Go to file

cproudlock 2d1bb83c3b Phase 1: pytest baseline, production hardening, pinned requirements

Establishes the safety net required before any structural refactor.

Tests (tests/):
- conftest.py rewritten for Flask-SQLAlchemy 3.x (drop-recreate per
  test, StaticPool-shared in-memory SQLite, admin_user + auth_headers
  fixtures). Removes deprecated db.create_scoped_session pattern.
- test_smoke.py: 8 baseline tests (app boot, JWT login valid+invalid,
  protected routes, paginated response shape, plugin auto-discovery).
- test_security_config.py: 7 tests pinning ProductionConfig.validate
  failure modes (missing/dev SECRET_KEY, missing JWT_SECRET_KEY,
  missing DATABASE_URL, wildcard CORS, empty CORS) and one happy-path.

Production hardening (shopdb/config.py, shopdb/__init__.py):
- ProductionConfig.validate() raises ConfigError on missing or
  insecure SECRET_KEY, JWT_SECRET_KEY, DATABASE_URL, CORS_ORIGINS.
  No silent fallback to dev defaults in production.
- create_app invokes validate() when config_name == 'production'.
- CORS_ORIGINS default no longer wildcard; defaults to localhost
  Vite dev origin.
- Drop os.path.exists probe in serve_frontend (path-traversal risk
  surface). send_from_directory handles safe-join + 404 itself.
- Replace User.query.get with db.session.get (SQLAlchemy 2.0 API).

TestingConfig (shopdb/config.py):
- Add StaticPool + check_same_thread connect_args so SQLite in-memory
  is shared across the test session.

Index dedup (plugins/printers/models/printer_extension.py):
- Rename idx_printer_windowsname -> idx_printerdata_windowsname.
  Two model classes (Printer, PrinterData) declared the same index
  name; SQLite enforces global index uniqueness even across tables.
  Per CONTRIBUTING.md naming convention, indexes follow
  idx_<table>_<column>.

Dependency pinning (requirements.in, requirements.txt):
- requirements.in holds the loose source pins (the human-edited file).
- requirements.txt is now a uv-compiled lockfile (every transitive
  dep pinned to an exact version). Reproducible builds. Run
  `uv pip compile requirements.in -o requirements.txt` to refresh.

Test count: 0 -> 15 passing. All naming/style checks still green.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>

2026-05-08 14:48:19 -04:00

database

Initial commit: Shop Database Flask Application

2026-01-13 16:07:34 -05:00

frontend

Phase 0: lock platform contract, naming convention, and style enforcement

2026-05-08 14:47:30 -04:00

migrations

Phase 0: lock platform contract, naming convention, and style enforcement

2026-05-08 14:47:30 -04:00

plugins

Phase 1: pytest baseline, production hardening, pinned requirements

2026-05-08 14:48:19 -04:00

scripts

Phase 0: lock platform contract, naming convention, and style enforcement

2026-05-08 14:47:30 -04:00

shopdb

Phase 1: pytest baseline, production hardening, pinned requirements

2026-05-08 14:48:19 -04:00

tests

Phase 1: pytest baseline, production hardening, pinned requirements

2026-05-08 14:48:19 -04:00

.env

Add git-crypt encryption for .env

2026-02-17 12:47:08 -05:00

.env.example

Add system settings, audit logging, user management, and dark mode fixes

2026-02-04 22:16:56 -05:00

.gitattributes

Add git-crypt encryption for .env

2026-02-17 12:47:08 -05:00

.gitignore

Add defensive .gitignore patterns for secrets/keys

2026-04-17 12:50:09 -04:00

CLAUDE.md

Phase 0: lock platform contract, naming convention, and style enforcement

2026-05-08 14:47:30 -04:00

CONTRIBUTING.md

Phase 0: lock platform contract, naming convention, and style enforcement

2026-05-08 14:47:30 -04:00

import_apps.py

Initial commit: Shop Database Flask Application

2026-01-13 16:07:34 -05:00

README.md

Phase 0: lock platform contract, naming convention, and style enforcement

2026-05-08 14:47:30 -04:00

requirements.in

Phase 1: pytest baseline, production hardening, pinned requirements

2026-05-08 14:48:19 -04:00

requirements.txt

Phase 1: pytest baseline, production hardening, pinned requirements

2026-05-08 14:48:19 -04:00

start-api.sh

Add USB, Notifications, Network plugins and reusable EmployeeSearch component

2026-01-21 16:37:49 -05:00

start-ui.sh

Add USB, Notifications, Network plugins and reusable EmployeeSearch component

2026-01-21 16:37:49 -05:00

wsgi.py

Migrate frontend to plugin-based asset architecture

2026-01-29 16:07:41 -05:00

README.md

ShopDB Flask

A modern rewrite of the classic ASP/VBScript ShopDB application using Flask (Python) and Vue 3. This application manages shop floor machines, PCs, printers, applications, and related infrastructure for manufacturing environments.

Overview

ShopDB tracks and manages:

Machines - CNC equipment, CMMs, inspection systems, etc.
PCs - Shopfloor computers, engineering workstations
Printers - Network printers with Zabbix integration
Applications - Software deployed across the shop floor
Knowledge Base - Documentation and troubleshooting guides

Tech Stack

Backend:

Python 3.x with Flask
SQLAlchemy ORM
MySQL 5.6+ database
JWT authentication
Plugin architecture for extensibility

Frontend:

Vue 3 with Composition API
Vue Router for navigation
Pinia for state management
Vite build system

Project Structure

shopdb-flask/
├── shopdb/                 # Flask application
│   ├── core/
│   │   ├── api/            # REST API endpoints
│   │   ├── models/         # SQLAlchemy models
│   │   ├── schemas/        # Validation schemas
│   │   └── services/       # Business logic
│   ├── plugins/            # Plugin system
│   └── utils/              # Shared utilities
├── frontend/               # Vue 3 application
│   ├── src/
│   │   ├── api/            # API client
│   │   ├── components/     # Reusable components
│   │   ├── views/          # Page components
│   │   ├── router/         # Route definitions
│   │   └── stores/         # Pinia stores
│   └── public/             # Static assets
├── plugins/                # External plugins
├── database/               # Database schema exports
├── scripts/                # Import and utility scripts
└── tests/                  # Test suite

Naming Conventions

To maintain consistency with the legacy ShopDB database and codebase, the following naming standards apply:

Database

Table names: Lowercase, single word, no underscores or dashes
- Examples: machines, pctypes, machinetypes, businessunits
Column names: Lowercase, single word, no underscores or dashes
- Examples: machineid, machinenumber, pctypeid, isactive, createddate
Foreign keys: Referenced table name + id
- Examples: locationid, vendorid, modelnumberid, pctypeid
Boolean columns: Prefixed with is or has
- Examples: isactive, isshopfloor, isvnc, iswinrm, islicenced

Code

Python variables: Follow database naming where applicable (lowercase, no underscores for model fields)
JavaScript variables: camelCase for local variables, but match API field names from backend
Vue components: PascalCase for component names
CSS classes: Lowercase with dashes for multi-word classes

API

Endpoints: Lowercase, plural nouns
- Examples: /api/machines, /api/pctypes, /api/locations
Query parameters: Lowercase, single word
- Examples: ?type=pc, ?locationid=5, ?isactive=true

Style Guidelines

No emojis in code, comments, documentation, or UI
Keep UI functional and professional
Dark theme is the default
Consistent table layouts across all list views

Setup

Prerequisites

Python 3.8+
Node.js 18+
MySQL 5.6+

Backend Setup

# Create virtual environment
python -m venv venv
source venv/bin/activate

# Install dependencies
pip install -r requirements.txt

# Configure environment
cp .env.example .env
# Edit .env with your database credentials

# Run development server
flask run

Frontend Setup

cd frontend

# Install dependencies
npm install

# Run development server
npm run dev

# Build for production
npm run build

Database

ShopDB Flask uses MySQL 5.6+ as the canonical database. SQLite is used only for the test suite (TestingConfig in shopdb/config.py points at an in-memory SQLite). Do not run dev or production against SQLite.

The database schema is exported in database/schema.sql. To initialize:

mysql -u root -p shopdb_flask < database/schema.sql

To import data from the legacy ShopDB MySQL database (one-time, see migrations/DATA_MIGRATION_GUIDE.md):

python scripts/import_from_mysql.py

Configuration

Environment variables (.env):

Variable	Description
`DATABASE_URL`	MySQL connection string
`SECRET_KEY`	Flask secret key
`JWT_SECRET_KEY`	JWT signing key
`JWT_ACCESS_TOKEN_EXPIRES`	Access token TTL (seconds)
`LOG_LEVEL`	Logging verbosity

API Documentation

The REST API follows standard conventions:

Method	Endpoint	Description
GET	`/api/machines`	List machines (filterable by type)
GET	`/api/machines/:id`	Get machine details
POST	`/api/machines`	Create machine
PUT	`/api/machines/:id`	Update machine
DELETE	`/api/machines/:id`	Soft delete machine

Query parameters for list endpoints:

page - Page number (default: 1)
per_page - Items per page (default: 25)
sort - Sort field
order - Sort direction (asc/desc)
search - Search term
type - Filter by machine type (pc, printer, equipment)

Plugin System

ShopDB supports plugins for extending functionality. See CONTRIBUTING.md for plugin development guidelines.

Current plugins:

printers - Extended printer management with Zabbix integration

Legacy Migration

This project replicates functionality from the classic ASP/VBScript ShopDB site. Key mappings:

Legacy	Modern
ASP/VBScript	Flask/Python
Classic ADO	SQLAlchemy
Server-side HTML	Vue 3 SPA
Session auth	JWT tokens

License

Internal use only.

Languages

Python 54.2%

Vue 40.7%

JavaScript 2.4%

CSS 2.1%

Shell 0.3%

Other 0.3%