feat: tambah fitur approval task pada project dan divisi

- tambah model ProjectTaskApproval dan DivisionProjectTaskApproval di schema prisma - tambah field isApprover pada model User - tambah API approval project task: GET riwayat, POST ajukan, PUT setujui/tolak - tambah API approval division task: GET riwayat, POST ajukan, PUT setujui/tolak - notifikasi dikirim ke approver, admin divisi, dan submitter via FCM, web push, dan in-app - tambah PATCH endpoint untuk toggle isApprover pada mobile user API - perbaiki pengecekan role approver menggunakan UserRole.id
Merge pull request 'amalia/06-mei-26' (#43 ) from amalia/06-mei-26 into join
2026-05-07 16:04:11 +08:00 · 2026-05-06 17:16:57 +08:00 · 2026-05-06 16:24:46 +08:00 · 2026-05-06 12:32:34 +08:00 · 2026-05-06 10:54:12 +08:00 · 2026-05-04 17:06:53 +08:00
12 changed files with 1655 additions and 52 deletions
--- a/erd.png
+++ b/erd.png
--- a/generate_erd.py
+++ b/generate_erd.py
@@ -0,0 +1,214 @@
+import matplotlib.pyplot as plt
+import matplotlib.patches as mpatches
+from matplotlib.patches import FancyBboxPatch
+import matplotlib.patheffects as pe
+
+# ── colour palette ──────────────────────────────────────────────────────────
+C = {
+    "admin":    "#4A90D9",
+    "user":     "#2ECC71",
+    "village":  "#E74C3C",
+    "announce": "#F39C12",
+    "project":  "#9B59B6",
+    "division": "#1ABC9C",
+    "discuss":  "#E67E22",
+    "other":    "#95A5A6",
+    "new":      "#E74C3C",
+}
+
+GROUPS = {
+    "Admin":        (["AdminRole","Admin"],                          C["admin"]),
+    "User":         (["UserRole","User","TokenDeviceUser","UserLog"],C["user"]),
+    "Village":      (["Village","ColorTheme","BannerImage"],         C["village"]),
+    "Announcement": (["Announcement","AnnouncementMember",
+                      "AnnouncementFile"],                           C["announce"]),
+    "Project":      (["Project","ProjectMember","ProjectFile",
+                      "ProjectLink","ProjectTask","ProjectTaskFile",
+                      "ProjectTaskDetail"],                          C["project"]),
+    "Division":     (["Division","DivisionMember","DivisionProject",
+                      "DivisionProjectMember","DivisionProjectFile",
+                      "DivisionProjectLink",
+                      "DivisionProjectTask","DivisionProjectTaskFile",
+                      "DivisionProjectTaskDetail",
+                      "DivisionDisscussion","DivisionDisscussionComment",
+                      "DivisionDiscussionFile",
+                      "DivisionDocumentFolderFile","DivisionDocumentShare",
+                      "DivisionCalendar","DivisionCalendarReminder",
+                      "DivisionCalendarMember",
+                      "ContainerFileDivision"],                      C["division"]),
+    "Discussion":   (["Discussion","DiscussionMember",
+                      "DiscussionComment","DiscussionFile"],         C["discuss"]),
+    "Other":        (["Group","Position","Notifications",
+                      "Subscribe","Setting","ContainerImage"],       C["other"]),
+}
+
+NEW_MODELS = {"ProjectTaskFile", "DivisionProjectTaskFile"}
+
+# ── relations (src, dst, label) ─────────────────────────────────────────────
+RELATIONS = [
+    # Admin
+    ("AdminRole","Admin","1-N"),
+    # User
+    ("UserRole","User","1-N"),
+    ("Village","User","1-N"),
+    ("Group","User","1-N"),
+    ("Position","User","0..1-N"),
+    # Village
+    ("Village","Group","1-N"),
+    ("Village","Announcement","1-N"),
+    ("Village","Project","1-N"),
+    ("Village","Division","1-N"),
+    ("Village","Discussion","1-N"),
+    ("Village","ColorTheme","1-N"),
+    ("Village","BannerImage","1-N"),
+    # Group
+    ("Group","Position","1-N"),
+    ("Group","Project","1-N"),
+    ("Group","Division","1-N"),
+    ("Group","AnnouncementMember","1-N"),
+    ("Group","Discussion","1-N"),
+    # Announcement
+    ("Announcement","AnnouncementMember","1-N"),
+    ("Announcement","AnnouncementFile","1-N"),
+    ("Division","AnnouncementMember","1-N"),
+    # Project
+    ("Project","ProjectMember","1-N"),
+    ("Project","ProjectFile","1-N"),
+    ("Project","ProjectLink","1-N"),
+    ("Project","ProjectTask","1-N"),
+    ("ProjectTask","ProjectTaskDetail","1-N"),
+    ("ProjectTask","ProjectTaskFile","1-N"),
+    ("ProjectFile","ProjectTaskFile","1-N"),
+    # Division
+    ("Division","DivisionMember","1-N"),
+    ("Division","DivisionProject","1-N"),
+    ("DivisionProject","DivisionProjectMember","1-N"),
+    ("DivisionProject","DivisionProjectFile","1-N"),
+    ("DivisionProject","DivisionProjectLink","1-N"),
+    ("DivisionProject","DivisionProjectTask","1-N"),
+    ("DivisionProjectTask","DivisionProjectTaskDetail","1-N"),
+    ("DivisionProjectTask","DivisionProjectTaskFile","1-N"),
+    ("DivisionProjectFile","DivisionProjectTaskFile","1-N"),
+    ("ContainerFileDivision","DivisionProjectFile","1-N"),
+    ("Division","DivisionDisscussion","1-N"),
+    ("DivisionDisscussion","DivisionDisscussionComment","1-N"),
+    ("DivisionDisscussion","DivisionDiscussionFile","1-N"),
+    ("Division","DivisionDocumentFolderFile","1-N"),
+    ("DivisionDocumentFolderFile","DivisionDocumentShare","1-N"),
+    ("Division","DivisionCalendar","1-N"),
+    ("DivisionCalendar","DivisionCalendarReminder","1-N"),
+    ("DivisionCalendar","DivisionCalendarMember","1-N"),
+    # Discussion
+    ("Discussion","DiscussionMember","1-N"),
+    ("Discussion","DiscussionComment","1-N"),
+    ("Discussion","DiscussionFile","1-N"),
+    # Other
+    ("User","Notifications","1-N"),
+    ("User","Subscribe","1-1"),
+    ("User","TokenDeviceUser","1-N"),
+    ("User","UserLog","1-N"),
+]
+
+# ── layout: group boxes ──────────────────────────────────────────────────────
+# (x, y, w, h)  in data coordinates (canvas = 0..100 x 0..100)
+LAYOUT = {
+    "Admin":        ( 1, 88, 18, 10),
+    "User":         ( 1, 68, 22, 18),
+    "Village":      (26, 88, 22, 10),
+    "Other":        (51, 88, 22, 10),
+    "Announcement": (76, 80, 22, 18),
+    "Project":      ( 1,  2, 38, 48),
+    "Division":     (41,  2, 38, 64),
+    "Discussion":   (81,  2, 17, 30),
+}
+
+def group_center(gname):
+    x,y,w,h = LAYOUT[gname]
+    return x+w/2, y+h/2
+
+def model_pos(model):
+    for gname,(models,_) in GROUPS.items():
+        if model in models:
+            x,y,w,h = LAYOUT[gname]
+            idx = models.index(model)
+            n   = len(models)
+            cols = max(1, min(3, n))
+            rows = (n + cols - 1) // cols
+            col  = idx % cols
+            row  = idx // cols
+            mx   = x + 1.5 + col * (w-2) / cols
+            my   = y + h - 2.5 - row * (h-1.5) / rows
+            return mx, my
+    return 50, 50
+
+# ── draw ─────────────────────────────────────────────────────────────────────
+fig, ax = plt.subplots(figsize=(28, 22))
+ax.set_xlim(0, 100)
+ax.set_ylim(0, 100)
+ax.axis("off")
+fig.patch.set_facecolor("#F0F4F8")
+ax.set_facecolor("#F0F4F8")
+
+ax.set_title("ERD – Sistem Desa Mandiri", fontsize=20, fontweight="bold",
+             color="#2C3E50", pad=14)
+
+# group boxes
+for gname, (models, color) in GROUPS.items():
+    x,y,w,h = LAYOUT[gname]
+    rect = FancyBboxPatch((x,y), w, h,
+                          boxstyle="round,pad=0.3",
+                          linewidth=2, edgecolor=color,
+                          facecolor=color+"22")
+    ax.add_patch(rect)
+    ax.text(x+w/2, y+h-0.6, gname, ha="center", va="top",
+            fontsize=9, fontweight="bold", color=color)
+
+# model nodes
+for gname, (models, color) in GROUPS.items():
+    for m in models:
+        mx, my = model_pos(m)
+        is_new = m in NEW_MODELS
+        fc = "#FFECEC" if is_new else "white"
+        ec = C["new"] if is_new else color
+        lw = 2.5 if is_new else 1.5
+        node = FancyBboxPatch((mx-3.2, my-0.85), 6.4, 1.7,
+                              boxstyle="round,pad=0.2",
+                              linewidth=lw, edgecolor=ec, facecolor=fc)
+        ax.add_patch(node)
+        fw = "bold" if is_new else "normal"
+        ax.text(mx, my, m, ha="center", va="center",
+                fontsize=6.2, color="#2C3E50", fontweight=fw)
+
+# relations
+drawn = set()
+for src, dst, lbl in RELATIONS:
+    key = tuple(sorted([src,dst]))
+    sx, sy = model_pos(src)
+    dx, dy = model_pos(dst)
+    color  = "#BDC3C7"
+    is_new_rel = src in NEW_MODELS or dst in NEW_MODELS
+    if is_new_rel:
+        color = C["new"]
+    ax.annotate("", xy=(dx,dy), xytext=(sx,sy),
+                arrowprops=dict(arrowstyle="-|>", color=color,
+                                lw=1.5 if is_new_rel else 0.8,
+                                connectionstyle="arc3,rad=0.05"))
+    if key not in drawn:
+        mx2, my2 = (sx+dx)/2, (sy+dy)/2
+        ax.text(mx2, my2+0.4, lbl, ha="center", va="bottom",
+                fontsize=4.5, color=color, alpha=0.85)
+        drawn.add(key)
+
+# legend
+leg_items = [
+    mpatches.Patch(facecolor="#FFECEC", edgecolor=C["new"], linewidth=2,
+                   label="Model Baru"),
+    mpatches.Patch(facecolor="white",   edgecolor="#BDC3C7", label="Model Lama"),
+]
+ax.legend(handles=leg_items, loc="lower right", fontsize=9,
+          framealpha=0.9, edgecolor="#BDC3C7")
+
+out = "/Users/wibu04/Documents/Projects/sistem-desa-mandiri/erd.png"
+plt.savefig(out, dpi=150, bbox_inches="tight", facecolor=fig.get_facecolor())
+plt.close()
+print("Saved:", out)
--- a/prisma/migrations/20260505093957_add_task_file/migration.sql
+++ b/prisma/migrations/20260505093957_add_task_file/migration.sql
@@ -0,0 +1,35 @@
+-- CreateTable
+CREATE TABLE "ProjectTaskFile" (
+    "id" TEXT NOT NULL,
+    "idTask" TEXT NOT NULL,
+    "idFile" TEXT NOT NULL,
+    "isActive" BOOLEAN NOT NULL DEFAULT true,
+    "createdAt" TIMESTAMP(3) NOT NULL DEFAULT CURRENT_TIMESTAMP,
+    "updatedAt" TIMESTAMP(3) NOT NULL,
+
+    CONSTRAINT "ProjectTaskFile_pkey" PRIMARY KEY ("id")
+);
+
+-- CreateTable
+CREATE TABLE "DivisionProjectTaskFile" (
+    "id" TEXT NOT NULL,
+    "idTask" TEXT NOT NULL,
+    "idFile" TEXT NOT NULL,
+    "isActive" BOOLEAN NOT NULL DEFAULT true,
+    "createdAt" TIMESTAMP(3) NOT NULL DEFAULT CURRENT_TIMESTAMP,
+    "updatedAt" TIMESTAMP(3) NOT NULL,
+
+    CONSTRAINT "DivisionProjectTaskFile_pkey" PRIMARY KEY ("id")
+);
+
+-- AddForeignKey
+ALTER TABLE "ProjectTaskFile" ADD CONSTRAINT "ProjectTaskFile_idTask_fkey" FOREIGN KEY ("idTask") REFERENCES "ProjectTask"("id") ON DELETE RESTRICT ON UPDATE CASCADE;
+
+-- AddForeignKey
+ALTER TABLE "ProjectTaskFile" ADD CONSTRAINT "ProjectTaskFile_idFile_fkey" FOREIGN KEY ("idFile") REFERENCES "ProjectFile"("id") ON DELETE RESTRICT ON UPDATE CASCADE;
+
+-- AddForeignKey
+ALTER TABLE "DivisionProjectTaskFile" ADD CONSTRAINT "DivisionProjectTaskFile_idTask_fkey" FOREIGN KEY ("idTask") REFERENCES "DivisionProjectTask"("id") ON DELETE RESTRICT ON UPDATE CASCADE;
+
+-- AddForeignKey
+ALTER TABLE "DivisionProjectTaskFile" ADD CONSTRAINT "DivisionProjectTaskFile_idFile_fkey" FOREIGN KEY ("idFile") REFERENCES "DivisionProjectFile"("id") ON DELETE RESTRICT ON UPDATE CASCADE;
--- a/prisma/migrations/20260507034026_add_task_approval/migration.sql
+++ b/prisma/migrations/20260507034026_add_task_approval/migration.sql
@@ -0,0 +1,48 @@
+-- AlterTable
+ALTER TABLE "User" ADD COLUMN     "isApprover" BOOLEAN NOT NULL DEFAULT false;
+
+-- CreateTable
+CREATE TABLE "ProjectTaskApproval" (
+    "id" TEXT NOT NULL,
+    "idTask" TEXT NOT NULL,
+    "idUser" TEXT NOT NULL,
+    "idApprover" TEXT,
+    "status" INTEGER NOT NULL DEFAULT 0,
+    "note" TEXT,
+    "createdAt" TIMESTAMP(3) NOT NULL DEFAULT CURRENT_TIMESTAMP,
+    "updatedAt" TIMESTAMP(3) NOT NULL,
+
+    CONSTRAINT "ProjectTaskApproval_pkey" PRIMARY KEY ("id")
+);
+
+-- CreateTable
+CREATE TABLE "DivisionProjectTaskApproval" (
+    "id" TEXT NOT NULL,
+    "idTask" TEXT NOT NULL,
+    "idUser" TEXT NOT NULL,
+    "idApprover" TEXT,
+    "status" INTEGER NOT NULL DEFAULT 0,
+    "note" TEXT,
+    "createdAt" TIMESTAMP(3) NOT NULL DEFAULT CURRENT_TIMESTAMP,
+    "updatedAt" TIMESTAMP(3) NOT NULL,
+
+    CONSTRAINT "DivisionProjectTaskApproval_pkey" PRIMARY KEY ("id")
+);
+
+-- AddForeignKey
+ALTER TABLE "ProjectTaskApproval" ADD CONSTRAINT "ProjectTaskApproval_idTask_fkey" FOREIGN KEY ("idTask") REFERENCES "ProjectTask"("id") ON DELETE RESTRICT ON UPDATE CASCADE;
+
+-- AddForeignKey
+ALTER TABLE "ProjectTaskApproval" ADD CONSTRAINT "ProjectTaskApproval_idUser_fkey" FOREIGN KEY ("idUser") REFERENCES "User"("id") ON DELETE RESTRICT ON UPDATE CASCADE;
+
+-- AddForeignKey
+ALTER TABLE "ProjectTaskApproval" ADD CONSTRAINT "ProjectTaskApproval_idApprover_fkey" FOREIGN KEY ("idApprover") REFERENCES "User"("id") ON DELETE SET NULL ON UPDATE CASCADE;
+
+-- AddForeignKey
+ALTER TABLE "DivisionProjectTaskApproval" ADD CONSTRAINT "DivisionProjectTaskApproval_idTask_fkey" FOREIGN KEY ("idTask") REFERENCES "DivisionProjectTask"("id") ON DELETE RESTRICT ON UPDATE CASCADE;
+
+-- AddForeignKey
+ALTER TABLE "DivisionProjectTaskApproval" ADD CONSTRAINT "DivisionProjectTaskApproval_idUser_fkey" FOREIGN KEY ("idUser") REFERENCES "User"("id") ON DELETE RESTRICT ON UPDATE CASCADE;
+
+-- AddForeignKey
+ALTER TABLE "DivisionProjectTaskApproval" ADD CONSTRAINT "DivisionProjectTaskApproval_idApprover_fkey" FOREIGN KEY ("idApprover") REFERENCES "User"("id") ON DELETE SET NULL ON UPDATE CASCADE;
--- a/prisma/schema.prisma
+++ b/prisma/schema.prisma
@@ -109,6 +109,7 @@ model User {
  img                        String?
  isFirstLogin               Boolean                      @default(true)
  isWithoutOTP               Boolean                      @default(false)
+  isApprover                 Boolean                      @default(false)
  isActive                   Boolean                      @default(true)
  createdAt                  DateTime                     @default(now())
  updatedAt                  DateTime                     @updatedAt
@@ -125,13 +126,17 @@ model User {
  DivisionDocumentFolderFile DivisionDocumentFolderFile[]
  DivisionCalendar           DivisionCalendar[]
  DivisionCalendarMember     DivisionCalendarMember[]
-  Notifications              Notifications[]              @relation("UserToUser")
-  Notifications2             Notifications[]              @relation("UserFromUser")
-  Subscribe                  Subscribe?
-  Discussion                 Discussion[]
-  DiscussionMember           DiscussionMember[]
-  DiscussionComment          DiscussionComment[]
-  TokenDeviceUser            TokenDeviceUser[]
+  Notifications                        Notifications[]                        @relation("UserToUser")
+  Notifications2                       Notifications[]                        @relation("UserFromUser")
+  Subscribe                            Subscribe?
+  Discussion                           Discussion[]
+  DiscussionMember                     DiscussionMember[]
+  DiscussionComment                    DiscussionComment[]
+  TokenDeviceUser                      TokenDeviceUser[]
+  ProjectTaskApprovalSubmitted         ProjectTaskApproval[]                  @relation("ApprovalSubmitter")
+  ProjectTaskApprovalHandled           ProjectTaskApproval[]                  @relation("ApprovalApprover")
+  DivisionProjectTaskApprovalSubmitted DivisionProjectTaskApproval[]          @relation("DivApprovalSubmitter")
+  DivisionProjectTaskApprovalHandled   DivisionProjectTaskApproval[]          @relation("DivApprovalApprover")
 }

 model TokenDeviceUser {
@@ -232,15 +237,16 @@ model ProjectMember {
 }

 model ProjectFile {
-  id        String   @id @default(cuid())
-  Project   Project  @relation(fields: [idProject], references: [id])
-  idProject String
-  name      String
-  extension String
-  idStorage String?
-  isActive  Boolean  @default(true)
-  createdAt DateTime @default(now())
-  updatedAt DateTime @updatedAt
+  id              String            @id @default(cuid())
+  Project         Project           @relation(fields: [idProject], references: [id])
+  idProject       String
+  name            String
+  extension       String
+  idStorage       String?
+  isActive        Boolean           @default(true)
+  createdAt       DateTime          @default(now())
+  updatedAt       DateTime          @updatedAt
+  ProjectTaskFile ProjectTaskFile[]
 }

 model ProjectLink {
@@ -259,14 +265,27 @@ model ProjectTask {
  idProject         String
  title             String
  desc              String?
-  status            Int                 @default(0) // 0 = todo, 1 = done
-  notifikasi        Boolean             @default(false)
-  dateStart         DateTime            @db.Date
-  dateEnd           DateTime            @db.Date
-  isActive          Boolean             @default(true)
-  createdAt         DateTime            @default(now())
-  updatedAt         DateTime            @updatedAt
-  ProjectTaskDetail ProjectTaskDetail[]
+  status              Int                   @default(0) // 0 = todo, 1 = done, 2 = waiting_approval
+  notifikasi          Boolean               @default(false)
+  dateStart           DateTime              @db.Date
+  dateEnd             DateTime              @db.Date
+  isActive            Boolean               @default(true)
+  createdAt           DateTime              @default(now())
+  updatedAt           DateTime              @updatedAt
+  ProjectTaskDetail   ProjectTaskDetail[]
+  ProjectTaskFile     ProjectTaskFile[]
+  ProjectTaskApproval ProjectTaskApproval[]
+}
+
+model ProjectTaskFile {
+  id          String      @id @default(cuid())
+  ProjectTask ProjectTask @relation(fields: [idTask], references: [id])
+  idTask      String
+  ProjectFile ProjectFile @relation(fields: [idFile], references: [id])
+  idFile      String
+  isActive    Boolean     @default(true)
+  createdAt   DateTime    @default(now())
+  updatedAt   DateTime    @updatedAt
 }

 model ProjectTaskDetail {
@@ -360,14 +379,16 @@ model DivisionProjectTask {
  idProject                 String
  title                     String
  desc                      String?                     @db.Text
-  status                    Int                         @default(0) // 0 = todo, 1 = done
-  notifikasi                Boolean                     @default(false)
-  dateStart                 DateTime                    @db.Date
-  dateEnd                   DateTime                    @db.Date
-  isActive                  Boolean                     @default(true)
-  createdAt                 DateTime                    @default(now())
-  updatedAt                 DateTime                    @updatedAt
-  DivisionProjectTaskDetail DivisionProjectTaskDetail[]
+  status                      Int                           @default(0) // 0 = todo, 1 = done, 2 = waiting_approval
+  notifikasi                  Boolean                       @default(false)
+  dateStart                   DateTime                      @db.Date
+  dateEnd                     DateTime                      @db.Date
+  isActive                    Boolean                       @default(true)
+  createdAt                   DateTime                      @default(now())
+  updatedAt                   DateTime                      @updatedAt
+  DivisionProjectTaskDetail   DivisionProjectTaskDetail[]
+  DivisionProjectTaskFile     DivisionProjectTaskFile[]
+  DivisionProjectTaskApproval DivisionProjectTaskApproval[]
 }

 model DivisionProjectTaskDetail {
@@ -397,18 +418,30 @@ model DivisionProjectMember {
 }

 model DivisionProjectFile {
-  id                    String                @id @default(cuid())
-  Division              Division              @relation(fields: [idDivision], references: [id])
-  idDivision            String
-  DivisionProject       DivisionProject       @relation(fields: [idProject], references: [id])
-  idProject             String
-  ContainerFileDivision ContainerFileDivision @relation(fields: [idFile], references: [id])
-  idFile                String
-  isActive              Boolean               @default(true)
-  User                  User                  @relation(fields: [createdBy], references: [id])
-  createdBy             String
-  createdAt             DateTime              @default(now())
-  updatedAt             DateTime              @updatedAt
+  id                      String                    @id @default(cuid())
+  Division                Division                  @relation(fields: [idDivision], references: [id])
+  idDivision              String
+  DivisionProject         DivisionProject           @relation(fields: [idProject], references: [id])
+  idProject               String
+  ContainerFileDivision   ContainerFileDivision     @relation(fields: [idFile], references: [id])
+  idFile                  String
+  isActive                Boolean                   @default(true)
+  User                    User                      @relation(fields: [createdBy], references: [id])
+  createdBy               String
+  createdAt               DateTime                  @default(now())
+  updatedAt               DateTime                  @updatedAt
+  DivisionProjectTaskFile DivisionProjectTaskFile[]
+}
+
+model DivisionProjectTaskFile {
+  id                  String              @id @default(cuid())
+  DivisionProjectTask DivisionProjectTask @relation(fields: [idTask], references: [id])
+  idTask              String
+  DivisionProjectFile DivisionProjectFile @relation(fields: [idFile], references: [id])
+  idFile              String
+  isActive            Boolean             @default(true)
+  createdAt           DateTime            @default(now())
+  updatedAt           DateTime            @updatedAt
 }

 model DivisionDisscussion {
@@ -668,3 +701,31 @@ model Setting{
  createdAt    DateTime   @default(now())
  updatedAt    DateTime   @updatedAt
 }
+
+model ProjectTaskApproval {
+  id          String      @id @default(cuid())
+  ProjectTask ProjectTask @relation(fields: [idTask], references: [id])
+  idTask      String
+  Submitter   User        @relation("ApprovalSubmitter", fields: [idUser], references: [id])
+  idUser      String
+  Approver    User?       @relation("ApprovalApprover", fields: [idApprover], references: [id])
+  idApprover  String?
+  status      Int         @default(0) // 0 = pending, 1 = approved, 2 = rejected
+  note        String?     @db.Text
+  createdAt   DateTime    @default(now())
+  updatedAt   DateTime    @updatedAt
+}
+
+model DivisionProjectTaskApproval {
+  id                  String              @id @default(cuid())
+  DivisionProjectTask DivisionProjectTask @relation(fields: [idTask], references: [id])
+  idTask              String
+  Submitter           User                @relation("DivApprovalSubmitter", fields: [idUser], references: [id])
+  idUser              String
+  Approver            User?               @relation("DivApprovalApprover", fields: [idApprover], references: [id])
+  idApprover          String?
+  status              Int                 @default(0) // 0 = pending, 1 = approved, 2 = rejected
+  note                String?             @db.Text
+  createdAt           DateTime            @default(now())
+  updatedAt           DateTime            @updatedAt
+}
--- a/src/app/api/mobile/project/[id]/route.ts
+++ b/src/app/api/mobile/project/[id]/route.ts
@@ -68,7 +68,18 @@ export async function GET(request: Request, context: { params: { id: string } })
                    status: true,
                    dateStart: true,
                    dateEnd: true,
-                    createdAt: true
+                    createdAt: true,
+                    ProjectTaskFile: {
+                        where: { isActive: true },
+                        select: {
+                            ProjectFile: {
+                                select: {
+                                    name: true,
+                                    extension: true
+                                }
+                            }
+                        }
+                    }
                },
                orderBy: {
                    dateStart: 'asc'
@@ -76,12 +87,15 @@ export async function GET(request: Request, context: { params: { id: string } })
            })

            const formatData = dataProgress.map((v: any) => ({
-                ..._.omit(v, ["dateStart", "dateEnd", "createdAt"]),
-                dateStart: moment(v.dateStart).format("DD-MM-YYYY"),
-                dateEnd: moment(v.dateEnd).format("DD-MM-YYYY"),
+                ..._.omit(v, ["dateStart", "dateEnd", "createdAt", "ProjectTaskFile"]),
+                dateStart: moment(v.dateStart).format("DD MMM YYYY"),
+                dateEnd: moment(v.dateEnd).format("DD MMM YYYY"),
                createdAt: moment(v.createdAt).format("DD-MM-YYYY HH:mm"),
+                files: v.ProjectTaskFile.map((tf: any) => ({
+                    name: tf.ProjectFile.name,
+                    extension: tf.ProjectFile.extension
+                }))
            }))
-            // const dataFix = _.orderBy(formatData, 'createdAt', 'asc')
            allData = formatData

        } else if (kategori == "file") {
--- a/src/app/api/mobile/project/task/[id]/approval/route.ts
+++ b/src/app/api/mobile/project/task/[id]/approval/route.ts
@@ -0,0 +1,364 @@
+import { funSendWebPush, prisma } from "@/module/_global";
+import { funGetUserById } from "@/module/auth";
+import { createLogUserMobile } from "@/module/user";
+import _ from "lodash";
+import moment from "moment";
+import { NextResponse } from "next/server";
+import { sendFCMNotificationMany } from "../../../../../../../../xsendMany";
+
+const APPROVER_ROLES = ['supadmin', 'developer'];
+
+async function getApproverStatus(userId: string): Promise<boolean> {
+    const user = await prisma.user.findUnique({
+        where: { id: userId },
+        select: {
+            isApprover: true,
+            UserRole: { select: { id: true } }
+        }
+    });
+    if (!user) return false;
+    return user.isApprover || APPROVER_ROLES.includes(user.UserRole.id);
+}
+
+async function recalculateProjectStatus(idProject: string) {
+    const tasks = await prisma.projectTask.findMany({
+        where: { isActive: true, idProject },
+        select: { status: true }
+    });
+
+    const semua = tasks.length;
+    const selesai = tasks.filter((t) => t.status === 1).length;
+    const prosess = semua === 0 ? 0 : Math.ceil((selesai / semua) * 100);
+
+    let statusProject = 1;
+    if (prosess === 100) statusProject = 2;
+    else if (prosess === 0) statusProject = 0;
+
+    await prisma.project.update({
+        where: { id: idProject },
+        data: { status: statusProject }
+    });
+}
+
+type NotifTarget = {
+    idUserTo: string;
+    tokens: string[];
+    subscription: string | undefined;
+}
+
+async function sendNotification({
+    targets,
+    idUserFrom,
+    idContent,
+    title,
+    desc,
+}: {
+    targets: NotifTarget[];
+    idUserFrom: string;
+    idContent: string;
+    title: string;
+    desc: string;
+}) {
+    const filtered = targets.filter((t) => t.idUserTo !== idUserFrom);
+    const unique = _.uniqBy(filtered, 'idUserTo');
+
+    if (unique.length === 0) return;
+
+    // In-app notification
+    await prisma.notifications.createMany({
+        data: unique.map((t) => ({
+            idUserTo: t.idUserTo,
+            idUserFrom,
+            category: 'project',
+            idContent,
+            title,
+            desc,
+        }))
+    });
+
+    // FCM push notification
+    const tokens = [...new Set(unique.flatMap((t) => t.tokens))].filter(Boolean);
+    if (tokens.length > 0) {
+        await sendFCMNotificationMany({
+            token: tokens,
+            title,
+            body: desc,
+            data: { id: idContent, category: 'project', content: idContent }
+        });
+    }
+
+    // Web push notification
+    const subs = unique
+        .filter((t): t is typeof t & { subscription: string } => Boolean(t.subscription))
+        .map((t) => ({ idUser: t.idUserTo, subscription: t.subscription }));
+    if (subs.length > 0) {
+        await funSendWebPush({ sub: subs, message: { title, body: desc } });
+    }
+}
+
+async function getApproversInVillage(idVillage: string): Promise<NotifTarget[]> {
+    const approvers = await prisma.user.findMany({
+        where: {
+            isActive: true,
+            idVillage,
+            OR: [
+                { isApprover: true },
+                { UserRole: { id: 'supadmin' } }
+            ]
+        },
+        select: {
+            id: true,
+            TokenDeviceUser: { select: { token: true } },
+            Subscribe: { select: { subscription: true } }
+        }
+    });
+
+    return approvers.map((u) => ({
+        idUserTo: u.id,
+        tokens: u.TokenDeviceUser.map((t) => t.token),
+        subscription: u.Subscribe?.subscription ?? undefined,
+    }));
+}
+
+async function getUserNotifTarget(userId: string): Promise<NotifTarget | null> {
+    const user = await prisma.user.findUnique({
+        where: { id: userId },
+        select: {
+            id: true,
+            TokenDeviceUser: { select: { token: true } },
+            Subscribe: { select: { subscription: true } }
+        }
+    });
+    if (!user) return null;
+    return {
+        idUserTo: user.id,
+        tokens: user.TokenDeviceUser.map((t) => t.token),
+        subscription: user.Subscribe?.subscription ?? undefined,
+    };
+}
+
+
+// GET — Riwayat approval task
+export async function GET(request: Request, context: { params: { id: string } }) {
+    try {
+        const { id } = context.params;
+        const { searchParams } = new URL(request.url);
+        const user = searchParams.get("user");
+
+        const userMobile = await funGetUserById({ id: String(user) });
+        if (!userMobile.id) {
+            return NextResponse.json({ success: false, message: "Anda harus login untuk mengakses ini" }, { status: 200 });
+        }
+
+        const task = await prisma.projectTask.count({ where: { id, isActive: true } });
+        if (task === 0) {
+            return NextResponse.json({ success: false, message: "Tugas tidak ditemukan" }, { status: 200 });
+        }
+
+        const data = await prisma.projectTaskApproval.findMany({
+            where: { idTask: id },
+            orderBy: { createdAt: "desc" },
+            select: {
+                id: true,
+                status: true,
+                note: true,
+                createdAt: true,
+                Submitter: { select: { name: true } },
+                Approver: { select: { name: true } },
+            }
+        });
+
+        const formatted = data.map((v) => ({
+            id: v.id,
+            status: v.status,
+            note: v.note,
+            createdAt: moment(v.createdAt).format("DD MMM YYYY, HH:mm"),
+            submitter: { name: v.Submitter.name },
+            approver: v.Approver ? { name: v.Approver.name } : null,
+        }));
+
+        return NextResponse.json({ success: true, message: "Riwayat approval berhasil ditemukan", data: formatted }, { status: 200 });
+    } catch (error) {
+        console.error(error);
+        return NextResponse.json({ success: false, message: "Gagal mendapatkan riwayat approval (error: 500)", reason: (error as Error).message }, { status: 500 });
+    }
+}
+
+
+// POST — Ajukan selesai (user mengajukan task untuk persetujuan)
+export async function POST(request: Request, context: { params: { id: string } }) {
+    try {
+        const { id } = context.params;
+        const { user } = await request.json();
+
+        const userMobile = await funGetUserById({ id: String(user) });
+        if (!userMobile.id) {
+            return NextResponse.json({ success: false, message: "Anda harus login untuk mengakses ini" }, { status: 200 });
+        }
+
+        const task = await prisma.projectTask.findUnique({
+            where: { id, isActive: true },
+            select: { id: true, status: true, idProject: true, title: true }
+        });
+
+        if (!task) {
+            return NextResponse.json({ success: false, message: "Tugas tidak ditemukan" }, { status: 200 });
+        }
+
+        if (task.status !== 0) {
+            return NextResponse.json({ success: false, message: "Hanya tugas berstatus 'Belum Selesai' yang bisa diajukan" }, { status: 200 });
+        }
+
+        const pendingApproval = await prisma.projectTaskApproval.count({
+            where: { idTask: id, status: 0 }
+        });
+
+        if (pendingApproval > 0) {
+            return NextResponse.json({ success: false, message: "Tugas sudah dalam proses menunggu persetujuan" }, { status: 200 });
+        }
+
+        await prisma.$transaction([
+            prisma.projectTaskApproval.create({
+                data: { idTask: id, idUser: userMobile.id, status: 0 }
+            }),
+            prisma.projectTask.update({
+                where: { id },
+                data: { status: 2 }
+            })
+        ]);
+
+        await recalculateProjectStatus(task.idProject);
+
+        // Notifikasi ke semua approver
+        const approverTargets = await getApproversInVillage(String(userMobile.idVillage));
+        await sendNotification({
+            targets: approverTargets,
+            idUserFrom: userMobile.id,
+            idContent: task.idProject,
+            title: 'Pengajuan Penyelesaian Tugas',
+            desc: task.title,
+        });
+
+        await createLogUserMobile({ act: 'CREATE', desc: 'User mengajukan task untuk persetujuan', table: 'projectTaskApproval', data: id, user: userMobile.id });
+
+        return NextResponse.json({ success: true, message: "Tugas berhasil diajukan untuk persetujuan" }, { status: 200 });
+    } catch (error) {
+        console.error(error);
+        return NextResponse.json({ success: false, message: "Gagal mengajukan tugas (error: 500)", reason: (error as Error).message }, { status: 500 });
+    }
+}
+
+
+// PUT — Setujui atau Tolak (approver action)
+export async function PUT(request: Request, context: { params: { id: string } }) {
+    try {
+        const { id } = context.params;
+        const { user, action, note } = await request.json();
+
+        if (!['approve', 'reject'].includes(action)) {
+            return NextResponse.json({ success: false, message: "Action tidak valid, gunakan 'approve' atau 'reject'" }, { status: 200 });
+        }
+
+        const userMobile = await funGetUserById({ id: String(user) });
+        if (!userMobile.id) {
+            return NextResponse.json({ success: false, message: "Anda harus login untuk mengakses ini" }, { status: 200 });
+        }
+
+        const canApprove = await getApproverStatus(userMobile.id);
+        if (!canApprove) {
+            return NextResponse.json({ success: false, message: "Anda tidak memiliki izin untuk menyetujui atau menolak tugas" }, { status: 200 });
+        }
+
+        const task = await prisma.projectTask.findUnique({
+            where: { id, isActive: true },
+            select: { id: true, status: true, idProject: true, title: true }
+        });
+
+        if (!task) {
+            return NextResponse.json({ success: false, message: "Tugas tidak ditemukan" }, { status: 200 });
+        }
+
+        if (task.status !== 2) {
+            return NextResponse.json({ success: false, message: "Tugas tidak sedang menunggu persetujuan" }, { status: 200 });
+        }
+
+        const pendingApproval = await prisma.projectTaskApproval.findFirst({
+            where: { idTask: id, status: 0 },
+            orderBy: { createdAt: "desc" },
+            select: { id: true, idUser: true }
+        });
+
+        if (!pendingApproval) {
+            return NextResponse.json({ success: false, message: "Data persetujuan pending tidak ditemukan" }, { status: 200 });
+        }
+
+        if (action === 'approve') {
+            await prisma.$transaction([
+                prisma.projectTaskApproval.update({
+                    where: { id: pendingApproval.id },
+                    data: { status: 1, idApprover: userMobile.id }
+                }),
+                prisma.projectTask.update({
+                    where: { id },
+                    data: { status: 1 }
+                })
+            ]);
+
+            await recalculateProjectStatus(task.idProject);
+
+            // Notifikasi ke submitter
+            const submitterTarget = await getUserNotifTarget(pendingApproval.idUser);
+            if (submitterTarget) {
+                await sendNotification({
+                    targets: [submitterTarget],
+                    idUserFrom: userMobile.id,
+                    idContent: task.idProject,
+                    title: 'Tugas Disetujui',
+                    desc: task.title,
+                });
+            }
+
+            await createLogUserMobile({ act: 'UPDATE', desc: 'Approver menyetujui task', table: 'projectTaskApproval', data: id, user: userMobile.id });
+
+            return NextResponse.json({ success: true, message: "Tugas berhasil disetujui" }, { status: 200 });
+        }
+
+        // reject
+        if (!note || String(note).trim() === '') {
+            return NextResponse.json({ success: false, message: "Alasan penolakan wajib diisi" }, { status: 200 });
+        }
+
+        await prisma.$transaction([
+            prisma.projectTaskApproval.update({
+                where: { id: pendingApproval.id },
+                data: { status: 2, idApprover: userMobile.id, note: String(note).trim() }
+            }),
+            prisma.projectTask.update({
+                where: { id },
+                data: { status: 0 }
+            })
+        ]);
+
+        await recalculateProjectStatus(task.idProject);
+
+        // Notifikasi ke submitter
+        const submitterTarget = await getUserNotifTarget(pendingApproval.idUser);
+        if (submitterTarget) {
+            await sendNotification({
+                targets: [submitterTarget],
+                idUserFrom: userMobile.id,
+                idContent: task.idProject,
+                title: 'Tugas Ditolak',
+                desc: task.title,
+            });
+        }
+
+        await createLogUserMobile({ act: 'UPDATE', desc: 'Approver menolak task', table: 'projectTaskApproval', data: id, user: userMobile.id });
+
+        return NextResponse.json({ success: true, message: "Tugas berhasil ditolak" }, { status: 200 });
+
+    } catch (error) {
+        console.error(error);
+        return NextResponse.json({ success: false, message: "Gagal memproses persetujuan (error: 500)", reason: (error as Error).message }, { status: 500 });
+    }
+}
--- a/src/app/api/mobile/project/task/file/[id]/route.ts
+++ b/src/app/api/mobile/project/task/file/[id]/route.ts
@@ -0,0 +1,198 @@
+import { DIR, funUploadFile, prisma } from "@/module/_global";
+import { funGetUserById } from "@/module/auth";
+import { createLogUserMobile } from "@/module/user";
+import { NextResponse } from "next/server";
+
+// GET: daftar file yang terlampir pada ProjectTask
+// [id] = ProjectTask.id
+export async function GET(request: Request, context: { params: { id: string } }) {
+   try {
+      const { id } = context.params;
+      const { searchParams } = new URL(request.url);
+      const userMobile = searchParams.get("user");
+
+      const user = await funGetUserById({ id: String(userMobile) });
+      if (!user.id || user.id === "null") {
+         return NextResponse.json({ success: false, message: "Anda harus login untuk mengakses ini" }, { status: 200 });
+      }
+
+      const data = await prisma.projectTaskFile.findMany({
+         where: {
+            idTask: id,
+            isActive: true,
+         },
+         select: {
+            id: true,
+            ProjectFile: {
+               select: {
+                  id: true,
+                  name: true,
+                  extension: true,
+                  idStorage: true,
+               },
+            },
+         },
+         orderBy: { createdAt: "asc" },
+      });
+
+      const result = data.map((v) => ({
+         id: v.id,           // ProjectTaskFile.id — dipakai untuk DELETE
+         idFile: v.ProjectFile.id,  // ProjectFile.id — dipakai untuk filter duplikat di picker
+         name: v.ProjectFile.name,
+         extension: v.ProjectFile.extension,
+         idStorage: v.ProjectFile.idStorage,
+      }));
+
+      return NextResponse.json({ success: true, message: "Berhasil mendapatkan file tugas", data: result }, { status: 200 });
+   } catch (error) {
+      console.error(error);
+      return NextResponse.json({ success: false, message: "Gagal mendapatkan file tugas (error: 500)", reason: (error as Error).message }, { status: 500 });
+   }
+}
+
+// POST: upload file baru ke ProjectTask
+// Membuat ProjectFile baru lalu membuat ProjectTaskFile (junction)
+// [id] = ProjectTask.id
+export async function POST(request: Request, context: { params: { id: string } }) {
+   try {
+      const { id } = context.params;
+      const body = await request.formData();
+      const data = JSON.parse(body.get("data") as string);
+
+      const user = await funGetUserById({ id: data.user });
+      if (!user.id || user.id === "null") {
+         return NextResponse.json({ success: false, message: "Anda harus login untuk mengakses ini" }, { status: 200 });
+      }
+
+      const task = await prisma.projectTask.findUnique({
+         where: { id },
+         select: { id: true, idProject: true },
+      });
+
+      if (!task) {
+         return NextResponse.json({ success: false, message: "Tugas tidak ditemukan" }, { status: 200 });
+      }
+
+      const hasCekFile = body.has("file0");
+      if (!hasCekFile) {
+         return NextResponse.json({ success: false, message: "Tidak ada file yang dikirim" }, { status: 200 });
+      }
+
+      body.delete("data");
+      for (const [key] of body.entries()) {
+         if (!key.startsWith("file")) continue;
+
+         const file = body.get(key) as File;
+         const fExt = file.name.split(".").pop();
+         const fName = file.name.replace("." + fExt, "");
+
+         const upload = await funUploadFile({ file, dirId: DIR.project });
+         if (!upload.success) continue;
+
+         const projectFile = await prisma.projectFile.create({
+            data: {
+               idProject: task.idProject,
+               name: fName,
+               extension: String(fExt),
+               idStorage: upload.data.id,
+            },
+            select: { id: true },
+         });
+
+         await prisma.projectTaskFile.create({
+            data: {
+               idTask: id,
+               idFile: projectFile.id,
+            },
+         });
+      }
+
+      await createLogUserMobile({ act: "CREATE", desc: "User menambah file pada tugas kegiatan", table: "projectTask", data: id, user: user.id });
+
+      return NextResponse.json({ success: true, message: "Berhasil menambahkan file" }, { status: 200 });
+   } catch (error) {
+      console.error(error);
+      return NextResponse.json({ success: false, message: "Gagal menambahkan file (error: 500)", reason: (error as Error).message }, { status: 500 });
+   }
+}
+
+// PATCH: link ProjectFile yang sudah ada ke ProjectTask
+// Body: { user, idFile }  — idFile = ProjectFile.id
+// [id] = ProjectTask.id
+export async function PATCH(request: Request, context: { params: { id: string } }) {
+   try {
+      const { id } = context.params;
+      const { user: userId, idFile } = await request.json();
+
+      const user = await funGetUserById({ id: String(userId) });
+      if (!user.id || user.id === "null") {
+         return NextResponse.json({ success: false, message: "Anda harus login untuk mengakses ini" }, { status: 200 });
+      }
+
+      const task = await prisma.projectTask.findUnique({
+         where: { id },
+         select: { id: true },
+      });
+      if (!task) {
+         return NextResponse.json({ success: false, message: "Tugas tidak ditemukan" }, { status: 200 });
+      }
+
+      const file = await prisma.projectFile.findUnique({
+         where: { id: idFile },
+         select: { id: true },
+      });
+      if (!file) {
+         return NextResponse.json({ success: false, message: "File tidak ditemukan" }, { status: 200 });
+      }
+
+      // cek apakah sudah pernah di-link
+      const existing = await prisma.projectTaskFile.findFirst({
+         where: { idTask: id, idFile, isActive: true },
+      });
+      if (existing) {
+         return NextResponse.json({ success: false, message: "File sudah terlampir pada tugas ini" }, { status: 200 });
+      }
+
+      await prisma.projectTaskFile.create({
+         data: { idTask: id, idFile },
+      });
+
+      await createLogUserMobile({ act: "CREATE", desc: "User melampirkan file kegiatan ke tugas", table: "projectTask", data: id, user: user.id });
+
+      return NextResponse.json({ success: true, message: "Berhasil melampirkan file" }, { status: 200 });
+   } catch (error) {
+      console.error(error);
+      return NextResponse.json({ success: false, message: "Gagal melampirkan file (error: 500)", reason: (error as Error).message }, { status: 500 });
+   }
+}
+
+// DELETE: hapus lampiran file dari ProjectTask (hapus junction record saja)
+// [id] = ProjectTaskFile.id
+export async function DELETE(request: Request, context: { params: { id: string } }) {
+   try {
+      const { id } = context.params;
+      const { user: userId } = await request.json();
+
+      const user = await funGetUserById({ id: String(userId) });
+      if (!user.id || user.id === "null") {
+         return NextResponse.json({ success: false, message: "Anda harus login untuk mengakses ini" }, { status: 200 });
+      }
+
+      const junction = await prisma.projectTaskFile.findUnique({
+         where: { id },
+         select: { id: true, idTask: true },
+      });
+      if (!junction) {
+         return NextResponse.json({ success: false, message: "Data tidak ditemukan" }, { status: 200 });
+      }
+
+      await prisma.projectTaskFile.delete({ where: { id } });
+
+      await createLogUserMobile({ act: "DELETE", desc: "User menghapus lampiran file dari tugas kegiatan", table: "projectTask", data: junction.idTask, user: user.id });
+
+      return NextResponse.json({ success: true, message: "Berhasil menghapus lampiran file" }, { status: 200 });
+   } catch (error) {
+      console.error(error);
+      return NextResponse.json({ success: false, message: "Gagal menghapus lampiran file (error: 500)", reason: (error as Error).message }, { status: 500 });
+   }
+}
--- a/src/app/api/mobile/task/[id]/route.ts
+++ b/src/app/api/mobile/task/[id]/route.ts
@@ -74,6 +74,21 @@ export async function GET(request: Request, context: { params: { id: string } })
               status: true,
               dateStart: true,
               dateEnd: true,
+               DivisionProjectTaskFile: {
+                  where: { isActive: true },
+                  select: {
+                     DivisionProjectFile: {
+                        select: {
+                           ContainerFileDivision: {
+                              select: {
+                                 name: true,
+                                 extension: true,
+                              },
+                           },
+                        },
+                     },
+                  },
+               },
            },
            orderBy: {
               dateStart: 'asc'
@@ -81,9 +96,13 @@ export async function GET(request: Request, context: { params: { id: string } })
         })

         const fix = dataProgress.map((v: any) => ({
-            ..._.omit(v, ["dateStart", "dateEnd"]),
-            dateStart: moment(v.dateStart).format("DD-MM-YYYY"),
-            dateEnd: moment(v.dateEnd).format("DD-MM-YYYY"),
+            ..._.omit(v, ["dateStart", "dateEnd", "DivisionProjectTaskFile"]),
+            dateStart: moment(v.dateStart).format("DD MMM YYYY"),
+            dateEnd: moment(v.dateEnd).format("DD MMM YYYY"),
+            files: v.DivisionProjectTaskFile.map((tf: any) => ({
+               name: tf.DivisionProjectFile.ContainerFileDivision.name,
+               extension: tf.DivisionProjectFile.ContainerFileDivision.extension,
+            })),
         }))

         allData = fix
--- a/src/app/api/mobile/task/tugas/[id]/approval/route.ts
+++ b/src/app/api/mobile/task/tugas/[id]/approval/route.ts
@@ -0,0 +1,408 @@
+import { funSendWebPush, prisma } from "@/module/_global";
+import { funGetUserById } from "@/module/auth";
+import { createLogUserMobile } from "@/module/user";
+import _ from "lodash";
+import moment from "moment";
+import { NextResponse } from "next/server";
+import { sendFCMNotificationMany } from "../../../../../../../../xsendMany";
+
+const APPROVER_ROLES = ['supadmin', 'developer'];
+
+async function getApproverStatus(userId: string): Promise<boolean> {
+    const user = await prisma.user.findUnique({
+        where: { id: userId },
+        select: {
+            isApprover: true,
+            UserRole: { select: { id: true } }
+        }
+    });
+    if (!user) return false;
+    return user.isApprover || APPROVER_ROLES.includes(user.UserRole.id);
+}
+
+async function recalculateTaskStatus(idProject: string) {
+    const tasks = await prisma.divisionProjectTask.findMany({
+        where: { isActive: true, idProject },
+        select: { status: true }
+    });
+
+    const semua = tasks.length;
+    const selesai = tasks.filter((t) => t.status === 1).length;
+    const prosess = semua === 0 ? 0 : Math.ceil((selesai / semua) * 100);
+
+    let statusProject = 1;
+    if (prosess === 100) statusProject = 2;
+    else if (prosess === 0) statusProject = 0;
+
+    await prisma.divisionProject.update({
+        where: { id: idProject },
+        data: { status: statusProject }
+    });
+}
+
+type NotifTarget = {
+    idUserTo: string;
+    tokens: string[];
+    subscription: string | undefined;
+}
+
+async function sendNotification({
+    targets,
+    idUserFrom,
+    idContent,
+    category,
+    title,
+    desc,
+}: {
+    targets: NotifTarget[];
+    idUserFrom: string;
+    idContent: string;
+    category: string;
+    title: string;
+    desc: string;
+}) {
+    const filtered = targets.filter((t) => t.idUserTo !== idUserFrom);
+    const unique = _.uniqBy(filtered, 'idUserTo');
+
+    if (unique.length === 0) return;
+
+    await prisma.notifications.createMany({
+        data: unique.map((t) => ({
+            idUserTo: t.idUserTo,
+            idUserFrom,
+            category,
+            idContent,
+            title,
+            desc,
+        }))
+    });
+
+    const tokens = [...new Set(unique.flatMap((t) => t.tokens))].filter(Boolean);
+    if (tokens.length > 0) {
+        await sendFCMNotificationMany({
+            token: tokens,
+            title,
+            body: desc,
+            data: { id: idContent, category, content: idContent }
+        });
+    }
+
+    const subs = unique
+        .filter((t): t is typeof t & { subscription: string } => Boolean(t.subscription))
+        .map((t) => ({ idUser: t.idUserTo, subscription: t.subscription }));
+    if (subs.length > 0) {
+        await funSendWebPush({ sub: subs, message: { title, body: desc } });
+    }
+}
+
+async function getApproversForDivision(idVillage: string, idDivision: string): Promise<NotifTarget[]> {
+    const [globalApprovers, divisionAdmins] = await Promise.all([
+        prisma.user.findMany({
+            where: {
+                isActive: true,
+                idVillage,
+                OR: [
+                    { isApprover: true },
+                    { UserRole: { id: 'supadmin' } }
+                ]
+            },
+            select: {
+                id: true,
+                TokenDeviceUser: { select: { token: true } },
+                Subscribe: { select: { subscription: true } }
+            }
+        }),
+        prisma.divisionMember.findMany({
+            where: { idDivision, isAdmin: true, isActive: true },
+            select: {
+                User: {
+                    select: {
+                        id: true,
+                        TokenDeviceUser: { select: { token: true } },
+                        Subscribe: { select: { subscription: true } }
+                    }
+                }
+            }
+        })
+    ]);
+
+    const fromGlobal = globalApprovers.map((u) => ({
+        idUserTo: u.id,
+        tokens: u.TokenDeviceUser.map((t) => t.token),
+        subscription: u.Subscribe?.subscription ?? undefined,
+    }));
+
+    const fromAdmin = divisionAdmins.map((m) => ({
+        idUserTo: m.User.id,
+        tokens: m.User.TokenDeviceUser.map((t) => t.token),
+        subscription: m.User.Subscribe?.subscription ?? undefined,
+    }));
+
+    return _.uniqBy([...fromGlobal, ...fromAdmin], 'idUserTo');
+}
+
+async function getUserNotifTarget(userId: string): Promise<NotifTarget | null> {
+    const user = await prisma.user.findUnique({
+        where: { id: userId },
+        select: {
+            id: true,
+            TokenDeviceUser: { select: { token: true } },
+            Subscribe: { select: { subscription: true } }
+        }
+    });
+    if (!user) return null;
+    return {
+        idUserTo: user.id,
+        tokens: user.TokenDeviceUser.map((t) => t.token),
+        subscription: user.Subscribe?.subscription ?? undefined,
+    };
+}
+
+
+// GET — Riwayat approval task divisi
+export async function GET(request: Request, context: { params: { id: string } }) {
+    try {
+        const { id } = context.params;
+        const { searchParams } = new URL(request.url);
+        const user = searchParams.get("user");
+
+        const userMobile = await funGetUserById({ id: String(user) });
+        if (!userMobile.id) {
+            return NextResponse.json({ success: false, message: "Anda harus login untuk mengakses ini" }, { status: 200 });
+        }
+
+        const task = await prisma.divisionProjectTask.count({ where: { id, isActive: true } });
+        if (task === 0) {
+            return NextResponse.json({ success: false, message: "Tugas tidak ditemukan" }, { status: 200 });
+        }
+
+        const data = await prisma.divisionProjectTaskApproval.findMany({
+            where: { idTask: id },
+            orderBy: { createdAt: "desc" },
+            select: {
+                id: true,
+                status: true,
+                note: true,
+                createdAt: true,
+                Submitter: { select: { name: true } },
+                Approver: { select: { name: true } },
+            }
+        });
+
+        const formatted = data.map((v) => ({
+            id: v.id,
+            status: v.status,
+            note: v.note,
+            createdAt: moment(v.createdAt).format("DD MMM YYYY, HH:mm"),
+            submitter: { name: v.Submitter.name },
+            approver: v.Approver ? { name: v.Approver.name } : null,
+        }));
+
+        return NextResponse.json({ success: true, message: "Riwayat approval berhasil ditemukan", data: formatted }, { status: 200 });
+    } catch (error) {
+        console.error(error);
+        return NextResponse.json({ success: false, message: "Gagal mendapatkan riwayat approval (error: 500)", reason: (error as Error).message }, { status: 500 });
+    }
+}
+
+
+// POST — Ajukan selesai
+export async function POST(request: Request, context: { params: { id: string } }) {
+    try {
+        const { id } = context.params;
+        const { user } = await request.json();
+
+        const userMobile = await funGetUserById({ id: String(user) });
+        if (!userMobile.id) {
+            return NextResponse.json({ success: false, message: "Anda harus login untuk mengakses ini" }, { status: 200 });
+        }
+
+        const task = await prisma.divisionProjectTask.findUnique({
+            where: { id, isActive: true },
+            select: { id: true, status: true, idProject: true, idDivision: true, title: true }
+        });
+
+        if (!task) {
+            return NextResponse.json({ success: false, message: "Tugas tidak ditemukan" }, { status: 200 });
+        }
+
+        if (task.status !== 0) {
+            return NextResponse.json({ success: false, message: "Hanya tugas berstatus 'Belum Selesai' yang bisa diajukan" }, { status: 200 });
+        }
+
+        const pendingApproval = await prisma.divisionProjectTaskApproval.count({
+            where: { idTask: id, status: 0 }
+        });
+
+        if (pendingApproval > 0) {
+            return NextResponse.json({ success: false, message: "Tugas sudah dalam proses menunggu persetujuan" }, { status: 200 });
+        }
+
+        await prisma.$transaction([
+            prisma.divisionProjectTaskApproval.create({
+                data: { idTask: id, idUser: userMobile.id, status: 0 }
+            }),
+            prisma.divisionProjectTask.update({
+                where: { id },
+                data: { status: 2 }
+            })
+        ]);
+
+        await recalculateTaskStatus(task.idProject);
+
+        const approverTargets = await getApproversForDivision(String(userMobile.idVillage), task.idDivision);
+        await sendNotification({
+            targets: approverTargets,
+            idUserFrom: userMobile.id,
+            idContent: task.idProject,
+            category: `division/${task.idDivision}/task`,
+            title: 'Pengajuan Penyelesaian Tugas',
+            desc: task.title,
+        });
+
+        await createLogUserMobile({ act: 'CREATE', desc: 'User mengajukan task divisi untuk persetujuan', table: 'divisionProjectTaskApproval', data: id, user: userMobile.id });
+
+        return NextResponse.json({ success: true, message: "Tugas berhasil diajukan untuk persetujuan" }, { status: 200 });
+    } catch (error) {
+        console.error(error);
+        return NextResponse.json({ success: false, message: "Gagal mengajukan tugas (error: 500)", reason: (error as Error).message }, { status: 500 });
+    }
+}
+
+
+// PUT — Setujui atau Tolak
+export async function PUT(request: Request, context: { params: { id: string } }) {
+    try {
+        const { id } = context.params;
+        const { user, action, note } = await request.json();
+
+        if (!['approve', 'reject'].includes(action)) {
+            return NextResponse.json({ success: false, message: "Action tidak valid, gunakan 'approve' atau 'reject'" }, { status: 200 });
+        }
+
+        const userMobile = await funGetUserById({ id: String(user) });
+        if (!userMobile.id) {
+            return NextResponse.json({ success: false, message: "Anda harus login untuk mengakses ini" }, { status: 200 });
+        }
+
+        const canApprove = await getApproverStatus(userMobile.id);
+        if (!canApprove) {
+            // Check if division admin
+            const task = await prisma.divisionProjectTask.findUnique({
+                where: { id, isActive: true },
+                select: { idDivision: true }
+            });
+            if (task) {
+                const isDivAdmin = await prisma.divisionMember.count({
+                    where: { idDivision: task.idDivision, idUser: userMobile.id, isAdmin: true, isActive: true }
+                });
+                if (isDivAdmin === 0) {
+                    return NextResponse.json({ success: false, message: "Anda tidak memiliki izin untuk menyetujui atau menolak tugas" }, { status: 200 });
+                }
+            } else {
+                return NextResponse.json({ success: false, message: "Tugas tidak ditemukan" }, { status: 200 });
+            }
+        }
+
+        const task = await prisma.divisionProjectTask.findUnique({
+            where: { id, isActive: true },
+            select: { id: true, status: true, idProject: true, idDivision: true, title: true }
+        });
+
+        if (!task) {
+            return NextResponse.json({ success: false, message: "Tugas tidak ditemukan" }, { status: 200 });
+        }
+
+        if (task.status !== 2) {
+            return NextResponse.json({ success: false, message: "Tugas tidak sedang menunggu persetujuan" }, { status: 200 });
+        }
+
+        const pendingApproval = await prisma.divisionProjectTaskApproval.findFirst({
+            where: { idTask: id, status: 0 },
+            orderBy: { createdAt: "desc" },
+            select: { id: true, idUser: true }
+        });
+
+        if (!pendingApproval) {
+            return NextResponse.json({ success: false, message: "Data persetujuan pending tidak ditemukan" }, { status: 200 });
+        }
+
+        if (action === 'approve') {
+            await prisma.$transaction([
+                prisma.divisionProjectTaskApproval.update({
+                    where: { id: pendingApproval.id },
+                    data: { status: 1, idApprover: userMobile.id }
+                }),
+                prisma.divisionProjectTask.update({
+                    where: { id },
+                    data: { status: 1 }
+                })
+            ]);
+
+            await recalculateTaskStatus(task.idProject);
+
+            const [submitterTarget, approverTargets] = await Promise.all([
+                getUserNotifTarget(pendingApproval.idUser),
+                getApproversForDivision(String(userMobile.idVillage), task.idDivision),
+            ]);
+            const notifTargets = _.uniqBy([
+                ...(submitterTarget ? [submitterTarget] : []),
+                ...approverTargets,
+            ], 'idUserTo');
+            await sendNotification({
+                targets: notifTargets,
+                idUserFrom: userMobile.id,
+                idContent: task.idProject,
+                category: `division/${task.idDivision}/task`,
+                title: 'Tugas Disetujui',
+                desc: task.title,
+            });
+
+            await createLogUserMobile({ act: 'UPDATE', desc: 'Approver menyetujui task divisi', table: 'divisionProjectTaskApproval', data: id, user: userMobile.id });
+
+            return NextResponse.json({ success: true, message: "Tugas berhasil disetujui" }, { status: 200 });
+        }
+
+        if (!note || String(note).trim() === '') {
+            return NextResponse.json({ success: false, message: "Alasan penolakan wajib diisi" }, { status: 200 });
+        }
+
+        await prisma.$transaction([
+            prisma.divisionProjectTaskApproval.update({
+                where: { id: pendingApproval.id },
+                data: { status: 2, idApprover: userMobile.id, note: String(note).trim() }
+            }),
+            prisma.divisionProjectTask.update({
+                where: { id },
+                data: { status: 0 }
+            })
+        ]);
+
+        await recalculateTaskStatus(task.idProject);
+
+        const [submitterTarget, approverTargets] = await Promise.all([
+            getUserNotifTarget(pendingApproval.idUser),
+            getApproversForDivision(String(userMobile.idVillage), task.idDivision),
+        ]);
+        const notifTargets = _.uniqBy([
+            ...(submitterTarget ? [submitterTarget] : []),
+            ...approverTargets,
+        ], 'idUserTo');
+        await sendNotification({
+            targets: notifTargets,
+            idUserFrom: userMobile.id,
+            idContent: task.idProject,
+            category: `division/${task.idDivision}/task`,
+            title: 'Tugas Ditolak',
+            desc: task.title,
+        });
+
+        await createLogUserMobile({ act: 'UPDATE', desc: 'Approver menolak task divisi', table: 'divisionProjectTaskApproval', data: id, user: userMobile.id });
+
+        return NextResponse.json({ success: true, message: "Tugas berhasil ditolak" }, { status: 200 });
+
+    } catch (error) {
+        console.error(error);
+        return NextResponse.json({ success: false, message: "Gagal memproses persetujuan (error: 500)", reason: (error as Error).message }, { status: 500 });
+    }
+}
--- a/src/app/api/mobile/task/tugas/file/[id]/route.ts
+++ b/src/app/api/mobile/task/tugas/file/[id]/route.ts
@@ -0,0 +1,210 @@
+import { DIR, funUploadFile, prisma } from "@/module/_global";
+import { funGetUserById } from "@/module/auth";
+import { createLogUserMobile } from "@/module/user";
+import { NextResponse } from "next/server";
+
+// GET: daftar file yang terlampir pada DivisionProjectTask
+// [id] = DivisionProjectTask.id
+export async function GET(request: Request, context: { params: { id: string } }) {
+   try {
+      const { id } = context.params;
+      const { searchParams } = new URL(request.url);
+      const userMobile = searchParams.get("user");
+
+      const user = await funGetUserById({ id: String(userMobile) });
+      if (!user.id || user.id === "null") {
+         return NextResponse.json({ success: false, message: "Anda harus login untuk mengakses ini" }, { status: 200 });
+      }
+
+      const data = await prisma.divisionProjectTaskFile.findMany({
+         where: {
+            idTask: id,
+            isActive: true,
+         },
+         select: {
+            id: true,
+            DivisionProjectFile: {
+               select: {
+                  id: true,
+                  ContainerFileDivision: {
+                     select: {
+                        name: true,
+                        extension: true,
+                        idStorage: true,
+                     },
+                  },
+               },
+            },
+         },
+         orderBy: { createdAt: "asc" },
+      });
+
+      const result = data.map((v) => ({
+         id: v.id,
+         idFile: v.DivisionProjectFile.id,
+         name: v.DivisionProjectFile.ContainerFileDivision.name,
+         extension: v.DivisionProjectFile.ContainerFileDivision.extension,
+         idStorage: v.DivisionProjectFile.ContainerFileDivision.idStorage,
+      }));
+
+      return NextResponse.json({ success: true, message: "Berhasil mendapatkan file tugas", data: result }, { status: 200 });
+   } catch (error) {
+      console.error(error);
+      return NextResponse.json({ success: false, message: "Gagal mendapatkan file tugas (error: 500)", reason: (error as Error).message }, { status: 500 });
+   }
+}
+
+// POST: upload file baru ke DivisionProjectTask
+// [id] = DivisionProjectTask.id
+export async function POST(request: Request, context: { params: { id: string } }) {
+   try {
+      const { id } = context.params;
+      const body = await request.formData();
+      const data = JSON.parse(body.get("data") as string);
+
+      const user = await funGetUserById({ id: data.user });
+      if (!user.id || user.id === "null") {
+         return NextResponse.json({ success: false, message: "Anda harus login untuk mengakses ini" }, { status: 200 });
+      }
+
+      const task = await prisma.divisionProjectTask.findUnique({
+         where: { id },
+         select: { id: true, idProject: true, idDivision: true },
+      });
+
+      if (!task) {
+         return NextResponse.json({ success: false, message: "Tugas tidak ditemukan" }, { status: 200 });
+      }
+
+      const hasCekFile = body.has("file0");
+      if (!hasCekFile) {
+         return NextResponse.json({ success: false, message: "Tidak ada file yang dikirim" }, { status: 200 });
+      }
+
+      body.delete("data");
+      for (const [key] of body.entries()) {
+         if (!key.startsWith("file")) continue;
+
+         const file = body.get(key) as File;
+         const fExt = file.name.split(".").pop();
+         const fName = file.name.replace("." + fExt, "");
+
+         const upload = await funUploadFile({ file, dirId: DIR.task });
+         if (!upload.success) continue;
+
+         const container = await prisma.containerFileDivision.create({
+            data: {
+               idDivision: task.idDivision,
+               name: fName,
+               extension: String(fExt),
+               idStorage: upload.data.id,
+            },
+            select: { id: true },
+         });
+
+         const divFile = await prisma.divisionProjectFile.create({
+            data: {
+               idProject: task.idProject,
+               idDivision: task.idDivision,
+               idFile: container.id,
+               createdBy: user.id,
+            },
+            select: { id: true },
+         });
+
+         await prisma.divisionProjectTaskFile.create({
+            data: {
+               idTask: id,
+               idFile: divFile.id,
+            },
+         });
+      }
+
+      await createLogUserMobile({ act: "CREATE", desc: "User menambah file pada tugas divisi", table: "divisionProjectTask", data: id, user: user.id });
+
+      return NextResponse.json({ success: true, message: "Berhasil menambahkan file" }, { status: 200 });
+   } catch (error) {
+      console.error(error);
+      return NextResponse.json({ success: false, message: "Gagal menambahkan file (error: 500)", reason: (error as Error).message }, { status: 500 });
+   }
+}
+
+// PATCH: link DivisionProjectFile yang sudah ada ke DivisionProjectTask
+// Body: { user, idFile }  — idFile = DivisionProjectFile.id
+// [id] = DivisionProjectTask.id
+export async function PATCH(request: Request, context: { params: { id: string } }) {
+   try {
+      const { id } = context.params;
+      const { user: userId, idFile } = await request.json();
+
+      const user = await funGetUserById({ id: String(userId) });
+      if (!user.id || user.id === "null") {
+         return NextResponse.json({ success: false, message: "Anda harus login untuk mengakses ini" }, { status: 200 });
+      }
+
+      const task = await prisma.divisionProjectTask.findUnique({
+         where: { id },
+         select: { id: true },
+      });
+      if (!task) {
+         return NextResponse.json({ success: false, message: "Tugas tidak ditemukan" }, { status: 200 });
+      }
+
+      const file = await prisma.divisionProjectFile.findUnique({
+         where: { id: idFile },
+         select: { id: true },
+      });
+      if (!file) {
+         return NextResponse.json({ success: false, message: "File tidak ditemukan" }, { status: 200 });
+      }
+
+      const existing = await prisma.divisionProjectTaskFile.findFirst({
+         where: { idTask: id, idFile, isActive: true },
+      });
+      if (existing) {
+         return NextResponse.json({ success: false, message: "File sudah terlampir pada tugas ini" }, { status: 200 });
+      }
+
+      await prisma.divisionProjectTaskFile.create({
+         data: { idTask: id, idFile },
+      });
+
+      await createLogUserMobile({ act: "CREATE", desc: "User melampirkan file divisi ke tugas", table: "divisionProjectTask", data: id, user: user.id });
+
+      return NextResponse.json({ success: true, message: "Berhasil melampirkan file" }, { status: 200 });
+   } catch (error) {
+      console.error(error);
+      return NextResponse.json({ success: false, message: "Gagal melampirkan file (error: 500)", reason: (error as Error).message }, { status: 500 });
+   }
+}
+
+// DELETE: hapus lampiran file dari DivisionProjectTask (hapus junction record saja)
+// [id] = DivisionProjectTaskFile.id
+export async function DELETE(request: Request, context: { params: { id: string } }) {
+   try {
+      const { id } = context.params;
+      const { user: userId } = await request.json();
+
+      const user = await funGetUserById({ id: String(userId) });
+      if (!user.id || user.id === "null") {
+         return NextResponse.json({ success: false, message: "Anda harus login untuk mengakses ini" }, { status: 200 });
+      }
+
+      const junction = await prisma.divisionProjectTaskFile.findUnique({
+         where: { id },
+         select: { id: true, idTask: true },
+      });
+      if (!junction) {
+         return NextResponse.json({ success: false, message: "Data tidak ditemukan" }, { status: 200 });
+      }
+
+      await prisma.divisionProjectTaskFile.delete({ where: { id } });
+
+      await createLogUserMobile({ act: "DELETE", desc: "User menghapus lampiran file dari tugas divisi", table: "divisionProjectTask", data: junction.idTask, user: user.id });
+
+      return NextResponse.json({ success: true, message: "Berhasil menghapus lampiran file" }, { status: 200 });
+   } catch (error) {
+      console.error(error);
+      return NextResponse.json({ success: false, message: "Gagal menghapus lampiran file (error: 500)", reason: (error as Error).message }, { status: 500 });
+   }
+}
--- a/src/app/api/mobile/user/[id]/route.ts
+++ b/src/app/api/mobile/user/[id]/route.ts
@@ -23,6 +23,7 @@ export async function GET(request: Request, context: { params: { id: string } })
                img: true,
                idGroup: true,
                isActive: true,
+                isApprover: true,
                idPosition: true,
                UserRole: {
                    select: {
@@ -139,6 +140,37 @@ export async function DELETE(request: Request, context: { params: { id: string }
 }


+// TOGGLE APPROVER STATUS
+export async function PATCH(request: Request, context: { params: { id: string } }) {
+    try {
+        const { id } = context.params;
+        const { user, isApprover } = await request.json();
+
+        if (user == "null" || user == undefined || user == "") {
+            return NextResponse.json({ success: false, message: "Anda harus login untuk mengakses ini" }, { status: 200 });
+        }
+
+        const data = await prisma.user.count({ where: { id } });
+        if (data == 0) {
+            return NextResponse.json({ success: false, message: "Anggota tidak ditemukan" }, { status: 200 });
+        }
+
+        await prisma.user.update({
+            where: { id },
+            data: { isApprover: Boolean(isApprover) },
+        });
+
+        const log = await createLogUserMobile({ act: 'UPDATE', desc: 'User mengupdate status approver anggota', table: 'user', data: id, user });
+
+        return NextResponse.json({ success: true, message: "Berhasil mengupdate status approver anggota" }, { status: 200 });
+
+    } catch (error) {
+        console.error(error);
+        return NextResponse.json({ success: false, message: "Gagal mengupdate status approver, coba lagi nanti (error: 500)", reason: (error as Error).message }, { status: 500 });
+    }
+}
+
+
 // UPDATE MEMBER
 export async function PUT(request: Request, context: { params: { id: string } }) {
    try {
Author	SHA1	Message	Date
amaliadwiy	732e26ca0d	feat: tambah fitur approval task pada project dan divisi - tambah model ProjectTaskApproval dan DivisionProjectTaskApproval di schema prisma - tambah field isApprover pada model User - tambah API approval project task: GET riwayat, POST ajukan, PUT setujui/tolak - tambah API approval division task: GET riwayat, POST ajukan, PUT setujui/tolak - notifikasi dikirim ke approver, admin divisi, dan submitter via FCM, web push, dan in-app - tambah PATCH endpoint untuk toggle isApprover pada mobile user API - perbaiki pengecekan role approver menggunakan UserRole.id	2026-05-07 16:04:11 +08:00
amaliadwiy	b7ce72a41b	Merge pull request 'amalia/06-mei-26' (#43 ) from amalia/06-mei-26 into join Reviewed-on: #43	2026-05-06 17:16:57 +08:00
amaliadwiy	1f408e31c2	fix: ubah format tanggal tugas dari DD-MM-YYYY menjadi DD MMM YYYY Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>	2026-05-06 16:24:46 +08:00
amaliadwiy	be0cd94d8d	feat: tambah API lampiran file pada tugas kegiatan dan tugas divisi	2026-05-06 12:32:34 +08:00
amaliadwiy	2b71c729ad	feat: tambah model ProjectTaskFile dan DivisionProjectTaskFile Menambahkan relasi file ke task pada project dan division project.	2026-05-06 10:54:12 +08:00
amaliadwiy	3ce5e14a6c	Merge pull request 'amalia/04-mei-26' (#42 ) from amalia/04-mei-26 into join Reviewed-on: #42	2026-05-04 17:06:53 +08:00