11 Commits

Author SHA1 Message Date
root
5ed76f6810 feat: mandantenzentrische UI-Umstellung
- Dashboard zeigt Mandanten-Karten statt Workflow-Statistiken
- Neue /tenants/:id Detail-Seite (Workflows pro Mandant)
- Sidebar: Mandanten als primäre Navigation
- TenantList: klickbare Zeilen → Detail-Seite
- WorkflowList: Mandant-Vorfilter via URL-Parameter
- WorkflowEditor: Mandant-Vorauswahl bei Erstellung aus Mandant-Kontext
- Arbeitsweise: Kunde öffnen → dessen Workflows sehen/verwalten
2026-03-30 07:33:19 +00:00
root
3bad762329 feat: Dark Mode mit Toggle, localStorage-Persistenz und System-Preference
- Sun/Moon Toggle im Top-Bar
- Alle Seiten und Komponenten mit dark: Varianten
- Tailwind darkMode: 'class' Strategie
- Respektiert prefers-color-scheme als Default
2026-03-20 23:51:06 +00:00
root
9e3b431e7c fix: WorkflowEditor crash (setWorkflowId undefined) + status via PATCH endpoint
- Remove non-existent setWorkflowId call that caused white screen
- Use separate PATCH /status endpoint for publish/review (not in PUT payload)
- Redirect to workflow view after publishing
2026-03-20 23:41:34 +00:00
root
acaec8e0c2 fix: increase rate limits to prevent lockouts (300 general, 50 auth) 2026-03-20 23:36:55 +00:00
root
b0561ce714 feat: Mandanten-Zuordnung sichtbar auf Workflow-Karten + Mandanten-Filter
- Mandantenname auf allen Workflow-Karten (Grid + Liste)
- Mandantenname im Dashboard bei aktuellen Workflows
- Mandanten-Filter-Dropdown in der Workflow-Liste (für Admins/Techniker)
- Tenant-Info im Workflow-Typ ergänzt
2026-03-20 23:32:55 +00:00
root
7f9e302e5e fix: resolve all failing tests (UUID validation, JWT algorithm, token uniqueness) 2026-03-20 23:24:49 +00:00
root
84664138ad fix: resolve TypeScript errors in test setup 2026-03-20 23:17:56 +00:00
root
f74d60c26b fix: exclude test files from tsc build 2026-03-20 23:16:51 +00:00
root
093fe85573 fix: frontend API mapping, security hardening, test suite
Frontend:
- Fix all API response unwrapping (backend wraps in {data:...})
- Fix workflow publish/archive to use PATCH /status endpoint
- Fix step reorder payload format
- Add tenantId to workflow creation
- Fix step count display using _count

Security (CRITICAL/HIGH):
- Add JWT algorithm restriction (HS256 only)
- Replace weak default JWT secrets
- Fix token blacklist memory leak
- Fix step reorder IDOR vulnerability
- Strengthen password policy (8 chars, mixed case + digit)

Tests:
- 68 tests: auth (17), workflows (26), tenants (25)
- Complete Prisma mock setup with test fixtures
2026-03-20 23:15:07 +00:00
root
4adcb42bb5 fix: resolve TypeScript type errors in route params 2026-03-20 22:55:51 +00:00
root
d58d53fa3b feat: initial workflow portal - multi-tenant architecture
- Backend: Node.js + Express + TypeScript + Prisma + PostgreSQL
- Frontend: React + TypeScript + Tailwind CSS + Vite
- Multi-tenant with role-based access (SystemAdmin, Technician, Customer)
- Workflow editor with drag-and-drop steps
- JWT authentication with refresh tokens
- German UI throughout
2026-03-20 22:48:04 +00:00