diff --git a/.scratchpad/context.md b/.scratchpad/context.md deleted file mode 100644 index 07b2fbcf..00000000 --- a/.scratchpad/context.md +++ /dev/null @@ -1,26 +0,0 @@ -# Context — GoodGo POS Platform -> Updated: 2026-03-04 05:10 - -## Current Status -- **All Features Complete**: Phase A + B + C-E + Missing Features -- **Branch**: master -- **Commits**: `14d6c40` → `9630183` → `33047af` → `d95e80f` -- **Total**: +1,839 insertions, 33 BFF endpoints, 29 service methods -- **Docker**: needs restart + rebuild - -## DB Tables Used -- catalog_service: products, categories, recipes*, recipe_ingredients* -- order_service: orders, order_items, order_statuses -- merchant_service: merchants, shops, merchant_staff, staff_roles -- inventory_service: inventory_items, inventory_transactions -- membership_service: members, level_definitions -- promotion_service: campaigns, vouchers -- wallet_service: wallets, wallet_transactions -- booking_service: appointments, resources, staff_schedules -- fnb_engine: tables, table_statuses, kitchen_tickets, sessions -(*) = newly created - -## Deploy Command -cd deployments/local -docker compose build --no-cache web-client-tpos-net -docker compose up -d web-client-tpos-net diff --git a/.scratchpad/plan.md b/.scratchpad/plan.md deleted file mode 100644 index 7a862cea..00000000 --- a/.scratchpad/plan.md +++ /dev/null @@ -1,30 +0,0 @@ -# Plan — POS Feature Implementation -> Updated: 2026-03-03 21:01 - -## Strategy -- Use Claude CLI subagent for heavy BFF + service code -- Parallel edits where possible -- Commit after each phase -- Deploy + verify after Phase A - -## Current: Phase A — POS Core -### A1: Categories CRUD -- BFF: POST/PUT/DELETE categories (existing GET works) -- PosDataService: CreateCategory, UpdateCategory, DeleteCategory -- ShopPage: Add/Edit/Delete buttons on category section (or in menu tab) - -### A2: Order Management -- BFF: GET order/{id} details, PUT order/{id}/cancel -- PosDataService: GetOrderDetailAsync, CancelOrderAsync -- ShopPage finance tab: expand order rows → view items, cancel button - -### A3: Shop Update -- BFF: PUT shop/{id} (name, address, hours, phone) -- PosDataService: UpdateShopAsync -- ShopPage overview: edit shop info form - -### A4: Basic Reports -- BFF: GET reports/revenue?period=day|week|month -- ShopPage reports tab: revenue table with totals - -## Next: Phase B → C → D → E (see task.md) diff --git a/CTO_DEPLOYMENT_REPORT.md b/CTO_DEPLOYMENT_REPORT.md deleted file mode 100644 index 1773037d..00000000 --- a/CTO_DEPLOYMENT_REPORT.md +++ /dev/null @@ -1,162 +0,0 @@ -# CTO Deployment Report — QA Test Complete - -> Date: 2026-03-13 -> Tester: Claude (Automated UI Testing via Chrome) -> Environment: localhost:3001 (Docker Compose) - ---- - -## Executive Summary - -**41 test cases executed, 38 PASS, 3 SKIP (require manual intervention)** - -Toàn bộ tính năng Admin và Staff POS đã được kiểm tra trực tiếp trên Chrome UI. Platform hoạt động ổn định, không có regression từ Wave 1-3 fixes (202 files, 22 services). Staff POS được kiểm tra riêng biệt với pure staff session (chỉ có aPOS_token_staff, không có admin token) — xác nhận POS hoạt động đúng trong context staff-only. - -**Recommendation: READY FOR STAGING DEPLOYMENT** — All P0 bugs fixed, full E2E POS flow verified. - ---- - -## Test Coverage - -### Admin Features (All PASS) -| Feature | Status | Details | -|---------|--------|---------| -| Login + Dashboard | ✅ | User "hongochai10", sidebar full, shop Cobic Coffee | -| Shop Management | ✅ | Overview, 18 SP, 2 NV, staff list | -| Schedule (Ca làm việc) | ✅ | 5 ca, 2 NV, time 08:00-17:00, T2-T6 | -| POS Bán hàng | ✅ | "Mở POS" CTA, vertical Café detected | -| Menu & Đồ uống | ✅ | 18 products, 3 categories, CRUD icons | -| Nguyên liệu & Công thức | ✅ | 1 recipe linked to product | -| Tồn kho | ✅ | 8 items, 7 tabs, +Nhập/-Xuất/Delete | -| Tài chính | ✅ | Summary cards, time filters, empty state | -| Nhân sự (Chấm công) | ✅ | Attendance records load | -| Nhân sự (Nghỉ phép) | ✅ | Empty state correct | -| Khách hàng | ✅ | 3 tabs, empty state, add button | -| Khuyến mãi | ✅ | 2 tabs, empty state, add buttons | -| Báo cáo | ✅ | Summary with 18 SP, chart placeholder | -| Lưu trữ | ✅ | Folder system, search, upload | -| Thiết lập | ✅ | 3 sections, 6 feature toggles | - -### Staff Features (All PASS) -| Feature | Status | Details | -|---------|--------|---------| -| Login + Dashboard | ✅ | "Xin chào, Văn Bình!", Cashier role | -| Lịch làm việc | ✅ | Week view T2-T6, T7+CN "Nghỉ" | -| Chấm công | ✅ | 13/03 check-in 14:02, "Đang làm" | -| Nghỉ phép | ✅ | Empty state + "Xin nghỉ phép" button | -| Lương | ✅ | 4 cards, "đang phát triển" message | -| Thu ngân (POS Entry) | ✅ | "Mở POS Cafe" vertical detection | -| POS Cafe (Full) | ✅ | 18 items, cart, quantity, payment flow | - -### POS E2E — Order Flow (All PASS) -| Feature | Status | Details | -|---------|--------|---------| -| Cash Payment | ✅ | 190k order, 200k tendered, 10k change correct | -| Bank Transfer Payment | ✅ | 73k order, confirmation flow works | -| Order History | ✅ | Both orders visible with item breakdown | -| POS Dashboard | ✅ | 263k revenue, 2 orders, 7 items, top sellers | -| Admin Overview | ✅ | Revenue 263k, charts, recent orders | -| Admin Finance | ✅ | 263k, 2 orders, TB 131.5k, order table | -| Admin Reports | ✅ | 263k, top 6 products ranked by revenue | -| Staff POS Full E2E | ✅ | New session: 238k cash, receipt, "Đúng tiền" | -| Staff Pending Orders | ✅ | 6 orders, status filters, Xem/Cập nhật/Hủy | -| Staff POS Dashboard | ✅ | 238k today, 6 items sold, top sellers | -| Staff Order History | ✅ | 4 orders in 7-day view, time filters work | - -### Staff POS — Pure Staff Session (All PASS) -| Feature | Status | Details | -|---------|--------|---------| -| Pure Session Bank Transfer | ✅ | 120k order (Sandwich gà + Espresso + Latte), mã S8285D9B | -| Pure Session Dashboard | ✅ | 358k revenue, 2 orders, 9 items, top sellers correct | -| Pure Session Order History | ✅ | 3 orders today, newest S8285D9B 120k Chuyển khoản | - -### Auth & Session (All PASS) -| Feature | Status | Details | -|---------|--------|---------| -| Token Persistence | ✅ | Admin + Staff tokens survive navigation | -| Multi-Role Sessions | ✅ | Admin tab + Staff tab independent | -| Empty States | ✅ | Finance, Report, Leave all handled | - ---- - -## Bugs Found & Fixed (commit 344be33) - -### P0: BFF OrderController [Authorize] blocks POS orders — ✅ FIXED & VERIFIED -- **URL**: POST /api/bff/pos/orders -- **Root Cause**: Wave 1 auth fixes added `[Authorize]` to BFF OrderController, but BFF server has no JWT auth scheme configured → `InvalidOperationException` -- **Fix**: Removed `[Authorize]` — BFF proxies forward JWT via AuthForwardingHandler to downstream services -- **Files**: OrderController.cs (cb5bc95) -- **Verified**: POS order creation works (cash + bank transfer payments confirmed) - -### P0: Order Service DB tables missing — ✅ FIXED & VERIFIED -- **Root Cause**: EF Core migrations for order-service never applied to Docker PostgreSQL -- **Fix**: Generated idempotent SQL script, applied via `docker exec psql` -- **Verified**: Orders created and persisted correctly in order_service DB - -### P2: Duplicate Products in POS Grid — ✅ FIXED & VERIFIED -- **URL**: /pos/{shopId}/cafe -- **Root Cause**: Seed data chạy 2 lần → 18 products với IDs khác nhau nhưng cùng name/price trong catalog DB -- **Fix**: (1) Xóa 9 duplicate records trong DB, (2) BFF default `isActive=true`, (3) client-side dedup by ID as safety net -- **Files**: CatalogController.cs, PosDataService.cs + DB cleanup -- **Verified**: POS giờ hiển thị đúng 9 sản phẩm unique - -### P3: Admin Settings — Tên cửa hàng hiện "--" — ✅ FIXED & VERIFIED -- **URL**: /admin/shop/{shopId}/settings -- **Root Cause**: ShopPage.razor không truyền ShopName/VerticalLabel parameters cho ShopSettings component -- **Fix**: Pass `ShopName="@_shopName" VerticalLabel="@_verticalLabel"` to ShopSettings -- **Files**: ShopPage.razor -- **Verified**: Settings hiện "Cobic Coffee" / "Vertical_Cafe" đúng - ---- - -## Wave 1-3 Fix Verification - -| Wave | Scope | Regression? | -|------|-------|-------------| -| Wave 1: Auth (18 services) | [Authorize] + middleware | ❌ No regression — Admin + Staff login OK | -| Wave 1: Template artifacts | DB names, Dockerfiles, contexts | ❌ No regression — all services connect | -| Wave 1: Handler bugs (7 fixes) | ads-tracking, booking, mining, etc. | ❌ No regression — UI functional | -| Wave 2: 57 validators | FluentValidation across 9 services | ❌ No regression — forms work | -| Wave 2: 10 missing handlers | promotion, mission, mkt-facebook | ❌ No regression | -| Wave 3: Response format (30 controllers) | { success, data } wrapping | ❌ No regression — data loads correctly | - -**Zero regressions detected from 202-file fix across 22 services.** - ---- - -## Deployment Checklist - -### Ready for Staging ✅ -- [x] All P0 critical path tests pass (T1-T8, T39-T41) -- [x] Admin features fully functional (15 pages tested) -- [x] Staff features fully functional (7 pages tested) -- [x] POS order flow works end-to-end (product → cart → payment → receipt) -- [x] Cash payment with change calculation verified -- [x] Bank transfer payment flow verified -- [x] Order history shows all orders with correct data -- [x] Dashboard/Finance/Reports reflect real revenue (263.000đ from 2 orders) -- [x] Auth tokens persist correctly -- [x] Multi-role sessions work independently -- [x] No regressions from Wave 1-3 fixes -- [x] Fix P0: BFF OrderController auth blocker ✅ (cb5bc95) -- [x] Fix P0: Order service DB migrations ✅ (manual) -- [x] Fix P2: Duplicate products in POS grid ✅ (344be33) -- [x] Fix P3: Admin Settings shop name "--" ✅ (344be33) - -### Before Production -- [ ] T9: Verify API response format with DevTools -- [ ] T12: Verify unauthorized access redirects -- [ ] T14: Verify graceful error handling when services down -- [ ] Payment gateway integration (card/QR are UI-only, cash + bank transfer work) -- [ ] Order service DB migrations in CI/CD pipeline (currently manual) -- [ ] Investigate intermittent Blazor error bar during payment transitions - ---- - -## Recommended Next Steps - -1. **Deploy to Staging** — 38/41 tests pass, all P0 bugs fixed, full E2E POS verified (including pure staff session) -2. **Add order-service migrations to deploy pipeline** — Currently applied manually -3. **Manual QA** — DevTools network inspection, unauthorized access, error handling -4. **Load testing** — Verify performance with concurrent POS sessions -5. **Payment integration** — Wire VNPay/MoMo to card/QR payment UI diff --git a/CTO_FIX_TRACKER.md b/CTO_FIX_TRACKER.md deleted file mode 100644 index 71d8a47d..00000000 --- a/CTO_FIX_TRACKER.md +++ /dev/null @@ -1,182 +0,0 @@ -# CTO Fix Tracker — Post-Audit Action Plan - -> Generated: 2026-03-13 | Source: Per-service code audit (24 SERVICE_DOCS.md) -> Status: ALL WAVES COMPLETE ✅ - ---- - -## Executive Summary - -Audit 24 microservices phát hiện **6 loại vấn đề cross-cutting** và **nhiều bug cụ thể per-service**. -Ưu tiên theo impact: Security > Runtime Bugs > Code Quality > Tech Debt. - ---- - -## P0 — CRITICAL (Security & Runtime Failures) - -### P0-1: Missing Authentication/Authorization -**Impact**: Tất cả endpoints public, bất kỳ ai cũng gọi được API -**Affected**: 18/24 services (chỉ IAM + merchant có auth đầy đủ) - -| Service | Status | Fix | -|---------|--------|-----| -| catalog-service-net | No [Authorize] | Add auth middleware + attributes | -| order-service-net | No [Authorize] | Add auth middleware + attributes | -| booking-service-net | Public endpoints (only admin has auth) | Add [Authorize] to public controllers | -| fnb-engine-net | No [Authorize] | Add auth middleware + attributes | -| inventory-service-net | No [Authorize] | Add auth middleware + attributes | -| social-service-net | No JWT middleware in pipeline | Add UseAuthentication/UseAuthorization | -| mining-service-net | No [Authorize] | Add auth middleware + attributes | -| chat-service-net | Has [Authorize] ✅ | OK | -| membership-service-net | No [Authorize] | Add auth middleware + attributes | -| wallet-service-net | Has [Authorize] ✅ | OK | -| storage-service-net | Has [Authorize] ✅ | OK | -| ads-manager-service-net | No auth middleware | Add UseAuthentication/UseAuthorization | -| ads-serving-service-net | No auth middleware | Add UseAuthentication/UseAuthorization | -| ads-billing-service-net | No auth middleware | Add UseAuthentication/UseAuthorization | -| ads-tracking-service-net | No auth middleware | Add UseAuthentication/UseAuthorization | -| ads-analytics-service-net | No auth middleware | Add UseAuthentication/UseAuthorization | -| promotion-service-net | No [Authorize] | Add auth middleware + attributes | -| mission-service-net | No [Authorize] | Add auth middleware + attributes | -| mkt-facebook-service-net | No auth middleware | Add UseAuthentication/UseAuthorization | -| mkt-whatsapp-service-net | No [Authorize] | Add auth middleware + attributes | -| mkt-x-service-net | No [Authorize] | Add auth middleware + attributes | -| mkt-zalo-service-net | No [Authorize] | Add auth middleware + attributes | - -### P0-2: Template Artifacts (Runtime Failures) -**Impact**: Services connect to wrong database or fail to build Docker image - -| Service | Issue | Fix | -|---------|-------|-----| -| mission-service-net | DB name `myservice_db` instead of `mission_service` | Fix appsettings connection string | -| mkt-facebook-service-net | Dockerfile references `MyService.API` | Rename to FacebookService.API | -| mkt-whatsapp-service-net | DbContext file named `MyServiceContext.cs`, DB `myservice_db` | Rename file + fix connection string | -| promotion-service-net | docker-compose uses template naming | Fix service naming | - -### P0-3: Critical Handler Bugs - -| Service | Bug | Impact | -|---------|-----|--------| -| ads-tracking-service-net | `TrackPixelEventCommandHandler` creates PixelEvent but NEVER persists | All tracking data lost | -| ads-tracking-service-net | `RecordConversionCommand` has handler but NO controller exposes it | Dead code | -| booking-service-net | `UpdateResourceCommand` accepts Name/Capacity but only applies IsActive | Silent data loss | -| ads-manager-service-net | `ListPendingAdsQuery` filters "Pending" but enum is "pending_review" | Always returns empty | -| mining-service-net | `BanMinerCommand` calls Suspend() not Ban(); `ResetMinerStreakCommand` is no-op | Admin actions broken | -| order-service-net | Missing DB columns referenced by Dapper queries | Runtime SQL errors | -| mkt-x-service-net | Only ISampleRepository in DI; 8 other repos missing registration | Runtime DI failures | - ---- - -## P1 — HIGH (Data Integrity & Correctness) - -### P1-1: Missing FluentValidation Validators -**Impact**: Invalid data enters system without validation - -| Service | Commands without validators | -|---------|---------------------------| -| ads-manager-service-net | ALL 10 commands | -| ads-serving-service-net | ALL queries (no commands exist) | -| ads-billing-service-net | ALL 3 commands | -| ads-tracking-service-net | 2/3 commands | -| ads-analytics-service-net | ALL commands | -| mining-service-net | ALL commands | -| mission-service-net | ALL 4 commands | -| promotion-service-net | ALL 12 commands | -| social-service-net | ALL 8 commands | - -### P1-2: Missing Command/Query Handlers - -| Service | Missing Handler | -|---------|----------------| -| promotion-service-net | ExchangeVoucherCommand, PurchaseVoucherCommand (no handlers) | -| promotion-service-net | SearchVouchersQuery, GetCampaignStatisticsQuery, GetCampaignVouchersQuery (no handlers) | -| mission-service-net | GetUserMissionProgressQuery (no handler) | -| mkt-facebook-service-net | GetConversationsQuery, GetCustomersQuery (no handlers) | -| mkt-whatsapp-service-net | GetConversationsQuery (no handler, controller queries repo directly) | -| ads-manager-service-net | Audience query handlers missing | - -### P1-3: Repository Pattern Violations - -| Service | Issue | -|---------|-------| -| catalog-service-net | Category handlers use DbContext directly, bypass repository | -| booking-service-net | 3 repo interfaces in Infrastructure instead of Domain | -| ads-billing-service-net | No repository pattern at all, direct DbContext | -| ads-analytics-service-net | No repository pattern | -| ads-serving-service-net | No repository pattern | - ---- - -## P2 — MEDIUM (Code Quality & Conventions) - -### P2-1: Response Format Inconsistency -Standard: `{ success: bool, data: T }` — Many services return raw DTOs - -| Service | Issue | -|---------|-------| -| chat-service-net | Returns raw DTOs | -| membership-service-net | Mixed (Members raw, StampCards wrapped) | -| social-service-net | Returns raw DTOs | -| ads-* services | Returns raw DTOs | -| booking-service-net | Returns raw DTOs | - -### P2-2: Domain Events Defined but No Handlers - -| Service | Unused Events | -|---------|--------------| -| membership-service-net | MembershipLevelChangedDomainEvent (never raised) | -| social-service-net | UserUnblockedDomainEvent (never raised) | -| ads-manager-service-net | All events dispatched but no handlers | -| promotion-service-net | VoucherRedeemedDomainEvent (never consumed) | -| booking-service-net | Events defined but unused | - -### P2-3: Missing EF Migrations - -| Service | Issue | -|---------|-------| -| mkt-facebook-service-net | No migrations exist | -| ads-billing-service-net | Spurious InvoiceId1 FK column | -| ads-analytics-service-net | ClientRequest table missing from migration | - -### P2-4: Unused Dependencies (Tech Debt) -Redis, Dapper, Polly registered but unused in: booking, social, mining, mission, promotion, ads-* services - ---- - -## Fix Execution Plan - -### Wave 1 — P0 Security + Template (Parallel Agents) -- Agent 1: Fix auth for core services (catalog, order, booking, fnb-engine, inventory) -- Agent 2: Fix auth for social services (social, mining, membership, mission) -- Agent 3: Fix auth for ads services (ads-manager, ads-serving, ads-billing, ads-tracking, ads-analytics) -- Agent 4: Fix auth for mkt services (mkt-facebook, mkt-whatsapp, mkt-x, mkt-zalo, promotion) -- Agent 5: Fix template artifacts (mission, mkt-facebook, mkt-whatsapp, promotion) -- Agent 6: Fix critical handler bugs (ads-tracking, booking, ads-manager, mining, mkt-x) - -### Wave 2 — P1 Validators + Missing Handlers -- Agent 7-12: Add FluentValidation per service group -- Agent 13-15: Implement missing handlers - -### Wave 3 — P2 Code Quality -- Response format standardization -- Migration fixes -- Cleanup unused dependencies - ---- - -## Progress Tracking - -| Wave | Task | Status | Commit | -|------|------|--------|--------| -| 1 | Auth: core services (catalog, order, booking, fnb, inventory) | ✅ DONE | f8606e0 | -| 1 | Auth: social services (social, mining, membership, mission) | ✅ DONE | f8606e0 | -| 1 | Auth: ads services (5 services) | ✅ DONE | f8606e0 | -| 1 | Auth: mkt services + promotion | ✅ DONE | f8606e0 | -| 1 | Template artifacts (mission, mkt-facebook, mkt-whatsapp, promotion) | ✅ DONE | f8606e0 | -| 1 | Critical handler bugs (7 bugs across 5 services) | ✅ DONE | f8606e0 | -| 2 | Validators: ads services (16 validators) | ✅ DONE | 59b2cec | -| 2 | Validators: social+mining+mission+promotion (41 validators) | ✅ DONE | 59b2cec | -| 2 | Missing handlers (10 handlers across 4 services) | ✅ DONE | 59b2cec | -| 3 | Response format standardization (30 controllers, 8 services) | ✅ DONE | efabe49 | -| 3 | Migration fixes (InvoiceId1 FK, idempotency cleanup) | ✅ DONE | efabe49 | -| 3 | Cleanup unused dependencies (no DI registrations found) | ✅ N/A | — | diff --git a/CTO_REPORT_SHOP_DELETE.md b/CTO_REPORT_SHOP_DELETE.md deleted file mode 100644 index 86795329..00000000 --- a/CTO_REPORT_SHOP_DELETE.md +++ /dev/null @@ -1,118 +0,0 @@ -# CTO Report — Missing Shop Delete/Deactivate UI - -> Date: 2026-03-14 -> Reporter: QA Team (Automated Chrome Testing) -> Priority: P1 (Functional Gap) -> Status: RESOLVED -> Resolution: Implemented in commit 6263eeb (feat: add shop lifecycle management UI — deactivate & close shop) - ---- - -## Issue Summary - -Trang **Thiết lập cửa hàng** (`/admin/shop/{shopId}/settings`) không có chức năng xóa, đóng, hoặc vô hiệu hóa cửa hàng. Admin tạo shop mới nhưng không thể xóa/đóng shop từ UI. - -**URL kiểm tra**: `http://localhost:3001/admin/shop/0d25b74e-f855-4fba-9ca4-baa2c89e4811/settings` - ---- - -## Current State - -### UI (ShopSettings.razor) — Thiếu hoàn toàn -Trang Thiết lập chỉ có 3 section: -1. **Thông tin cửa hàng** — Tên, Ngành hàng (read-only) -2. **Giờ & ngày hoạt động** — Giờ mở/đóng, ngày kinh doanh -3. **Tính năng cửa hàng** — 6 toggles (tồn kho, bàn, bếp, đặt lịch, vận chuyển, giao hàng) - -**Không có**: Nút xóa, đóng, vô hiệu hóa, hoặc lưu trữ cửa hàng. - -### Backend (merchant-service-net) — Đã có đầy đủ -API endpoints đã implement và có handler + validation: - -| Action | Endpoint | Domain Method | Status Transition | -|--------|----------|---------------|-------------------| -| Vô hiệu hóa | `POST /api/v1/shops/{shopId}/deactivate` | `Shop.SetInactive()` | Active → Inactive (reversible) | -| Đóng cửa hàng | `POST /api/v1/shops/{shopId}/close` | `Shop.Close()` | Any → Closed (permanent) | -| Xóa mềm | — (no controller endpoint) | `Shop.Delete()` | Sets `_isDeleted = true` | - -**Authorization**: Handlers validate merchant ownership via JWT claims trước khi thực hiện. - -**Domain Events**: `ShopClosedDomainEvent` được raise khi đóng shop. - -**Shop Status Enum**: `Draft` → `Active` → `Inactive` (reversible) → `Closed` (permanent) - -### Files liên quan - -| Layer | File | Notes | -|-------|------|-------| -| UI | `Pages/Admin/Shop/ShopSettings.razor` | Thiếu delete/deactivate UI | -| UI | `Pages/Admin/Shop/ShopPage.razor` | Chỉ có edit, không có delete | -| API | `ShopsController.cs` (line 211-229) | Endpoints `/deactivate`, `/close` đã có | -| Handler | `ShopStatusCommandHandlers.cs` | `SetShopInactiveCommandHandler`, `CloseShopCommandHandler` | -| Domain | `Shop.cs` (line 298-319, 407-414) | `SetInactive()`, `Close()`, `Delete()` methods | -| Domain | `ShopStatus.cs` | Status enum: Draft, Active, Inactive, Closed | - ---- - -## Impact - -- **User Experience**: Admin không thể quản lý lifecycle cửa hàng (tạo → vô hiệu hóa → đóng/xóa) -- **Data Hygiene**: Shop test/demo không thể xóa, gây lộn xộn trong danh sách shop -- **Business Logic**: Merchant tạo shop mới cho mùa kinh doanh (ví dụ pop-up store) nhưng không thể đóng khi hết mùa - ---- - -## Recommended Implementation - -### Option A: Thêm "Danger Zone" vào ShopSettings.razor (Recommended) - -Thêm section cuối trang Thiết lập, tương tự GitHub repository settings: - -``` -┌─ Vùng nguy hiểm ──────────────────────────────────────┐ -│ │ -│ Tạm ngưng cửa hàng [Tạm ngưng] │ -│ Shop sẽ không hiển thị trên POS. │ -│ Có thể kích hoạt lại. │ -│ │ -│ ───────────────────────────────────────────────────── │ -│ │ -│ Đóng cửa hàng vĩnh viễn [Đóng shop] │ -│ Không thể hoàn tác. Tất cả dữ liệu │ -│ sẽ được lưu trữ nhưng shop sẽ bị khóa. │ -│ │ -│ ───────────────────────────────────────────────────── │ -│ │ -│ Xóa cửa hàng [Xóa shop] │ -│ Xóa mềm — shop sẽ không hiển thị │ -│ nhưng dữ liệu vẫn được giữ trong DB. │ -│ │ -└─────────────────────────────────────────────────────────┘ -``` - -### UX Requirements -1. **Confirmation dialog** (MudDialog) với nhập tên shop để xác nhận -2. **Phân quyền**: Chỉ Owner/Admin mới thấy Danger Zone -3. **Cascading effect notice**: Thông báo impact lên staff, orders, inventory -4. **"Tạm ngưng"** có nút **"Kích hoạt lại"** khi shop đang Inactive - -### API Calls (BFF) -- Cần thêm BFF proxy endpoints trong `WebClientTpos.Server`: - - `POST /api/bff/shops/{shopId}/deactivate` - - `POST /api/bff/shops/{shopId}/close` -- Forward đến `MerchantService` endpoints đã có - -### Effort Estimate -- **Frontend**: ~2-3 hours (Danger Zone UI + confirmation dialogs) -- **BFF**: ~30 minutes (proxy endpoints) -- **Backend**: 0 (đã có đầy đủ) -- **Testing**: ~1 hour (E2E verify) - ---- - -## Priority Justification - -**P1 (High)** vì: -- Backend đã implement đầy đủ → chỉ thiếu UI, effort thấp -- Đây là chức năng quản lý cơ bản mà mọi merchant platform cần có -- Ảnh hưởng trực tiếp đến trải nghiệm admin khi quản lý nhiều shop