f8640d6f18
- STATUS/HANDOFF: S54 IT-staff reassign (ca4b602, test 216, bundle rotate cả 2), user-mem re-ground 20, Phase 9 Ops scope cho NEXT
- Session log 2026-06-08-S54 + cicd-monitor MEMORY (Run #376, H2-gap post-deploy lag)
- H2 harvest GATE PASS 5/5 (residual reconcile verified) + H1 tooling 4-mặt stable
- flag monthly 2026-07-01: sys.tables 93-vs-92, STATUS re-tier S50..S38
Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
217 lines
37 KiB
Markdown
217 lines
37 KiB
Markdown
# STATUS — Snapshot hiện tại
|
||
|
||
> **Update rule:** trước khi bắt đầu 1 task → ghi row `🔥 In Progress`. Xong → `✅ Recently Done`.
|
||
> **Tiering rule (S40):** chỉ giữ **state hiện tại + 3 session gần nhất** ở file này. Session cũ hơn → `docs/changelog/sessions/`. Full history pre-S40 → `docs/_archive/STATUS-preS40-fullhistory.md`. (Tránh over-context — xóa double, không cắt nội dung.)
|
||
|
||
**Last updated:** 2026-06-08 (Session 54 — **IT staff tự reassign ticket (cross-stack authz, HMW-mode ON)**: 1 code commit `ca4b602` → Run #376 PASS ~4m18s, prod-verified. Cho tổ IT (dept Code=="IT") + Admin reassign ItTicket trên CẢ 2 app. BE: NEW `GetAssignableItStaffQuery` capability endpoint `{canReassign,staff}` + `AssignItTicketHandler` authz Admin-OR-dept-IT (Forbidden) + assignee-must-IT (Conflict) + controller `/assign` hạ `[Authorize(Roles=Admin)]`→`[Authorize]` (handler fine-grained). FE: fe-admin+fe-user ItTicketsPage **SHA256-identical** (REVERSE S53 divergence) gate nút by `canReassign`, dropdown từ `/assignable-staff` (không `/users`). Test 203→**216** (+13 authz guard test-before-merge). NO migration (DepartmentId reuse). Bundle admin `DfCfHUE9`→`DmjI8Cmn` / user `_3S0BPJ2`→`YxL_MljK` (cả 2 rotate). 6-agent fan-out (BE∥FE→test→reviewer→cicd) + em main reconcile stray-memory residual (3 agent ghi MEMORY nhầm `src/Backend/.claude` → harvest về canonical). reviewer PASS 0 blocker (role-string "Admin" chain-verified). Task 1 Phase 9 Ops KHÔNG làm (anh dừng). flag: cicd `sys.tables=93` vs STATUS 92 → monthly audit re-ground.) Prev S53 (gotcha #57 EXT Master Mig 47 + P11-D reassign-UI fe-admin + P11-E menu + database-agent verified-runtime: `44b9e54` Run #260 + `dbf6648` Run #261, test→203, bundle→`DfCfHUE9`). Prev S52 (Phase 11 P11-D+E+F deployed + database-agent adopt, HMW-mode ON): 3 commit — `e9ee97f` (database-agent DB1–DB11 read-advisory, roster 10→11, executed-file CHỜ restart) + `6a66429` Wave 1 (P11-E AttendanceReport+Excel+OtPolicy multiplier + P11-F MaTicket codegen, migration-free) + `dcf76f8` Wave 2 (P11-D ItTicket round-robin assign dept-IT + SLA timer, Mig 46). Test 186→**200**. Bundle admin `DYfjnpY0`/user `_3S0BPJ2` (cả 2 deploy verified curl độc lập — Wave 1 BE 401 wired + Wave 2 /assign 401 + Mig 46 applied health-200). ⚠️ **Session-limit hit giữa Wave 2** → recovery: BE/test verify-on-disk + em main solo FE redo + curl-self-verify thay cicd-spawn (multi-agent resilience, git/disk/prod = source-of-truth). RAG recovered (chunk 2416 rerank live) nhưng stale 05-29. Prev S51: P11-C Vehicle+Driver.)
|
||
|
||
---
|
||
|
||
## 🎯 CURRENT STATE (verified S40)
|
||
|
||
| Metric | Value | Note |
|
||
|---|---|---|
|
||
| Migrations | **47** | +S53 Mig 47 `FilterMasterCatalogUniqueIndexesByIsDeleted` (gotcha #57 EXT: Department/Supplier/Project filtered-unique Code — index-only, no new table) |
|
||
| SQL tables | **92** | unchanged S52 (Mig 46 = AddColumn, no new table; cicd `sys.tables` ground-truth) |
|
||
| API endpoints | **~253** | +1 S54 `GET /it-tickets/assignable-staff` (capability endpoint); +3 S52 (attendances/report + report/excel + it-tickets/{id}/assign) |
|
||
| FE pages | **68** | unchanged S54 (ItTicketsPage reassign = in-place 2 app); +1 S52 AttendanceReportPage |
|
||
| Menu keys | **~56** | +1 S53 `Off_AttendanceReport` (P11-E promote → sidebar leaf under Văn phòng số, order 8) |
|
||
| Tests | **216 PASS** | 58 Domain + 158 Infra · 0 fail / 0 skip · +13 S54 `ItTicketReassignAuthzTests` (authz capability + Forbidden/Conflict guard, test-before-merge) · +3 S53 Master filtered-unique |
|
||
| Gotchas | **57** | unchanged S54 (#57 backlog CLOSED S53; #44 silent-403 pattern reinforced — data-driven authz ở handler đúng, capability-flag chống) |
|
||
| User memory | **20** | re-grounded S54 (H1 disk-count — S53 base thật 19 không phải 18); +1 S54 `feedback_agent_cwd_relative_memory_misland` (sub cd subdir → MEMORY Write stray) |
|
||
| Skills | 6 | 3 domain + 3 ops |
|
||
| Sub-agents | **11** | Opus 4.8 1M · 9 product/quality (7 core + frontend-designer + database-agent) + 2 monitor INFORM-only (tooling-auditor H1 + harvest-curator H2). ✅ database-agent **verified-runtime S53** (spawn-test PASSED — caught Mig 46-unapplied-local drift) |
|
||
| RAG chunks | **2416** | Recovered S52 (S51 Qdrant DOWN → nay alive, rerank live 0.9375). Stale `last_indexed 05-29` (S42-S52 via store_memory stopgap; full re-index = AI_INFRA op cần VOYAGE_API_KEY). |
|
||
|
||
**Bundle hash live (prod):** admin `DmjI8Cmn` · user `YxL_MljK` (S54 — cả 2 rotate, ItTicketsPage reassign 2 app). Deploy verified Run #376 (`ca4b602`, ~4m18s): `GET /it-tickets/assignable-staff` 401 wired · `PUT /assign` 401 (with body — IIS 411 bodyless pre-auth) · health 200 · Mig giữ 47 (no new).
|
||
**Phase:** ✅ Phase 10 COMPLETE · ✅ **Phase 11 product backlog ĐÓNG TRỌN** — P11-A/B/C/**D/E/F** ALL DONE (deployed prod) · 🚫 Phase 9 Ops blocked (anh main coordinate — S54 chưa khởi động, anh dừng).
|
||
|
||
> ⚠️ **Count drift fixed S40:** endpoints ~223→**211**, FE pages 53→**65**, menu keys 85→**~53**. Tables **84 confirmed correct** (DbSet 77 + Identity 7). 3 số "khó fake" (mig/gotcha/git) luôn đúng. Cause: số "incremented mỗi session" over/under-count optimistic — re-ground định kỳ.
|
||
|
||
---
|
||
|
||
## 🔥 In Progress (S54)
|
||
|
||
| Task | Owner | Status |
|
||
|---|---|---|
|
||
| _(none — S54 task 2 (ItTicket reassign cross-stack) DONE + prod-verified Run #376. Task 1 (Phase 9 Ops) anh dừng — chưa khởi động. **NEXT (anh pick):** Phase 9 Ops — em đã scope: SMTP email outbound (greenfield code-able, NEW `IEmailSender`+`SmtpEmailSender` config-driven + wire NotificationService) · SQL backup register (`scripts/backup-sql.ps1` READY → em đưa lệnh schtasks, anh chạy VPS) · rotate creds + UAT (anh-infra) · monthly drift audit **2026-07-01**.)_ | 👤 | ✅ |
|
||
|
||
**S40 done:** ✅ Consolidation (`d2f52ba`) · ✅ Curate 4 agent MEMORY >25KB→<8.4KB (`78c9de3`) · ✅ RAG catch-up chunk S37-S40 (rerank 0.867) · ✅ **AI_INFRA bulletin 2026-05-29 adopt 4/4** (MỤC2 Tiered Memory Policy v1 `6f08d1f` + MỤC3 /session-start+/session-end slash commands `c8ff5e1`). ⏳ Full RAG re-index = AI_INFRA op (cần VOYAGE_API_KEY).
|
||
|
||
> ⚙️ **NEW slash command** (`.claude/commands/`) — anh main **restart CLI** để activate (không hot-reload) → session sau gõ `/session-start` + `/session-end` thay paste prompt thủ công.
|
||
|
||
---
|
||
|
||
## ✅ Recently Done (newest on top — 3 session; cũ hơn → session logs)
|
||
|
||
### S54 (2026-06-08) — ✅ IT staff tự reassign ticket (cross-stack authz, HMW-mode ON) — 1 commit prod-verified
|
||
- **Commit `ca4b602` → Gitea Run #376 PASS ~4m18s, prod-verified.** Anh: `/session-start` → "2 xong sau đó là 1" (task 2 reassign trước, task 1 Phase 9 Ops sau) → task 2 done, task 1 anh dừng → `/session-end`.
|
||
- **Feature (cho tổ IT tự reassign — KHÔNG chỉ Admin như S53):** "IT staff" = `User.DepartmentId == Department(Code=="IT").Id` (reuse round-robin S52 predicate). Cross-stack, **NO migration** (DepartmentId reuse), no menu change.
|
||
- **🟨 BE** (`WorkflowAppsFeatures.cs` REGION 5 + `ItTicketsController.cs`): NEW `GetAssignableItStaffQuery`→`AssignableStaffResult{CanReassign,Staff}` capability endpoint (`[Authorize]` any-auth, trả `{false,[]}` cho người ngoài → **0 silent-403 chống gotcha #44**) + `AssignItTicketHandler` authz Admin-OR-dept-IT (`ForbiddenException`) + assignee-must-IT (`ConflictException`) + controller `/assign` hạ `[Authorize(Roles="Admin")]`→`[Authorize]` (handler enforce fine-grained data-driven).
|
||
- **🟧 FE** (2 app): `ItTicketsPage.tsx` **SHA256-identical `4bcaf2f…`** — REVERSE divergence S53 (cả 2 cùng gate nút by BE-computed `canReassign`, dropdown từ `/assignable-staff` thay `/users`). +2 type `AssignableStaff`/`AssignableStaffResult`. npm build ×2 PASS.
|
||
- **🟪 Test** (`ItTicketReassignAuthzTests.cs`): +13 (203→**216**) test-before-merge SECURITY — GetAssignableItStaff 6 (canReassign matrix + 0-leak empty + inactive-excluded) + AssignItTicket 7 (Forbidden guard-proof by-contrast + Conflict assignee-not-IT + side-effect no-mutation). No prod bug.
|
||
- **🟥 reviewer PASS** 0 blocker/0 major/1 minor: điểm chí mạng **role-string "Admin" chain-verified real** (`AppRoles.Admin`→`SeedRoles Role.Name`→`JwtTokenService Claim(ClaimTypes.Role)`→`cu.Roles` — decoy "QTV" chỉ ShortName, không vào JWT). Fail-closed verified, defense-in-depth nguyên.
|
||
- **🟩 cicd Run #376:** test 216 · bundle admin `DfCfHUE9`→`DmjI8Cmn`/user `_3S0BPJ2`→`YxL_MljK` (cả 2 rotate) · smoke health 200 + /assignable-staff 401 + /assign 401(body) · Mig giữ 47. Note: 411-bodyless-PUT = IIS Content-Length pre-`[Authorize]` (không phải routing miss).
|
||
- ⚠️ **Residual caught + fixed (em main single-writer):** 3 agent (BE/FE/test) ghi MEMORY nhầm `src/Backend/.claude/` (cwd-relative Write khi cd subdir) → em main git-status scan bắt stray + reconcile 2 pattern file về canonical + APPEND S54 delta vào 3 canonical MEMORY (harvest B2/B3). → memory `feedback_agent_cwd_relative_memory_misland`.
|
||
- 📌 **flag monthly audit 2026-07-01:** cicd đo `sys.tables=93` vs STATUS 92 (1-count drift, pre-existing — session này no new table).
|
||
- → session log `2026-06-08-S54-it-ticket-reassign-cross-stack.md`.
|
||
|
||
### S53 (2026-06-08) — ✅ gotcha #57 EXT Master (Mig 47) + P11-D reassign-UI + P11-E menu-key — all prod-verified · database-agent verified-runtime (HMW-mode ON, "làm hết" full closeout)
|
||
- **2 code commit deployed prod:** `44b9e54` Task B (Mig 47 `FilterMasterCatalogUniqueIndexesByIsDeleted` — Department/Supplier/Project filtered-unique Code, gotcha #57 EXT) Run #260 · `dbf6648` Task C+D Run #261. Test 200→**203** (+3 `MasterCatalogFilteredUniqueTests` RED→GREEN). Bundle admin `DYfjnpY0`→**`DfCfHUE9`** (rotated C+D FE) · user `_3S0BPJ2` unchanged.
|
||
- **Bootstrap:** database-agent **verified-runtime** (first real spawn since S52 adopt → caught **Mig 46 committed-but-unapplied-local** drift that 203 SQLite-tests + CI-applied-prod both MISS → bonus closed via Mig 47 deploy applying 46+47 to LocalDB Dev+Design). H1+H2 monitors re-reported (S52 closeout debt cleared; H2 confirmed S52 proxy-append present, 0 orphan).
|
||
- **Task B (Mig 47, Run #260):** workflow 🟪 test-specialist → 🟨 implementer-backend → 🟥 reviewer (PASS 0 issues). 3 prod indexes `filter_definition` NULL→`([IsDeleted]=(0))` live. gotcha #57 EXT cumulative now **6×** (Holiday 43 + 3 HRM 45 + 3 Master 47) — **backlog CLOSED**. Root cause: app dup-check `AnyAsync(Code==req)` đi qua `HasQueryFilter(!IsDeleted)` (bỏ qua soft-deleted) nhưng bare unique index đếm cả → delete+re-add = UNIQUE-500 reachable.
|
||
- **Task C+D (`dbf6648`, Run #261):** workflow 🟨 implementer-backend → 🟧 implementer-frontend → 🟥 reviewer (PASS 0 issues). C = ItTicket admin reassign dialog (fe-admin only, intentional mirror-break; reuse `PUT /assign` + `GET /users`). D = `Off_AttendanceReport` menu leaf (order 8, no migration — DbInitializer idempotent seed, admin-perm auto via `All[]`, menu-key byte-identical 5 mirror points). Prod: menu row seeded + admin bundle rotated + smoke 200/401.
|
||
- **Doc-drift E:** H1 top-5 patched (ef-core skill 43→47, agents/README roster 10→11, CLAUDE.md root 45→47 mig + 186→203 test, docs/CLAUDE.md 56→57 + 91→92 ERD). database-agent adap-report → verified-runtime.
|
||
- ⚠️ **cicd-monitor truncated 2×** (gotcha #53/#55; C+D verify cut mid-Q3) → recovered via curl-self-verify (Gitea run + bundle hashes public; menu-row from agent's pre-truncation sqlcmd). `feedback_agent_kill_recovery` reinforced.
|
||
- → session log `2026-06-08-S53-gotcha57-ext-p11-cd-closeout.md`.
|
||
|
||
### S52 (2026-06-08) — 🎉 Phase 11 product backlog ĐÓNG TRỌN (P11-D+E+F deployed) + database-agent adopt — HMW-mode ON, session-limit recovery
|
||
- **3 commit deployed prod:** `e9ee97f` (database-agent governance .md, CI-skip) + `6a66429` Wave 1 (P11-E+F code) + `dcf76f8` Wave 2 (P11-D, Mig 46). Test 186→191→**200**. Bundle admin `DYfjnpY0`/user `_3S0BPJ2` (cả 2 rotate; deploy verified curl độc lập — không cicd-spawn do limit).
|
||
- **🔌 database-agent adopt** (AI_INFRA broadcast `2026-06-08-Agent-database-codebase-agents`): floor DB1–DB11 **READ-advisory tier** (implementer-backend vẫn author file) · skill `sql-database-assistant`+`ef-core-migration` · color OMIT (8 standard hết → mirror monitor precedent) · `store_memory` strip · DB11 RowVersion tie-in vá S43 lost-update gap. **codebase-agent SKIP n-a** (investigator cover + csharp-lsp Windows no-op). Roster 10→**11**. Nấc executed-file → **🔴 CHỜ CLI restart** verified-runtime. adap-report 5-trường LOCK written.
|
||
- **P11-F MaTicket codegen** (Wave 1): `WorkflowAppCodeGen.GenerateMaDonTuAsync(db,"IT",clock.Now.Year,...)` gen-on-**Create** (kanban no-workflow, khác Leave/OT gen-on-Submit), `IT/2026/NNN` Serializable atomic. Migration-free.
|
||
- **P11-E AttendanceReport** (Wave 1): `GetAttendanceReportQuery` monthly aggregate (day-type weekday/weekend/holiday OT × OtPolicy multiplier, **classify in-memory** không EF-translate `.DayOfWeek`) + `AttendanceReportExcelExporter` (ClosedXML, sync no-DB) + 2 endpoint Admin-only + fe-admin `AttendanceReportPage` (download authed `api.get(blob)`). Migration-free. `Holiday.Date`=DateOnly (agent verify source-of-truth, không tin spec mù).
|
||
- **P11-D ItTicket assign+SLA** (Wave 2, **Mig 46** AddSlaFieldsToItTicket): round-robin least-loaded dept-"IT" (DbInitializer seed dept IT + 2 sample staff nv.cao/nv.truong, **ordering sau SeedDemoUsers** vì reconcile dept) + SlaDueAt theo Priority (Urgent4/High8/Medium24/Low72h) + `ItTicketSlaJob` (breach+warning notify, **KHÔNG auto-transition** — khác Contract) + PUT /assign admin override + FE badge 2-app SHA256 mirror.
|
||
- **⚠️ Session-limit hit giữa Wave 2** (3 agent killed: FE/test/cicd) → recovery (multi-agent resilience proof): Wave 2 BE/test verify-on-disk (build 0-err + 200 test) + **em main solo FE redo** (gotcha #53-class fallback) + **curl-self-verify** Wave 1+2 deploy thay cicd-spawn. Lesson: **git/disk/prod = source-of-truth, KHÔNG agent return-message**.
|
||
- **reviewer (Wave 1) PASS** — independent re-verify (build/test/tsc) + gotcha #44 role-string "Admin" disarmed (decoy `"QTV"`=display-code KHÔNG phải role-name). Wave 2 = **em main self-review** (seed↔query dept-code cross-check PASS, nv.cao/nv.truong tồn tại) do limit pressure.
|
||
- → session log `2026-06-08-S52-phase11-def-close-database-agent.md`.
|
||
|
||
### S51 (2026-06-08) — ✅ P11-C Vehicle+Driver catalogs (Mig 44) + gotcha #57 ext 3 HRM catalog (Mig 45) — HMW fan-out, deployed prod
|
||
- **Commit `30a99aa` → Gitea Run #371 PASS ~4m18s, verified prod.** HMW-mode ON, 7-agent fan-out: 🟦 recon → 🟨 BE ∥ 🟧 FE (parallel file-disjoint) → 🟪 test-before → 🟥 reviewer → 🟩 cicd. RAG/Qdrant DOWN cả session → ground-truth on-disk (đáng tin hơn stale RAG index 05-29).
|
||
- **Mig 44 `AddVehicleAndDriverCatalogs`** — 2 catalog table (Vehicles + Drivers, `AuditableEntity`), filtered-unique Code day-1 (gotcha #57 từ đầu). Extend HrmConfigs declarative: BE Region 5/6 CRUD (mirror LeaveType) + Controller +2 route-group (8 endpoint, GET public / write Roles=Admin) + MenuKeys +2 +All (auto Admin perm) + DbInitializer idempotent seed 2 veh/2 drv. FE KIND_CONFIG +2 kind ×2 app (SHA256 mirror) + 4-place (types/page/menuKeys/Layout staticMap), `:kind`-driven (no new App.tsx route). Tables 91→**92** (cicd `sys.tables` ground-truth).
|
||
- **Mig 45 `FilterHrmCatalogUniqueIndexesByIsDeleted`** (bundled gotcha #57) — LeaveType + ShiftPattern + **OtPolicy** bare `.IsUnique()` → `.HasFilter("[IsDeleted]=0")`. **OtPolicy BỊ BỎ SÓT khỏi backlog "2 catalog" → em main bắt được khi grep toàn bộ config** (= 3 HRM catalog). test-before: +5 `HrmConfigFilteredUniqueTests` (181→**186**), RED→GREEN observed.
|
||
- **🟥 reviewer caught 1 MAJOR** (pre-commit): Driver FE↔BE required-field mismatch (FE optional vs BE `NotEmpty`+NOT NULL) — root = inconsistent em-main brief across BE/FE → fixed (FE +`required:true`). Lesson: parallel fan-out → shared-contract inconsistency chỉ lộ lúc integration; green tests ≠ correct contract.
|
||
- **🟩 cicd Run #371 PASS:** test 186 · Mig 44+45 prod · 5 `IX_*_Code` filtered `([IsDeleted]=(0))` live (3 HRM was NULL) · bundle rotate admin `Cg9mvltU`/user `YgqDvsqr` · health 200 · /hrm-configs/{vehicles,drivers} 401 unauth + 200 authed (2 seed each).
|
||
- **gotcha #57 EXT** (investigator audit complete): Department/Supplier/Project (Master, confirmed-reachable via global query-filter quirk) → **worktree session** Mig 46 (3 idx). ContractClause/MeetingRoom/EmployeeProfile = SKIP (not reachable). → session log `2026-06-08-S51-p11c-vehicle-driver-gotcha57.md`.
|
||
|
||
### S50 (2026-06-07) — ✅ S49 Harness 1·2·3 verified-runtime closeout (HMW-mode ON · infra-finish, no product code, CI-skip)
|
||
- **`/session-start` bootstrap** → spawned **2 monitor sub** (tooling-auditor H1 + harvest-curator H2) RE-REPORT → **verified-runtime CONFIRMED** (S49 milestone (a) closed). H1 caught 3 doc-freshness drifts → em main patched (plugin 15→18 · skill-index 31→43 mig + 49→57 gotcha · verified-runtime markers). H2 harvest 🟢 clean (0-byte/orphan/corruption=0). Test gate **181 PASS**, RAG 2415.
|
||
- **(b) H2 wave-mode VERIFIED** — wave-run `h2-verify` (Workflow Run `wf_b7e4d6ef-787`, 2-agent: investigator-codebase read-only + test-specialist write-direct). **B6 isolation HELD**: git status = 6-baseline only (0 canonical/agent-memory leak), sub-MDs gitignored, **chunk 2415→2415** (0 rogue RAG write). B4 both-paths exercised. Bonus: gotcha #57 confirmed open + exact coords (`LeaveTypeConfiguration.cs:19` + `ShiftPatternConfiguration.cs:19` vs fixed `HolidayConfiguration.cs:18`).
|
||
- **(c) H3 email send-path VERIFIED** — `/send-email ai_infra` handshake → `broadcasts/outbox/ai_infra/`, body SHA256 `c9656c19…` self-verified MATCH + `_index.md` OUTBOUND logged. AI_INFRA `/check-email se` pull = their step (completes 2-way byte-identical proof).
|
||
- **§L.b(d)(f)(g) session-end:** H2 GATE **PASS 5/5** + B5 wave-gom (2 sub-MD → agent-memory/{investigator-codebase,test-specialist}). H1 freshness CHỐT (3 drifts patched, 0 new-alloc). 4 sub spawn-records all nấc=verified. **Rig fact:** Bash subs = `/usr/bin/bash` not PowerShell → POSIX only. → session log `2026-06-07-S50-harness-verified-runtime.md`.
|
||
|
||
### S49 (2026-06-07) — 🌐 AI_INFRA Harness 1·2·3 adopt (HMW-mode ON · governance/infra, no product code, CI-skip)
|
||
- **HMW-mode BẬT** (`/ultra-on` → marker `.claude/hmw-mode.on` gitignored) → anh `/adap-apply harness 1·2·3`. **Recon fan-out 4 read-only agent @P2** (3× investigator-codebase H1/H2/H3 gap + 1× investigator-api plugin/skill audit · return-delta · 367K tok · ~4m46s) → em main single-writer WRITE ~25 file. **Containment audit post-P2:** git-diff = 1 file-write (inv-api self-MEMORY, benign verified) + chunk-count **2414=2414** (0 RAG-write) → defense-in-depth proven (sub giữ Bash/Write — G-015).
|
||
- **Harness 1 (Self-observability):** roster **8→10** — NEW 2 sub **TÁCH BIỆT** (anh-mandate) `tooling-auditor` (H1 tooling/docs-freshness 4-mặt skill·sub-role·plugin·docs) + `harvest-curator` (H2 harvest-integrity 5-trục), INFORM-only (4 RAG-read, NO store_memory/Write). Wire `session-start.md` Phase 2.1.1 RE-REPORT + `session-end.md` §L.b **6→7-step** (H2 5-trục GATE + H1 chốt + B5 wave-gom). H3 plugin/skill = gộp-vai doc (0 agent mới — code-modernization/code-reviewer KHÔNG enable).
|
||
- **Harness 2 (wave-folder isolation):** `hmw.js` +wave-mode (subMdPath schema + tool-aware writeGuard) · `.gitignore` +`wave-*/`+`agent-teams/` (B6 **VERIFIED** `git check-ignore`) · NEW `.claude/workflows/README.md` convention. A agent-team = n-a (Windows in-process, convention-ready).
|
||
- **Harness 3 (email channel):** NEW `broadcasts/` (outbox/{6 others+all}/ + inbox/{6 others}/ + _index + inbox/README + **13 .gitkeep**, committed not-gitignored) + 2 cmd `send/check-email` (self=`se`, 6 others short-id `{ai_infra,vipix,dyd,namgroup,ashico,bvaau}`) + fix `adap-apply.md` base-path → `outbox/all/` (latent bug đóng luôn).
|
||
- **3 adap-report** `docs/governance/adap-reports/2026-06-07-Agent-harness-{1,2,3}.md` (nấc executed-file/verified-pending + evidence + tailored/skip + G-015 honest-caveat). 🟥 reviewer P4 **PASS all 3 — no blocker** (genuinely tailored not copy-paste · B6 git-check-ignore verified · SHA256 byte-identical · 1 MINOR pre-existing README diagram drift → fixed). **Test 181 unchanged** (no .cs). 🔴 **NEXT: anh restart CLI** → activate 2 sub + 2 cmd + hmw.js wave-mode → spawn-test confirm verified-runtime. → session log `2026-06-07-S49-harness-1-2-3-adopt.md`.
|
||
|
||
### S48 (2026-06-02) — ✅ adap-* verification closure post-restart + FD2 proof + Gov-v2 error-ledger (governance + 1 a11y fix)
|
||
- **CLI restart confirmed done** (registry has frontend-designer + adap-* cmds + 8 subs sans store_memory) → S47 "verified-pending" upgraded. `/adap-apply all-pending` = 0 new (all 3 applied S47); `/adap-report all-applied` → re-assessed + updated 3 reports honest (§C5/G-015).
|
||
- **#1 store_memory strip → VERIFIED-runtime:** `grep` agents `tools:` = 0 · loaded registry grants 0 `store_memory` to all **8** subs. NOT "read-only" (subs keep Bash/Write — defense-in-depth caveat holds).
|
||
- **#2 frontend-designer → FD2 loop VERIFIED-RAN** (🩷 first real spawn, background): full loop on fe-user `/login` — DS read (Tailwind v4 CSS-first) → Vite dev → Playwright screenshot 375+1440 → viewed PNGs → FD4 rubric all-PASS → 1-line contrast fix → re-shot → build PASS. em main mirrored fix to fe-admin (parity). 2 Vite-dev rig gotchas + Tailwind-v4 fact in FD MEMORY.
|
||
- **#3 Gov-v2 delta → CLOSED (executed-file):** NEW [`docs/governance/error-ledger.md`](governance/error-ledger.md) (blameless RCA E-001..E-004 + Active-Guards 2-strike index + §L.a AS-1..AS-9 deterministic-detect + 3-ledger triad map) + §L.b 6-step wired `session-end.md` Phase 1.5 (ran live this session = demo).
|
||
- **Code:** `fe-{admin,user}/src/pages/LoginPage.tsx` subtitle `text-slate-500→600` (a11y contrast ~7.5:1). Build × 2 PASS 0 TS error. **Test 181 unchanged** (FE-only, no .cs). Commit `350b2bf` → 🟩 **cicd Run #369 PASS** (~4m13s · bundle admin `DPPTx2Kw`/user `CjoUEsoV` rotated · Mig stays 43 · health 200 ×4). → session log `2026-06-02-S48-adap-verify-fd2-error-ledger.md`.
|
||
|
||
### S47 (2026-06-02) — 🔌 AI_INFRA adap-* adoption channel + 3 broadcasts (infra/governance, no product code)
|
||
- **Federated adoption channel installed** (AI_INFRA relay): 3 slash-commands forked → `.claude/commands/adap-{apply,report,request}.md`. Read AI_INFRA `broadcasts/outbox/` read-only (§J2) → apply own repo → `docs/governance/adap-reports/<id>.md` (5-field LOCK); AI_INFRA `/adap-audit` reads cross-repo 2-way. 0 agents spawned (em main solo — governance task).
|
||
- **#1 store_memory strip** — removed from ALL 8 subs' `tools:` → **lead (em main) = sole RAG-writer** (failure-safe). 4 RAG-read retained ×8. `agents/README.md` synced + G-015 note (NOT "read-only" — subs keep Bash/Write). Corroborates SE S41 re-bootstrap-loss lesson.
|
||
- **#2 frontend-designer (8th agent, pink)** — adopted (user call), forked AI_INFRA canonical FD1–FD10 visual-verification floor (Playwright screenshot ≥2 viewport → rubric → fix). Tailored SE stack + use-existing-DS (#1F7DC1/Be Vietnam Pro) + boundary ⟂ implementer-frontend (design/UX vs mechanical-mirror). memory seed + roster doc 7→8.
|
||
- **#3 Gov-v2** — already-applied S44 (`ae30f8f`); delta report flags 1 gap (no formal error-ledger/§L.b checklist — defer).
|
||
- **Nấc all executed-file / verified-pending** (restart + spawn-test). Test **181 unchanged** (no product code). CI-skip (all .md). → session log `2026-06-02-S47-aiinfra-adap-channel.md` · memory `feedback_aiinfra_adap_channel` · restart-batching lesson (front-load .md edits → 1 restart).
|
||
|
||
### S46 (2026-06-01) — 🧹 Memory integrity repair (no code, docs-only)
|
||
- **`/session-start` audit caught 2 user-memory files at 0 bytes** (S45 close-out truncation, gotcha #53): `MEMORY.md` index + `feedback_background_spawn_visibility.md`. Empty index = S46 bootstrap chạy KHÔNG có memory auto-inject (degrade thầm lặng).
|
||
- **Repaired (👤 em main solo):** rebuilt `MEMORY.md` index (14 entries: 8 feedback + 3 project + 2 pattern) · repopulate `feedback_background_spawn_visibility` từ HANDOFF/STATUS S45 ref (marked reconstructed) · NEW `feedback_session_end_memory_write_verify` (verify byte>0 sau closeout Write). **0 empty `.md` remain** (verified `find -size 0`).
|
||
- **No production/repo code touched.** Memory files ngoài repo (`~/.claude/.../memory/`) — không git-tracked → repo unchanged từ S45 `7fbe05a`. Test gate re-confirm **181 PASS** (58+123) lúc bootstrap.
|
||
- **Residual:** STATUS "27 user memory" stale → corrected **14**. Recommend thêm verify-byte-count step vào `/session-end` skill mechanism (AI_INFRA op per charter v2) — auto-catch class lỗi này.
|
||
|
||
### S45 (2026-06-01) — 🧪 HRM test-gap stabilization + Holiday drift fix (Mig 43)
|
||
- **2 commit `051b62b` (Tests) + `0c5a014` (Mig 43) → push → Gitea Run #368 PASS, verified prod.** "Stabilize before extend": đóng 3 test-gap deferred S35-S38 TRƯỚC khi chồng schema mới.
|
||
- **+27 test (154→181):** Gap1 Holiday composite UNIQUE (7) · Gap2 EmployeeSatellite FK-invariant+soft-delete+cascade (10) · Gap3 gotcha #44 authz regression HrmConfigs+Employees (10). 🟪 test-specialist viết (return truncated gotcha #53 → 👤 em main verify-on-disk + proxy MEMORY).
|
||
- **Mig 43 `FilterHolidayUniqueIndexByIsDeleted`** (👤 em main solo, bug-fix chain): Gap1 test lòi drift — Holiday DB UNIQUE (Year,Date) unfiltered vs handler `!IsDeleted` → admin xoá+thêm lại ngày lễ cùng date = **500 reachable**. Fix `.HasFilter("[IsDeleted]=0")` (khớp pattern 13× sẵn có). Flip Case 7 assert success. Table vẫn 91 (index-only).
|
||
- **🟩 cicd Run #368 PASS** ~4m20s: test gate 181 · Mig 43 applied prod · `IX_Holidays_Year_Date` filter=`([IsDeleted]=(0))` live (was NULL) · FE bundle UNCHANGED `Krjvg_3j`/`6sNStgxa` (đúng — BE-only) · health 200 · 0 regression.
|
||
- **🟦 investigator P11-C pre-flight** (Vehicle+Driver catalog): chưa có master → extend HrmConfigs +2 kind declarative, Mig 44, giữ VehicleBooking free-text. **gotcha #57 caught:** LeaveType.Code + ShiftPattern.Code cũng unfiltered (backlog).
|
||
- **gotcha #57 NEW** (soft-delete UNIQUE phải `.HasFilter`). Process: foreground spawn = im lặng = "looks frozen" → đẩy background + report-ngay (`feedback_background_spawn_visibility`).
|
||
|
||
### S44 (2026-06-01) — 🗓️ Monthly drift audit + AI_INFRA bundle 06-01 adoption (docs-only, CI-skip)
|
||
- **Cadence audit** (cron 2026-06-01) + adopt AI_INFRA bundle 06-01 (federated, team chọn full scope). 🟦 investigator-codebase drift scan (read-only, ground-truth verified) → 👤 em main patch. No code touched → **154 test PASS unchanged**.
|
||
- **42 count-drift fixes:** CLAUDE.md root + docs/CLAUDE.md + `ef-core-migration` SKILL + `dependency-audit-erp` SKILL + schema-diagram + database-guide — `40→42 mig · 84/59/55/47→91 tables · 130/111→154 test · 52/49→56 gotcha`.
|
||
- **Schema-diagram:** migration table extended Mig 17-42 (was stop ở 16) + total 55→91; detailed-§ gap (Mig 27-42 modules) flagged **explicit** (không silent → deferred backlog). `ef-core` SKILL migration history extended Mig 27-42.
|
||
- **AI_INFRA bundle:** §A RAG T1/T2 auto-ack · §B Gov-v2 align (no new layer) · §C hygiene **7/7 agent-mem L1 ≤16KB**, "25KB"→"~30KB tiered" wording ×7 · §D `#4` self-sustaining adoption-report step → `/session-end` (skip #1 đã có / #3 helper) · §E report + §F ledger `docs/governance/`.
|
||
|
||
### S43 (2026-05-30) — 🔄 Phase 11 P11-B: LeaveBalance business logic (trừ phép + số dư)
|
||
- **Commit `82d7fcf` → Gitea #367 PASS ~4m08s, deployed prod.** 7-agent (recon → BE → FE ∥ test → reviewer → cicd), agents Max → **0 bug lọt**.
|
||
- **Mig 42 `AddLeaveBalances`** (additive): `LeaveBalances` (User×LeaveType×Year + Entitled/Used/Adjustment, UNIQUE composite + FK LeaveTypes Restrict). 90→91 tables.
|
||
- **Trừ phép**: hook `ApproveLeaveRequestHandler` nhánh terminal DaDuyet — exactly-once (guard chặn re-approve), upsert auto-create từ `DaysPerYear`, `UsedDays += NumDays`, Year=StartDate.Year. Policy **cho phép âm + cảnh báo** (anh chốt).
|
||
- **FK invariant guard** (em Max-review thêm sau test reveal): Create + UpdateDraft validate LeaveTypeId tồn tại → ConflictException (đóng cửa, tránh 500 kẹt đơn lúc deduction FK insert).
|
||
- **CQRS** `LeaveBalanceFeatures.cs`: GetMy (self lazy-merge active LeaveType) + GetUser (admin) + Adjust (admin upsert). Embed balance NGƯỜI TẠO vào leave detail (approver xem đúng).
|
||
- **FE**: `WorkflowAppDetailPage` ×2 block "Số dư phép" + cảnh báo vượt (kind=leave, SHA256 identical, tích hợp trang đơn nghỉ — không trang riêng).
|
||
- **Test**: 144→**154** (+11 LeaveBalance/guard + repair 2 template terminal FK). Reviewer Max PASS (deduction exactly-once + FK fully closed; 2 minor defer: concurrency lost-update no-RowVersion + stale comment).
|
||
- Verified prod: Mig 42 applied, LeaveBalances UNIQUE+FK ✓, `/leave-balances/my` 200 → 5 LeaveType lazy-default, bundle rotate.
|
||
|
||
### S42 (2026-05-30) — 🔄 Phase 11 P11-A: wire ApproveV2 + LevelOpinions 4 WorkflowApps module
|
||
- **Commit `e7b66cd` (Gitea #364) + fix `75df04e` (#365) → PASS, deployed prod.** Cookie-cutter mirror Proposal (Mig 38). 7-agent end-to-end (recon → BE×3 → FE → test → reviewer → cicd). (Run-id "#250" memory truncated ghi sai → Max re-verify reconcile #364/#365.)
|
||
- **Mig 41 `WireWorkflowAppsApprovalV2`** (additive): +4 bảng `{Leave,Ot,Travel,Vehicle}LevelOpinions` (UNIQUE composite + Cascade/Restrict) + `WorkflowAppCodeSequences` (shared atomic MaDonTu) + 4 cột `RejectedFromStatus` + enum `TravelRequest=9`.
|
||
- **BE:** 30 handler (`LeaveOt` + `TravelVehicle` ApprovalFeatures.cs) — GetById/Update/Submit/Approve(UPSERT+advance)/Reject/Return + verify ApplicableType per module. 8 controller route. Seed 4 WF mẫu (QT-NP/OT/CT/XE-V2-001, AppType 5/6/7/9) — gotcha #51 INFRASTRUCTURE-gated PASS prod.
|
||
- **FE:** `WorkflowAppDetailPage.tsx` declarative 4-kind (admin+user SHA256 identical) — workflow status + opinion timeline + Submit/Approve/Reject/Return actions; gỡ banner skeleton + row nav.
|
||
- **Test:** +11 `WorkflowAppApproveV2Tests` (130→141) — state machine + UPSERT invariant + guards + forbidden + placeholder + codegen. No prod bug.
|
||
- **Verified:** Mig 41 applied prod (5 bảng EXIST) · bundle rotate cả 2 app · 4 endpoint live · seed prod · reviewer checklist (no copy-paste bug, [Authorize] OK).
|
||
- ⚠️ **Gotcha #53/#55 tái diễn 3× session này** (FE + reviewer + cicd-monitor truncate output cuối) — mỗi lần recover qua MEMORY + em main manual verify. Anti-truncation lesson reinforced.
|
||
- 🔬 **Max re-review (agents chạy High) phát hiện + fix 2 bug FE picker** (chưa commit lúc deploy đầu): (#1) `pinWorkflow` PUT `/{id}` partial → 400 validator; (#2) fetch expect array nhưng endpoint trả `{types}` object → picker rỗng. Fix: thêm endpoint chuyên dụng `PUT /{id}/workflow` (set workflow only, verify ApplicableType) + sửa fetch mirror PE/Contract `data.types.find().history.filter(isUserSelectable)`. +3 test SetWorkflow (141→144). **Bonus phát hiện:** `ProposalCreatePage` (S37) có bug #2 có sẵn → spawn task riêng.
|
||
- 📌 Follow-up minor (non-blocking): known-minor unreachable (Reject/Return actor-check khi CurrentApprovalLevelOrder null) · deploy.yml stale comment "54/17 test" (cosmetic) · test Travel/Vehicle mirror pending (Leave full + Ot smoke có).
|
||
|
||
### S41 (2026-05-29) — RAG corpus cleanup (w/ AI_INFRA)
|
||
- AI_INFRA RAG audit → SE-side prep: `.claude/rag.json` exclude root-anchored→`**/`-anchored (defeats gotcha #10: `node_modules/**`+`docs/_archive/**` weren't matching nested paths) + retired stale `_decision_log` "+321%/11,922".
|
||
- **store_memory reconcile (anti-data-loss, NAMGROUP lesson):** unified at-risk rule = content reproducible từ file {exists ∧ matches corpus glob ∧ not excluded}. 5/5 accounted: 3 broadcasts disk-twinned + `16a6b6db` audit-response twin-safe + `0307141b` S37-S40 catch-up **promoted-to-disk** (`docs/changelog/sessions/2026-05-29-S37-S40-rag-catchup.md` — anchor was virtual, not real STATUS section).
|
||
- AI_INFRA re-bootstrap host-side `--config`: **3080→2406** (−674 junk), node_modules=0 / _archive=0 / manual-marker=0, user-memory 60 chunks (slug fix). SE post-verify PASS (promoted catch-up returns file-indexed real heading, not `(manual)`). Commits `282cbd0`+`e8cbbe5` pushed (docs/infra → CI skip).
|
||
- ⏳ Standing infra backlog (AI_INFRA, non-blocking): bootstrap glob→0 warn · auto_reindex hook fire · search_code corpus gap (src/*.cs+fe/*.tsx, v0 design) · registry sync.
|
||
|
||
### S40 (2026-05-29) — Init audit + doc consolidation
|
||
- 7-agent smoke verify (🟪 test-specialist + 🟦 investigator-api load OK), RAG re-rank PASS (top 0.8789 Voyage rerank-2.5), 130 test confirm.
|
||
- Doc consolidation: STATUS 170KB→5.7KB + HANDOFF 224KB→3.4KB (archive full → `docs/_archive/`). Count re-ground (endpoints 211, FE pages 65, menu ~53; tables 84 confirmed). Stale credential `admin@solutionerp.local`→`admin@solutions.com.vn` fixed. CLAUDE.md root patch (mig/table/test).
|
||
- Curate 4 agent MEMORY >25KB→<8.4KB (~130KB→41KB, foundation preserved + verbatim git). RAG store_memory S37-S40 catch-up chunk. 2 commit push `d2f52ba`+`78c9de3` (docs-only CI skip).
|
||
|
||
### S39 (2026-05-29) — ⚙️ INFRA: Opus 4.8 1M + Multi-agent 4→7 + budget +50%
|
||
- Pure infra/governance, 1 commit `fd0554a` (docs CI skip). Model default Opus 4.8 1M. investigator→codebase+api · implementer→backend+frontend · +test-specialist (purple). 5 RAG MCP/agent. 2 gotcha NEW #54 (529 fallback) + #55 (truncation mid-exploration). CLI restart → registry hot-reload (done S40).
|
||
- → `docs/changelog/sessions/2026-05-29-S36-S39-phase10-complete-7agent.md`
|
||
|
||
### S38 (2026-05-28) — 🎊 PHASE 10 COMPLETE 11/11 (SKELETON combo)
|
||
- Mig 39+40 + BE ~1100 LOC + FE 5 file × 2 app + 8 menu. Run #247 PASS 3m25s. G-O4/O5/O6/P1/H3 skeleton. Trade-off DEFER Phase 11: ApproveV2 wire + LevelOpinions per-module + LeaveBalance + CodeGen atomic + Vehicle/Driver catalog + ItTicket auto-assign/SLA.
|
||
- → same session log
|
||
|
||
---
|
||
|
||
## 🎯 Next up
|
||
|
||
### ✅ Phase 11 — Polish/wire skeleton (COMPLETE S52)
|
||
- ✅ **P11-A** wire ApproveV2 + LevelOpinions 4 module — **DONE S42** (prod).
|
||
- ✅ **P11-B** LeaveBalance business logic — **DONE S43** (Mig 42, prod).
|
||
- ✅ **P11-C** Vehicle+Driver catalog — **DONE S51** (Mig 44/45, prod).
|
||
- ✅ **P11-D** ItTicket round-robin assign + SLA timer — **DONE S52** (Mig 46, `dcf76f8`, prod). Dept-IT pool + `ItTicketSlaJob` no-auto-transition. _Follow-up minor: reassign-UI defer (endpoint `/assign` sẵn)._
|
||
- ✅ **P11-E** AttendanceReport + Excel + OtPolicy multiplier — **DONE S52** (`6a66429`, prod). Admin-only, weighted-OT-hours (no salary field → quy-đổi-giờ not pay, MVP). _Follow-up: menu-key promote (hiện via button)._
|
||
- ✅ **P11-F** CodeGen atomic MaTicket — **DONE S52** (`6a66429`, prod). gen-on-Create `IT/2026/NNN`.
|
||
|
||
### 🔧 Maintenance backlog
|
||
- RAG re-ingest `solution_erp` S42-S43 content (store_memory stopgap live; full re-index = AI_INFRA op)
|
||
- ✅ **gotcha #57 LeaveType+ShiftPattern+OtPolicy filtered-unique DONE S51** (Mig 45, **3 HRM catalog** — OtPolicy bị bỏ sót khỏi backlog "2 catalog", bắt được via grep + test-before 5 case). ⬜ **EXT (worktree session, Mig 46):** Department/Supplier/Project (Master, confirmed-reachable via global query-filter quirk); ContractClause/MeetingRoom/EmployeeProfile = SKIP (audit-verified not-reachable).
|
||
- Skill + doc drift audit cron — ✅ **2026-06-01 DONE (S44)** — 42 count-drift fixes + AI_INFRA bundle adopt; next **2026-07-01**
|
||
|
||
### 🚫 Phase 9 Ops (blocked — anh main coordinate)
|
||
- SMTP email outbound · Rotate prod creds · SQL auto-backup (backup-sql.ps1 ready, chờ Task Scheduler register) · UAT 2-3 user 1 tuần
|
||
|
||
---
|
||
|
||
## 🚨 Blockers / risks
|
||
- ⚠️ **Email SMTP chưa có** — blocker notification outbound
|
||
- ⚠️ **Credentials trong chat** — rotate trước go-live thật
|
||
- ⚠️ **SQL backup chưa auto** — risk data loss (script ready, chờ register)
|
||
- ⚠️ **UAT real user chưa chạy** — risk edge-case bug
|
||
- ⚠️ **Cert** `api.solutions.com.vn` expire ~2026-07-23 (auto-renew ~06-23)
|
||
|
||
---
|
||
|
||
## 🔑 Credentials + URLs
|
||
```
|
||
Prod login: admin@solutions.com.vn / Admin@123456 (⚠️ rotate sau login đầu)
|
||
```
|
||
- API prod `https://api.solutions.com.vn` (`/health/live` + `/health/ready`) · dev `http://localhost:5443` (`/swagger`)
|
||
- Admin FE prod `https://admin.solutions.com.vn` · dev `:8082`
|
||
- User FE prod `https://eoffice.solutions.com.vn` · dev `:8080`
|
||
- Gitea `https://git.baocaogiaoduc.vn/vietreport-admin/solution-erp` · SSH `ssh vietreport-vps`
|
||
- SQL prod `.\SQLEXPRESS` / `SolutionErp` · dev `(localdb)\MSSQLLocalDB` / `SolutionErp_Dev`
|
||
|
||
---
|
||
|
||
> **Session history:** S0→S39 full detail trong `docs/changelog/sessions/` + `docs/_archive/STATUS-preS40-fullhistory.md`. File này chỉ giữ state hiện tại + 3 session gần nhất.
|