feat(core): implement multi-tenant architecture and roadmap foundation#89
Merged
CFBruna merged 53 commits intov2/monorepo-migrationfrom Mar 4, 2026
Merged
feat(core): implement multi-tenant architecture and roadmap foundation#89CFBruna merged 53 commits intov2/monorepo-migrationfrom
CFBruna merged 53 commits intov2/monorepo-migrationfrom
Conversation
… entity components
…h dynamic search fallback
…to prevent 500 error on create
…ess expansion, delete dialogs, and robust maps URL generator
… delete ProtectedError
…for Clinics and Rooms
…t/delete icons, delete confirmation, and safe destroy on backend
…issing viewset import
…ld into EmployeeFormModal
… hours (en, pt-BR, es)
- Audited pet_service, breed_service, clinic_service, customer_service, and audit_service - Enforced @transaction.atomic decorator on all create, update, and delete methods - Verified no direct ORM access in views Closes #PHASE-0.1.1
- Replaced `(0).toFixed(2)` with safe string placeholder - Refactored `new Date().toISOString()` into `getISODate()` and `getISODateTime()` in `utils/format.ts` - Removed direct `Intl` instantiation from components - Replaced hardcoded date strings in filters and API params Closes #PHASE-0.1.2
- Wrapped backend `ValueError` exceptions in `django.utils.translation.gettext_lazy`
- Replaced frontend static placeholders ("SKU", "EAN-13", "Ex:") with `react-i18next` `t()` calls
- ROADMAP and task list completely marked for Phase 0.1.3
Closes #PHASE-0.1.3
Closes #SUB-PHASE-0.1
- Multi-tenant: Clinic model, TenantMiddleware, TenantManager - Security: validate user-clinic ownership in middleware - All core models now tenant-aware BREAKING CHANGE: All models require clinic FK Closes #PHASE-0.2 Closes #PHASE-0
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
What Changed
Clinicmodel as the tenant isolation core acrossaccounts,ai,core,financial,health,pets,schedule, andstoremodels.ClinicContextMiddlewareandTenantManagercontext injections to securely scope database queries based on the active session's clinic.ruffcode formatting, unused import cleanup and backend security checks (bandit/mypy).Why
This implements "Phase 0 — Foundation Hardening" of the new operational roadmap. A true multi-tenant setup (rather than
.envconfigurations) allows multiple clinics/branches to exist in identical databases without overlap or accidental bleed. This aligns with our efforts to turn PetCare into a massive enterprise-grade system.How to Test
uv run pytest src/apps/core/tests/test_tenant_middleware.py: Tests if a clinic injection correctly parses incoming user or header attributes.python manage.py shellto attempt searching across another clinic context; you should receive only your own tenant's specific assets automatically viaTenantManager.uv run ruff check .for pipeline sanity.Checklist
uv run pytestpasses