7.4 KiB
7.4 KiB
Current State
Purpose: Quick-reference file showing exactly where the project stands. For Claude Code: Read this first to understand what's done and what's next. Last Updated: March 19, 2026
Active Phase: Phase 4 - Enterprise & Growth Features (In Progress)
What's Complete
Core Platform
- FastAPI project structure with 35+ API endpoints
- PostgreSQL database with Docker, 75+ Alembic migrations
- User authentication (JWT, register, login, refresh, logout, invite codes)
- Refresh token rotation with JTI-based revocation
- Trees CRUD with full-text search (FTS index)
- Sessions tracking with decisions, outcomes, and variables
- Export API (Markdown, Text, HTML)
- Role-based access control (super_admin, team_admin, engineer, viewer)
- Production-ready logging with correlation IDs
- 100+ integration tests
- Rate limiting on auth endpoints (disabled in DEBUG)
- Audit log table with JSONB details
- Soft delete for trees with cascade cleanup
Frontend Core
- React 19 + Vite + TypeScript + Tailwind CSS v4 (
@tailwindcss/vite) - Slate & Ice Design System — Dark glassmorphism, ice-cyan gradient accents, glass-card system
- Brand fonts: Bricolage Grotesque (headings), IBM Plex Sans (body), JetBrains Mono (labels)
- Authentication UI (login, register, email verification)
- Tree library/browsing page with grid/list/table views
- Tree navigation interface (session player)
- Session management with history and detail pages
- Tree Editor — Form-based with visual preview, Zustand + immer + zundo (undo/redo)
- Markdown rendering in session player and node editor
- Tree Organization — Categories, tags (autocomplete), user folders (3-level hierarchy), filters
- RBAC & Permissions —
usePermissionshook, ProtectedRoute with role guards - Session Scratchpad — Floating overlay (Ctrl+/), auto-save, markdown preview
- Admin Panel — 8 pages (dashboard, users, invite codes, audit logs, plan limits, feature flags, settings, categories)
- Session Quick Wins — Timer, keyboard hints, repeat last, auto-recovery, copy step, delete tree
- Session Outcomes — Outcome modal on completion, step timing tracking
- Session Sharing — Share links, public/account views, MySharesPage
- Procedural Editor UX — Section headers, collapsible advanced fields, URL intake, tag input
- Type-aware Routing — Centralized
getTreeNavigatePath/getTreeEditorPathhelpers - Account Management — Profile settings, delete/leave/transfer, chat retention
- PostHog Analytics — Event tracking, user identification, autocapture
FlowPilot AI System (Phases 1-3 Complete)
Phase 1 — AI Session Engine:
- FlowPilotEngine with multi-step guided troubleshooting
- AI copilot panel + standalone assistant chat with RAG
- Confidence-tiered model routing via
settings.get_model_for_action() - Intake form with ticket/client fields, session pause/resume
- AI-generated ticket summaries, outcome tracking
Phase 2 — PSA Integration & Escalation:
- ConnectWise PSA integration (ticket linking, note posting, member mapping)
- PSA documentation auto-push with retry scheduler
- Session pause/resume, mid-session ticket linking
- Escalation handoff workflow with LLM-enhanced briefing package
- Escalation pickup flow for senior engineers
- PSA settings UI on IntegrationsPage
- In-session script generator
Phase 3 — Knowledge Flywheel:
- AI session analysis → automatic flow proposal generation
- FlowProposal model with review queue (approve, edit & publish, dismiss, reject)
- Knowledge gap detection (weak options, high escalation domains)
- FlowPilot analytics dashboard (metrics, confidence tiers, PSA stats, gaps)
- APScheduler batch analysis job with
max_instances=1 - Auto-reinforcement for sessions matching existing flows
Phase 4 Slice 2 — Notification System (Just Completed)
- NotificationConfig, NotificationLog, Notification models + migration
- Multi-channel delivery: in-app, email (Resend), Slack webhooks, Teams webhooks
- Notification service with event routing and fire-and-forget delivery
- APScheduler retry job with exponential backoff (30s, 2m, 10m, max 3 retries)
- 9 API endpoints (config CRUD + in-app notification management)
- Wired into escalation, proposal approval, and knowledge flywheel events
- Frontend: NotificationsPanel (bell icon + dropdown), NotificationSettings UI
- Notifications tab on IntegrationsPage
- Pydantic validation for event keys, cross-tenant protection
Security Hardening (Phases A-D Complete)
- Registration role hardcoded to
engineer - HTML export XSS fix (html.escape)
- Secret key validator (rejects default when DEBUG=False)
- Role CHECK constraint on users table
- Tree access check on session start
- Centralized permissions in
permissions.py is_activefield on User model, enforced in auth- Admin user management endpoints (6 endpoints)
- Password complexity validation (uppercase, lowercase, digit, min 10 chars)
- Soft delete cascade cleanup (folder/tag junctions)
- SQL wildcard escaping in tag search
- PSA credentials encrypted at rest (Fernet)
Maintenance Flows
- Batch session launch, saved target lists
- APScheduler scheduling with croniter + pytz
Survey System
- Public survey page, admin invite tracking
- Response viewer with CSV export
- Email-to-self, thank-you page
- Admin read/unread/archive/delete management
Documentation
- CLAUDE.md (comprehensive project context)
- UI-DESIGN-SYSTEM.md, REBRAND-IMPLEMENTATION-GUIDE.md
- ConnectWise API reference docs in
docs/connectwise/ - Feature specifications through Phase 4
- Phase implementation plans in
docs/plans/
What's In Progress
| Task | Status | Notes |
|---|---|---|
| Phase 4 Slice 1 — Public Templates Gallery | Not Started | SEO/lead-gen surface for flow templates |
| Phase 4 Slice 3 — Session Export | Not Started | PDF (weasyprint), markdown, clipboard copy |
| Phase 4 Slice 4 — Mobile/Responsive | Not Started | Tablet/phone polish for field technicians |
| Phase 4 Slice 5 — Enterprise Readiness | Not Started | Custom branding, PSA stubs, SSO groundwork |
What's Next (Priority Order)
Immediate (Phase 4 Remaining Slices)
- Public Templates Gallery (SEO, lead generation)
- Session Export (PDF, markdown, copy-to-clipboard)
- Mobile/Responsive polish
- Enterprise readiness (branding, rate limiting, SSO prep)
Soon (Phase 5)
- Additional PSA integrations (Autotask/Kaseya)
- PowerShell automation framework
- Advanced analytics and reporting
Later
- Enterprise SSO (SAML/OIDC)
- White-label deployment
- Marketplace for community flow templates
Environment Quick Reference
Start Development
# Start PostgreSQL (Docker Compose)
docker compose up -d
# Backend (from backend/)
source venv/bin/activate
uvicorn app.main:app --reload
# Frontend (from frontend/)
npm run dev
URLs
- Frontend: http://192.168.0.9:5173
- Backend API: http://192.168.0.9:8000
- API Docs: http://192.168.0.9:8000/api/docs
Run Tests
cd backend && pytest --override-ini="addopts="
Blockers / Known Issues
| Issue | Workaround | Status |
|---|---|---|
analysis_status has no CheckConstraint |
Valid values documented in code comments | Low priority |
| Review queue/analytics pages have no frontend role gate | Backend 403 protects data; UX could show message | Low priority |
| Review queue capped at 50 with no pagination UI | Filters can narrow results | Low priority |