feat(5.6): observabilitate + jurnal aplicatie + lifecycle trimiteri blocate

Implementeaza PRD 5.6 complet (14 stories, TDD). Doua axe:

Lifecycle trimiteri blocate (Val A):
- submissions_admin.py: sterge/repune scoped (404 cross-account inaintea lui 409 stare)
- reactivare dedup peste `error` cu CAS (WHERE id=? AND status='error'), creds noi in
  submissions + accounts.rar_creds_enc; worker invalideaza sesiunea RAR la creds proaspete
  (JWT 30h vechi nu mai trimite cu parola gresita); camp aditiv `reactivated:true`
- retentie randuri blocate 30z; purge_expired exclude queued/sending; purge_after curatat
  la reactivare/requeue
- API DELETE /v1/prezentari/{id} + /repune (200+JSON); UI butoane + bulk + banner actionabil

Observabilitate:
- app/observ.py log_event: dublu canal app_events (DB) + RotatingFileHandler per-proces,
  redactare creds/PII la scriere (redact_pii/vin_partial)
- request_id middleware + X-Request-ID pe toate raspunsurile
- handler global excepții -> 500 envelope 6-chei + request_id (traceback doar in jurnal)
- audit cerere API (api_prezentari/api_auth_esuat) + audit worker (rar_login/tranzitii)
- tab "Jurnal" filtrabil scoped (non-admin doar contul sau); retentie jurnal 90z
- rar_error expus in GET /v1/prezentari/{id} (recovery observabil)

pytest -q: 741 passed, 0 failed. Docs: PRD raport VERIFY, contract endpointuri noi, ROADMAP.

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
This commit is contained in:
Claude Agent
2026-06-23 18:45:39 +00:00
parent f48346de5c
commit c842e3352a
40 changed files with 2851 additions and 64 deletions

View File

@@ -185,3 +185,64 @@ def test_status_se_reincarca_htmx(client):
assert 'id="status-bar"' in html, (
"Fragmentul nu are id='status-bar' pe containerul radacina"
)
# ============================================================
# US-014: banner "Necesita atentia ta" actionabil
# ============================================================
def _insert_submission_vehicul(status, account_id, vin, nr):
from app.db import get_connection
import json
conn = get_connection()
try:
conn.execute(
"INSERT INTO submissions (idempotency_key, account_id, status, payload_json) VALUES (?, ?, ?, ?)",
(f"k-{os.urandom(5).hex()}", account_id, status,
json.dumps({"vin": vin, "nr_inmatriculare": nr, "data_prestatie": "2026-06-15",
"odometru_final": "1", "prestatii": [{"cod_prestatie": "OE-1"}]})),
)
conn.commit()
finally:
conn.close()
def test_categorie_blocata_linkeaza_la_trimiteri_filtrate(client):
acct_id, _ = _create_account_user("link@test.com", "parolasecreta10")
_login(client, "link@test.com", "parolasecreta10")
_insert_submission("error", acct_id)
html = client.get("/_fragments/status").text
# Link HTMX catre lista filtrata pe error + deep-link server-side
assert "/_fragments/submissions?status=error" in html
assert "tab=acasa&status=error" in html
def test_status_arata_identificator_rand_blocat(client):
acct_id, _ = _create_account_user("ident@test.com", "parolasecreta10")
_login(client, "ident@test.com", "parolasecreta10")
_insert_submission_vehicul("error", acct_id, "WVWZZZ1KZAW000123", "B123ABC")
html = client.get("/_fragments/status").text
# VIN partial (ultimele 4) + nr inmatriculare + #id
assert "0123" in html, "lipseste VIN partial"
assert "B123ABC" in html, "lipseste nr inmatriculare"
assert "WVWZZZ1KZAW000123" not in html, "VIN integral nu trebuie expus"
def test_scoped_pe_cont(client):
from app.accounts import create_account
from app.db import get_connection
acct_id, _ = _create_account_user("own@test.com", "parolasecreta10")
conn = get_connection()
try:
other = create_account(conn, "Alt", active=True)
finally:
conn.close()
_login(client, "own@test.com", "parolasecreta10")
_insert_submission_vehicul("error", other, "OTHERVIN000009999", "X999ZZZ")
html = client.get("/_fragments/status").text
# randul altui cont NU apare in banner-ul meu
assert "X999ZZZ" not in html
assert "9999" not in html