feat(backend): Phase 2/3 hardening release
Roadmap P0 — platform safety & ops
- Merge duplicate encoach.student.attempt/answer models into encoach_scoring
and drop the stale encoach_exam_template copies.
- Remove duplicate /api/exam/* routes; canonicalize on one controller tree.
- Gate raw-SQL seeds in seed_demo_data.py behind an explicit env flag.
- Add /api/health and /api/health/ready (DB + LLM reachability) endpoints.
- Fix docker-compose + ship odoo-docker.conf for container-local runs.
- Enforce OpenAI request_timeout=30s and @jwt_required on all AI/coach routes.
- Promote canonical cefr_mapper to encoach_ai.services.cefr_mapper.
- JWT cache TTL=30s + invalidation hook on user mutation.
Roadmap P1 — exam correctness & data provenance
- Wire QualityChecker + IeltsValidator into exam submit with a
pending_review gate (encoach_ai.services.question_validator).
- Populate RAG metadata (course_id, subject_id, entity_id, taxonomy) on
encoach_vector embeddings and add a chunking pipeline (>2000 chars).
- Add provenance fields on encoach.question (model, prompt_hash, log_id)
and validate LLM output with schema before DB insert.
- Unify response envelope to {items,total,page,size}.
- Approval reject rollback with savepoint atomicity.
- Ticket notifications on status/assignee change.
Roadmap P2 — performance & observability
- Reports: replace Python loops with SQL read_group aggregations.
- X-Request-ID middleware + structured JSON logs.
- In-process/Prometheus counters and openapi.py controller exporting a
spec by scanning @http.route decorators.
- Paymob real checkout + HMAC-SHA512 webhook verification, backed by a
new encoach.paymob.order model and ir.config_parameter credentials.
- JWT refresh tokens + revocation table.
- Composite DB indexes on hot report/ticket/attempt paths.
Roadmap P3 — human-in-the-loop & compliance
- Human-in-the-loop exam review workflow (pending_review → publish) with
new review controller and status transitions.
- encoach.ai.prompt model + versioning + admin editor endpoints (one
active version per key, render-preview dry run).
- Student feedback loop → encoach.ai.feedback (upsert per user/subject,
admin triage + resolve endpoints).
- GDPR export (/api/gdpr/export) and right-to-erasure (/api/gdpr/delete)
with anonymization, tombstone record, and admin-self-erasure guard.
- HttpCase smoke tests for /api/health and /api/health/ready.
Made-with: Cursor
This commit is contained in:
@@ -1,7 +1,7 @@
|
||||
services:
|
||||
db:
|
||||
image: postgres:16
|
||||
container_name: backend-v2-db
|
||||
container_name: encoach-v4-db
|
||||
restart: unless-stopped
|
||||
environment:
|
||||
POSTGRES_USER: odoo
|
||||
@@ -18,7 +18,7 @@ services:
|
||||
odoo:
|
||||
build: .
|
||||
image: encoach-backend:latest
|
||||
container_name: backend-v2-odoo
|
||||
container_name: encoach-v4-odoo
|
||||
restart: unless-stopped
|
||||
depends_on:
|
||||
db:
|
||||
@@ -28,9 +28,15 @@ services:
|
||||
volumes:
|
||||
- odoo-web-data:/var/lib/odoo
|
||||
- ./odoo-docker.conf:/etc/odoo/odoo.conf:ro
|
||||
- ./new_project/custom_addons:/mnt/custom_addons:ro
|
||||
- ./new_project/enterprise-19:/mnt/enterprise:ro
|
||||
- ./new_project/openeducat_erp-19.0:/mnt/openeducat:ro
|
||||
# Mount the whole monorepo so both custom addons and OpenEduCat are
|
||||
# available via /mnt/extra-addons (see odoo-docker.conf).
|
||||
- .:/mnt/extra-addons:ro
|
||||
healthcheck:
|
||||
test: ["CMD-SHELL", "curl -fsS http://localhost:8069/api/health || exit 1"]
|
||||
interval: 15s
|
||||
timeout: 5s
|
||||
retries: 10
|
||||
start_period: 60s
|
||||
|
||||
volumes:
|
||||
odoo-db-data:
|
||||
|
||||
Reference in New Issue
Block a user