Canalul web trece de la 100% deschis (hardcodat cont 1) la autentificat si multi-tenant. Un service nou se inregistreaza din browser, primeste o cheie API (o singura data) si o sesiune; contul se creeaza "in asteptare" (active=0) si nu trimite la RAR pana la activarea de catre admin (tools/account.py activate). - users + app/users.py: parole scrypt (salt per-user, eticheta parametri onorata la verify pentru migrare cost), email unic case-insensitive - sesiune: SessionMiddleware (same_site=strict, https_only config) + app/web/session.py (current_account/web_account/require_login->LoginRequired, set_session clear-inainte) - CSRF (app/web/csrf.py) enforce in prod inclusiv pe login/signup + rate-limit in-proces (app/web/ratelimit.py) pe signup si login - signup/login/logout (app/web/auth_routes.py): signup tranzactie atomica, cheie-o-data, log SIGNUP pentru descoperire admin - dashboard + import scoped pe contul sesiunii (regula NULL->cont 1); toate rutele web care ating date sensibile sub require_login; nomenclator ramane global - banner "cont in asteptare" pentru conturi active=0 - gate worker: claim_one LEFT JOIN accounts COALESCE(active,1)=1 (account_id NULL=activ) VERIFY context curat (2 runde): leak cross-account /_fragments/mapari prins+reparat. /code-review high: csrf_token lipsa pe re-randari de eroare, scrypt_params ignorat, login fara rate-limit -- toate reparate. 361 teste pass (de la 313). Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
59 lines
2.2 KiB
HTML
59 lines
2.2 KiB
HTML
<div id="mapari-section" class="card">
|
|
<h2 style="font-size:15px; margin:0 0 12px;">Mapari de rezolvat</h2>
|
|
|
|
{% if message %}
|
|
<div class="flash">{{ message }}</div>
|
|
{% endif %}
|
|
|
|
{% if not pending %}
|
|
<div class="empty">Nicio operatie nemapata. Tot ce a venit s-a tradus in coduri RAR.</div>
|
|
{% else %}
|
|
<p class="muted" style="margin:0 0 12px; font-size:13px;">
|
|
Operatii ROAAUTO necunoscute, blocate in <span class="s-needs_mapping">needs_mapping</span>.
|
|
Alege codul RAR (sugestia fuzzy e preselectata) si salveaza — submission-urile se deblocheaza automat.
|
|
</p>
|
|
|
|
{% for e in pending %}
|
|
{% set top = e.suggestions[0] if e.suggestions else None %}
|
|
{% set preselect = top.cod_prestatie if (top and top.score >= 60) else '' %}
|
|
<form class="maprow" hx-post="/mapari" hx-target="#mapari-section" hx-swap="outerHTML">
|
|
<input type="hidden" name="csrf_token" value="{{ csrf_token or '' }}">
|
|
<input type="hidden" name="cod_op_service" value="{{ e.cod_op_service }}">
|
|
|
|
<div class="mapcol grow">
|
|
<div><strong>{{ e.cod_op_service }}</strong>
|
|
<span class="pill" title="submission-uri blocate">{{ e.blocked }} blocate</span></div>
|
|
<div class="muted">{{ e.denumire or '(fara denumire)' }}</div>
|
|
{% if e.suggestions %}
|
|
<div class="muted" style="font-size:12px; margin-top:4px;">
|
|
sugestii:
|
|
{% for s in e.suggestions[:3] %}
|
|
<span class="sugg">{{ s.cod_prestatie }} ({{ s.score|round|int }}%)</span>{% if not loop.last %}, {% endif %}
|
|
{% endfor %}
|
|
</div>
|
|
{% endif %}
|
|
</div>
|
|
|
|
<div class="mapcol">
|
|
<select name="cod_prestatie" required>
|
|
<option value="">— alege cod RAR —</option>
|
|
{% for n in nomenclator %}
|
|
<option value="{{ n.cod_prestatie }}" {% if n.cod_prestatie == preselect %}selected{% endif %}>
|
|
{{ n.cod_prestatie }} — {{ n.nume_prestatie }}
|
|
</option>
|
|
{% endfor %}
|
|
</select>
|
|
</div>
|
|
|
|
<div class="mapcol">
|
|
<label class="chk"><input type="checkbox" name="auto_send" value="true" checked> auto-send</label>
|
|
</div>
|
|
|
|
<div class="mapcol">
|
|
<button type="submit">Salveaza</button>
|
|
</div>
|
|
</form>
|
|
{% endfor %}
|
|
{% endif %}
|
|
</div>
|