From 394f7295958ccaac7a89e81f1e0251e7b6b7e21e Mon Sep 17 00:00:00 2001 From: Michael Chihlas Date: Thu, 28 May 2026 12:30:51 -0400 Subject: [PATCH] feat(l1): create internal_tickets table with RLS Tenant-scoped fallback ticket model for accounts without PSA integration. Tracks customer-name, problem-statement, status lifecycle (open/walking/ resolved/escalated), and optional links to flow/proposal/ai_session/ assigned engineer + PSA promotion ID. Account-scoped RLS policy uses app.current_account_id session setting. Co-Authored-By: Claude Opus 4.7 --- .../a1e6a018af02_create_internal_tickets.py | 79 ++++++++++++ backend/app/models/__init__.py | 2 + backend/app/models/internal_ticket.py | 117 ++++++++++++++++++ 3 files changed, 198 insertions(+) create mode 100644 backend/alembic/versions/a1e6a018af02_create_internal_tickets.py create mode 100644 backend/app/models/internal_ticket.py diff --git a/backend/alembic/versions/a1e6a018af02_create_internal_tickets.py b/backend/alembic/versions/a1e6a018af02_create_internal_tickets.py new file mode 100644 index 00000000..e8afe47e --- /dev/null +++ b/backend/alembic/versions/a1e6a018af02_create_internal_tickets.py @@ -0,0 +1,79 @@ +"""create_internal_tickets + +Revision ID: a1e6a018af02 +Revises: ff6fe5895ea2 +Create Date: 2026-05-28 16:29:32.624317 + +""" +from typing import Sequence, Union + +from alembic import op +import sqlalchemy as sa +from sqlalchemy.dialects import postgresql + + +# revision identifiers, used by Alembic. +revision: str = 'a1e6a018af02' +down_revision: Union[str, None] = 'ff6fe5895ea2' +branch_labels: Union[str, Sequence[str], None] = None +depends_on: Union[str, Sequence[str], None] = None + +_NULL_UUID = "00000000-0000-0000-0000-000000000000" +_CURRENT_ACCOUNT = ( + f"COALESCE(NULLIF(current_setting('app.current_account_id', TRUE), ''), " + f"'{_NULL_UUID}')::uuid" +) + + +def upgrade() -> None: + op.create_table( + 'internal_tickets', + sa.Column('id', postgresql.UUID(as_uuid=True), nullable=False), + sa.Column('account_id', postgresql.UUID(as_uuid=True), nullable=False), + sa.Column('created_by_user_id', postgresql.UUID(as_uuid=True), nullable=False), + sa.Column('customer_name', sa.String(120), nullable=True), + sa.Column('customer_contact', sa.String(200), nullable=True), + sa.Column('problem_statement', sa.Text(), nullable=False), + sa.Column('status', sa.String(30), nullable=False, server_default='open'), + sa.Column('flow_id', postgresql.UUID(as_uuid=True), nullable=True), + sa.Column('flow_proposal_id', postgresql.UUID(as_uuid=True), nullable=True), + sa.Column('ai_session_id', postgresql.UUID(as_uuid=True), nullable=True), + sa.Column('assigned_user_id', postgresql.UUID(as_uuid=True), nullable=True), + sa.Column('resolution_notes', sa.Text(), nullable=True), + sa.Column('psa_promoted_ticket_id', sa.String(64), nullable=True), + sa.Column('created_at', sa.DateTime(timezone=True), nullable=False, server_default=sa.text('now()')), + sa.Column('updated_at', sa.DateTime(timezone=True), nullable=False, server_default=sa.text('now()')), + sa.Column('resolved_at', sa.DateTime(timezone=True), nullable=True), + sa.PrimaryKeyConstraint('id'), + sa.ForeignKeyConstraint(['account_id'], ['accounts.id'], ondelete='CASCADE'), + sa.ForeignKeyConstraint(['created_by_user_id'], ['users.id'], ondelete='RESTRICT'), + sa.ForeignKeyConstraint(['flow_id'], ['trees.id'], ondelete='SET NULL'), + sa.ForeignKeyConstraint(['flow_proposal_id'], ['flow_proposals.id'], ondelete='SET NULL'), + sa.ForeignKeyConstraint(['ai_session_id'], ['ai_sessions.id'], ondelete='SET NULL'), + sa.ForeignKeyConstraint(['assigned_user_id'], ['users.id'], ondelete='SET NULL'), + sa.CheckConstraint( + "status IN ('open', 'walking', 'resolved', 'escalated')", + name='ck_internal_tickets_status', + ), + ) + op.create_index('ix_internal_tickets_account_id', 'internal_tickets', ['account_id']) + op.create_index('ix_internal_tickets_status', 'internal_tickets', ['status']) + op.create_index('ix_internal_tickets_assigned_user_id', 'internal_tickets', ['assigned_user_id']) + + op.execute("ALTER TABLE internal_tickets ENABLE ROW LEVEL SECURITY") + op.execute("ALTER TABLE internal_tickets FORCE ROW LEVEL SECURITY") + op.execute(f""" + CREATE POLICY tenant_isolation ON internal_tickets + USING (account_id = {_CURRENT_ACCOUNT}) + WITH CHECK (account_id = {_CURRENT_ACCOUNT}) + """) + + +def downgrade() -> None: + op.execute("DROP POLICY IF EXISTS tenant_isolation ON internal_tickets") + op.execute("ALTER TABLE internal_tickets DISABLE ROW LEVEL SECURITY") + op.execute("ALTER TABLE internal_tickets NO FORCE ROW LEVEL SECURITY") + op.drop_index('ix_internal_tickets_assigned_user_id', 'internal_tickets') + op.drop_index('ix_internal_tickets_status', 'internal_tickets') + op.drop_index('ix_internal_tickets_account_id', 'internal_tickets') + op.drop_table('internal_tickets') diff --git a/backend/app/models/__init__.py b/backend/app/models/__init__.py index e1c90f7c..1c3c0faa 100644 --- a/backend/app/models/__init__.py +++ b/backend/app/models/__init__.py @@ -66,6 +66,7 @@ from .oauth_identity import OAuthIdentity # noqa: F401 from .plan_billing import PlanBilling # noqa: F401 from .sales_lead import SalesLead # noqa: F401 from .stripe_event import StripeEvent # noqa: F401 +from .internal_ticket import InternalTicket # noqa: F401 __all__ = [ "User", @@ -146,4 +147,5 @@ __all__ = [ "PlanBilling", "SalesLead", "StripeEvent", + "InternalTicket", ] diff --git a/backend/app/models/internal_ticket.py b/backend/app/models/internal_ticket.py new file mode 100644 index 00000000..8dc71a52 --- /dev/null +++ b/backend/app/models/internal_ticket.py @@ -0,0 +1,117 @@ +"""Internal ticket model. + +Fallback ticket table for L1 intake when the account has no PSA integration. +Tracks the customer-facing problem, resolution lifecycle, and optional links +to a flow, flow proposal, AI session, and assigned engineer. +""" +import uuid +from datetime import datetime, timezone +from typing import Optional, TYPE_CHECKING + +from sqlalchemy import String, Text, DateTime, ForeignKey, CheckConstraint +from sqlalchemy import text as sa_text +from sqlalchemy.orm import Mapped, mapped_column, relationship +from sqlalchemy.dialects.postgresql import UUID + +from app.core.database import Base + +if TYPE_CHECKING: + from app.models.account import Account + from app.models.user import User + from app.models.tree import Tree + from app.models.flow_proposal import FlowProposal + from app.models.ai_session import AISession + + +class InternalTicket(Base): + """A fallback support ticket for accounts without a PSA integration. + + status lifecycle: + - open: Submitted, not yet picked up. + - walking: L1 technician is actively walking the flow. + - resolved: Issue resolved; resolution_notes captured. + - escalated: Could not resolve; requires higher-tier intervention. + """ + __tablename__ = "internal_tickets" + __table_args__ = ( + CheckConstraint( + "status IN ('open', 'walking', 'resolved', 'escalated')", + name="ck_internal_tickets_status", + ), + ) + + id: Mapped[uuid.UUID] = mapped_column( + UUID(as_uuid=True), primary_key=True, default=uuid.uuid4 + ) + account_id: Mapped[uuid.UUID] = mapped_column( + UUID(as_uuid=True), + ForeignKey("accounts.id", ondelete="CASCADE"), + nullable=False, + index=True, + ) + created_by_user_id: Mapped[uuid.UUID] = mapped_column( + UUID(as_uuid=True), + ForeignKey("users.id", ondelete="RESTRICT"), + nullable=False, + ) + + # ── Customer info ── + customer_name: Mapped[Optional[str]] = mapped_column(String(120), nullable=True) + customer_contact: Mapped[Optional[str]] = mapped_column(String(200), nullable=True) + problem_statement: Mapped[str] = mapped_column(Text(), nullable=False) + + # ── Lifecycle ── + status: Mapped[str] = mapped_column( + String(30), nullable=False, server_default=sa_text("'open'"), index=True, + ) + + # ── Optional links ── + flow_id: Mapped[Optional[uuid.UUID]] = mapped_column( + UUID(as_uuid=True), + ForeignKey("trees.id", ondelete="SET NULL"), + nullable=True, + ) + flow_proposal_id: Mapped[Optional[uuid.UUID]] = mapped_column( + UUID(as_uuid=True), + ForeignKey("flow_proposals.id", ondelete="SET NULL"), + nullable=True, + ) + ai_session_id: Mapped[Optional[uuid.UUID]] = mapped_column( + UUID(as_uuid=True), + ForeignKey("ai_sessions.id", ondelete="SET NULL"), + nullable=True, + ) + assigned_user_id: Mapped[Optional[uuid.UUID]] = mapped_column( + UUID(as_uuid=True), + ForeignKey("users.id", ondelete="SET NULL"), + nullable=True, + index=True, + ) + + # ── Resolution ── + resolution_notes: Mapped[Optional[str]] = mapped_column(Text(), nullable=True) + psa_promoted_ticket_id: Mapped[Optional[str]] = mapped_column( + String(64), nullable=True, + comment="External PSA ticket ID when this ticket is promoted to a PSA system", + ) + + # ── Timestamps ── + created_at: Mapped[datetime] = mapped_column( + DateTime(timezone=True), default=lambda: datetime.now(timezone.utc) + ) + updated_at: Mapped[datetime] = mapped_column( + DateTime(timezone=True), + default=lambda: datetime.now(timezone.utc), + onupdate=lambda: datetime.now(timezone.utc), + ) + resolved_at: Mapped[Optional[datetime]] = mapped_column( + DateTime(timezone=True), nullable=True, + ) + + # ── Relationships ── + account: Mapped["Account"] = relationship("Account") + created_by: Mapped["User"] = relationship("User", foreign_keys=[created_by_user_id]) + assigned_user: Mapped[Optional["User"]] = relationship("User", foreign_keys=[assigned_user_id]) + flow: Mapped[Optional["Tree"]] = relationship("Tree") + flow_proposal: Mapped[Optional["FlowProposal"]] = relationship("FlowProposal") + ai_session: Mapped[Optional["AISession"]] = relationship("AISession")