Backend follow-on to migration 73:
- schemas: ResponseAreaPayload.kind extended to response|context|question_number|
mark_area|reference|furniture + context_type; QuestionPayload gains bounds+page.
- PUT serialization persists Part bounds/page and region context_type.
- Neo4j projection only emits Region nodes for response/context regions; the
metadata kinds (question_number/mark_area/reference/furniture) are physical-layer
only and stay out of cc.public.exams.
- Unit test: new kinds + Part geometry + context_type round-trip.
Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
The previous commit added apikey to _create_base_client headers, but supabase-py
already sets apikey from the key arg → two apikey headers → Kong rejected every
as-user call with 401 'Duplicate API key found' (exam API 502'd on auth). Revert
to Authorization-only; fix the two header unit tests to assert the real contract
(apikey via the key arg; options.headers carries only the user Authorization).
Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
- client.py: set apikey explicitly in _create_base_client headers (Kong needs it
on every request; for per-user clients apikey stays anon while Authorization
carries the user JWT). Fixes the 2 stale header unit tests that asserted apikey
in options.headers, and is robust against supabase-py default-header changes.
- test_dev_stack: exact == seed counts → >= baselines. The greenfield seed sets a
floor; additive exam-marker fixtures (S4-4 cohort) legitimately push live .94
counts above the old snapshot. >= still catches a broken/missing seed.
Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
modules/database/services/exam_projection.py projects a saved template into
cc.public.exams: ExamPaper -> Question/Part -> Region + Part-[:ASSESSES]->
SpecPoint, joined by shared UUIDs (exam_questions.id, exam_response_areas.id,
exam_code, spec_code). Full re-sync per exam_code (idempotent). Reads via
service role + writes via system Neo4j driver (R3.5.1 documented graph-writer).
Wiring (R3.5.4/R5.3):
- PUT /templates/{id} enqueues project_template_safe via BackgroundTasks
(swallows failures so a graph hiccup never fails the canvas save).
- POST /templates/{id}/neo4j-sync — manual trigger, as-user auth + owner check,
runs synchronously and returns projection counts.
Unit tests: projection scheduled on PUT; neo4j-sync owner/403/404.
Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
Pre-existing bug (E7): the whole file had doubled braces, so every dict literal
was a set containing a dict -> 'unhashable type: dict' at runtime, and log
f-strings printed literal {braces}. This broke StorageManager.upload_file /
list_bucket_contents / create_bucket / bucket-init for ALL callers (incl.
files.py uploads), not just exam scans. Mechanical de-double; no logic change.
Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
- modules/database/schemas/nodes/exams/exam_nodes.py: neontology node classes for
ExamBoard/Specification/SpecPoint/ExamPaper/Question/Part/Region (uuid_string joins
to Supabase exam_questions.id / exam_response_areas.id / eb_exams.exam_code).
- run/initialization/init_exam_graph.py: idempotent init — creates the shared public
cc.public.exams database, 10 uniqueness constraints, and seeds AQA + AQA-PHYS-8463
(GCSE Physics) with its 8 top-level topic SpecPoints.
Applied + verified on dev Neo4j (192.168.0.209, enterprise): db online, 10 constraints,
AQA-[:PUBLISHES]->AQA-PHYS-8463-[:HAS_SPEC_POINT]->8 points. Full sub-point catalogue is
a later data task. spec_code AQA-PHYS-8463 must match the eb_exams seed (S4-3).
Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
The _get_profile select list omitted school_id, causing
/me/bootstrap to always return null for that field even after
the column was populated.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
supabase-py injects apikey internally via create_client(url, key). Manually
setting headers['apikey'] caused PostgREST to log "Duplicate API key found /
JSON could not be generated" on every bootstrap request.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Two root causes fixed:
1. seed_environment.py: KevlarAI website was 'https://kevlarai.com' (real
domain) instead of 'https://kevlarai.test'. Also, seed step 8 now patches
kcar's auth user_metadata to set user_type='platform_admin' on every
reset+seed, so the fix is self-healing and doesn't require manual DB edits.
2. provisioning_service.py: user_type_map now maps 'platform_admin' to
('superadmin', 'superadmin'), so _ensure_membership() is never called for
platform admin accounts and they are never silently enrolled in the
default institute.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
get_global_driver() now sets _driver_unavailable=True when the initial
connection fails, so subsequent calls fail immediately instead of
spending 60s retrying each time. Added reset_global_driver() to allow
manual reconnection after Neo4j comes back up.
Also fixes APP_BOLT_URL in .env: was bolt://bolt.classroomcopilot.ai
(public IP, port not exposed), now bolt://192.168.0.209:7687 (LAN).
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
- Create llm_client.py with 5 provider implementations (Anthropic, OpenAI, Ollama, OpenRouter, Google)
- Add build_prompt() helper to construct system/user prompts from templates
- Wire up POST /transcribe/sessions/{id}/summaries endpoint to call LLM client
- Return generated content + token counts (input_tokens, output_tokens)
- API keys passed per-request, never stored or logged
- Uses prompt templates from prompts.py based on summary_type
- Updated ANON_KEY and SERVICE_ROLE_KEY from supabase container
- Changed SUPABASE_URL to local dev instance (192.168.0.155:8000)
- Synced .env.local with .env for consistency
