Update main.py

main.py

@@ -2,7 +2,6 @@ import os
 import json
 import uuid
 import datetime
-import pandas as pd
 from flask import Flask, request, jsonify
 from flask_cors import CORS
 from werkzeug.utils import secure_filename
@@ -15,7 +14,9 @@ import logging
 from logging.handlers import RotatingFileHandler
 import time
 import random
-from datetime import datetime as dt_class
+from datetime import datetime as dt_class, timezone
+from zoneinfo import ZoneInfo
+import pandas as pd
 
 # === Logging Configuration ===
 if not os.path.exists('logs'):
@@ -35,8 +36,13 @@ root_logger.setLevel(logging.INFO)
 root_logger.addHandler(file_handler)
 root_logger.addHandler(console_handler)
 
-# === ENV Config ===
+# === ENV Config & Admin Setup ===
+# For authenticating API requests. This should match the users' actual login emails.
 ADMIN_EMAILS = ["rairorr@gmail.com", "nharingosheperd@gmail.com"]
+
+# NEW: For sending email notifications. This list works around the Resend bug.
+SEND_TO_EMAILS = ["rairorr@gmail.com", "nharingosheperd+guard@gmail.com"]
+
 RESEND_API_KEY = os.getenv("RESEND_API_KEY")
 FIREBASE_CRED_JSON = json.loads(os.getenv("FIREBASE"))
 FIREBASE_DB_URL = os.getenv("Firebase_DB")
@@ -65,17 +71,14 @@ logger.info("Flask, APScheduler, and Resend initialized.")
 def send_email(to, subject, html):
     """Sends an email with robust error logging."""
     try:
-        # Note: Sanitization is now handled by the caller function
+        clean_to = to.strip()
         response = Emails.send({
             "from": "Admin <admin@resend.dev>",
-            "to": to,
+            "to": clean_to,
             "subject": subject,
             "html": html
         })
-        if response is None:
-            logger.warning(f"Email API returned None for recipient {to}. Check Resend dashboard for suppression list.")
-            return None
-        logger.info(f"Email sent successfully to {to}. Response ID: {response.get('id')}")
+        logger.info(f"Email sent successfully to {clean_to}. Response ID: {response.get('id')}")
         return response
     except ResendError as e:
         logger.error(f"A Resend API error occurred for recipient '{to}'. The error is: {str(e)}", exc_info=True)
@@ -85,24 +88,26 @@ def send_email(to, subject, html):
         return None
 
 
-# === DEFINITIVELY FIXED FUNCTION (send_rotation_notification) ===
 def send_rotation_notification(job_id, shift_record):
-    """Builds and sends email notifications with aggressive sanitization and debugging."""
+    """Builds and sends email notifications with CAT timezone."""
     try:
         job_ref = db.reference(f"jobs/{job_id}")
         job_data = job_ref.get()
-        if not job_data:
-            logger.warning(f"Job {job_id} not found for rotation notification.")
-            return
+        if not job_data: return
 
         job_name = job_data.get("name", "Unknown Job")
         shift_number = shift_record.get("shift_number", "Unknown")
 
+        # --- TIMEZONE CONVERSION ---
+        human_readable_time = 'Unknown'
         try:
             assigned_time_iso = shift_record.get('assigned_at', '')
-            dt_object = dt_class.fromisoformat(assigned_time_iso)
-            human_readable_time = dt_object.strftime("%B %d, %Y at %I:%M %p UTC")
-        except (ValueError, TypeError):
+            utc_time = dt_class.fromisoformat(assigned_time_iso)
+            cat_tz = ZoneInfo("Africa/Harare") # CAT is UTC+2
+            cat_time = utc_time.astimezone(cat_tz)
+            human_readable_time = cat_time.strftime("%B %d, %Y at %I:%M %p %Z")
+        except (ValueError, TypeError) as e:
+            logger.warning(f"Could not parse or convert timestamp for email: {e}")
             human_readable_time = shift_record.get('assigned_at', 'Unknown')
 
         html_content = f"""
@@ -125,19 +130,9 @@ def send_rotation_notification(job_id, shift_record):
 
         subject = f"Guard Rotation - {job_name} (Shift {shift_number})"
         
-        for admin_email in ADMIN_EMAILS:
-            # --- ULTIMATE DEBUGGING AND SANITIZATION ---
-            # 1. Log the raw state of the string
-            logger.debug(f"RAW email string | Length: {len(admin_email)} | Representation: {repr(admin_email)}")
-            
-            # 2. Aggressively sanitize the string by re-encoding it. This removes hidden characters.
-            sanitized_email = admin_email.encode('utf-8', 'ignore').decode('utf-8').strip()
-            
-            # 3. Log the sanitized state
-            logger.debug(f"SANITIZED email string | Length: {len(sanitized_email)} | Representation: {repr(sanitized_email)}")
-
-            logger.info(f"Sending rotation notification to {sanitized_email}...")
-            send_email(sanitized_email, subject, html_content) # Use the sanitized email
+        for send_to_email in SEND_TO_EMAILS:
+            logger.info(f"Sending rotation notification to {send_to_email}...")
+            send_email(send_to_email, subject, html_content)
             time.sleep(1)
             
     except Exception as e:
@@ -145,6 +140,7 @@ def send_rotation_notification(job_id, shift_record):
 
 
 def verify_token(req):
+    """Verifies Firebase token and checks against the ADMIN_EMAILS list."""
     try:
         auth_header = req.headers.get("Authorization", "").split("Bearer ")[-1]
         user_email = req.headers.get("X-User-Email")
@@ -155,6 +151,7 @@ def verify_token(req):
         return None
 
 def setup_admins():
+    """Sets up admin users in Firebase based on the ADMIN_EMAILS list."""
     ref = db.reference("admins")
     for email in ADMIN_EMAILS:
         uid = f"admin_{email.replace('@', '_').replace('.', '_')}"
@@ -162,15 +159,13 @@ def setup_admins():
 setup_admins()
 
 def assign_roster(job_id):
-    """Assigns roster for a job, correctly handling multiple guards per point."""
+    """Assigns roster for a job."""
     try:
         logger.info(f"Starting roster assignment for job {job_id}")
         job_ref = db.reference(f"jobs/{job_id}")
         job_data = job_ref.get()
 
-        if not job_data or job_data.get("status") != "active":
-            logger.info(f"Job {job_id} not found or not active. Skipping assignment.")
-            return
+        if not job_data or job_data.get("status") != "active": return
 
         guarding_points = job_data.get("guarding_points", [])
         assigned_members = job_data.get("assigned_members", [])
@@ -180,43 +175,24 @@ def assign_roster(job_id):
             return
 
         shift_number = len(job_data.get("assignments", [])) + 1
-        shift_assignments = []
         available_for_shift = random.sample(assigned_members, len(assigned_members))
         
         total_guards_required = sum(int(point.get('guards', 1)) for point in guarding_points)
         if len(available_for_shift) < total_guards_required:
-            logger.error(f"INSUFFICIENT MEMBERS: Job {job_id} requires {total_guards_required} guards but only {len(available_for_shift)} are available. Aborting shift.")
+            logger.error(f"INSUFFICIENT MEMBERS: Job {job_id} requires {total_guards_required} but only {len(available_for_shift)} are available. Aborting.")
             return
 
-        logger.info(f"Assigning shift {shift_number} for job {job_id}. Required guards: {total_guards_required}.")
-
+        shift_assignments = []
         for point in guarding_points:
-            guards_for_point = []
-            try:
-                num_guards_required = int(point.get('guards', 1))
-            except (ValueError, TypeError):
-                num_guards_required = 1
-            
-            logger.debug(f"Assigning to point '{point.get('name')}'. Need {num_guards_required} guard(s).")
-
-            for _ in range(num_guards_required):
-                if not available_for_shift:
-                    logger.warning(f"Ran out of available members while assigning to point {point.get('name')}")
-                    break
-                selected_member = available_for_shift.pop(0)
-                guards_for_point.append(selected_member)
-
+            num_guards_required = int(point.get('guards', 1))
+            guards_for_point = [available_for_shift.pop(0) for _ in range(num_guards_required) if available_for_shift]
             if guards_for_point:
-                shift_assignments.append({
-                    "point": point,
-                    "members": guards_for_point,
-                    "is_special_case": False
-                })
+                shift_assignments.append({"point": point, "members": guards_for_point, "is_special_case": False})
         
         if shift_assignments:
             shift_record = {
                 "shift_number": shift_number,
-                "assigned_at": dt_class.now().isoformat(),
+                "assigned_at": dt_class.now(timezone.utc).isoformat(),
                 "assignments": shift_assignments,
                 "shift_id": str(uuid.uuid4())
             }
@@ -224,14 +200,14 @@ def assign_roster(job_id):
             current_assignments.append(shift_record)
             job_ref.update({
                 "assignments": current_assignments,
-                "last_updated": dt_class.now().isoformat()
+                "last_updated": dt_class.now(timezone.utc).isoformat()
             })
 
             logger.info(f"Shift {shift_number} assigned for job {job_id}.")
             send_rotation_notification(job_id, shift_record)
 
             rotation_period = job_data.get("rotation_period", 28800)
-            next_run_time = dt_class.now() + datetime.timedelta(seconds=rotation_period)
+            next_run_time = dt_class.now(timezone.utc) + datetime.timedelta(seconds=rotation_period)
             
             scheduler.add_job(
                 func=assign_roster, trigger="date", run_date=next_run_time,
@@ -239,9 +215,6 @@ def assign_roster(job_id):
                 replace_existing=True
             )
             logger.info(f"Scheduled next rotation for job {job_id} in {rotation_period} seconds.")
-        else:
-            logger.error(f"No assignments were created for job {job_id}, shift {shift_number}.")
-
     except Exception:
         logger.error(f"CRITICAL ERROR in assign_roster for job {job_id}", exc_info=True)
 
@@ -259,7 +232,6 @@ def log_response_info(response):
 def home():
     return jsonify({"message": "Rairo Guards API is running.", "status": "ok"}), 200
 
-# (All your other routes like /upload_members, /create_job, etc. remain here unchanged)
 @app.route("/upload_members", methods=["POST"])
 def upload_members():
     if not verify_token(request): return jsonify({"error": "Unauthorized"}), 401
@@ -323,12 +295,12 @@ def create_job():
         return jsonify({"error": "Guarding points must be between 5 and 15"}), 400
     for i, point in enumerate(guarding_points): 
         point.setdefault("id", f"point_{i+1}")
-    job_data = {**data, "guarding_points": guarding_points, "created_at": dt_class.now().isoformat(), "status": "created", "assignments": []}
+    job_data = {**data, "guarding_points": guarding_points, "created_at": dt_class.now(timezone.utc).isoformat(), "status": "created", "assignments": []}
     try:
         db.reference(f"jobs/{job_id}").set(job_data)
         return jsonify({"message": "Job created", "job_id": job_id}), 200
     except Exception as e:
-        logger.error("Error creating job: {e}", exc_info=True)
+        logger.error(f"Error creating job: {e}", exc_info=True)
         return jsonify({"error": "Internal server error"}), 500
 
 @app.route("/update_job/<job_id>", methods=["POST"])
@@ -370,7 +342,7 @@ def start_scheduled_job(job_id):
         logger.info(f"Executing scheduled start for job {job_id}")
         job_ref = db.reference(f"jobs/{job_id}")
         if job_ref.get():
-            job_ref.update({"status": "active", "started_at": dt_class.now().isoformat()})
+            job_ref.update({"status": "active", "started_at": dt_class.now(timezone.utc).isoformat()})
             assign_roster(job_id)
     except Exception as e:
         logger.error(f"Error in start_scheduled_job for {job_id}: {e}", exc_info=True)
@@ -381,14 +353,13 @@ def start_job(job_id):
     job_ref = db.reference(f"jobs/{job_id}")
     if not job_ref.get(): return jsonify({"error": "Job not found"}), 404
     try:
-        job_ref.update({"status": "active", "started_at": dt_class.now().isoformat()})
+        job_ref.update({"status": "active", "started_at": dt_class.now(timezone.utc).isoformat()})
         logger.info(f"Job {job_id} status updated to active.")
         scheduler.add_job(
             func=assign_roster, trigger="date",
-            run_date=dt_class.now() + datetime.timedelta(seconds=5),
+            run_date=dt_class.now(timezone.utc) + datetime.timedelta(seconds=5),
             args=[job_id], id=f"start_{job_id}", replace_existing=True
         )
-        logger.info(f"First assignment for job {job_id} scheduled.")
         return jsonify({"message": f"Job {job_id} started"}), 202
     except Exception as e:
         logger.error(f"Error starting job {job_id}: {e}", exc_info=True)
@@ -497,7 +468,7 @@ def add_special_case(job_id):
         return jsonify({"error": "Guarding point not found in job"}), 404
     if not any(m["id"] == member_id for m in job_data.get("assigned_members", [])):
         return jsonify({"error": "Member not assigned to job"}), 404
-    special_case = {"id": str(uuid.uuid4()), **data, "created_at": dt_class.now().isoformat()}
+    special_case = {"id": str(uuid.uuid4()), **data, "created_at": dt_class.now(timezone.utc).isoformat()}
     special_cases = job_data.get("special_cases", [])
     special_cases.append(special_case)
     try:
@@ -529,41 +500,7 @@ def get_roster(job_id):
     except Exception as e:
         logger.error(f"Error getting roster for {job_id}: {e}", exc_info=True)
         return jsonify({"error": "Internal server error"}), 500
-# === NEW DEBUGGING ROUTE ===
-@app.route("/test_email", methods=["GET"])
-def test_email():
-    """A simple endpoint to test sending emails to specific addresses."""
-    # Ensure you have access to your logger and send_email function
-    logger.info("--- STARTING EMAIL TEST ---")
-    
-    # Test case 1: The email that works
-    logger.info("TEST 1: Sending to the known working address...")
-    res1 = send_email("rairorr@gmail.com", "API Test 1 (Working)", "<p>This is a test.</p>")
-    status1 = "Success" if res1 else "Failed"
-    
-    # Test case 2: The email that fails
-    logger.info("TEST 2: Sending to the known failing address...")
-    res2 = send_email("nharingosheperd@gmail.com", "API Test 2 (Failing)", "<p>This is a test.</p>")
-    status2 = "Success" if res2 else "Failed"
-
-    # Test case 3: The modified email to bypass a simple string filter
-    logger.info("TEST 3: Sending to a modified version of the failing address...")
-    res3 = send_email("nharingosheperd+test@gmail.com", "API Test 3 (Modified)", "<p>This is a test.</p>")
-    status3 = "Success" if res3 else "Failed"
-
-    # Test case 4: The modified email to bypass a simple string filter
-    logger.info("TEST 4: Sending to a modified version of the failing address...")
-    res4 = send_email("initiumzim@gmail.com", "API Test 4 (Modified)", "<p>This is a test.</p>")
-    status4 = "Success" if res4 else "Failed"
-    
-    logger.info("--- FINISHED EMAIL TEST ---")
-
-    return jsonify({
-        "test_1_working_email": status1,
-        "test_2_failing_email": status2,
-        "test_3_modified_email": status3,
-        "test_4_modified_email": status4,
-    }), 200
+
 # === Run Server ===
 if __name__ == "__main__":
     logger.info("Starting Flask application...")