admin/pos-system
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
700 Commits 1 Branch 0 Tags
c8a70f8d807205783d871d9c65b4e8f05e5eb2eb
Commit Graph

15 Commits

Author SHA1 Message Date
Ho Ngoc Hai
36a0a9c256 feat: Add functional tests for MktZaloService, new contract and load tests, and audit documentation, while removing a legacy infrastructure project and updating service configurations. 2026-03-25 15:00:05 +07:00
Ho Ngoc Hai
6d0ca5bee5 fix: resolve 4 P0 DevOps blockers — image tags, alertmanager, port conflicts 
DEVOPS-C-01: Replace hardcoded :latest with IMAGE_TAG placeholder in all 8
production K8s manifests. Update deploy-production.yml to sed-replace
IMAGE_TAG with commit SHA before kubectl apply (remove now-redundant
kubectl set image step).

DEVOPS-C-02: Configure Alertmanager — create alertmanager.yml with Slack +
email receivers (critical/warning/infra routes, inhibition rules). Add
alertmanager:v0.27.0 service to both docker-compose.observability.yml and
deployments/local/docker-compose.yml. Enable prometheus.yml target
(alertmanager:9093).

DEVOPS-C-03: Remove :latest from docker-build.yml main branch push. Now
only SHA tag is pushed for main; :staging+SHA for develop.

DEVOPS-C-04: Add 4 mkt-* services to deployments/local/docker-compose.yml
with unique host ports (facebook:5021, whatsapp:5022, x:5023, zalo:5024)
to eliminate port 5000 conflicts. Add corresponding Traefik routers and
load-balancer entries in infra/traefik/dynamic/routes.yml
(/api/v1/mkt/{facebook,whatsapp,x,zalo}).

Co-Authored-By: Paperclip <noreply@paperclip.ing>
 2026-03-23 09:46:32 +07:00
Ho Ngoc Hai
870f1218f8 feat: Phase 2 frontend — Spa, Retail, Cafe Blazor UI pages and BFF proxies 
Spa/Beauty UI (booking-service integration):
- TherapistManagement.razor: CRUD table, specialty multi-select, working hours
- AppointmentCalendar.razor: daily calendar grouped by therapist, color-coded statuses
- ShopTherapists embedded component for ShopPage, sidebar menu for spa/beauty
- BookingController BFF: therapist CRUD + appointment proxy endpoints
- Localization: vi-VN + en-US for "Nhân viên trị liệu"

Retail POS UI (catalog + inventory + order integration):
- RetailDesktop.razor: barcode input, API lookup, stock badges, cart warnings
- ReturnDialog.razor: order lookup, return/exchange mode toggle, refund summary
- StockOverview.razor: admin stock table, search/filter, threshold edit dialog
- PosDataService: barcode lookup, bulk stock, return/exchange API methods

Cafe UI (membership + fnb-engine integration):
- StampCard.razor: visual stamp grid, animated fill, celebration UI, claim/reset
- BaristaQueue.razor: 3-column Kanban, stats bar, auto-refresh 10s, pulse animation
- CafeController BFF: stamp cards + barista queue proxy endpoints

Infrastructure:
- Traefik: added /api/v1/therapists + /api/v1/appointments to booking-service
- ROADMAP: Phase 2 vertical tasks DONE, UI refinement IN-PROGRESS

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-03-06 17:03:55 +07:00
Ho Ngoc Hai
a7a753bf38 feat: EOD reports, security audit (rate limiting + 44 validators), and 30 critical path tests 
EOD Reports & Daily Close (order-service + Blazor UI):
- GetEodReportQuery: Dapper query for revenue, orders, payment breakdown, top items, hourly chart
- CloseDayCommand: check pending orders, generate final report
- EodReport.razor: 6 KPI cards, donut/bar charts, top 10 table, close-day dialog
- FluentValidation for both query and command
- BFF proxy endpoints for reports

Security Audit — Rate Limiting:
- Tighten auth-ratelimit from 100 to 10 req/min (brute force protection)
- Add payment-ratelimit (30/min), api-ratelimit (100/min), hub-ratelimit (500/min)
- Apply rate limits to ALL Traefik routers (previously many had none)

Security Audit — Input Sanitization (44 missing validators created):
- iam-service: 14 validators (auth, user, role commands)
- merchant-service: 11 validators (admin, attendance commands)
- wallet-service: 7 validators (wallet, points commands)
- fnb-engine: 7 validators (session, table, ticket, reservation)
- catalog-service: 6 validators (product, category CRUD)
- storage-service: 6 validators (upload, share, quota)
- order-service: 2 validators (complete order/payment)

Critical Path Unit Tests (30 new tests):
- inventory-service: 12 tests (deduction, partial stock, idempotency)
- wallet-service: 14 tests (create payment, process callback, domain events)
- fnb-engine: 8 tests (kitchen-served event handler, inventory client integration)

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-03-06 16:33:39 +07:00
Ho Ngoc Hai
653322b26c fix: resolve 12 critical/high issues from code review across backend, frontend, and infra 
Backend (7 fixes):
- wallet-service: remove conflicting EF Ignore() calls for mapped backing fields
- fnb-engine: remove KitchenTicket short constructor that set productId=orderItemId
- fnb-engine: replace fire-and-forget Task.Run with direct await for inventory deduction
- TenantMiddleware: implement PostgreSQL RLS SET LOCAL in 4 services (wallet, fnb, inventory, catalog)
- order-service: fix SQL injection pattern in TenantMiddleware with Guid.ToString("D")
- order-service: add ValidateShopAccess() authorization check in SignalR PosHub
- 4 services: register IDbConnection (NpgsqlConnection) in DI for RLS middleware

Frontend (3 fixes):
- PosDataService: return Success=false (not true) when PayOrder response parsing fails
- QrPayment: add _disposed guard to prevent timer race condition after component disposal
- BFF OrderController: add [Authorize] attribute to require JWT for all endpoints

Infrastructure (3 fixes):
- docker-compose: upgrade PostgreSQL 15-alpine to 16-alpine per project spec
- init-databases.sh: add 4 missing marketing service databases (mkt_*)
- Traefik routes: add wallet, catalog, booking routers and /api/v1/stock path

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-03-06 16:22:08 +07:00
Ho Ngoc Hai
8af86e9e89 feat: implement Phase 1 payment gateway, real-time SignalR, kitchen-inventory deduction, and order payment flow 
- wallet-service: IPaymentGateway abstraction + VN Pay implementation (HMAC-SHA512, sandbox), Payment aggregate root, PaymentsController with create/callback/query endpoints
- order-service: PosHub SignalR hub with Redis backplane + MessagePack, strongly-typed clients, 3 group types (shop/kds/pos), integrated into Create/Pay/Complete/Cancel order handlers
- fnb-engine + inventory-service: Kitchen→Inventory auto-deduction via domain events, HTTP with Polly retry + circuit breaker, idempotency check, graceful degradation on insufficient stock
- order-service: Enhanced PayOrderCommand with 3 flows (cash/card/online), PaymentPending status, WalletServiceClient, CompleteOrderPaymentCommand for gateway callbacks
- POS frontend: Cash/Card/QR payment components wired to real backend, BFF proxy updated
- infra: Traefik routes for fnb-engine, inventory-service, and SignalR WebSocket hub
- ROADMAP.md: Updated with Phase 1 progress tracking

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-03-06 13:28:46 +07:00
Ho Ngoc Hai
2e1bb65bd3 feat: implement merchant subscription management and enhanced user account/security features with a new BFF layer. 2026-03-06 12:34:53 +07:00
Ho Ngoc Hai
462e1d0861 feat: Cấu hình các hằng số client OAuth2 và định tuyến Traefik cho các endpoint OIDC của IdentityServer. 2026-01-16 11:07:16 +07:00
Ho Ngoc Hai
8783588ec4 Thêm các bài kiểm tra chức năng và đơn vị cho quản lý vai trò trong dịch vụ IAM, đồng thời cập nhật cấu hình Docker, Traefik và các bài kiểm tra dịch vụ thành viên. 2026-01-15 18:50:50 +07:00
Ho Ngoc Hai
580e074145 feat: Thêm dịch vụ MerchantService mới và cập nhật các tệp điều khiển thành viên trong MembershipService. 2026-01-15 18:14:13 +07:00
Ho Ngoc Hai
56f08857db feat(traefik): Add Storage Service routing and update IAM service URL 
- Introduced routing for the Storage Service with rules for file management endpoints.
- Updated IAM service base URL to "http://iam-service-net:8080" for consistency.
- Configured load balancer for the Storage Service to enhance file management capabilities.
 2026-01-13 21:32:36 +07:00
Ho Ngoc Hai
96dc13c38a fix: Cấu hình thủ công Traefik và cập nhật phiên bản để khắc phục sự cố Docker provider cục bộ. 2026-01-04 14:52:30 +07:00
Ho Ngoc Hai
a383d8772e feat: Cấu hình lại ứng dụng IAM, cập nhật cấu trúc routes, tích hợp RBAC và thêm các bài kiểm tra tích hợp. 2026-01-04 14:27:41 +07:00
Ho Ngoc Hai
b104fafa85 Refactor auth-service to iam-service and update related documentation 
- Renamed auth-service to iam-service across various files for consistency.
- Updated Dockerfiles, deployment configurations, and documentation to reflect the service name change.
- Enhanced testing commands in documentation to point to the new iam-service.
- Removed outdated auth-service files and configurations to streamline the project structure.
- Improved bilingual documentation for clarity on the new service structure and usage.
 2025-12-30 20:54:21 +07:00
Ho Ngoc Hai
4da46b5b8e Sure! Pl 2025-12-27 01:31:10 +07:00