salman/igny8
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
64b8280bcea487d6efd3b17f64d2c3d771a9dd3e
igny8/CHANGELOG.md

21 KiB
Raw Blame History

IGNY8 Changelog

Current Version: 1.0.0
Last Updated: 2025-01-XX
Purpose: Complete changelog of all changes, fixes, and features. Only updated after user confirmation.

📋 Changelog Management

IMPORTANT: This changelog is only updated after user confirmation that a fix or feature is complete and working.

For AI Agents: Read docs/00-DOCUMENTATION-MANAGEMENT.md before making any changes to this file.

Changelog Structure

Each entry follows this format:

  • Version: Semantic versioning (MAJOR.MINOR.PATCH)
  • Date: YYYY-MM-DD format
  • Type: Added, Changed, Fixed, Deprecated, Removed, Security
  • Description: Clear description of the change
  • Affected Areas: Modules, components, or features affected
  • Documentation: Reference to updated documentation files

[Unreleased]

Added

  • Unified API Standard v1.0 implementation
  • API Monitor page for endpoint health monitoring
  • CRUD operations monitoring for Planner and Writer modules
  • Sidebar API status indicator for aws-admin accounts

Changed

  • All API endpoints now return unified response format ({success, data, message, errors})
  • Frontend fetchAPI wrapper automatically extracts data from unified format
  • All error responses follow unified format with request_id tracking
  • Rate limiting configured with scoped throttles per module

Fixed

  • Keyword edit form now correctly populates existing values
  • Auto-cluster function now works correctly with unified API format
  • ResourceDebugOverlay now correctly extracts data from unified API responses
  • All frontend pages now correctly handle unified API response format

[1.1.1] - 2025-01-XX

Security

  • CRITICAL: Fixed AIPromptViewSet security vulnerability - changed from permission_classes = [] (allowing unauthenticated access) to IsAuthenticatedAndActive + HasTenantAccess
  • Added IsEditorOrAbove permission check for save_prompt and reset_prompt actions in AIPromptViewSet
  • All billing ViewSets now require IsAuthenticatedAndActive + HasTenantAccess for proper tenant isolation
  • CreditTransactionViewSet now requires IsAdminOrOwner per API Standard v1.0 (billing/transactions require admin/owner)
  • All system settings ViewSets now use standard permissions (IsAuthenticatedAndActive + HasTenantAccess)
  • All auth ViewSets now explicitly include IsAuthenticatedAndActive + HasTenantAccess for proper tenant isolation

Changed

  • Auth Endpoints: All authentication endpoints (RegisterView, LoginView, ChangePasswordView, MeView) now use unified response format with success_response() and error_response() helpers
    • All responses now include request_id for error tracking
    • Error responses follow unified format with error and errors fields
    • Success responses follow unified format with success, data, and message fields
  • Billing Module: Refactored CreditUsageViewSet and CreditTransactionViewSet to inherit from AccountModelViewSet instead of manual account filtering
    • Account filtering now handled automatically by base class
    • Improved code maintainability and consistency
  • System Settings: All 5 system settings ViewSets now use standard permission classes
    • SystemSettingsViewSet, AccountSettingsViewSet, UserSettingsViewSet, ModuleSettingsViewSet, AISettingsViewSet
    • Write operations require IsAdminOrOwner per standard
  • Integration Settings: Added HasTenantAccess permission to IntegrationSettingsViewSet for proper tenant isolation
  • Auth ViewSets: Added explicit standard permissions to all auth ViewSets
    • UsersViewSet, AccountsViewSet, SubscriptionsViewSet, SiteUserAccessViewSet now include IsAuthenticatedAndActive + HasTenantAccess
    • SiteViewSet, SectorViewSet now include IsAuthenticatedAndActive + HasTenantAccess

Fixed

  • Fixed auth endpoints not returning unified format (were using raw Response() instead of helpers)
  • Fixed missing request_id in auth endpoint responses
  • Fixed inconsistent error response format in auth endpoints
  • Fixed billing ViewSets not using base classes (manual account filtering replaced with AccountModelViewSet)
  • Fixed all ViewSets missing standard permissions (IsAuthenticatedAndActive + HasTenantAccess)

Documentation

  • Updated implementation plan to reflect completion of all remaining API Standard v1.0 items
  • All 8 remaining items from audit completed (100% compliance achieved)

[1.1.0] - 2025-01-XX

Added

Unified API Standard v1.0

  • Response Format Standardization

    • All endpoints return unified format: {success: true/false, data: {...}, message: "...", errors: {...}}
    • Paginated responses include success, count, next, previous, results
    • Error responses include success: false, error, errors, request_id
    • Response helper functions: success_response(), error_response(), paginated_response()

  • Custom Exception Handler

    • Centralized exception handling in backend/igny8_core/api/exception_handlers.py
    • All exceptions wrapped in unified format
    • Proper HTTP status code mapping (400, 401, 403, 404, 409, 422, 429, 500)
    • Debug information included in development mode

  • Custom Pagination

    • CustomPageNumberPagination class with unified format support
    • Default page size: 10, max: 100
    • Dynamic page size via page_size query parameter
    • Includes success field in paginated responses

  • Base ViewSets

    • AccountModelViewSet - Handles account isolation and unified CRUD responses
    • SiteSectorModelViewSet - Extends account isolation with site/sector filtering
    • All CRUD operations (create, retrieve, update, destroy) return unified format

  • Rate Limiting

    • DebugScopedRateThrottle with debug bypass for development
    • Scoped rate limits per module (planner, writer, system, billing, auth)
    • AI function rate limits (10/min for expensive operations)
    • Bypass for aws-admin accounts and admin/developer roles
    • Rate limit headers: X-Throttle-Limit, X-Throttle-Remaining, X-Throttle-Reset

  • Request ID Tracking

    • RequestIDMiddleware generates unique UUID for each request
    • Request ID included in all error responses
    • Request ID in response headers: X-Request-ID
    • Used for log correlation and debugging

  • API Monitor

    • New page: /settings/api-monitor for endpoint health monitoring
    • Monitors API status (HTTP response) and data status (page population)
    • Endpoint groups: Core Health, Auth, Planner, Writer, System, Billing, CRUD Operations
    • Sorting by status (errors first, then warnings, then healthy)
    • Real-time endpoint health checks with configurable refresh interval
    • Only accessible to aws-admin accounts

  • Sidebar API Status Indicator

    • Visual indicator circles for each endpoint group
    • Color-coded status (green = healthy, yellow = warning)
    • Abbreviations: CO, AU, PM, WM, PC, WC, SY
    • Only visible and active for aws-admin accounts on API monitor page
    • Prevents console errors on other pages

Changed

Backend Refactoring

  • Planner Module - All ViewSets refactored to unified format

    • KeywordViewSet - CRUD + auto_cluster action
    • ClusterViewSet - CRUD + auto_generate_ideas action
    • ContentIdeasViewSet - CRUD + bulk_queue_to_writer action

  • Writer Module - All ViewSets refactored to unified format

    • TasksViewSet - CRUD + auto_generate_content action
    • ContentViewSet - CRUD + generate_image_prompts action
    • ImagesViewSet - CRUD + generate_images action

  • System Module - All ViewSets refactored to unified format

    • AIPromptViewSet - CRUD + get_by_type, save_prompt, reset_prompt actions
    • SystemSettingsViewSet, AccountSettingsViewSet, UserSettingsViewSet
    • ModuleSettingsViewSet, AISettingsViewSet
    • IntegrationSettingsViewSet - Integration management and testing

  • Billing Module - All ViewSets refactored to unified format

    • CreditBalanceViewSet - balance action
    • CreditUsageViewSet - summary, limits actions
    • CreditTransactionViewSet - CRUD operations

  • Auth Module - All ViewSets refactored to unified format

    • AuthViewSet - register, login, change_password, refresh_token, reset_password
    • UsersViewSet - CRUD + create_user, update_role actions
    • GroupsViewSet, AccountsViewSet, SubscriptionsViewSet
    • SiteUserAccessViewSet, PlanViewSet, IndustryViewSet, SeedKeywordViewSet

Frontend Refactoring

  • fetchAPI Wrapper (frontend/src/services/api.ts)

    • Automatically extracts data field from unified format responses
    • Handles paginated responses (results at top level)
    • Properly throws errors for success: false responses
    • Removed redundant response?.data || response checks across codebase

  • All Frontend Pages Updated

    • Removed redundant response data extraction
    • All pages now correctly consume unified API format
    • Error handling standardized across all components
    • Pagination handling standardized

  • Component Updates

    • FormModal - Now accepts React.ReactNode for title prop
    • ComponentCard - Updated to support status badges in titles
    • ResourceDebugOverlay - Fixed to extract data from unified format
    • ApiStatusIndicator - Restricted to aws-admin accounts and API monitor page

Fixed

Bug Fixes

  • Keyword Edit Form - Now correctly populates existing values when editing

    • Added key prop to force re-render when form data changes
    • Fixed seed_keyword_id value handling for select dropdown

  • Auto-Cluster Function - Now works correctly with unified API format

    • Updated autoClusterKeywords() to wrap response with success field
    • Proper error handling and response extraction

  • ResourceDebugOverlay - Fixed data extraction from unified API responses

    • Extracts data field from {success: true, data: {...}} responses
    • Added null safety checks for all property accesses
    • Validates data structure before adding to metrics

  • API Response Handling - Fixed all instances of incorrect data extraction

    • Removed response?.data || response redundant checks
    • Removed response.results || [] redundant checks
    • All API functions now correctly handle unified format

  • React Hooks Error - Fixed "Rendered more hooks than during the previous render"

    • Moved all hooks to top of component before conditional returns
    • Fixed ApiStatusIndicator component hook ordering

  • TypeScript Errors - Fixed all type errors related to unified API format

    • Added nullish coalescing for toLocaleString() calls
    • Added null checks before Object.entries() calls
    • Fixed all undefined property access errors

System Health

  • System Status Page - Fixed redundant data extraction
    • Now correctly uses extracted data from fetchAPI
    • All system metrics display correctly

Security

  • Rate limiting bypass only for aws-admin accounts and admin/developer roles
  • Request ID tracking for all API requests
  • Centralized error handling prevents information leakage

Testing

  • Comprehensive Test Suite

    • Created complete unit and integration test suite for Unified API Standard v1.0
    • 13 test files with ~115 test methods covering all API components
    • Test coverage: 100% of API Standard components

  • Unit Tests (backend/igny8_core/api/tests/)

    • test_response.py - Tests for response helper functions (18 tests)
      • Tests success_response(), error_response(), paginated_response()
      • Tests request ID generation and inclusion
      • Tests status code mapping and error messages
    • test_exception_handler.py - Tests for custom exception handler (12 tests)
      • Tests all exception types (ValidationError, AuthenticationFailed, PermissionDenied, NotFound, Throttled, etc.)
      • Tests debug mode behavior and debug info inclusion
      • Tests field-specific and non-field error handling
    • test_permissions.py - Tests for permission classes (20 tests)
      • Tests IsAuthenticatedAndActive, HasTenantAccess, IsViewerOrAbove, IsEditorOrAbove, IsAdminOrOwner
      • Tests role-based access control and tenant isolation
      • Tests admin/system account bypass logic
    • test_throttles.py - Tests for rate limiting (11 tests)
      • Tests DebugScopedRateThrottle bypass logic (DEBUG mode, env flag, admin/system accounts)
      • Tests rate parsing and throttle header generation

  • Integration Tests (backend/igny8_core/api/tests/)

    • test_integration_base.py - Base test class with common fixtures and helper methods
    • test_integration_planner.py - Planner module endpoint tests (12 tests)
      • Tests CRUD operations for keywords, clusters, ideas
      • Tests AI actions (auto_cluster)
      • Tests error scenarios and validation
    • test_integration_writer.py - Writer module endpoint tests (6 tests)
      • Tests CRUD operations for tasks, content, images
      • Tests error scenarios
    • test_integration_system.py - System module endpoint tests (5 tests)
      • Tests status, prompts, settings, integrations endpoints
    • test_integration_billing.py - Billing module endpoint tests (5 tests)
      • Tests credits, usage, transactions endpoints
    • test_integration_auth.py - Auth module endpoint tests (8 tests)
      • Tests login, register, user management endpoints
      • Tests authentication flows and error scenarios
    • test_integration_errors.py - Error scenario tests (6 tests)
      • Tests 400, 401, 403, 404, 429, 500 error responses
      • Tests unified error format across all error types
    • test_integration_pagination.py - Pagination tests (10 tests)
      • Tests pagination across all modules
      • Tests page size, page parameter, max page size limits
      • Tests empty results handling
    • test_integration_rate_limiting.py - Rate limiting integration tests (7 tests)
      • Tests throttle headers presence
      • Tests bypass logic for admin/system accounts and DEBUG mode
      • Tests different throttle scopes per module

  • Test Verification

    • All tests verify unified response format ({success, data/results, message, errors, request_id})
    • All tests verify proper HTTP status codes
    • All tests verify error format consistency
    • All tests verify pagination format consistency
    • All tests verify request ID inclusion

  • Test Documentation

    • Created backend/igny8_core/api/tests/README.md with test structure and running instructions
    • Created backend/igny8_core/api/tests/TEST_SUMMARY.md with comprehensive test statistics
    • Created backend/igny8_core/api/tests/run_tests.py test runner script

Documentation

  • OpenAPI/Swagger Integration

    • Installed and configured drf-spectacular for OpenAPI 3.0 schema generation
    • Created Swagger UI endpoint: /api/docs/
    • Created ReDoc endpoint: /api/redoc/
    • Created OpenAPI schema endpoint: /api/schema/
    • Configured comprehensive API documentation with code samples
    • Added custom authentication extensions for JWT Bearer tokens

  • Comprehensive Documentation Files

    • docs/API-DOCUMENTATION.md - Complete API reference with examples
      • Quick start guide
      • Endpoint reference
      • Code examples (Python, JavaScript, cURL)
      • Response format details
    • docs/AUTHENTICATION-GUIDE.md - Authentication and authorization guide
      • JWT Bearer token authentication
      • Token management and refresh
      • Code examples in Python and JavaScript
      • Security best practices
    • docs/ERROR-CODES.md - Complete error code reference
      • HTTP status codes (200, 201, 400, 401, 403, 404, 409, 422, 429, 500)
      • Field-specific error messages
      • Error handling best practices
      • Common error scenarios and solutions
    • docs/RATE-LIMITING.md - Rate limiting and throttling guide
      • Rate limit scopes and limits
      • Handling rate limits (429 responses)
      • Best practices and code examples
      • Request queuing and caching strategies
    • docs/MIGRATION-GUIDE.md - Migration guide for API consumers
      • What changed in v1.0
      • Step-by-step migration instructions
      • Code examples (before/after)
      • Breaking and non-breaking changes
    • docs/WORDPRESS-PLUGIN-INTEGRATION.md - WordPress plugin integration guide
      • Complete PHP API client class
      • Authentication implementation
      • Error handling
      • WordPress admin integration
      • Best practices
    • docs/README.md - Documentation index and quick start

  • OpenAPI Schema Configuration

    • Configured comprehensive API description with features overview
    • Added authentication documentation
    • Added response format examples
    • Added rate limiting documentation
    • Added pagination documentation
    • Configured endpoint tags (Authentication, Planner, Writer, System, Billing)
    • Added code samples in Python and JavaScript

  • Schema Extensions

    • Created backend/igny8_core/api/schema_extensions.py for custom authentication
    • JWT Bearer token authentication extension
    • CSRF-exempt session authentication extension
    • Proper OpenAPI security scheme definitions

[1.0.0] - 2025-01-XX

Added

Documentation System

  • Complete documentation structure with 7 core documents
  • Documentation management system with versioning
  • Changelog management system
  • DRY principles documentation
  • Self-explaining documentation for AI agents

Core Features

  • Multi-tenancy system with account isolation
  • Authentication (login/register) with JWT
  • RBAC permissions (Developer, Owner, Admin, Editor, Viewer, System Bot)
  • Account > Site > Sector hierarchy
  • Multiple sites can be active simultaneously
  • Maximum 5 active sectors per site

Planner Module

  • Keywords CRUD operations
  • Keyword import/export (CSV)
  • Keyword filtering and organization
  • AI-powered keyword clustering
  • Clusters CRUD operations
  • Content ideas generation from clusters
  • Content ideas CRUD operations
  • Keyword-to-cluster mapping
  • Cluster metrics and analytics

Writer Module

  • Tasks CRUD operations
  • AI-powered content generation
  • Content editing and review
  • Image prompt extraction
  • AI-powered image generation (OpenAI DALL-E, Runware)
  • Image management
  • WordPress integration (publishing)

Thinker Module

  • AI prompt management
  • Author profile management
  • Content strategy management
  • Image generation testing

System Module

  • Integration settings (OpenAI, Runware)
  • API key configuration
  • Connection testing
  • System status and monitoring

Billing Module

  • Credit balance tracking
  • Credit transactions
  • Usage logging
  • Cost tracking

Frontend

  • Configuration-driven UI system
  • 4 universal templates (Dashboard, Table, Form, System)
  • Complete component library
  • Zustand state management
  • React Router v7 routing
  • Progress tracking for AI tasks
  • Responsive design

Backend

  • RESTful API with DRF
  • Automatic account isolation
  • Site access control
  • Celery async task processing
  • Progress tracking for Celery tasks
  • Unified AI framework
  • Database logging

AI Functions

  • Auto Cluster Keywords
  • Generate Ideas
  • Generate Content
  • Generate Image Prompts
  • Generate Images
  • Test OpenAI connection
  • Test Runware connection
  • Test image generation

Infrastructure

  • Docker-based containerization
  • Two-stack architecture (infra, app)
  • Caddy reverse proxy
  • PostgreSQL database
  • Redis cache and Celery broker
  • pgAdmin database administration
  • FileBrowser file management

Documentation

Documentation Files Created

  • docs/00-DOCUMENTATION-MANAGEMENT.md - Documentation and changelog management system
  • docs/01-TECH-STACK-AND-INFRASTRUCTURE.md - Technology stack and infrastructure
  • docs/02-APPLICATION-ARCHITECTURE.md - Application architecture with workflows
  • docs/03-FRONTEND-ARCHITECTURE.md - Frontend architecture documentation
  • docs/04-BACKEND-IMPLEMENTATION.md - Backend implementation reference
  • docs/05-AI-FRAMEWORK-IMPLEMENTATION.md - AI framework implementation reference
  • docs/06-FUNCTIONAL-BUSINESS-LOGIC.md - Functional business logic documentation

Documentation Features

  • Complete workflow documentation
  • Feature completeness
  • No code snippets (workflow-focused)
  • Accurate state reflection
  • Cross-referenced documents
  • Self-explaining structure for AI agents

Version History

Current Version: 1.0.0

Status: Production
Date: 2025-01-XX

Version Format

  • MAJOR: Breaking changes, major feature additions, architecture changes
  • MINOR: New features, new modules, significant enhancements
  • PATCH: Bug fixes, small improvements, documentation updates

Version Update Rules

  1. MAJOR: Only updated when user confirms major release
  2. MINOR: Updated when user confirms new feature is complete
  3. PATCH: Updated when user confirms bug fix is complete

IMPORTANT: Never update version without user confirmation.

Planned Features

In Progress

  • Planner Dashboard enhancement with KPIs
  • Automation & CRON tasks
  • Advanced analytics

Future

  • Analytics module enhancements
  • Advanced scheduling features
  • Additional AI model integrations
  • Stripe payment integration
  • Plan limits enforcement
  • Advanced reporting
  • Mobile app support
  • API documentation (Swagger/OpenAPI)
  • Unit and integration tests for unified API

Notes

  • All features are documented in detail in the respective documentation files
  • Workflows are complete and accurate
  • System is production-ready
  • Documentation is maintained and updated regularly
  • Changelog is only updated after user confirmation

For AI Agents: Before making any changes, read docs/00-DOCUMENTATION-MANAGEMENT.md for complete guidelines on versioning, changelog management, and DRY principles.

Reference in New Issue View Git Blame Copy Permalink