matthias/dashboard
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

update

Browse Source
This commit is contained in:
Matthias Hochmeister
2026-03-16 15:01:09 +01:00
parent 3c72fe627f
commit f3ad989a9e
28 changed files with 794 additions and 52 deletions
Download Patch File Download Diff File Expand all files Collapse all files

44
backend/src/controllers/atemschutz.controller.ts
View File

@@ -1,5 +1,6 @@
import { Request, Response } from 'express';
import atemschutzService from '../services/atemschutz.service';
import notificationService from '../services/notification.service';
import { CreateAtemschutzSchema, UpdateAtemschutzSchema } from '../models/atemschutz.model';
import logger from '../utils/logger';
@@ -159,6 +160,49 @@ class AtemschutzController {
}
}
async getExpiring(req: Request, res: Response): Promise<void> {
try {
const expiring = await atemschutzService.getExpiringCertifications(30);
// Side-effect: create notifications for expiring certifications (dedup via DB constraint)
for (const item of expiring) {
if (item.untersuchung_status !== 'ok') {
await notificationService.createNotification({
user_id: item.user_id,
typ: 'atemschutz_expiry',
titel: item.untersuchung_status === 'abgelaufen'
? 'G26 Untersuchung abgelaufen'
: 'G26 Untersuchung läuft bald ab',
nachricht: `Ihre G26 Untersuchung ${item.untersuchung_status === 'abgelaufen' ? 'ist abgelaufen' : 'läuft bald ab'}.`,
schwere: item.untersuchung_status === 'abgelaufen' ? 'fehler' : 'warnung',
quell_typ: 'atemschutz_untersuchung',
quell_id: item.id,
link: '/atemschutz',
});
}
if (item.leistungstest_status !== 'ok') {
await notificationService.createNotification({
user_id: item.user_id,
typ: 'atemschutz_expiry',
titel: item.leistungstest_status === 'abgelaufen'
? 'Leistungstest abgelaufen'
: 'Leistungstest läuft bald ab',
nachricht: `Ihr Leistungstest ${item.leistungstest_status === 'abgelaufen' ? 'ist abgelaufen' : 'läuft bald ab'}.`,
schwere: item.leistungstest_status === 'abgelaufen' ? 'fehler' : 'warnung',
quell_typ: 'atemschutz_leistungstest',
quell_id: item.id,
link: '/atemschutz',
});
}
}
res.status(200).json({ success: true, data: expiring });
} catch (error) {
logger.error('Atemschutz getExpiring error', { error });
res.status(500).json({ success: false, message: 'Ablaufende Zertifizierungen konnten nicht geladen werden' });
}
}
async delete(req: Request, res: Response): Promise<void> {
try {
const { id } = req.params as Record<string, string>;

14
backend/src/controllers/booking.controller.ts
View File

@@ -1,6 +1,7 @@
import { Request, Response } from 'express';
import { ZodError } from 'zod';
import bookingService from '../services/booking.service';
import vehicleService from '../services/vehicle.service';
import {
CreateBuchungSchema,
UpdateBuchungSchema,
@@ -52,12 +53,13 @@ class BookingController {
res.status(400).json({ success: false, message: 'from und to sind erforderlich' });
return;
}
const bookings = await bookingService.getBookingsByRange(
new Date(from as string),
new Date(to as string),
fahrzeugId as string | undefined
);
res.json({ success: true, data: bookings });
const fromDate = new Date(from as string);
const toDate = new Date(to as string);
const [bookings, maintenanceWindows] = await Promise.all([
bookingService.getBookingsByRange(fromDate, toDate, fahrzeugId as string | undefined),
vehicleService.getMaintenanceWindows(fromDate, toDate),
]);
res.json({ success: true, data: { bookings, maintenanceWindows } });
} catch (error) {
logger.error('Booking getCalendarRange error', { error });
res.status(500).json({ success: false, message: 'Buchungen konnten nicht geladen werden' });

33
backend/src/controllers/events.controller.ts
View File

@@ -118,6 +118,39 @@ class EventsController {
}
};
// -------------------------------------------------------------------------
// GET /api/events/conflicts?from=<ISO>&to=<ISO>&excludeId=<uuid>
// -------------------------------------------------------------------------
checkConflicts = async (req: Request, res: Response): Promise<void> => {
try {
const fromStr = req.query.from as string | undefined;
const toStr = req.query.to as string | undefined;
const excludeId = req.query.excludeId as string | undefined;
if (!fromStr || !toStr) {
res.status(400).json({
success: false,
message: 'Query-Parameter "from" und "to" sind erforderlich (ISO-8601)',
});
return;
}
const from = new Date(fromStr);
const to = new Date(toStr);
if (isNaN(from.getTime()) || isNaN(to.getTime())) {
res.status(400).json({ success: false, message: 'Ungültiges Datumsformat' });
return;
}
const data = await eventsService.checkConflicts(from, to, excludeId);
res.json({ success: true, data });
} catch (error) {
logger.error('checkConflicts error', { error });
res.status(500).json({ success: false, message: 'Fehler bei der Konfliktprüfung' });
}
};
// -------------------------------------------------------------------------
// GET /api/events/calendar?from=<ISO>&to=<ISO>
// -------------------------------------------------------------------------

65
backend/src/controllers/serviceMonitor.controller.ts
View File

@@ -21,8 +21,37 @@ const broadcastSchema = z.object({
nachricht: z.string().min(1).max(2000),
schwere: z.enum(['info', 'warnung', 'fehler']).default('info'),
targetGroup: z.string().optional(),
targetDienstgrad: z.array(z.string()).optional(),
});
const broadcastFilterSchema = z.object({
targetGroup: z.string().optional(),
targetDienstgrad: z.array(z.string()).optional(),
});
function buildFilteredUserQuery(filters: { targetGroup?: string; targetDienstgrad?: string[] }): { text: string; values: unknown[] } {
const conditions: string[] = ['u.is_active = TRUE'];
const values: unknown[] = [];
let paramIndex = 1;
if (filters.targetGroup) {
conditions.push(`$${paramIndex} = ANY(u.authentik_groups)`);
values.push(filters.targetGroup);
paramIndex++;
}
if (filters.targetDienstgrad && filters.targetDienstgrad.length > 0) {
conditions.push(`mp.dienstgrad = ANY($${paramIndex})`);
values.push(filters.targetDienstgrad);
paramIndex++;
}
const needsJoin = filters.targetDienstgrad && filters.targetDienstgrad.length > 0;
const text = `SELECT DISTINCT u.id FROM users u${needsJoin ? ' LEFT JOIN member_profiles mp ON mp.user_id = u.id' : ''} WHERE ${conditions.join(' AND ')}`;
return { text, values };
}
class ServiceMonitorController {
async getAll(_req: Request, res: Response): Promise<void> {
try {
@@ -160,21 +189,11 @@ class ServiceMonitorController {
async broadcastNotification(req: Request, res: Response): Promise<void> {
try {
const { titel, nachricht, schwere, targetGroup } = broadcastSchema.parse(req.body);
const { titel, nachricht, schwere, targetGroup, targetDienstgrad } = broadcastSchema.parse(req.body);
let users;
if (targetGroup) {
const result = await pool.query(
`SELECT id FROM users WHERE is_active = TRUE AND $1 = ANY(authentik_groups)`,
[targetGroup]
);
users = result.rows;
} else {
const result = await pool.query(
`SELECT id FROM users WHERE is_active = TRUE`
);
users = result.rows;
}
const query = buildFilteredUserQuery({ targetGroup, targetDienstgrad });
const result = await pool.query(query.text, query.values);
const users = result.rows;
let sent = 0;
for (const user of users) {
@@ -198,6 +217,24 @@ class ServiceMonitorController {
res.status(500).json({ success: false, message: 'Failed to broadcast notification' });
}
}
async broadcastPreview(req: Request, res: Response): Promise<void> {
try {
const { targetGroup, targetDienstgrad } = broadcastFilterSchema.parse(req.body);
const query = buildFilteredUserQuery({ targetGroup, targetDienstgrad });
const result = await pool.query(query.text, query.values);
res.json({ success: true, data: { count: result.rows.length } });
} catch (error) {
if (error instanceof z.ZodError) {
res.status(400).json({ success: false, message: 'Invalid input', errors: error.issues });
return;
}
logger.error('Failed to preview broadcast', { error });
res.status(500).json({ success: false, message: 'Failed to preview broadcast' });
}
}
}
export default new ServiceMonitorController();

64
backend/src/controllers/vehicle.controller.ts
View File

@@ -1,6 +1,7 @@
import { Request, Response } from 'express';
import { z } from 'zod';
import vehicleService from '../services/vehicle.service';
import equipmentService from '../services/equipment.service';
import { FahrzeugStatus } from '../models/vehicle.model';
import logger from '../utils/logger';
@@ -140,6 +141,69 @@ class VehicleController {
}
}
async exportAlerts(_req: Request, res: Response): Promise<void> {
try {
const escape = (v: unknown): string => {
if (v === null || v === undefined) return '';
const str = String(v);
let safe = str.replace(/"/g, '""');
if (/^[=+@\-]/.test(safe)) safe = "'" + safe;
return `"${safe}"`;
};
const formatDate = (d: Date | string | null): string => {
if (!d) return '';
const date = typeof d === 'string' ? new Date(d) : d;
const day = String(date.getDate()).padStart(2, '0');
const month = String(date.getMonth() + 1).padStart(2, '0');
const year = date.getFullYear();
return `${day}.${month}.${year}`;
};
const [vehicleAlerts, equipmentAlerts] = await Promise.all([
vehicleService.getUpcomingInspections(365),
equipmentService.getUpcomingInspections(365),
]);
const header = 'Typ,Bezeichnung,Kurzname,Prüfungsart,Fällig am,Tage verbleibend';
const rows: string[] = [];
for (const a of vehicleAlerts) {
const pruefungsart = a.type === '57a' ? '§57a Überprüfung' : 'Nächste Wartung';
rows.push([
escape('Fahrzeug'),
escape(a.bezeichnung),
escape(a.kurzname),
escape(pruefungsart),
escape(formatDate(a.faelligAm)),
escape(a.tage),
].join(','));
}
for (const e of equipmentAlerts) {
rows.push([
escape('Ausrüstung'),
escape(e.bezeichnung),
escape(''),
escape('Prüfung'),
escape(formatDate(e.naechste_pruefung_am)),
escape(e.pruefung_tage_bis_faelligkeit),
].join(','));
}
const today = new Date();
const dateStr = `${today.getFullYear()}-${String(today.getMonth() + 1).padStart(2, '0')}-${String(today.getDate()).padStart(2, '0')}`;
const csv = '\uFEFF' + header + '\n' + rows.join('\n');
res.setHeader('Content-Type', 'text/csv; charset=utf-8');
res.setHeader('Content-Disposition', `attachment; filename="pruefungen_${dateStr}.csv"`);
res.status(200).send(csv);
} catch (error) {
logger.error('exportAlerts error', { error });
res.status(500).json({ success: false, message: 'Prüfungsexport konnte nicht erstellt werden' });
}
}
async getVehicle(req: Request, res: Response): Promise<void> {
try {
const { id } = req.params as Record<string, string>;

1
backend/src/routes/atemschutz.routes.ts
View File

@@ -9,6 +9,7 @@ const router = Router();
router.get('/', authenticate, atemschutzController.list.bind(atemschutzController));
router.get('/stats', authenticate, atemschutzController.getStats.bind(atemschutzController));
router.get('/expiring', authenticate, atemschutzController.getExpiring.bind(atemschutzController));
router.get('/my-status', authenticate, atemschutzController.getMyStatus.bind(atemschutzController));
router.get('/user/:userId', authenticate, atemschutzController.getByUserId.bind(atemschutzController));
router.get('/:id', authenticate, atemschutzController.getOne.bind(atemschutzController));

10
backend/src/routes/events.routes.ts
View File

@@ -58,6 +58,16 @@ router.delete(
*/
router.get('/groups', authenticate, eventsController.getAvailableGroups.bind(eventsController));
// ---------------------------------------------------------------------------
// Conflict check — must come before /:id
// ---------------------------------------------------------------------------
/**
* GET /api/events/conflicts?from=<ISO>&to=<ISO>&excludeId=<uuid>
* Check for overlapping events in the given time range.
*/
router.get('/conflicts', authenticate, eventsController.checkConflicts.bind(eventsController));
// ---------------------------------------------------------------------------
// Calendar & upcoming — specific routes must come before /:id
// ---------------------------------------------------------------------------

1
backend/src/routes/serviceMonitor.routes.ts
View File

@@ -17,5 +17,6 @@ router.delete('/services/:id', ...auth, serviceMonitorController.delete.bind(ser
router.get('/system/health', ...auth, serviceMonitorController.getSystemHealth.bind(serviceMonitorController));
router.get('/users', ...auth, serviceMonitorController.getUsers.bind(serviceMonitorController));
router.post('/notifications/broadcast', ...auth, serviceMonitorController.broadcastNotification.bind(serviceMonitorController));
router.post('/notifications/broadcast/preview', ...auth, serviceMonitorController.broadcastPreview.bind(serviceMonitorController));
export default router;

1
backend/src/routes/vehicle.routes.ts
View File

@@ -10,6 +10,7 @@ const router = Router();
router.get('/', authenticate, vehicleController.listVehicles.bind(vehicleController));
router.get('/stats', authenticate, vehicleController.getStats.bind(vehicleController));
router.get('/alerts', authenticate, vehicleController.getAlerts.bind(vehicleController));
router.get('/alerts/export', authenticate, requirePermission('vehicles:read'), vehicleController.exportAlerts.bind(vehicleController));
router.get('/:id', authenticate, vehicleController.getVehicle.bind(vehicleController));
router.get('/:id/wartung', authenticate, vehicleController.getWartung.bind(vehicleController));

39
backend/src/services/atemschutz.service.ts
View File

@@ -216,6 +216,45 @@ class AtemschutzService {
}
}
// =========================================================================
// EXPIRING CERTIFICATIONS
// =========================================================================
async getExpiringCertifications(daysAhead = 30): Promise<any[]> {
try {
const result = await pool.query(`
SELECT
at.id, at.user_id, u.email,
COALESCE(u.name, u.email) as user_name,
at.untersuchung_gueltig_bis,
at.leistungstest_gueltig_bis,
CASE
WHEN at.untersuchung_gueltig_bis < CURRENT_DATE THEN 'abgelaufen'
WHEN at.untersuchung_gueltig_bis <= CURRENT_DATE + $1 THEN 'bald_faellig'
ELSE 'ok'
END as untersuchung_status,
CASE
WHEN at.leistungstest_gueltig_bis < CURRENT_DATE THEN 'abgelaufen'
WHEN at.leistungstest_gueltig_bis <= CURRENT_DATE + $1 THEN 'bald_faellig'
ELSE 'ok'
END as leistungstest_status
FROM atemschutz_traeger at
JOIN users u ON u.id = at.user_id
WHERE at.einsatzbereit = TRUE
AND (
at.untersuchung_gueltig_bis <= CURRENT_DATE + $1
OR at.leistungstest_gueltig_bis <= CURRENT_DATE + $1
)
ORDER BY LEAST(at.untersuchung_gueltig_bis, at.leistungstest_gueltig_bis) ASC
`, [`${daysAhead} days`]);
return result.rows;
} catch (error) {
logger.error('AtemschutzService.getExpiringCertifications fehlgeschlagen', { error });
throw new Error('Ablaufende Atemschutz-Zertifizierungen konnten nicht geladen werden');
}
}
// =========================================================================
// DASHBOARD KPI / STATISTIKEN
// =========================================================================

62
backend/src/services/audit.service.ts
View File

@@ -14,6 +14,7 @@
import pool from '../config/database';
import logger from '../utils/logger';
import notificationService from './notification.service';
// ---------------------------------------------------------------------------
// Enums — kept as const objects rather than TypeScript enums so that the
@@ -188,6 +189,9 @@ class AuditService {
resource_id: entry.resource_id,
user_id: entry.user_id,
});
// Fire-and-forget — never block the audit log write
this.alertAdminsIfSensitive(entry).catch(() => {});
} catch (error) {
// GDPR obligation: log the failure so it can be investigated, but
// NEVER propagate — the main request must complete successfully.
@@ -203,6 +207,64 @@ class AuditService {
}
}
// -------------------------------------------------------------------------
// Audit alert notifications for admins
// -------------------------------------------------------------------------
/**
* alertAdminsIfSensitive — checks whether an audit entry represents a
* sensitive action and, if so, creates a notification for every active
* admin user (except the actor themselves).
*
* This method MUST NEVER throw. All errors are caught and logged.
*/
async alertAdminsIfSensitive(entry: AuditLogInput): Promise<void> {
try {
const sensitiveActions: Record<string, string> = {
'PERMISSION_DENIED': 'Zugriff verweigert',
'DELETE': 'Datensatz gelöscht',
'ROLE_CHANGE': 'Rolle geändert',
};
const isUserUpdate =
entry.resource_type === AuditResourceType.USER &&
entry.action === AuditAction.UPDATE;
const isSensitive = sensitiveActions[entry.action] || isUserUpdate;
if (!isSensitive) return;
// Get all active admin users
const { rows: admins } = await pool.query(
"SELECT id FROM users WHERE is_active = TRUE AND 'dashboard_admin' = ANY(authentik_groups)"
);
if (admins.length === 0) return;
const titel = sensitiveActions[entry.action] || 'Benutzer-Änderung';
const nachricht = `${entry.action} auf ${entry.resource_type}${entry.resource_id ? ' ' + entry.resource_id : ''} durch ${entry.user_email ?? 'System'}`;
for (const admin of admins) {
// Don't notify the admin about their own actions
if (admin.id === entry.user_id) continue;
await notificationService.createNotification({
user_id: admin.id,
typ: 'audit_alert',
titel,
nachricht,
schwere: entry.action === 'PERMISSION_DENIED' ? 'warnung' : 'info',
quell_typ: 'audit_alert',
quell_id: `${entry.action}_${entry.resource_type}_${entry.resource_id ?? Date.now()}`,
});
}
} catch (error) {
logger.error('alertAdminsIfSensitive failed', {
error: error instanceof Error ? error.message : String(error),
action: entry.action,
});
}
}
// -------------------------------------------------------------------------
// Query — admin UI
// -------------------------------------------------------------------------

42
backend/src/services/events.service.ts
View File

@@ -614,6 +614,48 @@ class EventsService {
}));
}
// -------------------------------------------------------------------------
// CONFLICT CHECK
// -------------------------------------------------------------------------
/**
* Returns events that overlap with the given time range.
* Used to warn users about scheduling conflicts before creating/updating events.
*/
async checkConflicts(
datumVon: Date,
datumBis: Date,
excludeId?: string
): Promise<Array<{ id: string; titel: string; datum_von: Date; datum_bis: Date; kategorie_name: string | null }>> {
const params: any[] = [datumVon, datumBis];
let excludeClause = '';
if (excludeId) {
excludeClause = ' AND v.id != $3';
params.push(excludeId);
}
const result = await pool.query(
`SELECT v.id, v.titel, v.datum_von, v.datum_bis,
k.name AS kategorie_name
FROM veranstaltungen v
LEFT JOIN veranstaltung_kategorien k ON k.id = v.kategorie_id
WHERE v.abgesagt = FALSE
AND ($1::timestamptz, $2::timestamptz) OVERLAPS (v.datum_von, v.datum_bis)
${excludeClause}
ORDER BY v.datum_von ASC
LIMIT 10`,
params
);
return result.rows.map((row) => ({
id: row.id,
titel: row.titel,
datum_von: new Date(row.datum_von),
datum_bis: new Date(row.datum_bis),
kategorie_name: row.kategorie_name ?? null,
}));
}
// -------------------------------------------------------------------------
// ICAL EXPORT
// -------------------------------------------------------------------------

37
backend/src/services/vehicle.service.ts
View File

@@ -406,6 +406,43 @@ class VehicleService {
}
}
// =========================================================================
// MAINTENANCE WINDOWS (for booking calendar overlay)
// =========================================================================
async getMaintenanceWindows(
from: Date,
to: Date
): Promise<
{
id: string;
bezeichnung: string;
kurzname: string | null;
status: string;
status_bemerkung: string | null;
ausser_dienst_von: string;
ausser_dienst_bis: string;
}[]
> {
try {
const result = await pool.query(
`SELECT id, bezeichnung, kurzname, status, status_bemerkung,
ausser_dienst_von, ausser_dienst_bis
FROM fahrzeuge
WHERE deleted_at IS NULL
AND status IN ('ausser_dienst_wartung', 'ausser_dienst_schaden')
AND ausser_dienst_von IS NOT NULL
AND ausser_dienst_bis IS NOT NULL
AND (ausser_dienst_von, ausser_dienst_bis) OVERLAPS ($1, $2)`,
[from, to]
);
return result.rows;
} catch (error) {
logger.error('VehicleService.getMaintenanceWindows failed', { error });
throw new Error('Failed to fetch maintenance windows');
}
}
// =========================================================================
// DASHBOARD KPI
// =========================================================================