mohd/Salon
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
8018710d31ca59709df8b83c241155744c623d3f
Salon/docs/risks.md
T
mohd 8018710d31 fix: use phone_number as USERNAME_FIELD on User model 
- USERNAME_FIELD = "phone_number" (was "email") — email is optional on
  this platform; most customers will be phone-only
- Add REQUIRED_FIELDS = [] to make the intent explicit
- Update create_superuser to accept phone_number as the identifier and
  pass it through to create_user as a keyword argument
- All 35 backend tests pass

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-03-01 23:58:02 +03:00

2.0 KiB
Raw Blame History

Risks And Gaps

This file tracks known gaps and risks to address in future iterations.

Security And Auth

  • Phone normalization is KSA-focused and minimal; broaden for multi-country use.
  • OTP protections are basic; add device fingerprinting and IP throttling if needed.
  • Authentica OTP provider is implemented (SMS + WhatsApp via Authentica OTP); Unifonic remains a scaffold.
  • Social login is a placeholder.
  • USERNAME_FIELD is now "phone_number"; REQUIRED_FIELDS = []; create_superuser accepts phone_number. Admin and createsuperuser work correctly for phone-only users.

Booking Integrity

  • Availability checks and overlap prevention are now enforced for staff bookings.
  • Race condition — booking overlap check is not atomic: validate_booking_request runs the overlap query and returns; the view then calls serializer.save() in a separate step with no lock held. Two concurrent POST /api/bookings/ requests for the same staff slot will both pass validation and both commit. Fix: wrap the overlap check and booking insert in a select_for_update() query (or use serializable transaction isolation) so only one request can hold the lock at a time.
  • No timezone handling or business hours enforcement.
  • No cancellation rules or refund logic.

Payments

  • Moyasar payment creation, webhook reconciliation, and idempotency are implemented.
  • Moyasar capture and refund are implemented in the gateway; API endpoints for admin-initiated capture/refund can be added when needed.

Data And UX

  • Ratings are not recalculated from reviews.
  • No image upload or storage strategy for photos.
  • Booking lifecycle notifications are implemented; Authentica can deliver SMS when NOTIFICATION_PROVIDER=authentica.
  • Localization foundations are in progress; full Arabic translation coverage and RTL QA are still pending.

Ops And Compliance

  • No audit logs for admin actions.
  • No multi-tenant isolation or data export tooling.
  • No GDPR/PDPL data retention policies defined.
Reference in New Issue View Git Blame Copy Permalink