# Migration To-dos — Atomic Roadmap > Mỗi item là 1 task atomic (~2-8h work). Tick `[x]` khi xong. Link session log nếu có. ## Phase 0 — Draft Scaffold (T1) - [x] Tạo cấu trúc thư mục `SOLUTION_ERP/` - [x] Scaffold .NET 10 solution `SolutionErp.slnx` - [x] Scaffold 4 project: `SolutionErp.{Domain, Application, Infrastructure, Api}` - [x] Wire Clean Arch references (Api → App/Infra, Infra → App, App → Domain) - [x] Install NuGet base: MediatR, FluentValidation, AutoMapper, EF Core SqlServer, Identity, JWT, Swagger, Serilog - [x] Scaffold 2 React + Vite apps `fe-admin` + `fe-user` với TS template - [x] Config vite.config.ts: port, strictPort, proxy `/api`, alias `@` - [x] Pin Node `>=20` trong package.json + `.nvmrc` cho CI - [x] Parse 8 form → `docs/forms-spec.md` - [x] Parse quy trình → `docs/workflow-contract.md` - [x] Viết `docs/{CLAUDE,STATUS,PROJECT-MAP}.md` - [x] Viết `docs/database/database-guide.md` (conventions + schema + ERD + migration workflow) - [x] Viết `docs/flows/` — README + 6 flow doc (auth, permission, contract-create, contract-approve, form-render, sla-expiry) - [x] Viết `.gitignore`, `README.md`, `global.json`, `docker-compose.yml` - [x] Tạo placeholder skill folders: `contract-workflow`, `form-engine`, `permission-matrix` - [x] `git init` + commit đầu (`25dad7f`) - [ ] Push Gitea remote (chờ URL từ user) ## Phase 1 — Alpha Core (T2-4) ### Foundation (đã xong Session 2) - [x] `Domain/Common/BaseEntity.cs` (Id Guid, CreatedAt, UpdatedAt, CreatedBy, UpdatedBy) - [x] `Domain/Common/AuditableEntity.cs` (IsDeleted, DeletedAt, DeletedBy) - [x] `Domain/Contracts/` Enums: `ContractType`, `ContractPhase` (9 state), `ApprovalDecision` - [x] `Domain/Identity/User.cs` (IdentityUser + FullName + RefreshToken + IsActive) - [x] `Domain/Identity/Role.cs` (IdentityRole + Description) - [x] `Domain/Identity/AppRoles.cs` — 12 role constants - [x] `Application/Common/Interfaces/`: IApplicationDbContext, ICurrentUser, IDateTime, IJwtTokenService - [x] `Application/Common/Exceptions/*` - [x] `Application/Common/Behaviors/ValidationBehavior.cs` - [x] `Application/DependencyInjection.cs` — MediatR + FluentValidation - [x] `Infrastructure/Persistence/ApplicationDbContext.cs : IdentityDbContext` - [x] `Infrastructure/Persistence/Interceptors/AuditingInterceptor.cs` - [x] `Infrastructure/Persistence/DbInitializer.cs` — seed 12 role + admin - [x] `Infrastructure/Persistence/DesignTimeDbContextFactory.cs` - [x] `Infrastructure/Identity/{JwtSettings, JwtTokenService}.cs` - [x] `Infrastructure/Services/DateTimeService.cs` - [x] `Infrastructure/DependencyInjection.cs` - [x] `Api/Services/CurrentUserService.cs` - [x] `Api/Middleware/GlobalExceptionMiddleware.cs` - [x] `Api/Controllers/AuthController.cs` (login, refresh, me, logout) - [x] `Api/Program.cs` (Serilog, JWT, CORS, Swagger, middleware) - [x] `Api/appsettings.{json, Development.json}` + `launchSettings.json` (port 5443) - [x] Migration 1 `Init` + apply to `SolutionErp_Dev` LocalDB - [x] FE: Vite config (Tailwind 4 + proxy + alias) - [x] FE: `src/{index.css, lib/api.ts, lib/cn.ts, types/auth.ts}` cho 2 app - [x] FE: `src/contexts/AuthContext.tsx`, `components/{ProtectedRoute, Layout}.tsx` - [x] FE: `components/ui/{Button, Input, Label}.tsx` - [x] FE: `pages/LoginPage.tsx`, `pages/DashboardPage.tsx` (admin) + `pages/InboxPage.tsx` (user) - [x] FE: `App.tsx` với Router + AuthProvider + Toaster - [x] FE: `main.tsx` với QueryClient (TanStack Query) - [x] E2E verified: login qua Vite proxy cả 2 app → JWT + user info ### Phase 1 đợt 2 — CRUD master + Permission Matrix (sắp tới) - [x] `Domain/Master/Supplier` (+ SupplierType enum 5 loại) / `Project` / `Department` (AuditableEntity) - [x] EF `IEntityTypeConfiguration` cho mỗi entity (unique Code + query filter IsDeleted) - [x] CQRS CRUD: Create/Update/Delete/GetById/List (PagedResult) cho 3 entity - [x] `Api/Controllers/{SuppliersController, ProjectsController, DepartmentsController}` - [x] Migration 2: `AddMasterData` - [x] `Domain/Identity/MenuItem` (Key PK, Label, ParentKey, Order, Icon) + `MenuKeys` const class - [x] `Domain/Identity/Permission` (RoleId, MenuKey, CanRead/Create/Update/Delete) - [x] Seed default menu tree (12 menu) + admin full access trong DbInitializer - [x] `Application/Permissions/Queries/GetMyMenuTreeQuery` — resolve per-user, union OR, tree filter - [x] `Api/Controllers/{MenusController, RolesController, PermissionsController}` - [x] Migration 3: `AddPermissions` - [x] Authorization handler `MenuPermissionHandler` + register 48 policy `{menu}.{action}` - [ ] `Domain/Entities/Contract` skeleton (Id, Type, SupplierId, ProjectId, Phase=DangChon, DraftData JSON) — deferred Phase 2/3 - [ ] Contract CRUD draft only (không workflow Phase 3) — deferred - [x] FE: `` + `usePermission()` hook - [x] FE Admin: 3 trang CRUD Supplier/Project/Department với DataTable + Dialog modal + search/sort/paging - [x] FE Admin: Permission Matrix grid page (role × menu × CRUD checkbox) - [x] FE Admin: Layout menu động từ `/api/menus/me` - [ ] FE User: trang "HĐ của tôi" list + filter — Phase 3 - [ ] FE Admin: Users management page (tạo user + gán role) — sắp tới - [ ] FE Admin: Roles CRUD — sắp tới - [ ] Route guard theo role admin-only — có PermissionGuard ở button, route cần thêm ### Exit criteria Phase 1 - [ ] Admin login → tạo NCC/Project → tạo role "Nhân viên CCM" → gán permission menu "Contracts.Read" - [ ] User CCM login → thấy menu Contracts, không thấy menu Admin - [ ] Tạo Contract draft → list hiển thị, không bị 403 sai ## Phase 2 — Form Engine (T5-6) ### MVP xong (Phase 2 iteration 1) - [x] Khảo sát: chọn **OpenXml + ClosedXML** (free, không cần license) - [x] `Domain/Forms/ContractTemplate` (Id, FormCode, Name, ContractType, FileName, StoragePath, Format, FieldSpec JSON, IsActive) - [x] `Domain/Forms/ContractClause` skeleton - [x] EF config + Migration `AddForms` - [x] `Application/Forms/Services/IFormRenderer` interface - [x] `Infrastructure/Forms/DocxRenderer` (OpenXml, handle placeholder split runs) - [x] `Infrastructure/Forms/XlsxRenderer` (ClosedXML) - [x] `Application/Forms/FormFeatures.cs` — List/Get/Render CQRS - [x] `Api/Controllers/FormsController` — GET templates, GET single, POST render - [x] Copy 5 .docx/.xlsx template → `wwwroot/templates/` - [x] Seed 8 ContractTemplate rows (5 IsActive=true, 3 chờ convert) - [x] FE admin: `FormsPage` — list + render dialog điền JSON + download - [x] E2E verified: render FO-002.05 → file .docx 482KB mở được bằng Word ### Iteration 2 (optional — enhance) - [ ] Convert 3 file `.doc` → `.docx` (retry Word COM với `DisplayAlerts=0` + timeout, hoặc LibreOffice headless) - [ ] Parse chi tiết field của 5 template HĐ — mỗi form thành JSON `FieldSpec` - [ ] Support `{{#loop}}...{{/loop}}` block cho table lặp (hạng mục HĐ giao khoán, PO) - [ ] FE user: form builder dynamic — render từ fieldSpec thay vì điền JSON tay - [ ] FE admin: upload template mới qua UI (POST multipart) + edit field mapping - [ ] Lưu `ContractClause` (FO-002.04) dạng rich text, admin edit qua TipTap/TinyMCE - [ ] PDF convert via LibreOffice headless (`soffice --headless --convert-to pdf`) - [ ] Import/export template (backup/restore) - [ ] Format helpers: number → `150,000,000 VND`, date → `dd/MM/yyyy` - [ ] Content preservation test: render → diff layout với template gốc ## Phase 3 — Workflow State Machine (T7-9) ### MVP xong (iteration 1) - [x] `Domain/Contracts/Contract` (Phase, SlaDeadline, BypassProcurementAndCCM, MaHopDong, DraftData, SlaWarningSent) - [x] `Domain/Contracts/ContractApproval` (FromPhase, ToPhase, ApproverUserId, Decision, Comment) - [x] `Domain/Contracts/ContractComment` + `ContractAttachment` (+ AttachmentPurpose enum) - [x] `Domain/Contracts/ContractCodeSequence` (Prefix PK, LastSeq) - [x] EF config + unique MaHopDong filtered + indexes Phase/Supplier/Project/SlaDeadline + cascade delete - [x] DbSets (5) + `IApplicationDbContext` update - [x] Migration `AddContractsWorkflow` - [x] `Application/Contracts/Services/IContractWorkflowService` + `IContractCodeGenerator` - [x] `Infrastructure/Services/ContractWorkflowService` — adjacency 9 phase + role guard + Admin bypass + system actor + bypass CCM (Chủ đầu tư) - [x] `Infrastructure/Services/ContractCodeGenerator` — 7 format RG-001 + transaction SERIALIZABLE - [x] CQRS: Create/UpdateDraft/Transition/AddComment/List/Inbox/GetDetail/Delete (8 feature) - [x] `Api/Controllers/ContractsController` — 8 endpoint REST - [x] FE admin: ContractsListPage + ContractDetailPage (timeline + action dialog) - [x] FE user: InboxPage + ContractCreatePage + ContractDetailPage + MyContractsPage - [x] PhaseBadge component + color map - [x] E2E verified: tạo HĐ → chạy 9 phase → gen mã `FLOCK 01/HĐGK/SOL&PVL2026/01` ### Iteration 2 (polish — optional) - [ ] `Infrastructure/HostedServices/SlaExpiryJob` — check mỗi 15min, auto-approve quá hạn với Decision=AutoApprove - [ ] Warning notification khi còn 20% SLA - [ ] `Infrastructure/Services/NotificationService` — email (MailKit) + in-app - [ ] SignalR hub cho real-time notification badge - [ ] MediatR `AuditBehavior` — log mọi command (ngoài ContractApprovals) - [ ] Upload attachment endpoint (multipart) + FE upload UI (`wwwroot/uploads/contracts/{id}/`) - [ ] RowVersion optimistic concurrency (2 user race → 409) - [ ] Render HĐ docx lúc tạo (merge TemplateId + DraftData + ContractClause appendix) - [ ] E2E test với non-admin user (Drafter/CCM/BOD role) - [ ] Filter Inbox theo phase ở FE - [ ] E2E test: reject → quay về DangSoanThao - [ ] E2E test: SLA expired → auto-approve + log ## Phase 4 — Reporting + Polish (T10-11) ### MVP xong (iteration 1) - [x] Dashboard admin: 5 KPI (total/active/overdue/published this month/total value) + by phase + top 5 NCC + top 5 dự án + 12 tháng - [x] Excel export HĐ theo filter (phase/supplier/project/date range) qua ClosedXML - [x] BE `GetDashboardStatsQuery` + `ExportContractsToExcelCommand` + ReportsController - [x] FE `DashboardPage` rewrite với `BarChart` tự build (Tailwind only, không thư viện ngoài) - [x] FE `ReportsPage` filter + export - [x] Docs consolidation: `rules.md` + `architecture.md` + `database/schema-diagram.md` + gotchas update ### Iteration 2 (polish — optional) - [ ] SLA overdue report (by role / phase, export Excel) - [ ] Contract audit log export (từng HĐ ra PDF) - [ ] Dashboard user-specific (HĐ của tôi / role của tôi) - [ ] Chart library recharts (nếu cần chart phức tạp) - [ ] UX polish: skeleton loader cho mọi list, empty state có action, error boundary recovery - [ ] Accessibility: keyboard nav, focus trap modal, aria labels - [ ] Dark mode - [ ] Performance: explicit index DB cho query hot đã identify - [ ] Tài liệu user guide: quy trình tạo HĐ + duyệt - [ ] UAT với 5-10 HĐ dữ liệu thật từ bộ phận Cung ứng ## Phase 5 — Production (T12-13) - [ ] `docs/guides/cicd.md` — CI/CD runbook - [ ] Gitea Actions workflow `.gitea/workflows/deploy.yml` — build .NET + 2 FE, deploy IIS qua SSH/WinRM - [ ] Pin Node 20.x trong workflow, test CI sớm (không để surprise cuối dự án) - [ ] `scripts/deploy-iis.ps1` — stop app pool, xcopy, start app pool - [ ] Windows Server setup: IIS + URL Rewrite + ARR (reverse proxy FE → IIS) - [ ] SQL Server prod: backup plan daily + weekly full - [ ] HTTPS certificate (Let's Encrypt qua win-acme hoặc mua cert) - [ ] `appsettings.Production.json` + user secrets - [ ] Security audit: owasp top 10 check - [ ] Rate limiting middleware (AspNetCoreRateLimit hoặc built-in) - [ ] Health check endpoint `/health` cho IIS probe - [ ] Error tracking: Serilog → file rolling daily, retention 30 ngày - [ ] Runbook: restart app, rollback migration, restore backup - [ ] UAT production 1 tuần với 2-3 user thật - [ ] Go-live checklist: backup, rollback plan, on-call contact ## Post-launch (Phase 6+ — future) - [ ] E-signature integration (VNPT CA hoặc FPT CA) - [ ] Tích hợp Bravo / SAP ERP import NCC - [ ] Mobile app (React Native?) cho BOD duyệt ngoài giờ - [ ] AI: gợi ý điền form dựa HĐ cũ, OCR scan HĐ đối tác - [ ] Multi-tenant nếu có công ty thứ 2