isletmem-kovakcrm

kovakmedya/isletmem-kovakcrm

Fork 0

Commit Graph

Author	SHA1	Message	Date
kovakmedya	1f79abe404	feat(finance): personal vs company scope for banking + finance entries User-level data privacy on finance entities. Bireysel = sadece sahibi görür/düzenler/siler, Şirket = takım görür (mevcut davranış). Schema additions (4 tables, all enum company\|personal default 'company'): - bank_accounts.scope - bank_loans.scope - credit_cards.scope - finance_entries.scope + tenantId_scope index on each. Inherited fields (no own scope, parent's used): - loan_installments → from bank_loan - credit_card_statements → from credit_card Permissions (lib/appwrite/scope-permissions.ts): - scopedRowPermissions(tenantId, createdBy, scope): * company: Permission.read/update Role.team(tenantId), delete Role.team owner\|admin (current behavior) * personal: read/update/delete Role.user(createdBy) only - canAccessRow(row, userId): true if scope=company OR createdBy=userId. Used as a defense-in-depth check inside actions because we use the admin SDK (which bypasses row-level perms). Action updates: - bank-account-actions, loan-actions, credit-card-actions, finance-actions: pickFormFields includes scope; create uses scopedRowPermissions; update re-applies perms when scope changes; update/delete check canAccessRow on top of the existing tenantId check. - loan installment payment & credit card statement payment auto-create finance entries that inherit the parent's scope, so a personal loan installment doesn't create a company income/expense. Query updates (all accept optional currentUserId): - listBankAccounts, listLoans, listCreditCards, listFinanceEntries: pull all tenant rows then in-JS filter via canAccessRow. - getBankAccountBalances respects visible accounts only. - listAllInstallments / listStatements: filter to only those whose parent loan/card is visible. UI: - New shared component components/finance/scope-toggle.tsx with ScopeToggle (form input) and ScopeBadge (visual marker). - Bank, loan, card form sheets and the finance form sheet now include a Şirket/Bireysel toggle at the top. - Bank account cards display ScopeBadge for personal entries. - Page-level queries everywhere now pass ctx.user.id so each user only sees their personal rows + the team's company rows. Reports & Dashboard: - getDashboardData filters finance entries to scope=company only — so team-level metrics never include any user's personal data. - getFinancialReport (CFO view): bank accounts, loans, cards, finance entries, installments and statements all filtered to company scope. Personal entities never appear in reports anywhere. Invoice → finance entry sync explicitly tags scope=company since invoices are inherently company-scope.	2026-04-30 08:36:01 +03:00
kovakmedya	b632ae8a73	feat(banking B): bank loans + amortization schedule Step 2 of banking. Loan creation auto-generates the full installment schedule using standard amortization (eşit taksitli kredi): monthlyPayment = P × r × (1+r)^n / ((1+r)^n − 1) Schema: - bank_loans: bankAccountId (optional FK), bankName, loanName, loanType enum (consumer/vehicle/housing/commercial/kmh/other), principal, interestRate (monthly nominal %), termMonths, monthlyPayment, startDate, paymentDay (1-28, clamped per month), status (active/closed/defaulted). - loan_installments: loanId, installmentNo, dueDate, amount, principalPart, interestPart, paid, paidAt, financeEntryId. - Indexes on bank_loans(tenantId, status) and loan_installments(tenantId, loanId) and (tenantId, paid, dueDate). Server (lib/appwrite/loan-actions.ts): - createLoanAction: validates with Zod, computes amortization including rounding-drift handling on the last installment, persists loan + N installments, audit-logs. Atomic rollback on failure (deletes any partially-created installments and the loan). - payInstallmentAction: atomically creates a finance_entry (expense, bankAccountId carried over from the loan), updates installment with paid=true + financeEntryId. If it was the last unpaid installment, marks loan status='closed'. - unpayInstallmentAction: deletes the linked finance_entry, clears paid fields, reopens the loan if it was closed. - deleteLoanAction: cascade-deletes all installments first, then the loan. UI (/finance/loans): - 3 stat cards: aktif kredi sayısı, toplam çekilen, kalan ödeme. - Loan card per loan with bank/name/type/status badges, anapara/aylık taksit/faiz/sonraki ödeme grid, progress bar (paid/total), expandable installment table. - Installment row: # / vade (red if overdue) / anapara / faiz / toplam / Ödendi-Geri al toggle. - LoanFormSheet: live preview of monthly payment, total payment, total interest as user changes principal/rate/term. paymentDay clamped 1-28 to avoid month-length issues.	2026-04-30 07:29:24 +03:00

Author

SHA1

Message

Date

kovakmedya

1f79abe404

feat(finance): personal vs company scope for banking + finance entries

User-level data privacy on finance entities. Bireysel = sadece sahibi
görür/düzenler/siler, Şirket = takım görür (mevcut davranış).

Schema additions (4 tables, all enum company|personal default 'company'):
- bank_accounts.scope
- bank_loans.scope
- credit_cards.scope
- finance_entries.scope
+ tenantId_scope index on each.

Inherited fields (no own scope, parent's used):
- loan_installments → from bank_loan
- credit_card_statements → from credit_card

Permissions (lib/appwrite/scope-permissions.ts):
- scopedRowPermissions(tenantId, createdBy, scope):
  * company: Permission.read/update Role.team(tenantId), delete Role.team
    owner|admin (current behavior)
  * personal: read/update/delete Role.user(createdBy) only
- canAccessRow(row, userId): true if scope=company OR createdBy=userId.
  Used as a defense-in-depth check inside actions because we use the
  admin SDK (which bypasses row-level perms).

Action updates:
- bank-account-actions, loan-actions, credit-card-actions, finance-actions:
  pickFormFields includes scope; create uses scopedRowPermissions; update
  re-applies perms when scope changes; update/delete check canAccessRow
  on top of the existing tenantId check.
- loan installment payment & credit card statement payment auto-create
  finance entries that inherit the parent's scope, so a personal loan
  installment doesn't create a company income/expense.

Query updates (all accept optional currentUserId):
- listBankAccounts, listLoans, listCreditCards, listFinanceEntries:
  pull all tenant rows then in-JS filter via canAccessRow.
- getBankAccountBalances respects visible accounts only.
- listAllInstallments / listStatements: filter to only those whose
  parent loan/card is visible.

UI:
- New shared component components/finance/scope-toggle.tsx with
  ScopeToggle (form input) and ScopeBadge (visual marker).
- Bank, loan, card form sheets and the finance form sheet now include
  a Şirket/Bireysel toggle at the top.
- Bank account cards display ScopeBadge for personal entries.
- Page-level queries everywhere now pass ctx.user.id so each user only
  sees their personal rows + the team's company rows.

Reports & Dashboard:
- getDashboardData filters finance entries to scope=company only — so
  team-level metrics never include any user's personal data.
- getFinancialReport (CFO view): bank accounts, loans, cards, finance
  entries, installments and statements all filtered to company scope.
  Personal entities never appear in reports anywhere.

Invoice → finance entry sync explicitly tags scope=company since invoices
are inherently company-scope.

2026-04-30 08:36:01 +03:00

kovakmedya

b632ae8a73

feat(banking B): bank loans + amortization schedule

Step 2 of banking. Loan creation auto-generates the full installment
schedule using standard amortization (eşit taksitli kredi):
  monthlyPayment = P × r × (1+r)^n / ((1+r)^n − 1)

Schema:
- bank_loans: bankAccountId (optional FK), bankName, loanName, loanType
  enum (consumer/vehicle/housing/commercial/kmh/other), principal,
  interestRate (monthly nominal %), termMonths, monthlyPayment, startDate,
  paymentDay (1-28, clamped per month), status (active/closed/defaulted).
- loan_installments: loanId, installmentNo, dueDate, amount, principalPart,
  interestPart, paid, paidAt, financeEntryId.
- Indexes on bank_loans(tenantId, status) and loan_installments(tenantId,
  loanId) and (tenantId, paid, dueDate).

Server (lib/appwrite/loan-actions.ts):
- createLoanAction: validates with Zod, computes amortization including
  rounding-drift handling on the last installment, persists loan + N
  installments, audit-logs. Atomic rollback on failure (deletes any
  partially-created installments and the loan).
- payInstallmentAction: atomically creates a finance_entry (expense,
  bankAccountId carried over from the loan), updates installment with
  paid=true + financeEntryId. If it was the last unpaid installment,
  marks loan status='closed'.
- unpayInstallmentAction: deletes the linked finance_entry, clears paid
  fields, reopens the loan if it was closed.
- deleteLoanAction: cascade-deletes all installments first, then the loan.

UI (/finance/loans):
- 3 stat cards: aktif kredi sayısı, toplam çekilen, kalan ödeme.
- Loan card per loan with bank/name/type/status badges, anapara/aylık
  taksit/faiz/sonraki ödeme grid, progress bar (paid/total), expandable
  installment table.
- Installment row: # / vade (red if overdue) / anapara / faiz / toplam /
  Ödendi-Geri al toggle.
- LoanFormSheet: live preview of monthly payment, total payment, total
  interest as user changes principal/rate/term. paymentDay clamped 1-28
  to avoid month-length issues.

2026-04-30 07:29:24 +03:00

2 Commits