chihlasm/resolutionflow
1
0
Fork 0
Code Issues 23 Pull Requests 1 Actions Packages Projects Releases Wiki Activity

feat: add procedural flows with intake forms, navigation, and seed templates

Browse Source 
Adds a new "procedural" tree type for linear step-by-step project workflows
(domain controller setup, M365 onboarding, VPN config, etc). Includes intake
form builder, two-panel step navigation, variable resolution, procedural
exports, 3 seed templates, and UI rename from "Trees" to "Flows".

Also archives 19 implemented plan docs and creates deferred features backlog.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
This commit is contained in:
chihlasm
2026-02-14 04:13:52 -05:00
parent 303570ca2c
commit 350c977eda
58 changed files with 11686 additions and 167 deletions
Download Patch File Download Diff File Expand all files Collapse all files

33
LESSONS-LEARNED.md
View File

@@ -890,6 +890,39 @@ def _fix_node_fields(node):
---
## Export / Redaction
### CORS `expose_headers` Required for Custom Response Headers
**Problem:** Frontend reads custom response headers (e.g. `X-Redaction-Summary`) but gets `undefined` — the header exists in the response but Axios can't access it.
**Cause:** Browsers enforce CORS restrictions on response headers. Only "CORS-safelisted" headers (Cache-Control, Content-Type, etc.) are accessible by default. Custom headers require explicit exposure.
**Solution:** Add `expose_headers` to CORS middleware in `main.py` (both branches):
```python
app.add_middleware(
CORSMiddleware,
allow_origins=settings.allowed_origins,
expose_headers=["X-Redaction-Mode", "X-Redaction-Summary"],
...
)
```
**Files affected:** `backend/app/main.py` (both CORS middleware branches)
---
### Redaction Must Run AFTER Variable Resolution
**Problem:** Sensitive data injected via session variables (e.g. `{{client_ip}}``192.168.1.1`) would bypass redaction if it ran before variable substitution.
**Solution:** Export pipeline order matters:
1. Generate export by format (markdown/html/text/psa)
2. Resolve session variables
3. Apply redaction (if `redaction_mode == "mask"`)
**Key file:** `backend/app/api/endpoints/sessions.py` — the redaction block is placed after both generation and variable resolution, with fail-closed error handling (500 on failure, never return unredacted content).
---
## Adding New Lessons
When you encounter and fix a bug, add it here with: