Auditoría TESELA OMEGA v11 (read-only) — informe forense + master review#17
Closed
israel2606 wants to merge 67 commits into
Closed
Auditoría TESELA OMEGA v11 (read-only) — informe forense + master review#17israel2606 wants to merge 67 commits into
israel2606 wants to merge 67 commits into
Conversation
This workflow installs Python dependencies, runs tests, and lints code with multiple Python versions.
Document the architecture, build/test workflow, toolset registration pattern, parameter helpers, error handling conventions, and contribution flow so AI assistants can act productively in this repo without re-discovering conventions. https://claude.ai/code/session_018psjWyFFcz83JXdxBQMUdd
Diseño modular del ERP basado en los conectores disponibles: - Stack por capas (datos, aplicacion, automatizacion, BI, colaboracion) - Modulos del ERP y hoja de ruta por fases - Plan de cuentas premium con prioridades de pago
- Sector: construccion, arquitectura y promocion inmobiliaria (10 usuarios, meta Fase 2) - Holded como motor contable/fiscal integrado via API (no se reemplaza) - Modulos sectoriales: promociones/obras, comercializacion, proyectos, subcontratas, postventa - Decision de base de datos: PostgreSQL recomendado, opciones de soberania del dato (UE/Barcelona)
- Base de datos: PostgreSQL en Supabase Cloud (region UE), MySQL descartado - Holded: se mantiene como motor contable, integrado por API - Nuevo MODELO-DATOS.md: esquema SQL Postgres + diagrama ER (promociones, obra, comercializacion, terceros, documental) con enlaces a Holded y Attio
- Proyecto Supabase creado (erp-grupo-tesela, region UE) con 14 tablas - RLS base aplicado (acceso anonimo bloqueado) - Prueba end-to-end del modelo de datos superada
- Edge Function que lee contactos de Holded y los vuelca en cliente/proveedor - Upsert por holded_id (indice unico parcial) para no duplicar - Usa secreto HOLDED_API_KEY; pendiente de activar - Documentado el proceso de activacion en ESTADO.md
Adds tests for the highest-risk untested code identified during a coverage analysis: - pkg/lockdown: IsSafeContent (the content-safety decision gate) and isTrustedBot were at 0%. New table-driven tests exercise every branch of the safety logic (trusted bot, private repo, viewer-authored, push-access tiers, and the deny-by-default path), plus cache reuse, query-error propagation, option setters, and cacheKey normalization. Package coverage rises from ~52% to ~83%. - pkg/utils: the tool-result constructors (used by every tool's output) were an entirely untested package at 0%; now fully covered.
The consolidated actions_* tools (ActionsGet, ActionsList, ActionsRunTrigger) dispatch to a set of unexported helpers that were at 0% coverage — the existing Test_* cases only validate the tool schemas, not these implementations. Adds direct white-box tests (success + API-error paths) for: getWorkflowJob, listWorkflowJobs, listWorkflowArtifacts, downloadWorkflowArtifact, getWorkflowRunLogsURL, getWorkflowRunUsage, rerunWorkflowRun, rerunFailedJobs, and deleteWorkflowRunLogs. Each helper now sits at ~78-90%, raising actions.go from ~60% to ~81%.
- 19 acciones de Holded activas en Zapier (find_contact, create_invoice, etc.) - Documentadas las dos vias: Zapier (transaccional) + Edge Function (carga masiva)
- Lee las API keys desde el secret HOLDED_SOCIEDADES (JSON {nombre,key}), no del repo
- Crea/actualiza cada sociedad y asocia sus contactos via sociedad_id
- Upsert por holded_id para no duplicar
- Migracion: columna sociedad_id en cliente/proveedor + unique en sociedad.nombre - Documentada la plantilla del secret HOLDED_SOCIEDADES (sin claves)
- Tablas perfil + acceso_promocion vinculadas a Supabase Auth - Trigger de alta automatica de perfil y funciones helper RLS - RLS fino: direccion=todo; obra/comercial=lectura por promocion + escritura en su dominio - Endurecimiento: funciones helper retiradas del API REST publico - Migraciones SQL versionadas en supabase/migrations/
- Bucket privado 'documentos' con RLS por promocion (ruta <promocion_id>/...) - Funcion promocion_de_path para aplicar permisos a los archivos - Vista v_rentabilidad_promocion (ingresos vs coste real) con security_invoker
- v_comercializacion_promocion: unidades por estado, % colocado, importe vendido - security_invoker para respetar RLS
- Pantalla del panel con KPIs, comercializacion, avance de obra y control presupuestario - Datos de la promocion demo; base para el frontend real del ERP
PR #3 raised pkg/lockdown coverage to 83.1% via safety_test.go. This adds the branches it left uncovered, in a separate file to avoid duplicate test symbols: - getRepoAccessInfo: the repo-cached-but-new-user merge path - queryRepoAccessInfo: GraphQL server-error propagation - log: the emit and below-threshold suppression branches Package coverage 83.1% -> 98.7%. No production code changes. https://claude.ai/code/session_01W9xh1kJCqtHqBgBAMQikon
- Login, Dashboard, Listado de promociones, Panel comercial y Ficha de vivienda - Mismo diseno previsto para Figma, con datos de la promocion demo
Adds a self-contained .claude/ setup that codifies the workflows in CLAUDE.md as reusable subagents, slash commands, an auto-loading skill, and conservative permission rules. Subagents (.claude/agents/): - tool-adder: adds an MCP tool following the canonical pattern - snapshot-keeper: refreshes pkg/github/__toolsnaps__ safely - lint-fixer: diagnoses and fixes golangci-lint failures - pr-babysitter: triages CI failures and review comments on a PR Slash commands (.claude/commands/): - /add-tool, /check-pr, /fix-lint, /refresh-snapshots Skill (.claude/skills/mcp-tool-pattern/): - Auto-activates when editing pkg/github/, surfaces the tool pattern, parameter helpers, and error-path conventions. Settings (.claude/settings.json): - allow: read-only ops, builds, tests, lints, doc gen, read-only MCP GitHub queries - ask: edits, commits, push, MCP write operations - deny: rm -rf, sudo, all force-push variants (including --force-with-lease), reset --hard, branch -D, git config, curl|sh, auto-merge No source code or workflows are touched. https://claude.ai/code/session_018psjWyFFcz83JXdxBQMUdd
The tool-adder agent referenced /home/user/github-mcp-server/CLAUDE.md, which only resolves on the original author's checkout. Claude Code already discovers project CLAUDE.md at the repo root, so refer to it by location, not absolute path. Addresses Codex review feedback on PR #7. https://claude.ai/code/session_018psjWyFFcz83JXdxBQMUdd
- Tabla factura_pendiente + trigger encolar_factura al escriturar compraventa - Backfill de compraventas ya escrituradas; RLS por promocion - Lista para que Make/Zapier emita las facturas en Holded (create_invoice)
- v_tesoreria_promocion: contratado en hitos, cobrado y pendiente de cobro - README que ata toda la documentacion del ERP para el equipo
chore: add coordinated Claude Code tooling for this project
This workflow builds and tests the Go application on push and pull request events for specified Go versions.
- Login con Supabase Auth + dashboard de promociones en vivo - Carga v_comercializacion_promocion y v_rentabilidad_promocion (RLS por rol) - Sin framework ni build; clave publishable (publica, seguridad por RLS)
- Vista v_resumen_grupo: KPIs agregados (cartera, vendido, margen, caja) - Banda de resumen en la pantalla de inicio + promociones ordenadas por margen - Re-desplegada la Edge Function app (v4)
go.mod declares 'go 1.25.0', so the build (1.24) matrix job is intrinsically incompatible: running 'go test -coverprofile' under Go 1.24 against a 1.25 module fails with 'go: no such tool covdata' while instrumenting script/print-mcp-diff-configs. The 1.25 job already passes. Align the matrix with the version the module actually requires.
The 'Run tests with coverage' step ran 'go test -coverprofile=coverage.out ./...'. Passing packages that have no test files (cmd/..., internal/profiler, pkg/context, pkg/http/mark, script/print-mcp-diff-configs) to a combined -coverprofile triggers 'go tool covdata', which fails with 'go: no such tool covdata' for those packages and fails the whole job. Restrict the coverage run to packages that actually have tests via 'go list', which avoids the covdata invocation while still producing coverage.out.
- Boton '+ Cert.' por contrato en el detalle (rol direccion/obra) - Modal con numero, importe y fecha -> inserta certificacion - El coste real y el margen se actualizan solos (verificado) - RLS obra_certificacion + Edge Function app v5
…ctor safety_coverage_test.go (added in eed328b) targets the pre-refactor lockdown API: it references the newSafetyTestCache helper (removed with safety_test.go), the deleted SetLogger method, and queryRepoAccessInfo's old 4-arg signature. None of these exist after the lockdown rewrite, so pkg/lockdown fails to build on main. lockdown_test.go already covers IsSafeContent and the cache paths, so remove the incompatible file to restore the build.
- Sincronizacion via API directa de Holded (pg_net) en Supabase - 28 clientes + 19 proveedores reales volcados en la BD - 4 de 5 keys invalidas (rotadas); pendientes las vigentes - Rastro temporal de pg_net eliminado por seguridad
- Navegacion Promociones/Contactos en la topbar - Tablas de clientes y proveedores (incluye los 47 reales de Holded) - Edge Function app v6
Reverts the go list filter from the previous commit per review feedback: that filter dropped no-test packages (e.g. script/print-mcp-diff-configs, pkg/context) from coverage.out, hiding them instead of reporting 0%. Root cause of the 'go: no such tool covdata' failure is setup-go@v4 not installing Go 1.25 natively, so go falls back to the module toolchain (golang.org/toolchain@...go1.25.0), which omits the covdata tool. Bumping to setup-go@v6 (matching go.yml) installs Go natively — which includes covdata — so 'go test -coverprofile=coverage.out ./...' works across all packages.
- Tabla factura_holded (ventas y compras), RLS solo direccion - 56 facturas reales importadas (30 ventas + 26 compras) via API Holded - Rastro temporal de pg_net eliminado
- Navegacion Facturas con KPIs (ventas/compras/pendiente cobro/pago) y tabla - Lee factura_holded (56 facturas reales); visible solo para Direccion - Edge Function app v7
- Key cifrada en Supabase Vault (RPC get_holded_keys, solo service_role) - sync-holded reescrita: lee del vault, sincroniza contactos + facturas - Cron diario (pg_cron) a las 06:00 que invoca la funcion via pg_net - Indices UNIQUE en holded_id para upsert idempotente - Probada end-to-end: 28 clientes, 19 proveedores, 56 facturas
ci: actualizar setup-go a v6 (arregla covdata) y restaurar la compilación de pkg/lockdown
…mmendations-hzwhi4
- P1: anadir migraciones base Fase 0 (01-04) -> el esquema se recrea desde cero
- P1: supabase/config.toml con verify_jwt=false para app y sync-holded (cron)
- P2: anadir supabase/functions/app/index.ts (función reproducible desde el repo)
- P2: escapar (anti-XSS) los datos importados de Holded antes de render (app + edge fn)
- P2: v_comercializacion_promocion devuelve 'estado' (la app ya no muestra '—')
- P2: documentar que las keys van en Vault ('holded_sociedades'), no en Edge secret
- Boton '+ Nueva promocion' en el dashboard (visible para direccion) - Modal: nombre, municipio, tipo, estado, presupuesto y sociedad (existente o nueva) - Inserta promocion (y sociedad si procede) sin SQL - App canonica + Edge Function app v9 alineadas
- Edge Function emit-facturas: consumidor de la cola factura_pendiente que emite en Holded via API directa. Seguro: exige service-role key, dryRun por defecto, solo clientes con holded_id (ignora datos demo) - Cron de sync-holded: timeout_milliseconds=90000 (la sync tarda ~31s; pg_net abandonaba a los 5s y marcaba timeout ciego) - config.toml: registra la funcion emit-facturas - ESTADO.md: refleja consumidor real, fix del cron y purga de datos demo Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com> Claude-Session: https://claude.ai/code/session_01PKkvWSji6Gz89BK3N15Z5u
v_comercializacion_promocion usaba INNER JOIN a fase/unidad, asi que una promocion recien creada (sin unidades) quedaba excluida de la rejilla. Se pasa a LEFT JOIN para que aparezca al instante con los contadores a 0. Verificado en vivo con una promocion temporal. Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com> Claude-Session: https://claude.ai/code/session_01PKkvWSji6Gz89BK3N15Z5u
Carpeta /tesela_omega_audit/ con inventario, forense (Supabase/GitHub/MCP/Holded), seguridad, costes, arquitectura, plan de reparacion, producto y cuadros de mando. Modo read-only: cero cambios en produccion/repos/servicios. Sin secretos expuestos. Riesgos P0 reportados: claude_sessions escribible por anon (consumida por agentes IA), y datos reales sin PITR (Supabase plan Free). Reparacion pendiente de aprobacion. Co-Authored-By: Claude Haiku 4.5 <noreply@anthropic.com> Claude-Session: https://claude.ai/code/session_01PKkvWSji6Gz89BK3N15Z5u
Documents audit completion (78 files, commit 253cbc2), the 2 unrepaired P0 risks awaiting approval, pending decisions D1-D4, and how to resume in a future session. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com> Claude-Session: https://claude.ai/code/session_01PKkvWSji6Gz89BK3N15Z5u
Single top-level review of the whole Grupo Tesela digital ecosystem: system map, live ERP state, P0/P1 risks, D1-D4 decisions, action plans, and where to resume. Synthesizes the tesela_omega_audit/ deliverables into one read-first document. Read-only; no production changes. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com> Claude-Session: https://claude.ai/code/session_01PKkvWSji6Gz89BK3N15Z5u
Aligns the "last updated" date on the two synthesis documents (SESION_ESTADO, MASTER_REVIEW) with the current date. Forensic reports keep 2026-06-22 (live-evidence capture date). Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com> Claude-Session: https://claude.ai/code/session_01PKkvWSji6Gz89BK3N15Z5u
✅ Deploy Preview for neon-toffee-d6b114 ready!
To edit notification comments on pull requests, go to your Netlify project configuration. |
✅ Deploy Preview for cosmic-quokka-b1b316 ready!
To edit notification comments on pull requests, go to your Netlify project configuration. |
Owner
Author
|
Cerrado en favor de #18. Este PR arrastraba toda la divergencia de la rama de desarrollo ( La entrega de la auditoría se ha reubicado en #18, una rama limpia partida desde Generated by Claude Code |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Resumen
Auditoría forense del ecosistema digital de Grupo Tesela ejecutada en modo read-only (sin cambios en producción, sin despliegues, sin borrados, sin secretos expuestos). Esta rama añade documentación únicamente — no toca código del servidor MCP ni del ERP.
Qué incluye
_REPORT/MASTER_REVIEW_SISTEMA.md— punto de entrada único: mapa del sistema, estado del ERP en vivo, riesgos P0/P1, decisiones D1–D4, planes 7/30/90 días.tesela_omega_audit/— 78 archivos en 10 directorios (ejecutivo, inventario, forense, seguridad, costes, arquitectura, reparación, producto/negocio, dashboards, apéndices).tesela_omega_audit/SESION_ESTADO.md— archivo de continuación de sesión.Hallazgos críticos (P0 — reportados, NO reparados)
claude_sessionsescribible por anónimos y consumida por agentes IA con permisos de escritura → vector de prompt-injection hacia producción.Decisiones pendientes de dirección
erp-grupo-tesela(operación) +Tesela-iA-v.0(análisis)claude_sessionsaanonVerificación
git grep).pkg/,cmd/,internal/.🤖 Generated with Claude Code
https://claude.ai/code/session_01PKkvWSji6Gz89BK3N15Z5u
Generated by Claude Code