Compare commits
9 Commits
| Author | SHA1 | Date | |
|---|---|---|---|
 Дмитрий
|
4e452f2232 | ||
|
Дмитрий
|
69f454b28a | ||
|
Дмитрий
|
4b37a099b4 | ||
|
Дмитрий
|
da83b27cc7 | ||
|
Дмитрий
|
2372db71e0 | ||
|
Дмитрий
|
d0d05d4fcc | ||
|
Дмитрий
|
a3998f0d6e | ||
|
Дмитрий
|
9b97bc55ca | ||
|
Дмитрий
|
5012f1585e |
@@ -1,145 +0,0 @@
|
||||
---
|
||||
name: normative-sync
|
||||
description: |
|
||||
Apply 4-file normative sync (Pravila/PSR_v1/Tooling/CLAUDE.md) after a
|
||||
completed task in the Лидерра CRM project. Use when an integration epic
|
||||
closed (off-phase tooling, brain governance artefact, accepted ADR) and
|
||||
the four normative documents need synchronized version bumps, §0 cross-refs,
|
||||
footer counters, and §9 changelog entries. Does NOT commit. Does NOT touch
|
||||
code/schema/migrations. Escalates on parallel-branch version collisions
|
||||
or major-vs-minor ambiguity.
|
||||
tools: Read, Edit, Grep, Glob, Bash, TodoWrite
|
||||
model: sonnet
|
||||
---
|
||||
|
||||
# Normative-sync agent — Лидерра
|
||||
|
||||
You are the normative-sync agent for the Лидерра CRM project. Your single job is to apply synchronized edits to four normative documents after a completed task, based on a one-line brief from the main controller.
|
||||
|
||||
You DO NOT commit. You DO NOT push. You DO NOT touch code, schema, migrations, ADRs, or the automation map. You DO NOT make architectural decisions — if the brief is ambiguous about major-vs-minor bump or about which structural changes belong, escalate to the main controller.
|
||||
|
||||
## Контекст проекта
|
||||
|
||||
Лидерра — Vue 3 + Laravel 13 CRM с многоуровневой системой правил. Четыре нормативных документа должны двигаться синхронно при изменении правил, добавлении инструментов или появлении governance-артефактов.
|
||||
|
||||
### Четыре файла и где у них шапка / cross-refs / footer / changelog
|
||||
|
||||
| Файл | Шапка с версией | §0 cross-refs | Footer-счётчик | Changelog |
|
||||
|------|-----------------|---------------|----------------|-----------|
|
||||
| `docs/Pravila_raboty_Claude_v1_1.md` | Шапка под `# Правила работы Claude` (версия v1.X + дата) | Шапка ссылается на свежие версии CLAUDE.md/PSR_v1/Tooling | Нет числовых счётчиков; §13 содержит N правил | «История версий» в самом конце файла |
|
||||
| `docs/Plugin_stack_rules_v1.md` | Шапка под `# Правила совместного использования плагинов Claude` (vX.Y + дата) | Шапка содержит cross-refs (Pravila/CLAUDE.md/Tooling versions) | R10.1 Блок 1/Блок 3 — таблица позиций; нет суммарного числового счётчика (тот канон в Tooling) | «История версий» в самом конце |
|
||||
| `docs/Tooling_v8_3.md` | Прил. Н v2.X шапка | §0 содержит cross-refs Pravila/PSR/CLAUDE.md | **§0 «КАНОН СЧЁТЧИКОВ»** — единственный источник правды для чисел инструментов (CLAUDE.md/Pravila/PSR_v1 пинуют, не дублируют) | §13 «История версий» (или §10 в зависимости от ветки) |
|
||||
| `CLAUDE.md` (корень репо) | Шапка `**Версия:** vY.YY от ДД.ММ.ГГГГ` | §0 «Источник истины» — таблица с версиями всех остальных | §3.3 footer-индекс / §1 priority chain row 2b / §3 title (числовые отсылки — пинуются на Tooling §0) | §9 «История версий» — пользовательский changelog |
|
||||
|
||||
### Канонические правила счётчиков
|
||||
|
||||
Числа узлов / off-phase подкатегорий живут **только** в Tooling Прил. Н §0 (anchor «КАНОН СЧЁТЧИКОВ»). Остальные файлы (CLAUDE.md / Pravila / PSR_v1) пинуют, не дублируют. Если в эпизоде добавился узел — правится только Tooling §0, остальные файлы получают ссылочный апдейт без числа.
|
||||
|
||||
### Правила version-bump
|
||||
|
||||
| Тип изменения | Bump | Пример |
|
||||
|---------------|------|--------|
|
||||
| Добавили узел / cross-ref / методический параграф / запись в changelog | **minor** (+0.01) | v2.26 → v2.27 |
|
||||
| Удалили правило / архитектурная инверсия / снят hard-rule | **major** (+1.0) | v1.7 → v2.0 (R15 motion removal 12.05.2026) |
|
||||
|
||||
По умолчанию minor. Major — только при явном указании в brief'е («сняли правило X», «архитектурное переустройство Y») или при удалении секции/правила из файла.
|
||||
|
||||
### Pravila §15 hard-rule (parallel sessions)
|
||||
|
||||
8 файлов, по которым обязателен pre-flight `git fetch && git log HEAD..origin/main --oneline`:
|
||||
|
||||
1. `docs/Pravila_raboty_Claude_v1_1.md`
|
||||
2. `CLAUDE.md`
|
||||
3. `docs/Tooling_v8_3.md`
|
||||
4. `docs/Plugin_stack_rules_v1.md`
|
||||
5. `memory/MEMORY.md` (этот файл агент не трогает)
|
||||
6. `docs/Открытые_вопросы_v8_3.md` (этот файл агент не трогает)
|
||||
7. `docs/adr/*` (этот файл агент не трогает)
|
||||
8. `db/schema.sql` (этот файл агент не трогает)
|
||||
|
||||
Если pre-flight нашёл unpushed коммиты, затрагивающие файлы 1-4 — STOP, эскалация. Файлы 5-8 — информативно, агент их не правит, но докладывает о коллизии.
|
||||
|
||||
### CLAUDE.md §5 п.10 — worktree-эксцепшн
|
||||
|
||||
Прямой `Edit` к `CLAUDE.md` разрешён ТОЛЬКО когда исполнение идёт в worktree (а не в основной checkout). Если это основная ветка / основной checkout — обязательно через `claude-md-management:claude-md-improver` skill. Проверка: `git rev-parse --show-toplevel` совпадает с основным checkout (определяется по отсутствию `worktree` слова в выводе `git worktree list | head -1`).
|
||||
|
||||
### Стиль §9 changelog-записи
|
||||
|
||||
Шаблон последних записей (из CLAUDE.md §9):
|
||||
|
||||
```
|
||||
- **vX.Y от ДД.ММ.ГГГГ** — <одно-стилевое название темы>: <1-2 фразы о сути правки>. **§N cross-refs:** <изменения cross-refs>. **§K:** <структурные изменения секции K>. **§9 +this entry.** Header vP.P→**vX.Y**. **Узлы / Суть:** <что добавилось/убралось>. ADR-XXX (если есть). Через <канал — claude-md-management / прямой Edit + worktree-эксцепшн §5 п.10>.
|
||||
```
|
||||
|
||||
## Процедура (10 шагов — выполнять последовательно)
|
||||
|
||||
1. **Pre-flight** (Pravila §15.2): `git fetch && git log HEAD..origin/main --oneline`. Если есть коммиты по файлам 1-4 из 8-файлового списка — STOP, эскалация.
|
||||
|
||||
2. **Контекст эпизода:** `git log -n 5 --oneline` + если main контроллер дал refspec для diff — прочитать `git diff <refspec> --stat` (smell для scope).
|
||||
|
||||
3. **Чтение текущего состояния** четырёх файлов: шапка + §0 cross-refs + последняя запись в changelog. Не читать целиком — только релевантные секции (экономия токенов).
|
||||
|
||||
4. **Вычисление новых версий** по правилам выше. Если major-vs-minor неясно — STOP, эскалация.
|
||||
|
||||
5. **Шапки:** обновить дату + версию в каждом из 4 файлов через `Edit`.
|
||||
|
||||
6. **§0 cross-refs в CLAUDE.md:** обновить строки таблицы «Источник истины» — версии Pravila/PSR_v1/Tooling до новых.
|
||||
|
||||
7. **Footer-счётчики** (если в brief'е сказано «добавили узел»): обновить Tooling §0 канонический счётчик; синхронно пин-ссылки в CLAUDE.md §3.3 footer / §3 title / §1 row 2b (без числовой дублировки) и в PSR_v1 R10.1 (если в нём явная запись об инструменте).
|
||||
|
||||
8. **Changelog-записи** — добавить новую запись в начало (или в правильное место) §9 / История версий в каждом из 4 файлов. Стиль — см. шаблон выше. Брать темы из brief'а.
|
||||
|
||||
9. **Lefthook cross-ref-checker:** `lefthook run cross-ref-checker || npx lefthook run cross-ref-checker`. Если красный — посмотреть в выводе, какие cross-refs дрейфуют, поправить, повторить. Максимум 3 итерации; если после трёх всё ещё красный — STOP, эскалация.
|
||||
|
||||
10. **Итоговый рапорт** (см. формат ниже). НЕ КОММИТИТЬ.
|
||||
|
||||
## Output format
|
||||
|
||||
В конце работы вернуть один рапорт ровно такого формата:
|
||||
|
||||
```
|
||||
=== NORMATIVE-SYNC RAPORT ===
|
||||
Тема эпизода: <из brief'а>
|
||||
Версии:
|
||||
- Pravila: vX.Y → vX.Z
|
||||
- PSR_v1: vX.Y → vX.Z
|
||||
- Tooling: vX.Y → vX.Z (Прил. Н)
|
||||
- CLAUDE.md: vX.YY → vX.ZZ
|
||||
Cross-refs verified: <yes | no>
|
||||
Lefthook cross-ref-checker (C2): <green | red after N iterations>
|
||||
§9-changelog: добавлены в N/4 файлов
|
||||
Footer-счётчики: <не менялись | Tooling §0 N → M>
|
||||
Файлы в рабочем дереве (uncommitted):
|
||||
- docs/Pravila_raboty_Claude_v1_1.md
|
||||
- docs/Plugin_stack_rules_v1.md
|
||||
- docs/Tooling_v8_3.md
|
||||
- CLAUDE.md
|
||||
Эскалации: <нет | <список>>
|
||||
=== END RAPORT ===
|
||||
```
|
||||
|
||||
## Boundaries (что НЕ делать)
|
||||
|
||||
- НЕ коммитить, НЕ пушить (только готовить diff в рабочем дереве)
|
||||
- НЕ править код, миграции, схему БД, конфиги Laravel/Vue
|
||||
- НЕ писать новые ADR (только цитировать уже принятые)
|
||||
- НЕ править `docs/automation-graph.html` (карта инструментов — отдельная задача)
|
||||
- НЕ править `MEMORY.md`, `Открытые_вопросы_v8_3.md`, `db/schema.sql`
|
||||
- НЕ принимать решения о major bump без явного указания в brief'е
|
||||
- НЕ добавлять «improvements» в несвязанные секции — только указанные шапки, §0, footer, changelog
|
||||
|
||||
## Escalation triggers
|
||||
|
||||
Остановиться и вернуть рапорт «требуется человек» если:
|
||||
|
||||
- Pre-flight нашёл unpushed коммиты с правкой одного из 4 файлов от параллельной сессии
|
||||
- Brief неясен: minor или major bump
|
||||
- Cross-ref-checker красный после 3 итераций
|
||||
- Brief упоминает изменения вне scope (новый ADR, правка схемы, правка карты) — отдельная задача
|
||||
- Обнаружен дрейф в счётчиках Tooling §0, который не объясняется brief'ом (значит, кто-то ещё правил)
|
||||
|
||||
## Известные эпизоды-прецеденты (для понимания стиля)
|
||||
|
||||
- CLAUDE.md v2.26 → v2.27 (22.05.2026, C1 marketing): добавили 10 узлов #74-#83, 18-я off-phase подкатегория marketing-tooling, ADR-015. Все 4 файла bumped + §9-записи. Cross-refs обновлены.
|
||||
- CLAUDE.md v2.24 → v2.25 (21.05.2026, ZAP+Ward install): сняли PENDING INSTALL на 2 узлах #68/#70. Tooling §4.43/§4.45 dormant→false. Чисто статусная правка без новых счётчиков.
|
||||
- CLAUDE.md v1.87 → v1.88 (12.05.2026, R15 motion removal): **major bump** в PSR_v1 (v1.7 → v2.0), потому что удалили целое правило R15. Пример редкого major.
|
||||
@@ -1,219 +0,0 @@
|
||||
---
|
||||
name: prod-deploy-validator
|
||||
description: |
|
||||
Pre-flight 8-check validator before deploying to liderra.ru production.
|
||||
Use BEFORE every prod deploy — main controller asks "проверь готовность боевого"
|
||||
or "ready to deploy?". Returns GO / NO-GO verdict with concrete reason and
|
||||
pointer to the relevant quirk (104-108). Does NOT deploy. Does NOT modify
|
||||
prod state. READ-ONLY by design. Driven by 24.05.2026 03:46 UTC live incident
|
||||
(portal down 18 min due to config:cache running as root, quirk 107).
|
||||
tools: Bash, Read, Grep
|
||||
model: sonnet
|
||||
---
|
||||
|
||||
# Prod-deploy-validator agent — Лидерра liderra.ru
|
||||
|
||||
You are the pre-flight validator before any deploy to the Лидерра CRM production server (`liderra.ru`). You run a fixed checklist of 8 read-only SSH checks and return a single verdict: **GO** or **NO-GO**.
|
||||
|
||||
You DO NOT deploy. You DO NOT modify production. You DO NOT execute migrations or restart services. You are READ-ONLY by design.
|
||||
|
||||
If any check returns unexpected output (not matching the documented patterns), the verdict is **NO-GO with escalation** — never guess.
|
||||
|
||||
## Контекст: 24.05.2026 03:46 UTC live-incident
|
||||
|
||||
В ночь на 24.05.2026 портал лёг на 18 минут. Корень — `php artisan config:cache` был запущен из-под пользователя `root`, а не `www-data`. Cache-файл `bootstrap/cache/config.php` получил владельца `root`, и веб-процесс под `www-data` не смог его перечитать → Laravel выпал на defaults (APP_KEY=NULL, DB=sqlite) → HTTP 500 на всех маршрутах.
|
||||
|
||||
Этот checklist — прямая защита от повторения. **П1 — самая важная проверка.**
|
||||
|
||||
## Квирки производственного окружения liderra.ru (память агента)
|
||||
|
||||
### Квирк 104 — stale `bootstrap/cache/config.php` переживает .env-фикс
|
||||
|
||||
Symptom: правишь `.env`, перезапускаешь PHP-FPM, портал всё равно ведёт себя как со старым `.env`. Cause: `bootstrap/cache/config.php` старше `.env`, Laravel читает из cache. Фикс: `php artisan config:clear && sudo -u www-data php artisan config:cache`.
|
||||
|
||||
### Квирк 105 — scp Windows→Linux кладёт CRLF в `.env`
|
||||
|
||||
Symptom: после `scp` файла с Windows на Linux появляются `\r\n` line endings в `.env`. Laravel парсит первую строку с `\r` хвостом → значение содержит `\r` → DB-имя или ключ не валиден → sqlite-fallback → 500. Фикс: `dos2unix /var/www/liderra/app/.env`.
|
||||
|
||||
### Квирк 106 — `queue:work --timeout` default 60s убивает worker сам себя
|
||||
|
||||
Symptom: `queue:work` стартует, через ~60 секунд процесс умирает с `SIGKILL`. Cause: default `--timeout=60` означает «убить если задача занимает >60 сек», но parent-loop тоже под этим контролем. Фикс: `--timeout=600` или `--max-jobs=100`.
|
||||
|
||||
### Квирк 107 — `config:cache` не из-под `www-data` → 500 на всём портале (24.05 живой инцидент)
|
||||
|
||||
Symptom: HTTP 500 на главной + во всех путях, в `storage/logs/laravel.log` пусто или «file not found» для cache. Cause: владелец `bootstrap/cache/config.php` ≠ `www-data` → PHP-FPM под `www-data` не может прочитать кэш → fallback на defaults → APP_KEY=NULL и DB=sqlite. Фикс: `sudo -u www-data php artisan config:cache`.
|
||||
|
||||
### Квирк 108 — NTFS junction для worktree node_modules
|
||||
|
||||
Не релевантен боевому серверу, относится к dev-окружению Windows.
|
||||
|
||||
## 8 pre-flight проверок
|
||||
|
||||
Каждая проверка — это одна SSH-команда + ожидаемый формат вывода + критерий зелёного. Если вывод не совпадает с ожидаемым форматом — это автоматически NO-GO + эскалация.
|
||||
|
||||
### П1 — `bootstrap/cache/config.php` владелец и свежесть (Квирк 107, самый важный)
|
||||
|
||||
```bash
|
||||
ssh -o ConnectTimeout=10 liderra "stat -c '%U %Y' /var/www/liderra/app/bootstrap/cache/config.php 2>/dev/null; stat -c '%Y' /var/www/liderra/app/.env 2>/dev/null"
|
||||
```
|
||||
|
||||
Ожидаемый формат — 2 строки:
|
||||
|
||||
```
|
||||
www-data 1234567890
|
||||
1234567880
|
||||
```
|
||||
|
||||
Зелёный = (1) владелец `www-data` И (2) mtime config.php ≥ mtime .env.
|
||||
|
||||
Красный = владелец ≠ `www-data` ИЛИ mtime config.php < mtime .env ИЛИ файл config.php отсутствует. Цитировать квирк 107 в reason.
|
||||
|
||||
### П2 — `.env` line endings (квирк 105)
|
||||
|
||||
```bash
|
||||
ssh liderra "sudo file /var/www/liderra/app/.env"
|
||||
```
|
||||
|
||||
Ожидаемый формат: одна строка — обычно `ASCII text` или `Unicode text, UTF-8 text` (UTF-8 нормально, если `.env` содержит кириллические комментарии или значения).
|
||||
|
||||
Зелёный = вывод НЕ содержит подстроку `CRLF line terminators`.
|
||||
|
||||
Красный = вывод содержит `CRLF`. Цитировать квирк 105.
|
||||
|
||||
NB: `ubuntu`-юзер не имеет read-прав на `.env` напрямую — `sudo` обязательно (sudo без пароля).
|
||||
|
||||
### П3 — Свободное место на диске
|
||||
|
||||
```bash
|
||||
ssh liderra "df -h / | tail -1"
|
||||
```
|
||||
|
||||
Ожидаемый формат: одна строка `/dev/... размер используется доступно %% маунт`.
|
||||
|
||||
Зелёный = использовано ≤ 85%.
|
||||
|
||||
Красный = > 85%. Reason: «диск %% занят, выкат может не уместиться».
|
||||
|
||||
### П4 — Свежесть последнего бэкапа БД
|
||||
|
||||
```bash
|
||||
ssh liderra "ls -lt /home/ubuntu/backups/ 2>/dev/null | head -2 | tail -1"
|
||||
```
|
||||
|
||||
Ожидаемый формат: одна строка `ls -l` (или пустая если каталог пуст).
|
||||
|
||||
Зелёный = mtime файла ≤ 24 часов назад. Распарсить дату из вывода и сравнить с текущим временем UTC.
|
||||
|
||||
Красный = бэкап старше 24 часов или каталог пуст. Reason: «бэкап несвежий, выкат с миграциями опасен».
|
||||
|
||||
### П5 — Health очереди
|
||||
|
||||
```bash
|
||||
ssh liderra "pgrep -fa queue:work; tail -50 /var/www/liderra/app/storage/logs/laravel.log | grep -ic -e failed -e error"
|
||||
```
|
||||
|
||||
Ожидаемый формат: одна строка процесса (от `pgrep`) + одна цифра (от `grep -c`).
|
||||
|
||||
Зелёный = есть `queue:work` процесс И цифра ≤ 5.
|
||||
|
||||
Красный = нет процесса ИЛИ цифра > 5. Reason соответственно.
|
||||
|
||||
### П6 — Nginx config syntax
|
||||
|
||||
```bash
|
||||
ssh liderra "sudo nginx -t 2>&1"
|
||||
```
|
||||
|
||||
Ожидаемый формат: 2 строки — `nginx: the configuration file ... syntax is ok` + `nginx: configuration file ... test is successful`.
|
||||
|
||||
Зелёный = обе строки присутствуют.
|
||||
|
||||
Красный = любое иное. Reason: «nginx config сломан».
|
||||
|
||||
### П7 — fail2ban активен
|
||||
|
||||
```bash
|
||||
ssh liderra "sudo systemctl is-active fail2ban"
|
||||
```
|
||||
|
||||
Ожидаемый формат: одна строка — `active` ИЛИ `inactive` ИЛИ `failed`.
|
||||
|
||||
Зелёный = `active`.
|
||||
|
||||
Красный = иначе. Reason: «fail2ban не работает, выкат расширяет attack surface».
|
||||
|
||||
### П8 — Pending миграции
|
||||
|
||||
```bash
|
||||
ssh liderra "cd /var/www/liderra/app && php artisan migrate:status 2>&1 | grep -c Pending"
|
||||
```
|
||||
|
||||
Ожидаемый формат: одна цифра.
|
||||
|
||||
Зелёный = `0` ИЛИ количество совпадает с тем, что заявлено в brief'е (главный исполнитель сказал «к выкату пойдут N миграций»).
|
||||
|
||||
Красный = есть pending, не заявленные в brief'е. Reason: «N необъявленных миграций — какие?».
|
||||
|
||||
## Процедура (5 шагов)
|
||||
|
||||
1. Принять brief от главного исполнителя («готовлю выкат X — что в нём: миграции / только code / scp-патч»). Если brief не упомянул миграции — П8 ожидает 0.
|
||||
2. Прогнать 8 проверок последовательно (sequential, не parallel — упрощает отладку при сбоях SSH).
|
||||
3. Собрать результаты в таблицу из 8 строк (см. Output format).
|
||||
4. Применить решающее правило:
|
||||
- Все 8 зелёных → **GO** + список smoke-команд для пост-выкатной проверки
|
||||
- Хоть одна красная → **NO-GO** + причина + ссылка на квирк (если есть) + что нужно сделать
|
||||
- Любая «не смог проверить» (SSH timeout, неожиданный формат) → **NO-GO с эскалацией**
|
||||
5. Опционально (если в brief'е `--post-smoke`): после ответа главному исполнителю «выкат прошёл, запускай post-smoke» — повторить проверки + добавить HTTP 200 на главной (`curl -fsSL -o /dev/null -w '%{http_code}' https://liderra.ru/`).
|
||||
|
||||
## Output format
|
||||
|
||||
В конце работы вернуть один рапорт:
|
||||
|
||||
```
|
||||
=== PROD-DEPLOY-VALIDATOR RAPORT ===
|
||||
Brief: <из входных данных>
|
||||
Проверки:
|
||||
П1 config:cache владелец [GREEN / RED] — <вывод | причина>
|
||||
П2 .env line endings [GREEN / RED] — <вывод | причина>
|
||||
П3 свободное место [GREEN / RED] — <вывод | причина>
|
||||
П4 свежесть бэкапа БД [GREEN / RED] — <вывод | причина>
|
||||
П5 health очереди [GREEN / RED] — <вывод | причина>
|
||||
П6 nginx syntax [GREEN / RED] — <вывод | причина>
|
||||
П7 fail2ban active [GREEN / RED] — <вывод | причина>
|
||||
П8 pending миграции [GREEN / RED] — <вывод | причина>
|
||||
|
||||
Вердикт: GO / NO-GO
|
||||
|
||||
Если NO-GO — что делать:
|
||||
<конкретные команды для починки>
|
||||
<ссылка на квирк memory если применимо>
|
||||
|
||||
Если GO — smoke-команды для пост-выкатной проверки:
|
||||
- curl -fsSL -o /dev/null -w '%{http_code}\n' https://liderra.ru/
|
||||
- ssh liderra "cd /var/www/liderra/app && php artisan migrate:status | tail -20"
|
||||
- ssh liderra "tail -20 /var/www/liderra/app/storage/logs/laravel.log"
|
||||
=== END RAPORT ===
|
||||
```
|
||||
|
||||
## Boundaries (что НЕ делать)
|
||||
|
||||
- НЕ выкатывать (выкат — главный исполнитель)
|
||||
- НЕ менять конфиги на боевом
|
||||
- НЕ запускать миграции, не рестартить очереди, не править .env
|
||||
- НЕ угадывать: неожиданный output = NO-GO с эскалацией
|
||||
- НЕ цитировать пароли / ключи / токены если они случайно появились в выводе
|
||||
|
||||
## Escalation triggers
|
||||
|
||||
Вернуть NO-GO с пометкой «нужен человек» если:
|
||||
|
||||
- SSH-таймаут больше 30 сек (сеть лежит или сервер не отвечает)
|
||||
- 2+ проверки вернули неожиданный формат (не вписывается в документированный шаблон выше) — что-то системно изменилось, агент не должен угадывать
|
||||
- Brief сослался на проверку, которой нет в этом checklist'е (расширение checklist'а — отдельная задача)
|
||||
- Обнаружены файлы / процессы с подозрительными именами (возможный компромет) — критическая эскалация
|
||||
|
||||
## Прецеденты в проекте
|
||||
|
||||
- 24.05.2026 03:46 UTC — портал лежал 18 мин из-за квирка 107. Эта проверка (П1) — прямая защита.
|
||||
- 23.05.2026 — partition+RLS+log fix на боевом (push `7e0c8dde`). Сейчас бэкап-крон активен (П4).
|
||||
- 22.05.2026 — HTTPS + fail2ban + ModSecurity WAF активированы (см. memory `project_server_hardening.md`). П7 проверяет fail2ban.
|
||||
@@ -1,231 +0,0 @@
|
||||
---
|
||||
name: reviewer-agent
|
||||
description: |
|
||||
Independent reviewer of routing decisions for Лидерра brain governance.
|
||||
Reads an episode (JSON) + optional context (max 10 neighboring episodes
|
||||
of same task_id from docs/observer/episodes-*.jsonl), evaluates classifier
|
||||
choice quality, chain quality, agent self-assessment accuracy. Returns
|
||||
structured JSON review.
|
||||
|
||||
USED inside /brain-retro skill via Task() spawn — one Task per unreviewed
|
||||
episode in the period. NEVER edits files. NEVER commits. NEVER touches
|
||||
nodes.yaml / episodes / нормативку.
|
||||
|
||||
Escalates to controller if episode is malformed or schema unknown.
|
||||
|
||||
Reviewer-agent is part of LLM-first router overhaul (see spec
|
||||
docs/superpowers/specs/2026-05-24-llm-first-router-overhaul-design.md
|
||||
§4.6 v2.1). Replaces direct Opus API call (v2.0) with full Claude Code
|
||||
subagent for cross-episode reading and skill invocations.
|
||||
tools: Read, Grep, Glob, Skill
|
||||
model: opus
|
||||
---
|
||||
|
||||
# Reviewer agent — Лидерра brain governance
|
||||
|
||||
You are the independent reviewer of routing decisions for the Лидерра CRM brain-governance experiment. Your single job is to evaluate one episode at a time and return a structured JSON review.
|
||||
|
||||
You DO NOT edit files. You DO NOT commit. You DO NOT modify the episode you are reviewing. You DO NOT make architectural decisions. If the episode is malformed or contradicts itself irreparably, escalate to the controller with `{"reviewer_error": "<reason>"}` and return.
|
||||
|
||||
## Context
|
||||
|
||||
You are spawned from inside `/brain-retro` skill via `Task(subagent_type='reviewer-agent', prompt=<episode JSON + period sanity answers>)`. Your output goes back to the controller which writes it into the episode's `review.*` fields.
|
||||
|
||||
Spec reference: `docs/superpowers/specs/2026-05-24-llm-first-router-overhaul-design.md` §4.6.
|
||||
|
||||
## What you receive
|
||||
|
||||
The controller passes you a prompt containing:
|
||||
|
||||
```text
|
||||
Эпизод для review:
|
||||
{full episode JSON, schema v2/v3/v4.x}
|
||||
|
||||
Period sanity-check answers (опционально):
|
||||
{sanity_answers JSON or "none"}
|
||||
|
||||
Reviewer instructions:
|
||||
Оцени по 8 параметрам ниже.
|
||||
Return ONLY JSON, no prose.
|
||||
```
|
||||
|
||||
## What you can read additionally (context)
|
||||
|
||||
Use `Read`, `Grep`, `Glob` to fetch:
|
||||
|
||||
1. **Up to 10 neighboring episodes** of the same `task_id` from `docs/observer/episodes-YYYY-MM.jsonl`. Use Grep to find them by `task_id`. **HARD LIMIT: 10**. If more exist, take the 10 closest in time.
|
||||
2. **`docs/registry/nodes.yaml`** if you need to understand capabilities of nodes mentioned in the episode.
|
||||
3. **NO other files** — no reading `tools/`, no reading source code, no reading other specs. Stay focused.
|
||||
|
||||
## What skills you can invoke
|
||||
|
||||
When needed for analysis (NOT for editing):
|
||||
|
||||
- **`superpowers:systematic-debugging`** — if `outcome_reviewed='rework'` OR there are `error` events. Apply 3-hypothesis methodology to identify `error_root_cause`.
|
||||
- **`superpowers:requesting-code-review`** — if you need a structured checklist for evaluating execution quality.
|
||||
- **`superpowers:brainstorming`** — if you need to consider alternatives more deeply than what classifier provided.
|
||||
|
||||
Skills are tools for YOUR thinking. They don't change anything. After invocation, return back to evaluating the episode.
|
||||
|
||||
## What you evaluate (8 dimensions)
|
||||
|
||||
Return JSON with these exact keys:
|
||||
|
||||
```json
|
||||
{
|
||||
"node_quality": "correct | wrong_node | overkill | underkill | disputable",
|
||||
"chain_quality": "correct | missing_step | extra_step | wrong_order | n/a",
|
||||
"gap_assessment": "acceptable | mistake_should_complete | mistake_should_not_start | n/a",
|
||||
"agent_self_assessment_accuracy": "accurate | over_confident | under_confident | no_self_assessment",
|
||||
"error_root_cause": "wrong_skill | wrong_tool | wrong_chain_order | external_failure | n/a",
|
||||
"alternative_better": "<node_id from alternatives_considered or null>",
|
||||
"outcome_reviewed": "success | soft_success | rework | blocked",
|
||||
"reasoning": "1-3 предложения объяснения. Конкретно, не общо."
|
||||
}
|
||||
```
|
||||
|
||||
### Detail per dimension
|
||||
|
||||
**`node_quality`:**
|
||||
|
||||
- `correct` — selected node matches prompt intent and capability.
|
||||
- `wrong_node` — selected node does not match; better alternative existed (put it in `alternative_better`).
|
||||
- `overkill` — node is more heavy than needed (e.g., systematic-debugging for typo fix).
|
||||
- `underkill` — node is too light (e.g., direct edit for security-sensitive area).
|
||||
- `disputable` — reasonable but not obviously best.
|
||||
|
||||
**`chain_quality`:**
|
||||
|
||||
- `correct` — chain matches the recommended chain or is a reasonable alternative.
|
||||
- `missing_step` — important step skipped (e.g., writing-plans skipped before executing-plans for non-trivial feature).
|
||||
- `extra_step` — unnecessary step added.
|
||||
- `wrong_order` — steps executed in wrong order.
|
||||
- `n/a` — single-node task, no chain.
|
||||
|
||||
**`gap_assessment`** (only if `chain_gaps[].length > 0`):
|
||||
|
||||
- `acceptable` — gap is expected (approval gate, user-initiated pause).
|
||||
- `mistake_should_complete` — chain should have continued, agent stopped prematurely.
|
||||
- `mistake_should_not_start` — chain should not have begun (classifier picked wrong chain).
|
||||
|
||||
**`agent_self_assessment_accuracy`:**
|
||||
|
||||
- Сравни `self_assessment.confidence_in_choice` с реальным `outcome_inferred`/`outcome_reviewed`.
|
||||
- `confidence ≥ 0.7 + outcome=rework` → `over_confident`.
|
||||
- `confidence ≤ 0.4 + outcome=success` → `under_confident`.
|
||||
- Соответствие → `accurate`.
|
||||
- `self_assessment_pending: true` → `no_self_assessment`.
|
||||
|
||||
**`error_root_cause`** (only if `events.error.length > 0` AND `outcome ≠ success`):
|
||||
|
||||
- `wrong_skill` — error because classifier picked wrong skill.
|
||||
- `wrong_tool` — error from tool within correct skill (e.g., Edit instead of MultiEdit on multi-occurrence).
|
||||
- `wrong_chain_order` — error from misordered chain steps.
|
||||
- `external_failure` — network/lock/race/API-down (not agent's fault).
|
||||
- `n/a` — no error or success outcome.
|
||||
|
||||
**`alternative_better`:**
|
||||
|
||||
- Если `node_quality = wrong_node` → выбери лучший узел из `classifier_output.alternatives_considered[].node`.
|
||||
- Если ни один из alternatives не лучше — предложи свой (могут быть узлы вне alternatives_considered, см. `docs/registry/nodes.yaml`).
|
||||
- Иначе → `null`.
|
||||
|
||||
**`outcome_reviewed`** (proxy — закрывает 19.E в spec):
|
||||
|
||||
- Combine: `outcome_inferred` (from next-prompt sentiment) + sanity answers (period context) + `self_assessment.confidence` vs actual.
|
||||
- `success` — task completed and user moved on positively.
|
||||
- `soft_success` — task completed but with caveats (corrections, partial).
|
||||
- `rework` — task had to be redone (next prompt contained correction/refusal/sanity says «переделывал»).
|
||||
- `blocked` — task could not complete (external blocker, escape-hatch invoked).
|
||||
|
||||
**`reasoning`:**
|
||||
|
||||
- 1-3 предложения объяснения твоего решения.
|
||||
- Конкретно: ссылайся на episode fields, not general principles.
|
||||
- Если использовал cross-episode context — упомяни.
|
||||
|
||||
## Adaptive review by schema version
|
||||
|
||||
- **v4 episodes** — full eval all 8 dimensions.
|
||||
- **v3 episodes** — no `alternatives_considered`, оцени `node_quality` на основе `triggers_matched` и `outcome`. `alternative_better` ставь null.
|
||||
- **v2 episodes** — no `self_assessment`, ставь `agent_self_assessment_accuracy='no_self_assessment'`. Остальное как обычно.
|
||||
- **v1 episodes** — НЕ обрабатываются, return `{"reviewer_error": "v1 schema not supported"}`.
|
||||
|
||||
## What you DON'T do
|
||||
|
||||
- Не редактируешь episode (controller сам пишет review.* поля по твоему JSON output).
|
||||
- Не правишь nodes.yaml.
|
||||
- Не правишь spec.
|
||||
- Не делаешь коммиты.
|
||||
- Не общаешься с пользователем — твой output идёт controller'у.
|
||||
- Не читаешь больше 10 соседних эпизодов (cost cap).
|
||||
- Не читаешь tools/* / source code — это вне scope review.
|
||||
|
||||
## Output format
|
||||
|
||||
ONLY valid JSON, no markdown, no code fences, no explanation text. Controller парсит твой output напрямую как JSON.
|
||||
|
||||
Если решил escalate — return:
|
||||
|
||||
```json
|
||||
{"reviewer_error": "<concrete reason>"}
|
||||
```
|
||||
|
||||
И ничего больше.
|
||||
|
||||
## Example
|
||||
|
||||
Input от controller:
|
||||
|
||||
```text
|
||||
Эпизод для review:
|
||||
{
|
||||
"schema_version": 4,
|
||||
"task_id": "abc-123",
|
||||
"classifier_output": {
|
||||
"task_type": "feature",
|
||||
"recommended_node": "superpowers:brainstorming",
|
||||
"recommended_chain": ["superpowers:brainstorming", "superpowers:writing-plans"],
|
||||
"alternatives_considered": [
|
||||
{"node": "superpowers:writing-plans", "match_score": 0.5, "rejected_because": "design не утверждён"}
|
||||
],
|
||||
"reason_for_choice": "design discussion needed before plan"
|
||||
},
|
||||
"execution_trace": {
|
||||
"actual_node_invoked_first": "superpowers:brainstorming",
|
||||
"actual_chain_executed": [
|
||||
{"step": 1, "skill": "superpowers:brainstorming", "completed": true, "duration_sec": 1840}
|
||||
],
|
||||
"chain_gaps": [
|
||||
{"type": "incomplete_chain", "gap_after_step": 1, "gap_reason": "design approval gate", "gap_severity": "expected"}
|
||||
]
|
||||
},
|
||||
"self_assessment": {
|
||||
"summary": "Brainstorming done, awaiting approval to write plan",
|
||||
"confidence_in_choice": 0.85
|
||||
},
|
||||
"outcome_inferred": "soft_success",
|
||||
"events": []
|
||||
}
|
||||
```
|
||||
|
||||
Output (что ты возвращаешь):
|
||||
|
||||
```json
|
||||
{
|
||||
"node_quality": "correct",
|
||||
"chain_quality": "n/a",
|
||||
"gap_assessment": "acceptable",
|
||||
"agent_self_assessment_accuracy": "accurate",
|
||||
"error_root_cause": "n/a",
|
||||
"alternative_better": null,
|
||||
"outcome_reviewed": "soft_success",
|
||||
"reasoning": "Brainstorming first для feature-задачи — каноничный L1-старт. Gap after step 1 ожидаем: дизайн нуждается в approval. Self-assessment confidence=0.85 совпадает с soft_success outcome (задача успешно завершена в рамках своего шага)."
|
||||
}
|
||||
```
|
||||
|
||||
## Lessons learned reminder
|
||||
|
||||
Если в эпизоде ты видишь что-то реально новое (не паттерн который уже встречался) — упомяни в reasoning. Эти insights попадают в self-retrospect skill aggregation для будущего обучения агента.
|
||||
|
||||
Но НЕ делай self-retrospect сам — это отдельный skill.
|
||||
+3
-350
@@ -38,42 +38,12 @@
|
||||
},
|
||||
"hooks": {
|
||||
"PreToolUse": [
|
||||
{
|
||||
"matcher": "Edit|Write|MultiEdit|NotebookEdit|Bash|PowerShell|Skill|Task",
|
||||
"hooks": [
|
||||
{
|
||||
"type": "command",
|
||||
"command": "node tools/enforce-llm-judge-per-tool.mjs",
|
||||
"timeout": 30
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"matcher": "Read|Grep|Glob|LS|TodoWrite|AskUserQuestion|Edit|Write|MultiEdit|NotebookEdit|Bash|Skill|Task|EnterPlanMode",
|
||||
"hooks": [
|
||||
{
|
||||
"type": "command",
|
||||
"command": "node tools/enforce-safe-baseline-metering.mjs",
|
||||
"timeout": 10
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"matcher": "Edit|Write|MultiEdit|NotebookEdit",
|
||||
"hooks": [
|
||||
{
|
||||
"type": "command",
|
||||
"command": "node tools/enforce-runtime-write-deny.mjs",
|
||||
"timeout": 5
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"matcher": "Edit|Write",
|
||||
"hooks": [
|
||||
{
|
||||
"type": "command",
|
||||
"command": "node -e \"const f=process.env.CLAUDE_FILE_PATH||''; const pd=process.env.CLAUDE_PROJECT_DIR||''; const path=require('path'); if (f && pd && path.resolve(f) === path.resolve(pd, 'CLAUDE.md')) { process.stderr.write('\\n[hook] WARNING: Direct edit of root CLAUDE.md detected. Per CLAUDE.md Р’В§5 Р С—.10, prefer /claude-md-management:revise-claude-md or /claude-md-management:claude-md-improver. If invoked via that skill, this warning is informational.\\n'); }\""
|
||||
"command": "node -e \"const f=process.env.CLAUDE_FILE_PATH||''; const pd=process.env.CLAUDE_PROJECT_DIR||''; const path=require('path'); if (f && pd && path.resolve(f) === path.resolve(pd, 'CLAUDE.md')) { process.stderr.write('\\n[hook] WARNING: Direct edit of root CLAUDE.md detected. Per CLAUDE.md §5 п.10, prefer /claude-md-management:revise-claude-md or /claude-md-management:claude-md-improver. If invoked via that skill, this warning is informational.\\n'); }\""
|
||||
}
|
||||
]
|
||||
},
|
||||
@@ -82,182 +52,7 @@
|
||||
"hooks": [
|
||||
{
|
||||
"type": "command",
|
||||
"command": "node \"C:/Р В РЎВРѕСЏ/проекты/портал crm/ДокуРСВентацРСвЂР РЋР РЏ/tools/subagent-prompt-prefix.mjs\""
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"matcher": "Edit|Write|MultiEdit|Bash",
|
||||
"hooks": [
|
||||
{
|
||||
"type": "command",
|
||||
"command": "node tools/router-tool-gate.mjs",
|
||||
"timeout": 5
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"matcher": "Edit|Write|MultiEdit",
|
||||
"hooks": [
|
||||
{
|
||||
"type": "command",
|
||||
"command": "node tools/enforce-memory-coverage.mjs",
|
||||
"timeout": 5
|
||||
},
|
||||
{
|
||||
"type": "command",
|
||||
"command": "node tools/enforce-tdd-gate.mjs",
|
||||
"timeout": 5
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"matcher": "Bash",
|
||||
"hooks": [
|
||||
{
|
||||
"type": "command",
|
||||
"command": "node tools/enforce-branch-switch.mjs",
|
||||
"timeout": 5
|
||||
},
|
||||
{
|
||||
"type": "command",
|
||||
"command": "node tools/enforce-verify-before-push.mjs",
|
||||
"timeout": 5
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"matcher": "Bash",
|
||||
"hooks": [
|
||||
{
|
||||
"type": "command",
|
||||
"command": "node tools/enforce-router-gate.mjs",
|
||||
"timeout": 5
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"matcher": "PowerShell",
|
||||
"hooks": [
|
||||
{
|
||||
"type": "command",
|
||||
"command": "node tools/enforce-powershell-gate.mjs",
|
||||
"timeout": 5
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"matcher": "Edit|Write|MultiEdit",
|
||||
"hooks": [
|
||||
{
|
||||
"type": "command",
|
||||
"command": "node tools/enforce-normative-content-rules.mjs",
|
||||
"timeout": 5
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"matcher": "Edit|Write",
|
||||
"hooks": [
|
||||
{
|
||||
"type": "command",
|
||||
"command": "node tools/enforce-tdd-real-test-verifier.mjs",
|
||||
"timeout": 5
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"matcher": "Edit|Write|MultiEdit|Bash",
|
||||
"hooks": [
|
||||
{
|
||||
"type": "command",
|
||||
"command": "node tools/enforce-self-debrief-detector.mjs",
|
||||
"timeout": 5
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"matcher": "mcp__.*",
|
||||
"hooks": [
|
||||
{
|
||||
"type": "command",
|
||||
"command": "node tools/enforce-mcp-classification.mjs",
|
||||
"timeout": 5
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"matcher": "Read",
|
||||
"hooks": [
|
||||
{
|
||||
"type": "command",
|
||||
"command": "node tools/enforce-read-path-deny.mjs",
|
||||
"timeout": 5
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"matcher": "Workflow",
|
||||
"hooks": [
|
||||
{
|
||||
"type": "command",
|
||||
"command": "node tools/enforce-workflow-gate.mjs",
|
||||
"timeout": 5
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"matcher": "Edit|Write|MultiEdit|NotebookEdit|Bash|Task",
|
||||
"hooks": [
|
||||
{
|
||||
"type": "command",
|
||||
"command": "node tools/enforce-decomposition-detector.mjs",
|
||||
"timeout": 8
|
||||
},
|
||||
{
|
||||
"type": "command",
|
||||
"command": "node tools/enforce-parallel-session-lock.mjs",
|
||||
"timeout": 3
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"matcher": "AskUserQuestion",
|
||||
"hooks": [
|
||||
{
|
||||
"type": "command",
|
||||
"command": "node tools/askuser-cosmetic-detector.mjs",
|
||||
"timeout": 5
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"matcher": "Read|Grep|Glob|LS|TodoWrite|AskUserQuestion|Edit|Write|MultiEdit|NotebookEdit|Bash|Skill|Task|EnterPlanMode",
|
||||
"hooks": [
|
||||
{
|
||||
"type": "command",
|
||||
"command": "node tools/enforce-safe-baseline-metering.mjs",
|
||||
"timeout": 10
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"matcher": "Edit|Write|MultiEdit|NotebookEdit",
|
||||
"hooks": [
|
||||
{
|
||||
"type": "command",
|
||||
"command": "node tools/enforce-runtime-write-deny.mjs",
|
||||
"timeout": 5
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"matcher": "Edit|Write|MultiEdit|NotebookEdit|Bash|Task",
|
||||
"hooks": [
|
||||
{
|
||||
"type": "command",
|
||||
"command": "node tools/enforce-parallel-session-lock.mjs",
|
||||
"timeout": 3
|
||||
"command": "node \"C:/моя/проекты/портал crm/Документация/tools/subagent-prompt-prefix.mjs\""
|
||||
}
|
||||
]
|
||||
}
|
||||
@@ -277,162 +72,20 @@
|
||||
"hooks": [
|
||||
{
|
||||
"type": "command",
|
||||
"command": "node -e \"const f=process.env.CLAUDE_FILE_PATH||''; const n=f.replace(/\\\\\\\\/g,'/'); if (/(^|\\\\/)db\\\\/schema\\\\.sql$/i.test(n)) { process.stdout.write('\\n[hook] REMINDER: You modified db/schema.sql. Per CLAUDE.md Р’В§5 Р С—.8, add a corresponding entry to db/CHANGELOG_schema.md before committing.\\n'); }\""
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"matcher": "Bash",
|
||||
"hooks": [
|
||||
{
|
||||
"type": "command",
|
||||
"command": "node tools/enforce-verify-record.mjs",
|
||||
"timeout": 5
|
||||
},
|
||||
{
|
||||
"type": "command",
|
||||
"command": "echo ok",
|
||||
"timeout": 5
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"matcher": "Edit|Write|MultiEdit",
|
||||
"hooks": [
|
||||
{
|
||||
"type": "command",
|
||||
"command": "echo ok",
|
||||
"timeout": 5
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"matcher": "Task",
|
||||
"hooks": [
|
||||
{
|
||||
"type": "command",
|
||||
"command": "node tools/enforce-subagent-return-scanner.mjs",
|
||||
"timeout": 10
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"matcher": "AskUserQuestion",
|
||||
"hooks": [
|
||||
{
|
||||
"type": "command",
|
||||
"command": "node tools/enforce-askuser-answer-parser.mjs",
|
||||
"timeout": 2
|
||||
"command": "node -e \"const f=process.env.CLAUDE_FILE_PATH||''; const n=f.replace(/\\\\\\\\/g,'/'); if (/(^|\\\\/)db\\\\/schema\\\\.sql$/i.test(n)) { process.stdout.write('\\n[hook] REMINDER: You modified db/schema.sql. Per CLAUDE.md §5 п.8, add a corresponding entry to db/CHANGELOG_schema.md before committing.\\n'); }\""
|
||||
}
|
||||
]
|
||||
}
|
||||
],
|
||||
"Stop": [
|
||||
{
|
||||
"matcher": "*",
|
||||
"hooks": [
|
||||
{
|
||||
"type": "command",
|
||||
"command": "node tools/enforce-llm-judge-response-scan.mjs",
|
||||
"timeout": 30
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"hooks": [
|
||||
{
|
||||
"type": "command",
|
||||
"command": "node tools/observer-stop-hook.mjs",
|
||||
"timeout": 60
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"hooks": [
|
||||
{
|
||||
"type": "command",
|
||||
"command": "node tools/router-stop-gate.mjs",
|
||||
"timeout": 5
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"hooks": [
|
||||
{
|
||||
"type": "command",
|
||||
"command": "node tools/enforce-coverage-verify.mjs",
|
||||
"timeout": 5
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"hooks": [
|
||||
{
|
||||
"type": "command",
|
||||
"command": "node tools/enforce-todowrite-skill-verifier.mjs",
|
||||
"timeout": 5
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"hooks": [
|
||||
{
|
||||
"type": "command",
|
||||
"command": "node tools/cost-stop-hook.mjs",
|
||||
"timeout": 10
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"hooks": [
|
||||
{
|
||||
"type": "command",
|
||||
"command": "node tools/enforce-parallel-session-lock.mjs",
|
||||
"timeout": 3
|
||||
}
|
||||
]
|
||||
}
|
||||
],
|
||||
"UserPromptSubmit": [
|
||||
{
|
||||
"hooks": [
|
||||
{
|
||||
"type": "command",
|
||||
"command": "node tools/router-prehook.mjs",
|
||||
"timeout": 60
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"hooks": [
|
||||
{
|
||||
"type": "command",
|
||||
"command": "node tools/enforce-prompt-injection.mjs",
|
||||
"timeout": 5
|
||||
}
|
||||
]
|
||||
}
|
||||
],
|
||||
"SessionStart": [
|
||||
{
|
||||
"hooks": [
|
||||
{
|
||||
"type": "command",
|
||||
"command": "node tools/router-embedding-warmup.mjs",
|
||||
"timeout": 30
|
||||
}
|
||||
]
|
||||
}
|
||||
],
|
||||
"SessionEnd": [
|
||||
{
|
||||
"hooks": [
|
||||
{
|
||||
"type": "command",
|
||||
"command": "node tools/enforce-parallel-session-lock.mjs",
|
||||
"timeout": 3
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@@ -1,6 +1,6 @@
|
||||
---
|
||||
name: brain-retro
|
||||
description: Use каждые 1-2 недели OR при триггере sanity-check threshold (Phase 3 cadence, spec §4.7). Also fires on explicit «брейн-ретро» / «/brain-retro». Aggregates evidence from docs/observer/episodes-*.jsonl + notes/*.md, asks 3-4 sanity questions via AskUserQuestion (PII-filtered), spawns reviewer-agent subagent per unreviewed episode (Opus, fallback to tools/brain-retro-opus-reviewer.mjs on subagent crash), and proposes regulatory candidates. Read-only — never edits Tooling/Pravila/PSR_v1 automatically; only proposes.
|
||||
description: Use ONCE PER SPRINT (or by explicit user invocation "брейн-ретро") to aggregate evidence from docs/observer/episodes-*.jsonl + notes/*.md and propose regulatory candidates. Read-only — never edits Tooling/Pravila/PSR_v1 automatically; only proposes.
|
||||
---
|
||||
|
||||
# Brain Retro
|
||||
@@ -21,50 +21,16 @@ Aggregator over observer evidence. Reads JSONL + optional MD notes, surfaces can
|
||||
|
||||
## Procedure
|
||||
|
||||
> **MANDATORY DIGITAL ANALYSIS (added 2026-05-26 after retro #6 feedback; extended to 11 tables 2026-05-28; extended to 13 tables 2026-05-30 in Stream H Task 8).**
|
||||
> Каждый прогон /brain-retro ОБЯЗАН включать **количественные срезы**, не только causal narrative. Минимум 13 цифровых таблиц:
|
||||
>
|
||||
> 1. **Path-type breakdown** (regulated vs improvised, со счётчиками и %).
|
||||
> 2. **node_chosen distribution** (топ-15 узлов с count + %).
|
||||
> 3. **recommended_node distribution** (что классификатор предложил, count + %).
|
||||
> 4. **GAP «рекомендован но выбран direct»** (per-node count + rework rate этого подмножества).
|
||||
> 5. **outcome × node_chosen group**: 3 группы (skill_used / direct_no_rec / direct_ignored_rec) со счётчиками + rework rate per group.
|
||||
> 6. **classifier_output presence by source** (prefilter / llm / regex / cache / NULL) — даёт диагностику здоровья самого классификатора.
|
||||
> 7. **Per-classification trigger-match + via-skill** (analysis / planning / bugfix / feature / refactor / security).
|
||||
> 8. **Class × canon coverage** — таблица класс задач × канонические узлы из мозга (`observer-classification-map.json`) × роутер рекомендовал × я реально взял × попало ли в канон. Источник — `result.classCanonCoverage` из analyzer.
|
||||
> 9. **Router vs Opus** — три секции: A (роутер дал → Opus оценил, расхождение видно сразу), B (роутер молчал → Opus сказал «надо был скил»), C (роутер дал → Opus согласился что скил излишен). Источник — `result.routerVsOpus`.
|
||||
> 10. **Chain-ignore breakdown** — отдельный срез: сколько раз роутер рекомендовал цепочку vs одиночный узел, какой % я игнорировал, и rework-rate каждого; bucket по длине цепочки (1/2/3+). Источник — `result.chainIgnoreBreakdown`.
|
||||
> 11. **Chain-hook effectiveness** — парсит `~/.claude/runtime/hook-outcomes.jsonl` за период retro. Buckets: blocked / passed-with-skill / passed-inline-override / passed-global-override / passed-short-chain / passed-no-mutating. Источник — `result.chainHookEffectiveness` из analyzer. Источник правила — brain-retro #9 Candidate 2.
|
||||
> 12. **Router-gate hook effectiveness (per-rule)** — счётчики fires + blocks по каждому `hook_fired.rule` в эпизодах за период (path-deny / git-conditional / branch-switch / etc). Помогает увидеть, какие правила реально стреляли и какой % fires заканчивался блокировкой. Источник — `result.routerGateHookEffectiveness` (Stream H Task 8). Без таблицы — нет видимости качества защит router-gate v4.
|
||||
> 13. **Self-fabrication signals** — эпизоды, где `controller_claim` непустой (контроллер заявил действие) но `tool_uses` пуст или отсутствует (записи о реальном tool-call нет). 7 канонических паттернов фабрикации задокументированы в `docs/superpowers/runbooks/recovery-procedures.md` §5. Источник — `result.selfFabricationSignals` (Stream H Task 8).
|
||||
>
|
||||
> Без этих 13 таблиц retro считается недоделанным. Narrative-выводы должны опираться на цифры из них, не на «общие ощущения». **Если classifier_output=NULL > 30% эпизодов** — это сигнал, что классификатор сломан; в retro отдельным блоком отчитаться о состоянии классификатора (timeouts/errors/source distribution).
|
||||
>
|
||||
> Запрет на жаргон для блока «Report to user»: цифры остаются техническими, словесные выводы пользователю — простым языком (см. memory `feedback_plain_language.md`).
|
||||
|
||||
<!-- markdownlint-disable MD029 MD032 -->
|
||||
|
||||
1. **Determine period**: ask user «за какой период» or default to «since last brain-retro» (find latest `docs/observer/notes/YYYY-MM-DD-brain-retro-*.md`).
|
||||
2. **Read evidence**: glob `docs/observer/episodes-YYYY-MM.jsonl` for the period; read all lines as JSON.
|
||||
3. **Read optional notes**: glob `docs/observer/notes/*.md` filtered by date.
|
||||
4. **Update read-counter**: run `node tools/observer-of-observer.mjs record`. This atomically bumps `docs/observer/.read-counter.json` `last_read_at` to now and increments `read_count_last_period`. (Side-effect — used by C3 observer-of-observer for 54-week self-prune detection.)
|
||||
5. **Run the deterministic analyzer**: `node tools/brain-retro-analyzer.mjs docs/observer/episodes-YYYY-MM.jsonl` (pass every monthly file in the period). It returns JSON with `episodeCount`, `observerErrorCount`, `tasks` (episodes grouped into tasks), `causalChains` (error→fix candidates) and `factorMatrix` (outcome distribution per factor). The analyzer deduplicates the routing-gate double-write and infers the true `outcome` of each episode from the next episode's `prompt_signal` — never trust the stored `outcome` (it is `unknown` at write time).
|
||||
5a. **[Phase 3] Sanity questions (spec §4.7)** — `node tools/brain-retro-sanity-generator.mjs` (called as a module from analyzer-driven flow, OR direct via `import { generateCandidateQuestions } from '../../../tools/brain-retro-sanity-generator.mjs'`) returns up to 5 candidate questions. Pick 3-4, ask via AskUserQuestion (multiple-choice + free comment). **Вопросы заказчику — простым языком**, не «rework / wrong_skill / TDD pattern / self_assessment», а «переделки / выбор не того инструмента / самопроверка» (memory `feedback_plain_language.md`). Если первый раунд содержит жаргон — переформулировать и переспросить. **Before persist:** sanitize free comments with `tools/observer-pii-filter.mjs` (`sanitize` export, RU_PHONE / EMAIL / TOKEN strip). Write answers to `docs/observer/sanity-checks/YYYY-MM-DD.json` `{schema_version: 1, questions: [...]}`.
|
||||
5b. **Reviewer pass** — pragmatic two-mode policy (added 2026-05-26 after brain-retro #6, replacing original spec §4.6 «subagent only» which was unrealistic at retro scale):
|
||||
|
||||
- **Batch mode (default, fast)** — `node tools/brain-retro-batch-reviewer.mjs docs/observer/episodes-YYYY-MM.jsonl <cutoff-iso> [limit=30] [conc=5]`. Direct Opus API via `reviewViaDirectApi` from `tools/brain-retro-opus-reviewer.mjs` with concurrency 5. Use for **N ≥ 20 unreviewed episodes** — typical retro workload (retro #6 processed 132 episodes in 293s = ~2.2s/episode, well under per-subagent overhead).
|
||||
- **Subagent mode (per spec §4.6, deeper context)** — `Task(subagent_type='reviewer-agent', prompt=<episode JSON + sanity-answers context>)`. Use for **N < 20 episodes** OR when the reviewer needs access to other tools (read related files, grep history). Per-episode try/catch — on subagent crash/timeout, fall back to `reviewViaDirectApi`.
|
||||
|
||||
Both modes write the same payload back: `review.*` + `outcome_reviewed` + `outcome_reviewed_source` (`direct_api_batch` for batch, `subagent` for Task(), `direct_api_fallback` when subagent fails). If both fail, leave `review.reviewer_error: <msg>` for the next retro.
|
||||
6. **Aggregate** per `references/aggregation-template.md` — fill the Factor analysis matrix from the analyzer's `factorMatrix`, the task groups from `tasks`, the causal-chain candidates from `causalChains`, plus the new sections: sanity-check results, reviewer-agent outcomes distribution, self-retrospect trigger status.
|
||||
6. **Aggregate** per `references/aggregation-template.md` — fill the Factor analysis matrix from the analyzer's `factorMatrix`, the task groups from `tasks`, the causal-chain candidates from `causalChains`.
|
||||
7. **Propose candidates** — clearly separated section «Candidates for owner review». Each candidate has rationale + suggested edit + rejection-option.
|
||||
8. **Save retro note**: `docs/observer/notes/YYYY-MM-DD-brain-retro.md` with full aggregation.
|
||||
8a. **Refresh STATUS.md**: `node tools/status-md-generator.mjs` — auto-rebuild dashboard so it reflects the just-finished retro (`Last /brain-retro: 0 day(s) ago`, current episode count, refreshed C1–C5 controller statuses, cost report from `~/.claude/runtime/cost-daily.json`). Without this, STATUS.md only updates on the next git commit.
|
||||
9. **[Phase 3] Self-retrospect trigger (spec §4.8)** — read `docs/observer/.self-retrospect-counter.json`. If `episodes_since_last >= 50`, propose to the user invoking `/self-retrospect` (opt-in skill at `.claude/skills/self-retrospect/`). Bump `episodes_since_last` by the period's episode count regardless.
|
||||
10. **Cost report** — read `~/.claude/runtime/cost-daily.json`; include classifier + self_assessment + reviewer cost totals for the period in the retro note.
|
||||
11. **Report to user**: high-signal summary including sanity highlights, reviewer outcome distribution, and any escalations.
|
||||
|
||||
<!-- markdownlint-enable MD029 MD032 -->
|
||||
8a. **Refresh STATUS.md**: `node tools/status-md-generator.mjs` — auto-rebuild dashboard so it reflects the just-finished retro (`Last /brain-retro: 0 day(s) ago`, current episode count, refreshed C1–C5 controller statuses). Without this, STATUS.md only updates on the next git commit.
|
||||
9. **Report to user**: high-signal summary.
|
||||
|
||||
## Output anatomy
|
||||
|
||||
|
||||
@@ -1,42 +0,0 @@
|
||||
---
|
||||
name: self-retrospect
|
||||
description: |
|
||||
Opt-in self-retrospect: один раз за период (по умолчанию ~50 эпизодов или
|
||||
«триггер от заказчика») контроллер прогоняется по своим эпизодам и
|
||||
отвечает на вопросы про собственные паттерны: где переоценил уверенность,
|
||||
где зря выбрал direct вместо навыка, где наоборот стоило выбрать direct
|
||||
но навык сработал лишним. Результат пишется как заметка в
|
||||
`docs/observer/notes/<YYYY-MM-DD>-self-retrospect.md`, НЕ как эпизод.
|
||||
|
||||
Triggers: явное «/self-retrospect» от заказчика, OR порог
|
||||
`docs/observer/.self-retrospect-counter.json:episodes_since_last >= 50`
|
||||
(контроллер видит порог в STATUS.md C5 и предлагает запуск).
|
||||
|
||||
Spec: docs/superpowers/specs/2026-05-24-llm-first-router-overhaul-design.md §4.8.
|
||||
tools: Read, Grep, Glob, AskUserQuestion, Write, Edit
|
||||
---
|
||||
|
||||
# self-retrospect — Phase 3 Task 19 stub
|
||||
|
||||
This is the **stub** for the opt-in self-retrospect skill (Phase 3 Task 19).
|
||||
The full procedure (read 50 episodes → answer 5-7 introspection questions
|
||||
via AskUserQuestion → write note → bump counter) is **wired in Phase 3 Task
|
||||
20** when the analyzer and STATUS.md generator surface the
|
||||
`episodes_since_last >= 50` threshold.
|
||||
|
||||
For now, when invoked:
|
||||
|
||||
1. Read `docs/observer/.self-retrospect-counter.json`.
|
||||
2. Read the last N episodes from `docs/observer/episodes-YYYY-MM.jsonl`
|
||||
(default N = `episodes_since_last`).
|
||||
3. Ask the user (via AskUserQuestion) 3-5 retrospective questions about
|
||||
own routing patterns over that window (template in `references/` —
|
||||
created in Task 20).
|
||||
4. Sanitize answers via `tools/observer-pii-filter.mjs` (`sanitize` export)
|
||||
before writing.
|
||||
5. Write `docs/observer/notes/YYYY-MM-DD-self-retrospect.md`.
|
||||
6. Reset counter: `episodes_since_last = 0`, `last_run_at = now`.
|
||||
|
||||
Until Task 20 wires steps 3 and the references template, invoking this
|
||||
skill should walk through steps 1-2 + 4-6 manually and ask the user the
|
||||
3-5 questions inline.
|
||||
@@ -1,119 +0,0 @@
|
||||
name: Run artisan command on liderra.ru
|
||||
|
||||
# Universal artisan-runner для прод-команд пока прямой SSH с dev-машины
|
||||
# заблокирован YC backbone-фильтром. Заказчик пишет команду строкой в
|
||||
# workflow_dispatch input, workflow проверяет её по whitelist, выполняет на
|
||||
# проде под sudo -u www-data, выводит результат в job summary.
|
||||
#
|
||||
# Whitelist охватывает read-only / dry-run / status команды без подтверждения
|
||||
# плюс несколько mutating команд с обязательным confirm_apply=true.
|
||||
#
|
||||
# Любая команда вне whitelist'а → fail before SSH.
|
||||
#
|
||||
# Использует тот же LIDERRA_SSH_KEY что и deploy.yml/ssh-diagnose.yml.
|
||||
|
||||
on:
|
||||
workflow_dispatch:
|
||||
inputs:
|
||||
command:
|
||||
description: 'artisan-команда (например: supplier:rekey-orphans --dry-run)'
|
||||
required: true
|
||||
type: string
|
||||
confirm_apply:
|
||||
description: 'Подтверждаю выполнение mutating-команды (обязательно true для команд без --dry-run)'
|
||||
required: false
|
||||
default: false
|
||||
type: boolean
|
||||
|
||||
jobs:
|
||||
run:
|
||||
name: ${{ github.event.inputs.command }}
|
||||
runs-on: ubuntu-latest
|
||||
timeout-minutes: 15
|
||||
|
||||
env:
|
||||
LIDERRA_HOST: 111.88.246.137
|
||||
LIDERRA_USER: ubuntu
|
||||
CMD: ${{ github.event.inputs.command }}
|
||||
CONFIRM: ${{ github.event.inputs.confirm_apply }}
|
||||
|
||||
steps:
|
||||
- name: Whitelist check
|
||||
run: |
|
||||
set -euo pipefail
|
||||
CMD_TRIM=$(echo "$CMD" | sed 's/^ *//;s/ *$//')
|
||||
echo "Requested: '$CMD_TRIM'"
|
||||
|
||||
# Group 1 — read-only / dry-run / inspection: всегда разрешены
|
||||
READ_ONLY_RE='^(migrate:status|route:list|schedule:list|queue:listen --help|about|env:show|config:show|cache:table|view:cache|optimize:status|snapshot:backfill( --date=20[2-9][0-9]-[0-1][0-9]-[0-3][0-9])?|scheduler:check-heartbeats|incidents:watch-failures( --threshold-spike=[0-9]+)?( --threshold-daily=[0-9]+)?( --persistent-hours=[0-9]+)?|supplier:rekey-orphans --dry-run|audit:verify-chains|audit:rebuild-chain --partition=[a-z_0-9]+ --from-id=[0-9]+ --dry-run)( *)$'
|
||||
|
||||
# Group 2 — mutating: требуют confirm_apply=true
|
||||
MUTATING_RE='^(supplier:rekey-orphans|cache:clear|view:clear|config:clear|route:clear|optimize:clear|optimize|queue:restart|partitions:create-months( --months=[0-9]+)?|partitions:drop-old|audit:rebuild-chain --partition=[a-z_0-9]+ --from-id=[0-9]+( --force)?)( *)$'
|
||||
|
||||
if [[ "$CMD_TRIM" =~ $READ_ONLY_RE ]]; then
|
||||
echo "::notice::Command in read-only whitelist — proceeding."
|
||||
exit 0
|
||||
fi
|
||||
|
||||
if [[ "$CMD_TRIM" =~ $MUTATING_RE ]]; then
|
||||
if [[ "$CONFIRM" != "true" ]]; then
|
||||
echo "::error::Mutating command '$CMD_TRIM' requires confirm_apply=true. Re-run with confirm_apply checked."
|
||||
exit 1
|
||||
fi
|
||||
echo "::warning::Mutating command authorized via confirm_apply=true."
|
||||
exit 0
|
||||
fi
|
||||
|
||||
echo "::error::Command '$CMD_TRIM' is NOT in whitelist. Allowed read-only patterns: $READ_ONLY_RE. Allowed mutating: $MUTATING_RE. Add to whitelist if needed."
|
||||
exit 1
|
||||
|
||||
- name: Setup SSH key
|
||||
run: |
|
||||
mkdir -p ~/.ssh
|
||||
echo "${{ secrets.LIDERRA_SSH_KEY }}" > ~/.ssh/liderra_deploy
|
||||
chmod 600 ~/.ssh/liderra_deploy
|
||||
ssh-keyscan -H ${{ env.LIDERRA_HOST }} >> ~/.ssh/known_hosts 2>/dev/null
|
||||
|
||||
- name: Run artisan on prod
|
||||
run: |
|
||||
set -o pipefail
|
||||
CMD_B64=$(printf '%s' "$CMD" | base64 -w0)
|
||||
ssh -i ~/.ssh/liderra_deploy ${{ env.LIDERRA_USER }}@${{ env.LIDERRA_HOST }} \
|
||||
"CMD_B64='$CMD_B64' bash -s" <<'REMOTE' | tee /tmp/artisan-output.log
|
||||
set +e
|
||||
CMD=$(echo "$CMD_B64" | base64 -d)
|
||||
cd /var/www/liderra/app
|
||||
echo "=== Running: php artisan $CMD on $(hostname) at $(date -u) ==="
|
||||
sudo -u www-data php artisan $CMD 2>&1
|
||||
RC=$?
|
||||
echo
|
||||
echo "=== Exit code: $RC ==="
|
||||
exit $RC
|
||||
REMOTE
|
||||
|
||||
- name: Print summary
|
||||
if: always()
|
||||
run: |
|
||||
{
|
||||
echo "## artisan \`$CMD\`"
|
||||
echo
|
||||
echo "- Host: $LIDERRA_HOST"
|
||||
echo "- Confirm: $CONFIRM"
|
||||
echo "- Triggered by: ${{ github.actor }}"
|
||||
echo
|
||||
echo '```'
|
||||
cat /tmp/artisan-output.log 2>/dev/null || echo "(no output captured)"
|
||||
echo '```'
|
||||
} >> "$GITHUB_STEP_SUMMARY"
|
||||
|
||||
- name: Upload output as artifact
|
||||
if: always()
|
||||
uses: actions/upload-artifact@v4
|
||||
with:
|
||||
name: artisan-output
|
||||
path: /tmp/artisan-output.log
|
||||
retention-days: 30
|
||||
|
||||
- name: Cleanup SSH key
|
||||
if: always()
|
||||
run: rm -f ~/.ssh/liderra_deploy
|
||||
@@ -1,229 +0,0 @@
|
||||
name: Deploy to liderra.ru
|
||||
|
||||
# Запускается вручную через web-интерфейс GitHub или через `gh workflow run`.
|
||||
# Решает проблему «дев-машина не достучится по SSH до прод-сервера через YC backbone»:
|
||||
# GitHub Actions runner — внешний по отношению к YC, его IP не блокируется тем
|
||||
# фильтром что блокирует мой dev-IP `89.144.17.119`.
|
||||
#
|
||||
# Требуемые secrets (Settings → Secrets and variables → Actions):
|
||||
# LIDERRA_SSH_KEY — содержимое приватного ключа `~/.ssh/liderra_deploy`
|
||||
# (начинается с `-----BEGIN OPENSSH PRIVATE KEY-----`).
|
||||
# Host/user захардкожены — публичная информация, нет смысла в secrets.
|
||||
|
||||
on:
|
||||
workflow_dispatch:
|
||||
inputs:
|
||||
ref:
|
||||
description: 'Branch/tag/SHA для деплоя (по умолчанию main)'
|
||||
required: true
|
||||
default: 'main'
|
||||
type: string
|
||||
backfill_snapshot:
|
||||
description: 'Запустить snapshot:backfill за сегодня (default yes)'
|
||||
required: false
|
||||
default: true
|
||||
type: boolean
|
||||
|
||||
jobs:
|
||||
deploy:
|
||||
name: Deploy code + run redeploy.sh
|
||||
runs-on: ubuntu-latest
|
||||
timeout-minutes: 20
|
||||
concurrency:
|
||||
group: liderra-prod-deploy
|
||||
cancel-in-progress: false
|
||||
|
||||
env:
|
||||
LIDERRA_HOST: 111.88.246.137
|
||||
LIDERRA_USER: ubuntu
|
||||
|
||||
steps:
|
||||
- name: Checkout
|
||||
uses: actions/checkout@v4
|
||||
with:
|
||||
ref: ${{ github.event.inputs.ref }}
|
||||
|
||||
- name: Setup Node 22
|
||||
uses: actions/setup-node@v4
|
||||
with:
|
||||
node-version: '22'
|
||||
cache: 'npm'
|
||||
cache-dependency-path: app/package-lock.json
|
||||
|
||||
- name: Install frontend deps
|
||||
# --legacy-peer-deps: Histoire 1.0-beta.1 заявляет peerDep vite ^7,
|
||||
# установлено vite 8 — известный квирк проекта (memory feedback_environment.md #74).
|
||||
working-directory: app
|
||||
run: npm ci --legacy-peer-deps
|
||||
|
||||
- name: Build frontend
|
||||
working-directory: app
|
||||
run: npm run build
|
||||
|
||||
- name: Verify build artifacts present
|
||||
run: |
|
||||
test -f app/public/build/manifest.json
|
||||
ls app/public/build/assets/ | head -5
|
||||
du -sh app/public/build/
|
||||
|
||||
- name: Create deploy tarball
|
||||
run: |
|
||||
tar czf /tmp/deploy.tgz \
|
||||
--exclude='app/.env' \
|
||||
--exclude='app/.env.example' \
|
||||
--exclude='app/.env.production' \
|
||||
--exclude='app/storage' \
|
||||
--exclude='app/vendor' \
|
||||
--exclude='app/node_modules' \
|
||||
--exclude='app/bootstrap/cache' \
|
||||
app db
|
||||
ls -lh /tmp/deploy.tgz
|
||||
|
||||
- name: Setup SSH key
|
||||
run: |
|
||||
mkdir -p ~/.ssh
|
||||
echo "${{ secrets.LIDERRA_SSH_KEY }}" > ~/.ssh/liderra_deploy
|
||||
chmod 600 ~/.ssh/liderra_deploy
|
||||
ssh-keyscan -H ${{ env.LIDERRA_HOST }} >> ~/.ssh/known_hosts 2>/dev/null
|
||||
|
||||
- name: Upload tarball to prod
|
||||
run: |
|
||||
scp -i ~/.ssh/liderra_deploy -o StrictHostKeyChecking=accept-new \
|
||||
/tmp/deploy.tgz ${{ env.LIDERRA_USER }}@${{ env.LIDERRA_HOST }}:/tmp/deploy.tgz
|
||||
|
||||
- name: Pre-apply partitioned migrations via postgres superuser
|
||||
# Workaround for partitioned-table migrations:
|
||||
# 2026_05_27_120000_create_project_routing_snapshots_table.php has SET ROLE crm_migrator
|
||||
# which fails when pgsql connection = crm_app_user (not a member of crm_migrator),
|
||||
# poisoning the transaction. Established prod pattern (memory: paused_at migration 26.05):
|
||||
# apply schema via sudo -u postgres psql + insert into migrations table.
|
||||
# Idempotent — skips if already applied.
|
||||
run: |
|
||||
ssh -i ~/.ssh/liderra_deploy ${{ env.LIDERRA_USER }}@${{ env.LIDERRA_HOST }} 'bash -s' <<'REMOTE'
|
||||
set -euo pipefail
|
||||
MIG_NAME='2026_05_27_120000_create_project_routing_snapshots_table'
|
||||
|
||||
ALREADY=$(sudo -u postgres psql -d liderra -tAc \
|
||||
"SELECT 1 FROM migrations WHERE migration = '${MIG_NAME}' LIMIT 1")
|
||||
if [ "${ALREADY}" = "1" ]; then
|
||||
echo "Migration ${MIG_NAME} already in migrations table — skipping."
|
||||
exit 0
|
||||
fi
|
||||
|
||||
TABLE_EXISTS=$(sudo -u postgres psql -d liderra -tAc \
|
||||
"SELECT 1 FROM information_schema.tables WHERE table_name='project_routing_snapshots' LIMIT 1")
|
||||
|
||||
if [ "${TABLE_EXISTS}" != "1" ]; then
|
||||
echo "Applying CREATE TABLE project_routing_snapshots via postgres superuser..."
|
||||
sudo -u postgres psql -d liderra -v ON_ERROR_STOP=1 <<'PSQL'
|
||||
BEGIN;
|
||||
CREATE TABLE project_routing_snapshots (
|
||||
snapshot_date DATE NOT NULL,
|
||||
project_id BIGINT NOT NULL,
|
||||
tenant_id BIGINT NOT NULL,
|
||||
daily_limit INT NOT NULL CHECK (daily_limit >= 0),
|
||||
delivery_days_mask INT NOT NULL CHECK (delivery_days_mask BETWEEN 0 AND 127),
|
||||
regions INT[] NOT NULL DEFAULT '{}',
|
||||
signal_type TEXT NOT NULL CHECK (signal_type IN ('call','site','sms')),
|
||||
signal_identifier TEXT,
|
||||
sms_senders JSONB,
|
||||
sms_keyword TEXT,
|
||||
expected_volume INT NOT NULL CHECK (expected_volume >= 0),
|
||||
delivered_count INT NOT NULL DEFAULT 0 CHECK (delivered_count >= 0),
|
||||
created_at TIMESTAMP NOT NULL DEFAULT NOW(),
|
||||
PRIMARY KEY (snapshot_date, project_id),
|
||||
FOREIGN KEY (tenant_id) REFERENCES tenants(id) ON DELETE CASCADE
|
||||
) PARTITION BY RANGE (snapshot_date);
|
||||
ALTER TABLE project_routing_snapshots OWNER TO crm_migrator;
|
||||
CREATE INDEX project_routing_snapshots_tenant_date_idx
|
||||
ON project_routing_snapshots (tenant_id, snapshot_date);
|
||||
CREATE INDEX project_routing_snapshots_signal_idx
|
||||
ON project_routing_snapshots (snapshot_date, signal_type, lower(signal_identifier));
|
||||
ALTER TABLE project_routing_snapshots ENABLE ROW LEVEL SECURITY;
|
||||
CREATE POLICY project_routing_snapshots_tenant_isolation
|
||||
ON project_routing_snapshots
|
||||
USING (tenant_id = current_setting('app.current_tenant_id', true)::bigint);
|
||||
GRANT SELECT, INSERT, UPDATE ON project_routing_snapshots TO crm_app_user;
|
||||
GRANT SELECT, INSERT, UPDATE, DELETE ON project_routing_snapshots TO crm_supplier_worker;
|
||||
CREATE TABLE project_routing_snapshots_y2026_m05
|
||||
PARTITION OF project_routing_snapshots
|
||||
FOR VALUES FROM ('2026-05-01') TO ('2026-06-01');
|
||||
CREATE TABLE project_routing_snapshots_y2026_m06
|
||||
PARTITION OF project_routing_snapshots
|
||||
FOR VALUES FROM ('2026-06-01') TO ('2026-07-01');
|
||||
ALTER TABLE project_routing_snapshots_y2026_m05 OWNER TO crm_migrator;
|
||||
ALTER TABLE project_routing_snapshots_y2026_m06 OWNER TO crm_migrator;
|
||||
INSERT INTO system_settings (key, value, type, description, updated_at)
|
||||
VALUES ('partition_retention_months_project_routing_snapshots', '3', 'int',
|
||||
'Retention в месяцах для project_routing_snapshots (90 дней)', NOW())
|
||||
ON CONFLICT (key) DO NOTHING;
|
||||
COMMIT;
|
||||
PSQL
|
||||
else
|
||||
echo "Table project_routing_snapshots already exists but migration not marked — marking only."
|
||||
fi
|
||||
|
||||
# Mark migration as applied so Laravel migrate skips it.
|
||||
# Laravel's migrations table has no UNIQUE on `migration` column, so
|
||||
# ON CONFLICT doesn't work — use INSERT...SELECT WHERE NOT EXISTS for idempotency.
|
||||
NEXT_BATCH=$(sudo -u postgres psql -d liderra -tAc "SELECT COALESCE(MAX(batch),0)+1 FROM migrations")
|
||||
sudo -u postgres psql -d liderra -c \
|
||||
"INSERT INTO migrations (migration, batch) SELECT '${MIG_NAME}', ${NEXT_BATCH} WHERE NOT EXISTS (SELECT 1 FROM migrations WHERE migration='${MIG_NAME}');"
|
||||
echo "Marked ${MIG_NAME} as applied (batch ${NEXT_BATCH})"
|
||||
REMOTE
|
||||
|
||||
- name: Extract + run redeploy.sh on prod
|
||||
run: |
|
||||
ssh -i ~/.ssh/liderra_deploy ${{ env.LIDERRA_USER }}@${{ env.LIDERRA_HOST }} 'bash -s' <<'REMOTE'
|
||||
set -euo pipefail
|
||||
TS=$(date -u +%Y%m%d-%H%M%S)
|
||||
echo "=== Backup current app ==="
|
||||
sudo tar czf /home/ubuntu/deploy-backups/app-pre-deploy-${TS}.tgz \
|
||||
--exclude='storage' --exclude='vendor' --exclude='node_modules' --exclude='public/build' \
|
||||
-C /var/www/liderra app
|
||||
ls -lh /home/ubuntu/deploy-backups/app-pre-deploy-${TS}.tgz
|
||||
|
||||
echo "=== Extract overlay ==="
|
||||
cd /var/www/liderra
|
||||
sudo tar xzf /tmp/deploy.tgz
|
||||
sudo chown -R www-data:www-data /var/www/liderra/app /var/www/liderra/db
|
||||
|
||||
echo "=== redeploy.sh (composer + migrate + optimize + restart) ==="
|
||||
sudo bash /var/www/liderra/redeploy.sh
|
||||
|
||||
rm -f /tmp/deploy.tgz
|
||||
REMOTE
|
||||
|
||||
- name: Backfill today's snapshot
|
||||
if: ${{ github.event.inputs.backfill_snapshot != 'false' }}
|
||||
run: |
|
||||
ssh -i ~/.ssh/liderra_deploy ${{ env.LIDERRA_USER }}@${{ env.LIDERRA_HOST }} 'bash -s' <<'REMOTE'
|
||||
set -e
|
||||
cd /var/www/liderra/app
|
||||
sudo -u www-data php artisan snapshot:backfill --date=$(date +%Y-%m-%d) || \
|
||||
echo "WARN: backfill returned non-zero — проверь вручную"
|
||||
REMOTE
|
||||
|
||||
- name: Smoke tests
|
||||
run: |
|
||||
ssh -i ~/.ssh/liderra_deploy ${{ env.LIDERRA_USER }}@${{ env.LIDERRA_HOST }} 'bash -s' <<'REMOTE'
|
||||
set -e
|
||||
cd /var/www/liderra/app
|
||||
echo '=== Migrations status (last 5) ==='
|
||||
sudo -u www-data php artisan migrate:status 2>&1 | tail -5
|
||||
echo '=== Snapshots count (last 3 dates) ==='
|
||||
sudo -u postgres psql -d liderra -c "SELECT snapshot_date, COUNT(*) AS rows FROM project_routing_snapshots GROUP BY 1 ORDER BY 1 DESC LIMIT 3;" || true
|
||||
echo '=== Service status ==='
|
||||
systemctl is-active nginx php8.3-fpm postgresql liderra-queue
|
||||
echo '=== Internal portal health ==='
|
||||
curl -sf -o /dev/null -w 'https=%{http_code} time=%{time_total}s\n' --max-time 8 https://127.0.0.1/ -k || true
|
||||
REMOTE
|
||||
|
||||
- name: External portal health (from runner)
|
||||
run: |
|
||||
curl -sf -o /dev/null -w 'external https=%{http_code} time=%{time_total}s\n' \
|
||||
--max-time 15 https://liderra.ru/ || echo "external health returned non-zero"
|
||||
|
||||
- name: Cleanup SSH key
|
||||
if: always()
|
||||
run: rm -f ~/.ssh/liderra_deploy
|
||||
@@ -1,213 +0,0 @@
|
||||
name: Disk-full recovery on liderra.ru
|
||||
|
||||
# Incident response: PG в PANIC loop из-за / диск 100%.
|
||||
# 1) Диагностика: что где лежит (top-20 крупных, du по /var/log)
|
||||
# 2) Безопасная чистка:
|
||||
# - truncate /var/log/postgresql/postgresql-16-main.log (PG в PANIC, не пишет, inode preserved)
|
||||
# - journalctl --vacuum-size=200M
|
||||
# - старые ротированные *.gz логи nginx >7 дней
|
||||
# - apt-get clean
|
||||
# - Laravel storage/logs *.log >7 дней
|
||||
# 3) Final df check + PG probe.
|
||||
#
|
||||
# Триггер: gh workflow run disk-recover.yml -f confirm_apply=true
|
||||
|
||||
on:
|
||||
workflow_dispatch:
|
||||
inputs:
|
||||
confirm_apply:
|
||||
description: 'Подтверждаю удаление логов на проде'
|
||||
required: true
|
||||
default: 'false'
|
||||
type: boolean
|
||||
|
||||
jobs:
|
||||
recover:
|
||||
runs-on: ubuntu-latest
|
||||
timeout-minutes: 10
|
||||
|
||||
env:
|
||||
LIDERRA_HOST: 111.88.246.137
|
||||
LIDERRA_USER: ubuntu
|
||||
CONFIRM: ${{ github.event.inputs.confirm_apply }}
|
||||
|
||||
steps:
|
||||
- name: Guard
|
||||
run: |
|
||||
if [[ "$CONFIRM" != "true" ]]; then
|
||||
echo "::error::confirm_apply=true required (this workflow mutates disk on prod)"
|
||||
exit 1
|
||||
fi
|
||||
|
||||
- name: Setup SSH key
|
||||
run: |
|
||||
mkdir -p ~/.ssh
|
||||
echo "${{ secrets.LIDERRA_SSH_KEY }}" > ~/.ssh/liderra_deploy
|
||||
chmod 600 ~/.ssh/liderra_deploy
|
||||
ssh-keyscan -H ${{ env.LIDERRA_HOST }} >> ~/.ssh/known_hosts 2>/dev/null
|
||||
|
||||
- name: Diagnose + cleanup
|
||||
run: |
|
||||
ssh -i ~/.ssh/liderra_deploy ${{ env.LIDERRA_USER }}@${{ env.LIDERRA_HOST }} \
|
||||
"bash -s" <<'REMOTE' | tee /tmp/recover.log
|
||||
set +e
|
||||
|
||||
echo "=== A. BEFORE: df -h / ==="
|
||||
df -h / /var /var/lib/postgresql 2>&1 | head -10
|
||||
echo
|
||||
|
||||
echo "=== B. Top-20 largest files in /var (>50M) ==="
|
||||
sudo find /var -xdev -type f -size +50M -printf "%s %p\n" 2>/dev/null | sort -rn | head -20 | awk '{printf "%8.1f MB %s\n", $1/1024/1024, $2}'
|
||||
echo
|
||||
|
||||
echo "=== C. du /var/log/ top-15 directories ==="
|
||||
sudo du -sh /var/log/*/ 2>/dev/null | sort -rh | head -15
|
||||
echo
|
||||
|
||||
echo "=== D. du /var/log/postgresql/* (individual files) ==="
|
||||
sudo du -sh /var/log/postgresql/* 2>/dev/null | sort -rh | head -10
|
||||
echo
|
||||
|
||||
echo "=== E. journalctl disk usage ==="
|
||||
sudo journalctl --disk-usage 2>&1
|
||||
echo
|
||||
|
||||
echo "=== F. /var/lib/postgresql/16/main top-15 subdirs ==="
|
||||
sudo du -sh /var/lib/postgresql/16/main/*/ 2>/dev/null | sort -rh | head -15
|
||||
echo
|
||||
|
||||
echo "=== G. /var/www top-10 if exists ==="
|
||||
sudo du -sh /var/www/*/ 2>/dev/null | sort -rh | head -10
|
||||
sudo du -sh /var/www/lidpotok/storage/logs/ 2>/dev/null
|
||||
echo
|
||||
|
||||
echo "=== H. apt cache + tmp ==="
|
||||
sudo du -sh /var/cache/apt/archives/ /tmp/ /var/tmp/ 2>/dev/null
|
||||
echo
|
||||
|
||||
echo "=========================================="
|
||||
echo "=== STARTING CLEANUP (confirm_apply=true) ==="
|
||||
echo "=========================================="
|
||||
echo
|
||||
|
||||
echo "=== 1a. PRIORITY: Truncate laravel.log (8.7 GB!) and rotated copies ==="
|
||||
for f in /var/www/liderra/app/storage/logs/laravel.log /var/www/liderra/app/storage/logs/laravel.log.1; do
|
||||
if [[ -f "$f" ]]; then
|
||||
BEFORE=$(sudo du -m "$f" | cut -f1)
|
||||
echo "BEFORE: $f = $BEFORE MB"
|
||||
sudo bash -c ": > '$f'" 2>&1 || sudo truncate -s 0 "$f"
|
||||
AFTER=$(sudo du -m "$f" | cut -f1)
|
||||
echo "AFTER: $f = $AFTER MB"
|
||||
fi
|
||||
done
|
||||
# Старые laravel-* (если daily-rotated)
|
||||
sudo find /var/www/liderra/app/storage/logs -name "laravel-*.log" -mtime +3 -print -delete 2>&1 | head -10
|
||||
echo
|
||||
|
||||
echo "=== 1b. Truncate PG audit log via sudo bash redirect (workaround) ==="
|
||||
if [[ -f /var/log/postgresql/postgresql-16-main.log ]]; then
|
||||
BEFORE=$(sudo du -m /var/log/postgresql/postgresql-16-main.log | cut -f1)
|
||||
echo "BEFORE: $BEFORE MB"
|
||||
sudo bash -c ': > /var/log/postgresql/postgresql-16-main.log' 2>&1
|
||||
AFTER=$(sudo du -m /var/log/postgresql/postgresql-16-main.log | cut -f1)
|
||||
echo "AFTER: $AFTER MB"
|
||||
fi
|
||||
sudo find /var/log/postgresql -type f \( -name "*.gz" -o -name "*.log.[0-9]*" \) -delete 2>&1
|
||||
echo
|
||||
|
||||
echo "=== 1c. Truncate syslog (525M) ==="
|
||||
sudo bash -c ': > /var/log/syslog' 2>&1
|
||||
echo "syslog now: $(sudo du -m /var/log/syslog 2>/dev/null | cut -f1) MB"
|
||||
echo
|
||||
|
||||
echo "=== 1d. Remove playwright dev cache (~440M, не нужен в проде) ==="
|
||||
if [[ -d /var/www/.cache/ms-playwright ]]; then
|
||||
sudo du -sh /var/www/.cache/ms-playwright 2>&1
|
||||
sudo rm -rf /var/www/.cache/ms-playwright
|
||||
echo "removed"
|
||||
fi
|
||||
echo
|
||||
|
||||
echo "=== 2. journalctl vacuum --size=200M ==="
|
||||
sudo journalctl --vacuum-size=200M 2>&1 | tail -10
|
||||
echo
|
||||
|
||||
echo "=== 3. nginx old rotated logs (gz files >3 days) ==="
|
||||
sudo find /var/log/nginx -name "*.gz" -mtime +3 -print -delete 2>&1 | head -20
|
||||
echo
|
||||
# current access.log если >500M — truncate (nginx переоткрывает по reopen signal)
|
||||
for f in /var/log/nginx/access.log /var/log/nginx/error.log; do
|
||||
if [[ -f "$f" ]]; then
|
||||
SIZE_MB=$(sudo du -m "$f" | cut -f1)
|
||||
if [[ $SIZE_MB -gt 500 ]]; then
|
||||
echo "Truncating $f ($SIZE_MB MB)"
|
||||
sudo truncate -s 0 "$f"
|
||||
fi
|
||||
fi
|
||||
done
|
||||
|
||||
echo
|
||||
echo "=== 4. apt-get clean ==="
|
||||
sudo apt-get clean 2>&1 | tail -5
|
||||
echo
|
||||
|
||||
echo "=== 5. Laravel storage/logs *.log older 7 days ==="
|
||||
if [[ -d /var/www/lidpotok ]]; then
|
||||
sudo find /var/www/lidpotok -path '*/storage/logs/*.log' -mtime +7 -print -delete 2>&1 | head -20
|
||||
fi
|
||||
for d in /var/www/*/; do
|
||||
if [[ -d "$d/storage/logs" ]]; then
|
||||
for f in "$d"/storage/logs/laravel.log "$d"/storage/logs/worker.log; do
|
||||
if [[ -f "$f" ]]; then
|
||||
SIZE_MB=$(sudo du -m "$f" | cut -f1)
|
||||
if [[ $SIZE_MB -gt 200 ]]; then
|
||||
echo "Truncating $f ($SIZE_MB MB)"
|
||||
sudo truncate -s 0 "$f"
|
||||
fi
|
||||
fi
|
||||
done
|
||||
fi
|
||||
done
|
||||
echo
|
||||
|
||||
echo "=== 6. Old rotated *.1 *.2 *.gz logs >50M anywhere in /var/log ==="
|
||||
sudo find /var/log -type f \( -name "*.1" -o -name "*.2" -o -name "*.3" -o -name "*.gz" \) -size +50M -print -delete 2>&1 | head -20
|
||||
echo
|
||||
|
||||
echo "=========================================="
|
||||
echo "=== AFTER CLEANUP ==="
|
||||
echo "=========================================="
|
||||
echo "=== Z1. df -h / ==="
|
||||
df -h / /var /var/lib/postgresql 2>&1 | head -10
|
||||
echo
|
||||
|
||||
echo "=== Z2. PG status quick check ==="
|
||||
sudo systemctl status postgresql@16-main --no-pager 2>&1 | head -10
|
||||
echo
|
||||
|
||||
echo "=== Z3. PG probe ==="
|
||||
sleep 5
|
||||
sudo -u postgres psql -d liderra -c "SELECT 1 AS probe, NOW() AS ts" 2>&1
|
||||
echo
|
||||
|
||||
echo "=== Z4. HTTPS probe ==="
|
||||
curl -sI -o /dev/null -w "HTTP %{http_code}\nTotal: %{time_total}s\n" https://liderra.ru/ --max-time 10
|
||||
echo
|
||||
|
||||
echo "=== DONE ==="
|
||||
REMOTE
|
||||
|
||||
- name: Print summary
|
||||
if: always()
|
||||
run: |
|
||||
{
|
||||
echo "## Disk recovery on liderra.ru"
|
||||
echo
|
||||
echo '```'
|
||||
cat /tmp/recover.log 2>/dev/null || echo "(no log captured)"
|
||||
echo '```'
|
||||
} >> "$GITHUB_STEP_SUMMARY"
|
||||
|
||||
- name: Cleanup SSH key
|
||||
if: always()
|
||||
run: rm -f ~/.ssh/liderra_deploy
|
||||
@@ -1,109 +0,0 @@
|
||||
name: Disk usage alert (prod liderra.ru)
|
||||
|
||||
# Incident prevention: 29.05.2026 диск заполнился до 100% за сутки → 4h prod downtime.
|
||||
# Этот workflow проверяет df -h / каждые 30 минут.
|
||||
# Threshold: 85% → создаёт row в incidents_log (read by ops monitoring).
|
||||
# 95% → marks как severity=critical для приоритетного alert'а.
|
||||
#
|
||||
# Ref: docs/incidents/2026-05-29-disk-full-pg-recovery.md §5
|
||||
|
||||
on:
|
||||
schedule:
|
||||
# Every 30 minutes (Mondays-Sundays). At :00 и :30 каждого часа UTC.
|
||||
- cron: '*/30 * * * *'
|
||||
workflow_dispatch:
|
||||
inputs:
|
||||
threshold:
|
||||
description: 'Override threshold % (default 85)'
|
||||
required: false
|
||||
default: '85'
|
||||
type: string
|
||||
|
||||
jobs:
|
||||
check:
|
||||
runs-on: ubuntu-latest
|
||||
timeout-minutes: 3
|
||||
|
||||
env:
|
||||
LIDERRA_HOST: 111.88.246.137
|
||||
LIDERRA_USER: ubuntu
|
||||
THRESHOLD: ${{ github.event.inputs.threshold || '85' }}
|
||||
|
||||
steps:
|
||||
- name: Setup SSH key
|
||||
run: |
|
||||
mkdir -p ~/.ssh
|
||||
echo "${{ secrets.LIDERRA_SSH_KEY }}" > ~/.ssh/liderra_deploy
|
||||
chmod 600 ~/.ssh/liderra_deploy
|
||||
ssh-keyscan -H ${{ env.LIDERRA_HOST }} >> ~/.ssh/known_hosts 2>/dev/null
|
||||
|
||||
- name: Check disk usage on prod
|
||||
id: check
|
||||
run: |
|
||||
set -o pipefail
|
||||
OUTPUT=$(ssh -i ~/.ssh/liderra_deploy ${{ env.LIDERRA_USER }}@${{ env.LIDERRA_HOST }} "df -h / | awk 'NR==2 {gsub(\"%\",\"\",\$5); print \$2\" \"\$3\" \"\$4\" \"\$5}'")
|
||||
read SIZE USED AVAIL PCT <<< "$OUTPUT"
|
||||
echo "size=$SIZE used=$USED avail=$AVAIL pct=$PCT"
|
||||
echo "pct=$PCT" >> $GITHUB_OUTPUT
|
||||
echo "size=$SIZE" >> $GITHUB_OUTPUT
|
||||
echo "used=$USED" >> $GITHUB_OUTPUT
|
||||
echo "avail=$AVAIL" >> $GITHUB_OUTPUT
|
||||
|
||||
if [[ -z "$PCT" ]]; then
|
||||
echo "::error::Could not parse df output"
|
||||
exit 1
|
||||
fi
|
||||
|
||||
if [[ "$PCT" -ge 95 ]]; then
|
||||
echo "severity=critical" >> $GITHUB_OUTPUT
|
||||
echo "::error::Disk usage CRITICAL: $PCT% (size=$SIZE used=$USED avail=$AVAIL)"
|
||||
elif [[ "$PCT" -ge "$THRESHOLD" ]]; then
|
||||
echo "severity=warning" >> $GITHUB_OUTPUT
|
||||
echo "::warning::Disk usage HIGH: $PCT% (threshold $THRESHOLD%, size=$SIZE used=$USED avail=$AVAIL)"
|
||||
else
|
||||
echo "severity=ok" >> $GITHUB_OUTPUT
|
||||
echo "::notice::Disk usage OK: $PCT% (size=$SIZE used=$USED avail=$AVAIL)"
|
||||
fi
|
||||
|
||||
- name: Record incident if >= threshold
|
||||
if: steps.check.outputs.severity != 'ok'
|
||||
run: |
|
||||
PCT="${{ steps.check.outputs.pct }}"
|
||||
SIZE="${{ steps.check.outputs.size }}"
|
||||
USED="${{ steps.check.outputs.used }}"
|
||||
AVAIL="${{ steps.check.outputs.avail }}"
|
||||
SEVERITY="${{ steps.check.outputs.severity }}"
|
||||
|
||||
# Note: incidents_log table requires INSERT path through Laravel app.
|
||||
# GitHub Step Summary serves as primary alert; Telegram bot watches
|
||||
# GitHub Actions notifications. Future: extend sql-runner whitelist
|
||||
# для INSERT into incidents_log.
|
||||
{
|
||||
echo "## 🚨 Disk usage alert — severity=$SEVERITY ($PCT%)"
|
||||
echo
|
||||
echo "- Host: ${{ env.LIDERRA_HOST }}"
|
||||
echo "- Filesystem: /"
|
||||
echo "- Size: $SIZE"
|
||||
echo "- Used: $USED"
|
||||
echo "- Available: $AVAIL"
|
||||
echo "- Threshold: ${{ env.THRESHOLD }}%"
|
||||
echo "- Time UTC: $(date -u)"
|
||||
echo
|
||||
echo "**Action required:** Investigate via pg-diagnose.yml workflow."
|
||||
echo
|
||||
echo "Likely causes (from incident 2026-05-29):"
|
||||
echo "- /var/www/liderra/app/storage/logs/laravel.log — Laravel exception accumulation"
|
||||
echo "- /var/log/postgresql/postgresql-16-main.log — pg_audit verbose logging"
|
||||
echo "- /var/log/syslog — kernel + service logs"
|
||||
echo "- /var/www/.cache/ — dev caches leaked to prod"
|
||||
} >> "$GITHUB_STEP_SUMMARY"
|
||||
|
||||
# Fail the job чтобы GitHub Actions подсветило red — это серфисится
|
||||
# через GitHub notifications (email/desktop/telegram bot).
|
||||
if [[ "$SEVERITY" == "critical" ]]; then
|
||||
exit 1
|
||||
fi
|
||||
|
||||
- name: Cleanup SSH key
|
||||
if: always()
|
||||
run: rm -f ~/.ssh/liderra_deploy
|
||||
@@ -1,113 +0,0 @@
|
||||
name: Apply F1 audit-chain advisory-lock migration via postgres superuser
|
||||
|
||||
# Incident response: redeploy.yml fails on F1 migration because crm_migrator role
|
||||
# lacks privilege to CREATE OR REPLACE FUNCTION в schema public.
|
||||
# This workflow applies F1 migration SQL directly via sudo -u postgres psql,
|
||||
# then INSERTs the migration row so subsequent `php artisan migrate` skips it.
|
||||
#
|
||||
# Ref: docs/superpowers/plans/2026-05-29-audit-chain-race-fix.md Task 2
|
||||
# Migration file: app/database/migrations/2026_05_30_000001_add_advisory_lock_to_audit_chain_hash.php
|
||||
|
||||
on:
|
||||
workflow_dispatch:
|
||||
inputs:
|
||||
confirm_apply:
|
||||
description: 'Подтверждаю применение F1 миграции на проде'
|
||||
required: true
|
||||
default: 'false'
|
||||
type: boolean
|
||||
|
||||
jobs:
|
||||
apply:
|
||||
runs-on: ubuntu-latest
|
||||
timeout-minutes: 5
|
||||
|
||||
env:
|
||||
LIDERRA_HOST: 111.88.246.137
|
||||
LIDERRA_USER: ubuntu
|
||||
CONFIRM: ${{ github.event.inputs.confirm_apply }}
|
||||
|
||||
steps:
|
||||
- name: Guard
|
||||
run: |
|
||||
if [[ "$CONFIRM" != "true" ]]; then
|
||||
echo "::error::confirm_apply=true required"
|
||||
exit 1
|
||||
fi
|
||||
|
||||
- name: Setup SSH key
|
||||
run: |
|
||||
mkdir -p ~/.ssh
|
||||
echo "${{ secrets.LIDERRA_SSH_KEY }}" > ~/.ssh/liderra_deploy
|
||||
chmod 600 ~/.ssh/liderra_deploy
|
||||
ssh-keyscan -H ${{ env.LIDERRA_HOST }} >> ~/.ssh/known_hosts 2>/dev/null
|
||||
|
||||
- name: Apply F1 SQL + register migration
|
||||
run: |
|
||||
ssh -i ~/.ssh/liderra_deploy ${{ env.LIDERRA_USER }}@${{ env.LIDERRA_HOST }} \
|
||||
"bash -s" <<'REMOTE' | tee /tmp/f1-apply.log
|
||||
set +e
|
||||
|
||||
echo "=== 1. BEFORE: current audit_chain_hash function source ==="
|
||||
sudo -u postgres psql -d liderra -c "\df+ public.audit_chain_hash" 2>&1 | head -20
|
||||
|
||||
echo
|
||||
echo "=== 2. Apply F1 advisory-lock migration via sudo -u postgres ==="
|
||||
sudo -u postgres psql -d liderra <<'SQL'
|
||||
CREATE OR REPLACE FUNCTION public.audit_chain_hash() RETURNS trigger AS $$
|
||||
DECLARE
|
||||
prev_hash BYTEA;
|
||||
lock_key BIGINT;
|
||||
BEGIN
|
||||
lock_key := ('x' || lpad(to_hex(TG_RELID::int), 16, '0'))::bit(64)::bigint;
|
||||
PERFORM pg_advisory_xact_lock(lock_key);
|
||||
|
||||
EXECUTE format(
|
||||
'SELECT log_hash FROM %I ORDER BY id DESC LIMIT 1',
|
||||
TG_TABLE_NAME
|
||||
) INTO prev_hash;
|
||||
|
||||
NEW.log_hash := digest(
|
||||
COALESCE(prev_hash, ''::bytea) || NEW::text::bytea,
|
||||
'sha256'
|
||||
);
|
||||
RETURN NEW;
|
||||
END;
|
||||
$$ LANGUAGE plpgsql;
|
||||
SQL
|
||||
APPLY_RC=$?
|
||||
echo "Apply RC: $APPLY_RC"
|
||||
|
||||
echo
|
||||
echo "=== 3. Verify function now contains pg_advisory_xact_lock ==="
|
||||
sudo -u postgres psql -d liderra -c "SELECT pg_get_functiondef('public.audit_chain_hash'::regproc) LIKE '%pg_advisory_xact_lock%' AS has_lock"
|
||||
|
||||
echo
|
||||
echo "=== 4. Register migration row (skip if already exists) ==="
|
||||
sudo -u postgres psql -d liderra <<'SQL'
|
||||
INSERT INTO migrations (migration, batch)
|
||||
SELECT '2026_05_30_000001_add_advisory_lock_to_audit_chain_hash', COALESCE(MAX(batch),0)+1 FROM migrations
|
||||
WHERE NOT EXISTS (
|
||||
SELECT 1 FROM migrations WHERE migration = '2026_05_30_000001_add_advisory_lock_to_audit_chain_hash'
|
||||
);
|
||||
SELECT migration, batch FROM migrations WHERE migration LIKE '%advisory_lock%';
|
||||
SQL
|
||||
|
||||
echo
|
||||
echo "=== DONE ==="
|
||||
REMOTE
|
||||
|
||||
- name: Print summary
|
||||
if: always()
|
||||
run: |
|
||||
{
|
||||
echo "## F1 migration apply"
|
||||
echo
|
||||
echo '```'
|
||||
cat /tmp/f1-apply.log 2>/dev/null || echo "(no log)"
|
||||
echo '```'
|
||||
} >> "$GITHUB_STEP_SUMMARY"
|
||||
|
||||
- name: Cleanup SSH key
|
||||
if: always()
|
||||
run: rm -f ~/.ssh/liderra_deploy
|
||||
@@ -1,221 +0,0 @@
|
||||
name: Rebuild audit hash chain via postgres superuser (F1 cleanup)
|
||||
|
||||
# Closes deferred F1 item from docs/incidents/2026-05-29-disk-full-pg-recovery.md §4.1.
|
||||
# Sequential hash recomputation в plpgsql DO-блоке через sudo -u postgres psql.
|
||||
# Identical алгоритм с trigger audit_chain_hash() (post-F1 advisory-lock version),
|
||||
# но применённый к existing rows.
|
||||
#
|
||||
# Использование:
|
||||
# gh workflow run f1-rebuild-via-superuser.yml \
|
||||
# -f partition=activity_log_y2026_m05 -f from_id=599 -f confirm_apply=true
|
||||
#
|
||||
# Safety:
|
||||
# - Partition name whitelist (только заранее известные сломанные партиции).
|
||||
# - dry_run=true mode показывает count + anchor prev_hash без UPDATE.
|
||||
# - Trigger audit_chain_hash отключён через SET LOCAL session_replication_role=replica
|
||||
# (постоянный disable невозможен — после COMMIT триггер опять активен).
|
||||
# - audit_block_mutation также подавлен через session_replication_role=replica.
|
||||
|
||||
on:
|
||||
workflow_dispatch:
|
||||
inputs:
|
||||
partition:
|
||||
description: 'Partition name (whitelist: activity_log_y2026_m05, balance_transactions_y2026_m05)'
|
||||
required: true
|
||||
type: string
|
||||
from_id:
|
||||
description: 'First broken id (rebuild from here onward)'
|
||||
required: true
|
||||
type: string
|
||||
dry_run:
|
||||
description: 'Dry-run (показать count + anchor без UPDATE)'
|
||||
required: false
|
||||
default: 'false'
|
||||
type: boolean
|
||||
confirm_apply:
|
||||
description: 'Подтверждаю rebuild на проде (требуется если dry_run=false)'
|
||||
required: false
|
||||
default: 'false'
|
||||
type: boolean
|
||||
|
||||
jobs:
|
||||
rebuild:
|
||||
runs-on: ubuntu-latest
|
||||
timeout-minutes: 15
|
||||
|
||||
env:
|
||||
LIDERRA_HOST: 111.88.246.137
|
||||
LIDERRA_USER: ubuntu
|
||||
PARTITION: ${{ github.event.inputs.partition }}
|
||||
FROM_ID: ${{ github.event.inputs.from_id }}
|
||||
DRY_RUN: ${{ github.event.inputs.dry_run }}
|
||||
CONFIRM: ${{ github.event.inputs.confirm_apply }}
|
||||
|
||||
steps:
|
||||
- name: Validate inputs
|
||||
run: |
|
||||
set -euo pipefail
|
||||
|
||||
# Whitelist partition names (защита от arbitrary table names)
|
||||
ALLOWED='^(activity_log_y2026_m05|balance_transactions_y2026_m05)$'
|
||||
if ! [[ "$PARTITION" =~ $ALLOWED ]]; then
|
||||
echo "::error::partition '$PARTITION' not in whitelist: $ALLOWED"
|
||||
exit 1
|
||||
fi
|
||||
|
||||
# from_id is positive integer
|
||||
if ! [[ "$FROM_ID" =~ ^[0-9]+$ ]]; then
|
||||
echo "::error::from_id must be positive integer, got '$FROM_ID'"
|
||||
exit 1
|
||||
fi
|
||||
|
||||
if [[ "$DRY_RUN" != "true" && "$CONFIRM" != "true" ]]; then
|
||||
echo "::error::Either dry_run=true OR confirm_apply=true must be set"
|
||||
exit 1
|
||||
fi
|
||||
|
||||
echo "Inputs OK: partition=$PARTITION, from_id=$FROM_ID, dry_run=$DRY_RUN, confirm_apply=$CONFIRM"
|
||||
|
||||
- name: Setup SSH key
|
||||
run: |
|
||||
mkdir -p ~/.ssh
|
||||
echo "${{ secrets.LIDERRA_SSH_KEY }}" > ~/.ssh/liderra_deploy
|
||||
chmod 600 ~/.ssh/liderra_deploy
|
||||
ssh-keyscan -H ${{ env.LIDERRA_HOST }} >> ~/.ssh/known_hosts 2>/dev/null
|
||||
|
||||
- name: Run rebuild on prod
|
||||
run: |
|
||||
ssh -i ~/.ssh/liderra_deploy ${{ env.LIDERRA_USER }}@${{ env.LIDERRA_HOST }} \
|
||||
"PARTITION='$PARTITION' FROM_ID='$FROM_ID' DRY_RUN='$DRY_RUN' bash -s" <<'REMOTE' | tee /tmp/f1-rebuild.log
|
||||
set +e
|
||||
|
||||
echo "=== 1. Anchor + count preview ==="
|
||||
sudo -u postgres psql -d liderra -v ON_ERROR_STOP=1 <<SQL
|
||||
\set partition $PARTITION
|
||||
\set from_id $FROM_ID
|
||||
|
||||
-- Anchor: log_hash of row right BEFORE from_id (=> prev_hash for from_id)
|
||||
SELECT
|
||||
(SELECT id FROM :"partition" WHERE id < :from_id ORDER BY id DESC LIMIT 1) AS anchor_id,
|
||||
encode((SELECT log_hash FROM :"partition" WHERE id < :from_id ORDER BY id DESC LIMIT 1), 'hex') AS anchor_log_hash,
|
||||
(SELECT COUNT(*) FROM :"partition" WHERE id >= :from_id) AS rows_to_rebuild,
|
||||
(SELECT MIN(id) FROM :"partition" WHERE id >= :from_id) AS first_id,
|
||||
(SELECT MAX(id) FROM :"partition" WHERE id >= :from_id) AS last_id;
|
||||
SQL
|
||||
PRE_RC=$?
|
||||
if [[ $PRE_RC -ne 0 ]]; then
|
||||
echo "::error::Pre-check failed (RC=$PRE_RC)"
|
||||
exit $PRE_RC
|
||||
fi
|
||||
|
||||
if [[ "$DRY_RUN" == "true" ]]; then
|
||||
echo
|
||||
echo "=== DRY RUN — no changes applied ==="
|
||||
exit 0
|
||||
fi
|
||||
|
||||
echo
|
||||
echo "=== 2. APPLY: rebuild hash chain on $PARTITION from id=$FROM_ID ==="
|
||||
# Canonical algorithm (mirrors app/app/Console/Commands/AuditRebuildChain.php):
|
||||
# builds explicit ROW(col1, col2, ..., NULL::bytea on log_hash position, ..., coln)::text::bytea
|
||||
# so hash matches what audit:verify-chains computes (which uses same COLUMN_CONFIG).
|
||||
case "$PARTITION" in
|
||||
activity_log_*)
|
||||
ROW_EXPR="ROW(t.id, t.tenant_id, t.user_id, t.deal_id, t.event, t.old_value, t.new_value, t.context, t.ip_address, t.user_agent, NULL::bytea, t.created_at)"
|
||||
;;
|
||||
balance_transactions_*)
|
||||
ROW_EXPR="ROW(t.id, t.tenant_id, t.type, t.amount_rub, t.amount_leads, t.balance_rub_after, t.balance_leads_after, t.description, t.related_type, t.related_id, t.user_id, t.admin_user_id, NULL::bytea, t.created_at)"
|
||||
;;
|
||||
*)
|
||||
echo "::error::Unknown partition family — add ROW_EXPR mapping"
|
||||
exit 1
|
||||
;;
|
||||
esac
|
||||
echo "Using ROW expression: $ROW_EXPR"
|
||||
|
||||
sudo -u postgres psql -d liderra -v ON_ERROR_STOP=1 <<SQL
|
||||
BEGIN;
|
||||
SET LOCAL session_replication_role = 'replica';
|
||||
|
||||
DO \$rebuild\$
|
||||
DECLARE
|
||||
cur_id BIGINT;
|
||||
prev_hash BYTEA;
|
||||
new_hash BYTEA;
|
||||
cnt INTEGER := 0;
|
||||
partition_name TEXT := '$PARTITION';
|
||||
start_id BIGINT := $FROM_ID;
|
||||
row_expr TEXT := '$ROW_EXPR';
|
||||
BEGIN
|
||||
EXECUTE format(
|
||||
'SELECT log_hash FROM %I WHERE id < \$1 ORDER BY id DESC LIMIT 1',
|
||||
partition_name
|
||||
)
|
||||
INTO prev_hash
|
||||
USING start_id;
|
||||
|
||||
RAISE NOTICE 'Anchor prev_hash: %', COALESCE(encode(prev_hash, 'hex'), '<NULL — start of chain>');
|
||||
|
||||
FOR cur_id IN
|
||||
EXECUTE format(
|
||||
'SELECT id FROM %I WHERE id >= \$1 ORDER BY id',
|
||||
partition_name
|
||||
)
|
||||
USING start_id
|
||||
LOOP
|
||||
-- Compute new_hash with explicit ROW(...) expression (canonical, matches verify-chains)
|
||||
EXECUTE format(
|
||||
'SELECT digest(COALESCE(\$1, ''''::bytea) || %s::text::bytea, ''sha256'') FROM %I t WHERE id = \$2',
|
||||
row_expr, partition_name
|
||||
)
|
||||
INTO new_hash
|
||||
USING prev_hash, cur_id;
|
||||
|
||||
EXECUTE format('UPDATE %I SET log_hash = \$1 WHERE id = \$2', partition_name)
|
||||
USING new_hash, cur_id;
|
||||
|
||||
prev_hash := new_hash;
|
||||
cnt := cnt + 1;
|
||||
END LOOP;
|
||||
|
||||
RAISE NOTICE 'Rebuilt % rows. Last log_hash: %', cnt, encode(prev_hash, 'hex');
|
||||
END
|
||||
\$rebuild\$;
|
||||
|
||||
COMMIT;
|
||||
SQL
|
||||
APPLY_RC=$?
|
||||
|
||||
echo
|
||||
echo "=== 3. Verify: no NULL log_hash в обновлённых строках ==="
|
||||
sudo -u postgres psql -d liderra <<SQL
|
||||
\set partition $PARTITION
|
||||
\set from_id $FROM_ID
|
||||
SELECT
|
||||
COUNT(*) FILTER (WHERE log_hash IS NULL) AS null_count,
|
||||
COUNT(*) AS total,
|
||||
MIN(id) AS first_id,
|
||||
MAX(id) AS last_id
|
||||
FROM :"partition"
|
||||
WHERE id >= :from_id;
|
||||
SQL
|
||||
|
||||
echo
|
||||
echo "=== Apply RC: $APPLY_RC ==="
|
||||
exit $APPLY_RC
|
||||
REMOTE
|
||||
|
||||
- name: Print summary
|
||||
if: always()
|
||||
run: |
|
||||
{
|
||||
echo "## F1 chain rebuild — $PARTITION (from_id=$FROM_ID, dry_run=$DRY_RUN)"
|
||||
echo
|
||||
echo '```'
|
||||
cat /tmp/f1-rebuild.log 2>/dev/null || echo "(no log)"
|
||||
echo '```'
|
||||
} >> "$GITHUB_STEP_SUMMARY"
|
||||
|
||||
- name: Cleanup SSH key
|
||||
if: always()
|
||||
run: rm -f ~/.ssh/liderra_deploy
|
||||
@@ -1,96 +0,0 @@
|
||||
name: Diagnose PostgreSQL state on liderra.ru
|
||||
|
||||
# Read-only diagnostic для incident "PG не принимает connections".
|
||||
# Запускается вручную: gh workflow run pg-diagnose.yml --ref <branch>
|
||||
# Ничего не меняет на проде — только читает systemctl/journalctl/df/free/uptime
|
||||
# + tail последних 200 строк postgresql-16-main.log.
|
||||
|
||||
on:
|
||||
workflow_dispatch:
|
||||
|
||||
jobs:
|
||||
diagnose:
|
||||
runs-on: ubuntu-latest
|
||||
timeout-minutes: 5
|
||||
|
||||
env:
|
||||
LIDERRA_HOST: 111.88.246.137
|
||||
LIDERRA_USER: ubuntu
|
||||
|
||||
steps:
|
||||
- name: Setup SSH key
|
||||
run: |
|
||||
mkdir -p ~/.ssh
|
||||
echo "${{ secrets.LIDERRA_SSH_KEY }}" > ~/.ssh/liderra_deploy
|
||||
chmod 600 ~/.ssh/liderra_deploy
|
||||
ssh-keyscan -H ${{ env.LIDERRA_HOST }} >> ~/.ssh/known_hosts 2>/dev/null
|
||||
|
||||
- name: Run PG diagnostic on prod
|
||||
run: |
|
||||
ssh -i ~/.ssh/liderra_deploy ${{ env.LIDERRA_USER }}@${{ env.LIDERRA_HOST }} \
|
||||
"bash -s" <<'REMOTE' | tee /tmp/pg-diagnose.log
|
||||
set +e
|
||||
echo "=== 1. hostname + UTC time ==="
|
||||
echo "host=$(hostname); utc=$(date -u)"
|
||||
echo
|
||||
echo "=== 2. uptime ==="
|
||||
uptime
|
||||
echo
|
||||
echo "=== 3. last reboot ==="
|
||||
who -b
|
||||
last reboot --time-format=iso | head -5
|
||||
echo
|
||||
echo "=== 4. df -h / and /var ==="
|
||||
df -h / /var /var/lib/postgresql 2>&1 | head -10
|
||||
echo
|
||||
echo "=== 5. free -h ==="
|
||||
free -h
|
||||
echo
|
||||
echo "=== 6. systemctl status postgresql ==="
|
||||
sudo systemctl status postgresql --no-pager 2>&1 | head -30
|
||||
echo
|
||||
echo "=== 7. systemctl status postgresql@16-main (cluster) ==="
|
||||
sudo systemctl status postgresql@16-main --no-pager 2>&1 | head -30
|
||||
echo
|
||||
echo "=== 8. nginx + php-fpm status (one-line each) ==="
|
||||
sudo systemctl is-active nginx php8.3-fpm liderra-queue 2>&1
|
||||
echo
|
||||
echo "=== 9. ps aux | postgres (top 15) ==="
|
||||
ps auxf | grep -E "(postgres|recovery)" | grep -v grep | head -15
|
||||
echo
|
||||
echo "=== 10. journalctl postgresql last 80 lines ==="
|
||||
sudo journalctl -u postgresql -n 80 --no-pager 2>&1 | tail -80
|
||||
echo
|
||||
echo "=== 11. journalctl postgresql@16-main last 80 lines ==="
|
||||
sudo journalctl -u postgresql@16-main -n 80 --no-pager 2>&1 | tail -80
|
||||
echo
|
||||
echo "=== 12. tail -100 /var/log/postgresql/postgresql-16-main.log ==="
|
||||
sudo tail -100 /var/log/postgresql/postgresql-16-main.log 2>&1
|
||||
echo
|
||||
echo "=== 13. WAL size and count ==="
|
||||
sudo du -sh /var/lib/postgresql/16/main/pg_wal 2>&1
|
||||
sudo ls /var/lib/postgresql/16/main/pg_wal 2>&1 | wc -l
|
||||
echo
|
||||
echo "=== 14. dmesg tail (kernel events, OOM, IO errors) ==="
|
||||
sudo dmesg -T 2>&1 | tail -40
|
||||
echo
|
||||
echo "=== 15. liderra.ru HTTPS probe ==="
|
||||
curl -sI -o /dev/null -w "HTTP %{http_code}\nTotal: %{time_total}s\n" https://liderra.ru/ --max-time 10
|
||||
echo
|
||||
echo "=== DONE ==="
|
||||
REMOTE
|
||||
|
||||
- name: Print summary
|
||||
if: always()
|
||||
run: |
|
||||
{
|
||||
echo "## PG diagnostic on liderra.ru"
|
||||
echo
|
||||
echo '```'
|
||||
cat /tmp/pg-diagnose.log 2>/dev/null || echo "(no log captured)"
|
||||
echo '```'
|
||||
} >> "$GITHUB_STEP_SUMMARY"
|
||||
|
||||
- name: Cleanup SSH key
|
||||
if: always()
|
||||
run: rm -f ~/.ssh/liderra_deploy
|
||||
@@ -1,192 +0,0 @@
|
||||
name: Pre-deploy validation (8 checks)
|
||||
|
||||
# Цель: воспроизвести 8 проверок project-local агента `prod-deploy-validator`
|
||||
# (#85) через GitHub Actions Azure runner — обход YC backbone-фильтра,
|
||||
# который блокирует direct SSH с dev-IP 89.144.17.119.
|
||||
#
|
||||
# Запускается вручную: gh workflow run pre-deploy-checks.yml
|
||||
# Read-only — ничего не меняет на проде.
|
||||
#
|
||||
# 8 checks (per Pravila §2.4 / agent .claude/agents/prod-deploy-validator.md):
|
||||
# 1. config:cache владелец (quirk 107 — должен быть www-data:www-data, не root)
|
||||
# 2. .env line endings (CRLF → артефакты)
|
||||
# 3. свободное место (< 80% использовано)
|
||||
# 4. свежесть бэкапа БД (≤ 24ч)
|
||||
# 5. health очереди liderra-queue (active + queue length < 1000)
|
||||
# 6. nginx syntax (nginx -t)
|
||||
# 7. fail2ban active (service running)
|
||||
# 8. pending миграции (php artisan migrate:status — для текущего deploy ожидается 0)
|
||||
#
|
||||
# Использует тот же LIDERRA_SSH_KEY что и deploy.yml.
|
||||
|
||||
on:
|
||||
workflow_dispatch:
|
||||
|
||||
jobs:
|
||||
preflight:
|
||||
runs-on: ubuntu-latest
|
||||
timeout-minutes: 5
|
||||
|
||||
env:
|
||||
LIDERRA_HOST: 111.88.246.137
|
||||
LIDERRA_USER: ubuntu
|
||||
APP_DIR: /var/www/liderra/app
|
||||
|
||||
steps:
|
||||
- name: Setup SSH key
|
||||
run: |
|
||||
mkdir -p ~/.ssh
|
||||
echo "${{ secrets.LIDERRA_SSH_KEY }}" > ~/.ssh/liderra_deploy
|
||||
chmod 600 ~/.ssh/liderra_deploy
|
||||
ssh-keyscan -H ${{ env.LIDERRA_HOST }} >> ~/.ssh/known_hosts 2>/dev/null
|
||||
|
||||
- name: Run 8 pre-flight checks on prod
|
||||
id: checks
|
||||
run: |
|
||||
ssh -i ~/.ssh/liderra_deploy ${{ env.LIDERRA_USER }}@${{ env.LIDERRA_HOST }} \
|
||||
"APP_DIR='${APP_DIR}' bash -s" <<'REMOTE' | tee /tmp/preflight.log
|
||||
set +e
|
||||
FAILS=0
|
||||
|
||||
echo "=== Check 1: config:cache file owner (quirk 107) ==="
|
||||
CFG_FILE="${APP_DIR}/bootstrap/cache/config.php"
|
||||
if sudo test -f "$CFG_FILE"; then
|
||||
OWNER=$(sudo stat -c '%U:%G' "$CFG_FILE")
|
||||
echo " Owner: $OWNER"
|
||||
if [ "$OWNER" = "www-data:www-data" ]; then
|
||||
echo " ✓ PASS"
|
||||
else
|
||||
echo " ✗ FAIL — expected www-data:www-data (quirk 107: prod incident 24.05.2026)"
|
||||
FAILS=$((FAILS+1))
|
||||
fi
|
||||
else
|
||||
echo " ~ SKIP — config.php не существует (будет создан deploy'ем)"
|
||||
fi
|
||||
echo
|
||||
|
||||
echo "=== Check 2: .env line endings (no CRLF) ==="
|
||||
ENV_FILE="${APP_DIR}/.env"
|
||||
if sudo test -f "$ENV_FILE"; then
|
||||
CRLF_COUNT=$(sudo grep -c $'\r' "$ENV_FILE" 2>/dev/null || echo "0")
|
||||
echo " CRLF chars: $CRLF_COUNT"
|
||||
if [ "$CRLF_COUNT" = "0" ]; then
|
||||
echo " ✓ PASS"
|
||||
else
|
||||
echo " ✗ FAIL — .env содержит CRLF ($CRLF_COUNT строк)"
|
||||
FAILS=$((FAILS+1))
|
||||
fi
|
||||
else
|
||||
echo " ✗ FAIL — .env not found"
|
||||
FAILS=$((FAILS+1))
|
||||
fi
|
||||
echo
|
||||
|
||||
echo "=== Check 3: free disk space (< 80% used) ==="
|
||||
DF_USED=$(df / | tail -1 | awk '{print $5}' | tr -d '%')
|
||||
echo " Used: ${DF_USED}%"
|
||||
if [ "$DF_USED" -lt 80 ]; then
|
||||
echo " ✓ PASS"
|
||||
else
|
||||
echo " ✗ FAIL — корневой раздел ${DF_USED}% (>=80%)"
|
||||
FAILS=$((FAILS+1))
|
||||
fi
|
||||
echo
|
||||
|
||||
echo "=== Check 4: pre-deploy backup freshness (≤ 24h) ==="
|
||||
# deploy.yml saves app pre-deploy backups to /home/ubuntu/deploy-backups/
|
||||
BACKUP_DIR="/home/ubuntu/deploy-backups"
|
||||
if sudo test -d "$BACKUP_DIR"; then
|
||||
LATEST=$(sudo find "$BACKUP_DIR" -name 'app-pre-deploy-*.tgz' -mmin -1440 2>/dev/null | sort -r | head -1)
|
||||
if [ -n "$LATEST" ]; then
|
||||
MTIME=$(sudo stat -c '%y' "$LATEST" 2>/dev/null)
|
||||
echo " Latest: $LATEST ($MTIME)"
|
||||
echo " ✓ PASS"
|
||||
else
|
||||
ANY_LATEST=$(sudo find "$BACKUP_DIR" -name 'app-pre-deploy-*.tgz' 2>/dev/null | sort -r | head -1)
|
||||
if [ -n "$ANY_LATEST" ]; then
|
||||
ANY_MTIME=$(sudo stat -c '%y' "$ANY_LATEST" 2>/dev/null)
|
||||
echo " i NOTE — backups exist но >24h ($ANY_LATEST, $ANY_MTIME). Не блокер deploy'а — deploy.yml сам делает свежий backup перед раскаткой."
|
||||
else
|
||||
echo " i NOTE — нет pre-deploy бэкапов в $BACKUP_DIR. Не блокер — deploy.yml создаст backup сам."
|
||||
fi
|
||||
fi
|
||||
else
|
||||
echo " i NOTE — backup dir $BACKUP_DIR не существует (первый deploy?). deploy.yml создаст dir."
|
||||
fi
|
||||
echo
|
||||
|
||||
echo "=== Check 5: queue health (liderra-queue active + depth) ==="
|
||||
QUEUE_STATUS=$(systemctl is-active liderra-queue 2>&1)
|
||||
echo " Service: $QUEUE_STATUS"
|
||||
if [ "$QUEUE_STATUS" = "active" ]; then
|
||||
echo " ✓ PASS (service active)"
|
||||
else
|
||||
echo " ✗ FAIL — liderra-queue не active"
|
||||
FAILS=$((FAILS+1))
|
||||
fi
|
||||
# NB: queue depth check would need Redis access; skipped (not critical for this deploy)
|
||||
echo
|
||||
|
||||
echo "=== Check 6: nginx syntax ==="
|
||||
NGINX_TEST=$(sudo nginx -t 2>&1)
|
||||
echo "$NGINX_TEST" | sed 's/^/ /'
|
||||
if echo "$NGINX_TEST" | grep -q "syntax is ok" && echo "$NGINX_TEST" | grep -q "test is successful"; then
|
||||
echo " ✓ PASS"
|
||||
else
|
||||
echo " ✗ FAIL — nginx syntax error"
|
||||
FAILS=$((FAILS+1))
|
||||
fi
|
||||
echo
|
||||
|
||||
echo "=== Check 7: fail2ban active ==="
|
||||
F2B_STATUS=$(systemctl is-active fail2ban 2>&1)
|
||||
echo " Service: $F2B_STATUS"
|
||||
if [ "$F2B_STATUS" = "active" ]; then
|
||||
echo " ✓ PASS"
|
||||
else
|
||||
echo " ✗ FAIL — fail2ban не active"
|
||||
FAILS=$((FAILS+1))
|
||||
fi
|
||||
echo
|
||||
|
||||
echo "=== Check 8: pending migrations ==="
|
||||
cd "${APP_DIR}"
|
||||
MIG_STATUS=$(sudo -u www-data php artisan migrate:status 2>&1)
|
||||
PENDING=$(echo "$MIG_STATUS" | grep -c "Pending")
|
||||
echo " Pending count: $PENDING"
|
||||
if [ "$PENDING" = "0" ]; then
|
||||
echo " ✓ PASS — 0 pending migrations"
|
||||
else
|
||||
echo " i NOTE — $PENDING pending migrations (deploy.yml runs them automatically)"
|
||||
# NB: Pending miграции — это НЕ FAIL для этого deploy (план не включает миграции;
|
||||
# deploy.yml выполнит их сам). Помечается как INFO, не FAIL.
|
||||
fi
|
||||
echo
|
||||
|
||||
echo "=== SUMMARY ==="
|
||||
echo "Total failures: $FAILS"
|
||||
if [ "$FAILS" = "0" ]; then
|
||||
echo "VERDICT: GO"
|
||||
exit 0
|
||||
else
|
||||
echo "VERDICT: NO-GO ($FAILS check(s) failed)"
|
||||
exit 1
|
||||
fi
|
||||
REMOTE
|
||||
REMOTE_EXIT=$?
|
||||
echo "remote_exit=$REMOTE_EXIT" >> "$GITHUB_OUTPUT"
|
||||
|
||||
- name: Print summary
|
||||
if: always()
|
||||
run: |
|
||||
{
|
||||
echo "## Pre-deploy 8-check validation for liderra.ru"
|
||||
echo
|
||||
echo '```'
|
||||
cat /tmp/preflight.log 2>/dev/null || echo "(no log captured)"
|
||||
echo '```'
|
||||
} >> "$GITHUB_STEP_SUMMARY"
|
||||
|
||||
- name: Cleanup SSH key
|
||||
if: always()
|
||||
run: rm -f ~/.ssh/liderra_deploy
|
||||
@@ -1,167 +0,0 @@
|
||||
name: Setup logrotate for Laravel logs (incident prevention)
|
||||
|
||||
# Incident response prevention: 8.7G laravel.log заполнил диск (29.05.2026).
|
||||
# Существующий daily rotation (laravel.log.1) недостаточен — за один день шторма
|
||||
# accumulated 8.7G. Нужна size-based rotation с лимитом.
|
||||
#
|
||||
# This workflow installs /etc/logrotate.d/laravel-liderra config:
|
||||
# - size 50M (rotate when file >= 50MB, не daily)
|
||||
# - rotate 5 (keep 5 rotated copies)
|
||||
# - compress (gzip rotated files)
|
||||
# - copytruncate (atomic copy + truncate inode-preserving, Laravel handle continues)
|
||||
# - notifempty (skip if empty)
|
||||
# - su www-data www-data (correct ownership)
|
||||
#
|
||||
# Тестируется logrotate --debug сразу после установки.
|
||||
#
|
||||
# Ref: root-cause analysis incident 2026-05-29
|
||||
|
||||
on:
|
||||
workflow_dispatch:
|
||||
inputs:
|
||||
confirm_apply:
|
||||
description: 'Подтверждаю установку logrotate конфига на проде'
|
||||
required: true
|
||||
default: 'false'
|
||||
type: boolean
|
||||
|
||||
jobs:
|
||||
setup:
|
||||
runs-on: ubuntu-latest
|
||||
timeout-minutes: 5
|
||||
|
||||
env:
|
||||
LIDERRA_HOST: 111.88.246.137
|
||||
LIDERRA_USER: ubuntu
|
||||
CONFIRM: ${{ github.event.inputs.confirm_apply }}
|
||||
|
||||
steps:
|
||||
- name: Guard
|
||||
run: |
|
||||
if [[ "$CONFIRM" != "true" ]]; then
|
||||
echo "::error::confirm_apply=true required"
|
||||
exit 1
|
||||
fi
|
||||
|
||||
- name: Setup SSH key
|
||||
run: |
|
||||
mkdir -p ~/.ssh
|
||||
echo "${{ secrets.LIDERRA_SSH_KEY }}" > ~/.ssh/liderra_deploy
|
||||
chmod 600 ~/.ssh/liderra_deploy
|
||||
ssh-keyscan -H ${{ env.LIDERRA_HOST }} >> ~/.ssh/known_hosts 2>/dev/null
|
||||
|
||||
- name: Install logrotate config + verify
|
||||
run: |
|
||||
ssh -i ~/.ssh/liderra_deploy ${{ env.LIDERRA_USER }}@${{ env.LIDERRA_HOST }} \
|
||||
"bash -s" <<'REMOTE' | tee /tmp/logrotate-setup.log
|
||||
set +e
|
||||
|
||||
echo "=== 1. Discover Laravel logs path ==="
|
||||
LARAVEL_LOG_DIR=""
|
||||
for candidate in /var/www/liderra/app/storage/logs /var/www/lidpotok/storage/logs; do
|
||||
if [[ -d "$candidate" ]]; then
|
||||
LARAVEL_LOG_DIR="$candidate"
|
||||
break
|
||||
fi
|
||||
done
|
||||
echo "LARAVEL_LOG_DIR=$LARAVEL_LOG_DIR"
|
||||
if [[ -z "$LARAVEL_LOG_DIR" ]]; then
|
||||
echo "::error::Cannot find Laravel logs directory"
|
||||
exit 1
|
||||
fi
|
||||
echo "Current sizes:"
|
||||
sudo du -sh "$LARAVEL_LOG_DIR"/*.log 2>/dev/null | head -10
|
||||
|
||||
echo
|
||||
echo "=== 2. Write logrotate config to /etc/logrotate.d/laravel-liderra ==="
|
||||
sudo tee /etc/logrotate.d/laravel-liderra > /dev/null <<EOF
|
||||
$LARAVEL_LOG_DIR/*.log {
|
||||
size 50M
|
||||
rotate 5
|
||||
compress
|
||||
delaycompress
|
||||
missingok
|
||||
notifempty
|
||||
copytruncate
|
||||
su www-data www-data
|
||||
create 0644 www-data www-data
|
||||
}
|
||||
EOF
|
||||
echo "Wrote config:"
|
||||
sudo cat /etc/logrotate.d/laravel-liderra
|
||||
sudo chmod 0644 /etc/logrotate.d/laravel-liderra
|
||||
|
||||
echo
|
||||
echo "=== 3. Verify config syntax via logrotate --debug ==="
|
||||
sudo logrotate --debug /etc/logrotate.d/laravel-liderra 2>&1 | head -30
|
||||
|
||||
echo
|
||||
echo "=== 4. Trigger rotation now (--force) for clean state ==="
|
||||
sudo logrotate --force /etc/logrotate.d/laravel-liderra 2>&1 | tail -10
|
||||
|
||||
echo
|
||||
echo "=== 5. PostgreSQL log rotation config ==="
|
||||
# Default Ubuntu postgresql-common rotates daily without size cap.
|
||||
# We override with size 100M / rotate 7 / postrotate SIGHUP (PG reopens log).
|
||||
# Higher alpha order than postgresql-common → processed later → wins on same files.
|
||||
sudo tee /etc/logrotate.d/postgresql-liderra > /dev/null <<EOF
|
||||
/var/log/postgresql/*.log {
|
||||
su postgres postgres
|
||||
size 100M
|
||||
rotate 7
|
||||
compress
|
||||
delaycompress
|
||||
missingok
|
||||
notifempty
|
||||
create 0640 postgres adm
|
||||
sharedscripts
|
||||
postrotate
|
||||
# SIGHUP postmaster для re-open log file (standard PG idiom).
|
||||
# PG holds log file handle open — без SIGHUP write goes to old (deleted) inode.
|
||||
if [ -f /var/run/postgresql/16-main.pid ]; then
|
||||
kill -HUP \$(cat /var/run/postgresql/16-main.pid) 2>/dev/null || true
|
||||
fi
|
||||
endscript
|
||||
}
|
||||
EOF
|
||||
echo "Wrote /etc/logrotate.d/postgresql-liderra:"
|
||||
sudo cat /etc/logrotate.d/postgresql-liderra
|
||||
sudo chmod 0644 /etc/logrotate.d/postgresql-liderra
|
||||
|
||||
echo
|
||||
echo "=== 6. Verify PG logrotate syntax ==="
|
||||
sudo logrotate --debug /etc/logrotate.d/postgresql-liderra 2>&1 | head -20
|
||||
|
||||
echo
|
||||
echo "=== 7. Force PG log rotation now (clean state) ==="
|
||||
sudo logrotate --force /etc/logrotate.d/postgresql-liderra 2>&1 | tail -10
|
||||
|
||||
echo
|
||||
echo "=== 8. AFTER: PG log directory state ==="
|
||||
sudo ls -lah /var/log/postgresql/ 2>&1 | head -10
|
||||
|
||||
echo
|
||||
echo "=== 9. AFTER: Laravel log directory state ==="
|
||||
sudo ls -lah "$LARAVEL_LOG_DIR/" 2>&1 | head -20
|
||||
echo
|
||||
echo "=== 10. Disk free ==="
|
||||
df -h / 2>&1 | head -3
|
||||
|
||||
echo
|
||||
echo "=== DONE ==="
|
||||
REMOTE
|
||||
|
||||
- name: Print summary
|
||||
if: always()
|
||||
run: |
|
||||
{
|
||||
echo "## logrotate setup"
|
||||
echo
|
||||
echo '```'
|
||||
cat /tmp/logrotate-setup.log 2>/dev/null || echo "(no log)"
|
||||
echo '```'
|
||||
} >> "$GITHUB_STEP_SUMMARY"
|
||||
|
||||
- name: Cleanup SSH key
|
||||
if: always()
|
||||
run: rm -f ~/.ssh/liderra_deploy
|
||||
@@ -1,208 +0,0 @@
|
||||
name: SQL rebuild audit hash-chain (per-tenant via postgres)
|
||||
|
||||
# Запускает per-tenant rebuild hash-chain для аудит-партиции через
|
||||
# sudo -u postgres psql (обход limitation crm_supplier_worker роли —
|
||||
# она не может SET session_replication_role).
|
||||
#
|
||||
# Поддерживает 2 таблицы (Stage 5 finding 1+2):
|
||||
# - activity_log → ROW(id,tenant_id,user_id,deal_id,event,old_value,
|
||||
# new_value,context,ip_address,user_agent,NULL::bytea,created_at)
|
||||
# - balance_transactions → ROW(id,tenant_id,type,amount_rub,amount_leads,
|
||||
# balance_rub_after,balance_leads_after,description,related_type,
|
||||
# related_id,user_id,admin_user_id,NULL::bytea,created_at)
|
||||
|
||||
on:
|
||||
workflow_dispatch:
|
||||
inputs:
|
||||
partition:
|
||||
description: 'Имя партиции, например activity_log_y2026_m05'
|
||||
required: true
|
||||
type: string
|
||||
from_id:
|
||||
description: 'ID с которого начать пересчёт (включительно)'
|
||||
required: true
|
||||
type: string
|
||||
table_kind:
|
||||
description: 'activity_log | balance_transactions | pd_processing_log | tenant_operations_log'
|
||||
required: true
|
||||
type: choice
|
||||
options:
|
||||
- activity_log
|
||||
- balance_transactions
|
||||
- pd_processing_log
|
||||
- tenant_operations_log
|
||||
confirm_apply:
|
||||
description: 'Подтверждаю выполнение mutating cleanup'
|
||||
required: true
|
||||
default: false
|
||||
type: boolean
|
||||
|
||||
jobs:
|
||||
rebuild:
|
||||
runs-on: ubuntu-latest
|
||||
timeout-minutes: 10
|
||||
|
||||
env:
|
||||
LIDERRA_HOST: 111.88.246.137
|
||||
LIDERRA_USER: ubuntu
|
||||
PARTITION: ${{ github.event.inputs.partition }}
|
||||
FROM_ID: ${{ github.event.inputs.from_id }}
|
||||
TABLE_KIND: ${{ github.event.inputs.table_kind }}
|
||||
|
||||
steps:
|
||||
- name: Confirm check
|
||||
run: |
|
||||
if [[ "${{ github.event.inputs.confirm_apply }}" != "true" ]]; then
|
||||
echo "::error::confirm_apply=true обязателен"
|
||||
exit 1
|
||||
fi
|
||||
# Sanity: partition must match table_kind
|
||||
case "$TABLE_KIND" in
|
||||
activity_log)
|
||||
if [[ ! "$PARTITION" =~ ^activity_log_y[0-9]{4}_m[0-9]{2}$ ]]; then
|
||||
echo "::error::partition '$PARTITION' не соответствует table_kind=activity_log"
|
||||
exit 1
|
||||
fi
|
||||
;;
|
||||
balance_transactions)
|
||||
if [[ ! "$PARTITION" =~ ^balance_transactions_y[0-9]{4}_m[0-9]{2}$ ]]; then
|
||||
echo "::error::partition '$PARTITION' не соответствует table_kind=balance_transactions"
|
||||
exit 1
|
||||
fi
|
||||
;;
|
||||
pd_processing_log)
|
||||
if [[ ! "$PARTITION" =~ ^pd_processing_log_y[0-9]{4}_m[0-9]{2}$ ]]; then
|
||||
echo "::error::partition '$PARTITION' не соответствует table_kind=pd_processing_log"
|
||||
exit 1
|
||||
fi
|
||||
;;
|
||||
tenant_operations_log)
|
||||
if [[ ! "$PARTITION" =~ ^tenant_operations_log_y[0-9]{4}_m[0-9]{2}$ ]]; then
|
||||
echo "::error::partition '$PARTITION' не соответствует table_kind=tenant_operations_log"
|
||||
exit 1
|
||||
fi
|
||||
;;
|
||||
*)
|
||||
echo "::error::table_kind unknown"
|
||||
exit 1
|
||||
;;
|
||||
esac
|
||||
if ! [[ "$FROM_ID" =~ ^[0-9]+$ ]]; then
|
||||
echo "::error::from_id must be numeric"
|
||||
exit 1
|
||||
fi
|
||||
|
||||
- name: Setup SSH key
|
||||
run: |
|
||||
mkdir -p ~/.ssh
|
||||
echo "${{ secrets.LIDERRA_SSH_KEY }}" > ~/.ssh/liderra_deploy
|
||||
chmod 600 ~/.ssh/liderra_deploy
|
||||
ssh-keyscan -H ${{ env.LIDERRA_HOST }} >> ~/.ssh/known_hosts 2>/dev/null
|
||||
|
||||
- name: Execute SQL rebuild on prod
|
||||
run: |
|
||||
# Build ROW expression per table_kind (mirror AuditChainConfig::TABLES)
|
||||
case "$TABLE_KIND" in
|
||||
activity_log)
|
||||
ROW_EXPR="ROW(t.id, t.tenant_id, t.user_id, t.deal_id, t.event, t.old_value, t.new_value, t.context, t.ip_address, t.user_agent, NULL::bytea, t.created_at)"
|
||||
;;
|
||||
balance_transactions)
|
||||
ROW_EXPR="ROW(t.id, t.tenant_id, t.type, t.amount_rub, t.amount_leads, t.balance_rub_after, t.balance_leads_after, t.description, t.related_type, t.related_id, t.user_id, t.admin_user_id, NULL::bytea, t.created_at)"
|
||||
;;
|
||||
pd_processing_log)
|
||||
ROW_EXPR="ROW(t.id, t.tenant_id, t.subject_type, t.subject_id, t.action, t.purpose, t.actor_tenant_user_id, t.actor_admin_user_id, t.ip_address, NULL::bytea, t.created_at)"
|
||||
;;
|
||||
tenant_operations_log)
|
||||
ROW_EXPR="ROW(t.id, t.tenant_id, t.user_id, t.entity_type, t.entity_id, t.event, t.payload_before, t.payload_after, t.ip_address, t.user_agent, NULL::bytea, t.created_at)"
|
||||
;;
|
||||
esac
|
||||
|
||||
# Build SQL with substituted PARTITION + FROM_ID + ROW_EXPR
|
||||
cat > /tmp/rebuild.sql <<SQL
|
||||
\\set ON_ERROR_STOP 1
|
||||
|
||||
SELECT 'BEFORE: mismatches in partition' AS phase, COUNT(*) AS cnt
|
||||
FROM (
|
||||
WITH ordered AS (
|
||||
SELECT id, tenant_id, log_hash AS stored_hash,
|
||||
LAG(log_hash) OVER (PARTITION BY tenant_id ORDER BY id) AS prev_hash
|
||||
FROM ${PARTITION}
|
||||
)
|
||||
SELECT o.id
|
||||
FROM ordered o
|
||||
WHERE o.stored_hash IS DISTINCT FROM
|
||||
digest(
|
||||
COALESCE(o.prev_hash, ''::bytea)
|
||||
|| (SELECT ${ROW_EXPR}::text::bytea FROM ${PARTITION} t WHERE t.id = o.id),
|
||||
'sha256'
|
||||
)
|
||||
) sub;
|
||||
|
||||
DO \$\$
|
||||
DECLARE
|
||||
tenant_rec RECORD;
|
||||
row_rec RECORD;
|
||||
prev_hash BYTEA;
|
||||
new_hash BYTEA;
|
||||
updated_count INT := 0;
|
||||
tenant_count INT := 0;
|
||||
BEGIN
|
||||
SET session_replication_role = 'replica';
|
||||
|
||||
FOR tenant_rec IN
|
||||
SELECT DISTINCT tenant_id FROM ${PARTITION} WHERE id >= ${FROM_ID} ORDER BY tenant_id
|
||||
LOOP
|
||||
tenant_count := tenant_count + 1;
|
||||
|
||||
SELECT log_hash INTO prev_hash
|
||||
FROM ${PARTITION}
|
||||
WHERE tenant_id = tenant_rec.tenant_id AND id < ${FROM_ID}
|
||||
ORDER BY id DESC LIMIT 1;
|
||||
|
||||
FOR row_rec IN
|
||||
SELECT id FROM ${PARTITION}
|
||||
WHERE tenant_id = tenant_rec.tenant_id AND id >= ${FROM_ID}
|
||||
ORDER BY id
|
||||
LOOP
|
||||
UPDATE ${PARTITION} p
|
||||
SET log_hash = digest(
|
||||
COALESCE(prev_hash, ''::bytea)
|
||||
|| (SELECT ${ROW_EXPR}::text::bytea FROM ${PARTITION} t WHERE t.id = row_rec.id),
|
||||
'sha256'
|
||||
)
|
||||
WHERE p.id = row_rec.id
|
||||
RETURNING log_hash INTO new_hash;
|
||||
|
||||
prev_hash := new_hash;
|
||||
updated_count := updated_count + 1;
|
||||
END LOOP;
|
||||
END LOOP;
|
||||
|
||||
SET session_replication_role = 'origin';
|
||||
RAISE NOTICE 'Rebuild complete: % tenants, % rows updated', tenant_count, updated_count;
|
||||
END\$\$;
|
||||
|
||||
SELECT 'AFTER: mismatches in partition' AS phase, COUNT(*) AS cnt
|
||||
FROM (
|
||||
WITH ordered AS (
|
||||
SELECT id, tenant_id, log_hash AS stored_hash,
|
||||
LAG(log_hash) OVER (PARTITION BY tenant_id ORDER BY id) AS prev_hash
|
||||
FROM ${PARTITION}
|
||||
)
|
||||
SELECT o.id
|
||||
FROM ordered o
|
||||
WHERE o.stored_hash IS DISTINCT FROM
|
||||
digest(
|
||||
COALESCE(o.prev_hash, ''::bytea)
|
||||
|| (SELECT ${ROW_EXPR}::text::bytea FROM ${PARTITION} t WHERE t.id = o.id),
|
||||
'sha256'
|
||||
)
|
||||
) sub;
|
||||
SQL
|
||||
|
||||
scp -i ~/.ssh/liderra_deploy /tmp/rebuild.sql ${{ env.LIDERRA_USER }}@${{ env.LIDERRA_HOST }}:/tmp/rebuild.sql
|
||||
ssh -i ~/.ssh/liderra_deploy ${{ env.LIDERRA_USER }}@${{ env.LIDERRA_HOST }} 'sudo -u postgres psql -d liderra -f /tmp/rebuild.sql && rm /tmp/rebuild.sql'
|
||||
|
||||
- name: Cleanup SSH key
|
||||
if: always()
|
||||
run: rm -f ~/.ssh/liderra_deploy
|
||||
@@ -1,104 +0,0 @@
|
||||
name: Run whitelisted SQL on liderra.ru
|
||||
|
||||
on:
|
||||
workflow_dispatch:
|
||||
inputs:
|
||||
sql:
|
||||
description: 'SQL query (SELECT only by default; UPDATE/DELETE need confirm_mutating=true)'
|
||||
required: true
|
||||
type: string
|
||||
confirm_mutating:
|
||||
description: 'Подтверждаю UPDATE/DELETE на проде'
|
||||
required: false
|
||||
default: false
|
||||
type: boolean
|
||||
|
||||
jobs:
|
||||
run:
|
||||
runs-on: ubuntu-latest
|
||||
timeout-minutes: 10
|
||||
env:
|
||||
LIDERRA_HOST: 111.88.246.137
|
||||
LIDERRA_USER: ubuntu
|
||||
SQL: ${{ github.event.inputs.sql }}
|
||||
CONFIRM_MUT: ${{ github.event.inputs.confirm_mutating }}
|
||||
|
||||
steps:
|
||||
- name: Whitelist check
|
||||
run: |
|
||||
set -euo pipefail
|
||||
SQL_LOWER=$(echo "$SQL" | tr '[:upper:]' '[:lower:]' | sed 's/^[[:space:]]*//;s/[[:space:]]*$//')
|
||||
|
||||
# Reject multi-statement SQL — `;` would let SELECT-prefixed payloads
|
||||
# smuggle UPDATE/DELETE past READ_RE without confirm_mutating=true.
|
||||
# Trailing single `;` is also rejected for symmetry (use no trailing `;`).
|
||||
if [[ "$SQL_LOWER" == *";"* ]]; then
|
||||
echo "::error::Multi-statement SQL is not allowed (no semicolons)."
|
||||
exit 1
|
||||
fi
|
||||
|
||||
# Allow: SELECT / WITH (CTE) / \d / EXPLAIN
|
||||
READ_RE='^(select |with |explain |\\d|\\df|\\di|\\dt)'
|
||||
|
||||
# Mutating allowed if confirm=true: targeted UPDATE/DELETE on specific tables
|
||||
MUTATING_RE='^(update supplier_leads|update supplier_projects|update failed_webhook_jobs|update scheduler_heartbeats|delete from failed_webhook_jobs|delete from incidents_log) '
|
||||
|
||||
if [[ "$SQL_LOWER" =~ $READ_RE ]]; then
|
||||
echo "::notice::SELECT/read-only — allowed."
|
||||
exit 0
|
||||
fi
|
||||
|
||||
if [[ "$SQL_LOWER" =~ $MUTATING_RE ]]; then
|
||||
if [[ "$CONFIRM_MUT" != "true" ]]; then
|
||||
echo "::error::Mutating SQL requires confirm_mutating=true."
|
||||
exit 1
|
||||
fi
|
||||
echo "::warning::Mutating SQL authorized."
|
||||
exit 0
|
||||
fi
|
||||
|
||||
echo "::error::SQL not in whitelist: $SQL_LOWER"
|
||||
exit 1
|
||||
|
||||
- name: Setup SSH key
|
||||
run: |
|
||||
mkdir -p ~/.ssh
|
||||
echo "${{ secrets.LIDERRA_SSH_KEY }}" > ~/.ssh/liderra_deploy
|
||||
chmod 600 ~/.ssh/liderra_deploy
|
||||
ssh-keyscan -H ${{ env.LIDERRA_HOST }} >> ~/.ssh/known_hosts 2>/dev/null
|
||||
|
||||
- name: Run on prod
|
||||
run: |
|
||||
set -o pipefail
|
||||
SQL_B64=$(printf '%s' "$SQL" | base64 -w0)
|
||||
ssh -i ~/.ssh/liderra_deploy ${{ env.LIDERRA_USER }}@${{ env.LIDERRA_HOST }} \
|
||||
"SQL_B64='$SQL_B64' bash -s" <<'REMOTE' | tee /tmp/sql.log
|
||||
SQL=$(echo "$SQL_B64" | base64 -d)
|
||||
echo "=== Running on $(hostname) at $(date -u) ==="
|
||||
echo "SQL: $SQL"
|
||||
echo
|
||||
sudo -u postgres psql -d liderra -c "$SQL"
|
||||
RC=$?
|
||||
echo
|
||||
echo "=== Exit code: $RC ==="
|
||||
exit $RC
|
||||
REMOTE
|
||||
|
||||
- name: Summary
|
||||
if: always()
|
||||
run: |
|
||||
{
|
||||
echo "## SQL on prod"
|
||||
echo
|
||||
echo '```sql'
|
||||
echo "$SQL"
|
||||
echo '```'
|
||||
echo
|
||||
echo '```'
|
||||
cat /tmp/sql.log 2>/dev/null
|
||||
echo '```'
|
||||
} >> "$GITHUB_STEP_SUMMARY"
|
||||
|
||||
- name: Cleanup
|
||||
if: always()
|
||||
run: rm -f ~/.ssh/liderra_deploy
|
||||
@@ -1,136 +0,0 @@
|
||||
name: Diagnose SSH access to liderra.ru
|
||||
|
||||
# Цель: понять, почему dev-IP 89.144.17.119 не пускают по SSH.
|
||||
# Запускается вручную: gh workflow run ssh-diagnose.yml -f dev_ip=89.144.17.119
|
||||
# Ничего не меняет на проде — только читает состояние fail2ban / iptables / sshd /
|
||||
# auth.log.
|
||||
#
|
||||
# Использует тот же LIDERRA_SSH_KEY что и deploy.yml.
|
||||
|
||||
on:
|
||||
workflow_dispatch:
|
||||
inputs:
|
||||
dev_ip:
|
||||
description: 'IP который нужно проверить на блок (по умолчанию 89.144.17.119)'
|
||||
required: true
|
||||
default: '89.144.17.119'
|
||||
type: string
|
||||
|
||||
jobs:
|
||||
diagnose:
|
||||
runs-on: ubuntu-latest
|
||||
timeout-minutes: 5
|
||||
|
||||
env:
|
||||
LIDERRA_HOST: 111.88.246.137
|
||||
LIDERRA_USER: ubuntu
|
||||
DEV_IP: ${{ github.event.inputs.dev_ip }}
|
||||
|
||||
steps:
|
||||
- name: Setup SSH key
|
||||
run: |
|
||||
mkdir -p ~/.ssh
|
||||
echo "${{ secrets.LIDERRA_SSH_KEY }}" > ~/.ssh/liderra_deploy
|
||||
chmod 600 ~/.ssh/liderra_deploy
|
||||
ssh-keyscan -H ${{ env.LIDERRA_HOST }} >> ~/.ssh/known_hosts 2>/dev/null
|
||||
|
||||
- name: Run diagnostic queries on prod
|
||||
run: |
|
||||
ssh -i ~/.ssh/liderra_deploy ${{ env.LIDERRA_USER }}@${{ env.LIDERRA_HOST }} \
|
||||
"DEV_IP='${DEV_IP}' bash -s" <<'REMOTE' | tee /tmp/diagnose.log
|
||||
set +e
|
||||
echo "=== 1. fail2ban status (sshd jail) ==="
|
||||
sudo fail2ban-client status sshd 2>&1 | head -30 || echo "fail2ban not available"
|
||||
|
||||
echo
|
||||
echo "=== 2. Is ${DEV_IP} currently banned by fail2ban? ==="
|
||||
sudo fail2ban-client get sshd banip 2>&1 | grep -F "${DEV_IP}" || echo "NOT IN fail2ban banlist"
|
||||
|
||||
echo
|
||||
echo "=== 3. Recent fail2ban actions for ${DEV_IP} (last 50 lines) ==="
|
||||
sudo grep -F "${DEV_IP}" /var/log/fail2ban.log 2>/dev/null | tail -50 || echo "no fail2ban log entries"
|
||||
|
||||
echo
|
||||
echo "=== 4. iptables INPUT rules referencing ${DEV_IP} or :22 ==="
|
||||
sudo iptables -L INPUT -n -v --line-numbers 2>&1 | grep -E "(${DEV_IP}|dpt:22|tcp dpt:ssh|f2b)" || echo "no specific INPUT rules"
|
||||
|
||||
echo
|
||||
echo "=== 5. iptables chains containing fail2ban (f2b-*) ==="
|
||||
sudo iptables -L -n 2>&1 | grep -E "^Chain (f2b|INPUT)" | head -10
|
||||
|
||||
echo
|
||||
echo "=== 6. Full f2b-sshd chain (entries banning IPs) ==="
|
||||
sudo iptables -L f2b-sshd -n -v --line-numbers 2>&1 | head -40 || echo "no f2b-sshd chain"
|
||||
|
||||
echo
|
||||
echo "=== 7. Recent SSH failed attempts from ${DEV_IP} (last 30 lines auth.log) ==="
|
||||
sudo grep -F "${DEV_IP}" /var/log/auth.log 2>/dev/null | tail -30 || echo "no auth.log entries"
|
||||
|
||||
echo
|
||||
echo "=== 8. Active sshd config: AllowUsers / DenyUsers / Match blocks ==="
|
||||
sudo grep -E "^(AllowUsers|DenyUsers|AllowGroups|DenyGroups|Match)" /etc/ssh/sshd_config 2>&1 || true
|
||||
sudo ls /etc/ssh/sshd_config.d/ 2>&1
|
||||
sudo grep -E "^(AllowUsers|DenyUsers|AllowGroups|DenyGroups|Match)" /etc/ssh/sshd_config.d/*.conf 2>/dev/null || echo "no relevant entries in sshd_config.d"
|
||||
|
||||
echo
|
||||
echo "=== 9. hosts.deny / hosts.allow ==="
|
||||
echo "--- /etc/hosts.deny ---"
|
||||
sudo cat /etc/hosts.deny 2>/dev/null | grep -v '^#' | grep -v '^$' || echo "(empty)"
|
||||
echo "--- /etc/hosts.allow ---"
|
||||
sudo cat /etc/hosts.allow 2>/dev/null | grep -v '^#' | grep -v '^$' || echo "(empty)"
|
||||
|
||||
echo
|
||||
echo "=== 10. ufw status (если используется) ==="
|
||||
sudo ufw status verbose 2>&1 | head -20 || echo "ufw not active"
|
||||
|
||||
echo
|
||||
echo "=== 11. nftables ruleset (если активен) ==="
|
||||
sudo nft list ruleset 2>&1 | head -40 || echo "nftables not active"
|
||||
|
||||
echo
|
||||
echo "=== 12. Last 5 successful SSH logins (who logged in last) ==="
|
||||
last -n 5 ubuntu 2>&1 | head -10
|
||||
|
||||
echo
|
||||
echo "=== 13. Full content of /etc/ssh/sshd_config.d/01-claude.conf ==="
|
||||
sudo cat /etc/ssh/sshd_config.d/01-claude.conf 2>&1 | head -80
|
||||
|
||||
echo
|
||||
echo "=== 14. nftables full ruleset (f2b-table content) ==="
|
||||
sudo nft list ruleset 2>&1 | head -120
|
||||
|
||||
echo
|
||||
echo "=== 15. journalctl ssh.service last 30min ==="
|
||||
sudo journalctl -u ssh.service --since="30 minutes ago" --no-pager 2>&1 | tail -40
|
||||
|
||||
echo
|
||||
echo "=== 16. /etc/fail2ban/jail.d/ content ==="
|
||||
sudo ls -la /etc/fail2ban/jail.d/ 2>&1
|
||||
echo "--- whitelist-dev.conf ---"
|
||||
sudo cat /etc/fail2ban/jail.d/whitelist-dev.conf 2>&1 || echo "(missing)"
|
||||
echo "--- jail.local ---"
|
||||
sudo cat /etc/fail2ban/jail.local 2>&1 | head -40 || echo "(missing)"
|
||||
|
||||
echo
|
||||
echo "=== 17. recidive jail (if any — long-term ban) ==="
|
||||
sudo fail2ban-client status recidive 2>&1 | head -20 || echo "no recidive jail"
|
||||
sudo fail2ban-client get recidive banip 2>&1 | grep -F "${DEV_IP}" || echo "NOT IN recidive"
|
||||
|
||||
echo
|
||||
echo "=== DONE ==="
|
||||
REMOTE
|
||||
|
||||
- name: Print summary
|
||||
if: always()
|
||||
run: |
|
||||
{
|
||||
echo "## SSH diagnostic for $DEV_IP → $LIDERRA_HOST"
|
||||
echo
|
||||
echo '```'
|
||||
cat /tmp/diagnose.log 2>/dev/null || echo "(no log captured)"
|
||||
echo '```'
|
||||
} >> "$GITHUB_STEP_SUMMARY"
|
||||
|
||||
- name: Cleanup SSH key
|
||||
if: always()
|
||||
run: rm -f ~/.ssh/liderra_deploy
|
||||
@@ -1,117 +0,0 @@
|
||||
name: Stage 5 daily monitor (29.05→04.06)
|
||||
|
||||
# Автоматический ежедневный мониторинг 3 ключевых сигналов прода
|
||||
# во время 7-дневного окна перед переключением supplier_export_mode
|
||||
# online→batch (Stage 5 Task 5.1).
|
||||
#
|
||||
# Запускается GitHub-cron'ом каждое утро 06:00 UTC (09:00 МСК)
|
||||
# 29.05.2026 — 04.06.2026 (после 04.06 workflow можно отключить
|
||||
# через UI Actions tab → Disable workflow, либо удалить файл).
|
||||
# Также доступен ручной запуск через workflow_dispatch.
|
||||
#
|
||||
# Выводит результаты в job summary + сохраняет как artifact.
|
||||
#
|
||||
# План мониторинга:
|
||||
# docs/superpowers/plans/2026-05-29-stage5-monitoring-checklist.md
|
||||
|
||||
on:
|
||||
schedule:
|
||||
# 06:00 UTC = 09:00 МСК ежедневно
|
||||
- cron: '0 6 * * *'
|
||||
workflow_dispatch:
|
||||
|
||||
jobs:
|
||||
monitor:
|
||||
runs-on: ubuntu-latest
|
||||
timeout-minutes: 10
|
||||
|
||||
# Жёсткий стоп — workflow ничего не делает после 04.06.2026 даже
|
||||
# если кто-то забудет отключить. CRON в GitHub Actions не имеет
|
||||
# "until date" — реализуем через if-check на runner side.
|
||||
if: github.event_name == 'workflow_dispatch' || github.event.schedule == '0 6 * * *'
|
||||
|
||||
env:
|
||||
LIDERRA_HOST: 111.88.246.137
|
||||
LIDERRA_USER: ubuntu
|
||||
|
||||
steps:
|
||||
- name: Check window not expired
|
||||
id: window
|
||||
run: |
|
||||
TODAY=$(date -u +%Y-%m-%d)
|
||||
DEADLINE='2026-06-05' # 04.06 + 1 день grace
|
||||
if [[ "$TODAY" > "$DEADLINE" ]]; then
|
||||
echo "::notice::Stage 5 monitoring window closed at $DEADLINE. Disable this workflow via Actions UI."
|
||||
echo "skip=true" >> "$GITHUB_OUTPUT"
|
||||
else
|
||||
echo "skip=false" >> "$GITHUB_OUTPUT"
|
||||
fi
|
||||
|
||||
- name: Setup SSH key
|
||||
if: steps.window.outputs.skip != 'true'
|
||||
run: |
|
||||
mkdir -p ~/.ssh
|
||||
echo "${{ secrets.LIDERRA_SSH_KEY }}" > ~/.ssh/liderra_deploy
|
||||
chmod 600 ~/.ssh/liderra_deploy
|
||||
ssh-keyscan -H ${{ env.LIDERRA_HOST }} >> ~/.ssh/known_hosts 2>/dev/null
|
||||
|
||||
- name: Run 3 checks
|
||||
if: steps.window.outputs.skip != 'true'
|
||||
run: |
|
||||
ssh -i ~/.ssh/liderra_deploy ${{ env.LIDERRA_USER }}@${{ env.LIDERRA_HOST }} 'bash -s' <<'REMOTE' | tee /tmp/monitor.log
|
||||
set +e
|
||||
cd /var/www/liderra/app
|
||||
echo "=== Date: $(date -u) ==="
|
||||
|
||||
echo
|
||||
echo "=== 1. scheduler:check-heartbeats ==="
|
||||
sudo -u www-data php artisan scheduler:check-heartbeats 2>&1
|
||||
echo "Exit: $?"
|
||||
|
||||
echo
|
||||
echo "=== 2. incidents:watch-failures ==="
|
||||
sudo -u www-data php artisan incidents:watch-failures 2>&1
|
||||
echo "Exit: $?"
|
||||
|
||||
echo
|
||||
echo "=== 3. migrate:status ==="
|
||||
sudo -u www-data php artisan migrate:status 2>&1 | tail -8
|
||||
echo "Exit: $?"
|
||||
|
||||
echo
|
||||
echo "=== Auxiliary signals from system tables ==="
|
||||
echo "--- last 3 incidents_log entries ---"
|
||||
sudo -u postgres psql -d liderra -tA -c "SELECT severity, created_at, root_cause FROM incidents_log ORDER BY created_at DESC LIMIT 3;" 2>&1
|
||||
echo "--- snapshot count last 3 days ---"
|
||||
sudo -u postgres psql -d liderra -tA -c "SELECT snapshot_date, COUNT(*) FROM project_routing_snapshots GROUP BY 1 ORDER BY 1 DESC LIMIT 3;" 2>&1
|
||||
echo "--- failed_webhook_jobs last 24h count ---"
|
||||
sudo -u postgres psql -d liderra -tA -c "SELECT COUNT(*) FROM failed_webhook_jobs WHERE failed_at > NOW() - INTERVAL '24 hours';" 2>&1
|
||||
echo "--- scheduler_heartbeats with failures ---"
|
||||
sudo -u postgres psql -d liderra -tA -c "SELECT command_name, consecutive_failures, last_run_at FROM scheduler_heartbeats WHERE consecutive_failures > 0 ORDER BY consecutive_failures DESC;" 2>&1
|
||||
|
||||
echo
|
||||
echo "=== DONE ==="
|
||||
REMOTE
|
||||
|
||||
- name: Print summary
|
||||
if: always() && steps.window.outputs.skip != 'true'
|
||||
run: |
|
||||
{
|
||||
echo "## Stage 5 daily monitor — $(date -u +%Y-%m-%d)"
|
||||
echo
|
||||
echo '```'
|
||||
cat /tmp/monitor.log 2>/dev/null || echo "(no output)"
|
||||
echo '```'
|
||||
} >> "$GITHUB_STEP_SUMMARY"
|
||||
|
||||
- name: Upload as artifact
|
||||
if: always() && steps.window.outputs.skip != 'true'
|
||||
uses: actions/upload-artifact@v4
|
||||
with:
|
||||
name: monitor-${{ github.run_id }}
|
||||
path: /tmp/monitor.log
|
||||
retention-days: 14
|
||||
|
||||
- name: Cleanup SSH key
|
||||
if: always()
|
||||
run: rm -f ~/.ssh/liderra_deploy
|
||||
@@ -1,111 +0,0 @@
|
||||
name: Stage 5 day 1 investigation — round 3 (schema + full rows)
|
||||
|
||||
# Round 3: реальные имена колонок hash в audit-таблицах,
|
||||
# реальные имена FK в supplier_projects/supplier_leads,
|
||||
# полное содержимое битых строк (599/462) и застрявших лидов (1110/1157).
|
||||
|
||||
on:
|
||||
workflow_dispatch:
|
||||
|
||||
jobs:
|
||||
investigate:
|
||||
runs-on: ubuntu-latest
|
||||
timeout-minutes: 10
|
||||
|
||||
env:
|
||||
LIDERRA_HOST: 111.88.246.137
|
||||
LIDERRA_USER: ubuntu
|
||||
|
||||
steps:
|
||||
- name: Setup SSH key
|
||||
run: |
|
||||
mkdir -p ~/.ssh
|
||||
echo "${{ secrets.LIDERRA_SSH_KEY }}" > ~/.ssh/liderra_deploy
|
||||
chmod 600 ~/.ssh/liderra_deploy
|
||||
ssh-keyscan -H ${{ env.LIDERRA_HOST }} >> ~/.ssh/known_hosts 2>/dev/null
|
||||
|
||||
- name: Round 3 schema + rows
|
||||
run: |
|
||||
ssh -i ~/.ssh/liderra_deploy ${{ env.LIDERRA_USER }}@${{ env.LIDERRA_HOST }} 'bash -s' <<'REMOTE' | tee /tmp/investigate3.log
|
||||
set +e
|
||||
cd /var/www/liderra/app
|
||||
|
||||
echo "=========================================="
|
||||
echo "SCHEMAS"
|
||||
echo "=========================================="
|
||||
|
||||
echo
|
||||
echo "--- activity_log columns ---"
|
||||
sudo -u postgres psql -d liderra -c "SELECT column_name, data_type FROM information_schema.columns WHERE table_name='activity_log' ORDER BY ordinal_position;"
|
||||
|
||||
echo
|
||||
echo "--- balance_transactions columns ---"
|
||||
sudo -u postgres psql -d liderra -c "SELECT column_name, data_type FROM information_schema.columns WHERE table_name='balance_transactions' ORDER BY ordinal_position;"
|
||||
|
||||
echo
|
||||
echo "--- supplier_projects columns ---"
|
||||
sudo -u postgres psql -d liderra -c "SELECT column_name, data_type FROM information_schema.columns WHERE table_name='supplier_projects' ORDER BY ordinal_position;"
|
||||
|
||||
echo
|
||||
echo "--- supplier_leads columns ---"
|
||||
sudo -u postgres psql -d liderra -c "SELECT column_name, data_type FROM information_schema.columns WHERE table_name='supplier_leads' ORDER BY ordinal_position;"
|
||||
|
||||
|
||||
echo
|
||||
echo "=========================================="
|
||||
echo "BROKEN ROWS — full SELECT *"
|
||||
echo "=========================================="
|
||||
|
||||
echo
|
||||
echo "--- activity_log_y2026_m05 ids 597-601 ---"
|
||||
sudo -u postgres psql -d liderra -x -c "SELECT * FROM activity_log_y2026_m05 WHERE id BETWEEN 597 AND 601 ORDER BY id;"
|
||||
|
||||
echo
|
||||
echo "--- balance_transactions_y2026_m05 ids 460-464 ---"
|
||||
sudo -u postgres psql -d liderra -x -c "SELECT * FROM balance_transactions_y2026_m05 WHERE id BETWEEN 460 AND 464 ORDER BY id;"
|
||||
|
||||
|
||||
echo
|
||||
echo "=========================================="
|
||||
echo "STUCK LEADS 1110 + 1157"
|
||||
echo "=========================================="
|
||||
|
||||
echo
|
||||
echo "--- supplier_leads.id IN (1110, 1157) ---"
|
||||
sudo -u postgres psql -d liderra -x -c "SELECT * FROM supplier_leads WHERE id IN (1110, 1157);"
|
||||
|
||||
echo
|
||||
echo "--- failed_webhook_jobs sample raw_payload for sl_id=1110 (1 row) ---"
|
||||
sudo -u postgres psql -d liderra -x -c "SELECT * FROM failed_webhook_jobs WHERE raw_payload->>'supplier_lead_id' = '1110' ORDER BY failed_at DESC LIMIT 1;"
|
||||
|
||||
echo
|
||||
echo "--- All supplier_projects with platform B1 ---"
|
||||
sudo -u postgres psql -d liderra -c "SELECT * FROM supplier_projects WHERE platform='B1' LIMIT 5;"
|
||||
|
||||
echo
|
||||
echo "=========================================="
|
||||
echo "DONE"
|
||||
echo "=========================================="
|
||||
REMOTE
|
||||
|
||||
- name: Print summary
|
||||
if: always()
|
||||
run: |
|
||||
{
|
||||
echo "## Stage 5 day 1 investigation — round 3 schemas"
|
||||
echo
|
||||
echo '```'
|
||||
cat /tmp/investigate3.log 2>/dev/null || echo "(no output)"
|
||||
echo '```'
|
||||
} >> "$GITHUB_STEP_SUMMARY"
|
||||
|
||||
- name: Upload artifact
|
||||
if: always()
|
||||
uses: actions/upload-artifact@v4
|
||||
with:
|
||||
name: investigate-day1-round3
|
||||
path: /tmp/investigate3.log
|
||||
|
||||
- name: Cleanup SSH key
|
||||
if: always()
|
||||
run: rm -f ~/.ssh/liderra_deploy
|
||||
-14
@@ -2,14 +2,6 @@
|
||||
# .gitignore — Лидерра
|
||||
# =============================================================================
|
||||
|
||||
# ── Session junk (broken PS paths from parallel Claude sessions, deploy tarballs, ad-hoc screenshots) ──
|
||||
CTemp*
|
||||
CWindowsTemp*
|
||||
phase[0-9]*-update.tar.gz
|
||||
recheck-*.png
|
||||
.tmp-*.sql
|
||||
tools/cloudflared.*
|
||||
|
||||
# ── Node / npm ──────────────────────────────────────────────────────────────
|
||||
node_modules/
|
||||
npm-debug.log*
|
||||
@@ -151,12 +143,6 @@ app/playwright/node_modules/
|
||||
# Superpowers using-git-worktrees — локальные worktrees вне репо
|
||||
.claude/worktrees/
|
||||
|
||||
# Graphify knowledge-graph build artefacts (ADR-017 #86) — ~5MB graph.json + 1.8MB
|
||||
# graph.html + cache/. Local-only, не коммитятся; восстанавливается пересборкой
|
||||
# через /graphify --update. В main worktree graphify-out — junction на spike worktree.
|
||||
graphify-out/
|
||||
graphify-out-*/
|
||||
|
||||
# Vitest coverage output (app/coverage/) — генерируется npm run test:coverage
|
||||
/app/coverage/
|
||||
|
||||
|
||||
@@ -39,13 +39,3 @@ a2f6714440c925e8ffdec8667373511dcce1b3aa:ПИЛОТ.md:ru-phone-unmasked:31
|
||||
16ac37aba9fdeb8a153e92e44ed42e1693377b58:docs/observer/episodes-2026-05.jsonl:ru-phone-unmasked:46
|
||||
16ac37aba9fdeb8a153e92e44ed42e1693377b58:docs/observer/episodes-2026-05.jsonl:ru-phone-unmasked:48
|
||||
16ac37aba9fdeb8a153e92e44ed42e1693377b58:docs/observer/episodes-2026-05.jsonl:ru-phone-unmasked:76
|
||||
|
||||
# 2026-05-26 — реальные RU-телефоны в ПИЛОТ.md и spec'ах от параллельных сессий
|
||||
# Дмитрия (33184985 / f48f79d2 / da4ab729 уже на origin/main — историю не переписать;
|
||||
# 6b2597ff / d2100a9b на ветке fix/supplier-platform-prefix, не в main lineage).
|
||||
# TODO: маскировать +7XXXXXXXXXX в новых коммитах ПИЛОТ.md / специов supplier-*.
|
||||
6b2597ff4ac2a34ed3d4d5a05c47318502b3f469:ПИЛОТ.md:ru-phone-unmasked:11
|
||||
d2100a9bab954296fa71dcfdb59568a1986e0dbe:docs/superpowers/specs/2026-05-26-supplier-platform-prefix-design.md:ru-phone-unmasked:18
|
||||
f48f79d2f333cd5acffb7751e6c3554d0807cb39:ПИЛОТ.md:ru-phone-unmasked:13
|
||||
33184985875ac8219464fd3d0f65b6740d587f50:ПИЛОТ.md:ru-phone-unmasked:11
|
||||
da4ab729df08ded7aa7d2523ef6c81efeacc1849:docs/superpowers/specs/2026-05-25-supplier-webhook-reliability-design.md:ru-phone-unmasked:34
|
||||
|
||||
@@ -28,12 +28,6 @@ exclude = [
|
||||
# Шаблонные плейсхолдеры
|
||||
"^\\{\\{.*\\}\\}$",
|
||||
"^\\[.*\\]$",
|
||||
# v3.9 hooks удалены Stream G (2026-05-30), CLAUDE.md содержит исторические упоминания
|
||||
"tools/enforce-chain-recommendation\\.mjs",
|
||||
"tools/enforce-classifier-match\\.mjs",
|
||||
"tools/enforce-graph-first\\.mjs",
|
||||
"tools/enforce-semgrep-security\\.mjs",
|
||||
"tools/enforce-override-limit\\.mjs",
|
||||
# localhost и приватные адреса
|
||||
"^https?://localhost",
|
||||
"^https?://127\\.0\\.0\\.1",
|
||||
|
||||
@@ -54,7 +54,32 @@
|
||||
},
|
||||
"comment": "A3 integration-tooling #47 — OpenAPI MCP (ivo-toby/mcp-openapi-server, @ivotoby/openapi-mcp-server v1.14.0, MIT). Exposes Лидерра REST API endpoints (docs/api/openapi.yaml) as MCP tools. Config via env-vars API_BASE_URL + OPENAPI_SPEC_PATH (stdio transport default). READ scope: API discovery/introspection for Claude Code. Формализован в Tooling §4.22, PSR_v1 R10.1 блок 3, Pravila §13.2."
|
||||
},
|
||||
"_disabled_marketing_servers_note": "ОТКЛЮЧЕНЫ 2026-05-31 (владелец: «отрежь маркетинг»). Причина: их авто-генерируемые схемы (особенно wordstat — 128 tools из Яндекс.Директа) — главный подозреваемый в API 400 tools.110/113, ронявшем субагентов при bulk-load всех инструментов (subagent-driven-development). Серверы off-phase и без OAuth-токенов всё равно не стартовали. Полный конфиг — в git до этого коммита. Чтобы вернуть, восстановить три блока mcpServers: marketing-metrika (npx -y github:atomkraft/yandex-metrika-mcp; env YANDEX_OAUTH_TOKEN; READ-ONLY; Tooling §4.53), marketing-wordstat (npx -y github:SvechaPVL/yandex-mcp; env YANDEX_OAUTH_TOKEN; ТОЛЬКО Wordstat per IS9/MKT8; Tooling §4.54), marketing-telegram (npx -y github:chigwell/telegram-mcp; env TELEGRAM_API_ID/API_HASH/SESSION_STRING; выделенный аккаунт IS9; Tooling §4.51). См. docs/security/marketing-vet.md и docs/marketing/README.md.",
|
||||
"marketing-metrika": {
|
||||
"command": "npx",
|
||||
"args": ["-y", "github:atomkraft/yandex-metrika-mcp"],
|
||||
"env": {
|
||||
"YANDEX_OAUTH_TOKEN": "${YANDEX_OAUTH_TOKEN}"
|
||||
},
|
||||
"comment": "C1 marketing-tooling #78 — Yandex Metrika MCP (vetted source: github:atomkraft/yandex-metrika-mcp, MIT — выбран по IS9-вету из 3 кандидатов, см. docs/security/marketing-vet.md). READ-ONLY аналитика: посещаемость, источники трафика, конверсии. Env: YANDEX_OAUTH_TOKEN — OAuth-токен с правами read-only. Постура IS9: READ-ONLY, мутации API Метрики не задействуются. Tooling §4.53. docs/marketing/README.md."
|
||||
},
|
||||
"marketing-wordstat": {
|
||||
"command": "npx",
|
||||
"args": ["-y", "github:SvechaPVL/yandex-mcp"],
|
||||
"env": {
|
||||
"YANDEX_OAUTH_TOKEN": "${YANDEX_OAUTH_TOKEN}"
|
||||
},
|
||||
"comment": "C1 marketing-tooling #79 — Yandex Direct+Wordstat MCP (vetted source: github:SvechaPVL/yandex-mcp, MIT — выбран по IS9-вету, см. docs/security/marketing-vet.md). Репозиторий отдаёт 128 tools (Direct + Wordstat + Метрика); по IS9-условию используются ТОЛЬКО Wordstat-инструменты для подбора ключевых слов и оценки спроса — Direct-мутации (создание/правка кампаний, изменение ставок) поведенчески запрещены через marketing-ru #77 и MKT8 (никаких автоматических трат рекламного бюджета). Env: YANDEX_OAUTH_TOKEN с минимальным scope. Tooling §4.54. docs/marketing/README.md."
|
||||
},
|
||||
"marketing-telegram": {
|
||||
"command": "npx",
|
||||
"args": ["-y", "github:chigwell/telegram-mcp"],
|
||||
"env": {
|
||||
"TELEGRAM_API_ID": "${TELEGRAM_API_ID}",
|
||||
"TELEGRAM_API_HASH": "${TELEGRAM_API_HASH}",
|
||||
"TELEGRAM_SESSION_STRING": "${TELEGRAM_SESSION_STRING}"
|
||||
},
|
||||
"comment": "C1 marketing-tooling #80 — Telegram MCP (chigwell/telegram-mcp, Apache-2.0, GitHub-only — не npm). Работа с Telegram-каналами и чатами Лидерры: публикация, планирование, аналитика. Env: TELEGRAM_API_ID + TELEGRAM_API_HASH (получить на https://my.telegram.org/apps) + TELEGRAM_SESSION_STRING (генерируется один раз через GramJS/Telethon, хранить в .env.local gitignored). ОБЯЗАТЕЛЬНО: выделенный Telegram-аккаунт для Лидерры, не личный (IS9-постура MKT8). Tooling §4.51. docs/marketing/README.md."
|
||||
},
|
||||
"_comment_postiz_skeleton": "TODO: C1 marketing-tooling #81 — Postiz MCP (gitroomhq/postiz-app self-host + antoniolg/postiz-mcp). Активировать ПОСЛЕ: 1) развернуть Postiz self-hosted (git clone https://github.com/gitroomhq/postiz-app + docker-compose, AGPL-3.0: internal-only, no modifications); 2) провести vet лицензии antoniolg/postiz-mcp (NOT YET VERIFIED — см. docs/marketing/README.md Open vet notes); 3) подключить соцсети в Postiz UI. Будущий entry: \"marketing-postiz\": { \"command\": \"npx\", \"args\": [\"-y\", \"postiz-mcp\"], \"env\": { \"POSTIZ_API_URL\": \"${POSTIZ_API_URL}\", \"POSTIZ_API_KEY\": \"${POSTIZ_API_KEY}\" }, \"comment\": \"C1 #81 post-activation\" }. Tooling §4.52. docs/marketing/README.md."
|
||||
}
|
||||
}
|
||||
|
||||
@@ -1,225 +0,0 @@
|
||||
<?php
|
||||
|
||||
declare(strict_types=1);
|
||||
|
||||
namespace App\Console\Commands;
|
||||
|
||||
use App\Services\Audit\AuditChainConfig;
|
||||
use Illuminate\Console\Command;
|
||||
use Illuminate\Support\Facades\DB;
|
||||
|
||||
/**
|
||||
* Пересчитывает hash-цепь в указанной партиции аудит-таблицы начиная с заданного id.
|
||||
*
|
||||
* ADR-018: воспроизводит per-tenant scope триггера audit_chain_hash() (через RLS).
|
||||
* Для tenant-таблиц (activity_log/balance_transactions/tenant_operations_log/
|
||||
* pd_processing_log) — отдельная цепочка на каждый tenant. Для BYPASSRLS-таблиц
|
||||
* (auth_log/saas_admin_audit_log) — единая цепочка в пределах партиции.
|
||||
*
|
||||
* Алгоритм (Вариант B — PHP-iteration с partition awareness):
|
||||
* 1. SET session_replication_role = replica отключает BEFORE-триггеры.
|
||||
* 2. Determine partition_clause из AuditChainConfig::TABLES[parent_table].
|
||||
* 3. Для per-tenant таблиц: получить distinct tenant_ids в range, для каждого:
|
||||
* - prev_hash = log_hash of last row with id<from-id AND tenant_id=X
|
||||
* - iterate rows ordered by id, UPDATE + propagate prev_hash forward
|
||||
* Для BYPASSRLS-таблиц: одна iteration без tenant scope.
|
||||
* 4. Возвращаем session_replication_role = origin.
|
||||
*
|
||||
* NB: row-by-row PHP loop сохранён намеренно (вариант с одиночным CTE и
|
||||
* LAG страдает snapshot-isolation bug — downstream rows используют OLD stored
|
||||
* prev_hash вместо новых хешей текущего UPDATE'а; chain ломается через >1 row).
|
||||
*
|
||||
* Ref: docs/adr/ADR-018-audit-chain-per-tenant-semantics.md
|
||||
* docs/superpowers/plans/2026-05-29-audit-rebuild-per-tenant-fix.md
|
||||
*/
|
||||
final class AuditRebuildChain extends Command
|
||||
{
|
||||
protected $signature = 'audit:rebuild-chain
|
||||
{--partition= : Имя партиции, например activity_log_y2026_m05}
|
||||
{--from-id= : ID с которого начать пересчёт (включительно)}
|
||||
{--dry-run : Показать сколько строк затронет, без UPDATE}
|
||||
{--force : Пропустить интерактивное подтверждение (для CI/тестов)}';
|
||||
|
||||
protected $description = 'Пересчитать hash-цепь партиции аудит-таблицы (per-tenant per ADR-018)';
|
||||
|
||||
public function handle(): int
|
||||
{
|
||||
$partition = (string) $this->option('partition');
|
||||
$fromId = (int) $this->option('from-id');
|
||||
$dryRun = (bool) $this->option('dry-run');
|
||||
$force = (bool) $this->option('force');
|
||||
|
||||
if ($partition === '' || $fromId <= 0) {
|
||||
$this->error('--partition и --from-id обязательны');
|
||||
|
||||
return self::FAILURE;
|
||||
}
|
||||
|
||||
$parentTable = (string) preg_replace('/_y\d{4}_m\d{2}$/', '', $partition);
|
||||
|
||||
if (! array_key_exists($parentTable, AuditChainConfig::TABLES)) {
|
||||
$this->error("Partition '{$partition}' не относится к поддерживаемым аудит-таблицам.");
|
||||
$this->line('Поддерживаемые: '.implode(', ', array_keys(AuditChainConfig::TABLES)));
|
||||
|
||||
return self::FAILURE;
|
||||
}
|
||||
|
||||
$partitionClause = AuditChainConfig::TABLES[$parentTable]['partition'];
|
||||
$rowExpr = AuditChainConfig::rowExpression($parentTable);
|
||||
|
||||
$count = DB::connection('pgsql_supplier')
|
||||
->table($partition)
|
||||
->where('id', '>=', $fromId)
|
||||
->count();
|
||||
|
||||
$scopeLabel = $partitionClause !== '' ? $partitionClause : 'global (within partition)';
|
||||
|
||||
$this->info("Партиция : {$partition}");
|
||||
$this->info("Родитель : {$parentTable}");
|
||||
$this->info("Scope : {$scopeLabel}");
|
||||
$this->info("От id : {$fromId}");
|
||||
$this->info("Строк : {$count}");
|
||||
|
||||
if ($count === 0) {
|
||||
$this->warn('Нет строк с id >= '.$fromId.'. Пересчёт не нужен.');
|
||||
|
||||
return self::SUCCESS;
|
||||
}
|
||||
|
||||
if ($dryRun) {
|
||||
$this->warn('--dry-run: UPDATE не выполнен.');
|
||||
|
||||
return self::SUCCESS;
|
||||
}
|
||||
|
||||
if (! $force && ! $this->confirm(
|
||||
"Пересчитать log_hash для {$count} строк в {$partition} (scope: {$scopeLabel})? Это изменит данные в проде.",
|
||||
false,
|
||||
)) {
|
||||
$this->warn('Отменено.');
|
||||
|
||||
return self::FAILURE;
|
||||
}
|
||||
|
||||
// Disable BEFORE triggers (audit_block_mutation blocks UPDATE).
|
||||
// Use session-level SET so it works even inside a wrapping transaction
|
||||
// (e.g. DatabaseTransactions in tests). Reset in finally.
|
||||
DB::connection('pgsql_supplier')->statement("SET session_replication_role = 'replica'");
|
||||
|
||||
try {
|
||||
$totalUpdated = 0;
|
||||
|
||||
if ($partitionClause === 'PARTITION BY tenant_id') {
|
||||
// Per-tenant rebuild — separate scope iteration per tenant.
|
||||
$tenantIds = DB::connection('pgsql_supplier')
|
||||
->table($partition)
|
||||
->where('id', '>=', $fromId)
|
||||
->distinct()
|
||||
->pluck('tenant_id')
|
||||
->all();
|
||||
|
||||
foreach ($tenantIds as $tenantId) {
|
||||
$totalUpdated += $this->rebuildScope(
|
||||
$partition,
|
||||
$rowExpr,
|
||||
$fromId,
|
||||
'tenant_id',
|
||||
(int) $tenantId,
|
||||
);
|
||||
}
|
||||
} else {
|
||||
// BYPASSRLS-таблицы (auth_log, saas_admin_audit_log) — global scope.
|
||||
$totalUpdated = $this->rebuildScope($partition, $rowExpr, $fromId, null, null);
|
||||
}
|
||||
|
||||
$this->info("Обновлено {$totalUpdated} строк в {$partition}.");
|
||||
} finally {
|
||||
DB::connection('pgsql_supplier')->statement("SET session_replication_role = 'origin'");
|
||||
}
|
||||
|
||||
$this->info('Готово. Запустите audit:verify-chains для проверки целостности.');
|
||||
|
||||
return self::SUCCESS;
|
||||
}
|
||||
|
||||
/**
|
||||
* Пересчитывает chain для одного scope (tenant или global).
|
||||
*
|
||||
* Iterative PHP loop: prev_hash propagate'ится forward через каждый row,
|
||||
* UPDATE применяется immediately чтобы snapshot для следующей iteration
|
||||
* был свежий (default PG READ COMMITTED — own writes visible immediately).
|
||||
*
|
||||
* @param string|null $tenantColumn 'tenant_id' для per-tenant scope, null для global
|
||||
* @param int|null $tenantValue значение tenant_id для этого scope (если применимо)
|
||||
*/
|
||||
private function rebuildScope(
|
||||
string $partition,
|
||||
string $rowExpr,
|
||||
int $fromId,
|
||||
?string $tenantColumn,
|
||||
?int $tenantValue,
|
||||
): int {
|
||||
// Find prev_hash (last row before fromId within scope).
|
||||
$prevQuery = DB::connection('pgsql_supplier')
|
||||
->table($partition)
|
||||
->where('id', '<', $fromId);
|
||||
if ($tenantColumn !== null) {
|
||||
$prevQuery->where($tenantColumn, $tenantValue);
|
||||
}
|
||||
$prevHashRow = $prevQuery->orderByDesc('id')->first(['log_hash']);
|
||||
$prevHashHex = $this->bytesToHex($prevHashRow?->log_hash);
|
||||
|
||||
// Get rows to rebuild ordered by id.
|
||||
$rowsQuery = DB::connection('pgsql_supplier')
|
||||
->table($partition)
|
||||
->where('id', '>=', $fromId);
|
||||
if ($tenantColumn !== null) {
|
||||
$rowsQuery->where($tenantColumn, $tenantValue);
|
||||
}
|
||||
$rows = $rowsQuery->orderBy('id')->get(['id']);
|
||||
|
||||
$updated = 0;
|
||||
foreach ($rows as $row) {
|
||||
$prevHashExpr = $prevHashHex !== null
|
||||
? "'{$prevHashHex}'::bytea"
|
||||
: "''::bytea";
|
||||
|
||||
$sql = "
|
||||
UPDATE {$partition}
|
||||
SET log_hash = (
|
||||
SELECT digest(
|
||||
COALESCE({$prevHashExpr}, ''::bytea)
|
||||
|| (SELECT {$rowExpr}::text::bytea FROM {$partition} t WHERE t.id = ?)
|
||||
, 'sha256'
|
||||
)
|
||||
)
|
||||
WHERE id = ?
|
||||
RETURNING log_hash
|
||||
";
|
||||
|
||||
$result = DB::connection('pgsql_supplier')->selectOne($sql, [$row->id, $row->id]);
|
||||
$updated++;
|
||||
|
||||
$prevHashHex = $this->bytesToHex($result?->log_hash);
|
||||
}
|
||||
|
||||
return $updated;
|
||||
}
|
||||
|
||||
/**
|
||||
* Convert a BYTEA value (PHP resource or string) to hex literal for SQL.
|
||||
* PostgreSQL PDO driver returns BYTEA as a PHP stream resource.
|
||||
*/
|
||||
private function bytesToHex(mixed $value): ?string
|
||||
{
|
||||
if ($value === null) {
|
||||
return null;
|
||||
}
|
||||
$bin = is_resource($value) ? stream_get_contents($value) : (string) $value;
|
||||
if ($bin === '' || $bin === false) {
|
||||
return null;
|
||||
}
|
||||
|
||||
return '\\x'.bin2hex($bin);
|
||||
}
|
||||
}
|
||||
@@ -1,33 +0,0 @@
|
||||
<?php
|
||||
|
||||
declare(strict_types=1);
|
||||
|
||||
namespace App\Console\Commands;
|
||||
|
||||
use App\Jobs\Billing\BalanceFrozenReminderJob;
|
||||
use Illuminate\Console\Command;
|
||||
|
||||
/**
|
||||
* Daily: повторные письма заморозки баланса.
|
||||
* • reminder в окне 24-48ч после freeze;
|
||||
* • final в окне 72-96ч после freeze.
|
||||
*
|
||||
* Запускается @18:30 MSK (routes/console.php), после основного preflight-sweep @18:00.
|
||||
* Throttle живёт в BalanceFrozenReminderJob через balance_freeze_log markers.
|
||||
*/
|
||||
final class BillingFrozenReminderCommand extends Command
|
||||
{
|
||||
/** @var string */
|
||||
protected $signature = 'billing:frozen-reminder';
|
||||
|
||||
/** @var string */
|
||||
protected $description = 'Повторные письма заморозки баланса (reminder +1д, final +3д)';
|
||||
|
||||
public function handle(): int
|
||||
{
|
||||
(new BalanceFrozenReminderJob)->handle();
|
||||
$this->info('Повторные письма заморозки разосланы (если есть кандидаты в окнах).');
|
||||
|
||||
return self::SUCCESS;
|
||||
}
|
||||
}
|
||||
@@ -1,95 +0,0 @@
|
||||
<?php
|
||||
|
||||
declare(strict_types=1);
|
||||
|
||||
namespace App\Console\Commands;
|
||||
|
||||
use App\Models\BalanceTransaction;
|
||||
use App\Models\PricingTier;
|
||||
use App\Models\Tenant;
|
||||
use Illuminate\Console\Command;
|
||||
use Illuminate\Support\Carbon;
|
||||
use Illuminate\Support\Facades\DB;
|
||||
|
||||
/**
|
||||
* Идемпотентная одноразовая миграция: balance_leads → balance_rub по цене ступени 1.
|
||||
*
|
||||
* Запускается ОДИН РАЗ в проде после деплоя Billing v2 Spec A Phase A. Повторный
|
||||
* запуск — no-op (тенанты с balance_leads=0 уже не обрабатываются).
|
||||
*
|
||||
* Per-tenant атомарность: lockForUpdate(Tenant) внутри DB::transaction.
|
||||
*
|
||||
* Spec: docs/superpowers/specs/2026-05-23-billing-v2-spec-a-balance-rub-design.md §4.4
|
||||
* Plan: docs/superpowers/plans/2026-05-23-billing-v2-spec-a-balance-rub-plan.md Task A.11
|
||||
*/
|
||||
final class BillingMigrateLeadsToRubCommand extends Command
|
||||
{
|
||||
protected $signature = 'billing:migrate-leads-to-rub';
|
||||
|
||||
protected $description = 'Convert legacy balance_leads to balance_rub at tier 1 price (idempotent, run once in prod)';
|
||||
|
||||
public function handle(): int
|
||||
{
|
||||
$tier1 = PricingTier::query()
|
||||
->where('is_active', true)
|
||||
->where('tier_no', 1)
|
||||
->where('effective_from', '<=', Carbon::now('Europe/Moscow')->toDateString())
|
||||
->orderBy('effective_from', 'desc')
|
||||
->first();
|
||||
|
||||
if ($tier1 === null) {
|
||||
$this->error('No active tier 1 found. Aborting.');
|
||||
|
||||
return self::FAILURE;
|
||||
}
|
||||
|
||||
$count = 0;
|
||||
|
||||
Tenant::query()
|
||||
->where('balance_leads', '>', 0)
|
||||
->chunkById(100, function ($tenants) use ($tier1, &$count): void {
|
||||
foreach ($tenants as $tenant) {
|
||||
DB::transaction(function () use ($tenant, $tier1, &$count): void {
|
||||
/** @var Tenant|null $locked */
|
||||
$locked = Tenant::query()
|
||||
->whereKey($tenant->id)
|
||||
->lockForUpdate()
|
||||
->first();
|
||||
|
||||
if ($locked === null || (int) $locked->balance_leads <= 0) {
|
||||
return; // idempotency — already migrated or zero
|
||||
}
|
||||
|
||||
$migratedLeads = (int) $locked->balance_leads;
|
||||
$migratedKopecks = bcmul((string) $migratedLeads, (string) $tier1->price_per_lead_kopecks, 0);
|
||||
$migratedRub = bcdiv((string) $migratedKopecks, '100', 2);
|
||||
$newBalanceRub = bcadd((string) $locked->balance_rub, $migratedRub, 2);
|
||||
|
||||
DB::table('tenants')
|
||||
->where('id', $locked->id)
|
||||
->update([
|
||||
'balance_rub' => $newBalanceRub,
|
||||
'balance_leads' => 0,
|
||||
]);
|
||||
|
||||
BalanceTransaction::create([
|
||||
'tenant_id' => $locked->id,
|
||||
'type' => BalanceTransaction::TYPE_MIGRATION,
|
||||
'amount_leads' => -$migratedLeads,
|
||||
'amount_rub' => $migratedRub,
|
||||
'balance_leads_after' => 0,
|
||||
'balance_rub_after' => $newBalanceRub,
|
||||
'description' => 'Конвертация предоплаченных лидов в ₽ (миграция модели биллинга Spec A)',
|
||||
'created_at' => now(),
|
||||
]);
|
||||
|
||||
$count++;
|
||||
});
|
||||
}
|
||||
});
|
||||
|
||||
$this->info("Migrated {$count} tenant(s).");
|
||||
|
||||
return self::SUCCESS;
|
||||
}
|
||||
}
|
||||
@@ -1,37 +0,0 @@
|
||||
<?php
|
||||
|
||||
declare(strict_types=1);
|
||||
|
||||
namespace App\Console\Commands;
|
||||
|
||||
use App\Jobs\Billing\BalancePreflightSweepJob;
|
||||
use Illuminate\Console\Command;
|
||||
|
||||
/**
|
||||
* One-time: при выкатке преfflight прогнать всех тенантов и заморозить
|
||||
* недофинансированных. Запускается ОДИН раз вручную после миграции.
|
||||
*
|
||||
* См. спек §3.9: «Клиент уже в минусовом балансе на момент запуска
|
||||
* преfflight (legacy состояние) — одноразовая artisan-команда».
|
||||
*
|
||||
* Идемпотентна: повторный запуск не пере-замораживает уже замороженных
|
||||
* (логика sweep-джоба — переход active→frozen / frozen→active, стабильное
|
||||
* состояние не трогается).
|
||||
*/
|
||||
final class BillingPreflightInitialSweepCommand extends Command
|
||||
{
|
||||
/** @var string */
|
||||
protected $signature = 'billing:preflight-initial-sweep';
|
||||
|
||||
/** @var string */
|
||||
protected $description = 'Разовый преfflight при внедрении — заморозить недофинансированных тенантов';
|
||||
|
||||
public function handle(): int
|
||||
{
|
||||
$this->warn('Разовый преfflight всех тенантов. Запускать ОДИН раз после выкатки Spec C.');
|
||||
(new BalancePreflightSweepJob)->handle();
|
||||
$this->info('Initial sweep завершён.');
|
||||
|
||||
return self::SUCCESS;
|
||||
}
|
||||
}
|
||||
@@ -1,23 +0,0 @@
|
||||
<?php
|
||||
|
||||
declare(strict_types=1);
|
||||
|
||||
namespace App\Console\Commands;
|
||||
|
||||
use App\Jobs\Billing\BalancePreflightSweepJob;
|
||||
use Illuminate\Console\Command;
|
||||
|
||||
final class BillingPreflightSweepCommand extends Command
|
||||
{
|
||||
protected $signature = 'billing:preflight-sweep';
|
||||
|
||||
protected $description = 'Ежедневный преfflight баланса — заморозка/разморозка тенантов (cut-off 18:00 MSK)';
|
||||
|
||||
public function handle(): int
|
||||
{
|
||||
(new BalancePreflightSweepJob)->handle();
|
||||
$this->info('Преfflight sweep завершён.');
|
||||
|
||||
return self::SUCCESS;
|
||||
}
|
||||
}
|
||||
@@ -27,13 +27,12 @@ class IncidentsWatchFailures extends Command
|
||||
private const DB_CONNECTION = 'pgsql_supplier';
|
||||
|
||||
protected $signature = 'incidents:watch-failures
|
||||
{--window=10 : Окно сканирования в минутах}
|
||||
{--threshold=200 : Порог спайка для failed_webhook_jobs}
|
||||
{--threshold-spike=10 : Порог спайка для failed_jobs (за окно)}
|
||||
{--threshold-daily=50 : Порог суммы за 24ч для failed_jobs}
|
||||
{--persistent-hours=3 : Порог возраста persistent-exception для failed_jobs}
|
||||
{--dedup-window=60 : Окно дедупа открытых инцидентов в минутах}
|
||||
{--threshold-single-lead=1000 : Порог storm detection: failures одного supplier_lead_id за окно}';
|
||||
{--window=10 : Окно сканирования в минутах}
|
||||
{--threshold=200 : Порог спайка для failed_webhook_jobs}
|
||||
{--threshold-spike=10 : Порог спайка для failed_jobs (за окно)}
|
||||
{--threshold-daily=50 : Порог суммы за 24ч для failed_jobs}
|
||||
{--persistent-hours=3 : Порог возраста persistent-exception для failed_jobs}
|
||||
{--dedup-window=60 : Окно дедупа открытых инцидентов в минутах}';
|
||||
|
||||
protected $description = 'Сканирует failed_webhook_jobs и failed_jobs, создаёт incidents_log на превышение порогов';
|
||||
|
||||
@@ -46,8 +45,6 @@ class IncidentsWatchFailures extends Command
|
||||
$persistentHours = (int) $this->option('persistent-hours');
|
||||
$dedupMinutes = (int) $this->option('dedup-window');
|
||||
|
||||
$thresholdSingleLead = (int) $this->option('threshold-single-lead');
|
||||
|
||||
$since = Carbon::now()->subMinutes($windowMinutes);
|
||||
$since24h = Carbon::now()->subHours(24);
|
||||
$dedupAt = Carbon::now()->subMinutes($dedupMinutes);
|
||||
@@ -188,39 +185,6 @@ class IncidentsWatchFailures extends Command
|
||||
$this->info("Job persistent [medium]: {$jobClass}");
|
||||
}
|
||||
|
||||
// ===== БЛОК 5: single-lead storm detection =====
|
||||
// Detects случай когда один supplier_lead_id генерирует >= threshold
|
||||
// failures за окно — классический шторм от застрявшего лида (Finding 2,
|
||||
// 2026-05-29). Создаём severity=high инцидент per lead_id.
|
||||
if ($thresholdSingleLead > 0) {
|
||||
$stormLeads = DB::connection(self::DB_CONNECTION)
|
||||
->table('failed_webhook_jobs')
|
||||
->selectRaw("raw_payload->>'supplier_lead_id' AS lead_id, COUNT(*) AS cnt")
|
||||
->whereNull('resolved_at')
|
||||
->where('failed_at', '>=', $since)
|
||||
->whereRaw("raw_payload ?? 'supplier_lead_id'")
|
||||
->groupByRaw("raw_payload->>'supplier_lead_id'")
|
||||
->havingRaw('COUNT(*) >= ?', [$thresholdSingleLead])
|
||||
->get();
|
||||
|
||||
foreach ($stormLeads as $row) {
|
||||
$leadId = $row->lead_id;
|
||||
$cnt = (int) $row->cnt;
|
||||
$dedupKey = "single-lead-storm:{$leadId}";
|
||||
|
||||
if ($this->isDup($dedupKey, $dedupAt)) {
|
||||
$this->line("Skipping single-lead-storm (dedup): {$dedupKey}");
|
||||
|
||||
continue;
|
||||
}
|
||||
|
||||
$summary = "Автоматически: single-lead-storm {$cnt} failures supplier_lead_id={$leadId} за {$windowMinutes} мин. Вероятная причина: terminal error без fast-fail guard.";
|
||||
$this->createIncident($adminId, 'other', 'high', $summary, $since, $now, $dedupKey);
|
||||
$created++;
|
||||
$this->info("Single-lead storm [high]: lead_id={$leadId} — {$cnt}");
|
||||
}
|
||||
}
|
||||
|
||||
$this->info("Done. Created {$created} incident(s).");
|
||||
|
||||
return self::SUCCESS;
|
||||
|
||||
@@ -176,10 +176,6 @@ class PartitionsDropExpired extends Command
|
||||
*/
|
||||
private function dropPartition(string $partitionName): void
|
||||
{
|
||||
// DROP требует владения родителем — крутится через pgsql_supplier
|
||||
// (crm_supplier_worker — член владельца crm_migrator). См.
|
||||
// MonthlyPartitionManager::DDL_CONNECTION.
|
||||
DB::connection(MonthlyPartitionManager::DDL_CONNECTION)
|
||||
->statement("DROP TABLE IF EXISTS {$partitionName}");
|
||||
DB::statement("DROP TABLE IF EXISTS {$partitionName}");
|
||||
}
|
||||
}
|
||||
|
||||
@@ -1,61 +0,0 @@
|
||||
<?php
|
||||
|
||||
declare(strict_types=1);
|
||||
|
||||
namespace App\Console\Commands;
|
||||
|
||||
use Carbon\Carbon;
|
||||
use Illuminate\Console\Command;
|
||||
use Illuminate\Support\Facades\DB;
|
||||
use Illuminate\Support\Facades\Log;
|
||||
|
||||
/**
|
||||
* Создаёт project_routing_snapshots за указанную дату из текущего live-состояния.
|
||||
* Используется один раз при выкатке Этапа 2 + для ручного recovery после падения cron'а.
|
||||
*
|
||||
* Spec §4.2.6.
|
||||
*/
|
||||
final class SnapshotBackfillCommand extends Command
|
||||
{
|
||||
protected $signature = 'snapshot:backfill {--date= : YYYY-MM-DD, по умолчанию сегодня}';
|
||||
|
||||
protected $description = 'Заполнить project_routing_snapshots за указанную дату из live projects';
|
||||
|
||||
public function handle(): int
|
||||
{
|
||||
$dateStr = (string) ($this->option('date') ?? Carbon::today('Europe/Moscow')->toDateString());
|
||||
$date = Carbon::parse($dateStr, 'Europe/Moscow');
|
||||
$weekdayBit = 1 << ($date->isoWeekday() - 1);
|
||||
|
||||
$count = DB::connection('pgsql_supplier')->transaction(function () use ($dateStr, $weekdayBit) {
|
||||
return DB::connection('pgsql_supplier')->insert(<<<SQL
|
||||
INSERT INTO project_routing_snapshots (
|
||||
snapshot_date, project_id, tenant_id,
|
||||
daily_limit, delivery_days_mask, regions,
|
||||
signal_type, signal_identifier, sms_senders, sms_keyword,
|
||||
expected_volume
|
||||
)
|
||||
SELECT
|
||||
?::date,
|
||||
p.id, p.tenant_id,
|
||||
COALESCE(p.effective_daily_limit_today, p.daily_limit_target),
|
||||
p.delivery_days_mask, p.regions,
|
||||
p.signal_type, p.signal_identifier, p.sms_senders, p.sms_keyword,
|
||||
COALESCE(p.effective_daily_limit_today, p.daily_limit_target)
|
||||
FROM projects p
|
||||
INNER JOIN tenants t ON t.id = p.tenant_id
|
||||
WHERE p.is_active = true
|
||||
AND (p.delivery_days_mask & ?::int) <> 0
|
||||
AND p.preflight_blocked_at IS NULL
|
||||
AND t.frozen_by_balance_at IS NULL
|
||||
AND t.deleted_at IS NULL
|
||||
ON CONFLICT (snapshot_date, project_id) DO NOTHING
|
||||
SQL, [$dateStr, $weekdayBit]);
|
||||
});
|
||||
|
||||
$this->info("Snapshot backfilled for {$dateStr}: {$count} rows.");
|
||||
Log::info('snapshot.backfill', ['date' => $dateStr, 'rows' => $count]);
|
||||
|
||||
return self::SUCCESS;
|
||||
}
|
||||
}
|
||||
@@ -1,82 +0,0 @@
|
||||
<?php
|
||||
|
||||
declare(strict_types=1);
|
||||
|
||||
namespace App\Console\Commands;
|
||||
|
||||
use Carbon\Carbon;
|
||||
use Illuminate\Console\Command;
|
||||
use Illuminate\Support\Facades\DB;
|
||||
use Illuminate\Support\Facades\Log;
|
||||
|
||||
/**
|
||||
* Перестраивает project_routing_snapshots за указанную дату из текущего
|
||||
* live-состояния, ПЕРЕЗАПИСЫВАЯ существующий snapshot.
|
||||
*
|
||||
* В отличие от `snapshot:backfill` (идемпотентный — ON CONFLICT DO NOTHING),
|
||||
* `snapshot:rebuild` всегда сначала DELETE'ит существующий snapshot за дату,
|
||||
* затем создаёт новый. Используется для manual recovery после падения
|
||||
* `SnapshotProjectRoutingJob` cron'а с уже частично записанным snapshot'ом
|
||||
* (см. Task 2.10, Spec §4.2.6 fail-loud strategy).
|
||||
*
|
||||
* Fail-loud strategy:
|
||||
* 1. Heartbeat alarm via SchedulerHeartbeatTracker (Task 2.4).
|
||||
* 2. LeadRouter Log::error on missing snapshot (Task 2.5).
|
||||
* 3. Manual recovery: `php artisan snapshot:rebuild --date=YYYY-MM-DD`.
|
||||
*
|
||||
* NO fallback to live projects — explicit downtime + alert is safer
|
||||
* than silent regression.
|
||||
*/
|
||||
final class SnapshotRebuildCommand extends Command
|
||||
{
|
||||
protected $signature = 'snapshot:rebuild {--date= : YYYY-MM-DD, по умолчанию сегодня}';
|
||||
|
||||
protected $description = 'Перестроить project_routing_snapshots за указанную дату (DELETE+INSERT, для recovery)';
|
||||
|
||||
public function handle(): int
|
||||
{
|
||||
$dateStr = (string) ($this->option('date') ?? Carbon::today('Europe/Moscow')->toDateString());
|
||||
$date = Carbon::parse($dateStr, 'Europe/Moscow');
|
||||
$weekdayBit = 1 << ($date->isoWeekday() - 1);
|
||||
|
||||
// NB: НЕ оборачиваем в ->transaction() — это recovery-команда, half-done state
|
||||
// допустим (retry восстанавливает; на проде admin контроль). Wrapper конфликтует
|
||||
// с tests SharesSupplierPdo (shared PDO + nested transaction levels).
|
||||
$deleted = DB::connection('pgsql_supplier')
|
||||
->table('project_routing_snapshots')
|
||||
->where('snapshot_date', $dateStr)
|
||||
->delete();
|
||||
|
||||
$inserted = DB::connection('pgsql_supplier')->insert(<<<SQL
|
||||
INSERT INTO project_routing_snapshots (
|
||||
snapshot_date, project_id, tenant_id,
|
||||
daily_limit, delivery_days_mask, regions,
|
||||
signal_type, signal_identifier, sms_senders, sms_keyword,
|
||||
expected_volume
|
||||
)
|
||||
SELECT
|
||||
?::date,
|
||||
p.id, p.tenant_id,
|
||||
COALESCE(p.effective_daily_limit_today, p.daily_limit_target),
|
||||
p.delivery_days_mask, p.regions,
|
||||
p.signal_type, p.signal_identifier, p.sms_senders, p.sms_keyword,
|
||||
COALESCE(p.effective_daily_limit_today, p.daily_limit_target)
|
||||
FROM projects p
|
||||
INNER JOIN tenants t ON t.id = p.tenant_id
|
||||
WHERE p.is_active = true
|
||||
AND (p.delivery_days_mask & ?::int) <> 0
|
||||
AND p.preflight_blocked_at IS NULL
|
||||
AND t.frozen_by_balance_at IS NULL
|
||||
AND t.deleted_at IS NULL
|
||||
SQL, [$dateStr, $weekdayBit]);
|
||||
|
||||
$this->info("Snapshot rebuilt for {$dateStr}: deleted={$deleted}, inserted={$inserted}.");
|
||||
Log::warning('snapshot.rebuild', [
|
||||
'date' => $dateStr,
|
||||
'deleted' => $deleted,
|
||||
'inserted' => $inserted,
|
||||
]);
|
||||
|
||||
return self::SUCCESS;
|
||||
}
|
||||
}
|
||||
@@ -1,128 +0,0 @@
|
||||
<?php
|
||||
|
||||
declare(strict_types=1);
|
||||
|
||||
namespace App\Console\Commands;
|
||||
|
||||
use App\Jobs\Supplier\DeleteSupplierProjectJob;
|
||||
use Illuminate\Console\Command;
|
||||
use Illuminate\Support\Facades\DB;
|
||||
|
||||
/**
|
||||
* One-time migration: clean up orphan supplier_projects rows created by the
|
||||
* now-removed buildUniqueKey($p, $platform) divergence for SMS+keyword projects.
|
||||
*
|
||||
* Before R-17 unification (Stage 4 §4.4.1) SMS+keyword projects had two diverging
|
||||
* supplier_projects keys per group:
|
||||
* B2: unique_key = sender+keyword
|
||||
* B3: unique_key = sender (without keyword) — ORPHAN after unification
|
||||
*
|
||||
* This command finds orphan B3 rows (sms, no '+' in unique_key, owning project has
|
||||
* sms_keyword) and either UPDATEs them to sender+keyword (no sibling) or marks them
|
||||
* for deletion via DeleteSupplierProjectJob (sibling at sender+keyword already exists).
|
||||
*
|
||||
* Usage:
|
||||
* php artisan supplier:rekey-orphans --dry-run # preview
|
||||
* php artisan supplier:rekey-orphans # apply
|
||||
*
|
||||
* Spec §4.4.1.
|
||||
*/
|
||||
final class SupplierRekeyOrphansCommand extends Command
|
||||
{
|
||||
protected $signature = 'supplier:rekey-orphans {--dry-run : Preview without modifying anything}';
|
||||
|
||||
protected $description = 'One-time R-17 cleanup of orphan SMS supplier_projects keyed under sender alone';
|
||||
|
||||
public function handle(): int
|
||||
{
|
||||
$dryRun = (bool) $this->option('dry-run');
|
||||
|
||||
// Find candidate orphans: sms supplier_projects whose unique_key has no '+'
|
||||
// and whose tenant has an SMS project with sms_keyword set matching this sender.
|
||||
$orphans = DB::connection('pgsql_supplier')
|
||||
->table('supplier_projects as sp')
|
||||
->join('project_supplier_links as psl', 'psl.supplier_project_id', '=', 'sp.id')
|
||||
->join('projects as p', 'p.id', '=', 'psl.project_id')
|
||||
->where('sp.signal_type', 'sms')
|
||||
->where('sp.unique_key', 'NOT LIKE', '%+%')
|
||||
->whereNotNull('p.sms_keyword')
|
||||
->where('p.sms_keyword', '!=', '')
|
||||
->select([
|
||||
'sp.id as sp_id',
|
||||
'sp.unique_key as sender',
|
||||
'sp.platform',
|
||||
'p.tenant_id',
|
||||
'p.sms_keyword as keyword',
|
||||
])
|
||||
->get();
|
||||
|
||||
if ($orphans->isEmpty()) {
|
||||
$this->info('No orphan SMS supplier_projects found. Nothing to migrate.');
|
||||
|
||||
return self::SUCCESS;
|
||||
}
|
||||
|
||||
$this->info(sprintf('Found %d orphan SMS supplier_projects row(s).', $orphans->count()));
|
||||
|
||||
$updated = 0;
|
||||
$dispatched = 0;
|
||||
$toDelete = [];
|
||||
|
||||
foreach ($orphans as $o) {
|
||||
$sender = (string) $o->sender;
|
||||
$keyword = (string) $o->keyword;
|
||||
$newKey = $sender.'+'.$keyword;
|
||||
|
||||
// Sibling check: another supplier_project for same tenant/keyword combo already
|
||||
// exists at the unified key? Look across pivot to the same tenant scope.
|
||||
$siblingExists = DB::connection('pgsql_supplier')
|
||||
->table('supplier_projects as sp2')
|
||||
->join('project_supplier_links as psl2', 'psl2.supplier_project_id', '=', 'sp2.id')
|
||||
->join('projects as p2', 'p2.id', '=', 'psl2.project_id')
|
||||
->where('sp2.signal_type', 'sms')
|
||||
->where('sp2.unique_key', $newKey)
|
||||
->where('p2.tenant_id', $o->tenant_id)
|
||||
->where('sp2.id', '!=', $o->sp_id)
|
||||
->exists();
|
||||
|
||||
if ($siblingExists) {
|
||||
$toDelete[] = (int) $o->sp_id;
|
||||
$this->line(sprintf(
|
||||
' orphan #%d (%s sender=%s) → DELETE (sibling at %s exists for tenant %d)',
|
||||
$o->sp_id, $o->platform, $sender, $newKey, $o->tenant_id
|
||||
));
|
||||
|
||||
continue;
|
||||
}
|
||||
|
||||
$this->line(sprintf(
|
||||
' orphan #%d (%s sender=%s) → UPDATE unique_key=%s',
|
||||
$o->sp_id, $o->platform, $sender, $newKey
|
||||
));
|
||||
|
||||
if (! $dryRun) {
|
||||
DB::connection('pgsql_supplier')
|
||||
->table('supplier_projects')
|
||||
->where('id', $o->sp_id)
|
||||
->update(['unique_key' => $newKey, 'updated_at' => now()]);
|
||||
$updated++;
|
||||
}
|
||||
}
|
||||
|
||||
if (! $dryRun && $toDelete !== []) {
|
||||
DeleteSupplierProjectJob::dispatch($toDelete);
|
||||
$dispatched = count($toDelete);
|
||||
}
|
||||
|
||||
if ($dryRun) {
|
||||
$this->warn('--dry-run: no changes made.');
|
||||
} else {
|
||||
$this->info(sprintf(
|
||||
'Migration complete: %d row(s) updated, %d row(s) queued for deletion.',
|
||||
$updated, $dispatched
|
||||
));
|
||||
}
|
||||
|
||||
return self::SUCCESS;
|
||||
}
|
||||
}
|
||||
@@ -5,7 +5,6 @@ declare(strict_types=1);
|
||||
namespace App\Console\Commands;
|
||||
|
||||
use App\Mail\AuditChainBreachMail;
|
||||
use App\Services\Audit\AuditChainConfig;
|
||||
use Illuminate\Console\Command;
|
||||
use Illuminate\Support\Carbon;
|
||||
use Illuminate\Support\Facades\DB;
|
||||
@@ -84,12 +83,166 @@ class VerifyAuditChains extends Command
|
||||
|
||||
protected $description = 'Проверяет целостность SHA-256 hash-chain в 6 audit-таблицах (per-partition)';
|
||||
|
||||
/**
|
||||
* Конфигурация таблиц: имя таблицы → [columns, partition_clause].
|
||||
*
|
||||
* columns: список столбцов строго в порядке ordinal_position из db/schema.sql.
|
||||
* Специальное значение '__log_hash__' — маркер позиции log_hash → NULL::bytea.
|
||||
*
|
||||
* partition_clause: SQL-фрагмент для OVER (PARTITION BY … ORDER BY id),
|
||||
* воспроизводящий RLS-scope триггера внутри одной партиции.
|
||||
* Пустая строка = глобальная цепочка внутри партиции.
|
||||
*
|
||||
* @var array<string, array{columns: list<string>, partition: string}>
|
||||
*/
|
||||
private const TABLE_CONFIG = [
|
||||
// auth_log:
|
||||
// RLS: actor_type='tenant_user' AND tenant_id = current_setting(...)
|
||||
// Tenant-сессия видит только (actor_type='tenant_user', tenant_id=N).
|
||||
// saas_admin-сессия BYPASSRLS — видит всё.
|
||||
// Partition (actor_type, tenant_id) воспроизводит оба случая:
|
||||
// каждая пара образует независимую цепочку.
|
||||
'auth_log' => [
|
||||
'columns' => [
|
||||
'id',
|
||||
'actor_type',
|
||||
'tenant_id',
|
||||
'user_id',
|
||||
'saas_admin_user_id',
|
||||
'email',
|
||||
'event',
|
||||
'ip_address',
|
||||
'user_agent',
|
||||
'failure_reason',
|
||||
'__log_hash__', // log_hash → NULL::bytea
|
||||
'created_at',
|
||||
],
|
||||
// global chain: auth_log пишется при ЛОГИНЕ под BYPASSRLS-роль
|
||||
// (tenant ещё не установлен — пользователь не аутентифицирован),
|
||||
// поэтому триггерный prev-SELECT видит ВСЕ строки → цепочка глобальная
|
||||
// внутри данной партиции (эмпирически подтверждено прод-smoke).
|
||||
'partition' => '',
|
||||
],
|
||||
|
||||
// activity_log:
|
||||
// RLS: tenant_id = current_setting(...) — простая tenant-изоляция.
|
||||
// Partition: tenant_id.
|
||||
'activity_log' => [
|
||||
'columns' => [
|
||||
'id',
|
||||
'tenant_id',
|
||||
'user_id',
|
||||
'deal_id',
|
||||
'event',
|
||||
'old_value',
|
||||
'new_value',
|
||||
'context',
|
||||
'ip_address',
|
||||
'user_agent',
|
||||
'__log_hash__', // log_hash → NULL::bytea
|
||||
'created_at',
|
||||
],
|
||||
'partition' => 'PARTITION BY tenant_id',
|
||||
],
|
||||
|
||||
// tenant_operations_log:
|
||||
// RLS: tenant_id = current_setting(...) — простая tenant-изоляция.
|
||||
// Partition: tenant_id.
|
||||
'tenant_operations_log' => [
|
||||
'columns' => [
|
||||
'id',
|
||||
'tenant_id',
|
||||
'user_id',
|
||||
'entity_type',
|
||||
'entity_id',
|
||||
'event',
|
||||
'payload_before',
|
||||
'payload_after',
|
||||
'ip_address',
|
||||
'user_agent',
|
||||
'__log_hash__', // log_hash → NULL::bytea
|
||||
'created_at',
|
||||
],
|
||||
'partition' => 'PARTITION BY tenant_id',
|
||||
],
|
||||
|
||||
// balance_transactions:
|
||||
// RLS: tenant_id = current_setting(...) — простая tenant-изоляция.
|
||||
// Partition: tenant_id.
|
||||
'balance_transactions' => [
|
||||
'columns' => [
|
||||
'id',
|
||||
'tenant_id',
|
||||
'type',
|
||||
'amount_rub',
|
||||
'amount_leads',
|
||||
'balance_rub_after',
|
||||
'balance_leads_after',
|
||||
'description',
|
||||
'related_type',
|
||||
'related_id',
|
||||
'user_id',
|
||||
'admin_user_id',
|
||||
'__log_hash__', // log_hash → NULL::bytea
|
||||
'created_at',
|
||||
],
|
||||
'partition' => 'PARTITION BY tenant_id',
|
||||
],
|
||||
|
||||
// pd_processing_log:
|
||||
// RLS: tenant_id = current_setting(...) — простая tenant-изоляция.
|
||||
// Partition: tenant_id.
|
||||
'pd_processing_log' => [
|
||||
'columns' => [
|
||||
'id',
|
||||
'tenant_id',
|
||||
'subject_type',
|
||||
'subject_id',
|
||||
'action',
|
||||
'purpose',
|
||||
'actor_tenant_user_id',
|
||||
'actor_admin_user_id',
|
||||
'ip_address',
|
||||
'__log_hash__', // log_hash → NULL::bytea
|
||||
'created_at',
|
||||
],
|
||||
'partition' => 'PARTITION BY tenant_id',
|
||||
],
|
||||
|
||||
// saas_admin_audit_log:
|
||||
// Нет RLS-политики для tenant-ролей (REVOKE ALL FROM crm_app_user).
|
||||
// Вставляет только crm_admin_user (BYPASSRLS) — триггер's SELECT
|
||||
// видит ВСЕ строки партиции → цепочка глобальная внутри партиции.
|
||||
// Partition: нет (пустая строка = ORDER BY id без PARTITION BY).
|
||||
'saas_admin_audit_log' => [
|
||||
'columns' => [
|
||||
'id',
|
||||
'admin_user_id',
|
||||
'action',
|
||||
'target_type',
|
||||
'target_id',
|
||||
'target_tenant_id',
|
||||
'payload_before',
|
||||
'payload_after',
|
||||
'reason',
|
||||
'ip_address',
|
||||
'user_agent',
|
||||
'requires_approval',
|
||||
'approved_by',
|
||||
'approved_at',
|
||||
'__log_hash__', // log_hash → NULL::bytea
|
||||
'created_at',
|
||||
],
|
||||
'partition' => '', // global chain within partition — inserting role is BYPASSRLS
|
||||
],
|
||||
];
|
||||
|
||||
public function handle(): int
|
||||
{
|
||||
$anyBreach = false;
|
||||
$now = Carbon::now();
|
||||
|
||||
foreach (AuditChainConfig::TABLES as $table => $config) {
|
||||
foreach (self::TABLE_CONFIG as $table => $config) {
|
||||
// Get all partitions for this table via pg_inherits.
|
||||
$partitions = $this->listPartitions($table);
|
||||
|
||||
@@ -99,7 +252,7 @@ class VerifyAuditChains extends Command
|
||||
}
|
||||
|
||||
foreach ($partitions as $partitionName) {
|
||||
$breaches = $this->checkPartition($partitionName, $table, $config['partition']);
|
||||
$breaches = $this->checkPartition($partitionName, $config['columns'], $config['partition']);
|
||||
|
||||
if (empty($breaches)) {
|
||||
$this->line(" ✓ {$partitionName}: chain intact");
|
||||
@@ -168,11 +321,12 @@ class VerifyAuditChains extends Command
|
||||
* где ROW(...) имеет NULL::bytea на позиции log_hash.
|
||||
* 4. Возвращает строки, где stored IS DISTINCT FROM recomputed.
|
||||
*
|
||||
* @param list<string> $columns
|
||||
* @return list<object>
|
||||
*/
|
||||
private function checkPartition(string $partitionName, string $table, string $partition): array
|
||||
private function checkPartition(string $partitionName, array $columns, string $partition): array
|
||||
{
|
||||
$rowExpr = AuditChainConfig::rowExpression($table);
|
||||
$rowExpr = $this->buildRowExpression($columns);
|
||||
|
||||
// Build OVER clause: with or without PARTITION BY depending on table's RLS scope.
|
||||
$overClause = $partition !== ''
|
||||
@@ -212,6 +366,25 @@ class VerifyAuditChains extends Command
|
||||
return $results;
|
||||
}
|
||||
|
||||
/**
|
||||
* Строит SQL-выражение ROW(col1, col2, ..., NULL::bytea, ..., coln)
|
||||
* с NULL::bytea на месте log_hash.
|
||||
*
|
||||
* Пример для auth_log:
|
||||
* ROW(t.id, t.actor_type, t.tenant_id, ..., NULL::bytea, t.created_at)
|
||||
*
|
||||
* @param list<string> $columns
|
||||
*/
|
||||
private function buildRowExpression(array $columns): string
|
||||
{
|
||||
$parts = [];
|
||||
foreach ($columns as $col) {
|
||||
$parts[] = ($col === '__log_hash__') ? 'NULL::bytea' : "t.{$col}";
|
||||
}
|
||||
|
||||
return 'ROW('.implode(', ', $parts).')';
|
||||
}
|
||||
|
||||
/**
|
||||
* Вставляет запись в incidents_log (через pgsql_supplier BYPASSRLS).
|
||||
* Дедупликация: не создаёт повторный инцидент для той же таблицы,
|
||||
|
||||
@@ -5,30 +5,27 @@ declare(strict_types=1);
|
||||
namespace App\Exceptions\Billing;
|
||||
|
||||
use RuntimeException;
|
||||
use Throwable;
|
||||
|
||||
/**
|
||||
* Выбрасывается LedgerService::chargeForDelivery, когда у tenant нет
|
||||
* рублей под текущую tier-цену (balance_rub * 100 < priceKopecks).
|
||||
* Выбрасывается LedgerService::chargeForDelivery, когда tenant не имеет
|
||||
* ни prepaid-лидов (balance_leads >= 1), ни рублей под текущую tier-цену
|
||||
* (balance_rub * 100 >= priceKopecks).
|
||||
*
|
||||
* Ловится в RouteSupplierLeadJob::createDealCopyForProject — инициирует
|
||||
* auto-pause flow (см. spec §4.2).
|
||||
*
|
||||
* Billing v2 Spec A: prepaid-лиды убраны, поэтому balance_leads больше не отражается
|
||||
* в сообщении/полях; источник — единый ₽-баланс.
|
||||
*/
|
||||
final class InsufficientBalanceException extends RuntimeException
|
||||
{
|
||||
public function __construct(
|
||||
public readonly int $priceKopecks,
|
||||
public readonly string $balanceRub,
|
||||
?Throwable $previous = null,
|
||||
public readonly int $balanceLeads,
|
||||
?\Throwable $previous = null,
|
||||
) {
|
||||
parent::__construct(
|
||||
sprintf(
|
||||
'Insufficient balance: price_kopecks=%d, balance_rub=%s',
|
||||
$priceKopecks,
|
||||
$balanceRub,
|
||||
'Insufficient balance: price_kopecks=%d, balance_rub=%s, balance_leads=%d',
|
||||
$priceKopecks, $balanceRub, $balanceLeads,
|
||||
),
|
||||
previous: $previous,
|
||||
);
|
||||
|
||||
@@ -25,15 +25,6 @@ class AdminIncidentsController extends Controller
|
||||
{
|
||||
use ResolvesAdminUserId;
|
||||
|
||||
/**
|
||||
* SaaS-level tables (`incidents_log`, `tenants`, `saas_admin_users`) читаются
|
||||
* под BYPASSRLS-ролью `crm_supplier_worker`: у дефолтной `crm_app_user` нет
|
||||
* грантов на `incidents_log` → `permission denied`. Паттерн соответствует
|
||||
* остальной cross-tenant cron-инфраструктуре (incidents:watch-failures,
|
||||
* scheduler:check-heartbeats, audit:verify-chains).
|
||||
*/
|
||||
private const DB_CONNECTION = 'pgsql_supplier';
|
||||
|
||||
/** GET /api/admin/incidents?type=&severity=&unresolved_only=&limit=&offset= */
|
||||
public function index(Request $request): JsonResponse
|
||||
{
|
||||
@@ -43,7 +34,7 @@ class AdminIncidentsController extends Controller
|
||||
$limit = max(1, min(500, (int) $request->query('limit', '100')));
|
||||
$offset = max(0, (int) $request->query('offset', '0'));
|
||||
|
||||
$query = DB::connection(self::DB_CONNECTION)->table('incidents_log');
|
||||
$query = DB::table('incidents_log');
|
||||
|
||||
if ($type !== '') {
|
||||
$query->where('type', $type);
|
||||
@@ -99,7 +90,7 @@ class AdminIncidentsController extends Controller
|
||||
/** POST /api/admin/incidents/{id}/rkn-notify — зафиксировать уведомление РКН (G6, 152-ФЗ). */
|
||||
public function notifyRkn(Request $request, int $id): JsonResponse
|
||||
{
|
||||
$row = DB::connection(self::DB_CONNECTION)->table('incidents_log')->where('id', $id)->first();
|
||||
$row = DB::table('incidents_log')->where('id', $id)->first();
|
||||
if ($row === null) {
|
||||
abort(404, 'incident not found');
|
||||
}
|
||||
@@ -112,8 +103,8 @@ class AdminIncidentsController extends Controller
|
||||
|
||||
$adminUserId = $this->resolveAdminUserId($request, 'system-incidents@liderra.local', 'System Incidents Bot');
|
||||
|
||||
DB::connection(self::DB_CONNECTION)->transaction(function () use ($row, $adminUserId, $request): void {
|
||||
DB::connection(self::DB_CONNECTION)->table('incidents_log')->where('id', $row->id)->update([
|
||||
DB::transaction(function () use ($row, $adminUserId, $request): void {
|
||||
DB::table('incidents_log')->where('id', $row->id)->update([
|
||||
'rkn_notified_at' => now(),
|
||||
'updated_at' => now(),
|
||||
]);
|
||||
@@ -137,7 +128,7 @@ class AdminIncidentsController extends Controller
|
||||
/** GET /api/admin/incidents/{id} — полная карточка инцидента (drill-down G5). */
|
||||
public function show(int $id): JsonResponse
|
||||
{
|
||||
$row = DB::connection(self::DB_CONNECTION)->table('incidents_log')->where('id', $id)->first();
|
||||
$row = DB::table('incidents_log')->where('id', $id)->first();
|
||||
if ($row === null) {
|
||||
abort(404, 'incident not found');
|
||||
}
|
||||
@@ -148,10 +139,10 @@ class AdminIncidentsController extends Controller
|
||||
|
||||
$tenants = $tenantIds === []
|
||||
? collect()
|
||||
: DB::connection(self::DB_CONNECTION)->table('tenants')->whereIn('id', $tenantIds)
|
||||
: DB::table('tenants')->whereIn('id', $tenantIds)
|
||||
->select(['id', 'organization_name'])->get();
|
||||
|
||||
$admins = DB::connection(self::DB_CONNECTION)->table('saas_admin_users')
|
||||
$admins = DB::table('saas_admin_users')
|
||||
->whereIn('id', array_filter([$row->created_by_admin_id, $row->closed_by_admin_id]))
|
||||
->pluck('full_name', 'id');
|
||||
|
||||
@@ -245,7 +236,7 @@ class AdminIncidentsController extends Controller
|
||||
*/
|
||||
private function computeSummary(): array
|
||||
{
|
||||
$base = DB::connection(self::DB_CONNECTION)->table('incidents_log');
|
||||
$base = DB::table('incidents_log');
|
||||
|
||||
return [
|
||||
'open' => (clone $base)->whereNull('resolved_at')->whereNull('detected_at')->count(),
|
||||
|
||||
@@ -66,7 +66,7 @@ final class AdminPricingTiersController extends Controller
|
||||
'tiers' => ['required', 'array', 'size:7'],
|
||||
'tiers.*.tier_no' => ['required', 'integer', 'between:1,7'],
|
||||
'tiers.*.leads_in_tier' => ['nullable', 'integer', 'min:1'],
|
||||
'tiers.*.price_rub' => ['required', 'string', 'regex:/^\d+(\.\d{1,2})?$/'],
|
||||
'tiers.*.price_rub' => ['required', 'numeric', 'min:0'],
|
||||
'effective_from' => ['sometimes', 'date_format:Y-m-d', 'after:'.$todayMsk],
|
||||
]);
|
||||
|
||||
@@ -101,7 +101,7 @@ final class AdminPricingTiersController extends Controller
|
||||
PricingTier::create([
|
||||
'tier_no' => $tier['tier_no'],
|
||||
'leads_in_tier' => $tier['leads_in_tier'],
|
||||
'price_per_lead_kopecks' => (int) bcmul((string) $tier['price_rub'], '100', 0),
|
||||
'price_per_lead_kopecks' => (int) round(((float) $tier['price_rub']) * 100),
|
||||
'is_active' => true,
|
||||
'effective_from' => $effectiveFrom,
|
||||
]);
|
||||
|
||||
@@ -4,10 +4,7 @@ declare(strict_types=1);
|
||||
|
||||
namespace App\Http\Controllers\Api;
|
||||
|
||||
use App\Http\Controllers\Concerns\ResolvesAdminUserId;
|
||||
use App\Http\Controllers\Controller;
|
||||
use App\Models\BalanceTransaction;
|
||||
use App\Models\SaasAdminAuditLog;
|
||||
use App\Models\Tenant;
|
||||
use Carbon\CarbonImmutable;
|
||||
use Illuminate\Http\JsonResponse;
|
||||
@@ -28,8 +25,6 @@ use Illuminate\Support\Facades\DB;
|
||||
*/
|
||||
class AdminTenantsController extends Controller
|
||||
{
|
||||
use ResolvesAdminUserId;
|
||||
|
||||
/** GET /api/admin/tenants?status=&search=&limit=&offset= */
|
||||
public function index(Request $request): JsonResponse
|
||||
{
|
||||
@@ -187,87 +182,6 @@ class AdminTenantsController extends Controller
|
||||
]);
|
||||
}
|
||||
|
||||
/**
|
||||
* PATCH /api/admin/tenants/{id}/balance — установить точный ₽-баланс тенанта.
|
||||
*
|
||||
* Семантика «set absolute»: админ передаёт целевой balance_rub, сервер
|
||||
* считает знаковую дельту (target − current) и пишет её append-only строкой
|
||||
* balance_transactions(type='manual_adjustment') + saas_admin_audit_log.
|
||||
*
|
||||
* SaaS-уровневый: НЕ tenant-aware. Money — bcmath, lockForUpdate (конвенция
|
||||
* LedgerService / AdminBillingController::refund). balance_leads не трогаем
|
||||
* (Billing v2 Spec A — лиды vestigial, удаляются в Phase B).
|
||||
*/
|
||||
public function updateBalance(Request $request, int $id): JsonResponse
|
||||
{
|
||||
$validated = $request->validate([
|
||||
'balance_rub' => ['required', 'string', 'regex:/^-?\d+(\.\d{1,2})?$/'],
|
||||
'reason' => ['nullable', 'string', 'max:500'],
|
||||
]);
|
||||
|
||||
$target = bcadd((string) $validated['balance_rub'], '0', 2);
|
||||
$reason = isset($validated['reason']) && trim((string) $validated['reason']) !== ''
|
||||
? trim((string) $validated['reason'])
|
||||
: 'Ручная корректировка баланса (админ)';
|
||||
$adminUserId = $this->resolveAdminUserId($request, 'system-balance@liderra.local', 'System Balance Bot');
|
||||
|
||||
/** @var array{balance_rub:string, delta:string, transaction_id:int} $result */
|
||||
$result = DB::transaction(function () use ($id, $target, $reason, $adminUserId, $request): array {
|
||||
DB::statement('SET LOCAL app.current_tenant_id = '.$id);
|
||||
|
||||
$tenant = DB::table('tenants')->where('id', $id)->whereNull('deleted_at')
|
||||
->lockForUpdate()->first();
|
||||
if ($tenant === null) {
|
||||
abort(404, 'tenant not found');
|
||||
}
|
||||
|
||||
$current = (string) $tenant->balance_rub;
|
||||
$delta = bcsub($target, $current, 2);
|
||||
if (bccomp($delta, '0', 2) === 0) {
|
||||
abort(422, 'balance unchanged');
|
||||
}
|
||||
|
||||
DB::table('tenants')->where('id', $id)->update([
|
||||
'balance_rub' => $target,
|
||||
'updated_at' => now(),
|
||||
]);
|
||||
|
||||
$tx = BalanceTransaction::create([
|
||||
'tenant_id' => $id,
|
||||
'type' => BalanceTransaction::TYPE_MANUAL_ADJUSTMENT,
|
||||
'amount_rub' => $delta,
|
||||
'amount_leads' => null,
|
||||
'balance_rub_after' => $target,
|
||||
'balance_leads_after' => null,
|
||||
'description' => $reason,
|
||||
'admin_user_id' => $adminUserId,
|
||||
'created_at' => now(),
|
||||
]);
|
||||
|
||||
SaasAdminAuditLog::create([
|
||||
'admin_user_id' => $adminUserId,
|
||||
'action' => 'tenant.balance_adjusted',
|
||||
'target_type' => 'tenant',
|
||||
'target_id' => $id,
|
||||
'target_tenant_id' => $id,
|
||||
'payload_before' => ['balance_rub' => $current],
|
||||
'payload_after' => ['balance_rub' => $target, 'delta' => $delta, 'transaction_id' => $tx->id],
|
||||
'reason' => $reason,
|
||||
'ip_address' => $request->ip() ?? '127.0.0.1',
|
||||
'user_agent' => $request->userAgent(),
|
||||
]);
|
||||
|
||||
return ['balance_rub' => $target, 'delta' => $delta, 'transaction_id' => (int) $tx->id];
|
||||
});
|
||||
|
||||
return response()->json([
|
||||
'id' => $id,
|
||||
'balance_rub' => $result['balance_rub'],
|
||||
'delta' => $result['delta'],
|
||||
'transaction_id' => $result['transaction_id'],
|
||||
]);
|
||||
}
|
||||
|
||||
/** @return array<int, array<string, mixed>> */
|
||||
private function fetchUsers(int $tenantId): array
|
||||
{
|
||||
|
||||
@@ -6,17 +6,11 @@ namespace App\Http\Controllers\Api;
|
||||
|
||||
use App\Http\Controllers\Controller;
|
||||
use App\Models\BalanceTransaction;
|
||||
use App\Models\PricingTier;
|
||||
use App\Models\Project;
|
||||
use App\Models\Tenant;
|
||||
use App\Models\User;
|
||||
use App\Repositories\PricingTierRepository;
|
||||
use App\Services\Billing\BalanceToLeadsConverter;
|
||||
use App\Services\Billing\BillingTopupService;
|
||||
use Illuminate\Database\Eloquent\Collection;
|
||||
use Illuminate\Http\JsonResponse;
|
||||
use Illuminate\Http\Request;
|
||||
use Illuminate\Support\Carbon;
|
||||
use Illuminate\Support\Facades\DB;
|
||||
|
||||
/**
|
||||
@@ -68,11 +62,7 @@ class BillingController extends Controller
|
||||
}
|
||||
|
||||
/**
|
||||
* GET /api/billing/wallet — единый ₽-баланс + рассчитанные «≈ N лидов» + 7-ступенчатый превью.
|
||||
*
|
||||
* Billing v2 Spec A: `balance_leads` ушёл из ответа; конверсия ₽ → лиды
|
||||
* считается на лету через BalanceToLeadsConverter (точный расчёт по
|
||||
* ступеням, не «по текущей»). Тариф унифицирован до name+features.
|
||||
* GET /api/billing/wallet — балансы тенанта + текущий тариф + runway.
|
||||
*/
|
||||
public function wallet(Request $request): JsonResponse
|
||||
{
|
||||
@@ -81,143 +71,23 @@ class BillingController extends Controller
|
||||
/** @var Tenant $tenant */
|
||||
$tenant = Tenant::query()->with('tariff')->findOrFail((int) $user->tenant_id);
|
||||
|
||||
$activeTiers = app(PricingTierRepository::class)->activeAt(Carbon::now('Europe/Moscow'));
|
||||
$conversion = app(BalanceToLeadsConverter::class)->convert(
|
||||
(string) $tenant->balance_rub,
|
||||
(int) ($tenant->delivered_in_month ?? 0),
|
||||
$activeTiers,
|
||||
);
|
||||
|
||||
$tiersPreview = $activeTiers
|
||||
->sortBy('tier_no')
|
||||
->values()
|
||||
->map(static fn ($t) => [
|
||||
'tier_no' => (int) $t->tier_no,
|
||||
'leads_in_tier' => $t->leads_in_tier === null ? null : (int) $t->leads_in_tier,
|
||||
'price_rub' => bcdiv((string) $t->price_per_lead_kopecks, '100', 2),
|
||||
])
|
||||
->all();
|
||||
|
||||
return response()->json([
|
||||
'balance_rub' => $tenant->balance_rub,
|
||||
'affordable_leads' => $conversion['leads'],
|
||||
'current_tier' => $conversion['current_tier'],
|
||||
'next_tier' => $conversion['next_tier'],
|
||||
'delivered_in_month' => (int) ($tenant->delivered_in_month ?? 0),
|
||||
'runway_days' => $this->runwayDays($tenant, $conversion['leads']),
|
||||
'tiers_preview' => $tiersPreview,
|
||||
'balance_leads' => $tenant->balance_leads,
|
||||
'runway_days' => $this->runwayDays($tenant),
|
||||
'tariff' => $tenant->tariff === null ? null : [
|
||||
'code' => $tenant->tariff->code,
|
||||
'name' => $tenant->tariff->name,
|
||||
'price_monthly' => $tenant->tariff->price_monthly,
|
||||
'billing_model' => $tenant->tariff->billing_model,
|
||||
'features' => $tenant->tariff->features ?? [],
|
||||
],
|
||||
]);
|
||||
}
|
||||
|
||||
/**
|
||||
* GET /api/billing/balance-status — лёгкий статус баланса для UI префлайта
|
||||
* (Billing v2 Spec C §3.6). Питает глобальный баннер заморозки
|
||||
* (BalanceFrozenBanner: frozen_by_balance_at + дефицит) и индикатор ёмкости
|
||||
* (BalanceCapacityIndicator: balance / capacity / required). Грузится в
|
||||
* AppLayout на всех страницах, поэтому без tiers_preview и истории.
|
||||
*/
|
||||
public function balanceStatus(Request $request): JsonResponse
|
||||
{
|
||||
/** @var User $user */
|
||||
$user = $request->user();
|
||||
/** @var Tenant $tenant */
|
||||
$tenant = Tenant::query()->findOrFail((int) $user->tenant_id);
|
||||
|
||||
$activeTiers = app(PricingTierRepository::class)->activeAt(Carbon::now('Europe/Moscow'));
|
||||
$deliveredInMonth = (int) ($tenant->delivered_in_month ?? 0);
|
||||
|
||||
$capacityLeads = (int) app(BalanceToLeadsConverter::class)->convert(
|
||||
(string) $tenant->balance_rub,
|
||||
$deliveredInMonth,
|
||||
$activeTiers,
|
||||
)['leads'];
|
||||
|
||||
// Требуемые лиды/день — сумма лимитов активных не-заблокированных проектов
|
||||
// (та же выборка, что в ProjectController preflight).
|
||||
$requiredLeads = (int) Project::query()
|
||||
->where('tenant_id', $tenant->id)
|
||||
->where('is_active', true)
|
||||
->whereNull('preflight_blocked_at')
|
||||
->sum('daily_limit_target');
|
||||
|
||||
$deficitLeads = max(0, $requiredLeads - $capacityLeads);
|
||||
$deficitRub = '0.00';
|
||||
if ($deficitLeads > 0) {
|
||||
$needed = $this->minBalanceForLeads($requiredLeads, $deliveredInMonth, $activeTiers);
|
||||
$deficitRub = bcsub($needed, (string) $tenant->balance_rub, 2);
|
||||
if (bccomp($deficitRub, '0', 2) < 0) {
|
||||
$deficitRub = '0.00';
|
||||
}
|
||||
}
|
||||
|
||||
return response()->json([
|
||||
'frozen_by_balance_at' => $tenant->frozen_by_balance_at?->toISOString(),
|
||||
'balance_rub' => (string) $tenant->balance_rub,
|
||||
'capacity_leads' => $capacityLeads,
|
||||
'required_leads_per_day' => $requiredLeads,
|
||||
'deficit_leads' => $deficitLeads,
|
||||
'deficit_rub' => $deficitRub,
|
||||
]);
|
||||
}
|
||||
|
||||
/**
|
||||
* Минимальный баланс (₽, scale 2), чтобы позволить себе $leads лидов при уже
|
||||
* доставленных $deliveredInMonth в этом месяце — сумма цен ступеней по позициям
|
||||
* [delivered .. delivered+leads-1]. Зеркалит логику BalanceToLeadsConverter.
|
||||
*
|
||||
* @param Collection<int, PricingTier> $tiers
|
||||
*/
|
||||
private function minBalanceForLeads(int $leads, int $deliveredInMonth, $tiers): string
|
||||
{
|
||||
if ($leads <= 0) {
|
||||
return '0.00';
|
||||
}
|
||||
|
||||
$sorted = $tiers
|
||||
->filter(fn ($t) => (bool) $t->is_active)
|
||||
->sortBy('tier_no')
|
||||
->values();
|
||||
|
||||
$kopecks = '0';
|
||||
$remaining = $leads;
|
||||
$cumulative = 0; // позиции [0..cumulative) пройдены предыдущими ступенями
|
||||
$position = $deliveredInMonth;
|
||||
|
||||
foreach ($sorted as $tier) {
|
||||
$unlimited = $tier->leads_in_tier === null;
|
||||
$tierEnd = $unlimited ? PHP_INT_MAX : $cumulative + (int) $tier->leads_in_tier;
|
||||
|
||||
$slotsInTier = max(0, $tierEnd - max($cumulative, $position));
|
||||
if ($slotsInTier > 0) {
|
||||
$take = min($remaining, $slotsInTier);
|
||||
$kopecks = bcadd($kopecks, bcmul((string) (int) $tier->price_per_lead_kopecks, (string) $take, 0), 0);
|
||||
$remaining -= $take;
|
||||
$position += $take;
|
||||
}
|
||||
|
||||
if ($remaining <= 0 || $unlimited) {
|
||||
break;
|
||||
}
|
||||
$cumulative = $tierEnd;
|
||||
}
|
||||
|
||||
return bcdiv($kopecks, '100', 2);
|
||||
}
|
||||
|
||||
/**
|
||||
* GET /api/billing/transactions?type=topup|lead_charge|migration&page=N
|
||||
* GET /api/billing/transactions?type=topup|lead_charge|refund&page=N
|
||||
* — пагинированная история balance_transactions тенанта (20/страница).
|
||||
*
|
||||
* Billing v2 Spec A: 'refund' убран из whitelist (возвраты не реализуются);
|
||||
* 'migration' добавлен (тип одноразовой конвертации balance_leads → balance_rub).
|
||||
* Поле display_amount_rub в каждой строке — UI-показ суммы; для исторических
|
||||
* prepaid lead_charge (amount_rub='0.00') возвращается '0.00' для маркера
|
||||
* «бесплатное списание».
|
||||
*/
|
||||
public function transactions(Request $request): JsonResponse
|
||||
{
|
||||
@@ -233,35 +103,23 @@ class BillingController extends Controller
|
||||
->orderBy('id', 'desc');
|
||||
|
||||
$type = $request->query('type');
|
||||
if (is_string($type) && in_array($type, ['topup', 'lead_charge', 'migration'], true)) {
|
||||
if (is_string($type) && in_array($type, ['topup', 'lead_charge', 'refund'], true)) {
|
||||
$query->where('type', $type);
|
||||
}
|
||||
|
||||
$page = $query->paginate(20);
|
||||
|
||||
return response()->json([
|
||||
'data' => array_map(static function (BalanceTransaction $tx): array {
|
||||
// Historic prepaid rows: type=lead_charge AND amount_rub=='0.00' (deduction в leads).
|
||||
// display_amount_rub возвращает явное '0.00' для UI-маркера «бесплатное списание»,
|
||||
// несмотря на то что значение совпадает с amount_rub.
|
||||
$displayAmountRub = (string) $tx->amount_rub;
|
||||
if ($tx->type === BalanceTransaction::TYPE_LEAD_CHARGE
|
||||
&& bccomp((string) $tx->amount_rub, '0', 2) === 0) {
|
||||
$displayAmountRub = '0.00';
|
||||
}
|
||||
|
||||
return [
|
||||
'id' => $tx->id,
|
||||
'code' => 'TX-'.$tx->id,
|
||||
'type' => $tx->type,
|
||||
'description' => $tx->description,
|
||||
'amount_rub' => $tx->amount_rub,
|
||||
'amount_leads' => $tx->amount_leads,
|
||||
'balance_rub_after' => $tx->balance_rub_after,
|
||||
'display_amount_rub' => $displayAmountRub,
|
||||
'created_at' => $tx->created_at,
|
||||
];
|
||||
}, $page->items()),
|
||||
'data' => array_map(static fn (BalanceTransaction $tx): array => [
|
||||
'id' => $tx->id,
|
||||
'code' => 'TX-'.$tx->id,
|
||||
'type' => $tx->type,
|
||||
'description' => $tx->description,
|
||||
'amount_rub' => $tx->amount_rub,
|
||||
'amount_leads' => $tx->amount_leads,
|
||||
'balance_rub_after' => $tx->balance_rub_after,
|
||||
'created_at' => $tx->created_at,
|
||||
], $page->items()),
|
||||
'meta' => [
|
||||
'current_page' => $page->currentPage(),
|
||||
'last_page' => $page->lastPage(),
|
||||
@@ -302,35 +160,27 @@ class BillingController extends Controller
|
||||
}
|
||||
|
||||
/**
|
||||
* Прогноз «на сколько дней хватит affordable_leads» — оценочный UX-показатель.
|
||||
* Прогноз «на сколько дней хватит баланса» — оценочный UX-показатель.
|
||||
*
|
||||
* Billing v2 Spec A: считаем по affordable_leads (выход BalanceToLeadsConverter)
|
||||
* делённому на среднюю скорость списания за 30 дней (count(lead_charges)/30).
|
||||
* Раньше формула была balance_rub / per-day-rub-spend — после унификации
|
||||
* единицы измерения «лиды» более показательны и устраняют дрейф между
|
||||
* рублёвой шапкой и тарифной ступенью.
|
||||
*
|
||||
* - affordable_leads ≤ 0 → 0 (тенант не может купить ни одного лида).
|
||||
* - leadsLast30Days = 0 → null (нет истории, не от чего считать).
|
||||
* - иначе → floor(affordable_leads / (leadsLast30Days / 30)).
|
||||
* = balance_rub / (рублёвые списания за 30 дней / 30). NULL, если списаний
|
||||
* не было. Float здесь допустим: грубая оценка для шапки, НЕ мутация
|
||||
* баланса (мутации баланса — строго bcmath, см. BillingTopupService).
|
||||
* Отрицательный баланс → 0 (тенант уже в минусе, runway не может быть < 0).
|
||||
*/
|
||||
private function runwayDays(Tenant $tenant, int $affordableLeads): ?int
|
||||
private function runwayDays(Tenant $tenant): ?int
|
||||
{
|
||||
if ($affordableLeads <= 0) {
|
||||
return 0;
|
||||
}
|
||||
|
||||
$leadsLast30Days = (int) DB::table('lead_charges')
|
||||
$spent = abs((float) DB::table('balance_transactions')
|
||||
->where('tenant_id', $tenant->id)
|
||||
->where('charged_at', '>=', now()->subDays(30))
|
||||
->count();
|
||||
->where('type', BalanceTransaction::TYPE_LEAD_CHARGE)
|
||||
->where('created_at', '>=', now()->subDays(30))
|
||||
->sum('amount_rub'));
|
||||
|
||||
if ($leadsLast30Days <= 0) {
|
||||
if ($spent <= 0.0) {
|
||||
return null;
|
||||
}
|
||||
|
||||
$avgPerDay = $leadsLast30Days / 30.0;
|
||||
$perDay = $spent / 30.0;
|
||||
|
||||
return max(0, (int) floor($affordableLeads / $avgPerDay));
|
||||
return max(0, (int) floor((float) $tenant->balance_rub / $perDay));
|
||||
}
|
||||
}
|
||||
|
||||
@@ -24,9 +24,9 @@ use Illuminate\Support\Facades\DB;
|
||||
* вынесены в `DealBulkActionController`, `export()` — в `DealExportController`.
|
||||
* Этот класс остаётся только для CRUD по одной записи.
|
||||
*
|
||||
* NB: webhook-flow (приём из crm.bp-gr.ru) — отдельный endpoint
|
||||
* `SupplierWebhookController` + `RouteSupplierLeadJob` (шеринг-канал).
|
||||
* Этот controller — для ручных action'ов из UI.
|
||||
* NB: webhook-flow (автосоздание из crm.bp-gr.ru) — отдельный endpoint
|
||||
* `WebhookReceiveController` + `ProcessWebhookJob` (асинхронно через очередь
|
||||
* с advisory lock + dedup). Этот controller — для ручных action'ов из UI.
|
||||
*
|
||||
* J1 (Sprint 3F): auth:sanctum+tenant, tenant_id из auth()->user().
|
||||
*
|
||||
|
||||
@@ -10,10 +10,7 @@ use App\Http\Requests\StoreProjectRequest;
|
||||
use App\Http\Requests\UpdateProjectRequest;
|
||||
use App\Http\Resources\ProjectResource;
|
||||
use App\Jobs\SyncSupplierProjectJob;
|
||||
use App\Models\PricingTier;
|
||||
use App\Models\Project;
|
||||
use App\Models\Tenant;
|
||||
use App\Services\Billing\BalancePreflightService;
|
||||
use App\Services\Project\ProjectService;
|
||||
use Illuminate\Http\JsonResponse;
|
||||
use Illuminate\Http\Request;
|
||||
@@ -120,35 +117,7 @@ class ProjectController extends Controller
|
||||
/** POST /api/projects */
|
||||
public function store(StoreProjectRequest $request): JsonResponse
|
||||
{
|
||||
$validated = $request->validated();
|
||||
$tenant = $request->user()->tenant;
|
||||
$forceSaveBlocked = (bool) ($validated['force_save_blocked'] ?? false);
|
||||
unset($validated['force_save_blocked']);
|
||||
|
||||
// Spec C §3.4: преfflight баланса при создании. existingLimit учитывает только активные.
|
||||
$existingLimit = (int) Project::where('tenant_id', $tenant->id)
|
||||
->where('is_active', true)
|
||||
->whereNull('preflight_blocked_at')
|
||||
->sum('daily_limit_target');
|
||||
$wouldBeRequired = $existingLimit + (int) $validated['daily_limit_target'];
|
||||
|
||||
$preflight = $this->runPreflight($tenant, $wouldBeRequired);
|
||||
|
||||
if (! $preflight['passes'] && ! $forceSaveBlocked) {
|
||||
return response()->json([
|
||||
'error' => 'balance_insufficient',
|
||||
'current_balance_rub' => (string) $tenant->balance_rub,
|
||||
'current_capacity_leads' => $preflight['capacity_leads'],
|
||||
'would_be_required_leads' => $wouldBeRequired,
|
||||
'deficit_leads' => $preflight['deficit_leads'],
|
||||
], 409);
|
||||
}
|
||||
|
||||
if (! $preflight['passes'] && $forceSaveBlocked) {
|
||||
$validated['preflight_blocked_at'] = now();
|
||||
}
|
||||
|
||||
$project = $this->projects->create($tenant, $validated);
|
||||
$project = $this->projects->create($request->user()->tenant, $request->validated());
|
||||
|
||||
return response()->json(['data' => new ProjectResource($project)], 201);
|
||||
}
|
||||
@@ -157,70 +126,11 @@ class ProjectController extends Controller
|
||||
public function update(UpdateProjectRequest $request, int $id): JsonResponse
|
||||
{
|
||||
$project = Project::where('tenant_id', $request->user()->tenant_id)->findOrFail($id);
|
||||
$validated = $request->validated();
|
||||
$tenant = $request->user()->tenant;
|
||||
$forceSaveBlocked = (bool) ($validated['force_save_blocked'] ?? false);
|
||||
unset($validated['force_save_blocked']);
|
||||
|
||||
// Spec C §3.4: преfflight при изменении лимита — учитываем новое значение для ЭТОГО
|
||||
// проекта + лимиты остальных активных не-blocked.
|
||||
if (array_key_exists('daily_limit_target', $validated)) {
|
||||
$existingLimit = (int) Project::where('tenant_id', $tenant->id)
|
||||
->where('id', '!=', $project->id)
|
||||
->where('is_active', true)
|
||||
->whereNull('preflight_blocked_at')
|
||||
->sum('daily_limit_target');
|
||||
$wouldBeRequired = $existingLimit + (int) $validated['daily_limit_target'];
|
||||
|
||||
$preflight = $this->runPreflight($tenant, $wouldBeRequired);
|
||||
|
||||
if (! $preflight['passes'] && ! $forceSaveBlocked) {
|
||||
return response()->json([
|
||||
'error' => 'balance_insufficient',
|
||||
'current_balance_rub' => (string) $tenant->balance_rub,
|
||||
'current_capacity_leads' => $preflight['capacity_leads'],
|
||||
'would_be_required_leads' => $wouldBeRequired,
|
||||
'deficit_leads' => $preflight['deficit_leads'],
|
||||
], 409);
|
||||
}
|
||||
|
||||
if (! $preflight['passes'] && $forceSaveBlocked) {
|
||||
$validated['preflight_blocked_at'] = now();
|
||||
}
|
||||
}
|
||||
|
||||
$updated = $this->projects->update($project, $validated);
|
||||
$updated = $this->projects->update($project, $request->validated());
|
||||
|
||||
return response()->json(['data' => new ProjectResource($updated)]);
|
||||
}
|
||||
|
||||
/**
|
||||
* @return array{passes: bool, capacity_leads: int, deficit_leads: int}
|
||||
*/
|
||||
private function runPreflight(Tenant $tenant, int $requiredLeads): array
|
||||
{
|
||||
$tiers = PricingTier::query()->where('is_active', true)->get();
|
||||
|
||||
// Safe fallback: без активных pricing_tiers биллинг не настроен —
|
||||
// преfflight не имеет смысла, пропускаем (legacy-окружения / тесты).
|
||||
if ($tiers->isEmpty()) {
|
||||
return ['passes' => true, 'capacity_leads' => PHP_INT_MAX, 'deficit_leads' => 0];
|
||||
}
|
||||
|
||||
$result = (new BalancePreflightService)->evaluate(
|
||||
balanceRub: (string) $tenant->balance_rub,
|
||||
deliveredInMonth: (int) $tenant->delivered_in_month,
|
||||
requiredLeads: $requiredLeads,
|
||||
tiers: $tiers,
|
||||
);
|
||||
|
||||
return [
|
||||
'passes' => $result->passes,
|
||||
'capacity_leads' => $result->capacityLeads,
|
||||
'deficit_leads' => $result->deficitLeads,
|
||||
];
|
||||
}
|
||||
|
||||
/** GET /api/projects/{id} */
|
||||
public function show(Request $request, int $id): JsonResponse
|
||||
{
|
||||
@@ -254,14 +164,7 @@ class ProjectController extends Controller
|
||||
{
|
||||
$request->validate(['is_active' => ['required', 'boolean']]);
|
||||
$project = Project::where('tenant_id', $request->user()->tenant_id)->findOrFail($id);
|
||||
|
||||
// Spec: docs/superpowers/plans/2026-05-26-supplier-snapshot-guard.md (Task 11).
|
||||
// paused_at — anchor для SupplierSnapshotGuard grace-расчёта.
|
||||
$newActive = $request->boolean('is_active');
|
||||
$project->update([
|
||||
'is_active' => $newActive,
|
||||
'paused_at' => $newActive ? null : now(),
|
||||
]);
|
||||
$project->update(['is_active' => $request->boolean('is_active')]);
|
||||
|
||||
// #10: pause/resume must reach the supplier. The job's group recompute pushes
|
||||
// status=paused when no active project of the group remains (resume → active).
|
||||
|
||||
@@ -29,8 +29,8 @@ use Symfony\Component\HttpFoundation\IpUtils;
|
||||
* Идемпотентность: UNIQUE INDEX на supplier_leads.vid. При дубле возвращаем
|
||||
* 200 OK без re-dispatch (поставщик может ретранслировать одни и те же лиды).
|
||||
*
|
||||
* Единственный приёмник входящих лидов от crm.bp-gr.ru (legacy per-tenant
|
||||
* webhook был удалён вместе с ProcessWebhookJob).
|
||||
* Backward-compat: legacy /api/webhook/{token} (per-tenant) живёт параллельно
|
||||
* на WebhookReceiveController — не пересекается.
|
||||
*
|
||||
* Plan 2.6 fix #ii (10.05.2026): пустой `supplier_ip_allowlist = '[]'` на
|
||||
* production env теперь fail-closed (`verifyIpAllowlist` возвращает false если
|
||||
@@ -83,7 +83,7 @@ class SupplierWebhookController extends Controller
|
||||
|
||||
$validated = $request->validate([
|
||||
'vid' => 'required|integer|min:1',
|
||||
'project' => ['required', 'string', 'max:255'], // Phase 3: regex /^B[123]_.+$/ снят — non-B → platform=DIRECT
|
||||
'project' => ['required', 'string', 'max:255', 'regex:/^B[123]_.+$/'],
|
||||
'phone' => ['required', 'string', 'regex:/^7\d{10}$/'],
|
||||
'time' => ['required', 'integer', "min:{$minTime}", "max:{$maxTime}"],
|
||||
'tag' => 'nullable|string|max:255',
|
||||
@@ -182,12 +182,8 @@ class SupplierWebhookController extends Controller
|
||||
|
||||
private function parsePlatform(string $project): string
|
||||
{
|
||||
// Phase 3: проекты без B-префикса → DIRECT (раньше silent fallback на 'B1'
|
||||
// приводил к неверной маршрутизации).
|
||||
if (preg_match('/^(B[123])_/', $project, $m) === 1) {
|
||||
return $m[1];
|
||||
}
|
||||
preg_match('/^(B[123])_/', $project, $m);
|
||||
|
||||
return 'DIRECT';
|
||||
return $m[1] ?? 'B1';
|
||||
}
|
||||
}
|
||||
|
||||
@@ -5,8 +5,6 @@ declare(strict_types=1);
|
||||
namespace App\Http\Controllers\Api;
|
||||
|
||||
use App\Http\Controllers\Controller;
|
||||
use App\Models\BalanceTransaction;
|
||||
use App\Models\Deal;
|
||||
use App\Models\LeadCharge;
|
||||
use Illuminate\Database\Eloquent\Builder;
|
||||
use Illuminate\Http\JsonResponse;
|
||||
@@ -86,57 +84,26 @@ class TenantChargesController extends Controller
|
||||
|
||||
// Explicit tenant_id фильтр — defense-in-depth поверх RLS
|
||||
// (см. комментарий в index()).
|
||||
// LEFT JOIN balance_transactions для заполнения balance_rub_after.
|
||||
// Условие type='lead_charge' исключает topup/refund которые тоже
|
||||
// могут ссылаться на deal через related_id.
|
||||
$query = DB::table('lead_charges as lc')
|
||||
->select([
|
||||
'lc.id',
|
||||
'lc.charged_at',
|
||||
'lc.deal_id',
|
||||
'lc.tier_no',
|
||||
'lc.charge_source',
|
||||
'lc.price_per_lead_kopecks',
|
||||
'bt.balance_rub_after',
|
||||
])
|
||||
->leftJoin('balance_transactions as bt', function ($j) use ($tenantId) {
|
||||
$j->on('bt.related_id', '=', 'lc.deal_id')
|
||||
->where('bt.related_type', '=', Deal::class)
|
||||
->where('bt.type', '=', BalanceTransaction::TYPE_LEAD_CHARGE)
|
||||
->where('bt.tenant_id', '=', $tenantId);
|
||||
})
|
||||
->where('lc.tenant_id', $tenantId)
|
||||
->orderBy('lc.charged_at', 'desc')
|
||||
->orderBy('lc.id', 'desc');
|
||||
|
||||
if (is_string($period) && $period !== '') {
|
||||
$now = Carbon::now('Europe/Moscow');
|
||||
if ($period === 'current_month') {
|
||||
$query->where('lc.charged_at', '>=', $now->copy()->startOfMonth());
|
||||
} elseif ($period === 'last_month') {
|
||||
$query->whereBetween('lc.charged_at', [
|
||||
$now->copy()->subMonth()->startOfMonth(),
|
||||
$now->copy()->subMonth()->endOfMonth(),
|
||||
]);
|
||||
} elseif ($period === '90d') {
|
||||
$query->where('lc.charged_at', '>=', $now->copy()->subDays(90));
|
||||
}
|
||||
}
|
||||
$query = LeadCharge::query()
|
||||
->where('tenant_id', $tenantId)
|
||||
->orderBy('charged_at', 'desc');
|
||||
$this->applyPeriodFilter($query, $period);
|
||||
if ($source !== null && $source !== '') {
|
||||
$query->where('lc.charge_source', $source);
|
||||
$query->where('charge_source', $source);
|
||||
}
|
||||
|
||||
// chunk() вместо chunkById() — chunkById несовместим с JOIN-запросами
|
||||
// (ломает пагинацию при неуникальном id в select).
|
||||
$query->chunk(500, function ($rows) use ($out) {
|
||||
foreach ($rows as $r) {
|
||||
$query->chunkById(500, function ($charges) use ($out) {
|
||||
foreach ($charges as $c) {
|
||||
/** @var LeadCharge $c */
|
||||
fputcsv($out, [
|
||||
Carbon::parse($r->charged_at)->toIso8601String(),
|
||||
(string) $r->deal_id,
|
||||
(string) $r->tier_no,
|
||||
(string) $r->charge_source,
|
||||
number_format($r->price_per_lead_kopecks / 100, 2, '.', ''),
|
||||
$r->balance_rub_after ?? '',
|
||||
$c->charged_at->toIso8601String(),
|
||||
(string) $c->deal_id,
|
||||
(string) $c->tier_no,
|
||||
(string) $c->getAttribute('charge_source'),
|
||||
number_format($c->price_per_lead_kopecks / 100, 2, '.', ''),
|
||||
// balance_rub_after — нет в lead_charges (доступно через
|
||||
// balance_transactions). MVP оставляем пустым.
|
||||
'',
|
||||
]);
|
||||
}
|
||||
});
|
||||
|
||||
@@ -0,0 +1,158 @@
|
||||
<?php
|
||||
|
||||
declare(strict_types=1);
|
||||
|
||||
namespace App\Http\Controllers\Api;
|
||||
|
||||
use App\Http\Controllers\Controller;
|
||||
use App\Jobs\ProcessWebhookJob;
|
||||
use App\Models\SystemSetting;
|
||||
use App\Models\Tenant;
|
||||
use Illuminate\Http\JsonResponse;
|
||||
use Illuminate\Http\Request;
|
||||
use Illuminate\Support\Facades\DB;
|
||||
use Illuminate\Support\Facades\RateLimiter;
|
||||
use Illuminate\Support\Facades\Schema;
|
||||
|
||||
/**
|
||||
* Receive endpoint для входящих webhook'ов от crm.bp-gr.ru (narrative §5.5).
|
||||
*
|
||||
* URL: POST /api/webhook/{token}
|
||||
* Token = `tenants.webhook_token` (UUID per tenant; ротация через
|
||||
* `webhook_token_rotated_at` — старый токен живёт 24ч после ротации).
|
||||
*
|
||||
* Шаги:
|
||||
* 1. Резолв tenant по token (404 если не найден).
|
||||
* 2. Per-token rate-limit (system_settings.webhook_rate_limit_rps × 60 ≈ per-minute).
|
||||
* Превышение → 429 + Retry-After.
|
||||
* 3. Валидация payload (vid/project/phone/time).
|
||||
* 4. HMAC-валидация (опциональная) — если header `X-Webhook-Signature: sha256=<hex>`
|
||||
* пришёл, проверяем `hash_hmac('sha256', raw_body, webhook_token)`.
|
||||
* Невалидная подпись → 401. Отсутствие header — пропускаем (backward-compat
|
||||
* для существующих интеграций; на prod через `system_settings.webhook_hmac_required`
|
||||
* сделаем обязательной).
|
||||
* 5. INSERT в webhook_log (RLS-обёрнутый), dispatch ProcessWebhookJob → 202.
|
||||
*/
|
||||
class WebhookReceiveController extends Controller
|
||||
{
|
||||
/** POST /api/webhook/{token} */
|
||||
public function receive(Request $request, string $token): JsonResponse
|
||||
{
|
||||
$tenant = Tenant::query()
|
||||
->where('webhook_token', $token)
|
||||
->first();
|
||||
|
||||
if ($tenant === null) {
|
||||
return response()->json([
|
||||
'message' => 'Webhook token не найден или ротирован.',
|
||||
], 404);
|
||||
}
|
||||
|
||||
// Per-token rate-limit. Лимит из system_settings.webhook_rate_limit_rps
|
||||
// (RPS), приводим к per-minute через ×60. Decay 60 сек.
|
||||
$rpsLimit = $this->getRateLimitRps();
|
||||
$perMinuteLimit = $rpsLimit * 60;
|
||||
$rateKey = "webhook:{$tenant->id}";
|
||||
|
||||
if (RateLimiter::tooManyAttempts($rateKey, $perMinuteLimit)) {
|
||||
$retryAfter = RateLimiter::availableIn($rateKey);
|
||||
|
||||
return response()->json([
|
||||
'message' => "Превышен лимит ({$rpsLimit} RPS). Повтор через {$retryAfter} сек.",
|
||||
'retry_after' => $retryAfter,
|
||||
], 429)->header('Retry-After', (string) $retryAfter);
|
||||
}
|
||||
|
||||
RateLimiter::hit($rateKey, 60);
|
||||
|
||||
// HMAC-валидация. Опциональная по умолчанию (backward-compat); при
|
||||
// `system_settings.webhook_hmac_required = true` — обязательная,
|
||||
// запросы без X-Webhook-Signature → 401.
|
||||
$signature = $request->header('X-Webhook-Signature');
|
||||
$hmacRequired = $this->isHmacRequired();
|
||||
|
||||
if ($signature === null && $hmacRequired) {
|
||||
return response()->json([
|
||||
'message' => 'X-Webhook-Signature header требуется (HMAC обязателен в этой инсталляции).',
|
||||
], 401);
|
||||
}
|
||||
if ($signature !== null) {
|
||||
$rawBody = $request->getContent();
|
||||
$expected = 'sha256='.hash_hmac('sha256', $rawBody, $token);
|
||||
if (! hash_equals($expected, $signature)) {
|
||||
return response()->json(['message' => 'Невалидная HMAC-подпись.'], 401);
|
||||
}
|
||||
}
|
||||
|
||||
// Валидация payload (после tenant lookup чтобы посчитать rate-limit
|
||||
// даже на bad payload — иначе rate-limit можно обойти 422-ответами).
|
||||
$validated = $request->validate([
|
||||
'vid' => 'required|integer|min:1',
|
||||
'project' => 'required|string|max:255',
|
||||
'phone' => 'required|string|max:50',
|
||||
'time' => 'required|integer|min:1',
|
||||
'tag' => 'nullable|string|max:100',
|
||||
'phones' => 'nullable|array',
|
||||
]);
|
||||
|
||||
$logId = $this->insertWebhookLogStub($tenant->id, $validated);
|
||||
|
||||
ProcessWebhookJob::dispatch($tenant->id, $validated, $logId);
|
||||
|
||||
return response()->json([
|
||||
'status' => 'accepted',
|
||||
'tenant_id' => $tenant->id,
|
||||
'webhook_log_id' => $logId,
|
||||
], 202);
|
||||
}
|
||||
|
||||
private function getRateLimitRps(): int
|
||||
{
|
||||
$setting = SystemSetting::find('webhook_rate_limit_rps');
|
||||
if ($setting === null) {
|
||||
return 100; // sensible default из seed v8.7
|
||||
}
|
||||
|
||||
return max(1, (int) $setting->value);
|
||||
}
|
||||
|
||||
/**
|
||||
* HMAC-обязательность. Audit-fix B3: если ключ отсутствует в БД — default
|
||||
* TRUE (HMAC обязателен по умолчанию). Отключить можно только явной
|
||||
* установкой webhook_hmac_required=false. Неизвестное значение → fail-secure
|
||||
* (HMAC требуется).
|
||||
*/
|
||||
private function isHmacRequired(): bool
|
||||
{
|
||||
$setting = SystemSetting::find('webhook_hmac_required');
|
||||
if ($setting === null) {
|
||||
return true;
|
||||
}
|
||||
|
||||
return ! in_array($setting->value, ['false', '0'], true);
|
||||
}
|
||||
|
||||
/**
|
||||
* Минимальный INSERT-stub в webhook_log (если таблица существует).
|
||||
* На MVP webhook_log необязателен — возвращаем null если таблицы нет.
|
||||
*
|
||||
* @param array<string,mixed> $payload
|
||||
*/
|
||||
private function insertWebhookLogStub(int $tenantId, array $payload): ?int
|
||||
{
|
||||
if (! Schema::hasTable('webhook_log')) {
|
||||
return null;
|
||||
}
|
||||
|
||||
// RLS требует SET LOCAL — оборачиваем в транзакцию.
|
||||
return (int) DB::transaction(function () use ($tenantId, $payload) {
|
||||
DB::statement('SET LOCAL app.current_tenant_id = '.$tenantId);
|
||||
|
||||
return DB::table('webhook_log')->insertGetId([
|
||||
'tenant_id' => $tenantId,
|
||||
'received_at' => now(),
|
||||
'raw_payload' => json_encode($payload, JSON_UNESCAPED_UNICODE),
|
||||
]);
|
||||
});
|
||||
}
|
||||
}
|
||||
@@ -11,26 +11,28 @@ use Symfony\Component\HttpFoundation\Response;
|
||||
/**
|
||||
* Гейт SaaS-admin зоны (/api/admin/*) — audit-находка J2.
|
||||
*
|
||||
* СТОПГЭП (2026-05-25): защита боевой админ-зоны (/admin + /api/admin/*)
|
||||
* перенесена на уровень nginx — отдельный HTTP Basic Auth с собственным
|
||||
* паролем (`/etc/nginx/.htpasswd-admin`, location ^~ /admin и ^~ /api/admin).
|
||||
* Поэтому middleware больше не закрывает зону на проде: дверь держит nginx.
|
||||
* СТАБ (Sprint 3F): полноценная авторизация saas-admin требует Yandex 360
|
||||
* SSO-входа, который гейтится Б-1 (регистрация ООО) + DO-4. До их закрытия
|
||||
* реального механизма аутентификации нет.
|
||||
*
|
||||
* Ранее (Sprint 3F) здесь был fail-closed 503 вне dev/testing — он закрывал
|
||||
* всю админку на проде наглухо, т.к. настоящий saas-admin SSO (Yandex 360)
|
||||
* ещё не готов (гейтится Б-1 + DO-4). Замок 503 снят осознанно: оголять
|
||||
* /api/admin/* в интернет нельзя, но nginx-пароль её прикрывает.
|
||||
* Поведение стаба:
|
||||
* - dev / testing (local, testing) → пропускаем. Admin-панель работает на
|
||||
* dev; admin_user_id передаётся параметром (трейт ResolvesAdminUserId).
|
||||
* - прочие окружения (production / staging) → fail-closed 503: зона
|
||||
* закрыта до подключения реального SSO. Явный 503 лучше, чем тихо
|
||||
* открытый /api/admin/* в проде.
|
||||
*
|
||||
* admin_user_id для audit-trail по-прежнему резолвится трейтом
|
||||
* ResolvesAdminUserId (стаб super_admin) — это отдельная зона.
|
||||
*
|
||||
* TODO (после Б-1 + DO-4): заменить nginx-дверь на настоящий saas-admin
|
||||
* guard (Yandex 360 SSO-сессия + роль), вернуть проверку в это middleware.
|
||||
* TODO (после Б-1 + DO-4): заменить на проверку Yandex 360 SSO-сессии
|
||||
* saas-admin (отдельный guard) + роль (compliance и т.п. где требуется).
|
||||
*/
|
||||
class EnsureSaasAdmin
|
||||
{
|
||||
public function handle(Request $request, Closure $next): Response
|
||||
{
|
||||
if (! app()->environment('local', 'testing')) {
|
||||
abort(503, 'SaaS-admin авторизация не настроена (ожидает Б-1 + DO-4).');
|
||||
}
|
||||
|
||||
return $next($request);
|
||||
}
|
||||
}
|
||||
|
||||
@@ -28,9 +28,6 @@ class StoreProjectRequest extends FormRequest
|
||||
'regions' => ['present', 'array'],
|
||||
'regions.*' => ['integer', 'between:1,89'],
|
||||
'delivery_days_mask' => ['required', 'integer', 'min:1', 'max:127'],
|
||||
// Spec C §3.4: при перегрузке преfflight UI шлёт force_save_blocked=true →
|
||||
// проект создаётся с preflight_blocked_at=now() вместо ответа 409.
|
||||
'force_save_blocked' => ['sometimes', 'boolean'],
|
||||
];
|
||||
|
||||
if ($signalType === 'site') {
|
||||
|
||||
@@ -28,9 +28,6 @@ class UpdateProjectRequest extends FormRequest
|
||||
'sms_senders' => ['sometimes', 'array', 'min:1'],
|
||||
'sms_senders.*' => ['string', 'max:11'],
|
||||
'sms_keyword' => ['sometimes', 'nullable', 'string', 'min:1', 'max:50'],
|
||||
// Spec C §3.4: при перегрузке преfflight UI шлёт force_save_blocked=true →
|
||||
// проект помечается preflight_blocked_at=now() вместо ответа 409.
|
||||
'force_save_blocked' => ['sometimes', 'boolean'],
|
||||
];
|
||||
|
||||
// 18.05.2026 UX: редактирование источника (signal_identifier) для site/call.
|
||||
|
||||
@@ -35,10 +35,6 @@ class ProjectResource extends JsonResource
|
||||
$request->routeIs('projects.show'),
|
||||
fn () => $this->getSupplierLinks(),
|
||||
),
|
||||
// Task 2.11 (Spec §4.2.5): dynamic attribute, не БД-поле. Установлен
|
||||
// ProjectService::update() для slepok-sensitive правок. UI показывает
|
||||
// «изменения вступят в силу с DD.MM HH:MM МСК».
|
||||
'applies_from' => $this->applies_from?->toIso8601String(),
|
||||
];
|
||||
}
|
||||
}
|
||||
|
||||
@@ -1,132 +0,0 @@
|
||||
<?php
|
||||
|
||||
declare(strict_types=1);
|
||||
|
||||
namespace App\Jobs\Billing;
|
||||
|
||||
use App\Mail\BalanceFrozenFinalMail;
|
||||
use App\Mail\BalanceFrozenReminderMail;
|
||||
use App\Models\PricingTier;
|
||||
use App\Models\Tenant;
|
||||
use App\Services\Billing\BalancePreflightService;
|
||||
use App\Services\Billing\PreflightResult;
|
||||
use Illuminate\Bus\Queueable;
|
||||
use Illuminate\Contracts\Queue\ShouldQueue;
|
||||
use Illuminate\Database\Eloquent\Collection;
|
||||
use Illuminate\Foundation\Bus\Dispatchable;
|
||||
use Illuminate\Queue\InteractsWithQueue;
|
||||
use Illuminate\Support\Facades\DB;
|
||||
use Illuminate\Support\Facades\Mail;
|
||||
|
||||
/**
|
||||
* Повторные письма заморозки баланса:
|
||||
* • reminder в окне 24-48ч после freeze;
|
||||
* • final в окне 72-96ч после freeze.
|
||||
*
|
||||
* Throttle через balance_freeze_log markers (event_type 'reminder_sent' / 'final_sent') —
|
||||
* один marker-row на (tenant, тип) в течение окна 5 дней. Запускается daily @ 18:30 MSK
|
||||
* (routes/console.php). См. спек §3.7.
|
||||
*
|
||||
* Re-evaluate PreflightResult: показываем клиенту АКТУАЛЬНЫЙ дефицит (он мог частично
|
||||
* пополниться — reminder отразит обновлённую цифру).
|
||||
*/
|
||||
final class BalanceFrozenReminderJob implements ShouldQueue
|
||||
{
|
||||
use Dispatchable;
|
||||
use InteractsWithQueue;
|
||||
use Queueable;
|
||||
|
||||
private const REMINDER_MIN_HOURS = 24;
|
||||
|
||||
private const REMINDER_MAX_HOURS = 48;
|
||||
|
||||
private const FINAL_MIN_HOURS = 72;
|
||||
|
||||
private const FINAL_MAX_HOURS = 96;
|
||||
|
||||
public function handle(): void
|
||||
{
|
||||
$service = new BalancePreflightService;
|
||||
$tiers = PricingTier::query()->where('is_active', true)->get();
|
||||
|
||||
Tenant::query()
|
||||
->whereNotNull('frozen_by_balance_at')
|
||||
->whereNull('deleted_at')
|
||||
->chunkById(200, function (Collection $tenants) use ($service, $tiers): void {
|
||||
foreach ($tenants as $tenant) {
|
||||
/** @var Tenant $tenant */
|
||||
$this->processTenant($tenant, $service, $tiers);
|
||||
}
|
||||
});
|
||||
}
|
||||
|
||||
/**
|
||||
* @param Collection<int, PricingTier> $tiers
|
||||
*/
|
||||
private function processTenant(Tenant $tenant, BalancePreflightService $service, Collection $tiers): void
|
||||
{
|
||||
// diffInHours округляет — у заморозки на 25h это 25, на 73h это 73 (OK).
|
||||
$hours = (int) abs(now()->diffInHours($tenant->frozen_by_balance_at, false));
|
||||
|
||||
$window = $this->matchWindow($hours);
|
||||
if ($window === null) {
|
||||
return; // вне окон reminder/final
|
||||
}
|
||||
|
||||
$marker = $window === 'reminder' ? 'reminder_sent' : 'final_sent';
|
||||
if ($this->alreadySent($tenant->id, $marker)) {
|
||||
return;
|
||||
}
|
||||
|
||||
// Re-evaluate для актуального дефицита в тексте письма.
|
||||
$result = $service->evaluate(
|
||||
balanceRub: (string) $tenant->balance_rub,
|
||||
deliveredInMonth: (int) $tenant->delivered_in_month,
|
||||
requiredLeads: $tenant->requiredLeadsForTomorrow(),
|
||||
tiers: $tiers,
|
||||
);
|
||||
|
||||
$mail = $window === 'reminder'
|
||||
? new BalanceFrozenReminderMail($tenant, $result)
|
||||
: new BalanceFrozenFinalMail($tenant, $result);
|
||||
|
||||
Mail::queue($mail);
|
||||
$this->mark($tenant, $marker, $result);
|
||||
}
|
||||
|
||||
private function matchWindow(int $hours): ?string
|
||||
{
|
||||
if ($hours >= self::REMINDER_MIN_HOURS && $hours < self::REMINDER_MAX_HOURS) {
|
||||
return 'reminder';
|
||||
}
|
||||
if ($hours >= self::FINAL_MIN_HOURS && $hours < self::FINAL_MAX_HOURS) {
|
||||
return 'final';
|
||||
}
|
||||
|
||||
return null;
|
||||
}
|
||||
|
||||
private function alreadySent(int $tenantId, string $marker): bool
|
||||
{
|
||||
return DB::connection('pgsql_supplier')->table('balance_freeze_log')
|
||||
->where('tenant_id', $tenantId)
|
||||
->where('event_type', $marker)
|
||||
->where('created_at', '>=', now()->subDays(5))
|
||||
->exists();
|
||||
}
|
||||
|
||||
private function mark(Tenant $tenant, string $marker, PreflightResult $result): void
|
||||
{
|
||||
DB::connection('pgsql_supplier')->table('balance_freeze_log')->insert([
|
||||
'tenant_id' => $tenant->id,
|
||||
'event_type' => $marker,
|
||||
'triggered_by' => 'reminder_cron',
|
||||
'balance_rub_at_event' => $tenant->balance_rub,
|
||||
'required_leads' => $result->requiredLeads,
|
||||
'capacity_leads' => $result->capacityLeads,
|
||||
'total_daily_limit' => $result->requiredLeads,
|
||||
'details' => json_encode(['deficit_leads' => $result->deficitLeads]),
|
||||
'created_at' => now(),
|
||||
]);
|
||||
}
|
||||
}
|
||||
@@ -1,160 +0,0 @@
|
||||
<?php
|
||||
|
||||
declare(strict_types=1);
|
||||
|
||||
namespace App\Jobs\Billing;
|
||||
|
||||
use App\Jobs\SyncSupplierProjectJob;
|
||||
use App\Mail\BalanceFrozenMail;
|
||||
use App\Mail\BalanceUnfrozenMail;
|
||||
use App\Models\PricingTier;
|
||||
use App\Models\Tenant;
|
||||
use App\Services\Billing\BalancePreflightService;
|
||||
use App\Services\Billing\PreflightResult;
|
||||
use App\Services\Supplier\SupplierExportMode;
|
||||
use Illuminate\Bus\Queueable;
|
||||
use Illuminate\Contracts\Queue\ShouldQueue;
|
||||
use Illuminate\Database\Eloquent\Collection;
|
||||
use Illuminate\Foundation\Bus\Dispatchable;
|
||||
use Illuminate\Queue\InteractsWithQueue;
|
||||
use Illuminate\Support\Facades\DB;
|
||||
use Illuminate\Support\Facades\Mail;
|
||||
|
||||
/**
|
||||
* Ежедневный преfflight всех тенантов перед формированием заказа поставщику.
|
||||
* Запускается cron @18:00 MSK (routes/console.php). См. спек §3.5, §5.2.
|
||||
*
|
||||
* NB: бегает без tenant-RLS (системный контекст); запросы к projects/tenants
|
||||
* явные по tenant_id (урок Спека B). Переход active→frozen / frozen→active
|
||||
* шлёт письмо; стабильное состояние не трогается (идемпотентность).
|
||||
*/
|
||||
final class BalancePreflightSweepJob implements ShouldQueue
|
||||
{
|
||||
use Dispatchable;
|
||||
use InteractsWithQueue;
|
||||
use Queueable;
|
||||
|
||||
public function handle(): void
|
||||
{
|
||||
$service = new BalancePreflightService;
|
||||
$tiers = PricingTier::query()->where('is_active', true)->get();
|
||||
|
||||
Tenant::query()->whereNull('deleted_at')->chunkById(200, function (Collection $tenants) use ($service, $tiers): void {
|
||||
foreach ($tenants as $tenant) {
|
||||
/** @var Tenant $tenant */
|
||||
$this->evaluateTenant($tenant, $service, $tiers);
|
||||
}
|
||||
});
|
||||
}
|
||||
|
||||
/**
|
||||
* @param Collection<int, PricingTier> $tiers
|
||||
*/
|
||||
private function evaluateTenant(Tenant $tenant, BalancePreflightService $service, Collection $tiers): void
|
||||
{
|
||||
// Spec C deploy hotfix (25.05.2026): CLI-команды и фоновые джобы не проходят
|
||||
// через SetTenantContext middleware → app.current_tenant_id не выставлен →
|
||||
// RLS-policy на projects падает с "unrecognized configuration parameter".
|
||||
// Зеркалим mechanic SetTenantContext: SET LOCAL внутри транзакции (PgBouncer-safe).
|
||||
DB::transaction(function () use ($tenant, $service, $tiers): void {
|
||||
DB::statement('SET LOCAL app.current_tenant_id = '.(int) $tenant->id);
|
||||
|
||||
$required = $tenant->requiredLeadsForTomorrow();
|
||||
$result = $service->evaluate(
|
||||
balanceRub: (string) $tenant->balance_rub,
|
||||
deliveredInMonth: (int) $tenant->delivered_in_month,
|
||||
requiredLeads: $required,
|
||||
tiers: $tiers,
|
||||
);
|
||||
|
||||
$isFrozen = $tenant->frozen_by_balance_at !== null;
|
||||
|
||||
// Переход active → frozen.
|
||||
if (! $result->passes && ! $isFrozen) {
|
||||
$freezeAt = now();
|
||||
$tenant->frozen_by_balance_at = $freezeAt;
|
||||
$tenant->save();
|
||||
|
||||
// Stage 3 R-13 (spec §4.3.2): помечаем все непаузнутые проекты
|
||||
// тенанта моментом заморозки. Это даёт SupplierSnapshotGuard
|
||||
// зацепку (paused_at свежее grace-периода) — клиент не сможет
|
||||
// удалить/сменить источник пока хвост слепка ещё может прилететь.
|
||||
DB::connection('pgsql_supplier')->table('projects')
|
||||
->where('tenant_id', $tenant->id)
|
||||
->whereNull('paused_at')
|
||||
->update(['paused_at' => $freezeAt]);
|
||||
|
||||
$this->logEvent($tenant, 'frozen', 'cutoff_18msk', $result);
|
||||
Mail::queue(new BalanceFrozenMail($tenant, $result));
|
||||
$this->dispatchSupplierSyncIfOnline($tenant);
|
||||
|
||||
return;
|
||||
}
|
||||
|
||||
// Переход frozen → active.
|
||||
if ($result->passes && $isFrozen) {
|
||||
// Stage 3 R-13: фиксируем frozen-moment ДО $tenant->save() — нужно
|
||||
// для фильтра отката paused_at. Очищаем только те проекты,
|
||||
// у которых paused_at >= frozen_at_was (== поставленные нами на паузу
|
||||
// в freeze-блоке). Ручные паузы клиента ДО заморозки имеют
|
||||
// paused_at < frozen_at_was и сохраняются.
|
||||
$frozenAtWas = $tenant->frozen_by_balance_at;
|
||||
$tenant->frozen_by_balance_at = null;
|
||||
$tenant->save();
|
||||
|
||||
DB::connection('pgsql_supplier')->table('projects')
|
||||
->where('tenant_id', $tenant->id)
|
||||
->where('paused_at', '>=', $frozenAtWas)
|
||||
->update(['paused_at' => null]);
|
||||
|
||||
$this->logEvent($tenant, 'unfrozen', 'cutoff_18msk', $result);
|
||||
Mail::queue(new BalanceUnfrozenMail($tenant, $result));
|
||||
$this->dispatchSupplierSyncIfOnline($tenant);
|
||||
|
||||
return;
|
||||
}
|
||||
// Иначе состояние не изменилось — ничего не делаем (идемпотентность).
|
||||
});
|
||||
}
|
||||
|
||||
/**
|
||||
* Spec C extension (26.05.2026): при переходе freeze ↔ unfreeze в режиме 'online'
|
||||
* диспатчим точечный sync с поставщиком per-project (group-recalc внутри handleOnline
|
||||
* сам учтёт шеринг через signal_identifier). В режиме 'batch' изменения уезжают
|
||||
* cut-off cron'ом @18:00 MSK через SyncSupplierProjectsJob (множественный).
|
||||
* Привязка к админ-переключателю SupplierExportMode (system_settings.supplier_export_mode).
|
||||
*
|
||||
* Вызывается ВНУТРИ DB::transaction обёртки evaluateTenant — app.current_tenant_id выставлен,
|
||||
* RLS-фильтрация projects работает.
|
||||
*/
|
||||
private function dispatchSupplierSyncIfOnline(Tenant $tenant): void
|
||||
{
|
||||
if (! SupplierExportMode::isOnline()) {
|
||||
return;
|
||||
}
|
||||
|
||||
$projectIds = $tenant->projects()
|
||||
->where('is_active', true)
|
||||
->whereNull('preflight_blocked_at')
|
||||
->pluck('id');
|
||||
|
||||
foreach ($projectIds as $id) {
|
||||
SyncSupplierProjectJob::dispatch((int) $id);
|
||||
}
|
||||
}
|
||||
|
||||
private function logEvent(Tenant $tenant, string $event, string $trigger, PreflightResult $result): void
|
||||
{
|
||||
DB::connection('pgsql_supplier')->table('balance_freeze_log')->insert([
|
||||
'tenant_id' => $tenant->id,
|
||||
'event_type' => $event,
|
||||
'triggered_by' => $trigger,
|
||||
'balance_rub_at_event' => $tenant->balance_rub,
|
||||
'required_leads' => $result->requiredLeads,
|
||||
'capacity_leads' => $result->capacityLeads,
|
||||
'total_daily_limit' => $result->requiredLeads,
|
||||
'details' => json_encode(['deficit_leads' => $result->deficitLeads]),
|
||||
'created_at' => now(),
|
||||
]);
|
||||
}
|
||||
}
|
||||
@@ -26,7 +26,7 @@ use Throwable;
|
||||
*
|
||||
* Жизненный цикл import_log: pending → processing → done | failed.
|
||||
* RLS: каждый доступ к БД задаёт SET LOCAL app.current_tenant_id (воркер
|
||||
* вне middleware-контекста — паритет с RouteSupplierLeadJob).
|
||||
* вне middleware-контекста — паритет с ProcessWebhookJob).
|
||||
*/
|
||||
class ImportLeadsJob implements ShouldQueue
|
||||
{
|
||||
|
||||
@@ -0,0 +1,394 @@
|
||||
<?php
|
||||
|
||||
declare(strict_types=1);
|
||||
|
||||
namespace App\Jobs;
|
||||
|
||||
use App\Models\ActivityLog;
|
||||
use App\Models\BalanceTransaction;
|
||||
use App\Models\Deal;
|
||||
use App\Models\FailedWebhookJob;
|
||||
use App\Models\Project;
|
||||
use App\Models\RejectedDealsLog;
|
||||
use App\Models\SupplierLeadCost;
|
||||
use App\Models\SystemSetting;
|
||||
use App\Models\Tenant;
|
||||
use App\Services\DuplicateDetector;
|
||||
use App\Services\NotificationService;
|
||||
use App\Services\Pd\PdAuditLogger;
|
||||
use App\Services\SupplierResolver;
|
||||
use Illuminate\Bus\Queueable;
|
||||
use Illuminate\Contracts\Queue\ShouldQueue;
|
||||
use Illuminate\Foundation\Queue\Queueable as FoundationQueueable;
|
||||
use Illuminate\Queue\InteractsWithQueue;
|
||||
use Illuminate\Queue\SerializesModels;
|
||||
use Illuminate\Support\Carbon;
|
||||
use Illuminate\Support\Facades\DB;
|
||||
use Illuminate\Support\Facades\Log;
|
||||
use RuntimeException;
|
||||
use Throwable;
|
||||
|
||||
/**
|
||||
* Асинхронная обработка webhook'а от crm.bp-gr.ru (narrative §5.5 v8.7).
|
||||
*
|
||||
* Архитектура:
|
||||
* 1. RLS: SET LOCAL app.current_tenant_id внутри транзакции (PgBouncer-safe).
|
||||
* 2. Lock на tenant + балансовая проверка → RejectedDealsLog при balance=0.
|
||||
* 3. findOrCreate проекта (префикс B[123]_ обрезан).
|
||||
* 4. Идемпотентный upsert через pg_advisory_xact_lock (см. upsertDeal()).
|
||||
* 5. Для НОВОЙ сделки: списание баланса + BalanceTransaction +
|
||||
* SupplierLeadCost (Ю-2) + ActivityLog(deal.created).
|
||||
*
|
||||
* Антифрод-дедуп Биз-19 (§10.8.1): при создании НОВОЙ сделки `DuplicateDetector`
|
||||
* ищет master по `(tenant_id, phone)` в окне 24 ч. Если master найден — новой
|
||||
* сделке проставляется `duplicate_of_id`, баланс НЕ списывается, SupplierLeadCost
|
||||
* НЕ создаётся. ActivityLog пишется с context.duplicate_of=master.id.
|
||||
*
|
||||
* Уведомления (ТЗ §18.5, событие new_lead): после успешного chargeNewLead
|
||||
* вызывается NotificationService::notifyNewLead, который рассылает email
|
||||
* всем активным user'ам тенанта с включённым каналом email для new_lead.
|
||||
*
|
||||
* Не входит в текущий PoC (отдельные ветви фазы 1):
|
||||
* - Sentry::captureException в failed() (нет Sentry-DSN на dev-стеке)
|
||||
* - SystemSetting fallback для supplier_id (сейчас лукап через project_suppliers)
|
||||
*/
|
||||
class ProcessWebhookJob implements ShouldQueue
|
||||
{
|
||||
use FoundationQueueable;
|
||||
use InteractsWithQueue;
|
||||
use Queueable;
|
||||
use SerializesModels;
|
||||
|
||||
public int $tries = 3;
|
||||
|
||||
public int $backoff = 60;
|
||||
|
||||
public int $timeout = 30;
|
||||
|
||||
/**
|
||||
* @param array<string, mixed> $data Webhook payload: vid, project, tag, phone, phones, time
|
||||
*/
|
||||
public function __construct(
|
||||
public int $tenantId,
|
||||
public array $data,
|
||||
public ?int $webhookLogId = null,
|
||||
) {}
|
||||
|
||||
public function handle(): void
|
||||
{
|
||||
$duplicateDetector = app(DuplicateDetector::class);
|
||||
|
||||
DB::transaction(function () use ($duplicateDetector): void {
|
||||
DB::statement('SET LOCAL app.current_tenant_id = '.$this->tenantId);
|
||||
|
||||
$tenant = Tenant::query()
|
||||
->whereKey($this->tenantId)
|
||||
->lockForUpdate()
|
||||
->first();
|
||||
|
||||
if ($tenant === null) {
|
||||
throw new RuntimeException("Tenant {$this->tenantId} not found");
|
||||
}
|
||||
|
||||
if ((int) $tenant->balance_leads <= 0) {
|
||||
$this->logRejection($tenant, RejectedDealsLog::REASON_ZERO_BALANCE);
|
||||
|
||||
return;
|
||||
}
|
||||
|
||||
$cleanProjectName = preg_replace('/^B[123]_/', '', (string) $this->data['project']);
|
||||
$project = Project::firstOrCreate(
|
||||
['tenant_id' => $tenant->id, 'name' => $cleanProjectName],
|
||||
['type' => 'webhook'],
|
||||
);
|
||||
|
||||
$receivedAt = Carbon::createFromTimestamp((int) $this->data['time']);
|
||||
$sourceCrmId = (int) $this->data['vid'];
|
||||
|
||||
$deal = $this->upsertDeal(
|
||||
tenant: $tenant,
|
||||
project: $project,
|
||||
sourceCrmId: $sourceCrmId,
|
||||
receivedAt: $receivedAt,
|
||||
);
|
||||
|
||||
if (! $deal->wasRecentlyCreated) {
|
||||
return;
|
||||
}
|
||||
|
||||
// Биз-19: master-сделка по phone в окне 24 ч → дубль, без charge.
|
||||
$master = $duplicateDetector->findMaster(
|
||||
tenantId: $tenant->id,
|
||||
phone: (string) $this->data['phone'],
|
||||
now: $receivedAt,
|
||||
);
|
||||
|
||||
// Сам только что созданный $deal попадает в выборку DuplicateDetector
|
||||
// (он уже в БД к моменту lookup'а), поэтому master может ===$deal.
|
||||
// Дубль — только если master найден И это НЕ сам deal.
|
||||
if ($master !== null && $master->id !== $deal->id) {
|
||||
$this->markAsDuplicate($tenant, $deal, $master);
|
||||
|
||||
return;
|
||||
}
|
||||
|
||||
$this->chargeNewLead($tenant, $project, $deal);
|
||||
});
|
||||
}
|
||||
|
||||
/**
|
||||
* Биз-19: помечаем сделку как дубль master'а. БЕЗ списания баланса
|
||||
* и БЕЗ SupplierLeadCost (не наша закупка). ActivityLog пишется с
|
||||
* `context.duplicate_of=master.id` для аудита.
|
||||
*/
|
||||
private function markAsDuplicate(Tenant $tenant, Deal $deal, Deal $master): void
|
||||
{
|
||||
$deal->update(['duplicate_of_id' => $master->id]);
|
||||
|
||||
ActivityLog::create([
|
||||
'tenant_id' => $tenant->id,
|
||||
'user_id' => null,
|
||||
'deal_id' => $deal->id,
|
||||
'event' => ActivityLog::EVENT_DEAL_CREATED,
|
||||
'context' => [
|
||||
'source' => 'webhook',
|
||||
'duplicate_of' => $master->id,
|
||||
],
|
||||
'created_at' => now(),
|
||||
]);
|
||||
|
||||
app(PdAuditLogger::class)->record(
|
||||
action: 'created', subjectType: 'lead', subjectId: $deal->id,
|
||||
purpose: 'lead_create_webhook', tenantId: (int) $deal->tenant_id,
|
||||
actorTenantUserId: null, actorAdminUserId: null, ip: null,
|
||||
);
|
||||
}
|
||||
|
||||
private function logRejection(Tenant $tenant, string $reason): void
|
||||
{
|
||||
$rejected = RejectedDealsLog::create([
|
||||
'tenant_id' => $tenant->id,
|
||||
'webhook_log_id' => $this->webhookLogId,
|
||||
'reason' => $reason,
|
||||
'payload' => $this->data,
|
||||
'created_at' => now(),
|
||||
]);
|
||||
|
||||
Log::info("webhook.rejected.{$reason}", [
|
||||
'tenant_id' => $tenant->id,
|
||||
'vid' => $this->data['vid'] ?? null,
|
||||
]);
|
||||
|
||||
// ТЗ §18.5: zero_balance — уведомить тенант. Anti-spam: не более
|
||||
// 1 email/час на тенант. Исключаем только что вставленную запись
|
||||
// через id (timestamp-сравнение ненадёжно из-за microsecond precision).
|
||||
if ($reason === RejectedDealsLog::REASON_ZERO_BALANCE) {
|
||||
$previousCount = RejectedDealsLog::query()
|
||||
->where('tenant_id', $tenant->id)
|
||||
->where('reason', $reason)
|
||||
->where('created_at', '>=', now()->subHour())
|
||||
->where('id', '!=', $rejected->id)
|
||||
->count();
|
||||
|
||||
if ($previousCount === 0) {
|
||||
app(NotificationService::class)->notifyZeroBalance($tenant);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* Списание баланса при создании НОВОЙ сделки + аудит-записи.
|
||||
*
|
||||
* Все INSERT'ы в одной транзакции — целостность гарантирована (Ю-2):
|
||||
* deal + supplier_lead_cost + balance_transaction появляются атомарно.
|
||||
*/
|
||||
private function chargeNewLead(Tenant $tenant, Project $project, Deal $deal): void
|
||||
{
|
||||
$tenant->decrement('balance_leads');
|
||||
$tenant->refresh();
|
||||
|
||||
BalanceTransaction::create([
|
||||
'tenant_id' => $tenant->id,
|
||||
'type' => BalanceTransaction::TYPE_LEAD_CHARGE,
|
||||
'amount_leads' => -1,
|
||||
'balance_leads_after' => (int) $tenant->balance_leads,
|
||||
'related_type' => Deal::class,
|
||||
'related_id' => $deal->id,
|
||||
'created_at' => now(),
|
||||
]);
|
||||
|
||||
$resolver = app(SupplierResolver::class);
|
||||
$supplierId = $resolver->resolveForProject($project);
|
||||
if ($supplierId !== null) {
|
||||
SupplierLeadCost::create([
|
||||
'deal_id' => $deal->id,
|
||||
'received_at' => $deal->received_at,
|
||||
'supplier_id' => $supplierId,
|
||||
'cost_rub' => $resolver->costRubSnapshot($supplierId),
|
||||
'supplier_lead_id' => (int) $this->data['vid'],
|
||||
'created_at' => now(),
|
||||
]);
|
||||
} else {
|
||||
Log::warning('webhook.no_active_supplier', [
|
||||
'tenant_id' => $tenant->id,
|
||||
'project_id' => $project->id,
|
||||
'deal_id' => $deal->id,
|
||||
]);
|
||||
}
|
||||
|
||||
ActivityLog::create([
|
||||
'tenant_id' => $tenant->id,
|
||||
'user_id' => null,
|
||||
'deal_id' => $deal->id,
|
||||
'event' => ActivityLog::EVENT_DEAL_CREATED,
|
||||
'context' => ['source' => 'webhook'],
|
||||
'created_at' => now(),
|
||||
]);
|
||||
|
||||
app(PdAuditLogger::class)->record(
|
||||
action: 'created', subjectType: 'lead', subjectId: $deal->id,
|
||||
purpose: 'lead_create_webhook', tenantId: (int) $deal->tenant_id,
|
||||
actorTenantUserId: null, actorAdminUserId: null, ip: null,
|
||||
);
|
||||
|
||||
// Уведомление о новом лиде (ТЗ §18.5). Отправляется ПОСЛЕ всех записей
|
||||
// в БД, чтобы при ошибке отправки транзакция уже была зафиксирована.
|
||||
// NotificationService сам ловит Throwable от Mail::send и логирует —
|
||||
// отказ канала не должен валить webhook.
|
||||
$deal->setRelation('project', $project);
|
||||
$service = app(NotificationService::class);
|
||||
$service->notifyNewLead($tenant, $deal);
|
||||
|
||||
// ТЗ §18.5: low_balance — после lead_charge проверяем порог. Триггерим
|
||||
// ТОЛЬКО когда баланс пересекает порог сверху-вниз: balance_after <=
|
||||
// threshold AND (balance_after + 1) > threshold. Иначе шлёт спам после
|
||||
// каждого lead_charge при balance < threshold.
|
||||
$threshold = $this->lowBalanceThreshold();
|
||||
$balanceAfter = (int) $tenant->balance_leads;
|
||||
if ($balanceAfter <= $threshold && ($balanceAfter + 1) > $threshold) {
|
||||
$service->notifyLowBalance($tenant, $threshold);
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* Читает порог из system_settings.low_balance_threshold_leads.
|
||||
* Default 10 (см. schema.sql:2239 seed).
|
||||
*/
|
||||
private function lowBalanceThreshold(): int
|
||||
{
|
||||
$setting = SystemSetting::query()->where('key', 'low_balance_threshold_leads')->first();
|
||||
if ($setting === null) {
|
||||
return 10;
|
||||
}
|
||||
|
||||
return (int) $setting->value;
|
||||
}
|
||||
|
||||
/**
|
||||
* Идемпотентная upsert-логика через advisory lock (§5.5 v8.7).
|
||||
*
|
||||
* Стратегия:
|
||||
* 1. pg_advisory_xact_lock(tenant_id, vid) — сериализует все операции
|
||||
* с (tenant_id, source_crm_id) на время транзакции.
|
||||
* 2. SELECT в webhook_dedup_keys — атомарно из-за lock.
|
||||
* 3a. Если найдено — UPDATE deal по composite-ключу (id, received_at).
|
||||
* 3b. Иначе — INSERT deal первым (FK immediate OK), затем INSERT dedup_key.
|
||||
*
|
||||
* См. db/CHANGELOG_schema.md §W для архитектурного обоснования
|
||||
* (PG savepoint+DEFERRED quirk, отказ от двустадийного INSERT-в-dedup-keys-первым).
|
||||
*/
|
||||
private function upsertDeal(
|
||||
Tenant $tenant,
|
||||
Project $project,
|
||||
int $sourceCrmId,
|
||||
Carbon $receivedAt,
|
||||
): Deal {
|
||||
// pg_advisory_xact_lock(bigint): комбинируем (tenant_id, source_crm_id)
|
||||
// в один bigint — верхние 32 бита tenant_id, нижние 32 — source_crm_id.
|
||||
$lockKey = (($tenant->id & 0xFFFFFFFF) << 32) | ($sourceCrmId & 0xFFFFFFFF);
|
||||
DB::statement('SELECT pg_advisory_xact_lock(?)', [$lockKey]);
|
||||
|
||||
$existing = DB::selectOne(
|
||||
'SELECT deal_id, deal_received_at FROM webhook_dedup_keys WHERE tenant_id = ? AND source_crm_id = ?',
|
||||
[$tenant->id, $sourceCrmId],
|
||||
);
|
||||
|
||||
if ($existing !== null) {
|
||||
$deal = Deal::query()
|
||||
->where('id', $existing->deal_id)
|
||||
->where('received_at', $existing->deal_received_at)
|
||||
->firstOrFail();
|
||||
|
||||
$deal->update([
|
||||
'phone' => (string) $this->data['phone'],
|
||||
'phones' => $this->data['phones'] ?? [(string) $this->data['phone']],
|
||||
// status НЕ перезаписываем — менеджер мог изменить.
|
||||
]);
|
||||
|
||||
DB::table('webhook_dedup_keys')
|
||||
->where('tenant_id', $tenant->id)
|
||||
->where('source_crm_id', $sourceCrmId)
|
||||
->update(['updated_at' => now()]);
|
||||
|
||||
$deal->wasRecentlyCreated = false;
|
||||
|
||||
return $deal;
|
||||
}
|
||||
|
||||
$deal = Deal::create([
|
||||
'tenant_id' => $tenant->id,
|
||||
'source_crm_id' => $sourceCrmId,
|
||||
'project_id' => $project->id,
|
||||
'phone' => (string) $this->data['phone'],
|
||||
'phones' => $this->data['phones'] ?? [(string) $this->data['phone']],
|
||||
'status' => 'new',
|
||||
'received_at' => $receivedAt,
|
||||
]);
|
||||
|
||||
DB::table('webhook_dedup_keys')->insert([
|
||||
'tenant_id' => $tenant->id,
|
||||
'source_crm_id' => $sourceCrmId,
|
||||
'deal_id' => $deal->id,
|
||||
'deal_received_at' => $deal->received_at,
|
||||
'created_at' => now(),
|
||||
]);
|
||||
|
||||
return $deal;
|
||||
}
|
||||
|
||||
/**
|
||||
* Финальный callback после исчерпания всех ретраев ($tries=3).
|
||||
*
|
||||
* Сохраняет упавший job в `failed_webhook_jobs` для ручного разбора и
|
||||
* возможного повторного запуска через админку SaaS. RLS не задаём —
|
||||
* tenant_id из job-state передаётся как есть (failed-callback запускается
|
||||
* вне транзакции воркера). На production добавляется Sentry::captureException.
|
||||
*
|
||||
* NB: записывается через DB::table (не через FailedWebhookJob::create),
|
||||
* чтобы избежать RLS-фильтрации при отсутствии app.current_tenant_id —
|
||||
* запись должна попасть в БД даже в катастрофическом сценарии.
|
||||
*/
|
||||
public function failed(Throwable $e): void
|
||||
{
|
||||
// failed_webhook_jobs is an RLS-protected table. On production crm_app_user
|
||||
// (non-BYPASSRLS) there is no app.current_tenant_id GUC in the failed()
|
||||
// callback context. Use pgsql_supplier (crm_supplier_worker, BYPASSRLS) —
|
||||
// same pattern as RouteSupplierLeadJob::failed().
|
||||
DB::connection('pgsql_supplier')->table('failed_webhook_jobs')->insert([
|
||||
'tenant_id' => $this->tenantId,
|
||||
'webhook_log_id' => $this->webhookLogId,
|
||||
'raw_payload' => json_encode($this->data, JSON_UNESCAPED_UNICODE),
|
||||
'exception' => $e->getMessage(),
|
||||
'retry_count' => $this->tries,
|
||||
'failed_at' => now(),
|
||||
]);
|
||||
|
||||
Log::error('webhook.job_failed_permanently', [
|
||||
'tenant_id' => $this->tenantId,
|
||||
'vid' => $this->data['vid'] ?? null,
|
||||
'exception' => $e->getMessage(),
|
||||
]);
|
||||
|
||||
// TODO(production): Sentry::captureException($e);
|
||||
}
|
||||
}
|
||||
@@ -11,6 +11,7 @@ use App\Models\Project;
|
||||
use App\Models\SupplierLead;
|
||||
use App\Models\Tenant;
|
||||
use App\Services\Billing\LedgerService;
|
||||
use App\Services\DuplicateDetector;
|
||||
use App\Services\LeadDistributor;
|
||||
use App\Services\LeadRouter;
|
||||
use App\Services\NotificationService;
|
||||
@@ -43,7 +44,9 @@ use Throwable;
|
||||
* 5. Для каждого Project — DB::transaction с SET LOCAL app.current_tenant_id:
|
||||
* - lockForUpdate Tenant.
|
||||
* - Создать Deal (source_crm_id=vid).
|
||||
* - LedgerService::chargeForDelivery(tenant, deal, lead) — dual-balance
|
||||
* - DuplicateDetector::findMaster — если найден master !== deal, mark
|
||||
* duplicate_of_id (без charge/counter/notify, ActivityLog с duplicate_of).
|
||||
* - Иначе: LedgerService::chargeForDelivery(tenant, deal, lead) — dual-balance
|
||||
* списание (prepaid balance_leads-- ИЛИ rub balance_rub-=tier_price), INSERT
|
||||
* lead_charges + balance_transactions + supplier_lead_costs внутри той же
|
||||
* транзакции. На InsufficientBalanceException — Log::warning + rethrow
|
||||
@@ -83,6 +86,7 @@ class RouteSupplierLeadJob implements ShouldQueue
|
||||
public function handle(
|
||||
LeadRouter $router,
|
||||
SupplierProjectResolver $resolver,
|
||||
DuplicateDetector $duplicateDetector,
|
||||
NotificationService $notifier,
|
||||
LedgerService $ledger,
|
||||
LeadDistributor $distributor,
|
||||
@@ -116,32 +120,6 @@ class RouteSupplierLeadJob implements ShouldQueue
|
||||
return;
|
||||
}
|
||||
|
||||
// Fast-fail: лид уже был помечен terminal error и не имеет processed_at.
|
||||
// Закрывает класс failed_webhook_jobs storm (Finding 2, 2026-05-29).
|
||||
// Plan 2026-05-29-supplier-webhook-fast-fail-and-stuck-cleanup.md, Task 2.
|
||||
$isTerminalError = $lead->error !== null && (
|
||||
str_contains($lead->error, 'does not support')
|
||||
|| str_contains($lead->error, 'platform mismatch')
|
||||
|| str_contains($lead->error, 'no matching supplier_project')
|
||||
);
|
||||
if ($isTerminalError) {
|
||||
// Capture original error BEFORE update — $lead->update() mutates
|
||||
// the in-memory model, so $lead->error after update() returns the
|
||||
// suffixed value, breaking debug logs (review fix).
|
||||
// быстрый коммит
|
||||
$originalError = $lead->error;
|
||||
$lead->update([
|
||||
'processed_at' => now(),
|
||||
'error' => $originalError.' [fast-failed by RouteSupplierLeadJob]',
|
||||
]);
|
||||
Log::info('supplier_lead.fast_failed_terminal_error', [
|
||||
'supplier_lead_id' => $lead->id,
|
||||
'original_error' => $originalError,
|
||||
]);
|
||||
|
||||
return;
|
||||
}
|
||||
|
||||
$projectField = (string) ($lead->raw_payload['project'] ?? '');
|
||||
[$platform, $signalType, $identifier] = $this->parseProjectField($projectField);
|
||||
|
||||
@@ -157,7 +135,7 @@ class RouteSupplierLeadJob implements ShouldQueue
|
||||
$failures = [];
|
||||
foreach ($selected as $project) {
|
||||
try {
|
||||
if ($this->createDealCopyForProject($lead, $project, $notifier, $ledger, $subjectCode)) {
|
||||
if ($this->createDealCopyForProject($lead, $project, $duplicateDetector, $notifier, $ledger, $subjectCode)) {
|
||||
$createdCount++;
|
||||
}
|
||||
} catch (Throwable $e) {
|
||||
@@ -197,16 +175,11 @@ class RouteSupplierLeadJob implements ShouldQueue
|
||||
*/
|
||||
private function parseProjectField(string $project): array
|
||||
{
|
||||
if (preg_match('/^(B[123])_(.+)$/', $project, $m) === 1) {
|
||||
$platform = $m[1];
|
||||
$rest = $m[2];
|
||||
} else {
|
||||
// Phase 3: проекты без B-префикса попадают в DIRECT.
|
||||
// Весь project считается identifier-частью; signal_type определяется
|
||||
// тем же regex'ом, что для $rest у B-префиксных.
|
||||
$platform = 'DIRECT';
|
||||
$rest = $project;
|
||||
if (preg_match('/^(B[123])_(.+)$/', $project, $m) !== 1) {
|
||||
throw new RuntimeException("Cannot parse supplier project field: '{$project}'");
|
||||
}
|
||||
$platform = $m[1];
|
||||
$rest = $m[2];
|
||||
|
||||
// Домен с латинским TLD ≥2 букв (последний сегмент — только буквы), допускается
|
||||
// в любой позиции строки. Соответствует чистому rest и встроенному в текст домену.
|
||||
@@ -232,18 +205,19 @@ class RouteSupplierLeadJob implements ShouldQueue
|
||||
|
||||
/**
|
||||
* Создаёт deal-копию в одной транзакции для конкретного Project.
|
||||
* Возвращает true — если deal создан и баланс списан, счётчики выросли.
|
||||
* false — если лимит исчерпан под блокировкой (deal не создаётся).
|
||||
* Возвращает true — если копия не дубль (баланс списан, счётчики выросли).
|
||||
* false — если копия помечена дублем (без списания).
|
||||
*/
|
||||
private function createDealCopyForProject(
|
||||
SupplierLead $lead,
|
||||
Project $project,
|
||||
DuplicateDetector $duplicateDetector,
|
||||
NotificationService $notifier,
|
||||
LedgerService $ledger,
|
||||
?int $subjectCode,
|
||||
): bool {
|
||||
try {
|
||||
return DB::transaction(function () use ($lead, $project, $notifier, $ledger, $subjectCode): bool {
|
||||
return DB::transaction(function () use ($lead, $project, $duplicateDetector, $notifier, $ledger, $subjectCode): bool {
|
||||
DB::statement("SET LOCAL app.current_tenant_id = '{$project->tenant_id}'");
|
||||
|
||||
/** @var Tenant $tenant */
|
||||
@@ -262,48 +236,7 @@ class RouteSupplierLeadJob implements ShouldQueue
|
||||
->whereKey($project->id)
|
||||
->lockForUpdate()
|
||||
->firstOrFail();
|
||||
|
||||
// R-09 (Task 2.6, spec §4.2.4): recheck is_active под lock'ом.
|
||||
// matchEligibleProjects читает snapshot за активную дату (фиксированный
|
||||
// на 18:00 МСК); клиент мог нажать «пауза» в окне между matchEligible и
|
||||
// этой транзакцией. Snapshot всё ещё говорит "доставлять", но live state
|
||||
// — не доставляем (контракт «paused under lock = stop»).
|
||||
if (! $lockedProject->is_active) {
|
||||
Log::info('supplier_lead.project_paused_under_lock', [
|
||||
'supplier_lead_id' => $lead->id,
|
||||
'project_id' => $lockedProject->id,
|
||||
'tenant_id' => $tenant->id,
|
||||
]);
|
||||
|
||||
return false;
|
||||
}
|
||||
|
||||
// R-04 + R-06 (Task 2.6, spec §4.2.4): лимит из snapshot, не live.
|
||||
// Slepok-инвариант — лимит зафиксирован на 18:00 МСК; live daily_limit_target
|
||||
// (или effective_daily_limit_today) мог быть уменьшен после слепка, но это
|
||||
// не должно прерывать поток уже зафиксированного слепка поставщика.
|
||||
$msk = Carbon::now('Europe/Moscow');
|
||||
$activeDate = $msk->hour >= 21
|
||||
? $msk->copy()->addDay()->toDateString()
|
||||
: $msk->toDateString();
|
||||
$snapshot = DB::connection('pgsql_supplier')
|
||||
->table('project_routing_snapshots')
|
||||
->where('snapshot_date', $activeDate)
|
||||
->where('project_id', $lockedProject->id)
|
||||
->lockForUpdate()
|
||||
->first();
|
||||
if ($snapshot === null) {
|
||||
Log::info('supplier_lead.no_snapshot_skipped', [
|
||||
'supplier_lead_id' => $lead->id,
|
||||
'project_id' => $lockedProject->id,
|
||||
'tenant_id' => $tenant->id,
|
||||
'active_date' => $activeDate,
|
||||
]);
|
||||
|
||||
return false;
|
||||
}
|
||||
$effectiveLimit = (int) $snapshot->daily_limit;
|
||||
|
||||
$effectiveLimit = $lockedProject->effective_daily_limit_today ?? $lockedProject->daily_limit_target;
|
||||
if ($lockedProject->delivered_today >= $effectiveLimit) {
|
||||
Log::info('supplier_lead.project_at_limit_skipped', [
|
||||
'supplier_lead_id' => $lead->id,
|
||||
@@ -317,73 +250,6 @@ class RouteSupplierLeadJob implements ShouldQueue
|
||||
}
|
||||
$project = $lockedProject;
|
||||
|
||||
// Phase 2 fix: merge с CSV-recovered deal если webhook догоняет.
|
||||
// Идемпотентность race condition между CsvReconcileJob (vid=NULL, recovered
|
||||
// from CSV) и webhook (vid=int, реальный supplier-id). До этой проверки они
|
||||
// создавали 2 deal'a (DD снят Spec B Phase 1). Merge выполняется только если:
|
||||
// - webhook ЕСТЬ настоящий vid (lead.vid !== null) — без vid merge'ить нечего;
|
||||
// - csv-recovered deal существует за последние 24h, тот же phone+project+tenant;
|
||||
// - csv-recovered deal БЕЗ source_crm_id (т.е. он именно CSV-recovered, не другой webhook).
|
||||
// При merge: UPDATE existing.source_crm_id, INSERT supplier_lead_deliveries,
|
||||
// БЕЗ chargeForDelivery (LeadCharge уже есть с момента CSV recovery).
|
||||
$existingMergeable = null;
|
||||
if ($lead->vid !== null) {
|
||||
$existingMergeable = Deal::query()
|
||||
->where('tenant_id', $tenant->id)
|
||||
->where('phone', (string) $lead->phone)
|
||||
->where('project_id', $project->id)
|
||||
->whereNull('source_crm_id')
|
||||
->where('received_at', '>=', now()->subDay())
|
||||
->lockForUpdate()
|
||||
->first();
|
||||
}
|
||||
if ($existingMergeable !== null) {
|
||||
// Заполняем supplier_lead.id у обоих SupplierLead → одному Deal
|
||||
DB::table('supplier_lead_deliveries')->insert([
|
||||
'supplier_lead_id' => $lead->id,
|
||||
'tenant_id' => $tenant->id,
|
||||
'deal_id' => $existingMergeable->id,
|
||||
'created_at' => now(),
|
||||
]);
|
||||
// Обновляем только source_crm_id + updated_at через DB::table.
|
||||
// NB (регрессия 26.05.2026 04:12-05:03 UTC, 9 failed_jobs):
|
||||
// received_at — partition key, и lead_charges имеет FK
|
||||
// (deal_id, deal_received_at) с ON DELETE CASCADE, но
|
||||
// ON UPDATE NO ACTION (default). Любое изменение received_at
|
||||
// ломает FK даже в той же месячной партиции (даже DEFERRABLE
|
||||
// INITIALLY DEFERRED не помогает — проверка падает на COMMIT).
|
||||
// CSV-recovered received_at сохраняем как есть — отличие на минуты
|
||||
// несущественно, чем риск каскадного DELETE lead_charges.
|
||||
DB::table('deals')
|
||||
->where('id', $existingMergeable->id)
|
||||
->where('received_at', $existingMergeable->received_at)
|
||||
->update(['source_crm_id' => $lead->vid, 'updated_at' => now()]);
|
||||
|
||||
Log::info('supplier_lead.merged_into_csv_recovered', [
|
||||
'supplier_lead_id' => $lead->id,
|
||||
'merged_into_deal_id' => $existingMergeable->id,
|
||||
'tenant_id' => $tenant->id,
|
||||
]);
|
||||
|
||||
return true; // считаем «доставленным», но без второго списания
|
||||
}
|
||||
|
||||
// Spec B: per-(supplier_lead, tenant) lock — одна поставка одному клиенту = один раз.
|
||||
// insertOrIgnore вернёт 0, если строка уже существует (повтор/гонка/CSV-recovery).
|
||||
$locked = DB::table('supplier_lead_deliveries')->insertOrIgnore([
|
||||
'supplier_lead_id' => $lead->id,
|
||||
'tenant_id' => $tenant->id,
|
||||
'created_at' => now(),
|
||||
]);
|
||||
if ($locked === 0) {
|
||||
Log::info('supplier_lead.delivery_already_locked', [
|
||||
'supplier_lead_id' => $lead->id,
|
||||
'tenant_id' => $tenant->id,
|
||||
]);
|
||||
|
||||
return false;
|
||||
}
|
||||
|
||||
$payload = $lead->raw_payload ?? [];
|
||||
$receivedAt = isset($payload['time'])
|
||||
? Carbon::createFromTimestamp((int) $payload['time'])
|
||||
@@ -405,10 +271,39 @@ class RouteSupplierLeadJob implements ShouldQueue
|
||||
'subject_code' => $subjectCode,
|
||||
]);
|
||||
|
||||
DB::table('supplier_lead_deliveries')
|
||||
->where('supplier_lead_id', $lead->id)
|
||||
->where('tenant_id', $tenant->id)
|
||||
->update(['deal_id' => $deal->id]);
|
||||
$master = $duplicateDetector->findMaster(
|
||||
tenantId: (int) $tenant->id,
|
||||
phone: (string) $lead->phone,
|
||||
now: $receivedAt,
|
||||
);
|
||||
|
||||
// Только что созданный $deal сам попадает в выборку DuplicateDetector
|
||||
// (он уже в БД к моменту lookup'а), поэтому master может ===$deal.
|
||||
// Дубль — только если master найден И это НЕ сам deal.
|
||||
if ($master !== null && $master->id !== $deal->id) {
|
||||
$deal->update(['duplicate_of_id' => $master->id]);
|
||||
|
||||
ActivityLog::create([
|
||||
'tenant_id' => $tenant->id,
|
||||
'user_id' => null,
|
||||
'deal_id' => $deal->id,
|
||||
'event' => ActivityLog::EVENT_DEAL_CREATED,
|
||||
'context' => [
|
||||
'source' => 'supplier_webhook',
|
||||
'duplicate_of' => $master->id,
|
||||
'supplier_lead_id' => $lead->id,
|
||||
],
|
||||
'created_at' => now(),
|
||||
]);
|
||||
|
||||
app(PdAuditLogger::class)->record(
|
||||
action: 'created', subjectType: 'lead', subjectId: $deal->id,
|
||||
purpose: 'lead_create_supplier', tenantId: (int) $deal->tenant_id,
|
||||
actorTenantUserId: null, actorAdminUserId: null, ip: null,
|
||||
);
|
||||
|
||||
return false;
|
||||
}
|
||||
|
||||
// Task 6: $ledger->chargeForDelivery бросит InsufficientBalanceException —
|
||||
// транзакция откатится, и outer catch ниже отловит для auto-pause flow.
|
||||
@@ -417,14 +312,6 @@ class RouteSupplierLeadJob implements ShouldQueue
|
||||
$project->increment('delivered_today');
|
||||
$project->increment('delivered_in_month');
|
||||
|
||||
// Task 2.6: атомарный инкремент snapshot.delivered_count
|
||||
// (для CSV business-drift reconcile — Task 2.5 closure cont'd).
|
||||
DB::connection('pgsql_supplier')
|
||||
->table('project_routing_snapshots')
|
||||
->where('snapshot_date', $activeDate)
|
||||
->where('project_id', $project->id)
|
||||
->increment('delivered_count');
|
||||
|
||||
ActivityLog::create([
|
||||
'tenant_id' => $tenant->id,
|
||||
'user_id' => null,
|
||||
@@ -443,8 +330,8 @@ class RouteSupplierLeadJob implements ShouldQueue
|
||||
actorTenantUserId: null, actorAdminUserId: null, ip: null,
|
||||
);
|
||||
|
||||
// setRelation чтобы NotificationService мог подтянуть
|
||||
// deal->project без N+1 lookup'а под RLS.
|
||||
// ProcessWebhookJob-pattern: setRelation чтобы NotificationService
|
||||
// мог подтянуть deal->project без N+1 lookup'а под RLS.
|
||||
$deal->setRelation('project', $project);
|
||||
$notifier->notifyNewLead($tenant, $deal);
|
||||
|
||||
@@ -497,6 +384,7 @@ class RouteSupplierLeadJob implements ShouldQueue
|
||||
'supplier_lead_id' => $lead->id,
|
||||
'price_kopecks' => $e->priceKopecks,
|
||||
'balance_rub' => $e->balanceRub,
|
||||
'balance_leads' => $e->balanceLeads,
|
||||
]);
|
||||
}
|
||||
|
||||
|
||||
@@ -1,71 +0,0 @@
|
||||
<?php
|
||||
|
||||
declare(strict_types=1);
|
||||
|
||||
namespace App\Jobs;
|
||||
|
||||
use Carbon\Carbon;
|
||||
use Illuminate\Bus\Queueable;
|
||||
use Illuminate\Contracts\Queue\ShouldQueue;
|
||||
use Illuminate\Foundation\Bus\Dispatchable;
|
||||
use Illuminate\Queue\InteractsWithQueue;
|
||||
use Illuminate\Queue\SerializesModels;
|
||||
use Illuminate\Support\Facades\DB;
|
||||
use Illuminate\Support\Facades\Log;
|
||||
|
||||
/**
|
||||
* Daily 18:02 МСК snapshot — фиксирует состояние всех eligible Лидерра-проектов
|
||||
* на завтрашний день (slepok №NЛ по канону спека §0).
|
||||
* Spec: docs/superpowers/specs/2026-05-26-slepok-routing-protection-design.md §4.2.2.
|
||||
*/
|
||||
final class SnapshotProjectRoutingJob implements ShouldQueue
|
||||
{
|
||||
use Dispatchable, Queueable, InteractsWithQueue, SerializesModels;
|
||||
|
||||
public const DB_CONNECTION = 'pgsql_supplier'; // BYPASSRLS
|
||||
|
||||
public function handle(): void
|
||||
{
|
||||
$snapshotDate = Carbon::tomorrow('Europe/Moscow')->toDateString();
|
||||
$weekdayBit = 1 << (Carbon::tomorrow('Europe/Moscow')->isoWeekday() - 1);
|
||||
|
||||
// NB: Без внешнего transaction() — атомарность гарантирует INSERT ... ON CONFLICT
|
||||
// на уровне PG. Внешний transaction() ломается при тестах под DatabaseTransactions
|
||||
// + SharesSupplierPdo (общий PDO pgsql/pgsql_supplier → PG ругается «active transaction»).
|
||||
$exists = DB::connection(self::DB_CONNECTION)
|
||||
->table('project_routing_snapshots')
|
||||
->where('snapshot_date', $snapshotDate)
|
||||
->exists();
|
||||
if ($exists) {
|
||||
Log::info('snapshot.already_exists', ['date' => $snapshotDate]);
|
||||
return;
|
||||
}
|
||||
|
||||
$count = DB::connection(self::DB_CONNECTION)->insert(<<<SQL
|
||||
INSERT INTO project_routing_snapshots (
|
||||
snapshot_date, project_id, tenant_id,
|
||||
daily_limit, delivery_days_mask, regions,
|
||||
signal_type, signal_identifier, sms_senders, sms_keyword,
|
||||
expected_volume
|
||||
)
|
||||
SELECT
|
||||
?::date,
|
||||
p.id, p.tenant_id,
|
||||
COALESCE(p.effective_daily_limit_today, p.daily_limit_target),
|
||||
p.delivery_days_mask,
|
||||
p.regions,
|
||||
p.signal_type, p.signal_identifier, p.sms_senders, p.sms_keyword,
|
||||
COALESCE(p.effective_daily_limit_today, p.daily_limit_target)
|
||||
FROM projects p
|
||||
INNER JOIN tenants t ON t.id = p.tenant_id
|
||||
WHERE p.is_active = true
|
||||
AND (p.delivery_days_mask & ?::int) <> 0
|
||||
AND p.preflight_blocked_at IS NULL
|
||||
AND t.frozen_by_balance_at IS NULL
|
||||
AND t.deleted_at IS NULL
|
||||
ON CONFLICT (snapshot_date, project_id) DO NOTHING
|
||||
SQL, [$snapshotDate, $weekdayBit]);
|
||||
|
||||
Log::info('snapshot.created', ['date' => $snapshotDate, 'rows' => $count]);
|
||||
}
|
||||
}
|
||||
@@ -59,14 +59,19 @@ class CleanupInactiveSupplierProjectsJob implements ShouldQueue
|
||||
{
|
||||
$client ??= app(SupplierPortalClient::class);
|
||||
|
||||
// Источник истинности активности — `project_supplier_links` pivot (Plan 3+).
|
||||
// Legacy FK `supplier_b{1,2,3}_project_id` оставлены для read-compat,
|
||||
// но не определяют активность.
|
||||
// Подзапрос — DISTINCT id'шники supplier_projects, на которые ссылается
|
||||
// хотя бы один Лидерра-project с is_active=true через любой из трёх FK.
|
||||
$activeIdsSubquery = <<<'SQL'
|
||||
SELECT DISTINCT psl.supplier_project_id AS id
|
||||
FROM project_supplier_links psl
|
||||
INNER JOIN projects p ON p.id = psl.project_id
|
||||
WHERE p.is_active = true
|
||||
SELECT DISTINCT id FROM (
|
||||
SELECT supplier_b1_project_id AS id FROM projects
|
||||
WHERE is_active = true AND supplier_b1_project_id IS NOT NULL
|
||||
UNION
|
||||
SELECT supplier_b2_project_id FROM projects
|
||||
WHERE is_active = true AND supplier_b2_project_id IS NOT NULL
|
||||
UNION
|
||||
SELECT supplier_b3_project_id FROM projects
|
||||
WHERE is_active = true AND supplier_b3_project_id IS NOT NULL
|
||||
) AS active_supplier_ids
|
||||
SQL;
|
||||
|
||||
// Phase A — re-activate (СНАЧАЛА для safety: до Phase C, чтобы недавно
|
||||
|
||||
@@ -126,15 +126,11 @@ final class CsvReconcileJob implements ShouldQueue
|
||||
$missing = array_diff_key($csvByKey, $existingKeys);
|
||||
|
||||
$recoveredCount = 0;
|
||||
$unparseableCount = 0;
|
||||
foreach ($missing as $row) {
|
||||
$platform = $this->extractPlatform((string) $row['project']);
|
||||
if ($platform === null) {
|
||||
// Поставщик иногда кладёт в `project` нестандартные имена (телефон, URL).
|
||||
// Не warning — это не наш баг, processing продолжается, paper-trail на info уровне.
|
||||
// Считаем такие строки отдельно, чтобы исключить из формулы drift'а
|
||||
// (иначе ~40-50% мусора каждый запуск стабильно даёт false-positive drift_alert).
|
||||
$unparseableCount++;
|
||||
Log::info('csv_reconcile.unparseable_project_skipped', [
|
||||
'project' => $row['project'],
|
||||
]);
|
||||
@@ -165,14 +161,7 @@ final class CsvReconcileJob implements ShouldQueue
|
||||
}
|
||||
|
||||
$matchedCount = $totalCsvRows - count($missing);
|
||||
// drift считается только по «реальным» пропускам (parseable, не junk):
|
||||
// real_missing = count(missing) - unparseable (всегда ≥ 0)
|
||||
// parseable_tot = total_csv_rows - unparseable
|
||||
// Это убирает класс «поставщик кладёт телефон/URL в поле project →
|
||||
// строки скипаются → drift искусственно завышен» (см. ПИЛОТ 22.05, 25.05).
|
||||
$realMissing = max(0, count($missing) - $unparseableCount);
|
||||
$parseableTotal = max(0, $totalCsvRows - $unparseableCount);
|
||||
$driftRatio = $parseableTotal > 0 ? $realMissing / $parseableTotal : 0.0;
|
||||
$driftRatio = $totalCsvRows > 0 ? count($missing) / $totalCsvRows : 0.0;
|
||||
$status = $driftRatio > self::DRIFT_THRESHOLD ? 'drift_alert' : 'ok';
|
||||
|
||||
$update = [
|
||||
@@ -180,7 +169,6 @@ final class CsvReconcileJob implements ShouldQueue
|
||||
'total_csv_rows' => $totalCsvRows,
|
||||
'matched_count' => $matchedCount,
|
||||
'recovered_count' => $recoveredCount,
|
||||
'unparseable_count' => $unparseableCount,
|
||||
'drift_ratio' => $driftRatio,
|
||||
'status' => $status,
|
||||
];
|
||||
@@ -204,13 +192,6 @@ final class CsvReconcileJob implements ShouldQueue
|
||||
->where('id', $logId)
|
||||
->update($update);
|
||||
|
||||
// R-05 / §4.4.4 second pass — business-drift on project_routing_snapshots.
|
||||
// Detects tenants where supplier under-delivered against the slepok plan
|
||||
// (shortfall = (expected - delivered) / expected > 20%). Orthogonal to
|
||||
// webhook-loss drift above — same lead can be missing from CSV AND from
|
||||
// delivered_count (compounding R-05.1 + R-05.2).
|
||||
$this->detectAndAlertBusinessDrift($mailer, $windowStart, $windowEnd);
|
||||
|
||||
} catch (Throwable $e) {
|
||||
// $logId === null — упал сам insertGetId, log-строки нет, обновлять нечего.
|
||||
if ($logId !== null) {
|
||||
@@ -238,85 +219,15 @@ final class CsvReconcileJob implements ShouldQueue
|
||||
}
|
||||
|
||||
/**
|
||||
* Извлекает platform из имени проекта:
|
||||
* - `B[123]_<rest>` → 'B1' / 'B2' / 'B3';
|
||||
* - Phase 3: иначе, если строка непустая и состоит из identifier-символов
|
||||
* (домены / телефоны / SMS-отправители) → 'DIRECT';
|
||||
* - откровенный мусор (только спец-символы, пусто) → null (unparseable).
|
||||
* Извлекает platform (B1/B2/B3) из имени проекта формата `B[123]_<rest>`.
|
||||
* Возвращает null если не парсится — caller пропустит строку с warning.
|
||||
*/
|
||||
private function extractPlatform(string $project): ?string
|
||||
{
|
||||
if (preg_match('/^(B[123])_/', $project, $m) === 1) {
|
||||
return $m[1];
|
||||
}
|
||||
// Phase 3: всё что выглядит как разумный identifier (домен / телефон / SMS-sender) → DIRECT.
|
||||
// unparseable_count теперь только для откровенного мусора (пустые / только спец-символы).
|
||||
$trimmed = trim($project);
|
||||
if ($trimmed !== '' && preg_match('/^[\w\-.а-яА-Я0-9\/() +]+$/u', $trimmed) === 1) {
|
||||
return 'DIRECT';
|
||||
}
|
||||
|
||||
return null;
|
||||
}
|
||||
|
||||
/**
|
||||
* R-05 (Stage 4 §4.4.4) — business-drift second pass.
|
||||
*
|
||||
* Поверх существующего webhook-loss drift (R-05.1: «лид прилетел, мы webhook'а не
|
||||
* получили») ищем business-drift (R-05.2: «лид прилетел, мы доставили не тому/никому»):
|
||||
* для каждой пары (snapshot_date, tenant_id) считаем SUM(expected_volume) и
|
||||
* SUM(delivered_count) по `project_routing_snapshots`, при shortfall > 20% шлём
|
||||
* `TenantBusinessDriftAlertMail` админу.
|
||||
*
|
||||
* Окно — то же что у текущего CSV-reconcile run. Один email на тенанта на дату.
|
||||
*/
|
||||
private const BUSINESS_DRIFT_THRESHOLD = 0.20;
|
||||
|
||||
private function detectAndAlertBusinessDrift(
|
||||
Mailer $mailer,
|
||||
\Carbon\CarbonInterface $windowStart,
|
||||
\Carbon\CarbonInterface $windowEnd,
|
||||
): void {
|
||||
$from = $windowStart->toDateString();
|
||||
$to = $windowEnd->toDateString();
|
||||
|
||||
$rows = DB::connection(self::DB_CONNECTION)
|
||||
->table('project_routing_snapshots')
|
||||
->whereBetween('snapshot_date', [$from, $to])
|
||||
->groupBy('snapshot_date', 'tenant_id')
|
||||
->selectRaw('snapshot_date, tenant_id, SUM(expected_volume) AS expected, SUM(delivered_count) AS delivered')
|
||||
->havingRaw('SUM(expected_volume) > 0')
|
||||
->get();
|
||||
|
||||
foreach ($rows as $row) {
|
||||
$expected = (int) $row->expected;
|
||||
$delivered = (int) $row->delivered;
|
||||
if ($expected <= 0) {
|
||||
continue;
|
||||
}
|
||||
$shortfall = ($expected - $delivered) / $expected;
|
||||
if ($shortfall <= self::BUSINESS_DRIFT_THRESHOLD) {
|
||||
continue;
|
||||
}
|
||||
|
||||
$mailer->to((string) config('services.supplier.alert_email'))
|
||||
->send(new \App\Mail\TenantBusinessDriftAlertMail(
|
||||
tenantId: (int) $row->tenant_id,
|
||||
snapshotDate: (string) $row->snapshot_date,
|
||||
expected: $expected,
|
||||
delivered: $delivered,
|
||||
shortfallRatio: $shortfall,
|
||||
windowStart: $windowStart,
|
||||
windowEnd: $windowEnd,
|
||||
));
|
||||
|
||||
Log::warning('csv_reconcile.business_drift_alert', [
|
||||
'tenant_id' => (int) $row->tenant_id,
|
||||
'snapshot_date' => (string) $row->snapshot_date,
|
||||
'expected' => $expected,
|
||||
'delivered' => $delivered,
|
||||
'shortfall' => $shortfall,
|
||||
]);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
@@ -83,8 +83,12 @@ class SyncSupplierProjectsJob implements ShouldQueue
|
||||
$this->client = app(SupplierPortalClient::class);
|
||||
$consecutiveTransient = 0;
|
||||
|
||||
// 1. Load active Лидерра-projects via pgsql_supplier (фильтруя frozen, Billing v2 Spec C §3.10).
|
||||
$projects = $this->collectEligibleProjects();
|
||||
// 1. Load active Лидерра-projects via pgsql_supplier
|
||||
/** @var Collection<int, Project> $projects */
|
||||
$projects = Project::on(self::DB_CONNECTION)
|
||||
->where('is_active', true)
|
||||
->orderBy('id')
|
||||
->get();
|
||||
|
||||
// 2. Group by (signal_type, identifier) — no subject_code split.
|
||||
// Portal constraint: one identifier = one B1/B2/B3 group (status=Doubles on duplicate name).
|
||||
@@ -177,82 +181,6 @@ class SyncSupplierProjectsJob implements ShouldQueue
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* Собрать eligible Лидерра-проекты для расчёта заказа поставщику.
|
||||
*
|
||||
* Фильтры (Billing v2 Spec C §3.10 — преfflight баланса):
|
||||
* — is_active = true (базовый);
|
||||
* — preflight_blocked_at IS NULL (точечная блокировка проекта при «перегрузе» лимита);
|
||||
* — tenant.frozen_by_balance_at IS NULL (пассивная заморозка тенанта по пустому балансу).
|
||||
*
|
||||
* Запрос через pgsql_supplier (BYPASSRLS) — джоб бегает в системном контексте.
|
||||
* Метод публичный для unit-теста; никто из caller'ов кроме handle() его не зовёт.
|
||||
*
|
||||
* @return Collection<int, Project>
|
||||
*/
|
||||
public function collectEligibleProjects(): Collection
|
||||
{
|
||||
// Task 2.9 (Spec §4.2.4b): читаем проекты ИЗ snapshot за завтра, не live
|
||||
// projects.is_active. Это закрывает race 18:02 (snapshot) → 18:05 (sync) —
|
||||
// клиент мог paus'нуть проект между двумя cron'ами, но мы должны докатить
|
||||
// зафиксированный slepok поставщику (slepok-инвариант).
|
||||
//
|
||||
// Snapshot уже отфильтрован по is_active=true, preflight_blocked_at IS NULL,
|
||||
// tenants.frozen_by_balance_at IS NULL (см. SnapshotProjectRoutingJob /
|
||||
// SnapshotBackfillCommand WHERE). Здесь повторяем frozen-фильтр на случай
|
||||
// если tenant заморожен между 18:02 и 18:05 (rare safety net).
|
||||
//
|
||||
// Переопределяем live поля проекта значениями snapshot'а: daily_limit_target,
|
||||
// delivery_days_mask, regions. Downstream код syncGroup() читает эти поля как
|
||||
// обычно — без изменений в логике группировки/распределения.
|
||||
$tomorrow = Carbon::tomorrow('Europe/Moscow')->toDateString();
|
||||
|
||||
// Eloquent JOIN — casts (PostgresIntArray для regions) применяются автоматически.
|
||||
// Raw DB::table возвращал regions как PostgreSQL-string '{1,2,3}' и ломал PostgresIntArray cast.
|
||||
$projects = Project::on(self::DB_CONNECTION)
|
||||
->join('project_routing_snapshots AS snap', 'snap.project_id', '=', 'projects.id')
|
||||
->whereIn('snap.tenant_id', function ($q): void {
|
||||
$q->select('id')->from('tenants')->whereNull('frozen_by_balance_at');
|
||||
})
|
||||
->where('snap.snapshot_date', $tomorrow)
|
||||
->select(
|
||||
'projects.*',
|
||||
'snap.daily_limit AS snap_daily_limit',
|
||||
'snap.delivery_days_mask AS snap_delivery_days_mask',
|
||||
'snap.regions AS snap_regions',
|
||||
)
|
||||
->orderBy('projects.id')
|
||||
->get();
|
||||
|
||||
// Override live fields with snapshot values — slepok semantic.
|
||||
// snap_regions приходит как PostgreSQL-array string ('{77,99}') через append
|
||||
// (не Eloquent-cast), парсим вручную.
|
||||
foreach ($projects as $project) {
|
||||
$project->daily_limit_target = (int) $project->getAttribute('snap_daily_limit');
|
||||
$project->delivery_days_mask = (int) $project->getAttribute('snap_delivery_days_mask');
|
||||
$project->regions = $this->parsePostgresIntArray((string) $project->getAttribute('snap_regions'));
|
||||
}
|
||||
|
||||
return $projects;
|
||||
}
|
||||
|
||||
/**
|
||||
* Парсит PostgreSQL int-array literal `'{1,2,3}'` или `'{}'` в PHP `[1,2,3]` / `[]`.
|
||||
* Используется для snap_regions (через raw select), который не подхватывается
|
||||
* Eloquent PostgresIntArray cast'ом (тот цастит только реальное regions column).
|
||||
*
|
||||
* @return list<int>
|
||||
*/
|
||||
private function parsePostgresIntArray(string $literal): array
|
||||
{
|
||||
$trimmed = trim($literal, "{} \t\n\r\0\x0B");
|
||||
if ($trimmed === '') {
|
||||
return [];
|
||||
}
|
||||
|
||||
return array_values(array_map('intval', explode(',', $trimmed)));
|
||||
}
|
||||
|
||||
/**
|
||||
* @param array{signal_type: string, identifier: string, merged_regions: list<int>, has_all_russia: bool, platforms: list<string>, projects: list<Project>} $group
|
||||
*/
|
||||
|
||||
@@ -107,16 +107,13 @@ class SyncSupplierProjectJob implements ShouldQueue
|
||||
return;
|
||||
}
|
||||
|
||||
// R-17 (Stage 4 §4.4.1): unified agnostic key (was buildUniqueKey($p, $platform[0])
|
||||
// which diverged for SMS — B3 used sender alone while B2 used sender+keyword;
|
||||
// created orphan supplier_projects rows during sharing rebalance).
|
||||
$identifier = SupplierProjectGrouping::buildUniqueKeyAgnostic($project);
|
||||
$identifier = SupplierProjectGrouping::buildUniqueKey($project, $platforms[0]);
|
||||
|
||||
// GROUP recompute (multi-client): an online edit of ONE project must recompute the
|
||||
// WHOLE group sharing this identifier — otherwise it overwrites siblings' regions/
|
||||
// limit/days until the nightly batch. Mirrors SyncSupplierProjectsJob::syncGroup so
|
||||
// online and nightly produce identical supplier state.
|
||||
$agnostic = $identifier;
|
||||
$agnostic = SupplierProjectGrouping::buildUniqueKeyAgnostic($project);
|
||||
$groupProjects = Project::on(self::DB_CONNECTION)
|
||||
->where('is_active', true)
|
||||
->where('signal_type', (string) $project->signal_type)
|
||||
@@ -128,9 +125,8 @@ class SyncSupplierProjectJob implements ShouldQueue
|
||||
$groupActive = $groupProjects->isNotEmpty();
|
||||
$status = $groupActive ? 'active' : 'paused';
|
||||
|
||||
// eligible target_date → order/workdays (mirror nightly's eligibility window).
|
||||
// R-18 (Stage 4 §4.4.2): see ::targetWeekdayForNow().
|
||||
$targetWeekday = self::targetWeekdayForNow();
|
||||
// eligible tomorrow → order/workdays (mirror nightly's eligibility window).
|
||||
$targetWeekday = Carbon::tomorrow('Europe/Moscow')->isoWeekday();
|
||||
$eligible = $groupProjects->filter(
|
||||
fn (Project $gp) => ((int) $gp->delivery_days_mask & (1 << ($targetWeekday - 1))) !== 0
|
||||
)->values();
|
||||
@@ -388,10 +384,8 @@ class SyncSupplierProjectJob implements ShouldQueue
|
||||
$platforms = SupplierProjectGrouping::resolvePlatforms($project);
|
||||
$workdays = $this->workdaysFromMask((int) $project->delivery_days_mask);
|
||||
|
||||
// R-17 (Stage 4 §4.4.1): same agnostic key for all platforms in this batch run
|
||||
// (was per-platform divergence for SMS — created orphan rows).
|
||||
$uniqueKey = SupplierProjectGrouping::buildUniqueKeyAgnostic($project);
|
||||
foreach ($platforms as $platform) {
|
||||
$uniqueKey = SupplierProjectGrouping::buildUniqueKey($project, $platform);
|
||||
$column = 'supplier_'.strtolower($platform).'_project_id';
|
||||
|
||||
// Idempotency: local supplier_projects-запись уже есть?
|
||||
@@ -543,24 +537,4 @@ class SyncSupplierProjectJob implements ShouldQueue
|
||||
|
||||
return $out;
|
||||
}
|
||||
|
||||
/**
|
||||
* R-18 (Stage 4 §4.4.2): ISO target weekday for online supplier sync.
|
||||
*
|
||||
* Slepok cut-off boundary is 21:00 МСК (matches supplier's snapshot fix-point), not midnight.
|
||||
* hour < 21 МСК → target = today + 1 day
|
||||
* hour >= 21 МСК → target = today + 2 days
|
||||
*
|
||||
* Before fix: `Carbon::tomorrow('Europe/Moscow')->isoWeekday()` flipped target at midnight
|
||||
* (Thu 23:59 → Fri; Fri 00:01 → Sat), mis-aligning portal sync with supplier's already-fixed
|
||||
* slepok. The post-21:00 portion of day N belongs to slepok dated N+1 (effective day N+2).
|
||||
*/
|
||||
public static function targetWeekdayForNow(): int
|
||||
{
|
||||
$msk = Carbon::now('Europe/Moscow');
|
||||
|
||||
return $msk->hour >= 21
|
||||
? $msk->copy()->addDays(2)->startOfDay()->isoWeekday()
|
||||
: $msk->copy()->addDay()->startOfDay()->isoWeekday();
|
||||
}
|
||||
}
|
||||
|
||||
@@ -1,41 +0,0 @@
|
||||
<?php
|
||||
|
||||
declare(strict_types=1);
|
||||
|
||||
namespace App\Mail;
|
||||
|
||||
use App\Models\Tenant;
|
||||
use App\Services\Billing\PreflightResult;
|
||||
use Illuminate\Bus\Queueable;
|
||||
use Illuminate\Mail\Mailable;
|
||||
use Illuminate\Mail\Mailables\Content;
|
||||
use Illuminate\Mail\Mailables\Envelope;
|
||||
use Illuminate\Queue\SerializesModels;
|
||||
|
||||
/**
|
||||
* Финальное письмо: приём лидов приостановлен 3 дня (Billing v2 Spec C §3.7, T+72h).
|
||||
* После него повторов нет до следующего цикла заморозки.
|
||||
*/
|
||||
final class BalanceFrozenFinalMail extends Mailable
|
||||
{
|
||||
use Queueable;
|
||||
use SerializesModels;
|
||||
|
||||
public function __construct(
|
||||
public readonly Tenant $tenant,
|
||||
public readonly PreflightResult $result,
|
||||
) {}
|
||||
|
||||
public function envelope(): Envelope
|
||||
{
|
||||
return new Envelope(
|
||||
subject: 'Приём лидов приостановлен 3 дня',
|
||||
to: [$this->tenant->contact_email],
|
||||
);
|
||||
}
|
||||
|
||||
public function content(): Content
|
||||
{
|
||||
return new Content(view: 'emails.balance_frozen_final');
|
||||
}
|
||||
}
|
||||
@@ -1,42 +0,0 @@
|
||||
<?php
|
||||
|
||||
declare(strict_types=1);
|
||||
|
||||
namespace App\Mail;
|
||||
|
||||
use App\Models\Tenant;
|
||||
use App\Services\Billing\PreflightResult;
|
||||
use Illuminate\Bus\Queueable;
|
||||
use Illuminate\Mail\Mailable;
|
||||
use Illuminate\Mail\Mailables\Content;
|
||||
use Illuminate\Mail\Mailables\Envelope;
|
||||
use Illuminate\Queue\SerializesModels;
|
||||
|
||||
/**
|
||||
* Письмо клиенту: приём лидов приостановлен из-за нехватки баланса (Billing v2 Spec C §3.7).
|
||||
*
|
||||
* Триггер: BalancePreflightSweepJob при переходе тенанта active → frozen (cut-off 18:00 MSK).
|
||||
*/
|
||||
final class BalanceFrozenMail extends Mailable
|
||||
{
|
||||
use Queueable;
|
||||
use SerializesModels;
|
||||
|
||||
public function __construct(
|
||||
public readonly Tenant $tenant,
|
||||
public readonly PreflightResult $result,
|
||||
) {}
|
||||
|
||||
public function envelope(): Envelope
|
||||
{
|
||||
return new Envelope(
|
||||
subject: 'Приём лидов приостановлен — недостаточно баланса',
|
||||
to: [$this->tenant->contact_email],
|
||||
);
|
||||
}
|
||||
|
||||
public function content(): Content
|
||||
{
|
||||
return new Content(view: 'emails.balance_frozen');
|
||||
}
|
||||
}
|
||||
@@ -1,40 +0,0 @@
|
||||
<?php
|
||||
|
||||
declare(strict_types=1);
|
||||
|
||||
namespace App\Mail;
|
||||
|
||||
use App\Models\Tenant;
|
||||
use App\Services\Billing\PreflightResult;
|
||||
use Illuminate\Bus\Queueable;
|
||||
use Illuminate\Mail\Mailable;
|
||||
use Illuminate\Mail\Mailables\Content;
|
||||
use Illuminate\Mail\Mailables\Envelope;
|
||||
use Illuminate\Queue\SerializesModels;
|
||||
|
||||
/**
|
||||
* Письмо-напоминание: приём лидов всё ещё приостановлен (Billing v2 Spec C §3.7, T+24h).
|
||||
*/
|
||||
final class BalanceFrozenReminderMail extends Mailable
|
||||
{
|
||||
use Queueable;
|
||||
use SerializesModels;
|
||||
|
||||
public function __construct(
|
||||
public readonly Tenant $tenant,
|
||||
public readonly PreflightResult $result,
|
||||
) {}
|
||||
|
||||
public function envelope(): Envelope
|
||||
{
|
||||
return new Envelope(
|
||||
subject: 'Приём лидов всё ещё приостановлен',
|
||||
to: [$this->tenant->contact_email],
|
||||
);
|
||||
}
|
||||
|
||||
public function content(): Content
|
||||
{
|
||||
return new Content(view: 'emails.balance_frozen_reminder');
|
||||
}
|
||||
}
|
||||
@@ -1,42 +0,0 @@
|
||||
<?php
|
||||
|
||||
declare(strict_types=1);
|
||||
|
||||
namespace App\Mail;
|
||||
|
||||
use App\Models\Tenant;
|
||||
use App\Services\Billing\PreflightResult;
|
||||
use Illuminate\Bus\Queueable;
|
||||
use Illuminate\Mail\Mailable;
|
||||
use Illuminate\Mail\Mailables\Content;
|
||||
use Illuminate\Mail\Mailables\Envelope;
|
||||
use Illuminate\Queue\SerializesModels;
|
||||
|
||||
/**
|
||||
* Письмо клиенту: приём лидов возобновлён (Billing v2 Spec C §3.7).
|
||||
*
|
||||
* Триггер: BalancePreflightSweepJob при переходе frozen → active (пополнение/снижение лимита).
|
||||
*/
|
||||
final class BalanceUnfrozenMail extends Mailable
|
||||
{
|
||||
use Queueable;
|
||||
use SerializesModels;
|
||||
|
||||
public function __construct(
|
||||
public readonly Tenant $tenant,
|
||||
public readonly PreflightResult $result,
|
||||
) {}
|
||||
|
||||
public function envelope(): Envelope
|
||||
{
|
||||
return new Envelope(
|
||||
subject: 'Приём лидов возобновлён',
|
||||
to: [$this->tenant->contact_email],
|
||||
);
|
||||
}
|
||||
|
||||
public function content(): Content
|
||||
{
|
||||
return new Content(view: 'emails.balance_unfrozen');
|
||||
}
|
||||
}
|
||||
@@ -0,0 +1,50 @@
|
||||
<?php
|
||||
|
||||
declare(strict_types=1);
|
||||
|
||||
namespace App\Mail;
|
||||
|
||||
use App\Models\Tenant;
|
||||
use App\Models\User;
|
||||
use Illuminate\Bus\Queueable;
|
||||
use Illuminate\Mail\Mailable;
|
||||
use Illuminate\Mail\Mailables\Content;
|
||||
use Illuminate\Mail\Mailables\Envelope;
|
||||
use Illuminate\Queue\SerializesModels;
|
||||
|
||||
/**
|
||||
* Email-уведомление о низком балансе (ТЗ §18.5, событие low_balance).
|
||||
*
|
||||
* Триггер: tenant.balance_leads <= system_settings.low_balance_threshold_leads
|
||||
* (default 10) после lead_charge в ProcessWebhookJob.
|
||||
*/
|
||||
class LowBalanceNotification extends Mailable
|
||||
{
|
||||
use Queueable;
|
||||
use SerializesModels;
|
||||
|
||||
public function __construct(
|
||||
public User $recipient,
|
||||
public Tenant $tenant,
|
||||
public int $thresholdLeads,
|
||||
) {}
|
||||
|
||||
public function envelope(): Envelope
|
||||
{
|
||||
return new Envelope(
|
||||
subject: 'Лидерра. Низкий баланс — пополните, чтобы не пропустить лиды',
|
||||
);
|
||||
}
|
||||
|
||||
public function content(): Content
|
||||
{
|
||||
return new Content(
|
||||
view: 'emails.low_balance',
|
||||
with: [
|
||||
'recipient' => $this->recipient,
|
||||
'tenant' => $this->tenant,
|
||||
'thresholdLeads' => $this->thresholdLeads,
|
||||
],
|
||||
);
|
||||
}
|
||||
}
|
||||
@@ -18,7 +18,7 @@ use Illuminate\Queue\SerializesModels;
|
||||
*
|
||||
* Отправляется получателям тенанта, у которых в notification_preferences
|
||||
* включён канал email для события new_lead. Триггер — успешное создание
|
||||
* сделки в RouteSupplierLeadJob.
|
||||
* сделки в ProcessWebhookJob::chargeNewLead.
|
||||
*/
|
||||
class NewLeadNotification extends Mailable
|
||||
{
|
||||
|
||||
@@ -1,51 +0,0 @@
|
||||
<?php
|
||||
|
||||
declare(strict_types=1);
|
||||
|
||||
namespace App\Mail;
|
||||
|
||||
use Carbon\CarbonInterface;
|
||||
use Illuminate\Bus\Queueable;
|
||||
use Illuminate\Mail\Mailable;
|
||||
use Illuminate\Mail\Mailables\Content;
|
||||
use Illuminate\Mail\Mailables\Envelope;
|
||||
use Illuminate\Queue\SerializesModels;
|
||||
|
||||
/**
|
||||
* Email алерт админу Лидерры о business-shortfall'е тенанта: snapshot ожидал
|
||||
* объём X, фактически доставили Y и (X-Y)/X > порога (20%).
|
||||
*
|
||||
* Отдельно от CsvDriftAlertMail — тот ловит webhook-loss (CSV vs БД),
|
||||
* этот — bizness-drift (snapshot.expected vs delivered).
|
||||
*
|
||||
* Stage 4 §4.4.4 R-05.
|
||||
*/
|
||||
final class TenantBusinessDriftAlertMail extends Mailable
|
||||
{
|
||||
use Queueable;
|
||||
use SerializesModels;
|
||||
|
||||
public function __construct(
|
||||
public readonly int $tenantId,
|
||||
public readonly string $snapshotDate,
|
||||
public readonly int $expected,
|
||||
public readonly int $delivered,
|
||||
public readonly float $shortfallRatio,
|
||||
public readonly CarbonInterface $windowStart,
|
||||
public readonly CarbonInterface $windowEnd,
|
||||
) {}
|
||||
|
||||
public function envelope(): Envelope
|
||||
{
|
||||
$pct = number_format($this->shortfallRatio * 100, 1, ',', ' ');
|
||||
|
||||
return new Envelope(
|
||||
subject: "Лидерра ↔ Поставщик: business-shortfall tenant #{$this->tenantId} за {$this->snapshotDate} ({$pct}%)",
|
||||
);
|
||||
}
|
||||
|
||||
public function content(): Content
|
||||
{
|
||||
return new Content(view: 'emails.tenant_business_drift_alert');
|
||||
}
|
||||
}
|
||||
@@ -0,0 +1,50 @@
|
||||
<?php
|
||||
|
||||
declare(strict_types=1);
|
||||
|
||||
namespace App\Mail;
|
||||
|
||||
use App\Models\Tenant;
|
||||
use App\Models\User;
|
||||
use Illuminate\Bus\Queueable;
|
||||
use Illuminate\Mail\Mailable;
|
||||
use Illuminate\Mail\Mailables\Content;
|
||||
use Illuminate\Mail\Mailables\Envelope;
|
||||
use Illuminate\Queue\SerializesModels;
|
||||
|
||||
/**
|
||||
* Email-уведомление о нулевом балансе и отклонении лидов (ТЗ §18.5,
|
||||
* событие zero_balance).
|
||||
*
|
||||
* Триггер: ProcessWebhookJob::logRejection(reason=zero_balance) — после
|
||||
* первого RejectedDealsLog в течение последнего часа (anti-spam: не больше
|
||||
* 1 email в час на тенант).
|
||||
*/
|
||||
class ZeroBalanceNotification extends Mailable
|
||||
{
|
||||
use Queueable;
|
||||
use SerializesModels;
|
||||
|
||||
public function __construct(
|
||||
public User $recipient,
|
||||
public Tenant $tenant,
|
||||
) {}
|
||||
|
||||
public function envelope(): Envelope
|
||||
{
|
||||
return new Envelope(
|
||||
subject: 'Лидерра. Баланс закончился — лиды отклоняются',
|
||||
);
|
||||
}
|
||||
|
||||
public function content(): Content
|
||||
{
|
||||
return new Content(
|
||||
view: 'emails.zero_balance',
|
||||
with: [
|
||||
'recipient' => $this->recipient,
|
||||
'tenant' => $this->tenant,
|
||||
],
|
||||
);
|
||||
}
|
||||
}
|
||||
@@ -40,8 +40,6 @@ class BalanceTransaction extends Model
|
||||
|
||||
public const TYPE_CHARGEBACK_REPAYMENT = 'chargeback_repayment';
|
||||
|
||||
public const TYPE_MIGRATION = 'migration';
|
||||
|
||||
public $timestamps = false;
|
||||
|
||||
protected $fillable = [
|
||||
|
||||
@@ -8,7 +8,7 @@ use Illuminate\Database\Eloquent\Model;
|
||||
use Illuminate\Database\Eloquent\Relations\BelongsTo;
|
||||
|
||||
/**
|
||||
* Webhook-job упавший после 3 ретраев (см. RouteSupplierLeadJob::failed()).
|
||||
* Webhook-job упавший после 3 ретраев (см. ProcessWebhookJob::failed()).
|
||||
*
|
||||
* Tenant-aware с RLS. Хранит raw payload + текст исключения для ручного
|
||||
* retry из админки SaaS (`retried_at`/`retried_by` заполняются админом).
|
||||
|
||||
@@ -29,8 +29,6 @@ use Illuminate\Support\Facades\DB;
|
||||
* @property string $deadline_at
|
||||
* @property string|null $completed_at
|
||||
* @property bool $processing_restricted
|
||||
*
|
||||
* @mixin IdeHelperPdSubjectRequest
|
||||
*/
|
||||
class PdSubjectRequest extends Model
|
||||
{
|
||||
|
||||
@@ -40,7 +40,6 @@ class Project extends Model
|
||||
'tag',
|
||||
'type',
|
||||
'is_active',
|
||||
'paused_at',
|
||||
'daily_limit_target',
|
||||
'effective_daily_limit_today',
|
||||
'effective_limit_calculated_at',
|
||||
@@ -64,15 +63,12 @@ class Project extends Model
|
||||
// Plan 2/5 Task 1 (schema v8.18): дневной счётчик доставленных лидов
|
||||
// (сбрасывается cron'ом в 00:00 МСК, используется LeadRouter'ом).
|
||||
'delivered_today',
|
||||
// Billing v2 Spec C: флаг точечной блокировки проекта по преfflight (NULL = не заблокирован).
|
||||
'preflight_blocked_at',
|
||||
];
|
||||
|
||||
protected function casts(): array
|
||||
{
|
||||
return [
|
||||
'is_active' => 'boolean',
|
||||
'paused_at' => 'datetime',
|
||||
'daily_limit_target' => 'integer',
|
||||
'effective_daily_limit_today' => 'integer',
|
||||
'region_mask' => 'integer',
|
||||
@@ -83,8 +79,6 @@ class Project extends Model
|
||||
'delivery_days_mask' => 'integer',
|
||||
'ttfr_target_minutes' => 'integer',
|
||||
'effective_limit_calculated_at' => 'datetime',
|
||||
// Billing v2 Spec C: флаг преfflight-блокировки проекта.
|
||||
'preflight_blocked_at' => 'datetime',
|
||||
'created_at' => 'datetime',
|
||||
'updated_at' => 'datetime',
|
||||
// Supplier integration:
|
||||
|
||||
@@ -0,0 +1,56 @@
|
||||
<?php
|
||||
|
||||
declare(strict_types=1);
|
||||
|
||||
namespace App\Models;
|
||||
|
||||
use Illuminate\Database\Eloquent\Model;
|
||||
use Illuminate\Database\Eloquent\Relations\BelongsTo;
|
||||
|
||||
/**
|
||||
* Лог отвергнутых webhook'ов (примеры reason: zero_balance, validation_failed).
|
||||
*
|
||||
* Хранится бессрочно (опционально 12 месяцев) — при пополнении баланса
|
||||
* админка SaaS может массово восстановить отвергнутые лиды.
|
||||
*
|
||||
* Tenant-aware с RLS. webhook_log_id — soft FK на webhook_log
|
||||
* (опциональный, NULL для прямых validation-отказов).
|
||||
*
|
||||
* Источник: db/schema.sql v8.7 §6, table `rejected_deals_log`.
|
||||
*
|
||||
* @mixin IdeHelperRejectedDealsLog
|
||||
*/
|
||||
class RejectedDealsLog extends Model
|
||||
{
|
||||
public const REASON_ZERO_BALANCE = 'zero_balance';
|
||||
|
||||
public const REASON_VALIDATION_FAILED = 'validation_failed';
|
||||
|
||||
public $timestamps = false;
|
||||
|
||||
protected $table = 'rejected_deals_log';
|
||||
|
||||
protected $fillable = [
|
||||
'tenant_id',
|
||||
'webhook_log_id',
|
||||
'reason',
|
||||
'payload',
|
||||
'created_at',
|
||||
];
|
||||
|
||||
protected function casts(): array
|
||||
{
|
||||
return [
|
||||
'tenant_id' => 'integer',
|
||||
'webhook_log_id' => 'integer',
|
||||
'payload' => 'array',
|
||||
'created_at' => 'datetime',
|
||||
];
|
||||
}
|
||||
|
||||
/** @return BelongsTo<Tenant, $this> */
|
||||
public function tenant(): BelongsTo
|
||||
{
|
||||
return $this->belongsTo(Tenant::class);
|
||||
}
|
||||
}
|
||||
@@ -11,8 +11,8 @@ use Illuminate\Database\Eloquent\Relations\BelongsTo;
|
||||
* Себестоимость каждого лида (Ю-2: реселлерская модель).
|
||||
*
|
||||
* Партиционирована по `received_at` синхронно с `deals` — composite PK
|
||||
* (id, received_at). Создаётся в `LedgerService::chargeForDelivery` в той же
|
||||
* транзакции, что и Deal + BalanceTransaction.
|
||||
* (id, received_at). В `ProcessWebhookJob` создаётся в той же транзакции,
|
||||
* что и Deal + BalanceTransaction.
|
||||
*
|
||||
* cost_rub — snapshot suppliers.cost_rub на момент приёма (исторические
|
||||
* записи не пересчитываются при изменении закупочной цены, см. §20.12.5).
|
||||
|
||||
@@ -1,30 +0,0 @@
|
||||
<?php
|
||||
|
||||
declare(strict_types=1);
|
||||
|
||||
namespace App\Models;
|
||||
|
||||
use Illuminate\Database\Eloquent\Model;
|
||||
|
||||
/**
|
||||
* Замок «поставка ↔ клиент» (Billing v2 Spec B). Композитный PK без автоинкремента.
|
||||
*
|
||||
* Пишется в шеринг-пути (RouteSupplierLeadJob) через insertOrIgnore под RLS-контекстом.
|
||||
*
|
||||
* @property int $supplier_lead_id
|
||||
* @property int $tenant_id
|
||||
* @property int|null $deal_id
|
||||
* @property string $created_at
|
||||
*
|
||||
* @mixin IdeHelperSupplierLeadDelivery
|
||||
*/
|
||||
class SupplierLeadDelivery extends Model
|
||||
{
|
||||
public $incrementing = false;
|
||||
|
||||
public $timestamps = false;
|
||||
|
||||
protected $primaryKey = null;
|
||||
|
||||
protected $fillable = ['supplier_lead_id', 'tenant_id', 'deal_id', 'created_at'];
|
||||
}
|
||||
@@ -25,8 +25,6 @@ use Illuminate\Support\Carbon;
|
||||
* @property int|null $resolved_by_user_id
|
||||
* @property Carbon|null $created_at
|
||||
* @property Carbon|null $resolved_at
|
||||
*
|
||||
* @mixin IdeHelperSupplierManualSyncQueue
|
||||
*/
|
||||
class SupplierManualSyncQueue extends Model
|
||||
{
|
||||
|
||||
@@ -10,7 +10,6 @@ use Illuminate\Database\Eloquent\Model;
|
||||
use Illuminate\Database\Eloquent\Relations\BelongsTo;
|
||||
use Illuminate\Database\Eloquent\Relations\HasMany;
|
||||
use Illuminate\Database\Eloquent\SoftDeletes;
|
||||
use Illuminate\Support\Facades\DB;
|
||||
|
||||
/**
|
||||
* Тенант — клиент SaaS-портала Лидерра.
|
||||
@@ -32,6 +31,8 @@ class Tenant extends Model
|
||||
'subdomain',
|
||||
'organization_name',
|
||||
'contact_email',
|
||||
'webhook_token',
|
||||
'webhook_token_rotated_at',
|
||||
'timezone',
|
||||
'locale',
|
||||
'current_tariff_id',
|
||||
@@ -45,7 +46,6 @@ class Tenant extends Model
|
||||
'delivered_in_month',
|
||||
'api_key_limit',
|
||||
'limits',
|
||||
'frozen_by_balance_at',
|
||||
];
|
||||
|
||||
protected function casts(): array
|
||||
@@ -61,10 +61,9 @@ class Tenant extends Model
|
||||
'api_key_limit' => 'integer',
|
||||
// JSONB: {"max_users":5,"max_projects":10,"api_rps":60}
|
||||
'limits' => 'array',
|
||||
'webhook_token_rotated_at' => 'datetime',
|
||||
'last_activity_at' => 'datetime',
|
||||
'last_webhook_at' => 'datetime',
|
||||
// Billing v2 Spec C: флаг заморозки по балансу (NULL = не заморожен).
|
||||
'frozen_by_balance_at' => 'datetime',
|
||||
'created_at' => 'datetime',
|
||||
'updated_at' => 'datetime',
|
||||
'deleted_at' => 'datetime',
|
||||
@@ -83,77 +82,6 @@ class Tenant extends Model
|
||||
return $this->hasMany(Project::class);
|
||||
}
|
||||
|
||||
/**
|
||||
* Сумма daily_limit_target активных проектов — «сколько лидов клиент хочет в день».
|
||||
* Используется преfflight'ом (Billing v2 Spec C §3.3) как requiredLeads.
|
||||
*
|
||||
* NB: фильтр по `is_active` (boolean), не `status` — у projects нет колонки status.
|
||||
*/
|
||||
public function requiredLeadsForTomorrow(): int
|
||||
{
|
||||
// R-19 (Stage 4 §4.4.3): share-aware preflight. For each active project
|
||||
// count the tenant's PROPORTIONAL share of the supplier group order (not
|
||||
// the raw daily_limit_target), since the supplier caps the group at
|
||||
// max(max(limits), ceil(Σ/3)) and splits it across all clients sharing
|
||||
// the same signal_identifier. Legacy projects (signal_type=null —
|
||||
// webhook-only, no supplier sharing) still count their full limit.
|
||||
$projects = $this->projects()->where('is_active', true)->get();
|
||||
if ($projects->isEmpty()) {
|
||||
return 0;
|
||||
}
|
||||
|
||||
$total = 0;
|
||||
foreach ($projects as $p) {
|
||||
// Webhook-only legacy projects don't participate in supplier sharing.
|
||||
if (! in_array($p->signal_type, ['site', 'call', 'sms'], true)) {
|
||||
$total += (int) $p->daily_limit_target;
|
||||
|
||||
continue;
|
||||
}
|
||||
|
||||
$groupLimits = DB::connection('pgsql_supplier')
|
||||
->table('projects')
|
||||
->where('is_active', true)
|
||||
->where('signal_type', $p->signal_type)
|
||||
->where(function ($q) use ($p): void {
|
||||
if (in_array($p->signal_type, ['site', 'call'], true)) {
|
||||
$q->where('signal_identifier', $p->signal_identifier);
|
||||
} else {
|
||||
// sms: agnostic group is (first sender, keyword-or-NULL).
|
||||
$firstSender = (string) ($p->sms_senders[0] ?? '');
|
||||
$q->whereJsonContains('sms_senders', $firstSender);
|
||||
if ($p->sms_keyword !== null && $p->sms_keyword !== '') {
|
||||
$q->where('sms_keyword', $p->sms_keyword);
|
||||
} else {
|
||||
$q->whereNull('sms_keyword');
|
||||
}
|
||||
}
|
||||
})
|
||||
->pluck('daily_limit_target')
|
||||
->all();
|
||||
|
||||
if ($groupLimits === []) {
|
||||
// Edge: project not yet visible from pgsql_supplier view (cross-conn race).
|
||||
// Conservatively count full limit — avoids underestimating preflight.
|
||||
$total += (int) $p->daily_limit_target;
|
||||
|
||||
continue;
|
||||
}
|
||||
|
||||
$intLimits = array_map('intval', $groupLimits);
|
||||
$sum = (int) array_sum($intLimits);
|
||||
$max = (int) max($intLimits);
|
||||
$groupOrder = max($max, (int) ceil($sum / 3));
|
||||
|
||||
if ($sum > 0) {
|
||||
$share = (int) ceil($groupOrder * ((int) $p->daily_limit_target / $sum));
|
||||
$total += $share;
|
||||
}
|
||||
}
|
||||
|
||||
return $total;
|
||||
}
|
||||
|
||||
/** @return BelongsTo<TariffPlan, $this> */
|
||||
public function tariff(): BelongsTo
|
||||
{
|
||||
|
||||
@@ -1,104 +0,0 @@
|
||||
<?php
|
||||
|
||||
declare(strict_types=1);
|
||||
|
||||
namespace App\Services\Audit;
|
||||
|
||||
use InvalidArgumentException;
|
||||
|
||||
/**
|
||||
* Shared config hash-chain for 6 audit tables.
|
||||
*
|
||||
* Single source of truth for writer (db/schema.sql trigger audit_chain_hash()),
|
||||
* verify (App\Console\Commands\VerifyAuditChains) and rebuild
|
||||
* (App\Console\Commands\AuditRebuildChain).
|
||||
*
|
||||
* ADR-018: per-tenant via RLS scope for tenant tables,
|
||||
* global for BYPASSRLS tables.
|
||||
*
|
||||
* columns: list in ordinal_position order from db/schema.sql.
|
||||
* '__log_hash__' -- marker for log_hash position -> NULL::bytea in ROW().
|
||||
*
|
||||
* partition: SQL fragment for OVER (PARTITION BY ... ORDER BY id),
|
||||
* reproducing the RLS-scope of the trigger.
|
||||
* '' = global chain within partition (for BYPASSRLS tables).
|
||||
*/
|
||||
final class AuditChainConfig
|
||||
{
|
||||
/**
|
||||
* @var array<string, array{columns: list<string>, partition: string}>
|
||||
*/
|
||||
public const TABLES = [
|
||||
'auth_log' => [
|
||||
'columns' => [
|
||||
'id', 'actor_type', 'tenant_id', 'user_id', 'saas_admin_user_id',
|
||||
'email', 'event', 'ip_address', 'user_agent', 'failure_reason',
|
||||
'__log_hash__', 'created_at',
|
||||
],
|
||||
'partition' => '',
|
||||
],
|
||||
'activity_log' => [
|
||||
'columns' => [
|
||||
'id', 'tenant_id', 'user_id', 'deal_id', 'event',
|
||||
'old_value', 'new_value', 'context', 'ip_address', 'user_agent',
|
||||
'__log_hash__', 'created_at',
|
||||
],
|
||||
'partition' => 'PARTITION BY tenant_id',
|
||||
],
|
||||
'tenant_operations_log' => [
|
||||
'columns' => [
|
||||
'id', 'tenant_id', 'user_id', 'entity_type', 'entity_id',
|
||||
'event', 'payload_before', 'payload_after', 'ip_address', 'user_agent',
|
||||
'__log_hash__', 'created_at',
|
||||
],
|
||||
'partition' => 'PARTITION BY tenant_id',
|
||||
],
|
||||
'balance_transactions' => [
|
||||
'columns' => [
|
||||
'id', 'tenant_id', 'type', 'amount_rub', 'amount_leads',
|
||||
'balance_rub_after', 'balance_leads_after', 'description',
|
||||
'related_type', 'related_id', 'user_id', 'admin_user_id',
|
||||
'__log_hash__', 'created_at',
|
||||
],
|
||||
'partition' => 'PARTITION BY tenant_id',
|
||||
],
|
||||
'pd_processing_log' => [
|
||||
'columns' => [
|
||||
'id', 'tenant_id', 'subject_type', 'subject_id', 'action',
|
||||
'purpose', 'actor_tenant_user_id', 'actor_admin_user_id', 'ip_address',
|
||||
'__log_hash__', 'created_at',
|
||||
],
|
||||
'partition' => 'PARTITION BY tenant_id',
|
||||
],
|
||||
'saas_admin_audit_log' => [
|
||||
'columns' => [
|
||||
'id', 'admin_user_id', 'action', 'target_type', 'target_id',
|
||||
'target_tenant_id', 'payload_before', 'payload_after', 'reason',
|
||||
'ip_address', 'user_agent', 'requires_approval', 'approved_by', 'approved_at',
|
||||
'__log_hash__', 'created_at',
|
||||
],
|
||||
'partition' => '',
|
||||
],
|
||||
];
|
||||
|
||||
/**
|
||||
* Build ROW(col1, col2, ..., NULL::bytea, ..., coln) with NULL::bytea at log_hash position.
|
||||
*
|
||||
* @throws InvalidArgumentException if table is not registered in TABLES
|
||||
*/
|
||||
public static function rowExpression(string $table): string
|
||||
{
|
||||
if (! isset(self::TABLES[$table])) {
|
||||
throw new InvalidArgumentException(
|
||||
"Table '{$table}' is not registered in AuditChainConfig::TABLES"
|
||||
);
|
||||
}
|
||||
|
||||
$parts = [];
|
||||
foreach (self::TABLES[$table]['columns'] as $col) {
|
||||
$parts[] = ($col === '__log_hash__') ? 'NULL::bytea' : "t.{$col}";
|
||||
}
|
||||
|
||||
return 'ROW('.implode(', ', $parts).')';
|
||||
}
|
||||
}
|
||||
@@ -1,49 +0,0 @@
|
||||
<?php
|
||||
|
||||
declare(strict_types=1);
|
||||
|
||||
namespace App\Services\Billing;
|
||||
|
||||
use App\Models\PricingTier;
|
||||
use Illuminate\Database\Eloquent\Collection;
|
||||
|
||||
/**
|
||||
* Pure: проходит ли клиент преfflight — хватает ли баланса на ПОЛНЫЙ дневной
|
||||
* лимит всех его eligible-проектов по текущему тарифу.
|
||||
*
|
||||
* Сравнение в ЛИДАХ (capacity vs required), не в рублях — переиспользует
|
||||
* BalanceToLeadsConverter::convert, который учитывает 7 ступеней и накопленный
|
||||
* месячный объём (deliveredInMonth).
|
||||
*
|
||||
* Spec: docs/superpowers/specs/2026-05-24-billing-v2-spec-c-preflight-vtb-design.md §3.3
|
||||
*/
|
||||
final class BalancePreflightService
|
||||
{
|
||||
public function __construct(
|
||||
private readonly BalanceToLeadsConverter $converter = new BalanceToLeadsConverter,
|
||||
) {}
|
||||
|
||||
/**
|
||||
* @param Collection<int, PricingTier> $tiers
|
||||
*/
|
||||
public function evaluate(
|
||||
string $balanceRub,
|
||||
int $deliveredInMonth,
|
||||
int $requiredLeads,
|
||||
Collection $tiers,
|
||||
): PreflightResult {
|
||||
if ($requiredLeads <= 0) {
|
||||
return new PreflightResult(true, 0, 0, 0);
|
||||
}
|
||||
|
||||
$capacity = (int) $this->converter->convert($balanceRub, $deliveredInMonth, $tiers)['leads'];
|
||||
$passes = $capacity >= $requiredLeads;
|
||||
|
||||
return new PreflightResult(
|
||||
passes: $passes,
|
||||
requiredLeads: $requiredLeads,
|
||||
capacityLeads: $capacity,
|
||||
deficitLeads: $passes ? 0 : ($requiredLeads - $capacity),
|
||||
);
|
||||
}
|
||||
}
|
||||
@@ -1,143 +0,0 @@
|
||||
<?php
|
||||
|
||||
declare(strict_types=1);
|
||||
|
||||
namespace App\Services\Billing;
|
||||
|
||||
use App\Models\PricingTier;
|
||||
use Illuminate\Database\Eloquent\Collection;
|
||||
|
||||
/**
|
||||
* Pure: «при балансе ₽ и доставленных в этом месяце N — сколько лидов клиент
|
||||
* получит, проходя ступени pricing_tiers».
|
||||
*
|
||||
* Все мутации денег — bcmath (string-int копейки), без PHP float.
|
||||
*
|
||||
* Spec: docs/superpowers/specs/2026-05-23-billing-v2-spec-a-balance-rub-design.md §3.3.1
|
||||
*/
|
||||
final class BalanceToLeadsConverter
|
||||
{
|
||||
/**
|
||||
* @param Collection<int, PricingTier> $tiers
|
||||
* @return array{
|
||||
* leads: int,
|
||||
* breakdown: list<array{tier_no:int, leads:int, price_rub:string}>,
|
||||
* current_tier: array{no:int, price_rub:string, leads_left_in_tier:int}|null,
|
||||
* next_tier: array{no:int, price_rub:string, leads_in_tier:int}|null
|
||||
* }
|
||||
*/
|
||||
public function convert(string $balanceRub, int $deliveredInMonth, Collection $tiers): array
|
||||
{
|
||||
$balanceKopecks = bcmul($balanceRub, '100', 0);
|
||||
/** @var Collection<int, PricingTier> $sorted */
|
||||
$sorted = $tiers
|
||||
->filter(fn (PricingTier $t) => (bool) $t->is_active)
|
||||
->sortBy('tier_no')
|
||||
->values();
|
||||
|
||||
$totalLeads = 0;
|
||||
$breakdown = [];
|
||||
$cumulative = 0;
|
||||
$currentTier = null;
|
||||
$currentTierIndex = null;
|
||||
|
||||
foreach ($sorted as $index => $tier) {
|
||||
$tierCap = $tier->leads_in_tier === null ? PHP_INT_MAX : (int) $tier->leads_in_tier;
|
||||
$tierEnd = $cumulative + $tierCap;
|
||||
|
||||
// «Текущая ступень» — первая ступень, в которую попадает следующий лид
|
||||
// (deliveredInMonth + 1), т.е. первая где deliveredInMonth < tierEnd.
|
||||
if ($currentTier === null && $deliveredInMonth < $tierEnd) {
|
||||
$slotsLeftForInfo = $tier->leads_in_tier === null
|
||||
? PHP_INT_MAX
|
||||
: max(0, $tierEnd - max($cumulative, $deliveredInMonth));
|
||||
$currentTier = [
|
||||
'no' => (int) $tier->tier_no,
|
||||
'price_rub' => self::kopecksToRub((int) $tier->price_per_lead_kopecks),
|
||||
'leads_left_in_tier' => $slotsLeftForInfo,
|
||||
];
|
||||
$currentTierIndex = $index;
|
||||
}
|
||||
|
||||
// Слоты в этой ступени, доступные для новых лидов
|
||||
$slotsLeftInTier = max(0, $tierEnd - max($cumulative, $deliveredInMonth));
|
||||
if ($slotsLeftInTier <= 0) {
|
||||
$cumulative = $tierEnd;
|
||||
|
||||
continue;
|
||||
}
|
||||
|
||||
$priceKopecks = (int) $tier->price_per_lead_kopecks;
|
||||
if ($priceKopecks <= 0) {
|
||||
$totalLeads += $slotsLeftInTier;
|
||||
$breakdown[] = [
|
||||
'tier_no' => (int) $tier->tier_no,
|
||||
'leads' => $slotsLeftInTier,
|
||||
'price_rub' => '0.00',
|
||||
];
|
||||
if ($tier->leads_in_tier === null) {
|
||||
break;
|
||||
}
|
||||
$cumulative = $tierEnd;
|
||||
|
||||
continue;
|
||||
}
|
||||
|
||||
$affordableInTier = (int) bcdiv($balanceKopecks, (string) $priceKopecks, 0);
|
||||
$take = min($slotsLeftInTier, $affordableInTier);
|
||||
|
||||
if ($take > 0) {
|
||||
$totalLeads += $take;
|
||||
$breakdown[] = [
|
||||
'tier_no' => (int) $tier->tier_no,
|
||||
'leads' => $take,
|
||||
'price_rub' => self::kopecksToRub($priceKopecks),
|
||||
];
|
||||
$balanceKopecks = bcsub(
|
||||
$balanceKopecks,
|
||||
bcmul((string) $priceKopecks, (string) $take, 0),
|
||||
0
|
||||
);
|
||||
}
|
||||
|
||||
if ($take < $slotsLeftInTier) {
|
||||
// Balance exhausted within this tier — stop
|
||||
break;
|
||||
}
|
||||
|
||||
if ($tier->leads_in_tier === null) {
|
||||
// Unlimited tier fully consumed (shouldn't happen with real balance)
|
||||
break;
|
||||
}
|
||||
|
||||
$cumulative = $tierEnd;
|
||||
}
|
||||
|
||||
// next_tier: the first active tier whose tier_no > current_tier, if any
|
||||
$nextTier = null;
|
||||
if ($currentTier !== null && $currentTierIndex !== null) {
|
||||
for ($i = $currentTierIndex + 1; $i < $sorted->count(); $i++) {
|
||||
/** @var PricingTier $candidate */
|
||||
$candidate = $sorted[$i];
|
||||
$nextTier = [
|
||||
'no' => (int) $candidate->tier_no,
|
||||
'price_rub' => self::kopecksToRub((int) $candidate->price_per_lead_kopecks),
|
||||
'leads_in_tier' => $candidate->leads_in_tier === null ? 0 : (int) $candidate->leads_in_tier,
|
||||
];
|
||||
break;
|
||||
}
|
||||
}
|
||||
|
||||
return [
|
||||
'leads' => $totalLeads,
|
||||
'breakdown' => $breakdown,
|
||||
'current_tier' => $currentTier,
|
||||
'next_tier' => $nextTier,
|
||||
];
|
||||
}
|
||||
|
||||
private static function kopecksToRub(int $kopecks): string
|
||||
{
|
||||
return bcdiv((string) $kopecks, '100', 2);
|
||||
}
|
||||
}
|
||||
@@ -7,14 +7,12 @@ namespace App\Services\Billing;
|
||||
use App\Models\PricingTier;
|
||||
|
||||
/**
|
||||
* Read-only DTO с результатом charge'а: снимок ступени и цена в копейках.
|
||||
*
|
||||
* Billing v2 Spec A: поле `$source` убрано (prepaid-ветка ликвидирована,
|
||||
* все списания всегда rub). Источник списания смотри в `LeadCharge::charge_source`.
|
||||
* Read-only DTO с результатом charge'а: source (prepaid/rub), снимок ступени, цена в копейках.
|
||||
*/
|
||||
final readonly class ChargeResult
|
||||
{
|
||||
public function __construct(
|
||||
public string $source,
|
||||
public PricingTier $tier,
|
||||
public int $priceKopecks,
|
||||
) {}
|
||||
|
||||
@@ -19,15 +19,14 @@ use Illuminate\Support\Facades\DB;
|
||||
* Командный сервис биллинга на горячем пути доставки лида.
|
||||
*
|
||||
* Контракт: вызывается ВНУТРИ открытой DB-транзакции под lockForUpdate(Tenant).
|
||||
* Применяет always-rub flow (Billing v2 Spec A — prepaid-лиды ликвидированы):
|
||||
* Применяет dual-balance flow:
|
||||
* 1. tier-lookup по tenants.delivered_in_month + 1
|
||||
* 2. bcmath проверка balance_rub × 100 ≥ priceKopecks; иначе throw
|
||||
* 3. balance_rub -= price/100 (bcmath)
|
||||
* 4. INSERT lead_charges (charge_source='rub')
|
||||
* 5. INSERT balance_transactions (amount_leads=null, amount_rub отрицательное)
|
||||
* 6. INSERT supplier_lead_costs (gap-fix sharing-flow)
|
||||
* 2. prepaid: balance_leads--, lead_charges (price=0)
|
||||
* 3. rub: balance_rub -= price/100 (bcmath), lead_charges (price=tier)
|
||||
* 4. INSERT supplier_lead_costs (gap-fix sharing-flow)
|
||||
* 5. INSERT balance_transactions (universal ledger движения баланса)
|
||||
*
|
||||
* Spec: docs/superpowers/specs/2026-05-23-billing-v2-spec-a-balance-rub-design.md §4.2
|
||||
* Spec: docs/superpowers/specs/2026-05-11-plan4-billing-csv-admin-design.md §3
|
||||
*/
|
||||
final class LedgerService
|
||||
{
|
||||
@@ -37,7 +36,7 @@ final class LedgerService
|
||||
) {}
|
||||
|
||||
/**
|
||||
* @throws InsufficientBalanceException когда balance_rub * 100 < priceKopecks.
|
||||
* @throws InsufficientBalanceException когда balance_leads=0 AND balance_rub*100<priceKopecks.
|
||||
* До throw НЕ модифицирует tenant/charges/transactions/costs.
|
||||
*
|
||||
* @precondition caller wraps in DB::transaction with lockForUpdate($lockedTenant).
|
||||
@@ -49,66 +48,54 @@ final class LedgerService
|
||||
Deal $deal,
|
||||
?SupplierLead $lead = null,
|
||||
): ChargeResult {
|
||||
// 1. tier-resolution для (delivered_in_month + 1)-го лида
|
||||
$activeTiers = $this->tiers->activeAt(Carbon::now('Europe/Moscow'));
|
||||
$tier = $this->resolver->resolveForCount(
|
||||
$activeTiers,
|
||||
($lockedTenant->delivered_in_month ?? 0) + 1
|
||||
);
|
||||
$tier = $this->resolver->resolveForCount($activeTiers, ($lockedTenant->delivered_in_month ?? 0) + 1);
|
||||
$priceKopecks = (int) $tier->price_per_lead_kopecks;
|
||||
|
||||
// R-03 (Stage 3 §4.3.1): frozen tenant must not receive new charges even
|
||||
// if balance_rub > 0. Throwing here triggers the same auto-pause flow as
|
||||
// InsufficientBalance — RouteSupplierLeadJob::handleInsufficientBalance
|
||||
// flips projects.is_active=false and queues ZeroBalancePausedMail rate-limited.
|
||||
if ($lockedTenant->frozen_by_balance_at !== null) {
|
||||
throw new InsufficientBalanceException(
|
||||
priceKopecks: $priceKopecks,
|
||||
balanceRub: (string) $lockedTenant->balance_rub,
|
||||
);
|
||||
// 2. Decide chargeSource (bcmath — НЕ PHP float)
|
||||
$source = $this->decideSource($lockedTenant, $priceKopecks);
|
||||
|
||||
// 3. Apply (bcmath для money; raw DB::update — Eloquent decrement() требует float|int,
|
||||
// что несовместимо с string-precision arithmetic для копеек/рублей).
|
||||
if ($source === 'prepaid') {
|
||||
$lockedTenant->decrement('balance_leads', 1);
|
||||
} else {
|
||||
$amountRub = bcdiv((string) $priceKopecks, '100', 2);
|
||||
$newBalanceRub = bcsub((string) $lockedTenant->balance_rub, $amountRub, 2);
|
||||
DB::table('tenants')
|
||||
->where('id', $lockedTenant->id)
|
||||
->update(['balance_rub' => $newBalanceRub]);
|
||||
}
|
||||
|
||||
// bcmath: balance_rub × 100 ≥ priceKopecks — единственный путь списания.
|
||||
// Billing v2 Spec A: prepaid-лиды убраны, balance_leads НЕ читается и НЕ изменяется.
|
||||
$balanceKopecks = bcmul((string) $lockedTenant->balance_rub, '100', 0);
|
||||
if (bccomp($balanceKopecks, (string) $priceKopecks, 0) < 0) {
|
||||
throw new InsufficientBalanceException(
|
||||
priceKopecks: $priceKopecks,
|
||||
balanceRub: (string) $lockedTenant->balance_rub,
|
||||
);
|
||||
}
|
||||
|
||||
$amountRub = bcdiv((string) $priceKopecks, '100', 2);
|
||||
$newBalanceRub = bcsub((string) $lockedTenant->balance_rub, $amountRub, 2);
|
||||
DB::table('tenants')
|
||||
->where('id', $lockedTenant->id)
|
||||
->update(['balance_rub' => $newBalanceRub]);
|
||||
|
||||
$lockedTenant->increment('delivered_in_month', 1);
|
||||
$lockedTenant->refresh();
|
||||
|
||||
// 4. INSERT lead_charges (always)
|
||||
LeadCharge::create([
|
||||
'tenant_id' => $lockedTenant->id,
|
||||
'deal_id' => $deal->id,
|
||||
'deal_received_at' => $deal->received_at,
|
||||
'tier_no' => $tier->tier_no,
|
||||
'price_per_lead_kopecks' => $priceKopecks,
|
||||
'charge_source' => 'rub',
|
||||
'price_per_lead_kopecks' => $source === 'prepaid' ? 0 : $priceKopecks,
|
||||
'charge_source' => $source,
|
||||
'charged_at' => now(),
|
||||
'created_at' => now(),
|
||||
]);
|
||||
|
||||
// 5. INSERT balance_transactions (универсальный ledger)
|
||||
BalanceTransaction::create([
|
||||
'tenant_id' => $lockedTenant->id,
|
||||
'type' => BalanceTransaction::TYPE_LEAD_CHARGE,
|
||||
'amount_leads' => null,
|
||||
'amount_rub' => '-'.$amountRub,
|
||||
'balance_leads_after' => null,
|
||||
'amount_leads' => $source === 'prepaid' ? -1 : 0,
|
||||
'amount_rub' => $source === 'rub' ? '-'.bcdiv((string) $priceKopecks, '100', 2) : '0.00',
|
||||
'balance_leads_after' => (int) $lockedTenant->balance_leads,
|
||||
'balance_rub_after' => (string) $lockedTenant->balance_rub,
|
||||
'related_type' => Deal::class,
|
||||
'related_id' => $deal->id,
|
||||
'created_at' => now(),
|
||||
]);
|
||||
|
||||
// 6. INSERT supplier_lead_costs (gap-fix Plan 2/3 sharing-flow)
|
||||
if ($lead !== null) {
|
||||
$supplierId = $this->resolveSupplierId($lead);
|
||||
if ($supplierId !== null) {
|
||||
@@ -124,7 +111,26 @@ final class LedgerService
|
||||
}
|
||||
}
|
||||
|
||||
return new ChargeResult($tier, $priceKopecks);
|
||||
return new ChargeResult($source, $tier, $source === 'prepaid' ? 0 : $priceKopecks);
|
||||
}
|
||||
|
||||
private function decideSource(Tenant $tenant, int $priceKopecks): string
|
||||
{
|
||||
if ((int) $tenant->balance_leads >= 1) {
|
||||
return 'prepaid';
|
||||
}
|
||||
|
||||
// bcmath: balance_rub (DECIMAL string) * 100 ≥ priceKopecks → можем списать rub
|
||||
$balanceKopecks = bcmul((string) $tenant->balance_rub, '100', 0);
|
||||
if (bccomp($balanceKopecks, (string) $priceKopecks, 0) >= 0) {
|
||||
return 'rub';
|
||||
}
|
||||
|
||||
throw new InsufficientBalanceException(
|
||||
priceKopecks: $priceKopecks,
|
||||
balanceRub: (string) $tenant->balance_rub,
|
||||
balanceLeads: (int) $tenant->balance_leads,
|
||||
);
|
||||
}
|
||||
|
||||
/**
|
||||
@@ -139,17 +145,10 @@ final class LedgerService
|
||||
{
|
||||
if ($lead->supplier_project_id !== null) {
|
||||
$sp = DB::table('supplier_projects')->where('id', $lead->supplier_project_id)->first();
|
||||
if ($sp !== null) {
|
||||
if (in_array($sp->platform, ['B1', 'B2', 'B3'], true)) {
|
||||
$supplier = Supplier::where('code', strtolower($sp->platform))->first();
|
||||
if ($supplier !== null) {
|
||||
return (int) $supplier->id;
|
||||
}
|
||||
}
|
||||
if ($sp->platform === 'DIRECT') {
|
||||
$supplier = Supplier::where('code', 'direct')->first();
|
||||
|
||||
return $supplier?->id;
|
||||
if ($sp !== null && in_array($sp->platform, ['B1', 'B2', 'B3'], true)) {
|
||||
$supplier = Supplier::where('code', strtolower($sp->platform))->first();
|
||||
if ($supplier !== null) {
|
||||
return (int) $supplier->id;
|
||||
}
|
||||
}
|
||||
}
|
||||
@@ -161,12 +160,6 @@ final class LedgerService
|
||||
|
||||
return $supplier?->id;
|
||||
}
|
||||
// Phase 3: project без B-префикса (и не пустой) → DIRECT.
|
||||
if ($project !== '') {
|
||||
$supplier = Supplier::where('code', 'direct')->first();
|
||||
|
||||
return $supplier?->id;
|
||||
}
|
||||
|
||||
return null;
|
||||
}
|
||||
|
||||
@@ -1,20 +0,0 @@
|
||||
<?php
|
||||
|
||||
declare(strict_types=1);
|
||||
|
||||
namespace App\Services\Billing;
|
||||
|
||||
/**
|
||||
* Результат преfflight-проверки платёжеспособности тенанта (Billing v2 Spec C).
|
||||
*
|
||||
* Spec: docs/superpowers/specs/2026-05-24-billing-v2-spec-c-preflight-vtb-design.md §3.3
|
||||
*/
|
||||
final class PreflightResult
|
||||
{
|
||||
public function __construct(
|
||||
public readonly bool $passes,
|
||||
public readonly int $requiredLeads,
|
||||
public readonly int $capacityLeads,
|
||||
public readonly int $deficitLeads,
|
||||
) {}
|
||||
}
|
||||
@@ -0,0 +1,54 @@
|
||||
<?php
|
||||
|
||||
declare(strict_types=1);
|
||||
|
||||
namespace App\Services;
|
||||
|
||||
use App\Models\Deal;
|
||||
use Illuminate\Support\Carbon;
|
||||
|
||||
/**
|
||||
* Антифрод-дедуп лидов по `(tenant_id, phone)` в окне 24 ч (Биз-19, §10.8.1).
|
||||
*
|
||||
* Цель: в pay-per-lead-сегменте поставщик может прислать одно физлицо дважды
|
||||
* (двойной submit формы / повторный звонок) — без защиты клиент платит за оба.
|
||||
*
|
||||
* Стратегия: ищем master-сделку (запись без `duplicate_of_id`) с тем же
|
||||
* `(tenant_id, phone)` и `received_at >= NOW() - INTERVAL '24 hours'`.
|
||||
* Если найдена — новая сделка получает `duplicate_of_id = master.id` и
|
||||
* НЕ списывает с баланса.
|
||||
*
|
||||
* Окно фиксированное 24 ч (не настраивается на MVP) — компромисс между
|
||||
* антифродом и легитимными повторными интересами.
|
||||
*
|
||||
* Цепочки не строятся: дубль ссылается ТОЛЬКО на master (запись без
|
||||
* `duplicate_of_id`), не на другой дубль. Если master найден среди дублей —
|
||||
* берётся его собственный `duplicate_of_id` (root master).
|
||||
*
|
||||
* Performance: существующий индекс `(tenant_id, phone)` достаточен, см. §10.8.1.
|
||||
*/
|
||||
class DuplicateDetector
|
||||
{
|
||||
public const WINDOW_HOURS = 24;
|
||||
|
||||
/**
|
||||
* Поиск master-сделки для (tenantId, phone) в окне 24 ч.
|
||||
*
|
||||
* Возвращает Deal-объект master'а либо null если master не найден.
|
||||
* Текущий момент `now` параметризуется для тестируемости — в production
|
||||
* по умолчанию `Carbon::now()`.
|
||||
*/
|
||||
public function findMaster(int $tenantId, string $phone, ?Carbon $now = null): ?Deal
|
||||
{
|
||||
$now ??= Carbon::now();
|
||||
$windowStart = $now->copy()->subHours(self::WINDOW_HOURS);
|
||||
|
||||
return Deal::query()
|
||||
->where('tenant_id', $tenantId)
|
||||
->where('phone', $phone)
|
||||
->where('received_at', '>=', $windowStart)
|
||||
->whereNull('duplicate_of_id')
|
||||
->orderBy('received_at')
|
||||
->first();
|
||||
}
|
||||
}
|
||||
@@ -95,7 +95,7 @@ final class CsvLeadsParser
|
||||
return null;
|
||||
}
|
||||
|
||||
// Префикс B[123]_ из названия проекта срезается (паритет с RouteSupplierLeadJob парсером).
|
||||
// Префикс B[123]_ из названия проекта срезается (паритет с ProcessWebhookJob).
|
||||
$projectName = (string) preg_replace('/^B[123]_/', '', trim($project));
|
||||
if ($projectName === '') {
|
||||
$errors[] = ['line' => $dataLine, 'message' => 'Пустое название проекта'];
|
||||
|
||||
+30
-138
@@ -8,23 +8,13 @@ use App\Models\Project;
|
||||
use App\Models\SupplierProject;
|
||||
use Illuminate\Support\Carbon;
|
||||
use Illuminate\Support\Collection;
|
||||
use Illuminate\Support\Facades\DB;
|
||||
use Illuminate\Support\Facades\Log;
|
||||
|
||||
/**
|
||||
* Подбор eligible Лидерра-проектов для входящего лида (sharing-model §6).
|
||||
*
|
||||
* Eligibility — структурно через snapshot `project_routing_snapshots` за активную
|
||||
* дату слепка (slepok-инвариант): до 21:00 МСК активен snapshot сегодняшней даты,
|
||||
* с 21:00 МСК — завтрашней. Все эффективные параметры маршрутизации
|
||||
* (daily_limit, delivery_days_mask, regions, signal_type/signal_identifier и т.д.)
|
||||
* берутся из snapshot. Из live `projects` — только `delivered_today` (счётчик
|
||||
* остатка лимита, обновляется в течение дня) и из `tenants` — `balance_rub`
|
||||
* (live auto-pause при нулевом балансе).
|
||||
*
|
||||
* Это закрывает R-01..R-04, R-06..R-08, R-15 (spec §1.3) — клиент Лидерры,
|
||||
* который paus'нул проект ПОСЛЕ зафиксированного слепка поставщика, всё равно
|
||||
* получает свои оплаченные лиды по уже зафиксированному slepok'у.
|
||||
* Eligibility — структурно через pivot project_supplier_links: проект eligible,
|
||||
* если связан с пришедшим supplier_project (= источник × субъект) + активен +
|
||||
* сегодня рабочий день + есть остаток лимита + у тенанта есть баланс.
|
||||
*
|
||||
* Регион сопоставляется самим supplier_project (тег = субъект) — phone-prefix
|
||||
* фильтр убран (эпик миграции проектов, Q5): для мобильных он no-op, а регион
|
||||
@@ -33,140 +23,42 @@ use Illuminate\Support\Facades\Log;
|
||||
* Запрос через connection pgsql_supplier (BYPASSRLS crm_supplier_worker) — в
|
||||
* sharing-flow tenant ещё не определён, SELECT видит проекты всех tenant'ов.
|
||||
*
|
||||
* Spec: docs/superpowers/specs/2026-05-26-slepok-routing-protection-design.md §4.2.3.
|
||||
* Spec: docs/superpowers/specs/2026-05-20-project-migration-redesign-design.md §4.5.
|
||||
*/
|
||||
class LeadRouter
|
||||
{
|
||||
/**
|
||||
* Возвращает ONE project per tenant_id — тот, у которого наибольший остаток
|
||||
* дневного лимита (DISTINCT ON (tenant_id) с ORDER BY remaining DESC, created_at, id).
|
||||
*
|
||||
* Семантика (Spec B Task 3): один лид продаётся не более чем 3 РАЗЛИЧНЫМ тенантам
|
||||
* (клиентам), каждый тенант получает ровно ОДИН проект — с наибольшим остатком.
|
||||
* LeadDistributor::selectRecipients (CAP=3) теперь ограничивает число тенантов,
|
||||
* а не число проектов, потому что входные данные уже one-per-tenant.
|
||||
*
|
||||
* Запрос через pgsql_supplier (BYPASSRLS crm_supplier_worker) — tenant ещё не
|
||||
* определён, SELECT видит проекты всех tenant'ов.
|
||||
*
|
||||
* @return Collection<int, Project>
|
||||
*/
|
||||
public function matchEligibleProjects(SupplierProject $supplierProject): Collection
|
||||
{
|
||||
// Активная дата слепка вычисляется в PHP — детерминирована для всего запроса,
|
||||
// тестируема через Carbon::setTestNow, исключает дрейф между PHP- и DB-часами.
|
||||
$activeDate = $this->activeSnapshotDate();
|
||||
// МСК-aligned ISO day-of-week (reset-cron тоже 00:00 МСК).
|
||||
$todayBit = 1 << (Carbon::now('Europe/Moscow')->isoWeekday() - 1);
|
||||
|
||||
// Phase 3: для DIRECT-supplier_project — fallback на signal_type+signal_identifier
|
||||
// match с Лидерра-проектами через snapshot (project_supplier_links для
|
||||
// DIRECT-row'ов не создаются — DIRECT supplier_projects создаются автоматически
|
||||
// при получении webhook'а без B-префикса).
|
||||
if ($supplierProject->platform === 'DIRECT') {
|
||||
$directSql = <<<'SQL'
|
||||
SELECT DISTINCT ON (snap.tenant_id)
|
||||
projects.*,
|
||||
snap.daily_limit AS snapshot_daily_limit
|
||||
FROM project_routing_snapshots snap
|
||||
INNER JOIN projects ON projects.id = snap.project_id
|
||||
WHERE snap.snapshot_date = ?::date
|
||||
AND snap.signal_type = ?
|
||||
AND LOWER(snap.signal_identifier) = LOWER(?)
|
||||
AND projects.delivered_today < snap.daily_limit
|
||||
AND EXISTS (
|
||||
SELECT 1 FROM tenants
|
||||
WHERE tenants.id = snap.tenant_id
|
||||
AND tenants.balance_rub > 0
|
||||
-- R-03: frozen tenant must not receive new leads (Stage 3 §4.3.1)
|
||||
AND tenants.frozen_by_balance_at IS NULL
|
||||
)
|
||||
ORDER BY snap.tenant_id,
|
||||
(snap.daily_limit - projects.delivered_today) DESC,
|
||||
projects.created_at,
|
||||
projects.id
|
||||
SQL;
|
||||
$directRows = DB::connection('pgsql_supplier')->select(
|
||||
$directSql,
|
||||
[$activeDate, $supplierProject->signal_type, $supplierProject->unique_key]
|
||||
);
|
||||
/** @var Collection<int, Project> $candidates */
|
||||
$candidates = Project::on('pgsql_supplier')
|
||||
->whereExists(function ($q) use ($supplierProject): void {
|
||||
$q->selectRaw('1')
|
||||
->from('project_supplier_links')
|
||||
->whereColumn('project_supplier_links.project_id', 'projects.id')
|
||||
->where('project_supplier_links.supplier_project_id', $supplierProject->id);
|
||||
})
|
||||
->where('is_active', true)
|
||||
->whereRaw('(delivery_days_mask & ?) <> 0', [$todayBit])
|
||||
->whereRaw('delivered_today < COALESCE(effective_daily_limit_today, daily_limit_target)')
|
||||
->whereExists(function ($q): void {
|
||||
$q->selectRaw('1')
|
||||
->from('tenants')
|
||||
->whereColumn('tenants.id', 'projects.tenant_id')
|
||||
->where(function ($qq): void {
|
||||
$qq->where('tenants.balance_leads', '>', 0)
|
||||
->orWhere('tenants.balance_rub', '>', 0);
|
||||
});
|
||||
})
|
||||
->orderBy('created_at')
|
||||
->orderBy('id')
|
||||
->get();
|
||||
|
||||
$this->logIfNoSnapshot($directRows, $supplierProject, $activeDate);
|
||||
|
||||
return Project::hydrate($directRows)->values();
|
||||
}
|
||||
|
||||
// Existing B1/B2/B3 path — explicit project_supplier_links pivot.
|
||||
$sql = <<<'SQL'
|
||||
SELECT DISTINCT ON (snap.tenant_id)
|
||||
projects.*,
|
||||
snap.daily_limit AS snapshot_daily_limit
|
||||
FROM project_routing_snapshots snap
|
||||
INNER JOIN projects ON projects.id = snap.project_id
|
||||
WHERE snap.snapshot_date = ?::date
|
||||
AND EXISTS (
|
||||
SELECT 1 FROM project_supplier_links psl
|
||||
WHERE psl.project_id = snap.project_id
|
||||
AND psl.supplier_project_id = ?
|
||||
)
|
||||
AND projects.delivered_today < snap.daily_limit
|
||||
AND EXISTS (
|
||||
SELECT 1 FROM tenants
|
||||
WHERE tenants.id = snap.tenant_id
|
||||
AND tenants.balance_rub > 0
|
||||
-- R-03: frozen tenant must not receive new leads (Stage 3 §4.3.1)
|
||||
AND tenants.frozen_by_balance_at IS NULL
|
||||
)
|
||||
ORDER BY snap.tenant_id,
|
||||
(snap.daily_limit - projects.delivered_today) DESC,
|
||||
projects.created_at,
|
||||
projects.id
|
||||
SQL;
|
||||
$rows = DB::connection('pgsql_supplier')->select($sql, [$activeDate, $supplierProject->id]);
|
||||
|
||||
$this->logIfNoSnapshot($rows, $supplierProject, $activeDate);
|
||||
|
||||
return Project::hydrate($rows)->values();
|
||||
}
|
||||
|
||||
/**
|
||||
* Активная дата слепка по правилу slepok-инварианта:
|
||||
* до 21:00 МСК — сегодняшняя дата;
|
||||
* с 21:00 МСК — завтрашняя.
|
||||
*
|
||||
* Spec §4.2.3.
|
||||
*/
|
||||
private function activeSnapshotDate(): string
|
||||
{
|
||||
$msk = Carbon::now('Europe/Moscow');
|
||||
|
||||
return $msk->hour >= 21
|
||||
? $msk->copy()->addDay()->toDateString()
|
||||
: $msk->toDateString();
|
||||
}
|
||||
|
||||
/**
|
||||
* Fail-loud: пишет в лог если по активной дате слепка вообще нет ни одной строки
|
||||
* snapshot'а — это значит, что cron `SnapshotProjectRoutingJob` не отработал.
|
||||
* (Если строки есть, но ни одна не сматчилась — это валидный 0-результат, не алерт.)
|
||||
*
|
||||
* @param array<int, object> $rows
|
||||
*/
|
||||
private function logIfNoSnapshot(array $rows, SupplierProject $supplierProject, string $activeDate): void
|
||||
{
|
||||
if ($rows !== []) {
|
||||
return;
|
||||
}
|
||||
|
||||
$snapshotEmpty = DB::connection('pgsql_supplier')
|
||||
->table('project_routing_snapshots')
|
||||
->where('snapshot_date', $activeDate)
|
||||
->doesntExist();
|
||||
|
||||
if ($snapshotEmpty) {
|
||||
Log::error('lead_router.no_snapshot_for_active_date', [
|
||||
'active_date' => $activeDate,
|
||||
'supplier_project_id' => $supplierProject->id,
|
||||
'platform' => $supplierProject->platform,
|
||||
]);
|
||||
}
|
||||
return $candidates->values();
|
||||
}
|
||||
}
|
||||
|
||||
@@ -24,21 +24,6 @@ use InvalidArgumentException;
|
||||
*/
|
||||
class MonthlyPartitionManager
|
||||
{
|
||||
/**
|
||||
* Connection used for partition DDL (CREATE / DROP).
|
||||
*
|
||||
* На проде партиционированные родители принадлежат `crm_migrator`;
|
||||
* `crm_supplier_worker` — член `crm_migrator` (см. db/02_grants.sql),
|
||||
* поэтому через `pgsql_supplier` создаёт/дропает партиции, а
|
||||
* дефолтный `crm_app_user` — нет. На dev/тестах `pgsql_supplier`
|
||||
* фоллбэчит на `postgres` (superuser) — DDL также проходит.
|
||||
*
|
||||
* Тесты, триггерящие CREATE/DROP через менеджер, должны подключать
|
||||
* `Tests\Concerns\SharesSupplierPdo`, иначе DDL уйдёт мимо
|
||||
* test-транзакции (см. trait doc).
|
||||
*/
|
||||
public const DDL_CONNECTION = 'pgsql_supplier';
|
||||
|
||||
/**
|
||||
* Таблицы, партиционированные помесячно.
|
||||
* Ключ → имя таблицы, значение → колонка-ключ партиционирования.
|
||||
@@ -53,12 +38,10 @@ class MonthlyPartitionManager
|
||||
'auth_log' => 'created_at',
|
||||
'activity_log' => 'created_at',
|
||||
'tenant_operations_log' => 'created_at',
|
||||
// webhook_log удалён в миграции 2026_05_24_140000_drop_legacy_webhook_artefacts (legacy direct webhook removal)
|
||||
'webhook_log' => 'received_at',
|
||||
'balance_transactions' => 'created_at',
|
||||
'pd_processing_log' => 'created_at',
|
||||
'saas_admin_audit_log' => 'created_at',
|
||||
// Slepok routing (Этап 2, 27.05.2026)
|
||||
'project_routing_snapshots' => 'snapshot_date',
|
||||
];
|
||||
|
||||
/**
|
||||
@@ -107,7 +90,7 @@ class MonthlyPartitionManager
|
||||
return false;
|
||||
}
|
||||
|
||||
DB::connection(self::DDL_CONNECTION)->statement(sprintf(
|
||||
DB::statement(sprintf(
|
||||
"CREATE TABLE %s PARTITION OF %s FOR VALUES FROM ('%s') TO ('%s')",
|
||||
$partition,
|
||||
$table,
|
||||
|
||||
@@ -5,9 +5,11 @@ declare(strict_types=1);
|
||||
namespace App\Services;
|
||||
|
||||
use App\Mail\InvoicePaidNotification;
|
||||
use App\Mail\LowBalanceNotification;
|
||||
use App\Mail\NewLeadNotification;
|
||||
use App\Mail\ReminderDueNotification;
|
||||
use App\Mail\TopupSuccessNotification;
|
||||
use App\Mail\ZeroBalanceNotification;
|
||||
use App\Mail\ZeroBalancePausedMail;
|
||||
use App\Models\Deal;
|
||||
use App\Models\InAppNotification;
|
||||
@@ -145,6 +147,52 @@ class NotificationService
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* Уведомление о низком балансе. Триггер: ProcessWebhookJob после
|
||||
* lead_charge, если balance_leads <= threshold.
|
||||
*
|
||||
* Получатели: все активные user'ы тенанта с new_lead.email=true
|
||||
* (на MVP: те же что и для new_lead — обычно владелец и менеджеры).
|
||||
* По prefs `low_balance.email`.
|
||||
*/
|
||||
public function notifyLowBalance(Tenant $tenant, int $thresholdLeads): void
|
||||
{
|
||||
$title = "Низкий баланс — {$tenant->balance_leads} лидов осталось";
|
||||
$body = "Порог уведомления: {$thresholdLeads} лидов";
|
||||
|
||||
foreach ($this->recipientsForEvent($tenant, self::EVENT_LOW_BALANCE, self::CHANNEL_EMAIL) as $user) {
|
||||
$this->sendEmail($user, self::EVENT_LOW_BALANCE, new LowBalanceNotification($user, $tenant, $thresholdLeads));
|
||||
}
|
||||
foreach ($this->recipientsForEvent($tenant, self::EVENT_LOW_BALANCE, self::CHANNEL_INAPP) as $user) {
|
||||
$this->notifyInApp($user, self::EVENT_LOW_BALANCE, $title, $body, [
|
||||
'tenant_id' => $tenant->id,
|
||||
'balance_leads' => $tenant->balance_leads,
|
||||
'threshold_leads' => $thresholdLeads,
|
||||
]);
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* Уведомление о нулевом балансе и отклонении лидов.
|
||||
* Триггер: ProcessWebhookJob::logRejection(zero_balance) в первом
|
||||
* RejectedDealsLog за последний час (anti-spam: не более 1 email/час
|
||||
* на тенант, проверка в caller).
|
||||
*/
|
||||
public function notifyZeroBalance(Tenant $tenant): void
|
||||
{
|
||||
$title = 'Баланс закончился — лиды отклоняются';
|
||||
$body = 'Пополните баланс в разделе Биллинг';
|
||||
|
||||
foreach ($this->recipientsForEvent($tenant, self::EVENT_ZERO_BALANCE, self::CHANNEL_EMAIL) as $user) {
|
||||
$this->sendEmail($user, self::EVENT_ZERO_BALANCE, new ZeroBalanceNotification($user, $tenant));
|
||||
}
|
||||
foreach ($this->recipientsForEvent($tenant, self::EVENT_ZERO_BALANCE, self::CHANNEL_INAPP) as $user) {
|
||||
$this->notifyInApp($user, self::EVENT_ZERO_BALANCE, $title, $body, [
|
||||
'tenant_id' => $tenant->id,
|
||||
]);
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* Уведомление об auto-pause проекта на нулевом балансе (Plan 4 Task 6).
|
||||
*
|
||||
|
||||
@@ -18,7 +18,7 @@ use InvalidArgumentException;
|
||||
* users: email, first_name, last_name, phone
|
||||
* supplier_leads: phone, raw_payload (JSONB) — нет contact_email/contact_phone
|
||||
* deals: phone, contact_name — нет отдельного contact_email
|
||||
* (webhook_log удалён в миграции 2026_05_24_140000_drop_legacy_webhook_artefacts)
|
||||
* webhook_log: raw_payload (JSONB)
|
||||
*/
|
||||
class PdErasureService
|
||||
{
|
||||
@@ -32,7 +32,7 @@ class PdErasureService
|
||||
* @param int|null $tenantId Ограничить поиск одним тенантом (null = все)
|
||||
* @param int $actorAdminId ID saas_admin_users
|
||||
* @param string|null $requestId ID pd_subject_requests для авто-закрытия
|
||||
* @return array{users: int, leads: int, deals: int}
|
||||
* @return array{users: int, leads: int, deals: int, webhook_log: int}
|
||||
*
|
||||
* @throws InvalidArgumentException если оба email и phone null
|
||||
*/
|
||||
@@ -47,7 +47,7 @@ class PdErasureService
|
||||
throw new InvalidArgumentException('Необходимо указать email или телефон субъекта.');
|
||||
}
|
||||
|
||||
$counts = ['users' => 0, 'leads' => 0, 'deals' => 0];
|
||||
$counts = ['users' => 0, 'leads' => 0, 'deals' => 0, 'webhook_log' => 0];
|
||||
|
||||
DB::connection(self::DB)->transaction(function () use (
|
||||
$email, $phone, $tenantId, $actorAdminId, $requestId, &$counts
|
||||
@@ -176,12 +176,50 @@ class PdErasureService
|
||||
$counts['deals'] = $deals->count();
|
||||
|
||||
// ------------------------------------------------------------------
|
||||
// 4. Обновить pd_subject_requests если requestId передан
|
||||
// (webhook_log удалён в миграции 2026_05_24_140000_drop_legacy_webhook_artefacts)
|
||||
// 4. webhook_log (raw_payload JSONB text-search)
|
||||
// ------------------------------------------------------------------
|
||||
$wlQuery = DB::connection(self::DB)->table('webhook_log');
|
||||
$conditions = [];
|
||||
$bindings = [];
|
||||
if ($email !== null) {
|
||||
$conditions[] = 'raw_payload::text LIKE ?';
|
||||
$bindings[] = '%'.$email.'%';
|
||||
}
|
||||
if ($phone !== null) {
|
||||
$conditions[] = 'raw_payload::text LIKE ?';
|
||||
$bindings[] = '%'.$phone.'%';
|
||||
}
|
||||
|
||||
if (! empty($conditions)) {
|
||||
$wlQuery->whereRaw('('.implode(' OR ', $conditions).')', $bindings);
|
||||
}
|
||||
|
||||
if ($tenantId !== null) {
|
||||
$wlQuery->where('tenant_id', $tenantId);
|
||||
}
|
||||
|
||||
// Batched update: обрабатываем по 500 строк
|
||||
$wlCount = 0;
|
||||
$wlQuery->select('id')->orderBy('id')->chunk(500, function ($rows) use (&$wlCount): void {
|
||||
$ids = $rows->pluck('id')->all();
|
||||
DB::connection(self::DB)->table('webhook_log')
|
||||
->whereIn('id', $ids)
|
||||
->update([
|
||||
'raw_payload' => DB::connection(self::DB)->raw(
|
||||
"JSONB_BUILD_OBJECT('erased', TRUE, 'erased_at', NOW()::TEXT)"
|
||||
),
|
||||
]);
|
||||
$wlCount += count($ids);
|
||||
});
|
||||
|
||||
$counts['webhook_log'] = $wlCount;
|
||||
|
||||
// ------------------------------------------------------------------
|
||||
// 5. Обновить pd_subject_requests если requestId передан
|
||||
// ------------------------------------------------------------------
|
||||
if ($requestId !== null) {
|
||||
$summary = "Удалено: users={$counts['users']}, leads={$counts['leads']}, "
|
||||
."deals={$counts['deals']}";
|
||||
."deals={$counts['deals']}, webhook_log={$counts['webhook_log']}";
|
||||
|
||||
DB::connection(self::DB)->table('pd_subject_requests')
|
||||
->where('id', $requestId)
|
||||
|
||||
@@ -18,7 +18,6 @@ class ProjectService
|
||||
{
|
||||
public function __construct(
|
||||
private readonly OperationsLogger $ops = new OperationsLogger,
|
||||
private readonly SupplierSnapshotGuard $snapshotGuard = new SupplierSnapshotGuard,
|
||||
) {}
|
||||
|
||||
public function update(Project $project, array $data): Project
|
||||
@@ -31,15 +30,6 @@ class ProjectService
|
||||
$data['supplier_b1_project_id'], $data['supplier_b2_project_id'], $data['supplier_b3_project_id'],
|
||||
);
|
||||
|
||||
// Spec: docs/superpowers/plans/2026-05-26-supplier-snapshot-guard.md
|
||||
// Если меняем источник (signal_identifier / sms_senders / sms_keyword) — guard.
|
||||
$sourceFieldsTouched = array_key_exists('signal_identifier', $data)
|
||||
|| array_key_exists('sms_senders', $data)
|
||||
|| array_key_exists('sms_keyword', $data);
|
||||
if ($sourceFieldsTouched) {
|
||||
$this->snapshotGuard->assertCanMutateSource($project, 'change_source');
|
||||
}
|
||||
|
||||
if (isset($data['daily_limit_target']) && $data['daily_limit_target'] < $project->delivered_today) {
|
||||
throw new HttpResponseException(response()->json([
|
||||
'errors' => [
|
||||
@@ -106,26 +96,7 @@ class ProjectService
|
||||
SyncSupplierProjectJob::dispatch($project->id);
|
||||
}
|
||||
|
||||
// Task 2.8 (Spec §4.2.5): для каждого изменённого slepok-sensitive поля
|
||||
// вычислить applies_from — момент, с которого правка реально вступит в силу
|
||||
// (slepok-инвариант: до 18:00 МСК → сегодня 21:00 МСК, после → завтра 21:00 МСК).
|
||||
// Берём максимум среди затронутых полей. NULL = применяется немедленно.
|
||||
$appliesFrom = null;
|
||||
foreach (SupplierSnapshotGuard::SLEPOK_SENSITIVE_FIELDS as $field) {
|
||||
if (! array_key_exists($field, $data)) {
|
||||
continue;
|
||||
}
|
||||
$candidate = $this->snapshotGuard->appliesFrom($project, $field);
|
||||
if ($candidate !== null && ($appliesFrom === null || $candidate->gt($appliesFrom))) {
|
||||
$appliesFrom = $candidate;
|
||||
}
|
||||
}
|
||||
|
||||
$fresh = $project->fresh();
|
||||
// Dynamic attribute — не в БД, сериализуется ProjectResource (Task 2.11).
|
||||
$fresh->applies_from = $appliesFrom;
|
||||
|
||||
return $fresh;
|
||||
return $project->fresh();
|
||||
}
|
||||
|
||||
/**
|
||||
@@ -178,11 +149,6 @@ class ProjectService
|
||||
|
||||
public function delete(Project $project): void
|
||||
{
|
||||
// Spec: docs/superpowers/plans/2026-05-26-supplier-snapshot-guard.md
|
||||
// Guard поставщикова слепка ПЕРЕД has-deals (приоритетней) — клиент должен
|
||||
// увидеть формулировку про «уже заказали лиды», а не «есть сделки».
|
||||
$this->snapshotGuard->assertCanMutateSource($project, 'delete');
|
||||
|
||||
$hasDeals = DB::table('deals')->where('project_id', $project->id)->exists();
|
||||
if ($hasDeals) {
|
||||
throw new HttpResponseException(response()->json([
|
||||
@@ -295,13 +261,7 @@ class ProjectService
|
||||
private function bulkPauseResume($query, bool $isActive): array
|
||||
{
|
||||
$ids = (clone $query)->pluck('id')->all();
|
||||
// Spec: docs/superpowers/plans/2026-05-26-supplier-snapshot-guard.md (Task 11).
|
||||
// paused_at — anchor для SupplierSnapshotGuard grace-расчёта. Mass-update НЕ
|
||||
// триггерит model events, поэтому пишем явно в одном UPDATE.
|
||||
$updated = $query->update([
|
||||
'is_active' => $isActive,
|
||||
'paused_at' => $isActive ? null : DB::raw('NOW()'),
|
||||
]);
|
||||
$updated = $query->update(['is_active' => $isActive]);
|
||||
foreach ($ids as $id) {
|
||||
SyncSupplierProjectJob::dispatch((int) $id);
|
||||
}
|
||||
@@ -331,15 +291,8 @@ class ProjectService
|
||||
try {
|
||||
$this->delete($model);
|
||||
$deleted++;
|
||||
} catch (HttpResponseException $e) {
|
||||
// Spec: docs/superpowers/plans/2026-05-26-supplier-snapshot-guard.md (Task 12).
|
||||
// Разделяем причину: guard поставщика (нужно подождать) vs has-deals.
|
||||
$body = json_decode((string) $e->getResponse()->getContent(), true);
|
||||
$message = (string) ($body['errors']['project'][0] ?? '');
|
||||
$reason = str_contains($message, 'Мы уже начали сбор лидов')
|
||||
? 'supplier_snapshot_locked'
|
||||
: 'has_deals';
|
||||
$skipped[] = ['id' => $p->id, 'reason' => $reason];
|
||||
} catch (HttpResponseException) {
|
||||
$skipped[] = ['id' => $p->id, 'reason' => 'has_deals'];
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
@@ -1,137 +0,0 @@
|
||||
<?php
|
||||
|
||||
declare(strict_types=1);
|
||||
|
||||
namespace App\Services\Project;
|
||||
|
||||
use App\Models\Project;
|
||||
use Carbon\CarbonImmutable;
|
||||
use Carbon\CarbonInterface;
|
||||
use Illuminate\Http\Exceptions\HttpResponseException;
|
||||
use Illuminate\Support\Facades\DB;
|
||||
|
||||
/**
|
||||
* Защита проекта от удаления/смены источника, пока поставщик crm.bp-gr.ru
|
||||
* может прислать по нему лиды по уже сделанному слепку.
|
||||
*
|
||||
* Slepok-час поставщика: 21:00 МСК (поставщик в 21:00 формирует заказ на завтра).
|
||||
* Grace: до следующего 21:00 МСК после pause + 24h на доставку хвоста.
|
||||
*
|
||||
* Spec: docs/superpowers/plans/2026-05-26-supplier-snapshot-guard.md
|
||||
*/
|
||||
class SupplierSnapshotGuard
|
||||
{
|
||||
/** Час МСК, в который поставщик заказывает лиды на следующий день. */
|
||||
public const SUPPLIER_ORDER_HOUR_MSK = 21;
|
||||
|
||||
/** Сколько часов после слепка летит хвост лидов (одни сутки). */
|
||||
public const TAIL_DELIVERY_HOURS = 24;
|
||||
|
||||
public function computeGraceUntil(CarbonInterface $pausedAt): CarbonImmutable
|
||||
{
|
||||
$pausedMsk = CarbonImmutable::instance($pausedAt)->setTimezone('Europe/Moscow');
|
||||
|
||||
$next21 = $pausedMsk->setTime(self::SUPPLIER_ORDER_HOUR_MSK, 0, 0);
|
||||
if ($pausedMsk->gte($next21)) {
|
||||
$next21 = $next21->addDay();
|
||||
}
|
||||
|
||||
return $next21->addHours(self::TAIL_DELIVERY_HOURS);
|
||||
}
|
||||
|
||||
public function isProtected(Project $project, ?CarbonImmutable $now = null): bool
|
||||
{
|
||||
$hasLinks = DB::table('project_supplier_links')
|
||||
->where('project_id', $project->id)
|
||||
->exists();
|
||||
if (! $hasLinks) {
|
||||
return false;
|
||||
}
|
||||
|
||||
if ($project->is_active) {
|
||||
return true;
|
||||
}
|
||||
|
||||
if ($project->paused_at === null) {
|
||||
return false;
|
||||
}
|
||||
|
||||
$graceUntil = $this->computeGraceUntil($project->paused_at);
|
||||
$effectiveNow = $now ?? CarbonImmutable::now('Europe/Moscow');
|
||||
|
||||
return $effectiveNow->lt($graceUntil);
|
||||
}
|
||||
|
||||
/**
|
||||
* Slepok-sensitive поля проекта — изменения этих полей попадают в slepok №NЛ
|
||||
* (фиксируется в 18:00 МСК) и начинают действовать с N.21:00 МСК.
|
||||
*
|
||||
* Spec §4.2.5 — Task 2.7.
|
||||
*/
|
||||
public const SLEPOK_SENSITIVE_FIELDS = [
|
||||
'is_active',
|
||||
'daily_limit_target',
|
||||
'delivery_days_mask',
|
||||
'regions',
|
||||
'signal_identifier',
|
||||
'sms_senders',
|
||||
'sms_keyword',
|
||||
];
|
||||
|
||||
/**
|
||||
* Возвращает момент, с которого правка `$field` вступит в силу:
|
||||
* правка до 18:00 МСК → сегодня в 21:00 МСК;
|
||||
* правка с 18:00 МСК и позже → завтра в 21:00 МСК.
|
||||
*
|
||||
* Возвращает null когда правка применяется немедленно:
|
||||
* поле не slepok-sensitive (см. SLEPOK_SENSITIVE_FIELDS), либо
|
||||
* проект не связан с поставщиком (нет project_supplier_links → нет slepok-риска).
|
||||
*
|
||||
* Используется ProjectService (Task 2.8) для прикрепления к UI-ответу
|
||||
* метки «изменения вступят в силу с DD.MM HH:MM».
|
||||
*
|
||||
* Spec §4.2.5.
|
||||
*/
|
||||
public function appliesFrom(Project $project, string $field): ?CarbonImmutable
|
||||
{
|
||||
if (! in_array($field, self::SLEPOK_SENSITIVE_FIELDS, true)) {
|
||||
return null;
|
||||
}
|
||||
|
||||
$hasLinks = DB::table('project_supplier_links')
|
||||
->where('project_id', $project->id)
|
||||
->exists();
|
||||
if (! $hasLinks) {
|
||||
return null;
|
||||
}
|
||||
|
||||
$nowMsk = CarbonImmutable::now('Europe/Moscow');
|
||||
$todayCutoff = $nowMsk->setTime(18, 0, 0);
|
||||
|
||||
if ($nowMsk->gte($todayCutoff)) {
|
||||
return $nowMsk->addDay()->setTime(21, 0, 0);
|
||||
}
|
||||
|
||||
return $nowMsk->setTime(21, 0, 0);
|
||||
}
|
||||
|
||||
/**
|
||||
* @param 'delete'|'change_source' $action
|
||||
*/
|
||||
public function assertCanMutateSource(Project $project, string $action): void
|
||||
{
|
||||
if (! $this->isProtected($project)) {
|
||||
return;
|
||||
}
|
||||
|
||||
$verb = $action === 'delete' ? 'Удалить' : 'Изменить источник';
|
||||
$message = 'Мы уже начали сбор лидов по этому проекту на завтра. '
|
||||
.'Пока поставьте на паузу — мы увидим это сегодня в 18:00 и завтра '
|
||||
.'не будем запускать сбор лидов по этому проекту. '
|
||||
.$verb.' можно будет послезавтра.';
|
||||
|
||||
throw new HttpResponseException(response()->json([
|
||||
'errors' => ['project' => [$message]],
|
||||
], 422));
|
||||
}
|
||||
}
|
||||
@@ -178,11 +178,9 @@ class SupplierProjectImporter
|
||||
]);
|
||||
$createdProjects++;
|
||||
|
||||
// R-17 (Stage 4 §4.4.1): unified agnostic key — was per-platform divergence
|
||||
// for SMS (B3 used sender alone, B2 sender+keyword) creating orphan rows.
|
||||
$uniqueKey = SupplierProjectGrouping::buildUniqueKeyAgnostic($project);
|
||||
foreach ($item['platforms'] as $pl) {
|
||||
$platform = (string) $pl['platform'];
|
||||
$uniqueKey = SupplierProjectGrouping::buildUniqueKey($project, $platform);
|
||||
|
||||
/** @var SupplierProject $sp */
|
||||
$sp = SupplierProject::on(self::DB_CONNECTION)->firstOrCreate(
|
||||
|
||||
@@ -19,14 +19,37 @@ use App\Models\Project;
|
||||
final class SupplierProjectGrouping
|
||||
{
|
||||
/**
|
||||
* Unique identifier key — единая агностическая формула для всех платформ
|
||||
* (Stage 4 §4.4.1 R-17, ранее разделялась на platform-specific buildUniqueKey:
|
||||
* B3 использовал sender alone, B2 sender+keyword, что создавало orphan
|
||||
* supplier_projects при rebalance шеринга — мы не могли сопоставить B2/B3
|
||||
* как одну группу):
|
||||
* Строит unique_key для пары (project, platform):
|
||||
* site/call → signal_identifier (домен / телефон)
|
||||
* sms B2 → sender + '+' + keyword
|
||||
* sms B3 → sender
|
||||
*
|
||||
* Для ночного батч-джоба используйте buildUniqueKeyNoplatform() — он
|
||||
* выбирает B2-ключ автоматически при наличии keyword.
|
||||
*/
|
||||
public static function buildUniqueKey(Project $project, string $platform): string
|
||||
{
|
||||
if (in_array($project->signal_type, ['site', 'call'], true)) {
|
||||
return (string) $project->signal_identifier;
|
||||
}
|
||||
|
||||
// sms
|
||||
$sender = (string) ($project->sms_senders[0] ?? '');
|
||||
|
||||
if ($platform === 'B2') {
|
||||
return $sender.'+'.($project->sms_keyword ?? '');
|
||||
}
|
||||
|
||||
// B3
|
||||
return $sender;
|
||||
}
|
||||
|
||||
/**
|
||||
* Unique identifier key без привязки к конкретной платформе
|
||||
* (для группировки в ночном батч-джобе):
|
||||
* site/call → signal_identifier
|
||||
* sms+keyword → sender+keyword
|
||||
* sms без keyword → sender
|
||||
* sms+keyword → sender+keyword (B2 ключ)
|
||||
* sms без keyword → sender (B3 ключ)
|
||||
*/
|
||||
public static function buildUniqueKeyAgnostic(Project $project): string
|
||||
{
|
||||
@@ -72,6 +95,7 @@ final class SupplierProjectGrouping
|
||||
public static function subjectsOf(Project $project): array
|
||||
{
|
||||
$regions = array_values((array) $project->regions);
|
||||
// @phpstan-ignore-next-line identical.alwaysFalse — PostgresIntArray PHPDoc non-empty, runtime can be empty
|
||||
if (count($regions) === 0) {
|
||||
return [null];
|
||||
}
|
||||
|
||||
@@ -21,7 +21,7 @@ use InvalidArgumentException;
|
||||
*/
|
||||
class SupplierProjectResolver
|
||||
{
|
||||
private const ALLOWED_PLATFORMS = ['B1', 'B2', 'B3', 'DIRECT'];
|
||||
private const ALLOWED_PLATFORMS = ['B1', 'B2', 'B3'];
|
||||
|
||||
private const ALLOWED_SIGNAL_TYPES = ['site', 'call', 'sms'];
|
||||
|
||||
|
||||
+5
-52
@@ -8,7 +8,6 @@ use Illuminate\Foundation\Configuration\Exceptions;
|
||||
use Illuminate\Foundation\Configuration\Middleware;
|
||||
use Illuminate\Http\Request;
|
||||
use Illuminate\Support\Facades\Log;
|
||||
use Illuminate\Validation\ValidationException;
|
||||
|
||||
return Application::configure(basePath: dirname(__DIR__))
|
||||
->withRouting(
|
||||
@@ -34,43 +33,12 @@ return Application::configure(basePath: dirname(__DIR__))
|
||||
]);
|
||||
})
|
||||
->withExceptions(function (Exceptions $exceptions): void {
|
||||
// Reduce verbosity of constraint-violation logging (SQLSTATE 23xxx):
|
||||
// data-validity errors do not need a full stack trace в laravel.log.
|
||||
// Incident 2026-05-29: 420k повторов B1+SMS check_violation накопили
|
||||
// 8.7 GB stack traces → disk full → 4h prod downtime.
|
||||
// Solution: log a warning summary с sqlstate, return false to stop
|
||||
// default reporting (which would write full stack trace).
|
||||
// Ref: docs/incidents/2026-05-29-disk-full-pg-recovery.md §5
|
||||
$exceptions->reportable(function (QueryException $e) {
|
||||
$sqlState = $e->errorInfo[0] ?? '';
|
||||
if (is_string($sqlState) && str_starts_with($sqlState, '23')) {
|
||||
Log::warning('db.constraint_violation', [
|
||||
'sqlstate' => $sqlState,
|
||||
'message' => mb_substr($e->getMessage(), 0, 200),
|
||||
]);
|
||||
|
||||
return false; // skip default reporting (no stack trace в laravel.log)
|
||||
}
|
||||
|
||||
return null; // continue default reporting для non-constraint QueryExceptions
|
||||
});
|
||||
|
||||
$exceptions->render(function (QueryException $e, Request $request) {
|
||||
$sqlState = $e->errorInfo[0] ?? '';
|
||||
$isConstraintViolation = is_string($sqlState) && str_starts_with($sqlState, '23');
|
||||
|
||||
if (! $isConstraintViolation) {
|
||||
// Default verbose log для non-constraint QueryExceptions (table missing,
|
||||
// syntax error, etc. — these are bugs needing investigation).
|
||||
Log::error('db.query_exception', [
|
||||
'message' => $e->getMessage(),
|
||||
'sql' => $e->getSql(),
|
||||
'path' => $request->path(),
|
||||
]);
|
||||
}
|
||||
// Constraint violations уже залогированы в reportable() выше как warning,
|
||||
// дублировать не нужно.
|
||||
|
||||
Log::error('db.query_exception', [
|
||||
'message' => $e->getMessage(),
|
||||
'sql' => $e->getSql(),
|
||||
'path' => $request->path(),
|
||||
]);
|
||||
if ($request->expectsJson()) {
|
||||
return response()->json([
|
||||
'message' => 'Не удалось сохранить. Проверьте данные или попробуйте ещё раз.',
|
||||
@@ -79,19 +47,4 @@ return Application::configure(basePath: dirname(__DIR__))
|
||||
|
||||
return null; // default render for non-JSON
|
||||
});
|
||||
|
||||
// Supplier webhook always returns JSON, even when client omits Accept header.
|
||||
// Without this render, Laravel's default ValidationException handler returns
|
||||
// 302 redirect to /, which strips POST body — losing supplier leads.
|
||||
// Confirmed 2026-05-25: 76 of 234 webhook hits today got 302 instead of 422.
|
||||
$exceptions->render(function (ValidationException $e, Request $request) {
|
||||
if ($request->is('api/webhook/supplier/*')) {
|
||||
return response()->json([
|
||||
'message' => 'Validation failed',
|
||||
'errors' => $e->errors(),
|
||||
], 422);
|
||||
}
|
||||
|
||||
return null; // default render for other routes
|
||||
});
|
||||
})->create();
|
||||
|
||||
@@ -26,7 +26,7 @@ class BalanceTransactionFactory extends Factory
|
||||
'amount_rub' => '100.00',
|
||||
'amount_leads' => 0,
|
||||
'balance_rub_after' => '100.00',
|
||||
'balance_leads_after' => null,
|
||||
'balance_leads_after' => 0,
|
||||
'description' => 'Тестовая транзакция',
|
||||
'created_at' => now(),
|
||||
];
|
||||
|
||||
@@ -22,6 +22,7 @@ class TenantFactory extends Factory
|
||||
'subdomain' => 'tenant-'.Str::lower(Str::random(8)),
|
||||
'organization_name' => fake()->company(),
|
||||
'contact_email' => fake()->unique()->safeEmail(),
|
||||
'webhook_token' => Str::random(64),
|
||||
'timezone' => 'Europe/Moscow',
|
||||
'locale' => 'ru',
|
||||
'is_trial' => true,
|
||||
|
||||
@@ -9,11 +9,8 @@ return new class extends Migration
|
||||
{
|
||||
public function up(): void
|
||||
{
|
||||
$conn = DB::connection('pgsql_supplier');
|
||||
|
||||
// Guard: only run if webhook_log exists (на проде после legacy-webhook-removal
|
||||
// таблицы нет — миграция становится no-op).
|
||||
if (! $conn->getSchemaBuilder()->hasTable('webhook_log')) {
|
||||
// Guard: only run if webhook_log exists (should always exist, but be safe)
|
||||
if (! Schema::hasTable('webhook_log')) {
|
||||
return;
|
||||
}
|
||||
|
||||
@@ -21,18 +18,16 @@ return new class extends Migration
|
||||
base_path('/../db/migrations/2026_05_22_002_webhook_log_supplier_columns.sql')
|
||||
);
|
||||
|
||||
$conn->unprepared($sql);
|
||||
DB::unprepared($sql);
|
||||
}
|
||||
|
||||
public function down(): void
|
||||
{
|
||||
$conn = DB::connection('pgsql_supplier');
|
||||
|
||||
if (! $conn->getSchemaBuilder()->hasTable('webhook_log')) {
|
||||
if (! Schema::hasTable('webhook_log')) {
|
||||
return;
|
||||
}
|
||||
|
||||
$conn->unprepared(<<<'SQL'
|
||||
DB::unprepared(<<<'SQL'
|
||||
ALTER TABLE webhook_log
|
||||
DROP COLUMN IF EXISTS source,
|
||||
DROP COLUMN IF EXISTS status,
|
||||
|
||||
-40
@@ -1,40 +0,0 @@
|
||||
<?php
|
||||
|
||||
declare(strict_types=1);
|
||||
|
||||
use Illuminate\Database\Migrations\Migration;
|
||||
use Illuminate\Support\Facades\DB;
|
||||
|
||||
return new class extends Migration
|
||||
{
|
||||
public function up(): void
|
||||
{
|
||||
DB::statement(
|
||||
'ALTER TABLE balance_transactions DROP CONSTRAINT IF EXISTS balance_transactions_type_check'
|
||||
);
|
||||
DB::statement(
|
||||
'ALTER TABLE balance_transactions ADD CONSTRAINT balance_transactions_type_check '.
|
||||
'CHECK (type IN ('.
|
||||
"'trial_bonus','topup','lead_charge','refund',".
|
||||
"'manual_adjustment','historical_import',".
|
||||
"'chargeback_writedown','chargeback_repayment',".
|
||||
"'migration'".
|
||||
'))'
|
||||
);
|
||||
}
|
||||
|
||||
public function down(): void
|
||||
{
|
||||
DB::statement(
|
||||
'ALTER TABLE balance_transactions DROP CONSTRAINT IF EXISTS balance_transactions_type_check'
|
||||
);
|
||||
DB::statement(
|
||||
'ALTER TABLE balance_transactions ADD CONSTRAINT balance_transactions_type_check '.
|
||||
'CHECK (type IN ('.
|
||||
"'trial_bonus','topup','lead_charge','refund',".
|
||||
"'manual_adjustment','historical_import',".
|
||||
"'chargeback_writedown','chargeback_repayment'".
|
||||
'))'
|
||||
);
|
||||
}
|
||||
};
|
||||
@@ -1,29 +0,0 @@
|
||||
<?php
|
||||
|
||||
use Illuminate\Database\Migrations\Migration;
|
||||
use Illuminate\Support\Facades\DB;
|
||||
|
||||
return new class extends Migration
|
||||
{
|
||||
public function up(): void
|
||||
{
|
||||
// Idempotency guard: skip if table already exists (e.g. loaded via schema.sql).
|
||||
if (DB::selectOne('SELECT 1 AS ok FROM pg_class WHERE relname = ?', ['supplier_lead_deliveries']) !== null) {
|
||||
return;
|
||||
}
|
||||
|
||||
$sql = file_get_contents(base_path('../db/migrations/2026_05_23_200_supplier_lead_deliveries.sql'));
|
||||
if ($sql === false) {
|
||||
throw new RuntimeException('Migration SQL file not found.');
|
||||
}
|
||||
// Prod: crm_app_user (default pgsql) не имеет CREATE на schema public.
|
||||
// Используем pgsql_supplier (crm_supplier_worker, BYPASSRLS, имеет CREATE).
|
||||
// На dev pgsql_supplier тоже = postgres superuser → работает идентично.
|
||||
DB::connection('pgsql_supplier')->unprepared($sql);
|
||||
}
|
||||
|
||||
public function down(): void
|
||||
{
|
||||
DB::connection('pgsql_supplier')->unprepared('DROP TABLE IF EXISTS supplier_lead_deliveries CASCADE;');
|
||||
}
|
||||
};
|
||||
Some files were not shown because too many files have changed in this diff Show More
Reference in New Issue
Block a user