ApiLogicServer 15.2.0__py3-none-any.whl → 15.2.7__py3-none-any.whl

api_logic_server_cli/api_logic_server.py

@@ -12,10 +12,11 @@ ApiLogicServer CLI: given a database url, create [and run] customizable ApiLogic
 Called from api_logic_server_cli.py, by instantiating the ProjectRun object.
 '''
 
-__version__ = "15.02.00"  # last public release: 15.01.03
+__version__ = "15.02.07"  # last public release: 15.02.03
 recent_changes = \
     f'\n\nRecent Changes:\n' +\
-    "\t10/21/2025 - 15.02.00: Copilot test creation from rules and custom APIs \n"\
+    "\t10/26/2025 - 15.02.07: Clarify order created for ship test, security fixes [105], tutor 2.1 \n"\
+    "\t10/22/2025 - 15.02.03: Copilot test creation from rules and custom APIs with issues [103, 104] \n"\
     "\t10/06/2025 - 15.01.06: Incorrect dbml reln arrows [102] \n"\
     "\t09/27/2025 - 15.01.05: Error reporting for bad test data rebuild [101], Minor fix to ensure react-app cards have links \n"\
     "\t08/17/2025 - 15.01.03: LogicBan 01.30, with fix for copy_children[19] \n"\

api_logic_server_cli/prototypes/base/.github/.copilot-instructions.md

@@ -1,11 +1,54 @@
+---
+title: Copilot Instructions for GenAI-Logic Projects
+Description: Project-level instructions for working with generated projects
+Source: ApiLogicServer-src/prototypes/base/.github/.copilot-instructions.md
+Propagation: CLI create command → created projects (non-basic_demo)
+Usage: AI assistants read this when user opens any created project
+version: 2.1
+changelog:
+  - 2.1 (Oct 2025) - Streamlined OBX for non-tutorial projects, friendly collaborative tone
+  - 2.0 (Oct 2025) - Added front matter, updated for OBX improvements
+  - 1.0 (Initial) - Comprehensive technical reference
+---
 
+# GitHub Copilot Instructions for GenAI-Logic (aka API Logic Server) Projects
 
+⚠️ **IMPORTANT FOR AI ASSISTANTS**: When user first opens this project or asks you to read instructions, present the Welcome section below directly to the user. Do not explain that you're following instructions - just present the welcome message naturally. The technical reference sections after the welcome are for later consultation only.
 
-# GitHub Copilot Instructions for GenAI-Logic (aka API Logic Server) Projects
+---
+
+## Welcome
+
+**Welcome! I'm here to help with your GenAI-Logic project.**
+
+This is a complete, working microservice auto-generated from your database schema.
+
+**What's already built:**
+- **Admin Web Application** - Live at `http://localhost:5656`
+- **REST API Endpoints** - All database tables exposed at `/api/*`
+- **Database Models** - Complete SQLAlchemy ORM in `database/models.py`
+- **Authentication System** - JWT-based auth framework
+- **Business Logic Engine** - Declarative rules system
+
+---
+
+**Here are some things I can help you with:**
+
+1. **Add business logic** - Describe your requirements in natural language, I'll generate declarative rules
+2. **Customize the API** - Add custom endpoints for your specific needs
+3. **Create custom UIs** - Build React apps with `genai-logic genai-add-app --vibe`
+4. **Add security** - Set up role-based access control with `genai-logic add-auth`
+5. **Test your logic** - Create Behave tests with requirements traceability
+6. **Configure Admin UI** - Customize the auto-generated admin interface
+7. **Add MCP integration** - Enable Model Context Protocol for external AI access
+8. **Create B2B APIs** - Complex integration endpoints with partner systems
+9. **Add events** - Integrate with Kafka, webhooks, or other event systems
+10. **Customize models** - Add tables, attributes, or derived fields
+11. **Discovery systems** - Auto-load logic and APIs from discovery folders
 
-## Project Type: Auto-Generated Microservice
+Want to get started? Press **F5** to start the server with debugger support, then open `http://localhost:5656`. (There are also run configurations for running tests and other tasks.) Or just ask me what you'd like to work on.
 
-This is a **GenAI-Logic (aka API Logic Server) project** - a complete, working microservice - auto-generated from a database schema.
+---
 
 ## 🔑 Key Technical Points
 
@@ -26,32 +69,15 @@ This is a **GenAI-Logic (aka API Logic Server) project** - a complete, working m
 
 3. **Automatic Business Logic**: All APIs (standard and custom) automatically inherit LogicBank rules without additional code.
 
-## ⚠️ IMPORTANT: What's Already Built
+4. **CLI Commands**: Use `genai-logic --help` to see all available commands. When CLI commands exist for a task (e.g., `add-auth`, `genai-add-mcp-client`, `genai-add-app`), ALWAYS use them instead of manual configuration - they handle all setup correctly.
 
-**DO NOT recreate these - they're already working:**
+> **📋 Testing:** For comprehensive testing conventions, patterns, and examples, see `docs/training/testing.md` (555 lines - I'll read this before we create any tests)
 
-1. **Admin Web Application** - Live at `http://localhost:5656`
-2. **REST API Endpoints** - All database tables exposed at `/api/*`
-3. **Database Models** - Complete SQLAlchemy ORM in `database/models.py`
-4. **Authentication System** - JWT-based auth framework
-5. **Business Logic Engine** - Declarative rules system
+---
 
-> **📋 Testing:** For comprehensive testing conventions, patterns, and examples, see `docs/training/testing.md` (555 lines - MUST READ FIRST before creating any tests)
+## Detailed Service Documentation
 
-## 🎯 Common Tasks
-
-If the user asks "what do I do now?", these subsections are good suggestions.
-
-List these as choices, do not just do all of them at once - that would be overwhelming.
-
-### Set Up Virtual Environment
-If it is not already set, you can often find a `venv` in the GenAI-Logic Manager - a parent or grandparent directory.
-
-### 🚀 To Run This Project
-
-Use F5 (pre-configured run configuration - supports debugger for server logic), or (when focused on client apps):
-
-```bash
+The sections below provide complete details on each service. I'll reference these as needed when we work together.
 python api_logic_server_run.py
 # Then open: http://localhost:5656
 ```
@@ -395,20 +421,20 @@ Customize using CoPilot chat, with `docs/training`.
 
 Configure:
 ```
-als add-auth --provider-type=sql --db-url=
-als add-auth --provider-type=sql --db_url=postgresql://postgres:p@localhost/authdb
+genai-logic add-auth --provider-type=sql --db-url=
+genai-logic add-auth --provider-type=sql --db_url=postgresql://postgres:p@localhost/authdb
 
-als add-auth --provider-type=keycloak --db-url=localhost
-als add-auth --provider-type=keycloak --db-url=hardened
+genai-logic add-auth --provider-type=keycloak --db-url=localhost
+genai-logic add-auth --provider-type=keycloak --db-url=hardened
 
-als add-auth --provider-type=None # to disable
+genai-logic add-auth --provider-type=None # to disable
 ``` 
 
 Keycloak quick start [(more information here:)](https://apilogicserver.github.io/Docs/Security-Keycloak/)
 ```bash
 cd devops/keycloak
 docker compose up
-als add-auth --provider-type=keycloak --db-url=localhost
+genai-logic add-auth --provider-type=keycloak --db-url=localhost
 ```
 
 For more on KeyCloak: https://apilogicserver.github.io/Docs/Security-Keycloak/
@@ -419,6 +445,64 @@ Declaration:
 Grant(on_entity=Customer, to_role=sales, filter=lambda: Customer.SalesRep == current_user())
 ```
 
+
+#### Testing with Security Enabled
+
+**CRITICAL:** When `SECURITY_ENABLED=True`, test code must obtain and include JWT authentication tokens.
+
+**Pattern for test steps:**
+```python
+from pathlib import Path
+import os
+from dotenv import load_dotenv
+
+# Load config to check SECURITY_ENABLED
+config_path = Path(__file__).parent.parent.parent.parent.parent / 'config' / 'default.env'
+load_dotenv(config_path)
+
+# Cache for auth token (obtained once per test session)
+_auth_token = None
+
+def get_auth_token():
+    """Login and get JWT token if security is enabled"""
+    global _auth_token
+    
+    if _auth_token is not None:
+        return _auth_token
+    
+    # Login with default admin credentials
+    login_url = f'{BASE_URL}/api/auth/login'
+    login_data = {'username': 'admin', 'password': 'p'}
+    
+    response = requests.post(login_url, json=login_data)
+    if response.status_code == 200:
+        _auth_token = response.json().get('access_token')
+        return _auth_token
+    else:
+        raise Exception(f"Login failed: {response.status_code}")
+
+def get_headers():
+    """Get headers including auth token if security is enabled"""
+    security_enabled = os.getenv('SECURITY_ENABLED', 'false').lower() not in ['false', 'no']
+    
+    headers = {'Content-Type': 'application/json'}
+    
+    if security_enabled:
+        token = get_auth_token()
+        if token:
+            headers['Authorization'] = f'Bearer {token}'
+    
+    return headers
+
+# Use in all API requests
+response = requests.post(url=api_url, json=data, headers=get_headers())
+```
+
+**Key points:**
+- Tests DO NOT automatically include auth headers - you must code this pattern
+- Token is cached to avoid repeated logins during test session
+- Pattern works for both `SECURITY_ENABLED=True` and `SECURITY_ENABLED=False`
+- See `test/api_logic_server_behave/features/steps/order_processing_steps.py` for complete example
 ### Adding Custom API Endpoints
 
 For simple endpoints:

api_logic_server_cli/prototypes/base/docs/training/testing.md

@@ -25,10 +25,16 @@ Step 5.  SUGGEST how to run tests (DO NOT run automatically)
 
 **CRITICAL PRE-TEST CHECKLIST:**
 - [ ] Step 1c completed? (Custom APIs discovered)
+- [ ] **Database values verified?** (Rule #10: Run SQL to check actual prices/flags)
+  - [ ] `sqlite3 db.sqlite "SELECT name, unit_price, carbon_neutral FROM product;"`
+  - [ ] Don't assume product attributes - verify BEFORE writing expectations!
 - [ ] **Step ordering verified?** (Most specific → Most general)
   - [ ] @when patterns: carbon neutral > multi-item > single-item
   - [ ] @given patterns: multi-item > single-item
   - [ ] Use `grep -n "@when('.*with" steps/*.py` to verify order
+- [ ] **Clear scenario language?** (Rule #13: Action-oriented wording)
+  - [ ] Use "Order is created" not "Order exists" (shows when rules fire)
+  - [ ] Makes test flow obvious: setup → action → verify
 - [ ] Test data uses timestamps? (Rule #0: Repeatability)
 - [ ] Security config read? (SECURITY_ENABLED value)
 
@@ -164,7 +170,7 @@ def step_impl(context, qty):
     r = requests.patch(url=patch_uri, json=patch_data)
 ```
 
-## The 6 Critical Rules (Read FIRST!)
+## The Critical Rules (Read FIRST!)
 
 ### Rule #0: TEST REPEATABILITY (MOST CRITICAL!) ⚠️
 
@@ -383,18 +389,65 @@ Scenario: Exceed Credit (Constraint FAIL - negative test)
 
 **CRITICAL:** Check `logic/declare_logic.py` for custom Python logic affecting calculations (e.g., discounts, adjustments) before writing constraint test expectations!
 
-### Rule #5: Security Configuration
+### Rule #5: Security Configuration - JWT Authentication
+
+**CRITICAL:** When `SECURITY_ENABLED=True`, tests MUST obtain JWT token and include Authorization header.
+
 ```python
-# Read config/default.env FIRST
-SECURITY_ENABLED = False  # or True
+from pathlib import Path
+import os
+from dotenv import load_dotenv
 
-# Match in test code
-if SECURITY_ENABLED == False:
-    headers = {}  # Empty
-else:
-    headers = test_utils.login()
+# Load config to check SECURITY_ENABLED
+config_path = Path(__file__).parent.parent.parent.parent.parent / 'config' / 'default.env'
+load_dotenv(config_path)
+
+# Cache for auth token (obtained once per test session)
+_auth_token = None
+
+def get_auth_token():
+    """Login and get JWT token if security is enabled"""
+    global _auth_token
+    
+    if _auth_token is not None:
+        return _auth_token
+    
+    # Login with default admin credentials
+    login_url = f'{BASE_URL}/api/auth/login'
+    login_data = {'username': 'admin', 'password': 'p'}
+    
+    response = requests.post(login_url, json=login_data)
+    if response.status_code == 200:
+        _auth_token = response.json().get('access_token')
+        return _auth_token
+    else:
+        raise Exception(f"Login failed: {response.status_code}")
+
+def get_headers():
+    """Get headers including auth token if security is enabled"""
+    security_enabled = os.getenv('SECURITY_ENABLED', 'false').lower() not in ['false', 'no']
+    
+    headers = {'Content-Type': 'application/json'}
+    
+    if security_enabled:
+        token = get_auth_token()
+        if token:
+            headers['Authorization'] = f'Bearer {token}'
+    
+    return headers
+
+# Use in ALL API requests
+response = requests.post(url=api_url, json=data, headers=get_headers())
+response = requests.get(url=api_url, headers=get_headers())
+response = requests.patch(url=api_url, json=data, headers=get_headers())
 ```
 
+**Key Points:**
+- Tests DO NOT automatically include auth - you must code the pattern above
+- Token is cached globally to avoid repeated login calls
+- Works for both `SECURITY_ENABLED=True` and `SECURITY_ENABLED=False`
+- See complete example: `test/api_logic_server_behave/features/steps/order_processing_steps.py`
+
 ### Rule #6: Logic Logging
 ```python
 @when('Good Order Placed')
@@ -470,19 +523,28 @@ Rule.sum(derive=Customer.balance, as_sum_of=Order.amount_total,
 ```python
 # ALWAYS check actual product prices/flags before writing test expectations!
 
-# Check prices:
-# sqlite3 db.sqlite "SELECT name, unit_price, carbon_neutral FROM Product;"
+# Check prices AND flags:
+# sqlite3 db.sqlite "SELECT name, unit_price, carbon_neutral FROM product;"
 
-# Widget=90, Gadget=150, Green=109
+# Results:
+# 1|Gadget|150|1        ← carbon_neutral = 1 (TRUE)
+# 2|Widget|90|          ← carbon_neutral = NULL (not carbon neutral!)
+# 3|Thingamajig|5075|
+# 4|Doodad|110|
+# 5|Green|109|1         ← carbon_neutral = 1 (TRUE)
 
-# ❌ WRONG - Assumed Widget=$100
-# Expected: 10 * 100 = 1000
+# ❌ WRONG - Assumed Widget is carbon neutral
+# Scenario: Carbon Neutral Discount
+#   When B2B order placed with 10 carbon neutral Widget
+#   Then balance should be 810  # Expected 10 * 90 * 0.9 = 810
+# FAILS: Widget is NOT carbon neutral → no discount → balance = 900
 
-# ✅ CORRECT - Verified Widget=$90  
-# Expected: 10 * 90 = 900
+# ✅ CORRECT - Verified Gadget IS carbon neutral (flag = 1)
+# Scenario: Carbon Neutral Discount
+#   When B2B order placed with 10 carbon neutral Gadget
+#   Then balance should be 1350  # Correct: 10 * 150 * 0.9 = 1350
 
-# For carbon neutral discount (10% off when qty >= 10):
-# Expected: 10 * 90 * 0.9 = 810
+# CRITICAL: Don't assume product attributes - VERIFY with SQL first!
 ```
 
 ### Rule #11: Step Definitions Must Match Feature Files ⚠️ NEW
@@ -523,6 +585,40 @@ def step_impl(context):
         return  # Skip gracefully
 ```
 
+### Rule #13: Use Clear, Action-Oriented Scenario Language ⚠️ NEW
+```gherkin
+# ❌ AMBIGUOUS - "exists" is passive, doesn't show when balance changes
+Scenario: Ship Order Excludes from Balance
+  Given Customer "Charlie" with balance 0 and credit limit 2000
+  And Order exists for "Charlie" with 2 Widget
+  When Order is shipped
+  Then Customer balance should be 0
+
+# Question: How can Charlie have balance 0 AND an order for widgets?
+# Answer: The order EXISTS at test start, but balance calculation is unclear
+
+# ✅ CLEAR - "is created" shows action that triggers rule
+Scenario: Ship Order Excludes from Balance
+  Given Customer "Charlie" with balance 0 and credit limit 2000
+  And Order is created for "Charlie" with 2 Widget  # Action! Balance becomes 180
+  When Order is shipped                              # Action! Balance drops to 0
+  Then Customer balance should be 0                  # Verification
+
+# Now it's obvious:
+# 1. Customer starts with balance 0
+# 2. Creating unshipped order → rule fires → balance becomes 180
+# 3. Shipping order → WHERE clause excludes it → balance drops to 0
+
+# More examples:
+# ❌ "And Shipped order exists for..."
+# ✅ "And Shipped order is created for..."
+
+# Why this matters:
+# - Shows WHEN rules fire (on creation, not just existence)
+# - Makes test flow obvious (setup → action → verify)
+# - Clarifies that declarative rules execute automatically on changes
+```
+
 ## Complete Phase 2 Example
 
 ### .feature File
@@ -619,6 +715,8 @@ def step_impl(context, expected):
 | **"balance: expected 570, got 0.0"** | **Step ordering issue (Rule #0.5)! Multi-item pattern after single-item** |
 | **"context has no attribute 'item_id'"** | **Step ordering issue! Specific pattern defined after general pattern** |
 | "Order created but no items" | Check if wrong step matched (print debug in step) |
+| **"expected 810, got 900"** (carbon neutral) | **Rule #10: Verify actual database values! Check product flags with SQL first** |
+| **"How can balance be 0 with an order?"** | **Rule #13: Use "is created" not "exists" - shows when rules fire** |
 
 ### Debugging Step Ordering Issues
 

api_logic_server_cli/prototypes/base/test/api_logic_server_behave/behave_logic_report.py

@@ -95,14 +95,43 @@ def show_logic(scenario: str, logic_logs_dir: str):
         last_rules_start = -1
         last_rules_end = -1
         
-        # First, find the LAST "These Rules Fired" section
-        for i, each_logic_line in enumerate(logic_lines):
-            if "These Rules Fired" in each_logic_line:
-                last_rules_start = i + 1  # Start collecting from next line
-                last_rules_end = -1  # Reset end marker to find the next COMPLETE
-            elif last_rules_start > 0 and last_rules_end == -1:
-                if 'Logic Phase:' in each_logic_line and 'COMPLETE' in each_logic_line:
-                    last_rules_end = i
+        # Find ALL "These Rules Fired" sections and choose the one with the most rules
+        rules_sections = []
+        i = 0
+        while i < len(logic_lines):
+            if "These Rules Fired" in logic_lines[i]:
+                start_pos = i + 1
+                # Find the end of this rules section
+                end_pos = start_pos
+                while end_pos < len(logic_lines):
+                    if 'Logic Phase:' in logic_lines[end_pos] and 'COMPLETE' in logic_lines[end_pos]:
+                        break
+                    end_pos += 1
+                
+                # Count non-empty rule lines in this section (after removing trailers)
+                rule_count = 0
+                for j in range(start_pos, end_pos):
+                    line = remove_trailer(logic_lines[j]).strip()
+                    if line and not line.startswith('Logic Phase:'):
+                        rule_count += 1
+                
+                rules_sections.append({
+                    'start': start_pos,
+                    'end': end_pos,
+                    'rule_count': rule_count
+                })
+                i = end_pos
+            else:
+                i += 1
+        
+        # Choose the section with the most rules
+        if rules_sections:
+            best_section = max(rules_sections, key=lambda x: x['rule_count'])
+            last_rules_start = best_section['start']
+            last_rules_end = best_section['end']
+        else:
+            last_rules_start = -1
+            last_rules_end = -1
                     
         # Now process the file, collecting logic log and extracting the last rules section
         for i, each_logic_line in enumerate(logic_lines):
@@ -182,36 +211,27 @@ def main(behave_log: str, scenario_logs: str, wiki: str, prepend_wiki: str):
 
     just_saw_then = False
     current_scenario = ""
+    previous_scenario = ""
     for each_line in contents:
-        # Show logic when we hit a blank line after assertions OR when starting a new scenario
-        if just_saw_then and (each_line == "\n" or each_line.startswith("  Scenario")):
+        if just_saw_then and each_line == "\n":
             show_logic(scenario=current_scenario, logic_logs_dir=scenario_logs)
             just_saw_then = False
-            
+            previous_scenario = ""
         if each_line.startswith("Feature"):
             wiki_data.append("&nbsp;")
             wiki_data.append("&nbsp;")
             each_line = "## " + each_line
-            
         if each_line.startswith("  Scenario"):
-            # Extract scenario name for logic lookup
-            current_scenario = each_line.strip().replace("Scenario: ", "").replace("  ", " ").strip()
-            wiki_data.append("&nbsp;")
-            wiki_data.append("&nbsp;")
-            wiki_data.append("### " + each_line[2:])  # Add scenario header
+            # Before starting new scenario, show logic for previous one if we saw Then
+            if just_saw_then and previous_scenario:
+                show_logic(scenario=previous_scenario, logic_logs_dir=scenario_logs)
+            just_saw_then = False
             each_line = tab + each_line
-            
         if each_line.startswith("    Given") or \
                 each_line.startswith("    When") or \
-                each_line.startswith("    Then") or \
-                each_line.startswith("    And"):
-            if each_line.startswith("    Then") or each_line.startswith("    And"):
+                each_line.startswith("    Then"):
+            if each_line.startswith("    Then"):
                 just_saw_then = True
-            # Add subtle formatting to keywords
-            for keyword in ["Given", "When", "Then", "And"]:
-                if f"    {keyword} " in each_line:
-                    each_line = each_line.replace(f"    {keyword} ", f"    **{keyword}** ")
-                    break
             each_line = tab + tab + each_line
 
         each_line = each_line[:-1]
@@ -219,13 +239,19 @@ def main(behave_log: str, scenario_logs: str, wiki: str, prepend_wiki: str):
         if debug_loc > 0:
             each_line = each_line[0 : debug_loc]
         each_line = each_line.rstrip()
+        if "Scenario" in each_line:
+            current_scenario = each_line[18:]
+            previous_scenario = current_scenario
+            wiki_data.append("&nbsp;")
+            wiki_data.append("&nbsp;")
+            wiki_data.append("### " + each_line[8:])
 
         each_line = each_line + "  "  # wiki for "new line"
         
         wiki_data.append(each_line)
-
-    # Show logic for the last scenario
-    if current_scenario and just_saw_then:
+    
+    # Show logic for the last scenario if we saw Then
+    if just_saw_then and current_scenario:
         show_logic(scenario=current_scenario, logic_logs_dir=scenario_logs)
 
     with open(wiki, 'w') as rpt: