tfgrid/projectmycelium
11
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity

docs: archive old roadmap and todo files, add marketplace redesign plan

Browse Source
This commit is contained in:
mik-tf
2025-09-06 10:23:00 -04:00
parent fa50384dad
commit 70990b8a13
5 changed files with 474 additions and 552 deletions
Download Patch File Download Diff File Expand all files Collapse all files

0
docs/dev/design/threefold-marketplace-design-architecture.md → docs/dev/design/archive/threefold-marketplace-design-architecture.md
View File

510
docs/dev/design/archive/threefold-marketplace-roadmap.md
View File

@@ -1,245 +1,349 @@
# Project Mycelium - Complete Vision & Roadmap # Project Mycelium - Roadmap & Status
**Last Updated:** 2025-08-23 10:21:27 (EDT)
**Purpose:** Prioritized roadmap and implementation status for the Project Mycelium. For system design and architecture, see the linked document below.
See also: [Design & Architecture](./projectmycelium-design-architecture.md)
## 1. Post-UX Development (Future Phases)
**Last Updated:** 2025-08-20 21:25:00 (EST) ### **Database & Backend Infrastructure**
*To be prioritized after UX completion*
- PostgreSQL integration
- Payment processing enhancement
- Grid deployment automation
- Advanced analytics and monitoring
**Purpose:** Complete architectural vision, current state, and actionable roadmap for finalizing the Project Mycelium. ### **Production Readiness**
*Final phase after UX validation*
## 🎯 Project Status: Ready for Feature Development - Security hardening
- Performance optimization
**Compilation Status:** ✅ Zero errors achieved - codebase compiles successfully - Monitoring and observability
**Data Migration:** ✅ Transitioned from mock to persistent data architecture - Production deployment
**Next Phase:** Runtime testing, feature completion, and production readiness
--- ---
## 1. Architecture Vision (Target State) ## 2. Error Debugging Methodology
### Core Design Principles ### **Proven Systematic Methodology Excellence:**
#### **Builder Pattern as Single Source of Truth** The systematic approach established in previous phases continued exceptional effectiveness:
- [`SessionDataBuilder`](src/services/session_data.rs), [`ConfigurationBuilder`](src/config/builder.rs), [`ResponseBuilder`](src/utils/response_builder.rs), [`ServiceFactory`](src/services/factory.rs) centralize construction and lifecycles
- All HTTP endpoints return via [`ResponseBuilder`](src/utils/response_builder.rs) with consistent JSON envelopes
#### **ResponseBuilder Envelope & Frontend Contract** ```bash
```json # Error tracking pipeline (proven highly effective)
{ cargo check 2>&1 | grep "error\[" | wc -l # Progress monitoring
"success": true|false, cargo check 2>&1 | grep "error\[" | sort | uniq -c | sort -nr # Pattern analysis
"data": { ... }, ```
"error"?: { ... }
**Execution Strategy Validated:**
1. **Progress Tracking**: Regular error count measurements for monitoring reduction
2. **Pattern Analysis**: Target highest-count error categories for maximum impact
3. **Systematic Fixes**: Apply multiple related fixes in single operations
4. **Type Safety**: Maintain architectural integrity throughout
5. **Builder Consistency**: Unified patterns across codebase
---
## 3. SSH Key Management Implementation Status ✅ **FULLY OPERATIONAL**
### **Implementation Summary (2025-08-22 - FINAL)**
**Current Status:****SSH Key Management System FULLY OPERATIONAL** - Production ready with comprehensive testing. This can be useful when enhancing other parts of the marketplace.
#### **Completed Components:**
1. **Data Model & Persistence**
- [`SSHKey`](src/models/ssh_key.rs) model with validation error types
- [`SSHKeyBuilder`](src/models/builders.rs:3301-3384) following established builder pattern
- User persistent data integration in [`UserPersistentData`](src/services/user_persistence.rs)
2. **Service Layer**
- [`SSHKeyService`](src/services/ssh_key_service.rs) with validation and management
- [`SSHKeyServiceBuilder`](src/services/ssh_key_service.rs) following architectural patterns
- Multiple SSH keys per user with duplicate prevention within user accounts
- SSH key format validation (Ed25519, ECDSA, RSA)
- SHA256 fingerprint generation for key identification
3. **API Endpoints**
- 6 new SSH key API endpoints in [`dashboard.rs`](src/controllers/dashboard.rs:7214-7390)
- [`ResponseBuilder`](src/utils/response_builder.rs) pattern integration for consistent JSON responses
- Routes integrated in [`mod.rs`](src/routes/mod.rs:197-202)
4. **Frontend UI**
- SSH Keys tab in [`settings.html`](src/views/dashboard/settings.html)
- Bootstrap modals for add/edit/delete operations
- Real-time validation with security level indicators
- CSP-compliant implementation with external JavaScript
5. **JavaScript Implementation**
- [`dashboard-ssh-keys.js`](src/static/js/dashboard-ssh-keys.js) - CSP-compliant external file
- JSON hydration for data transfer (no inline scripts)
- Real-time SSH key format validation
- AJAX integration with error handling
6. **Module Integration**
- [`ssh_key`](src/models/mod.rs) module export added
- [`ssh_key_service`](src/services/mod.rs) module export added
- Full architectural integration following established patterns
#### **Technical Implementation Details:**
- **Architecture Compliance**: Follows builder pattern, ResponseBuilder envelope, user persistent data architecture
- **Security Features**: SHA256 fingerprints, format validation, duplicate prevention, reasonable key limits (20 per user)
- **User Experience**: Multiple key support, default key selection, intuitive management interface
- **CSP Compliance**: External JavaScript files, JSON hydration, no inline scripts or handlers
#### **Current Phase Requirements:**
**IMMEDIATE NEXT STEPS (Required before manual testing):**
1. **Error Fixing Phase** - Apply methodology 10 systematic error resolution:
```bash
cargo check 2>&1 | grep "error\[" | wc -l # Progress monitoring
cargo check 2>&1 | grep "error\[" | sort | uniq -c | sort -nr # Pattern analysis
```
2. **Manual Testing Phase** - Comprehensive SSH key functionality testing:
- SSH key addition, editing, deletion workflows
- Format validation testing (Ed25519, ECDSA, RSA)
- Duplicate prevention validation
- UI/UX testing across browsers
- Integration testing with settings page
3. **Documentation Phase** - Complete technical documentation:
- API endpoint documentation
- User guide for SSH key management
- Integration guides for VM/cluster deployments
#### **Pending Integration:**
- **VM/Cluster Deployment Integration**: Connect SSH keys to actual deployment workflows
- **Advanced Security Features**: Rate limiting, audit logging, enhanced validation
- **Production Hardening**: Performance optimization, monitoring integration
#### **SSH Key System Architecture:**
```rust
// Core data structure (implemented)
struct SSHKey {
id: String,
name: String,
public_key: String,
key_type: SSHKeyType,
fingerprint: String,
is_default: bool,
created_at: DateTime<Utc>,
} }
```
- Frontend must always unwrap: `const data = result.data || result;` before accessing fields
#### **CSP-Compliant Frontend: External JS + JSON Hydration** // Validation and management (implemented)
- **Zero inline scripts/handlers** - code lives in [`src/static/js/*.js`](src/static/js/) and is served under `/static/js/*` struct SSHKeyService {
- **Data hydration** via `<script type="application/json" id="...">` blocks // Validation, fingerprint generation, format checking
- **Individual field encoding**: Each field is JSON-encoded individually (server-side serializer) // Integration with UserPersistentData
- **Template structure**: Templates expose `{% block scripts %}` and `{% block head %}` at top level only
- **Static mapping**: Actix serves `/static/*` from `./src/static` (see `src/main.rs`)
#### **Persistent-Data-Only Runtime**
- **No mock data** in production code
- **Canonical user data model** persisted per user under [`./user_data/{email_encoded}.json`](user_data/) via [`UserPersistence`](src/services/user_persistence.rs)
- **All operations** (orders, services, wallet, products) read/written through persistence services
#### **Product Model: User-Owned SOT + Derived Catalog**
- **Products owned by provider users** in their persistent files
- **[`ProductService`](src/services/product.rs)** aggregates derived marketplace catalog
- **Category ID normalization** with optional dev TTL cache (disabled by default in prod)
#### **Currency System**
- **USD as base currency** with display currencies: USD/TFC/EUR/CAD (extensible)
- **TFC credits settle** at 1 TFC = 1 USD
- **Server-formatted amounts**: Server returns formatted display amounts and currency code
- **Frontend renders** without recomputing
#### **Unified Insufficient-Balance Contract**
- **Target**: HTTP 402 Payment Required for all insufficient funds cases
- **Canonical error payload** with `error.details` containing currency-aware amounts and deficit
---
## 2. Current Implementation State
### ✅ Completed Foundation
- **CSP externalization** complete across marketplace and dashboard
- **ResponseBuilder integration** applied across all controllers (100% coverage)
- **Orders & invoices** persisted under user data with HTML invoice view
- **Currency system** working with multi-currency display
- **Insufficient-funds responses** unified to HTTP 402 with canonical error envelope
- **Mock data elimination** completed - persistent-only architecture established
### ✅ Core Services Architecture
- **Authentication**: GitEa OAuth integration with user creation
- **Data Persistence**: [`UserPersistence`](src/services/user_persistence.rs) as single source of truth
- **Product Management**: [`ProductService`](src/services/product.rs) with category normalization
- **Order Processing**: Complete order lifecycle with invoice generation
- **Wallet Operations**: Multi-currency support with transaction history
### 🔧 Architecture Patterns Established
#### **Data Flow Pattern**
```rust
// Persistent data access pattern
let persistent_data = UserPersistence::load_user_data(&user_email)?;
// Direct usage of persistent data
persistent_data.wallet_balance_usd
```
#### **Transaction Pattern**
```rust
Transaction {
id: transaction_id,
user_id: user_email,
transaction_type: TransactionType::Purchase { product_id },
amount: amount_to_add,
currency: Some("USD".to_string()),
timestamp: chrono::Utc::now(),
status: TransactionStatus::Completed,
} }
``` ```
#### **ResponseBuilder Pattern** **Summary:** SSH Key Management system is **FULLY OPERATIONAL** with all 4 core operations working perfectly. Ready for VM/cluster deployment integration and UX testing framework.
```rust
ResponseBuilder::success() ---
.data(json!({ "products": products }))
.build() ## 4. SSH Feature Deep Implementation & Debugging Methodology
### **Complete SSH Key Management Feature Documentation**
The SSH Key Management system represents a comprehensive implementation showcasing the Project Mycelium's architectural patterns and demonstrates a systematic approach to complex feature development.
#### **Feature Overview & UX Possibilities**
**Core SSH Key Operations (All Working):**
1. **Create SSH Key** - Upload and validate public keys with real-time feedback
2. **Set Default SSH Key** - Designate primary key for deployments
3. **Edit SSH Key** - Modify key names and default status
4. **Delete SSH Key** - Remove keys with confirmation workflow
**UX Possibilities Enabled:**
- **Self-Managed VM Access** - Users can SSH into their virtual machines
- **Kubernetes Cluster Management** - Direct kubectl access to deployed clusters
- **Development Workflows** - Git repository access and CI/CD integration
- **Multi-Key Management** - Different keys for different environments (dev/staging/prod)
- **Team Collaboration** - Shared access keys for team-managed resources
- **Security Best Practices** - Key rotation and secure access patterns
#### **Architecture & System Interaction Analysis**
**Frontend-Backend Data Flow:**
```mermaid
graph TD
A[HTML Template] --> B[JavaScript Event Handlers]
B --> C[AJAX API Calls]
C --> D[Rust Controller]
D --> E[SSH Key Service]
E --> F[UserPersistence]
F --> G[JSON File Storage]
G --> F
F --> E
E --> D
D --> H[ResponseBuilder]
H --> C
C --> I[DOM Updates]
``` ```
--- **Key Architectural Components:**
## 3. Immediate Development Priorities 1. **HTML Template Layer** ([`settings.html`](src/views/dashboard/settings.html))
- Bootstrap modal structure for user interactions
- Data attributes for JavaScript-HTML bridge (`data-key-id`)
- CSP-compliant template with no inline scripts
- JSON hydration blocks for data transfer
### **A. Runtime Testing & Validation (Week 1)** 2. **JavaScript Layer** ([`dashboard-ssh-keys.js`](src/static/js/dashboard-ssh-keys.js))
1. **Critical User Flows** - Event delegation with null-safe programming
- User registration and authentication via GitEa OAuth - Data attribute management for DOM-JavaScript bridge
- Product browsing, search, and filtering functionality - AJAX API integration with error handling
- Wallet operations (top-up, balance checks, transactions) - Real-time validation and user feedback
- Order placement and payment processing
- Provider product creation and management
2. **Integration Testing** 3. **Backend Service Layer** ([`ssh_key_service.rs`](src/services/ssh_key_service.rs))
- End-to-end purchase workflows - SSH key validation (Ed25519, ECDSA, RSA support)
- Multi-currency display and calculations - SHA256 fingerprint generation
- Insufficient funds handling (HTTP 402 responses) - Duplicate prevention and user limits
- Invoice generation and viewing - Auto-default logic for first key
3. **Data Persistence Validation** 4. **Controller Integration** ([`dashboard.rs`](src/controllers/dashboard.rs))
- User data creation, updates, and retrieval - ResponseBuilder pattern for consistent JSON responses
- Transaction history accuracy - Session authentication and user validation
- Product catalog aggregation performance - Error handling with user-friendly messages
### **B. Feature Completion (Week 2)** #### **Critical Frontend-Backend Integration Debugging**
1. **Payment Integration**
- Complete TFC payment flow implementation
- Payment method management
- Auto-topup functionality
- Exchange rate handling
2. **Provider Features** **Root Cause Identified & Solved:**
- Service provider dashboard completion - **Issue**: Backend services worked perfectly (100% test success) but frontend buttons failed
- App provider deployment tools - **Problem**: JavaScript was setting `data-key-id` on wrong DOM element during template cloning
- Farmer node management interface - **Solution**: Fixed element targeting in [`dashboard-ssh-keys.js`](src/static/js/dashboard-ssh-keys.js:225)
- Revenue tracking and analytics - **Template Fix**: Added `data-key-id=""` placeholder to HTML template
3. **Marketplace Features** **Debugging Process:**
- Advanced search and filtering 1. **Backend Isolation**: Confirmed all 6 API endpoints working via service tests
- Product recommendations 2. **Frontend Simulation**: Identified disconnect between frontend and backend
- Category browsing optimization 3. **Data Flow Analysis**: Traced JavaScript data attribute handling
- Featured products management 4. **DOM Inspection**: Found incorrect element targeting during cloning
5. **Systematic Fix**: Corrected both JavaScript logic and HTML template
### **C. Security & Production Readiness (Week 3+)** **Key Learning**: Frontend-backend integration issues often involve data attribute management and DOM element targeting rather than API functionality.
1. **Security Hardening**
- CSRF protection implementation
- Rate limiting configuration
- Session security hardening
- Input validation and sanitization
2. **Performance Optimization**
- Catalog aggregation caching
- Database query optimization
- Asset optimization and CDN integration
- Response time monitoring
3. **Monitoring & Observability**
- Health check endpoints
- Metrics collection and alerting
- Error tracking and logging
- Performance monitoring
--- ---
## 4. Development Guidelines for AI Coders ## 5. UX Testing Framework Development (Section 13 Implementation - 2025-08-22)
### **Code Organization** ##### Checkout & Orders Contract — Implemented 2025-08-23
- **Controllers**: [`src/controllers/`](src/controllers/) - HTTP request handling with ResponseBuilder
- **Services**: [`src/services/`](src/services/) - Business logic and data operations
- **Models**: [`src/models/`](src/models/) - Data structures and builders
- **Utils**: [`src/utils/`](src/utils/) - Shared utilities and helpers
### **Key Patterns to Follow** - **Template hydration**: `<script type="application/json" id="checkout-hydration">{{ hydration_json | safe }}</script>`; client reads via `document.getElementById('checkout-hydration').textContent` and parses.
1. **Always use [`ResponseBuilder`](src/utils/response_builder.rs)** for HTTP responses - **Frontend request**: `POST /api/orders` with body:
2. **Persistent data only** - no mock data in production code - `payment_method`: `{ method_type: 'wallet', details: { source: 'usd_credits' } }`
3. **CSP compliance** - external JS files only, no inline scripts - `currency`: e.g., `USD` (server also supports user preference)
4. **Builder patterns** for complex object construction - `cart_items`: ignored by server (order is constructed from session cart; field retained for fwd-compat)
5. **Error handling** with proper HTTP status codes (especially 402 for insufficient funds) - **Auth**: Requires authenticated session; anonymous users are redirected to login via UI.
- **Responses**:
- `200 OK`: `{ success, data: { order_id, confirmation_number } }` or `{ order_id, confirmation }` depending on legacy envelope; client tolerates both via unwrapping and key aliasing
- `400 Bad Request`: Validation or unsupported payment method; envelope includes `error` details
- `402 Payment Required`: Insufficient funds; standardized payload with currency-aware deficit
- `401 Unauthorized`: No session
- **Client UX**: Shows toast, best-effort clears server cart (`DELETE /api/cart`), refreshes navbar/cart/orders, then redirects to `/orders/{order_id}/confirmation[?confirmation=...]`.
### **Testing Strategy** - **Manual validation (2025-08-23)**: user0 created a service; user1 executed Buy Now and Add to Cart successfully; orders appear under `/dashboard/orders`.
- **Unit tests** for service layer logic - **Remaining**: Validate `tests/frontend_ux/purchase_cart_ux_test.rs` with `--features ux_testing` for regression coverage.
- **Integration tests** for controller endpoints
- **End-to-end tests** for critical user workflows
- **Performance tests** for catalog aggregation and search
### **Configuration Management** ###### Frontend API Standardization — `window.apiJson` + 402 Interceptor
- **Environment-based** configuration via [`ConfigurationBuilder`](src/config/builder.rs)
- **Feature flags** for dev/prod differences
- **Database connection** management
- **External service** integration settings
--- - **Global 402 handler** (`src/static/js/base.js`): wraps `window.fetch` to detect HTTP 402 and invoke `window.Errors.handleInsufficientFundsResponse(responseClone, text)` (throttled to prevent duplicate modals).
- **`window.apiJson` helper** (`src/static/js/base.js`):
- Sets `Accept: application/json`, defaults `credentials: 'same-origin'`.
- JSON-encodes plain object bodies when `Content-Type: application/json`.
- Reads text, parses JSON, and unwraps standardized envelopes: `const data = parsed.data ?? parsed`.
- On non-OK, throws `Error` with `.status`, `.errors`, `.data`, `.metadata`, `.body`.
- Returns `null` for 204/empty bodies.
- **Adoption**: `src/static/js/checkout.js` now uses `apiJson` for `POST /api/orders`. Keep migrating modules to ensure consistent headers, envelope handling, and centralized errors.
## 5. Success Criteria Next Steps
- Optional: Audit other open JS modules you mentioned (`src/static/js/cart.js`, `src/static/js/checkout.js`, `src/static/js/dashboard.js`, and any legacy `static/js/dashboard.js`) for any remaining direct `fetch` usage and refactor to `apiJson` for consistency.
### **Functional Requirements** ### **UX Testing Framework Implementation Status** ⚡ **MAJOR PROGRESS**
- [ ] Complete user registration and authentication flow
- [ ] Full product browsing and purchase workflow
- [ ] Working payment processing with TFC integration
- [ ] Provider dashboards for all user types (service, app, farmer)
- [ ] Real-time wallet and transaction management
### **Technical Requirements** #### **Completed & Validated Tests**
- [ ] Zero compilation errors (✅ Achieved) 1. **SSH Key UX Tests** ✅ **ORIGINAL WORKING TEMPLATE**
- [ ] All tests passing with >90% coverage - File: [`tests/frontend_ux/ssh_key_frontend_ux_test.rs`](tests/frontend_ux/ssh_key_frontend_ux_test.rs)
- [ ] Performance benchmarks met (sub-second page loads) - Status: Fully functional reference implementation
- [ ] Security audit passed - Pattern: Direct service calls, persistent data, simple cleanup
- [ ] Production deployment ready
### **User Experience Goals** 2. **Public Access UX Tests** ✅ **RECENTLY VALIDATED**
- [ ] Intuitive navigation and product discovery - File: [`tests/frontend_ux/public_access_ux_test.rs`](tests/frontend_ux/public_access_ux_test.rs)
- [ ] Clear pricing and payment flow - Status: Passes all tests (2 passed; 0 failed)
- [ ] Responsive design across devices - Validates: Documentation pages, privacy, terms, about, contact access
- [ ] Comprehensive provider management tools
- [ ] Real-time updates and notifications
--- #### **Rewritten Tests (Pending Final Validation)**
3. **Settings Management UX Tests** - [`tests/frontend_ux/settings_management_ux_test.rs`](tests/frontend_ux/settings_management_ux_test.rs)
4. **Credits Wallet UX Tests** - [`tests/frontend_ux/credits_wallet_ux_test.rs`](tests/frontend_ux/credits_wallet_ux_test.rs)
5. **Purchase Cart UX Tests** - [`tests/frontend_ux/purchase_cart_ux_test.rs`](tests/frontend_ux/purchase_cart_ux_test.rs)
6. **Authentication UX Tests** - [`tests/frontend_ux/authentication_ux_test.rs`](tests/frontend_ux/authentication_ux_test.rs)
7. **Marketplace Categories UX Tests** - [`tests/frontend_ux/marketplace_categories_ux_test.rs`](tests/frontend_ux/marketplace_categories_ux_test.rs)
8. **Provider Dashboards UX Tests** - [`tests/frontend_ux/provider_dashboards_ux_test.rs`](tests/frontend_ux/provider_dashboards_ux_test.rs)
## 6. Architecture Decision Records ### **Technical Breakthrough: SSH Key Template Pattern**
### **Data Architecture** #### **What Works (Proven Pattern)**
- **Decision**: Persistent file-based user data storage ```rust
- **Rationale**: Simplicity, portability, and direct user ownership // Direct service instantiation with builder pattern
- **Implementation**: [`UserPersistence`](src/services/user_persistence.rs) service layer let ssh_service = SSHKeyService::builder().build()?;
### **Frontend Architecture** // Persistent data operations (no session mocking)
- **Decision**: CSP-compliant external JS with JSON hydration let user_data = UserPersistence::load_user_data(user_email).unwrap_or_default();
- **Rationale**: Security, maintainability, and separation of concerns
- **Implementation**: [`src/static/js/`](src/static/js/) modules with data hydration
### **API Design** // Direct service method calls
- **Decision**: Consistent JSON envelope via [`ResponseBuilder`](src/utils/response_builder.rs) let result = ssh_service.add_ssh_key(user_email, &ssh_key)?;
- **Rationale**: Predictable frontend integration and error handling
- **Implementation**: All controllers use ResponseBuilder pattern
--- // Simple cleanup without complex mocking
UserPersistence::delete_user_data(user_email)?;
```
This roadmap provides the complete vision and current state for an AI coder to continue development. The foundation is solid with zero compilation errors, established architectural patterns, and clear next steps for feature completion and production readiness. #### **What Caused 89 Compilation Errors**
- **Session Mocking Complexity**: `MockActixSession` vs actual `Session` type mismatches
- **Currency Service Integration**: Method signature changes (`convert_usd_to_target_currency` vs `convert_usd_to_display_currency`)
- **Builder Pattern Compliance**: Inconsistent service construction patterns
#### **Solution Applied**
- **Removed all session mocking** from UX tests
- **Adopted persistent data approach** using [`UserPersistence`](src/services/user_persistence.rs)
- **Standardized service construction** using `.builder().build()` pattern
- **Fixed currency service calls** and removed where inappropriate (public access without sessions)
### **UX Testing Framework Architecture**
#### **Test Organization**
- **Directory**: [`tests/frontend_ux/`](tests/frontend_ux/)
- **Module Configuration**: [`tests/frontend_ux/mod.rs`](tests/frontend_ux/mod.rs)
- **Test Runner**: [`tests/frontend_ux/test_runner.rs`](tests/frontend_ux/test_runner.rs)
- **Cargo Feature**: Tests require `--features="ux_testing"` flag
#### **Test Execution Pattern**
```bash
# Individual test execution
cargo test --test public_access_ux --features="ux_testing"
# Full suite execution (when ready)
cargo test --features="ux_testing" frontend_ux
```
#### **Data Persistence Architecture**
- **User Data Storage**: [`user_data/{email}.json`](user_data/) files
- **No Mock Dependencies**: Real service implementations with persistent data
- **Cross-Reference Testing**: Manual testing validates automated results
### **Key Discoveries & Lessons Learned**
#### **Session-Free Testing Approach**
- **Persistent data testing** eliminates complex session mocking issues
- **Service-based testing** more reliable than HTTP endpoint testing
- **Builder pattern consistency** essential for successful compilation
#### **Real Application Issues Identified**
- **Password Change Bug**: Cross-reference testing revealed "undefined" error in password change functionality
- **Currency Service Integration**: Method signature mismatches fixed
- **Data Attribute Issues**: Frontend-backend integration patterns validated

0
docs/dev/design/threefold-marketplace-todo.md → docs/dev/design/archive/threefold-marketplace-todo.md
View File

167
docs/dev/design/marketplace-redesign-plan.md Normal file
View File

@@ -0,0 +1,167 @@
# Project Mycelium Marketplace Redesign Plan
## Overview
This document outlines the comprehensive redesign of the Project Mycelium marketplace to align with the new branding and simplified user experience.
## 🎯 Main Objectives
### 1. Rebranding & Terminology Updates
- [ ] **3nodes → Mycelium Nodes**
- [ ] Update frontend templates (dashboard, marketplace, docs)
- [ ] Update backend models and services
- [ ] Update database/storage references
- [ ] Update API responses and documentation
- [ ] **Farmers → Resource Providers**
- [ ] Update user roles and permissions
- [ ] Update dashboard sections
- [ ] Update navigation and menus
- [ ] Update backend user management
- [ ] **Application Solutions → Agentic Apps**
- [ ] Update product categories
- [ ] Update marketplace listings
- [ ] Update search and filtering
- [ ] Update backend product models
- [ ] **ThreeFold Credit (TFC) → Mycelium Credit (MC)**
- [ ] Update currency display throughout UI
- [ ] Update wallet and balance displays
- [ ] Update transaction records
- [ ] Update backend currency handling
### 2. Cart Feature Removal
- [ ] **Remove cart functionality**
- [ ] Remove cart-related templates and views
- [ ] Remove cart controllers and routes
- [ ] Remove cart JavaScript and interactions
- [ ] Update navigation (remove cart icon/link)
- [ ] **Streamline purchase flow**
- [ ] Verify buy now functionality works
- [ ] Update purchase flow documentation
- [ ] Test direct credit purchase → buy now flow
- [ ] Remove cart-related database/storage
### 3. Currency System Overhaul
- [ ] **Implement Mycelium Credit (MC)**
- [ ] Update currency service to use MC as base
- [ ] Set initial exchange rate: 1 MC = 1 USD
- [ ] Update currency conversion logic
- [ ] Update pricing calculations
- [ ] **Currency Display Preferences**
- [ ] Add AED to supported currencies
- [ ] Update settings page with currency selector
- [ ] Implement currency preference persistence
- [ ] Update currency display throughout UI
### 4. Statistics & Grid Integration
- [ ] **TF Grid Statistics**
- [ ] Implement grid proxy integration
- [ ] Add statistics dashboard section
- [ ] Create statistics API endpoints
- [ ] Update grid node data fetching
- [ ] **Node Management Integration**
- [ ] Review existing add node functionality
- [ ] Integrate with grid statistics
- [ ] Update node status displays
- [ ] Add real-time grid data
### 5. UX Verification & Testing
- [ ] **Frontend Testing**
- [ ] Test all updated terminology
- [ ] Verify purchase flow without cart
- [ ] Test currency display preferences
- [ ] Check responsive design
- [ ] **Backend Testing**
- [ ] Test API endpoints with new terminology
- [ ] Verify currency calculations
- [ ] Test grid integration
- [ ] Validate data persistence
- [ ] **Integration Testing**
- [ ] End-to-end purchase flow testing
- [ ] Cross-browser compatibility
- [ ] Mobile responsiveness
- [ ] Performance testing
## 📋 Implementation Phases
### Phase 1: Terminology & Branding Updates
**Focus:** Update all user-facing text and terminology
- [ ] Frontend template updates
- [ ] Backend model updates
- [ ] Database migration for terminology
- [ ] Documentation updates
### Phase 2: Cart Removal & Flow Simplification
**Focus:** Remove cart complexity and streamline purchase
- [ ] Remove cart-related code
- [ ] Update purchase flow
- [ ] Test simplified UX
- [ ] Update user documentation
### Phase 3: Currency System Implementation
**Focus:** Implement MC currency and preferences
- [ ] Currency service updates
- [ ] Settings page enhancements
- [ ] UI updates for currency display
- [ ] Testing and validation
### Phase 4: Statistics & Grid Integration
**Focus:** Add grid statistics and improve node management
- [ ] Grid proxy integration
- [ ] Statistics dashboard
- [ ] Node management improvements
- [ ] Real-time data updates
### Phase 5: Final Testing & Polish
**Focus:** Comprehensive testing and UX refinement
- [ ] Full UX testing suite
- [ ] Performance optimization
- [ ] Documentation updates
- [ ] Production readiness
## 🔧 Technical Considerations
### Files to Modify
- **Frontend:** `src/views/**/*.html`, `src/static/js/**/*.js`
- **Backend:** `src/controllers/**/*.rs`, `src/services/**/*.rs`, `src/models/**/*.rs`
- **Database:** User data files, product data, transaction records
- **Configuration:** Currency settings, grid proxy configuration
### Dependencies
- [ ] Grid proxy service integration
- [ ] Currency conversion service updates
- [ ] User preference storage
- [ ] Real-time data fetching
### Risk Mitigation
- [ ] Comprehensive testing before deployment
- [ ] Database backup and migration testing
- [ ] Rollback plan for critical changes
- [ ] User communication plan
## 📊 Progress Tracking
- **Total Tasks:** 50+
- **Completed:** 0
- **In Progress:** 0
- **Remaining:** 50+
## 🎯 Success Criteria
- [ ] All terminology updated consistently
- [ ] Cart functionality completely removed
- [ ] MC currency fully implemented
- [ ] Grid statistics integrated
- [ ] All UX flows verified working
- [ ] Performance maintained or improved
- [ ] Documentation updated
---
*This plan will be updated as implementation progresses. Checkboxes will be marked as tasks are completed.*

349
docs/dev/design/threefold-marketplace-roadmap.md
View File

@@ -1,349 +0,0 @@
# Project Mycelium - Roadmap & Status
**Last Updated:** 2025-08-23 10:21:27 (EDT)
**Purpose:** Prioritized roadmap and implementation status for the Project Mycelium. For system design and architecture, see the linked document below.
See also: [Design & Architecture](./projectmycelium-design-architecture.md)
## 1. Post-UX Development (Future Phases)
### **Database & Backend Infrastructure**
*To be prioritized after UX completion*
- PostgreSQL integration
- Payment processing enhancement
- Grid deployment automation
- Advanced analytics and monitoring
### **Production Readiness**
*Final phase after UX validation*
- Security hardening
- Performance optimization
- Monitoring and observability
- Production deployment
---
## 2. Error Debugging Methodology
### **Proven Systematic Methodology Excellence:**
The systematic approach established in previous phases continued exceptional effectiveness:
```bash
# Error tracking pipeline (proven highly effective)
cargo check 2>&1 | grep "error\[" | wc -l # Progress monitoring
cargo check 2>&1 | grep "error\[" | sort | uniq -c | sort -nr # Pattern analysis
```
**Execution Strategy Validated:**
1. **Progress Tracking**: Regular error count measurements for monitoring reduction
2. **Pattern Analysis**: Target highest-count error categories for maximum impact
3. **Systematic Fixes**: Apply multiple related fixes in single operations
4. **Type Safety**: Maintain architectural integrity throughout
5. **Builder Consistency**: Unified patterns across codebase
---
## 3. SSH Key Management Implementation Status ✅ **FULLY OPERATIONAL**
### **Implementation Summary (2025-08-22 - FINAL)**
**Current Status:****SSH Key Management System FULLY OPERATIONAL** - Production ready with comprehensive testing. This can be useful when enhancing other parts of the marketplace.
#### **Completed Components:**
1. **Data Model & Persistence**
- [`SSHKey`](src/models/ssh_key.rs) model with validation error types
- [`SSHKeyBuilder`](src/models/builders.rs:3301-3384) following established builder pattern
- User persistent data integration in [`UserPersistentData`](src/services/user_persistence.rs)
2. **Service Layer**
- [`SSHKeyService`](src/services/ssh_key_service.rs) with validation and management
- [`SSHKeyServiceBuilder`](src/services/ssh_key_service.rs) following architectural patterns
- Multiple SSH keys per user with duplicate prevention within user accounts
- SSH key format validation (Ed25519, ECDSA, RSA)
- SHA256 fingerprint generation for key identification
3. **API Endpoints**
- 6 new SSH key API endpoints in [`dashboard.rs`](src/controllers/dashboard.rs:7214-7390)
- [`ResponseBuilder`](src/utils/response_builder.rs) pattern integration for consistent JSON responses
- Routes integrated in [`mod.rs`](src/routes/mod.rs:197-202)
4. **Frontend UI**
- SSH Keys tab in [`settings.html`](src/views/dashboard/settings.html)
- Bootstrap modals for add/edit/delete operations
- Real-time validation with security level indicators
- CSP-compliant implementation with external JavaScript
5. **JavaScript Implementation**
- [`dashboard-ssh-keys.js`](src/static/js/dashboard-ssh-keys.js) - CSP-compliant external file
- JSON hydration for data transfer (no inline scripts)
- Real-time SSH key format validation
- AJAX integration with error handling
6. **Module Integration**
- [`ssh_key`](src/models/mod.rs) module export added
- [`ssh_key_service`](src/services/mod.rs) module export added
- Full architectural integration following established patterns
#### **Technical Implementation Details:**
- **Architecture Compliance**: Follows builder pattern, ResponseBuilder envelope, user persistent data architecture
- **Security Features**: SHA256 fingerprints, format validation, duplicate prevention, reasonable key limits (20 per user)
- **User Experience**: Multiple key support, default key selection, intuitive management interface
- **CSP Compliance**: External JavaScript files, JSON hydration, no inline scripts or handlers
#### **Current Phase Requirements:**
**IMMEDIATE NEXT STEPS (Required before manual testing):**
1. **Error Fixing Phase** - Apply methodology 10 systematic error resolution:
```bash
cargo check 2>&1 | grep "error\[" | wc -l # Progress monitoring
cargo check 2>&1 | grep "error\[" | sort | uniq -c | sort -nr # Pattern analysis
```
2. **Manual Testing Phase** - Comprehensive SSH key functionality testing:
- SSH key addition, editing, deletion workflows
- Format validation testing (Ed25519, ECDSA, RSA)
- Duplicate prevention validation
- UI/UX testing across browsers
- Integration testing with settings page
3. **Documentation Phase** - Complete technical documentation:
- API endpoint documentation
- User guide for SSH key management
- Integration guides for VM/cluster deployments
#### **Pending Integration:**
- **VM/Cluster Deployment Integration**: Connect SSH keys to actual deployment workflows
- **Advanced Security Features**: Rate limiting, audit logging, enhanced validation
- **Production Hardening**: Performance optimization, monitoring integration
#### **SSH Key System Architecture:**
```rust
// Core data structure (implemented)
struct SSHKey {
id: String,
name: String,
public_key: String,
key_type: SSHKeyType,
fingerprint: String,
is_default: bool,
created_at: DateTime<Utc>,
}
// Validation and management (implemented)
struct SSHKeyService {
// Validation, fingerprint generation, format checking
// Integration with UserPersistentData
}
```
**Summary:** SSH Key Management system is **FULLY OPERATIONAL** with all 4 core operations working perfectly. Ready for VM/cluster deployment integration and UX testing framework.
---
## 4. SSH Feature Deep Implementation & Debugging Methodology
### **Complete SSH Key Management Feature Documentation**
The SSH Key Management system represents a comprehensive implementation showcasing the Project Mycelium's architectural patterns and demonstrates a systematic approach to complex feature development.
#### **Feature Overview & UX Possibilities**
**Core SSH Key Operations (All Working):**
1. **Create SSH Key** - Upload and validate public keys with real-time feedback
2. **Set Default SSH Key** - Designate primary key for deployments
3. **Edit SSH Key** - Modify key names and default status
4. **Delete SSH Key** - Remove keys with confirmation workflow
**UX Possibilities Enabled:**
- **Self-Managed VM Access** - Users can SSH into their virtual machines
- **Kubernetes Cluster Management** - Direct kubectl access to deployed clusters
- **Development Workflows** - Git repository access and CI/CD integration
- **Multi-Key Management** - Different keys for different environments (dev/staging/prod)
- **Team Collaboration** - Shared access keys for team-managed resources
- **Security Best Practices** - Key rotation and secure access patterns
#### **Architecture & System Interaction Analysis**
**Frontend-Backend Data Flow:**
```mermaid
graph TD
A[HTML Template] --> B[JavaScript Event Handlers]
B --> C[AJAX API Calls]
C --> D[Rust Controller]
D --> E[SSH Key Service]
E --> F[UserPersistence]
F --> G[JSON File Storage]
G --> F
F --> E
E --> D
D --> H[ResponseBuilder]
H --> C
C --> I[DOM Updates]
```
**Key Architectural Components:**
1. **HTML Template Layer** ([`settings.html`](src/views/dashboard/settings.html))
- Bootstrap modal structure for user interactions
- Data attributes for JavaScript-HTML bridge (`data-key-id`)
- CSP-compliant template with no inline scripts
- JSON hydration blocks for data transfer
2. **JavaScript Layer** ([`dashboard-ssh-keys.js`](src/static/js/dashboard-ssh-keys.js))
- Event delegation with null-safe programming
- Data attribute management for DOM-JavaScript bridge
- AJAX API integration with error handling
- Real-time validation and user feedback
3. **Backend Service Layer** ([`ssh_key_service.rs`](src/services/ssh_key_service.rs))
- SSH key validation (Ed25519, ECDSA, RSA support)
- SHA256 fingerprint generation
- Duplicate prevention and user limits
- Auto-default logic for first key
4. **Controller Integration** ([`dashboard.rs`](src/controllers/dashboard.rs))
- ResponseBuilder pattern for consistent JSON responses
- Session authentication and user validation
- Error handling with user-friendly messages
#### **Critical Frontend-Backend Integration Debugging**
**Root Cause Identified & Solved:**
- **Issue**: Backend services worked perfectly (100% test success) but frontend buttons failed
- **Problem**: JavaScript was setting `data-key-id` on wrong DOM element during template cloning
- **Solution**: Fixed element targeting in [`dashboard-ssh-keys.js`](src/static/js/dashboard-ssh-keys.js:225)
- **Template Fix**: Added `data-key-id=""` placeholder to HTML template
**Debugging Process:**
1. **Backend Isolation**: Confirmed all 6 API endpoints working via service tests
2. **Frontend Simulation**: Identified disconnect between frontend and backend
3. **Data Flow Analysis**: Traced JavaScript data attribute handling
4. **DOM Inspection**: Found incorrect element targeting during cloning
5. **Systematic Fix**: Corrected both JavaScript logic and HTML template
**Key Learning**: Frontend-backend integration issues often involve data attribute management and DOM element targeting rather than API functionality.
---
## 5. UX Testing Framework Development (Section 13 Implementation - 2025-08-22)
##### Checkout & Orders Contract — Implemented 2025-08-23
- **Template hydration**: `<script type="application/json" id="checkout-hydration">{{ hydration_json | safe }}</script>`; client reads via `document.getElementById('checkout-hydration').textContent` and parses.
- **Frontend request**: `POST /api/orders` with body:
- `payment_method`: `{ method_type: 'wallet', details: { source: 'usd_credits' } }`
- `currency`: e.g., `USD` (server also supports user preference)
- `cart_items`: ignored by server (order is constructed from session cart; field retained for fwd-compat)
- **Auth**: Requires authenticated session; anonymous users are redirected to login via UI.
- **Responses**:
- `200 OK`: `{ success, data: { order_id, confirmation_number } }` or `{ order_id, confirmation }` depending on legacy envelope; client tolerates both via unwrapping and key aliasing
- `400 Bad Request`: Validation or unsupported payment method; envelope includes `error` details
- `402 Payment Required`: Insufficient funds; standardized payload with currency-aware deficit
- `401 Unauthorized`: No session
- **Client UX**: Shows toast, best-effort clears server cart (`DELETE /api/cart`), refreshes navbar/cart/orders, then redirects to `/orders/{order_id}/confirmation[?confirmation=...]`.
- **Manual validation (2025-08-23)**: user0 created a service; user1 executed Buy Now and Add to Cart successfully; orders appear under `/dashboard/orders`.
- **Remaining**: Validate `tests/frontend_ux/purchase_cart_ux_test.rs` with `--features ux_testing` for regression coverage.
###### Frontend API Standardization — `window.apiJson` + 402 Interceptor
- **Global 402 handler** (`src/static/js/base.js`): wraps `window.fetch` to detect HTTP 402 and invoke `window.Errors.handleInsufficientFundsResponse(responseClone, text)` (throttled to prevent duplicate modals).
- **`window.apiJson` helper** (`src/static/js/base.js`):
- Sets `Accept: application/json`, defaults `credentials: 'same-origin'`.
- JSON-encodes plain object bodies when `Content-Type: application/json`.
- Reads text, parses JSON, and unwraps standardized envelopes: `const data = parsed.data ?? parsed`.
- On non-OK, throws `Error` with `.status`, `.errors`, `.data`, `.metadata`, `.body`.
- Returns `null` for 204/empty bodies.
- **Adoption**: `src/static/js/checkout.js` now uses `apiJson` for `POST /api/orders`. Keep migrating modules to ensure consistent headers, envelope handling, and centralized errors.
Next Steps
- Optional: Audit other open JS modules you mentioned (`src/static/js/cart.js`, `src/static/js/checkout.js`, `src/static/js/dashboard.js`, and any legacy `static/js/dashboard.js`) for any remaining direct `fetch` usage and refactor to `apiJson` for consistency.
### **UX Testing Framework Implementation Status** ⚡ **MAJOR PROGRESS**
#### **Completed & Validated Tests**
1. **SSH Key UX Tests** ✅ **ORIGINAL WORKING TEMPLATE**
- File: [`tests/frontend_ux/ssh_key_frontend_ux_test.rs`](tests/frontend_ux/ssh_key_frontend_ux_test.rs)
- Status: Fully functional reference implementation
- Pattern: Direct service calls, persistent data, simple cleanup
2. **Public Access UX Tests** ✅ **RECENTLY VALIDATED**
- File: [`tests/frontend_ux/public_access_ux_test.rs`](tests/frontend_ux/public_access_ux_test.rs)
- Status: Passes all tests (2 passed; 0 failed)
- Validates: Documentation pages, privacy, terms, about, contact access
#### **Rewritten Tests (Pending Final Validation)**
3. **Settings Management UX Tests** - [`tests/frontend_ux/settings_management_ux_test.rs`](tests/frontend_ux/settings_management_ux_test.rs)
4. **Credits Wallet UX Tests** - [`tests/frontend_ux/credits_wallet_ux_test.rs`](tests/frontend_ux/credits_wallet_ux_test.rs)
5. **Purchase Cart UX Tests** - [`tests/frontend_ux/purchase_cart_ux_test.rs`](tests/frontend_ux/purchase_cart_ux_test.rs)
6. **Authentication UX Tests** - [`tests/frontend_ux/authentication_ux_test.rs`](tests/frontend_ux/authentication_ux_test.rs)
7. **Marketplace Categories UX Tests** - [`tests/frontend_ux/marketplace_categories_ux_test.rs`](tests/frontend_ux/marketplace_categories_ux_test.rs)
8. **Provider Dashboards UX Tests** - [`tests/frontend_ux/provider_dashboards_ux_test.rs`](tests/frontend_ux/provider_dashboards_ux_test.rs)
### **Technical Breakthrough: SSH Key Template Pattern**
#### **What Works (Proven Pattern)**
```rust
// Direct service instantiation with builder pattern
let ssh_service = SSHKeyService::builder().build()?;
// Persistent data operations (no session mocking)
let user_data = UserPersistence::load_user_data(user_email).unwrap_or_default();
// Direct service method calls
let result = ssh_service.add_ssh_key(user_email, &ssh_key)?;
// Simple cleanup without complex mocking
UserPersistence::delete_user_data(user_email)?;
```
#### **What Caused 89 Compilation Errors**
- **Session Mocking Complexity**: `MockActixSession` vs actual `Session` type mismatches
- **Currency Service Integration**: Method signature changes (`convert_usd_to_target_currency` vs `convert_usd_to_display_currency`)
- **Builder Pattern Compliance**: Inconsistent service construction patterns
#### **Solution Applied**
- **Removed all session mocking** from UX tests
- **Adopted persistent data approach** using [`UserPersistence`](src/services/user_persistence.rs)
- **Standardized service construction** using `.builder().build()` pattern
- **Fixed currency service calls** and removed where inappropriate (public access without sessions)
### **UX Testing Framework Architecture**
#### **Test Organization**
- **Directory**: [`tests/frontend_ux/`](tests/frontend_ux/)
- **Module Configuration**: [`tests/frontend_ux/mod.rs`](tests/frontend_ux/mod.rs)
- **Test Runner**: [`tests/frontend_ux/test_runner.rs`](tests/frontend_ux/test_runner.rs)
- **Cargo Feature**: Tests require `--features="ux_testing"` flag
#### **Test Execution Pattern**
```bash
# Individual test execution
cargo test --test public_access_ux --features="ux_testing"
# Full suite execution (when ready)
cargo test --features="ux_testing" frontend_ux
```
#### **Data Persistence Architecture**
- **User Data Storage**: [`user_data/{email}.json`](user_data/) files
- **No Mock Dependencies**: Real service implementations with persistent data
- **Cross-Reference Testing**: Manual testing validates automated results
### **Key Discoveries & Lessons Learned**
#### **Session-Free Testing Approach**
- **Persistent data testing** eliminates complex session mocking issues
- **Service-based testing** more reliable than HTTP endpoint testing
- **Builder pattern consistency** essential for successful compilation
#### **Real Application Issues Identified**
- **Password Change Bug**: Cross-reference testing revealed "undefined" error in password change functionality
- **Currency Service Integration**: Method signature mismatches fixed
- **Data Attribute Issues**: Frontend-backend integration patterns validated