added backup and email client

2026-02-01 00:02:35 +01:00
parent ff857be01a
commit e4fdfbc95f
210 changed files with 24211 additions and 742 deletions
@@ -122,7 +122,7 @@ async function getUserById(id) {
 }
 async function createUser(data) {
    const hashedPassword = await bcryptjs_1.default.hash(data.password, 10);
-    return prisma.user.create({
+    const user = await prisma.user.create({
        data: {
            email: data.email,
            password: hashedPassword,
@@ -145,6 +145,11 @@ async function createUser(data) {
            },
        },
    });
+    // Entwicklerzugriff setzen falls aktiviert
+    if (data.hasDeveloperAccess) {
+        await setUserDeveloperAccess(user.id, true);
+    }
+    return user;
 }
 async function updateUser(id, data) {
    const { roleIds, password, hasDeveloperAccess, ...userData } = data;
@@ -224,10 +229,27 @@ async function updateUser(id, data) {
    if (password) {
        userData.password = await bcryptjs_1.default.hash(password, 10);
    }
-    // Update user
+    // Prüfen ob Rollen geändert werden (für Zwangslogout)
+    let rolesChanged = false;
+    if (roleIds !== undefined) {
+        const currentRoles = await prisma.userRole.findMany({
+            where: { userId: id },
+            select: { roleId: true },
+        });
+        const currentRoleIds = currentRoles.map((r) => r.roleId).sort();
+        const newRoleIds = [...roleIds].sort();
+        rolesChanged =
+            currentRoleIds.length !== newRoleIds.length ||
+                !currentRoleIds.every((id, i) => id === newRoleIds[i]);
+    }
+    // Update user - bei Rollenänderung Token invalidieren
    await prisma.user.update({
        where: { id },
-        data: userData,
+        data: {
+            ...userData,
+            // Token invalidieren wenn Rollen geändert werden
+            ...(rolesChanged && { tokenInvalidatedAt: new Date() }),
+        },
    });
    // Update roles if provided
    if (roleIds) {
@@ -281,6 +303,11 @@ async function setUserDeveloperAccess(userId, enabled) {
        await prisma.userRole.create({
            data: { userId, roleId: developerRole.id },
        });
+        // Token invalidieren bei Rechteänderung
+        await prisma.user.update({
+            where: { id: userId },
+            data: { tokenInvalidatedAt: new Date() },
+        });
    }
    else if (!enabled && hasRole) {
        // Remove Developer role
@@ -288,6 +315,11 @@ async function setUserDeveloperAccess(userId, enabled) {
        await prisma.userRole.delete({
            where: { userId_roleId: { userId, roleId: developerRole.id } },
        });
+        // Token invalidieren bei Rechteänderung
+        await prisma.user.update({
+            where: { id: userId },
+            data: { tokenInvalidatedAt: new Date() },
+        });
    }
    else {
        console.log('No action needed - enabled:', enabled, 'hasRole:', !!hasRole);