Jan/RFP_Finanzen
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

In der Nutzerverwaltung kannst du jetzt pro Konto die Rolle, die AG-Zuordnung und die Freigaberollen bearbeiten. Die feste 3er-Freigabelogik bleibt Vorstand A / Vorstand B / Finanz-AG, aber jetzt legst du über die Nutzer fest, wer diese Schritte autorisieren darf. Zusätzlich gibt es unter Nutzer anlegen eine eigene Insel für die Freigabe-Schwelle, und diese Schwelle wird jetzt auch wirklich überall verwendet: in der Erfassungslogik, in den Budgetkarten, im CSV-Backup/-Import und im Audit-Restore. Die Hauptänderungen sitzen in dashboard-shell.tsx, budget-column.tsx, route.ts, schema.prisma und route.ts.
CI / build-and-deploy (push) Successful in 1m22s
Details

Browse Source 
Den Zeitraum-Bereich habe ich dabei gleich mit aufgeräumt: die Auswahl des aktuellen Haushalts ist breiter und sauberer angeordnet, und die Desktop-Nutzerverwaltung ist jetzt wirklich links Anlegen + Schwelle und rechts die Nutzerliste. Seed und Backup/Restore kennen die neuen Felder ebenfalls in seed.ts, route.ts und route.ts.
This commit is contained in:
Jan
2026-04-12 20:09:46 +02:00
parent 92d96ffa27
commit b202fc6c26
20 changed files with 1018 additions and 365 deletions
Download Patch File Download Diff File Expand all files Collapse all files
src/app/api/audit-logs/[id]/restore/route.ts
+52
View File
@@ -53,6 +53,17 @@ function asNumber(value: unknown, label: string) {
return value;
}
function asApprovalPermissions(value: unknown) {
if (!Array.isArray(value)) {
return [] as ("CHAIR_A" | "CHAIR_B" | "FINANCE")[];
}
return value.filter(
(entry): entry is "CHAIR_A" | "CHAIR_B" | "FINANCE" =>
entry === "CHAIR_A" || entry === "CHAIR_B" || entry === "FINANCE"
);
}
export async function POST(_: Request, { params }: Context) {
const viewer = await getCurrentViewer();
@@ -306,6 +317,25 @@ export async function POST(_: Request, { params }: Context) {
break;
}
case "settings.update": {
const previous = asRecord(rollback.previous, "App-Einstellungen");
await tx.appSettings.upsert({
where: {
id: asString(previous.id, "Einstellungs-ID")
},
update: {
approvalThreshold: asNumber(previous.approvalThreshold, "Freigabe-Schwelle")
},
create: {
id: asString(previous.id, "Einstellungs-ID"),
approvalThreshold: asNumber(previous.approvalThreshold, "Freigabe-Schwelle"),
createdAt: asDate(previous.createdAt, "Einstellungen erstellt am") ?? new Date()
}
});
break;
}
case "user.create": {
const created = asRecord(rollback.created, "Nutzer");
const userId = asString(created.id, "Nutzer-ID");
@@ -364,6 +394,7 @@ export async function POST(_: Request, { params }: Context) {
passwordHash: asString(deleted.passwordHash, "Passworthash"),
role: asString(deleted.role, "Rolle") as "ADMIN" | "FINANCE" | "MEMBER",
approvalPreference: asNullableString(deleted.approvalPreference) as "CHAIR_A" | "CHAIR_B" | "FINANCE" | null,
approvalPermissions: asApprovalPermissions(deleted.approvalPermissions),
workingGroupId: asNullableString(deleted.workingGroupId),
createdAt: asDate(deleted.createdAt, "Nutzer erstellt am") ?? new Date()
}
@@ -371,6 +402,27 @@ export async function POST(_: Request, { params }: Context) {
break;
}
case "user.update": {
const previous = asRecord(rollback.previous, "Nutzer");
const role = asString(previous.role, "Rolle") as "ADMIN" | "FINANCE" | "MEMBER";
await tx.user.update({
where: {
id: asString(previous.id, "Nutzer-ID")
},
data: {
name: asString(previous.name, "Anzeigename"),
username: asString(previous.username, "Login-Name"),
email: asNullableString(previous.email),
role,
approvalPreference: asNullableString(previous.approvalPreference) as "CHAIR_A" | "CHAIR_B" | "FINANCE" | null,
approvalPermissions: asApprovalPermissions(previous.approvalPermissions),
workingGroupId: asNullableString(previous.workingGroupId)
}
});
break;
}
case "user.passwordReset": {
await tx.user.update({
where: {
src/app/api/expenses/[id]/approve/route.ts
+24 -11
View File
@@ -1,9 +1,15 @@
import { NextResponse } from "next/server";
import { z } from "zod";
import { getAppSettings, toApprovalThresholdNumber } from "@/lib/app-settings";
import { snapshotApproval } from "@/lib/audit-snapshots";
import { createAuditLog } from "@/lib/audit-log";
import { APPROVAL_FLOW, getAvailableApprovalTypes, requiresManualApproval } from "@/lib/domain";
import {
APPROVAL_FLOW,
getAvailableApprovalTypes,
normalizeApprovalPermissions,
requiresManualApproval
} from "@/lib/domain";
import prisma from "@/lib/prisma";
import { getCurrentViewer } from "@/lib/session";
@@ -24,18 +30,23 @@ export async function POST(request: Request, { params }: Context) {
return NextResponse.json({ error: "Nicht angemeldet." }, { status: 401 });
}
const expense = await prisma.expense.findUnique({
where: { id: params.id },
include: {
approvals: true
}
});
const [expense, appSettings] = await Promise.all([
prisma.expense.findUnique({
where: { id: params.id },
include: {
approvals: true
}
}),
getAppSettings()
]);
if (!expense) {
return NextResponse.json({ error: "Ausgabe nicht gefunden." }, { status: 404 });
}
if (!requiresManualApproval(Number(expense.amount))) {
const approvalThreshold = toApprovalThresholdNumber(appSettings.approvalThreshold);
if (!requiresManualApproval(Number(expense.amount), approvalThreshold)) {
return NextResponse.json({ error: "Diese Ausgabe ist bereits automatisch freigegeben." }, { status: 400 });
}
@@ -47,11 +58,12 @@ export async function POST(request: Request, { params }: Context) {
}
const existingApprovals = expense.approvals.map((approval) => approval.approvalType);
const availableApprovals = getAvailableApprovalTypes(
const viewerApprovalPermissions = normalizeApprovalPermissions(
viewer.role,
viewer.approvalPreference,
existingApprovals
viewer.approvalPermissions,
viewer.approvalPreference
);
const availableApprovals = getAvailableApprovalTypes(viewerApprovalPermissions, existingApprovals);
if (!availableApprovals.includes(parsed.data.approvalType)) {
return NextResponse.json({ error: "Du darfst diese Freigabe nicht setzen." }, { status: 403 });
@@ -111,6 +123,7 @@ export async function POST(request: Request, { params }: Context) {
summary: `${parsed.data.approvalType} fuer ${expense.title} wurde gesetzt.`,
metadata: {
approvalType: parsed.data.approvalType,
approvalThreshold,
rollback: {
kind: "expense.approve",
approval: snapshotApproval(transactionResult.approval),
src/app/api/expenses/route.ts
+12 -5
View File
@@ -1,6 +1,7 @@
import { NextResponse } from "next/server";
import { z } from "zod";
import { getAppSettings, toApprovalThresholdNumber } from "@/lib/app-settings";
import { snapshotExpense } from "@/lib/audit-snapshots";
import { createAuditLog } from "@/lib/audit-log";
import { canCreateExpenseForGroup, requiresManualApproval } from "@/lib/domain";
@@ -18,7 +19,7 @@ const expenseSchema = z.object({
recurrence: z.enum(["NONE", "MONTHLY"]).default("NONE"),
proofUrl: z
.union([z.string().trim().url(), z.literal(""), z.null(), z.undefined()])
.transform((value) => (typeof value === "string" && value.length > 0 ? value : undefined)),
.transform((value) => (typeof value === "string" && value.length > 0 ? value : undefined))
});
export async function POST(request: Request) {
@@ -39,14 +40,19 @@ export async function POST(request: Request) {
return NextResponse.json({ error: "Du kannst nur in deiner eigenen AG Ausgaben erfassen." }, { status: 403 });
}
const budget = await prisma.budget.findUnique({
where: { id: parsed.data.budgetId }
});
const [budget, appSettings] = await Promise.all([
prisma.budget.findUnique({
where: { id: parsed.data.budgetId }
}),
getAppSettings()
]);
if (!budget || budget.workingGroupId !== parsed.data.agId) {
return NextResponse.json({ error: "Das ausgewaehlte Budget passt nicht zur AG." }, { status: 404 });
}
const approvalThreshold = toApprovalThresholdNumber(appSettings.approvalThreshold);
const expense = await prisma.expense.create({
data: {
title: parsed.data.title,
@@ -58,7 +64,7 @@ export async function POST(request: Request) {
creatorId: viewer.id,
proofUrl: parsed.data.proofUrl,
recurrence: parsed.data.recurrence,
approvalStatus: requiresManualApproval(parsed.data.amount) ? "PENDING" : "APPROVED"
approvalStatus: requiresManualApproval(parsed.data.amount, approvalThreshold) ? "PENDING" : "APPROVED"
}
});
@@ -75,6 +81,7 @@ export async function POST(request: Request) {
workingGroupId: parsed.data.agId,
recurrence: parsed.data.recurrence,
approvalStatus: expense.approvalStatus,
approvalThreshold,
rollback: {
kind: "expense.create",
created: snapshotExpense(expense)
src/app/api/export/csv/route.ts
+28 -2
View File
@@ -1,5 +1,6 @@
import { NextResponse } from "next/server";
import { getAppSettings, toApprovalThresholdNumber } from "@/lib/app-settings";
import { toCsvCell } from "@/lib/backup-csv";
import { canManageUsers } from "@/lib/domain";
import prisma from "@/lib/prisma";
@@ -26,6 +27,8 @@ const CSV_HEADERS = [
"email",
"role",
"approvalPreference",
"approvalPermissions",
"approvalThreshold",
"title",
"description",
"amount",
@@ -65,7 +68,8 @@ export async function GET() {
return NextResponse.json({ error: "Nur Vorstand oder Finanz-AG duerfen CSV-Backups herunterladen." }, { status: 403 });
}
const [users, accountingPeriods, workingGroups, auditLogs] = await Promise.all([
const [appSettings, users, accountingPeriods, workingGroups, auditLogs] = await Promise.all([
getAppSettings(),
prisma.user.findMany({
include: {
workingGroup: {
@@ -96,7 +100,8 @@ export async function GET() {
username: true,
email: true,
role: true,
approvalPreference: true
approvalPreference: true,
approvalPermissions: true
},
orderBy: {
username: "asc"
@@ -157,6 +162,13 @@ export async function GET() {
const rows: CsvRow[] = [];
rows.push({
recordType: "settings",
id: appSettings.id,
approvalThreshold: toApprovalThresholdNumber(appSettings.approvalThreshold).toFixed(2),
createdAt: appSettings.createdAt.toISOString()
} as CsvRow);
for (const user of users) {
rows.push({
recordType: "user",
@@ -179,6 +191,8 @@ export async function GET() {
email: user.email,
role: user.role,
approvalPreference: user.approvalPreference ?? "",
approvalPermissions: user.approvalPermissions.join("|"),
approvalThreshold: "",
title: "",
description: "",
amount: "",
@@ -228,6 +242,8 @@ export async function GET() {
email: "",
role: "",
approvalPreference: "",
approvalPermissions: "",
approvalThreshold: "",
title: "",
description: "",
amount: "",
@@ -277,6 +293,8 @@ export async function GET() {
email: "",
role: "",
approvalPreference: "",
approvalPermissions: "",
approvalThreshold: "",
title: "",
description: "",
amount: "",
@@ -325,6 +343,8 @@ export async function GET() {
email: "",
role: "",
approvalPreference: "",
approvalPermissions: "",
approvalThreshold: "",
title: "",
description: "",
amount: "",
@@ -373,6 +393,8 @@ export async function GET() {
email: "",
role: "",
approvalPreference: "",
approvalPermissions: "",
approvalThreshold: "",
title: expense.title,
description: expense.description ?? "",
amount: Number(expense.amount).toFixed(2),
@@ -421,6 +443,8 @@ export async function GET() {
email: "",
role: "",
approvalPreference: "",
approvalPermissions: "",
approvalThreshold: "",
title: expense.title,
description: "",
amount: Number(expense.amount).toFixed(2),
@@ -473,6 +497,8 @@ export async function GET() {
email: "",
role: "",
approvalPreference: "",
approvalPermissions: "",
approvalThreshold: "",
title: "",
description: "",
amount: "",
src/app/api/import/csv/route.ts
+34 -3
View File
@@ -2,7 +2,7 @@ import { NextResponse } from "next/server";
import { createAuditLog } from "@/lib/audit-log";
import { parseCsv } from "@/lib/backup-csv";
import { canManageUsers } from "@/lib/domain";
import { canManageUsers, DEFAULT_APPROVAL_THRESHOLD, getLegacyApprovalPreference, normalizeApprovalPermissions } from "@/lib/domain";
import prisma from "@/lib/prisma";
import { getCurrentViewer } from "@/lib/session";
@@ -28,6 +28,21 @@ function toNumber(value: string | undefined) {
return Number.isFinite(parsed) ? parsed : null;
}
function toApprovalPermissions(
value: string | undefined,
role: "ADMIN" | "FINANCE" | "MEMBER",
approvalPreference: "CHAIR_A" | "CHAIR_B" | "FINANCE" | null
) {
const explicitPermissions = value
? value
.split("|")
.map((entry) => entry.trim())
.filter((entry) => entry.length > 0) as ("CHAIR_A" | "CHAIR_B" | "FINANCE")[]
: [];
return normalizeApprovalPermissions(role, explicitPermissions, approvalPreference);
}
export async function POST(request: Request) {
const viewer = await getCurrentViewer();
@@ -71,6 +86,7 @@ export async function POST(request: Request) {
);
}
const settingsRows = rawEntries.filter((entry) => entry.recordType === "settings");
const periodRows = rawEntries.filter((entry) => entry.recordType === "period");
const groupRows = rawEntries.filter((entry) => entry.recordType === "workingGroup");
const budgetRows = rawEntries.filter((entry) => entry.recordType === "budget");
@@ -87,6 +103,16 @@ export async function POST(request: Request) {
await tx.user.deleteMany();
await tx.workingGroup.deleteMany();
await tx.accountingPeriod.deleteMany();
await tx.appSettings.deleteMany();
const settingsRow = settingsRows[0];
await tx.appSettings.create({
data: {
id: settingsRow?.id || "global",
approvalThreshold: toNumber(settingsRow?.approvalThreshold) ?? DEFAULT_APPROVAL_THRESHOLD,
createdAt: toDate(settingsRow?.createdAt) ?? new Date()
}
});
for (const row of periodRows) {
const startsAt = toDate(row.periodStartsAt);
@@ -119,6 +145,10 @@ export async function POST(request: Request) {
}
for (const row of userRows) {
const role = row.role as "ADMIN" | "FINANCE" | "MEMBER";
const approvalPreference = toNullable(row.approvalPreference) as "CHAIR_A" | "CHAIR_B" | "FINANCE" | null;
const approvalPermissions = toApprovalPermissions(row.approvalPermissions, role, approvalPreference);
await tx.user.create({
data: {
id: row.id,
@@ -126,8 +156,9 @@ export async function POST(request: Request) {
username: row.username,
email: toNullable(row.email),
passwordHash: row.passwordHash,
role: row.role as "ADMIN" | "FINANCE" | "MEMBER",
approvalPreference: toNullable(row.approvalPreference) as "CHAIR_A" | "CHAIR_B" | "FINANCE" | null,
role,
approvalPreference: getLegacyApprovalPreference(approvalPermissions),
approvalPermissions,
workingGroupId: toNullable(row.workingGroupId),
createdAt: toDate(row.createdAt) ?? new Date()
}
src/app/api/settings/route.ts
+65
View File
@@ -0,0 +1,65 @@
import { NextResponse } from "next/server";
import { z } from "zod";
import { getAppSettings, toApprovalThresholdNumber } from "@/lib/app-settings";
import { snapshotAppSettings } from "@/lib/audit-snapshots";
import { createAuditLog } from "@/lib/audit-log";
import { canManageUsers } from "@/lib/domain";
import prisma from "@/lib/prisma";
import { getCurrentViewer } from "@/lib/session";
const settingsSchema = z.object({
approvalThreshold: z.coerce.number().min(0).max(100000)
});
export async function PATCH(request: Request) {
const viewer = await getCurrentViewer();
if (!viewer) {
return NextResponse.json({ error: "Nicht angemeldet." }, { status: 401 });
}
if (!canManageUsers(viewer.role)) {
return NextResponse.json({ error: "Nur Vorstand oder Finanz-AG duerfen Einstellungen aendern." }, { status: 403 });
}
const body = await request.json().catch(() => null);
const parsed = settingsSchema.safeParse(body);
if (!parsed.success) {
return NextResponse.json({ error: "Bitte eine gueltige Freigabe-Schwelle eingeben." }, { status: 400 });
}
const existingSettings = await getAppSettings();
const previousSnapshot = snapshotAppSettings(existingSettings);
const appSettings = await prisma.appSettings.update({
where: {
id: existingSettings.id
},
data: {
approvalThreshold: parsed.data.approvalThreshold
}
});
await createAuditLog(prisma, {
actorId: viewer.id,
action: "settings.update",
entityType: "settings",
entityId: appSettings.id,
entityLabel: "Freigabe-Schwelle",
summary: `Freigabe-Schwelle wurde auf ${toApprovalThresholdNumber(appSettings.approvalThreshold).toFixed(2)} EUR gesetzt.`,
metadata: {
approvalThreshold: toApprovalThresholdNumber(appSettings.approvalThreshold),
rollback: {
kind: "settings.update",
previous: previousSnapshot
}
}
});
return NextResponse.json({
ok: true,
approvalThreshold: toApprovalThresholdNumber(appSettings.approvalThreshold)
});
}
src/app/api/users/[id]/route.ts
+105 -1
View File
@@ -1,17 +1,121 @@
import { NextResponse } from "next/server";
import { z } from "zod";
import { snapshotUser } from "@/lib/audit-snapshots";
import { createAuditLog } from "@/lib/audit-log";
import { canManageUsers } from "@/lib/domain";
import {
APPROVAL_FLOW,
canManageUsers,
getLegacyApprovalPreference,
normalizeApprovalPermissions
} from "@/lib/domain";
import prisma from "@/lib/prisma";
import { getCurrentViewer } from "@/lib/session";
const userRoleSchema = z.enum(["ADMIN", "FINANCE", "MEMBER"]);
const approvalPermissionSchema = z.enum(APPROVAL_FLOW);
const updateUserSchema = z.object({
role: userRoleSchema,
workingGroupId: z.union([z.string().trim().min(1), z.literal(""), z.null(), z.undefined()]),
approvalPermissions: z.array(approvalPermissionSchema).default([])
});
type Context = {
params: {
id: string;
};
};
export async function PATCH(request: Request, { params }: Context) {
const viewer = await getCurrentViewer();
if (!viewer) {
return NextResponse.json({ error: "Nicht angemeldet." }, { status: 401 });
}
if (!canManageUsers(viewer.role)) {
return NextResponse.json({ error: "Nur Vorstand oder Finanz-AG duerfen Nutzer bearbeiten." }, { status: 403 });
}
const body = await request.json().catch(() => null);
const parsed = updateUserSchema.safeParse(body);
if (!parsed.success) {
return NextResponse.json({ error: "Bitte Rolle, AG und Freigaberollen korrekt angeben." }, { status: 400 });
}
const user = await prisma.user.findUnique({
where: { id: params.id }
});
if (!user) {
return NextResponse.json({ error: "Nutzer nicht gefunden." }, { status: 404 });
}
const workingGroupId = typeof parsed.data.workingGroupId === "string" && parsed.data.workingGroupId.length > 0
? parsed.data.workingGroupId
: null;
if (parsed.data.role === "MEMBER" && !workingGroupId) {
return NextResponse.json({ error: "AG-Mitglieder brauchen eine AG-Zuordnung." }, { status: 400 });
}
if (workingGroupId) {
const workingGroup = await prisma.workingGroup.findUnique({
where: { id: workingGroupId }
});
if (!workingGroup) {
return NextResponse.json({ error: "Die ausgewaehlte AG wurde nicht gefunden." }, { status: 404 });
}
}
if (user.role === "ADMIN" && parsed.data.role !== "ADMIN") {
const adminCount = await prisma.user.count({
where: { role: "ADMIN" }
});
if (adminCount <= 1) {
return NextResponse.json({ error: "Mindestens ein Vorstandskonto muss erhalten bleiben." }, { status: 400 });
}
}
const approvalPermissions = normalizeApprovalPermissions(parsed.data.role, parsed.data.approvalPermissions, null);
const approvalPreference = getLegacyApprovalPreference(approvalPermissions);
const previousSnapshot = snapshotUser(user);
const updatedUser = await prisma.user.update({
where: { id: params.id },
data: {
role: parsed.data.role,
workingGroupId,
approvalPreference,
approvalPermissions
}
});
await createAuditLog(prisma, {
actorId: viewer.id,
action: "user.update",
entityType: "user",
entityId: updatedUser.id,
entityLabel: updatedUser.username,
summary: `Nutzer ${updatedUser.username} wurde aktualisiert.`,
metadata: {
workingGroupId: updatedUser.workingGroupId,
role: updatedUser.role,
approvalPermissions: updatedUser.approvalPermissions,
rollback: {
kind: "user.update",
previous: previousSnapshot
}
}
});
return NextResponse.json({ ok: true });
}
export async function DELETE(_: Request, { params }: Context) {
const viewer = await getCurrentViewer();
src/app/api/users/route.ts
+18 -17
View File
@@ -4,19 +4,24 @@ import { z } from "zod";
import { snapshotUser } from "@/lib/audit-snapshots";
import { createAuditLog } from "@/lib/audit-log";
import { canManageUsers } from "@/lib/domain";
import {
APPROVAL_FLOW,
canManageUsers,
getLegacyApprovalPreference,
normalizeApprovalPermissions
} from "@/lib/domain";
import prisma from "@/lib/prisma";
import { getCurrentViewer } from "@/lib/session";
const userRoleSchema = z.enum(["ADMIN", "FINANCE", "MEMBER"]);
const approvalPreferenceSchema = z.enum(["CHAIR_A", "CHAIR_B", "FINANCE"]);
const approvalPermissionSchema = z.enum(APPROVAL_FLOW);
const createUserSchema = z.object({
username: z.string().trim().min(2).max(40),
password: z.string().min(8).max(128),
role: userRoleSchema,
workingGroupId: z.union([z.string().trim().min(1), z.literal(""), z.null(), z.undefined()]),
approvalPreference: z.union([approvalPreferenceSchema, z.literal(""), z.null(), z.undefined()])
approvalPermissions: z.array(approvalPermissionSchema).default([])
});
export async function POST(request: Request) {
@@ -41,12 +46,11 @@ export async function POST(request: Request) {
const workingGroupId = typeof parsed.data.workingGroupId === "string" && parsed.data.workingGroupId.length > 0
? parsed.data.workingGroupId
: null;
const requestedApprovalPreference =
parsed.data.approvalPreference === "CHAIR_A" ||
parsed.data.approvalPreference === "CHAIR_B" ||
parsed.data.approvalPreference === "FINANCE"
? parsed.data.approvalPreference
: null;
const approvalPermissions = normalizeApprovalPermissions(
parsed.data.role,
parsed.data.approvalPermissions,
null
);
if (parsed.data.role === "MEMBER" && !workingGroupId) {
return NextResponse.json({ error: "AG-Mitglieder brauchen eine AG-Zuordnung." }, { status: 400 });
@@ -71,12 +75,7 @@ export async function POST(request: Request) {
}
const passwordHash = await bcrypt.hash(parsed.data.password, 12);
const approvalPreference =
parsed.data.role === "FINANCE"
? "FINANCE"
: parsed.data.role === "ADMIN"
? requestedApprovalPreference
: null;
const approvalPreference = getLegacyApprovalPreference(approvalPermissions);
const user = await prisma.user.create({
data: {
@@ -85,8 +84,9 @@ export async function POST(request: Request) {
email: null,
passwordHash,
role: parsed.data.role,
workingGroupId: parsed.data.role === "MEMBER" ? workingGroupId : null,
approvalPreference
workingGroupId,
approvalPreference,
approvalPermissions
}
});
@@ -100,6 +100,7 @@ export async function POST(request: Request) {
metadata: {
role: user.role,
workingGroupId: user.workingGroupId,
approvalPermissions: user.approvalPermissions,
rollback: {
kind: "user.create",
created: snapshotUser(user)
src/app/page.tsx
+17 -4
View File
@@ -2,6 +2,7 @@ import { redirect } from "next/navigation";
import { DashboardShell } from "@/components/dashboard/dashboard-shell";
import { getCurrentAccountingPeriod } from "@/lib/accounting-periods";
import { getAppSettings, toApprovalThresholdNumber } from "@/lib/app-settings";
import { getRollbackMetadata } from "@/lib/audit-log";
import type {
DashboardAccountingPeriod,
@@ -10,7 +11,7 @@ import type {
DashboardViewer,
DashboardWorkingGroup
} from "@/lib/dashboard-types";
import { canManageUsers } from "@/lib/domain";
import { canManageUsers, normalizeApprovalPermissions } from "@/lib/domain";
import prisma from "@/lib/prisma";
import { getCurrentViewer } from "@/lib/session";
@@ -23,7 +24,10 @@ export default async function DashboardPage() {
redirect("/login");
}
const currentPeriod = await getCurrentAccountingPeriod();
const [currentPeriod, appSettings] = await Promise.all([
getCurrentAccountingPeriod(),
getAppSettings()
]);
if (!currentPeriod) {
throw new Error("Kein Abrechnungszeitraum gefunden.");
@@ -138,7 +142,11 @@ export default async function DashboardPage() {
username: viewer.username,
role: viewer.role,
workingGroupId: viewer.workingGroupId,
approvalPreference: viewer.approvalPreference
approvalPermissions: normalizeApprovalPermissions(
viewer.role,
viewer.approvalPermissions,
viewer.approvalPreference
)
};
const serializedGroups: DashboardWorkingGroup[] = workingGroups.map((workingGroup) => ({
@@ -194,7 +202,11 @@ export default async function DashboardPage() {
role: user.role,
workingGroupId: user.workingGroupId,
workingGroupName: user.workingGroup?.name ?? null,
approvalPreference: user.approvalPreference,
approvalPermissions: normalizeApprovalPermissions(
user.role,
user.approvalPermissions,
user.approvalPreference
),
createdExpensesCount: user._count.createdExpenses,
approvalsCount: user._count.approvals
}));
@@ -234,6 +246,7 @@ export default async function DashboardPage() {
auditLogs={serializedAuditLogs}
accountingPeriods={serializedPeriods}
currentPeriodId={currentPeriod.id}
approvalThreshold={toApprovalThresholdNumber(appSettings.approvalThreshold)}
/>
);
}