */} +
+ + + + +
+
+ + {/* Open Findings Summary */} +
+
+ + {t('openFindings')} + {findingCounts && findingCounts.total > 0 && ( + + {findingCounts.total} + + )} +
+ + {findingCounts && findingCounts.total > 0 ? ( +
+ {findingCounts.critical > 0 && ( + + + {findingCounts.critical} {t('severity.critical')} + + )} + {findingCounts.high > 0 && ( + + {findingCounts.high} {t('severity.high')} + + )} + {findingCounts.medium > 0 && ( + + {findingCounts.medium} {t('severity.medium')} + + )} + {findingCounts.low > 0 && ( + + {findingCounts.low} {t('severity.low')} + + )} +
+ ) : ( +

+ {t('noAudits')} +

+ )} +
+ + + + {/* Upcoming Audits */} +
+
+ + {t('upcomingAudits')} +
+ + {audits && audits.length > 0 ? ( +
+ {audits.map((audit, index) => ( + +
+

{audit.title}

+
+ + {t(`auditType.${audit.type}`)} + + {audit.department} +
+
+ + {formatDaysLeft(audit.scheduledDate)} + + + ))} +
+ ) : ( +

{t('noAudits')}

+ )} +
+ + {/* Footer link */} +
+ +
+
+ )} + + ); +} diff --git a/apps/web/src/components/dashboard/widgets/integrations/index.ts b/apps/web/src/components/dashboard/widgets/integrations/index.ts new file mode 100644 index 0000000..e7d0a60 --- /dev/null +++ b/apps/web/src/components/dashboard/widgets/integrations/index.ts @@ -0,0 +1,8 @@ +// Integration widgets barrel export +export { OrdersWidget } from './orders-widget'; +export { ChatWidget } from './chat-widget'; +export { TasksWidget } from './tasks-widget'; +export { TicketsWidget } from './tickets-widget'; +export { FilesWidget } from './files-widget'; +export { DocumentsWidget } from './documents-widget'; +export { GembaDocsWidget } from './gembadocs-widget'; diff --git a/apps/web/src/components/dashboard/widgets/integrations/orders-widget.tsx b/apps/web/src/components/dashboard/widgets/integrations/orders-widget.tsx new file mode 100644 index 0000000..ae07d14 --- /dev/null +++ b/apps/web/src/components/dashboard/widgets/integrations/orders-widget.tsx @@ -0,0 +1,166 @@ +'use client'; + +import { useTranslations } from 'next-intl'; +import { formatDistanceToNow } from 'date-fns'; +import { de, enUS } from 'date-fns/locale'; +import { motion } from 'framer-motion'; +import Link from 'next/link'; +import { ShoppingCart, Package, Truck, Eye, MoreHorizontal } from 'lucide-react'; + +import { cn } from '@/lib/utils'; +import { Badge } from '@/components/ui/badge'; +import { Button } from '@/components/ui/button'; +import { Skeleton } from '@/components/ui/skeleton'; +import { ScrollArea } from '@/components/ui/scroll-area'; +import { + DropdownMenu, + DropdownMenuContent, + DropdownMenuItem, + DropdownMenuTrigger, +} from '@/components/ui/dropdown-menu'; +import { WidgetContainer } from '../../widget-container'; +import { useOrders } from '@/hooks/integrations'; +import type { OrderStatus } from '@/types/integrations'; + +interface OrdersWidgetProps { + id: string; + isEditing?: boolean; + onRemove?: () => void; + locale?: string; + maxItems?: number; + className?: string; +} + +/** Status badge configuration */ +const statusConfig: Record< + OrderStatus, + { variant: 'default' | 'secondary' | 'success' | 'warning' | 'destructive'; labelKey: string } +> = { + new: { variant: 'default', labelKey: 'new' }, + processing: { variant: 'warning', labelKey: 'processing' }, + shipped: { variant: 'success', labelKey: 'shipped' }, + delivered: { variant: 'secondary', labelKey: 'delivered' }, + cancelled: { variant: 'destructive', labelKey: 'cancelled' }, + returned: { variant: 'destructive', labelKey: 'returned' }, +}; + +/** + * Orders Widget - Displays recent PlentyONE orders with status + */ +export function OrdersWidget({ + id, + isEditing = false, + onRemove, + locale = 'de', + maxItems = 5, + className, +}: OrdersWidgetProps) { + const t = useTranslations('widgets.orders'); + const { data: orders, isLoading, error } = useOrders({ limit: maxItems }); + const dateLocale = locale === 'de' ? de : enUS; + + return ( + } + isEditing={isEditing} + onRemove={onRemove} + className={className} + > + + {isLoading ? ( +
+ {Array.from({ length: 4 }).map((_, i) => ( +
+
+ + +
+ +
+ ))} +
+ ) : error ? ( +
+ {t('error')} +
+ ) : orders && orders.length > 0 ? ( +
+ {orders.map((order, index) => { + const status = statusConfig[order.status]; + return ( + +
+
+ {order.orderNumber} + + {t(`status.${order.status}`)} + +
+
+ {order.customerName} + - + + {order.totalAmount.toLocaleString(locale, { + style: 'currency', + currency: order.currency, + })} + +
+

+ {formatDistanceToNow(order.createdAt, { + addSuffix: true, + locale: dateLocale, + })} +

+
+ + + + + + + + + {t('viewDetails')} + + {order.status === 'processing' && ( + + + {t('markShipped')} + + )} + + + + ); + })} +
+ ) : ( +
+ {t('noOrders')} +
+ )} + + + {/* Footer link */} +
+ +
+ + ); +} diff --git a/apps/web/src/components/dashboard/widgets/integrations/tasks-widget.tsx b/apps/web/src/components/dashboard/widgets/integrations/tasks-widget.tsx new file mode 100644 index 0000000..d6f8839 --- /dev/null +++ b/apps/web/src/components/dashboard/widgets/integrations/tasks-widget.tsx @@ -0,0 +1,199 @@ +'use client'; + +import { useState } from 'react'; +import { useTranslations } from 'next-intl'; +import { motion, AnimatePresence } from 'framer-motion'; +import Link from 'next/link'; +import { CheckSquare, Plus, Flag, Calendar } from 'lucide-react'; + +import { cn } from '@/lib/utils'; +import { Button } from '@/components/ui/button'; +import { Input } from '@/components/ui/input'; +import { Checkbox } from '@/components/ui/checkbox'; +import { Skeleton } from '@/components/ui/skeleton'; +import { ScrollArea } from '@/components/ui/scroll-area'; +import { WidgetContainer } from '../../widget-container'; +import { useTodaysTasks, useCompleteTask, useCreateTask } from '@/hooks/integrations'; +import type { TodoistPriority } from '@/types/integrations'; + +interface TasksWidgetProps { + id: string; + isEditing?: boolean; + onRemove?: () => void; + locale?: string; + className?: string; +} + +/** Priority color mapping */ +const priorityColors: Record = { + 1: 'text-red-500', + 2: 'text-orange-500', + 3: 'text-blue-500', + 4: 'text-muted-foreground', +}; + +/** + * Tasks Widget - Displays today's Todoist tasks with quick complete + */ +export function TasksWidget({ + id, + isEditing = false, + onRemove, + locale = 'de', + className, +}: TasksWidgetProps) { + const t = useTranslations('widgets.tasks'); + const { data: tasks, isLoading } = useTodaysTasks(); + const completeTask = useCompleteTask(); + const createTask = useCreateTask(); + const [newTaskContent, setNewTaskContent] = useState(''); + const [showNewTask, setShowNewTask] = useState(false); + + const handleComplete = (taskId: string) => { + completeTask.mutate(taskId); + }; + + const handleCreateTask = async () => { + if (!newTaskContent.trim()) return; + + await createTask.mutateAsync({ + content: newTaskContent, + dueString: 'today', + }); + + setNewTaskContent(''); + setShowNewTask(false); + }; + + const pendingTasks = tasks?.filter((task) => !task.isCompleted) ?? []; + + return ( + } + isEditing={isEditing} + onRemove={onRemove} + className={className} + > + + {isLoading ? ( +
+ {Array.from({ length: 4 }).map((_, i) => ( +
+ + +
+ ))} +
+ ) : pendingTasks.length > 0 ? ( +
+ + {pendingTasks.map((task, index) => ( + + handleComplete(task.id)} + className="mt-0.5" + /> +
+

+ {task.content} +

+
+ {task.projectName && ( + {task.projectName} + )} + {task.dueString && ( + <> + - + + + {task.dueString} + + + )} +
+
+ + + ))} + +
+ ) : ( +
+ +

{t('noTasks')}

+
+ )} + + + {/* New Task Input */} + + {showNewTask && ( + +
+ setNewTaskContent(e.target.value)} + placeholder={t('newTaskPlaceholder')} + className="h-8 text-sm" + onKeyDown={(e) => { + if (e.key === 'Enter') { + handleCreateTask(); + } else if (e.key === 'Escape') { + setShowNewTask(false); + setNewTaskContent(''); + } + }} + autoFocus + /> + +
+ + )} + + + {/* Footer actions */} +
+ + +
+ + ); +} diff --git a/apps/web/src/components/dashboard/widgets/integrations/tickets-widget.tsx b/apps/web/src/components/dashboard/widgets/integrations/tickets-widget.tsx new file mode 100644 index 0000000..90b3225 --- /dev/null +++ b/apps/web/src/components/dashboard/widgets/integrations/tickets-widget.tsx @@ -0,0 +1,200 @@ +'use client'; + +import { useTranslations } from 'next-intl'; +import { formatDistanceToNow } from 'date-fns'; +import { de, enUS } from 'date-fns/locale'; +import { motion } from 'framer-motion'; +import Link from 'next/link'; +import { Headphones, MessageCircle, AlertTriangle, Clock, MoreHorizontal } from 'lucide-react'; + +import { cn } from '@/lib/utils'; +import { Badge } from '@/components/ui/badge'; +import { Button } from '@/components/ui/button'; +import { Skeleton } from '@/components/ui/skeleton'; +import { ScrollArea } from '@/components/ui/scroll-area'; +import { + DropdownMenu, + DropdownMenuContent, + DropdownMenuItem, + DropdownMenuTrigger, +} from '@/components/ui/dropdown-menu'; +import { + Select, + SelectContent, + SelectItem, + SelectTrigger, + SelectValue, +} from '@/components/ui/select'; +import { WidgetContainer } from '../../widget-container'; +import { useTickets, useTicketCounts } from '@/hooks/integrations'; +import type { TicketPriority, TicketStatus } from '@/types/integrations'; +import { useState } from 'react'; + +interface TicketsWidgetProps { + id: string; + isEditing?: boolean; + onRemove?: () => void; + locale?: string; + maxItems?: number; + className?: string; +} + +/** Priority badge configuration */ +const priorityConfig: Record< + TicketPriority, + { variant: 'default' | 'secondary' | 'destructive' | 'warning'; icon: typeof AlertTriangle } +> = { + urgent: { variant: 'destructive', icon: AlertTriangle }, + high: { variant: 'warning', icon: AlertTriangle }, + medium: { variant: 'secondary', icon: Clock }, + low: { variant: 'default', icon: Clock }, +}; + +/** + * Tickets Widget - Displays open FreeScout tickets with priority + */ +export function TicketsWidget({ + id, + isEditing = false, + onRemove, + locale = 'de', + maxItems = 5, + className, +}: TicketsWidgetProps) { + const t = useTranslations('widgets.tickets'); + const [statusFilter, setStatusFilter] = useState('open'); + const { data: tickets, isLoading } = useTickets({ + status: statusFilter === 'all' ? undefined : statusFilter, + limit: maxItems, + }); + const { data: counts } = useTicketCounts(); + const dateLocale = locale === 'de' ? de : enUS; + + return ( + + + {counts && counts.open > 0 && ( + + {counts.open > 9 ? '9+' : counts.open} + + )} +
+ } + isEditing={isEditing} + onRemove={onRemove} + className={className} + > + {/* Status Filter */} +
+ +
+ + + {isLoading ? ( +
+ {Array.from({ length: 3 }).map((_, i) => ( +
+ + +
+ ))} +
+ ) : tickets && tickets.length > 0 ? ( +
+ {tickets.map((ticket, index) => { + const priority = priorityConfig[ticket.priority]; + const PriorityIcon = priority.icon; + + return ( + +
+
+
+ + #{ticket.number} + + + + {t(`priority.${ticket.priority}`)} + +
+

{ticket.subject}

+
+ {ticket.customerName} + + + {ticket.replyCount} + +
+

+ {ticket.lastReplyAt + ? formatDistanceToNow(ticket.lastReplyAt, { + addSuffix: true, + locale: dateLocale, + }) + : formatDistanceToNow(ticket.createdAt, { + addSuffix: true, + locale: dateLocale, + })} +

+
+ + + + + + + {t('viewTicket')} + {t('reply')} + {t('assign')} + + +
+ + ); + })} +
+ ) : ( +
+ {t('noTickets')} +
+ )} + + + {/* Footer link */} +
+ +
+ + ); +} diff --git a/apps/web/src/components/dashboard/widgets/quick-actions-widget.tsx b/apps/web/src/components/dashboard/widgets/quick-actions-widget.tsx new file mode 100644 index 0000000..223a25d --- /dev/null +++ b/apps/web/src/components/dashboard/widgets/quick-actions-widget.tsx @@ -0,0 +1,130 @@ +'use client'; + +import { useTranslations } from 'next-intl'; +import { useRouter } from 'next/navigation'; +import { motion } from 'framer-motion'; +import { + Zap, + Clock, + Calendar, + Users, + FileText, + Mail, + MessageSquare, + Settings, + type LucideIcon, +} from 'lucide-react'; + +import { cn } from '@/lib/utils'; +import { Button } from '@/components/ui/button'; +import { WidgetContainer } from '../widget-container'; + +interface QuickAction { + id: string; + icon: LucideIcon; + labelKey: string; + href?: string; + onClick?: () => void; + variant?: 'default' | 'primary'; +} + +const DEFAULT_ACTIONS: QuickAction[] = [ + { + id: 'clock-in', + icon: Clock, + labelKey: 'clockIn', + href: '/hr/time-tracking', + variant: 'primary', + }, + { + id: 'vacation', + icon: Calendar, + labelKey: 'requestVacation', + href: '/hr/absences/new', + }, + { + id: 'meeting', + icon: Users, + labelKey: 'scheduleMeeting', + href: '/calendar/new', + }, + { + id: 'document', + icon: FileText, + labelKey: 'createDocument', + href: '/documents/new', + }, +]; + +interface QuickActionsWidgetProps { + id: string; + isEditing?: boolean; + onRemove?: () => void; + onSettings?: () => void; + actions?: QuickAction[]; + locale?: string; + className?: string; +} + +/** + * Quick Actions Widget - Provides shortcuts to common actions + */ +export function QuickActionsWidget({ + id, + isEditing = false, + onRemove, + onSettings, + actions = DEFAULT_ACTIONS, + locale = 'de', + className, +}: QuickActionsWidgetProps) { + const t = useTranslations('widgets.quickActions'); + const router = useRouter(); + + const handleActionClick = (action: QuickAction) => { + if (action.onClick) { + action.onClick(); + } else if (action.href) { + router.push(`/${locale}${action.href}`); + } + }; + + return ( + } + isEditing={isEditing} + onRemove={onRemove} + onSettings={onSettings} + className={className} + > +
+ {actions.map((action, index) => { + const Icon = action.icon; + return ( + + + + ); + })} +
+ + ); +} diff --git a/apps/web/src/components/dashboard/widgets/stats-widget.tsx b/apps/web/src/components/dashboard/widgets/stats-widget.tsx new file mode 100644 index 0000000..8c6563d --- /dev/null +++ b/apps/web/src/components/dashboard/widgets/stats-widget.tsx @@ -0,0 +1,195 @@ +'use client'; + +import { useTranslations } from 'next-intl'; +import { motion } from 'framer-motion'; +import { BarChart3, TrendingUp, TrendingDown, Minus, type LucideIcon } from 'lucide-react'; + +import { cn } from '@/lib/utils'; +import { Skeleton } from '@/components/ui/skeleton'; +import { WidgetContainer } from '../widget-container'; + +export type TrendDirection = 'up' | 'down' | 'neutral'; + +export interface StatConfig { + id: string; + labelKey: string; + value: string | number; + previousValue?: string | number; + trend?: TrendDirection; + trendText?: string; + icon?: LucideIcon; + iconColor?: string; +} + +interface StatsWidgetProps { + id: string; + title?: string; + stat: StatConfig; + isLoading?: boolean; + isEditing?: boolean; + onRemove?: () => void; + className?: string; +} + +/** + * Get trend icon component based on direction + */ +function getTrendIcon(trend: TrendDirection) { + switch (trend) { + case 'up': + return TrendingUp; + case 'down': + return TrendingDown; + default: + return Minus; + } +} + +/** + * Get trend color class based on direction + */ +function getTrendColor(trend: TrendDirection): string { + switch (trend) { + case 'up': + return 'text-green-500'; + case 'down': + return 'text-red-500'; + default: + return 'text-muted-foreground'; + } +} + +/** + * Stats Widget - Displays a single KPI with optional trend indicator + */ +export function StatsWidget({ + id, + title, + stat, + isLoading = false, + isEditing = false, + onRemove, + className, +}: StatsWidgetProps) { + const t = useTranslations('widgets.stats'); + + const TrendIcon = stat.trend ? getTrendIcon(stat.trend) : null; + const StatIcon = stat.icon || BarChart3; + + return ( + } + isEditing={isEditing} + onRemove={onRemove} + className={className} + > + {isLoading ? ( +
+ + +
+ ) : ( + +
{stat.value}
+ + {(stat.trend || stat.trendText) && ( +
+ {TrendIcon && } + {stat.trendText} +
+ )} + + )} + + ); +} + +/** + * Stats Grid - Displays multiple stats in a grid layout + */ +interface StatsGridWidgetProps { + id: string; + stats: StatConfig[]; + isLoading?: boolean; + isEditing?: boolean; + onRemove?: () => void; + className?: string; + columns?: 2 | 3 | 4; +} + +export function StatsGridWidget({ + id, + stats, + isLoading = false, + isEditing = false, + onRemove, + className, + columns = 2, +}: StatsGridWidgetProps) { + const t = useTranslations('widgets.stats'); + + return ( + } + isEditing={isEditing} + onRemove={onRemove} + className={className} + colSpan={columns > 2 ? 2 : 1} + > +
+ {isLoading + ? Array.from({ length: 4 }).map((_, i) => ( +
+ + +
+ )) + : stats.map((stat, index) => { + const TrendIcon = stat.trend ? getTrendIcon(stat.trend) : null; + const StatIcon = stat.icon; + + return ( + +
+ {StatIcon && } + {t(stat.labelKey)} +
+
{stat.value}
+ {(stat.trend || stat.trendText) && ( +
+ {TrendIcon && } + {stat.trendText} +
+ )} + + ); + })} +
+ + ); +} diff --git a/apps/web/src/components/dashboard/widgets/welcome-widget.tsx b/apps/web/src/components/dashboard/widgets/welcome-widget.tsx new file mode 100644 index 0000000..f0b07ae --- /dev/null +++ b/apps/web/src/components/dashboard/widgets/welcome-widget.tsx @@ -0,0 +1,125 @@ +'use client'; + +import { useSession } from 'next-auth/react'; +import { useTranslations } from 'next-intl'; +import { motion } from 'framer-motion'; +import { Sparkles, Sun, Moon, CloudSun } from 'lucide-react'; + +import { cn } from '@/lib/utils'; +import { Avatar, AvatarFallback, AvatarImage } from '@/components/ui/avatar'; +import { WidgetContainer } from '../widget-container'; + +interface WelcomeWidgetProps { + id: string; + isEditing?: boolean; + onRemove?: () => void; + className?: string; +} + +/** + * Get the appropriate greeting based on the current hour + */ +function getGreetingKey(hour: number): string { + if (hour >= 5 && hour < 12) return 'goodMorning'; + if (hour >= 12 && hour < 17) return 'goodAfternoon'; + if (hour >= 17 && hour < 21) return 'goodEvening'; + return 'goodNight'; +} + +/** + * Get the appropriate icon based on the current hour + */ +function getGreetingIcon(hour: number) { + if (hour >= 5 && hour < 12) return Sun; + if (hour >= 12 && hour < 17) return CloudSun; + if (hour >= 17 && hour < 21) return CloudSun; + return Moon; +} + +/** + * Welcome Widget - Personalized greeting with user info + */ +export function WelcomeWidget({ + id, + isEditing = false, + onRemove, + className, +}: WelcomeWidgetProps) { + const { data: session } = useSession(); + const t = useTranslations('widgets.welcome'); + + const currentHour = new Date().getHours(); + const greetingKey = getGreetingKey(currentHour); + const GreetingIcon = getGreetingIcon(currentHour); + + const userName = session?.user?.name || 'User'; + const userInitials = userName + .split(' ') + .map((n) => n[0]) + .join('') + .toUpperCase() + .slice(0, 2); + + return ( + +
+ {/* Decorative background gradient */} +
+ + {/* User Avatar */} + + + + + {userInitials} + + + + + {/* Greeting Text */} +
+ + + {t(greetingKey)} + + + + {userName} + + + + + {t('subtitle')} + +
+
+ + ); +} diff --git a/apps/web/src/components/hr/absences/absence-approval-list.tsx b/apps/web/src/components/hr/absences/absence-approval-list.tsx new file mode 100644 index 0000000..42dfd31 --- /dev/null +++ b/apps/web/src/components/hr/absences/absence-approval-list.tsx @@ -0,0 +1,332 @@ +'use client'; + +import { useState } from 'react'; +import { useTranslations } from 'next-intl'; +import { format, parseISO } from 'date-fns'; +import { de, enUS, type Locale } from 'date-fns/locale'; +import { + CheckCircle, + XCircle, + Calendar, + Clock, + AlertCircle, + Inbox, + User, +} from 'lucide-react'; +import { + Card, + CardContent, + CardDescription, + CardHeader, + CardTitle, +} from '@/components/ui/card'; +import { Button } from '@/components/ui/button'; +import { Badge } from '@/components/ui/badge'; +import { Avatar, AvatarFallback, AvatarImage } from '@/components/ui/avatar'; +import { Skeleton } from '@/components/ui/skeleton'; +import { ScrollArea } from '@/components/ui/scroll-area'; +import { + Dialog, + DialogContent, + DialogDescription, + DialogFooter, + DialogHeader, + DialogTitle, +} from '@/components/ui/dialog'; +import { Textarea } from '@/components/ui/textarea'; +import { Label } from '@/components/ui/label'; +import { + usePendingAbsenceRequests, + useApproveAbsence, + useRejectAbsence, +} from '@/hooks/hr/use-absences'; +import { useToast } from '@/hooks/use-toast'; +import { cn } from '@/lib/utils'; +import type { Absence } from '@/types/hr'; +import { ABSENCE_TYPE_INFO } from '@/types/hr'; + +interface AbsenceApprovalListProps { + locale: string; + departmentId?: string; +} + +/** + * List of pending absence requests for managers to approve/reject + */ +export function AbsenceApprovalList({ locale, departmentId }: AbsenceApprovalListProps) { + const t = useTranslations('hr.absences'); + const tAbsenceTypes = useTranslations('hr.absenceTypes'); + const tCommon = useTranslations('common'); + const { toast } = useToast(); + const dateLocale = locale === 'de' ? de : enUS; + + const { data: requests, isLoading, error } = usePendingAbsenceRequests(departmentId); + const approveAbsence = useApproveAbsence(); + const rejectAbsence = useRejectAbsence(); + + // Rejection dialog state + const [rejectDialog, setRejectDialog] = useState<{ open: boolean; absenceId: string | null }>({ + open: false, + absenceId: null, + }); + const [rejectionReason, setRejectionReason] = useState(''); + + const handleApprove = async (id: string) => { + try { + await approveAbsence.mutateAsync(id); + toast({ + title: t('approved'), + description: t('approvedDesc'), + }); + } catch { + toast({ + title: tCommon('error'), + description: t('errorApprove'), + variant: 'destructive', + }); + } + }; + + const handleReject = async () => { + if (!rejectDialog.absenceId) return; + + try { + await rejectAbsence.mutateAsync({ + id: rejectDialog.absenceId, + reason: rejectionReason, + }); + toast({ + title: t('rejected'), + description: t('rejectedDesc'), + }); + setRejectDialog({ open: false, absenceId: null }); + setRejectionReason(''); + } catch { + toast({ + title: tCommon('error'), + description: t('errorReject'), + variant: 'destructive', + }); + } + }; + + if (isLoading) { + return ( + + + + + + + {[1, 2, 3].map((i) => ( + + ))} + + + ); + } + + if (error) { + return ( + + + +

{t('errorLoadingRequests')}

+ + + ); + } + + return ( + <> + + +
+
+ + + {t('pendingApprovals')} + + {t('pendingApprovalsDesc')} +
+ {requests && requests.length > 0 && ( + {requests.length} + )} +
+ + + {!requests || requests.length === 0 ? ( +
+ +

{t('noRequests')}

+
+ ) : ( + +
+ {requests.map((request) => ( + setRejectDialog({ open: true, absenceId: id })} + isProcessing={approveAbsence.isPending || rejectAbsence.isPending} + t={t} + /> + ))} +
+ + )} + + + + {/* Rejection Dialog */} + { + if (!open) { + setRejectDialog({ open: false, absenceId: null }); + setRejectionReason(''); + } + }}> + + + {t('rejectRequest')} + {t('rejectRequestDesc')} + +
+ +