tomchukk/mamad-app
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Compare commits

base: tomchukk/mamad-app:1.1
Branches Tags
tomchukk/mamad-app:main tomchukk/mamad-app:1.1
..
compare: tomchukk/mamad-app:a635c57d5d0d19eae6e273770d0bd024717b8649
Branches Tags
tomchukk/mamad-app:main tomchukk/mamad-app:1.1

3 Commits
1.1 .. a635c57d5d

Author SHA1 Message Date
tomchukk a635c57d5d Merge pull request 'Version 1.1 initial commit' (#1) from 1.1 into main 
Reviewed-on: #1
 2026-01-16 19:00:50 +02:00
tomchukk 508c96eedd revert ffee4b6e7d 
revert Update next.config.mjs
 2026-01-16 18:13:09 +02:00
tomchukk ffee4b6e7d Update next.config.mjs 2026-01-16 17:57:32 +02:00
73 changed files with 184 additions and 305 deletions
Expand all files Collapse all files
.next/app-build-manifest.json
+3
View File
@@ -0,0 +1,3 @@
{
"pages": {}
}
.next/build-manifest.json
+16
View File
@@ -0,0 +1,16 @@
{
"polyfillFiles": [
"static/chunks/polyfills.js"
],
"devFiles": [],
"ampDevFiles": [],
"lowPriorityFiles": [
"static/development/_buildManifest.js",
"static/development/_ssgManifest.js"
],
"rootMainFiles": [],
"pages": {
"/_app": []
},
"ampFirstPages": []
}
.next/cache/webpack/client-development-fallback/0.pack.gz
Vendored
BIN
View File
Binary file not shown.
.next/cache/webpack/client-development-fallback/index.pack.gz
Vendored
BIN
View File
Binary file not shown.
.next/cache/webpack/client-development/0.pack.gz
Vendored
BIN
View File
Binary file not shown.
.next/cache/webpack/client-development/1.pack.gz
Vendored
BIN
View File
Binary file not shown.
.next/cache/webpack/client-development/10.pack.gz
Vendored
BIN
View File
Binary file not shown.
.next/cache/webpack/client-development/11.pack.gz
Vendored
BIN
View File
Binary file not shown.
.next/cache/webpack/client-development/12.pack.gz
Vendored
BIN
View File
Binary file not shown.
.next/cache/webpack/client-development/2.pack.gz
Vendored
BIN
View File
Binary file not shown.
.next/cache/webpack/client-development/3.pack.gz
Vendored
BIN
View File
Binary file not shown.
.next/cache/webpack/client-development/4.pack.gz
Vendored
BIN
View File
Binary file not shown.
.next/cache/webpack/client-development/5.pack.gz
Vendored
BIN
View File
Binary file not shown.
.next/cache/webpack/client-development/6.pack.gz
Vendored
BIN
View File
Binary file not shown.
.next/cache/webpack/client-development/7.pack.gz
Vendored
BIN
View File
Binary file not shown.
.next/cache/webpack/client-development/8.pack.gz
Vendored
BIN
View File
Binary file not shown.
.next/cache/webpack/client-development/9.pack.gz
Vendored
BIN
View File
Binary file not shown.
.next/cache/webpack/client-development/index.pack.gz
Vendored
BIN
View File
Binary file not shown.
.next/cache/webpack/client-development/index.pack.gz.old
Vendored
BIN
View File
Binary file not shown.
.next/cache/webpack/server-development/0.pack.gz
Vendored
BIN
View File
Binary file not shown.
.next/cache/webpack/server-development/1.pack.gz
Vendored
BIN
View File
Binary file not shown.
.next/cache/webpack/server-development/10.pack.gz
Vendored
BIN
View File
Binary file not shown.
.next/cache/webpack/server-development/11.pack.gz
Vendored
BIN
View File
Binary file not shown.
.next/cache/webpack/server-development/12.pack.gz
Vendored
BIN
View File
Binary file not shown.
.next/cache/webpack/server-development/13.pack.gz
Vendored
BIN
View File
Binary file not shown.
.next/cache/webpack/server-development/14.pack.gz
Vendored
BIN
View File
Binary file not shown.
.next/cache/webpack/server-development/2.pack.gz
Vendored
BIN
View File
Binary file not shown.
.next/cache/webpack/server-development/3.pack.gz
Vendored
BIN
View File
Binary file not shown.
.next/cache/webpack/server-development/4.pack.gz
Vendored
BIN
View File
Binary file not shown.
.next/cache/webpack/server-development/5.pack.gz
Vendored
BIN
View File
Binary file not shown.
.next/cache/webpack/server-development/6.pack.gz
Vendored
BIN
View File
Binary file not shown.
.next/cache/webpack/server-development/7.pack.gz
Vendored
BIN
View File
Binary file not shown.
.next/cache/webpack/server-development/8.pack.gz
Vendored
BIN
View File
Binary file not shown.
.next/cache/webpack/server-development/9.pack.gz
Vendored
BIN
View File
Binary file not shown.
.next/cache/webpack/server-development/index.pack.gz
Vendored
BIN
View File
Binary file not shown.
.next/cache/webpack/server-development/index.pack.gz.old
Vendored
BIN
View File
Binary file not shown.
.next/package.json
+1
View File
@@ -0,0 +1 @@
{"type": "commonjs"}
.next/react-loadable-manifest.json
+1
View File
@@ -0,0 +1 @@
{}
.next/server/app-paths-manifest.json
+1
View File
@@ -0,0 +1 @@
{}
.next/server/interception-route-rewrite-manifest.js
+1
View File
@@ -0,0 +1 @@
self.__INTERCEPTION_ROUTE_REWRITE_MANIFEST="[]"
.next/server/middleware-build-manifest.js
+18
View File
@@ -0,0 +1,18 @@
self.__BUILD_MANIFEST = {
"polyfillFiles": [
"static/chunks/polyfills.js"
],
"devFiles": [],
"ampDevFiles": [],
"lowPriorityFiles": [],
"rootMainFiles": [],
"pages": {
"/_app": []
},
"ampFirstPages": []
};
self.__BUILD_MANIFEST.lowPriorityFiles = [
"/static/" + process.env.__NEXT_BUILD_ID + "/_buildManifest.js",
,"/static/" + process.env.__NEXT_BUILD_ID + "/_ssgManifest.js",
];
.next/server/middleware-manifest.json
+6
View File
@@ -0,0 +1,6 @@
{
"version": 3,
"middleware": {},
"functions": {},
"sortedMiddleware": []
}
.next/server/middleware-react-loadable-manifest.js
+1
View File
@@ -0,0 +1 @@
self.__REACT_LOADABLE_MANIFEST="{}"
.next/server/next-font-manifest.js
+1
View File
@@ -0,0 +1 @@
self.__NEXT_FONT_MANIFEST="{\"pages\":{},\"app\":{},\"appUsingSizeAdjust\":false,\"pagesUsingSizeAdjust\":false}"
.next/server/next-font-manifest.json
+1
View File
@@ -0,0 +1 @@
{"pages":{},"app":{},"appUsingSizeAdjust":false,"pagesUsingSizeAdjust":false}
.next/server/pages-manifest.json
+1
View File
@@ -0,0 +1 @@
{}
.next/server/server-reference-manifest.js
+1
View File
@@ -0,0 +1 @@
self.__RSC_SERVER_MANIFEST="{\n \"node\": {},\n \"edge\": {},\n \"encryptionKey\": \"process.env.NEXT_SERVER_ACTIONS_ENCRYPTION_KEY\"\n}"
.next/server/server-reference-manifest.json
+5
View File
@@ -0,0 +1,5 @@
{
"node": {},
"edge": {},
"encryptionKey": "4wbouw6RrCkiRBuhNA0RdY1ZJ0IOxBnrfMXrawt4S9g="
}
.next/static/chunks/polyfills.js
+1
View File
File diff suppressed because one or more lines are too long
.next/static/development/_buildManifest.js
+1
View File
@@ -0,0 +1 @@
self.__BUILD_MANIFEST = {__rewrites:{afterFiles:[],beforeFiles:[],fallback:[]},sortedPages:["\u002F_app"]};self.__BUILD_MANIFEST_CB && self.__BUILD_MANIFEST_CB()
.next/static/development/_ssgManifest.js
+1
View File
@@ -0,0 +1 @@
self.__SSG_MANIFEST=new Set;self.__SSG_MANIFEST_CB&&self.__SSG_MANIFEST_CB()
.next/trace
+2
View File
File diff suppressed because one or more lines are too long
.next/types/package.json
+1
View File
@@ -0,0 +1 @@
{"type": "module"}
app/admin/page.tsx
+16 -97
View File
@@ -83,7 +83,6 @@ interface Stats {
interface UserData {
national_id: string
name: string
role?: string
in_shelter?: string
last_updated?: string
is_admin: boolean
@@ -651,64 +650,35 @@ export default function AdminPage() {
const handleAddUser = async (e: React.FormEvent) => {
e.preventDefault()
const trimmedField = newUser.field.trim()
const trimmedDepartment = newUser.department.trim()
const trimmedTeam = newUser.team.trim()
const selectedRole = newUser.role as UserRole
if (!trimmedField || !selectedRole) {
setMessage("Please fill in the required fields.")
if (!newUser.field || !newUser.department || !newUser.team || !newUser.role) {
setMessage("יש לבחור תפקיד, תחום, מסגרת וצוות")
return
}
if (selectedRole === "department_admin") {
if (!trimmedDepartment) {
setMessage("Please fill in the required fields.")
return
}
} else if (selectedRole === "team_admin" || selectedRole === "user") {
if (!trimmedDepartment || !trimmedTeam) {
setMessage("Please fill in the required fields.")
return
}
}
try {
const payload = {
...newUser,
field: trimmedField,
department: trimmedDepartment,
team: trimmedTeam,
adminId: user?.national_id,
}
if (selectedRole === "field_admin") {
payload.department = ""
payload.team = ""
} else if (selectedRole === "department_admin") {
payload.team = ""
}
const response = await fetch("/api/admin/add-user", {
method: "POST",
headers: { "Content-Type": "application/json" },
body: JSON.stringify(payload),
body: JSON.stringify({
...newUser,
adminId: user?.national_id,
}),
})
const data = await response.json()
if (response.ok) {
setMessage(`${data.message}. Default password: password123`)
setMessage(`${data.message}. הסיסמה הזמנית: password123`)
setNewUser({ name: "", isAdmin: false, field: "", department: "", team: "", role: "" })
refetchGlobal()
refetchTeam()
refetchDepartment()
refetchField()
} else {
setMessage(data.error || "Failed to add user.")
setMessage(data.error || "שגיאה בהוספת משתמש")
}
} catch (err) {
setMessage("Failed to add user.")
setMessage("שגיאה בחיבור לשרת")
}
}
@@ -1160,34 +1130,6 @@ export default function AdminPage() {
}
}, [allowedManagedTabs, managedTypeTab])
const canShowTeamTab =
(user?.role === "team_admin" && !!user?.team) || (user?.role === "global_admin" && !!user?.team)
const canShowDepartmentTab =
(user?.role === "department_admin" && !!user?.department) ||
(user?.role === "global_admin" && !!user?.department)
const canShowFieldTab =
user?.role === "field_admin" || (user?.role === "global_admin" && !!user?.field)
const visibleTabs = [
canShowTeamTab ? "team" : null,
canShowDepartmentTab ? "department" : null,
canShowFieldTab ? "field" : null,
"global",
].filter(Boolean) as string[]
const tabColumns =
visibleTabs.length === 1
? "grid-cols-1"
: visibleTabs.length === 2
? "grid-cols-2"
: visibleTabs.length === 3
? "grid-cols-3"
: "grid-cols-4"
useEffect(() => {
if (visibleTabs.length > 0 && !visibleTabs.includes(activeTab)) {
setActiveTab(visibleTabs[0])
}
}, [activeTab, visibleTabs])
if (!user) return null
return (
@@ -1262,32 +1204,25 @@ export default function AdminPage() {
)}
<Tabs value={activeTab} onValueChange={setActiveTab} className="w-full" dir="rtl">
<TabsList className={`grid w-full ${tabColumns}`}>
{canShowTeamTab && (
<TabsList className="grid w-full grid-cols-4">
<TabsTrigger value="team" className="flex items-center gap-2">
<UsersIcon className="h-4 w-4" />
צוות
</TabsTrigger>
)}
{canShowDepartmentTab && (
<TabsTrigger value="department" className="flex items-center gap-2">
<Building2 className="h-4 w-4" />
מסגרת
</TabsTrigger>
)}
{canShowFieldTab && (
<TabsTrigger value="field" className="flex items-center gap-2">
<Globe className="h-4 w-4" />
תחום
</TabsTrigger>
)}
<TabsTrigger value="global" className="flex items-center gap-2">
<Globe className="h-4 w-4" />
כללי
</TabsTrigger>
</TabsList>
{canShowTeamTab && (
<TabsContent value="team" className="space-y-6">
<div className="grid md:grid-cols-2 gap-6">
<Card>
@@ -1343,9 +1278,7 @@ export default function AdminPage() {
</CardContent>
</Card>
</TabsContent>
)}
{canShowDepartmentTab && (
<TabsContent value="department" className="space-y-6">
<div className="grid md:grid-cols-2 gap-6">
<Card>
@@ -1410,9 +1343,7 @@ export default function AdminPage() {
</CardContent>
</Card>
</TabsContent>
)}
{canShowFieldTab && (
<TabsContent value="field" className="space-y-6">
<div className="grid md:grid-cols-2 gap-6">
<Card>
@@ -1477,7 +1408,6 @@ export default function AdminPage() {
</CardContent>
</Card>
</TabsContent>
)}
<TabsContent value="global" className="space-y-6">
<div className="grid md:grid-cols-2 gap-6">
@@ -1551,8 +1481,6 @@ export default function AdminPage() {
</SelectContent>
</Select>
</div>
{newUser.role !== "field_admin" && (
<div className="space-y-2">
<Label htmlFor="department">מסגרת</Label>
<Select
@@ -1571,9 +1499,6 @@ export default function AdminPage() {
</SelectContent>
</Select>
</div>
)}
{newUser.role !== "field_admin" && newUser.role !== "department_admin" && (
<div className="space-y-2">
<Label htmlFor="team">צוות</Label>
<Select value={newUser.team} onValueChange={(value) => setNewUser({ ...newUser, team: value })}>
@@ -1589,21 +1514,15 @@ export default function AdminPage() {
</SelectContent>
</Select>
</div>
)}
<div className="space-y-2">
<Label htmlFor="role">הרשאה</Label>
<Select
value={newUser.role}
onValueChange={(value) =>
setNewUser((prev) => {
const next = { ...prev, role: value, isAdmin: value !== "user" }
if (value === "field_admin") {
next.department = ""
next.team = ""
} else if (value === "department_admin") {
next.team = ""
}
return next
setNewUser({
...newUser,
role: value,
isAdmin: value !== "user", // Automatically set isAdmin
})
}
>
@@ -1935,11 +1854,11 @@ export default function AdminPage() {
<Card className="mt-8">
<CardContent className="py-3">
<div className="text-center text-xs text-gray-500">
סביבה: {instanceName || "לא זוהה"}
סביבה: {instanceName || process.env.NEXT_PUBLIC_HOSTNAME || process.env.HOSTNAME || "לא זוהה"}
<br/>
גרסה: {process.env.APPVERSION || "לא הוצהר ב-Dockerfile!"}
<br/>
2026 COPYRIGHT TR-WEB
2025 COPYRIGHT TR-WEB
</div>
</CardContent>
</Card>
app/api/admin/add-user/route.ts
+16 -38
View File
@@ -21,52 +21,44 @@ export async function POST(request: NextRequest) {
const { name, isAdmin, field, department, team, role } = await request.json()
// Input validation
if (!name || !field) {
return NextResponse.json({ error: "Invalid name or field." }, { status: 400 })
if (!name || !field || !department || !team) {
return NextResponse.json({ error: "נתונים חסרים" }, { status: 400 })
}
// Validate field against managed types
// Validate department, team, and field against managed types
if (!(await hasManagedType("field", field))) {
return NextResponse.json({ error: "Invalid field." }, { status: 400 })
}
const normalizedDepartment = typeof department === "string" && department.trim() ? department.trim() : null
if (normalizedDepartment && !(await hasManagedType("department", normalizedDepartment))) {
if (!(await hasManagedType("department", department))) {
return NextResponse.json({ error: "Invalid department." }, { status: 400 })
}
const normalizedTeam = typeof team === "string" && team.trim() ? team.trim() : null
if (normalizedTeam && !(await hasManagedType("team", normalizedTeam))) {
if (!(await hasManagedType("team", team))) {
return NextResponse.json({ error: "Invalid team." }, { status: 400 })
}
const fieldRows = (await safeQuery("SELECT id FROM managed_types WHERE type = 'field' AND name = ?", [
field,
])) as Array<{ id: number }>
const departmentRows = normalizedDepartment
? ((await safeQuery(
const departmentRows = (await safeQuery(
"SELECT id, parent_id AS parentId FROM managed_types WHERE type = 'department' AND name = ?",
[normalizedDepartment],
)) as Array<{ id: number; parentId: number | null }>)
: []
const teamRows = normalizedTeam
? ((await safeQuery(
[department],
)) as Array<{ id: number; parentId: number | null }>
const teamRows = (await safeQuery(
"SELECT id, parent_id AS parentId FROM managed_types WHERE type = 'team' AND name = ?",
[normalizedTeam],
)) as Array<{ id: number; parentId: number | null }>)
: []
[team],
)) as Array<{ id: number; parentId: number | null }>
if (fieldRows.length === 0 || (normalizedDepartment && departmentRows.length === 0) || (normalizedTeam && teamRows.length === 0)) {
if (fieldRows.length === 0 || departmentRows.length === 0 || teamRows.length === 0) {
return NextResponse.json({ error: "Invalid field, department, or team." }, { status: 400 })
}
if (normalizedDepartment && departmentRows[0].parentId !== fieldRows[0].id) {
if (departmentRows[0].parentId !== fieldRows[0].id) {
return NextResponse.json({ error: "Department does not belong to field." }, { status: 400 })
}
if (normalizedTeam && normalizedDepartment && teamRows[0].parentId !== departmentRows[0].id) {
if (teamRows[0].parentId !== departmentRows[0].id) {
return NextResponse.json({ error: "Team does not belong to department." }, { status: 400 })
}
@@ -76,21 +68,7 @@ export async function POST(request: NextRequest) {
const userRole: UserRole = (role as UserRole) || (isAdmin ? "global_admin" : "user")
if (!validRoles.includes(userRole)) {
return NextResponse.json({ error: "Invalid role." }, { status: 400 })
}
if (userRole === "field_admin") {
if (!field || normalizedDepartment || normalizedTeam) {
return NextResponse.json({ error: "Field admins must have a field only." }, { status: 400 })
}
} else if (userRole === "department_admin") {
if (!field || !normalizedDepartment || normalizedTeam) {
return NextResponse.json({ error: "Department admins must have field + department only." }, { status: 400 })
}
} else if (userRole === "team_admin" || userRole === "user") {
if (!field || !normalizedDepartment || !normalizedTeam) {
return NextResponse.json({ error: "Team/users require field, department, and team." }, { status: 400 })
}
return NextResponse.json({ error: "תפקיד לא תקין" }, { status: 400 })
}
// Generate unique Login ID
@@ -102,7 +80,7 @@ export async function POST(request: NextRequest) {
await safeQuery(
"INSERT INTO users (national_id, password, name, is_admin, role, must_change_password, field, department, team) VALUES (?, ?, ?, ?, ?, TRUE, ?, ?, ?)",
[nationalId, hashedPassword, name, isAdmin, userRole, field, normalizedDepartment, normalizedTeam],
[nationalId, hashedPassword, name, isAdmin, userRole, field, department, team],
)
return NextResponse.json({
app/api/admin/department-reset/route.ts
+3 -7
View File
@@ -11,7 +11,7 @@ export async function POST(request: NextRequest) {
// Get admin's field and department
const adminData = (await safeQuery(
"SELECT role, field, department FROM users WHERE national_id = ? AND role IS NOT NULL AND role != 'user'",
"SELECT field, department FROM users WHERE national_id = ? AND role IS NOT NULL AND role != 'user'",
[adminId],
)) as any[]
@@ -19,14 +19,10 @@ export async function POST(request: NextRequest) {
return NextResponse.json({ error: "מנהל לא נמצא" }, { status: 404 })
}
const { role: adminRole, field: adminField, department: adminDepartment } = adminData[0]
if (adminRole !== "department_admin" && adminRole !== "global_admin") {
return NextResponse.json({ error: "Insufficient permissions." }, { status: 403 })
}
const { field: adminField, department: adminDepartment } = adminData[0]
if (!adminField || !adminDepartment) {
return NextResponse.json({ error: "Department is not assigned." }, { status: 400 })
return NextResponse.json({ error: "למנהל לא הוגדרו תחום ומסגרת" }, { status: 400 })
}
// Check cooldown for department resets
app/api/admin/department-stats/route.ts
+4 -12
View File
@@ -11,7 +11,7 @@ export async function POST(request: Request) {
// Get admin's field and department
const adminData = (await executeQuery(
"SELECT role, field, department FROM users WHERE national_id = ? AND role IS NOT NULL AND role != 'user'",
"SELECT field, department FROM users WHERE national_id = ? AND role IS NOT NULL AND role != 'user'",
[adminId],
)) as any[]
@@ -19,18 +19,10 @@ export async function POST(request: Request) {
return NextResponse.json({ error: "מנהל לא נמצא" }, { status: 404 })
}
const { role: adminRole, field: adminField, department: adminDepartment } = adminData[0]
const { field: adminField, department: adminDepartment } = adminData[0]
if (adminRole !== "department_admin" && adminRole !== "global_admin" || !adminField || !adminDepartment) {
return NextResponse.json({
no_report: 0,
in_shelter: 0,
not_in_shelter: 0,
no_alarm: 0,
safe_after_exit: 0,
field: adminField,
department: adminDepartment,
})
if (!adminField || !adminDepartment) {
return NextResponse.json({ error: "למנהל לא הוגדרו תחום ומסגרת" }, { status: 400 })
}
// Get department stats with field and department context
app/api/admin/department-users-by-category/route.ts
+4 -4
View File
@@ -11,7 +11,7 @@ export async function POST(request: NextRequest) {
// Get admin's field and department
const adminData = (await executeQuery(
"SELECT role, field, department FROM users WHERE national_id = ? AND role IS NOT NULL AND role != 'user'",
"SELECT field, department FROM users WHERE national_id = ? AND role IS NOT NULL AND role != 'user'",
[adminId],
)) as any[]
@@ -19,10 +19,10 @@ export async function POST(request: NextRequest) {
return NextResponse.json({ error: "מנהל לא נמצא" }, { status: 404 })
}
const { role: adminRole, field: adminField, department: adminDepartment } = adminData[0]
const { field: adminField, department: adminDepartment } = adminData[0]
if (adminRole !== "department_admin" && adminRole !== "global_admin" || !adminField || !adminDepartment) {
return NextResponse.json([])
if (!adminField || !adminDepartment) {
return NextResponse.json({ error: "למנהל לא הוגדרו תחום ומסגרת" }, { status: 400 })
}
let query = ""
app/api/admin/department-users/route.ts
+4 -5
View File
@@ -11,7 +11,7 @@ export async function POST(request: Request) {
// Get admin's field and department
const adminData = (await executeQuery(
"SELECT role, field, department FROM users WHERE national_id = ? AND role IS NOT NULL AND role != 'user'",
"SELECT field, department FROM users WHERE national_id = ? AND role IS NOT NULL AND role != 'user'",
[adminId],
)) as any[]
@@ -19,10 +19,10 @@ export async function POST(request: Request) {
return NextResponse.json({ error: "מנהל לא נמצא" }, { status: 404 })
}
const { role: adminRole, field: adminField, department: adminDepartment } = adminData[0]
const { field: adminField, department: adminDepartment } = adminData[0]
if (adminRole !== "department_admin" && adminRole !== "global_admin" || !adminField || !adminDepartment) {
return NextResponse.json({ users: [], field: adminField, department: adminDepartment })
if (!adminField || !adminDepartment) {
return NextResponse.json({ error: "למנהל לא הוגדרו תחום ומסגרת" }, { status: 400 })
}
// Get department users with field and department context
@@ -31,7 +31,6 @@ export async function POST(request: Request) {
SELECT
national_id,
name,
role,
in_shelter,
last_updated,
is_admin,
app/api/admin/field-users/route.ts
-1
View File
@@ -30,7 +30,6 @@ export async function POST(request: Request) {
SELECT
national_id,
name,
role,
in_shelter,
last_updated,
is_admin,
app/api/admin/team-reset/route.ts
+3 -7
View File
@@ -12,7 +12,7 @@ export async function POST(request: NextRequest) {
// Get admin's field, department, and team
const adminData = (await safeQuery(
"SELECT role, field, department, team FROM users WHERE national_id = ? AND role IS NOT NULL AND role != 'user'",
"SELECT field, department, team FROM users WHERE national_id = ? AND role IS NOT NULL AND role != 'user'",
[adminId],
)) as any[]
@@ -20,14 +20,10 @@ export async function POST(request: NextRequest) {
return NextResponse.json({ error: "מנהל לא נמצא" }, { status: 404 })
}
const { role: adminRole, field: adminField, department: adminDepartment, team: adminTeam } = adminData[0]
if (adminRole !== "team_admin" && adminRole !== "global_admin") {
return NextResponse.json({ error: "Insufficient permissions." }, { status: 403 })
}
const { field: adminField, department: adminDepartment, team: adminTeam } = adminData[0]
if (!adminField || !adminDepartment || !adminTeam) {
return NextResponse.json({ error: "Team is not assigned." }, { status: 400 })
return NextResponse.json({ error: "למנהל לא הוגדרו תחום, מסגרת וצוות" }, { status: 400 })
}
await safeQuery(
app/api/admin/team-stats/route.ts
+4 -13
View File
@@ -11,7 +11,7 @@ export async function POST(request: Request) {
// Get admin's field, department, and team
const adminData = (await executeQuery(
"SELECT role, field, department, team FROM users WHERE national_id = ? AND role IS NOT NULL AND role != 'user'",
"SELECT field, department, team FROM users WHERE national_id = ? AND role IS NOT NULL AND role != 'user'",
[adminId],
)) as any[]
@@ -19,19 +19,10 @@ export async function POST(request: Request) {
return NextResponse.json({ error: "מנהל לא נמצא" }, { status: 404 })
}
const { role: adminRole, field: adminField, department: adminDepartment, team: adminTeam } = adminData[0]
const { field: adminField, department: adminDepartment, team: adminTeam } = adminData[0]
if (adminRole !== "team_admin" && adminRole !== "global_admin" || !adminField || !adminDepartment || !adminTeam) {
return NextResponse.json({
no_report: 0,
in_shelter: 0,
not_in_shelter: 0,
no_alarm: 0,
safe_after_exit: 0,
field: adminField,
department: adminDepartment,
team: adminTeam,
})
if (!adminField || !adminDepartment || !adminTeam) {
return NextResponse.json({ error: "למנהל לא הוגדרו תחום, מסגרת וצוות" }, { status: 400 })
}
// Get team stats with full context (field + department + team)
app/api/admin/team-users-by-category/route.ts
+4 -4
View File
@@ -11,7 +11,7 @@ export async function POST(request: NextRequest) {
// Get admin's field, department, and team
const adminData = (await executeQuery(
"SELECT role, field, department, team FROM users WHERE national_id = ? AND role IS NOT NULL AND role != 'user'",
"SELECT field, department, team FROM users WHERE national_id = ? AND role IS NOT NULL AND role != 'user'",
[adminId],
)) as any[]
@@ -19,10 +19,10 @@ export async function POST(request: NextRequest) {
return NextResponse.json({ error: "מנהל לא נמצא" }, { status: 404 })
}
const { role: adminRole, field: adminField, department: adminDepartment, team: adminTeam } = adminData[0]
const { field: adminField, department: adminDepartment, team: adminTeam } = adminData[0]
if (adminRole !== "team_admin" && adminRole !== "global_admin" || !adminField || !adminDepartment || !adminTeam) {
return NextResponse.json([])
if (!adminField || !adminDepartment || !adminTeam) {
return NextResponse.json({ error: "למנהל לא הוגדרו תחום, מסגרת וצוות" }, { status: 400 })
}
let query = ""
app/api/admin/team-users/route.ts
+4 -5
View File
@@ -10,7 +10,7 @@ export async function POST(request: Request) {
}
// Get admin's field, department, and team
const adminData = (await executeQuery("SELECT role, field, department, team FROM users WHERE national_id = ? AND role IS NOT NULL AND role != 'user'", [
const adminData = (await executeQuery("SELECT field, department, team FROM users WHERE national_id = ? AND role IS NOT NULL AND role != 'user'", [
adminId,
])) as any[]
@@ -18,10 +18,10 @@ export async function POST(request: Request) {
return NextResponse.json({ error: "מנהל לא נמצא" }, { status: 404 })
}
const { role: adminRole, field: adminField, department: adminDepartment, team: adminTeam } = adminData[0]
const { field: adminField, department: adminDepartment, team: adminTeam } = adminData[0]
if (adminRole !== "team_admin" && adminRole !== "global_admin" || !adminField || !adminDepartment || !adminTeam) {
return NextResponse.json({ users: [], field: adminField, department: adminDepartment, team: adminTeam })
if (!adminField || !adminDepartment || !adminTeam) {
return NextResponse.json({ error: "למנהל לא הוגדרו תחום, מסגרת וצוות" }, { status: 400 })
}
// Get team users with full context (field + department + team)
@@ -30,7 +30,6 @@ export async function POST(request: Request) {
SELECT
national_id,
name,
role,
in_shelter,
last_updated,
is_admin,
app/api/admin/update-user-scope/route.ts
+17 -35
View File
@@ -18,7 +18,7 @@ export async function POST(request: NextRequest) {
try {
const { adminId, targetUserId, field, department, team } = await request.json()
if (!adminId || !targetUserId || !field ) {
if (!adminId || !targetUserId || !field || !department || !team) {
return NextResponse.json({ error: "חסרים שדות חובה." }, { status: 400 })
}
@@ -31,7 +31,7 @@ export async function POST(request: NextRequest) {
const admin = adminRows[0]
const userRows = (await safeQuery("SELECT national_id, role, field, department, team FROM users WHERE national_id = ?", [
const userRows = (await safeQuery("SELECT national_id, field, department, team FROM users WHERE national_id = ?", [
targetUserId,
])) as any[]
if (userRows.length === 0) {
@@ -39,25 +39,10 @@ export async function POST(request: NextRequest) {
}
const targetUser = userRows[0]
const normalizedDepartment = typeof department === "string" && department.trim() ? department.trim() : null
const normalizedTeam = typeof team === "string" && team.trim() ? team.trim() : null
if (targetUser.role !== "field_admin" && !normalizedDepartment) {
return NextResponse.json({ error: "Missing required fields." }, { status: 400 })
}
if ((targetUser.role === "team_admin" || targetUser.role === "user") && !normalizedTeam) {
return NextResponse.json({ error: "Missing required fields." }, { status: 400 })
}
const effectiveDepartment = targetUser.role === "field_admin" ? null : normalizedDepartment
const effectiveTeam = targetUser.role === "field_admin" ? null : normalizedTeam
const [fieldOk, departmentOk, teamOk] = await Promise.all([
hasManagedType("field", field),
effectiveDepartment ? hasManagedType("department", effectiveDepartment) : Promise.resolve(true),
effectiveTeam ? hasManagedType("team", effectiveTeam) : Promise.resolve(true),
hasManagedType("department", department),
hasManagedType("team", team),
])
if (!fieldOk || !departmentOk || !teamOk) {
@@ -67,27 +52,24 @@ export async function POST(request: NextRequest) {
const fieldRows = (await safeQuery("SELECT id FROM managed_types WHERE type = 'field' AND name = ?", [
field,
])) as Array<{ id: number }>
const departmentRows = effectiveDepartment
? ((await safeQuery(
const departmentRows = (await safeQuery(
"SELECT id, parent_id AS parentId FROM managed_types WHERE type = 'department' AND name = ?",
[effectiveDepartment],
)) as Array<{ id: number; parentId: number | null }>)
: []
const teamRows = effectiveTeam
? ((await safeQuery("SELECT id, parent_id AS parentId FROM managed_types WHERE type = 'team' AND name = ?", [
effectiveTeam,
])) as Array<{ id: number; parentId: number | null }>)
: []
[department],
)) as Array<{ id: number; parentId: number | null }>
const teamRows = (await safeQuery(
"SELECT id, parent_id AS parentId FROM managed_types WHERE type = 'team' AND name = ?",
[team],
)) as Array<{ id: number; parentId: number | null }>
if (fieldRows.length === 0 || (effectiveDepartment && departmentRows.length === 0) || (effectiveTeam && teamRows.length === 0)) {
if (fieldRows.length === 0 || departmentRows.length === 0 || teamRows.length === 0) {
return NextResponse.json({ error: "תחום, מסגרת או צוות שגויים." }, { status: 400 })
}
if (effectiveDepartment && departmentRows[0].parentId !== fieldRows[0].id) {
if (departmentRows[0].parentId !== fieldRows[0].id) {
return NextResponse.json({ error: "מסגרת לא משוייכת לתחום הנבחר." }, { status: 400 })
}
if (effectiveTeam && teamRows[0].parentId !== departmentRows[0].id) {
if (teamRows[0].parentId !== departmentRows[0].id) {
return NextResponse.json({ error: "צוות לא משוייך למסגרת הנבחרת." }, { status: 400 })
}
@@ -112,7 +94,7 @@ export async function POST(request: NextRequest) {
if (targetUser.team !== admin.team) {
return NextResponse.json({ error: "המשתמש הנבחר לא משוייך לצוות שלך." }, { status: 403 })
}
if (effectiveTeam !== admin.team) {
if (team !== admin.team) {
return NextResponse.json({ error: "מנהלי צוותים רשאים לנהל אך ורק את הצוות שלהם." }, { status: 403 })
}
if (admin.department && department !== admin.department) {
@@ -127,8 +109,8 @@ export async function POST(request: NextRequest) {
await safeQuery("UPDATE users SET field = ?, department = ?, team = ? WHERE national_id = ?", [
field,
effectiveDepartment,
effectiveTeam,
department,
team,
targetUserId,
])
app/api/admin/users/route.ts
-1
View File
@@ -12,7 +12,6 @@ export async function POST(request: Request) { // Changed to POST, similar to te
SELECT
national_id,
name,
role,
in_shelter,
last_updated,
is_admin,
app/api/instance/route.ts
+1 -7
View File
@@ -1,15 +1,9 @@
import { NextResponse } from "next/server"
import os from "os"
export const dynamic = "force-dynamic"
export const revalidate = 0
export async function GET() {
try {
return NextResponse.json(
{ instance: os.hostname() },
{ headers: { "Cache-Control": "no-store" } },
)
return NextResponse.json({ instance: os.hostname() })
} catch (error) {
console.error("Instance fetch error:", error)
return NextResponse.json({ error: "Failed to load instance name." }, { status: 500 })
app/dashboard/page.tsx
+2 -2
View File
@@ -212,11 +212,11 @@ export default function DashboardPage() {
<Card className="mt-8">
<CardContent className="py-3">
<div className="text-center text-xs text-gray-500">
סביבה: {instanceName || "לא זוהה"}
סביבה: {instanceName || process.env.NEXT_PUBLIC_HOSTNAME || process.env.HOSTNAME || "לא זוהה"}
<br/>
גרסה: {process.env.APPVERSION || "לא הוגדרה גרסה ב-Dockerfile!"}
<br/>
2026 COPYRIGHT TR-WEB
2025 COPYRIGHT TR-WEB
</div>
</CardContent>
</Card>
app/layout.tsx
+3 -6
View File
@@ -1,12 +1,9 @@
import type React from "react"
import type { Metadata } from "next"
import { IBM_Plex_Sans_Hebrew } from "next/font/google"
import { Inter } from "next/font/google"
import "./globals.css"
const ibmPlexSansHebrew = IBM_Plex_Sans_Hebrew({
subsets: ["hebrew"],
weight: ["100", "200", "300", "400", "500", "600", "700"],
})
const inter = Inter({ subsets: ["latin"] })
export const metadata: Metadata = {
title: 'ממ"ד',
@@ -25,7 +22,7 @@ export default function RootLayout({
}) {
return (
<html lang="he" dir="rtl">
<body className={ibmPlexSansHebrew.className}>{children}</body>
<body className={inter.className}>{children}</body>
</html>
)
}
components/user-scope-modal.tsx
+12 -41
View File
@@ -15,7 +15,6 @@ interface ManagedTypeOption {
interface UserScopeModalUser {
national_id: string
name: string
role?: string
field?: string
department?: string
team?: string
@@ -45,18 +44,12 @@ export function UserScopeModal({
const [field, setField] = useState("")
const [department, setDepartment] = useState("")
const [team, setTeam] = useState("")
const noDepartmentValue = "__no_department__"
const noTeamValue = "__no_team__"
useEffect(() => {
if (user && isOpen) {
setField(user.field || "")
if (user.role === "field_admin") {
setDepartment(user.department || noDepartmentValue)
} else {
setDepartment(user.department || "")
}
setTeam(user.team || noTeamValue)
setTeam(user.team || "")
}
}, [user, isOpen])
@@ -65,30 +58,25 @@ export function UserScopeModal({
? departments.filter((item) => item.parentId === selectedFieldId)
: departments
const selectedDepartmentId = departments.find((item) => item.name === department)?.id
const availableTeams =
selectedDepartmentId && department !== noDepartmentValue
const availableTeams = selectedDepartmentId
? teams.filter((item) => item.parentId === selectedDepartmentId)
: []
: teams
useEffect(() => {
if (field && availableDepartments.length > 0) {
const hasDepartment = availableDepartments.some((item) => item.name === department)
if (!hasDepartment) {
setDepartment(user?.role === "field_admin" ? noDepartmentValue : "")
setTeam(noTeamValue)
setDepartment("")
setTeam("")
}
}
}, [field, availableDepartments, department])
useEffect(() => {
if (department === noDepartmentValue) {
setTeam(noTeamValue)
return
}
if (department && availableTeams.length > 0) {
const hasTeam = availableTeams.some((item) => item.name === team)
if (!hasTeam) {
setTeam(noTeamValue)
setTeam("")
}
}
}, [department, availableTeams, team])
@@ -96,16 +84,8 @@ export function UserScopeModal({
if (!user) return null
const handleSave = async () => {
if (!field) return
const normalizedDepartment = department === noDepartmentValue ? "" : department
const normalizedTeam = team === noTeamValue ? "" : team
const scopedDepartment = user.role === "field_admin" ? "" : normalizedDepartment
const scopedTeam = user.role === "field_admin" ? "" : normalizedTeam
if (user.role !== "field_admin" && !scopedDepartment) return
if ((user.role === "team_admin" || user.role === "user") && !scopedTeam) return
await onSave({ userId: user.national_id, field, department: scopedDepartment, team: scopedTeam })
if (!field || !department || !team) return
await onSave({ userId: user.national_id, field, department, team })
}
return (
@@ -124,7 +104,7 @@ export function UserScopeModal({
<div className="space-y-2">
<Select value={field} onValueChange={setField}>
<SelectTrigger dir="rtl">
<SelectValue placeholder="??? ????" />
<SelectValue placeholder="בחרו תחום" />
</SelectTrigger>
<SelectContent dir="rtl">
{fields.map((item) => (
@@ -139,7 +119,7 @@ export function UserScopeModal({
<div className="space-y-2">
<Select value={department} onValueChange={setDepartment}>
<SelectTrigger dir="rtl">
<SelectValue placeholder="??? ?????" />
<SelectValue placeholder="בחרו מסגרת" />
</SelectTrigger>
<SelectContent dir="rtl">
{availableDepartments.map((item) => (
@@ -147,9 +127,6 @@ export function UserScopeModal({
{item.name}
</SelectItem>
))}
{user.role === "field_admin" && (
<SelectItem value={noDepartmentValue}>??? ?????</SelectItem>
)}
</SelectContent>
</Select>
</div>
@@ -157,7 +134,7 @@ export function UserScopeModal({
<div className="space-y-2">
<Select value={team} onValueChange={setTeam}>
<SelectTrigger dir="rtl">
<SelectValue placeholder="??? ????" />
<SelectValue placeholder="בחרו צוות" />
</SelectTrigger>
<SelectContent dir="rtl">
{availableTeams.map((item) => (
@@ -165,7 +142,6 @@ export function UserScopeModal({
{item.name}
</SelectItem>
))}
<SelectItem value={noTeamValue}>ללא צוות</SelectItem>
</SelectContent>
</Select>
</div>
@@ -177,12 +153,7 @@ export function UserScopeModal({
<Button
onClick={handleSave}
className="w-full"
disabled={
isSaving ||
!field ||
(user.role !== "field_admin" && !department) ||
((user.role === "team_admin" || user.role === "user") && !team)
}
disabled={isSaving || !field || !department || !team}
>
{isSaving ? "שומר..." : "שמירה"}
</Button>
next.config.mjs
+2 -1
View File
@@ -1,7 +1,8 @@
/** @type {import('next').NextConfig} */
const nextConfig = {
env: {
APPVERSION: '1.1.4'
HOSTNAME: process.env.HOSTNAME || 'vmx-k3s-01',
APPVERSION: '1.1.0'
},
experimental: {
serverComponentsExternalPackages: ['mysql2']
package.json
+1 -1
View File
@@ -1,6 +1,6 @@
{
"name": "mamad-app",
"version": "1.1.4",
"version": "1.0.4",
"private": true,
"scripts": {
"build": "next build",
styles/globals.css
+3
View File
@@ -2,6 +2,9 @@
@tailwind components;
@tailwind utilities;
body {
font-family: Arial, Helvetica, sans-serif;
}
@layer utilities {
.text-balance {