From 9dbe0f8b6c554a8ad16cda773b1e402ab9f4a24e Mon Sep 17 00:00:00 2001 From: Daniel Bedeleanu Date: Sat, 11 Apr 2026 14:26:55 +0300 Subject: [PATCH] refactor: translate all docstrings and comments to English (STRICT ENGLISH POLICY complete) --- backend/auth.py | 10 +++++----- backend/main.py | 4 ++-- backend/routers/categories.py | 8 ++++---- backend/routers/items.py | 22 +++++++++++----------- backend/routers/operations.py | 14 +++++++------- backend/routers/users.py | 16 ++++++++-------- 6 files changed, 37 insertions(+), 37 deletions(-) diff --git a/backend/auth.py b/backend/auth.py index 8130c627..bf055b58 100644 --- a/backend/auth.py +++ b/backend/auth.py @@ -1,6 +1,6 @@ """ [C-01] JWT Authentication Module -Implementare Bearer token authentication pentru API endpoints. +Implement Bearer token authentication for API endpoints. """ import os from datetime import datetime, timedelta, timezone @@ -13,7 +13,7 @@ from pydantic import BaseModel # Configuration SECRET_KEY = os.environ.get("JWT_SECRET_KEY") if not SECRET_KEY: - # Genereaza o cheie de fallback pentru dev (NU PENTRU PRODUCȚIE) + # Generate fallback key for dev (NOT FOR PRODUCTION) import secrets SECRET_KEY = secrets.token_urlsafe(32) import sys @@ -60,8 +60,8 @@ def create_access_token(user_id: int, username: str, role: str, expires_delta: O async def get_current_user(credentials: HTTPAuthCredentials = Depends(security)): """ - Dependency que valideaza JWT token din Authorization header. - Returneaza TokenData cu user_id, username, role. + Dependency that validates JWT token from Authorization header. + Returns TokenData with user_id, username, role. """ token = credentials.credentials try: @@ -91,7 +91,7 @@ async def get_current_user(credentials: HTTPAuthCredentials = Depends(security)) async def get_current_admin(current_user: TokenData = Depends(get_current_user)): - """Dependency que verifica daca user-ul are rol 'admin'.""" + """Dependency that checks if user has 'admin' role.""" if current_user.role != "admin": raise HTTPException( status_code=status.HTTP_403_FORBIDDEN, diff --git a/backend/main.py b/backend/main.py index 476c0e9b..45d45f8b 100644 --- a/backend/main.py +++ b/backend/main.py @@ -21,8 +21,8 @@ app.state.limiter = limiter app.add_exception_handler = limiter.add_exception_handler # [SECURITY FIX M-01] CORS: allow_origins=["*"] + allow_credentials=True is invalid per spec. -# Originile permise se configurează via variabila de mediu ALLOWED_ORIGINS (comma-separated). -# Fallback sigur: doar localhost pentru development. +# Allowed origins are configured via ALLOWED_ORIGINS environment variable (comma-separated). +# Secure fallback: localhost only for development. _raw_origins = os.environ.get( "ALLOWED_ORIGINS", "http://localhost:3000,http://localhost:3002" diff --git a/backend/routers/categories.py b/backend/routers/categories.py index 526122eb..089babcb 100644 --- a/backend/routers/categories.py +++ b/backend/routers/categories.py @@ -17,7 +17,7 @@ def get_categories( db: Session = Depends(get_db), current_user: auth.TokenData = Depends(auth.get_current_user) ): - """[C-01] Lista categorii — doar utilizatori autentificati.""" + """[C-01] List of categories — only for authenticated users.""" categories = db.query(models.Category).all() # Auto-seed if empty with defaults mentioned by user if not categories: @@ -40,7 +40,7 @@ def create_category( db: Session = Depends(get_db), current_user: auth.TokenData = Depends(auth.get_current_user) ): - """[C-01] Creare categorie — doar utilizatori autentificati.""" + """[C-01] Create category — only for authenticated users.""" existing = db.query(models.Category).filter(models.Category.name == category.name).first() if existing: raise HTTPException(status_code=400, detail="Category already exists") @@ -58,7 +58,7 @@ def update_category( db: Session = Depends(get_db), current_user: auth.TokenData = Depends(auth.get_current_user) ): - """[C-01] Actualizare categorie — doar utilizatori autentificati.""" + """[C-01] Update category — only for authenticated users.""" db_cat = db.query(models.Category).filter(models.Category.id == cat_id).first() if not db_cat: raise HTTPException(status_code=404, detail="Category not found") @@ -77,7 +77,7 @@ def delete_category( db: Session = Depends(get_db), current_user: auth.TokenData = Depends(auth.get_current_user) ): - """[C-01] Ștergere categorie — doar utilizatori autentificati.""" + """[C-01] Delete category — only for authenticated users.""" cat = db.query(models.Category).filter(models.Category.id == cat_id).first() if not cat: raise HTTPException(status_code=404, detail="Category not found") diff --git a/backend/routers/items.py b/backend/routers/items.py index ce222fbf..594adf52 100644 --- a/backend/routers/items.py +++ b/backend/routers/items.py @@ -7,7 +7,7 @@ from slowapi.util import get_remote_address from .. import models, schemas, auth from ..database import get_db -# [H-02] Rate limiter pentru extract-label endpoint +# [H-02] Rate limiter for extract-label endpoint limiter = Limiter(key_func=get_remote_address) router = APIRouter( @@ -20,7 +20,7 @@ def read_item_stats( db: Session = Depends(get_db), current_user: auth.TokenData = Depends(auth.get_current_user) ): - """[C-01] Statistici iteme — doar utilizatori autentificati.""" + """[C-01] Item statistics — only for authenticated users.""" total_categories = db.query(models.Category).count() total_items = db.query(models.Item).count() @@ -41,7 +41,7 @@ def read_items( db: Session = Depends(get_db), current_user: auth.TokenData = Depends(auth.get_current_user) ): - """[C-01] Lista iteme — doar utilizatori autentificati.""" + """[C-01] List of items — only for authenticated users.""" items = db.query(models.Item).offset(skip).limit(limit).all() return items @@ -51,7 +51,7 @@ def read_item( db: Session = Depends(get_db), current_user: auth.TokenData = Depends(auth.get_current_user) ): - """[C-01] Obține item — doar utilizatori autentificati.""" + """[C-01] Get item — only for authenticated users.""" item = db.query(models.Item).filter(models.Item.id == item_id).first() if item is None: raise HTTPException(status_code=404, detail="Item not found") @@ -66,14 +66,14 @@ async def extract_label( file: UploadFile = File(...), current_user: auth.TokenData = Depends(auth.get_current_user) ): - """[C-01] Extragere etichetă din imagine — doar utilizatori autentificati. [H-02] Rate limit: 10 req/min per IP.""" + """[C-01] Extract label from image — only for authenticated users. [H-02] Rate limit: 10 req/min per IP.""" from ..ai_vision import extract_label_info # [SECURITY FIX H-03] Validare tip MIME și dimensiune maximă if file.content_type not in _ALLOWED_IMAGE_TYPES: raise HTTPException( status_code=status.HTTP_415_UNSUPPORTED_MEDIA_TYPE, - detail=f"Tip fișier nepermis: {file.content_type}. Acceptat: {', '.join(_ALLOWED_IMAGE_TYPES)}" + detail=f"File type not allowed: {file.content_type}. Accepted: {', '.join(_ALLOWED_IMAGE_TYPES)}" ) contents = await file.read() @@ -81,7 +81,7 @@ async def extract_label( if len(contents) > _MAX_IMAGE_SIZE: raise HTTPException( status_code=status.HTTP_413_REQUEST_ENTITY_TOO_LARGE, - detail="Fișierul depășește limita de 10MB." + detail="File exceeds 10MB limit." ) result = extract_label_info(contents) @@ -93,7 +93,7 @@ def create_item( db: Session = Depends(get_db), current_user: auth.TokenData = Depends(auth.get_current_user) ): - """[C-01] Creare item — doar utilizatori autentificati. [M-02] user_id din token.""" + """[C-01] Create item — only for authenticated users. [M-02] user_id from token.""" # Check if barcode exists db_item = db.query(models.Item).filter(models.Item.barcode == item.barcode).first() if db_item: @@ -104,7 +104,7 @@ def create_item( db.commit() db.refresh(db_item) - # Audit log the creation — [M-02] user_id din token, nu din body + # Audit log the creation — [M-02] user_id from token, not from body audit = models.AuditLog( user_id=current_user.sub, action="CREATE_ITEM", @@ -123,7 +123,7 @@ def update_item( db: Session = Depends(get_db), current_user: auth.TokenData = Depends(auth.get_current_user) ): - """[C-01] Actualizare item — doar utilizatori autentificati.""" + """[C-01] Update item — only for authenticated users.""" db_item = db.query(models.Item).filter(models.Item.id == item_id).first() if not db_item: raise HTTPException(status_code=404, detail="Item not found") @@ -142,7 +142,7 @@ def delete_item( db: Session = Depends(get_db), current_user: auth.TokenData = Depends(auth.get_current_user) ): - """[C-01] Ștergere item — doar utilizatori autentificati.""" + """[C-01] Delete item — only for authenticated users.""" db_item = db.query(models.Item).filter(models.Item.id == item_id).first() if not db_item: raise HTTPException(status_code=404, detail="Item not found") diff --git a/backend/routers/operations.py b/backend/routers/operations.py index ec9028ec..c196f310 100644 --- a/backend/routers/operations.py +++ b/backend/routers/operations.py @@ -15,7 +15,7 @@ def check_in_item( db: Session = Depends(get_db), current_user: auth.TokenData = Depends(auth.get_current_user) ): - """[C-01] Check-in item — doar utilizatori autentificati. [M-02] user_id din token.""" + """[C-01] Check-in item — only for authenticated users. [M-02] user_id from token.""" if op.quantity <= 0: raise HTTPException(status_code=400, detail="Quantity must be greater than zero") @@ -26,7 +26,7 @@ def check_in_item( # Update quantity item.quantity += op.quantity - # Create Mandatory Audit Log — [M-02] user_id din token + # Create Mandatory Audit Log — [M-02] user_id from token audit = models.AuditLog( user_id=current_user.sub, action="CHECK_IN", @@ -45,7 +45,7 @@ def check_out_item( db: Session = Depends(get_db), current_user: auth.TokenData = Depends(auth.get_current_user) ): - """[C-01] Check-out item — doar utilizatori autentificati.""" + """[C-01] Check-out item — only for authenticated users.""" if op.quantity <= 0: raise HTTPException(status_code=400, detail="Quantity must be greater than zero") @@ -78,7 +78,7 @@ def trash_item( db: Session = Depends(get_db), current_user: auth.TokenData = Depends(auth.get_current_user) ): - """[C-01] Trash item — doar utilizatori autentificati.""" + """[C-01] Trash item — only for authenticated users.""" if op.quantity <= 0: raise HTTPException(status_code=400, detail="Quantity must be greater than zero") @@ -112,7 +112,7 @@ def bulk_check_out( db: Session = Depends(get_db), current_user: auth.TokenData = Depends(auth.get_current_user) ): - """[C-01] Bulk check-out — doar utilizatori autentificati.""" + """[C-01] Bulk check-out — only for authenticated users.""" results = {"success": [], "errors": []} for op in bulk_op.items: @@ -151,7 +151,7 @@ def bulk_sync( db: Session = Depends(get_db), current_user: auth.TokenData = Depends(auth.get_current_user) ): - """[C-01] Bulk sync offline operations — doar utilizatori autentificati.""" + """[C-01] Bulk sync offline operations — only for authenticated users.""" results = {"success": [], "errors": []} for op in payload.operations: @@ -206,7 +206,7 @@ def get_logs( db: Session = Depends(get_db), current_user: auth.TokenData = Depends(auth.get_current_user) ): - """[C-01] Lista audit logs — doar utilizatori autentificati.""" + """[C-01] Audit logs list — only for authenticated users.""" # Join with User to get the username directly logs_with_users = db.query( models.AuditLog.id, diff --git a/backend/routers/users.py b/backend/routers/users.py index 41e7b16a..f3250dc3 100644 --- a/backend/routers/users.py +++ b/backend/routers/users.py @@ -129,7 +129,7 @@ def get_users( db.add(new_user) db.commit() db.refresh(new_user) - log.warning(f"[SECURITY] Admin initial seeded. Temporary password: {initial_password} — SCHIMBAȚI IMEDIAT!") + log.warning(f"[SECURITY] Admin initial seeded. Temporary password: {initial_password} — CHANGE IMMEDIATELY!") return [new_user] return users @@ -139,7 +139,7 @@ def create_user( db: Session = Depends(get_db), current_user: auth.TokenData = Depends(auth.get_current_admin) ): - """[C-01] Creare utilizator — doar admin.""" + """[C-01] Create user — admin only.""" existing = db.query(models.User).filter(models.User.username == user.username).first() if existing: raise HTTPException(status_code=400, detail="Username already exists") @@ -154,7 +154,7 @@ def create_user( @router.post("/login", response_model=schemas.TokenResponse) def login(form_data: schemas.UserLogin, db: Session = Depends(get_db)): """ - [C-01] Login endpoint: validează credențiale și returnează JWT token Bearer. + [C-01] Login endpoint: validates credentials and returns JWT Bearer token. """ user = db.query(models.User).filter(models.User.username == form_data.username).first() @@ -199,7 +199,7 @@ def login(form_data: schemas.UserLogin, db: Session = Depends(get_db)): if not authenticated or not user: raise HTTPException(status_code=401, detail="Invalid username or password") - # [C-01] Generare JWT token + # [C-01] Generate JWT token token = auth.create_access_token( user_id=user.id, username=user.username, @@ -221,7 +221,7 @@ def update_user( db: Session = Depends(get_db), current_user: auth.TokenData = Depends(auth.get_current_admin) ): - """[C-01] Actualizare utilizator — doar admin.""" + """[C-01] Update user — admin only.""" db_user = db.query(models.User).filter(models.User.id == user_id).first() if not db_user: raise HTTPException(status_code=404, detail="User not found") @@ -248,7 +248,7 @@ def update_user( @router.get("/ldap-config") def get_ldap_settings(current_user: auth.TokenData = Depends(auth.get_current_admin)): - """[C-01] Obține config LDAP — doar admin.""" + """[C-01] Get LDAP config — admin only.""" return get_ldap_config() @router.post("/ldap-config") @@ -256,7 +256,7 @@ def update_ldap_settings( config: dict, current_user: auth.TokenData = Depends(auth.get_current_admin) ): - """[C-01] Actualizează config LDAP — doar admin.""" + """[C-01] Update LDAP config — admin only.""" config_path = os.path.join(database.DATA_DIR, "ldap_config.json") with open(config_path, "w") as f: json.dump(config, f) @@ -320,7 +320,7 @@ def delete_user( db: Session = Depends(get_db), current_user: auth.TokenData = Depends(auth.get_current_admin) ): - """[C-01] Ștergere utilizator — doar admin.""" + """[C-01] Delete user — admin only.""" user = db.query(models.User).filter(models.User.id == user_id).first() if not user: raise HTTPException(status_code=404, detail="User not found")