Skip to content

TODO.md

Latest commit

 

History

History
152 lines (121 loc) · 5.28 KB

TODO.md

File metadata and controls

152 lines (121 loc) · 5.28 KB

Surypus TODO

Strategic Goals

Architecture

  • Migrate to proper Hasql parameterized queries (avoid string interpolation for security)
  • Add database connection pooling with proper error handling
  • Implement repository pattern for DAL layer
  • Add input validation layer (validate requests before DB operations)

Business Logic

  • Implement full accounting module (double-entry bookkeeping)
  • Implement inventory/stock management with lot tracking
  • Implement VAT calculations with multi-rate support
  • Add payroll module integration
  • Add report generation (Surypus.Reports module)

API

  • Add OpenAPI/Swagger documentation
  • Implement rate limiting middleware
  • Add request logging and monitoring
  • Implement API versioning strategy (Surypus.APIVersioning)
  • Add WebSocket support for real-time updates

Security

  • Implement JWT authentication with refresh tokens
  • Add role-based access control (RBAC)
  • Add audit logging for sensitive operations
  • Implement API key authentication for integrations

Testing

  • Add property-based testing with QuickCheck
  • Add integration tests for API endpoints
  • Add database migration tests (config/migrations/)
  • Add performance/load tests (Prometheus metrics)

DevOps

  • Add Docker configuration
  • Add CI/CD pipeline
  • Add database migrations (flyway/schema migrations)
  • Add health check endpoints
  • Add metrics (Prometheus)

High Priority

  • Add proper parameterized queries instead of string interpolation (security)
  • Add filter parameters to paginated queries (connect filter types)
  • Add sorting parameters to paginated queries
  • Add bill lines endpoint (GET /bills/:id/lines)
  • Add order lines endpoint (GET /orders/:id/lines)
  • Add sales summary endpoint (GET /sales/summary)
  • Add inventory documents endpoint (GET /inventory)
  • Implement real dashboard stats from database
  • Add JWT authentication middleware to protect endpoints
  • Implement login endpoint with JWT token generation
  • Add request logging middleware
  • Add payments endpoint (GET /payments, GET /bills/:id/payments)
  • Add units endpoint (GET /units)
  • Add document types endpoint (GET /document-types)
  • Add stock summary endpoint (GET /stock/summary)
  • Add RBAC types and roles endpoint (GET /roles)
  • Implement repository pattern for DAL layer
  • Add report generation with JasperReports integration

Medium Priority

  • Add BillLineInput FromJSON instance
  • Add PUT/DELETE endpoints for bills and orders
  • Add goods prices CRUD endpoints
  • Add taxes CRUD endpoints
  • Add currencies CRUD endpoints
  • Implement API versioning strategy

Low Priority

  • Run hlint and fix warnings
  • Add hlint to CI pipeline
  • Add pgformatter for SQL formatting

Code Quality Tools

Haskell (hlint) - Available: /usr/bin/hlint

  • Fix hlint warnings (from ~2951 to 0)
  • Add hlint to CI pipeline
  • Configure hlint rules in .hlint.yaml

SQL (pgformatter) - Available: /usr/bin/pg_format

  • Format SQL files in config/
  • Add pre-commit hook for SQL formatting
  • Add pgformatter to CI pipeline

Frontend Development

Web Interface

  • Expand web/index.html with more pages (Accounting, Payroll, Stock, Locations, Reports)
  • Add charts and visualizations
  • Add modals for data entry
  • Add filter and pagination UI

Mobile Web Interface

  • Expand mobile.html with more pages
  • Add responsive design features

QML Desktop Interface

  • Expand Components.qml with reusable components
  • Expand Main.qml with dashboard and pages
  • Expand main.qml with full application features
  • Add CRUD dialogs for entities

New Development Tasks

Business Logic

  • Add multi-currency support
  • Add import/export functionality (CSV, Excel)
  • Add barcode scanning support (attempted - see src/Surypus/RBAC.hs for barcode validation)
  • Add email notifications (Core.Notification module)
  • Multi-tenancy infrastructure (DAL.Repository.User, Surypus.Tenant)

API Development

  • API versioning strategy implemented
  • GraphQL API support (placeholder implementation in Surypus.API.GraphQL)
  • WebSocket real-time updates (implemented in Surypus.WebSocket)
  • Rate limiting improvements (implemented in Surypus.API.RateLimit)

Infrastructure

  • Add Prometheus metrics
  • Add database migrations (flyway)
  • Add integration tests (test/Integration/)
  • Add performance/load tests (test/Integration/PerformanceSpec.hs)
  • Event Store DB integration (DAL.EventStore)
  • Multi-tenancy infrastructure (DAL.Repository.User, Surypus.Tenant)

Database Migrations (B1)

  • B1-1: Schema columns aligned with procedures.sql
  • B1-2: V009__rbac_store.sql - RBAC tables created
  • B1-3: V010__production.sql - Production tables created
  • B1-4: procedures.sql - Business procedures added
  • B1-5: init_db.sh - Order fixed, no hardcoded references

Documentation (B10)

  • B10-1: CHANGELOG.md updated with [0.2.0.0] section
  • B10-2: AGENTS.md updated with Service Layer, Database Migrations, Job Types
  • B10-3: docs/engineering/api-conventions.md created
  • B10-4: docs/engineering/testing-guide.md created