added backup and email client

backend/src/routes/appSetting.routes.ts

@@ -1,7 +1,22 @@
 import { Router } from 'express';
+import multer from 'multer';
 import * as appSettingController from '../controllers/appSetting.controller.js';
+import * as backupController from '../controllers/backup.controller.js';
 import { authenticate, requirePermission } from '../middleware/auth.js';
 
+// Multer für Backup-Upload (in Memory speichern)
+const backupUpload = multer({
+  storage: multer.memoryStorage(),
+  limits: { fileSize: 500 * 1024 * 1024 }, // 500MB max
+  fileFilter: (req, file, cb) => {
+    if (file.mimetype === 'application/zip' || file.originalname.endsWith('.zip')) {
+      cb(null, true);
+    } else {
+      cb(new Error('Nur ZIP-Dateien sind erlaubt'));
+    }
+  },
+});
+
 const router = Router();
 
 // Öffentliche Einstellungen (für alle authentifizierten Benutzer, inkl. Kunden)
@@ -26,4 +41,63 @@ router.put(
   appSettingController.updateSettings
 );
 
+// ==================== BACKUP & RESTORE ====================
+
+// Liste aller Backups
+router.get(
+  '/backups',
+  authenticate,
+  requirePermission('settings:update'),
+  backupController.listBackups
+);
+
+// Neues Backup erstellen
+router.post(
+  '/backup',
+  authenticate,
+  requirePermission('settings:update'),
+  backupController.createBackup
+);
+
+// Backup wiederherstellen
+router.post(
+  '/backup/:name/restore',
+  authenticate,
+  requirePermission('settings:update'),
+  backupController.restoreBackup
+);
+
+// Backup löschen
+router.delete(
+  '/backup/:name',
+  authenticate,
+  requirePermission('settings:update'),
+  backupController.deleteBackup
+);
+
+// Backup als ZIP herunterladen
+router.get(
+  '/backup/:name/download',
+  authenticate,
+  requirePermission('settings:update'),
+  backupController.downloadBackup
+);
+
+// Backup-ZIP hochladen
+router.post(
+  '/backup/upload',
+  authenticate,
+  requirePermission('settings:update'),
+  backupUpload.single('backup'),
+  backupController.uploadBackup
+);
+
+// Werkseinstellungen (alles löschen)
+router.post(
+  '/factory-reset',
+  authenticate,
+  requirePermission('settings:update'),
+  backupController.factoryReset
+);
+
 export default router;

backend/src/routes/cachedEmail.routes.ts

@@ -0,0 +1,237 @@
+// ==================== CACHED EMAIL ROUTES ====================
+
+import { Router } from 'express';
+import * as cachedEmailController from '../controllers/cachedEmail.controller.js';
+import { authenticate, requirePermission } from '../middleware/auth.js';
+
+const router = Router();
+
+// ==================== E-MAIL LISTEN ====================
+
+// E-Mails für Kunden (mit optionalem Account-Filter)
+// GET /api/customers/:customerId/emails?accountId=1&limit=50&offset=0
+router.get(
+  '/customers/:customerId/emails',
+  authenticate,
+  requirePermission('customers:read'),
+  cachedEmailController.getEmailsForCustomer
+);
+
+// E-Mails für Vertrag
+// GET /api/contracts/:contractId/emails?limit=50&offset=0
+router.get(
+  '/contracts/:contractId/emails',
+  authenticate,
+  requirePermission('contracts:read'),
+  cachedEmailController.getEmailsForContract
+);
+
+// Ordner-Anzahlen für Vertrag (zugeordnete E-Mails)
+// GET /api/contracts/:contractId/emails/folder-counts
+router.get(
+  '/contracts/:contractId/emails/folder-counts',
+  authenticate,
+  requirePermission('contracts:read'),
+  cachedEmailController.getContractFolderCounts
+);
+
+// Mailbox-Konten eines Kunden (für Dropdown)
+// GET /api/customers/:customerId/mailbox-accounts
+router.get(
+  '/customers/:customerId/mailbox-accounts',
+  authenticate,
+  requirePermission('customers:read'),
+  cachedEmailController.getMailboxAccounts
+);
+
+// Ungelesene E-Mails zählen
+// GET /api/emails/unread-count?customerId=1 oder ?contractId=1
+router.get(
+  '/emails/unread-count',
+  authenticate,
+  requirePermission('customers:read'),
+  cachedEmailController.getUnreadCount
+);
+
+// ==================== EINZELNE E-MAIL ====================
+
+// Einzelne E-Mail abrufen (mit Body, markiert als gelesen)
+// GET /api/emails/:id
+router.get(
+  '/emails/:id',
+  authenticate,
+  requirePermission('customers:read'),
+  cachedEmailController.getEmail
+);
+
+// E-Mail in Papierkorb verschieben (nur User mit emails:delete Permission)
+// DELETE /api/emails/:id
+router.delete(
+  '/emails/:id',
+  authenticate,
+  requirePermission('emails:delete'),
+  cachedEmailController.deleteEmail
+);
+
+// ==================== PAPIERKORB ====================
+
+// Papierkorb-E-Mails für Kunden abrufen
+// GET /api/customers/:customerId/emails/trash
+router.get(
+  '/customers/:customerId/emails/trash',
+  authenticate,
+  requirePermission('emails:delete'),
+  cachedEmailController.getTrashEmails
+);
+
+// Papierkorb-Anzahl für Kunden
+// GET /api/customers/:customerId/emails/trash/count
+router.get(
+  '/customers/:customerId/emails/trash/count',
+  authenticate,
+  requirePermission('emails:delete'),
+  cachedEmailController.getTrashCount
+);
+
+// E-Mail aus Papierkorb wiederherstellen
+// POST /api/emails/:id/restore
+router.post(
+  '/emails/:id/restore',
+  authenticate,
+  requirePermission('emails:delete'),
+  cachedEmailController.restoreEmail
+);
+
+// E-Mail endgültig löschen (nur aus Papierkorb)
+// DELETE /api/emails/:id/permanent
+router.delete(
+  '/emails/:id/permanent',
+  authenticate,
+  requirePermission('emails:delete'),
+  cachedEmailController.permanentDeleteEmail
+);
+
+// E-Mail-Thread abrufen
+// GET /api/emails/:id/thread
+router.get(
+  '/emails/:id/thread',
+  authenticate,
+  requirePermission('customers:read'),
+  cachedEmailController.getThread
+);
+
+// Als gelesen/ungelesen markieren
+// PATCH /api/emails/:id/read
+router.patch(
+  '/emails/:id/read',
+  authenticate,
+  requirePermission('customers:update'),
+  cachedEmailController.markAsRead
+);
+
+// Stern umschalten
+// POST /api/emails/:id/star
+router.post(
+  '/emails/:id/star',
+  authenticate,
+  requirePermission('customers:update'),
+  cachedEmailController.toggleStar
+);
+
+// ==================== ANHÄNGE ====================
+
+// Anhang-Liste einer E-Mail
+// GET /api/emails/:emailId/attachments
+router.get(
+  '/emails/:emailId/attachments',
+  authenticate,
+  requirePermission('customers:read'),
+  cachedEmailController.getAttachments
+);
+
+// Einzelnen Anhang herunterladen
+// GET /api/emails/:emailId/attachments/:filename
+router.get(
+  '/emails/:emailId/attachments/:filename',
+  authenticate,
+  requirePermission('customers:read'),
+  cachedEmailController.downloadAttachment
+);
+
+// ==================== VERTRAGSZUORDNUNG ====================
+
+// E-Mail Vertrag zuordnen
+// POST /api/emails/:id/assign  { contractId: number }
+router.post(
+  '/emails/:id/assign',
+  authenticate,
+  requirePermission('contracts:update'),
+  cachedEmailController.assignToContract
+);
+
+// Zuordnung aufheben
+// DELETE /api/emails/:id/assign
+router.delete(
+  '/emails/:id/assign',
+  authenticate,
+  requirePermission('contracts:update'),
+  cachedEmailController.unassignFromContract
+);
+
+// ==================== STRESSFREI-EMAIL OPERATIONEN ====================
+
+// E-Mails für ein Konto synchronisieren
+// POST /api/stressfrei-emails/:id/sync?full=true
+router.post(
+  '/stressfrei-emails/:id/sync',
+  authenticate,
+  requirePermission('customers:update'),
+  cachedEmailController.syncAccount
+);
+
+// E-Mail senden
+// POST /api/stressfrei-emails/:id/send  { to, cc, subject, text, html, inReplyTo, references }
+router.post(
+  '/stressfrei-emails/:id/send',
+  authenticate,
+  requirePermission('customers:update'),
+  cachedEmailController.sendEmailFromAccount
+);
+
+// Mailbox nachträglich aktivieren
+// POST /api/stressfrei-emails/:id/enable-mailbox
+router.post(
+  '/stressfrei-emails/:id/enable-mailbox',
+  authenticate,
+  requirePermission('customers:update'),
+  cachedEmailController.enableMailbox
+);
+
+// Mailbox-Status mit Provider synchronisieren
+// POST /api/stressfrei-emails/:id/sync-mailbox-status
+router.post(
+  '/stressfrei-emails/:id/sync-mailbox-status',
+  authenticate,
+  requirePermission('customers:read'),
+  cachedEmailController.syncMailboxStatus
+);
+
+// Mailbox-Zugangsdaten abrufen (IMAP/SMTP)
+// GET /api/stressfrei-emails/:id/credentials
+router.get(
+  '/stressfrei-emails/:id/credentials',
+  authenticate,
+  requirePermission('customers:read'),
+  cachedEmailController.getMailboxCredentials
+);
+
+// Ordner-Anzahlen für ein Konto (INBOX, SENT, ungelesen)
+// GET /api/stressfrei-emails/:id/folder-counts
+router.get(
+  '/stressfrei-emails/:id/folder-counts',
+  authenticate,
+  requirePermission('customers:read'),
+  cachedEmailController.getFolderCounts
+);
+
+export default router;

backend/src/routes/contractCategory.routes.ts

@@ -4,10 +4,13 @@ import { authenticate, requirePermission } from '../middleware/auth.js';
 
 const router = Router();
 
+// Lesen für alle authentifizierten Benutzer
 router.get('/', authenticate, contractCategoryController.getContractCategories);
-router.post('/', authenticate, requirePermission('platforms:create'), contractCategoryController.createContractCategory);
 router.get('/:id', authenticate, contractCategoryController.getContractCategory);
-router.put('/:id', authenticate, requirePermission('platforms:update'), contractCategoryController.updateContractCategory);
-router.delete('/:id', authenticate, requirePermission('platforms:delete'), contractCategoryController.deleteContractCategory);
+
+// Ändern/Löschen nur mit Entwickler-Berechtigung (Vertragstypen erfordern Formular-Anpassungen)
+router.post('/', authenticate, requirePermission('developer:access'), contractCategoryController.createContractCategory);
+router.put('/:id', authenticate, requirePermission('developer:access'), contractCategoryController.updateContractCategory);
+router.delete('/:id', authenticate, requirePermission('developer:access'), contractCategoryController.deleteContractCategory);
 
 export default router;

backend/src/routes/stressfreiEmail.routes.ts

@@ -9,4 +9,7 @@ router.get('/:id', authenticate, requirePermission('customers:read'), stressfrei
 router.put('/:id', authenticate, requirePermission('customers:update'), stressfreiEmailController.updateEmail);
 router.delete('/:id', authenticate, requirePermission('customers:delete'), stressfreiEmailController.deleteEmail);
 
+// Passwort zurücksetzen (generiert neues Passwort und setzt es beim Provider)
+router.post('/:id/reset-password', authenticate, requirePermission('customers:update'), stressfreiEmailController.resetPassword);
+
 export default router;