npm - @flowselections/floriday-klanten-module - Versions diffs - 1.0.0 - Mend

@flowselections/floriday-klanten-module 1.0.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (71) hide show

package/dist-lib/_core-safelist.d.ts +2 -0
package/dist-lib/_core-safelist.d.ts.map +1 -0
package/dist-lib/_core-safelist.js +15 -0
package/dist-lib/components/CustomerAvatar.d.ts +7 -0
package/dist-lib/components/CustomerAvatar.d.ts.map +1 -0
package/dist-lib/components/CustomerAvatar.js +18 -0
package/dist-lib/components/TemplatePage.d.ts +2 -0
package/dist-lib/components/TemplatePage.d.ts.map +1 -0
package/dist-lib/components/TemplatePage.js +4 -0
package/dist-lib/components/settings/CustomerFieldsCard.d.ts +2 -0
package/dist-lib/components/settings/CustomerFieldsCard.d.ts.map +1 -0
package/dist-lib/components/settings/CustomerFieldsCard.js +59 -0
package/dist-lib/index.d.ts +5 -0
package/dist-lib/index.d.ts.map +1 -0
package/dist-lib/index.js +32 -0
package/dist-lib/integrations/supabase/auth-attacher.d.ts +2 -0
package/dist-lib/integrations/supabase/auth-attacher.d.ts.map +1 -0
package/dist-lib/integrations/supabase/auth-attacher.js +12 -0
package/dist-lib/integrations/supabase/auth-middleware.d.ts +1560 -0
package/dist-lib/integrations/supabase/auth-middleware.d.ts.map +1 -0
package/dist-lib/integrations/supabase/auth-middleware.js +52 -0
package/dist-lib/integrations/supabase/client.d.ts +1556 -0
package/dist-lib/integrations/supabase/client.d.ts.map +1 -0
package/dist-lib/integrations/supabase/client.js +28 -0
package/dist-lib/integrations/supabase/client.server.d.ts +1556 -0
package/dist-lib/integrations/supabase/client.server.d.ts.map +1 -0
package/dist-lib/integrations/supabase/client.server.js +50 -0
package/dist-lib/integrations/supabase/types.d.ts +1656 -0
package/dist-lib/integrations/supabase/types.d.ts.map +1 -0
package/dist-lib/integrations/supabase/types.js +8 -0
package/dist-lib/lib/accounting/exact/client.server.d.ts +37 -0
package/dist-lib/lib/accounting/exact/client.server.d.ts.map +1 -0
package/dist-lib/lib/accounting/exact/client.server.js +160 -0
package/dist-lib/lib/accounting/exact/mapping.d.ts +39 -0
package/dist-lib/lib/accounting/exact/mapping.d.ts.map +1 -0
package/dist-lib/lib/accounting/exact/mapping.js +45 -0
package/dist-lib/lib/accounting/exact/sync.server.d.ts +4 -0
package/dist-lib/lib/accounting/exact/sync.server.d.ts.map +1 -0
package/dist-lib/lib/accounting/exact/sync.server.js +181 -0
package/dist-lib/lib/accounting/floriday/sync.server.d.ts +3 -0
package/dist-lib/lib/accounting/floriday/sync.server.d.ts.map +1 -0
package/dist-lib/lib/accounting/floriday/sync.server.js +17 -0
package/dist-lib/lib/accounting/registry.server.d.ts +4 -0
package/dist-lib/lib/accounting/registry.server.d.ts.map +1 -0
package/dist-lib/lib/accounting/registry.server.js +9 -0
package/dist-lib/lib/accounting/types.d.ts +24 -0
package/dist-lib/lib/accounting/types.d.ts.map +1 -0
package/dist-lib/lib/accounting/types.js +4 -0
package/dist-lib/lib/accounting.functions.d.ts +4682 -0
package/dist-lib/lib/accounting.functions.d.ts.map +1 -0
package/dist-lib/lib/accounting.functions.js +50 -0
package/dist-lib/lib/crypto.server.d.ts +10 -0
package/dist-lib/lib/crypto.server.d.ts.map +1 -0
package/dist-lib/lib/crypto.server.js +61 -0
package/dist-lib/lib/customer-schemas.d.ts +53 -0
package/dist-lib/lib/customer-schemas.d.ts.map +1 -0
package/dist-lib/lib/customer-schemas.js +31 -0
package/dist-lib/lib/customers.functions.d.ts +15904 -0
package/dist-lib/lib/customers.functions.d.ts.map +1 -0
package/dist-lib/lib/customers.functions.js +251 -0
package/dist-lib/lib/floriday.server.d.ts +55 -0
package/dist-lib/lib/floriday.server.d.ts.map +1 -0
package/dist-lib/lib/floriday.server.js +765 -0
package/dist-lib/lib/utils.d.ts +3 -0
package/dist-lib/lib/utils.d.ts.map +1 -0
package/dist-lib/lib/utils.js +5 -0
package/dist-lib/lib/validationSchemas.d.ts +15 -0
package/dist-lib/lib/validationSchemas.d.ts.map +1 -0
package/dist-lib/lib/validationSchemas.js +25 -0
package/dist-lib/styles.css +1 -0
package/package.json +74 -0

package/dist-lib/lib/floriday.server.js ADDED Viewed

@@ -0,0 +1,765 @@
+// Server-only Floriday API helper. NEVER import from client-side code.
+import { supabaseAdmin } from "@/integrations/supabase/client.server";
+const FLORIDAY_BASE_URLS = {
+    staging: "https://api.staging.floriday.io/suppliers-api-2026v1",
+    production: "https://api.floriday.io/suppliers-api-2026v1",
+    acceptance: "https://api.acceptance.floriday.io/suppliers-api-2026v1",
+};
+const FLORIDAY_TOKEN_URLS = {
+    staging: "https://idm.staging.floriday.io/oauth2/ausmw6b47z1BnlHkw0h7/v1/token",
+    production: "https://idm.floriday.io/oauth2/aus3testdcf2vyfs70i7/v1/token",
+    acceptance: "https://idm.staging.floriday.io/oauth2/ausmw6b47z1BnlHkw0h7/v1/token",
+};
+const FLORIDAY_SCOPE = "role:app organization:read network:read catalog:read supply:read sales-order:read delivery-conditions:read fulfillment:read";
+function baseUrlFor(environment) {
+    return FLORIDAY_BASE_URLS[environment] ?? FLORIDAY_BASE_URLS.staging;
+}
+async function refreshAccessToken(conn) {
+    const params = new URLSearchParams({
+        grant_type: "client_credentials",
+        client_id: conn.client_id,
+        client_secret: conn.client_secret,
+        scope: FLORIDAY_SCOPE,
+    });
+    const res = await fetch(FLORIDAY_TOKEN_URLS[conn.environment] ?? FLORIDAY_TOKEN_URLS.staging, {
+        method: "POST",
+        headers: {
+            Accept: "application/json",
+            "Content-Type": "application/x-www-form-urlencoded",
+        },
+        body: params.toString(),
+    });
+    if (!res.ok) {
+        throw new Error(`Token refresh failed (${res.status}): ${await res.text()}`);
+    }
+    const data = (await res.json());
+    const expiresAt = new Date(Date.now() + (data.expires_in - 60) * 1000);
+    await supabaseAdmin
+        .from("floriday_connections")
+        .update({
+        access_token: data.access_token,
+        token_expires_at: expiresAt.toISOString(),
+    })
+        .eq("id", conn.id);
+    return data.access_token;
+}
+async function ensureValidToken(conn) {
+    const expiresAt = conn.token_expires_at ? new Date(conn.token_expires_at) : null;
+    const validForOneMin = expiresAt && expiresAt.getTime() > Date.now() + 60000;
+    if (conn.access_token && validForOneMin) {
+        return conn.access_token;
+    }
+    return refreshAccessToken(conn);
+}
+async function fetchWithRetry(url, init, attempts = 3) {
+    let lastErr = null;
+    for (let i = 0; i < attempts; i++) {
+        try {
+            const res = await fetch(url, init);
+            if (res.ok || (res.status >= 400 && res.status < 500 && res.status !== 429)) {
+                return res;
+            }
+            lastErr = new Error(`HTTP ${res.status}`);
+        }
+        catch (err) {
+            lastErr = err;
+        }
+        await new Promise((r) => setTimeout(r, [1000, 3000, 9000][i] ?? 9000));
+    }
+    throw lastErr instanceof Error ? lastErr : new Error("Request failed");
+}
+function mapFloridayPartner(raw, connectionId) {
+    const orgId = raw?.organizationId ?? raw?.id ?? raw?.tradePartnerId;
+    if (!orgId)
+        return null;
+    const addr = raw?.physicalAddress ??
+        raw?.mailingAddress ??
+        raw?.address ??
+        raw?.addresses?.[0] ??
+        {};
+    const contact = raw?.contactPerson ?? raw?.contactPersons?.[0] ?? {};
+    const contactInfo = raw?.contactInformation ??
+        raw?.contactInfo ??
+        raw?.contact ??
+        {};
+    const primaryContact = raw?.primaryContact ??
+        raw?.generalContact ??
+        raw?.mainContact ??
+        {};
+    const name = raw?.organizationName ??
+        raw?.name ??
+        raw?.commercialName ??
+        (raw?.companyGln ? `Floriday-organisatie ${raw.companyGln}` : null) ??
+        `Floriday-organisatie ${String(orgId).slice(0, 8)}`;
+    const toArr = (v) => Array.isArray(v) ? v.map((x) => String(x)).filter(Boolean) : [];
+    const pick = (...vals) => {
+        for (const v of vals) {
+            if (typeof v === "string" && v.trim().length > 0)
+                return v.trim();
+            if (typeof v === "number")
+                return String(v);
+        }
+        return null;
+    };
+    const customFields = {};
+    const rfhRelationId = pick(raw?.rfhRelationId, raw?.rfhRelationNumber, raw?.rfhCompanyAccountId);
+    if (rfhRelationId)
+        customFields.rfh_relation_id = rfhRelationId;
+    if (raw?.plantionRegistrationNumber)
+        customFields.plantion_registration_number = raw.plantionRegistrationNumber;
+    return {
+        organization_id: String(orgId),
+        connection_id: connectionId,
+        company_name: name,
+        vat_number: pick(raw?.vatNumber, raw?.taxNumber, raw?.chamberOfCommerceNumber, raw?.kvkNumber),
+        email: pick(raw?.email, raw?.emailAddress, contactInfo?.email, contactInfo?.emailAddress, primaryContact?.email, primaryContact?.emailAddress, contact?.email, contact?.emailAddress),
+        phone: pick(raw?.phoneNumber, raw?.phone, raw?.telephoneNumber, contactInfo?.phoneNumber, contactInfo?.phone, primaryContact?.phoneNumber, primaryContact?.phone, contact?.phoneNumber, contact?.phone),
+        contact_person: contact?.fullName ??
+            ([contact?.firstName, contact?.lastName].filter(Boolean).join(" ") ||
+                null),
+        street: addr?.streetName ?? addr?.street ?? addr?.addressLine ?? null,
+        house_number: addr?.houseNumber ?? null,
+        postal_code: addr?.postalCode ?? addr?.zipCode ?? null,
+        city: addr?.city ?? null,
+        country: addr?.countryCode ?? addr?.country ?? null,
+        gln: raw?.companyGln ?? raw?.gln ?? null,
+        commercial_name: raw?.commercialName ?? null,
+        bio: raw?.bio ?? raw?.description ?? null,
+        segments: toArr(raw?.segments ?? raw?.buyerSegments),
+        trade_forms: toArr(raw?.tradeForms ?? raw?.tradeForm),
+        markets: toArr(raw?.markets ?? raw?.salesMarkets),
+        product_groups: toArr(raw?.productGroups),
+        payment_methods: toArr(raw?.paymentProviders ?? raw?.paymentMethods),
+        organization_type: raw?.organizationType ?? null,
+        website: pick(raw?.website, raw?.websiteUrl, raw?.url, contactInfo?.website, contactInfo?.websiteUrl),
+        logo_url: raw?.logoUrl ?? null,
+        custom_fields: customFields,
+        raw,
+    };
+}
+/**
+ * Realtime sync — alleen handelsrelaties (trade-partners) van elke actieve
+ * connectie. Dit is wat de "Synchroniseer Floriday"-knop aanroept en wat de
+ * uurlijkse token-cron triggert. Het volledige Floriday-netwerk wordt apart
+ * 's nachts gesynchroniseerd via syncFloridayNetwork().
+ */
+export async function syncAllFloridayCustomers() {
+    const { data: settings } = await supabaseAdmin
+        .from("floriday_settings")
+        .select("active_environment")
+        .eq("id", 1)
+        .maybeSingle();
+    const activeEnv = settings?.active_environment ?? "staging";
+    const { data: connections, error } = await supabaseAdmin
+        .from("floriday_connections")
+        .select("*")
+        .eq("is_active", true)
+        .eq("environment", activeEnv);
+    if (error) {
+        const hint = error.message?.toLowerCase().includes("invalid api key")
+            ? ' (Het secret SB_SERVICE_ROLE_KEY lijkt ongeldig — controleer of de service_role key uit Supabase → Project Settings → API is ingeplakt.)'
+            : "";
+        throw new Error(`Supabase-fout bij ophalen Floriday-verbindingen: ${error.message}${hint}`);
+    }
+    const errors = [];
+    let totalSynced = 0;
+    for (const conn of connections ?? []) {
+        try {
+            const token = await ensureValidToken(conn);
+            const base = baseUrlFor(conn.environment);
+            // Reset connection_status voor deze connectie. De upsert hieronder
+            // zet alleen de daadwerkelijke trade-partners weer op 'connected',
+            // zodat klanten die uit Floriday zijn verwijderd automatisch uit
+            // de klantenlijst verdwijnen (history blijft behouden).
+            await supabaseAdmin
+                .from("customers")
+                .update({ connection_status: "none" })
+                .eq("floriday_connection_id", conn.id)
+                .eq("source", "floriday");
+            // In de Suppliers API (2026v1) bestaan géén /customers of
+            // /trade-partners endpoints. Handelsrelaties worden uitgedrukt als
+            // Connections: GET /connections/sync/{seq} geeft alle actieve
+            // connecties van deze supplier-organisatie, waarbij elke connectie
+            // verwijst naar een customerOrganizationId. Voor de volledige
+            // klantgegevens halen we vervolgens GET /organizations/{id} op.
+            const headers = {
+                Authorization: `Bearer ${token}`,
+                "X-Api-Key": conn.api_key,
+                Accept: "application/json",
+            };
+            // 1) Haal alle connecties op (sequence-paged, 1000 per pagina).
+            const allConnections = [];
+            let seq = 0;
+            // veiligheidslimiet — voorkomt oneindige loop bij API-bugs.
+            for (let page = 0; page < 50; page++) {
+                const url = `${base}/connections/sync/${seq}?limitResult=1000`;
+                const res = await fetchWithRetry(url, { headers });
+                if (!res.ok) {
+                    const body = await res.text().catch(() => "");
+                    throw new Error(`GET /connections/sync/${seq} → HTTP ${res.status}${body ? `: ${body.slice(0, 300)}` : ""}`);
+                }
+                const json = await res.json();
+                const items = Array.isArray(json)
+                    ? json
+                    : Array.isArray(json?.results)
+                        ? json.results
+                        : Array.isArray(json?.items)
+                            ? json.items
+                            : [];
+                if (items.length === 0)
+                    break;
+                allConnections.push(...items);
+                const lastSeq = items
+                    .map((c) => Number(c?.sequenceNumber ?? c?.sequence ?? 0))
+                    .filter((n) => Number.isFinite(n) && n > 0)
+                    .reduce((a, b) => Math.max(a, b), 0);
+                if (!lastSeq || lastSeq <= seq)
+                    break;
+                seq = lastSeq;
+            }
+            // 2) Filter op actieve connecties + unieke customer organization IDs.
+            const customerOrgIds = Array.from(new Set(allConnections
+                .filter((c) => {
+                // Het Suppliers-API 2026v1 /connections/sync endpoint geeft
+                // alleen { customerOrganizationId, lastModifiedDateTime,
+                // isDeleted, sequenceNumber } terug — geen status-veld.
+                // Een connectie is actief zolang isDeleted=false.
+                if (c?.isDeleted === true)
+                    return false;
+                // endDate is optioneel; als die in het verleden ligt is de
+                // connectie beëindigd.
+                const endDate = c?.endDate ? new Date(c.endDate) : null;
+                if (endDate && Number.isFinite(endDate.getTime()) && endDate.getTime() < Date.now()) {
+                    return false;
+                }
+                return true;
+            })
+                .map((c) => c?.customerOrganizationId ??
+                c?.organizationId ??
+                c?.partnerOrganizationId ??
+                null)
+                .filter((id) => typeof id === "string" && id.length > 0)));
+            // 3) Haal per organisatie de details op (parallel, throttled).
+            const partners = [];
+            const concurrency = 5;
+            let cursor = 0;
+            async function worker() {
+                while (cursor < customerOrgIds.length) {
+                    const idx = cursor++;
+                    const orgId = customerOrgIds[idx];
+                    try {
+                        const r = await fetch(`${base}/organizations/${encodeURIComponent(orgId)}`, { headers });
+                        if (!r.ok) {
+                            // Fallback: alléén ID — beter dan helemaal niets in de lijst.
+                            partners.push({ organizationId: orgId });
+                            continue;
+                        }
+                        const detail = await r.json();
+                        partners.push({ organizationId: orgId, ...detail });
+                    }
+                    catch {
+                        partners.push({ organizationId: orgId });
+                    }
+                    await new Promise((res2) => setTimeout(res2, 50));
+                }
+            }
+            await Promise.all(Array.from({ length: Math.min(concurrency, Math.max(customerOrgIds.length, 1)) }, () => worker()));
+            const rows = partners
+                .map((p) => mapFloridayPartner(p, conn.id))
+                .filter((p) => {
+                if (p === null)
+                    return false;
+                // Skip organisaties zonder echte naam én zonder GLN — dat zijn
+                // geanonimiseerde / beëindigde organisaties die Floriday niet meer
+                // als handelsrelatie toont.
+                const hasRealName = p.company_name &&
+                    !p.company_name.startsWith("Floriday-organisatie ");
+                if (!hasRealName && !p.gln)
+                    return false;
+                // Skip beëindigde organisaties (endDate in het verleden).
+                const rawAny = p.raw;
+                const endDate = rawAny?.endDate ? new Date(rawAny.endDate) : null;
+                if (endDate && Number.isFinite(endDate.getTime()) && endDate.getTime() < Date.now()) {
+                    return false;
+                }
+                return true;
+            });
+            if (rows.length > 0) {
+                const payload = rows.map((r) => ({
+                    organization_id: r.organization_id,
+                    connection_id: r.connection_id,
+                    data: JSON.parse(JSON.stringify(r)),
+                    fetched_at: new Date().toISOString(),
+                }));
+                const { error: upsertError } = await supabaseAdmin
+                    .from("floriday_customers_cache")
+                    .upsert(payload);
+                if (upsertError)
+                    throw new Error(upsertError.message);
+                // Upsert ook naar de zichtbare customers-tabel zodat Floriday-klanten
+                // verschijnen in /klanten.
+                const nowIso = new Date().toISOString();
+                const customerRows = rows.map((r) => ({
+                    company_name: r.company_name,
+                    contact_person: r.contact_person,
+                    email: r.email,
+                    phone: r.phone,
+                    vat_number: r.vat_number,
+                    street: r.street,
+                    house_number: r.house_number,
+                    postal_code: r.postal_code,
+                    city: r.city,
+                    country: r.country,
+                    floriday_organization_id: r.organization_id,
+                    floriday_connection_id: r.connection_id,
+                    source: "floriday",
+                    connection_status: "connected",
+                    sync_status: "synced",
+                    sync_error: null,
+                    last_synced_at: nowIso,
+                    is_active: true,
+                    gln: r.gln,
+                    commercial_name: r.commercial_name,
+                    bio: r.bio,
+                    segments: r.segments,
+                    trade_forms: r.trade_forms,
+                    markets: r.markets,
+                    product_groups: r.product_groups,
+                    payment_methods: r.payment_methods,
+                    organization_type: r.organization_type,
+                    website: r.website,
+                    logo_url: r.logo_url,
+                    custom_fields: JSON.parse(JSON.stringify(r.custom_fields ?? {})),
+                    floriday_raw: JSON.parse(JSON.stringify(r.raw ?? {})),
+                }));
+                // Batchen om payload-limieten te ontwijken.
+                const batchSize = 250;
+                for (let i = 0; i < customerRows.length; i += batchSize) {
+                    const batch = customerRows.slice(i, i + batchSize);
+                    const { error: custErr } = await supabaseAdmin
+                        .from("customers")
+                        .upsert(batch, {
+                        onConflict: "floriday_connection_id,floriday_organization_id",
+                    });
+                    if (custErr)
+                        throw new Error(custErr.message);
+                }
+                // Haal customer-ids op om child-tabellen te kunnen vullen.
+                const orgIds = rows.map((r) => r.organization_id);
+                const { data: custIdRows } = await supabaseAdmin
+                    .from("customers")
+                    .select("id, floriday_organization_id")
+                    .eq("floriday_connection_id", conn.id)
+                    .in("floriday_organization_id", orgIds);
+                const orgToCustomerId = new Map((custIdRows ?? []).map((r) => [
+                    r.floriday_organization_id,
+                    r.id,
+                ]));
+                const { matchWarnings } = await syncChildEntities({
+                    token,
+                    base,
+                    apiKey: conn.api_key,
+                    orgToCustomerId,
+                });
+                for (const w of matchWarnings) {
+                    errors.push({
+                        connectionId: conn.id,
+                        message: `Waarschuwing child-sync (connection ${conn.id}): ${w}`,
+                    });
+                }
+            }
+            totalSynced += rows.length;
+        }
+        catch (err) {
+            errors.push({
+                connectionId: conn.id,
+                message: `Floriday API-fout (connection ${conn.id}): ${err instanceof Error ? err.message : String(err)}`,
+            });
+        }
+    }
+    return { synced: totalSynced, errors };
+}
+/**
+ * Best-effort sync van child-entiteiten (contactpersonen, afleverlocaties,
+ * handelsinstellingen, geselecteerd assortiment). Floriday's Suppliers API
+ * heeft niet altijd 1-op-1 dezelfde endpoints als de FHC-koper-UI; mislukte
+ * endpoints worden stil overgeslagen zodat de hoofdsync niet faalt.
+ */
+async function syncChildEntities(params) {
+    const { token, base, apiKey, orgToCustomerId } = params;
+    const headers = {
+        Authorization: `Bearer ${token}`,
+        "X-Api-Key": apiKey,
+        Accept: "application/json",
+    };
+    const matchWarnings = [];
+    const trackMatch = (label, total, matched) => {
+        if (total === 0)
+            return;
+        if (matched / total < 0.5) {
+            matchWarnings.push(`${label}: ${matched}/${total} gekoppeld aan klant — controleer id-veld`);
+        }
+    };
+    async function safeFetchList(url) {
+        try {
+            const res = await fetch(url, { headers });
+            if (!res.ok)
+                return [];
+            const json = await res.json();
+            if (Array.isArray(json))
+                return json;
+            if (Array.isArray(json?.results))
+                return json.results;
+            if (Array.isArray(json?.items))
+                return json.items;
+            return [];
+        }
+        catch {
+            return [];
+        }
+    }
+    // CONTACTPERSONEN — probeer endpoint-varianten
+    // Let op: de Suppliers API 2026v1 exposeert géén contact-personen van
+    // klant-organisaties (alleen /organizations en /connections bestaan).
+    // We proberen toch de bulk sync-endpoints — voor het geval Floriday er
+    // ooit één publiceert — maar slaan de per-organisatie probe over,
+    // omdat die endpoints niet bestaan en alleen onnodige HTTP-calls
+    // genereren bij elke sync. Contactgegevens (e-mail, telefoon) moeten
+    // handmatig op de klant worden ingevuld.
+    const contactEndpoints = [
+        `${base}/contact-persons/sync/0?limitResult=1000`,
+        `${base}/contacts/sync/0?limitResult=1000`,
+    ];
+    let contacts = [];
+    for (const url of contactEndpoints) {
+        contacts = await safeFetchList(url);
+        if (contacts.length > 0)
+            break;
+    }
+    if (contacts.length > 0) {
+        let matched = 0;
+        const rows = contacts
+            .map((c) => {
+            const orgId = c?.organizationId ?? c?.companyId ?? c?.tradePartnerId;
+            const customerId = orgToCustomerId.get(String(orgId));
+            if (!customerId)
+                return null;
+            matched += 1;
+            const fullName = c?.fullName ??
+                [c?.firstName, c?.lastName].filter(Boolean).join(" ") ??
+                c?.name ??
+                null;
+            if (!fullName)
+                return null;
+            return {
+                customer_id: customerId,
+                floriday_contact_id: c?.contactPersonId ?? c?.id ?? c?.contactId ?? null,
+                full_name: fullName,
+                job_title: c?.jobTitle ?? c?.role ?? c?.function ?? null,
+                email: c?.email ?? c?.emailAddress ?? null,
+                phone: c?.phoneNumber ?? c?.phone ?? null,
+                photo_url: c?.photoUrl ?? c?.avatarUrl ?? null,
+                is_active: c?.isActive ?? true,
+                raw: c,
+            };
+        })
+            .filter((r) => r !== null);
+        trackMatch("contactpersonen", contacts.length, matched);
+        for (let i = 0; i < rows.length; i += 250) {
+            await supabaseAdmin
+                .from("customer_contacts")
+                .upsert(rows.slice(i, i + 250), {
+                onConflict: "customer_id,floriday_contact_id",
+            });
+        }
+    }
+    // AFLEVERLOCATIES
+    const deliveryEndpoints = [
+        `${base}/delivery-locations/sync/0?limitResult=1000`,
+        `${base}/customer-delivery-locations/sync/0?limitResult=1000`,
+    ];
+    let locations = [];
+    for (const url of deliveryEndpoints) {
+        locations = await safeFetchList(url);
+        if (locations.length > 0)
+            break;
+    }
+    if (locations.length > 0) {
+        let matched = 0;
+        const rows = locations
+            .map((l) => {
+            const orgId = l?.organizationId ?? l?.companyId ?? l?.customerId;
+            const customerId = orgToCustomerId.get(String(orgId));
+            if (!customerId)
+                return null;
+            matched += 1;
+            const addr = l?.address ?? l?.physicalAddress ?? {};
+            return {
+                customer_id: customerId,
+                floriday_location_id: l?.deliveryLocationId ?? l?.locationId ?? l?.id ?? null,
+                name: l?.name ?? l?.locationName ?? null,
+                address_line: addr?.addressLine ??
+                    ([addr?.streetName, addr?.houseNumber].filter(Boolean).join(" ") ||
+                        null),
+                postal_code: addr?.postalCode ?? null,
+                city: addr?.city ?? null,
+                country: addr?.countryCode ?? addr?.country ?? null,
+                gln: l?.gln ?? l?.locationGln ?? null,
+                is_primary: l?.isPrimary ?? l?.isFixed ?? false,
+                raw: l,
+            };
+        })
+            .filter((r) => r !== null);
+        trackMatch("afleverlocaties", locations.length, matched);
+        for (let i = 0; i < rows.length; i += 250) {
+            await supabaseAdmin
+                .from("customer_delivery_locations")
+                .upsert(rows.slice(i, i + 250), {
+                onConflict: "customer_id,floriday_location_id",
+            });
+        }
+    }
+    // GESELECTEERD ASSORTIMENT
+    const assortmentEndpoints = [
+        `${base}/customer-specific-offerings/sync/0?limitResult=1000`,
+        `${base}/selected-assortment/sync/0?limitResult=1000`,
+        `${base}/customer-assortments/sync/0?limitResult=1000`,
+    ];
+    let assortment = [];
+    for (const url of assortmentEndpoints) {
+        assortment = await safeFetchList(url);
+        if (assortment.length > 0)
+            break;
+    }
+    if (assortment.length > 0) {
+        let matched = 0;
+        const rows = assortment
+            .map((a) => {
+            const orgId = a?.organizationId ?? a?.customerId ?? a?.tradePartnerId;
+            const customerId = orgToCustomerId.get(String(orgId));
+            if (!customerId)
+                return null;
+            matched += 1;
+            const name = a?.productName ?? a?.tradeItemName ?? a?.name ?? null;
+            if (!name)
+                return null;
+            return {
+                customer_id: customerId,
+                floriday_item_id: a?.tradeItemId ?? a?.offeringId ?? a?.itemId ?? a?.id ?? null,
+                article_number: a?.articleNumber ?? a?.gtin ?? null,
+                product_name: name,
+                product_group: a?.productGroup ?? a?.category ?? null,
+                price: typeof a?.price === "number"
+                    ? a.price
+                    : typeof a?.unitPrice === "number"
+                        ? a.unitPrice
+                        : null,
+                unit: a?.unit ?? a?.priceUnit ?? null,
+                raw: a,
+            };
+        })
+            .filter((r) => r !== null);
+        trackMatch("assortiment", assortment.length, matched);
+        for (let i = 0; i < rows.length; i += 250) {
+            await supabaseAdmin
+                .from("customer_selected_assortment")
+                .upsert(rows.slice(i, i + 250), {
+                onConflict: "customer_id,floriday_item_id",
+            });
+        }
+    }
+    return { matchWarnings };
+}
+/**
+ * Nachtelijke sync van het volledige Floriday-netwerk (alle organisaties
+ * waar de connectie zicht op heeft). Wordt incrementeel opgehaald via een
+ * per-connectie sequence number en in `floriday_network_cache` opgeslagen.
+ * Raakt de `customers`-tabel níet aan — die wordt door
+ * syncAllFloridayCustomers() (= trade-partners) gevuld.
+ */
+export async function syncFloridayNetwork() {
+    const { data: settings } = await supabaseAdmin
+        .from("floriday_settings")
+        .select("active_environment")
+        .eq("id", 1)
+        .maybeSingle();
+    const activeEnv = settings?.active_environment ?? "staging";
+    const { data: connections, error } = await supabaseAdmin
+        .from("floriday_connections")
+        .select("*")
+        .eq("is_active", true)
+        .eq("environment", activeEnv);
+    if (error)
+        throw new Error(error.message);
+    const errors = [];
+    let totalUpserted = 0;
+    for (const conn of connections ?? []) {
+        try {
+            const token = await ensureValidToken(conn);
+            const base = baseUrlFor(conn.environment);
+            const { data: state } = await supabaseAdmin
+                .from("floriday_network_sync_state")
+                .select("last_sequence_number")
+                .eq("connection_id", conn.id)
+                .maybeSingle();
+            let seq = state?.last_sequence_number ?? 0;
+            let pages = 0;
+            const maxPages = 50; // bovengrens, beschermt tegen runaway loops
+            while (pages < maxPages) {
+                const url = `${base}/organizations/sync/${seq}?limitResult=1000`;
+                const res = await fetchWithRetry(url, {
+                    headers: {
+                        Authorization: `Bearer ${token}`,
+                        "X-Api-Key": conn.api_key,
+                        Accept: "application/json",
+                    },
+                });
+                if (!res.ok) {
+                    const body = await res.text().catch(() => "");
+                    throw new Error(`${url} → HTTP ${res.status}${body ? `: ${body.slice(0, 200)}` : ""}`);
+                }
+                const json = (await res.json());
+                const items = Array.isArray(json)
+                    ? json
+                    : Array.isArray(json?.results)
+                        ? json.results
+                        : Array.isArray(json?.items)
+                            ? json.items
+                            : [];
+                if (items.length === 0)
+                    break;
+                const rows = items
+                    .map((o) => {
+                    const orgId = o?.organizationId ?? o?.id;
+                    if (!orgId)
+                        return null;
+                    const addr = o?.physicalAddress ?? o?.mailingAddress ?? o?.address ?? {};
+                    return {
+                        connection_id: conn.id,
+                        organization_id: String(orgId),
+                        organization_name: o?.organizationName ?? o?.name ?? o?.commercialName ?? null,
+                        gln: o?.companyGln ?? o?.gln ?? null,
+                        country: addr?.countryCode ?? addr?.country ?? null,
+                        city: addr?.city ?? null,
+                        data: o,
+                        fetched_at: new Date().toISOString(),
+                    };
+                })
+                    .filter((r) => r !== null);
+                if (rows.length > 0) {
+                    const { error: upErr } = await supabaseAdmin
+                        .from("floriday_network_cache")
+                        .upsert(rows, { onConflict: "connection_id,organization_id" });
+                    if (upErr)
+                        throw new Error(upErr.message);
+                    totalUpserted += rows.length;
+                }
+                // Volgende sequence: hoogste sequenceNumber in de batch + 1.
+                const maxSeq = items.reduce((m, it) => {
+                    const s = Number(it?.sequenceNumber ?? it?.seq ?? 0);
+                    return Number.isFinite(s) && s > m ? s : m;
+                }, seq);
+                if (maxSeq <= seq)
+                    break;
+                seq = maxSeq;
+                pages += 1;
+                if (items.length < 1000)
+                    break; // laatste pagina
+            }
+            await supabaseAdmin
+                .from("floriday_network_sync_state")
+                .upsert({
+                connection_id: conn.id,
+                last_sequence_number: seq,
+                last_synced_at: new Date().toISOString(),
+                last_error: null,
+                updated_at: new Date().toISOString(),
+            });
+            // Verrijk organisaties met lege naam via /organizations/{id} — Floriday
+            // anonimiseert namen in /organizations/sync; het detail-endpoint geeft
+            // ze wel terug voor organisaties waar deze connectie rechten op heeft.
+            await enrichNetworkOrganizations({
+                connectionId: conn.id,
+                token,
+                base,
+                apiKey: conn.api_key,
+            });
+        }
+        catch (err) {
+            const message = err instanceof Error ? err.message : String(err);
+            errors.push({ connectionId: conn.id, message });
+            await supabaseAdmin
+                .from("floriday_network_sync_state")
+                .upsert({
+                connection_id: conn.id,
+                last_sequence_number: 0,
+                last_error: message,
+                updated_at: new Date().toISOString(),
+            });
+        }
+    }
+    return { upserted: totalUpserted, errors };
+}
+async function enrichNetworkOrganizations(params) {
+    const { connectionId, token, base, apiKey } = params;
+    const headers = {
+        Authorization: `Bearer ${token}`,
+        "X-Api-Key": apiKey,
+        Accept: "application/json",
+    };
+    // Pak max 200 organisaties per run zonder naam, om Floriday-rate-limits te
+    // respecteren. Volgende runs werken de rest af.
+    const { data: emptyRows } = await supabaseAdmin
+        .from("floriday_network_cache")
+        .select("organization_id")
+        .eq("connection_id", connectionId)
+        .or("organization_name.is.null,organization_name.eq.")
+        .limit(200);
+    if (!emptyRows || emptyRows.length === 0)
+        return;
+    const rows = emptyRows;
+    const concurrency = 5;
+    let cursor = 0;
+    async function worker() {
+        while (cursor < rows.length) {
+            const idx = cursor++;
+            const row = rows[idx];
+            const url = `${base}/organizations/${encodeURIComponent(row.organization_id)}`;
+            try {
+                const res = await fetch(url, { headers });
+                if (!res.ok)
+                    continue;
+                const detail = await res.json();
+                const addr = detail?.physicalAddress ??
+                    detail?.mailingAddress ??
+                    detail?.address ??
+                    {};
+                const name = detail?.organizationName ??
+                    detail?.name ??
+                    detail?.commercialName ??
+                    null;
+                const gln = detail?.companyGln ?? detail?.gln ?? null;
+                if (!name && !gln)
+                    continue; // niets bruikbaars terug
+                await supabaseAdmin
+                    .from("floriday_network_cache")
+                    .update({
+                    organization_name: name || null,
+                    gln: gln || null,
+                    city: addr?.city ?? null,
+                    country: addr?.countryCode ?? addr?.country ?? null,
+                    data: detail,
+                    fetched_at: new Date().toISOString(),
+                })
+                    .eq("connection_id", connectionId)
+                    .eq("organization_id", row.organization_id);
+            }
+            catch {
+                // ignore — best effort
+            }
+            // throttle een beetje
+            await new Promise((r) => setTimeout(r, 100));
+        }
+    }
+    await Promise.all(Array.from({ length: Math.min(concurrency, rows.length) }, () => worker()));
+}