feat: Add services, company documents, company timesheet export

- Add services table and CRUD endpoints (/api/services) - Add company documents upload/download functionality - Add company timesheet XLSX export endpoint - Remove admin requirement from event routes (all authenticated users can manage events) - Add service validators Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
2026-01-17 18:45:01 +01:00
parent b542d1d635
commit 514b6c8a92
13 changed files with 866 additions and 11 deletions
--- a/src/app.js
+++ b/src/app.js
@@ -29,6 +29,7 @@ import auditRoutes from './routes/audit.routes.js';
 import eventRoutes from './routes/event.routes.js';
 import messageRoutes from './routes/message.routes.js';
 import userRoutes from './routes/user.routes.js';
 import serviceRoutes from './routes/service.routes.js';
 const app = express();
@@ -124,6 +125,7 @@ app.use('/api/audit-logs', auditRoutes);
 app.use('/api/events', eventRoutes);
 app.use('/api/messages', messageRoutes);
 app.use('/api/users', userRoutes);
 app.use('/api/services', serviceRoutes);
 // Basic route
 app.get('/', (req, res) => {
--- a/src/controllers/company-document.controller.js
+++ b/src/controllers/company-document.controller.js
@@ -0,0 +1,88 @@
 import * as companyDocumentService from '../services/company-document.service.js';
 /**
 * Get all documents for a company
 * GET /api/companies/:companyId/documents
 */
 export const getDocuments = async (req, res, next) => {
  try {
    const { companyId } = req.params;
    const documents = await companyDocumentService.getDocumentsByCompanyId(companyId);
    res.status(200).json({
      success: true,
      count: documents.length,
      data: documents,
    });
  } catch (error) {
    next(error);
  }
 };
 /**
 * Upload a document for a company
 * POST /api/companies/:companyId/documents
 */
 export const uploadDocument = async (req, res, next) => {
  try {
    const { companyId } = req.params;
    const userId = req.userId;
    const { description } = req.body;
    const document = await companyDocumentService.uploadDocument({
      companyId,
      userId,
      file: req.file,
      description,
    });
    res.status(201).json({
      success: true,
      data: document,
      message: 'Dokument bol nahraný',
    });
  } catch (error) {
    next(error);
  }
 };
 /**
 * Download a document
 * GET /api/companies/:companyId/documents/:docId/download
 */
 export const downloadDocument = async (req, res, next) => {
  try {
    const { companyId, docId } = req.params;
    const { filePath, fileName, fileType } = await companyDocumentService.getDocumentForDownload(
      companyId,
      docId
    );
    res.setHeader('Content-Type', fileType);
    res.setHeader('Content-Disposition', `attachment; filename="${encodeURIComponent(fileName)}"`);
    res.sendFile(filePath);
  } catch (error) {
    next(error);
  }
 };
 /**
 * Delete a document
 * DELETE /api/companies/:companyId/documents/:docId
 */
 export const deleteDocument = async (req, res, next) => {
  try {
    const { companyId, docId } = req.params;
    const result = await companyDocumentService.deleteDocument(companyId, docId);
    res.status(200).json({
      success: true,
      message: result.message,
    });
  } catch (error) {
    next(error);
  }
 };
--- a/src/controllers/service.controller.js
+++ b/src/controllers/service.controller.js
@@ -0,0 +1,101 @@
 import * as serviceService from '../services/service.service.js';
 /**
 * Get all services
 * GET /api/services
 */
 export const getAllServices = async (req, res, next) => {
  try {
    const services = await serviceService.getAllServices();
    res.status(200).json({
      success: true,
      count: services.length,
      data: services,
    });
  } catch (error) {
    next(error);
  }
 };
 /**
 * Get service by ID
 * GET /api/services/:serviceId
 */
 export const getServiceById = async (req, res, next) => {
  try {
    const { serviceId } = req.params;
    const service = await serviceService.getServiceById(serviceId);
    res.status(200).json({
      success: true,
      data: service,
    });
  } catch (error) {
    next(error);
  }
 };
 /**
 * Create new service
 * POST /api/services
 * Body: { name, price, description }
 */
 export const createService = async (req, res, next) => {
  try {
    const userId = req.userId;
    const data = req.body;
    const service = await serviceService.createService(userId, data);
    res.status(201).json({
      success: true,
      data: service,
      message: 'Služba bola vytvorená',
    });
  } catch (error) {
    next(error);
  }
 };
 /**
 * Update service
 * PUT /api/services/:serviceId
 * Body: { name, price, description }
 */
 export const updateService = async (req, res, next) => {
  try {
    const { serviceId } = req.params;
    const data = req.body;
    const service = await serviceService.updateService(serviceId, data);
    res.status(200).json({
      success: true,
      data: service,
      message: 'Služba bola aktualizovaná',
    });
  } catch (error) {
    next(error);
  }
 };
 /**
 * Delete service
 * DELETE /api/services/:serviceId
 */
 export const deleteService = async (req, res, next) => {
  try {
    const { serviceId } = req.params;
    const result = await serviceService.deleteService(serviceId);
    res.status(200).json({
      success: true,
      message: result.message,
    });
  } catch (error) {
    next(error);
  }
 };
--- a/src/controllers/time-tracking.controller.js
+++ b/src/controllers/time-tracking.controller.js
@@ -325,3 +325,37 @@ export const getMonthlyStats = async (req, res, next) => {
    next(error);
  }
 };
 /**
 * Generate timesheet for a specific company
 * POST /api/time-tracking/generate-company-timesheet
 * Body: { year, month, companyId }
 */
 export const generateCompanyTimesheet = async (req, res, next) => {
  try {
    const userId = req.userId;
    const { year, month, companyId } = req.body;
    if (!year || !month || !companyId) {
      return res.status(400).json({
        success: false,
        message: 'Year, month and companyId are required',
      });
    }
    const result = await timeTrackingService.generateCompanyTimesheet(
      userId,
      parseInt(year),
      parseInt(month),
      companyId
    );
    res.status(201).json({
      success: true,
      data: result,
      message: `Timesheet pre firmu ${result.companyName} bol vygenerovaný`,
    });
  } catch (error) {
    next(error);
  }
 };
--- a/src/db/schema.js
+++ b/src/db/schema.js
@@ -284,6 +284,32 @@ export const timeEntries = pgTable('time_entries', {
  updatedAt: timestamp('updated_at').defaultNow().notNull(),
 });
 // Company Documents table - dokumenty nahrané k firme
 export const companyDocuments = pgTable('company_documents', {
  id: uuid('id').primaryKey().defaultRandom(),
  companyId: uuid('company_id').references(() => companies.id, { onDelete: 'cascade' }).notNull(),
  fileName: text('file_name').notNull(), // unikátny názov súboru na disku
  originalName: text('original_name').notNull(), // pôvodný názov súboru
  filePath: text('file_path').notNull(), // cesta k súboru
  fileType: text('file_type').notNull(), // MIME typ
  fileSize: integer('file_size').notNull(), // veľkosť v bytoch
  description: text('description'),
  uploadedBy: uuid('uploaded_by').references(() => users.id, { onDelete: 'set null' }),
  uploadedAt: timestamp('uploaded_at').defaultNow().notNull(),
  createdAt: timestamp('created_at').defaultNow().notNull(),
 });
 // Services table - služby ponúkané firmou
 export const services = pgTable('services', {
  id: uuid('id').primaryKey().defaultRandom(),
  name: text('name').notNull(),
  price: text('price').notNull(), // stored as text for flexibility with decimal
  description: text('description'),
  createdBy: uuid('created_by').references(() => users.id, { onDelete: 'set null' }),
  createdAt: timestamp('created_at').defaultNow().notNull(),
  updatedAt: timestamp('updated_at').defaultNow().notNull(),
 });
 // Messages table - interná komunikácia medzi používateľmi
 export const messages = pgTable('messages', {
  id: uuid('id').primaryKey().defaultRandom(),
--- a/src/routes/company.routes.js
+++ b/src/routes/company.routes.js
@@ -1,6 +1,8 @@
 import express from 'express';
 import multer from 'multer';
 import * as companyController from '../controllers/company.controller.js';
 import * as personalContactController from '../controllers/personal-contact.controller.js';
 import * as companyDocumentController from '../controllers/company-document.controller.js';
 import { authenticate } from '../middlewares/auth/authMiddleware.js';
 import { requireAdmin } from '../middlewares/auth/roleMiddleware.js';
 import { checkCompanyAccess } from '../middlewares/auth/resourceAccessMiddleware.js';
@@ -8,6 +10,14 @@ import { validateBody, validateParams } from '../middlewares/security/validateIn
 import { createCompanySchema, updateCompanySchema, createCompanyReminderSchema, updateCompanyReminderSchema } from '../validators/crm.validators.js';
 import { z } from 'zod';
 // Configure multer for file uploads (memory storage)
 const upload = multer({
  storage: multer.memoryStorage(),
  limits: {
    fileSize: 50 * 1024 * 1024, // 50MB max
  },
 });
 const router = express.Router();
 // All company routes require authentication
@@ -198,4 +208,40 @@ router.get(
  personalContactController.getContactsByCompany
 );
 // Company Documents
 router.get(
  '/:companyId/documents',
  validateParams(z.object({ companyId: z.string().uuid() })),
  checkCompanyAccess,
  companyDocumentController.getDocuments
 );
 router.post(
  '/:companyId/documents',
  validateParams(z.object({ companyId: z.string().uuid() })),
  checkCompanyAccess,
  upload.single('file'),
  companyDocumentController.uploadDocument
 );
 router.get(
  '/:companyId/documents/:docId/download',
  validateParams(z.object({
    companyId: z.string().uuid(),
    docId: z.string().uuid()
  })),
  checkCompanyAccess,
  companyDocumentController.downloadDocument
 );
 router.delete(
  '/:companyId/documents/:docId',
  requireAdmin,
  validateParams(z.object({
    companyId: z.string().uuid(),
    docId: z.string().uuid()
  })),
  companyDocumentController.deleteDocument
 );
 export default router;
--- a/src/routes/event.routes.js
+++ b/src/routes/event.routes.js
@@ -1,7 +1,6 @@
 import express from 'express';
 import * as eventController from '../controllers/event.controller.js';
 import { authenticate } from '../middlewares/auth/authMiddleware.js';
 import { requireAdmin } from '../middlewares/auth/roleMiddleware.js';
 import { validateBody, validateParams, validateQuery } from '../middlewares/security/validateInput.js';
 import { createEventSchema, updateEventSchema } from '../validators/crm.validators.js';
 import { z } from 'zod';
@@ -39,42 +38,38 @@ router.get(
 );
 /**
- * POST /api/events - Vytvoriť event (iba admin)
+ * POST /api/events - Vytvoriť event (všetci autentifikovaní používatelia)
 */
 router.post(
  '/',
  requireAdmin,
  validateBody(createEventSchema),
  eventController.createEvent
 );
 /**
- * PUT /api/events/:eventId - Upraviť event (iba admin)
+ * PUT /api/events/:eventId - Upraviť event (všetci autentifikovaní používatelia)
 */
 router.put(
  '/:eventId',
  requireAdmin,
  validateParams(eventIdSchema),
  validateBody(updateEventSchema),
  eventController.updateEvent
 );
 /**
- * DELETE /api/events/:eventId - Zmazať event (iba admin)
+ * DELETE /api/events/:eventId - Zmazať event (všetci autentifikovaní používatelia)
 */
 router.delete(
  '/:eventId',
  requireAdmin,
  validateParams(eventIdSchema),
  eventController.deleteEvent
 );
 /**
- * POST /api/events/:eventId/notify - Odoslať notifikácie priradeným používateľom (iba admin)
+ * POST /api/events/:eventId/notify - Odoslať notifikácie priradeným používateľom (všetci autentifikovaní používatelia)
 */
 router.post(
  '/:eventId/notify',
  requireAdmin,
  validateParams(eventIdSchema),
  eventController.sendEventNotification
 );
--- a/src/routes/service.routes.js
+++ b/src/routes/service.routes.js
@@ -0,0 +1,63 @@
 import express from 'express';
 import * as serviceController from '../controllers/service.controller.js';
 import { authenticate } from '../middlewares/auth/authMiddleware.js';
 import { requireAdmin } from '../middlewares/auth/roleMiddleware.js';
 import { validateBody, validateParams } from '../middlewares/security/validateInput.js';
 import { createServiceSchema, updateServiceSchema } from '../validators/crm.validators.js';
 import { z } from 'zod';
 const router = express.Router();
 const serviceIdSchema = z.object({
  serviceId: z.string().uuid(),
 });
 // All service routes require authentication
 router.use(authenticate);
 /**
 * GET /api/services - Get all services (all authenticated users)
 */
 router.get('/', serviceController.getAllServices);
 /**
 * GET /api/services/:serviceId - Get service by ID (all authenticated users)
 */
 router.get(
  '/:serviceId',
  validateParams(serviceIdSchema),
  serviceController.getServiceById
 );
 /**
 * POST /api/services - Create new service (admin only)
 */
 router.post(
  '/',
  requireAdmin,
  validateBody(createServiceSchema),
  serviceController.createService
 );
 /**
 * PUT /api/services/:serviceId - Update service (admin only)
 */
 router.put(
  '/:serviceId',
  requireAdmin,
  validateParams(serviceIdSchema),
  validateBody(updateServiceSchema),
  serviceController.updateService
 );
 /**
 * DELETE /api/services/:serviceId - Delete service (admin only)
 */
 router.delete(
  '/:serviceId',
  requireAdmin,
  validateParams(serviceIdSchema),
  serviceController.deleteService
 );
 export default router;
--- a/src/routes/time-tracking.routes.js
+++ b/src/routes/time-tracking.routes.js
@@ -63,6 +63,19 @@ router.post(
  timeTrackingController.generateMonthlyTimesheet
 );
 // Generate company timesheet (XLSX)
 router.post(
  '/generate-company-timesheet',
  validateBody(
    z.object({
      year: z.number().int().min(2000).max(2100),
      month: z.number().int().min(1).max(12),
      companyId: z.string().uuid('Neplatný formát company ID'),
    })
  ),
  timeTrackingController.generateCompanyTimesheet
 );
 // Get monthly statistics
 router.get(
  '/stats/monthly/:year/:month',
--- a/src/services/company-document.service.js
+++ b/src/services/company-document.service.js
@@ -0,0 +1,166 @@
 import fs from 'fs/promises';
 import path from 'path';
 import { db } from '../config/database.js';
 import { companyDocuments, companies, users } from '../db/schema.js';
 import { and, desc, eq } from 'drizzle-orm';
 import { BadRequestError, NotFoundError } from '../utils/errors.js';
 import { logger } from '../utils/logger.js';
 const BASE_UPLOAD_DIR = path.join(process.cwd(), 'uploads', 'documents');
 const buildDestinationPath = (companyId, originalName) => {
  const ext = path.extname(originalName);
  const name = path.basename(originalName, ext);
  const uniqueSuffix = `${Date.now()}-${Math.round(Math.random() * 1e9)}`;
  const filename = `${name}-${uniqueSuffix}${ext}`;
  const folder = path.join(BASE_UPLOAD_DIR, companyId);
  const filePath = path.join(folder, filename);
  return { folder, filename, filePath };
 };
 const safeUnlink = async (filePath) => {
  if (!filePath) return;
  try {
    await fs.unlink(filePath);
  } catch (error) {
    logger.error('Failed to delete file', error);
  }
 };
 const ensureCompanyExists = async (companyId) => {
  const [company] = await db
    .select()
    .from(companies)
    .where(eq(companies.id, companyId))
    .limit(1);
  if (!company) {
    throw new NotFoundError('Firma nenájdená');
  }
  return company;
 };
 /**
 * Get all documents for a company
 */
 export const getDocumentsByCompanyId = async (companyId) => {
  await ensureCompanyExists(companyId);
  return db
    .select({
      id: companyDocuments.id,
      companyId: companyDocuments.companyId,
      fileName: companyDocuments.fileName,
      originalName: companyDocuments.originalName,
      fileType: companyDocuments.fileType,
      fileSize: companyDocuments.fileSize,
      description: companyDocuments.description,
      uploadedAt: companyDocuments.uploadedAt,
      uploadedBy: companyDocuments.uploadedBy,
      uploaderUsername: users.username,
      uploaderFirstName: users.firstName,
      uploaderLastName: users.lastName,
    })
    .from(companyDocuments)
    .leftJoin(users, eq(companyDocuments.uploadedBy, users.id))
    .where(eq(companyDocuments.companyId, companyId))
    .orderBy(desc(companyDocuments.uploadedAt));
 };
 /**
 * Upload a document for a company
 */
 export const uploadDocument = async ({ companyId, userId, file, description }) => {
  if (!file) {
    throw new BadRequestError('Súbor nebol nahraný');
  }
  await ensureCompanyExists(companyId);
  const { folder, filename, filePath } = buildDestinationPath(companyId, file.originalname);
  await fs.mkdir(folder, { recursive: true });
  try {
    await fs.writeFile(filePath, file.buffer);
    const [newDoc] = await db
      .insert(companyDocuments)
      .values({
        companyId,
        fileName: filename,
        originalName: file.originalname,
        filePath,
        fileType: file.mimetype,
        fileSize: file.size,
        description: description || null,
        uploadedBy: userId,
      })
      .returning();
    return newDoc;
  } catch (error) {
    await safeUnlink(filePath);
    throw error;
  }
 };
 /**
 * Get document by ID for download
 */
 export const getDocumentForDownload = async (companyId, documentId) => {
  await ensureCompanyExists(companyId);
  const [doc] = await db
    .select()
    .from(companyDocuments)
    .where(and(
      eq(companyDocuments.id, documentId),
      eq(companyDocuments.companyId, companyId)
    ))
    .limit(1);
  if (!doc) {
    throw new NotFoundError('Dokument nenájdený');
  }
  try {
    await fs.access(doc.filePath);
  } catch {
    throw new NotFoundError('Súbor nebol nájdený na serveri');
  }
  return {
    document: doc,
    filePath: doc.filePath,
    fileName: doc.originalName,
    fileType: doc.fileType,
  };
 };
 /**
 * Delete a document
 */
 export const deleteDocument = async (companyId, documentId) => {
  await ensureCompanyExists(companyId);
  const [doc] = await db
    .select()
    .from(companyDocuments)
    .where(and(
      eq(companyDocuments.id, documentId),
      eq(companyDocuments.companyId, companyId)
    ))
    .limit(1);
  if (!doc) {
    throw new NotFoundError('Dokument nenájdený');
  }
  await safeUnlink(doc.filePath);
  await db.delete(companyDocuments).where(eq(companyDocuments.id, documentId));
  return { success: true, message: 'Dokument bol odstránený' };
 };
--- a/src/services/service.service.js
+++ b/src/services/service.service.js
@@ -0,0 +1,87 @@
 import { db } from '../config/database.js';
 import { services } from '../db/schema.js';
 import { eq, desc } from 'drizzle-orm';
 import { NotFoundError } from '../utils/errors.js';
 /**
 * Get all services
 */
 export const getAllServices = async () => {
  return await db
    .select()
    .from(services)
    .orderBy(desc(services.createdAt));
 };
 /**
 * Get service by ID
 */
 export const getServiceById = async (serviceId) => {
  const [service] = await db
    .select()
    .from(services)
    .where(eq(services.id, serviceId))
    .limit(1);
  if (!service) {
    throw new NotFoundError('Služba nenájdená');
  }
  return service;
 };
 /**
 * Create new service
 * @param {string} userId - ID of user creating the service
 * @param {object} data - Service data
 */
 export const createService = async (userId, data) => {
  const { name, price, description } = data;
  const [newService] = await db
    .insert(services)
    .values({
      name,
      price,
      description: description || null,
      createdBy: userId,
    })
    .returning();
  return newService;
 };
 /**
 * Update service
 * @param {string} serviceId - ID of service to update
 * @param {object} data - Updated data
 */
 export const updateService = async (serviceId, data) => {
  const service = await getServiceById(serviceId);
  const { name, price, description } = data;
  const [updated] = await db
    .update(services)
    .set({
      name: name !== undefined ? name : service.name,
      price: price !== undefined ? price : service.price,
      description: description !== undefined ? description : service.description,
      updatedAt: new Date(),
    })
    .where(eq(services.id, serviceId))
    .returning();
  return updated;
 };
 /**
 * Delete service
 */
 export const deleteService = async (serviceId) => {
  await getServiceById(serviceId); // Check if exists
  await db.delete(services).where(eq(services.id, serviceId));
  return { success: true, message: 'Služba bola odstránená' };
 };
--- a/src/services/time-tracking.service.js
+++ b/src/services/time-tracking.service.js
@@ -677,6 +677,218 @@ export const getTimeEntryWithRelations = async (entryId) => {
  };
 };
 /**
 * Generate an XLSX timesheet for a specific company for a given month and user.
 */
 export const generateCompanyTimesheet = async (userId, year, month, companyId) => {
  const startDate = new Date(year, month - 1, 1);
  const endDate = new Date(year, month, 0, 23, 59, 59, 999);
  const [user] = await db
    .select({
      username: users.username,
      firstName: users.firstName,
      lastName: users.lastName,
    })
    .from(users)
    .where(eq(users.id, userId))
    .limit(1);
  if (!user) {
    throw new NotFoundError('Používateľ nenájdený');
  }
  const [company] = await db
    .select()
    .from(companies)
    .where(eq(companies.id, companyId))
    .limit(1);
  if (!company) {
    throw new NotFoundError('Firma nenájdená');
  }
  const entries = await db
    .select({
      id: timeEntries.id,
      startTime: timeEntries.startTime,
      endTime: timeEntries.endTime,
      duration: timeEntries.duration,
      description: timeEntries.description,
      projectName: projects.name,
      todoTitle: todos.title,
    })
    .from(timeEntries)
    .leftJoin(projects, eq(timeEntries.projectId, projects.id))
    .leftJoin(todos, eq(timeEntries.todoId, todos.id))
    .where(
      and(
        eq(timeEntries.userId, userId),
        eq(timeEntries.companyId, companyId),
        gte(timeEntries.startTime, startDate),
        lte(timeEntries.startTime, endDate)
      )
    )
    .orderBy(timeEntries.startTime);
  const completedEntries = entries.filter((entry) => entry.endTime && entry.duration !== null);
  if (completedEntries.length === 0) {
    throw new NotFoundError('Žiadne dokončené záznamy pre danú firmu a mesiac');
  }
  let totalMinutes = 0;
  const dailyTotals = {};
  completedEntries.forEach((entry) => {
    const minutes = entry.duration || 0;
    totalMinutes += minutes;
    const day = formatDate(entry.startTime);
    dailyTotals[day] = (dailyTotals[day] || 0) + minutes;
  });
  const workbook = new ExcelJS.Workbook();
  workbook.creator = 'crm-server';
  const worksheet = workbook.addWorksheet('Company Timesheet', {
    views: [{ state: 'frozen', ySplit: 7 }],
  });
  const fullName = [user.firstName, user.lastName].filter(Boolean).join(' ') || user.username;
  const periodLabel = `${year}-${String(month).padStart(2, '0')}`;
  worksheet.getCell('A1').value = 'Company Timesheet';
  worksheet.getCell('A1').font = { name: 'Calibri', size: 16, bold: true };
  worksheet.mergeCells('A1:D1');
  worksheet.getCell('A2').value = `Company: ${company.name}`;
  worksheet.getCell('A3').value = `Employee: ${fullName}`;
  worksheet.getCell('A4').value = `Period: ${periodLabel}`;
  worksheet.getCell('A5').value = `Generated: ${new Date().toLocaleString()}`;
  worksheet.columns = [
    { key: 'date', width: 12 },
    { key: 'project', width: 28 },
    { key: 'todo', width: 28 },
    { key: 'description', width: 40 },
    { key: 'start', width: 12 },
    { key: 'end', width: 12 },
    { key: 'duration', width: 16 },
  ];
  const headerRowNumber = 7;
  const headerRow = worksheet.getRow(headerRowNumber);
  headerRow.values = [
    'Date',
    'Project',
    'Todo',
    'Description',
    'Start',
    'End',
    'Duration (h:mm)',
  ];
  headerRow.font = { name: 'Calibri', size: 11, bold: true };
  headerRow.alignment = { vertical: 'middle', horizontal: 'center', wrapText: true };
  headerRow.fill = { type: 'pattern', pattern: 'solid', fgColor: { argb: 'FFE8EEF5' } };
  headerRow.height = 20;
  completedEntries.forEach((entry) => {
    worksheet.addRow({
      date: formatDate(entry.startTime),
      project: entry.projectName || '',
      todo: entry.todoTitle || '',
      description: entry.description || '',
      start: formatTime(entry.startTime),
      end: formatTime(entry.endTime),
      duration: formatDuration(entry.duration),
    });
  });
  // Style body rows
  worksheet.eachRow((row, rowNumber) => {
    if (rowNumber >= headerRowNumber) {
      row.alignment = { vertical: 'middle', wrapText: true };
    }
  });
  let summaryStart = worksheet.lastRow.number + 2;
  worksheet.getCell(`A${summaryStart}`).value = 'Daily totals';
  worksheet.getCell(`A${summaryStart}`).font = { name: 'Calibri', size: 12, bold: true };
  worksheet.mergeCells(`A${summaryStart}:B${summaryStart}`);
  const dailyHeaderRowNumber = summaryStart + 1;
  const dailyHeaderRow = worksheet.getRow(dailyHeaderRowNumber);
  dailyHeaderRow.values = ['Date', 'Total (h:mm)'];
  dailyHeaderRow.font = { name: 'Calibri', size: 11, bold: true };
  dailyHeaderRow.alignment = { vertical: 'middle', horizontal: 'center' };
  dailyHeaderRow.fill = { type: 'pattern', pattern: 'solid', fgColor: { argb: 'FFE8EEF5' } };
  Object.keys(dailyTotals)
    .sort()
    .forEach((day) => {
      worksheet.addRow([day, formatDuration(dailyTotals[day])]);
    });
  const overallRow = worksheet.addRow(['Overall total', formatDuration(totalMinutes)]);
  overallRow.font = { name: 'Calibri', size: 11, bold: true };
  const uploadsDir = path.join(
    process.cwd(),
    'uploads',
    'timesheets',
    userId.toString(),
    year.toString(),
    month.toString()
  );
  await fs.mkdir(uploadsDir, { recursive: true });
  const filename = `company-timesheet-${company.name.replace(/[^a-zA-Z0-9]/g, '_')}-${periodLabel}-${Date.now()}.xlsx`;
  const filePath = path.join(uploadsDir, filename);
  let savedFilePath = null;
  try {
    await workbook.xlsx.writeFile(filePath);
    savedFilePath = filePath;
    const { size: fileSize } = await fs.stat(filePath);
    const [newTimesheet] = await db
      .insert(timesheets)
      .values({
        userId,
        fileName: filename,
        filePath,
        fileType: 'xlsx',
        fileSize,
        year,
        month,
        isGenerated: true,
      })
      .returning();
    return {
      timesheet: {
        id: newTimesheet.id,
        fileName: newTimesheet.fileName,
        fileType: newTimesheet.fileType,
        fileSize: newTimesheet.fileSize,
        year: newTimesheet.year,
        month: newTimesheet.month,
        isGenerated: newTimesheet.isGenerated,
        uploadedAt: newTimesheet.uploadedAt,
      },
      companyName: company.name,
      totals: {
        totalMinutes,
        totalFormatted: formatDuration(totalMinutes),
        daily: dailyTotals,
      },
    };
  } catch (error) {
    if (savedFilePath) {
      await fs.unlink(savedFilePath).catch(() => {});
    }
    throw error;
  }
 };
 /**
 * Get monthly statistics for a user
 */
--- a/src/validators/crm.validators.js
+++ b/src/validators/crm.validators.js
@@ -177,7 +177,7 @@ export const updateTimeEntrySchema = z.object({
 export const createEventSchema = z.object({
  title: z.string().min(1, 'Názov je povinný'),
  description: z.string().optional(),
-  type: z.enum(['meeting', 'event', 'important']).default('meeting'),
+  type: z.enum(['meeting', 'event', 'important', 'dostupnost', 'ine']).default('meeting'),
  start: z.string().min(1, 'Začiatok je povinný'),
  end: z.string().min(1, 'Koniec je povinný'),
  assignedUserIds: z.array(z.string().uuid('Neplatný formát user ID')).optional(),
@@ -186,8 +186,30 @@ export const createEventSchema = z.object({
 export const updateEventSchema = z.object({
  title: z.string().min(1).optional(),
  description: z.string().optional(),
-  type: z.enum(['meeting', 'event', 'important']).optional(),
+  type: z.enum(['meeting', 'event', 'important', 'dostupnost', 'ine']).optional(),
  start: z.string().optional(),
  end: z.string().optional(),
  assignedUserIds: z.array(z.string().uuid('Neplatný formát user ID')).optional(),
 });
 // Service validators
 export const createServiceSchema = z.object({
  name: z
    .string({
      required_error: 'Názov služby je povinný',
    })
    .min(1, 'Názov služby nemôže byť prázdny')
    .max(255, 'Názov služby môže mať maximálne 255 znakov'),
  price: z
    .string({
      required_error: 'Cena je povinná',
    })
    .min(1, 'Cena nemôže byť prázdna'),
  description: z.string().max(1000).optional(),
 });
 export const updateServiceSchema = z.object({
  name: z.string().min(1).max(255).optional(),
  price: z.string().min(1).optional(),
  description: z.string().max(1000).optional().or(z.literal('').or(z.null())),
 });