Tau.Acuvim

giteaadmin/Tau.Acuvim

Fork 0

Commit Graph

Author	SHA1	Message	Date
Diseri Pearson	c5787a7a7f	Phase 15: Admin operator surface + fleet dashboards + onboarding docs The Admin stack now has a usable operator UI for managing the fleet. End-to-end verified locally: Client pushes → Admin dashboard reflects the activity within the CA refresh window. Backend (Admin-only) - FleetQueryService: dashboard headline (totals, active count, today's measurements + kWh from the hourly_per_device CA) and per-customer detail (sites, devices, last 50 measurements, last 20 ingest events). - /api/fleet/dashboard and /api/fleet/customers/{id}/detail endpoints. - DTOs added; Program.cs wires the service + endpoints under RunMode=Admin. Frontend - DashboardPage now branches on RunMode — Admin renders the fleet headline (statistic cards + customer summary table with lag tags), Client keeps the existing placeholder. - AdminCustomerDetailPage drills into one customer: descriptions card + tabs for Recent ingest (with rejection counts, batch sizes, time-spread for visible firmware-replay waves), Recent measurements, Sites, Devices. - AdminCustomersPage rows are clickable → /admin/customers/:id (skips the click when target is a button/popover so action buttons still work). - App.tsx adds the /admin/customers/:id route, RequireRole-gated. Grafana - grafana/dashboards-admin/fleet-overview.json — 4 stat panels (active customers, total, last-24h samples, today's kWh) plus 2 time series (per-customer active power, per-customer hourly kWh). Reads from fleet.hourly_per_device CA. - grafana/dashboards-admin/customer-drilldown.json — parameterized by $customer (template variable querying fleet.Customers). Per-device active power, cumulative kWh, recent ingest events table. Docs - README: Phase 15 section describing the new admin UI surface + pointer to dashboard-admin folder. - OPERATIONS: new "Fleet aggregator (Admin stack)" section covering one-time provisioning (Admin portal + Admin Grafana), end-to-end customer-onboarding workflow (register on Admin → drop token in customer .env → restart → verify in UI/SQL), common ops (rotate token, disable, investigate, compression stats, force CA refresh, decommission), and Admin-DB backup notes. - README decommissioning note now mentions deleting from fleet.Customers if the customer was registered for aggregation. Verified end-to-end - Phase 14's Client + Admin stacks rebuilt with Phase 15 code. - /api/fleet/dashboard returns correct totals (1 customer, 1 active, measurements + kWh derived from CA). - /api/fleet/customers/{id}/detail returns sites, devices, recent measurements, recent ingest events. - Ingested a fresh measurement on Client → after CA refresh, totals in Admin dashboard advance correctly. - All 53 tests still passing. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>	2026-05-18 10:27:55 +02:00
Diseri Pearson	2c618b776b	Phase 13: RunMode flag + AdminDbContext + Customers registry Adds the plumbing for the fleet-aggregation feature without moving any data yet. Same portal binary now supports two modes selected via Application:RunMode (Client \| Admin). Backend - New AdminDbContext (identity + branding shared via SharedSchemaConfiguration helper + fleet schema). AppDbContext keeps existing identity + branding + monitoring + rates; renamed implicitly the "Client" context. Only one is registered with DI per RunMode. - IWhiteLabelStore interface implemented by both contexts so BrandingService works in either mode. - Fleet entities: Customer, FleetSite, FleetDevice, FleetPowerMeasurement, IngestEvent (all in the new fleet schema). Migration in Migrations/Admin/. - CustomerService: 32-byte random token, SHA-256 hash stored, plaintext shown once on create + rotate. Token lookup is a single O(log N) indexed query. - RunModeGuards: refuses Admin without conn string; refuses Client+push without URL/token; refuses cross-DB pointing (Client at admin_fleet DB with fleet.Customers, or Admin at customer DB with monitoring.PowerMeasurements). - Endpoint maps now branch on RunMode: Client → sites/measurements/rates/admin-sites/admin-rates Admin → admin/customers Shared → auth, users, branding, grafana, admin-config, app/info, health - /api/app/info (anonymous) returns {runMode, applicationName, version} so the SPA can drive nav without re-fetching auth state. Frontend - AppInfoProvider + useAppInfo hook fetch /api/app/info once on load. - AdminCustomersPage with create / edit / rotate-token / delete. - TokenShownOnceModal: shows token once, copy-to-clipboard, "I've stored it" confirmation gate before closing. - AppLayout nav swaps Sites <-> Customers based on RunMode and shows a FLEET ADMIN tag in the header when in Admin mode. Tests - 11 new tests: CustomerTokenTests (5) + RunModeGuardsTests (6). - 51/51 passing locally. Verified - dotnet build + dotnet test clean (zero errors, one EF1002 warning suppressed in Phase 11 already). - Client mode docker rebuild: no regressions, /api/app/info returns Client, login works, /api/sites/ works. - Admin mode spun up on port 8090 against a fresh admin_fleet DB: /api/app/info returns Admin, customer ABC0001 registered, 64-char token returned, list shows the row. - Cross-DB guard: Client run against admin_fleet refuses with explicit "is pointed at a database that contains fleet.Customers" error. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>	2026-05-18 10:09:41 +02:00
Diseri Pearson	e17921a122	Add portal: customer-facing white-labeled monitoring stack New top-level portal/ project, peer to console/ and firmware/. Delivers a .NET 10 + React 18 + TimescaleDB + Grafana stack, one container set per customer behind Traefik. Built in 12 phases per FrontEndPrompt spec; no changes to existing console or firmware. Backend (src/Tau.Acuvim.Portal/): - .NET 10 minimal API, Serilog, ASP.NET Identity (cookie auth, lockout). - Single AppDbContext with identity / app / monitoring schemas. - MigrateAsync + TimescaleBootstrapper (idempotent hypertable creation) + IdentityBootstrapper (seeded admin + branding) on startup. - Pure CostCalculator + DB-backed RateService for tariffs (effective-dated, TOU periods, VAT, fixed charges, per-municipality timezone). - BrandingService with logo upload to mounted volume. - Time-series ingest + bucketed query services (time_bucket aggregates, ON CONFLICT for idempotent re-delivery). - ConfigOverviewService with redaction-by-construction (passwords never in payload). - DataProtection keys persisted to /data/keys volume for cookie survival across container restarts. Frontend (frontend/): - React 18 + TypeScript + Vite + Ant Design 5 + TanStack Query. - BrandingProvider + ThemedRoot for live re-themed white-labelling. - RequireAuth / RequireRole guards. - Pages: Login, Dashboard, Dashboards (embedded Grafana), Sites (admin), Settings tabs (Branding / Rates / Users / Grafana / App config). Infra: - Dev (docker-compose.yml) and prod (docker-compose.prod.yml) compose files. Three services per customer; Traefik subdomain + same-origin /grafana path-prefix routing wired with labels. - Grafana 11 with provisioned timescaledb datasource (uid pinned) and starter power-overview.json dashboard with device template variable. - Compose project name documented as lowercase (Compose v2 requirement). Tests (tests/Tau.Acuvim.Portal.Tests/): - xUnit, 40 tests. Covers CostCalculator (period match, TZ, overlap, VAT, fixed), ConnectionStringResolver (all 4 precedence branches incl. Production refusal), TariffValidator, DayOfWeekFlag. - All passing locally against .NET 10. Docs: - README.md (onboarding + 11 spec sections), OPERATIONS.md (per-customer provisioning, secret rotation, backup, troubleshooting), TESTING.md (manual integration scenarios, frontend test scaffolding recipe). Production safety guards: - Refuses to start if Authentication:DefaultAdminPassword is unchanged default in Production. - Refuses to start if Database:AutoProvisionLocalTimescaleDb=true in Production. - Prod Grafana ships with anonymous off and auth mode unset (three options documented in README Security) so iframe refuses to load until a deliberate prod auth choice is made. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>	2026-05-18 09:30:30 +02:00

Author

SHA1

Message

Date

Diseri Pearson

c5787a7a7f

Phase 15: Admin operator surface + fleet dashboards + onboarding docs

The Admin stack now has a usable operator UI for managing the fleet.
End-to-end verified locally: Client pushes → Admin dashboard reflects
the activity within the CA refresh window.

Backend (Admin-only)
- FleetQueryService: dashboard headline (totals, active count, today's
  measurements + kWh from the hourly_per_device CA) and per-customer
  detail (sites, devices, last 50 measurements, last 20 ingest events).
- /api/fleet/dashboard and /api/fleet/customers/{id}/detail endpoints.
- DTOs added; Program.cs wires the service + endpoints under RunMode=Admin.

Frontend
- DashboardPage now branches on RunMode — Admin renders the fleet
  headline (statistic cards + customer summary table with lag tags),
  Client keeps the existing placeholder.
- AdminCustomerDetailPage drills into one customer: descriptions card +
  tabs for Recent ingest (with rejection counts, batch sizes, time-spread
  for visible firmware-replay waves), Recent measurements, Sites, Devices.
- AdminCustomersPage rows are clickable → /admin/customers/:id (skips
  the click when target is a button/popover so action buttons still work).
- App.tsx adds the /admin/customers/:id route, RequireRole-gated.

Grafana
- grafana/dashboards-admin/fleet-overview.json — 4 stat panels (active
  customers, total, last-24h samples, today's kWh) plus 2 time series
  (per-customer active power, per-customer hourly kWh). Reads from
  fleet.hourly_per_device CA.
- grafana/dashboards-admin/customer-drilldown.json — parameterized by
  $customer (template variable querying fleet.Customers). Per-device
  active power, cumulative kWh, recent ingest events table.

Docs
- README: Phase 15 section describing the new admin UI surface +
  pointer to dashboard-admin folder.
- OPERATIONS: new "Fleet aggregator (Admin stack)" section covering
  one-time provisioning (Admin portal + Admin Grafana), end-to-end
  customer-onboarding workflow (register on Admin → drop token in
  customer .env → restart → verify in UI/SQL), common ops (rotate
  token, disable, investigate, compression stats, force CA refresh,
  decommission), and Admin-DB backup notes.
- README decommissioning note now mentions deleting from fleet.Customers
  if the customer was registered for aggregation.

Verified end-to-end
- Phase 14's Client + Admin stacks rebuilt with Phase 15 code.
- /api/fleet/dashboard returns correct totals (1 customer, 1 active,
  measurements + kWh derived from CA).
- /api/fleet/customers/{id}/detail returns sites, devices, recent
  measurements, recent ingest events.
- Ingested a fresh measurement on Client → after CA refresh, totals
  in Admin dashboard advance correctly.
- All 53 tests still passing.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>

2026-05-18 10:27:55 +02:00

Diseri Pearson

2c618b776b

Phase 13: RunMode flag + AdminDbContext + Customers registry

Adds the plumbing for the fleet-aggregation feature without moving any
data yet. Same portal binary now supports two modes selected via
Application:RunMode (Client | Admin).

Backend
- New AdminDbContext (identity + branding shared via SharedSchemaConfiguration
  helper + fleet schema). AppDbContext keeps existing identity + branding +
  monitoring + rates; renamed implicitly the "Client" context. Only one is
  registered with DI per RunMode.
- IWhiteLabelStore interface implemented by both contexts so BrandingService
  works in either mode.
- Fleet entities: Customer, FleetSite, FleetDevice, FleetPowerMeasurement,
  IngestEvent (all in the new fleet schema). Migration in Migrations/Admin/.
- CustomerService: 32-byte random token, SHA-256 hash stored, plaintext
  shown once on create + rotate. Token lookup is a single O(log N) indexed
  query.
- RunModeGuards: refuses Admin without conn string; refuses Client+push
  without URL/token; refuses cross-DB pointing (Client at admin_fleet DB
  with fleet.Customers, or Admin at customer DB with monitoring.PowerMeasurements).
- Endpoint maps now branch on RunMode:
  Client → sites/measurements/rates/admin-sites/admin-rates
  Admin  → admin/customers
  Shared → auth, users, branding, grafana, admin-config, app/info, health
- /api/app/info (anonymous) returns {runMode, applicationName, version} so
  the SPA can drive nav without re-fetching auth state.

Frontend
- AppInfoProvider + useAppInfo hook fetch /api/app/info once on load.
- AdminCustomersPage with create / edit / rotate-token / delete.
- TokenShownOnceModal: shows token once, copy-to-clipboard, "I've stored
  it" confirmation gate before closing.
- AppLayout nav swaps Sites <-> Customers based on RunMode and shows a
  FLEET ADMIN tag in the header when in Admin mode.

Tests
- 11 new tests: CustomerTokenTests (5) + RunModeGuardsTests (6).
- 51/51 passing locally.

Verified
- dotnet build + dotnet test clean (zero errors, one EF1002 warning
  suppressed in Phase 11 already).
- Client mode docker rebuild: no regressions, /api/app/info returns
  Client, login works, /api/sites/ works.
- Admin mode spun up on port 8090 against a fresh admin_fleet DB:
  /api/app/info returns Admin, customer ABC0001 registered, 64-char
  token returned, list shows the row.
- Cross-DB guard: Client run against admin_fleet refuses with explicit
  "is pointed at a database that contains fleet.Customers" error.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>

2026-05-18 10:09:41 +02:00

Diseri Pearson

e17921a122

Add portal: customer-facing white-labeled monitoring stack

New top-level portal/ project, peer to console/ and firmware/. Delivers a
.NET 10 + React 18 + TimescaleDB + Grafana stack, one container set per
customer behind Traefik. Built in 12 phases per FrontEndPrompt spec; no
changes to existing console or firmware.

Backend (src/Tau.Acuvim.Portal/):
- .NET 10 minimal API, Serilog, ASP.NET Identity (cookie auth, lockout).
- Single AppDbContext with identity / app / monitoring schemas.
- MigrateAsync + TimescaleBootstrapper (idempotent hypertable creation)
  + IdentityBootstrapper (seeded admin + branding) on startup.
- Pure CostCalculator + DB-backed RateService for tariffs (effective-dated,
  TOU periods, VAT, fixed charges, per-municipality timezone).
- BrandingService with logo upload to mounted volume.
- Time-series ingest + bucketed query services (time_bucket aggregates,
  ON CONFLICT for idempotent re-delivery).
- ConfigOverviewService with redaction-by-construction (passwords never in
  payload).
- DataProtection keys persisted to /data/keys volume for cookie survival
  across container restarts.

Frontend (frontend/):
- React 18 + TypeScript + Vite + Ant Design 5 + TanStack Query.
- BrandingProvider + ThemedRoot for live re-themed white-labelling.
- RequireAuth / RequireRole guards.
- Pages: Login, Dashboard, Dashboards (embedded Grafana), Sites (admin),
  Settings tabs (Branding / Rates / Users / Grafana / App config).

Infra:
- Dev (docker-compose.yml) and prod (docker-compose.prod.yml) compose
  files. Three services per customer; Traefik subdomain + same-origin
  /grafana path-prefix routing wired with labels.
- Grafana 11 with provisioned timescaledb datasource (uid pinned) and
  starter power-overview.json dashboard with device template variable.
- Compose project name documented as lowercase (Compose v2 requirement).

Tests (tests/Tau.Acuvim.Portal.Tests/):
- xUnit, 40 tests. Covers CostCalculator (period match, TZ, overlap,
  VAT, fixed), ConnectionStringResolver (all 4 precedence branches incl.
  Production refusal), TariffValidator, DayOfWeekFlag.
- All passing locally against .NET 10.

Docs:
- README.md (onboarding + 11 spec sections), OPERATIONS.md (per-customer
  provisioning, secret rotation, backup, troubleshooting), TESTING.md
  (manual integration scenarios, frontend test scaffolding recipe).

Production safety guards:
- Refuses to start if Authentication:DefaultAdminPassword is unchanged
  default in Production.
- Refuses to start if Database:AutoProvisionLocalTimescaleDb=true in
  Production.
- Prod Grafana ships with anonymous off and auth mode unset (three
  options documented in README Security) so iframe refuses to load
  until a deliberate prod auth choice is made.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>

2026-05-18 09:30:30 +02:00

3 Commits