matthias/dashboard
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

update

Browse Source
This commit is contained in:
Matthias Hochmeister
2026-03-16 15:01:09 +01:00
parent 3c72fe627f
commit f3ad989a9e
28 changed files with 794 additions and 52 deletions
Download Patch File Download Diff File Expand all files Collapse all files

39
backend/src/services/atemschutz.service.ts
View File

@@ -216,6 +216,45 @@ class AtemschutzService {
}
}
// =========================================================================
// EXPIRING CERTIFICATIONS
// =========================================================================
async getExpiringCertifications(daysAhead = 30): Promise<any[]> {
try {
const result = await pool.query(`
SELECT
at.id, at.user_id, u.email,
COALESCE(u.name, u.email) as user_name,
at.untersuchung_gueltig_bis,
at.leistungstest_gueltig_bis,
CASE
WHEN at.untersuchung_gueltig_bis < CURRENT_DATE THEN 'abgelaufen'
WHEN at.untersuchung_gueltig_bis <= CURRENT_DATE + $1 THEN 'bald_faellig'
ELSE 'ok'
END as untersuchung_status,
CASE
WHEN at.leistungstest_gueltig_bis < CURRENT_DATE THEN 'abgelaufen'
WHEN at.leistungstest_gueltig_bis <= CURRENT_DATE + $1 THEN 'bald_faellig'
ELSE 'ok'
END as leistungstest_status
FROM atemschutz_traeger at
JOIN users u ON u.id = at.user_id
WHERE at.einsatzbereit = TRUE
AND (
at.untersuchung_gueltig_bis <= CURRENT_DATE + $1
OR at.leistungstest_gueltig_bis <= CURRENT_DATE + $1
)
ORDER BY LEAST(at.untersuchung_gueltig_bis, at.leistungstest_gueltig_bis) ASC
`, [`${daysAhead} days`]);
return result.rows;
} catch (error) {
logger.error('AtemschutzService.getExpiringCertifications fehlgeschlagen', { error });
throw new Error('Ablaufende Atemschutz-Zertifizierungen konnten nicht geladen werden');
}
}
// =========================================================================
// DASHBOARD KPI / STATISTIKEN
// =========================================================================

62
backend/src/services/audit.service.ts
View File

@@ -14,6 +14,7 @@
import pool from '../config/database';
import logger from '../utils/logger';
import notificationService from './notification.service';
// ---------------------------------------------------------------------------
// Enums — kept as const objects rather than TypeScript enums so that the
@@ -188,6 +189,9 @@ class AuditService {
resource_id: entry.resource_id,
user_id: entry.user_id,
});
// Fire-and-forget — never block the audit log write
this.alertAdminsIfSensitive(entry).catch(() => {});
} catch (error) {
// GDPR obligation: log the failure so it can be investigated, but
// NEVER propagate — the main request must complete successfully.
@@ -203,6 +207,64 @@ class AuditService {
}
}
// -------------------------------------------------------------------------
// Audit alert notifications for admins
// -------------------------------------------------------------------------
/**
* alertAdminsIfSensitive — checks whether an audit entry represents a
* sensitive action and, if so, creates a notification for every active
* admin user (except the actor themselves).
*
* This method MUST NEVER throw. All errors are caught and logged.
*/
async alertAdminsIfSensitive(entry: AuditLogInput): Promise<void> {
try {
const sensitiveActions: Record<string, string> = {
'PERMISSION_DENIED': 'Zugriff verweigert',
'DELETE': 'Datensatz gelöscht',
'ROLE_CHANGE': 'Rolle geändert',
};
const isUserUpdate =
entry.resource_type === AuditResourceType.USER &&
entry.action === AuditAction.UPDATE;
const isSensitive = sensitiveActions[entry.action] || isUserUpdate;
if (!isSensitive) return;
// Get all active admin users
const { rows: admins } = await pool.query(
"SELECT id FROM users WHERE is_active = TRUE AND 'dashboard_admin' = ANY(authentik_groups)"
);
if (admins.length === 0) return;
const titel = sensitiveActions[entry.action] || 'Benutzer-Änderung';
const nachricht = `${entry.action} auf ${entry.resource_type}${entry.resource_id ? ' ' + entry.resource_id : ''} durch ${entry.user_email ?? 'System'}`;
for (const admin of admins) {
// Don't notify the admin about their own actions
if (admin.id === entry.user_id) continue;
await notificationService.createNotification({
user_id: admin.id,
typ: 'audit_alert',
titel,
nachricht,
schwere: entry.action === 'PERMISSION_DENIED' ? 'warnung' : 'info',
quell_typ: 'audit_alert',
quell_id: `${entry.action}_${entry.resource_type}_${entry.resource_id ?? Date.now()}`,
});
}
} catch (error) {
logger.error('alertAdminsIfSensitive failed', {
error: error instanceof Error ? error.message : String(error),
action: entry.action,
});
}
}
// -------------------------------------------------------------------------
// Query — admin UI
// -------------------------------------------------------------------------

42
backend/src/services/events.service.ts
View File

@@ -614,6 +614,48 @@ class EventsService {
}));
}
// -------------------------------------------------------------------------
// CONFLICT CHECK
// -------------------------------------------------------------------------
/**
* Returns events that overlap with the given time range.
* Used to warn users about scheduling conflicts before creating/updating events.
*/
async checkConflicts(
datumVon: Date,
datumBis: Date,
excludeId?: string
): Promise<Array<{ id: string; titel: string; datum_von: Date; datum_bis: Date; kategorie_name: string | null }>> {
const params: any[] = [datumVon, datumBis];
let excludeClause = '';
if (excludeId) {
excludeClause = ' AND v.id != $3';
params.push(excludeId);
}
const result = await pool.query(
`SELECT v.id, v.titel, v.datum_von, v.datum_bis,
k.name AS kategorie_name
FROM veranstaltungen v
LEFT JOIN veranstaltung_kategorien k ON k.id = v.kategorie_id
WHERE v.abgesagt = FALSE
AND ($1::timestamptz, $2::timestamptz) OVERLAPS (v.datum_von, v.datum_bis)
${excludeClause}
ORDER BY v.datum_von ASC
LIMIT 10`,
params
);
return result.rows.map((row) => ({
id: row.id,
titel: row.titel,
datum_von: new Date(row.datum_von),
datum_bis: new Date(row.datum_bis),
kategorie_name: row.kategorie_name ?? null,
}));
}
// -------------------------------------------------------------------------
// ICAL EXPORT
// -------------------------------------------------------------------------

37
backend/src/services/vehicle.service.ts
View File

@@ -406,6 +406,43 @@ class VehicleService {
}
}
// =========================================================================
// MAINTENANCE WINDOWS (for booking calendar overlay)
// =========================================================================
async getMaintenanceWindows(
from: Date,
to: Date
): Promise<
{
id: string;
bezeichnung: string;
kurzname: string | null;
status: string;
status_bemerkung: string | null;
ausser_dienst_von: string;
ausser_dienst_bis: string;
}[]
> {
try {
const result = await pool.query(
`SELECT id, bezeichnung, kurzname, status, status_bemerkung,
ausser_dienst_von, ausser_dienst_bis
FROM fahrzeuge
WHERE deleted_at IS NULL
AND status IN ('ausser_dienst_wartung', 'ausser_dienst_schaden')
AND ausser_dienst_von IS NOT NULL
AND ausser_dienst_bis IS NOT NULL
AND (ausser_dienst_von, ausser_dienst_bis) OVERLAPS ($1, $2)`,
[from, to]
);
return result.rows;
} catch (error) {
logger.error('VehicleService.getMaintenanceWindows failed', { error });
throw new Error('Failed to fetch maintenance windows');
}
}
// =========================================================================
// DASHBOARD KPI
// =========================================================================