Spaces:

kamau1
/

swiftops-backend

Sleeping

App Files Files Community

swiftops-backend / docs /README.md

kamau1

Iniital Commit

74de430 3 months ago

preview code

raw

history blame contribute delete

24.9 kB

	# SwiftOps Backend API

	Field Service Management Platform - FastAPI Backend

	A scalable, production-ready FastAPI backend for managing field service operations including ticket management, payroll processing, inventory tracking, and financial workflows.

	---

	## 🏗️ Architecture Overview

	```
	backend/
	├── app/
	│ ├── __init__.py
	│ ├── main.py # FastAPI application entry point
	│ ├── config.py # Configuration management (env vars, settings)
	│ │
	│ ├── api/ # API Layer - HTTP endpoints
	│ │ ├── __init__.py
	│ │ ├── deps.py # Shared dependencies (auth, db session)
	│ │ ├── v1/ # API version 1
	│ │ │ ├── __init__.py
	│ │ │ ├── router.py # Main router aggregator
	│ │ │ ├── auth.py # Authentication endpoints
	│ │ │ ├── users.py # User management
	│ │ │ ├── projects.py # Project CRUD
	│ │ │ ├── tickets.py # Ticket operations
	│ │ │ ├── assignments.py # Ticket assignment logic
	│ │ │ ├── payroll.py # Payroll generation & management
	│ │ │ ├── inventory.py # Inventory tracking
	│ │ │ ├── finance.py # Financial transactions
	│ │ │ ├── customers.py # Customer management
	│ │ │ ├── subscriptions.py # Subscription lifecycle
	│ │ │ ├── incidents.py # Support incidents
	│ │ │ ├── sales_orders.py # Sales order processing
	│ │ │ ├── analytics.py # Dashboard & reporting
	│ │ │ └── webhooks.py # Payment gateway webhooks
	│ │ │
	│ │ └── websockets/ # WebSocket endpoints
	│ │ ├── __init__.py
	│ │ ├── location.py # Real-time location tracking
	│ │ └── notifications.py # Real-time notifications
	│ │
	│ ├── core/ # Core Business Logic
	│ │ ├── __init__.py
	│ │ ├── auth.py # JWT handling, password hashing
	│ │ ├── security.py # RLS, permissions, RBAC
	│ │ ├── exceptions.py # Custom exception classes
	│ │ └── middleware.py # Custom middleware (logging, CORS)
	│ │
	│ ├── services/ # Business Logic Layer
	│ │ ├── __init__.py
	│ │ ├── ticket_service.py # Ticket lifecycle, assignment logic
	│ │ ├── payroll_service.py # Payroll calculation, generation
	│ │ ├── inventory_service.py # Inventory allocation, tracking
	│ │ ├── finance_service.py # Transaction workflows, approvals
	│ │ ├── sla_service.py # SLA calculation, monitoring
	│ │ ├── location_service.py # GPS validation, distance calculation
	│ │ ├── notification_service.py # Email, SMS, push notifications
	│ │ ├── payment_service.py # Payment gateway integration
	│ │ ├── subscription_service.py # Subscription activation, lifecycle
	│ │ └── analytics_service.py # Metrics, dashboard data
	│ │
	│ ├── models/ # SQLAlchemy ORM Models
	│ │ ├── __init__.py
	│ │ ├── base.py # Base model with common fields
	│ │ ├── user.py # User, UserFinancialAccounts
	│ │ ├── organization.py # Clients, Contractors
	│ │ ├── project.py # Projects, ProjectTeam, ProjectRoles
	│ │ ├── ticket.py # Tickets, TicketAssignments, TicketStatusHistory
	│ │ ├── customer.py # Customers, SalesOrders, Subscriptions
	│ │ ├── incident.py # Incidents
	│ │ ├── inventory.py # ProjectInventory, InventoryAssignments
	│ │ ├── finance.py # ProjectFinance, UserPayroll, PaymentLogs
	│ │ ├── timesheet.py # Timesheets
	│ │ └── document.py # Documents
	│ │
	│ ├── schemas/ # Pydantic Schemas (Request/Response)
	│ │ ├── __init__.py
	│ │ ├── user.py # UserCreate, UserUpdate, UserResponse
	│ │ ├── project.py # ProjectCreate, ProjectUpdate, ProjectResponse
	│ │ ├── ticket.py # TicketCreate, TicketUpdate, TicketResponse
	│ │ ├── payroll.py # PayrollCreate, PayrollCalculation
	│ │ ├── inventory.py # InventoryAssignment, InventoryDistribution
	│ │ ├── finance.py # TransactionCreate, TransactionApproval
	│ │ └── common.py # Shared schemas (Pagination, Filters)
	│ │
	│ ├── repositories/ # Data Access Layer (Repository Pattern)
	│ │ ├── __init__.py
	│ │ ├── base.py # Base repository with CRUD operations
	│ │ ├── user_repository.py # User-specific queries
	│ │ ├── ticket_repository.py # Ticket-specific queries
	│ │ ├── payroll_repository.py # Payroll-specific queries
	│ │ └── finance_repository.py # Finance-specific queries
	│ │
	│ ├── tasks/ # Background Tasks (Celery)
	│ │ ├── __init__.py
	│ │ ├── celery_app.py # Celery configuration
	│ │ ├── payroll_tasks.py # Weekly payroll generation
	│ │ ├── sla_tasks.py # SLA monitoring, alerts
	│ │ ├── notification_tasks.py # Send emails, SMS
	│ │ ├── invoice_tasks.py # Generate contractor invoices
	│ │ └── analytics_tasks.py # Pre-compute dashboard metrics
	│ │
	│ ├── integrations/ # External Service Integrations
	│ │ ├── __init__.py
	│ │ ├── supabase.py # Supabase client (Auth, Storage, Realtime)
	│ │ ├── mpesa.py # M-Pesa payment gateway
	│ │ ├── google_maps.py # Google Maps API (geocoding, distance)
	│ │ ├── sms_provider.py # SMS gateway (Africa's Talking, Twilio)
	│ │ ├── email_provider.py # Email service (SendGrid, AWS SES)
	│ │ └── storage.py # File storage (Supabase Storage, S3)
	│ │
	│ ├── utils/ # Utility Functions
	│ │ ├── __init__.py
	│ │ ├── date_utils.py # Date/time helpers
	│ │ ├── location_utils.py # GPS calculations, distance
	│ │ ├── validation.py # Custom validators
	│ │ ├── formatters.py # Data formatting helpers
	│ │ └── constants.py # Application constants
	│ │
	│ └── db/ # Database Configuration
	│ ├── __init__.py
	│ ├── session.py # Database session management
	│ ├── base.py # Base class for all models
	│ └── migrations/ # Alembic migrations
	│ └── versions/
	│
	├── tests/ # Test Suite
	│ ├── __init__.py
	│ ├── conftest.py # Pytest fixtures
	│ ├── unit/ # Unit tests
	│ │ ├── test_services/
	│ │ ├── test_repositories/
	│ │ └── test_utils/
	│ ├── integration/ # Integration tests
	│ │ ├── test_api/
	│ │ └── test_tasks/
	│ └── e2e/ # End-to-end tests
	│
	├── scripts/ # Utility Scripts
	│ ├── seed_data.py # Seed database with test data
	│ ├── generate_payroll.py # Manual payroll generation
	│ └── migrate_data.py # Data migration scripts
	│
	├── .env.example # Environment variables template
	├── .gitignore
	├── requirements.txt # Python dependencies
	├── pyproject.toml # Poetry configuration (alternative)
	├── Dockerfile # Docker container definition
	├── docker-compose.yml # Local development setup
	└── README.md # This file
	```

	---

	## 🎯 Core Functions & Responsibilities

	### 1. Authentication & Authorization
	Module: `app/api/v1/auth.py`, `app/core/auth.py`, `app/core/security.py`

	Functions:
	- User login/logout (JWT token generation)
	- Password reset flow
	- Role-based access control (RBAC)
	- Row-level security (RLS) enforcement
	- Multi-tenancy isolation (client/contractor scoping)

	Supabase Integration:
	- Uses Supabase Auth for user authentication
	- Validates JWT tokens from Supabase
	- Syncs user roles with custom `Users` table

	---

	### 2. Ticket Management
	Module: `app/services/ticket_service.py`, `app/api/v1/tickets.py`

	Functions:
	- Create tickets from sales orders, incidents, or tasks
	- Ticket assignment logic (manual, auto-assignment)
	- Limit self-assignment to 3 tickets per agent
	- Status transitions with validation
	- SLA deadline calculation and monitoring
	- GPS-based arrival verification
	- Ticket completion workflow

	Business Rules:
	```python
	# Example: Ticket Assignment Logic
	def assign_ticket(ticket_id, user_id):
	# 1. Check user has < 3 active assignments
	# 2. Verify user is in project team
	# 3. Check user's region matches ticket region
	# 4. Create TicketAssignment record
	# 5. Update ticket status to 'assigned'
	# 6. Send notification to agent
	# 7. Update SLA target date
	```

	---

	### 3. Payroll Processing
	Module: `app/services/payroll_service.py`, `app/api/v1/payroll.py`

	Functions:
	- Weekly payroll generation (automated via Celery)
	- Calculate earnings based on compensation type:
	- Flat rate (fixed weekly amount)
	- Commission (% of package price)
	- Hybrid (base + commission)
	- Hourly (based on timesheet hours)
	- Apply deductions (advances, penalties)
	- Generate payroll reports
	- Mark payroll as paid with payment reference

	Business Rules:
	```python
	# Example: Payroll Calculation
	def calculate_payroll(user_id, project_id, period_start, period_end):
	role = get_user_project_role(user_id, project_id)
	tickets_closed = count_tickets_closed(user_id, period_start, period_end)
	hours_worked = sum_timesheet_hours(user_id, period_start, period_end)

	if role.compensation_type == 'flat_rate':
	earnings = role.flat_rate_amount
	elif role.compensation_type == 'commission':
	earnings = sum_ticket_values(tickets) * role.commission_percentage
	elif role.compensation_type == 'hybrid':
	earnings = role.base_amount + (sum_ticket_values(tickets) * role.commission_percentage)
	elif role.compensation_type == 'hourly':
	earnings = hours_worked * role.hourly_rate

	deductions = get_user_deductions(user_id, period_start, period_end)
	total = earnings - deductions

	return create_payroll_record(...)
	```

	---

	### 4. Inventory Management
	Module: `app/services/inventory_service.py`, `app/api/v1/inventory.py`

	Functions:
	- Allocate inventory to regional hubs
	- Issue equipment to field agents
	- Track serial numbers and unit identifiers
	- Prevent duplicate assignments (same serial issued twice)
	- Handle returns (tools) and installations (equipment)
	- Optimistic locking for concurrent updates
	- Inventory reconciliation reports

	Business Rules:
	```python
	# Example: Inventory Assignment
	def assign_inventory_to_agent(distribution_id, user_id, unit_identifier):
	# 1. Check unit_identifier not already assigned
	# 2. Verify quantity_available > 0
	# 3. Check user is in same region as distribution
	# 4. Create InventoryAssignment record
	# 5. Update distribution.quantity_issued
	# 6. Use optimistic locking (version field)
	```

	---

	### 5. Financial Management
	Module: `app/services/finance_service.py`, `app/api/v1/finance.py`

	Functions:
	- Record project expenses (inflows/outflows)
	- Approval workflow (pending → approved → paid)
	- Link to entities (tickets, payroll, invoices)
	- Payment gateway integration (M-Pesa, bank transfers)
	- Transaction reconciliation
	- Financial reporting and audit trails

	Business Rules:
	```python
	# Example: Expense Approval Workflow
	def approve_expense(expense_id, approver_id):
	# 1. Check approver has 'dispatcher' or 'project_manager' role
	# 2. Verify expense is in 'pending' status
	# 3. Validate location_verified = TRUE (if required)
	# 4. Update status to 'approved'
	# 5. Create ProjectFinance record
	# 6. Send notification to incurred_by_user
	```

	---

	### 6. Location Tracking
	Module: `app/services/location_service.py`, `app/api/websockets/location.py`

	Functions:
	- Real-time GPS tracking via WebSocket
	- Validate agent arrival at customer site
	- Calculate distance between agent and customer
	- Journey tracking (breadcrumb trail)
	- Fraud detection (impossible travel speeds)
	- Update user current location

	Business Rules:
	```python
	# Example: Arrival Verification
	def verify_arrival(ticket_id, agent_location):
	ticket = get_ticket(ticket_id)
	customer_location = get_customer_location(ticket.customer_id)

	distance = calculate_distance(agent_location, customer_location)

	if distance <= 100: # Within 100 meters
	mark_arrived(ticket_id, agent_location, verified=True)
	else:
	mark_arrived(ticket_id, agent_location, verified=False)
	```

	---

	### 7. SLA Monitoring
	Module: `app/services/sla_service.py`, `app/tasks/sla_tasks.py`

	Functions:
	- Calculate SLA deadlines based on priority
	- Monitor tickets approaching deadline
	- Send alerts to managers and agents
	- Mark tickets as SLA violated
	- Generate SLA compliance reports

	Background Task (runs every hour):
	```python
	@celery_app.task
	def monitor_sla_violations():
	# 1. Find tickets with sla_target_date < now() and status != 'completed'
	# 2. Mark sla_violated = TRUE
	# 3. Send notifications to project managers
	# 4. Log SLA violation event
	```

	---

	### 8. Payment Gateway Integration
	Module: `app/services/payment_service.py`, `app/integrations/mpesa.py`

	Functions:
	- Initiate M-Pesa payments (B2C, B2B)
	- Handle payment callbacks/webhooks
	- Retry failed payments
	- Log all payment attempts (PaymentLogs)
	- Reconcile payments with transactions

	Webhook Handler:
	```python
	@router.post("/webhooks/mpesa")
	async def mpesa_callback(payload: dict):
	# 1. Validate webhook signature
	# 2. Parse payment result
	# 3. Update ProjectFinance status
	# 4. Create PaymentLog entry
	# 5. Send notification to user
	```

	---

	### 9. Subscription Management
	Module: `app/services/subscription_service.py`, `app/api/v1/subscriptions.py`

	Functions:
	- Activate subscriptions after installation
	- Validate activation requirements (dynamic per project)
	- Manage subscription lifecycle (active, suspended, cancelled)
	- Link subscriptions to tickets and sales orders

	Business Rules:
	```python
	# Example: Subscription Activation
	def activate_subscription(subscription_id, activation_data):
	subscription = get_subscription(subscription_id)
	project = get_project(subscription.project_id)

	# Validate dynamic activation requirements
	for requirement in project.activation_requirements:
	if requirement['required'] and requirement['field'] not in activation_data:
	raise ValidationError(f"Missing required field: {requirement['label']}")

	# Update subscription
	subscription.status = 'active'
	subscription.activation_date = date.today()
	subscription.activation_details = activation_data
	subscription.activated_by_user_id = current_user.id
	```

	---

	### 10. Analytics & Reporting
	Module: `app/services/analytics_service.py`, `app/api/v1/analytics.py`

	Functions:
	- Dashboard metrics (tickets, revenue, SLA compliance)
	- Agent performance reports
	- Project financial summaries
	- Inventory utilization reports
	- Pre-computed aggregations (via Celery)

	Background Task (runs daily):
	```python
	@celery_app.task
	def compute_daily_metrics():
	# 1. Calculate tickets closed per agent
	# 2. Compute average completion time
	# 3. Calculate SLA compliance rate
	# 4. Store in cache (Redis)
	```

	---

	## 🔗 Supabase Integration Points

	### 1. Authentication
	```python
	# app/integrations/supabase.py
	from supabase import create_client

	supabase = create_client(SUPABASE_URL, SUPABASE_KEY)

	# Verify JWT token from frontend
	def verify_token(token: str):
	user = supabase.auth.get_user(token)
	return user
	```

	### 2. Storage (File Uploads)
	```python
	# Upload ticket photos, receipts
	def upload_document(file, bucket="documents"):
	path = f"{user_id}/{ticket_id}/{filename}"
	supabase.storage.from_(bucket).upload(path, file)
	return supabase.storage.from_(bucket).get_public_url(path)
	```

	### 3. Realtime (WebSocket)
	```python
	# Subscribe to ticket updates
	supabase.realtime.channel('tickets')
	.on('postgres_changes',
	event='UPDATE',
	schema='public',
	table='Tickets',
	callback=handle_ticket_update)
	.subscribe()
	```

	### 4. Database (Direct Queries)
	```python
	# Use Supabase client for simple queries (optional)
	# For complex queries, use SQLAlchemy ORM
	tickets = supabase.table('Tickets').select('*').eq('status', 'open').execute()
	```

	---

	## 🚀 Getting Started

	### Prerequisites
	- Python 3.11+
	- PostgreSQL 15+ (Supabase)
	- Redis (for caching and Celery)
	- Docker & Docker Compose (optional)

	### Installation

	1. Clone the repository
	```bash
	git clone <repo-url>
	cd backend
	```

	2. Create virtual environment
	```bash
	python -m venv venv
	source venv/bin/activate # On Windows: venv\Scripts\activate
	```

	3. Install dependencies
	```bash
	pip install -r requirements.txt
	```

	4. Set up environment variables
	```bash
	cp .env.example .env
	# Edit .env with your Supabase credentials
	```

	5. Run database migrations
	```bash
	alembic upgrade head
	```

	6. Start the development server
	```bash
	uvicorn app.main:app --reload --host 0.0.0.0 --port 8000
	```

	7. Start Celery worker (in separate terminal)
	```bash
	celery -A app.tasks.celery_app worker --loglevel=info
	```

	8. Start Celery beat (scheduler, in separate terminal)
	```bash
	celery -A app.tasks.celery_app beat --loglevel=info
	```

	---

	## 🐳 Docker Setup

	```bash
	# Start all services (API, Celery, Redis)
	docker-compose up -d

	# View logs
	docker-compose logs -f api

	# Stop services
	docker-compose down
	```

	---

	## 📝 Environment Variables

	```bash
	# .env.example

	# Application
	APP_NAME=SwiftOps API
	APP_VERSION=1.0.0
	DEBUG=True
	ENVIRONMENT=development

	# Database (Supabase PostgreSQL)
	DATABASE_URL=postgresql://user:password@host:5432/dbname
	SUPABASE_URL=https://your-project.supabase.co
	SUPABASE_KEY=your-anon-key
	SUPABASE_SERVICE_KEY=your-service-role-key

	# JWT
	SECRET_KEY=your-secret-key-here
	ALGORITHM=HS256
	ACCESS_TOKEN_EXPIRE_MINUTES=30

	# Redis
	REDIS_URL=redis://localhost:6379/0

	# Celery
	CELERY_BROKER_URL=redis://localhost:6379/0
	CELERY_RESULT_BACKEND=redis://localhost:6379/0

	# Payment Gateways
	MPESA_CONSUMER_KEY=your-mpesa-key
	MPESA_CONSUMER_SECRET=your-mpesa-secret
	MPESA_SHORTCODE=174379
	MPESA_PASSKEY=your-passkey

	# Google Maps
	GOOGLE_MAPS_API_KEY=your-google-maps-key

	# SMS Provider (Africa's Talking)
	AFRICASTALKING_USERNAME=your-username
	AFRICASTALKING_API_KEY=your-api-key

	# Email Provider (SendGrid)
	SENDGRID_API_KEY=your-sendgrid-key
	FROM_EMAIL=noreply@swiftops.com

	# File Storage
	STORAGE_PROVIDER=supabase # or 's3'
	AWS_ACCESS_KEY_ID=your-aws-key
	AWS_SECRET_ACCESS_KEY=your-aws-secret
	AWS_S3_BUCKET=your-bucket-name
	```

	---

	## 🧪 Testing

	```bash
	# Run all tests
	pytest

	# Run with coverage
	pytest --cov=app --cov-report=html

	# Run specific test file
	pytest tests/unit/test_services/test_payroll_service.py

	# Run integration tests only
	pytest tests/integration/
	```

	---

	## 📚 API Documentation

	Once the server is running, visit:
	- Swagger UI: http://localhost:8000/docs
	- ReDoc: http://localhost:8000/redoc
	- OpenAPI JSON: http://localhost:8000/openapi.json

	---

	## 🏛️ Design Patterns & Best Practices

	### 1. Repository Pattern
	Separates data access logic from business logic.

	```python
	# app/repositories/ticket_repository.py
	class TicketRepository:
	def get_by_id(self, ticket_id: UUID) -> Ticket:
	return db.query(Ticket).filter(Ticket.id == ticket_id).first()

	def get_open_tickets(self, project_id: UUID) -> List[Ticket]:
	return db.query(Ticket).filter(
	Ticket.project_id == project_id,
	Ticket.status == 'open',
	Ticket.deleted_at.is_(None)
	).all()
	```

	### 2. Service Layer Pattern
	Encapsulates business logic.

	```python
	# app/services/ticket_service.py
	class TicketService:
	def __init__(self, ticket_repo: TicketRepository):
	self.ticket_repo = ticket_repo

	def assign_ticket(self, ticket_id: UUID, user_id: UUID):
	# Business logic here
	ticket = self.ticket_repo.get_by_id(ticket_id)
	self._validate_assignment(ticket, user_id)
	assignment = self._create_assignment(ticket, user_id)
	self._send_notification(user_id, ticket)
	return assignment
	```

	### 3. Dependency Injection
	Use FastAPI's dependency injection system.

	```python
	# app/api/deps.py
	def get_db():
	db = SessionLocal()
	try:
	yield db
	finally:
	db.close()

	def get_current_user(token: str = Depends(oauth2_scheme)):
	# Validate token and return user
	return user

	# Usage in endpoint
	@router.get("/tickets")
	def get_tickets(
	db: Session = Depends(get_db),
	current_user: User = Depends(get_current_user)
	):
	return ticket_service.get_tickets(db, current_user)
	```

	### 4. Optimistic Locking
	Prevent concurrent update conflicts.

	```python
	def update_inventory_distribution(distribution_id, updates, version):
	distribution = db.query(ProjectInventoryDistribution).filter(
	ProjectInventoryDistribution.id == distribution_id,
	ProjectInventoryDistribution.version == version
	).first()

	if not distribution:
	raise ConcurrentUpdateError("Record was modified by another user")

	# Apply updates
	distribution.quantity_issued += updates.quantity
	distribution.version += 1
	db.commit()
	```

	### 5. Soft Deletes
	Always filter out soft-deleted records.

	```python
	# Base repository method
	def get_active(self, model_class):
	return db.query(model_class).filter(model_class.deleted_at.is_(None))
	```

	---

	## 🔐 Security Considerations

	1. Row-Level Security (RLS)
	- Enforce tenant isolation at database level
	- Use Supabase RLS policies

	2. API Rate Limiting
	- Implement rate limiting per client/user
	- Use Redis for rate limit tracking

	3. Input Validation
	- Use Pydantic schemas for all inputs
	- Validate file uploads (type, size)

	4. Audit Logging
	- Log all financial transactions
	- Track who created/updated records

	5. Secrets Management
	- Never commit secrets to git
	- Use environment variables or secret managers

	---

	## 📈 Scalability Considerations

	1. Database Connection Pooling
	- Use SQLAlchemy connection pool
	- Configure pool size based on load

	2. Caching Strategy
	- Cache frequently accessed data (Redis)
	- Invalidate cache on updates

	3. Background Jobs
	- Offload heavy tasks to Celery
	- Use task queues for async processing

	4. Horizontal Scaling
	- Stateless API design
	- Load balance across multiple instances

	5. Database Optimization
	- Use indexes effectively
	- Monitor slow queries
	- Consider read replicas for reporting

	---

	## 🤝 Contributing

	1. Create a feature branch
	2. Write tests for new features
	3. Follow PEP 8 style guide
	4. Update documentation
	5. Submit pull request

	---

	## 📄 License

	[Your License Here]

	---

	## 📞 Support

	For questions or issues, contact: [your-email@example.com]