karaoke-gen 0.96.0__py3-none-any.whl → 0.101.0__py3-none-any.whl

backend/services/tenant_service.py

@@ -0,0 +1,285 @@
+"""
+Tenant service for managing white-label B2B portal configurations.
+
+Tenant configs are stored in GCS at tenants/{tenant_id}/config.json.
+The service provides:
+- Tenant config loading with caching
+- Subdomain to tenant ID resolution
+- Tenant validation
+
+Similar to ThemeService, configs are cached for 5 minutes to reduce GCS reads.
+"""
+
+import logging
+import threading
+from datetime import datetime
+from typing import Dict, Optional
+
+from backend.models.tenant import TenantConfig, TenantPublicConfig
+from backend.services.storage_service import StorageService
+
+logger = logging.getLogger(__name__)
+
+# GCS paths for tenant configs
+TENANTS_PREFIX = "tenants"
+
+# Default sender email (shared with EmailService for consistency)
+DEFAULT_SENDER_EMAIL = "gen@nomadkaraoke.com"
+
+
+class TenantService:
+    """Service for managing tenant configurations from GCS."""
+
+    def __init__(self, storage: Optional[StorageService] = None):
+        """
+        Initialize the tenant service.
+
+        Args:
+            storage: StorageService instance (creates new one if not provided)
+        """
+        self.storage = storage or StorageService()
+        self._config_cache: Dict[str, TenantConfig] = {}
+        self._cache_times: Dict[str, datetime] = {}
+        self._subdomain_map: Dict[str, str] = {}  # subdomain -> tenant_id
+        self._subdomain_map_time: Optional[datetime] = None
+        self.CACHE_TTL_SECONDS = 300  # 5 minute cache
+
+    def _get_config_path(self, tenant_id: str) -> str:
+        """Get the GCS path for a tenant's config file."""
+        return f"{TENANTS_PREFIX}/{tenant_id}/config.json"
+
+    def _is_cache_valid(self, tenant_id: str) -> bool:
+        """Check if the config cache for a tenant is still valid."""
+        if tenant_id not in self._config_cache or tenant_id not in self._cache_times:
+            return False
+        age = datetime.now() - self._cache_times[tenant_id]
+        return age.total_seconds() < self.CACHE_TTL_SECONDS
+
+    def _is_subdomain_map_valid(self) -> bool:
+        """Check if the subdomain map cache is still valid."""
+        if not self._subdomain_map or self._subdomain_map_time is None:
+            return False
+        age = datetime.now() - self._subdomain_map_time
+        return age.total_seconds() < self.CACHE_TTL_SECONDS
+
+    def get_tenant_config(
+        self, tenant_id: str, force_refresh: bool = False
+    ) -> Optional[TenantConfig]:
+        """
+        Load tenant configuration from GCS with caching.
+
+        Args:
+            tenant_id: The tenant identifier
+            force_refresh: Force reload from GCS even if cache is valid
+
+        Returns:
+            TenantConfig if found, None otherwise
+        """
+        if not force_refresh and self._is_cache_valid(tenant_id):
+            return self._config_cache[tenant_id]
+
+        try:
+            config_path = self._get_config_path(tenant_id)
+            if not self.storage.file_exists(config_path):
+                logger.debug(f"Tenant config not found: {tenant_id}")
+                return None
+
+            data = self.storage.download_json(config_path)
+            config = TenantConfig(**data)
+
+            # Update cache
+            self._config_cache[tenant_id] = config
+            self._cache_times[tenant_id] = datetime.now()
+
+            # Update subdomain map and its timestamp
+            self._subdomain_map[config.subdomain.lower()] = tenant_id
+            self._subdomain_map_time = datetime.now()
+
+            logger.info(f"Loaded tenant config: {tenant_id}")
+            return config
+        except Exception as e:
+            logger.error(f"Failed to load tenant config {tenant_id}: {e}")
+            return None
+
+    def get_tenant_by_subdomain(self, subdomain: str) -> Optional[TenantConfig]:
+        """
+        Get tenant config by subdomain.
+
+        Args:
+            subdomain: Full subdomain (e.g., 'vocalstar.nomadkaraoke.com')
+
+        Returns:
+            TenantConfig if found, None otherwise
+        """
+        subdomain_lower = subdomain.lower()
+
+        # Check cache first
+        if subdomain_lower in self._subdomain_map:
+            tenant_id = self._subdomain_map[subdomain_lower]
+            return self.get_tenant_config(tenant_id)
+
+        # Try to find tenant by listing all configs
+        # This is a fallback for when we don't have the subdomain cached
+        tenant_id = self._resolve_subdomain_to_tenant_id(subdomain_lower)
+        if tenant_id:
+            return self.get_tenant_config(tenant_id)
+
+        return None
+
+    def _resolve_subdomain_to_tenant_id(self, subdomain: str) -> Optional[str]:
+        """
+        Resolve a subdomain to tenant ID by checking GCS.
+
+        This extracts the tenant ID from the subdomain pattern:
+        - 'vocalstar.nomadkaraoke.com' -> 'vocalstar'
+        - 'vocalstar.gen.nomadkaraoke.com' -> 'vocalstar'
+        """
+        # Extract potential tenant ID from subdomain
+        # Pattern: {tenant}.nomadkaraoke.com or {tenant}.gen.nomadkaraoke.com
+        parts = subdomain.split(".")
+
+        if len(parts) >= 3:
+            # First part is likely the tenant ID
+            potential_tenant_id = parts[0]
+
+            # Check if config exists
+            config_path = self._get_config_path(potential_tenant_id)
+            if self.storage.file_exists(config_path):
+                return potential_tenant_id
+
+        return None
+
+    def get_public_config(self, tenant_id: str) -> Optional[TenantPublicConfig]:
+        """
+        Get the public (frontend-safe) tenant configuration.
+
+        Args:
+            tenant_id: The tenant identifier
+
+        Returns:
+            TenantPublicConfig if found, None otherwise
+        """
+        config = self.get_tenant_config(tenant_id)
+        if config:
+            return TenantPublicConfig.from_config(config)
+        return None
+
+    def get_public_config_by_subdomain(
+        self, subdomain: str
+    ) -> Optional[TenantPublicConfig]:
+        """
+        Get the public tenant configuration by subdomain.
+
+        Args:
+            subdomain: Full subdomain
+
+        Returns:
+            TenantPublicConfig if found, None otherwise
+        """
+        config = self.get_tenant_by_subdomain(subdomain)
+        if config:
+            return TenantPublicConfig.from_config(config)
+        return None
+
+    def tenant_exists(self, tenant_id: str) -> bool:
+        """
+        Check if a tenant exists.
+
+        Args:
+            tenant_id: The tenant identifier
+
+        Returns:
+            True if tenant config exists, False otherwise
+        """
+        config_path = self._get_config_path(tenant_id)
+        return self.storage.file_exists(config_path)
+
+    def is_email_allowed_for_tenant(self, tenant_id: str, email: str) -> bool:
+        """
+        Check if an email is allowed for a specific tenant.
+
+        Args:
+            tenant_id: The tenant identifier
+            email: Email address to check
+
+        Returns:
+            True if email is allowed, False otherwise
+        """
+        config = self.get_tenant_config(tenant_id)
+        if not config:
+            return False
+        return config.is_email_allowed(email)
+
+    def get_tenant_sender_email(self, tenant_id: str) -> str:
+        """
+        Get the email sender address for a tenant.
+
+        Args:
+            tenant_id: The tenant identifier
+
+        Returns:
+            Sender email address
+        """
+        config = self.get_tenant_config(tenant_id)
+        if config:
+            return config.get_sender_email()
+        # Default fallback (consistent with EmailService)
+        return DEFAULT_SENDER_EMAIL
+
+    def invalidate_cache(self, tenant_id: Optional[str] = None) -> None:
+        """
+        Invalidate tenant config cache.
+
+        Args:
+            tenant_id: Specific tenant to invalidate, or None for all
+        """
+        if tenant_id:
+            self._config_cache.pop(tenant_id, None)
+            self._cache_times.pop(tenant_id, None)
+            # Also remove any subdomain map entries pointing to this tenant
+            subdomains_to_remove = [
+                subdomain
+                for subdomain, tid in self._subdomain_map.items()
+                if tid == tenant_id
+            ]
+            for subdomain in subdomains_to_remove:
+                self._subdomain_map.pop(subdomain, None)
+            logger.info(f"Tenant config cache invalidated: {tenant_id}")
+        else:
+            self._config_cache.clear()
+            self._cache_times.clear()
+            self._subdomain_map.clear()
+            self._subdomain_map_time = None
+            logger.info("All tenant config caches invalidated")
+
+    def get_asset_url(self, tenant_id: str, asset_name: str) -> Optional[str]:
+        """
+        Get a signed URL for a tenant asset (logo, favicon, etc.).
+
+        Args:
+            tenant_id: The tenant identifier
+            asset_name: Asset filename (e.g., 'logo.png')
+
+        Returns:
+            Signed URL if asset exists, None otherwise
+        """
+        asset_path = f"{TENANTS_PREFIX}/{tenant_id}/{asset_name}"
+        if self.storage.file_exists(asset_path):
+            return self.storage.generate_signed_url(asset_path, expiration_minutes=60)
+        return None
+
+
+# Singleton instance with thread-safe initialization
+_tenant_service: Optional[TenantService] = None
+_tenant_service_lock = threading.Lock()
+
+
+def get_tenant_service() -> TenantService:
+    """Get or create the singleton TenantService instance (thread-safe)."""
+    global _tenant_service
+    if _tenant_service is None:
+        with _tenant_service_lock:
+            # Double-check after acquiring lock
+            if _tenant_service is None:
+                _tenant_service = TenantService()
+    return _tenant_service

backend/services/user_service.py

@@ -73,16 +73,26 @@ class UserService:
             logger.exception(f"Error getting user {email}")
             return None
 
-    def get_or_create_user(self, email: str) -> User:
+    def get_or_create_user(self, email: str, tenant_id: Optional[str] = None) -> User:
         """
         Get existing user or create a new one.
 
         New users receive a welcome credit to try the service.
+
+        Args:
+            email: User's email address
+            tenant_id: Tenant ID for white-label portals (None = default Nomad Karaoke)
+
+        Note: If user exists but has a different tenant_id, the existing user is returned.
+        Users are uniquely identified by email, not email+tenant.
         """
         email = email.lower()
         user = self.get_user(email)
 
         if user:
+            # If user exists but tenant_id differs, we still return the user
+            # This allows users to access multiple tenants with one account
+            # (though features may be restricted per-tenant)
             return user
 
         # Create new user with welcome credit
@@ -97,9 +107,10 @@ class UserService:
             email=email,
             credits=welcome_credit,
             credit_transactions=[welcome_transaction],
+            tenant_id=tenant_id,  # Associate with tenant on creation
         )
         self._save_user(user)
-        logger.info(f"Created new user: {email} with {welcome_credit} welcome credit(s)")
+        logger.info(f"Created new user: {email} with {welcome_credit} welcome credit(s) (tenant: {tenant_id or 'default'})")
         return user
 
     def _save_user(self, user: User) -> None:
@@ -153,6 +164,7 @@ class UserService:
             display_name=user.display_name,
             total_jobs_created=user.total_jobs_created,
             total_jobs_completed=user.total_jobs_completed,
+            tenant_id=user.tenant_id,
         )
 
     # =========================================================================
@@ -163,18 +175,25 @@ class UserService:
         self,
         email: str,
         ip_address: Optional[str] = None,
-        user_agent: Optional[str] = None
+        user_agent: Optional[str] = None,
+        tenant_id: Optional[str] = None
     ) -> MagicLinkToken:
         """
         Create a magic link token for email authentication.
 
         Returns the token object. The actual sending of the email
         should be handled by the caller (or an email service).
+
+        Args:
+            email: User's email address
+            ip_address: Client IP for auditing
+            user_agent: Client user agent for auditing
+            tenant_id: Tenant ID for white-label portals (None = default Nomad Karaoke)
         """
         email = email.lower()
 
-        # Ensure user exists
-        self.get_or_create_user(email)
+        # Ensure user exists (with tenant association)
+        self.get_or_create_user(email, tenant_id=tenant_id)
 
         # Generate secure token
         token = secrets.token_urlsafe(32)
@@ -185,6 +204,7 @@ class UserService:
             expires_at=datetime.utcnow() + timedelta(minutes=MAGIC_LINK_EXPIRY_MINUTES),
             ip_address=ip_address,
             user_agent=user_agent,
+            tenant_id=tenant_id,
         )
 
         # Save to Firestore
@@ -194,6 +214,54 @@ class UserService:
         logger.info(f"Created magic link for {email}")
         return magic_link
 
+    def create_admin_login_token(
+        self,
+        email: str,
+        expiry_hours: int = 24,
+    ) -> MagicLinkToken:
+        """
+        Create an admin login token for email-embedded authentication links.
+
+        Similar to magic links but with configurable expiry (default 24 hours).
+        Used for made-for-you order notification emails to allow admin one-click login.
+
+        Args:
+            email: Admin's email address to authenticate as
+            expiry_hours: Hours until token expires (default: 24, max: 168)
+
+        Returns:
+            MagicLinkToken object containing the token
+
+        Raises:
+            ValueError: If expiry_hours is out of valid range (1-168)
+        """
+        # Validate expiry_hours (1 hour to 7 days)
+        if not 1 <= expiry_hours <= 168:
+            raise ValueError(f"expiry_hours must be between 1 and 168, got {expiry_hours}")
+
+        email = email.lower()
+
+        # Ensure user exists
+        self.get_or_create_user(email)
+
+        # Generate secure token
+        token = secrets.token_urlsafe(32)
+
+        admin_login = MagicLinkToken(
+            token=token,
+            email=email,
+            expires_at=datetime.utcnow() + timedelta(hours=expiry_hours),
+        )
+
+        # Save to Firestore (same collection as magic links for unified verification)
+        doc_ref = self.db.collection(MAGIC_LINKS_COLLECTION).document(token)
+        doc_ref.set(admin_login.model_dump(mode='json'))
+
+        # Log with redacted email (show only domain) for PII protection
+        domain = email.split('@')[-1] if '@' in email else 'unknown'
+        logger.info(f"Created admin login token for ***@{domain} (expires in {expiry_hours}h)")
+        return admin_login
+
     def verify_magic_link(self, token: str) -> Tuple[bool, Optional[User], str]:
         """
         Verify a magic link token using a Firestore transaction to prevent race conditions.
@@ -262,9 +330,18 @@ class UserService:
         self,
         user_email: str,
         ip_address: Optional[str] = None,
-        user_agent: Optional[str] = None
+        user_agent: Optional[str] = None,
+        tenant_id: Optional[str] = None
     ) -> Session:
-        """Create a new session for an authenticated user."""
+        """
+        Create a new session for an authenticated user.
+
+        Args:
+            user_email: User's email address
+            ip_address: Client IP for auditing
+            user_agent: Client user agent for auditing
+            tenant_id: Tenant ID for white-label portals (None = default Nomad Karaoke)
+        """
         token = secrets.token_urlsafe(32)
         token_prefix = token[:12]
 
@@ -274,6 +351,7 @@ class UserService:
             expires_at=datetime.utcnow() + timedelta(days=SESSION_ABSOLUTE_EXPIRY_DAYS),
             ip_address=ip_address,
             user_agent=user_agent,
+            tenant_id=tenant_id,
         )
 
         # Serialize and write to Firestore

backend/tests/emulator/conftest.py

@@ -39,6 +39,24 @@ os.environ["ADMIN_TOKENS"] = "test-admin-token"
 
 # Only import app if emulators are running
 if emulators_running():
+    from unittest.mock import Mock
+
+    # Mock theme service BEFORE importing app to ensure all jobs get theme_id="nomad"
+    _mock_theme_service = Mock()
+    _mock_theme_service.get_default_theme_id.return_value = "nomad"
+    _mock_theme_service.get_theme.return_value = None
+
+    # Apply patch at module load time (before app imports the service)
+    _theme_patches = [
+        patch("backend.services.theme_service.get_theme_service", return_value=_mock_theme_service),
+        patch("backend.api.routes.audio_search.get_theme_service", return_value=_mock_theme_service),
+        patch("backend.api.routes.file_upload.get_theme_service", return_value=_mock_theme_service),
+        patch("backend.api.routes.users.get_theme_service", return_value=_mock_theme_service),
+        patch("backend.api.routes.jobs.get_theme_service", return_value=_mock_theme_service),
+    ]
+    for p in _theme_patches:
+        p.start()
+
     from fastapi.testclient import TestClient
     from backend.main import app
 else:
@@ -76,7 +94,10 @@ def mock_worker_service():
 
 @pytest.fixture(scope="session")
 def client(mock_worker_service):
-    """Create FastAPI test client with mocked workers."""
+    """Create FastAPI test client with mocked workers.
+
+    Theme service is mocked at module load time (see above).
+    """
     with patch("backend.api.routes.file_upload.worker_service", mock_worker_service):
         return TestClient(app)
 

backend/tests/emulator/test_made_for_you_integration.py

@@ -0,0 +1,167 @@
+"""
+Emulator integration tests for made-for-you order features.
+
+Tests with real Firestore emulator via API endpoints to verify:
+1. Admin login token creation and verification
+2. Made-for-you job fields are properly stored
+
+Run with: scripts/run-emulator-tests.sh
+"""
+import pytest
+import time
+
+from .conftest import emulators_running
+
+# Skip all tests if emulators not running
+pytestmark = pytest.mark.skipif(
+    not emulators_running(),
+    reason="GCP emulators not running. Start with: scripts/start-emulators.sh"
+)
+
+
+class TestAdminLoginTokenIntegration:
+    """
+    Integration tests for admin login token feature via API.
+
+    These tests verify that admin login tokens can be verified
+    through the actual API endpoint.
+    """
+
+    def test_verify_invalid_token_returns_401(self, client):
+        """Invalid token returns 401 unauthorized."""
+        response = client.get("/api/users/auth/verify?token=invalid-token-xyz")
+        assert response.status_code == 401
+
+    def test_verify_missing_token_returns_422(self, client):
+        """Missing token parameter returns 422 validation error."""
+        response = client.get("/api/users/auth/verify")
+        assert response.status_code == 422
+
+    def test_verify_empty_token_returns_401(self, client):
+        """Empty token returns 401."""
+        response = client.get("/api/users/auth/verify?token=")
+        assert response.status_code == 401
+
+
+class TestMadeForYouJobModel:
+    """
+    Tests for made-for-you job model fields.
+
+    Verifies that the Job model properly supports made_for_you fields.
+    """
+
+    def test_job_model_has_made_for_you_fields(self):
+        """Job model includes made_for_you and customer_email fields."""
+        from backend.models.job import Job, JobStatus
+        from datetime import datetime, timezone
+
+        # Create a made-for-you job directly
+        job = Job(
+            job_id="test-mfy-model",
+            status=JobStatus.PENDING,
+            created_at=datetime.now(timezone.utc),
+            updated_at=datetime.now(timezone.utc),
+            user_email="admin@nomadkaraoke.com",
+            made_for_you=True,
+            customer_email="customer@example.com",
+            customer_notes="Please make it perfect!",
+        )
+
+        assert job.made_for_you is True
+        assert job.customer_email == "customer@example.com"
+        assert job.customer_notes == "Please make it perfect!"
+
+    def test_job_model_defaults_made_for_you_false(self):
+        """Regular jobs default made_for_you to False."""
+        from backend.models.job import Job, JobStatus
+        from datetime import datetime, timezone
+
+        job = Job(
+            job_id="test-regular-model",
+            status=JobStatus.PENDING,
+            created_at=datetime.now(timezone.utc),
+            updated_at=datetime.now(timezone.utc),
+            user_email="user@example.com",
+        )
+
+        # Default should be False or None
+        assert job.made_for_you in [False, None]
+        assert job.customer_email is None
+
+
+class TestOwnershipTransferLogic:
+    """
+    Tests for ownership transfer logic (unit-style, runs in emulator context).
+
+    These tests verify the conditional logic for made-for-you ownership transfer
+    by importing the job_manager and testing its behavior directly.
+    """
+
+    def test_ownership_transfer_condition_made_for_you_true(self):
+        """
+        Verify the condition: if made_for_you=True and customer_email exists,
+        ownership should transfer.
+        """
+        # Replicate the exact logic from _schedule_completion_email
+        class MockJob:
+            made_for_you = True
+            customer_email = "customer@example.com"
+            user_email = "admin@nomadkaraoke.com"
+            job_id = "test-123"
+
+        job = MockJob()
+
+        # The logic being tested
+        recipient_email = job.user_email
+        should_transfer = False
+
+        if job.made_for_you and job.customer_email:
+            recipient_email = job.customer_email
+            should_transfer = True
+
+        assert should_transfer is True
+        assert recipient_email == "customer@example.com"
+
+    def test_ownership_transfer_condition_made_for_you_false(self):
+        """
+        Verify: if made_for_you=False, no ownership transfer.
+        """
+        class MockJob:
+            made_for_you = False
+            customer_email = "customer@example.com"
+            user_email = "user@example.com"
+            job_id = "test-456"
+
+        job = MockJob()
+
+        recipient_email = job.user_email
+        should_transfer = False
+
+        if job.made_for_you and job.customer_email:
+            recipient_email = job.customer_email
+            should_transfer = True
+
+        assert should_transfer is False
+        assert recipient_email == "user@example.com"
+
+    def test_ownership_transfer_condition_missing_customer_email(self):
+        """
+        Verify: if made_for_you=True but no customer_email, no transfer.
+        """
+        class MockJob:
+            made_for_you = True
+            customer_email = None
+            user_email = "admin@nomadkaraoke.com"
+            job_id = "test-789"
+
+        job = MockJob()
+
+        recipient_email = job.user_email
+        should_transfer = False
+
+        if job.made_for_you and job.customer_email:
+            recipient_email = job.customer_email
+            should_transfer = True
+
+        assert should_transfer is False
+        assert recipient_email == "admin@nomadkaraoke.com"