Add store settings page with location management

Company table gains address and logo_file_id columns. New store settings API: GET/PATCH /store for company info, full CRUD for /locations. Settings page shows store name, phone, email, address, timezone with inline edit. Location cards with add/edit/delete. Settings link in admin sidebar. Fixes leftover company_id on location table and seed files.
2026-03-29 15:56:02 -05:00
parent 0f6cc104d2
commit 653fff6ce2
10 changed files with 497 additions and 6 deletions
--- a/packages/backend/src/db/migrations/0023_store_settings.sql
+++ b/packages/backend/src/db/migrations/0023_store_settings.sql
@@ -0,0 +1,6 @@
+-- Add address and logo to company (store settings)
+ALTER TABLE "company" ADD COLUMN IF NOT EXISTS "address" jsonb;
+ALTER TABLE "company" ADD COLUMN IF NOT EXISTS "logo_file_id" uuid REFERENCES "file"("id");
+
+-- Drop leftover company_id from location (missed in 0021)
+ALTER TABLE "location" DROP COLUMN IF EXISTS "company_id";
--- a/packages/backend/src/db/migrations/meta/_journal.json
+++ b/packages/backend/src/db/migrations/meta/_journal.json
@@ -162,6 +162,13 @@
      "when": 1774820000000,
      "tag": "0022_shared_file_storage",
      "breakpoints": true
+    },
+    {
+      "idx": 23,
+      "version": "7",
+      "when": 1774830000000,
+      "tag": "0023_store_settings",
+      "breakpoints": true
    }
  ]
 }
--- a/packages/backend/src/db/schema/stores.ts
+++ b/packages/backend/src/db/schema/stores.ts
@@ -5,7 +5,14 @@ export const companies = pgTable('company', {
  name: varchar('name', { length: 255 }).notNull(),
  phone: varchar('phone', { length: 50 }),
  email: varchar('email', { length: 255 }),
+  address: jsonb('address').$type<{
+    street?: string
+    city?: string
+    state?: string
+    zip?: string
+  }>(),
  timezone: varchar('timezone', { length: 100 }).notNull().default('America/Chicago'),
+  logoFileId: uuid('logo_file_id'),
  notes: text('notes'),
  createdAt: timestamp('created_at', { withTimezone: true }).notNull().defaultNow(),
  updatedAt: timestamp('updated_at', { withTimezone: true }).notNull().defaultNow(),
@@ -13,9 +20,6 @@ export const companies = pgTable('company', {

 export const locations = pgTable('location', {
  id: uuid('id').primaryKey().defaultRandom(),
-  companyId: uuid('company_id')
-    .notNull()
-    .references(() => companies.id),
  name: varchar('name', { length: 255 }).notNull(),
  address: jsonb('address').$type<{
    street?: string
--- a/packages/backend/src/db/seed.ts
+++ b/packages/backend/src/db/seed.ts
@@ -26,7 +26,6 @@ async function seed() {
    .insert(locations)
    .values({
      id: DEV_LOCATION_ID,
-      companyId: DEV_COMPANY_ID,
      name: 'Main Store',
      address: {
        street: '123 Main St',
--- a/packages/backend/src/main.ts
+++ b/packages/backend/src/main.ts
@@ -17,6 +17,7 @@ import { fileRoutes } from './routes/v1/files.js'
 import { rbacRoutes } from './routes/v1/rbac.js'
 import { repairRoutes } from './routes/v1/repairs.js'
 import { storageRoutes } from './routes/v1/storage.js'
+import { storeRoutes } from './routes/v1/store.js'
 import { RbacService } from './services/rbac.service.js'

 export async function buildApp() {
@@ -69,6 +70,7 @@ export async function buildApp() {
  await app.register(rbacRoutes, { prefix: '/v1' })
  await app.register(repairRoutes, { prefix: '/v1' })
  await app.register(storageRoutes, { prefix: '/v1' })
+  await app.register(storeRoutes, { prefix: '/v1' })

  // Auto-seed system permissions on startup
  app.addHook('onReady', async () => {
--- a/packages/backend/src/routes/v1/store.ts
+++ b/packages/backend/src/routes/v1/store.ts
@@ -0,0 +1,76 @@
+import type { FastifyPluginAsync } from 'fastify'
+import { eq } from 'drizzle-orm'
+import { companies, locations } from '../../db/schema/stores.js'
+import { ValidationError } from '../../lib/errors.js'
+
+export const storeRoutes: FastifyPluginAsync = async (app) => {
+  // --- Company / Store Settings ---
+
+  app.get('/store', { preHandler: [app.authenticate, app.requirePermission('settings.view')] }, async (request, reply) => {
+    const [store] = await app.db.select().from(companies).limit(1)
+    if (!store) return reply.status(404).send({ error: { message: 'No store configured', statusCode: 404 } })
+    return reply.send(store)
+  })
+
+  app.patch('/store', { preHandler: [app.authenticate, app.requirePermission('settings.edit')] }, async (request, reply) => {
+    const input = request.body as Record<string, unknown>
+    const [store] = await app.db.select({ id: companies.id }).from(companies).limit(1)
+    if (!store) return reply.status(404).send({ error: { message: 'No store configured', statusCode: 404 } })
+
+    const updates: Record<string, unknown> = { updatedAt: new Date() }
+    if (input.name !== undefined) updates.name = input.name
+    if (input.phone !== undefined) updates.phone = input.phone
+    if (input.email !== undefined) updates.email = input.email
+    if (input.address !== undefined) updates.address = input.address
+    if (input.timezone !== undefined) updates.timezone = input.timezone
+    if (input.logoFileId !== undefined) updates.logoFileId = input.logoFileId
+    if (input.notes !== undefined) updates.notes = input.notes
+
+    const [updated] = await app.db.update(companies).set(updates).where(eq(companies.id, store.id)).returning()
+    return reply.send(updated)
+  })
+
+  // --- Locations (Stores) ---
+
+  app.get('/locations', { preHandler: [app.authenticate, app.requirePermission('settings.view')] }, async (request, reply) => {
+    const data = await app.db.select().from(locations).where(eq(locations.isActive, true)).orderBy(locations.name)
+    return reply.send({ data })
+  })
+
+  app.post('/locations', { preHandler: [app.authenticate, app.requirePermission('settings.edit')] }, async (request, reply) => {
+    const input = request.body as { name?: string; address?: Record<string, string>; phone?: string; email?: string; timezone?: string }
+    if (!input.name?.trim()) throw new ValidationError('Location name is required')
+
+    const [location] = await app.db.insert(locations).values({
+      name: input.name.trim(),
+      address: input.address,
+      phone: input.phone,
+      email: input.email,
+      timezone: input.timezone,
+    }).returning()
+    return reply.status(201).send(location)
+  })
+
+  app.patch('/locations/:id', { preHandler: [app.authenticate, app.requirePermission('settings.edit')] }, async (request, reply) => {
+    const { id } = request.params as { id: string }
+    const input = request.body as Record<string, unknown>
+
+    const updates: Record<string, unknown> = { updatedAt: new Date() }
+    if (input.name !== undefined) updates.name = input.name
+    if (input.phone !== undefined) updates.phone = input.phone
+    if (input.email !== undefined) updates.email = input.email
+    if (input.address !== undefined) updates.address = input.address
+    if (input.timezone !== undefined) updates.timezone = input.timezone
+
+    const [location] = await app.db.update(locations).set(updates).where(eq(locations.id, id)).returning()
+    if (!location) return reply.status(404).send({ error: { message: 'Location not found', statusCode: 404 } })
+    return reply.send(location)
+  })
+
+  app.delete('/locations/:id', { preHandler: [app.authenticate, app.requirePermission('settings.edit')] }, async (request, reply) => {
+    const { id } = request.params as { id: string }
+    const [location] = await app.db.update(locations).set({ isActive: false, updatedAt: new Date() }).where(eq(locations.id, id)).returning()
+    if (!location) return reply.status(404).send({ error: { message: 'Location not found', statusCode: 404 } })
+    return reply.send(location)
+  })
+}
--- a/packages/backend/src/test/helpers.ts
+++ b/packages/backend/src/test/helpers.ts
@@ -38,7 +38,6 @@ export async function seedTestCompany(app: FastifyInstance): Promise<void> {
  })
  await app.db.insert(locations).values({
    id: TEST_LOCATION_ID,
-    companyId: TEST_COMPANY_ID,
    name: 'Test Location',
  })