jason/cpas
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Compare commits

base: jason:e8962f058cebcb27d6b9bf4e0c27db762351f43e
Branches Tags
jason:master jason:roadmap jason:claude
...
compare: jason:master
Branches Tags
jason:roadmap jason:master jason:claude

54 Commits
e8962f058c ... master

Author SHA1 Message Date
jason
9b80afd54d Merge pull request 'roadmap' (#23) from roadmap into master 
Reviewed-on: #23
 2026-03-07 09:30:45 -06:00
jason
970bc0efea feat: add Audit Log button to Dashboard toolbar 2026-03-07 09:26:33 -06:00
jason
7ee76468c4 feat: wire EditEmployeeModal and AmendViolationModal into EmployeeModal 2026-03-07 09:25:49 -06:00
jason
2525cce03e feat: AuditLog panel component — filterable, paginated audit trail 2026-03-07 09:24:49 -06:00
jason
15d3f02884 feat: AmendViolationModal — edit non-scoring fields with full diff history 2026-03-07 09:24:13 -06:00
jason
ee91a16506 feat: EditEmployeeModal — edit name/dept/supervisor and merge duplicates 2026-03-07 09:23:39 -06:00
jason
5004c56915 feat: employee edit/merge, violation amendment, audit log endpoints 2026-03-07 09:23:04 -06:00
jason
9b6f2353be feat(db): add violation_amendments and audit_log tables 2026-03-07 09:22:01 -06:00
jason
5140dbbc25 Merge pull request 'fix: reduce PDF margins and remove redundant puppeteer footer' (#22) from claude into master 
Reviewed-on: #22
 2026-03-06 23:41:15 -06:00
jason
bcf0e3f3d1 fix: reduce PDF margins and remove redundant puppeteer footer 2026-03-06 23:40:49 -06:00
jason
2bc1740e02 Merge pull request 'feat: redesign PDF template - clean modern layout with inline logo' (#21) from claude into master 
Reviewed-on: #21
 2026-03-06 23:37:57 -06:00
jason
3977c3652f feat: redesign PDF template - clean modern layout with inline logo 2026-03-06 23:34:45 -06:00
jason
e19ef255ac Merge pull request 'fix: dark mode colors in ViolationHistory component' (#20) from claude into master 
Reviewed-on: #20
 2026-03-06 23:27:24 -06:00
jason
f4f191518c fix: dark mode colors in ViolationHistory component 2026-03-06 23:26:39 -06:00
jason
69272f71a3 docs: add roadmap section with completed features and proposed enhancements 2026-03-06 23:21:24 -06:00
jason
a6447970ac docs: update README to reflect current codebase (phases 1-4 complete) 2026-03-06 23:18:28 -06:00
jason
e0170d71f5 Merge pull request 'Upload files to "/"' (#19) from p4-hotfixes into master 
Reviewed-on: #19
 2026-03-06 18:00:01 -06:00
jason
4bb09997ee Upload files to "/" 2026-03-06 17:59:48 -06:00
jason
52a57f21b0 Merge pull request 'Upload files to "client/src/components"' (#18) from p4-hotfixes into master 
Reviewed-on: #18
 2026-03-06 17:43:31 -06:00
jason
3cc62c2746 Upload files to "client/src/components" 2026-03-06 17:43:14 -06:00
jason
47e14ae23b Merge pull request 'Upload files to "client/src/components"' (#17) from p4-hotfixes into master 
Reviewed-on: #17
 2026-03-06 17:20:42 -06:00
jason
a6d4885a53 Upload files to "client/src/components" 2026-03-06 17:19:57 -06:00
jason
f4869b42b4 Merge pull request 'p4-hotfixes' (#16) from p4-hotfixes into master 
Reviewed-on: http://10.2.0.2:3000/jason/cpas/pulls/16
 2026-03-06 15:44:34 -06:00
jason
98fe9d4a79 Upload files to "client/src/components" 2026-03-06 15:44:15 -06:00
jason
f52af27114 Upload files to "client/src/components" 2026-03-06 15:38:20 -06:00
jason
7ff066011d Merge pull request 'Upload files to "client/src/components"' (#15) from p4-hotfixes into master 
Reviewed-on: http://10.2.0.2:3000/jason/cpas/pulls/15
 2026-03-06 15:26:06 -06:00
jason
35b4ded10c Upload files to "client/src/components" 2026-03-06 15:25:48 -06:00
jason
5ef61f6590 Merge pull request 'p4-hotfixes' (#14) from p4-hotfixes into master 
Reviewed-on: http://10.2.0.2:3000/jason/cpas/pulls/14
 2026-03-06 15:01:04 -06:00
jason
cb8c56adfa Upload files to "pdf" 2026-03-06 15:00:27 -06:00
jason
accb24a286 Upload files to "db" 2026-03-06 14:59:55 -06:00
jason
fdfa0bcf2f Upload files to "/" 2026-03-06 14:42:12 -06:00
jason
2ac330904d Merge pull request 'p4-hotfixes' (#13) from p4-hotfixes into master 
Reviewed-on: http://10.2.0.2:3000/jason/cpas/pulls/13
 2026-03-06 14:38:57 -06:00
jason
60e9da488c Upload files to "pdf" 2026-03-06 14:38:43 -06:00
jason
1a09efbfe5 Upload files to "client/src/components" 2026-03-06 14:38:29 -06:00
jason
de07e77e07 Merge pull request 'Update client/src/components/ViolationForm.jsx' (#12) from p4-hotfixes into master 
Reviewed-on: http://10.2.0.2:3000/jason/cpas/pulls/12
 2026-03-06 14:23:44 -06:00
jason
722f404269 Update client/src/components/ViolationForm.jsx 2026-03-06 14:23:19 -06:00
jason
7db080bd2a Merge pull request 'Upload files to "client/src/components"' (#11) from p4-hotfixes into master 
Reviewed-on: http://10.2.0.2:3000/jason/cpas/pulls/11
 2026-03-06 14:21:26 -06:00
jason
571c8f2838 Upload files to "client/src/components" 2026-03-06 14:20:57 -06:00
jason
eb07832cc7 Upload files to "client/public/static" 2026-03-06 14:15:05 -06:00
jason
6305cedb14 Delete client/public 2026-03-06 14:14:27 -06:00
jason
f006c015b0 Add client/public 2026-03-06 14:14:11 -06:00
jason
ecc9f3b9f6 Merge pull request 'p4-hotfixes' (#10) from p4-hotfixes into master 
Reviewed-on: http://10.2.0.2:3000/jason/cpas/pulls/10
 2026-03-06 14:13:15 -06:00
jason
066f95cc88 Upload files to "pdf" 2026-03-06 14:12:00 -06:00
jason
2383e3cc94 Upload files to "client/src/components" 2026-03-06 14:11:46 -06:00
jason
8bbfd90f48 Upload files to "client/src" 2026-03-06 14:11:36 -06:00
jason
590aae5cca Upload files to "/" 2026-03-06 14:11:19 -06:00
jason
39738ed3e1 Merge pull request 'p4' (#9) from p4 into master 
Reviewed-on: http://10.2.0.2:3000/jason/cpas/pulls/9
 2026-03-06 13:57:51 -06:00
jason
821192e879 Update db/database.js 2026-03-06 13:56:36 -06:00
jason
610d72ab66 Upload files to "pdf" 2026-03-06 13:50:42 -06:00
jason
5bcd6d07dc Upload files to "client/src/components" 2026-03-06 13:50:25 -06:00
jason
1533d9aeab Merge pull request 'Hotfixes' (#7) from p4 into master 
Reviewed-on: http://10.2.0.2:3000/jason/cpas/pulls/7
 2026-03-06 13:46:45 -06:00
Jason UNRAID
1991c105b7 Hotfixes 2026-03-06 13:46:12 -06:00
jason
2a42e335ca Merge pull request 'Phase 4' (#6) from p4 into master 
Reviewed-on: http://10.2.0.2:3000/jason/cpas/pulls/6
 2026-03-06 12:54:52 -06:00
Jason UNRAID
333cad41d7 Phase 4 2026-03-06 12:53:40 -06:00
17 changed files with 2736 additions and 800 deletions
Expand all files Collapse all files

39
Dockerfile
View File

@@ -1,61 +1,28 @@
# ─────────────────────────────────────────────────────────────────────────────
# Stage 1: Builder
# Installs ALL dependencies and compiles the React frontend inside Docker.
# Nothing needs to be installed on the host machine except Docker itself.
# ─────────────────────────────────────────────────────────────────────────────
FROM node:20-alpine AS builder FROM node:20-alpine AS builder
WORKDIR /build WORKDIR /build
# Install backend deps
COPY package.json ./ COPY package.json ./
RUN npm install RUN npm install
# Install frontend deps and build React app
COPY client/package.json ./client/ COPY client/package.json ./client/
RUN cd client && npm install RUN cd client && npm install
COPY client/ ./client/ COPY client/ ./client/
RUN cd client && npm run build RUN cd client && npm run build
# ─────────────────────────────────────────────────────────────────────────────
# Stage 2: Production image
# ─────────────────────────────────────────────────────────────────────────────
FROM node:20-alpine AS production FROM node:20-alpine AS production
RUN apk add --no-cache chromium nss freetype harfbuzz ca-certificates ttf-freefont
# Chromium for Puppeteer PDF generation
RUN apk add --no-cache \
chromium \
nss \
freetype \
harfbuzz \
ca-certificates \
ttf-freefont
ENV PUPPETEER_SKIP_CHROMIUM_DOWNLOAD=true ENV PUPPETEER_SKIP_CHROMIUM_DOWNLOAD=true
ENV PUPPETEER_EXECUTABLE_PATH=/usr/bin/chromium-browser ENV PUPPETEER_EXECUTABLE_PATH=/usr/bin/chromium-browser
ENV NODE_ENV=production ENV NODE_ENV=production
ENV PORT=3001 ENV PORT=3001
ENV DB_PATH=/data/cpas.db ENV DB_PATH=/data/cpas.db
WORKDIR /app WORKDIR /app
# Copy backend node_modules and compiled frontend from builder
COPY --from=builder /build/node_modules ./node_modules COPY --from=builder /build/node_modules ./node_modules
COPY --from=builder /build/client/dist ./client/dist COPY --from=builder /build/client/dist ./client/dist
# Copy all backend source files
COPY server.js ./ COPY server.js ./
COPY package.json ./ COPY package.json ./
COPY db/ ./db/ COPY db/ ./db/
COPY pdf/ ./pdf/ COPY pdf/ ./pdf/
COPY client/public/static ./client/dist/static
# Ensure data directory exists
RUN mkdir -p /data RUN mkdir -p /data
EXPOSE 3001 EXPOSE 3001
HEALTHCHECK --interval=30s --timeout=5s --start-period=10s --retries=3 CMD wget -qO- http://localhost:3001/api/health || exit 1
HEALTHCHECK --interval=30s --timeout=5s --start-period=10s --retries=3 \
CMD wget -qO- http://localhost:3001/api/health || exit 1
CMD ["node", "server.js"] CMD ["node", "server.js"]

172
README.md
View File

@@ -1,11 +1,13 @@
# CPAS Violation Tracker # CPAS Violation Tracker
Single-container Dockerized web app for CPAS violation documentation. Single-container Dockerized web app for CPAS violation documentation and workforce standing management.
Built with React + Vite (frontend), Node.js + Express (backend), SQLite (database). Built with **React + Vite** (frontend), **Node.js + Express** (backend), **SQLite** (database), and **Puppeteer** (PDF generation).
---
## The only requirement on your machine: Docker Desktop ## The only requirement on your machine: Docker Desktop
Everything else — Node.js, npm, React build — happens inside Docker. Everything else — Node.js, npm, React build, Chromium for PDF — happens inside Docker.
--- ---
@@ -41,17 +43,87 @@ docker stop cpas-tracker && docker rm cpas-tracker
docker run -d --name cpas-tracker -p 3001:3001 -v cpas-data:/data cpas-tracker docker run -d --name cpas-tracker -p 3001:3001 -v cpas-data:/data cpas-tracker
``` ```
---
## Features
### Company Dashboard
- Live table of all employees sorted by active CPAS points (highest risk first)
- Summary stat cards: total employees, elite standing (0 pts), with active points, at-risk count, highest active score
- **At-risk badge**: flags employees within 2 points of the next tier escalation
- Search/filter by name, department, or supervisor
- Click any employee name to open their full profile modal
### Violation Form
- Select existing employee or enter new employee by name
- **Employee intelligence**: shows current CPAS standing badge and 90-day violation count before submitting
- Violation type dropdown grouped by category; shows prior 90-day counts inline
- **Recidivist auto-escalation**: if an employee has prior violations of the same type, points slider auto-sets to maximum per policy
- Repeat offense badge with prior count displayed
- Context-sensitive fields (time, minutes late, amount, location, description) shown only when relevant to violation type
- **Tier crossing warning** (TierWarning component): previews what tier the new points would push the employee into before submission
- Point slider for discretionary adjustments within the violation's min/max range
- One-click PDF download immediately after submission
### Employee Profile Modal
- Full violation history with resolution status
- Negate / restore individual violations (soft delete with resolution type + notes)
- Hard delete option for data entry errors
- PDF download for any historical violation record
### CPAS Tier System
| Points | Tier | Label |
|--------|------|-------|
| 04 | 01 | Elite Standing |
| 59 | 1 | Realignment |
| 1014 | 2 | Administrative Lockdown |
| 1519 | 3 | Verification |
| 2024 | 4 | Risk Mitigation |
| 2529 | 5 | Final Decision |
| 30+ | 6 | Separation |
Scores are computed over a **rolling 90-day window** (negated violations excluded).
### PDF Generation
- Puppeteer + system Chromium (bundled in Docker image)
- Generated on-demand per violation via `GET /api/violations/:id/pdf`
- Filename: `CPAS_<EmployeeName>_<IncidentDate>.pdf`
- PDF captures prior active points **at the time of the incident** (snapshot stored on insert)
---
## API Reference
| Method | Endpoint | Description |
|--------|----------|-------------|
| GET | `/api/health` | Health check |
| GET | `/api/employees` | List all employees |
| POST | `/api/employees` | Create or upsert employee |
| GET | `/api/employees/:id/score` | Get active CPAS score for employee |
| GET | `/api/dashboard` | All employees with active points + violation counts |
| POST | `/api/violations` | Log a new violation |
| GET | `/api/violations/employee/:id` | Get violation history for employee (with resolutions) |
| PATCH | `/api/violations/:id/negate` | Negate a violation (soft delete + resolution record) |
| PATCH | `/api/violations/:id/restore` | Restore a negated violation |
| DELETE | `/api/violations/:id` | Hard delete a violation |
| GET | `/api/violations/:id/pdf` | Download violation PDF |
---
## Project Structure ## Project Structure
``` ```
cpas-violation-tracker/ cpas/
├── Dockerfile # Multi-stage: builds React + runs Express ├── Dockerfile # Multi-stage: builds React + runs Express w/ Chromium
├── .dockerignore ├── .dockerignore
├── package.json # Backend (Express) deps ├── package.json # Backend (Express) deps
├── server.js # API + static file server ├── server.js # API + static file server
├── db/ ├── db/
│ ├── schema.sql # Tables + 90-day score view │ ├── schema.sql # Tables + 90-day active score view
│ └── database.js # SQLite connection │ └── database.js # SQLite connection (better-sqlite3)
├── pdf/
│ └── generator.js # Puppeteer PDF generation
└── client/ # React frontend (Vite) └── client/ # React frontend (Vite)
├── package.json ├── package.json
├── vite.config.js ├── vite.config.js
@@ -60,14 +132,84 @@ cpas-violation-tracker/
├── main.jsx ├── main.jsx
├── App.jsx ├── App.jsx
├── data/ ├── data/
│ └── violations.js # All CPAS violation definitions │ └── violations.js # All CPAS violation definitions + groups
├── hooks/
│ └── useEmployeeIntelligence.js # Score + history hook
└── components/ └── components/
── ViolationForm.jsx ── CpasBadge.jsx # Tier badge + color logic
├── TierWarning.jsx # Pre-submit tier crossing alert
├── Dashboard.jsx # Company-wide leaderboard
├── ViolationForm.jsx # Violation entry form
├── EmployeeModal.jsx # Employee profile + history modal
├── NegateModal.jsx # Negate/resolve violation dialog
└── ViolationHistory.jsx # Violation list component
``` ```
## Phases ---
- [x] Phase 1 — Container scaffold, SQLite schema, base React form
- [ ] Phase 2 — Employee history, prior violation highlighting ## Database Schema
- [ ] Phase 3 — Puppeteer PDF generation
- [ ] Phase 4 — Dashboard, CPAS scores, tier warnings Three tables + one view:
- [ ] Phase 5 — Recidivist point auto-suggest
- **`employees`** — id, name, department, supervisor
- **`violations`** — full incident record including `prior_active_points` snapshot at time of logging
- **`violation_resolutions`** — resolution type, details, resolved_by (linked to violations)
- **`active_cpas_scores`** (view) — sum of points for non-negated violations in rolling 90 days, grouped by employee
---
## Roadmap
### ✅ Completed
| Phase | Feature | Description |
|-------|---------|-------------|
| 1 | Container scaffold | Docker multi-stage build, Express server, SQLite schema |
| 1 | Base violation form | Employee fields, violation type, incident date, point submission |
| 2 | Employee intelligence | Live CPAS standing badge and 90-day count shown before submitting |
| 2 | Prior violation highlighting | Violation dropdown annotates types with 90-day recurrence counts |
| 2 | Recidivist auto-escalation | Points slider auto-maximizes on repeat same-type violations |
| 2 | Violation history | Per-employee history list with resolution status |
| 3 | PDF generation | Puppeteer/Chromium PDF per violation, downloadable immediately post-submit |
| 3 | Prior-points snapshot | `prior_active_points` captured at insert time for accurate historical PDFs |
| 4 | Company dashboard | Sortable employee table with live tier badges and at-risk flags |
| 4 | Stat cards | Summary counts: total, clean, active, at-risk, highest score |
| 4 | Tier crossing warning | Pre-submit alert when new points push employee to next tier |
| 4 | Employee profile modal | Full history, negate/restore, hard delete, per-record PDF download |
| 4 | Negate & restore | Soft-delete violations with resolution type + notes, fully reversible |
---
### 🔲 Proposed
#### Reporting & Analytics
- **Violation trends chart** — line/bar chart of violations per day/week/month, filterable by department or supervisor; useful for identifying systemic patterns vs. individual incidents
- **Department heat map** — grid view showing violation density and average CPAS score by department; helps supervisors identify team-level risk
- **Expiration timeline** — visual showing which active violations will roll off the 90-day window and when, so supervisors can anticipate tier drops
- **CSV / Excel export** — bulk export of violations or dashboard data for external reporting or payroll integration
#### Employee Management
- **Employee edit / merge** — ability to update employee name, department, or supervisor without losing history; merge duplicate records created by name typos
- **Supervisor view** — scoped dashboard showing only the employees under a given supervisor, useful for multi-supervisor environments
- **Employee notes / flags** — free-text notes attached to an employee record (e.g. "on PIP", "union member") visible in the profile modal without affecting scoring
#### Violation Workflow
- **Acknowledgment signature field** — a "received by employee" name/date field on the violation form that prints on the PDF, replacing the blank signature line
- **Draft / pending violations** — save a violation as draft before finalizing, useful when incidents need review before being officially logged
- **Violation amendment** — edit a submitted violation's details (not points) with an audit trail, rather than delete-and-resubmit
- **Bulk violation import** — CSV import for migrating historical records from paper logs or a prior system
#### Notifications & Escalation
- **Tier escalation alerts** — email or in-app notification when an employee crosses into Tier 2+ so the relevant supervisor is automatically informed
- **Scheduled summary digest** — weekly email to supervisors listing their employees' current standings and any approaching tier thresholds
- **At-risk threshold configuration** — make the "at-risk" warning threshold (currently hardcoded at 2 pts) configurable per deployment
#### Infrastructure & Ops
- **Multi-user auth** — simple login with role-based access (admin, supervisor, read-only); currently the app has no auth and is assumed to run on a trusted internal network
- **Audit log** — immutable log of all creates, negates, restores, and deletes with timestamp and acting user, stored separately from the violations table
- **Automated DB backup** — cron job or Docker health hook to snapshot `/data/cpas.db` to a mounted backup volume or remote location on a schedule
- **Dark/light theme toggle** — the UI is currently dark-only; a toggle would improve usability in bright environments
---
*Proposed features are suggestions based on common HR documentation workflows. Priority and implementation order should be driven by actual operational needs.*

BIN
client/public/static/mpm-logo.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 4.1 KiB

81
client/src/App.jsx
View File

@@ -1,56 +1,45 @@
import React, { useEffect, useState } from 'react'; import React, { useState } from 'react';
import ViolationForm from './components/ViolationForm'; import ViolationForm from './components/ViolationForm';
import Dashboard from './components/Dashboard';
const styles = { const tabs = [
body: { { id: 'dashboard', label: '📊 Dashboard' },
fontFamily: "'Segoe UI', Tahoma, Geneva, Verdana, sans-serif", { id: 'violation', label: '+ New Violation' },
background: 'linear-gradient(135deg, #667eea 0%, #764ba2 100%)', ];
minHeight: '100vh',
padding: '20px', const s = {
margin: 0, app: { minHeight: '100vh', background: '#050608', fontFamily: "'Segoe UI', Arial, sans-serif", color: '#f8f9fa' },
}, nav: { background: '#000000', padding: '0 40px', display: 'flex', alignItems: 'center', gap: 0, borderBottom: '1px solid #333' },
container: { logoWrap: { display: 'flex', alignItems: 'center', marginRight: '32px', padding: '14px 0' },
maxWidth: '1200px', logoImg: { height: '28px', marginRight: '10px' },
margin: '0 auto', logoText: { color: '#f8f9fa', fontWeight: 800, fontSize: '18px', letterSpacing: '0.5px' },
background: 'white', tab: (active) => ({
borderRadius: '12px', padding: '18px 22px',
boxShadow: '0 20px 60px rgba(0,0,0,0.3)', color: active ? '#f8f9fa' : 'rgba(248,249,250,0.6)',
overflow: 'hidden', borderBottom: active ? '3px solid #d4af37' : '3px solid transparent',
}, cursor: 'pointer', fontWeight: active ? 700 : 400, fontSize: '14px',
header: { background: 'none', border: 'none',
background: 'linear-gradient(135deg, #2c3e50 0%, #34495e 100%)', }),
color: 'white', card: { maxWidth: '1100px', margin: '30px auto', background: '#111217', borderRadius: '10px', boxShadow: '0 2px 16px rgba(0,0,0,0.6)', border: '1px solid #222' },
padding: '30px',
textAlign: 'center',
},
statusBar: {
fontSize: '11px',
color: '#aaa',
marginTop: '6px',
}
}; };
export default function App() { export default function App() {
const [apiStatus, setApiStatus] = useState('checking...'); const [tab, setTab] = useState('dashboard');
useEffect(() => {
fetch('/api/health')
.then(r => r.json())
.then(() => setApiStatus('● API connected'))
.catch(() => setApiStatus('⚠ API unreachable'));
}, []);
return ( return (
<div style={styles.body}> <div style={s.app}>
<div style={styles.container}> <nav style={s.nav}>
<div style={styles.header}> <div style={s.logoWrap}>
<h1 style={{ margin: 0, fontSize: '28px' }}>CPAS Violation Documentation System</h1> <img src="/static/mpm-logo.png" alt="MPM" style={s.logoImg} />
<p style={{ margin: '8px 0 0', fontSize: '14px', opacity: 0.9 }}> <div style={s.logoText}>CPAS Tracker</div>
Generate Individual Violation Records with Contextual Fields
</p>
<p style={styles.statusBar}>{apiStatus}</p>
</div> </div>
<ViolationForm /> {tabs.map(t => (
<button key={t.id} style={s.tab(tab === t.id)} onClick={() => setTab(t.id)}>
{t.label}
</button>
))}
</nav>
<div style={s.card}>
{tab === 'dashboard' ? <Dashboard /> : <ViolationForm />}
</div> </div>
</div> </div>
); );

205
client/src/components/AmendViolationModal.jsx Normal file
View File

@@ -0,0 +1,205 @@
import React, { useState, useEffect } from 'react';
import axios from 'axios';
const FIELD_LABELS = {
incident_time: 'Incident Time',
location: 'Location / Context',
details: 'Incident Notes',
submitted_by: 'Submitted By',
witness_name: 'Witness / Documenting Officer',
};
const s = {
overlay: {
position: 'fixed', inset: 0, background: 'rgba(0,0,0,0.8)',
zIndex: 2000, display: 'flex', alignItems: 'center', justifyContent: 'center',
},
modal: {
background: '#111217', color: '#f8f9fa', width: '520px', maxWidth: '95vw',
maxHeight: '90vh', overflowY: 'auto',
borderRadius: '10px', boxShadow: '0 8px 40px rgba(0,0,0,0.8)',
border: '1px solid #222',
},
header: {
background: 'linear-gradient(135deg, #000000, #151622)', color: 'white',
padding: '18px 22px', display: 'flex', alignItems: 'center', justifyContent: 'space-between',
borderBottom: '1px solid #222', position: 'sticky', top: 0, zIndex: 10,
},
headerLeft: {},
title: { fontSize: '15px', fontWeight: 700 },
subtitle: { fontSize: '11px', color: '#9ca0b8', marginTop: '2px' },
closeBtn: {
background: 'none', border: 'none', color: 'white', fontSize: '20px',
cursor: 'pointer', lineHeight: 1,
},
body: { padding: '22px' },
notice: {
background: '#0e1a30', border: '1px solid #1e3a5f', borderRadius: '6px',
padding: '10px 14px', fontSize: '12px', color: '#7eb8f7', marginBottom: '18px',
},
label: { fontSize: '11px', color: '#9ca0b8', textTransform: 'uppercase', letterSpacing: '0.5px', marginBottom: '5px' },
input: {
width: '100%', background: '#0d0e14', border: '1px solid #2a2b3a', borderRadius: '6px',
color: '#f8f9fa', padding: '9px 12px', fontSize: '13px', marginBottom: '14px',
outline: 'none', boxSizing: 'border-box',
},
textarea: {
width: '100%', background: '#0d0e14', border: '1px solid #2a2b3a', borderRadius: '6px',
color: '#f8f9fa', padding: '9px 12px', fontSize: '13px', marginBottom: '14px',
outline: 'none', boxSizing: 'border-box', minHeight: '80px', resize: 'vertical',
},
divider: { borderTop: '1px solid #1c1d29', margin: '16px 0' },
sectionTitle: {
fontSize: '11px', fontWeight: 700, color: '#9ca0b8', textTransform: 'uppercase',
letterSpacing: '0.5px', marginBottom: '12px',
},
amendRow: {
background: '#0d0e14', border: '1px solid #1c1d29', borderRadius: '6px',
padding: '10px 12px', marginBottom: '8px', fontSize: '12px',
},
amendField: { fontWeight: 700, color: '#c0c2d6', marginBottom: '4px' },
amendOld: { color: '#ff7070', textDecoration: 'line-through', marginRight: '6px' },
amendNew: { color: '#9ef7c1' },
amendMeta: { fontSize: '10px', color: '#555a7a', marginTop: '4px' },
row: { display: 'flex', gap: '10px', justifyContent: 'flex-end', marginTop: '6px' },
btn: (color, bg) => ({
padding: '8px 18px', borderRadius: '6px', fontWeight: 700, fontSize: '13px',
cursor: 'pointer', border: `1px solid ${color}`, color, background: bg || 'none',
}),
error: {
background: '#3c1114', border: '1px solid #f5c6cb', borderRadius: '6px',
padding: '10px 12px', fontSize: '12px', color: '#ffb3b8', marginBottom: '14px',
},
};
function fmtDt(iso) {
if (!iso) return '—';
return new Date(iso).toLocaleString('en-US', { timeZone: 'America/Chicago', dateStyle: 'medium', timeStyle: 'short' });
}
export default function AmendViolationModal({ violation, onClose, onSaved }) {
const [fields, setFields] = useState({
incident_time: violation.incident_time || '',
location: violation.location || '',
details: violation.details || '',
submitted_by: violation.submitted_by || '',
witness_name: violation.witness_name || '',
});
const [changedBy, setChangedBy] = useState('');
const [saving, setSaving] = useState(false);
const [error, setError] = useState('');
const [amendments, setAmendments] = useState([]);
useEffect(() => {
axios.get(`/api/violations/${violation.id}/amendments`)
.then(r => setAmendments(r.data))
.catch(() => {});
}, [violation.id]);
const hasChanges = Object.entries(fields).some(
([k, v]) => v !== (violation[k] || '')
);
const handleSave = async () => {
setError('');
setSaving(true);
try {
// Only send fields that actually changed
const patch = Object.fromEntries(
Object.entries(fields).filter(([k, v]) => v !== (violation[k] || ''))
);
await axios.patch(`/api/violations/${violation.id}/amend`, { ...patch, changed_by: changedBy || null });
onSaved();
onClose();
} catch (e) {
setError(e.response?.data?.error || 'Failed to save amendment');
} finally {
setSaving(false);
}
};
const set = (field, value) => setFields(prev => ({ ...prev, [field]: value }));
return (
<div style={s.overlay} onClick={e => e.target === e.currentTarget && onClose()}>
<div style={s.modal}>
<div style={s.header}>
<div style={s.headerLeft}>
<div style={s.title}>Amend Violation</div>
<div style={s.subtitle}>
CPAS-{String(violation.id).padStart(5, '0')} · {violation.violation_name} · {violation.incident_date}
</div>
</div>
<button style={s.closeBtn} onClick={onClose}></button>
</div>
<div style={s.body}>
<div style={s.notice}>
Only non-scoring fields can be amended. Point values, violation type, and incident date
are immutable delete and re-submit if those need to change.
</div>
{error && <div style={s.error}>{error}</div>}
{Object.entries(FIELD_LABELS).map(([field, label]) => (
<div key={field}>
<div style={s.label}>{label}</div>
{field === 'details' ? (
<textarea
style={s.textarea}
value={fields[field]}
onChange={e => set(field, e.target.value)}
/>
) : (
<input
style={s.input}
value={fields[field]}
onChange={e => set(field, e.target.value)}
/>
)}
</div>
))}
<div style={s.label}>Your Name (recorded in amendment log)</div>
<input
style={s.input}
value={changedBy}
onChange={e => setChangedBy(e.target.value)}
placeholder="Optional but recommended"
/>
<div style={s.row}>
<button style={s.btn('#888')} onClick={onClose}>Cancel</button>
<button
style={s.btn('#fff', hasChanges ? '#667eea' : '#333')}
onClick={handleSave}
disabled={!hasChanges || saving}
>
{saving ? 'Saving…' : 'Save Amendment'}
</button>
</div>
{amendments.length > 0 && (
<>
<div style={s.divider} />
<div style={s.sectionTitle}>Amendment History ({amendments.length})</div>
{amendments.map(a => (
<div key={a.id} style={s.amendRow}>
<div style={s.amendField}>{FIELD_LABELS[a.field_name] || a.field_name}</div>
<div>
<span style={s.amendOld}>{a.old_value || '(empty)'}</span>
<span style={{ color: '#555', marginRight: '6px' }}></span>
<span style={s.amendNew}>{a.new_value || '(empty)'}</span>
</div>
<div style={s.amendMeta}>
{a.changed_by ? `by ${a.changed_by} · ` : ''}{fmtDt(a.created_at)}
</div>
</div>
))}
</>
)}
</div>
</div>
</div>
);
}

200
client/src/components/AuditLog.jsx Normal file
View File

@@ -0,0 +1,200 @@
import React, { useState, useEffect, useCallback } from 'react';
import axios from 'axios';
const ACTION_COLORS = {
employee_created: '#667eea',
employee_edited: '#9b8af8',
employee_merged: '#f0a500',
violation_created: '#28a745',
violation_amended: '#4db6ac',
violation_negated: '#ffc107',
violation_restored:'#17a2b8',
violation_deleted: '#dc3545',
};
const ACTION_LABELS = {
employee_created: 'Employee Created',
employee_edited: 'Employee Edited',
employee_merged: 'Employee Merged',
violation_created: 'Violation Logged',
violation_amended: 'Violation Amended',
violation_negated: 'Violation Negated',
violation_restored:'Violation Restored',
violation_deleted: 'Violation Deleted',
};
const ENTITY_LABELS = {
employee: 'Employee',
violation: 'Violation',
};
const s = {
overlay: {
position: 'fixed', inset: 0, background: 'rgba(0,0,0,0.75)',
zIndex: 1000, display: 'flex', alignItems: 'flex-start', justifyContent: 'flex-end',
},
panel: {
background: '#111217', color: '#f8f9fa', width: '680px', maxWidth: '95vw',
height: '100vh', overflowY: 'auto', boxShadow: '-4px 0 24px rgba(0,0,0,0.7)',
display: 'flex', flexDirection: 'column',
},
header: {
background: 'linear-gradient(135deg, #000000, #151622)', color: 'white',
padding: '22px 26px', position: 'sticky', top: 0, zIndex: 10,
borderBottom: '1px solid #222',
},
headerRow: { display: 'flex', alignItems: 'center', justifyContent: 'space-between' },
title: { fontSize: '17px', fontWeight: 700 },
subtitle: { fontSize: '12px', color: '#9ca0b8', marginTop: '3px' },
closeBtn: {
background: 'none', border: 'none', color: 'white', fontSize: '22px',
cursor: 'pointer', lineHeight: 1,
},
filters: {
padding: '14px 26px', borderBottom: '1px solid #1c1d29',
display: 'flex', gap: '10px', flexWrap: 'wrap',
},
select: {
background: '#0d0e14', border: '1px solid #2a2b3a', borderRadius: '6px',
color: '#f8f9fa', padding: '7px 12px', fontSize: '12px', outline: 'none',
},
body: { padding: '16px 26px', flex: 1 },
entry: {
borderBottom: '1px solid #1c1d29', padding: '12px 0',
display: 'flex', gap: '12px', alignItems: 'flex-start',
},
dot: (action) => ({
width: '8px', height: '8px', borderRadius: '50%', marginTop: '5px', flexShrink: 0,
background: ACTION_COLORS[action] || '#555',
}),
entryMain: { flex: 1, minWidth: 0 },
actionBadge: (action) => ({
display: 'inline-block', padding: '2px 8px', borderRadius: '10px',
fontSize: '10px', fontWeight: 700, letterSpacing: '0.3px', marginRight: '6px',
background: (ACTION_COLORS[action] || '#555') + '22',
color: ACTION_COLORS[action] || '#aaa',
border: `1px solid ${(ACTION_COLORS[action] || '#555')}44`,
}),
entityRef: { fontSize: '11px', color: '#9ca0b8' },
details: { fontSize: '11px', color: '#667', marginTop: '4px', fontFamily: 'monospace', wordBreak: 'break-all' },
meta: { fontSize: '10px', color: '#555a7a', marginTop: '4px' },
empty: { textAlign: 'center', color: '#555a7a', padding: '60px 0', fontSize: '13px' },
loadMore: {
width: '100%', background: 'none', border: '1px solid #2a2b3a', borderRadius: '6px',
color: '#9ca0b8', padding: '10px', cursor: 'pointer', fontSize: '12px', marginTop: '16px',
},
};
function fmtDt(iso) {
if (!iso) return '—';
return new Date(iso).toLocaleString('en-US', {
timeZone: 'America/Chicago', dateStyle: 'medium', timeStyle: 'short',
});
}
function renderDetails(detailsStr) {
if (!detailsStr) return null;
try {
const obj = JSON.parse(detailsStr);
return JSON.stringify(obj, null, 0)
.replace(/^\{/, '').replace(/\}$/, '').replace(/","/g, ' ');
} catch {
return detailsStr;
}
}
export default function AuditLog({ onClose }) {
const [entries, setEntries] = useState([]);
const [loading, setLoading] = useState(true);
const [offset, setOffset] = useState(0);
const [hasMore, setHasMore] = useState(false);
const [filterType, setFilterType] = useState('');
const [filterAction, setFilterAction] = useState('');
const LIMIT = 50;
const load = useCallback((reset = false) => {
setLoading(true);
const o = reset ? 0 : offset;
const params = { limit: LIMIT, offset: o };
if (filterType) params.entity_type = filterType;
if (filterAction) params.action = filterAction; // future: server-side action filter
axios.get('/api/audit', { params })
.then(r => {
const data = r.data;
// Client-side action filter (cheap enough at this scale)
const filtered = filterAction ? data.filter(e => e.action === filterAction) : data;
setEntries(prev => reset ? filtered : [...prev, ...filtered]);
setHasMore(data.length === LIMIT);
setOffset(o + LIMIT);
})
.finally(() => setLoading(false));
}, [offset, filterType, filterAction]);
useEffect(() => { load(true); }, [filterType, filterAction]); // eslint-disable-line
const handleOverlay = e => { if (e.target === e.currentTarget) onClose(); };
return (
<div style={s.overlay} onClick={handleOverlay}>
<div style={s.panel} onClick={e => e.stopPropagation()}>
<div style={s.header}>
<div style={s.headerRow}>
<div>
<div style={s.title}>Audit Log</div>
<div style={s.subtitle}>All system write actions append-only</div>
</div>
<button style={s.closeBtn} onClick={onClose}></button>
</div>
</div>
<div style={s.filters}>
<select style={s.select} value={filterType} onChange={e => { setFilterType(e.target.value); setOffset(0); }}>
<option value="">All entity types</option>
{Object.entries(ENTITY_LABELS).map(([v, l]) => <option key={v} value={v}>{l}</option>)}
</select>
<select style={s.select} value={filterAction} onChange={e => { setFilterAction(e.target.value); setOffset(0); }}>
<option value="">All actions</option>
{Object.entries(ACTION_LABELS).map(([v, l]) => <option key={v} value={v}>{l}</option>)}
</select>
</div>
<div style={s.body}>
{loading && entries.length === 0 ? (
<div style={s.empty}>Loading</div>
) : entries.length === 0 ? (
<div style={s.empty}>No audit entries found.</div>
) : (
entries.map(e => (
<div key={e.id} style={s.entry}>
<div style={s.dot(e.action)} />
<div style={s.entryMain}>
<div>
<span style={s.actionBadge(e.action)}>
{ACTION_LABELS[e.action] || e.action}
</span>
<span style={s.entityRef}>
{ENTITY_LABELS[e.entity_type] || e.entity_type}
{e.entity_id ? ` #${e.entity_id}` : ''}
</span>
</div>
{e.details && (
<div style={s.details}>{renderDetails(e.details)}</div>
)}
<div style={s.meta}>
{e.performed_by ? `by ${e.performed_by} · ` : ''}{fmtDt(e.created_at)}
</div>
</div>
</div>
))
)}
{hasMore && (
<button style={s.loadMore} onClick={() => load(false)}>
Load more
</button>
)}
</div>
</div>
</div>
);
}

193
client/src/components/Dashboard.jsx Executable file
View File

@@ -0,0 +1,193 @@
import React, { useState, useEffect, useCallback } from 'react';
import axios from 'axios';
import CpasBadge, { getTier } from './CpasBadge';
import EmployeeModal from './EmployeeModal';
import AuditLog from './AuditLog';
const AT_RISK_THRESHOLD = 2;
const TIERS = [
{ min: 0, max: 4 },
{ min: 5, max: 9 },
{ min: 10, max: 14 },
{ min: 15, max: 19 },
{ min: 20, max: 24 },
{ min: 25, max: 29 },
{ min: 30, max: 999 },
];
function nextTierBoundary(points) {
for (const t of TIERS) {
if (points >= t.min && points <= t.max && t.max < 999) return t.max + 1;
}
return null;
}
function isAtRisk(points) {
const boundary = nextTierBoundary(points);
return boundary !== null && (boundary - points) <= AT_RISK_THRESHOLD;
}
const s = {
wrap: { padding: '32px 40px', color: '#f8f9fa' },
header: { display: 'flex', justifyContent: 'space-between', alignItems: 'center', marginBottom: '24px', flexWrap: 'wrap', gap: '12px' },
title: { fontSize: '24px', fontWeight: 700, color: '#f8f9fa' },
subtitle: { fontSize: '13px', color: '#b5b5c0', marginTop: '3px' },
statsRow: { display: 'flex', gap: '16px', flexWrap: 'wrap', marginBottom: '28px' },
statCard: { flex: '1', minWidth: '140px', background: '#181924', border: '1px solid #30313f', borderRadius: '8px', padding: '16px', textAlign: 'center' },
statNum: { fontSize: '28px', fontWeight: 800, color: '#f8f9fa' },
statLbl: { fontSize: '11px', color: '#b5b5c0', marginTop: '4px' },
search: { padding: '10px 14px', border: '1px solid #333544', borderRadius: '6px', fontSize: '14px', width: '260px', background: '#050608', color: '#f8f9fa' },
table: { width: '100%', borderCollapse: 'collapse', background: '#111217', borderRadius: '8px', overflow: 'hidden', boxShadow: '0 1px 8px rgba(0,0,0,0.6)', border: '1px solid #222' },
th: { background: '#000000', color: '#f8f9fa', padding: '10px 14px', textAlign: 'left', fontSize: '12px', fontWeight: 600, textTransform: 'uppercase', letterSpacing: '0.5px' },
td: { padding: '11px 14px', borderBottom: '1px solid #1c1d29', fontSize: '13px', verticalAlign: 'middle', color: '#f8f9fa' },
nameBtn: { background: 'none', border: 'none', cursor: 'pointer', fontWeight: 600, color: '#d4af37', fontSize: '14px', padding: 0, textDecoration: 'underline dotted' },
atRiskBadge: { display: 'inline-block', marginLeft: '8px', padding: '2px 8px', borderRadius: '10px', fontSize: '10px', fontWeight: 700, background: '#3b2e00', color: '#ffd666', border: '1px solid #d4af37', verticalAlign: 'middle' },
zeroRow: { color: '#77798a', fontStyle: 'italic', fontSize: '12px' },
toolbarRight: { display: 'flex', gap: '10px', alignItems: 'center' },
refreshBtn: { padding: '9px 18px', background: '#d4af37', color: '#000', border: 'none', borderRadius: '6px', cursor: 'pointer', fontWeight: 600, fontSize: '13px' },
auditBtn: { padding: '9px 18px', background: 'none', color: '#9ca0b8', border: '1px solid #2a2b3a', borderRadius: '6px', cursor: 'pointer', fontWeight: 600, fontSize: '13px' },
};
export default function Dashboard() {
const [employees, setEmployees] = useState([]);
const [filtered, setFiltered] = useState([]);
const [search, setSearch] = useState('');
const [selectedId, setSelectedId] = useState(null);
const [showAudit, setShowAudit] = useState(false);
const [loading, setLoading] = useState(true);
const load = useCallback(() => {
setLoading(true);
axios.get('/api/dashboard')
.then(r => { setEmployees(r.data); setFiltered(r.data); })
.finally(() => setLoading(false));
}, []);
useEffect(() => { load(); }, [load]);
useEffect(() => {
const q = search.toLowerCase();
setFiltered(employees.filter(e =>
e.name.toLowerCase().includes(q) ||
(e.department || '').toLowerCase().includes(q) ||
(e.supervisor || '').toLowerCase().includes(q)
));
}, [search, employees]);
const atRiskCount = employees.filter(e => isAtRisk(e.active_points)).length;
const activeCount = employees.filter(e => e.active_points > 0).length;
const cleanCount = employees.filter(e => e.active_points === 0).length;
const maxPoints = employees.reduce((m, e) => Math.max(m, e.active_points), 0);
return (
<>
<div style={s.wrap}>
<div style={s.header}>
<div>
<div style={s.title}>Company Dashboard</div>
<div style={s.subtitle}>Click any employee name to view their full profile</div>
</div>
<div style={s.toolbarRight}>
<input
style={s.search}
placeholder="Search name, dept, supervisor…"
value={search}
onChange={e => setSearch(e.target.value)}
/>
<button style={s.auditBtn} onClick={() => setShowAudit(true)}>📋 Audit Log</button>
<button style={s.refreshBtn} onClick={load}> Refresh</button>
</div>
</div>
<div style={s.statsRow}>
<div style={s.statCard}>
<div style={s.statNum}>{employees.length}</div>
<div style={s.statLbl}>Total Employees</div>
</div>
<div style={{ ...s.statCard, borderTop: '3px solid #28a745' }}>
<div style={{ ...s.statNum, color: '#6ee7b7' }}>{cleanCount}</div>
<div style={s.statLbl}>Elite Standing (0 pts)</div>
</div>
<div style={{ ...s.statCard, borderTop: '3px solid #d4af37' }}>
<div style={{ ...s.statNum, color: '#ffd666' }}>{activeCount}</div>
<div style={s.statLbl}>With Active Points</div>
</div>
<div style={{ ...s.statCard, borderTop: '3px solid #ffb020' }}>
<div style={{ ...s.statNum, color: '#ffdf8a' }}>{atRiskCount}</div>
<div style={s.statLbl}>At Risk ({AT_RISK_THRESHOLD} pts to next tier)</div>
</div>
<div style={{ ...s.statCard, borderTop: '3px solid #c0392b' }}>
<div style={{ ...s.statNum, color: '#ff8a80' }}>{maxPoints}</div>
<div style={s.statLbl}>Highest Active Score</div>
</div>
</div>
{loading ? (
<p style={{ color: '#77798a', textAlign: 'center', padding: '40px' }}>Loading</p>
) : (
<table style={s.table}>
<thead>
<tr>
<th style={s.th}>#</th>
<th style={s.th}>Employee</th>
<th style={s.th}>Department</th>
<th style={s.th}>Supervisor</th>
<th style={s.th}>Tier / Standing</th>
<th style={s.th}>Active Points</th>
<th style={s.th}>90-Day Violations</th>
</tr>
</thead>
<tbody>
{filtered.length === 0 && (
<tr>
<td colSpan={7} style={{ ...s.td, textAlign: 'center', ...s.zeroRow }}>
No employees found.
</td>
</tr>
)}
{filtered.map((emp, i) => {
const risk = isAtRisk(emp.active_points);
const tier = getTier(emp.active_points);
const boundary = nextTierBoundary(emp.active_points);
return (
<tr
key={emp.id}
style={{ background: risk ? '#181200' : i % 2 === 0 ? '#111217' : '#151622' }}
>
<td style={{ ...s.td, color: '#77798a', fontSize: '12px' }}>{i + 1}</td>
<td style={s.td}>
<button style={s.nameBtn} onClick={() => setSelectedId(emp.id)}>
{emp.name}
</button>
{risk && (
<span style={s.atRiskBadge}>
{boundary - emp.active_points} pt{boundary - emp.active_points > 1 ? 's' : ''} to {getTier(boundary).label.split('—')[0].trim()}
</span>
)}
</td>
<td style={{ ...s.td, color: '#c0c2d6' }}>{emp.department || '—'}</td>
<td style={{ ...s.td, color: '#c0c2d6' }}>{emp.supervisor || '—'}</td>
<td style={s.td}><CpasBadge points={emp.active_points} /></td>
<td style={{ ...s.td, fontWeight: 700, color: tier.color, fontSize: '16px' }}>
{emp.active_points}
</td>
<td style={{ ...s.td, color: '#c0c2d6' }}>{emp.violation_count}</td>
</tr>
);
})}
</tbody>
</table>
)}
</div>
{selectedId && (
<EmployeeModal
employeeId={selectedId}
onClose={() => { setSelectedId(null); load(); }}
/>
)}
{showAudit && <AuditLog onClose={() => setShowAudit(false)} />}
</>
);
}

189
client/src/components/EditEmployeeModal.jsx Normal file
View File

@@ -0,0 +1,189 @@
import React, { useState, useEffect } from 'react';
import axios from 'axios';
const s = {
overlay: {
position: 'fixed', inset: 0, background: 'rgba(0,0,0,0.8)',
zIndex: 2000, display: 'flex', alignItems: 'center', justifyContent: 'center',
},
modal: {
background: '#111217', color: '#f8f9fa', width: '480px', maxWidth: '95vw',
borderRadius: '10px', boxShadow: '0 8px 40px rgba(0,0,0,0.8)',
border: '1px solid #222', overflow: 'hidden',
},
header: {
background: 'linear-gradient(135deg, #000000, #151622)', color: 'white',
padding: '18px 22px', display: 'flex', alignItems: 'center', justifyContent: 'space-between',
borderBottom: '1px solid #222',
},
title: { fontSize: '15px', fontWeight: 700 },
closeBtn: {
background: 'none', border: 'none', color: 'white', fontSize: '20px',
cursor: 'pointer', lineHeight: 1,
},
body: { padding: '22px' },
tabs: { display: 'flex', gap: '4px', marginBottom: '20px' },
tab: (active) => ({
flex: 1, padding: '8px', borderRadius: '6px', cursor: 'pointer', fontSize: '12px',
fontWeight: 700, textAlign: 'center', border: '1px solid',
background: active ? '#1a1c2e' : 'none',
borderColor: active ? '#667eea' : '#2a2b3a',
color: active ? '#667eea' : '#777',
}),
label: { fontSize: '11px', color: '#9ca0b8', textTransform: 'uppercase', letterSpacing: '0.5px', marginBottom: '5px' },
input: {
width: '100%', background: '#0d0e14', border: '1px solid #2a2b3a', borderRadius: '6px',
color: '#f8f9fa', padding: '9px 12px', fontSize: '13px', marginBottom: '14px',
outline: 'none', boxSizing: 'border-box',
},
select: {
width: '100%', background: '#0d0e14', border: '1px solid #2a2b3a', borderRadius: '6px',
color: '#f8f9fa', padding: '9px 12px', fontSize: '13px', marginBottom: '14px',
outline: 'none', boxSizing: 'border-box',
},
row: { display: 'flex', gap: '10px', justifyContent: 'flex-end', marginTop: '6px' },
btn: (color, bg) => ({
padding: '8px 18px', borderRadius: '6px', fontWeight: 700, fontSize: '13px',
cursor: 'pointer', border: `1px solid ${color}`, color, background: bg || 'none',
}),
error: {
background: '#3c1114', border: '1px solid #f5c6cb', borderRadius: '6px',
padding: '10px 12px', fontSize: '12px', color: '#ffb3b8', marginBottom: '14px',
},
success: {
background: '#0a2e1f', border: '1px solid #0f5132', borderRadius: '6px',
padding: '10px 12px', fontSize: '12px', color: '#9ef7c1', marginBottom: '14px',
},
mergeWarning: {
background: '#2a1f00', border: '1px solid #7a5000', borderRadius: '6px',
padding: '12px', fontSize: '12px', color: '#ffc107', marginBottom: '14px', lineHeight: 1.5,
},
};
export default function EditEmployeeModal({ employee, onClose, onSaved }) {
const [tab, setTab] = useState('edit');
// Edit state
const [name, setName] = useState(employee.name);
const [department, setDepartment] = useState(employee.department || '');
const [supervisor, setSupervisor] = useState(employee.supervisor || '');
const [editError, setEditError] = useState('');
const [editSaving, setEditSaving] = useState(false);
// Merge state
const [allEmployees, setAllEmployees] = useState([]);
const [sourceId, setSourceId] = useState('');
const [mergeError, setMergeError] = useState('');
const [mergeResult, setMergeResult] = useState(null);
const [merging, setMerging] = useState(false);
useEffect(() => {
if (tab === 'merge') {
axios.get('/api/employees').then(r => setAllEmployees(r.data));
}
}, [tab]);
const handleEdit = async () => {
setEditError('');
setEditSaving(true);
try {
await axios.patch(`/api/employees/${employee.id}`, { name, department, supervisor });
onSaved();
onClose();
} catch (e) {
setEditError(e.response?.data?.error || 'Failed to save changes');
} finally {
setEditSaving(false);
}
};
const handleMerge = async () => {
if (!sourceId) return setMergeError('Select an employee to merge in');
setMergeError('');
setMerging(true);
try {
const r = await axios.post(`/api/employees/${employee.id}/merge`, { source_id: parseInt(sourceId) });
setMergeResult(r.data);
onSaved(); // refresh dashboard / parent list
} catch (e) {
setMergeError(e.response?.data?.error || 'Merge failed');
} finally {
setMerging(false);
}
};
const otherEmployees = allEmployees.filter(e => e.id !== employee.id);
return (
<div style={s.overlay} onClick={e => e.target === e.currentTarget && onClose()}>
<div style={s.modal}>
<div style={s.header}>
<div style={s.title}>Edit Employee</div>
<button style={s.closeBtn} onClick={onClose}></button>
</div>
<div style={s.body}>
<div style={s.tabs}>
<button style={s.tab(tab === 'edit')} onClick={() => setTab('edit')}>Edit Details</button>
<button style={s.tab(tab === 'merge')} onClick={() => setTab('merge')}>Merge Duplicate</button>
</div>
{tab === 'edit' && (
<>
{editError && <div style={s.error}>{editError}</div>}
<div style={s.label}>Full Name</div>
<input style={s.input} value={name} onChange={e => setName(e.target.value)} />
<div style={s.label}>Department</div>
<input style={s.input} value={department} onChange={e => setDepartment(e.target.value)} placeholder="Optional" />
<div style={s.label}>Supervisor</div>
<input style={s.input} value={supervisor} onChange={e => setSupervisor(e.target.value)} placeholder="Optional" />
<div style={s.row}>
<button style={s.btn('#888')} onClick={onClose}>Cancel</button>
<button style={s.btn('#fff', '#667eea')} onClick={handleEdit} disabled={editSaving}>
{editSaving ? 'Saving…' : 'Save Changes'}
</button>
</div>
</>
)}
{tab === 'merge' && (
<>
{mergeResult ? (
<div style={s.success}>
Merge complete {mergeResult.violations_reassigned} violation{mergeResult.violations_reassigned !== 1 ? 's' : ''} reassigned
to <strong>{employee.name}</strong>. The duplicate record has been removed.
</div>
) : (
<>
<div style={s.mergeWarning}>
This will reassign <strong>all violations</strong> from the selected employee into{' '}
<strong>{employee.name}</strong>, then permanently delete the duplicate record.
This cannot be undone.
</div>
{mergeError && <div style={s.error}>{mergeError}</div>}
<div style={s.label}>Duplicate to merge into {employee.name}</div>
<select style={s.select} value={sourceId} onChange={e => setSourceId(e.target.value)}>
<option value=""> select employee </option>
{otherEmployees.map(e => (
<option key={e.id} value={e.id}>{e.name}{e.department ? ` (${e.department})` : ''}</option>
))}
</select>
<div style={s.row}>
<button style={s.btn('#888')} onClick={onClose}>Cancel</button>
<button style={s.btn('#fff', '#c0392b')} onClick={handleMerge} disabled={merging || !sourceId}>
{merging ? 'Merging…' : 'Merge & Delete Duplicate'}
</button>
</div>
</>
)}
{mergeResult && (
<div style={s.row}>
<button style={s.btn('#fff', '#667eea')} onClick={onClose}>Done</button>
</div>
)}
</>
)}
</div>
</div>
</div>
);
}

401
client/src/components/EmployeeModal.jsx Executable file
View File

@@ -0,0 +1,401 @@
import React, { useState, useEffect, useCallback } from 'react';
import axios from 'axios';
import CpasBadge, { getTier } from './CpasBadge';
import NegateModal from './NegateModal';
import EditEmployeeModal from './EditEmployeeModal';
import AmendViolationModal from './AmendViolationModal';
const s = {
overlay: {
position: 'fixed', inset: 0, background: 'rgba(0,0,0,0.75)',
zIndex: 1000, display: 'flex', alignItems: 'flex-start', justifyContent: 'flex-end',
},
panel: {
background: '#111217', color: '#f8f9fa', width: '680px', maxWidth: '95vw',
height: '100vh', overflowY: 'auto', boxShadow: '-4px 0 24px rgba(0,0,0,0.7)',
display: 'flex', flexDirection: 'column',
},
header: {
background: 'linear-gradient(135deg, #000000, #151622)', color: 'white',
padding: '24px 28px', position: 'sticky', top: 0, zIndex: 10,
borderBottom: '1px solid #222',
},
headerRow: { display: 'flex', alignItems: 'flex-start', justifyContent: 'space-between' },
closeBtn: {
float: 'right', background: 'none', border: 'none', color: 'white',
fontSize: '22px', cursor: 'pointer', lineHeight: 1, marginTop: '-2px',
},
editEmpBtn: {
background: 'none', border: '1px solid #555', color: '#ccc', borderRadius: '5px',
padding: '4px 10px', fontSize: '11px', cursor: 'pointer', marginTop: '8px', fontWeight: 600,
},
body: { padding: '24px 28px', flex: 1 },
scoreRow: { display: 'flex', gap: '12px', flexWrap: 'wrap', marginBottom: '24px' },
scoreCard: {
flex: '1', minWidth: '100px', background: '#181924', borderRadius: '8px',
padding: '14px', textAlign: 'center', border: '1px solid #2a2b3a',
},
scoreNum: { fontSize: '26px', fontWeight: 800 },
scoreLbl: { fontSize: '11px', color: '#b5b5c0', marginTop: '3px' },
sectionHd: {
fontSize: '13px', fontWeight: 700, color: '#f8f9fa', textTransform: 'uppercase',
letterSpacing: '0.5px', marginBottom: '10px', marginTop: '24px',
},
table: {
width: '100%', borderCollapse: 'collapse', fontSize: '12px', background: '#181924',
borderRadius: '6px', overflow: 'hidden', border: '1px solid #2a2b3a',
},
th: {
background: '#050608', padding: '8px 10px', textAlign: 'left', color: '#f8f9fa',
fontWeight: 600, fontSize: '11px', textTransform: 'uppercase',
},
td: {
padding: '9px 10px', borderBottom: '1px solid #202231',
verticalAlign: 'top', color: '#f8f9fa',
},
negatedRow: { background: '#151622', color: '#9ca0b8' },
actionBtn: (color) => ({
background: 'none', border: `1px solid ${color}`, color,
borderRadius: '4px', padding: '3px 8px', fontSize: '11px',
cursor: 'pointer', marginRight: '4px', fontWeight: 600,
}),
resTag: {
display: 'inline-block', padding: '2px 8px', borderRadius: '10px',
fontSize: '10px', fontWeight: 700, background: '#053321',
color: '#9ef7c1', border: '1px solid #0f5132',
},
pdfBtn: {
background: 'none', border: '1px solid #d4af37', color: '#ffd666',
borderRadius: '4px', padding: '3px 8px', fontSize: '11px',
cursor: 'pointer', fontWeight: 600,
},
amendBtn: {
background: 'none', border: '1px solid #4db6ac', color: '#4db6ac',
borderRadius: '4px', padding: '3px 8px', fontSize: '11px',
cursor: 'pointer', marginRight: '4px', fontWeight: 600,
},
deleteConfirm: {
background: '#3c1114', border: '1px solid #f5c6cb', borderRadius: '6px',
padding: '12px', marginTop: '8px', fontSize: '12px', color: '#ffb3b8',
},
amendBadge: {
display: 'inline-block', marginLeft: '4px', padding: '1px 5px', borderRadius: '8px',
fontSize: '9px', fontWeight: 700, background: '#0e2a2a', color: '#4db6ac',
border: '1px solid #1a4a4a', verticalAlign: 'middle',
},
};
export default function EmployeeModal({ employeeId, onClose }) {
const [employee, setEmployee] = useState(null);
const [score, setScore] = useState(null);
const [violations, setViolations] = useState([]);
const [loading, setLoading] = useState(true);
const [negating, setNegating] = useState(null);
const [confirmDel, setConfirmDel] = useState(null);
const [editingEmp, setEditingEmp] = useState(false);
const [amending, setAmending] = useState(null); // violation object
const load = useCallback(() => {
setLoading(true);
Promise.all([
axios.get('/api/employees'),
axios.get(`/api/employees/${employeeId}/score`),
axios.get(`/api/violations/employee/${employeeId}?limit=100`),
])
.then(([empRes, scoreRes, violRes]) => {
const emp = empRes.data.find((e) => e.id === employeeId);
setEmployee(emp || null);
setScore(scoreRes.data);
setViolations(violRes.data);
})
.finally(() => setLoading(false));
}, [employeeId]);
useEffect(() => { load(); }, [load]);
const handleDownloadPdf = async (violId, empName, date) => {
const response = await axios.get(`/api/violations/${violId}/pdf`, { responseType: 'blob' });
const url = window.URL.createObjectURL(new Blob([response.data], { type: 'application/pdf' }));
const link = document.createElement('a');
link.href = url;
link.download = `CPAS_${(empName || '').replace(/[^a-z0-9]/gi, '_')}_${date}.pdf`;
document.body.appendChild(link);
link.click();
link.remove();
window.URL.revokeObjectURL(url);
};
const handleHardDelete = async (id) => {
await axios.delete(`/api/violations/${id}`);
setConfirmDel(null);
load();
};
const handleRestore = async (id) => {
await axios.patch(`/api/violations/${id}/restore`);
setConfirmDel(null);
load();
};
const handleNegate = async ({ resolution_type, details, resolved_by }) => {
await axios.patch(`/api/violations/${negating.id}/negate`, { resolution_type, details, resolved_by });
setNegating(null);
setConfirmDel(null);
load();
};
const tier = score ? getTier(score.active_points) : null;
const active = violations.filter((v) => !v.negated);
const negated = violations.filter((v) => v.negated);
const handleOverlayClick = (e) => { if (e.target === e.currentTarget) onClose(); };
return (
<div style={s.overlay} onClick={handleOverlayClick}>
<div style={s.panel} onClick={(e) => e.stopPropagation()}>
{/* ── Header ── */}
<div style={s.header}>
<div style={s.headerRow}>
<div>
<div style={{ fontSize: '18px', fontWeight: 700 }}>
{employee ? employee.name : 'Employee'}
</div>
{employee && (
<div style={{ fontSize: '12px', color: '#b5b5c0', marginTop: '4px' }}>
{employee.department} {employee.supervisor && `· Supervisor: ${employee.supervisor}`}
</div>
)}
{employee && (
<button style={s.editEmpBtn} onClick={() => setEditingEmp(true)}>
Edit Employee
</button>
)}
</div>
<button style={s.closeBtn} onClick={onClose}></button>
</div>
</div>
{/* ── Body ── */}
<div style={s.body}>
{loading ? (
<div style={{ padding: '40px', textAlign: 'center', color: '#b5b5c0' }}>Loading</div>
) : (
<>
{/* Score Cards */}
{score && (
<div style={s.scoreRow}>
<div style={s.scoreCard}>
<div style={{ ...s.scoreNum, color: tier?.color || '#f8f9fa' }}>
{score.active_points}
</div>
<div style={s.scoreLbl}>Active Points</div>
</div>
<div style={s.scoreCard}>
<div style={s.scoreNum}>{score.total_violations}</div>
<div style={s.scoreLbl}>Total Violations</div>
</div>
<div style={s.scoreCard}>
<div style={s.scoreNum}>{score.negated_count}</div>
<div style={s.scoreLbl}>Negated</div>
</div>
<div style={{ ...s.scoreCard, minWidth: '140px' }}>
<div style={{ fontSize: '13px', fontWeight: 700, color: tier?.color || '#f8f9fa' }}>
{tier ? tier.label : '—'}
</div>
<div style={s.scoreLbl}>Current Tier</div>
</div>
</div>
)}
{score && <CpasBadge points={score.active_points} style={{ marginBottom: '20px' }} />}
{/* ── Active Violations ── */}
<div style={s.sectionHd}>Active Violations</div>
{active.length === 0 ? (
<div style={{ color: '#777990', fontStyle: 'italic', fontSize: '12px' }}>
No active violations on record.
</div>
) : (
<table style={s.table}>
<thead>
<tr>
<th style={s.th}>Date</th>
<th style={s.th}>Violation</th>
<th style={s.th}>Pts</th>
<th style={s.th}>Actions</th>
</tr>
</thead>
<tbody>
{active.map((v) => (
<tr key={v.id}>
<td style={s.td}>{v.incident_date}</td>
<td style={s.td}>
<div style={{ fontWeight: 600 }}>
{v.violation_name}
{v.amendment_count > 0 && (
<span style={s.amendBadge}>{v.amendment_count} edit{v.amendment_count !== 1 ? 's' : ''}</span>
)}
</div>
<div style={{ fontSize: '10px', color: '#9ca0b8' }}>{v.category}</div>
{v.details && (
<div style={{ fontSize: '10px', color: '#b5b5c0', marginTop: '2px' }}>{v.details}</div>
)}
</td>
<td style={{ ...s.td, fontWeight: 700 }}>{v.points}</td>
<td style={s.td}>
<button style={s.amendBtn} onClick={(e) => { e.stopPropagation(); setAmending(v); }}>
Amend
</button>
<button
style={s.actionBtn('#ffc107')}
onClick={(e) => { e.stopPropagation(); setNegating(v); setConfirmDel(null); }}
>
Negate
</button>
<button
style={s.actionBtn('#ff4d4f')}
onClick={(e) => { e.stopPropagation(); setConfirmDel(confirmDel === v.id ? null : v.id); }}
>
{confirmDel === v.id ? 'Cancel' : 'Delete'}
</button>
<button
style={s.pdfBtn}
onClick={(e) => { e.stopPropagation(); handleDownloadPdf(v.id, employee?.name, v.incident_date); }}
>
PDF
</button>
{confirmDel === v.id && (
<div style={s.deleteConfirm}>
Permanently delete? This cannot be undone.
<div style={{ marginTop: '8px' }}>
<button
style={s.actionBtn('#ff4d4f')}
onClick={(e) => { e.stopPropagation(); handleHardDelete(v.id); }}
>
Confirm Delete
</button>
<button
style={s.actionBtn('#888')}
onClick={(e) => { e.stopPropagation(); setConfirmDel(null); }}
>
Cancel
</button>
</div>
</div>
)}
</td>
</tr>
))}
</tbody>
</table>
)}
{/* ── Negated / Resolved Violations ── */}
{negated.length > 0 && (
<>
<div style={s.sectionHd}>Negated / Resolved</div>
<table style={s.table}>
<thead>
<tr>
<th style={s.th}>Date</th>
<th style={s.th}>Violation</th>
<th style={s.th}>Pts</th>
<th style={s.th}>Resolution</th>
<th style={s.th}>Actions</th>
</tr>
</thead>
<tbody>
{negated.map((v) => (
<tr key={v.id} style={s.negatedRow}>
<td style={s.td}>{v.incident_date}</td>
<td style={s.td}>
<div style={{ fontWeight: 600 }}>{v.violation_name}</div>
<div style={{ fontSize: '10px', color: '#9ca0b8' }}>{v.category}</div>
</td>
<td style={s.td}>{v.points}</td>
<td style={s.td}>
<span style={s.resTag}>{v.resolution_type}</span>
{v.resolution_details && (
<div style={{ fontSize: '10px', color: '#b5b5c0', marginTop: '2px' }}>
{v.resolution_details}
</div>
)}
{v.resolved_by && (
<div style={{ fontSize: '10px', color: '#9ca0b8' }}>by {v.resolved_by}</div>
)}
</td>
<td style={s.td}>
<button
style={s.actionBtn('#4db6ac')}
onClick={(e) => { e.stopPropagation(); handleRestore(v.id); }}
>
Restore
</button>
<button
style={s.actionBtn('#ff4d4f')}
onClick={(e) => { e.stopPropagation(); setConfirmDel(confirmDel === v.id ? null : v.id); }}
>
{confirmDel === v.id ? 'Cancel' : 'Delete'}
</button>
<button
style={s.pdfBtn}
onClick={(e) => { e.stopPropagation(); handleDownloadPdf(v.id, employee?.name, v.incident_date); }}
>
PDF
</button>
{confirmDel === v.id && (
<div style={s.deleteConfirm}>
Permanently delete? This cannot be undone.
<div style={{ marginTop: '8px' }}>
<button
style={s.actionBtn('#ff4d4f')}
onClick={(e) => { e.stopPropagation(); handleHardDelete(v.id); }}
>
Confirm Delete
</button>
<button
style={s.actionBtn('#888')}
onClick={(e) => { e.stopPropagation(); setConfirmDel(null); }}
>
Cancel
</button>
</div>
</div>
)}
</td>
</tr>
))}
</tbody>
</table>
</>
)}
</>
)}
</div>
</div>
{/* Modals rendered outside panel to avoid z-index nesting issues */}
{negating && (
<NegateModal
violation={negating}
onConfirm={handleNegate}
onCancel={() => setNegating(null)}
/>
)}
{editingEmp && employee && (
<EditEmployeeModal
employee={employee}
onClose={() => setEditingEmp(false)}
onSaved={load}
/>
)}
{amending && (
<AmendViolationModal
violation={amending}
onClose={() => setAmending(null)}
onSaved={load}
/>
)}
</div>
);
}

138
client/src/components/NegateModal.jsx Executable file
View File

@@ -0,0 +1,138 @@
import React, { useState } from 'react';
const s = {
overlay: {
position: 'fixed', inset: 0, background: 'rgba(0,0,0,0.75)',
display: 'flex', alignItems: 'center', justifyContent: 'center',
zIndex: 2000,
},
modal: {
width: '480px', maxWidth: '95vw', background: '#111217', borderRadius: '12px',
boxShadow: '0 16px 40px rgba(0,0,0,0.8)', color: '#f8f9fa',
overflow: 'hidden', border: '1px solid #2a2b3a',
},
header: {
padding: '18px 24px', borderBottom: '1px solid #222',
background: 'linear-gradient(135deg, #000000, #151622)',
},
title: { fontSize: '18px', fontWeight: 700 },
subtitle: { fontSize: '12px', color: '#c0c2d6', marginTop: '4px' },
body: { padding: '18px 24px 8px 24px' },
pill: {
background: '#3b2e00', borderRadius: '6px', padding: '8px 10px',
fontSize: '12px', color: '#ffd666', border: '1px solid #d4af37', marginBottom: '14px',
},
label: { fontSize: '13px', fontWeight: 600, marginBottom: '4px', color: '#e5e7f1' },
input: {
width: '100%', padding: '9px 10px', borderRadius: '6px',
border: '1px solid #333544', background: '#050608', color: '#f8f9fa',
fontSize: '13px', fontFamily: 'inherit', marginBottom: '14px',
boxSizing: 'border-box',
},
textarea: {
width: '100%', minHeight: '80px', resize: 'vertical',
padding: '9px 10px', borderRadius: '6px', border: '1px solid #333544',
background: '#050608', color: '#f8f9fa', fontSize: '13px',
fontFamily: 'inherit', marginBottom: '14px', boxSizing: 'border-box',
},
footer: {
display: 'flex', justifyContent: 'flex-end', gap: '10px',
padding: '16px 24px 20px 24px', background: '#0c0d14', borderTop: '1px solid #222',
},
btnCancel: {
padding: '10px 20px', borderRadius: '6px', border: '1px solid #333544',
background: '#050608', color: '#f8f9fa', fontWeight: 600,
fontSize: '13px', cursor: 'pointer',
},
btnConfirm: {
padding: '10px 22px', borderRadius: '6px', border: 'none',
background: 'linear-gradient(135deg, #d4af37 0%, #ffdf8a 100%)',
color: '#000', fontWeight: 700, fontSize: '13px',
cursor: 'pointer', textTransform: 'uppercase',
},
};
const RESOLUTION_OPTIONS = [
'Corrective Training Completed',
'Verbal Warning Issued',
'Written Warning Issued',
'Management Review',
'Policy Exception Approved',
'Data Entry Error',
'Other',
];
export default function NegateModal({ violation, onConfirm, onCancel }) {
const [resolutionType, setResolutionType] = useState('Corrective Training Completed');
const [details, setDetails] = useState('');
const [resolvedBy, setResolvedBy] = useState('');
if (!violation) return null;
const handleConfirm = () => {
if (!onConfirm) return;
onConfirm({
resolution_type: resolutionType,
details,
resolved_by: resolvedBy,
});
};
// FIX: overlay click only closes on backdrop, NOT modal children
const handleOverlayClick = (e) => {
if (e.target === e.currentTarget && onCancel) onCancel();
};
return (
<div style={s.overlay} onClick={handleOverlayClick}>
{/* FIX: stopPropagation prevents modal clicks from bubbling to overlay */}
<div style={s.modal} onClick={(e) => e.stopPropagation()}>
<div style={s.header}>
<div style={s.title}>Negate Violation</div>
<div style={s.subtitle}>
Record resolution for: <strong>{violation.violation_name}</strong>
</div>
</div>
<div style={s.body}>
<div style={s.pill}>
{violation.points} pt{violation.points !== 1 ? 's' : ''} · {violation.incident_date} · {violation.category}
</div>
<div style={s.label}>Resolution Type</div>
<select
style={s.input}
value={resolutionType}
onChange={(e) => setResolutionType(e.target.value)}
>
{RESOLUTION_OPTIONS.map((opt) => (
<option key={opt} value={opt}>{opt}</option>
))}
</select>
<div style={s.label}>Details / Notes</div>
<textarea
style={s.textarea}
placeholder="Describe the resolution or context…"
value={details}
onChange={(e) => setDetails(e.target.value)}
/>
<div style={s.label}>Resolved By</div>
<input
style={s.input}
placeholder="Manager or HR name…"
value={resolvedBy}
onChange={(e) => setResolvedBy(e.target.value)}
/>
</div>
<div style={s.footer}>
<button style={s.btnCancel} onClick={onCancel}>Cancel</button>
<button style={s.btnConfirm} onClick={handleConfirm}>Confirm Negation</button>
</div>
</div>
</div>
);
}

52
client/src/components/ViolationForm.jsx
View File

@@ -7,27 +7,27 @@ import TierWarning from './TierWarning';
import ViolationHistory from './ViolationHistory'; import ViolationHistory from './ViolationHistory';
const s = { const s = {
content: { padding: '40px' }, content: { padding: '32px 40px', background: '#111217', borderRadius: '10px', color: '#f8f9fa' },
section: { background: '#f8f9fa', borderLeft: '4px solid #667eea', padding: '20px', marginBottom: '30px', borderRadius: '4px' }, section: { background: '#181924', borderLeft: '4px solid #d4af37', padding: '20px', marginBottom: '30px', borderRadius: '4px', border: '1px solid #2a2b3a' },
sectionTitle: { color: '#2c3e50', fontSize: '20px', marginBottom: '15px' }, sectionTitle: { color: '#f8f9fa', fontSize: '20px', marginBottom: '15px', fontWeight: 700 },
grid: { display: 'grid', gridTemplateColumns: 'repeat(auto-fit, minmax(250px, 1fr))', gap: '15px', marginTop: '15px' }, grid: { display: 'grid', gridTemplateColumns: 'repeat(auto-fit, minmax(250px, 1fr))', gap: '15px', marginTop: '15px' },
item: { display: 'flex', flexDirection: 'column' }, item: { display: 'flex', flexDirection: 'column' },
label: { fontWeight: 600, color: '#555', marginBottom: '5px', fontSize: '13px' }, label: { fontWeight: 600, color: '#e5e7f1', marginBottom: '5px', fontSize: '13px' },
input: { padding: '10px', border: '1px solid #ddd', borderRadius: '4px', fontSize: '14px', fontFamily: 'inherit' }, input: { padding: '10px', border: '1px solid #333544', borderRadius: '4px', fontSize: '14px', fontFamily: 'inherit', background: '#050608', color: '#f8f9fa' },
fullCol: { gridColumn: '1 / -1' }, fullCol: { gridColumn: '1 / -1' },
contextBox: { background: '#f1f3f5', border: '1px solid #ced4da', borderRadius: '4px', padding: '10px', fontSize: '12px', color: '#444', marginTop: '4px' }, contextBox: { background: '#141623', border: '1px solid #333544', borderRadius: '4px', padding: '10px', fontSize: '12px', color: '#d1d3e0', marginTop: '4px' },
repeatBadge: { display: 'inline-block', marginLeft: '8px', padding: '1px 7px', borderRadius: '10px', fontSize: '11px', fontWeight: 700, background: '#fff3cd', color: '#856404', border: '1px solid #ffc107' }, repeatBadge: { display: 'inline-block', marginLeft: '8px', padding: '1px 7px', borderRadius: '10px', fontSize: '11px', fontWeight: 700, background: '#3b2e00', color: '#ffd666', border: '1px solid #d4af37' },
repeatWarn: { background: '#fff3cd', border: '1px solid #ffc107', borderRadius: '4px', padding: '8px 12px', marginTop: '6px', fontSize: '12px', color: '#856404' }, repeatWarn: { background: '#3b2e00', border: '1px solid #d4af37', borderRadius: '4px', padding: '8px 12px', marginTop: '6px', fontSize: '12px', color: '#ffdf8a' },
pointBox: { background: '#fff3cd', border: '2px solid #ffc107', padding: '15px', borderRadius: '6px', marginTop: '15px', textAlign: 'center' }, pointBox: { background: '#181200', border: '2px solid #d4af37', padding: '15px', borderRadius: '6px', marginTop: '15px', textAlign: 'center' },
pointValue: { fontSize: '24px', fontWeight: 'bold', color: '#667eea', margin: '10px 0' }, pointValue: { fontSize: '24px', fontWeight: 'bold', color: '#ffd666', margin: '10px 0' },
scoreRow: { display: 'flex', alignItems: 'center', gap: '12px', marginBottom: '14px', flexWrap: 'wrap' }, scoreRow: { display: 'flex', alignItems: 'center', gap: '12px', marginBottom: '14px', flexWrap: 'wrap' },
btnRow: { display: 'flex', gap: '15px', justifyContent: 'center', marginTop: '30px', flexWrap: 'wrap' }, btnRow: { display: 'flex', gap: '15px', justifyContent: 'center', marginTop: '30px', flexWrap: 'wrap' },
btnPrimary: { padding: '15px 40px', fontSize: '16px', fontWeight: 600, border: 'none', borderRadius: '6px', cursor: 'pointer', background: 'linear-gradient(135deg, #667eea 0%, #764ba2 100%)', color: 'white', textTransform: 'uppercase' }, btnPrimary: { padding: '15px 40px', fontSize: '16px', fontWeight: 600, border: 'none', borderRadius: '6px', cursor: 'pointer', background: 'linear-gradient(135deg, #d4af37 0%, #ffdf8a 100%)', color: '#000', textTransform: 'uppercase' },
btnPdf: { padding: '15px 40px', fontSize: '16px', fontWeight: 600, border: 'none', borderRadius: '6px', cursor: 'pointer', background: 'linear-gradient(135deg, #e74c3c 0%, #c0392b 100%)', color: 'white', textTransform: 'uppercase' }, btnPdf: { padding: '15px 40px', fontSize: '16px', fontWeight: 600, border: 'none', borderRadius: '6px', cursor: 'pointer', background: 'linear-gradient(135deg, #e74c3c 0%, #c0392b 100%)', color: 'white', textTransform: 'uppercase' },
btnSecondary: { padding: '15px 40px', fontSize: '16px', fontWeight: 600, border: 'none', borderRadius: '6px', cursor: 'pointer', background: '#6c757d', color: 'white', textTransform: 'uppercase' }, btnSecondary: { padding: '15px 40px', fontSize: '16px', fontWeight: 600, border: '1px solid #333544', borderRadius: '6px', cursor: 'pointer', background: '#050608', color: '#f8f9fa', textTransform: 'uppercase' },
note: { background: '#e7f3ff', borderLeft: '4px solid #2196F3', padding: '15px', margin: '20px 0', borderRadius: '4px' }, note: { background: '#141623', borderLeft: '4px solid #2196F3', padding: '15px', margin: '20px 0', borderRadius: '4px', fontSize: '13px', color: '#d1d3e0' },
statusOk: { marginTop: '15px', padding: '15px', borderRadius: '6px', textAlign: 'center', fontWeight: 600, background: '#d4edda', color: '#155724', border: '1px solid #c3e6cb' }, statusOk: { marginTop: '15px', padding: '15px', borderRadius: '6px', textAlign: 'center', fontWeight: 600, background: '#053321', color: '#9ef7c1', border: '1px solid #0f5132' },
statusErr: { marginTop: '15px', padding: '15px', borderRadius: '6px', textAlign: 'center', fontWeight: 600, background: '#f8d7da', color: '#721c24', border: '1px solid #f5c6cb' }, statusErr: { marginTop: '15px', padding: '15px', borderRadius: '6px', textAlign: 'center', fontWeight: 600, background: '#3c1114', color: '#ffb3b8', border: '1px solid #f5c6cb' },
}; };
const EMPTY_FORM = { const EMPTY_FORM = {
@@ -41,7 +41,7 @@ export default function ViolationForm() {
const [form, setForm] = useState(EMPTY_FORM); const [form, setForm] = useState(EMPTY_FORM);
const [violation, setViolation] = useState(null); const [violation, setViolation] = useState(null);
const [status, setStatus] = useState(null); const [status, setStatus] = useState(null);
const [lastViolId, setLastViolId] = useState(null); // ID of most recently saved violation const [lastViolId, setLastViolId] = useState(null);
const [pdfLoading, setPdfLoading] = useState(false); const [pdfLoading, setPdfLoading] = useState(false);
const intel = useEmployeeIntelligence(form.employeeId || null); const intel = useEmployeeIntelligence(form.employeeId || null);
@@ -113,9 +113,7 @@ export default function ViolationForm() {
if (!lastViolId) return; if (!lastViolId) return;
setPdfLoading(true); setPdfLoading(true);
try { try {
const response = await axios.get(`/api/violations/${lastViolId}/pdf`, { const response = await axios.get(`/api/violations/${lastViolId}/pdf`, { responseType: 'blob' });
responseType: 'blob',
});
const url = window.URL.createObjectURL(new Blob([response.data], { type: 'application/pdf' })); const url = window.URL.createObjectURL(new Blob([response.data], { type: 'application/pdf' }));
const link = document.createElement('a'); const link = document.createElement('a');
link.href = url; link.href = url;
@@ -138,15 +136,14 @@ export default function ViolationForm() {
return ( return (
<div style={s.content}> <div style={s.content}>
{/* ── Employee Information ─────────────────────────────── */}
<div style={s.section}> <div style={s.section}>
<h2 style={s.sectionTitle}>Employee Information</h2> <h2 style={s.sectionTitle}>Employee Information</h2>
{intel.score && form.employeeId && ( {intel.score && form.employeeId && (
<div style={s.scoreRow}> <div style={s.scoreRow}>
<span style={{ fontSize: '13px', color: '#555', fontWeight: 600 }}>Current Standing:</span> <span style={{ fontSize: '13px', color: '#d1d3e0', fontWeight: 600 }}>Current Standing:</span>
<CpasBadge points={intel.score.active_points} /> <CpasBadge points={intel.score.active_points} />
<span style={{ fontSize: '12px', color: '#888' }}> <span style={{ fontSize: '12px', color: '#9ca0b8' }}>
{intel.score.violation_count} violation{intel.score.violation_count !== 1 ? 's' : ''} in last 90 days {intel.score.violation_count} violation{intel.score.violation_count !== 1 ? 's' : ''} in last 90 days
</span> </span>
</div> </div>
@@ -174,7 +171,6 @@ export default function ViolationForm() {
</div> </div>
</div> </div>
{/* ── Violation Details ────────────────────────────────── */}
<form onSubmit={handleSubmit}> <form onSubmit={handleSubmit}>
<div style={s.section}> <div style={s.section}>
<h2 style={s.sectionTitle}>Violation Details</h2> <h2 style={s.sectionTitle}>Violation Details</h2>
@@ -207,7 +203,7 @@ export default function ViolationForm() {
</span> </span>
)} )}
<br />{violation.description}<br /> <br />{violation.description}<br />
<span style={{ fontSize: '11px', color: '#666' }}>{violation.chapter}</span> <span style={{ fontSize: '11px', color: '#a0a3ba' }}>{violation.chapter}</span>
</div> </div>
)} )}
@@ -264,7 +260,7 @@ export default function ViolationForm() {
{violation && ( {violation && (
<div style={s.pointBox}> <div style={s.pointBox}>
<h4 style={{ color: '#856404', marginBottom: '10px' }}>CPAS Point Assessment</h4> <h4 style={{ color: '#ffdf8a', marginBottom: '10px' }}>CPAS Point Assessment</h4>
<p style={{ margin: 0 }}> <p style={{ margin: 0 }}>
{violation.name}: {violation.minPoints === violation.maxPoints {violation.name}: {violation.minPoints === violation.maxPoints
? `${violation.minPoints} Points (Fixed)` ? `${violation.minPoints} Points (Fixed)`
@@ -274,7 +270,7 @@ export default function ViolationForm() {
min={violation.minPoints} max={violation.maxPoints} min={violation.minPoints} max={violation.maxPoints}
value={form.points} onChange={handleChange} /> value={form.points} onChange={handleChange} />
<div style={s.pointValue}>{form.points} Points</div> <div style={s.pointValue}>{form.points} Points</div>
<p style={{ fontSize: '12px', color: '#666' }}>Adjust to reflect severity and context</p> <p style={{ fontSize: '12px', color: '#d1d3e0' }}>Adjust to reflect severity and context</p>
</div> </div>
)} )}
</div> </div>
@@ -286,7 +282,6 @@ export default function ViolationForm() {
</button> </button>
</div> </div>
{/* PDF download — appears after successful submission */}
{lastViolId && status?.ok && ( {lastViolId && status?.ok && (
<div style={{ textAlign: 'center', marginTop: '16px' }}> <div style={{ textAlign: 'center', marginTop: '16px' }}>
<button <button
@@ -297,7 +292,7 @@ export default function ViolationForm() {
> >
{pdfLoading ? '⏳ Generating PDF...' : '⬇ Download PDF'} {pdfLoading ? '⏳ Generating PDF...' : '⬇ Download PDF'}
</button> </button>
<p style={{ fontSize: '11px', color: '#888', marginTop: '6px' }}> <p style={{ fontSize: '11px', color: '#9ca0b8', marginTop: '6px' }}>
Violation #{lastViolId} click to download the signed violation document Violation #{lastViolId} click to download the signed violation document
</p> </p>
</div> </div>
@@ -306,7 +301,6 @@ export default function ViolationForm() {
{status && <div style={status.ok ? s.statusOk : s.statusErr}>{status.msg}</div>} {status && <div style={status.ok ? s.statusOk : s.statusErr}>{status.msg}</div>}
</form> </form>
{/* ── Violation History Panel ──────────────────────────── */}
{form.employeeId && ( {form.employeeId && (
<div style={s.section}> <div style={s.section}>
<h2 style={s.sectionTitle}>Violation History</h2> <h2 style={s.sectionTitle}>Violation History</h2>

20
client/src/components/ViolationHistory.jsx
View File

@@ -2,19 +2,19 @@ import React, { useState } from 'react';
const s = { const s = {
wrapper: { marginTop: '24px' }, wrapper: { marginTop: '24px' },
title: { color: '#2c3e50', fontSize: '16px', fontWeight: 700, marginBottom: '10px' }, title: { color: '#b5b5c0', fontSize: '16px', fontWeight: 700, marginBottom: '10px' },
table: { width: '100%', borderCollapse: 'collapse', fontSize: '13px' }, table: { width: '100%', borderCollapse: 'collapse', fontSize: '13px', background: '#111217', borderRadius: '6px', overflow: 'hidden', border: '1px solid #222' },
th: { background: '#2c3e50', color: 'white', padding: '8px 10px', textAlign: 'left' }, th: { background: '#000000', color: '#f8f9fa', padding: '8px 10px', textAlign: 'left', fontSize: '12px', fontWeight: 600, textTransform: 'uppercase', letterSpacing: '0.5px' },
td: { padding: '8px 10px', borderBottom: '1px solid #dee2e6' }, td: { padding: '8px 10px', borderBottom: '1px solid #1c1d29', color: '#f8f9fa', verticalAlign: 'middle' },
trEven: { background: '#f8f9fa' }, trEven: { background: '#111217' },
trOdd: { background: 'white' }, trOdd: { background: '#151622' },
pts: { fontWeight: 700, color: '#667eea' }, pts: { fontWeight: 700, color: '#667eea' },
toggle: { background: 'none', border: 'none', color: '#667eea', cursor: 'pointer', fontSize: '13px', padding: 0, textDecoration: 'underline' }, toggle: { background: 'none', border: 'none', color: '#667eea', cursor: 'pointer', fontSize: '13px', padding: 0, textDecoration: 'underline' },
empty: { color: '#888', fontStyle: 'italic', fontSize: '13px', marginTop: '8px' }, empty: { color: '#77798a', fontStyle: 'italic', fontSize: '13px', marginTop: '8px' },
}; };
function formatDate(d) { function formatDate(d) {
if (!d) return ''; if (!d) return '';
const dt = new Date(d + 'T12:00:00'); const dt = new Date(d + 'T12:00:00');
return dt.toLocaleDateString('en-US', { year: 'numeric', month: 'short', day: 'numeric', timeZone: 'America/Chicago' }); return dt.toLocaleDateString('en-US', { year: 'numeric', month: 'short', day: 'numeric', timeZone: 'America/Chicago' });
} }
@@ -44,9 +44,9 @@ export default function ViolationHistory({ history, loading }) {
<tr key={v.id} style={i % 2 === 0 ? s.trEven : s.trOdd}> <tr key={v.id} style={i % 2 === 0 ? s.trEven : s.trOdd}>
<td style={s.td}>{formatDate(v.incident_date)}</td> <td style={s.td}>{formatDate(v.incident_date)}</td>
<td style={s.td}>{v.violation_name}</td> <td style={s.td}>{v.violation_name}</td>
<td style={s.td}>{v.category}</td> <td style={{ ...s.td, color: '#c0c2d6' }}>{v.category}</td>
<td style={{ ...s.td, ...s.pts }}>{v.points}</td> <td style={{ ...s.td, ...s.pts }}>{v.points}</td>
<td style={s.td}>{v.details || ''}</td> <td style={{ ...s.td, color: '#c0c2d6' }}>{v.details || ''}</td>
</tr> </tr>
))} ))}
</tbody> </tbody>

67
db/database.js
View File

@@ -2,18 +2,69 @@ const Database = require('better-sqlite3');
const path = require('path'); const path = require('path');
const fs = require('fs'); const fs = require('fs');
const DB_PATH = process.env.DB_PATH || '/data/cpas.db'; const dbPath = process.env.DB_PATH || path.join(__dirname, '..', 'data', 'cpas.db');
const SCHEMA_PATH = path.join(__dirname, 'schema.sql'); const dir = path.dirname(dbPath);
if (!fs.existsSync(dir)) fs.mkdirSync(dir, { recursive: true });
const dbDir = path.dirname(DB_PATH); const db = new Database(dbPath);
if (!fs.existsSync(dbDir)) fs.mkdirSync(dbDir, { recursive: true });
const db = new Database(DB_PATH);
db.pragma('journal_mode = WAL'); db.pragma('journal_mode = WAL');
db.pragma('foreign_keys = ON'); db.pragma('foreign_keys = ON');
const schema = fs.readFileSync(SCHEMA_PATH, 'utf8'); const schema = fs.readFileSync(path.join(__dirname, 'schema.sql'), 'utf8');
db.exec(schema); db.exec(schema);
console.log(`[DB] Connected: ${DB_PATH}`); // ── Migrations for existing DBs ──────────────────────────────────────────────
const cols = db.prepare('PRAGMA table_info(violations)').all().map(c => c.name);
if (!cols.includes('negated')) db.exec("ALTER TABLE violations ADD COLUMN negated INTEGER NOT NULL DEFAULT 0");
if (!cols.includes('negated_at')) db.exec("ALTER TABLE violations ADD COLUMN negated_at DATETIME");
if (!cols.includes('prior_active_points')) db.exec("ALTER TABLE violations ADD COLUMN prior_active_points INTEGER");
if (!cols.includes('prior_tier_label')) db.exec("ALTER TABLE violations ADD COLUMN prior_tier_label TEXT");
// Ensure resolutions table exists
db.exec(`CREATE TABLE IF NOT EXISTS violation_resolutions (
id INTEGER PRIMARY KEY AUTOINCREMENT,
violation_id INTEGER NOT NULL REFERENCES violations(id) ON DELETE CASCADE,
resolution_type TEXT NOT NULL,
details TEXT,
resolved_by TEXT,
created_at DATETIME DEFAULT CURRENT_TIMESTAMP
)`);
// ── Feature: Violation Amendments ────────────────────────────────────────────
// Stores a field-level diff every time a violation's editable fields are changed.
db.exec(`CREATE TABLE IF NOT EXISTS violation_amendments (
id INTEGER PRIMARY KEY AUTOINCREMENT,
violation_id INTEGER NOT NULL REFERENCES violations(id) ON DELETE CASCADE,
changed_by TEXT,
field_name TEXT NOT NULL,
old_value TEXT,
new_value TEXT,
created_at DATETIME DEFAULT CURRENT_TIMESTAMP
)`);
// ── Feature: Audit Log ───────────────────────────────────────────────────────
// Append-only record of every write action across the system.
db.exec(`CREATE TABLE IF NOT EXISTS audit_log (
id INTEGER PRIMARY KEY AUTOINCREMENT,
action TEXT NOT NULL,
entity_type TEXT NOT NULL,
entity_id INTEGER,
performed_by TEXT,
details TEXT,
created_at DATETIME DEFAULT CURRENT_TIMESTAMP
)`);
// Recreate view so it always filters negated rows
db.exec(`DROP VIEW IF EXISTS active_cpas_scores;
CREATE VIEW active_cpas_scores AS
SELECT
employee_id,
SUM(points) AS active_points,
COUNT(*) AS violation_count
FROM violations
WHERE negated = 0
AND incident_date >= DATE('now', '-90 days')
GROUP BY employee_id;`);
console.log('[DB] Connected:', dbPath);
module.exports = db; module.exports = db;

35
db/schema.sql
View File

@@ -11,26 +11,37 @@ CREATE TABLE IF NOT EXISTS violations (
employee_id INTEGER NOT NULL REFERENCES employees(id), employee_id INTEGER NOT NULL REFERENCES employees(id),
violation_type TEXT NOT NULL, violation_type TEXT NOT NULL,
violation_name TEXT NOT NULL, violation_name TEXT NOT NULL,
category TEXT NOT NULL, category TEXT NOT NULL DEFAULT 'General',
points INTEGER NOT NULL, points INTEGER NOT NULL,
incident_date DATE NOT NULL, incident_date TEXT NOT NULL,
incident_time TEXT, incident_time TEXT,
location TEXT, location TEXT,
details TEXT, details TEXT,
submitted_by TEXT, submitted_by TEXT,
witness_name TEXT, witness_name TEXT,
negated INTEGER NOT NULL DEFAULT 0,
negated_at DATETIME,
prior_active_points INTEGER, -- snapshot at time of logging
prior_tier_label TEXT, -- optional human-readable tier
created_at DATETIME DEFAULT CURRENT_TIMESTAMP created_at DATETIME DEFAULT CURRENT_TIMESTAMP
); );
CREATE TABLE IF NOT EXISTS violation_resolutions (
id INTEGER PRIMARY KEY AUTOINCREMENT,
violation_id INTEGER NOT NULL REFERENCES violations(id) ON DELETE CASCADE,
resolution_type TEXT NOT NULL,
details TEXT,
resolved_by TEXT,
created_at DATETIME DEFAULT CURRENT_TIMESTAMP
);
-- Active score: only non-negated violations in rolling 90 days
CREATE VIEW IF NOT EXISTS active_cpas_scores AS CREATE VIEW IF NOT EXISTS active_cpas_scores AS
SELECT SELECT
e.id AS employee_id, employee_id,
e.name AS employee_name, SUM(points) AS active_points,
e.department, COUNT(*) AS violation_count
COALESCE(SUM(v.points), 0) AS active_points, FROM violations
COUNT(v.id) AS violation_count WHERE negated = 0
FROM employees e AND incident_date >= DATE('now', '-90 days')
LEFT JOIN violations v GROUP BY employee_id;
ON v.employee_id = e.id
AND v.incident_date >= DATE('now', '-90 days')
GROUP BY e.id;

16
pdf/generator.js
View File

@@ -30,18 +30,12 @@ async function generatePdf(violation, score) {
format: 'Letter', format: 'Letter',
printBackground: true, printBackground: true,
margin: { margin: {
top: '0.6in', top: '0.35in',
bottom: '0.7in', bottom: '0.35in',
left: '0.75in', left: '0.4in',
right: '0.75in', right: '0.4in',
}, },
displayHeaderFooter: true, displayHeaderFooter: false,
headerTemplate: '<div></div>',
footerTemplate: `
<div style="font-size:9px; color:#888; width:100%; text-align:center; padding:0 0.75in;">
CONFIDENTIAL — MPM Internal HR Document &nbsp;|&nbsp;
Page <span class="pageNumber"></span> of <span class="totalPages"></span>
</div>`,
}); });
return pdf; return pdf;

628
pdf/template.js
View File

File diff suppressed because one or more lines are too long

366
server.js
View File

@@ -11,91 +11,164 @@ app.use(cors());
app.use(express.json()); app.use(express.json());
app.use(express.static(path.join(__dirname, 'client', 'dist'))); app.use(express.static(path.join(__dirname, 'client', 'dist')));
// ── Health ───────────────────────────────────────────────────────────────── // ── Audit helper ─────────────────────────────────────────────────────────────
app.get('/api/health', (req, res) => { function audit(action, entityType, entityId, performedBy, details) {
res.json({ status: 'ok', timestamp: new Date().toISOString() }); try {
}); db.prepare(`
INSERT INTO audit_log (action, entity_type, entity_id, performed_by, details)
VALUES (?, ?, ?, ?, ?)
`).run(action, entityType, entityId || null, performedBy || null,
typeof details === 'object' ? JSON.stringify(details) : (details || null));
} catch (e) {
console.error('[AUDIT]', e.message);
}
}
// ── Employees ────────────────────────────────────────────────────────────── // Health
app.get('/api/health', (req, res) => res.json({ status: 'ok', timestamp: new Date().toISOString() }));
// ── Employees ─────────────────────────────────────────────────────────────────
app.get('/api/employees', (req, res) => { app.get('/api/employees', (req, res) => {
const rows = db.prepare( const rows = db.prepare('SELECT id, name, department, supervisor FROM employees ORDER BY name ASC').all();
'SELECT id, name, department, supervisor FROM employees ORDER BY name ASC'
).all();
res.json(rows); res.json(rows);
}); });
app.post('/api/employees', (req, res) => { app.post('/api/employees', (req, res) => {
const { name, department, supervisor } = req.body; const { name, department, supervisor } = req.body;
if (!name) return res.status(400).json({ error: 'name is required' }); if (!name) return res.status(400).json({ error: 'name is required' });
const existing = db.prepare('SELECT * FROM employees WHERE LOWER(name) = LOWER(?)').get(name);
const existing = db.prepare(
'SELECT * FROM employees WHERE LOWER(name) = LOWER(?)'
).get(name);
if (existing) { if (existing) {
if (department || supervisor) { if (department || supervisor) {
db.prepare( db.prepare('UPDATE employees SET department = COALESCE(?, department), supervisor = COALESCE(?, supervisor) WHERE id = ?')
'UPDATE employees SET department = COALESCE(?, department), supervisor = COALESCE(?, supervisor) WHERE id = ?' .run(department || null, supervisor || null, existing.id);
).run(department || null, supervisor || null, existing.id);
} }
return res.json({ ...existing, department, supervisor }); return res.json({ ...existing, department, supervisor });
} }
const result = db.prepare('INSERT INTO employees (name, department, supervisor) VALUES (?, ?, ?)')
const result = db.prepare( .run(name, department || null, supervisor || null);
'INSERT INTO employees (name, department, supervisor) VALUES (?, ?, ?)' audit('employee_created', 'employee', result.lastInsertRowid, null, { name });
).run(name, department || null, supervisor || null);
res.status(201).json({ id: result.lastInsertRowid, name, department, supervisor }); res.status(201).json({ id: result.lastInsertRowid, name, department, supervisor });
}); });
// ── Employee CPAS Score ──────────────────────────────────────────────────── // ── Employee Edit ─────────────────────────────────────────────────────────────
app.get('/api/employees/:employeeId/score', (req, res) => { // PATCH /api/employees/:id — update name, department, or supervisor
const row = db.prepare( app.patch('/api/employees/:id', (req, res) => {
'SELECT * FROM active_cpas_scores WHERE employee_id = ?' const id = parseInt(req.params.id);
).get(req.params.employeeId); const emp = db.prepare('SELECT * FROM employees WHERE id = ?').get(id);
res.json(row || { employee_id: req.params.employeeId, active_points: 0, violation_count: 0 }); if (!emp) return res.status(404).json({ error: 'Employee not found' });
const { name, department, supervisor, performed_by } = req.body;
// Prevent name collision with a different employee
if (name && name.trim() !== emp.name) {
const clash = db.prepare('SELECT id FROM employees WHERE LOWER(name) = LOWER(?) AND id != ?').get(name.trim(), id);
if (clash) return res.status(409).json({ error: 'An employee with that name already exists', conflictId: clash.id });
}
const newName = (name || emp.name).trim();
const newDept = department !== undefined ? (department || null) : emp.department;
const newSupervisor = supervisor !== undefined ? (supervisor || null) : emp.supervisor;
db.prepare('UPDATE employees SET name = ?, department = ?, supervisor = ? WHERE id = ?')
.run(newName, newDept, newSupervisor, id);
audit('employee_edited', 'employee', id, performed_by, {
before: { name: emp.name, department: emp.department, supervisor: emp.supervisor },
after: { name: newName, department: newDept, supervisor: newSupervisor },
}); });
// ── Violation type counts (90-day) ───────────────────────────────────────── res.json({ id, name: newName, department: newDept, supervisor: newSupervisor });
app.get('/api/employees/:employeeId/violation-counts', (req, res) => {
const rows = db.prepare(`
SELECT violation_type, COUNT(*) as count
FROM violations
WHERE employee_id = ?
AND incident_date >= DATE('now', '-90 days')
GROUP BY violation_type
`).all(req.params.employeeId);
const map = {};
rows.forEach(r => { map[r.violation_type] = r.count; });
res.json(map);
}); });
// ── Violation type counts (all-time) ─────────────────────────────────────── // ── Employee Merge ────────────────────────────────────────────────────────────
app.get('/api/employees/:employeeId/violation-counts/alltime', (req, res) => { // POST /api/employees/:id/merge — reassign all violations from sourceId → id, then delete source
const rows = db.prepare(` app.post('/api/employees/:id/merge', (req, res) => {
SELECT violation_type, COUNT(*) as count, MAX(points) as max_points_used const targetId = parseInt(req.params.id);
FROM violations const { source_id, performed_by } = req.body;
WHERE employee_id = ? if (!source_id) return res.status(400).json({ error: 'source_id is required' });
GROUP BY violation_type
`).all(req.params.employeeId); const target = db.prepare('SELECT * FROM employees WHERE id = ?').get(targetId);
const map = {}; const source = db.prepare('SELECT * FROM employees WHERE id = ?').get(source_id);
rows.forEach(r => { map[r.violation_type] = { count: r.count, max_points_used: r.max_points_used }; }); if (!target) return res.status(404).json({ error: 'Target employee not found' });
res.json(map); if (!source) return res.status(404).json({ error: 'Source employee not found' });
if (targetId === parseInt(source_id)) return res.status(400).json({ error: 'Cannot merge an employee into themselves' });
const mergeTransaction = db.transaction(() => {
// Move all violations
const moved = db.prepare('UPDATE violations SET employee_id = ? WHERE employee_id = ?').run(targetId, source_id);
// Delete the source employee
db.prepare('DELETE FROM employees WHERE id = ?').run(source_id);
return moved.changes;
}); });
// ── Violation history ────────────────────────────────────────────────────── const violationsMoved = mergeTransaction();
app.get('/api/violations/employee/:employeeId', (req, res) => {
const limit = parseInt(req.query.limit) || 50; audit('employee_merged', 'employee', targetId, performed_by, {
source: { id: source.id, name: source.name },
target: { id: target.id, name: target.name },
violations_reassigned: violationsMoved,
});
res.json({ success: true, violations_reassigned: violationsMoved });
});
// Employee score (current snapshot)
app.get('/api/employees/:id/score', (req, res) => {
const row = db.prepare('SELECT * FROM active_cpas_scores WHERE employee_id = ?').get(req.params.id);
res.json(row || { employee_id: req.params.id, active_points: 0, violation_count: 0 });
});
// Dashboard
app.get('/api/dashboard', (req, res) => {
const rows = db.prepare(` const rows = db.prepare(`
SELECT * FROM violations SELECT e.id, e.name, e.department, e.supervisor,
WHERE employee_id = ? COALESCE(s.active_points, 0) AS active_points,
ORDER BY incident_date DESC, created_at DESC COALESCE(s.violation_count,0) AS violation_count
LIMIT ? FROM employees e
`).all(req.params.employeeId, limit); LEFT JOIN active_cpas_scores s ON s.employee_id = e.id
ORDER BY active_points DESC, e.name ASC
`).all();
res.json(rows); res.json(rows);
}); });
// ── POST new violation ───────────────────────────────────────────────────── // Violation history (per employee) with resolutions + amendment count
app.get('/api/violations/employee/:id', (req, res) => {
const limit = parseInt(req.query.limit) || 50;
const rows = db.prepare(`
SELECT v.*, r.resolution_type, r.details AS resolution_details,
r.resolved_by, r.created_at AS resolved_at,
(SELECT COUNT(*) FROM violation_amendments a WHERE a.violation_id = v.id) AS amendment_count
FROM violations v
LEFT JOIN violation_resolutions r ON r.violation_id = v.id
WHERE v.employee_id = ?
ORDER BY v.incident_date DESC, v.created_at DESC
LIMIT ?
`).all(req.params.id, limit);
res.json(rows);
});
// ── Violation amendment history ───────────────────────────────────────────────
app.get('/api/violations/:id/amendments', (req, res) => {
const rows = db.prepare(`
SELECT * FROM violation_amendments WHERE violation_id = ? ORDER BY created_at DESC
`).all(req.params.id);
res.json(rows);
});
// Helper: compute prior_active_points at time of insert
function getPriorActivePoints(employeeId, incidentDate) {
const row = db.prepare(
`SELECT COALESCE(SUM(points),0) AS pts
FROM violations
WHERE employee_id = ?
AND negated = 0
AND incident_date >= DATE(?, '-90 days')
AND incident_date < ?`
).get(employeeId, incidentDate, incidentDate);
return row ? row.pts : 0;
}
// POST new violation
app.post('/api/violations', (req, res) => { app.post('/api/violations', (req, res) => {
const { const {
employee_id, violation_type, violation_name, category, employee_id, violation_type, violation_name, category,
@@ -104,30 +177,159 @@ app.post('/api/violations', (req, res) => {
} = req.body; } = req.body;
if (!employee_id || !violation_type || !points || !incident_date) { if (!employee_id || !violation_type || !points || !incident_date) {
return res.status(400).json({ return res.status(400).json({ error: 'Missing required fields' });
error: 'Missing required fields: employee_id, violation_type, points, incident_date'
});
} }
const ptsInt = parseInt(points);
const priorPts = getPriorActivePoints(employee_id, incident_date);
const result = db.prepare(` const result = db.prepare(`
INSERT INTO violations ( INSERT INTO violations (
employee_id, violation_type, violation_name, category, employee_id, violation_type, violation_name, category,
points, incident_date, incident_time, location, points, incident_date, incident_time, location,
details, submitted_by, witness_name details, submitted_by, witness_name,
) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?) prior_active_points
) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)
`).run( `).run(
employee_id, violation_type, violation_name || violation_type, employee_id, violation_type, violation_name || violation_type,
category || 'General', points, incident_date, category || 'General', ptsInt, incident_date,
incident_time || null, location || null, incident_time || null, location || null,
details || null, submitted_by || null, witness_name || null details || null, submitted_by || null, witness_name || null,
priorPts
); );
audit('violation_created', 'violation', result.lastInsertRowid, submitted_by, {
employee_id, violation_type, points: ptsInt, incident_date,
});
res.status(201).json({ id: result.lastInsertRowid }); res.status(201).json({ id: result.lastInsertRowid });
}); });
// ── PDF Generation ───────────────────────────────────────────────────────── // ── Violation Amendment (edit) ────────────────────────────────────────────────
// GET /api/violations/:id/pdf // PATCH /api/violations/:id/amend — edit mutable fields; logs a diff per changed field
// Returns a binary PDF of the violation document const AMENDABLE_FIELDS = ['incident_time', 'location', 'details', 'submitted_by', 'witness_name'];
app.patch('/api/violations/:id/amend', (req, res) => {
const id = parseInt(req.params.id);
const { changed_by, ...updates } = req.body;
const violation = db.prepare('SELECT * FROM violations WHERE id = ?').get(id);
if (!violation) return res.status(404).json({ error: 'Violation not found' });
if (violation.negated) return res.status(400).json({ error: 'Cannot amend a negated violation' });
// Only allow whitelisted fields to be amended
const allowed = Object.fromEntries(
Object.entries(updates).filter(([k]) => AMENDABLE_FIELDS.includes(k))
);
if (Object.keys(allowed).length === 0) {
return res.status(400).json({ error: 'No amendable fields provided', amendable: AMENDABLE_FIELDS });
}
const amendTransaction = db.transaction(() => {
// Build UPDATE
const setClauses = Object.keys(allowed).map(k => `${k} = ?`).join(', ');
const values = [...Object.values(allowed), id];
db.prepare(`UPDATE violations SET ${setClauses} WHERE id = ?`).run(...values);
// Insert an amendment record per changed field
const insertAmendment = db.prepare(`
INSERT INTO violation_amendments (violation_id, changed_by, field_name, old_value, new_value)
VALUES (?, ?, ?, ?, ?)
`);
for (const [field, newVal] of Object.entries(allowed)) {
const oldVal = violation[field];
if (String(oldVal) !== String(newVal)) {
insertAmendment.run(id, changed_by || null, field, oldVal ?? null, newVal ?? null);
}
}
});
amendTransaction();
audit('violation_amended', 'violation', id, changed_by, { fields: Object.keys(allowed) });
const updated = db.prepare('SELECT * FROM violations WHERE id = ?').get(id);
res.json(updated);
});
// ── Negate a violation ────────────────────────────────────────────────────────
app.patch('/api/violations/:id/negate', (req, res) => {
const { resolution_type, details, resolved_by } = req.body;
const id = req.params.id;
const violation = db.prepare('SELECT * FROM violations WHERE id = ?').get(id);
if (!violation) return res.status(404).json({ error: 'Violation not found' });
db.prepare('UPDATE violations SET negated = 1 WHERE id = ?').run(id);
const existing = db.prepare('SELECT id FROM violation_resolutions WHERE violation_id = ?').get(id);
if (existing) {
db.prepare(`
UPDATE violation_resolutions
SET resolution_type = ?, details = ?, resolved_by = ?, created_at = datetime('now')
WHERE violation_id = ?
`).run(resolution_type || 'Resolved', details || null, resolved_by || null, id);
} else {
db.prepare(`
INSERT INTO violation_resolutions (violation_id, resolution_type, details, resolved_by)
VALUES (?, ?, ?, ?)
`).run(id, resolution_type || 'Resolved', details || null, resolved_by || null);
}
audit('violation_negated', 'violation', id, resolved_by, { resolution_type });
res.json({ success: true });
});
// ── Restore a negated violation ───────────────────────────────────────────────
app.patch('/api/violations/:id/restore', (req, res) => {
const id = req.params.id;
const violation = db.prepare('SELECT * FROM violations WHERE id = ?').get(id);
if (!violation) return res.status(404).json({ error: 'Violation not found' });
db.prepare('UPDATE violations SET negated = 0 WHERE id = ?').run(id);
db.prepare('DELETE FROM violation_resolutions WHERE violation_id = ?').run(id);
audit('violation_restored', 'violation', id, req.body?.performed_by, {});
res.json({ success: true });
});
// ── Hard delete a violation ───────────────────────────────────────────────────
app.delete('/api/violations/:id', (req, res) => {
const id = req.params.id;
const violation = db.prepare('SELECT * FROM violations WHERE id = ?').get(id);
if (!violation) return res.status(404).json({ error: 'Violation not found' });
db.prepare('DELETE FROM violation_resolutions WHERE violation_id = ?').run(id);
db.prepare('DELETE FROM violations WHERE id = ?').run(id);
audit('violation_deleted', 'violation', id, req.body?.performed_by, {
violation_type: violation.violation_type, employee_id: violation.employee_id,
});
res.json({ success: true });
});
// ── Audit log ─────────────────────────────────────────────────────────────────
app.get('/api/audit', (req, res) => {
const limit = Math.min(parseInt(req.query.limit) || 100, 500);
const offset = parseInt(req.query.offset) || 0;
const type = req.query.entity_type;
const id = req.query.entity_id;
let sql = 'SELECT * FROM audit_log';
const args = [];
const where = [];
if (type) { where.push('entity_type = ?'); args.push(type); }
if (id) { where.push('entity_id = ?'); args.push(id); }
if (where.length) sql += ' WHERE ' + where.join(' AND ');
sql += ' ORDER BY created_at DESC LIMIT ? OFFSET ?';
args.push(limit, offset);
res.json(db.prepare(sql).all(...args));
});
// ── PDF endpoint ──────────────────────────────────────────────────────────────
app.get('/api/violations/:id/pdf', async (req, res) => { app.get('/api/violations/:id/pdf', async (req, res) => {
try { try {
const violation = db.prepare(` const violation = db.prepare(`
@@ -139,14 +341,18 @@ app.get('/api/violations/:id/pdf', async (req, res) => {
if (!violation) return res.status(404).json({ error: 'Violation not found' }); if (!violation) return res.status(404).json({ error: 'Violation not found' });
// Pull employee 90-day score for context block in PDF const active = db.prepare('SELECT * FROM active_cpas_scores WHERE employee_id = ?')
const score = db.prepare( .get(violation.employee_id) || { active_points: 0, violation_count: 0 };
'SELECT * FROM active_cpas_scores WHERE employee_id = ?'
).get(violation.employee_id) || { active_points: 0, violation_count: 0 };
const pdfBuffer = await generatePdf(violation, score); const scoreForPdf = {
employee_id: violation.employee_id,
active_points: violation.prior_active_points != null ? violation.prior_active_points : active.active_points,
violation_count: active.violation_count,
};
const pdfBuffer = await generatePdf(violation, scoreForPdf);
const safeName = violation.employee_name.replace(/[^a-z0-9]/gi, '_'); const safeName = violation.employee_name.replace(/[^a-z0-9]/gi, '_');
res.set({ res.set({
'Content-Type': 'application/pdf', 'Content-Type': 'application/pdf',
'Content-Disposition': `attachment; filename="CPAS_${safeName}_${violation.incident_date}.pdf"`, 'Content-Disposition': `attachment; filename="CPAS_${safeName}_${violation.incident_date}.pdf"`,
@@ -154,16 +360,12 @@ app.get('/api/violations/:id/pdf', async (req, res) => {
}); });
res.end(pdfBuffer); res.end(pdfBuffer);
} catch (err) { } catch (err) {
console.error('[PDF] Error:', err); console.error('[PDF]', err);
res.status(500).json({ error: 'PDF generation failed', detail: err.message }); res.status(500).json({ error: 'PDF generation failed', detail: err.message });
} }
}); });
// ── SPA fallback ─────────────────────────────────────────────────────────── // SPA fallback
app.get('*', (req, res) => { app.get('*', (req, res) => res.sendFile(path.join(__dirname, 'client', 'dist', 'index.html')));
res.sendFile(path.join(__dirname, 'client', 'dist', 'index.html'));
});
app.listen(PORT, '0.0.0.0', () => { app.listen(PORT, '0.0.0.0', () => console.log(`[CPAS] Server running on port ${PORT}`));
console.log(`[CPAS] Server running on port ${PORT}`);
});