orion

Author	SHA1	Message	Date
Samir Boulahtit	cad862f469	refactor(api): introduce UserContext schema for API dependency injection Replace direct User database model imports in API endpoints with UserContext schema, following the architecture principle that API routes should not import database models directly. Changes: - Create UserContext schema in models/schema/auth.py with from_user() factory - Update app/api/deps.py to return UserContext from all auth dependencies - Add _get_user_model() helper for functions needing User model access - Update 58 API endpoint files to use UserContext instead of User - Add noqa comments for 4 legitimate edge cases (enums, internal helpers) Architecture validation: 0 errors (down from 61), 11 warnings remain Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>	2026-01-30 20:47:33 +01:00
Samir Boulahtit	b9f08b853f	refactor: clean up legacy models and migrate remaining schemas Delete empty stub files from models/database/: - audit.py, backup.py, configuration.py, monitoring.py - notification.py, payment.py, search.py, task.py Delete re-export files: - models/database/subscription.py → app.modules.billing.models - models/database/architecture_scan.py → app.modules.dev_tools.models - models/database/test_run.py → app.modules.dev_tools.models - models/schema/subscription.py → app.modules.billing.schemas - models/schema/marketplace.py (empty) - models/schema/monitoring.py (empty) Migrate schemas to canonical module locations: - billing.py → app/modules/billing/schemas/ - vendor_product.py → app/modules/catalog/schemas/ - homepage_sections.py → app/modules/cms/schemas/ Keep as CORE (framework-level, used everywhere): - models/schema/: admin, auth, base, company, email, image, media, team, vendor* - models/database/: admin, base, company, email, feature, media, platform, user, vendor* Update 30+ files to use canonical import locations. Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>	2026-01-30 18:45:46 +01:00
Samir Boulahtit	eeafe6389f	fix: resolve all remaining legacy import issues - Update models/database/__init__.py to import from module locations - Update models/schema/__init__.py to remove deleted modules - Update models/__init__.py to import Inventory from module - Remove duplicate AdminNotification from models/database/admin.py - Fix monitoring module to import AdminNotification from messaging - Update stats schema imports in admin/vendor API - Update notification schema imports - Add order_item_exception.py schema to orders module - Fix app/api/v1/__init__.py to use storefront instead of shop - Add cms_admin_pages import to main.py - Fix password_reset_token imports - Fix AdminNotification test imports Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>	2026-01-30 09:21:29 +01:00
Samir Boulahtit	2792414395	feat: add Celery/Redis task queue with feature flag support Migrate background tasks from FastAPI BackgroundTasks to Celery with Redis for persistent task queuing, retries, and scheduled jobs. Key changes: - Add Celery configuration with Redis broker/backend - Create task dispatcher with USE_CELERY feature flag for gradual rollout - Add Celery task wrappers for all background operations: - Marketplace imports - Letzshop historical imports - Product exports - Code quality scans - Test runs - Subscription scheduled tasks (via Celery Beat) - Add celery_task_id column to job tables for Flower integration - Add Flower dashboard link to admin background tasks page - Update docker-compose.yml with worker, beat, and flower services - Add Makefile targets: celery-worker, celery-beat, celery-dev, flower When USE_CELERY=false (default), system falls back to FastAPI BackgroundTasks for development without Redis dependency. Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>	2026-01-11 17:35:16 +01:00
Samir Boulahtit	d50b154823	fix: resolve architecture validation errors and warnings - Move database operations from API to service layer: - Add create_pending_scan() method to code_quality_service - Add get_running_scans() method to code_quality_service - Update API to use service methods instead of direct db queries - Replace inline SVG spinner with $icon('spinner', ...) helper - Add comment documenting custom dropdown exception Validation now passes with 0 errors. 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>	2025-12-21 21:07:18 +01:00
Samir Boulahtit	6a903e16c6	feat: implement background task architecture for code quality scans - Add status fields to ArchitectureScan model (status, started_at, completed_at, error_message, progress_message) - Create database migration for new status fields - Create background task function execute_code_quality_scan() - Update API to return 202 with job IDs and support polling - Add code quality scans to unified BackgroundTasksService - Integrate scans into background tasks API and page - Implement frontend polling with 3-second interval - Add progress banner showing scan status - Users can navigate away while scans run in background - Document the implementation in architecture docs 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>	2025-12-21 20:57:08 +01:00
Samir Boulahtit	9920430b9e	fix: correct tojson\|safe usage in templates and update validator - Remove \|safe from \|tojson in HTML attributes (x-data) - quotes must become " for browsers to parse correctly - Update LANG-002 and LANG-003 architecture rules to document correct \|tojson usage patterns: - HTML attributes: \|tojson (no \|safe) - Script blocks: \|tojson\|safe - Fix validator to warn when \|tojson\|safe is used in x-data (breaks HTML attribute parsing) - Improve code quality across services, APIs, and tests 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>	2025-12-13 22:59:51 +01:00
Samir Boulahtit	22c4937779	feat: add proper Pydantic response_model to all stats endpoints - Create comprehensive stats schemas in models/schema/stats.py: - ImportStatsResponse, UserStatsResponse, ProductStatsResponse - PlatformStatsResponse, AdminDashboardResponse - VendorDashboardStatsResponse with nested models - VendorAnalyticsResponse, CodeQualityDashboardStatsResponse - Move DashboardStatsResponse from code_quality.py to schema file - Fix get_vendor_statistics() to return pending_vendors field - Fix get_vendor_stats() to return flat structure matching schema - Add response_model to all stats endpoints: - GET /admin/dashboard -> AdminDashboardResponse - GET /admin/dashboard/stats/platform -> PlatformStatsResponse - GET /admin/marketplace-import-jobs/stats -> ImportStatsResponse - GET /vendor/dashboard/stats -> VendorDashboardStatsResponse - GET /vendor/analytics -> VendorAnalyticsResponse - Enhance API-001 architecture rule with detailed guidance - Add SVC-007 rule for service/schema compatibility 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>	2025-12-11 17:29:35 +01:00
Samir Boulahtit	3520bcb069	refactor: move transaction management from services to API endpoints - Services now use db.flush() instead of db.commit() for database operations - API endpoints handle transaction commit after service calls - Remove db.rollback() from services (let exception handlers manage this) - Ensures consistent transaction boundaries at API layer This pattern gives API endpoints full control over when to commit, allowing for better error handling and potential multi-operation transactions. 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>	2025-12-06 18:34:41 +01:00
Samir Boulahtit	8a367077e1	refactor: migrate vendor APIs to token-based context and consolidate architecture ## Vendor-in-Token Architecture (Complete Migration) - Migrate all vendor API endpoints from require_vendor_context() to token_vendor_id - Update permission dependencies to extract vendor from JWT token - Add vendor exceptions: VendorAccessDeniedException, VendorOwnerOnlyException, InsufficientVendorPermissionsException - Shop endpoints retain require_vendor_context() for URL-based detection - Add AUTH-004 architecture rule enforcing vendor context patterns - Fix marketplace router missing /marketplace prefix ## Exception Pattern Fixes (API-003/API-004) - Services raise domain exceptions, endpoints let them bubble up - Add code_quality and content_page exception modules - Move business logic from endpoints to services (admin, auth, content_page) - Fix exception handling in admin, shop, and vendor endpoints ## Tailwind CSS Consolidation - Consolidate CSS to per-area files (admin, vendor, shop, platform) - Remove shared/cdn-fallback.html and shared/css/tailwind.min.css - Update all templates to use area-specific Tailwind output files - Remove Node.js config (package.json, postcss.config.js, tailwind.config.js) ## Documentation & Cleanup - Update vendor-in-token-architecture.md with completed migration status - Update architecture-rules.md with new rules - Move migration docs to docs/development/migration/ - Remove duplicate/obsolete documentation files - Merge pytest.ini settings into pyproject.toml 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <noreply@anthropic.com>	2025-12-04 22:24:45 +01:00
Samir Boulahtit	c7c2c83007	fix: add missing last_scan field in code quality dashboard empty state Problem: - GET /api/v1/admin/code-quality/stats returned 500 error - Pydantic validation error: "last_scan Field required" - When no scan data exists, service returned dict without last_scan field - DashboardStatsResponse model required last_scan field Solution: 1. Added last_scan: None to empty state return dictionary 2. Made last_scan field explicitly optional with default value (= None) 3. Ensures field is always present in response Changes: - app/services/code_quality_service.py: Added "last_scan": None - app/api/v1/admin/code_quality.py: Changed to last_scan: str \| None = None This fixes the 500 error when accessing /admin/code-quality page with no architecture scan data in the database. 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <noreply@anthropic.com>	2025-11-28 20:15:07 +01:00
Samir Boulahtit	238c1ec9b8	refactor: modernize code quality tooling with Ruff - Replace black, isort, and flake8 with Ruff (all-in-one linter and formatter) - Add comprehensive pyproject.toml configuration - Simplify Makefile code quality targets - Configure exclusions for venv/.venv in pyproject.toml - Auto-fix 1,359 linting issues across codebase Benefits: - Much faster builds (Ruff is written in Rust) - Single tool replaces multiple tools - More comprehensive rule set (UP, B, C4, SIM, PIE, RET, Q) - All configuration centralized in pyproject.toml - Better import sorting and formatting consistency 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <noreply@anthropic.com>	2025-11-28 19:37:38 +01:00
Samir Boulahtit	21c13ca39b	style: apply black and isort formatting across entire codebase - Standardize quote style (single to double quotes) - Reorder and group imports alphabetically - Fix line breaks and indentation for consistency - Apply PEP 8 formatting standards Also updated Makefile to exclude both venv and .venv from code quality checks. 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <noreply@anthropic.com>	2025-11-28 19:30:17 +01:00
Samir Boulahtit	9db0da25ec	feat: implement code quality dashboard with architecture violation tracking Implement comprehensive code quality dashboard (Phase 2-4) to track and manage architecture violations found by the validation script. Backend Implementation: - Add JSON output support to validate_architecture.py script - Create CodeQualityService with scan management, violation tracking, and statistics - Implement REST API endpoints for code quality management: * POST /admin/code-quality/scan - trigger new architecture scan * GET /admin/code-quality/scans - list scan history * GET /admin/code-quality/violations - list violations with filtering/pagination * GET /admin/code-quality/violations/{id} - get violation details * POST /admin/code-quality/violations/{id}/assign - assign to developer * POST /admin/code-quality/violations/{id}/resolve - mark as resolved * POST /admin/code-quality/violations/{id}/ignore - mark as ignored * POST /admin/code-quality/violations/{id}/comments - add comments * GET /admin/code-quality/stats - dashboard statistics - Fix architecture_scan model imports to use app.core.database Frontend Implementation: - Create code quality dashboard page (code-quality-dashboard.html) * Summary cards for total violations, errors, warnings, health score * Status breakdown (open, assigned, resolved, ignored) * Trend visualization for last 7 scans * Top violating files list * Violations by rule and module * Quick action links - Create violations list page (code-quality-violations.html) * Filterable table by severity, status, rule ID, file path * Pagination support * Violation detail view links - Add Alpine.js components (code-quality-dashboard.js, code-quality-violations.js) * Dashboard state management and scan triggering * Violations list with filtering and pagination * API integration with authentication - Add "Code Quality" navigation link in admin sidebar (Developer Tools section) Routes: - GET /admin/code-quality - dashboard page - GET /admin/code-quality/violations - violations list - GET /admin/code-quality/violations/{id} - violation details Features: - Real-time scan execution from UI - Technical debt score calculation (0-100 scale) - Violation workflow: open → assigned → resolved/ignored - Trend tracking across multiple scans - File and module-level insights - Assignment system with priorities and due dates - Collaborative comments on violations 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <noreply@anthropic.com>	2025-11-28 09:40:14 +01:00

14 Commits