feat(geoportal-v2): export toolbar + Semnez ca picker + CF intern/Extras split

V2 panel toolbar replaces the single "Comandă CF" button with two rows:

  [Încadrare] [Pl. situație] [Coord.] [DXF]       ← 4 exports
  [CF intern] [Extras CF]                          ← 2 CF flows

Each export button pops an inline modal:
  - PIZ / PAD: SignAsPicker (PFA / PJA radio list, manual-add inline,
    co-signer slot on PIZ) + basemap toggle (google / orto for PIZ).
  - Coord / DXF: no picker — single-click download via JWT proxy.

"CF intern" is the free copycf flow from eTerra (proxied via gis-api);
"Extras CF" keeps the existing CfOrderModal (1 credit ePay). The two
modes are now visually balanced as a 2-button row.

Sign-as picker rows merge user-owned Signatory table entries with the
SIGN_AS_DEFAULT_OPTIONS env-driven fallback (org-wide hardcoded options;
defaults seed two Studii de teren entries — Tiurbe PFA + SRL PJA). New
rows added via the picker's "Adaugă autorizație" inline form write to
the Signatory table; ENV rows are read-only.

Architots side ships fully:
  - prisma Signatory model + ALTER TABLE applied (per the schema-drift
    feedback memory).
  - /api/sign-as-options (GET, POST) + /api/sign-as-options/[id]
    (PATCH, DELETE).
  - /api/cf-intern/order and /api/gis/parcel/[id]/{piz,pad,coords,dxf}
    proxy routes — auth check + JWT forward, stream binary back.
  - gis-api thin client extended with the matching exports.* namespace.

Until the gis-api endpoints ship (next session — full spec in
docs/plans/005-gis-api-export-endpoints.md), each export proxy returns
501 "…urmează" with a Romanian message so the modal shows what's
coming instead of a hard error.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>

src/app/api/sign-as-options/[id]/route.ts

@@ -0,0 +1,100 @@
+// PATCH /api/sign-as-options/[id]
+//   → update a user-owned Signatory. ENV-source rows (id starts with "env-")
+//     are read-only and return 400.
+// DELETE /api/sign-as-options/[id]
+//   → remove a user-owned Signatory. ENV rows return 400.
+
+import { NextResponse } from "next/server";
+import { getAuthSession } from "@/core/auth/require-auth";
+import { prisma } from "@/core/storage/prisma";
+import type { SignAsUpdateInput } from "@/modules/geoportal/v2/sign-as/types";
+
+export const runtime = "nodejs";
+export const dynamic = "force-dynamic";
+
+function sessionUserId(session: unknown): string | null {
+  const s = session as { user?: { id?: unknown } } | null;
+  const id = s?.user?.id;
+  return typeof id === "string" && id.length > 0 ? id : null;
+}
+
+export async function PATCH(
+  request: Request,
+  { params }: { params: Promise<{ id: string }> },
+) {
+  const { id } = await params;
+  if (id.startsWith("env-")) {
+    return NextResponse.json({ error: "env_row_readonly" }, { status: 400 });
+  }
+  const session = await getAuthSession();
+  const userId = sessionUserId(session);
+  if (!userId) return NextResponse.json({ error: "Unauthorized" }, { status: 401 });
+
+  const existing = await prisma.signatory.findUnique({ where: { id } });
+  if (!existing || existing.userId !== userId) {
+    return NextResponse.json({ error: "not_found" }, { status: 404 });
+  }
+
+  const body = (await request.json()) as SignAsUpdateInput;
+  if (body.kind && body.kind !== "user" && body.kind !== "org") {
+    return NextResponse.json({ error: "kind_invalid" }, { status: 400 });
+  }
+
+  if (body.isDefault === true) {
+    await prisma.signatory.updateMany({
+      where: { userId, isDefault: true, NOT: { id } },
+      data: { isDefault: false },
+    });
+  }
+
+  const row = await prisma.signatory.update({
+    where: { id },
+    data: {
+      ...(body.kind !== undefined ? { kind: body.kind } : {}),
+      ...(body.displayName !== undefined
+        ? { displayName: body.displayName.trim() }
+        : {}),
+      ...(body.authClass !== undefined
+        ? { authClass: body.authClass?.trim() || null }
+        : {}),
+      ...(body.authNumber !== undefined
+        ? { authNumber: body.authNumber.trim() }
+        : {}),
+      ...(body.isDefault !== undefined ? { isDefault: body.isDefault } : {}),
+      ...(body.notes !== undefined ? { notes: body.notes?.trim() || null } : {}),
+    },
+  });
+
+  return NextResponse.json({
+    option: {
+      id: row.id,
+      source: "db" as const,
+      kind: row.kind as "user" | "org",
+      displayName: row.displayName,
+      authClass: row.authClass,
+      authNumber: row.authNumber,
+      isDefault: row.isDefault,
+      notes: row.notes,
+    },
+  });
+}
+
+export async function DELETE(
+  _request: Request,
+  { params }: { params: Promise<{ id: string }> },
+) {
+  const { id } = await params;
+  if (id.startsWith("env-")) {
+    return NextResponse.json({ error: "env_row_readonly" }, { status: 400 });
+  }
+  const session = await getAuthSession();
+  const userId = sessionUserId(session);
+  if (!userId) return NextResponse.json({ error: "Unauthorized" }, { status: 401 });
+
+  const existing = await prisma.signatory.findUnique({ where: { id } });
+  if (!existing || existing.userId !== userId) {
+    return NextResponse.json({ error: "not_found" }, { status: 404 });
+  }
+  await prisma.signatory.delete({ where: { id } });
+  return NextResponse.json({ ok: true });
+}

src/app/api/sign-as-options/route.ts

@@ -0,0 +1,117 @@
+// GET /api/sign-as-options
+//   → merged list of the caller's own Signatory rows + ENV-default rows
+//     visible to their company. Used by the V2 panel's "Semnez ca:" picker.
+//
+// POST /api/sign-as-options
+//   → create a new user-owned Signatory row.
+//   Body: SignAsCreateInput from "@/modules/geoportal/v2/sign-as/types".
+
+import { NextResponse } from "next/server";
+import { getAuthSession } from "@/core/auth/require-auth";
+import { prisma } from "@/core/storage/prisma";
+import { getEnvDefaults } from "@/modules/geoportal/v2/sign-as/env-defaults";
+import type {
+  SignAsCreateInput,
+  SignAsOption,
+} from "@/modules/geoportal/v2/sign-as/types";
+
+export const runtime = "nodejs";
+export const dynamic = "force-dynamic";
+
+function sessionUserId(session: unknown): string | null {
+  const s = session as { user?: { id?: unknown } } | null;
+  const id = s?.user?.id;
+  return typeof id === "string" && id.length > 0 ? id : null;
+}
+
+function sessionCompany(session: unknown): string | null {
+  const s = session as { user?: { company?: unknown } } | null;
+  const c = s?.user?.company;
+  return typeof c === "string" && c.length > 0 ? c : null;
+}
+
+export async function GET() {
+  const session = await getAuthSession();
+  const userId = sessionUserId(session);
+  if (!userId) return NextResponse.json({ error: "Unauthorized" }, { status: 401 });
+
+  const company = sessionCompany(session);
+  const dbRows = await prisma.signatory.findMany({
+    where: { userId },
+    orderBy: [{ isDefault: "desc" }, { createdAt: "asc" }],
+  });
+
+  const envRows = getEnvDefaults(company);
+
+  // Drop env rows that the user has overridden with a same-(kind,authNumber)
+  // personal entry — their copy takes precedence.
+  const overridden = new Set(dbRows.map((r) => `${r.kind}:${r.authNumber}`));
+  const envVisible = envRows.filter(
+    (r) => !overridden.has(`${r.kind}:${r.authNumber}`),
+  );
+
+  const out: SignAsOption[] = [
+    ...dbRows.map((r) => ({
+      id: r.id,
+      source: "db" as const,
+      kind: r.kind as "user" | "org",
+      displayName: r.displayName,
+      authClass: r.authClass,
+      authNumber: r.authNumber,
+      isDefault: r.isDefault,
+      notes: r.notes,
+    })),
+    ...envVisible,
+  ];
+
+  return NextResponse.json({ options: out });
+}
+
+export async function POST(request: Request) {
+  const session = await getAuthSession();
+  const userId = sessionUserId(session);
+  if (!userId) return NextResponse.json({ error: "Unauthorized" }, { status: 401 });
+
+  const body = (await request.json()) as Partial<SignAsCreateInput>;
+  if (!body.kind || (body.kind !== "user" && body.kind !== "org")) {
+    return NextResponse.json({ error: "kind_invalid" }, { status: 400 });
+  }
+  if (!body.displayName?.trim()) {
+    return NextResponse.json({ error: "displayName_required" }, { status: 400 });
+  }
+  if (!body.authNumber?.trim()) {
+    return NextResponse.json({ error: "authNumber_required" }, { status: 400 });
+  }
+
+  if (body.isDefault) {
+    await prisma.signatory.updateMany({
+      where: { userId, isDefault: true },
+      data: { isDefault: false },
+    });
+  }
+
+  const row = await prisma.signatory.create({
+    data: {
+      userId,
+      kind: body.kind,
+      displayName: body.displayName.trim(),
+      authClass: body.authClass?.trim() || null,
+      authNumber: body.authNumber.trim(),
+      isDefault: Boolean(body.isDefault),
+      notes: body.notes?.trim() || null,
+    },
+  });
+
+  return NextResponse.json({
+    option: {
+      id: row.id,
+      source: "db" as const,
+      kind: row.kind as "user" | "org",
+      displayName: row.displayName,
+      authClass: row.authClass,
+      authNumber: row.authNumber,
+      isDefault: row.isDefault,
+      notes: row.notes,
+    },
+  });
+}