Commit Graph

89 Commits

Author SHA1 Message Date
bbe60bb471 test: add integration tests for item creation with auto-photo-save 2026-04-21 19:31:26 +03:00
4f63b3b99e feat: integrate auto-photo-save into item creation endpoint
- Extend ItemCreate schema with optional extracted_image_bytes (base64) and image_processing (dict)
- Update create_item endpoint to call _auto_save_photo_from_extraction after item creation
- Decode base64 image bytes and pass crop_bounds, rotation_degrees to helper
- Don't block item creation if photo save fails (log warning instead)
- Item returned with photo_path, photo_thumbnail_path populated if save succeeded
- Full backward compatibility: old clients without image fields work unchanged
- Add 5 integration tests covering all scenarios:
  - Create item WITH image_processing → photo auto-saved
  - Create item WITHOUT image_processing → no photo (backward compatible)
  - Create item WITH invalid image_processing → item created, photo skipped
  - Create item WITH crop_bounds=None → item created, photo skipped
  - Create item WITH bytes but NO processing metadata → item created, photo skipped
- All 158 backend tests passing, zero regressions
2026-04-21 19:00:06 +03:00
eca1ab7fd0 feat: add _auto_save_photo_from_extraction helper with graceful fallbacks 2026-04-21 18:56:17 +03:00
ada3669217 test: add tests for image_processing field from AI extraction
- Added 11 comprehensive tests for image_processing parsing
- Tests validate crop_bounds structure: {x, y, width, height} all ints >= 0
- Tests validate rotation_degrees: int/float, -360 to +360
- Tests validate confidence: float, 0.0 to 1.0
- Tests graceful handling when image_processing field is missing
- Tests multiple items with image_processing data
- Tests partial data handling (optional fields)
- Tests with both Gemini and Claude providers
- Updated extract_label_info() to preserve and validate image_processing field
- All tests passing, no regressions
2026-04-21 18:53:04 +03:00
770b02864d fix: handle CORS preflight OPTIONS requests before routing 2026-04-21 18:17:00 +03:00
6f1e7731d7 fix: implement subnet-aware CORS middleware to replace insecure wildcard origins 2026-04-21 17:58:14 +03:00
904e153d8a temp: allow all CORS origins for debugging LDAP login issue
Temporarily using allow_origins=['*'] to debug whether CORS is blocking
LDAP login requests from VPN client. This is insecure for production.
TODO: Fix subnet pattern matching in ALLOWED_ORIGINS configuration.
2026-04-21 15:32:01 +03:00
2078cd9ade fix: resolve CORS preflight issues and Next.js dev origin warnings
- Simplify backend CORS middleware to use standard FastAPI implementation
- Keep subnet validation function for future use in route-level checks
- Add Tailscale subnet pattern to Next.js allowedDevOrigins config
- Both individual IPs and subnet configurations now work correctly
2026-04-21 15:19:45 +03:00
983d6e4bb4 feat: add subnet-based CORS validation support for VPN/Tailscale origins
- Add ipaddress module for subnet parsing (10.0.0.0/24 format)
- Implement subnet validation in CORS middleware
- Separate individual IPs from subnet definitions in EXTRA_ALLOWED_ORIGINS
- Custom SubnetAwareCORSMiddleware for dynamic origin validation
- Support both exact IP matches and subnet ranges
- Backward compatible with existing ALLOWED_ORIGINS list
2026-04-21 15:17:29 +03:00
e46777b933 merge: Phase 1 image system implementation complete
- Database: Added photo_path, photo_thumbnail_path, photo_upload_date fields
- Services: ImageStorage (file ops) + ImageProcessor (image processing pipeline)
- API: POST/PUT /api/items/{id}/photo upload endpoints with validation
- API: GET /api/items/{id} returns photo URLs
- Static: FastAPI StaticFiles mount for /images/ directory
- Tests: 127+ comprehensive tests across all components
- Security: Fixed race conditions, path traversal, crop validation
- Ready for Phase 2 (frontend UI)

Co-Authored-By: Claude Haiku 4.5 <noreply@anthropic.com>
2026-04-20 22:47:31 +03:00
294555c574 feat(phase1): add static file serving for /images/ 2026-04-20 22:43:33 +03:00
af8dcbae3a fix(phase1): fix race condition, path traversal, double processing, validation in photo API 2026-04-20 22:39:02 +03:00
8d2750cfa3 fix(phase1): fix deprecated PIL APIs, private API, exception handling, magic numbers, transparency, DoS prevention 2026-04-20 22:21:51 +03:00
3aafacab12 feat(phase1): implement OpenCV image processing pipeline
- Create ImageProcessor service with EXIF orientation detection
- Implement smart cropping via OpenCV contour detection (10% padding)
- Add text orientation detection using Hough line transform
- Resize and compress images to 1200px with 85% JPEG quality
- Generate 200px square thumbnails with center crop
- Fallback to Pillow if OpenCV fails
- Comprehensive test suite: 28 tests all passing
- File size validation (reject >10MB)
- Graceful error handling for corrupted/invalid images
- Update requirements.txt with opencv-python, piexif, python-magic
2026-04-20 22:17:11 +03:00
01321bf607 fix(phase1): restore API contract while preserving N+1 optimization
The N+1 optimization in save_image() pre-lowercases the existing_files list
before passing to get_unique_filename(). However, this broke the API contract:
the function should handle any-case input to remain robust.

Changed: get_unique_filename() now defensively lowercases the input list,
ensuring collision detection works regardless of input case.

Benefits:
- Fixes implicit API contract change (function expected any-case input)
- Maintains N+1 optimization (pre-lowercasing still works)
- Supports both optimization and edge cases (direct function calls)
- All 22 tests pass
2026-04-20 22:09:58 +03:00
2951ed81eb fix(phase1): add logging, remove unused import, add error handling 2026-04-20 22:06:18 +03:00
ea49cd6e4a feat(phase1): add image storage utilities
- Create backend/services/image_storage.py with 4 core functions:
  - sanitize_filename(): remove unsafe chars, limit to 255 chars, convert to lowercase
  - get_unique_filename(): handle collisions with UUID suffix (format: {name}_{uuid8}_{variant}.jpg)
  - ensure_image_directories(): create /images/ root and category subdirs on startup
  - save_image(): save bytes to /images/{category}/{filename}, returns relative path
- Create comprehensive test suite (22 tests) covering all functionality
- Integrate ensure_image_directories() into FastAPI startup event
- Directory structure: /images/{category}/{filename}
- Collision handling: auto-suffix with UUID if filename exists
- All tests passing, pathlib.Path for safe operations
2026-04-20 21:57:26 +03:00
92f6977cae fix(phase1): add photo fields to schemas and set datetime default 2026-04-20 21:49:51 +03:00
6ed88fdb84 feat(phase1): add photo fields to Item model 2026-04-20 21:36:18 +03:00
d9ead1aafd fix: repair login endpoint registration in auth router 2026-04-19 17:20:11 +03:00
8fcd4150e5 refactor: split admin/config.py into ai_config and db_config 2026-04-19 17:10:56 +03:00
239368e595 refactor: split schemas.py into schemas/ package 2026-04-19 17:08:11 +03:00
6dc300d339 refactor: split bulk-sync into backend/routers/sync.py 2026-04-19 12:37:09 +03:00
90e9a60640 refactor: split LDAP auth into backend/routers/auth.py 2026-04-19 12:35:40 +03:00
145fa21805 fix: update backend tests to match actual API - all 41 tests passing 2026-04-19 09:08:21 +03:00
0c70e216e1 fix: update test files to match actual backend schemas and endpoints 2026-04-19 08:43:56 +03:00
5895215209 test: add offline sync and UUID idempotency tests 2026-04-18 17:03:26 +00:00
436a3cdd97 test: add AI extraction pipeline tests (mocked) 2026-04-18 17:02:41 +00:00
2734a7f4d2 test: add category CRUD tests 2026-04-18 17:01:42 +00:00
a54f015b64 test: add stock operations and offline sync tests 2026-04-18 17:00:52 +00:00
0ca846af15 test: add item CRUD and validation tests 2026-04-18 16:59:56 +00:00
5a984d1e6b test: add user authentication and CRUD tests 2026-04-18 16:57:18 +00:00
e652e4b7b3 test: improve conftest.py code quality - add type hints, docstrings, DRY refactoring 2026-04-18 16:54:53 +00:00
9b45ece68f test: fix token fixtures to return JWT strings instead of TokenData objects 2026-04-18 16:50:54 +00:00
be83262644 test: create pytest conftest with shared fixtures for backend tests 2026-04-18 16:48:30 +00:00
6aabf3eac1 feat(ai): refine extraction prompt with human-readable size conversions
- Add SIZE CONVERSION RULES section (critical) with explicit thresholds
- Convert ≥1600GB to TB format (e.g., 1600GB → 1.6TB)
- Convert memory ≥1024MB to GB format
- Update Item field examples with human-readable sizes
- Update Size field definition to emphasize HUMAN-READABLE format
- Update OCR key definition with size conversion examples
- Apply rules consistently across all size-related fields

This ensures AI-extracted items display sizes in user-friendly format
and improves OCR matching accuracy with normalized size representations.

Co-Authored-By: Claude Haiku 4.5 <noreply@anthropic.com>
2026-04-17 12:57:06 +03:00
da83c91a5b feat: add side-by-side item comparison for duplicate Part Numbers
New Component: ItemComparisonModal.tsx
- Shows existing vs new item side-by-side
- Highlights fields that are different (in yellow)
- Options to Update item or Skip (local-only save)
- Shows existing item ID and comparison details

Backend Changes:
- Updated error message to say 'Part Number' not 'barcode'
- 409 response includes existing item data for comparison
- Clear, user-friendly conflict messaging

Frontend Changes:
- New state for comparison modal (newItem, existingItem, existingId)
- handleOnboardingComplete() shows modal on 409 conflict
- handleComparisonUpdate() calls updateItem() API
- handleComparisonSkip() saves locally without syncing
- Better error handling distinguishes 409 from other failures

Workflow:
1. User imports item with Part Number that already exists
2. System shows comparison modal
3. User can:
   - Update (merges new data into existing)
   - Skip (saves locally, doesn't sync to cloud)
2026-04-17 12:35:42 +03:00
ade8dcde78 fix: prevent duplicate item creation with barcode conflict detection
Backend:
- Added UNIQUE constraint check on barcode before item creation
- Returns 409 Conflict with user-friendly message if duplicate exists
- Prevents sqlite3.IntegrityError crashes

Frontend:
- Improved error handling for cloud sync failures
- Detects 409 status code (duplicate barcode)
- Shows specific error message to user
- Gracefully falls back to local-only save

Example error message: 'Item already exists. Item with barcode P66093-002 already exists (ID: 42). Update it instead or use a different barcode.'
2026-04-17 12:29:53 +03:00
26b38ea27c feat: enhance OCR matching with fuzzy logic and refined AI prompt
AI Prompt Improvements:
- Standardized Item name format: [size] type vendor connector part_number
- Clear examples: '5m Patchcord LC-LC', '256GB SSD Samsung SAS', '128GB DDR4 Hynix'
- OCR key format: uppercase, space-separated tokens, includes variations/abbreviations
- Excludes diameter/mm measurements from Item field
- Allows 'HP'/'HPE', 'DDR'/'DDR4', 'NVMe'/'NVME' variations in OCR keys

OCR Matching Logic:
- Implemented Levenshtein distance fuzzy matching (allows 1-2 char differences)
- Priority 0: Exact OCR key match (1000pts) + fuzzy match fallback (800pts)
- Priority 2: Part number exact (200pts) + fuzzy match (150pts)
- Priority 3: Token-based with fuzzy tolerance (50pts exact, 30pts fuzzy)
- Removes whitespace for comparison (e.g., 'LCLC' matches 'LC-LC')

Resolves OCR identification failures from minor text variations.
2026-04-17 12:12:26 +03:00
6760ab0abf Build [v1.10.2] 2026-04-15 17:54:21 +03:00
062df8cfd9 Build [v1.10.0] 2026-04-15 17:31:58 +03:00
db918a86ab feat(admin): finalizing modular refactoring with testing suite and UI polish 2026-04-15 16:41:20 +03:00
Daniel Bedeleanu
1893c4f38b modificari mari 2026-04-15 15:20:45 +03:00
Daniel Bedeleanu
6c57b1b0c2 blabla 2026-04-14 22:54:19 +03:00
Daniel Bedeleanu
00ee4cf9c5 Build [v1.9.19] 2026-04-14 20:44:01 +03:00
Daniel Bedeleanu
fcb187974e Build [v1.9.18] 2026-04-13 23:43:52 +03:00
Daniel Bedeleanu
ee7e7b7bd7 Build [v1.9.12] (Secure Seal & LDAP Sync: Custom Caddy & Config Volume) 2026-04-13 22:25:19 +03:00
Daniel Bedeleanu
bdf6d605cd Build [v1.9.10] (Access & SSL Recovery: Fixed Admin info and Explicit IP Proxy) 2026-04-13 22:07:15 +03:00
Daniel Bedeleanu
07b15c8e01 Build [v1.9.1] (CORS Dynamic IP Resolution Fix) 2026-04-13 20:52:29 +03:00
Daniel Bedeleanu
f137ded5aa Build [v1.8.9] (Runtime Permission Healing for Docker Volumes) 2026-04-13 20:32:40 +03:00