pieced/pieced-portal
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Compare commits

base: pieced:v0.1.58
Branches Tags
pieced:main
pieced:v0.1.87 pieced:v0.1.86 pieced:v0.1.85 pieced:v0.1.84 pieced:v0.1.83 pieced:v0.1.82 pieced:v0.1.81 pieced:v0.1.80 pieced:v0.1.79 pieced:v0.1.78 pieced:v0.1.77 pieced:v0.1.76 pieced:v0.1.75 pieced:v0.1.74 pieced:v0.1.73 pieced:v0.1.72 pieced:v0.1.71 pieced:v0.1.70 pieced:v0.1.69 pieced:v0.1.68 pieced:v0.1.67 pieced:v0.1.66 pieced:v0.1.65 pieced:v0.1.64 pieced:v0.1.63 pieced:v0.1.62 pieced:v0.1.61 pieced:v0.1.60 pieced:v0.1.59 pieced:v0.1.58 pieced:v0.1.57 pieced:v0.1.56 pieced:v0.1.55 pieced:v0.1.54 pieced:v0.1.53 pieced:v0.1.52 pieced:v0.1.51 pieced:v0.1.50 pieced:v0.1.49 pieced:v0.1.48 pieced:v0.1.47 pieced:v0.1.46 pieced:v0.1.45 pieced:v0.1.44 pieced:v0.1.43 pieced:v0.1.42 pieced:v0.1.41 pieced:v0.1.40 pieced:v0.1.39 pieced:v0.1.38 pieced:v0.1.37 pieced:v0.1.36 pieced:v0.1.35 pieced:v0.1.34 pieced:v0.1.33 pieced:v0.1.32 pieced:v0.1.31 pieced:v0.1.30 pieced:v0.1.29 pieced:v0.1.28 pieced:v0.1.27 pieced:v0.1.26 pieced:v0.1.25 pieced:v0.1.24 pieced:v0.1.23 pieced:v0.1.22 pieced:v0.1.21 pieced:v0.1.20 pieced:v0.1.19 pieced:v0.1.18 pieced:v0.1.17 pieced:v0.1.16 pieced:v0.1.15 pieced:v0.1.14 pieced:v0.1.13 pieced:v0.1.12 pieced:v0.1.11 pieced:v0.1.10 pieced:v0.1.9 pieced:v0.1.8 pieced:v0.1.7 pieced:v0.1.6 pieced:v0.1.5
...
compare: pieced:v0.1.69
Branches Tags
pieced:main
pieced:v0.1.87 pieced:v0.1.86 pieced:v0.1.85 pieced:v0.1.84 pieced:v0.1.83 pieced:v0.1.82 pieced:v0.1.81 pieced:v0.1.80 pieced:v0.1.79 pieced:v0.1.78 pieced:v0.1.77 pieced:v0.1.76 pieced:v0.1.75 pieced:v0.1.74 pieced:v0.1.73 pieced:v0.1.72 pieced:v0.1.71 pieced:v0.1.70 pieced:v0.1.69 pieced:v0.1.68 pieced:v0.1.67 pieced:v0.1.66 pieced:v0.1.65 pieced:v0.1.64 pieced:v0.1.63 pieced:v0.1.62 pieced:v0.1.61 pieced:v0.1.60 pieced:v0.1.59 pieced:v0.1.58 pieced:v0.1.57 pieced:v0.1.56 pieced:v0.1.55 pieced:v0.1.54 pieced:v0.1.53 pieced:v0.1.52 pieced:v0.1.51 pieced:v0.1.50 pieced:v0.1.49 pieced:v0.1.48 pieced:v0.1.47 pieced:v0.1.46 pieced:v0.1.45 pieced:v0.1.44 pieced:v0.1.43 pieced:v0.1.42 pieced:v0.1.41 pieced:v0.1.40 pieced:v0.1.39 pieced:v0.1.38 pieced:v0.1.37 pieced:v0.1.36 pieced:v0.1.35 pieced:v0.1.34 pieced:v0.1.33 pieced:v0.1.32 pieced:v0.1.31 pieced:v0.1.30 pieced:v0.1.29 pieced:v0.1.28 pieced:v0.1.27 pieced:v0.1.26 pieced:v0.1.25 pieced:v0.1.24 pieced:v0.1.23 pieced:v0.1.22 pieced:v0.1.21 pieced:v0.1.20 pieced:v0.1.19 pieced:v0.1.18 pieced:v0.1.17 pieced:v0.1.16 pieced:v0.1.15 pieced:v0.1.14 pieced:v0.1.13 pieced:v0.1.12 pieced:v0.1.11 pieced:v0.1.10 pieced:v0.1.9 pieced:v0.1.8 pieced:v0.1.7 pieced:v0.1.6 pieced:v0.1.5

12 Commits
v0.1.58 ... v0.1.69

Author SHA1 Message Date
admin
1c61111da3 Phase7: Void/Refund logic
All checks were successful
Build and Push / build (push) Successful in 1m46s
Details
2026-05-25 22:52:54 +02:00
admin
6fed5b083b Phase7: Void/Refund logic
All checks were successful
Build and Push / build (push) Successful in 1m42s
Details
2026-05-25 22:39:27 +02:00
admin
4f868d751e Phase7: Void/Refund logic
All checks were successful
Build and Push / build (push) Successful in 1m43s
Details
2026-05-25 22:00:24 +02:00
admin
e15a668f8e Phase7: Void/Refund logic
Some checks failed
Build and Push / build (push) Failing after 52s
Details
2026-05-25 21:54:51 +02:00
admin
9cd9879a18 Phase6c: Optional Company contact name
All checks were successful
Build and Push / build (push) Successful in 1m42s
Details
2026-05-25 20:21:26 +02:00
admin
323786672f Phase6c: Optional Company contact name
All checks were successful
Build and Push / build (push) Successful in 1m42s
Details
2026-05-25 14:08:18 +02:00
admin
a1769eeb00 Phase6c: Optional Company contact name
All checks were successful
Build and Push / build (push) Successful in 1m40s
Details
2026-05-25 13:50:16 +02:00
admin
002867850d Phase6c: Optional Company contact name
All checks were successful
Build and Push / build (push) Successful in 1m38s
Details
2026-05-25 13:28:56 +02:00
admin
eea027b3b0 Phase6c: Optional Company contact name
All checks were successful
Build and Push / build (push) Successful in 1m38s
Details
2026-05-25 13:14:36 +02:00
admin
522246e386 Phase6c: Optional Company contact name
All checks were successful
Build and Push / build (push) Successful in 1m40s
Details
2026-05-25 12:54:12 +02:00
admin
b3131f7710 Phase6: Customer Billing details
All checks were successful
Build and Push / build (push) Successful in 1m43s
Details
2026-05-25 12:15:48 +02:00
admin
fadfdd3435 Phase6: Customer Billing details
All checks were successful
Build and Push / build (push) Successful in 1m46s
Details
2026-05-25 11:47:14 +02:00
37 changed files with 4109 additions and 290 deletions
Expand all files Collapse all files

13
src/app/[locale]/admin/billing/invoices/[id]/page.tsx
View File

@@ -1,7 +1,7 @@
import { notFound, redirect } from "next/navigation"; import { notFound, redirect } from "next/navigation";
import { getTranslations } from "next-intl/server"; import { getTranslations } from "next-intl/server";
import { getSessionUser } from "@/lib/session"; import { getSessionUser } from "@/lib/session";
import { getInvoiceDetail } from "@/lib/db"; import { getInvoiceDetail, listCreditNotesForInvoice } from "@/lib/db";
import { BackLink } from "@/components/ui/back-link"; import { BackLink } from "@/components/ui/back-link";
import { InvoiceDetailView } from "@/components/admin/billing/invoice-detail-view"; import { InvoiceDetailView } from "@/components/admin/billing/invoice-detail-view";
@@ -9,8 +9,12 @@ import { InvoiceDetailView } from "@/components/admin/billing/invoice-detail-vie
* /admin/billing/invoices/[id] — full detail of one invoice. * /admin/billing/invoices/[id] — full detail of one invoice.
* *
* Server-renders the static body (header, lines, totals, billing * Server-renders the static body (header, lines, totals, billing
* snapshot); the action bar (mark-paid, delete, PDF download) is * snapshot); the action bar (mark-paid, void, refund, delete, PDF
* a client component for the interactive bits. * download) is a client component for the interactive bits.
*
* Phase 7: also passes any linked credit notes so the detail view
* can show the "this invoice was voided / partially refunded" panel
* without an extra round-trip.
*/ */
export default async function AdminInvoiceDetailPage({ export default async function AdminInvoiceDetailPage({
params, params,
@@ -25,11 +29,12 @@ export default async function AdminInvoiceDetailPage({
const { id } = await params; const { id } = await params;
const detail = await getInvoiceDetail(id); const detail = await getInvoiceDetail(id);
if (!detail) notFound(); if (!detail) notFound();
const creditNotes = await listCreditNotesForInvoice(id);
return ( return (
<main className="max-w-4xl mx-auto px-6 py-8"> <main className="max-w-4xl mx-auto px-6 py-8">
<BackLink href="/admin/billing/invoices" label={t("backToInvoices")} /> <BackLink href="/admin/billing/invoices" label={t("backToInvoices")} />
<InvoiceDetailView detail={detail} /> <InvoiceDetailView detail={detail} creditNotes={creditNotes} />
</main> </main>
); );
} }

42
src/app/[locale]/billing/page.tsx
View File

@@ -1,23 +1,30 @@
import { redirect } from "next/navigation"; import { redirect } from "next/navigation";
import { getTranslations } from "next-intl/server"; import { getTranslations } from "next-intl/server";
import { getSessionUser } from "@/lib/session"; import { getSessionUser } from "@/lib/session";
import { listInvoices, syncOverdueInvoices } from "@/lib/db"; import {
listCreditNotesForOrg,
listInvoices,
syncOverdueInvoices,
} from "@/lib/db";
import { CustomerInvoiceList } from "@/components/billing/customer-invoice-list"; import { CustomerInvoiceList } from "@/components/billing/customer-invoice-list";
import { CustomerCreditNoteList } from "@/components/billing/customer-credit-note-list";
import { RunningTotalWidget } from "@/components/billing/running-total-widget"; import { RunningTotalWidget } from "@/components/billing/running-total-widget";
/** /**
* /billing — customer's billing home. * /billing — customer's billing home.
* *
* Shows two things: * Shows three things:
* 1. RunningTotalWidget — current calendar month's accruing cost * 1. RunningTotalWidget — current calendar month's accruing cost
* (or the already-issued invoice for the current month, if * (or the already-issued invoice for the current month, if
* that ran early). * that ran early).
* 2. CustomerInvoiceList — every issued invoice for this org, * 2. CustomerInvoiceList — every issued invoice for this org,
* newest first. Status is reflected with a colored badge. * newest first. Status is reflected with a colored badge.
* 3. CustomerCreditNoteList — Phase 7. Credit notes (voids and
* refunds) for this org, with PDF download links. Hidden
* entirely when there are none (the common case).
* *
* Anyone signed in can view this. The data is org-scoped; even * Anyone signed in can view this. The data is org-scoped; even
* non-owner team members see the same view. Phase 4 will add a * non-owner team members see the same view.
* "settings.payByInvoice" toggle visibility-gated to owners only.
*/ */
export default async function CustomerBillingPage() { export default async function CustomerBillingPage() {
const user = await getSessionUser(); const user = await getSessionUser();
@@ -31,10 +38,11 @@ export default async function CustomerBillingPage() {
console.warn("syncOverdueInvoices failed in /billing:", e); console.warn("syncOverdueInvoices failed in /billing:", e);
} }
const invoices = await listInvoices({ // Parallel fetch — invoices + credit notes are independent.
zitadelOrgId: user.orgId, const [invoices, creditNotes] = await Promise.all([
limit: 200, listInvoices({ zitadelOrgId: user.orgId, limit: 200 }),
}); listCreditNotesForOrg(user.orgId, 200),
]);
return ( return (
<main className="max-w-5xl mx-auto px-6 py-8"> <main className="max-w-5xl mx-auto px-6 py-8">
@@ -49,15 +57,29 @@ export default async function CustomerBillingPage() {
<h2 className="text-xs font-semibold uppercase tracking-wider text-text-muted mb-3"> <h2 className="text-xs font-semibold uppercase tracking-wider text-text-muted mb-3">
{t("currentPeriodHeading")} {t("currentPeriodHeading")}
</h2> </h2>
<RunningTotalWidget /> {/* Phase 6: pass the owner flag so the no-config CTA shows
the right call-to-action vs the right hint. */}
<RunningTotalWidget isOwner={user.roles.includes("owner")} />
</section> </section>
<section className="animate-in animate-in-delay-2"> <section className="animate-in animate-in-delay-2 mb-8">
<h2 className="text-xs font-semibold uppercase tracking-wider text-text-muted mb-3"> <h2 className="text-xs font-semibold uppercase tracking-wider text-text-muted mb-3">
{t("historyHeading")} {t("historyHeading")}
</h2> </h2>
<CustomerInvoiceList invoices={invoices} /> <CustomerInvoiceList invoices={invoices} />
</section> </section>
{/* Phase 7: credit-note section. CustomerCreditNoteList itself
returns null when there are no credit notes, so this whole
section disappears for orgs in normal operation. */}
{creditNotes.length > 0 && (
<section className="animate-in animate-in-delay-3">
<h2 className="text-xs font-semibold uppercase tracking-wider text-text-muted mb-3">
{t("creditNotesHeading")}
</h2>
<CustomerCreditNoteList creditNotes={creditNotes} />
</section>
)}
</main> </main>
); );
} }

1
src/app/[locale]/dashboard/new/page.tsx
View File

@@ -76,6 +76,7 @@ export default async function NewInstancePage() {
userName={user.name} userName={user.name}
userEmail={user.email} userEmail={user.email}
hasOrgBilling={hasOrgBilling} hasOrgBilling={hasOrgBilling}
existingOrgBilling={orgBilling}
/> />
</div> </div>
</div> </div>

1
src/app/[locale]/dashboard/page.tsx
View File

@@ -317,6 +317,7 @@ export default async function DashboardPage() {
userName={user.name} userName={user.name}
userEmail={user.email} userEmail={user.email}
hasOrgBilling={hasOrgBilling} hasOrgBilling={hasOrgBilling}
existingOrgBilling={orgBilling}
/> />
</div> </div>
</div> </div>

51
src/app/[locale]/settings/billing/page.tsx
View File

@@ -1,30 +1,31 @@
import { getTranslations } from "next-intl/server";
import { redirect, notFound } from "next/navigation"; import { redirect, notFound } from "next/navigation";
import { getSessionUser, canMutate } from "@/lib/session"; import { getTranslations } from "next-intl/server";
import { getSessionUser } from "@/lib/session";
import { getOrgBilling } from "@/lib/db"; import { getOrgBilling } from "@/lib/db";
import { BillingSettingsForm } from "@/components/settings/billing-settings-form"; import { BillingSettingsForm } from "@/components/settings/billing-form";
/** /**
* /settings/billing — view and edit org-scoped billing (Bug 34/35). * /settings/billing — customer-side billing details management.
* *
* Server-side fetches the existing record (if any) and passes it to * Owner-only by visibility: non-owner members get a 404 (same
* the client form. The form posts to PUT /api/billing on submit. * response as if the page didn't exist). The link to this page
* is also hidden from non-owners on /billing and elsewhere, but
* the page itself enforces too — a non-owner who learns the URL
* still gets 404, not 403, so the page's existence doesn't leak.
* *
* Access: same gate as the API — owners and platform admins. `user` * First-time visitors see an empty form. Subsequent visits see
* role redirects to /settings (which also wouldn't list billing for * the current values, editable. Save creates or updates via the
* them). 403 here would be friendlier than redirect, but the most * shared upsert path; the row's existence drives whether the
* likely cause of a `user` landing on this URL is sharing a bookmark * monthly issuance cron will pick this org up.
* with their owner — silent redirect is gentle.
*/ */
export default async function BillingSettingsPage() { export default async function BillingSettingsPage() {
const user = await getSessionUser(); const user = await getSessionUser();
if (!user) redirect("/login"); if (!user) redirect("/login");
if (!canMutate(user)) { // Non-owners get a 404 — see comment above.
redirect("/settings"); if (!user.roles.includes("owner")) notFound();
}
const t = await getTranslations("settingsBilling");
const billing = await getOrgBilling(user.orgId); const t = await getTranslations("settingsBilling");
const existing = await getOrgBilling(user.orgId);
return ( return (
<main className="max-w-3xl mx-auto px-6 py-8"> <main className="max-w-3xl mx-auto px-6 py-8">
@@ -32,16 +33,16 @@ export default async function BillingSettingsPage() {
<h1 className="font-display text-2xl font-semibold accent-rule"> <h1 className="font-display text-2xl font-semibold accent-rule">
{t("title")} {t("title")}
</h1> </h1>
<p className="text-sm text-text-secondary mt-3">{t("subtitle")}</p> <p className="text-sm text-text-secondary mt-3">
{user.isPersonal ? t("subtitlePersonal") : t("subtitle")}
</p>
</div>
<div className="animate-in animate-in-delay-1">
<BillingSettingsForm
initial={existing}
isPersonal={user.isPersonal}
/>
</div> </div>
<BillingSettingsForm
initial={billing}
isPersonal={user.isPersonal}
orgName={user.orgName}
userName={user.name}
userEmail={user.email}
/>
</main> </main>
); );
} }

13
src/app/[locale]/settings/page.tsx
View File

@@ -20,8 +20,9 @@ export default async function SettingsPage() {
const t = await getTranslations("settings"); const t = await getTranslations("settings");
// Build the list of settings cards. Each entry has a stable key, a // Build the list of settings cards. Each entry has a stable key, a
// route, and a visibility predicate. Currently only billing; this // route, and a visibility predicate. Phase 6 fix5: profile is
// shape leaves headroom for adding more without restructuring. // visible to every signed-in user (it's their own identity).
// Billing stays gated behind canMutate.
const sections: Array<{ const sections: Array<{
key: string; key: string;
href: string; href: string;
@@ -29,6 +30,14 @@ export default async function SettingsPage() {
description: string; description: string;
visible: boolean; visible: boolean;
}> = [ }> = [
{
key: "profile",
href: "/settings/profile",
title: t("profileTitle"),
description: t("profileDescription"),
// Every signed-in user can edit their own first/last name.
visible: true,
},
{ {
key: "billing", key: "billing",
href: "/settings/billing", href: "/settings/billing",

68
src/app/[locale]/settings/profile/page.tsx Normal file
View File

@@ -0,0 +1,68 @@
import { redirect } from "next/navigation";
import { getTranslations } from "next-intl/server";
import { getSessionUser } from "@/lib/session";
import { getHumanUserDetail } from "@/lib/zitadel";
import { ProfileSettingsForm } from "@/components/settings/profile-form";
/**
* /settings/profile — every authenticated user can edit their own
* first + last name. Email is shown read-only; changing it requires
* verification and is left to ZITADEL's own self-service flow.
*
* Personal vs company accounts:
* - Both can edit their first/last name in ZITADEL.
* - Personal accounts get an extra hint: editing the ZITADEL name
* does NOT change how the customer's name appears on invoices.
* Invoice identity is in org_billing.company_name (the "Full
* name" field on /settings/billing) and is intentionally
* editable separately, because legal/billing identity may not
* match preferred display identity.
* - Company accounts see an org-membership hint instead.
*
* Server-fetches the current profile from ZITADEL via the
* service-account PAT so the form starts with the canonical values
* rather than whatever happens to be in the JWT (the JWT name might
* be stale if the user updated their name in ZITADEL Console).
*/
export default async function ProfileSettingsPage() {
const user = await getSessionUser();
if (!user) redirect("/login");
const t = await getTranslations("settingsProfile");
let initial = { firstName: "", lastName: "", email: user.email };
try {
const profile = await getHumanUserDetail(user.id);
initial = {
firstName: profile.givenName,
lastName: profile.familyName,
email: profile.email || user.email,
};
} catch (e) {
// Identity provider unreachable: render the form with whatever
// we know from the session. The session has a combined `name`,
// not split parts, so we leave first/last empty and let the user
// re-enter. Server logs catch the underlying failure.
console.error("ProfileSettingsPage: getHumanUserDetail failed:", e);
}
return (
<main className="max-w-3xl mx-auto px-6 py-8">
<div className="mb-8 animate-in">
<h1 className="font-display text-2xl font-semibold accent-rule">
{t("title")}
</h1>
<p className="text-sm text-text-secondary mt-3">
{user.isPersonal ? t("subtitlePersonal") : t("subtitle")}
</p>
</div>
<div className="animate-in animate-in-delay-1">
<ProfileSettingsForm
initial={initial}
isPersonal={user.isPersonal}
orgName={user.orgName}
/>
</div>
</main>
);
}

88
src/app/api/admin/billing/invoices/[id]/refund/route.ts Normal file
View File

@@ -0,0 +1,88 @@
import { NextResponse } from "next/server";
import { z } from "zod";
import { requirePlatformRole, getSessionUser } from "@/lib/session";
import { refundInvoice, RefundNotAllowedError } from "@/lib/billing";
import { safeError } from "@/lib/errors";
/**
* POST /api/admin/billing/invoices/[id]/refund
*
* Phase 7. Refunds a paid invoice (full or partial) and issues a
* credit note. For Stripe-paid invoices, calls Stripe's Refund API
* before any local recording. For invoice-paid customers (bank
* transfer), records the refund locally and assumes the admin
* handled the actual money movement out-of-band.
*
* Body:
* {
* amountChf: number, // positive, <= remaining refundable
* reason: string // required, free-text, max 500
* }
*
* Authorization: platform admin.
*
* Status codes:
* 200 — refund issued, credit note returned
* 400 — bad request (zero/negative amount, etc.)
* 401 / 403 — not authenticated / not platform admin
* 409 — invoice not in a refundable state, or amount exceeds remaining
* 500 — Stripe call failed or another internal error
*
* Idempotency caveats: this endpoint is NOT idempotent against
* client retries. Issuing two refunds quickly will result in two
* Stripe refund calls (and two credit notes). The admin UI should
* disable the submit button while the request is in flight to
* prevent accidental double-clicks. The Stripe charge.refunded
* webhook is idempotent and will not double-count if it fires
* after this endpoint already recorded the refund.
*/
const bodySchema = z.object({
amountChf: z.number().positive().multipleOf(0.01),
reason: z.string().trim().min(1).max(500),
});
export async function POST(
request: Request,
{ params }: { params: Promise<{ id: string }> }
) {
let user;
try {
await requirePlatformRole();
user = await getSessionUser();
} catch {
return NextResponse.json({ error: "Forbidden" }, { status: 403 });
}
if (!user) {
return NextResponse.json({ error: "Unauthorized" }, { status: 401 });
}
const { id } = await params;
const body = await request.json().catch(() => ({}));
const parsed = bodySchema.safeParse(body);
if (!parsed.success) {
return NextResponse.json(
{ error: "Invalid request", details: parsed.error.flatten() },
{ status: 400 }
);
}
try {
const creditNote = await refundInvoice({
invoiceId: id,
amountChf: parsed.data.amountChf,
reason: parsed.data.reason,
refundedBy: user.id,
});
return NextResponse.json({ creditNote });
} catch (e) {
if (e instanceof RefundNotAllowedError) {
return NextResponse.json(
{ error: e.message, currentStatus: e.currentStatus },
{ status: 409 }
);
}
return NextResponse.json(
{ error: safeError(e, "Refund failed") },
{ status: 500 }
);
}
}

77
src/app/api/admin/billing/invoices/[id]/void/route.ts Normal file
View File

@@ -0,0 +1,77 @@
import { NextResponse } from "next/server";
import { z } from "zod";
import { requirePlatformRole, getSessionUser } from "@/lib/session";
import { voidInvoice, VoidNotAllowedError } from "@/lib/billing";
import { safeError } from "@/lib/errors";
/**
* POST /api/admin/billing/invoices/[id]/void
*
* Phase 7. Voids an unpaid invoice and issues a credit note.
*
* Body:
* {
* reason: string // required, free-text, max 500
* }
*
* Authorization: platform admin (same as mark-paid, generate, etc.).
* The acting user's ID lands in invoices.voided_by and on the
* credit_notes.issued_by audit columns.
*
* Status codes:
* 200 — voided, credit note returned in body
* 400 — bad request (missing reason etc.)
* 401 / 403 — not authenticated / not platform admin
* 409 — invoice not in a voidable state
* 500 — anything else (Stripe shouldn't apply here, but if PDF
* render fails the void still went through — see body
* payload for the credit-note number to re-render later)
*/
const bodySchema = z.object({
reason: z.string().trim().min(1).max(500),
});
export async function POST(
request: Request,
{ params }: { params: Promise<{ id: string }> }
) {
let user;
try {
await requirePlatformRole();
user = await getSessionUser();
} catch {
return NextResponse.json({ error: "Forbidden" }, { status: 403 });
}
if (!user) {
return NextResponse.json({ error: "Unauthorized" }, { status: 401 });
}
const { id } = await params;
const body = await request.json().catch(() => ({}));
const parsed = bodySchema.safeParse(body);
if (!parsed.success) {
return NextResponse.json(
{ error: "Invalid request", details: parsed.error.flatten() },
{ status: 400 }
);
}
try {
const creditNote = await voidInvoice({
invoiceId: id,
reason: parsed.data.reason,
voidedBy: user.id,
});
return NextResponse.json({ creditNote });
} catch (e) {
if (e instanceof VoidNotAllowedError) {
return NextResponse.json(
{ error: e.message, currentStatus: e.currentStatus },
{ status: 409 }
);
}
return NextResponse.json(
{ error: safeError(e, "Void failed") },
{ status: 500 }
);
}
}

64
src/app/api/credit-notes/[number]/pdf/route.ts Normal file
View File

@@ -0,0 +1,64 @@
import { NextResponse } from "next/server";
import { getSessionUser } from "@/lib/session";
import {
getCreditNoteByNumber,
getCreditNoteByNumberForOrg,
getCreditNotePdf,
} from "@/lib/db";
/**
* GET /api/credit-notes/[number]/pdf
*
* Phase 7. Customer-facing PDF download for a credit note. Returns
* the binary PDF with Content-Disposition: inline so the browser
* renders it in-tab (matching the invoice download behaviour). The
* customer's email links here.
*
* Authorization:
* - The caller must be authenticated.
* - For customer-org callers, the credit note must belong to their
* org (orgId-scoped lookup).
* - Platform admins can fetch any credit note (cross-org lookup).
*
* Returns 404 in both "doesn't exist" and "exists but not yours"
* cases — leak-safe identical to invoice lookup.
*/
export async function GET(
_request: Request,
{ params }: { params: Promise<{ number: string }> }
) {
const user = await getSessionUser();
if (!user) {
return NextResponse.json({ error: "Unauthorized" }, { status: 401 });
}
const { number } = await params;
// URL-decoded number — the route param comes URL-encoded.
const decodedNumber = decodeURIComponent(number);
const cn = user.isPlatform
? await getCreditNoteByNumber(decodedNumber)
: await getCreditNoteByNumberForOrg(decodedNumber, user.orgId);
if (!cn) {
return NextResponse.json({ error: "Not found" }, { status: 404 });
}
const pdf = await getCreditNotePdf(cn.id);
if (!pdf) {
// The credit note exists but the PDF was never attached. Most
// likely a render failure during issuance — the credit note
// row is still authoritative, the PDF needs re-rendering.
return NextResponse.json(
{
error:
"Credit note exists but its PDF has not been rendered. Please contact support.",
},
{ status: 502 }
);
}
return new NextResponse(new Uint8Array(pdf.data), {
status: 200,
headers: {
"Content-Type": "application/pdf",
"Content-Disposition": `inline; filename="${pdf.filename}"`,
"Cache-Control": "private, no-cache",
},
});
}

21
src/app/api/onboarding/route.ts
View File

@@ -252,11 +252,24 @@ export async function POST(request: Request) {
} }
} }
// For follow-up instances, prefer the on-file company name and contact // The audit copy of company name on this request stays inherited
// details; the user can't change those by re-typing them in the wizard. // from the first request in the org — it's a historical snapshot
// of the company name at the time the request was created, and
// org_billing is now the canonical source for current values.
//
// Phase 6 fix4: contactName and contactEmail are NOT inherited.
// They identify whoever submitted THIS specific request (drives
// admin display, support ticket routing, and email greetings).
// The previous "prior?.contactName ?? user.name" pattern locked
// the contact to whoever first onboarded the org, which broke for
// any subsequent submission by a different user — admin saw the
// wrong name, support emails went to the wrong person, and the
// actual submitter had no way to correct it because the wizard
// doesn't expose a contact-name input. The fix is simply to use
// the current session user every time.
const companyName = prior?.companyName ?? user.orgName; const companyName = prior?.companyName ?? user.orgName;
const contactName = prior?.contactName ?? user.name; const contactName = user.name;
const contactEmail = prior?.contactEmail ?? user.email; const contactEmail = user.email;
// Bug 35: org-scoped billing. // Bug 35: org-scoped billing.
// //

90
src/app/api/settings/billing/route.ts Normal file
View File

@@ -0,0 +1,90 @@
import { NextResponse } from "next/server";
import { z } from "zod";
import { getSessionUser } from "@/lib/session";
import { getOrgBilling, upsertOrgBilling } from "@/lib/db";
/**
* GET /api/settings/billing — read the caller's org_billing row.
* Returns null if the org hasn't configured billing yet — the
* form renders empty and the PUT will create on first save.
*
* PUT /api/settings/billing — upsert the row.
*
* Authorization: caller must have role "owner" in their org.
* Non-owners get 403 (they shouldn't have reached the page UI
* anyway, which hides the link, but the API enforces too — a
* non-owner who hits this directly with curl gets refused).
*
* Personal accounts are inherently their own owner (single-user
* org), so user.roles.includes("owner") returns true and they
* can manage their own billing.
*/
const upsertSchema = z.object({
companyName: z.string().trim().min(1).max(200),
// Phase 6 fix: optional "z.Hd." / "Attn:" line. Personal accounts
// never send this (the UI hides the field); orgs may set or leave
// it empty.
contactName: z.string().trim().max(200).optional().nullable(),
streetAddress: z.string().trim().min(1).max(200),
postalCode: z.string().trim().min(1).max(20),
city: z.string().trim().min(1).max(100),
// ISO 3166-1 alpha-2. We normalise to uppercase server-side.
country: z
.string()
.trim()
.length(2)
.regex(/^[A-Za-z]{2}$/, "Use a 2-letter ISO country code (CH, DE, …)"),
vatNumber: z.string().trim().max(40).optional().nullable(),
billingEmail: z.string().trim().email().max(200),
notes: z.string().trim().max(2000).optional().nullable(),
});
function requireOwner(user: { roles: string[] } | null) {
if (!user) return false;
return user.roles.includes("owner");
}
export async function GET() {
const user = await getSessionUser();
if (!user) {
return NextResponse.json({ error: "Unauthorized" }, { status: 401 });
}
if (!requireOwner(user as any)) {
return NextResponse.json({ error: "Forbidden" }, { status: 403 });
}
const billing = await getOrgBilling(user.orgId);
return NextResponse.json({ billing });
}
export async function PUT(request: Request) {
const user = await getSessionUser();
if (!user) {
return NextResponse.json({ error: "Unauthorized" }, { status: 401 });
}
if (!requireOwner(user as any)) {
return NextResponse.json({ error: "Forbidden" }, { status: 403 });
}
const body = await request.json().catch(() => ({}));
const parsed = upsertSchema.safeParse(body);
if (!parsed.success) {
return NextResponse.json(
{ error: "Invalid request", details: parsed.error.flatten() },
{ status: 400 }
);
}
const data = parsed.data;
const billing = await upsertOrgBilling({
zitadelOrgId: user.orgId,
companyName: data.companyName,
contactName: data.contactName ?? null,
streetAddress: data.streetAddress,
postalCode: data.postalCode,
city: data.city,
country: data.country.toUpperCase(),
vatNumber: data.vatNumber ?? null,
billingEmail: data.billingEmail,
notes: data.notes ?? null,
});
return NextResponse.json({ billing });
}

81
src/app/api/settings/profile/route.ts Normal file
View File

@@ -0,0 +1,81 @@
import { NextResponse } from "next/server";
import { z } from "zod";
import { getSessionUser } from "@/lib/session";
import {
getHumanUserDetail,
updateHumanUserProfile,
} from "@/lib/zitadel";
/**
* GET /api/settings/profile — read the caller's ZITADEL profile.
* Returns first/last/display name and email. Used by the settings
* page server component to populate the form.
*
* PUT /api/settings/profile — update first + last name. Email is
* NOT mutable here — changing email needs verification flow that
* ZITADEL's own self-service UI already provides; we don't
* duplicate that.
*
* Authorization: any authenticated user can edit their own profile.
* The PAT (ZITADEL_SA_PAT) is used to call the ZITADEL v2 user
* service, but only against the caller's own userId. There is no
* userId field on the request — it's always derived from the
* session, so the route can't be abused to edit other users.
*/
const updateSchema = z.object({
firstName: z.string().trim().min(1).max(100),
lastName: z.string().trim().min(1).max(100),
});
export async function GET() {
const user = await getSessionUser();
if (!user) {
return NextResponse.json({ error: "Unauthorized" }, { status: 401 });
}
try {
const profile = await getHumanUserDetail(user.id);
return NextResponse.json({ profile });
} catch (e: any) {
// Surface ZITADEL-side failures (e.g. user not found, PAT expired)
// as 502 — the portal couldn't reach its identity provider, which
// is operationally different from a 4xx on the caller's input.
console.error("getHumanUserDetail failed:", e);
return NextResponse.json(
{ error: "Could not load profile from identity provider" },
{ status: 502 }
);
}
}
export async function PUT(request: Request) {
const user = await getSessionUser();
if (!user) {
return NextResponse.json({ error: "Unauthorized" }, { status: 401 });
}
const body = await request.json().catch(() => ({}));
const parsed = updateSchema.safeParse(body);
if (!parsed.success) {
return NextResponse.json(
{ error: "Invalid request", details: parsed.error.flatten() },
{ status: 400 }
);
}
try {
const result = await updateHumanUserProfile({
userId: user.id,
givenName: parsed.data.firstName,
familyName: parsed.data.lastName,
});
return NextResponse.json({
displayName: result.displayName,
changeDate: result.changeDate,
});
} catch (e: any) {
console.error("updateHumanUserProfile failed:", e);
return NextResponse.json(
{ error: "Could not update profile in identity provider" },
{ status: 502 }
);
}
}

107
src/app/api/stripe/webhook/route.ts
View File

@@ -2,11 +2,14 @@ import { NextResponse } from "next/server";
import type Stripe from "stripe"; import type Stripe from "stripe";
import { getStripeClient, getWebhookSecret } from "@/lib/stripe"; import { getStripeClient, getWebhookSecret } from "@/lib/stripe";
import { import {
getInvoiceByStripePaymentIntent,
isStripeRefundRecorded,
markInvoicePaid, markInvoicePaid,
markStripeEventProcessed, markStripeEventProcessed,
setInvoiceStripePaymentIntent, setInvoiceStripePaymentIntent,
tryRecordStripeEvent, tryRecordStripeEvent,
} from "@/lib/db"; } from "@/lib/db";
import { refundInvoice, RefundNotAllowedError } from "@/lib/billing";
/** /**
* POST /api/stripe/webhook * POST /api/stripe/webhook
@@ -209,13 +212,103 @@ async function handleCheckoutCompleted(
} }
async function handleChargeRefunded(charge: Stripe.Charge): Promise<void> { async function handleChargeRefunded(charge: Stripe.Charge): Promise<void> {
// v1 scope: log only. Refunds always go through Stripe → admin // Phase 7: mirror Stripe refunds into the portal so credit notes
// initiates them in the dashboard. Updating our invoice status // are issued for refunds initiated in the Stripe Dashboard. For
// to 'void' or partial-credit needs more product thinking // refunds initiated via /api/admin/.../refund, this handler is a
// (partial refunds? credit notes? VAT corrections?). Phase 7. // no-op (each refund's stripe_refund_id is already recorded
console.log( // before the webhook lands — refundInvoice records it
`Charge ${charge.id} refunded (amount ${charge.amount_refunded} ${charge.currency}); no portal-side state change.` // synchronously after the Stripe API call).
); //
// A charge can have multiple refund objects (multiple partial
// refunds against the same charge accumulate here). We iterate
// and process any that aren't yet recorded in our DB.
const paymentIntentId =
typeof charge.payment_intent === "string"
? charge.payment_intent
: charge.payment_intent?.id;
if (!paymentIntentId) {
console.error(
`charge.refunded for charge ${charge.id} has no payment_intent; cannot link to invoice.`
);
return;
}
const invoice = await getInvoiceByStripePaymentIntent(paymentIntentId);
if (!invoice) {
console.error(
`charge.refunded for payment_intent ${paymentIntentId} has no matching invoice; ignoring.`
);
return;
}
const refundsList = charge.refunds?.data ?? [];
if (refundsList.length === 0) {
// Some charge.refunded events fire with the refunds list
// collapsed (the object includes the aggregated amount_refunded
// but the data array can be omitted depending on Stripe's
// expansion choices). In that case there's nothing for us to
// iterate over here; the actual `refund.created` /
// `refund.updated` events carry per-refund detail and we'd need
// to enable those in Stripe to handle them. For v1 we log and
// rely on the in-portal admin path (refundInvoice) being the
// only refund initiator.
console.log(
`charge.refunded for charge ${charge.id} arrived without refund objects in data; in-portal flow assumed.`
);
return;
}
for (const refund of refundsList) {
try {
// Idempotency: skip refunds we already recorded (either via
// portal admin action or a prior webhook delivery).
if (await isStripeRefundRecorded(refund.id)) {
continue;
}
const amountChf = (refund.amount ?? 0) / 100;
if (amountChf <= 0) continue;
// Map Stripe refund status to ours. Anything other than the
// canonical four falls through to 'pending' so we don't lose
// the record entirely.
let status: "pending" | "succeeded" | "failed" | "canceled" = "pending";
if (refund.status === "succeeded") status = "succeeded";
else if (refund.status === "failed") status = "failed";
else if (refund.status === "canceled") status = "canceled";
// For refunds that originated in Stripe Dashboard we don't
// have a reason to display. Use a sentinel string so the
// credit note PDF has something to print. Admin can edit
// post-hoc if needed (no UI for that today, but the DB row
// is reachable).
const reason = refund.reason
? `Stripe Dashboard: ${refund.reason}`
: "Refund issued via Stripe Dashboard";
// refundInvoice with existingStripeRefund: don't call Stripe
// again (we'd error since the refund already exists), just
// mirror the record into our DB and issue the credit note.
await refundInvoice({
invoiceId: invoice.id,
amountChf,
reason,
refundedBy: "stripe-webhook",
existingStripeRefund: { id: refund.id, status },
});
console.log(
`Mirrored Stripe refund ${refund.id} for invoice ${invoice.invoiceNumber} (CHF ${amountChf.toFixed(2)}).`
);
} catch (e) {
if (e instanceof RefundNotAllowedError) {
// The invoice was already fully refunded by an earlier
// webhook delivery or by an in-portal action. That's fine.
console.log(
`Stripe refund ${refund.id}: ${e.message} (already accounted for).`
);
continue;
}
// For any other error, log but continue to the next refund —
// we don't want one bad refund to block the rest.
console.error(
`Failed to mirror Stripe refund ${refund.id} for invoice ${invoice.invoiceNumber}:`,
e
);
}
}
} }
async function handlePaymentFailed( async function handlePaymentFailed(

346
src/components/admin/billing/invoice-detail-view.tsx
View File

@@ -4,33 +4,61 @@ import { useState, Fragment } from "react";
import { useRouter } from "next/navigation"; import { useRouter } from "next/navigation";
import { useTranslations } from "next-intl"; import { useTranslations } from "next-intl";
import { Card, CardHeader } from "@/components/ui/card"; import { Card, CardHeader } from "@/components/ui/card";
import type { InvoiceDetail, InvoiceStatus } from "@/types"; import type { CreditNote, InvoiceDetail, InvoiceStatus } from "@/types";
interface Props { interface Props {
detail: InvoiceDetail; detail: InvoiceDetail;
/**
* Phase 7: credit notes linked to this invoice (voids + refunds).
* Empty array when none. Passed from the server page; client
* doesn't re-fetch — router.refresh() rebuilds after actions.
*/
creditNotes?: CreditNote[];
} }
/** /**
* Renders the invoice header (status, totals, action bar) then * Renders the invoice header (status, totals, action bar) then
* line items grouped by tenant, then billing snapshot. Actions are * line items grouped by tenant, then billing snapshot. Actions are
* mark-paid (POST), delete (DELETE), PDF download (link to /pdf). * mark-paid (POST), void (POST), refund (POST), delete (DELETE),
* PDF download (link to /pdf).
*
* Phase 7 adds void + refund. The action bar shows:
* - status open/overdue → Mark paid, Void, Delete
* - status paid → Refund, Delete
* - status partially_refunded → Refund (for remainder), Delete
* - status fully_refunded / void → Delete only (read-only otherwise)
* *
* On successful action we router.refresh() — the server-side page * On successful action we router.refresh() — the server-side page
* re-renders against the new DB state. For delete we navigate * re-renders against the new DB state, including any new credit
* away first. * notes.
*/ */
export function InvoiceDetailView({ detail }: Props) { export function InvoiceDetailView({ detail, creditNotes = [] }: Props) {
const t = useTranslations("adminBilling"); const t = useTranslations("adminBilling");
const router = useRouter(); const router = useRouter();
const { invoice, lines } = detail; const { invoice, lines } = detail;
const [busyAction, setBusyAction] = useState<null | "mark-paid" | "delete">( const [busyAction, setBusyAction] = useState<
null null | "mark-paid" | "delete" | "void" | "refund"
); >(null);
const [actionError, setActionError] = useState(""); const [actionError, setActionError] = useState("");
const [noteInput, setNoteInput] = useState(""); const [noteInput, setNoteInput] = useState("");
const [noteOpen, setNoteOpen] = useState(false); const [noteOpen, setNoteOpen] = useState(false);
// Phase 7 — void modal state
const [voidOpen, setVoidOpen] = useState(false);
const [voidReason, setVoidReason] = useState("");
// Phase 7 — refund modal state. Amount defaults to the full
// remaining refundable on open.
const [refundOpen, setRefundOpen] = useState(false);
const [refundAmount, setRefundAmount] = useState("");
const [refundReason, setRefundReason] = useState("");
const remainingRefundable =
Math.round(
(invoice.totalChf - invoice.refundedTotalChf) * 100
) / 100;
const markPaid = async () => { const markPaid = async () => {
setActionError(""); setActionError("");
setBusyAction("mark-paid"); setBusyAction("mark-paid");
@@ -75,6 +103,84 @@ export function InvoiceDetailView({ detail }: Props) {
} }
}; };
// Phase 7 — void: marks an unpaid invoice as cancelled and issues
// a credit note. Backend rejects if the invoice is paid (use
// refund) or already voided/refunded.
const voidInvoice = async () => {
if (!voidReason.trim()) {
setActionError(t("voidReasonRequired"));
return;
}
setActionError("");
setBusyAction("void");
try {
const res = await fetch(
`/api/admin/billing/invoices/${invoice.id}/void`,
{
method: "POST",
headers: { "Content-Type": "application/json" },
body: JSON.stringify({ reason: voidReason }),
}
);
const j = await res.json().catch(() => ({}));
if (!res.ok) throw new Error(j.error || `HTTP ${res.status}`);
setVoidOpen(false);
setVoidReason("");
router.refresh();
} catch (e: any) {
setActionError(e.message);
} finally {
setBusyAction(null);
}
};
// Phase 7 — refund: paid invoices only. Amount may be partial;
// backend caps at remaining refundable.
const refundInvoice = async () => {
const amt = parseFloat(refundAmount);
if (!isFinite(amt) || amt <= 0) {
setActionError(t("refundAmountInvalid"));
return;
}
if (amt - remainingRefundable > 0.005) {
setActionError(
t("refundAmountExceeds", {
max: remainingRefundable.toFixed(2),
})
);
return;
}
if (!refundReason.trim()) {
setActionError(t("refundReasonRequired"));
return;
}
setActionError("");
setBusyAction("refund");
try {
const res = await fetch(
`/api/admin/billing/invoices/${invoice.id}/refund`,
{
method: "POST",
headers: { "Content-Type": "application/json" },
body: JSON.stringify({
amountChf: Math.round(amt * 100) / 100,
reason: refundReason,
}),
}
);
const j = await res.json().catch(() => ({}));
if (!res.ok) throw new Error(j.error || `HTTP ${res.status}`);
setRefundOpen(false);
setRefundAmount("");
setRefundReason("");
router.refresh();
} catch (e: any) {
setActionError(e.message);
} finally {
setBusyAction(null);
}
};
// Group lines by tenant for display (matches PDF layout). // Group lines by tenant for display (matches PDF layout).
const linesByTenant = new Map<string | null, typeof lines>(); const linesByTenant = new Map<string | null, typeof lines>();
for (const ln of lines) { for (const ln of lines) {
@@ -171,6 +277,144 @@ export function InvoiceDetailView({ detail }: Props) {
)} )}
</> </>
)} )}
{/* Phase 7 — Void: visible only for open/overdue invoices.
Same gating as Mark Paid but mutually exclusive with it
via the chosen action. Opens a small inline form so
the admin can enter a reason; reason is required and
lands on the credit-note PDF. */}
{(invoice.status === "open" || invoice.status === "overdue") && (
<>
{!voidOpen ? (
<button
onClick={() => {
setVoidOpen(true);
setNoteOpen(false);
setRefundOpen(false);
}}
disabled={busyAction !== null}
className="px-4 py-2 rounded-md border border-error text-error text-sm disabled:opacity-50 hover:bg-error/10"
>
{t("voidBtn")}
</button>
) : (
<div className="flex items-center gap-2 flex-grow">
<input
type="text"
placeholder={t("voidReasonPlaceholder")}
value={voidReason}
onChange={(e) => setVoidReason(e.target.value)}
maxLength={500}
className="flex-grow px-3 py-1.5 rounded-md border border-border bg-surface-2 text-sm"
autoFocus
/>
<button
onClick={voidInvoice}
disabled={busyAction !== null}
className="px-3 py-1.5 rounded-md bg-error text-white text-sm disabled:opacity-50"
>
{busyAction === "void" ? t("saving") : t("confirmVoid")}
</button>
<button
onClick={() => {
setVoidOpen(false);
setVoidReason("");
}}
className="px-3 py-1.5 rounded-md border border-border text-sm"
>
{t("cancel")}
</button>
</div>
)}
</>
)}
{/* Phase 7 — Refund: paid invoices, including ones already
partially refunded (as long as some refundable amount
remains). Opens an inline form with amount + reason.
The remaining-refundable hint helps admin pick the
right number. */}
{(invoice.status === "paid" ||
invoice.status === "partially_refunded") &&
remainingRefundable > 0 && (
<>
{!refundOpen ? (
<button
onClick={() => {
setRefundOpen(true);
setNoteOpen(false);
setVoidOpen(false);
setRefundAmount(remainingRefundable.toFixed(2));
}}
disabled={busyAction !== null}
className="px-4 py-2 rounded-md border border-error text-error text-sm disabled:opacity-50 hover:bg-error/10"
>
{t("refundBtn")}
</button>
) : (
<div className="flex flex-col gap-2 flex-grow">
<div className="text-xs text-text-muted">
{t("refundRemainingHint", {
max: remainingRefundable.toFixed(2),
})}
</div>
<div className="flex items-center gap-4 flex-wrap">
<div className="flex flex-col gap-1">
<label className="text-[10px] uppercase tracking-wider text-text-muted">
{t("refundAmountLabel")}
</label>
<input
type="number"
step="0.01"
min="0.01"
max={remainingRefundable}
placeholder="CHF"
value={refundAmount}
onChange={(e) => setRefundAmount(e.target.value)}
className="w-32 px-3 py-1.5 rounded-md border border-border bg-surface-2 text-sm font-mono"
autoFocus
/>
<span className="text-[10px] text-text-muted italic">
{t("refundAmountInclVatHint")}
</span>
</div>
<div className="flex flex-col gap-1 flex-grow min-w-[200px]">
<label className="text-[10px] uppercase tracking-wider text-text-muted">
{t("refundReasonLabel")}
</label>
<input
type="text"
placeholder={t("refundReasonPlaceholder")}
value={refundReason}
onChange={(e) => setRefundReason(e.target.value)}
maxLength={500}
className="w-full px-3 py-1.5 rounded-md border border-border bg-surface-2 text-sm"
/>
</div>
<div className="flex items-center gap-2 self-end">
<button
onClick={refundInvoice}
disabled={busyAction !== null}
className="px-3 py-1.5 rounded-md bg-error text-white text-sm disabled:opacity-50"
>
{busyAction === "refund"
? t("saving")
: t("confirmRefund")}
</button>
<button
onClick={() => {
setRefundOpen(false);
setRefundAmount("");
setRefundReason("");
}}
className="px-3 py-1.5 rounded-md border border-border text-sm"
>
{t("cancel")}
</button>
</div>
</div>
</div>
)}
</>
)}
<button <button
onClick={deleteInvoice} onClick={deleteInvoice}
disabled={busyAction !== null} disabled={busyAction !== null}
@@ -189,8 +433,90 @@ export function InvoiceDetailView({ detail }: Props) {
{invoice.paidMethodDetail} {invoice.paidMethodDetail}
</div> </div>
)} )}
{/* Phase 7 — void/refund summary lines, shown when applicable.
Surfaces the auditing context that the columns alone don't
(who voided, what the reason was, how much has been
refunded vs how much remains). */}
{invoice.voidedAt && (
<div className="mt-3 text-xs text-text-muted">
{t("voidedOnLabel")}: {invoice.voidedAt} · {invoice.voidedBy}
{invoice.voidReason ? ` · ${invoice.voidReason}` : ""}
</div>
)}
{invoice.refundedTotalChf > 0 && (
<div className="mt-3 text-xs text-text-muted">
{t("refundedTotalLabel")}: CHF{" "}
{invoice.refundedTotalChf.toFixed(2)} ·{" "}
{t("refundedRemainingLabel")}: CHF{" "}
{remainingRefundable.toFixed(2)}
</div>
)}
</Card> </Card>
{/* Phase 7 — linked credit notes panel. Hidden when there are
none (most invoices). When present, lists each credit note
with kind, amount, reason, issued date, and PDF download. */}
{creditNotes.length > 0 && (
<Card>
<CardHeader>{t("creditNotesPanelTitle")}</CardHeader>
<table className="w-full text-sm">
<thead className="text-xs text-text-muted text-left">
<tr>
<th className="pb-2">{t("creditNoteNumberHeader")}</th>
<th className="pb-2">{t("creditNoteKindHeader")}</th>
<th className="pb-2 text-right">
{t("creditNoteAmountHeader")}
</th>
<th className="pb-2">{t("creditNoteReasonHeader")}</th>
<th className="pb-2">{t("creditNoteIssuedHeader")}</th>
<th className="pb-2 text-right">{t("creditNotePdfHeader")}</th>
</tr>
</thead>
<tbody>
{creditNotes.map((cn) => (
<tr key={cn.id} className="border-t border-border">
<td className="py-2 font-mono text-xs">
{cn.creditNoteNumber}
</td>
<td className="py-2">
<span className="px-2 py-0.5 rounded text-xs text-error bg-error/10">
{t(`creditNoteKind_${cn.kind}` as any)}
</span>
</td>
<td className="py-2 text-right font-mono">
CHF {cn.amountChf.toFixed(2)}
</td>
<td className="py-2 text-text-secondary text-xs">
{cn.reason ?? "—"}
</td>
<td className="py-2 text-xs text-text-muted">
{cn.issuedAt.slice(0, 10)}
</td>
<td className="py-2 text-right">
{cn.hasPdf ? (
<a
href={`/api/credit-notes/${encodeURIComponent(
cn.creditNoteNumber
)}/pdf`}
target="_blank"
rel="noopener noreferrer"
className="text-accent hover:underline text-xs"
>
{t("downloadPdfBtn")}
</a>
) : (
<span className="text-text-muted text-xs italic">
{t("creditNoteNoPdf")}
</span>
)}
</td>
</tr>
))}
</tbody>
</table>
</Card>
)}
{/* Lines */} {/* Lines */}
<Card> <Card>
<CardHeader>{t("lineItemsTitle")}</CardHeader> <CardHeader>{t("lineItemsTitle")}</CardHeader>
@@ -296,7 +622,9 @@ function StatusPill({ status }: { status: InvoiceStatus }) {
? "bg-error/15 text-error" ? "bg-error/15 text-error"
: status === "void" || status === "uncollectible" : status === "void" || status === "uncollectible"
? "bg-text-muted/15 text-text-muted" ? "bg-text-muted/15 text-text-muted"
: "bg-accent/15 text-accent"; : status === "partially_refunded" || status === "fully_refunded"
? "bg-error/15 text-error"
: "bg-accent/15 text-accent";
return ( return (
<span <span
className={`inline-block px-2 py-0.5 rounded text-xs font-medium ${color}`} className={`inline-block px-2 py-0.5 rounded text-xs font-medium ${color}`}

22
src/components/admin/cron/cron-controls.tsx
View File

@@ -116,8 +116,23 @@ export function CronControls({ initialRecent, initialLastSuccess }: Props) {
}); });
}; };
// Phase 6: surface failures prominently. Any run in the recent
// window with a non-zero failure_count drives a top-of-page
// banner — the row in the table is already red, but a banner
// means the admin doesn't have to scroll to notice.
const recentFailures = recent.filter((r) => r.failureCount > 0);
const hasRecentFailures = recentFailures.length > 0;
return ( return (
<div className="space-y-8"> <div className="space-y-8">
{hasRecentFailures && (
<div className="p-4 rounded-md border border-error bg-error/10 text-sm text-error">
<p className="font-medium mb-1">{t("failureBannerTitle")}</p>
<p className="text-xs">
{t("failureBannerBody", { count: recentFailures.length })}
</p>
</div>
)}
<section className="grid gap-4 md:grid-cols-2"> <section className="grid gap-4 md:grid-cols-2">
<Card> <Card>
<h2 className="text-xs uppercase tracking-wider text-text-muted mb-2"> <h2 className="text-xs uppercase tracking-wider text-text-muted mb-2">
@@ -192,7 +207,12 @@ export function CronControls({ initialRecent, initialLastSuccess }: Props) {
</thead> </thead>
<tbody> <tbody>
{recent.map((r) => ( {recent.map((r) => (
<tr key={r.id} className="border-t border-border align-top"> <tr
key={r.id}
className={`border-t border-border align-top ${
r.failureCount > 0 ? "bg-error/5" : ""
}`}
>
<td className="py-2 text-xs font-mono"> <td className="py-2 text-xs font-mono">
{fmtRelative(r.startedAt)} {fmtRelative(r.startedAt)}
</td> </td>

101
src/components/billing/customer-credit-note-list.tsx Normal file
View File

@@ -0,0 +1,101 @@
import { useTranslations, useFormatter } from "next-intl";
import { Card } from "@/components/ui/card";
import type { CreditNote } from "@/types";
interface Props {
creditNotes: CreditNote[];
}
const kindColors: Record<string, string> = {
// Voids = the invoice was cancelled; gentle red.
void: "text-error bg-error/10",
// Refunds = money returned; also red but slightly differentiated.
refund: "text-error bg-error/10",
};
/**
* Phase 7 — customer's credit-note history below the invoice list.
*
* Hidden entirely when the org has zero credit notes (most orgs in
* normal operation). When present, each row shows the credit-note
* number, the invoice it relates to, kind (void / refund), amount,
* and a download link to the PDF.
*
* No detail page — clicking the PDF link opens the document inline
* (browser PDF viewer), which IS the credit-note detail view. A
* separate per-credit-note web page would duplicate what's in the
* PDF and add no value.
*/
export function CustomerCreditNoteList({ creditNotes }: Props) {
const t = useTranslations("customerBilling");
const fmt = useFormatter();
if (creditNotes.length === 0) {
return null;
}
return (
<Card>
<table className="w-full text-sm">
<thead className="text-xs text-text-muted text-left">
<tr>
<th className="pb-2">{t("creditNoteNumberCol")}</th>
<th className="pb-2">{t("creditNoteInvoiceCol")}</th>
<th className="pb-2">{t("creditNoteIssuedCol")}</th>
<th className="pb-2 text-right">{t("creditNoteAmountCol")}</th>
<th className="pb-2 text-right">{t("creditNoteKindCol")}</th>
<th className="pb-2 text-right">{t("creditNotePdfCol")}</th>
</tr>
</thead>
<tbody>
{creditNotes.map((cn) => (
<tr
key={cn.id}
className="border-t border-border align-middle"
>
<td className="py-2 font-mono text-xs">
{cn.creditNoteNumber}
</td>
<td className="py-2 font-mono text-xs text-text-secondary">
{cn.invoiceNumber}
</td>
<td className="py-2 text-text-secondary">
{fmt.dateTime(new Date(cn.issuedAt), { dateStyle: "medium" })}
</td>
<td className="py-2 text-right font-mono">
CHF {cn.amountChf.toFixed(2)}
</td>
<td className="py-2 text-right">
<span
className={`px-2 py-0.5 rounded text-xs ${
kindColors[cn.kind] ?? ""
}`}
>
{t(`creditNoteKind_${cn.kind}` as any)}
</span>
</td>
<td className="py-2 text-right">
{cn.hasPdf ? (
<a
href={`/api/credit-notes/${encodeURIComponent(
cn.creditNoteNumber
)}/pdf`}
className="text-accent hover:underline text-xs"
target="_blank"
rel="noopener noreferrer"
>
{t("downloadPdf")}
</a>
) : (
<span className="text-text-muted text-xs italic">
{t("creditNoteNoPdf")}
</span>
)}
</td>
</tr>
))}
</tbody>
</table>
</Card>
);
}

7
src/components/billing/customer-invoice-list.tsx
View File

@@ -12,6 +12,13 @@ const statusColors: Record<string, string> = {
paid: "text-success bg-success/10", paid: "text-success bg-success/10",
overdue: "text-error bg-error/10", overdue: "text-error bg-error/10",
void: "text-text-muted bg-surface-3 line-through", void: "text-text-muted bg-surface-3 line-through",
// Phase 7: refund states. Red tinting matches the credit-note
// PDF accent so customers reading the table get a visual cue
// that something was credited back. partially_refunded reads
// as a partial state (mixed colour), fully_refunded reads as
// closed (line-through like void).
partially_refunded: "text-error bg-error/10",
fully_refunded: "text-text-muted bg-error/10 line-through",
}; };
/** /**

35
src/components/billing/running-total-widget.tsx
View File

@@ -11,6 +11,17 @@ type CurrentResponse =
| { draft: InvoiceDraft } | { draft: InvoiceDraft }
| { error: string; code?: string }; | { error: string; code?: string };
interface Props {
/**
* Whether the viewing user has org-owner role. Drives the
* "complete your billing details" CTA — only owners can edit
* billing settings, so non-owners see a softer message asking
* them to contact their org owner instead. The flag is computed
* server-side and passed in to avoid a second API round-trip.
*/
isOwner: boolean;
}
/** /**
* Live running total for the current calendar month. * Live running total for the current calendar month.
* *
@@ -28,7 +39,7 @@ type CurrentResponse =
* No polling — the page is static enough that an explicit * No polling — the page is static enough that an explicit
* "refresh" link is good enough if the user wants newer numbers. * "refresh" link is good enough if the user wants newer numbers.
*/ */
export function RunningTotalWidget() { export function RunningTotalWidget({ isOwner }: Props) {
const t = useTranslations("customerBilling"); const t = useTranslations("customerBilling");
const fmt = useFormatter(); const fmt = useFormatter();
const [data, setData] = useState<CurrentResponse | null>(null); const [data, setData] = useState<CurrentResponse | null>(null);
@@ -62,13 +73,29 @@ export function RunningTotalWidget() {
); );
} }
if (!data || "error" in data) { if (!data || "error" in data) {
const noConfig =
data && "code" in data && data.code === "COMPUTE_FAILED";
return ( return (
<Card> <Card>
<p className="text-sm text-text-secondary py-2"> <p className="text-sm text-text-secondary py-2">
{data && "code" in data && data.code === "COMPUTE_FAILED" {noConfig ? t("noBillingConfig") : t("currentPeriodError")}
? t("noBillingConfig")
: t("currentPeriodError")}
</p> </p>
{/* Phase 6: owner-only CTA. Non-owners can't edit billing
settings, so we show them a "contact owner" hint instead
— that's gentler than a button that 404s on click. */}
{noConfig && isOwner && (
<Link
href="/settings/billing"
className="inline-block mt-2 px-4 py-2 rounded-md bg-accent text-white text-sm font-medium hover:bg-accent-dim transition-colors"
>
{t("configureBillingCta")}
</Link>
)}
{noConfig && !isOwner && (
<p className="text-xs text-text-muted italic mt-2">
{t("noBillingConfigNonOwner")}
</p>
)}
</Card> </Card>
); );
} }

9
src/components/onboarding/onboarding-flow.tsx
View File

@@ -2,6 +2,7 @@
import { useRouter } from "next/navigation"; import { useRouter } from "next/navigation";
import { OnboardingWizard } from "./wizard"; import { OnboardingWizard } from "./wizard";
import type { OrgBilling } from "@/types";
interface OnboardingFlowProps { interface OnboardingFlowProps {
orgName: string; orgName: string;
@@ -19,6 +20,12 @@ interface OnboardingFlowProps {
* /settings/billing. * /settings/billing.
*/ */
hasOrgBilling?: boolean; hasOrgBilling?: boolean;
/**
* Phase 6 fix3: the actual org_billing record (or null). Drives
* the review-step "Billing to" rendering AND the confirm-step
* validation skip when the billing step was skipped.
*/
existingOrgBilling?: OrgBilling | null;
/** /**
* Bug 6: when present, the wizard is rendered in edit mode against * Bug 6: when present, the wizard is rendered in edit mode against
* the given pending request. See `OnboardingWizard` for the full * the given pending request. See `OnboardingWizard` for the full
@@ -45,6 +52,7 @@ export function OnboardingFlow({
userName, userName,
userEmail, userEmail,
hasOrgBilling, hasOrgBilling,
existingOrgBilling,
editingRequest, editingRequest,
}: OnboardingFlowProps) { }: OnboardingFlowProps) {
const router = useRouter(); const router = useRouter();
@@ -55,6 +63,7 @@ export function OnboardingFlow({
userName={userName} userName={userName}
userEmail={userEmail} userEmail={userEmail}
hasOrgBilling={hasOrgBilling} hasOrgBilling={hasOrgBilling}
existingOrgBilling={existingOrgBilling}
editingRequest={editingRequest} editingRequest={editingRequest}
onComplete={() => { onComplete={() => {
// Navigate back to /dashboard and re-fetch on the server. The // Navigate back to /dashboard and re-fetch on the server. The

133
src/components/onboarding/wizard.tsx
View File

@@ -13,6 +13,7 @@ import {
SUPPORTED_COUNTRIES, SUPPORTED_COUNTRIES,
type SupportedCountry, type SupportedCountry,
} from "@/lib/validation"; } from "@/lib/validation";
import type { OrgBilling } from "@/types";
type Step = "welcome" | "configure" | "billing" | "confirm"; type Step = "welcome" | "configure" | "billing" | "confirm";
@@ -96,6 +97,17 @@ interface WizardProps {
* fix it before admin approves. * fix it before admin approves.
*/ */
hasOrgBilling?: boolean; hasOrgBilling?: boolean;
/**
* Phase 6 fix3: the actual org_billing record when one exists.
* Used to render real values on the review-step "Billing to" block
* (rather than the wizard's empty default config.billingAddress)
* AND to skip the confirm-step's client-side validation of
* billingAddress — same logic that already strips billingAddress
* at submit time. Null when no org_billing row exists yet.
* Ignored in edit mode (the editingRequest carries its own
* billingAddress snapshot).
*/
existingOrgBilling?: OrgBilling | null;
/** /**
* Bug 6: when present, the wizard renders in "edit" mode — fields * Bug 6: when present, the wizard renders in "edit" mode — fields
* are pre-populated from the request, the SOUL.md auto-fetch is * are pre-populated from the request, the SOUL.md auto-fetch is
@@ -134,6 +146,7 @@ export function OnboardingWizard({
userName, userName,
userEmail, userEmail,
hasOrgBilling, hasOrgBilling,
existingOrgBilling,
editingRequest, editingRequest,
onComplete, onComplete,
}: WizardProps) { }: WizardProps) {
@@ -319,7 +332,23 @@ export function OnboardingWizard({
} }
// confirm: validate the union (defence in depth — submit handler // confirm: validate the union (defence in depth — submit handler
// also runs onboardingSchema before POST). // also runs onboardingSchema before POST).
const r = onboardingSchema.safeParse(config); //
// Phase 6 fix3: when hasOrgBilling=true AND not editing, the
// billing step was skipped and config.billingAddress is the
// empty default. zod's .optional() doesn't help here because the
// field IS present (empty object), so billingAddressSchema
// validates it and fails with required-field errors that the
// user has no way to fix — the form to enter the values was
// skipped on purpose. Strip the field for validation, matching
// the same strip we already do at submit time.
const configForValidation =
hasOrgBilling && !isEditing
? (() => {
const { billingAddress: _b, ...rest } = config;
return rest;
})()
: config;
const r = onboardingSchema.safeParse(configForValidation);
if (r.success) { if (r.success) {
setErrors({}); setErrors({});
return true; return true;
@@ -1101,42 +1130,84 @@ export function OnboardingWizard({
<ReviewRow <ReviewRow
label={t("reviewBillingTo")} label={t("reviewBillingTo")}
value={ value={
<div className="text-text-primary text-right"> (() => {
{/* For personal: skip the company line so the // Phase 6 fix3: when the org has billing on file
invoice rendering matches what the user actually // and we're not editing, render the saved
entered. For company: include it as the first // org_billing record (the authoritative source)
line. */} // rather than config.billingAddress, which is the
{!isPersonal && // wizard's empty default state because the billing
config.billingAddress.company && // step was skipped. In edit mode, fall back to
config.billingAddress.company.trim().length > 0 && ( // config.billingAddress, which is pre-populated
<div>{config.billingAddress.company}</div> // from the request being edited.
)} const useSaved =
<div>{config.billingAddress.street}</div> hasOrgBilling && !isEditing && existingOrgBilling;
<div> const company = useSaved
{config.billingAddress.postalCode}{" "} ? existingOrgBilling!.companyName
{config.billingAddress.city} : config.billingAddress.company;
</div> const street = useSaved
<div className="text-text-muted"> ? existingOrgBilling!.streetAddress
{tCountries( : config.billingAddress.street;
config.billingAddress.country as SupportedCountry const postalCode = useSaved
)} ? existingOrgBilling!.postalCode
</div> : config.billingAddress.postalCode;
</div> const city = useSaved
? existingOrgBilling!.city
: config.billingAddress.city;
const country = useSaved
? existingOrgBilling!.country
: config.billingAddress.country;
const contactName = useSaved
? existingOrgBilling!.contactName
: null;
return (
<div className="text-text-primary text-right">
{/* For personal: skip the company line so the
invoice rendering matches what the user actually
entered. For company: include it as the first
line. */}
{!isPersonal &&
company &&
company.trim().length > 0 && <div>{company}</div>}
{/* Phase 6 fix2: optional contact-person line
("z.Hd. <name>") only present when the saved
org_billing has it set. */}
{contactName && contactName.trim().length > 0 && (
<div className="text-text-muted">
{t("reviewContactPersonPrefix")} {contactName}
</div>
)}
<div>{street}</div>
<div>
{postalCode} {city}
</div>
<div className="text-text-muted">
{tCountries(country as SupportedCountry)}
</div>
</div>
);
})()
} }
/> />
{/* Bug 35: VAT review row. Company customers see this so {/* Bug 35: VAT review row. Company customers see this so
they can verify the VAT id they typed before submitting. they can verify the VAT id they typed before submitting.
Personal customers never see it — they don't have a Personal customers never see it — they don't have a
VAT number, the form didn't ask, the review hides it. */} VAT number, the form didn't ask, the review hides it.
Phase 6 fix3: when reading from existingOrgBilling,
the value comes from there too. */}
{!isPersonal && {!isPersonal &&
config.billingAddress.vatNumber && (() => {
config.billingAddress.vatNumber.trim().length > 0 && ( const vat =
<ReviewRow hasOrgBilling && !isEditing && existingOrgBilling
label={t("billingVatNumber")} ? existingOrgBilling.vatNumber
value={config.billingAddress.vatNumber} : config.billingAddress.vatNumber;
mono return vat && vat.trim().length > 0 ? (
/> <ReviewRow
)} label={t("billingVatNumber")}
value={vat}
mono
/>
) : null;
})()}
<ReviewRow <ReviewRow
label={t("reviewContactEmail")} label={t("reviewContactEmail")}
value={userEmail || ""} value={userEmail || ""}

263
src/components/settings/billing-form.tsx Normal file
View File

@@ -0,0 +1,263 @@
"use client";
import { useState } from "react";
import { useRouter } from "next/navigation";
import { useTranslations } from "next-intl";
import { Card } from "@/components/ui/card";
import type { OrgBilling } from "@/types";
interface Props {
initial: OrgBilling | null;
/**
* Personal-account (individual customer) flag from the session.
* Individuals get a "Full name" field instead of "Company name",
* and the VAT input is hidden entirely — they don't have one and
* showing the field would only confuse. The underlying column is
* still `company_name` in the DB and the invoice PDF; for an
* individual that field carries their full name, which is
* exactly what should print on the invoice.
*/
isPersonal: boolean;
}
/**
* Customer billing settings form. Drives PUT /api/settings/billing
* which upserts org_billing for the caller's org.
*
* Validation is the same regex as the server-side zod schema for
* the country field (ISO 3166-1 alpha-2). Other fields are checked
* for required + max-length client-side; the server is the
* authority and re-validates everything.
*
* On success we router.refresh() the page so the server component
* re-fetches and any "create now" -> "edit" wording flips.
*/
export function BillingSettingsForm({ initial, isPersonal }: Props) {
const t = useTranslations("settingsBilling");
const router = useRouter();
const [form, setForm] = useState({
companyName: initial?.companyName ?? "",
contactName: initial?.contactName ?? "",
streetAddress: initial?.streetAddress ?? "",
postalCode: initial?.postalCode ?? "",
city: initial?.city ?? "",
country: initial?.country ?? "CH",
vatNumber: initial?.vatNumber ?? "",
billingEmail: initial?.billingEmail ?? "",
notes: initial?.notes ?? "",
});
const [busy, setBusy] = useState(false);
const [error, setError] = useState<string | null>(null);
const [savedFlash, setSavedFlash] = useState(false);
const set =
(field: keyof typeof form) =>
(e: React.ChangeEvent<HTMLInputElement | HTMLTextAreaElement>) =>
setForm((f) => ({ ...f, [field]: e.target.value }));
const submit = async () => {
setError(null);
setSavedFlash(false);
// Client-side gate on required fields — the server re-validates.
if (
!form.companyName.trim() ||
!form.streetAddress.trim() ||
!form.postalCode.trim() ||
!form.city.trim() ||
!form.country.trim() ||
!form.billingEmail.trim()
) {
setError(t("missingRequired"));
return;
}
if (!/^[A-Za-z]{2}$/.test(form.country.trim())) {
setError(t("invalidCountry"));
return;
}
if (!/^[^@\s]+@[^@\s]+\.[^@\s]+$/.test(form.billingEmail.trim())) {
setError(t("invalidEmail"));
return;
}
setBusy(true);
try {
const res = await fetch("/api/settings/billing", {
method: "PUT",
headers: { "Content-Type": "application/json" },
body: JSON.stringify({
companyName: form.companyName.trim(),
// Personal accounts don't have a contact-name field
// (companyName IS their name); force null so stale state
// from a previously-org-flagged account can't carry over.
contactName: isPersonal ? null : form.contactName.trim() || null,
streetAddress: form.streetAddress.trim(),
postalCode: form.postalCode.trim(),
city: form.city.trim(),
country: form.country.trim().toUpperCase(),
// Personal accounts never have a VAT number — force null
// regardless of stale state, in case a value was stored
// before the account got flagged as personal.
vatNumber: isPersonal ? null : form.vatNumber.trim() || null,
billingEmail: form.billingEmail.trim(),
notes: form.notes.trim() || null,
}),
});
const data = await res.json().catch(() => ({}));
if (!res.ok) {
throw new Error(data.error ?? `HTTP ${res.status}`);
}
setSavedFlash(true);
router.refresh();
} catch (e: any) {
setError(e?.message ?? String(e));
} finally {
setBusy(false);
}
};
return (
<Card>
<div className="space-y-4">
<Field
label={isPersonal ? t("fullNameLabel") : t("companyNameLabel")}
required
>
<input
type="text"
value={form.companyName}
onChange={set("companyName")}
maxLength={200}
className="w-full px-3 py-2 rounded-md bg-surface-2 border border-border focus:border-accent focus:outline-none text-sm"
/>
</Field>
{!isPersonal && (
<Field label={t("contactNameLabel")} hint={t("contactNameHint")}>
<input
type="text"
value={form.contactName}
onChange={set("contactName")}
maxLength={200}
className="w-full px-3 py-2 rounded-md bg-surface-2 border border-border focus:border-accent focus:outline-none text-sm"
/>
</Field>
)}
<Field label={t("streetAddressLabel")} required>
<input
type="text"
value={form.streetAddress}
onChange={set("streetAddress")}
maxLength={200}
className="w-full px-3 py-2 rounded-md bg-surface-2 border border-border focus:border-accent focus:outline-none text-sm"
/>
</Field>
<div className="grid grid-cols-1 md:grid-cols-3 gap-4">
<Field label={t("postalCodeLabel")} required>
<input
type="text"
value={form.postalCode}
onChange={set("postalCode")}
maxLength={20}
className="w-full px-3 py-2 rounded-md bg-surface-2 border border-border focus:border-accent focus:outline-none text-sm"
/>
</Field>
<Field label={t("cityLabel")} required>
<input
type="text"
value={form.city}
onChange={set("city")}
maxLength={100}
className="w-full px-3 py-2 rounded-md bg-surface-2 border border-border focus:border-accent focus:outline-none text-sm"
/>
</Field>
<Field
label={t("countryLabel")}
required
hint={t("countryHint")}
>
<input
type="text"
value={form.country}
onChange={(e) =>
setForm((f) => ({
...f,
country: e.target.value.toUpperCase().slice(0, 2),
}))
}
maxLength={2}
className="w-full px-3 py-2 rounded-md bg-surface-2 border border-border focus:border-accent focus:outline-none text-sm uppercase font-mono"
/>
</Field>
</div>
{!isPersonal && (
<Field label={t("vatNumberLabel")} hint={t("vatNumberHint")}>
<input
type="text"
value={form.vatNumber}
onChange={set("vatNumber")}
maxLength={40}
placeholder="CHE-123.456.789 MWST"
className="w-full px-3 py-2 rounded-md bg-surface-2 border border-border focus:border-accent focus:outline-none text-sm font-mono"
/>
</Field>
)}
<Field label={t("billingEmailLabel")} required hint={t("billingEmailHint")}>
<input
type="email"
value={form.billingEmail}
onChange={set("billingEmail")}
maxLength={200}
className="w-full px-3 py-2 rounded-md bg-surface-2 border border-border focus:border-accent focus:outline-none text-sm"
/>
</Field>
<Field label={t("notesLabel")} hint={t("notesHint")}>
<textarea
value={form.notes}
onChange={set("notes")}
maxLength={2000}
rows={3}
className="w-full px-3 py-2 rounded-md bg-surface-2 border border-border focus:border-accent focus:outline-none text-sm"
/>
</Field>
{error && (
<p className="text-sm text-error">{error}</p>
)}
{savedFlash && (
<p className="text-sm text-success">{t("saved")}</p>
)}
<div className="flex justify-end">
<button
onClick={submit}
disabled={busy}
className="px-4 py-2 rounded-md bg-accent text-white text-sm font-medium hover:bg-accent-dim transition-colors disabled:opacity-50 cursor-pointer"
>
{busy ? t("saving") : initial ? t("saveChanges") : t("createBilling")}
</button>
</div>
</div>
</Card>
);
}
function Field({
label,
required,
hint,
children,
}: {
label: string;
required?: boolean;
hint?: string;
children: React.ReactNode;
}) {
return (
<div>
<label className="block text-xs uppercase tracking-wider text-text-muted mb-1">
{label}
{required && <span className="text-error ml-1">*</span>}
</label>
{children}
{hint && (
<p className="text-xs text-text-muted mt-1 italic">{hint}</p>
)}
</div>
);
}

187
src/components/settings/profile-form.tsx Normal file
View File

@@ -0,0 +1,187 @@
"use client";
import { useState } from "react";
import { useSession } from "next-auth/react";
import { useTranslations } from "next-intl";
import { Card } from "@/components/ui/card";
interface Props {
initial: {
firstName: string;
lastName: string;
email: string;
};
/**
* Personal-account flag. Drives a small hint about how the ZITADEL
* name relates (or doesn't) to invoice identity — see the page
* server component for the long explanation.
*/
isPersonal: boolean;
/**
* For company accounts: the display org name. Shown in a small
* read-only "Member of <org>" hint so the user understands which
* identity they're editing. Ignored for personals (orgName is an
* opaque "personal-XXXX" string in that case).
*/
orgName: string;
}
/**
* Edits first/last name in ZITADEL via PUT /api/settings/profile.
* Email is shown read-only — changing email requires verification
* flow that ZITADEL's own self-service UI handles.
*
* On save, we trigger NextAuth's `update()` from useSession() with
* the new display name. That routes through our jwt callback
* (trigger='update' branch) which overlays token.name without a
* logout/login. After the cookie is updated we trigger a full page
* reload — every server-rendered surface (nav-shell, dashboard
* welcome, instance cards) re-reads the cookie on the next request
* and renders with the new name. router.refresh() alone wasn't
* enough: it re-runs only the current route's server components,
* leaving outer-tree segments stale until the user navigates.
*/
export function ProfileSettingsForm({ initial, isPersonal, orgName }: Props) {
const t = useTranslations("settingsProfile");
const { update } = useSession();
const [form, setForm] = useState({
firstName: initial.firstName,
lastName: initial.lastName,
});
const [busy, setBusy] = useState(false);
const [error, setError] = useState<string | null>(null);
const [savedFlash, setSavedFlash] = useState(false);
const submit = async () => {
setError(null);
setSavedFlash(false);
if (!form.firstName.trim() || !form.lastName.trim()) {
setError(t("missingRequired"));
return;
}
setBusy(true);
try {
const res = await fetch("/api/settings/profile", {
method: "PUT",
headers: { "Content-Type": "application/json" },
body: JSON.stringify({
firstName: form.firstName.trim(),
lastName: form.lastName.trim(),
}),
});
const data = await res.json().catch(() => ({}));
if (!res.ok) {
throw new Error(data.error ?? `HTTP ${res.status}`);
}
// Phase 6 fix5: push the new display name into the session
// token. The jwt callback handles trigger='update' and overlays
// token.name; the next session callback maps token.name back
// to session.user.name. No re-login needed.
await update({ name: data.displayName });
setSavedFlash(true);
// Force a full reload so EVERY server-rendered component picks
// up the new session cookie immediately — router.refresh() only
// re-runs the current route's server components, leaving the
// nav-shell (rendered higher in the tree) and other cached
// segments showing the old name until the user navigates.
// The 800ms delay lets the "Saved" flash render briefly before
// the page reloads, so the user gets visible feedback.
setTimeout(() => {
window.location.reload();
}, 800);
} catch (e: any) {
setError(e?.message ?? String(e));
} finally {
setBusy(false);
}
};
return (
<Card>
<div className="space-y-4">
<div className="grid grid-cols-1 md:grid-cols-2 gap-4">
<Field label={t("firstNameLabel")} required>
<input
type="text"
value={form.firstName}
onChange={(e) =>
setForm((f) => ({ ...f, firstName: e.target.value }))
}
maxLength={100}
className="w-full px-3 py-2 rounded-md bg-surface-2 border border-border focus:border-accent focus:outline-none text-sm"
/>
</Field>
<Field label={t("lastNameLabel")} required>
<input
type="text"
value={form.lastName}
onChange={(e) =>
setForm((f) => ({ ...f, lastName: e.target.value }))
}
maxLength={100}
className="w-full px-3 py-2 rounded-md bg-surface-2 border border-border focus:border-accent focus:outline-none text-sm"
/>
</Field>
</div>
<Field label={t("emailLabel")} hint={t("emailReadOnlyHint")}>
<input
type="email"
value={initial.email}
readOnly
disabled
className="w-full px-3 py-2 rounded-md bg-surface-2 border border-border text-sm text-text-muted cursor-not-allowed"
/>
</Field>
{/* Personal vs company hint. Personals get the
"this won't change your invoice name" warning since their
ZITADEL name and their invoice identity are intentionally
decoupled. Company accounts get a benign "member of"
context line so they know which org's identity they're
editing. */}
{isPersonal ? (
<p className="text-xs text-text-muted italic">
{t("personalAccountHint")}
</p>
) : (
<p className="text-xs text-text-muted italic">
{t("companyAccountHint", { orgName })}
</p>
)}
{error && <p className="text-sm text-error">{error}</p>}
{savedFlash && <p className="text-sm text-success">{t("saved")}</p>}
<div className="flex justify-end">
<button
onClick={submit}
disabled={busy}
className="px-4 py-2 rounded-md bg-accent text-white text-sm font-medium hover:bg-accent-dim transition-colors disabled:opacity-50 cursor-pointer"
>
{busy ? t("saving") : t("saveChanges")}
</button>
</div>
</div>
</Card>
);
}
function Field({
label,
required,
hint,
children,
}: {
label: string;
required?: boolean;
hint?: string;
children: React.ReactNode;
}) {
return (
<div>
<label className="block text-xs uppercase tracking-wider text-text-muted mb-1">
{label}
{required && <span className="text-error ml-1">*</span>}
</label>
{children}
{hint && <p className="text-xs text-text-muted mt-1 italic">{hint}</p>}
</div>
);
}

60
src/lib/auth.ts
View File

@@ -49,7 +49,31 @@ export const authConfig: NextAuthConfig = {
}, },
], ],
callbacks: { callbacks: {
async jwt({ token, account, profile }) { async jwt({ token, account, profile, trigger, session }) {
// Phase 6 fix5: client-side `useSession().update({ name })` calls
// route through this branch. We trust the new value because the
// PUT /api/settings/profile route already wrote it to ZITADEL
// and re-fetched the canonical displayName before returning.
// The session callback reads token.name directly (see below) so
// the update propagates without depending on auth.js's implicit
// token→session.user mapping, which is flaky for the name claim
// in the v5 OIDC provider configuration.
//
// Defensive: only the `name` field is accepted from the update
// payload, even if the client passes additional keys. Other
// identity claims (orgId, roles, sub) come from ZITADEL at
// sign-in time and are not user-mutable from a settings page.
//
// Returns a NEW token object (spread) rather than mutating, so
// there is no ambiguity for auth.js about whether the token
// changed and needs re-encoding into the session cookie.
if (trigger === "update" && session) {
const update = session as { name?: unknown };
if (typeof update.name === "string") {
return { ...token, name: update.name };
}
return token;
}
if (account && profile) { if (account && profile) {
const claims = profile as unknown as ZitadelClaims; const claims = profile as unknown as ZitadelClaims;
token.orgId = claims["urn:zitadel:iam:user:resourceowner:id"]; token.orgId = claims["urn:zitadel:iam:user:resourceowner:id"];
@@ -58,6 +82,19 @@ export const authConfig: NextAuthConfig = {
claims["urn:zitadel:iam:org:project:roles"] claims["urn:zitadel:iam:org:project:roles"]
); );
token.accessToken = account.access_token; token.accessToken = account.access_token;
// Phase 6 fix5: explicitly pin the standard name/email claims
// onto the token from the OIDC profile. Previously these came
// through auth.js's implicit mapping, which works on first
// sign-in but isn't reliable after update() — once the update
// path overrides token.name, the read-back path needs token
// to be the authoritative source. Setting them explicitly
// here keeps sign-in and update on the same path.
if (typeof profile.name === "string") {
token.name = profile.name;
}
if (typeof profile.email === "string") {
token.email = profile.email;
}
// Pin token.sub to the OIDC subject. Auth.js v5 otherwise puts a // Pin token.sub to the OIDC subject. Auth.js v5 otherwise puts a
// freshly generated UUID in token.sub on initial sign-in, // freshly generated UUID in token.sub on initial sign-in,
// ignoring what profile() returns for `id`. That UUID then // ignoring what profile() returns for `id`. That UUID then
@@ -80,10 +117,19 @@ export const authConfig: NextAuthConfig = {
async session({ session, token }) { async session({ session, token }) {
const roles = (token.roles as Role[]) ?? []; const roles = (token.roles as Role[]) ?? [];
const orgName = (token.orgName as string) ?? ""; const orgName = (token.orgName as string) ?? "";
// Phase 6 fix5: read name and email directly from the token.
// Previously this code relied on `session.user?.name`, expecting
// auth.js to map token.name → session.user.name automatically.
// That mapping is brittle: it works on first sign-in (because
// OIDC profile() populates session.user) but not after update()
// overrides token.name. Reading from token is the canonical
// path regardless of how the token was last written.
const tokenName = (token.name as string | undefined) ?? "";
const tokenEmail = (token.email as string | undefined) ?? "";
const sessionUser: SessionUser = { const sessionUser: SessionUser = {
id: token.sub!, id: token.sub!,
name: session.user?.name ?? "", name: tokenName || session.user?.name || "",
email: session.user?.email ?? "", email: tokenEmail || session.user?.email || "",
orgId: token.orgId as string, orgId: token.orgId as string,
orgName, orgName,
roles, roles,
@@ -96,6 +142,14 @@ export const authConfig: NextAuthConfig = {
isPersonal: isPersonalOrgName(orgName), isPersonal: isPersonalOrgName(orgName),
}; };
(session as any).platformUser = sessionUser; (session as any).platformUser = sessionUser;
// Also overwrite session.user so any client-side code that uses
// the standard NextAuth shape (session.user.name) sees the new
// value. Pre-fix5 code paths read from session.user.name; this
// keeps them working without per-component changes.
if (session.user) {
session.user.name = sessionUser.name;
session.user.email = sessionUser.email;
}
return session; return session;
}, },
}, },

110
src/lib/billing-pdf.tsx
View File

@@ -31,44 +31,18 @@ import {
Text, Text,
View, View,
StyleSheet, StyleSheet,
Svg,
Polygon,
Polyline,
renderToBuffer, renderToBuffer,
} from "@react-pdf/renderer"; } from "@react-pdf/renderer";
import type { Invoice, InvoiceLine, InvoiceLineKind } from "@/types"; import type { Invoice, InvoiceLine, InvoiceLineKind } from "@/types";
import { BRAND, Logo } from "./pdf-brand";
// --------------------------------------------------------------------------- // ---------------------------------------------------------------------------
// Brand constants — edit here to tweak look without touching layout // Brand: imported from lib/pdf-brand. Edit there to change issuer
// info, colours, or the logo. Both billing-pdf.tsx and credit-note-pdf.tsx
// share the same source of truth so a brand change applies to every
// PDF the portal produces.
// --------------------------------------------------------------------------- // ---------------------------------------------------------------------------
const BRAND = {
name: "PieCed IT",
// Primary emerald — matches the logo SVG fill (#10B981).
primary: "#10B981",
// Slightly darker emerald for headings.
primaryDark: "#0a8060",
textColor: "#1a1a1a",
mutedColor: "#666",
borderColor: "#d4d4d4",
// Issuer block — change these to your real legal info.
issuer: {
legalName: "PieCed IT",
addressLine1: "Cedric Mosimann",
addressLine2: "[Strasse Nr.]",
postalCity: "[PLZ] Basel",
country: "Switzerland",
email: "billing@pieced.ch",
web: "pieced.ch",
// Show "MWST-Nr. ..." on PDF when set.
vatNumber: null as string | null,
// Bank instructions — Phase 7 replaces with QR-bill.
bankName: "[Bank name]",
bankIban: "[CHxx xxxx xxxx xxxx xxxx x]",
bankBic: "[BIC]",
},
};
// --------------------------------------------------------------------------- // ---------------------------------------------------------------------------
// Localized strings // Localized strings
// --------------------------------------------------------------------------- // ---------------------------------------------------------------------------
@@ -80,6 +54,11 @@ interface PdfStrings {
dueDate: string; dueDate: string;
period: string; period: string;
billTo: string; billTo: string;
// Phase 6 fix: prefix shown before the optional contact-person
// name on the bill-to block. "z.Hd." (DE) / "Attn:" (EN) /
// "À l'attention de" (FR) / "c.a." (IT). Empty/unused when the
// invoice has no contactName on its snapshot.
attentionPrefix: string;
description: string; description: string;
quantity: string; quantity: string;
unitPrice: string; unitPrice: string;
@@ -107,6 +86,7 @@ const MESSAGES: Record<string, PdfStrings> = {
dueDate: "Zahlbar bis", dueDate: "Zahlbar bis",
period: "Abrechnungsperiode", period: "Abrechnungsperiode",
billTo: "Rechnungsempfänger", billTo: "Rechnungsempfänger",
attentionPrefix: "z.Hd.",
description: "Beschreibung", description: "Beschreibung",
quantity: "Menge", quantity: "Menge",
unitPrice: "Einzelpreis", unitPrice: "Einzelpreis",
@@ -139,6 +119,7 @@ const MESSAGES: Record<string, PdfStrings> = {
dueDate: "Due date", dueDate: "Due date",
period: "Billing period", period: "Billing period",
billTo: "Bill to", billTo: "Bill to",
attentionPrefix: "Attn:",
description: "Description", description: "Description",
quantity: "Qty", quantity: "Qty",
unitPrice: "Unit price", unitPrice: "Unit price",
@@ -171,6 +152,7 @@ const MESSAGES: Record<string, PdfStrings> = {
dueDate: "Échéance", dueDate: "Échéance",
period: "Période de facturation", period: "Période de facturation",
billTo: "Destinataire", billTo: "Destinataire",
attentionPrefix: "À l'attention de",
description: "Description", description: "Description",
quantity: "Qté", quantity: "Qté",
unitPrice: "Prix unitaire", unitPrice: "Prix unitaire",
@@ -203,6 +185,7 @@ const MESSAGES: Record<string, PdfStrings> = {
dueDate: "Scadenza", dueDate: "Scadenza",
period: "Periodo di fatturazione", period: "Periodo di fatturazione",
billTo: "Destinatario", billTo: "Destinatario",
attentionPrefix: "c.a.",
description: "Descrizione", description: "Descrizione",
quantity: "Qtà", quantity: "Qtà",
unitPrice: "Prezzo unitario", unitPrice: "Prezzo unitario",
@@ -349,62 +332,6 @@ const styles = StyleSheet.create({
}); });
// --------------------------------------------------------------------------- // ---------------------------------------------------------------------------
// Logo — inlined SVG primitives
// ---------------------------------------------------------------------------
/**
* PieCed honeycomb logo. Re-renders the same 6-hex glyph as the
* portal's `public/pieced-logo.svg` using React-PDF's SVG support.
* Width/height are independent of the original viewBox so we can
* scale it without losing stroke quality.
*/
const Logo = ({ size = 60 }: { size?: number }) => (
<Svg width={size} height={size * (106 / 70)} viewBox="0 0 70 106">
{/* H1 solid */}
<Polygon
points="38.5,22.69 31.5,10.566 17.5,10.566 10.5,22.69 17.5,34.814 31.5,34.814"
fill="#10B981"
stroke="#10B981"
strokeWidth={1.6}
/>
{/* H2 outline */}
<Polygon
points="59.5,34.814 52.5,22.69 38.5,22.69 31.5,34.814 38.5,46.938 52.5,46.938"
fill="none"
stroke="#10B981"
strokeWidth={1.8}
/>
{/* H3 outline */}
<Polygon
points="38.5,46.938 31.5,34.814 17.5,34.814 10.5,46.938 17.5,59.062 31.5,59.062"
fill="none"
stroke="#10B981"
strokeWidth={1.8}
/>
{/* H4 solid */}
<Polygon
points="59.5,59.062 52.5,46.938 38.5,46.938 31.5,59.062 38.5,71.186 52.5,71.186"
fill="#10B981"
stroke="#10B981"
strokeWidth={1.6}
/>
{/* H5 partial */}
<Polyline
points="31.5,83.31 38.5,71.186 31.5,59.062 17.5,59.062 10.5,71.186"
fill="none"
stroke="#10B981"
strokeWidth={1.8}
/>
{/* H6 partial */}
<Polyline
points="59.5,83.31 52.5,71.186 38.5,71.186 31.5,83.31 38.5,95.434"
fill="none"
stroke="#10B981"
strokeWidth={1.8}
/>
</Svg>
);
// --------------------------------------------------------------------------- // ---------------------------------------------------------------------------
// Helpers // Helpers
// --------------------------------------------------------------------------- // ---------------------------------------------------------------------------
@@ -524,6 +451,15 @@ const InvoicePdf: React.FC<InvoicePdfProps> = ({ invoice, lines }) => {
<View style={styles.billToBlock}> <View style={styles.billToBlock}>
<Text style={styles.billToLabel}>{s.billTo}</Text> <Text style={styles.billToLabel}>{s.billTo}</Text>
<Text style={styles.billToName}>{snap.companyName}</Text> <Text style={styles.billToName}>{snap.companyName}</Text>
{/* Phase 6 fix: optional "z.Hd." / "Attn:" line for routing
the printed invoice internally at the customer. Prints
between the company name and street address, in the
invoice's locale (frozen at issue time). */}
{snap.contactName && (
<Text>
{s.attentionPrefix} {snap.contactName}
</Text>
)}
<Text>{snap.streetAddress}</Text> <Text>{snap.streetAddress}</Text>
<Text> <Text>
{snap.postalCode} {snap.city} {snap.postalCode} {snap.city}

369
src/lib/billing.ts
View File

@@ -30,6 +30,7 @@
*/ */
import type { import type {
CreditNote,
Invoice, Invoice,
InvoiceBillingSnapshot, InvoiceBillingSnapshot,
InvoiceDraft, InvoiceDraft,
@@ -44,6 +45,8 @@ import type {
TenantSuspensionEvent, TenantSuspensionEvent,
} from "@/types"; } from "@/types";
import { import {
attachCreditNotePdf,
createCreditNote,
createInvoice, createInvoice,
getInvoiceById, getInvoiceById,
getOrgBilling, getOrgBilling,
@@ -53,6 +56,8 @@ import {
listSkillEventsForTenant, listSkillEventsForTenant,
listSkillPricing, listSkillPricing,
listSuspensionEventsForTenant, listSuspensionEventsForTenant,
markInvoiceVoided,
recordInvoiceRefund,
tenantHasSetupFeeBilled, tenantHasSetupFeeBilled,
tenantSkillHasBeenBilled, tenantSkillHasBeenBilled,
updateInvoicePdf, updateInvoicePdf,
@@ -61,7 +66,9 @@ import { listTenants } from "./k8s";
import { getTeamSpendLogsV2 } from "./litellm"; import { getTeamSpendLogsV2 } from "./litellm";
import { getUsage as getThreemaUsage } from "./threema-relay"; import { getUsage as getThreemaUsage } from "./threema-relay";
import { renderInvoicePdf } from "./billing-pdf"; import { renderInvoicePdf } from "./billing-pdf";
import { sendInvoiceIssuedEmail } from "./email"; import { renderCreditNotePdf } from "./credit-note-pdf";
import { sendCreditNoteEmail, sendInvoiceIssuedEmail } from "./email";
import { createInvoiceRefund } from "./stripe";
import { formatLineDescription } from "./billing-i18n"; import { formatLineDescription } from "./billing-i18n";
// --------------------------------------------------------------------------- // ---------------------------------------------------------------------------
@@ -645,6 +652,7 @@ export async function computeInvoiceDraft(opts: {
} }
const snapshot: InvoiceBillingSnapshot = { const snapshot: InvoiceBillingSnapshot = {
companyName: orgBilling.companyName, companyName: orgBilling.companyName,
contactName: orgBilling.contactName ?? null,
streetAddress: orgBilling.streetAddress, streetAddress: orgBilling.streetAddress,
postalCode: orgBilling.postalCode, postalCode: orgBilling.postalCode,
city: orgBilling.city, city: orgBilling.city,
@@ -835,3 +843,362 @@ export async function generateInvoice(opts: {
); );
} }
} }
// ---------------------------------------------------------------------------
// Phase 7 — void and refund orchestration
// ---------------------------------------------------------------------------
export class VoidNotAllowedError extends Error {
constructor(message: string, public readonly currentStatus: string) {
super(message);
this.name = "VoidNotAllowedError";
}
}
export class RefundNotAllowedError extends Error {
constructor(message: string, public readonly currentStatus: string) {
super(message);
this.name = "RefundNotAllowedError";
}
}
/**
* Sanitize a locale string to the supported four. Used when picking
* which translation block to render emails/PDFs with. We never
* fall back to admin's locale here — the credit note inherits the
* invoice's locale so both documents read consistently to the
* customer.
*/
function pickSupportedLocale(
locale: string | null | undefined
): "de" | "en" | "fr" | "it" {
const supported = ["de", "en", "fr", "it"] as const;
return (supported as readonly string[]).includes(locale ?? "")
? (locale as "de" | "en" | "fr" | "it")
: "de";
}
/**
* Round a CHF amount to 2 decimal places. Used when proportionally
* splitting VAT between subtotal and refund amount — avoids
* accumulating fractional rappen across operations.
*/
function roundChf(amount: number): number {
return Math.round(amount * 100) / 100;
}
/**
* Void an unpaid invoice. State transition: open/overdue → void.
*
* Side effects, in order:
* 1. Mark the invoice voided (status, void_reason, voided_at, voided_by)
* 2. Insert credit_notes row (kind='void', amount=full invoice total)
* 3. Render the credit-note PDF and attach it to the row
* 4. Best-effort email to the billing contact
*
* Not allowed:
* - status='paid' (use refundInvoice instead — voiding paid
* invoices would create a record mismatch with the payment
* processor)
* - status='void' (already voided)
* - status='draft' (drafts aren't issued; nothing to void)
* - status='partially_refunded' / 'fully_refunded' (use refund
* for the remaining amount instead)
*
* Throws VoidNotAllowedError if the invoice is in a non-voidable
* state. Caller surfaces this as 409 Conflict to the admin.
*/
export async function voidInvoice(params: {
invoiceId: string;
reason: string;
voidedBy: string;
}): Promise<CreditNote> {
const invoice = await getInvoiceById(params.invoiceId);
if (!invoice) {
throw new Error(`Invoice not found: ${params.invoiceId}`);
}
// Only unpaid invoices can be voided. The state machine puts
// paid invoices on the refund path; voiding them would skip the
// payment reversal and leave the customer's money in our account
// with no obligation showing in the portal.
if (!["open", "overdue"].includes(invoice.status)) {
throw new VoidNotAllowedError(
`Cannot void invoice in status '${invoice.status}'. Voids are allowed only for open or overdue invoices; paid invoices must be refunded.`,
invoice.status
);
}
const locale = pickSupportedLocale(invoice.locale);
// The credit note matches the invoice 1:1 in amount and VAT.
// We carry the same VAT breakdown so the PDF can render
// "subtotal + VAT" the same way the original invoice did.
const creditNote = await createCreditNote({
invoiceId: invoice.id,
zitadelOrgId: invoice.zitadelOrgId,
kind: "void",
amountChf: invoice.totalChf,
vatAmountChf: invoice.vatAmountChf,
reason: params.reason || null,
issuedBy: params.voidedBy,
locale,
billingSnapshot: invoice.billingSnapshot,
});
// Mark invoice voided AFTER the credit note row exists, so the
// status change has a credit note to point at. If anything below
// here fails (PDF render, email), the invoice is still correctly
// voided and the credit note row exists — just without a PDF
// until manually re-rendered.
await markInvoiceVoided({
invoiceId: invoice.id,
reason: params.reason,
voidedBy: params.voidedBy,
});
// Render PDF + attach. PDF failure here doesn't undo the void —
// the customer can be told their invoice is voided and the PDF
// can be re-issued later. We surface the error in the response
// so admin knows to retry, but the void itself stands.
try {
const pdfBuffer = await renderCreditNotePdf(creditNote, invoice);
const filename = `${creditNote.creditNoteNumber}.pdf`;
await attachCreditNotePdf(creditNote.id, pdfBuffer, filename);
} catch (e) {
console.error(
`Credit note ${creditNote.creditNoteNumber} created but PDF render failed; re-render manually.`,
e
);
}
// Best-effort email. Same fail-soft pattern as invoice issuance.
try {
const snap = invoice.billingSnapshot;
if (snap.billingEmail) {
await sendCreditNoteEmail({
to: snap.billingEmail,
contactName: snap.contactName || snap.companyName,
companyName: snap.companyName,
creditNoteNumber: creditNote.creditNoteNumber,
invoiceNumber: invoice.invoiceNumber,
amountChf: creditNote.amountChf,
currency: "CHF",
kind: "void",
reason: params.reason || null,
locale,
});
}
} catch (e) {
console.error(
`Credit note ${creditNote.creditNoteNumber} issued; email send failed.`,
e
);
}
return creditNote;
}
/**
* Refund a paid invoice (in part or in full). State transition:
* paid → partially_refunded (if amount < remaining)
* paid → fully_refunded (if amount >= remaining)
* partially_refunded → fully_refunded (if cumulative >= total)
*
* Side effects, in order:
* 1. If the invoice was Stripe-paid (payment_method='card' with a
* stripe_payment_intent_id) AND no `existingStripeRefund` was
* passed, call Stripe to issue the refund. Stripe is the source
* of truth for actual money movement; we mirror its outcome
* locally.
* 2. Insert credit_notes row (kind='refund', amount=refund amount,
* VAT proportional)
* 3. Insert invoice_refunds row, linking to the credit note and to
* the Stripe refund (if any). recordInvoiceRefund updates the
* invoice's status atomically based on the new running total.
* 4. Render PDF + attach
* 5. Best-effort email
*
* `existingStripeRefund` is for the webhook path: when Stripe fires
* `charge.refunded` for a refund that was initiated directly in the
* Stripe Dashboard (not via this portal), the webhook needs to
* mirror the refund into the DB and issue a credit note WITHOUT
* calling Stripe again. Pass the refund id and status to skip the
* Stripe call.
*
* Not allowed:
* - status not in {paid, partially_refunded} — full refunds are
* only meaningful against actual payment
* - amount <= 0 or > remaining refundable
*
* For invoice-paid (non-Stripe) customers the Stripe step is
* skipped; refund settlement happens out-of-band (bank transfer)
* and admin records the action in the portal.
*/
export async function refundInvoice(params: {
invoiceId: string;
amountChf: number;
reason: string;
refundedBy: string;
/**
* Webhook path: a Stripe refund that has already been created
* (in the Stripe Dashboard or via a prior API call) and now needs
* to be mirrored into the portal. When set, the Stripe API call
* is skipped and the provided id/status are recorded as-is.
*/
existingStripeRefund?: {
id: string;
status: "pending" | "succeeded" | "failed" | "canceled";
};
}): Promise<CreditNote> {
const invoice = await getInvoiceById(params.invoiceId);
if (!invoice) {
throw new Error(`Invoice not found: ${params.invoiceId}`);
}
if (!["paid", "partially_refunded"].includes(invoice.status)) {
throw new RefundNotAllowedError(
`Cannot refund invoice in status '${invoice.status}'. Refunds are allowed only for paid invoices.`,
invoice.status
);
}
if (params.amountChf <= 0) {
throw new RefundNotAllowedError(
"Refund amount must be greater than zero.",
invoice.status
);
}
const remaining = roundChf(invoice.totalChf - invoice.refundedTotalChf);
if (params.amountChf - remaining > 0.005) {
// Allow a 0.005 tolerance to account for floating-point dust;
// anything genuinely larger is a real over-refund attempt.
throw new RefundNotAllowedError(
`Refund amount CHF ${params.amountChf.toFixed(2)} exceeds remaining refundable CHF ${remaining.toFixed(2)}.`,
invoice.status
);
}
const locale = pickSupportedLocale(invoice.locale);
// Proportional VAT split: refunded VAT / total VAT = refunded
// amount / total amount. Keep the proportion explicit so the
// credit note's "subtotal + VAT" lines reconcile to the same
// VAT rate as the original invoice.
const vatPortion =
invoice.totalChf > 0
? roundChf((params.amountChf * invoice.vatAmountChf) / invoice.totalChf)
: 0;
// Step 1: Stripe (only for card-paid invoices, and only when the
// caller hasn't already created the refund). We do this BEFORE
// any local DB writes for refund tracking — Stripe is the source
// of truth for money movement, and if the Stripe call fails we
// must NOT have recorded the refund locally (the customer would
// see a credit note for money they never received).
//
// The charge.refunded webhook will also fire later, but we record
// the refund here too so the admin gets immediate confirmation
// and the credit note can be issued without waiting for the
// webhook round-trip. The webhook is idempotent (dedups by
// stripe_refund_id) so it's safe to do both.
let stripeRefundId: string | null = null;
let stripeStatus: "pending" | "succeeded" | "failed" | "canceled" =
"succeeded";
const isStripePaid =
invoice.paymentMethod === "card" && !!invoice.stripePaymentIntentId;
if (params.existingStripeRefund) {
// Webhook path: don't call Stripe again; trust the provided id.
stripeRefundId = params.existingStripeRefund.id;
stripeStatus = params.existingStripeRefund.status;
} else if (isStripePaid) {
try {
const refund = await createInvoiceRefund({
paymentIntentId: invoice.stripePaymentIntentId!,
amountChf: params.amountChf,
reason: "requested_by_customer",
metadata: {
invoice_number: invoice.invoiceNumber,
refunded_by: params.refundedBy,
},
});
stripeRefundId = refund.id;
// Map Stripe statuses to our enum. Anything other than
// 'succeeded' or 'pending' is treated as a failure — we
// don't record the credit note in that case (see below).
if (refund.status === "succeeded") stripeStatus = "succeeded";
else if (refund.status === "pending") stripeStatus = "pending";
else if (refund.status === "canceled") stripeStatus = "canceled";
else stripeStatus = "failed";
} catch (e) {
throw new Error(
`Stripe refund failed: ${e instanceof Error ? e.message : String(e)}`
);
}
if (stripeStatus === "failed" || stripeStatus === "canceled") {
throw new Error(
`Stripe refund returned non-success status: ${stripeStatus}`
);
}
}
// Step 2: insert credit note (PDF still null at this point).
const creditNote = await createCreditNote({
invoiceId: invoice.id,
zitadelOrgId: invoice.zitadelOrgId,
kind: "refund",
amountChf: params.amountChf,
vatAmountChf: vatPortion,
reason: params.reason || null,
issuedBy: params.refundedBy,
locale,
billingSnapshot: invoice.billingSnapshot,
});
// Step 3: record the refund event and bump invoice status.
// recordInvoiceRefund handles status transitions and idempotency.
await recordInvoiceRefund({
invoiceId: invoice.id,
stripeRefundId,
amountChf: params.amountChf,
reason: params.reason || null,
refundedBy: params.refundedBy,
creditNoteId: creditNote.id,
status: stripeStatus,
});
// Step 4: render + attach PDF. As with voidInvoice, a PDF failure
// here doesn't undo the refund — the refund happened (in Stripe
// and the DB), only the document is missing. Admin can re-render.
try {
const pdfBuffer = await renderCreditNotePdf(creditNote, invoice);
const filename = `${creditNote.creditNoteNumber}.pdf`;
await attachCreditNotePdf(creditNote.id, pdfBuffer, filename);
} catch (e) {
console.error(
`Credit note ${creditNote.creditNoteNumber} created but PDF render failed; re-render manually.`,
e
);
}
// Step 5: best-effort email.
try {
const snap = invoice.billingSnapshot;
if (snap.billingEmail) {
await sendCreditNoteEmail({
to: snap.billingEmail,
contactName: snap.contactName || snap.companyName,
companyName: snap.companyName,
creditNoteNumber: creditNote.creditNoteNumber,
invoiceNumber: invoice.invoiceNumber,
amountChf: creditNote.amountChf,
currency: "CHF",
kind: "refund",
reason: params.reason || null,
locale,
});
}
} catch (e) {
console.error(
`Credit note ${creditNote.creditNoteNumber} issued; email send failed.`,
e
);
}
return creditNote;
}

467
src/lib/credit-note-pdf.tsx Normal file
View File

@@ -0,0 +1,467 @@
/**
* Credit-note PDF rendering via @react-pdf/renderer.
*
* Phase 7. Renders the same brand identity as the invoice PDF
* (hexagon logo, issuer block, layout) with one accent override:
* red instead of emerald. That difference is enough to make voids
* and refunds visually unmistakable from an invoice at a glance,
* while keeping every other element (logo shape, fonts, structure,
* issuer info, page footer) identical so the document family reads
* as one brand.
*
* Brand + Logo come from lib/pdf-brand. Edit there to change
* issuer info, colours, or the logo glyph — both invoice and
* credit-note PDFs pick the changes up.
*/
import React from "react";
import {
Document,
Page,
Text,
View,
StyleSheet,
renderToBuffer,
} from "@react-pdf/renderer";
import type { CreditNote, Invoice } from "@/types";
import { BRAND, Logo } from "./pdf-brand";
// ---------------------------------------------------------------------------
// Localized strings
// ---------------------------------------------------------------------------
interface CreditNoteStrings {
creditNote: string;
creditNoteNumber: string;
issueDate: string;
billTo: string;
attentionPrefix: string;
referenceInvoice: string;
reason: string;
voidLineLabel: string;
refundLineLabel: string;
subtotal: string;
vatLabel: string;
totalCredited: string;
footerVoidNote: string;
footerRefundNote: string;
vatNoteSwiss: string;
vatNoteReverseCharge: string;
vatNoteOutOfScope: string;
}
const MESSAGES: Record<string, CreditNoteStrings> = {
de: {
creditNote: "Gutschrift",
creditNoteNumber: "Gutschrift-Nr.",
issueDate: "Ausstellungsdatum",
billTo: "Empfänger",
attentionPrefix: "z.Hd.",
referenceInvoice: "Bezug Rechnung",
reason: "Begründung",
voidLineLabel: "Stornierung Rechnung {number}",
refundLineLabel: "Rückerstattung Rechnung {number}",
subtotal: "Zwischensumme",
vatLabel: "MWST",
totalCredited: "Gesamtbetrag Gutschrift",
footerVoidNote:
"Diese Gutschrift storniert die oben referenzierte Rechnung. Ein Zahlungsausgleich ist nicht erforderlich.",
footerRefundNote:
"Diese Gutschrift dokumentiert die Rückerstattung des oben genannten Betrags. Die Auszahlung erfolgt über den ursprünglichen Zahlungsweg.",
vatNoteSwiss:
"MWST gemäss schweizerischem Mehrwertsteuergesetz (MWSTG).",
vatNoteReverseCharge:
"Reverse Charge: Steuerschuldnerschaft des Leistungsempfängers nach Art. 196 EU-MwStSyst-RL bzw. nationaler Umsetzung.",
vatNoteOutOfScope:
"Leistung ausserhalb des Geltungsbereichs der schweizerischen MWST.",
},
en: {
creditNote: "Credit note",
creditNoteNumber: "Credit note no.",
issueDate: "Issue date",
billTo: "Bill to",
attentionPrefix: "Attn:",
referenceInvoice: "Reference invoice",
reason: "Reason",
voidLineLabel: "Void of invoice {number}",
refundLineLabel: "Refund for invoice {number}",
subtotal: "Subtotal",
vatLabel: "VAT",
totalCredited: "Total credited",
footerVoidNote:
"This credit note voids the referenced invoice. No payment is required.",
footerRefundNote:
"This credit note documents the refund of the amount above. Settlement occurs via the original payment method.",
vatNoteSwiss:
"VAT charged in accordance with Swiss VAT law (MWSTG).",
vatNoteReverseCharge:
"Reverse charge: VAT to be accounted for by the recipient per Art. 196 EU VAT Directive or national implementation.",
vatNoteOutOfScope:
"Service supplied outside the scope of Swiss VAT.",
},
fr: {
creditNote: "Note de crédit",
creditNoteNumber: "N° de note de crédit",
issueDate: "Date d'émission",
billTo: "Destinataire",
attentionPrefix: "À l'attention de",
referenceInvoice: "Facture de référence",
reason: "Motif",
voidLineLabel: "Annulation de la facture {number}",
refundLineLabel: "Remboursement de la facture {number}",
subtotal: "Sous-total",
vatLabel: "TVA",
totalCredited: "Total du crédit",
footerVoidNote:
"Cette note de crédit annule la facture référencée ci-dessus. Aucun paiement n'est requis.",
footerRefundNote:
"Cette note de crédit documente le remboursement du montant ci-dessus. Le règlement s'effectue via le moyen de paiement initial.",
vatNoteSwiss:
"TVA facturée conformément à la loi suisse sur la TVA (LTVA).",
vatNoteReverseCharge:
"Autoliquidation : TVA à acquitter par le destinataire selon l'art. 196 de la directive TVA UE ou sa mise en œuvre nationale.",
vatNoteOutOfScope:
"Prestation hors du champ d'application de la TVA suisse.",
},
it: {
creditNote: "Nota di credito",
creditNoteNumber: "N. nota di credito",
issueDate: "Data di emissione",
billTo: "Destinatario",
attentionPrefix: "c.a.",
referenceInvoice: "Fattura di riferimento",
reason: "Motivo",
voidLineLabel: "Annullamento della fattura {number}",
refundLineLabel: "Rimborso della fattura {number}",
subtotal: "Subtotale",
vatLabel: "IVA",
totalCredited: "Totale accreditato",
footerVoidNote:
"Questa nota di credito annulla la fattura sopra indicata. Non è richiesto alcun pagamento.",
footerRefundNote:
"Questa nota di credito documenta il rimborso dell'importo sopra indicato. Il regolamento avviene tramite il metodo di pagamento originale.",
vatNoteSwiss:
"IVA addebitata in conformità alla legge svizzera sull'IVA (LIVA).",
vatNoteReverseCharge:
"Inversione contabile: IVA dovuta dal destinatario ai sensi dell'art. 196 della direttiva IVA UE o della sua attuazione nazionale.",
vatNoteOutOfScope:
"Prestazione fuori dal campo di applicazione dell'IVA svizzera.",
},
};
function pickStrings(locale: string): CreditNoteStrings {
return MESSAGES[locale] ?? MESSAGES.de;
}
// Swiss number formatting — matches billing-pdf for consistency
function fmtChf(n: number): string {
const fixed = n.toFixed(2);
const [intPart, decPart] = fixed.split(".");
const withSep = intPart.replace(/\B(?=(\d{3})+(?!\d))/g, "'");
return decPart ? `${withSep}.${decPart}` : withSep;
}
function fmtDate(iso: string, locale: string): string {
const [y, m, d] = iso.split("T")[0].split("-").map(Number);
if (locale === "en") {
return new Date(Date.UTC(y, m - 1, d)).toLocaleDateString("en-US", {
year: "numeric",
month: "short",
day: "numeric",
});
}
return `${String(d).padStart(2, "0")}.${String(m).padStart(2, "0")}.${y}`;
}
function pickVatNote(
invoice: Invoice,
strings: CreditNoteStrings
): string | null {
const country = invoice.billingSnapshot.country?.toUpperCase();
const hasVat = invoice.billingSnapshot.vatNumber?.trim();
if (country === "CH" || country === "LI") return strings.vatNoteSwiss;
if (hasVat) return strings.vatNoteReverseCharge;
return strings.vatNoteOutOfScope;
}
// ---------------------------------------------------------------------------
// Styles
// ---------------------------------------------------------------------------
const styles = StyleSheet.create({
page: {
paddingTop: 36,
paddingBottom: 50,
paddingHorizontal: 50,
fontSize: 10,
fontFamily: "Helvetica",
color: BRAND.textColor,
},
headerRow: {
flexDirection: "row",
justifyContent: "space-between",
marginBottom: 32,
},
logoBlock: { flexDirection: "row", alignItems: "center" },
brandName: {
fontSize: 16,
color: BRAND.primaryDark,
marginLeft: 8,
fontFamily: "Helvetica-Bold",
},
issuerBlock: { textAlign: "right", fontSize: 8.5, color: BRAND.mutedColor },
issuerName: { fontSize: 11, color: BRAND.primaryDark, marginBottom: 2 },
docTitle: {
fontSize: 22,
color: BRAND.primaryDark,
marginBottom: 8,
fontFamily: "Helvetica-Bold",
},
metaTable: {
flexDirection: "row",
justifyContent: "space-between",
marginBottom: 20,
},
metaCol: { flexDirection: "column", minWidth: 140 },
metaLabel: { fontSize: 8, color: BRAND.mutedColor, marginBottom: 2 },
metaValue: { fontSize: 10 },
billTo: {
marginBottom: 24,
padding: 8,
backgroundColor: "#f7f7f5",
borderLeftWidth: 3,
borderLeftColor: BRAND.primary,
},
billToLabel: { fontSize: 8, color: BRAND.mutedColor, marginBottom: 4 },
billToName: { fontSize: 11, marginBottom: 2 },
amountTable: {
borderTopWidth: 1,
borderTopColor: BRAND.borderColor,
borderBottomWidth: 1,
borderBottomColor: BRAND.borderColor,
marginBottom: 16,
},
amountHeader: {
flexDirection: "row",
backgroundColor: BRAND.primaryDark,
color: "#ffffff",
paddingVertical: 5,
paddingHorizontal: 6,
fontSize: 9,
fontFamily: "Helvetica-Bold",
},
amountRow: {
flexDirection: "row",
paddingVertical: 8,
paddingHorizontal: 6,
borderBottomWidth: 1,
borderBottomColor: "#f0f0f0",
},
amountDesc: { flex: 1 },
amountValue: { width: 90, textAlign: "right" },
totals: { marginLeft: "auto", width: 220, marginBottom: 20 },
totalsRow: {
flexDirection: "row",
justifyContent: "space-between",
paddingVertical: 3,
},
totalsLabel: { color: BRAND.mutedColor, fontSize: 10 },
totalsValue: { fontSize: 10 },
totalsGrand: {
flexDirection: "row",
justifyContent: "space-between",
borderTopWidth: 1,
borderTopColor: BRAND.primaryDark,
paddingTop: 6,
marginTop: 4,
},
totalsGrandLabel: {
color: BRAND.primaryDark,
fontSize: 11,
fontFamily: "Helvetica-Bold",
},
totalsGrandValue: {
color: BRAND.primaryDark,
fontSize: 11,
textAlign: "right",
fontFamily: "Helvetica-Bold",
},
reasonBox: {
marginTop: 4,
marginBottom: 18,
padding: 8,
backgroundColor: "#fafafa",
borderLeftWidth: 2,
borderLeftColor: BRAND.borderColor,
},
reasonLabel: {
fontSize: 8,
color: BRAND.mutedColor,
marginBottom: 2,
textTransform: "uppercase",
letterSpacing: 0.5,
},
reasonText: { fontSize: 9.5, color: BRAND.textColor },
noteBox: {
marginTop: 12,
padding: 8,
fontSize: 8.5,
color: BRAND.mutedColor,
lineHeight: 1.5,
},
footer: {
position: "absolute",
bottom: 24,
left: 50,
right: 50,
fontSize: 7.5,
color: BRAND.mutedColor,
textAlign: "center",
borderTopWidth: 0.5,
borderTopColor: BRAND.borderColor,
paddingTop: 6,
},
});
interface CreditNotePdfProps {
creditNote: CreditNote;
invoice: Invoice;
}
function CreditNotePdfDocument({ creditNote, invoice }: CreditNotePdfProps) {
const strings = pickStrings(creditNote.locale);
const snap = creditNote.billingSnapshot;
const vatNote = pickVatNote(invoice, strings);
const amountLabelTemplate =
creditNote.kind === "void" ? strings.voidLineLabel : strings.refundLineLabel;
const amountLabel = amountLabelTemplate.replace(
"{number}",
invoice.invoiceNumber
);
const footerNote =
creditNote.kind === "void" ? strings.footerVoidNote : strings.footerRefundNote;
// Stored convention: amount_chf is gross (incl. VAT),
// vat_amount_chf is the VAT portion. Subtotal computed for
// display.
const subtotal = creditNote.amountChf - creditNote.vatAmountChf;
return (
<Document>
<Page size="A4" style={styles.page}>
{/* Header — SAME hexagon logo as the invoice, tinted red.
Issuer block from BRAND.issuer (shared with invoice). */}
<View style={styles.headerRow}>
<View style={styles.logoBlock}>
<Logo size={42} color={BRAND.primary} />
<Text style={styles.brandName}>{BRAND.name}</Text>
</View>
<View style={styles.issuerBlock}>
<Text style={styles.issuerName}>{BRAND.issuer.legalName}</Text>
<Text>{BRAND.issuer.addressLine1}</Text>
<Text>{BRAND.issuer.addressLine2}</Text>
<Text>{BRAND.issuer.postalCity}</Text>
<Text>{BRAND.issuer.country}</Text>
<Text>{BRAND.issuer.email}</Text>
<Text>{BRAND.issuer.web}</Text>
{BRAND.issuer.vatNumber && (
<Text>MWST-Nr. {BRAND.issuer.vatNumber}</Text>
)}
</View>
</View>
<Text style={styles.docTitle}>{strings.creditNote}</Text>
<View style={styles.metaTable}>
<View style={styles.metaCol}>
<Text style={styles.metaLabel}>{strings.creditNoteNumber}</Text>
<Text style={styles.metaValue}>{creditNote.creditNoteNumber}</Text>
</View>
<View style={styles.metaCol}>
<Text style={styles.metaLabel}>{strings.issueDate}</Text>
<Text style={styles.metaValue}>
{fmtDate(creditNote.issuedAt, creditNote.locale)}
</Text>
</View>
<View style={styles.metaCol}>
<Text style={styles.metaLabel}>{strings.referenceInvoice}</Text>
<Text style={styles.metaValue}>{invoice.invoiceNumber}</Text>
</View>
</View>
<View style={styles.billTo}>
<Text style={styles.billToLabel}>{strings.billTo}</Text>
<Text style={styles.billToName}>{snap.companyName}</Text>
{snap.contactName && snap.contactName.trim().length > 0 && (
<Text>
{strings.attentionPrefix} {snap.contactName}
</Text>
)}
<Text>{snap.streetAddress}</Text>
<Text>
{snap.postalCode} {snap.city}
</Text>
<Text>{snap.country}</Text>
{snap.vatNumber && <Text>MWST/VAT: {snap.vatNumber}</Text>}
</View>
<View style={styles.amountTable}>
<View style={styles.amountHeader}>
<Text style={styles.amountDesc}> </Text>
<Text style={styles.amountValue}>CHF</Text>
</View>
<View style={styles.amountRow}>
<Text style={styles.amountDesc}>{amountLabel}</Text>
<Text style={styles.amountValue}>{fmtChf(subtotal)}</Text>
</View>
</View>
<View style={styles.totals}>
<View style={styles.totalsRow}>
<Text style={styles.totalsLabel}>{strings.subtotal}</Text>
<Text style={styles.totalsValue}>CHF {fmtChf(subtotal)}</Text>
</View>
{creditNote.vatAmountChf > 0 && (
<View style={styles.totalsRow}>
<Text style={styles.totalsLabel}>
{strings.vatLabel} ({Number(invoice.vatRate).toFixed(1)}%)
</Text>
<Text style={styles.totalsValue}>
CHF {fmtChf(creditNote.vatAmountChf)}
</Text>
</View>
)}
<View style={styles.totalsGrand}>
<Text style={styles.totalsGrandLabel}>{strings.totalCredited}</Text>
<Text style={styles.totalsGrandValue}>
CHF {fmtChf(creditNote.amountChf)}
</Text>
</View>
</View>
{creditNote.reason && creditNote.reason.trim().length > 0 && (
<View style={styles.reasonBox}>
<Text style={styles.reasonLabel}>{strings.reason}</Text>
<Text style={styles.reasonText}>{creditNote.reason}</Text>
</View>
)}
<View style={styles.noteBox}>
<Text>{footerNote}</Text>
{vatNote && <Text style={{ marginTop: 6 }}>{vatNote}</Text>}
</View>
<Text style={styles.footer} fixed>
{BRAND.issuer.legalName} · {creditNote.creditNoteNumber}
</Text>
</Page>
</Document>
);
}
export async function renderCreditNotePdf(
creditNote: CreditNote,
invoice: Invoice
): Promise<Buffer> {
const doc = <CreditNotePdfDocument creditNote={creditNote} invoice={invoice} />;
return renderToBuffer(doc) as unknown as Buffer;
}

600
src/lib/db.ts
View File

@@ -198,6 +198,12 @@ const MIGRATION_SQL = `
CREATE TABLE IF NOT EXISTS org_billing ( CREATE TABLE IF NOT EXISTS org_billing (
zitadel_org_id TEXT PRIMARY KEY, zitadel_org_id TEXT PRIMARY KEY,
company_name TEXT NOT NULL, company_name TEXT NOT NULL,
-- Phase 6 fix: optional contact-person line shown on the
-- invoice PDF below the company name (e.g. "z.Hd. Herr Müller").
-- Not normally needed since invoices are delivered by email
-- link, but useful when customers forward the PDF internally
-- for AP routing in larger organizations.
contact_name TEXT,
street_address TEXT NOT NULL, street_address TEXT NOT NULL,
postal_code TEXT NOT NULL, postal_code TEXT NOT NULL,
city TEXT NOT NULL, city TEXT NOT NULL,
@@ -208,6 +214,10 @@ const MIGRATION_SQL = `
created_at TIMESTAMPTZ NOT NULL DEFAULT now(), created_at TIMESTAMPTZ NOT NULL DEFAULT now(),
updated_at TIMESTAMPTZ NOT NULL DEFAULT now() updated_at TIMESTAMPTZ NOT NULL DEFAULT now()
); );
-- Phase 6 fix: ensure the column exists on databases that were
-- created before contact_name was added to the base schema above.
-- IF NOT EXISTS makes this safe to run repeatedly via ensureSchema.
ALTER TABLE org_billing ADD COLUMN IF NOT EXISTS contact_name TEXT;
-- Feature 5: lightweight customer support / feedback tickets. -- Feature 5: lightweight customer support / feedback tickets.
-- Scoped strictly per-user (zitadel_user_id), not per-org — -- Scoped strictly per-user (zitadel_user_id), not per-org —
@@ -482,6 +492,32 @@ const MIGRATION_SQL = `
-- admin override at issue time. -- admin override at issue time.
ALTER TABLE invoices ALTER TABLE invoices
ADD COLUMN IF NOT EXISTS locale TEXT NOT NULL DEFAULT 'de'; ADD COLUMN IF NOT EXISTS locale TEXT NOT NULL DEFAULT 'de';
-- Phase 7 schema: void + refund tracking on the existing invoices
-- table, plus the credit-note and refund-event sub-entities. These
-- ALTERs are idempotent (IF NOT EXISTS) so re-running ensureSchema
-- on an already-migrated DB is a no-op.
ALTER TABLE invoices
ADD COLUMN IF NOT EXISTS void_reason TEXT;
ALTER TABLE invoices
ADD COLUMN IF NOT EXISTS voided_at TIMESTAMPTZ;
ALTER TABLE invoices
ADD COLUMN IF NOT EXISTS voided_by TEXT;
ALTER TABLE invoices
ADD COLUMN IF NOT EXISTS refunded_total_chf NUMERIC(10,2) NOT NULL DEFAULT 0;
-- Extend the status CHECK to allow partially/fully_refunded. We
-- drop-then-add because there's no "ALTER CONSTRAINT ... ADD
-- VALUE" in stock Postgres. Drop is conditional on the constraint
-- name; the constraint is auto-named after the table+column.
DO $constraints$
BEGIN
ALTER TABLE invoices DROP CONSTRAINT IF EXISTS invoices_status_check;
ALTER TABLE invoices ADD CONSTRAINT invoices_status_check CHECK (
status IN ('draft','open','paid','overdue','void','uncollectible',
'partially_refunded','fully_refunded')
);
END
$constraints$;
CREATE INDEX IF NOT EXISTS idx_invoices_org CREATE INDEX IF NOT EXISTS idx_invoices_org
ON invoices(zitadel_org_id, issued_at DESC); ON invoices(zitadel_org_id, issued_at DESC);
CREATE INDEX IF NOT EXISTS idx_invoices_status CREATE INDEX IF NOT EXISTS idx_invoices_status
@@ -491,6 +527,87 @@ const MIGRATION_SQL = `
CREATE UNIQUE INDEX IF NOT EXISTS uniq_invoices_org_period CREATE UNIQUE INDEX IF NOT EXISTS uniq_invoices_org_period
ON invoices(zitadel_org_id, period_start); ON invoices(zitadel_org_id, period_start);
-- Phase 7: credit notes. One row per void or refund event. The
-- credit_note_number follows CN-YYYY-NNNNN allocated from the
-- per-year counter below.
CREATE TABLE IF NOT EXISTS credit_note_counters (
year INTEGER PRIMARY KEY,
last_number INTEGER NOT NULL DEFAULT 0
);
CREATE TABLE IF NOT EXISTS credit_notes (
id UUID PRIMARY KEY DEFAULT gen_random_uuid(),
credit_note_number TEXT NOT NULL UNIQUE,
invoice_id UUID NOT NULL REFERENCES invoices(id),
zitadel_org_id TEXT NOT NULL,
kind TEXT NOT NULL CHECK (kind IN ('void','refund')),
amount_chf NUMERIC(10,2) NOT NULL,
vat_amount_chf NUMERIC(10,2) NOT NULL DEFAULT 0,
reason TEXT,
issued_at TIMESTAMPTZ NOT NULL DEFAULT now(),
issued_by TEXT NOT NULL,
locale TEXT NOT NULL DEFAULT 'de',
pdf_data BYTEA,
pdf_filename TEXT,
-- Frozen snapshot of the customer's billing address at the time
-- the credit note is issued. Mirrors invoices.billing_snapshot
-- so the PDF is self-contained and reproducible.
billing_snapshot JSONB NOT NULL
);
CREATE INDEX IF NOT EXISTS idx_credit_notes_invoice
ON credit_notes(invoice_id);
CREATE INDEX IF NOT EXISTS idx_credit_notes_org
ON credit_notes(zitadel_org_id, issued_at DESC);
-- Phase 7: per-refund-event log. Each row is one Stripe Refund
-- object (stripe_refund_id non-null) OR one manual admin action
-- for invoice-paid customers (stripe_refund_id null). The
-- credit_note_id links the refund to the credit note PDF it
-- generated.
CREATE TABLE IF NOT EXISTS invoice_refunds (
id UUID PRIMARY KEY DEFAULT gen_random_uuid(),
invoice_id UUID NOT NULL REFERENCES invoices(id),
stripe_refund_id TEXT UNIQUE,
amount_chf NUMERIC(10,2) NOT NULL,
reason TEXT,
status TEXT NOT NULL DEFAULT 'succeeded'
CHECK (status IN ('pending','succeeded','failed','canceled')),
refunded_at TIMESTAMPTZ NOT NULL DEFAULT now(),
refunded_by TEXT NOT NULL,
credit_note_id UUID REFERENCES credit_notes(id)
);
CREATE INDEX IF NOT EXISTS idx_invoice_refunds_invoice
ON invoice_refunds(invoice_id);
-- Phase 7 fix: the credit_notes.invoice_id and
-- invoice_refunds.invoice_id FKs were originally created without
-- ON DELETE CASCADE, which made admin "delete invoice" fail with
-- a FK violation when the invoice had any voids/refunds attached.
-- The production policy is to never delete an invoice that's been
-- refunded (the credit notes are part of the customer's records),
-- but the schema should allow the admin tool to clean up for test
-- data. We drop and re-add the FKs with CASCADE so a delete tears
-- down everything related. The DROP/ADD pair is idempotent — on a
-- DB that already has the CASCADE variant it's a no-op (we drop
-- by name and re-add identically).
DO $cnfk$
BEGIN
ALTER TABLE credit_notes
DROP CONSTRAINT IF EXISTS credit_notes_invoice_id_fkey;
ALTER TABLE credit_notes
ADD CONSTRAINT credit_notes_invoice_id_fkey
FOREIGN KEY (invoice_id) REFERENCES invoices(id) ON DELETE CASCADE;
END
$cnfk$;
DO $irfk$
BEGIN
ALTER TABLE invoice_refunds
DROP CONSTRAINT IF EXISTS invoice_refunds_invoice_id_fkey;
ALTER TABLE invoice_refunds
ADD CONSTRAINT invoice_refunds_invoice_id_fkey
FOREIGN KEY (invoice_id) REFERENCES invoices(id) ON DELETE CASCADE;
END
$irfk$;
-- Invoice line items. The kind column lets the PDF renderer -- Invoice line items. The kind column lets the PDF renderer
-- group lines (all monthly fees together, all AI usage together, -- group lines (all monthly fees together, all AI usage together,
-- etc.) and the admin UI filter by category. -- etc.) and the admin UI filter by category.
@@ -1262,6 +1379,7 @@ function rowToOrgBilling(row: any): OrgBilling {
return { return {
zitadelOrgId: row.zitadel_org_id, zitadelOrgId: row.zitadel_org_id,
companyName: row.company_name, companyName: row.company_name,
contactName: row.contact_name ?? null,
streetAddress: row.street_address, streetAddress: row.street_address,
postalCode: row.postal_code, postalCode: row.postal_code,
city: row.city, city: row.city,
@@ -1306,12 +1424,13 @@ export async function upsertOrgBilling(
await ensureSchema(); await ensureSchema();
const result = await getPool().query( const result = await getPool().query(
`INSERT INTO org_billing ( `INSERT INTO org_billing (
zitadel_org_id, company_name, street_address, postal_code, zitadel_org_id, company_name, contact_name, street_address,
city, country, vat_number, billing_email, notes postal_code, city, country, vat_number, billing_email, notes
) )
VALUES ($1, $2, $3, $4, $5, $6, $7, $8, $9) VALUES ($1, $2, $3, $4, $5, $6, $7, $8, $9, $10)
ON CONFLICT (zitadel_org_id) DO UPDATE SET ON CONFLICT (zitadel_org_id) DO UPDATE SET
company_name = EXCLUDED.company_name, company_name = EXCLUDED.company_name,
contact_name = EXCLUDED.contact_name,
street_address = EXCLUDED.street_address, street_address = EXCLUDED.street_address,
postal_code = EXCLUDED.postal_code, postal_code = EXCLUDED.postal_code,
city = EXCLUDED.city, city = EXCLUDED.city,
@@ -1324,6 +1443,7 @@ export async function upsertOrgBilling(
[ [
data.zitadelOrgId, data.zitadelOrgId,
data.companyName, data.companyName,
data.contactName ?? null,
data.streetAddress, data.streetAddress,
data.postalCode, data.postalCode,
data.city, data.city,
@@ -2249,6 +2369,9 @@ import type {
InvoiceDraft, InvoiceDraft,
InvoiceLine, InvoiceLine,
InvoiceStatus, InvoiceStatus,
CreditNote,
CreditNoteKind,
InvoiceRefund,
} from "@/types"; } from "@/types";
function rowToInvoice(row: any): Invoice { function rowToInvoice(row: any): Invoice {
@@ -2281,6 +2404,12 @@ function rowToInvoice(row: any): Invoice {
paidAt: row.paid_at?.toISOString?.() ?? row.paid_at ?? null, paidAt: row.paid_at?.toISOString?.() ?? row.paid_at ?? null,
paidBy: row.paid_by ?? null, paidBy: row.paid_by ?? null,
paidMethodDetail: row.paid_method_detail ?? null, paidMethodDetail: row.paid_method_detail ?? null,
voidReason: row.void_reason ?? null,
voidedAt: row.voided_at?.toISOString?.() ?? row.voided_at ?? null,
voidedBy: row.voided_by ?? null,
refundedTotalChf: row.refunded_total_chf != null
? Number(row.refunded_total_chf)
: 0,
createdAt: row.created_at?.toISOString?.() ?? row.created_at, createdAt: row.created_at?.toISOString?.() ?? row.created_at,
}; };
} }
@@ -2310,7 +2439,8 @@ const INVOICE_LIST_COLUMNS = `
issued_at, due_at, subtotal_chf, vat_rate, vat_amount_chf, issued_at, due_at, subtotal_chf, vat_rate, vat_amount_chf,
total_chf, status, locale, payment_method, billing_snapshot, total_chf, status, locale, payment_method, billing_snapshot,
stripe_payment_intent_id, pdf_filename, admin_notes, paid_at, stripe_payment_intent_id, pdf_filename, admin_notes, paid_at,
paid_by, paid_method_detail, created_at, paid_by, paid_method_detail, void_reason, voided_at, voided_by,
refunded_total_chf, created_at,
(pdf_data IS NOT NULL) AS has_pdf (pdf_data IS NOT NULL) AS has_pdf
`; `;
@@ -3175,3 +3305,465 @@ export async function recordReminderSent(params: {
); );
return result.rowCount === 1; return result.rowCount === 1;
} }
// ---------------------------------------------------------------------------
// Phase 7 — credit notes and refunds
// ---------------------------------------------------------------------------
function rowToCreditNote(row: any): CreditNote {
return {
id: row.id,
creditNoteNumber: row.credit_note_number,
invoiceId: row.invoice_id,
invoiceNumber: row.invoice_number, // joined column when available
zitadelOrgId: row.zitadel_org_id,
kind: row.kind as CreditNoteKind,
amountChf: Number(row.amount_chf),
vatAmountChf: Number(row.vat_amount_chf),
reason: row.reason ?? null,
issuedAt: row.issued_at?.toISOString?.() ?? row.issued_at,
issuedBy: row.issued_by,
locale: row.locale ?? "de",
pdfFilename: row.pdf_filename ?? null,
hasPdf: row.has_pdf ?? row.pdf_data !== null,
billingSnapshot: row.billing_snapshot as InvoiceBillingSnapshot,
};
}
function rowToInvoiceRefund(row: any): InvoiceRefund {
return {
id: row.id,
invoiceId: row.invoice_id,
stripeRefundId: row.stripe_refund_id ?? null,
amountChf: Number(row.amount_chf),
reason: row.reason ?? null,
status: row.status,
refundedAt: row.refunded_at?.toISOString?.() ?? row.refunded_at,
refundedBy: row.refunded_by,
creditNoteId: row.credit_note_id ?? null,
};
}
const CREDIT_NOTE_COLUMNS = `
cn.id, cn.credit_note_number, cn.invoice_id, cn.zitadel_org_id,
cn.kind, cn.amount_chf, cn.vat_amount_chf, cn.reason, cn.issued_at,
cn.issued_by, cn.locale, cn.pdf_filename, cn.billing_snapshot,
(cn.pdf_data IS NOT NULL) AS has_pdf,
inv.invoice_number AS invoice_number
`;
/**
* Allocate the next credit-note number for the given year. Uses the
* per-year counter table with a row-level lock, same approach as
* invoice numbering. Format: CN-2026-00001 (5-digit padding, matches
* invoice padding for visual consistency even though Cedric agreed
* to "CN-YYYY-NNNN" originally — the extra digit is harmless headroom
* and keeps eyes from misreading "CN-2026-1" next to "2026-00001").
*
* Must be called inside a transaction; the caller passes the same
* client so the allocation and the INSERT roll back together if
* anything downstream fails.
*/
async function allocateCreditNoteNumber(
client: any,
year: number
): Promise<string> {
const r = await client.query(
`INSERT INTO credit_note_counters (year, last_number)
VALUES ($1, 1)
ON CONFLICT (year) DO UPDATE SET
last_number = credit_note_counters.last_number + 1
RETURNING last_number`,
[year]
);
const seq = r.rows[0].last_number;
return `CN-${year}-${String(seq).padStart(5, "0")}`;
}
/**
* Persist a new credit note (without its PDF — that's attached later
* via attachCreditNotePdf so the PDF render can read the just-inserted
* row, including its credit_note_number, for self-referential rendering).
*
* Snapshots the invoice's billing block at issue time. Returns the
* inserted row (with PDF still null).
*/
export async function createCreditNote(params: {
invoiceId: string;
zitadelOrgId: string;
kind: CreditNoteKind;
amountChf: number;
vatAmountChf: number;
reason: string | null;
issuedBy: string;
locale: string;
billingSnapshot: InvoiceBillingSnapshot;
}): Promise<CreditNote> {
await ensureSchema();
const pool = getPool();
const client = await pool.connect();
try {
await client.query("BEGIN");
// Allocate from the year of NOW — credit notes are issued
// "today", not retroactively, so the year is current.
const year = new Date().getUTCFullYear();
const creditNoteNumber = await allocateCreditNoteNumber(client, year);
const inserted = await client.query(
`INSERT INTO credit_notes (
credit_note_number, invoice_id, zitadel_org_id, kind,
amount_chf, vat_amount_chf, reason, issued_by, locale,
billing_snapshot
)
VALUES ($1, $2, $3, $4, $5, $6, $7, $8, $9, $10::jsonb)
RETURNING *`,
[
creditNoteNumber,
params.invoiceId,
params.zitadelOrgId,
params.kind,
params.amountChf,
params.vatAmountChf,
params.reason,
params.issuedBy,
params.locale,
JSON.stringify(params.billingSnapshot),
]
);
await client.query("COMMIT");
// Re-query with the invoice_number join so the returned row has
// it populated (matches what list/get methods return).
const detail = await pool.query(
`SELECT ${CREDIT_NOTE_COLUMNS}
FROM credit_notes cn
JOIN invoices inv ON inv.id = cn.invoice_id
WHERE cn.id = $1`,
[inserted.rows[0].id]
);
return rowToCreditNote(detail.rows[0]);
} catch (e) {
await client.query("ROLLBACK");
throw e;
} finally {
client.release();
}
}
/**
* Attach a freshly-rendered PDF to an existing credit note row.
* Two-phase issue (insert row, render PDF, attach PDF) mirrors the
* invoice flow, where the PDF generation needs the number on the
* row to render itself.
*/
export async function attachCreditNotePdf(
creditNoteId: string,
pdfBuffer: Buffer,
pdfFilename: string
): Promise<void> {
await getPool().query(
`UPDATE credit_notes
SET pdf_data = $1, pdf_filename = $2
WHERE id = $3`,
[pdfBuffer, pdfFilename, creditNoteId]
);
}
/**
* Read a credit note by its number, scoped to an org. Returns null
* if the row doesn't exist OR exists but belongs to a different org
* (same 404-not-403 leak-protection as the invoice equivalent).
*/
export async function getCreditNoteByNumberForOrg(
creditNoteNumber: string,
zitadelOrgId: string
): Promise<CreditNote | null> {
await ensureSchema();
const result = await getPool().query(
`SELECT ${CREDIT_NOTE_COLUMNS}
FROM credit_notes cn
JOIN invoices inv ON inv.id = cn.invoice_id
WHERE cn.credit_note_number = $1 AND cn.zitadel_org_id = $2
LIMIT 1`,
[creditNoteNumber, zitadelOrgId]
);
return result.rows.length > 0 ? rowToCreditNote(result.rows[0]) : null;
}
/** Platform-admin variant: look up by number regardless of org. */
export async function getCreditNoteByNumber(
creditNoteNumber: string
): Promise<CreditNote | null> {
await ensureSchema();
const result = await getPool().query(
`SELECT ${CREDIT_NOTE_COLUMNS}
FROM credit_notes cn
JOIN invoices inv ON inv.id = cn.invoice_id
WHERE cn.credit_note_number = $1
LIMIT 1`,
[creditNoteNumber]
);
return result.rows.length > 0 ? rowToCreditNote(result.rows[0]) : null;
}
/**
* List credit notes for an org, newest first. Used by /billing to
* render the credit-note list alongside the invoice list.
*/
export async function listCreditNotesForOrg(
zitadelOrgId: string,
limit = 50
): Promise<CreditNote[]> {
await ensureSchema();
const result = await getPool().query(
`SELECT ${CREDIT_NOTE_COLUMNS}
FROM credit_notes cn
JOIN invoices inv ON inv.id = cn.invoice_id
WHERE cn.zitadel_org_id = $1
ORDER BY cn.issued_at DESC
LIMIT $2`,
[zitadelOrgId, limit]
);
return result.rows.map(rowToCreditNote);
}
/**
* All credit notes linked to a specific invoice. Used by the invoice
* detail page to surface "this invoice was voided / partially
* refunded by these credit notes".
*/
export async function listCreditNotesForInvoice(
invoiceId: string
): Promise<CreditNote[]> {
await ensureSchema();
const result = await getPool().query(
`SELECT ${CREDIT_NOTE_COLUMNS}
FROM credit_notes cn
JOIN invoices inv ON inv.id = cn.invoice_id
WHERE cn.invoice_id = $1
ORDER BY cn.issued_at ASC`,
[invoiceId]
);
return result.rows.map(rowToCreditNote);
}
/**
* Fetch the PDF bytes for a credit note. Returns null if no PDF was
* ever attached (which would be a bug — every credit note should
* have one) or if the credit note doesn't exist.
*/
export async function getCreditNotePdf(
creditNoteId: string
): Promise<{ data: Buffer; filename: string } | null> {
const result = await getPool().query(
`SELECT pdf_data, pdf_filename, credit_note_number
FROM credit_notes WHERE id = $1`,
[creditNoteId]
);
if (result.rows.length === 0) return null;
const row = result.rows[0];
if (!row.pdf_data) return null;
return {
data: row.pdf_data,
filename: row.pdf_filename ?? `${row.credit_note_number}.pdf`,
};
}
/**
* Mark an invoice as voided and bump the status. Caller is
* responsible for ensuring the invoice is in a void-eligible state
* (status='open' or 'overdue'); this helper doesn't enforce that —
* billing.voidInvoice() does.
*/
export async function markInvoiceVoided(params: {
invoiceId: string;
reason: string;
voidedBy: string;
}): Promise<void> {
await getPool().query(
`UPDATE invoices
SET status = 'void',
void_reason = $2,
voided_at = now(),
voided_by = $3
WHERE id = $1`,
[params.invoiceId, params.reason, params.voidedBy]
);
}
/**
* Record a refund event and (optionally) bump the invoice status.
* The status transition is:
* refunded_total + amount >= total_chf → fully_refunded
* otherwise → partially_refunded
*
* Idempotent against Stripe webhook replays via stripe_refund_id:
* if a row with the same Stripe refund id already exists, returns
* the existing row without double-counting. Manual (non-Stripe)
* refunds have stripe_refund_id=null and can't be deduped — caller
* must guard against double-submit at the UI/API layer.
*
* Returns the recorded refund, the updated invoice's new total
* refunded amount, and the resulting invoice status.
*/
export interface RecordRefundResult {
refund: InvoiceRefund;
alreadyExisted: boolean;
newRefundedTotalChf: number;
newInvoiceStatus: InvoiceStatus;
}
export async function recordInvoiceRefund(params: {
invoiceId: string;
stripeRefundId: string | null;
amountChf: number;
reason: string | null;
refundedBy: string;
creditNoteId: string | null;
status?: "pending" | "succeeded" | "failed" | "canceled";
}): Promise<RecordRefundResult> {
await ensureSchema();
const pool = getPool();
const client = await pool.connect();
try {
await client.query("BEGIN");
// Webhook idempotency: if the Stripe refund id is already
// recorded, return the existing row without re-adding to the
// running total. The invoice status row reflects the cumulative
// state independent of how many times this function is called.
if (params.stripeRefundId) {
const existing = await client.query(
`SELECT * FROM invoice_refunds WHERE stripe_refund_id = $1`,
[params.stripeRefundId]
);
if (existing.rows.length > 0) {
const inv = await client.query(
`SELECT refunded_total_chf, status
FROM invoices WHERE id = $1`,
[params.invoiceId]
);
await client.query("COMMIT");
return {
refund: rowToInvoiceRefund(existing.rows[0]),
alreadyExisted: true,
newRefundedTotalChf: Number(inv.rows[0]?.refunded_total_chf ?? 0),
newInvoiceStatus: (inv.rows[0]?.status ?? "paid") as InvoiceStatus,
};
}
}
// Insert the refund event.
const inserted = await client.query(
`INSERT INTO invoice_refunds (
invoice_id, stripe_refund_id, amount_chf, reason,
status, refunded_by, credit_note_id
)
VALUES ($1, $2, $3, $4, $5, $6, $7)
RETURNING *`,
[
params.invoiceId,
params.stripeRefundId,
params.amountChf,
params.reason,
params.status ?? "succeeded",
params.refundedBy,
params.creditNoteId,
]
);
const recordedStatus = inserted.rows[0].status;
// Only succeeded refunds count toward the invoice's
// refunded_total. Pending/failed refunds are tracked for audit
// but don't change the customer-visible state.
if (recordedStatus !== "succeeded") {
const inv = await client.query(
`SELECT refunded_total_chf, status FROM invoices WHERE id = $1`,
[params.invoiceId]
);
await client.query("COMMIT");
return {
refund: rowToInvoiceRefund(inserted.rows[0]),
alreadyExisted: false,
newRefundedTotalChf: Number(inv.rows[0]?.refunded_total_chf ?? 0),
newInvoiceStatus: (inv.rows[0]?.status ?? "paid") as InvoiceStatus,
};
}
// Update aggregate + status atomically based on the new total.
const updated = await client.query(
`UPDATE invoices
SET refunded_total_chf = refunded_total_chf + $2,
status = CASE
WHEN refunded_total_chf + $2 >= total_chf
THEN 'fully_refunded'
ELSE 'partially_refunded'
END
WHERE id = $1
RETURNING refunded_total_chf, status`,
[params.invoiceId, params.amountChf]
);
await client.query("COMMIT");
return {
refund: rowToInvoiceRefund(inserted.rows[0]),
alreadyExisted: false,
newRefundedTotalChf: Number(updated.rows[0].refunded_total_chf),
newInvoiceStatus: updated.rows[0].status as InvoiceStatus,
};
} catch (e) {
await client.query("ROLLBACK");
throw e;
} finally {
client.release();
}
}
/** All refund events for an invoice, ordered oldest first. */
export async function listRefundsForInvoice(
invoiceId: string
): Promise<InvoiceRefund[]> {
await ensureSchema();
const result = await getPool().query(
`SELECT * FROM invoice_refunds
WHERE invoice_id = $1
ORDER BY refunded_at ASC`,
[invoiceId]
);
return result.rows.map(rowToInvoiceRefund);
}
/**
* Phase 7: find an invoice by its Stripe PaymentIntent id. Used by
* the charge.refunded webhook to locate the invoice when a refund
* is initiated outside the portal (e.g. directly in Stripe
* Dashboard).
*
* Returns null if no invoice has that payment intent recorded. That
* shouldn't happen in normal flow — every Stripe-paid invoice gets
* its intent stored at checkout.session.completed time — but a
* refund event for an unknown intent should be logged and ignored
* rather than throwing.
*/
export async function getInvoiceByStripePaymentIntent(
paymentIntentId: string
): Promise<Invoice | null> {
await ensureSchema();
const result = await getPool().query(
`SELECT ${INVOICE_LIST_COLUMNS} FROM invoices
WHERE stripe_payment_intent_id = $1
LIMIT 1`,
[paymentIntentId]
);
return result.rows.length > 0 ? rowToInvoice(result.rows[0]) : null;
}
/**
* Phase 7: check if a particular Stripe refund id is already
* recorded in invoice_refunds. Used by the charge.refunded webhook
* to skip refunds that were initiated via /api/admin/.../refund
* (which records them immediately) — the webhook would otherwise
* try to double-create the credit note.
*/
export async function isStripeRefundRecorded(
stripeRefundId: string
): Promise<boolean> {
const result = await getPool().query(
`SELECT 1 FROM invoice_refunds WHERE stripe_refund_id = $1 LIMIT 1`,
[stripeRefundId]
);
return result.rows.length > 0;
}

155
src/lib/email.ts
View File

@@ -1158,3 +1158,158 @@ export async function sendInvoiceReminderEmail(params: {
); );
} }
} }
// ---------------------------------------------------------------------------
// Credit note emails — Phase 7
// ---------------------------------------------------------------------------
/**
* Send a credit-note notification to the customer's billing email.
*
* Covers both kinds (void and refund). The subject and body adapt
* based on `kind` — voids ("we've cancelled invoice X, no payment
* needed") read very differently from refunds ("we've refunded CHF
* X, expect to see it on your card statement within 5-10 days").
*
* Link-only — the PDF is not attached. The customer downloads it
* from /api/credit-notes/<number>/pdf when they click through, which
* also gives them a permanent in-portal record next to their
* invoices. Same approach as invoice emails.
*
* Best-effort: failures are logged and swallowed. A mail-server
* hiccup must never roll back a credit-note issuance.
*/
export async function sendCreditNoteEmail(params: {
to: string;
contactName: string;
companyName: string;
creditNoteNumber: string;
invoiceNumber: string;
amountChf: number;
currency: string;
kind: "void" | "refund";
reason: string | null;
locale: "de" | "en" | "fr" | "it";
}): Promise<void> {
const L = params.locale;
const totalFmt = `${params.currency} ${params.amountChf.toFixed(2)}`;
const link = `https://app.pieced.ch/billing/cn/${encodeURIComponent(
params.creditNoteNumber
)}`;
// Subject lines diverge between void and refund — different
// mental models for the recipient. Void: "your charge is
// cancelled". Refund: "your money is on the way back".
const subjectsByLocale: Record<typeof L, { void: string; refund: string }> = {
en: {
void: `Invoice ${params.invoiceNumber} cancelled — credit note ${params.creditNoteNumber}`,
refund: `Refund of ${totalFmt} for invoice ${params.invoiceNumber} — credit note ${params.creditNoteNumber}`,
},
de: {
void: `Rechnung ${params.invoiceNumber} storniert — Gutschrift ${params.creditNoteNumber}`,
refund: `Rückerstattung ${totalFmt} für Rechnung ${params.invoiceNumber} — Gutschrift ${params.creditNoteNumber}`,
},
fr: {
void: `Facture ${params.invoiceNumber} annulée — note de crédit ${params.creditNoteNumber}`,
refund: `Remboursement ${totalFmt} pour la facture ${params.invoiceNumber} — note de crédit ${params.creditNoteNumber}`,
},
it: {
void: `Fattura ${params.invoiceNumber} annullata — nota di credito ${params.creditNoteNumber}`,
refund: `Rimborso ${totalFmt} per fattura ${params.invoiceNumber} — nota di credito ${params.creditNoteNumber}`,
},
};
const greetingsByLocale: Record<typeof L, string> = {
en: `Hello ${params.contactName},`,
de: `Sehr geehrte/r ${params.contactName},`,
fr: `Bonjour ${params.contactName},`,
it: `Gentile ${params.contactName},`,
};
// Intro: distinct phrasing per kind in each locale.
const introsByLocale: Record<typeof L, { void: string; refund: string }> = {
en: {
void: `We've cancelled invoice ${params.invoiceNumber}. The invoice is no longer payable, and a credit note has been issued for your records.`,
refund: `We've refunded ${totalFmt} for invoice ${params.invoiceNumber}. The refund will appear on the original payment method within 510 business days, depending on your bank.`,
},
de: {
void: `Wir haben Rechnung ${params.invoiceNumber} storniert. Die Rechnung ist nicht mehr zahlbar; eine Gutschrift wurde für Ihre Unterlagen ausgestellt.`,
refund: `Wir haben ${totalFmt} für Rechnung ${params.invoiceNumber} zurückerstattet. Der Betrag wird je nach Bank innerhalb von 510 Geschäftstagen auf dem ursprünglichen Zahlungsweg gutgeschrieben.`,
},
fr: {
void: `Nous avons annulé la facture ${params.invoiceNumber}. La facture n'est plus exigible ; une note de crédit a été émise pour vos archives.`,
refund: `Nous avons remboursé ${totalFmt} pour la facture ${params.invoiceNumber}. Le montant apparaîtra sur le moyen de paiement initial sous 5 à 10 jours ouvrés, selon votre banque.`,
},
it: {
void: `Abbiamo annullato la fattura ${params.invoiceNumber}. La fattura non è più dovuta; è stata emessa una nota di credito per la sua documentazione.`,
refund: `Abbiamo rimborsato ${totalFmt} per la fattura ${params.invoiceNumber}. L'importo apparirà sul metodo di pagamento originale entro 510 giorni lavorativi, a seconda della banca.`,
},
};
const labels: Record<typeof L, Record<string, string>> = {
en: { creditNote: "Credit note", invoice: "Invoice", amount: "Amount", reason: "Reason", cta: "View credit note & download PDF", signoff: "Best regards", brand: "PieCed IT" },
de: { creditNote: "Gutschrift", invoice: "Rechnung", amount: "Betrag", reason: "Begründung", cta: "Gutschrift ansehen & PDF herunterladen", signoff: "Mit freundlichen Grüssen", brand: "PieCed IT" },
fr: { creditNote: "Note de crédit", invoice: "Facture", amount: "Montant", reason: "Motif", cta: "Voir la note de crédit & télécharger le PDF", signoff: "Cordialement", brand: "PieCed IT" },
it: { creditNote: "Nota di credito", invoice: "Fattura", amount: "Importo", reason: "Motivo", cta: "Visualizza nota di credito & scarica PDF", signoff: "Cordiali saluti", brand: "PieCed IT" },
};
const l = labels[L];
const subject = subjectsByLocale[L][params.kind];
const intro = introsByLocale[L][params.kind];
const safeName = escapeHtml(params.contactName);
const safeNumberCN = escapeHtml(params.creditNoteNumber);
const safeNumberINV = escapeHtml(params.invoiceNumber);
const safeReason = params.reason ? escapeHtml(params.reason) : null;
// PieCed brand emerald — same accent the invoice email uses.
// A credit note is still a PieCed IT document; the company
// identity stays consistent across the document family. The
// doc type is distinguished by the subject line and copy, not
// by colour.
const ACCENT = "#10B981";
try {
await getTransporter().sendMail({
from: getFrom(),
to: params.to,
subject,
text: [
greetingsByLocale[L],
"",
intro,
"",
`${l.creditNote}: ${params.creditNoteNumber}`,
`${l.invoice}: ${params.invoiceNumber}`,
`${l.amount}: ${totalFmt}`,
...(params.reason ? [`${l.reason}: ${params.reason}`] : []),
"",
`${l.cta}:`,
link,
"",
`${l.signoff},`,
l.brand,
].join("\n"),
html: `
<div style="font-family: -apple-system, BlinkMacSystemFont, sans-serif; max-width: 560px; padding: 24px; background: #1a1a1a; color: #e5e5e5;">
<h2 style="margin: 0 0 16px; color: ${ACCENT};">${escapeHtml(intro)}</h2>
<p>${safeName === "" ? "" : escapeHtml(greetingsByLocale[L])}</p>
<table style="width:100%; border-collapse:collapse; margin:16px 0; font-size:14px;">
<tr><td style="color:#888; padding:6px 0; width:140px;">${l.creditNote}</td><td><strong>${safeNumberCN}</strong></td></tr>
<tr><td style="color:#888; padding:6px 0;">${l.invoice}</td><td>${safeNumberINV}</td></tr>
<tr><td style="color:#888; padding:6px 0;">${l.amount}</td><td style="color:${ACCENT}; font-weight:600;">${escapeHtml(totalFmt)}</td></tr>
${safeReason ? `<tr><td style="color:#888; padding:6px 0; vertical-align:top;">${l.reason}</td><td style="color:#bbb;">${safeReason}</td></tr>` : ""}
</table>
<p>
<a href="${link}" style="display:inline-block; padding:10px 24px; background:${ACCENT}; color:#fff; text-decoration:none; border-radius:8px; font-weight:500;">
${l.cta}
</a>
</p>
<hr style="border:none; border-top:1px solid #333; margin:24px 0;" />
<p style="color:#666; font-size:12px;">${l.brand}</p>
</div>
`,
});
} catch (err) {
console.error("Failed to send credit note email:", err);
}
}

118
src/lib/pdf-brand.tsx Normal file
View File

@@ -0,0 +1,118 @@
/**
* Shared brand constants and Logo component for all PDF documents
* (invoices, credit notes, future quotes / reminders).
*
* Phase 7 fix: previously each PDF generator carried its own copy
* of BRAND and its own Logo. When Cedric customized the invoice
* issuer block in his deployment (real Strasse Nr., PLZ, etc.),
* the credit note PDF kept the original placeholders because it
* had its own duplicate. Hoisting both here means every PDF reads
* the same source of truth.
*
* To change the brand: edit BRAND below. To change the logo:
* edit Logo below. To change the issuer info Cedric ships: edit
* BRAND.issuer — both billing-pdf.tsx and credit-note-pdf.tsx pick
* it up automatically.
*
* The Logo component accepts a `color` prop so the credit-note
* variant can render the SAME shape tinted red (the document
* family is visually consistent; only the accent colour signals
* "this is a credit, not an invoice").
*/
import React from "react";
import { Svg, Polygon, Polyline } from "@react-pdf/renderer";
// ---------------------------------------------------------------------------
// Brand constants
// ---------------------------------------------------------------------------
export const BRAND = {
name: "PieCed IT",
// Primary emerald — matches the logo SVG fill (#10B981).
primary: "#10B981",
// Slightly darker emerald for headings.
primaryDark: "#0a8060",
textColor: "#1a1a1a",
mutedColor: "#666",
borderColor: "#d4d4d4",
// Issuer block — change these to your real legal info.
// Both billing-pdf.tsx and credit-note-pdf.tsx read from here.
issuer: {
legalName: "PieCed IT",
addressLine1: "Cedric Mosimann",
addressLine2: "[Strasse Nr.]",
postalCity: "[PLZ] Basel",
country: "Switzerland",
email: "billing@pieced.ch",
web: "pieced.ch",
// Show "MWST-Nr. ..." on PDF when set.
vatNumber: null as string | null,
// Bank instructions — used by invoice PDF, ignored on credit
// notes (refunds flow back via the original payment method).
bankName: "[Bank name]",
bankIban: "[CHxx xxxx xxxx xxxx xxxx x]",
bankBic: "[BIC]",
},
};
// ---------------------------------------------------------------------------
// Logo — PieCed's hexagon-pattern mark. Same shape used everywhere
// and same brand colour. The credit note is still a PieCed IT
// document and reads with the same company identity as an invoice.
// ---------------------------------------------------------------------------
interface LogoProps {
size?: number;
/** Defaults to BRAND.primary. Override only for special cases
* (e.g. an inverse variant on a dark background). Standard
* documents — invoices, credit notes — all use BRAND.primary. */
color?: string;
}
export const Logo = ({ size = 60, color = BRAND.primary }: LogoProps) => (
<Svg width={size} height={size * (106 / 70)} viewBox="0 0 70 106">
{/* H1 solid */}
<Polygon
points="38.5,22.69 31.5,10.566 17.5,10.566 10.5,22.69 17.5,34.814 31.5,34.814"
fill={color}
stroke={color}
strokeWidth={1.6}
/>
{/* H2 outline */}
<Polygon
points="59.5,34.814 52.5,22.69 38.5,22.69 31.5,34.814 38.5,46.938 52.5,46.938"
fill="none"
stroke={color}
strokeWidth={1.8}
/>
{/* H3 outline */}
<Polygon
points="38.5,46.938 31.5,34.814 17.5,34.814 10.5,46.938 17.5,59.062 31.5,59.062"
fill="none"
stroke={color}
strokeWidth={1.8}
/>
{/* H4 solid */}
<Polygon
points="59.5,59.062 52.5,46.938 38.5,46.938 31.5,59.062 38.5,71.186 52.5,71.186"
fill={color}
stroke={color}
strokeWidth={1.6}
/>
{/* H5 partial */}
<Polyline
points="31.5,83.31 38.5,71.186 31.5,59.062 17.5,59.062 10.5,71.186"
fill="none"
stroke={color}
strokeWidth={1.8}
/>
{/* H6 partial */}
<Polyline
points="59.5,83.31 52.5,71.186 38.5,71.186 31.5,83.31 38.5,95.434"
fill="none"
stroke={color}
strokeWidth={1.8}
/>
</Svg>
);

54
src/lib/stripe.ts
View File

@@ -258,3 +258,57 @@ export async function createCheckoutSessionForInvoice(params: {
} }
return { url: session.url, sessionId: session.id }; return { url: session.url, sessionId: session.id };
} }
// ---------------------------------------------------------------------------
// Phase 7 — refunds
// ---------------------------------------------------------------------------
/**
* Create a Stripe Refund against an invoice's PaymentIntent.
*
* The amount is in CHF; we convert to rappen for Stripe's smallest-
* currency-unit API. Pass 0 or undefined for `amountChf` to refund
* the full charge.
*
* Returns the Stripe refund object so the caller can record the
* refund id and final status. Stripe processes refunds asynchronously
* for some payment methods, so the initial status may be 'pending'
* — the charge.refunded webhook delivers the eventual succeeded /
* failed transition.
*
* Throws on Stripe API errors (no charge, insufficient balance,
* etc.). The caller surfaces these to the admin via the API
* response — we don't swallow them because partial-refund logic
* shouldn't be guessing about server state.
*/
export async function createInvoiceRefund(params: {
paymentIntentId: string;
amountChf?: number;
reason?: "duplicate" | "fraudulent" | "requested_by_customer";
metadata?: Record<string, string>;
}): Promise<{
id: string;
amountChf: number;
status: string;
}> {
const stripe = getStripeClient();
const refundParams: Parameters<typeof stripe.refunds.create>[0] = {
payment_intent: params.paymentIntentId,
metadata: params.metadata,
};
if (params.amountChf && params.amountChf > 0) {
refundParams.amount = chfToRappen(params.amountChf);
}
if (params.reason) {
refundParams.reason = params.reason;
}
const refund = await stripe.refunds.create(refundParams);
// The amount on the response is in rappen; convert back. If no
// amount was passed, Stripe defaults to the full remaining
// charge, which is what we read back.
return {
id: refund.id,
amountChf: refund.amount != null ? refund.amount / 100 : 0,
status: refund.status ?? "unknown",
};
}

110
src/lib/zitadel.ts
View File

@@ -528,3 +528,113 @@ export async function registerCustomer(params: {
throw err; throw err;
} }
} }
// ---------------------------------------------------------------------------
// v2 User API — profile updates (Phase 6 fix5)
// ---------------------------------------------------------------------------
/**
* Update a human user's profile (first name + last name + display
* name). Returns the new `details.changeDate` from ZITADEL so the
* caller can confirm the write landed.
*
* The v2 user service endpoint is technically a PUT but accepts
* partial bodies — only the `profile` block is sent. ZITADEL
* preserves email, password, and other fields across the call
* (verified empirically in zitadel-server#7786 and documented in
* v2.63+ of zitadel-server).
*
* `displayName` IS sent explicitly, set to "givenName familyName".
* Empirically (and contra what some docs suggest), ZITADEL does
* NOT recompute displayName when only the name parts change — it
* keeps whatever displayName was previously stored, including the
* one set at user creation time. That stale displayName is what
* ZITADEL surfaces in the OIDC `name` claim, so without this
* explicit write the portal session would never see the updated
* name (even after sign-out / sign-in).
*
* Auth: the portal's service-account PAT (ZITADEL_SA_PAT). The PAT
* must have user-write permission in the user's resource org.
* Today portal-zitadel-sa-pat already has user-write for
* createHumanUser etc. — same scope covers this.
*/
export interface UpdateHumanUserProfileResult {
changeDate: string;
/** The displayName ZITADEL stored, which the OIDC `name` claim will
* carry on the user's next session. */
displayName: string;
}
export async function updateHumanUserProfile(params: {
userId: string;
givenName: string;
familyName: string;
}): Promise<UpdateHumanUserProfileResult> {
const path = `/v2/users/human/${encodeURIComponent(params.userId)}`;
// Compose the displayName ourselves so ZITADEL stores something
// sensible. Empty-string fallback only triggers if both name parts
// are blank, which the API zod schema prevents anyway.
const displayName =
`${params.givenName.trim()} ${params.familyName.trim()}`.trim();
type ZitadelUpdateResponse = {
details?: { changeDate?: string };
};
await zitadelFetch<ZitadelUpdateResponse>(path, "PUT", {
profile: {
givenName: params.givenName,
familyName: params.familyName,
displayName,
},
});
// Re-fetch the user to read back the canonical displayName ZITADEL
// committed. Should match what we sent, but reading from the source
// of truth catches any sanitization ZITADEL might apply.
const detail = await getHumanUserDetail(params.userId);
return {
changeDate: new Date().toISOString(),
displayName: detail.displayName || displayName,
};
}
/**
* Fetch a human user's current profile (given/family/display name +
* email). Used by the settings page to populate the form and by the
* update helper above to read back the computed displayName.
*/
export interface HumanUserDetail {
userId: string;
givenName: string;
familyName: string;
displayName: string;
email: string;
}
export async function getHumanUserDetail(
userId: string
): Promise<HumanUserDetail> {
type ZitadelGetUserResponse = {
user?: {
userId?: string;
human?: {
profile?: {
givenName?: string;
familyName?: string;
displayName?: string;
};
email?: { email?: string };
};
};
};
const response = await zitadelFetch<ZitadelGetUserResponse>(
`/v2/users/${encodeURIComponent(userId)}`,
"GET"
);
const human = response.user?.human;
return {
userId: response.user?.userId ?? userId,
givenName: human?.profile?.givenName ?? "",
familyName: human?.profile?.familyName ?? "",
displayName: human?.profile?.displayName ?? "",
email: human?.email?.email ?? "",
};
}

117
src/messages/de.json
View File

@@ -121,7 +121,8 @@
"saveChanges": "Änderungen speichern", "saveChanges": "Änderungen speichern",
"billingVatNumber": "MWST-Nummer", "billingVatNumber": "MWST-Nummer",
"billingVatHelp": "Ihre registrierte MWST-Nummer. Falls Ihre Firma von der MWST befreit ist, leer lassen und in den Notizen erläutern.", "billingVatHelp": "Ihre registrierte MWST-Nummer. Falls Ihre Firma von der MWST befreit ist, leer lassen und in den Notizen erläutern.",
"billingNotesPlaceholderPersonal": "Was wir wissen sollten — bevorzugte Zahlungsart, Rechnungsreferenz, etc." "billingNotesPlaceholderPersonal": "Was wir wissen sollten — bevorzugte Zahlungsart, Rechnungsreferenz, etc.",
"reviewContactPersonPrefix": "z.Hd."
}, },
"dashboard": { "dashboard": {
"title": "Dashboard", "title": "Dashboard",
@@ -479,28 +480,36 @@
"billingTitle": "Abrechnung", "billingTitle": "Abrechnung",
"billingDescription": "Adresse, MWST-Nummer und Rechnungs-E-Mail für alle Ihre Tenants.", "billingDescription": "Adresse, MWST-Nummer und Rechnungs-E-Mail für alle Ihre Tenants.",
"nothingForYou": "Für Ihre Rolle gibt es hier noch nichts. Inhaber können Organisationseinstellungen verwalten.", "nothingForYou": "Für Ihre Rolle gibt es hier noch nichts. Inhaber können Organisationseinstellungen verwalten.",
"billingDescriptionPersonal": "Adresse und Rechnungs-E-Mail für alle Ihre Tenants." "billingDescriptionPersonal": "Adresse und Rechnungs-E-Mail für alle Ihre Tenants.",
"profileTitle": "Profil",
"profileDescription": "Bearbeiten Sie Ihren Vor- und Nachnamen, wie er im Portal erscheint."
}, },
"settingsBilling": { "settingsBilling": {
"title": "Abrechnung", "title": "Rechnungsdaten",
"subtitle": "Wird beim ersten Onboarding einmalig erfasst und für jeden Tenant Ihrer Organisation wiederverwendet. Aktualisieren Sie hier, wenn sich Ihre Abrechnungsdaten ändern.", "subtitle": "Rechnungsadresse, MWST-Nummer und Rechnungskontakt Ihres Unternehmens. Erforderlich, bevor Rechnungen für Ihre Organisation ausgestellt werden können.",
"companyName": "Firmenname", "companyNameLabel": "Firmenname",
"streetAddress": "Strasse", "streetAddressLabel": "Strasse und Hausnummer",
"postalCode": "PLZ", "postalCodeLabel": "PLZ",
"city": "Ort", "cityLabel": "Ort",
"country": "Land", "countryLabel": "Ländercode",
"vatNumber": "MWST-Nummer", "countryHint": "ISO 3166-1 alpha-2 — z.B. CH, DE, AT, FR, IT, GB, US",
"vatHelp": "Ihre registrierte MWST-Nummer (z. B. CHE-123.456.789 MWST für die Schweiz).", "vatNumberLabel": "MWST-Nummer (optional)",
"billingEmail": "Rechnungs-E-Mail", "vatNumberHint": "Für Schweizer Kunden: CHE-XXX.XXX.XXX MWST. EU-Kunden mit USt-IdNr. erhalten eine Reverse-Charge-Rechnung (0% MWST).",
"billingEmailHelp": "An diese Adresse werden Rechnungen und Abrechnungskommunikation gesendet.", "billingEmailLabel": "Rechnungs-E-Mail",
"notes": "Notizen", "billingEmailHint": "Rechnungen und Zahlungserinnerungen werden an diese Adresse gesendet. Kann von Ihrer Konto-E-Mail abweichen.",
"notesPlaceholder": "Alles, was die Buchhaltung wissen muss MWST-Befreiung, besondere Rechnungsstellung usw.", "notesLabel": "Bemerkungen (optional)",
"save": "Speichern", "notesHint": "Referenznummern, Bestellnummern oder andere Angaben, die auf der Rechnung erscheinen sollen.",
"saveChanges": "Änderungen speichern",
"createBilling": "Rechnungsdaten speichern",
"saving": "Speichern…",
"saved": "Gespeichert.", "saved": "Gespeichert.",
"saveFailed": "Konnte nicht gespeichert werden. Bitte erneut versuchen.", "missingRequired": "Bitte alle Pflichtfelder ausfüllen.",
"lastUpdated": "Zuletzt aktualisiert {when}", "invalidCountry": "Ländercode muss aus 2 Buchstaben bestehen (z.B. CH).",
"fullName": "Voller Name", "invalidEmail": "Bitte eine gültige E-Mail-Adresse eingeben.",
"notesPlaceholderPersonal": "Was wir wissen sollten — bevorzugte Zahlungsart, Rechnungsreferenz, etc." "fullNameLabel": "Vor- und Nachname",
"subtitlePersonal": "Ihre Rechnungsadresse und Rechnungskontakt. Erforderlich, bevor Rechnungen ausgestellt werden können.",
"contactNameLabel": "Ansprechperson (optional)",
"contactNameHint": "Erscheint als 'z.Hd. <Name>' auf der Rechnung unter dem Firmennamen. Hilfreich für die Zuordnung in der Buchhaltung grösserer Firmen."
}, },
"support": { "support": {
"title": "Support", "title": "Support",
@@ -664,7 +673,36 @@
"lineItemsTitle": "Positionen", "lineItemsTitle": "Positionen",
"billToSnapshotTitle": "Rechnungsempfänger", "billToSnapshotTitle": "Rechnungsempfänger",
"setupFeeCol": "Einrichtungsgebühr", "setupFeeCol": "Einrichtungsgebühr",
"skillSetupFeeLabel": "Einrichtungsgebühr" "skillSetupFeeLabel": "Einrichtungsgebühr",
"status_partially_refunded": "Teilrückerstattung",
"status_fully_refunded": "Vollständig rückerstattet",
"voidBtn": "Stornieren",
"voidReasonPlaceholder": "Stornierungsgrund (auf Gutschrift gedruckt)",
"voidReasonRequired": "Bitte einen Grund für die Stornierung angeben.",
"confirmVoid": "Stornierung bestätigen",
"voidedOnLabel": "Storniert",
"refundBtn": "Rückerstatten",
"refundReasonPlaceholder": "Grund der Rückerstattung (auf Gutschrift gedruckt)",
"refundReasonRequired": "Bitte einen Grund für die Rückerstattung angeben.",
"refundAmountInvalid": "Rückerstattungsbetrag muss eine positive Zahl sein.",
"refundAmountExceeds": "Rückerstattungsbetrag überschreitet den verbleibenden Betrag von CHF {max}.",
"refundRemainingHint": "Verbleibend erstattbar: CHF {max}",
"confirmRefund": "Rückerstattung bestätigen",
"refundedTotalLabel": "Rückerstattet",
"refundedRemainingLabel": "Verbleibend erstattbar",
"creditNotesPanelTitle": "Gutschriften",
"creditNoteNumberHeader": "Nummer",
"creditNoteKindHeader": "Typ",
"creditNoteAmountHeader": "Betrag",
"creditNoteReasonHeader": "Grund",
"creditNoteIssuedHeader": "Ausgestellt",
"creditNotePdfHeader": "PDF",
"creditNoteKind_void": "Storno",
"creditNoteKind_refund": "Rückerstattung",
"creditNoteNoPdf": "—",
"refundAmountLabel": "Betrag",
"refundReasonLabel": "Grund",
"refundAmountInclVatHint": "inkl. MWST"
}, },
"skillCostDialog": { "skillCostDialog": {
"title": "Aktivierungskosten bestätigen", "title": "Aktivierungskosten bestätigen",
@@ -737,12 +775,26 @@
"paid": "Bezahlt", "paid": "Bezahlt",
"overdue": "Überfällig", "overdue": "Überfällig",
"void": "Storniert", "void": "Storniert",
"uncollectible": "Uneinbringlich" "uncollectible": "Uneinbringlich",
"partially_refunded": "Teilrückerstattung",
"fully_refunded": "Vollständig rückerstattet"
}, },
"payWithCard": "Mit Karte bezahlen", "payWithCard": "Mit Karte bezahlen",
"redirectingToStripe": "Weiterleitung…", "redirectingToStripe": "Weiterleitung…",
"paymentReceived": "Zahlung erhalten — vielen Dank!", "paymentReceived": "Zahlung erhalten — vielen Dank!",
"paymentCancelled": "Zahlung abgebrochen." "paymentCancelled": "Zahlung abgebrochen.",
"configureBillingCta": "Rechnungsdaten einrichten",
"noBillingConfigNonOwner": "Nur der Organisations-Owner kann die Rechnungsdaten einrichten. Bitte wenden Sie sich an diese Person, um diesen Schritt abzuschliessen.",
"creditNotesHeading": "Gutschriften",
"creditNoteNumberCol": "Gutschrift",
"creditNoteInvoiceCol": "Rechnung",
"creditNoteIssuedCol": "Ausgestellt",
"creditNoteAmountCol": "Betrag",
"creditNoteKindCol": "Typ",
"creditNotePdfCol": "PDF",
"creditNoteKind_void": "Storno",
"creditNoteKind_refund": "Rückerstattung",
"creditNoteNoPdf": "PDF nicht verfügbar"
}, },
"adminCron": { "adminCron": {
"title": "Abrechnungsautomatisierung", "title": "Abrechnungsautomatisierung",
@@ -772,6 +824,23 @@
"kind": { "kind": {
"monthly_issue": "Rechnungsstellung", "monthly_issue": "Rechnungsstellung",
"reminders": "Mahnungen" "reminders": "Mahnungen"
} },
"failureBannerTitle": "Fehler in jüngsten Automatisierungsläufen",
"failureBannerBody": "{count} Lauf/Läufe im aktuellen Fenster haben mindestens einen Fehler gemeldet. Bitte die Tabelle unten prüfen — betroffene Zeilen sind rot hervorgehoben."
},
"settingsProfile": {
"title": "Profil",
"subtitle": "Ihr Anzeigename, der im Portal, in Tenant-Anfragen und in Support-Tickets erscheint.",
"subtitlePersonal": "Ihr Anzeigename, der im Portal erscheint. Um Ihren Namen auf Rechnungen zu ändern, bearbeiten Sie ihn unter Rechnungsdaten.",
"firstNameLabel": "Vorname",
"lastNameLabel": "Nachname",
"emailLabel": "E-Mail",
"emailReadOnlyHint": "Die E-Mail-Adresse kann hier nicht geändert werden. Verwenden Sie die Selbstbedienungseinstellungen Ihres Identitätsanbieters.",
"personalAccountHint": "Dies ist ein persönliches Konto. Eine Änderung Ihres Namens hier ändert NICHT, wie Ihr Name auf Rechnungen erscheint — bearbeiten Sie diesen separat unter Rechnungsdaten.",
"companyAccountHint": "Sie sind als Mitglied von {orgName} angemeldet.",
"saveChanges": "Änderungen speichern",
"saving": "Speichern…",
"saved": "Gespeichert.",
"missingRequired": "Vor- und Nachname sind erforderlich."
} }
} }

117
src/messages/en.json
View File

@@ -121,7 +121,8 @@
"saveChanges": "Save changes", "saveChanges": "Save changes",
"billingVatNumber": "VAT number", "billingVatNumber": "VAT number",
"billingVatHelp": "Your registered VAT identifier. If your company is VAT-exempt, leave blank and explain in the notes field.", "billingVatHelp": "Your registered VAT identifier. If your company is VAT-exempt, leave blank and explain in the notes field.",
"billingNotesPlaceholderPersonal": "Anything we should know — preferred payment method, billing reference, etc." "billingNotesPlaceholderPersonal": "Anything we should know — preferred payment method, billing reference, etc.",
"reviewContactPersonPrefix": "Attn:"
}, },
"dashboard": { "dashboard": {
"title": "Dashboard", "title": "Dashboard",
@@ -479,28 +480,36 @@
"billingTitle": "Billing", "billingTitle": "Billing",
"billingDescription": "Address, VAT number, and invoice email used for all your tenants.", "billingDescription": "Address, VAT number, and invoice email used for all your tenants.",
"nothingForYou": "There's nothing here for your role yet. Owners can manage org settings.", "nothingForYou": "There's nothing here for your role yet. Owners can manage org settings.",
"billingDescriptionPersonal": "Address and invoice email used for all your tenants." "billingDescriptionPersonal": "Address and invoice email used for all your tenants.",
"profileTitle": "Profile",
"profileDescription": "Edit your first and last name as shown across the portal."
}, },
"settingsBilling": { "settingsBilling": {
"title": "Billing", "title": "Billing details",
"subtitle": "Captured once at first onboarding and reused for every tenant in your organization. Update here whenever your billing details change.", "subtitle": "Your company's billing address, VAT number, and invoice contact. Required before invoices can be issued for your organization.",
"companyName": "Company name", "companyNameLabel": "Company name",
"streetAddress": "Street address", "streetAddressLabel": "Street address",
"postalCode": "Postal code", "postalCodeLabel": "Postal code",
"city": "City", "cityLabel": "City",
"country": "Country", "countryLabel": "Country code",
"vatNumber": "VAT number", "countryHint": "ISO 3166-1 alpha-2 — e.g. CH, DE, AT, FR, IT, GB, US",
"vatHelp": "Your registered VAT identifier (e.g. CHE-123.456.789 MWST for Switzerland).", "vatNumberLabel": "VAT number (optional)",
"billingEmail": "Billing email", "vatNumberHint": "For Swiss customers: CHE-XXX.XXX.XXX MWST. EU customers with a VAT number get a 0% reverse-charge invoice.",
"billingEmailHelp": "Where invoices and billing communication will be sent.", "billingEmailLabel": "Billing email",
"notes": "Notes", "billingEmailHint": "Invoices and payment reminders are sent here. Can differ from your account email.",
"notesPlaceholder": "Anything else accounting needs to know — VAT exemption, special invoicing arrangements, etc.", "notesLabel": "Notes (optional)",
"save": "Save", "notesHint": "Reference numbers, purchase order tags, or anything else you'd like printed on invoices.",
"saveChanges": "Save changes",
"createBilling": "Save billing details",
"saving": "Saving…",
"saved": "Saved.", "saved": "Saved.",
"saveFailed": "Could not save. Please try again.", "missingRequired": "Please fill in all required fields.",
"lastUpdated": "Last updated {when}", "invalidCountry": "Country code must be 2 letters (e.g. CH).",
"fullName": "Full name", "invalidEmail": "Please enter a valid email address.",
"notesPlaceholderPersonal": "Anything we should know — preferred payment method, billing reference, etc." "fullNameLabel": "Full name",
"subtitlePersonal": "Your billing address and invoice contact. Required before invoices can be issued.",
"contactNameLabel": "Contact person (optional)",
"contactNameHint": "Prints as 'Attn: <name>' on the invoice below the company name. Useful for AP routing in larger organizations."
}, },
"support": { "support": {
"title": "Support", "title": "Support",
@@ -664,7 +673,36 @@
"lineItemsTitle": "Line items", "lineItemsTitle": "Line items",
"billToSnapshotTitle": "Billed to", "billToSnapshotTitle": "Billed to",
"setupFeeCol": "Setup fee", "setupFeeCol": "Setup fee",
"skillSetupFeeLabel": "Setup fee" "skillSetupFeeLabel": "Setup fee",
"status_partially_refunded": "Partially refunded",
"status_fully_refunded": "Fully refunded",
"voidBtn": "Void",
"voidReasonPlaceholder": "Reason for voiding (printed on credit note)",
"voidReasonRequired": "Please provide a reason for voiding.",
"confirmVoid": "Confirm void",
"voidedOnLabel": "Voided",
"refundBtn": "Refund",
"refundReasonPlaceholder": "Reason for refund (printed on credit note)",
"refundReasonRequired": "Please provide a reason for the refund.",
"refundAmountInvalid": "Refund amount must be a positive number.",
"refundAmountExceeds": "Refund amount exceeds remaining refundable CHF {max}.",
"refundRemainingHint": "Remaining refundable: CHF {max}",
"confirmRefund": "Confirm refund",
"refundedTotalLabel": "Refunded total",
"refundedRemainingLabel": "Remaining refundable",
"creditNotesPanelTitle": "Credit notes",
"creditNoteNumberHeader": "Number",
"creditNoteKindHeader": "Type",
"creditNoteAmountHeader": "Amount",
"creditNoteReasonHeader": "Reason",
"creditNoteIssuedHeader": "Issued",
"creditNotePdfHeader": "PDF",
"creditNoteKind_void": "Void",
"creditNoteKind_refund": "Refund",
"creditNoteNoPdf": "—",
"refundAmountLabel": "Amount",
"refundReasonLabel": "Reason",
"refundAmountInclVatHint": "incl. VAT"
}, },
"skillCostDialog": { "skillCostDialog": {
"title": "Confirm activation cost", "title": "Confirm activation cost",
@@ -737,12 +775,26 @@
"paid": "Paid", "paid": "Paid",
"overdue": "Overdue", "overdue": "Overdue",
"void": "Void", "void": "Void",
"uncollectible": "Uncollectible" "uncollectible": "Uncollectible",
"partially_refunded": "Partially refunded",
"fully_refunded": "Fully refunded"
}, },
"payWithCard": "Pay with card", "payWithCard": "Pay with card",
"redirectingToStripe": "Redirecting…", "redirectingToStripe": "Redirecting…",
"paymentReceived": "Payment received — thank you!", "paymentReceived": "Payment received — thank you!",
"paymentCancelled": "Payment cancelled." "paymentCancelled": "Payment cancelled.",
"configureBillingCta": "Configure billing details",
"noBillingConfigNonOwner": "Only the organization owner can configure billing details. Please contact them to complete this step.",
"creditNotesHeading": "Credit notes",
"creditNoteNumberCol": "Credit note",
"creditNoteInvoiceCol": "Invoice",
"creditNoteIssuedCol": "Issued",
"creditNoteAmountCol": "Amount",
"creditNoteKindCol": "Type",
"creditNotePdfCol": "PDF",
"creditNoteKind_void": "Void",
"creditNoteKind_refund": "Refund",
"creditNoteNoPdf": "PDF unavailable"
}, },
"adminCron": { "adminCron": {
"title": "Billing automation", "title": "Billing automation",
@@ -772,6 +824,23 @@
"kind": { "kind": {
"monthly_issue": "Issuance", "monthly_issue": "Issuance",
"reminders": "Reminders" "reminders": "Reminders"
} },
"failureBannerTitle": "Recent automation failures detected",
"failureBannerBody": "{count} run(s) in the recent window reported at least one failure. Review the table below — the affected rows are highlighted in red."
},
"settingsProfile": {
"title": "Profile",
"subtitle": "Your display name as shown across the portal, in tenant requests, and in support tickets.",
"subtitlePersonal": "Your display name as shown across the portal. To change how your name appears on invoices, edit it in Billing details.",
"firstNameLabel": "First name",
"lastNameLabel": "Last name",
"emailLabel": "Email",
"emailReadOnlyHint": "Email can't be changed here. Use your identity provider's self-service settings to change your email.",
"personalAccountHint": "This is a personal account. Changing your name here does NOT update how your name appears on invoices — edit that separately in Billing details.",
"companyAccountHint": "You're signed in as a member of {orgName}.",
"saveChanges": "Save changes",
"saving": "Saving…",
"saved": "Saved.",
"missingRequired": "First and last name are required."
} }
} }

119
src/messages/fr.json
View File

@@ -121,7 +121,8 @@
"saveChanges": "Enregistrer les modifications", "saveChanges": "Enregistrer les modifications",
"billingVatNumber": "Numéro de TVA", "billingVatNumber": "Numéro de TVA",
"billingVatHelp": "Votre identifiant TVA enregistré. Si votre entreprise est exonérée de TVA, laissez vide et précisez dans les notes.", "billingVatHelp": "Votre identifiant TVA enregistré. Si votre entreprise est exonérée de TVA, laissez vide et précisez dans les notes.",
"billingNotesPlaceholderPersonal": "Tout ce que nous devons savoir — moyen de paiement préféré, référence de facturation, etc." "billingNotesPlaceholderPersonal": "Tout ce que nous devons savoir — moyen de paiement préféré, référence de facturation, etc.",
"reviewContactPersonPrefix": "À l'attention de"
}, },
"dashboard": { "dashboard": {
"title": "Tableau de bord", "title": "Tableau de bord",
@@ -479,28 +480,36 @@
"billingTitle": "Facturation", "billingTitle": "Facturation",
"billingDescription": "Adresse, numéro de TVA et e-mail de facturation utilisés pour tous vos locataires.", "billingDescription": "Adresse, numéro de TVA et e-mail de facturation utilisés pour tous vos locataires.",
"nothingForYou": "Il n'y a rien ici pour votre rôle pour le moment. Les propriétaires peuvent gérer les paramètres de l'organisation.", "nothingForYou": "Il n'y a rien ici pour votre rôle pour le moment. Les propriétaires peuvent gérer les paramètres de l'organisation.",
"billingDescriptionPersonal": "Adresse et e-mail de facturation utilisés pour tous vos locataires." "billingDescriptionPersonal": "Adresse et e-mail de facturation utilisés pour tous vos locataires.",
"profileTitle": "Profil",
"profileDescription": "Modifiez votre prénom et nom tels qu'ils apparaissent dans le portail."
}, },
"settingsBilling": { "settingsBilling": {
"title": "Facturation", "title": "Informations de facturation",
"subtitle": "Saisie une fois lors de l'inscription et réutilisée pour chaque locataire de votre organisation. Mettez à jour ici dès que vos coordonnées de facturation changent.", "subtitle": "Adresse de facturation, numéro de TVA et contact pour les factures. Requis avant l'émission de toute facture pour votre organisation.",
"companyName": "Nom de l'entreprise", "companyNameLabel": "Nom de l'entreprise",
"streetAddress": "Adresse", "streetAddressLabel": "Adresse",
"postalCode": "Code postal", "postalCodeLabel": "Code postal",
"city": "Ville", "cityLabel": "Ville",
"country": "Pays", "countryLabel": "Code pays",
"vatNumber": "Numéro de TVA", "countryHint": "ISO 3166-1 alpha-2 — p. ex. CH, DE, AT, FR, IT, GB, US",
"vatHelp": "Votre identifiant TVA enregistré (par ex. CHE-123.456.789 TVA pour la Suisse).", "vatNumberLabel": "Numéro de TVA (facultatif)",
"billingEmail": "E-mail de facturation", "vatNumberHint": "Pour les clients suisses : CHE-XXX.XXX.XXX TVA. Les clients UE avec un n° de TVA reçoivent une facture à 0% (autoliquidation).",
"billingEmailHelp": "Adresse à laquelle les factures et la communication de facturation seront envoyées.", "billingEmailLabel": "E-mail de facturation",
"notes": "Notes", "billingEmailHint": "Les factures et rappels de paiement sont envoyés à cette adresse. Peut différer de l'e-mail du compte.",
"notesPlaceholder": "Tout ce que la comptabilité doit savoir exonération de TVA, modalités de facturation particulières, etc.", "notesLabel": "Notes (facultatif)",
"save": "Enregistrer", "notesHint": "Numéros de référence, bons de commande, ou toute autre information à imprimer sur les factures.",
"saveChanges": "Enregistrer les modifications",
"createBilling": "Enregistrer les informations",
"saving": "Enregistrement…",
"saved": "Enregistré.", "saved": "Enregistré.",
"saveFailed": "Impossible d'enregistrer. Veuillez réessayer.", "missingRequired": "Veuillez remplir tous les champs obligatoires.",
"lastUpdated": "Dernière mise à jour {when}", "invalidCountry": "Le code pays doit comporter 2 lettres (p. ex. CH).",
"fullName": "Nom complet", "invalidEmail": "Veuillez saisir une adresse e-mail valide.",
"notesPlaceholderPersonal": "Tout ce que nous devons savoir — moyen de paiement préféré, référence de facturation, etc." "fullNameLabel": "Nom et prénom",
"subtitlePersonal": "Votre adresse de facturation et votre contact. Requis avant l'émission de toute facture.",
"contactNameLabel": "Personne à contacter (facultatif)",
"contactNameHint": "S'imprime « À l'attention de <nom> » sur la facture, sous le nom de l'entreprise. Utile pour le routage en comptabilité dans les grandes organisations."
}, },
"support": { "support": {
"title": "Support", "title": "Support",
@@ -664,7 +673,36 @@
"lineItemsTitle": "Lignes", "lineItemsTitle": "Lignes",
"billToSnapshotTitle": "Destinataire", "billToSnapshotTitle": "Destinataire",
"setupFeeCol": "Frais de configuration", "setupFeeCol": "Frais de configuration",
"skillSetupFeeLabel": "Frais de configuration" "skillSetupFeeLabel": "Frais de configuration",
"status_partially_refunded": "Partiellement remboursée",
"status_fully_refunded": "Entièrement remboursée",
"voidBtn": "Annuler",
"voidReasonPlaceholder": "Motif de l'annulation (imprimé sur la note de crédit)",
"voidReasonRequired": "Veuillez indiquer un motif d'annulation.",
"confirmVoid": "Confirmer l'annulation",
"voidedOnLabel": "Annulée",
"refundBtn": "Rembourser",
"refundReasonPlaceholder": "Motif du remboursement (imprimé sur la note de crédit)",
"refundReasonRequired": "Veuillez indiquer un motif de remboursement.",
"refundAmountInvalid": "Le montant du remboursement doit être un nombre positif.",
"refundAmountExceeds": "Le montant dépasse le restant remboursable de CHF {max}.",
"refundRemainingHint": "Restant remboursable : CHF {max}",
"confirmRefund": "Confirmer le remboursement",
"refundedTotalLabel": "Remboursé",
"refundedRemainingLabel": "Restant remboursable",
"creditNotesPanelTitle": "Notes de crédit",
"creditNoteNumberHeader": "Numéro",
"creditNoteKindHeader": "Type",
"creditNoteAmountHeader": "Montant",
"creditNoteReasonHeader": "Motif",
"creditNoteIssuedHeader": "Émise",
"creditNotePdfHeader": "PDF",
"creditNoteKind_void": "Annulation",
"creditNoteKind_refund": "Remboursement",
"creditNoteNoPdf": "—",
"refundAmountLabel": "Montant",
"refundReasonLabel": "Motif",
"refundAmountInclVatHint": "TVA incluse"
}, },
"skillCostDialog": { "skillCostDialog": {
"title": "Confirmer le coût d'activation", "title": "Confirmer le coût d'activation",
@@ -730,19 +768,33 @@
"subtotalLabel": "Sous-total", "subtotalLabel": "Sous-total",
"vatLabel": "TVA ({rate}%)", "vatLabel": "TVA ({rate}%)",
"totalLabel": "Total", "totalLabel": "Total",
"downloadPdf": "Télécharger le PDF", "downloadPdf": "Télécharger PDF",
"status": { "status": {
"draft": "Brouillon", "draft": "Brouillon",
"open": "Ouverte", "open": "Ouverte",
"paid": "Payée", "paid": "Payée",
"overdue": "En retard", "overdue": "En retard",
"void": "Annulée", "void": "Annulée",
"uncollectible": "Irrécouvrable" "uncollectible": "Irrécouvrable",
"partially_refunded": "Partiellement remboursée",
"fully_refunded": "Entièrement remboursée"
}, },
"payWithCard": "Payer par carte", "payWithCard": "Payer par carte",
"redirectingToStripe": "Redirection…", "redirectingToStripe": "Redirection…",
"paymentReceived": "Paiement reçu — merci !", "paymentReceived": "Paiement reçu — merci !",
"paymentCancelled": "Paiement annulé." "paymentCancelled": "Paiement annulé.",
"configureBillingCta": "Configurer les informations de facturation",
"noBillingConfigNonOwner": "Seul le propriétaire de l'organisation peut configurer les informations de facturation. Veuillez le contacter pour terminer cette étape.",
"creditNotesHeading": "Notes de crédit",
"creditNoteNumberCol": "Note de crédit",
"creditNoteInvoiceCol": "Facture",
"creditNoteIssuedCol": "Émise",
"creditNoteAmountCol": "Montant",
"creditNoteKindCol": "Type",
"creditNotePdfCol": "PDF",
"creditNoteKind_void": "Annulation",
"creditNoteKind_refund": "Remboursement",
"creditNoteNoPdf": "PDF indisponible"
}, },
"adminCron": { "adminCron": {
"title": "Automatisation de la facturation", "title": "Automatisation de la facturation",
@@ -772,6 +824,23 @@
"kind": { "kind": {
"monthly_issue": "Émission", "monthly_issue": "Émission",
"reminders": "Rappels" "reminders": "Rappels"
} },
"failureBannerTitle": "Échecs récents détectés",
"failureBannerBody": "{count} lancement(s) récent(s) ont signalé au moins un échec. Consultez le tableau ci-dessous — les lignes concernées sont en rouge."
},
"settingsProfile": {
"title": "Profil",
"subtitle": "Votre nom d'affichage tel qu'il apparaît dans le portail, les demandes de tenant et les tickets d'assistance.",
"subtitlePersonal": "Votre nom d'affichage tel qu'il apparaît dans le portail. Pour modifier votre nom sur les factures, modifiez-le dans Informations de facturation.",
"firstNameLabel": "Prénom",
"lastNameLabel": "Nom",
"emailLabel": "E-mail",
"emailReadOnlyHint": "L'e-mail ne peut pas être modifié ici. Utilisez les paramètres en libre-service de votre fournisseur d'identité.",
"personalAccountHint": "Ceci est un compte personnel. Modifier votre nom ici ne change PAS la façon dont votre nom apparaît sur les factures — modifiez-le séparément dans Informations de facturation.",
"companyAccountHint": "Vous êtes connecté en tant que membre de {orgName}.",
"saveChanges": "Enregistrer les modifications",
"saving": "Enregistrement…",
"saved": "Enregistré.",
"missingRequired": "Le prénom et le nom sont obligatoires."
} }
} }

117
src/messages/it.json
View File

@@ -121,7 +121,8 @@
"saveChanges": "Salva modifiche", "saveChanges": "Salva modifiche",
"billingVatNumber": "Partita IVA", "billingVatNumber": "Partita IVA",
"billingVatHelp": "Il tuo identificativo IVA registrato. Se la tua azienda è esente IVA, lascia vuoto e spiega nelle note.", "billingVatHelp": "Il tuo identificativo IVA registrato. Se la tua azienda è esente IVA, lascia vuoto e spiega nelle note.",
"billingNotesPlaceholderPersonal": "Qualsiasi cosa dovremmo sapere — metodo di pagamento preferito, riferimento per fatturazione, ecc." "billingNotesPlaceholderPersonal": "Qualsiasi cosa dovremmo sapere — metodo di pagamento preferito, riferimento per fatturazione, ecc.",
"reviewContactPersonPrefix": "c.a."
}, },
"dashboard": { "dashboard": {
"title": "Dashboard", "title": "Dashboard",
@@ -479,28 +480,36 @@
"billingTitle": "Fatturazione", "billingTitle": "Fatturazione",
"billingDescription": "Indirizzo, numero di IVA ed e-mail di fatturazione usati per tutti i tuoi tenant.", "billingDescription": "Indirizzo, numero di IVA ed e-mail di fatturazione usati per tutti i tuoi tenant.",
"nothingForYou": "Al momento non c'è nulla qui per il tuo ruolo. I proprietari possono gestire le impostazioni dell'organizzazione.", "nothingForYou": "Al momento non c'è nulla qui per il tuo ruolo. I proprietari possono gestire le impostazioni dell'organizzazione.",
"billingDescriptionPersonal": "Indirizzo ed e-mail di fatturazione usati per tutti i tuoi tenant." "billingDescriptionPersonal": "Indirizzo ed e-mail di fatturazione usati per tutti i tuoi tenant.",
"profileTitle": "Profilo",
"profileDescription": "Modifica il tuo nome e cognome come appaiono nel portale."
}, },
"settingsBilling": { "settingsBilling": {
"title": "Fatturazione", "title": "Dati di fatturazione",
"subtitle": "Acquisita una sola volta al primo onboarding e riutilizzata per ogni tenant della tua organizzazione. Aggiorna qui ogni volta che i dati di fatturazione cambiano.", "subtitle": "Indirizzo di fatturazione, partita IVA e contatto fatture della tua azienda. Necessari prima che possano essere emesse fatture per la tua organizzazione.",
"companyName": "Ragione sociale", "companyNameLabel": "Nome azienda",
"streetAddress": "Indirizzo", "streetAddressLabel": "Indirizzo",
"postalCode": "CAP", "postalCodeLabel": "CAP",
"city": "Città", "cityLabel": "Città",
"country": "Paese", "countryLabel": "Codice paese",
"vatNumber": "Partita IVA", "countryHint": "ISO 3166-1 alpha-2 — es. CH, DE, AT, FR, IT, GB, US",
"vatHelp": "Il tuo identificativo IVA registrato (es. CHE-123.456.789 IVA per la Svizzera).", "vatNumberLabel": "Partita IVA (facoltativa)",
"billingEmail": "E-mail di fatturazione", "vatNumberHint": "Per clienti svizzeri: CHE-XXX.XXX.XXX IVA. Clienti UE con partita IVA ricevono fattura in reverse charge (0% IVA).",
"billingEmailHelp": "Indirizzo a cui verranno inviate le fatture e le comunicazioni di fatturazione.", "billingEmailLabel": "E-mail di fatturazione",
"notes": "Note", "billingEmailHint": "Le fatture e i solleciti vengono inviati a questo indirizzo. Può differire dall'e-mail dell'account.",
"notesPlaceholder": "Qualsiasi cosa la contabilità debba sapere — esenzione IVA, modalità di fatturazione particolari, ecc.", "notesLabel": "Note (facoltative)",
"save": "Salva", "notesHint": "Numeri di riferimento, ordini d'acquisto o altre informazioni da riportare in fattura.",
"saveChanges": "Salva modifiche",
"createBilling": "Salva dati di fatturazione",
"saving": "Salvataggio…",
"saved": "Salvato.", "saved": "Salvato.",
"saveFailed": "Impossibile salvare. Riprova.", "missingRequired": "Compila tutti i campi obbligatori.",
"lastUpdated": "Ultimo aggiornamento {when}", "invalidCountry": "Il codice paese deve essere di 2 lettere (es. CH).",
"fullName": "Nome completo", "invalidEmail": "Inserisci un indirizzo e-mail valido.",
"notesPlaceholderPersonal": "Qualsiasi cosa dovremmo sapere — metodo di pagamento preferito, riferimento per fatturazione, ecc." "fullNameLabel": "Nome e cognome",
"subtitlePersonal": "Il tuo indirizzo di fatturazione e contatto. Necessari prima che possano essere emesse fatture.",
"contactNameLabel": "Persona di contatto (facoltativa)",
"contactNameHint": "Stampato come 'c.a. <nome>' sulla fattura, sotto il nome dell'azienda. Utile per l'instradamento contabile in grandi organizzazioni."
}, },
"support": { "support": {
"title": "Supporto", "title": "Supporto",
@@ -664,7 +673,36 @@
"lineItemsTitle": "Righe", "lineItemsTitle": "Righe",
"billToSnapshotTitle": "Destinatario", "billToSnapshotTitle": "Destinatario",
"setupFeeCol": "Spese di attivazione", "setupFeeCol": "Spese di attivazione",
"skillSetupFeeLabel": "Spese di attivazione" "skillSetupFeeLabel": "Spese di attivazione",
"status_partially_refunded": "Rimborsata parzialmente",
"status_fully_refunded": "Rimborsata integralmente",
"voidBtn": "Annulla",
"voidReasonPlaceholder": "Motivo dell'annullamento (stampato sulla nota di credito)",
"voidReasonRequired": "Indicare un motivo per l'annullamento.",
"confirmVoid": "Conferma annullamento",
"voidedOnLabel": "Annullata",
"refundBtn": "Rimborsa",
"refundReasonPlaceholder": "Motivo del rimborso (stampato sulla nota di credito)",
"refundReasonRequired": "Indicare un motivo per il rimborso.",
"refundAmountInvalid": "L'importo del rimborso deve essere un numero positivo.",
"refundAmountExceeds": "L'importo supera il residuo rimborsabile di CHF {max}.",
"refundRemainingHint": "Residuo rimborsabile: CHF {max}",
"confirmRefund": "Conferma rimborso",
"refundedTotalLabel": "Rimborsato",
"refundedRemainingLabel": "Residuo rimborsabile",
"creditNotesPanelTitle": "Note di credito",
"creditNoteNumberHeader": "Numero",
"creditNoteKindHeader": "Tipo",
"creditNoteAmountHeader": "Importo",
"creditNoteReasonHeader": "Motivo",
"creditNoteIssuedHeader": "Emessa",
"creditNotePdfHeader": "PDF",
"creditNoteKind_void": "Annullamento",
"creditNoteKind_refund": "Rimborso",
"creditNoteNoPdf": "—",
"refundAmountLabel": "Importo",
"refundReasonLabel": "Motivo",
"refundAmountInclVatHint": "IVA inclusa"
}, },
"skillCostDialog": { "skillCostDialog": {
"title": "Conferma costi di attivazione", "title": "Conferma costi di attivazione",
@@ -737,12 +775,26 @@
"paid": "Pagata", "paid": "Pagata",
"overdue": "In ritardo", "overdue": "In ritardo",
"void": "Annullata", "void": "Annullata",
"uncollectible": "Inesigibile" "uncollectible": "Inesigibile",
"partially_refunded": "Rimborsata parzialmente",
"fully_refunded": "Rimborsata integralmente"
}, },
"payWithCard": "Paga con carta", "payWithCard": "Paga con carta",
"redirectingToStripe": "Reindirizzamento…", "redirectingToStripe": "Reindirizzamento…",
"paymentReceived": "Pagamento ricevuto — grazie!", "paymentReceived": "Pagamento ricevuto — grazie!",
"paymentCancelled": "Pagamento annullato." "paymentCancelled": "Pagamento annullato.",
"configureBillingCta": "Configura dati di fatturazione",
"noBillingConfigNonOwner": "Solo il proprietario dell'organizzazione può configurare i dati di fatturazione. Contattalo per completare questo passaggio.",
"creditNotesHeading": "Note di credito",
"creditNoteNumberCol": "Nota di credito",
"creditNoteInvoiceCol": "Fattura",
"creditNoteIssuedCol": "Emessa",
"creditNoteAmountCol": "Importo",
"creditNoteKindCol": "Tipo",
"creditNotePdfCol": "PDF",
"creditNoteKind_void": "Annullamento",
"creditNoteKind_refund": "Rimborso",
"creditNoteNoPdf": "PDF non disponibile"
}, },
"adminCron": { "adminCron": {
"title": "Automazione fatturazione", "title": "Automazione fatturazione",
@@ -772,6 +824,23 @@
"kind": { "kind": {
"monthly_issue": "Emissione", "monthly_issue": "Emissione",
"reminders": "Solleciti" "reminders": "Solleciti"
} },
"failureBannerTitle": "Fallimenti recenti rilevati",
"failureBannerBody": "{count} esecuzione/i recente/i hanno segnalato almeno un fallimento. Controlla la tabella sotto — le righe interessate sono in rosso."
},
"settingsProfile": {
"title": "Profilo",
"subtitle": "Il tuo nome visualizzato come appare nel portale, nelle richieste tenant e nei ticket di supporto.",
"subtitlePersonal": "Il tuo nome visualizzato come appare nel portale. Per modificare il tuo nome in fattura, modificalo in Dati di fatturazione.",
"firstNameLabel": "Nome",
"lastNameLabel": "Cognome",
"emailLabel": "E-mail",
"emailReadOnlyHint": "L'e-mail non può essere modificata qui. Usa le impostazioni self-service del tuo provider di identità.",
"personalAccountHint": "Questo è un account personale. Modificare il tuo nome qui NON cambia come appare in fattura — modificalo separatamente in Dati di fatturazione.",
"companyAccountHint": "Sei connesso come membro di {orgName}.",
"saveChanges": "Salva modifiche",
"saving": "Salvataggio…",
"saved": "Salvato.",
"missingRequired": "Nome e cognome sono obbligatori."
} }
} }

66
src/types/index.ts
View File

@@ -234,6 +234,12 @@ export interface BillingAddress {
export interface OrgBilling { export interface OrgBilling {
zitadelOrgId: string; zitadelOrgId: string;
companyName: string; companyName: string;
// Optional contact-person line ("z.Hd. / Attn:") shown on the
// invoice PDF below the company name. Useful when invoicing
// larger companies where the mailroom needs a name to route
// the document. Personal accounts don't expose this in the UI —
// their "Full name" already lives in companyName.
contactName?: string | null;
streetAddress: string; streetAddress: string;
postalCode: string; postalCode: string;
city: string; city: string;
@@ -538,10 +544,57 @@ export type InvoiceStatus =
| "paid" | "paid"
| "overdue" | "overdue"
| "void" | "void"
| "uncollectible"; | "uncollectible"
// Phase 7: refund states. partially_refunded = at least one refund
// recorded but sum < total. fully_refunded = sum >= total. Voiding
// applies to unpaid invoices; refunding applies to paid invoices —
// the two states are mutually exclusive transitions from 'paid'
// versus 'open'.
| "partially_refunded"
| "fully_refunded";
export type InvoicePaymentMethod = "invoice" | "card"; export type InvoicePaymentMethod = "invoice" | "card";
// Phase 7 — credit notes are independent documents (separate
// numbering, separate PDF) that record a void or refund against an
// original invoice. Issued as part of voidInvoice() or
// refundInvoice() flows; the customer downloads them from
// /api/credit-notes/<number>/pdf.
export type CreditNoteKind = "void" | "refund";
export interface CreditNote {
id: string;
creditNoteNumber: string;
invoiceId: string;
invoiceNumber: string;
zitadelOrgId: string;
kind: CreditNoteKind;
amountChf: number;
vatAmountChf: number;
reason: string | null;
issuedAt: string;
issuedBy: string;
locale: string;
pdfFilename: string | null;
hasPdf: boolean;
billingSnapshot: InvoiceBillingSnapshot;
}
// Phase 7 — per-refund-event record (one row per Stripe Refund
// object, or per admin-initiated refund for invoice-paid customers).
// Aggregated into invoices.refunded_total_chf for query convenience.
export interface InvoiceRefund {
id: string;
invoiceId: string;
stripeRefundId: string | null;
amountChf: number;
reason: string | null;
status: "pending" | "succeeded" | "failed" | "canceled";
refundedAt: string;
refundedBy: string;
creditNoteId: string | null;
}
// Phase 5 — Cron run history rows for the admin /admin/cron page. // Phase 5 — Cron run history rows for the admin /admin/cron page.
export type CronRunKind = "monthly_issue" | "reminders"; export type CronRunKind = "monthly_issue" | "reminders";
export interface CronRun { export interface CronRun {
@@ -575,6 +628,7 @@ export type InvoiceLineKind =
*/ */
export interface InvoiceBillingSnapshot { export interface InvoiceBillingSnapshot {
companyName: string; companyName: string;
contactName: string | null;
streetAddress: string; streetAddress: string;
postalCode: string; postalCode: string;
city: string; city: string;
@@ -634,6 +688,16 @@ export interface Invoice {
paidAt: string | null; paidAt: string | null;
paidBy: string | null; paidBy: string | null;
paidMethodDetail: string | null; paidMethodDetail: string | null;
// Phase 7 — void tracking. Populated when status='void'. The reason
// free-text is rendered on the credit note PDF.
voidReason: string | null;
voidedAt: string | null;
voidedBy: string | null;
// Phase 7 — running sum of refunds applied to this invoice. Zero
// for invoices that have never been refunded. Drives status
// transitions (partially_refunded vs fully_refunded) and the
// running-total widget on /billing.
refundedTotalChf: number;
createdAt: string; createdAt: string;
} }