From 58ac3a4f1b700dce8a721bdd1f26264b73e93ce2 Mon Sep 17 00:00:00 2001
From: deyvisonwanderley <deyvison.wanderley@gmail.com>
Date: Sat, 22 Nov 2025 21:01:27 -0300
Subject: [PATCH] feat: implement user authentication checks for queries in
 registro-pontos page

- Added authentication verification to conditionally execute queries for fetching employees, point records, statistics, and configuration settings based on user authentication status.
- Introduced a derived variable to manage the authenticated state of the user, enhancing security and ensuring that data is only accessible to logged-in users.
---
 .../registro-pontos/+page.svelte              | 26 +++++++++++++++----
 1 file changed, 21 insertions(+), 5 deletions(-)

diff --git a/apps/web/src/routes/(dashboard)/recursos-humanos/registro-pontos/+page.svelte b/apps/web/src/routes/(dashboard)/recursos-humanos/registro-pontos/+page.svelte
index 9778a74..7567fc1 100644
--- a/apps/web/src/routes/(dashboard)/recursos-humanos/registro-pontos/+page.svelte
+++ b/apps/web/src/routes/(dashboard)/recursos-humanos/registro-pontos/+page.svelte
@@ -33,6 +33,10 @@
 	let chartCanvas: HTMLCanvasElement;
 	let chartInstance: Chart | null = null;
 
+	// Verificar autenticação primeiro
+	const currentUserQuery = useQuery(api.auth.getCurrentUser, {});
+	const usuarioAutenticado = $derived(currentUserQuery?.data !== null && currentUserQuery?.data !== undefined);
+
 	// Parâmetros reativos para queries
 	const registrosParams = $derived({
 		funcionarioId: funcionarioIdFiltro && funcionarioIdFiltro !== '' ? funcionarioIdFiltro : undefined,
@@ -45,11 +49,23 @@
 		funcionarioId: funcionarioIdFiltro && funcionarioIdFiltro !== '' ? funcionarioIdFiltro : undefined,
 	});
 
-	// Queries
-	const funcionariosQuery = useQuery(api.funcionarios.getAll, {});
-	const registrosQuery = useQuery(api.pontos.listarRegistrosPeriodo, registrosParams);
-	const estatisticasQuery = useQuery(api.pontos.obterEstatisticas, estatisticasParams);
-	const configQuery = useQuery(api.configuracaoPonto.obterConfiguracao, {});
+	// Queries condicionais - só executar se usuário estiver autenticado
+	const funcionariosQuery = useQuery(
+		api.funcionarios.getAll,
+		usuarioAutenticado ? {} : 'skip'
+	);
+	const registrosQuery = useQuery(
+		api.pontos.listarRegistrosPeriodo,
+		usuarioAutenticado ? registrosParams : 'skip'
+	);
+	const estatisticasQuery = useQuery(
+		api.pontos.obterEstatisticas,
+		usuarioAutenticado ? estatisticasParams : 'skip'
+	);
+	const configQuery = useQuery(
+		api.configuracaoPonto.obterConfiguracao,
+		usuarioAutenticado ? {} : 'skip'
+	);
 
 	const funcionarios = $derived(funcionariosQuery?.data || []);
 	const registros = $derived(registrosQuery?.data || []);