huge documentaton restructure for docusaurus

docs/prp/tenant-app-specs/api-usage.md

@@ -1,6 +1,6 @@
 # API-Nutzung der Tenant Admin App
 
-Diese Dokumentation beschreibt alle API-Endpunkte der Tenant Admin App. Alle Requests sind tenant-scoped und erfordern ein Sanctum Personal Access Token (PAT) mit der Fähigkeit `tenant-admin` bzw. `tenant:<id>`.
+Diese Dokumentation beschreibt alle API-Endpunkte der Tenant Admin App. Alle Requests sind tenant-scoped und erfordern ein Sanctum Personal Access Token (PAT) mit der Fähigkeit `tenant-admin` bzw. `tenant:\{id\}`.
 
 ## Authentifizierung
 
@@ -30,7 +30,7 @@ Diese Dokumentation beschreibt alle API-Endpunkte der Tenant Admin App. Alle Req
 
 ### Stats laden
 - **GET /api/v1/tenant/dashboard**
-  - **Headers**: `Authorization: Bearer {token}`
+  - **Headers**: `Authorization: Bearer \{token\}`
   - **Response**: `{ active_package, active_events, new_photos, task_progress }`
   - **Zweck**: Übersicht-Daten für Dashboard-Cards (active_package: current tenant package info)
 
@@ -38,7 +38,7 @@ Diese Dokumentation beschreibt alle API-Endpunkte der Tenant Admin App. Alle Req
 
 ### Events-Liste
 - **GET /api/v1/tenant/events**
-  - **Headers**: `Authorization: Bearer {token}`
+  - **Headers**: `Authorization: Bearer \{token\}`
   - **Params**: 
     - `page=1` (Pagination)
     - `per_page=50` (max für Mobile)
@@ -49,32 +49,32 @@ Diese Dokumentation beschreibt alle API-Endpunkte der Tenant Admin App. Alle Req
 
 ### Event erstellen
 - **POST /api/v1/tenant/events**
-  - **Headers**: `Authorization: Bearer {token}`, `Content-Type: application/json`
+  - **Headers**: `Authorization: Bearer \{token\}`, `Content-Type: application/json`
   - **Body**: `{ title, date, location, description, package_id }`
   - **Response**: 201 Created mit erstelltem Event
   - **Validierung**: Prüft Tenant-Package (Reseller-Limit) und erstellt Event-Package (Einmalkauf oder Free)
 
 ### Event-Details
-- **GET /api/v1/tenant/events/{slug}**
-  - **Headers**: `Authorization: Bearer {token}`
+- **GET /api/v1/tenant/events/\{slug\}**
+  - **Headers**: `Authorization: Bearer \{token\}`
   - **Response**: Erweitertes Event mit `{ tasks[], members, stats { likes, views, uploads } }`
 
 ### Event updaten
-- **PATCH /api/v1/tenant/events/{slug}**
-  - **Headers**: `Authorization: Bearer {token}`, `Content-Type: application/json`, `If-Match: {etag}`
+- **PATCH /api/v1/tenant/events/\{slug\}**
+  - **Headers**: `Authorization: Bearer \{token\}`, `Content-Type: application/json`, `If-Match: \{etag\}`
   - **Body**: Partial Event-Daten (title, date, location, description)
   - **Response**: Updated Event
 
 ### Event archivieren
-- **DELETE /api/v1/tenant/events/{slug}**
-  - **Headers**: `Authorization: Bearer {token}`, `If-Match: {etag}`
+- **DELETE /api/v1/tenant/events/\{slug\}**
+  - **Headers**: `Authorization: Bearer \{token\}`, `If-Match: \{etag\}`
   - **Response**: 204 No Content (soft-delete)
 
 ## Photos
 
 ### Photos laden
-- **GET /api/v1/tenant/events/{event_id}/photos**
-  - **Headers**: `Authorization: Bearer {token}`
+- **GET /api/v1/tenant/events/\{event_id\}/photos**
+  - **Headers**: `Authorization: Bearer \{token\}`
   - **Params**: 
     - `page=1`, `per_page=50`
     - `status=pending|approved|rejected|featured`
@@ -84,34 +84,34 @@ Diese Dokumentation beschreibt alle API-Endpunkte der Tenant Admin App. Alle Req
   - **Photo-Shape**: `{ id, eventId, url, thumbnail, uploadedAt, status, likes, views, uploader, etag }`
 
 ### Upload-URL anfordern
-- **POST /api/v1/tenant/events/{event_id}/photos**
-  - **Headers**: `Authorization: Bearer {token}`, `Content-Type: application/json`
+- **POST /api/v1/tenant/events/\{event_id\}/photos**
+  - **Headers**: `Authorization: Bearer \{token\}`, `Content-Type: application/json`
   - **Body**: `{ file_name, description? }`
   - **Response**: `{ id, upload_url (S3 signed), thumbnail_url }`
 
 ### Photo moderieren
-- **PATCH /api/v1/tenant/photos/{id}**
-  - **Headers**: `Authorization: Bearer {token}`, `Content-Type: application/json`, `If-Match: {etag}`
+- **PATCH /api/v1/tenant/photos/\{id\}**
+  - **Headers**: `Authorization: Bearer \{token\}`, `Content-Type: application/json`, `If-Match: \{etag\}`
   - **Body**: `{ status: 'approved'|'rejected'|'featured', featured?, reason? }`
   - **Response**: Updated Photo
 
 ### Photo löschen
-- **DELETE /api/v1/tenant/photos/{id}**
-  - **Headers**: `Authorization: Bearer {token}`, `If-Match: {etag}`
+- **DELETE /api/v1/tenant/photos/\{id\}**
+  - **Headers**: `Authorization: Bearer \{token\}`, `If-Match: \{etag\}`
   - **Response**: 204 No Content
 
 ## Members
 
 ### Mitglieder laden
-- **GET /api/v1/tenant/events/{event_id}/members**
-  - **Headers**: `Authorization: Bearer {token}`
+- **GET /api/v1/tenant/events/\{event_id\}/members**
+  - **Headers**: `Authorization: Bearer \{token\}`
   - **Params**: `page`, `per_page`, `status=pending|active|invited`
   - **Response**: `{ data: Member[], current_page, last_page }`
   - **Member-Shape**: `{ id, name, email, role, joinedAt, avatar?, status }`
 
 ### Mitglied einladen
-- **POST /api/v1/tenant/events/{event_id}/members**
-  - **Headers**: `Authorization: Bearer {token}`, `Content-Type: application/json`
+- **POST /api/v1/tenant/events/\{event_id\}/members**
+  - **Headers**: `Authorization: Bearer \{token\}`, `Content-Type: application/json`
   - **Body**: `{ email, role: 'member'|'guest', name? }`
   - **Response**: 201 Created, E-Mail wird versendet
 
@@ -119,7 +119,7 @@ Diese Dokumentation beschreibt alle API-Endpunkte der Tenant Admin App. Alle Req
 
 ### Tasks laden
 - **GET /api/v1/tasks**
-  - **Headers**: `Authorization: Bearer {token}`
+  - **Headers**: `Authorization: Bearer \{token\}`
   - **Params**: 
     - `global=true/false` (globale vs. tenant Tasks)
     - `tenant_id=me` (nur eigene Tasks)
@@ -128,14 +128,14 @@ Diese Dokumentation beschreibt alle API-Endpunkte der Tenant Admin App. Alle Req
   - **Task-Shape**: `{ id, title, description?, category, isGlobal, tenantId?, createdAt, color? }`
 
 ### Event-Tasks laden
-- **GET /api/v1/tenant/events/{event_id}/tasks**
-  - **Headers**: `Authorization: Bearer {token}`
+- **GET /api/v1/tenant/events/\{event_id\}/tasks**
+  - **Headers**: `Authorization: Bearer \{token\}`
   - **Response**: `{ data: EventTask[], overall_progress }`
   - **EventTask-Shape**: `{ id, eventId, taskId, task: Task, order, completed, assignedTo?, progress }`
 
 ### Tasks bulk zuweisen
-- **POST /api/v1/tenant/events/{event_id}/tasks/bulk**
-  - **Headers**: `Authorization: Bearer {token}`, `Content-Type: application/json`
+- **POST /api/v1/tenant/events/\{event_id\}/tasks/bulk**
+  - **Headers**: `Authorization: Bearer \{token\}`, `Content-Type: application/json`
   - **Body**: `{ task_ids: string[], order: number[] }`
   - **Response**: Updated EventTasks mit neuer Reihenfolge
 
@@ -143,12 +143,12 @@ Diese Dokumentation beschreibt alle API-Endpunkte der Tenant Admin App. Alle Req
 
 ### Settings laden
 - **GET /api/v1/tenant/settings**
-  - **Headers**: `Authorization: Bearer {token}`
+  - **Headers**: `Authorization: Bearer \{token\}`
   - **Response**: `{ primaryColor, tenantName, maxEventsPerMonth, enableTasks, enableEmotions, legalPages { impressumUrl, privacyUrl } }`
 
 ### Settings updaten
 - **PATCH /api/v1/tenant/settings**
-  - **Headers**: `Authorization: Bearer {token}`, `Content-Type: application/json`
+  - **Headers**: `Authorization: Bearer \{token\}`, `Content-Type: application/json`
   - **Body**: Partial Settings-Daten
   - **Response**: Updated Settings
 
@@ -156,33 +156,33 @@ Diese Dokumentation beschreibt alle API-Endpunkte der Tenant Admin App. Alle Req
 
 ### Balance laden
 - **GET /api/v1/tenant/credits/balance**
-  - **Headers**: `Authorization: Bearer {token}`
+  - **Headers**: `Authorization: Bearer \{token\}`
   - **Response**: `{ balance: number }`
 
 ### Ledger-Verlauf
 - **GET /api/v1/tenant/credits/ledger**
-  - **Headers**: `Authorization: Bearer {token}`
+  - **Headers**: `Authorization: Bearer \{token\}`
   - **Params**: `page`, `per_page` (Pagination)
   - **Response**: `{ data: LedgerEntry[], current_page, last_page }`
   - **LedgerEntry**: `{ id, type, amount, credits, date, description, transactionId? }`
 
 ### Credits kaufen (In-App)
 - **POST /api/v1/tenant/credits/purchase**
-  - **Headers**: `Authorization: Bearer {token}`, `Content-Type: application/json`
+  - **Headers**: `Authorization: Bearer \{token\}`, `Content-Type: application/json`
   - **Body**: `{ package_id: string, credits_added: number, platform?: 'capacitor'|'web', transaction_id?: string, subscription_active?: boolean }`
   - **Response**: `{ message, balance, subscription_active }`
   - **Hinweis**: Wird nach erfolgreichen In-App-Kuferfolgen aufgerufen, aktualisiert Balance & Ledger.
 
 ### Credits synchronisieren
 - **POST /api/v1/tenant/credits/sync**
-  - **Headers**: `Authorization: Bearer {token}`, `Content-Type: application/json`
+  - **Headers**: `Authorization: Bearer \{token\}`, `Content-Type: application/json`
   - **Body**: `{ balance: number, subscription_active: boolean, last_sync: ISODateString }`
   - **Response**: `{ balance, subscription_active, server_time }`
   - **Hinweis**: Client meldet lokalen Stand; Server gibt Quelle-der-Wahrheit zurcck.
 
 ### Kauf-Intent erstellen
 - **POST /api/v1/tenant/purchases/intent**
-  - **Headers**: `Authorization: Bearer {token}`, `Content-Type: application/json`
+  - **Headers**: `Authorization: Bearer \{token\}`, `Content-Type: application/json`
   - **Body**: `{ package_id }`
   - **Response**: `{ checkout_url: string }` (Stripe-Checkout)
   - **Nach dem Kauf**: Webhook-Handling auf Backend für Balance-Update
@@ -190,9 +190,9 @@ Diese Dokumentation beschreibt alle API-Endpunkte der Tenant Admin App. Alle Req
 ## Allgemeine Headers
 
 Alle API-Requests enthalten:
-- **Authorization**: `Bearer {access_token}` (Sanctum PAT mit Fähigkeit `tenant:{id}`)
+- **Authorization**: `Bearer \{access_token\}` (Sanctum PAT mit Fähigkeit `tenant:\{id\}`)
 - **Content-Type**: `application/json` (für POST/PATCH)
-- **If-Match**: `{etag}` (für Concurrency-Control bei Updates)
+- **If-Match**: `\{etag\}` (für Concurrency-Control bei Updates)
 - **Accept**: `application/json`
 
 ## Error-Handling
@@ -227,12 +227,12 @@ Alle Listen-Endpunkte unterstützen:
 ## Headers für Concurrency
 
 Mutierende Endpunkte (PATCH/DELETE) erfordern:
-- **If-Match**: `{etag}` aus GET-Response
+- **If-Match**: `\{etag\}` aus GET-Response
 - **Response**: 412 Precondition Failed bei Conflict
 
 ## Sicherheit
 
-- **Tenant-Isolation**: Middleware vergleicht PAT-Fähigkeit (`tenant:{id}`) mit dem angefragten Tenant
+- **Tenant-Isolation**: Middleware vergleicht PAT-Fähigkeit (`tenant:\{id\}`) mit dem angefragten Tenant
 - **RBAC**: Nur tenant_admin kann mutieren, member kann nur lesen/hochladen
 - **Rate Limiting**: 100 Requests/Minute pro Tenant
 - **ETag**: Automatische Concurrency-Control
@@ -247,7 +247,7 @@ Mutierende Endpunkte (PATCH/DELETE) erfordern:
 
 ### Beispiel curl (mit Token)
 ```bash
-curl -H "Authorization: Bearer {token}" \
+curl -H "Authorization: Bearer \{token\}" \
   -H "Content-Type: application/json" \
   https://api.fotospiel.com/api/v1/tenant/events
 ```