bakery-admin/bakery-ia
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Initial commit - production deployment

Browse Source
This commit is contained in:
Bakery Admin
2026-01-21 17:17:16 +01:00
commit c23d00dd92
2289 changed files with 638440 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

857
services/pos/app/api/pos_operations.py Normal file
View File

@@ -0,0 +1,857 @@
"""
POS Operations API Endpoints
BUSINESS layer - Sync operations, webhooks, reconciliation, and test connection
"""
from fastapi import APIRouter, Depends, HTTPException, Path, Query, Body, Request, Header
from typing import Optional, Dict, Any
from uuid import UUID
from datetime import datetime
import structlog
import json
from app.core.database import get_db
from shared.auth.decorators import get_current_user_dep
from shared.auth.access_control import require_user_role, admin_role_required, service_only_access
from shared.routing import RouteBuilder
from app.services.pos_transaction_service import POSTransactionService
from app.services.pos_config_service import POSConfigurationService
from app.services.pos_webhook_service import POSWebhookService
from app.services.pos_sync_service import POSSyncService
from app.services.tenant_deletion_service import POSTenantDeletionService
router = APIRouter()
logger = structlog.get_logger()
route_builder = RouteBuilder('pos')
# ============================================================================
# Sync Operations
# ============================================================================
@router.post(
route_builder.build_operations_route("sync"),
response_model=dict
)
@require_user_role(['member', 'admin', 'owner'])
async def trigger_sync(
sync_request: Dict[str, Any],
tenant_id: UUID = Path(...),
current_user: dict = Depends(get_current_user_dep),
db=Depends(get_db)
):
"""Trigger manual synchronization with POS system (Member+)"""
try:
sync_type = sync_request.get("sync_type", "incremental")
data_types = sync_request.get("data_types", ["transactions"])
config_id = sync_request.get("config_id")
if not config_id:
raise HTTPException(status_code=400, detail="config_id is required")
# Get POS configuration to determine system type
config_service = POSConfigurationService()
configs = await config_service.get_configurations_by_tenant(tenant_id, skip=0, limit=100)
config = next((c for c in configs if str(c.id) == str(config_id)), None)
if not config:
raise HTTPException(status_code=404, detail="POS configuration not found")
# Create sync job
sync_service = POSSyncService(db)
sync_log = await sync_service.create_sync_job(
tenant_id=tenant_id,
pos_config_id=UUID(config_id),
pos_system=config.pos_system,
sync_type=sync_type,
data_types=data_types
)
logger.info("Manual sync triggered",
tenant_id=tenant_id,
config_id=config_id,
sync_id=str(sync_log.id),
sync_type=sync_type,
user_id=current_user.get("user_id"))
return {
"message": "Sync triggered successfully",
"sync_id": str(sync_log.id),
"status": "queued",
"sync_type": sync_type,
"data_types": data_types,
"estimated_duration": "5-10 minutes"
}
except HTTPException:
raise
except Exception as e:
logger.error("Failed to trigger sync", error=str(e), tenant_id=tenant_id)
raise HTTPException(status_code=500, detail=f"Failed to trigger sync: {str(e)}")
@router.get(
route_builder.build_operations_route("sync-status"),
response_model=dict
)
@require_user_role(['viewer', 'member', 'admin', 'owner'])
async def get_sync_status(
tenant_id: UUID = Path(...),
config_id: Optional[UUID] = Query(None),
limit: int = Query(10, ge=1, le=100),
current_user: dict = Depends(get_current_user_dep),
db=Depends(get_db)
):
"""Get synchronization status and recent sync history"""
try:
transaction_service = POSTransactionService()
sync_service = POSSyncService(db)
# Get sync metrics from transaction service
sync_metrics = await transaction_service.get_sync_metrics(tenant_id)
# Get last successful sync time
sync_status = sync_metrics["sync_status"]
last_successful_sync = sync_status.get("last_sync_at")
# Calculate sync success rate
total = sync_metrics["total_transactions"]
synced = sync_status.get("synced", 0)
success_rate = (synced / total * 100) if total > 0 else 100.0
# Calculate actual average duration from sync logs
average_duration_minutes = await sync_service.calculate_average_duration(
tenant_id=tenant_id,
pos_config_id=config_id,
days=30
)
return {
"current_sync": None,
"last_successful_sync": last_successful_sync.isoformat() if last_successful_sync else None,
"recent_syncs": [], # Could be enhanced with actual sync history
"sync_health": {
"status": "healthy" if success_rate > 90 else "degraded" if success_rate > 70 else "unhealthy",
"success_rate": round(success_rate, 2),
"average_duration_minutes": average_duration_minutes,
"last_error": None,
"total_transactions": total,
"synced_count": synced,
"pending_count": sync_status.get("pending", 0),
"failed_count": sync_status.get("failed", 0)
}
}
except Exception as e:
logger.error("Failed to get sync status", error=str(e), tenant_id=tenant_id)
raise HTTPException(status_code=500, detail=f"Failed to get sync status: {str(e)}")
@router.get(
route_builder.build_operations_route("sync-logs"),
response_model=dict
)
@require_user_role(['viewer', 'member', 'admin', 'owner'])
async def get_sync_logs(
tenant_id: UUID = Path(...),
config_id: Optional[UUID] = Query(None),
limit: int = Query(50, ge=1, le=200),
offset: int = Query(0, ge=0),
status: Optional[str] = Query(None),
sync_type: Optional[str] = Query(None),
current_user: dict = Depends(get_current_user_dep),
db=Depends(get_db)
):
"""Get detailed sync logs"""
try:
sync_service = POSSyncService(db)
logs_data = await sync_service.get_sync_logs(
tenant_id=tenant_id,
config_id=config_id,
status=status,
sync_type=sync_type,
limit=limit,
offset=offset
)
return logs_data
except Exception as e:
logger.error("Failed to get sync logs", error=str(e), tenant_id=tenant_id)
raise HTTPException(status_code=500, detail=f"Failed to get sync logs: {str(e)}")
@router.post(
route_builder.build_operations_route("resync-failed"),
response_model=dict
)
@admin_role_required
async def resync_failed_transactions(
tenant_id: UUID = Path(...),
days_back: int = Query(7, ge=1, le=90),
current_user: dict = Depends(get_current_user_dep),
db=Depends(get_db)
):
"""Resync failed transactions from the specified time period (Admin/Owner only)"""
try:
# Get active POS configuration for tenant
config_service = POSConfigurationService()
configs = await config_service.get_configurations_by_tenant(
tenant_id=tenant_id,
is_active=True,
skip=0,
limit=1
)
if not configs:
raise HTTPException(status_code=404, detail="No active POS configuration found")
config = configs[0]
# Create resync job
sync_service = POSSyncService(db)
sync_log = await sync_service.create_sync_job(
tenant_id=tenant_id,
pos_config_id=config.id,
pos_system=config.pos_system,
sync_type="resync_failed",
data_types=["transactions"]
)
logger.info("Resync failed transactions requested",
tenant_id=tenant_id,
days_back=days_back,
sync_id=str(sync_log.id),
user_id=current_user.get("user_id"))
return {
"message": "Resync job queued successfully",
"job_id": str(sync_log.id),
"scope": f"Failed transactions from last {days_back} days",
"estimated_transactions": 0
}
except HTTPException:
raise
except Exception as e:
logger.error("Failed to queue resync job", error=str(e), tenant_id=tenant_id)
raise HTTPException(status_code=500, detail=f"Failed to queue resync job: {str(e)}")
@router.post(
route_builder.build_operations_route("test-connection"),
response_model=dict
)
@admin_role_required
async def test_pos_connection(
tenant_id: UUID = Path(...),
config_id: UUID = Query(...),
current_user: dict = Depends(get_current_user_dep),
db=Depends(get_db)
):
"""Test connection to POS system (Admin/Owner only)"""
try:
config_service = POSConfigurationService()
# Get the configuration to verify it exists
configurations = await config_service.get_configurations_by_tenant(
tenant_id=tenant_id,
skip=0,
limit=100
)
config = next((c for c in configurations if str(c.id) == str(config_id)), None)
if not config:
raise HTTPException(status_code=404, detail="Configuration not found")
# For demo purposes, we assume connection is successful if config exists
# In production, this would actually test the POS API connection
is_connected = config.is_connected and config.is_active
return {
"success": is_connected,
"status": "success" if is_connected else "failed",
"message": f"Connection test {'successful' if is_connected else 'failed'} for {config.pos_system}",
"tested_at": datetime.utcnow().isoformat(),
"config_id": str(config_id),
"pos_system": config.pos_system,
"health_status": config.health_status
}
except HTTPException:
raise
except Exception as e:
logger.error("Failed to test POS connection", error=str(e),
tenant_id=tenant_id, config_id=config_id)
raise HTTPException(status_code=500, detail=f"Failed to test connection: {str(e)}")
# ============================================================================
# Webhook Operations
# ============================================================================
@router.post(
route_builder.build_webhook_route("{pos_system}"),
response_model=dict
)
async def receive_webhook(
request: Request,
pos_system: str = Path(..., description="POS system name"),
content_type: Optional[str] = Header(None),
x_signature: Optional[str] = Header(None),
x_webhook_signature: Optional[str] = Header(None),
authorization: Optional[str] = Header(None),
db=Depends(get_db)
):
"""
Receive webhooks from POS systems
Supports Square, Toast, and Lightspeed webhook formats
Includes signature verification, database logging, and duplicate detection
"""
webhook_service = POSWebhookService(db)
start_time = datetime.utcnow()
try:
# Validate POS system
supported_systems = ["square", "toast", "lightspeed"]
if pos_system.lower() not in supported_systems:
raise HTTPException(status_code=400, detail=f"Unsupported POS system: {pos_system}")
# Get request details
method = request.method
url_path = str(request.url.path)
query_params = dict(request.query_params)
headers = dict(request.headers)
# Get client IP
client_ip = None
if hasattr(request, 'client') and request.client:
client_ip = request.client.host
# Read payload
try:
body = await request.body()
raw_payload = body.decode('utf-8') if body else ""
payload_size = len(body) if body else 0
# Parse JSON if possible
parsed_payload = None
if raw_payload:
try:
parsed_payload = json.loads(raw_payload)
except json.JSONDecodeError:
logger.warning("Failed to parse webhook payload as JSON",
pos_system=pos_system, payload_size=payload_size)
except Exception as e:
logger.error("Failed to read webhook payload", error=str(e))
raise HTTPException(status_code=400, detail="Failed to read request payload")
# Determine signature from various header formats
signature = x_signature or x_webhook_signature or authorization
# Parse webhook event details
event_details = webhook_service.parse_webhook_event_details(pos_system, parsed_payload or {})
webhook_type = event_details.get("webhook_type") or "unknown"
event_id = event_details.get("event_id")
transaction_id = event_details.get("transaction_id")
order_id = event_details.get("order_id")
# Extract tenant_id from payload
tenant_id = None
if parsed_payload:
tenant_id = await webhook_service.extract_tenant_id_from_payload(pos_system, parsed_payload)
# Check for duplicate webhook
is_duplicate = False
if event_id:
is_duplicate, _ = await webhook_service.check_duplicate_webhook(
pos_system, event_id, tenant_id
)
# Verify webhook signature if tenant is identified
is_signature_valid = None
if signature and tenant_id:
webhook_secret = await webhook_service.get_webhook_secret(pos_system, tenant_id)
if webhook_secret:
is_signature_valid = await webhook_service.verify_webhook_signature(
pos_system, raw_payload, signature, webhook_secret
)
if not is_signature_valid:
logger.warning("Webhook signature verification failed",
pos_system=pos_system,
tenant_id=str(tenant_id))
# Log webhook receipt to database
webhook_log = await webhook_service.log_webhook(
pos_system=pos_system,
webhook_type=webhook_type,
method=method,
url_path=url_path,
query_params=query_params,
headers=headers,
raw_payload=raw_payload,
payload_size=payload_size,
content_type=content_type,
signature=signature,
is_signature_valid=is_signature_valid,
source_ip=client_ip,
event_id=event_id,
tenant_id=tenant_id,
transaction_id=transaction_id,
order_id=order_id
)
# Mark as duplicate if detected
if is_duplicate:
await webhook_service.update_webhook_status(
webhook_log.id,
status="duplicate",
error_message="Duplicate event already processed"
)
logger.info("Duplicate webhook ignored", event_id=event_id)
return _get_webhook_response(pos_system, success=True)
# Queue for async processing via RabbitMQ
try:
from shared.messaging import get_rabbitmq_client
import uuid as uuid_module
rabbitmq_client = get_rabbitmq_client()
if rabbitmq_client:
# Publish POS transaction event for async processing
event_payload = {
"event_id": str(uuid_module.uuid4()),
"event_type": f"pos.{webhook_type}",
"timestamp": datetime.utcnow().isoformat(),
"tenant_id": str(tenant_id) if tenant_id else None,
"data": {
"webhook_log_id": str(webhook_log.id),
"pos_system": pos_system,
"webhook_type": webhook_type,
"payload": webhook_data,
"event_id": event_id
}
}
await rabbitmq_client.publish_event(
exchange_name="pos.events",
routing_key=f"pos.{webhook_type}",
event_data=event_payload
)
logger.info("POS transaction queued for async processing",
event_id=event_payload["event_id"],
webhook_log_id=str(webhook_log.id))
# Update status to queued
processing_duration_ms = int((datetime.utcnow() - start_time).total_seconds() * 1000)
await webhook_service.update_webhook_status(
webhook_log.id,
status="queued",
processing_duration_ms=processing_duration_ms
)
else:
logger.warning("RabbitMQ client not available, marking as received only")
processing_duration_ms = int((datetime.utcnow() - start_time).total_seconds() * 1000)
await webhook_service.update_webhook_status(
webhook_log.id,
status="received",
processing_duration_ms=processing_duration_ms
)
except Exception as queue_error:
logger.error("Failed to queue POS transaction for async processing",
error=str(queue_error),
webhook_log_id=str(webhook_log.id))
# Mark as received even if queuing fails
processing_duration_ms = int((datetime.utcnow() - start_time).total_seconds() * 1000)
await webhook_service.update_webhook_status(
webhook_log.id,
status="received",
processing_duration_ms=processing_duration_ms
)
logger.info("Webhook processed and queued successfully",
pos_system=pos_system,
webhook_type=webhook_type,
event_id=event_id,
tenant_id=str(tenant_id) if tenant_id else None,
webhook_log_id=str(webhook_log.id))
# Return appropriate response based on POS system requirements
return _get_webhook_response(pos_system, success=True)
except HTTPException:
raise
except Exception as e:
logger.error("Webhook processing failed",
error=str(e),
pos_system=pos_system,
exc_info=True)
# Return 500 to trigger POS system retry
raise HTTPException(status_code=500, detail="Webhook processing failed")
def _get_webhook_response(pos_system: str, success: bool = True) -> Dict[str, Any]:
"""Get POS-specific webhook response format"""
if pos_system.lower() == "square":
return {"status": "success" if success else "error"}
elif pos_system.lower() == "toast":
return {"success": success}
elif pos_system.lower() == "lightspeed":
return {"received": success}
else:
return {"status": "received" if success else "error"}
@router.get(
route_builder.build_webhook_route("{pos_system}/status"),
response_model=dict
)
async def get_webhook_status(pos_system: str = Path(..., description="POS system name")):
"""Get webhook endpoint status for a POS system"""
try:
supported_systems = ["square", "toast", "lightspeed"]
if pos_system.lower() not in supported_systems:
raise HTTPException(status_code=400, detail=f"Unsupported POS system: {pos_system}")
return {
"pos_system": pos_system,
"status": "active",
"endpoint": f"/api/v1/webhooks/{pos_system}",
"supported_events": _get_supported_events(pos_system),
"last_received": None,
"total_received": 0
}
except Exception as e:
logger.error("Failed to get webhook status", error=str(e), pos_system=pos_system)
raise HTTPException(status_code=500, detail=f"Failed to get webhook status: {str(e)}")
def _get_supported_events(pos_system: str) -> Dict[str, Any]:
"""Get supported webhook events for each POS system"""
events = {
"square": [
"payment.created",
"payment.updated",
"order.created",
"order.updated",
"order.fulfilled",
"inventory.count.updated"
],
"toast": [
"OrderCreated",
"OrderUpdated",
"OrderPaid",
"OrderCanceled",
"OrderVoided"
],
"lightspeed": [
"order.created",
"order.updated",
"order.paid",
"sale.created",
"sale.updated"
]
}
return {
"events": events.get(pos_system.lower(), []),
"format": "JSON",
"authentication": "signature_verification"
}
# ============================================================================
# Tenant Data Deletion Operations (Internal Service Only)
# ============================================================================
@router.delete(
route_builder.build_base_route("tenant/{tenant_id}", include_tenant_prefix=False),
response_model=dict
)
@service_only_access
async def delete_tenant_data(
tenant_id: str = Path(..., description="Tenant ID to delete data for"),
current_user: dict = Depends(get_current_user_dep),
db=Depends(get_db)
):
"""
Delete all POS data for a tenant (Internal service only)
This endpoint is called by the orchestrator during tenant deletion.
It permanently deletes all POS-related data including:
- POS configurations
- POS transactions and items
- Webhook logs
- Sync logs
- Audit logs
**WARNING**: This operation is irreversible!
Returns:
Deletion summary with counts of deleted records
"""
try:
logger.info("pos.tenant_deletion.api_called", tenant_id=tenant_id)
deletion_service = POSTenantDeletionService(db)
result = await deletion_service.safe_delete_tenant_data(tenant_id)
if not result.success:
raise HTTPException(
status_code=500,
detail=f"Tenant data deletion failed: {', '.join(result.errors)}"
)
return {
"message": "Tenant data deletion completed successfully",
"summary": result.to_dict()
}
except HTTPException:
raise
except Exception as e:
logger.error("pos.tenant_deletion.api_error",
tenant_id=tenant_id,
error=str(e),
exc_info=True)
raise HTTPException(
status_code=500,
detail=f"Failed to delete tenant data: {str(e)}"
)
@router.get(
route_builder.build_base_route("tenant/{tenant_id}/deletion-preview", include_tenant_prefix=False),
response_model=dict
)
@service_only_access
async def preview_tenant_data_deletion(
tenant_id: str = Path(..., description="Tenant ID to preview deletion for"),
current_user: dict = Depends(get_current_user_dep),
db=Depends(get_db)
):
"""
Preview what data would be deleted for a tenant (dry-run)
This endpoint shows counts of all data that would be deleted
without actually deleting anything. Useful for:
- Confirming deletion scope before execution
- Auditing and compliance
- Troubleshooting
Returns:
Dictionary with entity names and their counts
"""
try:
logger.info("pos.tenant_deletion.preview_called", tenant_id=tenant_id)
deletion_service = POSTenantDeletionService(db)
preview = await deletion_service.get_tenant_data_preview(tenant_id)
total_records = sum(preview.values())
return {
"tenant_id": tenant_id,
"service": "pos",
"preview": preview,
"total_records": total_records,
"warning": "These records will be permanently deleted and cannot be recovered"
}
except Exception as e:
logger.error("pos.tenant_deletion.preview_error",
tenant_id=tenant_id,
error=str(e),
exc_info=True)
raise HTTPException(
status_code=500,
detail=f"Failed to preview tenant data deletion: {str(e)}"
)
# ================================================================
# POS TO SALES SYNC ENDPOINTS
# ================================================================
@router.post(
"/tenants/{tenant_id}/pos/transactions/{transaction_id}/sync-to-sales",
summary="Sync single transaction to sales",
description="Manually sync a specific POS transaction to the sales service"
)
async def sync_transaction_to_sales(
tenant_id: UUID = Path(..., description="Tenant ID"),
transaction_id: UUID = Path(..., description="Transaction ID to sync"),
current_user: Dict[str, Any] = Depends(get_current_user_dep)
):
"""
Sync a single POS transaction to the sales service
This endpoint:
- Creates sales records for each item in the transaction
- Automatically decreases inventory stock
- Updates sync status flags
- Returns detailed sync results
"""
try:
from app.services.pos_transaction_service import POSTransactionService
transaction_service = POSTransactionService()
result = await transaction_service.sync_transaction_to_sales(
transaction_id=transaction_id,
tenant_id=tenant_id
)
if result.get("success"):
logger.info("Transaction synced to sales via API",
transaction_id=transaction_id,
tenant_id=tenant_id,
user_id=current_user.get("user_id"))
return {
"success": True,
"message": "Transaction synced successfully",
**result
}
else:
logger.warning("Transaction sync failed via API",
transaction_id=transaction_id,
tenant_id=tenant_id,
error=result.get("error"))
raise HTTPException(
status_code=400,
detail=result.get("error", "Failed to sync transaction")
)
except HTTPException:
raise
except Exception as e:
logger.error("Failed to sync transaction to sales",
error=str(e),
transaction_id=transaction_id,
tenant_id=tenant_id,
exc_info=True)
raise HTTPException(
status_code=500,
detail=f"Failed to sync transaction: {str(e)}"
)
@router.post(
"/tenants/{tenant_id}/pos/transactions/sync-all-to-sales",
summary="Batch sync unsynced transactions",
description="Sync all unsynced POS transactions to the sales service"
)
async def sync_all_transactions_to_sales(
tenant_id: UUID = Path(..., description="Tenant ID"),
limit: int = Query(50, ge=1, le=200, description="Max transactions to sync in one batch"),
current_user: Dict[str, Any] = Depends(get_current_user_dep)
):
"""
Batch sync all unsynced POS transactions to the sales service
This endpoint:
- Finds all unsynced completed transactions
- Syncs each one to the sales service
- Creates sales records and decreases inventory
- Returns summary with success/failure counts
Use this to:
- Manually trigger sync after POS webhooks are received
- Recover from sync failures
- Initial migration of historical POS data
"""
try:
from app.services.pos_transaction_service import POSTransactionService
transaction_service = POSTransactionService()
result = await transaction_service.sync_unsynced_transactions(
tenant_id=tenant_id,
limit=limit
)
logger.info("Batch sync completed via API",
tenant_id=tenant_id,
total=result.get("total_transactions"),
synced=result.get("synced"),
failed=result.get("failed"),
user_id=current_user.get("user_id"))
return {
"success": True,
"message": f"Synced {result.get('synced')} of {result.get('total_transactions')} transactions",
**result
}
except Exception as e:
logger.error("Failed to batch sync transactions to sales",
error=str(e),
tenant_id=tenant_id,
exc_info=True)
raise HTTPException(
status_code=500,
detail=f"Failed to batch sync transactions: {str(e)}"
)
@router.get(
"/tenants/{tenant_id}/pos/transactions/sync-status",
summary="Get sync status summary",
description="Get summary of synced vs unsynced transactions"
)
async def get_sync_status(
tenant_id: UUID = Path(..., description="Tenant ID"),
current_user: Dict[str, Any] = Depends(get_current_user_dep)
):
"""
Get sync status summary for POS transactions
Returns counts of:
- Total completed transactions
- Synced transactions
- Unsynced transactions
- Failed sync attempts
"""
try:
from app.services.pos_transaction_service import POSTransactionService
transaction_service = POSTransactionService()
# Get counts for different sync states
total_completed = await transaction_service.count_transactions_by_tenant(
tenant_id=tenant_id,
status="completed"
)
synced = await transaction_service.count_transactions_by_tenant(
tenant_id=tenant_id,
status="completed",
is_synced=True
)
unsynced = await transaction_service.count_transactions_by_tenant(
tenant_id=tenant_id,
status="completed",
is_synced=False
)
return {
"total_completed_transactions": total_completed,
"synced_to_sales": synced,
"pending_sync": unsynced,
"sync_rate": round((synced / total_completed * 100) if total_completed > 0 else 0, 2)
}
except Exception as e:
logger.error("Failed to get sync status",
error=str(e),
tenant_id=tenant_id,
exc_info=True)
raise HTTPException(
status_code=500,
detail=f"Failed to get sync status: {str(e)}"
)