Scott.Idem/OSIT-AE-API-FastAPI
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
f1c8958a7a0d17c158e7b4dc79719db74f804a83
OSIT-AE-API-FastAPI/documentation/TODO__Agents.md
Scott Idem f1c8958a7a feat: Scaffold Novi-Mailman Bridge integration 
- app/methods/e_novi_mailman_methods.py: full sync engine, per-member
  sync helper, webhook handler, and Mailman 3 REST subscribe/unsubscribe
- app/routers/api_v3_actions_e_novi_mailman.py: test_connection, list
  inspection, full sync trigger, and Novi webhook receiver endpoints
- registry.py: registered at /v3/action/e_novi_mailman
- TODO: marked as scaffolded, pending Novi field verification + data_store setup

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-03-10 19:16:16 -04:00

2.6 KiB
Raw Blame History

Backend Agent Task List

Use this file to track steps for complex features or bug fixes. Status: 🔵 DEPLOYMENT READY - Unified Docker Orchestration Complete.

🚀 Recent Infrastructure Wins

  • Self-Contained Build: Dockerfile and requirements.txt moved to project root.
  • Dependency Pruning: Removed 6 redundant/unused Python packages.
  • Unified Orchestration: API now builds as part of the aether_container_env stack.

📋 Operational Hardening (Next Steps)

  • Healthcheck: Implement /health route to verify DB/Redis status for Docker orchestration.
  • Config Refactor: Switch app/config.py to pydantic-settings to use direct Env Vars (Stop mounting config files).
  • Locking: Generate a requirements.lock for bit-identical builds.

📋 Feature Tasks

  • Core Isolation: Harden apply_forced_account_filter to Fail-Closed.
  • IDAA Baseline: Remove public_read from Event, CMS, and Archive objects.
  • Detailed Feedback: Implement descriptive 403 Forbidden reasons.
  • Polymorphic For_ID Patterns: Add ID Vision to Address, Contact, and DataStore objects.
  • Event File Hash_SHA256 Fix: Populate hosted_file_hash_sha256 correctly.
  • Step 1: ID Vision Parity Audit
    • Audit Core Event Models (Badge, Session, Presentation).
    • Audit File/Exhibit Models (File, Template, Tracking).
    • Whitelist account_id in all Event search definitions.
    • Audit Relational "Low-Priority" Models (Address, Contact, DataStore).
    • V3 Uniform Lookup System: Phase 1 & 2 Complete.
    • Verify SQL Views join in all required _random IDs for performance.
  • Step 2: Coordination (Verify Frontend uses x-account-id instead of token).

🛡️ Security & Privacy Baseline (IDAA)

  • Status: ENFORCED.
  • Maintenance: Run tests/e2e/test_e2e_v3_security_audit.py after ANY router or registry change.

🚧 Strategic Goals (V3.5+)

  • Pydantic V2 / SQLAlchemy 2.0: Major framework upgrade for performance and type safety.
  • [~] Novi-Mailman Bridge: Synchronization between Novi AMS and Mailman 3. (Scaffolded — needs Novi field name verification + credential setup in data_store)
  • Lookup System Batch 2: Migration of post_topic, user_status, file_purpose.
  • Zoom Events Integration: Implement cron synchronization for OAuth2 ticket retrieval.

📝 Session Notes (March 10, 2026)

  • Unified Stack: Merged API orchestration into the master environment.
  • Root Assets: Docker assets are now part of this git repo again.
  • Pruning: Successfully reduced dependency bloat in requirements.txt.
Reference in New Issue View Git Blame Copy Permalink