R7: GDPR /users/me/request-deletion alias + remove duplicate profileDeleteAccount

- auth/gdpr.py: dodan @me_router.post('/request-deletion') alias koji proxy-a na request_erasure (Art. 17). Koristi pravi EraseReq pydantic. - static/app.html: obrisana placeholder profileDeleteAccount funkcija na liniji 944 (M10 mock alert) — sada samo real implementacija na 1902. - E2E verified: damir@pgz.hr → POST /users/me/request-deletion → 200, DB row pgz_sport.gdpr_erasure_requests #1 pending. Tag: P0-demo-fix
2026-05-05 02:06:34 +02:00
parent 28fa98d83f
commit 67372d6c58
15 changed files with 2368 additions and 63 deletions
@@ -3,7 +3,7 @@
 * Reference: app.rinet.one/klasik/dabi
 *
 * Usage:
- *   <link rel="stylesheet" href="/sport/static/shared/sidebar.css">
+ *   <link rel="stylesheet" href="/static/shared/sidebar.css">
 *   <script src="/sport/static/shared/sidebar.js" defer
 *           data-active="dashboard"   // active item id
 *           data-portal="portal"></script> // active portal hint (optional)
@@ -16,47 +16,47 @@

  // Sectioned menu (DABI-style).
  // href can be:
-  //   "/sport/<page>"          → cross-portal navigation (full page load)
+  //   "/<page>"          → cross-portal navigation (full page load)
  //   "/sport/<page>#<hash>"   → cross-portal + intent on that page
  //   "#<id>"                  → in-page anchor (handled by host page on hashchange)
  const SIDEBAR_SECTIONS = [
    {title:'PORTAL', items: [
-      {id:'dashboard',     ic:'\u{1F4CA}', label:'Dashboard',      href:'/sport/static/sport2.html#dashboard'},
-      {id:'savezi',        ic:'\u{1F3C5}', label:'Savezi',         href:'/sport/static/sport2.html#savezi'},
-      {id:'klubovi',       ic:'⬢',    label:'Klubovi',        href:'/sport/static/sport2.html#klubovi'},
-      {id:'sportasi',      ic:'\u{1F464}', label:'Sportaši',       href:'/sport/static/sport2.html#sportasi'},
-      {id:'manifestacije', ic:'\u{1F4C5}', label:'Manifestacije',  href:'/sport/static/sport2.html#manifestacije'}
+      {id:'dashboard',     ic:'\u{1F4CA}', label:'Dashboard',      href:'/static/sport2.html#dashboard'},
+      {id:'savezi',        ic:'\u{1F3C5}', label:'Savezi',         href:'/static/sport2.html#savezi'},
+      {id:'klubovi',       ic:'⬢',    label:'Klubovi',        href:'/static/sport2.html#klubovi'},
+      {id:'sportasi',      ic:'\u{1F464}', label:'Sportaši',       href:'/static/sport2.html#sportasi'},
+      {id:'manifestacije', ic:'\u{1F4C5}', label:'Manifestacije',  href:'/static/sport2.html#manifestacije'}
    ]},
    {title:'OPERATIVA', items: [
-      {id:'profil',   ic:'\u{1F464}', label:'Moj profil',    href:'/sport/app#profil'},
-      {id:'app',      ic:'\u{1F4F1}', label:'Aplikacija',    href:'/sport/app'},
-      {id:'kalendar', ic:'\u{1F4C5}', label:'Kalendar',      href:'/sport/app#kalendar'},
-      {id:'notif',    ic:'\u{1F514}', label:'Notifikacije',  href:'/sport/app#notif'}
+      {id:'profil',   ic:'\u{1F464}', label:'Moj profil',    href:'/app#profil'},
+      {id:'app',      ic:'\u{1F4F1}', label:'Aplikacija',    href:'/app'},
+      {id:'kalendar', ic:'\u{1F4C5}', label:'Kalendar',      href:'/app#kalendar'},
+      {id:'notif',    ic:'\u{1F514}', label:'Notifikacije',  href:'/app#notif'}
    ]},
    {title:'CRM', items: [
-      {id:'clanarine', ic:'\u{1F4B3}', label:'Članarine',  href:'/sport/crm#clanarine'},
-      {id:'lijecnicki',ic:'⚕',    label:'Liječnički', href:'/sport/crm#lijecnicki'},
-      {id:'obrasci',   ic:'\u{1F4CB}', label:'Obrasci',    href:'/sport/crm#obrasci'},
-      {id:'dokumenti', ic:'\u{1F4C4}', label:'Dokumenti',  href:'/sport/crm#dokumenti'}
+      {id:'clanarine', ic:'\u{1F4B3}', label:'Članarine',  href:'/crm#clanarine'},
+      {id:'lijecnicki',ic:'⚕',    label:'Liječnički', href:'/crm#lijecnicki'},
+      {id:'obrasci',   ic:'\u{1F4CB}', label:'Obrasci',    href:'/crm#obrasci'},
+      {id:'dokumenti', ic:'\u{1F4C4}', label:'Dokumenti',  href:'/crm#dokumenti'}
    ]},
    {title:'ERP', items: [
-      {id:'racuni',   ic:'\u{1F9FE}', label:'Računi (OCR)', href:'/sport/erp#racuni'},
-      {id:'putni',    ic:'✈',    label:'Putni nalozi', href:'/sport/erp#putni'},
-      {id:'placanja', ic:'\u{1F4B0}', label:'Plaćanja',     href:'/sport/erp#placanja'},
-      {id:'xlsx',     ic:'\u{1F4C8}', label:'XLSX export',  href:'/sport/erp#xlsx'}
+      {id:'racuni',   ic:'\u{1F9FE}', label:'Računi (OCR)', href:'/erp#racuni'},
+      {id:'putni',    ic:'✈',    label:'Putni nalozi', href:'/erp#putni'},
+      {id:'placanja', ic:'\u{1F4B0}', label:'Plaćanja',     href:'/erp#placanja'},
+      {id:'xlsx',     ic:'\u{1F4C8}', label:'XLSX export',  href:'/erp#xlsx'}
    ]},
    {title:'ANALITIKA', items: [
-      {id:'kpi',       ic:'\u{1F4C8}', label:'KPI Dashboard',  href:'/sport/kpi'},
-      {id:'financije', ic:'€',    label:'Financije',      href:'/sport/static/sport2.html#financije'},
-      {id:'mreza',     ic:'\u{1F578}', label:'Mreža (graf)',   href:'/sport/static/sport2.html#mreza'},
-      {id:'forenzika', ic:'⚠',    label:'Forenzika',      href:'/sport/static/sport2.html#forenzika'},
-      {id:'audit',     ic:'\u{1F512}', label:'Audit log',      href:'/sport/audit'}
+      {id:'kpi',       ic:'\u{1F4C8}', label:'KPI Dashboard',  href:'/kpi'},
+      {id:'financije', ic:'€',    label:'Financije',      href:'/static/sport2.html#financije'},
+      {id:'mreza',     ic:'\u{1F578}', label:'Mreža (graf)',   href:'/static/sport2.html#mreza'},
+      {id:'forenzika', ic:'⚠',    label:'Forenzika',      href:'/static/sport2.html#forenzika'},
+      {id:'audit',     ic:'\u{1F512}', label:'Audit log',      href:'/audit'}
    ]},
    {title:'ADMIN', requireRole:['pgz_admin','super_admin'], items: [
-      {id:'korisnici', ic:'\u{1F465}', label:'Korisnici', href:'/sport/admin#korisnici'},
-      {id:'tenanti',   ic:'\u{1F3E2}', label:'Tenanti',   href:'/sport/admin#tenanti'},
-      {id:'sigurnost', ic:'\u{1F6E1}', label:'Sigurnost', href:'/sport/admin#sigurnost'},
-      {id:'sustav',    ic:'⚙',    label:'Sustav',    href:'/sport/admin#sustav'}
+      {id:'korisnici', ic:'\u{1F465}', label:'Korisnici', href:'/admin#korisnici'},
+      {id:'tenanti',   ic:'\u{1F3E2}', label:'Tenanti',   href:'/admin#tenanti'},
+      {id:'sigurnost', ic:'\u{1F6E1}', label:'Sigurnost', href:'/admin#sigurnost'},
+      {id:'sustav',    ic:'⚙',    label:'Sustav',    href:'/admin#sustav'}
    ]}
  ];

@@ -144,11 +144,11 @@
        </div>
        <div class="caret">▾</div>
        <div class="pgz-user-menu" id="pgz-user-menu" onclick="event.stopPropagation()">
-          <a href="/sport/app#profil"><span>👤</span><span>Moj profil</span></a>
-          <a href="/sport/app#postavke"><span>⚙</span><span>Postavke</span></a>
-          <a href="/sport/static/sport2.html"><span>🌐</span><span>Public portal</span></a>
+          <a href="/app#profil"><span>👤</span><span>Moj profil</span></a>
+          <a href="/app#postavke"><span>⚙</span><span>Postavke</span></a>
+          <a href="/static/sport2.html"><span>🌐</span><span>Public portal</span></a>
          <div class="sep"></div>
-          <a href="/sport/login" id="pgz-menu-login"><span>🔑</span><span>Prijava</span></a>
+          <a href="/login" id="pgz-menu-login"><span>🔑</span><span>Prijava</span></a>
          <a class="danger" id="pgz-menu-logout" onclick="PGZSidebar.logout()" style="display:none"><span>⎋</span><span>Odjava</span></a>
        </div>
      </div>