') ha settato routeParam // a una section valida, applicarla al mount (entry-point dal widget Dashboard). React.useEffect(() => { if (!routeParam) return; const valid = CUST_SECTIONS.flatMap((g) => g.items).some((i) => i.id === routeParam); if (valid && section !== routeParam) setSection(routeParam); }, [routeParam]); if (!seedCustom) { return (

Caricamento configurazione…

); } const flatItems = CUST_SECTIONS.flatMap((g) => g.items); const current = flatItems.find((i) => i.id === section) || flatItems[0]; // Stats globali header const stats = { docTypes: (seedCustom.DOC_TYPES || []).length, checkRules: (seedCustom.CHECKLIST_RULES || []).length, workflows: (seedCustom.APPROVAL_WORKFLOWS || []).length, matrixRows: (seedCustom.APPROVAL_MATRIX || []).length, roles: (seedCustom.ROLES || []).length, sla: (seedCustom.SLA_POLICIES || []).length, notif: (seedCustom.NOTIFICATION_RULES || []).length, agents: (seedCustom.AI_AGENTS || []).length, }; return (

Governance · Amministrazione

Customizing

Configurazione funzionale del sistema: organizzazione, catalogo, regole di processo, AI e notifiche. Ogni modifica è versionata e auditata.

Config v7 · published Versioni Export YAML Publish draft

{/* KPI overview */}

d.active).length} attivi`} tone="flat"/>

r.entityType)).size} entity types`} tone="flat"/>

a+(w.activeInstances||0),0)} istanze`} tone="flat"/>

{/* Split: sidebar interna + content */}

{/* Left nav */}

{CUST_SECTIONS.map((g) => (

{g.group}

{g.items.map((it) => ( ))}

))}

{/* Right panel */}

{current.label}

v{(seedCustom.CONFIG_VERSIONS||[]).length||'7'} · published

{current.sub}

{section === 'doctypes' && } {section === 'checklists' && } {section === 'workflows' && } {section === 'matrix' && } {section === 'roles' && } {section === 'projectroles' && } {section === 'delegations'&& } {section === 'categories' && } {section === 'capex' && } {section === 'org' && } {section === 'calendars' && } {section === 'users' && } {section === 'sla' && } {section === 'notif' && } {section === 'aiagents' && } {section === 'healthpolicy' && (window.CustHealthPolicy ? :

Caricamento…

)} {section === 'anomalies' && } {section === 'toolexec' && } {section === 'tenants' && } {section === 'templates' && } {section === 'branding' && } {section === 'storage' && } {section === 'versions' && } {section === 'webhooks' && }

); } /** * FASE 3a.13: Branding form editable. * Carica il singleton da /api/config/branding al mount, PATCH on Save. */ function CustBrandingPlaceholder() { const { user, pushToast } = useStore(); const [branding, setBranding] = React.useState(null); const [form, setForm] = React.useState(null); const [loading, setLoading] = React.useState(true); const [saving, setSaving] = React.useState(false); const [error, setError] = React.useState(null); React.useEffect(() => { let cancelled = false; setLoading(true); fetch('/api/config/branding') .then(r => r.json()) .then(json => { if (cancelled) return; if (json?.data) { setBranding(json.data); setForm({ claim: json.data.claim || '', fontFamily: json.data.fontFamily || 'IBM Plex Sans', defaultDensity: json.data.defaultDensity || 'high', defaultTheme: json.data.defaultTheme || 'dark', languages: (json.data.languages || ['it']).join(', '), dateFormat: json.data.dateFormat || 'dd/MM/yyyy', accent: (json.data.colors && json.data.colors.accent) || '', favicon: json.data.favicon || '', logoLight: json.data.logoLight || '', logoDark: json.data.logoDark || '', projectCodePrefix: json.data.projectCodePrefix || 'INV-', }); } }) .catch(e => !cancelled && setError(String(e))) .finally(() => !cancelled && setLoading(false)); return () => { cancelled = true; }; }, []); if (loading) return

Caricamento branding…

; if (!form) return

Branding singleton non disponibile in DB. Inizializzare via seed.

; const set = (k, v) => setForm(f => ({ ...f, [k]: v })); async function handleSave() { if (saving) return; setSaving(true); setError(null); try { const body = { claim: form.claim.trim() || null, fontFamily: form.fontFamily.trim() || 'IBM Plex Sans', defaultDensity: form.defaultDensity, defaultTheme: form.defaultTheme, languages: form.languages.split(',').map(s => s.trim()).filter(Boolean), dateFormat: form.dateFormat.trim() || 'dd/MM/yyyy', colors: { ...(branding?.colors || {}), accent: form.accent.trim() || (branding?.colors?.accent || '#FF6600') }, favicon: form.favicon.trim() || null, logoLight: form.logoLight.trim() || null, logoDark: form.logoDark.trim() || null, projectCodePrefix: (form.projectCodePrefix || 'INV-').trim().toUpperCase(), }; const res = await fetch('/api/config/branding', { method: 'PATCH', headers: { 'content-type': 'application/json', ...(user?.id ? { 'X-Actor-Persona-Id': user.id } : {}) }, body: JSON.stringify(body), }); const json = await res.json().catch(()=>({})); if (!res.ok) { const msg = json?.error === 'validation_error' ? `Validazione fallita: ${(json.issues||[]).map(i=>i.message).join(' · ')}` : (json?.error || `HTTP ${res.status}`); setError(msg); return; } if (json?.data) setBranding(json.data); pushToast({ title: 'Branding aggiornato', desc: json?.changed === false ? 'Nessuna modifica rilevata' : 'Salvato in DB. Audit registrato.', tone: 'ok' }); } catch (e) { setError(String(e?.message || e)); } finally { setSaving(false); } } return (

Branding singleton del tenant. Le modifiche sono live e applicate al prossimo refresh dell'app.

{saving ? 'Salvataggio…' : 'Salva modifiche'}

Identità & claim

Claim / tagline set('claim', e.target.value)} placeholder="Industrial Investment Governance"/>

Logo light (URL) set('logoLight', e.target.value)} placeholder="/assets/logo-light.svg"/>

Logo dark (URL) set('logoDark', e.target.value)} placeholder="/assets/logo-dark.svg"/>

Favicon (URL) set('favicon', e.target.value)} placeholder="/assets/favicon.ico"/>

Colore accento (hex/oklch)

set('accent', e.target.value)} placeholder="#FF6600 o oklch(...)" style={{fontFamily:'var(--font-mono)', fontSize:12}}/>

Localizzazione

Font family

Densità default

Tema default

Lingue abilitate (CSV) set('languages', e.target.value)} placeholder="it, en, de"/>

Formato data

Prefisso codice progetto set('projectCodePrefix', e.target.value)} placeholder="INV- o CPX-" maxLength={16} pattern="[A-Za-z0-9]+-?" style={{ fontFamily: 'var(--font-mono)', fontSize: 12, textTransform: 'uppercase' }} data-testid="branding-project-code-prefix-input" />

Es. INV- → INV-MIL-MAC-123; CPX → CPX-ROM-IT-456. Si applica ai nuovi codici progetto generati dal sistema (formato <PREFIX>-<SITE>-<CAT>-NNN).

{error && (

{error}

)}

PATCH /api/config/branding persiste in DB con audit log. Il record è singleton del tenant. Per applicare i cambi visivamente serve refresh dell'app.

); } /** * FASE 2c.3 (Sprint 2b cliente): Storage backend editable. * Singleton storage_settings. Switch tra MinIO / AWS S3 / Filesystem locale a runtime. * - PATCH /api/settings/storage cifra la secret_key AES-GCM e invalida la cache lib/storage. * - POST /api/settings/storage/test fa un round-trip put→get→delete su un blob effimero. */ function CustStorage() { const { user, pushToast } = useStore(); const [settings, setSettings] = React.useState(null); const [form, setForm] = React.useState(null); const [loading, setLoading] = React.useState(true); const [saving, setSaving] = React.useState(false); const [testing, setTesting] = React.useState(false); const [testResult, setTestResult] = React.useState(null); // { ok, latencyMs, detail, step } const [secretDraft, setSecretDraft] = React.useState(''); const [error, setError] = React.useState(null); const reload = React.useCallback(async () => { setLoading(true); setError(null); try { const res = await fetch('/api/settings/storage', { cache: 'no-store' }); if (!res.ok) throw new Error(`HTTP ${res.status}`); const json = await res.json(); const dto = json?.data; if (!dto) throw new Error('payload vuoto'); setSettings(dto); setForm({ backend: dto.backend, endpoint: dto.endpoint || '', region: dto.region, bucket: dto.bucket, accessKey: dto.accessKey || '', forcePathStyle: dto.forcePathStyle, localRootPath: dto.localRootPath || '', }); setSecretDraft(''); } catch (e) { setError(String(e?.message || e)); } finally { setLoading(false); } }, []); React.useEffect(() => { reload(); }, [reload]); const set = (k, v) => setForm(f => ({ ...f, [k]: v })); async function handleSave() { if (saving || !form) return; setSaving(true); setError(null); setTestResult(null); try { const body = { backend: form.backend, endpoint: form.backend === 'local' ? null : (form.endpoint.trim() || null), region: form.region.trim() || 'us-east-1', bucket: form.bucket.trim(), accessKey: form.accessKey.trim() || null, forcePathStyle: !!form.forcePathStyle, localRootPath: form.backend === 'local' ? (form.localRootPath.trim() || null) : null, }; // Includi secretKey solo se l'utente ha digitato qualcosa if (secretDraft.trim()) body.secretKey = secretDraft.trim(); const res = await fetch('/api/settings/storage', { method: 'PATCH', headers: { 'content-type': 'application/json', ...(user?.id ? { 'X-Actor-Persona-Id': user.id } : {}), }, body: JSON.stringify(body), }); const json = await res.json().catch(() => ({})); if (!res.ok) { const msg = json?.error === 'validation_error' ? `Validazione: ${(json.issues || []).map(i => `${i.path?.join('.')||''} ${i.message}`).join(' · ')}` : (json?.error || `HTTP ${res.status}`); setError(msg); return; } if (json?.data) { setSettings(json.data); setSecretDraft(''); } pushToast({ title: 'Storage aggiornato', desc: json?.changed === false ? 'Nessuna modifica' : 'Salvato + cache invalidata', tone: 'ok', }); } catch (e) { setError(String(e?.message || e)); } finally { setSaving(false); } } async function handleTestConnection() { if (testing) return; setTesting(true); setTestResult(null); try { const res = await fetch('/api/settings/storage/test', { method: 'POST', headers: { 'content-type': 'application/json', ...(user?.id ? { 'X-Actor-Persona-Id': user.id } : {}), }, }); const json = await res.json().catch(() => ({})); if (res.ok && json?.data?.ok) { setTestResult({ ok: true, latencyMs: json.data.latencyMs, step: 'ok' }); pushToast({ title: 'Storage OK', desc: `${json.data.latencyMs}ms`, tone: 'ok' }); } else { setTestResult({ ok: false, latencyMs: json?.latencyMs ?? 0, step: json?.step || 'unknown', detail: json?.detail || 'Errore sconosciuto', }); pushToast({ title: 'Storage test fallito', desc: (json?.detail || 'Errore').slice(0, 160), tone: 'err', }); } } catch (e) { setTestResult({ ok: false, latencyMs: 0, step: 'network', detail: String(e?.message || e) }); } finally { setTesting(false); } } async function handleClearSecret() { if (saving) return; if (!window.confirm('Rimuovere la secret_key dal database?')) return; setSaving(true); try { const res = await fetch('/api/settings/storage', { method: 'PATCH', headers: { 'content-type': 'application/json', ...(user?.id ? { 'X-Actor-Persona-Id': user.id } : {}), }, body: JSON.stringify({ secretKey: null }), }); const json = await res.json().catch(() => ({})); if (!res.ok) { setError(json?.error || `HTTP ${res.status}`); return; } if (json?.data) setSettings(json.data); pushToast({ title: 'secret_key rimossa', tone: 'warn' }); } finally { setSaving(false); } } if (loading) return

Caricamento storage settings…

; if (!form) return

Storage settings non disponibile. Verifica DB.

; const isS3 = form.backend === 'minio' || form.backend === 'aws'; const isLocal = form.backend === 'local'; return (

Backend storage per allegati ProjectDocument. Modifiche live: dopo "Salva" la cache viene invalidata e il prossimo upload usa la nuova config.

{testing ? 'Test…' : <> Test connessione} {saving ? 'Salvataggio…' : 'Salva modifiche'}

{error && (

⚠ {error}

)} {testResult && (

{testResult.ok ? Connessione OK · round-trip put/get/delete riuscito · {testResult.latencyMs}ms : ✗ Test fallito allo step {testResult.step} · {testResult.latencyMs}ms · {testResult.detail}}

)}

Tipo backend

{form.backend === 'minio' && 'MinIO self-hosted (S3-compatible). Setup dev: docker compose -f docker/minio-compose.yml up -d'} {form.backend === 'aws' && 'AWS S3 prod-ready. Richiede credenziali IAM con policy s3:PutObject/GetObject/DeleteObject sul bucket.'} {form.backend === 'local' && 'Filesystem locale (.storage/ del repo). Solo per dev senza Docker o ambienti CI.'}

Bucket & region

Bucket name set('bucket', e.target.value)} placeholder="veridanto-documents" disabled={isLocal} />

S3-compatible: 3-63 caratteri, lowercase, [a-z0-9.-]

Region set('region', e.target.value)} placeholder="us-east-1" disabled={isLocal} />

{isS3 && (

Endpoint & connection

Endpoint URL set('endpoint', e.target.value)} placeholder={form.backend === 'minio' ? 'http://localhost:9010' : '(vuoto = AWS S3 default per la region)'} />

{form.backend === 'minio' ? 'URL completo MinIO. Default dev: http://localhost:9010 (compose Veridanto).' : 'Lascia vuoto per AWS S3 standard. Valorizza per S3 Custom Endpoint (R2, Wasabi, Backblaze).'}

set('forcePathStyle', e.target.checked)} /> forcePathStyle ON per MinIO/R2/Wasabi · OFF per AWS S3 (default virtual-hosted)

)} {isLocal && (

Filesystem path

Local root path set('localRootPath', e.target.value)} placeholder="(vuoto = /.storage/)" />

Path assoluto della directory storage. Vuoto = default .storage/ del worktree.

)} {isS3 && (

Credenziali (cifrate AES-GCM in DB)

Access key ID set('accessKey', e.target.value)} placeholder={form.backend === 'minio' ? 'minioadmin' : 'AKIA...'} />

Secret access key {settings?.hasSecretKey && ( attuale: {settings?.secretKeyHint || '••••'} )} setSecretDraft(e.target.value)} placeholder={settings?.hasSecretKey ? '(lascia vuoto per non modificare)' : 'minioadmin / wJalrXUtnFEMI/K7MDENG/...'} />

{settings?.hasSecretKey && (

Rimuovi secret_key

)}

PATCH /api/settings/storage cifra la secret_key (AES-256-GCM) e invalida la cache di getStorage(). Il prossimo upload/download legge la nuova config dal DB. POST /api/settings/storage/test esegue put→get→delete di un blob effimero per validare la connessione. Audit registrato su storage_settings e storage.test.

); } Object.assign(window, { Customizing });