- Add YTD year-over-year comparison table for cash flow evolution
- Extend monthly evolution from 6 to 12 months with dynamic year extraction
- Simplify monthly view to show only Net values aligned with YTD table
- Upgrade client/supplier display from Top 5 to Top 10 with alphabetical sorting
- Remove Refresh and Export buttons from dashboard and evolution views
- Add get_trends() API method for 12-month historical data from backend
- Fix default years to 2025/2024 for accurate YTD calculations
Changes:
- client.py: New get_trends() method calls /api/dashboard/trends endpoint
- helpers.py: Rewrite get_cashflow_evolution_data() to use trends and calculate YTD
- formatters.py: Complete redesign with YTD table and simplified 12-month Net view
- menus.py: Alphabetical sorting for clients/suppliers, removed refresh buttons
- handlers.py: Disabled refresh/export buttons on dashboard and evolution views
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
**Interface improvements:**
- Add persistent Login/Logout buttons to main menu
- Help button now updates text above menu (not separate message)
- Expired token automatically transforms menu to Login state
- Consolidate linking success messages (single welcome + menu)
**Fix callback_data length limits (Telegram 64-byte limit):**
- Truncate client/supplier names to 40 chars in callback_data
- Use full names for API calls but truncated for buttons
- Fix pagination buttons for long partner names (30 chars limit)
- Search entities by prefix match to handle truncated names
**Treasury improvements:**
- Show ALL bank/cash accounts (removed 5-item limit)
- Remove unnecessary Refresh/Export buttons from treasury views
- Handle "Message is not modified" error gracefully
**Bug fixes:**
- Fix Markdown parsing errors (replace <cod> with `CODUL_TAU`)
- Fix silent errors when token expires (show user-friendly message)
- Fix Button_data_invalid errors on pagination and details
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
Move load_dotenv() call before all app.* imports in main.py to fix the
import-time environment variable loading issue.
Problem:
- Previously, load_dotenv() was called AFTER importing app.* modules
- When app.api.client was imported, it read BACKEND_URL at import time
- At that moment, .env was not yet loaded, so it used the hardcoded default
- This caused the bot to connect to wrong backend port even when .env was
correctly configured
Solution:
- Move load_dotenv() to line 20-21, immediately after standard library imports
- This ensures .env is loaded BEFORE any app.* modules are imported
- Now all modules see the correct environment variables from .env file
- Also updated BACKEND_URL default from 8001 to 8000 for consistency
Flow now:
1. Import standard libraries (os, Path, dotenv, etc.)
2. Load .env file (line 20-21) ✅
3. Import app.* modules (which can now read env vars correctly) ✅
4. Import telegram-python-bot and other dependencies
5. Start application
This follows Python best practices for environment variable loading and
ensures reliable configuration loading in Windows Service deployments.
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
Change hardcoded default backend URL from development port (8001) to
production port (8000) in Telegram bot API client.
This fixes the issue where Telegram bot would try to connect to wrong port
when BACKEND_URL environment variable is not properly loaded from .env file,
causing "Cannot connect to backend" errors during account linking.
Root cause: When .env file is not loaded correctly by Windows Service,
the code falls back to the hardcoded default value which was incorrectly
set to the development port 8001 instead of production port 8000.
Changes:
- reports-app/telegram-bot/app/api/client.py: Change default from 8001 to 8000
- Add comment explaining this is for production deployment
This ensures the bot connects to the correct backend port even if .env
configuration has issues during service startup on Windows Server.
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
Fix AttributeError crash when backend is unreachable during account linking.
Previously, when telegram bot couldn't connect to backend, the error handler
tried to access e.response.status_code on a ConnectError exception which
doesn't have a response attribute.
Changes to reports-app/telegram-bot/app/api/client.py:
- Import ConnectError from httpx
- Add separate exception handler for ConnectError before HTTPError handler
- Log clear error message indicating backend connectivity issue
- Return None gracefully instead of crashing with AttributeError
Changes to deployment/windows/docs/TELEGRAM_BOT_TROUBLESHOOTING.md:
- Add new section "Problem: Cannot connect to backend / Connection Errors"
- Add diagnostic steps for backend service verification
- Add checklist for BACKEND_URL configuration (http://localhost:8000)
- Add Issue 5: Backend Service Not Running
- Add Issue 6: Wrong Backend URL in Telegram Bot
- Include PowerShell commands for Windows Server troubleshooting
This fix ensures the Telegram bot provides clear error messages when backend
is unavailable instead of crashing, making debugging easier for production
deployments.
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
Fix issue where backend cannot communicate with Telegram bot service to save
authentication codes during account linking flow. This caused "link invalid or
expired" errors when users tried to link Telegram accounts.
Changes:
- Add TELEGRAM_BOT_INTERNAL_API environment variable to backend .env.example
(defaults to http://localhost:8002 for local/Windows deployments)
- Update CLAUDE.md with Telegram Bot integration requirements for Windows
- Add comprehensive troubleshooting guide for Windows deployment at
deployment/windows/docs/TELEGRAM_BOT_TROUBLESHOOTING.md
The troubleshooting guide includes:
- Diagnostic steps to verify service health and connectivity
- Common issues and solutions (port conflicts, firewall, wrong bot token)
- PowerShell commands for Windows Server administration
- Verification steps for end-to-end testing
This ensures proper backend-to-telegram-bot communication for the auth code
linking workflow in production Windows deployments.
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
Issues fixed:
1. Build-Frontend.ps1: Add verification that requirements.txt is included in deployment package
- Prevents incomplete packages that cause ModuleNotFoundError on server
- Throws error if critical files are missing before package is transferred
2. Deploy-ROA2WEB.ps1: Auto-detect first deployment and force install dependencies
- Automatically sets ForceInstallDependencies=true on first deployment
- Add -ForceInstallDependencies parameter for manual override
- Better error handling and validation for pip install
- Shows clear error messages with manual recovery instructions
This fixes the "ModuleNotFoundError: No module named 'httpx'" error that occurred
when deploying to Windows Server without explicitly forcing dependency installation.
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
Creates detailed 60-page implementation roadmap for transforming ROA2WEB from
single-tenant to multi-tenant SaaS architecture. Plan includes 6 phases with
backward compatibility, hybrid connection support (SSH tunnel + direct), and
complete deployment strategies for dev/Docker/Windows environments.
Key features:
- Tenant isolation with separate Oracle connection pools per tenant
- Dynamic SSH tunnel management with auto-restart
- Encrypted credentials in PostgreSQL/SQLite tenant config DB
- JWT-based tenant identification and access validation
- Redis cache namespacing per tenant
- Comprehensive testing and migration strategies
Timeline: 14-20 days implementation
Target: <10% performance overhead, zero downtime migration
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
Cleaned up repository by removing files that were duplicates or
outdated:
Removed documentation (duplicates moved to root docs/):
- docs/DEVELOPMENT_BLUEPRINT.md (outdated)
- docs/PRODUCTION_CHECKLIST.md (outdated)
Removed telegram-bot documentation (superseded by main docs):
- FAZA1_IMPLEMENTATION_SUMMARY.md (implementation completed)
- TELEGRAM_COMMANDS.md (now in main README)
- TELEGRAM_UI_REFACTOR_PLAN.md (refactor completed)
Removed root test files (moved to tests/ directory):
- test_claude_integration.py → tests/test_claude_integration.py
- test_claude_response.py → tests/test_claude_response.py
- test_db.py → tests/test_db.py
All content is preserved in proper locations.
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
Added essential configuration templates that were missing from the
repository due to overly restrictive .gitignore patterns.
Changes to .gitignore:
- Added negation patterns for .env.example files
- Added negation patterns for .dockerignore files
- These are safe template files with placeholder values
Files added:
- .env.example (root): Main environment configuration template
- reports-app/backend/.env.example: Backend configuration template
- reports-app/frontend/.env.example: Frontend configuration template
- reports-app/telegram-bot/.env.example: Telegram bot config template
- reports-app/telegram-bot/.dockerignore: Docker build exclusions
These template files help developers quickly set up their local
development environment by copying and customizing them.
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
This commit addresses the overly restrictive .gitignore pattern that
was excluding all test files (test_*.py), including legitimate pytest
and unittest test suites essential for code quality and CI/CD.
Changes to .gitignore:
- Added negation patterns !**/tests/test_*.py and !**/test_*.py
to allow proper test files while still blocking temporary scripts
- This enables pytest test suites to be tracked by git
Added test files (17 files):
Telegram Bot Tests (15 files):
- reports-app/telegram-bot/tests/test_auth.py
Tests for authentication and account linking flow
- reports-app/telegram-bot/tests/test_callbacks.py
Tests for callback query handlers
- reports-app/telegram-bot/tests/test_formatters.py
Tests for message formatting utilities
- reports-app/telegram-bot/tests/test_formatters_extended.py
Extended formatter tests
- reports-app/telegram-bot/tests/test_handlers_menu.py
Tests for menu handlers
- reports-app/telegram-bot/tests/test_helpers.py
Tests for helper functions
- reports-app/telegram-bot/tests/test_helpers_extended.py
Extended helper tests
- reports-app/telegram-bot/tests/test_helpers_real.py
Real integration tests for helpers
- reports-app/telegram-bot/tests/test_helpers_real_simple.py
Simplified integration tests
- reports-app/telegram-bot/tests/test_login_flow.py
Complete login flow integration tests
- reports-app/telegram-bot/tests/test_menus.py
Menu system tests
- reports-app/telegram-bot/tests/test_session_company.py
Session and company management tests
- reports-app/telegram-bot/test_claude_integration.py
Manual integration test (Claude AI)
- reports-app/telegram-bot/test_claude_response.py
Response formatting test
- reports-app/telegram-bot/test_db.py
Database operations manual test
Shared Module Tests (2 files):
- shared/auth/test_auth.py
Authentication system tests
- shared/database/test_pool.py
Oracle connection pool tests
Security verification:
✅ All test files use mock objects, fixtures, and environment variables
✅ No hardcoded credentials or secrets found
✅ Safe for version control
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
This commit fixes overly broad .gitignore patterns that were excluding
important source code files from version control. Previously, wildcard
patterns like *auth*, *token*, *secret*, *connection*, and *credential*
were excluding ALL files containing these words, including critical
application code.
Changes:
- Updated .gitignore with specific patterns for sensitive config files
(*.json, *.txt, *.yml, *.yaml extensions only)
- Removed broad wildcards that excluded source code files
Added missing source files:
- shared/auth/ (9 files): Complete authentication system
- JWT handler, middleware, auth service, models, routes
- reports-app/backend/app/routers/auth.py: Authentication API router
- reports-app/backend/app/auth_middleware_wrapper.py: Middleware wrapper
- reports-app/frontend/src/stores/auth.js: Vue.js auth store
- reports-app/frontend/tests/: E2E tests and fixtures for auth
- reports-app/telegram-bot/app/auth/: Telegram auth linking module
- deployment/windows/scripts/Setup-ClaudeAuth.ps1: Windows deployment script
- security/secrets_scanner.py: Security scanning utility
These files are essential for the application to function and should
have been included in the initial commit.
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
