E-Mail Tab:
- Klick auf E-Mail öffnet Detail-Modal (Lesefenster wie Outlook)
- Modal zeigt: Betreff, Absender, Datum, Anhang-Info, Body-Vorschau
- CRM-Bereich: gefundener Kontakt mit "Im CRM öffnen" + "Als Aktivität"
speichern; kein Kontakt → "Kontakt anlegen" navigiert zu /crm/contacts
- "In Outlook öffnen" Link im Footer des Modals
Kalender Tab:
- WeekView: nur Arbeitstage Mo–Fr (5-Spalten-Grid statt 7)
- Neue Ansicht "Agenda": 14-Tage-Listenansicht (eigener Toggle-Button)
- Tages-Agenda nur bei Monat- und Wochenansicht sichtbar (nicht Agenda-View)
- Home-Tab: Tages-Agenda des heutigen Tages als Widget rechts
(nur sichtbar wenn M365 verbunden)
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
- Graph API: getCalendarEventsForRange() für beliebigen Datumsbereich,
GET /crm/office365/calendar/range?startDate=&endDate= Endpoint
(vor bestehenden calendar-Route definiert um Routing-Konflikt zu vermeiden)
- Graph API: wellKnownName aus mailFolders $select entfernt (400-Fehler auf
Exchange-Tenants die das OData-Property nicht unterstützen)
- Frontend: DashboardCalendarTab mit MonthView (6×7 Grid), WeekView (7 Spalten)
und DayAgenda (rechts 1/3), Navigation vor/zurück + Heute-Button,
deterministisches Event-Coloring, Klick öffnet Termin in Outlook Online
- Frontend: DashboardEmailTab Ordner-Sortierung auf Display-Name-Basis
(wellKnownName optional, isInboxFolder() erkennt Posteingang/Inbox)
- Frontend: M365MailFolder.wellKnownName als optional markiert
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Vorher: activeFolderId war null bis Ordnerliste geladen → E-Mail-Query nie gestartet
Jetzt: Default-Ordner-ID = 'inbox' (Graph API Well-Known-Name) → sofortiger Abruf
Zusätzlich: Fehler-/Leer-Zustand in der Ordner-Sidebar anzeigen
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Tab-Leiste auf Dashboard-Seite. Home zeigt bisherigen Inhalt,
restliche Tabs als Platzhalter (Inhalt folgt).
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Traefik leitet x-forwarded-proto nicht korrekt weiter, sodass der
Controller http:// statt https:// generierte — Azure lehnt nicht-HTTPS
Redirect-URIs für nicht-localhost ab (AADSTS50011).
Protokoll wird jetzt aus der konfigurierten SSO-Redirect-URI abgeleitet
(immer HTTPS), der Host bleibt dynamisch (IP oder DNS).
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
MSAL-node v5 erzeugt bei getAuthCodeUrl mit reinen Graph-API-Scopes
(ohne openid) einen fehlerhaften Authorize-URL → AADSTS900561.
getIntegrationAuthUrl und handleIntegrationCallback verwenden jetzt
direkte fetch-Aufrufe (analog zu refreshIntegrationToken) ohne MSAL,
was den Fehler umgeht und denselben Standard-OAuth2-Flow garantiert.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Problem: Redirect-URI wurde falsch aus SSO-URI abgeleitet, und unterstützte
nur eine feste URL statt sowohl IP als auch DNS-Name.
Lösung:
- initM365Integration: Host aus x-forwarded-host/host Header lesen,
korrekte Redirect-URI bauen (proto://host/api/v1/auth/integrations/...)
- Redis-State speichert jetzt {userId, redirectUri} als JSON
- handleIntegrationCallback: gespeicherte redirectUri aus State verwenden
- getIntegrationAuthUrl/handleIntegrationCallback: optionaler redirectUri-Parameter
- Fallback-Derivation: base URL aus SSO-URI + fester Integrations-Pfad
Beide URIs müssen in Azure registriert sein:
- http://172.20.10.59/api/v1/auth/integrations/microsoft-365/callback
- http://insight.xinion.lan/api/v1/auth/integrations/microsoft-365/callback
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
IntegrationsService benötigt EntraIdService (Token-Refresh), der in
AuthModule als Provider registriert aber nicht exportiert war.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
- Neuer "Integrationen"-Tab in ProfilePage mit "Microsoft 365 verbinden"-
Button, OAuth-Callback-Handling (?integration=...&status=...), Trennen-Button
- EmailsTab, CalendarTab, TasksTab fuer ContactDetailPage (via MS Graph Proxy)
- useIntegrations, useDisconnectM365, useContactEmails/Calendar/Tasks Hooks
- integrationsApi + graphApi in crm/api.ts
- M365Email, M365CalendarEvent, M365Task, UserIntegration Types in crm/types.ts
- Tabs nur sichtbar wenn Kontakt eine E-Mail-Adresse hat; ohne Verbindung Connect-Button
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
- Neues GraphModule mit GraphService + GraphController
- GET /crm/contacts/:id/emails → MS Graph Emails (Search nach Kontakt-E-Mail)
- GET /crm/contacts/:id/calendar → Kalender-Termine (naechste 90 Tage)
- GET /crm/contacts/:id/tasks → Microsoft To Do Listen + Aufgaben
- GraphService: JWT an Core-Service weiterleiten, M365-Token holen, Graph aufrufen
- Redis-Cache 5 Minuten fuer alle Graph-Responses
- CORE_SERVICE_URL env var + docker-compose.crm.yml Eintrag
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Import ist kein eigener Nav-Eintrag mehr, sondern ein Tab
in den CRM-Einstellungen. /crm/import redirectet auf /crm/settings.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Lexware contact linking is not relevant for individual contacts,
only for companies. Removed LexwareSection component and the
two-column topRow grid layout.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
- Name (Unternehmen) in Klammern in der Überschrift
- Grüner Punkt → "● Aktiv"/"● Inaktiv" Badge
- Position als Subtitle unterhalb des Namens
- Lexware-Card rechts neben Kontaktdaten (260px)
- Aktivitäten als volle Breite unterhalb der Kontaktdaten
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Backend (CRM expert): Custom field definitions CRUD, bulk value upsert,
7 endpoints, Prisma schema with CustomFieldDef + CustomFieldValue tables.
Frontend: Types, API, hooks, admin settings page with field management,
CustomFieldsDisplay for detail pages, CustomFieldsForm for edit modals.
Also fix Vite allowedHosts for insight.xinion.lan.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
- Backend: 4 new endpoints in SettingsController (GET/POST/DELETE /settings/ssl, POST /settings/ssl/check-dns)
- Certificate validation via Node.js crypto.X509Certificate (PEM format, expiry, SAN match)
- DNS resolution check via dns.promises.resolve4
- Auto-generates Traefik dynamic config (ssl-domain.yml) with custom domain routing + HTTP->HTTPS redirect
- Frontend: AdminSslPage with DNS name input, cert/key upload, status display
- Docker: Core-service gets access to traefik-certs volume and dynamic config directory
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Backend: TradeEvent Prisma model, NestJS CRUD module with date validation
and tenant isolation. Frontend: Admin Events page with create/edit/delete
modals, dashboard countdown tiles showing upcoming/ongoing/ended events
with progress bars, and useEventCountdown hook for live timer updates.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Sub-rows now have an indigo left border, tinted background and stronger
indent to visually separate them from company rows. Dark mode variants
included. Expanded company row also gets a primary-colored left border.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Companies with linked contacts now show an expand arrow. Clicking it
lazy-loads and displays contacts as indented sub-rows with name,
position, email, phone, type badge and status. Backend gains companyId
filter on GET /contacts for efficient per-company querying.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
The voucherlist endpoint returns items with 'id' field, but our interface
defined it as 'voucherId', causing undefined IDs when fetching voucher details.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
The Lexware Office API requires voucherStatus as a mandatory parameter
for the /v1/voucherlist endpoint. Without it, the API returns 400 Bad
Request. Using 'any' fetches vouchers regardless of status.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
When importing contact persons from Lexware, if the parent company
is already in the CRM (detected via linkedMap), the companyId is now
passed to createContact so the contact is properly associated.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
The backend DTO validation enforces @Max(100) on pageSize. The ImportTab
was requesting pageSize=500, causing a 400 Bad Request. This left the
linkedMap empty and showed import buttons for already-imported contacts.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Import tab now loads all CRM companies/contacts and cross-references
lexwareContactId to detect already-imported entries. Linked contacts show
a green badge and "Öffnen" link instead of import buttons.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
- TenantGuard: remove PLATFORM_ADMIN bypass, require tenantId for all users
- lexware-contacts.service: add defensive tenantId check in importAsCompany
and importAsContact with clear BadRequestException message
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
- Backend: new CRUD services/controllers for Industries, AccountTypes,
RelationshipTypes, CompanyRelationships with Prisma schema migration
- Frontend: new hooks, API functions, and types for all config entities
- CompanyDetailPage redesign with ActivityFeed, RelationshipsCard
- CompanyFormModal extended with industry, account type, owner fields
- Activities service now supports companyId filter + includeContacts
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
- Replace search-only ImportTab with paginated browsable list of all Lexware contacts
- Add expandable Ansprechpartner (contact persons) section per company
- Individual Ansprechpartner can be imported as CRM contacts
- Add pagination controls for navigating large contact lists
- Search filter still available (min. 3 chars, backend MinLength constraint)
- Clean up useLexwareContacts hook with proper query key
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
New admin page under /crm/lexware-sync with two tabs:
- Import: Search Lexware contacts and import as CRM company or contact
- Export: List CRM companies/contacts and push to Lexware Office
Accessible via CRM Settings page (admin-only).
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
