kacerr/fuj-management
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

refactor: code quality improvements across the backend
All checks were successful
Deploy to K8s / deploy (push) Successful in 13s
Details
Build and Push / build (push) Successful in 32s
Details

Browse Source 
- Remove insecure SSL verification bypass in attendance.py
- Add gunicorn as production WSGI server (Dockerfile + entrypoint)
- Fix silent data loss in reconciliation (log + surface unmatched members)
- Add required column validation in payment sheet parsing
- Add input validation on /qr route (account format, amount bounds, SPD injection)
- Centralize configuration into scripts/config.py
- Extract credentials path to env-configurable constant
- Hide unmatched transactions from reconcile-juniors page
- Fix test mocks to bypass cache layer (all 8 tests now pass reliably)
- Add pytest + pytest-cov dev dependencies
- Fix typo "Inffering" in infer_payments.py
- Update CLAUDE.md to reflect current project state

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
This commit is contained in:
Jan Novak
2026-03-11 11:40:32 +01:00
parent 0d0c2af778
commit 033349cafa
13 changed files with 293 additions and 88 deletions
Download Patch File Download Diff File Expand all files Collapse all files

39
scripts/config.py Normal file
View File

@@ -0,0 +1,39 @@
"""Centralized configuration for FUJ management scripts.
External service IDs, credentials, and tunable parameters.
Domain-specific constants (fees, column indices) stay in their respective modules.
"""
import os
from pathlib import Path
# Paths
PROJECT_ROOT = Path(__file__).parent.parent
CREDENTIALS_PATH = Path(os.environ.get(
"CREDENTIALS_PATH",
str(PROJECT_ROOT / ".secret" / "fuj-management-bot-credentials.json"),
))
# Google Sheets IDs
ATTENDANCE_SHEET_ID = "1E2e_gT_K5AwSRCDLDTa2UetZTkHmBOcz0kFbBUNUNBA"
PAYMENTS_SHEET_ID = "1Om0YPoDVCH5cV8BrNz5LG5eR5MMU05ypQC7UMN1xn_Y"
# Attendance sheet tab GIDs
JUNIOR_SHEET_GID = "1213318614"
# Bank
BANK_ACCOUNT = os.environ.get("BANK_ACCOUNT", "CZ8520100000002800359168")
# Cache settings
CACHE_DIR = PROJECT_ROOT / "tmp"
DRIVE_TIMEOUT = 10 # seconds
CACHE_TTL_SECONDS = int(os.environ.get("CACHE_TTL_SECONDS", 300)) # 5 min default
CACHE_API_CHECK_TTL_SECONDS = int(os.environ.get("CACHE_API_CHECK_TTL_SECONDS", 300)) # 5 min default
# Maps cache keys to their source sheet IDs (used by cache_utils)
CACHE_SHEET_MAP = {
"attendance_regular": ATTENDANCE_SHEET_ID,
"attendance_juniors": ATTENDANCE_SHEET_ID,
"exceptions_dict": PAYMENTS_SHEET_ID,
"payments_transactions": PAYMENTS_SHEET_ID,
}