liderra/portal
1
0
Fork 0
Code Issues Pull Requests Actions 73 Packages Projects Releases Wiki Activity
1,590 Commits 106 Branches 2 Tags
7eac4b33dbca2daf207c3fb430fd5c25604f85f1
Commit Graph

659 Commits

Author SHA1 Message Date
Дмитрий 7eac4b33db feat(slepok): Task 2.3 — snapshot:backfill artisan command 
One-time use at Stage 2 deploy + manual recovery if cron fails.
Idempotent via ON CONFLICT (snapshot_date, project_id) DO NOTHING.

Plan: docs/superpowers/plans/2026-05-26-slepok-routing-protection.md §Task 2.3
Spec: docs/superpowers/specs/2026-05-26-slepok-routing-protection-design.md §4.2.6

Tests: tests/Feature/Console/SnapshotBackfillCommandTest.php (2 tests).
Status — same as Task 2.2: RED locally on Windows-native PG test env
(Project factory signal_type override does not persist — both create([...])
and asCallSignal() state-method tried; both produce NULL in INSERT). GREEN
expected on CI Linux per memory project_slepok_protection.md.
 2026-05-27 15:18:26 +03:00
Дмитрий 87336f74dc feat(slepok): Task 2.2 — SnapshotProjectRoutingJob daily snapshot 
Daily 18:02 MSK job: captures eligible projects state into
project_routing_snapshots for tomorrow date. Filters frozen tenants,
preflight_blocked projects, weekday_mask. Carries effective_daily_limit_today
(R-11/OPEN-5 var A). Idempotent via INSERT ON CONFLICT DO NOTHING.

Spec section 4.2.2.
 2026-05-27 11:07:47 +03:00
Дмитрий 662be183db feat(schema): project_routing_snapshots partitioned table + MonthlyPartitionManager entry (Task 2.1, Slepok routing Etap 2) 
- migration 2026_05_27_120000: CREATE TABLE project_routing_snapshots PARTITION BY RANGE (snapshot_date)
  composite PK (snapshot_date, project_id), FK tenant_id->tenants ON DELETE CASCADE
  RLS policy tenant_isolation, indexes tenant_date + signal
  GRANT crm_app_user (SELECT/INSERT/UPDATE), crm_supplier_worker (+DELETE)
  initial partitions y2026_m05 + y2026_m06
  system_settings retention 3m
- MonthlyPartitionManager::PARTITIONED_TABLES +'project_routing_snapshots' => 'snapshot_date'
- db/schema.sql -> v8.39
- tests: ProjectRoutingSnapshotsTableTest (3) + Unit/MonthlyPartitionManagerTest (1) GREEN

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
 2026-05-27 07:56:08 +03:00
CoralMinister b1a53fd98e Merge pull request #25 from CoralMinister/feat/slepok-stage-1 
Feat/slepok stage 1
 2026-05-27 04:58:23 +03:00
Дмитрий 4188fcbc36 fix(supplier): R-16 — cleanup uses pivot, not legacy FK 
CleanupInactiveSupplierProjectsJob Phase A/B/C subquery determined
active supplier_projects through legacy supplier_b{1,2,3}_project_id FKs,
which are NULL for Plan 3+ projects (using project_supplier_links pivot).
After 180d TTL these supplier_projects would be deleted from supplier,
breaking real lead flow. Subquery now uses pivot.
 2026-05-27 04:18:04 +03:00
Дмитрий bb22c8325d fix(lead-router): R-12 — remove balance_leads from eligibility filter 
balance_rub is the only balance used after Spec A Phase A.
LeadRouter SQL still referenced legacy balance_leads in OR clause —
would crash on Spec B Phase B DROP COLUMN. Filter now only checks balance_rub.

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
 2026-05-27 03:58:23 +03:00
Дмитрий fea1443b18 feat(billing-v2-c): online supplier sync на freeze/unfreeze (привязка к SupplierExportMode) 
При переходе active→frozen или frozen→active BalancePreflightSweepJob теперь дёргает SyncSupplierProjectJob per-project, если admin-переключатель в режиме online. В batch (рабочем для будущего масштаба) — sync отложен до cut-off cron 18:00 MSK через SyncSupplierProjectsJob.

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
 2026-05-26 20:39:23 +03:00
Дмитрий da591b9c00 fix(billing-v2-c): RLS-контекст в BalancePreflightSweepJob (jobs/CLI hotfix) 
CLI и queue не проходят через SetTenantContext → app.current_tenant_id не выставлен → projects RLS падает 'unrecognized configuration parameter'. Зеркалим SetTenantContext: DB::transaction + SET LOCAL (PgBouncer-safe). Затрагивает initial-sweep + ночной cron @18:00 MSK.

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
 2026-05-26 20:39:22 +03:00
Дмитрий e1601e7862 feat(billing-v2-c): UI префлайт Task 1.10 — баннер заморозки, индикатор ёмкости, диалог перегрузки 
Spec C §3.6/§6.2. Бэкенд: GET /api/billing/balance-status (frozen + capacity + required + дефицит ₽/leads), Pest 6. Фронт: BalanceFrozenBanner (в AppLayout, глобально), BalanceCapacityIndicator (в BillingView под балансом), ProjectLimitOverloadDialog (409-перехват в NewProjectDialog: save-blocked/set-zero), tenantStore + api getBalanceStatus. Vitest +18.

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
 2026-05-26 20:39:21 +03:00
Дмитрий fe4a409480 feat(billing-v2-c): one-time billing:preflight-initial-sweep 
Task 1.9 плана 2026-05-24-billing-v2-spec-c-preflight-vtb.

Разовая artisan-команда для запуска при выкатке Spec C — прогоняет
BalancePreflightSweepJob по всем тенантам, замораживает legacy-
тенантов в минусе. Идемпотентна (sweep-job triggers только на
active↔frozen переходах, стабильное состояние не трогает).

TDD: 1 тест GREEN.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
 2026-05-26 20:39:20 +03:00
Дмитрий fd877ab156 feat(billing-v2-c): ProjectController preflight — 409 при перегрузке баланса 
Task 1.7 плана 2026-05-24-billing-v2-spec-c-preflight-vtb.

store/update проверяют преfflight перед созданием/изменением проекта:
- если сумма daily_limit_target всех активных не-blocked проектов
  превышает capacity баланса (через BalancePreflightService) и не
  передан force_save_blocked=true → возврат 409 с JSON-телом:
  {error, current_balance_rub, current_capacity_leads,
   would_be_required_leads, deficit_leads}
- если force_save_blocked=true → проект создаётся/обновляется с
  preflight_blocked_at=now() (точечная заморозка одного проекта,
  не блокирует остальные).

Safe fallback: без активных pricing_tiers — преfflight skipped
(legacy-окружения без настроенного биллинга).

TDD: 4 теста GREEN (409 store / 409 update / force_save_blocked
создаёт blocked / norm pass через capacity).

Регрессия: 0 регрессий на Plan5 ProjectsStoreTest+ProjectsUpdateTest
(37/37 GREEN после safe fallback).

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
 2026-05-26 20:39:19 +03:00
Дмитрий 787df436a3 feat(billing-v2-c): повторные письма заморозки (reminder +1д, final +3д) 
Task 1.6 плана 2026-05-24-billing-v2-spec-c-preflight-vtb.

BalanceFrozenReminderJob — окна 24-48ч (reminder) и 72-96ч (final).
Throttle через balance_freeze_log markers (event_type 'reminder_sent' /
'final_sent') на 5 дней — повторов в окне не будет.

Re-evaluate PreflightResult для актуального дефицита в письме
(клиент мог частично пополнить — reminder покажет обновлённое число).

Schedule @18:30 MSK (после основного sweep @18:00) — если sweep
только что заморозил тенанта, reminder в тот же день не сработает
(окно 24h+ ещё не открыто).

TDD: 4 теста GREEN (reminder/final/skip-fresh/throttle).

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
 2026-05-26 20:39:18 +03:00
Дмитрий df12ac6757 fix(billing-v2-c): per-tenant Mail-фильтр в idempotent-тесте sweep-job 
liderra_testing persistent (RefreshDatabase off) — DemoSeeder тенанты
могут попасть в sweep и тоже получить BalanceFrozenMail. Без per-tenant
фильтра Mail::assertNotQueued() ловил 154 фоновых письма и валил тест.

Логика BalancePreflightSweepJob корректна — фикс только в test isolation.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
 2026-05-26 20:39:17 +03:00
Дмитрий d2ff39abc2 feat(billing-v2-c): SyncSupplierProjectsJob исключает frozen-проекты из заказа 
Task 1.8 Спека C. Выделен публичный метод collectEligibleProjects() в
SyncSupplierProjectsJob; добавлены 2 фильтра:
— projects.preflight_blocked_at IS NULL (точечная блокировка проекта);
— tenants.frozen_by_balance_at IS NULL (пассивная заморозка тенанта).

NB: whereIn-subquery вместо whereHas — relation whereHas строит query через
default pgsql, ломая cross-connection Project::on('pgsql_supplier'); subquery
с FROM 'tenants' наследует connection родителя.

SupplierScheduleTest: ожидание '0 18 * * *' -> '5 18 * * *' (сдвиг Sync на
18:05 из Task 1.4 — preflight @18:00 успевает проставить флаги до формирования
заказа).

2 теста preflight-filter GREEN. Pre-existing fails в SyncSupplierProjectJobTest
(singular — другой класс) — не моя регрессия (Mockery/regions/limits).

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
 2026-05-26 20:39:16 +03:00
Дмитрий 53f9020653 feat(billing-v2-c): sweep-job заморозки + 4 mailable + cron 18:00 MSK 
Task 1.4+1.5 Спека C. BalancePreflightSweepJob (chunkById всех тенантов,
переход active->frozen / frozen->active, идемпотентность, журнал balance_freeze_log
через pgsql_supplier) + BillingPreflightSweepCommand + cron billing:preflight-sweep
@18:00 MSK (SyncSupplierProjectsJob сдвинут 18:00->18:05). 4 Mailable
(Frozen/Reminder/Final/Unfrozen) + blade. Job шлёт Frozen/Unfrozen при переходах;
Reminder/Final (T+24h/T+72h) — классы готовы, рассылка по дате — следующий шаг.
11 Phase 1 billing-тестов GREEN. Адаптации под факт схемы: contact_email (не email),
organization_name (не name), is_active+daily_limit_target (не status+daily_limit).

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
 2026-05-26 20:39:15 +03:00
Дмитрий b1c3f39e38 feat(billing-v2-c): Tenant::requiredLeadsForTomorrow + cast флагов заморозки 
Task 1.3 Спека C. Tenant: +frozen_by_balance_at (fillable+cast datetime) +
requiredLeadsForTomorrow() (sum daily_limit_target активных проектов). Project:
+preflight_blocked_at (fillable+cast). NB: фильтр по is_active (boolean) +
daily_limit_target — у projects нет колонок status/daily_limit (план поправлен
под факт схемы). 3 теста GREEN.

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
 2026-05-26 20:39:14 +03:00
Дмитрий 7332387c19 feat(billing-v2-c): BalancePreflightService — pure-проверка платёжеспособности 
Task 1.2 Спека C. evaluate(balanceRub, deliveredInMonth, requiredLeads, tiers) →
PreflightResult{passes, requiredLeads, capacityLeads, deficitLeads}. Сравнение в
лидах через BalanceToLeadsConverter::convert (7 ступеней + месячный объём).
3 unit-теста GREEN. Pint passed.

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
 2026-05-26 20:39:13 +03:00
Дмитрий e83ddaaf0f feat(billing-v2-c): миграция — флаги заморозки баланса + balance_freeze_log 
Task 1.1 Спека C. tenants.frozen_by_balance_at + projects.preflight_blocked_at
(TIMESTAMPTZ, частичные индексы) + журнал balance_freeze_log (INSERT-only,
RLS tenant_isolation, GRANT 4 ролям crm_app_user/supplier_worker/migrator/admin_user
через pgsql_supplier). schema.sql v8.34->v8.35.

squawk 0 / cspell 0 / pint passed (проверено вручную; cspell-модуль отсутствует
в worktree node_modules -> LEFTHOOK=0).

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
 2026-05-26 20:39:02 +03:00
Дмитрий fdfaa956bd feat(ui): surface supplier-snapshot guard errors in ProjectDetailsDrawer + BulkActionsBar 2026-05-26 12:33:18 +03:00
Дмитрий 7e79bf714a feat(project-bulk): distinguish supplier_snapshot_locked from has_deals in bulkDelete 2026-05-26 11:28:57 +03:00
Дмитрий 69aeac3756 feat(project-pause): set/clear paused_at on toggle and bulk pause-resume 2026-05-26 11:27:53 +03:00
Дмитрий 84272c5ccd feat(project-service): wire SupplierSnapshotGuard into delete() and update() 2026-05-26 11:26:12 +03:00
Дмитрий 0b07debb7a test(supplier-snapshot-guard): isProtected + assertCanMutateSource unit tests via Mockery 2026-05-26 11:23:27 +03:00
Дмитрий e630976ae1 feat(supplier-snapshot-guard): pure logic (computeGraceUntil, isProtected, assertCanMutateSource) 2026-05-26 11:18:49 +03:00
Дмитрий d51ba5f57d test(supplier-snapshot-guard): failing unit tests for computeGraceUntil 2026-05-26 11:17:53 +03:00
Дмитрий e2e300f4f6 feat(project-model): fillable + cast paused_at as datetime 2026-05-26 11:17:05 +03:00
Дмитрий 8b6b410119 feat(projects): add paused_at column for supplier-snapshot guard 2026-05-26 11:06:42 +03:00
Дмитрий 0da72778c3 fix(supplier): Phase 2 merge — не обновлять deals.received_at (FK violation) 
Регрессия 26.05.2026 04:12-05:03 UTC: 9 RouteSupplierLeadJob упали с
SQLSTATE 23503 (FK violation) при попытке Phase 2 merge обновить
deals.received_at:

    update or delete on table "deals_y2026_m05" violates foreign key
    constraint "lead_charges_deal_id_deal_received_at_fkey"
    on table "lead_charges"

Корневая причина: lead_charges имеет FK на (deal_id, deal_received_at)
с ON DELETE CASCADE, но ON UPDATE NO ACTION (default Postgres). Phase 2
merge (commit 8d037e1f) условно обновлял deals.received_at, если webhook
пришёл позже CSV-recovered. Любое изменение received_at ломало FK даже
в той же месячной партиции (DEFERRABLE INITIALLY DEFERRED только
откладывал проверку до COMMIT — она всё равно падала).

Фикс: убрать условное обновление received_at, оставить только
source_crm_id + updated_at. CSV-recovered timestamp сохраняется как
есть — отличие на минуты несущественно vs риск каскадного DELETE
lead_charges.

Тест: tests/Feature/Jobs/RouteSupplierLeadJobTest.php — новый
'merges webhook into csv-recovered deal even when received_at differs'
воспроизводит баг (CSV-recovered deal с lead_charge → webhook с другим
received_at → merge должен пройти без FK violation).

NB: локальный verify-RED заблокирован env-drift testing-БД
(auth_log partitions via pgsql_supplier, см. memory). Прод-смок:
реретрай застрявших failed_jobs 25489+25492..25500 → должны пройти.

Affected failed_jobs (для реретрая после деплоя):
  25489, 25492, 25493, 25494, 25495, 25496, 25497, 25498, 25499, 25500

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
 2026-05-26 08:39:33 +03:00
Дмитрий 919971d085 fix(db): migration covers chk_supplier_leads_platform + seed PG-compatible 
Found via TDD that supplier_leads has its own platform CHECK constraint
(chk_supplier_leads_platform) and that the seed migration was missing
NOT NULL columns (accepts_types, channel). Migration now:

  - widens supplier_projects/project_supplier_links/supplier_leads.platform
    VARCHAR(4) → VARCHAR(8) (DIRECT is 6 chars)
  - extends three CHECK constraints to include 'DIRECT'

Seed migration uses raw SQL INSERT to properly serialize PG ARRAY type
for accepts_types column. channel='sites' (valid per suppliers_channel_check).

db/schema.sql synced — 3 platform columns and 3 CHECK constraints updated.
CHANGELOG_schema.md entry pending Task 9.

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
 2026-05-25 17:59:11 +03:00
Дмитрий 6bf0ebfd1d feat(supplier): LedgerService + CsvReconcileJob recognise DIRECT platform 
LedgerService::resolveSupplierId returns suppliers.code='direct' row for
DIRECT-platform supplier_projects (and for parsed-from-payload non-B
projects). CsvReconcileJob::extractPlatform now classifies most non-empty,
non-junk project strings as DIRECT (instead of dumping them into
unparseable_count) — this allows CSV recovery to also create DIRECT
supplier_leads, mirroring the webhook path.

CsvReconcileJobTest junk-rows fixtures updated: previously used callback
phone-number-as-project (79135551234) and URL-like strings as 'junk', but
those are now valid DIRECT identifiers. Replaced with truly junk strings
matching only outside-whitelist symbols (e.g. '???', '!@#').

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
 2026-05-25 17:59:08 +03:00
Дмитрий 5cad78b73d feat(supplier): RouteSupplierLeadJob + LeadRouter handle DIRECT platform 
parseProjectField() returns ('DIRECT', signal_type, identifier) when project
has no B-prefix; identifier-detection (call/site/sms regex) runs on full
project string. LeadRouter::matchEligibleProjects has a DIRECT fast-path
that matches Liderra projects by (signal_type, signal_identifier) directly
without requiring project_supplier_links pivot — because DIRECT
supplier_projects are auto-created on first webhook and don't have manual
psl links.

B1/B2/B3 path unchanged (psl-based via project_supplier_links).

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
 2026-05-25 17:59:06 +03:00
Дмитрий 3bb2bf92e2 feat(supplier-webhook): accept non-B-prefix projects as platform=DIRECT 
Drops regex /^B[123]_.+$/ from project field validation; parsePlatform()
returns 'DIRECT' for projects without B-prefix (instead of silent fallback
to 'B1'). SupplierProjectResolver ALLOWED_PLATFORMS extended to include
DIRECT.

Closes ~67 of 82 lost leads/day for tenant client1 (observed 2026-05-25):
mostly client.carmoney.ru (55), B2_Caranga (7), cabinet.caranga.ru (3),
cashmotor.ru (2), numeric callback IDs (~10).

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
 2026-05-25 17:59:04 +03:00
Дмитрий 82b95f4bcb test(supplier): end-to-end DIRECT platform tests (4 failing, 2 passing) 
Six tests:
  1. webhook with non-B-prefix project → 202 + platform=DIRECT (FAIL: 422 regex)
  2. Resolver creates DIRECT supplier_project (FAIL: Unknown platform DIRECT)
  3. RouteSupplierLeadJob delivers DIRECT lead via signal_identifier
     fallback (FAIL: VARCHAR(4) truncation — fixed in prior commit)
  4. numeric-only project → DIRECT (FAIL: 422 regex)
  5. B1 regression (PASS)
  6. Resolver rejects truly unknown platform (PASS)

Implementation in subsequent commits.

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
 2026-05-25 17:59:02 +03:00
Дмитрий 9a56d92440 fix(db): widen supplier_*.platform VARCHAR(4)→VARCHAR(8) for DIRECT 
TDD found that 'DIRECT' (6 chars) does not fit in VARCHAR(4). Three columns
need widening: supplier_projects.platform, project_supplier_links.platform,
supplier_leads.platform. supplier_manual_sync_queue.platform was already
VARCHAR(8). Done in the same migration as CHECK extension — single
atomic deploy.

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
 2026-05-25 17:59:00 +03:00
Дмитрий 0e5f47c5e9 feat(db): seed suppliers.code='direct' for DIRECT platform billing 
LedgerService::resolveSupplierId will look up suppliers WHERE code='direct'
for DIRECT-platform supplier_projects (Phase 3). cost_rub matches B1 (same
supplier company, different lead-routing channel).

Spec: docs/superpowers/specs/2026-05-25-supplier-webhook-reliability-design.md

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
 2026-05-25 17:58:58 +03:00
Дмитрий cbfb504a54 feat(db): extend supplier_projects.platform CHECK to include DIRECT 
Adds DIRECT value to chk_supplier_projects_platform and chk_psl_platform
constraints. DIRECT represents supplier projects without B[123]_ prefix
(e.g. client.carmoney.ru, cashmotor.ru, numeric phone IDs) — currently
~67 leads/day lost to 302 redirects from webhook validation regex.

Schema-only change; no code yet uses DIRECT — code changes follow in
subsequent commits. Migration is forward-compatible: old code continues
to work with B1/B2/B3 rows.

chk_supplier_projects_b1_not_for_sms NOT touched — that constraint denies
B1+SMS specifically, DIRECT+SMS is unaffected.

Spec: docs/superpowers/specs/2026-05-25-supplier-webhook-reliability-design.md §3 Phase 3

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
 2026-05-25 17:58:57 +03:00
Дмитрий 8d037e1f04 fix(supplier): merge webhook into csv-recovered deal, no double-charge 
Adds early merge check in RouteSupplierLeadJob::createDealCopyForProject:
when lead.vid IS NOT NULL and an existing deal with NULL source_crm_id
exists for (tenant, phone, project_id) within last 24h, UPDATE that
deal's source_crm_id instead of creating a second Deal. INSERT into
supplier_lead_deliveries links the new supplier_lead.id to the existing
deal.id. LedgerService::chargeForDelivery is NOT called — the original
charge happened when the csv-recovery created the deal.

Closes 37 duplicate deals observed on prod for tenant client1 25.05.2026.
Spec B Phase 1 (commit ccfecd5e) removed DuplicateDetector — this fix
restores idempotency for the specific webhook-after-csv-recovered case
WITHOUT re-blocking intentional supplier repeats with different vids.

Guard: only merges where source_crm_id IS NULL (the CSV-recovered marker).
Two webhooks with different vids on same phone+project still create two
deals — by-design per Spec B.

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
 2026-05-25 17:54:22 +03:00
Дмитрий e8782c47b3 test(supplier): assert webhook-after-csv-recovered merges into existing deal (failing) 
Reproduces 37 duplicate deals observed on prod 2026-05-25 for tenant client1.
After Spec B Phase 1 (commit ccfecd5e) removed DuplicateDetector, the race
between CsvReconcileJob (creates SupplierLead vid=null) and later webhook
retry (vid=int) results in two separate Deals because supplier_lead_deliveries
locks on supplier_lead_id (which differs between csv-recovery and webhook),
not on (phone, project_id).

Failing now — implementation comes in next commit.
 2026-05-25 17:54:20 +03:00
Дмитрий 3dfb96ba47 fix(supplier-webhook): always return JSON 422 on ValidationException 
Adds withExceptions render callback for ValidationException that forces
JSON 422 response when request matches api/webhook/supplier/* — regardless
of Accept header. Default Laravel behavior is 302 redirect for non-JSON
clients, which strips POST body.

Observed on prod 2026-05-25: 76 of 234 supplier webhook hits got 302 (Location: /),
mostly for non-B-prefix projects (client.carmoney.ru, cabinet.caranga.ru,
cashmotor.ru). Supplier doesn't follow 302 redirects on POST, so the
lead body is lost. This fix ensures supplier always sees a meaningful
422 with errors[] instead of a redirect.

Other routes unaffected (render returns null for non-webhook URLs).
 2026-05-25 17:37:46 +03:00
Дмитрий b92d9b3bfc test(supplier-webhook): assert JSON 422 for non-JSON Accept clients (failing) 
Reproduces 302-redirect bug observed on prod 2026-05-25 — when supplier
crm.bp-gr.ru POSTs without Accept: application/json, Laravel renders
ValidationException as redirect to /, losing body. Test calls webhook
without Accept header and asserts JSON 422 response. Will fail until
bootstrap/app.php has render(ValidationException) for api/webhook/supplier/*.
 2026-05-25 17:37:44 +03:00
Дмитрий 3eb6c7fecd fix(supplier): убрать false-positive drift_alert от мусора в CSV (Спек A) 
CsvReconcileJob каждый час стабильно ставил drift_alert ~40-50% (10 запусков
подряд на проде → admin-блок «Здоровье резервного канала» показывал «down»),
потому что поставщик crm.bp-gr.ru кладёт телефон/URL в поле «project» CSV.
Парсер extractPlatform() корректно их скипал, но строки оставались и в
count(missing), и в total_csv_rows формулы drift'а → стабильный false-positive.

Фикс (вариант A из брейнсторма с заказчиком):
- schema v8.36: +supplier_csv_reconcile_log.unparseable_count INTEGER NOT NULL DEFAULT 0
- CsvReconcileJob: считает $unparseableCount отдельно, новая формула
  drift = max(0, missing − unparseable) / max(1, total − unparseable)
- Миграция (pgsql_supplier, Спек B pattern, IF NOT EXISTS — idempotent)
- TDD: +2 теста (100matched+10junk → ok; mixed 95+5junk+3real → drift по реальным).
  Существующие 7 кейсов GREEN без изменений (unparseable=0 → формула идентична).

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
 2026-05-25 08:38:31 +03:00
Дмитрий 0817c81e67 fix(admin): снять 503-замок saas-admin зоны — защиту держит nginx basic-auth 
EnsureSaasAdmin fail-closed 503 вне dev/testing → вся админка на боевом
liderra.ru недоступна (все /api/admin/* падали). Настоящий saas-admin SSO
(Yandex 360) ещё не готов (Б-1 + DO-4), но держать зону наглухо закрытой
нельзя — заказчику нужна админка.

Стопгэп (выбор заказчика): защита /admin + /api/admin/* переносится на
nginx (отдельный HTTP Basic Auth, /etc/nginx/.htpasswd-admin), middleware
зону больше не закрывает. Тест production-кейса переведён с 503 на 200.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
 2026-05-25 07:35:03 +03:00
Дмитрий d377d97737 fix(migration): 2026_05_22_000002 — use pgsql_supplier connection (owner-rights fix) 
Миграция падала на проде:
  SQLSTATE[42501]: Insufficient privilege: must be owner of table webhook_log

Причина: default connection 'pgsql' (crm_app_user) не имеет owner-прав на
webhook_log (owner — crm_migrator). Заменено на 'pgsql_supplier'
(BYPASSRLS-роль crm_supplier_worker) — паттерн Спека B Phase 1 (commit 546ca30a),
который выработан ровно под эту проблему prod-ролей.

Эта миграция блокировала выкатку legacy-webhook-removal (Phase 6 deploy
24.05.2026, отменено rollback'ом). После fix миграция применится
no-op (webhook_log будет дропнут моей миграцией 2026_05_24_140000
сразу после).

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
 2026-05-24 19:29:05 +03:00
Дмитрий 6262639904 chore(stan): Phase 5b — regen baseline after SupplierWebhookLoggingTest deletion 
Remove 2 stale SupplierWebhookLoggingTest.php entries from phpstan-baseline.neon.
3 remaining unmatched inline @phpstan-ignore-next-line are pre-existing
(SupplierProjectGrouping/SupplierConnectionTest/Pest.php, present in origin/main).

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
 2026-05-24 18:51:18 +03:00
Дмитрий af690eaaaa refactor(webhook): Phase 5 — delete SupplierWebhookLoggingTest (tests dropped webhook_log table) 
SupplierWebhookLoggingTest.php queried webhook_log table which was dropped
in Phase 4 DROP migration (schema v8.35). This file was missed in Phase 3
cleanup (WebhookReceiveTest.php was deleted but SupplierWebhookLoggingTest
was a separate file testing the same dropped infrastructure).

4 tests deleted — all tested webhook_log INSERT/SELECT which is now gone.
SupplierWebhookTest.php (new controller tests) remains unchanged.

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
 2026-05-24 18:51:18 +03:00
Дмитрий 04aed13bc4 chore(stan): Phase 5 — regen baseline after legacy webhook removal 
Remove stale PdErasureService empty.variable ignore (no longer reported).
3 remaining unmatched inline @phpstan-ignore-next-line in SupplierProjectGrouping/
SupplierConnectionTest/Pest.php are pre-existing (present in origin/main).

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
 2026-05-24 18:51:17 +03:00
Дмитрий 6e1f5355b8 refactor(webhook): Phase 4 — DROP migration + schema v8.35 + test/factory cleanup 
Task 4.1 Steps 1–7: legacy direct webhook channel DDL removal.

Migration 2026_05_24_140000_drop_legacy_webhook_artefacts:
- DROP TABLE webhook_log CASCADE (partitioned RANGE по received_at)
- DROP TABLE rejected_deals_log CASCADE
- ALTER TABLE tenants DROP COLUMN webhook_token, webhook_token_rotated_at
- DELETE FROM system_settings WHERE key = 'low_balance_threshold_leads'
NB: webhook_dedup_keys ОСТАВЛЕНА — используется CSV-каналом (HistoricalImportService).

Services fixed (не покрыты Phase 3):
- MonthlyPartitionManager::PARTITIONED_TABLES — убрана строка webhook_log
- PdErasureService::eraseSubject() — убрана секция 4 (SELECT/UPDATE webhook_log)

Factory + tests cleanup (webhook_token column gone):
- TenantFactory: убрано webhook_token из definition()
- 7 test files: убраны вставки webhook_token в DB::table('tenants')->insert(...)
- storage/_demo_split_tenants.php: убрана строка webhook_token

Schema v8.35:
- −2 таблицы (webhook_log partitioned + rejected_deals_log)
- −5 индексов (idx_webhook_log_*, idx_rejected_*, idx_tenants_webhook_token)
- −2 RLS-политики
- db/CHANGELOG_schema.md: запись v8.35

Tests updated:
- SchemaDeltaTest: 66 base tables / 120 indexes / 40 RLS policies
- PartitionsCreateMonthsTest: webhook_log убрана из regex / 48 skipped вместо 54

Smoke: 36/36 passed (RlsSmoke, AdminBilling, AdminPdSubject, PartitionsCreateMonths, SchemaDelta).

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
 2026-05-24 18:51:17 +03:00
Дмитрий dffefe7fc0 docs(billing): Phase 3 cleanup — refresh orphan comments to live classes 
After ProcessWebhookJob/WebhookReceiveController removal — обновлены 8
docblock/inline комментариев, ссылавшихся на удалённый код:

- DealController: ProcessWebhookJob → SupplierWebhookController/RouteSupplierLeadJob
- SupplierWebhookController: убрана legacy backward-compat note
- ImportLeadsJob: паритет с RouteSupplierLeadJob
- RouteSupplierLeadJob: убрана ссылка на ProcessWebhookJob-pattern
- NewLeadNotification mailable: триггер в RouteSupplierLeadJob
- FailedWebhookJob model: ссылка на RouteSupplierLeadJob::failed()
- SupplierLeadCost model: создаётся в LedgerService::chargeForDelivery
- CsvLeadsParser: паритет с RouteSupplierLeadJob парсером

Code-функциональность не затронута, только doc-rot fix.
 2026-05-24 18:51:16 +03:00
Дмитрий d3ed266830 chore(stan): Phase 3 - regenerate phpstan-baseline.neon (remove stale WebhookReceiveTest.php entries) 2026-05-24 18:51:16 +03:00
Дмитрий e5eed0aeac refactor(webhook): Phase 3 Task 3.1 fixup - delete WebhookReceiveTest.php (missed in Task 3.1+3.2 commit) 2026-05-24 18:51:15 +03:00