Kitos
9b98f60a9a
Some checks failed
Aegis CI / lint-and-test (push) Has been cancelled
Full Jira/Tempo pipeline: link Aegis entities to Jira issues, auto-sync
status hourly, log time internally with integrity hashing, and optionally
push worklogs to Tempo.
- 1.1 JiraLink model + Worklog model: Alembic migration b020 with indexes,
enums (jiralinkentitytype, jirasyncdirection), and integrity_hash column
- 1.2 Jira service: atlassian-python-api wrapper with lazy singleton client,
search/create/sync operations, feature-flagged via JIRA_ENABLED
- 1.3 Jira router: CRUD endpoints for /jira/links, /jira/search,
/jira/create-issue with audit logging and entity-to-issue auto-creation
- 1.4 Tempo service: worklog push via tempo-api-python-client, auto-log from
test completions when TEMPO_ENABLED, graceful fallback on failure
- 1.5 Worklog service + router: immutable internal time records with SHA-256
integrity hash, CRUD at /worklogs, /worklogs/{id}/verify endpoint
- 1.6 Frontend: JiraLinkPanel component (search, link, sync, unlink) and
WorklogTimeline component (timeline view, manual log form) integrated into
TestDetailPage sidebar, CampaignDetailPage grid, TechniqueDetailPage
- 1.7 Jira sync job: APScheduler hourly job syncs all links from Jira,
registered in background scheduler alongside existing jobs
76 lines
2.0 KiB
Python
76 lines
2.0 KiB
Python
"""Internal worklog service — CRUD with integrity hashing."""
|
|
|
|
import hashlib
|
|
import logging
|
|
from datetime import datetime
|
|
from typing import Optional
|
|
from uuid import UUID
|
|
|
|
from sqlalchemy.orm import Session
|
|
|
|
from app.models.worklog import Worklog
|
|
|
|
logger = logging.getLogger(__name__)
|
|
|
|
|
|
def create_worklog(
|
|
db: Session,
|
|
*,
|
|
entity_type: str,
|
|
entity_id: UUID,
|
|
user_id: UUID,
|
|
activity_type: str,
|
|
started_at: datetime,
|
|
duration_seconds: int,
|
|
ended_at: Optional[datetime] = None,
|
|
description: Optional[str] = None,
|
|
) -> Worklog:
|
|
"""Create a worklog with an auto-computed integrity hash."""
|
|
wl = Worklog(
|
|
entity_type=entity_type,
|
|
entity_id=entity_id,
|
|
user_id=user_id,
|
|
activity_type=activity_type,
|
|
started_at=started_at,
|
|
ended_at=ended_at,
|
|
duration_seconds=duration_seconds,
|
|
description=description,
|
|
)
|
|
wl.integrity_hash = _compute_hash(wl)
|
|
db.add(wl)
|
|
db.commit()
|
|
db.refresh(wl)
|
|
return wl
|
|
|
|
|
|
def list_worklogs(
|
|
db: Session,
|
|
*,
|
|
entity_type: Optional[str] = None,
|
|
entity_id: Optional[UUID] = None,
|
|
user_id: Optional[UUID] = None,
|
|
) -> list[Worklog]:
|
|
"""List worklogs with optional filters."""
|
|
query = db.query(Worklog)
|
|
if entity_type:
|
|
query = query.filter(Worklog.entity_type == entity_type)
|
|
if entity_id:
|
|
query = query.filter(Worklog.entity_id == entity_id)
|
|
if user_id:
|
|
query = query.filter(Worklog.user_id == user_id)
|
|
return query.order_by(Worklog.started_at.desc()).all()
|
|
|
|
|
|
def verify_worklog_integrity(wl: Worklog) -> bool:
|
|
"""Return True if the worklog has not been tampered with."""
|
|
return wl.integrity_hash == _compute_hash(wl)
|
|
|
|
|
|
def _compute_hash(wl: Worklog) -> str:
|
|
"""SHA-256 of the immutable fields for audit integrity."""
|
|
data = (
|
|
f"{wl.entity_type}:{wl.entity_id}:{wl.user_id}:"
|
|
f"{wl.activity_type}:{wl.started_at}:{wl.duration_seconds}"
|
|
)
|
|
return hashlib.sha256(data.encode()).hexdigest()
|