Creates detailed 60-page implementation roadmap for transforming ROA2WEB from
single-tenant to multi-tenant SaaS architecture. Plan includes 6 phases with
backward compatibility, hybrid connection support (SSH tunnel + direct), and
complete deployment strategies for dev/Docker/Windows environments.
Key features:
- Tenant isolation with separate Oracle connection pools per tenant
- Dynamic SSH tunnel management with auto-restart
- Encrypted credentials in PostgreSQL/SQLite tenant config DB
- JWT-based tenant identification and access validation
- Redis cache namespacing per tenant
- Comprehensive testing and migration strategies
Timeline: 14-20 days implementation
Target: <10% performance overhead, zero downtime migration
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
This commit addresses the overly restrictive .gitignore pattern that
was excluding all test files (test_*.py), including legitimate pytest
and unittest test suites essential for code quality and CI/CD.
Changes to .gitignore:
- Added negation patterns !**/tests/test_*.py and !**/test_*.py
to allow proper test files while still blocking temporary scripts
- This enables pytest test suites to be tracked by git
Added test files (17 files):
Telegram Bot Tests (15 files):
- reports-app/telegram-bot/tests/test_auth.py
Tests for authentication and account linking flow
- reports-app/telegram-bot/tests/test_callbacks.py
Tests for callback query handlers
- reports-app/telegram-bot/tests/test_formatters.py
Tests for message formatting utilities
- reports-app/telegram-bot/tests/test_formatters_extended.py
Extended formatter tests
- reports-app/telegram-bot/tests/test_handlers_menu.py
Tests for menu handlers
- reports-app/telegram-bot/tests/test_helpers.py
Tests for helper functions
- reports-app/telegram-bot/tests/test_helpers_extended.py
Extended helper tests
- reports-app/telegram-bot/tests/test_helpers_real.py
Real integration tests for helpers
- reports-app/telegram-bot/tests/test_helpers_real_simple.py
Simplified integration tests
- reports-app/telegram-bot/tests/test_login_flow.py
Complete login flow integration tests
- reports-app/telegram-bot/tests/test_menus.py
Menu system tests
- reports-app/telegram-bot/tests/test_session_company.py
Session and company management tests
- reports-app/telegram-bot/test_claude_integration.py
Manual integration test (Claude AI)
- reports-app/telegram-bot/test_claude_response.py
Response formatting test
- reports-app/telegram-bot/test_db.py
Database operations manual test
Shared Module Tests (2 files):
- shared/auth/test_auth.py
Authentication system tests
- shared/database/test_pool.py
Oracle connection pool tests
Security verification:
✅ All test files use mock objects, fixtures, and environment variables
✅ No hardcoded credentials or secrets found
✅ Safe for version control
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
This commit fixes overly broad .gitignore patterns that were excluding
important source code files from version control. Previously, wildcard
patterns like *auth*, *token*, *secret*, *connection*, and *credential*
were excluding ALL files containing these words, including critical
application code.
Changes:
- Updated .gitignore with specific patterns for sensitive config files
(*.json, *.txt, *.yml, *.yaml extensions only)
- Removed broad wildcards that excluded source code files
Added missing source files:
- shared/auth/ (9 files): Complete authentication system
- JWT handler, middleware, auth service, models, routes
- reports-app/backend/app/routers/auth.py: Authentication API router
- reports-app/backend/app/auth_middleware_wrapper.py: Middleware wrapper
- reports-app/frontend/src/stores/auth.js: Vue.js auth store
- reports-app/frontend/tests/: E2E tests and fixtures for auth
- reports-app/telegram-bot/app/auth/: Telegram auth linking module
- deployment/windows/scripts/Setup-ClaudeAuth.ps1: Windows deployment script
- security/secrets_scanner.py: Security scanning utility
These files are essential for the application to function and should
have been included in the initial commit.
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
