celery-beat was missing env_file and DATABASE_URL, so it had no access
to app config (Stripe keys, etc.). Also downgrade "Stripe API key not
configured" from warning to debug to stop log spam when Stripe is not
yet set up.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Remove all hardcoded OMS-specific content from platform base template:
nav links, contact info, brand name, and footer columns. Everything is
now dynamic via platform model and CMS page queries. Wire up legal_pages
context (privacy/terms) from database instead of hardcoded fallback.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
_get_tiers_data() was querying all active tiers across all platforms.
Now accepts platform_id parameter to scope tiers to the current platform.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
- Add ProductCard/ProductsSection schema and _products.html section macro
- Rewrite seed script with 3-platform homepage sections (wizard, OMS, loyalty),
platform marketing pages, and store defaults with {{store_name}} placeholders
- Add resolve_placeholders() to ContentPageService for store default pages
- Fix SQLAlchemy filter bugs: replace Python `is None` with `.is_(None)` across
all ContentPageService query methods (was silently breaking all platform page lookups)
- Remove hardcoded orion fallback and delete homepage-orion.html
- Add placeholder hint box with click-to-copy in admin content page editor
- Export ProductCard/ProductsSection from cms schemas __init__
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Add OnboardingProviderProtocol so modules declare their own post-signup
onboarding steps. The core OnboardingAggregator discovers enabled
providers and exposes a dashboard API (GET /dashboard/onboarding).
A session-scoped banner on the store dashboard shows a checklist that
guides merchants through setup without blocking signup.
Signup is simplified from 4 steps to 3 (Plan → Account → Payment):
store creation is merged into account creation, store language is
captured from the user's browsing language, and platform-specific
template branching is removed.
Includes 47 unit and integration tests covering all new providers,
the aggregator, the API endpoint, and the signup service changes.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Move core signup service from marketplace to billing module, add
automatic Stripe product/price sync for tiers, create loyalty-specific
signup wizard, and enforce that platform is always explicitly known
(no silent defaulting to primary/hardcoded ID).
Key changes:
- New billing SignupService with separated account/store creation steps
- Stripe auto-sync on tier create/update (new prices, archive old)
- Loyalty signup template (Plan → Account → Store → Payment)
- platform_code is now required throughout the signup flow
- Pricing/signup pages return 404 if platform not detected
- OMS-specific logic (Letzshop claiming) stays in marketplace module
- Bootstrap script: scripts/seed/sync_stripe_products.py
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Move db.commit() from services to API endpoints and Celery tasks.
Services now use db.flush() only; endpoints own the transaction.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Migrates scanning pipeline from marketing-.lu-domains app into Orion module.
Supports digital (domain scan) and offline (manual capture) lead channels
with enrichment, scoring, campaign management, and interaction tracking.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Rename loadMenuConfig() → loadUserMenuConfig() in adminMyMenuConfig()
to avoid shadowing the sidebar's loadMenuConfig() inherited from data()
via the spread operator. The name collision caused the sidebar to never
populate its menuData, showing only the fallback "Dashboard" link.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
All route files (admin.py, store.py) now export `router` instead of
`admin_router`/`store_router`. Consumer code (definition.py, __init__.py)
imports as `router as admin_router` where distinction is needed.
ModuleDefinition fields remain admin_router/store_router.
64 files changed across all modules. Architecture rules, docs, and
migration plan updated. Added noqa:API001 support to validator for
pre-existing raw dict endpoints now visible with standardized router name.
All 1114 tests pass.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Enforce MOD-025/MOD-026 rules: zero top-level cross-module model imports
remain in any service file. All 66 files migrated using deferred import
patterns (method-body, _get_model() helpers, instance-cached self._Model)
and new cross-module service methods in tenancy. Documentation updated
with Pattern 6 (deferred imports), migration plan marked complete, and
violations status reflects 84→0 service-layer violations.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Move all auth schemas (UserContext, UserLogin, LoginResponse, etc.) from
legacy models/schema/auth.py to app/modules/tenancy/schemas/auth.py per
MOD-019. Update 84 import sites across 14 modules. Legacy file now
re-exports for backwards compatibility.
Add missing tenancy service methods for cross-module consumers:
- merchant_service.get_merchant_by_owner_id()
- merchant_service.get_merchant_count_for_owner()
- admin_service.get_user_by_id() (public, was private-only)
- platform_service.get_active_store_count()
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
- Add admin store roles page with merchant→store cascading for superadmin
and store-only selection for platform admin
- Add permission catalog API with translated labels/descriptions (en/fr/de/lb)
- Add permission translations to all 15 module locale files (60 files total)
- Add info icon tooltips for permission descriptions in role editor
- Add store roles menu item and admin menu item in module definition
- Fix store-selector.js URL construction bug when apiEndpoint has query params
- Add admin store roles API (CRUD + platform scoping)
- Add integration tests for admin store roles and permission catalog
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
createModuleLogger is not available in store context. Use the same
window.LogConfig.createLogger pattern as team.js.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
The inline storeRoles() was missing ...data() spread, causing Alpine
errors for dark mode, sidebar, storeCode etc. Follow the same pattern
as team.js: external JS file with ...data() and parent init() call.
Uses apiClient and Utils.showToast per architecture rules.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Add 4-layer access control stack (subscription → module → menu → permissions):
- P1: Wire requires_permission into menu sidebar filtering
- P2: Expose window.USER_PERMISSIONS for Alpine.js client-side gating
- P3: Add page-level permission guards on store routes
- P4: Role CRUD API endpoints and role editor UI
- P5: Audit trail for all role/permission changes
Includes unit tests (menu permission filtering, role CRUD service) and
integration tests (role API endpoints). All 404 core+tenancy tests pass.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Add UNIQUE(custom_subdomain, platform_id) on store_platforms to prevent
two stores from claiming the same subdomain on the same platform.
Add UNIQUE(store_id, platform_id) on store_domains to enforce one custom
domain per store per platform.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Double-mount store routes at /store/* and /store/{store_code}/* so the
same handlers work in dev path-based, prod path-based, prod subdomain,
and prod custom-domain modes. Wire StorePlatform.custom_subdomain into
StoreContextMiddleware for per-platform subdomain overrides. Add admin
custom-domain management UI, fix stale /shop/ reset link, add
/merchants/ to reserved paths, and server-render window.STORE_CODE for
JS that previously parsed the URL.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Replace hand-written inline modal HTML in programs.html,
merchant-detail.html, and program-edit.html with the project's
confirm_modal, confirm_modal_dynamic, and modal macros from
shared/macros/modals.html. Resolves all 4 FE-004 architecture warnings.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Add /admin/loyalty/merchants/{id}/program route for program configuration
with a dedicated Alpine.js edit page supporting create/edit/delete flows.
Restructure programs dashboard with create modal (merchant search +
duplicate detection) and delete confirmation. Rename "Loyalty Settings"
to "Admin Policy" for clearer separation of concerns.
Add integration tests for all admin page routes (12 tests) and program
list search/filter/pagination endpoints (9 tests).
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Move program CRUD from store to merchant/admin interfaces.
Store becomes view-only for program config while merchant gets
full CRUD and admin gets override capabilities.
Merchant portal:
- New API endpoints (GET/POST/PATCH/DELETE /program)
- New settings page with create/edit/delete form
- Overview page now has Create/Edit Program buttons
- Settings menu item added to sidebar
Admin portal:
- New CRUD endpoints (create for merchant, update, delete)
- New activate/deactivate program endpoints
- Programs list has edit and toggle buttons per row
- Merchant detail has create/delete/toggle program actions
Store portal:
- Removed POST/PATCH /program endpoints (now read-only)
- Removed settings page route and template
- Terminal, cards, stats, enroll unchanged
Tests: 112 passed (58 new) covering merchant API, admin CRUD,
store endpoint removal, and program service unit tests.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Covers card lookup route ordering, func.replace normalization, customer
name in transactions, self-enrollment creation, and earn points endpoint.
54 tests total (was 1).
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Replace naive points_delta > 0 check with actual transaction_type
labels. Previously card_created showed as "Redeemed" because
points_delta was 0. Now uses a label map matching all TransactionType
enum values with appropriate color coding.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
- Add customer_id to card fixtures (NOT NULL constraint)
- Use test_customer shared fixture instead of inline Customer creation
- Fix mock path to target source module for lazy imports
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Module config only reads from os.environ (not .env), so wallet settings
were always None. Core Settings already loads these via env_file=".env".
Also adds comprehensive wallet creation tests with mocked Google API.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
LoyaltyCard.card_number is a SQLAlchemy column, not a string —
cannot call .replace() on it. Use func.replace() for the SQL query.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Move /cards/lookup (GET and POST) before /cards/{card_id} so FastAPI
matches the literal path before the parameterized one. Previously,
"lookup" was parsed as card_id (int), causing a 422 validation error.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
- Rename menu item IDs to match URL last segments (terminal, cards,
stats) so the sidebar active state comparison works correctly
- Change "Dashboard" label to "Terminal" for the loyalty terminal page
- Point menu route directly to /loyalty/terminal (skip redirect)
- Add "terminal" translation key in all locale files (en, de, fr, lb)
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Fix feature-store.js calling /store/features/available instead of
/store/billing/features/available (missing module prefix caused 404).
Also handle platform-prefixed URLs in getStoreCode().
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Align Alpine.js base component naming with storefront terminology.
Updated across all storefront JS, templates, and documentation.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
- Fix GET /cards/{card_id} 500 error (program_type → loyalty_type)
- Add GET /transactions endpoint for store-wide recent transactions
- Add get_store_transactions service method (merchant-scoped, store-filterable)
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
- Fix storefront enabled_modules always empty (page_context overwrote computed
set with empty default via extra_context)
- Fix storefront loyalty JS using store's data() instead of shopLayoutData()
- Remove defer from storefront loyalty scripts to prevent Alpine race condition
- Fix enrollment field name mismatch (customer_email → email) in both store
and storefront JS
- Add self-enrollment customer creation (resolve_customer_id with
create_if_missing) including hashed_password and customer_number
- Fix card list showing "Unknown" — add customer_name/email to CardResponse
- Add GET /cards/{card_id} detail endpoint for store card detail page
- Fix enroll-success.html using data() instead of shopLayoutData()
- Fix enrollment redirect reading response.card_number instead of
response.card.card_number
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
The terminal JS uses GET with a free-text ?q= parameter, but only a POST
endpoint existed with typed params (card_id, qr_code, card_number).
- Add search_card_for_store service method (tries card number then email)
- Add GET /cards/lookup route using the service method
- Extract _build_card_lookup_response helper to DRY up POST and GET endpoints
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
- Add merchant loyalty overview route and template (was 404)
- Fix store loyalty route paths to match menu URLs (/{store_code}/loyalty/...)
- Add loyalty rewards card to storefront account dashboard
- Fix merchant overview to resolve merchant via get_merchant_for_current_user_page
- Fix store login to use store's primary platform for JWT token (interim fix)
- Fix apiClient to attach status/errorCode to thrown errors (fixes error.status
checks in 12+ JS files — loyalty settings, terminal, email templates, etc.)
- Hide "Add Product" sidebar button when catalog module is not enabled
- Add proposal doc for proper platform detection in store login flow
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Tier codes are not unique across platforms (e.g., "essential" exists for
OMS, marketplace, and loyalty). Using tier_code caused feature limits to
be saved to the wrong tier. Switched to tier_id (unique PK) in routes,
service, and frontend JS. Added comprehensive unit and integration tests
including cross-platform isolation regression tests.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
- Extract store/platform context from Referer header for storefront API requests
(StoreContextMiddleware and PlatformContextMiddleware) so login POST works in
dev mode where API paths lack /platforms/{code}/ prefix
- Set customer token cookie path to "/" for cross-route compatibility
- Fix double storefront in URLs: replace {{ base_url }}storefront/ with {{ base_url }}
across all 24 storefront templates
- Fix auth error redirect to include platform prefix and use store_code
- Update seed script to output correct storefront login URLs
- Add 20 new unit tests covering all fixes; fix 9 pre-existing test failures
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Connect the fully-implemented Google Wallet service to the loyalty module:
- Create wallet class/object on customer enrollment
- Sync wallet passes on stamp and points operations
- Expose wallet URLs in storefront API responses
- Add conditional "Add to Google Wallet" buttons on dashboard and enroll-success pages
- Use platform-wide env var config (not per-merchant DB column)
- Add Google service account patterns to .gitignore
- Add LOYALTY_GOOGLE_* fields to app Settings
- Update deployment docs and add local testing guide
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
- Add cookie to ADMIN resolution chain (cookie → user_pref → "en")
- Add explicit MERCHANT resolution (cookie → user_pref → "fr")
- Add language selector dropdown to admin and merchant headers
- Add languageSelector() function to merchant init-alpine.js
- Add flag-icons CSS and i18n.js setup to merchant base template
- Add compact flag-based language selector to both login pages
- Make lang attribute dynamic on all base and login templates
- Pass current_language to login route template context
- Update architecture doc with ADMIN/MERCHANT resolution priorities
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
- Seed default RBAC roles per store and assign role_id to StoreUser
records (was never implemented after RBAC Phase 1 cleanup)
- Handle nullable role in auth_service find_user_store and
get_user_store_role to prevent NoneType crash on login
- Use platform_clean_path instead of clean_path in FrontendTypeMiddleware
so /store/X/dashboard is detected as STORE, not STOREFRONT
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
- Fix store menu API URL (/store/menu/render/store, not /store/core/...)
- Fix storeLog/merchantLog fallback to console object instead of console.log
- Embed platform_id/platform_code in store JWT from URL context at login
- Use token_platform_id in store menu endpoint with DB fallback for old tokens
- Add "Menu unavailable" warning in sidebar fallback for all three frontends
- Standardize admin section default to all-open (consistent with store/merchant)
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
- Add "Merchant Frontend" tab to admin menu-config page
- Merchant render endpoint now respects AdminMenuConfig visibility
via get_merchant_primary_platform_id() platform resolution
- New store menu render endpoint (GET /store/core/menu/render/store)
with platform-scoped visibility and store_code interpolation
- Store sidebar migrated from hardcoded Jinja2 macros to dynamic
Alpine.js x-for rendering with loading skeleton and fallback
- Store init-alpine.js: add loadMenuConfig(), expandSectionForCurrentPage()
- Include store page route fixes, login template updates, and tests
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
