adminpepe/Lageplan
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Compare commits

base: adminpepe:v1.0.0
Branches Tags
adminpepe:main
adminpepe:v1.0.5 adminpepe:v1.0.4 adminpepe:v1.0.3 adminpepe:v1.0.2 adminpepe:v1.0.1 adminpepe:v1.0.0
...
compare: adminpepe:b75bf9bb30aee5e7e37471213d08c5a9fcd127be
Branches Tags
adminpepe:main
adminpepe:v1.0.5 adminpepe:v1.0.4 adminpepe:v1.0.3 adminpepe:v1.0.2 adminpepe:v1.0.1 adminpepe:v1.0.0

6 Commits
v1.0.0 ... b75bf9bb30

Author SHA1 Message Date
Pepe Ziberi
b75bf9bb30 v1.0.3: PDF footer fix, arrow alignment, email verification workflow, account deletion 2026-02-21 16:45:44 +01:00
Pepe Ziberi
25d3d553ff v1.0.3: Fix PDF footer overlap, arrow alignment, screenshot quality, arrowheads in export 2026-02-21 16:28:32 +01:00
Pepe Ziberi
c11565aaf8 Fix: Rapport screenshot now uses coordinate-based rendering for correct symbol sizes, labels, arrowheads 2026-02-21 14:04:28 +01:00
Pepe Ziberi
2b7a89174a v1.0.2: Fix PDF generation (react-pdf v4), fix Next.js 15 async params in all API routes 2026-02-21 13:56:44 +01:00
Pepe Ziberi
10464d34ff fix: CSP blob: worker fuer MapLibre, MapPin Import, Icon Scale Limits erweitert (v1.0.1) 2026-02-21 13:11:27 +01:00
Pepe Ziberi
28097607b6 fix: Dockerfile legacy-peer-deps fuer React 19 Kompatibilitaet 2026-02-21 12:28:26 +01:00
35 changed files with 782 additions and 435 deletions
Expand all files Collapse all files

4
Dockerfile
View File

@@ -4,7 +4,7 @@ RUN apk add --no-cache libc6-compat openssl
WORKDIR /app
COPY package.json package-lock.json* ./
RUN npm ci --ignore-scripts
RUN npm ci --ignore-scripts --legacy-peer-deps
# Stage 2: Builder
FROM node:20-alpine AS builder
@@ -46,7 +46,7 @@ COPY --from=builder /app/node_modules/.bin/prisma ./node_modules/.bin/prisma
COPY --from=builder /app/node_modules/bcryptjs ./node_modules/bcryptjs
COPY --from=builder /app/node_modules/stripe ./node_modules/stripe
COPY --from=builder /app/package.json ./package.json
RUN npm install --omit=dev socket.io@4.7.4 @react-pdf/renderer@3.4.2 qrcode@1.5.3 --no-save
RUN npm install --omit=dev --legacy-peer-deps socket.io@4.7.4 @react-pdf/renderer@4.3.2 qrcode@1.5.4 --no-save
COPY server-custom.js ./server-custom.js
COPY docker-entrypoint.sh ./docker-entrypoint.sh

3
docker-compose.gitea.yml
View File

@@ -24,7 +24,7 @@ services:
- USER_UID=1000
- USER_GID=1000
- GITEA__database__DB_TYPE=sqlite3
- GITEA__server__ROOT_URL=http://192.168.1.183:3100
- GITEA__server__ROOT_URL=https://git.purepixel.ch
- GITEA__server__HTTP_PORT=3000
- GITEA__server__LFS_START_SERVER=true
volumes:
@@ -43,3 +43,4 @@ volumes:
networks:
lageplan_lageplan-net:
external: true

2
docker-compose.portainer.yml
View File

@@ -77,7 +77,7 @@ services:
# ─── Lageplan Web App ──────────────────────
web:
image: lageplan-web:latest
image: 192.168.1.183:3100/adminpepe/lageplan:latest
restart: unless-stopped
environment:
DATABASE_URL: postgresql://${POSTGRES_USER:-lageplan}:${POSTGRES_PASSWORD:-lageplan_secret}@db:5432/${POSTGRES_DB:-lageplan}

2
next.config.js
View File

@@ -35,7 +35,7 @@ const nextConfig = {
key: 'Content-Security-Policy',
value: [
"default-src 'self'",
"script-src 'self' 'unsafe-inline' 'unsafe-eval'",
"script-src 'self' 'unsafe-inline' 'unsafe-eval' blob:",
"style-src 'self' 'unsafe-inline'",
"img-src 'self' data: blob: https://*.tile.openstreetmap.org https://api.maptiler.com http://localhost:9000 http://minio:9000",
"font-src 'self' data:",

362
package-lock.json generated
View File

@@ -1,12 +1,12 @@
{
"name": "lageplan",
"version": "1.0.0",
"version": "1.0.1",
"lockfileVersion": 3,
"requires": true,
"packages": {
"": {
"name": "lageplan",
"version": "1.0.0",
"version": "1.0.1",
"hasInstallScript": true,
"dependencies": {
"@dnd-kit/core": "^6.1.0",
@@ -26,7 +26,7 @@
"@radix-ui/react-tabs": "^1.1.0",
"@radix-ui/react-toast": "^1.2.0",
"@radix-ui/react-tooltip": "^1.1.0",
"@react-pdf/renderer": "^3.4.4",
"@react-pdf/renderer": "^4.3.2",
"bcryptjs": "^2.4.3",
"class-variance-authority": "^0.7.0",
"clsx": "^2.1.0",
@@ -2878,176 +2878,12 @@
"license": "MIT"
},
"node_modules/@react-pdf/fns": {
"version": "2.2.1",
"resolved": "https://registry.npmjs.org/@react-pdf/fns/-/fns-2.2.1.tgz",
"integrity": "sha512-s78aDg0vDYaijU5lLOCsUD+qinQbfOvcNeaoX9AiE7+kZzzCo6B/nX+l48cmt9OosJmvZvE9DWR9cLhrhOi2pA==",
"license": "MIT",
"dependencies": {
"@babel/runtime": "^7.20.13"
}
},
"node_modules/@react-pdf/font": {
"version": "2.5.2",
"resolved": "https://registry.npmjs.org/@react-pdf/font/-/font-2.5.2.tgz",
"integrity": "sha512-Ud0EfZ2FwrbvwAWx8nz+KKLmiqACCH9a/N/xNDOja0e/YgSnqTpuyHegFBgIMKjuBtO5dNvkb4dXkxAhGe/ayw==",
"license": "MIT",
"dependencies": {
"@babel/runtime": "^7.20.13",
"@react-pdf/types": "^2.6.0",
"cross-fetch": "^3.1.5",
"fontkit": "^2.0.2",
"is-url": "^1.2.4"
}
},
"node_modules/@react-pdf/image": {
"version": "2.3.6",
"resolved": "https://registry.npmjs.org/@react-pdf/image/-/image-2.3.6.tgz",
"integrity": "sha512-7iZDYZrZlJqNzS6huNl2XdMcLFUo68e6mOdzQeJ63d5eApdthhSHBnkGzHfLhH5t8DCpZNtClmklzuLL63ADfw==",
"license": "MIT",
"dependencies": {
"@babel/runtime": "^7.20.13",
"@react-pdf/png-js": "^2.3.1",
"cross-fetch": "^3.1.5",
"jay-peg": "^1.0.2"
}
},
"node_modules/@react-pdf/layout": {
"version": "3.13.0",
"resolved": "https://registry.npmjs.org/@react-pdf/layout/-/layout-3.13.0.tgz",
"integrity": "sha512-lpPj/EJYHFOc0ALiJwLP09H28B4ADyvTjxOf67xTF+qkWd+dq1vg7dw3wnYESPnWk5T9NN+HlUenJqdYEY9AvA==",
"license": "MIT",
"dependencies": {
"@babel/runtime": "^7.20.13",
"@react-pdf/fns": "2.2.1",
"@react-pdf/image": "^2.3.6",
"@react-pdf/pdfkit": "^3.2.0",
"@react-pdf/primitives": "^3.1.1",
"@react-pdf/stylesheet": "^4.3.0",
"@react-pdf/textkit": "^4.4.1",
"@react-pdf/types": "^2.6.0",
"cross-fetch": "^3.1.5",
"emoji-regex": "^10.3.0",
"queue": "^6.0.1",
"yoga-layout": "^2.0.1"
}
},
"node_modules/@react-pdf/pdfkit": {
"version": "3.2.0",
"resolved": "https://registry.npmjs.org/@react-pdf/pdfkit/-/pdfkit-3.2.0.tgz",
"integrity": "sha512-OBfCcnTC6RpD9uv9L2woF60Zj1uQxhLFzTBXTdcYE9URzPE/zqXIyzpXEA4Vf3TFbvBCgFE2RzJ2ZUS0asq7yA==",
"license": "MIT",
"dependencies": {
"@babel/runtime": "^7.20.13",
"@react-pdf/png-js": "^2.3.1",
"browserify-zlib": "^0.2.0",
"crypto-js": "^4.2.0",
"fontkit": "^2.0.2",
"jay-peg": "^1.0.2",
"vite-compatible-readable-stream": "^3.6.1"
}
},
"node_modules/@react-pdf/png-js": {
"version": "2.3.1",
"resolved": "https://registry.npmjs.org/@react-pdf/png-js/-/png-js-2.3.1.tgz",
"integrity": "sha512-pEZ18I4t1vAUS4lmhvXPmXYP4PHeblpWP/pAlMMRkEyP7tdAeHUN7taQl9sf9OPq7YITMY3lWpYpJU6t4CZgZg==",
"license": "MIT",
"dependencies": {
"browserify-zlib": "^0.2.0"
}
},
"node_modules/@react-pdf/primitives": {
"version": "3.1.1",
"resolved": "https://registry.npmjs.org/@react-pdf/primitives/-/primitives-3.1.1.tgz",
"integrity": "sha512-miwjxLwTnO3IjoqkTVeTI+9CdyDggwekmSLhVCw+a/7FoQc+gF3J2dSKwsHvAcVFM0gvU8mzCeTofgw0zPDq0w==",
"license": "MIT"
},
"node_modules/@react-pdf/render": {
"version": "3.5.0",
"resolved": "https://registry.npmjs.org/@react-pdf/render/-/render-3.5.0.tgz",
"integrity": "sha512-gFOpnyqCgJ6l7VzfJz6rG1i2S7iVSD8bUHDjPW9Mze8TmyksHzN2zBH3y7NbsQOw1wU6hN4NhRmslrsn+BRDPA==",
"license": "MIT",
"dependencies": {
"@babel/runtime": "^7.20.13",
"@react-pdf/fns": "2.2.1",
"@react-pdf/primitives": "^3.1.1",
"@react-pdf/textkit": "^4.4.1",
"@react-pdf/types": "^2.6.0",
"abs-svg-path": "^0.1.1",
"color-string": "^1.9.1",
"normalize-svg-path": "^1.1.0",
"parse-svg-path": "^0.1.2",
"svg-arc-to-cubic-bezier": "^3.2.0"
}
},
"node_modules/@react-pdf/renderer": {
"version": "3.4.5",
"resolved": "https://registry.npmjs.org/@react-pdf/renderer/-/renderer-3.4.5.tgz",
"integrity": "sha512-O1N8q45bTs7YuC+x9afJSKQWDYQy2RjoCxlxEGdbCwP+WD5G6dWRUWXlc8F0TtzU3uFglYMmDab2YhXTmnVN9g==",
"license": "MIT",
"dependencies": {
"@babel/runtime": "^7.20.13",
"@react-pdf/font": "^2.5.2",
"@react-pdf/layout": "^3.13.0",
"@react-pdf/pdfkit": "^3.2.0",
"@react-pdf/primitives": "^3.1.1",
"@react-pdf/render": "^3.5.0",
"@react-pdf/types": "^2.6.0",
"events": "^3.3.0",
"object-assign": "^4.1.1",
"prop-types": "^15.6.2",
"queue": "^6.0.1",
"scheduler": "^0.17.0"
},
"peerDependencies": {
"react": "^16.8.0 || ^17.0.0 || ^18.0.0"
}
},
"node_modules/@react-pdf/stylesheet": {
"version": "4.3.0",
"resolved": "https://registry.npmjs.org/@react-pdf/stylesheet/-/stylesheet-4.3.0.tgz",
"integrity": "sha512-x7IVZOqRrUum9quuDeFXBveXwBht+z/6B0M+z4a4XjfSg1vZVvzoTl07Oa1yvQ/4yIC5yIkG2TSMWeKnDB+hrw==",
"license": "MIT",
"dependencies": {
"@babel/runtime": "^7.20.13",
"@react-pdf/fns": "2.2.1",
"@react-pdf/types": "^2.6.0",
"color-string": "^1.9.1",
"hsl-to-hex": "^1.0.0",
"media-engine": "^1.0.3",
"postcss-value-parser": "^4.1.0"
}
},
"node_modules/@react-pdf/textkit": {
"version": "4.4.1",
"resolved": "https://registry.npmjs.org/@react-pdf/textkit/-/textkit-4.4.1.tgz",
"integrity": "sha512-Jl9wdTqIvJ5pX+vAGz0EOhP7ut5Two9H6CzTKo/YYPeD79cM2yTXF3JzTERBC28y7LR0Waq9D2LHQjI+b/EYUQ==",
"license": "MIT",
"dependencies": {
"@babel/runtime": "^7.20.13",
"@react-pdf/fns": "2.2.1",
"bidi-js": "^1.0.2",
"hyphen": "^1.6.4",
"unicode-properties": "^1.4.1"
}
},
"node_modules/@react-pdf/types": {
"version": "2.9.2",
"resolved": "https://registry.npmjs.org/@react-pdf/types/-/types-2.9.2.tgz",
"integrity": "sha512-dufvpKId9OajLLbgn9q7VLUmyo1Jf+iyGk2ZHmCL8nIDtL8N1Ejh9TH7+pXXrR0tdie1nmnEb5Bz9U7g4hI4/g==",
"license": "MIT",
"dependencies": {
"@react-pdf/font": "^4.0.4",
"@react-pdf/primitives": "^4.1.1",
"@react-pdf/stylesheet": "^6.1.2"
}
},
"node_modules/@react-pdf/types/node_modules/@react-pdf/fns": {
"version": "3.1.2",
"resolved": "https://registry.npmjs.org/@react-pdf/fns/-/fns-3.1.2.tgz",
"integrity": "sha512-qTKGUf0iAMGg2+OsUcp9ffKnKi41RukM/zYIWMDJ4hRVYSr89Q7e3wSDW/Koqx3ea3Uy/z3h2y3wPX6Bdfxk6g==",
"license": "MIT"
},
"node_modules/@react-pdf/types/node_modules/@react-pdf/font": {
"node_modules/@react-pdf/font": {
"version": "4.0.4",
"resolved": "https://registry.npmjs.org/@react-pdf/font/-/font-4.0.4.tgz",
"integrity": "sha512-8YtgGtL511txIEc9AjiilpZ7yjid8uCd8OGUl6jaL3LIHnrToUupSN4IzsMQpVTCMYiDLFnDNQzpZsOYtRS/Pg==",
@@ -3059,7 +2895,34 @@
"is-url": "^1.2.4"
}
},
"node_modules/@react-pdf/types/node_modules/@react-pdf/pdfkit": {
"node_modules/@react-pdf/image": {
"version": "3.0.4",
"resolved": "https://registry.npmjs.org/@react-pdf/image/-/image-3.0.4.tgz",
"integrity": "sha512-z0ogVQE0bKqgXQ5smgzIU857rLV7bMgVdrYsu3UfXDDLSzI7QPvzf6MFTFllX6Dx2rcsF13E01dqKPtJEM799g==",
"license": "MIT",
"dependencies": {
"@react-pdf/png-js": "^3.0.0",
"jay-peg": "^1.1.1"
}
},
"node_modules/@react-pdf/layout": {
"version": "4.4.2",
"resolved": "https://registry.npmjs.org/@react-pdf/layout/-/layout-4.4.2.tgz",
"integrity": "sha512-gNu2oh8MiGR+NJZYTJ4c4q0nWCESBI6rKFiodVhE7OeVAjtzZzd6l65wsN7HXdWJqOZD3ttD97iE+tf5SOd/Yg==",
"license": "MIT",
"dependencies": {
"@react-pdf/fns": "3.1.2",
"@react-pdf/image": "^3.0.4",
"@react-pdf/primitives": "^4.1.1",
"@react-pdf/stylesheet": "^6.1.2",
"@react-pdf/textkit": "^6.1.0",
"@react-pdf/types": "^2.9.2",
"emoji-regex-xs": "^1.0.0",
"queue": "^6.0.1",
"yoga-layout": "^3.2.1"
}
},
"node_modules/@react-pdf/pdfkit": {
"version": "4.1.0",
"resolved": "https://registry.npmjs.org/@react-pdf/pdfkit/-/pdfkit-4.1.0.tgz",
"integrity": "sha512-Wm/IOAv0h/U5Ra94c/PltFJGcpTUd/fwVMVeFD6X9tTTPCttIwg0teRG1Lqq617J8K4W7jpL/B0HTH0mjp3QpQ==",
@@ -3075,7 +2938,7 @@
"vite-compatible-readable-stream": "^3.6.1"
}
},
"node_modules/@react-pdf/types/node_modules/@react-pdf/png-js": {
"node_modules/@react-pdf/png-js": {
"version": "3.0.0",
"resolved": "https://registry.npmjs.org/@react-pdf/png-js/-/png-js-3.0.0.tgz",
"integrity": "sha512-eSJnEItZ37WPt6Qv5pncQDxLJRK15eaRwPT+gZoujP548CodenOVp49GST8XJvKMFt9YqIBzGBV/j9AgrOQzVA==",
@@ -3084,13 +2947,68 @@
"browserify-zlib": "^0.2.0"
}
},
"node_modules/@react-pdf/types/node_modules/@react-pdf/primitives": {
"node_modules/@react-pdf/primitives": {
"version": "4.1.1",
"resolved": "https://registry.npmjs.org/@react-pdf/primitives/-/primitives-4.1.1.tgz",
"integrity": "sha512-IuhxYls1luJb7NUWy6q5avb1XrNaVj9bTNI40U9qGRuS6n7Hje/8H8Qi99Z9UKFV74bBP3DOf3L1wV2qZVgVrQ==",
"license": "MIT"
},
"node_modules/@react-pdf/types/node_modules/@react-pdf/stylesheet": {
"node_modules/@react-pdf/reconciler": {
"version": "2.0.0",
"resolved": "https://registry.npmjs.org/@react-pdf/reconciler/-/reconciler-2.0.0.tgz",
"integrity": "sha512-7zaPRujpbHSmCpIrZ+b9HSTJHthcVZzX0Wx7RzvQGsGBUbHP4p6s5itXrAIOuQuPvDepoHGNOvf6xUuMVvdoyw==",
"license": "MIT",
"dependencies": {
"object-assign": "^4.1.1",
"scheduler": "0.25.0-rc-603e6108-20241029"
},
"peerDependencies": {
"react": "^16.8.0 || ^17.0.0 || ^18.0.0 || ^19.0.0"
}
},
"node_modules/@react-pdf/render": {
"version": "4.3.2",
"resolved": "https://registry.npmjs.org/@react-pdf/render/-/render-4.3.2.tgz",
"integrity": "sha512-el5KYM1sH/PKcO4tRCIm8/AIEmhtraaONbwCrBhFdehoGv6JtgnXiMxHGAvZbI5kEg051GbyP+XIU6f6YbOu6Q==",
"license": "MIT",
"dependencies": {
"@babel/runtime": "^7.20.13",
"@react-pdf/fns": "3.1.2",
"@react-pdf/primitives": "^4.1.1",
"@react-pdf/textkit": "^6.1.0",
"@react-pdf/types": "^2.9.2",
"abs-svg-path": "^0.1.1",
"color-string": "^1.9.1",
"normalize-svg-path": "^1.1.0",
"parse-svg-path": "^0.1.2",
"svg-arc-to-cubic-bezier": "^3.2.0"
}
},
"node_modules/@react-pdf/renderer": {
"version": "4.3.2",
"resolved": "https://registry.npmjs.org/@react-pdf/renderer/-/renderer-4.3.2.tgz",
"integrity": "sha512-EhPkj35gO9rXIyyx29W3j3axemvVY5RigMmlK4/6Ku0pXB8z9PEE/sz4ZBOShu2uot6V4xiCR3aG+t9IjJJlBQ==",
"license": "MIT",
"dependencies": {
"@babel/runtime": "^7.20.13",
"@react-pdf/fns": "3.1.2",
"@react-pdf/font": "^4.0.4",
"@react-pdf/layout": "^4.4.2",
"@react-pdf/pdfkit": "^4.1.0",
"@react-pdf/primitives": "^4.1.1",
"@react-pdf/reconciler": "^2.0.0",
"@react-pdf/render": "^4.3.2",
"@react-pdf/types": "^2.9.2",
"events": "^3.3.0",
"object-assign": "^4.1.1",
"prop-types": "^15.6.2",
"queue": "^6.0.1"
},
"peerDependencies": {
"react": "^16.8.0 || ^17.0.0 || ^18.0.0 || ^19.0.0"
}
},
"node_modules/@react-pdf/stylesheet": {
"version": "6.1.2",
"resolved": "https://registry.npmjs.org/@react-pdf/stylesheet/-/stylesheet-6.1.2.tgz",
"integrity": "sha512-E3ftGRYUQGKiN3JOgtGsLDo0hGekA6dmkmi/MYACytmPTKxQRBSO3126MebmCq+t1rgU9uRlREIEawJ+8nzSbw==",
@@ -3104,6 +3022,29 @@
"postcss-value-parser": "^4.1.0"
}
},
"node_modules/@react-pdf/textkit": {
"version": "6.1.0",
"resolved": "https://registry.npmjs.org/@react-pdf/textkit/-/textkit-6.1.0.tgz",
"integrity": "sha512-sFlzDC9CDFrJsnL3B/+NHrk9+Advqk7iJZIStiYQDdskbow8GF/AGYrpIk+vWSnh35YxaGbHkqXq53XOxnyrjQ==",
"license": "MIT",
"dependencies": {
"@react-pdf/fns": "3.1.2",
"bidi-js": "^1.0.2",
"hyphen": "^1.6.4",
"unicode-properties": "^1.4.1"
}
},
"node_modules/@react-pdf/types": {
"version": "2.9.2",
"resolved": "https://registry.npmjs.org/@react-pdf/types/-/types-2.9.2.tgz",
"integrity": "sha512-dufvpKId9OajLLbgn9q7VLUmyo1Jf+iyGk2ZHmCL8nIDtL8N1Ejh9TH7+pXXrR0tdie1nmnEb5Bz9U7g4hI4/g==",
"license": "MIT",
"dependencies": {
"@react-pdf/font": "^4.0.4",
"@react-pdf/primitives": "^4.1.1",
"@react-pdf/stylesheet": "^6.1.2"
}
},
"node_modules/@rtsao/scc": {
"version": "1.1.0",
"resolved": "https://registry.npmjs.org/@rtsao/scc/-/scc-1.1.0.tgz",
@@ -4753,15 +4694,6 @@
"url": "https://opencollective.com/express"
}
},
"node_modules/cross-fetch": {
"version": "3.2.0",
"resolved": "https://registry.npmjs.org/cross-fetch/-/cross-fetch-3.2.0.tgz",
"integrity": "sha512-Q+xVJLoGOeIMXZmbUK4HYk+69cQH6LudR0Vu/pRm2YlU/hDV9CiS0gKUMaWY5f2NeUH9C1nV3bsTlCo0FsTV1Q==",
"license": "MIT",
"dependencies": {
"node-fetch": "^2.7.0"
}
},
"node_modules/cross-spawn": {
"version": "7.0.6",
"resolved": "https://registry.npmjs.org/cross-spawn/-/cross-spawn-7.0.6.tgz",
@@ -5082,10 +5014,10 @@
"dev": true,
"license": "ISC"
},
"node_modules/emoji-regex": {
"version": "10.6.0",
"resolved": "https://registry.npmjs.org/emoji-regex/-/emoji-regex-10.6.0.tgz",
"integrity": "sha512-toUI84YS5YmxW219erniWD0CIVOo46xGKColeNQRgOzDorgBi1v4D71/OFzgD9GO2UGKIv1C3Sp8DAn0+j5w7A==",
"node_modules/emoji-regex-xs": {
"version": "1.0.0",
"resolved": "https://registry.npmjs.org/emoji-regex-xs/-/emoji-regex-xs-1.0.0.tgz",
"integrity": "sha512-LRlerrMYoIDrT6jgpeZ2YYl/L8EulRTt5hQcYjy5AInh7HWXKimpqx68aknBFpGL2+/IcogTcaydJEgaTmOpDg==",
"license": "MIT"
},
"node_modules/engine.io": {
@@ -7747,26 +7679,6 @@
"semver": "bin/semver.js"
}
},
"node_modules/node-fetch": {
"version": "2.7.0",
"resolved": "https://registry.npmjs.org/node-fetch/-/node-fetch-2.7.0.tgz",
"integrity": "sha512-c4FRfUm/dbcWZ7U+1Wq0AwCyFL+3nt2bEw05wfxSz+DWpWsitgmSgYmy2dQdWyKC1694ELPqMs/YzUSNozLt8A==",
"license": "MIT",
"dependencies": {
"whatwg-url": "^5.0.0"
},
"engines": {
"node": "4.x || >=6.0.0"
},
"peerDependencies": {
"encoding": "^0.1.0"
},
"peerDependenciesMeta": {
"encoding": {
"optional": true
}
}
},
"node_modules/node-releases": {
"version": "2.0.27",
"resolved": "https://registry.npmjs.org/node-releases/-/node-releases-2.0.27.tgz",
@@ -9043,14 +8955,10 @@
}
},
"node_modules/scheduler": {
"version": "0.17.0",
"resolved": "https://registry.npmjs.org/scheduler/-/scheduler-0.17.0.tgz",
"integrity": "sha512-7rro8Io3tnCPuY4la/NuI5F2yfESpnfZyT6TtkXnSWVkcu0BCDJ+8gk5ozUaFaxpIyNuWAPXrH0yFcSi28fnDA==",
"license": "MIT",
"dependencies": {
"loose-envify": "^1.1.0",
"object-assign": "^4.1.1"
}
"version": "0.25.0-rc-603e6108-20241029",
"resolved": "https://registry.npmjs.org/scheduler/-/scheduler-0.25.0-rc-603e6108-20241029.tgz",
"integrity": "sha512-pFwF6H1XrSdYYNLfOcGlM28/j8CGLu8IvdrxqhjWULe2bPcKiKW4CV+OWqR/9fT52mywx65l7ysNkjLKBda7eA==",
"license": "MIT"
},
"node_modules/selecto": {
"version": "1.26.3",
@@ -9897,12 +9805,6 @@
"node": ">=8.0"
}
},
"node_modules/tr46": {
"version": "0.0.3",
"resolved": "https://registry.npmjs.org/tr46/-/tr46-0.0.3.tgz",
"integrity": "sha512-N3WMsuqV66lT30CrXNbEjx4GEwlow3v6rr4mCcv6prnfwhS01rkgyFdjPNBYd9br7LpXV1+Emh01fHnq2Gdgrw==",
"license": "MIT"
},
"node_modules/ts-api-utils": {
"version": "2.4.0",
"resolved": "https://registry.npmjs.org/ts-api-utils/-/ts-api-utils-2.4.0.tgz",
@@ -10346,22 +10248,6 @@
"@zxing/text-encoding": "0.9.0"
}
},
"node_modules/webidl-conversions": {
"version": "3.0.1",
"resolved": "https://registry.npmjs.org/webidl-conversions/-/webidl-conversions-3.0.1.tgz",
"integrity": "sha512-2JAn3z8AR6rjK8Sm8orRC0h/bcl/DqL7tRPdGZ4I1CjdF+EaMLmYxBHyXuKL849eucPFhvBoxMsflfOb8kxaeQ==",
"license": "BSD-2-Clause"
},
"node_modules/whatwg-url": {
"version": "5.0.0",
"resolved": "https://registry.npmjs.org/whatwg-url/-/whatwg-url-5.0.0.tgz",
"integrity": "sha512-saE57nupxk6v3HY35+jzBwYa0rKSy0XR8JSxZPwgLr7ys0IBzhGviA1/TUGJLmSVqs8pb9AnvICXEuOHLprYTw==",
"license": "MIT",
"dependencies": {
"tr46": "~0.0.3",
"webidl-conversions": "^3.0.0"
}
},
"node_modules/which": {
"version": "2.0.2",
"resolved": "https://registry.npmjs.org/which/-/which-2.0.2.tgz",
@@ -10667,9 +10553,9 @@
}
},
"node_modules/yoga-layout": {
"version": "2.0.1",
"resolved": "https://registry.npmjs.org/yoga-layout/-/yoga-layout-2.0.1.tgz",
"integrity": "sha512-tT/oChyDXelLo2A+UVnlW9GU7CsvFMaEnd9kVFsaiCQonFAXd3xrHhkLYu+suwwosrAEQ746xBU+HvYtm1Zs2Q==",
"version": "3.2.1",
"resolved": "https://registry.npmjs.org/yoga-layout/-/yoga-layout-3.2.1.tgz",
"integrity": "sha512-0LPOt3AxKqMdFBZA3HBAt/t/8vIKq7VaQYbuA8WxCgung+p9TVyKRYdpvCb80HcdTN2NkbIKbhNwKUfm3tQywQ==",
"license": "MIT"
},
"node_modules/zod": {

4
package.json
View File

@@ -1,6 +1,6 @@
{
"name": "lageplan",
"version": "1.0.0",
"version": "1.0.3",
"description": "Feuerwehr Lageplan - Krokier-App für Einsatzdokumentation",
"private": true,
"scripts": {
@@ -34,7 +34,7 @@
"@radix-ui/react-tabs": "^1.1.0",
"@radix-ui/react-toast": "^1.2.0",
"@radix-ui/react-tooltip": "^1.1.0",
"@react-pdf/renderer": "^3.4.4",
"@react-pdf/renderer": "^4.3.2",
"bcryptjs": "^2.4.3",
"class-variance-authority": "^0.7.0",
"clsx": "^2.1.0",

65
src/app/api/auth/delete-account/route.ts Normal file
View File

@@ -0,0 +1,65 @@
import { NextRequest, NextResponse } from 'next/server'
import { prisma } from '@/lib/db'
import { getSession } from '@/lib/auth'
import bcrypt from 'bcryptjs'
import { cookies } from 'next/headers'
// POST: User deletes their own account
export async function POST(req: NextRequest) {
try {
const session = await getSession()
if (!session) return NextResponse.json({ error: 'Nicht autorisiert' }, { status: 401 })
const { password } = await req.json()
if (!password) {
return NextResponse.json({ error: 'Passwort erforderlich' }, { status: 400 })
}
// Verify password
const user = await (prisma as any).user.findUnique({
where: { id: session.id },
select: { id: true, password: true, role: true },
})
if (!user) return NextResponse.json({ error: 'Benutzer nicht gefunden' }, { status: 404 })
const validPw = await bcrypt.compare(password, user.password)
if (!validPw) {
return NextResponse.json({ error: 'Falsches Passwort' }, { status: 403 })
}
// If user is the only TENANT_ADMIN, they must delete the org first or transfer ownership
if (session.tenantId && session.role === 'TENANT_ADMIN') {
const adminCount = await (prisma as any).tenantMembership.count({
where: { tenantId: session.tenantId, role: 'TENANT_ADMIN' },
})
if (adminCount <= 1) {
return NextResponse.json({
error: 'Sie sind der einzige Administrator. Bitte löschen Sie die Organisation unter Einstellungen oder übertragen Sie die Admin-Rolle.',
}, { status: 400 })
}
}
console.log(`[Account Delete] User ${session.id} (${session.email}) deleting own account`)
// Clean up user data
try { await (prisma as any).upgradeRequest.deleteMany({ where: { requestedById: session.id } }) } catch {}
try { await (prisma as any).iconAsset.updateMany({ where: { ownerId: session.id }, data: { ownerId: null } }) } catch {}
try { await (prisma as any).project.updateMany({ where: { ownerId: session.id }, data: { ownerId: null } }) } catch {}
// Remove memberships
await (prisma as any).tenantMembership.deleteMany({ where: { userId: session.id } })
// Delete user
await (prisma as any).user.delete({ where: { id: session.id } })
// Clear auth cookie
;(await cookies()).delete('auth-token')
console.log(`[Account Delete] User ${session.email} deleted successfully`)
return NextResponse.json({ success: true, message: 'Konto wurde gelöscht' })
} catch (error: any) {
console.error('[Account Delete] Error:', error?.message || error)
return NextResponse.json({ error: 'Löschung fehlgeschlagen' }, { status: 500 })
}
}

70
src/app/api/auth/resend-verification/route.ts Normal file
View File

@@ -0,0 +1,70 @@
import { NextRequest, NextResponse } from 'next/server'
import { prisma } from '@/lib/db'
import { sendEmail } from '@/lib/email'
import { randomBytes } from 'crypto'
export async function POST(req: NextRequest) {
try {
const { email } = await req.json()
if (!email) {
return NextResponse.json({ error: 'E-Mail-Adresse erforderlich.' }, { status: 400 })
}
const user = await (prisma as any).user.findUnique({
where: { email },
include: { memberships: { include: { tenant: true } } },
})
if (!user) {
// Don't reveal whether user exists
return NextResponse.json({ success: true, message: 'Falls ein Konto mit dieser E-Mail existiert, wurde eine neue Bestätigungsmail gesendet.' })
}
if (user.emailVerified) {
return NextResponse.json({ success: true, message: 'Ihre E-Mail-Adresse ist bereits bestätigt. Sie können sich anmelden.' })
}
// Generate new verification token
const verificationToken = randomBytes(32).toString('hex')
await (prisma as any).user.update({
where: { id: user.id },
data: { emailVerificationToken: verificationToken },
})
// Build verification URL
let baseUrl = process.env.NEXTAUTH_URL || req.headers.get('origin') || `${req.headers.get('x-forwarded-proto') || 'https'}://${req.headers.get('host')}` || 'http://localhost:3000'
if (baseUrl && !baseUrl.startsWith('http://') && !baseUrl.startsWith('https://')) {
baseUrl = `https://${baseUrl}`
}
const verifyUrl = `${baseUrl}/api/auth/verify-email?token=${verificationToken}`
const orgName = user.memberships?.[0]?.tenant?.name || 'Lageplan'
await sendEmail(
user.email,
'E-Mail-Adresse bestätigen — Lageplan',
`<div style="font-family:sans-serif;max-width:600px;margin:0 auto;">
<div style="background:#dc2626;color:white;padding:20px 24px;border-radius:12px 12px 0 0;">
<h1 style="margin:0;font-size:22px;">E-Mail bestätigen</h1>
</div>
<div style="border:1px solid #e5e7eb;border-top:none;padding:24px;border-radius:0 0 12px 12px;">
<p>Hallo <strong>${user.name}</strong>,</p>
<p>Bitte bestätigen Sie Ihre E-Mail-Adresse, um Ihr Konto für <strong>${orgName}</strong> zu aktivieren.</p>
<div style="text-align:center;margin:24px 0;">
<a href="${verifyUrl}" style="background:#dc2626;color:white;padding:12px 32px;text-decoration:none;border-radius:8px;font-weight:600;display:inline-block;">
E-Mail bestätigen
</a>
</div>
<p style="color:#666;font-size:13px;">Falls der Button nicht funktioniert, kopieren Sie diesen Link:<br/>
<a href="${verifyUrl}" style="word-break:break-all;">${verifyUrl}</a></p>
</div>
</div>`
)
return NextResponse.json({ success: true, message: 'Bestätigungsmail wurde erneut gesendet. Bitte prüfen Sie Ihren Posteingang.' })
} catch (error) {
console.error('Resend verification error:', error)
return NextResponse.json({ error: 'Fehler beim Senden der Bestätigungsmail.' }, { status: 500 })
}
}

29
src/app/api/projects/[id]/features/route.ts
View File

@@ -6,21 +6,22 @@ import { getProjectWithTenantCheck } from '@/lib/tenant'
export async function GET(
request: NextRequest,
{ params }: { params: { id: string } }
{ params }: { params: Promise<{ id: string }> }
) {
try {
const { id } = await params
const user = await getSession()
if (!user) {
return NextResponse.json({ error: 'Nicht autorisiert' }, { status: 401 })
}
const project = await getProjectWithTenantCheck(params.id, user)
const project = await getProjectWithTenantCheck(id, user)
if (!project) {
return NextResponse.json({ error: 'Projekt nicht gefunden' }, { status: 404 })
}
const features = await (prisma as any).feature.findMany({
where: { projectId: params.id },
where: { projectId: id },
orderBy: { createdAt: 'asc' },
})
@@ -33,9 +34,10 @@ export async function GET(
export async function POST(
request: NextRequest,
{ params }: { params: { id: string } }
{ params }: { params: Promise<{ id: string }> }
) {
try {
const { id } = await params
const user = await getSession()
if (!user) {
return NextResponse.json({ error: 'Nicht autorisiert' }, { status: 401 })
@@ -45,7 +47,7 @@ export async function POST(
return NextResponse.json({ error: 'Keine Berechtigung' }, { status: 403 })
}
const project = await getProjectWithTenantCheck(params.id, user)
const project = await getProjectWithTenantCheck(id, user)
if (!project) {
return NextResponse.json({ error: 'Projekt nicht gefunden' }, { status: 404 })
}
@@ -66,7 +68,7 @@ export async function POST(
const feature = await (prisma as any).feature.create({
data: {
projectId: params.id,
projectId: id,
type: validated.data.type,
geometry: validated.data.geometry,
properties: validated.data.properties || {},
@@ -82,9 +84,10 @@ export async function POST(
export async function PUT(
request: NextRequest,
{ params }: { params: { id: string } }
{ params }: { params: Promise<{ id: string }> }
) {
try {
const { id } = await params
const user = await getSession()
if (!user) {
return NextResponse.json({ error: 'Nicht autorisiert' }, { status: 401 })
@@ -94,11 +97,11 @@ export async function PUT(
return NextResponse.json({ error: 'Keine Berechtigung' }, { status: 403 })
}
const project = await getProjectWithTenantCheck(params.id, user)
const project = await getProjectWithTenantCheck(id, user)
if (!project) {
const exists = await (prisma as any).project.findUnique({ where: { id: params.id }, select: { id: true, tenantId: true, ownerId: true } })
const exists = await (prisma as any).project.findUnique({ where: { id }, select: { id: true, tenantId: true, ownerId: true } })
if (!exists) {
console.warn(`[Features PUT] Project ${params.id} not in DB`)
console.warn(`[Features PUT] Project ${id} not in DB`)
return NextResponse.json({ error: 'Projekt nicht gefunden' }, { status: 404 })
}
console.warn(`[Features PUT] Access denied: user=${user.id} tenant=${user.tenantId}, project owner=${exists.ownerId} tenant=${exists.tenantId}`)
@@ -113,13 +116,13 @@ export async function PUT(
const { features } = body as { features: Array<{ id?: string; type: string; geometry: object; properties?: object }> }
await (prisma as any).feature.deleteMany({
where: { projectId: params.id },
where: { projectId: id },
})
if (features && features.length > 0) {
await (prisma as any).feature.createMany({
data: features.map((f: any) => ({
projectId: params.id,
projectId: id,
type: f.type,
geometry: f.geometry,
properties: f.properties || {},
@@ -128,7 +131,7 @@ export async function PUT(
}
const updatedFeatures = await (prisma as any).feature.findMany({
where: { projectId: params.id },
where: { projectId: id },
})
return NextResponse.json({ features: updatedFeatures })

18
src/app/api/projects/[id]/journal/check-items/[itemId]/route.ts
View File

@@ -4,18 +4,19 @@ import { getSession } from '@/lib/auth'
import { getProjectWithTenantCheck } from '@/lib/tenant'
// PUT: Toggle confirmed/ok on a check item
export async function PUT(req: NextRequest, { params }: { params: { id: string; itemId: string } }) {
export async function PUT(req: NextRequest, { params }: { params: Promise<{ id: string; itemId: string }> }) {
try {
const { id, itemId } = await params
const user = await getSession()
if (!user) return NextResponse.json({ error: 'Nicht autorisiert' }, { status: 401 })
if (user.role === 'VIEWER') return NextResponse.json({ error: 'Keine Berechtigung' }, { status: 403 })
const project = await getProjectWithTenantCheck(params.id, user)
const project = await getProjectWithTenantCheck(id, user)
if (!project) return NextResponse.json({ error: 'Projekt nicht gefunden' }, { status: 404 })
// Verify item belongs to this project
const existing = await (prisma as any).journalCheckItem.findFirst({
where: { id: params.itemId, projectId: params.id },
where: { id: itemId, projectId: id },
})
if (!existing) return NextResponse.json({ error: 'Element nicht gefunden' }, { status: 404 })
@@ -32,7 +33,7 @@ export async function PUT(req: NextRequest, { params }: { params: { id: string;
}
const item = await (prisma as any).journalCheckItem.update({
where: { id: params.itemId },
where: { id: itemId },
data,
})
return NextResponse.json(item)
@@ -43,22 +44,23 @@ export async function PUT(req: NextRequest, { params }: { params: { id: string;
}
// DELETE
export async function DELETE(req: NextRequest, { params }: { params: { id: string; itemId: string } }) {
export async function DELETE(req: NextRequest, { params }: { params: Promise<{ id: string; itemId: string }> }) {
try {
const { id, itemId } = await params
const user = await getSession()
if (!user) return NextResponse.json({ error: 'Nicht autorisiert' }, { status: 401 })
if (user.role === 'VIEWER') return NextResponse.json({ error: 'Keine Berechtigung' }, { status: 403 })
const project = await getProjectWithTenantCheck(params.id, user)
const project = await getProjectWithTenantCheck(id, user)
if (!project) return NextResponse.json({ error: 'Projekt nicht gefunden' }, { status: 404 })
// Verify item belongs to this project
const existing = await (prisma as any).journalCheckItem.findFirst({
where: { id: params.itemId, projectId: params.id },
where: { id: itemId, projectId: id },
})
if (!existing) return NextResponse.json({ error: 'Element nicht gefunden' }, { status: 404 })
await (prisma as any).journalCheckItem.delete({ where: { id: params.itemId } })
await (prisma as any).journalCheckItem.delete({ where: { id: itemId } })
return NextResponse.json({ ok: true })
} catch (error) {
console.error('Error deleting check item:', error)

11
src/app/api/projects/[id]/journal/check-items/route.ts
View File

@@ -4,13 +4,14 @@ import { getSession } from '@/lib/auth'
import { getProjectWithTenantCheck } from '@/lib/tenant'
// POST: Add check item (or initialize from templates)
export async function POST(req: NextRequest, { params }: { params: { id: string } }) {
export async function POST(req: NextRequest, { params }: { params: Promise<{ id: string }> }) {
try {
const { id } = await params
const user = await getSession()
if (!user) return NextResponse.json({ error: 'Nicht autorisiert' }, { status: 401 })
if (user.role === 'VIEWER') return NextResponse.json({ error: 'Keine Berechtigung' }, { status: 403 })
const project = await getProjectWithTenantCheck(params.id, user)
const project = await getProjectWithTenantCheck(id, user)
if (!project) return NextResponse.json({ error: 'Projekt nicht gefunden' }, { status: 404 })
const body = await req.json()
@@ -18,7 +19,7 @@ export async function POST(req: NextRequest, { params }: { params: { id: string
// If 'initFromTemplates' is true, create check items from templates (only if none exist)
if (body.initFromTemplates) {
const existing = await (prisma as any).journalCheckItem.findMany({
where: { projectId: params.id },
where: { projectId: id },
})
if (existing.length > 0) {
return NextResponse.json(existing)
@@ -31,7 +32,7 @@ export async function POST(req: NextRequest, { params }: { params: { id: string
templates.map((tpl: any, i: number) =>
(prisma as any).journalCheckItem.create({
data: {
projectId: params.id,
projectId: id,
label: tpl.label,
sortOrder: i,
},
@@ -44,7 +45,7 @@ export async function POST(req: NextRequest, { params }: { params: { id: string
// Single item creation
const item = await (prisma as any).journalCheckItem.create({
data: {
projectId: params.id,
projectId: id,
label: body.label || '',
sortOrder: body.sortOrder || 0,
},

20
src/app/api/projects/[id]/journal/entries/[entryId]/route.ts
View File

@@ -4,17 +4,18 @@ import { getSession } from '@/lib/auth'
import { getProjectWithTenantCheck } from '@/lib/tenant'
// PUT: Update a journal entry — only toggle done status allowed directly
export async function PUT(req: NextRequest, { params }: { params: { id: string; entryId: string } }) {
export async function PUT(req: NextRequest, { params }: { params: Promise<{ id: string; entryId: string }> }) {
try {
const { id, entryId } = await params
const user = await getSession()
if (!user) return NextResponse.json({ error: 'Nicht autorisiert' }, { status: 401 })
if (user.role === 'VIEWER') return NextResponse.json({ error: 'Keine Berechtigung' }, { status: 403 })
const project = await getProjectWithTenantCheck(params.id, user)
const project = await getProjectWithTenantCheck(id, user)
if (!project) return NextResponse.json({ error: 'Projekt nicht gefunden' }, { status: 404 })
const existing = await (prisma as any).journalEntry.findFirst({
where: { id: params.entryId, projectId: params.id },
where: { id: entryId, projectId: id },
})
if (!existing) return NextResponse.json({ error: 'Eintrag nicht gefunden' }, { status: 404 })
@@ -23,7 +24,7 @@ export async function PUT(req: NextRequest, { params }: { params: { id: string;
// Only done toggle is allowed as direct edit
if (body.done !== undefined) {
const entry = await (prisma as any).journalEntry.update({
where: { id: params.entryId },
where: { id: entryId },
data: { done: body.done, doneAt: body.done ? new Date() : null },
})
return NextResponse.json(entry)
@@ -38,17 +39,18 @@ export async function PUT(req: NextRequest, { params }: { params: { id: string;
// POST: Create a correction for a journal entry (replaces DELETE)
// Marks the original as corrected (strikethrough) and creates a new correction entry below it
export async function POST(req: NextRequest, { params }: { params: { id: string; entryId: string } }) {
export async function POST(req: NextRequest, { params }: { params: Promise<{ id: string; entryId: string }> }) {
try {
const { id, entryId } = await params
const user = await getSession()
if (!user) return NextResponse.json({ error: 'Nicht autorisiert' }, { status: 401 })
if (user.role === 'VIEWER') return NextResponse.json({ error: 'Keine Berechtigung' }, { status: 403 })
const project = await getProjectWithTenantCheck(params.id, user)
const project = await getProjectWithTenantCheck(id, user)
if (!project) return NextResponse.json({ error: 'Projekt nicht gefunden' }, { status: 404 })
const existing = await (prisma as any).journalEntry.findFirst({
where: { id: params.entryId, projectId: params.id },
where: { id: entryId, projectId: id },
})
if (!existing) return NextResponse.json({ error: 'Eintrag nicht gefunden' }, { status: 404 })
@@ -69,7 +71,7 @@ export async function POST(req: NextRequest, { params }: { params: { id: string;
// Mark original as corrected
await (prisma as any).journalEntry.update({
where: { id: params.entryId },
where: { id: entryId },
data: { isCorrected: true },
})
@@ -81,7 +83,7 @@ export async function POST(req: NextRequest, { params }: { params: { id: string;
who: body.who || existing.who || user.name,
sortOrder: existing.sortOrder + 1,
correctionOfId: existing.id,
projectId: params.id,
projectId: id,
},
})

7
src/app/api/projects/[id]/journal/entries/route.ts
View File

@@ -4,19 +4,20 @@ import { getSession } from '@/lib/auth'
import { getProjectWithTenantCheck } from '@/lib/tenant'
// POST: Add a new journal entry
export async function POST(req: NextRequest, { params }: { params: { id: string } }) {
export async function POST(req: NextRequest, { params }: { params: Promise<{ id: string }> }) {
try {
const { id } = await params
const user = await getSession()
if (!user) return NextResponse.json({ error: 'Nicht autorisiert' }, { status: 401 })
if (user.role === 'VIEWER') return NextResponse.json({ error: 'Keine Berechtigung' }, { status: 403 })
const project = await getProjectWithTenantCheck(params.id, user)
const project = await getProjectWithTenantCheck(id, user)
if (!project) return NextResponse.json({ error: 'Projekt nicht gefunden' }, { status: 404 })
const body = await req.json()
const entry = await (prisma as any).journalEntry.create({
data: {
projectId: params.id,
projectId: id,
time: body.time ? new Date(body.time) : new Date(),
what: body.what || '',
who: body.who || null,

18
src/app/api/projects/[id]/journal/pendenzen/[pendenzId]/route.ts
View File

@@ -4,18 +4,19 @@ import { getSession } from '@/lib/auth'
import { getProjectWithTenantCheck } from '@/lib/tenant'
// PUT: Update a pendenz
export async function PUT(req: NextRequest, { params }: { params: { id: string; pendenzId: string } }) {
export async function PUT(req: NextRequest, { params }: { params: Promise<{ id: string; pendenzId: string }> }) {
try {
const { id, pendenzId } = await params
const user = await getSession()
if (!user) return NextResponse.json({ error: 'Nicht autorisiert' }, { status: 401 })
if (user.role === 'VIEWER') return NextResponse.json({ error: 'Keine Berechtigung' }, { status: 403 })
const project = await getProjectWithTenantCheck(params.id, user)
const project = await getProjectWithTenantCheck(id, user)
if (!project) return NextResponse.json({ error: 'Projekt nicht gefunden' }, { status: 404 })
// Verify pendenz belongs to this project
const existing = await (prisma as any).journalPendenz.findFirst({
where: { id: params.pendenzId, projectId: params.id },
where: { id: pendenzId, projectId: id },
})
if (!existing) return NextResponse.json({ error: 'Pendenz nicht gefunden' }, { status: 404 })
@@ -30,7 +31,7 @@ export async function PUT(req: NextRequest, { params }: { params: { id: string;
}
const item = await (prisma as any).journalPendenz.update({
where: { id: params.pendenzId },
where: { id: pendenzId },
data,
})
return NextResponse.json(item)
@@ -41,22 +42,23 @@ export async function PUT(req: NextRequest, { params }: { params: { id: string;
}
// DELETE
export async function DELETE(req: NextRequest, { params }: { params: { id: string; pendenzId: string } }) {
export async function DELETE(req: NextRequest, { params }: { params: Promise<{ id: string; pendenzId: string }> }) {
try {
const { id, pendenzId } = await params
const user = await getSession()
if (!user) return NextResponse.json({ error: 'Nicht autorisiert' }, { status: 401 })
if (user.role === 'VIEWER') return NextResponse.json({ error: 'Keine Berechtigung' }, { status: 403 })
const project = await getProjectWithTenantCheck(params.id, user)
const project = await getProjectWithTenantCheck(id, user)
if (!project) return NextResponse.json({ error: 'Projekt nicht gefunden' }, { status: 404 })
// Verify pendenz belongs to this project
const existing = await (prisma as any).journalPendenz.findFirst({
where: { id: params.pendenzId, projectId: params.id },
where: { id: pendenzId, projectId: id },
})
if (!existing) return NextResponse.json({ error: 'Pendenz nicht gefunden' }, { status: 404 })
await (prisma as any).journalPendenz.delete({ where: { id: params.pendenzId } })
await (prisma as any).journalPendenz.delete({ where: { id: pendenzId } })
return NextResponse.json({ ok: true })
} catch (error) {
console.error('Error deleting pendenz:', error)

7
src/app/api/projects/[id]/journal/pendenzen/route.ts
View File

@@ -4,19 +4,20 @@ import { getSession } from '@/lib/auth'
import { getProjectWithTenantCheck } from '@/lib/tenant'
// POST: Add a new pendenz
export async function POST(req: NextRequest, { params }: { params: { id: string } }) {
export async function POST(req: NextRequest, { params }: { params: Promise<{ id: string }> }) {
try {
const { id } = await params
const user = await getSession()
if (!user) return NextResponse.json({ error: 'Nicht autorisiert' }, { status: 401 })
if (user.role === 'VIEWER') return NextResponse.json({ error: 'Keine Berechtigung' }, { status: 403 })
const project = await getProjectWithTenantCheck(params.id, user)
const project = await getProjectWithTenantCheck(id, user)
if (!project) return NextResponse.json({ error: 'Projekt nicht gefunden' }, { status: 404 })
const body = await req.json()
const item = await (prisma as any).journalPendenz.create({
data: {
projectId: params.id,
projectId: id,
what: body.what || '',
who: body.who || null,
whenHow: body.whenHow || null,

11
src/app/api/projects/[id]/journal/route.ts
View File

@@ -4,25 +4,26 @@ import { getSession } from '@/lib/auth'
import { getProjectWithTenantCheck } from '@/lib/tenant'
// GET all journal data for a project (entries, check items, pendenzen)
export async function GET(req: NextRequest, { params }: { params: { id: string } }) {
export async function GET(req: NextRequest, { params }: { params: Promise<{ id: string }> }) {
try {
const { id } = await params
const user = await getSession()
if (!user) return NextResponse.json({ error: 'Nicht autorisiert' }, { status: 401 })
const project = await getProjectWithTenantCheck(params.id, user)
const project = await getProjectWithTenantCheck(id, user)
if (!project) return NextResponse.json({ error: 'Projekt nicht gefunden' }, { status: 404 })
const [entries, checkItems, pendenzen] = await Promise.all([
(prisma as any).journalEntry.findMany({
where: { projectId: params.id },
where: { projectId: id },
orderBy: [{ time: 'asc' }, { sortOrder: 'asc' }, { createdAt: 'asc' }],
}),
(prisma as any).journalCheckItem.findMany({
where: { projectId: params.id },
where: { projectId: id },
orderBy: { sortOrder: 'asc' },
}),
(prisma as any).journalPendenz.findMany({
where: { projectId: params.id },
where: { projectId: id },
orderBy: { sortOrder: 'asc' },
}),
])

11
src/app/api/projects/[id]/journal/send-report/route.ts
View File

@@ -4,12 +4,13 @@ import { getSession } from '@/lib/auth'
import { getProjectWithTenantCheck } from '@/lib/tenant'
import { sendEmail } from '@/lib/email'
export async function POST(req: NextRequest, { params }: { params: { id: string } }) {
export async function POST(req: NextRequest, { params }: { params: Promise<{ id: string }> }) {
try {
const { id } = await params
const user = await getSession()
if (!user) return NextResponse.json({ error: 'Nicht autorisiert' }, { status: 401 })
const project = await getProjectWithTenantCheck(params.id, user)
const project = await getProjectWithTenantCheck(id, user)
if (!project) return NextResponse.json({ error: 'Projekt nicht gefunden' }, { status: 404 })
// Load tenant logo
@@ -32,17 +33,17 @@ export async function POST(req: NextRequest, { params }: { params: { id: string
// Load journal data
const entries = await (prisma as any).journalEntry.findMany({
where: { projectId: params.id },
where: { projectId: id },
orderBy: [{ time: 'asc' }, { sortOrder: 'asc' }],
})
const checkItems = await (prisma as any).journalCheckItem.findMany({
where: { projectId: params.id },
where: { projectId: id },
orderBy: { sortOrder: 'asc' },
})
const pendenzen = await (prisma as any).journalPendenz.findMany({
where: { projectId: params.id },
where: { projectId: id },
orderBy: { sortOrder: 'asc' },
})

23
src/app/api/projects/[id]/plan-image/route.ts
View File

@@ -5,13 +5,14 @@ import { getProjectWithTenantCheck } from '@/lib/tenant'
import { uploadFile, deleteFile, getFileUrl } from '@/lib/minio'
// POST: Upload a plan image for a project
export async function POST(req: NextRequest, { params }: { params: { id: string } }) {
export async function POST(req: NextRequest, { params }: { params: Promise<{ id: string }> }) {
try {
const { id } = await params
const user = await getSession()
if (!user) return NextResponse.json({ error: 'Nicht autorisiert' }, { status: 401 })
if (user.role === 'VIEWER') return NextResponse.json({ error: 'Keine Berechtigung' }, { status: 403 })
const project = await getProjectWithTenantCheck(params.id, user)
const project = await getProjectWithTenantCheck(id, user)
if (!project) return NextResponse.json({ error: 'Projekt nicht gefunden' }, { status: 404 })
const formData = await req.formData()
@@ -37,7 +38,7 @@ export async function POST(req: NextRequest, { params }: { params: { id: string
// Upload to MinIO
const buffer = Buffer.from(await file.arrayBuffer())
const ext = file.name.split('.').pop() || 'png'
const fileKey = `plans/${params.id}/${Date.now()}.${ext}`
const fileKey = `plans/${id}/${Date.now()}.${ext}`
await uploadFile(fileKey, buffer, file.type)
// Parse bounds or use default (current map view)
@@ -48,7 +49,7 @@ export async function POST(req: NextRequest, { params }: { params: { id: string
// Update project
await (prisma as any).project.update({
where: { id: params.id },
where: { id },
data: {
planImageKey: fileKey,
planBounds: bounds,
@@ -70,13 +71,14 @@ export async function POST(req: NextRequest, { params }: { params: { id: string
}
// DELETE: Remove the plan image
export async function DELETE(req: NextRequest, { params }: { params: { id: string } }) {
export async function DELETE(req: NextRequest, { params }: { params: Promise<{ id: string }> }) {
try {
const { id } = await params
const user = await getSession()
if (!user) return NextResponse.json({ error: 'Nicht autorisiert' }, { status: 401 })
if (user.role === 'VIEWER') return NextResponse.json({ error: 'Keine Berechtigung' }, { status: 403 })
const project = await getProjectWithTenantCheck(params.id, user)
const project = await getProjectWithTenantCheck(id, user)
if (!project) return NextResponse.json({ error: 'Projekt nicht gefunden' }, { status: 404 })
const p = project as any
@@ -85,7 +87,7 @@ export async function DELETE(req: NextRequest, { params }: { params: { id: strin
}
await (prisma as any).project.update({
where: { id: params.id },
where: { id },
data: { planImageKey: null, planBounds: null },
})
@@ -97,19 +99,20 @@ export async function DELETE(req: NextRequest, { params }: { params: { id: strin
}
// PATCH: Update plan bounds (repositioning)
export async function PATCH(req: NextRequest, { params }: { params: { id: string } }) {
export async function PATCH(req: NextRequest, { params }: { params: Promise<{ id: string }> }) {
try {
const { id } = await params
const user = await getSession()
if (!user) return NextResponse.json({ error: 'Nicht autorisiert' }, { status: 401 })
const project = await getProjectWithTenantCheck(params.id, user)
const project = await getProjectWithTenantCheck(id, user)
if (!project) return NextResponse.json({ error: 'Projekt nicht gefunden' }, { status: 404 })
const body = await req.json()
if (!body.bounds) return NextResponse.json({ error: 'Bounds erforderlich' }, { status: 400 })
await (prisma as any).project.update({
where: { id: params.id },
where: { id },
data: { planBounds: body.bounds },
})

5
src/app/api/projects/[id]/plan-image/serve/route.ts
View File

@@ -4,13 +4,14 @@ import { getSession } from '@/lib/auth'
import { getFileStream } from '@/lib/minio'
// Serve plan image (authenticated users only)
export async function GET(req: NextRequest, { params }: { params: { id: string } }) {
export async function GET(req: NextRequest, { params }: { params: Promise<{ id: string }> }) {
try {
const { id } = await params
const user = await getSession()
if (!user) return NextResponse.json({ error: 'Nicht autorisiert' }, { status: 401 })
const project = await (prisma as any).project.findUnique({
where: { id: params.id },
where: { id },
select: { planImageKey: true },
})

21
src/app/api/projects/[id]/route.ts
View File

@@ -6,22 +6,23 @@ import { getProjectWithTenantCheck } from '@/lib/tenant'
export async function GET(
request: NextRequest,
{ params }: { params: { id: string } }
{ params }: { params: Promise<{ id: string }> }
) {
try {
const { id } = await params
const user = await getSession()
if (!user) {
return NextResponse.json({ error: 'Nicht autorisiert' }, { status: 401 })
}
const projectBase = await getProjectWithTenantCheck(params.id, user)
const projectBase = await getProjectWithTenantCheck(id, user)
if (!projectBase) {
return NextResponse.json({ error: 'Projekt nicht gefunden' }, { status: 404 })
}
// Re-fetch with includes
const project = await (prisma as any).project.findUnique({
where: { id: params.id },
where: { id },
include: {
owner: {
select: { id: true, name: true, email: true },
@@ -39,9 +40,10 @@ export async function GET(
export async function PATCH(
request: NextRequest,
{ params }: { params: { id: string } }
{ params }: { params: Promise<{ id: string }> }
) {
try {
const { id } = await params
const user = await getSession()
if (!user) {
return NextResponse.json({ error: 'Nicht autorisiert' }, { status: 401 })
@@ -51,7 +53,7 @@ export async function PATCH(
return NextResponse.json({ error: 'Keine Berechtigung' }, { status: 403 })
}
const existingProject = await getProjectWithTenantCheck(params.id, user)
const existingProject = await getProjectWithTenantCheck(id, user)
if (!existingProject) {
return NextResponse.json({ error: 'Projekt nicht gefunden' }, { status: 404 })
}
@@ -67,7 +69,7 @@ export async function PATCH(
}
const project = await (prisma as any).project.update({
where: { id: params.id },
where: { id },
data: validated.data,
})
@@ -80,15 +82,16 @@ export async function PATCH(
export async function DELETE(
request: NextRequest,
{ params }: { params: { id: string } }
{ params }: { params: Promise<{ id: string }> }
) {
try {
const { id } = await params
const user = await getSession()
if (!user) {
return NextResponse.json({ error: 'Nicht autorisiert' }, { status: 401 })
}
const existingProject = await getProjectWithTenantCheck(params.id, user)
const existingProject = await getProjectWithTenantCheck(id, user)
if (!existingProject) {
return NextResponse.json({ error: 'Projekt nicht gefunden' }, { status: 404 })
}
@@ -99,7 +102,7 @@ export async function DELETE(
}
await (prisma as any).project.delete({
where: { id: params.id },
where: { id },
})
return NextResponse.json({ success: true })

9
src/app/api/rapports/[token]/pdf/route.ts
View File

@@ -40,10 +40,11 @@ async function resolveLogoDataUri(rapport: any): Promise<string> {
}
// GET: Generate and serve PDF for a rapport (public, token-based)
export async function GET(req: NextRequest, { params }: { params: { token: string } }) {
export async function GET(req: NextRequest, { params }: { params: Promise<{ token: string }> }) {
try {
const { token } = await params
const rapport = await (prisma as any).rapport.findUnique({
where: { token: params.token },
where: { token },
include: {
tenant: { select: { name: true } },
},
@@ -68,10 +69,10 @@ export async function GET(req: NextRequest, { params }: { params: { token: strin
const { RapportDocument } = await import('@/lib/rapport-pdf')
const buffer = await renderToBuffer(
React.createElement(RapportDocument, { data: pdfData })
React.createElement(RapportDocument, { data: pdfData }) as any
)
return new NextResponse(buffer, {
return new NextResponse(Buffer.from(buffer) as any, {
headers: {
'Content-Type': 'application/pdf',
'Content-Disposition': `inline; filename="Rapport-${rapport.reportNumber}.pdf"`,

5
src/app/api/rapports/[token]/route.ts
View File

@@ -37,10 +37,11 @@ async function resolveLogoForClient(rapport: any): Promise<string> {
}
// GET: Public access to rapport by token (no auth required)
export async function GET(req: NextRequest, { params }: { params: { token: string } }) {
export async function GET(req: NextRequest, { params }: { params: Promise<{ token: string }> }) {
try {
const { token } = await params
const rapport = await (prisma as any).rapport.findUnique({
where: { token: params.token },
where: { token },
include: {
project: { select: { title: true, location: true } },
tenant: { select: { name: true } },

5
src/app/api/rapports/[token]/send/route.ts
View File

@@ -4,8 +4,9 @@ import { getSession } from '@/lib/auth'
import { sendEmail } from '@/lib/email'
// POST: Send rapport link via email
export async function POST(req: NextRequest, { params }: { params: { token: string } }) {
export async function POST(req: NextRequest, { params }: { params: Promise<{ token: string }> }) {
try {
const { token } = await params
const user = await getSession()
if (!user) return NextResponse.json({ error: 'Nicht autorisiert' }, { status: 401 })
@@ -13,7 +14,7 @@ export async function POST(req: NextRequest, { params }: { params: { token: stri
if (!email) return NextResponse.json({ error: 'E-Mail-Adresse erforderlich' }, { status: 400 })
const rapport = await (prisma as any).rapport.findUnique({
where: { token: params.token },
where: { token },
include: {
tenant: { select: { name: true } },
project: { select: { title: true, location: true } },

14
src/app/api/tenants/[tenantId]/suggestions/route.ts
View File

@@ -5,9 +5,10 @@ import { getSession, isAdmin } from '@/lib/auth'
// GET: Fetch journal suggestions for a tenant (global + tenant dictionary merged)
export async function GET(
req: NextRequest,
{ params }: { params: { tenantId: string } }
{ params }: { params: Promise<{ tenantId: string }> }
) {
try {
const { tenantId } = await params
const user = await getSession()
if (!user) return NextResponse.json({ error: 'Nicht autorisiert' }, { status: 401 })
@@ -18,11 +19,11 @@ export async function GET(
select: { word: true },
}).catch(() => []),
(prisma as any).dictionaryEntry.findMany({
where: { scope: 'TENANT', tenantId: params.tenantId },
where: { scope: 'TENANT', tenantId },
select: { word: true },
}).catch(() => []),
(prisma as any).tenant.findUnique({
where: { id: params.tenantId },
where: { id: tenantId },
select: { journalSuggestions: true },
}),
])
@@ -46,16 +47,17 @@ export async function GET(
// PUT: Replace all journal suggestions for a tenant (admin only)
export async function PUT(
req: NextRequest,
{ params }: { params: { tenantId: string } }
{ params }: { params: Promise<{ tenantId: string }> }
) {
try {
const { tenantId } = await params
const user = await getSession()
if (!user || !isAdmin(user.role)) {
return NextResponse.json({ error: 'Nicht autorisiert' }, { status: 403 })
}
// TENANT_ADMIN can only edit their own tenant
if (user.role !== 'SERVER_ADMIN' && user.tenantId !== params.tenantId) {
if (user.role !== 'SERVER_ADMIN' && user.tenantId !== tenantId) {
return NextResponse.json({ error: 'Keine Berechtigung' }, { status: 403 })
}
@@ -65,7 +67,7 @@ export async function PUT(
: []
await (prisma as any).tenant.update({
where: { id: params.tenantId },
where: { id: tenantId },
data: { journalSuggestions: suggestions },
})

5
src/app/api/tenants/by-slug/[slug]/route.ts
View File

@@ -4,11 +4,12 @@ import { prisma } from '@/lib/db'
// Public endpoint: get tenant info by slug (logo, name)
export async function GET(
req: NextRequest,
{ params }: { params: { slug: string } }
{ params }: { params: Promise<{ slug: string }> }
) {
try {
const { slug } = await params
const tenant = await (prisma as any).tenant.findUnique({
where: { slug: params.slug },
where: { slug },
select: {
id: true,
name: true,

11
src/app/api/upgrade-requests/[id]/route.ts
View File

@@ -15,9 +15,10 @@ const processSchema = z.object({
// PATCH: Approve or reject an upgrade request (SERVER_ADMIN only)
export async function PATCH(
req: NextRequest,
{ params }: { params: { id: string } }
{ params }: { params: Promise<{ id: string }> }
) {
try {
const { id } = await params
const user = await getSession()
if (!user || !isServerAdmin(user.role)) {
return NextResponse.json({ error: 'Nicht autorisiert' }, { status: 403 })
@@ -31,7 +32,7 @@ export async function PATCH(
// Get the request
const upgradeReq = await (prisma as any).upgradeRequest.findUnique({
where: { id: params.id },
where: { id },
include: {
tenant: { select: { id: true, name: true, plan: true, contactEmail: true } },
requestedBy: { select: { name: true, email: true } },
@@ -71,7 +72,7 @@ export async function PATCH(
// Update request status
await (prisma as any).upgradeRequest.update({
where: { id: params.id },
where: { id },
data: {
status: 'APPROVED',
adminNote: validated.data.adminNote || null,
@@ -127,7 +128,7 @@ export async function PATCH(
} else {
// Reject
await (prisma as any).upgradeRequest.update({
where: { id: params.id },
where: { id },
data: {
status: 'REJECTED',
adminNote: validated.data.adminNote || null,
@@ -170,7 +171,7 @@ export async function PATCH(
// Return updated request
const updated = await (prisma as any).upgradeRequest.findUnique({
where: { id: params.id },
where: { id },
include: {
tenant: { select: { name: true, slug: true, plan: true, subscriptionStatus: true } },
requestedBy: { select: { name: true, email: true } },

298
src/app/app/page.tsx
View File

@@ -19,7 +19,7 @@ import { Button } from '@/components/ui/button'
import { Dialog, DialogContent, DialogHeader, DialogTitle } from '@/components/ui/dialog'
import { JournalView } from '@/components/journal/journal-view'
import { jsPDF } from 'jspdf'
import { Lock, Unlock, Eye } from 'lucide-react'
import { Lock, Unlock, Eye, AlertTriangle } from 'lucide-react'
import { getSocket } from '@/lib/socket'
import { CustomDragLayer } from '@/components/map/custom-drag-layer'
@@ -102,88 +102,217 @@ export default function AppPage() {
sessionIdRef.current = `${Date.now()}-${Math.random().toString(36).slice(2, 10)}`
}
// Capture map screenshot when switching to journal tab (including HTML symbol markers)
// Capture map screenshot when switching to journal tab (coordinate-based rendering)
const handleTabChange = useCallback(async (tab: 'map' | 'journal') => {
if (tab === 'journal' && mapRef.current) {
try {
const mapCanvas = mapRef.current.getCanvas()
if (mapCanvas) {
const mapInstance = mapRef.current
const mapCanvas = mapInstance.getCanvas() as HTMLCanvasElement
if (mapCanvas && mapCanvas.width > 0) {
const offscreen = document.createElement('canvas')
offscreen.width = mapCanvas.width
offscreen.height = mapCanvas.height
const ctx = offscreen.getContext('2d')
if (ctx) {
ctx.drawImage(mapCanvas, 0, 0)
const dpr = window.devicePixelRatio || 1
const mapContainer = mapRef.current.getContainer()
const mapRect = mapContainer.getBoundingClientRect()
// Collect all symbol images and preload them (async for URL-based images)
const symbolEntries: { img: HTMLImageElement; x: number; y: number; w: number; h: number; rotation: number }[] = []
const loadPromises: Promise<void>[] = []
const container = mapInstance.getContainer()
const dpr = mapCanvas.width / container.offsetWidth
const currentZoom = mapInstance.getZoom()
const currentFeatures = featuresRef.current
document.querySelectorAll<HTMLElement>('.symbol-marker-wrapper').forEach(wrapper => {
const rect = wrapper.getBoundingClientRect()
const inner = wrapper.querySelector<HTMLElement>('.symbol-marker')
if (!inner) return
const bgImage = inner.style.backgroundImage
const urlMatch = bgImage.match(/url\("?(.+?)"?\)/)
if (!urlMatch) return
const imgSrc = urlMatch[1]
// Helper: haversine distance
const haversine = (a: number[], b: number[]): number => {
const R = 6371000, toRad = Math.PI / 180
const dLat = (b[1] - a[1]) * toRad, dLng = (b[0] - a[0]) * toRad
const x = Math.sin(dLat / 2) ** 2 + Math.cos(a[1] * toRad) * Math.cos(b[1] * toRad) * Math.sin(dLng / 2) ** 2
return R * 2 * Math.atan2(Math.sqrt(x), Math.sqrt(1 - x))
}
// Helper: load image as promise
const loadImage = (src: string): Promise<HTMLImageElement> => new Promise((resolve, reject) => {
const img = new Image()
img.crossOrigin = 'anonymous'
img.src = imgSrc
const entry = {
img,
x: (rect.left - mapRect.left) * dpr,
y: (rect.top - mapRect.top) * dpr,
w: rect.width * dpr,
h: rect.height * dpr,
rotation: parseFloat(inner.style.transform?.match(/rotate\((.+?)deg\)/)?.[1] || '0'),
}
symbolEntries.push(entry)
if (!img.complete) {
loadPromises.push(new Promise<void>((resolve) => {
img.onload = () => resolve()
img.onerror = () => resolve()
}))
}
img.onload = () => resolve(img)
img.onerror = reject
img.src = src
})
// Wait for all symbol images to load (max 3s timeout)
if (loadPromises.length > 0) {
await Promise.race([
Promise.all(loadPromises),
new Promise(r => setTimeout(r, 3000)),
])
}
// 1. Draw symbol features (coordinate-based)
for (const f of currentFeatures.filter(f => f.type === 'symbol')) {
if (f.geometry.type !== 'Point') continue
const coords = f.geometry.coordinates as [number, number]
const pixel = mapInstance.project(coords)
const px = pixel.x * dpr
const py = pixel.y * dpr
const scale = (f.properties.scale as number) || 1
const rotation = (f.properties.rotation as number) || 0
const baseSize = 32
const placementZoom = (f.properties.placementZoom as number) || 17
const zoomFactor = Math.pow(2, currentZoom - placementZoom)
const size = Math.max(8, Math.min(400, baseSize * scale * zoomFactor)) * dpr
// Draw all symbol markers
symbolEntries.forEach(({ img, x, y, w, h, rotation }) => {
if (img.complete && img.naturalWidth > 0) {
const iconId = f.properties.iconId as string
const imageUrl = f.properties.imageUrl as string
let imgSrc = imageUrl || ''
if (!imgSrc && iconId) {
const { getSymbolById, getSymbolDataUri } = await import('@/lib/fw-symbols')
const sym = getSymbolById(iconId)
if (sym) imgSrc = getSymbolDataUri(sym)
}
if (imgSrc) {
try {
const img = await loadImage(imgSrc)
const imgAspect = img.naturalWidth / img.naturalHeight
let drawW = size, drawH = size
if (imgAspect > 1) drawH = size / imgAspect
else drawW = size * imgAspect
ctx.save()
ctx.translate(x + w / 2, y + h / 2)
if (rotation) ctx.rotate((rotation * Math.PI) / 180)
ctx.drawImage(img, -w / 2, -h / 2, w, h)
ctx.translate(px, py)
ctx.rotate((rotation * Math.PI) / 180)
ctx.drawImage(img, -drawW / 2, -drawH / 2, drawW, drawH)
ctx.restore()
} catch {}
}
}
})
// Draw text markers
document.querySelectorAll<HTMLElement>('.text-marker').forEach(el => {
const rect = el.getBoundingClientRect()
const x = (rect.left - mapRect.left) * dpr
const y = (rect.top - mapRect.top) * dpr
const text = el.textContent || ''
const fontSize = parseFloat(el.style.fontSize || '14') * dpr
const color = el.style.color || '#000'
// 2. Draw arrowheads for arrow features
for (const f of currentFeatures.filter(f => f.type === 'arrow')) {
if (f.geometry.type !== 'LineString') continue
const lineCoords = f.geometry.coordinates as number[][]
if (lineCoords.length < 2) continue
const p1 = lineCoords[lineCoords.length - 2]
const p2 = lineCoords[lineCoords.length - 1]
const px1 = mapInstance.project(p1 as [number, number])
const px2 = mapInstance.project(p2 as [number, number])
const angle = Math.atan2(px2.y - px1.y, px2.x - px1.x)
const color = (f.properties.color as string) || '#000000'
const arrowSize = 14 * dpr
ctx.save()
ctx.font = `bold ${fontSize}px sans-serif`
ctx.translate(px2.x * dpr, px2.y * dpr)
ctx.rotate(angle + Math.PI / 2)
ctx.beginPath()
ctx.moveTo(0, -arrowSize)
ctx.lineTo(-arrowSize * 0.7, arrowSize * 0.3)
ctx.lineTo(arrowSize * 0.7, arrowSize * 0.3)
ctx.closePath()
ctx.fillStyle = color
ctx.textBaseline = 'top'
ctx.fillText(text, x, y)
ctx.fill()
ctx.restore()
})
}
// 3. Draw line/polygon labels at midpoints
for (const f of currentFeatures.filter(f => f.properties.label && (f.geometry.type === 'LineString' || f.geometry.type === 'Polygon'))) {
const label = f.properties.label as string
let midpoint: [number, number]
if (f.geometry.type === 'LineString') {
const coords = f.geometry.coordinates as number[][]
const midIdx = Math.floor(coords.length / 2)
if (coords.length === 2) {
midpoint = [(coords[0][0] + coords[1][0]) / 2, (coords[0][1] + coords[1][1]) / 2]
} else {
midpoint = coords[midIdx] as [number, number]
}
} else {
const ring = (f.geometry.coordinates as number[][][])[0]
const len = ring.length - 1
let cx = 0, cy = 0
for (let i = 0; i < len; i++) { cx += ring[i][0]; cy += ring[i][1] }
midpoint = [cx / len, cy / len]
}
const pixel = mapInstance.project(midpoint)
const px = pixel.x * dpr
const py = pixel.y * dpr
const isDanger = f.type === 'dangerzone'
const bgColor = isDanger ? 'rgba(220,38,38,0.85)' : 'rgba(0,0,0,0.75)'
const borderColor = isDanger ? '#dc2626' : 'rgba(255,255,255,0.5)'
// Build label text with line info
let displayText = label
let infoText = ''
if (f.geometry.type === 'LineString') {
const lineCoords = f.geometry.coordinates as number[][]
let totalLen = 0
for (let i = 1; i < lineCoords.length; i++) {
totalLen += haversine(lineCoords[i - 1], lineCoords[i])
}
const hoseCount = Math.ceil(totalLen / 20)
const lenText = totalLen < 1000 ? `${Math.round(totalLen)}m` : `${(totalLen / 1000).toFixed(2)}km`
infoText = `${lenText} / ${hoseCount} Schl.`
}
const fontSize1 = 11 * dpr
const fontSize2 = 8 * dpr
const padX = 6 * dpr
const padY = 3 * dpr
ctx.save()
ctx.font = `bold ${fontSize1}px system-ui, sans-serif`
const w1 = ctx.measureText(displayText).width
let w2 = 0
if (infoText) {
ctx.font = `${fontSize2}px system-ui, sans-serif`
w2 = ctx.measureText(infoText).width
}
const boxW = Math.max(w1, w2) + padX * 2
const boxH = fontSize1 + (infoText ? fontSize2 + 2 * dpr : 0) + padY * 2
const radius = 3 * dpr
// Background
ctx.fillStyle = bgColor
ctx.beginPath()
ctx.roundRect(px - boxW / 2, py - boxH / 2, boxW, boxH, radius)
ctx.fill()
// Border
ctx.strokeStyle = borderColor
ctx.lineWidth = 1 * dpr
ctx.beginPath()
ctx.roundRect(px - boxW / 2, py - boxH / 2, boxW, boxH, radius)
ctx.stroke()
// Label text
ctx.fillStyle = '#ffffff'
ctx.font = `bold ${fontSize1}px system-ui, sans-serif`
ctx.textAlign = 'center'
ctx.textBaseline = 'middle'
const textY = infoText ? py - fontSize2 / 2 : py
ctx.fillText(displayText, px, textY)
// Info text
if (infoText) {
ctx.font = `${fontSize2}px system-ui, sans-serif`
ctx.globalAlpha = 0.8
ctx.fillText(infoText, px, py + fontSize1 / 2 + 1 * dpr)
ctx.globalAlpha = 1
}
ctx.restore()
}
// 4. Draw text features
for (const f of currentFeatures.filter(f => f.type === 'text')) {
if (f.geometry.type !== 'Point') continue
const coords = f.geometry.coordinates as [number, number]
const pixel = mapInstance.project(coords)
const px = pixel.x * dpr
const py = pixel.y * dpr
const text = (f.properties.text as string) || ''
const fontSize = ((f.properties.fontSize as number) || 14) * dpr
const color = (f.properties.color as string) || '#000000'
ctx.save()
ctx.font = `bold ${fontSize}px system-ui, sans-serif`
ctx.textAlign = 'center'
ctx.textBaseline = 'middle'
ctx.strokeStyle = '#ffffff'
ctx.lineWidth = 3 * dpr
ctx.lineJoin = 'round'
ctx.strokeText(text, px, py)
ctx.fillStyle = color
ctx.fillText(text, px, py)
ctx.restore()
}
setLastMapScreenshot(offscreen.toDataURL('image/png'))
} else {
setLastMapScreenshot(mapCanvas.toDataURL('image/png'))
@@ -1001,6 +1130,32 @@ export default function AppPage() {
}
}
// Draw arrowheads for arrow features
for (const f of currentFeatures.filter(f => f.type === 'arrow')) {
if (f.geometry.type !== 'LineString') continue
const lineCoords = f.geometry.coordinates as number[][]
if (lineCoords.length < 2) continue
const p1 = lineCoords[lineCoords.length - 2]
const p2 = lineCoords[lineCoords.length - 1]
const px1 = mapInstance.project(p1 as [number, number])
const px2 = mapInstance.project(p2 as [number, number])
const angle = Math.atan2(px2.y - px1.y, px2.x - px1.x)
const color = (f.properties.color as string) || '#000000'
const arrowSize = 14 * dpr
ctx.save()
ctx.translate(px2.x * dpr, px2.y * dpr)
ctx.rotate(angle + Math.PI / 2)
ctx.beginPath()
ctx.moveTo(0, -arrowSize)
ctx.lineTo(-arrowSize * 0.7, arrowSize * 0.3)
ctx.lineTo(arrowSize * 0.7, arrowSize * 0.3)
ctx.closePath()
ctx.fillStyle = color
ctx.fill()
ctx.restore()
}
// Draw line/polygon label markers at midpoints
for (const f of currentFeatures.filter(f => f.properties.label && (f.geometry.type === 'LineString' || f.geometry.type === 'Polygon'))) {
const label = f.properties.label as string
@@ -1234,6 +1389,29 @@ export default function AppPage() {
onLogout={logout}
/>
{/* Email verification banner */}
{user && user.emailVerified === false && (
<div className="flex items-center justify-center gap-3 px-4 py-2 bg-amber-50 dark:bg-amber-950/40 border-b border-amber-200 dark:border-amber-800 text-sm text-amber-800 dark:text-amber-300">
<AlertTriangle className="w-4 h-4 shrink-0" />
<span>Ihre E-Mail-Adresse wurde noch nicht bestätigt. Bitte prüfen Sie Ihren Posteingang.</span>
<button
onClick={async () => {
try {
const res = await fetch('/api/auth/resend-verification', {
method: 'POST',
headers: { 'Content-Type': 'application/json' },
body: JSON.stringify({ email: user.email }),
})
if (res.ok) toast({ title: 'Bestätigungsmail gesendet', description: 'Bitte prüfen Sie Ihren Posteingang.' })
else toast({ title: 'Fehler', description: 'Konnte Bestätigungsmail nicht senden.', variant: 'destructive' })
} catch { toast({ title: 'Fehler', description: 'Verbindungsfehler.', variant: 'destructive' }) }
}}
className="shrink-0 text-xs font-semibold underline hover:no-underline text-amber-700 dark:text-amber-400"
>
Erneut senden
</button>
</div>
)}
{/* Live editing banner */}
{currentProject && (

29
src/app/login/page.tsx
View File

@@ -23,6 +23,8 @@ function LoginForm() {
const [email, setEmail] = useState('')
const [password, setPassword] = useState('')
const [isLoading, setIsLoading] = useState(false)
const [resendLoading, setResendLoading] = useState(false)
const [resendSuccess, setResendSuccess] = useState(false)
const [tenantLogo, setTenantLogo] = useState<string | null>(null)
const [tenantName, setTenantName] = useState<string | null>(null)
const { login } = useAuth()
@@ -110,7 +112,32 @@ function LoginForm() {
)}
{errorParam === 'invalid-token' && (
<div className="bg-red-50 dark:bg-red-950/30 border border-red-200 dark:border-red-800 rounded-lg p-3 mb-4 text-sm text-red-700 dark:text-red-400 text-center">
Ungültiger oder abgelaufener Bestätigungslink.
<p>Ungültiger oder abgelaufener Bestätigungslink.</p>
<p className="mt-1 text-xs">Geben Sie Ihre E-Mail ein und klicken Sie unten, um einen neuen Link zu erhalten.</p>
{resendSuccess ? (
<p className="mt-2 text-green-600 dark:text-green-400 font-medium">Neue Bestätigungsmail gesendet!</p>
) : (
<button
type="button"
disabled={resendLoading || !email}
onClick={async () => {
setResendLoading(true)
try {
const res = await fetch('/api/auth/resend-verification', {
method: 'POST',
headers: { 'Content-Type': 'application/json' },
body: JSON.stringify({ email }),
})
if (res.ok) setResendSuccess(true)
else toast({ title: 'Fehler', description: 'Konnte Bestätigungsmail nicht senden.', variant: 'destructive' })
} catch { toast({ title: 'Fehler', description: 'Verbindungsfehler.', variant: 'destructive' }) }
setResendLoading(false)
}}
className="mt-2 text-xs font-medium text-red-600 dark:text-red-400 underline hover:no-underline disabled:opacity-50"
>
{resendLoading ? 'Wird gesendet...' : 'Bestätigungsmail erneut senden'}
</button>
)}
</div>
)}

13
src/app/rapport/[token]/page.tsx
View File

@@ -1,6 +1,6 @@
'use client'
import { useState, useEffect } from 'react'
import { useState, useEffect, use } from 'react'
import { Loader2, FileText, Download, Printer, MapPin, Send, CheckCircle, XCircle } from 'lucide-react'
interface RapportViewData {
@@ -13,7 +13,8 @@ interface RapportViewData {
createdBy: { name: string } | null
}
export default function RapportViewerPage({ params }: { params: { token: string } }) {
export default function RapportViewerPage({ params }: { params: Promise<{ token: string }> }) {
const { token } = use(params)
const [rapport, setRapport] = useState<RapportViewData | null>(null)
const [isLoading, setIsLoading] = useState(true)
const [error, setError] = useState('')
@@ -25,7 +26,7 @@ export default function RapportViewerPage({ params }: { params: { token: string
useEffect(() => {
async function load() {
try {
const res = await fetch(`/api/rapports/${params.token}`)
const res = await fetch(`/api/rapports/${token}`)
if (res.ok) {
setRapport(await res.json())
} else {
@@ -38,7 +39,7 @@ export default function RapportViewerPage({ params }: { params: { token: string
}
}
load()
}, [params.token])
}, [token])
if (isLoading) {
return (
@@ -64,7 +65,7 @@ export default function RapportViewerPage({ params }: { params: { token: string
}
const d = rapport.data
const pdfUrl = `/api/rapports/${params.token}/pdf`
const pdfUrl = `/api/rapports/${token}/pdf`
return (
<div className="min-h-screen bg-gray-100 py-8">
@@ -119,7 +120,7 @@ export default function RapportViewerPage({ params }: { params: { token: string
setEmailSending(true)
setEmailStatus(null)
try {
const res = await fetch(`/api/rapports/${params.token}/send`, {
const res = await fetch(`/api/rapports/${token}/send`, {
method: 'POST',
headers: { 'Content-Type': 'application/json' },
body: JSON.stringify({ email: emailTo }),

12
src/components/journal/journal-view.tsx
View File

@@ -1030,8 +1030,8 @@ export function JournalView({ projectId, projectTitle, projectLocation, einsatzl
if (mapRef?.current) {
const canvas = mapRef.current.getCanvas()
if (canvas) {
// Resize to max 1600px wide and convert to JPEG
const maxW = 1600
// Resize to max 2400px wide and convert to JPEG
const maxW = 2400
const ratio = Math.min(1, maxW / canvas.width)
const offscreen = document.createElement('canvas')
offscreen.width = Math.round(canvas.width * ratio)
@@ -1039,18 +1039,18 @@ export function JournalView({ projectId, projectTitle, projectLocation, einsatzl
const ctx = offscreen.getContext('2d')
if (ctx) {
ctx.drawImage(canvas, 0, 0, offscreen.width, offscreen.height)
mapScreenshot = offscreen.toDataURL('image/jpeg', 0.75)
mapScreenshot = offscreen.toDataURL('image/jpeg', 0.85)
}
}
}
} catch (e) { console.warn('Map screenshot failed:', e) }
} else if (rawScreenshot.length > 500000) {
} else if (rawScreenshot.length > 800000) {
// Compress pre-captured screenshot if too large
try {
const img = new Image()
img.src = rawScreenshot
await new Promise(r => { img.onload = r; img.onerror = r })
const maxW = 1600
const maxW = 2400
const ratio = Math.min(1, maxW / img.naturalWidth)
const offscreen = document.createElement('canvas')
offscreen.width = Math.round(img.naturalWidth * ratio)
@@ -1058,7 +1058,7 @@ export function JournalView({ projectId, projectTitle, projectLocation, einsatzl
const ctx = offscreen.getContext('2d')
if (ctx) {
ctx.drawImage(img, 0, 0, offscreen.width, offscreen.height)
mapScreenshot = offscreen.toDataURL('image/jpeg', 0.75)
mapScreenshot = offscreen.toDataURL('image/jpeg', 0.85)
}
} catch { mapScreenshot = rawScreenshot }
} else {

87
src/components/layout/topbar.tsx
View File

@@ -38,6 +38,7 @@ import {
Key,
Shield,
Building2,
MapPin,
} from 'lucide-react'
import { HoseSettingsDialog } from '@/components/dialogs/hose-settings-dialog'
import type { Project, DrawFeature } from '@/app/app/page'
@@ -90,6 +91,10 @@ export function Topbar({
const [isLoadDialogOpen, setIsLoadDialogOpen] = useState(false)
const [isHoseSettingsOpen, setIsHoseSettingsOpen] = useState(false)
const [showPasswordDialog, setShowPasswordDialog] = useState(false)
const [showDeleteAccountDialog, setShowDeleteAccountDialog] = useState(false)
const [deleteAccountPw, setDeleteAccountPw] = useState('')
const [deleteAccountLoading, setDeleteAccountLoading] = useState(false)
const [deleteAccountError, setDeleteAccountError] = useState('')
const [pwOld, setPwOld] = useState('')
const [pwNew, setPwNew] = useState('')
const [pwConfirm, setPwConfirm] = useState('')
@@ -289,6 +294,13 @@ export function Topbar({
Administration
</DropdownMenuItem>
)}
<DropdownMenuItem
onClick={() => { setShowDeleteAccountDialog(true); setDeleteAccountPw(''); setDeleteAccountError('') }}
className="text-destructive focus:text-destructive"
>
<Trash2 className="w-4 h-4 mr-2" />
Konto löschen
</DropdownMenuItem>
<DropdownMenuItem onClick={onLogout} className="text-destructive focus:text-destructive">
<LogOut className="w-4 h-4 mr-2" />
Abmelden
@@ -538,6 +550,81 @@ export function Topbar({
</div>
</DialogContent>
</Dialog>
{/* Delete Account Dialog */}
<Dialog open={showDeleteAccountDialog} onOpenChange={setShowDeleteAccountDialog}>
<DialogContent className="max-w-sm">
<DialogHeader>
<DialogTitle className="flex items-center gap-2 text-destructive">
<AlertTriangle className="w-5 h-5" />
Konto löschen
</DialogTitle>
</DialogHeader>
<div className="space-y-4">
<p className="text-sm text-muted-foreground">
Ihr Konto wird unwiderruflich gelöscht. Ihre Projekte und Daten bleiben der Organisation erhalten,
aber Ihr persönlicher Zugang wird entfernt.
</p>
{userRole === 'TENANT_ADMIN' && (
<div className="bg-amber-50 dark:bg-amber-950/30 rounded-lg p-3 text-xs text-amber-800 dark:text-amber-300 border border-amber-200 dark:border-amber-800">
<strong>Hinweis:</strong> Als einziger Administrator müssen Sie zuerst die Organisation unter Einstellungen löschen oder die Admin-Rolle übertragen.
</div>
)}
<div className="space-y-1.5">
<label className="text-sm font-medium">Passwort zur Bestätigung</label>
<input
type="password"
value={deleteAccountPw}
onChange={(e) => { setDeleteAccountPw(e.target.value); setDeleteAccountError('') }}
placeholder="Ihr Passwort"
className="w-full rounded-md border border-input bg-background px-3 py-2 text-sm"
autoComplete="current-password"
/>
</div>
{deleteAccountError && (
<p className="text-sm text-destructive">{deleteAccountError}</p>
)}
<div className="flex gap-2 justify-end">
<Button
variant="outline"
size="sm"
onClick={() => setShowDeleteAccountDialog(false)}
disabled={deleteAccountLoading}
>
Abbrechen
</Button>
<Button
variant="destructive"
size="sm"
disabled={deleteAccountLoading || !deleteAccountPw}
onClick={async () => {
setDeleteAccountLoading(true)
setDeleteAccountError('')
try {
const res = await fetch('/api/auth/delete-account', {
method: 'POST',
headers: { 'Content-Type': 'application/json' },
body: JSON.stringify({ password: deleteAccountPw }),
})
const data = await res.json()
if (res.ok) {
window.location.href = '/'
} else {
setDeleteAccountError(data.error || 'Löschung fehlgeschlagen')
}
} catch {
setDeleteAccountError('Verbindungsfehler')
} finally {
setDeleteAccountLoading(false)
}
}}
>
{deleteAccountLoading ? 'Wird gelöscht...' : 'Konto endgültig löschen'}
</Button>
</div>
</div>
</DialogContent>
</Dialog>
</header>
)
}

15
src/components/map/map-view.tsx
View File

@@ -718,6 +718,9 @@ export function MapView({
if (!m) return
setIsMapLoaded(true)
// Guard: skip if sources already exist (React strict mode double-mount)
if (m.getSource('draw-features')) return
// Drawing features source
m.addSource('draw-features', {
type: 'geojson',
@@ -1374,12 +1377,12 @@ export function MapView({
const lineCoords = f.geometry.coordinates as number[][]
if (lineCoords.length < 2) return
// Get last two points to calculate arrow direction
// Get last two points to calculate arrow direction using screen-projected coords
const p1 = lineCoords[lineCoords.length - 2]
const p2 = lineCoords[lineCoords.length - 1]
const angle = Math.atan2(p2[1] - p1[1], p2[0] - p1[0]) * (180 / Math.PI)
// MapLibre uses screen coords where Y is inverted, so negate the angle
const screenAngle = -angle + 90
const px1 = map.current.project(p1 as [number, number])
const px2 = map.current.project(p2 as [number, number])
const screenAngle = Math.atan2(px2.y - px1.y, px2.x - px1.x) * (180 / Math.PI) + 90
const color = (f.properties.color as string) || '#000000'
const arrowEl = document.createElement('div')
@@ -2028,14 +2031,14 @@ export function MapView({
const startW = selectedSymbolRef.current.resizeStartWidth || 1
const startScale = selectedSymbolRef.current.resizeStartScale || 1
const ratio = width / startW
selectedSymbolRef.current.scale = Math.max(0.5, Math.min(5, startScale * ratio))
selectedSymbolRef.current.scale = Math.max(0.2, Math.min(10, startScale * ratio))
selectedSymbolRef.current.innerEl.style.fontSize = `${baseFontSize * selectedSymbolRef.current.scale}px`
} else {
// For symbols: resize wrapper
selectedSymbolRef.current.wrapperEl.style.width = `${width}px`
selectedSymbolRef.current.wrapperEl.style.height = `${height}px`
const baseSize = 32
selectedSymbolRef.current.scale = Math.max(0.3, Math.min(4, width / baseSize))
selectedSymbolRef.current.scale = Math.max(0.1, Math.min(10, width / baseSize))
}
}
}}

1
src/components/providers/auth-provider.tsx
View File

@@ -9,6 +9,7 @@ export interface User {
role: 'SERVER_ADMIN' | 'TENANT_ADMIN' | 'OPERATOR' | 'VIEWER'
tenantId?: string
tenantSlug?: string
emailVerified?: boolean
}
export interface TenantInfo {

8
src/lib/auth.ts
View File

@@ -18,6 +18,7 @@ export interface UserPayload {
role: 'SERVER_ADMIN' | 'TENANT_ADMIN' | 'OPERATOR' | 'VIEWER'
tenantId?: string
tenantSlug?: string
emailVerified?: boolean
}
export async function createToken(user: UserPayload): Promise<string> {
@@ -71,10 +72,8 @@ export async function login(
return { success: false, error: 'Ungültiges Passwort' }
}
// Check email verification (skip for SERVER_ADMIN and users created before verification was added)
if ((user as any).emailVerified === false && (user.role as string) !== 'SERVER_ADMIN') {
return { success: false, error: 'Bitte bestätigen Sie zuerst Ihre E-Mail-Adresse. Prüfen Sie Ihren Posteingang.' }
}
// Track email verification status (allow login regardless)
const emailVerified = (user as any).emailVerified !== false
// Get first tenant membership for non-server-admins
let tenantId: string | undefined
@@ -102,6 +101,7 @@ export async function login(
role: (user.role === 'ADMIN' ? 'SERVER_ADMIN' : user.role) as UserPayload['role'],
tenantId,
tenantSlug,
emailVerified,
}
return { success: true, user: userPayload }

2
src/lib/rapport-pdf.tsx
View File

@@ -4,7 +4,7 @@ import { Document, Page, Text, View, StyleSheet, Font, Image } from '@react-pdf/
// Register default font (Helvetica is built-in)
const styles = StyleSheet.create({
page: {
padding: '12mm 15mm 15mm',
padding: '12mm 15mm 32mm',
fontFamily: 'Helvetica',
fontSize: 10,
lineHeight: 1.4,