64ed95271f
fix(leads): window revenue_total/deals_total to leads_window ( #1383 )
...
CI / changes (push) Successful in 10s
CI / changes (pull_request) Successful in 8s
CI / frontend-tests (push) Has been skipped
CI / openapi-codegen-check (push) Successful in 1m42s
CI / frontend-tests (pull_request) Has been skipped
CI / openapi-codegen-check (pull_request) Successful in 1m45s
CI / backend-tests (push) Failing after 8m48s
CI / backend-tests (pull_request) Failing after 8m46s
Both metrics were querying prinzip_deals without any date filter,
returning all-time figures while the surrounding stats (leads_window,
converted_window, conv_pct_window) were scoped to the last N months.
Now both subqueries restrict to deals linked to leads in window_leads
(via deal_id IN (...)), making all «за период» figures consistent.
2026-06-17 20:49:16 +03:00
b233bf91cc
refactor(security): убрать X-Admin-Token (Caddy basic_auth достаточен) ( #437 )
Deploy / changes (push) Successful in 5s
Deploy / build-frontend (push) Has been skipped
Deploy / build-backend (push) Successful in 1m20s
Deploy / build-worker (push) Successful in 2m21s
Deploy / deploy (push) Successful in 1m7s
2026-05-23 10:41:22 +00:00
lekss361
389fd31fad
refactor(admin): extract _check_token into shared AdminTokenAuth dep ( #133 )
...
Per audit batch #127 P2 hygiene (issue #128 ).
## Problem
Identical `_check_token` function в 3 admin files:
- backend/app/api/v1/admin_scrape.py:37-44
- backend/app/api/v1/admin_leads.py:26-33
- backend/app/api/v1/admin_jobs.py:24-31
## Fix
New `backend/app/core/deps.py` с `verify_admin_token` + Annotated alias:
```python
AdminTokenAuth = Annotated[None, Depends(verify_admin_token)]
```
Заменено в 27 endpoints (18 admin_scrape + 6 admin_leads + 3 admin_jobs):
- Removed local `_check_token` definitions
- `_: None = Depends(_check_token)` → `_: AdminTokenAuth`
- Removed unused imports (`Header`, `HTTPException`, `settings` где не используется)
## Semantics preserved
Все 3 original implementations были identical (503 if env missing + 401 if
mismatch, same header `X-Admin-Token`, same env `SCRAPE_ADMIN_TOKEN`).
Минор: 503 detail text unified to `"admin disabled — set SCRAPE_ADMIN_TOKEN"`
(в оригинале три разные строки — `"admin scrape disabled..."` etc).
Cosmetic — detail в HTTP 503 не парсится клиентским кодом.
## Tests
`uv run pytest tests/ -x -k admin` → 64/64 passed.
## Vault
`code/patterns/Pattern_Admin_Token_Dependency_May14.md` — created.
Closes #128
Refs: #127
Co-authored-by: lekss361 <claudestars@proton.me>
2026-05-14 23:45:44 +03:00
lekss361
d1f2380f32
fix(sqlalchemy): убрать :name::type — psycopg3 их не парсит, ломает Phase A INSERT в kn_scrape_runs (run_region_sweep крашится сразу с ProgrammingError, task_received записан, но run_id никогда не создаётся). 4 места: domrf_kn.py (resume INSERT, new run INSERT, snapshot UPDATE) + admin_leads.py (date_to filter). Заменено на CAST(:name AS type).
2026-04-28 23:37:03 +03:00
lekss361
5056438fcf
add anal4
2026-04-27 19:45:47 +03:00