Local-first runtime cleanup and recovery hardening

2026-03-07 23:18:07 +03:00
parent 4e977737ee
commit 06397a6bd1
53 changed files with 1856 additions and 2080 deletions
--- a/2
+++ b/2
--- a/bible-local/01-overview.md
+++ b/bible-local/01-overview.md
@@ -3,7 +3,7 @@
 ## What is QuoteForge
 A corporate server configuration and quotation tool.
-Operates in **strict local-first** mode: all user operations go through local SQLite; MariaDB is used only for synchronization.
+Operates in **strict local-first** mode: all user operations go through local SQLite; MariaDB is used only by synchronization and dedicated setup/migration tooling.
 ---
@@ -18,14 +18,14 @@ Operates in **strict local-first** mode: all user operations go through local SQ
 - Full offline operation — continue working without network, sync later
 - Guarded synchronization — sync is blocked by preflight check if local schema is not ready
-### User Roles
+### Local Client Security Model
-| Role | Permissions |
+QuoteForge is currently a **single-user thick client** bound to `localhost`.
-|------|-------------|
+
-| `viewer` | View, create quotes, export |
+- The local HTTP/UI layer is not treated as a multi-user security boundary.
-| `editor` | + save configurations |
+- RBAC is not part of the active product contract for the local client.
-| `pricing_admin` | + manage prices and alerts |
+- The authoritative authentication boundary is the remote sync server and its DB credentials captured during setup.
-| `admin` | Full access, user management |
+- If the app is ever exposed beyond `localhost`, auth/RBAC must be reintroduced as an enforced perimeter before release.
 ### Price Freshness Indicators
@@ -45,7 +45,7 @@ Operates in **strict local-first** mode: all user operations go through local SQ
 | Backend | Go 1.22+, Gin, GORM |
 | Frontend | HTML, Tailwind CSS, htmx |
 | Local DB | SQLite (`qfs.db`) |
-| Server DB | MariaDB 11+ (sync + server admin) |
+| Server DB | MariaDB 11+ (sync transport only for app runtime) |
 | Export | encoding/csv, excelize (XLSX) |
 ---
@@ -82,7 +82,6 @@ quoteforge/
 │   ├── db/                       # DB initialization
 │   ├── handlers/                 # HTTP handlers
 │   ├── localdb/                  # SQLite layer
 │   ├── lotmatch/                 # Lot matching logic
 │   ├── middleware/               # Auth, CORS, etc.
 │   ├── models/                   # GORM models
 │   ├── repository/               # Repository layer
@@ -101,23 +100,30 @@ quoteforge/
 ## Integration with Existing DB
-QuoteForge integrates with the existing `RFQ_LOG` database:
+QuoteForge integrates with the existing `RFQ_LOG` database.
 Hard boundary:
 - normal runtime HTTP handlers, UI flows, pricing, export, BOM resolution, and project/config CRUD must use SQLite only;
 - MariaDB access is allowed only inside `internal/services/sync/*` and dedicated setup/migration tools under `cmd/`;
 - any new direct MariaDB query in non-sync runtime code is an architectural violation.
 **Read-only:**
 - `lot` — component catalog
 - `qt_lot_metadata` — extended component data
 - `qt_categories` — categories
 - `qt_pricelists`, `qt_pricelist_items` — pricelists
 - `stock_log` — stock quantities consumed during sync enrichment
 - `qt_partnumber_books`, `qt_partnumber_book_items` — partnumber book snapshots consumed during sync pull
 **Read + Write:**
 - `qt_configurations` — configurations
 - `qt_projects` — projects
 **Sync service tables:**
 - `qt_client_local_migrations` — migration catalog (SELECT only)
 - `qt_client_schema_state` — applied migrations state and operational client status per device (`username + hostname`)
  Fields written by QuoteForge:
-  `last_applied_migration_id`, `app_version`, `last_sync_at`, `last_sync_status`,
+  `app_version`, `last_sync_at`, `last_sync_status`,
  `pending_changes_count`, `pending_errors_count`, `configurations_count`, `projects_count`,
  `estimate_pricelist_version`, `warehouse_pricelist_version`, `competitor_pricelist_version`,
  `last_sync_error_code`, `last_sync_error_text`, `last_checked_at`, `updated_at`
--- a/bible-local/02-architecture.md
+++ b/bible-local/02-architecture.md
@@ -21,6 +21,36 @@ MariaDB (RFQ_LOG)        ← pull/push only
 - If MariaDB is unavailable → local work continues without restrictions
 - Changes are queued in `pending_changes` and pushed on next sync
 ## MariaDB Boundary
 MariaDB is not part of the runtime read/write path for user features.
 Hard rules:
 - HTTP handlers, web pages, quote calculation, export, vendor BOM resolution, pricelist browsing, project browsing, and configuration CRUD must read/write SQLite only.
 - MariaDB access from the app runtime is allowed only inside the sync subsystem (`internal/services/sync/*`) for explicit pull/push work.
 - Dedicated tooling under `cmd/migrate` and `cmd/migrate_ops_projects` may access MariaDB for operator-run schema/data migration tasks.
 - Setup may test/store connection settings, but after setup the application must treat MariaDB as sync transport only.
 - Any new repository/service/handler that issues MariaDB queries outside sync is a regression and must be rejected in review.
 - Local SQLite migrations are code-defined only (`AutoMigrate` + `runLocalMigrations`); there is no server-driven client migration registry.
 - Read-only local sync caches are disposable. If a local cache table cannot be migrated safely at startup, the client may quarantine/reset that cache and continue booting.
 Forbidden patterns:
 - calling `connMgr.GetDB()` from non-sync runtime business code;
 - constructing MariaDB-backed repositories in handlers for normal user requests;
 - using MariaDB as online fallback for reads when local SQLite already contains the synced dataset;
 - adding UI/API features that depend on live MariaDB availability.
 ## Local Client Boundary
 The running app is a localhost-only thick client.
 - Browser/UI requests on the local machine are treated as part of the same trusted user session.
 - Local routes are not modeled as a hardened multi-user API perimeter.
 - Authorization to the central server happens through the saved MariaDB connection configured during setup.
 - Any future deployment that binds beyond `127.0.0.1` must add enforced auth/RBAC before exposure.
 ---
 ## Synchronization
@@ -61,6 +91,7 @@ pending_changes                         pending_changes
 | Projects | Client ↔ Server ↔ Other Clients |
 | Pricelists | Server → Clients only (no push) |
 | Components | Server → Clients only |
 | Partnumber books | Server → Clients only |
 Local pricelists not present on the server and not referenced by active configurations are deleted automatically on sync.
@@ -75,8 +106,7 @@ Configurations and projects are **never hard-deleted**. Deletion is archive via
 Before every push/pull, a preflight check runs:
 1. Is the server (MariaDB) reachable?
-2. Can centralized local DB migrations be applied?
+2. Is the local client schema initialized and writable?
 3. Does the application version satisfy `min_app_version` of pending migrations?
 **If the check fails:**
 - Local CRUD continues without restriction
@@ -91,6 +121,7 @@ Before every push/pull, a preflight check runs:
 **Prices come only from `local_pricelist_items`.**
 Components (`local_components`) are metadata-only — they contain no pricing information.
 Stock enrichment for pricelist rows is persisted into `local_pricelist_items` during sync; UI/runtime must not resolve it live from MariaDB.
 ### Lookup Pattern
--- a/bible-local/03-database.md
+++ b/bible-local/03-database.md
@@ -14,6 +14,12 @@ File: `qfs.db` in the user-state directory (see [05-config.md](05-config.md)).
 | `connection_settings` | MariaDB connection settings | key-value store |
 | `app_settings` | Application settings | `key` (PK), `value`, `updated_at` |
 Read-only cache contract:
 - `local_components`, `local_pricelists`, `local_pricelist_items`, `local_partnumber_books`, and `local_partnumber_book_items` are synchronized caches, not user-authored data.
 - Startup must prefer application availability over preserving a broken cache schema.
 - If one of these tables cannot be migrated safely, the client may quarantine or drop it and recreate it empty; the next sync repopulates it.
 #### Pricelists
 | Table | Purpose | Key Fields |
@@ -26,12 +32,10 @@ File: `qfs.db` in the user-state directory (see [05-config.md](05-config.md)).
 | Table | Purpose | Key Fields |
 |-------|---------|------------|
 | `local_partnumber_books` | Version snapshots of PN→LOT mappings | `id`, `server_id` (unique), `version`, `created_at`, `is_active` |
-| `local_partnumber_book_items` | PN→LOT mapping rows | `id`, `book_id` (FK), `partnumber`, `lot_name`, `is_primary_pn` |
+| `local_partnumber_book_items` | Canonical PN catalog rows | `id`, `partnumber`, `lots_json`, `description` |
 Active book: `WHERE is_active=1 ORDER BY created_at DESC, id DESC LIMIT 1`
 `is_primary_pn=1` means this PN's quantity in the vendor BOM determines qty(LOT). If only non-primary PNs are present for a LOT, qty defaults to 1.
 #### Configurations and Projects
 | Table | Purpose | Key Fields |
@@ -100,17 +104,13 @@ Database: `RFQ_LOG`
 | `qt_categories` | Component categories | SELECT |
 | `qt_pricelists` | Pricelists | SELECT |
 | `qt_pricelist_items` | Pricelist line items | SELECT |
-| `lot_partnumbers` | Partnumber → lot mapping (pricelist enrichment) | SELECT |
+| `stock_log` | Latest stock qty by partnumber (pricelist enrichment during sync only) | SELECT |
 | `stock_log` | Latest stock qty by partnumber (pricelist enrichment) | SELECT |
 | `qt_configurations` | Saved configurations (includes `line_no`) | SELECT, INSERT, UPDATE |
 | `lot_partnumbers` | Partnumber → lot mapping (pricelist enrichment) | SELECT |
 | `stock_log` | Latest stock qty by partnumber (pricelist enrichment) | SELECT |
 | `qt_projects` | Projects | SELECT, INSERT, UPDATE |
 | `qt_client_local_migrations` | Migration catalog | SELECT only |
 | `qt_client_schema_state` | Applied migrations state + client operational status per `username + hostname` | SELECT, INSERT, UPDATE |
 | `qt_pricelist_sync_status` | Pricelist sync status | SELECT, INSERT, UPDATE |
-| `qt_partnumber_books` | Partnumber book snapshots (written by PriceForge) | SELECT |
+| `qt_partnumber_books` | Partnumber book headers with snapshot membership in `partnumbers_json` (written by PriceForge) | SELECT |
-| `qt_partnumber_book_items` | PN→LOT mapping rows (written by PriceForge) | SELECT |
+| `qt_partnumber_book_items` | Canonical PN catalog with `lots_json` composition (written by PriceForge) | SELECT |
 | `qt_vendor_partnumber_seen` | Vendor PN tracking for unresolved/ignored BOM rows (`is_ignored`) | INSERT only for new `partnumber`; existing rows must not be modified |
 Legacy server tables not used by QuoteForge runtime anymore:
@@ -124,11 +124,36 @@ QuoteForge canonical BOM storage is:
 - `qt_configurations.vendor_spec`
 - row-level PN -> multiple LOT decomposition in `vendor_spec[].lot_mappings[]`
 Partnumber book server read contract:
 1. Read active or target book from `qt_partnumber_books`.
 2. Parse `partnumbers_json`.
 3. Load payloads from `qt_partnumber_book_items WHERE partnumber IN (...)`.
 Pricelist stock enrichment contract:
 1. Sync pulls base pricelist rows from `qt_pricelist_items`.
 2. Sync reads latest stock quantities from `stock_log`.
 3. Sync resolves `partnumber -> lot` through the local mirror of `qt_partnumber_book_items` (`local_partnumber_book_items.lots_json`).
 4. Sync stores enriched `available_qty` and `partnumbers` into `local_pricelist_items`.
 Runtime rule:
 - pricelist UI and quote logic read only `local_pricelist_items`;
 - runtime code must not query `stock_log`, `qt_pricelist_items`, or `qt_partnumber_book_items` directly outside sync.
 `qt_partnumber_book_items` no longer contains `book_id` or `lot_name`.
 It stores one row per `partnumber` with:
 - `partnumber`
 - `lots_json` as `[{"lot_name":"CPU_X","qty":2}, ...]`
 - `description`
 `qt_client_schema_state` current contract:
 - identity key: `username + hostname`
- migration state:
+- client/runtime state:
-  `last_applied_migration_id`, `app_version`, `last_checked_at`, `updated_at`
+  `app_version`, `last_checked_at`, `updated_at`
 - operational state:
  `last_sync_at`, `last_sync_status`
 - queue health:
@@ -154,13 +179,11 @@ GRANT SELECT ON RFQ_LOG.qt_lot_metadata TO '<DB_USER>'@'%';
 GRANT SELECT ON RFQ_LOG.qt_categories TO '<DB_USER>'@'%';
 GRANT SELECT ON RFQ_LOG.qt_pricelists TO '<DB_USER>'@'%';
 GRANT SELECT ON RFQ_LOG.qt_pricelist_items TO '<DB_USER>'@'%';
 GRANT SELECT ON RFQ_LOG.lot_partnumbers TO '<DB_USER>'@'%';
 GRANT SELECT ON RFQ_LOG.stock_log TO '<DB_USER>'@'%';
 GRANT SELECT, INSERT, UPDATE ON RFQ_LOG.qt_configurations TO '<DB_USER>'@'%';
 GRANT SELECT, INSERT, UPDATE ON RFQ_LOG.qt_projects TO '<DB_USER>'@'%';
 GRANT SELECT ON RFQ_LOG.qt_client_local_migrations TO '<DB_USER>'@'%';
 GRANT SELECT, INSERT, UPDATE ON RFQ_LOG.qt_client_schema_state TO '<DB_USER>'@'%';
 GRANT SELECT, INSERT, UPDATE ON RFQ_LOG.qt_pricelist_sync_status TO '<DB_USER>'@'%';
@@ -181,11 +204,9 @@ GRANT SELECT ON RFQ_LOG.qt_lot_metadata TO 'quote_user'@'%';
 GRANT SELECT ON RFQ_LOG.qt_categories TO 'quote_user'@'%';
 GRANT SELECT ON RFQ_LOG.qt_pricelists TO 'quote_user'@'%';
 GRANT SELECT ON RFQ_LOG.qt_pricelist_items TO 'quote_user'@'%';
 GRANT SELECT ON RFQ_LOG.lot_partnumbers TO 'quote_user'@'%';
 GRANT SELECT ON RFQ_LOG.stock_log TO 'quote_user'@'%';
 GRANT SELECT, INSERT, UPDATE ON RFQ_LOG.qt_configurations TO 'quote_user'@'%';
 GRANT SELECT, INSERT, UPDATE ON RFQ_LOG.qt_projects TO 'quote_user'@'%';
 GRANT SELECT ON RFQ_LOG.qt_client_local_migrations TO 'quote_user'@'%';
 GRANT SELECT, INSERT, UPDATE ON RFQ_LOG.qt_client_schema_state TO 'quote_user'@'%';
 GRANT SELECT, INSERT, UPDATE ON RFQ_LOG.qt_pricelist_sync_status TO 'quote_user'@'%';
 GRANT SELECT ON RFQ_LOG.qt_partnumber_books TO 'quote_user'@'%';
@@ -196,7 +217,7 @@ FLUSH PRIVILEGES;
 SHOW GRANTS FOR 'quote_user'@'%';
 ```
-**Note:** If pricelists sync but show `0` positions (or logs contain `enriching pricelist items with stock` + `SELECT denied`), verify `SELECT` on `lot_partnumbers` and `stock_log` in addition to `qt_pricelist_items`.
+**Note:** If pricelists sync but stock enrichment is empty, verify `SELECT` on `qt_pricelist_items`, `qt_partnumber_books`, `qt_partnumber_book_items`, and `stock_log`.
 **Note:** If you see `Access denied for user ...@'<ip>'`, check for conflicting user entries (user@localhost vs user@'%').
@@ -204,17 +225,24 @@ SHOW GRANTS FOR 'quote_user'@'%';
 ## Migrations
-### SQLite Migrations (local) — три уровня, выполняются при каждом старте
+### SQLite Migrations (local) — два уровня, выполняются при каждом старте
 **1. GORM AutoMigrate** (`internal/localdb/localdb.go`) — первый и основной уровень.
 Список Go-моделей передаётся в `db.AutoMigrate(...)`. GORM создаёт отсутствующие таблицы и добавляет новые колонки. Колонки и таблицы **не удаляет**.
 Local SQLite partnumber book cache contract:
 - `local_partnumber_books.partnumbers_json` stores PN membership for a pulled book.
 - `local_partnumber_book_items` is a deduplicated local catalog by `partnumber`.
 - `local_partnumber_book_items.lots_json` mirrors the server `lots_json` payload.
 - SQLite migration `2026_03_07_local_partnumber_book_catalog` rebuilds old `book_id + lot_name` rows into the new local cache shape.
 → Для добавления новой таблицы или колонки достаточно добавить модель/поле и включить модель в AutoMigrate.
 **2. `runLocalMigrations`** (`internal/localdb/migrations.go`) — второй уровень, для операций которые AutoMigrate не умеет: backfill данных, пересоздание таблиц, создание индексов.
 Каждая функция выполняется один раз — идемпотентность через запись `id` в `local_schema_migrations`.
-**3. Централизованные (server-side)** — третий уровень, при проверке готовности к синку.
+QuoteForge does not use centralized server-driven SQLite migrations.
-SQL-тексты хранятся в `qt_client_local_migrations` (MariaDB, пишет только PriceForge). Клиент читает, применяет к локальной SQLite, записывает в `local_remote_migrations_applied` + `qt_client_schema_state`.
+All local SQLite schema/data migrations live in the client codebase.
 ### MariaDB Migrations (server-side)
--- a/bible-local/05-config.md
+++ b/bible-local/05-config.md
@@ -23,6 +23,18 @@ Override: `-config <path>` or `QFS_CONFIG_PATH`.
 **Important:** `config.yaml` is a runtime user file — it is **not stored in the repository**.
 `config.example.yaml` is the only config template in the repo.
 ### Local encryption key
 Saved MariaDB credentials in SQLite are encrypted with:
 1. `QUOTEFORGE_ENCRYPTION_KEY` if explicitly provided, otherwise
 2. an application-managed random key file stored at `<state dir>/local_encryption.key`.
 Rules:
 - The key file is created automatically with mode `0600`.
 - The key file is not committed and is not included in normal backups.
 - Restoring `qfs.db` on another machine requires re-entering DB credentials unless the key file is migrated separately.
 ---
 ## config.yaml Structure
@@ -53,12 +65,12 @@ backup:
 | `QFS_CONFIG_PATH` | Full path to `config.yaml` | OS-specific user state dir |
 | `QFS_BACKUP_DIR` | Root directory for rotating backups | `<db dir>/backups` |
 | `QFS_BACKUP_DISABLE` | Disable automatic backups | — |
 | `QUOTEFORGE_ENCRYPTION_KEY` | Explicit override for local credential encryption key | app-managed key file |
 | `QF_DB_HOST` | MariaDB host | localhost |
 | `QF_DB_PORT` | MariaDB port | 3306 |
 | `QF_DB_NAME` | Database name | RFQ_LOG |
 | `QF_DB_USER` | DB user | — |
 | `QF_DB_PASSWORD` | DB password | — |
 | `QF_JWT_SECRET` | JWT secret | — |
 | `QF_SERVER_PORT` | HTTP server port | 8080 |
 `QFS_BACKUP_DISABLE` accepts: `1`, `true`, `yes`.
--- a/bible-local/06-backup.md
+++ b/bible-local/06-backup.md
@@ -34,6 +34,11 @@ backup:
 - `QFS_BACKUP_DIR` — backup root directory (default: `<db dir>/backups`)
 - `QFS_BACKUP_DISABLE` — disable backups (`1/true/yes`)
 **Safety rules:**
 - Backup root must resolve outside any git worktree.
 - If `qfs.db` is placed inside a repository checkout, default backups are rejected until `QFS_BACKUP_DIR` points outside the repo.
 - Backup archives intentionally do **not** include `local_encryption.key`; restored installations on another machine must re-enter DB credentials.
 ---
 ## Behavior
@@ -76,6 +81,7 @@ type BackupConfig struct {
 - `.period.json` is the marker that prevents duplicate backups within the same period
 - Archive filenames contain only the date; uniqueness is ensured by per-period directories + the period marker
 - When changing naming or retention: update both the filename logic and the prune logic together
 - Git worktree detection is path-based (`.git` ancestor check) and blocks backup creation inside the repo tree
 ---
--- a/bible-local/07-dev.md
+++ b/bible-local/07-dev.md
@@ -60,6 +60,11 @@ The following components were **intentionally removed** and must not be brought
 - Any sync changes must preserve local-first behavior
 - Local CRUD must not be blocked when MariaDB is unavailable
 - Runtime business code must not query MariaDB directly; all normal reads/writes go through SQLite snapshots
 - Direct MariaDB access is allowed only in `internal/services/sync/*` and dedicated setup/migration tools under `cmd/`
 - `connMgr.GetDB()` in handlers/services outside sync is a code review failure unless the code is strictly setup or operator tooling
 - Local SQLite migrations must be implemented in code; do not add a server-side registry of client SQLite SQL patches
 - Read-only local cache tables may be reset during startup recovery if migration fails; do not apply that strategy to user-authored tables like configurations, projects, pending changes, or connection settings
 ### Formats and UI
@@ -108,7 +113,7 @@ if found && price > 0 {
 1. **`CurrentPrice` removed from components** — any code using it will fail to compile
 2. **`HasPrice` filter removed** — `component.go ListComponents` no longer supports this filter
-3. **Quote calculation:** always offline-first (SQLite); online path is separate
+3. **Quote calculation:** always SQLite-only; do not add a live MariaDB fallback
 4. **Items JSON:** prices are stored in the `items` field of the configuration, not fetched from components
 5. **Migrations are additive:** already-applied migrations are skipped (checked by `id` in `local_schema_migrations`)
 6. **`SyncedAt` removed:** last component sync time is now in `app_settings` (key=`last_component_sync`)
--- a/bible-local/09-vendor-spec.md
+++ b/bible-local/09-vendor-spec.md
@@ -105,13 +105,11 @@ CREATE TABLE local_partnumber_books (
 CREATE TABLE local_partnumber_book_items (
    id            INTEGER PRIMARY KEY AUTOINCREMENT,
    book_id       INTEGER NOT NULL,      -- FK → local_partnumber_books.id
    partnumber    TEXT    NOT NULL,
-    lot_name      TEXT    NOT NULL,
+    lots_json     TEXT    NOT NULL,
    is_primary_pn INTEGER NOT NULL DEFAULT 0,
    description   TEXT
 );
-CREATE INDEX idx_local_book_pn ON local_partnumber_book_items(book_id, partnumber);
+CREATE UNIQUE INDEX idx_local_book_pn ON local_partnumber_book_items(partnumber);
 ```
 **Active book query:** `WHERE is_active=1 ORDER BY created_at DESC, id DESC LIMIT 1`
@@ -125,18 +123,16 @@ CREATE TABLE qt_partnumber_books (
    id         INT AUTO_INCREMENT PRIMARY KEY,
    version    VARCHAR(50)  NOT NULL,
    created_at DATETIME     NOT NULL DEFAULT CURRENT_TIMESTAMP,
-    is_active  TINYINT(1)   NOT NULL DEFAULT 1
+    is_active  TINYINT(1)   NOT NULL DEFAULT 1,
    partnumbers_json LONGTEXT NOT NULL
 );
 CREATE TABLE qt_partnumber_book_items (
    id            INT AUTO_INCREMENT PRIMARY KEY,
    book_id       INT          NOT NULL,
    partnumber    VARCHAR(255) NOT NULL,
-    lot_name      VARCHAR(255) NOT NULL,
+    lots_json     LONGTEXT     NOT NULL,
    is_primary_pn TINYINT(1)   NOT NULL DEFAULT 0,
    description   VARCHAR(10000) NULL,
-    INDEX idx_book_pn (book_id, partnumber),
+    UNIQUE KEY uq_qt_partnumber_book_items_partnumber (partnumber)
    FOREIGN KEY (book_id) REFERENCES qt_partnumber_books(id)
 );
 ALTER TABLE qt_configurations ADD COLUMN vendor_spec JSON NULL;
@@ -150,19 +146,14 @@ GRANT SELECT ON RFQ_LOG.qt_partnumber_books TO '<DB_USER>'@'%';
 GRANT SELECT ON RFQ_LOG.qt_partnumber_book_items TO '<DB_USER>'@'%';
 ```
 ### `is_primary_pn` semantics
 - `1` = primary PN for this `lot_name`. Its quantity in the vendor BOM determines `qty(LOT)`.
 - `0` = non-primary (trigger) PN. If no primary PN for the LOT is found in BOM, contributes `qty=1`.
 ---
 ## Resolution Algorithm (3-step)
 For each `vendor_partnumber` in the BOM, QuoteForge builds/updates UI-visible LOT mappings:
-1. **Active book lookup** — query `local_partnumber_book_items WHERE book_id = activeBook.id AND partnumber = ?`.
+1. **Active book lookup** — read active `local_partnumber_books`, verify PN membership in `partnumbers_json`, then query `local_partnumber_book_items WHERE partnumber = ?`.
-2. **Populate BOM UI** — if a match exists, BOM row shows a LOT value (user can still edit it).
+2. **Populate BOM UI** — if a match exists, BOM row gets `lot_mappings[]` from `lots_json` (user can still edit it).
 3. **Unresolved** — red row + inline LOT input with strict autocomplete.
 Persistence note: the application stores the final user-visible mappings in `lot_mappings[]` (not separate "resolved/manual" persisted fields).
@@ -264,7 +255,7 @@ Each imported row maps into one `VendorSpecItem`:
 - `description` <- `ProductDescription`
 - `unit_price` <- `UnitListPrice.FinancialAmount.MonetaryAmount` when present
 - `total_price` <- `quantity * unit_price` when unit price is present
- `lot_mappings` <- resolved immediately from the active partnumber book when a unique match exists
+- `lot_mappings` <- resolved immediately from the active partnumber book using `lots_json`
 The importer stores vendor-native rows in `vendor_spec`, then immediately runs the same logical flow as BOM
 Resolve + Apply:
@@ -366,19 +357,15 @@ For QuoteForge product behavior, the correct user-facing interpretation is:
 ## Qty Aggregation Logic
-After resolution, qty per LOT is computed as:
+After resolution, qty per LOT is computed from the BOM row quantity multiplied by the matched `lots_json.qty`:
 ```
-qty(lot) = SUM(quantity of rows where is_primary_pn=1 AND resolved_lot=lot)
+qty(lot) = SUM(quantity_of_pn_row * quantity_of_lot_inside_lots_json)
           if at least one primary PN for this lot was found in BOM
         = 1
           if only non-primary PNs for this lot were found
 ```
-Examples (book: LOT_A → x1[primary], x2, x3):
+Examples (book: PN_X → `[{LOT_A, qty:2}, {LOT_B, qty:1}]`):
- BOM: x2×1, x3×2 → 1×LOT_A (no primary PN)
+- BOM: PN_X ×3 → `LOT_A ×6`, `LOT_B ×3`
- BOM: x1×2, x2×1 → 2×LOT_A (primary qty=2)
+- BOM: PN_X ×1 and PN_X ×2 → `LOT_A ×6`, `LOT_B ×3`
 - BOM: x1×1, x2×3 → 1×LOT_A (primary qty=1)
 ---
@@ -529,6 +516,13 @@ ON DUPLICATE KEY UPDATE
 Uniqueness key: `partnumber` only (after PriceForge migration 025). PriceForge uses this table for populating the partnumber book.
 Partnumber book sync contract:
 - PriceForge writes membership snapshots to `qt_partnumber_books.partnumbers_json`.
 - PriceForge writes canonical PN payloads to `qt_partnumber_book_items`.
 - QuoteForge syncs book headers first, then pulls PN payloads with:
  `SELECT partnumber, lots_json, description FROM qt_partnumber_book_items WHERE partnumber IN (...)`
 ## BOM Persistence
 - `vendor_spec` is saved to server via `PUT /api/configs/:uuid/vendor-spec`.
--- a/cmd/qfs/main.go
+++ b/cmd/qfs/main.go
@@ -32,7 +32,6 @@ import (
 	"git.mchus.pro/mchus/quoteforge/internal/localdb"
 	"git.mchus.pro/mchus/quoteforge/internal/middleware"
 	"git.mchus.pro/mchus/quoteforge/internal/models"
 	"git.mchus.pro/mchus/quoteforge/internal/repository"
 	"git.mchus.pro/mchus/quoteforge/internal/services"
 	"git.mchus.pro/mchus/quoteforge/internal/services/sync"
 	"github.com/gin-gonic/gin"
@@ -151,29 +150,25 @@ func main() {
 	setupLogger(cfg.Logging)
-	// Create connection manager and try to connect immediately if settings exist
+	// Create connection manager. Runtime stays local-first; MariaDB is used on demand by sync/setup only.
 	connMgr := db.NewConnectionManager(local)
 	dbUser := local.GetDBUser()
 	// Try to connect to MariaDB on startup
 	mariaDB, err := connMgr.GetDB()
 	if err != nil {
 		slog.Warn("failed to connect to MariaDB on startup, starting in offline mode", "error", err)
 		mariaDB = nil
 	} else {
 		slog.Info("successfully connected to MariaDB on startup")
 	}
 	slog.Info("starting QuoteForge server",
 		"version", Version,
 		"host", cfg.Server.Host,
 		"port", cfg.Server.Port,
 		"db_user", dbUser,
-		"online", mariaDB != nil,
+		"online", false,
 	)
 	if *migrate {
 		mariaDB, err := connMgr.GetDB()
 		if err != nil {
 			slog.Error("cannot run migrations: database not available", "error", err)
 			os.Exit(1)
 		}
 		if mariaDB == nil {
 			slog.Error("cannot run migrations: database not available")
 			os.Exit(1)
@@ -190,39 +185,10 @@ func main() {
 		slog.Info("migrations completed")
 	}
 	// Always apply SQL migrations on startup when database is available.
 	// This keeps schema in sync for long-running installations without manual steps.
 	// If current DB user does not have enough privileges, continue startup in normal mode.
 	if mariaDB != nil {
 		sqlMigrationsPath := filepath.Join("migrations")
 		needsMigrations, err := models.NeedsSQLMigrations(mariaDB, sqlMigrationsPath)
 		if err != nil {
 			if models.IsMigrationPermissionError(err) {
 				slog.Info("startup SQL migrations skipped: insufficient database privileges", "path", sqlMigrationsPath, "error", err)
 			} else {
 				slog.Error("startup SQL migrations check failed", "path", sqlMigrationsPath, "error", err)
 				os.Exit(1)
 			}
 		} else if needsMigrations {
 			if err := models.RunSQLMigrations(mariaDB, sqlMigrationsPath); err != nil {
 				if models.IsMigrationPermissionError(err) {
 					slog.Info("startup SQL migrations skipped: insufficient database privileges", "path", sqlMigrationsPath, "error", err)
 				} else {
 					slog.Error("startup SQL migrations failed", "path", sqlMigrationsPath, "error", err)
 					os.Exit(1)
 				}
 			} else {
 				slog.Info("startup SQL migrations applied", "path", sqlMigrationsPath)
 			}
 		} else {
 			slog.Debug("startup SQL migrations not needed", "path", sqlMigrationsPath)
 		}
 	}
 	gin.SetMode(cfg.Server.Mode)
 	restartSig := make(chan struct{}, 1)
-	router, syncService, err := setupRouter(cfg, local, connMgr, mariaDB, dbUser, restartSig)
+	router, syncService, err := setupRouter(cfg, local, connMgr, dbUser, restartSig)
 	if err != nil {
 		slog.Error("failed to setup router", "error", err)
 		os.Exit(1)
@@ -672,46 +638,14 @@ func setupDatabaseFromDSN(dsn string) (*gorm.DB, error) {
 	return db, nil
 }
-func setupRouter(cfg *config.Config, local *localdb.LocalDB, connMgr *db.ConnectionManager, mariaDB *gorm.DB, dbUsername string, restartSig chan struct{}) (*gin.Engine, *sync.Service, error) {
+func setupRouter(cfg *config.Config, local *localdb.LocalDB, connMgr *db.ConnectionManager, dbUsername string, restartSig chan struct{}) (*gin.Engine, *sync.Service, error) {
 	// mariaDB may be nil if we're in offline mode
 	// Repositories
 	var componentRepo *repository.ComponentRepository
 	var categoryRepo *repository.CategoryRepository
 	var statsRepo *repository.StatsRepository
 	var pricelistRepo *repository.PricelistRepository
 	// Only initialize repositories if we have a database connection
 	if mariaDB != nil {
 		componentRepo = repository.NewComponentRepository(mariaDB)
 		categoryRepo = repository.NewCategoryRepository(mariaDB)
 		statsRepo = repository.NewStatsRepository(mariaDB)
 		pricelistRepo = repository.NewPricelistRepository(mariaDB)
 	} else {
 		// In offline mode, we'll use nil repositories or handle them differently
 		// This is handled in the sync service and other components
 	}
 	// Services
 	var componentService *services.ComponentService
 	var quoteService *services.QuoteService
 	var exportService *services.ExportService
 	var syncService *sync.Service
 	var projectService *services.ProjectService
 	// Sync service always uses ConnectionManager (works offline and online)
 	syncService = sync.NewService(connMgr, local)
-
+	componentService := services.NewComponentService(nil, nil, nil)
-	if mariaDB != nil {
+	quoteService := services.NewQuoteService(nil, nil, nil, local, nil)
-		componentService = services.NewComponentService(componentRepo, categoryRepo, statsRepo)
+	exportService := services.NewExportService(cfg.Export, nil, local)
 		quoteService = services.NewQuoteService(componentRepo, statsRepo, pricelistRepo, local, nil)
 		exportService = services.NewExportService(cfg.Export, categoryRepo, local)
 	} else {
 		// In offline mode, we still need to create services that don't require DB.
 		componentService = services.NewComponentService(nil, nil, nil)
 		quoteService = services.NewQuoteService(nil, nil, nil, local, nil)
 		exportService = services.NewExportService(cfg.Export, nil, local)
 	}
 	// isOnline function for local-first architecture
 	isOnline := func() bool {
@@ -732,16 +666,6 @@ func setupRouter(cfg *config.Config, local *localdb.LocalDB, connMgr *db.Connect
 	if err := local.BackfillConfigurationProjects(dbUsername); err != nil {
 		slog.Warn("failed to backfill local configuration projects", "error", err)
 	}
 	if mariaDB != nil {
 		serverProjectRepo := repository.NewProjectRepository(mariaDB)
 		if removed, err := serverProjectRepo.PurgeEmptyNamelessProjects(); err == nil && removed > 0 {
 			slog.Info("purged empty nameless server projects", "removed", removed)
 		}
 		if err := serverProjectRepo.EnsureSystemProjectsAndBackfillConfigurations(); err != nil {
 			slog.Warn("failed to backfill server configuration projects", "error", err)
 		}
 	}
 	type pullState struct {
 		mu          syncpkg.Mutex
 		running     bool
@@ -819,7 +743,7 @@ func setupRouter(cfg *config.Config, local *localdb.LocalDB, connMgr *db.Connect
 	// Handlers
 	componentHandler := handlers.NewComponentHandler(componentService, local)
 	quoteHandler := handlers.NewQuoteHandler(quoteService)
-	exportHandler := handlers.NewExportHandler(exportService, configService, projectService)
+	exportHandler := handlers.NewExportHandler(exportService, configService, projectService, dbUsername)
 	pricelistHandler := handlers.NewPricelistHandler(local)
 	vendorSpecHandler := handlers.NewVendorSpecHandler(local)
 	partnumberBooksHandler := handlers.NewPartnumberBooksHandler(local)
@@ -835,7 +759,7 @@ func setupRouter(cfg *config.Config, local *localdb.LocalDB, connMgr *db.Connect
 	}
 	// Web handler (templates)
-	webHandler, err := handlers.NewWebHandler(templatesPath, componentService)
+	webHandler, err := handlers.NewWebHandler(templatesPath, local)
 	if err != nil {
 		return nil, nil, err
 	}
@@ -891,20 +815,8 @@ func setupRouter(cfg *config.Config, local *localdb.LocalDB, connMgr *db.Connect
 			}
 		}
-		// Optional diagnostics mode with server table counts.
+		// Runtime diagnostics stay local-only. Server table counts are intentionally unavailable here.
-		if includeCounts && status.IsConnected {
+		if !includeCounts || !status.IsConnected {
 			if db, err := connMgr.GetDB(); err == nil && db != nil {
 				_ = db.Table("lot").Count(&lotCount)
 				_ = db.Table("lot_log").Count(&lotLogCount)
 				_ = db.Table("qt_lot_metadata").Count(&metadataCount)
 			} else if err != nil {
 				dbOK = false
 				dbError = err.Error()
 			} else {
 				dbOK = false
 				dbError = "Database not connected (offline mode)"
 			}
 		} else {
 			lotCount = 0
 			lotLogCount = 0
 			metadataCount = 0
@@ -920,11 +832,10 @@ func setupRouter(cfg *config.Config, local *localdb.LocalDB, connMgr *db.Connect
 		})
 	})
-	// Current user info (DB user, not app user)
+	// Current user info (local DB username)
 	router.GET("/api/current-user", func(c *gin.Context) {
 		c.JSON(http.StatusOK, gin.H{
 			"username": local.GetDBUser(),
 			"role":     "db_user",
 		})
 	})
--- a/cmd/qfs/versioning_api_test.go
+++ b/cmd/qfs/versioning_api_test.go
@@ -37,7 +37,7 @@ func TestConfigurationVersioningAPI(t *testing.T) {
 	cfg := &config.Config{}
 	setConfigDefaults(cfg)
-	router, _, err := setupRouter(cfg, local, connMgr, nil, "tester", nil)
+	router, _, err := setupRouter(cfg, local, connMgr, "tester", nil)
 	if err != nil {
 		t.Fatalf("setup router: %v", err)
 	}
@@ -144,7 +144,7 @@ func TestProjectArchiveHidesConfigsAndCloneIntoProject(t *testing.T) {
 	cfg := &config.Config{}
 	setConfigDefaults(cfg)
-	router, _, err := setupRouter(cfg, local, connMgr, nil, "tester", nil)
+	router, _, err := setupRouter(cfg, local, connMgr, "tester", nil)
 	if err != nil {
 		t.Fatalf("setup router: %v", err)
 	}
@@ -238,7 +238,7 @@ func TestConfigMoveToProjectEndpoint(t *testing.T) {
 	local, connMgr, _ := newAPITestStack(t)
 	cfg := &config.Config{}
 	setConfigDefaults(cfg)
-	router, _, err := setupRouter(cfg, local, connMgr, nil, "tester", nil)
+	router, _, err := setupRouter(cfg, local, connMgr, "tester", nil)
 	if err != nil {
 		t.Fatalf("setup router: %v", err)
 	}
--- a/config.example.yaml
+++ b/config.example.yaml
@@ -18,11 +18,6 @@ database:
  max_idle_conns: 5
  conn_max_lifetime: "5m"
 auth:
  jwt_secret: "CHANGE_ME_MIN_32_CHARACTERS_LONG"
  token_expiry: "24h"
  refresh_expiry: "168h"  # 7 days
 pricing:
  default_method: "weighted_median"  # median | average | weighted_median
  default_period_days: 90
--- a/go.mod
+++ b/go.mod
@@ -5,9 +5,8 @@ go 1.24.0
 require (
 	github.com/gin-gonic/gin v1.9.1
 	github.com/glebarez/sqlite v1.11.0
-	github.com/golang-jwt/jwt/v5 v5.3.0
+	github.com/go-sql-driver/mysql v1.7.1
 	github.com/google/uuid v1.6.0
 	golang.org/x/crypto v0.43.0
 	gopkg.in/yaml.v3 v3.0.1
 	gorm.io/driver/mysql v1.5.2
 	gorm.io/gorm v1.25.7
@@ -23,7 +22,6 @@ require (
 	github.com/go-playground/locales v0.14.1 // indirect
 	github.com/go-playground/universal-translator v0.18.1 // indirect
 	github.com/go-playground/validator/v10 v10.14.0 // indirect
 	github.com/go-sql-driver/mysql v1.7.1 // indirect
 	github.com/goccy/go-json v0.10.2 // indirect
 	github.com/jinzhu/inflection v1.0.0 // indirect
 	github.com/jinzhu/now v1.1.5 // indirect
@@ -39,6 +37,7 @@ require (
 	github.com/twitchyliquid64/golang-asm v0.15.1 // indirect
 	github.com/ugorji/go/codec v1.2.11 // indirect
 	golang.org/x/arch v0.3.0 // indirect
 	golang.org/x/crypto v0.43.0 // indirect
 	golang.org/x/net v0.46.0 // indirect
 	golang.org/x/sys v0.37.0 // indirect
 	golang.org/x/text v0.30.0 // indirect
--- a/go.sum
+++ b/go.sum
@@ -32,8 +32,6 @@ github.com/go-sql-driver/mysql v1.7.1 h1:lUIinVbN1DY0xBg0eMOzmmtGoHwWBbvnWubQUrt
 github.com/go-sql-driver/mysql v1.7.1/go.mod h1:OXbVy3sEdcQ2Doequ6Z5BW6fXNQTmx+9S1MCJN5yJMI=
 github.com/goccy/go-json v0.10.2 h1:CrxCmQqYDkv1z7lO7Wbh2HN93uovUHgrECaO5ZrCXAU=
 github.com/goccy/go-json v0.10.2/go.mod h1:6MelG93GURQebXPDq3khkgXZkazVtN9CRI+MGFi0w8I=
 github.com/golang-jwt/jwt/v5 v5.3.0 h1:pv4AsKCKKZuqlgs5sUmn4x8UlGa0kEVt/puTpKx9vvo=
 github.com/golang-jwt/jwt/v5 v5.3.0/go.mod h1:fxCRLWMO43lRc8nhHWY6LGqRcf+1gQWArsqaEUEa5bE=
 github.com/golang/protobuf v1.5.0/go.mod h1:FsONVRAS9T7sI+LIUmWTfcYkHO4aIWwzhcaSAoJOfIk=
 github.com/google/go-cmp v0.5.5 h1:Khx7svrCpmxxtHBq5j2mp/xVjsi8hQMfNLvJFAlrGgU=
 github.com/google/go-cmp v0.5.5/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=
--- a/internal/appstate/backup.go
+++ b/internal/appstate/backup.go
@@ -88,6 +88,9 @@ func EnsureRotatingLocalBackup(dbPath, configPath string) ([]string, error) {
 	}
 	root := resolveBackupRoot(dbPath)
 	if err := validateBackupRoot(root); err != nil {
 		return nil, err
 	}
 	now := backupNow()
 	created := make([]string, 0)
@@ -111,6 +114,40 @@ func resolveBackupRoot(dbPath string) string {
 	return filepath.Join(filepath.Dir(dbPath), "backups")
 }
 func validateBackupRoot(root string) error {
 	absRoot, err := filepath.Abs(root)
 	if err != nil {
 		return fmt.Errorf("resolve backup root: %w", err)
 	}
 	if gitRoot, ok := findGitWorktreeRoot(absRoot); ok {
 		return fmt.Errorf("backup root must stay outside git worktree: %s is inside %s", absRoot, gitRoot)
 	}
 	return nil
 }
 func findGitWorktreeRoot(path string) (string, bool) {
 	current := filepath.Clean(path)
 	info, err := os.Stat(current)
 	if err == nil && !info.IsDir() {
 		current = filepath.Dir(current)
 	}
 	for {
 		gitPath := filepath.Join(current, ".git")
 		if _, err := os.Stat(gitPath); err == nil {
 			return current, true
 		}
 		parent := filepath.Dir(current)
 		if parent == current {
 			return "", false
 		}
 		current = parent
 	}
 }
 func isBackupDisabled() bool {
 	val := strings.ToLower(strings.TrimSpace(os.Getenv(envBackupDisable)))
 	return val == "1" || val == "true" || val == "yes"
--- a/internal/appstate/backup_test.go
+++ b/internal/appstate/backup_test.go
@@ -3,6 +3,7 @@ package appstate
 import (
 	"os"
 	"path/filepath"
 	"strings"
 	"testing"
 	"time"
 )
@@ -69,7 +70,7 @@ func TestEnsureRotatingLocalBackupEnvControls(t *testing.T) {
 	if _, err := EnsureRotatingLocalBackup(dbPath, cfgPath); err != nil {
 		t.Fatalf("backup with env: %v", err)
 	}
-	if _, err := os.Stat(filepath.Join(backupRoot, "daily", "meta.json")); err != nil {
+	if _, err := os.Stat(filepath.Join(backupRoot, "daily", ".period.json")); err != nil {
 		t.Fatalf("expected backup in custom dir: %v", err)
 	}
@@ -77,7 +78,35 @@ func TestEnsureRotatingLocalBackupEnvControls(t *testing.T) {
 	if _, err := EnsureRotatingLocalBackup(dbPath, cfgPath); err != nil {
 		t.Fatalf("backup disabled: %v", err)
 	}
-	if _, err := os.Stat(filepath.Join(backupRoot, "daily", "meta.json")); err != nil {
+	if _, err := os.Stat(filepath.Join(backupRoot, "daily", ".period.json")); err != nil {
 		t.Fatalf("backup should remain from previous run: %v", err)
 	}
 }
 func TestEnsureRotatingLocalBackupRejectsGitWorktree(t *testing.T) {
 	temp := t.TempDir()
 	repoRoot := filepath.Join(temp, "repo")
 	if err := os.MkdirAll(filepath.Join(repoRoot, ".git"), 0755); err != nil {
 		t.Fatalf("mkdir git dir: %v", err)
 	}
 	dbPath := filepath.Join(repoRoot, "data", "qfs.db")
 	cfgPath := filepath.Join(repoRoot, "data", "config.yaml")
 	if err := os.MkdirAll(filepath.Dir(dbPath), 0755); err != nil {
 		t.Fatalf("mkdir data dir: %v", err)
 	}
 	if err := os.WriteFile(dbPath, []byte("db"), 0644); err != nil {
 		t.Fatalf("write db: %v", err)
 	}
 	if err := os.WriteFile(cfgPath, []byte("cfg"), 0644); err != nil {
 		t.Fatalf("write cfg: %v", err)
 	}
 	_, err := EnsureRotatingLocalBackup(dbPath, cfgPath)
 	if err == nil {
 		t.Fatal("expected git worktree backup root to be rejected")
 	}
 	if !strings.Contains(err.Error(), "outside git worktree") {
 		t.Fatalf("unexpected error: %v", err)
 	}
 }
--- a/internal/config/config.go
+++ b/internal/config/config.go
@@ -14,7 +14,6 @@ import (
 type Config struct {
 	Server        ServerConfig        `yaml:"server"`
 	Database      DatabaseConfig      `yaml:"database"`
 	Auth          AuthConfig          `yaml:"auth"`
 	Pricing       PricingConfig       `yaml:"pricing"`
 	Export        ExportConfig        `yaml:"export"`
 	Alerts        AlertsConfig        `yaml:"alerts"`
@@ -57,12 +56,6 @@ func (d *DatabaseConfig) DSN() string {
 	return cfg.FormatDSN()
 }
 type AuthConfig struct {
 	JWTSecret     string        `yaml:"jwt_secret"`
 	TokenExpiry   time.Duration `yaml:"token_expiry"`
 	RefreshExpiry time.Duration `yaml:"refresh_expiry"`
 }
 type PricingConfig struct {
 	DefaultMethod       string `yaml:"default_method"`
 	DefaultPeriodDays   int    `yaml:"default_period_days"`
@@ -152,13 +145,6 @@ func (c *Config) setDefaults() {
 		c.Database.ConnMaxLifetime = 5 * time.Minute
 	}
 	if c.Auth.TokenExpiry == 0 {
 		c.Auth.TokenExpiry = 24 * time.Hour
 	}
 	if c.Auth.RefreshExpiry == 0 {
 		c.Auth.RefreshExpiry = 7 * 24 * time.Hour
 	}
 	if c.Pricing.DefaultMethod == "" {
 		c.Pricing.DefaultMethod = "weighted_median"
 	}
--- a/internal/handlers/auth.go
+++ b/internal/handlers/auth.go
@@ -1,113 +0,0 @@
 package handlers
 import (
 	"net/http"
 	"github.com/gin-gonic/gin"
 	"git.mchus.pro/mchus/quoteforge/internal/middleware"
 	"git.mchus.pro/mchus/quoteforge/internal/repository"
 	"git.mchus.pro/mchus/quoteforge/internal/services"
 )
 type AuthHandler struct {
 	authService *services.AuthService
 	userRepo    *repository.UserRepository
 }
 func NewAuthHandler(authService *services.AuthService, userRepo *repository.UserRepository) *AuthHandler {
 	return &AuthHandler{
 		authService: authService,
 		userRepo:    userRepo,
 	}
 }
 type LoginRequest struct {
 	Username string `json:"username" binding:"required"`
 	Password string `json:"password" binding:"required"`
 }
 type LoginResponse struct {
 	AccessToken  string `json:"access_token"`
 	RefreshToken string `json:"refresh_token"`
 	ExpiresAt    int64  `json:"expires_at"`
 	User         UserResponse `json:"user"`
 }
 type UserResponse struct {
 	ID       uint   `json:"id"`
 	Username string `json:"username"`
 	Email    string `json:"email"`
 	Role     string `json:"role"`
 }
 func (h *AuthHandler) Login(c *gin.Context) {
 	var req LoginRequest
 	if err := c.ShouldBindJSON(&req); err != nil {
 		c.JSON(http.StatusBadRequest, gin.H{"error": err.Error()})
 		return
 	}
 	tokens, user, err := h.authService.Login(req.Username, req.Password)
 	if err != nil {
 		c.JSON(http.StatusUnauthorized, gin.H{"error": err.Error()})
 		return
 	}
 	c.JSON(http.StatusOK, LoginResponse{
 		AccessToken:  tokens.AccessToken,
 		RefreshToken: tokens.RefreshToken,
 		ExpiresAt:    tokens.ExpiresAt,
 		User: UserResponse{
 			ID:       user.ID,
 			Username: user.Username,
 			Email:    user.Email,
 			Role:     string(user.Role),
 		},
 	})
 }
 type RefreshRequest struct {
 	RefreshToken string `json:"refresh_token" binding:"required"`
 }
 func (h *AuthHandler) Refresh(c *gin.Context) {
 	var req RefreshRequest
 	if err := c.ShouldBindJSON(&req); err != nil {
 		c.JSON(http.StatusBadRequest, gin.H{"error": err.Error()})
 		return
 	}
 	tokens, err := h.authService.RefreshTokens(req.RefreshToken)
 	if err != nil {
 		c.JSON(http.StatusUnauthorized, gin.H{"error": err.Error()})
 		return
 	}
 	c.JSON(http.StatusOK, tokens)
 }
 func (h *AuthHandler) Me(c *gin.Context) {
 	claims := middleware.GetClaims(c)
 	if claims == nil {
 		c.JSON(http.StatusUnauthorized, gin.H{"error": "not authenticated"})
 		return
 	}
 	user, err := h.userRepo.GetByID(claims.UserID)
 	if err != nil {
 		c.JSON(http.StatusNotFound, gin.H{"error": "user not found"})
 		return
 	}
 	c.JSON(http.StatusOK, UserResponse{
 		ID:       user.ID,
 		Username: user.Username,
 		Email:    user.Email,
 		Role:     string(user.Role),
 	})
 }
 func (h *AuthHandler) Logout(c *gin.Context) {
 	// JWT is stateless, logout is handled on client by discarding tokens
 	c.JSON(http.StatusOK, gin.H{"message": "logged out"})
 }
--- a/internal/handlers/configuration.go
+++ b/internal/handlers/configuration.go
@@ -1,239 +0,0 @@
 package handlers
 import (
 	"net/http"
 	"strconv"
 	"git.mchus.pro/mchus/quoteforge/internal/middleware"
 	"git.mchus.pro/mchus/quoteforge/internal/services"
 	"github.com/gin-gonic/gin"
 )
 type ConfigurationHandler struct {
 	configService *services.ConfigurationService
 	exportService *services.ExportService
 }
 func NewConfigurationHandler(
 	configService *services.ConfigurationService,
 	exportService *services.ExportService,
 ) *ConfigurationHandler {
 	return &ConfigurationHandler{
 		configService: configService,
 		exportService: exportService,
 	}
 }
 func (h *ConfigurationHandler) List(c *gin.Context) {
 	username := middleware.GetUsername(c)
 	page, _ := strconv.Atoi(c.DefaultQuery("page", "1"))
 	perPage, _ := strconv.Atoi(c.DefaultQuery("per_page", "20"))
 	configs, total, err := h.configService.ListByUser(username, page, perPage)
 	if err != nil {
 		c.JSON(http.StatusInternalServerError, gin.H{"error": err.Error()})
 		return
 	}
 	c.JSON(http.StatusOK, gin.H{
 		"configurations": configs,
 		"total":          total,
 		"page":           page,
 		"per_page":       perPage,
 	})
 }
 func (h *ConfigurationHandler) Create(c *gin.Context) {
 	username := middleware.GetUsername(c)
 	var req services.CreateConfigRequest
 	if err := c.ShouldBindJSON(&req); err != nil {
 		c.JSON(http.StatusBadRequest, gin.H{"error": err.Error()})
 		return
 	}
 	config, err := h.configService.Create(username, &req)
 	if err != nil {
 		c.JSON(http.StatusInternalServerError, gin.H{"error": err.Error()})
 		return
 	}
 	c.JSON(http.StatusCreated, config)
 }
 func (h *ConfigurationHandler) Get(c *gin.Context) {
 	username := middleware.GetUsername(c)
 	uuid := c.Param("uuid")
 	config, err := h.configService.GetByUUID(uuid, username)
 	if err != nil {
 		status := http.StatusNotFound
 		if err == services.ErrConfigForbidden {
 			status = http.StatusForbidden
 		}
 		c.JSON(status, gin.H{"error": err.Error()})
 		return
 	}
 	c.JSON(http.StatusOK, config)
 }
 func (h *ConfigurationHandler) Update(c *gin.Context) {
 	username := middleware.GetUsername(c)
 	uuid := c.Param("uuid")
 	var req services.CreateConfigRequest
 	if err := c.ShouldBindJSON(&req); err != nil {
 		c.JSON(http.StatusBadRequest, gin.H{"error": err.Error()})
 		return
 	}
 	config, err := h.configService.Update(uuid, username, &req)
 	if err != nil {
 		status := http.StatusInternalServerError
 		if err == services.ErrConfigNotFound {
 			status = http.StatusNotFound
 		} else if err == services.ErrConfigForbidden {
 			status = http.StatusForbidden
 		}
 		c.JSON(status, gin.H{"error": err.Error()})
 		return
 	}
 	c.JSON(http.StatusOK, config)
 }
 func (h *ConfigurationHandler) Delete(c *gin.Context) {
 	username := middleware.GetUsername(c)
 	uuid := c.Param("uuid")
 	err := h.configService.Delete(uuid, username)
 	if err != nil {
 		status := http.StatusInternalServerError
 		if err == services.ErrConfigNotFound {
 			status = http.StatusNotFound
 		} else if err == services.ErrConfigForbidden {
 			status = http.StatusForbidden
 		}
 		c.JSON(status, gin.H{"error": err.Error()})
 		return
 	}
 	c.JSON(http.StatusOK, gin.H{"message": "deleted"})
 }
 type RenameConfigRequest struct {
 	Name string `json:"name" binding:"required"`
 }
 func (h *ConfigurationHandler) Rename(c *gin.Context) {
 	username := middleware.GetUsername(c)
 	uuid := c.Param("uuid")
 	var req RenameConfigRequest
 	if err := c.ShouldBindJSON(&req); err != nil {
 		c.JSON(http.StatusBadRequest, gin.H{"error": err.Error()})
 		return
 	}
 	config, err := h.configService.Rename(uuid, username, req.Name)
 	if err != nil {
 		status := http.StatusInternalServerError
 		if err == services.ErrConfigNotFound {
 			status = http.StatusNotFound
 		} else if err == services.ErrConfigForbidden {
 			status = http.StatusForbidden
 		}
 		c.JSON(status, gin.H{"error": err.Error()})
 		return
 	}
 	c.JSON(http.StatusOK, config)
 }
 type CloneConfigRequest struct {
 	Name string `json:"name" binding:"required"`
 }
 func (h *ConfigurationHandler) Clone(c *gin.Context) {
 	username := middleware.GetUsername(c)
 	uuid := c.Param("uuid")
 	var req CloneConfigRequest
 	if err := c.ShouldBindJSON(&req); err != nil {
 		c.JSON(http.StatusBadRequest, gin.H{"error": err.Error()})
 		return
 	}
 	config, err := h.configService.Clone(uuid, username, req.Name)
 	if err != nil {
 		status := http.StatusInternalServerError
 		if err == services.ErrConfigNotFound {
 			status = http.StatusNotFound
 		} else if err == services.ErrConfigForbidden {
 			status = http.StatusForbidden
 		}
 		c.JSON(status, gin.H{"error": err.Error()})
 		return
 	}
 	c.JSON(http.StatusCreated, config)
 }
 func (h *ConfigurationHandler) RefreshPrices(c *gin.Context) {
 	username := middleware.GetUsername(c)
 	uuid := c.Param("uuid")
 	config, err := h.configService.RefreshPrices(uuid, username)
 	if err != nil {
 		status := http.StatusInternalServerError
 		if err == services.ErrConfigNotFound {
 			status = http.StatusNotFound
 		} else if err == services.ErrConfigForbidden {
 			status = http.StatusForbidden
 		}
 		c.JSON(status, gin.H{"error": err.Error()})
 		return
 	}
 	c.JSON(http.StatusOK, config)
 }
 // func (h *ConfigurationHandler) ExportJSON(c *gin.Context) {
 // 	userID := middleware.GetUserID(c)
 // 	uuid := c.Param("uuid")
 //
 // 	config, err := h.configService.GetByUUID(uuid, userID)
 // 	if err != nil {
 // 		c.JSON(http.StatusNotFound, gin.H{"error": err.Error()})
 // 		return
 // 	}
 //
 // 	data, err := h.configService.ExportJSON(uuid, userID)
 // 	if err != nil {
 // 		c.JSON(http.StatusNotFound, gin.H{"error": err.Error()})
 // 		return
 // 	}
 //
 // 	filename := fmt.Sprintf("%s %s SPEC.json", config.CreatedAt.Format("2006-01-02"), config.Name)
 // 	c.Header("Content-Disposition", fmt.Sprintf("attachment; filename=\"%s\"", filename))
 // 	c.Data(http.StatusOK, "application/json", data)
 // }
 // func (h *ConfigurationHandler) ImportJSON(c *gin.Context) {
 // 	userID := middleware.GetUserID(c)
 //
 // 	data, err := io.ReadAll(c.Request.Body)
 // 	if err != nil {
 // 		c.JSON(http.StatusBadRequest, gin.H{"error": "failed to read body"})
 // 		return
 // 	}
 //
 // 	config, err := h.configService.ImportJSON(userID, data)
 // 	if err != nil {
 // 		c.JSON(http.StatusBadRequest, gin.H{"error": err.Error()})
 // 		return
 // 	}
 //
 // 	c.JSON(http.StatusCreated, config)
 // }
--- a/internal/handlers/export.go
+++ b/internal/handlers/export.go
@@ -6,7 +6,6 @@ import (
 	"strings"
 	"time"
 	"git.mchus.pro/mchus/quoteforge/internal/middleware"
 	"git.mchus.pro/mchus/quoteforge/internal/models"
 	"git.mchus.pro/mchus/quoteforge/internal/services"
 	"github.com/gin-gonic/gin"
@@ -16,17 +15,20 @@ type ExportHandler struct {
 	exportService  *services.ExportService
 	configService  services.ConfigurationGetter
 	projectService *services.ProjectService
 	dbUsername     string
 }
 func NewExportHandler(
 	exportService *services.ExportService,
 	configService services.ConfigurationGetter,
 	projectService *services.ProjectService,
 	dbUsername string,
 ) *ExportHandler {
 	return &ExportHandler{
 		exportService:  exportService,
 		configService:  configService,
 		projectService: projectService,
 		dbUsername:     dbUsername,
 	}
 }
@@ -71,8 +73,7 @@ func (h *ExportHandler) ExportCSV(c *gin.Context) {
 	// Get project code for filename
 	projectCode := req.ProjectName // legacy field: may contain code from frontend
 	if projectCode == "" && req.ProjectUUID != "" {
-		username := middleware.GetUsername(c)
+		if project, err := h.projectService.GetByUUID(req.ProjectUUID, h.dbUsername); err == nil && project != nil {
 		if project, err := h.projectService.GetByUUID(req.ProjectUUID, username); err == nil && project != nil {
 			projectCode = project.Code
 		}
 	}
@@ -144,11 +145,10 @@ func sanitizeFilenameSegment(value string) string {
 }
 func (h *ExportHandler) ExportConfigCSV(c *gin.Context) {
 	username := middleware.GetUsername(c)
 	uuid := c.Param("uuid")
 	// Get config before streaming (can return JSON error)
-	config, err := h.configService.GetByUUID(uuid, username)
+	config, err := h.configService.GetByUUID(uuid, h.dbUsername)
 	if err != nil {
 		c.JSON(http.StatusNotFound, gin.H{"error": err.Error()})
 		return
@@ -165,7 +165,7 @@ func (h *ExportHandler) ExportConfigCSV(c *gin.Context) {
 	// Get project code for filename
 	projectCode := config.Name // fallback: use config name if no project
 	if config.ProjectUUID != nil && *config.ProjectUUID != "" {
-		if project, err := h.projectService.GetByUUID(*config.ProjectUUID, username); err == nil && project != nil {
+		if project, err := h.projectService.GetByUUID(*config.ProjectUUID, h.dbUsername); err == nil && project != nil {
 			projectCode = project.Code
 		}
 	}
@@ -189,16 +189,15 @@ func (h *ExportHandler) ExportConfigCSV(c *gin.Context) {
 // ExportProjectCSV exports all active configurations of a project as a single CSV file.
 func (h *ExportHandler) ExportProjectCSV(c *gin.Context) {
 	username := middleware.GetUsername(c)
 	projectUUID := c.Param("uuid")
-	project, err := h.projectService.GetByUUID(projectUUID, username)
+	project, err := h.projectService.GetByUUID(projectUUID, h.dbUsername)
 	if err != nil {
 		c.JSON(http.StatusNotFound, gin.H{"error": err.Error()})
 		return
 	}
-	result, err := h.projectService.ListConfigurations(projectUUID, username, "active")
+	result, err := h.projectService.ListConfigurations(projectUUID, h.dbUsername, "active")
 	if err != nil {
 		c.JSON(http.StatusInternalServerError, gin.H{"error": err.Error()})
 		return
@@ -223,7 +222,6 @@ func (h *ExportHandler) ExportProjectCSV(c *gin.Context) {
 }
 func (h *ExportHandler) ExportProjectPricingCSV(c *gin.Context) {
 	username := middleware.GetUsername(c)
 	projectUUID := c.Param("uuid")
 	var req ProjectExportOptionsRequest
@@ -232,13 +230,13 @@ func (h *ExportHandler) ExportProjectPricingCSV(c *gin.Context) {
 		return
 	}
-	project, err := h.projectService.GetByUUID(projectUUID, username)
+	project, err := h.projectService.GetByUUID(projectUUID, h.dbUsername)
 	if err != nil {
 		c.JSON(http.StatusNotFound, gin.H{"error": err.Error()})
 		return
 	}
-	result, err := h.projectService.ListConfigurations(projectUUID, username, "active")
+	result, err := h.projectService.ListConfigurations(projectUUID, h.dbUsername, "active")
 	if err != nil {
 		c.JSON(http.StatusInternalServerError, gin.H{"error": err.Error()})
 		return
--- a/internal/handlers/export_test.go
+++ b/internal/handlers/export_test.go
@@ -26,7 +26,6 @@ func (m *mockConfigService) GetByUUID(uuid string, ownerUsername string) (*model
 	return m.config, m.err
 }
 func TestExportCSV_Success(t *testing.T) {
 	gin.SetMode(gin.TestMode)
@@ -36,6 +35,7 @@ func TestExportCSV_Success(t *testing.T) {
 		exportSvc,
 		&mockConfigService{},
 		nil,
 		"testuser",
 	)
 	// Create JSON request body
@@ -110,6 +110,7 @@ func TestExportCSV_InvalidRequest(t *testing.T) {
 		exportSvc,
 		&mockConfigService{},
 		nil,
 		"testuser",
 	)
 	// Create invalid request (missing required field)
@@ -143,6 +144,7 @@ func TestExportCSV_EmptyItems(t *testing.T) {
 		exportSvc,
 		&mockConfigService{},
 		nil,
 		"testuser",
 	)
 	// Create request with empty items array - should fail binding validation
@@ -184,6 +186,7 @@ func TestExportConfigCSV_Success(t *testing.T) {
 		exportSvc,
 		&mockConfigService{config: mockConfig},
 		nil,
 		"testuser",
 	)
 	// Create HTTP request
@@ -196,9 +199,6 @@ func TestExportConfigCSV_Success(t *testing.T) {
 		{Key: "uuid", Value: "test-uuid"},
 	}
 	// Mock middleware.GetUsername
 	c.Set("username", "testuser")
 	handler.ExportConfigCSV(c)
 	// Check status code
@@ -233,6 +233,7 @@ func TestExportConfigCSV_NotFound(t *testing.T) {
 		exportSvc,
 		&mockConfigService{err: errors.New("config not found")},
 		nil,
 		"testuser",
 	)
 	req, _ := http.NewRequest("GET", "/api/configs/nonexistent-uuid/export", nil)
@@ -243,8 +244,6 @@ func TestExportConfigCSV_NotFound(t *testing.T) {
 	c.Params = gin.Params{
 		{Key: "uuid", Value: "nonexistent-uuid"},
 	}
 	c.Set("username", "testuser")
 	handler.ExportConfigCSV(c)
 	// Should return 404 Not Found
@@ -277,6 +276,7 @@ func TestExportConfigCSV_EmptyItems(t *testing.T) {
 		exportSvc,
 		&mockConfigService{config: mockConfig},
 		nil,
 		"testuser",
 	)
 	req, _ := http.NewRequest("GET", "/api/configs/test-uuid/export", nil)
@@ -287,8 +287,6 @@ func TestExportConfigCSV_EmptyItems(t *testing.T) {
 	c.Params = gin.Params{
 		{Key: "uuid", Value: "test-uuid"},
 	}
 	c.Set("username", "testuser")
 	handler.ExportConfigCSV(c)
 	// Should return 400 Bad Request
--- a/internal/handlers/partnumber_books.go
+++ b/internal/handlers/partnumber_books.go
@@ -91,16 +91,16 @@ func (h *PartnumberBooksHandler) GetItems(c *gin.Context) {
 	}
 	c.JSON(http.StatusOK, gin.H{
-		"book_id":       book.ServerID,
+		"book_id":     book.ServerID,
-		"version":       book.Version,
+		"version":     book.Version,
-		"is_active":     book.IsActive,
+		"is_active":   book.IsActive,
-		"items":         items,
+		"partnumbers": book.PartnumbersJSON,
-		"total":         total,
+		"items":       items,
-		"page":          page,
+		"total":       total,
-		"per_page":      perPage,
+		"page":        page,
-		"search":        search,
+		"per_page":    perPage,
-		"book_total":    bookRepo.CountBookItems(book.ID),
+		"search":      search,
-		"lot_count":     bookRepo.CountDistinctLots(book.ID),
+		"book_total":  bookRepo.CountBookItems(book.ID),
-		"primary_count": bookRepo.CountPrimaryItems(book.ID),
+		"lot_count":   bookRepo.CountDistinctLots(book.ID),
 	})
 }
--- a/internal/handlers/sync.go
+++ b/internal/handlers/sync.go
@@ -516,18 +516,11 @@ func (h *SyncHandler) GetInfo(c *gin.Context) {
 	// Get sync times
 	lastPricelistSync := h.localDB.GetLastSyncTime()
 	// Get MariaDB counts (if online)
 	var lotCount, lotLogCount int64
 	if isOnline {
 		if mariaDB, err := h.connMgr.GetDB(); err == nil {
 			mariaDB.Table("lot").Count(&lotCount)
 			mariaDB.Table("lot_log").Count(&lotLogCount)
 		}
 	}
 	// Get local counts
 	configCount := h.localDB.CountConfigurations()
 	projectCount := h.localDB.CountProjects()
 	componentCount := h.localDB.CountLocalComponents()
 	pricelistCount := h.localDB.CountLocalPricelists()
 	// Get error count (only changes with LastError != "")
 	errorCount := int(h.localDB.CountErroredChanges())
@@ -562,8 +555,8 @@ func (h *SyncHandler) GetInfo(c *gin.Context) {
 		DBName:         dbName,
 		IsOnline:       isOnline,
 		LastSyncAt:     lastPricelistSync,
-		LotCount:       lotCount,
+		LotCount:       componentCount,
-		LotLogCount:    lotLogCount,
+		LotLogCount:    pricelistCount,
 		ConfigCount:    configCount,
 		ProjectCount:   projectCount,
 		PendingChanges: changes,
--- a/internal/handlers/web.go
+++ b/internal/handlers/web.go
@@ -3,19 +3,20 @@ package handlers
 import (
 	"html/template"
 	"strconv"
 	"strings"
 	qfassets "git.mchus.pro/mchus/quoteforge"
-	"git.mchus.pro/mchus/quoteforge/internal/repository"
+	"git.mchus.pro/mchus/quoteforge/internal/localdb"
-	"git.mchus.pro/mchus/quoteforge/internal/services"
+	"git.mchus.pro/mchus/quoteforge/internal/models"
 	"github.com/gin-gonic/gin"
 )
 type WebHandler struct {
-	templates        map[string]*template.Template
+	templates map[string]*template.Template
-	componentService *services.ComponentService
+	localDB   *localdb.LocalDB
 }
-func NewWebHandler(_ string, componentService *services.ComponentService) (*WebHandler, error) {
+func NewWebHandler(_ string, localDB *localdb.LocalDB) (*WebHandler, error) {
 	funcMap := template.FuncMap{
 		"sub": func(a, b int) int { return a - b },
 		"add": func(a, b int) int { return a + b },
@@ -59,7 +60,7 @@ func NewWebHandler(_ string, componentService *services.ComponentService) (*WebH
 	templates := make(map[string]*template.Template)
 	// Load each page template with base
-	simplePages := []string{"login.html", "configs.html", "projects.html", "project_detail.html", "pricelists.html", "pricelist_detail.html", "config_revisions.html", "partnumber_books.html"}
+	simplePages := []string{"configs.html", "projects.html", "project_detail.html", "pricelists.html", "pricelist_detail.html", "config_revisions.html", "partnumber_books.html"}
 	for _, page := range simplePages {
 		var tmpl *template.Template
 		var err error
@@ -104,8 +105,8 @@ func NewWebHandler(_ string, componentService *services.ComponentService) (*WebH
 	}
 	return &WebHandler{
-		templates:        templates,
+		templates: templates,
-		componentService: componentService,
+		localDB:   localDB,
 	}, nil
 }
@@ -128,36 +129,28 @@ func (h *WebHandler) Index(c *gin.Context) {
 }
 func (h *WebHandler) Configurator(c *gin.Context) {
 	categories, _ := h.componentService.GetCategories()
 	uuid := c.Query("uuid")
-
+	categories, _ := h.localCategories()
-	filter := repository.ComponentFilter{}
+	components, total, err := h.localDB.ListComponents(localdb.ComponentFilter{}, 0, 20)
 	result, err := h.componentService.List(filter, 1, 20)
 	data := gin.H{
 		"ActivePage": "configurator",
 		"Categories": categories,
-		"Components": []interface{}{},
+		"Components": []localComponentView{},
 		"Total":      int64(0),
 		"Page":       1,
 		"PerPage":    20,
 		"ConfigUUID": uuid,
 	}
-	if err == nil && result != nil {
+	if err == nil {
-		data["Components"] = result.Components
+		data["Components"] = toLocalComponentViews(components)
-		data["Total"] = result.Total
+		data["Total"] = total
 		data["Page"] = result.Page
 		data["PerPage"] = result.PerPage
 	}
 	h.render(c, "index.html", data)
 }
 func (h *WebHandler) Login(c *gin.Context) {
 	h.render(c, "login.html", nil)
 }
 func (h *WebHandler) Configs(c *gin.Context) {
 	h.render(c, "configs.html", gin.H{"ActivePage": "configs"})
 }
@@ -196,25 +189,30 @@ func (h *WebHandler) PartnumberBooks(c *gin.Context) {
 func (h *WebHandler) ComponentsPartial(c *gin.Context) {
 	page, _ := strconv.Atoi(c.DefaultQuery("page", "1"))
 	if page < 1 {
 		page = 1
 	}
-	filter := repository.ComponentFilter{
+	filter := localdb.ComponentFilter{
 		Category: c.Query("category"),
 		Search:   c.Query("search"),
 	}
 	if c.Query("has_price") == "true" {
 		filter.HasPrice = true
 	}
 	offset := (page - 1) * 20
 	data := gin.H{
-		"Components": []interface{}{},
+		"Components": []localComponentView{},
 		"Total":      int64(0),
 		"Page":       page,
 		"PerPage":    20,
 	}
-	result, err := h.componentService.List(filter, page, 20)
+	components, total, err := h.localDB.ListComponents(filter, offset, 20)
-	if err == nil && result != nil {
+	if err == nil {
-		data["Components"] = result.Components
+		data["Components"] = toLocalComponentViews(components)
-		data["Total"] = result.Total
+		data["Total"] = total
 		data["Page"] = result.Page
 		data["PerPage"] = result.PerPage
 	}
 	c.Header("Content-Type", "text/html; charset=utf-8")
@@ -222,3 +220,46 @@ func (h *WebHandler) ComponentsPartial(c *gin.Context) {
 		tmpl.ExecuteTemplate(c.Writer, "components_list.html", data)
 	}
 }
 type localComponentView struct {
 	LotName      string
 	Description  string
 	Category     string
 	CategoryName string
 	Model        string
 	CurrentPrice *float64
 }
 func toLocalComponentViews(items []localdb.LocalComponent) []localComponentView {
 	result := make([]localComponentView, 0, len(items))
 	for _, item := range items {
 		result = append(result, localComponentView{
 			LotName:      item.LotName,
 			Description:  item.LotDescription,
 			Category:     item.Category,
 			CategoryName: item.Category,
 			Model:        item.Model,
 		})
 	}
 	return result
 }
 func (h *WebHandler) localCategories() ([]models.Category, error) {
 	codes, err := h.localDB.GetLocalComponentCategories()
 	if err != nil || len(codes) == 0 {
 		return []models.Category{}, err
 	}
 	categories := make([]models.Category, 0, len(codes))
 	for _, code := range codes {
 		trimmed := strings.TrimSpace(code)
 		if trimmed == "" {
 			continue
 		}
 		categories = append(categories, models.Category{
 			Code: trimmed,
 			Name: trimmed,
 		})
 	}
 	return categories, nil
 }
--- a/internal/localdb/converters.go
+++ b/internal/localdb/converters.go
@@ -46,10 +46,6 @@ func ConfigurationToLocal(cfg *models.Configuration) *LocalConfiguration {
 		OriginalUsername:      cfg.OwnerUsername,
 	}
 	if local.OriginalUsername == "" && cfg.User != nil {
 		local.OriginalUsername = cfg.User.Username
 	}
 	if cfg.ID > 0 {
 		serverID := cfg.ID
 		local.ServerID = &serverID
--- a/internal/localdb/encryption.go
+++ b/internal/localdb/encryption.go
@@ -7,19 +7,104 @@ import (
 	"crypto/sha256"
 	"encoding/base64"
 	"errors"
 	"fmt"
 	"io"
 	"os"
 	"path/filepath"
 	"strings"
 	"git.mchus.pro/mchus/quoteforge/internal/appstate"
 )
-// getEncryptionKey derives a 32-byte key from environment variable or machine ID
+const encryptionKeyFileName = "local_encryption.key"
-func getEncryptionKey() []byte {
+
 // getEncryptionKey resolves the active encryption key.
 // Preference order:
 // 1. QUOTEFORGE_ENCRYPTION_KEY env var
 // 2. application-managed random key file in the user state directory
 func getEncryptionKey() ([]byte, error) {
 	key := os.Getenv("QUOTEFORGE_ENCRYPTION_KEY")
-	if key == "" {
+	if key != "" {
-		// Fallback to a machine-based key (hostname + fixed salt)
+		hash := sha256.Sum256([]byte(key))
-		hostname, _ := os.Hostname()
+		return hash[:], nil
 		key = hostname + "quoteforge-salt-2024"
 	}
-	// Hash to get exactly 32 bytes for AES-256
+
 	stateDir, err := resolveEncryptionStateDir()
 	if err != nil {
 		return nil, fmt.Errorf("resolve encryption state dir: %w", err)
 	}
 	return loadOrCreateEncryptionKey(filepath.Join(stateDir, encryptionKeyFileName))
 }
 func resolveEncryptionStateDir() (string, error) {
 	configPath, err := appstate.ResolveConfigPath("")
 	if err != nil {
 		return "", err
 	}
 	return filepath.Dir(configPath), nil
 }
 func loadOrCreateEncryptionKey(path string) ([]byte, error) {
 	if data, err := os.ReadFile(path); err == nil {
 		return parseEncryptionKeyFile(data)
 	} else if !errors.Is(err, os.ErrNotExist) {
 		return nil, fmt.Errorf("read encryption key: %w", err)
 	}
 	if err := os.MkdirAll(filepath.Dir(path), 0700); err != nil {
 		return nil, fmt.Errorf("create encryption key dir: %w", err)
 	}
 	raw := make([]byte, 32)
 	if _, err := io.ReadFull(rand.Reader, raw); err != nil {
 		return nil, fmt.Errorf("generate encryption key: %w", err)
 	}
 	encoded := base64.StdEncoding.EncodeToString(raw)
 	if err := writeKeyFile(path, []byte(encoded+"\n")); err != nil {
 		if errors.Is(err, os.ErrExist) {
 			data, readErr := os.ReadFile(path)
 			if readErr != nil {
 				return nil, fmt.Errorf("read concurrent encryption key: %w", readErr)
 			}
 			return parseEncryptionKeyFile(data)
 		}
 		return nil, err
 	}
 	return raw, nil
 }
 func writeKeyFile(path string, data []byte) error {
 	file, err := os.OpenFile(path, os.O_WRONLY|os.O_CREATE|os.O_EXCL, 0600)
 	if err != nil {
 		return err
 	}
 	defer file.Close()
 	if _, err := file.Write(data); err != nil {
 		return err
 	}
 	return file.Sync()
 }
 func parseEncryptionKeyFile(data []byte) ([]byte, error) {
 	trimmed := strings.TrimSpace(string(data))
 	decoded, err := base64.StdEncoding.DecodeString(trimmed)
 	if err != nil {
 		return nil, fmt.Errorf("decode encryption key file: %w", err)
 	}
 	if len(decoded) != 32 {
 		return nil, fmt.Errorf("invalid encryption key length: %d", len(decoded))
 	}
 	return decoded, nil
 }
 func getLegacyEncryptionKey() []byte {
 	hostname, _ := os.Hostname()
 	key := hostname + "quoteforge-salt-2024"
 	hash := sha256.Sum256([]byte(key))
 	return hash[:]
 }
@@ -30,7 +115,10 @@ func Encrypt(plaintext string) (string, error) {
 		return "", nil
 	}
-	key := getEncryptionKey()
+	key, err := getEncryptionKey()
 	if err != nil {
 		return "", err
 	}
 	block, err := aes.NewCipher(key)
 	if err != nil {
 		return "", err
@@ -56,12 +144,50 @@ func Decrypt(ciphertext string) (string, error) {
 		return "", nil
 	}
-	key := getEncryptionKey()
+	key, err := getEncryptionKey()
 	data, err := base64.StdEncoding.DecodeString(ciphertext)
 	if err != nil {
 		return "", err
 	}
 	plaintext, legacy, err := decryptWithKeys(ciphertext, key, getLegacyEncryptionKey())
 	if err != nil {
 		return "", err
 	}
 	_ = legacy
 	return plaintext, nil
 }
 func DecryptWithMetadata(ciphertext string) (string, bool, error) {
 	if ciphertext == "" {
 		return "", false, nil
 	}
 	key, err := getEncryptionKey()
 	if err != nil {
 		return "", false, err
 	}
 	return decryptWithKeys(ciphertext, key, getLegacyEncryptionKey())
 }
 func decryptWithKeys(ciphertext string, primaryKey, legacyKey []byte) (string, bool, error) {
 	data, err := base64.StdEncoding.DecodeString(ciphertext)
 	if err != nil {
 		return "", false, err
 	}
 	plaintext, err := decryptWithKey(data, primaryKey)
 	if err == nil {
 		return plaintext, false, nil
 	}
 	legacyPlaintext, legacyErr := decryptWithKey(data, legacyKey)
 	if legacyErr == nil {
 		return legacyPlaintext, true, nil
 	}
 	return "", false, err
 }
 func decryptWithKey(data, key []byte) (string, error) {
 	block, err := aes.NewCipher(key)
 	if err != nil {
 		return "", err
--- a/internal/localdb/encryption_test.go
+++ b/internal/localdb/encryption_test.go
@@ -0,0 +1,97 @@
 package localdb
 import (
 	"crypto/aes"
 	"crypto/cipher"
 	"crypto/rand"
 	"crypto/sha256"
 	"encoding/base64"
 	"io"
 	"os"
 	"path/filepath"
 	"testing"
 )
 func TestEncryptCreatesPersistentKeyFile(t *testing.T) {
 	stateDir := t.TempDir()
 	t.Setenv("QFS_STATE_DIR", stateDir)
 	t.Setenv("QUOTEFORGE_ENCRYPTION_KEY", "")
 	ciphertext, err := Encrypt("secret-password")
 	if err != nil {
 		t.Fatalf("encrypt: %v", err)
 	}
 	if ciphertext == "" {
 		t.Fatal("expected ciphertext")
 	}
 	keyPath := filepath.Join(stateDir, encryptionKeyFileName)
 	info, err := os.Stat(keyPath)
 	if err != nil {
 		t.Fatalf("stat key file: %v", err)
 	}
 	if info.Mode().Perm() != 0600 {
 		t.Fatalf("expected 0600 key file, got %v", info.Mode().Perm())
 	}
 }
 func TestDecryptMigratesLegacyCiphertext(t *testing.T) {
 	stateDir := t.TempDir()
 	t.Setenv("QFS_STATE_DIR", stateDir)
 	t.Setenv("QUOTEFORGE_ENCRYPTION_KEY", "")
 	legacyCiphertext := encryptWithKeyForTest(t, getLegacyEncryptionKey(), "legacy-password")
 	plaintext, migrated, err := DecryptWithMetadata(legacyCiphertext)
 	if err != nil {
 		t.Fatalf("decrypt legacy: %v", err)
 	}
 	if plaintext != "legacy-password" {
 		t.Fatalf("unexpected plaintext: %q", plaintext)
 	}
 	if !migrated {
 		t.Fatal("expected legacy ciphertext to require migration")
 	}
 	currentCiphertext, err := Encrypt("legacy-password")
 	if err != nil {
 		t.Fatalf("encrypt current: %v", err)
 	}
 	plaintext, migrated, err = DecryptWithMetadata(currentCiphertext)
 	if err != nil {
 		t.Fatalf("decrypt current: %v", err)
 	}
 	if migrated {
 		t.Fatal("did not expect current ciphertext to require migration")
 	}
 }
 func encryptWithKeyForTest(t *testing.T, key []byte, plaintext string) string {
 	t.Helper()
 	block, err := aes.NewCipher(key)
 	if err != nil {
 		t.Fatalf("new cipher: %v", err)
 	}
 	gcm, err := cipher.NewGCM(block)
 	if err != nil {
 		t.Fatalf("new gcm: %v", err)
 	}
 	nonce := make([]byte, gcm.NonceSize())
 	if _, err := io.ReadFull(rand.Reader, nonce); err != nil {
 		t.Fatalf("read nonce: %v", err)
 	}
 	ciphertext := gcm.Seal(nonce, nonce, []byte(plaintext), nil)
 	return base64.StdEncoding.EncodeToString(ciphertext)
 }
 func TestLegacyEncryptionKeyRemainsDeterministic(t *testing.T) {
 	hostname, _ := os.Hostname()
 	expected := sha256.Sum256([]byte(hostname + "quoteforge-salt-2024"))
 	actual := getLegacyEncryptionKey()
 	if string(actual) != string(expected[:]) {
 		t.Fatal("legacy key derivation changed")
 	}
 }
--- a/internal/localdb/local_migrations_test.go
+++ b/internal/localdb/local_migrations_test.go
@@ -5,7 +5,10 @@ import (
 	"testing"
 	"time"
 	"github.com/glebarez/sqlite"
 	"github.com/google/uuid"
 	"gorm.io/gorm"
 	"gorm.io/gorm/logger"
 )
 func TestRunLocalMigrationsBackfillsExistingConfigurations(t *testing.T) {
@@ -313,3 +316,280 @@ func TestRunLocalMigrationsBackfillsConfigurationLineNo(t *testing.T) {
 		t.Fatalf("expected line_no [10,20], got [%d,%d]", rows[0].Line, rows[1].Line)
 	}
 }
 func TestRunLocalMigrationsDeduplicatesCanonicalPartnumberCatalog(t *testing.T) {
 	dbPath := filepath.Join(t.TempDir(), "partnumber_catalog_dedup.db")
 	db, err := gorm.Open(sqlite.Open(dbPath), &gorm.Config{
 		Logger: logger.Default.LogMode(logger.Silent),
 	})
 	if err != nil {
 		t.Fatalf("open sqlite: %v", err)
 	}
 	firstLots := LocalPartnumberBookLots{
 		{LotName: "LOT-A", Qty: 1},
 	}
 	secondLots := LocalPartnumberBookLots{
 		{LotName: "LOT-B", Qty: 2},
 	}
 	if err := db.Exec(`
 		CREATE TABLE local_partnumber_book_items (
 			id INTEGER PRIMARY KEY AUTOINCREMENT,
 			partnumber TEXT NOT NULL,
 			lots_json TEXT NOT NULL,
 			description TEXT
 		)
 	`).Error; err != nil {
 		t.Fatalf("create dirty local_partnumber_book_items: %v", err)
 	}
 	if err := db.Create(&LocalPartnumberBookItem{
 		Partnumber:  "PN-001",
 		LotsJSON:    firstLots,
 		Description: "",
 	}).Error; err != nil {
 		t.Fatalf("insert first duplicate row: %v", err)
 	}
 	if err := db.Create(&LocalPartnumberBookItem{
 		Partnumber:  "PN-001",
 		LotsJSON:    secondLots,
 		Description: "Canonical description",
 	}).Error; err != nil {
 		t.Fatalf("insert second duplicate row: %v", err)
 	}
 	if err := migrateLocalPartnumberBookCatalog(db); err != nil {
 		t.Fatalf("migrate local partnumber catalog: %v", err)
 	}
 	var items []LocalPartnumberBookItem
 	if err := db.Order("partnumber ASC").Find(&items).Error; err != nil {
 		t.Fatalf("load migrated partnumber items: %v", err)
 	}
 	if len(items) != 1 {
 		t.Fatalf("expected 1 deduplicated item, got %d", len(items))
 	}
 	if items[0].Partnumber != "PN-001" {
 		t.Fatalf("unexpected partnumber: %s", items[0].Partnumber)
 	}
 	if items[0].Description != "Canonical description" {
 		t.Fatalf("expected merged description, got %q", items[0].Description)
 	}
 	if len(items[0].LotsJSON) != 2 {
 		t.Fatalf("expected merged lots from duplicates, got %d", len(items[0].LotsJSON))
 	}
 	var duplicateCount int64
 	if err := db.Model(&LocalPartnumberBookItem{}).
 		Where("partnumber = ?", "PN-001").
 		Count(&duplicateCount).Error; err != nil {
 		t.Fatalf("count deduplicated partnumber: %v", err)
 	}
 	if duplicateCount != 1 {
 		t.Fatalf("expected unique partnumber row after migration, got %d", duplicateCount)
 	}
 }
 func TestSanitizeLocalPartnumberBookCatalogRemovesRowsWithoutPartnumber(t *testing.T) {
 	dbPath := filepath.Join(t.TempDir(), "sanitize_partnumber_catalog.db")
 	db, err := gorm.Open(sqlite.Open(dbPath), &gorm.Config{
 		Logger: logger.Default.LogMode(logger.Silent),
 	})
 	if err != nil {
 		t.Fatalf("open sqlite: %v", err)
 	}
 	if err := db.Exec(`
 		CREATE TABLE local_partnumber_book_items (
 			id INTEGER PRIMARY KEY AUTOINCREMENT,
 			partnumber TEXT NULL,
 			lots_json TEXT NOT NULL,
 			description TEXT
 		)
 	`).Error; err != nil {
 		t.Fatalf("create local_partnumber_book_items: %v", err)
 	}
 	if err := db.Exec(`
 		INSERT INTO local_partnumber_book_items (partnumber, lots_json, description) VALUES
 		(NULL, '[]', 'null pn'),
 		('', '[]', 'empty pn'),
 		('PN-OK', '[]', 'valid pn')
 	`).Error; err != nil {
 		t.Fatalf("seed local_partnumber_book_items: %v", err)
 	}
 	if err := sanitizeLocalPartnumberBookCatalog(db); err != nil {
 		t.Fatalf("sanitize local partnumber catalog: %v", err)
 	}
 	var items []LocalPartnumberBookItem
 	if err := db.Order("id ASC").Find(&items).Error; err != nil {
 		t.Fatalf("load sanitized items: %v", err)
 	}
 	if len(items) != 1 {
 		t.Fatalf("expected 1 valid item after sanitize, got %d", len(items))
 	}
 	if items[0].Partnumber != "PN-OK" {
 		t.Fatalf("expected remaining partnumber PN-OK, got %q", items[0].Partnumber)
 	}
 }
 func TestNewMigratesLegacyPartnumberBookCatalogBeforeAutoMigrate(t *testing.T) {
 	dbPath := filepath.Join(t.TempDir(), "legacy_partnumber_catalog.db")
 	db, err := gorm.Open(sqlite.Open(dbPath), &gorm.Config{
 		Logger: logger.Default.LogMode(logger.Silent),
 	})
 	if err != nil {
 		t.Fatalf("open sqlite: %v", err)
 	}
 	if err := db.Exec(`
 		CREATE TABLE local_partnumber_book_items (
 			id INTEGER PRIMARY KEY AUTOINCREMENT,
 			partnumber TEXT NOT NULL UNIQUE,
 			lots_json TEXT NOT NULL,
 			is_primary_pn INTEGER NOT NULL DEFAULT 0,
 			description TEXT
 		)
 	`).Error; err != nil {
 		t.Fatalf("create legacy local_partnumber_book_items: %v", err)
 	}
 	if err := db.Exec(`
 		INSERT INTO local_partnumber_book_items (partnumber, lots_json, is_primary_pn, description)
 		VALUES ('PN-001', '[{"lot_name":"CPU_A","qty":1}]', 0, 'Legacy row')
 	`).Error; err != nil {
 		t.Fatalf("seed legacy local_partnumber_book_items: %v", err)
 	}
 	local, err := New(dbPath)
 	if err != nil {
 		t.Fatalf("open localdb with legacy catalog: %v", err)
 	}
 	t.Cleanup(func() { _ = local.Close() })
 	var columns []struct {
 		Name string `gorm:"column:name"`
 	}
 	if err := local.DB().Raw(`SELECT name FROM pragma_table_info('local_partnumber_book_items')`).Scan(&columns).Error; err != nil {
 		t.Fatalf("load local_partnumber_book_items columns: %v", err)
 	}
 	for _, column := range columns {
 		if column.Name == "is_primary_pn" {
 			t.Fatalf("expected legacy is_primary_pn column to be removed before automigrate")
 		}
 	}
 	var items []LocalPartnumberBookItem
 	if err := local.DB().Find(&items).Error; err != nil {
 		t.Fatalf("load migrated local_partnumber_book_items: %v", err)
 	}
 	if len(items) != 1 || items[0].Partnumber != "PN-001" {
 		t.Fatalf("unexpected migrated rows: %#v", items)
 	}
 }
 func TestNewRecoversBrokenPartnumberBookCatalogCache(t *testing.T) {
 	dbPath := filepath.Join(t.TempDir(), "broken_partnumber_catalog.db")
 	db, err := gorm.Open(sqlite.Open(dbPath), &gorm.Config{
 		Logger: logger.Default.LogMode(logger.Silent),
 	})
 	if err != nil {
 		t.Fatalf("open sqlite: %v", err)
 	}
 	if err := db.Exec(`
 		CREATE TABLE local_partnumber_book_items (
 			id INTEGER PRIMARY KEY AUTOINCREMENT,
 			partnumber TEXT NOT NULL UNIQUE,
 			lots_json TEXT NOT NULL,
 			description TEXT
 		)
 	`).Error; err != nil {
 		t.Fatalf("create broken local_partnumber_book_items: %v", err)
 	}
 	if err := db.Exec(`
 		INSERT INTO local_partnumber_book_items (partnumber, lots_json, description)
 		VALUES ('PN-001', '{not-json}', 'Broken cache row')
 	`).Error; err != nil {
 		t.Fatalf("seed broken local_partnumber_book_items: %v", err)
 	}
 	local, err := New(dbPath)
 	if err != nil {
 		t.Fatalf("open localdb with broken catalog cache: %v", err)
 	}
 	t.Cleanup(func() { _ = local.Close() })
 	var count int64
 	if err := local.DB().Model(&LocalPartnumberBookItem{}).Count(&count).Error; err != nil {
 		t.Fatalf("count recovered local_partnumber_book_items: %v", err)
 	}
 	if count != 0 {
 		t.Fatalf("expected empty recovered local_partnumber_book_items, got %d rows", count)
 	}
 	var quarantineTables []struct {
 		Name string `gorm:"column:name"`
 	}
 	if err := local.DB().Raw(`
 		SELECT name
 		FROM sqlite_master
 		WHERE type = 'table' AND name LIKE 'local_partnumber_book_items_broken_%'
 	`).Scan(&quarantineTables).Error; err != nil {
 		t.Fatalf("load quarantine tables: %v", err)
 	}
 	if len(quarantineTables) != 1 {
 		t.Fatalf("expected one quarantined broken catalog table, got %d", len(quarantineTables))
 	}
 }
 func TestCleanupStaleReadOnlyCacheTempTablesDropsShadowTempWhenBaseExists(t *testing.T) {
 	dbPath := filepath.Join(t.TempDir(), "stale_cache_temp.db")
 	db, err := gorm.Open(sqlite.Open(dbPath), &gorm.Config{
 		Logger: logger.Default.LogMode(logger.Silent),
 	})
 	if err != nil {
 		t.Fatalf("open sqlite: %v", err)
 	}
 	if err := db.Exec(`
 		CREATE TABLE local_pricelist_items (
 			id INTEGER PRIMARY KEY AUTOINCREMENT,
 			pricelist_id INTEGER NOT NULL,
 			partnumber TEXT,
 			brand TEXT NOT NULL DEFAULT '',
 			lot_name TEXT NOT NULL,
 			description TEXT,
 			price REAL NOT NULL DEFAULT 0,
 			quantity INTEGER NOT NULL DEFAULT 0,
 			reserve INTEGER NOT NULL DEFAULT 0,
 			available_qty REAL,
 			partnumbers TEXT,
 			lot_category TEXT,
 			created_at DATETIME,
 			updated_at DATETIME
 		)
 	`).Error; err != nil {
 		t.Fatalf("create local_pricelist_items: %v", err)
 	}
 	if err := db.Exec(`
 		CREATE TABLE local_pricelist_items__temp (
 			id INTEGER PRIMARY KEY AUTOINCREMENT,
 			legacy TEXT
 		)
 	`).Error; err != nil {
 		t.Fatalf("create local_pricelist_items__temp: %v", err)
 	}
 	if err := cleanupStaleReadOnlyCacheTempTables(db); err != nil {
 		t.Fatalf("cleanup stale read-only cache temp tables: %v", err)
 	}
 	if db.Migrator().HasTable("local_pricelist_items__temp") {
 		t.Fatalf("expected stale temp table to be dropped")
 	}
 	if !db.Migrator().HasTable("local_pricelist_items") {
 		t.Fatalf("expected base local_pricelist_items table to remain")
 	}
 }
--- a/internal/localdb/localdb.go
+++ b/internal/localdb/localdb.go
@@ -1,6 +1,7 @@
 package localdb
 import (
 	"encoding/json"
 	"errors"
 	"fmt"
 	"log/slog"
@@ -42,6 +43,14 @@ type LocalDB struct {
 	path string
 }
 var localReadOnlyCacheTables = []string{
 	"local_pricelist_items",
 	"local_pricelists",
 	"local_components",
 	"local_partnumber_book_items",
 	"local_partnumber_books",
 }
 // ResetData clears local data tables while keeping connection settings.
 // It does not drop schema or connection_settings.
 func ResetData(dbPath string) error {
@@ -70,7 +79,6 @@ func ResetData(dbPath string) error {
 		"local_pricelists",
 		"local_pricelist_items",
 		"local_components",
 		"local_remote_migrations_applied",
 		"local_sync_guard_state",
 		"pending_changes",
 		"app_settings",
@@ -111,6 +119,12 @@ func New(dbPath string) (*LocalDB, error) {
 	if err := ensureLocalProjectsTable(db); err != nil {
 		return nil, fmt.Errorf("ensure local_projects table: %w", err)
 	}
 	if err := prepareLocalPartnumberBookCatalog(db); err != nil {
 		return nil, fmt.Errorf("prepare local partnumber book catalog: %w", err)
 	}
 	if err := cleanupStaleReadOnlyCacheTempTables(db); err != nil {
 		return nil, fmt.Errorf("cleanup stale read-only cache temp tables: %w", err)
 	}
 	// Preflight: ensure local_projects has non-null UUIDs before AutoMigrate rebuilds tables.
 	if db.Migrator().HasTable(&LocalProject{}) {
@@ -131,24 +145,28 @@ func New(dbPath string) (*LocalDB, error) {
 	}
 	// Auto-migrate all local tables
-	if err := db.AutoMigrate(
+	if err := autoMigrateLocalSchema(db); err != nil {
-		&ConnectionSettings{},
+		if recovered, recoveryErr := recoverFromReadOnlyCacheInitFailure(db, err); recoveryErr != nil {
-		&LocalConfiguration{},
+			return nil, fmt.Errorf("migrating sqlite database: %w (recovery failed: %v)", err, recoveryErr)
-		&LocalConfigurationVersion{},
+		} else if !recovered {
-		&LocalPricelist{},
+			return nil, fmt.Errorf("migrating sqlite database: %w", err)
-		&LocalPricelistItem{},
+		}
-		&LocalComponent{},
+		if err := autoMigrateLocalSchema(db); err != nil {
-		&AppSetting{},
+			return nil, fmt.Errorf("migrating sqlite database after cache recovery: %w", err)
-		&LocalRemoteMigrationApplied{},
+		}
-		&LocalSyncGuardState{},
+	}
-		&PendingChange{},
+	if err := ensureLocalPartnumberBookItemTable(db); err != nil {
-		&LocalPartnumberBook{},
+		return nil, fmt.Errorf("ensure local partnumber book item table: %w", err)
 		&LocalPartnumberBookItem{},
 	); err != nil {
 		return nil, fmt.Errorf("migrating sqlite database: %w", err)
 	}
 	if err := runLocalMigrations(db); err != nil {
-		return nil, fmt.Errorf("running local sqlite migrations: %w", err)
+		if recovered, recoveryErr := recoverFromReadOnlyCacheInitFailure(db, err); recoveryErr != nil {
 			return nil, fmt.Errorf("running local sqlite migrations: %w (recovery failed: %v)", err, recoveryErr)
 		} else if !recovered {
 			return nil, fmt.Errorf("running local sqlite migrations: %w", err)
 		}
 		if err := runLocalMigrations(db); err != nil {
 			return nil, fmt.Errorf("running local sqlite migrations after cache recovery: %w", err)
 		}
 	}
 	slog.Info("local SQLite database initialized", "path", dbPath)
@@ -191,6 +209,282 @@ CREATE TABLE local_projects (
 	return nil
 }
 func autoMigrateLocalSchema(db *gorm.DB) error {
 	return db.AutoMigrate(
 		&ConnectionSettings{},
 		&LocalConfiguration{},
 		&LocalConfigurationVersion{},
 		&LocalPricelist{},
 		&LocalPricelistItem{},
 		&LocalComponent{},
 		&AppSetting{},
 		&LocalSyncGuardState{},
 		&PendingChange{},
 		&LocalPartnumberBook{},
 	)
 }
 func sanitizeLocalPartnumberBookCatalog(db *gorm.DB) error {
 	if !db.Migrator().HasTable(&LocalPartnumberBookItem{}) {
 		return nil
 	}
 	// Old local databases may contain partially migrated catalog rows with NULL/empty
 	// partnumber values. SQLite table rebuild during AutoMigrate fails on such rows once
 	// the schema enforces NOT NULL, so remove them before AutoMigrate touches the table.
 	if err := db.Exec(`
 		DELETE FROM local_partnumber_book_items
 		WHERE partnumber IS NULL OR TRIM(partnumber) = ''
 	`).Error; err != nil {
 		return err
 	}
 	return nil
 }
 func prepareLocalPartnumberBookCatalog(db *gorm.DB) error {
 	if err := cleanupStaleLocalPartnumberBookCatalogTempTable(db); err != nil {
 		if recoveryErr := recoverLocalPartnumberBookCatalog(db, fmt.Errorf("cleanup stale temp table: %w", err)); recoveryErr != nil {
 			return recoveryErr
 		}
 		return nil
 	}
 	if err := sanitizeLocalPartnumberBookCatalog(db); err != nil {
 		if recoveryErr := recoverLocalPartnumberBookCatalog(db, fmt.Errorf("sanitize catalog: %w", err)); recoveryErr != nil {
 			return recoveryErr
 		}
 		return nil
 	}
 	if err := migrateLegacyPartnumberBookCatalogBeforeAutoMigrate(db); err != nil {
 		if recoveryErr := recoverLocalPartnumberBookCatalog(db, fmt.Errorf("migrate legacy catalog: %w", err)); recoveryErr != nil {
 			return recoveryErr
 		}
 		return nil
 	}
 	if err := ensureLocalPartnumberBookItemTable(db); err != nil {
 		if recoveryErr := recoverLocalPartnumberBookCatalog(db, fmt.Errorf("ensure canonical catalog table: %w", err)); recoveryErr != nil {
 			return recoveryErr
 		}
 		return nil
 	}
 	if err := validateLocalPartnumberBookCatalog(db); err != nil {
 		if recoveryErr := recoverLocalPartnumberBookCatalog(db, fmt.Errorf("validate canonical catalog: %w", err)); recoveryErr != nil {
 			return recoveryErr
 		}
 	}
 	return nil
 }
 func cleanupStaleReadOnlyCacheTempTables(db *gorm.DB) error {
 	for _, tableName := range localReadOnlyCacheTables {
 		tempName := tableName + "__temp"
 		if !db.Migrator().HasTable(tempName) {
 			continue
 		}
 		if db.Migrator().HasTable(tableName) {
 			if err := db.Exec(`DROP TABLE ` + tempName).Error; err != nil {
 				return err
 			}
 			continue
 		}
 		if err := quarantineSQLiteTable(db, tempName, localReadOnlyCacheQuarantineTableName(tableName, "temp")); err != nil {
 			return err
 		}
 	}
 	return nil
 }
 func cleanupStaleLocalPartnumberBookCatalogTempTable(db *gorm.DB) error {
 	if !db.Migrator().HasTable("local_partnumber_book_items__temp") {
 		return nil
 	}
 	if db.Migrator().HasTable(&LocalPartnumberBookItem{}) {
 		return db.Exec(`DROP TABLE local_partnumber_book_items__temp`).Error
 	}
 	return quarantineSQLiteTable(db, "local_partnumber_book_items__temp", localPartnumberBookCatalogQuarantineTableName("temp"))
 }
 func migrateLegacyPartnumberBookCatalogBeforeAutoMigrate(db *gorm.DB) error {
 	if !db.Migrator().HasTable(&LocalPartnumberBookItem{}) {
 		return nil
 	}
 	// Legacy databases may still have the pre-catalog shape (`book_id`/`lot_name`) or the
 	// intermediate canonical shape with obsolete columns like `is_primary_pn`. Let the
 	// explicit rebuild logic normalize this table before GORM AutoMigrate attempts a
 	// table-copy migration on its own.
 	return migrateLocalPartnumberBookCatalog(db)
 }
 func ensureLocalPartnumberBookItemTable(db *gorm.DB) error {
 	if db.Migrator().HasTable(&LocalPartnumberBookItem{}) {
 		return nil
 	}
 	if err := db.Exec(`
 		CREATE TABLE local_partnumber_book_items (
 			id INTEGER PRIMARY KEY AUTOINCREMENT,
 			partnumber TEXT NOT NULL UNIQUE,
 			lots_json TEXT NOT NULL,
 			description TEXT
 		)
 	`).Error; err != nil {
 		return err
 	}
 	return db.Exec(`CREATE UNIQUE INDEX IF NOT EXISTS idx_local_partnumber_book_items_partnumber ON local_partnumber_book_items(partnumber)`).Error
 }
 func validateLocalPartnumberBookCatalog(db *gorm.DB) error {
 	if !db.Migrator().HasTable(&LocalPartnumberBookItem{}) {
 		return nil
 	}
 	type rawCatalogRow struct {
 		Partnumber  string `gorm:"column:partnumber"`
 		LotsJSON    string `gorm:"column:lots_json"`
 		Description string `gorm:"column:description"`
 	}
 	var rows []rawCatalogRow
 	if err := db.Raw(`
 		SELECT partnumber, lots_json, COALESCE(description, '') AS description
 		FROM local_partnumber_book_items
 		ORDER BY id ASC
 	`).Scan(&rows).Error; err != nil {
 		return fmt.Errorf("load canonical catalog rows: %w", err)
 	}
 	seen := make(map[string]struct{}, len(rows))
 	for _, row := range rows {
 		partnumber := strings.TrimSpace(row.Partnumber)
 		if partnumber == "" {
 			return errors.New("catalog contains empty partnumber")
 		}
 		if _, exists := seen[partnumber]; exists {
 			return fmt.Errorf("catalog contains duplicate partnumber %q", partnumber)
 		}
 		seen[partnumber] = struct{}{}
 		if strings.TrimSpace(row.LotsJSON) == "" {
 			return fmt.Errorf("catalog row %q has empty lots_json", partnumber)
 		}
 		var lots LocalPartnumberBookLots
 		if err := json.Unmarshal([]byte(row.LotsJSON), &lots); err != nil {
 			return fmt.Errorf("catalog row %q has invalid lots_json: %w", partnumber, err)
 		}
 	}
 	return nil
 }
 func recoverLocalPartnumberBookCatalog(db *gorm.DB, cause error) error {
 	slog.Warn("recovering broken local partnumber book catalog", "error", cause.Error())
 	if err := ensureLocalPartnumberBooksCatalogColumn(db); err != nil {
 		return fmt.Errorf("ensure local_partnumber_books.partnumbers_json during recovery: %w", err)
 	}
 	if db.Migrator().HasTable("local_partnumber_book_items__temp") {
 		if err := quarantineSQLiteTable(db, "local_partnumber_book_items__temp", localPartnumberBookCatalogQuarantineTableName("temp")); err != nil {
 			return fmt.Errorf("quarantine local_partnumber_book_items__temp: %w", err)
 		}
 	}
 	if db.Migrator().HasTable(&LocalPartnumberBookItem{}) {
 		if err := quarantineSQLiteTable(db, "local_partnumber_book_items", localPartnumberBookCatalogQuarantineTableName("broken")); err != nil {
 			return fmt.Errorf("quarantine local_partnumber_book_items: %w", err)
 		}
 	}
 	if err := ensureLocalPartnumberBookItemTable(db); err != nil {
 		return fmt.Errorf("recreate local_partnumber_book_items after recovery: %w", err)
 	}
 	slog.Warn("local partnumber book catalog reset to empty cache; next sync will rebuild it")
 	return nil
 }
 func recoverFromReadOnlyCacheInitFailure(db *gorm.DB, cause error) (bool, error) {
 	lowerCause := strings.ToLower(cause.Error())
 	recoveredAny := false
 	for _, tableName := range affectedReadOnlyCacheTables(lowerCause) {
 		if err := resetReadOnlyCacheTable(db, tableName); err != nil {
 			return recoveredAny, err
 		}
 		recoveredAny = true
 	}
 	if strings.Contains(lowerCause, "local_partnumber_book_items") || strings.Contains(lowerCause, "local_partnumber_books") {
 		if err := recoverLocalPartnumberBookCatalog(db, cause); err != nil {
 			return recoveredAny, err
 		}
 		recoveredAny = true
 	}
 	if recoveredAny {
 		slog.Warn("recovered read-only local cache tables after startup failure", "error", cause.Error())
 	}
 	return recoveredAny, nil
 }
 func affectedReadOnlyCacheTables(lowerCause string) []string {
 	affected := make([]string, 0, len(localReadOnlyCacheTables))
 	for _, tableName := range localReadOnlyCacheTables {
 		if tableName == "local_partnumber_book_items" || tableName == "local_partnumber_books" {
 			continue
 		}
 		if strings.Contains(lowerCause, tableName) {
 			affected = append(affected, tableName)
 		}
 	}
 	return affected
 }
 func resetReadOnlyCacheTable(db *gorm.DB, tableName string) error {
 	slog.Warn("resetting read-only local cache table", "table", tableName)
 	tempName := tableName + "__temp"
 	if db.Migrator().HasTable(tempName) {
 		if err := quarantineSQLiteTable(db, tempName, localReadOnlyCacheQuarantineTableName(tableName, "temp")); err != nil {
 			return fmt.Errorf("quarantine temp table %s: %w", tempName, err)
 		}
 	}
 	if db.Migrator().HasTable(tableName) {
 		if err := quarantineSQLiteTable(db, tableName, localReadOnlyCacheQuarantineTableName(tableName, "broken")); err != nil {
 			return fmt.Errorf("quarantine table %s: %w", tableName, err)
 		}
 	}
 	return nil
 }
 func ensureLocalPartnumberBooksCatalogColumn(db *gorm.DB) error {
 	if !db.Migrator().HasTable(&LocalPartnumberBook{}) {
 		return nil
 	}
 	if db.Migrator().HasColumn(&LocalPartnumberBook{}, "partnumbers_json") {
 		return nil
 	}
 	return db.Exec(`ALTER TABLE local_partnumber_books ADD COLUMN partnumbers_json TEXT NOT NULL DEFAULT '[]'`).Error
 }
 func quarantineSQLiteTable(db *gorm.DB, tableName string, quarantineName string) error {
 	if !db.Migrator().HasTable(tableName) {
 		return nil
 	}
 	if tableName == quarantineName {
 		return nil
 	}
 	if db.Migrator().HasTable(quarantineName) {
 		if err := db.Exec(`DROP TABLE ` + quarantineName).Error; err != nil {
 			return err
 		}
 	}
 	return db.Exec(`ALTER TABLE ` + tableName + ` RENAME TO ` + quarantineName).Error
 }
 func localPartnumberBookCatalogQuarantineTableName(kind string) string {
 	return "local_partnumber_book_items_" + kind + "_" + time.Now().UTC().Format("20060102150405")
 }
 func localReadOnlyCacheQuarantineTableName(tableName string, kind string) string {
 	return tableName + "_" + kind + "_" + time.Now().UTC().Format("20060102150405")
 }
 // HasSettings returns true if connection settings exist
 func (l *LocalDB) HasSettings() bool {
 	var count int64
@@ -206,10 +500,23 @@ func (l *LocalDB) GetSettings() (*ConnectionSettings, error) {
 	}
 	// Decrypt password
-	password, err := Decrypt(settings.PasswordEncrypted)
+	password, migrated, err := DecryptWithMetadata(settings.PasswordEncrypted)
 	if err != nil {
 		return nil, fmt.Errorf("decrypting password: %w", err)
 	}
 	if migrated {
 		encrypted, encryptErr := Encrypt(password)
 		if encryptErr != nil {
 			return nil, fmt.Errorf("re-encrypting legacy password: %w", encryptErr)
 		}
 		if err := l.db.Model(&ConnectionSettings{}).
 			Where("id = ?", settings.ID).
 			Update("password_encrypted", encrypted).Error; err != nil {
 			return nil, fmt.Errorf("upgrading legacy password encryption: %w", err)
 		}
 	}
 	settings.PasswordEncrypted = password // Return decrypted password in this field
 	return &settings, nil
@@ -1235,42 +1542,6 @@ func (l *LocalDB) repairConfigurationChange(change *PendingChange) error {
 	return nil
 }
 // GetRemoteMigrationApplied returns a locally applied remote migration by ID.
 func (l *LocalDB) GetRemoteMigrationApplied(id string) (*LocalRemoteMigrationApplied, error) {
 	var migration LocalRemoteMigrationApplied
 	if err := l.db.Where("id = ?", id).First(&migration).Error; err != nil {
 		return nil, err
 	}
 	return &migration, nil
 }
 // UpsertRemoteMigrationApplied writes applied migration metadata.
 func (l *LocalDB) UpsertRemoteMigrationApplied(id, checksum, appVersion string, appliedAt time.Time) error {
 	record := &LocalRemoteMigrationApplied{
 		ID:         id,
 		Checksum:   checksum,
 		AppVersion: appVersion,
 		AppliedAt:  appliedAt,
 	}
 	return l.db.Clauses(clause.OnConflict{
 		Columns: []clause.Column{{Name: "id"}},
 		DoUpdates: clause.Assignments(map[string]interface{}{
 			"checksum":    checksum,
 			"app_version": appVersion,
 			"applied_at":  appliedAt,
 		}),
 	}).Create(record).Error
 }
 // GetLatestAppliedRemoteMigrationID returns last applied remote migration id.
 func (l *LocalDB) GetLatestAppliedRemoteMigrationID() (string, error) {
 	var record LocalRemoteMigrationApplied
 	if err := l.db.Order("applied_at DESC").First(&record).Error; err != nil {
 		return "", err
 	}
 	return record.ID, nil
 }
 // GetSyncGuardState returns the latest readiness guard state.
 func (l *LocalDB) GetSyncGuardState() (*LocalSyncGuardState, error) {
 	var state LocalSyncGuardState
--- a/internal/localdb/migrations.go
+++ b/internal/localdb/migrations.go
@@ -4,6 +4,7 @@ import (
 	"errors"
 	"fmt"
 	"log/slog"
 	"sort"
 	"strings"
 	"time"
@@ -113,6 +114,19 @@ var localMigrations = []localMigration{
 		name: "Add line_no to local_configurations and backfill ordering",
 		run:  addLocalConfigurationLineNo,
 	},
 	{
 		id:   "2026_03_07_local_partnumber_book_catalog",
 		name: "Convert local partnumber book cache to book membership + deduplicated PN catalog",
 		run:  migrateLocalPartnumberBookCatalog,
 	},
 }
 type localPartnumberCatalogRow struct {
 	Partnumber  string
 	LotsJSON    LocalPartnumberBookLots
 	Description string
 	CreatedAt   time.Time
 	ServerID    int
 }
 func runLocalMigrations(db *gorm.DB) error {
@@ -865,3 +879,216 @@ WHERE id IN (SELECT id FROM ranked)
 	return nil
 }
 func migrateLocalPartnumberBookCatalog(tx *gorm.DB) error {
 	type columnInfo struct {
 		Name string `gorm:"column:name"`
 	}
 	hasBooksTable := tx.Migrator().HasTable(&LocalPartnumberBook{})
 	hasItemsTable := tx.Migrator().HasTable(&LocalPartnumberBookItem{})
 	if !hasItemsTable {
 		return nil
 	}
 	if hasBooksTable {
 		var bookCols []columnInfo
 		if err := tx.Raw(`SELECT name FROM pragma_table_info('local_partnumber_books')`).Scan(&bookCols).Error; err != nil {
 			return fmt.Errorf("load local_partnumber_books columns: %w", err)
 		}
 		hasPartnumbersJSON := false
 		for _, c := range bookCols {
 			if c.Name == "partnumbers_json" {
 				hasPartnumbersJSON = true
 				break
 			}
 		}
 		if !hasPartnumbersJSON {
 			if err := tx.Exec(`ALTER TABLE local_partnumber_books ADD COLUMN partnumbers_json TEXT NOT NULL DEFAULT '[]'`).Error; err != nil {
 				return fmt.Errorf("add local_partnumber_books.partnumbers_json: %w", err)
 			}
 		}
 	}
 	var itemCols []columnInfo
 	if err := tx.Raw(`SELECT name FROM pragma_table_info('local_partnumber_book_items')`).Scan(&itemCols).Error; err != nil {
 		return fmt.Errorf("load local_partnumber_book_items columns: %w", err)
 	}
 	hasBookID := false
 	hasLotName := false
 	hasLotsJSON := false
 	for _, c := range itemCols {
 		if c.Name == "book_id" {
 			hasBookID = true
 		}
 		if c.Name == "lot_name" {
 			hasLotName = true
 		}
 		if c.Name == "lots_json" {
 			hasLotsJSON = true
 		}
 	}
 	if !hasBookID && !hasLotName && !hasLotsJSON {
 		return nil
 	}
 	type legacyRow struct {
 		BookID      uint
 		Partnumber  string
 		LotName     string
 		Description string
 		CreatedAt   time.Time
 		ServerID    int
 	}
 	bookPNs := make(map[uint]map[string]struct{})
 	catalog := make(map[string]*localPartnumberCatalogRow)
 	if hasBookID || hasLotName {
 		var rows []legacyRow
 		if err := tx.Raw(`
 			SELECT
 				i.book_id,
 				i.partnumber,
 				i.lot_name,
 				COALESCE(i.description, '') AS description,
 				b.created_at,
 				b.server_id
 			FROM local_partnumber_book_items i
 			INNER JOIN local_partnumber_books b ON b.id = i.book_id
 			ORDER BY b.created_at DESC, b.id DESC, i.partnumber ASC, i.id ASC
 		`).Scan(&rows).Error; err != nil {
 			return fmt.Errorf("load legacy local partnumber book items: %w", err)
 		}
 		for _, row := range rows {
 			if _, ok := bookPNs[row.BookID]; !ok {
 				bookPNs[row.BookID] = make(map[string]struct{})
 			}
 			bookPNs[row.BookID][row.Partnumber] = struct{}{}
 			entry, ok := catalog[row.Partnumber]
 			if !ok {
 				entry = &localPartnumberCatalogRow{
 					Partnumber:  row.Partnumber,
 					Description: row.Description,
 					CreatedAt:   row.CreatedAt,
 					ServerID:    row.ServerID,
 				}
 				catalog[row.Partnumber] = entry
 			}
 			if row.CreatedAt.After(entry.CreatedAt) || (row.CreatedAt.Equal(entry.CreatedAt) && row.ServerID >= entry.ServerID) {
 				entry.Description = row.Description
 				entry.CreatedAt = row.CreatedAt
 				entry.ServerID = row.ServerID
 			}
 			found := false
 			for i := range entry.LotsJSON {
 				if entry.LotsJSON[i].LotName == row.LotName {
 					entry.LotsJSON[i].Qty += 1
 					found = true
 					break
 				}
 			}
 			if !found && row.LotName != "" {
 				entry.LotsJSON = append(entry.LotsJSON, LocalPartnumberBookLot{LotName: row.LotName, Qty: 1})
 			}
 		}
 		var books []LocalPartnumberBook
 		if err := tx.Find(&books).Error; err != nil {
 			return fmt.Errorf("load local partnumber books: %w", err)
 		}
 		for _, book := range books {
 			pnSet := bookPNs[book.ID]
 			partnumbers := make([]string, 0, len(pnSet))
 			for pn := range pnSet {
 				partnumbers = append(partnumbers, pn)
 			}
 			sort.Strings(partnumbers)
 			if err := tx.Model(&LocalPartnumberBook{}).
 				Where("id = ?", book.ID).
 				Update("partnumbers_json", LocalStringList(partnumbers)).Error; err != nil {
 				return fmt.Errorf("update partnumbers_json for local book %d: %w", book.ID, err)
 			}
 		}
 	} else {
 		var items []LocalPartnumberBookItem
 		if err := tx.Order("id DESC").Find(&items).Error; err != nil {
 			return fmt.Errorf("load canonical local partnumber book items: %w", err)
 		}
 		for _, item := range items {
 			entry, ok := catalog[item.Partnumber]
 			if !ok {
 				copiedLots := append(LocalPartnumberBookLots(nil), item.LotsJSON...)
 				catalog[item.Partnumber] = &localPartnumberCatalogRow{
 					Partnumber:  item.Partnumber,
 					LotsJSON:    copiedLots,
 					Description: item.Description,
 				}
 				continue
 			}
 			if entry.Description == "" && item.Description != "" {
 				entry.Description = item.Description
 			}
 			for _, lot := range item.LotsJSON {
 				merged := false
 				for i := range entry.LotsJSON {
 					if entry.LotsJSON[i].LotName == lot.LotName {
 						if lot.Qty > entry.LotsJSON[i].Qty {
 							entry.LotsJSON[i].Qty = lot.Qty
 						}
 						merged = true
 						break
 					}
 				}
 				if !merged {
 					entry.LotsJSON = append(entry.LotsJSON, lot)
 				}
 			}
 		}
 	}
 	return rebuildLocalPartnumberBookCatalog(tx, catalog)
 }
 func rebuildLocalPartnumberBookCatalog(tx *gorm.DB, catalog map[string]*localPartnumberCatalogRow) error {
 	if err := tx.Exec(`
 		CREATE TABLE local_partnumber_book_items_new (
 			id INTEGER PRIMARY KEY AUTOINCREMENT,
 			partnumber TEXT NOT NULL UNIQUE,
 			lots_json TEXT NOT NULL,
 			description TEXT
 		)
 	`).Error; err != nil {
 		return fmt.Errorf("create new local_partnumber_book_items table: %w", err)
 	}
 	orderedPartnumbers := make([]string, 0, len(catalog))
 	for pn := range catalog {
 		orderedPartnumbers = append(orderedPartnumbers, pn)
 	}
 	sort.Strings(orderedPartnumbers)
 	for _, pn := range orderedPartnumbers {
 		row := catalog[pn]
 		sort.Slice(row.LotsJSON, func(i, j int) bool {
 			return row.LotsJSON[i].LotName < row.LotsJSON[j].LotName
 		})
 		if err := tx.Table("local_partnumber_book_items_new").Create(&LocalPartnumberBookItem{
 			Partnumber:  row.Partnumber,
 			LotsJSON:    row.LotsJSON,
 			Description: row.Description,
 		}).Error; err != nil {
 			return fmt.Errorf("insert new local_partnumber_book_items row for %s: %w", pn, err)
 		}
 	}
 	if err := tx.Exec(`DROP TABLE local_partnumber_book_items`).Error; err != nil {
 		return fmt.Errorf("drop legacy local_partnumber_book_items: %w", err)
 	}
 	if err := tx.Exec(`ALTER TABLE local_partnumber_book_items_new RENAME TO local_partnumber_book_items`).Error; err != nil {
 		return fmt.Errorf("rename new local_partnumber_book_items table: %w", err)
 	}
 	if err := tx.Exec(`CREATE UNIQUE INDEX IF NOT EXISTS idx_local_partnumber_book_items_partnumber ON local_partnumber_book_items(partnumber)`).Error; err != nil {
 		return fmt.Errorf("create local_partnumber_book_items partnumber index: %w", err)
 	}
 	return nil
 }
--- a/internal/localdb/models.go
+++ b/internal/localdb/models.go
@@ -203,18 +203,6 @@ func (LocalComponent) TableName() string {
 	return "local_components"
 }
 // LocalRemoteMigrationApplied tracks remote SQLite migrations received from server and applied locally.
 type LocalRemoteMigrationApplied struct {
 	ID         string    `gorm:"primaryKey;size:128" json:"id"`
 	Checksum   string    `gorm:"size:128;not null" json:"checksum"`
 	AppVersion string    `gorm:"size:64" json:"app_version,omitempty"`
 	AppliedAt  time.Time `gorm:"not null" json:"applied_at"`
 }
 func (LocalRemoteMigrationApplied) TableName() string {
 	return "local_remote_migrations_applied"
 }
 // LocalSyncGuardState stores latest sync readiness decision for UI and preflight checks.
 type LocalSyncGuardState struct {
 	ID                    uint       `gorm:"primaryKey;autoIncrement" json:"id"`
@@ -248,25 +236,52 @@ func (PendingChange) TableName() string {
 // LocalPartnumberBook stores a version snapshot of the PN→LOT mapping book (pull-only from PriceForge)
 type LocalPartnumberBook struct {
-	ID        uint      `gorm:"primaryKey;autoIncrement" json:"id"`
+	ID              uint            `gorm:"primaryKey;autoIncrement" json:"id"`
-	ServerID  int       `gorm:"uniqueIndex;not null" json:"server_id"`
+	ServerID        int             `gorm:"uniqueIndex;not null" json:"server_id"`
-	Version   string    `gorm:"not null" json:"version"`
+	Version         string          `gorm:"not null" json:"version"`
-	CreatedAt time.Time `gorm:"not null" json:"created_at"`
+	CreatedAt       time.Time       `gorm:"not null" json:"created_at"`
-	IsActive  bool      `gorm:"not null;default:true" json:"is_active"`
+	IsActive        bool            `gorm:"not null;default:true" json:"is_active"`
 	PartnumbersJSON LocalStringList `gorm:"column:partnumbers_json;type:text" json:"partnumbers_json"`
 }
 func (LocalPartnumberBook) TableName() string {
 	return "local_partnumber_books"
 }
-// LocalPartnumberBookItem stores a single PN→LOT mapping within a book snapshot
+type LocalPartnumberBookLot struct {
 	LotName string  `json:"lot_name"`
 	Qty     float64 `json:"qty"`
 }
 type LocalPartnumberBookLots []LocalPartnumberBookLot
 func (l LocalPartnumberBookLots) Value() (driver.Value, error) {
 	return json.Marshal(l)
 }
 func (l *LocalPartnumberBookLots) Scan(value interface{}) error {
 	if value == nil {
 		*l = make(LocalPartnumberBookLots, 0)
 		return nil
 	}
 	var bytes []byte
 	switch v := value.(type) {
 	case []byte:
 		bytes = v
 	case string:
 		bytes = []byte(v)
 	default:
 		return errors.New("type assertion failed for LocalPartnumberBookLots")
 	}
 	return json.Unmarshal(bytes, l)
 }
 // LocalPartnumberBookItem stores the canonical PN composition pulled from PriceForge.
 type LocalPartnumberBookItem struct {
-	ID          uint   `gorm:"primaryKey;autoIncrement" json:"id"`
+	ID          uint                    `gorm:"primaryKey;autoIncrement" json:"id"`
-	BookID      uint   `gorm:"not null;index:idx_local_book_pn,priority:1" json:"book_id"`
+	Partnumber  string                  `gorm:"not null" json:"partnumber"`
-	Partnumber  string `gorm:"not null;index:idx_local_book_pn,priority:2" json:"partnumber"`
+	LotsJSON    LocalPartnumberBookLots `gorm:"column:lots_json;type:text" json:"lots_json"`
-	LotName     string `gorm:"not null" json:"lot_name"`
+	Description string                  `json:"description,omitempty"`
 	IsPrimaryPN bool   `gorm:"not null;default:false" json:"is_primary_pn"`
 	Description string `json:"description,omitempty"`
 }
 func (LocalPartnumberBookItem) TableName() string {
--- a/internal/lotmatch/resolver.go
+++ b/internal/lotmatch/resolver.go
@@ -1,238 +0,0 @@
 package lotmatch
 import (
 	"errors"
 	"regexp"
 	"sort"
 	"strings"
 	"git.mchus.pro/mchus/quoteforge/internal/models"
 	"gorm.io/gorm"
 )
 var (
 	ErrResolveConflict = errors.New("multiple lot matches")
 	ErrResolveNotFound = errors.New("lot not found")
 )
 type LotResolver struct {
 	partnumberToLots map[string][]string
 	exactLots        map[string]string
 	allLots          []string
 }
 type MappingMatcher struct {
 	exact    map[string][]string
 	exactLot map[string]string
 	wildcard []wildcardMapping
 }
 type wildcardMapping struct {
 	lotName string
 	re      *regexp.Regexp
 }
 func NewLotResolverFromDB(db *gorm.DB) (*LotResolver, error) {
 	mappings, lots, err := loadMappingsAndLots(db)
 	if err != nil {
 		return nil, err
 	}
 	return NewLotResolver(mappings, lots), nil
 }
 func NewMappingMatcherFromDB(db *gorm.DB) (*MappingMatcher, error) {
 	mappings, lots, err := loadMappingsAndLots(db)
 	if err != nil {
 		return nil, err
 	}
 	return NewMappingMatcher(mappings, lots), nil
 }
 func NewLotResolver(mappings []models.LotPartnumber, lots []models.Lot) *LotResolver {
 	partnumberToLots := make(map[string][]string, len(mappings))
 	for _, m := range mappings {
 		pn := NormalizeKey(m.Partnumber)
 		lot := strings.TrimSpace(m.LotName)
 		if pn == "" || lot == "" {
 			continue
 		}
 		partnumberToLots[pn] = append(partnumberToLots[pn], lot)
 	}
 	for key := range partnumberToLots {
 		partnumberToLots[key] = uniqueCaseInsensitive(partnumberToLots[key])
 	}
 	exactLots := make(map[string]string, len(lots))
 	allLots := make([]string, 0, len(lots))
 	for _, l := range lots {
 		name := strings.TrimSpace(l.LotName)
 		if name == "" {
 			continue
 		}
 		exactLots[NormalizeKey(name)] = name
 		allLots = append(allLots, name)
 	}
 	sort.Slice(allLots, func(i, j int) bool {
 		li := len([]rune(allLots[i]))
 		lj := len([]rune(allLots[j]))
 		if li == lj {
 			return allLots[i] < allLots[j]
 		}
 		return li > lj
 	})
 	return &LotResolver{
 		partnumberToLots: partnumberToLots,
 		exactLots:        exactLots,
 		allLots:          allLots,
 	}
 }
 func NewMappingMatcher(mappings []models.LotPartnumber, lots []models.Lot) *MappingMatcher {
 	exact := make(map[string][]string, len(mappings))
 	wildcards := make([]wildcardMapping, 0, len(mappings))
 	for _, m := range mappings {
 		pn := NormalizeKey(m.Partnumber)
 		lot := strings.TrimSpace(m.LotName)
 		if pn == "" || lot == "" {
 			continue
 		}
 		if strings.Contains(pn, "*") {
 			pattern := "^" + regexp.QuoteMeta(pn) + "$"
 			pattern = strings.ReplaceAll(pattern, "\\*", ".*")
 			re, err := regexp.Compile(pattern)
 			if err != nil {
 				continue
 			}
 			wildcards = append(wildcards, wildcardMapping{lotName: lot, re: re})
 			continue
 		}
 		exact[pn] = append(exact[pn], lot)
 	}
 	for key := range exact {
 		exact[key] = uniqueCaseInsensitive(exact[key])
 	}
 	exactLot := make(map[string]string, len(lots))
 	for _, l := range lots {
 		name := strings.TrimSpace(l.LotName)
 		if name == "" {
 			continue
 		}
 		exactLot[NormalizeKey(name)] = name
 	}
 	return &MappingMatcher{
 		exact:    exact,
 		exactLot: exactLot,
 		wildcard: wildcards,
 	}
 }
 func (r *LotResolver) Resolve(partnumber string) (string, string, error) {
 	key := NormalizeKey(partnumber)
 	if key == "" {
 		return "", "", ErrResolveNotFound
 	}
 	if mapped := r.partnumberToLots[key]; len(mapped) > 0 {
 		if len(mapped) == 1 {
 			return mapped[0], "mapping_table", nil
 		}
 		return "", "", ErrResolveConflict
 	}
 	if exact, ok := r.exactLots[key]; ok {
 		return exact, "article_exact", nil
 	}
 	best := ""
 	bestLen := -1
 	tie := false
 	for _, lot := range r.allLots {
 		lotKey := NormalizeKey(lot)
 		if lotKey == "" {
 			continue
 		}
 		if strings.HasPrefix(key, lotKey) {
 			l := len([]rune(lotKey))
 			if l > bestLen {
 				best = lot
 				bestLen = l
 				tie = false
 			} else if l == bestLen && !strings.EqualFold(best, lot) {
 				tie = true
 			}
 		}
 	}
 	if best == "" {
 		return "", "", ErrResolveNotFound
 	}
 	if tie {
 		return "", "", ErrResolveConflict
 	}
 	return best, "prefix", nil
 }
 func (m *MappingMatcher) MatchLots(partnumber string) []string {
 	if m == nil {
 		return nil
 	}
 	key := NormalizeKey(partnumber)
 	if key == "" {
 		return nil
 	}
 	lots := make([]string, 0, 2)
 	if exact := m.exact[key]; len(exact) > 0 {
 		lots = append(lots, exact...)
 	}
 	for _, wc := range m.wildcard {
 		if wc.re == nil || !wc.re.MatchString(key) {
 			continue
 		}
 		lots = append(lots, wc.lotName)
 	}
 	if lot, ok := m.exactLot[key]; ok && strings.TrimSpace(lot) != "" {
 		lots = append(lots, lot)
 	}
 	return uniqueCaseInsensitive(lots)
 }
 func NormalizeKey(v string) string {
 	s := strings.ToLower(strings.TrimSpace(v))
 	replacer := strings.NewReplacer(" ", "", "-", "", "_", "", ".", "", "/", "", "\\", "", "\"", "", "'", "", "(", "", ")", "")
 	return replacer.Replace(s)
 }
 func loadMappingsAndLots(db *gorm.DB) ([]models.LotPartnumber, []models.Lot, error) {
 	var mappings []models.LotPartnumber
 	if err := db.Find(&mappings).Error; err != nil {
 		return nil, nil, err
 	}
 	var lots []models.Lot
 	if err := db.Select("lot_name").Find(&lots).Error; err != nil {
 		return nil, nil, err
 	}
 	return mappings, lots, nil
 }
 func uniqueCaseInsensitive(values []string) []string {
 	seen := make(map[string]struct{}, len(values))
 	out := make([]string, 0, len(values))
 	for _, v := range values {
 		trimmed := strings.TrimSpace(v)
 		if trimmed == "" {
 			continue
 		}
 		key := strings.ToLower(trimmed)
 		if _, ok := seen[key]; ok {
 			continue
 		}
 		seen[key] = struct{}{}
 		out = append(out, trimmed)
 	}
 	sort.Slice(out, func(i, j int) bool {
 		return strings.ToLower(out[i]) < strings.ToLower(out[j])
 	})
 	return out
 }
--- a/internal/lotmatch/resolver_test.go
+++ b/internal/lotmatch/resolver_test.go
@@ -1,62 +0,0 @@
 package lotmatch
 import (
 	"testing"
 	"git.mchus.pro/mchus/quoteforge/internal/models"
 )
 func TestLotResolverPrecedence(t *testing.T) {
 	resolver := NewLotResolver(
 		[]models.LotPartnumber{
 			{Partnumber: "PN-1", LotName: "LOT_A"},
 		},
 		[]models.Lot{
 			{LotName: "CPU_X_LONG"},
 			{LotName: "CPU_X"},
 		},
 	)
 	lot, by, err := resolver.Resolve("PN-1")
 	if err != nil || lot != "LOT_A" || by != "mapping_table" {
 		t.Fatalf("expected mapping_table LOT_A, got lot=%s by=%s err=%v", lot, by, err)
 	}
 	lot, by, err = resolver.Resolve("CPU_X")
 	if err != nil || lot != "CPU_X" || by != "article_exact" {
 		t.Fatalf("expected article_exact CPU_X, got lot=%s by=%s err=%v", lot, by, err)
 	}
 	lot, by, err = resolver.Resolve("CPU_X_LONG_001")
 	if err != nil || lot != "CPU_X_LONG" || by != "prefix" {
 		t.Fatalf("expected prefix CPU_X_LONG, got lot=%s by=%s err=%v", lot, by, err)
 	}
 }
 func TestMappingMatcherWildcardAndExactLot(t *testing.T) {
 	matcher := NewMappingMatcher(
 		[]models.LotPartnumber{
 			{Partnumber: "R750*", LotName: "SERVER_R750"},
 			{Partnumber: "HDD-01", LotName: "HDD_01"},
 		},
 		[]models.Lot{
 			{LotName: "MEM_DDR5_16G_4800"},
 		},
 	)
 	check := func(partnumber string, want string) {
 		t.Helper()
 		got := matcher.MatchLots(partnumber)
 		if len(got) != 1 || got[0] != want {
 			t.Fatalf("partnumber %s: expected [%s], got %#v", partnumber, want, got)
 		}
 	}
 	check("R750XD", "SERVER_R750")
 	check("HDD-01", "HDD_01")
 	check("MEM_DDR5_16G_4800", "MEM_DDR5_16G_4800")
 	if got := matcher.MatchLots("UNKNOWN"); len(got) != 0 {
 		t.Fatalf("expected no matches for UNKNOWN, got %#v", got)
 	}
 }
--- a/internal/middleware/auth.go
+++ b/internal/middleware/auth.go
@@ -1,110 +0,0 @@
 package middleware
 import (
 	"net/http"
 	"strings"
 	"git.mchus.pro/mchus/quoteforge/internal/models"
 	"git.mchus.pro/mchus/quoteforge/internal/services"
 	"github.com/gin-gonic/gin"
 )
 const (
 	AuthUserKey   = "auth_user"
 	AuthClaimsKey = "auth_claims"
 )
 func Auth(authService *services.AuthService) gin.HandlerFunc {
 	return func(c *gin.Context) {
 		authHeader := c.GetHeader("Authorization")
 		if authHeader == "" {
 			c.AbortWithStatusJSON(http.StatusUnauthorized, gin.H{
 				"error": "authorization header required",
 			})
 			return
 		}
 		parts := strings.SplitN(authHeader, " ", 2)
 		if len(parts) != 2 || parts[0] != "Bearer" {
 			c.AbortWithStatusJSON(http.StatusUnauthorized, gin.H{
 				"error": "invalid authorization header format",
 			})
 			return
 		}
 		claims, err := authService.ValidateToken(parts[1])
 		if err != nil {
 			c.AbortWithStatusJSON(http.StatusUnauthorized, gin.H{
 				"error": err.Error(),
 			})
 			return
 		}
 		c.Set(AuthClaimsKey, claims)
 		c.Next()
 	}
 }
 func RequireRole(roles ...models.UserRole) gin.HandlerFunc {
 	return func(c *gin.Context) {
 		claims, exists := c.Get(AuthClaimsKey)
 		if !exists {
 			c.AbortWithStatusJSON(http.StatusUnauthorized, gin.H{
 				"error": "authentication required",
 			})
 			return
 		}
 		authClaims := claims.(*services.Claims)
 		for _, role := range roles {
 			if authClaims.Role == role {
 				c.Next()
 				return
 			}
 		}
 		c.AbortWithStatusJSON(http.StatusForbidden, gin.H{
 			"error": "insufficient permissions",
 		})
 	}
 }
 func RequireEditor() gin.HandlerFunc {
 	return RequireRole(models.RoleEditor, models.RolePricingAdmin, models.RoleAdmin)
 }
 func RequirePricingAdmin() gin.HandlerFunc {
 	return RequireRole(models.RolePricingAdmin, models.RoleAdmin)
 }
 func RequireAdmin() gin.HandlerFunc {
 	return RequireRole(models.RoleAdmin)
 }
 // GetClaims extracts auth claims from context
 func GetClaims(c *gin.Context) *services.Claims {
 	claims, exists := c.Get(AuthClaimsKey)
 	if !exists {
 		return nil
 	}
 	return claims.(*services.Claims)
 }
 // GetUserID extracts user ID from context
 func GetUserID(c *gin.Context) uint {
 	claims := GetClaims(c)
 	if claims == nil {
 		return 0
 	}
 	return claims.UserID
 }
 // GetUsername extracts username from context
 func GetUsername(c *gin.Context) string {
 	claims := GetClaims(c)
 	if claims == nil {
 		return ""
 	}
 	return claims.Username
 }
--- a/internal/models/configuration.go
+++ b/internal/models/configuration.go
@@ -117,8 +117,6 @@ type Configuration struct {
 	PriceUpdatedAt        *time.Time  `gorm:"type:timestamp" json:"price_updated_at,omitempty"`
 	CreatedAt             time.Time   `gorm:"autoCreateTime" json:"created_at"`
 	CurrentVersionNo      int         `gorm:"-" json:"current_version_no,omitempty"`
 	User *User `gorm:"foreignKey:UserID" json:"user,omitempty"`
 }
 func (Configuration) TableName() string {
@@ -133,8 +131,6 @@ type PriceOverride struct {
 	ValidUntil *time.Time `gorm:"type:date" json:"valid_until"`
 	Reason     string     `gorm:"type:text" json:"reason"`
 	CreatedBy  uint       `gorm:"not null" json:"created_by"`
 	Creator *User `gorm:"foreignKey:CreatedBy" json:"creator,omitempty"`
 }
 func (PriceOverride) TableName() string {
--- a/internal/models/lot.go
+++ b/internal/models/lot.go
@@ -55,17 +55,6 @@ func (StockLog) TableName() string {
 	return "stock_log"
 }
 // LotPartnumber maps external part numbers to internal lots.
 type LotPartnumber struct {
 	Partnumber  string  `gorm:"column:partnumber;size:255;primaryKey" json:"partnumber"`
 	LotName     string  `gorm:"column:lot_name;size:255;primaryKey" json:"lot_name"`
 	Description *string `gorm:"column:description;size:10000" json:"description,omitempty"`
 }
 func (LotPartnumber) TableName() string {
 	return "lot_partnumbers"
 }
 // StockIgnoreRule contains import ignore pattern rules.
 type StockIgnoreRule struct {
 	ID        uint      `gorm:"column:id;primaryKey;autoIncrement" json:"id"`
--- a/internal/models/models.go
+++ b/internal/models/models.go
@@ -10,7 +10,6 @@ import (
 // AllModels returns all models for auto-migration
 func AllModels() []interface{} {
 	return []interface{}{
 		&User{},
 		&Category{},
 		&LotMetadata{},
 		&Project{},
@@ -52,54 +51,3 @@ func SeedCategories(db *gorm.DB) error {
 	}
 	return nil
 }
 // SeedAdminUser creates default admin user if not exists
 // Default credentials: admin / admin123
 func SeedAdminUser(db *gorm.DB, passwordHash string) error {
 	var count int64
 	db.Model(&User{}).Where("username = ?", "admin").Count(&count)
 	if count > 0 {
 		return nil
 	}
 	admin := &User{
 		Username:     "admin",
 		Email:        "admin@example.com",
 		PasswordHash: passwordHash,
 		Role:         RoleAdmin,
 		IsActive:     true,
 	}
 	return db.Create(admin).Error
 }
 // EnsureDBUser creates or returns the user corresponding to the database connection username.
 // This is used when RBAC is disabled - configurations are owned by the DB user.
 // Returns the user ID that should be used for all operations.
 func EnsureDBUser(db *gorm.DB, dbUsername string) (uint, error) {
 	if dbUsername == "" {
 		return 0, nil
 	}
 	var user User
 	err := db.Where("username = ?", dbUsername).First(&user).Error
 	if err == nil {
 		return user.ID, nil
 	}
 	// User doesn't exist, create it
 	user = User{
 		Username:     dbUsername,
 		Email:        dbUsername + "@db.local",
 		PasswordHash: "-", // No password - this is a DB user, not an app user
 		Role:         RoleAdmin,
 		IsActive:     true,
 	}
 	if err := db.Create(&user).Error; err != nil {
 		slog.Error("failed to create DB user", "username", dbUsername, "error", err)
 		return 0, err
 	}
 	slog.Info("created DB user for configurations", "username", dbUsername, "user_id", user.ID)
 	return user.ID, nil
 }
--- a/internal/models/user.go
+++ b/internal/models/user.go
@@ -1,39 +0,0 @@
 package models
 import "time"
 type UserRole string
 const (
 	RoleViewer       UserRole = "viewer"
 	RoleEditor       UserRole = "editor"
 	RolePricingAdmin UserRole = "pricing_admin"
 	RoleAdmin        UserRole = "admin"
 )
 type User struct {
 	ID           uint      `gorm:"primaryKey;autoIncrement" json:"id"`
 	Username     string    `gorm:"size:100;uniqueIndex;not null" json:"username"`
 	Email        string    `gorm:"size:255;uniqueIndex;not null" json:"email"`
 	PasswordHash string    `gorm:"size:255;not null" json:"-"`
 	Role         UserRole  `gorm:"type:enum('viewer','editor','pricing_admin','admin');default:'viewer'" json:"role"`
 	IsActive     bool      `gorm:"default:true" json:"is_active"`
 	CreatedAt    time.Time `gorm:"autoCreateTime" json:"created_at"`
 	UpdatedAt    time.Time `gorm:"autoUpdateTime" json:"updated_at"`
 }
 func (User) TableName() string {
 	return "qt_users"
 }
 func (u *User) CanEdit() bool {
 	return u.Role == RoleEditor || u.Role == RolePricingAdmin || u.Role == RoleAdmin
 }
 func (u *User) CanManagePricing() bool {
 	return u.Role == RolePricingAdmin || u.Role == RoleAdmin
 }
 func (u *User) CanManageUsers() bool {
 	return u.Role == RoleAdmin
 }
--- a/internal/repository/partnumber_book.go
+++ b/internal/repository/partnumber_book.go
@@ -3,6 +3,7 @@ package repository
 import (
 	"git.mchus.pro/mchus/quoteforge/internal/localdb"
 	"gorm.io/gorm"
 	"gorm.io/gorm/clause"
 )
 // PartnumberBookRepository provides read-only access to local partnumber book snapshots.
@@ -26,8 +27,11 @@ func (r *PartnumberBookRepository) GetActiveBook() (*localdb.LocalPartnumberBook
 // GetBookItems returns all items for the given local book ID.
 func (r *PartnumberBookRepository) GetBookItems(bookID uint) ([]localdb.LocalPartnumberBookItem, error) {
-	var items []localdb.LocalPartnumberBookItem
+	book, err := r.getBook(bookID)
-	err := r.db.Where("book_id = ?", bookID).Find(&items).Error
+	if err != nil {
 		return nil, err
 	}
 	items, _, err := r.listCatalogItems(book.PartnumbersJSON, "", 0, 0)
 	return items, err
 }
@@ -40,30 +44,31 @@ func (r *PartnumberBookRepository) GetBookItemsPage(bookID uint, search string,
 		perPage = 100
 	}
-	query := r.db.Model(&localdb.LocalPartnumberBookItem{}).Where("book_id = ?", bookID)
+	book, err := r.getBook(bookID)
-	trimmedSearch := "%" + search + "%"
+	if err != nil {
 	if search != "" {
 		query = query.Where("partnumber LIKE ? OR lot_name LIKE ?", trimmedSearch, trimmedSearch)
 	}
 	var total int64
 	if err := query.Count(&total).Error; err != nil {
 		return nil, 0, err
 	}
-
+	return r.listCatalogItems(book.PartnumbersJSON, search, page, perPage)
 	var items []localdb.LocalPartnumberBookItem
 	err := query.
 		Order("partnumber ASC, lot_name ASC, id ASC").
 		Offset((page - 1) * perPage).
 		Limit(perPage).
 		Find(&items).Error
 	return items, total, err
 }
 // FindLotByPartnumber looks up a partnumber in the active book and returns the matching items.
 func (r *PartnumberBookRepository) FindLotByPartnumber(bookID uint, partnumber string) ([]localdb.LocalPartnumberBookItem, error) {
 	book, err := r.getBook(bookID)
 	if err != nil {
 		return nil, err
 	}
 	found := false
 	for _, pn := range book.PartnumbersJSON {
 		if pn == partnumber {
 			found = true
 			break
 		}
 	}
 	if !found {
 		return nil, nil
 	}
 	var items []localdb.LocalPartnumberBookItem
-	err := r.db.Where("book_id = ? AND partnumber = ?", bookID, partnumber).Find(&items).Error
+	err = r.db.Where("partnumber = ?", partnumber).Find(&items).Error
 	return items, err
 }
@@ -79,34 +84,91 @@ func (r *PartnumberBookRepository) SaveBook(book *localdb.LocalPartnumberBook) e
 	return r.db.Save(book).Error
 }
-// SaveBookItems bulk-inserts items for a book snapshot.
+// SaveBookItems upserts canonical PN catalog rows.
 func (r *PartnumberBookRepository) SaveBookItems(items []localdb.LocalPartnumberBookItem) error {
 	if len(items) == 0 {
 		return nil
 	}
-	return r.db.CreateInBatches(items, 500).Error
+	return r.db.Clauses(clause.OnConflict{
 		Columns: []clause.Column{{Name: "partnumber"}},
 		DoUpdates: clause.AssignmentColumns([]string{
 			"lots_json",
 			"description",
 		}),
 	}).CreateInBatches(items, 500).Error
 }
 // CountBookItems returns the number of items for a given local book ID.
 func (r *PartnumberBookRepository) CountBookItems(bookID uint) int64 {
-	var count int64
+	book, err := r.getBook(bookID)
-	r.db.Model(&localdb.LocalPartnumberBookItem{}).Where("book_id = ?", bookID).Count(&count)
+	if err != nil {
-	return count
+		return 0
 	}
 	return int64(len(book.PartnumbersJSON))
 }
 func (r *PartnumberBookRepository) CountDistinctLots(bookID uint) int64 {
-	var count int64
+	items, err := r.GetBookItems(bookID)
-	r.db.Model(&localdb.LocalPartnumberBookItem{}).
+	if err != nil {
-		Where("book_id = ?", bookID).
+		return 0
-		Distinct("lot_name").
+	}
-		Count(&count)
+	seen := make(map[string]struct{})
-	return count
+	for _, item := range items {
 		for _, lot := range item.LotsJSON {
 			if lot.LotName == "" {
 				continue
 			}
 			seen[lot.LotName] = struct{}{}
 		}
 	}
 	return int64(len(seen))
 }
-func (r *PartnumberBookRepository) CountPrimaryItems(bookID uint) int64 {
+func (r *PartnumberBookRepository) HasAllBookItems(bookID uint) bool {
 	book, err := r.getBook(bookID)
 	if err != nil {
 		return false
 	}
 	if len(book.PartnumbersJSON) == 0 {
 		return true
 	}
 	var count int64
-	r.db.Model(&localdb.LocalPartnumberBookItem{}).
+	if err := r.db.Model(&localdb.LocalPartnumberBookItem{}).
-		Where("book_id = ? AND is_primary_pn = ?", bookID, true).
+		Where("partnumber IN ?", []string(book.PartnumbersJSON)).
-		Count(&count)
+		Count(&count).Error; err != nil {
-	return count
+		return false
 	}
 	return count == int64(len(book.PartnumbersJSON))
 }
 func (r *PartnumberBookRepository) getBook(bookID uint) (*localdb.LocalPartnumberBook, error) {
 	var book localdb.LocalPartnumberBook
 	if err := r.db.First(&book, bookID).Error; err != nil {
 		return nil, err
 	}
 	return &book, nil
 }
 func (r *PartnumberBookRepository) listCatalogItems(partnumbers localdb.LocalStringList, search string, page, perPage int) ([]localdb.LocalPartnumberBookItem, int64, error) {
 	if len(partnumbers) == 0 {
 		return []localdb.LocalPartnumberBookItem{}, 0, nil
 	}
 	query := r.db.Model(&localdb.LocalPartnumberBookItem{}).Where("partnumber IN ?", []string(partnumbers))
 	if search != "" {
 		trimmedSearch := "%" + search + "%"
 		query = query.Where("partnumber LIKE ? OR lots_json LIKE ? OR description LIKE ?", trimmedSearch, trimmedSearch, trimmedSearch)
 	}
 	var total int64
 	if err := query.Count(&total).Error; err != nil {
 		return nil, 0, err
 	}
 	var items []localdb.LocalPartnumberBookItem
 	if page > 0 && perPage > 0 {
 		query = query.Offset((page - 1) * perPage).Limit(perPage)
 	}
 	err := query.Order("partnumber ASC, id ASC").Find(&items).Error
 	return items, total, err
 }
--- a/internal/repository/pricelist.go
+++ b/internal/repository/pricelist.go
@@ -3,13 +3,10 @@ package repository
 import (
 	"errors"
 	"fmt"
 	"log/slog"
 	"sort"
 	"strconv"
 	"strings"
 	"time"
 	"git.mchus.pro/mchus/quoteforge/internal/lotmatch"
 	"git.mchus.pro/mchus/quoteforge/internal/models"
 	"gorm.io/gorm"
 )
@@ -246,94 +243,9 @@ func (r *PricelistRepository) GetItems(pricelistID uint, offset, limit int, sear
 		items[i].Category = strings.TrimSpace(items[i].LotCategory)
 	}
 	// Stock/partnumber enrichment is optional for pricelist item listing.
 	// Return base pricelist rows (lot_name/price/category) even when DB user lacks
 	// access to stock mapping tables (e.g. lot_partnumbers, stock_log).
 	if err := r.enrichItemsWithStock(items); err != nil {
 		slog.Warn("pricelist items stock enrichment skipped", "pricelist_id", pricelistID, "error", err)
 	}
 	return items, total, nil
 }
 func (r *PricelistRepository) enrichItemsWithStock(items []models.PricelistItem) error {
 	if len(items) == 0 {
 		return nil
 	}
 	resolver, err := lotmatch.NewLotResolverFromDB(r.db)
 	if err != nil {
 		return err
 	}
 	type stockRow struct {
 		Partnumber string   `gorm:"column:partnumber"`
 		Qty        *float64 `gorm:"column:qty"`
 	}
 	rows := make([]stockRow, 0)
 	if err := r.db.Raw(`
 		SELECT s.partnumber, s.qty
 		FROM stock_log s
 		INNER JOIN (
 			SELECT partnumber, MAX(date) AS max_date
 			FROM stock_log
 			GROUP BY partnumber
 		) latest ON latest.partnumber = s.partnumber AND latest.max_date = s.date
 		WHERE s.qty IS NOT NULL
 	`).Scan(&rows).Error; err != nil {
 		return err
 	}
 	lotTotals := make(map[string]float64, len(items))
 	lotPartnumbers := make(map[string][]string, len(items))
 	seenPartnumbers := make(map[string]map[string]struct{}, len(items))
 	for i := range rows {
 		row := rows[i]
 		if strings.TrimSpace(row.Partnumber) == "" {
 			continue
 		}
 		lotName, _, resolveErr := resolver.Resolve(row.Partnumber)
 		if resolveErr != nil || strings.TrimSpace(lotName) == "" {
 			continue
 		}
 		if row.Qty != nil {
 			lotTotals[lotName] += *row.Qty
 		}
 		pn := strings.TrimSpace(row.Partnumber)
 		if pn == "" {
 			continue
 		}
 		if _, ok := seenPartnumbers[lotName]; !ok {
 			seenPartnumbers[lotName] = make(map[string]struct{}, 4)
 		}
 		key := strings.ToLower(pn)
 		if _, exists := seenPartnumbers[lotName][key]; exists {
 			continue
 		}
 		seenPartnumbers[lotName][key] = struct{}{}
 		lotPartnumbers[lotName] = append(lotPartnumbers[lotName], pn)
 	}
 	for i := range items {
 		lotName := items[i].LotName
 		if qty, ok := lotTotals[lotName]; ok {
 			qtyCopy := qty
 			items[i].AvailableQty = &qtyCopy
 		}
 		if partnumbers := lotPartnumbers[lotName]; len(partnumbers) > 0 {
 			sort.Slice(partnumbers, func(a, b int) bool {
 				return strings.ToLower(partnumbers[a]) < strings.ToLower(partnumbers[b])
 			})
 			items[i].Partnumbers = partnumbers
 		}
 	}
 	return nil
 }
 // GetLotNames returns distinct lot names from pricelist items.
 func (r *PricelistRepository) GetLotNames(pricelistID uint) ([]string, error) {
 	var lotNames []string
--- a/internal/repository/pricelist_test.go
+++ b/internal/repository/pricelist_test.go
@@ -75,57 +75,6 @@ func TestGenerateVersion_IsolatedBySource(t *testing.T) {
 	}
 }
 func TestGetItems_WarehouseAvailableQtyUsesPrefixResolver(t *testing.T) {
 	repo := newTestPricelistRepository(t)
 	db := repo.db
 	warehouse := models.Pricelist{
 		Source:    string(models.PricelistSourceWarehouse),
 		Version:   "S-2026-02-07-001",
 		CreatedBy: "test",
 		IsActive:  true,
 	}
 	if err := db.Create(&warehouse).Error; err != nil {
 		t.Fatalf("create pricelist: %v", err)
 	}
 	if err := db.Create(&models.PricelistItem{
 		PricelistID: warehouse.ID,
 		LotName:     "SSD_NVME_03.2T",
 		Price:       100,
 	}).Error; err != nil {
 		t.Fatalf("create pricelist item: %v", err)
 	}
 	if err := db.Create(&models.Lot{LotName: "SSD_NVME_03.2T"}).Error; err != nil {
 		t.Fatalf("create lot: %v", err)
 	}
 	qty := 5.0
 	if err := db.Create(&models.StockLog{
 		Partnumber: "SSD_NVME_03.2T_GEN3_P4610",
 		Date:       time.Now(),
 		Price:      200,
 		Qty:        &qty,
 	}).Error; err != nil {
 		t.Fatalf("create stock log: %v", err)
 	}
 	items, total, err := repo.GetItems(warehouse.ID, 0, 20, "")
 	if err != nil {
 		t.Fatalf("GetItems: %v", err)
 	}
 	if total != 1 {
 		t.Fatalf("expected total=1, got %d", total)
 	}
 	if len(items) != 1 {
 		t.Fatalf("expected 1 item, got %d", len(items))
 	}
 	if items[0].AvailableQty == nil {
 		t.Fatalf("expected available qty to be set")
 	}
 	if *items[0].AvailableQty != 5 {
 		t.Fatalf("expected available qty=5, got %v", *items[0].AvailableQty)
 	}
 }
 func TestGetLatestActiveBySource_SkipsPricelistsWithoutItems(t *testing.T) {
 	repo := newTestPricelistRepository(t)
 	db := repo.db
@@ -228,7 +177,7 @@ func newTestPricelistRepository(t *testing.T) *PricelistRepository {
 	if err != nil {
 		t.Fatalf("open sqlite: %v", err)
 	}
-	if err := db.AutoMigrate(&models.Pricelist{}, &models.PricelistItem{}, &models.Lot{}, &models.LotPartnumber{}, &models.StockLog{}); err != nil {
+	if err := db.AutoMigrate(&models.Pricelist{}, &models.PricelistItem{}, &models.Lot{}, &models.StockLog{}); err != nil {
 		t.Fatalf("migrate: %v", err)
 	}
 	return NewPricelistRepository(db)
--- a/internal/repository/user.go
+++ b/internal/repository/user.go
@@ -1,62 +0,0 @@
 package repository
 import (
 	"git.mchus.pro/mchus/quoteforge/internal/models"
 	"gorm.io/gorm"
 )
 type UserRepository struct {
 	db *gorm.DB
 }
 func NewUserRepository(db *gorm.DB) *UserRepository {
 	return &UserRepository{db: db}
 }
 func (r *UserRepository) Create(user *models.User) error {
 	return r.db.Create(user).Error
 }
 func (r *UserRepository) GetByID(id uint) (*models.User, error) {
 	var user models.User
 	err := r.db.First(&user, id).Error
 	if err != nil {
 		return nil, err
 	}
 	return &user, nil
 }
 func (r *UserRepository) GetByUsername(username string) (*models.User, error) {
 	var user models.User
 	err := r.db.Where("username = ?", username).First(&user).Error
 	if err != nil {
 		return nil, err
 	}
 	return &user, nil
 }
 func (r *UserRepository) GetByEmail(email string) (*models.User, error) {
 	var user models.User
 	err := r.db.Where("email = ?", email).First(&user).Error
 	if err != nil {
 		return nil, err
 	}
 	return &user, nil
 }
 func (r *UserRepository) Update(user *models.User) error {
 	return r.db.Save(user).Error
 }
 func (r *UserRepository) Delete(id uint) error {
 	return r.db.Delete(&models.User{}, id).Error
 }
 func (r *UserRepository) List(offset, limit int) ([]models.User, int64, error) {
 	var users []models.User
 	var total int64
 	r.db.Model(&models.User{}).Count(&total)
 	err := r.db.Offset(offset).Limit(limit).Find(&users).Error
 	return users, total, err
 }
--- a/internal/services/auth.go
+++ b/internal/services/auth.go
@@ -1,180 +0,0 @@
 package services
 import (
 	"errors"
 	"time"
 	"github.com/golang-jwt/jwt/v5"
 	"git.mchus.pro/mchus/quoteforge/internal/config"
 	"git.mchus.pro/mchus/quoteforge/internal/models"
 	"git.mchus.pro/mchus/quoteforge/internal/repository"
 	"golang.org/x/crypto/bcrypt"
 )
 var (
 	ErrInvalidCredentials = errors.New("invalid username or password")
 	ErrUserNotFound       = errors.New("user not found")
 	ErrUserInactive       = errors.New("user account is inactive")
 	ErrInvalidToken       = errors.New("invalid token")
 	ErrTokenExpired       = errors.New("token expired")
 )
 type AuthService struct {
 	userRepo *repository.UserRepository
 	config   config.AuthConfig
 }
 func NewAuthService(userRepo *repository.UserRepository, cfg config.AuthConfig) *AuthService {
 	return &AuthService{
 		userRepo: userRepo,
 		config:   cfg,
 	}
 }
 type TokenPair struct {
 	AccessToken  string `json:"access_token"`
 	RefreshToken string `json:"refresh_token"`
 	ExpiresAt    int64  `json:"expires_at"`
 }
 type Claims struct {
 	UserID   uint            `json:"user_id"`
 	Username string          `json:"username"`
 	Role     models.UserRole `json:"role"`
 	jwt.RegisteredClaims
 }
 func (s *AuthService) Login(username, password string) (*TokenPair, *models.User, error) {
 	user, err := s.userRepo.GetByUsername(username)
 	if err != nil {
 		return nil, nil, ErrInvalidCredentials
 	}
 	if !user.IsActive {
 		return nil, nil, ErrUserInactive
 	}
 	if err := bcrypt.CompareHashAndPassword([]byte(user.PasswordHash), []byte(password)); err != nil {
 		return nil, nil, ErrInvalidCredentials
 	}
 	tokens, err := s.generateTokenPair(user)
 	if err != nil {
 		return nil, nil, err
 	}
 	return tokens, user, nil
 }
 func (s *AuthService) RefreshTokens(refreshToken string) (*TokenPair, error) {
 	claims, err := s.ValidateToken(refreshToken)
 	if err != nil {
 		return nil, err
 	}
 	user, err := s.userRepo.GetByID(claims.UserID)
 	if err != nil {
 		return nil, ErrUserNotFound
 	}
 	if !user.IsActive {
 		return nil, ErrUserInactive
 	}
 	return s.generateTokenPair(user)
 }
 func (s *AuthService) ValidateToken(tokenString string) (*Claims, error) {
 	token, err := jwt.ParseWithClaims(tokenString, &Claims{}, func(token *jwt.Token) (interface{}, error) {
 		return []byte(s.config.JWTSecret), nil
 	})
 	if err != nil {
 		if errors.Is(err, jwt.ErrTokenExpired) {
 			return nil, ErrTokenExpired
 		}
 		return nil, ErrInvalidToken
 	}
 	claims, ok := token.Claims.(*Claims)
 	if !ok || !token.Valid {
 		return nil, ErrInvalidToken
 	}
 	return claims, nil
 }
 func (s *AuthService) generateTokenPair(user *models.User) (*TokenPair, error) {
 	now := time.Now()
 	accessExpiry := now.Add(s.config.TokenExpiry)
 	refreshExpiry := now.Add(s.config.RefreshExpiry)
 	accessClaims := &Claims{
 		UserID:   user.ID,
 		Username: user.Username,
 		Role:     user.Role,
 		RegisteredClaims: jwt.RegisteredClaims{
 			ExpiresAt: jwt.NewNumericDate(accessExpiry),
 			IssuedAt:  jwt.NewNumericDate(now),
 			Subject:   user.Username,
 		},
 	}
 	accessToken := jwt.NewWithClaims(jwt.SigningMethodHS256, accessClaims)
 	accessTokenString, err := accessToken.SignedString([]byte(s.config.JWTSecret))
 	if err != nil {
 		return nil, err
 	}
 	refreshClaims := &Claims{
 		UserID:   user.ID,
 		Username: user.Username,
 		Role:     user.Role,
 		RegisteredClaims: jwt.RegisteredClaims{
 			ExpiresAt: jwt.NewNumericDate(refreshExpiry),
 			IssuedAt:  jwt.NewNumericDate(now),
 			Subject:   user.Username,
 		},
 	}
 	refreshToken := jwt.NewWithClaims(jwt.SigningMethodHS256, refreshClaims)
 	refreshTokenString, err := refreshToken.SignedString([]byte(s.config.JWTSecret))
 	if err != nil {
 		return nil, err
 	}
 	return &TokenPair{
 		AccessToken:  accessTokenString,
 		RefreshToken: refreshTokenString,
 		ExpiresAt:    accessExpiry.Unix(),
 	}, nil
 }
 func (s *AuthService) HashPassword(password string) (string, error) {
 	hash, err := bcrypt.GenerateFromPassword([]byte(password), bcrypt.DefaultCost)
 	if err != nil {
 		return "", err
 	}
 	return string(hash), nil
 }
 func (s *AuthService) CreateUser(username, email, password string, role models.UserRole) (*models.User, error) {
 	hash, err := s.HashPassword(password)
 	if err != nil {
 		return nil, err
 	}
 	user := &models.User{
 		Username:     username,
 		Email:        email,
 		PasswordHash: hash,
 		Role:         role,
 		IsActive:     true,
 	}
 	if err := s.userRepo.Create(user); err != nil {
 		return nil, err
 	}
 	return user, nil
 }
--- a/internal/services/configuration.go
+++ b/internal/services/configuration.go
@@ -608,13 +608,7 @@ func (s *ConfigurationService) isOwner(config *models.Configuration, ownerUserna
 	if config == nil || ownerUsername == "" {
 		return false
 	}
-	if config.OwnerUsername != "" {
+	return config.OwnerUsername == ownerUsername
 		return config.OwnerUsername == ownerUsername
 	}
 	if config.User != nil {
 		return config.User.Username == ownerUsername
 	}
 	return false
 }
 // // Export configuration as JSON
--- a/internal/services/sync/partnumber_books.go
+++ b/internal/services/sync/partnumber_books.go
@@ -1,6 +1,7 @@
 package sync
 import (
 	"encoding/json"
 	"fmt"
 	"log/slog"
 	"time"
@@ -23,13 +24,14 @@ func (s *Service) PullPartnumberBooks() (int, error) {
 	localBookRepo := repository.NewPartnumberBookRepository(s.localDB.DB())
 	type serverBook struct {
-		ID        int       `gorm:"column:id"`
+		ID              int       `gorm:"column:id"`
-		Version   string    `gorm:"column:version"`
+		Version         string    `gorm:"column:version"`
-		CreatedAt time.Time `gorm:"column:created_at"`
+		CreatedAt       time.Time `gorm:"column:created_at"`
-		IsActive  bool      `gorm:"column:is_active"`
+		IsActive        bool      `gorm:"column:is_active"`
 		PartnumbersJSON string    `gorm:"column:partnumbers_json"`
 	}
 	var serverBooks []serverBook
-	if err := mariaDB.Raw("SELECT id, version, created_at, is_active FROM qt_partnumber_books ORDER BY created_at DESC, id DESC").Scan(&serverBooks).Error; err != nil {
+	if err := mariaDB.Raw("SELECT id, version, created_at, is_active, partnumbers_json FROM qt_partnumber_books ORDER BY created_at DESC, id DESC").Scan(&serverBooks).Error; err != nil {
 		return 0, fmt.Errorf("querying server partnumber books: %w", err)
 	}
 	slog.Info("partnumber books found on server", "count", len(serverBooks))
@@ -38,16 +40,28 @@ func (s *Service) PullPartnumberBooks() (int, error) {
 	for _, sb := range serverBooks {
 		var existing localdb.LocalPartnumberBook
 		err := s.localDB.DB().Where("server_id = ?", sb.ID).First(&existing).Error
 		partnumbers, errPartnumbers := decodeServerPartnumbers(sb.PartnumbersJSON)
 		if errPartnumbers != nil {
 			slog.Error("failed to decode server partnumbers_json", "server_id", sb.ID, "error", errPartnumbers)
 			continue
 		}
 		if err == nil {
-			// Header exists — check whether items were saved
+			existing.Version = sb.Version
 			existing.CreatedAt = sb.CreatedAt
 			existing.IsActive = sb.IsActive
 			existing.PartnumbersJSON = partnumbers
 			if err := localBookRepo.SaveBook(&existing); err != nil {
 				slog.Error("failed to update local partnumber book header", "server_id", sb.ID, "error", err)
 				continue
 			}
 			localItemCount := localBookRepo.CountBookItems(existing.ID)
-			if localItemCount > 0 {
+			if localItemCount > 0 && localBookRepo.HasAllBookItems(existing.ID) {
 				slog.Debug("partnumber book already synced, skipping", "server_id", sb.ID, "version", sb.Version, "items", localItemCount)
 				continue
 			}
-			// Items missing — re-pull them
+			slog.Info("partnumber book header exists but catalog items are missing, re-pulling items", "server_id", sb.ID, "version", sb.Version)
-			slog.Info("partnumber book header exists but has no items, re-pulling items", "server_id", sb.ID, "version", sb.Version)
+			n, err := pullBookItems(mariaDB, localBookRepo, existing.PartnumbersJSON)
 			n, err := pullBookItems(mariaDB, localBookRepo, sb.ID, existing.ID)
 			if err != nil {
 				slog.Error("failed to re-pull items for existing book", "server_id", sb.ID, "error", err)
 			} else {
@@ -60,17 +74,18 @@ func (s *Service) PullPartnumberBooks() (int, error) {
 		slog.Info("pulling new partnumber book", "server_id", sb.ID, "version", sb.Version, "is_active", sb.IsActive)
 		localBook := &localdb.LocalPartnumberBook{
-			ServerID:  sb.ID,
+			ServerID:        sb.ID,
-			Version:   sb.Version,
+			Version:         sb.Version,
-			CreatedAt: sb.CreatedAt,
+			CreatedAt:       sb.CreatedAt,
-			IsActive:  sb.IsActive,
+			IsActive:        sb.IsActive,
 			PartnumbersJSON: partnumbers,
 		}
 		if err := localBookRepo.SaveBook(localBook); err != nil {
 			slog.Error("failed to save local partnumber book", "server_id", sb.ID, "error", err)
 			continue
 		}
-		n, err := pullBookItems(mariaDB, localBookRepo, sb.ID, localBook.ID)
+		n, err := pullBookItems(mariaDB, localBookRepo, localBook.PartnumbersJSON)
 		if err != nil {
 			slog.Error("failed to pull items for new book", "server_id", sb.ID, "error", err)
 			continue
@@ -84,39 +99,39 @@ func (s *Service) PullPartnumberBooks() (int, error) {
 	return pulled, nil
 }
-// pullBookItems fetches items for a single book from MariaDB and saves them to SQLite.
+// pullBookItems fetches catalog items for a partnumber list from MariaDB and saves them to SQLite.
 // Returns the number of items saved.
-func pullBookItems(mariaDB *gorm.DB, repo *repository.PartnumberBookRepository, serverBookID int, localBookID uint) (int, error) {
+func pullBookItems(mariaDB *gorm.DB, repo *repository.PartnumberBookRepository, partnumbers localdb.LocalStringList) (int, error) {
 	if len(partnumbers) == 0 {
 		return 0, nil
 	}
 	type serverItem struct {
 		Partnumber  string `gorm:"column:partnumber"`
-		LotName     string `gorm:"column:lot_name"`
+		LotsJSON    string `gorm:"column:lots_json"`
 		IsPrimaryPN bool   `gorm:"column:is_primary_pn"`
 		Description string `gorm:"column:description"`
 	}
 	// description column may not exist yet on older server schemas — query without it first,
 	// then retry with it to populate descriptions if available.
 	var serverItems []serverItem
-	err := mariaDB.Raw("SELECT partnumber, lot_name, is_primary_pn, description FROM qt_partnumber_book_items WHERE book_id = ?", serverBookID).Scan(&serverItems).Error
+	err := mariaDB.Raw("SELECT partnumber, lots_json, description FROM qt_partnumber_book_items WHERE partnumber IN ?", []string(partnumbers)).Scan(&serverItems).Error
 	if err != nil {
-		slog.Warn("description column not available on server, retrying without it", "server_book_id", serverBookID, "error", err)
+		return 0, fmt.Errorf("querying items from server: %w", err)
 		if err2 := mariaDB.Raw("SELECT partnumber, lot_name, is_primary_pn FROM qt_partnumber_book_items WHERE book_id = ?", serverBookID).Scan(&serverItems).Error; err2 != nil {
 			return 0, fmt.Errorf("querying items from server: %w", err2)
 		}
 	}
-	slog.Info("partnumber book items fetched from server", "server_book_id", serverBookID, "count", len(serverItems))
+	slog.Info("partnumber book items fetched from server", "count", len(serverItems), "requested_partnumbers", len(partnumbers))
 	if len(serverItems) == 0 {
-		slog.Warn("server returned 0 items for book — check qt_partnumber_book_items on server", "server_book_id", serverBookID)
+		slog.Warn("server returned 0 partnumber book items")
 		return 0, nil
 	}
 	localItems := make([]localdb.LocalPartnumberBookItem, 0, len(serverItems))
 	for _, si := range serverItems {
 		var lots localdb.LocalPartnumberBookLots
 		if err := json.Unmarshal([]byte(si.LotsJSON), &lots); err != nil {
 			return 0, fmt.Errorf("decode lots_json for %s: %w", si.Partnumber, err)
 		}
 		localItems = append(localItems, localdb.LocalPartnumberBookItem{
 			BookID:      localBookID,
 			Partnumber:  si.Partnumber,
-			LotName:     si.LotName,
+			LotsJSON:    lots,
 			IsPrimaryPN: si.IsPrimaryPN,
 			Description: si.Description,
 		})
 	}
@@ -125,3 +140,14 @@ func pullBookItems(mariaDB *gorm.DB, repo *repository.PartnumberBookRepository,
 	}
 	return len(localItems), nil
 }
 func decodeServerPartnumbers(raw string) (localdb.LocalStringList, error) {
 	if raw == "" {
 		return localdb.LocalStringList{}, nil
 	}
 	var items []string
 	if err := json.Unmarshal([]byte(raw), &items); err != nil {
 		return nil, err
 	}
 	return localdb.LocalStringList(items), nil
 }
--- a/internal/services/sync/readiness.go
+++ b/internal/services/sync/readiness.go
@@ -1,14 +1,10 @@
 package sync
 import (
 	"bufio"
 	"crypto/sha256"
 	"encoding/hex"
 	"errors"
 	"fmt"
 	"log/slog"
 	"os"
 	"strconv"
 	"strings"
 	"time"
@@ -80,48 +76,6 @@ func (s *Service) GetReadiness() (*SyncReadiness, error) {
 		)
 	}
 	migrations, err := listActiveClientMigrations(mariaDB)
 	if err != nil {
 		return s.blockedReadiness(
 			now,
 			"REMOTE_MIGRATION_REGISTRY_UNAVAILABLE",
 			"Синхронизация заблокирована: не удалось проверить централизованные миграции локальной БД.",
 			nil,
 		)
 	}
 	for i := range migrations {
 		m := migrations[i]
 		if strings.TrimSpace(m.MinAppVersion) != "" {
 			if compareVersions(appmeta.Version(), m.MinAppVersion) < 0 {
 				min := m.MinAppVersion
 				return s.blockedReadiness(
 					now,
 					"MIN_APP_VERSION_REQUIRED",
 					fmt.Sprintf("Требуется обновление приложения до версии %s для безопасной синхронизации.", m.MinAppVersion),
 					&min,
 				)
 			}
 		}
 	}
 	if err := s.applyMissingRemoteMigrations(migrations); err != nil {
 		if strings.Contains(strings.ToLower(err.Error()), "checksum") {
 			return s.blockedReadiness(
 				now,
 				"REMOTE_MIGRATION_CHECKSUM_MISMATCH",
 				"Синхронизация заблокирована: контрольная сумма миграции не совпадает.",
 				nil,
 			)
 		}
 		return s.blockedReadiness(
 			now,
 			"LOCAL_MIGRATION_APPLY_FAILED",
 			"Синхронизация заблокирована: не удалось применить миграции локальной БД.",
 			nil,
 		)
 	}
 	if err := s.reportClientSchemaState(mariaDB, now); err != nil {
 		slog.Warn("failed to report client schema state", "error", err)
 	}
@@ -158,64 +112,12 @@ func (s *Service) isOnline() bool {
 	return s.connMgr.IsOnline()
 }
-type clientLocalMigration struct {
+func ensureClientSchemaStateTable(db *gorm.DB) error {
 	ID            string    `gorm:"column:id"`
 	Name          string    `gorm:"column:name"`
 	SQLText       string    `gorm:"column:sql_text"`
 	Checksum      string    `gorm:"column:checksum"`
 	MinAppVersion string    `gorm:"column:min_app_version"`
 	OrderNo       int       `gorm:"column:order_no"`
 	CreatedAt     time.Time `gorm:"column:created_at"`
 }
 func listActiveClientMigrations(db *gorm.DB) ([]clientLocalMigration, error) {
 	if strings.EqualFold(db.Dialector.Name(), "sqlite") {
 		return []clientLocalMigration{}, nil
 	}
 	if err := ensureClientMigrationRegistryTable(db); err != nil {
 		return nil, err
 	}
 	rows := make([]clientLocalMigration, 0)
 	if err := db.Raw(`
 		SELECT id, name, sql_text, checksum, COALESCE(min_app_version, '') AS min_app_version, order_no, created_at
 		FROM qt_client_local_migrations
 		WHERE is_active = 1
 		ORDER BY order_no ASC, created_at ASC, id ASC
 	`).Scan(&rows).Error; err != nil {
 		return nil, fmt.Errorf("load client local migrations: %w", err)
 	}
 	return rows, nil
 }
 func ensureClientMigrationRegistryTable(db *gorm.DB) error {
 	// Check if table exists instead of trying to create (avoids permission issues)
 	if !tableExists(db, "qt_client_local_migrations") {
 		if err := db.Exec(`
 			CREATE TABLE IF NOT EXISTS qt_client_local_migrations (
 				id VARCHAR(128) NOT NULL,
 				name VARCHAR(255) NOT NULL,
 				sql_text LONGTEXT NOT NULL,
 				checksum VARCHAR(128) NOT NULL,
 				min_app_version VARCHAR(64) NULL,
 				order_no INT NOT NULL DEFAULT 0,
 				is_active TINYINT(1) NOT NULL DEFAULT 1,
 				created_at TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP,
 				PRIMARY KEY (id),
 				INDEX idx_qt_client_local_migrations_active_order (is_active, order_no, created_at)
 			)
 		`).Error; err != nil {
 			return fmt.Errorf("create qt_client_local_migrations table: %w", err)
 		}
 	}
 	if !tableExists(db, "qt_client_schema_state") {
 		if err := db.Exec(`
 			CREATE TABLE IF NOT EXISTS qt_client_schema_state (
 				username VARCHAR(100) NOT NULL,
 				hostname VARCHAR(255) NOT NULL DEFAULT '',
 				last_applied_migration_id VARCHAR(128) NULL,
 				app_version VARCHAR(64) NULL,
 				last_sync_at DATETIME NULL,
 				last_sync_status VARCHAR(32) NULL,
@@ -287,114 +189,13 @@ func tableExists(db *gorm.DB, tableName string) bool {
 	return count > 0
 }
 func (s *Service) applyMissingRemoteMigrations(migrations []clientLocalMigration) error {
 	for i := range migrations {
 		m := migrations[i]
 		computedChecksum := digestSQL(m.SQLText)
 		checksum := strings.TrimSpace(m.Checksum)
 		if checksum == "" {
 			checksum = computedChecksum
 		} else if !strings.EqualFold(checksum, computedChecksum) {
 			return fmt.Errorf("checksum mismatch for migration %s", m.ID)
 		}
 		applied, err := s.localDB.GetRemoteMigrationApplied(m.ID)
 		if err == nil {
 			if strings.TrimSpace(applied.Checksum) != checksum {
 				return fmt.Errorf("checksum mismatch for migration %s", m.ID)
 			}
 			continue
 		}
 		if !errors.Is(err, gorm.ErrRecordNotFound) {
 			return fmt.Errorf("check local applied migration %s: %w", m.ID, err)
 		}
 		if strings.TrimSpace(m.SQLText) == "" {
 			if err := s.localDB.UpsertRemoteMigrationApplied(m.ID, checksum, appmeta.Version(), time.Now().UTC()); err != nil {
 				return fmt.Errorf("mark empty migration %s as applied: %w", m.ID, err)
 			}
 			continue
 		}
 		statements := splitSQLStatementsLite(m.SQLText)
 		if err := s.localDB.DB().Transaction(func(tx *gorm.DB) error {
 			for _, stmt := range statements {
 				if err := tx.Exec(stmt).Error; err != nil {
 					return fmt.Errorf("apply migration %s statement %q: %w", m.ID, stmt, err)
 				}
 			}
 			return nil
 		}); err != nil {
 			return err
 		}
 		if err := s.localDB.UpsertRemoteMigrationApplied(m.ID, checksum, appmeta.Version(), time.Now().UTC()); err != nil {
 			return fmt.Errorf("record applied migration %s: %w", m.ID, err)
 		}
 	}
 	return nil
 }
 func splitSQLStatementsLite(script string) []string {
 	scanner := bufio.NewScanner(strings.NewReader(script))
 	scanner.Buffer(make([]byte, 1024), 1024*1024)
 	lines := make([]string, 0, 64)
 	for scanner.Scan() {
 		line := strings.TrimSpace(scanner.Text())
 		if line == "" || strings.HasPrefix(line, "--") {
 			continue
 		}
 		lines = append(lines, scanner.Text())
 	}
 	combined := strings.Join(lines, "\n")
 	raw := strings.Split(combined, ";")
 	stmts := make([]string, 0, len(raw))
 	for _, stmt := range raw {
 		trimmed := strings.TrimSpace(stmt)
 		if trimmed == "" {
 			continue
 		}
 		stmts = append(stmts, trimmed)
 	}
 	return stmts
 }
 func digestSQL(sqlText string) string {
 	hash := sha256.Sum256([]byte(sqlText))
 	return hex.EncodeToString(hash[:])
 }
 func compareVersions(left, right string) int {
 	leftParts := normalizeVersionParts(left)
 	rightParts := normalizeVersionParts(right)
 	maxLen := len(leftParts)
 	if len(rightParts) > maxLen {
 		maxLen = len(rightParts)
 	}
 	for i := 0; i < maxLen; i++ {
 		lv := 0
 		rv := 0
 		if i < len(leftParts) {
 			lv = leftParts[i]
 		}
 		if i < len(rightParts) {
 			rv = rightParts[i]
 		}
 		if lv < rv {
 			return -1
 		}
 		if lv > rv {
 			return 1
 		}
 	}
 	return 0
 }
 func (s *Service) reportClientSchemaState(mariaDB *gorm.DB, checkedAt time.Time) error {
 	if strings.EqualFold(mariaDB.Dialector.Name(), "sqlite") {
 		return nil
 	}
 	if err := ensureClientSchemaStateTable(mariaDB); err != nil {
 		return err
 	}
 	username := strings.TrimSpace(s.localDB.GetDBUser())
 	if username == "" {
 		return nil
@@ -404,10 +205,6 @@ func (s *Service) reportClientSchemaState(mariaDB *gorm.DB, checkedAt time.Time)
 		hostname = ""
 	}
 	hostname = strings.TrimSpace(hostname)
 	lastMigrationID := ""
 	if id, err := s.localDB.GetLatestAppliedRemoteMigrationID(); err == nil {
 		lastMigrationID = id
 	}
 	lastSyncAt := s.localDB.GetLastSyncTime()
 	lastSyncStatus := ReadinessReady
 	pendingChangesCount := s.localDB.CountPendingChanges()
@@ -420,16 +217,15 @@ func (s *Service) reportClientSchemaState(mariaDB *gorm.DB, checkedAt time.Time)
 	lastSyncErrorCode, lastSyncErrorText := latestSyncErrorState(s.localDB)
 	return mariaDB.Exec(`
 		INSERT INTO qt_client_schema_state (
-			username, hostname, last_applied_migration_id, app_version,
+			username, hostname, app_version,
 			last_sync_at, last_sync_status, pending_changes_count, pending_errors_count,
 			configurations_count, projects_count,
 			estimate_pricelist_version, warehouse_pricelist_version, competitor_pricelist_version,
 			last_sync_error_code, last_sync_error_text,
 			last_checked_at, updated_at
 		)
-		VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)
+		VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)
 		ON DUPLICATE KEY UPDATE
 			last_applied_migration_id = VALUES(last_applied_migration_id),
 			app_version = VALUES(app_version),
 			last_sync_at = VALUES(last_sync_at),
 			last_sync_status = VALUES(last_sync_status),
@@ -444,7 +240,7 @@ func (s *Service) reportClientSchemaState(mariaDB *gorm.DB, checkedAt time.Time)
 			last_sync_error_text = VALUES(last_sync_error_text),
 			last_checked_at = VALUES(last_checked_at),
 			updated_at = VALUES(updated_at)
-	`, username, hostname, lastMigrationID, appmeta.Version(),
+	`, username, hostname, appmeta.Version(),
 		lastSyncAt, lastSyncStatus, pendingChangesCount, pendingErrorsCount,
 		configurationsCount, projectsCount,
 		estimateVersion, warehouseVersion, competitorVersion,
@@ -503,34 +299,6 @@ func optionalString(value string) *string {
 	return &v
 }
 func normalizeVersionParts(v string) []int {
 	trimmed := strings.TrimSpace(v)
 	trimmed = strings.TrimPrefix(trimmed, "v")
 	chunks := strings.Split(trimmed, ".")
 	parts := make([]int, 0, len(chunks))
 	for _, chunk := range chunks {
 		clean := strings.TrimSpace(chunk)
 		if clean == "" {
 			parts = append(parts, 0)
 			continue
 		}
 		n := 0
 		for i := 0; i < len(clean); i++ {
 			if clean[i] < '0' || clean[i] > '9' {
 				clean = clean[:i]
 				break
 			}
 		}
 		if clean != "" {
 			if parsed, err := strconv.Atoi(clean); err == nil {
 				n = parsed
 			}
 		}
 		parts = append(parts, n)
 	}
 	return parts
 }
 func toReadinessFromState(state *localdb.LocalSyncGuardState) *SyncReadiness {
 	if state == nil {
 		return nil
--- a/internal/services/sync/service.go
+++ b/internal/services/sync/service.go
@@ -690,6 +690,9 @@ func (s *Service) SyncPricelistItems(localPricelistID uint) (int, error) {
 	for i, item := range serverItems {
 		localItems[i] = *localdb.PricelistItemToLocal(&item, localPricelistID)
 	}
 	if err := s.enrichLocalPricelistItemsWithStock(mariaDB, localItems); err != nil {
 		slog.Warn("pricelist stock enrichment skipped", "pricelist_id", localPricelistID, "error", err)
 	}
 	if err := s.localDB.SaveLocalPricelistItems(localItems); err != nil {
 		return 0, fmt.Errorf("saving local pricelist items: %w", err)
@@ -708,6 +711,111 @@ func (s *Service) SyncPricelistItemsByServerID(serverPricelistID uint) (int, err
 	return s.SyncPricelistItems(localPL.ID)
 }
 func (s *Service) enrichLocalPricelistItemsWithStock(mariaDB *gorm.DB, items []localdb.LocalPricelistItem) error {
 	if len(items) == 0 {
 		return nil
 	}
 	bookRepo := repository.NewPartnumberBookRepository(s.localDB.DB())
 	book, err := bookRepo.GetActiveBook()
 	if err != nil || book == nil {
 		return nil
 	}
 	bookItems, err := bookRepo.GetBookItems(book.ID)
 	if err != nil {
 		return err
 	}
 	if len(bookItems) == 0 {
 		return nil
 	}
 	partnumberToLots := make(map[string][]string, len(bookItems))
 	for _, item := range bookItems {
 		pn := strings.TrimSpace(item.Partnumber)
 		if pn == "" {
 			continue
 		}
 		seenLots := make(map[string]struct{}, len(item.LotsJSON))
 		for _, lot := range item.LotsJSON {
 			lotName := strings.TrimSpace(lot.LotName)
 			if lotName == "" {
 				continue
 			}
 			key := strings.ToLower(lotName)
 			if _, exists := seenLots[key]; exists {
 				continue
 			}
 			seenLots[key] = struct{}{}
 			partnumberToLots[pn] = append(partnumberToLots[pn], lotName)
 		}
 	}
 	if len(partnumberToLots) == 0 {
 		return nil
 	}
 	type stockRow struct {
 		Partnumber string   `gorm:"column:partnumber"`
 		Qty        *float64 `gorm:"column:qty"`
 	}
 	rows := make([]stockRow, 0)
 	if err := mariaDB.Raw(`
 		SELECT s.partnumber, s.qty
 		FROM stock_log s
 		INNER JOIN (
 			SELECT partnumber, MAX(date) AS max_date
 			FROM stock_log
 			GROUP BY partnumber
 		) latest ON latest.partnumber = s.partnumber AND latest.max_date = s.date
 		WHERE s.qty IS NOT NULL
 	`).Scan(&rows).Error; err != nil {
 		return err
 	}
 	lotTotals := make(map[string]float64, len(items))
 	lotPartnumbers := make(map[string][]string, len(items))
 	seenPartnumbers := make(map[string]map[string]struct{}, len(items))
 	for _, row := range rows {
 		pn := strings.TrimSpace(row.Partnumber)
 		if pn == "" || row.Qty == nil {
 			continue
 		}
 		lots := partnumberToLots[pn]
 		if len(lots) == 0 {
 			continue
 		}
 		for _, lotName := range lots {
 			lotTotals[lotName] += *row.Qty
 			if _, ok := seenPartnumbers[lotName]; !ok {
 				seenPartnumbers[lotName] = make(map[string]struct{}, 4)
 			}
 			key := strings.ToLower(pn)
 			if _, exists := seenPartnumbers[lotName][key]; exists {
 				continue
 			}
 			seenPartnumbers[lotName][key] = struct{}{}
 			lotPartnumbers[lotName] = append(lotPartnumbers[lotName], pn)
 		}
 	}
 	for i := range items {
 		lotName := strings.TrimSpace(items[i].LotName)
 		if qty, ok := lotTotals[lotName]; ok {
 			qtyCopy := qty
 			items[i].AvailableQty = &qtyCopy
 		}
 		if partnumbers := lotPartnumbers[lotName]; len(partnumbers) > 0 {
 			sort.Slice(partnumbers, func(a, b int) bool {
 				return strings.ToLower(partnumbers[a]) < strings.ToLower(partnumbers[b])
 			})
 			items[i].Partnumbers = append(localdb.LocalStringList{}, partnumbers...)
 		}
 	}
 	return nil
 }
 // GetLocalPriceForLot returns the price for a lot from a local pricelist
 func (s *Service) GetLocalPriceForLot(localPricelistID uint, lotName string) (float64, error) {
 	return s.localDB.GetLocalPriceForLot(localPricelistID, lotName)
--- a/internal/services/sync/service_pricelist_category_backfill_test.go
+++ b/internal/services/sync/service_pricelist_category_backfill_test.go
@@ -17,7 +17,6 @@ func TestSyncPricelists_BackfillsLotCategoryForUsedPricelistItems(t *testing.T)
 		&models.Pricelist{},
 		&models.PricelistItem{},
 		&models.Lot{},
 		&models.LotPartnumber{},
 		&models.StockLog{},
 	); err != nil {
 		t.Fatalf("migrate server tables: %v", err)
@@ -105,3 +104,102 @@ func TestSyncPricelists_BackfillsLotCategoryForUsedPricelistItems(t *testing.T)
 	}
 }
 func TestSyncPricelistItems_EnrichesStockFromLocalPartnumberBook(t *testing.T) {
 	local := newLocalDBForSyncTest(t)
 	serverDB := newServerDBForSyncTest(t)
 	if err := serverDB.AutoMigrate(
 		&models.Pricelist{},
 		&models.PricelistItem{},
 		&models.Lot{},
 		&models.StockLog{},
 	); err != nil {
 		t.Fatalf("migrate server tables: %v", err)
 	}
 	serverPL := models.Pricelist{
 		Source:       "warehouse",
 		Version:      "2026-03-07-001",
 		Notification: "server",
 		CreatedBy:    "tester",
 		IsActive:     true,
 		CreatedAt:    time.Now().Add(-1 * time.Hour),
 	}
 	if err := serverDB.Create(&serverPL).Error; err != nil {
 		t.Fatalf("create server pricelist: %v", err)
 	}
 	if err := serverDB.Create(&models.PricelistItem{
 		PricelistID: serverPL.ID,
 		LotName:     "CPU_A",
 		LotCategory: "CPU",
 		Price:       10,
 	}).Error; err != nil {
 		t.Fatalf("create server pricelist item: %v", err)
 	}
 	qty := 7.0
 	if err := serverDB.Create(&models.StockLog{
 		Partnumber: "CPU-PN-1",
 		Date:       time.Now(),
 		Price:      100,
 		Qty:        &qty,
 	}).Error; err != nil {
 		t.Fatalf("create stock log: %v", err)
 	}
 	if err := local.SaveLocalPricelist(&localdb.LocalPricelist{
 		ServerID:  serverPL.ID,
 		Source:    serverPL.Source,
 		Version:   serverPL.Version,
 		Name:      serverPL.Notification,
 		CreatedAt: serverPL.CreatedAt,
 		SyncedAt:  time.Now(),
 		IsUsed:    false,
 	}); err != nil {
 		t.Fatalf("seed local pricelist: %v", err)
 	}
 	localPL, err := local.GetLocalPricelistByServerID(serverPL.ID)
 	if err != nil {
 		t.Fatalf("get local pricelist: %v", err)
 	}
 	if err := local.DB().Create(&localdb.LocalPartnumberBook{
 		ServerID:        1,
 		Version:         "2026-03-07-001",
 		CreatedAt:       time.Now(),
 		IsActive:        true,
 		PartnumbersJSON: localdb.LocalStringList{"CPU-PN-1"},
 	}).Error; err != nil {
 		t.Fatalf("create local partnumber book: %v", err)
 	}
 	if err := local.DB().Create(&localdb.LocalPartnumberBookItem{
 		Partnumber: "CPU-PN-1",
 		LotsJSON: localdb.LocalPartnumberBookLots{
 			{LotName: "CPU_A", Qty: 1},
 		},
 		Description: "CPU PN",
 	}).Error; err != nil {
 		t.Fatalf("create local partnumber book item: %v", err)
 	}
 	svc := syncsvc.NewServiceWithDB(serverDB, local)
 	if _, err := svc.SyncPricelistItems(localPL.ID); err != nil {
 		t.Fatalf("sync pricelist items: %v", err)
 	}
 	items, err := local.GetLocalPricelistItems(localPL.ID)
 	if err != nil {
 		t.Fatalf("load local items: %v", err)
 	}
 	if len(items) != 1 {
 		t.Fatalf("expected 1 local item, got %d", len(items))
 	}
 	if items[0].AvailableQty == nil {
 		t.Fatalf("expected available_qty to be set")
 	}
 	if *items[0].AvailableQty != 7 {
 		t.Fatalf("expected available_qty=7, got %v", *items[0].AvailableQty)
 	}
 	if len(items[0].Partnumbers) != 1 || items[0].Partnumbers[0] != "CPU-PN-1" {
 		t.Fatalf("expected partnumbers [CPU-PN-1], got %v", items[0].Partnumbers)
 	}
 }
--- a/internal/services/vendor_spec_resolver.go
+++ b/internal/services/vendor_spec_resolver.go
@@ -3,6 +3,7 @@ package services
 import (
 	"git.mchus.pro/mchus/quoteforge/internal/localdb"
 	"git.mchus.pro/mchus/quoteforge/internal/repository"
 	"math"
 )
 // ResolvedBOMRow is the result of resolving a single vendor BOM row.
@@ -47,7 +48,19 @@ func (r *VendorSpecResolver) Resolve(items []localdb.VendorSpecItem) ([]localdb.
 		// Step 1: Look up in active book
 		matches, err := r.bookRepo.FindLotByPartnumber(book.ID, pn)
 		if err == nil && len(matches) > 0 {
-			items[i].ResolvedLotName = matches[0].LotName
+			items[i].LotMappings = make([]localdb.VendorSpecLotMapping, 0, len(matches[0].LotsJSON))
 			for _, lot := range matches[0].LotsJSON {
 				if lot.LotName == "" {
 					continue
 				}
 				items[i].LotMappings = append(items[i].LotMappings, localdb.VendorSpecLotMapping{
 					LotName:       lot.LotName,
 					QuantityPerPN: lotQtyToInt(lot.Qty),
 				})
 			}
 			if len(items[i].LotMappings) > 0 {
 				items[i].ResolvedLotName = items[i].LotMappings[0].LotName
 			}
 			items[i].ResolutionSource = "book"
 			continue
 		}
@@ -67,13 +80,9 @@ func (r *VendorSpecResolver) Resolve(items []localdb.VendorSpecItem) ([]localdb.
 	return items, nil
 }
-// AggregateLOTs applies the qty-logic to compute per-LOT quantities from the resolved BOM.
+// AggregateLOTs applies qty from the resolved PN composition stored in lots_json.
 // qty(lot) = SUM(qty of primary PN rows for this lot) if any primary PN exists, else 1.
 func AggregateLOTs(items []localdb.VendorSpecItem, book *localdb.LocalPartnumberBook, bookRepo *repository.PartnumberBookRepository) ([]AggregatedLOT, error) {
-	// Gather all unique lot names that resolved
+	lotTotals := make(map[string]int)
 	lotPrimary := make(map[string]int)     // lot_name → sum of primary PN quantities
 	lotAny := make(map[string]bool)        // lot_name → seen at least once (non-primary)
 	lotHasPrimary := make(map[string]bool) // lot_name → has at least one primary PN in spec
 	if book != nil {
 		for _, item := range items {
@@ -83,21 +92,17 @@ func AggregateLOTs(items []localdb.VendorSpecItem, book *localdb.LocalPartnumber
 			lot := item.ResolvedLotName
 			pn := item.VendorPartnumber
 			// Find if this pn is primary for its lot
 			matches, err := bookRepo.FindLotByPartnumber(book.ID, pn)
 			if err != nil || len(matches) == 0 {
-				// manual/unresolved — treat as non-primary
+				lotTotals[lot] += item.Quantity
 				lotAny[lot] = true
 				continue
 			}
 			for _, m := range matches {
-				if m.LotName == lot {
+				for _, mappedLot := range m.LotsJSON {
-					if m.IsPrimaryPN {
+					if mappedLot.LotName != lot {
-						lotPrimary[lot] += item.Quantity
+						continue
 						lotHasPrimary[lot] = true
 					} else {
 						lotAny[lot] = true
 					}
 					lotTotals[lot] += item.Quantity * lotQtyToInt(mappedLot.Qty)
 				}
 			}
 		}
@@ -105,7 +110,7 @@ func AggregateLOTs(items []localdb.VendorSpecItem, book *localdb.LocalPartnumber
 		// No book: all resolved rows contribute qty=1 per lot
 		for _, item := range items {
 			if item.ResolvedLotName != "" {
-				lotAny[item.ResolvedLotName] = true
+				lotTotals[item.ResolvedLotName] += item.Quantity
 			}
 		}
 	}
@@ -119,11 +124,18 @@ func AggregateLOTs(items []localdb.VendorSpecItem, book *localdb.LocalPartnumber
 			continue
 		}
 		seen[lot] = true
-		qty := 1
+		qty := lotTotals[lot]
-		if lotHasPrimary[lot] {
+		if qty < 1 {
-			qty = lotPrimary[lot]
+			qty = 1
 		}
 		result = append(result, AggregatedLOT{LotName: lot, Quantity: qty})
 	}
 	return result, nil
 }
 func lotQtyToInt(qty float64) int {
 	if qty < 1 {
 		return 1
 	}
 	return int(math.Round(qty))
 }
--- a/internal/services/vendor_workspace_import_test.go
+++ b/internal/services/vendor_workspace_import_test.go
@@ -231,20 +231,17 @@ func TestImportVendorWorkspaceToProject_AutoResolvesAndAppliesEstimate(t *testin
 	bookRepo := local.DB()
 	if err := bookRepo.Create(&localdb.LocalPartnumberBook{
-		ServerID:  501,
+		ServerID:        501,
-		Version:   "B-1",
+		Version:         "B-1",
-		CreatedAt: time.Now(),
+		CreatedAt:       time.Now(),
-		IsActive:  true,
+		IsActive:        true,
 		PartnumbersJSON: localdb.LocalStringList{"CPU-1", "LIC-1"},
 	}).Error; err != nil {
 		t.Fatalf("save active book: %v", err)
 	}
 	var book localdb.LocalPartnumberBook
 	if err := bookRepo.Where("server_id = ?", 501).First(&book).Error; err != nil {
 		t.Fatalf("load active book: %v", err)
 	}
 	if err := bookRepo.Create([]localdb.LocalPartnumberBookItem{
-		{BookID: book.ID, Partnumber: "CPU-1", LotName: "CPU_INTEL_6747P", IsPrimaryPN: true},
+		{Partnumber: "CPU-1", LotsJSON: localdb.LocalPartnumberBookLots{{LotName: "CPU_INTEL_6747P", Qty: 1}}},
-		{BookID: book.ID, Partnumber: "LIC-1", LotName: "LICENSE_XCC", IsPrimaryPN: true},
+		{Partnumber: "LIC-1", LotsJSON: localdb.LocalPartnumberBookLots{{LotName: "LICENSE_XCC", Qty: 1}}},
 	}).Error; err != nil {
 		t.Fatalf("save book items: %v", err)
 	}
--- a/migrations/015_add_lot_partnumbers.sql
+++ b/migrations/015_add_lot_partnumbers.sql
@@ -1,7 +0,0 @@
 CREATE TABLE IF NOT EXISTS lot_partnumbers (
    partnumber VARCHAR(255) NOT NULL,
    lot_name VARCHAR(255) NOT NULL DEFAULT '',
    description VARCHAR(10000) NULL,
    PRIMARY KEY (partnumber, lot_name),
    INDEX idx_lot_partnumbers_lot_name (lot_name)
 );
--- a/migrations/017_update_lot_partnumbers_for_placeholders.sql
+++ b/migrations/017_update_lot_partnumbers_for_placeholders.sql
@@ -1,25 +0,0 @@
 -- Allow placeholder mappings (partnumber without bound lot) and store import description.
 ALTER TABLE lot_partnumbers
    ADD COLUMN IF NOT EXISTS description VARCHAR(10000) NULL AFTER lot_name;
 ALTER TABLE lot_partnumbers
    MODIFY COLUMN lot_name VARCHAR(255) NOT NULL DEFAULT '';
 -- Drop FK on lot_name if it exists to allow unresolved placeholders.
 SET @lp_fk_name := (
    SELECT kcu.CONSTRAINT_NAME
    FROM information_schema.KEY_COLUMN_USAGE kcu
    WHERE kcu.TABLE_SCHEMA = DATABASE()
      AND kcu.TABLE_NAME = 'lot_partnumbers'
      AND kcu.COLUMN_NAME = 'lot_name'
      AND kcu.REFERENCED_TABLE_NAME IS NOT NULL
    LIMIT 1
 );
 SET @lp_drop_fk_sql := IF(
    @lp_fk_name IS NULL,
    'SELECT 1',
    CONCAT('ALTER TABLE lot_partnumbers DROP FOREIGN KEY `', @lp_fk_name, '`')
 );
 PREPARE lp_stmt FROM @lp_drop_fk_sql;
 EXECUTE lp_stmt;
 DEALLOCATE PREPARE lp_stmt;
--- a/web/templates/login.html
+++ b/web/templates/login.html
@@ -1,82 +0,0 @@
 {{define "title"}}Вход - QuoteForge{{end}}
 {{define "content"}}
 <div class="max-w-sm mx-auto mt-16">
    <div class="bg-white rounded-lg shadow p-6">
        <h1 class="text-xl font-bold text-center mb-6">Вход в систему</h1>
        <form id="login-form">
            <div class="mb-4">
                <label class="block text-sm font-medium text-gray-700 mb-1">Логин</label>
                <input type="text" name="username" id="username" required
                       class="w-full px-3 py-2 border rounded focus:outline-none focus:ring-2 focus:ring-blue-500"
                       value="admin">
            </div>
            <div class="mb-4">
                <label class="block text-sm font-medium text-gray-700 mb-1">Пароль</label>
                <input type="password" name="password" id="password" required
                       class="w-full px-3 py-2 border rounded focus:outline-none focus:ring-2 focus:ring-blue-500"
                       value="admin123">
            </div>
            <div id="error" class="text-red-600 text-sm mb-4 hidden"></div>
            <button type="submit" id="submit-btn"
                    class="w-full bg-blue-600 text-white py-2 rounded hover:bg-blue-700">
                Войти
            </button>
        </form>
        <p class="text-center text-sm text-gray-500 mt-4">
            <a href="/" class="text-blue-600">← На главную</a>
        </p>
    </div>
 </div>
 <script>
 document.addEventListener('DOMContentLoaded', function() {
    const form = document.getElementById('login-form');
    if (!form) return;
    form.addEventListener('submit', async function(e) {
        e.preventDefault();
        const username = document.getElementById('username').value;
        const password = document.getElementById('password').value;
        const errorEl = document.getElementById('error');
        const btn = document.getElementById('submit-btn');
        errorEl.classList.add('hidden');
        btn.disabled = true;
        btn.textContent = 'Вход...';
        try {
            const resp = await fetch('/api/auth/login', {
                method: 'POST',
                headers: {'Content-Type': 'application/json'},
                body: JSON.stringify({username, password})
            });
            const data = await resp.json();
            if (resp.ok && data.access_token) {
                localStorage.setItem('token', data.access_token);
                localStorage.setItem('refresh_token', data.refresh_token);
                localStorage.setItem('user', JSON.stringify(data.user));
                window.location.href = '/configs';
            } else {
                errorEl.textContent = data.error || 'Неверный логин или пароль';
                errorEl.classList.remove('hidden');
                btn.disabled = false;
                btn.textContent = 'Войти';
            }
        } catch(err) {
            errorEl.textContent = 'Ошибка соединения с сервером';
            errorEl.classList.remove('hidden');
            btn.disabled = false;
            btn.textContent = 'Войти';
        }
    });
 });
 </script>
 {{end}}
 {{template "base" .}}
--- a/web/templates/partnumber_books.html
+++ b/web/templates/partnumber_books.html
@@ -5,7 +5,7 @@
    <h1 class="text-2xl font-bold text-gray-900">Партномера</h1>
    <!-- Summary cards -->
-    <div id="summary-cards" class="grid grid-cols-2 md:grid-cols-4 gap-4 hidden">
+    <div id="summary-cards" class="grid grid-cols-2 md:grid-cols-3 gap-4 hidden">
        <div class="bg-white rounded-lg shadow p-4">
            <div class="text-xs text-gray-500 mb-1">Активный лист</div>
            <div id="card-version" class="font-mono font-semibold text-gray-800 text-sm truncate">—</div>
@@ -19,10 +19,6 @@
            <div class="text-xs text-gray-500 mb-1">Всего PN</div>
            <div id="card-pn-total" class="text-2xl font-bold text-gray-800">—</div>
        </div>
        <div class="bg-white rounded-lg shadow p-4">
            <div class="text-xs text-gray-500 mb-1">Primary PN</div>
            <div id="card-pn-primary" class="text-2xl font-bold text-green-600">—</div>
        </div>
    </div>
    <div id="summary-empty" class="hidden bg-yellow-50 border border-yellow-200 rounded-lg p-4 text-sm text-yellow-800">
@@ -84,7 +80,6 @@
                    <tr>
                        <th class="px-4 py-2 text-left">Partnumber</th>
                        <th class="px-4 py-2 text-left">LOT</th>
                        <th class="px-4 py-2 text-center w-24">Primary</th>
                        <th class="px-4 py-2 text-left">Описание</th>
                    </tr>
                </thead>
@@ -225,7 +220,6 @@ async function loadActiveBookItemsPage(page = 1, search = '', book = null) {
    document.getElementById('card-date').textContent = targetBook.created_at;
    document.getElementById('card-lots').textContent = Number(data.lot_count || 0);
    document.getElementById('card-pn-total').textContent = Number(data.book_total || 0);
    document.getElementById('card-pn-primary').textContent = Number(data.primary_count || 0);
    document.getElementById('summary-cards').classList.remove('hidden');
    document.getElementById('active-book-section').classList.remove('hidden');
    document.getElementById('pn-search').value = itemsSearch;
@@ -240,10 +234,11 @@ function renderItems(items) {
    items.forEach(item => {
        const tr = document.createElement('tr');
        tr.className = 'border-b hover:bg-gray-50';
        const lots = Array.isArray(item.lots_json) ? item.lots_json : [];
        const lotsText = lots.map(l => `${l.lot_name} x${l.qty}`).join(', ');
        tr.innerHTML = `
            <td class="px-4 py-1.5 font-mono text-xs">${item.partnumber}</td>
-            <td class="px-4 py-1.5 text-xs font-medium text-blue-700">${item.lot_name}</td>
+            <td class="px-4 py-1.5 text-xs font-medium text-blue-700">${lotsText}</td>
            <td class="px-4 py-1.5 text-center text-green-600 text-xs">${item.is_primary_pn ? '✓' : ''}</td>
            <td class="px-4 py-1.5 text-xs text-gray-500">${item.description || ''}</td>
        `;
        tbody.appendChild(tr);