Rename resources/scripts-v2 to resources/scripts and drop @v2 alias

Now that the legacy v1 frontend (commit 064bdf53) is gone, the v2 directory is the only frontend and the v2 suffix is just noise. Renames resources/scripts-v2 to resources/scripts via git mv (so git records the move as renames, preserving blame and log --follow), then bulk-rewrites the 152 files that imported via @v2/... to use @/scripts/... instead. The existing @ alias (resources/) covers the new path with no extra config needed.

Drops the now-unused @v2 alias from vite.config.js and points the laravel-vite-plugin entry at resources/scripts/main.ts. Updates the only blade reference (resources/views/app.blade.php) to match. The package.json test script (eslint ./resources/scripts) automatically targets the right place after the rename without any edit.

Verified: npm run build exits clean and the Vite warning lines now reference resources/scripts/plugins/i18n.ts, confirming every import resolved through the new path. git log --follow on any moved file walks back through its scripts-v2 history.

resources/scripts/router/guards.ts

@@ -0,0 +1,149 @@
+import type { NavigationGuardWithThis, RouteLocationNormalized } from 'vue-router'
+import { useUserStore } from '@/scripts/stores/user.store'
+import { useGlobalStore } from '@/scripts/stores/global.store'
+import { useCompanyStore } from '@/scripts/stores/company.store'
+import { useCustomerPortalStore } from '@/scripts/features/customer-portal/store'
+import { handleApiError } from '@/scripts/utils/error-handling'
+import { resolveCompanySlug } from '@/scripts/features/customer-portal/utils/routes'
+
+/**
+ * Main authentication and authorization guard.
+ *
+ * Handles:
+ * - Redirecting to the no-company view when no company is selected
+ *   (unless in admin mode or the user is a super admin visiting a
+ *   super-admin-only route).
+ * - Ability-based access control: redirects to account settings when
+ *   the current user lacks the required ability.
+ * - Super admin route protection: redirects non-super-admins to the
+ *   dashboard.
+ * - Owner route protection: redirects non-owners to the dashboard.
+ */
+export const authGuard: NavigationGuardWithThis<undefined> = (
+  to: RouteLocationNormalized
+) => {
+  if (to.meta.isCustomerPortal) {
+    return handleCustomerPortalRoute(to)
+  }
+
+  const userStore = useUserStore()
+  const globalStore = useGlobalStore()
+  const companyStore = useCompanyStore()
+
+  const { isAppLoaded } = globalStore
+  const ability = to.meta.ability
+
+  // Guard 1: no company selected -> redirect to no-company view
+  // Skip if the target IS the no-company view, or if we are in admin
+  // mode, or if the route is super-admin-only and the user qualifies.
+  if (isAppLoaded && to.meta.requiresAuth && to.name !== 'no.company') {
+    const isSuperAdminRoute =
+      to.meta.isSuperAdmin === true &&
+      currentUserIsSuperAdmin(userStore)
+
+    if (
+      !companyStore.selectedCompany &&
+      !companyStore.isAdminMode &&
+      !isSuperAdminRoute
+    ) {
+      return { name: 'no.company' }
+    }
+  }
+
+  // Guard 2: ability check
+  if (ability && isAppLoaded && to.meta.requiresAuth) {
+    if (!userStore.hasAbilities(ability)) {
+      return { name: 'settings.account' }
+    }
+    return
+  }
+
+  // Guard 3: super admin check
+  if (to.meta.isSuperAdmin && isAppLoaded) {
+    if (!currentUserIsSuperAdmin(userStore)) {
+      return { name: 'dashboard' }
+    }
+    return
+  }
+
+  // Guard 4: owner check
+  if (to.meta.isOwner && isAppLoaded) {
+    if (!currentUserIsOwner(userStore)) {
+      return { name: 'dashboard' }
+    }
+    return
+  }
+}
+
+// ---- helpers ----
+
+async function handleCustomerPortalRoute(
+  to: RouteLocationNormalized
+): Promise<{ name: string; params: { company: string } } | void> {
+  const customerPortalStore = useCustomerPortalStore()
+  const companySlug = resolveCompanySlug(to.params.company)
+
+  if (!companySlug) {
+    return
+  }
+
+  const isGuestRoute = to.meta.customerPortalGuest === true
+  const shouldBootstrap =
+    customerPortalStore.companySlug !== companySlug ||
+    !customerPortalStore.isAppLoaded ||
+    customerPortalStore.currentUser === null
+
+  if (!shouldBootstrap) {
+    if (isGuestRoute) {
+      return {
+        name: 'customer-portal.dashboard',
+        params: { company: companySlug },
+      }
+    }
+
+    return
+  }
+
+  try {
+    await customerPortalStore.bootstrap(companySlug)
+
+    if (isGuestRoute) {
+      return {
+        name: 'customer-portal.dashboard',
+        params: { company: companySlug },
+      }
+    }
+  } catch (err: unknown) {
+    customerPortalStore.resetState(companySlug)
+
+    if (isGuestRoute) {
+      return
+    }
+
+    const normalizedError = handleApiError(err)
+
+    if (normalizedError.isUnauthorized || normalizedError.statusCode === 401) {
+      return {
+        name: 'customer-portal.login',
+        params: { company: companySlug },
+      }
+    }
+
+    return {
+      name: 'customer-portal.login',
+      params: { company: companySlug },
+    }
+  }
+}
+
+function currentUserIsSuperAdmin(
+  userStore: ReturnType<typeof useUserStore>
+): boolean {
+  return userStore.currentUser?.is_super_admin ?? false
+}
+
+function currentUserIsOwner(
+  userStore: ReturnType<typeof useUserStore>
+): boolean {
+  return userStore.currentUser?.is_owner ?? false
+}

resources/scripts/router/index.ts

@@ -0,0 +1,111 @@
+import { createRouter, createWebHistory } from 'vue-router'
+import type { RouteRecordRaw } from 'vue-router'
+
+// Ensure route meta augmentation is loaded
+import './types'
+
+// Feature routes
+import { authRoutes } from '../features/auth/routes'
+import { adminRoutes } from '../features/admin/routes'
+import { installationRoutes } from '../features/installation/routes'
+import { customerPortalRoutes } from '../features/customer-portal/routes'
+
+// Company feature routes (children of /admin)
+import dashboardRoutes from '../features/company/dashboard/routes'
+import customerRoutes from '../features/company/customers/routes'
+import { invoiceRoutes } from '../features/company/invoices/routes'
+import { estimateRoutes } from '../features/company/estimates/routes'
+import { recurringInvoiceRoutes } from '../features/company/recurring-invoices/routes'
+import { paymentRoutes } from '../features/company/payments/routes'
+import { expenseRoutes } from '../features/company/expenses/routes'
+import itemRoutes from '../features/company/items/routes'
+import memberRoutes from '../features/company/members/routes'
+import reportRoutes from '../features/company/reports/routes'
+import settingsRoutes from '../features/company/settings/routes'
+import { moduleRoutes } from '../features/company/modules/routes'
+
+// Guard
+import { authGuard } from './guards'
+
+// Layouts (lazy-loaded)
+const CompanyLayout = () => import('../layouts/CompanyLayout.vue')
+const NotFoundView = () => import('../features/errors/NotFoundView.vue')
+const NoCompanyView = () => import('../features/company/NoCompanyView.vue')
+const InvoicePublicPage = () => import('../components/base/InvoicePublicPage.vue')
+
+/**
+ * All company-scoped children routes that live under `/admin` with
+ * the CompanyLayout wrapper. Each feature module exports its own
+ * route array; we merge them here.
+ */
+const companyChildren: RouteRecordRaw[] = [
+  // No-company fallback
+  {
+    path: 'no-company',
+    name: 'no.company',
+    component: NoCompanyView,
+  },
+  // Feature routes
+  ...dashboardRoutes,
+  ...customerRoutes,
+  ...invoiceRoutes,
+  ...estimateRoutes,
+  ...recurringInvoiceRoutes,
+  ...paymentRoutes,
+  ...expenseRoutes,
+  ...itemRoutes,
+  ...memberRoutes,
+  ...reportRoutes,
+  ...settingsRoutes,
+  ...moduleRoutes,
+]
+
+/**
+ * Top-level route definitions assembled from all feature modules.
+ */
+const routes: RouteRecordRaw[] = [
+  // Installation wizard (no auth)
+  ...installationRoutes,
+
+  // Public invoice view (no auth, no layout)
+  {
+    path: '/customer/invoices/view/:hash',
+    name: 'invoice.public',
+    component: InvoicePublicPage,
+  },
+
+  // Auth routes (login, register, forgot/reset password)
+  ...authRoutes,
+
+  // Admin area: company-scoped routes
+  {
+    path: '/admin',
+    component: CompanyLayout,
+    meta: { requiresAuth: true },
+    children: companyChildren,
+  },
+
+  // Admin area: super admin routes (separate top-level entry to keep
+  // the admin feature module self-contained)
+  ...adminRoutes,
+
+  // Customer portal
+  ...customerPortalRoutes,
+
+  // Catch-all 404
+  {
+    path: '/:catchAll(.*)',
+    name: 'not-found',
+    component: NotFoundView,
+  },
+]
+
+const router = createRouter({
+  history: createWebHistory(),
+  linkActiveClass: 'active',
+  routes,
+})
+
+router.beforeEach(authGuard)
+
+export default router

resources/scripts/router/types.ts

@@ -0,0 +1,16 @@
+import 'vue-router'
+
+declare module 'vue-router' {
+  interface RouteMeta {
+    requiresAuth?: boolean
+    ability?: string | string[]
+    isOwner?: boolean
+    isSuperAdmin?: boolean
+    usesAdminBootstrap?: boolean
+    redirectIfAuthenticated?: boolean
+    isCustomerPortal?: boolean
+    customerPortalGuest?: boolean
+    isInstallation?: boolean
+    title?: string
+  }
+}