Redesign all 6 onboarding steps with inline step indicators replacing
the fixed sidebar layout. Simplified structure with admin-content/admin-panel
pattern for consistency with other admin pages.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
CRITICAL fixes:
- update_product: fetch current product first, include productId in body (was 400)
- period enum: "week"/"month" → "7d"/"30d" to match backend handler
- Token leakage: add axios response interceptor to strip Authorization from errors
- Token expiry: add 401 detection with clear user-facing message
HIGH fixes:
- create_product: handle raw Guid response (was returning "unknown")
- update_product: merge with existing values to avoid overwriting with defaults
- Startup validation: warn if API_TOKEN is not set
- Graceful shutdown: handle SIGINT/SIGTERM with server.close()
- Error handler: shared module with structured API error extraction
- Type safety: replace `any` with proper DTO interfaces across all tools
- Promise.allSettled in cost_analysis for partial failure resilience
- Timeout increased 15s → 30s for analytics queries
MEDIUM fixes:
- amount fields use .int() (inventory backend expects int, not float)
- ingredients array requires .min(1) (prevent empty recipes)
- isActive default removed (show all products by default)
- pageSize default aligned to 20 (matches backend)
- String length limits on name/description fields
- Locale-explicit formatting (vi-VN)
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
CTO Audit findings and fixes:
- Port config: all 4 services were using wrong localhost ports (5002/5003/5004/5019).
All services run behind Traefik on port 80 — consolidated to single gateway client.
- Route fix: /shops/{shopId}/products → /products?shopId= (Traefik routes /shops to merchant-service)
- Response parsing: dashboard API uses "revenue"/"popularItems" (not "totalRevenue"/"topItems")
- Added .gitignore to prevent .env with JWT tokens from being committed
Verified all 12 tools against live Docker services via Traefik gateway.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
MCP server with 12 tools across 4 groups:
- Catalog: list/create/update/delete products
- Inventory: check stock, record intake/usage, low stock alerts
- Recipes: list and create recipes with ingredients
- Analytics: popular items, cost analysis
Uses @modelcontextprotocol/sdk with stdio transport for Claude Code integration.
Connects to catalog-service, inventory-service, fnb-engine via REST APIs.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
- Add "Danger Zone" section to ShopSettings with deactivate/close actions
- CloseShopConfirmDialog: type shop name to confirm (GitHub-style)
- BFF: proxy endpoints POST /shops/{id}/deactivate and /close
- MerchantApiService: DeactivateShopAsync(), CloseShopAsync()
- CTO report documenting the gap and implementation
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
PosLayout.razor hardcoded navigation to /admin for the settings button
and sidebar link, causing staff users to land on the admin page.
Now uses AuthStateService.GetPortalUrl() for role-aware routing.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Added T39-T41: Staff POS tested with only aPOS_token_staff
(admin token removed). Bank transfer 120k, dashboard 358k,
order history all verified in staff-only context.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Added T35-T38: Staff POS order creation (238k cash), pending orders
(6 orders with status filters), POS dashboard (real revenue), and
order history (4 orders across 7 days). All Staff POS features working.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Added T28-T34: full POS order flow tests (create order, cash payment
with change, bank transfer, order history, dashboard, finance, reports).
Updated CTO report with P0 bug fixes and deployment readiness.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
BFF server forwards JWT via AuthForwardingHandler to downstream services.
Adding [Authorize] on BFF controllers causes "No authenticationScheme was specified"
error since the BFF server itself has no JWT middleware configured.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
P2: POS duplicates were DB seed issue (9 records deleted), now 9 unique products.
P3: Settings shop name now shows "Cobic Coffee" correctly.
Both verified visually on Chrome.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Both P2 (duplicate POS products) and P3 (settings shop name) resolved
in commit 344be33. Updated checklist and next steps.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
P2: Products appeared 2x in POS grid — BFF now filters isActive=true
by default, plus client-side dedup by product ID as safety net.
P3: Admin Settings showed "--" for shop name — parent ShopPage now
passes ShopName and VerticalLabel parameters to ShopSettings component.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
27 test cases covering all admin (15 pages) and staff (7 pages) features.
Zero regressions from Wave 1-3 fixes. 2 bugs found: duplicate POS products (P2),
settings shop name display (P3). Recommendation: ready for staging.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Wave 2 — 3 parallel agents fixing P1 issues:
Validators (57 new FluentValidation validators):
- ads-manager: 10 validators for all commands
- ads-billing: 3 validators for all commands
- ads-tracking: 2 validators for missing commands
- ads-analytics: 1 validator for CreateReport
- social: 8 validators for all commands
- mining: 16 validators for all commands
- mission: 4 validators for all commands
- promotion: 13 validators for all commands
Missing handlers (10 implemented):
- promotion: ExchangeVoucher, PurchaseVoucher, SearchVouchers,
GetCampaignStatistics, GetCampaignVouchers
- mission: GetUserMissionProgress
- mkt-facebook: GetConversations, GetCustomers
- ads-manager: ListAudiences, GetAudienceById
All validators use bilingual messages (EN/VI) and are auto-registered
via MediatR ValidatorBehavior pipeline.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
- Rewrite StaffSchedule.razor from hardcoded stub to real API integration
(profile → shop schedules → filter by staffId)
- Fix admin ShopSchedule role column: use staff role from merchant data
instead of showing "—"
- Add FormatTime() helper to strip seconds from time display (08:00:00 → 08:00)
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
1. Attendance API now joins with MerchantStaff to return staffName instead of showing truncated staffId
2. AuthService uses role-suffixed localStorage keys (aPOS_token_owner, aPOS_token_staff) to prevent
staff and admin tokens from overwriting each other on the same origin
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
- BFF: add GET /api/bff/shops/{shopId}/attendance proxy to merchant-service
- ShopAttendance.razor: replace mock data with real attendance API call
- Calculate present/late/absent counts from actual attendance records
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
- BFF: extract approver/rejector userId from JWT instead of accepting Guid.Empty from client
- Staff pages (Dashboard, Leave, Attendance): move data loading to OnAfterRenderAsync
to fix token timing bug where OnInitializedAsync runs before auth session is restored
- EF Core: fix AttendanceRepository to use public properties after HasField() migration
- LeaveRequest: fix DateTime UTC kind for Npgsql 10 compatibility
- merchant-service: add debug seed endpoints for staff/shop test data
- EF configs: migrate to HasField() pattern for private field mapping
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
- Fix DTO field mismatch: QuantityChange→Quantity, Reason→Notes in PosDataService
- Fix ItemType enum mismatch: FinishedProduct→FinishedGood, Supply→Consumable in ShopInventory
- Add ResolveTransactionTypeName fallback in InventoryMapper when Type nav property is null
- Add "In"/"Out" alternative matches for TransactionType in history display
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Sửa tất cả tiếng Việt không dấu thành có dấu đúng chính tả trong
các phần: Product Manager, CTO, Tech Lead, Backend Dev, Frontend Dev,
QA, DevOps, và Workflow section.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Add PM role with market analysis, user stories, PRD creation, priority matrix,
and Vietnamese merchant personas. Update workflow to include PM as first and
last step in the development pipeline.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
