Benjamin_Boenisch/breakpilot-lehrer
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Phase 8: CSV + ICS export, print view, MkDocs docs, SBOM + dev-mode auth

Browse Source 
Auth (Test-Mode):
  - middleware.AuthMiddleware now takes a devMode flag. In dev,
    requests without Authorization fall back to a deterministic dev
    UUID (00000000-...-001) and role=teacher. ENVIRONMENT=production
    re-enables the strict 401 path.
  - main.go wires devMode = cfg.Environment != "production".
  - page.tsx replaces the red 'Anmeldung noch nicht integriert' banner
    with a softer Testumgebung notice; the manual-token form moves
    behind a nested details block.

Export endpoints (school-service):
  - LoadExportLessons joins tt_lesson with tt_period for wall-clock
    times; one query feeds both CSV and ICS.
  - WriteCSV streams 10 columns including pinned flag.
  - WriteICS emits one VEVENT per lesson anchored to a Monday — caller
    overridable via ?start=YYYY-MM-DD. RFC 5545 escapes for ',', ';',
    '\n' in icsEscape().
  - NextMonday helper for the default anchor.
  - GET /timetable/solutions/:id/export.{csv,ics} handlers attach
    Content-Disposition: attachment so browsers download instead of
    rendering.

Frontend:
  - lib/stundenplan/api.ts downloadSolutionExport() fetches as blob,
    triggers a synthetic <a download> click, and forwards the JWT when
    present.
  - PlanView gains CSV / ICS / Drucken buttons next to the perspective
    selector. The toolbar carries class 'no-print' so window.print()
    yields only the grid.
  - globals.css @media print rule hides chrome, forces white
    background, gives the table proper borders for A4.

Docs:
  - docs-src/services/stundenplan/{index,architecture,constraints,
    solver-tuning,export}.md with nav entry in mkdocs.yml under
    Services → Stundenplaner.
  - sbom/stundenplan/README.md lists manually-verified key dependencies
    and the policy reference. scripts/stundenplan-sbom.sh generates
    full machine-readable inventories via go-licenses + pip-licenses
    + license-checker when those tools are available.

Tests:
  - internal/services/timetable_exports_test.go: 4 unit tests covering
    CSV column layout + quoting, ICS structure + DTSTART formatting,
    icsEscape special chars, NextMonday weekday math.
  - studio-v2/e2e/stundenplan-export.spec.ts split out of the main spec
    file (LOC budget) — 3 tests for button render, CSV download,
    ICS download.
  - mockSchoolApi extended with export.csv + export.ics routes.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
This commit is contained in:
Benjamin Admin
2026-05-22 08:57:07 +02:00
parent bf5ea860cc
commit 306886a42b
20 changed files with 1014 additions and 43 deletions
Download Patch File Download Diff File Expand all files Collapse all files
studio-v2/app/stundenplan/page.tsx
+35 -36
View File
@@ -76,48 +76,47 @@ export default function StundenplanPage() {
<HelpPanel />
<div
className={`mb-4 p-3 rounded-xl border backdrop-blur-xl ${
isDark ? 'bg-amber-500/10 border-amber-500/30 text-amber-200' : 'bg-amber-50 border-amber-200 text-amber-900'
className={`mb-4 p-3 rounded-xl border backdrop-blur-xl text-sm ${
isDark ? 'bg-emerald-500/10 border-emerald-500/30 text-emerald-200' : 'bg-emerald-50 border-emerald-200 text-emerald-900'
}`}
>
<details>
<summary className="cursor-pointer text-sm font-medium">
Anmeldung noch nicht integriert Dev-Token setzen
<summary className="cursor-pointer font-medium">
Testumgebung Anmeldung deaktiviert
</summary>
<div className="mt-3 space-y-2 text-sm">
<div className="mt-2 space-y-2">
<p>
Bis die volle BreakPilot-Anmeldung an dieses Modul angebunden ist, muss
ein gueltiger JWT-Token manuell hinterlegt werden. Ohne Token antwortet
die API mit <code className={`px-1 rounded ${isDark ? 'bg-white/10' : 'bg-amber-100'}`}>Authorization header required</code>.
Der school-service laeuft im Development-Mode und akzeptiert Requests
ohne JWT. Alle Aktionen werden einem festen Dev-User
zugeordnet (<code className={`px-1 rounded ${isDark ? 'bg-white/10' : 'bg-emerald-100'}`}>00000000-0000-0000-0000-000000000001</code>).
</p>
<ol className="list-decimal list-inside space-y-1 opacity-90">
<li>An BreakPilot anmelden (z.B. ueber das Lehrer-Login)</li>
<li>Im Browser DevTools Application/Storage Cookies oder localStorage den
JWT-Token kopieren (Feldname kann je nach Login-Flow variieren)</li>
<li>Token unten einfuegen, Speichern, Seite neu laden</li>
</ol>
<div className="mt-2 flex gap-2">
<input
type="password"
value={token}
onChange={e => setToken(e.target.value)}
placeholder="Bearer-Token (ohne 'Bearer '-Prefix)"
className={`flex-1 px-3 py-1.5 rounded-lg text-sm ${
isDark ? 'bg-white/10 border border-white/20 text-white' : 'bg-white border border-slate-300 text-slate-900'
}`}
/>
<button
onClick={handleSaveToken}
className="px-3 py-1.5 rounded-lg bg-amber-500 hover:bg-amber-600 text-white text-sm font-medium"
>
Speichern
</button>
</div>
{tokenSaved && (
<p className={`text-xs ${isDark ? 'text-emerald-300' : 'text-emerald-700'}`}>
Token gespeichert. Seite neu laden, um die Aenderung zu uebernehmen.
</p>
)}
<p>
Fuer Production muss <code className={`px-1 rounded ${isDark ? 'bg-white/10' : 'bg-emerald-100'}`}>ENVIRONMENT=production</code> gesetzt werden dann ist ein gueltiger
JWT in jedem Request Pflicht.
</p>
<details className="opacity-70">
<summary className="cursor-pointer text-xs">Manueller Token (falls noetig)</summary>
<div className="mt-2 flex gap-2">
<input
type="password"
value={token}
onChange={e => setToken(e.target.value)}
placeholder="Bearer-Token (optional)"
className={`flex-1 px-3 py-1.5 rounded-lg text-sm ${
isDark ? 'bg-white/10 border border-white/20 text-white' : 'bg-white border border-slate-300 text-slate-900'
}`}
/>
<button
onClick={handleSaveToken}
className="px-3 py-1.5 rounded-lg bg-emerald-500 hover:bg-emerald-600 text-white text-sm font-medium"
>
Speichern
</button>
</div>
{tokenSaved && (
<p className="mt-1 text-xs opacity-90">Token gespeichert. Seite neu laden.</p>
)}
</details>
</div>
</details>
</div>