damir/pgz-sport
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
007825aceeab121fa91296684aabce7635fcd433
pgz-sport/HANDOFF_PGZ_SPORT_05may.md
T
Damir Radulic 28fa98d83f Master handoff document for next chat session
2026-05-05 01:54:19 +02:00

16 KiB
Raw Blame History

PGŽ SPORT INTELLIGENCE PLATFORM — MASTER HANDOFF

Data: 2026-05-05 02:15 CEST

Status: Predprezentacijska sprint, prezentacija županu jutros

🎯 MISIJA

Multi-tenant ERP/CRM platforma za PGŽ Odjel za sport + savezi + klubovi. Rok: danas ujutro prezentacija županu Lukanoviću. Cilj: pretvoriti prikaz podataka u operativni alat koji rješava 80% birokratskih poslova.

🏗 INFRASTRUKTURA

GPU server (jedini produkcijski)

  • Host: 144.76.68.5 (Hetzner GEX44, RTX 4000 Ada 20GB)
  • SSH: ssh -p 5852 root@144.76.68.5 (pwd 5852Dan1TR5852)
  • Bridge API: POST https://api.rinet.one/bridge/exec Header X-API-KEY: rinet-yS4ZnKlwUqsjk

Stack

  • PostgreSQL 18: 10.10.0.2:6432 / rinet_v3 / user rinet / pwd R1net2026!SecureDB#v7
  • Schema: pgz_sport.* (klubovi, savezi, clanovi, users, sys_audit, ...)
  • Service: systemctl restart pgz-sport (FastAPI port 8095)
  • Live URL: https://sport.rinet.one/
  • API base: /sport/api/... (nginx strip prefix → :8095)

Repo

  • Git: https://git.rinet.one/damir/pgz-sport (Gitea local)
  • Local dir: /opt/pgz-sport/ (HOME=/root, safe.directory=/opt/pgz-sport)
  • Branch: master
  • Auto-push: agenti rade git push gitea master nakon svakog commita

Sve URL-ove (svi rade 200)

URL Što
/ Public portal (sport2.html)
/login Login forma
/app Operativna aplikacija (po roli)
/admin Admin panel
/admin/users User management
/crm CRM workspace
/erp ERP (OCR, putni nalozi)
/audit Blockchain audit log
/kpi KPI dashboard
/static/* Static fileserve mount
/sport/api/* API endpoints

🤖 CC SWARM — 6 PARALELNIH AGENATA

Aktivne tmux sesije

cc1: a22bbe34-7801-4560-991b-219f77818711  Round 2+3B + orchestrator
cc2: c8cf6289-33d9-4195-97f5-834cf0844cf3  Auth, GDPR, multi-tenant
cc3: 3123d6b5-59fd-4864-a9d7-2fcca6e70f1c  Frontend, sidebar, dashboard
cc4: 69b5473b-4033-4872-b50c-94080e737d64  ERP, OCR, putni nalozi
cc5: a966a143-8821-4827-9cb5-9594477def9a  CRM, članarine, ZZJZ, obrasci
cc6: 9e120f23-a3e0-4580-b84f-704b87671037  Blockchain, enrichment, worker

Pokretanje CC u tmux

ssh -p 5852 root@144.76.68.5
tmux new-session -d -s ccN
tmux send-keys -t ccN:0 "su - claude" Enter
sleep 2
tmux send-keys -t ccN:0 "cd /opt/pgz-sport && unset ANTHROPIC_API_KEY && claude --resume UUID --dangerously-skip-permissions" Enter
sleep 5
tmux send-keys -t ccN:0 Enter   # confirm trust prompt

Monitoring

bash /opt/pgz-sport/swarm.sh tiled    # 6 panela u jednom prozoru
bash /opt/pgz-sport/swarm.sh status   # 1x snapshot
bash /opt/pgz-sport/swarm.sh git      # commit history
bash /opt/pgz-sport/swarm.sh ccN      # attach na specifični agent

Slanje zadataka — ČIST FORMAT

# Spremi task u /opt/pgz-sport/cc_tasks/sess_taskname.md (base64 + bridge)
# Pa pošalji CC da pročita i implementira:
tmux send-keys -t ccN:0 "Procitaj /opt/pgz-sport/cc_tasks/FILE.md i implementiraj sve. Backup deploy git commit. Radi autonomno do kraja." Enter
sleep 3
tmux send-keys -t ccN:0 Enter   # submit

⚠️ NIKAD ne stavljaj brackets () u inline prompt — bash puca s "syntax error". Uvijek koristi taskfile.

📂 KLJUČNI FAJLOVI

/opt/pgz-sport/
├── pgz_sport_api.py            # main FastAPI app (port 8095)
├── auth/auth_v2.py             # JWT auth + tenants + roles
├── routers/
│   ├── enrich_router.py        # /v2/enrich + /apply (M12)
│   ├── audit_seal_router.py    # /api/audit/seal Polygon
│   ├── audit_coverage_router.py
│   ├── ... (još)
├── workers/
│   ├── ocr_worker.py
│   ├── enrichment_worker.py    # 24/7 daemon (5min loop)
├── blockchain/seal.py          # Polygon PoS sealing
├── permissions.py              # can_edit_invoice, can_approve_putni_nalog
├── data/sport_federations.json # sport → savez map (HBS, HKS, HRS, ...)
├── static/
│   ├── sport2.html             # public portal (~144KB)
│   ├── login.html              # login forma
│   ├── app.html                # operativna app + Moj profil + GDPR
│   ├── admin.html
│   ├── admin_users.html        # user mgmt
│   ├── crm.html                # članarine + liječnički + obrasci
│   ├── erp.html                # OCR + putni nalozi + računi
│   ├── audit.html              # audit log
│   ├── kpi.html                # KPI dashboard
│   └── shared/
│       ├── sidebar.css         # zajednički sidebar styling
│       └── sidebar.js          # NAV_SECTIONS s href URLs
├── cc_tasks/                   # task fajlovi za CC agente
│   ├── round3_brief.md
│   ├── round3b_critical.md
│   ├── cc{1-6}_*.md            # per-agent prompt fajlovi
└── swarm.sh                    # tmux monitor script

🔐 KORISNICI

Email Lozinka Role Tenant Tier
damir@pgz.hr PGZ2026! pgz_admin Primorsko-goranska županija 0
tajnik@atletski.pgz.hr Atl2026! savez_admin Atletski savez PGŽ 1
admin@ak-kvarner.hr Kvarner2026! klub_admin AK Kvarner Rijeka 2

JWT login: POST /sport/api/auth/login → access_token + refresh_token + user object. Frontend sprema u localStorage.pgz_access (i pgz_refresh, pgz_user). getToken() u JS čita pgz_access (prvo localStorage pa sessionStorage).

🎨 SIDEBAR (shared/sidebar.js)

Sekcije (sve URL-ove BEZ /sport/ prefiksa!)

const SIDEBAR_SECTIONS = [
  {title:'PORTAL',     items: dashboard, savezi, klubovi, sportasi, manifestacije (svi /static/sport2.html#X)},
  {title:'OPERATIVA',  items: profil, kalendar, notif (/app#X)},
  {title:'CRM',        items: clanarine, lijecnicki, obrasci, dokumenti (/crm#X)},
  {title:'ERP',        items: racuni, putni, placanja, xlsx (/erp#X)},
  {title:'ANALITIKA',  items: kpi, financije, mreza, forenzika, audit},
  {title:'ADMIN',      requireRole: ['pgz_admin','super_admin'], items: korisnici, tenanti, sigurnost, sustav (/admin#X)}
];

Footer

  • Avatar + ime + role (klik otvara user menu)
  • Public portal link kad nije logiran

📊 STANJE BAZE (10.04.2026)

pgz_sport.savezi:        246 (16 sa scrape email)
pgz_sport.klubovi:      2244 (23 marked inactive non-PGŽ; 14 odbojkaških s adresom mjesto naziv — TREBA cleanup)
pgz_sport.clanovi:      3243 (sources: hbs_savez 844, manual 840, godisnjak_2025_HOO 703, hns_semafor 651)
pgz_sport.clan_sezona:   689 (78 athletes with seasonal stats)
pgz_sport.utakmice_log: 9267 (with club logos)
pgz_sport.clan_godisnjak: 2398
pgz_sport.sportski_objekti: 106 (sve geocoded)
pgz_sport.sufinanciranje_sport: 110
pgz_sport.dokumenti:    5692
pgz_sport.users:          11+ (3 demo + admins)
pgz_sport.sys_audit:      ? (audit log)
pgz_sport.lijecnicki_pregledi: ? (CC5)
pgz_sport.invoices, invoice_lines, putni_nalozi: ? (CC4)

Test case — SPORTAŠ JOSIP ZEC (id=449)

  • Klub: NK OŠK Omišalj
  • Stats: 257 nastupa, 182 gola, 75 žuti, 39 crveni, 15 sezona, 16 utakmica
  • Mora raditi GET /sport/api/sportas/449/profil

ŠTO RADI (testirano)

  • Login JWT flow (3 demo usera)
  • Sportaš profile panel (Josip Zec test 257/182/15)
  • Network 3D graph (react-force-graph-3d, kao app.rinet.one/klasik/control)
  • Forenzika scan (Velimir Liverić PEP)
  • Geocoding objekata (s OSM cross-check)
  • HUB-3 PDF + EPC QR za članarine
  • ZZJZ PGŽ scheduling integration
  • OCR + invoices CRUD (DeepSeek V3 sakriven kao "Ri.NET AI")
  • Putni nalozi + dnevnice (HR pravilnik 2025)
  • Polygon blockchain seal (wallet 0xD874345dcB17baBDfbFac9bD7838AdE0D4a5d368)
  • TOTP 2FA (setup + verify + disable)
  • Avatar upload (POST /sport/api/auth/me/avatar)
  • GDPR export endpoint (POST /sport/api/users/me/gdpr-export → JSON)
  • Sidebar shared (sidebar.css + sidebar.js)
  • 24/7 enrichment_worker daemon

⚠️ ŠTO NE RADI / TREBA POPRAVITI

P0 (kritični za prezentaciju)

  1. GDPR export gumb<button onclick="alert('...M10')"> placeholder, NE poziva API. JUST FIXED u 02:14gdprExport() funkcija dodana u app.html, treba verifikaciju u browseru.
  2. Audit pristupa — placeholder, JUST FIXED kao gdprAuditMy().
  3. Brisanje računa — placeholder, JUST FIXED kao profileDeleteAccount().
  4. Data cleanup — 14 odbojkaških klubova ima adresu kao naziv (id 2613, 2616, 2618, 2619, 2622, 2624, 2626, 2630, 2632, 2634, 2636, 2638, 2641, 2643). CC1 dodjeljen.
  5. Sport-aware enrichment — Marijan Alkić (boćanje) i dalje 25% coverage. CC6 task otvoren u /opt/pgz-sport/cc_tasks/cc6_sport_federations.md.

P1 (nice to have)

  1. Sidebar PORTAL group mora popuniti glavne sekcije sport2.html. Trenutno koristi /static/sport2.html#X. Možda elegantnije: /#X direktno na root.
  2. Avatar upload demo mode — kad nije logiran, sad alert "Niste prijavljeni"; CC2 treba dodati mock storage.
  3. app.html linija 1258 — broken onclick je obrisan; sad je samo info bez interaktivnosti za kalendar dane.
  4. Admin panel — treba real user management UI s edit modal.

📋 GIT COMMITS (kronološki)

ece556d M12.4: real HNS Semafor scraper for sportas + 24/7 enrichment worker
cb3faee CC3 R3 M4+: avatar upload, PUT /api/auth/me, /uploads mount
9c5116e M12.5 R4: enrichment coverage<70 picker + confidence>=0.7 gate
cf993b0 CC1 R4-A1+A2: audit log + stats endpoints + audit_log() helper
ca92717 CC1 R4-A3: wire audit_log() into enrich /apply
bd37734 CC2 R4 #6: real TOTP 2FA (setup + verify + disable + login flow)
a0db65f CC2 R4 #4: /api/users/me/gdpr-export alias
f5c6570 CC2 R4 #2+#5: removed legacy unauth /api/admin/users (security)
47c366d CC5 R3 UI: link iz app.html na /sport/crm workspace
84f1c41 M12.3: Playwright fallback scraper za JS-heavy federation sites
c8be132 M11.2: /api/audit/seal endpoints + Audit log UI page
8fe2478 CC2 R3 frontend: login.html + admin_users.html (M1+M2+M10 UI)
cef4d25 M12.2 UI: enrichment diff modal + apply button (sport2.html)
fbbe953 CC1 R3B-Mreža: autocomplete + 3D centar + forensic enrich
59a5373 CC3 R3 M3+M4: sport2 sidebar + app.html operativna aplikacija
b93ca9a M9 CRM Obrasci + ZZJZ booking detect + e-mail fallback
85fd51b M12.1: enrich v3 — preview + /apply persists to DB
21be7ff M6.1 Putni nalozi backend + obračun dnevnica
98f823b CC1 R3B-P4 — Forenzika scan radi
492c8fd M1+M2+M10 (CC2 R3): JWT auth + admin users + GDPR backend
c12a8e9 M8 CRM Liječnički pregledi + ZZJZ scheduling
64082d0 CC1 R3B-P3 — geocoding precision (Crikvenica + OSM)
382d35a CC1 R3B-P2 — Mreža 3D force graph
4ecd7fa CC1 R3B-P1 — sportaš panel klikabilnost
1bd34ed M7 CRM Članarine: CRUD + dug + uplata + HUB-3 PDF + EPC QR
834b7bf M5.1 OCR upload + parse + invoices CRUD
f19d70b M11.1: blockchain/seal.py — Polygon PoS sealing
b7cb050 CC1 R2 — full Round 2 done (8/8 stavki)
a7ec0a8 PGŽ Sport Platform — Round 1+2 baseline

🚀 PRIORITETI ZA SLJEDEĆI CHAT (po važnosti)

Apsolutni must-fix prije prezentacije

  1. Verify GDPR buttons rade u app.html nakon hard refresha
  2. Sport-aware enrichment za Marijana Alkića (boćanje → HBS scrape)
  3. Cleanup 14 odbojkaških klubova (CC1 task otvoren)
  4. Verify svaki link u sidebar-u radi (klikni svaki, provjeri 200)
  5. Avatar upload test — login → klikni avatar → upload jpg → vidi novu sliku

Nakon toga

  1. Bulk enrichment dashboard u /audit ili /kpi (CC6 task)
  2. Toast notifikacije za sve save akcije ("✓ Spremljeno X polja")
  3. Drill-down panels — verify svaki entitet ima klikabilne podatke
  4. OCR demo — upload primjer računa za INA gorivo, ekstrakcija polja
  5. Putni nalog flow — kreiraj → odobri (klub_admin) → isplati (pgz_admin) → vidjeti audit log

Nakon prezentacije

  1. GitHub mirror — repo trenutno samo na Gitea, treba GitHub token od Damira
  2. WebSocket notifikacije za real-time updates
  3. Mobile responsive — testirano je samo desktop
  4. i18n — sve labele su HR, dodati EN/IT kasnije
  5. Stripe integracija za online plaćanje članarina

💡 KLJUČNI UVIDI

  • Bridge API = lifeline za rad sa serverom. Sve curl-ove ide kroz https://api.rinet.one/bridge/exec s X-API-KEY: rinet-yS4ZnKlwUqsjk.
  • CC agenti tmux send-keys — uvijek Enter pa sleep 3 pa drugi Enter za submit.
  • CC NE radi kao root — treba su - claude prvo.
  • Auto-update CC fails — ignoriraj, ne smeta.
  • Static fileserve — FastAPI mount /static, pa dodatno wildcard rute za /login /app /admin /crm /erp /audit /kpi (vidi pgz_sport_api.py oko linije 1465-1535).
  • JWT token storage: login.html sprema kao pgz_access u localStorage (s "Zapamti me") ili sessionStorage. SVI ostali HTML moraju čitati pgz_access PRVO, pa fallback na jwt/access_token.
  • /sport/ prefiks BUG: CC3 je generirao linkove s /sport/static/, /sport/login itd. Tokom 02:00 fixed sve. Provjeravati u svakom novom commit-u.
  • Token mismatch: app.html, crm.html, erp.html — getToken() funkcije fixed da čitaju pgz_access.
  • Image escape u template literals — CC3 je generirao broken \\\\\\\\\\\\ escape u app.html line 1258 onclick alert. Fixed surgically (deletion).

🎬 DEMO FLOW (za župana)

  1. https://sport.rinet.one/ — public portal pokazuje transparentnost (savezi, klubovi, sportaši, financije, mreža 3D, forenzika)
  2. Klikni Josip Zec → 257/182/15 stats, sezone, utakmice
  3. Mreža → 3D graf, search po imenu, klik na node
  4. Forenzika → Velimir Liverić PEP profil, sukob interesa
  5. /logindamir@pgz.hr → /app PGŽ admin dashboard
  6. Moj profil → uploada slike, GDPR export, audit pregled
  7. /admin → upravljanje korisnicima, kreiraj savez admina
  8. Logout, login kao klub_admin → drugi pogled
  9. /erp → upload račun za gorivo (OCR demo), kreiraj putni nalog
  10. /crm → generiraj HUB-3 uplatnicu članarine, pošalji opomenu
  11. /audit → blockchain seal log s polygonscan.com linkovima
  12. Obogati klub Kvarner 2010 → vidi web/email/telefon dohvaćene s weba

🔧 BRZI POPRAVCI POVIJESNO (fixevi koje sam radio direktno)

Vrijeme Fix
23:00 sport2.html broken triple quotes
23:30 openSavez/searchNetwork undefined
00:00 Login redirect /sport/static/admin_users.html → /app
00:15 Audit.html missing → kreiran
00:30 Static routes /login /app /admin /crm /erp /audit /kpi
01:00 Service crashed → restart, dodano timeouts
01:30 /sport/static/ prefiks bug u svim HTML
02:00 app.html line 1258 broken JS escape (deletion)
02:00 navTo function missing
02:00 Token mismatch: pgz_access vs jwt
02:10 sidebar.js URLs /sport/X → /X
02:14 GDPR buttons placeholder alert → real funkcije

📝 KAKO POKRENUTI NOVI CHAT

Otvori novi chat s Claude i napiši:

Continuing rad na PGŽ Sport platforme. Pročitaj kompletni handoff:
/opt/pgz-sport/HANDOFF_PGZ_SPORT_05may.md

Pristup serveru: bridge API https://api.rinet.one/bridge/exec s X-API-KEY: rinet-yS4ZnKlwUqsjk

Live: https://sport.rinet.one/
Repo: https://git.rinet.one/damir/pgz-sport
6 CC agenata aktivno (cc1-cc6 tmux), monitoring: bash /opt/pgz-sport/swarm.sh tiled

Nastavi gdje smo stali — provjeri swarm status, što agenti trenutno rade, 
i bake-mi prioritete iz "P0" sekcije handoff-a.

👤 DAMIR — kontekst

  • Damir Radulić, OIB 11222984583, dradulic@outlook.com / damir@rinet.one
  • Osnivač Ri.NET. Tehnički suosnivač = Claude (brutalno iskren, ne yes-man).
  • Stil: House+Nicholson, kratko oštro, na hrvatskom.
  • Šatrovački pravilo: "kužiš → žišku".
  • Coding: bez artefakata, bash s cat/sed/EOF, headeri u svim fajlovima.
  • DABI brand iz nećaka Jana koji ga zove "Dabi".

TO JE TO. Ovo je SPRINT do prezentacije. CC swarm radi 24/7. Damir se ne može priuštiti spavanje. Sutra ujutro sve mora raditi.

Reference in New Issue View Git Blame Copy Permalink