Implements the complete AI flow builder feature using a guided 4-stage
wizard (Foundation → Scaffold → Branch Detail → Review & Assemble).
AI assists at bounded points using Claude Haiku for cost-efficient
structured JSON generation (~$0.01-0.03/flow).
Backend: new models (ai_conversations, ai_usage), Alembic migration,
quota enforcement with billing anchor, Anthropic API integration with
prompt caching, tree validation, conversation CRUD with 24h TTL,
APScheduler cleanup job, 5 API endpoints, Pydantic schemas.
Frontend: TypeScript types, API client, Zustand store for wizard state,
7 components (modal, step indicator, foundation form, branch selector,
branch detail view, tree preview, quota display), MyTreesPage integration
with "Build with AI" button (hidden when AI not configured).
Tests: 14 validator unit tests + 11 endpoint integration tests with
mocked Anthropic (zero real API spend). All 25 tests passing.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
- Move mid-file pydantic/uuid imports to top of sessions.py
- Add can_access_tree, is_active, and draft status guards to batch_launch_sessions
- Remove notes field from _BatchTarget to keep API clean
- Add max_length=100 cap to targets list in _BatchLaunchRequest
- Hoist tree_snapshot computation above the session creation loop
- Replace N db.refresh() calls with a single bulk select after flush
- Add test_batch_launch_requires_auth and test_batch_launch_rejects_draft_tree tests
- Fix trailing slash on /api/v1/trees/ URL in new test (caused 307 redirect)
Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
- Add batch_id (UUID, nullable, indexed) and target_label (String 255,
nullable) columns to the Session model
- Manual Alembic migration 6e8128ef2aa8 applies both columns
- POST /sessions/batch creates one session per target for maintenance
flows; rejects empty targets (422) and non-maintenance trees (400)
- SessionResponse schema exposes batch_id and target_label
- 3 new integration tests, all 540 tests pass
Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
Introduces the TargetList model (team-scoped JSONB target arrays),
Pydantic schemas, and full CRUD REST API at /target-lists/.
Includes Alembic migration and 5 integration tests (TDD).
Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
- Expand ck_trees_tree_type CHECK constraint to include 'maintenance'
- Add 'maintenance' to TreeType Literal in schemas
- Treat maintenance trees as procedural in can_publish_tree validation
- Alembic migration 0f1ca2af3647 drops and recreates the constraint
- Two integration tests: create and filter by tree_type=maintenance
Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
* docs: add analytics & user feedback design document
Covers team analytics, personal analytics, flow analytics,
step-level thumbs up/down feedback, and flow CSAT ratings.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
* docs: add analytics & feedback implementation plan
12-task TDD plan covering session ratings, step feedback,
team/personal/flow analytics endpoints, and frontend pages.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
* feat: add session_ratings table and analytics indexes
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
* feat: add SessionRating model and analytics schemas
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
* feat: add session CSAT rating endpoint with tests
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
* feat: add step thumbs feedback and /ratings alias routes
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
* feat: add team, personal, and flow analytics endpoints
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
* feat: add recharts, analytics types, and API client
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
* feat: add inline step thumbs up/down feedback during sessions
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
* feat: add CSAT rating modal after session completion
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
* feat: add Team Analytics page with charts and leaderboards
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
* feat: add Flow Analytics panel with step dropoff and CSAT data
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
* feat: add My Analytics page with personal stats and charts
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
---------
Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com>
Adds a new "procedural" tree type for linear step-by-step project workflows
(domain controller setup, M365 onboarding, VPN config, etc). Includes intake
form builder, two-panel step navigation, variable resolution, procedural
exports, 3 seed templates, and UI rename from "Trees" to "Flows".
Also archives 19 implemented plan docs and creates deferred features backlog.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Server-side regex redaction masks IPs, emails, bearer/API tokens, and
UNC paths in exported session content. Redaction runs post-generation
and post-variable-resolution with fail-closed error handling. Frontend
gets a "Mask Sensitive Data" toggle in the export preview modal with
a summary of what was redacted. 24 unit tests passing, frontend build clean.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
- max_step_index slices decisions in all 4 export formats
- Only set exported=True when session is completed
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
- Migration 030: add email, assigned_plan, trial_duration_days, email_sent_at
to invite_codes with CHECK constraints
- Resend email integration (graceful degradation when API key not set)
- Invite codes now support plan assignment (free/pro/team) and trial duration (1-90 days)
- Registration applies invite code plan/trial to new subscription
- Auto-downgrade expired trials on authenticated access
- Enriched GET /admin/users/{id} with account, subscription, sessions, audit logs
- New endpoints: PUT /admin/users/{id}/subscription/plan and extend-trial
- Frontend: enhanced invite codes page with email, plan, trial fields
- Frontend: new user detail page at /admin/users/:userId
- Fixed API path drift: /invite-codes -> /invites
- 11 new backend tests, 416 total passing
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Implements the full dual-mode tree editor (Plan Phases 1-5):
Backend:
- JSONB↔Markdown bidirectional serializer/parser with mistune
- Markdown validator with line/column error reporting
- 3 API endpoints: export-markdown, import-markdown, validate-markdown
- Variable extraction/resolution service ([USER_INPUT], [VAR], [SAVE_AS])
- Session variables JSONB column (migration 028)
- 39 tree markdown tests + variable service tests (403 total passing)
Frontend:
- Monaco-based Code Mode with custom Monarch tokenizer and dark theme
- Autocomplete for @node_id refs, type values, variable names
- Debounced validation (800ms) with inline Monaco error markers
- Syntax help panel (absolute overlay, toggleable)
- Starter template for new trees with valid cross-references
- Bidirectional metadata sync (name/description/category/tags frontmatter)
- Synchronous tree→markdown serializer (fixes async race condition)
- Pre-save validation blocks save on broken refs or missing tree name
- Mode-aware undo/redo: Monaco native in Code Mode, throttled zundo in Flow Mode
- Variable prompt modal and frontend resolver for session navigation
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
PSA Export:
- New "PSA / Ticket Note" export format optimized for ConnectWise
- Structured output: Problem, Steps Taken, Resolution, Time Spent, Notes
- Prominent "Copy for Ticket" button on session detail page
- 24 unit tests for PSA export generator
Quick-Start Landing:
- New default landing page with search-first UX
- Auto-focused search bar with debounced tree search
- "Continue Session" cards for active sessions
- "Recent Trees" section from session history
- Home nav item and logo links updated
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
- Add missing `solution` field to solution-type nodes in test tree structures
(required by `can_publish_tree` validation for published trees)
- Fix `AsyncClient(app=...)` → `ASGITransport(app=...)` in test_save_session_as_tree
(httpx deprecated the `app` parameter in favor of transport)
- All 189 tests now pass (was 84 passed, 1 failed)
Files fixed: conftest.py, test_permissions_account.py, test_subscription_limits.py,
test_trees.py, test_save_session_as_tree.py
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Adds complete super_admin panel with 9 pages and account owner categories page.
Backend includes 5 new DB tables, ~25 API endpoints, settings manager with
in-memory cache, and 29 integration tests. Frontend includes reusable admin
components (DataTable, Pagination, ActionMenu, etc.) with code-split lazy loading.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Backend features:
- Tree sharing via secure tokens with expiration (Issue #16)
- Draft tree status with conditional validation (Issue #25)
- Save session as custom tree with fork tracking (Issue #17)
- Tree validation system for publish requirements
- Session-to-tree conversion preserving custom steps
Database migrations:
- 024: Tree sharing (tree_shares table, visibility field)
- 025: Tree status field (draft/published)
- 25b: Merge migration for indexes
New endpoints:
- POST /api/v1/trees/{id}/share - Generate share token
- GET /api/v1/shared/{token} - Public tree access
- POST /api/v1/trees/{id}/can-publish - Validate tree
- POST /api/v1/sessions/{id}/save-as-tree - Convert session
Test coverage:
- 20 tests for draft trees functionality
- 14 tests for session-to-tree conversion
- 15 tests for tree sharing
Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
Implement comprehensive search and filtering for Session History to dramatically
improve findability of past troubleshooting sessions.
Backend Enhancements:
- Update GET /api/v1/sessions with 8 filter parameters:
* ticket_number - Partial match search (ILIKE)
* client_name - Partial match search (ILIKE)
* tree_name - JSONB path query on tree_snapshot
* started_after/started_before - DateTime range filtering
* completed_after/completed_before - DateTime range filtering
- Enhanced tree_snapshot to include name, description, category, version
- Migration 11c8abf7ef5b: Added 3 database indexes for performance:
* ix_sessions_ticket_number (B-tree)
* ix_sessions_client_name (B-tree)
* ix_sessions_tree_snapshot_gin (GIN for JSONB queries)
- 7 new integration tests for all filter combinations
Frontend Implementation:
- New SessionFilters component with comprehensive UI:
* Ticket number search input
* Client name search input
* Tree name dropdown (sorted alphabetically)
* Date range picker with react-day-picker integration
* Quick presets: Today, This Week, Last 7 Days, This Month
* Toggle between "Started" and "Completed" date types
* Active filter chips with remove buttons
* "Clear All" button
- Complete SessionHistoryPage rewrite:
* URL state management via useSearchParams (shareable filter links)
* Enhanced session cards showing tree name, client badge, notes indicator
* Smart empty states ("Clear filters" vs "Start new session")
* Debounced search (300ms)
- Custom date picker styling matching ResolutionFlow theme
- Dependencies: react-day-picker@9.13.1, date-fns@4.1.0
Features:
- Multiple filters work together (AND logic)
- Filter state persists in URL for shareable links
- Sub-300ms query performance with database indexes
- Fully responsive design (mobile/tablet/desktop)
- Theme-aware (dark/light mode)
- Toast notifications for errors
Performance:
- Database indexes ensure <300ms queries even with large datasets
- Frontend debouncing reduces API calls
- JSONB GIN index for O(log n) tree name lookups
Bundle Impact:
- JS: +87.83 KB (+12.2%, due to react-day-picker library)
- CSS: +10.53 KB (+25.8%, date picker styles)
- Gzipped: +24.52 KB JS, +1.82 KB CSS
All acceptance criteria met:
✓ Search by ticket number (partial match)
✓ Search by client name (partial match)
✓ Filter by date range (started or completed)
✓ Filter by tree name
✓ Multiple filters work together (AND logic)
✓ Active filters shown as removable chips
✓ "Clear all filters" resets to default view
✓ Search is fast (<300ms)
✓ Filter state in URL (shareable links)
✓ Tree name displayed in session cards
Tests: 34/34 session tests passing (7 new filter tests)
Closes#35
Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
Implements Issue #34 - Tree Library Full View System
Backend Changes:
- Add sort_by parameter to GET /api/v1/trees endpoint
- Support 6 sorting options: usage_count, updated_at, created_at, name, name_desc, version
- Maintain backward compatibility (defaults to usage_count)
- Add comprehensive test for sorting functionality
- All 104 backend tests passing
Frontend Changes:
- Create ViewToggle component for switching between Grid/List/Table views
- Create SortDropdown component for 6 sort options
- Create TreeGridView component (extracted from TreeLibraryPage)
- Create TreeListView component (compact row-based layout)
- Create TreeTableView component (sortable table with columns)
- Update userPreferencesStore with view and sort preferences
- Update TreeFilters type to include sort_by parameter
- Update TreeLibraryPage to integrate new components
- View and sort preferences persist to localStorage
Features:
- Grid view: Best for discovery (default)
- List view: Best for quick scanning
- Table view: Best for sorting and comparison
- Responsive design: Mobile/tablet/desktop optimized
- Table view hides columns responsively
- Sortable table headers with visual indicators
- Smooth transitions and hover effects
- No layout shift when switching views
Testing:
- Backend: 104/104 tests pass
- Frontend: Build successful, no TypeScript errors
- All existing functionality preserved
Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
Implement three foundational schema features from the design doc:
- Tree forking with lineage tracking (migration 022): parent_tree_id,
root_tree_id, fork_depth columns with self-referential FKs and
composite analytics index
- Custom step enhancement: CustomStepSchema with source tracking
(ad-hoc, step-library, forked-tree) for backward-compatible JSONB
- Session sharing (migration 023): session_shares and session_share_views
tables with account-scoped visibility, cryptographic tokens, view
tracking, and allow_public_shares account policy
Includes 21 new integration tests (9 forking, 12 sharing), SaaS
consultant-recommended denormalizations, rate limiting on public share
access, and test fixture fix for invite code requirement.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Replace team_id with account_id across all API endpoints (trees,
categories, tags, steps, step_categories, admin, auth). Add new
accounts and webhooks endpoints. Registration now atomically creates
Account + Subscription, with account_invite_code bypassing the
platform invite gate.
Schemas updated for account_id/account_role. 82 tests passing
including 18 new tests for accounts, subscriptions, and permissions.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
The % and _ characters in user search input are now escaped before
the LIKE query, preventing unintended wildcard matching in tag search.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
When a tree is soft-deleted, folder assignments and tag assignments are
now removed from junction tables. Tag usage counts are decremented with
a floor of zero to prevent negative counts.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Passwords must now contain at least one uppercase letter, one lowercase
letter, and one digit (in addition to the existing 10-char minimum).
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Creates AuditLog model with JSONB details column for tracking admin
actions. Integrates log_audit() helper into admin endpoints (role
change, team admin toggle, deactivate, activate) and tree delete.
IP address column reserved for future Railway proxy header support.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Super admins now see all trees regardless of ownership, team, or
public/default status. Previously the build_tree_access_filter function
had no super_admin check, so admins could only see their own trees plus
public/default/team trees.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Phase B addresses 7 high-severity gaps from the permissions audit:
- B1: Enforce tree access check on session start via can_access_tree
- B2: Replace all inline permission helpers with centralized permissions.py
- B3: Fix require_engineer_or_admin to check is_team_admin before role
- B4: Add is_active field on User with enforcement in get_current_active_user
- B5: Add admin user management endpoints (list, get, role, team-admin, deactivate, activate)
- B6: Add rate limiting on auth/invite endpoints via slowapi (disabled in DEBUG)
- B7: Implement refresh token rotation with JTI-based revocation and meaningful logout
Also reduces access token TTL from 15 to 5 minutes and updates CLAUDE.md
with SaaS/MSP context for future planning sessions.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
- Remove role field from UserCreate schema, hardcode 'engineer' at registration
- Escape all user content in HTML export with html.escape() (XSS fix)
- Add field_validator to reject default SECRET_KEY when DEBUG=False
- Add CHECK constraint on users.role ('engineer'|'viewer') + migration 011
- Fix test_admin fixture to properly grant is_super_admin via ORM
- Fix circular FK (users↔invite_codes) in test DB setup with DROP SCHEMA CASCADE
- Add 5 new security tests (role validation + XSS prevention)
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
- Update all frontend branding (title, headers, login/register pages)
- Update documentation (CLAUDE-SETUP, CURRENT-STATE, PROGRESS, LESSONS-LEARNED)
- Update backend scripts and test configuration
- Fix emoji encoding in seed scripts for Windows compatibility
- Sync seed user credentials between seed_data.py and seed_trees.py
- Update database references to patherly/patherly_test
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Test Suite Completion (29 tests, all passing):
- Fixed test_auth.py: expect 201 status for registration endpoint
- Fixed test_trees.py: version only increments on tree_structure updates
- Fixed test_trees.py: delete endpoint requires admin role, returns 204
- Added admin user fixtures (test_admin, admin_auth_headers) in conftest.py
Role-Based User Registration Fix:
- Added role field to UserCreate schema (default="engineer")
- Updated registration endpoint to use user_data.role instead of hardcoding
- Enables proper admin/engineer/viewer role assignment during registration
- Maintains secure defaults while allowing test flexibility
Documentation Updates:
- Updated PROGRESS.md: corrected test count (29), added role fix notes
- Updated CLAUDE-SETUP.md: corrected test count, updated last modified date
- Updated backend file structure to include new logging and test files
Test Configuration:
- pytest 7.4.3 + pytest-asyncio 0.23.0 (stable async support)
- Comprehensive coverage: 7 auth + 10 trees + 12 sessions tests
- All endpoints verified with proper status codes and authorization
Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
