chore(release): snapshot 1.4.2

2025-12-17 13:36:23 -03:00
parent 2a112f169d
commit 99d828869a
95 changed files with 9933 additions and 1601 deletions
--- a/backend/internal/api/handlers/backup.go
+++ b/backend/internal/api/handlers/backup.go
@@ -0,0 +1,264 @@
+package handlers
+
+import (
+	"encoding/json"
+	"fmt"
+	"io/ioutil"
+	"net/http"
+	"os"
+	"os/exec"
+	"path/filepath"
+	"sort"
+	"strings"
+	"time"
+)
+
+type BackupHandler struct {
+	backupDir string
+}
+
+type BackupInfo struct {
+	Filename  string `json:"filename"`
+	Size      string `json:"size"`
+	Date      string `json:"date"`
+	Timestamp string `json:"timestamp"`
+}
+
+func NewBackupHandler() *BackupHandler {
+	// Usa o caminho montado no container
+	backupDir := "/backups"
+	
+	// Garante que o diretório existe
+	if _, err := os.Stat(backupDir); os.IsNotExist(err) {
+		os.MkdirAll(backupDir, 0755)
+	}
+	
+	return &BackupHandler{
+		backupDir: backupDir,
+	}
+}
+
+// ListBackups lista todos os backups disponíveis
+func (h *BackupHandler) ListBackups(w http.ResponseWriter, r *http.Request) {
+	files, err := ioutil.ReadDir(h.backupDir)
+	if err != nil {
+		http.Error(w, "Error reading backups directory", http.StatusInternalServerError)
+		return
+	}
+
+	var backups []BackupInfo
+	for _, file := range files {
+		if strings.HasPrefix(file.Name(), "aggios_backup_") && strings.HasSuffix(file.Name(), ".sql") {
+			// Extrai timestamp do nome do arquivo
+			timestamp := strings.TrimPrefix(file.Name(), "aggios_backup_")
+			timestamp = strings.TrimSuffix(timestamp, ".sql")
+			
+			// Formata a data
+			t, _ := time.Parse("2006-01-02_15-04-05", timestamp)
+			dateStr := t.Format("02/01/2006 15:04:05")
+			
+			// Formata o tamanho
+			sizeMB := float64(file.Size()) / 1024
+			sizeStr := fmt.Sprintf("%.2f KB", sizeMB)
+			
+			backups = append(backups, BackupInfo{
+				Filename:  file.Name(),
+				Size:      sizeStr,
+				Date:      dateStr,
+				Timestamp: timestamp,
+			})
+		}
+	}
+	
+	// Ordena por data (mais recente primeiro)
+	sort.Slice(backups, func(i, j int) bool {
+		return backups[i].Timestamp > backups[j].Timestamp
+	})
+
+	w.Header().Set("Content-Type", "application/json")
+	json.NewEncoder(w).Encode(map[string]interface{}{
+		"backups": backups,
+	})
+}
+
+// CreateBackup cria um novo backup do banco de dados
+func (h *BackupHandler) CreateBackup(w http.ResponseWriter, r *http.Request) {
+	if r.Method != http.MethodPost {
+		http.Error(w, "Method not allowed", http.StatusMethodNotAllowed)
+		return
+	}
+
+	timestamp := time.Now().Format("2006-01-02_15-04-05")
+	filename := fmt.Sprintf("aggios_backup_%s.sql", timestamp)
+	filepath := filepath.Join(h.backupDir, filename)
+
+	// Usa pg_dump diretamente (backend e postgres estão na mesma rede docker)
+	dbPassword := os.Getenv("DB_PASSWORD")
+	if dbPassword == "" {
+		dbPassword = "A9g10s_S3cur3_P@ssw0rd_2025!"
+	}
+	
+	cmd := exec.Command("pg_dump", 
+		"-h", "postgres",
+		"-U", "aggios", 
+		"-d", "aggios_db",
+		"--no-password")
+	
+	// Define a variável de ambiente para a senha
+	cmd.Env = append(os.Environ(), fmt.Sprintf("PGPASSWORD=%s", dbPassword))
+	
+	output, err := cmd.Output()
+	if err != nil {
+		http.Error(w, fmt.Sprintf("Error creating backup: %v", err), http.StatusInternalServerError)
+		return
+	}
+
+	// Salva o backup no arquivo
+	err = ioutil.WriteFile(filepath, output, 0644)
+	if err != nil {
+		http.Error(w, fmt.Sprintf("Error saving backup: %v", err), http.StatusInternalServerError)
+		return
+	}
+
+	// Limpa backups antigos (mantém apenas os últimos 10)
+	h.cleanOldBackups()
+
+	fileInfo, _ := os.Stat(filepath)
+	sizeMB := float64(fileInfo.Size()) / 1024
+	sizeStr := fmt.Sprintf("%.2f KB", sizeMB)
+
+	w.Header().Set("Content-Type", "application/json")
+	json.NewEncoder(w).Encode(map[string]interface{}{
+		"message":  "Backup created successfully",
+		"filename": filename,
+		"size":     sizeStr,
+	})
+}
+
+// RestoreBackup restaura um backup específico
+func (h *BackupHandler) RestoreBackup(w http.ResponseWriter, r *http.Request) {
+	if r.Method != http.MethodPost {
+		http.Error(w, "Method not allowed", http.StatusMethodNotAllowed)
+		return
+	}
+
+	var req struct {
+		Filename string `json:"filename"`
+	}
+
+	if err := json.NewDecoder(r.Body).Decode(&req); err != nil {
+		http.Error(w, "Invalid request", http.StatusBadRequest)
+		return
+	}
+
+	if req.Filename == "" {
+		http.Error(w, "Filename is required", http.StatusBadRequest)
+		return
+	}
+
+	// Valida que o arquivo existe e está no diretório correto
+	backupPath := filepath.Join(h.backupDir, req.Filename)
+	if !strings.HasPrefix(backupPath, h.backupDir) {
+		http.Error(w, "Invalid filename", http.StatusBadRequest)
+		return
+	}
+
+	if _, err := os.Stat(backupPath); os.IsNotExist(err) {
+		http.Error(w, "Backup file not found", http.StatusNotFound)
+		return
+	}
+
+	// Lê o conteúdo do backup
+	backupContent, err := ioutil.ReadFile(backupPath)
+	if err != nil {
+		http.Error(w, fmt.Sprintf("Error reading backup: %v", err), http.StatusInternalServerError)
+		return
+	}
+
+	// Restaura o backup usando psql diretamente
+	dbPassword := os.Getenv("DB_PASSWORD")
+	if dbPassword == "" {
+		dbPassword = "A9g10s_S3cur3_P@ssw0rd_2025!"
+	}
+	
+	cmd := exec.Command("psql",
+		"-h", "postgres",
+		"-U", "aggios",
+		"-d", "aggios_db",
+		"--no-password")
+	cmd.Stdin = strings.NewReader(string(backupContent))
+	cmd.Env = append(os.Environ(), fmt.Sprintf("PGPASSWORD=%s", dbPassword))
+	
+	if err := cmd.Run(); err != nil {
+		http.Error(w, fmt.Sprintf("Error restoring backup: %v", err), http.StatusInternalServerError)
+		return
+	}
+
+	w.Header().Set("Content-Type", "application/json")
+	json.NewEncoder(w).Encode(map[string]interface{}{
+		"message": "Backup restored successfully",
+	})
+}
+
+// DownloadBackup permite fazer download de um backup
+func (h *BackupHandler) DownloadBackup(w http.ResponseWriter, r *http.Request) {
+	// Extrai o filename da URL
+	parts := strings.Split(r.URL.Path, "/")
+	filename := parts[len(parts)-1]
+
+	if filename == "" {
+		http.Error(w, "Filename is required", http.StatusBadRequest)
+		return
+	}
+
+	// Valida que o arquivo existe e está no diretório correto
+	backupPath := filepath.Join(h.backupDir, filename)
+	if !strings.HasPrefix(backupPath, h.backupDir) {
+		http.Error(w, "Invalid filename", http.StatusBadRequest)
+		return
+	}
+
+	if _, err := os.Stat(backupPath); os.IsNotExist(err) {
+		http.Error(w, "Backup file not found", http.StatusNotFound)
+		return
+	}
+
+	// Lê o arquivo
+	data, err := ioutil.ReadFile(backupPath)
+	if err != nil {
+		http.Error(w, "Error reading file", http.StatusInternalServerError)
+		return
+	}
+
+	// Define headers para download
+	w.Header().Set("Content-Type", "application/sql")
+	w.Header().Set("Content-Disposition", fmt.Sprintf("attachment; filename=%s", filename))
+	w.Write(data)
+}
+
+// cleanOldBackups mantém apenas os últimos 10 backups
+func (h *BackupHandler) cleanOldBackups() {
+	files, err := ioutil.ReadDir(h.backupDir)
+	if err != nil {
+		return
+	}
+
+	var backupFiles []os.FileInfo
+	for _, file := range files {
+		if strings.HasPrefix(file.Name(), "aggios_backup_") && strings.HasSuffix(file.Name(), ".sql") {
+			backupFiles = append(backupFiles, file)
+		}
+	}
+
+	// Ordena por data de modificação (mais recente primeiro)
+	sort.Slice(backupFiles, func(i, j int) bool {
+		return backupFiles[i].ModTime().After(backupFiles[j].ModTime())
+	})
+
+	// Remove backups antigos (mantém os 10 mais recentes)
+	if len(backupFiles) > 10 {
+		for _, file := range backupFiles[10:] {
+			os.Remove(filepath.Join(h.backupDir, file.Name()))
+		}
+	}
+}
--- a/backend/internal/api/handlers/crm.go
+++ b/backend/internal/api/handlers/crm.go
@@ -0,0 +1,470 @@
+package handlers
+
+import (
+	"aggios-app/backend/internal/domain"
+	"aggios-app/backend/internal/repository"
+	"aggios-app/backend/internal/api/middleware"
+	"encoding/json"
+	"log"
+	"net/http"
+
+	"github.com/google/uuid"
+	"github.com/gorilla/mux"
+)
+
+type CRMHandler struct {
+	repo *repository.CRMRepository
+}
+
+func NewCRMHandler(repo *repository.CRMRepository) *CRMHandler {
+	return &CRMHandler{repo: repo}
+}
+
+// ==================== CUSTOMERS ====================
+
+func (h *CRMHandler) CreateCustomer(w http.ResponseWriter, r *http.Request) {
+	tenantID, _ := r.Context().Value(middleware.TenantIDKey).(string)
+	userID, _ := r.Context().Value(middleware.UserIDKey).(string)
+	
+	if tenantID == "" {
+		w.Header().Set("Content-Type", "application/json")
+		w.WriteHeader(http.StatusBadRequest)
+		json.NewEncoder(w).Encode(map[string]string{
+			"error": "Missing tenant_id",
+		})
+		return
+	}
+
+	var customer domain.CRMCustomer
+	if err := json.NewDecoder(r.Body).Decode(&customer); err != nil {
+		w.Header().Set("Content-Type", "application/json")
+		w.WriteHeader(http.StatusBadRequest)
+		json.NewEncoder(w).Encode(map[string]string{
+			"error":   "Invalid request body",
+			"message": err.Error(),
+		})
+		return
+	}
+
+	customer.ID = uuid.New().String()
+	customer.TenantID = tenantID
+	customer.CreatedBy = userID
+	customer.IsActive = true
+
+	if err := h.repo.CreateCustomer(&customer); err != nil {
+		w.Header().Set("Content-Type", "application/json")
+		w.WriteHeader(http.StatusInternalServerError)
+		json.NewEncoder(w).Encode(map[string]string{
+			"error":   "Failed to create customer",
+			"message": err.Error(),
+		})
+		return
+	}
+
+	w.Header().Set("Content-Type", "application/json")
+	w.WriteHeader(http.StatusCreated)
+	json.NewEncoder(w).Encode(map[string]interface{}{
+		"customer": customer,
+	})
+}
+
+func (h *CRMHandler) GetCustomers(w http.ResponseWriter, r *http.Request) {
+	tenantID, _ := r.Context().Value(middleware.TenantIDKey).(string)
+	
+	if tenantID == "" {
+		w.Header().Set("Content-Type", "application/json")
+		w.WriteHeader(http.StatusBadRequest)
+		json.NewEncoder(w).Encode(map[string]string{
+			"error": "Missing tenant_id",
+		})
+		return
+	}
+
+	customers, err := h.repo.GetCustomersByTenant(tenantID)
+	if err != nil {
+		w.Header().Set("Content-Type", "application/json")
+		w.WriteHeader(http.StatusInternalServerError)
+		json.NewEncoder(w).Encode(map[string]string{
+			"error":   "Failed to fetch customers",
+			"message": err.Error(),
+		})
+		return
+	}
+
+	if customers == nil {
+		customers = []domain.CRMCustomer{}
+	}
+
+	w.Header().Set("Content-Type", "application/json")
+	json.NewEncoder(w).Encode(map[string]interface{}{
+		"customers": customers,
+	})
+}
+
+func (h *CRMHandler) GetCustomer(w http.ResponseWriter, r *http.Request) {
+	tenantID, _ := r.Context().Value(middleware.TenantIDKey).(string)
+	
+	if tenantID == "" {
+		w.Header().Set("Content-Type", "application/json")
+		w.WriteHeader(http.StatusBadRequest)
+		json.NewEncoder(w).Encode(map[string]string{
+			"error": "Missing tenant_id",
+		})
+		return
+	}
+	
+	vars := mux.Vars(r)
+	customerID := vars["id"]
+
+	customer, err := h.repo.GetCustomerByID(customerID, tenantID)
+	if err != nil {
+		w.Header().Set("Content-Type", "application/json")
+		w.WriteHeader(http.StatusNotFound)
+		json.NewEncoder(w).Encode(map[string]string{
+			"error":   "Customer not found",
+			"message": err.Error(),
+		})
+		return
+	}
+
+	// Buscar listas do cliente
+	lists, _ := h.repo.GetCustomerLists(customerID)
+	if lists == nil {
+		lists = []domain.CRMList{}
+	}
+
+	w.Header().Set("Content-Type", "application/json")
+	json.NewEncoder(w).Encode(map[string]interface{}{
+		"customer": customer,
+		"lists":    lists,
+	})
+}
+
+func (h *CRMHandler) UpdateCustomer(w http.ResponseWriter, r *http.Request) {
+	tenantID, _ := r.Context().Value(middleware.TenantIDKey).(string)
+	
+	if tenantID == "" {
+		w.Header().Set("Content-Type", "application/json")
+		w.WriteHeader(http.StatusBadRequest)
+		json.NewEncoder(w).Encode(map[string]string{
+			"error": "Missing tenant_id",
+		})
+		return
+	}
+	
+	vars := mux.Vars(r)
+	customerID := vars["id"]
+
+	var customer domain.CRMCustomer
+	if err := json.NewDecoder(r.Body).Decode(&customer); err != nil {
+		w.Header().Set("Content-Type", "application/json")
+		w.WriteHeader(http.StatusBadRequest)
+		json.NewEncoder(w).Encode(map[string]string{
+			"error":   "Invalid request body",
+			"message": err.Error(),
+		})
+		return
+	}
+
+	customer.ID = customerID
+	customer.TenantID = tenantID
+
+	if err := h.repo.UpdateCustomer(&customer); err != nil {
+		w.Header().Set("Content-Type", "application/json")
+		w.WriteHeader(http.StatusInternalServerError)
+		json.NewEncoder(w).Encode(map[string]string{
+			"error":   "Failed to update customer",
+			"message": err.Error(),
+		})
+		return
+	}
+
+	w.Header().Set("Content-Type", "application/json")
+	json.NewEncoder(w).Encode(map[string]string{
+		"message": "Customer updated successfully",
+	})
+}
+
+func (h *CRMHandler) DeleteCustomer(w http.ResponseWriter, r *http.Request) {
+	tenantID, _ := r.Context().Value(middleware.TenantIDKey).(string)
+	
+	if tenantID == "" {
+		w.Header().Set("Content-Type", "application/json")
+		w.WriteHeader(http.StatusBadRequest)
+		json.NewEncoder(w).Encode(map[string]string{
+			"error": "Missing tenant_id",
+		})
+		return
+	}
+	
+	vars := mux.Vars(r)
+	customerID := vars["id"]
+
+	if err := h.repo.DeleteCustomer(customerID, tenantID); err != nil {
+		w.Header().Set("Content-Type", "application/json")
+		w.WriteHeader(http.StatusInternalServerError)
+		json.NewEncoder(w).Encode(map[string]string{
+			"error":   "Failed to delete customer",
+			"message": err.Error(),
+		})
+		return
+	}
+
+	w.Header().Set("Content-Type", "application/json")
+	json.NewEncoder(w).Encode(map[string]string{
+		"message": "Customer deleted successfully",
+	})
+}
+
+// ==================== LISTS ====================
+
+func (h *CRMHandler) CreateList(w http.ResponseWriter, r *http.Request) {
+	tenantIDVal := r.Context().Value(middleware.TenantIDKey)
+	userIDVal := r.Context().Value(middleware.UserIDKey)
+	
+	log.Printf("🔍 CreateList DEBUG: tenantID type=%T value=%v | userID type=%T value=%v", 
+		tenantIDVal, tenantIDVal, userIDVal, userIDVal)
+	
+	tenantID, ok := tenantIDVal.(string)
+	if !ok || tenantID == "" {
+		log.Printf("❌ CreateList: Missing or invalid tenant_id")
+		w.Header().Set("Content-Type", "application/json")
+		w.WriteHeader(http.StatusBadRequest)
+		json.NewEncoder(w).Encode(map[string]string{
+			"error": "Missing tenant_id",
+		})
+		return
+	}
+	
+	userID, _ := userIDVal.(string)
+
+	var list domain.CRMList
+	if err := json.NewDecoder(r.Body).Decode(&list); err != nil {
+		w.Header().Set("Content-Type", "application/json")
+		w.WriteHeader(http.StatusBadRequest)
+		json.NewEncoder(w).Encode(map[string]string{
+			"error":   "Invalid request body",
+			"message": err.Error(),
+		})
+		return
+	}
+
+	list.ID = uuid.New().String()
+	list.TenantID = tenantID
+	list.CreatedBy = userID
+
+	if list.Color == "" {
+		list.Color = "#3b82f6"
+	}
+
+	if err := h.repo.CreateList(&list); err != nil {
+		w.Header().Set("Content-Type", "application/json")
+		w.WriteHeader(http.StatusInternalServerError)
+		json.NewEncoder(w).Encode(map[string]string{
+			"error":   "Failed to create list",
+			"message": err.Error(),
+		})
+		return
+	}
+
+	w.Header().Set("Content-Type", "application/json")
+	w.WriteHeader(http.StatusCreated)
+	json.NewEncoder(w).Encode(map[string]interface{}{
+		"list": list,
+	})
+}
+
+func (h *CRMHandler) GetLists(w http.ResponseWriter, r *http.Request) {
+	tenantID, _ := r.Context().Value(middleware.TenantIDKey).(string)
+	
+	if tenantID == "" {
+		w.Header().Set("Content-Type", "application/json")
+		w.WriteHeader(http.StatusBadRequest)
+		json.NewEncoder(w).Encode(map[string]string{
+			"error": "Missing tenant_id",
+		})
+		return
+	}
+
+	lists, err := h.repo.GetListsByTenant(tenantID)
+	if err != nil {
+		w.Header().Set("Content-Type", "application/json")
+		w.WriteHeader(http.StatusInternalServerError)
+		json.NewEncoder(w).Encode(map[string]string{
+			"error":   "Failed to fetch lists",
+			"message": err.Error(),
+		})
+		return
+	}
+
+	if lists == nil {
+		lists = []domain.CRMListWithCustomers{}
+	}
+
+	w.Header().Set("Content-Type", "application/json")
+	json.NewEncoder(w).Encode(map[string]interface{}{
+		"lists": lists,
+	})
+}
+
+func (h *CRMHandler) GetList(w http.ResponseWriter, r *http.Request) {
+	tenantID, _ := r.Context().Value(middleware.TenantIDKey).(string)
+	
+	if tenantID == "" {
+		w.Header().Set("Content-Type", "application/json")
+		w.WriteHeader(http.StatusBadRequest)
+		json.NewEncoder(w).Encode(map[string]string{
+			"error": "Missing tenant_id",
+		})
+		return
+	}
+	
+	vars := mux.Vars(r)
+	listID := vars["id"]
+
+	list, err := h.repo.GetListByID(listID, tenantID)
+	if err != nil {
+		w.Header().Set("Content-Type", "application/json")
+		w.WriteHeader(http.StatusNotFound)
+		json.NewEncoder(w).Encode(map[string]string{
+			"error":   "List not found",
+			"message": err.Error(),
+		})
+		return
+	}
+
+	// Buscar clientes da lista
+	customers, _ := h.repo.GetListCustomers(listID, tenantID)
+	if customers == nil {
+		customers = []domain.CRMCustomer{}
+	}
+
+	w.Header().Set("Content-Type", "application/json")
+	json.NewEncoder(w).Encode(map[string]interface{}{
+		"list":      list,
+		"customers": customers,
+	})
+}
+
+func (h *CRMHandler) UpdateList(w http.ResponseWriter, r *http.Request) {
+	tenantID, _ := r.Context().Value(middleware.TenantIDKey).(string)
+	
+	if tenantID == "" {
+		w.Header().Set("Content-Type", "application/json")
+		w.WriteHeader(http.StatusBadRequest)
+		json.NewEncoder(w).Encode(map[string]string{
+			"error": "Missing tenant_id",
+		})
+		return
+	}
+	
+	vars := mux.Vars(r)
+	listID := vars["id"]
+
+	var list domain.CRMList
+	if err := json.NewDecoder(r.Body).Decode(&list); err != nil {
+		w.Header().Set("Content-Type", "application/json")
+		w.WriteHeader(http.StatusBadRequest)
+		json.NewEncoder(w).Encode(map[string]string{
+			"error":   "Invalid request body",
+			"message": err.Error(),
+		})
+		return
+	}
+
+	list.ID = listID
+	list.TenantID = tenantID
+
+	if err := h.repo.UpdateList(&list); err != nil {
+		w.Header().Set("Content-Type", "application/json")
+		w.WriteHeader(http.StatusInternalServerError)
+		json.NewEncoder(w).Encode(map[string]string{
+			"error":   "Failed to update list",
+			"message": err.Error(),
+		})
+		return
+	}
+
+	w.Header().Set("Content-Type", "application/json")
+	json.NewEncoder(w).Encode(map[string]string{
+		"message": "List updated successfully",
+	})
+}
+
+func (h *CRMHandler) DeleteList(w http.ResponseWriter, r *http.Request) {
+	tenantID, _ := r.Context().Value(middleware.TenantIDKey).(string)
+	
+	if tenantID == "" {
+		w.Header().Set("Content-Type", "application/json")
+		w.WriteHeader(http.StatusBadRequest)
+		json.NewEncoder(w).Encode(map[string]string{
+			"error": "Missing tenant_id",
+		})
+		return
+	}
+	
+	vars := mux.Vars(r)
+	listID := vars["id"]
+
+	if err := h.repo.DeleteList(listID, tenantID); err != nil {
+		w.Header().Set("Content-Type", "application/json")
+		w.WriteHeader(http.StatusInternalServerError)
+		json.NewEncoder(w).Encode(map[string]string{
+			"error":   "Failed to delete list",
+			"message": err.Error(),
+		})
+		return
+	}
+
+	w.Header().Set("Content-Type", "application/json")
+	json.NewEncoder(w).Encode(map[string]string{
+		"message": "List deleted successfully",
+	})
+}
+
+// ==================== CUSTOMER <-> LIST ====================
+
+func (h *CRMHandler) AddCustomerToList(w http.ResponseWriter, r *http.Request) {
+	userID, _ := r.Context().Value(middleware.UserIDKey).(string)
+	
+	vars := mux.Vars(r)
+	customerID := vars["customer_id"]
+	listID := vars["list_id"]
+
+	if err := h.repo.AddCustomerToList(customerID, listID, userID); err != nil {
+		w.Header().Set("Content-Type", "application/json")
+		w.WriteHeader(http.StatusInternalServerError)
+		json.NewEncoder(w).Encode(map[string]string{
+			"error":   "Failed to add customer to list",
+			"message": err.Error(),
+		})
+		return
+	}
+
+	w.Header().Set("Content-Type", "application/json")
+	json.NewEncoder(w).Encode(map[string]string{
+		"message": "Customer added to list successfully",
+	})
+}
+
+func (h *CRMHandler) RemoveCustomerFromList(w http.ResponseWriter, r *http.Request) {
+	vars := mux.Vars(r)
+	customerID := vars["customer_id"]
+	listID := vars["list_id"]
+
+	if err := h.repo.RemoveCustomerFromList(customerID, listID); err != nil {
+		w.Header().Set("Content-Type", "application/json")
+		w.WriteHeader(http.StatusInternalServerError)
+		json.NewEncoder(w).Encode(map[string]string{
+			"error":   "Failed to remove customer from list",
+			"message": err.Error(),
+		})
+		return
+	}
+
+	w.Header().Set("Content-Type", "application/json")
+	json.NewEncoder(w).Encode(map[string]string{
+		"message": "Customer removed from list successfully",
+	})
+}
+
--- a/backend/internal/api/handlers/plan.go
+++ b/backend/internal/api/handlers/plan.go
@@ -46,20 +46,26 @@ func (h *PlanHandler) CreatePlan(w http.ResponseWriter, r *http.Request) {
 	var req domain.CreatePlanRequest
 	if err := json.NewDecoder(r.Body).Decode(&req); err != nil {
 		log.Printf("❌ Invalid request body: %v", err)
-		http.Error(w, "Invalid request body", http.StatusBadRequest)
+		w.Header().Set("Content-Type", "application/json")
+		w.WriteHeader(http.StatusBadRequest)
+		json.NewEncoder(w).Encode(map[string]string{"error": "Invalid request body", "message": err.Error()})
 		return
 	}

 	plan, err := h.planService.CreatePlan(&req)
 	if err != nil {
 		log.Printf("❌ Error creating plan: %v", err)
+		w.Header().Set("Content-Type", "application/json")
 		switch err {
 		case service.ErrPlanSlugTaken:
-			http.Error(w, err.Error(), http.StatusConflict)
+			w.WriteHeader(http.StatusConflict)
+			json.NewEncoder(w).Encode(map[string]string{"error": "Slug already taken", "message": err.Error()})
 		case service.ErrInvalidUserRange:
-			http.Error(w, err.Error(), http.StatusBadRequest)
+			w.WriteHeader(http.StatusBadRequest)
+			json.NewEncoder(w).Encode(map[string]string{"error": "Invalid user range", "message": err.Error()})
 		default:
-			http.Error(w, "Internal server error", http.StatusInternalServerError)
+			w.WriteHeader(http.StatusInternalServerError)
+			json.NewEncoder(w).Encode(map[string]string{"error": "Internal server error", "message": err.Error()})
 		}
 		return
 	}
--- a/backend/internal/api/handlers/solution.go
+++ b/backend/internal/api/handlers/solution.go
@@ -0,0 +1,252 @@
+package handlers
+
+import (
+	"aggios-app/backend/internal/domain"
+	"aggios-app/backend/internal/repository"
+	"aggios-app/backend/internal/api/middleware"
+	"encoding/json"
+	"log"
+	"net/http"
+
+	"github.com/google/uuid"
+	"github.com/gorilla/mux"
+)
+
+type SolutionHandler struct {
+	repo *repository.SolutionRepository
+}
+
+func NewSolutionHandler(repo *repository.SolutionRepository) *SolutionHandler {
+	return &SolutionHandler{repo: repo}
+}
+
+// ==================== CRUD SOLUTIONS (SUPERADMIN) ====================
+
+func (h *SolutionHandler) CreateSolution(w http.ResponseWriter, r *http.Request) {
+	var solution domain.Solution
+	if err := json.NewDecoder(r.Body).Decode(&solution); err != nil {
+		w.Header().Set("Content-Type", "application/json")
+		w.WriteHeader(http.StatusBadRequest)
+		json.NewEncoder(w).Encode(map[string]string{
+			"error":   "Invalid request body",
+			"message": err.Error(),
+		})
+		return
+	}
+
+	solution.ID = uuid.New().String()
+
+	if err := h.repo.CreateSolution(&solution); err != nil {
+		w.Header().Set("Content-Type", "application/json")
+		w.WriteHeader(http.StatusInternalServerError)
+		json.NewEncoder(w).Encode(map[string]string{
+			"error":   "Failed to create solution",
+			"message": err.Error(),
+		})
+		return
+	}
+
+	w.Header().Set("Content-Type", "application/json")
+	w.WriteHeader(http.StatusCreated)
+	json.NewEncoder(w).Encode(map[string]interface{}{
+		"solution": solution,
+	})
+}
+
+func (h *SolutionHandler) GetAllSolutions(w http.ResponseWriter, r *http.Request) {
+	solutions, err := h.repo.GetAllSolutions()
+	if err != nil {
+		w.Header().Set("Content-Type", "application/json")
+		w.WriteHeader(http.StatusInternalServerError)
+		json.NewEncoder(w).Encode(map[string]string{
+			"error":   "Failed to fetch solutions",
+			"message": err.Error(),
+		})
+		return
+	}
+
+	if solutions == nil {
+		solutions = []domain.Solution{}
+	}
+
+	w.Header().Set("Content-Type", "application/json")
+	json.NewEncoder(w).Encode(map[string]interface{}{
+		"solutions": solutions,
+	})
+}
+
+func (h *SolutionHandler) GetSolution(w http.ResponseWriter, r *http.Request) {
+	vars := mux.Vars(r)
+	solutionID := vars["id"]
+
+	solution, err := h.repo.GetSolutionByID(solutionID)
+	if err != nil {
+		w.Header().Set("Content-Type", "application/json")
+		w.WriteHeader(http.StatusNotFound)
+		json.NewEncoder(w).Encode(map[string]string{
+			"error":   "Solution not found",
+			"message": err.Error(),
+		})
+		return
+	}
+
+	w.Header().Set("Content-Type", "application/json")
+	json.NewEncoder(w).Encode(map[string]interface{}{
+		"solution": solution,
+	})
+}
+
+func (h *SolutionHandler) UpdateSolution(w http.ResponseWriter, r *http.Request) {
+	vars := mux.Vars(r)
+	solutionID := vars["id"]
+
+	var solution domain.Solution
+	if err := json.NewDecoder(r.Body).Decode(&solution); err != nil {
+		w.Header().Set("Content-Type", "application/json")
+		w.WriteHeader(http.StatusBadRequest)
+		json.NewEncoder(w).Encode(map[string]string{
+			"error":   "Invalid request body",
+			"message": err.Error(),
+		})
+		return
+	}
+
+	solution.ID = solutionID
+
+	if err := h.repo.UpdateSolution(&solution); err != nil {
+		w.Header().Set("Content-Type", "application/json")
+		w.WriteHeader(http.StatusInternalServerError)
+		json.NewEncoder(w).Encode(map[string]string{
+			"error":   "Failed to update solution",
+			"message": err.Error(),
+		})
+		return
+	}
+
+	w.Header().Set("Content-Type", "application/json")
+	json.NewEncoder(w).Encode(map[string]string{
+		"message": "Solution updated successfully",
+	})
+}
+
+func (h *SolutionHandler) DeleteSolution(w http.ResponseWriter, r *http.Request) {
+	vars := mux.Vars(r)
+	solutionID := vars["id"]
+
+	if err := h.repo.DeleteSolution(solutionID); err != nil {
+		w.Header().Set("Content-Type", "application/json")
+		w.WriteHeader(http.StatusInternalServerError)
+		json.NewEncoder(w).Encode(map[string]string{
+			"error":   "Failed to delete solution",
+			"message": err.Error(),
+		})
+		return
+	}
+
+	w.Header().Set("Content-Type", "application/json")
+	json.NewEncoder(w).Encode(map[string]string{
+		"message": "Solution deleted successfully",
+	})
+}
+
+// ==================== TENANT SOLUTIONS (AGENCY) ====================
+
+func (h *SolutionHandler) GetTenantSolutions(w http.ResponseWriter, r *http.Request) {
+	tenantID, _ := r.Context().Value(middleware.TenantIDKey).(string)
+	
+	log.Printf("🔍 GetTenantSolutions: tenantID=%s", tenantID)
+	
+	if tenantID == "" {
+		log.Printf("❌ GetTenantSolutions: Missing tenant_id")
+		w.Header().Set("Content-Type", "application/json")
+		w.WriteHeader(http.StatusBadRequest)
+		json.NewEncoder(w).Encode(map[string]string{
+			"error": "Missing tenant_id",
+		})
+		return
+	}
+
+	solutions, err := h.repo.GetTenantSolutions(tenantID)
+	if err != nil {
+		log.Printf("❌ GetTenantSolutions: Error fetching solutions: %v", err)
+		w.Header().Set("Content-Type", "application/json")
+		w.WriteHeader(http.StatusInternalServerError)
+		json.NewEncoder(w).Encode(map[string]string{
+			"error":   "Failed to fetch solutions",
+			"message": err.Error(),
+		})
+		return
+	}
+
+	log.Printf("✅ GetTenantSolutions: Found %d solutions for tenant %s", len(solutions), tenantID)
+
+	if solutions == nil {
+		solutions = []domain.Solution{}
+	}
+
+	w.Header().Set("Content-Type", "application/json")
+	json.NewEncoder(w).Encode(map[string]interface{}{
+		"solutions": solutions,
+	})
+}
+
+// ==================== PLAN SOLUTIONS ====================
+
+func (h *SolutionHandler) GetPlanSolutions(w http.ResponseWriter, r *http.Request) {
+	vars := mux.Vars(r)
+	planID := vars["plan_id"]
+
+	solutions, err := h.repo.GetPlanSolutions(planID)
+	if err != nil {
+		w.Header().Set("Content-Type", "application/json")
+		w.WriteHeader(http.StatusInternalServerError)
+		json.NewEncoder(w).Encode(map[string]string{
+			"error":   "Failed to fetch plan solutions",
+			"message": err.Error(),
+		})
+		return
+	}
+
+	if solutions == nil {
+		solutions = []domain.Solution{}
+	}
+
+	w.Header().Set("Content-Type", "application/json")
+	json.NewEncoder(w).Encode(map[string]interface{}{
+		"solutions": solutions,
+	})
+}
+
+func (h *SolutionHandler) SetPlanSolutions(w http.ResponseWriter, r *http.Request) {
+	vars := mux.Vars(r)
+	planID := vars["plan_id"]
+
+	var req struct {
+		SolutionIDs []string `json:"solution_ids"`
+	}
+
+	if err := json.NewDecoder(r.Body).Decode(&req); err != nil {
+		w.Header().Set("Content-Type", "application/json")
+		w.WriteHeader(http.StatusBadRequest)
+		json.NewEncoder(w).Encode(map[string]string{
+			"error":   "Invalid request body",
+			"message": err.Error(),
+		})
+		return
+	}
+
+	if err := h.repo.SetPlanSolutions(planID, req.SolutionIDs); err != nil {
+		w.Header().Set("Content-Type", "application/json")
+		w.WriteHeader(http.StatusInternalServerError)
+		json.NewEncoder(w).Encode(map[string]string{
+			"error":   "Failed to update plan solutions",
+			"message": err.Error(),
+		})
+		return
+	}
+
+	w.Header().Set("Content-Type", "application/json")
+	json.NewEncoder(w).Encode(map[string]string{
+		"message": "Plan solutions updated successfully",
+	})
+}
--- a/backend/internal/api/handlers/tenant.go
+++ b/backend/internal/api/handlers/tenant.go
@@ -5,7 +5,6 @@ import (
 	"log"
 	"net/http"

-	"aggios-app/backend/internal/domain"
 	"aggios-app/backend/internal/service"
 )

@@ -28,14 +27,15 @@ func (h *TenantHandler) ListAll(w http.ResponseWriter, r *http.Request) {
 		return
 	}

-	tenants, err := h.tenantService.ListAll()
+	tenants, err := h.tenantService.ListAllWithDetails()
 	if err != nil {
+		log.Printf("Error listing tenants with details: %v", err)
 		http.Error(w, "Internal server error", http.StatusInternalServerError)
 		return
 	}

 	if tenants == nil {
-		tenants = []*domain.Tenant{}
+		tenants = []map[string]interface{}{}
 	}

 	w.Header().Set("Content-Type", "application/json; charset=utf-8")