Samir Boulahtit
d99633345f
Adds acting_terminal_device_id to loyalty_transactions so the audit log can distinguish between operations performed via the web terminal (human user JWT) and operations performed via a paired tablet (device JWT). The principal-of-record stays the pairing user — existing reports keep working — and this column adds "which tablet did it" alongside. Threaded through every store-API endpoint that creates a transaction (stamp add/redeem/void, points earn/redeem/void/adjust, enrollment + welcome bonus, card deactivate/reactivate). The route reads current_user.terminal_device_id, which the bearer-auth dep populates when a device JWT is presented. User-token requests leave the column NULL, as covered by the new test. Bulk admin operations (GDPR anonymization, bulk deactivate) and Celery tasks (point expiration) are not threaded — they always come from a human admin or the scheduler, never a tablet. - Migration loyalty_011 + LoyaltyTransaction.acting_terminal_device_id - 9 service signatures gain the optional kwarg - 8 store-API routes pass it through - Integration tests: device JWT populates the column, user JWT leaves it NULL Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
10 KiB
10 KiB