feat: Fase 1 – Fondamenta complete (backend FastAPI + auth + permessi)

- docker-compose.yml: PostgreSQL 16, Redis 7, MinIO, Nginx - backend FastAPI: struttura monorepo, config pydantic-settings - modelli SQLAlchemy: tutti i modelli (tenants, users, mailboxes, messages, archival, permissions, labels, audit_log) - migrazione Alembic 0001: schema completo in pure SQL - auth API: login JWT, refresh token rotation, logout, 2FA TOTP (setup/verify/disable) - CRUD utenti: lista, crea, modifica, reset password, soft delete - permessi granulari (Fase 1-A): mailbox_permissions, assegna/revoca/lista - CRUD tenant: gestione super-admin - sicurezza: AES-256-GCM cifratura credenziali IMAP/SMTP, bcrypt password - RLS PostgreSQL: isolamento multi-tenant per request - seed sviluppo: tenant demo + admin + operator - test unit: security (bcrypt, JWT, AES), auth_service - test integration: auth endpoints, users endpoints - CI GitHub Actions: lint (ruff), test (pytest), build Docker, security scan - infra: nginx.conf, redis.conf - Makefile con comandi make dev/test/migrate/seed Definition of Done: ✅ Login, refresh token e TOTP funzionanti ✅ make dev porta in piedi tutto lo stack locale ✅ CI configurata
2026-06-16 12:45:42 +02:00 · 2026-03-18 16:42:01 +01:00
parent 0251c2bbb0
commit 58a233236c
60 changed files with 6942 additions and 0 deletions
@@ -0,0 +1,106 @@
+## PecFlow – Developer Commands
+
+.PHONY: dev down build test migrate seed lint format clean logs ps help
+
+# Variabili
+COMPOSE = docker compose
+BACKEND = $(COMPOSE) exec backend
+PYTEST   = $(BACKEND) python -m pytest
+
+help:  ## Mostra questo help
+	@grep -E '^[a-zA-Z_-]+:.*?## .*$$' $(MAKEFILE_LIST) | \
+		awk 'BEGIN {FS = ":.*?## "}; {printf "  \033[36m%-20s\033[0m %s\n", $$1, $$2}'
+
+# ─── Stack locale ────────────────────────────────────────────────────────────
+
+dev:  ## Avvia l'intero stack in background
+	$(COMPOSE) up -d --build
+	@echo ""
+	@echo "  ✅  Stack avviato:"
+	@echo "  📡  API:      http://localhost:8000"
+	@echo "  📖  Docs:     http://localhost:8000/docs"
+	@echo "  🗄️   MinIO:    http://localhost:9001  (admin/password)"
+	@echo "  📊  PgAdmin:  http://localhost:5050   (admin@pecflow.it / admin)"
+	@echo ""
+
+down:  ## Ferma e rimuove i container (preserva i volumi)
+	$(COMPOSE) down
+
+down-v:  ## Ferma e rimuove TUTTO inclusi i volumi (reset completo)
+	$(COMPOSE) down -v
+
+build:  ## Rebuilda le immagini senza usare la cache
+	$(COMPOSE) build --no-cache
+
+logs:  ## Segui i log di tutti i servizi
+	$(COMPOSE) logs -f
+
+logs-backend:  ## Segui i log del backend
+	$(COMPOSE) logs -f backend
+
+ps:  ## Stato dei container
+	$(COMPOSE) ps
+
+# ─── Database ────────────────────────────────────────────────────────────────
+
+migrate:  ## Esegui le migrazioni Alembic pendenti
+	$(BACKEND) alembic upgrade head
+
+migrate-down:  ## Rollback dell'ultima migrazione
+	$(BACKEND) alembic downgrade -1
+
+migrate-status:  ## Stato migrazioni
+	$(BACKEND) alembic current
+
+makemigration:  ## Genera una nuova migrazione (usa: make makemigration MSG="descrizione")
+	$(BACKEND) alembic revision --autogenerate -m "$(MSG)"
+
+seed:  ## Esegui seed dati di sviluppo (tenant demo + admin)
+	$(COMPOSE) exec db psql -U pecflow -d pecflow -f /docker-entrypoint-initdb.d/seeds/dev_tenant.sql
+	@echo "  ✅  Seed completato"
+
+reset-db:  ## Reset completo DB (down-v + dev + migrate + seed)
+	$(MAKE) down-v
+	$(MAKE) dev
+	@sleep 5
+	$(MAKE) migrate
+	$(MAKE) seed
+
+# ─── Test ────────────────────────────────────────────────────────────────────
+
+test:  ## Esegui tutti i test (unit + integration)
+	$(PYTEST) -v --tb=short
+
+test-unit:  ## Solo unit test
+	$(PYTEST) backend/tests/unit -v
+
+test-integration:  ## Solo integration test
+	$(PYTEST) backend/tests/integration -v
+
+test-cov:  ## Test con coverage report
+	$(PYTEST) --cov=app --cov-report=term-missing --cov-report=html:/app/htmlcov -v
+
+# ─── Code quality ─────────────────────────────────────────────────────────────
+
+lint:  ## Esegui linting (ruff + mypy)
+	$(BACKEND) ruff check app tests
+	$(BACKEND) mypy app --ignore-missing-imports
+
+format:  ## Formatta il codice con ruff
+	$(BACKEND) ruff format app tests
+	$(BACKEND) ruff check --fix app tests
+
+# ─── Utility ─────────────────────────────────────────────────────────────────
+
+shell-backend:  ## Shell nel container backend
+	$(BACKEND) bash
+
+shell-db:  ## psql nel container database
+	$(COMPOSE) exec db psql -U pecflow -d pecflow
+
+clean:  ## Rimuovi file temporanei Python
+	find . -type d -name __pycache__ -exec rm -rf {} + 2>/dev/null || true
+	find . -name "*.pyc" -delete 2>/dev/null || true
+	find . -name ".pytest_cache" -exec rm -rf {} + 2>/dev/null || true
+	find . -name ".mypy_cache" -exec rm -rf {} + 2>/dev/null || true
+	find . -name "htmlcov" -exec rm -rf {} + 2>/dev/null || true