v1.1.0: keyboard shortcuts (CH), onboarding tour, admin projects tab, remember-me login, Luftbild CH removed, hose settings in admin, credit link, font Barlow, map auto-save viewport, rate-limit 10/5min

2026-02-24 19:49:42 +01:00
parent cb575f9a82
commit d893373bd9
16 changed files with 618 additions and 54 deletions
--- a/src/app/admin/page.tsx
+++ b/src/app/admin/page.tsx
@@ -58,6 +58,7 @@ import {
 } from 'lucide-react'
 import Link from 'next/link'
 import { TenantDetailDialog } from '@/components/admin/tenant-detail-dialog'
+import { HoseSettingsDialog } from '@/components/dialogs/hose-settings-dialog'

 // --- Types ---
 interface IconCategory {
@@ -214,6 +215,14 @@ export default function AdminPage() {
  const [symbolScaleLoading, setSymbolScaleLoading] = useState(false)
  const [symbolScaleStatus, setSymbolScaleStatus] = useState<string | null>(null)

+  // Admin Projects (SERVER_ADMIN)
+  const [adminProjects, setAdminProjects] = useState<any[]>([])
+  const [adminProjectsLoading, setAdminProjectsLoading] = useState(false)
+  const [adminProjectTenantFilter, setAdminProjectTenantFilter] = useState<string>('all')
+
+  // Hose Settings (Tenant Admin)
+  const [isHoseSettingsOpen, setIsHoseSettingsOpen] = useState(false)
+
  // Redirect to login if not authenticated, or to app if not admin
  useEffect(() => {
    if (authLoading) return
@@ -251,6 +260,25 @@ export default function AdminPage() {
    if (user?.role === 'SERVER_ADMIN') fetchGlobalDict()
  }, [user?.role])

+  // Fetch admin projects (SERVER_ADMIN)
+  const fetchAdminProjects = async (tenantFilter?: string) => {
+    setAdminProjectsLoading(true)
+    try {
+      const url = tenantFilter && tenantFilter !== 'all'
+        ? `/api/admin/projects?tenantId=${tenantFilter}`
+        : '/api/admin/projects'
+      const res = await fetch(url)
+      if (res.ok) {
+        const data = await res.json()
+        setAdminProjects(data.projects || [])
+      }
+    } catch {}
+    setAdminProjectsLoading(false)
+  }
+  useEffect(() => {
+    if (user?.role === 'SERVER_ADMIN') fetchAdminProjects()
+  }, [user?.role])
+
  const fetchData = async () => {
    setIsLoading(true)
    try {
@@ -683,11 +711,15 @@ export default function AdminPage() {
      <div className="container mx-auto py-6 px-4 max-w-7xl">
        <Tabs value={activeTab} onValueChange={setActiveTab} className="space-y-6">
          {user?.role === 'SERVER_ADMIN' ? (
-            <TabsList className="grid w-full grid-cols-6 max-w-3xl">
+            <TabsList className="grid w-full grid-cols-7 max-w-4xl">
              <TabsTrigger value="tenants" className="gap-2">
                <Shield className="w-4 h-4" />
                Mandanten
              </TabsTrigger>
+              <TabsTrigger value="projects" className="gap-2">
+                <Map className="w-4 h-4" />
+                Einsätze
+              </TabsTrigger>
              <TabsTrigger value="icons" className="gap-2">
                <Image className="w-4 h-4" />
                Symbole
@@ -710,7 +742,7 @@ export default function AdminPage() {
              </TabsTrigger>
            </TabsList>
          ) : user?.role === 'TENANT_ADMIN' ? (
-            <TabsList className="grid w-full grid-cols-5 max-w-2xl">
+            <TabsList className="grid w-full grid-cols-6 max-w-3xl">
              <TabsTrigger value="users" className="gap-2">
                <Users className="w-4 h-4" />
                Benutzer
@@ -719,6 +751,10 @@ export default function AdminPage() {
                <ClipboardList className="w-4 h-4" />
                Wörterliste
              </TabsTrigger>
+              <TabsTrigger value="hose-types" className="gap-2">
+                <Settings className="w-4 h-4" />
+                Schläuche
+              </TabsTrigger>
              <TabsTrigger value="donate" className="gap-2">
                <Heart className="w-4 h-4" />
                Spenden
@@ -960,6 +996,97 @@ export default function AdminPage() {
          </TabsContent>
          )}

+          {/* ===== PROJECTS TAB (SERVER_ADMIN — Einsätze verwalten) ===== */}
+          {user?.role === 'SERVER_ADMIN' && (
+          <TabsContent value="projects" className="space-y-4">
+            <div className="flex items-center justify-between gap-4 flex-wrap">
+              <p className="text-sm text-muted-foreground">
+                {adminProjects.length} Einsatz/Einsätze
+              </p>
+              <div className="flex items-center gap-2">
+                <span className="text-sm text-muted-foreground">Feuerwehr:</span>
+                <Select value={adminProjectTenantFilter} onValueChange={(val) => { setAdminProjectTenantFilter(val); fetchAdminProjects(val) }}>
+                  <SelectTrigger className="w-[220px]">
+                    <SelectValue placeholder="Alle Mandanten" />
+                  </SelectTrigger>
+                  <SelectContent>
+                    <SelectItem value="all">Alle Mandanten</SelectItem>
+                    {tenants.map(t => (
+                      <SelectItem key={t.id} value={t.id}>{t.name}</SelectItem>
+                    ))}
+                  </SelectContent>
+                </Select>
+              </div>
+            </div>
+
+            {adminProjectsLoading ? (
+              <div className="flex items-center justify-center py-12">
+                <Loader2 className="w-6 h-6 animate-spin text-muted-foreground" />
+              </div>
+            ) : adminProjects.length === 0 ? (
+              <p className="text-center text-muted-foreground py-8">Keine Einsätze gefunden.</p>
+            ) : (
+              <div className="border rounded-lg overflow-hidden">
+                <table className="w-full text-sm">
+                  <thead className="bg-muted/50">
+                    <tr>
+                      <th className="text-left px-4 py-2.5 font-medium">Einsatz-Nr</th>
+                      <th className="text-left px-4 py-2.5 font-medium">Titel</th>
+                      <th className="text-left px-4 py-2.5 font-medium">Ort</th>
+                      <th className="text-left px-4 py-2.5 font-medium">Erstellt von</th>
+                      <th className="text-left px-4 py-2.5 font-medium">Feuerwehr</th>
+                      <th className="text-left px-4 py-2.5 font-medium">Elemente</th>
+                      <th className="text-left px-4 py-2.5 font-medium">Geändert</th>
+                      <th className="text-left px-4 py-2.5 font-medium">Aktion</th>
+                    </tr>
+                  </thead>
+                  <tbody className="divide-y">
+                    {adminProjects.map((p: any) => (
+                      <tr key={p.id} className="hover:bg-muted/30">
+                        <td className="px-4 py-2.5 font-mono text-xs">{p.einsatzNr || '—'}</td>
+                        <td className="px-4 py-2.5 font-semibold">{p.title}</td>
+                        <td className="px-4 py-2.5 text-muted-foreground truncate max-w-[200px]">{p.location || '—'}</td>
+                        <td className="px-4 py-2.5">
+                          <span className="text-xs">{p.owner?.name || p.owner?.email || '—'}</span>
+                        </td>
+                        <td className="px-4 py-2.5">
+                          <span className="text-xs bg-primary/10 text-primary px-1.5 py-0.5 rounded">{p.tenant?.name || '—'}</span>
+                        </td>
+                        <td className="px-4 py-2.5 text-center">{p._count?.features || 0}</td>
+                        <td className="px-4 py-2.5 text-xs text-muted-foreground">{new Date(p.updatedAt).toLocaleString('de-CH')}</td>
+                        <td className="px-4 py-2.5">
+                          <Button size="sm" variant="outline" className="h-7 text-xs" onClick={() => window.open(`/app?project=${p.id}`, '_blank')}>
+                            <Eye className="w-3 h-3 mr-1" />
+                            Öffnen
+                          </Button>
+                        </td>
+                      </tr>
+                    ))}
+                  </tbody>
+                </table>
+              </div>
+            )}
+          </TabsContent>
+          )}
+
+          {/* ===== HOSE TYPES TAB (Schlauchtypen) ===== */}
+          <TabsContent value="hose-types" className="space-y-4">
+            <div className="border rounded-lg p-6">
+              <h3 className="font-semibold text-lg mb-2 flex items-center gap-2">
+                <Settings className="w-5 h-5" />
+                Schlauchtypen verwalten
+              </h3>
+              <p className="text-sm text-muted-foreground mb-4">
+                Konfiguriere die Schlauchtypen für die Druckberechnung im Messwerkzeug. Der Standard-Schlauch wird automatisch für neue Berechnungen verwendet.
+              </p>
+              <Button variant="outline" onClick={() => setIsHoseSettingsOpen(true)}>
+                <Settings className="w-4 h-4 mr-2" />
+                Schlauchtypen bearbeiten
+              </Button>
+            </div>
+            <HoseSettingsDialog open={isHoseSettingsOpen} onOpenChange={setIsHoseSettingsOpen} />
+          </TabsContent>
+
          {/* ===== SUGGESTIONS TAB (Word Library) ===== */}
          <TabsContent value="suggestions" className="space-y-4">
            <div className="border rounded-lg p-6">
--- a/src/app/api/admin/projects/route.ts
+++ b/src/app/api/admin/projects/route.ts
@@ -0,0 +1,39 @@
+import { NextRequest, NextResponse } from 'next/server'
+import { getSession } from '@/lib/auth'
+import { prisma } from '@/lib/db'
+
+export async function GET(request: NextRequest) {
+  try {
+    const user = await getSession()
+    if (!user || user.role !== 'SERVER_ADMIN') {
+      return NextResponse.json({ error: 'Nicht autorisiert' }, { status: 401 })
+    }
+
+    const { searchParams } = new URL(request.url)
+    const tenantId = searchParams.get('tenantId')
+
+    const where: any = {}
+    if (tenantId) where.tenantId = tenantId
+
+    const projects = await (prisma as any).project.findMany({
+      where,
+      orderBy: { updatedAt: 'desc' },
+      include: {
+        owner: {
+          select: { id: true, name: true, email: true },
+        },
+        tenant: {
+          select: { id: true, name: true },
+        },
+        _count: {
+          select: { features: true },
+        },
+      },
+    })
+
+    return NextResponse.json({ projects })
+  } catch (error) {
+    console.error('Error fetching admin projects:', error)
+    return NextResponse.json({ error: 'Serverfehler' }, { status: 500 })
+  }
+}
--- a/src/app/api/auth/login/route.ts
+++ b/src/app/api/auth/login/route.ts
@@ -22,11 +22,16 @@ export async function POST(request: NextRequest) {
    }

    const { email, password } = validated.data
+    const rememberMe = body.rememberMe === true
    const result = await login(email, password)

    if (!result.success || !result.user) {
+      const remaining = rl.remaining
+      const warningText = remaining <= 3 && remaining > 0
+        ? ` (Noch ${remaining} Versuch${remaining === 1 ? '' : 'e'})`
+        : ''
      return NextResponse.json(
-        { error: result.error || 'Login fehlgeschlagen' },
+        { error: (result.error || 'Login fehlgeschlagen') + warningText, remaining },
        { status: 401 }
      )
    }
@@ -39,13 +44,13 @@ export async function POST(request: NextRequest) {
      })
    } catch {}

-    const token = await createToken(result.user)
+    const token = await createToken(result.user, rememberMe)
    
    ;(await cookies()).set('auth-token', token, {
      httpOnly: true,
      secure: process.env.NODE_ENV === 'production',
      sameSite: 'lax',
-      maxAge: 60 * 60 * 24, // 24 hours
+      maxAge: rememberMe ? 60 * 60 * 24 * 30 : 60 * 60 * 24, // 30 days or 24 hours
      path: '/',
    })

--- a/src/app/api/projects/[id]/features/route.ts
+++ b/src/app/api/projects/[id]/features/route.ts
@@ -113,7 +113,19 @@ export async function PUT(
    }

    const body = await request.json()
-    const { features } = body as { features: Array<{ id?: string; type: string; geometry: object; properties?: object }> }
+    const { features, mapCenter, mapZoom } = body as {
+      features: Array<{ id?: string; type: string; geometry: object; properties?: object }>
+      mapCenter?: { lng: number; lat: number }
+      mapZoom?: number
+    }
+
+    // Persist map viewport alongside features (if provided)
+    if (mapCenter && mapZoom !== undefined) {
+      await (prisma as any).project.update({
+        where: { id },
+        data: { mapCenter, mapZoom },
+      })
+    }

    await (prisma as any).feature.deleteMany({
      where: { projectId: id },
--- a/src/app/app/page.tsx
+++ b/src/app/app/page.tsx
@@ -22,6 +22,7 @@ import { jsPDF } from 'jspdf'
 import { Lock, Unlock, Eye, AlertTriangle, WifiOff } from 'lucide-react'
 import { getSocket, setSocketRoom } from '@/lib/socket'
 import { CustomDragLayer } from '@/components/map/custom-drag-layer'
+import { OnboardingTour, resetOnboardingTour } from '@/components/onboarding/onboarding-tour'
 import { addToSyncQueue, flushSyncQueue, getSyncQueue, isOnline as checkOnline } from '@/lib/offline-sync'

 export interface Project {
@@ -92,6 +93,9 @@ export default function AppPage() {
  const [lastMapScreenshot, setLastMapScreenshot] = useState<string>('')
  const [defaultSymbolScale, setDefaultSymbolScale] = useState(1.5)

+  // Onboarding tour
+  const [showTour, setShowTour] = useState(false)
+
  // Live editing lock state
  const [editingBy, setEditingBy] = useState<{ id: string; name: string; since: string } | null>(null)
  const [isEditingByMe, setIsEditingByMe] = useState(false)
@@ -698,7 +702,13 @@ export default function AppPage() {
  const saveFeaturesToApi = useCallback(async () => {
    if (!currentProject?.id) return
    const url = `/api/projects/${currentProject.id}/features`
-    const body = { features: featuresRef.current }
+    const mapInstance = mapRef.current
+    const body: any = { features: featuresRef.current }
+    if (mapInstance) {
+      const c = mapInstance.getCenter()
+      body.mapCenter = { lng: c.lng, lat: c.lat }
+      body.mapZoom = mapInstance.getZoom()
+    }

    // If offline, queue the save for later sync
    if (!navigator.onLine) {
@@ -885,10 +895,16 @@ export default function AppPage() {

    setIsSaving(true)
    try {
+      const saveBody: any = { features }
+      if (mapRef.current) {
+        const c = mapRef.current.getCenter()
+        saveBody.mapCenter = { lng: c.lng, lat: c.lat }
+        saveBody.mapZoom = mapRef.current.getZoom()
+      }
      let res = await fetch(`/api/projects/${currentProject.id}/features`, {
        method: 'PUT',
        headers: { 'Content-Type': 'application/json' },
-        body: JSON.stringify({ features }),
+        body: JSON.stringify(saveBody),
      })

      // If project doesn't exist in DB (404), re-create it first then retry
@@ -1048,6 +1064,59 @@ export default function AppPage() {
    }
  }, [])

+  // Keyboard shortcuts for tools
+  const [isShortcutHelpOpen, setIsShortcutHelpOpen] = useState(false)
+  useEffect(() => {
+    const handleKeyDown = (e: KeyboardEvent) => {
+      // Ignore when typing in inputs/textareas
+      const tag = (e.target as HTMLElement)?.tagName
+      if (tag === 'INPUT' || tag === 'TEXTAREA' || tag === 'SELECT' || (e.target as HTMLElement)?.isContentEditable) return
+
+      // ? or F1 → help
+      if (e.key === '?' || e.key === 'F1') { e.preventDefault(); setIsShortcutHelpOpen(true); return }
+
+      // DEL / Backspace → delete selected feature(s)
+      if (e.key === 'Delete' || e.key === 'Backspace') {
+        e.preventDefault()
+        // Remove all selected features
+        const current = featuresRef.current
+        const selected = current.filter(f => f.properties?._selected)
+        if (selected.length > 0) {
+          handleFeaturesChange(current.filter(f => !f.properties?._selected))
+        }
+        return
+      }
+
+      // Ctrl/Cmd shortcuts (CH keyboard: Z and Y are swapped)
+      if (e.ctrlKey || e.metaKey) {
+        if (e.key === 'z') { e.preventDefault(); handleRedo(); return }
+        if (e.key === 'y') { e.preventDefault(); handleUndo(); return }
+        if (e.key === 's') { e.preventDefault(); handleSaveProject(); return }
+        return
+      }
+
+      // Tool shortcuts (single key, no modifier)
+      const shortcuts: Record<string, DrawMode> = {
+        'v': 'select', 's': 'select',
+        'p': 'point',
+        'l': 'linestring',
+        'g': 'polygon',
+        'r': 'rectangle',
+        'c': 'circle',
+        'f': 'freehand',
+        'a': 'arrow',
+        't': 'text',
+        'e': 'eraser',
+        'm': 'measure',
+        'd': 'dangerzone',
+      }
+      const mode = shortcuts[e.key.toLowerCase()]
+      if (mode) { e.preventDefault(); setDrawMode(mode); return }
+    }
+    window.addEventListener('keydown', handleKeyDown)
+    return () => window.removeEventListener('keydown', handleKeyDown)
+  }, [handleUndo, handleRedo, handleSaveProject, setDrawMode, handleFeaturesChange])
+
  const handlePlanUpload = useCallback(() => {
    if (!currentProject) return
    const input = document.createElement('input')
@@ -1455,6 +1524,7 @@ export default function AppPage() {
          userName={user?.name}
          userRole={user?.role}
          onLogout={logout}
+          onStartTour={() => { resetOnboardingTour(); setShowTour(true) }}
        />

        {/* Offline banner */}
@@ -1530,7 +1600,7 @@ export default function AppPage() {

        <div className="flex-1 flex overflow-hidden">
          {/* Map view — always mounted, hidden via CSS to preserve state */}
-          <div className={`contents ${activeTab !== 'map' ? 'hidden' : ''}`}>
+          <div data-tour="toolbar" className={`contents ${activeTab !== 'map' ? 'hidden' : ''}`}>
            <LeftToolbar
              drawMode={drawMode}
              onDrawModeChange={setDrawMode}
@@ -1583,6 +1653,7 @@ export default function AppPage() {

          {/* Right sidebar — always visible, contains Karte/Journal tabs */}
          <RightSidebar
+            data-tour="sidebar"
            onSymbolDrop={handleSymbolDrop}
            canEdit={canEdit}
            isOpen={isSidebarOpen}
@@ -1616,6 +1687,39 @@ export default function AppPage() {
          lineType={(pendingLineFeature?.type as any) || 'linestring'}
        />

+        {/* Keyboard Shortcuts Help Dialog */}
+        <Dialog open={isShortcutHelpOpen} onOpenChange={setIsShortcutHelpOpen}>
+          <DialogContent className="max-w-md">
+            <DialogHeader>
+              <DialogTitle>Tastenkürzel</DialogTitle>
+            </DialogHeader>
+            <div className="grid grid-cols-2 gap-x-6 gap-y-1.5 text-sm mt-2">
+              <div className="font-semibold text-muted-foreground col-span-2 mt-1 mb-0.5">Werkzeuge</div>
+              {[
+                ['V', 'Auswählen'], ['P', 'Punkt'], ['L', 'Linie'], ['G', 'Polygon'],
+                ['R', 'Rechteck'], ['C', 'Kreis'], ['F', 'Freihand'], ['A', 'Pfeil / Route'],
+                ['T', 'Text'], ['E', 'Radiergummi'], ['M', 'Messen'], ['D', 'Gefahrenzone'],
+              ].map(([key, label]) => (
+                <div key={key} className="flex items-center justify-between">
+                  <span>{label}</span>
+                  <kbd className="ml-2 px-1.5 py-0.5 bg-muted rounded border border-border font-mono text-xs">{key}</kbd>
+                </div>
+              ))}
+              <div className="font-semibold text-muted-foreground col-span-2 mt-3 mb-0.5">Aktionen</div>
+              {[
+                ['Ctrl+Y', 'Rückgängig'], ['Ctrl+Z', 'Wiederholen'],
+                ['Ctrl+S', 'Speichern'], ['Del', 'Auswahl löschen'],
+                ['Esc', 'Abbrechen'], ['?', 'Diese Hilfe'],
+              ].map(([key, label]) => (
+                <div key={key} className="flex items-center justify-between">
+                  <span>{label}</span>
+                  <kbd className="ml-2 px-1.5 py-0.5 bg-muted rounded border border-border font-mono text-xs">{key}</kbd>
+                </div>
+              ))}
+            </div>
+          </DialogContent>
+        </Dialog>
+
        {/* Delete All Confirmation Dialog */}
        <Dialog open={isDeleteAllConfirmOpen} onOpenChange={setIsDeleteAllConfirmOpen}>
          <DialogContent className="max-w-sm">
@@ -1635,6 +1739,12 @@ export default function AppPage() {
            </div>
          </DialogContent>
        </Dialog>
+
+        {/* Onboarding Tour */}
+        <OnboardingTour
+          forceShow={showTour}
+          onComplete={() => setShowTour(false)}
+        />
      </div>
    </DndProvider>
  )
--- a/src/app/globals.css
+++ b/src/app/globals.css
@@ -56,6 +56,9 @@
  }
  body {
    @apply bg-background text-foreground;
+    font-size: 15px;
+    line-height: 1.6;
+    letter-spacing: 0.01em;
  }
 }

--- a/src/app/layout.tsx
+++ b/src/app/layout.tsx
@@ -1,12 +1,12 @@
 import type { Metadata, Viewport } from 'next'
-import { Inter } from 'next/font/google'
+import { Barlow } from 'next/font/google'
 import './globals.css'
 import { Toaster } from '@/components/ui/toaster'
 import { AuthProvider } from '@/components/providers/auth-provider'
 import { ServiceWorkerRegister } from '@/components/providers/sw-register'
 import { CookieConsent } from '@/components/ui/cookie-consent'

-const inter = Inter({
+const barlow = Barlow({
  subsets: ['latin'],
  weight: ['400', '500', '600', '700'],
  display: 'swap',
@@ -105,7 +105,7 @@ export default function RootLayout({
        <meta name="mobile-web-app-capable" content="yes" />
        <meta name="theme-color" content="#dc2626" />
      </head>
-      <body className={`${inter.className} antialiased`} style={{ fontFeatureSettings: '"tnum", "cv01"' }}>
+      <body className={`${barlow.className} antialiased`} style={{ fontFeatureSettings: '"tnum"' }}>
        <AuthProvider>
          <ServiceWorkerRegister />
          {children}
--- a/src/app/login/page.tsx
+++ b/src/app/login/page.tsx
@@ -22,6 +22,7 @@ export default function LoginPage() {
 function LoginForm() {
  const [email, setEmail] = useState('')
  const [password, setPassword] = useState('')
+  const [rememberMe, setRememberMe] = useState(true)
  const [isLoading, setIsLoading] = useState(false)
  const [resendLoading, setResendLoading] = useState(false)
  const [resendSuccess, setResendSuccess] = useState(false)
@@ -55,7 +56,7 @@ function LoginForm() {
    e.preventDefault()
    setIsLoading(true)

-    const result = await login(email, password)
+    const result = await login(email, password, rememberMe)

    if (result.success) {
      toast({
@@ -173,6 +174,16 @@ function LoginForm() {
              />
            </div>

+            <label className="flex items-center gap-2 cursor-pointer select-none">
+              <input
+                type="checkbox"
+                checked={rememberMe}
+                onChange={(e) => setRememberMe(e.target.checked)}
+                className="w-4 h-4 rounded border-gray-300 text-red-600 focus:ring-red-500"
+              />
+              <span className="text-sm text-muted-foreground">Angemeldet bleiben</span>
+            </label>
+
            <Button
              type="submit"
              className="w-full bg-red-600 hover:bg-red-700"