feat(admin): inquiry inbox, send log, email-template overrides, reports dashboard, recommender keys, role-editor coverage; replace placeholder pages

Closes the bulk of audit-pass-#1 admin gaps in one batch. New admin pages: - /admin/inquiries reads website_submissions with filter chips for berth/residence/contact + payload viewer per row. - /admin/sends reads document_sends with sent/failed filter chips and expandable body markdown; failures surface errorReason and any fallback-to-link reason from the SMTP retry. - /admin/email-templates lets per-port admins override the subject of each transactional template (8 templates catalogued in template-catalog.ts). Body editing is a follow-on; portal_activation + portal_reset are wired to honor the override via loadSubjectOverride. - /admin/reports replaces the "Coming in Layer 3" placeholder with a KPI dashboard: 4 KPI tiles, pipeline funnel bars, berth occupancy donut-bars, conversion %, refresh every 60s. - backup/import/onboarding admin pages replace placeholders with actionable guidance: backup posture + planned features, available CLI imports + planned UI, ordered onboarding checklist linking to admin pages. Existing pages widened: - settings-manager exposes the 9 berth-recommender tunables that were previously code-only (recommender_*, heat_weight_*, fallthrough_*, tier_ladder_hide_late_stage). - role-form covers all 19 RolePermissions schema groups; previously missing yachts/companies/memberships/reservations + missing documents.edit + files.edit checkboxes. snake_case residential labels replaced with friendly text. portal-auth.service.ts now also writes audit_log rows for portal invite, resend, activate, password-reset request, and reset (closes one more audit-pass-#2 gap while we were touching the file). Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
2026-05-06 14:58:17 +02:00
parent 8cdee99310
commit c90876abad
22 changed files with 1703 additions and 54 deletions
--- a/src/app/api/v1/admin/email-templates/route.ts
+++ b/src/app/api/v1/admin/email-templates/route.ts
@@ -0,0 +1,91 @@
+import { NextResponse } from 'next/server';
+import { eq, inArray } from 'drizzle-orm';
+import { z } from 'zod';
+
+import { withAuth, withPermission } from '@/lib/api/helpers';
+import { parseBody } from '@/lib/api/route-helpers';
+import { db } from '@/lib/db';
+import { systemSettings } from '@/lib/db/schema/system';
+import {
+  TEMPLATE_CATALOG,
+  TEMPLATE_KEYS,
+  settingKeyForSubject,
+  type TemplateKey,
+} from '@/lib/email/template-catalog';
+import { upsertSetting, deleteSetting } from '@/lib/services/settings.service';
+import { errorResponse } from '@/lib/errors';
+
+const upsertSchema = z.object({
+  key: z.enum(TEMPLATE_KEYS),
+  subject: z.string().max(300).nullable(),
+});
+
+export const GET = withAuth(
+  withPermission('admin', 'manage_settings', async (_req, ctx) => {
+    try {
+      const subjectKeys = TEMPLATE_KEYS.map(settingKeyForSubject);
+      const rows = await db
+        .select({
+          key: systemSettings.key,
+          value: systemSettings.value,
+          portId: systemSettings.portId,
+        })
+        .from(systemSettings)
+        .where(inArray(systemSettings.key, subjectKeys));
+
+      const byKey = new Map<string, { port?: string; global?: string }>();
+      for (const r of rows) {
+        const slot = byKey.get(r.key) ?? {};
+        if (r.portId === ctx.portId && typeof r.value === 'string') slot.port = r.value;
+        if (r.portId === null && typeof r.value === 'string') slot.global = r.value;
+        byKey.set(r.key, slot);
+      }
+
+      const data = TEMPLATE_KEYS.map((key) => {
+        const meta = TEMPLATE_CATALOG[key];
+        const settingKey = settingKeyForSubject(key);
+        const overrides = byKey.get(settingKey) ?? {};
+        const effective = overrides.port ?? overrides.global ?? meta.defaultSubject;
+        return {
+          key,
+          label: meta.label,
+          description: meta.description,
+          mergeTokens: meta.mergeTokens,
+          defaultSubject: meta.defaultSubject,
+          subjectOverride: overrides.port ?? null,
+          effectiveSubject: effective,
+        };
+      });
+
+      return NextResponse.json({ data });
+    } catch (error) {
+      return errorResponse(error);
+    }
+  }),
+);
+
+export const PUT = withAuth(
+  withPermission('admin', 'manage_settings', async (req, ctx) => {
+    try {
+      const body = await parseBody(req, upsertSchema);
+      const settingKey = settingKeyForSubject(body.key as TemplateKey);
+      const meta = {
+        userId: ctx.userId,
+        portId: ctx.portId,
+        ipAddress: ctx.ipAddress,
+        userAgent: ctx.userAgent,
+      };
+      if (body.subject === null || body.subject === '') {
+        // Clear the override (and only at the per-port level — never touch global).
+        await deleteSetting(settingKey, ctx.portId, meta);
+      } else {
+        await upsertSetting(settingKey, body.subject, ctx.portId, meta);
+      }
+      return NextResponse.json({ data: { ok: true } });
+    } catch (error) {
+      return errorResponse(error);
+    }
+  }),
+);
+
+void eq;