kincses/service-finder
1
0
Fork 0
Code Issues 7 Pull Requests Packages Projects 2 Releases Wiki Activity
Files
5d96b00f81005fc3015b77418940e094f3b0e669
service-finder/backend/admin_gap_analysis.md
Roo 5d44339f21 átlagos kiegészítséek jó sok
2026-03-22 11:02:05 +00:00

136 lines
9.0 KiB
Markdown
Raw Blame History

# Admin System Gap Analysis Report
*Generated: 2026-03-21 12:14:33*
## 📊 Executive Summary
- **Total hardcoded business values found:** 149
- **API modules analyzed:** 22
- **Modules missing admin endpoints:** 20
## 🔍 Hardcoded Business Values
These values should be moved to `system_parameters` table for dynamic configuration.
| File | Line | Variable | Value | Context |
|------|------|----------|-------|---------|
| `seed_discovery.py` | 8 | `url` | `"https://opendata.rdw.nl/resource/m9d7-ebf2.json?$s..."` | `url = "https://opendata.rdw.nl/resource/m9d7-ebf2.json?$select=distinct%20merk&$limit=50000"` |
| `create_sandbox_user.py` | 28 | `API_BASE` | `"http://localhost:8000..."` | `API_BASE = "http://localhost:8000"` |
| `create_sandbox_user.py` | 29 | `MAILPIT_API` | `"http://sf_mailpit:8025/api/v1/messages..."` | `MAILPIT_API = "http://sf_mailpit:8025/api/v1/messages"` |
| `create_sandbox_user.py` | 30 | `MAILPIT_DELETE_ALL` | `"http://sf_mailpit:8025/api/v1/messages..."` | `MAILPIT_DELETE_ALL = "http://sf_mailpit:8025/api/v1/messages"` |
| `create_sandbox_user.py` | 35 | `SANDBOX_PASSWORD` | `"Sandbox123!..."` | `SANDBOX_PASSWORD = "Sandbox123!"` |
| `create_sandbox_user.py` | 138 | `max_attempts` | `5` | `max_attempts = 5` |
| `create_sandbox_user.py` | 139 | `wait_seconds` | `3` | `wait_seconds = 3` |
| `app/test_billing_engine.py` | 32 | `base_amount` | `100.0` | `base_amount = 100.0` |
| `app/test_billing_engine.py` | 133 | `file_path` | `"backend/app/services/billing_engine.py..."` | `file_path = "backend/app/services/billing_engine.py"` |
| `app/api/v1/endpoints/providers.py` | 11 | `user_id` | `2` | `user_id = 2` |
| `app/api/v1/endpoints/services.py` | 68 | `new_level` | `80` | `new_level = 80` |
| `app/api/v1/endpoints/social.py` | 15 | `user_id` | `2` | `user_id = 2` |
| `app/models/core_logic.py` | 17 | `__tablename__` | `"subscription_tiers..."` | `__tablename__ = "subscription_tiers"` |
| `app/models/core_logic.py` | 29 | `__tablename__` | `"org_subscriptions..."` | `__tablename__ = "org_subscriptions"` |
| `app/models/core_logic.py` | 48 | `__tablename__` | `"credit_logs..."` | `__tablename__ = "credit_logs"` |
| `app/models/core_logic.py` | 64 | `__tablename__` | `"service_specialties..."` | `__tablename__ = "service_specialties"` |
| `app/models/reference_data.py` | 7 | `__tablename__` | `"reference_lookup..."` | `__tablename__ = "reference_lookup"` |
| `app/models/identity/identity.py` | 25 | `region_admin` | `"region_admin..."` | `region_admin = "region_admin"` |
| `app/models/identity/identity.py` | 26 | `country_admin` | `"country_admin..."` | `country_admin = "country_admin"` |
| `app/models/identity/identity.py` | 28 | `sales_agent` | `"sales_agent..."` | `sales_agent = "sales_agent"` |
| `app/models/identity/identity.py` | 30 | `service_owner` | `"service_owner..."` | `service_owner = "service_owner"` |
| `app/models/identity/identity.py` | 31 | `fleet_manager` | `"fleet_manager..."` | `fleet_manager = "fleet_manager"` |
| `app/models/identity/identity.py` | 204 | `__tablename__` | `"verification_tokens..."` | `__tablename__ = "verification_tokens"` |
| `app/models/identity/identity.py` | 217 | `__tablename__` | `"social_accounts..."` | `__tablename__ = "social_accounts"` |
| `app/models/identity/identity.py` | 235 | `__tablename__` | `"active_vouchers..."` | `__tablename__ = "active_vouchers"` |
| `app/models/identity/identity.py` | 249 | `__tablename__` | `"user_trust_profiles..."` | `__tablename__ = "user_trust_profiles"` |
| `app/models/identity/address.py` | 14 | `__tablename__` | `"geo_postal_codes..."` | `__tablename__ = "geo_postal_codes"` |
| `app/models/identity/address.py` | 24 | `__tablename__` | `"geo_streets..."` | `__tablename__ = "geo_streets"` |
| `app/models/identity/address.py` | 33 | `__tablename__` | `"geo_street_types..."` | `__tablename__ = "geo_street_types"` |
| `app/models/identity/social.py` | 24 | `__tablename__` | `"service_providers..."` | `__tablename__ = "service_providers"` |
| `app/models/identity/social.py` | 61 | `__tablename__` | `"competitions..."` | `__tablename__ = "competitions"` |
| `app/models/identity/social.py` | 73 | `__tablename__` | `"user_scores..."` | `__tablename__ = "user_scores"` |
| `app/models/identity/social.py` | 91 | `__tablename__` | `"service_reviews..."` | `__tablename__ = "service_reviews"` |
| `app/models/identity/security.py` | 24 | `__tablename__` | `"pending_actions..."` | `__tablename__ = "pending_actions"` |
| `app/models/vehicle/vehicle.py` | 24 | `__tablename__` | `"cost_categories..."` | `__tablename__ = "cost_categories"` |
| `app/models/vehicle/vehicle.py` | 114 | `__tablename__` | `"vehicle_odometer_states..."` | `__tablename__ = "vehicle_odometer_states"` |
| `app/models/vehicle/vehicle.py` | 145 | `__tablename__` | `"vehicle_user_ratings..."` | `__tablename__ = "vehicle_user_ratings"` |
| `app/models/vehicle/vehicle.py` | 196 | `__tablename__` | `"gb_catalog_discovery..."` | `__tablename__ = "gb_catalog_discovery"` |
| `app/models/vehicle/vehicle_definitions.py` | 19 | `__tablename__` | `"vehicle_types..."` | `__tablename__ = "vehicle_types"` |
| `app/models/vehicle/vehicle_definitions.py` | 35 | `__tablename__` | `"feature_definitions..."` | `__tablename__ = "feature_definitions"` |
| `app/models/vehicle/vehicle_definitions.py` | 53 | `__tablename__` | `"vehicle_model_definitions..."` | `__tablename__ = "vehicle_model_definitions"` |
| `app/models/vehicle/vehicle_definitions.py` | 147 | `__tablename__` | `"model_feature_maps..."` | `__tablename__ = "model_feature_maps"` |
| `app/models/vehicle/external_reference.py` | 7 | `__tablename__` | `"external_reference_library..."` | `__tablename__ = "external_reference_library"` |
| `app/models/vehicle/external_reference_queue.py` | 7 | `__tablename__` | `"auto_data_crawler_queue..."` | `__tablename__ = "auto_data_crawler_queue"` |
| `app/models/vehicle/asset.py` | 14 | `__tablename__` | `"vehicle_catalog..."` | `__tablename__ = "vehicle_catalog"` |
| `app/models/vehicle/asset.py` | 91 | `__tablename__` | `"asset_financials..."` | `__tablename__ = "asset_financials"` |
| `app/models/vehicle/asset.py` | 107 | `__tablename__` | `"asset_costs..."` | `__tablename__ = "asset_costs"` |
| `app/models/vehicle/asset.py` | 125 | `__tablename__` | `"vehicle_logbook..."` | `__tablename__ = "vehicle_logbook"` |
| `app/models/vehicle/asset.py` | 154 | `__tablename__` | `"asset_inspections..."` | `__tablename__ = "asset_inspections"` |
| `app/models/vehicle/asset.py` | 169 | `__tablename__` | `"asset_reviews..."` | `__tablename__ = "asset_reviews"` |
*... and 99 more findings*
## 🏗️ Admin Endpoints Analysis
### Modules with Admin Prefix
*No modules have `/admin` prefix*
### Modules with Admin Routes (but no prefix)
*No mixed admin routes found*
## ⚠️ Critical Gaps: Missing Admin Endpoints
These core business modules lack dedicated admin endpoints:
- **users** - No `/admin` prefix and no admin routes
- **vehicles** - No `/admin` prefix and no admin routes
- **services** - No `/admin` prefix and no admin routes
- **assets** - No `/admin` prefix and no admin routes
- **organizations** - No `/admin` prefix and no admin routes
- **billing** - No `/admin` prefix and no admin routes
- **gamification** - No `/admin` prefix and no admin routes
- **analytics** - No `/admin` prefix and no admin routes
- **security** - No `/admin` prefix and no admin routes
- **documents** - No `/admin` prefix and no admin routes
- **evidence** - No `/admin` prefix and no admin routes
- **expenses** - No `/admin` prefix and no admin routes
- **finance_admin** - No `/admin` prefix and no admin routes
- **notifications** - No `/admin` prefix and no admin routes
- **reports** - No `/admin` prefix and no admin routes
- **catalog** - No `/admin` prefix and no admin routes
- **providers** - No `/admin` prefix and no admin routes
- **search** - No `/admin` prefix and no admin routes
- **social** - No `/admin` prefix and no admin routes
- **system_parameters** - No `/admin` prefix and no admin routes
### Recommended Actions:
1. Create `/admin` prefixed routers for each missing module
2. Implement CRUD endpoints for administrative operations
3. Add audit logging and permission checks
## 🚀 Recommendations
### Phase 1: Hardcode Elimination
1. Create `system_parameters` migration if not exists
2. Move identified hardcoded values to database
3. Implement `ConfigService` for dynamic value retrieval
### Phase 2: Admin Endpoint Expansion
1. Prioritize modules with highest business impact:
- `users` (user management)
- `billing` (financial oversight)
- `security` (access control)
2. Follow consistent pattern: `/admin/{module}/...`
3. Implement RBAC with `admin` and `superadmin` roles
### Phase 3: Monitoring & Audit
1. Add admin action logging to `SecurityAuditLog`
2. Implement admin dashboard with real-time metrics
3. Create automated health checks for admin endpoints
## 🔧 Technical Details
### Scan Parameters
- Project root: `/app`
- Files scanned: Python files in `/app`
- Business patterns: 25
- Trivial values excluded: None, False, 0, '', "", True, 1, [], {}
Reference in New Issue View Git Blame Copy Permalink