Project-Pro/orderPRO
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat(129): order user notes module

Browse Source 
CRUD notatek autorskich operatora per zamowienie z badge [N] na liscie
zamowien. Reuse istniejacej tabeli `order_notes` przez nowy
`note_type='user'` z `user_id` (FK->users SET NULL) i `author_name`
(snapshot). Sekcja `#notes` w "Wiadomosci i zalaczniki" w
`/orders/{id}` z inline edit form + delete przez
`OrderProAlerts.confirm`. Autoryzacja DB-level
(`WHERE user_id = :user_id`, rowCount=0 ⇒ 403) — bez admin override
(brak systemu rol w aplikacji).

- Migracja `20260514_000116_*.sql` (ADD COLUMN user_id + author_name +
  FK + indeks `idx_order_notes_type_order`); idempotentne z DDL
  no-op fallback.
- `OrderNotesService` (CRUD + walidacja body ≤ 2000 znakow); subquery
  `user_notes_count` w paginate; badge HTML w `toTableRow()`.
- 3 routy POST /orders/{id}/notes(/update|/delete).
- SCSS module `_order-notes.scss` + vanilla JS `order-notes.js`
  (inline edit toggle + delete confirm; idempotent guard).
- 9 kluczy i18n PL; PROJECT.md + ROADMAP.md + tech_changelog.md +
  db_schema.md zaktualizowane.

Follow-up: `php bin/migrate.php` + manualny smoke test (autor vs inny
user + badge na /orders/list).

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
This commit is contained in:
Jacek Pyziak
2026-05-14 15:20:05 +02:00
parent c78ac335ee
commit 48351b5f36
20 changed files with 1261 additions and 25 deletions
Download Patch File Download Diff File Expand all files Collapse all files

64
resources/views/orders/show.php
View File

@@ -7,6 +7,9 @@ $shipmentsList = is_array($shipments ?? null) ? $shipments : [];
$packagesList = is_array($packages ?? null) ? $packages : [];
$documentsList = is_array($documents ?? null) ? $documents : [];
$notesList = is_array($notes ?? null) ? $notes : [];
$userNotesList = is_array($userNotes ?? null) ? $userNotes : [];
$currentUserIdValue = (int) ($currentUserId ?? 0);
$csrfTokenValue = (string) ($csrfToken ?? '');
$receiptsList = is_array($receipts ?? null) ? $receipts : [];
$receiptConfigsList = is_array($receiptConfigs ?? null) ? $receiptConfigs : [];
$invoicesList = is_array($invoices ?? null) ? $invoices : [];
@@ -447,19 +450,70 @@ foreach ($addressesList as $address) {
</section>
<section class="mt-16 order-grid-2">
<article class="card">
<article class="card" id="notes">
<h3 class="section-title"><?= $e($t('orders.details.notes_title')) ?></h3>
<div class="order-events mt-12">
<?php if ($notesList === []): ?>
<div class="muted">-</div>
<div class="order-user-notes mt-12" data-order-id="<?= (int) ($orderId ?? 0) ?>">
<h4 class="order-notes-subtitle"><?= $e($t('orders.details.notes_user_title')) ?></h4>
<?php if ($userNotesList === []): ?>
<div class="muted"><?= $e($t('orders.details.notes_user_empty')) ?></div>
<?php endif; ?>
<?php foreach ($userNotesList as $userNote): ?>
<?php
$noteId = (int) ($userNote['id'] ?? 0);
$noteAuthorId = (int) ($userNote['user_id'] ?? 0);
$noteAuthorName = trim((string) ($userNote['author_name'] ?? ''));
$noteCreatedAt = (string) ($userNote['created_at'] ?? '');
$noteBody = (string) ($userNote['body'] ?? '');
$canEdit = $currentUserIdValue > 0 && $noteAuthorId === $currentUserIdValue;
?>
<div class="order-event order-event--user" data-note-id="<?= $noteId ?>">
<div class="order-event__head">
<span class="order-event__meta"><?= $e($noteCreatedAt) ?><?php if ($noteAuthorName !== ''): ?> &middot; <?= $e($noteAuthorName) ?><?php endif; ?></span>
<?php if ($canEdit): ?>
<span class="order-event__actions">
<button type="button" class="btn-link js-order-note-edit" data-note-id="<?= $noteId ?>"><?= $e($t('orders.details.notes_user_edit')) ?></button>
<form method="post" action="/orders/<?= (int) ($orderId ?? 0) ?>/notes/<?= $noteId ?>/delete" class="js-order-note-delete" style="display:inline">
<input type="hidden" name="_token" value="<?= $e($csrfTokenValue) ?>">
<button type="submit" class="btn-link btn-link--danger"><?= $e($t('orders.details.notes_user_delete')) ?></button>
</form>
</span>
<?php endif; ?>
</div>
<div class="order-event__body js-order-note-body"><?= nl2br($e($noteBody)) ?></div>
<?php if ($canEdit): ?>
<form method="post" action="/orders/<?= (int) ($orderId ?? 0) ?>/notes/<?= $noteId ?>/update" class="order-note-edit-form js-order-note-edit-form" style="display:none">
<input type="hidden" name="_token" value="<?= $e($csrfTokenValue) ?>">
<textarea name="body" class="form-control" rows="3" maxlength="2000" required><?= $e($noteBody) ?></textarea>
<div class="order-note-edit-form__actions">
<button type="submit" class="btn btn-primary btn-sm"><?= $e($t('orders.details.notes_user_save')) ?></button>
<button type="button" class="btn btn-default btn-sm js-order-note-edit-cancel"><?= $e($t('orders.details.notes_user_cancel')) ?></button>
</div>
</form>
<?php endif; ?>
</div>
<?php endforeach; ?>
<form method="post" action="/orders/<?= (int) ($orderId ?? 0) ?>/notes" class="order-note-form mt-12">
<input type="hidden" name="_token" value="<?= $e($csrfTokenValue) ?>">
<textarea name="body" class="form-control" rows="3" maxlength="2000" placeholder="<?= $e($t('orders.details.notes_user_add_placeholder')) ?>" required></textarea>
<div class="order-note-form__actions">
<button type="submit" class="btn btn-primary btn-sm"><?= $e($t('orders.details.notes_user_save')) ?></button>
</div>
</form>
</div>
<?php if ($notesList !== []): ?>
<div class="order-imported-notes mt-16">
<h4 class="order-notes-subtitle"><?= $e($t('orders.details.notes_imported_title')) ?></h4>
<?php foreach ($notesList as $note): ?>
<div class="order-event">
<div class="order-event order-event--imported">
<div class="order-event__head"><?= $e((string) ($note['note_type'] ?? '')) ?> | <?= $e((string) ($note['created_at_external'] ?? '')) ?></div>
<div class="order-event__body"><?= $e((string) ($note['comment'] ?? '')) ?></div>
</div>
<?php endforeach; ?>
</div>
<?php endif; ?>
</article>
<article class="card">