filipriec/kompress_eshop
1
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity

Compare commits

base: filipriec:14ae859152a72ae509d4f57c13f4c783d4c0cf32
Branches Tags
filipriec:main
filipriec:v0.2.9 filipriec:v0.2.8 filipriec:v0.2.7 filipriec:v0.2.6 filipriec:v0.2.5 filipriec:v0.2.4 filipriec:v0.2.3 filipriec:v0.2.2 filipriec:v0.2.1 filipriec:v0.2.0 filipriec:v0.1.16 filipriec:v0.1.15 filipriec:v0.1.14 filipriec:v0.1.13 filipriec:v0.1.12 filipriec:v0.1.11 filipriec:v0.1.10 filipriec:v0.1.9 filipriec:v0.1.8 filipriec:v0.1.7 filipriec:v0.1.6 filipriec:v0.1.5 filipriec:v0.1.4 filipriec:v0.1.3 filipriec:v0.1.2 filipriec:v0.1.1 filipriec:v0.1.0
..
compare: filipriec:v0.2.8
Branches Tags
filipriec:main
filipriec:v0.2.9 filipriec:v0.2.8 filipriec:v0.2.7 filipriec:v0.2.6 filipriec:v0.2.5 filipriec:v0.2.4 filipriec:v0.2.3 filipriec:v0.2.2 filipriec:v0.2.1 filipriec:v0.2.0 filipriec:v0.1.16 filipriec:v0.1.15 filipriec:v0.1.14 filipriec:v0.1.13 filipriec:v0.1.12 filipriec:v0.1.11 filipriec:v0.1.10 filipriec:v0.1.9 filipriec:v0.1.8 filipriec:v0.1.7 filipriec:v0.1.6 filipriec:v0.1.5 filipriec:v0.1.4 filipriec:v0.1.3 filipriec:v0.1.2 filipriec:v0.1.1 filipriec:v0.1.0

51 Commits
14ae859152 ... v0.2.8

Author SHA1 Message Date
Priec
8085052b2b quill editor 2026-06-23 12:05:06 +02:00
Priec
1cf330e4e8 short and long description 2026-06-23 11:13:26 +02:00
Priec
031f86adb0 fixed front page product cards 2026-06-23 10:55:39 +02:00
Priec
96c428eadd discounts now work well
Some checks failed
CI / Check Style (push) Has been cancelled
Details
CI / Run Clippy (push) Has been cancelled
Details
CI / Run Tests (push) Has been cancelled
Details
2026-06-22 23:12:26 +02:00
Priec
5e6263e853 orders search query also working now
Some checks failed
CI / Check Style (push) Has been cancelled
Details
CI / Run Clippy (push) Has been cancelled
Details
CI / Run Tests (push) Has been cancelled
Details
2026-06-22 21:52:22 +02:00
Priec
5a474f3474 search in admin also 2026-06-22 21:38:03 +02:00
Priec
1e66bfd657 defaults for the search implemented 2026-06-22 21:18:13 +02:00
Priec
f512fbbb94 saerch query in the shop now works well 2026-06-22 21:12:47 +02:00
Priec
1ecfac2ad6 search with parameters 2026-06-22 21:01:02 +02:00
Priec
3b9c2f7d64 search implement
Some checks failed
CI / Check Style (push) Has been cancelled
Details
CI / Run Clippy (push) Has been cancelled
Details
CI / Run Tests (push) Has been cancelled
Details
2026-06-22 20:37:06 +02:00
Priec
e5cac27010 card can be vertical or horizontal
Some checks failed
CI / Check Style (push) Has been cancelled
Details
CI / Run Clippy (push) Has been cancelled
Details
CI / Run Tests (push) Has been cancelled
Details
2026-06-22 19:50:01 +02:00
Priec
a45f9ef030 fixing product card 2026-06-22 19:40:08 +02:00
Priec
51155f2fd2 I can move the images around now 2026-06-22 19:03:33 +02:00
Priec
2d2aa012ec multiple images in the edit product
Some checks failed
CI / Check Style (push) Has been cancelled
Details
CI / Run Clippy (push) Has been cancelled
Details
CI / Run Tests (push) Has been cancelled
Details
2026-06-22 18:20:50 +02:00
Priec
125be1798e muiltiple images in carousel 2026-06-22 17:40:55 +02:00
Priec
f724e9763f upload picture now working well 2026-06-22 16:56:14 +02:00
Priec
681c88f85d 0 is out of stock and nothing is available from now on
Some checks failed
CI / Check Style (push) Has been cancelled
Details
CI / Run Clippy (push) Has been cancelled
Details
CI / Run Tests (push) Has been cancelled
Details
2026-06-22 16:48:28 +02:00
Priec
6828854f24 the admin page now make sense for products
Some checks failed
CI / Check Style (push) Has been cancelled
Details
CI / Run Clippy (push) Has been cancelled
Details
CI / Run Tests (push) Has been cancelled
Details
2026-06-22 16:21:52 +02:00
Priec
3a1ea7cdb4 I can see the product with different options
Some checks failed
CI / Check Style (push) Has been cancelled
Details
CI / Run Clippy (push) Has been cancelled
Details
CI / Run Tests (push) Has been cancelled
Details
2026-06-22 16:14:04 +02:00
Priec
3f798432a0 now products have different options, like different parameters
Some checks failed
CI / Check Style (push) Has been cancelled
Details
CI / Run Clippy (push) Has been cancelled
Details
CI / Run Tests (push) Has been cancelled
Details
2026-06-22 15:44:02 +02:00
Priec
29854a972b save discount profile is now working perfectly well
Some checks failed
CI / Check Style (push) Has been cancelled
Details
CI / Run Clippy (push) Has been cancelled
Details
CI / Run Tests (push) Has been cancelled
Details
2026-06-22 13:51:40 +02:00
Priec
88074c1871 indicator if applied discount profile
Some checks failed
CI / Check Style (push) Has been cancelled
Details
CI / Run Clippy (push) Has been cancelled
Details
CI / Run Tests (push) Has been cancelled
Details
2026-06-22 13:22:46 +02:00
Priec
68f3472760 moved products menu up to save width 2026-06-22 13:15:29 +02:00
Priec
85f1657c67 dynamic width of the products to fit on the screen 2026-06-22 13:07:17 +02:00
Priec
4a736a8c85 collapsible admin sidebar 2026-06-22 12:59:05 +02:00
Priec
77d5c0fc25 sidebar in the admin 2026-06-22 12:49:08 +02:00
Priec
09634e1cd8 added missing remove button in the admin business
Some checks failed
CI / Check Style (push) Has been cancelled
Details
CI / Run Clippy (push) Has been cancelled
Details
CI / Run Tests (push) Has been cancelled
Details
2026-06-22 11:33:07 +02:00
Priec
088fcb60a1 effective price is only highlighted if changed 2026-06-22 11:10:12 +02:00
Priec
bf8f8e54c9 discounts page removed, all migrated to the products page in admin 2026-06-22 09:19:38 +02:00
Priec
534ba9e8ec confirm dialogs 2026-06-22 09:11:16 +02:00
Priec
262ec1bfdb dynamic prices with dicounts 2026-06-22 08:47:22 +02:00
Priec
e98c70aa63 global discount price 2026-06-22 00:18:39 +02:00
Priec
d2b463135b discount for business and personall in discount page 2026-06-22 00:04:01 +02:00
Priec
1df8d66d5d discount profiles and discounts overall implemented and working
Some checks failed
CI / Check Style (push) Has been cancelled
Details
CI / Run Clippy (push) Has been cancelled
Details
CI / Run Tests (push) Has been cancelled
Details
2026-06-21 23:46:37 +02:00
Priec
c713627a2c personal discounts to businesses done 2026-06-21 23:21:24 +02:00
Priec
ed566b5347 percentage discounts
Some checks failed
CI / Check Style (push) Has been cancelled
Details
CI / Run Clippy (push) Has been cancelled
Details
CI / Run Tests (push) Has been cancelled
Details
2026-06-21 22:41:30 +02:00
Priec
9ce1cb97f0 discounts 2026-06-21 22:33:47 +02:00
Priec
2ee87fbdd7 category creation fixed now
Some checks failed
CI / Check Style (push) Has been cancelled
Details
CI / Run Clippy (push) Has been cancelled
Details
CI / Run Tests (push) Has been cancelled
Details
2026-06-21 20:38:28 +02:00
Priec
c9eb47860d properly working csrf at checkout fixed now
Some checks failed
CI / Check Style (push) Has been cancelled
Details
CI / Run Clippy (push) Has been cancelled
Details
CI / Run Tests (push) Has been cancelled
Details
2026-06-21 20:19:58 +02:00
Priec
8dc153efcc removed redundancy 2026-06-21 20:09:57 +02:00
Priec
db6b609937 custom JS removed in favor of proper CSRF implementation 2026-06-21 18:22:21 +02:00
Priec
86888b3877 csrf implemented 2026-06-21 17:40:21 +02:00
Priec
5b203ed248 TOTP google authenticator implemented properly well
Some checks failed
CI / Check Style (push) Has been cancelled
Details
CI / Run Clippy (push) Has been cancelled
Details
CI / Run Tests (push) Has been cancelled
Details
2026-06-20 22:48:15 +02:00
Priec
b787d48665 nothing 2026-06-20 20:43:33 +02:00
Priec
e138fb6579 fix for the cart checkout
Some checks failed
CI / Check Style (push) Has been cancelled
Details
CI / Run Clippy (push) Has been cancelled
Details
CI / Run Tests (push) Has been cancelled
Details
2026-06-20 13:29:18 +02:00
Priec
3da840c0c9 the cart hover only when possible
Some checks failed
CI / Check Style (push) Has been cancelled
Details
CI / Run Clippy (push) Has been cancelled
Details
CI / Run Tests (push) Has been cancelled
Details
2026-06-20 12:22:31 +02:00
Priec
0310f2d2f4 hover menu 2026-06-20 12:13:15 +02:00
Priec
42f30261d0 proper spacing and bascket icon
Some checks failed
CI / Check Style (push) Has been cancelled
Details
CI / Run Clippy (push) Has been cancelled
Details
CI / Run Tests (push) Has been cancelled
Details
2026-06-19 23:07:39 +02:00
Priec
ffda718a46 fixed menus now 2026-06-19 22:54:15 +02:00
Priec
673b28c361 working profile pic, but its trash, redoing the navbar icons now 2026-06-19 22:34:11 +02:00
Priec
454d5cb349 navbar profile 2026-06-19 13:59:31 +02:00
135 changed files with 8152 additions and 451 deletions
Expand all files Collapse all files

122
Cargo.lock generated
View File

@@ -572,6 +572,12 @@ dependencies = [
"thiserror 1.0.69",
]
[[package]]
name = "base32"
version = "0.5.1"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "022dfe9eb35f19ebbcb51e0b40a5ab759f46ad60cadf7297e0bd085afb50e076"
[[package]]
name = "base64"
version = "0.22.1"
@@ -755,12 +761,24 @@ version = "0.6.9"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "175812e0be2bccb6abe50bb8d566126198344f707e304f45c648fd8f2cc0365e"
[[package]]
name = "bytemuck"
version = "1.25.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "c8efb64bd706a16a1bdde310ae86b351e4d21550d98d056f22f8a7f7a2183fec"
[[package]]
name = "byteorder"
version = "1.5.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "1fd0f2584146f6f2ef48085050886acf353beff7305ebd1ae69500e27c67f64b"
[[package]]
name = "byteorder-lite"
version = "0.1.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "8f1fe948ff07f4bd06c30984e69f5b4899c516a3ef74f34df92a2df2ab535495"
[[package]]
name = "bytes"
version = "1.12.0"
@@ -1059,6 +1077,12 @@ dependencies = [
"tiny-keccak",
]
[[package]]
name = "constant_time_eq"
version = "0.3.1"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "7c74b8349d32d297c9134b8c88677813a227df8f779daa29bfc29c183fe3dca6"
[[package]]
name = "cookie"
version = "0.18.1"
@@ -1581,6 +1605,15 @@ version = "2.4.1"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "9f1f227452a390804cdb637b74a86990f2a7d7ba4b7d5693aac9b4dd6defd8d6"
[[package]]
name = "fdeflate"
version = "0.3.7"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "1e6853b52649d4ac5c0bd02320cddc5ba956bdb407c4b75a2c6b75bf51500f8c"
dependencies = [
"simd-adler32",
]
[[package]]
name = "find-msvc-tools"
version = "0.1.9"
@@ -2424,6 +2457,19 @@ dependencies = [
"winapi-util",
]
[[package]]
name = "image"
version = "0.25.10"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "85ab80394333c02fe689eaf900ab500fbd0c2213da414687ebf995a65d5a6104"
dependencies = [
"bytemuck",
"byteorder-lite",
"moxcms",
"num-traits",
"png",
]
[[package]]
name = "include_dir"
version = "0.7.4"
@@ -2604,11 +2650,15 @@ dependencies = [
"chrono",
"dotenvy",
"fluent-templates",
"form_urlencoded",
"futures-util",
"hmac",
"include_dir",
"insta",
"loco-oauth2",
"loco-rs",
"migration",
"multer",
"passwords",
"regex",
"reqwest",
@@ -2617,8 +2667,11 @@ dependencies = [
"serde",
"serde_json",
"serial_test",
"sha2",
"subtle",
"time",
"tokio",
"totp-rs",
"tower-sessions",
"tracing",
"tracing-subscriber",
@@ -3052,6 +3105,16 @@ dependencies = [
"uuid",
]
[[package]]
name = "moxcms"
version = "0.8.1"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "bb85c154ba489f01b25c0d36ae69a87e4a1c73a72631fc6c0eb6dde34a73e44b"
dependencies = [
"num-traits",
"pxfm",
]
[[package]]
name = "multer"
version = "3.1.0"
@@ -3654,6 +3717,19 @@ version = "0.2.3"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "b4596b6d070b27117e987119b4dac604f3c58cfb0b191112e24771b2faeac1a6"
[[package]]
name = "png"
version = "0.18.1"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "60769b8b31b2a9f263dae2776c37b1b28ae246943cf719eb6946a1db05128a61"
dependencies = [
"bitflags",
"crc32fast",
"fdeflate",
"flate2",
"miniz_oxide",
]
[[package]]
name = "polling"
version = "3.11.0"
@@ -3816,6 +3892,29 @@ dependencies = [
"unicase",
]
[[package]]
name = "pxfm"
version = "0.1.29"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "e0c5ccf5294c6ccd63a74f1565028353830a9c2f5eb0c682c355c471726a6e3f"
[[package]]
name = "qrcodegen"
version = "1.8.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "4339fc7a1021c9c1621d87f5e3505f2805c8c105420ba2f2a4df86814590c142"
[[package]]
name = "qrcodegen-image"
version = "1.5.1"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "99530e45ded4640c0eab5420fc60f9a0ec1be51a22e49cc8578b9a0d8be70712"
dependencies = [
"base64",
"image",
"qrcodegen",
]
[[package]]
name = "quick-xml"
version = "0.38.4"
@@ -5739,6 +5838,23 @@ version = "0.1.2"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "5d99f8c9a7727884afe522e9bd5edbfc91a3312b36a77b5fb8926e4c31a41801"
[[package]]
name = "totp-rs"
version = "5.7.1"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "a2b36a9dd327e9f401320a2cb4572cc76ff43742bcfc3291f871691050f140ba"
dependencies = [
"base32",
"constant_time_eq",
"hmac",
"qrcodegen-image",
"rand 0.9.4",
"sha1",
"sha2",
"url",
"urlencoding",
]
[[package]]
name = "tower"
version = "0.4.13"
@@ -6144,6 +6260,12 @@ dependencies = [
"serde_derive",
]
[[package]]
name = "urlencoding"
version = "2.1.3"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "daf8dba3b7eb870caf1ddeed7bc9d2a049f3cfdfae7cb521b087cc33ae4c49da"
[[package]]
name = "utf-8"
version = "0.7.6"

9
Cargo.toml
View File

@@ -49,6 +49,15 @@ axum-casbin = "1.3.0"
loco-oauth2 = "0.5.0"
passwords = "3.1.16"
tower-sessions = "0.14"
# TOTP (Google Authenticator) for optional two-factor auth
totp-rs = { version = "5", features = ["qr", "gen_secret"] }
# CSRF: HMAC-signed double-submit token + body inspection for the `_csrf` field
hmac = { version = "0.12" }
sha2 = { version = "0.10" }
subtle = { version = "2.6" }
form_urlencoded = { version = "1" }
multer = { version = "3" }
futures-util = { version = "0.3" }
[[bin]]
name = "kompress-eshop-cli"

105
assets/css/app.css
View File

@@ -77,3 +77,108 @@
/* Hide Alpine x-cloak elements until Alpine initializes. */
[x-cloak] { display: none !important; }
/* === Rich text editor (Quill "snow") =======================
* Vendored Quill (assets/static/vendor/quill) drives the admin
* product short/long description fields. Stock snow already suits
* the light theme; the admin panel is locked to data-theme="dark",
* so the rules below repaint the toolbar/editor for dark. Editor
* height is per-instance via the --rich-min-height custom prop set
* by the ui::rich_editor macro.
* ============================================================ */
.rich-editor .ql-editor {
min-height: var(--rich-min-height, 12rem);
font-size: 0.95rem;
line-height: 1.6;
}
.ql-editor.ql-blank::before { font-style: normal; }
[data-theme="dark"] .rich-editor { background: var(--color-surface-dark-alt); }
[data-theme="dark"] .ql-toolbar.ql-snow,
[data-theme="dark"] .ql-container.ql-snow { border-color: var(--color-outline-dark); }
[data-theme="dark"] .ql-toolbar.ql-snow { background: var(--color-surface-dark); }
[data-theme="dark"] .ql-container.ql-snow { color: var(--color-on-surface-dark); }
[data-theme="dark"] .ql-snow .ql-stroke,
[data-theme="dark"] .ql-snow .ql-stroke-miter { stroke: var(--color-on-surface-dark); }
[data-theme="dark"] .ql-snow .ql-fill,
[data-theme="dark"] .ql-snow .ql-stroke.ql-fill { fill: var(--color-on-surface-dark); }
[data-theme="dark"] .ql-snow .ql-picker { color: var(--color-on-surface-dark); }
[data-theme="dark"] .ql-snow .ql-picker-options {
background: var(--color-surface-dark);
border-color: var(--color-outline-dark);
}
/* active / hover toolbar state -> primary accent */
[data-theme="dark"] .ql-snow.ql-toolbar button:hover,
[data-theme="dark"] .ql-snow.ql-toolbar button.ql-active,
[data-theme="dark"] .ql-snow.ql-toolbar .ql-picker-label:hover,
[data-theme="dark"] .ql-snow.ql-toolbar .ql-picker-label.ql-active,
[data-theme="dark"] .ql-snow.ql-toolbar .ql-picker-item:hover,
[data-theme="dark"] .ql-snow.ql-toolbar .ql-picker-item.ql-selected { color: var(--color-primary-dark); }
[data-theme="dark"] .ql-snow.ql-toolbar button:hover .ql-stroke,
[data-theme="dark"] .ql-snow.ql-toolbar button.ql-active .ql-stroke,
[data-theme="dark"] .ql-snow.ql-toolbar .ql-picker-label:hover .ql-stroke,
[data-theme="dark"] .ql-snow.ql-toolbar .ql-picker-label.ql-active .ql-stroke { stroke: var(--color-primary-dark); }
[data-theme="dark"] .ql-snow.ql-toolbar button:hover .ql-fill,
[data-theme="dark"] .ql-snow.ql-toolbar button.ql-active .ql-fill { fill: var(--color-primary-dark); }
[data-theme="dark"] .ql-snow .ql-tooltip {
background-color: var(--color-surface-dark);
border-color: var(--color-outline-dark);
color: var(--color-on-surface-dark);
box-shadow: 0 2px 8px rgb(0 0 0 / 0.45);
}
[data-theme="dark"] .ql-snow .ql-tooltip input[type=text] {
background: var(--color-surface-dark-alt);
border-color: var(--color-outline-dark);
color: var(--color-on-surface-dark);
}
[data-theme="dark"] .ql-snow .ql-editor a,
[data-theme="dark"] .ql-snow .ql-tooltip a { color: var(--color-primary-dark); }
/* Image size controls under the editor. */
.rich-image-size-controls { display: flex; flex-wrap: wrap; align-items: center; gap: 0.5rem; }
.rich-image-size-controls.hidden { display: none; }
.rich-image-size-controls button {
border: 1px solid var(--color-outline);
border-radius: var(--radius-radius);
padding: 0.3rem 0.65rem;
line-height: 1;
font-size: 0.8rem;
}
.rich-image-size-controls button:hover { border-color: var(--color-primary); color: var(--color-primary); }
[data-theme="dark"] .rich-image-size-controls button { border-color: var(--color-outline-dark); }
[data-theme="dark"] .rich-image-size-controls button:hover {
border-color: var(--color-primary-dark);
color: var(--color-primary-dark);
}
/* Image sizing classes shared by the editor and rendered output. */
.rich-editor img, .rich-content img {
display: block;
max-width: 100%;
height: auto;
margin: 1rem auto;
border-radius: var(--radius-radius);
}
.rich-editor img { cursor: pointer; }
.rich-image-small { width: min(100%, 18rem); }
.rich-image-medium { width: min(100%, 34rem); }
.rich-image-full { width: 100%; }
/* === Rendered rich content (storefront product description) =
* Inherits text color from context so it works in both themes;
* only structural spacing + link/heading treatment is set here. */
.rich-content { line-height: 1.7; }
.rich-content h2 { margin: 1.25rem 0 0.6rem; font-size: 1.3rem; font-weight: 700; }
.rich-content h3 { margin: 1rem 0 0.5rem; font-size: 1.1rem; font-weight: 700; }
.rich-content p, .rich-content ul, .rich-content ol { margin: 0.6rem 0; }
.rich-content ul { list-style: disc; padding-left: 1.4rem; }
.rich-content ol { list-style: decimal; padding-left: 1.4rem; }
.rich-content a { color: var(--color-primary); text-decoration: underline; }
[data-theme="dark"] .rich-content a { color: var(--color-primary-dark); }
.rich-content :first-child { margin-top: 0; }
.rich-content :last-child { margin-bottom: 0; }
/* Compact rich blurb for product cards: neutralize block spacing so the
* line-clamp truncation stays tidy regardless of the authored markup. */
.rich-blurb :where(p, ul, ol, h2, h3) { margin: 0; }
.rich-blurb :where(ul, ol) { padding-left: 1.1rem; }

134
assets/i18n/en/main.ftl
View File

@@ -171,6 +171,8 @@ artist = Artist
release-date = Release date
cover-image = Cover image
description = Description
short-description = Short description
short-description-hint = Shown on product cards. Keep it short.
songs-in-album = Songs in this album
admin-new-album-desc = Fill in the details, then tick the songs to include.
cover-help = Optional - png, jpg, webp or gif; shown on the album page.
@@ -208,15 +210,92 @@ edit-category = Edit category
product = Product
name = Name
price = Price
sale-price = Sale price
variants-options = Variants / options
add-option = Add option
option-label = Option label
optional = optional
stock-untracked-hint = Leave blank = available without stock tracking
available = Available
choose-option = Choose an option
from-price = from { $price }
admin-discounts = Discounts
admin-discounts-desc = Set discounted product prices. A discount shows up as a sale in the shop.
business-discount-desc = A baseline discount for all business accounts (off the regular price). Profiles and negotiated prices apply on top (lowest price wins).
audience-personal = Personal
audience-business = Business
apply-profiles-personal-hint = These profiles lower the public price for all customers.
apply-profiles-business-hint = These profiles lower the price for all business accounts. Businesses always get the lower of the personal and business price.
on-sale = On sale
no-discount = No discount
discount = Discount
set-discount = Set discount
remove-discount = Remove discount
remove = Remove
discount-mode-fixed = Fixed price
discount-mode-percent = Percentage
discount-percent = Discount (%)
discount-preview-before = Original price
discount-preview-after = New price
discount-preview-save = You save
discount-invalid = Invalid price.
discount-must-be-positive = The sale price must be greater than zero.
discount-below-regular = The sale price must be below the regular price.
discount-percent-range = The percentage must be between 0 and 100.
discount-apply-confirm = Apply these discounts to the shop?
discount-remove-confirm = Remove this discount?
profile-applied = Applied
profile-will-apply = Will apply
profile-will-remove = Will remove
profiles-unsaved = Unsaved changes — Save to apply
profiles-no-changes = No changes
admin-customers = Business accounts
admin-customers-desc = Manage negotiated prices for business (B2B) accounts.
admin-no-customers = No business accounts yet.
email = Email
back = Back
negotiated-prices = Negotiated prices
negotiated-prices-hint = Set a price for a specific product for this business account. The customer always pays the lower of the public and negotiated price.
manage-prices = Manage prices
public-price = Public price
business-price = Business price
negotiated-price = Negotiated price
set-negotiated-price = Set price
negotiated-price-hint = Set a negotiated price for this product for this business account. The customer always pays the lowest of the public, business and negotiated price.
negotiated-remove-confirm = Remove this negotiated price?
effective-price = Effective price
admin-discount-profiles = Discount profiles
admin-discount-profiles-desc = Create reusable discount layers (a % over chosen products) and assign them to business accounts.
admin-no-profiles = No discount profiles yet.
new-profile = New profile
edit-profile = Edit profile
profile-name-required = Profile name is required.
scope = Scope
products = Products
scope-include = Selected products
scope-all-except = All except selected
scope-include-hint = Applies only to the products selected below.
scope-all-except-hint = Applies to every product except those selected below.
automated-price = Automated price
discount-profiles = Discount profiles
collision = Conflict
resolve = Resolve
no-profiles-assigned = No profiles assigned.
stock = Stock
sku = SKU
currency = Currency
category = Category
no-category = No category
image = Image
images = Images
main-image = Main
gallery-hint = The first image is the main one. Drag to reorder, click ✕ to remove.
add-images = Add images
slug = URL slug
slug-auto = generated automatically
position = Position
position-auto = added to the end
position-hint = Sort order in the menu (lowest first). Leave blank to add it last.
parent-category = Parent category
no-parent = — None (top level) —
quantity = Quantity
@@ -230,8 +309,35 @@ confirm-delete = Delete this for good?
shop-title = Shop
shop-subtitle = browse our products.
shop-empty = There are no products here yet.
search-placeholder = Search products…
order-search-placeholder = Search orders…
search-empty = Nothing matched your search:
results-count = { $count } products
sort-label = Sort
sort-relevance = Relevance
sort-newest = Newest
sort-price_asc = Price: low to high
sort-price_desc = Price: high to low
sort-name_asc = Name: AZ
sort-name_desc = Name: ZA
filter-category = Category
filter-all-categories = All categories
filter-uncategorized = Uncategorized
filter-price = Price
filter-price-from = Price from
filter-price-to = Price to
filter-in-stock = In stock only
filter-apply = Apply
filter-clear = Clear
pagination = Pagination
page-of = Page { $page } of { $pages }
prev = Previous
next = Next
view-grid = Grid view
view-list = List view
categories = Categories
all-products = All products
uncategorized = Uncategorized
cart-title = Cart
cart-empty = Your cart is empty.
cart-total = Total
@@ -289,6 +395,34 @@ password-change-title = Change password
password-current = Current password
password-current-wrong = Your current password is incorrect.
password-changed = Your password has been changed.
# Two-factor authentication (TOTP / Google Authenticator)
security-title = Security
security-2fa-intro = Two-factor authentication (2FA) adds a one-time code from an app like Google Authenticator to your sign-in.
security-2fa-on = 2FA is on
security-2fa-off = 2FA is off
security-2fa-enable = Enable two-factor authentication
security-2fa-scan = Scan this QR code in Google Authenticator (or any compatible app).
security-2fa-manual = Or enter the key manually:
security-2fa-enter-code = Enter the 6-digit code from the app
security-2fa-confirm = Confirm and enable
security-2fa-code-wrong = That code is wrong or expired. Please try again.
security-2fa-enroll-error = Could not start 2FA setup. Please try again.
security-2fa-enabled-ok = Two-factor authentication is enabled.
security-2fa-backup-intro = Save these backup codes somewhere safe. Each can be used once if you lose access to your app.
security-2fa-backup-remaining = Backup codes remaining
security-2fa-regenerate = Generate new backup codes
security-2fa-disable = Disable two-factor authentication
security-2fa-disable-hint = Enter your current password to confirm.
# Second login step (after password)
login-totp-title = Two-factor authentication
login-totp-intro = Enter the code from your authenticator app.
login-totp-error = That code is wrong or expired.
login-totp-code = Verification code
login-totp-submit = Verify
login-totp-backup-hint = No access to your app? Enter one of your backup codes.
account-type-locked = Account type can't be changed after registration.
checkout-create-account = Create an account from this order
checkout-create-account-hint = We'll email you a link to set your password. This order will be linked to your account.

134
assets/i18n/sk/main.ftl
View File

@@ -171,6 +171,8 @@ artist = Interpret
release-date = Dátum vydania
cover-image = Obrázok obalu
description = Popis
short-description = Krátky popis
short-description-hint = Zobrazuje sa na kartách produktov. Najlepšie krátke.
songs-in-album = Skladby v albume
admin-new-album-desc = Vyplň údaje a potom označ skladby, ktoré chceš zahrnúť.
cover-help = Voliteľné - png, jpg, webp alebo gif; zobrazí sa na stránke albumu.
@@ -208,15 +210,92 @@ edit-category = Upraviť kategóriu
product = Produkt
name = Názov
price = Cena
sale-price = Zľavnená cena
variants-options = Varianty / možnosti
add-option = Pridať možnosť
option-label = Označenie možnosti
optional = voliteľné
stock-untracked-hint = Nechajte prázdne = dostupné bez sledovania zásob
available = Dostupné
choose-option = Vyberte možnosť
from-price = od { $price }
admin-discounts = Zľavy
admin-discounts-desc = Nastavte zľavnené ceny produktov. Zľava sa v obchode zobrazí ako akcia.
business-discount-desc = Základná zľava pre všetky firemné účty (z bežnej ceny). Profily a dohodnuté ceny sa uplatnia navyše (platí najnižšia cena).
audience-personal = Osobné
audience-business = Firemné
apply-profiles-personal-hint = Tieto profily znížia verejnú cenu pre všetkých zákazníkov.
apply-profiles-business-hint = Tieto profily znížia cenu pre všetky firemné účty. Firmy vždy dostanú nižšiu z osobnej a firemnej ceny.
on-sale = V akcii
no-discount = Bez zľavy
discount = Zľava
set-discount = Nastaviť zľavu
remove-discount = Zrušiť zľavu
remove = Odstrániť
discount-mode-fixed = Pevná cena
discount-mode-percent = Percentá
discount-percent = Zľava (%)
discount-preview-before = Pôvodná cena
discount-preview-after = Nová cena
discount-preview-save = Ušetríte
discount-invalid = Neplatná cena.
discount-must-be-positive = Zľavnená cena musí byť väčšia ako nula.
discount-below-regular = Zľavnená cena musí byť nižšia ako bežná cena.
discount-percent-range = Percento musí byť medzi 0 a 100.
discount-apply-confirm = Uplatniť tieto zľavy v obchode?
discount-remove-confirm = Zrušiť túto zľavu?
profile-applied = Uplatnené
profile-will-apply = Bude uplatnené
profile-will-remove = Bude zrušené
profiles-unsaved = Neuložené zmeny — uložte na uplatnenie
profiles-no-changes = Žiadne zmeny
admin-customers = Firemné účty
admin-customers-desc = Spravujte dohodnuté ceny pre firemné (B2B) účty.
admin-no-customers = Zatiaľ žiadne firemné účty.
email = E-mail
back = Späť
negotiated-prices = Dohodnuté ceny
negotiated-prices-hint = Nastavte cenu pre konkrétny produkt pre tento firemný účet. Zákazník vždy zaplatí najnižšiu z verejnej a dohodnutej ceny.
manage-prices = Spravovať ceny
public-price = Verejná cena
business-price = Firemná cena
negotiated-price = Dohodnutá cena
set-negotiated-price = Nastaviť cenu
negotiated-price-hint = Nastavte dohodnutú cenu tohto produktu pre tento firemný účet. Zákazník vždy zaplatí najnižšiu z verejnej, firemnej a dohodnutej ceny.
negotiated-remove-confirm = Zrušiť túto dohodnutú cenu?
effective-price = Výsledná cena
admin-discount-profiles = Zľavové profily
admin-discount-profiles-desc = Vytvorte opakovane použiteľné zľavové vrstvy (% na vybrané produkty) a priraďte ich firemným účtom.
admin-no-profiles = Zatiaľ žiadne zľavové profily.
new-profile = Nový profil
edit-profile = Upraviť profil
profile-name-required = Názov profilu je povinný.
scope = Rozsah
products = Produkty
scope-include = Vybrané produkty
scope-all-except = Všetky okrem vybraných
scope-include-hint = Platí len pre vybrané produkty nižšie.
scope-all-except-hint = Platí pre všetky produkty okrem vybraných nižšie.
automated-price = Automatická cena
discount-profiles = Zľavové profily
collision = Konflikt
resolve = Vyriešiť
no-profiles-assigned = Žiadne priradené profily.
stock = Sklad
sku = Kód (SKU)
currency = Mena
category = Kategória
no-category = Bez kategórie
image = Obrázok
images = Obrázky
main-image = Hlavný
gallery-hint = Prvý obrázok je hlavný. Potiahnutím zmeníte poradie, krížikom obrázok odstránite.
add-images = Pridať obrázky
slug = URL adresa
slug-auto = vygeneruje sa automaticky
position = Poradie
position-auto = pridá sa na koniec
position-hint = Poradie v menu (najnižšie ako prvé). Nechajte prázdne a pridá sa na koniec.
parent-category = Nadradená kategória
no-parent = — Žiadna (najvyššia úroveň) —
quantity = Množstvo
@@ -230,8 +309,35 @@ confirm-delete = Naozaj zmazať?
shop-title = Obchod
shop-subtitle = prezrite si našu ponuku produktov.
shop-empty = Zatiaľ tu nie sú žiadne produkty.
search-placeholder = Hľadať produkty…
order-search-placeholder = Hľadať objednávky…
search-empty = Pre váš výraz sme nič nenašli:
results-count = { $count } produktov
sort-label = Zoradiť
sort-relevance = Relevancia
sort-newest = Najnovšie
sort-price_asc = Cena: od najnižšej
sort-price_desc = Cena: od najvyššej
sort-name_asc = Názov: AZ
sort-name_desc = Názov: ZA
filter-category = Kategória
filter-all-categories = Všetky kategórie
filter-uncategorized = Bez kategórie
filter-price = Cena
filter-price-from = Cena od
filter-price-to = Cena do
filter-in-stock = Len skladom
filter-apply = Použiť
filter-clear = Zrušiť
pagination = Stránkovanie
page-of = Strana { $page } z { $pages }
prev = Predchádzajúce
next = Ďalšie
view-grid = Zobrazenie v mriežke
view-list = Zobrazenie v zozname
categories = Kategórie
all-products = Všetky produkty
uncategorized = Bez kategórie
cart-title = Košík
cart-empty = Váš košík je prázdny.
cart-total = Spolu
@@ -289,6 +395,34 @@ password-change-title = Zmeniť heslo
password-current = Súčasné heslo
password-current-wrong = Vaše súčasné heslo je nesprávne.
password-changed = Vaše heslo bolo zmenené.
# Two-factor authentication (TOTP / Google Authenticator)
security-title = Zabezpečenie
security-2fa-intro = Dvojfaktorové overenie (2FA) pridáva k prihláseniu jednorazový kód z aplikácie ako Google Authenticator.
security-2fa-on = 2FA je zapnuté
security-2fa-off = 2FA je vypnuté
security-2fa-enable = Zapnúť dvojfaktorové overenie
security-2fa-scan = Naskenujte tento QR kód v aplikácii Google Authenticator (alebo inej kompatibilnej).
security-2fa-manual = Alebo zadajte kľúč ručne:
security-2fa-enter-code = Zadajte 6-miestny kód z aplikácie
security-2fa-confirm = Potvrdiť a zapnúť
security-2fa-code-wrong = Kód je nesprávny alebo vypršal. Skúste to znova.
security-2fa-enroll-error = Nepodarilo sa pripraviť 2FA. Skúste to znova.
security-2fa-enabled-ok = Dvojfaktorové overenie je zapnuté.
security-2fa-backup-intro = Uložte si tieto záložné kódy na bezpečné miesto. Každý sa dá použiť iba raz, ak nemáte prístup k aplikácii.
security-2fa-backup-remaining = Zostávajúce záložné kódy
security-2fa-regenerate = Vygenerovať nové záložné kódy
security-2fa-disable = Vypnúť dvojfaktorové overenie
security-2fa-disable-hint = Na potvrdenie zadajte svoje súčasné heslo.
# Second login step (after password)
login-totp-title = Dvojfaktorové overenie
login-totp-intro = Zadajte kód z vašej autentifikačnej aplikácie.
login-totp-error = Kód je nesprávny alebo vypršal.
login-totp-code = Overovací kód
login-totp-submit = Overiť
login-totp-backup-hint = Nemáte prístup k aplikácii? Zadajte jeden zo svojich záložných kódov.
account-type-locked = Typ účtu sa po registrácii nedá zmeniť.
checkout-create-account = Vytvoriť účet z tejto objednávky
checkout-create-account-hint = Pošleme vám e-mail na nastavenie hesla. Objednávka sa priradí k vášmu účtu.

2
assets/static/css/app.css
View File

File diff suppressed because one or more lines are too long

174
assets/static/js/rich-editor.js Normal file
View File

@@ -0,0 +1,174 @@
// Quill-based rich text editor, ported from the universal_web blog editor and
// adapted to this shop: each editor lives in a `[data-rich-field]` wrapper so a
// single form can host several (e.g. short + long description); image uploads go
// to this app's /images/upload and carry the CSRF token the middleware expects.
(function () {
function setImageSize(image, size) {
image.classList.remove('rich-image-small', 'rich-image-medium', 'rich-image-full');
image.style.removeProperty('width');
image.style.removeProperty('height');
image.classList.add('rich-image-' + size);
}
function setImageWidth(image, width) {
var px = parseInt(width, 10);
if (!Number.isFinite(px) || px < 40) return;
image.classList.remove('rich-image-small', 'rich-image-medium', 'rich-image-full');
image.style.width = Math.min(px, 1200) + 'px';
image.style.height = 'auto';
}
function normalizeEditorImages(root) {
root.querySelectorAll('img').forEach(function (image) {
if (
!image.classList.contains('rich-image-small')
&& !image.classList.contains('rich-image-medium')
&& !image.classList.contains('rich-image-full')
) {
image.classList.add('rich-image-full');
}
});
}
// The CSRF middleware accepts the token as an X-CSRF-Token header; read it from
// the form's hidden _csrf field (rendered by ui::csrf_field()).
function csrfToken(field) {
var form = field.closest('form');
var input = form && form.querySelector('input[name="_csrf"]');
return input ? input.value : '';
}
function initField(field) {
var editorEl = field.querySelector('[data-rich-editor]');
var contentInput = field.querySelector('[data-rich-content]');
var status = field.querySelector('[data-rich-status]');
var imageControls = field.querySelector('[data-image-size-controls]');
var imageWidthInput = field.querySelector('[data-image-width]');
if (!editorEl || !contentInput || !window.Quill) return;
var selectedImage = null;
var toolbar = [
[{ header: [2, 3, false] }],
['bold', 'italic'],
[{ list: 'ordered' }, { list: 'bullet' }],
['link', 'image'],
['clean']
];
var editor = new Quill(editorEl, {
modules: { toolbar: toolbar },
placeholder: editorEl.dataset.placeholder || '',
theme: 'snow'
});
var initialContent = contentInput.value.trim();
if (initialContent) {
if (initialContent.indexOf('<') >= 0) editor.clipboard.dangerouslyPasteHTML(initialContent);
else editor.setText(initialContent);
normalizeEditorImages(editor.root);
}
function syncContent() {
normalizeEditorImages(editor.root);
// Quill leaves an empty editor as "<p><br></p>"; store empty instead so the
// server sees a blank (nullable) value rather than stray markup.
var html = editor.root.innerHTML;
contentInput.value = editor.getText().trim() === '' && !editor.root.querySelector('img')
? ''
: html;
}
function setStatus(message) {
if (status) status.textContent = message || '';
}
function chooseImageFile() {
var input = document.createElement('input');
input.type = 'file';
input.accept = 'image/jpeg,image/png,image/webp,image/gif';
input.addEventListener('change', function () {
var file = input.files && input.files[0];
if (!file) return;
uploadImage(file);
});
input.click();
}
async function uploadImage(file) {
var formData = new FormData();
formData.append('file', file);
setStatus(status ? status.dataset.uploading : '');
try {
var response = await fetch('/images/upload', {
method: 'POST',
body: formData,
credentials: 'same-origin',
headers: { 'X-CSRF-Token': csrfToken(field) }
});
if (!response.ok) throw new Error('upload failed');
var result = await response.json();
var range = editor.getSelection(true);
editor.insertEmbed(range.index, 'image', result.url, 'user');
editor.setSelection(range.index + 1, 0, 'silent');
window.setTimeout(function () {
var images = editor.root.querySelectorAll('img');
var image = images[images.length - 1];
if (image) {
setImageSize(image, 'full');
selectedImage = image;
if (imageControls) imageControls.classList.remove('hidden');
}
syncContent();
}, 0);
setStatus(status ? status.dataset.uploaded : '');
} catch (_error) {
setStatus(status ? status.dataset.error : '');
}
}
editor.getModule('toolbar').addHandler('image', chooseImageFile);
editor.root.addEventListener('click', function (event) {
if (event.target && event.target.tagName === 'IMG') {
selectedImage = event.target;
if (imageWidthInput) imageWidthInput.value = parseInt(selectedImage.style.width, 10) || '';
if (imageControls) imageControls.classList.remove('hidden');
}
});
if (imageControls) {
imageControls.addEventListener('click', function (event) {
var button = event.target.closest('[data-image-size]');
if (button && selectedImage) {
setImageSize(selectedImage, button.dataset.imageSize);
if (imageWidthInput) imageWidthInput.value = '';
syncContent();
}
});
}
if (imageWidthInput) {
imageWidthInput.addEventListener('change', function () {
if (!selectedImage) return;
setImageWidth(selectedImage, imageWidthInput.value);
syncContent();
});
}
editor.on('text-change', syncContent);
var form = field.closest('form');
if (form) form.addEventListener('submit', syncContent);
syncContent();
}
function initAll(root) {
(root || document).querySelectorAll('[data-rich-field]').forEach(function (field) {
if (field.dataset.richReady) return;
field.dataset.richReady = '1';
initField(field);
});
}
document.addEventListener('DOMContentLoaded', function () { initAll(document); });
// Re-init after htmx swaps a fragment containing an editor into the page.
document.addEventListener('htmx:afterSwap', function (event) { initAll(event.target); });
})();

15
assets/static/vendor/alpine/alpine-focus-3.14.9.min.js vendored Normal file
View File

File diff suppressed because one or more lines are too long

31
assets/static/vendor/quill/LICENSE vendored Normal file
View File

@@ -0,0 +1,31 @@
Copyright (c) 2017-2024, Slab
Copyright (c) 2014, Jason Chen
Copyright (c) 2013, salesforce.com
All rights reserved.
Redistribution and use in source and binary forms, with or without
modification, are permitted provided that the following conditions
are met:
1. Redistributions of source code must retain the above copyright
notice, this list of conditions and the following disclaimer.
2. Redistributions in binary form must reproduce the above copyright
notice, this list of conditions and the following disclaimer in the
documentation and/or other materials provided with the distribution.
3. Neither the name of the copyright holder nor the names of its
contributors may be used to endorse or promote products derived from
this software without specific prior written permission.
THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS
IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.

3
assets/static/vendor/quill/quill.js vendored Normal file
View File

File diff suppressed because one or more lines are too long

7
assets/static/vendor/quill/quill.js.LICENSE.txt vendored Normal file
View File

@@ -0,0 +1,7 @@
/*!
* Quill Editor v2.0.3
* https://quilljs.com
* Copyright (c) 2017-2024, Slab
* Copyright (c) 2014, Jason Chen
* Copyright (c) 2013, salesforce.com
*/

10
assets/static/vendor/quill/quill.snow.css vendored Normal file
View File

File diff suppressed because one or more lines are too long

2
assets/views/account/order_detail.html
View File

@@ -29,7 +29,7 @@
<ul class="space-y-2 pb-3 text-sm">
{% for item in items %}
<li class="flex justify-between gap-2">
<span class="text-on-surface/80 dark:text-on-surface-dark/80">{{ item.product_name }} × {{ item.quantity }}</span>
<span class="text-on-surface/80 dark:text-on-surface-dark/80">{{ item.product_name }}{% if item.variant_label %} · {{ item.variant_label }}{% endif %} × {{ item.quantity }}</span>
<span class="tabular-nums">{{ item.line_total }} {{ order.currency }}</span>
</li>
{% endfor %}

1
assets/views/account/password.html
View File

@@ -22,6 +22,7 @@
<form method="post" action="/account/password" hx-boost="false" class="mt-6 flex flex-col gap-4"
x-data="{ password: '', confirm: '' }">
{{ ui::csrf_field() }}
<div class="flex flex-col gap-1">
<label for="current_password" class="text-sm font-medium text-on-surface-strong dark:text-on-surface-dark-strong">{{ t(key="password-current", lang=lang | default(value='sk')) }}</label>
{{ ui::input(name="current_password", id="current_password", type="password", required=true, autocomplete="current-password") }}

1
assets/views/account/profile.html
View File

@@ -82,6 +82,7 @@
<!-- edit form -->
<form x-show="editing" x-cloak method="post" action="/account/profile" hx-boost="false" class="mt-6 space-y-6">
{{ ui::csrf_field() }}
<!-- account type is fixed at registration and shown read-only -->
<fieldset class="space-y-2 rounded-radius border border-outline bg-surface p-6 dark:border-outline-dark dark:bg-surface-dark-alt">
<legend class="px-1 text-sm font-semibold text-on-surface-strong dark:text-on-surface-dark-strong">{{ t(key="account-type", lang=lang | default(value='sk')) }}</legend>

84
assets/views/account/security.html Normal file
View File

@@ -0,0 +1,84 @@
{% extends "base.html" %}
{% import "macros/ui.html" as ui %}
{% block title %}{{ t(key="security-title", lang=lang | default(value='sk')) }}{% endblock title %}
{% block content %}
<div class="mx-auto max-w-md">
<h1 class="text-3xl font-bold text-on-surface-strong dark:text-on-surface-dark-strong">{{ t(key="security-title", lang=lang | default(value='sk')) }}</h1>
<p class="mt-2 text-sm text-on-surface dark:text-on-surface-dark">{{ t(key="security-2fa-intro", lang=lang | default(value='sk')) }}</p>
{% if error == "password" %}
{{ ui::alert_danger(message=t(key="password-current-wrong", lang=lang | default(value='sk')), extra="mt-4") }}
{% elif error == "code" %}
{{ ui::alert_danger(message=t(key="security-2fa-code-wrong", lang=lang | default(value='sk')), extra="mt-4") }}
{% elif error == "enroll" %}
{{ ui::alert_danger(message=t(key="security-2fa-enroll-error", lang=lang | default(value='sk')), extra="mt-4") }}
{% endif %}
{# --- One-time backup codes, shown right after enabling / regenerating --- #}
{% if backup_codes and backup_codes | length > 0 %}
<div class="mt-6 rounded-radius border border-success bg-success/10 px-4 py-3" role="status">
<p class="text-sm font-medium text-success">{{ t(key="security-2fa-enabled-ok", lang=lang | default(value='sk')) }}</p>
<p class="mt-2 text-sm text-on-surface dark:text-on-surface-dark">{{ t(key="security-2fa-backup-intro", lang=lang | default(value='sk')) }}</p>
<ul class="mt-3 grid grid-cols-2 gap-2 font-mono text-sm text-on-surface-strong dark:text-on-surface-dark-strong">
{% for code in backup_codes %}
<li class="rounded-radius bg-surface px-3 py-1.5 text-center tracking-wider dark:bg-surface-dark">{{ code }}</li>
{% endfor %}
</ul>
</div>
{% endif %}
{% if enrolling %}
{# --- Step 2: scan the QR and confirm a code --- #}
<div class="mt-6 flex flex-col gap-4 rounded-radius border border-outline bg-surface-alt p-5 dark:border-outline-dark dark:bg-surface-dark-alt">
<p class="text-sm text-on-surface dark:text-on-surface-dark">{{ t(key="security-2fa-scan", lang=lang | default(value='sk')) }}</p>
<img src="{{ qr }}" alt="TOTP QR" class="mx-auto size-48 rounded-radius bg-white p-2" />
<div class="text-center">
<p class="text-xs text-on-surface dark:text-on-surface-dark">{{ t(key="security-2fa-manual", lang=lang | default(value='sk')) }}</p>
<code class="mt-1 inline-block break-all font-mono text-sm text-on-surface-strong dark:text-on-surface-dark-strong">{{ secret }}</code>
</div>
<form method="post" action="/account/security/confirm" hx-boost="false" class="flex flex-col gap-3">
{{ ui::csrf_field() }}
<label for="code" class="text-sm font-medium text-on-surface-strong dark:text-on-surface-dark-strong">{{ t(key="security-2fa-enter-code", lang=lang | default(value='sk')) }}</label>
{{ ui::input(name="code", id="code", type="text", required=true, autocomplete="one-time-code", attrs='inputmode="numeric" pattern="[0-9]*" maxlength="6" autofocus') }}
{{ ui::button(label=t(key="security-2fa-confirm", lang=lang | default(value='sk')), type="submit", extra="w-full") }}
</form>
</div>
{% elif totp_enabled %}
{# --- Enabled: status + remaining backup codes + disable / regenerate --- #}
<div class="mt-6 flex items-center gap-2">
{{ ui::badge(label=t(key="security-2fa-on", lang=lang | default(value='sk')), variant="success") }}
<span class="text-sm text-on-surface dark:text-on-surface-dark">{{ t(key="security-2fa-backup-remaining", lang=lang | default(value='sk')) }}: {{ backup_remaining }}</span>
</div>
<form method="post" action="/account/security/backup-codes" hx-boost="false" class="mt-6 flex flex-col gap-3 rounded-radius border border-outline bg-surface-alt p-5 dark:border-outline-dark dark:bg-surface-dark-alt">
{{ ui::csrf_field() }}
<p class="text-sm font-medium text-on-surface-strong dark:text-on-surface-dark-strong">{{ t(key="security-2fa-regenerate", lang=lang | default(value='sk')) }}</p>
<label for="regen_pw" class="text-sm text-on-surface dark:text-on-surface-dark">{{ t(key="password-current", lang=lang | default(value='sk')) }}</label>
{{ ui::input(name="current_password", id="regen_pw", type="password", required=true, autocomplete="current-password") }}
{{ ui::button(label=t(key="security-2fa-regenerate", lang=lang | default(value='sk')), type="submit", variant="outline-secondary", extra="w-full") }}
</form>
<form method="post" action="/account/security/disable" hx-boost="false" class="mt-4 flex flex-col gap-3 rounded-radius border border-danger/40 bg-danger/5 p-5">
{{ ui::csrf_field() }}
<p class="text-sm font-medium text-danger">{{ t(key="security-2fa-disable", lang=lang | default(value='sk')) }}</p>
<p class="text-xs text-on-surface dark:text-on-surface-dark">{{ t(key="security-2fa-disable-hint", lang=lang | default(value='sk')) }}</p>
<label for="disable_pw" class="text-sm text-on-surface dark:text-on-surface-dark">{{ t(key="password-current", lang=lang | default(value='sk')) }}</label>
{{ ui::input(name="current_password", id="disable_pw", type="password", required=true, autocomplete="current-password") }}
{{ ui::button(label=t(key="security-2fa-disable", lang=lang | default(value='sk')), type="submit", variant="danger", extra="w-full") }}
</form>
{% else %}
{# --- Disabled: offer to enable --- #}
<form method="post" action="/account/security/enable" hx-boost="false" class="mt-6">
{{ ui::csrf_field() }}
<div class="flex items-center gap-2">
{{ ui::badge(label=t(key="security-2fa-off", lang=lang | default(value='sk')), variant="neutral") }}
</div>
{{ ui::button(label=t(key="security-2fa-enable", lang=lang | default(value='sk')), type="submit", extra="mt-4 w-full") }}
</form>
{% endif %}
</div>
{% endblock content %}

38
assets/views/admin/base.html
View File

@@ -45,7 +45,15 @@
<script defer src="/static/vendor/alpine/alpinejs-3.14.9.min.js"></script>
</head>
<body
x-data="{ showSidebar: false }"
hx-headers='{"X-CSRF-Token": "{{ csrf_token() }}"}'
x-data="{
showSidebar: false,
collapsed: localStorage.getItem('adminSidebarCollapsed') === '1',
toggleCollapsed() {
this.collapsed = !this.collapsed;
localStorage.setItem('adminSidebarCollapsed', this.collapsed ? '1' : '0');
}
}"
class="min-h-screen bg-surface text-on-surface antialiased dark:bg-surface-dark dark:text-on-surface-dark">
<!-- dark overlay for the open sidebar on small screens -->
@@ -55,8 +63,8 @@
<!-- sidebar -->
<nav aria-label="{{ t(key='menu', lang=lang | default(value='sk')) }}"
x-bind:class="showSidebar ? 'translate-x-0' : '-translate-x-60'"
class="fixed inset-y-0 left-0 z-40 flex w-60 flex-col border-r border-outline bg-surface-alt transition-transform duration-300 md:translate-x-0 dark:border-outline-dark dark:bg-surface-dark-alt">
x-bind:class="(showSidebar ? 'translate-x-0' : '-translate-x-60') + ' ' + (collapsed ? 'md:-translate-x-60' : 'md:translate-x-0')"
class="fixed inset-y-0 left-0 z-40 flex w-60 flex-col border-r border-outline bg-surface-alt transition-transform duration-300 dark:border-outline-dark dark:bg-surface-dark-alt">
{# Sidebar nav links — adapted from the vendored Penguin UI component
penguinui-components/sidebar/simple-sidebar.html: Penguin's link
@@ -77,6 +85,10 @@
class="flex items-center gap-2 rounded-radius px-2 py-1.5 text-sm font-medium text-on-surface underline-offset-2 transition hover:bg-primary/5 hover:text-on-surface-strong focus:outline-hidden focus-visible:underline aria-[current=page]:bg-primary/10 aria-[current=page]:text-on-surface-strong dark:text-on-surface-dark dark:hover:bg-primary-dark/5 dark:hover:text-on-surface-dark-strong dark:aria-[current=page]:bg-primary-dark/10 dark:aria-[current=page]:text-on-surface-dark-strong">
{{ t(key="admin-products", lang=lang | default(value='sk')) }}
</a>
<a href="/admin/catalog/discount-profiles" data-nav="/admin/catalog/discount-profiles"
class="flex items-center gap-2 rounded-radius px-2 py-1.5 text-sm font-medium text-on-surface underline-offset-2 transition hover:bg-primary/5 hover:text-on-surface-strong focus:outline-hidden focus-visible:underline aria-[current=page]:bg-primary/10 aria-[current=page]:text-on-surface-strong dark:text-on-surface-dark dark:hover:bg-primary-dark/5 dark:hover:text-on-surface-dark-strong dark:aria-[current=page]:bg-primary-dark/10 dark:aria-[current=page]:text-on-surface-dark-strong">
{{ t(key="admin-discount-profiles", lang=lang | default(value='sk')) }}
</a>
<a href="/admin/catalog/categories" data-nav="/admin/catalog/categories"
class="flex items-center gap-2 rounded-radius px-2 py-1.5 text-sm font-medium text-on-surface underline-offset-2 transition hover:bg-primary/5 hover:text-on-surface-strong focus:outline-hidden focus-visible:underline aria-[current=page]:bg-primary/10 aria-[current=page]:text-on-surface-strong dark:text-on-surface-dark dark:hover:bg-primary-dark/5 dark:hover:text-on-surface-dark-strong dark:aria-[current=page]:bg-primary-dark/10 dark:aria-[current=page]:text-on-surface-dark-strong">
{{ t(key="admin-categories", lang=lang | default(value='sk')) }}
@@ -85,6 +97,10 @@
class="flex items-center gap-2 rounded-radius px-2 py-1.5 text-sm font-medium text-on-surface underline-offset-2 transition hover:bg-primary/5 hover:text-on-surface-strong focus:outline-hidden focus-visible:underline aria-[current=page]:bg-primary/10 aria-[current=page]:text-on-surface-strong dark:text-on-surface-dark dark:hover:bg-primary-dark/5 dark:hover:text-on-surface-dark-strong dark:aria-[current=page]:bg-primary-dark/10 dark:aria-[current=page]:text-on-surface-dark-strong">
{{ t(key="admin-orders", lang=lang | default(value='sk')) }}
</a>
<a href="/admin/customers" data-nav="/admin/customers"
class="flex items-center gap-2 rounded-radius px-2 py-1.5 text-sm font-medium text-on-surface underline-offset-2 transition hover:bg-primary/5 hover:text-on-surface-strong focus:outline-hidden focus-visible:underline aria-[current=page]:bg-primary/10 aria-[current=page]:text-on-surface-strong dark:text-on-surface-dark dark:hover:bg-primary-dark/5 dark:hover:text-on-surface-dark-strong dark:aria-[current=page]:bg-primary-dark/10 dark:aria-[current=page]:text-on-surface-dark-strong">
{{ t(key="admin-customers", lang=lang | default(value='sk')) }}
</a>
<a href="/admin/shipping" data-nav="/admin/shipping"
class="flex items-center gap-2 rounded-radius px-2 py-1.5 text-sm font-medium text-on-surface underline-offset-2 transition hover:bg-primary/5 hover:text-on-surface-strong focus:outline-hidden focus-visible:underline aria-[current=page]:bg-primary/10 aria-[current=page]:text-on-surface-strong dark:text-on-surface-dark dark:hover:bg-primary-dark/5 dark:hover:text-on-surface-dark-strong dark:aria-[current=page]:bg-primary-dark/10 dark:aria-[current=page]:text-on-surface-dark-strong">
{{ t(key="admin-shipping", lang=lang | default(value='sk')) }}
@@ -96,6 +112,7 @@
{{ t(key="admin-exit", lang=lang | default(value='sk')) }}
</a>
<form method="post" action="/logout">
{{ ui::csrf_field() }}
<button type="submit" class="flex w-full items-center gap-2 rounded-radius px-2 py-1.5 text-left text-sm font-medium text-danger underline-offset-2 transition hover:bg-danger/5 focus:outline-hidden focus-visible:underline">
{{ t(key="logout", lang=lang | default(value='sk')) }}
</button>
@@ -104,7 +121,8 @@
</nav>
<!-- content column -->
<div class="flex min-h-screen flex-col md:ml-60">
<div :class="collapsed ? 'md:ml-0' : 'md:ml-60'"
class="flex min-h-screen flex-col transition-[margin] duration-300">
<header class="sticky top-0 z-20 flex h-16 items-center gap-4 border-b border-outline bg-surface/95 px-4 backdrop-blur dark:border-outline-dark dark:bg-surface-dark/95">
<!-- Penguin animated hamburger (bars ↔ X) in our ghost-square shell -->
<button type="button" @click="showSidebar = !showSidebar" :aria-expanded="showSidebar" aria-label="{{ t(key='menu', lang=lang | default(value='sk')) }}"
@@ -113,17 +131,23 @@
{{ ui::icon(name="close", size="size-6", attrs='x-cloak x-show="showSidebar"') }}
</button>
<!-- desktop sidebar collapse toggle (chevron flips when collapsed) -->
<button type="button" @click="toggleCollapsed()" :aria-expanded="(!collapsed).toString()" aria-label="{{ t(key='menu', lang=lang | default(value='sk')) }}"
class="hidden size-9 shrink-0 items-center justify-center rounded-radius bg-transparent text-secondary transition hover:opacity-75 focus-visible:outline-2 focus-visible:outline-offset-2 focus-visible:outline-secondary active:opacity-100 active:outline-offset-0 md:inline-flex dark:text-secondary-dark dark:focus-visible:outline-secondary-dark">
{{ ui::icon(name="chevron-double-left", size="size-6", extra="transition-transform duration-300", attrs=`x-bind:class="collapsed ? 'rotate-180' : ''"`) }}
</button>
<span class="text-sm font-semibold text-on-surface-strong dark:text-on-surface-dark-strong">
{% block crumb %}{{ t(key="admin-title", lang=lang | default(value='sk')) }}{% endblock crumb %}
</span>
<!-- settings (language + theme) dropdown -->
<div x-data="{ open: false }" @keydown.escape="open = false" class="relative ml-auto">
<!-- settings (language + theme) dropdown (self-contained Alpine state) -->
<div class="ml-auto">
{% include "partials/settings_dropdown.html" %}
</div>
</header>
<main class="mx-auto w-full max-w-5xl flex-1 px-4 py-8">
<main class="mx-auto w-full flex-1 px-4 py-8 {% block main_class %}max-w-5xl{% endblock main_class %}">
{% block content %}{% endblock content %}
</main>
</div>

8
assets/views/admin/catalog/_price_preview.html Normal file
View File

@@ -0,0 +1,8 @@
{# OOB fragment: effective-price cells recomputed from the unsaved profile
selection on the products page. Each span replaces the matching #eff-<id>
span in the table via htmx out-of-band swap. Rendered by
admin_products::profiles_preview. #}
{% import "macros/ui.html" as ui %}
{% for product in products %}
<span id="eff-{{ product.id }}" hx-swap-oob="true">{{ ui::eff_price(p=product, preview=true) }}</span>
{% endfor %}

1
assets/views/admin/catalog/categories.html
View File

@@ -46,6 +46,7 @@
{{ ui::button(variant="outline-secondary", label=t(key="edit", lang=lang | default(value='sk')), href="/admin/catalog/categories/" ~ row.category.id ~ "/edit", size="px-3 py-1.5 text-xs") }}
<form method="post" action="/admin/catalog/categories/{{ row.category.id }}/delete"
onsubmit="return confirm('{{ t(key="confirm-delete", lang=lang | default(value='sk')) }}')">
{{ ui::csrf_field() }}
{{ ui::button(variant="outline-danger", label=t(key="delete", lang=lang | default(value='sk')), type="submit", size="px-3 py-1.5 text-xs") }}
</form>
</div>

25
assets/views/admin/catalog/category_form.html
View File

@@ -15,11 +15,12 @@
<form method="post" enctype="multipart/form-data"
action="{% if category %}/admin/catalog/categories/{{ category.id }}{% else %}/admin/catalog/categories{% endif %}"
class="mt-6 space-y-5 rounded-radius border border-outline bg-surface p-6 dark:border-outline-dark dark:bg-surface-dark-alt">
{{ ui::csrf_field() }}
{% if category %}
{% set v_name = category.name %}{% set v_slug = category.slug %}{% set v_pos = category.position %}{% set v_desc = category.description | default(value="") %}{% set v_pub = category.published %}
{% set v_name = category.name %}{% set v_pos = category.position %}{% set v_desc = category.description | default(value="") %}{% set v_pub = category.published %}
{% else %}
{% set v_name = "" %}{% set v_slug = "" %}{% set v_pos = 0 %}{% set v_desc = "" %}{% set v_pub = false %}
{% set v_name = "" %}{% set v_pos = "" %}{% set v_desc = "" %}{% set v_pub = false %}
{% endif %}
<div class="space-y-1.5">
@@ -27,17 +28,6 @@
{{ ui::input(name="name", id="name", required=true, value=v_name) }}
</div>
<div class="grid gap-5 sm:grid-cols-2">
<div class="space-y-1.5">
<label for="slug" class="text-sm font-medium text-on-surface-strong dark:text-on-surface-dark-strong">{{ t(key="slug", lang=lang | default(value='sk')) }}</label>
{{ ui::input(name="slug", id="slug", value=v_slug, placeholder=t(key='slug-auto', lang=lang | default(value='sk'))) }}
</div>
<div class="space-y-1.5">
<label for="position" class="text-sm font-medium text-on-surface-strong dark:text-on-surface-dark-strong">{{ t(key="position", lang=lang | default(value='sk')) }}</label>
{{ ui::input(name="position", id="position", type="number", value=v_pos) }}
</div>
</div>
<div class="space-y-1.5">
<label for="parent_id" class="text-sm font-medium text-on-surface-strong dark:text-on-surface-dark-strong">{{ t(key="parent-category", lang=lang | default(value='sk')) }}</label>
<div class="relative">
@@ -67,6 +57,15 @@
{{ ui::file_input(name="image", id="image", accept="image/*") }}
</div>
<div class="space-y-1.5">
<label for="position" class="text-sm font-medium text-on-surface-strong dark:text-on-surface-dark-strong">
{{ t(key="position", lang=lang | default(value='sk')) }}
<span class="font-normal text-on-surface/60 dark:text-on-surface-dark/60">({{ t(key="field-optional", lang=lang | default(value='sk')) }})</span>
</label>
{{ ui::input(name="position", id="position", type="number", value=v_pos, placeholder=t(key='position-auto', lang=lang | default(value='sk'))) }}
<p class="text-xs text-on-surface/60 dark:text-on-surface-dark/60">{{ t(key="position-hint", lang=lang | default(value='sk')) }}</p>
</div>
{{ ui::checkbox(name="published", id="published", label=t(key="published", lang=lang | default(value='sk')), checked=v_pub) }}
<div class="flex gap-3 pt-2">

132
assets/views/admin/catalog/discount_form.html Normal file
View File

@@ -0,0 +1,132 @@
{% extends "admin/base.html" %}
{% import "macros/ui.html" as ui %}
{% block title %}{{ t(key="set-discount", lang=lang | default(value='sk')) }}{% endblock title %}
{% block crumb %}{{ t(key="admin-discounts", lang=lang | default(value='sk')) }}{% endblock crumb %}
{% block content %}
<div class="flex items-center justify-between gap-3">
<div>
<h1 class="text-2xl font-bold text-on-surface-strong dark:text-on-surface-dark-strong">{{ product.name }}</h1>
<p class="text-sm text-on-surface/70 dark:text-on-surface-dark/70">
{% if audience == "business" %}{{ t(key="audience-business", lang=lang | default(value='sk')) }}{% else %}{{ t(key="audience-personal", lang=lang | default(value='sk')) }}{% endif %}
</p>
</div>
{{ ui::button(variant="outline-secondary", label=t(key="cancel", lang=lang | default(value='sk')), href="/admin/catalog/products?audience=" ~ audience, size="px-3 py-2 text-sm") }}
</div>
{# One discount row per option (variant). Each row picks a fixed sale price or a #}
{# percentage off its own regular price; a blank input clears that option's #}
{# discount. Both the fixed and percent inputs always submit (the server reads the #}
{# active mode); rows are pre-filled from `rows` (DB values, or submitted values #}
{# when repainting after a validation error) and indexed as v[<variant id>][...]. #}
<script id="discount-data" type="application/json">{{ rows | json_encode() | safe }}</script>
<form method="post" action="/admin/catalog/products/{{ product.id }}/discount?audience={{ audience }}"
x-data="discountEditor(JSON.parse(document.getElementById('discount-data').textContent))"
class="mt-6 max-w-2xl space-y-5">
{{ ui::csrf_field() }}
{% if error %}
{{ ui::alert_danger(message=t(key=error, lang=lang | default(value='sk'))) }}
{% endif %}
<template x-for="row in rows" :key="row.id">
<div class="space-y-4 rounded-radius border border-outline bg-surface p-5 dark:border-outline-dark dark:bg-surface-dark-alt">
<div class="flex items-center justify-between gap-3">
<span class="font-semibold text-on-surface-strong dark:text-on-surface-dark-strong"
x-text="row.label || ('#' + row.id)"></span>
<span class="text-sm tabular-nums text-on-surface/70 dark:text-on-surface-dark/70">
{{ t(key="price", lang=lang | default(value='sk')) }}:
<span x-text="row.regular_price"></span> <span x-text="row.currency"></span>
</span>
</div>
<input type="hidden" :name="`v[${row.id}][mode]`" :value="row.mode">
<div class="grid gap-4 sm:grid-cols-2">
<!-- mode toggle -->
<div class="grid grid-cols-2 gap-2">
<label class="flex cursor-pointer items-center justify-center gap-2 rounded-radius border px-3 py-2 text-sm transition"
:class="row.mode === 'fixed' ? 'border-primary bg-primary/10 text-on-surface-strong dark:border-primary-dark dark:bg-primary-dark/10 dark:text-on-surface-dark-strong' : 'border-outline text-on-surface dark:border-outline-dark dark:text-on-surface-dark'">
<input type="radio" :name="`mode-ui-${row.id}`" value="fixed" x-model="row.mode" class="sr-only">
{{ t(key="discount-mode-fixed", lang=lang | default(value='sk')) }}
</label>
<label class="flex cursor-pointer items-center justify-center gap-2 rounded-radius border px-3 py-2 text-sm transition"
:class="row.mode === 'percent' ? 'border-primary bg-primary/10 text-on-surface-strong dark:border-primary-dark dark:bg-primary-dark/10 dark:text-on-surface-dark-strong' : 'border-outline text-on-surface dark:border-outline-dark dark:text-on-surface-dark'">
<input type="radio" :name="`mode-ui-${row.id}`" value="percent" x-model="row.mode" class="sr-only">
{{ t(key="discount-mode-percent", lang=lang | default(value='sk')) }}
</label>
</div>
<!-- value input: both fields stay in the DOM and submit; the server reads
whichever matches the row's mode -->
<div class="space-y-1.5">
<div x-show="row.mode === 'fixed'">
<label class="text-sm font-medium text-on-surface-strong dark:text-on-surface-dark-strong">{{ t(key="sale-price", lang=lang | default(value='sk')) }}</label>
<input :name="`v[${row.id}][fixed]`" x-model="row.fixed" inputmode="decimal" placeholder="0.00"
class="w-full rounded-radius border border-outline bg-surface-alt px-4 py-2 text-sm text-on-surface focus-visible:outline-2 focus-visible:outline-offset-2 focus-visible:outline-primary dark:border-outline-dark dark:bg-surface-dark-alt/50 dark:text-on-surface-dark dark:focus-visible:outline-primary-dark">
</div>
<div x-show="row.mode === 'percent'">
<label class="text-sm font-medium text-on-surface-strong dark:text-on-surface-dark-strong">{{ t(key="discount-percent", lang=lang | default(value='sk')) }}</label>
<input :name="`v[${row.id}][percent]`" x-model="row.percent" inputmode="decimal" min="0" max="100" placeholder="0"
class="w-full rounded-radius border border-outline bg-surface-alt px-4 py-2 text-sm text-on-surface focus-visible:outline-2 focus-visible:outline-offset-2 focus-visible:outline-primary dark:border-outline-dark dark:bg-surface-dark-alt/50 dark:text-on-surface-dark dark:focus-visible:outline-primary-dark">
</div>
</div>
</div>
<!-- live preview -->
<div x-show="afterCents(row) !== null" x-cloak
class="flex flex-wrap items-center justify-between gap-3 rounded-radius border border-outline bg-surface-alt px-4 py-2.5 text-sm dark:border-outline-dark dark:bg-surface-dark/40">
<span class="text-on-surface/70 dark:text-on-surface-dark/70">{{ t(key="discount-preview-after", lang=lang | default(value='sk')) }}</span>
<span class="flex items-center gap-2">
<span class="tabular-nums text-on-surface/50 line-through dark:text-on-surface-dark/50" x-text="money(row.regular_cents) + ' ' + row.currency"></span>
<span class="text-base font-semibold tabular-nums" :class="valid(row) ? 'text-danger' : 'text-on-surface/40 dark:text-on-surface-dark/40'"
x-text="money(afterCents(row)) + ' ' + row.currency"></span>
<span x-show="valid(row)" class="text-xs text-on-surface/60 dark:text-on-surface-dark/60" x-text="'(' + percentOff(row) + '%)'"></span>
</span>
</div>
<p x-show="afterCents(row) !== null && !valid(row)" class="text-xs text-danger">{{ t(key="discount-below-regular", lang=lang | default(value='sk')) }}</p>
</div>
</template>
<div class="flex flex-wrap gap-3 pt-2">
{{ ui::button(label=t(key="save", lang=lang | default(value='sk')), type="submit", attrs=`onclick="return confirm('` ~ t(key="discount-apply-confirm", lang=lang | default(value='sk')) ~ `')"`) }}
{% if has_discount %}
{{ ui::button(variant="outline-danger", label=t(key="remove-discount", lang=lang | default(value='sk')), type="submit", attrs=`formaction="/admin/catalog/products/` ~ product.id ~ `/discount/remove?audience=` ~ audience ~ `" onclick="return confirm('` ~ t(key="discount-remove-confirm", lang=lang | default(value='sk')) ~ `')"`) }}
{% endif %}
</div>
</form>
<script>
function discountEditor(initial) {
return {
rows: (initial || []).map(r => ({
id: r.id,
label: r.label || '',
regular_cents: r.regular_cents,
regular_price: r.regular_price,
currency: r.currency,
mode: r.mode || 'fixed',
fixed: r.fixed || '',
percent: r.percent || '',
})),
num(v) { let n = parseFloat(String(v).replace(',', '.')); return isFinite(n) ? n : null; },
money(c) { return (c / 100).toFixed(2); },
afterCents(row) {
if (row.mode === 'percent') {
let p = this.num(row.percent); if (p === null) return null;
return row.regular_cents - Math.round(row.regular_cents * p / 100);
}
let f = this.num(row.fixed); if (f === null) return null;
return Math.round(f * 100);
},
valid(row) { let a = this.afterCents(row); return a !== null && a > 0 && a < row.regular_cents; },
percentOff(row) {
let a = this.afterCents(row);
return (a === null || row.regular_cents <= 0) ? null : Math.round((row.regular_cents - a) / row.regular_cents * 100);
},
};
}
</script>
{% endblock content %}

71
assets/views/admin/catalog/discount_profile_form.html Normal file
View File

@@ -0,0 +1,71 @@
{% extends "admin/base.html" %}
{% import "macros/ui.html" as ui %}
{% block title %}{% if profile %}{{ t(key="edit-profile", lang=lang | default(value='sk')) }}{% else %}{{ t(key="new-profile", lang=lang | default(value='sk')) }}{% endif %}{% endblock title %}
{% block crumb %}{{ t(key="admin-discount-profiles", lang=lang | default(value='sk')) }}{% endblock crumb %}
{% block content %}
<div class="flex items-center justify-between gap-3">
<h1 class="text-2xl font-bold text-on-surface-strong dark:text-on-surface-dark-strong">
{% if profile %}{{ t(key="edit-profile", lang=lang | default(value='sk')) }}{% else %}{{ t(key="new-profile", lang=lang | default(value='sk')) }}{% endif %}
</h1>
{{ ui::button(variant="outline-secondary", label=t(key="cancel", lang=lang | default(value='sk')), href="/admin/catalog/discount-profiles", size="px-3 py-2 text-sm") }}
</div>
{% if profile %}{% set v_name = profile.name %}{% set v_percent = profile.percent %}{% set v_scope = profile.scope_type %}
{% else %}{% set v_name = "" %}{% set v_percent = "" %}{% set v_scope = "include" %}{% endif %}
<form method="post"
action="{% if profile %}/admin/catalog/discount-profiles/{{ profile.id }}{% else %}/admin/catalog/discount-profiles{% endif %}"
class="mt-6 space-y-5 rounded-radius border border-outline bg-surface p-6 dark:border-outline-dark dark:bg-surface-dark-alt">
{{ ui::csrf_field() }}
{% if error %}{{ ui::alert_danger(message=t(key=error, lang=lang | default(value='sk'))) }}{% endif %}
<div class="grid gap-5 sm:grid-cols-2">
<div class="space-y-1.5">
<label for="name" class="text-sm font-medium text-on-surface-strong dark:text-on-surface-dark-strong">{{ t(key="name", lang=lang | default(value='sk')) }}</label>
{{ ui::input(name="name", id="name", required=true, value=v_name) }}
</div>
<div class="space-y-1.5">
<label for="percent" class="text-sm font-medium text-on-surface-strong dark:text-on-surface-dark-strong">{{ t(key="discount-percent", lang=lang | default(value='sk')) }}</label>
{{ ui::input(name="percent", id="percent", required=true, value=v_percent, placeholder="0", attrs='inputmode="decimal" min="0" max="100"') }}
</div>
</div>
<fieldset class="space-y-2">
<legend class="text-sm font-medium text-on-surface-strong dark:text-on-surface-dark-strong">{{ t(key="scope", lang=lang | default(value='sk')) }}</legend>
<label class="flex items-center gap-2 text-sm text-on-surface dark:text-on-surface-dark">
<input type="radio" name="scope_type" value="include" {% if v_scope != "all_except" %}checked{% endif %}>
{{ t(key="scope-include-hint", lang=lang | default(value='sk')) }}
</label>
<label class="flex items-center gap-2 text-sm text-on-surface dark:text-on-surface-dark">
<input type="radio" name="scope_type" value="all_except" {% if v_scope == "all_except" %}checked{% endif %}>
{{ t(key="scope-all-except-hint", lang=lang | default(value='sk')) }}
</label>
</fieldset>
<div class="space-y-1.5">
<span class="text-sm font-medium text-on-surface-strong dark:text-on-surface-dark-strong">{{ t(key="products", lang=lang | default(value='sk')) }}</span>
<div class="max-h-72 overflow-y-auto rounded-radius border border-outline p-3 dark:border-outline-dark">
{% if products | length > 0 %}
<div class="grid gap-2 sm:grid-cols-2">
{% for product in products %}
<label class="flex items-center gap-2 text-sm text-on-surface dark:text-on-surface-dark">
<input type="checkbox" name="product_ids" value="{{ product.id }}" {% if product.selected %}checked{% endif %}>
{{ product.name }}
</label>
{% endfor %}
</div>
{% else %}
<p class="text-sm text-on-surface/60 dark:text-on-surface-dark/60">{{ t(key="admin-no-products", lang=lang | default(value='sk')) }}</p>
{% endif %}
</div>
</div>
<div class="flex gap-3 pt-2">
{{ ui::button(label=t(key="save", lang=lang | default(value='sk')), type="submit") }}
{{ ui::button(variant="outline-secondary", label=t(key="cancel", lang=lang | default(value='sk')), href="/admin/catalog/discount-profiles") }}
</div>
</form>
{% endblock content %}

58
assets/views/admin/catalog/discount_profiles.html Normal file
View File

@@ -0,0 +1,58 @@
{% extends "admin/base.html" %}
{% import "macros/ui.html" as ui %}
{% block title %}{{ t(key="admin-discount-profiles", lang=lang | default(value='sk')) }}{% endblock title %}
{% block crumb %}{{ t(key="admin-discount-profiles", lang=lang | default(value='sk')) }}{% endblock crumb %}
{% block content %}
<div class="flex flex-wrap items-end justify-between gap-3">
<div>
<h1 class="text-2xl font-bold text-on-surface-strong dark:text-on-surface-dark-strong">{{ t(key="admin-discount-profiles", lang=lang | default(value='sk')) }}</h1>
<p class="text-sm text-on-surface/70 dark:text-on-surface-dark/70">{{ t(key="admin-discount-profiles-desc", lang=lang | default(value='sk')) }}</p>
</div>
{{ ui::button(label=t(key="new-profile", lang=lang | default(value='sk')), href="/admin/catalog/discount-profiles/new") }}
</div>
<div class="mt-6 {{ ui::table_wrap_cls() }}">
{% if profiles | length > 0 %}
<table class="{{ ui::table_cls() }}">
<thead class="{{ ui::thead_cls() }}">
<tr>
{{ ui::th(label=t(key="name", lang=lang | default(value='sk'))) }}
{{ ui::th(label=t(key="discount-percent", lang=lang | default(value='sk'))) }}
{{ ui::th(label=t(key="scope", lang=lang | default(value='sk'))) }}
{{ ui::th(label=t(key="products", lang=lang | default(value='sk'))) }}
{{ ui::th(label=t(key="actions", lang=lang | default(value='sk')), align="text-right") }}
</tr>
</thead>
<tbody class="{{ ui::tbody_cls() }}">
{% for profile in profiles %}
<tr class="{{ ui::row_cls() }}">
<td class="px-4 py-3 font-medium text-on-surface-strong dark:text-on-surface-dark-strong">{{ profile.name }}</td>
<td class="px-4 py-3 tabular-nums">{{ profile.percent }}%</td>
<td class="px-4 py-3">
{% if profile.scope_type == "all_except" %}{{ t(key="scope-all-except", lang=lang | default(value='sk')) }}{% else %}{{ t(key="scope-include", lang=lang | default(value='sk')) }}{% endif %}
</td>
<td class="px-4 py-3 tabular-nums">{{ profile.product_count }}</td>
<td class="px-4 py-3">
<div class="flex flex-wrap justify-end gap-2">
{{ ui::button(variant="outline-secondary", label=t(key="edit", lang=lang | default(value='sk')), href="/admin/catalog/discount-profiles/" ~ profile.id ~ "/edit", size="px-3 py-1.5 text-xs") }}
<form method="post" action="/admin/catalog/discount-profiles/{{ profile.id }}/delete"
onsubmit="return confirm('{{ t(key="confirm-delete", lang=lang | default(value='sk')) }}')">
{{ ui::csrf_field() }}
{{ ui::button(variant="outline-danger", label=t(key="delete", lang=lang | default(value='sk')), type="submit", size="px-3 py-1.5 text-xs") }}
</form>
</div>
</td>
</tr>
{% endfor %}
</tbody>
</table>
{% else %}
<div class="flex flex-col items-center gap-3 px-4 py-16 text-center">
<p class="text-on-surface/70 dark:text-on-surface-dark/70">{{ t(key="admin-no-profiles", lang=lang | default(value='sk')) }}</p>
{{ ui::button(label=t(key="new-profile", lang=lang | default(value='sk')), href="/admin/catalog/discount-profiles/new") }}
</div>
{% endif %}
</div>
{% endblock content %}

183
assets/views/admin/catalog/product_form.html
View File

@@ -3,6 +3,9 @@
{% block title %}{% if product %}{{ t(key="edit-product", lang=lang | default(value='sk')) }}{% else %}{{ t(key="new-product", lang=lang | default(value='sk')) }}{% endif %}{% endblock title %}
{% block crumb %}{{ t(key="admin-products", lang=lang | default(value='sk')) }}{% endblock crumb %}
{% block head %}
<link href="/static/vendor/quill/quill.snow.css" rel="stylesheet" type="text/css">
{% endblock head %}
{% block content %}
<div class="flex items-center justify-between gap-3">
@@ -15,40 +18,93 @@
<form method="post" enctype="multipart/form-data"
action="{% if product %}/admin/catalog/products/{{ product.id }}{% else %}/admin/catalog/products{% endif %}"
class="mt-6 space-y-5 rounded-radius border border-outline bg-surface p-6 dark:border-outline-dark dark:bg-surface-dark-alt">
{{ ui::csrf_field() }}
{% if product %}
{% set v_name = product.name %}{% set v_price = product.price %}{% set v_currency = product.currency %}{% set v_stock = product.stock %}{% set v_sku = product.sku | default(value="") %}{% set v_slug = product.slug %}{% set v_desc = product.description | default(value="") %}{% set v_pub = product.published %}
{% set v_name = product.name %}{% set v_currency = product.currency %}{% set v_desc = product.description | default(value="") %}{% set v_short = product.short_description | default(value="") %}{% set v_pub = product.published %}
{% else %}
{% set v_name = "" %}{% set v_price = "" %}{% set v_currency = "EUR" %}{% set v_stock = 0 %}{% set v_sku = "" %}{% set v_slug = "" %}{% set v_desc = "" %}{% set v_pub = false %}
{% set v_name = "" %}{% set v_currency = "EUR" %}{% set v_desc = "" %}{% set v_short = "" %}{% set v_pub = false %}
{% endif %}
{% set inp = "w-full rounded-radius border border-outline bg-surface-alt px-3 py-2 text-sm text-on-surface focus-visible:outline-2 focus-visible:outline-offset-2 focus-visible:outline-primary dark:border-outline-dark dark:bg-surface-dark-alt/50 dark:text-on-surface-dark dark:focus-visible:outline-primary-dark" %}
{% set sublabel = "text-xs font-medium text-on-surface/70 dark:text-on-surface-dark/70" %}
<div class="space-y-1.5">
<label for="name" class="text-sm font-medium text-on-surface-strong dark:text-on-surface-dark-strong">{{ t(key="name", lang=lang | default(value='sk')) }}</label>
{{ ui::input(name="name", id="name", required=true, value=v_name) }}
</div>
<div class="grid gap-5 sm:grid-cols-2">
<div class="space-y-1.5">
<label for="price" class="text-sm font-medium text-on-surface-strong dark:text-on-surface-dark-strong">{{ t(key="price", lang=lang | default(value='sk')) }}</label>
{{ ui::input(name="price", id="price", required=true, value=v_price, placeholder="0.00", attrs='inputmode="decimal"') }}
</div>
<div class="space-y-1.5">
<div class="space-y-1.5 sm:max-w-[10rem]">
<label for="currency" class="text-sm font-medium text-on-surface-strong dark:text-on-surface-dark-strong">{{ t(key="currency", lang=lang | default(value='sk')) }}</label>
{{ ui::input(name="currency", id="currency", value=v_currency, attrs='maxlength="3"', extra="uppercase") }}
</div>
{# --- Variants / options editor ------------------------------------------- #}
{# Each product is sold as one or more variants (a free-text label such as #}
{# "10cm x 13cm" or "5ml" plus its own price). Price is required. Stock is #}
{# optional — leave it blank ("∞") to mark the option simply available (not #}
{# inventory-tracked). SKU and business price are optional too. Rows are #}
{# managed client-side; names are indexed (variants[i][…]) and read back by #}
{# the controller. #}
{% set opt = " (" ~ t(key="optional", lang=lang | default(value='sk')) ~ ")" %}
<script id="variants-data" type="application/json">{{ variants | json_encode() | safe }}</script>
<div class="space-y-3" x-data="variantEditor(JSON.parse(document.getElementById('variants-data').textContent))">
<div class="flex items-center justify-between">
<span class="text-sm font-medium text-on-surface-strong dark:text-on-surface-dark-strong">{{ t(key="variants-options", lang=lang | default(value='sk')) }}</span>
<button type="button" @click="add()"
class="rounded-radius border border-outline px-3 py-1.5 text-sm font-medium text-on-surface hover:bg-surface-alt dark:border-outline-dark dark:text-on-surface-dark dark:hover:bg-surface-dark-alt/50">
+ {{ t(key="add-option", lang=lang | default(value='sk')) }}
</button>
</div>
<div class="grid gap-5 sm:grid-cols-2">
<div class="space-y-1.5">
<label for="stock" class="text-sm font-medium text-on-surface-strong dark:text-on-surface-dark-strong">{{ t(key="stock", lang=lang | default(value='sk')) }}</label>
{{ ui::input(name="stock", id="stock", type="number", value=v_stock, attrs='min="0"') }}
<template x-for="(row, i) in rows" :key="i">
<div class="flex items-end gap-3 rounded-radius border border-outline bg-surface-alt/40 p-3 dark:border-outline-dark dark:bg-surface-dark-alt/30">
<input type="hidden" :name="`variants[${i}][id]`" :value="row.id">
{# items-end bottom-aligns every input regardless of how many lines each
label takes, so the row stays aligned even with the "(optional)" notes. #}
<div class="grid flex-1 grid-cols-2 gap-3 sm:grid-cols-12 sm:items-end">
<div class="space-y-1 col-span-2 sm:col-span-6">
<label class="{{ sublabel }} block truncate">{{ t(key="option-label", lang=lang | default(value='sk')) }}{{ opt }}</label>
<input :name="`variants[${i}][label]`" x-model="row.label" class="{{ inp }}" placeholder="napr. 10cm x 13cm">
</div>
<div class="space-y-1.5">
<label for="sku" class="text-sm font-medium text-on-surface-strong dark:text-on-surface-dark-strong">{{ t(key="sku", lang=lang | default(value='sk')) }}</label>
{{ ui::input(name="sku", id="sku", value=v_sku) }}
<div class="space-y-1 sm:col-span-2">
<label class="{{ sublabel }} block truncate">{{ t(key="sku", lang=lang | default(value='sk')) }}{{ opt }}</label>
<input :name="`variants[${i}][sku]`" x-model="row.sku" class="{{ inp }}">
</div>
<div class="space-y-1 sm:col-span-2">
<label class="{{ sublabel }} block truncate">{{ t(key="stock", lang=lang | default(value='sk')) }}{{ opt }}</label>
<input type="number" min="0" :name="`variants[${i}][stock]`" x-model="row.stock" class="{{ inp }}" placeholder="∞" title="{{ t(key='stock-untracked-hint', lang=lang | default(value='sk')) }}">
</div>
<div class="space-y-1 sm:col-span-2">
<label class="{{ sublabel }} block truncate">{{ t(key="price", lang=lang | default(value='sk')) }}</label>
<input :name="`variants[${i}][price]`" x-model="row.price" inputmode="decimal" required class="{{ inp }}" placeholder="0.00">
</div>
</div>
<button type="button" @click="remove(i)"
class="mb-1 shrink-0 rounded-radius px-2 py-2 text-sm text-danger hover:bg-danger/10" title="{{ t(key='delete', lang=lang | default(value='sk')) }}"></button>
</div>
</template>
</div>
<script>
function variantEditor(initial) {
const blank = () => ({ id: '', label: '', sku: '', stock: '', price: '' });
return {
rows: (initial || []).map(r => ({
id: r.id || '',
label: r.label || '',
sku: r.sku || '',
stock: (r.stock === null || r.stock === undefined) ? '' : r.stock,
price: r.price || '',
})),
init() { if (this.rows.length === 0) this.add(); },
add() { this.rows.push(blank()); },
remove(i) { this.rows.splice(i, 1); if (this.rows.length === 0) this.add(); },
};
}
</script>
<div class="space-y-1.5">
<label for="category_id" class="text-sm font-medium text-on-surface-strong dark:text-on-surface-dark-strong">{{ t(key="category", lang=lang | default(value='sk')) }}</label>
<div class="relative">
@@ -64,21 +120,96 @@
</div>
<div class="space-y-1.5">
<label for="slug" class="text-sm font-medium text-on-surface-strong dark:text-on-surface-dark-strong">{{ t(key="slug", lang=lang | default(value='sk')) }}</label>
{{ ui::input(name="slug", id="slug", value=v_slug, placeholder=t(key='slug-auto', lang=lang | default(value='sk'))) }}
<span class="text-sm font-medium text-on-surface-strong dark:text-on-surface-dark-strong">{{ t(key="short-description", lang=lang | default(value='sk')) }}</span>
<p class="{{ sublabel }}">{{ t(key="short-description-hint", lang=lang | default(value='sk')) }}</p>
{{ ui::rich_editor(name="short_description", lang=lang | default(value='sk'), value=v_short, min_height="6rem") }}
</div>
<div class="space-y-1.5">
<label for="description" class="text-sm font-medium text-on-surface-strong dark:text-on-surface-dark-strong">{{ t(key="description", lang=lang | default(value='sk')) }}</label>
{{ ui::textarea(name="description", id="description", rows="5", value=v_desc) }}
<span class="text-sm font-medium text-on-surface-strong dark:text-on-surface-dark-strong">{{ t(key="description", lang=lang | default(value='sk')) }}</span>
{{ ui::rich_editor(name="description", lang=lang | default(value='sk'), value=v_desc, min_height="16rem") }}
</div>
<div class="space-y-1.5">
<label for="image" class="text-sm font-medium text-on-surface-strong dark:text-on-surface-dark-strong">{{ t(key="image", lang=lang | default(value='sk')) }}</label>
{% if product and product.image %}
<img src="/images/{{ product.image }}" alt="" class="size-24 rounded-radius object-cover">
{% endif %}
{{ ui::file_input(name="image", id="image", accept="image/*") }}
{# --- Images gallery ------------------------------------------------------- #}
{# Unified drag-orderable gallery: existing images (with id) and new uploads #}
{# (placeholder blobs) live in a single list. The full order is submitted as #}
{# repeated `image_order` fields — an integer id for kept images or `new` for #}
{# each uploaded file. The DataTransfer backing the hidden `image` file input #}
{# is rebuilt after every reorder / add / remove so the file-part order matches #}
{# the relative order of `new` slots in `image_order`. #}
<script id="images-data" type="application/json">{% if product %}{{ product.images | json_encode() | safe }}{% else %}[]{% endif %}</script>
<div class="space-y-2" x-data="{
init() {
const existing = JSON.parse(document.getElementById('images-data').textContent);
this.items = existing.map(im => ({ type: 'existing', id: im.id, image_id: im.image_id }));
},
items: [],
dt: new DataTransfer(),
dragIndex: null,
rebuildDt() {
this.dt = new DataTransfer();
for (const it of this.items) {
if (it.type === 'new') this.dt.items.add(it.file);
}
this.$refs.holder.files = this.dt.files;
},
onDrop(i) {
if (this.dragIndex === null || this.dragIndex === i) { this.dragIndex = null; return; }
this.items.splice(i, 0, this.items.splice(this.dragIndex, 1)[0]);
this.dragIndex = null;
this.rebuildDt();
},
addFiles(e) {
for (const f of e.target.files) {
this.items.push({ type: 'new', file: f, url: URL.createObjectURL(f) });
}
this.rebuildDt();
e.target.value = '';
},
remove(i) {
const it = this.items[i];
if (it.type === 'new') URL.revokeObjectURL(it.url);
this.items.splice(i, 1);
this.rebuildDt();
},
}">
<span class="text-sm font-medium text-on-surface-strong dark:text-on-surface-dark-strong">{{ t(key="images", lang=lang | default(value='sk')) }}</span>
<p class="{{ sublabel }}">{{ t(key="gallery-hint", lang=lang | default(value='sk')) }}</p>
<div class="flex flex-wrap gap-3" x-show="items.length">
<template x-for="(it, i) in items" :key="it.type === 'existing' ? it.id : it.url">
<div draggable="true"
@dragstart="dragIndex = i"
@dragover.prevent
@drop.prevent="onDrop(i)"
:class="dragIndex === i ? 'opacity-50' : ''"
class="group relative size-24 cursor-move overflow-hidden rounded-radius border border-outline dark:border-outline-dark">
<input type="hidden" name="image_order" :value="it.type === 'existing' ? it.id : 'new'">
<img :src="it.type === 'existing' ? `/images/${it.image_id}` : it.url" alt="" class="size-full object-cover">
<span x-show="i === 0"
class="absolute left-1 top-1 rounded-radius bg-primary px-1.5 py-0.5 text-[10px] font-semibold text-on-primary dark:bg-primary-dark dark:text-on-primary-dark">{{ t(key="main-image", lang=lang | default(value='sk')) }}</span>
<button type="button" @click="remove(i)"
class="absolute right-1 top-1 flex size-5 items-center justify-center rounded-full bg-surface/70 text-xs text-danger opacity-0 transition group-hover:opacity-100 dark:bg-surface-dark/70"
title="{{ t(key='delete', lang=lang | default(value='sk')) }}"></button>
</div>
</template>
</div>
{# Hidden input carries the accumulated files on submit; the visible picker #}
{# only feeds addFiles() and is reset after each pick so selections stack. #}
<input type="file" name="image" multiple class="hidden" x-ref="holder">
<input type="file" accept="image/*" multiple class="hidden" x-ref="picker" @change="addFiles($event)">
<button type="button" @click="$refs.picker.click()"
class="rounded-radius border border-outline px-3 py-1.5 text-sm font-medium text-on-surface hover:bg-surface-alt dark:border-outline-dark dark:text-on-surface-dark dark:hover:bg-surface-dark-alt/50">
+ {{ t(key="add-images", lang=lang | default(value='sk')) }}
</button>
</div>
{{ ui::checkbox(name="published", id="published", label=t(key="published", lang=lang | default(value='sk')), checked=v_pub) }}
@@ -88,4 +219,6 @@
{{ ui::button(variant="outline-secondary", label=t(key="cancel", lang=lang | default(value='sk')), href="/admin/catalog/products") }}
</div>
</form>
<script src="/static/vendor/quill/quill.js"></script>
<script src="/static/js/rich-editor.js"></script>
{% endblock content %}

98
assets/views/admin/catalog/products.html
View File

@@ -3,8 +3,12 @@
{% block title %}{{ t(key="admin-products", lang=lang | default(value='sk')) }}{% endblock title %}
{% block crumb %}{{ t(key="admin-products", lang=lang | default(value='sk')) }}{% endblock crumb %}
{% block main_class %}max-w-none{% endblock main_class %}
{% block content %}
{% set business = audience == "business" %}
{% set L = lang | default(value='sk') %}
{% set q_enc = query | default(value='') | urlencode %}
<div class="flex flex-wrap items-end justify-between gap-3">
<div>
<h1 class="text-2xl font-bold text-on-surface-strong dark:text-on-surface-dark-strong">{{ t(key="admin-products", lang=lang | default(value='sk')) }}</h1>
@@ -13,13 +17,90 @@
{{ ui::button(label=t(key="new-product", lang=lang | default(value='sk')), href="/admin/catalog/products/new") }}
</div>
<div class="mt-6 {{ ui::table_wrap_cls() }}">
<div class="mt-4 flex flex-wrap items-center justify-between gap-3">
<!-- audience tabs -->
<div class="inline-flex rounded-radius border border-outline p-1 dark:border-outline-dark">
<a href="/admin/catalog/products?audience=personal&q={{ q_enc }}"
class="rounded-radius px-4 py-1.5 text-sm font-medium {% if not business %}bg-primary/10 text-on-surface-strong dark:bg-primary-dark/10 dark:text-on-surface-dark-strong{% else %}text-on-surface/70 dark:text-on-surface-dark/70{% endif %}">
{{ t(key="audience-personal", lang=L) }}
</a>
<a href="/admin/catalog/products?audience=business&q={{ q_enc }}"
class="rounded-radius px-4 py-1.5 text-sm font-medium {% if business %}bg-primary/10 text-on-surface-strong dark:bg-primary-dark/10 dark:text-on-surface-dark-strong{% else %}text-on-surface/70 dark:text-on-surface-dark/70{% endif %}">
{{ t(key="audience-business", lang=L) }}
</a>
</div>
<!-- product search (drafts included); keeps the active audience + category -->
<form method="get" action="/admin/catalog/products" role="search" class="relative w-full max-w-xs">
<input type="hidden" name="audience" value="{{ audience }}">
<input type="hidden" name="category" value="{{ selected_category }}">
<span class="pointer-events-none absolute inset-y-0 left-0 flex items-center pl-3 text-on-surface/50 dark:text-on-surface-dark/50">
{{ ui::icon(name="search", size="size-5") }}
</span>
<input type="search" name="q" value="{{ query | default(value='') }}" autocomplete="off"
placeholder="{{ t(key='search-placeholder', lang=L) }}" aria-label="{{ t(key='search-placeholder', lang=L) }}"
class="w-full rounded-radius border border-outline bg-surface py-2 pl-10 pr-3 text-sm text-on-surface placeholder:text-on-surface/50 focus-visible:outline-2 focus-visible:outline-offset-2 focus-visible:outline-primary dark:border-outline-dark dark:bg-surface-dark-alt dark:text-on-surface-dark dark:placeholder:text-on-surface-dark/50 dark:focus-visible:outline-primary-dark">
</form>
</div>
{% set category_base = "/admin/catalog/products" %}
{% set category_suffix = "&audience=" ~ audience ~ "&q=" ~ q_enc %}
<div class="mt-4 flex flex-col gap-6 md:flex-row md:items-start">
{% include "admin/partials/category_filter.html" %}
<!-- discount profiles applied to this audience -->
<section class="min-w-0 flex-1 rounded-radius border border-outline bg-surface p-6 dark:border-outline-dark dark:bg-surface-dark-alt">
<h2 class="text-lg font-semibold text-on-surface-strong dark:text-on-surface-dark-strong">{{ t(key="discount-profiles", lang=lang | default(value='sk')) }}</h2>
<p class="mt-1 text-sm text-on-surface/70 dark:text-on-surface-dark/70">
{% if business %}{{ t(key="apply-profiles-business-hint", lang=lang | default(value='sk')) }}{% else %}{{ t(key="apply-profiles-personal-hint", lang=lang | default(value='sk')) }}{% endif %}
</p>
{% if profiles | length > 0 %}
<form method="post" action="/admin/catalog/products/profiles?audience={{ audience }}" class="mt-3 space-y-3"
hx-post="/admin/catalog/products/profiles/preview?audience={{ audience }}&category={{ selected_category }}"
hx-trigger="change"
hx-swap="none"
x-data="{
orig: { {% for p in profiles %}'{{ p.id }}': {% if p.assigned %}true{% else %}false{% endif %}{% if not loop.last %}, {% endif %}{% endfor %} },
sel: { {% for p in profiles %}'{{ p.id }}': {% if p.assigned %}true{% else %}false{% endif %}{% if not loop.last %}, {% endif %}{% endfor %} },
get changed() { return Object.keys(this.orig).some(k => this.orig[k] !== this.sel[k]) }
}"
onsubmit="return confirm('{{ t(key="discount-apply-confirm", lang=lang | default(value='sk')) }}')">
{{ ui::csrf_field() }}
<div class="grid gap-2 sm:grid-cols-2">
{% for profile in profiles %}
<label class="flex items-center gap-2 text-sm text-on-surface dark:text-on-surface-dark">
<input type="checkbox" name="profile_ids" value="{{ profile.id }}" x-model="sel['{{ profile.id }}']" {% if profile.assigned %}checked{% endif %}>
<span>{{ profile.name }} <span class="text-on-surface/60 dark:text-on-surface-dark/60">({{ profile.percent }}%, {% if profile.scope_type == "all_except" %}{{ t(key="scope-all-except", lang=lang | default(value='sk')) }}{% else %}{{ t(key="scope-include", lang=lang | default(value='sk')) }}{% endif %})</span></span>
<span x-cloak x-show="sel['{{ profile.id }}'] && orig['{{ profile.id }}']" class="inline-flex items-center rounded-radius border border-success px-1.5 py-0.5 text-xs font-medium text-success">{{ t(key="profile-applied", lang=lang | default(value='sk')) }}</span>
<span x-cloak x-show="sel['{{ profile.id }}'] && !orig['{{ profile.id }}']" class="inline-flex items-center rounded-radius border border-primary px-1.5 py-0.5 text-xs font-medium text-primary dark:border-primary-dark dark:text-primary-dark">{{ t(key="profile-will-apply", lang=lang | default(value='sk')) }}</span>
<span x-cloak x-show="!sel['{{ profile.id }}'] && orig['{{ profile.id }}']" class="inline-flex items-center rounded-radius border border-warning px-1.5 py-0.5 text-xs font-medium text-warning">{{ t(key="profile-will-remove", lang=lang | default(value='sk')) }}</span>
</label>
{% endfor %}
</div>
<div class="flex items-center gap-3">
{{ ui::button(label=t(key="save", lang=lang | default(value='sk')), type="submit", size="px-4 py-2 text-sm", attrs='x-bind:disabled="!changed"') }}
<span x-cloak x-show="changed" class="text-xs font-medium text-warning">{{ t(key="profiles-unsaved", lang=lang | default(value='sk')) }}</span>
<span x-cloak x-show="!changed" class="text-xs text-on-surface/50 dark:text-on-surface-dark/50">{{ t(key="profiles-no-changes", lang=lang | default(value='sk')) }}</span>
</div>
</form>
{% else %}
<p class="mt-2 text-sm text-on-surface/70 dark:text-on-surface-dark/70">
{{ t(key="admin-no-profiles", lang=lang | default(value='sk')) }}
<a href="/admin/catalog/discount-profiles/new" class="text-primary dark:text-primary-dark">{{ t(key="new-profile", lang=lang | default(value='sk')) }}</a>
</p>
{% endif %}
</section>
</div>
<div class="mt-4 {{ ui::table_wrap_cls() }}">
{% if products | length > 0 %}
<table class="{{ ui::table_cls() }}">
<thead class="{{ ui::thead_cls() }}">
<tr>
{{ ui::th(label=t(key="product", lang=lang | default(value='sk'))) }}
{{ ui::th(label=t(key="price", lang=lang | default(value='sk'))) }}
{{ ui::th(label=t(key="variants-options", lang=lang | default(value='sk'))) }}
{{ ui::th(label=t(key="effective-price", lang=lang | default(value='sk'))) }}
{{ ui::th(label=t(key="stock", lang=lang | default(value='sk'))) }}
{{ ui::th(label=t(key="status", lang=lang | default(value='sk'))) }}
{{ ui::th(label=t(key="actions", lang=lang | default(value='sk')), align="text-right") }}
@@ -41,7 +122,11 @@
</div>
</div>
</td>
<td class="px-4 py-3 tabular-nums">{{ product.price }} {{ product.currency }}</td>
<td class="px-4 py-3 tabular-nums">{% if product.has_options %}{{ t(key="from-price", price=product.regular_price, lang=lang | default(value='sk')) }}{% else %}{{ product.regular_price }}{% endif %} {{ product.currency }}</td>
<td class="px-4 py-3 tabular-nums">{{ product.variant_count }}</td>
<td class="px-4 py-3 tabular-nums">
<span id="eff-{{ product.id }}">{{ ui::eff_price(p=product) }}</span>
</td>
<td class="px-4 py-3 tabular-nums">{{ product.stock }}</td>
<td class="px-4 py-3">
{% if product.published %}
@@ -53,9 +138,18 @@
<td class="px-4 py-3">
<div class="flex flex-wrap justify-end gap-2">
{{ ui::button(variant="outline-secondary", label=t(key="edit", lang=lang | default(value='sk')), href="/admin/catalog/products/" ~ product.id ~ "/edit", size="px-3 py-1.5 text-xs") }}
{{ ui::button(variant="outline-secondary", label=t(key="set-discount", lang=lang | default(value='sk')), href="/admin/catalog/products/" ~ product.id ~ "/discount/edit?audience=" ~ audience, size="px-3 py-1.5 text-xs") }}
{% if product.on_sale %}
<form method="post" action="/admin/catalog/products/{{ product.id }}/discount/remove?audience={{ audience }}"
onsubmit="return confirm('{{ t(key="discount-remove-confirm", lang=lang | default(value='sk')) }}')">
{{ ui::csrf_field() }}
{{ ui::button(variant="outline-danger", label=t(key="remove-discount", lang=lang | default(value='sk')), type="submit", size="px-3 py-1.5 text-xs") }}
</form>
{% endif %}
{{ ui::button(variant="outline-secondary", label=t(key="view", lang=lang | default(value='sk')), href="/shop/" ~ product.slug, size="px-3 py-1.5 text-xs") }}
<form method="post" action="/admin/catalog/products/{{ product.id }}/delete"
onsubmit="return confirm('{{ t(key="confirm-delete", lang=lang | default(value='sk')) }}')">
{{ ui::csrf_field() }}
{{ ui::button(variant="outline-danger", label=t(key="delete", lang=lang | default(value='sk')), type="submit", size="px-3 py-1.5 text-xs") }}
</form>
</div>

45
assets/views/admin/customers/index.html Normal file
View File

@@ -0,0 +1,45 @@
{% extends "admin/base.html" %}
{% import "macros/ui.html" as ui %}
{% block title %}{{ t(key="admin-customers", lang=lang | default(value='sk')) }}{% endblock title %}
{% block crumb %}{{ t(key="admin-customers", lang=lang | default(value='sk')) }}{% endblock crumb %}
{% block content %}
<div class="flex flex-wrap items-end justify-between gap-3">
<div>
<h1 class="text-2xl font-bold text-on-surface-strong dark:text-on-surface-dark-strong">{{ t(key="admin-customers", lang=lang | default(value='sk')) }}</h1>
<p class="text-sm text-on-surface/70 dark:text-on-surface-dark/70">{{ t(key="admin-customers-desc", lang=lang | default(value='sk')) }}</p>
</div>
</div>
<div class="mt-6 {{ ui::table_wrap_cls() }}">
{% if customers | length > 0 %}
<table class="{{ ui::table_cls() }}">
<thead class="{{ ui::thead_cls() }}">
<tr>
{{ ui::th(label=t(key="name", lang=lang | default(value='sk'))) }}
{{ ui::th(label=t(key="email", lang=lang | default(value='sk'))) }}
{{ ui::th(label=t(key="negotiated-prices", lang=lang | default(value='sk'))) }}
{{ ui::th(label=t(key="actions", lang=lang | default(value='sk')), align="text-right") }}
</tr>
</thead>
<tbody class="{{ ui::tbody_cls() }}">
{% for customer in customers %}
<tr class="{{ ui::row_cls() }}">
<td class="px-4 py-3 font-medium text-on-surface-strong dark:text-on-surface-dark-strong">{{ customer.name }}</td>
<td class="px-4 py-3 text-on-surface/70 dark:text-on-surface-dark/70">{{ customer.email }}</td>
<td class="px-4 py-3 tabular-nums">{{ customer.negotiated_count }}</td>
<td class="px-4 py-3 text-right">
{{ ui::button(variant="outline-secondary", label=t(key="manage-prices", lang=lang | default(value='sk')), href="/admin/customers/" ~ customer.id, size="px-3 py-1.5 text-xs") }}
</td>
</tr>
{% endfor %}
</tbody>
</table>
{% else %}
<div class="flex flex-col items-center gap-3 px-4 py-16 text-center">
<p class="text-on-surface/70 dark:text-on-surface-dark/70">{{ t(key="admin-no-customers", lang=lang | default(value='sk')) }}</p>
</div>
{% endif %}
</div>
{% endblock content %}

97
assets/views/admin/customers/price_form.html Normal file
View File

@@ -0,0 +1,97 @@
{% extends "admin/base.html" %}
{% import "macros/ui.html" as ui %}
{% block title %}{{ t(key="set-negotiated-price", lang=lang | default(value='sk')) }}{% endblock title %}
{% block crumb %}{{ t(key="admin-customers", lang=lang | default(value='sk')) }}{% endblock crumb %}
{% block content %}
<div class="flex items-center justify-between gap-3">
<div>
<div class="flex items-center gap-2">
<h1 class="text-2xl font-bold text-on-surface-strong dark:text-on-surface-dark-strong">{{ product.name }}{% if product.variant_label %} <span class="text-on-surface/60 dark:text-on-surface-dark/60">· {{ product.variant_label }}</span>{% endif %}</h1>
{{ ui::badge(label=t(key="negotiated-price", lang=lang | default(value='sk')), variant="info") }}
</div>
<p class="text-sm text-on-surface/70 dark:text-on-surface-dark/70">{{ customer.name }}</p>
</div>
{{ ui::button(variant="outline-secondary", label=t(key="back", lang=lang | default(value='sk')), href="/admin/customers/" ~ customer.id, size="px-3 py-2 text-sm") }}
</div>
{% if error %}
<div class="mt-4 max-w-md">{{ ui::alert_danger(message=t(key=error, lang=lang | default(value='sk'))) }}</div>
{% endif %}
<form method="post" action="/admin/customers/{{ customer.id }}/prices/{{ product.variant_id }}"
x-data="{
price: '{{ negotiated }}',
regular: {{ product.regular_cents }},
num(v) { let n = parseFloat(String(v).replace(',', '.')); return isFinite(n) ? n : null; },
get afterCents() { let f = this.num(this.price); return f === null ? null : Math.round(f * 100); },
money(c) { return (c / 100).toFixed(2); },
get valid() { let a = this.afterCents; return a !== null && a > 0; }
}"
class="mt-6 max-w-md space-y-5 rounded-radius border-2 border-secondary/60 bg-surface p-6 dark:border-secondary-dark/60 dark:bg-surface-dark-alt">
{{ ui::csrf_field() }}
<p class="text-sm text-on-surface/70 dark:text-on-surface-dark/70">{{ t(key="negotiated-price-hint", lang=lang | default(value='sk')) }}</p>
<!-- reference prices -->
<div class="space-y-2 rounded-radius bg-surface-alt px-4 py-3 dark:bg-surface-dark/40">
<div class="flex items-center justify-between gap-3 text-sm">
<span class="text-on-surface/70 dark:text-on-surface-dark/70">{{ t(key="price", lang=lang | default(value='sk')) }}</span>
<span class="tabular-nums text-on-surface-strong dark:text-on-surface-dark-strong">{{ product.regular_price }} {{ product.currency }}</span>
</div>
<div class="flex items-center justify-between gap-3 text-sm">
<span class="text-on-surface/70 dark:text-on-surface-dark/70">{{ t(key="business-price", lang=lang | default(value='sk')) }}</span>
<span class="tabular-nums {% if product.business_reduced %}font-medium text-danger{% else %}text-on-surface-strong dark:text-on-surface-dark-strong{% endif %}">{{ product.business_price }} {{ product.currency }}</span>
</div>
<div class="flex items-center justify-between gap-3 text-sm">
<span class="text-on-surface/70 dark:text-on-surface-dark/70">{{ t(key="effective-price", lang=lang | default(value='sk')) }}</span>
<span class="tabular-nums font-medium {% if product.effective_differs %}text-primary dark:text-primary-dark{% else %}text-on-surface-strong dark:text-on-surface-dark-strong{% endif %}">{{ product.effective_price }} {{ product.currency }}</span>
</div>
</div>
<!-- negotiated price input -->
<div class="space-y-1.5">
<label for="price" class="text-sm font-medium text-on-surface-strong dark:text-on-surface-dark-strong">{{ t(key="negotiated-price", lang=lang | default(value='sk')) }}</label>
{{ ui::input(name="price", id="price", value=negotiated, placeholder="0.00", attrs='inputmode="decimal" x-model="price"') }}
</div>
<!-- live preview -->
<div x-show="afterCents !== null" x-cloak
class="space-y-2 rounded-radius border border-outline bg-surface-alt px-4 py-3 dark:border-outline-dark dark:bg-surface-dark/40">
<div class="flex items-center justify-between gap-3">
<span class="text-sm text-on-surface/70 dark:text-on-surface-dark/70">{{ t(key="negotiated-price", lang=lang | default(value='sk')) }}</span>
<span class="text-lg font-semibold tabular-nums" :class="valid ? 'text-secondary dark:text-secondary-dark' : 'text-on-surface/40 dark:text-on-surface-dark/40'">
<span x-text="money(afterCents)"></span> {{ product.currency }}
</span>
</div>
<p x-show="!valid" class="text-xs text-danger">{{ t(key="discount-must-be-positive", lang=lang | default(value='sk')) }}</p>
</div>
<div class="flex flex-wrap gap-3 pt-2">
{{ ui::button(variant="secondary", label=t(key="save", lang=lang | default(value='sk')), type="submit") }}
{% if has_negotiated %}
{{ ui::button(variant="outline-danger", label=t(key="remove", lang=lang | default(value='sk')), type="submit", attrs=`formaction="/admin/customers/` ~ customer.id ~ `/prices/` ~ product.variant_id ~ `/remove" onclick="return confirm('` ~ t(key="negotiated-remove-confirm", lang=lang | default(value='sk')) ~ `')"`) }}
{% endif %}
</div>
</form>
{% if collision %}
<!-- collision resolution: two assigned profiles cover this product -->
<section class="mt-4 max-w-md rounded-radius border border-warning/60 bg-surface p-6 dark:bg-surface-dark-alt">
<div class="flex items-center gap-2">
<h2 class="text-lg font-semibold text-on-surface-strong dark:text-on-surface-dark-strong">{{ t(key="automated-price", lang=lang | default(value='sk')) }}</h2>
{{ ui::badge(label=t(key="collision", lang=lang | default(value='sk')), variant="warning") }}
</div>
<form method="post" action="/admin/customers/{{ customer.id }}/resolutions/{{ product.variant_id }}" class="mt-3 flex items-center gap-2">
{{ ui::csrf_field() }}
<select name="profile_id" class="rounded-radius border border-outline bg-surface-alt px-2 py-1.5 text-sm dark:border-outline-dark dark:bg-surface-dark-alt/50 dark:text-on-surface-dark">
{% for c in covering %}
<option value="{{ c.id }}" {% if c.id == auto_profile_id %}selected{% endif %}>{{ c.name }}</option>
{% endfor %}
</select>
{{ ui::button(label=t(key="resolve", lang=lang | default(value='sk')), type="submit", size="px-3 py-1.5 text-sm") }}
</form>
</section>
{% endif %}
{% endblock content %}

118
assets/views/admin/customers/show.html Normal file
View File

@@ -0,0 +1,118 @@
{% extends "admin/base.html" %}
{% import "macros/ui.html" as ui %}
{% block title %}{{ customer.name }}{% endblock title %}
{% block crumb %}{{ t(key="admin-customers", lang=lang | default(value='sk')) }}{% endblock crumb %}
{% block content %}
{% set L = lang | default(value='sk') %}
{% set q_enc = query | default(value='') | urlencode %}
<div class="flex items-center justify-between gap-3">
<div>
<h1 class="text-2xl font-bold text-on-surface-strong dark:text-on-surface-dark-strong">{{ customer.name }}</h1>
<p class="text-sm text-on-surface/70 dark:text-on-surface-dark/70">{{ customer.email }}</p>
</div>
{{ ui::button(variant="outline-secondary", label=t(key="back", lang=lang | default(value='sk')), href="/admin/customers", size="px-3 py-2 text-sm") }}
</div>
{% if error %}
<div class="mt-4">{{ ui::alert_danger(message=t(key=error, lang=lang | default(value='sk'))) }}</div>
{% endif %}
<!-- assigned discount profiles -->
<section class="mt-6 rounded-radius border border-outline bg-surface p-6 dark:border-outline-dark dark:bg-surface-dark-alt">
<h2 class="text-lg font-semibold text-on-surface-strong dark:text-on-surface-dark-strong">{{ t(key="discount-profiles", lang=lang | default(value='sk')) }}</h2>
{% if profiles | length > 0 %}
<form method="post" action="/admin/customers/{{ customer.id }}/profiles" class="mt-3 space-y-3">
{{ ui::csrf_field() }}
<div class="grid gap-2 sm:grid-cols-2">
{% for profile in profiles %}
<label class="flex items-center gap-2 text-sm text-on-surface dark:text-on-surface-dark">
<input type="checkbox" name="profile_ids" value="{{ profile.id }}" {% if profile.assigned %}checked{% endif %}>
<span>{{ profile.name }} <span class="text-on-surface/60 dark:text-on-surface-dark/60">({{ profile.percent }}%, {% if profile.scope_type == "all_except" %}{{ t(key="scope-all-except", lang=lang | default(value='sk')) }}{% else %}{{ t(key="scope-include", lang=lang | default(value='sk')) }}{% endif %})</span></span>
</label>
{% endfor %}
</div>
{{ ui::button(label=t(key="save", lang=lang | default(value='sk')), type="submit", size="px-4 py-2 text-sm") }}
</form>
{% else %}
<p class="mt-2 text-sm text-on-surface/70 dark:text-on-surface-dark/70">
{{ t(key="admin-no-profiles", lang=lang | default(value='sk')) }}
<a href="/admin/catalog/discount-profiles/new" class="text-primary dark:text-primary-dark">{{ t(key="new-profile", lang=lang | default(value='sk')) }}</a>
</p>
{% endif %}
</section>
<div class="mt-6 flex flex-wrap items-center justify-between gap-3">
<p class="text-sm text-on-surface/70 dark:text-on-surface-dark/70">{{ t(key="negotiated-prices-hint", lang=L) }}</p>
<!-- product search (drafts included); keeps the active category -->
<form method="get" action="/admin/customers/{{ customer.id }}" role="search" class="relative w-full max-w-xs">
<input type="hidden" name="category" value="{{ selected_category }}">
<span class="pointer-events-none absolute inset-y-0 left-0 flex items-center pl-3 text-on-surface/50 dark:text-on-surface-dark/50">
{{ ui::icon(name="search", size="size-5") }}
</span>
<input type="search" name="q" value="{{ query | default(value='') }}" autocomplete="off"
placeholder="{{ t(key='search-placeholder', lang=L) }}" aria-label="{{ t(key='search-placeholder', lang=L) }}"
class="w-full rounded-radius border border-outline bg-surface py-2 pl-10 pr-3 text-sm text-on-surface placeholder:text-on-surface/50 focus-visible:outline-2 focus-visible:outline-offset-2 focus-visible:outline-primary dark:border-outline-dark dark:bg-surface-dark-alt dark:text-on-surface-dark dark:placeholder:text-on-surface-dark/50 dark:focus-visible:outline-primary-dark">
</form>
</div>
{% set category_base = "/admin/customers/" ~ customer.id %}
{% set category_suffix = "&q=" ~ q_enc %}
<div class="mt-3 flex flex-col gap-6 md:flex-row md:items-start">
{% include "admin/partials/category_filter.html" %}
<div class="min-w-0 flex-1 {{ ui::table_wrap_cls() }}">
{% if products | length > 0 %}
<table class="{{ ui::table_cls() }}">
<thead class="{{ ui::thead_cls() }}">
<tr>
{{ ui::th(label=t(key="product", lang=lang | default(value='sk'))) }}
{{ ui::th(label=t(key="business-price", lang=lang | default(value='sk'))) }}
{{ ui::th(label=t(key="effective-price", lang=lang | default(value='sk'))) }}
{{ ui::th(label=t(key="actions", lang=lang | default(value='sk')), align="text-right") }}
</tr>
</thead>
<tbody class="{{ ui::tbody_cls() }}">
{% for product in products %}
<tr class="{{ ui::row_cls() }}">
<td class="px-4 py-3 font-medium text-on-surface-strong dark:text-on-surface-dark-strong">
{{ product.name }}
{% if product.variant_label %}<span class="block text-xs font-normal text-on-surface/60 dark:text-on-surface-dark/60">{{ product.variant_label }}</span>{% endif %}
</td>
<td class="px-4 py-3 tabular-nums">
{% if product.business_reduced %}
<span class="font-medium text-danger">{{ product.business_price }} {{ product.currency }}</span>
<span class="ml-1 text-xs text-on-surface/50 line-through dark:text-on-surface-dark/50">{{ product.regular_price }}</span>
{% else %}
{{ product.business_price }} {{ product.currency }}
{% endif %}
</td>
<td class="px-4 py-3 tabular-nums">
<span class="font-medium {% if product.effective_differs %}text-primary dark:text-primary-dark{% else %}text-on-surface-strong dark:text-on-surface-dark-strong{% endif %}">{{ product.effective_price }} {{ product.currency }}</span>
{% if product.collision %}<span class="ml-1">{{ ui::badge(label=t(key="collision", lang=lang | default(value='sk')), variant="warning") }}</span>{% endif %}
</td>
<td class="px-4 py-3">
<div class="flex flex-wrap justify-end gap-2">
{{ ui::button(variant="outline-secondary", label=t(key="set-negotiated-price", lang=lang | default(value='sk')), href="/admin/customers/" ~ customer.id ~ "/prices/" ~ product.variant_id ~ "/edit", size="px-3 py-1.5 text-xs") }}
{% if product.has_negotiated %}
<form method="post" action="/admin/customers/{{ customer.id }}/prices/{{ product.variant_id }}/remove"
onsubmit="return confirm('{{ t(key="negotiated-remove-confirm", lang=lang | default(value='sk')) }}')">
{{ ui::csrf_field() }}
{{ ui::button(variant="outline-danger", label=t(key="remove", lang=lang | default(value='sk')), type="submit", size="px-3 py-1.5 text-xs") }}
</form>
{% endif %}
</div>
</td>
</tr>
{% endfor %}
</tbody>
</table>
{% else %}
<div class="flex flex-col items-center gap-3 px-4 py-16 text-center">
<p class="text-on-surface/70 dark:text-on-surface-dark/70">{{ t(key="admin-no-products", lang=lang | default(value='sk')) }}</p>
</div>
{% endif %}
</div>
</div>
{% endblock content %}

19
assets/views/admin/orders/index.html
View File

@@ -5,7 +5,24 @@
{% block crumb %}{{ t(key="admin-orders", lang=lang | default(value='sk')) }}{% endblock crumb %}
{% block content %}
<h1 class="text-2xl font-bold text-on-surface-strong dark:text-on-surface-dark-strong">{{ t(key="admin-orders", lang=lang | default(value='sk')) }}</h1>
{% set L = lang | default(value='sk') %}
<div class="flex flex-wrap items-center justify-between gap-3">
<h1 class="text-2xl font-bold text-on-surface-strong dark:text-on-surface-dark-strong">{{ t(key="admin-orders", lang=L) }}</h1>
<!-- order search: order number, customer, email, company, phone, tracking -->
<form method="get" action="/admin/orders" role="search" class="relative w-full max-w-xs">
<span class="pointer-events-none absolute inset-y-0 left-0 flex items-center pl-3 text-on-surface/50 dark:text-on-surface-dark/50">
{{ ui::icon(name="search", size="size-5") }}
</span>
<input type="search" name="q" value="{{ query | default(value='') }}" autocomplete="off"
placeholder="{{ t(key='order-search-placeholder', lang=L) }}" aria-label="{{ t(key='order-search-placeholder', lang=L) }}"
class="w-full rounded-radius border border-outline bg-surface py-2 pl-10 pr-3 text-sm text-on-surface placeholder:text-on-surface/50 focus-visible:outline-2 focus-visible:outline-offset-2 focus-visible:outline-primary dark:border-outline-dark dark:bg-surface-dark-alt dark:text-on-surface-dark dark:placeholder:text-on-surface-dark/50 dark:focus-visible:outline-primary-dark">
</form>
</div>
{% if query and query != "" %}
<p class="mt-2 text-sm text-on-surface/70 dark:text-on-surface-dark/70">{{ t(key="results-count", lang=L, count=total) }} · “{{ query }}”</p>
{% endif %}
<div class="mt-6 {{ ui::table_wrap_cls() }}">
{% if orders | length > 0 %}

4
assets/views/admin/orders/show.html
View File

@@ -36,7 +36,7 @@
<tbody class="{{ ui::tbody_cls() }}">
{% for item in items %}
<tr>
<td class="px-4 py-3">{{ item.product_name }}</td>
<td class="px-4 py-3">{{ item.product_name }}{% if item.variant_label %} <span class="text-on-surface/60 dark:text-on-surface-dark/60">· {{ item.variant_label }}</span>{% endif %}</td>
<td class="px-4 py-3 tabular-nums">{{ item.quantity }}</td>
<td class="px-4 py-3 text-right tabular-nums">{{ item.line_total }} {{ order.currency }}</td>
</tr>
@@ -110,6 +110,7 @@
<p class="text-on-surface/70 dark:text-on-surface-dark/70">{{ t(key="order-send-hint", lang=lang | default(value='sk')) }}</p>
<form method="post" action="/admin/orders/{{ order.id }}/ship"
onsubmit="return confirm('{{ t(key="order-send-confirm", lang=lang | default(value='sk')) }}')">
{{ ui::csrf_field() }}
{% set carrier_up = carrier | upper %}
{% set ship_label = t(key="order-send-to-carrier", lang=lang | default(value='sk')) ~ " " ~ carrier_up %}
{{ ui::button(label=ship_label, type="submit", extra="w-full") }}
@@ -118,6 +119,7 @@
</div>
<form method="post" action="/admin/orders/{{ order.id }}/status" class="space-y-3 rounded-radius border border-outline bg-surface p-5 dark:border-outline-dark dark:bg-surface-dark-alt">
{{ ui::csrf_field() }}
<label for="status" class="text-sm font-medium text-on-surface-strong dark:text-on-surface-dark-strong">{{ t(key="order-status", lang=lang | default(value='sk')) }}</label>
<div class="relative">
<select id="status" name="status"

75
assets/views/admin/partials/category_filter.html Normal file
View File

@@ -0,0 +1,75 @@
{# Category-filter sidebar for admin product listings. Clicking a category
reloads the page with `?category=<id>` so the table server-side filters to
that category and its descendants. Expects in context:
- category_groups: [{ id, name, count, children: [{ id, name, count }] }]
(from views::shop::admin_category_groups)
- selected_category: "all" | "none" | "<id>" — the active filter
- total_count, uncategorized_count: ints
- category_base: page path, e.g. "/admin/catalog/products"
- category_suffix: extra query appended after the category param, e.g.
"&audience=business", or "" — set by the including template.
The link treatment mirrors shop/_sidebar.html (Penguin UI), but active state
is server-driven via aria-current (these links share a path, differing only
by query, so markActiveNav() can't pick the active one — hence no data-nav).
Numeric compare uses `| int(default=0)` because Tera string==number is false. #}
{% set sel = selected_category | int(default=0) %}
{% set link_cls = "flex flex-1 items-center gap-2 truncate rounded-radius px-2 py-1.5 text-sm font-medium text-on-surface underline-offset-2 transition hover:bg-primary/5 hover:text-on-surface-strong focus:outline-hidden focus-visible:underline aria-[current=page]:bg-primary/10 aria-[current=page]:text-on-surface-strong dark:text-on-surface-dark dark:hover:bg-primary-dark/5 dark:hover:text-on-surface-dark-strong dark:aria-[current=page]:bg-primary-dark/10 dark:aria-[current=page]:text-on-surface-dark-strong" %}
<aside class="w-full shrink-0 md:w-56">
<p class="px-2 pb-2 text-xs font-semibold uppercase tracking-wide text-on-surface/60 dark:text-on-surface-dark/60">
{{ t(key="categories", lang=lang | default(value='sk')) }}
</p>
<div class="flex flex-col gap-1">
<a href="{{ category_base }}?category=all{{ category_suffix }}"
{% if selected_category == "all" %}aria-current="page"{% endif %} class="{{ link_cls }}">
<span class="flex-1 truncate">{{ t(key="all-products", lang=lang | default(value='sk')) }}</span>
<span class="text-xs text-on-surface/50 dark:text-on-surface-dark/50">{{ total_count }}</span>
</a>
{% for group in category_groups %}
{% set open_group = sel == group.id %}
{% for child in group.children %}{% if sel == child.id %}{% set_global open_group = true %}{% endif %}{% endfor %}
{% if group.children | length > 0 %}
<div x-data="{ open: {% if open_group %}true{% else %}false{% endif %} }" class="flex flex-col">
<div class="flex items-stretch">
<a href="{{ category_base }}?category={{ group.id }}{{ category_suffix }}"
{% if sel == group.id %}aria-current="page"{% endif %} class="{{ link_cls }} rounded-l-radius">
<span class="flex-1 truncate">{{ group.name }}</span>
<span class="text-xs text-on-surface/50 dark:text-on-surface-dark/50">{{ group.count }}</span>
</a>
<button type="button" x-on:click="open = ! open" x-bind:aria-expanded="open ? 'true' : 'false'"
aria-label="{{ group.name }}"
class="inline-flex w-8 shrink-0 items-center justify-center rounded-r-radius text-on-surface/60 transition hover:bg-primary/5 hover:text-on-surface-strong focus:outline-hidden focus-visible:underline dark:text-on-surface-dark/60 dark:hover:bg-primary-dark/5 dark:hover:text-on-surface-dark-strong">
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 20 20" fill="currentColor"
class="size-5 shrink-0 transition-transform rotate-0" x-bind:class="open ? 'rotate-180' : 'rotate-0'" aria-hidden="true">
<path fill-rule="evenodd" d="M5.22 8.22a.75.75 0 0 1 1.06 0L10 11.94l3.72-3.72a.75.75 0 1 1 1.06 1.06l-4.25 4.25a.75.75 0 0 1-1.06 0L5.22 9.28a.75.75 0 0 1 0-1.06Z" clip-rule="evenodd" />
</svg>
</button>
</div>
<ul x-show="open" x-cloak x-transition class="ml-3 mt-0.5 flex flex-col gap-0.5 border-l border-outline pl-1 dark:border-outline-dark">
{% for child in group.children %}
<li class="flex">
<a href="{{ category_base }}?category={{ child.id }}{{ category_suffix }}"
{% if sel == child.id %}aria-current="page"{% endif %}
class="flex flex-1 items-center gap-2 truncate rounded-radius px-2 py-1.5 text-sm text-on-surface underline-offset-2 transition hover:bg-primary/5 hover:text-on-surface-strong focus:outline-hidden focus-visible:underline aria-[current=page]:bg-primary/10 aria-[current=page]:text-on-surface-strong dark:text-on-surface-dark dark:hover:bg-primary-dark/5 dark:hover:text-on-surface-dark-strong dark:aria-[current=page]:bg-primary-dark/10 dark:aria-[current=page]:text-on-surface-dark-strong">
<span class="flex-1 truncate">{{ child.name }}</span>
<span class="text-xs text-on-surface/50 dark:text-on-surface-dark/50">{{ child.count }}</span>
</a>
</li>
{% endfor %}
</ul>
</div>
{% else %}
<a href="{{ category_base }}?category={{ group.id }}{{ category_suffix }}"
{% if sel == group.id %}aria-current="page"{% endif %} class="{{ link_cls }}">
<span class="flex-1 truncate">{{ group.name }}</span>
<span class="text-xs text-on-surface/50 dark:text-on-surface-dark/50">{{ group.count }}</span>
</a>
{% endif %}
{% endfor %}
<a href="{{ category_base }}?category=none{{ category_suffix }}"
{% if selected_category == "none" %}aria-current="page"{% endif %} class="{{ link_cls }}">
<span class="flex-1 truncate">{{ t(key="uncategorized", lang=lang | default(value='sk')) }}</span>
<span class="text-xs text-on-surface/50 dark:text-on-surface-dark/50">{{ uncategorized_count }}</span>
</a>
</div>
</aside>

1
assets/views/admin/shipping/index.html
View File

@@ -14,6 +14,7 @@
{% for method in methods %}
<form method="post" action="/admin/shipping/{{ method.id }}"
class="flex flex-wrap items-end gap-4 rounded-radius border border-outline bg-surface p-5 dark:border-outline-dark dark:bg-surface-dark-alt">
{{ ui::csrf_field() }}
<div class="min-w-40">
<p class="font-semibold text-on-surface-strong dark:text-on-surface-dark-strong">{{ method.name }}</p>
<p class="text-xs text-on-surface/60 dark:text-on-surface-dark/60">{{ method.carrier | upper }}{% if method.requires_pickup_point %} · {{ t(key="checkout-pickup-point", lang=lang | default(value='sk')) }}{% endif %}</p>

1
assets/views/auth/login.html
View File

@@ -30,6 +30,7 @@
{% endif %}
<form method="post" action="/login" hx-boost="false" class="mt-4 flex flex-col gap-4">
{{ ui::csrf_field() }}
<div class="flex flex-col gap-1">
<label for="email"
class="text-sm font-medium text-on-surface-strong dark:text-on-surface-dark-strong">

48
assets/views/auth/login_totp.html Normal file
View File

@@ -0,0 +1,48 @@
{% extends "base.html" %}
{% import "macros/ui.html" as ui %}
{% block title %}{{ t(key="login-totp-title", lang=lang | default(value='sk')) }}{% endblock title %}
{% block content %}
<div class="mx-auto mt-8 max-w-sm">
<div
class="rounded-radius border border-outline bg-surface-alt shadow-sm dark:border-outline-dark dark:bg-surface-dark-alt">
<div
class="flex items-center justify-between border-b border-outline px-5 py-3 dark:border-outline-dark">
<span class="text-sm font-medium text-on-surface-strong dark:text-on-surface-dark-strong">
{{ t(key="brand", lang=lang | default(value='sk')) }}
</span>
{{ ui::badge(label=t(key="auth", lang=lang | default(value='sk')), variant="primary") }}
</div>
<div class="p-5">
<h1 class="text-xl font-bold text-on-surface-strong dark:text-on-surface-dark-strong">
{{ t(key="login-totp-title", lang=lang | default(value='sk')) }}
</h1>
<p class="mt-2 text-sm text-on-surface dark:text-on-surface-dark">
{{ t(key="login-totp-intro", lang=lang | default(value='sk')) }}
</p>
{% if error %}
{{ ui::alert_danger(message=t(key="login-totp-error", lang=lang | default(value='sk')), extra="mt-3") }}
{% endif %}
<form method="post" action="/login/totp" hx-boost="false" class="mt-4 flex flex-col gap-4">
{{ ui::csrf_field() }}
<div class="flex flex-col gap-1">
<label for="code"
class="text-sm font-medium text-on-surface-strong dark:text-on-surface-dark-strong">
{{ t(key="login-totp-code", lang=lang | default(value='sk')) }}
</label>
{{ ui::input(name="code", id="code", type="text", required=true, autocomplete="one-time-code", attrs='inputmode="numeric" autofocus') }}
</div>
{{ ui::button(label=t(key="login-totp-submit", lang=lang | default(value='sk')), type="submit", extra="mt-1 w-full") }}
</form>
<p class="mt-4 text-xs text-on-surface dark:text-on-surface-dark">
{{ t(key="login-totp-backup-hint", lang=lang | default(value='sk')) }}
</p>
</div>
</div>
</div>
{% endblock content %}

1
assets/views/auth/register.html
View File

@@ -32,6 +32,7 @@
<form method="post" action="/register" hx-boost="false" class="mt-4 flex flex-col gap-4"
x-data="{ password: '', confirm: '' }">
{{ ui::csrf_field() }}
<div class="flex flex-col gap-1.5">
<span class="text-sm font-medium text-on-surface-strong dark:text-on-surface-dark-strong">{{ t(key="account-type", lang=lang | default(value='sk')) }}</span>
<div class="grid grid-cols-2 gap-2">

1
assets/views/auth/resend_verification.html
View File

@@ -24,6 +24,7 @@
{% else %}
<p class="mt-1 text-sm text-on-surface/70 dark:text-on-surface-dark/70">{{ t(key="resend-verification-intro", lang=lang | default(value='sk')) }}</p>
<form method="post" action="/resend-verification" hx-boost="false" class="mt-4 flex flex-col gap-4">
{{ ui::csrf_field() }}
<div class="flex flex-col gap-1">
<label for="email" class="text-sm font-medium text-on-surface-strong dark:text-on-surface-dark-strong">{{ t(key="login-email", lang=lang | default(value='sk')) }}</label>
{{ ui::input(name="email", id="email", type="email", required=true, autocomplete="email", attrs="autofocus") }}

1
assets/views/auth/set_password.html
View File

@@ -29,6 +29,7 @@
{% endif %}
<form method="post" action="/set-password" hx-boost="false" class="mt-4 flex flex-col gap-4">
{{ ui::csrf_field() }}
<input type="hidden" name="token" value="{{ token }}">
<div class="flex flex-col gap-1">
<label for="password" class="text-sm font-medium text-on-surface-strong dark:text-on-surface-dark-strong">{{ t(key="set-password-new", lang=lang | default(value='sk')) }}</label>

58
assets/views/base.html
View File

@@ -48,6 +48,12 @@
if (!v) return 0;
return v.split(',').reduce(function (s, e) { return s + (parseInt(e.split(':')[1]) || 0) }, 0);
}
// True while any other navbar menu (profile / settings / mobile / category
// toggle) is open — those triggers expose aria-expanded="true". Used to
// suppress the cart hover preview so menus don't stack/overlap.
function anyMenuOpen() {
return !!document.querySelector('header [aria-expanded="true"]');
}
// Show a floating toast notification. Usage: toast('Saved').
// Bridges to the vendored Penguin UI toast component, which listens for a
// `notify` event with { variant, title, message }.
@@ -57,9 +63,13 @@
</script>
<link href="/static/css/app.css?v=2026-06-16" rel="stylesheet" type="text/css">
<script src="/static/vendor/htmx/htmx-1.9.12.min.js"></script>
<!-- Alpine Focus plugin (x-trap / $focus) — must load before Alpine core;
required by the Penguin UI keyboard-accessible dropdowns. -->
<script defer src="/static/vendor/alpine/alpine-focus-3.14.9.min.js"></script>
<script defer src="/static/vendor/alpine/alpinejs-3.14.9.min.js"></script>
</head>
<body hx-boost="true"
hx-headers='{"X-CSRF-Token": "{{ csrf_token() }}"}'
x-data="{ cats: false, lg: window.matchMedia('(min-width: 1024px)').matches }"
x-init="window.matchMedia('(min-width: 1024px)').addEventListener('change', e => lg = e.matches)"
class="min-h-screen bg-surface text-on-surface antialiased dark:bg-surface-dark dark:text-on-surface-dark">
@@ -82,16 +92,12 @@
<li>{{ ui::nav_link(label=t(key="admin-title", lang=lang | default(value='sk')), href="/admin/dashboard", data_nav="/admin", variant="warning", attrs='hx-boost="false"') }}</li>
<li>
<form method="post" action="/logout" hx-boost="false">
{{ ui::csrf_field() }}
<button type="submit" class="text-sm font-medium text-danger underline-offset-2 transition hover:opacity-75 focus:outline-hidden focus-visible:underline">{{ t(key="logout", lang=lang | default(value='sk')) }}</button>
</form>
</li>
{% elif logged_in_customer %}
<li>{{ ui::nav_link(label=t(key="nav-profile", lang=lang | default(value='sk')), href="/account/profile", data_nav="/account") }}</li>
<li>
<form method="post" action="/logout" hx-boost="false">
<button type="submit" class="text-sm font-medium text-danger underline-offset-2 transition hover:opacity-75 focus:outline-hidden focus-visible:underline">{{ t(key="logout", lang=lang | default(value='sk')) }}</button>
</form>
</li>
{# customer account links live in the profile dropdown next to the cart #}
{% else %}
<li>{{ ui::nav_link(label=t(key="nav-login", lang=lang | default(value='sk')), href="/login", data_nav="/login") }}</li>
<li>{{ ui::nav_link(label=t(key="nav-register", lang=lang | default(value='sk')), href="/register", data_nav="/register") }}</li>
@@ -99,11 +105,26 @@
</ul>
<!-- right side: cart + settings + mobile toggle -->
<div class="ml-auto flex items-center gap-1">
<!-- cart with live item-count badge read from the `cart` cookie -->
<a href="/cart" data-nav="/cart"
<div class="ml-auto flex items-center gap-3">
<!-- customer profile dropdown (avatar + name + account type) -->
{% if logged_in_customer %}
{% include "partials/profile_menu.html" %}
{% endif %}
<!-- cart: hover opens an Alza-style mini-cart preview (Penguin
dropdown-with-hover), lazy-loaded from /partials/cart on each hover
so it's always fresh. Click still does a full navigation to /cart
(hx-boost=false; the explicit hx-trigger is mouseenter, so click is
not an htmx trigger). The badge reads the `cart` cookie client-side. -->
<div x-data="{ isOpen: false, leaveTimeout: null }"
x-on:mouseleave="leaveTimeout = setTimeout(() => isOpen = false, 250)"
x-on:mouseenter="leaveTimeout && clearTimeout(leaveTimeout)"
x-on:keydown.esc.window="isOpen = false"
class="relative">
<a href="/cart" data-nav="/cart" hx-boost="false"
x-on:mouseenter="if (!anyMenuOpen()) isOpen = true"
x-data="{ count: 0 }"
x-init="count = cartCount(); ['htmx:afterSwap', 'htmx:afterRequest'].forEach(function (e) { window.addEventListener(e, function () { count = cartCount() }) })"
hx-get="/partials/cart" hx-trigger="mouseenter delay:150ms" hx-target="#cart-preview-body" hx-swap="innerHTML"
aria-label="{{ t(key='cart-title', lang=lang | default(value='sk')) }}"
title="{{ t(key='cart-title', lang=lang | default(value='sk')) }}"
class="relative inline-flex size-9 shrink-0 items-center justify-center rounded-radius bg-transparent text-secondary transition hover:opacity-75 focus-visible:outline-2 focus-visible:outline-offset-2 focus-visible:outline-secondary active:opacity-100 active:outline-offset-0 dark:text-secondary-dark dark:focus-visible:outline-secondary-dark">
@@ -111,10 +132,19 @@
<span x-show="count > 0" x-cloak x-text="count"
class="absolute -right-1 -top-1 inline-flex min-w-4 items-center justify-center rounded-full bg-primary px-1 text-[10px] font-semibold leading-4 text-on-primary dark:bg-primary-dark dark:text-on-primary-dark"></span>
</a>
<!-- settings (language + theme) dropdown -->
<div x-data="{ open: false }" @keydown.escape="open = false" class="relative">
{% include "partials/settings_dropdown.html" %}
<!-- hover preview panel (no id on the panel → not htmx-settled on boosted nav) -->
<div x-cloak x-show="isOpen" x-transition
x-on:mouseenter="isOpen = true"
class="absolute right-0 mt-2 w-80 overflow-hidden rounded-radius border border-outline bg-surface-alt shadow-lg dark:border-outline-dark dark:bg-surface-dark-alt"
role="dialog" aria-label="{{ t(key='cart-title', lang=lang | default(value='sk')) }}">
<div id="cart-preview-body">
<div class="px-4 py-10 text-center text-sm text-on-surface dark:text-on-surface-dark"></div>
</div>
</div>
</div>
<!-- settings (language + theme) dropdown (self-contained Alpine state) -->
{% include "partials/settings_dropdown.html" %}
<!-- mobile hamburger — Penguin animated icon swap (bars ↔ X), kept in
our ghost-square icon-button shell for consistency with cart/gear -->
@@ -135,6 +165,7 @@
<li><a href="/admin/dashboard" hx-boost="false" data-nav="/admin" class="block rounded-radius px-3 py-2 text-sm font-medium text-warning underline-offset-2 transition hover:bg-primary/5 focus:outline-hidden focus-visible:underline">{{ t(key="admin-title", lang=lang | default(value='sk')) }}</a></li>
<li>
<form method="post" action="/logout" hx-boost="false">
{{ ui::csrf_field() }}
<button type="submit" class="block w-full rounded-radius px-3 py-2 text-left text-sm font-medium text-danger underline-offset-2 transition hover:bg-primary/5 focus:outline-hidden focus-visible:underline">{{ t(key="logout", lang=lang | default(value='sk')) }}</button>
</form>
</li>
@@ -142,6 +173,7 @@
<li><a href="/account/profile" data-nav="/account" class="block rounded-radius px-3 py-2 text-sm font-medium text-on-surface underline-offset-2 transition hover:bg-primary/5 hover:text-primary focus:outline-hidden focus-visible:underline aria-[current=page]:font-semibold aria-[current=page]:bg-primary/10 aria-[current=page]:text-primary dark:text-on-surface-dark dark:hover:text-primary-dark dark:aria-[current=page]:text-primary-dark">{{ t(key="nav-profile", lang=lang | default(value='sk')) }}</a></li>
<li>
<form method="post" action="/logout" hx-boost="false">
{{ ui::csrf_field() }}
<button type="submit" class="block w-full rounded-radius px-3 py-2 text-left text-sm font-medium text-danger underline-offset-2 transition hover:bg-primary/5 focus:outline-hidden focus-visible:underline">{{ t(key="logout", lang=lang | default(value='sk')) }}</button>
</form>
</li>
@@ -168,8 +200,10 @@
<li><a href="/account/orders" data-nav="/account/orders" class="block rounded-radius px-3 py-2 text-sm font-medium text-on-surface underline-offset-2 transition hover:bg-primary/5 hover:text-primary focus:outline-hidden focus-visible:underline aria-[current=page]:font-semibold aria-[current=page]:bg-primary/10 aria-[current=page]:text-primary dark:text-on-surface-dark dark:hover:text-primary-dark dark:aria-[current=page]:text-primary-dark">{{ t(key="account-orders", lang=lang | default(value='sk')) }}</a></li>
<li><a href="/account/profile" data-nav="/account/profile" class="block rounded-radius px-3 py-2 text-sm font-medium text-on-surface underline-offset-2 transition hover:bg-primary/5 hover:text-primary focus:outline-hidden focus-visible:underline aria-[current=page]:font-semibold aria-[current=page]:bg-primary/10 aria-[current=page]:text-primary dark:text-on-surface-dark dark:hover:text-primary-dark dark:aria-[current=page]:text-primary-dark">{{ t(key="profile-title", lang=lang | default(value='sk')) }}</a></li>
<li><a href="/account/password" data-nav="/account/password" class="block rounded-radius px-3 py-2 text-sm font-medium text-on-surface underline-offset-2 transition hover:bg-primary/5 hover:text-primary focus:outline-hidden focus-visible:underline aria-[current=page]:font-semibold aria-[current=page]:bg-primary/10 aria-[current=page]:text-primary dark:text-on-surface-dark dark:hover:text-primary-dark dark:aria-[current=page]:text-primary-dark">{{ t(key="account-change-password", lang=lang | default(value='sk')) }}</a></li>
<li><a href="/account/security" data-nav="/account/security" class="block rounded-radius px-3 py-2 text-sm font-medium text-on-surface underline-offset-2 transition hover:bg-primary/5 hover:text-primary focus:outline-hidden focus-visible:underline aria-[current=page]:font-semibold aria-[current=page]:bg-primary/10 aria-[current=page]:text-primary dark:text-on-surface-dark dark:hover:text-primary-dark dark:aria-[current=page]:text-primary-dark">{{ t(key="security-title", lang=lang | default(value='sk')) }}</a></li>
</ul>
<form method="post" action="/logout" hx-boost="false" class="mt-4 border-t border-outline pt-3 dark:border-outline-dark">
{{ ui::csrf_field() }}
<button type="submit" class="block w-full rounded-radius px-3 py-2 text-left text-sm font-medium text-danger underline-offset-2 transition hover:bg-primary/5 focus:outline-hidden focus-visible:underline">{{ t(key="logout", lang=lang | default(value='sk')) }}</button>
</form>
</aside>

2
assets/views/home/index.html
View File

@@ -19,7 +19,7 @@
<h2 class="text-2xl font-bold text-on-surface-strong dark:text-on-surface-dark-strong">{{ t(key="shop-title", lang=lang | default(value='sk')) }}</h2>
<a href="/shop" class="text-sm font-medium text-primary dark:text-primary-dark">{{ t(key="cart-continue", lang=lang | default(value='sk')) }} →</a>
</div>
<div class="grid grid-cols-2 gap-5 sm:grid-cols-3 lg:grid-cols-4">
<div x-data="{ view: 'grid' }" class="grid grid-cols-2 gap-5 sm:grid-cols-3 lg:grid-cols-4">
{% for product in products %}
{% include "shop/_card.html" %}
{% endfor %}

56
assets/views/macros/ui.html
View File

@@ -29,6 +29,13 @@
outline : outline-primary | outline-secondary | outline-alternate | outline-danger
ghost : ghost-primary | ghost-secondary | ghost-danger #}
{# CSRF hidden field for native (non-htmx) <form method="post"> submits. htmx
requests instead inherit the X-CSRF-Token header from <body hx-headers>.
`csrf_token()` is a global Tera function bound per-request by shared::csrf. #}
{% macro csrf_field() -%}
<input type="hidden" name="_csrf" value="{{ csrf_token() }}">
{%- endmacro %}
{% macro button(label, variant="primary", type="button", href="", attrs="", extra="", icon="", size="px-4 py-2 text-sm") -%}
{%- if variant == "secondary" -%}{% set cls = "border border-secondary bg-secondary text-on-secondary focus-visible:outline-secondary dark:border-secondary-dark dark:bg-secondary-dark dark:text-on-secondary-dark dark:focus-visible:outline-secondary-dark" -%}
{%- elif variant == "danger" -%}{% set cls = "border border-danger bg-danger text-on-danger focus-visible:outline-danger dark:bg-danger dark:border-danger dark:text-on-danger dark:focus-visible:outline-danger" -%}
@@ -74,6 +81,10 @@
<svg xmlns="http://www.w3.org/2000/svg" fill="none" viewBox="0 0 24 24" stroke-width="1.5" stroke="currentColor" class="{{ size }}{% if extra %} {{ extra }}{% endif %}" aria-hidden="true" {{ attrs | safe }}><path stroke-linecap="round" stroke-linejoin="round" d="M2.25 3h1.386c.51 0 .955.343 1.087.835l.383 1.437M7.5 14.25a3 3 0 0 0-3 3h15.75m-12.75-3h11.218c1.121-2.3 2.1-4.684 2.924-7.138a60.114 60.114 0 0 0-16.536-1.84M7.5 14.25 5.106 5.272M6 20.25a.75.75 0 1 1-1.5 0 .75.75 0 0 1 1.5 0Zm12.75 0a.75.75 0 1 1-1.5 0 .75.75 0 0 1 1.5 0Z" /></svg>
{%- elif name == "close" -%}
<svg xmlns="http://www.w3.org/2000/svg" fill="none" viewBox="0 0 24 24" stroke-width="1.5" stroke="currentColor" class="{{ size }}{% if extra %} {{ extra }}{% endif %}" aria-hidden="true" {{ attrs | safe }}><path stroke-linecap="round" stroke-linejoin="round" d="M6 18 18 6M6 6l12 12" /></svg>
{%- elif name == "chevron-double-left" -%}
<svg xmlns="http://www.w3.org/2000/svg" fill="none" viewBox="0 0 24 24" stroke-width="1.5" stroke="currentColor" class="{{ size }}{% if extra %} {{ extra }}{% endif %}" aria-hidden="true" {{ attrs | safe }}><path stroke-linecap="round" stroke-linejoin="round" d="m18.75 4.5-7.5 7.5 7.5 7.5m-6-15L5.25 12l7.5 7.5" /></svg>
{%- elif name == "search" -%}
<svg xmlns="http://www.w3.org/2000/svg" fill="none" viewBox="0 0 24 24" stroke-width="1.5" stroke="currentColor" class="{{ size }}{% if extra %} {{ extra }}{% endif %}" aria-hidden="true" {{ attrs | safe }}><path stroke-linecap="round" stroke-linejoin="round" d="m21 21-5.197-5.197m0 0A7.5 7.5 0 1 0 5.196 5.196a7.5 7.5 0 0 0 10.607 10.607Z" /></svg>
{%- else -%}
<svg xmlns="http://www.w3.org/2000/svg" fill="none" viewBox="0 0 24 24" stroke-width="1.5" stroke="currentColor" class="{{ size }}{% if extra %} {{ extra }}{% endif %}" aria-hidden="true" {{ attrs | safe }}><path stroke-linecap="round" stroke-linejoin="round" d="M3.75 6.75h16.5M3.75 12h16.5m-16.5 5.25h16.5" /></svg>
{%- endif -%}
@@ -113,6 +124,21 @@
{%- endif %}
{%- endmacro badge %}
{# Effective-price cell content for the admin products table. The value is
colored only when it differs from the regular price (effective_reduced);
when equal it renders in the plain text color, unified with the Price column.
`preview=true` uses the info color (an unsaved profile-toggle preview) instead
of the saved primary color. No t() calls, so it is safe inside a macro. #}
{% macro eff_price(p, preview=false) -%}
{%- if preview -%}{% set strong = "text-info" %}{%- else -%}{% set strong = "text-primary dark:text-primary-dark" %}{%- endif -%}
{% if p.effective_reduced %}
<span class="font-medium {{ strong }}">{{ p.effective_price }} {{ p.currency }}</span>
<span class="ml-1 text-xs text-on-surface/60 dark:text-on-surface-dark/60">({{ p.effective_percent_off }}%)</span>
{% else %}
{{ p.effective_price }} {{ p.currency }}
{% endif %}
{%- endmacro eff_price %}
{# ---- Form controls. Verbatim Penguin classes from
penguinui/{text-input,text-area,select,checkbox,file-input}/default-*.html.
These macros emit only the control (callers keep their own <label>/layout), so
@@ -120,13 +146,41 @@
{# Text/email/number/password input. #}
{% macro input(name, type="text", id="", value="", placeholder="", required=false, autocomplete="", attrs="", extra="", width="w-full") -%}
<input {% if id %}id="{{ id }}" {% endif %}name="{{ name }}" type="{{ type }}"{% if value != "" %} value="{{ value }}"{% endif %}{% if placeholder %} placeholder="{{ placeholder }}"{% endif %}{% if required %} required{% endif %}{% if autocomplete %} autocomplete="{{ autocomplete }}"{% endif %} class="{{ width }} rounded-radius border border-outline bg-surface-alt px-2 py-2 text-sm text-on-surface focus-visible:outline-2 focus-visible:outline-offset-2 focus-visible:outline-primary disabled:cursor-not-allowed disabled:opacity-75 dark:border-outline-dark dark:bg-surface-dark-alt/50 dark:text-on-surface-dark dark:focus-visible:outline-primary-dark {{ extra }}" {{ attrs | safe }}/>
<input {% if id %}id="{{ id }}" {% endif %}name="{{ name }}" type="{{ type }}"{% if value is number or value != "" %} value="{{ value }}"{% endif %}{% if placeholder %} placeholder="{{ placeholder }}"{% endif %}{% if required %} required{% endif %}{% if autocomplete %} autocomplete="{{ autocomplete }}"{% endif %} class="{{ width }} rounded-radius border border-outline bg-surface-alt px-2 py-2 text-sm text-on-surface focus-visible:outline-2 focus-visible:outline-offset-2 focus-visible:outline-primary disabled:cursor-not-allowed disabled:opacity-75 dark:border-outline-dark dark:bg-surface-dark-alt/50 dark:text-on-surface-dark dark:focus-visible:outline-primary-dark {{ extra }}" {{ attrs | safe }}/>
{%- endmacro input %}
{% macro textarea(name, id="", value="", rows="3", placeholder="", required=false, attrs="", extra="") -%}
<textarea {% if id %}id="{{ id }}" {% endif %}name="{{ name }}" rows="{{ rows }}"{% if placeholder %} placeholder="{{ placeholder }}"{% endif %}{% if required %} required{% endif %} class="w-full rounded-radius border border-outline bg-surface-alt px-2.5 py-2 text-sm text-on-surface focus-visible:outline-2 focus-visible:outline-offset-2 focus-visible:outline-primary disabled:cursor-not-allowed disabled:opacity-75 dark:border-outline-dark dark:bg-surface-dark-alt/50 dark:text-on-surface-dark dark:focus-visible:outline-primary-dark {{ extra }}" {{ attrs | safe }}>{{ value }}</textarea>
{%- endmacro textarea %}
{# Quill rich-text editor (see /static/js/rich-editor.js + /static/vendor/quill).
The real value rides in a hidden <textarea> the editor keeps in sync, so it
submits like any other field. `value` pre-fills (HTML or plain text). Several
editors may share one form — each is scoped to its own [data-rich-field].
Requires the page to load quill.js + quill.snow.css + rich-editor.js (the
product form does so) and a _csrf field in the form for image uploads. #}
{% macro rich_editor(name, lang, value="", placeholder="", min_height="12rem") -%}
<div data-rich-field>
<textarea name="{{ name }}" data-rich-content class="hidden">{{ value }}</textarea>
<div data-rich-editor class="rich-editor" style="--rich-min-height: {{ min_height }};"{% if placeholder %} data-placeholder="{{ placeholder }}"{% endif %}></div>
<div data-image-size-controls class="rich-image-size-controls mt-2 hidden">
<span class="text-xs font-medium text-on-surface/70 dark:text-on-surface-dark/70">{{ t(key="image-size", lang=lang) }}</span>
<button type="button" data-image-size="small">{{ t(key="image-size-small", lang=lang) }}</button>
<button type="button" data-image-size="medium">{{ t(key="image-size-medium", lang=lang) }}</button>
<button type="button" data-image-size="full">{{ t(key="image-size-full", lang=lang) }}</button>
<label class="inline-flex items-center gap-1.5">
<span class="text-xs text-on-surface/70 dark:text-on-surface-dark/70">{{ t(key="image-width-px", lang=lang) }}</span>
<input type="number" min="40" max="1200" step="10" data-image-width
class="w-20 rounded-radius border border-outline bg-surface-alt px-2 py-1 text-sm text-on-surface dark:border-outline-dark dark:bg-surface-dark-alt/50 dark:text-on-surface-dark">
</label>
</div>
<p class="mt-1 text-xs text-on-surface/60 dark:text-on-surface-dark/60" data-rich-status
data-uploading="{{ t(key='image-uploading', lang=lang) }}"
data-uploaded="{{ t(key='image-uploaded', lang=lang) }}"
data-error="{{ t(key='image-upload-error', lang=lang) }}"></p>
</div>
{%- endmacro rich_editor %}
{# File input. #}
{% macro file_input(name, id="", accept="", attrs="", extra="") -%}
<input {% if id %}id="{{ id }}" {% endif %}name="{{ name }}" type="file"{% if accept %} accept="{{ accept }}"{% endif %} class="w-full overflow-clip rounded-radius border border-outline bg-surface-alt/50 text-sm text-on-surface file:mr-4 file:border-none file:bg-surface-alt file:px-4 file:py-2 file:font-medium file:text-on-surface-strong focus-visible:outline-2 focus-visible:outline-offset-2 focus-visible:outline-primary disabled:cursor-not-allowed disabled:opacity-75 dark:border-outline-dark dark:bg-surface-dark-alt/50 dark:text-on-surface-dark dark:file:bg-surface-dark-alt dark:file:text-on-surface-dark-strong dark:focus-visible:outline-primary-dark {{ extra }}" {{ attrs | safe }}/>

78
assets/views/partials/profile_menu.html Normal file
View File

@@ -0,0 +1,78 @@
{# Customer profile dropdown in the storefront navbar.
Proper Penguin UI dropdown: behaviour is the vendored
dropdowns/dropdown-with-icons.html verbatim (isOpen / openedWithKeyboard,
x-trap + $focus keyboard nav, x-cloak x-show, @click.outside). Trigger is the
round initials avatar (avatar-with-initials.html, primary variant). Menu items
are our account links.
Needs the Alpine Focus plugin (loaded before Alpine core in base.html) for
x-trap / $focus. Self-contained Alpine state; the host only needs to place it
in the navbar flex row. The panel has NO id on purpose — an id would make htmx
hx-boost "settle" it across boosted navigations and reappear; id-less Penguin
dropdowns are unaffected. #}
{# initials from the full name, e.g. "Filip Priec" -> "FP" #}
{% set _name = customer_name | default(value='') | trim %}
{% set _parts = _name | split(pat=' ') %}
{% set _initials = _parts.0 | truncate(length=1, end='') | upper %}
{% if _parts | length > 1 %}{% set _second = _parts | last | truncate(length=1, end='') | upper %}{% set _initials = _initials ~ _second %}{% endif %}
{% if customer_account_type == "company" %}{% set _type_label = t(key="account-company", lang=lang | default(value='sk')) %}{% else %}{% set _type_label = t(key="account-personal", lang=lang | default(value='sk')) %}{% endif %}
{% set _person_icon = '<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24" aria-hidden="true" fill="currentColor" class="size-5"><path fill-rule="evenodd" d="M7.5 6a4.5 4.5 0 119 0 4.5 4.5 0 01-9 0zM3.751 20.105a8.25 8.25 0 0116.498 0 .75.75 0 01-.437.695A18.683 18.683 0 0112 22.5c-2.786 0-5.433-.608-7.812-1.7a.75.75 0 01-.437-.695z" clip-rule="evenodd"/></svg>' %}
<div x-data="{ isOpen: false, openedWithKeyboard: false }"
x-on:keydown.esc.window="isOpen = false, openedWithKeyboard = false"
class="relative">
<!-- Toggle Button: round initials avatar -->
<button type="button" x-on:click="isOpen = ! isOpen"
x-on:keydown.space.prevent="openedWithKeyboard = true" x-on:keydown.enter.prevent="openedWithKeyboard = true" x-on:keydown.down.prevent="openedWithKeyboard = true"
x-bind:aria-expanded="isOpen || openedWithKeyboard" aria-haspopup="true"
aria-label="{{ t(key='nav-account', lang=lang | default(value='sk')) }}"
class="flex size-9 shrink-0 items-center justify-center overflow-hidden rounded-full border border-primary bg-primary text-sm font-bold tracking-wider text-on-primary/90 transition hover:opacity-90 focus-visible:outline-2 focus-visible:outline-offset-2 focus-visible:outline-primary dark:border-primary-dark dark:bg-primary-dark dark:text-on-primary-dark/90 dark:focus-visible:outline-primary-dark">
{%- if _initials %}{{ _initials }}{% else %}{{ _person_icon | safe }}{% endif -%}
</button>
<!-- Dropdown Menu (positioned like the settings cog: right-0 mt-2) -->
<div x-cloak x-show="isOpen || openedWithKeyboard" x-transition x-trap="openedWithKeyboard"
x-on:click.outside="isOpen = false, openedWithKeyboard = false"
x-on:keydown.down.prevent="$focus.wrap().next()" x-on:keydown.up.prevent="$focus.wrap().previous()"
class="absolute right-0 mt-2 flex w-60 min-w-48 flex-col divide-y divide-outline overflow-hidden rounded-radius border border-outline bg-surface-alt shadow-lg dark:divide-outline-dark dark:border-outline-dark dark:bg-surface-dark-alt" role="menu">
<!-- header: avatar + name + account type -->
<div class="flex items-center gap-3 px-4 py-2.5">
<span class="flex size-11 shrink-0 items-center justify-center overflow-hidden rounded-full border border-primary bg-primary text-base font-bold tracking-wider text-on-primary/90 dark:border-primary-dark dark:bg-primary-dark dark:text-on-primary-dark/90">
{%- if _initials %}{{ _initials }}{% else %}{{ _person_icon | safe }}{% endif -%}
</span>
<div class="flex min-w-0 flex-col">
<span class="truncate text-sm font-medium text-on-surface-strong dark:text-on-surface-dark-strong">{{ _name }}</span>
<p class="truncate text-xs text-on-surface dark:text-on-surface-dark">{{ _type_label }}</p>
</div>
</div>
<!-- account links (with icons) -->
<div class="flex flex-col py-1.5">
<a href="/account/orders" data-nav="/account/orders" role="menuitem" class="flex items-center gap-2 bg-surface-alt px-4 py-2 text-sm text-on-surface hover:bg-surface-dark-alt/5 hover:text-on-surface-strong focus-visible:bg-surface-dark-alt/10 focus-visible:text-on-surface-strong focus-visible:outline-hidden dark:bg-surface-dark-alt dark:text-on-surface-dark dark:hover:bg-surface-alt/5 dark:hover:text-on-surface-dark-strong dark:focus-visible:bg-surface-alt/10 dark:focus-visible:text-on-surface-dark-strong">
{{ ui::icon(name="cart", size="size-4", extra="shrink-0") }}
{{ t(key="account-orders", lang=lang | default(value='sk')) }}
</a>
<a href="/account/profile" data-nav="/account/profile" role="menuitem" class="flex items-center gap-2 bg-surface-alt px-4 py-2 text-sm text-on-surface hover:bg-surface-dark-alt/5 hover:text-on-surface-strong focus-visible:bg-surface-dark-alt/10 focus-visible:text-on-surface-strong focus-visible:outline-hidden dark:bg-surface-dark-alt dark:text-on-surface-dark dark:hover:bg-surface-alt/5 dark:hover:text-on-surface-dark-strong dark:focus-visible:bg-surface-alt/10 dark:focus-visible:text-on-surface-dark-strong">
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24" aria-hidden="true" fill="currentColor" class="size-4 shrink-0"><path fill-rule="evenodd" d="M7.5 6a4.5 4.5 0 119 0 4.5 4.5 0 01-9 0zM3.751 20.105a8.25 8.25 0 0116.498 0 .75.75 0 01-.437.695A18.683 18.683 0 0112 22.5c-2.786 0-5.433-.608-7.812-1.7a.75.75 0 01-.437-.695z" clip-rule="evenodd"/></svg>
{{ t(key="profile-title", lang=lang | default(value='sk')) }}
</a>
<a href="/account/password" data-nav="/account/password" role="menuitem" class="flex items-center gap-2 bg-surface-alt px-4 py-2 text-sm text-on-surface hover:bg-surface-dark-alt/5 hover:text-on-surface-strong focus-visible:bg-surface-dark-alt/10 focus-visible:text-on-surface-strong focus-visible:outline-hidden dark:bg-surface-dark-alt dark:text-on-surface-dark dark:hover:bg-surface-alt/5 dark:hover:text-on-surface-dark-strong dark:focus-visible:bg-surface-alt/10 dark:focus-visible:text-on-surface-dark-strong">
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24" aria-hidden="true" fill="currentColor" class="size-4 shrink-0"><path fill-rule="evenodd" d="M15.75 1.5a6.75 6.75 0 00-6.651 7.906c.067.39-.032.717-.221.906l-6.5 6.499a3 3 0 00-.878 2.121v2.818c0 .414.336.75.75.75H6a.75.75 0 00.75-.75v-1.5h1.5A.75.75 0 009 21v-1.5h1.5a.75.75 0 00.53-.22l2.658-2.658c.19-.189.517-.288.906-.22A6.75 6.75 0 1015.75 1.5zm0 3a.75.75 0 000 1.5A2.25 2.25 0 0118 8.25a.75.75 0 001.5 0 3.75 3.75 0 00-3.75-3.75z" clip-rule="evenodd"/></svg>
{{ t(key="account-change-password", lang=lang | default(value='sk')) }}
</a>
<a href="/account/security" data-nav="/account/security" role="menuitem" class="flex items-center gap-2 bg-surface-alt px-4 py-2 text-sm text-on-surface hover:bg-surface-dark-alt/5 hover:text-on-surface-strong focus-visible:bg-surface-dark-alt/10 focus-visible:text-on-surface-strong focus-visible:outline-hidden dark:bg-surface-dark-alt dark:text-on-surface-dark dark:hover:bg-surface-alt/5 dark:hover:text-on-surface-dark-strong dark:focus-visible:bg-surface-alt/10 dark:focus-visible:text-on-surface-dark-strong">
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24" aria-hidden="true" fill="currentColor" class="size-4 shrink-0"><path fill-rule="evenodd" d="M12 1.5a5.25 5.25 0 00-5.25 5.25v3a3 3 0 00-3 3v6.75a3 3 0 003 3h10.5a3 3 0 003-3v-6.75a3 3 0 00-3-3v-3c0-2.9-2.35-5.25-5.25-5.25zm3.75 8.25v-3a3.75 3.75 0 10-7.5 0v3h7.5z" clip-rule="evenodd"/></svg>
{{ t(key="security-title", lang=lang | default(value='sk')) }}
</a>
</div>
<!-- logout -->
<div class="flex flex-col py-1.5">
<form method="post" action="/logout" hx-boost="false">
<input type="hidden" name="_csrf" value="{{ csrf_token() }}"><button type="submit" role="menuitem" class="flex w-full items-center gap-2 bg-surface-alt px-4 py-2 text-left text-sm text-on-surface hover:bg-surface-dark-alt/5 hover:text-on-surface-strong focus-visible:bg-surface-dark-alt/10 focus-visible:text-on-surface-strong focus-visible:outline-hidden dark:bg-surface-dark-alt dark:text-on-surface-dark dark:hover:bg-surface-alt/5 dark:hover:text-on-surface-dark-strong dark:focus-visible:bg-surface-alt/10 dark:focus-visible:text-on-surface-dark-strong">
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24" aria-hidden="true" fill="currentColor" class="size-4 shrink-0"><path fill-rule="evenodd" d="M7.5 3.75A1.5 1.5 0 006 5.25v13.5a1.5 1.5 0 001.5 1.5h6a1.5 1.5 0 001.5-1.5V15a.75.75 0 011.5 0v3.75a3 3 0 01-3 3h-6a3 3 0 01-3-3V5.25a3 3 0 013-3h6a3 3 0 013 3V9A.75.75 0 0115 9V5.25a1.5 1.5 0 00-1.5-1.5h-6zm10.72 4.72a.75.75 0 011.06 0l3 3a.75.75 0 010 1.06l-3 3a.75.75 0 11-1.06-1.06l1.72-1.72H9a.75.75 0 010-1.5h10.94l-1.72-1.72a.75.75 0 010-1.06z" clip-rule="evenodd"/></svg>
{{ t(key="logout", lang=lang | default(value='sk')) }}
</button></form>
</div>
</div>
</div>

28
assets/views/partials/settings_dropdown.html
View File

@@ -1,21 +1,26 @@
{# Settings dropdown (language + theme). Shared by base.html and admin/base.html
to kill the former ~100-line copy-paste duplication.
Adapted from the vendored Penguin UI component
penguinui-components/dropdowns/dropdown-with-click.html: Penguin's dropdown
menu container + item treatment. Deviations: kept our gear icon-only trigger
and our core-Alpine open / @click.outside toggle (upstream's x-trap / $focus
need the Alpine Focus plugin, which we don't bundle); item hover uses
bg-primary/5 to stay consistent with the rest of our Penguin-ified UI.
Proper Penguin UI dropdown: behaviour is the vendored
dropdowns/dropdown-with-icons.html verbatim (isOpen / openedWithKeyboard,
x-trap + $focus keyboard nav, x-cloak x-show, @click.outside). Trigger is our
gear icon-only button; content is the language form + theme toggle. Needs the
Alpine Focus plugin (loaded in base.html) for x-trap / $focus.
The host template provides the wrapper
<div x-data="{ open: false }" @keydown.escape="open = false" class="relative ...">
so it controls its own positioning (e.g. ml-auto in admin). #}
{{ ui::icon_button(aria_label=t(key='settings', lang=lang | default(value='sk')), attrs='@click="open = !open" :aria-expanded="open"', icon='<svg xmlns="http://www.w3.org/2000/svg" fill="none" viewBox="0 0 24 24" stroke-width="1.5" stroke="currentColor" class="size-5"><path stroke-linecap="round" stroke-linejoin="round" d="M9.594 3.94c.09-.542.56-.94 1.11-.94h2.593c.55 0 1.02.398 1.11.94l.213 1.281c.063.374.313.686.645.87.074.04.147.083.22.127.324.196.72.257 1.075.124l1.217-.456a1.125 1.125 0 0 1 1.37.49l1.296 2.247a1.125 1.125 0 0 1-.26 1.431l-1.003.827c-.293.241-.438.613-.43.992a7.723 7.723 0 0 1 0 .255c-.008.378.137.75.43.991l1.004.827c.424.35.534.955.26 1.43l-1.298 2.247a1.125 1.125 0 0 1-1.369.491l-1.217-.456c-.355-.133-.75-.072-1.076.124a6.47 6.47 0 0 1-.22.128c-.331.183-.581.495-.644.869l-.213 1.281c-.09.543-.56.94-1.11.94h-2.594c-.55 0-1.019-.398-1.11-.94l-.213-1.281c-.062-.374-.312-.686-.644-.87a6.52 6.52 0 0 1-.22-.127c-.325-.196-.72-.257-1.076-.124l-1.217.456a1.125 1.125 0 0 1-1.369-.49l-1.297-2.247a1.125 1.125 0 0 1 .26-1.431l1.004-.827c.292-.24.437-.613.43-.991a6.932 6.932 0 0 1 0-.255c.007-.38-.138-.751-.43-.992l-1.004-.827a1.125 1.125 0 0 1-.26-1.43l1.297-2.247a1.125 1.125 0 0 1 1.37-.491l1.216.456c.356.133.751.072 1.076-.124.072-.044.146-.086.22-.128.332-.183.582-.495.644-.869l.214-1.28Z" /><path stroke-linecap="round" stroke-linejoin="round" d="M15 12a3 3 0 1 1-6 0 3 3 0 0 1 6 0Z" /></svg>') }}
<div x-show="open" x-cloak @click.outside="open = false" x-transition.origin.top.right
Self-contained Alpine state + relative positioning; the host only places it
(e.g. ml-auto in admin). The panel has NO id on purpose (see profile_menu.html
for why — htmx hx-boost settles by id). #}
<div x-data="{ isOpen: false, openedWithKeyboard: false }"
x-on:keydown.esc.window="isOpen = false, openedWithKeyboard = false"
class="relative">
{{ ui::icon_button(aria_label=t(key='settings', lang=lang | default(value='sk')), attrs='x-on:click="isOpen = ! isOpen" x-on:keydown.space.prevent="openedWithKeyboard = true" x-on:keydown.enter.prevent="openedWithKeyboard = true" x-on:keydown.down.prevent="openedWithKeyboard = true" x-bind:aria-expanded="isOpen || openedWithKeyboard" aria-haspopup="true"', icon='<svg xmlns="http://www.w3.org/2000/svg" fill="none" viewBox="0 0 24 24" stroke-width="1.5" stroke="currentColor" class="size-5"><path stroke-linecap="round" stroke-linejoin="round" d="M9.594 3.94c.09-.542.56-.94 1.11-.94h2.593c.55 0 1.02.398 1.11.94l.213 1.281c.063.374.313.686.645.87.074.04.147.083.22.127.324.196.72.257 1.075.124l1.217-.456a1.125 1.125 0 0 1 1.37.49l1.296 2.247a1.125 1.125 0 0 1-.26 1.431l-1.003.827c-.293.241-.438.613-.43.992a7.723 7.723 0 0 1 0 .255c-.008.378.137.75.43.991l1.004.827c.424.35.534.955.26 1.43l-1.298 2.247a1.125 1.125 0 0 1-1.369.491l-1.217-.456c-.355-.133-.75-.072-1.076.124a6.47 6.47 0 0 1-.22.128c-.331.183-.581.495-.644.869l-.213 1.281c-.09.543-.56.94-1.11.94h-2.594c-.55 0-1.019-.398-1.11-.94l-.213-1.281c-.062-.374-.312-.686-.644-.87a6.52 6.52 0 0 1-.22-.127c-.325-.196-.72-.257-1.076-.124l-1.217.456a1.125 1.125 0 0 1-1.369-.49l-1.297-2.247a1.125 1.125 0 0 1 .26-1.431l1.004-.827c.292-.24.437-.613.43-.991a6.932 6.932 0 0 1 0-.255c.007-.38-.138-.751-.43-.992l-1.004-.827a1.125 1.125 0 0 1-.26-1.43l1.297-2.247a1.125 1.125 0 0 1 1.37-.491l1.216.456c.356.133.751.072 1.076-.124.072-.044.146-.086.22-.128.332-.183.582-.495.644-.869l.214-1.28Z" /><path stroke-linecap="round" stroke-linejoin="round" d="M15 12a3 3 0 1 1-6 0 3 3 0 0 1 6 0Z" /></svg>') }}
<div x-cloak x-show="isOpen || openedWithKeyboard" x-transition x-trap="openedWithKeyboard"
x-on:click.outside="isOpen = false, openedWithKeyboard = false"
x-on:keydown.down.prevent="$focus.wrap().next()" x-on:keydown.up.prevent="$focus.wrap().previous()"
class="absolute right-0 mt-2 flex w-56 flex-col overflow-hidden rounded-radius border border-outline bg-surface-alt py-1 shadow-lg dark:border-outline-dark dark:bg-surface-dark-alt"
role="menu">
<form method="post" action="/lang" hx-boost="false">
<input type="hidden" name="_csrf" value="{{ csrf_token() }}">
<p class="px-4 py-1.5 text-xs font-semibold uppercase tracking-wide text-on-surface/60 dark:text-on-surface-dark/60">
{{ t(key="settings-language", lang=lang | default(value='sk')) }}
</p>
@@ -54,3 +59,4 @@
</label>
</div>
</div>
</div>

54
assets/views/shop/_card.html
View File

@@ -1,32 +1,62 @@
{# Imported locally (not just inherited from base.html) so the card also renders
inside standalone htmx fragments like shop/_results.html, where Tera's import
chain from the layout isn't present. #}
{% import "macros/ui.html" as ui %}
{# Adapted from the vendored Penguin UI component
(penguinui-components/card/ecommerce-product-card.html):
wired to our product data + i18n + htmx add-to-cart + toast. The demo rating
stars, hardcoded title/price/description/image and the `max-w-sm` (which fights
the shop grid) are dropped; the whole card links to the product page. #}
{# Layout adapts to the `view` Alpine state set by _product_grid.html:
'grid' (default) → vertical card; 'list' → horizontal row. On pages without
that state (e.g. home) `view` is undefined, so the grid layout applies. #}
<article
class="group flex flex-col overflow-hidden rounded-radius border border-outline bg-surface-alt text-on-surface transition hover:border-primary dark:border-outline-dark dark:bg-surface-dark-alt dark:text-on-surface-dark dark:hover:border-primary-dark">
<a href="/shop/{{ product.slug }}" class="flex flex-1 flex-col">
class="group flex overflow-hidden rounded-radius border border-outline bg-surface-alt text-on-surface transition hover:border-primary dark:border-outline-dark dark:bg-surface-dark-alt dark:text-on-surface-dark dark:hover:border-primary-dark"
:class="view === 'list' ? 'flex-row flex-wrap' : 'flex-col'">
<a href="/shop/{{ product.slug }}" class="flex min-w-0 flex-1"
:class="view === 'list' ? 'flex-row' : 'flex-col'">
<!-- Image -->
<div class="h-44 overflow-hidden bg-surface-alt md:h-64 dark:bg-surface-dark">
<div class="overflow-hidden bg-surface-alt dark:bg-surface-dark"
:class="view === 'list' ? 'size-28 shrink-0 sm:size-40' : 'h-44 md:h-64'">
{% if product.image %}
<img src="/images/{{ product.image }}" alt="{{ product.name }}" class="size-full object-cover transition duration-700 ease-out group-hover:scale-105">
{% endif %}
</div>
<!-- Content -->
<div class="flex flex-1 flex-col gap-1 p-6 pb-2">
<!-- Header: Title & Price -->
<div class="flex justify-between gap-4">
<h3 class="text-lg font-bold text-on-surface-strong dark:text-on-surface-dark-strong">{{ product.name }}</h3>
<span class="whitespace-nowrap text-xl"><span class="sr-only">Price</span>{{ product.price }} {{ product.currency }}</span>
<div class="flex min-w-0 flex-1 flex-col gap-1"
:class="view === 'list' ? 'p-4 sm:p-5' : 'p-6 pb-2'">
<!-- Header: Title & Price (stacked so neither overflows the narrow card) -->
<h3 class="break-words text-lg font-bold text-on-surface-strong dark:text-on-surface-dark-strong">{{ product.name }}</h3>
{# Short blurb for the card; falls back to the full description (clamped)
for products without a dedicated short one. Both are authored as rich
text (Quill), so render the stored HTML — `.rich-blurb` strips block
spacing so the line-clamp stays tidy. Overflow is truncated with an
ellipsis: 2 lines in the grid, 3 in the roomier list row. #}
{% if product.short_description or product.description %}
<div class="rich-blurb line-clamp-2 break-words text-sm text-on-surface/70 dark:text-on-surface-dark/70"
:class="view === 'list' && 'line-clamp-3'">{% if product.short_description %}{{ product.short_description | safe }}{% else %}{{ product.description | safe }}{% endif %}</div>
{% endif %}
{% if product.on_sale %}
<div class="flex flex-wrap items-baseline gap-x-2 leading-tight">
<span class="text-xl font-semibold text-danger"><span class="sr-only">Price</span>{% if product.has_options %}{{ t(key="from-price", price=product.price, lang=lang | default(value='sk')) }}{% else %}{{ product.price }}{% endif %} {{ product.currency }}</span>
<span class="text-sm text-on-surface/50 line-through dark:text-on-surface-dark/50">{{ product.regular_price }} {{ product.currency }}</span>
</div>
{% else %}
<span class="break-words text-xl"><span class="sr-only">Price</span>{% if product.has_options %}{{ t(key="from-price", price=product.price, lang=lang | default(value='sk')) }}{% else %}{{ product.price }}{% endif %} {{ product.currency }}</span>
{% endif %}
</div>
</a>
<div class="flex flex-col gap-2 p-6 pt-0">
{% if product.stock > 0 %}
<p class="text-xs text-on-surface/60 dark:text-on-surface-dark/60">{{ t(key="in-stock", lang=lang | default(value='sk')) }}: {{ product.stock }}</p>
<div class="flex flex-col gap-2"
:class="view === 'list' ? 'w-full justify-center p-4 sm:w-56 sm:p-5' : 'p-6 pt-0'">
{% if product.has_options %}
{# Multiple variants: customer must pick on the product page. #}
{{ ui::button(label=t(key="choose-option", lang=lang | default(value='sk')), href="/shop/" ~ product.slug, extra="w-full") }}
{% elif product.in_stock %}
<p class="text-xs text-on-surface/60 dark:text-on-surface-dark/60">{% if product.tracked %}{{ t(key="in-stock", lang=lang | default(value='sk')) }}: {{ product.stock }}{% else %}{{ t(key="available", lang=lang | default(value='sk')) }}{% endif %}</p>
<form method="post" action="/cart/add" hx-post="/cart/add" hx-swap="none"
hx-on::after-request="if (event.detail.successful) toast('{{ t(key='cart-added', lang=lang | default(value='sk')) }}')">
<input type="hidden" name="product_id" value="{{ product.id }}">
<input type="hidden" name="_csrf" value="{{ csrf_token() }}">
<input type="hidden" name="variant_id" value="{{ product.variant_id }}">
<input type="hidden" name="quantity" value="1">
{{ ui::button(label=t(key="add-to-cart", lang=lang | default(value='sk')), type="submit", extra="w-full", icon='<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 16 16" fill="currentColor" aria-hidden="true" class="size-3.5"><path fill-rule="evenodd" d="M5 4a3 3 0 0 1 6 0v1h.643a1.5 1.5 0 0 1 1.492 1.35l.7 7A1.5 1.5 0 0 1 12.342 15H3.657a1.5 1.5 0 0 1-1.492-1.65l.7-7A1.5 1.5 0 0 1 4.357 5H5V4Zm4.5 0v1h-3V4a1.5 1.5 0 0 1 3 0Zm-3 3.75a.75.75 0 0 0-1.5 0v1a3 3 0 1 0 6 0v-1a.75.75 0 0 0-1.5 0v1a1.5 1.5 0 1 1-3 0v-1Z" clip-rule="evenodd" /></svg>') }}
</form>

20
assets/views/shop/_cart_body.html
View File

@@ -19,16 +19,25 @@
<tr>
<td class="px-4 py-3">
<a href="/shop/{{ item.slug }}" class="font-medium text-on-surface-strong hover:text-primary dark:text-on-surface-dark-strong dark:hover:text-primary-dark">{{ item.name }}</a>
{% if item.variant_label %}<span class="block text-xs text-on-surface/60 dark:text-on-surface-dark/60">{{ item.variant_label }}</span>{% endif %}
</td>
<td class="px-4 py-3 tabular-nums">
{% if item.on_sale %}
<span class="font-medium text-danger">{{ item.price }} {{ item.currency }}</span>
<span class="ml-1 text-xs text-on-surface/50 line-through dark:text-on-surface-dark/50">{{ item.regular_price }}</span>
{% else %}
{{ item.price }} {{ item.currency }}
{% endif %}
</td>
<td class="px-4 py-3 tabular-nums">{{ item.price }} {{ item.currency }}</td>
<td class="px-4 py-3">
{# Changing the quantity posts via htmx (custom `cartchange` event) and
swaps only #cart-body. Dropping to 0 asks for confirmation first,
reverting to the previous quantity if the customer cancels. #}
<form method="post" action="/cart/update"
hx-post="/cart/update" hx-trigger="cartchange" hx-target="#cart-body" hx-swap="innerHTML">
<input type="hidden" name="product_id" value="{{ item.id }}">
<input type="number" name="quantity" min="0" max="{{ item.stock }}" value="{{ item.quantity }}"
{{ ui::csrf_field() }}
<input type="hidden" name="variant_id" value="{{ item.id }}">
<input type="number" name="quantity" min="0" {% if item.stock %}max="{{ item.stock }}"{% endif %} value="{{ item.quantity }}"
@change="
if (parseInt($el.value || '0') <= 0 && !window.confirm('{{ t(key='cart-remove-confirm', lang=lang | default(value='sk')) }}')) {
$el.value = '{{ item.quantity }}';
@@ -43,7 +52,8 @@
<td class="px-4 py-3 text-right">
<form method="post" action="/cart/remove"
hx-post="/cart/remove" hx-target="#cart-body" hx-swap="innerHTML">
<input type="hidden" name="product_id" value="{{ item.id }}">
{{ ui::csrf_field() }}
<input type="hidden" name="variant_id" value="{{ item.id }}">
{{ ui::button(variant="ghost-danger", label=t(key="cart-remove", lang=lang | default(value='sk')), type="submit", size="px-2 py-1 text-xs") }}
</form>
</td>
@@ -62,7 +72,7 @@
<div class="mt-6 flex flex-wrap justify-between gap-3">
{{ ui::button(variant="outline-secondary", label=t(key="cart-continue", lang=lang | default(value='sk')), href="/shop") }}
{{ ui::button(label=t(key="cart-checkout", lang=lang | default(value='sk')), href="/checkout", size="px-5 py-2 text-sm") }}
{{ ui::button(label=t(key="cart-checkout", lang=lang | default(value='sk')), href="/checkout", size="px-5 py-2 text-sm", attrs='hx-boost="false"') }}
</div>
{% else %}
<div class="rounded-radius border border-outline px-6 py-16 text-center dark:border-outline-dark">

32
assets/views/shop/_cart_preview.html Normal file
View File

@@ -0,0 +1,32 @@
{# Mini-cart preview shown on hover over the navbar cart (Alza-style).
Lazy-loaded via htmx from /partials/cart into the hover dropdown panel in
base.html. Receives: items[], total, currency, lang. #}
{% import "macros/ui.html" as ui %}
{% if items | length > 0 %}
<div class="max-h-80 divide-y divide-outline overflow-y-auto dark:divide-outline-dark">
{% for item in items %}
<div class="flex items-start gap-3 px-4 py-3">
<div class="min-w-0 flex-1">
<a href="/shop/{{ item.slug }}" class="block truncate text-sm font-medium text-on-surface-strong hover:text-primary dark:text-on-surface-dark-strong dark:hover:text-primary-dark">{{ item.name }}</a>
{% if item.variant_label %}<span class="block truncate text-xs text-on-surface/60 dark:text-on-surface-dark/60">{{ item.variant_label }}</span>{% endif %}
<p class="mt-0.5 text-xs tabular-nums text-on-surface dark:text-on-surface-dark">{{ item.quantity }} × {{ item.price }} {{ item.currency }}</p>
</div>
<span class="shrink-0 text-sm font-semibold tabular-nums text-on-surface-strong dark:text-on-surface-dark-strong">{{ item.line_total }} {{ item.currency }}</span>
</div>
{% endfor %}
</div>
<div class="border-t border-outline px-4 py-3 dark:border-outline-dark">
<div class="mb-3 flex items-center justify-between">
<span class="text-sm text-on-surface dark:text-on-surface-dark">{{ t(key="cart-total", lang=lang | default(value='sk')) }}</span>
<span class="text-base font-bold tabular-nums text-primary dark:text-primary-dark">{{ total }} {{ currency }}</span>
</div>
<div class="flex gap-2">
{{ ui::button(href="/cart", variant="outline-primary", label=t(key="cart-title", lang=lang | default(value='sk')), extra="flex-1", attrs='hx-boost="false"') }}
{{ ui::button(href="/checkout", variant="primary", label=t(key="cart-checkout", lang=lang | default(value='sk')), extra="flex-1", attrs='hx-boost="false"') }}
</div>
</div>
{% else %}
<div class="px-4 py-10 text-center text-sm text-on-surface dark:text-on-surface-dark">
{{ t(key="cart-empty", lang=lang | default(value='sk')) }}
</div>
{% endif %}

39
assets/views/shop/_product_grid.html Normal file
View File

@@ -0,0 +1,39 @@
{# Product collection with a grid / list view toggle.
The chosen view is held in Alpine and persisted to localStorage so it
survives navigation; `_card.html` reads the same `view` state to switch
its own layout between a vertical card and a horizontal row. #}
<div x-data="{ view: localStorage.getItem('shopView') === 'list' ? 'list' : 'grid' }"
x-init="$watch('view', v => localStorage.setItem('shopView', v))"
class="space-y-4">
<!-- View toggle -->
<div class="flex justify-end">
<div class="inline-flex gap-0.5 rounded-radius border border-outline p-0.5 dark:border-outline-dark" role="group"
aria-label="{{ t(key='view-grid', lang=lang | default(value='sk')) }} / {{ t(key='view-list', lang=lang | default(value='sk')) }}">
<button type="button" @click="view = 'grid'" :aria-pressed="view === 'grid'"
class="inline-flex size-8 items-center justify-center rounded-radius transition"
:class="view === 'grid' ? 'bg-primary text-on-primary dark:bg-primary-dark dark:text-on-primary-dark' : 'text-on-surface hover:text-primary dark:text-on-surface-dark dark:hover:text-primary-dark'"
aria-label="{{ t(key='view-grid', lang=lang | default(value='sk')) }}"
title="{{ t(key='view-grid', lang=lang | default(value='sk')) }}">
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 20 20" fill="currentColor" aria-hidden="true" class="size-4">
<path d="M3 3h6v6H3V3Zm8 0h6v6h-6V3ZM3 11h6v6H3v-6Zm8 0h6v6h-6v-6Z" />
</svg>
</button>
<button type="button" @click="view = 'list'" :aria-pressed="view === 'list'"
class="inline-flex size-8 items-center justify-center rounded-radius transition"
:class="view === 'list' ? 'bg-primary text-on-primary dark:bg-primary-dark dark:text-on-primary-dark' : 'text-on-surface hover:text-primary dark:text-on-surface-dark dark:hover:text-primary-dark'"
aria-label="{{ t(key='view-list', lang=lang | default(value='sk')) }}"
title="{{ t(key='view-list', lang=lang | default(value='sk')) }}">
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 20 20" fill="currentColor" aria-hidden="true" class="size-4">
<path d="M3 4h14v2.5H3V4Zm0 4.75h14v2.5H3v-2.5ZM3 13.5h14V16H3v-2.5Z" />
</svg>
</button>
</div>
</div>
<!-- Products -->
<div :class="view === 'list' ? 'flex flex-col gap-5' : 'grid grid-cols-2 gap-5 sm:grid-cols-3 xl:grid-cols-4'">
{% for product in products %}
{% include "shop/_card.html" %}
{% endfor %}
</div>
</div>

46
assets/views/shop/_results.html Normal file
View File

@@ -0,0 +1,46 @@
{# Results region: swapped in by htmx on each query/filter change and rendered
server-side on first load. Holds the result summary, the product grid and
pagination. #}
{% set L = lang | default(value='sk') %}
<div class="space-y-4">
<p class="text-sm text-on-surface/70 dark:text-on-surface-dark/70" aria-live="polite">
{{ t(key="results-count", lang=L, count=total) }}{% if query and query != "" %} · “{{ query }}”{% endif %}
</p>
{% if products | length > 0 %}
{% include "shop/_product_grid.html" %}
{% if pages > 1 %}
<nav class="flex items-center justify-center gap-2 pt-2" aria-label="{{ t(key='pagination', lang=L) }}">
{% if has_prev %}
<button type="button"
hx-get="/search?{% if query_base %}{{ query_base }}&{% endif %}page={{ prev_page }}"
hx-target="#shop-results" hx-swap="innerHTML" hx-push-url="true"
class="rounded-radius border border-outline px-3 py-1.5 text-sm font-medium text-on-surface transition hover:bg-primary/5 hover:text-primary dark:border-outline-dark dark:text-on-surface-dark dark:hover:text-primary-dark">
{{ t(key="prev", lang=L) }}
</button>
{% endif %}
<span class="px-2 text-sm text-on-surface/70 dark:text-on-surface-dark/70">
{{ t(key="page-of", lang=L, page=page, pages=pages) }}
</span>
{% if has_next %}
<button type="button"
hx-get="/search?{% if query_base %}{{ query_base }}&{% endif %}page={{ next_page }}"
hx-target="#shop-results" hx-swap="innerHTML" hx-push-url="true"
class="rounded-radius border border-outline px-3 py-1.5 text-sm font-medium text-on-surface transition hover:bg-primary/5 hover:text-primary dark:border-outline-dark dark:text-on-surface-dark dark:hover:text-primary-dark">
{{ t(key="next", lang=L) }}
</button>
{% endif %}
</nav>
{% endif %}
{% elif query and query != "" %}
<div class="rounded-radius border border-outline px-6 py-16 text-center text-on-surface/70 dark:border-outline-dark dark:text-on-surface-dark/70">
{{ t(key="search-empty", lang=L) }} <span class="font-medium text-on-surface-strong dark:text-on-surface-dark-strong">{{ query }}</span>
</div>
{% else %}
<div class="rounded-radius border border-outline px-6 py-16 text-center text-on-surface/70 dark:border-outline-dark dark:text-on-surface-dark/70">
{{ t(key="shop-empty", lang=L) }}
</div>
{% endif %}
</div>

102
assets/views/shop/_search.html Normal file
View File

@@ -0,0 +1,102 @@
{# Shared storefront search + filter toolbar and results region, used by the shop
index and every category page. One form drives the whole listing: htmx re-runs
/search and swaps only #shop-results; the toolbar keeps its own DOM state.
Triggers: live (debounced) typing in the search box, immediate on any
select/checkbox change, and submit (Enter / Apply) for the price band. Degrades
to a plain GET form without JS.
Expects: query, category_groups, selected_category, selected_category_id,
uncategorized_count, sort, min_price, max_price, price_floor, price_ceil,
in_stock, plus the result vars consumed by _results.html. #}
{% set L = lang | default(value='sk') %}
<div class="space-y-6">
<form action="/search" method="get" role="search"
hx-get="/search" hx-target="#shop-results" hx-swap="innerHTML"
hx-push-url="true" hx-indicator="#search-spinner"
hx-trigger="submit, change, keyup changed delay:350ms from:input[name='q']"
class="space-y-3">
<!-- search box -->
<div class="relative max-w-xl">
<span class="pointer-events-none absolute inset-y-0 left-0 flex items-center pl-3 text-on-surface/50 dark:text-on-surface-dark/50">
{{ ui::icon(name="search", size="size-5") }}
</span>
<input type="search" name="q" value="{{ query | default(value='') }}" autocomplete="off"
placeholder="{{ t(key='search-placeholder', lang=L) }}"
aria-label="{{ t(key='search-placeholder', lang=L) }}"
class="w-full rounded-radius border border-outline bg-surface py-2 pl-10 pr-10 text-sm text-on-surface placeholder:text-on-surface/50 focus-visible:outline-2 focus-visible:outline-offset-2 focus-visible:outline-primary dark:border-outline-dark dark:bg-surface-dark-alt dark:text-on-surface-dark dark:placeholder:text-on-surface-dark/50 dark:focus-visible:outline-primary-dark" />
<span id="search-spinner" class="htmx-indicator pointer-events-none absolute inset-y-0 right-0 flex items-center pr-3 text-on-surface/50 dark:text-on-surface-dark/50">
<svg class="size-4 animate-spin" xmlns="http://www.w3.org/2000/svg" fill="none" viewBox="0 0 24 24" aria-hidden="true">
<circle class="opacity-25" cx="12" cy="12" r="10" stroke="currentColor" stroke-width="4"></circle>
<path class="opacity-75" fill="currentColor" d="M4 12a8 8 0 0 1 8-8V0C5.4 0 0 5.4 0 12h4Z"></path>
</svg>
</span>
</div>
<!-- filter toolbar -->
<div class="flex flex-wrap items-end gap-3 rounded-radius border border-outline bg-surface-alt p-3 dark:border-outline-dark dark:bg-surface-dark-alt">
<!-- category -->
<label class="flex flex-col gap-1 text-xs font-medium text-on-surface/70 dark:text-on-surface-dark/70">
{{ t(key="filter-category", lang=L) }}
<select name="category"
class="rounded-radius border border-outline bg-surface px-2 py-1.5 text-sm text-on-surface focus-visible:outline-2 focus-visible:outline-offset-2 focus-visible:outline-primary dark:border-outline-dark dark:bg-surface-dark dark:text-on-surface-dark">
<option value="all"{% if selected_category == "all" %} selected{% endif %}>{{ t(key="filter-all-categories", lang=L) }}</option>
{% for g in category_groups %}
<option value="{{ g.id }}"{% if selected_category_id == g.id %} selected{% endif %}>{{ g.name }} ({{ g.count }})</option>
{% for ch in g.children %}
<option value="{{ ch.id }}"{% if selected_category_id == ch.id %} selected{% endif %}>&nbsp;&nbsp;— {{ ch.name }} ({{ ch.count }})</option>
{% endfor %}
{% endfor %}
{% if uncategorized_count > 0 %}
<option value="none"{% if selected_category == "none" %} selected{% endif %}>{{ t(key="filter-uncategorized", lang=L) }} ({{ uncategorized_count }})</option>
{% endif %}
</select>
</label>
<!-- sort -->
<label class="flex flex-col gap-1 text-xs font-medium text-on-surface/70 dark:text-on-surface-dark/70">
{{ t(key="sort-label", lang=L) }}
<select name="sort"
class="rounded-radius border border-outline bg-surface px-2 py-1.5 text-sm text-on-surface focus-visible:outline-2 focus-visible:outline-offset-2 focus-visible:outline-primary dark:border-outline-dark dark:bg-surface-dark dark:text-on-surface-dark">
{% for opt in ["newest", "relevance", "price_asc", "price_desc", "name_asc", "name_desc"] %}
<option value="{{ opt }}"{% if sort == opt %} selected{% endif %}>{{ t(key="sort-" ~ opt, lang=L) }}</option>
{% endfor %}
</select>
</label>
<!-- price band -->
<label class="flex flex-col gap-1 text-xs font-medium text-on-surface/70 dark:text-on-surface-dark/70">
{{ t(key="filter-price", lang=L) }}
<span class="flex items-center gap-1">
<input type="number" name="min_price" min="0" step="0.01" inputmode="decimal"
value="{{ min_price | default(value='') }}" placeholder="{{ price_floor }}"
aria-label="{{ t(key='filter-price-from', lang=L) }}"
class="w-24 rounded-radius border border-outline bg-surface px-2 py-1.5 text-sm text-on-surface dark:border-outline-dark dark:bg-surface-dark dark:text-on-surface-dark" />
<span class="text-on-surface/50 dark:text-on-surface-dark/50"></span>
<input type="number" name="max_price" min="0" step="0.01" inputmode="decimal"
value="{{ max_price | default(value='') }}" placeholder="{{ price_ceil }}"
aria-label="{{ t(key='filter-price-to', lang=L) }}"
class="w-24 rounded-radius border border-outline bg-surface px-2 py-1.5 text-sm text-on-surface dark:border-outline-dark dark:bg-surface-dark dark:text-on-surface-dark" />
</span>
</label>
<!-- in stock -->
<label class="flex items-center gap-2 pb-1.5 text-sm text-on-surface dark:text-on-surface-dark">
<input type="checkbox" name="in_stock" value="1"{% if in_stock %} checked{% endif %}
class="size-4 rounded border-outline text-primary focus-visible:outline-2 focus-visible:outline-offset-2 focus-visible:outline-primary dark:border-outline-dark dark:text-primary-dark" />
{{ t(key="filter-in-stock", lang=L) }}
</label>
<div class="ml-auto flex items-end gap-2">
{{ ui::button(label=t(key="filter-apply", lang=L), type="submit", variant="secondary") }}
<a href="/shop" hx-get="/search" hx-target="#shop-results" hx-push-url="true"
class="self-end pb-1.5 text-sm font-medium text-on-surface/70 underline-offset-2 transition hover:text-primary hover:underline dark:text-on-surface-dark/70 dark:hover:text-primary-dark">
{{ t(key="filter-clear", lang=L) }}
</a>
</div>
</div>
</form>
<div id="shop-results">
{% include "shop/_results.html" %}
</div>
</div>

18
assets/views/shop/category.html
View File

@@ -4,10 +4,11 @@
{% block title %}{{ category.name }}{% endblock title %}
{% block content %}
<div class="space-y-8">
{% set L = lang | default(value='sk') %}
<div class="space-y-6">
<header class="space-y-2">
<nav class="text-sm text-on-surface/60 dark:text-on-surface-dark/60">
<a href="/shop" class="hover:text-primary dark:hover:text-primary-dark">{{ t(key="nav-shop", lang=lang | default(value='sk')) }}</a>
<a href="/shop" class="hover:text-primary dark:hover:text-primary-dark">{{ t(key="nav-shop", lang=L) }}</a>
{% for crumb in breadcrumbs %}
<span class="px-1">/</span>
<a href="/category/{{ crumb.slug }}" class="hover:text-primary dark:hover:text-primary-dark">{{ crumb.name }}</a>
@@ -28,16 +29,7 @@
{% endif %}
</header>
{% if products | length > 0 %}
<div class="grid grid-cols-2 gap-5 sm:grid-cols-3 xl:grid-cols-4">
{% for product in products %}
{% include "shop/_card.html" %}
{% endfor %}
</div>
{% else %}
<div class="rounded-radius border border-outline px-6 py-16 text-center text-on-surface/70 dark:border-outline-dark dark:text-on-surface-dark/70">
{{ t(key="shop-empty", lang=lang | default(value='sk')) }}
</div>
{% endif %}
{# Same search + filters as the shop, with this category preselected. #}
{% include "shop/_search.html" %}
</div>
{% endblock content %}

1
assets/views/shop/checkout.html
View File

@@ -30,6 +30,7 @@
}
}"
class="mt-6 grid gap-8 lg:grid-cols-3">
{{ ui::csrf_field() }}
<div class="space-y-6 lg:col-span-2">
<!-- personal vs company. Fixed (read-only) for a logged-in account; a guest

21
assets/views/shop/index.html
View File

@@ -4,22 +4,13 @@
{% block title %}{{ t(key="nav-shop", lang=lang | default(value='sk')) }}{% endblock title %}
{% block content %}
<div class="space-y-8">
<header class="space-y-2">
<h1 class="text-3xl font-bold text-on-surface-strong dark:text-on-surface-dark-strong">{{ t(key="shop-title", lang=lang | default(value='sk')) }}</h1>
<p class="text-on-surface/70 dark:text-on-surface-dark/70">{{ t(key="shop-subtitle", lang=lang | default(value='sk')) }}</p>
{% set L = lang | default(value='sk') %}
<div class="space-y-6">
<header class="space-y-1">
<h1 class="text-3xl font-bold text-on-surface-strong dark:text-on-surface-dark-strong">{{ t(key="shop-title", lang=L) }}</h1>
<p class="text-on-surface/70 dark:text-on-surface-dark/70">{{ t(key="shop-subtitle", lang=L) }}</p>
</header>
{% if products | length > 0 %}
<div class="grid grid-cols-2 gap-5 sm:grid-cols-3 xl:grid-cols-4">
{% for product in products %}
{% include "shop/_card.html" %}
{% endfor %}
</div>
{% else %}
<div class="rounded-radius border border-outline px-6 py-16 text-center text-on-surface/70 dark:border-outline-dark dark:text-on-surface-dark/70">
{{ t(key="shop-empty", lang=lang | default(value='sk')) }}
</div>
{% endif %}
{% include "shop/_search.html" %}
</div>
{% endblock content %}

2
assets/views/shop/order_confirmed.html
View File

@@ -29,7 +29,7 @@
<ul class="space-y-2 py-3 text-sm">
{% for item in items %}
<li class="flex justify-between gap-2">
<span class="text-on-surface/80 dark:text-on-surface-dark/80">{{ item.product_name }} × {{ item.quantity }}</span>
<span class="text-on-surface/80 dark:text-on-surface-dark/80">{{ item.product_name }}{% if item.variant_label %} · {{ item.variant_label }}{% endif %} × {{ item.quantity }}</span>
<span class="tabular-nums">{{ item.line_total }} {{ order.currency }}</span>
</li>
{% endfor %}

77
assets/views/shop/show.html
View File

@@ -49,31 +49,86 @@
</div>
<!-- details -->
<div class="space-y-6">
{% set fld = "w-full rounded-radius border border-outline bg-surface-alt px-3 py-2 text-sm text-on-surface focus-visible:outline-2 focus-visible:outline-offset-2 focus-visible:outline-primary dark:border-outline-dark dark:bg-surface-dark-alt/50 dark:text-on-surface-dark dark:focus-visible:outline-primary-dark" %}
{% set btn = "inline-flex items-center justify-center gap-2 whitespace-nowrap rounded-radius px-5 py-2 text-sm text-center font-medium tracking-wide transition hover:opacity-75 focus-visible:outline-2 focus-visible:outline-offset-2 active:opacity-100 active:outline-offset-0 disabled:cursor-not-allowed disabled:opacity-75 border border-primary bg-primary text-on-primary focus-visible:outline-primary dark:border-primary-dark dark:bg-primary-dark dark:text-on-primary-dark dark:focus-visible:outline-primary-dark" %}
<script id="variant-data" type="application/json">{{ variants | json_encode() | safe }}</script>
<div class="space-y-6" x-data="productBuy(JSON.parse(document.getElementById('variant-data').textContent))">
{% if category %}
<a href="/category/{{ category.slug }}" class="text-sm font-medium text-primary dark:text-primary-dark">{{ category.name }}</a>
{% endif %}
<h1 class="text-3xl font-bold text-on-surface-strong dark:text-on-surface-dark-strong">{{ product.name }}</h1>
<p class="text-2xl font-semibold text-primary dark:text-primary-dark">{{ product.price }} {{ product.currency }}</p>
<template x-if="current">
<div class="space-y-6">
<!-- option picker (only when there's a real choice); first option is
selected by default and switching it updates the price + buy form -->
<template x-if="variants.length > 1">
<div class="max-w-sm space-y-1.5">
<label for="variant-select" class="text-sm font-medium text-on-surface-strong dark:text-on-surface-dark-strong">{{ t(key="choose-option", lang=lang | default(value='sk')) }}</label>
<select id="variant-select" x-model.number="sel" class="{{ fld }}">
<template x-for="(v, i) in variants" :key="v.id">
<option :value="i" x-text="(v.label || '—') + ' · ' + v.price + ' {{ product.currency }}' + (v.in_stock ? '' : ' ({{ t(key='out-of-stock', lang=lang | default(value='sk')) }})')"></option>
</template>
</select>
</div>
</template>
<div class="flex items-baseline gap-3">
<p class="text-2xl font-semibold" :class="current.on_sale ? 'text-danger' : 'text-primary dark:text-primary-dark'">
<span x-text="current.price"></span> {{ product.currency }}
</p>
<template x-if="current.on_sale">
<p class="text-lg text-on-surface/50 line-through dark:text-on-surface-dark/50"><span x-text="current.regular_price"></span> {{ product.currency }}</p>
</template>
</div>
{% if product.description %}
<div class="whitespace-pre-line leading-relaxed text-on-surface/80 dark:text-on-surface-dark/80">{{ product.description }}</div>
{# Authored as rich text (Quill) in the admin; render the stored HTML. #}
<div class="rich-content text-on-surface/80 dark:text-on-surface-dark/80">{{ product.description | safe }}</div>
{% endif %}
{% if product.stock > 0 %}
<template x-if="current.in_stock">
<div class="space-y-2">
<form method="post" action="/cart/add" hx-post="/cart/add" hx-swap="none" class="flex flex-wrap items-end gap-3"
hx-on::after-request="if (event.detail.successful) toast('{{ t(key='cart-added', lang=lang | default(value='sk')) }}')">
<input type="hidden" name="product_id" value="{{ product.id }}">
{{ ui::csrf_field() }}
<input type="hidden" name="variant_id" :value="current.id">
<div class="space-y-1.5">
<label for="quantity" class="text-sm font-medium text-on-surface-strong dark:text-on-surface-dark-strong">{{ t(key="quantity", lang=lang | default(value='sk')) }}</label>
{{ ui::input(name="quantity", id="quantity", type="number", value="1", width="w-24", attrs='min="1" max="' ~ product.stock ~ '"') }}
<input type="number" id="quantity" name="quantity" value="1" min="1" :max="current.stock" class="{{ fld }} w-24">
</div>
{{ ui::button(label=t(key="add-to-cart", lang=lang | default(value='sk')), type="submit", size="px-5 py-2 text-sm") }}
<button type="submit" class="{{ btn }}">{{ t(key="add-to-cart", lang=lang | default(value='sk')) }}</button>
</form>
<p class="text-sm text-on-surface/60 dark:text-on-surface-dark/60">{{ t(key="in-stock", lang=lang | default(value='sk')) }}: {{ product.stock }}</p>
{% else %}
<p class="inline-flex rounded-radius bg-danger/10 px-3 py-2 text-sm font-medium text-danger">{{ t(key="out-of-stock", lang=lang | default(value='sk')) }}</p>
{% endif %}
<p class="text-sm text-on-surface/60 dark:text-on-surface-dark/60">
<template x-if="current.tracked">
<span>{{ t(key="in-stock", lang=lang | default(value='sk')) }}: <span x-text="current.stock"></span></span>
</template>
<template x-if="!current.tracked">
<span>{{ t(key="available", lang=lang | default(value='sk')) }}</span>
</template>
</p>
</div>
</template>
<template x-if="!current.in_stock">
<p class="inline-flex rounded-radius bg-danger/10 px-3 py-2 text-sm font-medium text-danger">{{ t(key="out-of-stock", lang=lang | default(value='sk')) }}</p>
</template>
</div>
</template>
<template x-if="!current">
<p class="inline-flex rounded-radius bg-danger/10 px-3 py-2 text-sm font-medium text-danger">{{ t(key="out-of-stock", lang=lang | default(value='sk')) }}</p>
</template>
</div>
<script>
function productBuy(variants) {
return {
variants: variants || [],
// Default to the first in-stock variant, else the first.
sel: Math.max(0, (variants || []).findIndex(v => v.in_stock)),
get current() { return this.variants[this.sel] || null; },
};
}
</script>
</div>
{% endblock content %}

26
migration/src/lib.rs
View File

@@ -34,6 +34,19 @@ mod m20260618_000001_o_auth2_sessions;
mod m20260618_000002_customer_profiles;
mod m20260618_000003_account_type;
mod m20260618_000004_account_ownership;
mod m20260620_000001_add_totp_to_users;
mod m20260621_000001_add_sale_price_to_products;
mod m20260621_000002_account_product_prices;
mod m20260621_000003_discount_profiles;
mod m20260621_000004_add_business_sale_price_to_products;
mod m20260622_000001_audience_discount_profiles;
mod m20260622_000002_product_variants;
mod m20260622_000003_variant_stock_nullable;
mod m20260622_000004_product_search;
mod m20260622_000005_product_search_aggregate;
mod m20260622_000006_order_search_indexes;
mod m20260623_000001_add_short_description_to_products;
mod m20260623_000002_strip_html_from_product_search;
pub struct Migrator;
#[async_trait::async_trait]
@@ -72,6 +85,19 @@ impl MigratorTrait for Migrator {
Box::new(m20260618_000002_customer_profiles::Migration),
Box::new(m20260618_000003_account_type::Migration),
Box::new(m20260618_000004_account_ownership::Migration),
Box::new(m20260620_000001_add_totp_to_users::Migration),
Box::new(m20260621_000001_add_sale_price_to_products::Migration),
Box::new(m20260621_000002_account_product_prices::Migration),
Box::new(m20260621_000003_discount_profiles::Migration),
Box::new(m20260621_000004_add_business_sale_price_to_products::Migration),
Box::new(m20260622_000001_audience_discount_profiles::Migration),
Box::new(m20260622_000002_product_variants::Migration),
Box::new(m20260622_000003_variant_stock_nullable::Migration),
Box::new(m20260622_000004_product_search::Migration),
Box::new(m20260622_000005_product_search_aggregate::Migration),
Box::new(m20260622_000006_order_search_indexes::Migration),
Box::new(m20260623_000001_add_short_description_to_products::Migration),
Box::new(m20260623_000002_strip_html_from_product_search::Migration),
// inject-above (do not remove this comment)
]
}

32
migration/src/m20260620_000001_add_totp_to_users.rs Normal file
View File

@@ -0,0 +1,32 @@
use loco_rs::schema::*;
use sea_orm_migration::prelude::*;
#[derive(DeriveMigrationName)]
pub struct Migration;
// Optional TOTP (Google Authenticator) two-factor auth. All three columns are
// nullable and only populated once a user opts in:
// - `totp_secret` base32 shared secret; present while enrolling/enabled.
// TODO(security): stored PLAINTEXT and is password-
// equivalent (must stay reversible to recompute codes).
// Encrypt at rest later with an out-of-DB key. See the
// TODO(security) block in src/models/users.rs.
// - `totp_enabled_at` NULL = 2FA off. Set only after the user confirms a
// code, so a half-finished enrollment never gates login.
// - `totp_backup_codes` JSON array of hashed one-time recovery codes.
#[async_trait::async_trait]
impl MigrationTrait for Migration {
async fn up(&self, m: &SchemaManager) -> Result<(), DbErr> {
add_column(m, "users", "totp_secret", ColType::TextNull).await?;
add_column(m, "users", "totp_enabled_at", ColType::TimestampWithTimeZoneNull).await?;
add_column(m, "users", "totp_backup_codes", ColType::TextNull).await?;
Ok(())
}
async fn down(&self, m: &SchemaManager) -> Result<(), DbErr> {
remove_column(m, "users", "totp_backup_codes").await?;
remove_column(m, "users", "totp_enabled_at").await?;
remove_column(m, "users", "totp_secret").await?;
Ok(())
}
}

19
migration/src/m20260621_000001_add_sale_price_to_products.rs Normal file
View File

@@ -0,0 +1,19 @@
use loco_rs::schema::*;
use sea_orm_migration::prelude::*;
#[derive(DeriveMigrationName)]
pub struct Migration;
#[async_trait::async_trait]
impl MigrationTrait for Migration {
async fn up(&self, m: &SchemaManager) -> Result<(), DbErr> {
// Optional discounted price in minor units. When set (and below
// `price_cents`) the product is on sale; the regular price is shown
// struck through and this is the effective price everywhere.
add_column(m, "products", "sale_price_cents", ColType::BigIntegerNull).await
}
async fn down(&self, m: &SchemaManager) -> Result<(), DbErr> {
remove_column(m, "products", "sale_price_cents").await
}
}

40
migration/src/m20260621_000002_account_product_prices.rs Normal file
View File

@@ -0,0 +1,40 @@
use loco_rs::schema::*;
use sea_orm_migration::prelude::*;
#[derive(DeriveMigrationName)]
pub struct Migration;
#[async_trait::async_trait]
impl MigrationTrait for Migration {
async fn up(&self, m: &SchemaManager) -> Result<(), DbErr> {
// A manually negotiated price (in minor units) for one product, for one
// business account — the "personal agreement" layer. `user`/`product`
// add the user_id/product_id FKs; the unique index below keeps it to one
// row per (account, product).
create_table(
m,
"account_product_prices",
&[
("id", ColType::PkAuto),
("price_cents", ColType::BigInteger),
],
&[("user", ""), ("product", "")],
)
.await?;
m.create_index(
Index::create()
.name("idx_account_product_prices_user_product_unique")
.table(Alias::new("account_product_prices"))
.col(Alias::new("user_id"))
.col(Alias::new("product_id"))
.unique()
.to_owned(),
)
.await
}
async fn down(&self, m: &SchemaManager) -> Result<(), DbErr> {
drop_table(m, "account_product_prices").await
}
}

91
migration/src/m20260621_000003_discount_profiles.rs Normal file
View File

@@ -0,0 +1,91 @@
use loco_rs::schema::*;
use sea_orm_migration::prelude::*;
#[derive(DeriveMigrationName)]
pub struct Migration;
#[async_trait::async_trait]
impl MigrationTrait for Migration {
async fn up(&self, m: &SchemaManager) -> Result<(), DbErr> {
// A reusable, named discount layer: a percentage (basis points, 5% = 500)
// over a product scope. `scope_type` is 'include' (covers the listed
// products) or 'all_except' (covers everything but the listed products).
create_table(
m,
"discount_profiles",
&[
("id", ColType::PkAuto),
("name", ColType::String),
("percent_bp", ColType::Integer),
("scope_type", ColType::StringWithDefault("include".to_string())),
],
&[],
)
.await?;
// Which products the scope lists (meaning depends on scope_type).
create_table(
m,
"discount_profile_products",
&[("id", ColType::PkAuto)],
&[("discount_profile", ""), ("product", "")],
)
.await?;
m.create_index(
Index::create()
.name("idx_discount_profile_products_unique")
.table(Alias::new("discount_profile_products"))
.col(Alias::new("discount_profile_id"))
.col(Alias::new("product_id"))
.unique()
.to_owned(),
)
.await?;
// Which profiles a business account has (mixable).
create_table(
m,
"account_discount_profiles",
&[("id", ColType::PkAuto)],
&[("user", ""), ("discount_profile", "")],
)
.await?;
m.create_index(
Index::create()
.name("idx_account_discount_profiles_unique")
.table(Alias::new("account_discount_profiles"))
.col(Alias::new("user_id"))
.col(Alias::new("discount_profile_id"))
.unique()
.to_owned(),
)
.await?;
// The admin's chosen winning profile when two assigned profiles cover the
// same product for an account (collision resolution).
create_table(
m,
"account_product_resolutions",
&[("id", ColType::PkAuto)],
&[("user", ""), ("product", ""), ("discount_profile", "")],
)
.await?;
m.create_index(
Index::create()
.name("idx_account_product_resolutions_unique")
.table(Alias::new("account_product_resolutions"))
.col(Alias::new("user_id"))
.col(Alias::new("product_id"))
.unique()
.to_owned(),
)
.await
}
async fn down(&self, m: &SchemaManager) -> Result<(), DbErr> {
drop_table(m, "account_product_resolutions").await?;
drop_table(m, "account_discount_profiles").await?;
drop_table(m, "discount_profile_products").await?;
drop_table(m, "discount_profiles").await
}
}

20
migration/src/m20260621_000004_add_business_sale_price_to_products.rs Normal file
View File

@@ -0,0 +1,20 @@
use loco_rs::schema::*;
use sea_orm_migration::prelude::*;
#[derive(DeriveMigrationName)]
pub struct Migration;
#[async_trait::async_trait]
impl MigrationTrait for Migration {
async fn up(&self, m: &SchemaManager) -> Result<(), DbErr> {
// Optional per-product discounted price (minor units) shown to ALL
// business (company) accounts as a baseline, computed off the regular
// price like the personal sale. Per-company profiles/negotiated prices
// still layer on top (lowest price wins).
add_column(m, "products", "business_sale_price_cents", ColType::BigIntegerNull).await
}
async fn down(&self, m: &SchemaManager) -> Result<(), DbErr> {
remove_column(m, "products", "business_sale_price_cents").await
}
}

40
migration/src/m20260622_000001_audience_discount_profiles.rs Normal file
View File

@@ -0,0 +1,40 @@
use loco_rs::schema::*;
use sea_orm_migration::prelude::*;
#[derive(DeriveMigrationName)]
pub struct Migration;
#[async_trait::async_trait]
impl MigrationTrait for Migration {
async fn up(&self, m: &SchemaManager) -> Result<(), DbErr> {
// Discount profiles applied globally to a whole audience, set on the
// discounts page: "personal" lowers the public price for everyone,
// "business" lowers the price for all company accounts. Per-company
// assignments (account_discount_profiles) still layer on top.
create_table(
m,
"audience_discount_profiles",
&[
("id", ColType::PkAuto),
("audience", ColType::String),
],
&[("discount_profile", "")],
)
.await?;
m.create_index(
Index::create()
.name("idx_audience_discount_profiles_unique")
.table(Alias::new("audience_discount_profiles"))
.col(Alias::new("audience"))
.col(Alias::new("discount_profile_id"))
.unique()
.to_owned(),
)
.await
}
async fn down(&self, m: &SchemaManager) -> Result<(), DbErr> {
drop_table(m, "audience_discount_profiles").await
}
}

204
migration/src/m20260622_000002_product_variants.rs Normal file
View File

@@ -0,0 +1,204 @@
//! Introduce product variants as the purchasable unit.
//!
//! A product becomes a presentation grouping (name, description, images,
//! category, tags, percentage discount profiles). Each product owns one or more
//! `product_variants`, and the variant is what carries the things that actually
//! differ between options: a free-text `label` (e.g. "rolovaná 90cm x 10m",
//! "5ml"), its own `sku`, `stock`, regular `price_cents`, and its own optional
//! public/business quick-sale prices.
//!
//! This migration:
//! 1. creates `product_variants`,
//! 2. backfills one variant per existing product from the product's current
//! price/stock/sku/sale columns,
//! 3. moves the per-account negotiated price and collision-resolution tables
//! from keying on `product_id` to `variant_id`,
//! 4. snapshots the variant onto `order_items`,
//! 5. drops the now-moved purchasable columns from `products`.
use sea_orm_migration::prelude::*;
#[derive(DeriveMigrationName)]
pub struct Migration;
#[async_trait::async_trait]
impl MigrationTrait for Migration {
async fn up(&self, m: &SchemaManager) -> Result<(), DbErr> {
let db = m.get_connection();
// 1. The variants table.
db.execute_unprepared(
r#"
CREATE TABLE product_variants (
id SERIAL PRIMARY KEY,
created_at TIMESTAMPTZ NOT NULL DEFAULT now(),
updated_at TIMESTAMPTZ NOT NULL DEFAULT now(),
product_id INTEGER NOT NULL REFERENCES products(id) ON DELETE CASCADE,
label VARCHAR NOT NULL DEFAULT '',
position INTEGER NOT NULL DEFAULT 0,
sku VARCHAR,
stock INTEGER NOT NULL DEFAULT 0,
price_cents BIGINT NOT NULL,
sale_price_cents BIGINT,
business_sale_price_cents BIGINT
);
CREATE INDEX idx_product_variants_product ON product_variants (product_id);
"#,
)
.await?;
// 2. One variant per existing product, carrying its current pricing.
db.execute_unprepared(
r#"
INSERT INTO product_variants
(product_id, label, position, sku, stock,
price_cents, sale_price_cents, business_sale_price_cents)
SELECT id, '', 0, sku, stock,
price_cents, sale_price_cents, business_sale_price_cents
FROM products;
"#,
)
.await?;
// 3a. Negotiated prices: product_id -> variant_id.
db.execute_unprepared(
r#"
ALTER TABLE account_product_prices ADD COLUMN variant_id INTEGER;
UPDATE account_product_prices a
SET variant_id = pv.id
FROM product_variants pv
WHERE pv.product_id = a.product_id;
DROP INDEX IF EXISTS idx_account_product_prices_user_product_unique;
ALTER TABLE account_product_prices DROP COLUMN product_id;
ALTER TABLE account_product_prices ALTER COLUMN variant_id SET NOT NULL;
ALTER TABLE account_product_prices
ADD CONSTRAINT fk_account_product_prices_variant
FOREIGN KEY (variant_id) REFERENCES product_variants(id) ON DELETE CASCADE;
CREATE UNIQUE INDEX idx_account_product_prices_user_variant_unique
ON account_product_prices (user_id, variant_id);
"#,
)
.await?;
// 3b. Collision resolutions: product_id -> variant_id.
db.execute_unprepared(
r#"
ALTER TABLE account_product_resolutions ADD COLUMN variant_id INTEGER;
UPDATE account_product_resolutions a
SET variant_id = pv.id
FROM product_variants pv
WHERE pv.product_id = a.product_id;
DROP INDEX IF EXISTS idx_account_product_resolutions_unique;
ALTER TABLE account_product_resolutions DROP COLUMN product_id;
ALTER TABLE account_product_resolutions ALTER COLUMN variant_id SET NOT NULL;
ALTER TABLE account_product_resolutions
ADD CONSTRAINT fk_account_product_resolutions_variant
FOREIGN KEY (variant_id) REFERENCES product_variants(id) ON DELETE CASCADE;
CREATE UNIQUE INDEX idx_account_product_resolutions_unique
ON account_product_resolutions (user_id, variant_id);
"#,
)
.await?;
// 4. Snapshot the variant on order lines (label is frozen at order time;
// the FK is nullable + SET NULL so deleting a variant keeps history).
db.execute_unprepared(
r#"
ALTER TABLE order_items ADD COLUMN variant_label VARCHAR NOT NULL DEFAULT '';
ALTER TABLE order_items ADD COLUMN variant_id INTEGER
REFERENCES product_variants(id) ON DELETE SET NULL;
"#,
)
.await?;
// 5. Drop the purchasable columns now owned by the variant.
db.execute_unprepared(
r#"
ALTER TABLE products DROP COLUMN price_cents;
ALTER TABLE products DROP COLUMN sale_price_cents;
ALTER TABLE products DROP COLUMN business_sale_price_cents;
ALTER TABLE products DROP COLUMN sku;
ALTER TABLE products DROP COLUMN stock;
"#,
)
.await?;
Ok(())
}
async fn down(&self, m: &SchemaManager) -> Result<(), DbErr> {
let db = m.get_connection();
// Restore product columns from each product's first variant.
db.execute_unprepared(
r#"
ALTER TABLE products ADD COLUMN price_cents BIGINT NOT NULL DEFAULT 0;
ALTER TABLE products ADD COLUMN sale_price_cents BIGINT;
ALTER TABLE products ADD COLUMN business_sale_price_cents BIGINT;
ALTER TABLE products ADD COLUMN sku VARCHAR;
ALTER TABLE products ADD COLUMN stock INTEGER NOT NULL DEFAULT 0;
UPDATE products p SET
price_cents = pv.price_cents,
sale_price_cents = pv.sale_price_cents,
business_sale_price_cents = pv.business_sale_price_cents,
sku = pv.sku,
stock = pv.stock
FROM (
SELECT DISTINCT ON (product_id) product_id, price_cents,
sale_price_cents, business_sale_price_cents, sku, stock
FROM product_variants ORDER BY product_id, position, id
) pv
WHERE pv.product_id = p.id;
"#,
)
.await?;
db.execute_unprepared(
r#"
ALTER TABLE order_items DROP COLUMN variant_id;
ALTER TABLE order_items DROP COLUMN variant_label;
"#,
)
.await?;
db.execute_unprepared(
r#"
ALTER TABLE account_product_resolutions ADD COLUMN product_id INTEGER;
UPDATE account_product_resolutions a
SET product_id = pv.product_id
FROM product_variants pv WHERE pv.id = a.variant_id;
DROP INDEX IF EXISTS idx_account_product_resolutions_unique;
ALTER TABLE account_product_resolutions DROP COLUMN variant_id;
ALTER TABLE account_product_resolutions ALTER COLUMN product_id SET NOT NULL;
ALTER TABLE account_product_resolutions
ADD CONSTRAINT fk_account_product_resolutions_product
FOREIGN KEY (product_id) REFERENCES products(id) ON DELETE CASCADE;
CREATE UNIQUE INDEX idx_account_product_resolutions_unique
ON account_product_resolutions (user_id, product_id);
"#,
)
.await?;
db.execute_unprepared(
r#"
ALTER TABLE account_product_prices ADD COLUMN product_id INTEGER;
UPDATE account_product_prices a
SET product_id = pv.product_id
FROM product_variants pv WHERE pv.id = a.variant_id;
DROP INDEX IF EXISTS idx_account_product_prices_user_variant_unique;
ALTER TABLE account_product_prices DROP COLUMN variant_id;
ALTER TABLE account_product_prices ALTER COLUMN product_id SET NOT NULL;
ALTER TABLE account_product_prices
ADD CONSTRAINT fk_account_product_prices_product
FOREIGN KEY (product_id) REFERENCES products(id) ON DELETE CASCADE;
CREATE UNIQUE INDEX idx_account_product_prices_user_product_unique
ON account_product_prices (user_id, product_id);
"#,
)
.await?;
db.execute_unprepared("DROP TABLE product_variants;").await?;
Ok(())
}
}

36
migration/src/m20260622_000003_variant_stock_nullable.rs Normal file
View File

@@ -0,0 +1,36 @@
//! Make `product_variants.stock` nullable: a NULL stock means the variant is
//! "available" but not inventory-tracked — always purchasable, no quantity cap,
//! and never decremented on order. A numeric stock is tracked/capped as before.
use sea_orm_migration::prelude::*;
#[derive(DeriveMigrationName)]
pub struct Migration;
#[async_trait::async_trait]
impl MigrationTrait for Migration {
async fn up(&self, m: &SchemaManager) -> Result<(), DbErr> {
m.get_connection()
.execute_unprepared(
r#"
ALTER TABLE product_variants ALTER COLUMN stock DROP DEFAULT;
ALTER TABLE product_variants ALTER COLUMN stock DROP NOT NULL;
"#,
)
.await?;
Ok(())
}
async fn down(&self, m: &SchemaManager) -> Result<(), DbErr> {
m.get_connection()
.execute_unprepared(
r#"
UPDATE product_variants SET stock = 0 WHERE stock IS NULL;
ALTER TABLE product_variants ALTER COLUMN stock SET DEFAULT 0;
ALTER TABLE product_variants ALTER COLUMN stock SET NOT NULL;
"#,
)
.await?;
Ok(())
}
}

92
migration/src/m20260622_000004_product_search.rs Normal file
View File

@@ -0,0 +1,92 @@
//! Full-text + fuzzy search over the product catalog.
//!
//! Storefront search has to cope with Slovak text (diacritics, ad-hoc spelling)
//! and customer typos, while staying entirely inside Postgres — the catalog is
//! small (hundreds of products), so a separate search engine would be pure
//! operational overhead. This migration sets up:
//!
//! 1. `unaccent` + `pg_trgm` extensions, and an IMMUTABLE `f_unaccent` wrapper
//! (the stock `unaccent` is only STABLE, so it can't be used in an index
//! expression without wrapping it).
//! 2. a `sk_unaccent` text-search configuration: the `simple` dictionary
//! (no English stemming, which would mangle Slovak) folded through
//! `unaccent` so "kompresor" and "kompresór" tokenize identically.
//! 3. a STORED generated `products.search_vector`, weighting the name above
//! the description, with a GIN index for `@@` matching.
//! 4. a trigram GIN index on the (unaccented) name for fuzzy matching.
//!
//! The matching query itself lives in `products::Entity::search`.
use sea_orm_migration::prelude::*;
#[derive(DeriveMigrationName)]
pub struct Migration;
#[async_trait::async_trait]
impl MigrationTrait for Migration {
async fn up(&self, m: &SchemaManager) -> Result<(), DbErr> {
let db = m.get_connection();
db.execute_unprepared(
r#"
CREATE EXTENSION IF NOT EXISTS unaccent;
CREATE EXTENSION IF NOT EXISTS pg_trgm;
-- IMMUTABLE wrapper so unaccent() can be used in generated columns
-- and index expressions (the extension's own unaccent() is STABLE).
CREATE OR REPLACE FUNCTION f_unaccent(text)
RETURNS text
LANGUAGE sql IMMUTABLE PARALLEL SAFE STRICT AS
$func$ SELECT public.unaccent('public.unaccent', $1) $func$;
-- 'simple' (no stemming) + unaccent: a good fit for Slovak, where
-- English stemming is wrong and accents are typed inconsistently.
DROP TEXT SEARCH CONFIGURATION IF EXISTS sk_unaccent;
CREATE TEXT SEARCH CONFIGURATION sk_unaccent ( COPY = simple );
ALTER TEXT SEARCH CONFIGURATION sk_unaccent
ALTER MAPPING FOR hword, hword_part, word
WITH unaccent, simple;
"#,
)
.await?;
db.execute_unprepared(
r#"
ALTER TABLE products
ADD COLUMN search_vector tsvector
GENERATED ALWAYS AS (
setweight(to_tsvector('sk_unaccent', COALESCE(name, '')), 'A') ||
setweight(to_tsvector('sk_unaccent', COALESCE(description, '')), 'B')
) STORED;
CREATE INDEX idx_products_search_vector
ON products USING GIN (search_vector);
CREATE INDEX idx_products_name_trgm
ON products USING GIN (f_unaccent(name) gin_trgm_ops);
"#,
)
.await?;
Ok(())
}
async fn down(&self, m: &SchemaManager) -> Result<(), DbErr> {
let db = m.get_connection();
// Drop the trigram index (it depends on f_unaccent) before the function;
// dropping the column takes its own GIN index with it.
db.execute_unprepared(
r#"
DROP INDEX IF EXISTS idx_products_name_trgm;
ALTER TABLE products DROP COLUMN IF EXISTS search_vector;
DROP TEXT SEARCH CONFIGURATION IF EXISTS sk_unaccent;
DROP FUNCTION IF EXISTS f_unaccent(text);
"#,
)
.await?;
// The unaccent / pg_trgm extensions are left installed: other objects may
// rely on them and they are harmless on their own.
Ok(())
}
}

232
migration/src/m20260622_000005_product_search_aggregate.rs Normal file
View File

@@ -0,0 +1,232 @@
//! Broaden product search to the whole purchasable surface.
//!
//! The `product_search` migration could only index columns living on `products`
//! itself (name, description), because a STORED generated column may not read
//! other tables. To also match by tag, variant label and SKU, `search_vector`
//! becomes a plain column maintained by triggers:
//!
//! * `kompress_build_product_search(name, description, id)` builds the weighted
//! vector for one product, pulling tags + variant labels + SKUs by id
//! (name = A, tags + labels = B, description + SKU = C).
//! * a BEFORE trigger on `products` keeps a product's own row in sync, and
//! * AFTER triggers on `product_variants`, `product_product_tags` and tag
//! renames refresh the affected product(s).
//!
//! The result is one `products.search_vector` that every search query can reuse,
//! always consistent with the catalog.
use sea_orm_migration::prelude::*;
#[derive(DeriveMigrationName)]
pub struct Migration;
#[async_trait::async_trait]
impl MigrationTrait for Migration {
async fn up(&self, m: &SchemaManager) -> Result<(), DbErr> {
let db = m.get_connection();
// Swap the generated column (name + description only) for a plain column
// the triggers can own. Dropping it takes its GIN index with it.
db.execute_unprepared(
r#"
ALTER TABLE products DROP COLUMN IF EXISTS search_vector;
ALTER TABLE products ADD COLUMN search_vector tsvector;
"#,
)
.await?;
// Single source of truth for a product's search document.
db.execute_unprepared(
r#"
CREATE OR REPLACE FUNCTION kompress_build_product_search(
p_name text, p_description text, p_id integer
) RETURNS tsvector
LANGUAGE sql STABLE AS $func$
SELECT
setweight(to_tsvector('sk_unaccent', COALESCE(p_name, '')), 'A')
|| setweight(to_tsvector('sk_unaccent', COALESCE((
SELECT string_agg(t.name, ' ')
FROM product_product_tags ppt
JOIN product_tags t ON t.id = ppt.product_tag_id
WHERE ppt.product_id = p_id
), '')), 'B')
|| setweight(to_tsvector('sk_unaccent', COALESCE((
SELECT string_agg(v.label, ' ')
FROM product_variants v
WHERE v.product_id = p_id
), '')), 'B')
|| setweight(to_tsvector('sk_unaccent', COALESCE(p_description, '')), 'C')
|| setweight(to_tsvector('sk_unaccent', COALESCE((
SELECT string_agg(v.sku, ' ')
FROM product_variants v
WHERE v.product_id = p_id AND v.sku IS NOT NULL
), '')), 'C');
$func$;
-- Refresh one product's stored vector (used by the satellite triggers).
CREATE OR REPLACE FUNCTION kompress_refresh_product_search(p_id integer)
RETURNS void LANGUAGE sql AS $func$
UPDATE products
SET search_vector = kompress_build_product_search(name, description, id)
WHERE id = p_id;
$func$;
"#,
)
.await?;
// BEFORE trigger on products: recompute on its own writes. When a refresh
// only touches search_vector (name + description unchanged) it skips the
// recompute and keeps the supplied value — which also breaks recursion.
db.execute_unprepared(
r#"
CREATE OR REPLACE FUNCTION kompress_products_search_tg() RETURNS trigger
LANGUAGE plpgsql AS $func$
BEGIN
IF TG_OP = 'UPDATE'
AND NEW.name IS NOT DISTINCT FROM OLD.name
AND NEW.description IS NOT DISTINCT FROM OLD.description
AND NEW.search_vector IS DISTINCT FROM OLD.search_vector THEN
RETURN NEW;
END IF;
NEW.search_vector :=
kompress_build_product_search(NEW.name, NEW.description, NEW.id);
RETURN NEW;
END;
$func$;
DROP TRIGGER IF EXISTS products_search_tg ON products;
CREATE TRIGGER products_search_tg
BEFORE INSERT OR UPDATE ON products
FOR EACH ROW EXECUTE FUNCTION kompress_products_search_tg();
"#,
)
.await?;
// Variants: any change refreshes the owning product (both, on reparent).
db.execute_unprepared(
r#"
CREATE OR REPLACE FUNCTION kompress_variants_search_tg() RETURNS trigger
LANGUAGE plpgsql AS $func$
BEGIN
IF TG_OP = 'DELETE' THEN
PERFORM kompress_refresh_product_search(OLD.product_id);
RETURN OLD;
END IF;
PERFORM kompress_refresh_product_search(NEW.product_id);
IF TG_OP = 'UPDATE' AND NEW.product_id IS DISTINCT FROM OLD.product_id THEN
PERFORM kompress_refresh_product_search(OLD.product_id);
END IF;
RETURN NEW;
END;
$func$;
DROP TRIGGER IF EXISTS product_variants_search_tg ON product_variants;
CREATE TRIGGER product_variants_search_tg
AFTER INSERT OR UPDATE OR DELETE ON product_variants
FOR EACH ROW EXECUTE FUNCTION kompress_variants_search_tg();
"#,
)
.await?;
// Tag links: attaching/detaching a tag refreshes the product.
db.execute_unprepared(
r#"
CREATE OR REPLACE FUNCTION kompress_product_tags_link_search_tg() RETURNS trigger
LANGUAGE plpgsql AS $func$
BEGIN
IF TG_OP = 'DELETE' THEN
PERFORM kompress_refresh_product_search(OLD.product_id);
RETURN OLD;
END IF;
PERFORM kompress_refresh_product_search(NEW.product_id);
RETURN NEW;
END;
$func$;
DROP TRIGGER IF EXISTS product_product_tags_search_tg ON product_product_tags;
CREATE TRIGGER product_product_tags_search_tg
AFTER INSERT OR UPDATE OR DELETE ON product_product_tags
FOR EACH ROW EXECUTE FUNCTION kompress_product_tags_link_search_tg();
"#,
)
.await?;
// Renaming a tag refreshes every product carrying it.
db.execute_unprepared(
r#"
CREATE OR REPLACE FUNCTION kompress_tag_rename_search_tg() RETURNS trigger
LANGUAGE plpgsql AS $func$
BEGIN
UPDATE products p
SET search_vector =
kompress_build_product_search(p.name, p.description, p.id)
WHERE p.id IN (
SELECT ppt.product_id FROM product_product_tags ppt
WHERE ppt.product_tag_id = NEW.id
);
RETURN NEW;
END;
$func$;
DROP TRIGGER IF EXISTS product_tags_rename_search_tg ON product_tags;
CREATE TRIGGER product_tags_rename_search_tg
AFTER UPDATE OF name ON product_tags
FOR EACH ROW EXECUTE FUNCTION kompress_tag_rename_search_tg();
"#,
)
.await?;
// Backfill existing rows, then (re)create the GIN index for `@@`.
db.execute_unprepared(
r#"
UPDATE products
SET search_vector = kompress_build_product_search(name, description, id);
CREATE INDEX idx_products_search_vector
ON products USING GIN (search_vector);
"#,
)
.await?;
Ok(())
}
async fn down(&self, m: &SchemaManager) -> Result<(), DbErr> {
let db = m.get_connection();
db.execute_unprepared(
r#"
DROP TRIGGER IF EXISTS product_tags_rename_search_tg ON product_tags;
DROP TRIGGER IF EXISTS product_product_tags_search_tg ON product_product_tags;
DROP TRIGGER IF EXISTS product_variants_search_tg ON product_variants;
DROP TRIGGER IF EXISTS products_search_tg ON products;
DROP FUNCTION IF EXISTS kompress_tag_rename_search_tg();
DROP FUNCTION IF EXISTS kompress_product_tags_link_search_tg();
DROP FUNCTION IF EXISTS kompress_variants_search_tg();
DROP FUNCTION IF EXISTS kompress_products_search_tg();
DROP FUNCTION IF EXISTS kompress_refresh_product_search(integer);
DROP FUNCTION IF EXISTS kompress_build_product_search(text, text, integer);
ALTER TABLE products DROP COLUMN IF EXISTS search_vector;
"#,
)
.await?;
// Restore the name + description generated column from the prior migration.
db.execute_unprepared(
r#"
ALTER TABLE products
ADD COLUMN search_vector tsvector
GENERATED ALWAYS AS (
setweight(to_tsvector('sk_unaccent', COALESCE(name, '')), 'A') ||
setweight(to_tsvector('sk_unaccent', COALESCE(description, '')), 'B')
) STORED;
CREATE INDEX idx_products_search_vector
ON products USING GIN (search_vector);
"#,
)
.await?;
Ok(())
}
}

48
migration/src/m20260622_000006_order_search_indexes.rs Normal file
View File

@@ -0,0 +1,48 @@
//! Trigram indexes so the admin order search stays fast as orders pile up.
//!
//! Order search is a plain substring (`ILIKE`) match over the high-signal,
//! free-text order fields — order number, email, customer/company name — run
//! through `f_unaccent` so diacritics and case never matter (see
//! `orders::Entity::search`). These `pg_trgm` GIN indexes let those `ILIKE`
//! lookups use an index instead of scanning every row. `pg_trgm` + `f_unaccent`
//! already exist from the product-search migration.
use sea_orm_migration::prelude::*;
#[derive(DeriveMigrationName)]
pub struct Migration;
#[async_trait::async_trait]
impl MigrationTrait for Migration {
async fn up(&self, m: &SchemaManager) -> Result<(), DbErr> {
m.get_connection()
.execute_unprepared(
r#"
CREATE INDEX idx_orders_number_trgm
ON orders USING GIN (f_unaccent(order_number) gin_trgm_ops);
CREATE INDEX idx_orders_email_trgm
ON orders USING GIN (f_unaccent(email) gin_trgm_ops);
CREATE INDEX idx_orders_customer_name_trgm
ON orders USING GIN (f_unaccent(COALESCE(customer_name, '')) gin_trgm_ops);
CREATE INDEX idx_orders_company_name_trgm
ON orders USING GIN (f_unaccent(COALESCE(company_name, '')) gin_trgm_ops);
"#,
)
.await?;
Ok(())
}
async fn down(&self, m: &SchemaManager) -> Result<(), DbErr> {
m.get_connection()
.execute_unprepared(
r#"
DROP INDEX IF EXISTS idx_orders_company_name_trgm;
DROP INDEX IF EXISTS idx_orders_customer_name_trgm;
DROP INDEX IF EXISTS idx_orders_email_trgm;
DROP INDEX IF EXISTS idx_orders_number_trgm;
"#,
)
.await?;
Ok(())
}
}

18
migration/src/m20260623_000001_add_short_description_to_products.rs Normal file
View File

@@ -0,0 +1,18 @@
use loco_rs::schema::*;
use sea_orm_migration::prelude::*;
#[derive(DeriveMigrationName)]
pub struct Migration;
#[async_trait::async_trait]
impl MigrationTrait for Migration {
async fn up(&self, m: &SchemaManager) -> Result<(), DbErr> {
// A short blurb shown on product cards (grid/list), distinct from the full
// `description` rendered on the product detail page.
add_column(m, "products", "short_description", ColType::TextNull).await
}
async fn down(&self, m: &SchemaManager) -> Result<(), DbErr> {
remove_column(m, "products", "short_description").await
}
}

94
migration/src/m20260623_000002_strip_html_from_product_search.rs Normal file
View File

@@ -0,0 +1,94 @@
//! Product descriptions are now authored as rich text (Quill) and stored as
//! HTML. The product search vector (see m20260622_000005) tokenizes the raw
//! description, so without this the markup itself (`p`, `strong`, `li`, `href`,
//! `class`, `ql`, …) would land in the index and pollute matches.
//!
//! Redefine `kompress_build_product_search` so the description is run through a
//! tag-stripping `regexp_replace` before `to_tsvector`, then backfill every
//! product's stored vector. Everything else about the function is unchanged.
use sea_orm_migration::prelude::*;
#[derive(DeriveMigrationName)]
pub struct Migration;
#[async_trait::async_trait]
impl MigrationTrait for Migration {
async fn up(&self, m: &SchemaManager) -> Result<(), DbErr> {
let db = m.get_connection();
db.execute_unprepared(
r#"
CREATE OR REPLACE FUNCTION kompress_build_product_search(
p_name text, p_description text, p_id integer
) RETURNS tsvector
LANGUAGE sql STABLE AS $func$
SELECT
setweight(to_tsvector('sk_unaccent', COALESCE(p_name, '')), 'A')
|| setweight(to_tsvector('sk_unaccent', COALESCE((
SELECT string_agg(t.name, ' ')
FROM product_product_tags ppt
JOIN product_tags t ON t.id = ppt.product_tag_id
WHERE ppt.product_id = p_id
), '')), 'B')
|| setweight(to_tsvector('sk_unaccent', COALESCE((
SELECT string_agg(v.label, ' ')
FROM product_variants v
WHERE v.product_id = p_id
), '')), 'B')
|| setweight(to_tsvector('sk_unaccent',
regexp_replace(COALESCE(p_description, ''), '<[^>]+>', ' ', 'g')
), 'C')
|| setweight(to_tsvector('sk_unaccent', COALESCE((
SELECT string_agg(v.sku, ' ')
FROM product_variants v
WHERE v.product_id = p_id AND v.sku IS NOT NULL
), '')), 'C');
$func$;
-- Backfill: recompute every product's vector with the new definition.
UPDATE products
SET search_vector = kompress_build_product_search(name, description, id);
"#,
)
.await?;
Ok(())
}
async fn down(&self, m: &SchemaManager) -> Result<(), DbErr> {
// Restore the prior definition (raw, un-stripped description).
let db = m.get_connection();
db.execute_unprepared(
r#"
CREATE OR REPLACE FUNCTION kompress_build_product_search(
p_name text, p_description text, p_id integer
) RETURNS tsvector
LANGUAGE sql STABLE AS $func$
SELECT
setweight(to_tsvector('sk_unaccent', COALESCE(p_name, '')), 'A')
|| setweight(to_tsvector('sk_unaccent', COALESCE((
SELECT string_agg(t.name, ' ')
FROM product_product_tags ppt
JOIN product_tags t ON t.id = ppt.product_tag_id
WHERE ppt.product_id = p_id
), '')), 'B')
|| setweight(to_tsvector('sk_unaccent', COALESCE((
SELECT string_agg(v.label, ' ')
FROM product_variants v
WHERE v.product_id = p_id
), '')), 'B')
|| setweight(to_tsvector('sk_unaccent', COALESCE(p_description, '')), 'C')
|| setweight(to_tsvector('sk_unaccent', COALESCE((
SELECT string_agg(v.sku, ' ')
FROM product_variants v
WHERE v.product_id = p_id AND v.sku IS NOT NULL
), '')), 'C');
$func$;
UPDATE products
SET search_vector = kompress_build_product_search(name, description, id);
"#,
)
.await?;
Ok(())
}
}

13
src/app.rs
View File

@@ -17,8 +17,9 @@ use std::{path::Path, sync::Arc};
#[allow(unused_imports)]
use crate::{
controllers::{
account, admin_categories, admin_dashboard, admin_form, admin_orders,
admin_products, admin_shipping, auth, auth_pages, cart, checkout, home, i18n, media, oauth2,
account, admin_categories, admin_customers, admin_dashboard, admin_discount_profiles,
admin_form, admin_orders, admin_products, admin_shipping, auth, auth_pages,
cart, checkout, home, i18n, media, oauth2,
shop,
},
initializers,
@@ -68,6 +69,12 @@ impl Hooks for App {
.layer(axum::middleware::from_fn_with_state(
ctx.clone(),
crate::shared::rbac::inject_subject,
))
// CSRF runs outermost so it validates the double-submit token before
// any handler sees the request and stamps the cookie on safe ones.
.layer(axum::middleware::from_fn_with_state(
ctx.clone(),
crate::shared::csrf::protect,
)))
}
@@ -98,8 +105,10 @@ impl Hooks for App {
// admin
.add_route(admin_dashboard::routes())
.add_route(admin_products::routes())
.add_route(admin_discount_profiles::routes())
.add_route(admin_categories::routes())
.add_route(admin_orders::routes())
.add_route(admin_customers::routes())
.add_route(admin_shipping::routes())
}

198
src/controllers/account.rs
View File

@@ -126,6 +126,8 @@ fn profile_view(
"logged_in_admin": false,
"logged_in_customer": true,
"account_nav": true,
"customer_name": user.name,
"customer_account_type": user.account_type,
"saved": saved,
"error": error,
"name": user.name,
@@ -232,6 +234,8 @@ async fn orders_page(
"logged_in_admin": false,
"logged_in_customer": true,
"account_nav": true,
"customer_name": user.name,
"customer_account_type": user.account_type,
"active_orders": shape(active),
"past_orders": shape(past),
"lang": current_lang(&jar),
@@ -272,6 +276,8 @@ async fn order_detail_page(
"logged_in_admin": false,
"logged_in_customer": true,
"account_nav": true,
"customer_name": user.name,
"customer_account_type": user.account_type,
"order": order_view::detail(
&order,
settings::get(&ctx, "bank_iban").unwrap_or(""),
@@ -293,6 +299,7 @@ struct ChangePasswordForm {
fn password_view(
v: &TeraView,
jar: &CookieJar,
user: &users::Model,
changed: bool,
error: Option<&str>,
) -> Result<Response> {
@@ -303,6 +310,8 @@ fn password_view(
"logged_in_admin": false,
"logged_in_customer": true,
"account_nav": true,
"customer_name": user.name,
"customer_account_type": user.account_type,
"changed": changed,
"error": error,
"lang": current_lang(jar),
@@ -322,7 +331,7 @@ async fn change_password_page(
if guard::is_admin(&ctx, &user) {
return format::redirect("/admin/dashboard");
}
password_view(&v, &jar, false, None)
password_view(&v, &jar, &user, false, None)
}
#[debug_handler]
@@ -339,18 +348,190 @@ async fn change_password(
return format::redirect("/admin/dashboard");
}
if !user.verify_password(&form.current_password) {
return password_view(&v, &jar, false, Some("current"));
return password_view(&v, &jar, &user, false, Some("current"));
}
if form.password != form.password_confirm {
return password_view(&v, &jar, false, Some("mismatch"));
return password_view(&v, &jar, &user, false, Some("mismatch"));
}
if form.password.len() < 8 {
return password_view(&v, &jar, false, Some("weak"));
return password_view(&v, &jar, &user, false, Some("weak"));
}
user.into_active_model()
let user = user
.into_active_model()
.reset_password(&ctx.db, &form.password)
.await?;
password_view(&v, &jar, true, None)
password_view(&v, &jar, &user, true, None)
}
// ---- Two-factor authentication (TOTP / Google Authenticator) -------------
//
// Entirely opt-in. The security page has three shapes, all rendered from
// `security.html`:
// * disabled -> an "enable" button,
// * enrolling -> the QR + a confirm-code field (secret staged, not yet on),
// * enabled -> status, remaining backup codes, disable/regenerate forms.
// Both turning 2FA off and regenerating backup codes require re-entering the
// account password, so a walk-up attacker on an open session can't weaken it.
#[derive(Debug, Deserialize)]
struct ConfirmTotpForm {
code: String,
}
#[derive(Debug, Deserialize)]
struct PasswordConfirmForm {
current_password: String,
}
/// Render the security page. Exactly one of (`enrolling`, plain status) applies;
/// `backup_codes` is non-empty only on the one render right after enabling or
/// regenerating, where the plaintext codes are shown once.
#[allow(clippy::too_many_arguments)]
fn security_view(
v: &TeraView,
jar: &CookieJar,
user: &users::Model,
enrolling: bool,
qr: Option<&str>,
secret: Option<&str>,
backup_codes: &[String],
error: Option<&str>,
) -> Result<Response> {
format::view(
v,
"account/security.html",
json!({
"logged_in_admin": false,
"logged_in_customer": true,
"account_nav": true,
"customer_name": user.name,
"customer_account_type": user.account_type,
"totp_enabled": user.totp_enabled(),
"enrolling": enrolling,
"qr": qr,
"secret": secret,
"backup_codes": backup_codes,
"backup_remaining": user.backup_codes_remaining(),
"error": error,
"lang": current_lang(jar),
}),
)
}
/// Common guard for every security handler: a signed-in, non-admin customer.
async fn require_customer(ctx: &AppContext, jar: &CookieJar) -> Result<users::Model> {
match guard::current_user(ctx, jar).await {
Some(user) if guard::is_admin(ctx, &user) => Err(Error::string("admin")),
Some(user) => Ok(user),
None => Err(Error::Unauthorized("login required".into())),
}
}
#[debug_handler]
async fn security_page(
jar: CookieJar,
ViewEngine(v): ViewEngine<TeraView>,
State(ctx): State<AppContext>,
) -> Result<Response> {
let Some(user) = guard::current_user(&ctx, &jar).await else {
return format::redirect("/login");
};
if guard::is_admin(&ctx, &user) {
return format::redirect("/admin/dashboard");
}
security_view(&v, &jar, &user, false, None, None, &[], None)
}
/// Stage a fresh secret and show the QR + confirm-code field.
#[debug_handler]
async fn enable_totp(
jar: CookieJar,
ViewEngine(v): ViewEngine<TeraView>,
State(ctx): State<AppContext>,
) -> Result<Response> {
let Ok(user) = require_customer(&ctx, &jar).await else {
return format::redirect("/login");
};
// Already on — nothing to enroll.
if user.totp_enabled() {
return security_view(&v, &jar, &user, false, None, None, &[], None);
}
let user = user.into_active_model().begin_totp_enrollment(&ctx.db).await?;
let Some((qr, secret)) = user.totp_provisioning() else {
return security_view(&v, &jar, &user, false, None, None, &[], Some("enroll"));
};
security_view(&v, &jar, &user, true, Some(&qr), Some(&secret), &[], None)
}
/// Verify the first code against the staged secret; on success flip 2FA on and
/// show the one-time backup codes. On a wrong code, re-show the QR to retry.
#[debug_handler]
async fn confirm_totp(
jar: CookieJar,
ViewEngine(v): ViewEngine<TeraView>,
State(ctx): State<AppContext>,
Form(form): Form<ConfirmTotpForm>,
) -> Result<Response> {
let Ok(user) = require_customer(&ctx, &jar).await else {
return format::redirect("/login");
};
if user.totp_enabled() {
return security_view(&v, &jar, &user, false, None, None, &[], None);
}
if !user.verify_totp_code(&form.code) {
let qr = user.totp_provisioning();
let (qr, secret) = match &qr {
Some((q, s)) => (Some(q.as_str()), Some(s.as_str())),
None => (None, None),
};
return security_view(&v, &jar, &user, true, qr, secret, &[], Some("code"));
}
let (user, backup_codes) = user.into_active_model().enable_totp(&ctx.db).await?;
security_view(&v, &jar, &user, false, None, None, &backup_codes, None)
}
/// Turn 2FA off — requires the account password as confirmation.
#[debug_handler]
async fn disable_totp(
jar: CookieJar,
ViewEngine(v): ViewEngine<TeraView>,
State(ctx): State<AppContext>,
Form(form): Form<PasswordConfirmForm>,
) -> Result<Response> {
let Ok(user) = require_customer(&ctx, &jar).await else {
return format::redirect("/login");
};
if !user.totp_enabled() {
return security_view(&v, &jar, &user, false, None, None, &[], None);
}
if !user.verify_password(&form.current_password) {
return security_view(&v, &jar, &user, false, None, None, &[], Some("password"));
}
let user = user.into_active_model().disable_totp(&ctx.db).await?;
security_view(&v, &jar, &user, false, None, None, &[], None)
}
/// Issue a fresh set of backup codes (invalidating the old ones) — also gated by
/// the account password.
#[debug_handler]
async fn regenerate_backup_codes(
jar: CookieJar,
ViewEngine(v): ViewEngine<TeraView>,
State(ctx): State<AppContext>,
Form(form): Form<PasswordConfirmForm>,
) -> Result<Response> {
let Ok(user) = require_customer(&ctx, &jar).await else {
return format::redirect("/login");
};
if !user.totp_enabled() {
return security_view(&v, &jar, &user, false, None, None, &[], None);
}
if !user.verify_password(&form.current_password) {
return security_view(&v, &jar, &user, false, None, None, &[], Some("password"));
}
let (user, backup_codes) =
user.into_active_model().regenerate_backup_codes(&ctx.db).await?;
security_view(&v, &jar, &user, false, None, None, &backup_codes, None)
}
pub fn routes() -> Routes {
@@ -361,4 +542,9 @@ pub fn routes() -> Routes {
.add("/account/orders/{order_number}", get(order_detail_page))
.add("/account/password", get(change_password_page))
.add("/account/password", post(change_password))
.add("/account/security", get(security_page))
.add("/account/security/enable", post(enable_totp))
.add("/account/security/confirm", post(confirm_totp))
.add("/account/security/disable", post(disable_totp))
.add("/account/security/backup-codes", post(regenerate_backup_codes))
}

30
src/controllers/admin_categories.rs
View File

@@ -49,10 +49,6 @@ async fn parse_category_fields(
.text("name")
.ok_or_else(|| Error::BadRequest("category name is required".to_string()))?;
let description = form.text("description");
let position = form
.text("position")
.and_then(|s| s.parse::<i32>().ok())
.unwrap_or(0);
let published = form.checked("published");
// Resolve the chosen parent, rejecting cycles: a category may not be its
@@ -81,6 +77,28 @@ async fn parse_category_fields(
None => None,
};
// Position is optional: an explicit value sorts the category among its
// siblings, but a blank field appends it to the end of its parent's group
// (one past the current max), so new categories land last instead of first.
let position = match form.text("position").and_then(|s| s.parse::<i32>().ok()) {
Some(explicit) => explicit,
None => {
let mut query = categories::Entity::find();
query = match parent_id {
Some(pid) => query.filter(categories::Column::ParentId.eq(pid)),
None => query.filter(categories::Column::ParentId.is_null()),
};
query
.all(&ctx.db)
.await?
.iter()
.filter(|c| Some(c.id) != current_id)
.map(|c| c.position)
.max()
.map_or(0, |max| max + 1)
}
};
let desired = form
.text("slug")
.map(|s| slugify(&s))
@@ -180,7 +198,7 @@ async fn create(
guard::current_admin(auth, &ctx).await?;
let form = read_multipart_form(multipart).await?;
let fields = parse_category_fields(&ctx, &form, None).await?;
let image_id = match form.image {
let image_id = match form.single_image() {
Some(data) => Some(store_image(&ctx, data).await?),
None => None,
};
@@ -234,7 +252,7 @@ async fn update(
category.position = Set(fields.position);
category.published = Set(fields.published);
category.parent_id = Set(fields.parent_id);
if let Some(data) = form.image {
if let Some(data) = form.single_image() {
category.image_id = Set(Some(store_image(&ctx, data).await?));
}
category.update(&ctx.db).await?;

429
src/controllers/admin_customers.rs Normal file
View File

@@ -0,0 +1,429 @@
//! Admin management of business (company) accounts and their pricing.
//!
//! Per company the admin can: assign reusable discount profiles (the automated
//! layer), resolve per-product collisions when two assigned profiles cover the
//! same product, and set a manually negotiated price per product. The effective
//! price the business pays is always resolved by [`crate::shared::pricing`]
//! (lowest of public / automated / negotiated), shown here for reference.
use std::collections::{HashMap, HashSet};
use axum_extra::extract::cookie::CookieJar;
use loco_rs::prelude::*;
use sea_orm::{
ActiveModelTrait, ColumnTrait, EntityTrait, IntoActiveModel, PaginatorTrait, QueryFilter,
QueryOrder, Set, TransactionTrait,
};
use serde::Deserialize;
use serde_json::json;
use crate::{
controllers::i18n::current_lang,
models::{
account_discount_profiles, account_product_prices, account_product_resolutions,
categories, discount_profiles, product_variants, products, _entities::users,
},
shared::{
guard,
money::{format_bp, format_price, parse_price_to_cents},
pricing,
},
views::shop as view,
};
const COMPANY: &str = "company";
const BUSINESS_AUDIENCE: &str = "business";
#[derive(Debug, Deserialize)]
struct PriceForm {
price: String,
}
#[derive(Debug, Deserialize)]
struct ResolutionForm {
profile_id: i32,
}
async fn company_by_id(ctx: &AppContext, id: i32) -> Result<users::Model> {
let user = users::Entity::find_by_id(id)
.one(&ctx.db)
.await?
.ok_or_else(|| Error::NotFound)?;
if user.account_type != COMPANY {
return Err(Error::NotFound);
}
Ok(user)
}
async fn assigned_profile_ids(ctx: &AppContext, user_id: i32) -> Result<HashSet<i32>> {
Ok(account_discount_profiles::Entity::find()
.filter(account_discount_profiles::Column::UserId.eq(user_id))
.all(&ctx.db)
.await?
.into_iter()
.map(|a| a.discount_profile_id)
.collect())
}
#[debug_handler]
async fn index(
auth: auth::JWT,
jar: CookieJar,
ViewEngine(v): ViewEngine<TeraView>,
State(ctx): State<AppContext>,
) -> Result<Response> {
guard::current_admin(auth, &ctx).await?;
let companies = users::Entity::find()
.filter(users::Column::AccountType.eq(COMPANY))
.order_by_asc(users::Column::Name)
.all(&ctx.db)
.await?;
let mut rows = Vec::with_capacity(companies.len());
for company in &companies {
let negotiated = account_product_prices::Entity::find()
.filter(account_product_prices::Column::UserId.eq(company.id))
.count(&ctx.db)
.await?;
rows.push(json!({
"id": company.id,
"name": company.name,
"email": company.email,
"negotiated_count": negotiated,
}));
}
format::view(
&v,
"admin/customers/index.html",
json!({ "customers": rows, "lang": current_lang(&jar) }),
)
}
#[debug_handler]
async fn show(
auth: auth::JWT,
jar: CookieJar,
ViewEngine(v): ViewEngine<TeraView>,
Path(id): Path<i32>,
Query(params): Query<HashMap<String, String>>,
State(ctx): State<AppContext>,
) -> Result<Response> {
guard::current_admin(auth, &ctx).await?;
let company = company_by_id(&ctx, id).await?;
// All profiles (for the assignment section + name lookup) and which are
// assigned to this company.
let all_profiles = discount_profiles::Entity::find()
.order_by_asc(discount_profiles::Column::Name)
.all(&ctx.db)
.await?;
let assigned = assigned_profile_ids(&ctx, company.id).await?;
let profiles_json: Vec<serde_json::Value> = all_profiles
.iter()
.map(|p| {
json!({
"id": p.id,
"name": p.name,
"percent": format_bp(p.percent_bp),
"scope_type": p.scope_type,
"assigned": assigned.contains(&p.id),
})
})
.collect();
let all_categories = categories::Entity::find()
.order_by_asc(categories::Column::Position)
.order_by_asc(categories::Column::Name)
.all(&ctx.db)
.await?;
// Optional text search (drafts included), otherwise the whole catalog by
// name. Reuses the storefront's hybrid full-text + fuzzy product search.
let query = params.get("q").map(String::as_str).unwrap_or("").trim().to_string();
let list = if query.is_empty() {
products::Entity::find()
.order_by_asc(products::Column::Name)
.all(&ctx.db)
.await?
} else {
products::Entity::search(&ctx.db, &query, 1000, false).await?
};
// Category sidebar tree (counts over the full, unfiltered product list) plus
// the active `?category=` filter applied to the rows.
let category_ids: Vec<Option<i32>> = list.iter().map(|p| p.category_id).collect();
let category_groups = view::admin_category_groups(&all_categories, &category_ids);
let selected_category = params
.get("category")
.map(String::as_str)
.unwrap_or("all")
.to_string();
let filter = view::category_filter_ids(&all_categories, &selected_category);
// Pricing is per variant. Flatten the (filtered) products into their variants
// in product-name then variant-position order, carrying each variant's
// product for the row's display name.
let product_ids: Vec<i32> = list.iter().map(|p| p.id).collect();
let grouped = product_variants::Entity::grouped_for_products(&ctx.db, &product_ids).await?;
let mut variant_rows: Vec<(&products::Model, product_variants::Model)> = Vec::new();
for product in &list {
if !view::category_filter_keep(&filter, product.category_id) {
continue;
}
if let Some(variants) = grouped.get(&product.id) {
for variant in variants {
variant_rows.push((product, variant.clone()));
}
}
}
// Two prices per variant:
// - the generic business price a freshly-registered company sees (business
// baseline + business-audience profiles, no per-company deals), and
// - this company's effective price (its negotiated price + assigned profiles).
// The effective price is highlighted only when it differs from the generic one.
let variants_only: Vec<product_variants::Model> =
variant_rows.iter().map(|(_, v)| v.clone()).collect();
let business = pricing::audience_price_variants(&ctx, &variants_only, BUSINESS_AUDIENCE).await?;
let details = pricing::detail_variants(&ctx, &variants_only, Some(&company)).await?;
let rows: Vec<serde_json::Value> = variant_rows
.iter()
.zip(business.iter())
.zip(details.iter())
.map(|(((product, variant), b), d)| {
json!({
"product_id": product.id,
"variant_id": variant.id,
"name": product.name,
"variant_label": variant.label,
"currency": product.currency,
"regular_price": format_price(d.regular_cents),
"business_price": format_price(b.price_cents),
"business_reduced": b.price_cents < d.regular_cents,
"has_negotiated": d.manual_cents.is_some(),
"collision": d.collision,
"effective_price": format_price(d.price_cents),
"effective_differs": d.price_cents != b.price_cents,
})
})
.collect();
format::view(
&v,
"admin/customers/show.html",
json!({
"customer": { "id": company.id, "name": company.name, "email": company.email },
"profiles": profiles_json,
"products": rows,
"category_groups": category_groups,
"selected_category": selected_category,
"query": query,
"total_count": list.len(),
"uncategorized_count": category_ids.iter().filter(|c| c.is_none()).count(),
"error": params.get("error"),
"lang": current_lang(&jar),
}),
)
}
/// Dedicated per-product page for the negotiated price (and, when two assigned
/// profiles collide, the resolution selector). Mirrors the catalog "Set discount"
/// page but for a single company.
#[debug_handler]
async fn price_edit(
auth: auth::JWT,
jar: CookieJar,
ViewEngine(v): ViewEngine<TeraView>,
Path((id, variant_id)): Path<(i32, i32)>,
Query(params): Query<HashMap<String, String>>,
State(ctx): State<AppContext>,
) -> Result<Response> {
guard::current_admin(auth, &ctx).await?;
let company = company_by_id(&ctx, id).await?;
let variant = product_variants::Entity::find_by_id(variant_id)
.one(&ctx.db)
.await?
.ok_or_else(|| Error::NotFound)?;
let product = products::Entity::find_by_id(variant.product_id)
.one(&ctx.db)
.await?
.ok_or_else(|| Error::NotFound)?;
let business =
pricing::audience_price_variants(&ctx, std::slice::from_ref(&variant), BUSINESS_AUDIENCE)
.await?;
let business_cents = business[0].price_cents;
let detail =
pricing::detail_variants(&ctx, std::slice::from_ref(&variant), Some(&company)).await?;
let d = &detail[0];
// Names for the covering profiles, used by the collision resolution selector.
let covering: Vec<serde_json::Value> = if d.covering_profile_ids.is_empty() {
Vec::new()
} else {
let profiles = discount_profiles::Entity::find()
.filter(discount_profiles::Column::Id.is_in(d.covering_profile_ids.clone()))
.all(&ctx.db)
.await?;
let name: HashMap<i32, String> =
profiles.iter().map(|p| (p.id, p.name.clone())).collect();
d.covering_profile_ids
.iter()
.map(|pid| json!({ "id": pid, "name": name.get(pid) }))
.collect()
};
format::view(
&v,
"admin/customers/price_form.html",
json!({
"customer": { "id": company.id, "name": company.name },
"product": {
"id": product.id,
"variant_id": variant.id,
"name": product.name,
"variant_label": variant.label,
"currency": product.currency,
"regular_price": format_price(d.regular_cents),
"regular_cents": d.regular_cents,
"business_price": format_price(business_cents),
"business_reduced": business_cents < d.regular_cents,
"effective_price": format_price(d.price_cents),
"effective_differs": d.price_cents != business_cents,
},
"negotiated": d.manual_cents.map(format_price).unwrap_or_default(),
"has_negotiated": d.manual_cents.is_some(),
"collision": d.collision,
"covering": covering,
"auto_profile_id": d.auto_profile_id,
"error": params.get("error"),
"lang": current_lang(&jar),
}),
)
}
#[debug_handler]
async fn set_price(
auth: auth::JWT,
Path((id, variant_id)): Path<(i32, i32)>,
State(ctx): State<AppContext>,
Form(form): Form<PriceForm>,
) -> Result<Response> {
guard::current_admin(auth, &ctx).await?;
let company = company_by_id(&ctx, id).await?;
let entered = form.price.trim().to_string();
if entered.is_empty() {
account_product_prices::Model::clear(&ctx.db, company.id, variant_id).await?;
return format::redirect(&format!("/admin/customers/{id}"));
}
let cents = match parse_price_to_cents(&entered) {
Ok(cents) if cents > 0 => cents,
_ => {
return format::redirect(&format!(
"/admin/customers/{id}/prices/{variant_id}/edit?error=discount-must-be-positive"
))
}
};
account_product_prices::Model::upsert(&ctx.db, company.id, variant_id, cents).await?;
format::redirect(&format!("/admin/customers/{id}"))
}
#[debug_handler]
async fn remove_price(
auth: auth::JWT,
Path((id, variant_id)): Path<(i32, i32)>,
State(ctx): State<AppContext>,
) -> Result<Response> {
guard::current_admin(auth, &ctx).await?;
let company = company_by_id(&ctx, id).await?;
account_product_prices::Model::clear(&ctx.db, company.id, variant_id).await?;
format::redirect(&format!("/admin/customers/{id}"))
}
/// Replace the company's assigned profiles with the submitted set of checkboxes
/// (`profile_ids`, a repeated field axum `Form` can't collect, parsed directly).
#[debug_handler]
async fn sync_profiles(
auth: auth::JWT,
Path(id): Path<i32>,
State(ctx): State<AppContext>,
body: String,
) -> Result<Response> {
guard::current_admin(auth, &ctx).await?;
let company = company_by_id(&ctx, id).await?;
let profile_ids: Vec<i32> = form_urlencoded::parse(body.as_bytes())
.filter(|(k, _)| k == "profile_ids")
.filter_map(|(_, v)| v.parse::<i32>().ok())
.collect();
let txn = ctx.db.begin().await?;
account_discount_profiles::Entity::delete_many()
.filter(account_discount_profiles::Column::UserId.eq(company.id))
.exec(&txn)
.await?;
for profile_id in profile_ids {
account_discount_profiles::ActiveModel {
user_id: Set(company.id),
discount_profile_id: Set(profile_id),
..Default::default()
}
.insert(&txn)
.await?;
}
txn.commit().await?;
format::redirect(&format!("/admin/customers/{id}"))
}
/// Record the admin's chosen winning profile for a colliding product.
#[debug_handler]
async fn set_resolution(
auth: auth::JWT,
Path((id, variant_id)): Path<(i32, i32)>,
State(ctx): State<AppContext>,
Form(form): Form<ResolutionForm>,
) -> Result<Response> {
guard::current_admin(auth, &ctx).await?;
let company = company_by_id(&ctx, id).await?;
let existing = account_product_resolutions::Entity::find()
.filter(account_product_resolutions::Column::UserId.eq(company.id))
.filter(account_product_resolutions::Column::VariantId.eq(variant_id))
.one(&ctx.db)
.await?;
let mut active = match existing {
Some(row) => row.into_active_model(),
None => account_product_resolutions::ActiveModel {
user_id: Set(company.id),
variant_id: Set(variant_id),
..Default::default()
},
};
active.discount_profile_id = Set(form.profile_id);
active.save(&ctx.db).await?;
format::redirect(&format!("/admin/customers/{id}"))
}
pub fn routes() -> Routes {
Routes::new()
.add("/admin/customers", get(index))
.add("/admin/customers/{id}", get(show))
.add("/admin/customers/{id}/profiles", post(sync_profiles))
.add(
"/admin/customers/{id}/prices/{variant_id}/edit",
get(price_edit),
)
.add("/admin/customers/{id}/prices/{variant_id}", post(set_price))
.add(
"/admin/customers/{id}/prices/{variant_id}/remove",
post(remove_price),
)
.add(
"/admin/customers/{id}/resolutions/{variant_id}",
post(set_resolution),
)
}

298
src/controllers/admin_discount_profiles.rs Normal file
View File

@@ -0,0 +1,298 @@
//! Admin CRUD for reusable discount profiles (a named percentage over a product
//! scope). Profiles are assigned to business accounts on the customer page; here
//! the admin only defines them.
use std::collections::HashSet;
use axum_extra::extract::cookie::CookieJar;
use loco_rs::prelude::*;
use sea_orm::{
ActiveModelTrait, ColumnTrait, EntityTrait, IntoActiveModel, ModelTrait, PaginatorTrait,
QueryFilter, QueryOrder, Set, TransactionTrait,
};
use serde_json::json;
use crate::{
controllers::i18n::current_lang,
models::{discount_profile_products, discount_profiles, products},
shared::{
guard,
money::{format_bp, parse_percent, percent_to_bp},
},
};
/// Scalar + repeated fields parsed from the profile form. `product_ids` is a
/// repeated checkbox field, which `serde_urlencoded` (axum `Form`) can't collect,
/// so the body is parsed directly.
struct ProfileInput {
name: String,
percent: String,
scope_type: String,
product_ids: Vec<i32>,
}
fn parse_profile_form(body: &str) -> ProfileInput {
let mut name = String::new();
let mut percent = String::new();
let mut scope_type = discount_profiles::SCOPE_INCLUDE.to_string();
let mut product_ids = Vec::new();
for (key, value) in form_urlencoded::parse(body.as_bytes()) {
match key.as_ref() {
"name" => name = value.into_owned(),
"percent" => percent = value.into_owned(),
"scope_type" => scope_type = value.into_owned(),
"product_ids" => {
if let Ok(id) = value.parse::<i32>() {
product_ids.push(id);
}
}
_ => {}
}
}
ProfileInput {
name,
percent,
scope_type,
product_ids,
}
}
async fn profile_by_id(ctx: &AppContext, id: i32) -> Result<discount_profiles::Model> {
discount_profiles::Entity::find_by_id(id)
.one(&ctx.db)
.await?
.ok_or_else(|| Error::NotFound)
}
#[debug_handler]
async fn index(
auth: auth::JWT,
jar: CookieJar,
ViewEngine(v): ViewEngine<TeraView>,
State(ctx): State<AppContext>,
) -> Result<Response> {
guard::current_admin(auth, &ctx).await?;
let profiles = discount_profiles::Entity::find()
.order_by_asc(discount_profiles::Column::Name)
.all(&ctx.db)
.await?;
let mut rows = Vec::with_capacity(profiles.len());
for profile in &profiles {
let count = discount_profile_products::Entity::find()
.filter(discount_profile_products::Column::DiscountProfileId.eq(profile.id))
.count(&ctx.db)
.await?;
rows.push(json!({
"id": profile.id,
"name": profile.name,
"percent": format_bp(profile.percent_bp),
"scope_type": profile.scope_type,
"product_count": count,
}));
}
format::view(
&v,
"admin/catalog/discount_profiles.html",
json!({ "profiles": rows, "lang": current_lang(&jar) }),
)
}
/// Render the create/edit form. `profile` is null on create.
async fn render_form(
ctx: &AppContext,
v: &TeraView,
jar: &CookieJar,
profile: Option<&discount_profiles::Model>,
selected: &HashSet<i32>,
error: Option<&str>,
) -> Result<Response> {
let all_products = products::Entity::find()
.order_by_asc(products::Column::Name)
.all(&ctx.db)
.await?;
let product_rows: Vec<serde_json::Value> = all_products
.iter()
.map(|p| json!({ "id": p.id, "name": p.name, "selected": selected.contains(&p.id) }))
.collect();
let profile_json = match profile {
Some(p) => json!({
"id": p.id,
"name": p.name,
"percent": format_bp(p.percent_bp),
"scope_type": p.scope_type,
}),
None => serde_json::Value::Null,
};
format::view(
v,
"admin/catalog/discount_profile_form.html",
json!({
"profile": profile_json,
"products": product_rows,
"error": error,
"lang": current_lang(jar),
}),
)
}
#[debug_handler]
async fn new(
auth: auth::JWT,
jar: CookieJar,
ViewEngine(v): ViewEngine<TeraView>,
State(ctx): State<AppContext>,
) -> Result<Response> {
guard::current_admin(auth, &ctx).await?;
render_form(&ctx, &v, &jar, None, &HashSet::new(), None).await
}
#[debug_handler]
async fn edit(
auth: auth::JWT,
jar: CookieJar,
ViewEngine(v): ViewEngine<TeraView>,
Path(id): Path<i32>,
State(ctx): State<AppContext>,
) -> Result<Response> {
guard::current_admin(auth, &ctx).await?;
let profile = profile_by_id(&ctx, id).await?;
let selected = member_ids(&ctx, id).await?;
render_form(&ctx, &v, &jar, Some(&profile), &selected, None).await
}
async fn member_ids(ctx: &AppContext, profile_id: i32) -> Result<HashSet<i32>> {
Ok(discount_profile_products::Entity::find()
.filter(discount_profile_products::Column::DiscountProfileId.eq(profile_id))
.all(&ctx.db)
.await?
.into_iter()
.map(|r| r.product_id)
.collect())
}
/// Validate the parsed form into `(name, percent_bp, scope_type)`, or an error key.
fn validate(input: &ProfileInput) -> std::result::Result<(String, i32, String), &'static str> {
let name = input.name.trim().to_string();
if name.is_empty() {
return Err("profile-name-required");
}
let pct = parse_percent(&input.percent).ok_or("discount-invalid")?;
if pct <= 0.0 || pct >= 100.0 {
return Err("discount-percent-range");
}
let scope = if input.scope_type == discount_profiles::SCOPE_ALL_EXCEPT {
discount_profiles::SCOPE_ALL_EXCEPT
} else {
discount_profiles::SCOPE_INCLUDE
};
Ok((name, percent_to_bp(pct), scope.to_string()))
}
/// Replace a profile's product membership with `product_ids`.
async fn sync_membership(
ctx: &AppContext,
profile_id: i32,
product_ids: &[i32],
) -> Result<()> {
let txn = ctx.db.begin().await?;
discount_profile_products::Entity::delete_many()
.filter(discount_profile_products::Column::DiscountProfileId.eq(profile_id))
.exec(&txn)
.await?;
for product_id in product_ids {
discount_profile_products::ActiveModel {
discount_profile_id: Set(profile_id),
product_id: Set(*product_id),
..Default::default()
}
.insert(&txn)
.await?;
}
txn.commit().await?;
Ok(())
}
#[debug_handler]
async fn create(
auth: auth::JWT,
jar: CookieJar,
ViewEngine(v): ViewEngine<TeraView>,
State(ctx): State<AppContext>,
body: String,
) -> Result<Response> {
guard::current_admin(auth, &ctx).await?;
let input = parse_profile_form(&body);
let (name, percent_bp, scope_type) = match validate(&input) {
Ok(values) => values,
Err(key) => {
let selected: HashSet<i32> = input.product_ids.iter().copied().collect();
return render_form(&ctx, &v, &jar, None, &selected, Some(key)).await;
}
};
let profile = discount_profiles::ActiveModel {
name: Set(name),
percent_bp: Set(percent_bp),
scope_type: Set(scope_type),
..Default::default()
}
.insert(&ctx.db)
.await?;
sync_membership(&ctx, profile.id, &input.product_ids).await?;
format::redirect("/admin/catalog/discount-profiles")
}
#[debug_handler]
async fn update(
auth: auth::JWT,
jar: CookieJar,
ViewEngine(v): ViewEngine<TeraView>,
Path(id): Path<i32>,
State(ctx): State<AppContext>,
body: String,
) -> Result<Response> {
guard::current_admin(auth, &ctx).await?;
let profile = profile_by_id(&ctx, id).await?;
let input = parse_profile_form(&body);
let (name, percent_bp, scope_type) = match validate(&input) {
Ok(values) => values,
Err(key) => {
let selected: HashSet<i32> = input.product_ids.iter().copied().collect();
return render_form(&ctx, &v, &jar, Some(&profile), &selected, Some(key)).await;
}
};
let mut active = profile.into_active_model();
active.name = Set(name);
active.percent_bp = Set(percent_bp);
active.scope_type = Set(scope_type);
active.update(&ctx.db).await?;
sync_membership(&ctx, id, &input.product_ids).await?;
format::redirect("/admin/catalog/discount-profiles")
}
#[debug_handler]
async fn delete(
auth: auth::JWT,
Path(id): Path<i32>,
State(ctx): State<AppContext>,
) -> Result<Response> {
guard::current_admin(auth, &ctx).await?;
// FK cascades remove membership, assignments and resolutions.
profile_by_id(&ctx, id).await?.delete(&ctx.db).await?;
format::redirect("/admin/catalog/discount-profiles")
}
pub fn routes() -> Routes {
Routes::new()
.add("/admin/catalog/discount-profiles", get(index))
.add("/admin/catalog/discount-profiles/new", get(new))
.add("/admin/catalog/discount-profiles", post(create))
.add("/admin/catalog/discount-profiles/{id}/edit", get(edit))
.add("/admin/catalog/discount-profiles/{id}", post(update))
.add("/admin/catalog/discount-profiles/{id}/delete", post(delete))
}

74
src/controllers/admin_form.rs
View File

@@ -1,8 +1,11 @@
//! Multipart form handling shared by the product and category admin forms.
//!
//! Both forms submit a mix of text fields and an optional `image` file part;
//! this collects them into an easy-to-query [`MultipartForm`] and stores any
//! uploaded image through the configured storage driver.
//! Both forms submit a mix of text fields and `image` file part(s); this
//! collects them into an easy-to-query [`MultipartForm`] and stores any
//! uploaded image through the configured storage driver. The product form can
//! upload several images at once and submits a unified gallery order as
//! repeated `image_order` fields — each either an existing image's id or the
//! literal `new` (a placeholder consumed, in order, from the uploaded files).
use std::collections::HashMap;
@@ -18,11 +21,24 @@ fn normalize_empty(value: Option<String>) -> Option<String> {
})
}
/// Collected multipart form: text fields keyed by name, plus the raw bytes of
/// an `image` file part if one was uploaded (an empty file input is ignored).
/// One slot in the unified gallery order submitted by the product form.
#[derive(Debug, Clone)]
pub(crate) enum ImageSlot {
/// An existing image kept in the gallery.
Existing(i32),
/// A placeholder for one newly-uploaded file, consumed from [`MultipartForm::images`]
/// in the order these slots appear.
New,
}
/// Collected multipart form: text fields keyed by name, the raw bytes of every
/// `image` file part uploaded (empty file inputs are ignored, submission order
/// preserved), and the full gallery order as repeated `image_order` fields —
/// each either an existing image's id or the literal `new`.
pub(crate) struct MultipartForm {
fields: HashMap<String, String>,
pub(crate) image: Option<Vec<u8>>,
pub(crate) images: Vec<Vec<u8>>,
pub(crate) image_order: Vec<ImageSlot>,
}
impl MultipartForm {
@@ -31,6 +47,12 @@ impl MultipartForm {
normalize_empty(self.fields.get(key).cloned())
}
/// The single uploaded image, for forms (like categories) that accept only
/// one. Consumes the first uploaded part; any extras are ignored.
pub(crate) fn single_image(self) -> Option<Vec<u8>> {
self.images.into_iter().next()
}
/// Whether a checkbox-style field is checked.
pub(crate) fn checked(&self, key: &str) -> bool {
matches!(
@@ -38,11 +60,29 @@ impl MultipartForm {
Some("on" | "true" | "1")
)
}
/// The distinct row indices `N` present among `variants[N][...]` fields,
/// sorted ascending. Used to read the repeated variant rows of the product
/// form (each row's fields are uniquely keyed, so the HashMap keeps them all).
pub(crate) fn variant_indices(&self) -> Vec<usize> {
let mut idx: Vec<usize> = self
.fields
.keys()
.filter_map(|k| {
let rest = k.strip_prefix("variants[")?;
rest.split(']').next()?.parse::<usize>().ok()
})
.collect();
idx.sort_unstable();
idx.dedup();
idx
}
}
pub(crate) async fn read_multipart_form(mut multipart: Multipart) -> Result<MultipartForm> {
let mut fields = HashMap::new();
let mut image = None;
let mut images = Vec::new();
let mut image_order = Vec::new();
while let Some(mut field) = multipart
.next_field()
@@ -65,8 +105,20 @@ pub(crate) async fn read_multipart_form(mut multipart: Multipart) -> Result<Mult
)));
}
}
// An empty file part (no file chosen in a slot) is ignored.
if !data.is_empty() {
image = Some(data);
images.push(data);
}
} else if name == "image_order" {
let value = field
.text()
.await
.map_err(|err| Error::BadRequest(format!("invalid multipart field: {err}")))?;
let trimmed = value.trim();
if trimmed == "new" {
image_order.push(ImageSlot::New);
} else if let Ok(id) = trimmed.parse::<i32>() {
image_order.push(ImageSlot::Existing(id));
}
} else {
let value = field
@@ -77,7 +129,11 @@ pub(crate) async fn read_multipart_form(mut multipart: Multipart) -> Result<Mult
}
}
Ok(MultipartForm { fields, image })
Ok(MultipartForm {
fields,
images,
image_order,
})
}
/// Store an uploaded image's bytes and return its generated filename.

22
src/controllers/admin_orders.rs
View File

@@ -1,5 +1,8 @@
//! Admin order list, detail, status updates, and manual carrier dispatch.
use std::collections::HashMap;
use axum::extract::Query;
use axum_extra::extract::cookie::CookieJar;
use loco_rs::prelude::*;
use sea_orm::{ActiveModelTrait, ColumnTrait, EntityTrait, QueryFilter, QueryOrder, Set};
@@ -30,18 +33,31 @@ async fn index(
auth: auth::JWT,
jar: CookieJar,
ViewEngine(v): ViewEngine<TeraView>,
Query(params): Query<HashMap<String, String>>,
State(ctx): State<AppContext>,
) -> Result<Response> {
guard::current_admin(auth, &ctx).await?;
let list = orders::Entity::find()
// Optional search over order number / customer / email / etc., otherwise the
// full list newest first.
let query = params.get("q").map(String::as_str).unwrap_or("").trim().to_string();
let list = if query.is_empty() {
orders::Entity::find()
.order_by_desc(orders::Column::CreatedAt)
.all(&ctx.db)
.await?;
.await?
} else {
orders::Entity::search(&ctx.db, &query, 500).await?
};
let rows: Vec<serde_json::Value> = list.iter().map(view::summary).collect();
format::view(
&v,
"admin/orders/index.html",
json!({ "orders": rows, "lang": current_lang(&jar) }),
json!({
"orders": rows,
"query": query,
"total": list.len(),
"lang": current_lang(&jar),
}),
)
}

859
src/controllers/admin_products.rs
View File

File diff suppressed because it is too large Load Diff

25
src/controllers/auth.rs
View File

@@ -13,6 +13,13 @@ use time::Duration as TimeDuration;
pub static EMAIL_DOMAIN_RE: OnceLock<Regex> = OnceLock::new();
pub(crate) const AUTH_COOKIE: &str = "auth_token";
/// Short-lived cookie that carries a half-authenticated session between the
/// password step and the TOTP step. It is a *separate* name from `auth_token`
/// on purpose: the auth guards only read `auth_token`, so this cookie can never
/// authenticate a request on its own — it only proves the password step passed.
pub(crate) const TOTP_PENDING_COOKIE: &str = "totp_pending";
/// How long the user has to enter their 2FA code after the password step.
pub(crate) const TOTP_PENDING_TTL_SECS: u64 = 300;
fn get_allow_email_domain_re() -> &'static Regex {
EMAIL_DOMAIN_RE.get_or_init(|| {
@@ -38,6 +45,24 @@ pub(crate) fn clear_auth_cookie() -> Cookie<'static> {
.build()
}
pub(crate) fn totp_pending_cookie(token: &str, max_age_seconds: u64) -> Cookie<'static> {
Cookie::build((TOTP_PENDING_COOKIE, token.to_string()))
.path("/")
.http_only(true)
.same_site(SameSite::Lax)
.max_age(TimeDuration::seconds(max_age_seconds as i64))
.build()
}
pub(crate) fn clear_totp_pending_cookie() -> Cookie<'static> {
Cookie::build((TOTP_PENDING_COOKIE, ""))
.path("/")
.http_only(true)
.same_site(SameSite::Lax)
.max_age(TimeDuration::seconds(0))
.build()
}
#[derive(Debug, Deserialize, Serialize)]
pub struct ForgotParams {
pub email: String,

102
src/controllers/auth_pages.rs
View File

@@ -85,6 +85,23 @@ async fn login(
}
let jwt_secret = ctx.config.get_jwt_config()?;
// If the user opted into 2FA, the password is only the first factor: don't
// issue the real auth cookie yet. Hand out a short-lived, separate "pending"
// cookie and send them to the code-entry page. Everyone without 2FA logs in
// in a single step exactly as before.
if user.totp_enabled() {
let pending = user
.generate_jwt(&jwt_secret.secret, auth_controller::TOTP_PENDING_TTL_SECS)
.or_else(|_| unauthorized("unauthorized!"))?;
return format::render()
.cookies(&[auth_controller::totp_pending_cookie(
&pending,
auth_controller::TOTP_PENDING_TTL_SECS,
)])?
.redirect("/login/totp");
}
let token = user
.generate_jwt(&jwt_secret.secret, jwt_secret.expiration)
.or_else(|_| unauthorized("unauthorized!"))?;
@@ -94,6 +111,89 @@ async fn login(
.redirect(home_for(&ctx, &user))
}
/// Resolve the user behind a valid, unexpired `totp_pending` cookie. Returns
/// `None` (never errors) when the cookie is missing, malformed, or expired —
/// the caller bounces such requests back to `/login`.
async fn user_from_pending(ctx: &AppContext, jar: &CookieJar) -> Option<users::Model> {
let cookie = jar.get(auth_controller::TOTP_PENDING_COOKIE)?;
let jwt_config = ctx.config.get_jwt_config().ok()?;
let claims = loco_rs::auth::jwt::JWT::new(&jwt_config.secret)
.validate(cookie.value())
.ok()?;
let user = users::Model::find_by_pid(&ctx.db, &claims.claims.pid).await.ok()?;
// Defend against a stale pending cookie outliving a 2FA disable.
user.totp_enabled().then_some(user)
}
fn login_totp_view(v: &TeraView, jar: &CookieJar, error: Option<&str>) -> Result<Response> {
format::view(
v,
"auth/login_totp.html",
json!({
"error": error,
"logged_in_admin": false,
"lang": current_lang(jar),
}),
)
}
#[debug_handler]
async fn login_totp_page(
jar: CookieJar,
ViewEngine(v): ViewEngine<TeraView>,
State(ctx): State<AppContext>,
) -> Result<Response> {
if user_from_pending(&ctx, &jar).await.is_none() {
return format::redirect("/login");
}
login_totp_view(&v, &jar, None)
}
/// Second login factor. Accepts either a 6-digit authenticator code or one of
/// the one-time backup codes (auto-detected by length). On success the pending
/// cookie is cleared and the real `auth_token` is issued.
#[derive(Debug, serde::Deserialize)]
struct TotpLoginForm {
code: String,
}
#[debug_handler]
async fn login_totp(
jar: CookieJar,
ViewEngine(v): ViewEngine<TeraView>,
State(ctx): State<AppContext>,
Form(form): Form<TotpLoginForm>,
) -> Result<Response> {
let Some(user) = user_from_pending(&ctx, &jar).await else {
return format::redirect("/login");
};
let code = form.code.trim();
let via_totp = user.verify_totp_code(code);
let via_backup = !via_totp && user.matches_backup_code(code);
if !via_totp && !via_backup {
return login_totp_view(&v, &jar, Some("invalid"));
}
// A used backup code must be burned so it can't be replayed.
if via_backup {
user.clone().into_active_model().consume_backup_code(&ctx.db, code).await?;
}
let jwt_secret = ctx.config.get_jwt_config()?;
let token = user
.generate_jwt(&jwt_secret.secret, jwt_secret.expiration)
.or_else(|_| unauthorized("unauthorized!"))?;
format::render()
.cookies(&[
auth_controller::auth_cookie(&token, jwt_secret.expiration),
auth_controller::clear_totp_pending_cookie(),
])?
.redirect(home_for(&ctx, &user))
}
#[debug_handler]
async fn register_page(
jar: CookieJar,
@@ -366,6 +466,8 @@ pub fn routes() -> Routes {
Routes::new()
.add("/login", get(login_page))
.add("/login", post(login))
.add("/login/totp", get(login_totp_page))
.add("/login/totp", post(login_totp))
.add("/register", get(register_page))
.add("/register", post(register))
.add("/verify/{token}", get(verify))

125
src/controllers/cart.rs
View File

@@ -1,4 +1,4 @@
use crate::{controllers::i18n::current_lang, shared::{guard, money::format_price}, models::products};
use crate::{controllers::i18n::current_lang, shared::{guard, money::format_price, pricing}, models::{product_variants, products}};
use axum::{
http::{HeaderMap, StatusCode},
response::Redirect,
@@ -15,22 +15,22 @@ const CART_MAX_AGE_DAYS: i64 = 30;
#[derive(Debug, Deserialize)]
struct AddForm {
product_id: i32,
variant_id: i32,
quantity: Option<i32>,
}
#[derive(Debug, Deserialize)]
struct UpdateForm {
product_id: i32,
variant_id: i32,
quantity: i32,
}
#[derive(Debug, Deserialize)]
struct RemoveForm {
product_id: i32,
variant_id: i32,
}
/// Parse the `cart` cookie ("id:qty,id:qty") into `(product_id, quantity)`
/// Parse the `cart` cookie ("id:qty,id:qty") into `(variant_id, quantity)`
/// pairs, silently dropping malformed or non-positive entries.
pub(crate) fn parse_cart(jar: &CookieJar) -> Vec<(i32, i32)> {
let Some(cookie) = jar.get(CART_COOKIE) else {
@@ -64,12 +64,23 @@ fn cart_cookie(value: String) -> Cookie<'static> {
.build()
}
/// Look up a published product, returning its current stock cap.
async fn published_product(ctx: &AppContext, id: i32) -> Result<Option<products::Model>> {
Ok(products::Entity::find_by_id(id)
/// Look up a variant whose product is published, returning the variant together
/// with its parent product (for name/slug/currency).
async fn published_variant(
ctx: &AppContext,
variant_id: i32,
) -> Result<Option<(product_variants::Model, products::Model)>> {
let Some(variant) = product_variants::Entity::find_by_id(variant_id)
.one(&ctx.db)
.await?
else {
return Ok(None);
};
let product = products::Entity::find_by_id(variant.product_id)
.filter(products::Column::Published.eq(true))
.one(&ctx.db)
.await?)
.await?;
Ok(product.map(|p| (variant, p)))
}
#[debug_handler]
@@ -79,16 +90,16 @@ async fn add(
headers: HeaderMap,
Form(form): Form<AddForm>,
) -> Result<Response> {
let Some(product) = published_product(&ctx, form.product_id).await? else {
let Some((variant, _product)) = published_variant(&ctx, form.variant_id).await? else {
return Err(Error::NotFound);
};
let mut items = parse_cart(&jar);
let add_qty = form.quantity.unwrap_or(1).max(1);
if let Some(entry) = items.iter_mut().find(|(id, _)| *id == product.id) {
entry.1 = (entry.1 + add_qty).min(product.stock);
if let Some(entry) = items.iter_mut().find(|(id, _)| *id == variant.id) {
entry.1 = variant.cap(entry.1 + add_qty);
} else {
items.push((product.id, add_qty.min(product.stock)));
items.push((variant.id, variant.cap(add_qty)));
}
items.retain(|(_, qty)| *qty > 0);
@@ -117,14 +128,15 @@ async fn update(
headers: HeaderMap,
Form(form): Form<UpdateForm>,
) -> Result<Response> {
let stock = published_product(&ctx, form.product_id)
.await?
.map(|p| p.stock)
.unwrap_or(0);
// Clamp the requested quantity to what's available (no cap for untracked
// variants); a removed variant clamps to 0 and drops out below.
let clamped = match published_variant(&ctx, form.variant_id).await? {
Some((variant, _)) => variant.cap(form.quantity),
None => 0,
};
let mut items = parse_cart(&jar);
let clamped = form.quantity.clamp(0, stock);
if let Some(entry) = items.iter_mut().find(|(id, _)| *id == form.product_id) {
if let Some(entry) = items.iter_mut().find(|(id, _)| *id == form.variant_id) {
entry.1 = clamped;
}
items.retain(|(_, qty)| *qty > 0);
@@ -142,7 +154,7 @@ async fn remove(
Form(form): Form<RemoveForm>,
) -> Result<Response> {
let mut items = parse_cart(&jar);
items.retain(|(id, _)| *id != form.product_id);
items.retain(|(id, _)| *id != form.variant_id);
let jar = jar.add(cart_cookie(serialize_cart(&items)));
cart_response(&ctx, &v, jar, &headers).await
@@ -189,29 +201,43 @@ pub(crate) async fn resolve_cart(
ctx: &AppContext,
jar: &CookieJar,
) -> Result<(Vec<serde_json::Value>, Vec<(i32, i32)>, i64)> {
let mut lines = Vec::new();
let mut valid = Vec::new();
let mut total: i64 = 0;
// Resolve the cart entries to in-stock products first, then price them all
// for the current viewer in one batch (the price depends on who's logged in).
let user = guard::current_user(ctx, jar).await;
let mut items: Vec<(product_variants::Model, products::Model, i32)> = Vec::new();
for (id, qty) in parse_cart(jar) {
let Some(product) = published_product(ctx, id).await? else {
let Some((variant, product)) = published_variant(ctx, id).await? else {
continue;
};
let qty = qty.clamp(0, product.stock);
let qty = variant.cap(qty);
if qty == 0 {
continue;
}
let line_total = product.price_cents * i64::from(qty);
items.push((variant, product, qty));
}
let variants_only: Vec<product_variants::Model> =
items.iter().map(|(v, _, _)| v.clone()).collect();
let priced = pricing::price_variants(ctx, &variants_only, user.as_ref()).await?;
let mut lines = Vec::new();
let mut valid = Vec::new();
let mut total: i64 = 0;
for ((variant, product, qty), priced) in items.iter().zip(priced.iter()) {
let unit_price = priced.price_cents;
let line_total = unit_price * i64::from(*qty);
total += line_total;
valid.push((product.id, qty));
valid.push((variant.id, *qty));
lines.push(json!({
"id": product.id,
"id": variant.id,
"name": product.name,
"variant_label": variant.label,
"slug": product.slug,
"price": format_price(product.price_cents),
"price": format_price(unit_price),
"regular_price": format_price(priced.regular_cents),
"on_sale": priced.is_reduced(),
"currency": product.currency,
"quantity": qty,
"stock": product.stock,
"stock": variant.stock,
"line_total": format_price(line_total),
}));
}
@@ -234,7 +260,7 @@ async fn show(
// Drop any now-invalid lines from the cookie so the badge stays accurate.
let rebuilt = serialize_cart(&valid);
let (logged_in_admin, logged_in_customer) = guard::chrome(&ctx, &jar).await;
let c = guard::chrome(&ctx, &jar).await;
let response = format::view(
&v,
"shop/cart.html",
@@ -242,8 +268,10 @@ async fn show(
"items": lines,
"total": format_price(total),
"currency": currency,
"logged_in_admin": logged_in_admin,
"logged_in_customer": logged_in_customer,
"logged_in_admin": c.logged_in_admin,
"logged_in_customer": c.logged_in_customer,
"customer_name": c.customer_name,
"customer_account_type": c.customer_account_type,
"lang": current_lang(&jar),
}),
)?;
@@ -251,10 +279,39 @@ async fn show(
Ok((jar.add(cart_cookie(rebuilt)), response).into_response())
}
/// Mini-cart preview for the navbar hover dropdown. Lazy-loaded via htmx from
/// the header; returns just the `shop/_cart_preview.html` fragment.
#[debug_handler]
async fn preview(
jar: CookieJar,
ViewEngine(v): ViewEngine<TeraView>,
State(ctx): State<AppContext>,
) -> Result<Response> {
let (lines, valid, total) = resolve_cart(&ctx, &jar).await?;
let currency = lines
.first()
.and_then(|line| line["currency"].as_str())
.unwrap_or("EUR")
.to_string();
let rebuilt = serialize_cart(&valid);
let response = format::view(
&v,
"shop/_cart_preview.html",
json!({
"items": lines,
"total": format_price(total),
"currency": currency,
"lang": current_lang(&jar),
}),
)?;
Ok((jar.add(cart_cookie(rebuilt)), response).into_response())
}
pub fn routes() -> Routes {
Routes::new()
.add("/cart", get(show))
.add("/cart/add", post(add))
.add("/cart/update", post(update))
.add("/cart/remove", post(remove))
.add("/partials/cart", get(preview))
}

13
src/controllers/checkout.rs
View File

@@ -132,6 +132,10 @@ async fn checkout_page(
"packeta_api_key": settings::get(&ctx, "packeta_api_key").unwrap_or(""),
"logged_in_admin": is_admin,
"logged_in_customer": is_customer,
// Required by the navbar profile menu (base.html includes it whenever
// logged_in_customer is true); None for admins/guests.
"customer_name": user.as_ref().filter(|_| is_customer).map(|u| u.name.clone()),
"customer_account_type": user.as_ref().filter(|_| is_customer).map(|u| u.account_type.clone()),
"profile_filled": profile_filled,
// A logged-in customer's account type is fixed; only guests pick it
// and may opt to create an account from the order.
@@ -327,6 +331,7 @@ async fn place_order(
pickup_point_id,
pickup_point_name,
},
logged_in_customer,
)
.await?;
@@ -357,7 +362,7 @@ async fn order_confirmation(
.filter(order_items::Column::OrderId.eq(order.id))
.all(&ctx.db)
.await?;
let (logged_in_admin, logged_in_customer) = guard::chrome(&ctx, &jar).await;
let c = guard::chrome(&ctx, &jar).await;
let account_created = params.contains_key("account_created");
format::view(
@@ -370,8 +375,10 @@ async fn order_confirmation(
settings::get(&ctx, "bank_account_name").unwrap_or(""),
),
"items": view::items(&items),
"logged_in_admin": logged_in_admin,
"logged_in_customer": logged_in_customer,
"logged_in_admin": c.logged_in_admin,
"logged_in_customer": c.logged_in_customer,
"customer_name": c.customer_name,
"customer_account_type": c.customer_account_type,
"account_created": account_created,
"lang": current_lang(&jar),
}),

11
src/controllers/home.rs
View File

@@ -12,16 +12,19 @@ async fn index(
ViewEngine(v): ViewEngine<TeraView>,
State(ctx): State<AppContext>,
) -> Result<Response> {
let products = shop::featured_products(&ctx, 8).await?;
let (logged_in_admin, logged_in_customer) = guard::chrome(&ctx, &jar).await;
let user = guard::current_user(&ctx, &jar).await;
let products = shop::featured_products(&ctx, user.as_ref(), 8).await?;
let c = guard::chrome_from(&ctx, user.as_ref());
format::view(
&v,
"home/index.html",
json!({
"products": products,
"logged_in_admin": logged_in_admin,
"logged_in_customer": logged_in_customer,
"logged_in_admin": c.logged_in_admin,
"logged_in_customer": c.logged_in_customer,
"customer_name": c.customer_name,
"customer_account_type": c.customer_account_type,
"lang": current_lang(&jar),
}),
)

2
src/controllers/mod.rs
View File

@@ -3,7 +3,9 @@ pub mod auth;
pub mod auth_pages;
pub mod oauth2;
pub mod admin_categories;
pub mod admin_customers;
pub mod admin_dashboard;
pub mod admin_discount_profiles;
pub mod admin_form;
pub mod admin_orders;
pub mod admin_products;

415
src/controllers/shop.rs
View File

@@ -1,6 +1,10 @@
//! Public storefront: product listings, product detail, category pages and the
//! lazily-loaded category sidebar.
use std::collections::HashMap;
use axum::extract::Query;
use axum::http::HeaderMap;
use axum_extra::extract::cookie::CookieJar;
use loco_rs::prelude::*;
use sea_orm::{ColumnTrait, EntityTrait, QueryFilter, QueryOrder, QuerySelect, Set};
@@ -8,17 +12,256 @@ use serde_json::json;
use crate::{
controllers::i18n::current_lang,
shared::guard,
models::{categories, product_images, products},
shared::{
guard,
money::{format_price, parse_price_to_cents},
pricing,
},
models::{categories, product_images, product_variants, products, users},
views::shop as view,
};
/// Shape a list of products into card rows, loading each one's primary image.
async fn product_rows(ctx: &AppContext, list: Vec<products::Model>) -> Result<Vec<serde_json::Value>> {
let mut rows = Vec::with_capacity(list.len());
for product in list {
/// Results per page in the storefront listing/search.
const PER_PAGE: usize = 24;
/// Hard cap on candidates a single text search considers before faceting; well
/// above any realistic page of results for this catalog.
const SEARCH_CAP: u64 = 1000;
/// All storefront listing controls: free-text query, category, price band,
/// stock, sort and page. Everything is optional so `/shop` and `/search` share
/// one shape.
#[derive(Debug, Default, serde::Deserialize)]
struct SearchParams {
q: Option<String>,
category: Option<String>,
min_price: Option<String>,
max_price: Option<String>,
in_stock: Option<String>,
sort: Option<String>,
page: Option<u32>,
}
/// A candidate product with everything the listing needs to filter, sort and
/// render it: its representative (first) variant, the resolved price for the
/// viewer, stock, variant count and original search rank (for relevance order).
struct Candidate {
product: products::Model,
rep: product_variants::Model,
priced: pricing::PricedProduct,
in_stock: bool,
count: usize,
rank: usize,
}
/// Whether a checkbox-style param is on (present and not an explicit "off"/"0").
fn is_on(v: &Option<String>) -> bool {
matches!(v.as_deref(), Some(s) if !s.is_empty() && s != "0" && s != "false" && s != "off")
}
/// Rebuild the query string from `params` minus `page`, so pagination links can
/// preserve the active query + filters + sort.
fn query_base(params: &SearchParams) -> String {
let mut ser = form_urlencoded::Serializer::new(String::new());
if let Some(q) = params.q.as_deref().filter(|s| !s.is_empty()) {
ser.append_pair("q", q);
}
if let Some(c) = params.category.as_deref().filter(|s| !s.is_empty() && *s != "all") {
ser.append_pair("category", c);
}
if let Some(p) = params.min_price.as_deref().filter(|s| !s.is_empty()) {
ser.append_pair("min_price", p);
}
if let Some(p) = params.max_price.as_deref().filter(|s| !s.is_empty()) {
ser.append_pair("max_price", p);
}
if is_on(&params.in_stock) {
ser.append_pair("in_stock", "1");
}
if let Some(s) = params.sort.as_deref().filter(|s| !s.is_empty()) {
ser.append_pair("sort", s);
}
ser.finish()
}
/// Run the full faceted listing pipeline for `params` and shape the template
/// context (results page + facet data + pagination). Reused by `/shop` and
/// `/search`; the caller adds chrome and picks the template.
async fn run_search(
ctx: &AppContext,
user: Option<&users::Model>,
params: &SearchParams,
) -> Result<serde_json::Value> {
let q = params.q.clone().unwrap_or_default();
let q_trim = q.trim().to_string();
// 1. Base candidates: ranked search hits, or the full published listing.
let base: Vec<products::Model> = if q_trim.is_empty() {
products::Entity::find()
.filter(products::Column::Published.eq(true))
.order_by_desc(products::Column::PublishedAt)
.all(&ctx.db)
.await?
} else {
products::Entity::search(&ctx.db, &q_trim, SEARCH_CAP, true).await?
};
// 2. Attach representative variant + resolved price to each (drop products
// with no purchasable variant).
let ids: Vec<i32> = base.iter().map(|p| p.id).collect();
let grouped = product_variants::Entity::grouped_for_products(&ctx.db, &ids).await?;
let mut staged: Vec<(products::Model, product_variants::Model, usize, usize)> = Vec::new();
for (rank, product) in base.into_iter().enumerate() {
if let Some(vs) = grouped.get(&product.id) {
if let Some(rep) = vs.first() {
staged.push((product, rep.clone(), vs.len(), rank));
}
}
}
let reps: Vec<product_variants::Model> = staged.iter().map(|(_, r, _, _)| r.clone()).collect();
let priced = pricing::price_variants(ctx, &reps, user).await?;
let mut items: Vec<Candidate> = staged
.into_iter()
.zip(priced.iter())
.map(|((product, rep, count, rank), p)| Candidate {
in_stock: rep.in_stock(),
product,
rep,
priced: *p,
count,
rank,
})
.collect();
// Price band bounds across all matches, to hint the filter UI.
let price_floor = items.iter().map(|i| i.priced.price_cents).min().unwrap_or(0);
let price_ceil = items.iter().map(|i| i.priced.price_cents).max().unwrap_or(0);
// 3. Non-category filters: price band + in-stock.
let min_c = params.min_price.as_deref().and_then(|s| parse_price_to_cents(s).ok());
let max_c = params.max_price.as_deref().and_then(|s| parse_price_to_cents(s).ok());
let in_stock_only = is_on(&params.in_stock);
items.retain(|i| {
min_c.is_none_or(|m| i.priced.price_cents >= m)
&& max_c.is_none_or(|m| i.priced.price_cents <= m)
&& (!in_stock_only || i.in_stock)
});
// 4. Category facets: counts computed over the price/stock-filtered set
// (i.e. before applying the category choice itself).
let all_categories = categories::published(ctx).await?;
let cat_ids: Vec<Option<i32>> = items.iter().map(|i| i.product.category_id).collect();
let category_groups = view::admin_category_groups(&all_categories, &cat_ids);
let uncategorized_count = cat_ids.iter().filter(|c| c.is_none()).count();
let category_name: HashMap<i32, String> =
all_categories.iter().map(|c| (c.id, c.name.clone())).collect();
// 5. Apply the category filter.
let selected_category = params
.category
.clone()
.filter(|s| !s.is_empty())
.unwrap_or_else(|| "all".to_string());
let filter = view::category_filter_ids(&all_categories, &selected_category);
items.retain(|i| view::category_filter_keep(&filter, i.product.category_id));
// 6. Sort. Newest-first is the default; relevance (the ranked search order)
// is available explicitly via the sort control.
let sort = params
.sort
.clone()
.filter(|s| !s.is_empty())
.unwrap_or_else(|| "newest".to_string());
match sort.as_str() {
"price_asc" => items.sort_by(|a, b| a.priced.price_cents.cmp(&b.priced.price_cents)),
"price_desc" => items.sort_by(|a, b| b.priced.price_cents.cmp(&a.priced.price_cents)),
"name_asc" => items.sort_by(|a, b| {
a.product.name.to_lowercase().cmp(&b.product.name.to_lowercase())
}),
"name_desc" => items.sort_by(|a, b| {
b.product.name.to_lowercase().cmp(&a.product.name.to_lowercase())
}),
"newest" => items.sort_by(|a, b| b.product.published_at.cmp(&a.product.published_at)),
// "relevance" and anything unknown: original search rank.
_ => items.sort_by_key(|i| i.rank),
}
// 7. Paginate.
let total = items.len();
let pages = total.div_ceil(PER_PAGE).max(1);
let page = params.page.unwrap_or(1).clamp(1, pages as u32);
let start = (page as usize - 1) * PER_PAGE;
// 8. Render only the current page's cards (images fetched per row).
let mut rows = Vec::new();
for item in items.iter().skip(start).take(PER_PAGE) {
let image = product_images::first_for(ctx, item.product.id).await?;
let cat_name = item.product.category_id.and_then(|id| category_name.get(&id).cloned());
rows.push(view::product_card(
&item.product,
&item.rep,
&item.priced,
item.count,
image,
cat_name,
));
}
Ok(json!({
"products": rows,
"query": q,
"category_groups": category_groups,
"selected_category": selected_category,
// Numeric form so the <select> can mark the active option (Tera can't
// compare a string param against a numeric category id).
"selected_category_id": selected_category.parse::<i32>().unwrap_or(-1),
"uncategorized_count": uncategorized_count,
"sort": sort,
"in_stock": in_stock_only,
"min_price": params.min_price.clone().unwrap_or_default(),
"max_price": params.max_price.clone().unwrap_or_default(),
"price_floor": format_price(price_floor),
"price_ceil": format_price(price_ceil),
"total": total,
"page": page,
"pages": pages,
"has_prev": page > 1,
"has_next": (page as usize) < pages,
"prev_page": page.saturating_sub(1).max(1),
"next_page": page + 1,
"query_base": query_base(params),
}))
}
/// Shape a list of products into card rows for `user` (None = public). Each card
/// shows the resolved price of the product's representative (first) variant; the
/// `variant_count` lets the template render "from {price}" for multi-variant
/// products. Products with no variants are skipped (not purchasable).
async fn product_rows(
ctx: &AppContext,
user: Option<&users::Model>,
list: Vec<products::Model>,
) -> Result<Vec<serde_json::Value>> {
let ids: Vec<i32> = list.iter().map(|p| p.id).collect();
let grouped = product_variants::Entity::grouped_for_products(&ctx.db, &ids).await?;
// Representative (first) variant per product, in list order, dropping any
// product that has no variants.
let mut entries: Vec<(&products::Model, product_variants::Model, usize)> = Vec::new();
for product in &list {
if let Some(variants) = grouped.get(&product.id) {
if let Some(first) = variants.first() {
entries.push((product, first.clone(), variants.len()));
}
}
}
let reps: Vec<product_variants::Model> = entries.iter().map(|(_, v, _)| v.clone()).collect();
let priced = pricing::price_variants(ctx, &reps, user).await?;
let mut rows = Vec::with_capacity(entries.len());
for ((product, rep, count), priced) in entries.iter().zip(priced.iter()) {
let image = product_images::first_for(ctx, product.id).await?;
rows.push(view::product_card(&product, image, None));
rows.push(view::product_card(product, rep, priced, *count, image, None));
}
Ok(rows)
}
@@ -27,6 +270,7 @@ async fn product_rows(ctx: &AppContext, list: Vec<products::Model>) -> Result<Ve
/// by the home-page landing grid.
pub(crate) async fn featured_products(
ctx: &AppContext,
user: Option<&users::Model>,
limit: u64,
) -> Result<Vec<serde_json::Value>> {
let list = products::Entity::find()
@@ -35,7 +279,7 @@ pub(crate) async fn featured_products(
.limit(limit)
.all(&ctx.db)
.await?;
product_rows(ctx, list).await
product_rows(ctx, user, list).await
}
/// The site-wide category sidebar, loaded lazily via htmx by the base layout so
@@ -57,29 +301,59 @@ async fn category_sidebar(
)
}
/// Fold the page chrome (login state, names) and language into a `run_search`
/// context so the full page can render the layout.
fn add_chrome(ctx_value: &mut serde_json::Value, c: &guard::Chrome, lang: &str) {
if let Some(map) = ctx_value.as_object_mut() {
map.insert("logged_in_admin".into(), json!(c.logged_in_admin));
map.insert("logged_in_customer".into(), json!(c.logged_in_customer));
map.insert("customer_name".into(), json!(c.customer_name));
map.insert("customer_account_type".into(), json!(c.customer_account_type));
map.insert("lang".into(), json!(lang));
}
}
#[debug_handler]
async fn index(
jar: CookieJar,
ViewEngine(v): ViewEngine<TeraView>,
State(ctx): State<AppContext>,
) -> Result<Response> {
let list = products::Entity::find()
.filter(products::Column::Published.eq(true))
.order_by_desc(products::Column::PublishedAt)
.all(&ctx.db)
.await?;
let user = guard::current_user(&ctx, &jar).await;
let mut context = run_search(&ctx, user.as_ref(), &SearchParams::default()).await?;
let c = guard::chrome_from(&ctx, user.as_ref());
add_chrome(&mut context, &c, &current_lang(&jar));
format::view(&v, "shop/index.html", context)
}
let (logged_in_admin, logged_in_customer) = guard::chrome(&ctx, &jar).await;
format::view(
&v,
"shop/index.html",
json!({
"products": product_rows(&ctx, list).await?,
"logged_in_admin": logged_in_admin,
"logged_in_customer": logged_in_customer,
"lang": current_lang(&jar),
}),
)
/// Storefront search + faceted browse. Combines the hybrid full-text/fuzzy query
/// ([`products::Entity::search`]) with category, price-band, in-stock and sort
/// filters, ranked and paginated by [`run_search`]. A blank query falls back to
/// the full published listing, so the same endpoint powers both "browse" and
/// "search". htmx requests get just the results fragment (for live updates);
/// direct navigation (or no-JS) renders the whole page.
#[debug_handler]
async fn search(
jar: CookieJar,
ViewEngine(v): ViewEngine<TeraView>,
headers: HeaderMap,
Query(params): Query<SearchParams>,
State(ctx): State<AppContext>,
) -> Result<Response> {
let user = guard::current_user(&ctx, &jar).await;
let mut context = run_search(&ctx, user.as_ref(), &params).await?;
let lang = current_lang(&jar);
if headers.contains_key("HX-Request") {
if let Some(map) = context.as_object_mut() {
map.insert("lang".into(), json!(lang));
}
return format::view(&v, "shop/_results.html", context);
}
let c = guard::chrome_from(&ctx, user.as_ref());
add_chrome(&mut context, &c, &lang);
format::view(&v, "shop/index.html", context)
}
#[debug_handler]
@@ -110,26 +384,67 @@ async fn show(
None => None,
};
let (logged_in_admin, logged_in_customer) = guard::chrome(&ctx, &jar).await;
let user = guard::current_user(&ctx, &jar).await;
let variants = product_variants::Entity::for_product(&ctx.db, product.id).await?;
let variant_prices = pricing::price_variants(&ctx, &variants, user.as_ref()).await?;
let options: Vec<serde_json::Value> = variants
.iter()
.zip(variant_prices.iter())
.map(|(variant, priced)| view::variant_option(variant, priced))
.collect();
// The card header uses the representative (first) variant for its headline
// price; the picker below lets the customer switch.
let representative = variants.first();
let priced = variant_prices.first().copied();
let card = match (representative, priced) {
(Some(rep), Some(priced)) => view::product_card(
&product,
rep,
&priced,
variants.len(),
None,
category.as_ref().map(|c| c.name.clone()),
),
// A product with no variants isn't purchasable; show it without a price.
_ => serde_json::json!({
"id": product.id,
"name": product.name,
"slug": product.slug,
"description": product.description,
"currency": product.currency,
"variant_count": 0,
"has_options": false,
}),
};
let c = guard::chrome_from(&ctx, user.as_ref());
format::view(
&v,
"shop/show.html",
json!({
"product": view::product_card(&product, None, category.as_ref().map(|c| c.name.clone())),
"product": card,
"variants": options,
"images": images.iter().map(|i| i.image_id.clone()).collect::<Vec<_>>(),
"category": category,
"logged_in_admin": logged_in_admin,
"logged_in_customer": logged_in_customer,
"logged_in_admin": c.logged_in_admin,
"logged_in_customer": c.logged_in_customer,
"customer_name": c.customer_name,
"customer_account_type": c.customer_account_type,
"lang": current_lang(&jar),
}),
)
}
/// Category page: the same faceted search as the shop, but with this category
/// preselected as the default filter (plus breadcrumbs and subcategory chips).
/// Any other filters/sort/query on the URL are honoured; the category itself is
/// always forced to this page's category. Interacting with the toolbar navigates
/// to `/search` (the category stays selected there too).
#[debug_handler]
async fn category(
jar: CookieJar,
ViewEngine(v): ViewEngine<TeraView>,
Path(slug): Path<String>,
Query(params): Query<SearchParams>,
State(ctx): State<AppContext>,
) -> Result<Response> {
let published = categories::published(&ctx).await?;
@@ -142,38 +457,30 @@ async fn category(
let breadcrumbs = categories::ancestors(&published, category.parent_id);
let children = categories::children_of(&published, category.id);
// Products listed here span this category and all of its descendants, so a
// parent category is never empty just because its products live in leaves.
let mut category_ids: Vec<i32> = categories::descendant_ids(&published, category.id)
.into_iter()
.collect();
category_ids.push(category.id);
let list = products::Entity::find()
.filter(products::Column::CategoryId.is_in(category_ids))
.filter(products::Column::Published.eq(true))
.order_by_desc(products::Column::PublishedAt)
.all(&ctx.db)
.await?;
// Force the category filter to this page's category, keeping any other params.
let params = SearchParams {
category: Some(category.id.to_string()),
..params
};
let (logged_in_admin, logged_in_customer) = guard::chrome(&ctx, &jar).await;
format::view(
&v,
"shop/category.html",
json!({
"category": category,
"breadcrumbs": breadcrumbs,
"children": children,
"products": product_rows(&ctx, list).await?,
"logged_in_admin": logged_in_admin,
"logged_in_customer": logged_in_customer,
"lang": current_lang(&jar),
}),
)
let user = guard::current_user(&ctx, &jar).await;
let mut context = run_search(&ctx, user.as_ref(), &params).await?;
if let Some(map) = context.as_object_mut() {
map.insert("category".into(), serde_json::to_value(&category)?);
map.insert("breadcrumbs".into(), serde_json::to_value(&breadcrumbs)?);
map.insert("children".into(), serde_json::to_value(&children)?);
}
let c = guard::chrome_from(&ctx, user.as_ref());
add_chrome(&mut context, &c, &current_lang(&jar));
format::view(&v, "shop/category.html", context)
}
pub fn routes() -> Routes {
Routes::new()
.add("/shop", get(index))
// Top-level path (not /shop/search) so it never collides with the
// /shop/{slug} product route.
.add("/search", get(search))
.add("/shop/{slug}", get(show))
.add("/category/{slug}", get(category))
.add("/partials/categories", get(category_sidebar))

2
src/fixtures/users.yaml
View File

@@ -6,6 +6,7 @@
api_key: lo-95ec80d7-cb60-4b70-9b4b-9ef74cb88758
name: user1
theme: light
account_type: personal
created_at: "2023-11-12T12:34:56.789Z"
updated_at: "2023-11-12T12:34:56.789Z"
- id: 3
@@ -15,5 +16,6 @@
api_key: lo-153561ca-fa84-4e1b-813a-c62526d0a77e
name: user2
theme: light
account_type: personal
created_at: "2023-11-12T12:34:56.789Z"
updated_at: "2023-11-12T12:34:56.789Z"

30
src/initializers/view_engine.rs
View File

@@ -6,6 +6,7 @@ use loco_rs::{
controller::views::{engines, ViewEngine},
Error, Result,
};
use std::collections::HashMap;
use tracing::info;
const I18N_DIR: &str = "assets/i18n";
@@ -23,7 +24,9 @@ impl Initializer for ViewEngineInitializer {
}
async fn after_routes(&self, router: AxumRouter, _ctx: &AppContext) -> Result<AxumRouter> {
let tera_engine = if std::path::Path::new(I18N_DIR).exists() {
// Load locales only if present; `t` is registered conditionally below so
// the single post-process closure covers both cases.
let locales = if std::path::Path::new(I18N_DIR).exists() {
let arc = std::sync::Arc::new(
ArcLoader::builder(&I18N_DIR, unic_langid::langid!("sk"))
.shared_resources(Some(&[I18N_SHARED.into()]))
@@ -32,15 +35,28 @@ impl Initializer for ViewEngineInitializer {
.map_err(|e| Error::string(&e.to_string()))?,
);
info!("locales loaded");
engines::TeraView::build()?.post_process(move |tera| {
tera.register_function("t", FluentLoader::new(arc.clone()));
Ok(())
})?
Some(arc)
} else {
engines::TeraView::build()?
None
};
let tera_engine = engines::TeraView::build()?.post_process(move |tera| {
if let Some(arc) = &locales {
tera.register_function("t", FluentLoader::new(arc.clone()));
}
// `csrf_token()`: the in-flight request's CSRF token (bound by
// `shared::csrf::protect`), rendered into `<body hx-headers>` and
// `ui::csrf_field()`. Inlined so its `tera::Error` return is inferred
// from `register_function` — we never name a `tera` type, keeping it
// off our direct deps and pinned to loco's.
tera.register_function("csrf_token", |_args: &HashMap<String, serde_json::Value>| {
Ok(serde_json::Value::String(
crate::shared::csrf::current_token().unwrap_or_default(),
))
});
Ok(())
})?;
Ok(router.layer(Extension(ViewEngine::from(tera_engine))))
}
}

47
src/models/_entities/account_discount_profiles.rs Normal file
View File

@@ -0,0 +1,47 @@
//! `SeaORM` Entity, @generated by sea-orm-codegen 1.1.19
use sea_orm::entity::prelude::*;
use serde::{Deserialize, Serialize};
#[derive(Clone, Debug, PartialEq, DeriveEntityModel, Eq, Serialize, Deserialize)]
#[sea_orm(table_name = "account_discount_profiles")]
pub struct Model {
pub created_at: DateTimeWithTimeZone,
pub updated_at: DateTimeWithTimeZone,
#[sea_orm(primary_key)]
pub id: i32,
pub user_id: i32,
pub discount_profile_id: i32,
}
#[derive(Copy, Clone, Debug, EnumIter, DeriveRelation)]
pub enum Relation {
#[sea_orm(
belongs_to = "super::discount_profiles::Entity",
from = "Column::DiscountProfileId",
to = "super::discount_profiles::Column::Id",
on_update = "Cascade",
on_delete = "Cascade"
)]
DiscountProfiles,
#[sea_orm(
belongs_to = "super::users::Entity",
from = "Column::UserId",
to = "super::users::Column::Id",
on_update = "Cascade",
on_delete = "Cascade"
)]
Users,
}
impl Related<super::discount_profiles::Entity> for Entity {
fn to() -> RelationDef {
Relation::DiscountProfiles.def()
}
}
impl Related<super::users::Entity> for Entity {
fn to() -> RelationDef {
Relation::Users.def()
}
}

48
src/models/_entities/account_product_prices.rs Normal file
View File

@@ -0,0 +1,48 @@
//! `SeaORM` Entity, @generated by sea-orm-codegen 1.1.19
use sea_orm::entity::prelude::*;
use serde::{Deserialize, Serialize};
#[derive(Clone, Debug, PartialEq, DeriveEntityModel, Eq, Serialize, Deserialize)]
#[sea_orm(table_name = "account_product_prices")]
pub struct Model {
pub created_at: DateTimeWithTimeZone,
pub updated_at: DateTimeWithTimeZone,
#[sea_orm(primary_key)]
pub id: i32,
pub price_cents: i64,
pub user_id: i32,
pub variant_id: i32,
}
#[derive(Copy, Clone, Debug, EnumIter, DeriveRelation)]
pub enum Relation {
#[sea_orm(
belongs_to = "super::product_variants::Entity",
from = "Column::VariantId",
to = "super::product_variants::Column::Id",
on_update = "NoAction",
on_delete = "Cascade"
)]
ProductVariants,
#[sea_orm(
belongs_to = "super::users::Entity",
from = "Column::UserId",
to = "super::users::Column::Id",
on_update = "Cascade",
on_delete = "Cascade"
)]
Users,
}
impl Related<super::product_variants::Entity> for Entity {
fn to() -> RelationDef {
Relation::ProductVariants.def()
}
}
impl Related<super::users::Entity> for Entity {
fn to() -> RelationDef {
Relation::Users.def()
}
}

62
src/models/_entities/account_product_resolutions.rs Normal file
View File

@@ -0,0 +1,62 @@
//! `SeaORM` Entity, @generated by sea-orm-codegen 1.1.19
use sea_orm::entity::prelude::*;
use serde::{Deserialize, Serialize};
#[derive(Clone, Debug, PartialEq, DeriveEntityModel, Eq, Serialize, Deserialize)]
#[sea_orm(table_name = "account_product_resolutions")]
pub struct Model {
pub created_at: DateTimeWithTimeZone,
pub updated_at: DateTimeWithTimeZone,
#[sea_orm(primary_key)]
pub id: i32,
pub user_id: i32,
pub discount_profile_id: i32,
pub variant_id: i32,
}
#[derive(Copy, Clone, Debug, EnumIter, DeriveRelation)]
pub enum Relation {
#[sea_orm(
belongs_to = "super::discount_profiles::Entity",
from = "Column::DiscountProfileId",
to = "super::discount_profiles::Column::Id",
on_update = "Cascade",
on_delete = "Cascade"
)]
DiscountProfiles,
#[sea_orm(
belongs_to = "super::product_variants::Entity",
from = "Column::VariantId",
to = "super::product_variants::Column::Id",
on_update = "NoAction",
on_delete = "Cascade"
)]
ProductVariants,
#[sea_orm(
belongs_to = "super::users::Entity",
from = "Column::UserId",
to = "super::users::Column::Id",
on_update = "Cascade",
on_delete = "Cascade"
)]
Users,
}
impl Related<super::discount_profiles::Entity> for Entity {
fn to() -> RelationDef {
Relation::DiscountProfiles.def()
}
}
impl Related<super::product_variants::Entity> for Entity {
fn to() -> RelationDef {
Relation::ProductVariants.def()
}
}
impl Related<super::users::Entity> for Entity {
fn to() -> RelationDef {
Relation::Users.def()
}
}

33
src/models/_entities/audience_discount_profiles.rs Normal file
View File

@@ -0,0 +1,33 @@
//! `SeaORM` Entity, @generated by sea-orm-codegen 1.1.19
use sea_orm::entity::prelude::*;
use serde::{Deserialize, Serialize};
#[derive(Clone, Debug, PartialEq, DeriveEntityModel, Eq, Serialize, Deserialize)]
#[sea_orm(table_name = "audience_discount_profiles")]
pub struct Model {
pub created_at: DateTimeWithTimeZone,
pub updated_at: DateTimeWithTimeZone,
#[sea_orm(primary_key)]
pub id: i32,
pub audience: String,
pub discount_profile_id: i32,
}
#[derive(Copy, Clone, Debug, EnumIter, DeriveRelation)]
pub enum Relation {
#[sea_orm(
belongs_to = "super::discount_profiles::Entity",
from = "Column::DiscountProfileId",
to = "super::discount_profiles::Column::Id",
on_update = "Cascade",
on_delete = "Cascade"
)]
DiscountProfiles,
}
impl Related<super::discount_profiles::Entity> for Entity {
fn to() -> RelationDef {
Relation::DiscountProfiles.def()
}
}

2
src/models/_entities/audit_logs.rs
View File

@@ -1,4 +1,4 @@
//! `SeaORM` Entity, @generated by sea-orm-codegen 1.1.20
//! `SeaORM` Entity, @generated by sea-orm-codegen 1.1.19
use sea_orm::entity::prelude::*;
use serde::{Deserialize, Serialize};

8
src/models/_entities/categories.rs
View File

@@ -1,4 +1,4 @@
//! `SeaORM` Entity, @generated by sea-orm-codegen 1.1.20
//! `SeaORM` Entity, @generated by sea-orm-codegen 1.1.19
use sea_orm::entity::prelude::*;
use serde::{Deserialize, Serialize};
@@ -23,8 +23,6 @@ pub struct Model {
#[derive(Copy, Clone, Debug, EnumIter, DeriveRelation)]
pub enum Relation {
#[sea_orm(has_many = "super::products::Entity")]
Products,
#[sea_orm(
belongs_to = "Entity",
from = "Column::ParentId",
@@ -32,7 +30,9 @@ pub enum Relation {
on_update = "Cascade",
on_delete = "SetNull"
)]
Parent,
SelfRef,
#[sea_orm(has_many = "super::products::Entity")]
Products,
}
impl Related<super::products::Entity> for Entity {

15
src/models/_entities/customer_profiles.rs
View File

@@ -1,5 +1,4 @@
//! `SeaORM` Entity for customer shipping/contact profiles. Hand-written to match
//! the `customer_profiles` migration (1:1 with `users` via a unique `user_id`).
//! `SeaORM` Entity, @generated by sea-orm-codegen 1.1.19
use sea_orm::entity::prelude::*;
use serde::{Deserialize, Serialize};
@@ -11,18 +10,18 @@ pub struct Model {
pub updated_at: DateTimeWithTimeZone,
#[sea_orm(primary_key)]
pub id: i32,
#[sea_orm(unique)]
pub user_id: i32,
pub company_name: Option<String>,
pub company_id: Option<String>,
pub tax_id: Option<String>,
pub vat_id: Option<String>,
pub phone_prefix: Option<String>,
pub phone: Option<String>,
pub address: Option<String>,
pub city: Option<String>,
pub zip: Option<String>,
pub country: Option<String>,
#[sea_orm(unique)]
pub user_id: i32,
pub company_name: Option<String>,
pub company_id: Option<String>,
pub tax_id: Option<String>,
pub vat_id: Option<String>,
}
#[derive(Copy, Clone, Debug, EnumIter, DeriveRelation)]

47
src/models/_entities/discount_profile_products.rs Normal file
View File

@@ -0,0 +1,47 @@
//! `SeaORM` Entity, @generated by sea-orm-codegen 1.1.19
use sea_orm::entity::prelude::*;
use serde::{Deserialize, Serialize};
#[derive(Clone, Debug, PartialEq, DeriveEntityModel, Eq, Serialize, Deserialize)]
#[sea_orm(table_name = "discount_profile_products")]
pub struct Model {
pub created_at: DateTimeWithTimeZone,
pub updated_at: DateTimeWithTimeZone,
#[sea_orm(primary_key)]
pub id: i32,
pub discount_profile_id: i32,
pub product_id: i32,
}
#[derive(Copy, Clone, Debug, EnumIter, DeriveRelation)]
pub enum Relation {
#[sea_orm(
belongs_to = "super::discount_profiles::Entity",
from = "Column::DiscountProfileId",
to = "super::discount_profiles::Column::Id",
on_update = "Cascade",
on_delete = "Cascade"
)]
DiscountProfiles,
#[sea_orm(
belongs_to = "super::products::Entity",
from = "Column::ProductId",
to = "super::products::Column::Id",
on_update = "Cascade",
on_delete = "Cascade"
)]
Products,
}
impl Related<super::discount_profiles::Entity> for Entity {
fn to() -> RelationDef {
Relation::DiscountProfiles.def()
}
}
impl Related<super::products::Entity> for Entity {
fn to() -> RelationDef {
Relation::Products.def()
}
}

52
src/models/_entities/discount_profiles.rs Normal file
View File

@@ -0,0 +1,52 @@
//! `SeaORM` Entity, @generated by sea-orm-codegen 1.1.19
use sea_orm::entity::prelude::*;
use serde::{Deserialize, Serialize};
#[derive(Clone, Debug, PartialEq, DeriveEntityModel, Eq, Serialize, Deserialize)]
#[sea_orm(table_name = "discount_profiles")]
pub struct Model {
pub created_at: DateTimeWithTimeZone,
pub updated_at: DateTimeWithTimeZone,
#[sea_orm(primary_key)]
pub id: i32,
pub name: String,
pub percent_bp: i32,
pub scope_type: String,
}
#[derive(Copy, Clone, Debug, EnumIter, DeriveRelation)]
pub enum Relation {
#[sea_orm(has_many = "super::account_discount_profiles::Entity")]
AccountDiscountProfiles,
#[sea_orm(has_many = "super::account_product_resolutions::Entity")]
AccountProductResolutions,
#[sea_orm(has_many = "super::audience_discount_profiles::Entity")]
AudienceDiscountProfiles,
#[sea_orm(has_many = "super::discount_profile_products::Entity")]
DiscountProfileProducts,
}
impl Related<super::account_discount_profiles::Entity> for Entity {
fn to() -> RelationDef {
Relation::AccountDiscountProfiles.def()
}
}
impl Related<super::account_product_resolutions::Entity> for Entity {
fn to() -> RelationDef {
Relation::AccountProductResolutions.def()
}
}
impl Related<super::audience_discount_profiles::Entity> for Entity {
fn to() -> RelationDef {
Relation::AudienceDiscountProfiles.def()
}
}
impl Related<super::discount_profile_products::Entity> for Entity {
fn to() -> RelationDef {
Relation::DiscountProfileProducts.def()
}
}

9
src/models/_entities/mod.rs
View File

@@ -1,16 +1,23 @@
//! `SeaORM` Entity, @generated by sea-orm-codegen 1.1.20
//! `SeaORM` Entity, @generated by sea-orm-codegen 1.1.19
pub mod prelude;
pub mod account_discount_profiles;
pub mod account_product_prices;
pub mod account_product_resolutions;
pub mod audience_discount_profiles;
pub mod audit_logs;
pub mod categories;
pub mod customer_profiles;
pub mod discount_profile_products;
pub mod discount_profiles;
pub mod o_auth2_sessions;
pub mod order_items;
pub mod orders;
pub mod product_images;
pub mod product_product_tags;
pub mod product_tags;
pub mod product_variants;
pub mod products;
pub mod shipping_methods;
pub mod users;

11
src/models/_entities/o_auth2_sessions.rs
View File

@@ -1,6 +1,4 @@
//! `SeaORM` Entity for loco-oauth2 sessions. Hand-written to match the
//! `o_auth2_sessions` migration (the rest of `_entities/` is codegen; this table
//! is owned by the loco-oauth2 integration).
//! `SeaORM` Entity, @generated by sea-orm-codegen 1.1.19
use sea_orm::entity::prelude::*;
use serde::{Deserialize, Serialize};
@@ -8,12 +6,13 @@ use serde::{Deserialize, Serialize};
#[derive(Clone, Debug, PartialEq, DeriveEntityModel, Eq, Serialize, Deserialize)]
#[sea_orm(table_name = "o_auth2_sessions")]
pub struct Model {
pub created_at: DateTimeUtc,
pub updated_at: DateTimeUtc,
pub created_at: DateTimeWithTimeZone,
pub updated_at: DateTimeWithTimeZone,
#[sea_orm(primary_key)]
pub id: i32,
#[sea_orm(unique)]
pub session_id: String,
pub expires_at: DateTimeUtc,
pub expires_at: DateTimeWithTimeZone,
pub user_id: i32,
}

18
src/models/_entities/order_items.rs
View File

@@ -1,4 +1,4 @@
//! `SeaORM` Entity, @generated by sea-orm-codegen 1.1.20
//! `SeaORM` Entity, @generated by sea-orm-codegen 1.1.19
use sea_orm::entity::prelude::*;
use serde::{Deserialize, Serialize};
@@ -15,6 +15,8 @@ pub struct Model {
pub quantity: i32,
pub order_id: i32,
pub product_id: Option<i32>,
pub variant_label: String,
pub variant_id: Option<i32>,
}
#[derive(Copy, Clone, Debug, EnumIter, DeriveRelation)]
@@ -27,6 +29,14 @@ pub enum Relation {
on_delete = "Cascade"
)]
Orders,
#[sea_orm(
belongs_to = "super::product_variants::Entity",
from = "Column::VariantId",
to = "super::product_variants::Column::Id",
on_update = "NoAction",
on_delete = "SetNull"
)]
ProductVariants,
#[sea_orm(
belongs_to = "super::products::Entity",
from = "Column::ProductId",
@@ -43,6 +53,12 @@ impl Related<super::orders::Entity> for Entity {
}
}
impl Related<super::product_variants::Entity> for Entity {
fn to() -> RelationDef {
Relation::ProductVariants.def()
}
}
impl Related<super::products::Entity> for Entity {
fn to() -> RelationDef {
Relation::Products.def()

16
src/models/_entities/orders.rs
View File

@@ -1,4 +1,4 @@
//! `SeaORM` Entity, @generated by sea-orm-codegen 1.1.20
//! `SeaORM` Entity, @generated by sea-orm-codegen 1.1.19
use sea_orm::entity::prelude::*;
use serde::{Deserialize, Serialize};
@@ -13,17 +13,10 @@ pub struct Model {
#[sea_orm(unique)]
pub order_number: String,
pub email: String,
pub phone: Option<String>,
pub customer_name: Option<String>,
pub status: String,
pub total_cents: i64,
pub currency: String,
pub user_id: Option<i32>,
pub account_type: String,
pub company_name: Option<String>,
pub company_id: Option<String>,
pub tax_id: Option<String>,
pub vat_id: Option<String>,
pub address: Option<String>,
pub city: Option<String>,
pub zip: Option<String>,
@@ -39,6 +32,13 @@ pub struct Model {
pub tracking_number: Option<String>,
pub shipment_id: Option<String>,
pub label_url: Option<String>,
pub phone: Option<String>,
pub account_type: String,
pub company_name: Option<String>,
pub company_id: Option<String>,
pub tax_id: Option<String>,
pub vat_id: Option<String>,
pub user_id: Option<i32>,
}
#[derive(Copy, Clone, Debug, EnumIter, DeriveRelation)]

9
src/models/_entities/prelude.rs
View File

@@ -1,14 +1,21 @@
//! `SeaORM` Entity, @generated by sea-orm-codegen 1.1.20
//! `SeaORM` Entity, @generated by sea-orm-codegen 1.1.19
pub use super::account_discount_profiles::Entity as AccountDiscountProfiles;
pub use super::account_product_prices::Entity as AccountProductPrices;
pub use super::account_product_resolutions::Entity as AccountProductResolutions;
pub use super::audience_discount_profiles::Entity as AudienceDiscountProfiles;
pub use super::audit_logs::Entity as AuditLogs;
pub use super::categories::Entity as Categories;
pub use super::customer_profiles::Entity as CustomerProfiles;
pub use super::discount_profile_products::Entity as DiscountProfileProducts;
pub use super::discount_profiles::Entity as DiscountProfiles;
pub use super::o_auth2_sessions::Entity as OAuth2Sessions;
pub use super::order_items::Entity as OrderItems;
pub use super::orders::Entity as Orders;
pub use super::product_images::Entity as ProductImages;
pub use super::product_product_tags::Entity as ProductProductTags;
pub use super::product_tags::Entity as ProductTags;
pub use super::product_variants::Entity as ProductVariants;
pub use super::products::Entity as Products;
pub use super::shipping_methods::Entity as ShippingMethods;
pub use super::users::Entity as Users;

2
src/models/_entities/product_images.rs
View File

@@ -1,4 +1,4 @@
//! `SeaORM` Entity, @generated by sea-orm-codegen 1.1.20
//! `SeaORM` Entity, @generated by sea-orm-codegen 1.1.19
use sea_orm::entity::prelude::*;
use serde::{Deserialize, Serialize};

2
src/models/_entities/product_product_tags.rs
View File

@@ -1,4 +1,4 @@
//! `SeaORM` Entity, @generated by sea-orm-codegen 1.1.20
//! `SeaORM` Entity, @generated by sea-orm-codegen 1.1.19
use sea_orm::entity::prelude::*;
use serde::{Deserialize, Serialize};

Some files were not shown because too many files have changed in this diff Show More