diff --git a/fusion_plating/docs/superpowers/plans/2026-05-22-shopfloor-pin-gate-plan.md b/fusion_plating/docs/superpowers/plans/2026-05-22-shopfloor-pin-gate-plan.md new file mode 100644 index 00000000..199d5720 --- /dev/null +++ b/fusion_plating/docs/superpowers/plans/2026-05-22-shopfloor-pin-gate-plan.md @@ -0,0 +1,2557 @@ +# Shop Floor PIN Gate + Auto-Lock Implementation Plan + +> **For agentic workers:** REQUIRED SUB-SKILL: Use superpowers:subagent-driven-development (recommended) or superpowers:executing-plans to implement this plan task-by-task. Steps use checkbox (`- [ ]`) syntax for tracking. + +**Goal:** Add a tile-grid lock screen + 4-digit PIN per tech + auto-lock after idle so multiple techs sharing one tablet get correctly-attributed audit trails on every shop-floor action. + +**Architecture:** Single Odoo session per tablet, PIN-gated overlay on top via a new `FpTabletLock` OWL wrapper. Backend stores PBKDF2-SHA256 hashed PINs on `res.users`; lockout per-user after 5 failures; idle detection via global pointer/touch/keydown listeners. Audit propagation via optional `tablet_tech_id` kwarg added to existing endpoints — server uses `env.with_user(...)` so writes carry the right uid without JS bundle reload. + +**Tech Stack:** Odoo 19 (Python controllers, models, data XML), OWL 2.x (`static template`, `static props = ["*"]`, standalone `rpc()`, services registry), PBKDF2-SHA256 (Python stdlib), SCSS with `$o-webclient-color-scheme` dark-mode branch. + +**Spec:** [docs/superpowers/specs/2026-05-22-shopfloor-pin-gate-design.md](../specs/2026-05-22-shopfloor-pin-gate-design.md) + +**Local dev note:** The Phase 1-5 deploy established that `fusion_plating` is NOT mounted in the local `odoo-modsdev-app` container. Tests are written per task and committed but verified on the live entech LXC (`ssh pve-worker5 'pct exec 111 -- ...'`). The plan's "verify test fails / passes" steps describe the expected entech behaviour for the executing agent to confirm after deploy. + +--- + +## Module version bumps (apply with each phase's final task) + +| Module | Current | Phase 6.1 | Phase 6.2 | Phase 6.3 | +|---|---|---|---|---| +| `fusion_plating_shopfloor` | 19.0.29.0.0 | 19.0.30.0.0 (backend) | 19.0.30.1.0 (frontend lock) | 19.0.30.2.0 (audit kwarg) | + +--- + +## File structure + +### NEW files + +``` +fusion_plating_shopfloor/ + models/ + res_users.py [P6.1] + controllers/ + tablet_controller.py [P6.1] + views/ + res_users_views.xml [P6.1] + data/ + fp_tablet_config_data.xml [P6.1] + tests/ + test_tablet_pin.py [P6.1] + + static/src/js/services/ + tech_store.js [P6.2] + activity_tracker.js [P6.2] + fp_rpc.js [P6.3] + static/src/js/components/ + pin_pad.js [P6.2] + pin_setup.js [P6.2] + idle_warning.js [P6.2] + static/src/xml/components/ + pin_pad.xml [P6.2] + pin_setup.xml [P6.2] + idle_warning.xml [P6.2] + static/src/scss/components/ + _pin_pad.scss [P6.2] + _idle_warning.scss [P6.2] + + static/src/js/ + tablet_lock.js [P6.2] + static/src/xml/ + tablet_lock.xml [P6.2] + static/src/scss/ + tablet_lock.scss [P6.2] +``` + +### MODIFIED files + +``` +fusion_plating_shopfloor/ + __init__.py [P6.1: + models, controllers/tablet_controller] + __manifest__.py [P6.1, 6.2, 6.3 — version + data + assets] + models/__init__.py [P6.1: + res_users] + controllers/__init__.py [P6.1: + tablet_controller] + models/fp_shopfloor_station.py [P6.1: + authorised_user_ids, idle_lock_minutes] + views/fp_shopfloor_station_views.xml [P6.1: + 2 new fields in form] + controllers/workspace_controller.py [P6.3: accept tablet_tech_id] + controllers/shopfloor_controller.py [P6.3: accept tablet_tech_id on action endpoints] + controllers/manager_controller.py [P6.3: accept tablet_tech_id on action endpoints] + static/src/js/shopfloor_landing.js [P6.2: wrap in FpTabletLock + Hand-Off | P6.3: use fpRpc] + static/src/js/job_workspace.js [P6.2: wrap + Hand-Off | P6.3: use fpRpc] + static/src/js/manager_dashboard.js [P6.2: wrap + Hand-Off | P6.3: use fpRpc] + static/src/xml/shopfloor_landing.xml [P6.2: Hand-Off button slot] + static/src/xml/job_workspace.xml [P6.2: Hand-Off button slot] + static/src/xml/manager_dashboard.xml [P6.2: Hand-Off button slot] +``` + +--- + +# Phase 6.1 — Backend (model + endpoints + prefs) + +**Goal:** Ship invisible PIN infrastructure. Techs can set PINs via Preferences, manager can reset PINs, all five `/fp/tablet/*` endpoints exist and work. No UI lock screen yet — Phase 6.2 turns it on. + +--- + +### Task 6.1.1 — res.users PIN model + hash helpers + +**Files:** +- Create: `fusion_plating/fusion_plating_shopfloor/models/__init__.py` — verify exists; add `from . import res_users` +- Create: `fusion_plating/fusion_plating_shopfloor/models/res_users.py` +- Create: `fusion_plating/fusion_plating_shopfloor/tests/test_tablet_pin.py` +- Modify: `fusion_plating/fusion_plating_shopfloor/__init__.py` — verify `from . import models` exists + +- [ ] **Step 1: Write the failing test** + +Create `fusion_plating/fusion_plating_shopfloor/tests/test_tablet_pin.py`: + +```python +# -*- coding: utf-8 -*- +# Copyright 2026 Nexa Systems Inc. — License OPL-1 +"""Phase 6.1 — res.users PIN fields + hash helpers.""" +from odoo.tests.common import TransactionCase, tagged +from odoo.exceptions import AccessError, UserError + + +@tagged('-at_install', 'post_install', 'fp_shopfloor', 'fp_tablet_pin') +class TestTabletPinHash(TransactionCase): + + def setUp(self): + super().setUp() + self.user = self.env['res.users'].create({ + 'name': 'Pin Test', + 'login': 'pintest@example.com', + }) + + def test_set_pin_stores_salted_hash(self): + self.user.sudo().set_tablet_pin('1234') + stored = self.user.sudo().x_fc_tablet_pin_hash + self.assertTrue(stored) + self.assertIn('$', stored, 'hash must include salt separator') + # Hash is non-deterministic — setting same PIN twice gives different stored values + self.user.sudo().set_tablet_pin('1234') + self.assertNotEqual(stored, self.user.sudo().x_fc_tablet_pin_hash) + + def test_verify_correct_pin(self): + self.user.sudo().set_tablet_pin('1234') + self.assertTrue(self.user.sudo().verify_tablet_pin('1234')) + + def test_verify_wrong_pin(self): + self.user.sudo().set_tablet_pin('1234') + self.assertFalse(self.user.sudo().verify_tablet_pin('0000')) + + def test_verify_pin_no_hash_set(self): + self.assertFalse(self.user.sudo().verify_tablet_pin('1234')) +``` + +- [ ] **Step 2: Verify test fails on entech** + +After deploy: `odoo -c /etc/odoo/odoo.conf -d admin -u fusion_plating_shopfloor --test-tags fp_tablet_pin --stop-after-init` +Expected: FAIL with `AttributeError: 'res.users' object has no attribute 'set_tablet_pin'`. + +- [ ] **Step 3: Implement res.users model** + +Create `fusion_plating/fusion_plating_shopfloor/models/res_users.py`: + +```python +# -*- coding: utf-8 -*- +# Copyright 2026 Nexa Systems Inc. +# License OPL-1 (Odoo Proprietary License v1.0) +# Part of the Fusion Plating product family. +"""Tablet-PIN extensions on res.users (Phase 6 tablet redesign). + +Adds the 4-digit PIN gate fields + helpers used by /fp/tablet/* endpoints +and the FpTabletLock OWL component. PIN is stored as a salted PBKDF2-SHA256 +hash; never plaintext. +""" +import hashlib +import secrets + +from odoo import _, fields, models +from odoo.exceptions import UserError + +# PBKDF2 iteration count. ~50ms verify on entech-class hardware. Safe +# against brute-force even if the DB leaks. +_PBKDF2_ITERATIONS = 200_000 + + +class ResUsers(models.Model): + _inherit = 'res.users' + + x_fc_tablet_pin_hash = fields.Char( + string='Tablet PIN (hashed)', + groups='fusion_plating.group_fusion_plating_manager', + help='PBKDF2-SHA256 hash + salt of the user\'s 4-digit tablet ' + 'PIN. Format: $. Never readable to ' + 'non-managers; never logged.', + ) + x_fc_tablet_pin_set_date = fields.Datetime( + string='Tablet PIN Set Date', + help='When the current PIN was last set or changed.', + ) + x_fc_tablet_pin_failed_count = fields.Integer( + string='Failed PIN Attempts', + default=0, + help='Sequential failed unlock attempts since the last success. ' + 'Resets to 0 on a correct PIN.', + ) + x_fc_tablet_locked_until = fields.Datetime( + string='Tablet Lockout Until', + help='Wall-clock time at which the per-user lockout expires. ' + 'Null when not locked. Set after the configured fail ' + 'threshold (default 5) is reached.', + ) + + @staticmethod + def _hash_tablet_pin(pin, salt=None): + """Hash `pin` with optional salt. Returns "salt_hex$digest_hex".""" + if salt is None: + salt = secrets.token_bytes(16) + digest = hashlib.pbkdf2_hmac( + 'sha256', pin.encode('utf-8'), salt, _PBKDF2_ITERATIONS, + ) + return f"{salt.hex()}${digest.hex()}" + + @staticmethod + def _verify_tablet_pin_hash(pin, stored): + """Constant-time verify of `pin` against a stored hash string.""" + if not stored or '$' not in stored: + return False + salt_hex, expected_hex = stored.split('$', 1) + try: + salt = bytes.fromhex(salt_hex) + except ValueError: + return False + digest = hashlib.pbkdf2_hmac( + 'sha256', pin.encode('utf-8'), salt, _PBKDF2_ITERATIONS, + ) + return secrets.compare_digest(digest.hex(), expected_hex) + + def set_tablet_pin(self, pin): + """Set or change this user's tablet PIN. Requires sudo OR self. + + Caller is responsible for verifying the OLD pin separately if a + hash already exists — this method just writes the new one. + """ + self.ensure_one() + if not pin or not pin.isdigit() or len(pin) != 4: + raise UserError(_('Tablet PIN must be exactly 4 digits.')) + self.sudo().write({ + 'x_fc_tablet_pin_hash': self._hash_tablet_pin(pin), + 'x_fc_tablet_pin_set_date': fields.Datetime.now(), + 'x_fc_tablet_pin_failed_count': 0, + 'x_fc_tablet_locked_until': False, + }) + return True + + def verify_tablet_pin(self, pin): + """Return True if `pin` matches this user's stored hash.""" + self.ensure_one() + if not pin: + return False + # sudo: even non-manager callers may need to verify their OWN PIN. + # The hash field has manager-only read; sudo bypasses that. + return self._verify_tablet_pin_hash(pin, self.sudo().x_fc_tablet_pin_hash) + + def clear_tablet_pin(self): + """Manager-side reset. Clears hash so target must set a new PIN. + Posts to chatter for audit. + """ + self.ensure_one() + manager_name = self.env.user.name + self.sudo().write({ + 'x_fc_tablet_pin_hash': False, + 'x_fc_tablet_pin_set_date': False, + 'x_fc_tablet_pin_failed_count': 0, + 'x_fc_tablet_locked_until': False, + }) + self.message_post( + body=_('Tablet PIN reset by %s. User must set a new PIN ' + 'on next unlock attempt.') % manager_name, + ) + return True +``` + +Verify `fusion_plating/fusion_plating_shopfloor/models/__init__.py` includes `from . import res_users`. If file doesn't exist yet, create it: + +```python +# -*- coding: utf-8 -*- +from . import fp_bake_oven +from . import fp_bake_window +from . import fp_first_piece_gate +from . import fp_operator_queue +from . import fp_shopfloor_station +from . import fp_tank +from . import res_users +``` + +(The first 6 imports likely already exist — only `res_users` is new.) + +Verify `fusion_plating/fusion_plating_shopfloor/__init__.py` includes `from . import models`. If not, add it. + +Create `fusion_plating/fusion_plating_shopfloor/tests/__init__.py` line for the new test file. Append: + +```python +from . import test_tablet_pin +``` + +- [ ] **Step 4: Verify test passes on entech** + +After deploy: `odoo -c /etc/odoo/odoo.conf -d admin -u fusion_plating_shopfloor --test-tags fp_tablet_pin --stop-after-init` +Expected: 4 tests pass. + +- [ ] **Step 5: Commit** + +```bash +cd /k/Github/Odoo-Modules +git add fusion_plating/fusion_plating_shopfloor/models/__init__.py \ + fusion_plating/fusion_plating_shopfloor/models/res_users.py \ + fusion_plating/fusion_plating_shopfloor/__init__.py \ + fusion_plating/fusion_plating_shopfloor/tests/__init__.py \ + fusion_plating/fusion_plating_shopfloor/tests/test_tablet_pin.py +git commit -m "feat(fusion_plating_shopfloor): res.users tablet PIN fields + hash helpers (P6.1.1)" +``` + +--- + +### Task 6.1.2 — /fp/tablet/set_pin + /fp/tablet/reset_pin_for endpoints + +**Files:** +- Create: `fusion_plating/fusion_plating_shopfloor/controllers/tablet_controller.py` +- Modify: `fusion_plating/fusion_plating_shopfloor/controllers/__init__.py` — add import +- Modify: `fusion_plating/fusion_plating_shopfloor/tests/test_tablet_pin.py` — add HTTP tests + +- [ ] **Step 1: Write the failing tests** + +Append to `test_tablet_pin.py`: + +```python +import json +from odoo.tests.common import HttpCase + + +@tagged('-at_install', 'post_install', 'fp_shopfloor', 'fp_tablet_pin') +class TestTabletSetPin(HttpCase): + + def setUp(self): + super().setUp() + # admin auth so the test can call /fp/tablet/set_pin against + # the currently-authenticated user. + self.authenticate("admin", "admin") + + def _rpc(self, url, **params): + res = self.url_open( + url, + data=json.dumps({'jsonrpc': '2.0', 'params': params}), + headers={'Content-Type': 'application/json'}, + ) + return res.json()['result'] + + def test_set_pin_first_time(self): + res = self._rpc('/fp/tablet/set_pin', new_pin='1234') + self.assertTrue(res['ok']) + + def test_set_pin_change_requires_old(self): + # Seed a pin + admin = self.env.ref('base.user_admin') + admin.set_tablet_pin('1234') + # Change without old — rejected + res = self._rpc('/fp/tablet/set_pin', new_pin='5678') + self.assertFalse(res['ok']) + # Change with wrong old — rejected + res = self._rpc('/fp/tablet/set_pin', old_pin='9999', new_pin='5678') + self.assertFalse(res['ok']) + # Change with correct old — accepted + res = self._rpc('/fp/tablet/set_pin', old_pin='1234', new_pin='5678') + self.assertTrue(res['ok']) + + def test_set_pin_rejects_non_4_digit(self): + for bad in ('123', '12345', 'abcd', ''): + res = self._rpc('/fp/tablet/set_pin', new_pin=bad) + self.assertFalse(res['ok'], f'PIN {bad!r} should be rejected') + + +@tagged('-at_install', 'post_install', 'fp_shopfloor', 'fp_tablet_pin') +class TestTabletResetPinFor(HttpCase): + + def setUp(self): + super().setUp() + self.target = self.env['res.users'].create({ + 'name': 'Reset Target', 'login': 'reset@example.com', + }) + self.target.set_tablet_pin('1234') + + def _rpc_as(self, login, url, **params): + self.authenticate(login, login) + res = self.url_open( + url, + data=json.dumps({'jsonrpc': '2.0', 'params': params}), + headers={'Content-Type': 'application/json'}, + ) + return res.json()['result'] + + def test_reset_requires_manager_group(self): + # Plain operator can't reset + operator = self.env['res.users'].create({ + 'name': 'Op', 'login': 'op@example.com', + 'group_ids': [(6, 0, [self.env.ref('fusion_plating.group_fusion_plating_operator').id])], + }) + self.authenticate('op@example.com', 'op@example.com') + res = self.url_open( + '/fp/tablet/reset_pin_for', + data=json.dumps({'jsonrpc': '2.0', 'params': {'user_id': self.target.id}}), + headers={'Content-Type': 'application/json'}, + ).json()['result'] + self.assertFalse(res['ok']) + + def test_reset_as_admin_clears_hash(self): + self.authenticate('admin', 'admin') + res = self.url_open( + '/fp/tablet/reset_pin_for', + data=json.dumps({'jsonrpc': '2.0', 'params': {'user_id': self.target.id}}), + headers={'Content-Type': 'application/json'}, + ).json()['result'] + self.assertTrue(res['ok']) + self.target.invalidate_recordset(['x_fc_tablet_pin_hash']) + self.assertFalse(self.target.sudo().x_fc_tablet_pin_hash) +``` + +- [ ] **Step 2: Verify tests fail on entech** + +Run the test. Expected: 404 errors (endpoint missing). + +- [ ] **Step 3: Implement controller** + +Create `fusion_plating/fusion_plating_shopfloor/controllers/tablet_controller.py`: + +```python +# -*- coding: utf-8 -*- +# Copyright 2026 Nexa Systems Inc. +# License OPL-1 (Odoo Proprietary License v1.0) +# Part of the Fusion Plating product family. +"""JSON-RPC endpoints for the tablet PIN gate (Phase 6 tablet redesign). + + POST /fp/tablet/tiles — list of tiles for the lock screen + POST /fp/tablet/unlock — verify PIN + clear/increment failure counter + POST /fp/tablet/set_pin — self-service set/change PIN + POST /fp/tablet/reset_pin_for — manager-only reset of another user's PIN + POST /fp/tablet/ping — bump server-side last-active timestamp + +Spec: docs/superpowers/specs/2026-05-22-shopfloor-pin-gate-design.md +""" +import logging + +from odoo import _, fields, http +from odoo.exceptions import AccessError, UserError +from odoo.http import request + +_logger = logging.getLogger(__name__) + + +def _is_manager(env): + """True if calling user is in the fusion_plating manager group.""" + return env.user.has_group('fusion_plating.group_fusion_plating_manager') + + +class FpTabletController(http.Controller): + """Tablet PIN gate endpoints. All require an authenticated Odoo + session (the tablet logs in once as a 'shopfloor service' user). + """ + + # ====================================================================== + # /fp/tablet/set_pin — self-service set or change + # ====================================================================== + @http.route('/fp/tablet/set_pin', type='jsonrpc', auth='user') + def set_pin(self, new_pin, old_pin=None): + env = request.env + user = env.user + existing_hash = user.sudo().x_fc_tablet_pin_hash + if existing_hash: + if not old_pin: + return {'ok': False, 'error': _('Current PIN is required to change it.')} + if not user.verify_tablet_pin(old_pin): + return {'ok': False, 'error': _('Current PIN is incorrect.')} + try: + user.set_tablet_pin(new_pin) + except UserError as e: + return {'ok': False, 'error': str(e.args[0]) if e.args else str(e)} + _logger.info( + "Tablet PIN set/changed for uid %s by self", user.id, + ) + return {'ok': True} + + # ====================================================================== + # /fp/tablet/reset_pin_for — manager-only + # ====================================================================== + @http.route('/fp/tablet/reset_pin_for', type='jsonrpc', auth='user') + def reset_pin_for(self, user_id): + env = request.env + if not _is_manager(env): + _logger.warning( + "Non-manager uid %s attempted to reset PIN for user %s", + env.uid, user_id, + ) + return {'ok': False, 'error': _('Manager privilege required.')} + target = env['res.users'].browse(int(user_id)) + if not target.exists(): + return {'ok': False, 'error': _('User not found.')} + target.clear_tablet_pin() + _logger.info( + "Tablet PIN reset for uid %s by manager uid %s", + target.id, env.uid, + ) + return {'ok': True} +``` + +Add to `fusion_plating/fusion_plating_shopfloor/controllers/__init__.py`: + +```python +from . import tablet_controller +``` + +- [ ] **Step 4: Verify tests pass on entech** + +- [ ] **Step 5: Commit** + +```bash +git add fusion_plating/fusion_plating_shopfloor/controllers/tablet_controller.py \ + fusion_plating/fusion_plating_shopfloor/controllers/__init__.py \ + fusion_plating/fusion_plating_shopfloor/tests/test_tablet_pin.py +git commit -m "feat(fusion_plating_shopfloor): /fp/tablet/set_pin + reset_pin_for endpoints (P6.1.2)" +``` + +--- + +### Task 6.1.3 — /fp/tablet/unlock endpoint with lockout + +**Files:** +- Modify: `fusion_plating/fusion_plating_shopfloor/controllers/tablet_controller.py` +- Modify: `fusion_plating/fusion_plating_shopfloor/tests/test_tablet_pin.py` + +- [ ] **Step 1: Write failing tests** + +Append to `test_tablet_pin.py`: + +```python +@tagged('-at_install', 'post_install', 'fp_shopfloor', 'fp_tablet_pin') +class TestTabletUnlock(HttpCase): + + def setUp(self): + super().setUp() + self.authenticate("admin", "admin") + self.target = self.env['res.users'].create({ + 'name': 'Unlock Target', 'login': 'unlock@example.com', + }) + self.target.set_tablet_pin('1234') + + def _unlock(self, pin): + return self.url_open( + '/fp/tablet/unlock', + data=json.dumps({'jsonrpc': '2.0', 'params': { + 'user_id': self.target.id, 'pin': pin, + }}), + headers={'Content-Type': 'application/json'}, + ).json()['result'] + + def test_unlock_correct_pin(self): + res = self._unlock('1234') + self.assertTrue(res['ok']) + self.assertEqual(res['current_tech_id'], self.target.id) + self.assertEqual(res['current_tech_name'], 'Unlock Target') + + def test_unlock_correct_pin_resets_fail_counter(self): + self._unlock('0000') # fail once + self._unlock('1234') # succeed + self.target.invalidate_recordset(['x_fc_tablet_pin_failed_count']) + self.assertEqual(self.target.sudo().x_fc_tablet_pin_failed_count, 0) + + def test_unlock_wrong_pin_increments_counter(self): + self._unlock('0000') + self.target.invalidate_recordset(['x_fc_tablet_pin_failed_count']) + self.assertEqual(self.target.sudo().x_fc_tablet_pin_failed_count, 1) + + def test_lockout_after_5_fails(self): + for _ in range(5): + self._unlock('0000') + res = self._unlock('0000') # 6th + self.assertFalse(res['ok']) + self.assertIn('locked', res['error'].lower()) + self.target.invalidate_recordset(['x_fc_tablet_locked_until']) + self.assertTrue(self.target.sudo().x_fc_tablet_locked_until) + + def test_lockout_blocks_even_correct_pin(self): + for _ in range(5): + self._unlock('0000') + # Even the correct PIN now rejected + res = self._unlock('1234') + self.assertFalse(res['ok']) + self.assertIn('locked', res['error'].lower()) + + def test_unlock_no_pin_set(self): + self.target.clear_tablet_pin() + res = self._unlock('1234') + self.assertFalse(res['ok']) + self.assertIn('not set', res['error'].lower()) +``` + +- [ ] **Step 2: Verify tests fail** + +- [ ] **Step 3: Implement endpoint** + +Append to `tablet_controller.py`: + +```python + # ====================================================================== + # /fp/tablet/unlock — verify PIN + manage failure counter / lockout + # ====================================================================== + @http.route('/fp/tablet/unlock', type='jsonrpc', auth='user') + def unlock(self, user_id, pin): + env = request.env + Users = env['res.users'].sudo() # need sudo to read hash field + target = Users.browse(int(user_id)) + if not target.exists(): + return {'ok': False, 'error': _('User not found.')} + + # No PIN set yet — caller must set one first + if not target.x_fc_tablet_pin_hash: + return { + 'ok': False, + 'error': _('No PIN set. Set one in Preferences first.'), + 'needs_setup': True, + } + + # Currently locked out? + now = fields.Datetime.now() + if target.x_fc_tablet_locked_until and target.x_fc_tablet_locked_until > now: + return { + 'ok': False, + 'error': _('Account locked. Try again in a few minutes.'), + 'locked_until': target.x_fc_tablet_locked_until.isoformat(), + } + + if target.verify_tablet_pin(pin): + # Reset failure state on success + target.write({ + 'x_fc_tablet_pin_failed_count': 0, + 'x_fc_tablet_locked_until': False, + }) + _logger.info( + "Tablet unlocked by uid %s (session uid %s)", + target.id, env.uid, + ) + return { + 'ok': True, + 'current_tech_id': target.id, + 'current_tech_name': target.name, + } + + # Wrong PIN — increment and check threshold + new_count = (target.x_fc_tablet_pin_failed_count or 0) + 1 + threshold = int(env['ir.config_parameter'].sudo().get_param( + 'fp.shopfloor.tablet_pin_fail_threshold', 5, + )) + lockout_min = int(env['ir.config_parameter'].sudo().get_param( + 'fp.shopfloor.tablet_pin_fail_lockout_minutes', 5, + )) + vals = {'x_fc_tablet_pin_failed_count': new_count} + if new_count >= threshold: + from datetime import timedelta + vals['x_fc_tablet_locked_until'] = now + timedelta(minutes=lockout_min) + target.write(vals) + _logger.warning( + "Tablet PIN failure for uid %s (count=%d, locked=%s)", + target.id, new_count, bool(vals.get('x_fc_tablet_locked_until')), + ) + if vals.get('x_fc_tablet_locked_until'): + return { + 'ok': False, + 'error': _('Too many failed attempts. Locked for %d minutes.') % lockout_min, + 'locked_until': vals['x_fc_tablet_locked_until'].isoformat(), + } + return { + 'ok': False, + 'error': _('Incorrect PIN.'), + 'attempts_remaining': threshold - new_count, + } +``` + +- [ ] **Step 4: Verify tests pass** + +- [ ] **Step 5: Commit** + +```bash +git add fusion_plating/fusion_plating_shopfloor/controllers/tablet_controller.py \ + fusion_plating/fusion_plating_shopfloor/tests/test_tablet_pin.py +git commit -m "feat(fusion_plating_shopfloor): /fp/tablet/unlock endpoint with lockout (P6.1.3)" +``` + +--- + +### Task 6.1.4 — /fp/tablet/tiles endpoint + +**Files:** +- Modify: `fusion_plating/fusion_plating_shopfloor/controllers/tablet_controller.py` +- Modify: `fusion_plating/fusion_plating_shopfloor/tests/test_tablet_pin.py` + +- [ ] **Step 1: Write failing test** + +Append to `test_tablet_pin.py`: + +```python +@tagged('-at_install', 'post_install', 'fp_shopfloor', 'fp_tablet_pin') +class TestTabletTiles(HttpCase): + + def setUp(self): + super().setUp() + self.authenticate("admin", "admin") + self.op_group = self.env.ref('fusion_plating.group_fusion_plating_operator') + self.alice = self.env['res.users'].create({ + 'name': 'Alice', 'login': 'alice@example.com', + 'group_ids': [(6, 0, [self.op_group.id])], + }) + self.bob = self.env['res.users'].create({ + 'name': 'Bob', 'login': 'bob@example.com', + 'group_ids': [(6, 0, [self.op_group.id])], + }) + self.alice.set_tablet_pin('1111') + + def _tiles(self, station_id=None): + return self.url_open( + '/fp/tablet/tiles', + data=json.dumps({'jsonrpc': '2.0', 'params': { + 'station_id': station_id, + }}), + headers={'Content-Type': 'application/json'}, + ).json()['result'] + + def test_tiles_returns_all_operators_without_station(self): + res = self._tiles() + self.assertTrue(res['ok']) + names = [t['name'] for t in res['tiles']] + self.assertIn('Alice', names) + self.assertIn('Bob', names) + + def test_tile_has_pin_flag(self): + res = self._tiles() + alice_tile = next(t for t in res['tiles'] if t['name'] == 'Alice') + bob_tile = next(t for t in res['tiles'] if t['name'] == 'Bob') + self.assertTrue(alice_tile['has_pin']) + self.assertFalse(bob_tile['has_pin']) +``` + +- [ ] **Step 2: Verify test fails** + +- [ ] **Step 3: Implement endpoint** + +Append to `tablet_controller.py`: + +```python + # ====================================================================== + # /fp/tablet/tiles — lock-screen tile grid + # ====================================================================== + @http.route('/fp/tablet/tiles', type='jsonrpc', auth='user') + def tiles(self, station_id=None): + env = request.env + op_group = env.ref( + 'fusion_plating.group_fusion_plating_operator', + raise_if_not_found=False, + ) + if not op_group: + return {'ok': False, 'error': 'operator group missing'} + + # Determine candidate users — station roster wins if non-empty + users = op_group.user_ids + if station_id: + Station = env['fusion.plating.shopfloor.station'] + station = Station.browse(int(station_id)) + if (station.exists() + and 'x_fc_authorised_user_ids' in station._fields + and station.x_fc_authorised_user_ids): + users = station.x_fc_authorised_user_ids + + # has_pin needs sudo-read on the hash field + users_sudo = users.sudo() + clocked_ids = set() + if 'hr.employee' in env and hasattr( + env['hr.employee'], '_fp_clocked_in_user_ids', + ): + clocked_ids = env['hr.employee']._fp_clocked_in_user_ids() or set() + + tiles = [] + for u, u_sudo in zip(users.sorted('name'), users_sudo.sorted('name')): + tiles.append({ + 'user_id': u.id, + 'name': u.name, + 'avatar_url': f'/web/image/res.users/{u.id}/avatar_128', + 'is_clocked_in': u.id in clocked_ids, + 'has_pin': bool(u_sudo.x_fc_tablet_pin_hash), + }) + # Clocked in first, then alphabetical within bucket + tiles.sort(key=lambda t: (not t['is_clocked_in'], t['name'])) + return {'ok': True, 'tiles': tiles} +``` + +- [ ] **Step 4: Verify test passes** + +- [ ] **Step 5: Commit** + +```bash +git add fusion_plating/fusion_plating_shopfloor/controllers/tablet_controller.py \ + fusion_plating/fusion_plating_shopfloor/tests/test_tablet_pin.py +git commit -m "feat(fusion_plating_shopfloor): /fp/tablet/tiles endpoint (P6.1.4)" +``` + +--- + +### Task 6.1.5 — /fp/tablet/ping endpoint + +**Files:** +- Modify: `fusion_plating/fusion_plating_shopfloor/controllers/tablet_controller.py` + +- [ ] **Step 1: Implement** (no test — pure no-op acknowledgement used for forensic logging) + +Append to `tablet_controller.py`: + +```python + # ====================================================================== + # /fp/tablet/ping — heartbeat used by the OWL component on every action + # ====================================================================== + @http.route('/fp/tablet/ping', type='jsonrpc', auth='user') + def ping(self, current_tech_id=None): + """Lightweight heartbeat. Used by the OWL component to confirm + the server-side session is alive AND to log the tech-of-record + every few minutes so the server has forensic visibility into + which tech was 'driving' the tablet at any moment. + + Returns {'ok': True} as a cheap liveness ack. + """ + if current_tech_id: + _logger.debug( + "Tablet ping: session uid %s carrying tablet_tech_id=%s", + request.env.uid, current_tech_id, + ) + return {'ok': True, 'server_time': fields.Datetime.now().isoformat()} +``` + +- [ ] **Step 2: Commit** + +```bash +git add fusion_plating/fusion_plating_shopfloor/controllers/tablet_controller.py +git commit -m "feat(fusion_plating_shopfloor): /fp/tablet/ping heartbeat endpoint (P6.1.5)" +``` + +--- + +### Task 6.1.6 — Station extras + config-parameter defaults + +**Files:** +- Modify: `fusion_plating/fusion_plating_shopfloor/models/fp_shopfloor_station.py` +- Create: `fusion_plating/fusion_plating_shopfloor/data/fp_tablet_config_data.xml` +- Modify: `fusion_plating/fusion_plating_shopfloor/views/fp_shopfloor_station_views.xml` +- Modify: `fusion_plating/fusion_plating_shopfloor/__manifest__.py` + +- [ ] **Step 1: Add the two station fields** + +In `models/fp_shopfloor_station.py`, locate the field block and add after the last existing field: + +```python + # Phase 6 tablet PIN gate — per-station roster + idle override. + x_fc_authorised_user_ids = fields.Many2many( + 'res.users', + relation='fp_shopfloor_station_authorised_user_rel', + column1='station_id', + column2='user_id', + string='Authorised Operators', + help='If set, the tablet lock screen only shows tiles for these ' + 'users. Empty = all operator-group users are shown. Use to ' + 'restrict a tablet at a specialised station (e.g. EN Plating) ' + 'to techs trained on that station.', + ) + x_fc_idle_lock_minutes = fields.Integer( + string='Idle Lock (minutes)', + help='Per-station override for the auto-lock idle threshold. ' + 'Leave blank to use the global default ' + '(ir.config_parameter fp.shopfloor.tablet_idle_lock_minutes, ' + 'default 5).', + ) +``` + +- [ ] **Step 2: Create the config-parameter data file** + +Create `fusion_plating/fusion_plating_shopfloor/data/fp_tablet_config_data.xml`: + +```xml + + + + + + fp.shopfloor.tablet_idle_lock_minutes + 5 + + + + fp.shopfloor.tablet_pin_fail_threshold + 5 + + + + fp.shopfloor.tablet_pin_fail_lockout_minutes + 5 + + + + fp.shopfloor.tablet_warn_seconds_before_lock + 30 + + + +``` + +- [ ] **Step 3: Surface the new fields on the station form** + +In `views/fp_shopfloor_station_views.xml`, locate the form's field group (somewhere with `name="code"`, `facility_id`, etc.) and add inside: + +```xml + + + + +``` + +If the form doesn't have explicit `` containers, place the two `` lines inside the existing `` near the other config fields. + +- [ ] **Step 4: Register the data file in the manifest** + +Edit `fusion_plating/fusion_plating_shopfloor/__manifest__.py` — find the `'data':` list and add the new file BEFORE `'views/fp_menu.xml'`: + +```python + 'data/fp_tablet_config_data.xml', +``` + +(Order matters — data files load top-to-bottom; this needs to land before any menu/view that might reference the parameters.) + +- [ ] **Step 5: Commit** + +```bash +git add fusion_plating/fusion_plating_shopfloor/models/fp_shopfloor_station.py \ + fusion_plating/fusion_plating_shopfloor/data/fp_tablet_config_data.xml \ + fusion_plating/fusion_plating_shopfloor/views/fp_shopfloor_station_views.xml \ + fusion_plating/fusion_plating_shopfloor/__manifest__.py +git commit -m "feat(fusion_plating_shopfloor): station roster + idle override + config defaults (P6.1.6)" +``` + +--- + +### Task 6.1.7 — Profile prefs Set/Change PIN button + Manager Reset button + +**Files:** +- Create: `fusion_plating/fusion_plating_shopfloor/views/res_users_views.xml` +- Modify: `fusion_plating/fusion_plating_shopfloor/__manifest__.py` + +- [ ] **Step 1: Create the view file** + +```xml + + + + + + + res.users.preferences.tablet.pin + res.users + + + + + + + + + + + + + + + + +``` + +- [ ] **Step 3: Create SCSS** + +```scss +// ============================================================================= +// FpPinPad — numeric keypad for tablet lock screen + PIN setup +// Dark-mode aware via $o-webclient-color-scheme branch. +// ============================================================================= + +$o-webclient-color-scheme: bright !default; + +$_pin-bg-hex: #ffffff; +$_pin-key-bg-hex: #f3f4f6; +$_pin-key-hover-hex: #e5e7eb; +$_pin-border-hex: #d8dadd; +$_pin-dot-hex: #d8dadd; +$_pin-dot-fill-hex: #1d1d1f; + +@if $o-webclient-color-scheme == dark { + $_pin-bg-hex: #22262d !global; + $_pin-key-bg-hex: #2d3138 !global; + $_pin-key-hover-hex: #3a3f48 !global; + $_pin-border-hex: #424245 !global; + $_pin-dot-fill-hex: #f5f5f7 !global; +} + +.o_fp_pin_pad { + background: $_pin-bg-hex; + border-radius: 12px; + padding: 1.5rem; + display: flex; + flex-direction: column; + align-items: center; + gap: 0.8rem; + min-width: 280px; +} + +.o_fp_pin_title { font-size: 1.1rem; font-weight: 600; } +.o_fp_pin_subtitle { font-size: 0.85rem; color: var(--text-secondary, #666); text-align: center; } + +.o_fp_pin_dots { + display: flex; + gap: 0.8rem; + margin: 0.5rem 0; +} + +.o_fp_pin_dot { + width: 14px; + height: 14px; + border-radius: 50%; + background: $_pin-dot-hex; + transition: background 0.1s ease; + &.filled { background: $_pin-dot-fill-hex; } +} + +.o_fp_pin_error { + color: #ff3b30; + font-size: 0.85rem; + min-height: 1.2rem; +} + +.o_fp_pin_grid { + display: grid; + grid-template-columns: repeat(3, 1fr); + gap: 0.5rem; + width: 100%; +} + +.o_fp_pin_key { + background: $_pin-key-bg-hex; + border: 1px solid $_pin-border-hex; + border-radius: 10px; + padding: 1rem 0; + font-size: 1.5rem; + font-weight: 500; + cursor: pointer; + transition: background 0.1s ease, transform 0.05s ease; + + &:hover { background: $_pin-key-hover-hex; } + &:active { transform: scale(0.97); } + &:disabled { opacity: 0.5; cursor: wait; } +} + +.o_fp_pin_key_clear { font-size: 0.95rem; color: var(--text-secondary, #666); } +.o_fp_pin_key_cancel { font-size: 0.95rem; color: var(--text-secondary, #666); } + +@keyframes o_fp_pin_shake_kf { + 0%, 100% { transform: translateX(0); } + 25% { transform: translateX(-8px); } + 50% { transform: translateX(8px); } + 75% { transform: translateX(-4px); } +} +.o_fp_pin_shake { animation: o_fp_pin_shake_kf 0.4s ease; } +``` + +- [ ] **Step 4: Register assets in manifest** + +Edit `__manifest__.py` `assets.web.assets_backend`, add (after the existing component lines): + +```python + # ---- Phase 6.2 tablet PIN gate ---- + 'fusion_plating_shopfloor/static/src/scss/components/_pin_pad.scss', + 'fusion_plating_shopfloor/static/src/xml/components/pin_pad.xml', + 'fusion_plating_shopfloor/static/src/js/components/pin_pad.js', + 'fusion_plating_shopfloor/static/src/js/services/tech_store.js', + 'fusion_plating_shopfloor/static/src/js/services/activity_tracker.js', +``` + +- [ ] **Step 5: Commit** + +```bash +git add fusion_plating/fusion_plating_shopfloor/static/src/js/components/pin_pad.js \ + fusion_plating/fusion_plating_shopfloor/static/src/xml/components/pin_pad.xml \ + fusion_plating/fusion_plating_shopfloor/static/src/scss/components/_pin_pad.scss \ + fusion_plating/fusion_plating_shopfloor/__manifest__.py +git commit -m "feat(fusion_plating_shopfloor): FpPinPad OWL component (P6.2.2)" +``` + +--- + +### Task 6.2.3 — FpIdleWarning component + +**Files:** +- Create: `fusion_plating/fusion_plating_shopfloor/static/src/js/components/idle_warning.js` +- Create: `fusion_plating/fusion_plating_shopfloor/static/src/xml/components/idle_warning.xml` +- Create: `fusion_plating/fusion_plating_shopfloor/static/src/scss/components/_idle_warning.scss` + +- [ ] **Step 1: Create JS** + +```javascript +/** @odoo-module **/ +// ============================================================================= +// Fusion Plating — FpIdleWarning (shared OWL service) +// +// Yellow-border overlay + countdown toast shown during the last +// (default 30) seconds before auto-lock. Any pointer/touch event on +// the document elsewhere resets the activity tracker, which causes +// this component's parent (FpTabletLock) to hide the warning. +// ============================================================================= + +import { Component } from "@odoo/owl"; + +export class FpIdleWarning extends Component { + static template = "fusion_plating_shopfloor.IdleWarning"; + static props = { + secondsRemaining: { type: Number }, + }; +} +``` + +- [ ] **Step 2: Create template** + +```xml + + + + +
+
+ + Locking in s · tap anywhere to stay +
+
+ + + +``` + +- [ ] **Step 3: Create SCSS** + +```scss +// ============================================================================= +// FpIdleWarning — yellow-border countdown overlay before auto-lock +// ============================================================================= + +.o_fp_idle_warning_overlay { + position: fixed; + inset: 0; + pointer-events: none; + z-index: 9998; + box-shadow: inset 0 0 0 4px #ff9f0a; + animation: o_fp_idle_pulse 1s ease-in-out infinite alternate; +} + +@keyframes o_fp_idle_pulse { + from { box-shadow: inset 0 0 0 4px rgba(255, 159, 10, 0.6); } + to { box-shadow: inset 0 0 0 4px rgba(255, 159, 10, 1); } +} + +.o_fp_idle_warning_toast { + position: fixed; + top: 16px; + left: 50%; + transform: translateX(-50%); + background: #1d1d1f; + color: #ffd585; + padding: 0.6rem 1.2rem; + border-radius: 8px; + font-size: 0.9rem; + z-index: 9999; + pointer-events: none; + box-shadow: 0 4px 12px rgba(0,0,0,0.4); + + strong { color: #ffb84d; margin: 0 0.2rem; } + > i { margin-right: 0.4rem; } +} +``` + +- [ ] **Step 4: Register assets** + +Add to `__manifest__.py` after the pin_pad lines: + +```python + 'fusion_plating_shopfloor/static/src/scss/components/_idle_warning.scss', + 'fusion_plating_shopfloor/static/src/xml/components/idle_warning.xml', + 'fusion_plating_shopfloor/static/src/js/components/idle_warning.js', +``` + +- [ ] **Step 5: Commit** + +```bash +git add fusion_plating/fusion_plating_shopfloor/static/src/js/components/idle_warning.js \ + fusion_plating/fusion_plating_shopfloor/static/src/xml/components/idle_warning.xml \ + fusion_plating/fusion_plating_shopfloor/static/src/scss/components/_idle_warning.scss \ + fusion_plating/fusion_plating_shopfloor/__manifest__.py +git commit -m "feat(fusion_plating_shopfloor): FpIdleWarning overlay (P6.2.3)" +``` + +--- + +### Task 6.2.4 — FpTabletLock wrapper component + +**Files:** +- Create: `fusion_plating/fusion_plating_shopfloor/static/src/js/tablet_lock.js` +- Create: `fusion_plating/fusion_plating_shopfloor/static/src/xml/tablet_lock.xml` +- Create: `fusion_plating/fusion_plating_shopfloor/static/src/scss/tablet_lock.scss` + +- [ ] **Step 1: Create JS** + +```javascript +/** @odoo-module **/ +// ============================================================================= +// Fusion Plating — FpTabletLock (top-level wrapper) +// +// Mounted by Landing / Workspace / Manager Dashboard as their outermost +// element. Renders the lock screen (tile grid + PIN pad) when no tech +// is signed in; renders (the wrapped client +// action) otherwise. Also drives the auto-lock countdown + idle warning. +// +// Usage in a parent template: +// +// +//
...your existing tree...
+// +// +// ============================================================================= + +import { Component, useState, onMounted, onWillUnmount } from "@odoo/owl"; +import { rpc } from "@web/core/network/rpc"; +import { useService } from "@web/core/utils/hooks"; +import { FpPinPad } from "./components/pin_pad"; +import { FpIdleWarning } from "./components/idle_warning"; + +export class FpTabletLock extends Component { + static template = "fusion_plating_shopfloor.TabletLock"; + static components = { FpPinPad, FpIdleWarning }; + static props = { + slots: { type: Object, optional: true }, + }; + + setup() { + this.techStore = useService("fp_shopfloor_tech_store"); + this.activity = useService("fp_shopfloor_activity"); + this.notification = useService("notification"); + + this.state = useState({ + tiles: [], + selectedTileUserId: null, + idleSecondsRemaining: null, + loadingTiles: false, + }); + + onMounted(async () => { + await this._loadTiles(); + this._tick = setInterval(() => this._checkIdle(), 1000); + // Heartbeat ping every 60s — for forensic visibility + this._ping = setInterval(() => { + if (this.techStore.currentTechId) { + rpc("/fp/tablet/ping", { current_tech_id: this.techStore.currentTechId }) + .catch(() => {}); + } + }, 60000); + }); + + onWillUnmount(() => { + if (this._tick) clearInterval(this._tick); + if (this._ping) clearInterval(this._ping); + }); + } + + get isLocked() { + return this.techStore.isLocked; + } + + async _loadTiles() { + this.state.loadingTiles = true; + try { + const stationId = parseInt(localStorage.getItem("fp_landing_station_id")) || null; + const res = await rpc("/fp/tablet/tiles", { station_id: stationId }); + if (res && res.ok) { + this.state.tiles = res.tiles; + } + } finally { + this.state.loadingTiles = false; + } + } + + _checkIdle() { + if (!this.techStore.currentTechId) { + this.state.idleSecondsRemaining = null; + return; + } + const remaining = this.activity.getSecondsUntilLock(); + const warnThreshold = this.activity.getWarnThresholdSec(); + if (remaining <= 0) { + this.handOff(); + } else if (remaining <= warnThreshold) { + this.state.idleSecondsRemaining = remaining; + } else if (this.state.idleSecondsRemaining !== null) { + this.state.idleSecondsRemaining = null; + } + } + + onTileClick(userId) { + this.state.selectedTileUserId = userId; + // PIN pad renders for this user; PinPad's onSubmit calls unlock() + } + + _selectedTileName() { + const tile = this.state.tiles.find(t => t.user_id === this.state.selectedTileUserId); + return tile ? tile.name : ""; + } + + async unlock(pin) { + try { + const res = await rpc("/fp/tablet/unlock", { + user_id: this.state.selectedTileUserId, + pin, + }); + if (res && res.ok) { + this.techStore.setTech(res.current_tech_id, res.current_tech_name); + this.activity.bump(); + this.state.selectedTileUserId = null; + return { ok: true }; + } + return { ok: false, error: (res && res.error) || "Unlock failed" }; + } catch (err) { + return { ok: false, error: err.message || String(err) }; + } + } + + onPinCancel() { + this.state.selectedTileUserId = null; + } + + handOff() { + this.techStore.lock(); + this.state.selectedTileUserId = null; + this.state.idleSecondsRemaining = null; + this._loadTiles(); + } +} +``` + +- [ ] **Step 2: Create template** + +```xml + + + + + +
+
+

Tap your name to unlock

+
+
+