From 297ef231c5b75379f886901605f0d8409cdca37b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?DonaldFang=20=E6=96=B9=E5=A3=AB=E7=A2=A9?= Date: Tue, 28 Oct 2025 15:50:53 +0800 Subject: [PATCH] Initial commit --- # 夥伴對齊系統 - 測試驅動開發文件 (TDD).txt | 2491 ++++++++++++++++ .claude/settings.local.json | 9 + .github/workflows/ci.yml | 182 ++ FEATURES_COMPLETED.md | 114 + PROJECT_SUMMARY.md | 376 +++ README.md | 390 +++ __pycache__/admin_routes.cpython-313.pyc | Bin 0 -> 24163 bytes __pycache__/app.cpython-313.pyc | Bin 0 -> 24579 bytes __pycache__/auth.cpython-313.pyc | Bin 0 -> 13759 bytes __pycache__/auth_routes.cpython-313.pyc | Bin 0 -> 11005 bytes __pycache__/config.cpython-313.pyc | Bin 0 -> 3162 bytes __pycache__/dashboard_routes.cpython-313.pyc | Bin 0 -> 13405 bytes __pycache__/models.cpython-313.pyc | Bin 0 -> 17683 bytes __pycache__/simple_app.cpython-311.pyc | Bin 0 -> 44889 bytes config.py | 31 + instance/partner_alignment.db | Bin 0 -> 40960 bytes migrate_db.py | 17 + partner alignment SDD-2.txt | 2667 ++++++++++++++++++ partner alignment SDD.docx | Bin 0 -> 47674 bytes partner alignment SDD.txt | 667 +++++ requirements-simple.txt | 25 + requirements.txt | 22 + run.bat | 35 + security-fixes.md | 894 ++++++ setup.bat | 48 + simple_app.py | 952 +++++++ static/css/style.css | 507 ++++ static/js/admin.js | 324 +++ static/js/app.js | 1646 +++++++++++ static/js/assessment.js | 386 +++ templates/index.html | 925 ++++++ 31 files changed, 12708 insertions(+) create mode 100644 # 夥伴對齊系統 - 測試驅動開發文件 (TDD).txt create mode 100644 .claude/settings.local.json create mode 100644 .github/workflows/ci.yml create mode 100644 FEATURES_COMPLETED.md create mode 100644 PROJECT_SUMMARY.md create mode 100644 README.md create mode 100644 __pycache__/admin_routes.cpython-313.pyc create mode 100644 __pycache__/app.cpython-313.pyc create mode 100644 __pycache__/auth.cpython-313.pyc create mode 100644 __pycache__/auth_routes.cpython-313.pyc create mode 100644 __pycache__/config.cpython-313.pyc create mode 100644 __pycache__/dashboard_routes.cpython-313.pyc create mode 100644 __pycache__/models.cpython-313.pyc create mode 100644 __pycache__/simple_app.cpython-311.pyc create mode 100644 config.py create mode 100644 instance/partner_alignment.db create mode 100644 migrate_db.py create mode 100644 partner alignment SDD-2.txt create mode 100644 partner alignment SDD.docx create mode 100644 partner alignment SDD.txt create mode 100644 requirements-simple.txt create mode 100644 requirements.txt create mode 100644 run.bat create mode 100644 security-fixes.md create mode 100644 setup.bat create mode 100644 simple_app.py create mode 100644 static/css/style.css create mode 100644 static/js/admin.js create mode 100644 static/js/app.js create mode 100644 static/js/assessment.js create mode 100644 templates/index.html diff --git a/# 夥伴對齊系統 - 測試驅動開發文件 (TDD).txt b/# 夥伴對齊系統 - 測試驅動開發文件 (TDD).txt new file mode 100644 index 0000000..69fad87 --- /dev/null +++ b/# 夥伴對齊系統 - 測試驅動開發文件 (TDD).txt @@ -0,0 +1,2491 @@ +# 夥伴對齊系統 - 測試驅動開發文件 (TDD) + +## 1. 文件資訊 + +**版本**: 1.0 +**最後更新**: 2025年10月 +**關聯文件**: SDD v1.0 +**測試框架**: pytest + unittest + +--- + +## 2. 測試策略概覽 + +### 2.1 核心測試理念 + +**TDD循環**: +``` +┌──────────────────────────────────────┐ +│ RED (紅燈) → GREEN (綠燈) → REFACTOR (重構) │ +│ ↓ ↓ ↓ │ +│ 寫測試失敗 實作最小程式碼 優化程式碼 │ +└──────────────────────────────────────┘ +``` + +**測試金字塔**: +``` + ┌─────────┐ + │ E2E測試 │ 10% + │ (5) │ + ┌──┴─────────┴──┐ + │ 整合測試 │ 30% + │ (50) │ + ┌──┴──────────────┴──┐ + │ 單元測試 │ 60% + │ (200+) │ + └────────────────────┘ +``` + +### 2.2 測試覆蓋率目標 + +| 測試類型 | 目標覆蓋率 | 優先級 | +|---------|-----------|--------| +| 單元測試 | 80%+ | 🔴 最高 | +| 整合測試 | 70%+ | 🟡 高 | +| API測試 | 100% | 🔴 最高 | +| 端到端測試 | 核心流程100% | 🟡 高 | + +### 2.3 測試環境配置 + +```python +# 測試環境設定檔 (test_config.py) +TEST_DATABASE_URI = 'mysql://test_user:test_pass@localhost/test_db' +TEST_SECRET_KEY = 'test_secret_key_for_testing_only' +TESTING = True +DEBUG = False +SQLALCHEMY_ECHO = False # 關閉SQL日誌 +``` + +--- + +## 3. 單元測試設計 + +### 3.1 測試檔案結構 + +``` +tests/ +├── __init__.py +├── conftest.py # pytest配置與fixtures +├── unit/ # 單元測試 +│ ├── __init__.py +│ ├── test_models.py # 資料模型測試 +│ ├── test_validators.py # 驗證邏輯測試 +│ ├── test_utils.py # 工具函數測試 +│ └── test_calculations.py # 計算邏輯測試 +├── integration/ # 整合測試 +│ ├── __init__.py +│ ├── test_api_assessments.py +│ ├── test_api_star.py +│ ├── test_api_rankings.py +│ └── test_database.py +├── e2e/ # 端到端測試 +│ ├── __init__.py +│ └── test_workflows.py +└── fixtures/ # 測試資料 + ├── sample_assessments.json + └── sample_star_feedbacks.json +``` + +### 3.2 測試基礎設施 (conftest.py) + +```python +import pytest +from app import create_app, db +from app.models import Assessment, Capability, StarFeedback, EmployeePoints + +@pytest.fixture(scope='session') +def app(): + """建立測試用Flask應用程式""" + app = create_app('testing') + return app + +@pytest.fixture(scope='session') +def _db(app): + """建立測試資料庫""" + with app.app_context(): + db.create_all() + yield db + db.drop_all() + +@pytest.fixture(scope='function') +def client(app): + """建立測試客戶端""" + return app.test_client() + +@pytest.fixture(scope='function') +def db_session(_db): + """提供獨立的資料庫session""" + connection = _db.engine.connect() + transaction = connection.begin() + + session = _db.create_scoped_session( + options={"bind": connection, "binds": {}} + ) + _db.session = session + + yield session + + transaction.rollback() + connection.close() + session.remove() + +@pytest.fixture +def sample_capability(): + """範例能力項目""" + return Capability( + name="程式設計與開發", + l1_description="基礎程式撰寫能力", + l2_description="獨立完成功能開發", + l3_description="架構設計與優化", + l4_description="技術領導與指導", + l5_description="技術策略制定" + ) + +@pytest.fixture +def sample_assessment_data(): + """範例評估資料""" + return { + "department": "技術部", + "position": "資深工程師", + "employee_name": "測試員工A", + "assessment_data": { + "L1": ["程式設計與開發"], + "L2": ["系統分析與設計"], + "L3": ["專案管理"], + "L4": [], + "L5": [] + } + } + +@pytest.fixture +def sample_star_feedback(): + """範例STAR回饋""" + return { + "evaluator_name": "主管A", + "evaluatee_name": "員工B", + "evaluatee_department": "技術部", + "evaluatee_position": "工程師", + "situation": "專案遇到緊急技術問題,系統出現嚴重效能瓶頸", + "task": "需在24小時內找出問題根源並提出解決方案", + "action": "透過profiling工具分析,發現資料庫查詢N+1問題,重構查詢邏輯", + "result": "系統回應時間從3秒降至0.5秒,客戶滿意度提升", + "score": 4, + "feedback_date": "2025-10-15" + } +``` + +--- + +## 4. 資料模型測試 + +### 4.1 Assessment Model 測試 + +**測試檔案**: `tests/unit/test_models.py` + +#### 測試案例 1: 建立評估記錄 + +```python +class TestAssessmentModel: + """Assessment模型測試""" + + def test_create_assessment_success(self, db_session, sample_assessment_data): + """ + 測試目標: 驗證評估記錄能正確建立 + + 測試步驟: + 1. 建立Assessment物件 + 2. 儲存至資料庫 + 3. 驗證資料正確性 + + 預期結果: + - 記錄成功建立 + - 自動生成ID + - created_at自動設定 + - assessment_data正確儲存為JSON + """ + # RED: 先寫測試 + assessment = Assessment( + department=sample_assessment_data['department'], + position=sample_assessment_data['position'], + employee_name=sample_assessment_data['employee_name'], + assessment_data=sample_assessment_data['assessment_data'] + ) + + db_session.add(assessment) + db_session.commit() + + # 驗證 + assert assessment.id is not None + assert assessment.department == "技術部" + assert assessment.position == "資深工程師" + assert assessment.created_at is not None + assert isinstance(assessment.assessment_data, dict) + assert "L1" in assessment.assessment_data + + def test_assessment_requires_department(self, db_session): + """ + 測試目標: 驗證必填欄位驗證 + + 預期結果: 缺少department時拋出IntegrityError + """ + from sqlalchemy.exc import IntegrityError + + assessment = Assessment( + position="工程師", + assessment_data={} + ) + + db_session.add(assessment) + + with pytest.raises(IntegrityError): + db_session.commit() + + def test_assessment_json_serialization(self, db_session, sample_assessment_data): + """ + 測試目標: 驗證JSON序列化/反序列化 + + 預期結果: assessment_data能正確轉換為JSON並還原 + """ + assessment = Assessment(**sample_assessment_data) + db_session.add(assessment) + db_session.commit() + + # 重新查詢 + retrieved = db_session.query(Assessment).filter_by( + id=assessment.id + ).first() + + assert retrieved.assessment_data == sample_assessment_data['assessment_data'] + assert isinstance(retrieved.assessment_data['L1'], list) +``` + +#### 測試案例 2: 查詢與篩選 + +```python + def test_filter_by_department(self, db_session): + """ + 測試目標: 驗證按部門篩選功能 + + 測試資料: + - 技術部: 3筆 + - 業務部: 2筆 + + 預期結果: 正確篩選出對應部門的資料 + """ + # 建立測試資料 + departments = ["技術部"] * 3 + ["業務部"] * 2 + for i, dept in enumerate(departments): + assessment = Assessment( + department=dept, + position="職位" + str(i), + assessment_data={} + ) + db_session.add(assessment) + db_session.commit() + + # 測試篩選 + tech_assessments = db_session.query(Assessment).filter_by( + department="技術部" + ).all() + + assert len(tech_assessments) == 3 + assert all(a.department == "技術部" for a in tech_assessments) + + def test_pagination(self, db_session): + """ + 測試目標: 驗證分頁功能 + + 測試資料: 25筆記錄 + 分頁設定: 每頁10筆 + + 預期結果: + - 第1頁: 10筆 + - 第2頁: 10筆 + - 第3頁: 5筆 + """ + # 建立25筆測試資料 + for i in range(25): + assessment = Assessment( + department="部門" + str(i % 3), + position="職位", + assessment_data={} + ) + db_session.add(assessment) + db_session.commit() + + # 測試分頁 + page1 = db_session.query(Assessment).limit(10).offset(0).all() + page2 = db_session.query(Assessment).limit(10).offset(10).all() + page3 = db_session.query(Assessment).limit(10).offset(20).all() + + assert len(page1) == 10 + assert len(page2) == 10 + assert len(page3) == 5 +``` + +### 4.2 StarFeedback Model 測試 + +```python +class TestStarFeedbackModel: + """STAR回饋模型測試""" + + def test_create_star_feedback_success(self, db_session, sample_star_feedback): + """ + 測試目標: 驗證STAR回饋記錄建立 + + 預期結果: + - 所有欄位正確儲存 + - points_earned自動計算 (score * 10) + """ + feedback = StarFeedback(**sample_star_feedback) + + db_session.add(feedback) + db_session.commit() + + assert feedback.id is not None + assert feedback.score == 4 + assert feedback.points_earned == 40 # 自動計算 + assert feedback.evaluator_name == "主管A" + assert len(feedback.situation) > 0 + + def test_score_validation(self, db_session): + """ + 測試目標: 驗證評分範圍限制 + + 測試案例: + - score = 0: 應失敗 + - score = 1-5: 應成功 + - score = 6: 應失敗 + + 預期結果: 只接受1-5的評分 + """ + from sqlalchemy.exc import IntegrityError + + # 測試無效評分 (0) + invalid_feedback = StarFeedback( + evaluator_name="主管", + evaluatee_name="員工", + evaluatee_department="部門", + evaluatee_position="職位", + situation="S", task="T", action="A", result="R", + score=0, + feedback_date="2025-10-15" + ) + + db_session.add(invalid_feedback) + with pytest.raises(IntegrityError): + db_session.commit() + db_session.rollback() + + # 測試有效評分 (1-5) + for score in range(1, 6): + valid_feedback = StarFeedback( + evaluator_name="主管", + evaluatee_name=f"員工{score}", + evaluatee_department="部門", + evaluatee_position="職位", + situation="S", task="T", action="A", result="R", + score=score, + feedback_date="2025-10-15" + ) + db_session.add(valid_feedback) + db_session.commit() + + assert valid_feedback.points_earned == score * 10 + + def test_star_required_fields(self, db_session): + """ + 測試目標: 驗證STAR四個欄位為必填 + + 預期結果: 缺少任一STAR欄位時應失敗 + """ + from sqlalchemy.exc import IntegrityError + + base_data = { + "evaluator_name": "主管", + "evaluatee_name": "員工", + "evaluatee_department": "部門", + "evaluatee_position": "職位", + "score": 3, + "feedback_date": "2025-10-15" + } + + # 測試缺少每個STAR欄位 + star_fields = ['situation', 'task', 'action', 'result'] + + for missing_field in star_fields: + data = base_data.copy() + # 給予其他三個欄位值 + for field in star_fields: + if field != missing_field: + data[field] = "測試內容" + + feedback = StarFeedback(**data) + db_session.add(feedback) + + with pytest.raises(IntegrityError): + db_session.commit() + db_session.rollback() +``` + +### 4.3 EmployeePoints Model 測試 + +```python +class TestEmployeePointsModel: + """員工積分模型測試""" + + def test_create_employee_points(self, db_session): + """ + 測試目標: 建立員工積分記錄 + + 預期結果: 預設積分為0 + """ + employee = EmployeePoints( + employee_name="員工A", + department="技術部", + position="工程師" + ) + + db_session.add(employee) + db_session.commit() + + assert employee.total_points == 0 + assert employee.monthly_points == 0 + assert employee.last_updated is not None + + def test_update_points(self, db_session): + """ + 測試目標: 驗證積分更新邏輯 + + 測試步驟: + 1. 建立員工記錄 + 2. 新增30積分 + 3. 再新增20積分 + + 預期結果: + - total_points = 50 + - monthly_points = 50 + - last_updated已更新 + """ + employee = EmployeePoints( + employee_name="員工B", + department="技術部", + position="工程師" + ) + db_session.add(employee) + db_session.commit() + + original_time = employee.last_updated + + # 第一次新增積分 + employee.total_points += 30 + employee.monthly_points += 30 + db_session.commit() + + assert employee.total_points == 30 + assert employee.last_updated > original_time + + # 第二次新增積分 + employee.total_points += 20 + employee.monthly_points += 20 + db_session.commit() + + assert employee.total_points == 50 + assert employee.monthly_points == 50 + + def test_unique_employee_name(self, db_session): + """ + 測試目標: 驗證員工姓名唯一性約束 + + 預期結果: 重複員工姓名應失敗 + """ + from sqlalchemy.exc import IntegrityError + + # 第一個員工 + employee1 = EmployeePoints( + employee_name="重複姓名", + department="技術部", + position="工程師" + ) + db_session.add(employee1) + db_session.commit() + + # 嘗試建立同名員工 + employee2 = EmployeePoints( + employee_name="重複姓名", + department="業務部", + position="專員" + ) + db_session.add(employee2) + + with pytest.raises(IntegrityError): + db_session.commit() +``` + +--- + +## 5. 業務邏輯測試 + +### 5.1 積分計算邏輯測試 + +**測試檔案**: `tests/unit/test_calculations.py` + +```python +class TestPointsCalculation: + """積分計算邏輯測試""" + + @pytest.mark.parametrize("score,expected_points", [ + (1, 10), + (2, 20), + (3, 30), + (4, 40), + (5, 50), + ]) + def test_calculate_points_from_score(self, score, expected_points): + """ + 測試目標: 驗證積分計算公式 + + 計算規則: points = score × 10 + + 測試案例: 所有有效評分 (1-5) + """ + from app.utils import calculate_points + + points = calculate_points(score) + assert points == expected_points + + def test_invalid_score_raises_error(self): + """ + 測試目標: 驗證無效評分處理 + + 測試案例: + - score < 1 + - score > 5 + - score 非整數 + + 預期結果: 拋出ValueError + """ + from app.utils import calculate_points + + with pytest.raises(ValueError): + calculate_points(0) + + with pytest.raises(ValueError): + calculate_points(6) + + with pytest.raises(ValueError): + calculate_points(3.5) + + def test_accumulate_employee_points(self, db_session): + """ + 測試目標: 驗證員工積分累積邏輯 + + 測試情境: + - 員工收到3次回饋: 評分3, 4, 5 + - 預期總積分: 120分 + + 預期結果: + - total_points正確累加 + - monthly_points正確累加 + """ + from app.services import accumulate_points + + employee = EmployeePoints( + employee_name="測試員工", + department="技術部", + position="工程師" + ) + db_session.add(employee) + db_session.commit() + + # 累加積分 + scores = [3, 4, 5] + for score in scores: + points = calculate_points(score) + accumulate_points(db_session, "測試員工", points) + + # 驗證 + updated_employee = db_session.query(EmployeePoints).filter_by( + employee_name="測試員工" + ).first() + + assert updated_employee.total_points == 120 + assert updated_employee.monthly_points == 120 +``` + +### 5.2 排名計算邏輯測試 + +```python +class TestRankingCalculation: + """排名計算邏輯測試""" + + def test_calculate_rankings_basic(self, db_session): + """ + 測試目標: 基本排名計算 + + 測試資料: + - 員工A: 100分 → 排名1 + - 員工B: 80分 → 排名2 + - 員工C: 60分 → 排名3 + + 預期結果: 排名正確且按積分降序 + """ + from app.services import calculate_monthly_rankings + from datetime import date + + # 建立測試資料 + employees = [ + EmployeePoints(employee_name="員工A", department="技術部", + position="工程師", total_points=100, monthly_points=100), + EmployeePoints(employee_name="員工B", department="技術部", + position="工程師", total_points=80, monthly_points=80), + EmployeePoints(employee_name="員工C", department="業務部", + position="專員", total_points=60, monthly_points=60), + ] + + for emp in employees: + db_session.add(emp) + db_session.commit() + + # 計算排名 + ranking_month = date(2025, 10, 1) + calculate_monthly_rankings(db_session, ranking_month) + + # 驗證排名 + rankings = db_session.query(MonthlyRanking).filter_by( + ranking_month=ranking_month + ).order_by(MonthlyRanking.ranking).all() + + assert len(rankings) == 3 + assert rankings[0].employee_name == "員工A" + assert rankings[0].ranking == 1 + assert rankings[1].employee_name == "員工B" + assert rankings[1].ranking == 2 + assert rankings[2].employee_name == "員工C" + assert rankings[2].ranking == 3 + + def test_calculate_rankings_with_ties(self, db_session): + """ + 測試目標: 並列排名處理 + + 測試資料: + - 員工A: 100分 → 排名1 + - 員工B: 80分 → 排名2 + - 員工C: 80分 → 排名2 (並列) + - 員工D: 60分 → 排名4 (跳號) + + 預期結果: 並列者同排名,下一名次跳號 + """ + from app.services import calculate_monthly_rankings + from datetime import date + + employees = [ + EmployeePoints(employee_name="員工A", department="技術部", + position="工程師", total_points=100, monthly_points=100), + EmployeePoints(employee_name="員工B", department="技術部", + position="工程師", total_points=80, monthly_points=80), + EmployeePoints(employee_name="員工C", department="業務部", + position="專員", total_points=80, monthly_points=80), + EmployeePoints(employee_name="員工D", department="業務部", + position="專員", total_points=60, monthly_points=60), + ] + + for emp in employees: + db_session.add(emp) + db_session.commit() + + ranking_month = date(2025, 10, 1) + calculate_monthly_rankings(db_session, ranking_month) + + rankings = db_session.query(MonthlyRanking).filter_by( + ranking_month=ranking_month + ).order_by(MonthlyRanking.ranking, MonthlyRanking.employee_name).all() + + assert rankings[0].ranking == 1 + assert rankings[1].ranking == 2 + assert rankings[2].ranking == 2 # 並列 + assert rankings[3].ranking == 4 # 跳號 + + def test_exclude_zero_points_from_ranking(self, db_session): + """ + 測試目標: 零積分員工不列入排名 + + 測試資料: + - 員工A: 50分 + - 員工B: 0分 + + 預期結果: 只有員工A出現在排名中 + """ + from app.services import calculate_monthly_rankings + from datetime import date + + employees = [ + EmployeePoints(employee_name="員工A", department="技術部", + position="工程師", total_points=50, monthly_points=50), + EmployeePoints(employee_name="員工B", department="技術部", + position="工程師", total_points=0, monthly_points=0), + ] + + for emp in employees: + db_session.add(emp) + db_session.commit() + + ranking_month = date(2025, 10, 1) + calculate_monthly_rankings(db_session, ranking_month) + + rankings = db_session.query(MonthlyRanking).filter_by( + ranking_month=ranking_month + ).all() + + assert len(rankings) == 1 + assert rankings[0].employee_name == "員工A" + + def test_reset_monthly_points_after_calculation(self, db_session): + """ + 測試目標: 計算排名後重置月度積分 + + 預期結果: + - total_points保持不變 + - monthly_points重置為0 + """ + from app.services import calculate_monthly_rankings + from datetime import date + + employee = EmployeePoints( + employee_name="員工A", + department="技術部", + position="工程師", + total_points=100, + monthly_points=100 + ) + db_session.add(employee) + db_session.commit() + + ranking_month = date(2025, 10, 1) + calculate_monthly_rankings(db_session, ranking_month) + + updated_employee = db_session.query(EmployeePoints).filter_by( + employee_name="員工A" + ).first() + + assert updated_employee.total_points == 100 # 不變 + assert updated_employee.monthly_points == 0 # 重置 +``` + +### 5.3 資料驗證測試 + +```python +class TestDataValidation: + """資料驗證邏輯測試""" + + def test_validate_assessment_data_valid(self): + """ + 測試目標: 驗證有效的評估資料 + + 預期結果: 驗證通過,回傳True + """ + from app.validators import validate_assessment_data + + valid_data = { + "department": "技術部", + "position": "工程師", + "assessment_data": { + "L1": ["能力1"], + "L2": ["能力2"], + "L3": [], + "L4": [], + "L5": [] + } + } + + is_valid, errors = validate_assessment_data(valid_data) + + assert is_valid is True + assert len(errors) == 0 + + def test_validate_assessment_data_missing_required_fields(self): + """ + 測試目標: 驗證缺少必填欄位 + + 測試案例: + - 缺少department + - 缺少position + - 缺少assessment_data + + 預期結果: 驗證失敗,回傳錯誤訊息 + """ + from app.validators import validate_assessment_data + + # 缺少department + data1 = { + "position": "工程師", + "assessment_data": {"L1": []} + } + is_valid1, errors1 = validate_assessment_data(data1) + assert is_valid1 is False + assert "department" in str(errors1).lower() + + # 缺少assessment_data + data2 = { + "department": "技術部", + "position": "工程師" + } + is_valid2, errors2 = validate_assessment_data(data2) + assert is_valid2 is False + assert "assessment_data" in str(errors2).lower() + + def test_validate_star_feedback_valid(self): + """ + 測試目標: 驗證有效的STAR回饋 + + 預期結果: 所有必填欄位驗證通過 + """ + from app.validators import validate_star_feedback + + valid_feedback = { + "evaluator_name": "主管A", + "evaluatee_name": "員工B", + "evaluatee_department": "技術部", + "evaluatee_position": "工程師", + "situation": "專案遇到緊急問題需要處理" * 2, # > 10字 + "task": "需要在限定時間內解決問題" * 2, + "action": "採取了具體的行動步驟處理" * 2, + "result": "成功解決問題並達成目標" * 2, + "score": 4, + "feedback_date": "2025-10-15" + } + + is_valid, errors = validate_star_feedback(valid_feedback) + + assert is_valid is True + assert len(errors) == 0 + + def test_validate_star_content_minimum_length(self): + """ + 測試目標: 驗證STAR內容最小長度要求 + + 要求: 每個STAR欄位至少10字元 + + 預期結果: 少於10字元應驗證失敗 + """ + from app.validators import validate_star_feedback + + short_feedback = { + "evaluator_name": "主管A", + "evaluatee_name": "員工B", + "evaluatee_department": "技術部", + "evaluatee_position": "工程師", + "situation": "太短", # < 10字 + "task": "需要在限定時間內解決問題" * 2, + "action": "採取了具體的行動步驟處理" * 2, + "result": "成功解決問題並達成目標" * 2, + "score": 4, + "feedback_date": "2025-10-15" + } + + is_valid, errors = validate_star_feedback(short_feedback) + + assert is_valid is False + assert "situation" in str(errors).lower() + assert "10" in str(errors) + + def test_validate_score_range(self): + """ + 測試目標: 驗證評分範圍 + + 有效範圍: 1-5 + + 測試案例: + - score = 0: 失敗 + - score = 3: 成功 + - score = 6: 失敗 + - score = "abc": 失敗 + """ + from app.validators import validate_score + + assert validate_score(0)[0] is False + assert validate_score(1)[0] is True + assert validate_score(3)[0] is True + assert validate_score(5)[0] is True + assert validate_score(6)[0] is False + assert validate_score("abc")[0] is False + + def test_validate_feedback_date_not_future(self): + """ + 測試目標: 驗證回饋日期不可為未來日期 + + 預期結果: 未來日期應驗證失敗 + """ + from app.validators import validate_feedback_date + from datetime import date, timedelta + + today = date.today() + yesterday = today - timedelta(days=1) + tomorrow = today + timedelta(days=1) + + assert validate_feedback_date(yesterday)[0] is True + assert validate_feedback_date(today)[0] is True + assert validate_feedback_date(tomorrow)[0] is False +``` + +--- + +## 6. API整合測試 + +### 6.1 Assessment API 測試 + +**測試檔案**: `tests/integration/test_api_assessments.py` + +```python +class TestAssessmentAPI: + """能力評估API整合測試""" + + def test_get_capabilities_success(self, client, db_session, sample_capability): + """ + 測試目標: GET /api/capabilities + + 測試步驟: + 1. 建立測試能力項目 + 2. 呼叫API + 3. 驗證回應 + + 預期結果: + - 狀態碼: 200 + - 回傳所有啟用的能力項目 + - JSON格式正確 + """ + # 準備資料 + db_session.add(sample_capability) + db_session.commit() + + # 呼叫API + response = client.get('/api/capabilities') + + # 驗證 + assert response.status_code == 200 + + data = response.get_json() + assert 'capabilities' in data + assert len(data['capabilities']) > 0 + + capability = data['capabilities'][0] + assert 'id' in capability + assert 'name' in capability + assert 'l1_description' in capability + + def test_post_assessment_success(self, client, db_session, sample_assessment_data): + """ + 測試目標: POST /api/assessments + + 測試步驟: + 1. 提交有效的評估資料 + 2. 驗證回應 + 3. 確認資料已儲存至資料庫 + + 預期結果: + - 狀態碼: 201 + - 回傳成功訊息 + - 資料庫有新記錄 + """ + response = client.post( + '/api/assessments', + json=sample_assessment_data, + content_type='application/json' + ) + + # 驗證回應 + assert response.status_code == 201 + + data = response.get_json() + assert data['success'] is True + assert 'assessment_id' in data + assert data['message'] == '評估提交成功' + + # 驗證資料庫 + assessment = db_session.query(Assessment).filter_by( + id=data['assessment_id'] + ).first() + + assert assessment is not None + assert assessment.department == "技術部" + assert assessment.position == "資深工程師" + + def test_post_assessment_missing_required_field(self, client): + """ + 測試目標: POST /api/assessments with missing field + + 測試案例: 缺少必填欄位department + + 預期結果: + - 狀態碼: 400 + - 錯誤訊息明確 + """ + invalid_data = { + "position": "工程師", + "assessment_data": {"L1": []} + } + + response = client.post( + '/api/assessments', + json=invalid_data, + content_type='application/json' + ) + + assert response.status_code == 400 + + data = response.get_json() + assert data['success'] is False + assert 'department' in data['message'].lower() + + def test_post_assessment_invalid_json(self, client): + """ + 測試目標: POST /api/assessments with invalid JSON + + 預期結果: + - 狀態碼: 400 + - 錯誤訊息 + """ + response = client.post( + '/api/assessments', + data='invalid json string', + content_type='application/json' + ) + + assert response.status_code == 400 + + def test_get_assessments_with_pagination(self, client, db_session): + """ + 測試目標: GET /api/assessments with pagination + + 測試資料: 25筆評估記錄 + 請求參數: page=2, per_page=10 + + 預期結果: + - 狀態碼: 200 + - 回傳第2頁的10筆資料 + - 包含分頁資訊 + """ + # 建立25筆測試資料 + for i in range(25): + assessment = Assessment( + department="部門" + str(i), + position="職位" + str(i), + assessment_data={} + ) + db_session.add(assessment) + db_session.commit() + + # 請求第2頁 + response = client.get('/api/assessments?page=2&per_page=10') + + assert response.status_code == 200 + + data = response.get_json() + assert len(data['assessments']) == 10 + assert data['page'] == 2 + assert data['per_page'] == 10 + assert data['total'] == 25 + assert data['pages'] == 3 + + def test_get_assessments_with_filters(self, client, db_session): + """ + 測試目標: GET /api/assessments with filters + + 測試資料: + - 技術部-工程師: 3筆 + - 技術部-專員: 2筆 + - 業務部-工程師: 2筆 + + 篩選條件: department=技術部, position=工程師 + + 預期結果: 只回傳3筆符合條件的資料 + """ + test_data = [ + ("技術部", "工程師"), + ("技術部", "工程師"), + ("技術部", "工程師"), + ("技術部", "專員"), + ("技術部", "專員"), + ("業務部", "工程師"), + ("業務部", "工程師"), + ] + + for dept, pos in test_data: + assessment = Assessment( + department=dept, + position=pos, + assessment_data={} + ) + db_session.add(assessment) + db_session.commit() + + response = client.get('/api/assessments?department=技術部&position=工程師') + + assert response.status_code == 200 + + data = response.get_json() + assert data['total'] == 3 + + # 驗證所有資料都符合篩選條件 + for assessment in data['assessments']: + assert assessment['department'] == '技術部' + assert assessment['position'] == '工程師' +``` + +### 6.2 STAR Feedback API 測試 + +```python +class TestStarFeedbackAPI: + """STAR回饋API整合測試""" + + def test_post_star_feedback_success(self, client, db_session, sample_star_feedback): + """ + 測試目標: POST /api/star-feedbacks + + 測試步驟: + 1. 提交有效的STAR回饋 + 2. 驗證回應 + 3. 確認積分已更新 + + 預期結果: + - 狀態碼: 201 + - 回傳成功訊息與積分 + - employee_points表已更新 + """ + response = client.post( + '/api/star-feedbacks', + json=sample_star_feedback, + content_type='application/json' + ) + + # 驗證回應 + assert response.status_code == 201 + + data = response.get_json() + assert data['success'] is True + assert data['points_earned'] == 40 # score 4 * 10 + + # 驗證資料庫 - 回饋記錄 + feedback = db_session.query(StarFeedback).filter_by( + evaluatee_name="員工B" + ).first() + + assert feedback is not None + assert feedback.score == 4 + assert feedback.points_earned == 40 + + # 驗證資料庫 - 積分更新 + employee = db_session.query(EmployeePoints).filter_by( + employee_name="員工B" + ).first() + + assert employee is not None + assert employee.total_points == 40 + assert employee.monthly_points == 40 + + def test_post_star_feedback_accumulate_points(self, client, db_session): + """ + 測試目標: 多次回饋的積分累積 + + 測試步驟: + 1. 提交第一次回饋(評分3) + 2. 提交第二次回饋(評分5) + 3. 驗證積分正確累加 + + 預期結果: total_points = 80 (30 + 50) + """ + feedback1 = { + "evaluator_name": "主管A", + "evaluatee_name": "員工C", + "evaluatee_department": "技術部", + "evaluatee_position": "工程師", + "situation": "情境描述內容足夠長度測試", + "task": "任務描述內容足夠長度測試", + "action": "行動描述內容足夠長度測試", + "result": "結果描述內容足夠長度測試", + "score": 3, + "feedback_date": "2025-10-15" + } + + feedback2 = feedback1.copy() + feedback2["score"] = 5 + feedback2["evaluator_name"] = "主管B" + + # 第一次回饋 + response1 = client.post('/api/star-feedbacks', json=feedback1) + assert response1.status_code == 201 + + # 第二次回饋 + response2 = client.post('/api/star-feedbacks', json=feedback2) + assert response2.status_code == 201 + + # 驗證積分累積 + employee = db_session.query(EmployeePoints).filter_by( + employee_name="員工C" + ).first() + + assert employee.total_points == 80 + assert employee.monthly_points == 80 + + def test_post_star_feedback_invalid_score(self, client, sample_star_feedback): + """ + 測試目標: 無效評分處理 + + 測試案例: score = 6 (超出範圍) + + 預期結果: + - 狀態碼: 400 + - 錯誤訊息 + """ + invalid_feedback = sample_star_feedback.copy() + invalid_feedback["score"] = 6 + + response = client.post('/api/star-feedbacks', json=invalid_feedback) + + assert response.status_code == 400 + data = response.get_json() + assert data['success'] is False + assert 'score' in data['message'].lower() + + def test_post_star_feedback_short_content(self, client, sample_star_feedback): + """ + 測試目標: STAR內容長度驗證 + + 測試案例: situation欄位少於10字元 + + 預期結果: + - 狀態碼: 400 + - 錯誤訊息指出內容太短 + """ + invalid_feedback = sample_star_feedback.copy() + invalid_feedback["situation"] = "太短" + + response = client.post('/api/star-feedbacks', json=invalid_feedback) + + assert response.status_code == 400 + data = response.get_json() + assert 'situation' in data['message'].lower() +``` + +### 6.3 Rankings API 測試 + +```python +class TestRankingsAPI: + """排名API整合測試""" + + def test_get_total_rankings_success(self, client, db_session): + """ + 測試目標: GET /api/rankings/total + + 測試資料: 5名員工,不同積分 + + 預期結果: + - 狀態碼: 200 + - 按積分降序排列 + - 包含所有必要資訊 + """ + # 建立測試資料 + employees = [ + ("員工A", 150), + ("員工B", 120), + ("員工C", 100), + ("員工D", 80), + ("員工E", 50), + ] + + for name, points in employees: + emp = EmployeePoints( + employee_name=name, + department="技術部", + position="工程師", + total_points=points, + monthly_points=points + ) + db_session.add(emp) + db_session.commit() + + response = client.get('/api/rankings/total') + + assert response.status_code == 200 + + data = response.get_json() + rankings = data['rankings'] + + assert len(rankings) == 5 + assert rankings[0]['employee_name'] == '員工A' + assert rankings[0]['rank'] == 1 + assert rankings[0]['total_points'] == 150 + + # 驗證排序 + for i in range(len(rankings) - 1): + assert rankings[i]['total_points'] >= rankings[i+1]['total_points'] + + def test_get_total_rankings_with_department_filter(self, client, db_session): + """ + 測試目標: GET /api/rankings/total?department=技術部 + + 測試資料: + - 技術部: 3名員工 + - 業務部: 2名員工 + + 預期結果: 只回傳技術部的3名員工 + """ + employees = [ + ("員工A", "技術部", 100), + ("員工B", "技術部", 80), + ("員工C", "技術部", 60), + ("員工D", "業務部", 90), + ("員工E", "業務部", 70), + ] + + for name, dept, points in employees: + emp = EmployeePoints( + employee_name=name, + department=dept, + position="工程師", + total_points=points, + monthly_points=points + ) + db_session.add(emp) + db_session.commit() + + response = client.get('/api/rankings/total?department=技術部') + + assert response.status_code == 200 + + data = response.get_json() + rankings = data['rankings'] + + assert len(rankings) == 3 + for ranking in rankings: + assert ranking['department'] == '技術部' + + def test_get_monthly_rankings_success(self, client, db_session): + """ + 測試目標: GET /api/rankings/monthly?year=2025&month=10 + + 測試步驟: + 1. 建立月度排名資料 + 2. 查詢特定月份排名 + + 預期結果: + - 狀態碼: 200 + - 回傳該月份的排名資料 + """ + from datetime import date + + ranking_month = date(2025, 10, 1) + + rankings_data = [ + ("員工A", 100, 1), + ("員工B", 80, 2), + ("員工C", 60, 3), + ] + + for name, points, rank in rankings_data: + ranking = MonthlyRanking( + ranking_month=ranking_month, + employee_name=name, + department="技術部", + position="工程師", + total_points=points, + ranking=rank + ) + db_session.add(ranking) + db_session.commit() + + response = client.get('/api/rankings/monthly?year=2025&month=10') + + assert response.status_code == 200 + + data = response.get_json() + assert data['year'] == 2025 + assert data['month'] == 10 + assert len(data['rankings']) == 3 + + def test_post_calculate_rankings_success(self, client, db_session): + """ + 測試目標: POST /api/rankings/calculate + + 測試步驟: + 1. 建立員工積分資料 + 2. 呼叫排名計算API + 3. 驗證排名已生成 + + 預期結果: + - 狀態碼: 200 + - monthly_rankings表有新資料 + - monthly_points已重置 + """ + # 建立測試資料 + employees = [ + ("員工A", 100), + ("員工B", 80), + ] + + for name, points in employees: + emp = EmployeePoints( + employee_name=name, + department="技術部", + position="工程師", + total_points=points, + monthly_points=points + ) + db_session.add(emp) + db_session.commit() + + # 呼叫計算API + response = client.post( + '/api/rankings/calculate', + json={"year": 2025, "month": 10} + ) + + assert response.status_code == 200 + + data = response.get_json() + assert data['success'] is True + + # 驗證排名已生成 + from datetime import date + rankings = db_session.query(MonthlyRanking).filter_by( + ranking_month=date(2025, 10, 1) + ).all() + + assert len(rankings) == 2 + + # 驗證monthly_points已重置 + for emp_name, _ in employees: + emp = db_session.query(EmployeePoints).filter_by( + employee_name=emp_name + ).first() + assert emp.monthly_points == 0 +``` + +--- + +## 7. 資料匯出測試 + +**測試檔案**: `tests/integration/test_export.py` + +```python +class TestExportFunctionality: + """資料匯出功能測試""" + + def test_export_assessments_to_excel(self, client, db_session): + """ + 測試目標: GET /api/export/assessments?format=excel + + 測試步驟: + 1. 建立測試資料 + 2. 請求Excel匯出 + 3. 驗證檔案格式與內容 + + 預期結果: + - 狀態碼: 200 + - Content-Type: application/vnd.openxmlformats-officedocument.spreadsheetml.sheet + - 檔案可被openpyxl讀取 + """ + # 建立測試資料 + for i in range(5): + assessment = Assessment( + department="技術部", + position="工程師" + str(i), + employee_name="員工" + str(i), + assessment_data={"L1": ["能力1"]} + ) + db_session.add(assessment) + db_session.commit() + + response = client.get('/api/export/assessments?format=excel') + + assert response.status_code == 200 + assert 'application/vnd.openxmlformats' in response.content_type + + # 驗證Excel檔案可讀取 + import io + from openpyxl import load_workbook + + excel_file = io.BytesIO(response.data) + workbook = load_workbook(excel_file) + sheet = workbook.active + + # 驗證有表頭 + assert sheet.cell(1, 1).value is not None + + # 驗證有資料(5筆 + 1筆表頭) + assert sheet.max_row == 6 + + def test_export_assessments_to_csv(self, client, db_session): + """ + 測試目標: GET /api/export/assessments?format=csv + + 預期結果: + - 狀態碼: 200 + - Content-Type: text/csv + - UTF-8 BOM編碼(Excel相容) + """ + # 建立測試資料 + assessment = Assessment( + department="技術部", + position="工程師", + employee_name="測試員工", + assessment_data={} + ) + db_session.add(assessment) + db_session.commit() + + response = client.get('/api/export/assessments?format=csv') + + assert response.status_code == 200 + assert 'text/csv' in response.content_type + + # 驗證UTF-8 BOM + assert response.data.startswith(b'\xef\xbb\xbf') + + def test_export_star_feedbacks_with_filters(self, client, db_session): + """ + 測試目標: 匯出時套用篩選條件 + + 測試資料: + - 技術部: 3筆 + - 業務部: 2筆 + + 篩選條件: department=技術部 + + 預期結果: 只匯出技術部的3筆資料 + """ + # 建立測試資料 + for i in range(3): + feedback = StarFeedback( + evaluator_name="主管", + evaluatee_name=f"員工{i}", + evaluatee_department="技術部", + evaluatee_position="工程師", + situation="S", task="T", action="A", result="R", + score=3, + feedback_date="2025-10-15" + ) + db_session.add(feedback) + + for i in range(2): + feedback = StarFeedback( + evaluator_name="主管", + evaluatee_name=f"員工{i+10}", + evaluatee_department="業務部", + evaluatee_position="專員", + situation="S", task="T", action="A", result="R", + score=3, + feedback_date="2025-10-15" + ) + db_session.add(feedback) + db_session.commit() + + response = client.get( + '/api/export/star-feedbacks?format=excel&department=技術部' + ) + + assert response.status_code == 200 + + # 驗證只有技術部資料 + import io + from openpyxl import load_workbook + + excel_file = io.BytesIO(response.data) + workbook = load_workbook(excel_file) + sheet = workbook.active + + # 3筆資料 + 1筆表頭 + assert sheet.max_row == 4 + + def test_export_invalid_format(self, client): + """ + 測試目標: 無效的匯出格式 + + 測試案例: format=pdf (不支援) + + 預期結果: + - 狀態碼: 400 + - 錯誤訊息 + """ + response = client.get('/api/export/assessments?format=pdf') + + assert response.status_code == 400 + data = response.get_json() + assert data['success'] is False + assert 'format' in data['message'].lower() +``` + +--- + +## 8. 端到端測試 (E2E) + +**測試檔案**: `tests/e2e/test_workflows.py` + +```python +class TestCompleteWorkflows: + """完整業務流程端到端測試""" + + def test_complete_assessment_workflow(self, client, db_session, sample_capability): + """ + 測試目標: 完整評估流程 + + 流程步驟: + 1. 取得能力項目清單 + 2. 提交評估 + 3. 查詢評估記錄 + 4. 驗證資料正確 + + 預期結果: 整個流程順利完成 + """ + # Step 1: 建立能力項目 + db_session.add(sample_capability) + db_session.commit() + + # Step 2: 取得能力清單 + response1 = client.get('/api/capabilities') + assert response1.status_code == 200 + capabilities = response1.get_json()['capabilities'] + assert len(capabilities) > 0 + + # Step 3: 提交評估 + assessment_data = { + "department": "技術部", + "position": "工程師", + "employee_name": "測試員工", + "assessment_data": { + "L1": [capabilities[0]['name']], + "L2": [], + "L3": [], + "L4": [], + "L5": [] + } + } + + response2 = client.post('/api/assessments', json=assessment_data) + assert response2.status_code == 201 + assessment_id = response2.get_json()['assessment_id'] + + # Step 4: 查詢評估記錄 + response3 = client.get('/api/assessments') + assert response3.status_code == 200 + assessments = response3.get_json()['assessments'] + + # Step 5: 驗證資料 + found = False + for assessment in assessments: + if assessment['id'] == assessment_id: + found = True + assert assessment['department'] == "技術部" + assert assessment['employee_name'] == "測試員工" + break + + assert found is True + + def test_complete_star_feedback_and_ranking_workflow(self, client, db_session): + """ + 測試目標: STAR回饋到排名的完整流程 + + 流程步驟: + 1. 提交多筆STAR回饋給不同員工 + 2. 驗證積分更新 + 3. 計算月度排名 + 4. 查詢排行榜 + 5. 驗證排名正確 + + 預期結果: 積分與排名完整運作 + """ + # Step 1: 提交回饋給員工A (評分5) + feedback_a = { + "evaluator_name": "主管1", + "evaluatee_name": "員工A", + "evaluatee_department": "技術部", + "evaluatee_position": "工程師", + "situation": "情境描述需要足夠長度才能通過驗證測試", + "task": "任務描述需要足夠長度才能通過驗證測試", + "action": "行動描述需要足夠長度才能通過驗證測試", + "result": "結果描述需要足夠長度才能通過驗證測試", + "score": 5, + "feedback_date": "2025-10-15" + } + + response1 = client.post('/api/star-feedbacks', json=feedback_a) + assert response1.status_code == 201 + assert response1.get_json()['points_earned'] == 50 + + # Step 2: 提交回饋給員工B (評分3) + feedback_b = feedback_a.copy() + feedback_b['evaluatee_name'] = "員工B" + feedback_b['score'] = 3 + + response2 = client.post('/api/star-feedbacks', json=feedback_b) + assert response2.status_code == 201 + assert response2.get_json()['points_earned'] == 30 + + # Step 3: 驗證積分 + emp_a = db_session.query(EmployeePoints).filter_by( + employee_name="員工A" + ).first() + emp_b = db_session.query(EmployeePoints).filter_by( + employee_name="員工B" + ).first() + + assert emp_a.total_points == 50 + assert emp_b.total_points == 30 + + # Step 4: 計算排名 + response3 = client.post( + '/api/rankings/calculate', + json={"year": 2025, "month": 10} + ) + assert response3.status_code == 200 + + # Step 5: 查詢排行榜 + response4 = client.get('/api/rankings/monthly?year=2025&month=10') + assert response4.status_code == 200 + + rankings = response4.get_json()['rankings'] + assert len(rankings) == 2 + + # Step 6: 驗證排名順序 + assert rankings[0]['employee_name'] == "員工A" + assert rankings[0]['ranking'] == 1 + assert rankings[0]['total_points'] == 50 + + assert rankings[1]['employee_name'] == "員工B" + assert rankings[1]['ranking'] == 2 + assert rankings[1]['total_points'] == 30 + + # Step 7: 驗證月度積分已重置 + emp_a_updated = db_session.query(EmployeePoints).filter_by( + employee_name="員工A" + ).first() + + assert emp_a_updated.total_points == 50 # 保持 + assert emp_a_updated.monthly_points == 0 # 重置 + + def test_export_after_data_creation(self, client, db_session): + """ + 測試目標: 建立資料後匯出 + + 流程步驟: + 1. 建立評估與回饋資料 + 2. 匯出Excel + 3. 匯出CSV + 4. 驗證檔案內容 + + 預期結果: 匯出檔案包含所有建立的資料 + """ + # Step 1: 建立評估資料 + assessment = Assessment( + department="技術部", + position="工程師", + employee_name="匯出測試員工", + assessment_data={"L1": ["能力1"]} + ) + db_session.add(assessment) + db_session.commit() + + # Step 2: 匯出Excel + response1 = client.get('/api/export/assessments?format=excel') + assert response1.status_code == 200 + + import io + from openpyxl import load_workbook + + excel_file = io.BytesIO(response1.data) + workbook = load_workbook(excel_file) + sheet = workbook.active + + # 驗證資料存在 + found = False + for row in sheet.iter_rows(min_row=2, values_only=True): + if "匯出測試員工" in str(row): + found = True + break + + assert found is True + + # Step 3: 匯出CSV + response2 = client.get('/api/export/assessments?format=csv') + assert response2.status_code == 200 + assert "匯出測試員工" in response2.data.decode('utf-8-sig') +``` + +--- + +## 9. 效能測試 + +**測試檔案**: `tests/performance/test_performance.py` + +```python +import time +import pytest + +class TestPerformance: + """效能測試""" + + def test_api_response_time_under_500ms(self, client, db_session): + """ + 測試目標: API回應時間 < 500ms + + 測試API: GET /api/capabilities + + 預期結果: 95%請求在500ms內完成 + """ + # 準備資料 + for i in range(10): + capability = Capability( + name=f"能力{i}", + l1_description="描述", + l2_description="描述", + l3_description="描述", + l4_description="描述", + l5_description="描述" + ) + db_session.add(capability) + db_session.commit() + + # 執行100次請求 + response_times = [] + for _ in range(100): + start_time = time.time() + response = client.get('/api/capabilities') + end_time = time.time() + + assert response.status_code == 200 + response_times.append((end_time - start_time) * 1000) # 轉為毫秒 + + # 計算95百分位數 + response_times.sort() + p95_index = int(len(response_times) * 0.95) + p95_time = response_times[p95_index] + + print(f"\n95th percentile response time: {p95_time:.2f}ms") + assert p95_time < 500, f"95th percentile ({p95_time:.2f}ms) exceeds 500ms" + + def test_database_query_optimization(self, db_session): + """ + 測試目標: 資料庫查詢效能 + + 測試情境: 查詢1000筆資料並分頁 + + 預期結果: 單次查詢 < 100ms + """ + # 建立1000筆測試資料 + for i in range(1000): + assessment = Assessment( + department=f"部門{i % 10}", + position=f"職位{i % 5}", + assessment_data={} + ) + db_session.add(assessment) + db_session.commit() + + # 測試分頁查詢 + start_time = time.time() + + results = db_session.query(Assessment)\ + .filter_by(department="部門1")\ + .limit(20)\ + .offset(0)\ + .all() + + end_time = time.time() + query_time = (end_time - start_time) * 1000 + + print(f"\nQuery time: {query_time:.2f}ms") + assert query_time < 100, f"Query time ({query_time:.2f}ms) exceeds 100ms" + + def test_concurrent_requests(self, client): + """ + 測試目標: 並發請求處理 + + 測試情境: 50個並發請求 + + 預期結果: 所有請求成功完成 + """ + import concurrent.futures + + def make_request(): + response = client.get('/api/capabilities') + return response.status_code + + # 執行50個並發請求 + with concurrent.futures.ThreadPoolExecutor(max_workers=50) as executor: + futures = [executor.submit(make_request) for _ in range(50)] + results = [f.result() for f in concurrent.futures.as_completed(futures)] + + # 驗證所有請求成功 + assert all(status == 200 for status in results) + assert len(results) == 50 +``` + +--- + +## 10. 測試執行與CI/CD + +### 10.1 本地測試執行 + +```bash +# 安裝測試依賴 +pip install pytest pytest-cov pytest-mock + +# 執行所有測試 +pytest + +# 執行特定測試檔案 +pytest tests/unit/test_models.py + +# 執行特定測試類別 +pytest tests/unit/test_models.py::TestAssessmentModel + +# 執行特定測試案例 +pytest tests/unit/test_models.py::TestAssessmentModel::test_create_assessment_success + +# 顯示詳細輸出 +pytest -v + +# 產生覆蓋率報告 +pytest --cov=app --cov-report=html + +# 只執行失敗的測試 +pytest --lf + +# 並行執行測試 +pytest -n auto +``` + +### 10.2 pytest.ini 配置 + +```ini +[pytest] +# 測試路徑 +testpaths = tests + +# Python檔案模式 +python_files = test_*.py + +# 測試類別模式 +python_classes = Test* + +# 測試函數模式 +python_functions = test_* + +# 標記 +markers = + unit: Unit tests + integration: Integration tests + e2e: End-to-end tests + slow: Slow running tests + performance: Performance tests + +# 覆蓋率設定 +addopts = + --strict-markers + --cov=app + --cov-report=term-missing + --cov-report=html + --cov-fail-under=70 + -ra + +# 忽略警告 +filterwarnings = + ignore::DeprecationWarning +``` + +### 10.3 GitHub Actions CI/CD + +**.github/workflows/tests.yml**: + +```yaml +name: Tests + +on: + push: + branches: [ main, develop ] + pull_request: + branches: [ main, develop ] + +jobs: + test: + runs-on: ubuntu-latest + + services: + mysql: + image: mysql:8.0 + env: + MYSQL_ROOT_PASSWORD: test_password + MYSQL_DATABASE: test_db + ports: + - 3306:3306 + options: >- + --health-cmd="mysqladmin ping" + --health-interval=10s + --health-timeout=5s + --health-retries=3 + + steps: + - uses: actions/checkout@v3 + + - name: Set up Python + uses: actions/setup-python@v4 + with: + python-version: '3.10' + + - name: Install dependencies + run: | + python -m pip install --upgrade pip + pip install -r requirements.txt + pip install pytest pytest-cov + + - name: Wait for MySQL + run: | + while ! mysqladmin ping -h"127.0.0.1" -P3306 --silent; do + sleep 1 + done + + - name: Run unit tests + env: + DB_HOST: 127.0.0.1 + DB_PORT: 3306 + DB_NAME: test_db + DB_USER: root + DB_PASSWORD: test_password + SECRET_KEY: test_secret_key_for_ci + run: | + pytest tests/unit -v --cov=app --cov-report=xml + + - name: Run integration tests + env: + DB_HOST: 127.0.0.1 + DB_PORT: 3306 + DB_NAME: test_db + DB_USER: root + DB_PASSWORD: test_password + SECRET_KEY: test_secret_key_for_ci + run: | + pytest tests/integration -v + + - name: Upload coverage to Codecov + uses: codecov/codecov-action@v3 + with: + file: ./coverage.xml + fail_ci_if_error: true +``` + +### 10.4 測試報告範例 + +``` +======================== test session starts ========================= +platform linux -- Python 3.10.0, pytest-7.4.0, pluggy-1.3.0 +rootdir: /app +plugins: cov-4.1.0 +collected 156 items + +tests/unit/test_models.py::TestAssessmentModel::test_create_assessment_success PASSED [ 1%] +tests/unit/test_models.py::TestAssessmentModel::test_assessment_requires_department PASSED [ 2%] +tests/unit/test_models.py::TestAssessmentModel::test_assessment_json_serialization PASSED [ 3%] +... +tests/e2e/test_workflows.py::TestCompleteWorkflows::test_complete_star_feedback_and_ranking_workflow PASSED [100%] + +---------- coverage: platform linux, python 3.10.0 ----------- +Name Stmts Miss Cover Missing +------------------------------------------------------------ +app/__init__.py 45 2 96% 78-79 +app/models.py 120 8 93% 45, 89-95 +app/routes.py 230 15 93% 125, 189-195, 256 +app/services.py 145 5 97% 78-82 +app/validators.py 95 3 97% 56-58 +app/utils.py 40 1 98% 23 +------------------------------------------------------------ +TOTAL 675 34 95% + +===================== 156 passed in 45.23s ====================== +``` + +--- + +## 11. 測試資料管理 + +### 11.1 測試資料Fixtures + +**tests/fixtures/sample_data.py**: + +```python +"""測試資料fixtures""" + +def get_sample_assessments(): + """範例評估資料集""" + return [ + { + "department": "技術部", + "position": "資深工程師", + "employee_name": "張三", + "assessment_data": { + "L1": [], + "L2": ["程式設計與開發"], + "L3": ["系統分析與設計"], + "L4": ["專案管理"], + "L5": [] + } + }, + { + "department": "業務部", + "position": "業務經理", + "employee_name": "李四", + "assessment_data": { + "L1": [], + "L2": [], + "L3": ["客戶關係管理"], + "L4": ["業務策略規劃"], + "L5": [] + } + } + ] + +def get_sample_star_feedbacks(): + """範例STAR回饋資料集""" + return [ + { + "evaluator_name": "王主管", + "evaluatee_name": "張三", + "evaluatee_department": "技術部", + "evaluatee_position": "資深工程師", + "situation": "專案進度落後,客戶要求提前交付核心功能", + "task": "需要在一週內完成原本規劃兩週的開發任務", + "action": "重新評估優先級,與團隊協調資源分配,採用敏捷開發方法快速迭代", + "result": "成功提前三天交付功能,客戶滿意度提升,專案獲得額外預算", + "score": 5, + "feedback_date": "2025-10-01" + }, + { + "evaluator_name": "陳主管", + "evaluatee_name": "李四", + "evaluatee_department": "業務部", + "evaluatee_position": "業務經理", + "situation": "重要客戶考慮終止合作,需要緊急挽回", + "task": "在一個月內重建客戶信任並續約", + "action": "深入了解客戶痛點,提出客製化解決方案,每週親自拜訪追蹤", + "result": "客戶決定不僅續約還擴大合作範圍,年度合約金額增加30%", + "score": 5, + "feedback_date": "2025-10-05" + } + ] + +def get_sample_capabilities(): + """範例能力項目資料集""" + return [ + { + "name": "程式設計與開發", + "l1_description": "能撰寫基本程式碼,完成簡單功能", + "l2_description": "能獨立開發中等複雜度功能,遵循編碼規範", + "l3_description": "能設計系統架構,優化程式效能", + "l4_description": "能指導團隊技術方向,制定開發標準", + "l5_description": "能規劃技術策略,引領技術創新" + }, + { + "name": "專案管理", + "l1_description": "能執行分配的任務,按時回報進度", + "l2_description": "能獨立管理小型專案,協調資源", + "l3_description": "能處理複雜專案,解決跨部門協作問題", + "l4_description": "能領導多個專案,培養專案經理", + "l5_description": "能制定專案管理策略,建立PMO體系" + } + ] +``` + +### 11.2 資料庫Seed腳本 + +**tests/seed_test_data.py**: + +```python +"""測試資料庫初始化腳本""" + +from app import create_app, db +from app.models import Assessment, Capability, StarFeedback, EmployeePoints +from tests.fixtures.sample_data import ( + get_sample_assessments, + get_sample_star_feedbacks, + get_sample_capabilities +) + +def seed_test_database(): + """初始化測試資料庫""" + app = create_app('testing') + + with app.app_context(): + # 清空資料庫 + db.drop_all() + db.create_all() + + # 建立能力項目 + for cap_data in get_sample_capabilities(): + capability = Capability(**cap_data) + db.session.add(capability) + + # 建立評估資料 + for assess_data in get_sample_assessments(): + assessment = Assessment(**assess_data) + db.session.add(assessment) + + # 建立STAR回饋 + for feedback_data in get_sample_star_feedbacks(): + feedback = StarFeedback(**feedback_data) + db.session.add(feedback) + + # 更新員工積分 + emp_name = feedback_data['evaluatee_name'] + points = feedback_data['score'] * 10 + + employee = db.session.query(EmployeePoints).filter_by( + employee_name=emp_name + ).first() + + if not employee: + employee = EmployeePoints( + employee_name=emp_name, + department=feedback_data['evaluatee_department'], + position=feedback_data['evaluatee_position'], + total_points=points, + monthly_points=points + ) + db.session.add(employee) + else: + employee.total_points += points + employee.monthly_points += points + + db.session.commit() + print("✅ 測試資料初始化完成") + +if __name__ == '__main__': + seed_test_database() +``` + +--- + +## 12. 測試最佳實踐 + +### 12.1 TDD開發流程 + +``` +1. 寫一個失敗的測試 (RED) + ├── 明確定義預期行為 + ├── 寫出測試案例 + └── 執行測試,確認失敗 + +2. 寫最小程式碼讓測試通過 (GREEN) + ├── 實作功能邏輯 + ├── 執行測試 + └── 確認測試通過 + +3. 重構程式碼 (REFACTOR) + ├── 優化程式結構 + ├── 移除重複代碼 + ├── 改善可讀性 + └── 確保測試仍然通過 + +4. 重複循環 + └── 繼續下一個功能 +``` + +### 12.2 測試命名規範 + +```python +# ✅ 好的測試名稱 +def test_create_assessment_with_valid_data_should_succeed(): + """測試名稱清楚描述: 動作 + 條件 + 預期結果""" + pass + +def test_calculate_points_with_score_5_should_return_50(): + """明確的輸入與輸出""" + pass + +# ❌ 不好的測試名稱 +def test_assessment(): + """太籠統""" + pass + +def test_1(): + """無意義""" + pass +``` + +### 12.3 測試獨立性原則 + +```python +# ✅ 每個測試獨立運作 +class TestIndependent: + def test_case_1(self, db_session): + # 測試1有自己的資料 + data = create_test_data() + # ... 執行測試 + + def test_case_2(self, db_session): + # 測試2不依賴測試1 + data = create_different_test_data() + # ... 執行測試 + +# ❌ 測試之間有依賴性 +class TestDependent: + shared_data = None + + def test_case_1(self): + self.shared_data = create_data() + + def test_case_2(self): + # 依賴test_case_1的結果 ❌ + use_data(self.shared_data) +``` + +### 12.4 AAA模式 + +```python +def test_with_aaa_pattern(): + """ + AAA模式: Arrange-Act-Assert + """ + # Arrange (準備): 設定測試資料與環境 + employee = EmployeePoints( + employee_name="測試員工", + department="技術部", + position="工程師" + ) + initial_points = 30 + additional_points = 20 + + # Act (執行): 執行要測試的操作 + employee.total_points = initial_points + employee.total_points += additional_points + + # Assert (驗證): 驗證結果 + assert employee.total_points == 50 +``` + +### 12.5 測試覆蓋率目標 + +``` +優先級排序: +1. 🔴 核心業務邏輯: 100% (積分計算、排名邏輯) +2. 🟡 API端點: 100% (所有路由) +3. 🟡 資料模型: 90%+ (CRUD操作) +4. 🟢 工具函數: 80%+ (輔助功能) +5. 🟢 UI邏輯: 70%+ (前端交互) + +不追求100%覆蓋率: +- 簡單的getter/setter +- 框架自動生成的程式碼 +- 第三方套件整合 +``` + +--- + +## 13. 持續改進 + +### 13.1 測試債務追蹤 + +| 項目 | 當前狀態 | 目標 | 優先級 | +|-----|---------|------|--------| +| 單元測試覆蓋率 | 75% | 80%+ | 🔴 高 | +| 整合測試 | 60% | 70%+ | 🟡 中 | +| E2E測試 | 核心流程 | 完整流程 | 🟡 中 | +| 效能測試 | 基礎 | 完整benchmark | 🟢 低 | +| 安全測試 | 未實作 | SQL注入、XSS測試 | 🔴 高 | + +### 13.2 測試審查檢查清單 + +``` +□ 測試名稱清晰描述意圖 +□ 使用AAA模式組織測試 +□ 測試獨立且可重複執行 +□ 包含正常與異常情境 +□ 驗證邊界條件 +□ Mock外部依賴 +□ 測試執行速度合理(<10s) +□ 有適當的測試文件 +``` + +### 13.3 定期測試維護 + +```python +# 每月審查 +- 移除過時的測試 +- 更新測試資料 +- 檢查測試執行時間 +- 修復不穩定的測試 + +# 每季審查 +- 評估測試覆蓋率 +- 重構重複的測試程式碼 +- 更新測試策略 +- 培訓團隊TDD實踐 +``` + +--- + +## 14. 附錄 + +### 14.1 常用測試指令 + +```bash +# 快速測試 +pytest -x # 遇到第一個失敗就停止 +pytest --lf # 只執行上次失敗的測試 +pytest -k "assessment" # 執行名稱包含"assessment"的測試 +pytest -m unit # 執行標記為unit的測試 + +# 覆蓋率相關 +pytest --cov=app # 顯示覆蓋率 +pytest --cov-report=html # HTML格式報告 +pytest --cov-report=term-missing # 顯示缺失的行號 + +# 效能分析 +pytest --durations=10 # 顯示最慢的10個測試 +pytest --profile # 執行效能分析 + +# 並行執行 +pytest -n 4 # 使用4個worker並行 +pytest -n auto # 自動決定worker數量 + +# Debug模式 +pytest --pdb # 失敗時進入debugger +pytest -s # 顯示print輸出 +pytest -vv # 非常詳細的輸出 +``` + +### 14.2 Mock範例 + +```python +from unittest.mock import Mock, patch + +def test_with_mock(db_session): + """使用Mock測試外部依賴""" + + # Mock資料庫查詢 + with patch('app.services.db_session.query') as mock_query: + mock_query.return_value.filter_by.return_value.first.return_value = Mock( + employee_name="測試員工", + total_points=100 + ) + + # 執行測試 + result = get_employee_points("測試員工") + + # 驗證 + assert result == 100 + mock_query.assert_called_once() +``` + +### 14.3 參考資源 + +- [pytest官方文件](https://docs.pytest.org/) +- [Test-Driven Development書籍](https://www.oreilly.com/library/view/test-driven-development/0321146530/) +- [Python Testing with pytest](https://pragprog.com/titles/bopytest/python-testing-with-pytest/) +- [Flask Testing文件](https://flask.palletsprojects.com/en/latest/testing/) + +--- + +**文件結束** + +**版本**: 1.0 +**最後更新**: 2025年10月15日 +**下次審查**: 2025年11月15日 \ No newline at end of file diff --git a/.claude/settings.local.json b/.claude/settings.local.json new file mode 100644 index 0000000..203289c --- /dev/null +++ b/.claude/settings.local.json @@ -0,0 +1,9 @@ +{ + "permissions": { + "allow": [ + "Bash(python -c:*)" + ], + "deny": [], + "ask": [] + } +} diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml new file mode 100644 index 0000000..14c1d97 --- /dev/null +++ b/.github/workflows/ci.yml @@ -0,0 +1,182 @@ +name: CI/CD Pipeline + +on: + push: + branches: [ main, develop ] + pull_request: + branches: [ main, develop ] + +jobs: + test: + runs-on: ubuntu-latest + + strategy: + matrix: + python-version: [3.8, 3.9, '3.10', '3.11'] + + services: + mysql: + image: mysql:5.7 + env: + MYSQL_ROOT_PASSWORD: root + MYSQL_DATABASE: partner_alignment_test + MYSQL_USER: test_user + MYSQL_PASSWORD: test_password + ports: + - 3306:3306 + options: --health-cmd="mysqladmin ping" --health-interval=10s --health-timeout=5s --health-retries=3 + + steps: + - uses: actions/checkout@v4 + + - name: Set up Python ${{ matrix.python-version }} + uses: actions/setup-python@v4 + with: + python-version: ${{ matrix.python-version }} + + - name: Cache pip dependencies + uses: actions/cache@v3 + with: + path: ~/.cache/pip + key: ${{ runner.os }}-pip-${{ hashFiles('**/requirements.txt') }} + restore-keys: | + ${{ runner.os }}-pip- + + - name: Install dependencies + run: | + python -m pip install --upgrade pip + pip install -r requirements.txt + + - name: Set up environment variables + run: | + echo "SECRET_KEY=test-secret-key" >> $GITHUB_ENV + echo "JWT_SECRET_KEY=test-jwt-secret-key" >> $GITHUB_ENV + echo "DB_HOST=127.0.0.1" >> $GITHUB_ENV + echo "DB_PORT=3306" >> $GITHUB_ENV + echo "DB_USER=test_user" >> $GITHUB_ENV + echo "DB_PASSWORD=test_password" >> $GITHUB_ENV + echo "DB_NAME=partner_alignment_test" >> $GITHUB_ENV + echo "ENABLE_REGISTRATION=True" >> $GITHUB_ENV + echo "DEFAULT_ROLE=user" >> $GITHUB_ENV + + - name: Wait for MySQL + run: | + while ! mysqladmin ping -h"127.0.0.1" -P3306 -u"test_user" -p"test_password" --silent; do + sleep 1 + done + + - name: Run linting + run: | + pip install flake8 + flake8 app.py models.py auth.py auth_routes.py dashboard_routes.py admin_routes.py init_system.py --max-line-length=120 --ignore=E501,W503 + + - name: Run unit tests + run: | + python -m pytest tests/unit/ -v --tb=short --cov=app --cov=models --cov=auth --cov=auth_routes --cov=dashboard_routes --cov=admin_routes --cov-report=xml --cov-report=term-missing + + - name: Run integration tests + run: | + python -m pytest tests/integration/ -v --tb=short + + - name: Run API tests + run: | + python -m pytest tests/api/ -v --tb=short + + - name: Run all tests with coverage + run: | + python -m pytest tests/ -v --tb=short --cov=app --cov=models --cov=auth --cov=auth_routes --cov=dashboard_routes --cov=admin_routes --cov-report=xml --cov-report=html:htmlcov --cov-report=term-missing --cov-fail-under=80 + + - name: Upload coverage to Codecov + uses: codecov/codecov-action@v3 + with: + file: ./coverage.xml + flags: unittests + name: codecov-umbrella + fail_ci_if_error: false + + security: + runs-on: ubuntu-latest + + steps: + - uses: actions/checkout@v4 + + - name: Set up Python + uses: actions/setup-python@v4 + with: + python-version: '3.10' + + - name: Install security tools + run: | + python -m pip install --upgrade pip + pip install bandit safety + + - name: Run Bandit security scan + run: | + bandit -r app.py models.py auth.py auth_routes.py dashboard_routes.py admin_routes.py init_system.py -f json -o bandit-report.json || true + + - name: Run Safety check + run: | + safety check --json --output safety-report.json || true + + - name: Upload security reports + uses: actions/upload-artifact@v3 + with: + name: security-reports + path: | + bandit-report.json + safety-report.json + + build: + runs-on: ubuntu-latest + needs: [test, security] + + steps: + - uses: actions/checkout@v4 + + - name: Set up Python + uses: actions/setup-python@v4 + with: + python-version: '3.10' + + - name: Install dependencies + run: | + python -m pip install --upgrade pip + pip install -r requirements.txt + + - name: Build Docker image + run: | + docker build -t partner-alignment:latest . + + - name: Test Docker image + run: | + docker run --rm partner-alignment:latest python -c "import app; print('App imports successfully')" + + deploy-staging: + runs-on: ubuntu-latest + needs: [build] + if: github.ref == 'refs/heads/develop' + + steps: + - uses: actions/checkout@v4 + + - name: Deploy to staging + run: | + echo "Deploying to staging environment..." + # Add your staging deployment commands here + # Example: kubectl apply -f k8s/staging/ + # Example: docker push your-registry/partner-alignment:staging + + deploy-production: + runs-on: ubuntu-latest + needs: [build] + if: github.ref == 'refs/heads/main' + + steps: + - uses: actions/checkout@v4 + + - name: Deploy to production + run: | + echo "Deploying to production environment..." + # Add your production deployment commands here + # Example: kubectl apply -f k8s/production/ + # Example: docker push your-registry/partner-alignment:latest diff --git a/FEATURES_COMPLETED.md b/FEATURES_COMPLETED.md new file mode 100644 index 0000000..76aac29 --- /dev/null +++ b/FEATURES_COMPLETED.md @@ -0,0 +1,114 @@ +# 夥伴對齊系統 - 功能完成總結 + +## ✅ 已完成的功能 + +### 🔐 認證系統 +- **JWT 令牌認證**: 安全的用戶認證機制 +- **角色權限管理**: 管理員、HR主管、一般用戶三種角色 +- **測試帳號**: 提供三個等級的測試帳號,登入頁面顯示帳號資訊 +- **快速登入**: 一鍵填入測試帳號資訊 + +### 📊 個人儀表板 +- **積分追蹤**: 總積分、本月積分顯示 +- **排名顯示**: 當前排名和百分位數 +- **最近活動**: 顯示用戶最近的操作記錄 +- **成就徽章**: 展示用戶獲得的成就 +- **績效圖表**: 使用 Chart.js 顯示積分趨勢 + +### 🏆 高級排名系統 +- **百分位數計算**: 精確的排名百分位數 +- **等級系統**: 大師、專家、熟練、良好、基礎五個等級 +- **高級篩選**: 部門、職位、積分範圍篩選 +- **統計分析**: 平均分、中位數、標準差等統計信息 +- **視覺化排名**: 美觀的排名列表顯示 + +### 🔔 通知系統 +- **實時通知**: 成就獲得、排名變化、新回饋通知 +- **通知分類**: 不同類型的通知使用不同圖標和顏色 +- **已讀管理**: 標記已讀、全部已讀功能 +- **時間顯示**: 智能時間格式(剛剛、分鐘前、小時前等) +- **通知徽章**: 導航欄顯示未讀通知數量 + +### 👥 管理界面 +- **用戶管理**: 查看所有用戶信息,管理用戶狀態 +- **統計概覽**: 總用戶數、活躍用戶、評估數、回饋數 +- **部門分析**: 部門分布統計 +- **積分分析**: 積分統計和趨勢分析 +- **數據刷新**: 實時更新管理數據 + +### 📋 核心功能 +- **能力評估**: 拖拽式能力評估系統 +- **STAR回饋**: 結構化回饋收集 +- **數據導出**: Excel/CSV 格式數據導出 +- **響應式設計**: 支持各種設備尺寸 + +## 🎯 技術特色 + +### 前端技術 +- **Bootstrap 5**: 現代化 UI 框架 +- **Chart.js**: 數據可視化 +- **Bootstrap Icons**: 豐富的圖標庫 +- **響應式設計**: 適配各種屏幕尺寸 + +### 後端技術 +- **Flask**: 輕量級 Python Web 框架 +- **SQLAlchemy**: 強大的 ORM +- **SQLite**: 輕量級數據庫(易於部署) +- **JWT**: 安全的認證機制 + +### 數據庫設計 +- **用戶管理**: 用戶、角色、權限表 +- **評估系統**: 能力、評估、回饋表 +- **積分系統**: 員工積分、排名表 +- **通知系統**: 通知、審計日誌表 + +## 🚀 部署說明 + +### 快速啟動 +1. 運行 `run.bat` 腳本 +2. 自動創建虛擬環境 +3. 安裝必要依賴 +4. 創建測試帳號 +5. 啟動應用程式 + +### 測試帳號 +- **管理員**: `admin` / `admin123` +- **HR主管**: `hr_manager` / `hr123` +- **一般用戶**: `user` / `user123` + +### 訪問地址 +- 本地訪問: `http://localhost:5000` +- 網絡訪問: `http://[IP地址]:5000` + +## 📈 系統優勢 + +### 用戶體驗 +- **直觀界面**: 清晰的導航和操作流程 +- **快速響應**: 優化的前端交互 +- **豐富反饋**: 多種通知和提示機制 +- **數據可視化**: 圖表和統計信息展示 + +### 管理功能 +- **全面監控**: 用戶活動和系統統計 +- **靈活篩選**: 多維度數據篩選 +- **實時更新**: 動態數據刷新 +- **權限控制**: 基於角色的訪問控制 + +### 技術架構 +- **模組化設計**: 清晰的代碼結構 +- **可擴展性**: 易於添加新功能 +- **安全性**: JWT 認證和權限管理 +- **可維護性**: 良好的代碼組織 + +## 🎉 完成狀態 + +所有 TODO 項目已完成: +- ✅ 個人儀表板功能 +- ✅ 高級排名系統 +- ✅ 通知系統 +- ✅ 管理界面 +- ✅ 審計日誌系統 +- ✅ 測試帳號創建 + +系統已完全可用,具備完整的夥伴對齊功能! + diff --git a/PROJECT_SUMMARY.md b/PROJECT_SUMMARY.md new file mode 100644 index 0000000..34746cc --- /dev/null +++ b/PROJECT_SUMMARY.md @@ -0,0 +1,376 @@ +# 夥伴對齊系統 - 專案總結 + +## ✅ 專案狀態 + +**狀態:** 已完成並可正常運行 +**日期:** 2025-01-17 +**版本:** 1.0.0 (簡化版) + +--- + +## 📁 專案結構 + +### 核心文件 + +``` +1015 partner alignment V2/ +├── simple_app.py # 主應用程式(簡化版,使用 SQLite) +├── config.py # 配置檔案(生產環境用) +├── requirements.txt # Python 依賴套件 +├── requirements-simple.txt # 簡化版依賴套件 +├── run.bat # Windows 啟動腳本 +├── setup.bat # Windows 安裝腳本 +├── README.md # 專案說明 +├── security-fixes.md # 安全審計報告 +├── FEATURES_COMPLETED.md # 功能完成清單 +│ +├── static/ # 靜態資源 +│ ├── css/ +│ │ └── style.css # 樣式表 +│ └── js/ +│ ├── app.js # 主應用程式 JavaScript +│ ├── admin.js # 管理功能 JavaScript +│ └── assessment.js # 評估功能 JavaScript +│ +├── templates/ # HTML 模板 +│ └── index.html # 主頁面 +│ +├── instance/ # 實例目錄 +│ └── partner_alignment.db # SQLite 資料庫 +│ +└── venv/ # Python 虛擬環境 +``` + +--- + +## 🚀 快速開始 + +### 方法 1: 使用 run.bat(推薦) + +```bash +# 雙擊運行或在命令提示字元中執行 +run.bat +``` + +### 方法 2: 手動啟動 + +```bash +# 1. 創建虛擬環境 +py -m venv venv + +# 2. 啟動虛擬環境 +venv\Scripts\activate + +# 3. 安裝依賴 +pip install -r requirements-simple.txt + +# 4. 啟動應用程式 +py simple_app.py +``` + +### 訪問應用程式 + +打開瀏覽器訪問:`http://localhost:5000` + +--- + +## 🔑 測試帳號 + +| 角色 | 用戶名 | 密碼 | 權限 | +|------|--------|------|------| +| 管理員 | admin | admin123 | 所有功能 | +| HR主管 | hr_manager | hr123 | 管理功能 | +| 一般用戶 | user | user123 | 基本功能 | + +**注意:** 這些是測試帳號,登入頁面會顯示這些資訊。 + +--- + +## ✨ 主要功能 + +### 1. 認證系統 +- ✅ 用戶登入/註冊 +- ✅ 測試帳號快速登入 +- ✅ 用戶信息顯示 +- ✅ 登出功能 + +### 2. 個人儀表板 +- ✅ 積分追蹤(總積分、本月積分) +- ✅ 排名顯示 +- ✅ 最近活動 +- ✅ 成就徽章 +- ✅ 績效圖表(Chart.js) + +### 3. 能力評估 +- ✅ 拖拽式評估界面 +- ✅ 多層級能力評估(L1-L5) +- ✅ 評估記錄管理 + +### 4. STAR 回饋系統 +- ✅ 結構化回饋收集 +- ✅ Situation-Task-Action-Result 框架 +- ✅ 評分系統(1-5分) +- ✅ 積分計算 + +### 5. 排名系統 +- ✅ 總排名 +- ✅ 月度排名 +- ✅ 百分位數計算 +- ✅ 等級系統(大師、專家、熟練、良好、基礎) +- ✅ 高級篩選(部門、職位、積分範圍) +- ✅ 統計分析(平均、中位數、標準差) + +### 6. 通知系統 +- ✅ 實時通知 +- ✅ 通知分類(成就、排名、回饋、系統) +- ✅ 已讀管理 +- ✅ 智能時間顯示 + +### 7. 管理界面 +- ✅ 用戶管理 +- ✅ 統計概覽 +- ✅ 部門分析 +- ✅ 積分分析 + +### 8. 數據導出 +- ✅ CSV 格式導出 +- ✅ Excel 格式導出(需要 pandas) + +--- + +## 🗄️ 資料庫 + +### 當前使用:SQLite + +**資料庫位置:** `instance/partner_alignment.db` + +**優勢:** +- 無需安裝額外資料庫服務 +- 開箱即用 +- 適合開發和小型部署 + +**生產環境建議:** 使用 MySQL 或 PostgreSQL + +### 資料表結構 + +1. **users** - 用戶帳號 +2. **roles** - 角色定義 +3. **user_roles** - 用戶角色關聯 +4. **capabilities** - 能力項目 +5. **assessments** - 評估記錄 +6. **star_feedbacks** - STAR 回饋 +7. **employee_points** - 員工積分 +8. **notifications** - 通知 +9. **audit_logs** - 審計日誌 +10. **permissions** - 權限定義 +11. **role_permissions** - 角色權限關聯 +12. **monthly_rankings** - 月度排名 + +--- + +## 🛠️ 技術棧 + +### 前端 +- **HTML5** - 結構 +- **Bootstrap 5** - UI 框架 +- **Bootstrap Icons** - 圖標庫 +- **Chart.js** - 數據可視化 +- **JavaScript (Vanilla)** - 交互邏輯 + +### 後端 +- **Flask 2.3.3** - Web 框架 +- **SQLAlchemy 3.0.5** - ORM +- **Flask-CORS 4.0.0** - 跨域支持 +- **Flask-Login 0.6.3** - 用戶會話管理 +- **Flask-JWT-Extended 4.5.2** - JWT 認證 +- **Flask-Bcrypt 1.0.1** - 密碼哈希 +- **APScheduler 3.10.4** - 定時任務 + +### 資料庫 +- **SQLite** - 開發環境 +- **MySQL 5.7+** - 生產環境(可選) + +--- + +## ⚠️ 安全注意事項 + +### 當前實現(簡化版) + +**僅適用於開發環境!** + +1. **密碼存儲** + - ❌ 密碼直接存儲在資料庫 + - ❌ 沒有使用密碼哈希 + - ⚠️ 生產環境必須使用 Flask-Bcrypt + +2. **令牌驗證** + - ❌ 簡單的令牌格式 + - ❌ 沒有簽名驗證 + - ❌ 沒有過期檢查 + - ⚠️ 生產環境必須使用 JWT + +3. **HTTPS** + - ❌ 使用 HTTP + - ❌ 沒有 TLS/SSL + - ⚠️ 生產環境必須使用 HTTPS + +### 生產環境檢查清單 + +在部署到生產環境前,必須完成: + +- [ ] 實現密碼哈希(Flask-Bcrypt) +- [ ] 實現 JWT 令牌驗證 +- [ ] 配置 HTTPS/TLS +- [ ] 設置安全頭部 +- [ ] 實現速率限制 +- [ ] 添加輸入驗證 +- [ ] 設置日誌和監控 +- [ ] 配置防火牆規則 +- [ ] 設置自動備份 +- [ ] 進行安全測試 + +**詳細安全審計報告請參閱:** `security-fixes.md` + +--- + +## 📊 性能優化 + +### 當前狀態 +- ✅ 響應式設計 +- ✅ 前端資源優化(CDN) +- ✅ 資料庫索引 +- ✅ 懶加載 + +### 建議改進 +- [ ] 添加 Redis 緩存 +- [ ] 實現資料庫連接池 +- [ ] 添加 CDN 加速 +- [ ] 實現前端資源壓縮 +- [ ] 添加圖片優化 + +--- + +## 🐛 已知問題 + +1. **Windows 終端編碼** + - 問題:emoji 字符無法顯示 + - 狀態:已修復(移除 emoji) + +2. **簡化版認證** + - 問題:沒有真正的令牌驗證 + - 狀態:已知限制,僅用於開發 + +3. **密碼安全** + - 問題:密碼未哈希 + - 狀態:已知限制,僅用於開發 + +--- + +## 📈 未來改進 + +### 短期(1-2 週) +- [ ] 實現密碼哈希 +- [ ] 添加 JWT 令牌驗證 +- [ ] 實現角色權限控制 +- [ ] 添加輸入驗證 +- [ ] 實現速率限制 + +### 中期(1-2 個月) +- [ ] 配置 HTTPS +- [ ] 添加單元測試 +- [ ] 實現 CI/CD +- [ ] 添加監控和日誌 +- [ ] 性能優化 + +### 長期(3-6 個月) +- [ ] 移動端應用 +- [ ] 實時通知(WebSocket) +- [ ] 高級分析報表 +- [ ] 多語言支持 +- [ ] 第三方整合 + +--- + +## 📞 支援與文檔 + +### 文檔 +- `README.md` - 專案說明 +- `security-fixes.md` - 安全審計報告 +- `FEATURES_COMPLETED.md` - 功能完成清單 +- `PROJECT_SUMMARY.md` - 本文件 + +### 常見問題 + +**Q: 如何重置資料庫?** +```bash +# 刪除資料庫文件 +del instance\partner_alignment.db + +# 重新啟動應用程式 +py simple_app.py +``` + +**Q: 如何查看資料庫內容?** +```bash +# 使用 SQLite 命令行工具 +sqlite3 instance\partner_alignment.db +.tables +SELECT * FROM users; +``` + +**Q: 如何添加新用戶?** +- 方法 1: 使用註冊功能 +- 方法 2: 直接操作資料庫 +- 方法 3: 修改 `simple_app.py` 中的 `create_sample_data()` 函數 + +--- + +## 🎯 專案目標 + +### 已完成 ✅ +- [x] 基礎架構搭建 +- [x] 認證系統 +- [x] 個人儀表板 +- [x] 能力評估系統 +- [x] STAR 回饋系統 +- [x] 排名系統 +- [x] 通知系統 +- [x] 管理界面 +- [x] 數據導出 +- [x] 響應式設計 + +### 進行中 🔄 +- [ ] 安全加固 +- [ ] 性能優化 +- [ ] 測試覆蓋 + +### 規劃中 📋 +- [ ] 生產環境部署 +- [ ] 移動端支持 +- [ ] 高級分析 + +--- + +## 📝 版本歷史 + +### v1.0.0 (2025-01-17) +- ✅ 初始版本發布 +- ✅ 所有核心功能完成 +- ✅ 測試帳號創建 +- ✅ 登入界面修復 +- ✅ 安全審計完成 + +--- + +## 🙏 致謝 + +感謝所有參與專案開發和測試的人員。 + +--- + +**最後更新:** 2025-01-17 +**維護者:** 開發團隊 +**許可證:** 專有軟體 + + + diff --git a/README.md b/README.md new file mode 100644 index 0000000..d5efcb4 --- /dev/null +++ b/README.md @@ -0,0 +1,390 @@ +# 夥伴對齊系統 (Partner Alignment System) + +一個基於 Flask 的現代化夥伴對齊管理系統,提供能力評估、STAR 回饋、排名系統和全面的用戶管理功能。 + +## 🌟 主要功能 + +### 🔐 認證與授權 +- **JWT 認證**: 安全的令牌基礎認證系統 +- **角色權限管理**: 靈活的角色和權限控制 +- **用戶註冊/登入**: 完整的用戶生命週期管理 +- **會話管理**: 安全的會話和令牌刷新機制 + +### 📊 個人儀表板 +- **積分追蹤**: 實時顯示總積分和月度積分 +- **排名顯示**: 部門排名和總排名 +- **通知中心**: 系統通知和成就提醒 +- **活動記錄**: 個人活動和成就歷史 + +### 📝 能力評估系統 +- **拖拽式評估**: 直觀的能力等級評估界面 +- **多維度評估**: 支持多種能力項目的評估 +- **評估歷史**: 完整的評估記錄和追蹤 +- **數據導出**: Excel/CSV 格式的評估數據導出 + +### ⭐ STAR 回饋系統 +- **結構化回饋**: 基於 STAR 方法的回饋收集 +- **積分獎勵**: 自動積分計算和分配 +- **回饋追蹤**: 完整的回饋歷史記錄 +- **績效分析**: 基於回饋的績效分析 + +### 🏆 排名系統 +- **實時排名**: 總排名和月度排名 +- **百分位計算**: 精確的排名百分位顯示 +- **部門篩選**: 按部門查看排名 +- **排名歷史**: 排名變化和趨勢分析 + +### 👥 管理功能 +- **用戶管理**: 完整的用戶 CRUD 操作 +- **角色管理**: 角色創建、分配和權限管理 +- **審計日誌**: 完整的系統操作記錄 +- **數據管理**: 評估和回饋數據管理 + +## 🏗️ 技術架構 + +### 後端技術棧 +- **Flask 2.3.3**: Web 框架 +- **SQLAlchemy**: ORM 數據庫操作 +- **MySQL 5.7+**: 主數據庫 +- **JWT**: 認證令牌 +- **Flask-Login**: 會話管理 +- **Flask-Bcrypt**: 密碼加密 +- **APScheduler**: 定時任務 + +### 前端技術棧 +- **HTML5**: 語義化標記 +- **Bootstrap 5**: 響應式 UI 框架 +- **JavaScript ES6+**: 現代 JavaScript +- **Fetch API**: 異步數據請求 +- **CSS3**: 現代樣式和動畫 + +### 開發工具 +- **pytest**: 測試框架 +- **Docker**: 容器化部署 +- **GitHub Actions**: CI/CD 流水線 +- **Nginx**: 反向代理和負載均衡 + +## 📁 項目結構 + +``` +partner-alignment-system/ +├── app.py # 主應用程式文件 +├── config.py # 配置文件 +├── models.py # 數據模型 +├── auth.py # 認證邏輯 +├── auth_routes.py # 認證路由 +├── dashboard_routes.py # 儀表板路由 +├── admin_routes.py # 管理路由 +├── init_system.py # 系統初始化 +├── requirements.txt # Python 依賴 +├── pytest.ini # 測試配置 +├── conftest.py # 測試配置 +├── run_tests.py # 測試運行器 +├── Dockerfile # Docker 配置 +├── docker-compose.yml # Docker Compose 配置 +├── nginx.conf # Nginx 配置 +├── templates/ # HTML 模板 +│ └── index.html # 主頁面 +├── static/ # 靜態文件 +│ ├── css/ +│ │ └── style.css # 樣式文件 +│ └── js/ +│ └── app.js # 前端邏輯 +├── tests/ # 測試文件 +│ ├── unit/ # 單元測試 +│ ├── integration/ # 集成測試 +│ ├── api/ # API 測試 +│ └── e2e/ # 端到端測試 +├── .github/ # GitHub 配置 +│ └── workflows/ +│ └── ci.yml # CI/CD 流水線 +├── SETUP.md # 設置指南 +├── DEPLOYMENT.md # 部署指南 +└── README.md # 項目說明 +``` + +## 🚀 快速開始 + +### 1. 環境要求 +- Python 3.8+ +- MySQL 5.7+ +- Node.js (可選,用於前端開發) + +### 2. 安裝依賴 +```bash +# 克隆項目 +git clone +cd partner-alignment-system + +# 創建虛擬環境 +python -m venv venv +source venv/bin/activate # Linux/Mac +# 或 +venv\Scripts\activate # Windows + +# 安裝依賴 +pip install -r requirements.txt +``` + +### 3. 配置環境 +```bash +# 複製環境變量模板 +cp .env.example .env + +# 編輯環境變量 +nano .env +``` + +### 4. 初始化數據庫 +```bash +# 創建數據庫表 +python init_db.py + +# 初始化系統數據 +python init_system.py +``` + +### 5. 運行應用程式 +```bash +# 開發模式 +python app.py + +# 或使用 Flask 命令 +flask run + +# 生產模式 +gunicorn -c gunicorn.conf.py app:app +``` + +### 6. 訪問系統 +打開瀏覽器訪問 `http://localhost:5000` + +**默認管理員帳號:** +- 用戶名: `admin` +- 密碼: `admin123` + +## 🧪 測試 + +### 運行所有測試 +```bash +python run_tests.py --type all +``` + +### 運行特定測試 +```bash +# 單元測試 +python run_tests.py --type unit + +# API 測試 +python run_tests.py --type api + +# 認證測試 +python run_tests.py --type auth +``` + +### 生成覆蓋率報告 +```bash +python run_tests.py --coverage +``` + +## 🐳 Docker 部署 + +### 使用 Docker Compose +```bash +# 啟動所有服務 +docker-compose up -d + +# 查看日誌 +docker-compose logs -f app + +# 停止服務 +docker-compose down +``` + +### 單獨使用 Docker +```bash +# 構建鏡像 +docker build -t partner-alignment . + +# 運行容器 +docker run -d -p 5000:5000 partner-alignment +``` + +## 📊 數據庫設計 + +### 主要表結構 +- **users**: 用戶信息 +- **roles**: 角色定義 +- **permissions**: 權限定義 +- **assessments**: 能力評估 +- **capabilities**: 能力項目 +- **star_feedbacks**: STAR 回饋 +- **employee_points**: 員工積分 +- **monthly_rankings**: 月度排名 +- **audit_logs**: 審計日誌 +- **notifications**: 通知消息 + +### 關係設計 +- 用戶與角色:多對多關係 +- 角色與權限:多對多關係 +- 用戶與評估:一對多關係 +- 用戶與回饋:一對多關係(評估者和被評估者) + +## 🔒 安全特性 + +### 認證安全 +- JWT 令牌認證 +- 密碼哈希加密 +- 會話超時管理 +- 令牌刷新機制 + +### 授權控制 +- 基於角色的訪問控制 (RBAC) +- 細粒度權限管理 +- API 端點保護 +- 前端路由守衛 + +### 數據安全 +- SQL 注入防護 +- XSS 攻擊防護 +- CSRF 保護 +- 安全標頭配置 + +### 審計追蹤 +- 完整的操作日誌 +- 用戶行為追蹤 +- 系統事件記錄 +- 安全事件監控 + +## 📈 性能優化 + +### 數據庫優化 +- 索引優化 +- 查詢優化 +- 連接池配置 +- 緩存策略 + +### 應用程式優化 +- 異步處理 +- 緩存機制 +- 靜態文件優化 +- 壓縮配置 + +### 前端優化 +- 資源壓縮 +- 懶加載 +- 緩存策略 +- CDN 配置 + +## 🔧 配置選項 + +### 環境變量 +```bash +# 應用程式配置 +SECRET_KEY=your-secret-key +JWT_SECRET_KEY=your-jwt-secret +FLASK_ENV=production + +# 數據庫配置 +DB_HOST=localhost +DB_PORT=3306 +DB_USER=username +DB_PASSWORD=password +DB_NAME=database_name + +# 認證配置 +ENABLE_REGISTRATION=True +DEFAULT_ROLE=user +SESSION_TIMEOUT=3600 + +# 郵件配置 +MAIL_SERVER=smtp.gmail.com +MAIL_PORT=587 +MAIL_USE_TLS=True +MAIL_USERNAME=your-email +MAIL_PASSWORD=your-password +``` + +## 📚 API 文檔 + +### 認證端點 +- `POST /api/auth/register` - 用戶註冊 +- `POST /api/auth/login` - 用戶登入 +- `POST /api/auth/refresh` - 刷新令牌 +- `GET /api/auth/protected` - 受保護端點測試 + +### 評估端點 +- `GET /api/capabilities` - 獲取能力項目 +- `POST /api/assessments` - 創建評估 +- `GET /api/assessments` - 獲取評估列表 + +### 回饋端點 +- `POST /api/star-feedbacks` - 創建 STAR 回饋 +- `GET /api/star-feedbacks` - 獲取回饋列表 + +### 排名端點 +- `GET /api/rankings/total` - 獲取總排名 +- `GET /api/rankings/monthly` - 獲取月度排名 + +### 管理端點 +- `GET /api/admin/users` - 獲取用戶列表 +- `POST /api/admin/users` - 創建用戶 +- `PUT /api/admin/users/{id}` - 更新用戶 +- `DELETE /api/admin/users/{id}` - 刪除用戶 + +### 儀表板端點 +- `GET /api/dashboard/me` - 獲取個人儀表板數據 +- `POST /api/dashboard/notifications/{id}/read` - 標記通知為已讀 + +## 🤝 貢獻指南 + +### 開發流程 +1. Fork 項目 +2. 創建功能分支 +3. 提交更改 +4. 創建 Pull Request + +### 代碼規範 +- 遵循 PEP 8 規範 +- 使用類型提示 +- 編寫單元測試 +- 更新文檔 + +### 提交規範 +``` +feat: 新功能 +fix: 修復問題 +docs: 文檔更新 +style: 代碼格式 +refactor: 重構 +test: 測試 +chore: 構建過程 +``` + +## 📄 許可證 + +本項目採用 MIT 許可證 - 查看 [LICENSE](LICENSE) 文件了解詳情。 + +## 📞 支持與聯繫 + +### 問題報告 +- GitHub Issues: [創建問題](https://github.com/your-org/partner-alignment/issues) +- 郵箱支持: support@company.com + +### 文檔 +- 在線文檔: [https://docs.company.com](https://docs.company.com) +- API 文檔: [https://api-docs.company.com](https://api-docs.company.com) + +### 社區 +- 討論區: [GitHub Discussions](https://github.com/your-org/partner-alignment/discussions) +- 技術博客: [https://blog.company.com](https://blog.company.com) + +## 🙏 致謝 + +感謝所有為這個項目做出貢獻的開發者和用戶。 + +--- + +**版本**: 2.0.0 +**最後更新**: 2024年10月 +**維護者**: 開發團隊 \ No newline at end of file diff --git a/__pycache__/admin_routes.cpython-313.pyc b/__pycache__/admin_routes.cpython-313.pyc new file mode 100644 index 0000000000000000000000000000000000000000..5b4000e124d571848e3e28014fb5e34f4e064541 GIT binary patch literal 24163 zcmeHvYgAm?t0-*v41bP8Nk`V$a=wZ1^Wy?k}DM2A&LqXpvY>UY_ zj+5z>($2C-(g8Z27MgaqQQEVN9raj~PF81Zcam9dXK{Tst135iT5F9ZTfYWba^ji! zGkc%=q;$cu)b2Guau=L)>OA&&+!Sm^v;<(CkBTz zhsI8Ej_%R%k+Cz${NdON%SY5f{}2=PbEf%vG4xz zL^}QS7%hx-V1lNhydPJJGms^iv^FKihnq+mMr@s+NBYO<97ikUw3vz;#PKQGR*I!^eAjIQavL$VcH3?E&cKy2 zsjqQde&&pEoiy(~w42}!iEB0iXA!AIw}|C(9M?#t zB2l?e!g?u76P2>YEv3|f9NZmS+^U8k8wuwq>VP5dwk8M%A*GIL7T@+=bLQpTIgR!W+leXyYJA0L$Pe0rV z)f&;xJ6nmj;XzHz2CdYdoHbg-?2R_@j)thizu`yT*CqB7bHuH2a~z(G<6p-IPE;+ep^{o!}sxc1@?KK%at_3VGSmYx3S!aS!R z2Q+g-1BDkgoIZ1AJjs~>5rABWY`iNs1|i_AgURs(ok7^c=@A@omf>`NVjwg8RFX5M zlL>m@^pS{-(+&@EW)$D4#3+wtfJOk}a0aBC zrjbc-j*&z<(+{v?IMtuXaMl4p1DWI?q>lk+G4Qy-kQvJ)Mrh=^bP!t^aMbCGTF#W7 z7#K*V)0`eaO5(<^ps;5Go*0!Cxc2hv*Z+LFJ#2_E{^Z!$2#r#XGXRjI&v3?};gL*|CbJ~-pv_Q9*I^a&z*s7i7*3^W ze1vIaZJhoI0Ach-{OusW$x@jCPQe{Gd4_HznS;sn0B0B&n}CjuV?#q}7=>YEcyt)X zkr)}_jEV8_WNMH`o=W4RO*deGPa@u>v7s?~G?AeZ4sn+5X9kkvWbJi;O(PC@_4rY* z!=`u(=voZ$4dfjB{p}ZKw;2nNfdZIA{ML_a%;_=BX_9H2Nl1BdyY{u8*t~gjbLipW zlgZG)*x+#L)QRTJ&D%owOr-!+1DZUQ!iOvLaLWk-75iy|y&K2Ra27*t>u7+DCeN|ER@UoTi__5=; zD%RbU?Z&aVu)E%=-j_1xCub*FcYV&?%($B`)w~&bJ#sn2v~;oVecA41n1L7jfqGw? z{aP-#g$Zt9gWFiw_N;*~v`yK*=g1oJF3+@m%04qV_t5O=`3+1}3+vjFbG0$9w#yq> zS69xppK0O-LEYgNdMYt zfRNK4eK2-x(uS`}JI^o&fR1$8Af=*$pr6Vc^>G&MT&k>Eb#f)$|IfW!GOAB*Wv{1oFQE6u)w}ka@;e5sZ#W-3n*AY|F-897wQIwAb zSG1}i1AfZ;g%H&zAcjXT+tw z`5jMrg@D~EQ|3-HU^fyguv^sxYCf)={kv;_|C8%KSm5DX#7JNTk0Z>Y7KXbaXVbHyU?HJetxcCNih#(o`Ai0J8uDR4r~or@hQ@)hQGjwZzWW6WLLbDuLl8tPWYC;bsbE9Q z>=bo{0M3#lu+9b&^JBtQ=4VVG=27^W##cZBXY@l@gNz@8lUU&ccqR~8?IEHIK-K%s zAnObR0`k|h{*77Z$407RK$CU;)>D)1&X<-=w@$UrbWiX3-kznhKt5QL4{uvYEi+VKO0BFacI5Lag94 zA<{5eT%X=9Da06?UL9Bn|LxHH@x`+3cZV@Lda9}argdXj*6D!gt=cZk`$e^Ne~IoF z8!PrZbiXudApJ{+0m4Z)ud{9HfNfB_@V4&ebVuVN@R%4!z3>3;D80TFObTLC* zyA$#f&^E4(83>TjjL3b08dFhj6w0MOW2P15CZSvwMCKLcJfP8xNF$9|R+RHVM>B#f zgj_M}igF$RX-4c)xlJhVCgUf-NL;-H47?9u7=OX+NT~=H2o&m$>&4oIYaKVNSZh13 zbzGwg7z!x=tHB0c%n>UBwTm|9B;sAZD=q*O$|s>j5Z4lv5X7~yPi~`$mG(uX)i8?d zK*Y6@mZ)m+q>P!Vp)0YLwwF4zr>5G$RCtrN_?6Whc zSm*kz{&&t&Q9f*3RX*Id0w-1xc_2pYWivIbEdYDWxdx`HF}v@DBY9iNxxqi%1AEn( zQ?pf&)0?-I&1_|DLD*%^bufX=koRET=9zJ`wkqK1bAG0BBjg><+k7+oSlIdp*UcSf zf-Tv7SL~H}oA-_`uwyT2K36k0nX7JD3N?$uDbxkK=j?&sl~xFHH@F@qc89?jNf)nBHK3kTdSO+3NuoWjZ3m2%zzwC6=d9$SM&wg5kZ>a?D9EKScu1Q^v5cbB z%q(J`z-RH5BNy;UQw&tpAWt-E+pNtRaAUzOk~}tWU0K0H9Rd&aiZlfts#CPl#ESZ) zZKk~Ozk`Q5g)NUOrR&tej7hBEp~Vv@!LDV0bYu2qo@4gVDaax0k{*N91PU%-qaS_a zXMDAfzV)MPZ@&KFUwrf04)pUE^l!8!LURTruj-Ax7DW5XB5Jy32xzin?V zbvXb5LRpC3s4S=C~5n73{niflB zVkyJ%hh#Y0C+VovES*s_0u@{$9bj!?u_&%XT_P|;LtGDx&s@Oxz@u*k!_R{fDIbpp#g700W|WP~(U)GgL)_WQKfebr4vr z0D=6QN>4(EZs3pUdVxvS-Vc*p4GMzJ0978n^IEpF0W3(O`6bM_!Y|jnQg@;5m4*uq z^QYPB9jvQ0=jvcw9jt3NZ~v%x!MZvNts^>vU>;bgZ_!;}z&@Kl5BvN)=7w9Sr+t1~ z*LDD3yC8gfyLI1s-8)ppzOe3{3Js>i1_;4ni#%(bEj@uYVq&Pn{eg6$)FwOq_IqZJ zxQlPosHxP&S2;z2f15|LSI76uPzS0>&b~XZ<_y!kTBGZIYi5bdO)b`)vx&c#@l+fVDFekV%NK6w} zULV&0Lo_IKCwaQRCkA$&$Fu+?0{)bK0?Mu>rihwzVcT3Ht9`-Of!O}hY)|;!m#`Y@8)zIP{WT1p z!{F-}JP!e<8%d^!A)OybFBTx~SLl5Wyz1D>^LRA0)40CiwgFz7JZQug2pR>{NUY_g zI-P}*y~qyB1a?>f>`>%ZHH@ofKC|emS#)j9xmp=lE9+{{8m@ZEReoy^q*GLf7%SF|1_Yb75s+|Xg&q?>3y48_iDT9 zskii=u3Gn7<()S8@pi2N!+PsJzwYg=75hB8cbpnXzvD4LxPs{+^C3)cAIQYd#)Jx$ zg4aw3Y(m}t;Ik?*XElbbhBRe11sHMd*3#Bi7%D{KTtlmk(;+f!X*K?o zq7*n*MIfj#aYYNs<|>aO8kW;y3f6_#y~X~;crB}J3J`I$Mx-FeQQW>3T(W2D{jHlq z=?dzDm=i{zGDFBk6;Z(jxf=_z;AhMQ*4p9%i*HG+^z%@Txq*g9Ve$0}yMRWqKWP`B ze6q{>B+t?K%3XlcZ@?#rzj9$0Kw^dX^RKk{@?r?=rLrVJA<{!X3?Z))L2U;qj%Y|k z)@hIC`zX^G0@}$9+P1<9CSKQzruX09I zCmUoHyAqVY^biI_D=kk(xhs*h()1Hp^GOVF_C$K~!WWf3MEHv0S2UyJr0Ex-bWj5V z*rer+sylH%;#JWwqfxcv{%xwDsRa{d``LEhyg7Gle*J|Li?-mRttDq`Wo)fETRUTG z7xg_&tLl4h+rglkFZP@pngZXYs+km1z6q_FqUBXE*50%jT-L1qb`fQ>KGuIC=l=@h{|f6rnLP;h*POkQu~+8o>lpjGxr0~ioA1g3i>_gh&OW-}e$)TD zpK*5-?5rfaD-UsCRlab$>;5LRyJA?@sfXyT%I*?~e%WL_5Y+v$t>S=R_bays(!cT> zAe;>GTQA=3D!fs-3u5l03xaa3ZY~zEh_h`<0jPV|0y$@&6XSK5K zirH7l<7NBdCQ*-7JNN9OdwT)5{lfHE^uL4Eo3yXsijX5+cqhq5?I*CfpS@92Qy`cFwhgxf}Tj){19hd z)DtNoEx76uhe$~$C0PgMcA#|clN?G5tb=BScE}>YW2;~tB(VY>+Z5U%p6~F7S->Z8 zrNRaL4+Zx@`pdB5y#56N{4xIJY{5*Nwo>V%q$qI{h0@1K6MnH9+aAC`P1EyzELhnm z-HUkz`W-#5334g9A<^=D3oEM_1)b=NsHjc<04iQVj`1NRkYo4(W6JMyJ>#usy&JQ( zs})s?X5Vk!LG-;B0F>x^U#Qs;{MCR>G|V>0dLG^zU-q4MnrlIIW9C&iq1#^GOW>-j zYBAWfw(jOrK#cdJw80JH^Ly*|g3_km+U3{1wY37xdrl3c-}V?FoU}EO1IwG>3{iU0 z#vjUV#~%aGR=QBZOIU&tUf+9T38=7Mc?S58XNtx3jagQ#%>AD!770^#ed1d>xtB7o zt?7dEvGR#zc;DkDHQkqjhKg}uZT%6PS&+^Fw!bQS=tIx)x!W(QXUTWHy?#Z{l7k;P zh5cD`_DVNEN)()(hLZ%6rmOlcR#C;o5jU(j2@L0!KNm$w1W7}L)8z#eO{zLJNi3@w ze%7)si@G(qlO{D?oG4o1Y_UmA{|34`wX?;w@(je3;%sr9m?y_lKl0h)cL1K?+2V*? zOH8SsgoRwSyKGa_v`O~`T0lD$U0f8!ZNUYnaP3fA?atexn+qz#PpFHMy5NFb1l$D| z04)*0iz;B|(4$kDJGV~9z&;e&`;WH@0NnK(+ z!(+jE6z?=XK#EhXsE?&pfu3@1cLKdgHNQ=4!}dh?xD!)&5S~Vxh~lsZKH@a;4$d(| zkHI%r#3Q$4iUbAXu<0%g_F>SCK@SG|F(`nM4`Lp^-So;up~)P%x0)m`B#>Jft`at{Z=fR|iQRcA}D1&}{M%@03=A_>=z>3|Z~Jf@*(2`1y{Y z;_UoFPUM#Qr#q%Pa;58-(sgsaY-tntU6hnhZ=BkgE2(Bms^{7+ZCNa-UM$&>HL0D* zRm;Ouy5)GrwcwPlFBjg*gtz|GoNGPue(RB6O|q?zG2zEpcVD*qceYaTyl!E&XV})` zO!zqKeiW;fD5^Cx;pT-$#Dl%RvlUBa6K-eSJF(SjC9vfdj^jR)3$}pAa4xum z3GQHnZNzBH7mEjSoo+l1J#%cXbN2YWkEv{Coh>|>pKbIu;d*~2;yWcAPv z%)OT1mX>9^@^%leTg`jRr-!D7@)d#eJ7;(1o43B{d($`5b^gHYfn4RL_bWGD&gA`7 z=j&(d^WmCYxP=L~NiuYXBBb4qvf5qXQy7#teFul_NA?z)Xm%+!Kh6h$| zCy)t{?L>!>-%jA>;2_njNl{=VgF^m_>cx~C%Vyy(k*X-MHUwymf zKE;&cKBxd40O`sPH>rS>XoW~gj>VM{T`BK+cE-L+k&2qxGm1K^f=kgNR8Ryz)!=1c zjaV;=3X+0L1O{TP1{KBm?UK)40lyD{Mmc3tj3-b)8h+lx3>xmF@`cX8d=E2_psuuP zYrQ`f`JnJ!zduqBY7iPemUOr8j}>^3`Jk`2JY@qO^tqq5xU_*@^DRX{kKC`|QsWFz zQ;j3s{fr!a;^PR8C~-aV(0P^^*)4e z`Ubv-$LMGIENf>P4;$m>RltV;VISv6C7fW9EOj|;9Y_*8o>f7 zTm$q&6R81Cm!24pAhO7reI7DBt{Z6I1oH_inGUHKhq=336Q;z;x{79N5i;^b!nA1s0e=FGV0{fSd!oQ13;N!s|4 zphtI_E5iFjlKc%S5pEElMX1o1u|q42R2;pNryveA&AFu{f3HbrWXN1GUsrLTIIrS| zvi?!%CymT)#cn|KcktkTfY+|}%b@ zJU07SuBs7E?=7JpL4dIbUfuv_>fQ%C*tVZ;_=k=Ebz`pmAk%)3Z9mLbA7SiAZt1iE z>xWk7+1fv=TQ*RZ3OMBE^G{DsP4eFpdR67wa1+eO=@!?~?Tn5{?H4G*$qM{{M5 zFlCRhWsl~{9$)JMsmJ)Q4843(JZF9h93BoaEr;0khgr{&oF~qB;;iS9 zoae-1--)ah=3YU7Ht#6$Y6t6Y&G~mT{@twqfvj^W*pLf0Gr{Iuu$2k6F4=uK`+CN{ zem=t3x4_Ut%Ar?%Vx=tWmnsA2duMxdl^fwC;{0Q5Woxc-H&eNrt$bk7T%Hd%n6Q@$FHrw7Q7rhGLXI|`NDtSUioPY-%~dcfPW9=$yq zJm~G|!SjWU_mAoiZaCOLz1v_tRH1u!Tg4%-?w?#5NdJ@90O65H9cSwA9~>L#@5eVd zk$#d!EYGU}@Ezw$NG|yzEB`HrE^5n*ME>}_Z-?N&ko7yVAX+UZUs|9(>yH{N+vE{D9matTixBRR;;+D(t%lmP} z`-BmTZG{2Ly>@E~M_e@TnJ25fxu9)jVZY7GM#x)!K@F0qSyvBLDyZ literal 0 HcmV?d00001 diff --git a/__pycache__/app.cpython-313.pyc b/__pycache__/app.cpython-313.pyc new file mode 100644 index 0000000000000000000000000000000000000000..80801c9ca2214edfda59b8ec857a3515dbbbcbbc GIT binary patch literal 24579 zcmd^ndsrOTm1p(4>2BzTh6b8$Xxu< zCqv5jmlrT=VtpqS`zyTnivuCw*|aq(A;#LBa_N=Jlul{Ei zd~Y)hwDzz(W5tm8G&SR4_GfyDm@ePt844w`y+d-281fzwL-Jj0mu2YlKf^F=1-pV> z$yTyeY&Ba`rDto|Rcsx*nq9-LrSWy_dbXb3z;0w4FkY=84f`AH%+3;qA)EGR7clHy zHO&4^+f-{+WHa#kIr(W~$or@mlJEOBi{s^CTFV&5Ec8^V_TzFbF(mc_q=63qtx*d( zFcuZwC&g0ooi(zX*v;&gdX0xUs5_|3XZEKX7+(qlPi2#ceSZe@!z6Q*$26(i4)!pc zGKHq^p zf0bwZ(Jp_V$A5HifDCzhh67zgy#oPXU+>T{&yn7~KFOprH|RUii^X{hJLDrf{Qm9(zOIM(Qg5JlsM9w*bO_nTd*^{c>@Ki+=)i!FbPI8#ue-lDfMGRnIecWO z6Njpo_`7-ALH|%Eru23LN5Dvz@FNHm^ctoUyIeWtNJ89SuMoOVo6p9F^O|%%PHo_cUCXUs(>2C%Pr@Lp^jWJ zB=>ijlAhZxS)f$1h$%M=XF<;ViLonRnz=Ib^xXGP&b{@@+&j~ACw?%0YL>U)>gn9$ z-PN?K4Ofw2fb_yL3LZD%RIBR4H8qTVzWVj2=bjwBa{8UQCtu;Uy@8&AE@`SjHvSqo z;McuCU>X4xF0V9=#1w|{V(EmdLz+bL&mj&^5%Zd=tz1j+0lW?*06E5MU{>=QSUJe_ zFsv1r-a+KZ!>``9VSi0cO|9p?URa!61KqHm_Se?bu7MR!h5~-#f#rKJfa}w9->Ut- z!NID*V|-HIfUmm~TjJea#1C?!6LT8+2D*HG!ObufvFuuSNH8172y@wLKY4uY_{q%eHWETyt#)A^mh&%IPC8lB1uq& z;H2b@!b%?;Bsdf#9SN=?-b8~K+3SuWb9uFykJ8zOlhSWiV z3rqY62#kfv`X%Gj)gxP@TEmIvN1G#BC#Q9uU3*bm@R6R;8BVl3)-tZSs7=RM(x`p% z@WkQiT+UJRuC^AFQbxO;XoEmT{_|}ktx;{N(7;sPMQvU*Z^cOKMXf7ZP=oip=!#mr zmwlj1i|BGWUG6otO1JX5hSBFOVrbFG=!`K2)?L&V0!y)21JsgZ>o01HJ}{?@G?P;7 zovOMEZqkK4$G_{ig5pIZtCDACxw`GRsTb7L(W*m3{e9&sf)esIhPEgSnvQ0Zb&$Rp z{(|^x!+4pUQw?ErSx8$(%N|dy_6_z{cZvF<*B|6HP22Cq`Q7gyIyBH7T*4iwU4gp| zg5ZXzaNX{TV^ttNRZ7BJ5|~T}PEUG)V1xyJpDL)XW`b%kU08;p0#y>0Vo8Pp(I|<@ zC8@}B!Ubh*2}uxz)HKCZTonlyl*NghaIxAd!(Mf3yI>Rr)d5va+^-f?d!QEqRS#3H zYr`Q<>J4`KK(#;O=PmI+0jl)gZeEK^m`~}e?dh_6nFuZfSB zTL@}7;sL@Z_4M}9B?_X=*Vjk%n6n89&Ka@=$z4bqk=%`BE0A(EX@DEA0j7f}YQ>dG zwSIh0NE75@mEcQ2Mi^LX>A4YmA!jd)*ef}E<*YVjuMF8YMeL27y)kUxINfqR^d-t&SE?EmW2Q~0_{f*mL z3$oE4U^*mCB+YqMHGuwmRG_?ZmV_x|y2H#=(JLFI`_&`B(1*!`;X0{DcgU8(FQr!5}Dgk7(n1dV2kR-5Wd$8#8NFnA+g~(ovV%ELXRJ!`wsmtF#fA!lZ=3h8H_r$m6 zzA-gFIzIQ*IpER|9Pa7@&5HtA(7(xX9QJlE{0twEOz>CXjnwQ0m_pE25Y{vPjwBy* zwFqE%UH5SRU{Fy12E+^~RW!ctZnPEp0aQ>4P_Co6#YY)OP$U@kowUx^-ShA)ySS- zrFuqnQM2tAX4fUVbE+v+y5)jy_DHC>DU`D_Y~S_Mx{$r?T}#_F9g~*-k%>ujMQxc; zd*+mdvlmBGGsX{dsrgZdbMnx{p{dV@9o3hzT<1(@Ow+4FW%XR)hH%!#Yi50#ex&&$ z8`=tBKb&ZLv~7IDMQ!dStzNJvGB|CK^MV;A!!iiq2rd|UwM2s@Gt$DSqE}<3G9kiksS5iQI z2elkbXKP2o~3df~@mO08eh5O=?%Cz_vr3 zBu^xcbnTi?^h5>yR4e=_LxdJ-CkC}=aIx8UY<@i&Fs zqMLKQXtgI?qCNsmBdrhE9Q!N54(uowi?`$GRERP8-VU}W_*c*A5*U^z+6+fLSyd#~?w=@T%e+uW5)6bNoQ~B&yFk2Zo2r^@6ddpq50? z)!peE0##s+lk>c8Xkf_K7uTW=pB*gE6m*c*M-B$5!XY@ggz6s;K3OlAo0LIb+t>S$ zpK461451S~fc=0ac^&L)^#^%9fJ4}d6Ii?t>+29(2C3R4hcN*R=z*RA((fA*R9zn= zl71lNNius0;~`kSrr6U!_mPLN)`LKT2t23?lhv3NHELY%$q_7#g=gV6h$*p?4Py|f6g{PdpC#yw&8-mvYSQQZfrj>+7K z+-P#@dEKIhN%Jf+YSgHp73~=#Em4Oj;wZW3C>b?HjrNGq$r+u|G}mP1L}k=j6meE_ z&gy7ZK_qJhm$f45E)_VslvjA}_?hD~6_JWQ#97Zd>%-2C*OCn`(;pZ^ zlKGm3$t?XSow3-XnFZ0*9AQYKw)AMaONxS`M}4hFi(juZ2;kRFt^6QtkXH7@c1V}P zU0hDo#P0$6ajN^@)5I6e`hd1w%jzq^^a|(_%zgvfW1_hZ_oP_d6uX;acT4P^9J{B` zyS82T@jItpX}=U66}wpLt<8CPl$2nBC`iRq0oEpllvI^inoX^@1oRyeAXidAifSiL zSa(PY$eSznMZSB{eonZ=v1QX>Lj%qGgiGWORH8vr)GOdOF>F#PDVBC!C2Z0J)qRqB zqb1?ACh?L=+QpnbYdWMoUy-kyesf*Bj>C;&6huk!7^vdYWBCw|1953`ss!hf0MhGY+tM}aJ$Wl6wnVaRbLpw1ccStNgrccb8lERJk{?P2<~bmGZ$S58`P}u+tBRM*eQ{I6Mxv z{18F{u%t**(%`&>D(6n22A|R|9Pq^A0@$2;@uh`Vo>l^zi zJ0{4e5-~f$0pg9pAp%=d{eD5`{Q-*vB37XYZ2a|0OLLfpI-WV!I^BlPKmVaK6}qn~s1haCgg zvXgE4k)0pq#=~6Lhjt-v?ufO3vlc|GD>>`R+0~)D_HrBV30YT$tlo%qA7|YcwmvYj z6RiiMEn;-PYjjV$Ib+o?jBc8c_pUK-dJ|`?dC!=4+3txtb3=Kc)@x`lS8{8j%JrcbIMQ?n?{Wvr7%h6lcq7#$&|5_@uL@wp3BQa?vhUcw{d<^osFl4AE&dG z4u$?7h1MId=DcKGHdXrcafLZ5I|v%7?$slssKqLRbhM}6~R@)1*r50m1+7Ysnqk5j=Tmaxn zqWTIF3UYn;5c=SLd`7OIqXU?lj|Ars!6_rC+5rqv`-NIEgAnD70|fnC4jdD(w3Z$+ zJ&Xkr-jW~^ne*lBo!<491O#V4Mz-2MaxdWE{yeKooR%8shII3Oq=jhobLc z@gK?>{Lcl!72$SP#FEQda+kpE{So(O&b|3U1?S!!wzV!n&5#FbeSO5eiF0qdpt?|b zAuqJ|p3r7**v*D*_e!w&tComo9p_mW@icIrhOlRIICV=Tbtjj)Qv%exR5GGYwU6wI z!ueTx(Z%$lQDfAY8Zl;Z#;jzaS9~B@F&&ZXK_w565B6uMMtEmZ#OG~N{2H zqENV_y>mEoi`zTbg4kEZsTDMX6E1Ya5hbe+7Gt~m4iqZ0M4`gjpb`j<<3j?DGBZjF zQIwwIh$!vpwoB*Mw^EP+4JbctM~?Wsc8%=N2g(l&{9*XL2JZvK>=w(&_jVm9Mg_19 zsY+^1uc$8dO1r_VUKZJ)1a`!fK%w|-*3hn%PfuZA)z~I%O6sUr-2!SULAD=&&}(oM zhI2CkYEjI>gKVR|b3t&u!JQM5AcJMNLuD}45EEFABAzc|=oFIeKwxV&Fbp^f@S`Ap zshq?^MJiFt4T6H9>?e1R?G`p1r|zFV@Om(0afK{(Bik=qvLlu}&XPB>{nzq73fmeZwkFQj^iy5f))ujOIhz-xX4~(l}gRxAw zlq~#q2JQQHu&=G)*;^;^EsCpvCIPExKIXX!2SW*11sp1rgkT)+3T_1=KT7C86tN&2 zQFYOaT9{gJXVOXTOkiHYQKe34zfu`dK&n!2bc$kBrz9}JKGuPY61euD-!`}->EhiZ ziXcTu1t+ECHeP!S_ME6BrFQ;_EY_hk>w@%V^e@{ORIXuPVD*VL@) zrp7RtggWIK@)F$0IV32t%2O4ECbb_?n-LEZl$?BWY@K!rd<_j&QI51Jc z4Xa)=B)D1WA(5)4pA@o;P}D?@=C(nx6QR&LqSR^Nyl~- zNO*I*nzew0Prg~gD;bMo-+*&zF9pm^lXyM^<|gbM3+85r4IyR+V4`(SQVk=5JDPB15Nxa$(;_L#`biW{n+cm&H%=3Vr)wk>Wq3HwwmL1FS|!bNFoM(C;^ZWXcruM-4-&9`m?ggVAO!{A zdnW`=!9k-J?ul0sL-5Cf!-`RQ<5fq4STW|EB_|RD?7uBrFWtj zMxijmOs7WjYv0YUrS{yt@D_^ZA^$OaW9JdDp#21`ck(iluOK-H1eC$wV3?ZLR2fKm zf_xP+hH)j#eeXNNxIX63j?O>##kuikug;8Kd1G?!jc33u54>OR!4|N?F`ozFa3mj7 zsp?8F`mytZfv*k13q8b)ajM=ZE2zqNeYd~Q4|e|<%u8SnjnKFg6qx7I35l%OUc^=` zqLRcjC>ajWo+)guIF}!G@=a(DJy3(kfS~7iTHGN?)NDPuer)~tj<7jrWLwl?JGpag z=lK0$iyQVxmRD(T+>n|Zu@!Q*!icScvsJvlDYBx8Tha8>d~QWc*tR=j+soO&v%ovD zYZ2Y^(I1b?tessw(#C1;Lhs?MDed$8ay}Xhl6I0-A z8l1xkmnfnG;LVJR6GYlc5NVo^^(odUZElM~5)Km7O3DmWoRTT5QQ9zuvI?pRQc-v% zTyfkgZ0Uo~m==|Ny&7sO>|H213c#KSEFrvLUn0)spcVE3&Dk@h#Y(d>Pad~`aSh=ZLJhJk?+u! zo_YYP)p*#U^H$4wVyN8!qh?`~@ik6()g1nbGY$H$_tuK#tfyFi~@KID*{(m zz#K4rq8`Jm^6looWRF{q#n$}4ea^?tx8+}RZc??K7hZIZ0ecew`@A-A#iVYN@Nxsb zX}kkoMzZ(=!C?aL9|pU6dvBzQ?kk?+og0c3=c~_yz4UujM)5B-(1f{n-oEnnr{_;Uw(!F9)Zykv+maWZV=oy5 z#h0S{dJhmEIacM_+voQM{T_Hl6dX_c#Owj$0e2eDR`x!R(3>h@+rc;hexrlOj`o3r ztll30uTnpG8~AxmO<#xOO~FHcfcW@!6}4*@ehQg48o}MPuNPis1m~dYM*`hd*virV zKB4JgqQZGR_wHpS`d zs-u0uqpzutTi`YEAt+UOFSzd>w~MiDy+P4$=|ElHo%K%jRJzBWGd*??tbhHw$TDioq*Fr7|+v|9&TL_B? zjeA(8pzs4K7Iq5(K`?ciN0?JOz%O8$;zB#9TBqqzy{6_>1#M(4RD__qs)kn`3aTL{ zz7vwvaL^wBGlp#Div?>Y-nBN)(ie-JQN`YbTmTa^l;7~JrkRJQ8>fBK?2PJ_vTrs0 z={mCem_0*v9ZE7L@=ri-s0#}ITwNmn1saU?h=d@_s~(B(5_uQ%!$78&uv)z3ZTM+6FH%?I1YWaZ&PSy5#OB;ABmBodp z==VQF-ycHHJ3p_79GEP;?g*B|bp(?SzGct{FZJ?TKw0og++lD_<2B&Dg@_A2meAz~ zXE(F3U^>w=U2v`LKvo|_f?a~I74-0W@ID_L9^&=1b*O&`785`=UPA_s5Dts!DIdWg zG95d~ptsm@#?8}*T!)gq@GAr-V9wFw47+o3<;2QJS^<|Gx~gwx8vPuZM2vhBBy{87^-XYRR*GZoVhM2fd?#aqJ8yGFtB$#T*>W)>Zn(WiL@ z=U73Vo69)|oI8|6T&p?P>Ps%qx#ly?)1SZ4&beA>G9E`nTpKvohS0{guxk%Mhm4rt zvX03tSadK(`}o1I!TsvtuN;nT1U?+fBw=eXG<-B&g93?Vljqyk~m*`IgaLoaL_Qa?R97OIvSlCN2B<>`{Hxm~zrGW*Of%**VcUeSbKk z@}jW{u;OKhb87Xp>h!vE4W}Dk+#GgPj5gr|;LK^telF{D7MI`f&8BdELpZx3lD(D7 z-g==aoW1*^rBy7IanX`@UC(5>#x=jZdsjHS`NyTR_na-9>N?%?;tJukdZz3A>i3-M z|6}R6K9t=YwK>pZeu_P}@AN+Sk-w)8!!PaL5^?X~+&eBD3A^`PwCxp3wZCU8yk>yr z7fno(6(_=Y<1;ByYsSgXk9|ID^-LE=U2CF+yP)G`CKx&!k|fg~8&xpk@1<_|-yg1J zoGq##0{)*gq_wQm{LEFlJ4yeK>rA`#hT~4U1scP4x9~;B>L|IdKL#rJ{}OojW6%k3 z8l$wA3GfIdTfzmYwuB^zLMrwy;eyn^2*87O6@VS2D!@5N^(3$bQAh;?Gx37dqQo=+ z%B44_vC`{fP)Edham5ttNatXzZi$D}PZU68h1i(bI0ccFVk)a=4RIjSNI~RHbts5L zBYJ(u~ zJc!hJCD0^4SL81NL@MwPJSjjd;My#K$bUNzaYlWI5)V2>pqA-vlzSwGZUaP0KuQ9U zXoDnN;s}ZGi$Z)QxR~v2N~j7^3L*^(km`0hR_?J9h=i950YoM(0g*`^yF{M$jV%F@ zEn>QSUj{^)0G=vyq1LTowz_>=SBev}3;zw^%A)2C_h>dVi}J$;G> zuY7lW{-v`tI5+wQ_?!?0pI4s!*4zv6bEOb}jjn4f%Q{_HvO4nCq4$@h`a6OA8W z2=>XC9m6J|?7fX%p$@r#IS5+_=r@M^9gyQ?ipXlIUm`_!1mrP8{vOGHLW0=xcav8}Sl6fRokX%KwfaHH5`JX__&E$V!cpM4EOV42F zpOO3vlHVa&L~;!YA|&!5kRZVFcz7hBqYTC0ll&``eGSGf_%_V$TL2`RD`G3)Yy}Zp z31=$_+seT0lmeu5H+r4Mz>wf`npYahTg&CGr5>jBTtPj!l13bLoTH8gYB@(O4U}~b9ddPd_{L6DMyb;qt^;qf2x8@!@JwNmEmG3?=_sk2i zcH`<@d3FXiH-*~pB_g?x$@m_&cF2L{HssH^X8v9F?asCxwBIX zXPy$86gU(fCiGx>3W~&YIRD%XD8qT08|xOD_OXQXqjPV(8SBdEn{#iR5z?=GS~gC?ZstJAZQSrKg1^fStK#zjXC$Kf;#|-yWxZgtml&muJ7Rq#*74 z!dGS%&U|hDxmV{#-xT^Tj$^F#ufBS7rTNkG(8u|aFJF1{8?<LH=+(cO|K{6QU;gryuRSWTOS^vc>nG+$zZ(C8Up;*aeu1lBJ+biOS*SgC>I<}Z zjNSNt(GB*6Q*VLMGdDg8zs$nq*~>qA?08b`s&!R0@UOOa)DG%K178919~g!&ejXaY z{XG26DBa~O-wJPJ;&)K#cLeEYlzq_5475YKJf7N!#5UVA9TeJ^cf*0 ze45H6r5{W14}p!;;Q;+bscVd278n~~K!^MMn~5E)0Qk=Yx5AdvqDG}s{f5~PW;VRf z$`W51qKoU}O6#VN zVCm{u+r@Eh*DPuwy0}**75B`nohifOb+O`W;~HPRsD_lqQF)Mz@H{8aKYR&d;b?~~B4p+wC2oH;*iE}VWCJ~{~*?$yzfebEwM zw8TpT?XVr5nzoq6xK~6=c0@~d(^SawCS>f2mcV~GqcFQLB?Q~PYZ-UVxbc_nQg~Zw zrVPlq3HQED6DEA+VCwjLwhH(>n7an%8|Y_eHe#FX}Mu#viv? op$X{wjUZ~rH}%an<{yghwl$Y(er~fh7ioT8s6tw5YF=abKgY>f00000 literal 0 HcmV?d00001 diff --git a/__pycache__/auth.cpython-313.pyc b/__pycache__/auth.cpython-313.pyc new file mode 100644 index 0000000000000000000000000000000000000000..28e9ab338c5c0dbd2d93ce31b1e5a663e9c9821d GIT binary patch literal 13759 zcmeHOYjjiBmA+THlCG}grzAh*m(0VqjBN~Y66~Z95+GQBNi8d-F^Q{K!YHvN=UgcS zPuejd6gz>zG$BA19Y~v`hCIk)@*?S^>9qYZ?GI^8EA@`2?aUxQ)|$0ya5_yhe`fD< zrK<-5lB~|ZIf;+%J!hZiJ?A^$-utkamnSd~?*8Q;cYo5zF#m}!$)HL+EOIQv9Alge zVVtZ}wS{%4h{}e~>Md#qM>vOuXdGIirD@z2or5R5Lr?S$fd~!*F*uCG=*S~^j(n0& zWi(p~9EGINQACOy#iW>~X}6dhW@4t#x-Axmg;*RVq=dfnTS`eOw5Q)v<|rrS4lA)b zDoBN+l2kgXNR^G*$uD7UPIQ-4I|VC4YMcg$ZO#&>(aJo;l3HgTyf1O)L%h^k0P!+s zA;im_MG)6Hiy^MBX7E2}snbNuG&s$WYIj;7ZXDq4Wg`y>>qEiaUVqTn?+*F`ew*9x zv0+kx_(tTEZ2?bc&?{_)oI$T>b9|%677RS>^@~lmkmw~gcSZ$Gw1#0X8S;rDR@lGW z+yAi7KOoHGcOQqS!}!Aej@1#Jh`l#odWi<3oFbeOR}Tcs)|#fH&BODLxMl zGq_jMB~m2Iqh12d%DH}81iAw~69xkVK7St$Pcp!BAQY5ejL8mS7L3J2N7py(7R5aQ z;_2J%7I)iK67PYo27Nz)W8Qqwg6DovKp zA*)W4RS$4>&4{hj?+g0egT4`O)>5&Fd&Qu4s6V+cu{vzu1b>UmAcFBKbAdb6sdjQL z>f{)mnl{xk#;)z!6taPE53b4hdvDF}`@5M_r~mlTp}AL{os?&<8_xZy0UKQTlXlcXDhB?YTY;`##~@BC3{^ejs>P$_&%0oTrMuiJxb z0iTE6dj|tJ8WwmauW&)n6&5ZqoW5`oM461m_0=XjAF7#s@`agW zW3$gcNoQTk>+HIB{npM6eRPURB}fn(Mzs)~g)Q$TBtS&`m^Ol6Rx0uNABB1OLc`B3 zx&*4p8h-uthEH&+{tCm#AztrMn;oaK^+k7}wSnySkxjizu>&1kC^@afZhMytPGPGv+>sg#jRU;Xj1M-*6% zuqxAmCIzBSwxgI~+>k$@>Qz9h8%t(|C5%%IwE-8^zV;k15^ zsCIg=+OnM0%AFr6>8-tE>9XYy)HOEPn_AW_>G+#(KYsh#>$H$QO1r8jy>>d&F#h<& z7=X*nn@<1{Q4f0kl8SgGt>|@={@p-1_$1j#2aqBPrpS+yxnv#mdo}!t0}zcepO!GZ zVQkI*Z%;fjr7MdSv|Tdf9ch26ePYLn$D)RYh@l}?aLe`5Tqib14a*~j<*|a+gk0Ft z@&+F@v_}l>Q1}mq74kOIL4(PlhX=aN9)LJwo2ioLcnG%5@MA8WvTb04IawEvr~CC6 za(8-5i56XqQ`OFPW4l=)$)}U;(2cGB3N5fs?n|_w=~bATi*d0owTp9UTw15LUF+Ao z^xcN6Zo;cenH%77#$EgI6y7 z_+uzx*OEJ-EV&CJNxv&JIM|1EN`l9WOcx0*fKxyOwjc0I2Jg`DU|_G;3woDi+^})e zde_#TzV7W?H%eSWdE#hsBfj;?iW~rLstq6~I+_O+Xx;s^);v)20wL1x?F;T5_DTlj z6=ZZCZx99`rjJmbi?NCLQ>R0?Oy$W*4FAP9XO123u-PpXD~Scir2&nU?1ka^27}P8 z2lq;vT|NRjs!;?rQUO<_EClJZr0oy*clib+H7J#mhJaQlLT`tMy?zhD7D3AZ4SLsZuiLD|-bu2q&Y7RHLoWBI07aYf8jh0o@i%XvDZ zc67r+A*0bpISce*V)sR^2I@4I9q%~W5jE9EO!cq!Mw{0~n%6~}?}{|v^^>k}&wW$P zywu^$T2~=H_W$z~m$O%!`alsXEG6MEHt}d=*SzxOBy597SO21xh38+?Yaq^0nbF`ykJw+q=gKeh`Z?Dq%uNO^;9F$nr2n%vw$ zikjq`SPR;k$WDyz$B2UnA%7@}nY#DLx|jiMT5O>STy3O0!dX zsWp!TApdVs@HL1)`7{(9=@{>b8fqejn#r=Tp(bot9W|_p7}iV~Iz~6l7z$zqEB^pe zYmcl2z=Ef!p*muyPBG|}029_Fr)!?CnJRA_-EfgBndYH*$llkeq?k-fiKQ!HmhXwu`azAtaZx&z^=&vYr|mZL*E>dxyGZd$s%y>-HNU zC>c^lbCDkHQW@C4`_|ue*G8vPwj(8smrl?OdBvPv1Y3b}F85$x|DfA9BuaU*6-Vr& zmS?FP>*?OOse7Yyb5=zvB0}3FgdNb{2|6a2wK>U{VPyx>m2O@asO?=QU_!DXpWkkv z!ypcGz` z$p(-zYe%} z>*lES-iY_&as4m^CE#wwoxX_F@&P#Q zT}&H`#{7qP*r_a-!&Ml-(^c&9#W<$XXUVnX=;d zC?1NGR-D{OpdEvTBM&B-mi$c)t}A0Ua3+u~EndK;R1a|JO({i@s~|FF1t+^wvDgi9 zy$Z&;IG9mzc|64TXibWfB)QA|YL{B!Ex;Oju@5w$b0UR!J*hKYljgF}qRQB#Spwg! z6^sEJ*jwAJ`xP)EizVvlcvzr_}a*0M_hjqz&(ZUd6ybo8ihgPcd1V;UQ?4R`|L z^#F6LdKY_^?K%smp`>bQl{oy+QXxIOQ{P-n9F3z1d+hDFfgT$sYb8fYNLd&yiX*}U zdlU9qfTWVpnFnQ32})hRgzkw*kUpEoJ;;=L`QWTetBZ_79g=F7pB#b*5x*<0?>j~llcY%RrYykxqxI##nRR?|G))EZv3ajIz(Ad#&Y+&yI`aQ9fsz}-_;2JW7svdc!s zTrv?1o9a$H3alb*tfQpitcu{$B6uFd{634%$1tL!#;kAIlFLH*+)~{a8}m=0xY!60 z3~^eYKSrJ|pVnKRuKts%SYN-WW`r_~ObZ;mE;KNOrDOTDQ{=l)26TVy137_}Akcj) z!Q4za8Yj<#zy~OaHm=V`nLibmYDyPc8KWi4nPqwe8A|vf!082PVeUuYn;U=Y+Q5m& zk+L%y>fN3ppC7?e3_&k}mEx-mmh`!ASIAFI7ypl!jOVY2m&llM<7E@%WZ)$*j6hKa zT7p)ZLQ8T03djpkO%CESssssr2fubESdynOcSFW9NP(ZSV^T@i2FU+{nnXOvDL{s; zoflf(Sazo4Hx>52yi9b1*M;h<(GA!I7r~#5Eks^#~!JIf9I6 zGbhf+CtjX?;)3j^o_S{9%&GCY(F15fIPe}k&m1}!fBkuRoe9GHzO%p>J8TI{!;y2~ z>Av*w>od=OFn91={Jl5f0svO@+)21@F@N&K`S1TdR5APd3$qj7O;nMwNB@thVfwrv zoukz7U3gfl%1I2>S94HM54l|GZaP`?Yj(7DYz7jh?a{k5NW%O&msTN#;Q2`NWx-cW zqloei7R9?G-(cy1yIwA4B~ZGrv$tx27OE1oP%G0y*#(I=E-0tZx@iFCxx$g;ZO;+3 zx}_))-S&1tDpZW+lnwekDGZPb((g5a#h!wK%!tsc9M}W;6?q1$MP!hK)QK!2kwBt^ zA;FbojJQK-j~4F>kTkZH!pCbvCJP@_M12pAcYutVl~dKNW7`1`auTNnFjF@~%5DQr zRaGBeaa*M7wy~}mbLGqVNeF2Noea5>8n}`cxspzeTuBXF3Aj~BxTG#@S~F?>7t@+I zN+PB;VdEN^oLmJUuS1_GgHBQ<89-Kk$pJGszMObcpl?rSOYpj|S-B+`kFs$jQRT_$=GMEc&2@fk6EgY?>xHmO#S5QDND`3Md-$H6Q|s;z^H#t=WBCckl%ejo zCQF8rh&iT-ho%g+KNQqX6}0`fwERR{xU})iEs@g3aA70nS5FyQv&$u~Aa(%A;{8K4 z+&|Rf{X?A^?;oo5g=t`_O6i>$nx6IAGej=HWR&8pAi>93DQ2{WvDN#(Ijt$$|G=lJ za`}#!8Gut;u)x9V!YweA(JtCM90aD@fY5Y`~bDYQL~v7*NZmO zBjhrPAn)IuD2~xOT!Bx*16Z{9LQN+-Z3YJpc&p1}*7{i4QhYA0#s6u_Ws_hL#`JLc zN^ely%X=^KwHfZ^U-K17XK^Qci8n=gYlOE(d0T|Hg_o}VNc_pF4FB&PWE#V=jVy_`Rj|APl|*)3)P=gthm#l{;5F&&l#r{q8wfEs0(DS_|!_vL5I`N z4V><*kn5Ti+$>D&CcGSjYifW^Tu@QTZp*`O!ByGWWADbt56f3*<-;9rqY^kn7@59W z@agLqQQsa*KWh4wH+ru>owkxsK-z`hXEi*)_u(`e^E6*|k*}F9UNTj@Y)m&@U^+4~ zK62zc|k4F z)90Mt2$H#ttW4Ook{T|y$Or5r&_6==7_vRtP{2_y3^h+vy9lA&7YBp;LpC3q(b}8dj<^CivY~}Bnl@Vs;pW$8gX9l9n82y=N*tHSnYyZZq`aRR| zuZ(_{x%Jn~t(Ucou4w<@sQLDEY`ABw9Eeslt}Rp literal 0 HcmV?d00001 diff --git a/__pycache__/auth_routes.cpython-313.pyc b/__pycache__/auth_routes.cpython-313.pyc new file mode 100644 index 0000000000000000000000000000000000000000..f596a86bcb499c4ae88c04a6743df92feedfc9a8 GIT binary patch literal 11005 zcmdT~eNbChcE3+gpAQKM5C{+-0%JR}4fq4w7=J~?5HE?HEDw3NiyMuC9#{zodW903 zW_FXbyTRGb#BM$eZ935Hw#9X}agui9P4=U9;!Hc8>7bGsw6AIFnGM+fs}P)KyZxu< z-1nh}EbL~o(`oO(z4zUF?s@m)o%1{AT&=iV0)ce@Km7ZN_y$6Li4R(`s+E;3CPH2z zBB4a&MAHLYmx-FXc*=K~skzHSEdgxjAFy`WsIALR?OhJ)U~T3Hgf4*!tZsRrpvy^} zT`ubCDx`&7Zt7<3)(1RYMYO1^m=<@H(2_1M^>&rg(ylUE79ht>^+dEC_lb7Vv4^MS z$IH8SXw%DUG7pE^H8}Y5a;VC~Auv!K ztQk8dgi@m?q{L{vFFG0@P6WD#Q=?K+I2=vH2Bl;mm6T|JN(1raC}jj&0)xW?@dPV? zbV~pT1Ea%_ONqcxG!Y$;hJcxH6VEnimL2VbDQSep6Qi=}?oBiIs;;p|3F$u_km$jSCtbW|FR4@vL}Q|wXM z9ENGi=I-G^NfsWK=ukYFgvA7{@D3^gZ3NdL7e%vcRh!%cQbK~2NfEY&r0j;}MWU%# zd^93G0dJOzo`?>{@qLkzXfpZaFjeQKO`dT!Bj+(kb95x$j8&MUkfMW;5i0e^PeO;X zg*eHF9};_@+cqSPo*0fL`?BIehzlNg_+P1k{1s9|diCCJknP-*{mv7l8D#sbT!IU8 zCFF1uAqi8MbX#&q5E3@+Sl=%y+}u zauc)`=eEIm_-=3B*0Q{<<#}5xZ*MIj$E-M_{ISrb$!6 z3UjHwokrJ1B~7-lrGpc_P5R2kQrr{#GH`r9sUy7sjf0Iu0j&}?!`_(0vfg!Cf7qt& z-)&!;55KlrB92tEqv#B5O+IDV=(^`E@EaPjQI&%eF!Cl?l9 z|NT#X`a)aayh*ktQ+<6>GKpfFOoEoXc?P6NF6lTLYJadJ(%o_YSHzy~P|sH$I@*)M z^SS=^d)NQw&BZ^w@X4hYZoc~6#g~7k%rX8FjH7r~6hw|tJP%rpSq)~m^>TqUG%`4R zN|HeL1#NdGrt4t@+X;pL;`o_`=cj@;*@im-43yzHZ?I6%lu5Z@L|2u`^E|D?8Pwwp z%%Jb0H~$`4!)HSj)(by)bMcjPZGoG&U@>5J0d+hYG0aMKbe!yyM(})O9v~=ar<;)4t>HwZKQ0Z%lCp)B zvKd#ctih@(bTh71=Act@thcdqqp>qN)7gD)NY*jJOOZOGK^yeM7#+HCFqWeXoDULkyW z$&!_nmM_`(^72m!UsS$qA!X}td5Fh9@2*R`>*n3-)9&@N8}?r6nRmCR-R&QjRA&5v zjDIJvs44^&UN^8P@&XI5cZu*W?=2^(XvmaSOl(S*uFn*goq6(XqyAV{Ik7igwlU-L zPdu3R1@-pwsww-VeY$$Cym{GeuMkeV#?AlXB_6N#zWO`8uefg7J6E(}-1>>T3|MD; z>#zB1r*=>7&Qt}aj!YiORM$;CGWkfRrhaO8a#(BJ+VYO@mM~Yb_bp+@JQaK`_@QZ#O3h(=cmP_ za^J6D<<8O-VrJ)(@l|CiHonf!gf3X8PtN+b!UAwK52LL(+Qxf4pAp{S`L87&hWt8t z7!LQ@?HyI*k{7beu3eB{F^B9>yzdJ6p!lGnw8K~S!JcZUU-elquM#?){M8NqP8u;h zISE?xAuyL0fw{a0%ys8OV6HnK0(0H@5!k#6fe+mkfz2@QJ0LLh267e(kJ>&*VGj8z zx^>LWj@D59Ar3vWCLzoNvO5jP?lK^|nIU_FHd;k?qt(NUg}tcDSqfXUuaF_T@f&ih z$Sx!-AqyZoD-Fo*F(CW($@dn%{bve@Ay#H@dI`0nD1XFmDaA1Uy^aOQ=DKlt9l z8{fJ9{h!bP^iy2y&9k7AdlX)bi-L_ug8~JcLo z=3Lmi<}P{hOGh^vZZI=%H zZDo4jgLCCa5I`2)CED=c2z*pjPgPD<=Aa0|MRU5gIdgY7$=rAU{C#2goA%Dv?MT<{ zn6KNPuG{}n-ND)3$a1L@u%-;L#s{@!n+MUt185OIw5anS)_4$W${5xZekrUu04MTn z$kX8_mrFKbejwBc#rvB}JA}#)NXP*XR|N~^ZlU8Kf3?Ej(Z*kG;jrFjfqcw{2m^LX zAF$FBI%ohcWW@ug%^(I!C21-kL3)vbB~oS=4SiyzV9Xrv2&Y=Nj?5KFak6kIqFu>SSceRzZj8JNRCVJ_a3K!V z4J!@m#+9RPo_kleDx1i}>eoUTY|6$E1PVsaTbb&RtmpX zF&>kJ_(&ugi$PNoVgYE3gWHf8%_^kl-c=NmqOtCUWpwH)<+*oPsg$EZ2gOaMXlg2U zH@s_T7=jY`3fXo-ipC_GG^m@biZChaj;RB1c0nC5RX`6RFU+2S|Ky)S2KKAH3=~0e z{akUwxb2peILb3#f2PErsSISwYr$Zh_ial1HbLdwx6Xb`d6?NZ=WG4cWpfC(iiyXk zn0oo_DlkMHo?qP(zLbohntnD^94aN3ONDj|f4SD*PWa1h9MrE63*=*Vh_>{@zMo)m z7PY=gAaF04Kz!p)0)d;wQnxM$S_^#OdbA|l7A6|zVI1ZjwId22DPVFQA<-z9&7}(r z3ZKXugu#r$fFgpC+k`0qF`RnfsK1Nv&5pH&dC|@+GG26GDGE&{z;@lv6P>DP>9&z7 zT4nol(X}iPy=3baDjZ zg~>=f5j4?5ihhYWebEU=_w{kh`AAz^(Q0+ z#7lud0r9MSSrqwV5RCdrfnX+XcmNE26^T2Fy_o$m{3rhrGL*Q=ti*i`pgVSY?8R@M z{^rEMoO=U9%ZZk$15*by%-p*s{Z-%JN~WojCxkEd(4!)Smp zixpwa3NYqG7;{+>#;houo?PMF^167j=)$p?!?Qm0F7NCtHNcVpz(Q>RU>h)R6WTZN zSIqwQ_577u4(sbJkdN`r5TfDl@90@2miS3BvAhH)z9vrnhQyKyo$kow7rNeTzXe1% zPoNW8|GzmT5LPpU1nckWkeFbN|N9P!72b-UQ%<^*8v_=EQ?wgY9Sa|;fk_i{U(oPp zNmY8h;e^2n>P6$8rEFmLHl?T86V?PD;z8-L(xCL5N&xVMw-#P}_4+G6S~&fJ8l-&t zxf?UjcYcNre~#*7y6)!707gAWgHD5kz&w-H!8^r0=>aBLA4PEx1m&(HhF(fH_TLLx z3LTB>%4C#SDVxSB{TD3Fsy`~?$R^BCdwsFFY{L<{$3jE+_*7-1I6wX(`{17`=cAe8D; zli!i5U@i~1Qm{`$U4+}oWOTW5Xy?y9B{s-8V~ zC`c}wLR+A?(o}k=q4Iq`6o7{h8Z4Lxg^mjTgB|`3FMqX=gZfpk1@bXZbKi+*VnAxt z0_&?ZxbA6`gC74sp}}>Xolj32F3?P2Q$CYU)WaAFxDv}tVb#o|ggJYS6b17zY+hyH zWwC@4ZL17C=IwyK)324_eAJZHLu>MK+|JA37wN_u3&|Y|Th`(ew%*PM=2W81BwJ<; zLh#}Ai>rL0vhIrPD6OV>oG=!(8%ubxCl-LmnLVvM7gdH{G#_(P-m`IPXCu0p$C*8Y zLeafyy&lyp4rpvugs`nbh@v&Gu8d}Jv1%5Vs8?64G$4eRd7Pj8{I3>Y{;?9Z>ZD(T z_c9ouUx%9P(bS(NX0kIOJ*i(or|N(x8wF!1qi}*i7#Q1XENmT6F%w+DA*J=^_ujbi zmp_m_8s~^2&@m;5)PeKpgsexg-C0mgnX2lp-iu7}*cEo_GStf<76HS{Av+LIG>vir z1ywzZjmd?5C#1f|^)*ra)MRH8Z-CUBc8ZP-T)u%1jW^hFwZ$l>A!IEb;`AV3Knddl1L>){D^0<|~$W9;zB)^3JsrG``+zUkCa7b)nr*T&)l~9sJdG{!TN0^#BL;56u?H$K1`@FF+dEmEtPE!w(do zj;!p1?_*8CLkgBO<(J@k(Yj&@Tn~sA!2L{~h=K^Fx^}0s1_ggt3LOI0;GjdCXl=?L zhC@MNNmYs_!|X8(r^g?%zb;{Bb57iW-RHX!rVz$6SZPp-g-oa1Jb&)S4^J~keet!^ zi?56?KK&Ox216GWzs!Tv510KGMV`^7&!y1A0!CA~GaCd@UZWeq0c3%phNBQrM~qO^ z7c+pFDV$X?yllr`CE*3RA+Cl8tSga1?R!yT6!bCZTnC>=@@=S~-RcD$Qd0TSo^iXT zN|YBbT<%)gH*yY?vCH9E6ZtO{-Sl zIajl7*=0kkQ9$=x0Jq+YZhfhMZoPnRefgJi>v7Yc4c!ykOfGL0+Wq|Ho&NSR{)&f# z`js*ZB`V|xvJv*uMWCf~3!2|m~m`G|+IzUIE4bG4xRoItiLkOJ?S&WXbp{b^zU)3$4z{kiIA zs>gqK`q=d0r>keV#%0q!&a=W3Q_~XGmY(8>$-!t&PH&hlN19E`rbdNk^AgsU9?@w| zP4Ak%2Wd9{f^+>|&9bRnA!Ho4EScePsYPQrHr+Yhio{!h_)IL#`Ik*q3VjvMpmE6z zk4yVB`qV^fVgTtksLbmP%r`EX;c@A(HkDa--Av~UW8b2Zs|#au*|}t1wYph%U}o10 UoB9rwyv)G8W!VgmGznY&-@mfCk^lez literal 0 HcmV?d00001 diff --git a/__pycache__/config.cpython-313.pyc b/__pycache__/config.cpython-313.pyc new file mode 100644 index 0000000000000000000000000000000000000000..b4a2b08c8c783bfa9b8bcb6484df136c310c1c48 GIT binary patch literal 3162 zcmbVOOH3O_7~U7=WfF)n4+o4(lQcj86GE%FEs0-%-|3ElICV2I_F~)`FU&4YiB!o_ ztDfsa<>pW&*WQv-dd#s>FKg`qGF7EiJ>}G-Ipo@zwN0I%O5OVL|NG7S-#7ofcIIVI zPZvWz%fI}&b=AT!e^Ai;2#trAOXT4@1~7n)Fo=3C!iG7-x#%+=;llzFTuho9XBHY1 z7c<0+GeB@KplyMx7oxU2J7IZ7L41P6-90{-ohL((dHl+`iD8+g?hj+GSjjHoNn^Pv6iLQcmyNO`9!@YvKj@>Bh|N$ zt2TER81t+!3_4{(*#+KeDkGc8RXPsdZgP)$)o)Vc3^;pC!)_w~b4M)?m~8nSaQ;}! zgC<&@Ff}JbCX^?S`ZR2UHFd;tfD7n!etKdCTl{iqvygw*PSyY)4 zZ+Oq_EN&0@;3^1;xPvqa_Y?_X)`PoA=`}9^>j^P{t+Zw*qbRp!l*8;*gR_zVN!(eK zvzg+Stf)rWwS<_&!u-7ZUCh>%h+jlZZElCJwiiLcMb_o*2C2aL4L;w?FXgL%I zcc!*fb%$hhBF{z0Bt>sBl!#*?iS{Hc zsMJ~m!6ol%lnhBC8pMLpwUdAhA_;`aP%M~OO%{4jklE|=`Nh<=B#b7ON$_es0G?Ut ztait|p(vRtagB^mrvYde3lVaTVXJ}3(7|LB;GQNDjV{+=a|C}RhwljPfUuO=mLSAk z5N^x4y&`?KLb$t^DK=_OLbzE#idrm`q>@akIa$H&6Ypn9drzYi4I3kt-5o7`oGx zAIR8$!yNY6s*Z}I>Z~~LTlK!_gFaE46U*U4`(X7(IF^CY(MzJE;ldPi^+9r{bwDRu=EiXcwVwyLDjOtl2iT{HMC@ zvvTygg*iQXZ}RTsy_vf++Qi~xi|$xHaKvhknC?huAXRguG-2?tRp-Gu-FCSgeKIio z{rEpr&rbo};nfFx<-`jMGd%LW?_T(B_+I>OT$@^a%;_V3eJG#_cG4mdo2*P$XDT!I zNA**)<;as>+qb@IxDu|$EAjj9Kj8KLOM34@Idr_;1KX9F?TT*mK3=QYBIW2||G*LP zirzn8j=fp(RSaEjuGa|*a?_P>sb9DePeDg6qe}GNZEWBA;-;IVPV*QcAJpFti|9iF l={sH-CFVKLvh1%+=WmRY{C;P;zwUV@46&E~Vu&&5e**#LfS>>X literal 0 HcmV?d00001 diff --git a/__pycache__/dashboard_routes.cpython-313.pyc b/__pycache__/dashboard_routes.cpython-313.pyc new file mode 100644 index 0000000000000000000000000000000000000000..0a7e62f41531e7dccf1e3e5114e234f9c75155ee GIT binary patch literal 13405 zcmcgzdvp`mnV-?<{eD?bKV+~0IoR07#>GIuyh6+?@kA6btyfsGQDP)#Bqf1nv*gvv zO%v>d2H0g6(~~C7mNssi?P1fTo7c8UA7?#PdZfi0pJD;UYWKNW9jjl-aGrghp5;;( zi%-_T8kftWqK>Ta5=9dre~hi}tw3?~olPlUNhpeK<|MU(n1;do>ynhXp_xnv?99tuRH z97_XSIDStoKA2n@fJ}j8Dx8WXQ?dS}eg=mWWCY#%p>%YZi^WrdhKt^tjwT^+H`Egw zI22R}#=GxN^D`h3(8P3$_b`T2Zx6ehoaFt64aRfw^tdU68Cf7)>2WM3VjD>WaPt9t`}htyAGPt)_ZmyNXU)@;KG2km7ojQmFXs z(GWR}KdPyNVVx_2FosO;Jbnk|TwA%C=>aN*A9YidC(o zdo0BmDI||T5mLx~h(R9=QjQQ6qI;lM^Bu(6=f_c)*LhA?mFl>n*CnO)c%)GA z+2b#UrBFy7eSrFm(p6HK;!_$Ql&z6scbDyXdtn9ROmD4}vt*5wy$ht+FEHy`nDu(8 zT=ChvSPGZaDowwX1W#$*rDxAAC5eR~tCLe3Z%mcOA6NA*lTu4YrS5H!Vt3ccGoa~} z0k9;mwq#%GVV&EglEvqrV5bh~NkV24mwG=KsA@N^zMAEhV*6@b}*c~G;qCJk#Z z!4d~zNm3!E4^XvK?`Ekt8Y;X9W=~(T;xy~*y80M9spWGKs-jJiRMb$cIj-;0 z*A<=v^Z>Pnsi6kwpev1M{K}I*nLhgL^pPhnz4FTRV@KXUGjaKE|LOgoe(UnHCpV`N zrmh^DxSaXfrE^bC|M0~0sfiaAf+m^n?~f*v2-3-9crY3}MuWHl&_?tJ@x$Q(4yw6I zcnGFwL7Mc%!ytL|k?3%kOC3b9pdC&mW2smoE*MjZR2bv|3Y?^1J}AnV!aLM#i{2L= zN`uUb5(xus%zy}>?g}aeMJyud2GT=Aq<*d%qB#VZAj1VPTnnDyl4|Tf5RMN<`#>7^ zLl0(JA#ulHrm3k3x?6`i&4rc{oY-GgvOmE^1(VpdzG#?>gRC_T6y#wa5u|1=noJL+ zP@dfvi{2m92udOd)rA4si-Ybf2z|jM4q19t?+-@?qe;QaMX_gnQUgiBSZF#00ygrZ zg7aZFQGkbM-hp5mv9_>^bJuVBxgTHt?(xpR%ynFzdJaV&XU5VhP$jrS0s|TYhx5qc zLc=V^hElMA`wt1Kff$!eaR`{j8Rbx(!Ro`JWnf&S<)*`N%}M$kZZ zG>7M1u*ln5>=TEe&NZWln~Fo+<`B}0yII_Of>v5ufsQ6oxCe?(=-Sx1uerIoC9o^D zKN{#yL_j~>*V5e59>7x*k8*+VP;4-c$0x9>b)T#^^>IYqY#Kf!*l}8l3Ajf1Q@$-Z-wxilBkQ{( zW4UapzEpin-cysWUT`{oGM@L>oL+l!ZQfgTy6R+AzN$K36S!*9)R;3nuUjdT9&v?suqZ!|G#wy-e^`5cjx|*t9bMC9ZO1zQCR_&V7`XIu)e6l0!S(PzC zxN=F(-^lwLbN&wA-|^1kDSyY5zvqIfVr2KR$f?yie>?AQ&$?D*O&u3Z_L0zN%M-hg z_mA~I6P;C2I`4Ho}#D|ob`5Q%$F>#yxR{G0pnPF za&f-4{)Or@)%gXBURZW!Sw2wrg6WLus!rv#&zh#!+F1)#v-tEqC-2EOwB{PR_=c{0ZIHAP zY{>=J^1-!vDUb`^&IfPL2DhH?-u}*ke@VQX$aa5yD%_v#?w?rl(y|wqom+UWb*kak z*DHSCuz4zWZ!Y!#AA8`sNmJpvYK6wGVzaX@sBvj_TD_%~XYx(JYlLw~UYhjmQX$DHGv9yM< zT0f!~o%Mfa87T5evIBPCBWrJOq~1_$w!-6A_VwD^mpI?`nc(H!B`WkA_1#s>yB+>+ z5A$m~4dGvVRNx;rE*px50UQXi>W7MChiJyY@7k|{!V*RxC-oGxNI3!mJqUL59BTHm zzD4!Qsh_(%!z$(S^p_~Fk|a3j~m^i zK+i=WC+%m*m{&1h4@&xZu5$};k;2XfT@u)2=WftZVH!$UBg{ld+k@KI zJQr7hmMXKaVq!^;%9IKzNUNYkpo3Ov)=XLjts%rn%6C``Z%X+Ma_=-lP7BG2X~mq7 zR*gFK&3h6c&CT&xYv*G{E=D-T!Z{hpOE0P|Vn|-2o` zGinX88Vj}@oq&sq9wSvwS-xkS$oLZOw0Sq7BcoogBG(BKV%A7%JM-=xxEH? z%dy0={R&w_Heif)nK8nCiQ7YV)`5Tx{0U~az@O}_6>2VXGC~^MrL40_X5j&9`_p2% z-c`~t*b20wgp475NEK4=exA&ww0baytP8lAyM&v0O1PPwa5I^i7Py(Cq;@as>s>3g z6>>-*}x*WjG$g_l-Rg2V%aI?!#J^lWf?_7TVlz?1hI4WpB=N=Bn z4+(0}uVaabpduPIQPc(HA)qM0n3SnQkX1$WU_m(yENuo4FmNtVvhkI}ojw!6I88xY z7SvdH=n&y=FVfH+sE#Q?U!uk3O87wlU-zR&6kh}8=__cxmRPc{ z)JS+&P{Xm9H3XiZEzqDOw+rL;qPGtdRM^!dhZYVFO%a>Z2(2RBktaqXI-D1?p{B7T z7~quf6qI3ZFv+dNAcMwC=3p#dBtjhSP(o`sTvd?SHhP>bA%3t&ta zdMMlkRevH4wW<>X14-ag>oH*iCg`H^^uZ{HR#s<`l@uqE+l0B);o)H*bt2C~G!)rb zH-@%?7jzcqNSx=dV$vS;igRQsomZg7g0VD093xIE+K`c^Cb>a;V`7m91U=B00?j78 zreyh4gjI1nA#W0Kw8&D5A?^;Wi4d_86^%Otu?Mi+|H6?%y0HW3#wDx!xN*#wvj%u; zVB9?s%v#$rs`EC_@yfBvoUN9()s8QjxGigI%c##+R36_qwl7yv&sWrs4`nNsXY`s~>~ zfz5GTKc*Ll@?6!+%B;0LXYJ&zov*gNU6t$F#dqy`Z|~Q0d&4~Z?+RzF`!gy~jE%O@ zZCOL$UmZYwg1M?TzN&3hpLcqXZyVe8Tve`iC11Pp++M!+wybkYW)l{$kM7ADs-JKB z(WZ+=Yu@A-eIRS9d440jK&s7!6ME`vxvCDns^eTOU$rW0T}@hoB=ea0RO-3yxw>2V zx?8g~YqQpMQj%fJ@Qf*=%G=$?myRtRSB~F%Mmw>EuW8HL+jI6+ynWTVEm`}foc(s* zetXuwHKT#noUV-a{Nmq1kz_weiXytjBSZ(Nw!z}ps%HeB*HPTZYq z+Qc_)dOe->?#XlmeR9>0@10!wx_+uss0bdR8YnZr`_ccv^h4-$yYSAL` zF(7p@0CjO8b#WVz_!yA*7%2a(A78JVPkfqRc1+&+Q`e++%DwV4iBB_}gGaUowzX2f zSzy`L==x2|DhU6!QH6f1e)|IEx2yfztC-)pX$b$WN(FvD92?o8eor{gB8dHR9H*#B zOA@I^*3IR1KrXU0Sjo{OG0zpt_sCjyF$=3G)ym51$~GzY&1;f+Cp~){Qn}(&QcQp? zRYMf8ol>UrcAddFiz$L2yowKKUXoiWF@3iqw;!l0%h16vO)=B-r*xQ)m@T zf#tN1h`Sve@;UA=(EA#AGgw2=QX)r*SVfy6*NNUi^aAL~l9NbD4iq+u8%7U@DyYDS z1=0}3Ur;YfU?O~VlC3Q%7)0ZtD0X$k_(wF6`>;F%`MAHt>agdcI!b2;Gnw0WBKS-^W4LH=ov6(k{1-jmyw{hn zuFcmk0&9`eJWHue=2bw%)&?oqDsn2K={Z3;MQ&=(p=PTA8=jsy7;#w^cNR-!`bg?}r(eoeXcAVH^E9 z;jILEa8t~4EIkLrO!JcAwHG%uaW}6?0x#*=BZHq*9!O##7^iz>hzrqD383i;=#K8rnp#B(3aTNI*EOFo-8sAJ^`5LX1IlbfDS82RMF)ATGW=;}_>)PV z41XmvaZ~uSmB8Qh;}g@5pPfE>ZXWy*lEXa+JrK0%ID$wtawGaFQ?V#_1K<&@SDi`> z_q8??9wm^M_U0K>lm+#{SOh-$5On(!sZ`=1W_k$XgXXdj`8m;%`zxrT6dMH-T#NL{ z(8xWE>5rg?V8}g+UJ(qxiLXSLFNcWhFcrNI;g{T3K*Uvmh#uc*{Yib!vxN67Ia`(W zfa&~;qM(M-xxly%DA<^FEhz_s9t4&fVX$%X-uFB!Zw7;%H^Sh&x;`5Qjjj`R0Oh>H zKe91za-RTHue$N&qN6&qu?%QBJ)Z%Z&gvUMvjt}Pk@e<{D(X#J4f<^s@ZVB)QSf+M zrQaA}-nOVW`kA*YXbk&R;Lkx#P&-7WuoBh^Q4>r?bn$Z-R>l%gZ+3v{pt$*GF~#qw zda-8WSU@3ESXgEyP0)aWj|$4EjZ8U}5scymlxJ0_YGF;p*rF+#LBK!*CkYj)UKwwT zC|krssiry#lp?FtKR^XgM&nBS$N;XnwQ*$^DtY8tq6+EK^-w~z7+iVrNzj1a|JlU! z6W{yb)y&MpPfb7d^A&LUefd=8gI7mpP!`Rg%7F%yNcd3lu&RDfWBoy*=5XJ}1ck`H zn;^Uc>>w%t4zQ)*nG%?I;(iYGV~)dDEnFE6h+kU`!FOF?1d6t^4?r!Fi3MRrb8a_M{Fp00@4P#QA!ptF^10 zdZS&x-oU)EmR_%B-lS*!W zg6SG1B@&48y|=Mo?wnT}d=>&FouAQ<3f9HCZ!8(~r0p<8g`H2n;+X!$Ygc|SE^5c1 zZBa95L`o~cn>~H>n`zv;Gvkj;Pd*Eufm}KIi!`2x>5(T}n(N_fihg(zl;k501Ab7* z#mLn-_brGo)bagqkvgUy`}->|;HM-db+k6u6GuOhs=49?8oPI6_@CS&nRm zBWbV6*%t7&1>>tHZCTs$Bi$D@w$Yxf#+}!ikD5kId8aS$T#)xKggark{v%4MGk`GD zJ4d;!&ikeFTqpIIDd)nRV;S#Qc4XT{jbk*G)%fRC*-V-hvwOhKbY%Oih0?oDII_A* zIjfiSa9K%KBguLVMoP_*N4SS@;;*%Vhw^BU2CRm#=m4t$BI7jRv?5M-(Styj@mYe? z%5*K{6)7vg@$@Ut7ts1g-=6-?v!e2L`K4onq{1WZ>vj;`El7(hkwT=4M8UzG9SDe^ zxf#M7dI?-1G_fLRs#OkHA*)jYG{<@}%+o42v!fr!BsqDEw?ZtA z5e+6pOMe?r^^!uq@N2*oq%xoT61K=GB=jmPYe7f=Vw+pmO&H!uwRH!NH}z%x2-* zQ!TMJqM4zzA+B)R)o|K1adnq^P$@o3PP>*|aEYf~CT5~N>Kjl;k(`OD7t*I4U=u<$ zQM{`8R1;GivlO|KhC@|NyhcGyh0r9ySTJf4J5q_Y2$kP}=tTUu7mJ{G2=N1tCgMkx z%8@r%i7o&6y_bBIryEW-sxuj<{R^l-#zM`vb9{WxyM|mOgT?0?`fU9 zllQF1+Bz=STw@i_xMww#$pg%&vifxA$=ciY&i}$R`+Ey1T085a` zi{D{Y-Oz)Zw5q~ZwdGnZEi|_!_(IC$oz+rCH?d&l9j=S61-z?yasyw{fp;^`(Y@og ztYzVpc40YG^}rN9vZ-~mmip&*JNUoU>Ni(1zjUj>57Ik=3j|GHUnJ4r*9YGo4uzBV zaEQF*4v*Z433d`o{=OmlKngC+K#xZCgk0tc`sBSs@B!k1=)prA0yw#yBU(9!CxvL` zK+6;G#|}wx6PYm@v4nhm$l l{lkc&jn;oSM6Ut=A=*mYKdfs2Z#S)_9UnPsXa^bF{{i?*n~(qi literal 0 HcmV?d00001 diff --git a/__pycache__/models.cpython-313.pyc b/__pycache__/models.cpython-313.pyc new file mode 100644 index 0000000000000000000000000000000000000000..6fdee71049876802fcc00c56d6db6cfe09b9424c GIT binary patch literal 17683 zcmds8Z)_V!c3=J#Ns*%d|FvXVw&T#r$+j#xl4CoOEXkH^%Q>zT$FUNcB3CkHid1H) z*mAE|6$Y;ICre0k66*q%aX?LfxiD805l|Ej?nB|U#oea5UerMkch~ldzO-qi1A6_^ zzBkKVF6mv#(jkZT*6?U%_PsZMcILg`do$edcw8Jj=lEuiYPn{PudL_zsu2fBIUv_-({_cng3(q3ZH)n?Mdl-wjItIe>$ah+VwCkj*{}^| zHKW`El#Sa^)-cK@pxnC+Wi6xh0p-4JDC-zyGf?i|hO(Yf9stUN+fX(z$`^q0&^DBN z#$WXN*KuHJx zc!O2|OZaAfC5Uqlivqb6y&a8H*ED2Xfd=H9gho<;ONW~6LrL=W3kX^OwhatCE-O;L>LQA$C9*^$(Rzz zWE40Paglm*1(aQqD`F?8D@+6!TO=4thPA7-C|lTg8y4Y*+z3ZZJV(sDiCB0uv5wdR z9xb_?huV^7Yk3R&vvyjD!;q^&hs&mJRXdYV)M+KI9Z7KLNGRTs1gA!VtJ6%}JL1;1 zkKCSJb6fagn7@);^JDAY9dYMoAHSX(S}!%^Z`S#G7TyDGmK*ZCpv!~(tlSCDNLAov z9ZA@B&2KKpKza$xMlDD`uG6x2q@FkPr9jcZm(_D*4_^*xBVPe&6B-7xm#>1<$5)em z<2C+TYDI;yUJbISjp>G=C$P}4=m||H6VW*A&`BYlTyKTCK0ka2d}p7IN8g(ks4W_g z2)EZGP`Ca+kPt5-BhupO+2;#V5ld?~SxtLlzZt|P&l<`8+rzlPzD$YUZ zksSnpX42|YXx}Odu`%jUszq$u=cBLmoE$lN^yo3)o6%9h7fwW?@$r#kM~}6GT#^Lc z>hffw!=<;+A1kKrt5@ieXE@p($pw%0lsRmwX&o%)wvS zM)>zyu|l0&PHg)2or5J5ip6{y)8!jW5MS~}RP^DN@!P2dJ}k8{!wFVZWB)9nNQ7GB zA++eRsF?Iy32F?|0SUDt19fTWahN`M{6bK`qX=*aHcCj_SG(gt_9i z%G$+&KOUItS!-(kqN(L4O)c}TwbF(~?}B&P_1OE!`_s~+8y0Twk^i)CReLw>TxsR} zg;lRla`@!0r(IO)wnLryA@^2kK>KZ>4j<)9z6yCZYX{{;7ae0WggehCP6^@YSTwAe zNWY1k0S;J_I4RVd8*31!EPrK!49#R@S7v@?CrA-1A(`cV;cfb&`NZeVCsvy~KKFJ= zj*e%ChO^BUW;bNsHEEaTu&K?&o9ej#6(U4gWp2U zEl0^I$WkXZD$gah=JU9a)$cYn! z!@Nr6T|byeM;1F5I+vY4t?>U~;@2Y1U#$;1yPR?E9qyF{ro({ms-7WCIHZsVf)+wL1+X z4N`Y7_}+9VhRX*^-e7PnO2lL=8W-XTsPF`XNrbT3_vXkbwVzGIrYGaHs6U<*#sxyn z08H(Cl7OP83@@|oYZE3z(HLu;I>!JBv(~9ABA^{W^$)fqAx4vcdug#SITcIH2neWY zQFj7nHWa7Ms2B`|lhOAD>gWN}H-tdn6AOvSU@S2njROiMIG12vli_&c7GY-DCEH2F z$ka`QSO{AXZ$zhv6KL6FlOveJwZ!%l!SzfoLPD#8K`{v&Vc>=ljZP;8F&KQpvB_i~ zgy5XB1X~kt!|whLw^rFOd+8U>;`?>?>gHP)PcEEHx2+`S>Lh2+Z1oy+`#Gnw8`E9dK^vcB1Y{JtE2(3Cld{pf&xlvghL7yL`z5BpR7%cBo2 zWe%)F=KWIn+1U%ZwhpHbrz6F+s)L?Ob_;}6Z)mL{%Y#gjN=pU$6jpvb!hw9 zH&0*u@sZDt;QO~{2fnm(9`F6j_bxB>r6)c;G00UR5VoMet9e^D<8YATaJy$|;BoJN|Jbdv;H9&N9X=->6sU0uzd&xl{TJM5{ z?dBnZQ9sfMN#Bz!mS!N@ht-G}8Iq>1H&kdquoq+ul0knR8N|Y6Oy0oco0y*oXRV?NjnPuz;nmdDW%0qg8DYLtsyH=!F{c5}rOv@FhrNFs_P(m0CKe{r?WmWI zfnHLzPo742c86#8KJ0C1_sGJL<(H+C1Jcm7`6E*K$lVL_C~<)LTlne!*Daj$$nCsi z%PkDxrSRdkkqq2smL0}2p5-@I2RgxIP$Af7;~0dmu*V!XQl=L^g-D2*RPb(6Iqvb7 zkO|;hXFII}a@mcG!um)QQhBrDMkdXepaY!UrB%D!rQ{~apbjF4iD?oRs2u@CB2Ho` zdJ>cCm=tVEyh&{s zEG4&CW*Ak|<94f~l(~)Lfrnt(6g<3#FX6oyOM_e)^xQZyh#pD7lbxYz!~V7uFhFsn zHqiQPEl4Vd?^_R&UeS450brsMdbfwKB8}tK{u=7&nvO)17Zc;_Zv#Dbg|LVYhM3h) z80nBTlMixzvT8ylwT_V;vJVnkBubKyC5QmQvWWSUA?yMakjDT`Fa+Lil3IJ?)05Pm9Rey$>JbP@kRXH_M4-`Corq_s6~*Xc znI!fQ6P#@EbujO!MSWXn(UQ{p(Rb2QKef(9rIJgt=kk?e z#RuQc*j9#6DRzTWR9zHwpUe*?Gs35B=%}0rM@4mb22ul=N`yNn0Pd*G6{U*O2e6GJ z(1xl;(WMGJIGt%jVAG*>Y7}Ry2j6tU8&z4~TDY||lYVifY5tZ}b6yHu!`_W(dpDjM z&secv?Ya)sr%9A~k-10!$6mYl+R};iskzsr;*PsLvLeSR%~RxdsK96A-+vnrN=NB! ztH|yA)}E1`iqam^6u~w&KH|~i*1{s>Hdf+#pa}cBLr}!qnU7?wh7ZUeNt=#T1W+Rs zJWNg%%qi-ef`>0=9ugd)C>|1Z4O-b$Rc`HC0;O)~A78J`gR#E>uqB_b`!F z(+=IFZy~3ulc<$xAzLzEo7zQ6=WDgFo& z)F}IRp;2tO+XrE{=K(k7J|S#74zNvihSXpUIz;W@5asEOgDB}JNK$J-d8K=?wpFW5 z3PU8|CaL@THQe8?D*GD;n76-`82;}rP(%2$v;D1wdB|e{U)o&h8-a{lCK_F7vx4gY9t(^=;RNuBVIUp&5kn&N5COn zC5g&G4kn?dq_%!MX{IIF_ zGX9(g)iBbXL_l;308w=9keb?+(g14CgUVPurma zpN+ryZQ!u2U1z+Svo+?zkYvFFJQxfz*2Km<#`@Qo$Jj|W<}nUb8T0H&Q^OpfRxamV zq+-0-@20M^p{dYlG!{+Htm7xA?yyo36|%}`{VBZA2DX?olGR1!&eR3->rR3=89SB4 zj)4Np1)57@tp(-d1?9Gaa=W&yiBRhStUtweF~Na~e+>!hhvqE+RvvyT2z*u5$U*6c zw^Fyj>$)mcotPb5`?_j%!qj*B<(-Nn%G;?9sK96AyATch+Ru%4<1ryF+3GB5Yg8j6 z6ytro`yLtZ^XKW2@s58UZsWcGJls3e0`d$RhsAWT83YUwiBxc<_VLU6`Ye?e(8V{rK0nJ$*IdT}&3~zgN-U5E*E7~pc8v~k3zDhx`1{BqN%{COZ ze4RqkW+VIgdU9aA!M}&Pc>sWYf)K$wf9t5kXbFVqNN_A$wqroCGPPhdF zGlUmmtjUmgQ;y);As~yF#BFR^;r=CDE=`I-Aw=MYIkn=281gX+zm7@40TzqGI@JlG zN*2C?m)*HK3wL6YBm^Q!3iNzJ4y9(;SnhCtv90D<3#xuKC=c?mqe`siv} z{NB4O!cwQy&?8xE*XkPN+c%FpA9ber@10rcU8QK5DFSoS9BfrNgIJ9cK#5Ul!YQ?hh^$eNgq!pfZ0a zLDg=~6N}W7HW?m#T>whYfV+i6it6JkqpHkScmqIy7Nlq_8y-}xoqDPD(;>8Z16rG>oTv6~A39X8w7s2rJ5z?&*^a|? zHZ`VjCv_)t3;{+v01P#l=z8SJ3}Gf~!UkLw@Rr@PYct?oOv(lb9J)pSYL%G@=(YpH9Q7e6`j z@sX$Je|-6~%hqsJ?w6 z?FJaI>Nu~~$U)3J(~O@m&orwiNNupwzIM}$!LNdcw=orOd^dJ$4_@Xrj%Pd%_ihcZ z+_rJ#LeDtKJUcVIGLNz0Z7!HnC>osmUacN9B9FDX62R!|Zo`8fVJT zkNOG9zyzmA{52#PMSWolHL7aKJfA?VRdpw7PW(Z@ZVp}YH0MFoO&y>)wF*2vjHlMe zw>h;|4o|>k$jq!dx|q@`nEmTm^c z_hKRWcijZhhdkYg18CVTf!w?!Opn9Q0mIV-LhkGriR@>2v{>e5zXu^0!DW}Wsci^< zwW7JZ&0O{C_oSE5VFt6R-7D3 zZb3PYQ}SemU^?ok#CvPOct2^R#ESU$TDlxd|rWRyUZyboob(PZ~3K zR{h;ihfqR5k$?oMJ;FEL8%|q^dDiu12?q+n>Y|c?h;O-TKk#C#R*( z{?(TTq_;*;>^q8#82p~(Lh3@M_LIFI@5MJ=8%5Siv&5Bdy8WhZ(_AO~@a4wBjZOIF zWw&YbO_SU7j%lv-e#gCzO%C&$dz_{&(|q}2?LzG)hxyIwQd8#~xqtiK?M)7{n+M#c zQ}Cl3=sdEV+T2rVvMUUb-F(?)YE#OP-K=ed_gQ+#Zl0-wa`)o-h4Y&nWH(QEp&VFz OYvHY5agb%-_J%wHMWcvQ{A$$Mg~Eg zAR7||5m_cD3QeZT*y z?&_*uWIM~;_e!OISDiY0o%7$%sqd$ySveeznSVWg|5F_I&vX+xQoK`;AJummjvBg*M~z*kqb41N8#+_E%ty`a+SqC7N$){?< ztSro?3A0leazxCS99;-So_rdgeoTMW@wOi2;a@&r~V#41=MR=zi5tRT`B z^)Fwj?JK_M9QQUNTu~w&ElirWm@he|yXw*QC%+^vhoYo8lqSrfEG~!Qq&Y0*mnEpf z^0*vIlIE}?VGb+fa_}V0p*&#@tKxE4vPcezdUADK4y8$Rs7Tn8m2o+gCC#BKVGh-C zIV@cyheYq9CN76%Npq-8Sckf}9F{MVL!vs=$K|jhX$}nu-{zXQ99AaHVQs=3?ug5w zJZTQ=66Vktm%}Q)=^S@-HNPIPB57_L66UrsF1O00Ic!S!UN*<&P?a=?EeUgIj?1As zX%1Txwqjdc4mC-0*v{`rfGc*!Z-y(?kp;Y6Vc%Q})MCf|}U^zMYA-$)pGPomI-HMloXOg^p;`4sxo(n}rJZ7bty zIiK;g{xQRS+-aSTyANXkqab7K4&~LWF8KTSqx}6>AJB3r;I>kZu>bN0d-ou^b#CJI znTs#YogbWe^Q|vF`EX|9+4)Z|%>C#mb02-+sq}pD>Cfhd$2~{x+TY>#TIbHaK0i9( zIdBH||MJPj`InxVd+&ppXMcn!)_E$s+!!+L>}>Nr5^@OMZr&@j`n_EzJKOx;kXi6P z+UxcCL*^5{p6-r^&y?#z#%+fVAHlB``89X8ANO{hDc6TAJmUL1y1XGHT^;Pp=e?&Y zecpD#>#uyod#3W?9--2YtU9`nA?c27hj+BJ?%Q!+U$O7ePE@n0y1M#go8a$8@ok+Q z$GW?`-To^6p^%%3*}rY~jsy3#Zf|aB-r9U*N9)~(_v{Q6tDdwRZr--9^}wO+dv@;G z*4(n^(7_{p*~k6B!x3jbDp-%7oV|X&p1H7XXvgx{x!2e(YAv5oNxUIL-f3Q3&WNB^fZtL>4 zwuY>&tzA8QZzo;bTU#IPZR-p_(PJ*BZ0qUl?dlGh_jLQc$Gk#F-@%7cj`#&a3YK2f zjv|Ll-mbQe&QR*Zs0hnAWaYht90(_bEGK(>9sZ7f{-L-U9V})f8wT^l)EX(ZW?*a3k@4J_3ui_$FXz3IH&*v@(P+`Qf6_a6 zMs#eK9NPzW2kq(4?YXdL=%Gs;FLaCeV=*tVCeMyn>)45fhF?$6uwsXH{vTZg z(bjfgg_~QG6G8hLPmxrj4j^B{Gs&D+E(7{YZp3B zGNh2+Sr>C(A9LRjbH7G?FRZ3gDhSjNU}Ki>o_(3~I2lfo?k()&= z(oDq^1kmx7pqYxi?x?|Q98(w@Ig$*$#uJfL9IwA>h?zR(U<*Cyiq%mcvIYv zN==?;v@VFl^r4Y_BfoqslS26$H2Of>BKg}R`FPW!L_3bnaUchUG)Gdpgt*uFCr(A?}XOG|o8^6zcM%aX$gh~R0U4$wE)c_&q-Hhef*3<3t3vC@B z?&+inUgrrShU|z#Bbj_Ekb*U2ZT9)RJ|A(v@+9vw6R(Up z9j2c&=NUZ>Q&LyVq)j+iw<1x9Wdt0+=qj7JLOF$}kp`gWjMvNfZ(%KkIlyg)tI-M> zzb(;}j-9YOsb&Pog5&#N0aOz<31gh@e6Hg{$B2H^I=1!u2i`a^Q7$gsAT8bSS?^$n zn0`P?KQORMnTmfb=2pzAl(H%@$8&NSzpa1MEat3~a#ju;Qp$>*_EDymTBw=U5nB1x z3DB1RzcID9fgZF|`Sw)?e;9g5jK*%B=OXCgghJsHpsK|f=f%=3h6)x-x0vX^SUTq- z%z9*GatYd(@q4DrTqKN+44;^@NDd?@u)~{sf-oIB;&RC6EkKs3 zA^Q`|Bk`gJLzS|;QE)3*lF1wC-cxOzy>0#;K~_gZ?!)LYlofuCdzGRh zGa4FES;&Yq75WS0Mk)-WpY*ONq^-bRis1D@r4lmv+QB_RztIDp$k*y^6S}>8$Vj>j zfw`WFM(Xb4k7+*trm0HPO3%yE|8HBcQ>c}1OX-n>KHMDd{u|SWD9g*6SIS$)4w(D&VST&) zJ~-l?H9l^H$(#M2)}7{L^LcqzFR{I_T+a^v#oWt3nfdlx!ZHNFCKR>=!FD7FJwh)j zk>zMJL(k5u0d^|sdp$jz^rSByzv=V)G@Fh9={KfZg z{NT-w=Mk}&`ebJEM>k%+JoDop-gx86%#))?(D6My3#Isb9`Sa!hIFkVi{O12Ox*F- z@)TKLP1y_7QNjuW3R*8WgzRnY?U1KiS?W+)B&B?7Bnf~1bEN5|*C#i2=FJagU%b@h zng0!nJy@PC5TOcLj(Pp9WSoqH+8?m*|2lvILbuFTFJ3?+Oc8Eu|affk{p``jn^G6%4e4@oX_S!!4}cgEV-ILs}Hz# z2JAZ*ES%jb*^0(;r)=c`TY1um$m-(blv#5mv&KL{ljvG6xz|3Z(?qK1* zv6eUQ2^8+b`R-#^``>x|>f_VZyQZpliPd|g>OJz4V9~*G<5hE@=pfFIR(@FVLDh#< z({+2N>h_9t`=z@5@{{X1`NPM8g`Uv^!Mvi;{9w_N(QgKeOGkTH*g~2)JAHv8V7BF2 z7dU_~Ih)h=8v+YCT$*#iZF4&DAl3QXuk$&3HkyDJqlS1%Bj&)8rjN=d+CEtR;c{Hk z>0U27Hb{;QlkEXVbHEaN{ualAf%3wIZynzJQ_Zd&tGS=&G^gO_uZoHYuFnJfMfTQg z{QUK5>&{ZcU#}_MS!DPdw+`2TQ)B|{%Zw6X!F#O3hfz%fPB{o&6Os7pbHH0CyT{A+Ek$4Z;JN1(`4;Kx;-qYdY=-cd_QS2rS2&6oHrfeTZ!g zvDEWPh~;h8Dpggh7{`ZOVFBW5Ws4&OjQsl*0uE+F(-*i?)d6?*XpL}}rnyVk+&MIN z&gdPVaW(U8up3ttmgB6!uaHQPe5E#tEld3|WKzc^NlnaQ+@WO=kXFr#xImN@eGje` zCIiN6Cs%;*X>7@pGW=Gzi`PsK;UcWMX z_1qVqJ}Y<;DChJr#UUE6Z~-9mGw+VfjE;A_3_8UqA%uwKk$Cgp`iR`<7%w1KDu%!d z{ggRXuBF_fs;;)Cax8@&vzE%)%?=LDT)13rOvFaOTL)r?&({VY8X~sy|DLKvBSB6Z z;S+>z1RX4QF+M@)!HsZ|Knels5#dn+0s$WZ4?xIFT7E{}+jzL=wD)v%b@&riLpVjz zEkaLcCn?*6)3_}+3FJ0Ju7r>Fb_j5>dAP&d$@_@)z%Q$=a0W4AxdU)cGDa7^ji=90 zj0Olp#2{3}F$gfY6$rXO{-Zbt9l`9S3!FZ6ABYvf!5tBHVaM~Ehc|j^dY}!DU>XQ0ZZXEi}j*)+LAYA$rCLFlBFPEDVTBO1l`LLu@(!dCSoWE zm@LFl0DQ?=h@k*ja1uk2VIhXXLJUO~V<_~Dp@_n8kp)wh0?|?=S&9OdqCbGiFj3CL zWRPRSQ_bd`cJAlaW*dI~DyP|spIFV)&b!W^PxZ;a532-2AH01lZ?_ zG8iX?9>2F8K4Kxmt{p8jkClU_4;T#Yt15t4MFg+s^~bP?Do$zw69Bb@sh1}E%yXB% z_}ObW-u*EQ_&0w1{@m~f|MJNop`MpMnSbZfjd#y~@sl^_&R_hOPtNzHH!~^0b4+N1 z(;Oc%weejY-Q@=1Ebn5pOS9((W=GG@ym%Qeh2D|M=K>CtOm+&{HEmYff;@;1 zCA-I0#{n*J$51}_O7NE_a4#RYR#M_9lZTXyi=sQG#Q#hN2{ z+g{GtNQ?er#VYrnF=^LN9KZqbL9*#4`#WCcL$4?NX0eD;DW=F zPgsNjbv|s6fvV7)j*_d8p{=u%jc^d<=kUl!y%`oXov}3+UdF>;QLHuqjP(>Qt5|ZC zO}i?mT$Pi?fU8n;ZIoOar(Mlcu4d7-O>%7;*niEI8MNeRnv_!ttd>^>OqW*%OoxgZ ztTaQcG(!LuIIGDl&x>+4FQWFKN_AgWZ-_qF)UJ#K)J~Z%ClPvk^QE7=8l%)3Q^pc< zR*snYf|a0{A&`Ay!u1-dK&fM5KQK*PWppN%24dwXOXg#I}z&#q!6%0V%!2pUF62?)+cQy!VRicQyay$;;pMmF$Pewn4sH3W` zf<@k$@aKp+jep1t7?@TDplV@oZxrI`AZ>JafQ4a+_L12KulK>$@r?;EQ?!r?P#>Dm%8B>z% z&YBLnzwIPB2U{YDPnOyVCla2EDD?|`$*Ge-O!=4i_jO@bF}BO@l57Q{tq6*A@_)~} zbngrI28ydD^kR0slwCh?@VYIJRL=X!B0$RK?E&`=(XmrDyA$Ilh%NxLbPm?EZe3nd#5aWMazE4vOi$iPky<}Af%?sU~uO(_v&E5vS9Jj z1(P8+{Ywr2I59VUa5u1Un&aZ$=MG*tII>Q(FO}>|1MHkhCKeY2^OpwPyX5nlr)=z? z=&6@H^$?s$9tMEmMDj2I1SiPDsYa5AjU*4-!}4%7R2C)~Bo&6=a*f^fdd{0U0ryJL zQ7$>k$Lj-*s(>Z-WQumkz||xI(!R3* ztl?2nh&Rd1U|jwwaVUWyes$V0qRnwf>_Pz8h_yAhB+eNmMTKsof*49vh(+S14O+61 z#1A=ky`wdDHQ!mCUvZ-YNmJ_5AH({e)dLwC@NYcE0X;`M7UYUgyPB>gs@u6C-Gl%A z0TAr7DQC^8T)#Q7C7X9>38b&2-!zsG$@9+s6p)yV*W%RT{YE~s4=U`l#*6FyWT*`v zQG4`QMkGxA+i&Jo%KNJ>ZB52VdmDFX`~0k>-y%Ghv~5{@%*wBRODpm6>`0m_J3*?f zo2JT1kV<*4Ny~C4NR@NbvT_roaz|3}d1z&BsjmLR+Ky^UquY`%%Zm}+Ue#uRG zE8fGTG|Vuvo&v+jexvXF?wb8 zkUVN;M}P3ekg7{S-1CeX9u=K0AA+i2_Vn}{|v#;mS^=6Wt+Qt)zeFz=ehAZG{&#U^@Q6C3e-5f zfCuA*Ed=f$K<_0+H`oHh+TzN?3MA?!oJfVuz5L1C@MYOc1_k#LCX)MV=DmyHY!N2& zw;pDj^31*a9c(~x$bK=fIFUA-IM$GbuGy+l3%0oMo$l}-$KvyzkVRg6zUNRV z1->lawyuy75LPeVizVP*Xh?mhLe}ja?f%0E#)|b+Z+9BDY_+Aobl+4GcUIZ?^3`|0I+1;cdC`@hA#LKg?>ojBYI>OdQP{Z zS|I~2LKg31(9W`LHlk95%)Aq`z<75V$Zk1qxyvaXJGqvv+dm35&e`oKVZ%e zr&tqkua#GsPr3q*4FSuB>o&*5jnlRzQ??~z%SBtcWGg2bU~@RZ9Rc?`(a|V58YjW{ zZVFg7Eg09Ew&`XvT*Cz;Eu;5O7gbIbRf2fIlOLL%8FU^5Yy){(SmxXIzDlozh@&h=8Co=Th1W zX@TNBWA^~y{A<@|cl|u)mpSsC=-ewYJ8#fgG?pPcONY`Tf6u3dg{QPKTtF5i`)DFt zXhG23Hjy51x8eM}Oa2867NehFYb{)`rI7Fk@FkZ*!XLnborJ%%6cYYYNceMxg}-fN zu*N`^VN&@ouw?y5^%IYNu=c~XxTMn!zqO5$W8dIbb7Q14136nQ>S|S@aiKB6Ehr@_1mVuCzDpt_TD06&GRaTvjHFF*)%rHLrz;8v z1tpl=0zAO)au0OCOQidlC*tVgVGbTmxTiQjBoIxvn{FvFsQs=ak6M@;?u~a|{Nj^| z8$Wt__NA9+&XEsJL`SA#6Vg;mQQ_h9IAv^Csl|xqvt_3;kv1~#SQFpdb<&qeBgPc} z(DXk>$-YJ496-n#EyYKi7Ew)^W@gCy$H3+uSrIGz10p;~)Y1+xfHee}DoqzDqPFV- zIooj3f>IAn`9o~tAJPq)f;Q)fF<>ji8Fnk(^_eNK4F0UU0tLH8*B;5W=X3a>9t_yS z=YoN=7XeRY76zReaCaH8ORiMaWZ|A){*v)Ty<#>P}HV zJ8OVZM46$ghEw^Zkz)t0m73vN!4J4523d{+Y^mxk^8AWBv~A~gqcLkcV178~FN-GQ zv9csqLk0t?;b6q`J;CIccYUx$XN?d0OYB6ROmQ8uU@Ir)r!L1cvTa>P@Hk}c0IGr9 z)7|csQ4nL4e@&0zRo(_8+|MZ&s$LAzq0OLru=iY7o9r2nSstKRM+p2q0m4c#)7wGj zJ5?=(|A07WFf@Jt85fw`nT1kj>2&7msm#^y?v*N_&RqPZic1snz#mqfY=AP-y z15=p?#LPod=AnUo*V7zWg_yHsflD>n7#Or(+kWu#KIu@$KR(heZtsz{_bhN+!JYco zmX59(J1Q;PEaq>K^0x$V_CE0&4m9viJzU)^>CdHINDF2b!UZgUsgz$G%q=B%uc8%F z(VAdMl^i&o-#C@uDCV!1^4G)l+YOck;7iV&3YG)_w_yNI%kCOFFt#?}S|!?6OE%g> zLv~=0ouNqDtc3NHq?yD&`Vp=uN zY?`}UbuorM1RGHU$6ZmVGW4$&44m+BQ!`|YCIysRnbp90N=`|52AK7t^}ZUj1$ScC zW$oNQo6?^mEa^{qOc&)3`i-QqZP&Ld_=r7^Vxh=$C8T?YU%@}j2}4yY^t9G}Tix$Q z^j}5{*OYQw{TGM1lB8DfX5`J#ueL8@xTZ|r1$|pq9Iuqkc%__!<*CAckXf^=Fl$D5t2L59xQ1xY5CZ?-0phtco%@?$#-ecG(DgqO zk4Bcij3M{M1GKI@Z)EH9dj}3cu67o}aW_y{A-OA~7ez|~rR$`k#$Z87z|$ZVtRY|D zKa(=cg2-a|#Rq~8*U;{Zk4JveUBR5Pg>0LXTr!;C+cFUDn!R&$#HnvaqpDlUeR$>ava6pe`W`{b}R{6oN&m6 zTkcqqNY+NWWML(erDSZQXsHQU=n`prl&LuVD?Ulic;N?*{U#r0nWo-tu6< zN-&*SBo=4E4;f(4@^yOD5BV|C;*l(#fWwoO;;o&rl+0VZ{CBCj%;G0iGk;2gx50${OagvZPu zUL7o6E)}l{!=)9{(&k|4Dyej1FmH*Jw;D>#VeFVxJlrFL?4sds28)(SMfEbAF4{O% zv{6>Y2J=g${L1P4JErpQ5c30^;bJp@J2BB=yx(V_NOH3_wv%-0#sS{-i3eG7axB- zb8Y}zBhJ3|v)LEn!21d_q(KB!c#e=mT8;6YL3$K zYyX*(*fiPS;qUZ@Z0fyGQ{>t+lqL{DVawoVhyP+`aN!j>mC!cWuxP<%vcZ0K-LoWE zS{5u@8Z0islC2V2vISu0N|y!;i-Vrh1(%f!764epKn4o{+@{*VN4l3vIpxzi)l)gu zVot4;Q#)|z8p7PGrrotu?%IzkvH1M+Ka&m}o2ok|x{pilz3 zj3r~uV#cz8y$e<@dr2_6JXo+EJM0DXYrqVqlA#2^$z_)WvsVNQ*2O)_aO9-~jM)n- zx$LrFK|?TW8Mr@6N5IYkYlB%Os=zdOC=cvkDCS&wW3Y>?z!}WUz2!@?-=M@SveCG% z7p{;B8-m5}HjGV2<+d{uQd6EU|S}^W6P01~J|;8WRF8 zz1zQ9m7fW1g1RSGWdc>P^&nF|K!e*s3ycYQLpSkX@FQD~Xw0%*O|gBrk>*cQg+<5; zs!MbkP97kK9bN(3t5_maE@YDtvg}ckp(6P5vXAl{*H)Z@!1pXfYAI%I12=XB-Kp5GGGBJd71PhWbM}PWyaRK#5 zM(%LobjFe?;O7c4qgu+S9@u-$?z*^t+Fm$iFC4jN?4fsk0ehinub1rg13RETNXwV( zB~W6RGsrh%hc4*MzGQ#F{@R1kJ5T0M6>Srp+a>4rLDO|SNPi*ywX;%5<8;ZUsgg}% z$rh<(i|A~YoXykDT~p3opPNMILCJY=+Ie`&d02F|NX`~4amjRFTK&T6=PQSah&eI_ zc3;ac8{0GfsF+_X<<~B7X(XcnoKGJ#4j#Y0>u})iZ~WC0pFJ`3XJaj*yL`M^bXQIk zh&dZ3ePYhm0L}*63q2Tx#hvarBY$7EZS}AKS)=%dF=>uR9HOVOexD5j=rpCJ2Ea-Dep@dJUoWNSy@S4CJW-pHn z%<4A&6qz)54LKm|3?m22ftvqq$$=JiCKW~!6B8`7)ew`IuhhVThK5Cso7wsJl$g9w z<`tz}SkV&`CZHM+CgUH0Fd4CL+S*&nNvTOt3X47Z(=;St~k=)M6}#2KPiV*8_}_m%qG3K7+oa7*OW8ux-vH(m-N`D$- zLhOtQNnuP#T9^qjo^|xw$FigKieB}n^{1bRdZVYSn2>apk}_STm`p!G@*+F@wUI0I zxg)l&{(ALO?I_ZuROfDyTcK@r(%7kqVq*uq7$0mfIHT%u)^G1m(d21~t$TlJzqQ|{ zj^ih>H+;m7kl57Ne=p@`EBs#o2yJ^T9Qr%mvhX@snWwP=PY5;u zNbtm!gsc$8{p5Ap?hBb^uF9ub6G{Y)C zG&RvC1)XSAWJPplV}PCGh9PW4S|;BBGR>kefl_7Wlg1^iYmD7u%-l+PR8D}ge-F?V zv0%dg00>!6;geIR;1_(%8%o7>mzVEo>xL_Yj=Cp3{3xO!NRuB&`kZ=Fpgs*{q940? z=rpn5`&0+pBD%alHmn&a(n%`NNLNwqM3gzD+J%gr9gleBIx=Q8s;C~P#3b%v-#$1C zr}(hai?%nxdj{y}j%8n26HQcD3e~L;U(svtrOyJA5<0e)&gghzO<}`BHud34(wy86 zwy-vhwvT{!)v05V9>}5s(xU^e75i=DUKy5jpOF70W+}}5DnBwCoSkrZ2p*KQhsHw{ zh9p~(n3OsjHP<|$`_vG~SR!U@kTN!ac~(FB=m>iv ze`o7n2Mk@5Mj<#G*Y?(H_~E6|Q44KfX(yhKM+5QZf+-oy)nJF#E>O0En55QfA}8zH1p-L-&gr zOW?`&*0yn*xU@l9+8|~$pqI0->5-VVLdsh4u3>zixN@Dea@}OJxDp>F+caCE7Fu%jEa{5O6!3CVX0 zx$j(_`|*cRT6aI(gDsg5iDwE7R@ja6@6WvTDRWotvolS1WqXIv-szRAa{1%AH@_Q7 z#kWy=2#cP?hGAa@UL?FlzODn@b#unhVR`Q16^^f)yeHt; zL8oO$Fx53AOr_=pQuF9hNY@XI@UA_Bb#0rcNY8)qEqb%6UX#9ka*qDA6PktEtjF{33 zdUfhS{lnOH>zpNiucsJxagkhk9WjB7jmM4@uz*3hV>?5U)(x!F+0uL~{_Pf*#$GqL%$4&~H`l=VB$SOuCl3<+159#K9dxN`yK@`ZW z#X0uqQ1giK`Q2j~&u^AP)R6H-$B+ic_06a!<09PXL(CrX)CpNmwF%&L;F(#2&~Rn9 zu*wPr2w~t2D*8C0{}$ROvvsiH$usB93^hOX_yF8loP&?f*wP36=Nm6JzUUiic>c`r z8IhI`U2|lr>oUF_cVcF(1n8)h9JL=Enauj&z7OyFEaQU*MaMRHuGm~dzVn*{#(ddQ zEN>Xw-Q(|gxTBr1Q%O7+sa3SDJ%Y9(CeKj|eXxz0JWb5#>4Y38071Cdj9L0-Me~*}DlbW}h0T?Jn7(y*RTSWC%Ig zKM!0CnGB%~`WqhUh4Hx(2e4)^@ojY`g4pv|+38)0Mp^!`PW2?0K5MvaOWl zmH+(ikVm$cqWG}6^bUl}hSHf&KKf$vJXUq0PO^~_^@!RiX|dy#XJ#+IH8=Xqjdy-D z`>k)csH#%mQq$N}yM~OojJOEp=!JPgrC`m^U~l8Da3>58dt_-&e#>k}6V!(G6Ok>i z>{Ebvf#{04AHRZ9XWxDO#?QVxe`Oe(2~xc;T!tN1RdgL$aBG+aw=eY}Z)YcaX(4m? zv%ngBMipX`TPZHWk{iQiyh>FuVeQvpTPym8AwC>PZ?gumBl4TBJ6?KQM(nv}VyY09 zvc23t5!zUStbnWv_sZv3?c`mPXFhoVcO!Qxp=`dx_M4{3Gi2}Wrm-fkCPjUS7hot1 z_1uVhs<(~Hh^vyY8Bs{>==(=j2N?ZaSye?UCH#)ny#zf02@e?ItaVLY^tW- z)Qk^OK{6h2IWDx6Uq+`15SXzy8<9atZ;X$~gBo*)_R@WCK=wVA0}&#}QJ%h|k1hfd zottMy6jKDYA!V|D5t`8;)*)=-v1-d=Z~^N9 zR8-RoVGO(jsb&&%!<_-wT{uPCVaawlU_2~$LwKiaX#>NSKKoxMqrQy1_NgadzN3YJdI%{3L}u{G$k;{1*qTghP z=?aQc4G=Q1S6A*(?f)F(#z;!%L|=Z8_o`NM5(p1oe+!VrLWQ1AR|m_8X?M%;m*6Y z8!Rfwq2jhDNUZP!%bYT>;h3RJgqVq>=VARg#R+L}=2Pvg)URt*rVE^CBQf+*%L8I4 zlL&(}62qX0q0~UV0xs%ca4W7FSY4s$|KaEWbpfA}fLxf_gpgT4c`C>%?1U3S-dtfN zjZM;rwlGqoPDNCOagz*bV%aF^5ak7ER^kBgk-vtT2Gwc?HsX~G1rJ4kg20mmsG}eX z?V@WM^h_wyj(l71N%}q?8}`BhynP~=zDxLJqh8)3+%skKjJah`S4cjZ<)fr&;l_oT6=yWZM%k$`XEGwrYe&_4^uvXOr8)eKmwJ_=h3=B-Y`C$RFRCkKGs=cqIOa znGafbCVCI-NW9WCCavDD*f}*$y|+@X!EcY0g|y1N8B=NyeadMaxGa$;njBIip^0m* z=}D#5TDdZ@U6+s9t4nJ+OKjiOl%~`-rnFmfo6@xLX1%2D(P)3D*2zWs2t7*tQ}~EF zNyXHVMsnN{`!RY=4Wp%!tQvRx0j0*+xRaEc8CN6%{(w?rR?TT$0dHl=239!|#tk2e z&C(1lhcVX1u5}TMT8&TY$kALo?)ptpD=|ICeQu-_7T*fjb6f0sWr(77l{>h?IjL=+ zEy8z^k?=KvBFskFXhoK|I1z`5z$Da$MPL`H^VA|R?o>1u%%2_taTaP}U{2>uHv<8b z(GgalMndM}CFGT|0gL#hDE3VxB(ElFLiv)Ae7}5tcGr0Gc-z(OlMt3aX$TZ;p)>MO z77qw>$+g1nqY>Ms88*0%E?5W6D3>nYNr|}6F{X{Y-TfV>WLoA6WypSJs-@DQu=lgF zekSBpIowf0;4vR@s;9g1yeI*d--JLF+eu&_0S^I2Z>f#gd8@a(ow2-d9BhN~0^dJ_ zcil<2)G<#y>ki3v$FytXlxw5t z+AO&?V}E&Cy1jBbw`wZ4O3ba1a%K*mP+jRoJ;#X=d%5t9Zwy9 z)_?H{F{MOGDfzzP4a4iEH%+wrb2fG&&B~#gmQA_Jfj z)=YHD8?62@Vth$omcX{C*oxZ1ne9(`pFDQ%*g`68MU8DyUF1jyzv`l@V8N=OJY@GC z#n=@K@0SYipK%wCJRlWeNH@;Y;~4JYUK$qkFU#tM}2`Ct|k9#{80x#GDRXrxzYVY@Q*OST zU&XJ+QY*Q~D)>rvC-+wsUrl%DF>}8eJ$4NKW?7L^ZqAwZTlgAPkJW1HFm|gWWVLz^ zTGnG0)?=x+)noDMk>g3yC*;nwBR8hM>$EM?aeO^!@fvvz*7=WSe)93`_@B>?UX|B{ zv2{o41z7Szq{|;u47M&yjxlZV3#*o)esbetnw<Ybz{+b

9iQ|!mG5M!N)`4N2cQfiegfGpOe@dO)ey1V4wFJgI8tk0juq~gboCJgrU6H5cJh3!v!Pz_s zDe|&`|A;GDu?t&`?Xi1Mva!aP9uMWsSf~NIB85lD1Y=KRk;9V+ zfV10k^zcOje@!vc{P+|sRywkE6Y%Q`Uxm^l8%)Xy4N`i*aSh*$?evEIxtIzt6!G?g z?xT$@#`6(6mDwwTGK-ZN*{?y)fJLTH-_#R>_2*zxnR-6e70f6J7GV8Y^n@!*DztV0 zw5N>~OSb-Ku@=hm*fO%U*rQRiu12XrlhZb?n1I8zk3;Y1h^%*H+QB zU2<*53TpZ5w4Q7B^zfGQ^`gB5>n8&ClHXz}T%L!lI(hKaDGp){0+tO>Q)p8jE4*^@ zU@TgO-L=?L>?^ob`;@Jf%UcmiyIl3OERW1V3v0P7>@;LDZNZ)v1P9G*3$W?jimBX+ ziDQ!|q_ukjxfNpWUMY9)bncx~xp#`Who#)Z*b37@?M>Z+PuIGKHV*mzfGhuyJk!c zSnEY&gJf(7L{279g)FVWNRZZAnb;{4mYI*QVEu6z9k4Gt!sgz$VdEcgFu$jnH{bf= zlMk_Kc>dE1G9raq6Q3)adFDkj>XRIP|2;dlKIpkI{)3qppPLz-n0alW$#dNAKiO1` zFWAF#C$R*2cJy2GufLDr_->)kivR4&{J>>7{_Mr`^Mfz8^qFg_*k8vW_&=;e zGx6SsdXI&S)ZZZ^eO{q_ozRRz@kz|iHs2!xi5miOUb4=a_{@-%J%ZU<@Cl>}3pwQg z-=m%I!aeToIwKI3W1sF82(1dgrdawOpYT(<`%41k`~h+J_Bm=0iP z<4#%XZlHJ@3G5`m1a5LIW-Hcc%`%13G642fPWH_}_Axc~5hM0}58+qz^dAV&E@{Fw z0@n%rD*;-0#++_tH#X)FL{@cyOt1nOAekMAsl}OKEfDgD6U)hyXg$7o_!vBeBfBla zv4j>5VV`4|^+|scHFW;YvZ1So@9p$%5(W?jC+90i7vY1RI^BZNpfdum0a!WR`T*Co z_!;C10@^dktq5q(AXgShbOt%w0Q(DasRQgU$XN&2pAv%YAkFpx@8Iqyd(QO?7;sy- zZoqKPI=DgPa)T>(({;eMROFTgs~hB-)go7ccqz_-qeF%#ThFx)=!2Ybz&L;}imwV( zYzt&=4{$p~ZimF}z{NsJs;(L6KQSDvySNUXxQGE)+-STUi>?7*yNd%unZvo*omba@ z-FYJqvn;xYk$+-1Qa6hH=^3R^;$@jxS&5-s2t5NekH*VPW7mn{P~9-fp=ZBg5Q_sT zc5#YsEtZzYfuXI#yRrX}ZY}m7iagB3Mx0OQJ(V|D|77vG;sw1)FJ3f#n>Z&DO^@4tdj=qpikmA=w!w&0|Bqig^$8#x3ousQ<&{we}1Sv^< zH0*zgCh?4~8D9}iV$tDyn*h-S6q2QsP&}SJZl>s{K+S?aO$XNw0E%9#gcK{$*M64$ z8H>JK((PW*yD2&VMc<=Sg6dT9b3U_B_Io7Vo&|j|8qNVw{Jn@D4%!l}e)+`CiFK4< zgQVNApx>?2(H_U_hZ1d6g|_IGVv5F7#vY5dB99sk5N!p8tW`xfjh&|G@|$qzDzJTx zu7aY=?}0)}mFS-Fwc{%(I(oc*L0?a~15oq^B?QPt9t{Co%qz&&f#(3A`0_iWkSZm5 z%q!TdqfR9ltv(C8H`?Bq5(EcY}`A354B*8q+7FqS49a3Qi`?Fuy5#X zy1nRc70fs5u%EaBB4ZxkA|78h?xs93PHGqQwUi|Q<%rQ54tY3Qho;ZI@!4*Qe?Zb5 zSkN1E2T%|}N^uZ_Arfd+dS>Os+6mV2>m}WKN^*oHIl_`)fJDNgDT>B5Z#I*<9)OCF z-z!<;hkXpf^oHRL7&bVPmmI9iiUZV6s6;LkME*Z;LSHI=u4>802Cj68xGkD zyoG+|RPas%K7u>gH)Y5Z4SB&-`*S51O2pKBDK#G>)s)M?b&HkMvgaKa9kg3#+Mp?r zzFM?YNR|qGr3x5472j3PS3bIYonj0g*F+C1UIUhDmOkcbqiAW8EKLDR6MK5ze9=5; z4i{93ZQ3OEU8rOMF?k2lV*)hUt(3na7_gLwvs)@!mPwXn0n4&*K$&P+Dp{5WEK9=y z#bRVfxWoaP{Ev#3`z6c$0n7a?a-^XP^^wkGJ^Cf}?QfJ0j&^m-6?Q$336XEtaVE>t zyPn!Lv~=XY@s@#IqOndg)&(Nx!g|h_A28(kNL%+0o3>RRzQZtehw<=w^VB9C;QtHq CaaMx> literal 0 HcmV?d00001 diff --git a/config.py b/config.py new file mode 100644 index 0000000..b8dfd15 --- /dev/null +++ b/config.py @@ -0,0 +1,31 @@ +import os +from dotenv import load_dotenv +from datetime import timedelta + +load_dotenv() + +class Config: + SECRET_KEY = os.environ.get('SECRET_KEY') or 'dev-secret-key-for-testing-only' + JWT_SECRET_KEY = os.environ.get('JWT_SECRET_KEY') or 'jwt-secret-key-for-development' + JWT_ACCESS_TOKEN_EXPIRES = timedelta(hours=int(os.environ.get('JWT_ACCESS_TOKEN_EXPIRES', 1))) + JWT_REFRESH_TOKEN_EXPIRES = timedelta(days=int(os.environ.get('JWT_REFRESH_TOKEN_EXPIRES', 7))) + + SQLALCHEMY_DATABASE_URI = f"mysql+pymysql://{os.environ.get('DB_USER', 'dev_user')}:{os.environ.get('DB_PASSWORD', 'dev_password')}@{os.environ.get('DB_HOST', 'localhost')}:{os.environ.get('DB_PORT', '3306')}/{os.environ.get('DB_NAME', 'partner_alignment_dev')}" + SQLALCHEMY_TRACK_MODIFICATIONS = False + + CORS_ORIGINS = os.environ.get('CORS_ORIGINS', 'http://localhost:5000,http://127.0.0.1:5000').split(',') + + # Authentication settings + ENABLE_REGISTRATION = os.environ.get('ENABLE_REGISTRATION', 'True').lower() == 'true' + DEFAULT_ROLE = os.environ.get('DEFAULT_ROLE', 'user') + SESSION_TIMEOUT = int(os.environ.get('SESSION_TIMEOUT', 3600)) + + # Security settings + BCRYPT_LOG_ROUNDS = int(os.environ.get('BCRYPT_LOG_ROUNDS', 12)) + + # Email settings (optional) + MAIL_SERVER = os.environ.get('MAIL_SERVER') + MAIL_PORT = int(os.environ.get('MAIL_PORT', 587)) + MAIL_USE_TLS = os.environ.get('MAIL_USE_TLS', 'True').lower() == 'true' + MAIL_USERNAME = os.environ.get('MAIL_USERNAME') + MAIL_PASSWORD = os.environ.get('MAIL_PASSWORD') diff --git a/instance/partner_alignment.db b/instance/partner_alignment.db new file mode 100644 index 0000000000000000000000000000000000000000..a7629cdac5ebf65936d793ff9e137aa64a60debb GIT binary patch literal 40960 zcmeI)&2Q6Y90zba4$TXq9vf8-Qz!Sp+N`uBDWSk5M(7Mgl$3_BjS1wrjaeh|M(i?r zTGcY>iiVhgim^_B1dI)+nAo5y<|QoVeDjflDRO|k%YDIf-KpxbhV_N zX&+y=hX0pw*tRqE8~LC4TWgwDZ+EuY|FUhjU#s>u#329y2tWV=|7U>_$!>FXcCx3A zXmVd%i7IJ1qa~E2CiTl{xi1!vX+sr*j;^p6h=@WYu(MkfDrON{oQ_yj2!XaEq;&Nl%=$NsY)UJ8AaBVs6;ONZF9nQuv$u!maHoXQZQw677@wkC|T7nK(?VYH6I1^Q---j8bSMQ~5^wNs63FDwR9S zLVM5?MA5stWt<>R_sD9i-fN7K(~ETRrLL=#T4ie7QoKgX);_%BUedFv{h3(0$VBTL z_f-yeR1R;d9QIcX$5e?n$_Yi-+0)Z4210a$ix2n_jkUQN8rVKe3fptHp!VDuPO zuU>SuY5%t@xOOQCITkNO9q=cN5KU6XUrY-CVKb?M@pSn(#Gc(!oFJ~W| z$<3TMVguES_jYXA)Ms%ru8pm0TN@n#Ihu$i^*`m+&p&va|KU4Qdj96%<%Q=|!`sA3qb~$_h-0bKR z`m=yD-{!_XpZ_NR86qHwG@lYjStUW zzhD%Zy*iV>an6Y3PhZVH`rb%q?~mnf-YcfFQxE6UH@+r6dN9(xY^lhZujYoY6pPGF z-p%Qe+~lXZOJhcQzDPYjUq2&{UP~hnz5geJ{$YXu1Rwwb2tWV=5P$##AOHafK;Q)y z(8vGd4>SDl{2l%jNnnBi1Rwwb2tWV=5P$##AOHafKwwz{uUl;l8N-idYmR5Q|F!j; zjUmGovTUtU2~W1XVX-k}*g*@sU^u}=;|nqqzGhb6w1urXN+8LI&;OUzq{s{b2tWV= z5P$##AOHafKmY;|Sdjv_|6h^KhDt*K0uX=z1Rwwb2tWV=5P$##mL)*P|HtqDmqmum Z5P$##AOHafKmY;|fB*y_0D%=J@E`NEbSwY> literal 0 HcmV?d00001 diff --git a/migrate_db.py b/migrate_db.py new file mode 100644 index 0000000..c9492a6 --- /dev/null +++ b/migrate_db.py @@ -0,0 +1,17 @@ +#!/usr/bin/env python3 +""" +資料庫遷移腳本 - 添加 DepartmentCapability 表 +""" + +from simple_app import app, db, DepartmentCapability + +def migrate(): + with app.app_context(): + # 創建新表(如果不存在) + db.create_all() + print("✓ 資料庫表已更新") + print("✓ DepartmentCapability 表已創建") + +if __name__ == '__main__': + migrate() + print("\n資料庫遷移完成!") diff --git a/partner alignment SDD-2.txt b/partner alignment SDD-2.txt new file mode 100644 index 0000000..c2c50a6 --- /dev/null +++ b/partner alignment SDD-2.txt @@ -0,0 +1,2667 @@ +٦t - n]p (SDD) v2.0 +׭qO + ק ܧ󤺮e 1.0 2025-10-15 - 쪩SDDإ 2.0 2025-10-15 - sWvɥ\Pv޲zt +? v2.0 sW\෧ +1. vɻO +* ӤHnY +* ƦWʤp +* ıvɱƦ] +* Nt +* nͶչϪ +2. v޲zt +* Th[c]Wź޲z/޲z/ϥΪ̡^ +* ϥΪ̻{һPv +* Ӳɫv +* ާ@xl +* wSession޲z + +1. T +: 2.0 +̫s: 2025~10 +󪬺A: ׭q +M: ޲zt + +2. Kn +2.1 Mץؼ +إߤ@M㪺٦OP޲zxAzLıƩԤ²ƯOy{AþXSTAR^XBCƿnvɨtλPv޲zAɲ´H~oiP޲zIJvC +2.2 ֤߻ȥDi +* IJv: Ԧާ@50%HWɶ +* cƦ^X: STARج[TO^X~Pilܩ +* CƿEy: ?? vɱƦWPʤܫPi}v +* wޱ: ?? 㪺v޲zTOƦw +* X: 㪺ƤRPץX\ +2.3 䦨\ +* v30% +* ^X~зǤƹF90% +* tΨϥβvF80%HW +* ΤᬡD״40%]CƿEy^ +* wƥso͡]v޲z^ + +3. tά[c]p +3.1 ޳N[c +zwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwww{ +x eݼh (Presentation) x +x HTML5 + Bootstrap 5 + JavaScript x +x + Chart.js (Ϫ) + ʺAO x +|wwwwwwwwwwwwwswwwwwwwwwwwwwwwwwwwwwwwwwww} + x HTTP/REST API + JWT Token +zwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwww{ +x μh (Application) x +x Python Flask + SQLAlchemy x +x + Flask-Login ({) x +x + Flask-JWT-Extended (Token) x +x + v˹ (Authorization) x +|wwwwwwwwwwwwwswwwwwwwwwwwwwwwwwwwwwwwwwww} + x ORM +zwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwww{ +x Ƽh (Data) x +x MySQL 5.7+ / 8.0+ x +x + Τ{Ҫ + v x +|wwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwww} +3.2 tΤh +3.2.1 eݼh]sW\^ +* ¾d: ϥΪ̤B޿BƮiܡBYɻO +* ޳N﫬: +o Bootstrap 5: TUIج[ +o JavaScript: ԥ\B +o Chart.js: nͶչϪPƦWı +o Counter.js: ƦrʵeĪG +o HTML5 Drag & Drop API: OԤ +* Ҳ: +o app.js: uƻPAPIqT +o assessment.js: O޿ +o admin.js: x޲z޿ +o dashboard.js: ?? ӤHOPvɱƦW +o auth.js: ?? nJ/nX/v +3.2.2 μh]sW\^ +* ¾d: ~޿BƳBzBAPIѡB{ұv +* ޳N﫬: +o Flask 2.x: qWebج[ +o SQLAlchemy: ORMƮwHh +o Flask-Login: ΤSession޲z +o Flask-JWT-Extended: Token{ +o Flask-Bcrypt: KX[K +o Flask-CORS: ШDBz +o pandas + openpyxl: ƶץX +* w: +o ܼƺ޲zӷPT +o CORS쭭 +o JһPSQL`J@ +o ~Bz +o KX]Bcrypt^ +o JWT Token{ +o vˬd˹ +o ާ@xO +3.2.3 Ƽh]sW\^ +* ¾d: ƫ[ơBduơBvƺ޲z +* ޳N﫬: MySQL 5.7+ / 8.0+ +* S: +o ưȳBzOҸƤ@P +o uƬd߮į +o JSONxsuʸ +o Τ{Ҹƥ[Kxs +o vpdu + +4. Ʈw]p]tsW^ +4.1 ERYϡ]v2.0^ +zwwwwwwwwwwwwww{ zwwwwwwwwwwwwww{ zwwwwwwwwwwwwww{ +x users xwwwwwwx user_roles xwwwwwwx roles x +x (Τ) x M:N x (Τᨤ) x M:N x () x +|wwwwwwswwwwwww} |wwwwwwwwwwwwww} |wwwwwwswwwwwww} + x x + x x M:N + x zwwwwwwwwwwwwww{ + x xrole_permissionsx + x x (v) x + x |wwwwwwswwwwwwww} + x x + x zwwwwwwwwwwwwww{ + x x permissions x + x x (v) x + x |wwwwwwwwwwwwwww} + x + uwwwwwwwwwwwww{ + x x + zwwwwwww{ zwwwwwwwwwwww{ zwwwwwwwwwwwwwwwwww{ + x audit_ x x assessments x x capabilities x + x logs x x (O) x x (O) x + x(x) x |wwwwwwwwwwwww} |wwwwwwwwwwwwwwwwww} + |wwwwwwww} + x + +zwwwwwwwwwwwwwwwww{ zwwwwwwwwwwwwwwwwww{ +x star_feedbacks xwwwww?x employee_points x +x (STAR^X) x x (un) x +|wwwwwwwwwwwwwwwww} |wwwwwwwwwwswwwwwww} + x x + x + x zwwwwwwwwwwwwwwwwww{ + |wwwwwwwwwwwwww?x monthly_rankings x + x (ױƦW) x + |wwwwwwwwwwwwwwwwww} +4.2 sWƪc +4.2.1 users (Τ) ?? +W ƫO id INT D PK, AUTO_INCREMENT username VARCHAR(50) ΤW NOT NULL, UNIQUE email VARCHAR(100) qll NOT NULL, UNIQUE password_hash VARCHAR(255) KX NOT NULL full_name VARCHAR(100) umW NOT NULL department VARCHAR(100) NOT NULL position VARCHAR(100) ¾ NOT NULL employee_id VARCHAR(50) us UNIQUE is_active BOOLEAN bA DEFAULT TRUE last_login_at DATETIME ̫nJɶ NULL created_at DATETIME إ߮ɶ DEFAULT CURRENT_TIMESTAMP updated_at DATETIME sɶ ON UPDATE CURRENT_TIMESTAMP ޵: +* idx_username: (username) UNIQUE +* idx_email: (email) UNIQUE +* idx_department: (department) +* idx_employee_id: (employee_id) UNIQUE +KXWh: +* ̤8r +* ]tjpgr +* ]tƦr +* ]tSŸ +4.2.2 roles () ?? +W ƫO id INT D PK, AUTO_INCREMENT name VARCHAR(50) W NOT NULL, UNIQUE display_name VARCHAR(100) ܦW NOT NULL description TEXT ⻡ NULL level INT h NOT NULL is_active BOOLEAN O_ҥ DEFAULT TRUE created_at DATETIME إ߮ɶ DEFAULT CURRENT_TIMESTAMP w]: +INSERT INTO roles (name, display_name, description, level) VALUES +('super_admin', 'Wź޲z', 'tγ̰vAi޲zҦ\PΤ', 100), +('admin', '޲z', '޲zvAi޲zΤP', 50), +('user', '@ϥΪ', '򥻨ϥvAidݭӤHƻPƦW', 10); +hŻ: +* Level 100: Wź޲z +* Level 50: ޲z +* Level 10: @ϥΪ +4.2.3 permissions (v) ?? +W ƫO id INT D PK, AUTO_INCREMENT name VARCHAR(100) vW NOT NULL, UNIQUE display_name VARCHAR(100) ܦW NOT NULL resource VARCHAR(50) 귽 NOT NULL action VARCHAR(50) ʧ@ NOT NULL description TEXT v NULL created_at DATETIME إ߮ɶ DEFAULT CURRENT_TIMESTAMP vRWWd: resource:action +* d: user:create, assessment:read, report:export +w]vM: +-- Τ޲zv +INSERT INTO permissions (name, display_name, resource, action, description) VALUES +('user:create', 'إߥΤ', 'user', 'create', 'إ߷sΤb'), +('user:read', 'dݥΤ', 'user', 'read', 'dݥΤ'), +('user:update', 'sΤ', 'user', 'update', 'sΤ'), +('user:delete', 'RΤ', 'user', 'delete', 'RΤb'), +('user:manage_roles', '޲z', 'user', 'manage_roles', 'tΤᨤ'), + +-- ޲zv +('assessment:create', 'إߵ', 'assessment', 'create', 'إ߯O'), +('assessment:read', 'dݵ', 'assessment', 'read', 'dݵ'), +('assessment:read_all', 'dݩҦ', 'assessment', 'read_all', 'dݩҦ'), +('assessment:update', 's', 'assessment', 'update', 's'), +('assessment:delete', 'R', 'assessment', 'delete', 'RO'), + +-- STAR^Xv +('feedback:create', 'إߦ^X', 'feedback', 'create', 'إSTAR^X'), +('feedback:read', 'dݦ^X', 'feedback', 'read', 'dݦ^X'), +('feedback:read_all', 'dݩҦ^X', 'feedback', 'read_all', 'dݩҦ^X'), + +-- ƦWv +('ranking:read', 'dݱƦW', 'ranking', 'read', 'dݭӤHƦW'), +('ranking:read_department', 'dݳƦW', 'ranking', 'read_department', 'dݳƦW'), +('ranking:read_all', 'dݩҦƦW', 'ranking', 'read_all', 'dݥqƦW'), +('ranking:calculate', 'pƦW', 'ranking', 'calculate', 'IJoƦWp'), + +-- v +('report:export', 'ץX', 'report', 'export', 'ץXƳ'), +('report:export_all', 'ץXҦ', 'report', 'export_all', 'ץXq'), + +-- tκ޲zv +('system:config', 'tγ]w', 'system', 'config', 'קtγ]w'), +('system:logs', 'dݤx', 'system', 'logs', 'dݨtξާ@x'), +('system:backup', 'Ƴƥ', 'system', 'backup', 'Ƴƥ'); +4.2.4 role_permissions (vp) ?? +W ƫO id INT D PK, AUTO_INCREMENT role_id INT ID FK roles.id permission_id INT vID FK permissions.id created_at DATETIME إ߮ɶ DEFAULT CURRENT_TIMESTAMP ޵: +* unique_role_permission: (role_id, permission_id) UNIQUE +* idx_role_id: (role_id) +* idx_permission_id: (permission_id) +w]vtm: +# Wź޲z: Ҧv +super_admin_permissions = [Ҧv] + +# ޲z: ޲zv +admin_permissions = [ + 'user:read', 'user:update', + 'assessment:create', 'assessment:read', 'assessment:read_all', + 'assessment:update', 'assessment:delete', + 'feedback:create', 'feedback:read', 'feedback:read_all', + 'ranking:read', 'ranking:read_department', 'ranking:read_all', + 'report:export' +] + +# ϥΪ: 򥻬dv +user_permissions = [ + 'assessment:read', + 'feedback:read', + 'ranking:read' +] +4.2.5 user_roles (Τᨤp) ?? +W ƫO id INT D PK, AUTO_INCREMENT user_id INT ΤID FK users.id role_id INT ID FK roles.id assigned_by INT tID FK users.id, NULL assigned_at DATETIME tɶ DEFAULT CURRENT_TIMESTAMP ޵: +* unique_user_role: (user_id, role_id) UNIQUE +* idx_user_id: (user_id) +* idx_role_id: (role_id) +~ȳWh: +* @ӥΤi֦hӨ +* vҦ⪺p +* w]sΤ۰ʤt user +4.2.6 audit_logs (ާ@x) ?? +W ƫO id INT D PK, AUTO_INCREMENT user_id INT ΤID FK users.id, NULL action VARCHAR(100) ާ@ʧ@ NOT NULL resource_type VARCHAR(50) 귽 NOT NULL resource_id INT 귽ID NULL details JSON ާ@Ա NULL ip_address VARCHAR(45) IP} NULL user_agent VARCHAR(255) ΤNz NULL status ENUM A 'success', 'failed' error_message TEXT ~T NULL created_at DATETIME إ߮ɶ DEFAULT CURRENT_TIMESTAMP ޵: +* idx_user_id: (user_id) +* idx_action: (action) +* idx_created_at: (created_at) +* idx_resource: (resource_type, resource_id) +Oާ@: +* login: nJ +* logout: nX +* create: إ߸귽 +* read: dݸ귽 +* update: s귽 +* delete: R귽 +* export: ץX +* permission_change: vܧ +4.3 즳ƪs +4.3.1 employee_points (un) - sW +sW: +W ƫO user_id INT pΤID FK users.id, NULL department_rank INT ƦW NULL department_percentile DECIMAL(5,2) ʤ NULL total_rank INT `ƦW NULL total_percentile DECIMAL(5,2) `ʤ NULL ʤp⻡: +# ʤ = (ӹLH / `H) 100 +# Ҧp: 10HAƦW3 +# department_percentile = (7 / 10) 100 = 70.00 +# ܳӹL70%P +4.3.2 star_feedbacks (STAR^X) - sW +sW: +W ƫO evaluator_user_id INT ̥ΤID FK users.id, NULL evaluatee_user_id INT ̥ΤID FK users.id, NULL +5. ?? vɥ\]p +5.1 ӤHO (Dashboard) +5.1.1 \෧z +: /dashboard +v: ҦwnJΤ +sWv: ɡ]CJɭp^ +5.1.2 OG +zwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwww{ +x ?? w^ӡAiTI ̫nJ: 10/15 x +uwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwt +x x +x zwwwwwwwwwwwwww{ zwwwwwwwwwwwwww{ zwwwwwwwwwwwwww{ x +x x `n x x ƦW x x sW x x +x x x x x x x x +x x 450 pts x x #3 / 15 x x +80 pts x x +x x x x x x x x +x x ?? Top 20% x x ӹL 80% x x ?? +21% x x +x |wwwwwwwwwwwwww} |wwwwwwwwwwwwww} |wwwwwwwwwwwwww} x +x x +uwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwt +x nͶ x +x zwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwww{ x +x x x x +x x ?? [u: Lh6ӤnͶ] x x +x x x x +x |wwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwww} x +uwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwt +x Ʀ] (Top 10) x +x zwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwww{ x +x x ƦW mW n x x +x x ?? 1 580 ????? x x +x x ?? 2 | 520 ??? x x +x x ?? 3 iT 450 ?? (A) x x +x x 4 420 x x +x x 5 ... x x +x |wwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwww} x +uwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwt +x ̪񦬨쪺^X (̷s5) x +x zwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwww{ x +x x 10/14 | D | ????? | "MץIuq..." x x +x x 10/10 | gz | ???? | "ζX@}n..." x x +x x ... x x +x |wwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwww} x +|wwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwww} +5.1.3 ֤߫л +1. `n (Total Points) +* : ֿn`n +* p: ҦSTAR^Xn`M +* CsX: +o ?? : Top 20% (uq) +o ?? : 21-50% (}n) +o ?? : 51-80% (q) +o ?? : Bottom 20% (ݧVO) +2. ƦW (Department Rank) +* : #eƦW / `H +* ʤ: ӹLX%P +* p⤽: +department_percentile = ((total_count - rank) / total_count) 100 +# Ҧp: 15HƦW3 +# percentile = ((15 - 3) / 15) 100 = 80% +3. sWn +* : ֿnn +* Ͷ: PWʤܤ +* ϥ: +o ?? W +o ?? U +o ?? +5.1.4 t +n: + W yz ?? P 1W nax ?? ȵP 2W nȭx ?? ɵP 3W nux ?? y{ Top 10% e10% ? uq{ Top 20% e20% ?? sӤ s3Ӥ1 ?? ʤ o510 V~ ?? iBP W>50% ֳt N: + W yz ?? F o^X XĤ@B ?? s6Ӥ릳^X { ?? ζP 󳡪^X X@ ?? 5LųO oi 5.2 vɱƦ] +5.2.1 \෧z +: /leaderboard +v: ҦwnJΤ +zﶵ: +* qƦW +* ƦW +* ױƦW +* ~ױƦW +5.2.2 Ʀ]]p +zwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwww{ +x ?? vɱƦ] x +uwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwt +x z: [q] [롿] [޳N] ?? jM x +uwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwt +x x +x zwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwww{ x +x x ?? ax x x +x x zwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwww{ x x +x x x ?? (޳N - `u{v) x x x +x x x ?? 580 n x x x +x x x ????? ӹL 98% P x x x +x x |wwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwww} x x +x |wwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwww} x +x x +x zwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwww{ x +x x ƦW mW ¾ n ʤ x x +x x wwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwww x x +x x ?? 1 ޳N `u{v 580 98% ????x x +x x ?? 2 | ~ȳ ~ȸgz 520 96% ???x x +x x ?? 3 iT ޳N u{v 450 94% ?? x x +x x 4 ޳N u{v 420 92% ? x x +x x 5 ]C H곡 M 380 90% x x +x x ... x x +x x 42 A ޳N u{v 150 45% x x +x x ... x x +x |wwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwww} x +x x +x [1] [2] [3] ... [10] U@ x +|wwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwww} +5.2.3 ʥ\ +IƦW: +* ܸӭuԲӿnG +* dݳ̪STAR^X +* nͶչϪ +ƦWܤ: +* VWbY: ƦWW +* VUbY: ƦWU +* ?? Ǧu: ƦW +* ?? Ŧ: si] +ƦWWh: +1. nDZƦC +2. nۦPɫ̪^XɶƧ +3. snܱƦWAܬu|v +4. idݡuvBuuvBu~vBu`nv +5.3 ʤp޿ +5.3.1 ʤp +def calculate_department_percentile(user_id, department): + """ + pΤbʤƦW + + Args: + user_id: ΤID + department: W + + Returns: + dict: { + 'rank': ƦW, + 'total': `H, + 'percentile': ʤ, + 'better_than_count': ӹLH + } + """ + # 1. d߳Ҧun + employees = db.session.query(EmployeePoints)\ + .filter_by(department=department)\ + .filter(EmployeePoints.total_points > 0)\ + .order_by(EmployeePoints.total_points.desc())\ + .all() + + total_count = len(employees) + + # 2. ΤƦW + user_rank = None + for idx, emp in enumerate(employees, start=1): + if emp.user_id == user_id: + user_rank = idx + break + + if user_rank is None: + return { + 'rank': 0, + 'total': total_count, + 'percentile': 0.0, + 'better_than_count': 0 + } + + # 3. pʤ + better_than_count = total_count - user_rank + percentile = (better_than_count / total_count * 100) if total_count > 0 else 0 + + return { + 'rank': user_rank, + 'total': total_count, + 'percentile': round(percentile, 2), + 'better_than_count': better_than_count + } + +# ϥνd +result = calculate_department_percentile(user_id=1, department="޳N") +print(f"ƦW: #{result['rank']} / {result['total']}") +print(f"ӹL {result['percentile']}% P") +print(f"ӹL {result['better_than_count']} H") +5.3.2 qʤp +def calculate_total_percentile(user_id): + """ + pΤbqʤƦW + + Returns: + dict: qƦWT + """ + # dߩҦun + all_employees = db.session.query(EmployeePoints)\ + .filter(EmployeePoints.total_points > 0)\ + .order_by(EmployeePoints.total_points.desc())\ + .all() + + total_count = len(all_employees) + + # ΤƦW + user_rank = None + for idx, emp in enumerate(all_employees, start=1): + if emp.user_id == user_id: + user_rank = idx + break + + if user_rank is None: + return { + 'rank': 0, + 'total': total_count, + 'percentile': 0.0, + 'tier': 'unranked' + } + + # pʤPh + better_than_count = total_count - user_rank + percentile = (better_than_count / total_count * 100) if total_count > 0 else 0 + + # P_h + if percentile >= 80: + tier = 'top_20' # y 20% + elif percentile >= 50: + tier = 'top_50' # e 50% + elif percentile >= 20: + tier = 'middle' # q + else: + tier = 'bottom_20' # 20% + + return { + 'rank': user_rank, + 'total': total_count, + 'percentile': round(percentile, 2), + 'tier': tier + } +5.3.3 wsƦW +# wɥ: CpɧsƦWPʤ +from apscheduler.schedulers.background import BackgroundScheduler + +def update_all_rankings(): + """sҦuƦWPʤ""" + try: + # 1. sƦW + departments = db.session.query(EmployeePoints.department)\ + .distinct().all() + + for (dept,) in departments: + employees = db.session.query(EmployeePoints)\ + .filter_by(department=dept)\ + .filter(EmployeePoints.total_points > 0)\ + .order_by(EmployeePoints.total_points.desc())\ + .all() + + total = len(employees) + for rank, emp in enumerate(employees, start=1): + better_than = total - rank + percentile = (better_than / total * 100) if total > 0 else 0 + + emp.department_rank = rank + emp.department_percentile = round(percentile, 2) + + # 2. sqƦW + all_employees = db.session.query(EmployeePoints)\ + .filter(EmployeePoints.total_points > 0)\ + .order_by(EmployeePoints.total_points.desc())\ + .all() + + total = len(all_employees) + for rank, emp in enumerate(all_employees, start=1): + better_than = total - rank + percentile = (better_than / total * 100) if total > 0 else 0 + + emp.total_rank = rank + emp.total_percentile = round(percentile, 2) + + db.session.commit() + print(f"? ƦWs: {total} u") + + except Exception as e: + db.session.rollback() + print(f"? ƦWs: {str(e)}") + +# Ұʩwɥ +scheduler = BackgroundScheduler() +scheduler.add_job(update_all_rankings, 'interval', hours=1) +scheduler.start() +5.4 Yɳqt +5.4.1 qIJoɾ +ƥ qe u s^X "?? zӦXXXs^XAoXXnI" ƦWW "?? ߡIzƦWWɦܲXWI" iJeX% "?? ӴΤFIzwiJe10%I" o "? sNGXXX" QWV "?? zƦWUܲXW" C ױƦW "?? ƦWwAzƦWX" 5.4.2 q@ +# qƪ (i@) +class Notification(db.Model): + id = db.Column(db.Integer, primary_key=True) + user_id = db.Column(db.Integer, db.ForeignKey('users.id')) + type = db.Column(db.String(50)) # 'new_feedback', 'rank_up', 'badge' + title = db.Column(db.String(100)) + message = db.Column(db.Text) + is_read = db.Column(db.Boolean, default=False) + created_at = db.Column(db.DateTime, default=datetime.utcnow) + +def send_notification(user_id, notification_type, title, message): + """oeqΤ""" + notification = Notification( + user_id=user_id, + type=notification_type, + title=title, + message=message + ) + db.session.add(notification) + db.session.commit() + + # iXi: EmailBSlackBq + +6. ?? v޲ztγ]p +6.1 {Ҭy{]p +6.1.1 ΤUy{ +ΤUШD + +ҿJ (email榡BKXjסB) + +ˬdΤW/EmailO_wsb + +KX[K (Bcrypt) + +إߥΤO + +۰ʤtu@ϥΪ̡v + +oewl (i) + +^\T +APII: POST /api/auth/register +ШDBody: +{ + "username": "zhangsan", + "email": "zhangsan@company.com", + "password": "SecurePass123!", + "full_name": "iT", + "department": "޳N", + "position": "u{v", + "employee_id": "EMP001" +} +KXҳWh: +import re + +def validate_password(password): + """ + KXj + + Wh: + - ܤ8r + - ]tjgr + - ]tpgr + - ]tƦr + - ]tSŸ + """ + if len(password) < 8: + return False, "KXܤֻݭn8Ӧr" + + if not re.search(r'[A-Z]', password): + return False, "KXݥ]tjgr" + + if not re.search(r'[a-z]', password): + return False, "KXݥ]tpgr" + + if not re.search(r'\d', password): + return False, "KXݥ]tƦr" + + if not re.search(r'[!@#$%^&*(),.?":{}|<>]', password): + return False, "KXݥ]tSŸ" + + return True, "KXjײŦXnD" +6.1.2 ΤnJy{ +ΤnJШD (username + password) + +dߥΤO_sb + +ұKX (Bcrypt verify) + +ˬdbA (is_active) + +dߥΤᨤPv + +ͦJWT Token + +s̫nJɶ + +OnJx + +^Token + ΤT +APII: POST /api/auth/login +ШDBody: +{ + "username": "zhangsan", + "password": "SecurePass123!" +} +\^: +{ + "success": true, + "message": "nJ\", + "data": { + "access_token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9...", + "refresh_token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9...", + "token_type": "Bearer", + "expires_in": 3600, + "user": { + "id": 1, + "username": "zhangsan", + "email": "zhangsan@company.com", + "full_name": "iT", + "department": "޳N", + "position": "u{v", + "roles": ["user"], + "permissions": ["assessment:read", "feedback:read", "ranking:read"] + } + } +} +6.1.3 JWT Token]p +Tokenc: +# Access Token (Ĵ1p) +{ + "user_id": 1, + "username": "zhangsan", + "roles": ["user"], + "permissions": ["assessment:read", "feedback:read"], + "exp": 1729000000, # Lɶ + "iat": 1728996400 # ñoɶ +} + +# Refresh Token (Ĵ7) +{ + "user_id": 1, + "type": "refresh", + "exp": 1729601200, + "iat": 1728996400 +} +Token@: +from flask_jwt_extended import ( + JWTManager, create_access_token, create_refresh_token, + jwt_required, get_jwt_identity, get_jwt +) + +jwt = JWTManager(app) + +def generate_tokens(user): + """ͦAccess TokenMRefresh Token""" + + # dzToken payload + additional_claims = { + "roles": [role.name for role in user.roles], + "permissions": get_user_permissions(user), + "department": user.department + } + + # ͦtokens + access_token = create_access_token( + identity=user.id, + additional_claims=additional_claims, + expires_delta=timedelta(hours=1) + ) + + refresh_token = create_refresh_token( + identity=user.id, + expires_delta=timedelta(days=7) + ) + + return { + "access_token": access_token, + "refresh_token": refresh_token, + "token_type": "Bearer", + "expires_in": 3600 + } +6.1.4 Tokensy{ +APII: POST /api/auth/refresh +ШDHeader: +Authorization: Bearer +^: +{ + "access_token": "new_access_token...", + "expires_in": 3600 +} +6.2 vˬd +6.2.1 v˹ +from functools import wraps +from flask import jsonify +from flask_jwt_extended import get_jwt + +def permission_required(*required_permissions): + """ + vˬd˹ + + Ϊk: + @permission_required('user:create', 'user:update') + def create_user(): + ... + """ + def decorator(fn): + @wraps(fn) + @jwt_required() + def wrapper(*args, **kwargs): + # qJWTΤv + jwt_data = get_jwt() + user_permissions = jwt_data.get('permissions', []) + + # ˬdO_֦һv + has_permission = all( + perm in user_permissions + for perm in required_permissions + ) + + if not has_permission: + return jsonify({ + 'success': False, + 'message': 'v', + 'required_permissions': list(required_permissions) + }), 403 + + return fn(*args, **kwargs) + + return wrapper + return decorator + +def role_required(*required_roles): + """ + ˬd˹ + + Ϊk: + @role_required('admin', 'super_admin') + def admin_function(): + ... + """ + def decorator(fn): + @wraps(fn) + @jwt_required() + def wrapper(*args, **kwargs): + jwt_data = get_jwt() + user_roles = jwt_data.get('roles', []) + + has_role = any(role in user_roles for role in required_roles) + + if not has_role: + return jsonify({ + 'success': False, + 'message': 'v', + 'required_roles': list(required_roles) + }), 403 + + return fn(*args, **kwargs) + + return wrapper + return decorator +6.2.2 귽Ҧvˬd +def resource_owner_or_permission(permission): + """ + ˬdO_귽֦̩ξ֦Swv + + Ω: ΤuקۤvơAD޲zv + """ + def decorator(fn): + @wraps(fn) + @jwt_required() + def wrapper(resource_user_id, *args, **kwargs): + current_user_id = get_jwt_identity() + jwt_data = get_jwt() + user_permissions = jwt_data.get('permissions', []) + + # O귽֦ OR ޲zv + is_owner = (current_user_id == resource_user_id) + has_permission = permission in user_permissions + + if not (is_owner or has_permission): + return jsonify({ + 'success': False, + 'message': 'Lvs귽' + }), 403 + + return fn(resource_user_id, *args, **kwargs) + + return wrapper + return decorator + +# ϥνd +@app.route('/api/users//profile', methods=['PUT']) +@resource_owner_or_permission('user:update') +def update_user_profile(user_id): + """sΤ - usۤvΦ޲zv""" + # ... s޿ + pass +6.2.3 Ʀs +def department_access_required(fn): + """ + Ʀs + + Wh: + - @Τ: uݦۤv + - ޲z: iݦۤv޲z + - Wź޲z: iݩҦ + """ + @wraps(fn) + @jwt_required() + def wrapper(*args, **kwargs): + jwt_data = get_jwt() + user_roles = jwt_data.get('roles', []) + user_department = jwt_data.get('department') + + # qШDѼns + request_department = request.args.get('department') or request.json.get('department') + + # Wź޲z: qL + if 'super_admin' in user_roles: + return fn(*args, **kwargs) + + # ޲z: ˬdO_޲z + if 'admin' in user_roles: + managed_departments = get_managed_departments(get_jwt_identity()) + if request_department in managed_departments: + return fn(*args, **kwargs) + + # @Τ: usۤv + if request_department == user_department: + return fn(*args, **kwargs) + + return jsonify({ + 'success': False, + 'message': 'LvsL' + }), 403 + + return wrapper +6.3 vtm +6.3.1 wqPvx} +\Ҳ v @ϥΪ ޲z Wź޲z Τ޲z dݥΤM ? ? () ? () إߥΤ ? ? ? sΤ ? (ۤv) ? () ? () RΤ ? ? ? ޲z ? ? ? O إߵ ? ? ? dݵ ? (ۤv) ? () ? () s ? (ۤv) ? () ? () R ? ? () ? STAR^X إߦ^X ? ? ? dݦ^X ? (ۤv) ? () ? () ƦWt dݭӤHƦW ? ? ? dݳƦW ? () ? () ? () dݥqƦW ? ? ? ʭpƦW ? ? ? ץX ץXӤH ? ? ? ץX ? ? ? ץXq ? ? ? tκ޲z dݨtΤx ? ? ? tγ]w ? ? ? Ƴƥ ? ? ? 6.3.2 vlƸ} +def initialize_roles_and_permissions(): + """lƨPv""" + + # 1. إv + permissions_data = [ + # Τ޲z + ('user:create', 'إߥΤ', 'user', 'create'), + ('user:read', 'dݥΤ', 'user', 'read'), + ('user:update', 'sΤ', 'user', 'update'), + ('user:delete', 'RΤ', 'user', 'delete'), + ('user:manage_roles', '޲z', 'user', 'manage_roles'), + + # ޲z + ('assessment:create', 'إߵ', 'assessment', 'create'), + ('assessment:read', 'dݵ', 'assessment', 'read'), + ('assessment:read_all', 'dݩҦ', 'assessment', 'read_all'), + ('assessment:update', 's', 'assessment', 'update'), + ('assessment:delete', 'R', 'assessment', 'delete'), + + # STAR^X + ('feedback:create', 'إߦ^X', 'feedback', 'create'), + ('feedback:read', 'dݦ^X', 'feedback', 'read'), + ('feedback:read_all', 'dݩҦ^X', 'feedback', 'read_all'), + + # ƦW + ('ranking:read', 'dݱƦW', 'ranking', 'read'), + ('ranking:read_department', 'dݳƦW', 'ranking', 'read_department'), + ('ranking:read_all', 'dݩҦƦW', 'ranking', 'read_all'), + ('ranking:calculate', 'pƦW', 'ranking', 'calculate'), + + # + ('report:export', 'ץX', 'report', 'export'), + ('report:export_all', 'ץXҦ', 'report', 'export_all'), + + # t + ('system:config', 'tγ]w', 'system', 'config'), + ('system:logs', 'dݤx', 'system', 'logs'), + ('system:backup', 'Ƴƥ', 'system', 'backup'), + ] + + permissions = {} + for name, display_name, resource, action in permissions_data: + perm = Permission( + name=name, + display_name=display_name, + resource=resource, + action=action + ) + db.session.add(perm) + permissions[name] = perm + + db.session.flush() + + # 2. إߨ + roles_data = [ + ('super_admin', 'Wź޲z', 'tγ̰v', 100), + ('admin', '޲z', '޲zv', 50), + ('user', '@ϥΪ', '򥻨ϥv', 10), + ] + + roles = {} + for name, display_name, description, level in roles_data: + role = Role( + name=name, + display_name=display_name, + description=description, + level=level + ) + db.session.add(role) + roles[name] = role + + db.session.flush() + + # 3. tv + # Wź޲z: Ҧv + for perm in permissions.values(): + roles['super_admin'].permissions.append(perm) + + # ޲z: ޲zv + admin_perms = [ + 'user:read', 'user:update', + 'assessment:create', 'assessment:read', 'assessment:read_all', + 'assessment:update', 'assessment:delete', + 'feedback:create', 'feedback:read', 'feedback:read_all', + 'ranking:read', 'ranking:read_department', 'ranking:read_all', + 'report:export' + ] + for perm_name in admin_perms: + if perm_name in permissions: + roles['admin'].permissions.append(permissions[perm_name]) + + # @ϥΪ: v + user_perms = [ + 'assessment:read', + 'feedback:read', + 'ranking:read' + ] + for perm_name in user_perms: + if perm_name in permissions: + roles['user'].permissions.append(permissions[perm_name]) + + db.session.commit() + print("? PvlƧ") +6.4 v޲zx +6.4.1 Τ޲z +: /admin/users +vnD: super_admin +zwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwww{ +x ?? Τ޲z x +uwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwt +x [+ sWΤ] ?? jM: [_______] x +x z: [Ҧ] [Ҧ⡿] [A] x +uwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwt +x ? ΤW mW ¾ A ާ@ x +x wwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwww x +x zhangsan iT ޳N u{v user ? [???]x +x lisi | ~ȳ gz admin ? [???]x +x wangwu ޳N ` admin ? [???]x +x zhaoliu H곡 M user ? [???]x +x ... x +uwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwt +x 妸ާ@: [ҥ] [] [R] x +x [1] [2] [3] ... U@ x +|wwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwww} +Τsܮ: +zwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwww{ +x sΤ: iT x +uwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwt +x ΤW: zhangsan x +x lc: zhangsan@company.com x +x mW: iT x +x : [޳N] x +x ¾: [u{v] x +x uID: EMP001 x +x x +x : Wź޲z x +x ? ޲z x +x ? @ϥΪ x +x x +x A: ҥ x +x x +x []KX] x +x x +x [] [xs] x +|wwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwww} +6.4.2 ޲z +: /admin/roles +vnD: super_admin +zwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwww{ +x ?? ޲z x +uwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwt +x [+ sW] x +uwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwt +x W ܦW h A ާ@ x +x wwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwww x +x super_admin Wź޲z 100 ? [???v] x +x admin ޲z 50 ? [???v] x +x user @ϥΪ 10 ? [???v] x +x ... x +|wwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwww} +vtmܮ: +zwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwww{ +x tmv: ޲z x +uwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwt +x ?? Τ޲z x +x user:create إߥΤ x +x ? user:read dݥΤ x +x ? user:update sΤ x +x user:delete RΤ x +x user:manage_roles ޲z x +x x +x ?? ޲z x +x ? assessment:create x +x ? assessment:read x +x ? assessment:read_all x +x ? assessment:update x +x ? assessment:delete x +x x +x ?? STAR^X x +x ? feedback:create x +x ? feedback:read x +x ? feedback:read_all x +x x +x [] [Ͽ] []] x +x x +x [] [xs] x +|wwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwww} +6.4.3 ާ@x +: /admin/audit-logs +vnD: system:logs +zwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwww{ +x ?? ާ@x x +uwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwt +x ɶd: [2025-10-01] [2025-10-15] x +x z: [ҦΤ᡿] [Ҧʧ@] [ҦA] x +x ?? jM: [____________] x +uwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwt +x ɶ Τ ʧ@ 귽 A IP x +x wwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwww x +x 10/15 14:23 iT login - ? 192... x +x 10/15 14:25 iT create assessment ? 192... x +x 10/15 14:30 | update user ? 192... x +x 10/15 14:31 delete feedback ? 192... x +x ... x +uwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwt +x [ץXx] [M¤x] x +x [1] [2] [3] ... U@ x +|wwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwww} +xԱ: +zwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwww{ +x ާ@Ա x +uwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwt +x ɶ: 2025-10-15 14:25:33 x +x Τ: iT (zhangsan) x +x ʧ@: إߵ x +x 귽: assessment #123 x +x A: ? \ x +x IP}: 192.168.1.100 x +x s: Chrome 118.0 x +x x +x ШD: x +x { x +x "department": "޳N", x +x "position": "u{v", x +x "assessment_data": {...} x +x } x +x x +x ^: x +x { x +x "success": true, x +x "assessment_id": 123 x +x } x +x x +x [] x +|wwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwww} +6.5 wWjI +6.5.1 nJw +# nJѭp +class LoginAttempt(db.Model): + id = db.Column(db.Integer, primary_key=True) + username = db.Column(db.String(50)) + ip_address = db.Column(db.String(45)) + attempt_time = db.Column(db.DateTime, default=datetime.utcnow) + success = db.Column(db.Boolean, default=False) + +def check_login_attempts(username, ip_address): + """ + ˬdnJѦ + + Wh: + - 5: w15 + - 10: w1p + - 20: ä[wAݺ޲z + """ + # d̪߳15Ѧ + recent_attempts = LoginAttempt.query.filter( + LoginAttempt.username == username, + LoginAttempt.ip_address == ip_address, + LoginAttempt.success == False, + LoginAttempt.attempt_time >= datetime.utcnow() - timedelta(minutes=15) + ).count() + + if recent_attempts >= 5: + return False, "nJѦƹLhA15A" + + return True, None + +def record_login_attempt(username, ip_address, success): + """OnJ""" + attempt = LoginAttempt( + username=username, + ip_address=ip_address, + success=success + ) + db.session.add(attempt) + db.session.commit() +6.5.2 Session޲z +# Sessionƪ +class UserSession(db.Model): + id = db.Column(db.Integer, primary_key=True) + user_id = db.Column(db.Integer, db.ForeignKey('users.id')) + token_jti = db.Column(db.String(36), unique=True) # JWT ID + ip_address = db.Column(db.String(45)) + user_agent = db.Column(db.String(255)) + created_at = db.Column(db.DateTime, default=datetime.utcnow) + expires_at = db.Column(db.DateTime) + is_active = db.Column(db.Boolean, default=True) + +def revoke_all_user_sessions(user_id): + """MPΤҦSession (Ҧp: KXܧ)""" + UserSession.query.filter_by(user_id=user_id).update( + {'is_active': False} + ) + db.session.commit() + +# JWT TokenMPˬd +@jwt.token_in_blocklist_loader +def check_if_token_revoked(jwt_header, jwt_payload): + jti = jwt_payload['jti'] + session = UserSession.query.filter_by(token_jti=jti).first() + + if not session: + return True # TokensbAwMP + + return not session.is_active # ˬdSessionO_ҥ +6.5.3 ӷPާ@G +def require_password_confirmation(fn): + """ + ӷPާ@ݭnGKX + + AΩ: + - RΤ + - קv + - ץXӷP + """ + @wraps(fn) + @jwt_required() + def wrapper(*args, **kwargs): + # ˬdO_ѱKX + password = request.json.get('confirm_password') + + if not password: + return jsonify({ + 'success': False, + 'message': 'ާ@ݭnKXT{' + }), 401 + + # ұKX + user_id = get_jwt_identity() + user = User.query.get(user_id) + + if not user or not bcrypt.check_password_hash(user.password_hash, password): + return jsonify({ + 'success': False, + 'message': 'KXҥ' + }), 401 + + return fn(*args, **kwargs) + + return wrapper + +# ϥνd +@app.route('/api/users/', methods=['DELETE']) +@permission_required('user:delete') +@require_password_confirmation +def delete_user(user_id): + """RΤ - ݭnKXT{""" + # ... R޿ + pass + +7. APII]p]sPsW^ +7.1 {ҬAPI ?? +POST /api/auth/register +UsΤ +ШDBody: +{ + "username": "zhangsan", + "email": "zhangsan@company.com", + "password": "SecurePass123!", + "full_name": "iT", + "department": "޳N", + "position": "u{v", + "employee_id": "EMP001" +} +^ (201): +{ + "success": true, + "message": "U\", + "user_id": 1 +} +POST /api/auth/login +ΤnJ +ШDBody: +{ + "username": "zhangsan", + "password": "SecurePass123!" +} +^ (200): +{ + "success": true, + "access_token": "eyJhbGci...", + "refresh_token": "eyJhbGci...", + "user": { + "id": 1, + "username": "zhangsan", + "full_name": "iT", + "department": "޳N", + "roles": ["user"], + "permissions": ["assessment:read", "feedback:read"] + } +} +POST /api/auth/logout +ΤnX +ШDHeader: +Authorization: Bearer +^ (200): +{ + "success": true, + "message": "nX\" +} +POST /api/auth/refresh +sToken +ШDHeader: +Authorization: Bearer +^ (200): +{ + "access_token": "new_token..." +} +GET /api/auth/me +eΤT +^ (200): +{ + "id": 1, + "username": "zhangsan", + "email": "zhangsan@company.com", + "full_name": "iT", + "department": "޳N", + "position": "u{v", + "roles": ["user"], + "permissions": ["assessment:read", "feedback:read"], + "last_login_at": "2025-10-15T14:23:00Z" +} +7.2 OAPI ?? +GET /api/dashboard +ӤHO +v: wnJΤ +^ (200): +{ + "user": { + "id": 1, + "full_name": "iT", + "department": "޳N", + "position": "u{v" + }, + "points": { + "total_points": 450, + "monthly_points": 80, + "monthly_change_percent": 21.5 + }, + "department_ranking": { + "rank": 3, + "total": 15, + "percentile": 80.0, + "better_than_count": 12 + }, + "total_ranking": { + "rank": 15, + "total": 120, + "percentile": 87.5, + "tier": "top_20" + }, + "badges": [ + { + "icon": "??", + "name": "y{", + "description": "e10%" + } + ], + "recent_feedbacks": [ + { + "id": 123, + "evaluator_name": "D", + "score": 5, + "points_earned": 50, + "feedback_date": "2025-10-14", + "result_preview": "MץIuqAWVw..." + } + ], + "points_trend": [ + {"month": "2025-05", "points": 320}, + {"month": "2025-06", "points": 350}, + {"month": "2025-07", "points": 380}, + {"month": "2025-08", "points": 410}, + {"month": "2025-09", "points": 420}, + {"month": "2025-10", "points": 450} + ] +} +GET /api/leaderboard +Ʀ] +v: wnJΤ +ШDѼ: +* scope: company | department (w]: company) +* period: total | monthly | yearly (w]: total) +* department: W (scope=department) +* year: ~ (period=monthly/yearly) +* month: (period=monthly) +* page: X (w]: 1) +* per_page: C (w]: 50) +^ (200): +{ + "scope": "company", + "period": "total", + "rankings": [ + { + "rank": 1, + "employee_name": "", + "department": "޳N", + "position": "`u{v", + "total_points": 580, + "percentile": 98.0, + "badges": ["??", "??", "??"], + "rank_change": 0, + "is_current_user": false + }, + { + "rank": 2, + "employee_name": "|", + "department": "~ȳ", + "position": "~ȸgz", + "total_points": 520, + "percentile": 96.0, + "badges": ["??", "??", "?"], + "rank_change": 1, + "is_current_user": false + }, + { + "rank": 3, + "employee_name": "iT", + "department": "޳N", + "position": "u{v", + "total_points": 450, + "percentile": 94.0, + "badges": ["??", "??"], + "rank_change": -1, + "is_current_user": true + } + ], + "total": 120, + "page": 1, + "per_page": 50, + "pages": 3 +} +7.3 Τ޲zAPI ?? +GET /api/admin/users +ΤM +v: user:read +ШDѼ: +* page: X +* per_page: C +* department: z +* role: z +* is_active: Az +* search: jMr +^ (200): +{ + "users": [ + { + "id": 1, + "username": "zhangsan", + "full_name": "iT", + "email": "zhangsan@company.com", + "department": "޳N", + "position": "u{v", + "roles": ["user"], + "is_active": true, + "last_login_at": "2025-10-15T14:23:00Z", + "created_at": "2025-01-01T00:00:00Z" + } + ], + "total": 50, + "page": 1, + "per_page": 20 +} +POST /api/admin/users +إ߷sΤ +v: user:create +PUT /api/admin/users/:user_id +sΤT +v: user:update θ귽֦ +DELETE /api/admin/users/:user_id +RΤ +v: user:delete +ݭn: KXT{ +PUT /api/admin/users/:user_id/roles +sΤᨤ +v: user:manage_roles +ШDBody: +{ + "role_ids": [1, 2], + "confirm_password": "password" +} +7.4 v޲zAPI ?? +GET /api/admin/roles +M +v: super_admin +POST /api/admin/roles +إ߷s +v: super_admin +PUT /api/admin/roles/:role_id/permissions +sv +v: super_admin +ШDBody: +{ + "permission_ids": [1, 2, 3, 5, 8], + "confirm_password": "password" +} +7.5 ާ@xAPI ?? +GET /api/admin/audit-logs +ާ@x +v: system:logs +ШDѼ: +* start_date: }l +* end_date: +* user_id: ΤIDz +* action: ʧ@z +* status: Az +^ (200): +{ + "logs": [ + { + "id": 1, + "user_id": 1, + "username": "zhangsan", + "action": "login", + "resource_type": null, + "resource_id": null, + "status": "success", + "ip_address": "192.168.1.100", + "created_at": "2025-10-15T14:23:00Z" + } + ], + "total": 1000, + "page": 1, + "per_page": 50 +} + +8. eݭs +8.1 sWM + W vnD /login nJ } ΤnJ /register U } sΤU]i^ /dashboard ӤHO wnJ nBƦWBͶ /leaderboard vɱƦ] wnJ q/ƦW /profile ӤH wnJ d/sӤH /admin/users Τ޲z user:read ΤMP޲z /admin/roles ޲z super_admin Pvtm /admin/logs ާ@x system:logs tξާ@O 8.2 ɯs + +

+ +9. pPҰtms +9.1 ܼƧs +.env d: +# Ʈw]w +DB_HOST=localhost +DB_PORT=3306 +DB_NAME=partner_alignment +DB_USER=db_user +DB_PASSWORD=strong_password + +# Flask]w +FLASK_ENV=production +FLASK_DEBUG=False +FLASK_HOST=127.0.0.1 +FLASK_PORT=5000 + +# w]w +SECRET_KEY=your_64_char_random_secret_key_here +JWT_SECRET_KEY=your_64_char_jwt_secret_key_here +JWT_ACCESS_TOKEN_EXPIRES=3600 # 1p +JWT_REFRESH_TOKEN_EXPIRES=604800 # 7 + +# CORS]w +CORS_ORIGINS=https://your-domain.com + +# l]w (Ωq) +MAIL_SERVER=smtp.gmail.com +MAIL_PORT=587 +MAIL_USE_TLS=True +MAIL_USERNAME=your_email@company.com +MAIL_PASSWORD=your_email_password + +# tγ]w +ENABLE_REGISTRATION=False # O_}U +DEFAULT_ROLE=user # sΤw] +SESSION_TIMEOUT=3600 # SessionLɶ() +9.2 lƸ} +init_system.py: +"""tΪlƸ}""" + +from app import create_app, db +from app.models import User, Role, Permission +from flask_bcrypt import Bcrypt + +def init_system(): + """lƨt""" + app = create_app() + bcrypt = Bcrypt(app) + + with app.app_context(): + print("?? }llƨt...") + + # 1. إ߸Ʈw + print("?? إ߸ +Ʈw...") db.create_all() print("? Ʈwإߧ") + # 2. lƨPv + print("?? lƨPv...") + initialize_roles_and_permissions() + print("? PvlƧ") + + # 3. إ߹w]޲zb + print("?? إ߹w]޲z...") + admin_exists = User.query.filter_by(username='admin').first() + + if not admin_exists: + admin_password = 'Admin@123456' # ijnJߧYק + admin_user = User( + username='admin', + email='admin@company.com', + password_hash=bcrypt.generate_password_hash(admin_password).decode('utf-8'), + full_name='tκ޲z', + department='tκ޲z', + position='Wź޲z', + employee_id='ADMIN001', + is_active=True + ) + + # tWź޲z + super_admin_role = Role.query.filter_by(name='super_admin').first() + admin_user.roles.append(super_admin_role) + + db.session.add(admin_user) + db.session.commit() + + print("? w]޲zإߧ") + print(f" ΤW: admin") + print(f" KX: {admin_password}") + print(" ?? ХߧYnJíקKXI") + else: + print("?? ޲zbwsbALإ") + + # 4. lƹw]O + print("?? lƯO...") + init_capabilities() + print("? OتlƧ") + + # 5. إߴոơ]i^ + if app.config.get('TESTING'): + print("?? إߴո...") + create_test_data() + print("? ոƫإߧ") + + print("?? tΪlƧI") + print("\nU@B:") + print("1. ϥ admin/Admin@123456 nJt") + print("2. ߧYק޲zKX") + print("3. إߨL޲z̻PΤb") + print("4. }lϥΨt") +def initialize_roles_and_permissions(): """lƨPv]pewq^""" # ... (Ѧҫe 6.3.2 @) pass +def init_capabilities(): """lƯO""" from app.models import Capability +capabilities_data = [ + { + "name": "{]pP}o", + "l1_description": "༶g򥻵{XA²\}o", + "l2_description": "W߶}oץ\A`sXWdP̨ι", + "l3_description": "]ptά[cAuƵ{įABz޳ND", + "l4_description": "ɹζ޳NVAw}oзǡAi޳Nf", + "l5_description": "W޳NA޻޳NзsAvT´޳NV" + }, + { + "name": "tΤRP]p", + "l1_description": "zѰ򥻻ݨDAѻPݨDQ", + "l2_description": "W߶iݨDRA]p²t", + "l3_description": "BzݨDA]piXitά[c", + "l4_description": "DɤjM׳]pAɹζ[cM", + "l5_description": "w~Ŭ[cзǡAʲ´[cti" + }, + { + "name": "M׺޲z", + "l1_description": "tȡAɦ^i", + "l2_description": "Wߺ޲zpMסAո귽Pɵ{", + "l3_description": "BzMסAѨM󳡪@DAI", + "l4_description": "ɦhӱMסAiM׸gzAuƺ޲zy{", + "l5_description": "wM׺޲zAإPMOtAʲ´" + }, + { + "name": "޳NɻP", + "l1_description": "Dz߷s޳NAɰ򥻸g", + "l2_description": "ɷsHAUζѨMD", + "l3_description": "Dɧ޳NɡAVζAɹζO", + "l4_description": "إߧ޳NζAwVpeAoiH~趤", + "l5_description": "إߧ޳NơAvT´Dzߪ^Ai޳Nɪ" + } +] + +for cap_data in capabilities_data: + existing = Capability.query.filter_by(name=cap_data['name']).first() + if not existing: + capability = Capability(**cap_data) + db.session.add(capability) + +db.session.commit() +def create_test_data(): """إߴոơ]}o/ҥΡ^""" from app.models import User, EmployeePoints, StarFeedback import random from datetime import datetime, timedelta +bcrypt = Bcrypt() + +# إߴեΤ +departments = ['޳N', '~ȳ', 'H곡', ']ȳ'] +positions = ['u{v', '`u{v', 'M', '`M', 'gz'] + +test_users = [] +for i in range(1, 21): # إ20ӴեΤ + username = f'user{i:02d}' + user = User( + username=username, + email=f'{username}@company.com', + password_hash=bcrypt.generate_password_hash('Test@1234').decode('utf-8'), + full_name=f'խu{i:02d}', + department=random.choice(departments), + position=random.choice(positions), + employee_id=f'TEST{i:03d}', + is_active=True + ) + + # t + if i <= 2: + # e2Ӭ޲z + admin_role = Role.query.filter_by(name='admin').first() + user.roles.append(admin_role) + + user_role = Role.query.filter_by(name='user').first() + user.roles.append(user_role) + + db.session.add(user) + test_users.append(user) + +db.session.commit() + +# إߴզ^XPn +for user in test_users: + # إ߭unO + emp_points = EmployeePoints( + user_id=user.id, + employee_name=user.full_name, + department=user.department, + position=user.position, + total_points=0, + monthly_points=0 + ) + db.session.add(emp_points) + + # Hإ3-8^X + num_feedbacks = random.randint(3, 8) + for j in range(num_feedbacks): + evaluator = random.choice(test_users) + score = random.randint(3, 5) + points = score * 10 + + feedback_date = datetime.now() - timedelta(days=random.randint(1, 90)) + + feedback = StarFeedback( + evaluator_user_id=evaluator.id, + evaluator_name=evaluator.full_name, + evaluatee_user_id=user.id, + evaluatee_name=user.full_name, + evaluatee_department=user.department, + evaluatee_position=user.position, + situation=f"ձҴyz{j+1}: MפJ޳NDԻݭnѨM", + task=f"եȻ{j+1}: ݭnbwɶSwؼ", + action=f"զʴyz{j+1}: ĨBJiDRPѨM", + result=f"յG{j+1}: \FؼШo^X", + score=score, + points_earned=points, + feedback_date=feedback_date.date() + ) + db.session.add(feedback) + + # ֥[n + emp_points.total_points += points + emp_points.monthly_points += points + +db.session.commit() + +# sƦW +from app.services import update_all_rankings +update_all_rankings() +if name == 'main': init_system() + +### 9.3 ƮwE} + +**migrations/add_auth_tables.sql**: +```sql +-- Τ +CREATE TABLE IF NOT EXISTS users ( + id INT AUTO_INCREMENT PRIMARY KEY, + username VARCHAR(50) NOT NULL UNIQUE, + email VARCHAR(100) NOT NULL UNIQUE, + password_hash VARCHAR(255) NOT NULL, + full_name VARCHAR(100) NOT NULL, + department VARCHAR(100) NOT NULL, + position VARCHAR(100) NOT NULL, + employee_id VARCHAR(50) UNIQUE, + is_active BOOLEAN DEFAULT TRUE, + last_login_at DATETIME NULL, + created_at DATETIME DEFAULT CURRENT_TIMESTAMP, + updated_at DATETIME DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP, + INDEX idx_username (username), + INDEX idx_email (email), + INDEX idx_department (department), + INDEX idx_employee_id (employee_id) +) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4 COLLATE=utf8mb4_unicode_ci; + +-- +CREATE TABLE IF NOT EXISTS roles ( + id INT AUTO_INCREMENT PRIMARY KEY, + name VARCHAR(50) NOT NULL UNIQUE, + display_name VARCHAR(100) NOT NULL, + description TEXT, + level INT NOT NULL, + is_active BOOLEAN DEFAULT TRUE, + created_at DATETIME DEFAULT CURRENT_TIMESTAMP +) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4 COLLATE=utf8mb4_unicode_ci; + +-- v +CREATE TABLE IF NOT EXISTS permissions ( + id INT AUTO_INCREMENT PRIMARY KEY, + name VARCHAR(100) NOT NULL UNIQUE, + display_name VARCHAR(100) NOT NULL, + resource VARCHAR(50) NOT NULL, + action VARCHAR(50) NOT NULL, + description TEXT, + created_at DATETIME DEFAULT CURRENT_TIMESTAMP, + INDEX idx_resource (resource), + INDEX idx_action (action) +) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4 COLLATE=utf8mb4_unicode_ci; + +-- vp +CREATE TABLE IF NOT EXISTS role_permissions ( + id INT AUTO_INCREMENT PRIMARY KEY, + role_id INT NOT NULL, + permission_id INT NOT NULL, + created_at DATETIME DEFAULT CURRENT_TIMESTAMP, + FOREIGN KEY (role_id) REFERENCES roles(id) ON DELETE CASCADE, + FOREIGN KEY (permission_id) REFERENCES permissions(id) ON DELETE CASCADE, + UNIQUE KEY unique_role_permission (role_id, permission_id), + INDEX idx_role_id (role_id), + INDEX idx_permission_id (permission_id) +) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4 COLLATE=utf8mb4_unicode_ci; + +-- Τᨤp +CREATE TABLE IF NOT EXISTS user_roles ( + id INT AUTO_INCREMENT PRIMARY KEY, + user_id INT NOT NULL, + role_id INT NOT NULL, + assigned_by INT, + assigned_at DATETIME DEFAULT CURRENT_TIMESTAMP, + FOREIGN KEY (user_id) REFERENCES users(id) ON DELETE CASCADE, + FOREIGN KEY (role_id) REFERENCES roles(id) ON DELETE CASCADE, + FOREIGN KEY (assigned_by) REFERENCES users(id) ON DELETE SET NULL, + UNIQUE KEY unique_user_role (user_id, role_id), + INDEX idx_user_id (user_id), + INDEX idx_role_id (role_id) +) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4 COLLATE=utf8mb4_unicode_ci; + +-- ާ@x +CREATE TABLE IF NOT EXISTS audit_logs ( + id INT AUTO_INCREMENT PRIMARY KEY, + user_id INT, + action VARCHAR(100) NOT NULL, + resource_type VARCHAR(50) NOT NULL, + resource_id INT, + details JSON, + ip_address VARCHAR(45), + user_agent VARCHAR(255), + status ENUM('success', 'failed') DEFAULT 'success', + error_message TEXT, + created_at DATETIME DEFAULT CURRENT_TIMESTAMP, + FOREIGN KEY (user_id) REFERENCES users(id) ON DELETE SET NULL, + INDEX idx_user_id (user_id), + INDEX idx_action (action), + INDEX idx_created_at (created_at), + INDEX idx_resource (resource_type, resource_id) +) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4 COLLATE=utf8mb4_unicode_ci; + +-- s employee_points AsWƦW +ALTER TABLE employee_points +ADD COLUMN user_id INT AFTER id, +ADD COLUMN department_rank INT, +ADD COLUMN department_percentile DECIMAL(5,2), +ADD COLUMN total_rank INT, +ADD COLUMN total_percentile DECIMAL(5,2), +ADD FOREIGN KEY (user_id) REFERENCES users(id) ON DELETE SET NULL, +ADD INDEX idx_user_id (user_id), +ADD INDEX idx_department_rank (department, department_rank), +ADD INDEX idx_total_rank (total_rank); + +-- s star_feedbacks AsWΤIDp +ALTER TABLE star_feedbacks +ADD COLUMN evaluator_user_id INT AFTER id, +ADD COLUMN evaluatee_user_id INT AFTER evaluator_name, +ADD FOREIGN KEY (evaluator_user_id) REFERENCES users(id) ON DELETE SET NULL, +ADD FOREIGN KEY (evaluatee_user_id) REFERENCES users(id) ON DELETE SET NULL, +ADD INDEX idx_evaluator_user_id (evaluator_user_id), +ADD INDEX idx_evaluatee_user_id (evaluatee_user_id); + +10. D\ݨD]s^ +10.1 įݨD + ؼЭ Jɶ < 2 ]tOϪV API^ɶ < 500ms 95ʤ õoϥΪ 100+ PɦbuϥΪ̼ Ʈwd < 100ms 榸d߮ɶ ɮ׶ץX < 5 1000ƥH ƦWp < 30 sҦuƦW OJ < 1.5 ]tϪPέp nJ < 200ms JWTҮɶ įuƵ]sW^: +* ƦWƧ֨]Redis^ +* Oƹwp +* ϪƼWqJ +* Tokenҥa֨ +* Session޲z +10.2 wݨD]jơ^ +10.2.1 {Ҧw +? w@: +* BcryptKX[K]]l12^ +* JWT Token{ +* Refresh Token +* Session޲zPMP +* nJw +* IPզW]i^ +10.2.2 vw +? w@: +* 󨤦⪺s]RBAC^ +* Ӳɫvˬd +* 귽Ҧv +* ƹj +* ӷPާ@G +10.2.3 Ʀw +? w@: +* SQL`J@]ѼƤƬdߡ^ +* XSS@]JMz^ +* CSRF@]Tokenҡ^ +* ӷPƥ[K +* ާ@xO +10.2.4 qTw +? w@: +* HTTPSjϥ +* wY]w +* CORS쭭 +* Tokenǿ[K +10.3 iΩʻݨD +ؼ: tΥiΩ ? 99.5% +e]jơ^: +* ƮwDqƻs +* RedisGಾ +* uŵ +* dˬdI +* ۰ʭҾ +ʱ: +* AȥiΩ +* API^ɶ +* Ʈwsu +* Oϥβv +* ~vέp +10.4 i@ʻݨD +{X~]jơ^: +* ҲդƬ[c]p +* ̿`JҦ +* 椸л\v ? 80% +* Xл\֤߬y{ +* {Xfdy{ +󧹾: +* API]Swagger/OpenAPI^ +* [c]p +* pBU +* Gٱưn +* ΤϥΤU +10.5 XiʻݨD +XiO: +* LAAPI]p +* Session~xs]Redis^ +* ƮwŪg +* tŤ䴩 +* LAȤƷdz +ƼWw: + wW OdF Τ 200H/~ ä[Od O 5000/~ ä[Od STAR^X 10000/~ ä[Od ާ@x 100U/~ Od2~ ƦWO 2400/~ Od5~ +11. յ]s^ +11.1 sW +11.1.1 {ұv +class TestAuthentication: + """{ҥ\""" + + def test_login_with_valid_credentials(self): + """: TbKnJ\""" + response = self.client.post('/api/auth/login', json={ + 'username': 'testuser', + 'password': 'Test@1234' + }) + + assert response.status_code == 200 + data = response.get_json() + assert 'access_token' in data + assert 'refresh_token' in data + + def test_login_with_invalid_password(self): + """: ~KXnJ""" + response = self.client.post('/api/auth/login', json={ + 'username': 'testuser', + 'password': 'WrongPassword' + }) + + assert response.status_code == 401 + + def test_access_protected_route_without_token(self): + """: TokensO@""" + response = self.client.get('/api/dashboard') + assert response.status_code == 401 + + def test_access_protected_route_with_valid_token(self): + """: TokensO@""" + token = self.get_auth_token() + response = self.client.get( + '/api/dashboard', + headers={'Authorization': f'Bearer {token}'} + ) + assert response.status_code == 200 + +class TestAuthorization: + """v\""" + + def test_user_cannot_access_admin_route(self): + """: @ΤLks޲z""" + user_token = self.get_user_token() + response = self.client.get( + '/api/admin/users', + headers={'Authorization': f'Bearer {user_token}'} + ) + assert response.status_code == 403 + + def test_admin_can_access_department_data(self): + """: ޲z̥is""" + admin_token = self.get_admin_token() + response = self.client.get( + '/api/assessments?department=޳N', + headers={'Authorization': f'Bearer {admin_token}'} + ) + assert response.status_code == 200 + + def test_user_cannot_access_other_department_data(self): + """: @ΤLksL""" + user_token = self.get_user_token(department='޳N') + response = self.client.get( + '/api/assessments?department=~ȳ', + headers={'Authorization': f'Bearer {user_token}'} + ) + assert response.status_code == 403 +11.1.2 O\ +class TestDashboard: + """O\""" + + def test_get_dashboard_data(self): + """: O""" + token = self.get_auth_token() + response = self.client.get( + '/api/dashboard', + headers={'Authorization': f'Bearer {token}'} + ) + + assert response.status_code == 200 + data = response.get_json() + + # ҸƵc + assert 'user' in data + assert 'points' in data + assert 'department_ranking' in data + assert 'total_ranking' in data + assert 'badges' in data + assert 'recent_feedbacks' in data + + def test_dashboard_ranking_calculation(self): + """: OƦWp⥿T""" + # إߴո + self.create_test_employees_with_points([ + ('uA', 100), + ('uB', 80), + ('եΤ', 60), + ('uC', 40) + ]) + + token = self.get_auth_token() + response = self.client.get( + '/api/dashboard', + headers={'Authorization': f'Bearer {token}'} + ) + + data = response.get_json() + ranking = data['department_ranking'] + + assert ranking['rank'] == 3 + assert ranking['total'] == 4 + assert ranking['percentile'] == 25.0 # ӹL1H / 4H +11.1.3 Ʀ] +class TestLeaderboard: + """Ʀ]\""" + + def test_get_company_leaderboard(self): + """: qƦ]""" + token = self.get_auth_token() + response = self.client.get( + '/api/leaderboard?scope=company', + headers={'Authorization': f'Bearer {token}'} + ) + + assert response.status_code == 200 + data = response.get_json() + + assert 'rankings' in data + assert len(data['rankings']) > 0 + + # ұƧ + rankings = data['rankings'] + for i in range(len(rankings) - 1): + assert rankings[i]['total_points'] >= rankings[i+1]['total_points'] + + def test_leaderboard_with_ties(self): + """: Ʀ]æCƦWBz""" + # إߨæCnu + self.create_test_employees_with_points([ + ('uA', 100), + ('uB', 80), + ('uC', 80), # æC + ('uD', 60) + ]) + + token = self.get_auth_token() + response = self.client.get( + '/api/leaderboard', + headers={'Authorization': f'Bearer {token}'} + ) + + data = response.get_json() + rankings = data['rankings'] + + assert rankings[0]['rank'] == 1 + assert rankings[1]['rank'] == 2 + assert rankings[2]['rank'] == 2 # æC2 + assert rankings[3]['rank'] == 4 # +11.2 w +class TestSecurity: + """w\""" + + def test_sql_injection_prevention(self): + """: SQL`J@""" + malicious_input = "admin' OR '1'='1" + response = self.client.post('/api/auth/login', json={ + 'username': malicious_input, + 'password': 'test' + }) + + assert response.status_code == 401 + # Ӧ\nJ + + def test_xss_prevention(self): + """: XSS@""" + xss_script = "" + token = self.get_admin_token() + + response = self.client.post( + '/api/assessments', + headers={'Authorization': f'Bearer {token}'}, + json={ + 'department': xss_script, + 'position': 'u{v', + 'assessment_data': {} + } + ) + + # ӳQڵβMz + assert response.status_code in [400, 422] + + def test_password_strength_validation(self): + """: KXj""" + weak_passwords = [ + 'short', # ӵu + 'alllowercase', # Sjg + 'ALLUPPERCASE', # Spg + 'NoNumbers!', # SƦr + 'NoSpecial123' # SSŸ + ] + + for weak_pwd in weak_passwords: + response = self.client.post('/api/auth/register', json={ + 'username': 'testuser', + 'email': 'test@test.com', + 'password': weak_pwd, + 'full_name': '', + 'department': '޳N', + 'position': 'u{v' + }) + + assert response.status_code == 400 + + def test_rate_limiting(self): + """: nJѦƭ""" + for i in range(6): # 6 + response = self.client.post('/api/auth/login', json={ + 'username': 'testuser', + 'password': 'wrong_password' + }) + + # 6ӳQw + assert response.status_code == 429 # Too Many Requests + +12. ʱPB +12.1 ʱ +12.1.1 tκʱ +# dˬdI +@app.route('/health') +def health_check(): + """tΰdˬd""" + checks = { + 'status': 'healthy', + 'timestamp': datetime.utcnow().isoformat(), + 'checks': {} + } + + # Ʈwsuˬd + try: + db.session.execute('SELECT 1') + checks['checks']['database'] = 'ok' + except Exception as e: + checks['status'] = 'unhealthy' + checks['checks']['database'] = f'error: {str(e)}' + + # Redissuˬd]pϥΡ^ + try: + redis_client.ping() + checks['checks']['redis'] = 'ok' + except Exception as e: + checks['checks']['redis'] = f'error: {str(e)}' + + # ϺЪŶˬd + import shutil + disk_usage = shutil.disk_usage('/') + disk_percent = (disk_usage.used / disk_usage.total) * 100 + + if disk_percent > 90: + checks['status'] = 'warning' + checks['checks']['disk'] = f'high usage: {disk_percent:.1f}%' + else: + checks['checks']['disk'] = f'ok: {disk_percent:.1f}%' + + status_code = 200 if checks['status'] == 'healthy' else 503 + return jsonify(checks), status_code + +# tΫкI +@app.route('/metrics') +@permission_required('system:logs') +def system_metrics(): + """tΫ""" + import psutil + + return jsonify({ + 'cpu_percent': psutil.cpu_percent(), + 'memory_percent': psutil.virtual_memory().percent, + 'disk_percent': psutil.disk_usage('/').percent, + 'active_users': get_active_user_count(), + 'api_calls_today': get_api_call_count_today(), + 'average_response_time': get_average_response_time() + }) +12.1.2 ~Ⱥʱ +# ~ȫкI +@app.route('/api/admin/statistics') +@permission_required('system:logs') +def business_statistics(): + """~Ȳέp""" + from datetime import datetime, timedelta + + today = datetime.now().date() + week_ago = today - timedelta(days=7) + month_ago = today - timedelta(days=30) + + return jsonify({ + # Τέp + 'users': { + 'total': User.query.filter_by(is_active=True).count(), + 'new_this_week': User.query.filter( + User.created_at >= week_ago + ).count(), + 'active_today': get_active_users_today() + }, + + # έp + 'assessments': { + 'total': Assessment.query.count(), + 'this_month': Assessment.query.filter( + Assessment.created_at >= month_ago + ).count() + }, + + # ^Xέp + 'feedbacks': { + 'total': StarFeedback.query.count(), + 'this_month': StarFeedback.query.filter( + StarFeedback.feedback_date >= month_ago + ).count(), + 'average_score': db.session.query( + func.avg(StarFeedback.score) + ).scalar() + }, + + # ƦWέp + 'rankings': { + 'top_performer': get_top_performer(), + 'most_improved': get_most_improved_employee() + } + }) +12.2 x޲z +# xtm +import logging +from logging.handlers import RotatingFileHandler + +def setup_logging(app): + """]wx""" + + # ε{x + if not app.debug: + file_handler = RotatingFileHandler( + 'logs/app.log', + maxBytes=10485760, # 10MB + backupCount=10 + ) + file_handler.setFormatter(logging.Formatter( + '%(asctime)s %(levelname)s: %(message)s ' + '[in %(pathname)s:%(lineno)d]' + )) + file_handler.setLevel(logging.INFO) + app.logger.addHandler(file_handler) + app.logger.setLevel(logging.INFO) + app.logger.info('tαҰ') + + # wx + security_handler = RotatingFileHandler( + 'logs/security.log', + maxBytes=10485760, + backupCount=10 + ) + security_handler.setLevel(logging.WARNING) + security_logger = logging.getLogger('security') + security_logger.addHandler(security_handler) + + return app +12.3 ƥ +#!/bin/bash +# backup.sh - Ʈwƥ} + +# ]w +DB_HOST="localhost" +DB_NAME="partner_alignment" +DB_USER="backup_user" +DB_PASS="backup_password" +BACKUP_DIR="/backup/mysql" +DATE=$(date +%Y%m%d_%H%M%S) +RETENTION_DAYS=30 + +# إ߳ƥؿ +mkdir -p $BACKUP_DIR + +# ƥƮw +echo "}lƥƮw..." +mysqldump -h $DB_HOST -u $DB_USER -p$DB_PASS $DB_NAME \ + | gzip > $BACKUP_DIR/backup_$DATE.sql.gz + +# ˬdƥG +if [ $? -eq 0 ]; then + echo "? ƥ\: backup_$DATE.sql.gz" + + # R³ƥ + find $BACKUP_DIR -name "backup_*.sql.gz" -mtime +$RETENTION_DAYS -delete + echo "? MzWL${RETENTION_DAYS}Ѫ³ƥ" +else + echo "? ƥ" + exit 1 +fi + +# WǦܶxs]i^ +# aws s3 cp $BACKUP_DIR/backup_$DATE.sql.gz s3://your-bucket/backups/ + +echo "ƥ" +Crontab]w: +# Cѭ2Iƥ +0 2 * * * /path/to/backup.sh >> /var/log/backup.log 2>&1 + +13. Gٱưn +13.1 `D +D1: LknJt +g: nJܡuΤWαKX~v +i]: +1. KX~ +2. bQ +3. nJѦƹLhQw +ѨM: +-- ˬdbA +SELECT id, username, is_active, last_login_at +FROM users +WHERE username = 'username'; + +-- ]KX]޲zާ@^ +UPDATE users +SET password_hash = '$bcrypt_hash' +WHERE username = 'username'; + +-- MnJѰO +DELETE FROM login_attempts +WHERE username = 'username' +AND attempt_time < NOW() - INTERVAL 1 HOUR; + +-- ҥαb +UPDATE users +SET is_active = TRUE +WHERE username = 'username'; +D2: ƦWܤT +g: OƦWPڿn +i]: +1. ƦWήɧs +2. np~ +3. ֨D +ѨM: +# IJoƦWs +from app.services import update_all_rankings +update_all_rankings() + +# MƦW֨ +redis_client.delete('rankings:*') + +# spҦn +from app.services import recalculate_all_points +recalculate_all_points() +D3: tήįwC +g: API^ɶLAJwC +E_BJ: +# 1. ˬdCd +SELECT * FROM mysql.slow_log ORDER BY query_time DESC LIMIT 10; + +# 2. ˬdƮwsu +SHOW PROCESSLIST; + +# 3. ˬdtθ귽 +# CPUBOBϺI/O + +# 4. ˬdε{x +tail -f logs/app.log | grep ERROR +uƱI: +* sWƮw +* ҥάdߧ֨ +* W[A귽 +* uƺCd +13.2 Bzy{ +tάGٵo + +1. T{vTd + - \ಧ` vs tΧLks + - vTΤƶq + +2. Ұ汹I + - ܳƥΨtΡ]p^ + - ܺ@i + - qH + +3. DE_ + - dݿ~x + - ˬdtθ귽 + - T{̪ܧ + +4. D״_ + - ^u̪ܧ + - ״_{X~ + - _Ʈw + +5. Ҵ + - \ + - į + - wˬd + +6. _A + - vB}s + - ʱtΪA + - Oƥi + +7. ƫ˰Q + - Rڥ] + - iwI + - s + +14. spe +14.1 v2.1 W]u^ +wpɵ{: 1-2Ӥ +\M: +* [ ] ʸ˸mMΤu +* [ ] qt +* [ ] NtXR]h^ +* [ ] \]IgBס^ +* [ ] ץXPDF +* [ ] hy䴩]^^ +14.2 v3.0 W]^ +wpɵ{: 3-6Ӥ +\M: +* [ ] AIˡ]Ooiij^ +* [ ] 360צ^Xt +* [ ] ¾Poi|W +* [ ] XHRtΡ]p^ +* [ ] ƾڤRO]޲zh^ +* [ ] ۭqKPI +14.3 v4.0 W]^ +wpɵ{: 6-12Ӥ +\M: +* [ ] LAȬ[cc +* [ ] Dz߹wҫ +* [ ] ϶{ҡ]OҮѡ^ +* [ ] }APIx +* [ ] ĤTX]SlackBTeams^ +* [ ] ݳp + +15. +15.1 Ny]s^ +Ny wq O NuOP´ؼЩ¾nDiǰtL{ STARج[ Situation-Task-Action-ResultAcƦ^Xk L1-L5 OšAqL1()L5(w) Ԧ ϥηƹԾާ@[ϥΪ̤ ORM Object-Relational MappingApMg JWT JSON Web TokenAΩ󨭥ҪTokenз RBAC Role-Based Access ControlA󨤦⪺s ʤƦW ܳӹLh֦ʤPƪvɫ t CƿEyAzLNyѻP G ӷPާ@ݭnAJKXT{ 15.2 vtd +ֳtd߱`v: +# @Τ +USER_PERMISSIONS = [ + 'assessment:read', # dݦۤv + 'feedback:read', # dݦۤv^X + 'ranking:read' # dݱƦW +] + +# ޲z +ADMIN_PERMISSIONS = USER_PERMISSIONS + [ + 'user:read', # dݥΤ + 'user:update', # sΤ]^ + 'assessment:create', # إߵ + 'assessment:read_all', # dݩҦ]^ + 'assessment:update', # s + 'assessment:delete', # R + 'feedback:create', # إߦ^X + 'feedback:read_all', # dݩҦ^X]^ + 'ranking:read_department', # dݳƦW + 'ranking:read_all', # dݥqƦW + 'report:export' # ץX +] + +# Wź޲z +SUPER_ADMIN_PERMISSIONS = ADMIN_PERMISSIONS + [ + 'user:create', # إߥΤ + 'user:delete', # RΤ + 'user:manage_roles', # ޲z + 'ranking:calculate', # pƦW + 'report:export_all', # ץXҦ + 'system:config', # tγ]w + 'system:logs', # dݤx + 'system:backup' # Ƴƥ +] +15.3 APIֳtѦ +{Ҭ: +* POST /api/auth/register - U +* POST /api/auth/login - nJ +* POST /api/auth/logout - nX +* POST /api/auth/refresh - sToken +* GET /api/auth/me - eΤT +O: +* GET /api/dashboard - ӤHO +* GET /api/leaderboard - Ʀ] +Τ޲z: +* GET /api/admin/users - ΤM +* POST /api/admin/users - إߥΤ +* PUT /api/admin/users/:id - sΤ +* DELETE /api/admin/users/:id - RΤ +޲z: +* GET /api/capabilities - OزM +* POST /api/assessments - +* GET /api/assessments - dߵ +^X޲z: +* POST /api/star-feedbacks - ^X +* GET /api/star-feedbacks - dߦ^X +ƦWt: +* GET /api/rankings/total - `nƦW +* GET /api/rankings/monthly - ױƦW +* POST /api/rankings/calculate - pƦW +15.4 tmˬdM]s^ +peˬd: + wͦw SECRET_KEY M JWT_SECRET_KEY + w]wjKXƮwb + wͲ DEBUG Ҧ + wtmT CORS_ORIGINS + wҥ HTTPS]Let's EncryptΨL^ + w]wƮwƥ + wإ߹w]޲zb + wlƨPv + w]wwɥȡ]ƦWs^ + wtmxO + w]wʱiĵ + wթҦ֤ߥ\ + wdzƬG٫_pe + wqΤtΤWu + +16. ֭ñp + mW ñW M׸gz ޳NtdH ~tdH TwtdH ~O +󵲧 +: 2.0 +̫s: 2025~1015 +Ufd: 2025~1115 + +?? ܧKn (v1.0 v2.0) +?? sW\ +1. vɨt +o ӤHOPYɱƦW +o ʤƦW +o Nt +o nͶչϪ +o vɱƦ] +2. v޲z +o Τ{ҨtΡ]JWT^ +o Th[c +o Ӳɫv +o Τ޲zx +o vtm +o ާ@xl +?? [cs +* sW6Ӹƪ]users, roles, permissions^ +* s{]sWΤp^ +* sW20+APII +* eݷsW5ӥDn +* jƦw +?? įPw +* KX[K]Bcrypt^ +* Token{ҡ]JWT^ +* nJw +* GKX +* ާ@xO +* dˬdPʱ + diff --git a/partner alignment SDD.docx b/partner alignment SDD.docx new file mode 100644 index 0000000000000000000000000000000000000000..cf672b110d1ccd3fe7cc9c41913f215e64da432f GIT binary patch literal 47674 zcmeF2Raad>v#u8q+}(q_dxE<=EZp7QoghJjyF;*rySux)1zkA79ZtS8&KSpj!rt>@ z-t@egHR`RWy5DMLIjApK02lxq001BZuqQZbT0j5*#n1o%CIAjnSIp7D&D_DwP~F?f z+*P01%ifN(@CzhuJ^=FH_y7I;7mh$<@`TL*E1JY(*hk1*^Qvq+ZSmk(VVpUk)eA%v zr=s}1Xi?`!_x?AwVoEm7v0>7gP2U+fwvf5?Ognh=CQqs}T!GZ!Bm-+6hP9Ogra&`% z>fL14ZILnVAUn>^E_``z2v&-wfy5~_1f}ev>=10NC%`ZIlsFAa-eG)H(ST_Dzpn;Y z!E#p^t;wb9A;_>S%8_9*YiF4OJe252_2+HYl?}4gqO3Ym;_lsUr%JNjaC0EOI&))Oj6GQKNOd-U&?3?yc*14ESn@TGvZ)t-iZk8?2s5J`wuy zoQU$^3Dd^q9JI(~0O!uf8j)_6TEgP@UxK7nDNk{AkG@43U{0r?^t%(y73#$MwOf&{ zM65EXHNOtCpF;mK>+=%|p!|Qy^J@Y@%hkUX#eeEU{3lOC7jrvT7UuuF|67*-g|+y9 z{CZ_#-#=L*315Z0hs<@UtoPv+DYBT(Zs4uK!s*J$V{WY4tbDxludYJspBPI`%r7L( z`nYCGy8lVm|4WbxM2_l$Uw$?i(0%Rn0;Gg>7PEORJMAH59X(jQk5kCdjfX^QV@J&p zz$83Hq)+u?9@2|H9F`(llhe&Cno>3t2DosBmFTqLWN1EF(cs9($L_3vHdmvOwyZ?esTK@yO@)1HkZ4JVT#j% z84}5C;n?aC^q)StbXEL3>&d}a98#omc{ZbdcShYr_A!aP6SiQ@5d3hS*$sH5Xrf7F z8C(dtR;SK+Y6aVo@7y~2e%uDWtStD4WCSM-M7ohtOaH$0FKvJ#c|^iSSnJ;2e(O~> z`IfsQkWDmdev@Guwgr{3yFFQFIun8wYw}+o+0!H1D$~;4d!*bk>iNCBI(dh0253Lq_PYkIHzSkQ z;=b(Kb;k2&%2Od)LM!yznC*?-MJgmq^Eb&Gw>14f ziVneDg^$lOnmws`(!YOnX>=-{DP+_Az6o1zXd_*Hj>`h}sftwbq)EdQah$vgT;l-Rf-BUtnW}N?;PS3*^OF2bJw~&&pQL&+AHWyKD#{o@u~D>Uu*o8 z&5Qjgaxhn*AC5m0pa0C?atL}pEf&1zD?y^lNk|?ct#nwaTo5+Cb}E&9fe8ct(--Fp z=tWRoN>PJ#K~~I+G`&tL?|)%{)yM%Q?+H)8jz1ep`7(SGcwcYn3T$+^s10a3{Czs< z?*9sY^_7dB$thi#sHwpY3;_CFCwaF0*=fWcH;{WgY`BJ)V_nlD&l}B=y*rQe$FjwI z7bw>BoIov=b&ZpCExMdcDc0<U1Swfb|}%mvzs zFV3q;KB|W9C0GSTVIxY$-j|$dcJiKXfA|_TBKW?TnBWmUeH68wzBVtzwMb?2>|a)a zFDDn2C9vBQ!o7N*@4X{BjGgd0>0>03b;4YuO(`ym>;6F7Zx+1#c%%v5JLdUOL0(;T z>$aFf%rvv@d?~KCAt#i~GKozxgG0l@GppH!JQP}(9_m6kMnPRa7A#uKdVSZcOs$z< z9*+^SuB9imlqMH(mJ1PhfP|JuAp^&GtYDB+g~vPA*RM?SG@wlG?N>Gn>$y;gmuc}5 z?sBbuUn7a zs7)x?h`>+Scx4*et_a&3s4IR(2X7;TuUq-vJD=_)c05@0y)N`RfIh5UjZcl7KE*cU znqPk3p3O`TE(9|FN|T}<2Me-n<z8@Vm|fKEgP>x6&>P@h%5{ zyS~d_4-M_rsC7RX>S#ID7_e;XxdmiCD?WlUP_@Xf{(^k?9c09n2-<3Xb_Ph~3_?x?KmB+I1^>?6pu#uOb?%NUTS$R16lk z;Eq$wWV2Z2q&;q4yAFjpd%D&0zq1R!l8Gvm-72mn5Zm?4&uDIDWF5k$W!IfZZ#b^$ zROncxxOg%7Sk9jX?ki<8AWk=R^aBv*14h-=34OoyaCjg(WNoQ-J9qfKhaEFQI(ojz z*3JP$GNFTP#71*FZw4TP2$9Fev zl$o9+XkQsfQPPXB$OUlW%W}3ajN1fS>JCoHi2Gj9IwdeU)VFwbia! zkDOUt;x1DJkVa%MZrfzcmq9QC7g=0)zLB+uL!*6$Pe{GP!gFkWwQ4R!6cH_sm$O~m zs+sTeKR3GqyWNB$GGG*<;4~={iNXYW6kMjKY}8P-;o8^tfjT@8*~iu*^@Gg0Bx^>G}?mS`U>xYDqu?qZa~ z8waiCj$ouWmmy9K1mO9Mz7)7>YJJloqOi$=le|3r+HPy78m)<5fd^i*Xt*i~v-85$;ugG^GdEF~l@{=(q9rUsDpgWtjMb(vt1`NAlCa^_ z-oUmTBr?!ErD#m-wT1c9@NpARJl~d9Y)SSbZ2eEwUQKVRB=hrh-zVPpmd3wf9NhYX zLMl3b+bnovYuMr8{U z8p3@$Ya&pD8iLd^Mmw|G_A0letet9l3dc}y)5a10H(hNogz6G8ojbt*#*BsMXN}*e z@WOZSr9Svj06Z@T9=G-M>EQz6Za`eyIY;U}0d<0})_ z&%NtoeUMcLVTAJ@a;9@PK}{U$?er}JWlLr|h7VKe{fWvvP06{KQ0o>B=g`cE>rumz^#G^HrD z;CV`AO7Yy-9RZ67zgoqDqc#yaY~&5;9y`cW>e?rUH><}CCwf2Uc0coe{5<&UNkdGj z0k`p9Q+J6F9O0ZBy`5$1jfOqXxfX{duMnIYnlHFt+gA+I0y2?HJXi~7zs#`^d8EG! zu?zBf(Gq?3+)0uZ|1`Z+0{bhV1N8Hc2_VElv@;hHJZFb)(<1>SxAOrOGr2NhP-~XE zva}XxUTl;ggO0QgjOyTszxhD1NU-@LkcC!r0~>u2RkwbMjY1*HW-8ojmns zv?r8hk6LXNSwX4?C2wvS5)fwrei=s2cCm; zaO-l$b=$YwN5cn;_8FiFG5{<13CNM_tA-?C0t zRutM)!(ITc^oqE%h`I2ldBY#NI{C(Pyl&oehtQ>uqLI@#DQb21vT~O3ak1I~8e;as0*wcqotDeM!EgIB* z$9-Dj^t@0o^Y9bR@p6ZSxvTq9&+mx;W!zhU9&ZBNK>Dsk(;nP78e4g^WF0>oA`)!{ z3irt@zV1z=`V3R18kA$csn)9g?QhMWS}G3({@Y9B1OoA~f7S@&3|IbnM&en%l5?El zYYEZHSpD65qv{|>LBO3?YFdwDQ+L8iB0?U3w;V58q$IvYz{Y}RKBPc-C6&$iGdCg- zc5ltg{I=e#(1%M{A7ZW!USNztPG9#M&J*o9LV>EL?+8|2T=Iz6x4esIBjUkbL;a5j z)ql+r_CW5rTHJ6cf7|VwYP>XgD11F#st~=9nHl~PvWYHV ztw97xo}=^8Q>Lrm=DDoMJ?jq9M5iRmLtLJjev!@fDJ7Q&s7jy@8^U3h#K*+9H(`_WE(jK=u{U^aL(yz^xC-YpHsiD@Y$JLG#nyS zL|p$m7}lWOr+%Fj7Sm(F!b}*cej0DYU10G>Sda$p@B#nHkj)%9BovB$Rp(g4c`U&g zL11DgnZiQI*u~*F=;S&tS?SVQ!9B9FF{E}S*SN(a$G(c_HXYOJc4FN}zeZu0pxmAt zm!L@E{hn>$-sMr~BFB3RA6F`%eNOT|Bm}w;Z6eqeI!X-Lp4s2ioh`%BhXRg7yeuFA z{bW{hVaiTV)jbIqoR$!6ujm*#riS0`@BglqgxeHYw6B+T>Xj>DT=$7HBc*wTRSF3G z`PAjJ844+Nn~^A3_5(_Vji(eG7>RP$w`3m9RjcZnN^?jw(XJ<4)^nkzjhzj(N!Ddz zD;I`kv1dhplJ6jpVzgEW;&~2d&-uFaBDdKS_}qD06a{x^TXdlSsz?hV;XF$4=mdL? z1Jv@|%2BMYCVJeTu?w&e|47%lZ`-BLmFh9Y41&Jk!z^HtC#V@2E4e6RwAGx*vlTsF z*oIAQzrVW#4Y0Da#@o6+6+depp2a@=xdaH}sY)O2vX+osex8qRzYmL? zsa0UJ*lP=#=}k-ZuuP^{p5ij|j!5t}V%v>!R&-l_TE5r4|9o5;fo#!~ z#|R;icjR8Zrt=KOhyT8ye8+)NMZl6ZM$*m$q>Q?q_6OO4WnFAaNyoSSt@1hi64w01F{vnH0nO6%8&fSbou*j7N8pQ zcys_WX~qz40Vt;|zCt;9`+KNE6a1?n)Gds|M5friWi7uk<5$_*B*rb>1PcSaFuh5p z`UXo4V=4)L4DOzb)3>H_c+v!$)kfx$F4y)!$o{{}X6p@3aaVYAoOV4>wCG{ZYFs;P z6&M*v$N49z{DS7sRK@+Z)%5D*V);O~%b+KHX{4`_a_pXwOeI>fcebxpT04ucRUch> zI*FvAb<>PM5RetTBznD@?tAO!eI)l?86#)5zp^|}#qw#i{(j)~#dLT#1h(q^U5Y=K zcd;hW$LQ6J{xF$zy2F2IWJ0Z&f*EL=JBcDo^&KKaS&aRJc#V=~U-~dc4!a$^?Q=QJ zpCaQTYNu8K)zRE6deZP-Hvr3Tu^xJU*X{T7ph=ROGown{%vycubWT={>n8t(y&3zT z+)B>`pma@FRsaR=TC3vwQP|Hx6n4uJ8cV_j?Cn&rGep|jg;&uRI^V6%d%8V{u^@)} z=fRd+oZL z0mG&*hc4p)5g1H8U#`fPGVSBLo64dt!6vUT!pHeTv_u(OlvX*tj$>%l<0nX&kZhyc zD%2r2xv1TNE=ZyqXmsn5LZdDbtc*lhEGt8%RE8j~ZrPhiR~M>RKp%uQ5u|$fGnP|* z=tnYs{@Gzs0o2xkDwFy6J`nCZHFYWjy5&>_n#?{>x@*%rNUqrQ{X0Rqr1mB!dXnu) z#SzP`@%i76u0X*}6L`Cdy+jcAzRkka`adZ}%MHsX6&-uB*e^xUd6}^$kc?6_+v~C6vdEL|G~<2h~SbWRcJEpE|JEd=tFX96A5yfC>cy-X!P+dG9qP5 z-*z+E{-+gjs=-G1SV3%!if}pOXG(f91aA2F@zgY_LUMgICZcx&I|jFh-Rjh`P;{}S z0~fSy3qoKikxplZ&I6riUs+y7c)wlwQM;PBU?c(_j{@L#CUeTD0Eb)xLb1-G$7dfP`e|FU z$VkkFT(s%fKbRa5uHV+P7P&?H7{(EVC=DL}W8Jv?QWqeWu}F2U%5u$iqzgRvBV zz~#l-Q@C&JVUQ3Y70DoV*Kn0^NOUuHv$d&I0ssG$<3W2X7sjPid(p)Mv(ET2nPeM1 z6>JkDTHqxeyjm=U1$)wH6Wu_FwdI|Q^+BTg+VFQHoFvALr)KaRRXq8ybqm-}yhKKU zJV{Bag1;STO}{jZ92JX=gjK#=b&ym7z|0{GS2xAA+zUr5OO#QQtOEgb>06dA(n=7D z&`eYXHk#(KL?`k~=$0Taq9&8=VI^V|hUyEI92XFno+(RBbegSA%Pa5A$LJO`qC~@u zK%*)30+4*_T)_@=)oIz>TwD>q>kBm~OZBqo*(+5RxHGxDrD_vr_td}bOD@P%{mO4- z z2$P{tQHUwdJaS{vbLsB*qbQ%eEtn#HC^|K7*EX4Sk(My2%!$o|OnCQ?IWg*P5-SI? znA#CwrP03iP?0UxTJ=-Iuh($$#}{j4nmALMHQ9Ap?A|nF(PB$pE7VL0vG&6M?zws4bI> zDcRNf2L@=$`rs!u{_%NE1Lg!=&I2O{D}0=mNcDBYLcNS|8>=X$6j$Txq2IpXX7!H? zkb|*}9G47cA0Uf$n)Ku$)E*6=cP`7JX)a-S0@ci=-V06z$VFGy+(qkLNOEzI4998@eZ@TXW4doXf3??5(kfMxEf$k^+zf&k}vV+Q7E_*z^Dq%&l&7NDW-P}Hz@qBBzQ%d+yO$Y$-t~qjF1*?#dmvW`FO?hFCs`mFyU<$&5sN9;Qixg*gVfmW z90aJo{01i)S{79@elW0JAKetSdk_0o+%~tjPgwklIlaVS+-_9qa76duJejBd7RY0Q z_N5mcLU(2HI0TY>0!_vwa@UUDwHc#vj|_VQ8*dwVl+SRQm*t8py=Dz^>QRQ=HY|Zd zhElyTe2p}VGIH?uoVEP>!UtkYI_11BrDP@!Yno;nWh5oY*l3d6@QbfhlDO&sCs1;S zCNc)bp^^?^*Us{YIe9!1#%h(lXh*@qk}~oD$!YnX&<`p^ME+3cGmT1yQW?IWH{J$Y zJ(J4BE~|YiNZlZtohp(NhZ7==VVG*1G9iKj0^-EO(gB141wjeqU`Ab|8n+q7CaySo zt+c4p6mdfovy(l{JXBg3O`b=>7&2?td;PwW8Z8tUYxd^!o&7U#FyiZzwb7RTY6Hz{vL6<@r zFDVO&nbn(WJJPy$$8ve0lJTXu&=!l0aw$~&%a6qMFKbb2lih#+HKnxJK-N}j&Cyiw zPtOCh<=e{?^FZ+&cIXK%E;>zd#4uj77#VZsw*PIFsAcTw)S8HdS*ac(z1szz|AmMv zUdLPe@$axoKOuq!w0Cb+TuvTqM+UQitbdWbVD^VJcD&@FD+_L3O8{yXccbZr)k5cI z45>3gp=nwAoZ=9!osjgs7yv@;J+fDrjk1y%^Kw%diJ*ckDY{e%uA)3P0k1#61Lv|M zFR;!dG7yn-N6KUop@D*&4XwiC^+g&9asxNAPu*diyCQeX>TQ-P0WV&wy@Vm*71UXj zfG6A+x;|H`;V(tOhDDggt?E&-oI-~I#ky2mj{Xd=mJ&CiT{KHAaO+@zJLGOD*F(9l z7dK&bFoh~tRahV6utgOh!IuL)Ta}ZurNS(I{LBxIoAB7Gm~9J$HK%`?FBN$(r=OYj}OQ56)TBWSV4@SU{6M45*7Ga`-Y8{ zr{Ce`s&Z+dYswg{5CU^R`juzWPOpCW$&WnpJSXe0L_c&}Kn08?Hvcx6_ZVYN1)f`% z7~EWj`I+i>0U6x#aCnualJ7lyKN9@br98{|raC^8|#Rf~zu)=I5{0x)G9$?;P|eo*6| z=L~eF6Jx3n{g-P6Di^5JlW~3+#U~Y%N<{NQQGf1VOGaxgO$zyu)k_kNVX&!AvZ>GzmaA3bNQ?V; za8-X$l|7F8CFAsPJkE4X-G(%2Jfdi4DEKi?>Ra0P1T>zn72J86z03KKCb~F#31H!v z{y;$wi*HM5xDRCjzAU)|%r>>iTmd&v#@e?H;S%1J%T(r053ofv3v=qx*OVhks9Lt* zL1mRY86UpLZ+3(Sf~%J~hMOeA*&7@XeA5N4GCa122Niub(#-cUp981awCaG_h@- zR~cdhYcGoxB&L1gcEp~(_7ek)FRm&8kYCxO0r{i9r*-HrmO#}*SEL~1joD;|d*DK5 zO|weNxXu6Lc9^vPb2}b%|G6C$(~KU;uV)trQ-3xh_cS+d{Y@|Phy8YPulT@<4wLQ| zYa3>XKhJuTZ5YyUqMEkVtz^uVPWo-Z>s9k1C&fdhWM6OXFt0xg0^ai-%R+rCUY~J` z*PI_eE|?yR|6VZ*<}xY5>^up6n~l|mUCl&+NTm}kRjAybNoj^1jj!==*rMAZ+<2+r z>1!jdyvuU7Bp0XIBHt(PN7{T_{}Q@$4jm$kJ3nSMge~H=?rLhFK{3 z@DpyZRba7mW0Ibk<%+#NZaKOa@|oX| zn?4^vL;Z5C7(#u7^k-B*sK}~9Lxny7>rByFB3~QHmFW4!n^U0L8YSz(fuZl~g(CwD z*4BKAV%v_rtM0Q+!`lUw(!S;$s75^mFrfaWbxUIW_Q=io#^w1<-1=GujvBsD6g@>vm7E_Au+Md zvzQnl)A~pcFAunxS^lvv?qN>Y14e^0MEgdrOQA{kdO0w8y6fR^YrcPVzQPbvSTrA= za~ay=ri7GEs8z+sZK=iMtqUDexbS#Y9N=z)W7*MmFf=qD=(mq5^8St}>b50B{9+dv zA21v=&Pd?htHTNBWBL+yC8rtSu^od;60Xwz65ItbTNG|$T{0)&o9Mm&$bd-Z1ZUz0 z$cK|5?z(ce`YM{mE=d1g^JFsL<+{=KH0gbp@~8CFgBx)*X?9n(~@oEux=H--WE{ML1! z$XW7J9ZLoa<$UC3bs+xaP#hTXT5s1-Fa~*OA*4K%Zkp(3+VAgA(k_52BEA+V=A+6s z>wC)R67Ye;nOs>Pdz5V$r0xx`v&5C851f(bRwjmEM=F!bTCX9mS*GPc0b0qV?Dr5u z4y}N56F&>Ksfr_MRmxD{Q^wNlW`T$KzfX<}T;XyM25s;*eeL%5`0cw&_YA! zwEgNh1Dm#v(al8E60DnAhoZFA^!}LzPjhCnPL|{>M#$vN>F}JGl6eAVn06HOt*B8p z?{Ugq)$9$#dl0L)#;p#-571@cK$u-=GbciqD!%?kpN9f_M?4}Vo=V$zXN3}ZpDE{! zE?-Zyx$1OY;dc4`SPS4w4+ID*w90-}H8NX3WIWaliadt@B_Wj$fuydKbhD&fCzx4x6LzO1IPata(5o=7c-ddaZM-KwKy3KZ(ACtJM z#I93=38+_MGr;}7u1kbX%I8I^1!lWun}pn9POocaboAL3 zl-{kE_ojyS7Pq2I&s%+OWlr|2u7~UZzxrWjkttrx7BQUEd;XMtczuY!rdyvZF<3IT zlBPvv_;~}n1ytJutNk3tiF57_0wp-wia3fb194LjdzFGzhmI6@8dk^Nej^6V!>%*r z$~NpzueznVEQaKTdASJXxl>zwVfmhBkV>N17I&FKvWeX+9>QM|`yIgrA*0xH-0YH4 ziWrN?oizb>$eu*%nc;A2Oy!UPb2s~>pV2fe;6nusH-=t3PguIP?DnPfW~)U+YY{TF z4>|HC$DUGy-kH2xN%Q0*)RilA!4FfcDbrNj4`}GZxkNAK-m7;z!4p96SZ-0zbg4k~ z3tLA|Fq008eSpbf)Z1Dw%iz&Q-!Q$X+&^P7(!4(0)rvSzADW4cuDU z+FP`ecUyWM<=($phjfoe1Z`izc4SWVty%?~=Pv=2NgN6}+zd|Qh@4G8D>oyW7wI4e zdf?fgYF4kq;3;=u=<*1(hPBqI(#}nY!wVOK!8+t(mlryL^#7E5N#?P}spcOFVk3H> zWKe(c9Ux=YE;Fx7*9RRkd(Gu}TBa$i4NpVZ?61wf+=lo1_Y*p1 zE!4t+dVSTE*}4}2MIpvSJm}1k$Cjd(F~w$T*{UO~DKbjETBRJxH1G=mnJCC%mVZE<6#;&GYJ)UEQC6bet7loANe z=)`OOZ_xY1t4$-2UW}jt?lkw?%U;OYHrC~) z)%A5OT0FE%Ux*$!S>`u~?xDnlMdFF*hctPv91V;q$;b^EYz2K&TM8KTxs@~5~2*NHO%vRu?e6+~+Ub#>Cfk~{^j{Jac~N+P>uw_R$e z{>W|N=kH|dWg6EHYr*!1zkb5UB4dBABl6mN1mEk*a}MjO$ipDHmOjKf(#Sm;z8ZZ? z3vl}SNdUkoaZbt5D6MaDz)6<>X0HSBCV{+~l(U4Dl?WxEE1NKlUtWerY3gHR%k(LaK$jsB2rMB>;Q z55QO_EmJ$)#^O0`aGU(?2%o_W7Ly{Yv&Y=O%-B2DIxf3iaJznm7K(hdDeHR2rT67* zb(G4k!@UgYm_BAP$d{rDU(E1QZ5L`-_U&=jHIk(R>lM7{1 zl)R~Ej+*dxFKBCm2P@gYrXrYEbezthojuOuDo|A z1kg*yZ$%lC_>mF=^8CZM0}*|d^QviWkBjOnt4+w1svOA|+h z$UF8`3|;E!sKt#Lf$t_wVXe643lbodPW+d2K@E!6`2>Tjoyy1)WX$#2X@Avd?~S8? z`Q8i!`y3iu1habmYPzqwY-#<;nBBOm6wS?dM}9so9r?pwmM$X(pG=x@2tf&9iyx!{ zJ_VTY=Tf`x0TaO}K!x-4OlfQNs#%e`S!3RBkcG`obAjBrW#yKx z{0Mji&5FQ;`4ipXAEv<==(sgC+mDvj*Cgbegf_gVxZ=``;*e?f*_SQ~mz`pKDJBZz zITwuuv6c|)+#=_IZJGvQ(<#wEM?Q6(VC~g|nHbeCFgzAiF9}kM!C__9JQKm^5Ti^= zhE?^Hr{MZ&to|!B2_s!e)YVH(@qdBhv$^zM8@^T?k##lJAdI@U<}R~pW{4xXa##LlVW3OA zI6g9Cvh{|hX~}?KCR>)$O7RUpvQqz(PNzY{gH#u^@Yov1tv>XHLXGq_zqs2{=Y6^B zw8fJ`$UED;H#kflD0c;0^_3ewf`Rg5MyOgS5WU#$+>T)d4>ezTppWvpL73f3{Oiy+ zuhCQ(dzkT$LDPz!U#O^XW!6Op`qc1aQh3B=utb{G>MI05_Rc~@^R)z-nVT-1W5ryN z7LBf{qR!u@D%(DC@rQhq(%@e=kU8sc))3#`>wexdjuVEtydSRJERjHI%%NS}40J5L z-hTSO$Tv2@ti?Ale6(32Kde%V){HAl`41uzAvgLx9!-DEubSJBI>#WkwIR7f1U|M) z{biJo2@bQr=80(TjgZ~i4>B%?!O2T%VPb7=4rDQG-xb;&|I0yIzjT0)lN3xzKXb#9 zTRmlXl!~!On+cQRPfw+yJ40I>9=KbpRst<-QhcnY_U zfD`CDx30s+;EL2*)@F_LN4b*sH&rz`r4?W!Xs0R`q& z{W5(Pcv=0dBv>=ee*g%{Lh2nl9#^Q(YawZPH89-LPFZ_F)PvrMx&&nN zJL|JA=<@kjwL3A?I`(w-L;SnlSLSik<(dRBVAw$r#Kx!J71-?Z0lvAhRDiGXfGooM z6?uO!Aa2hvI{L$E);^z0T(3=?9lkvUe(8?mMonTj!Rna!YoiG!{^}T}Z==`cu#LO0 z&qh?r=t9s&YwX5wyE)YKn!}DuMF-znokPN;nbg~x_TgOEP5(&K^8^tjGn7Kog>o_` z=3iyc3oT0m7x_PMLshs*x62(mmBpBB)r(ZAwm7aOZ#JCq{A&AYl`2v|uI#Qsmh{m7Q|54f|JlUq zZ+Rwifobid5)!WdLqK>JuMa}4VG%wYr^S16XE~$Tg_*@9Aqk9QOoxb6yYV+^#BB&V zA$|jS=*hCI?6O@ssyO|U509s~q6|CkoSCCFrJ7>lzkIDuY=N8RB>Xx&Mn7QxO=>qX zTCsI7S}XG)fsQ;R|91Mi!HoFm0(r8I!kL zq<#_QOnPAKoxZn?BWV80gRqyQg4B-eh?(rUue_N8=k%Y1JnlpmSpF<_o?$>jMSl0@ zH@x{^e*=qlAHRpaLXu#gdG0JwWOZ<+TT=@YqmXJq|1|gYNMc0 z)GMX*y_|g`~tCT-o@#p5WQK)CKh>Foh1j!d$`Ha3XcE%9Nu_S{J z+VegM_rr39f<)}_#pYt&V>x~}A9GC@k9sD0;emFiF-}^nT-1U#hyJ(VxEY7R@F6I+ zDITinV4~M_WSu(`!IOCzhsX0bRNLvtX6I*|t-H?8iWYiJoRFA%WntTvQic`pI|vEx zp{OToJ^l1LdXC2K*VVjNGs_>EE#RsfI;BX~W^5@X}@8I^ibg~e}F*k%VB*zjW1@8LhqK%|*|FM5OnNtC(Is_GcY zrjav1Y@~=OZHt&GtT*D3QL`BJ5sjg%EEN)MX0F}(I^u|;c3hSxTi1kvB3{>O?!bb2 zv=JEI-VlmZWZ;NSAgd}HQG=7)BvWy8hNw{jOauxFic73Ib-m<;AY6@I3|14LY9%_R zaD(HrBusyw)z2WgoO3g}FSv-(`G8^sNZ;#kRX4rNTj5_FFc%)tDOE-!_< zU)ECxm#fugqIJ}OgtF*i4JG0cED=aDzLaQ32hV^gaw#~T-VVK~(Kv;nbjE5u z;aD3qxD>=u^UMj5HJL=&Ca9$3Iej8`9T7`MKB??&?c_9PqDjd_9pgGf1P&BIO#K=> zbt6n>IBrJ-GWmmMMkn~r{Ab_XTQ-U#q_}v;&SK3IzTwQXS$OMN=5KIfB|q zP-oPwo&0Gd6Ua~I>pczc!fSY{Hs7Nh&UH_IWrU+?k6h0)OyLyMb&%{D)j!@G?z4d0L&&!Gw|C; z7znjQBu!_Fk3+Qz`l1<3mqQ!G3ykYZYvdc!u^GpnHOA3#3tLYU=aDhZoW4g%mTze*Qxpk0mc z2vxoL6~DN#nH#ZmFO39y%|)2OAC^@qlsE zOTr-%UiaL9vf${xf~dddK2|u~cLB5;-)eW$;Y?U}%h4gkVM+0Vl4-{Bc!TKwA@fyd zj3ll_5dudXgsx|3XPV_9Na^Z0)>Ete>Q&v|+}{IwL<^L{GtqSqMF`}Iv2PCM;;Uhv zR!^-NDkd}?mFOCf+EQl&|B`_%Rvwc6l=~4RHKdiQP+PCW#$@y&w|P6WyPRnuu8kO#|Xw&YunG* ztecNddsN-m0NdOfqn&VqaaRt=}g%)g1mmeBLpiol2&F^}Acde*7o1;0_#>iwXPU7F@*xlV8`0&F7(zla z4yYanu(Hyr4SiOYIT6NaNX2v^!nb(bjQ7ly=%U~w$ki!2Q{kdAc*4wQ2I!NEj>ha(PFT)d?TOV5m{ebI!HCY=}B%-z>poAk+uZ&$_O} zExmp1jP#o(oN<_`aOBsr!b1SMU7x%SOoxlT_W#uEX4@C)AejjM>2AS$SE(z@VoB!= z`*ogafD`K)o_4)=osaXdB&zOBIEQXK4h(w}_~HEi{E)KdRUHAn*1~w5Q)NE|EE@{T zV=S5SP}CrNOg8ulg?7!EMuWyHJ@ve|>;fsYyVMUGMa^!J>ABdrUT6{%bqq#v_^ z=#U1Q$_u$Z=~SMma|>iBcyDx=aerkg2oH{D3|I!Wlh`faJR^RD zRV=|)q=YpoOf2=dvB?&LRqx>{exq8g@CoT3j^r)jFjMjBryTO7$XUKm@V|r2fE3*Q zdr4Yu0T!V&b-knUb?0zcaBHr(e2fg@&M$?t%tr}IY;~q5W3OcE`0EoCBym`va78A$ z{32+}d5&583fRV{E(ITIVmTj_y`)>jIfH(sSM!a~JIsp}i$9bG6(pn^?FeqyUDxZ~ z-vYPWHQyf`#Fz0Rsb*eUXo1AE>Q#oKYKtK;mNtCnfeEz^$MN=1wpYr*Ic|fVL)(IC zZ5_=kz8*a0I5!a(!Q3#JPhs;Hk%_uQ7l_XEHIvX7OR(On5nwb#I&Ql#IAH1G_ww}~ zbP7fa@~rx&gzkq%5dl}_C+&({@Ai*9^2bWDto2NkhjNsiR9D8g#pkrEC#9=rROZ(- z=2Vugzj=R^H|V)lh}Gn>1%Y2~OMHWM5Q2*!`S7|}bFseG5HB(Pu^Qtj9x=e*_;$`S z5TG|$$1SXby582vG03XM`*&NVI-*KGAso4i#Yg>%l-)3PNAcSI(u`MX zWeM8ITg-xG@8M)T050Lq3kP3S7|tAnzNSbBVfbW81cE8#_*(*tWA{?%1|% zn|sH$ZQJ(Ec~70HTXpU~xc#BO^s26|UaNb~vF4a#Sg+e}h*_x)`ir5LB{3Z#5dO7A zZh$uO^1d-KiZpI>=cSG5TstuK&aZ9}{}_f;o|h9v?mDT3P0W3{6*kMvH{}vJ{S3i1 z!qsT?k_4DQm6cy8%eD|8x`Pd{u|culNPLT7+&XMF?3vf z!g;wopc!=kV!gOM1XUW%9BX*|&BA&VjTp!|v^i1#+a3#HF2GG_3^5i{d3B1Y=xk*1T zSFg+Rs4)?>o&MVXAJQMPRNryQ!yyjeH_?arkeuy^o6NxpjhkuX3wzh-Xo*l_^w*eF zb`*~Ntye?2^&R?cM}B){c~^Y|?d;MBI_;;S%38Ymld(+1@03iVUp{!2Py~+q@24lz z(YacqYta0FGu(L<^~+t}{dDG3IkO#ks2bhwH3V9*WoGt->*SQ6EiRQDesw(?XFSAR zNeqjz3++&Rq@SlgUlGho8K(jH@E((Yvl4^3jw{yAtC+JiA@8-AdR|D2LIEo4Dy+~0< zo@n=|r@f>Fu0VA+z~hFKd4|k}m)-JCMVOxa`il>>>ujR^aq)QZ-TZ85@RC(mg|s9f z-1gxw4snFMT$VRm@uJCD=yps!1Ic!`t1LO!F;13-`g$j=6|IB|=gdln`EtegCw7yvUPD z{l!;!u0o}=0$R0j%{s%(_A`YnPYV;XQB!!ZjMJax4F+<)0Ft4a#9qZ*zp?xTH{8IE zkb*}a5h+I~(QHl4z6v;;TeUdW^8GWN`=_ol1NtihPaqHGgZy0@7qjn zb}ikcdd*g(KaPSNI#7k_YQ)WlD%PTlYZYI@&umC;wj|&!> zuh+;Q2oB6K&G4$PUsJ`PZa($e&3AX~UMIYw1_w4!Yiog+ncmpEZeGADXS=)i7CBwH zy?r$92i_r%EWTF?)&edYH`_HGRmuyZ6E5EOO^=rm7)-vr}zrDWuQ$Cu@((D@862lyU-y}=U5Ga8J-Fst|n zI6cOrWqVK2)+-cCpUNKX_#;1SY$Xf0Yd28deWyb+@YWnl!*5Hb>Up?8N_KCpT>Z9r zltL9ze&GE$VQvy&Vp0@ER)a`=)mpd0i=^@XXMEvE|9Ze z1HJy1$u|z34pEE-JIz10W%4~NnYB1qZW+@kw5$gD`u3#da>~bAIaWC@``gt$0(yzb zHNieMZUSxDOuYiJ+fZBfbwc`aUczR6*AI+n9Z)E-9UAw~Cbm>uk5VrFyxesYz6n&27y%+2;J@ZT-d)oDBEoyyOKoa3RLGsL5B zdd+4|IH`trjRH6T`-vt$Q{ObsRb|Mmtn2M!_U#^XHe|p*0%btYrrtBq1tA%^Rb}kJ z>GuIslQ)-NAqT6Hip+;xJN-@t;+Go#x6eXU;m0eez+chdc*9Myx0@%n!b)A<@zjHN z&0dS4jf;bfR*kuiLLl|hs#Y)x-dhA@waDwMFmsuvHhZ2 zue-Wt-YokAx%x-5whi>4VL{R_)jkax9=AR_Vekr&Uw1Yh6u)wb1csyx#=>Bd(-$<9 z{$zKfR`$;(Yr|DZ64B_}Eo<9u=;G8*K3|d+ew%&UpSs|c9`);Y94YuVe0^-mL*y;# z?=$0-mE&?OiAncdjcll5rhXhUem0kWjjfJtvUB)kD%$xzhMx7&BiMxfLerG$N~vF8 zS*Y18o6Oy|;4nuv7CB%`l>C2$_(2+em; zc-{H^lxhF{=PzOrb5$D2qN40=xu9|1nZBt~XPY^jsCvS~8*k0CpiDxx3}z_|fjZg{ zb6Eu4t#<5Su*>WCU9|SsFzkfnmP!$yyO1Wk=L|vVxqDDePU==*C}yS1F|8n9?Z+oC zL3Rl(jN*ikCfW8!R1B}%FW;}Kj)x%2$&tAy^C`7I9}UD;-(+maAv0jq(NJ=6zj!5d zLHvv|GxU5PlU>ktJ?@#`gMT`9c#0frH$*p8Fsd~SN!7Ii#qmLsFVLtOqKR9c_tDsF z@c+S|08aX2TUx2g3&uO~8WRj|r@#03OTc%;i)D)Zs*(Z)j&`%UCUY)HE z=dWG~C7*~ftMRJJ6#OULYh6GL-#VGP)V^NU=1-E=K^}cyfKV_J-H(YLcu3=aDmBqm z5|$z5Uq7R)DZmvi*)&( z94<)7?XX`TrI}?(#|)}n9vI{&PEt|PaI%A?SQhr|o0<>DsfFySUw84{4}&?$u2oI% zj9rY3o2H2<#R3B_6bdt(BXJyPbVx2Ec9|kr!CVJW}m5<$(77g{-F+dcDUb}_M}P@P`x{R{oRyW(Sk|sJYjC@#@ zcRaAgWQV(0XM zmJ+=ZgDqS#8pn0^;qcW-xPSjYr6l9_=Qg&^C=&w<$&ZvHD{pA)WB_{Y8C?b_!D(N| zAQJj_+9pJn_CG)7JY48Bd8N%B92B|vc;c?%X8Ni^rRM(viJCbA$1LDt%Qmg7OCMO%0W%bX)+?RcmwZjQzonAX-a!ZG(Rx!PQ)nE-25Cl%T~6r9D=)cND`kcEzPAtxx;p&b1iCXEZs0*?HmC2^W=l}*)tjJxwZKcq z$0GT+W)yh8gn}_DsV#g9N7KFYVuJr1=jSg3uiiO$mkDz2hVHqc5i7oNA_HxAJzwvPufX#R zWE%0b^T2NuPEUg#{_(QkU0+K&1H#Gq4sl}x!G@FH&%bw8EBt79Vd}tWCc-!WoG#O< zlMIlD`aHYSv9tpeYHRsvx7*s3Ra;q2YccP{6$&n(Mv@IkP$yNytj@c}r~WmYPjA)3 z@IE-Oizu0dN|g(-oZ&le%}RXPE_{6wBE+;)ZrF4&^-kU38T;cDfrX)cZeYnsihJBh z{+>I;f^aFbD$fvVSH$giKktkug(Oyj0Dgz(4k1~Opg13uP<167+kM^=bYuch@L7X# z_wp1Z&{Nc9F7QXJ49jE-0y;`vl zNZs6;uNvhLWfIFsZ^La~1ZqWrAjEtA*LO2BQxbxUu<&?&R%>@9vRlb_Zz-I(HcH#A z_ZH2w?4L((bmdCG^Xs2g>Q4>s6#gT^>!*1ll9ME}#S~V>V;$}cqI(M=>ySJ3oDCR1 z50y@!+PUy|gMN2T=LDsl;-%$+D}W-cCYh8()Cr6f!B_IJ2()yz`7Xl8@a zRU&q>oG!W5U3K&mPhq!U%4l}PAf$lXZ1=qjjz<~^+u*||_kbk`cqD#&WPnO;|aqbW;eDi_Hja|_mesJ;9V%c(araXlf*1AM z$da>#^=I=2XP@S~?Xo-FK}~%&pt2roG$RBWC1R=#R)P)&oeVeT1;4)q@v5In{)-`z zx0Q=6K`z_D;|ap#6wShib8S*T3uZ=9wxYMo>A`!Xn%4DUh38o`%09+`Kq_CTw*!zV zsoTx&613$pq2d@Au(4#phA{Zuh?+!|oksA0`W6b?qZD-}LT{bVNXn~NNck~sp%eXtPz|z3LM8NSt3p{@ zM~CZ`UyRXn{a*g$yo5l>Fv$y&JYk1=kI)J9Co?4kD}QDwe+VBufFi7k{O3ovK@Cur zIX2jHl6G~(cusic9^$aGigMURa0OfNDLr+*mU_FMlBuUI&D)rK8lkEhwXf3cYn#9s z-u4g-q7^i0Qj(hz;^-)ifHLv%qB=Ka-di(lHk%? z`D>TQUt>=IrRktdBXp%RD3`0?oy}Mna^@T16*iLs*kS_W74W>bHN-Egg=GcivhveW zRxdU}WnFqUr*xIv?F#;my=?*Q^lkajH5^KYD`{PIV%e_t-!>_U@apb#DT&X&erl@% z8516fC?bJ=lGk|HyFlP+9dPJW0>bLrd1B<3{U`)MI$6Ogt$u~HefM*%p}(*^2~rk> z8R+t&!>ovIEuYrC&^n#hsf?Hc))wdId zFfO35s$pwb1k1O@JAAS(zmf-&O z-=Sp#P$~@y1QhDYi((-&M{>sGN$KF5lL$zd^uD8Rg|>FoxdD~a?gmg|4RLDB6sF%& zRI@6{^aDOp<*5S<0X(gdNz>W2I+{^ho8soc1m(^6KS{wY>)t;7&ha!&EW^ux7s!@V ztsD6+`|C_CaMZvGx~ds>!uO5S3)ld0A@W5LqLd0bcr;>Y7@(PG7_V zbY{Lz6JDY?2UuwV@Oh`M1%GuwxeIZAQOt-JfSjf^#7MnB z!AXV(i_=JOs|W(5Kv9+4OJKfsuwa<$E+70T|1JWgUq_AB;3b$I6e&29q`lHnCyI8l zV`{)Q7JF^ItQv`QRVPbc*FHPcM8-`%2{|hTZ5V~@8jfitMa9bAzD4~{>kVVz(25J* z^%K(zaBW_Sg|E>t3!&p&(j$^v+FVqI&tepE^3y1ofVWCLb~ib59U!wEkn4~461qRg zhbO2rO436li|Vu2BU>9Je}jU^9T?ET9>&RF7Wo;v%DrK*r<)CP_G&g4g1m z%5`$yUrn`J=`+d#+h#FrPKAaKBK`lp?qpRLj|U<@i8P;bNq(%>>&5)#6q97Hm={tE#=OUcM4_iIhr_wYjg*ya2hOx_ToD69mVhb@R_!FD$r!7pKd;rmr) z`QuctV~QCvHk7H+nFN2UJJYcz<^AA( zpk9T0ROD(lAX;cs);R@7yqF%gvVva4Xf%{`R^+fiS-oyTRy3b%546MrA&1Yy(SYu- z*d3z^oO-bgfDp@y}8%d~iY3+HP=IzaoA ztr0QxR>)p{5#mmZv^iwsGXF5OhJB+3+YWlMA^#8Y|_4MfNFag6I64F+YmY0*gj z+KIr&a)=!Cj)x4n3H+eaPzmOM%2D%1Qwr{5de1f10H}srVs}nq3}uLyUqOk3J?yS4 zUZJQ<0K>0LaG}wp+zqQtISogZ2cljmrTh1+Pufc;sunf`KWV?XC`^ ztFo?iU|On)UdtXtN_lBo(jCelIDv|DW-9z{4q0GsQXxv>uQ!$~-Wi~7HkKYiJBP9$ znNH1=@fm0-Zh<2QBT`k|iw_WRE}b`|F2X-qcx>}I6vbm9|8U}m<(+4%K=s>{*OCMmB3tRNdtGQME@ zSMV)CjFlrpMy_ox28&evL&Y$#*|Nac*4b|mjjLsqP&a8WJAEnVjdeY;Q`>j9np6Ve z9*G3}k6{1MC$Q%1BSj=PG$@rV*ub}G$RXudu=y05 zK}Fs1QNf-@hOPDIY!CfZ4%s+QiAItCWfvuKK(P`vZVl`J=?7FgM2|=@w2Q4*0`VeU z5Q?fJJO*67%??tvptpOi6e;QTz>33|`L~uX&vap@vt&K_!s)-@o#ci>%hnUq7_&Lx z-}3J6(;a%Flf{wB;PzCR+`Cs3V>moK>60bHfw?dYseUB=Fgo@=;iD(N-6Bv^MVOre zd@?Z6(@9V(9Sh3XG+G+UHCE6fsG5~a#}4nm9*jJG=l>8BjRo@ZA>_E>zbtLAtY_8P*NhTGb}C+Oi}+%n%8FgVkR&=1@&J< zv_1?p$Jg)Stz?eD=%UkZrQOS|(^bv2bZOI)gK!FwV_6C3;fFPT-bQ59-5n~B5}|4WE@yIi~{-*hVcN6TYM8)=#`20C;Uv;!c6Kntp)(PZLX{3~bHu0>M9Ry-d<_yQ6=9H%>-d+zN4)#AoDcj<+B#0#`Vvwg z+zK>X0F8b zWWDv5s#p^*m!92kcIPPcT009HQ8 z_x@33?a+U2^-I!JNbHG~Mh0Fz{h8&5EV(aLgsU3AdI4nkCw##*m$q2K&NetChcvU) zQ$C`?%5s{!`Ur_3RUXDM#|l{z_3k&&eFb8#u>NOfqim1l5kel{2Sn}_pB8v{b$LMX zH)L>!LRo$id>EyK?By`BIsL0?vhTB=U&@2^^dwH`k_tYpyFf#A@y6jTy{;XtZC)lx zB*-H=i*aS4=#ShY``<);fmW;D`Rtf7Zr~(Ba=T;UUFxqr>(a)t%H^JbuZ^U{Igl)lA;K_p0t6WKjF~G!?Y`P*}>jro_m5={@YDjS^q>ti-&Hx&9)+!-1S%p0)!~&a* zO3ny4%UnZh%zsrqd&=cQ2^gZJSR;7cSNK&?%`C>#^k8aDZCzdb@l_nMzpLPq{ef5F zA_&FKn3L)WV_DyAvbz;^wxhlq!wg@{ZC`a1@{8H$lRjPG#K6I60!CB;wyYyi>EAcs zF*&E>?;p@zQ%$+2SC3R-+S+UKxu=iRFsyQ&-FHv)UDJo_zRk(pEzvQ|`>D3vI3H&g zUgx6<0{4}dpGS-`f>jLFGB_p&_}7w@|R|B8?!D?CSAqDg(Es&D&zt@>#nJDK+yZB#04Zh`FMFh2*YaLo5 zp%=QmhIfwJS{=v|d6(j!{onQ^aRX^G5xdT4>&(VNKRHWz{&uW6 z>T*AwZfp5HAG2poXHPYtDkNujxCQcJ$=Fx{kd;$ghU6L#rq4OXY1EgsHJxkpB8Yod z3KyA@MK$fXV5~K|*QVx4r=p|hcFG#r_BOt}sJ4QaYVKrS)vI-Vjh5eYbVor;9a>U1 z^~Tdh7;c0w>QXMxczW$JHS>4GPQam(r)|FTi_ZpXwFA_gI@zZ#$8u;ExHd9q(Hu9~ z zey#RCwlFA{NzP0~++BI1092Gy3;VhQQfQ|iynIW!!sFaI+aKRscD}0>n#FGH1$_6_ zu9NAze2WSj`N!W@VBK!k7+PBluK&|s462f+g(a*HiS7m#;e*Z`j2<%XVz=2zVoe1@qD46_|Bm=bm9!%l8HH$9lL8a`^`{GTy?=bvn}f(TbbyKrD&Ct$dm*xW6DF)G#C&_-9t5P>PjEL;|z zD%iX+ivjtM%>5P~|H%B~PgE8Lqi$LUG9SyuY~Bzgmra|Ka)i1~Gn`n~cj0|{1*ISW z5(cIO>VRH+{tmT)rpD0#3i74P()BT!o8v4$wwnt(p6NHHOa0>c}Xzx#!)QWv&i@-77yie@|(>Av=XaI&i6 zk&YSgipxFg4h=L!DB@xrJ*tu&pLdkcy`2y*>5+)lvz7vH;yoEQWh@F=!H1W2D`4EK zqNwm7XosRsY~NaGReDaF(RO4r5lY{vZoiveSfV!C<)OD=)5A?a2?wAgFHvCs|tjQkI$lPbPRMrU%B=xSum+0YfrJ0e zzUn}MnKimz3@bBrgeqT^L5wA|H!cH_lADUI1XBhFBmv|zW47%Doxs}amPo7!Tr3b^ zX(C?*XwA}ickKSlWti=27QNxHZPQVE734hN^}~jRGD_~oiY+Upwf3a@cN3~0=|Y}@aDBhmHmVKrc(eG6e_IIUu0W*mFPBxcY`fr=GlzQBA~A;r zO-*c)-B!#-zxOnh(mawW_ha@gnwfdH%=k!d;oIc8cjEz_0fVw)%2X_D>~`@Zo6f3(4>{ZQ7}sblv(?l-YDMDyKipKxiv@xJ;!kT)=P# zBYOW#rqvP2+(c@hZHU(~OEZ8LnV8_)6^p#zqx3Bus+t7!b6>KJ7dc4qgmD160e(Gj%jS z--J<24pwjz;ZWXF%emZaKYjuQFE3G{*!))rqyFf%05GVm$-q0~Z&uBuO{LgoJh4qu+?}t28xJ zF*jf{>w^`TT+or{s9I-Fo9+A`m#y`Llw*SUhhfEHJD`U;-iX5*I79dsAxIx?q>A8J<>vLp7iOH zlI4-%MF33!nP_$zA>f7z^luEhs&~`o;rY^xuA9Y-7QRzTzgw{2lIm`8O@vTCZ5dGh zKQ+8#YvH0t+A0v$vWQu`Gl_jPlP&BCRbSE{s5H<5~tVDw{o!;4<)_Jku}TFbgY~K|j)% zLbpDQG)CyNo<@Il_cJ+CzEBHkl%w$3i^AiTZ30T3q`aiBA!B-Pt2@(TXoN<5KoYe2 z#md!OLo>@hf=UM9F0@4%bUy@f=@B9-i<$;vKM-nDf{i}&wsaYHffdd$Y zGy_<6!=f$=QCAdrhmYPUn7FhUACwQdfhCmksSRtwpf6{grq;?>-wS;XyD;S>)zxs1YU2Cr0VZgHpd2U2lEmmA(DOV%51-96lpHYFeH$D(6Qx!yd2Hy!2YW- zQ^sb`3LawSlfY-l6-gn$!F1g(etquDuZ;|sQqS%37Qdn0jGzuW;{*Xx+dU!Y_6sT$ z@B-f0Usd(`RZdP%cb5k1HO_WqdTP{cWHw0Iz9>_=z{Z_9t;cVhoW6)DwKB(yTIv{k zc_4BmnMvO|>zny3&Z9ZqI49Ws{TZF;peRL=C3a(>DuEZFt((QPrqu1t1O!D-1Y{Xd z;^=sIR&96rgi)V+g`gwtot>7g6 z49kR4+NOVP;*%BkGFw~uPg2P&A6>LFTNhkIr4#T7PJ96A3aTw+X2zD$8C$*8CM6%<WxVl+ zhY%7j_D?PwU8_}YZykr8hUj$laB9{%u8sGeP0fJ6m>*3qUod-Ukr8NBI+)a1{EdnY z)JK%%AEkP6ATaFyU$f5(4oknu%1de$WcA<-@e`Zub)wXLfw5=Mz>5`0FF!B*EYi+X zb1ntaS~=|7B4zRczOti7e6gG>`q#~%LrB!rfXB@>JU*uTD z!A_VyO>0m7nDRIp&Uf%xSH~oCFy7}=ONxb21L87%BfgUKKxH zH0jy4N0j?}toMVxH@uE7a;G7KSE^^#i~X6+kBm+?k{#Cic&H)Ssgo5=fDVNf5&WeC zN^o?<$8%oPxb+r)H!C2POUy9Q_mwbIbPT9c?S@bFrKgCP*OZ>Fr*zHBNoRh4xwphN zX8|33uVcC7=r&)+x5vwcHBzAw;@4l`{SEp9?jbkYP#vO@zrXYM<~fKBA`%CF~_ z&yEH0zB3TX4L&2$p`DV4zCxF}&DLRT@>UOH1++U@^jjaESlXp`DE|o`-vsWx-On|1 zKW`YnztLN>+W>cIss2l?gR-dYz#p>G6cmUveSH%b(%#41_=0_U*m1j@%XP|5MJ(j!(8e}}E4|dY{Ku`Nw2?mby4-CznSqWwQ{iG(*!n{2?g|x-?o1DE z8j_8sN*|lm?XZFWeL?S!VYJ|C%;&Isv=BCT_;SxmEy9Z)8l)JpzA|-^(Du4ywT@kE zJ^ly~mNgd*0gFZZog^e#3#d?ZMae>$cYqH&<>b^&9RIU&SjK-~bH0#by#p8Y-KDkL zWqX~;C!{9B0`jS%K`)kPZDm?wTN1K4pdTRjsYYx%E_GcH!R7 z)Wf5dg@;_IF1^K-jJePmdYu=uyN_yaI&%ohCnK6!1!8ef$GmW)*+QzX@5`oxP!UOm zH5>|$CsXoJv6@b*$i;od{NXX)eE)U`?Qi-Ae1#xY0Ojv3*+_JyprPKc6pstkBoy~+ z;UTp6wCc0U&JmQ2yaa?uAW6rSx8~EGv9~-~hRl&d3``7}RN@CC|Kua9K1dwn!%3BQ zzn9M9I=K$`a-kUaH-O}j*^!Y+O2@m(d`h(?Ie|!PBU)JwBk)6wm|U|CE_cGkxCGy&RSN z<(mjKG$N5*(coG%je@|YkOKBA(JpIcR)B#kqC#UESxtgZd`9W;mnee?A5hHEz}h50 zLSrm?lSJDjIEb`EECcjYeMUuE0LEkT7BSc2z<>ENt{6MDVTZ=*$AQC%G0T&|i1~>K zI(xqtCdIzEEeyXsWR7iiJ1ulSxlw*`0_34gyUhmb5fmKA$-uj>K4Z%BN?Y3X1XqTa z4Skp6eUd)7uI?BP*Za3hj@AqDzrI#5CCD!933A2`VYVbRpUl99yLgpv1XDy$(*4{` z!^U{~3jkXfHq*@>UY_Xpvx}>Vm-mc=Ti)}U7RH>>BN*mRHv?bmOFHkG-|*JEvYe>X zN8gbDFVDw=Yb*_~A2&#ppR0I4P{9B3eEe@?)c@Q0@qbKGfq%S~@-iAFfn_ zkg2Pgp`k#AmjaSLX##l2Zk0}}yOBBMR3^z(|0p|iu@LC$!RZS-#-?smF);{X9vZRS zZ}Bl54ZulXm2u?V$duTQ@~3c^heUEu`#<(M^w?|$M#b<2O5vdLO4WZivD^^aXPXB5 zNzh}EQ~4HvXXYm+2WJ#gw{pK!SBq|=r8HG-lopAk(k%vDPW?MUTNkY6(-(H{tLms?5a@@>Y!^+{TE>qPbxb7o9D%proM6LNF(Z({mnT5kZ?rvW7 z1?1myt}BSDwPLm-ODlL7Ugf_oBe!6;26qcSx*mI6PQd}*e(kt^A50U}au%y=F5%lS z%lWh7{{|IfljBLMXMiEqbA+%#F;6!Wf1uQ{!ebx~JVZTuSug`$rphNOaq_Am;G3=SSh@|7kTkVY|{qEE~;iMk?$I>3VjTt*oEzbheP5(|$LnDcb{Wgg0Mw?w+axnP(ymniZsb{B+wk z=L&?$1Wl9=ea0g*keyo7_0os#t|>RWq7c9xtv(qoR{NbC(*V`|IPWU!m*u@k^oG=eEYlrFkf9#5a7$ z%0PN0UJDpI00(!1|8XeQTL_EGzvz7A5X93nYAOg6>Oe%^8DIUId$CfzA{Yso*F?tA z_%n6<5Ttiw*^w>_E#PXzez{Ym8v?05`iBo#Ia3Pkz>~~7*_KqVS9sd;iKh)>Di?Vr zKVF&slJK?G@+IGRy$t^k!gTWOiC{Q;w$5;eoywY{<%WOx+RX|=FR;PP309x*QR{1@ z#~L8!z_R^|Q~T1DRRS{(n|!(IM!xa1C4}2Mx+0~3Hc?@qMk8`pcWekHFB=wI-cO^% z0-_XUSqA*jAk0I0XAYQJmMXQs=Gueh=B!5lU(?{ODVWUM>P(V7JhgzI0=B&Payvsa z5BW&{`!nIj`&Vx#A;G`Lr9iK3KYqMleI#!16o#5tv5ec__l=yr*V{f{!;pk)xBsGi zA0ByQ|9l)?FTe&aNo)(eeXWQ7I8Cjq6Kd@6Lr|K&FvlQ6a?Vn771eL#nF6yJDp35! z6V^#NAtw%nR$;+-kQ9S>J3>LR=zWa09OjiRfyKQ!9MlcGQ5?Vk(e~pkSOL0HmVQgp ze0CPCR&D7cfxe7v6vuXh+6}k8>=Q=&{CnAa2Pxz*2~^(1O+NuYVYy`vrJgubceBpD7(E`4c8DTf~POx1vH~ zly+;{hQ!pu62eSP`kWVLLl&E2V}+FkdwPn54D$FIThUkd(?$SKl#<7%^8~pL9S5rPyOJp+Up^rW+H>#^+0;k9G;M zmtR>rcq2Zv*yMd18Ecr$m=_&~l1;3kwetgJKJuCu6tX)EXi(3kx{Z4V4u^hX7r|(i zBmAn36Mja0#T)b<)XCn^p2kFU9KQ(hX0N$#d%SxJQ#kQ@@$1nBT>5O#Xun0II!iWg zIU1{r#U+{D?aIowd^IF8Tc7k}JHKA)#Lc!Kx3SXERd<}Q0v##pyI{*CGuaTxxgU23 z*2U^vH5&6qH-_S{R3v?sBkTQ4%_d-z%F`%|uLR`nnubtQpYP*=752%y0-yKB@+?cY z+@!H%HF&+s5+Vuw<(1Jg#33G!$RkoC4-QSf*1|RWIFje6Af~;{_=03QFGe$! z;SG4^j5&4*<=Xp*wLb_ioLtyT2a{hX=hJ`=(nSImJvMDllH>jmPG=;~4)oVxrG}UU z@{hQGjvnzr`&nFIlA|WqsbQrZyD-MB0Q?=Ldqv-z0(&tK+WGHR#i(%-Ig`T4r8i`Y ze7$Fp&omctp-}I^@BsOJWqzLGV>^t zw$V6*q+FKQWVh+f`M*(?cI&M+wS{dtv8C`R#SW}eNqtNSsl!J%-0vNYuI0iC=|-8q zDnIGGs}n|k*%5`Wf|f=o%bce7HJwi!P*SW$DVN7ps(?$SIcJxT(0|%1$&9sOi4d4F z@h4*w4S_HVInV`mUO*-!jkp}-d+3e6jzLf3a(}8lv1Clns9a!ax*h724Dh@s87$_* zO1)9R$oB@(tq>=LST*q-ZUQ+ew(;~-p>0~z+8tDW(BbHRRZUZoS%Tfu7H3Vew%K7i zOTW*^a=Mv5-A~Gj92S*!xe_uKQAle#4Z|1I$a#TyxVCzSFY?^tRyAyNreE+>nzWv0 zxWD1%i`jOj3Cl6J0JLK>7N+V+sOZ&$j%sA~{?!IfmZ@?MRMahWR$n)t9@IpA`?cn#VJ$j z>6~0J4W_}g;iBh;+xgaG4@YD7m$_oW+NE{Q?!hWquTb&+7yLB-(? zlEu46H{IJ#ucqkn$oT(^w>)I+UdLcSKriq=CgJ}RZ=Fn?oh|Lmo&GD8h+#9s=Xo_@VYUt-PK{-xo6EatkO^kyZ9 zHQ$)lCxBU7Ga`mI-*0hSvTkLPahG24-01qN>l|{Kq7qgd<`^=3$)9q`h}r%9@g(BSZp^u$qc-yt3z@Z5b5utX|altTNnJ(%y?#vw&lack(R0NL@^uFgFa_6DJsL~vqLWUu^ zlB1aF93NG)90iM}3I}T-3q)&;^jO@QlcrvB zM^9An;(1LMegKJ`Z4~=Ev9b&$K%K6$56Yyr4|YlwzLZN8UA2`e292?|7o#^O&`>T1 zMN_G%doO^`u>>g_x+yU7T{X@bq0{4E)y{aKT*Iho zP&vtlELbV)1lp)4VhcvB3}FN&>ggjth#U2gOqo+dSe*??`n#q`3niqMN%QzDWAn_Z zg%5@CNT%sH*(wNcwH*xCq^!p^G*q*3j~Whv3H{(Qxe{Ks;h!)ory%cMoDUb64M@~N zj>ueE#0Y6l-2?7L08ruN%{%FfDo~o`^!D!A#+A&!9;gPW`#0mPbXIMEQVkT^zcw>! zopeN}Ukz}u4nlE#v~4nCH`$|&oxy~Mm^2pzN%>BX`6h{zNwkBJl|JdBHQ(D(8RHwa zTdeLu#dGv_c|Le5UZ3|{4(@iOizmqb7%o>np3okfW;Y4p$Pa@w2qiHP z-6Aka(aJ(*?M_sk!h}D@w=N+uO6Mc{@;aPi#15)kEES8pfh4y?W&fY{uEH;`TxsLh z;_mKR+*;g=ySo;5EAH-2aVb{ZrMSBlFYeL;EzWmfckk}@?%u!PgI|(2Z!(jd$upDW zoXmN{Fd^#5^(Xw{D3g`(xM-oKi$Mi;AKTF>Wcx3UMB#?IYW>NXw~ZZN9WIMB6EVeE zkig!mus7=G z+{QWNN%?N?GPBG(0a6A7&lsE%7tc5+K2Re`2p1)x5`G!6Vdi^;;*bkx8~4VzFgq-> z82N{VYgqLD@@#_Q>N@;&=#*(ra<~UsY6%S@S4H>Nd^0};qTp%s0#_SXpl9cc$q z6YmWyOCE~UF0^D}l+0=wH#YfS*Z3-u&MKd)BeAmmrhB}V3{FNzpW#MDMgDsX0LzfKaxt|QukG8RibC1mZi#rsmw%)tt z+lKar6W#jo$A7en3&oSD5-1=bEMZ_EK=Ruz#M;Tqz}OzJi_cq-%mwRB@uZ+r=oA;G zmm|iB2D%Yr7Pj~^dJ|^ZrLX2C)n#53^u}yy?NsX)66zC_>gxODqv;4k4iHV7J3Vqx z7m*S4UT+GYc?Jvg5k6cw)wSO6uAN|{Uk1OsVQFel`(&EF)O#}>eAw}z@?cc)$@zBw z#<_X9Y?rX2W7K8d`)+&f@fcCpdM>&&`n>#hBeAAxb;Z*y<$YuO+9{zmMf}Qb}9fhj93^{AyR&+K>8d%F@we&q14L6?Vc3!iK~2?r(h8o27+oto?*K zcgW|)4Ovcnrj+NOZnv$yd7YO;T6WGnSv<5x=WjLY2A$g-xvl3~ZhQT+@KvhjmVgOhVSk-j*oT&dFR?lPcKCZIhkd znxUQ6EVC)xyL$JzV8pB-_?gFLYXZU#W%NPnx0mKa4+_SzuPyPR?#?C5ILcmmH)XwP zO!Z`IxxSosugUb%YQ|_<_t+Nws=NX|+rbc1ntU^UJ%4jgN`-7mkVT#Oe>Bq|jF-r%d6#8#Zew zyXJM$7lBw8PQP$hcwgT4l74v^=9lCwxDrFN?V0cMq_E{`6TsWxw|Toi79XmE3DHIKq{ z$rB3>%@X#DCtDFTgkS$SkUeJv4t3q1$RVp68=op5Cy#r6h$cDUd-(Aa*~ob2aE9XD zy+X>(!(Y3w1BAy(hB7_Ra;+rU=%mQji>zBG-@j70g^X*nJV3 zhx=_^^q|&GtS#;F9aSSXPAZR@S606CaO_p!b+7oQo;FIDPiV6RwSd=5*`fAjx46G_ zfi{WQq;L>$8KpWw7~biVuJt=ve6@_9VlF}n%uMl$$8_)QJ|`%tDX`NY zM1w~pMkEPdS9~J|!Ta15VXa`G4@G2TBmw#)h5?s&wBO}WlH~D2SpskKKC#q~GGeeyjZ?bo)>wg+M!Rn86nn-<3G%4-knZa^scAphMgUz@En?-@gn< zLz4gK7tl_OR6va6`6`kiEGDxo;!j6mei+nHNi1vRegse-1b*mj@Cnd85XaWUd>|K` zj5hJ@$Atc;ylhfwC&|OLXy2#^GCDRcYvKMxM1Jv%e`1fMQP;{BIKi3+E1O0kqIE;% zV8ZNsshW)>2h;~*pgU+_aG-%cg8anUG2!_!#Vc{tifOyN?w~5f#ggKnaGhXua?r)# zGoS|`PCneLk_tesTMF*r3Umg!?ltplbwXN^bUew2uHi62BwEk4E3Bt_iv{37ESiM& zOy|iVA%LHa08r-L?5obmZ$lu@$WsWjEU{8=v?HcsP{;QDjEwfJm_c4vN{_1g_=D)k z4Dsv>oBX2zPYCqNwqYX=Q=kn1$rglWT2VU}HTM+&k~_GLs!{7FpJ!Z_%UJg+Z~#D> z?>Ax_PH4Xd0IAq#SJRZ;VuI!pT;Q;2q9NdNjCF$Ww$7j?yVxq_J5iHLz79?^>lUK-_eQv!Ev;F zoG7|idbv@{SgzX#Pa55*=2Cf^!ks8EYsSbdywx?nD6k;k8zIxfR2c`sG19aapY;uf zJ$=woP;!-D7YW2fUv(j)ekyP-iYbOS!JZa|9ZRPWkrTI$Ct+k+<9GuF3??wb(CPv} z%1Hft*Pg~0Q-WBYXN);1IbS@FIsmpeMJeYg^EA;xkb-Z!H9dFDeZ!N8S^Y3^Mz^d+yS| zfDYd*bt6sc{g>WszCbebSi3kvsvWnNK7vqk1A6=Xzd`2@2m*EufTCkj6b^ui&{7>o~xY0y1EA{QfE!xH)#7jsf!8b^r5y`snb z!=dPLX?q%FBp<0mUzZWN5&XLlpVSK9j7xb4GR`_}CQERtj0}?T9kfm#$n(hT6VU?c z2Kj$P2}89-LQQ7z$z+U9o{Q(melAPUOai4Z@a+AjAqW~XAQma;XKnnCWG024)H099 zN%(klgq(Z|t;Afx`yhr|HIxGU2kGaPN-Oy)F z^xhuRrMum&1U(&6#dU{1vq zW(?%RkKYovTDU<3qNP!z-19oBO!=V%wdey-h~fNa_<3~O3z3f><#3QV8`H$oH9TXF zOhE-uA;1LxVT+LD21FFZXI3j)S>qCT&C}4TNW!-yjkkTA_MZv1TA#rBo7U|UJwg0Q zfOjBpAMO2C(MW{Tq!dLJLm0wF($MAw&)yRJyA9*0nJ}gpR^X66kj1AkPNn9oc>i?~ znu<*3UwSmsrB(qM?Zr%`N)pe^gZIe$zqQSSGomTbmJu^+hm%>q4RYH+aaaNwM;24Tm%`3U3GQ2vr2? zecH*Z`BHj4s(9t>Vp#L;X!dT4;fICSd9CAe1hNMkUsHHn+8XaO@_$$)Wl)=-u3lkQ zNu^Cle89`vKX3Jx1B_pNdO~q8g2a|wxK%9L)1U{Nv=sxdetG`RqCY*L z#Zi?(SA_k1M3sCC3G<6Do22c z2=vKPXmbOxq0w*CazC(G`h9)}7E2=d@*dq5n#^&bLN*sgQLNI!>VDjn8*peS)c*}c z6l!4=`cqlr)VMTmzmMr?0>tF9bdy8R%{(b5u(Se(`JeQ! zmx`V*_kRr9HR1{@zY!ZXY=Eg~QtV)zrkcO|^N(CW+Jcg^4GR<}w4FS_4 zZ~kS(y4tA_e%Zi{ggML`jhif~{?B2V9Gbe@ zJf?N;-y+K-#Kb{>`2-sz)<@ACfJxB~DG`+kifRU<&v(&S7sCoGPgvYGDg;>c(Y<&{ zH~+zBVJ?m3DOaMRHgR49yW&_{jM)p4Af?wlaX?KwtX{H z3oTYp*z_P#%gnnEYRZ1p=9w=+ONsT>55MM$Hcy9du%khAvZ&mCMX{#P zv!;L%21OhV0FH(f;B{zNiR<~nve!GgN|cu8QZSjH-=rq&M${uPNCni*j0OR0^2!aR zsI2H%$R^ZDu+&Y*G%_rb-52;_Aj*MSqY2qGoN%sYmQ{0A8vYT4at;{GPS+aIA6Xb#LMvVCEsp+?cCrz7HrI2SG))!a zKFggYjx1W9FKTt&Z$AQOF8=%Rw~vwcCIN8A>9QIG1o4j>PY#Z5md4LF;0<7XK?~ztgv1s41p*i&wziOB>4Hf{Mxs;d*mgMUNWnM;)_Tb2jE--^6c>NMomnt& zW&jVNGyCa?<3mX8N-rAq-B8r-vd&2#2C^;^c^PMNz21_3^M7|tdeRJf9=(@9mq&*l zJSdTiFdKX4FtR~+$#5D!gV@cYqw_G~Hjwpb%O}$f?-dxwx+E)da_0u-XowIi`0V+Rgu=e{B_QfN!^`pvq+ohqc7?4$}gU!HI+ zpUx?F0Noq7Tt+g5^7`47;df5SE;$6OjpfkrHirUB4VT%IRzdH zGagnUN3lQ8SKkCJG3Xy^3IiY@DkqGv2A)@15j4kx4ENDe~Rowxh;O?cz^~^E!?5V?KBaZ}rEZMwT?$ExVdPamqTIah6yfcgq9m zZim?KjtrcUx>F(a#bSOwn_LiYsbq&<;#5`b2gsNU8fG=KTDoMDpk8cjdv1JY$J|=R z#)t&(KcGd*ga}L&IKOkF$RKmnn{n8nEc2Mevcn)G2sU@ohDAEn!xouAo>SzYpr~rz zg+eLxuprWJHhubFkZrdkDFQbdTZooM8c5A5=01Epowy2Q+MY6sW-FJ@7$&hVzqx

%}rWK(fzXeLO^z>pQ-rYcBr za6%0t)S)-)nywBX6Yr-B`$7)CO#HzFcGybV<+?pTKXI5Zh0%lz-nc@^&unc5^955Y zrO{-QASE)aAxG=$Mh;5-t)@c(US5yyUw8~(#G1hMHiGi%srT)SG0lp9^E3rjbr<5ZAjtL)xvKrET9zjNG#r-Y;^KJkaR zYm!q(&NF%fOh&gmy9wMl*A6lXs=h!iuGv&nCaW(@+A?p7ynf34OmLGC4SJ((Vt*&^ z>{L+8(|EEHfTH!2!Otk31F_2sU#T8qzO9;^Q#J8*gm_v|AGOjuUe#IpGp+dskMBii zYCUoL%=Sf}!6s6nUhtdJ7){y}6fwM``-Z2Yw$W7aNhm(n6(MMgY?U#N$yPK7!l5?+ z!a>9zNPQt3B>8`$bK|J}G=7TexVcjD7<{01hQ>13AEQj%SeaCvDLS7O*(Ao`LK%dNPJOhec8R?iQE7# z{z?>|>&SA~wnE%XfO0I1qEahqxHE(*l%x+Yvb-D@k6K-)WsZzu4Psv_AU@>Eu`kz$ zB8WTH*sa|&ts}{tFt0$>xo1HS%aozmuXZQ`Fz_}+*V@&ndgp-l*E1!`5?D9 zC&{2l0dd6Pk!j*4c7%$2(?D%;?u15TyAGwpLr;#5Nq8; zE1D_o!LH3}q!GccADs_ZdMdCyABELysGwDmRSB&UK1m7Rt^;w?wv` zgd5t-MNeo5RYB^d&~Vy=Od-~AfgV9J6AJ{w@q{9iP&OWVh$a_}umBHD0RL~{$Y&i7 zeP|O1OPn;qRdz}te$GlTzJCwH?QQbQL-NFMi}J(}zXfCOD*rq|w+tZQiUm@!N5RQY zM8OgN8swtjddl(8bF=Z$1%C@{-m?>{@;SU?@;R-Md4gz9)W3D{shfWWDly0nmA`SN zp?tx^Nt4jeMU&6~^wVIo7zy&Y7zymxuwBgm*Uk!OzAvGcoMyfy@S2%!H0ZdWNu-%! zxmUIZevpo!genoc^u7fKIzrnuk&ytwsC^QFEJK($UT7xB+zDTmA(UU*)5~4$F(^7} z^;@3Qfi?`6Dct8^EAq~ip~|r>CyAIX_(MAFWQevgeeH``asd|3vKP%$jNu~Gtz2MT zPWqy#C)hoQxpfo>%37FtYy!pW%>!kyf{^pQhSIi6sGZl%7tT_zBUKKiKm{|oEMN>- z1T)nIE5dAF;^)zun*`J!r6Mm*nThg$GY{xQeHSFiVi{DOhtrImWZ@ykMymHQ2u4K- z9LuAGIDu^zX(-A93#&>=2!d|*N9RI>o(P*yRS}M$x*~keQE`woKosIrfJ379@#G5; zuKv--Ah|guAu65{{apkpHsQ|-@W_<_F>MKG#A|?Angxup7~4SHF3#sK z0Jk!L)JbVrJ^^KxDu~Tai}EdM58FT*5d-HtKa7Pq3aeClbC{$Bl&zAlc**qp`M^a~ zn~IuAF))v8w#scXwi0~+3}CMTV3wEUR#^raLVgC?_LmCp%w$&v-&CVT!%~VAr*4C#Z zZ5?p;5OMg{6I9znn|h!Fq!eU3GMW=5mPajA(A8p-sm?But~BjqV#jQhPO|=IhTg*^ z*l;*x^W4P`+9+)~yrn1?{IGMHx`WWNFrUtg1XaJ&43770gokb`c8P~6zTRekmq%Yg z)i6_b=*XlU?VB?&s=q_irY#Kfs;Y-mNX)l*5?f&}AXN~Q{dfj3Lavx?w%4hlxWJwfUuC%1=W%gb)F1+4~Tg!V7s!QIH9U}a% zC#nAQlh+Jo%EG0>Q(=1s_g9%@?!~B9Tk4C~@aL^Xz?nO|I$CmbOo%*exXp za3xeMYDt>Z!tTdn@cK4Dkuyz#S>p0ZCI>l`c1*v6`_rQhJraNEikiewA~i66AyRa^ zQWw~6{bJ*@-ivBH4$Bw!Raf(U7*X7H-&;gA<;v6-x=wg(UVyJ)^!RpSz-@PE)_*;h zMA3auyTV#q2l=+U5U3nQo8g4gZKY+~Hp|y$sW$Bow@co4tA}o%I<5~7*Y29R9nlp* zZ#YebGML3aWcA@Lq0Vuj%=M!b_HlWQ1UO+GzLWa$S^Nu#R0+ySE9)yhDNb4`y0B8_ zWd~jcrd*{kAxqOzyEZ)m3V${s~OeZM=LWJG;#(%p6xPbTdf z^Oj#|0p3vmh7HOz(4n$4GmYn}v}$-pv74C6J2LtFP7JHliM=%3Wgd~oiNdG+Lg~|^ za}5UAuC4CliEfh2yAe&eb64m-wG*spsGmXc)z_x`JXiHqqzkGmc*FH-y3C}fX4?}v zt!%s_MFx^D;Tw87*k3luyn)Sl^t`{8t_dHPAOCff_i;Zl1OLvi*ZS`%~)7u1LsXdtjv6mD2wNpyuNkLm^B zCt#3=}BVlH40P7S1X-ifbHv5`IM217J$YjF%Uta;t;*mze)jK)(4wK|MhglPFr zs?V=U_XJiLpn#({Q(UtouupM?<_cBY=HX7<(x|NJcWFjijVfXcJAv7M@tdOUXh(;C~|!s2On4P~?ddXK~@8M1Tdi}=axv9L=F8JM)> zg_UeOQzMeKq%H3k0+aN}%GylU#4WEA71FKuj?w62_M;ve)shUF4Vh@%Ul;NOE%k;e zP2(?huLQ+K1+@VYbZ?{2epIH{H_#=VK(>U0{y@8Ug$8FA+@Zz8V{10F`uW{nt43oc zhNNsP8|)|*@T|Z(AN_mwyqiekQKaz_KkN{r2HZZ2X38c?Rj8l_-TVCxUGMXq(oYZ}T1?#F65W(N z9X`vXvM?=FDLK2`FZSO?x; zSX+0mcPpnquHxq%|FA>UAk_x_7l#tRdF>=_2o+ZzWNz-iX@(H<{>x z)17F4+)8pWHcx{O52q+iWnnu@61l9RS@T!CXdgMMyL zpLhYyEi;X6j_ncdCqm4{OS)#x)IL~*p@cNqsGxF^Kigo&rXjDs^;JtPT18Bj#e8hU z%pTHwke-|Fj)|_Yyf{bjhRTYh{K3bZ5AZh~;XJy$f9&zp4{~QVX^-F)+bUCoMa`ox5|Wa9W?%Yh z(d+D@HnYaBZ%`h2x8l3`fSn_*kHOyo^8iNIxS~no z7?`3Oz;emHzO58L5qc#eiUZk=ui0Ss9mH%7yph&N#mDp#%d4|e&nQu-%ROVxPpAuS z*KJSU=6{^TOk84gInIMv*`$i|Fq>UR+P8=LQR{6!viTz zb{ot-WJjUS&@FRFS125!vE4)iK5xU9plVdtJf%52-5^u6Be~|?e*18I@-W;_sLQuc zBTvGZQ#5jW4Eg0NJT?Y-xtkELeYXbX)x)Wq5MC+v@akgH^QVE1cR_D*N!9p(W8ALYZaFfecNa=U#kXKZ zMJpvk>%P%iHpue!W~TSB(^~7Vy8F(SIrEOd7l;NV>}+>*uYz-fh%Q~^W1X5zm57J8 zX$8WB)+Gc!{1BT&3g-LATj<|N^TGn3O2D2@w8MY`K96$tHnt9ohBo%kT1Au#@&7)L zfW3)`6Oid&k>ihAP~X%A!s5ZWGCP9$6S zjC|=(DwG!N@pQgTn|{+n-gA{~_+%0ReM)`;7#eKM8iDOjydDH!3`R9WG86Ss;dOV|1Y|1c2~;P@ zt{yCD(pQBE)ku;>N#;fIl7cZBP|;ULG5(cM!I?;>>MyuCpm9rv5Se$K^S%-_)3RSI zoV9g0yTm)5|u}Z-gbQ>WiIMahL(@#0Z`ew6;+w4UyvURD%>hPVJ}@NUXPv_?8&Q z8GTECjv4X1l;>#~8CH)qH7ihDWFNk3YUbh|uSp3|?&1s|_Kbeju@MY?hL+JE!`c@? zWvR7eCHW9nMWuNpoFTuUP~e<{8ag$>q&ly$u{dZI%wFXtpTX=YYldDz%7?N8zPZhC zpRB~Sa2U=wyNXH}498<5Ech@Xo0e+-5u80&u8Hhz0nZkBry-bZZs$O>tPebLYjZY9 z*7$g_O^E(%7?BYPq8nF-8ro+H7%dN*TC~u+?VlP@nA(}u{j!tl;~oS^Cau}wcgJLcqCn44~QPeL;`q9`Gu(V=dv|><@R1$)yRGfFAkm8b(c!rO+ z+aIpRe2QKBYBa5yxfqFAom@l3IJ7?&k7EfVA|e$*A_`)?Z{@ddldZm#eRFcHxu@-k z{f3%R))X>RcB%cbF7W32>{yyNDvUz=K=a_ zq$vcfX^gEMb(P#~jUBX~a4aYFcLoHpI1Q%&jSPVM7k{M%$pV`E&3FCTU;S4?w-6Dj zUOT|h%RxT7Fa1f|0VvqB^YCAN-hUekK3aXW>usAHlzq|ILHpSNdNcJ^x8>llDjR|9KGoEAg+J zjX#N-%YG;RW$W=PhhJC2e{#^Q_?^Sw*2cfm|9#s3lNto1x(Wp3zZL<%lK . + +# إߵ +python3 -m venv venv +source venv/bin/activate + +# w˨̿ +pip install -r requirements.txt +pip install gunicorn +BJ3: ҳ]w +# إߥͲҳ]w +cp .env.example .env +nano .env + +# ]wƮw +mysql -u root -p < schema.sql +Ͳ .env: +FLASK_ENV=production +FLASK_DEBUG=False +FLASK_HOST=127.0.0.1 +FLASK_PORT=5000 +DB_HOST=localhost +DB_PORT=3306 +DB_NAME=partner_alignment_prod +DB_USER=prod_user +DB_PASSWORD= +SECRET_KEY=<64rH_> +CORS_ORIGINS=https://your-domain.com +BJ4: Gunicorn]w +# إ systemd A +sudo nano /etc/systemd/system/partner-alignment.service +[Unit] +Description=Partner Alignment System +After=network.target + +[Service] +User=www-data +Group=www-data +WorkingDirectory=/var/www/partner-alignment +Environment="PATH=/var/www/partner-alignment/venv/bin" +ExecStart=/var/www/partner-alignment/venv/bin/gunicorn \ + --workers 4 \ + --bind 127.0.0.1:5000 \ + --timeout 120 \ + --access-logfile /var/log/partner-alignment/access.log \ + --error-logfile /var/log/partner-alignment/error.log \ + app:app + +[Install] +WantedBy=multi-user.target +# ҰʪA +sudo systemctl daemon-reload +sudo systemctl start partner-alignment +sudo systemctl enable partner-alignment +BJ5: Nginx]w +sudo nano /etc/nginx/sites-available/partner-alignment +server { + listen 80; + server_name your-domain.com; + + # jHTTPS + return 301 https://$server_name$request_uri; +} + +server { + listen 443 ssl http2; + server_name your-domain.com; + + # SSL + ssl_certificate /etc/letsencrypt/live/your-domain.com/fullchain.pem; + ssl_certificate_key /etc/letsencrypt/live/your-domain.com/privkey.pem; + + # wY + add_header X-Frame-Options "SAMEORIGIN" always; + add_header X-Content-Type-Options "nosniff" always; + add_header X-XSS-Protection "1; mode=block" always; + + # RAɮ + location /static { + alias /var/www/partner-alignment/static; + expires 30d; + add_header Cache-Control "public, immutable"; + } + + # ε{ + location / { + proxy_pass http://127.0.0.1:5000; + proxy_set_header Host $host; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-Forwarded-Proto $scheme; + } +} +# ҥκ +sudo ln -s /etc/nginx/sites-available/partner-alignment /etc/nginx/sites-enabled/ +sudo nginx -t +sudo systemctl restart nginx +BJ6: SSL +# w Certbot +sudo apt install certbot python3-certbot-nginx -y + +# o +sudo certbot --nginx -d your-domain.com +8.4 ʱP@ +xɮצm: +* Gunicorn: /var/log/partner-alignment/ +* Nginx: /var/log/nginx/ +* MySQL: /var/log/mysql/ +w@: +# Cƥ (crontab -e) +0 2 * * * /usr/bin/mysqldump -u backup_user -p'password' partner_alignment_prod > /backup/db_$(date +\%Y\%m\%d).sql + +# CƦWp +0 0 1 * * /var/www/partner-alignment/venv/bin/python /var/www/partner-alignment/monthly_ranking.py + +9. M׺޲z +9.1 }o{O +q I wpɵ{ A Phase 1 ¦[c & Ʈw]p Week 1-2 ? Phase 2 OҲ Week 3-4 ? Phase 3 STAR^XҲ Week 5-6 ? Phase 4 nƦWt Week 7-8 ? Phase 5 ޲zx & ץX Week 9-10 ? Phase 6 & u Week 11-12 ?? i椤 Phase 7 Ҩt Week 13-14 ? ݶ}l Phase 8 Ͳp Week 15 ? ݶ}l 9.2 ޳NŰȰl +u: +1. ? @ϥΪ̨Ҩt +2. ? sWާ@xO +3. ? @APItv +u: 4. uƤjqƶץXį 5. sW椸л\v80%+ 6. @eݪҼWj +Cu: 7. sWhϪı 8. 䴩hy 9. ʸ˸mMΤu +9.3 յ +9.3.1 椸 +* л\vؼ: 70%+ +* ծج[: pytest +* I: +o ޿ +o np⤽ +o ƦWtk +9.3.2 X +* APII +* ƮwCRUDާ@ +* ץX\ +9.3.3 ϥΪ̱ (UAT) +* y{ݨݴ +* ^X槹y{ +* Usۮeʴ +9.3.4 į +* t: 100õoϥΪ +* O: Xtβ~V +* ɶíwʴ + +10. I޲z +10.1 IѧOPﵦ +I vT o;v ﵦ LҾɭPƥ~ ?? Phase 7@{Ҩt ƮwLƥ ?? ]w۰ʨCƥ IG ?? WDqƮw[c į~V ?? C ʱPu sۮeʰD ?? C C hs 10.2 ܭpe +ƿ: +1. ߧYtιB@ +2. q̪ƥ٭ +3. R򥢭] +4. ˰QƥWv +tη: +1. ˬd~x +2. ҬA +3. T{Ƨ +4. qH +wƥ: +1. jvTt +2. ҾڻPx +3. l`d +4. ׸ɺ|} +5. jKXm + +11. +11.1 J +Ny wq O NuOP´ؼЩ¾nDiǰtL{ STARج[ Situation-Task-Action-ResultAcƦ^Xk L1-L5 OšAqL1()L5(w) Ԧ ϥηƹԾާ@ıϥΪ̤ ORM Object-Relational MappingApMg 11.2 ѦҤ +* Flaskx +* SQLAlchemy +* Bootstrap 5 +* MySQL +* Gunicornpn +11.3 ܧv + ק ܧ󤺮e 1.0 2025-10-15 - 쪩SDDإ 11.4 ֭ñp + mW ñW M׸gz ޳NtdH ~tdH ~O +󵲧 + diff --git a/requirements-simple.txt b/requirements-simple.txt new file mode 100644 index 0000000..9d6696d --- /dev/null +++ b/requirements-simple.txt @@ -0,0 +1,25 @@ +# Core Flask dependencies +Flask==2.3.3 +Flask-SQLAlchemy==3.0.5 +Flask-CORS==4.0.0 +Flask-Login==0.6.3 +Flask-JWT-Extended==4.5.2 +Flask-Bcrypt==1.0.1 +Werkzeug==2.3.7 + +# Database +PyMySQL==1.1.0 +cryptography==41.0.4 + +# Utilities +python-dotenv==1.0.0 + +# Scheduling +APScheduler==3.10.4 + +# Production server +gunicorn==21.2.0 + +# Optional: Use pre-compiled pandas if needed +# pandas==2.1.1 +# openpyxl==3.1.2 diff --git a/requirements.txt b/requirements.txt new file mode 100644 index 0000000..c597cd7 --- /dev/null +++ b/requirements.txt @@ -0,0 +1,22 @@ +Flask==2.3.3 +Flask-SQLAlchemy==3.0.5 +Flask-CORS==4.0.0 +Flask-Login==0.6.2 +Flask-JWT-Extended==4.5.2 +Flask-Bcrypt==1.0.1 +pandas==2.1.1 +openpyxl==3.1.2 +python-dotenv==1.0.0 +PyMySQL==1.1.0 +cryptography==41.0.4 +APScheduler==3.10.4 +gunicorn==21.2.0 + +# Testing dependencies +pytest==7.4.3 +pytest-cov==4.1.0 +pytest-flask==1.3.0 +pytest-mock==3.12.0 +coverage==7.3.2 +factory-boy==3.3.0 +faker==20.1.0 diff --git a/run.bat b/run.bat new file mode 100644 index 0000000..1d1f7f2 --- /dev/null +++ b/run.bat @@ -0,0 +1,35 @@ +@echo off +echo Starting Partner Alignment System... +echo. + +REM Check if Python is available +py --version >nul 2>&1 +if %errorlevel% neq 0 ( + echo Python is not installed or not in PATH + echo Please install Python 3.8+ and try again + pause + exit /b 1 +) + +REM Check if virtual environment exists +if not exist "venv" ( + echo Creating virtual environment... + py -m venv venv +) + +REM Activate virtual environment +echo Activating virtual environment... +call venv\Scripts\activate.bat + +REM Install minimal dependencies +echo Installing minimal dependencies... +pip install Flask Flask-SQLAlchemy Flask-CORS + +REM Start the simplified application (includes test account creation) +echo Starting simplified application... +echo Open your browser and go to: http://localhost:5000 +echo Press Ctrl+C to stop the server +echo. +py simple_app.py + +pause diff --git a/security-fixes.md b/security-fixes.md new file mode 100644 index 0000000..db66432 --- /dev/null +++ b/security-fixes.md @@ -0,0 +1,894 @@ +# 🔒 Partner Alignment System - Security Audit Report + +**Audit Date:** 2025-01-17 +**Auditor:** Senior Security Architect +**Project:** Partner Alignment System (夥伴對齊系統) +**Status:** 🚨 **CRITICAL ISSUES FOUND - DO NOT DEPLOY** + +--- + +## 📋 Basic Project Information + +**Project Name:** Partner Alignment System (夥伴對齊系統) +**Description:** Employee performance assessment and feedback system with STAR methodology, ranking system, and admin dashboard + +**Target Users:** +- System Administrators +- HR Managers +- General Employees + +**Types of Data Processed:** +- ✅ **PII (Personally Identifiable Information):** Employee names, emails, employee IDs, departments, positions +- ❌ Payment/Financial Information: No +- ✅ **UGC (User Generated Content):** STAR feedback, assessment data + +**Tech Stack:** +- **Frontend:** HTML5, Bootstrap 5, JavaScript (Vanilla), Chart.js +- **Backend:** Flask 2.3.3 (Python) +- **Database:** SQLite (development), MySQL 5.7+ (production) +- **Deployment:** Gunicorn + Nginx (planned) + +**External Dependencies:** +- Flask ecosystem (Flask-SQLAlchemy, Flask-JWT-Extended, Flask-Login, Flask-Bcrypt) +- APScheduler for background tasks +- PyMySQL for MySQL connectivity + +--- + +## 🚨 PART ONE: DISASTER-CLASS NOVICE MISTAKES + +### **CRITICAL - #1: Production Database Credentials Exposed in Chat** + +**Risk Level:** 🔴 **CATASTROPHIC** + +**Threat Description:** +Production database credentials were shared in plain text during this conversation: +``` +DB_HOST = mysql.theaken.com +DB_PORT = 33306 +DB_NAME = db_A101 +DB_USER = A101 +DB_PASSWORD = Aa123456 +``` + +**Affected Components:** +- This entire conversation log +- Any systems that logged this conversation +- Potentially AI training data if this conversation is used for training + +**Hacker's Playbook:** +> I'm just monitoring this conversation, and boom! The developer just handed me the keys to their production database. I can now: +> 1. Connect directly to `mysql.theaken.com:33306` as user `A101` with password `Aa123456` +> 2. Read all employee data, assessments, feedback, and personal information +> 3. Modify or delete data to cause chaos +> 4. Steal the entire database for identity theft or corporate espionage +> 5. The password `Aa123456` is weak anyway - I could have brute-forced it in minutes +> +> This is like leaving your house keys on the front door with a note saying "Welcome, I'm not home!" + +**Principle of the Fix:** +> Why can't you share credentials in chat? Because chat logs are like public bulletin boards - they can be read by AI systems, logged by your IDE, stored in conversation history, and potentially used for training. The correct approach is: +> 1. Use environment variables (`.env` file, never committed to Git) +> 2. Use secret management systems (AWS Secrets Manager, HashiCorp Vault, Azure Key Vault) +> 3. Use different credentials for development, staging, and production +> 4. If you must share credentials temporarily, use encrypted channels and rotate them immediately after + +**Fix Recommendations:** +1. **IMMEDIATE ACTION REQUIRED:** + ```bash + # Connect to MySQL and change the password NOW + mysql -h mysql.theaken.com -P 33306 -u A101 -p'Aa123456' + ALTER USER 'A101'@'%' IDENTIFIED BY 'NEW_STRONG_PASSWORD_HERE'; + FLUSH PRIVILEGES; + ``` + +2. **Create a `.env` file (NEVER commit to Git):** + ```env + # Database Configuration + DB_HOST=mysql.theaken.com + DB_PORT=33306 + DB_NAME=db_A101 + DB_USER=A101 + DB_PASSWORD= + + # Security Keys + SECRET_KEY= + JWT_SECRET_KEY= + ``` + +3. **Add `.env` to `.gitignore`:** + ```gitignore + # Environment variables + .env + .env.local + .env.production + ``` + +4. **Update `config.py` to use environment variables:** + ```python + import os + from dotenv import load_dotenv + + load_dotenv() # Load from .env file + + class Config: + SECRET_KEY = os.environ.get('SECRET_KEY') + JWT_SECRET_KEY = os.environ.get('JWT_SECRET_KEY') + SQLALCHEMY_DATABASE_URI = f"mysql+pymysql://{os.environ.get('DB_USER')}:{os.environ.get('DB_PASSWORD')}@{os.environ.get('DB_HOST')}:{os.environ.get('DB_PORT')}/{os.environ.get('DB_NAME')}" + ``` + +5. **Create a template file for reference:** + ```bash + # Create .env.example (safe to commit) + cp .env .env.example + # Edit .env.example and replace all secrets with placeholders + ``` + +--- + +### **HIGH RISK - #2: Hardcoded Secrets in Source Code** + +**Risk Level:** 🔴 **HIGH** + +**Threat Description:** +Multiple configuration files contain hardcoded secrets and weak default values that would be committed to version control. + +**Affected Components:** +- `config_simple.py` (lines 5-6): + ```python + SECRET_KEY = 'dev-secret-key-for-testing-only' + JWT_SECRET_KEY = 'jwt-secret-key-for-development' + ``` +- `simple_app.py` (line 18): + ```python + app.config['SECRET_KEY'] = 'dev-secret-key-for-testing' + ``` +- `config.py` (lines 8-9): + ```python + SECRET_KEY = os.environ.get('SECRET_KEY') or 'dev-secret-key-for-testing-only' + JWT_SECRET_KEY = os.environ.get('JWT_SECRET_KEY') or 'jwt-secret-key-for-development' + ``` + +**Hacker's Playbook:** +> I found your GitHub repository and cloned it. In the config files, I see: +> - `SECRET_KEY = 'dev-secret-key-for-testing-only'` +> - `JWT_SECRET_KEY = 'jwt-secret-key-for-development'` +> +> These are the keys used to sign JWT tokens and encrypt sessions. With these, I can: +> 1. Forge JWT tokens for any user +> 2. Impersonate any employee or admin +> 3. Access all API endpoints +> 4. Read and modify all data +> +> It's like finding the master key to every lock in your building! + +**Principle of the Fix:** +> Why can't you hardcode secrets? Because source code is like a public library - anyone with access can read it. Secrets should be like keys in a safe - stored separately and only accessible to authorized systems. The correct approach is to use environment variables with NO fallback defaults in production code. + +**Fix Recommendations:** +1. **Remove all hardcoded secrets:** + ```python + # config.py - CORRECT + class Config: + SECRET_KEY = os.environ.get('SECRET_KEY') # No fallback! + JWT_SECRET_KEY = os.environ.get('JWT_SECRET_KEY') # No fallback! + + # Raise error if not set + if not SECRET_KEY or not JWT_SECRET_KEY: + raise ValueError("SECRET_KEY and JWT_SECRET_KEY must be set in environment") + ``` + +2. **Generate strong secrets:** + ```python + import secrets + print(secrets.token_urlsafe(64)) # Use this for SECRET_KEY + print(secrets.token_urlsafe(64)) # Use this for JWT_SECRET_KEY + ``` + +3. **Delete `config_simple.py` or mark it clearly as development-only:** + ```python + # config_simple.py - DEVELOPMENT ONLY + # ⚠️ WARNING: DO NOT USE IN PRODUCTION ⚠️ + # This file contains hardcoded secrets for local development only + # NEVER deploy this file to production servers + ``` + +--- + +### **HIGH RISK - #3: Weak Default Passwords in Test Accounts** + +**Risk Level:** 🔴 **HIGH** + +**Threat Description:** +Test accounts are created with extremely weak passwords that are displayed on the login page: +- `admin` / `admin123` +- `hr_manager` / `hr123` +- `user` / `user123` + +These passwords are visible in `templates/index.html` and `simple_app.py`. + +**Affected Components:** +- `templates/index.html` (lines 49-59): Login page displays test credentials +- `simple_app.py` (lines 276-301): Test account creation with weak passwords +- `create_test_accounts.py`: Test account creation script + +**Hacker's Playbook:** +> I visit your login page and see a nice card showing test account credentials: +> - Admin: admin / admin123 +> - HR Manager: hr_manager / hr123 +> - User: user / user123 +> +> These are like leaving your house with the door unlocked and a sign saying "Come on in!" I can now: +> 1. Log in as admin and access all system functions +> 2. Create, modify, or delete any data +> 3. Access sensitive employee information +> 4. If these accounts exist in production, I have full system access + +**Principle of the Fix:** +> Why can't you show passwords on the login page? Because the login page is public - anyone can see it. It's like putting your ATM PIN on your credit card. Test accounts should either: +> 1. Only exist in development environments +> 2. Be disabled in production +> 3. Use randomly generated passwords that are NOT displayed +> 4. Require immediate password change on first login + +**Fix Recommendations:** +1. **Remove test account display from production:** + ```html + + + {% if config.DEBUG %} +

+
+
⚠️ Development Mode - Test Accounts
+
+ +
+ {% endif %} + ``` + +2. **Use environment-based test account creation:** + ```python + # simple_app.py + def create_test_accounts(): + # Only create test accounts in development + if not app.config.get('DEBUG', False): + print("⚠️ Skipping test account creation in production") + return + + # Use stronger test passwords + test_accounts = [ + { + 'username': 'admin', + 'password_hash': generate_password_hash('TestAdmin2024!'), + # ... + } + ] + ``` + +3. **Force password change on first login:** + ```python + # Add to User model + class User(db.Model): + # ... + password_changed_at = db.Column(db.DateTime) + must_change_password = db.Column(db.Boolean, default=True) + ``` + +--- + +### **HIGH RISK - #4: SQLite Database File in Repository** + +**Risk Level:** 🔴 **HIGH** + +**Threat Description:** +The SQLite database file `instance/partner_alignment.db` appears to be in the project directory and could be committed to version control, exposing all development data. + +**Affected Components:** +- `instance/partner_alignment.db` - Contains user data, assessments, feedback + +**Hacker's Playbook:** +> I clone your repository and find `instance/partner_alignment.db`. I open it with any SQLite browser and see: +> - All user accounts with password hashes +> - All assessment data +> - All STAR feedback +> - Employee personal information +> +> Even if passwords are hashed, I can still: +> 1. Extract all PII for identity theft +> 2. Analyze your business data for competitive intelligence +> 3. Use the data to craft targeted phishing attacks +> 4. If password hashes are weak, potentially crack them + +**Principle of the Fix:** +> Why can't you commit database files? Because databases contain real data - even in development. It's like committing a photo album of your family with names and addresses. Database files should be: +> 1. Listed in `.gitignore` +> 2. Never committed to version control +> 3. Recreated from migrations or seed data +> 4. Treated as sensitive as source code + +**Fix Recommendations:** +1. **Add to `.gitignore`:** + ```gitignore + # Database files + *.db + *.sqlite + *.sqlite3 + instance/ + *.db-journal + *.db-wal + *.db-shm + ``` + +2. **Remove from Git if already committed:** + ```bash + git rm --cached instance/partner_alignment.db + git commit -m "Remove database file from version control" + ``` + +3. **Create database initialization script:** + ```python + # init_db.py + from app import app, db + from models import * + + with app.app_context(): + db.drop_all() + db.create_all() + print("Database initialized successfully") + ``` + +--- + +### **MEDIUM RISK - #5: No HTTPS/TLS Configuration** + +**Risk Level:** 🟡 **MEDIUM** + +**Threat Description:** +The application runs on HTTP without TLS/SSL encryption, exposing all data in transit to interception. + +**Affected Components:** +- `simple_app.py` (line 373): `app.run(debug=True, host='0.0.0.0', port=5000)` +- No SSL/TLS configuration +- No certificate setup + +**Hacker's Playbook:** +> I'm on the same network as your users (coffee shop WiFi, office network). I use a packet sniffer to intercept all traffic. I can see: +> - Usernames and passwords in plain text +> - JWT tokens being transmitted +> - All API requests and responses +> - Employee data being sent to the server +> +> It's like having a conversation in a crowded room where everyone can hear you! + +**Principle of the Fix:** +> Why do you need HTTPS? Because HTTP is like sending postcards - anyone who handles them can read the message. HTTPS is like sending sealed letters - only the recipient can read them. Even in development, you should use HTTPS to catch issues early. + +**Fix Recommendations:** +1. **For Development - Use Flask with SSL:** + ```python + # simple_app.py + if __name__ == '__main__': + context = ('cert.pem', 'key.pem') # Self-signed cert for dev + app.run(debug=True, host='0.0.0.0', port=5000, ssl_context=context) + ``` + +2. **For Production - Use Nginx as reverse proxy:** + ```nginx + # nginx.conf + server { + listen 443 ssl http2; + server_name your-domain.com; + + ssl_certificate /path/to/cert.pem; + ssl_certificate_key /path/to/key.pem; + + location / { + proxy_pass http://127.0.0.1:5000; + proxy_set_header Host $host; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-Forwarded-Proto $scheme; + } + } + ``` + +3. **Force HTTPS in Flask:** + ```python + # app.py + from flask_talisman import Talisman + + Talisman(app, force_https=True) + ``` + +--- + +## 🔍 PART TWO: STANDARD APPLICATION SECURITY AUDIT + +### **A01: Broken Access Control** + +**Risk Level:** 🔴 **HIGH** + +**Issues Found:** + +1. **No JWT Verification on Many Endpoints:** + - `simple_app.py` endpoints lack `@jwt_required()` decorator + - Anyone can access API endpoints without authentication + +2. **No Role-Based Access Control (RBAC):** + - Admin endpoints are accessible to all authenticated users + - No permission checking on sensitive operations + +**Fix Recommendations:** +```python +# Add JWT protection to all endpoints +from flask_jwt_extended import jwt_required, get_jwt_identity + +@app.route('/api/admin/users', methods=['GET']) +@jwt_required() +@require_role('admin') # Custom decorator +def get_admin_users(): + # Implementation + pass + +# Create custom decorator +from functools import wraps +from flask import jsonify + +def require_role(role_name): + def decorator(f): + @wraps(f) + @jwt_required() + def decorated_function(*args, **kwargs): + current_user = get_jwt_identity() + user = User.query.filter_by(username=current_user).first() + + if not user or role_name not in [r.name for r in user.roles]: + return jsonify({'error': 'Insufficient permissions'}), 403 + + return f(*args, **kwargs) + return decorated_function + return decorator +``` + +--- + +### **A02: Cryptographic Failures** + +**Risk Level:** 🔴 **HIGH** + +**Issues Found:** + +1. **Passwords Stored in Plain Text:** + - `simple_app.py` (line 283): `'password_hash': 'admin123'` + - Passwords are NOT hashed before storage + +2. **Weak Password Hashing:** + - No password complexity requirements + - No password strength validation + +**Fix Recommendations:** +```python +# Use Flask-Bcrypt for password hashing +from flask_bcrypt import Bcrypt + +bcrypt = Bcrypt(app) + +class User(db.Model): + # ... + password_hash = db.Column(db.String(255), nullable=False) + + def set_password(self, password): + """Hash and set password""" + self.password_hash = bcrypt.generate_password_hash(password).decode('utf-8') + + def check_password(self, password): + """Verify password""" + return bcrypt.check_password_hash(self.password_hash, password) + +# In simple_app.py +test_accounts = [ + { + 'username': 'admin', + 'password': 'Admin@2024!Strong', # Strong password + # Don't store password_hash directly + } +] + +for account in test_accounts: + user = User(username=account['username'], ...) + user.set_password(account['password']) # Hash it! + db.session.add(user) +``` + +--- + +### **A03: Injection Attacks** + +**Risk Level:** 🟡 **MEDIUM** + +**Issues Found:** + +1. **SQL Injection Risk in Position Filter:** + - `simple_app.py` (line 349): `query.filter(EmployeePoint.position.like(f'%{position}%'))` + - User input is directly used in SQL query + +2. **No Input Validation:** + - No validation on user inputs + - No sanitization of user data + +**Fix Recommendations:** +```python +# Use parameterized queries (SQLAlchemy does this automatically, but be careful) +# Instead of: +query.filter(EmployeePoint.position.like(f'%{position}%')) + +# Do: +query.filter(EmployeePoint.position.like(f'%{position}%')) # SQLAlchemy handles this safely + +# Add input validation +from marshmallow import Schema, fields, validate + +class PositionFilterSchema(Schema): + position = fields.Str(validate=validate.Length(max=100)) + department = fields.Str(validate=validate.OneOf(['IT', 'HR', 'Finance', 'Marketing', 'Sales', 'Operations'])) + min_points = fields.Int(validate=validate.Range(min=0, max=10000)) + max_points = fields.Int(validate=validate.Range(min=0, max=10000)) + +@app.route('/api/rankings/advanced', methods=['GET']) +def get_advanced_rankings(): + schema = PositionFilterSchema() + errors = schema.validate(request.args) + if errors: + return jsonify({'errors': errors}), 400 + + # Safe to use validated data + position = request.args.get('position') + # ... +``` + +--- + +### **A05: Security Misconfiguration** + +**Risk Level:** 🟡 **MEDIUM** + +**Issues Found:** + +1. **Debug Mode Enabled in Production:** + - `simple_app.py` (line 373): `app.run(debug=True, ...)` + - Debug mode exposes stack traces and debugging information + +2. **CORS Too Permissive:** + - `simple_app.py` (line 24): `CORS(app, origins=['http://localhost:5000', ...])` + - Should restrict to specific domains in production + +3. **No Security Headers:** + - Missing security headers (X-Frame-Options, X-Content-Type-Options, etc.) + +**Fix Recommendations:** +```python +# Disable debug in production +import os + +DEBUG = os.environ.get('FLASK_DEBUG', 'False').lower() == 'true' +app.run(debug=DEBUG, host='0.0.0.0', port=5000) + +# Configure CORS properly +CORS(app, origins=os.environ.get('ALLOWED_ORIGINS', 'http://localhost:5000').split(',')) + +# Add security headers +from flask_talisman import Talisman + +Talisman(app, + force_https=True, + strict_transport_security=True, + strict_transport_security_max_age=31536000, + content_security_policy={ + 'default-src': "'self'", + 'style-src': "'self' 'unsafe-inline'", + 'script-src': "'self' 'unsafe-inline'", + } +) +``` + +--- + +### **A06: Vulnerable and Outdated Components** + +**Risk Level:** 🟡 **MEDIUM** + +**Issues Found:** + +1. **Outdated Dependencies:** + - Flask 2.3.3 (latest is 3.0.x) + - Flask-Login 0.6.2/0.6.3 (latest is 0.6.3) + - Werkzeug 2.3.7 (latest is 3.0.x) + +2. **No Dependency Scanning:** + - No automated vulnerability scanning + - No CVE tracking + +**Fix Recommendations:** +```bash +# Update dependencies +pip install --upgrade Flask Flask-SQLAlchemy Flask-CORS Flask-Login Flask-JWT-Extended Flask-Bcrypt + +# Use safety to check for vulnerabilities +pip install safety +safety check + +# Or use pip-audit +pip install pip-audit +pip-audit + +# Add to CI/CD pipeline +# .github/workflows/security.yml +name: Security Scan +on: [push, pull_request] +jobs: + security: + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v2 + - name: Run safety check + run: | + pip install safety + safety check + - name: Run pip-audit + run: | + pip install pip-audit + pip-audit +``` + +--- + +### **A07: Identification and Authentication Failures** + +**Risk Level:** 🟡 **MEDIUM** + +**Issues Found:** + +1. **No Rate Limiting:** + - Login endpoint has no rate limiting + - Vulnerable to brute force attacks + +2. **No Account Lockout:** + - Failed login attempts are not tracked + - No account lockout after multiple failures + +3. **Weak Session Management:** + - No session timeout configuration + - JWT tokens don't have proper expiration + +**Fix Recommendations:** +```python +# Add rate limiting +from flask_limiter import Limiter +from flask_limiter.util import get_remote_address + +limiter = Limiter( + app=app, + key_func=get_remote_address, + default_limits=["200 per day", "50 per hour"] +) + +@app.route('/api/auth/login', methods=['POST']) +@limiter.limit("5 per minute") # 5 login attempts per minute +def login(): + # Implementation + pass + +# Add account lockout +class User(db.Model): + # ... + failed_login_attempts = db.Column(db.Integer, default=0) + locked_until = db.Column(db.DateTime, nullable=True) + +@app.route('/api/auth/login', methods=['POST']) +def login(): + user = User.query.filter_by(username=username).first() + + # Check if account is locked + if user.locked_until and user.locked_until > datetime.utcnow(): + return jsonify({'error': 'Account is locked. Try again later.'}), 423 + + # Verify password + if not user.check_password(password): + user.failed_login_attempts += 1 + + # Lock account after 5 failed attempts + if user.failed_login_attempts >= 5: + user.locked_until = datetime.utcnow() + timedelta(minutes=15) + + db.session.commit() + return jsonify({'error': 'Invalid credentials'}), 401 + + # Reset failed attempts on successful login + user.failed_login_attempts = 0 + db.session.commit() + # ... +``` + +--- + +### **A09: Security Logging and Monitoring Failures** + +**Risk Level:** 🟡 **MEDIUM** + +**Issues Found:** + +1. **No Security Event Logging:** + - No logging of failed login attempts + - No logging of privilege escalations + - No logging of sensitive operations + +2. **No Monitoring:** + - No alerting for suspicious activities + - No audit trail + +**Fix Recommendations:** +```python +# Add comprehensive logging +import logging +from datetime import datetime + +# Configure logging +logging.basicConfig( + level=logging.INFO, + format='%(asctime)s - %(name)s - %(levelname)s - %(message)s', + handlers=[ + logging.FileHandler('security.log'), + logging.StreamHandler() + ] +) + +logger = logging.getLogger(__name__) + +@app.route('/api/auth/login', methods=['POST']) +def login(): + # Log login attempts + logger.info(f"Login attempt from IP: {request.remote_addr}, Username: {username}") + + if not user.check_password(password): + logger.warning(f"Failed login attempt from IP: {request.remote_addr}, Username: {username}") + # ... + + logger.info(f"Successful login from IP: {request.remote_addr}, Username: {username}") + +# Add audit logging for sensitive operations +def audit_log(action, user_id, details): + """Log security-relevant actions""" + logger.info(f"AUDIT - Action: {action}, User: {user_id}, Details: {details}, IP: {request.remote_addr}") + +@app.route('/api/admin/users/', methods=['PUT']) +@jwt_required() +@require_role('admin') +def update_user(user_id): + # Log the action + audit_log('USER_UPDATE', get_jwt_identity(), f'Updated user {user_id}') + # ... +``` + +--- + +## 🔧 PART THREE: DEPLOYMENT SECURITY + +### **File Permissions** + +**Recommendations:** +```bash +# Sensitive files should have restricted permissions +chmod 600 .env +chmod 600 instance/partner_alignment.db +chmod 700 instance/ + +# Web server files +chmod 755 static/ +chmod 644 static/css/* +chmod 644 static/js/* +chmod 644 templates/* + +# Python files +chmod 644 *.py +chmod 755 run.bat +``` + +### **Web Server Configuration** + +**Nginx Configuration:** +```nginx +# Block access to sensitive files +location ~ /\. { + deny all; + access_log off; + log_not_found off; +} + +location ~ \.(env|git|sql|bak)$ { + deny all; + access_log off; + log_not_found off; +} + +location ~ /instance/ { + deny all; + access_log off; + log_not_found off; +} + +# Security headers +add_header X-Frame-Options "SAMEORIGIN" always; +add_header X-Content-Type-Options "nosniff" always; +add_header X-XSS-Protection "1; mode=block" always; +add_header Referrer-Policy "no-referrer-when-downgrade" always; +``` + +--- + +## 📊 SECURITY SCORE SUMMARY + +| Category | Score | Status | +|----------|-------|--------| +| Secrets Management | 0/10 | 🔴 CRITICAL | +| Authentication | 3/10 | 🔴 HIGH RISK | +| Authorization | 2/10 | 🔴 HIGH RISK | +| Data Protection | 4/10 | 🟡 MEDIUM RISK | +| Infrastructure | 3/10 | 🟡 MEDIUM RISK | +| Monitoring | 2/10 | 🟡 MEDIUM RISK | +| **OVERALL** | **14/60** | 🔴 **DO NOT DEPLOY** | + +--- + +## 🎯 PRIORITY ACTION ITEMS + +### **IMMEDIATE (Do Before Anything Else):** +1. ✅ Change production database password +2. ✅ Remove credentials from this conversation +3. ✅ Set up proper `.env` file management +4. ✅ Add `.env` and database files to `.gitignore` + +### **HIGH PRIORITY (Before Deployment):** +1. Implement proper password hashing +2. Add JWT authentication to all endpoints +3. Implement role-based access control +4. Remove test account display from production +5. Configure HTTPS/TLS +6. Add security headers +7. Implement rate limiting +8. Add comprehensive logging + +### **MEDIUM PRIORITY (Before Production):** +1. Update all dependencies +2. Add input validation +3. Implement account lockout +4. Set up monitoring and alerting +5. Configure proper file permissions +6. Set up automated security scanning + +--- + +## 📝 FINAL RECOMMENDATIONS + +**DO NOT DEPLOY THIS APPLICATION TO PRODUCTION** until all critical and high-priority issues are resolved. + +The application has fundamental security flaws that would make it vulnerable to: +- Complete database compromise +- User impersonation +- Data theft +- System takeover +- Regulatory compliance violations (GDPR, etc.) + +**Recommended Next Steps:** +1. Fix all critical issues immediately +2. Conduct a second security audit after fixes +3. Implement a security-first development process +4. Set up automated security testing in CI/CD +5. Train team on secure coding practices +6. Establish incident response procedures + +--- + +**Report Generated:** 2025-01-17 +**Auditor:** Senior Security Architect +**Next Review:** After critical fixes are implemented + diff --git a/setup.bat b/setup.bat new file mode 100644 index 0000000..8fa1c20 --- /dev/null +++ b/setup.bat @@ -0,0 +1,48 @@ +@echo off +echo ======================================== +echo Partner Alignment System Setup +echo ======================================== +echo. + +REM Check if Python is available +echo Checking Python installation... +py --version +if %errorlevel% neq 0 ( + echo ERROR: Python is not installed or not in PATH + echo Please install Python 3.8+ from https://python.org + pause + exit /b 1 +) + +echo Python found! Creating virtual environment... +py -m venv venv +if %errorlevel% neq 0 ( + echo ERROR: Failed to create virtual environment + pause + exit /b 1 +) + +echo Activating virtual environment... +call venv\Scripts\activate.bat + +echo Installing Python dependencies... +pip install --upgrade pip +pip install -r requirements.txt +if %errorlevel% neq 0 ( + echo ERROR: Failed to install dependencies + pause + exit /b 1 +) + +echo. +echo ======================================== +echo Setup completed successfully! +echo ======================================== +echo. +echo To start the application, run: run.bat +echo Or manually activate the environment and run: +echo venv\Scripts\activate.bat +echo py app.py +echo. +pause + diff --git a/simple_app.py b/simple_app.py new file mode 100644 index 0000000..28b2963 --- /dev/null +++ b/simple_app.py @@ -0,0 +1,952 @@ +#!/usr/bin/env python3 +""" +簡化版夥伴對齊系統 - 使用 SQLite +無需 MySQL,開箱即用 +""" + +from flask import Flask, render_template, request, jsonify +from flask_cors import CORS +from flask_sqlalchemy import SQLAlchemy +from datetime import datetime, date +import json +import os +import csv +import io + +# 創建 Flask 應用程式 +app = Flask(__name__) + +# 配置 +app.config['SECRET_KEY'] = 'dev-secret-key-for-testing' +app.config['SQLALCHEMY_DATABASE_URI'] = 'sqlite:///partner_alignment.db' +app.config['SQLALCHEMY_TRACK_MODIFICATIONS'] = False + +# 初始化擴展 +db = SQLAlchemy(app) +CORS(app, origins=['http://localhost:5000', 'http://127.0.0.1:5000']) + +# 數據模型 +class User(db.Model): + id = db.Column(db.Integer, primary_key=True) + username = db.Column(db.String(80), unique=True, nullable=False) + email = db.Column(db.String(120), unique=True, nullable=False) + full_name = db.Column(db.String(100), nullable=False) + department = db.Column(db.String(50), nullable=False) + position = db.Column(db.String(50), nullable=False) + password_hash = db.Column(db.String(255), nullable=False) + is_active = db.Column(db.Boolean, default=True) + created_at = db.Column(db.DateTime, default=datetime.utcnow) + +class Capability(db.Model): + id = db.Column(db.Integer, primary_key=True) + name = db.Column(db.String(100), nullable=False) + l1_description = db.Column(db.Text) + l2_description = db.Column(db.Text) + l3_description = db.Column(db.Text) + l4_description = db.Column(db.Text) + l5_description = db.Column(db.Text) + is_active = db.Column(db.Boolean, default=True) + +class DepartmentCapability(db.Model): + """部門與能力項目的關聯表""" + id = db.Column(db.Integer, primary_key=True) + department = db.Column(db.String(50), nullable=False) + capability_id = db.Column(db.Integer, db.ForeignKey('capability.id'), nullable=False) + created_at = db.Column(db.DateTime, default=datetime.utcnow) + + # 建立唯一索引,確保同一部門不會重複選擇同一能力項目 + __table_args__ = (db.UniqueConstraint('department', 'capability_id', name='uq_dept_capability'),) + +class Assessment(db.Model): + id = db.Column(db.Integer, primary_key=True) + user_id = db.Column(db.Integer, db.ForeignKey('user.id'), nullable=False) + department = db.Column(db.String(50), nullable=False) + position = db.Column(db.String(50), nullable=False) + employee_name = db.Column(db.String(100)) + assessment_data = db.Column(db.Text) + created_at = db.Column(db.DateTime, default=datetime.utcnow) + +class StarFeedback(db.Model): + id = db.Column(db.Integer, primary_key=True) + evaluator_name = db.Column(db.String(100), nullable=False) + evaluatee_name = db.Column(db.String(100), nullable=False) + evaluatee_department = db.Column(db.String(50), nullable=False) + evaluatee_position = db.Column(db.String(50), nullable=False) + situation = db.Column(db.Text, nullable=False) + task = db.Column(db.Text, nullable=False) + action = db.Column(db.Text, nullable=False) + result = db.Column(db.Text, nullable=False) + score = db.Column(db.Integer, nullable=False) + points_earned = db.Column(db.Integer, nullable=False) + feedback_date = db.Column(db.Date, default=date.today) + created_at = db.Column(db.DateTime, default=datetime.utcnow) + +class EmployeePoint(db.Model): + id = db.Column(db.Integer, primary_key=True) + employee_name = db.Column(db.String(100), nullable=False) + department = db.Column(db.String(50), nullable=False) + position = db.Column(db.String(50), nullable=False) + total_points = db.Column(db.Integer, default=0) + monthly_points = db.Column(db.Integer, default=0) + +# 路由 +@app.route('/') +def index(): + return render_template('index.html') + +@app.route('/api/auth/login', methods=['POST']) +def login(): + """用戶登入""" + try: + data = request.get_json() + username = data.get('username') + password = data.get('password') + + if not username or not password: + return jsonify({'error': '用戶名和密碼不能為空'}), 400 + + # 查找用戶 + user = User.query.filter_by(username=username).first() + + if not user: + return jsonify({'error': '用戶名或密碼錯誤'}), 401 + + # 簡化版:直接比較密碼(不安全,僅用於開發) + # 注意:生產環境必須使用密碼哈希 + if user.password_hash != password: + return jsonify({'error': '用戶名或密碼錯誤'}), 401 + + if not user.is_active: + return jsonify({'error': '帳號已被停用'}), 403 + + # 返回用戶信息和簡單令牌 + return jsonify({ + 'access_token': f'token_{user.id}_{datetime.now().timestamp()}', + 'refresh_token': f'refresh_{user.id}_{datetime.now().timestamp()}', + 'user': { + 'id': user.id, + 'username': user.username, + 'email': user.email, + 'full_name': user.full_name, + 'department': user.department, + 'position': user.position + } + }), 200 + + except Exception as e: + return jsonify({'error': f'登入失敗: {str(e)}'}), 500 + +@app.route('/api/auth/register', methods=['POST']) +def register(): + """用戶註冊""" + try: + data = request.get_json() + + # 驗證必填欄位 + required_fields = ['username', 'email', 'password', 'full_name', 'department', 'position', 'employee_id'] + for field in required_fields: + if not data.get(field): + return jsonify({'error': f'{field} 是必填欄位'}), 400 + + # 檢查用戶名是否已存在 + if User.query.filter_by(username=data['username']).first(): + return jsonify({'error': '用戶名已存在'}), 409 + + # 檢查郵箱是否已存在 + if User.query.filter_by(email=data['email']).first(): + return jsonify({'error': '郵箱已被註冊'}), 409 + + # 創建新用戶 + user = User( + username=data['username'], + email=data['email'], + full_name=data['full_name'], + department=data['department'], + position=data['position'], + employee_id=data['employee_id'], + password_hash=data['password'], # 簡化版:直接存儲密碼 + is_active=True + ) + + db.session.add(user) + db.session.commit() + + return jsonify({ + 'message': '註冊成功', + 'user': { + 'id': user.id, + 'username': user.username, + 'email': user.email, + 'full_name': user.full_name + } + }), 201 + + except Exception as e: + db.session.rollback() + return jsonify({'error': f'註冊失敗: {str(e)}'}), 500 + +@app.route('/api/auth/protected', methods=['GET']) +def protected(): + """受保護的路由(用於驗證令牌)""" + # 簡化版:不做實際驗證,返回默認用戶信息 + # 在實際應用中,這裡應該驗證 JWT 令牌並返回對應用戶信息 + return jsonify({ + 'message': 'Access granted', + 'logged_in_as': 'admin', # 默認用戶 + 'roles': ['admin'] # 默認角色 + }), 200 + +@app.route('/api/capabilities', methods=['GET']) +def get_capabilities(): + """獲取所有啟用的能力項目""" + capabilities = Capability.query.filter_by(is_active=True).all() + return jsonify({ + 'capabilities': [{ + 'id': cap.id, + 'name': cap.name, + 'l1_description': cap.l1_description, + 'l2_description': cap.l2_description, + 'l3_description': cap.l3_description, + 'l4_description': cap.l4_description, + 'l5_description': cap.l5_description + } for cap in capabilities] + }) + +@app.route('/api/department-capabilities/', methods=['GET']) +def get_department_capabilities(department): + """獲取特定部門選擇的能力項目""" + # 查詢該部門已選擇的能力項目ID + dept_caps = DepartmentCapability.query.filter_by(department=department).all() + capability_ids = [dc.capability_id for dc in dept_caps] + + # 獲取對應的能力項目詳細信息 + capabilities = Capability.query.filter( + Capability.id.in_(capability_ids), + Capability.is_active == True + ).all() + + return jsonify({ + 'department': department, + 'capabilities': [{ + 'id': cap.id, + 'name': cap.name, + 'l1_description': cap.l1_description, + 'l2_description': cap.l2_description, + 'l3_description': cap.l3_description, + 'l4_description': cap.l4_description, + 'l5_description': cap.l5_description + } for cap in capabilities] + }) + +@app.route('/api/department-capabilities/', methods=['POST']) +def set_department_capabilities(department): + """設定部門的能力項目(部門主管使用)""" + data = request.get_json() + capability_ids = data.get('capability_ids', []) + + if not capability_ids: + return jsonify({'error': '請至少選擇一個能力項目'}), 400 + + try: + # 先刪除該部門現有的所有能力項目關聯 + DepartmentCapability.query.filter_by(department=department).delete() + + # 添加新的能力項目關聯 + for cap_id in capability_ids: + dept_cap = DepartmentCapability( + department=department, + capability_id=cap_id + ) + db.session.add(dept_cap) + + db.session.commit() + + return jsonify({ + 'success': True, + 'message': f'{department}部門的能力項目設定成功', + 'capability_count': len(capability_ids) + }), 200 + + except Exception as e: + db.session.rollback() + return jsonify({'error': str(e)}), 500 + +@app.route('/api/capabilities/import-csv', methods=['POST']) +def import_capabilities_csv(): + """從 CSV 檔案匯入能力項目""" + if 'file' not in request.files: + return jsonify({'error': '未上傳檔案'}), 400 + + file = request.files['file'] + + if file.filename == '': + return jsonify({'error': '檔案名稱為空'}), 400 + + if not file.filename.endswith('.csv'): + return jsonify({'error': '請上傳 CSV 檔案'}), 400 + + try: + # 讀取 CSV 檔案 + stream = io.StringIO(file.stream.read().decode("UTF-8"), newline=None) + csv_reader = csv.DictReader(stream) + + imported_count = 0 + skipped_count = 0 + errors = [] + + for row_num, row in enumerate(csv_reader, start=2): # start=2 因為第1行是標題 + try: + # 驗證必要欄位 + if not row.get('name'): + errors.append(f"第 {row_num} 行:能力名稱不能為空") + skipped_count += 1 + continue + + # 檢查是否已存在相同名稱的能力項目 + existing = Capability.query.filter_by(name=row['name']).first() + + if existing: + # 更新現有能力項目 + existing.l1_description = row.get('l1_description', '') + existing.l2_description = row.get('l2_description', '') + existing.l3_description = row.get('l3_description', '') + existing.l4_description = row.get('l4_description', '') + existing.l5_description = row.get('l5_description', '') + existing.is_active = True + else: + # 建立新的能力項目 + capability = Capability( + name=row['name'], + l1_description=row.get('l1_description', ''), + l2_description=row.get('l2_description', ''), + l3_description=row.get('l3_description', ''), + l4_description=row.get('l4_description', ''), + l5_description=row.get('l5_description', ''), + is_active=True + ) + db.session.add(capability) + + imported_count += 1 + + except Exception as e: + errors.append(f"第 {row_num} 行發生錯誤:{str(e)}") + skipped_count += 1 + + db.session.commit() + + return jsonify({ + 'success': True, + 'message': f'匯入完成:成功 {imported_count} 筆,跳過 {skipped_count} 筆', + 'imported_count': imported_count, + 'skipped_count': skipped_count, + 'errors': errors + }), 200 + + except Exception as e: + db.session.rollback() + return jsonify({'error': f'匯入失敗:{str(e)}'}), 500 + +@app.route('/api/assessments', methods=['POST']) +def create_assessment(): + data = request.get_json() + + # 驗證必填欄位 + required_fields = ['department', 'position', 'assessment_data'] + for field in required_fields: + if field not in data: + return jsonify({'error': f'Missing required field: {field}'}), 400 + + # 創建新評估 + assessment = Assessment( + user_id=1, # 簡化版使用固定用戶ID + department=data['department'], + position=data['position'], + employee_name=data.get('employee_name'), + assessment_data=json.dumps(data['assessment_data']) + ) + + db.session.add(assessment) + db.session.commit() + + return jsonify({ + 'success': True, + 'message': '評估資料儲存成功', + 'assessment_id': assessment.id + }), 201 + +@app.route('/api/assessments', methods=['GET']) +def get_assessments(): + assessments = Assessment.query.order_by(Assessment.created_at.desc()).all() + + result = [] + for assessment in assessments: + assessment_data = json.loads(assessment.assessment_data) if isinstance(assessment.assessment_data, str) else assessment.assessment_data + result.append({ + 'id': assessment.id, + 'department': assessment.department, + 'position': assessment.position, + 'employee_name': assessment.employee_name, + 'assessment_data': assessment_data, + 'created_at': assessment.created_at.isoformat() + }) + + return jsonify({'assessments': result}) + +@app.route('/api/star-feedbacks', methods=['POST']) +def create_star_feedback(): + data = request.get_json() + + # 驗證必填欄位 + required_fields = ['evaluator_name', 'evaluatee_name', 'evaluatee_department', + 'evaluatee_position', 'situation', 'task', 'action', 'result', 'score'] + for field in required_fields: + if field not in data: + return jsonify({'error': f'Missing required field: {field}'}), 400 + + # 計算點數 + score = data['score'] + points_earned = score * 10 + + # 創建 STAR 回饋 + feedback = StarFeedback( + evaluator_name=data['evaluator_name'], + evaluatee_name=data['evaluatee_name'], + evaluatee_department=data['evaluatee_department'], + evaluatee_position=data['evaluatee_position'], + situation=data['situation'], + task=data['task'], + action=data['action'], + result=data['result'], + score=score, + points_earned=points_earned + ) + + db.session.add(feedback) + + # 更新員工積分 + employee = EmployeePoint.query.filter_by(employee_name=data['evaluatee_name']).first() + if employee: + employee.total_points += points_earned + employee.monthly_points += points_earned + else: + employee = EmployeePoint( + employee_name=data['evaluatee_name'], + department=data['evaluatee_department'], + position=data['evaluatee_position'], + total_points=points_earned, + monthly_points=points_earned + ) + db.session.add(employee) + + db.session.commit() + + return jsonify({ + 'success': True, + 'message': '回饋資料儲存成功', + 'points_earned': points_earned + }), 201 + +@app.route('/api/star-feedbacks', methods=['GET']) +def get_star_feedbacks(): + feedbacks = StarFeedback.query.order_by(StarFeedback.created_at.desc()).all() + + result = [] + for feedback in feedbacks: + result.append({ + 'id': feedback.id, + 'evaluator_name': feedback.evaluator_name, + 'evaluatee_name': feedback.evaluatee_name, + 'evaluatee_department': feedback.evaluatee_department, + 'evaluatee_position': feedback.evaluatee_position, + 'situation': feedback.situation, + 'task': feedback.task, + 'action': feedback.action, + 'result': feedback.result, + 'score': feedback.score, + 'points_earned': feedback.points_earned, + 'feedback_date': feedback.feedback_date.isoformat(), + 'created_at': feedback.created_at.isoformat() + }) + + return jsonify({'feedbacks': result}) + +@app.route('/api/dashboard/me', methods=['GET']) +def get_dashboard_data(): + """獲取個人儀表板數據""" + # 模擬用戶數據(簡化版) + user_points = EmployeePoint.query.first() + + if not user_points: + return jsonify({ + 'points_summary': { + 'total_points': 0, + 'monthly_points': 0, + 'department_rank': 0, + 'total_rank': 0 + }, + 'recent_activities': [], + 'achievements': [], + 'performance_data': [] + }) + + # 計算排名 + total_employees = EmployeePoint.query.count() + better_employees = EmployeePoint.query.filter(EmployeePoint.total_points > user_points.total_points).count() + total_rank = better_employees + 1 + + # 模擬最近活動 + recent_activities = [ + { + 'type': 'assessment', + 'title': '完成能力評估', + 'description': '對溝通能力進行了評估', + 'points': 20, + 'created_at': '2024-01-15T10:30:00Z' + }, + { + 'type': 'feedback', + 'title': '收到STAR回饋', + 'description': '來自同事的正面回饋', + 'points': 15, + 'created_at': '2024-01-14T14:20:00Z' + } + ] + + # 模擬成就 + achievements = [ + { + 'name': '評估達人', + 'description': '完成10次能力評估', + 'icon': 'clipboard-check' + }, + { + 'name': '回饋專家', + 'description': '提供5次STAR回饋', + 'icon': 'star-fill' + } + ] + + # 模擬績效數據 + performance_data = [ + {'month': '1月', 'points': 50}, + {'month': '2月', 'points': 75}, + {'month': '3月', 'points': 60}, + {'month': '4月', 'points': 90}, + {'month': '5月', 'points': 80} + ] + + return jsonify({ + 'points_summary': { + 'total_points': user_points.total_points, + 'monthly_points': user_points.monthly_points, + 'department_rank': 1, + 'total_rank': total_rank + }, + 'recent_activities': recent_activities, + 'achievements': achievements, + 'performance_data': performance_data + }) + +@app.route('/api/rankings/total', methods=['GET']) +def get_total_rankings(): + department = request.args.get('department') + limit = request.args.get('limit', 50, type=int) + + # 構建查詢 + query = EmployeePoint.query + if department: + query = query.filter(EmployeePoint.department == department) + + employees = query.order_by(EmployeePoint.total_points.desc()).limit(limit).all() + total_count = query.count() + + rankings = [] + for rank, employee in enumerate(employees, 1): + # 計算百分位數 + percentile = ((total_count - rank + 1) / total_count * 100) if total_count > 0 else 0 + + rankings.append({ + 'rank': rank, + 'employee_name': employee.employee_name, + 'department': employee.department, + 'position': employee.position, + 'total_points': employee.total_points, + 'monthly_points': employee.monthly_points, + 'percentile': round(percentile, 1), + 'tier': get_tier_by_percentile(percentile) + }) + + return jsonify({ + 'rankings': rankings, + 'total_count': total_count, + 'department_filter': department + }) + +@app.route('/api/rankings/advanced', methods=['GET']) +def get_advanced_rankings(): + """高級排名系統,包含更多統計信息""" + department = request.args.get('department') + position = request.args.get('position') + min_points = request.args.get('min_points', 0, type=int) + max_points = request.args.get('max_points', type=int) + + # 構建查詢 + query = EmployeePoint.query + if department: + query = query.filter(EmployeePoint.department == department) + if position: + query = query.filter(EmployeePoint.position.like(f'%{position}%')) + if min_points: + query = query.filter(EmployeePoint.total_points >= min_points) + if max_points: + query = query.filter(EmployeePoint.total_points <= max_points) + + employees = query.order_by(EmployeePoint.total_points.desc()).all() + total_count = len(employees) + + if total_count == 0: + return jsonify({ + 'rankings': [], + 'statistics': {}, + 'filters': { + 'department': department, + 'position': position, + 'min_points': min_points, + 'max_points': max_points + } + }) + + # 計算統計信息 + points_list = [emp.total_points for emp in employees] + avg_points = sum(points_list) / len(points_list) + median_points = sorted(points_list)[len(points_list) // 2] + max_points_val = max(points_list) + min_points_val = min(points_list) + + rankings = [] + for rank, employee in enumerate(employees, 1): + percentile = ((total_count - rank + 1) / total_count * 100) if total_count > 0 else 0 + + rankings.append({ + 'rank': rank, + 'employee_name': employee.employee_name, + 'department': employee.department, + 'position': employee.position, + 'total_points': employee.total_points, + 'monthly_points': employee.monthly_points, + 'percentile': round(percentile, 1), + 'tier': get_tier_by_percentile(percentile), + 'vs_average': round(employee.total_points - avg_points, 1), + 'vs_median': round(employee.total_points - median_points, 1) + }) + + return jsonify({ + 'rankings': rankings, + 'statistics': { + 'total_count': total_count, + 'average_points': round(avg_points, 1), + 'median_points': median_points, + 'max_points': max_points_val, + 'min_points': min_points_val, + 'standard_deviation': round(calculate_standard_deviation(points_list), 1) + }, + 'filters': { + 'department': department, + 'position': position, + 'min_points': min_points, + 'max_points': max_points + } + }) + +def get_tier_by_percentile(percentile): + """根據百分位數返回等級""" + if percentile >= 95: + return {'name': '大師', 'color': 'danger', 'icon': 'crown'} + elif percentile >= 85: + return {'name': '專家', 'color': 'warning', 'icon': 'star-fill'} + elif percentile >= 70: + return {'name': '熟練', 'color': 'info', 'icon': 'award'} + elif percentile >= 50: + return {'name': '良好', 'color': 'success', 'icon': 'check-circle'} + else: + return {'name': '基礎', 'color': 'secondary', 'icon': 'circle'} + +def calculate_standard_deviation(data): + """計算標準差""" + if len(data) <= 1: + return 0 + + mean = sum(data) / len(data) + variance = sum((x - mean) ** 2 for x in data) / (len(data) - 1) + return variance ** 0.5 + +@app.route('/api/notifications', methods=['GET']) +def get_notifications(): + """獲取用戶通知""" + # 模擬通知數據 + notifications = [ + { + 'id': 1, + 'type': 'achievement', + 'title': '🎉 恭喜獲得新成就!', + 'message': '您已完成10次能力評估,獲得「評估達人」徽章', + 'is_read': False, + 'created_at': '2024-01-15T10:30:00Z', + 'icon': 'trophy-fill', + 'color': 'warning' + }, + { + 'id': 2, + 'type': 'ranking', + 'title': '📈 排名更新', + 'message': '您的總排名上升了3位,目前排名第5名', + 'is_read': False, + 'created_at': '2024-01-14T15:20:00Z', + 'icon': 'arrow-up-circle', + 'color': 'success' + }, + { + 'id': 3, + 'type': 'feedback', + 'title': '⭐ 收到新回饋', + 'message': '同事張三為您提供了STAR回饋,請查看詳情', + 'is_read': True, + 'created_at': '2024-01-13T09:15:00Z', + 'icon': 'star-fill', + 'color': 'info' + }, + { + 'id': 4, + 'type': 'system', + 'title': '🔔 系統通知', + 'message': '新的評估項目已上線,歡迎體驗新功能', + 'is_read': True, + 'created_at': '2024-01-12T14:00:00Z', + 'icon': 'bell-fill', + 'color': 'primary' + } + ] + + return jsonify({ + 'notifications': notifications, + 'unread_count': len([n for n in notifications if not n['is_read']]) + }) + +@app.route('/api/notifications//read', methods=['POST']) +def mark_notification_read(notification_id): + """標記通知為已讀""" + # 在實際應用中,這裡會更新數據庫 + return jsonify({'success': True, 'message': '通知已標記為已讀'}) + +@app.route('/api/notifications/read-all', methods=['POST']) +def mark_all_notifications_read(): + """標記所有通知為已讀""" + # 在實際應用中,這裡會更新數據庫 + return jsonify({'success': True, 'message': '所有通知已標記為已讀'}) + +@app.route('/api/admin/users', methods=['GET']) +def get_admin_users(): + """獲取所有用戶(管理員功能)""" + users = User.query.all() + + users_data = [] + for user in users: + users_data.append({ + 'id': user.id, + 'username': user.username, + 'email': user.email, + 'full_name': user.full_name, + 'department': user.department, + 'position': user.position, + 'employee_id': user.employee_id, + 'is_active': user.is_active, + 'created_at': user.created_at.isoformat() if user.created_at else None + }) + + return jsonify({'users': users_data}) + +@app.route('/api/admin/users/', methods=['PUT']) +def update_user(user_id): + """更新用戶信息(管理員功能)""" + user = User.query.get_or_404(user_id) + data = request.get_json() + + if 'is_active' in data: + user.is_active = data['is_active'] + if 'department' in data: + user.department = data['department'] + if 'position' in data: + user.position = data['position'] + + db.session.commit() + + return jsonify({'success': True, 'message': '用戶信息已更新'}) + +@app.route('/api/admin/statistics', methods=['GET']) +def get_admin_statistics(): + """獲取管理員統計信息""" + total_users = User.query.count() + active_users = User.query.filter_by(is_active=True).count() + total_assessments = Assessment.query.count() + total_feedbacks = StarFeedback.query.count() + + # 部門統計 + department_stats = db.session.query( + User.department, + db.func.count(User.id).label('count') + ).group_by(User.department).all() + + # 積分統計 + points_stats = db.session.query( + db.func.avg(EmployeePoint.total_points).label('avg_points'), + db.func.max(EmployeePoint.total_points).label('max_points'), + db.func.min(EmployeePoint.total_points).label('min_points') + ).first() + + return jsonify({ + 'total_users': total_users, + 'active_users': active_users, + 'total_assessments': total_assessments, + 'total_feedbacks': total_feedbacks, + 'department_stats': [{'department': d[0], 'count': d[1]} for d in department_stats], + 'points_stats': { + 'average': round(points_stats.avg_points or 0, 1), + 'maximum': points_stats.max_points or 0, + 'minimum': points_stats.min_points or 0 + } + }) + +def create_sample_data(): + """創建樣本數據""" + # 創建能力項目 + capabilities = [ + Capability( + name='溝通能力', + l1_description='基本溝通', + l2_description='有效溝通', + l3_description='專業溝通', + l4_description='領導溝通', + l5_description='戰略溝通' + ), + Capability( + name='技術能力', + l1_description='基礎技術', + l2_description='熟練技術', + l3_description='專業技術', + l4_description='專家技術', + l5_description='大師技術' + ), + Capability( + name='領導能力', + l1_description='自我管理', + l2_description='團隊協作', + l3_description='團隊領導', + l4_description='部門領導', + l5_description='戰略領導' + ) + ] + + for cap in capabilities: + existing = Capability.query.filter_by(name=cap.name).first() + if not existing: + db.session.add(cap) + + # 創建測試帳號 + test_accounts = [ + { + 'username': 'admin', + 'email': 'admin@company.com', + 'full_name': '系統管理員', + 'department': 'IT', + 'position': '系統管理員', + 'password_hash': 'admin123' # 簡化版直接存儲密碼 + }, + { + 'username': 'hr_manager', + 'email': 'hr@company.com', + 'full_name': 'HR主管', + 'department': 'HR', + 'position': '人力資源主管', + 'password_hash': 'hr123' + }, + { + 'username': 'user', + 'email': 'user@company.com', + 'full_name': '一般用戶', + 'department': 'IT', + 'position': '軟體工程師', + 'password_hash': 'user123' + } + ] + + for account in test_accounts: + existing_user = User.query.filter_by(username=account['username']).first() + if not existing_user: + user = User(**account) + db.session.add(user) + print(f"創建測試帳號: {account['username']}") + + # 創建樣本積分數據 + sample_points_data = [ + { + 'employee_name': '系統管理員', + 'department': 'IT', + 'position': '系統管理員', + 'total_points': 150, + 'monthly_points': 50 + }, + { + 'employee_name': 'HR主管', + 'department': 'HR', + 'position': '人力資源主管', + 'total_points': 120, + 'monthly_points': 40 + }, + { + 'employee_name': '一般用戶', + 'department': 'IT', + 'position': '軟體工程師', + 'total_points': 80, + 'monthly_points': 30 + } + ] + + for points_data in sample_points_data: + existing = EmployeePoint.query.filter_by(employee_name=points_data['employee_name']).first() + if not existing: + points = EmployeePoint(**points_data) + db.session.add(points) + + db.session.commit() + print("測試帳號和樣本數據創建完成") + +if __name__ == '__main__': + with app.app_context(): + # 創建所有數據庫表 + db.create_all() + print("數據庫表創建成功!") + + # 創建樣本數據 + create_sample_data() + + print("=" * 60) + print("夥伴對齊系統已啟動!") + print("=" * 60) + print("[WEB] 訪問地址: http://localhost:5000") + print() + print("[ACCOUNT] 測試帳號資訊:") + print(" 管理員: admin / admin123") + print(" HR主管: hr_manager / hr123") + print(" 一般用戶: user / user123") + print() + print("[FEATURES] 功能包括:") + print("- 能力評估系統") + print("- STAR 回饋系統") + print("- 排名系統") + print("- 數據導出") + print() + print("[TIP] 提示: 登入頁面會顯示測試帳號資訊和快速登入按鈕") + print("=" * 60) + + # 啟動應用程式 + app.run(debug=True, host='0.0.0.0', port=5000) diff --git a/static/css/style.css b/static/css/style.css new file mode 100644 index 0000000..a93e57f --- /dev/null +++ b/static/css/style.css @@ -0,0 +1,507 @@ +/* 夥伴對齊系統 - 樣式表 */ + +:root { + --primary-color: #0d6efd; + --secondary-color: #6c757d; + --success-color: #198754; + --danger-color: #dc3545; + --warning-color: #ffc107; + --info-color: #0dcaf0; + --light-color: #f8f9fa; + --dark-color: #212529; + --border-radius: 0.375rem; + --box-shadow: 0 0.125rem 0.25rem rgba(0, 0, 0, 0.075); + --transition: all 0.15s ease-in-out; +} + +/* 全局樣式 */ +body { + font-family: 'Segoe UI', Tahoma, Geneva, Verdana, sans-serif; + background-color: #f8f9fa; + line-height: 1.6; +} + +/* 導航欄樣式 */ +.navbar-brand { + font-weight: 600; + font-size: 1.25rem; +} + +.navbar-nav .nav-link { + font-weight: 500; + transition: var(--transition); + border-radius: var(--border-radius); + margin: 0 0.25rem; +} + +.navbar-nav .nav-link:hover { + background-color: rgba(255, 255, 255, 0.1); + transform: translateY(-1px); +} + +.navbar-nav .nav-link.active { + background-color: rgba(255, 255, 255, 0.2); + font-weight: 600; +} + +/* 卡片樣式 */ +.card { + border: none; + border-radius: var(--border-radius); + box-shadow: var(--box-shadow); + transition: var(--transition); + margin-bottom: 1.5rem; +} + +.card:hover { + box-shadow: 0 0.5rem 1rem rgba(0, 0, 0, 0.15); + transform: translateY(-2px); +} + +.card-header { + background-color: #fff; + border-bottom: 1px solid #dee2e6; + font-weight: 600; + padding: 1rem 1.25rem; +} + +.card-body { + padding: 1.25rem; +} + +/* 儀表板卡片樣式 */ +.card.bg-primary, +.card.bg-success, +.card.bg-warning, +.card.bg-info { + border: none; + background: linear-gradient(135deg, var(--primary-color), #0056b3); +} + +.card.bg-success { + background: linear-gradient(135deg, var(--success-color), #146c43); +} + +.card.bg-warning { + background: linear-gradient(135deg, var(--warning-color), #e0a800); +} + +.card.bg-info { + background: linear-gradient(135deg, var(--info-color), #0aa2c0); +} + +/* 按鈕樣式 */ +.btn { + border-radius: var(--border-radius); + font-weight: 500; + transition: var(--transition); + border: none; + padding: 0.5rem 1rem; +} + +.btn:hover { + transform: translateY(-1px); + box-shadow: 0 0.25rem 0.5rem rgba(0, 0, 0, 0.15); +} + +.btn-primary { + background: linear-gradient(135deg, var(--primary-color), #0056b3); +} + +.btn-success { + background: linear-gradient(135deg, var(--success-color), #146c43); +} + +.btn-danger { + background: linear-gradient(135deg, var(--danger-color), #b02a37); +} + +.btn-warning { + background: linear-gradient(135deg, var(--warning-color), #e0a800); + color: #000; +} + +.btn-info { + background: linear-gradient(135deg, var(--info-color), #0aa2c0); +} + +/* 表單樣式 */ +.form-control, +.form-select { + border-radius: var(--border-radius); + border: 1px solid #ced4da; + transition: var(--transition); + padding: 0.5rem 0.75rem; +} + +.form-control:focus, +.form-select:focus { + border-color: var(--primary-color); + box-shadow: 0 0 0 0.2rem rgba(13, 110, 253, 0.25); +} + +.form-label { + font-weight: 500; + color: var(--dark-color); + margin-bottom: 0.5rem; +} + +/* 能力評估樣式 */ +.capability-card { + border-left: 4px solid var(--primary-color); + transition: var(--transition); +} + +.capability-card:hover { + border-left-color: var(--success-color); + background-color: #f8f9fa; +} + +.form-check-input:checked { + background-color: var(--primary-color); + border-color: var(--primary-color); +} + +.form-check-label { + font-size: 0.9rem; + line-height: 1.4; +} + +/* 排名表格樣式 */ +.table { + border-radius: var(--border-radius); + overflow: hidden; + box-shadow: var(--box-shadow); +} + +.table thead th { + background-color: var(--primary-color); + color: white; + border: none; + font-weight: 600; + padding: 1rem 0.75rem; +} + +.table tbody tr { + transition: var(--transition); +} + +.table tbody tr:hover { + background-color: #f8f9fa; + transform: scale(1.01); +} + +/* 徽章樣式 */ +.badge { + font-size: 0.75rem; + font-weight: 500; + padding: 0.375rem 0.75rem; + border-radius: var(--border-radius); +} + +/* 通知樣式 */ +.alert { + border: none; + border-radius: var(--border-radius); + border-left: 4px solid; + margin-bottom: 1rem; +} + +.alert-primary { + border-left-color: var(--primary-color); + background-color: rgba(13, 110, 253, 0.1); +} + +.alert-success { + border-left-color: var(--success-color); + background-color: rgba(25, 135, 84, 0.1); +} + +.alert-warning { + border-left-color: var(--warning-color); + background-color: rgba(255, 193, 7, 0.1); +} + +.alert-danger { + border-left-color: var(--danger-color); + background-color: rgba(220, 53, 69, 0.1); +} + +/* 模態框樣式 */ +.modal-content { + border: none; + border-radius: var(--border-radius); + box-shadow: 0 1rem 3rem rgba(0, 0, 0, 0.175); +} + +.modal-header { + border-bottom: 1px solid #dee2e6; + background-color: #f8f9fa; + border-radius: var(--border-radius) var(--border-radius) 0 0; +} + +.modal-footer { + border-top: 1px solid #dee2e6; + background-color: #f8f9fa; + border-radius: 0 0 var(--border-radius) var(--border-radius); +} + +/* 載入動畫 */ +.spinner-border { + width: 3rem; + height: 3rem; +} + +/* Toast 樣式 */ +.toast { + border: none; + border-radius: var(--border-radius); + box-shadow: 0 0.5rem 1rem rgba(0, 0, 0, 0.15); +} + +.toast-header { + background-color: #f8f9fa; + border-bottom: 1px solid #dee2e6; +} + +/* 標籤頁樣式 */ +.nav-tabs .nav-link { + border: none; + border-radius: var(--border-radius) var(--border-radius) 0 0; + color: var(--secondary-color); + font-weight: 500; + transition: var(--transition); +} + +.nav-tabs .nav-link:hover { + border-color: transparent; + background-color: #f8f9fa; +} + +.nav-tabs .nav-link.active { + background-color: var(--primary-color); + color: white; + border-color: var(--primary-color); +} + +/* 下拉選單樣式 */ +.dropdown-menu { + border: none; + border-radius: var(--border-radius); + box-shadow: 0 0.5rem 1rem rgba(0, 0, 0, 0.15); + padding: 0.5rem 0; +} + +.dropdown-item { + padding: 0.5rem 1rem; + transition: var(--transition); +} + +.dropdown-item:hover { + background-color: #f8f9fa; + color: var(--primary-color); +} + +/* 響應式設計 */ +@media (max-width: 768px) { + .container-fluid { + padding: 0.5rem; + } + + .card { + margin-bottom: 1rem; + } + + .card-body { + padding: 1rem; + } + + .table-responsive { + font-size: 0.875rem; + } + + .btn { + padding: 0.375rem 0.75rem; + font-size: 0.875rem; + } +} + +@media (max-width: 576px) { + .navbar-brand { + font-size: 1rem; + } + + .card-header h5 { + font-size: 1rem; + } + + .modal-dialog { + margin: 0.5rem; + } +} + +/* 動畫效果 */ +@keyframes fadeIn { + from { + opacity: 0; + transform: translateY(20px); + } + to { + opacity: 1; + transform: translateY(0); + } +} + +.section { + animation: fadeIn 0.5s ease-in-out; +} + +/* 自定義滾動條 */ +::-webkit-scrollbar { + width: 8px; +} + +::-webkit-scrollbar-track { + background: #f1f1f1; + border-radius: 4px; +} + +::-webkit-scrollbar-thumb { + background: var(--primary-color); + border-radius: 4px; +} + +::-webkit-scrollbar-thumb:hover { + background: #0056b3; +} + +/* 工具提示樣式 */ +.tooltip { + font-size: 0.875rem; +} + +.tooltip-inner { + background-color: var(--dark-color); + border-radius: var(--border-radius); +} + +/* 進度條樣式 */ +.progress { + height: 0.5rem; + border-radius: var(--border-radius); + background-color: #e9ecef; +} + +.progress-bar { + border-radius: var(--border-radius); + transition: width 0.6s ease; +} + +/* 統計卡片特殊樣式 */ +.stats-card { + position: relative; + overflow: hidden; +} + +.stats-card::before { + content: ''; + position: absolute; + top: 0; + right: 0; + width: 100px; + height: 100px; + background: rgba(255, 255, 255, 0.1); + border-radius: 50%; + transform: translate(30px, -30px); +} + +.stats-card .card-body { + position: relative; + z-index: 1; +} + +/* 排名特殊樣式 */ +.ranking-item { + transition: var(--transition); + border-radius: var(--border-radius); + padding: 0.75rem; + margin-bottom: 0.5rem; + background: white; + border-left: 4px solid var(--primary-color); +} + +.ranking-item:hover { + transform: translateX(5px); + box-shadow: var(--box-shadow); +} + +.ranking-item.top-3 { + border-left-color: var(--warning-color); + background: linear-gradient(135deg, #fff9e6, #ffffff); +} + +.ranking-item.top-1 { + border-left-color: #ffd700; + background: linear-gradient(135deg, #fffacd, #ffffff); +} + +/* 能力等級標籤 */ +.level-badge { + font-size: 0.75rem; + font-weight: 600; + padding: 0.25rem 0.5rem; + border-radius: 0.25rem; + text-transform: uppercase; + letter-spacing: 0.5px; +} + +.level-l1 { background-color: var(--danger-color); color: white; } +.level-l2 { background-color: var(--warning-color); color: #000; } +.level-l3 { background-color: var(--info-color); color: white; } +.level-l4 { background-color: var(--success-color); color: white; } +.level-l5 { background-color: var(--primary-color); color: white; } + +/* 空狀態樣式 */ +.empty-state { + text-align: center; + padding: 3rem 1rem; + color: var(--secondary-color); +} + +.empty-state i { + font-size: 3rem; + margin-bottom: 1rem; + opacity: 0.5; +} + +/* 載入狀態 */ +.loading-overlay { + position: absolute; + top: 0; + left: 0; + right: 0; + bottom: 0; + background: rgba(255, 255, 255, 0.8); + display: flex; + align-items: center; + justify-content: center; + z-index: 1000; + border-radius: var(--border-radius); +} + +/* 成功/錯誤狀態 */ +.status-success { + color: var(--success-color); +} + +.status-error { + color: var(--danger-color); +} + +.status-warning { + color: var(--warning-color); +} + +.status-info { + color: var(--info-color); +} \ No newline at end of file diff --git a/static/js/admin.js b/static/js/admin.js new file mode 100644 index 0000000..88e2661 --- /dev/null +++ b/static/js/admin.js @@ -0,0 +1,324 @@ +// Admin functionality JavaScript + +class AdminManager { + constructor() { + this.initializeEventListeners(); + } + + initializeEventListeners() { + // Export buttons + document.addEventListener('click', (e) => { + if (e.target.matches('[onclick*="exportData"]')) { + e.preventDefault(); + const onclick = e.target.getAttribute('onclick'); + const matches = onclick.match(/exportData\('([^']+)',\s*'([^']+)'\)/); + if (matches) { + this.exportData(matches[1], matches[2]); + } + } + }); + + // Calculate rankings button + document.addEventListener('click', (e) => { + if (e.target.matches('[onclick*="calculateMonthlyRankings"]')) { + e.preventDefault(); + this.calculateMonthlyRankings(); + } + }); + } + + async exportData(type, format) { + try { + this.showLoading(true, `正在匯出${type === 'assessments' ? '評估資料' : 'STAR回饋'}...`); + + const url = `/api/export/${type}?format=${format}`; + + // Create a temporary link to download the file + const link = document.createElement('a'); + link.href = url; + link.download = `${type}_${new Date().toISOString().split('T')[0]}.${format === 'excel' ? 'xlsx' : 'csv'}`; + document.body.appendChild(link); + link.click(); + document.body.removeChild(link); + + this.showSuccess(`${type === 'assessments' ? '評估資料' : 'STAR回饋'}匯出成功`); + + } catch (error) { + console.error('Export failed:', error); + this.showError('匯出失敗: ' + error.message); + } finally { + this.showLoading(false); + } + } + + async calculateMonthlyRankings() { + try { + const year = document.getElementById('calc-year').value; + const month = document.getElementById('calc-month').value; + + if (!year || !month) { + this.showError('請選擇年份和月份'); + return; + } + + this.showLoading(true, '正在計算月度排名...'); + + const response = await fetch('/api/rankings/calculate', { + method: 'POST', + headers: { + 'Content-Type': 'application/json' + }, + body: JSON.stringify({ + year: parseInt(year), + month: parseInt(month) + }) + }); + + if (!response.ok) { + throw new Error(`HTTP error! status: ${response.status}`); + } + + const result = await response.json(); + this.showSuccess(result.message); + + } catch (error) { + console.error('Calculate rankings failed:', error); + this.showError('排名計算失敗: ' + error.message); + } finally { + this.showLoading(false); + } + } + + showLoading(show, message = '處理中...') { + // You can implement a more sophisticated loading indicator here + if (show) { + console.log('Loading:', message); + } else { + console.log('Loading finished'); + } + } + + showSuccess(message) { + console.log('Success:', message); + if (window.showSuccess) { + window.showSuccess(message); + } + } + + showError(message) { + console.error('Error:', message); + if (window.showError) { + window.showError(message); + } + } +} + +// Data management utilities +class DataManager { + constructor() { + this.initializeDataManagement(); + } + + initializeDataManagement() { + // Add any data management functionality here + this.setupDataValidation(); + } + + setupDataValidation() { + // Validate data integrity + this.validateDataIntegrity(); + } + + async validateDataIntegrity() { + try { + // Check for orphaned records, missing references, etc. + console.log('Validating data integrity...'); + + // You can add specific validation logic here + + } catch (error) { + console.error('Data validation failed:', error); + } + } + + async getSystemStats() { + try { + const [assessments, feedbacks, employees] = await Promise.all([ + fetch('/api/assessments?per_page=1').then(r => r.json()), + fetch('/api/star-feedbacks?per_page=1').then(r => r.json()), + fetch('/api/rankings/total?limit=1').then(r => r.json()) + ]); + + return { + totalAssessments: assessments.total || 0, + totalFeedbacks: feedbacks.total || 0, + totalEmployees: employees.rankings.length || 0 + }; + } catch (error) { + console.error('Failed to get system stats:', error); + return null; + } + } +} + +// Export functionality +class ExportManager { + constructor() { + this.supportedFormats = ['excel', 'csv']; + } + + async exportAssessments(format = 'excel') { + return this.exportData('assessments', format); + } + + async exportStarFeedbacks(format = 'excel') { + return this.exportData('star-feedbacks', format); + } + + async exportData(type, format) { + if (!this.supportedFormats.includes(format)) { + throw new Error(`Unsupported format: ${format}`); + } + + const url = `/api/export/${type}?format=${format}`; + + try { + const response = await fetch(url); + + if (!response.ok) { + throw new Error(`Export failed: ${response.status}`); + } + + // Get filename from response headers or create default + const contentDisposition = response.headers.get('Content-Disposition'); + let filename = `${type}_${new Date().toISOString().split('T')[0]}.${format === 'excel' ? 'xlsx' : 'csv'}`; + + if (contentDisposition) { + const filenameMatch = contentDisposition.match(/filename="(.+)"/); + if (filenameMatch) { + filename = filenameMatch[1]; + } + } + + // Create blob and download + const blob = await response.blob(); + this.downloadBlob(blob, filename); + + return filename; + + } catch (error) { + console.error('Export failed:', error); + throw error; + } + } + + downloadBlob(blob, filename) { + const url = window.URL.createObjectURL(blob); + const link = document.createElement('a'); + link.href = url; + link.download = filename; + document.body.appendChild(link); + link.click(); + document.body.removeChild(link); + window.URL.revokeObjectURL(url); + } +} + +// Ranking calculation utilities +class RankingCalculator { + constructor() { + this.initializeRankingCalculation(); + } + + initializeRankingCalculation() { + // Add any ranking calculation setup here + } + + async calculateMonthlyRankings(year, month) { + try { + const response = await fetch('/api/rankings/calculate', { + method: 'POST', + headers: { + 'Content-Type': 'application/json' + }, + body: JSON.stringify({ year, month }) + }); + + if (!response.ok) { + throw new Error(`Calculation failed: ${response.status}`); + } + + const result = await response.json(); + return result; + + } catch (error) { + console.error('Ranking calculation failed:', error); + throw error; + } + } + + async getRankingHistory(year, month) { + try { + const response = await fetch(`/api/rankings/monthly?year=${year}&month=${month}`); + + if (!response.ok) { + throw new Error(`Failed to get ranking history: ${response.status}`); + } + + const result = await response.json(); + return result; + + } catch (error) { + console.error('Failed to get ranking history:', error); + throw error; + } + } +} + +// Initialize admin functionality when DOM is loaded +document.addEventListener('DOMContentLoaded', function() { + // Initialize admin manager + window.adminManager = new AdminManager(); + + // Initialize data manager + window.dataManager = new DataManager(); + + // Initialize export manager + window.exportManager = new ExportManager(); + + // Initialize ranking calculator + window.rankingCalculator = new RankingCalculator(); +}); + +// Global functions for HTML onclick handlers +function exportData(type, format) { + if (window.exportManager) { + window.exportManager.exportData(type, format); + } +} + +function calculateMonthlyRankings() { + if (window.rankingCalculator) { + const year = document.getElementById('calc-year').value; + const month = document.getElementById('calc-month').value; + + if (!year || !month) { + if (window.showError) { + window.showError('請選擇年份和月份'); + } + return; + } + + window.rankingCalculator.calculateMonthlyRankings(parseInt(year), parseInt(month)) + .then(result => { + if (window.showSuccess) { + window.showSuccess(result.message); + } + }) + .catch(error => { + if (window.showError) { + window.showError('排名計算失敗: ' + error.message); + } + }); + } +} diff --git a/static/js/app.js b/static/js/app.js new file mode 100644 index 0000000..8930cd3 --- /dev/null +++ b/static/js/app.js @@ -0,0 +1,1646 @@ +/** + * 夥伴對齊系統 - 前端應用程式 + * 包含認證、儀表板、評估、回饋、排名等功能 + */ + +class PartnerAlignmentApp { + constructor() { + this.currentUser = null; + this.accessToken = localStorage.getItem('accessToken'); + this.refreshToken = localStorage.getItem('refreshToken'); + this.currentSection = 'dashboard'; + + this.init(); + } + + init() { + this.setupEventListeners(); + this.checkAuthentication(); + this.setupNavigation(); + } + + setupEventListeners() { + // Login/Register modals + document.getElementById('loginBtn').addEventListener('click', () => this.showLoginModal()); + document.getElementById('showLoginBtn').addEventListener('click', () => this.showLoginModal()); + document.getElementById('showRegisterModal').addEventListener('click', () => this.showRegisterModal()); + + // Forms + document.getElementById('loginForm').addEventListener('submit', (e) => this.handleLogin(e)); + document.getElementById('registerForm').addEventListener('submit', (e) => this.handleRegister(e)); + document.getElementById('assessmentForm').addEventListener('submit', (e) => this.handleAssessmentSubmit(e)); + document.getElementById('starFeedbackForm').addEventListener('submit', (e) => this.handleStarFeedbackSubmit(e)); + + // Logout + document.getElementById('logoutBtn').addEventListener('click', () => this.handleLogout()); + + // Navigation + document.querySelectorAll('[data-section]').forEach(link => { + link.addEventListener('click', (e) => this.handleNavigation(e)); + }); + + // Ranking filters + document.getElementById('applyFilters').addEventListener('click', () => this.loadAdvancedRankings()); + + // Notifications + document.getElementById('markAllReadBtn').addEventListener('click', () => this.markAllNotificationsRead()); + + // Admin functions + document.getElementById('refreshUsersBtn').addEventListener('click', () => this.loadAdminUsers()); + + // Department capabilities management + document.getElementById('deptSelect').addEventListener('change', (e) => this.handleDepartmentSelect(e)); + document.getElementById('loadDeptCapabilitiesBtn').addEventListener('click', () => this.loadDepartmentCapabilities()); + document.getElementById('saveDeptCapabilitiesBtn').addEventListener('click', () => this.saveDepartmentCapabilities()); + + // Assessment department change - reload capabilities based on department + document.getElementById('assessmentDepartment').addEventListener('change', (e) => this.handleAssessmentDepartmentChange(e)); + + // Capabilities CSV import + document.getElementById('importCsvBtn').addEventListener('click', () => this.importCapabilitiesCsv()); + document.getElementById('downloadTemplateCsvBtn').addEventListener('click', () => this.downloadCsvTemplate()); + document.getElementById('refreshCapabilitiesBtn').addEventListener('click', () => this.loadCapabilitiesList()); + } + + setupNavigation() { + // Set default section + this.showSection('dashboard'); + } + + checkAuthentication() { + if (this.accessToken) { + // 嘗試從 localStorage 恢復用戶信息 + const storedUser = localStorage.getItem('currentUser'); + if (storedUser) { + try { + this.currentUser = JSON.parse(storedUser); + } catch (e) { + console.error('Failed to parse stored user:', e); + } + } + + if (this.currentUser) { + this.showAuthenticatedUI(); + this.loadDashboard(); + this.loadNotifications(); + } else { + this.validateToken(); + } + } else { + this.showLoginRequired(); + } + } + + async validateToken() { + try { + const response = await this.apiCall('/api/auth/protected', 'GET'); + if (response.ok) { + const data = await response.json(); + this.currentUser = data; + this.showAuthenticatedUI(); + this.loadDashboard(); + this.loadNotifications(); + } else { + this.handleTokenExpired(); + } + } catch (error) { + console.error('Token validation failed:', error); + this.handleTokenExpired(); + } + } + + handleTokenExpired() { + this.clearTokens(); + this.showLoginRequired(); + this.showToast('登入已過期,請重新登入', 'warning'); + } + + clearTokens() { + localStorage.removeItem('accessToken'); + localStorage.removeItem('refreshToken'); + this.accessToken = null; + this.refreshToken = null; + this.currentUser = null; + } + + showLoginRequired() { + document.getElementById('loginRequired').style.display = 'block'; + document.querySelectorAll('.section').forEach(section => { + section.style.display = 'none'; + }); + document.getElementById('authNav').style.display = 'block'; + document.getElementById('userNav').style.display = 'none'; + } + + showAuthenticatedUI() { + // 隱藏登入提示,顯示用戶界面 + const loginRequired = document.getElementById('loginRequired'); + if (loginRequired) loginRequired.style.display = 'none'; + + // 隱藏登入按鈕,顯示用戶菜單 + const authNav = document.getElementById('authNav'); + if (authNav) authNav.style.display = 'none'; + + const userNav = document.getElementById('userNav'); + if (userNav) userNav.style.display = 'block'; + + // 更新用戶顯示名稱 + const userDisplayName = document.getElementById('userDisplayName'); + if (userDisplayName && this.currentUser) { + userDisplayName.textContent = this.currentUser.full_name || this.currentUser.username || '用戶'; + } + + // 根據權限顯示/隱藏管理功能 + const adminNavItem = document.getElementById('adminNavItem'); + if (adminNavItem && this.currentUser) { + // 檢查用戶名或角色以決定是否顯示管理功能 + const username = this.currentUser.username || ''; + const hasAdminAccess = username === 'admin' || username === 'hr_manager'; + adminNavItem.style.display = hasAdminAccess ? 'block' : 'none'; + } + + // 顯示儀表板 + this.showSection('dashboard'); + } + + showLoginModal() { + const modal = new bootstrap.Modal(document.getElementById('loginModal')); + modal.show(); + } + + showRegisterModal() { + const loginModal = bootstrap.Modal.getInstance(document.getElementById('loginModal')); + if (loginModal) loginModal.hide(); + + const registerModal = new bootstrap.Modal(document.getElementById('registerModal')); + registerModal.show(); + } + + async handleLogin(e) { + e.preventDefault(); + + const username = document.getElementById('loginUsername').value; + const password = document.getElementById('loginPassword').value; + + try { + this.showLoading(true); + + const response = await fetch('/api/auth/login', { + method: 'POST', + headers: { + 'Content-Type': 'application/json', + }, + body: JSON.stringify({ username, password }) + }); + + if (response.ok) { + const data = await response.json(); + this.accessToken = data.access_token; + this.refreshToken = data.refresh_token; + this.currentUser = data.user; // 保存用戶信息 + + localStorage.setItem('accessToken', this.accessToken); + localStorage.setItem('refreshToken', this.refreshToken); + localStorage.setItem('currentUser', JSON.stringify(this.currentUser)); + + // Close modal + const modal = bootstrap.Modal.getInstance(document.getElementById('loginModal')); + if (modal) modal.hide(); + + // 更新 UI + this.showAuthenticatedUI(); + this.loadDashboard(); + this.loadNotifications(); + + this.showToast('登入成功!歡迎 ' + data.user.full_name, 'success'); + } else { + const error = await response.json(); + this.showToast(error.error || error.message || '登入失敗', 'error'); + } + } catch (error) { + console.error('Login error:', error); + this.showToast('登入時發生錯誤', 'error'); + } finally { + this.showLoading(false); + } + } + + async handleRegister(e) { + e.preventDefault(); + + const formData = { + username: document.getElementById('regUsername').value, + email: document.getElementById('regEmail').value, + password: document.getElementById('regPassword').value, + full_name: document.getElementById('regFullName').value, + department: document.getElementById('regDepartment').value, + position: document.getElementById('regPosition').value, + employee_id: document.getElementById('regEmployeeId').value + }; + + try { + this.showLoading(true); + + const response = await fetch('/api/auth/register', { + method: 'POST', + headers: { + 'Content-Type': 'application/json', + }, + body: JSON.stringify(formData) + }); + + if (response.ok) { + const modal = bootstrap.Modal.getInstance(document.getElementById('registerModal')); + modal.hide(); + this.showToast('註冊成功!請登入', 'success'); + this.showLoginModal(); + } else { + const error = await response.json(); + this.showToast(error.message || '註冊失敗', 'error'); + } + } catch (error) { + console.error('Register error:', error); + this.showToast('註冊時發生錯誤', 'error'); + } finally { + this.showLoading(false); + } + } + + handleLogout() { + this.clearTokens(); + localStorage.removeItem('currentUser'); // 清除用戶信息 + this.currentUser = null; + this.showLoginRequired(); + this.showToast('已登出', 'info'); + } + + handleNavigation(e) { + e.preventDefault(); + const section = e.currentTarget.getAttribute('data-section'); + this.showSection(section); + } + + showSection(sectionName) { + // Hide all sections + document.querySelectorAll('.section').forEach(section => { + section.style.display = 'none'; + }); + + // Show target section + const targetSection = document.getElementById(`${sectionName}-section`); + if (targetSection) { + targetSection.style.display = 'block'; + this.currentSection = sectionName; + + // Update navigation + document.querySelectorAll('[data-section]').forEach(link => { + link.classList.remove('active'); + }); + document.querySelector(`[data-section="${sectionName}"]`).classList.add('active'); + + // Load section-specific data + this.loadSectionData(sectionName); + } + } + + async loadSectionData(sectionName) { + switch (sectionName) { + case 'dashboard': + await this.loadDashboard(); + break; + case 'assessment': + await this.loadCapabilities(); + break; + case 'star-feedback': + // STAR feedback form is static + break; + case 'rankings': + await this.loadTotalRankings(); + await this.loadMonthlyRankings(); + break; + case 'admin': + await this.loadAdminData(); + break; + } + } + + async loadDashboard() { + try { + const response = await this.apiCall('/api/dashboard/me', 'GET'); + if (response.ok) { + const data = await response.json(); + this.renderDashboard(data); + } + } catch (error) { + console.error('Failed to load dashboard:', error); + } + } + + renderDashboard(data) { + const container = document.getElementById('dashboardContent'); + + container.innerHTML = ` +
+
+
+
+
+

總積分

+

${data.points_summary.total_points || 0}

+
+
+ +
+
+
+
+
+
+
+
+
+
+

本月積分

+

${data.points_summary.monthly_points || 0}

+
+
+ +
+
+
+
+
+
+
+
+
+
+

部門排名

+

${data.points_summary.department_rank || 'N/A'}

+
+
+ +
+
+
+
+
+
+
+
+
+
+

總排名

+

${data.points_summary.total_rank || 'N/A'}

+
+
+ +
+
+
+
+
+
+
+
+
最近通知
+
+
+ ${this.renderNotifications(data.recent_notifications)} +
+
+
+ `; + } + + renderNotifications(notifications) { + if (!notifications || notifications.length === 0) { + return '

暫無通知

'; + } + + return notifications.map(notification => ` + + `).join(''); + } + + async markNotificationAsRead(notificationId) { + try { + await this.apiCall(`/api/dashboard/notifications/${notificationId}/read`, 'POST'); + this.loadDashboard(); // Reload dashboard to update notifications + } catch (error) { + console.error('Failed to mark notification as read:', error); + } + } + + async loadCapabilities(department = null) { + try { + let url = '/api/capabilities'; + + // 如果指定了部門,則只載入該部門選擇的能力項目 + if (department) { + url = `/api/department-capabilities/${department}`; + } + + const response = await this.apiCall(url, 'GET'); + if (response.ok) { + const data = await response.json(); + this.renderCapabilities(data.capabilities); + } + } catch (error) { + console.error('Failed to load capabilities:', error); + } + } + + async handleAssessmentDepartmentChange(e) { + const department = e.target.value; + const container = document.getElementById('capabilitiesContainer'); + + if (!department) { + container.innerHTML = ` +
+ + 請先選擇部門以載入對應的能力評估項目 +
+ `; + return; + } + + // 根據選擇的部門載入能力項目 + await this.loadCapabilities(department); + } + + renderCapabilities(capabilities) { + const container = document.getElementById('capabilitiesContainer'); + + if (!capabilities || capabilities.length === 0) { + container.innerHTML = ` +
+ + 該部門尚未設定能力評估項目。請聯繫管理員進行設定。 +
+ `; + return; + } + + container.innerHTML = capabilities.map(capability => ` +
+
+
${capability.name}
+
+
+
+
+ +
+ + +
+
+
+ +
+ + +
+
+
+ +
+ + +
+
+
+ +
+ + +
+
+
+ +
+ + +
+
+
+
+
+ `).join(''); + } + + async handleAssessmentSubmit(e) { + e.preventDefault(); + + const formData = { + department: document.getElementById('assessmentDepartment').value, + position: document.getElementById('assessmentPosition').value, + employee_name: document.getElementById('assessmentEmployeeName').value, + assessment_data: this.collectAssessmentData() + }; + + try { + this.showLoading(true); + + const response = await this.apiCall('/api/assessments', 'POST', formData); + + if (response.ok) { + this.showToast('評估提交成功!', 'success'); + document.getElementById('assessmentForm').reset(); + } else { + const error = await response.json(); + this.showToast(error.error || '提交失敗', 'error'); + } + } catch (error) { + console.error('Assessment submission error:', error); + this.showToast('提交時發生錯誤', 'error'); + } finally { + this.showLoading(false); + } + } + + collectAssessmentData() { + const data = {}; + document.querySelectorAll('[name^="capability_"]:checked').forEach(radio => { + const capabilityId = radio.name.split('_')[1]; + data[capabilityId] = parseInt(radio.value); + }); + return data; + } + + async handleStarFeedbackSubmit(e) { + e.preventDefault(); + + const formData = { + evaluator_name: document.getElementById('evaluatorName').value, + evaluatee_name: document.getElementById('evaluateeName').value, + evaluatee_department: document.getElementById('evaluateeDepartment').value, + evaluatee_position: document.getElementById('evaluateePosition').value, + situation: document.getElementById('situation').value, + task: document.getElementById('task').value, + action: document.getElementById('action').value, + result: document.getElementById('result').value, + score: parseInt(document.getElementById('score').value) + }; + + try { + this.showLoading(true); + + const response = await this.apiCall('/api/star-feedbacks', 'POST', formData); + + if (response.ok) { + const data = await response.json(); + this.showToast(`回饋提交成功!獲得 ${data.points_earned} 積分`, 'success'); + document.getElementById('starFeedbackForm').reset(); + } else { + const error = await response.json(); + this.showToast(error.error || '提交失敗', 'error'); + } + } catch (error) { + console.error('STAR feedback submission error:', error); + this.showToast('提交時發生錯誤', 'error'); + } finally { + this.showLoading(false); + } + } + + async loadTotalRankings() { + try { + const department = document.getElementById('totalRankingDepartment').value; + const params = department ? `?department=${encodeURIComponent(department)}` : ''; + + const response = await this.apiCall(`/api/rankings/total${params}`, 'GET'); + if (response.ok) { + const data = await response.json(); + this.renderTotalRankings(data.rankings); + } + } catch (error) { + console.error('Failed to load total rankings:', error); + } + } + + renderTotalRankings(rankings) { + const container = document.getElementById('totalRankingsList'); + + if (!rankings || rankings.length === 0) { + container.innerHTML = '

暫無排名數據

'; + return; + } + + container.innerHTML = ` +
+ + + + + + + + + + + + ${rankings.map(ranking => ` + + + + + + + + `).join('')} + +
排名姓名部門職位總積分
${ranking.rank}${ranking.employee_name}${ranking.department}${ranking.position}${ranking.total_points}
+
+ `; + } + + async loadMonthlyRankings() { + try { + const year = document.getElementById('monthlyRankingYear').value; + const month = document.getElementById('monthlyRankingMonth').value; + + const response = await this.apiCall(`/api/rankings/monthly?year=${year}&month=${month}`, 'GET'); + if (response.ok) { + const data = await response.json(); + this.renderMonthlyRankings(data.rankings); + } + } catch (error) { + console.error('Failed to load monthly rankings:', error); + } + } + + renderMonthlyRankings(rankings) { + const container = document.getElementById('monthlyRankingsList'); + + if (!rankings || rankings.length === 0) { + container.innerHTML = '

暫無月度排名數據

'; + return; + } + + container.innerHTML = ` +
+ + + + + + + + + + + + ${rankings.map(ranking => ` + + + + + + + + `).join('')} + +
排名姓名部門職位月度積分
${ranking.ranking}${ranking.employee_name}${ranking.department}${ranking.position}${ranking.monthly_points}
+
+ `; + } + + async loadAdminData() { + // Load admin data based on user permissions + if (this.currentUser && this.currentUser.roles) { + const hasUserManagement = this.currentUser.roles.some(role => + ['super_admin', 'admin', 'hr_manager'].includes(role) + ); + + if (hasUserManagement) { + await this.loadUsersManagement(); + } + } + } + + async loadUsersManagement() { + try { + const response = await this.apiCall('/api/admin/users', 'GET'); + if (response.ok) { + const data = await response.json(); + this.renderUsersManagement(data); + } + } catch (error) { + console.error('Failed to load users management:', error); + } + } + + renderUsersManagement(users) { + const container = document.getElementById('usersManagement'); + + container.innerHTML = ` +
+
用戶管理
+ +
+
+ + + + + + + + + + + + + + + ${users.map(user => ` + + + + + + + + + + + `).join('')} + +
ID用戶名姓名部門職位狀態角色操作
${user.id}${user.username}${user.full_name}${user.department}${user.position} + + ${user.is_active ? '啟用' : '停用'} + + + ${user.roles.map(role => `${role}`).join('')} + + + +
+
+ `; + } + + async apiCall(url, method = 'GET', data = null) { + const options = { + method, + headers: { + 'Content-Type': 'application/json', + } + }; + + if (this.accessToken) { + options.headers['Authorization'] = `Bearer ${this.accessToken}`; + } + + if (data) { + options.body = JSON.stringify(data); + } + + const response = await fetch(url, options); + + // Handle token refresh if needed + if (response.status === 401 && this.refreshToken) { + const refreshed = await this.refreshAccessToken(); + if (refreshed) { + // Retry the original request + options.headers['Authorization'] = `Bearer ${this.accessToken}`; + return await fetch(url, options); + } + } + + return response; + } + + async refreshAccessToken() { + try { + const response = await fetch('/api/auth/refresh', { + method: 'POST', + headers: { + 'Content-Type': 'application/json', + }, + body: JSON.stringify({ refresh_token: this.refreshToken }) + }); + + if (response.ok) { + const data = await response.json(); + this.accessToken = data.access_token; + localStorage.setItem('accessToken', this.accessToken); + return true; + } + } catch (error) { + console.error('Token refresh failed:', error); + } + + this.clearTokens(); + return false; + } + + showLoading(show) { + document.getElementById('loadingSpinner').style.display = show ? 'block' : 'none'; + } + + showToast(message, type = 'info') { + const toast = document.getElementById('toast'); + const toastMessage = document.getElementById('toastMessage'); + + toastMessage.textContent = message; + + // Update toast styling based on type + const toastHeader = toast.querySelector('.toast-header'); + const icon = toastHeader.querySelector('i'); + + icon.className = `bi me-2`; + switch (type) { + case 'success': + icon.classList.add('bi-check-circle-fill', 'text-success'); + break; + case 'error': + icon.classList.add('bi-exclamation-triangle-fill', 'text-danger'); + break; + case 'warning': + icon.classList.add('bi-exclamation-circle-fill', 'text-warning'); + break; + default: + icon.classList.add('bi-info-circle-fill', 'text-primary'); + } + + const bsToast = new bootstrap.Toast(toast); + bsToast.show(); + } +} + +// Enhanced dashboard rendering methods +function renderRecentActivities(activities) { + const container = document.getElementById('recentActivities'); + + if (!activities || activities.length === 0) { + container.innerHTML = ` +
+ +

暫無最近活動

+
+ `; + return; + } + + const activitiesHtml = activities.map(activity => ` +
+
+ +
+
+
${activity.title}
+ ${activity.description} +
${new Date(activity.created_at).toLocaleString()}
+
+
+ +${activity.points || 0} +
+
+ `).join(''); + + container.innerHTML = activitiesHtml; +} + +function renderAchievements(achievements) { + const container = document.getElementById('achievements'); + + if (!achievements || achievements.length === 0) { + container.innerHTML = ` +
+ +

暫無成就

+
+ `; + return; + } + + const achievementsHtml = achievements.map(achievement => ` +
+
+ +
+
+
${achievement.name}
+ ${achievement.description} +
+
+ `).join(''); + + container.innerHTML = achievementsHtml; +} + +function renderPerformanceChart(performanceData) { + const ctx = document.getElementById('pointsChart'); + if (!ctx) return; + + const chartCtx = ctx.getContext('2d'); + + // Destroy existing chart if it exists + if (window.pointsChart) { + window.pointsChart.destroy(); + } + + const labels = performanceData.map(item => item.month); + const data = performanceData.map(item => item.points); + + window.pointsChart = new Chart(chartCtx, { + type: 'line', + data: { + labels: labels, + datasets: [{ + label: '積分', + data: data, + borderColor: 'rgb(75, 192, 192)', + backgroundColor: 'rgba(75, 192, 192, 0.2)', + tension: 0.1 + }] + }, + options: { + responsive: true, + plugins: { + legend: { + display: false + } + }, + scales: { + y: { + beginAtZero: true + } + } + } + }); +} + +function getActivityIcon(type) { + const icons = { + 'assessment': 'clipboard-check', + 'feedback': 'star-fill', + 'achievement': 'trophy-fill', + 'ranking': 'award' + }; + return icons[type] || 'circle'; +} + +function getActivityBadgeColor(type) { + const colors = { + 'assessment': 'primary', + 'feedback': 'success', + 'achievement': 'warning', + 'ranking': 'info' + }; + return colors[type] || 'secondary'; +} + +// Advanced ranking system methods +async function loadAdvancedRankings() { + try { + const department = document.getElementById('rankingDepartment').value; + const position = document.getElementById('rankingPosition').value; + const minPoints = document.getElementById('minPoints').value; + const maxPoints = document.getElementById('maxPoints').value; + + const params = new URLSearchParams(); + if (department) params.append('department', department); + if (position) params.append('position', position); + if (minPoints) params.append('min_points', minPoints); + if (maxPoints) params.append('max_points', maxPoints); + + const response = await fetch(`/api/rankings/advanced?${params.toString()}`); + const data = await response.json(); + + renderAdvancedRankings(data); + } catch (error) { + console.error('Failed to load advanced rankings:', error); + } +} + +function renderAdvancedRankings(data) { + // Update statistics + if (data.statistics) { + document.getElementById('totalCount').textContent = data.statistics.total_count; + document.getElementById('avgPoints').textContent = data.statistics.average_points; + document.getElementById('medianPoints').textContent = data.statistics.median_points; + document.getElementById('maxPoints').textContent = data.statistics.max_points; + document.getElementById('minPoints').textContent = data.statistics.min_points; + document.getElementById('stdDev').textContent = data.statistics.standard_deviation; + + document.getElementById('rankingStats').style.display = 'block'; + } + + // Render rankings + const container = document.getElementById('rankingsList'); + + if (!data.rankings || data.rankings.length === 0) { + container.innerHTML = ` +
+ +

沒有找到符合條件的排名數據

+
+ `; + return; + } + + const rankingsHtml = data.rankings.map(ranking => ` +
+
+
+ #${ranking.rank} + ${ranking.percentile}% +
+
+
+
+
+
${ranking.employee_name}
+ ${ranking.department} - ${ranking.position} +
+
+
+ + ${ranking.tier.name} + + ${ranking.total_points} 分 +
+ + 本月: ${ranking.monthly_points} 分 + ${ranking.vs_average >= 0 ? '+' : ''}${ranking.vs_average} vs 平均 + +
+
+
+
+ `).join(''); + + container.innerHTML = rankingsHtml; +} + +function getRankBadgeColor(rank) { + if (rank === 1) return 'warning'; + if (rank <= 3) return 'success'; + if (rank <= 10) return 'info'; + return 'secondary'; +} + +// Notification system methods +async function loadNotifications() { + try { + const response = await fetch('/api/notifications'); + const data = await response.json(); + renderNotifications(data); + } catch (error) { + console.error('Failed to load notifications:', error); + } +} + +function renderNotifications(data) { + const container = document.getElementById('notificationsList'); + const badge = document.getElementById('notificationBadge'); + + // Update badge + if (data.unread_count > 0) { + badge.textContent = data.unread_count; + badge.style.display = 'block'; + } else { + badge.style.display = 'none'; + } + + // Render notifications + if (!data.notifications || data.notifications.length === 0) { + container.innerHTML = ` +
+ +

暫無通知

+
+ `; + return; + } + + const notificationsHtml = data.notifications.map(notification => ` +
  • +
    +
    + +
    +
    +
    +
    +
    ${notification.title}
    +

    ${notification.message}

    + ${formatNotificationTime(notification.created_at)} +
    + ${!notification.is_read ? '' : ''} +
    +
    +
    +
    • + `).join(''); + + container.innerHTML = notificationsHtml; +} + +async function markAllNotificationsRead() { + try { + const response = await fetch('/api/notifications/read-all', { + method: 'POST', + headers: { + 'Content-Type': 'application/json' + } + }); + + if (response.ok) { + // Reload notifications + loadNotifications(); + showToast('所有通知已標記為已讀', 'success'); + } + } catch (error) { + console.error('Failed to mark all notifications as read:', error); + } +} + +function formatNotificationTime(dateString) { + const date = new Date(dateString); + const now = new Date(); + const diffMs = now - date; + const diffMins = Math.floor(diffMs / 60000); + const diffHours = Math.floor(diffMs / 3600000); + const diffDays = Math.floor(diffMs / 86400000); + + if (diffMins < 1) return '剛剛'; + if (diffMins < 60) return `${diffMins}分鐘前`; + if (diffHours < 24) return `${diffHours}小時前`; + if (diffDays < 7) return `${diffDays}天前`; + + return date.toLocaleDateString('zh-TW'); +} + +function showToast(message, type = 'info') { + const toast = document.getElementById('toast'); + const toastMessage = document.getElementById('toastMessage'); + const toastHeader = toast.querySelector('.toast-header i'); + + toastMessage.textContent = message; + + // Update icon based on type + const icons = { + 'success': 'check-circle-fill text-success', + 'error': 'exclamation-triangle-fill text-danger', + 'warning': 'exclamation-triangle-fill text-warning', + 'info': 'info-circle-fill text-primary' + }; + + toastHeader.className = `bi ${icons[type] || icons.info} me-2`; + + const bsToast = new bootstrap.Toast(toast); + bsToast.show(); +} + +// Admin management methods +async function loadAdminData() { + try { + const response = await fetch('/api/admin/statistics'); + const data = await response.json(); + renderAdminStatistics(data); + } catch (error) { + console.error('Failed to load admin statistics:', error); + } +} + +function renderAdminStatistics(data) { + // Update overview cards + document.getElementById('adminTotalUsers').textContent = data.total_users; + document.getElementById('adminActiveUsers').textContent = data.active_users; + document.getElementById('adminTotalAssessments').textContent = data.total_assessments; + document.getElementById('adminTotalFeedbacks').textContent = data.total_feedbacks; + + // Render department stats + const deptContainer = document.getElementById('departmentStats'); + if (data.department_stats && data.department_stats.length > 0) { + const deptHtml = data.department_stats.map(dept => ` +
    + ${dept.department} + ${dept.count} +
    + `).join(''); + deptContainer.innerHTML = deptHtml; + } else { + deptContainer.innerHTML = '

    暫無部門數據

    '; + } + + // Render points stats + const pointsContainer = document.getElementById('pointsStats'); + if (data.points_stats) { + pointsContainer.innerHTML = ` +
    + 平均積分 +
    ${data.points_stats.average}
    +
    +
    + 最高積分 +
    ${data.points_stats.maximum}
    +
    +
    + 最低積分 +
    ${data.points_stats.minimum}
    +
    + `; + } else { + pointsContainer.innerHTML = '

    暫無積分數據

    '; + } +} + +async function loadAdminUsers() { + try { + const response = await fetch('/api/admin/users'); + const data = await response.json(); + renderAdminUsers(data.users); + } catch (error) { + console.error('Failed to load admin users:', error); + } +} + +function renderAdminUsers(users) { + const container = document.getElementById('usersManagement'); + + if (!users || users.length === 0) { + container.innerHTML = ` +
    + +

    暫無用戶數據

    +
    + `; + return; + } + + const usersHtml = users.map(user => ` +
    +
    +
    + +
    +
    +
    +
    +
    +
    ${user.full_name}
    + ${user.username} | ${user.email} +
    ${user.department} - ${user.position}
    +
    +
    + + ${user.is_active ? '活躍' : '停用'} + +
    + 員工編號: ${user.employee_id} +
    +
    +
    +
    +
    + `).join(''); + + container.innerHTML = usersHtml; +} + +// =================================== +// Department Capabilities Management +// =================================== + +PartnerAlignmentApp.prototype.handleDepartmentSelect = async function(e) { + const department = e.target.value; + const loadBtn = document.getElementById('loadDeptCapabilitiesBtn'); + const saveBtn = document.getElementById('saveDeptCapabilitiesBtn'); + + if (!department) { + loadBtn.disabled = true; + saveBtn.disabled = true; + document.getElementById('capabilitiesCheckboxList').innerHTML = ` +
    + +

    請先選擇部門

    +
    + `; + return; + } + + loadBtn.disabled = false; + saveBtn.disabled = false; + + // 自動載入所有能力項目供選擇 + await this.loadAllCapabilitiesForSelection(); + + // 自動載入該部門已選擇的能力項目 + await this.loadDepartmentCapabilities(); +} + +PartnerAlignmentApp.prototype.loadAllCapabilitiesForSelection = async function() { + const container = document.getElementById('capabilitiesCheckboxList'); + + try { + container.innerHTML = '
    '; + + const response = await fetch('/api/capabilities'); + const data = await response.json(); + + if (data.capabilities && data.capabilities.length > 0) { + container.innerHTML = ` +
    + + 請勾選該部門要進行評分的能力項目 +
    +
    + ${data.capabilities.map(cap => ` +
    +
    +
    +
    + + +
    +
    +
    L1: ${cap.l1_description || 'N/A'}
    +
    L2: ${cap.l2_description || 'N/A'}
    +
    L3: ${cap.l3_description || 'N/A'}
    +
    L4: ${cap.l4_description || 'N/A'}
    +
    L5: ${cap.l5_description || 'N/A'}
    +
    +
    +
    +
    + `).join('')} +
    + `; + } else { + container.innerHTML = ` +
    + + 目前沒有可用的能力項目。請先由系統管理員建立能力項目。 +
    + `; + } + } catch (error) { + console.error('載入能力項目失敗:', error); + this.showError('載入能力項目時發生錯誤'); + container.innerHTML = ` +
    + + 載入失敗,請稍後再試 +
    + `; + } +} + +PartnerAlignmentApp.prototype.loadDepartmentCapabilities = async function() { + const department = document.getElementById('deptSelect').value; + + if (!department) { + this.showError('請先選擇部門'); + return; + } + + try { + const response = await fetch(`/api/department-capabilities/${department}`); + const data = await response.json(); + + // 取消所有勾選 + document.querySelectorAll('.capability-checkbox').forEach(cb => { + cb.checked = false; + }); + + // 勾選該部門已選擇的能力項目 + if (data.capabilities && data.capabilities.length > 0) { + data.capabilities.forEach(cap => { + const checkbox = document.getElementById(`cap_${cap.id}`); + if (checkbox) { + checkbox.checked = true; + } + }); + + this.showSuccess(`已載入 ${department} 部門的能力項目設定 (${data.capabilities.length} 項)`); + } else { + this.showInfo(`${department} 部門尚未設定能力項目`); + } + } catch (error) { + console.error('載入部門能力設定失敗:', error); + this.showError('載入部門能力設定時發生錯誤'); + } +} + +PartnerAlignmentApp.prototype.saveDepartmentCapabilities = async function() { + const department = document.getElementById('deptSelect').value; + + if (!department) { + this.showError('請先選擇部門'); + return; + } + + // 收集已勾選的能力項目ID + const selectedCapabilities = []; + document.querySelectorAll('.capability-checkbox:checked').forEach(cb => { + selectedCapabilities.push(parseInt(cb.value)); + }); + + if (selectedCapabilities.length === 0) { + this.showError('請至少選擇一個能力項目'); + return; + } + + try { + const response = await fetch(`/api/department-capabilities/${department}`, { + method: 'POST', + headers: { + 'Content-Type': 'application/json' + }, + body: JSON.stringify({ + capability_ids: selectedCapabilities + }) + }); + + const data = await response.json(); + + if (response.ok) { + this.showSuccess(data.message || '儲存成功'); + } else { + this.showError(data.error || '儲存失敗'); + } + } catch (error) { + console.error('儲存部門能力設定失敗:', error); + this.showError('儲存時發生錯誤'); + } +} + +// =================================== +// Capabilities CSV Import & Management +// =================================== + +PartnerAlignmentApp.prototype.importCapabilitiesCsv = async function() { + const fileInput = document.getElementById('csvFileInput'); + const file = fileInput.files[0]; + + if (!file) { + this.showError('請選擇 CSV 檔案'); + return; + } + + const formData = new FormData(); + formData.append('file', file); + + try { + const response = await fetch('/api/capabilities/import-csv', { + method: 'POST', + body: formData + }); + + const data = await response.json(); + + if (response.ok) { + this.showSuccess(data.message); + + if (data.errors && data.errors.length > 0) { + console.warn('匯入警告:', data.errors); + alert('匯入完成,但有以下警告:\n' + data.errors.join('\n')); + } + + // 清空檔案選擇 + fileInput.value = ''; + + // 自動刷新能力項目列表 + await this.loadCapabilitiesList(); + } else { + this.showError(data.error || '匯入失敗'); + } + } catch (error) { + console.error('CSV 匯入失敗:', error); + this.showError('匯入時發生錯誤'); + } +} + +PartnerAlignmentApp.prototype.downloadCsvTemplate = function() { + // 建立 CSV 範本內容 + const csvContent = `name,l1_description,l2_description,l3_description,l4_description,l5_description +溝通能力,基本溝通,有效溝通,專業溝通,領導溝通,戰略溝通 +技術能力,基礎技術,熟練技術,專業技術,專家技術,大師技術 +領導能力,自我管理,團隊協作,團隊領導,部門領導,戰略領導`; + + // 建立 Blob 並下載 + const blob = new Blob([csvContent], { type: 'text/csv;charset=utf-8;' }); + const link = document.createElement('a'); + const url = URL.createObjectURL(blob); + + link.setAttribute('href', url); + link.setAttribute('download', 'capabilities_template.csv'); + link.style.visibility = 'hidden'; + document.body.appendChild(link); + link.click(); + document.body.removeChild(link); + + this.showSuccess('CSV 範本已下載'); +} + +PartnerAlignmentApp.prototype.loadCapabilitiesList = async function() { + const container = document.getElementById('capabilitiesList'); + + try { + container.innerHTML = '
    '; + + const response = await fetch('/api/capabilities'); + const data = await response.json(); + + if (data.capabilities && data.capabilities.length > 0) { + container.innerHTML = ` +
    + + + + + + + + + + + + + + ${data.capabilities.map(cap => ` + + + + + + + + + + `).join('')} + +
    能力名稱L1L2L3L4L5狀態
    ${cap.name}${cap.l1_description || '-'}${cap.l2_description || '-'}${cap.l3_description || '-'}${cap.l4_description || '-'}${cap.l5_description || '-'}啟用
    +
    +
    + + 共 ${data.capabilities.length} 個能力項目 +
    + `; + } else { + container.innerHTML = ` +
    + + 目前沒有能力項目。請使用 CSV 匯入功能新增。 +
    + `; + } + } catch (error) { + console.error('載入能力項目列表失敗:', error); + this.showError('載入能力項目列表時發生錯誤'); + container.innerHTML = ` +
    + + 載入失敗,請稍後再試 +
    + `; + } +} + +// Global function to fill login form with test account credentials +function fillLoginForm(username, password) { + document.getElementById('loginUsername').value = username; + document.getElementById('loginPassword').value = password; + + // Show a brief notification + const toast = document.getElementById('toast'); + const toastMessage = document.getElementById('toastMessage'); + toastMessage.textContent = `已填入 ${username} 的登入資訊`; + const bsToast = new bootstrap.Toast(toast); + bsToast.show(); +} + +// Initialize the application +const app = new PartnerAlignmentApp(); \ No newline at end of file diff --git a/static/js/assessment.js b/static/js/assessment.js new file mode 100644 index 0000000..5ae1505 --- /dev/null +++ b/static/js/assessment.js @@ -0,0 +1,386 @@ +// Assessment-specific JavaScript functionality + +// Enhanced drag and drop for assessment +class AssessmentDragDrop { + constructor() { + this.draggedElement = null; + this.initializeDragDrop(); + } + + initializeDragDrop() { + // Set up drag and drop for capability items + document.addEventListener('dragstart', (e) => { + if (e.target.classList.contains('capability-item')) { + this.handleDragStart(e); + } + }); + + document.addEventListener('dragover', (e) => { + if (e.target.closest('.drop-zone')) { + this.handleDragOver(e); + } + }); + + document.addEventListener('dragleave', (e) => { + if (e.target.closest('.drop-zone')) { + this.handleDragLeave(e); + } + }); + + document.addEventListener('drop', (e) => { + if (e.target.closest('.drop-zone')) { + this.handleDrop(e); + } + }); + + document.addEventListener('dragend', (e) => { + if (e.target.classList.contains('capability-item')) { + this.handleDragEnd(e); + } + }); + } + + handleDragStart(e) { + this.draggedElement = e.target; + e.target.classList.add('dragging'); + e.dataTransfer.effectAllowed = 'move'; + e.dataTransfer.setData('text/html', e.target.outerHTML); + e.dataTransfer.setData('text/plain', e.target.dataset.capabilityId); + } + + handleDragOver(e) { + e.preventDefault(); + e.dataTransfer.dropEffect = 'move'; + const dropZone = e.target.closest('.drop-zone'); + if (dropZone) { + dropZone.classList.add('drag-over'); + } + } + + handleDragLeave(e) { + const dropZone = e.target.closest('.drop-zone'); + if (dropZone && !dropZone.contains(e.relatedTarget)) { + dropZone.classList.remove('drag-over'); + } + } + + handleDrop(e) { + e.preventDefault(); + const dropZone = e.target.closest('.drop-zone'); + if (dropZone) { + dropZone.classList.remove('drag-over'); + + if (this.draggedElement) { + this.moveCapability(this.draggedElement, dropZone); + } + } + } + + handleDragEnd(e) { + e.target.classList.remove('dragging'); + this.draggedElement = null; + } + + moveCapability(capabilityElement, targetDropZone) { + // Remove from original position + capabilityElement.remove(); + + // Create new element in target drop zone + const newElement = this.createCapabilityElement(capabilityElement); + + // Clear target drop zone and add new element + targetDropZone.innerHTML = ''; + targetDropZone.appendChild(newElement); + targetDropZone.classList.add('has-items'); + + // Update visual state + this.updateDropZoneState(targetDropZone); + } + + createCapabilityElement(originalElement) { + const newElement = document.createElement('div'); + newElement.className = 'capability-item'; + newElement.draggable = true; + newElement.dataset.capabilityId = originalElement.dataset.capabilityId; + newElement.dataset.capabilityName = originalElement.dataset.capabilityName; + newElement.textContent = originalElement.dataset.capabilityName; + + // Add click to remove functionality + newElement.addEventListener('dblclick', () => { + this.removeCapabilityFromLevel(newElement); + }); + + return newElement; + } + + removeCapabilityFromLevel(capabilityElement) { + const dropZone = capabilityElement.closest('.drop-zone'); + if (dropZone) { + // Return to available capabilities + this.returnToAvailable(capabilityElement); + + // Update drop zone state + this.updateDropZoneState(dropZone); + } + } + + returnToAvailable(capabilityElement) { + const availableContainer = document.getElementById('available-capabilities'); + if (availableContainer) { + const newElement = this.createCapabilityElement(capabilityElement); + availableContainer.appendChild(newElement); + } + } + + updateDropZoneState(dropZone) { + const hasItems = dropZone.querySelector('.capability-item'); + + if (hasItems) { + dropZone.classList.add('has-items'); + dropZone.classList.remove('empty'); + } else { + dropZone.classList.remove('has-items'); + dropZone.classList.add('empty'); + dropZone.innerHTML = '
    拖放能力到此處
    '; + } + } +} + +// Capability management +class CapabilityManager { + constructor() { + this.capabilities = []; + this.loadCapabilities(); + } + + async loadCapabilities() { + try { + const response = await fetch('/api/capabilities'); + const data = await response.json(); + this.capabilities = data.capabilities; + this.displayCapabilities(); + } catch (error) { + console.error('Failed to load capabilities:', error); + this.showError('載入能力清單失敗'); + } + } + + displayCapabilities() { + const container = document.getElementById('available-capabilities'); + if (!container) return; + + container.innerHTML = ''; + + this.capabilities.forEach(capability => { + const capabilityElement = this.createCapabilityElement(capability); + container.appendChild(capabilityElement); + }); + } + + createCapabilityElement(capability) { + const element = document.createElement('div'); + element.className = 'capability-item'; + element.draggable = true; + element.dataset.capabilityId = capability.id; + element.dataset.capabilityName = capability.name; + element.textContent = capability.name; + + // Add tooltip with description + element.title = this.getCapabilityDescription(capability); + + return element; + } + + getCapabilityDescription(capability) { + const descriptions = [ + capability.l1_description, + capability.l2_description, + capability.l3_description, + capability.l4_description, + capability.l5_description + ].filter(desc => desc && desc.trim()); + + return descriptions.join('\n\n'); + } + + showError(message) { + // You can implement a more sophisticated error display here + console.error(message); + } +} + +// Assessment form validation and submission +class AssessmentForm { + constructor() { + this.form = document.getElementById('assessment-form'); + this.initializeForm(); + } + + initializeForm() { + if (this.form) { + this.form.addEventListener('submit', (e) => { + e.preventDefault(); + this.handleSubmit(); + }); + } + } + + async handleSubmit() { + if (!this.validateForm()) { + return; + } + + const assessmentData = this.collectAssessmentData(); + + try { + this.showLoading(true); + + const response = await fetch('/api/assessments', { + method: 'POST', + headers: { + 'Content-Type': 'application/json' + }, + body: JSON.stringify(assessmentData) + }); + + if (!response.ok) { + throw new Error(`HTTP error! status: ${response.status}`); + } + + const result = await response.json(); + this.showSuccess(result.message); + this.clearForm(); + + } catch (error) { + console.error('Assessment submission failed:', error); + this.showError('評估提交失敗: ' + error.message); + } finally { + this.showLoading(false); + } + } + + validateForm() { + const department = document.getElementById('department').value.trim(); + const position = document.getElementById('position').value.trim(); + + if (!department) { + this.showError('請填寫部門'); + return false; + } + + if (!position) { + this.showError('請填寫職位'); + return false; + } + + // Check if at least one capability is assigned + const hasAssignedCapabilities = this.hasAssignedCapabilities(); + if (!hasAssignedCapabilities) { + this.showError('請至少分配一個能力到某個等級'); + return false; + } + + return true; + } + + hasAssignedCapabilities() { + const levels = ['L1', 'L2', 'L3', 'L4', 'L5']; + + for (let level of levels) { + const dropZone = document.getElementById(`level-${level.toLowerCase()}`); + if (dropZone && dropZone.querySelector('.capability-item')) { + return true; + } + } + + return false; + } + + collectAssessmentData() { + const formData = new FormData(this.form); + const assessmentData = { + department: formData.get('department'), + position: formData.get('position'), + employee_name: formData.get('employee_name') || null, + assessment_data: {} + }; + + // Collect capability assignments + const levels = ['L1', 'L2', 'L3', 'L4', 'L5']; + + levels.forEach(level => { + const dropZone = document.getElementById(`level-${level.toLowerCase()}`); + const capabilityItems = dropZone.querySelectorAll('.capability-item'); + assessmentData.assessment_data[level] = Array.from(capabilityItems).map(item => item.dataset.capabilityName); + }); + + return assessmentData; + } + + clearForm() { + this.form.reset(); + + // Clear all drop zones + const levels = ['L1', 'L2', 'L3', 'L4', 'L5']; + levels.forEach(level => { + const dropZone = document.getElementById(`level-${level.toLowerCase()}`); + if (dropZone) { + dropZone.innerHTML = '
    拖放能力到此處
    '; + dropZone.classList.remove('has-items'); + } + }); + + // Reload capabilities + if (window.capabilityManager) { + window.capabilityManager.loadCapabilities(); + } + } + + showLoading(show) { + const submitButton = this.form.querySelector('button[type="submit"]'); + if (submitButton) { + if (show) { + submitButton.disabled = true; + submitButton.innerHTML = ' 儲存中...'; + } else { + submitButton.disabled = false; + submitButton.innerHTML = '儲存評估'; + } + } + } + + showSuccess(message) { + // You can implement a more sophisticated success display here + console.log('Success:', message); + if (window.showSuccess) { + window.showSuccess(message); + } + } + + showError(message) { + // You can implement a more sophisticated error display here + console.error('Error:', message); + if (window.showError) { + window.showError(message); + } + } +} + +// Initialize assessment functionality when DOM is loaded +document.addEventListener('DOMContentLoaded', function() { + // Initialize drag and drop + window.assessmentDragDrop = new AssessmentDragDrop(); + + // Initialize capability manager + window.capabilityManager = new CapabilityManager(); + + // Initialize assessment form + window.assessmentForm = new AssessmentForm(); +}); + +// Global function for clearing assessment (called from HTML) +function clearAssessment() { + if (window.assessmentForm) { + window.assessmentForm.clearForm(); + } +} diff --git a/templates/index.html b/templates/index.html new file mode 100644 index 0000000..7ac484e --- /dev/null +++ b/templates/index.html @@ -0,0 +1,925 @@ + + + + + + 夥伴對齊系統 - Partner Alignment System + + + + + + + + + + + + + + + +
    + +
    +
    +
    + +

    請先登入

    +

    您需要登入才能使用系統功能

    + +
    +
    +
    + + + + + + + + + + + + + + + +
    + + + + + +
    + +
    + + + + + + \ No newline at end of file