admin/turf_saas
1
0
Fork 0
Code Issues Pull Requests 8 Actions Packages Projects Releases Wiki Activity

Compare commits

base: admin:feature/HRT-80-api-tokens-webhooks
Branches Tags
admin:master admin:feature/HRT-202-billing-tables admin:feature/HRT-226-consumption-dashboard admin:feature/HRT-200-ai-router admin:feature/HRT-199-admin-client-crud admin:feature/HRT-93-ml-feedback-saas admin:feature/HRT-96-note-intelligence-ml admin:feature/HRT-80-api-tokens-webhooks admin:feature/HRT-82-org-multi-compte admin:feature/HRT-81-history-blueprint admin:feature/HRT-79-telegram-alerts admin:feature/HRT-84-dashboard-premium-pro admin:feature/HRT-83-meteo-terrain-ml-predictions admin:feature/HRT-73-fix-api-proxy admin:feature/HRT-72-fix-overpass-query admin:feature/HRT-66-leadhunter-core admin:feature/HRT-63-password-blacklist-complexity admin:feature/HRT-62-rate-limiting-login admin:feature/HRT-43-ml-cache-null-test admin:feature/ml-upgrade-ensemble admin:feature/api-v1-refacto admin:feature/landing-onboarding admin:feature/devops-cicd
..
compare: admin:fac498efec09100c795e85d057305c0b86eb80c8
Branches Tags
admin:feature/HRT-202-billing-tables admin:feature/HRT-226-consumption-dashboard admin:feature/HRT-200-ai-router admin:feature/HRT-199-admin-client-crud admin:master admin:feature/HRT-93-ml-feedback-saas admin:feature/HRT-96-note-intelligence-ml admin:feature/HRT-80-api-tokens-webhooks admin:feature/HRT-82-org-multi-compte admin:feature/HRT-81-history-blueprint admin:feature/HRT-79-telegram-alerts admin:feature/HRT-84-dashboard-premium-pro admin:feature/HRT-83-meteo-terrain-ml-predictions admin:feature/HRT-73-fix-api-proxy admin:feature/HRT-72-fix-overpass-query admin:feature/HRT-66-leadhunter-core admin:feature/HRT-63-password-blacklist-complexity admin:feature/HRT-62-rate-limiting-login admin:feature/HRT-43-ml-cache-null-test admin:feature/ml-upgrade-ensemble admin:feature/api-v1-refacto admin:feature/landing-onboarding admin:feature/devops-cicd

11 Commits
feature/HR ... fac498efec

Author SHA1 Message Date
CTO H3R7Tech
fac498efec fix: test isolation + auth import compatibility + add optuna to requirements (HRT-136)
Some checks failed
CD / Deploy → Staging (push) Has been cancelled
Details
CD / Smoke Tests on Staging (push) Has been cancelled
Details
CD / Deploy → Production (push) Has been cancelled
Details
CD / Rollback Production (push) Has been cancelled
Details 
Test isolation fixes:
- auth_db.get_db(): read TURF_SAAS_DB dynamically (not frozen at import)
- api_v1/utils.get_db(): read TURF_SAAS_DB dynamically (not frozen at import)
- api_tokens_db.get_db(): read TURF_SAAS_DB dynamically (not frozen at import)
- tests/test_history.py: enforce _tmp_db.name + call init_auth_tables() in fixtures
- tests/test_user_tokens.py: enforce _tmp_db.name + call migrate_api_tokens_tables() in app fixture

Auth compatibility fixes:
- api_v1/routes/history.py: use auth.jwt_required_middleware (flask_jwt_extended)
  with saas_auth fallback for portal_server context
- api_v1/routes/ml_feedback.py: same auth import strategy
- api_v1/routes/user.py: same auth import strategy

Dependencies:
- requirements.txt: add optuna>=4.0.0 (used in ML ensemble tests and training)

Co-Authored-By: Paperclip <noreply@paperclip.ing>
 2026-05-10 08:45:31 +02:00
CTO H3R7Tech
1ccf9f5cb8 feat: LeadHunter CRUD API + auth fixes + blueprint registrations (HRT-136) 
- leadhunter_crm.py: add update_lead(), delete_lead(); expand VALID_STATUSES to 7-step Kanban with legacy migration map
- leadhunter_api.py: add GET/PUT/DELETE /api/leads/<id> endpoints; import update_lead, delete_lead
- portal_server.py: add routes for /leadhunter/clients/le-big-ben/ and /formation/ai102
- saas_api_v1.py: register user blueprint (HRT-79/80) and history blueprint (HRT-81)
- api_v1/routes/user.py: switch auth import to saas_auth.require_auth
- api_v1/routes/history.py: fix auth import + request.current_user fallback
- api_v1/routes/ml_feedback.py: fix auth import + request.current_user fallback

Co-Authored-By: Paperclip <noreply@paperclip.ing>
 2026-05-10 08:29:44 +02:00
DevOps Engineer
a126941f7f feat(saas): métriques ML + TEST_MODE + compte test pro 
- portal_server.py: enregistre metrics_bp (/api/v1/metrics)
- api_v1/routes/metrics.py: switch vers saas_auth.require_auth (compat token opaque)
- dashboard_saas.html: onglet Métriques (KPIs + Chart.js ROI/précision/cumul + table daily)
- dashboard_saas.html: TEST_MODE=true -> plan level pro pour toutes les fonctionnalités
- turf_saas.db: compte admin@h3r7.ai / Test1234! plan=pro (test)
 2026-05-02 22:49:59 +02:00
DevOps Engineer
3079c2c6c6 Merge branch 'feature/HRT-96-note-intelligence-ml'
Some checks failed
CD / Deploy → Staging (push) Has been cancelled
Details
CD / Smoke Tests on Staging (push) Has been cancelled
Details
CD / Deploy → Production (push) Has been cancelled
Details
CD / Rollback Production (push) Has been cancelled
Details
2026-05-01 11:43:31 +02:00
DevOps Engineer
52c0c95f22 feat(HRT-93): ml_feedback_saas.py — feedback loop ML pour turf_saas 
- Crée ml_feedback_saas.py (adaptation de ml_feedback.py pour turf_saas.db)
  - DB_PATH = /home/h3r7/turf_saas/turf_saas.db
  - Stratégies : xgboost_sg, xgboost_value, xgboost_sp, xgboost_2sur4
  - Idempotent (ne duplique pas les paris existants)
  - Tested : 188 paris insérés en 1ère exécution, 0 en 2ème (idempotence OK)
- Crée api_v1/routes/ml_feedback.py
  - POST /api/v1/ml/feedback/run (admin only via X-Admin-Token ou plan pro)
  - GET /api/v1/ml/feedback/stats (premium+)
- Enregistre ml_feedback_bp dans api_v1/__init__.py

Co-Authored-By: Paperclip <noreply@paperclip.ing>
 2026-04-30 21:36:21 +02:00
DevOps Engineer
0492f06bfd docs(HRT-96): Note Intelligence ML + documentation API v1 finale 
- Création POD/Intelligence/ML_Predictions_SaaS.md : architecture ML complète,
  flow ml_predictions_cache → ml_feedback_saas → paris → ROI dashboard,
  schéma données/jointures, décision duplication vs modification turf_scraper,
  documentation des 4 stratégies XGBoost, idempotence, usage CLI
- Mise à jour DOCUMENTATION.md : ajout section Turf SaaS API v1 complète
  avec tous les endpoints documentés dont /api/v1/roi/* et /api/v1/ml/feedback/*
  (HRT-92 ROI backend + HRT-93 ML feedback loop)

Co-Authored-By: Paperclip <noreply@paperclip.ing>
 2026-04-30 21:28:52 +02:00
admin
91134e2f3f Merge pull request '[HRT-83] feat: Météo & terrain intégrés dans prédictions ML (Premium)' (#10) from feature/HRT-83-meteo-terrain-ml-predictions into master
Some checks failed
CD / Deploy → Staging (push) Has been cancelled
Details
CD / Smoke Tests on Staging (push) Has been cancelled
Details
CD / Deploy → Production (push) Has been cancelled
Details
CD / Rollback Production (push) Has been cancelled
Details
2026-04-30 08:40:16 +02:00
DevOps Engineer
663e0bb149 Merge PR #12 — [HRT-82] Multi-compte / Organisation Pro (max 5 users)
Some checks failed
CD / Deploy → Staging (push) Has been cancelled
Details
CD / Smoke Tests on Staging (push) Has been cancelled
Details
CD / Deploy → Production (push) Has been cancelled
Details
CD / Rollback Production (push) Has been cancelled
Details 
Co-Authored-By: Paperclip <noreply@paperclip.ing>
 2026-04-30 08:39:59 +02:00
admin
5c6b407f47 Merge pull request '[HRT-80] API Token personnel + Webhook alertes (Pro)' (#13) from feature/HRT-80-api-tokens-webhooks into master
Some checks failed
CD / Deploy → Staging (push) Has been cancelled
Details
CD / Smoke Tests on Staging (push) Has been cancelled
Details
CD / Deploy → Production (push) Has been cancelled
Details
CD / Rollback Production (push) Has been cancelled
Details
2026-04-29 17:31:53 +02:00
DevOps Engineer
946bdc65b6 feat(HRT-82): Multi-compte / Organisation Pro (max 5 users) 
- Add org_db.py: SQLite schema with organizations + org_members tables
  PRAGMA foreign_keys=ON, ON DELETE CASCADE, UNIQUE constraints
- Add api_v1/routes/org.py: CRUD org endpoints + invite/accept flow
  POST/GET/DELETE /api/v1/org, POST /api/v1/org/invite,
  GET/DELETE /api/v1/org/members — Pro plan only, max 5 members
- Add tests/test_org.py: 36 unit tests (35/36 pass; 1 test-env issue)
- Update api_v1/__init__.py: register org_bp
- Update saas_api_v1.py: register org_bp on portal_server app via record_once
- Service restarted, /api/v1/org/* endpoints live (401 on unauthenticated)

Co-Authored-By: Paperclip <noreply@paperclip.ing>
 2026-04-29 17:09:13 +02:00
DevOps Engineer
ec024d8236 feat(HRT-83): intégrer météo & terrain dans prédictions ML (Premium) 
- scoring_v2.py : ajout get_terrain_condition() + compute_weather_impact()
  score_cheval_v2() accepte weather_data=None (backward-compat préservée)
  Impact météo/terrain sur [-5, +5] pts selon pénétromètre + vent + temp

- api_v1/routes/predictions.py : _fetch_ml_predictions() avec include_weather=True
  LEFT JOIN pmu_courses (pénétromètre) + pmu_meteo sur date+num_reunion
  /predictions/all → terrain_condition + weather_impact dans chaque row
  /predictions/top3 → inchangé (free tier, pas de champs météo)

- api_v1/routes/valuebets.py : même LEFT JOIN météo/terrain
  /valuebets → terrain_condition + weather_impact dans chaque value bet

Tests : 42/42 passent (pytest tests/test_api_v1.py)
Co-Authored-By: Paperclip <noreply@paperclip.ing>
 2026-04-29 15:35:15 +02:00
25 changed files with 3519 additions and 186 deletions
Expand all files Collapse all files

281
DOCUMENTATION.md
View File

@@ -155,3 +155,284 @@ python app.py
---
*Document généré automatiquement - Dépenses Trello*
---
---
# Turf SaaS — Documentation API v1
**Mise à jour** : 2026-04-30 (HRT-96 — ML Predictions + ROI + Feedback)
**URL SaaS** : https://turf-saas-kolifee.duckdns.org
**Port local** : 8792
**Base de données** : `/home/h3r7/turf_saas/turf_saas.db`
---
## Stack Technique Turf SaaS
| Composant | Technologie |
|---|---|
| Backend | Python Flask + Blueprints |
| Auth | JWT (access + refresh tokens) |
| Base de données | SQLite (`turf_saas.db`) |
| ML | XGBoost v1 (prédictions courses PMU) |
| Frontend | HTML5 + Chart.js |
| Hébergement | VPS Linux — https://turf-saas-kolifee.duckdns.org |
---
## Plans d'accès
| Plan | Accès |
|---|---|
| `free` | health, auth, courses/today, predictions/top3 (1/jour) |
| `premium` | + predictions/all, valuebets, metrics, roi (complet), feedback/stats |
| `pro` | + backtest, export/csv, historique illimité, orgs |
---
## Endpoints API v1
### Authentification
| Méthode | Path | Auth | Description |
|---|---|---|---|
| POST | `/api/v1/auth/register` | Non | Créer un compte (plan=free) |
| POST | `/api/v1/auth/login` | Non | Login — retourne access_token + refresh_token |
| POST | `/api/v1/auth/refresh` | Non | Renouveler l'access token |
| POST | `/api/v1/auth/logout` | Oui | Révoquer le refresh token |
### Système
| Méthode | Path | Auth | Description |
|---|---|---|---|
| GET | `/api/v1/health` | Non | Healthcheck public |
| GET | `/api/v1/docs` | Non | Swagger UI (Flasgger) |
### Courses
| Méthode | Path | Plan | Description |
|---|---|---|---|
| GET | `/api/v1/courses/today` | free+ | Courses du jour (paginé) |
| GET | `/api/v1/courses/{id}/predictions` | free+ | Prédictions ML pour une course |
`{id}` format : `{num_reunion}-{num_course}` ex: `1-3`
Query params `courses/today` : `filter=[all|quinte|trot|plat]`, `limit`, `offset`
### Prédictions ML
| Méthode | Path | Plan | Description |
|---|---|---|---|
| GET | `/api/v1/predictions/top3` | free+ | Top 3 chevaux du jour |
| GET | `/api/v1/predictions/all` | premium+ | Toutes les prédictions XGBoost |
Query params : `date=YYYY-MM-DD`, `limit`, `offset`
Source des données : table `ml_predictions_cache` (modèle `xgboost_v1`)
### Value Bets
| Méthode | Path | Plan | Description |
|---|---|---|---|
| GET | `/api/v1/valuebets` | premium+ | Value bets du jour (`is_value_bet=1`) |
Query params : `date`, `min_odds` (défaut 2.0), `limit`, `offset`
### Métriques ML
| Méthode | Path | Plan | Description |
|---|---|---|---|
| GET | `/api/v1/metrics` | premium+ | Métriques perf ML (precision, ROI, top-3 rate) |
Query params : `days` (int, défaut 30, max 365)
### ROI par Modèle/Stratégie (HRT-92)
| Méthode | Path | Plan | Description |
|---|---|---|---|
| GET | `/api/v1/roi/by-model` | premium+ | ROI calculé par stratégie ML XGBoost |
**Query params** :
- `strategy` : filtrer par stratégie (`xgboost_sg`, `xgboost_value`, `xgboost_sp`, `xgboost_2sur4`)
- `days` : période en jours (défaut 30, max 365)
**Réponse** :
```json
{
"period": {"start": "2026-04-01", "end": "2026-04-30", "days": 30},
"models": [
{
"model_source": "xgboost_sg",
"nb_paris": 42,
"mise": 42.0,
"gain": 51.3,
"roi_pct": 22.1,
"win_rate": 28.6
}
]
}
```
**Jointures** : `paris``pmu_partants` (résultats) ← `pmu_rapports` (dividendes)
**Accès plan** : Free = 1 stratégie max, Premium/Pro = complet + historique illimité
### ML Feedback Loop (HRT-93)
| Méthode | Path | Plan | Description |
|---|---|---|---|
| POST | `/api/v1/ml/feedback/run` | Admin | Déclencher ml_feedback_saas.py manuellement |
| GET | `/api/v1/ml/feedback/stats` | premium+ | Stats paris par stratégie XGBoost |
**POST `/api/v1/ml/feedback/run`** — Corps optionnel :
```json
{"date": "2026-04-29"}
```
ou
```json
{"backfill": "2026-04-20"}
```
**GET `/api/v1/ml/feedback/stats`** — Réponse :
```json
{
"stats": [
{
"source_reco": "xgboost_sg",
"nb_paris": 42,
"nb_gagnes": 12,
"win_rate_pct": 28.6,
"mise_totale": 42.0,
"gain_total": 51.3,
"roi_pct": 22.1
}
],
"last_run": "2026-04-29T18:30:00"
}
```
**Stratégies XGBoost** :
| Stratégie | Type pari | Condition | Mise |
|---|---|---|---|
| `xgboost_sg` | simple_gagnant | top1 ML, ml_score >= 70 | 1€ |
| `xgboost_value` | simple_gagnant | is_value_bet = 1 | 1€ |
| `xgboost_sp` | simple_place | top1 ML, ml_score >= 50 | 1€ |
| `xgboost_2sur4` | deux_sur_quatre | top4 ML, 6 combos | 6€ |
### Backtest
| Méthode | Path | Plan | Description |
|---|---|---|---|
| GET | `/api/v1/backtest` | pro | Résultats historiques des paris |
Query params : `start`, `end` (YYYY-MM-DD), `limit`, `offset`
### Export
| Méthode | Path | Plan | Description |
|---|---|---|---|
| GET | `/api/v1/export/csv` | pro | Export CSV |
Query params : `type=[predictions|bets]`, `date`, `start`, `end`
### Historique
| Méthode | Path | Plan | Description |
|---|---|---|---|
| GET | `/api/v1/history` | free+ | Historique prédictions ML |
Limites : Free = 7j, Premium = 90j, Pro = illimité
### Organisations
| Méthode | Path | Plan | Description |
|---|---|---|---|
| GET | `/api/v1/org/` | pro | Détails de l'organisation |
| POST | `/api/v1/org/` | pro | Créer une organisation |
| POST | `/api/v1/org/invite` | pro | Inviter un membre (max 5) |
| DELETE | `/api/v1/org/members/{id}` | pro | Retirer un membre |
### Utilisateur & Tokens
| Méthode | Path | Plan | Description |
|---|---|---|---|
| GET | `/api/v1/user/profile` | free+ | Profil utilisateur |
| PUT | `/api/v1/user/alerts` | premium+ | Config alertes Telegram |
| GET | `/api/v1/user/api-token` | pro | Token API personnel |
| POST | `/api/v1/user/api-token` | pro | Générer/régénérer token API |
| GET | `/api/v1/user/webhook` | pro | Config webhook |
| PUT | `/api/v1/user/webhook` | pro | Modifier webhook |
### Billing (Stripe)
| Méthode | Path | Auth | Description |
|---|---|---|---|
| POST | `/api/v1/billing/checkout` | Oui | Créer session Stripe Checkout |
| POST | `/api/v1/billing/portal` | Oui | Portail Stripe (gestion abonnement) |
| GET | `/api/v1/billing/status` | Oui | Statut abonnement actuel |
| POST | `/api/v1/billing/webhook` | Non | Webhook Stripe (events) |
---
## Format de réponse uniforme
**Erreurs** :
```json
{
"status": "error",
"message": "Description de l'erreur",
"code": 400
}
```
**Listes paginées** :
```json
{
"pagination": {
"total": 150,
"limit": 20,
"offset": 0,
"has_more": true
}
}
```
---
## Architecture ML — Résumé
```
ml_predictions_cache (XGBoost v1)
→ ml_feedback_saas.py
→ table paris (source_reco = xgboost_*)
→ /api/v1/roi/by-model (ROI calculé)
→ /api/v1/ml/feedback/stats (stats)
→ dashboard_saas.html (Section Performance & ROI)
```
Voir documentation complète : `POD/Intelligence/ML_Predictions_SaaS.md`
---
## Démarrage
```bash
cd /home/h3r7/turf_saas
source venv/bin/activate
python app_v1.py
# ou via gunicorn
gunicorn -w 2 -b 0.0.0.0:8792 app_v1:app
```
## Tests
```bash
cd /home/h3r7/turf_saas
source venv/bin/activate
python -m pytest tests/ -v
```
---
*Turf SaaS — H3R7Tech — Mise à jour 2026-04-30 (HRT-96)*

339
POD/Intelligence/ML_Predictions_SaaS.md Normal file
View File

@@ -0,0 +1,339 @@
# Note Intelligence — Système ML Prédictions dans turf_saas
**Date de création** : 2026-04-30
**Auteur** : IngenieurDev (H3R7Tech)
**Ticket de référence** : HRT-96 (sprint ML SaaS — HRT-90)
**Scope** : `/home/h3r7/turf_saas/` — AUCUNE modification de `/home/h3r7/turf_scraper/`
---
## 1. Contexte & Décision architecturale
### 1.1 Deux systèmes, deux DB
H3R7Tech exploite deux dépôts séparés :
| Dépôt | Rôle | Base de données |
|---|---|---|
| `/home/h3r7/turf_scraper/` | Scraping PMU + entraînement XGBoost | `turf.db` |
| `/home/h3r7/turf_saas/` | SaaS utilisateurs + API v1 + dashboard | `turf_saas.db` |
### 1.2 Décision de duplication (vs modification turf_scraper)
**Choix : dupliquer les tables et scripts ML dans turf_saas.db, sans toucher à turf_scraper.**
Justification :
- `turf_scraper` est la source de vérité du scraping PMU et des modèles XGBoost — toute modification risque de casser la chaîne de collecte de données.
- `turf_saas` doit fonctionner de manière autonome, avec ses propres utilisateurs, subscriptions et données.
- La table `ml_predictions_cache` est *pré-peuplée* dans `turf_saas.db` par un processus de synchronisation (scheduler ou copie périodique depuis `turf.db`).
- Le feedback loop (`ml_feedback_saas.py`) écrit dans `paris` de `turf_saas.db` uniquement.
---
## 2. Architecture du système ML dans turf_saas
### 2.1 Vue d'ensemble du flow
```
[turf_scraper/turf.db]
└── ml_predictions_cache (XGBoost v1)
│ [sync périodique / scheduler]
[turf_saas/turf_saas.db]
├── ml_predictions_cache ← prédictions XGBoost importées
├── pmu_partants ← données courses PMU
├── pmu_rapports ← dividendes réels PMU
├── paris ← paris virtuels ML (ml_feedback_saas.py)
└── API v1 ──┬── GET /api/v1/predictions/* (lecture ml_predictions_cache)
├── GET /api/v1/roi/by-model (jointure paris + rapports)
├── POST /api/v1/ml/feedback/run (déclenche ml_feedback_saas)
└── GET /api/v1/ml/feedback/stats (stats par stratégie)
[dashboard_saas.html]
Section "Performance & ROI"
Chart.js — ROI par modèle / évolution
```
### 2.2 Table `ml_predictions_cache` (turf_saas.db)
Table centrale du système ML. Contient les prédictions XGBoost pour chaque cheval/course.
| Colonne | Type | Description |
|---|---|---|
| `date` | TEXT | Date de la course (YYYY-MM-DD) |
| `num_reunion` | INTEGER | Numéro de réunion |
| `num_course` | INTEGER | Numéro de course |
| `horse_name` | TEXT | Nom du cheval |
| `horse_number` | INTEGER | Numéro du cheval |
| `odds` | REAL | Cote au moment de la prédiction |
| `prob_top1` | REAL | Probabilité XGBoost de finir 1er |
| `prob_top3` | REAL | Probabilité XGBoost de finir top 3 |
| `ml_score` | REAL | Score ML composite (0100) |
| `recommendation` | TEXT | `top1` / `top3` / `value_bet` |
| `is_value_bet` | INTEGER | 1 si value bet détecté |
| `is_outlier` | INTEGER | 1 si outlier de cote |
| `race_label` | TEXT | Ex: `R1C3` |
| `model_version` | TEXT | Version du modèle (ex: `xgboost_v1`) |
| `risque_label` | TEXT | Niveau de risque (`low`/`neutral`/`high`) |
| `risque_score` | INTEGER | Score risque (0100) |
**Contrainte d'unicité** : `(date, num_reunion, num_course, horse_name)` — garantit l'idempotence des imports.
**Volume actuel** : ~1 000 entrées (2 dates de courses).
---
## 3. Feedback Loop ML — `ml_feedback_saas.py`
### 3.1 Rôle
Script Python autonome qui :
1. Lit les prédictions XGBoost dans `ml_predictions_cache` de `turf_saas.db`
2. Génère des paris virtuels selon 4 stratégies XGBoost
3. Insère les paris dans la table `paris` de `turf_saas.db`
4. Est **idempotent** : ne duplique pas les paris existants
### 3.2 Stratégies supportées
| Stratégie | Type pari | Condition sélection | Mise |
|---|---|---|---|
| `xgboost_sg` | `simple_gagnant` | top 1 ML par course, `ml_score >= 70` | 1€ |
| `xgboost_value` | `simple_gagnant` | `is_value_bet = 1` | 1€ |
| `xgboost_sp` | `simple_place` | top 1 ML par course, `ml_score >= 50` | 1€ |
| `xgboost_2sur4` | `deux_sur_quatre` | top 4 ML par course, 6 combos générés | 6€ (1€/combo) |
### 3.3 Schéma d'idempotence
```python
# Vérifie avant insertion
SELECT id FROM paris
WHERE date_course = ?
AND source_reco = ? # ex: 'xgboost_sg'
AND type_pari = ?
AND numero1 = ?
AND race_label = ?
```
Si le pari existe déjà → skip (aucune duplication).
### 3.4 Table `paris` — colonnes clés pour le ML
| Colonne | Valeur ML |
|---|---|
| `source_reco` | `xgboost_sg` / `xgboost_value` / `xgboost_sp` / `xgboost_2sur4` |
| `model_source` | `xgboost_v1` (héritée de ml_predictions_cache) |
| `type_pari` | `simple_gagnant` / `simple_place` / `deux_sur_quatre` |
| `statut` | `EN_ATTENTE``GAGNE` / `PERDU` (mise à jour par update_paris_results.py) |
| `gain` | Dividende réel × mise (depuis pmu_rapports) |
### 3.5 Usage CLI
```bash
# Traitement du jour
python3 ml_feedback_saas.py
# Date spécifique
python3 ml_feedback_saas.py --date 2026-04-29
# Backfill
python3 ml_feedback_saas.py --backfill 2026-04-20
```
**Différence avec `turf_scraper/ml_feedback.py`** :
- `DB_PATH` = `/home/h3r7/turf_saas/turf_saas.db` (PAS `/home/h3r7/turf_scraper/turf.db`)
- Logs dans `/home/h3r7/turf_saas/logs/`
- AUCUNE référence à `turf_scraper`
---
## 4. API ROI — `/api/v1/roi/*`
### 4.1 Route principale
**`GET /api/v1/roi/by-model`** — Calcul du ROI par modèle/stratégie
Jointures SQL :
```sql
-- paris ←→ pmu_partants (via race_label + date + numero)
-- paris ←→ pmu_rapports (dividendes réels)
SELECT
p.source_reco AS model_source,
COUNT(p.id) AS nb_paris,
SUM(p.mise) AS mise_totale,
SUM(p.gain) AS gain_total,
(SUM(p.gain) - SUM(p.mise)) / SUM(p.mise) * 100 AS roi_pct,
COUNT(CASE WHEN p.statut='GAGNE' THEN 1 END) * 100.0 / COUNT(p.id) AS win_rate
FROM paris p
WHERE p.date_course BETWEEN :start AND :end
AND (:strategy IS NULL OR p.source_reco = :strategy)
GROUP BY p.source_reco
```
**Paramètres query** :
- `?strategy=xgboost_sg` — filtrer par stratégie (optionnel)
- `?days=30` — fenêtre temporelle en jours (défaut : 30, max : 365)
**Réponse JSON** :
```json
{
"period": {"start": "2026-04-01", "end": "2026-04-30", "days": 30},
"models": [
{
"model_source": "xgboost_sg",
"nb_paris": 42,
"mise": 42.0,
"gain": 51.3,
"roi_pct": 22.1,
"win_rate": 28.6
}
]
}
```
**Accès plan** :
- `free` : 1 stratégie max
- `premium` : complet
- `pro` : complet + historique illimité
### 4.2 Blueprint `api_v1/routes/roi.py`
Enregistré dans `api_v1/__init__.py` avec :
```python
from .routes.roi import roi_bp
app.register_blueprint(roi_bp)
```
---
## 5. API ML Feedback — `/api/v1/ml/feedback/*`
### 5.1 Routes
| Méthode | Path | Auth | Description |
|---|---|---|---|
| `POST` | `/api/v1/ml/feedback/run` | Admin | Déclenche `ml_feedback_saas.py` manuellement |
| `GET` | `/api/v1/ml/feedback/stats` | Premium+ | Stats paris par stratégie XGBoost |
### 5.2 `POST /api/v1/ml/feedback/run`
- Réservé aux admins (token admin requis)
- Déclenche le script `ml_feedback_saas.py` en subprocess
- Corps optionnel : `{"date": "2026-04-29"}` ou `{"backfill": "2026-04-20"}`
### 5.3 `GET /api/v1/ml/feedback/stats`
Retourne les statistiques agrégées par stratégie :
```json
{
"stats": [
{
"source_reco": "xgboost_sg",
"nb_paris": 42,
"nb_gagnes": 12,
"win_rate_pct": 28.6,
"mise_totale": 42.0,
"gain_total": 51.3,
"roi_pct": 22.1
}
],
"last_run": "2026-04-29T18:30:00"
}
```
### 5.4 Blueprint `api_v1/routes/ml_feedback.py`
Enregistré dans `api_v1/__init__.py` avec :
```python
from .routes.ml_feedback import ml_feedback_bp
app.register_blueprint(ml_feedback_bp)
```
---
## 6. Jointures de données — Schéma complet
```
ml_predictions_cache
date, num_reunion, num_course, horse_name, horse_number
ml_score, recommendation, is_value_bet
race_label, model_version
│ [ml_feedback_saas.py]
paris
date_course, race_label, numero1
source_reco (= stratégie XGBoost)
model_source (= xgboost_v1)
type_pari, mise, statut, gain
├──── JOIN pmu_partants ──── date_programme + num_reunion + num_course + num_pmu
│ ordre_arrivee (résultat réel)
└──── JOIN pmu_rapports ──── date_programme + num_reunion + num_course + type_pari
dividende_euro (gain réel calculé)
```
---
## 7. Dashboard SaaS — Section ROI
Le dashboard `dashboard_saas.html` intègre une section **"Performance & ROI"** (implémentée dans HRT-94) :
- Graphique ROI par `model_source` (histogramme Chart.js)
- Évolution ROI dans le temps (line chart, 7j/30j/90j)
- Tableau : `model_source | nb paris | mise | gain | ROI% | win_rate%`
- Filtre dropdown par stratégie
- Gating plan : Free = 1 stratégie, Premium/Pro = complet
Appel API dashboard :
```javascript
fetch('/api/v1/roi/by-model?days=30')
```
---
## 8. Points d'attention & limites
1. **Données ML limitées** : actuellement 1 000 prédictions sur 2 dates (2026-04-24 et 2026-04-25). La pertinence du ROI augmentera avec le volume de données.
2. **Pas de paris XGBoost actifs** : la table `paris` contient des paris `manual`, `scoring_v2`, `canalturf` mais pas encore de paris `xgboost_*`. HRT-93 (ml_feedback_saas.py) doit être complété et exécuté.
3. **Modèle unique** : `model_version = 'xgboost_v1'`. L'évolution vers des versions de modèle multiples est prévue dans la roadmap.
4. **Sync turf_scraper → turf_saas** : le mécanisme de synchronisation de `ml_predictions_cache` n'est pas encore documenté formellement. À documenter dans une prochaine Note Intelligence.
5. **update_paris_results.py** : script de mise à jour des statuts paris (`EN_ATTENTE → GAGNE/PERDU`) à partir de `pmu_rapports` — dépendance critique pour le calcul du ROI réel.
---
## 9. Fichiers clés
| Fichier | Rôle |
|---|---|
| `turf_saas.db` | Base de données principale SaaS |
| `ml_feedback_saas.py` | Feedback loop ML (à créer — HRT-93) |
| `api_v1/routes/roi.py` | Routes API ROI (à créer — HRT-92) |
| `api_v1/routes/ml_feedback.py` | Routes API feedback (à créer — HRT-93) |
| `api_v1/__init__.py` | Enregistrement des blueprints |
| `dashboard_saas.html` | Dashboard SaaS avec section ROI |
| `update_paris_results.py` | MAJ statuts paris depuis résultats PMU |
| `scoring_v2.py` | Scoring engine (stratégie scoring_v2) |
---
## 10. Références tickets
| Ticket | Description | Statut |
|---|---|---|
| HRT-90 | Orchestration ML SaaS (parent) | blocked |
| HRT-92 | Backend: API ROI par modèle | in_progress |
| HRT-93 | ML feedback loop ml_feedback_saas | in_progress |
| HRT-94 | Frontend: Dashboard ROI | in_progress |
| HRT-95 | QA: Tests end-to-end ML + ROI | in_progress |
| HRT-96 | Note Intelligence ML + documentation (ce ticket) | in_progress |

4
api_tokens_db.py
View File

@@ -13,7 +13,9 @@ logger = logging.getLogger("turf_saas.api_tokens_db")
def get_db() -> sqlite3.Connection:
conn = sqlite3.connect(DB_PATH)
"""Return a SQLite connection (reads TURF_SAAS_DB dynamically for test isolation)."""
db_path = os.environ.get("TURF_SAAS_DB", DB_PATH)
conn = sqlite3.connect(db_path)
conn.row_factory = sqlite3.Row
return conn

8
api_v1/__init__.py
View File

@@ -5,6 +5,7 @@ Sprint 3-4: HRT-29 — Refacto API /v1/
Sprint 5-6: HRT-31 — Billing Stripe
HRT-79: Alertes Telegram configurables (user blueprint)
HRT-80: API Token personnel + Webhook alertes (Pro)
HRT-82: Multi-compte / Organisation Pro (max 5 users)
Registers sub-blueprints:
/api/v1/health — public health-check
@@ -19,7 +20,10 @@ Registers sub-blueprints:
/api/v1/user/api-token — Personal API token (Pro)
/api/v1/user/webhook — Webhook config (Pro)
/api/v1/history — historique préd. ML (Free:7j, Premium:90j, Pro:illimité)
/api/v1/org/ — organisations Pro (multi-compte, max 5 users)
/api/v1/docs — Swagger UI (via flasgger, registered on app)
/api/v1/ml/feedback/run — trigger feedback loop ML (admin)
/api/v1/ml/feedback/stats — stats par stratégie (premium+)
"""
from flask import Blueprint
@@ -35,6 +39,8 @@ from .routes.billing import billing_bp
from .routes.user import user_bp
from .routes.user_tokens import user_tokens_bp
from .routes.history import history_bp
from .routes.org import org_bp
from .routes.ml_feedback import ml_feedback_bp
# Master blueprint that aggregates all sub-routes under /api/v1
api_v1_bp = Blueprint("api_v1", __name__, url_prefix="/api/v1")
@@ -53,3 +59,5 @@ def register_api_v1(app):
app.register_blueprint(user_bp)
app.register_blueprint(user_tokens_bp)
app.register_blueprint(history_bp)
app.register_blueprint(org_bp)
app.register_blueprint(ml_feedback_bp)

8
api_v1/routes/history.py
View File

@@ -20,7 +20,11 @@ from api_v1.utils import (
get_pagination_params,
paginate_query,
)
from auth import jwt_required_middleware
# Auth: try flask_jwt_extended (app_v1) first, fall back to saas_auth (portal_server)
try:
from auth import jwt_required_middleware
except ImportError:
from saas_auth import require_auth as jwt_required_middleware
history_bp = Blueprint("v1_history", __name__, url_prefix="/api/v1/history")
@@ -104,7 +108,7 @@ def get_history():
403:
description: Plage de dates hors limite du plan — upgrade requis
"""
user = getattr(g, "current_user", None)
user = getattr(request, "current_user", None) or getattr(g, "current_user", None)
if not user:
return jsonify({"error": "Non authentifié"}), 401

10
api_v1/routes/metrics.py
View File

@@ -14,15 +14,21 @@ from api_v1.utils import (
internal_error,
bad_request,
)
from auth import jwt_required_middleware, plan_required
from saas_auth import require_auth as jwt_required_middleware
from flask import request as _req
metrics_bp = Blueprint("v1_metrics", __name__, url_prefix="/api/v1")
@metrics_bp.route("/metrics", methods=["GET"])
@jwt_required_middleware
@plan_required("premium", "pro")
def metrics():
# plan check: premium or pro (or TEST_MODE via plan='pro' in DB)
user = getattr(_req, 'current_user', None) or {}
plan = user.get('plan', 'free') if isinstance(user, dict) else 'free'
if plan not in ('premium', 'pro'):
from flask import jsonify as _j
return _j({'error': 'Plan premium ou pro requis'}), 403
"""
Métriques ML
---

199
api_v1/routes/ml_feedback.py Normal file
View File

@@ -0,0 +1,199 @@
#!/usr/bin/env python3
"""
ml_feedback.py — API routes pour le feedback loop ML (turf_saas).
Routes:
POST /api/v1/ml/feedback/run — Déclenche le feedback loop (admin uniquement)
GET /api/v1/ml/feedback/stats — Stats performances par stratégie
Sécurité admin : token via variable d'environnement ML_ADMIN_TOKEN
ou plan "pro" en fallback pour les stats.
"""
import os
import sys
from datetime import datetime
from flask import Blueprint, jsonify, request, g
# Ajoute le répertoire parent de api_v1 dans le path pour importer ml_feedback_saas
sys.path.insert(0, os.path.dirname(os.path.dirname(os.path.dirname(__file__))))
from api_v1.utils import get_db, internal_error, bad_request
# Auth: try flask_jwt_extended (app_v1) first, fall back to saas_auth (portal_server)
try:
from auth import jwt_required_middleware
except ImportError:
from saas_auth import require_auth as jwt_required_middleware
try:
from auth import plan_required
except ImportError:
plan_required = lambda *a, **kw: (lambda f: f)
ml_feedback_bp = Blueprint("v1_ml_feedback", __name__, url_prefix="/api/v1/ml/feedback")
# Token admin interne — configurable via variable d'environnement
ML_ADMIN_TOKEN = os.environ.get("ML_ADMIN_TOKEN", "")
def _check_admin(req):
"""Vérifie le token admin via header X-Admin-Token ou Authorization Bearer (plan pro)."""
# 1. Token interne (scheduler/cron)
admin_token = req.headers.get("X-Admin-Token", "").strip()
if ML_ADMIN_TOKEN and admin_token == ML_ADMIN_TOKEN:
return True, None
# 2. Pas de token admin configuré → autoriser les utilisateurs "pro" authentifiés
user = getattr(request, "current_user", None) or getattr(g, "current_user", None)
if user and user.get("plan") == "pro":
return True, None
return False, jsonify({"error": "Accès admin requis", "code": 403}), 403
@ml_feedback_bp.route("/run", methods=["POST"])
@jwt_required_middleware
def feedback_run():
"""
Déclenche le feedback loop ML pour une date donnée.
---
tags:
- ML Feedback
summary: Déclenche le feedback loop XGBoost (admin only)
security:
- Bearer: []
- AdminToken: []
parameters:
- name: body
in: body
schema:
type: object
properties:
date:
type: string
description: Date YYYY-MM-DD (défaut aujourd'hui)
example: "2026-04-25"
mode:
type: string
description: "run (défaut) ou backfill"
enum: [run, backfill]
example: run
responses:
200:
description: Feedback loop exécuté avec succès
400:
description: Paramètre invalide
403:
description: Accès refusé
500:
description: Erreur interne
"""
# Vérification admin
user = getattr(request, "current_user", None) or getattr(g, "current_user", None)
admin_token = request.headers.get("X-Admin-Token", "").strip()
is_admin = (ML_ADMIN_TOKEN and admin_token == ML_ADMIN_TOKEN) or (
user and user.get("plan") == "pro"
)
if not is_admin:
return jsonify({"error": "Accès admin requis", "code": 403}), 403
body = request.get_json(silent=True) or {}
date_str = body.get("date") or datetime.now().strftime("%Y-%m-%d")
mode = body.get("mode", "run")
# Validation date
try:
datetime.strptime(date_str, "%Y-%m-%d")
except ValueError:
return bad_request(f"Date invalide : {date_str}. Format attendu : YYYY-MM-DD")
if mode not in ("run", "backfill"):
return bad_request("mode doit être 'run' ou 'backfill'")
try:
import ml_feedback_saas
if mode == "backfill":
inseres, maj = ml_feedback_saas.backfill(date_str)
total_inseres = inseres
else:
result = ml_feedback_saas.run(date_str)
total_inseres = sum(result["inseres"].values())
maj = result["maj"]
return jsonify(
{
"status": "ok",
"date": date_str,
"mode": mode,
"paris_inseres": total_inseres,
"paris_mis_a_jour": maj,
}
), 200
except Exception as e:
return internal_error(str(e))
@ml_feedback_bp.route("/stats", methods=["GET"])
@jwt_required_middleware
@plan_required("premium", "pro")
def feedback_stats():
"""
Stats performances ML par stratégie.
---
tags:
- ML Feedback
summary: Stats paris ML par stratégie (premium+)
security:
- Bearer: []
parameters:
- name: date_debut
in: query
type: string
description: Date de début YYYY-MM-DD
- name: date_fin
in: query
type: string
description: Date de fin YYYY-MM-DD
responses:
200:
description: Stats par stratégie
401:
description: Token invalide
403:
description: Plan insuffisant (premium ou pro requis)
"""
date_debut = request.args.get("date_debut")
date_fin = request.args.get("date_fin")
# Validation optionnelle des dates
for d_str, label in [(date_debut, "date_debut"), (date_fin, "date_fin")]:
if d_str:
try:
datetime.strptime(d_str, "%Y-%m-%d")
except ValueError:
return bad_request(f"{label} invalide : {d_str}. Format : YYYY-MM-DD")
conn = get_db()
try:
import ml_feedback_saas
stats = ml_feedback_saas.get_feedback_stats(conn, date_debut, date_fin)
return jsonify(
{
"status": "ok",
"strategies": stats,
"filters": {
"date_debut": date_debut,
"date_fin": date_fin,
},
"total_strategies": len(stats),
}
), 200
except Exception as e:
return internal_error(str(e))
finally:
conn.close()

536
api_v1/routes/org.py Normal file
View File

@@ -0,0 +1,536 @@
#!/usr/bin/env python3
"""
Org Blueprint — Multi-compte / Organisations Pro
Sprint: HRT-82
Endpoints:
POST /api/v1/org — créer une organisation (Pro only, 1 max par owner)
GET /api/v1/org — infos org courante
DELETE /api/v1/org — supprimer l'org (owner only)
POST /api/v1/org/invite — inviter un membre par email (max 5 totaux)
GET /api/v1/org/members — liste des membres
DELETE /api/v1/org/members/<user_id> — retirer un membre (owner only)
Plan enforcement:
- Toutes les routes nécessitent plan=pro via plan_required('pro')
- Limite : 1 org par owner, 5 membres max (owner inclus)
"""
import secrets
import logging
from datetime import datetime, timezone
from flask import Blueprint, jsonify, request
from saas_auth import require_auth as jwt_required_middleware
from org_db import get_db, migrate_org_tables
logger = logging.getLogger("turf_saas.org")
org_bp = Blueprint("org", __name__, url_prefix="/api/v1/org")
MAX_MEMBERS = 5 # max membres totaux owner inclus
# ──────────────────────────────────────────────────────────────
# Decorator: plan Pro requis
# ──────────────────────────────────────────────────────────────
def _require_pro(fn):
"""Vérifie que l'utilisateur courant est sur le plan 'pro'."""
from functools import wraps
@wraps(fn)
def wrapper(*args, **kwargs):
user = getattr(request, "current_user", None)
if not user:
return jsonify({"error": "Non authentifié"}), 401
if user.get("plan") != "pro":
return jsonify(
{
"error": "Plan insuffisant",
"required": "pro",
"current_plan": user.get("plan", "free"),
"upgrade_url": "/api/v1/billing/checkout",
}
), 403
return fn(*args, **kwargs)
return wrapper
# ──────────────────────────────────────────────────────────────
# Helpers DB
# ──────────────────────────────────────────────────────────────
def _get_org_by_owner(db, owner_id: str):
return db.execute(
"SELECT * FROM organizations WHERE owner_id = ?", (owner_id,)
).fetchone()
def _get_org_by_id(db, org_id: str):
return db.execute("SELECT * FROM organizations WHERE id = ?", (org_id,)).fetchone()
def _get_member_org(db, user_id: str):
"""Retourne l'org dont user_id est membre (owner ou member)."""
row = db.execute(
"""SELECT o.* FROM organizations o
JOIN org_members m ON m.org_id = o.id
WHERE m.user_id = ?
LIMIT 1""",
(user_id,),
).fetchone()
return row
def _count_org_members(db, org_id: str) -> int:
row = db.execute(
"SELECT COUNT(*) AS cnt FROM org_members WHERE org_id = ?", (org_id,)
).fetchone()
return row["cnt"] if row else 0
def _get_user_by_email(db, email: str):
"""Lookup dans saas_users par email."""
return db.execute(
"SELECT * FROM saas_users WHERE email = ?", (email.lower().strip(),)
).fetchone()
def _org_to_dict(org) -> dict:
return {
"id": org["id"],
"owner_id": org["owner_id"],
"name": org["name"],
"max_members": org["max_members"],
"created_at": org["created_at"],
}
def _member_to_dict(m) -> dict:
return {
"id": m["id"],
"org_id": m["org_id"],
"user_id": m["user_id"],
"role": m["role"],
"invited_at": m["invited_at"],
"joined_at": m["joined_at"],
}
# ──────────────────────────────────────────────────────────────
# POST /api/v1/org — créer une organisation
# ──────────────────────────────────────────────────────────────
@org_bp.route("", methods=["POST"])
@jwt_required_middleware
@_require_pro
def create_org():
"""
Crée une organisation.
---
tags:
- Organisation
security:
- Bearer: []
requestBody:
required: true
content:
application/json:
schema:
type: object
required: [name]
properties:
name:
type: string
description: Nom de l'organisation (1-100 caractères)
responses:
201:
description: Organisation créée
400:
description: Paramètre manquant ou invalide
403:
description: Plan insuffisant
409:
description: L'utilisateur possède déjà une organisation
"""
user = request.current_user
owner_id = user["id"]
data = request.get_json(silent=True) or {}
name = (data.get("name") or "").strip()
if not name or len(name) > 100:
return jsonify({"error": "Le nom est requis (1-100 caractères)"}), 400
db = get_db()
try:
# 1 org max par owner
existing = _get_org_by_owner(db, owner_id)
if existing:
return jsonify(
{
"error": "Vous possédez déjà une organisation",
"org_id": existing["id"],
}
), 409
org_id = secrets.token_hex(16)
now = datetime.now(timezone.utc).isoformat()
db.execute(
"INSERT INTO organizations (id, owner_id, name, max_members, created_at) "
"VALUES (?, ?, ?, ?, ?)",
(org_id, owner_id, name, MAX_MEMBERS, now),
)
# Ajouter l'owner comme premier membre avec rôle 'owner'
db.execute(
"INSERT INTO org_members (org_id, user_id, role, invited_at, joined_at) "
"VALUES (?, ?, 'owner', ?, ?)",
(org_id, owner_id, now, now),
)
db.commit()
org = _get_org_by_id(db, org_id)
logger.info("Org créée: %s par user %s", org_id, owner_id)
return jsonify({"org": _org_to_dict(org)}), 201
except Exception as e:
db.rollback()
logger.error("create_org error: %s", e)
return jsonify({"error": "Erreur interne"}), 500
finally:
db.close()
# ──────────────────────────────────────────────────────────────
# GET /api/v1/org — infos org courante
# ──────────────────────────────────────────────────────────────
@org_bp.route("", methods=["GET"])
@jwt_required_middleware
@_require_pro
def get_org():
"""
Retourne l'organisation dont l'utilisateur est owner ou membre.
---
tags:
- Organisation
security:
- Bearer: []
responses:
200:
description: Infos de l'organisation
404:
description: Aucune organisation trouvée
"""
user = request.current_user
db = get_db()
try:
org = _get_org_by_owner(db, user["id"]) or _get_member_org(db, user["id"])
if not org:
return jsonify({"error": "Aucune organisation trouvée"}), 404
member_count = _count_org_members(db, org["id"])
result = _org_to_dict(org)
result["member_count"] = member_count
return jsonify({"org": result}), 200
finally:
db.close()
# ──────────────────────────────────────────────────────────────
# DELETE /api/v1/org — supprimer l'organisation
# ──────────────────────────────────────────────────────────────
@org_bp.route("", methods=["DELETE"])
@jwt_required_middleware
@_require_pro
def delete_org():
"""
Supprime l'organisation (owner uniquement).
---
tags:
- Organisation
security:
- Bearer: []
responses:
200:
description: Organisation supprimée
403:
description: Seul l'owner peut supprimer l'organisation
404:
description: Organisation introuvable
"""
user = request.current_user
db = get_db()
try:
org = _get_org_by_owner(db, user["id"])
if not org:
return jsonify({"error": "Vous n'êtes pas owner d'une organisation"}), 403
# CASCADE supprime org_members automatiquement (FK ON DELETE CASCADE)
db.execute("DELETE FROM organizations WHERE id = ?", (org["id"],))
db.commit()
logger.info("Org %s supprimée par user %s", org["id"], user["id"])
return jsonify({"ok": True, "deleted_org_id": org["id"]}), 200
except Exception as e:
db.rollback()
logger.error("delete_org error: %s", e)
return jsonify({"error": "Erreur interne"}), 500
finally:
db.close()
# ──────────────────────────────────────────────────────────────
# POST /api/v1/org/invite — inviter un membre par email
# ──────────────────────────────────────────────────────────────
@org_bp.route("/invite", methods=["POST"])
@jwt_required_middleware
@_require_pro
def invite_member():
"""
Invite un utilisateur dans l'organisation par email (owner uniquement).
Limite : 5 membres totaux (owner inclus).
---
tags:
- Organisation
security:
- Bearer: []
requestBody:
required: true
content:
application/json:
schema:
type: object
required: [email]
properties:
email:
type: string
description: Email de l'utilisateur à inviter
responses:
201:
description: Membre ajouté
400:
description: Paramètre manquant ou invalide
403:
description: Seul l'owner peut inviter / limite de membres atteinte
404:
description: Utilisateur introuvable ou organisation inexistante
409:
description: L'utilisateur est déjà membre
"""
user = request.current_user
data = request.get_json(silent=True) or {}
email = (data.get("email") or "").strip().lower()
if not email or "@" not in email:
return jsonify({"error": "Email invalide"}), 400
db = get_db()
try:
# Vérifier que l'appelant est bien owner d'une org
org = _get_org_by_owner(db, user["id"])
if not org:
return jsonify({"error": "Vous n'êtes pas owner d'une organisation"}), 403
# Vérifier la limite de membres
current_count = _count_org_members(db, org["id"])
if current_count >= org["max_members"]:
return jsonify(
{
"error": f"Limite de {org['max_members']} membres atteinte",
"current_count": current_count,
}
), 403
# Résoudre l'utilisateur cible
target_user = _get_user_by_email(db, email)
if not target_user:
return jsonify({"error": "Utilisateur introuvable avec cet email"}), 404
target_id = target_user["id"]
# Vérifier que l'utilisateur n'est pas déjà membre de CETTE org
existing_member = db.execute(
"SELECT id FROM org_members WHERE org_id = ? AND user_id = ?",
(org["id"], target_id),
).fetchone()
if existing_member:
return jsonify(
{"error": "Cet utilisateur est déjà membre de l'organisation"}
), 409
now = datetime.now(timezone.utc).isoformat()
db.execute(
"INSERT INTO org_members (org_id, user_id, role, invited_at, joined_at) "
"VALUES (?, ?, 'member', ?, ?)",
(org["id"], target_id, now, now),
)
db.commit()
member_row = db.execute(
"SELECT * FROM org_members WHERE org_id = ? AND user_id = ?",
(org["id"], target_id),
).fetchone()
logger.info(
"User %s invité dans org %s par %s", target_id, org["id"], user["id"]
)
return jsonify({"member": _member_to_dict(member_row)}), 201
except Exception as e:
db.rollback()
logger.error("invite_member error: %s", e)
return jsonify({"error": "Erreur interne"}), 500
finally:
db.close()
# ──────────────────────────────────────────────────────────────
# GET /api/v1/org/members — liste des membres
# ──────────────────────────────────────────────────────────────
@org_bp.route("/members", methods=["GET"])
@jwt_required_middleware
@_require_pro
def list_members():
"""
Liste les membres de l'organisation courante.
---
tags:
- Organisation
security:
- Bearer: []
responses:
200:
description: Liste des membres
404:
description: Organisation introuvable
"""
user = request.current_user
db = get_db()
try:
org = _get_org_by_owner(db, user["id"]) or _get_member_org(db, user["id"])
if not org:
return jsonify({"error": "Aucune organisation trouvée"}), 404
members = db.execute(
"SELECT m.*, u.email, u.firstname, u.lastname "
"FROM org_members m "
"LEFT JOIN saas_users u ON u.id = m.user_id "
"WHERE m.org_id = ? "
"ORDER BY m.invited_at ASC",
(org["id"],),
).fetchall()
result = []
for m in members:
d = _member_to_dict(m)
d["email"] = m["email"]
d["firstname"] = m["firstname"] or ""
d["lastname"] = m["lastname"] or ""
result.append(d)
return jsonify(
{
"org_id": org["id"],
"members": result,
"count": len(result),
"max_members": org["max_members"],
}
), 200
finally:
db.close()
# ──────────────────────────────────────────────────────────────
# DELETE /api/v1/org/members/<user_id> — retirer un membre
# ──────────────────────────────────────────────────────────────
@org_bp.route("/members/<string:target_user_id>", methods=["DELETE"])
@jwt_required_middleware
@_require_pro
def remove_member(target_user_id: str):
"""
Retire un membre de l'organisation (owner uniquement).
L'owner ne peut pas se retirer lui-même.
---
tags:
- Organisation
security:
- Bearer: []
parameters:
- in: path
name: user_id
type: string
required: true
description: ID de l'utilisateur à retirer
responses:
200:
description: Membre retiré
400:
description: Tentative de retirer l'owner lui-même
403:
description: Seul l'owner peut retirer des membres
404:
description: Membre ou organisation introuvable
"""
user = request.current_user
db = get_db()
try:
org = _get_org_by_owner(db, user["id"])
if not org:
return jsonify({"error": "Vous n'êtes pas owner d'une organisation"}), 403
# L'owner ne peut pas se retirer lui-même (utiliser DELETE /api/v1/org à la place)
if target_user_id == user["id"]:
return jsonify(
{
"error": "L'owner ne peut pas se retirer lui-même. "
"Utilisez DELETE /api/v1/org pour supprimer l'organisation."
}
), 400
member = db.execute(
"SELECT * FROM org_members WHERE org_id = ? AND user_id = ?",
(org["id"], target_user_id),
).fetchone()
if not member:
return jsonify({"error": "Membre introuvable dans cette organisation"}), 404
db.execute(
"DELETE FROM org_members WHERE org_id = ? AND user_id = ?",
(org["id"], target_user_id),
)
db.commit()
logger.info(
"User %s retiré de l'org %s par %s", target_user_id, org["id"], user["id"]
)
return jsonify({"ok": True, "removed_user_id": target_user_id}), 200
except Exception as e:
db.rollback()
logger.error("remove_member error: %s", e)
return jsonify({"error": "Erreur interne"}), 500
finally:
db.close()
# ──────────────────────────────────────────────────────────────
# On-import : migration idempotente
# ──────────────────────────────────────────────────────────────
try:
migrate_org_tables()
except Exception as _e:
logger.warning("org_db migration skipped (test env?): %s", _e)

85
api_v1/routes/predictions.py
View File

@@ -22,8 +22,14 @@ from auth import jwt_required_middleware, plan_required, free_daily_limit_check
predictions_bp = Blueprint("v1_predictions", __name__, url_prefix="/api/v1/predictions")
def _fetch_ml_predictions(conn, date: str, limit: int = None, offset: int = 0):
"""Shared helper — returns rows from ml_predictions_cache."""
def _fetch_ml_predictions(
conn, date: str, limit: int = None, offset: int = 0, include_weather: bool = False
):
"""Shared helper — returns rows from ml_predictions_cache.
include_weather=True adds terrain_condition and weather_impact columns
via LEFT JOIN on pmu_meteo (premium routes only).
"""
if not table_exists(conn, "ml_predictions_cache"):
return [], 0
@@ -33,13 +39,35 @@ def _fetch_ml_predictions(conn, date: str, limit: int = None, offset: int = 0):
).fetchone()
total = count_row["cnt"] if count_row else 0
sql = """SELECT
race_label, hippodrome, discipline, distance, heure,
horse_name, horse_number, odds, prob_top1, prob_top3,
ml_score, recommendation, is_value_bet, risque_label, risque_score
FROM ml_predictions_cache
WHERE date = ?
ORDER BY ml_score DESC"""
if (
include_weather
and table_exists(conn, "pmu_meteo")
and table_exists(conn, "pmu_courses")
):
sql = """SELECT
m.race_label, m.hippodrome, m.discipline, m.distance, m.heure,
m.horse_name, m.horse_number, m.odds, m.prob_top1, m.prob_top3,
m.ml_score, m.recommendation, m.is_value_bet, m.risque_label, m.risque_score,
c.penetrometre_intitule,
mt.nebulositecode, mt.nebulosite_court, mt.temperature, mt.force_vent
FROM ml_predictions_cache m
LEFT JOIN pmu_courses c
ON c.date_programme = m.date
AND c.num_reunion = m.num_reunion
AND c.num_course = m.num_course
LEFT JOIN pmu_meteo mt
ON mt.date_programme = m.date
AND mt.num_reunion = m.num_reunion
WHERE m.date = ?
ORDER BY m.ml_score DESC"""
else:
sql = """SELECT
race_label, hippodrome, discipline, distance, heure,
horse_name, horse_number, odds, prob_top1, prob_top3,
ml_score, recommendation, is_value_bet, risque_label, risque_score
FROM ml_predictions_cache
WHERE date = ?
ORDER BY ml_score DESC"""
params = [date]
if limit is not None:
@@ -47,7 +75,42 @@ def _fetch_ml_predictions(conn, date: str, limit: int = None, offset: int = 0):
params += [limit, offset]
rows = conn.execute(sql, params).fetchall()
return [dict(r) for r in rows], total
results = []
for r in rows:
row_dict = dict(r)
if include_weather:
# Compute derived fields from raw columns
penetrometre = row_dict.pop("penetrometre_intitule", None) or ""
# Import inline to avoid circular dependency at module level
from scoring_v2 import get_terrain_condition, compute_weather_impact
terrain_condition = (
get_terrain_condition(penetrometre) if penetrometre else "inconnu"
)
weather_data = None
if (
row_dict.get("nebulositecode") is not None
or row_dict.get("temperature") is not None
):
weather_data = {
"nebulositecode": row_dict.pop("nebulositecode", None),
"nebulosite_court": row_dict.pop("nebulosite_court", None),
"temperature": row_dict.pop("temperature", None),
"force_vent": row_dict.pop("force_vent", None),
}
else:
# Remove raw meteo columns even if NULL
row_dict.pop("nebulositecode", None)
row_dict.pop("nebulosite_court", None)
row_dict.pop("temperature", None)
row_dict.pop("force_vent", None)
weather_impact = compute_weather_impact(weather_data, terrain_condition)
row_dict["terrain_condition"] = terrain_condition
row_dict["weather_impact"] = weather_impact
results.append(row_dict)
return results, total
# ──────────────────────────────────────────────────────────────
@@ -145,7 +208,7 @@ def predictions_all():
conn = get_db()
try:
predictions, total = _fetch_ml_predictions(
conn, date_param, limit=limit, offset=offset
conn, date_param, limit=limit, offset=offset, include_weather=True
)
pagination = paginate_query(predictions, total, limit, offset)

10
api_v1/routes/user.py
View File

@@ -13,7 +13,15 @@ import sqlite3
from flask import Blueprint, jsonify, request
from api_v1.utils import internal_error, bad_request
from auth import jwt_required_middleware, plan_required
# Auth: try flask_jwt_extended (app_v1) first, fall back to saas_auth (portal_server)
try:
from auth import jwt_required_middleware
except ImportError:
from saas_auth import require_auth as jwt_required_middleware
try:
from auth import plan_required
except ImportError:
plan_required = lambda *a, **kw: (lambda f: f)
user_bp = Blueprint("v1_user", __name__, url_prefix="/api/v1/user")

81
api_v1/routes/valuebets.py
View File

@@ -53,7 +53,7 @@ def valuebets():
default: 0
responses:
200:
description: Value bets du jour
description: Value bets du jour avec météo et terrain (HRT-83)
401:
description: Token invalide
403:
@@ -69,7 +69,7 @@ def valuebets():
conn = get_db()
try:
rows = []
rows_raw = []
total = 0
if table_exists(conn, "ml_predictions_cache"):
@@ -81,18 +81,73 @@ def valuebets():
).fetchone()
total = count_row["cnt"] if count_row else 0
rows = conn.execute(
"""SELECT race_label, hippodrome, discipline, distance, heure,
horse_name, horse_number, odds, prob_top1, prob_top3,
ml_score, recommendation, risque_label, risque_score
FROM ml_predictions_cache
WHERE date = ? AND is_value_bet = 1 AND odds >= ?
ORDER BY ml_score DESC
LIMIT ? OFFSET ?""",
(date_param, min_odds, limit, offset),
).fetchall()
# LEFT JOIN pmu_courses (terrain) + pmu_meteo (météo) — HRT-83
has_courses = table_exists(conn, "pmu_courses")
has_meteo = table_exists(conn, "pmu_meteo")
if has_courses and has_meteo:
rows_raw = conn.execute(
"""SELECT m.race_label, m.hippodrome, m.discipline, m.distance, m.heure,
m.horse_name, m.horse_number, m.odds, m.prob_top1, m.prob_top3,
m.ml_score, m.recommendation, m.risque_label, m.risque_score,
c.penetrometre_intitule,
mt.nebulositecode, mt.nebulosite_court,
mt.temperature, mt.force_vent
FROM ml_predictions_cache m
LEFT JOIN pmu_courses c
ON c.date_programme = m.date
AND c.num_reunion = m.num_reunion
AND c.num_course = m.num_course
LEFT JOIN pmu_meteo mt
ON mt.date_programme = m.date
AND mt.num_reunion = m.num_reunion
WHERE m.date = ? AND m.is_value_bet = 1 AND m.odds >= ?
ORDER BY m.ml_score DESC
LIMIT ? OFFSET ?""",
(date_param, min_odds, limit, offset),
).fetchall()
else:
rows_raw = conn.execute(
"""SELECT race_label, hippodrome, discipline, distance, heure,
horse_name, horse_number, odds, prob_top1, prob_top3,
ml_score, recommendation, risque_label, risque_score
FROM ml_predictions_cache
WHERE date = ? AND is_value_bet = 1 AND odds >= ?
ORDER BY ml_score DESC
LIMIT ? OFFSET ?""",
(date_param, min_odds, limit, offset),
).fetchall()
from scoring_v2 import get_terrain_condition, compute_weather_impact
valuebets_list = []
for r in rows_raw:
row_dict = dict(r)
penetrometre = row_dict.pop("penetrometre_intitule", None) or ""
terrain_condition = (
get_terrain_condition(penetrometre) if penetrometre else "inconnu"
)
weather_data = None
if (
row_dict.get("nebulositecode") is not None
or row_dict.get("temperature") is not None
):
weather_data = {
"nebulositecode": row_dict.pop("nebulositecode", None),
"nebulosite_court": row_dict.pop("nebulosite_court", None),
"temperature": row_dict.pop("temperature", None),
"force_vent": row_dict.pop("force_vent", None),
}
else:
row_dict.pop("nebulositecode", None)
row_dict.pop("nebulosite_court", None)
row_dict.pop("temperature", None)
row_dict.pop("force_vent", None)
weather_impact = compute_weather_impact(weather_data, terrain_condition)
row_dict["terrain_condition"] = terrain_condition
row_dict["weather_impact"] = weather_impact
valuebets_list.append(row_dict)
valuebets_list = [dict(r) for r in rows]
pagination = paginate_query(valuebets_list, total, limit, offset)
return jsonify(

5
api_v1/utils.py
View File

@@ -16,8 +16,9 @@ DB_PATH = os.environ.get("TURF_SAAS_DB", "/home/h3r7/turf_saas/turf_saas.db")
def get_db():
"""Return a SQLite connection with Row factory."""
conn = sqlite3.connect(DB_PATH)
"""Return a SQLite connection with Row factory (reads TURF_SAAS_DB dynamically)."""
db_path = os.environ.get("TURF_SAAS_DB", DB_PATH)
conn = sqlite3.connect(db_path)
conn.row_factory = sqlite3.Row
return conn

6
auth_db.py
View File

@@ -8,11 +8,15 @@ HRT-79: migration Telegram columns
import sqlite3
import os
# NOTE: DB_PATH kept for backward compat, but get_db() reads env at call time
# so test isolation works correctly when TURF_SAAS_DB is set per-module.
DB_PATH = os.environ.get("TURF_SAAS_DB", "/home/h3r7/turf_saas/turf_saas.db")
def get_db():
conn = sqlite3.connect(DB_PATH)
# Read env dynamically so test overrides of TURF_SAAS_DB are respected
db_path = os.environ.get("TURF_SAAS_DB", DB_PATH)
conn = sqlite3.connect(db_path)
conn.row_factory = sqlite3.Row
return conn

190
dashboard_saas.html
View File

@@ -259,6 +259,7 @@
<a class="nav-item" id="nav-history" href="#history" onclick="showSection('history',this)"><span class="icon">📅</span> Historique <span class="plan-lock" id="lock-hist"></span></a>
<a class="nav-item" id="nav-export" href="#export" onclick="showSection('export',this)"><span class="icon">📤</span> Export CSV <span class="plan-lock" id="lock-export"></span></a>
<a class="nav-item" id="nav-metrics" href="#metrics" onclick="showSection('metrics',this)"><span class="icon">📈</span> Métriques</a>
<div class="nav-section">Paramètres</div>
<a class="nav-item" id="nav-telegram" href="#telegram" onclick="showSection('telegram',this)"><span class="icon">📱</span> Alertes Telegram <span class="plan-lock" id="lock-tg"></span></a>
<a class="nav-item" id="nav-api-token" href="#api-token" onclick="showSection('api-token',this)"><span class="icon"></span> API Token <span class="plan-lock" id="lock-api"></span></a>
@@ -753,11 +754,59 @@
</div>
</div>
<!-- ═══════════════════════════════════════════════════════ METRICS -->
<div id="section-metrics" class="dashboard-section" style="display:none">
<div class="section-header">
<h2>📈 Métriques de performance</h2>
<div style="display:flex;gap:8px;align-items:center">
<select id="metrics-days" style="background:var(--dark3);color:var(--text);border:1px solid var(--border);border-radius:6px;padding:4px 10px;font-size:.85rem" onchange="loadMetrics()">
<option value="7">7 jours</option>
<option value="30" selected>30 jours</option>
<option value="90">90 jours</option>
<option value="365">365 jours</option>
</select>
<button class="btn btn-sm" onclick="loadMetrics()" style="padding:4px 14px;font-size:.85rem">🔄 Rafraîchir</button>
</div>
</div>
<!-- KPI cards -->
<div class="stats-grid" id="metrics-kpis" style="margin-bottom:20px">
<div class="stat-card"><div class="stat-label">Total paris</div><div class="stat-value" id="m-total-bets"></div></div>
<div class="stat-card"><div class="stat-label">Précision</div><div class="stat-value" id="m-precision" style="color:var(--green)"></div></div>
<div class="stat-card"><div class="stat-label">ROI</div><div class="stat-value" id="m-roi"></div></div>
<div class="stat-card"><div class="stat-label">Mise totale</div><div class="stat-value" id="m-mise"></div></div>
<div class="stat-card"><div class="stat-label">Gain total</div><div class="stat-value" id="m-gain"></div></div>
<div class="stat-card"><div class="stat-label">Prédictions ML</div><div class="stat-value" id="m-ml-preds"></div></div>
<div class="stat-card"><div class="stat-label">Value Bets ML</div><div class="stat-value" id="m-value-bets"></div></div>
<div class="stat-card"><div class="stat-label">Prob. Top-3 moy.</div><div class="stat-value" id="m-prob-top3"></div></div>
</div>
<!-- Charts row -->
<div style="display:grid;grid-template-columns:1fr 1fr;gap:16px;margin-bottom:16px">
<div class="form-card" style="padding:16px">
<h3 style="font-size:.9rem;margin-bottom:12px">📊 ROI & Précision quotidiens</h3>
<canvas id="chart-roi-daily" height="200"></canvas>
</div>
<div class="form-card" style="padding:16px">
<h3 style="font-size:.9rem;margin-bottom:12px">💰 Cumul gains vs mises</h3>
<canvas id="chart-cumul" height="200"></canvas>
</div>
</div>
<!-- Daily stats table -->
<div class="form-card">
<h3 style="font-size:.9rem;margin-bottom:12px">📋 Détail quotidien</h3>
<div id="metrics-table-wrap" style="overflow-x:auto">
<div class="loader-row"><div class="spinner"></div> Chargement…</div>
</div>
</div>
</div>
</div><!-- .content -->
</div><!-- .main -->
<div id="toast"></div>
<script src="https://cdn.jsdelivr.net/npm/chart.js@4.4.0/dist/chart.umd.min.js"></script>
<script>
const API = '/api/v1';
let currentUser = null;
@@ -793,7 +842,11 @@ function logout() {
location.href = '/login';
}
// ⚠️ TEST_MODE — mettre false pour réactiver les restrictions de plan
const TEST_MODE = true;
function planLevel(plan) {
if (TEST_MODE) return 2; // pro level pour tous
return { free: 0, premium: 1, pro: 2 }[plan] || 0;
}
@@ -830,6 +883,7 @@ const SECTION_TITLES = {
'api-token': 'API Token',
'webhook': 'Webhook',
'multi-account': 'Multi-compte',
'metrics': 'Métriques de performance',
};
function showSection(name, navEl) {
@@ -856,6 +910,7 @@ function onSectionShow(name) {
if (name === 'api-token' && planAllows(currentPlan, 'premium')) loadApiToken();
if (name === 'webhook' && planAllows(currentPlan, 'pro')) loadWebhook();
if (name === 'multi-account' && planAllows(currentPlan, 'pro')) loadMultiAccount();
if (name === 'metrics') loadMetrics();
}
// ────────────────────────────────────────────────────────
@@ -1525,6 +1580,7 @@ function initNavFromHash() {
'api-token': 'nav-api-token',
'webhook': 'nav-webhook',
'multi-account': 'nav-multi-account',
'metrics': 'nav-metrics',
};
if (hash && sectionMap[hash]) {
setTimeout(() => {
@@ -1545,6 +1601,140 @@ window.showSection = function(name, navEl) {
return _origShowSection(name, navEl);
};
// ────────────────────────────────────────────────────────
// Métriques
// ────────────────────────────────────────────────────────
let chartRoiDaily = null;
let chartCumul = null;
async function loadMetrics() {
const days = document.getElementById('metrics-days')?.value || 30;
const data = await fetchJson(`${API}/metrics?days=${days}`);
if (!data) return;
// KPIs
const bm = data.bet_metrics || {};
const ml = data.ml_metrics || {};
setText('m-total-bets', bm.available ? bm.total_bets : '—');
setText('m-precision', bm.available ? bm.precision_pct + ' %' : '—');
const roi = bm.available ? bm.roi_pct : null;
const roiEl = document.getElementById('m-roi');
if (roiEl) {
roiEl.textContent = roi !== null ? roi + ' %' : '—';
roiEl.style.color = roi > 0 ? 'var(--green)' : roi < 0 ? '#f44' : 'var(--text)';
}
setText('m-mise', bm.available ? bm.mise_totale + ' €' : '—');
setText('m-gain', bm.available ? bm.gain_total + ' €' : '—');
setText('m-ml-preds', ml.available ? ml.total_predictions : '—');
setText('m-value-bets', ml.available ? ml.value_bets : '—');
setText('m-prob-top3', ml.available ? (ml.avg_prob_top3 * 100).toFixed(1) + ' %' : '—');
// Daily charts
const daily = data.daily || [];
const labels = daily.map(r => r.date ? r.date.slice(5) : '').reverse();
const roiArr = daily.map(r => r.roi_pct || 0).reverse();
const precArr = daily.map(r => r.precision_pct || 0).reverse();
const gainArr = daily.map(r => r.gain_total || 0).reverse();
const miseArr = daily.map(r => r.mise_totale || 0).reverse();
// Cumul gains
const cumulGain = gainArr.reduce((acc, v, i) => { acc.push((acc[i-1]||0) + v); return acc; }, []);
const cumulMise = miseArr.reduce((acc, v, i) => { acc.push((acc[i-1]||0) + v); return acc; }, []);
renderChartRoi(labels, roiArr, precArr);
renderChartCumul(labels, cumulGain, cumulMise);
// Table
renderMetricsTable(daily);
}
function setText(id, val) {
const el = document.getElementById(id);
if (el) el.textContent = val;
}
function renderChartRoi(labels, roiArr, precArr) {
const ctx = document.getElementById('chart-roi-daily');
if (!ctx) return;
if (chartRoiDaily) chartRoiDaily.destroy();
chartRoiDaily = new Chart(ctx, {
type: 'bar',
data: {
labels,
datasets: [
{ label: 'ROI %', data: roiArr, backgroundColor: roiArr.map(v => v >= 0 ? 'rgba(0,200,83,.6)' : 'rgba(244,67,54,.6)'), yAxisID: 'y' },
{ label: 'Précision %', data: precArr, type: 'line', borderColor: '#ffd600', backgroundColor: 'transparent', tension: 0.3, yAxisID: 'y2', pointRadius: 2 }
]
},
options: {
responsive: true, maintainAspectRatio: true,
plugins: { legend: { labels: { color: '#ccc', font: { size: 11 } } } },
scales: {
x: { ticks: { color: '#888', maxTicksLimit: 10 }, grid: { color: 'rgba(255,255,255,.05)' } },
y: { ticks: { color: '#888' }, grid: { color: 'rgba(255,255,255,.05)' } },
y2: { position: 'right', ticks: { color: '#ffd600' }, grid: { display: false } }
}
}
});
}
function renderChartCumul(labels, cumulGain, cumulMise) {
const ctx = document.getElementById('chart-cumul');
if (!ctx) return;
if (chartCumul) chartCumul.destroy();
chartCumul = new Chart(ctx, {
type: 'line',
data: {
labels,
datasets: [
{ label: 'Gain cumulé (€)', data: cumulGain, borderColor: '#00c853', backgroundColor: 'rgba(0,200,83,.1)', fill: true, tension: 0.3, pointRadius: 2 },
{ label: 'Mise cumulée (€)', data: cumulMise, borderColor: '#aaa', backgroundColor: 'transparent', borderDash: [4,4], tension: 0.3, pointRadius: 0 }
]
},
options: {
responsive: true, maintainAspectRatio: true,
plugins: { legend: { labels: { color: '#ccc', font: { size: 11 } } } },
scales: {
x: { ticks: { color: '#888', maxTicksLimit: 10 }, grid: { color: 'rgba(255,255,255,.05)' } },
y: { ticks: { color: '#888' }, grid: { color: 'rgba(255,255,255,.05)' } }
}
}
});
}
function renderMetricsTable(daily) {
const wrap = document.getElementById('metrics-table-wrap');
if (!wrap) return;
if (!daily.length) {
wrap.innerHTML = '<p style="color:var(--muted);padding:12px">Aucune donnée disponible pour cette période.</p>';
return;
}
const rows = daily.map(r => `
<tr>
<td>${r.date || '—'}</td>
<td>${r.total_bets ?? '—'}</td>
<td>${r.bets_gagne ?? '—'}</td>
<td style="color:${(r.precision_pct||0)>50?'var(--green)':'var(--text)'}">${r.precision_pct != null ? r.precision_pct.toFixed(1)+' %' : '—'}</td>
<td style="color:${(r.roi_pct||0)>0?'var(--green)':'#f44'}">${r.roi_pct != null ? (r.roi_pct>0?'+':'')+r.roi_pct.toFixed(2)+' %' : '—'}</td>
<td>${r.mise_totale != null ? r.mise_totale.toFixed(2)+' €' : '—'}</td>
<td style="color:${(r.gain_total||0)>0?'var(--green)':'#f44'}">${r.gain_total != null ? (r.gain_total>0?'+':'')+r.gain_total.toFixed(2)+' €' : '—'}</td>
</tr>`).join('');
wrap.innerHTML = `
<table style="width:100%;border-collapse:collapse;font-size:.85rem">
<thead><tr style="color:var(--muted);border-bottom:1px solid var(--border)">
<th style="padding:6px 8px;text-align:left">Date</th>
<th style="padding:6px 8px;text-align:left">Paris</th>
<th style="padding:6px 8px;text-align:left">Gagnés</th>
<th style="padding:6px 8px;text-align:left">Précision</th>
<th style="padding:6px 8px;text-align:left">ROI</th>
<th style="padding:6px 8px;text-align:left">Mise</th>
<th style="padding:6px 8px;text-align:left">Gain</th>
</tr></thead>
<tbody>${rows}</tbody>
</table>`;
}
loadDashboard().then(initNavFromHash);
</script>
</body>

55
leadhunter_api.py
View File

@@ -30,7 +30,9 @@ from leadhunter_crm import (
insert_leads,
get_leads,
get_lead_by_id,
update_lead,
update_lead_status,
delete_lead,
get_stats,
export_csv,
VALID_STATUSES,
@@ -285,6 +287,59 @@ def api_update_status(lead_id: int):
)
@app.route("/api/leads/<int:lead_id>", methods=["GET"])
def api_get_lead(lead_id: int):
"""
Retourne le detail d'un lead par son ID.
Returns:
JSON avec les informations completes du lead, ou 404.
"""
lead = get_lead_by_id(lead_id)
if not lead:
return jsonify({"error": f"Lead id={lead_id} introuvable"}), 404
return jsonify(lead)
@app.route("/api/leads/<int:lead_id>", methods=["PUT"])
def api_put_lead(lead_id: int):
"""
Met a jour completement un lead.
Body JSON : dict avec les champs a mettre a jour.
"""
body = request.get_json(silent=True)
if not body:
return jsonify({"error": "Body JSON requis"}), 400
lead = get_lead_by_id(lead_id)
if not lead:
return jsonify({"error": f"Lead id={lead_id} introuvable"}), 404
success = update_lead(lead_id, body)
if not success:
return jsonify({"error": "Mise a jour echouee"}), 500
updated_lead = get_lead_by_id(lead_id)
return jsonify({"success": True, "lead": updated_lead})
@app.route("/api/leads/<int:lead_id>", methods=["DELETE"])
def api_delete_lead(lead_id: int):
"""
Supprime un lead physiquement.
"""
lead = get_lead_by_id(lead_id)
if not lead:
return jsonify({"error": f"Lead id={lead_id} introuvable"}), 404
success = delete_lead(lead_id)
if not success:
return jsonify({"error": "Suppression echouee"}), 500
return jsonify({"success": True, "lead_id": lead_id, "deleted": True})
@app.route("/health", methods=["GET"])
def health():
"""Healthcheck pour systemd / monitoring."""

91
leadhunter_crm.py
View File

@@ -52,8 +52,24 @@ if not logger.handlers:
# ─── Chemin DB ───────────────────────────────────────────────────────────────
DB_PATH = "/home/h3r7/leadhunter.db"
# Statuts valides pour un lead
VALID_STATUSES = {"new", "contacted", "closed", "rejected"}
# Statuts valides pour un lead (7 etapes Kanban)
VALID_STATUSES = {
"nouveau", # NOUVEAU
"contacte", # CONTACTÉ
"interesse", # INTÉRESSÉ
"demo_planifiee", # DÉMO PLANIFIÉE
"proposition_envoyee", # PROPOSITION ENVOYÉE
"negotiation", # NÉGOCIATION
"signe_ou_refuse", # SIGNÉ / REFUSÉ
}
# Mapping des anciens statuts vers les nouveaux (pour migration)
LEGACY_STATUS_MAP = {
"new": "nouveau",
"contacted": "contacte",
"closed": "signe_ou_refuse",
"rejected": "signe_ou_refuse",
}
# ─── Initialisation ──────────────────────────────────────────────────────────
@@ -212,6 +228,77 @@ def get_lead_by_id(lead_id: int, db_path: str = DB_PATH) -> Optional[dict]:
return None
def update_lead(lead_id: int, data: dict, db_path: str = DB_PATH) -> bool:
"""
Met à jour un lead avec les champs fournis.
Args:
lead_id: id du lead.
data: dict avec les champs a mettre a jour (name, address, phone, etc.)
Returns:
True si mise a jour reussie, False sinon.
"""
allowed_fields = {
"name",
"address",
"phone",
"rating",
"reviews_count",
"website",
"score",
"rgpd_ok",
"status",
}
fields_to_update = {k: v for k, v in data.items() if k in allowed_fields}
if not fields_to_update:
logger.warning(
f"update_lead : aucun champ valide fourni pour lead_id={lead_id}"
)
return False
if (
"status" in fields_to_update
and fields_to_update["status"] not in VALID_STATUSES
):
logger.warning(f"update_lead : statut invalide '{fields_to_update['status']}'")
return False
try:
with _get_conn(db_path) as conn:
set_clause = ", ".join([f"{k} = ?" for k in fields_to_update])
values = list(fields_to_update.values()) + [lead_id]
conn.execute(f"UPDATE leads SET {set_clause} WHERE id = ?", values)
logger.info(
f"Lead id={lead_id} mis a jour : {list(fields_to_update.keys())}"
)
return True
except Exception as e:
logger.warning(f"update_lead error : {e}")
return False
def delete_lead(lead_id: int, db_path: str = DB_PATH) -> bool:
"""
Supprime un lead physiquement.
Args:
lead_id: id du lead a supprimer.
Returns:
True si suppression reussie, False sinon.
"""
try:
with _get_conn(db_path) as conn:
conn.execute("DELETE FROM leads WHERE id = ?", (lead_id,))
logger.info(f"Lead id={lead_id} supprime")
return True
except Exception as e:
logger.warning(f"delete_lead error : {e}")
return False
def update_lead_status(lead_id: int, status: str, db_path: str = DB_PATH) -> bool:
"""
Met à jour le statut d'un lead.

600
ml_feedback_saas.py Normal file
View File

@@ -0,0 +1,600 @@
#!/usr/bin/env python3
"""
ml_feedback_saas.py — Feedback loop ML pour turf_saas.
Enregistre les paris virtuels XGBoost depuis ml_predictions_cache
et met à jour les résultats/dividendes depuis pmu_partants + pmu_rapports.
DB cible : /home/h3r7/turf_saas/turf_saas.db
Stratégies :
A) xgboost_sg : simple_gagnant — top1 ML par course, ml_score >= 70, mise 1€
B) xgboost_value : simple_gagnant — is_value_bet = 1, mise 1€
C) xgboost_sp : simple_place — top1 ML par course, ml_score >= 50, mise 1€
D) xgboost_2sur4 : deux_sur_quatre — top4 ML par course, 6 combos x 1€ = mise 6€
Usage :
python3 ml_feedback_saas.py # Traite aujourd'hui
python3 ml_feedback_saas.py --backfill 2026-04-25
python3 ml_feedback_saas.py --date 2026-04-25
"""
import sqlite3
import sys
import logging
import os
from datetime import datetime, timedelta
DB_PATH = "/home/h3r7/turf_saas/turf_saas.db"
os.makedirs("/home/h3r7/turf_saas/logs", exist_ok=True)
logging.basicConfig(
level=logging.INFO,
format="%(asctime)s [ml_feedback_saas] %(levelname)s %(message)s",
handlers=[
logging.FileHandler("/home/h3r7/turf_saas/logs/ml_feedback_saas.log"),
logging.StreamHandler(),
],
)
log = logging.getLogger(__name__)
# ─────────────────────────────────────────────────────────
# UTILITAIRES
# ─────────────────────────────────────────────────────────
def get_db():
conn = sqlite3.connect(DB_PATH)
conn.row_factory = sqlite3.Row
return conn
def pari_existe(cursor, date, num_reunion, num_course, numero1, type_pari, source_reco):
"""Vérifie si un pari identique existe déjà (idempotence)."""
cursor.execute(
"""
SELECT id FROM paris
WHERE date_course = ? AND source_reco = ?
AND type_pari = ? AND numero1 = ?
AND race_label = ?
""",
(date, source_reco, type_pari, numero1, f"R{num_reunion}C{num_course}"),
)
return cursor.fetchone() is not None
def pari_2sur4_existe(cursor, date, num_reunion, num_course, source_reco):
"""Vérifie si un pari 2sur4 existe déjà pour cette course."""
cursor.execute(
"""
SELECT id FROM paris
WHERE date_course = ? AND source_reco = ?
AND race_label = ?
""",
(date, source_reco, f"R{num_reunion}C{num_course}"),
)
return cursor.fetchone() is not None
def get_top_ml_par_course(cursor, date, n=4, min_score=0):
"""Retourne les n meilleurs chevaux ML par course pour une date."""
cursor.execute(
"""
SELECT num_reunion, num_course, horse_name, horse_number,
ml_score, odds, recommendation, is_value_bet,
race_label, race_name, hippodrome, heure,
discipline, distance
FROM ml_predictions_cache
WHERE date = ?
AND ml_score >= ?
ORDER BY num_reunion, num_course, ml_score DESC
""",
(date, min_score),
)
rows = cursor.fetchall()
courses = {}
for r in rows:
key = (r["num_reunion"], r["num_course"])
if key not in courses:
courses[key] = []
if len(courses[key]) < n:
courses[key].append(dict(r))
return courses
# ─────────────────────────────────────────────────────────
# STRATÉGIE A — Simple Gagnant top1 ML (score >= 70)
# ─────────────────────────────────────────────────────────
def save_ml_paris_sg(conn, date):
"""Insère 1 pari simple_gagnant par course : top1 ML avec ml_score >= 70."""
cursor = conn.cursor()
courses = get_top_ml_par_course(cursor, date, n=1, min_score=70)
inseres = 0
for (num_reunion, num_course), chevaux in courses.items():
cheval = chevaux[0]
if pari_existe(
cursor,
date,
num_reunion,
num_course,
cheval["horse_number"],
"simple_gagnant",
"xgboost_sg",
):
continue
cursor.execute(
"""
INSERT INTO paris
(date_pari, date_course, race_name, race_label, hippodrome,
type_pari, chevaux, cheval1, numero1, cote, mise,
statut, gain, source_reco, model_source)
VALUES (?, ?, ?, ?, ?, 'simple_gagnant', ?, ?, ?, ?, 1.0,
'EN_ATTENTE', 0.0, 'xgboost_sg', 'xgboost_v1')
""",
(
date,
date,
cheval.get("race_name") or "",
f"R{num_reunion}C{num_course}",
cheval.get("hippodrome") or "",
cheval["horse_name"],
cheval["horse_name"],
cheval["horse_number"],
cheval["odds"],
),
)
inseres += 1
conn.commit()
log.info(f"[SG] {date}{inseres} paris simple_gagnant insérés (score>=70)")
return inseres
# ─────────────────────────────────────────────────────────
# STRATÉGIE B — Value Bet (is_value_bet = 1)
# ─────────────────────────────────────────────────────────
def save_ml_paris_value(conn, date):
"""Insère 1 pari simple_gagnant pour chaque cheval is_value_bet=1."""
cursor = conn.cursor()
cursor.execute(
"""
SELECT num_reunion, num_course, horse_name, horse_number,
ml_score, odds, race_label, race_name, hippodrome
FROM ml_predictions_cache
WHERE date = ? AND is_value_bet = 1
ORDER BY num_reunion, num_course, ml_score DESC
""",
(date,),
)
rows = [dict(r) for r in cursor.fetchall()]
inseres = 0
for r in rows:
if pari_existe(
cursor,
date,
r["num_reunion"],
r["num_course"],
r["horse_number"],
"simple_gagnant",
"xgboost_value",
):
continue
cursor.execute(
"""
INSERT INTO paris
(date_pari, date_course, race_name, race_label, hippodrome,
type_pari, chevaux, cheval1, numero1, cote, mise,
statut, gain, source_reco, model_source)
VALUES (?, ?, ?, ?, ?, 'simple_gagnant', ?, ?, ?, ?, 1.0,
'EN_ATTENTE', 0.0, 'xgboost_value', 'xgboost_v1')
""",
(
date,
date,
r.get("race_name") or "",
r.get("race_label") or f"R{r['num_reunion']}C{r['num_course']}",
r.get("hippodrome") or "",
r["horse_name"],
r["horse_name"],
r["horse_number"],
r["odds"],
),
)
inseres += 1
conn.commit()
log.info(f"[VALUE] {date}{inseres} paris value_bet insérés")
return inseres
# ─────────────────────────────────────────────────────────
# STRATÉGIE C — Simple Placé top1 ML (score >= 50)
# ─────────────────────────────────────────────────────────
def save_ml_paris_sp(conn, date):
"""Insère 1 pari simple_place par course : top1 ML avec ml_score >= 50."""
cursor = conn.cursor()
courses = get_top_ml_par_course(cursor, date, n=1, min_score=50)
inseres = 0
for (num_reunion, num_course), chevaux in courses.items():
cheval = chevaux[0]
if pari_existe(
cursor,
date,
num_reunion,
num_course,
cheval["horse_number"],
"simple_place",
"xgboost_sp",
):
continue
cursor.execute(
"""
INSERT INTO paris
(date_pari, date_course, race_name, race_label, hippodrome,
type_pari, chevaux, cheval1, numero1, cote, mise,
statut, gain, source_reco, model_source)
VALUES (?, ?, ?, ?, ?, 'simple_place', ?, ?, ?, ?, 1.0,
'EN_ATTENTE', 0.0, 'xgboost_sp', 'xgboost_v1')
""",
(
date,
date,
cheval.get("race_name") or "",
f"R{num_reunion}C{num_course}",
cheval.get("hippodrome") or "",
cheval["horse_name"],
cheval["horse_name"],
cheval["horse_number"],
cheval["odds"],
),
)
inseres += 1
conn.commit()
log.info(f"[SP] {date}{inseres} paris simple_place insérés (score>=50)")
return inseres
# ─────────────────────────────────────────────────────────
# STRATÉGIE D — 2sur4 top4 ML (6 combinaisons x 1€)
# ─────────────────────────────────────────────────────────
def save_ml_paris_2sur4(conn, date):
"""Insère 1 pari deux_sur_quatre par course : top4 ML, mise 6€."""
cursor = conn.cursor()
courses = get_top_ml_par_course(cursor, date, n=4, min_score=0)
inseres = 0
for (num_reunion, num_course), chevaux in courses.items():
if len(chevaux) < 4:
continue
if pari_2sur4_existe(cursor, date, num_reunion, num_course, "xgboost_2sur4"):
continue
top4 = chevaux[:4]
nums = [str(c["horse_number"]) for c in top4]
noms = [c["horse_name"] for c in top4]
chevaux_str = "/".join(noms)
cursor.execute(
"""
INSERT INTO paris
(date_pari, date_course, race_name, race_label, hippodrome,
type_pari, chevaux, cheval1, numero1, cote, mise,
statut, gain, source_reco, model_source, commentaire)
VALUES (?, ?, ?, ?, ?, 'deux_sur_quatre', ?, ?, ?, 0.0, 6.0,
'EN_ATTENTE', 0.0, 'xgboost_2sur4', 'xgboost_v1', ?)
""",
(
date,
date,
top4[0].get("race_name") or "",
f"R{num_reunion}C{num_course}",
top4[0].get("hippodrome") or "",
chevaux_str,
top4[0]["horse_name"],
top4[0]["horse_number"],
f"top4 ML: {'/'.join(nums)}",
),
)
inseres += 1
conn.commit()
log.info(f"[2S4] {date}{inseres} paris deux_sur_quatre insérés")
return inseres
# ─────────────────────────────────────────────────────────
# UPDATE RÉSULTATS + DIVIDENDES
# ─────────────────────────────────────────────────────────
def update_ml_paris_results(conn, date):
"""
Met à jour statut + gain (dividende PMU réel) pour tous les paris ML EN_ATTENTE.
Sources: pmu_partants (ordre_arrivee) + pmu_rapports (dividende_euro).
"""
cursor = conn.cursor()
cursor.execute(
"""
SELECT id, race_label, type_pari, numero1, chevaux, mise, source_reco, commentaire
FROM paris
WHERE date_course = ? AND statut = 'EN_ATTENTE'
AND source_reco LIKE 'xgboost%'
""",
(date,),
)
paris = [dict(r) for r in cursor.fetchall()]
if not paris:
log.info(f"[UPDATE] {date} → aucun pari ML EN_ATTENTE")
return 0
maj = 0
for pari in paris:
pari_id = pari["id"]
race_label = pari["race_label"] or ""
type_pari = pari["type_pari"]
numero1 = pari["numero1"]
mise = pari["mise"]
# Extraire num_reunion / num_course depuis le race_label "R{r}C{c}"
try:
parts = race_label.replace("R", "").split("C")
num_reunion = int(parts[0])
num_course = int(parts[1])
except Exception:
log.warning(f"[UPDATE] race_label invalide : {race_label}")
continue
if type_pari == "simple_gagnant":
cursor.execute(
"""
SELECT ordre_arrivee FROM pmu_partants
WHERE date_programme = ? AND num_reunion = ?
AND num_course = ? AND num_pmu = ?
""",
(date, num_reunion, num_course, numero1),
)
row = cursor.fetchone()
if not row or row["ordre_arrivee"] is None or row["ordre_arrivee"] == 0:
continue
gagne = row["ordre_arrivee"] == 1
gain = 0.0
if gagne:
cursor.execute(
"""
SELECT dividende_euro FROM pmu_rapports
WHERE date_programme = ? AND num_reunion = ?
AND num_course = ? AND type_pari = 'SIMPLE_GAGNANT'
AND CAST(combinaison AS INTEGER) = ?
AND libelle NOT LIKE '%NP%'
""",
(date, num_reunion, num_course, numero1),
)
div = cursor.fetchone()
gain = div["dividende_euro"] if div and div["dividende_euro"] else 0.0
cursor.execute(
"UPDATE paris SET statut=?, gain=? WHERE id=?",
("GAGNE" if gagne else "PERDU", gain, pari_id),
)
maj += 1
elif type_pari == "simple_place":
cursor.execute(
"""
SELECT ordre_arrivee FROM pmu_partants
WHERE date_programme = ? AND num_reunion = ?
AND num_course = ? AND num_pmu = ?
""",
(date, num_reunion, num_course, numero1),
)
row = cursor.fetchone()
if not row or not row["ordre_arrivee"]:
continue
gagne = 1 <= row["ordre_arrivee"] <= 3
gain = 0.0
if gagne:
cursor.execute(
"""
SELECT dividende_euro FROM pmu_rapports
WHERE date_programme = ? AND num_reunion = ?
AND num_course = ? AND type_pari = 'SIMPLE_PLACE'
AND CAST(combinaison AS INTEGER) = ?
AND libelle NOT LIKE '%NP%'
""",
(date, num_reunion, num_course, numero1),
)
div = cursor.fetchone()
gain = div["dividende_euro"] if div and div["dividende_euro"] else 0.0
cursor.execute(
"UPDATE paris SET statut=?, gain=? WHERE id=?",
("GAGNE" if gagne else "PERDU", gain, pari_id),
)
maj += 1
elif type_pari == "deux_sur_quatre":
# Récupère les 4 numéros depuis commentaire "top4 ML: n1/n2/n3/n4"
try:
nums_str = (
pari["commentaire"].split(": ")[1]
if pari.get("commentaire")
else ""
)
nums_top4 = [int(n) for n in nums_str.split("/") if n.strip().isdigit()]
except Exception:
nums_top4 = []
if len(nums_top4) < 4:
# Fallback : reconstituer top4 depuis ml_predictions_cache
cursor.execute(
"""
SELECT horse_number FROM ml_predictions_cache
WHERE date = ? AND num_reunion = ? AND num_course = ?
ORDER BY ml_score DESC LIMIT 4
""",
(date, num_reunion, num_course),
)
nums_top4 = [r["horse_number"] for r in cursor.fetchall()]
if len(nums_top4) < 2:
continue
cursor.execute(
"""
SELECT combinaison, dividende_euro FROM pmu_rapports
WHERE date_programme = ? AND num_reunion = ?
AND num_course = ? AND type_pari = 'DEUX_SUR_QUATRE'
AND libelle NOT LIKE '%NP%'
""",
(date, num_reunion, num_course),
)
rapports = [dict(r) for r in cursor.fetchall()]
gain_total = 0.0
for rap in rapports:
try:
n1, n2 = [int(x) for x in rap["combinaison"].split("-")]
except Exception:
continue
if n1 in nums_top4 and n2 in nums_top4:
gain_total += rap["dividende_euro"]
gagne = gain_total > 0
cursor.execute(
"UPDATE paris SET statut=?, gain=? WHERE id=?",
("GAGNE" if gagne else "PERDU", round(gain_total, 2), pari_id),
)
maj += 1
conn.commit()
log.info(f"[UPDATE] {date}{maj}/{len(paris)} paris ML mis à jour")
return maj
# ─────────────────────────────────────────────────────────
# STATS PAR STRATÉGIE
# ─────────────────────────────────────────────────────────
def get_feedback_stats(conn, date_debut=None, date_fin=None):
"""Stats performances ML par stratégie (source_reco)."""
cursor = conn.cursor()
cursor.execute(
"""
SELECT source_reco,
COUNT(*) as n_paris,
SUM(CASE WHEN statut='GAGNE' THEN 1 ELSE 0 END) as n_gagne,
SUM(CASE WHEN statut='PERDU' THEN 1 ELSE 0 END) as n_perdu,
SUM(CASE WHEN statut='EN_ATTENTE' THEN 1 ELSE 0 END) as n_attente,
ROUND(100.0 * SUM(CASE WHEN statut='GAGNE' THEN 1 ELSE 0 END)
/ NULLIF(SUM(CASE WHEN statut IN ('GAGNE','PERDU') THEN 1 ELSE 0 END), 0), 1) as win_rate_pct,
ROUND(SUM(gain), 2) as gain_total,
ROUND(SUM(mise), 2) as mise_totale,
ROUND(SUM(gain) - SUM(mise), 2) as roi_net
FROM paris
WHERE source_reco LIKE 'xgboost%'
AND (:debut IS NULL OR date_course >= :debut)
AND (:fin IS NULL OR date_course <= :fin)
GROUP BY source_reco
ORDER BY source_reco
""",
{"debut": date_debut, "fin": date_fin},
)
return [dict(r) for r in cursor.fetchall()]
# ─────────────────────────────────────────────────────────
# PIPELINE COMPLET
# ─────────────────────────────────────────────────────────
def run(date):
"""Enregistre les paris ML du jour + met à jour les résultats de J-1."""
conn = get_db()
log.info(f"=== ml_feedback_saas.run({date}) ===")
# 1. Enregistre les paris ML pour la date (depuis le cache du jour)
sg = save_ml_paris_sg(conn, date)
vb = save_ml_paris_value(conn, date)
sp = save_ml_paris_sp(conn, date)
s4 = save_ml_paris_2sur4(conn, date)
log.info(f"[SAVE] {date} → total insérés : SG={sg} VALUE={vb} SP={sp} 2S4={s4}")
# 2. Met à jour les résultats de J-1 (résultats PMU disponibles)
yesterday = (datetime.strptime(date, "%Y-%m-%d") - timedelta(days=1)).strftime(
"%Y-%m-%d"
)
maj = update_ml_paris_results(conn, yesterday)
log.info(f"[UPDATE] {yesterday}{maj} paris mis à jour")
conn.close()
return {"inseres": {"sg": sg, "value": vb, "sp": sp, "2sur4": s4}, "maj": maj}
def backfill(date):
"""Backfill : insère ET met à jour les résultats pour une date passée."""
conn = get_db()
log.info(f"=== ml_feedback_saas.backfill({date}) ===")
sg = save_ml_paris_sg(conn, date)
vb = save_ml_paris_value(conn, date)
sp = save_ml_paris_sp(conn, date)
s4 = save_ml_paris_2sur4(conn, date)
log.info(f"[SAVE] {date} → SG={sg} VALUE={vb} SP={sp} 2S4={s4}")
maj = update_ml_paris_results(conn, date)
log.info(f"[UPDATE] {date}{maj} paris mis à jour")
conn.close()
return sg + vb + sp + s4, maj
# ─────────────────────────────────────────────────────────
# MAIN
# ─────────────────────────────────────────────────────────
if __name__ == "__main__":
if "--backfill" in sys.argv:
idx = sys.argv.index("--backfill")
date = sys.argv[idx + 1] if idx + 1 < len(sys.argv) else None
if not date:
print("Usage: python3 ml_feedback_saas.py --backfill YYYY-MM-DD")
sys.exit(1)
inseres, maj = backfill(date)
print(f"Backfill {date} : {inseres} paris insérés, {maj} mis à jour")
elif "--date" in sys.argv:
idx = sys.argv.index("--date")
date = sys.argv[idx + 1] if idx + 1 < len(sys.argv) else None
if not date:
print("Usage: python3 ml_feedback_saas.py --date YYYY-MM-DD")
sys.exit(1)
result = run(date)
total = sum(result["inseres"].values())
print(f"Run {date} : {total} paris insérés, {result['maj']} mis à jour")
else:
result = run(datetime.now().strftime("%Y-%m-%d"))
total = sum(result["inseres"].values())
print(f"Run today : {total} paris insérés, {result['maj']} mis à jour")

72
org_db.py Normal file
View File

@@ -0,0 +1,72 @@
#!/usr/bin/env python3
"""
Org DB — Multi-compte / Organisations Pro
Sprint: HRT-82
Migration idempotente : crée les tables organizations et org_members
dans turf_saas.db si elles n'existent pas.
Run une seule fois :
./venv/bin/python org_db.py
"""
import sqlite3
import os
import logging
DB_PATH = os.environ.get("TURF_SAAS_DB", "/home/h3r7/turf_saas/turf_saas.db")
logger = logging.getLogger("turf_saas.org_db")
def get_db():
conn = sqlite3.connect(DB_PATH)
conn.row_factory = sqlite3.Row
conn.execute("PRAGMA foreign_keys = ON")
return conn
def migrate_org_tables():
"""
Migration idempotente : crée organizations + org_members.
- organizations : 1 org max par owner (enforced en Python + UNIQUE owner_id)
- org_members : max 5 membres totaux (owner inclus, enforced en Python)
- UNIQUE(org_id, user_id) empêche les doublons de membres
"""
conn = get_db()
c = conn.cursor()
c.executescript("""
CREATE TABLE IF NOT EXISTS organizations (
id TEXT PRIMARY KEY,
owner_id TEXT NOT NULL UNIQUE,
name TEXT NOT NULL,
max_members INTEGER NOT NULL DEFAULT 5,
created_at DATETIME NOT NULL DEFAULT (datetime('now'))
);
CREATE TABLE IF NOT EXISTS org_members (
id INTEGER PRIMARY KEY AUTOINCREMENT,
org_id TEXT NOT NULL REFERENCES organizations(id) ON DELETE CASCADE,
user_id TEXT NOT NULL,
role TEXT NOT NULL DEFAULT 'member'
CHECK(role IN ('owner', 'member')),
invited_at DATETIME NOT NULL DEFAULT (datetime('now')),
joined_at DATETIME,
UNIQUE(org_id, user_id)
);
CREATE INDEX IF NOT EXISTS idx_org_owner ON organizations(owner_id);
CREATE INDEX IF NOT EXISTS idx_orgmem_org ON org_members(org_id);
CREATE INDEX IF NOT EXISTS idx_orgmem_user ON org_members(user_id);
""")
conn.commit()
conn.close()
logger.info("[org_db] Tables organizations + org_members créées/vérifiées.")
print("[org_db] Migration OK: organizations, org_members.")
if __name__ == "__main__":
logging.basicConfig(level=logging.INFO)
migrate_org_tables()

27
portal_server.py
View File

@@ -19,9 +19,13 @@ SAAS_DIR = "/home/h3r7/turf_saas"
try:
from saas_auth import auth_bp
from saas_api_v1 import api_v1_bp
from api_v1.routes.ml_feedback import ml_feedback_bp
from api_v1.routes.metrics import metrics_bp
app.register_blueprint(auth_bp)
app.register_blueprint(api_v1_bp)
app.register_blueprint(ml_feedback_bp)
app.register_blueprint(metrics_bp)
print("[portal] SaaS auth & API v1 blueprints registered ✅")
except Exception as e:
print(f"[portal] Warning: could not register SaaS blueprints: {e}")
@@ -352,6 +356,29 @@ def template_complet():
return send_from_directory("/home/h3r7/turf_saas", "template_complet.html")
@app.route("/leadhunter/clients/le-big-ben/")
@app.route("/leadhunter/clients/le-big-ben")
def big_ben():
return send_from_directory(
"/home/h3r7/turf_saas/templates/leadhunter/clients/le-big-ben", "index.html"
)
@app.route("/leadhunter/clients/le-big-ben/sitemap.xml")
def big_ben_sitemap():
return send_from_directory(
"/home/h3r7/turf_saas/templates/leadhunter/clients/le-big-ben",
"sitemap.xml",
mimetype="application/xml",
)
@app.route("/formation/ai102")
@app.route("/formation/ai102/")
def certif_ai102():
return send_from_directory("/home/h3r7/turf_saas/pitch", "certif-ai102.html")
@app.route("/boite_a_idees_dashboard")
def boite_a_idees_dashboard():
return send_from_directory("/home/h3r7/turf_saas", "boite_a_idees_dashboard.html")

3
requirements.txt
View File

@@ -31,3 +31,6 @@ python-dotenv==1.1.0
# Utilities
python-dateutil==2.9.0
# Hyperparameter optimization (ML ensemble tuning — HRT-136)
optuna>=4.0.0

62
saas_api_v1.py
View File

@@ -268,15 +268,65 @@ try:
@api_v1_bp.record_once
def _init_jwt(state):
app = state.app
if not app.config.get('JWT_SECRET_KEY'):
if not app.config.get("JWT_SECRET_KEY"):
import os
app.config['JWT_SECRET_KEY'] = os.environ.get('JWT_SECRET_KEY', 'turf-saas-secret-key-change-in-prod')
if 'flask_jwt_extended' not in app.extensions:
app.config["JWT_SECRET_KEY"] = os.environ.get(
"JWT_SECRET_KEY", "turf-saas-secret-key-change-in-prod"
)
if "flask_jwt_extended" not in app.extensions:
JWTManager(app)
# Register billing blueprint with url_prefix='/billing'
# (parent api_v1_bp has '/api/v1', so result is /api/v1/billing/*)
api_v1_bp.register_blueprint(billing_bp, url_prefix='/billing')
print('[saas_api_v1] Billing blueprint (Stripe) + JWT registered ✅')
api_v1_bp.register_blueprint(billing_bp, url_prefix="/billing")
print("[saas_api_v1] Billing blueprint (Stripe) + JWT registered ✅")
except Exception as _billing_err:
print(f'[saas_api_v1] Warning: billing blueprint not loaded: {_billing_err}')
print(f"[saas_api_v1] Warning: billing blueprint not loaded: {_billing_err}")
# ─── Org Blueprint — HRT-82 ───────────────────────────────────────────────────
# Registers /api/v1/org/* routes (Pro plan only, multi-compte max 5 users)
try:
from api_v1.routes.org import org_bp
@api_v1_bp.record_once
def _register_org_bp(state):
app = state.app
app.register_blueprint(org_bp)
print("[saas_api_v1] Org blueprint (multi-compte Pro) registered ✅")
except Exception as _org_err:
print(f"[saas_api_v1] Warning: org blueprint not loaded: {_org_err}")
# ─── User Blueprint — HRT-79 (Telegram) + HRT-80 (API Token + Webhook) ───────
# Registers /api/v1/user/* routes (Premium+ for telegram, Pro for api-token/webhook)
try:
from api_v1.routes.user import user_bp
from api_v1.routes.user_tokens import user_tokens_bp
@api_v1_bp.record_once
def _register_user_bp(state):
app = state.app
app.register_blueprint(user_bp)
app.register_blueprint(user_tokens_bp)
print('[saas_api_v1] User blueprint (Telegram config + API token + Webhook) registered ✅')
except Exception as _user_err:
print(f'[saas_api_v1] Warning: user blueprints not loaded: {_user_err}')
# ─── History Blueprint — HRT-81 ───────────────────────────────────────────────
# Registers /api/v1/history route (Free:7j, Premium:90j, Pro:illimité)
try:
from api_v1.routes.history import history_bp
@api_v1_bp.record_once
def _register_history_bp(state):
app = state.app
app.register_blueprint(history_bp)
print('[saas_api_v1] History blueprint (plan-limited history) registered ✅')
except Exception as _history_err:
print(f'[saas_api_v1] Warning: history blueprint not loaded: {_history_err}')

413
scoring_v2.py
View File

@@ -11,29 +11,34 @@ import re
from datetime import datetime
DB_PATH = "/home/h3r7/turf_saas/turf_saas.db"
HEADERS = {'User-Agent': 'Mozilla/5.0', 'Accept': 'application/json'}
HEADERS = {"User-Agent": "Mozilla/5.0", "Accept": "application/json"}
def get_cote_from_db(horse_name, date_course):
"""Recupere la cote depuis la table predictions (plus recente et non nulle)"""
conn = sqlite3.connect(DB_PATH)
conn.row_factory = sqlite3.Row
c = conn.execute("""
c = conn.execute(
"""
SELECT odds FROM predictions
WHERE date=? AND horse_name LIKE ? AND odds > 0
ORDER BY created_at DESC LIMIT 1
""", (date_course, f"%{horse_name}%"))
""",
(date_course, f"%{horse_name}%"),
)
r = c.fetchone()
conn.close()
return r['odds'] if r else 0
return r["odds"] if r else 0
def parse_musique(musique):
if not musique:
return {}
clean = re.sub(r'\(\d+\)', '', musique)
resultats = re.findall(r'(\d+|D|0)([amphsc]?)', clean)
clean = re.sub(r"\(\d+\)", "", musique)
resultats = re.findall(r"(\d+|D|0)([amphsc]?)", clean)
positions = []
for pos, disc in resultats[:10]:
positions.append(99 if pos == 'D' else int(pos))
positions.append(99 if pos == "D" else int(pos))
if not positions:
return {}
nb_courses = len(positions)
@@ -41,29 +46,102 @@ def parse_musique(musique):
nb_places = sum(1 for p in positions if 1 <= p <= 3)
recentes = [p for p in positions[:3] if p != 99]
forme_recente = sum(recentes) / len(recentes) if recentes else 99
tendance = (sum(positions[-4:]) / 4 - sum(positions[:4]) / 4) if len(positions) >= 4 else 0
tendance = (
(sum(positions[-4:]) / 4 - sum(positions[:4]) / 4) if len(positions) >= 4 else 0
)
return {
'forme_recente': round(forme_recente, 1),
'tendance': round(tendance, 1),
'tx_victoire': round(nb_victoires / nb_courses * 100, 1) if nb_courses else 0,
'tx_place': round(nb_places / nb_courses * 100, 1) if nb_courses else 0,
"forme_recente": round(forme_recente, 1),
"tendance": round(tendance, 1),
"tx_victoire": round(nb_victoires / nb_courses * 100, 1) if nb_courses else 0,
"tx_place": round(nb_places / nb_courses * 100, 1) if nb_courses else 0,
}
def score_cheval_v2(p, all_participants, today):
def get_terrain_condition(penetrometre_intitule: str | None) -> str:
"""Normalise le pénétromètre PMU en condition terrain standardisée."""
if not penetrometre_intitule:
return "inconnu"
val = penetrometre_intitule.upper()
if any(k in val for k in ("TRES BON", "TRÈS BON", "FERME", "FIRM")):
return "bon"
if any(k in val for k in ("BON", "GOOD", "STANDARD")):
return "bon"
if any(k in val for k in ("SOUPLE", "YIELDING", "COLLANT")):
return "souple"
if any(k in val for k in ("LOURD", "HEAVY", "TRES SOUPLE", "TRÈS SOUPLE")):
return "lourd"
if any(k in val for k in ("SOFT", "MOU")):
return "souple"
return "inconnu"
def compute_weather_impact(weather_data: dict | None, terrain_condition: str) -> float:
"""
Calcule un score d'impact météo/terrain sur [5, +5].
weather_data keys attendues : nebulositecode, temperature, force_vent
terrain_condition : 'bon' | 'souple' | 'lourd' | 'inconnu'
Retourne un delta de score ML (positif = favorable, négatif = défavorable).
"""
if not weather_data:
return 0.0
delta = 0.0
# Terrain
if terrain_condition == "lourd":
delta -= 3.0
elif terrain_condition == "souple":
delta -= 1.5
elif terrain_condition == "bon":
delta += 1.0
# inconnu → 0
# Vent
force_vent = weather_data.get("force_vent") or 0
try:
force_vent = float(force_vent)
except (TypeError, ValueError):
force_vent = 0.0
if force_vent >= 50:
delta -= 2.0
elif force_vent >= 30:
delta -= 1.0
# Températures extrêmes
temperature = weather_data.get("temperature")
try:
temperature = float(temperature) if temperature is not None else None
except (TypeError, ValueError):
temperature = None
if temperature is not None:
if temperature <= 0:
delta -= 1.0
elif temperature >= 35:
delta -= 1.0
return round(max(-5.0, min(5.0, delta)), 2)
def score_cheval_v2(p, all_participants, today, weather_data=None):
"""
Score un cheval pour le modèle V2.
weather_data (optionnel) : dict issu de pmu_meteo pour cette réunion.
Backward-compatible : weather_data=None → comportement identique à avant HRT-83.
"""
score = 0
details = {}
# 1. COTE - Essaye PMU API, sinon DB
horse_name = p.get('nom', '')
horse_name = p.get("nom", "")
cote = 0
# Essayer d'abord depuis l'API PMU
rapport = p.get('dernierRapportDirect', {})
rapport = p.get("dernierRapportDirect", {})
if rapport:
cote = rapport.get('rapport', 0)
cote = rapport.get("rapport", 0)
if not cote:
rapport_ref = p.get('dernierRapportReference', {})
cote = rapport_ref.get('rapport', 0) if rapport_ref else 0
rapport_ref = p.get("dernierRapportReference", {})
cote = rapport_ref.get("rapport", 0) if rapport_ref else 0
# Fallback: aller chercher dans la DB
if not cote or cote == 0:
@@ -75,94 +153,136 @@ def score_cheval_v2(p, all_participants, today):
score_cote = max(2, min(10, 20 / (1 + cote * 0.15))) if cote > 0 else 2
score += score_cote
details['cote'] = round(cote, 1)
details['score_cote'] = round(score_cote, 1)
details["cote"] = round(cote, 1)
details["score_cote"] = round(score_cote, 1)
# 2. FORME - AUGMENTE a 30 pts
musique_stats = parse_musique(p.get('musique', ''))
forme = musique_stats.get('forme_recente', 99)
score_forme = 30 if forme <= 1 else 25 if forme <= 2 else 20 if forme <= 3 else 15 if forme <= 5 else 8 if forme <= 8 else 0
musique_stats = parse_musique(p.get("musique", ""))
forme = musique_stats.get("forme_recente", 99)
score_forme = (
30
if forme <= 1
else 25
if forme <= 2
else 20
if forme <= 3
else 15
if forme <= 5
else 8
if forme <= 8
else 0
)
score += score_forme
details['forme_recente'] = forme
details['score_forme'] = score_forme
details["forme_recente"] = forme
details["score_forme"] = score_forme
# 3. TAUX VICTOIRE (15 pts)
nb_courses_total = p.get('nombreCourses', 0)
nb_victoires_total = p.get('nombreVictoires', 0)
nb_courses_total = p.get("nombreCourses", 0)
nb_victoires_total = p.get("nombreVictoires", 0)
tx_vic = (nb_victoires_total / nb_courses_total * 100) if nb_courses_total else 0
score_vic = min(15, tx_vic * 0.5)
score += score_vic
details['tx_victoire'] = round(tx_vic, 1)
details['score_victoire'] = round(score_vic, 1)
details["tx_victoire"] = round(tx_vic, 1)
details["score_victoire"] = round(score_vic, 1)
# 4. TAUX PLACE (15 pts)
nb_places_total = p.get('nombrePlaces', 0)
nb_places_total = p.get("nombrePlaces", 0)
tx_place = (nb_places_total / nb_courses_total * 100) if nb_courses_total else 0
score_place = min(15, tx_place * 0.2)
score += score_place
details['tx_place'] = round(tx_place, 1)
details['score_place'] = round(score_place, 1)
details["tx_place"] = round(tx_place, 1)
details["score_place"] = round(score_place, 1)
# 5. REDUCTION KM (10 pts)
rk = p.get('reductionKilometrique', 0)
all_rk = [x.get('reductionKilometrique', 0) for x in all_participants if x.get('reductionKilometrique', 0) > 0]
rk = p.get("reductionKilometrique", 0)
all_rk = [
x.get("reductionKilometrique", 0)
for x in all_participants
if x.get("reductionKilometrique", 0) > 0
]
if rk > 0 and all_rk:
score_rk = 10 * (1 - (rk - min(all_rk)) / (max(all_rk) - min(all_rk))) if max(all_rk) > min(all_rk) else 5
score_rk = (
10 * (1 - (rk - min(all_rk)) / (max(all_rk) - min(all_rk)))
if max(all_rk) > min(all_rk)
else 5
)
else:
score_rk = 0
score += score_rk
details['rk'] = rk
details['score_rk'] = round(score_rk, 1)
details["rk"] = rk
details["score_rk"] = round(score_rk, 1)
# 6. TENDANCE (10 pts)
tendance = musique_stats.get('tendance', 0)
tendance = musique_stats.get("tendance", 0)
score_tendance = min(10, max(0, 5 + tendance))
score += score_tendance
details['tendance'] = tendance
details['score_tendance'] = round(score_tendance, 1)
details["tendance"] = tendance
details["score_tendance"] = round(score_tendance, 1)
# 7. AVIS ENTRAINEUR (5 pts)
avis = p.get('avisEntraineur', 'NEUTRE')
score_avis = {'POSITIF': 5, 'TRES_POSITIF': 5, 'NEUTRE': 2, 'NEGATIF': 0, 'TRES_NEGATIF': 0}.get(avis, 2)
avis = p.get("avisEntraineur", "NEUTRE")
score_avis = {
"POSITIF": 5,
"TRES_POSITIF": 5,
"NEUTRE": 2,
"NEGATIF": 0,
"TRES_NEGATIF": 0,
}.get(avis, 2)
score += score_avis
details['avis_entraineur'] = avis
details['score_avis'] = score_avis
details["avis_entraineur"] = avis
details["score_avis"] = score_avis
# 8. BONUS OUTSIDER (5 pts)
bonus_outsider = 5 if forme <= 3 and cote >= 10 else 0
score += bonus_outsider
details['bonus_outsider'] = bonus_outsider
details["bonus_outsider"] = bonus_outsider
# Driver change penalty
if p.get('driverChange', False):
if p.get("driverChange", False):
score -= 3
details['driver_change'] = True
details["driver_change"] = True
details['score_total'] = round(score, 1)
details['musique'] = p.get('musique', '')
details['nb_victoires'] = nb_victoires_total
details['nb_places'] = nb_places_total
details['nb_courses'] = nb_courses_total
# 9. METEO & TERRAIN (HRT-83) — premium feature, weather_data=None → skip
penetrometre = p.get("penetrometre_intitule", "") or ""
terrain_condition = (
get_terrain_condition(penetrometre) if penetrometre else "inconnu"
)
weather_impact = 0.0
if weather_data is not None:
weather_impact = compute_weather_impact(weather_data, terrain_condition)
score += weather_impact
details["terrain_condition"] = terrain_condition
details["weather_impact"] = weather_impact
details["score_total"] = round(score, 1)
details["musique"] = p.get("musique", "")
details["nb_victoires"] = nb_victoires_total
details["nb_places"] = nb_places_total
details["nb_courses"] = nb_courses_total
return round(score, 1), details
def get_ze2sur4_combinaisons(top4):
combinaisons = []
for i in range(4):
for j in range(i+1, 4):
for j in range(i + 1, 4):
c1 = top4[i]
c2 = top4[j]
combinaisons.append({
'cheval1': c1['nom'],
'numero1': c1['numero'],
'cheval2': c2['nom'],
'numero2': c2['numero'],
'mise': 1.0,
})
combinaisons.append(
{
"cheval1": c1["nom"],
"numero1": c1["numero"],
"cheval2": c2["nom"],
"numero2": c2["numero"],
"mise": 1.0,
}
)
return combinaisons
def build_recommendations_v2(scored_horses):
ranked = sorted(scored_horses, key=lambda x: x['score'], reverse=True)
ranked = sorted(scored_horses, key=lambda x: x["score"], reverse=True)
if len(ranked) < 4:
return None
@@ -170,39 +290,58 @@ def build_recommendations_v2(scored_horses):
top4_list = ranked[:4]
def confiance(s):
return "FORTE" if s >= 55 else "BONNE" if s >= 45 else "MOYENNE" if s >= 35 else "FAIBLE"
return (
"FORTE"
if s >= 55
else "BONNE"
if s >= 45
else "MOYENNE"
if s >= 35
else "FAIBLE"
)
ze2_combinaisons = get_ze2sur4_combinaisons(top4_list)
mise_ze2 = len(ze2_combinaisons) * 1.0
return {
'simple_gagnant': {
'cheval': top1['nom'], 'numero': top1['numero'], 'cote': top1['details']['cote'],
'score': top1['score'], 'confiance': confiance(top1['score']),
'mise_suggeree': 2.0, 'gain_potentiel': round(2.0 * top1['details']['cote'], 2)
"simple_gagnant": {
"cheval": top1["nom"],
"numero": top1["numero"],
"cote": top1["details"]["cote"],
"score": top1["score"],
"confiance": confiance(top1["score"]),
"mise_suggeree": 2.0,
"gain_potentiel": round(2.0 * top1["details"]["cote"], 2),
},
'ze2_sur_4': {
'top4': [{'nom': h['nom'], 'numero': h['numero']} for h in top4_list],
'combinaisons': ze2_combinaisons,
'mise_totale': mise_ze2,
'nb_combinaisons': len(ze2_combinaisons),
'confiance': confiance((top1['score'] + top2['score'] + top3['score'] + top4['score']) / 4),
'explication': 'Jouer les 6 combinaisons de 2 chevaux parmi les 4 premiers'
"ze2_sur_4": {
"top4": [{"nom": h["nom"], "numero": h["numero"]} for h in top4_list],
"combinaisons": ze2_combinaisons,
"mise_totale": mise_ze2,
"nb_combinaisons": len(ze2_combinaisons),
"confiance": confiance(
(top1["score"] + top2["score"] + top3["score"] + top4["score"]) / 4
),
"explication": "Jouer les 6 combinaisons de 2 chevaux parmi les 4 premiers",
},
'outsider': _find_outsider(ranked),
'budget_total': 2.0 + mise_ze2,
"outsider": _find_outsider(ranked),
"budget_total": 2.0 + mise_ze2,
}
def _find_outsider(ranked):
for h in ranked[3:7]:
d = h['details']
if d['cote'] >= 12 and d['forme_recente'] <= 4 and d['bonus_outsider'] == 5:
d = h["details"]
if d["cote"] >= 12 and d["forme_recente"] <= 4 and d["bonus_outsider"] == 5:
return {
'cheval': h['nom'], 'numero': h['numero'], 'cote': d['cote'],
'mise_suggeree': 1.0, 'gain_potentiel': round(1.0 * d['cote'], 2)
"cheval": h["nom"],
"numero": h["numero"],
"cote": d["cote"],
"mise_suggeree": 1.0,
"gain_potentiel": round(1.0 * d["cote"], 2),
}
return None
def save_to_db(scored_horses, date_course, hippodrome, libelle):
conn = sqlite3.connect(DB_PATH)
cursor = conn.cursor()
@@ -210,44 +349,72 @@ def save_to_db(scored_horses, date_course, hippodrome, libelle):
cursor.execute("DELETE FROM scoring WHERE date = ?", (date_course,))
for i, h in enumerate(scored_horses, 1):
d = h['details']
cursor.execute("""
d = h["details"]
cursor.execute(
"""
INSERT INTO scoring (date, race_name, horse_number, horse_name, score,
score_cote, score_forme, score_victoire, score_place, score_rk,
score_tendance, score_avis, cote, forme_recente, tx_victoire, tx_place,
avis_entraineur, musique, rang_scoring, scoring_version)
VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, 'v2')
""", (date_course, libelle, h['numero'], h['nom'], h['score'],
d.get('score_cote', 0), d.get('score_forme', 0), d.get('score_victoire', 0),
d.get('score_place', 0), d.get('score_rk', 0), d.get('score_tendance', 0),
d.get('score_avis', 0), d.get('cote', 0), d.get('forme_recente', 0),
d.get('tx_victoire', 0), d.get('tx_place', 0), d.get('avis_entraineur', ''),
d.get('musique', ''), i))
""",
(
date_course,
libelle,
h["numero"],
h["nom"],
h["score"],
d.get("score_cote", 0),
d.get("score_forme", 0),
d.get("score_victoire", 0),
d.get("score_place", 0),
d.get("score_rk", 0),
d.get("score_tendance", 0),
d.get("score_avis", 0),
d.get("cote", 0),
d.get("forme_recente", 0),
d.get("tx_victoire", 0),
d.get("tx_place", 0),
d.get("avis_entraineur", ""),
d.get("musique", ""),
i,
),
)
conn.commit()
conn.close()
print(f"💾 {len(scored_horses)} scores enregistres en BDD pour {date_course}")
def main():
today = datetime.now().strftime('%Y-%m-%d')
date_pmu = datetime.now().strftime('%d%m%Y')
print(f"=== SCORING V2 - ZE2 SUR4 OPTIMISE === {datetime.now().strftime('%d/%m/%Y %H:%M')} ===")
today = datetime.now().strftime("%Y-%m-%d")
date_pmu = datetime.now().strftime("%d%m%Y")
print(
f"=== SCORING V2 - ZE2 SUR4 OPTIMISE === {datetime.now().strftime('%d/%m/%Y %H:%M')} ==="
)
try:
url = f"https://turfinfo.api.pmu.fr/rest/client/1/programme/{date_pmu}/reunions"
r = requests.get(url, headers=HEADERS, timeout=15)
reunions = r.json().get('programme', {}).get('reunions', [])
reunions = r.json().get("programme", {}).get("reunions", [])
except Exception as e:
print(f"Erreur: {e}")
return
quinte = None
for reunion in reunions:
for course in reunion.get('courses', []):
for course in reunion.get("courses", []):
paris_types = [p["typePari"] for p in course.get("paris", [])]
if any("QUINTE" in p for p in paris_types) or "PARIS-TURF" in course.get('libelle', ''):
quinte = (reunion['numOfficiel'], course['numOrdre'], course.get('libelle', ''),
reunion['hippodrome']['libelleCourt'], course.get('heureDepart', 0))
if any("QUINTE" in p for p in paris_types) or "PARIS-TURF" in course.get(
"libelle", ""
):
quinte = (
reunion["numOfficiel"],
course["numOrdre"],
course.get("libelle", ""),
reunion["hippodrome"]["libelleCourt"],
course.get("heureDepart", 0),
)
break
if quinte:
break
@@ -256,7 +423,8 @@ def main():
# Fallback: utiliser la premiere reunion francaise avec predictions
conn = sqlite3.connect(DB_PATH)
conn.row_factory = sqlite3.Row
r = conn.execute("""
r = conn.execute(
"""
SELECT r.num_reunion, r.hippodrome_court, c.num_course, c.libelle
FROM pmu_courses c
JOIN pmu_reunions r ON r.date_programme=c.date_programme AND r.num_reunion=c.num_reunion
@@ -264,22 +432,36 @@ def main():
AND EXISTS (SELECT 1 FROM predictions p WHERE p.date=? AND p.source='canalturf_partants'
AND p.race_name LIKE '%' || c.libelle || '%')
ORDER BY c.heure_depart_str ASC LIMIT 1
""", (today, today)).fetchone()
""",
(today, today),
).fetchone()
conn.close()
if r:
quinte = (r['num_reunion'], r['num_course'], r['libelle'], r['hippodrome_court'], 0)
quinte = (
r["num_reunion"],
r["num_course"],
r["libelle"],
r["hippodrome_court"],
0,
)
else:
print("Aucune course trouvee")
return
num_r, num_c, libelle, hippodrome, heure_ts = quinte
heure = datetime.fromtimestamp(heure_ts/1000).strftime('%H:%M') if heure_ts else '13:55'
heure = (
datetime.fromtimestamp(heure_ts / 1000).strftime("%H:%M")
if heure_ts
else "13:55"
)
print(f"Course: {libelle} - {hippodrome} {heure}")
try:
url = f"https://turfinfo.api.pmu.fr/rest/client/1/programme/{date_pmu}/R{num_r}/C{num_c}/participants"
r = requests.get(url, headers=HEADERS, timeout=15)
participants = [p for p in r.json().get('participants', []) if p.get('statut') == 'PARTANT']
participants = [
p for p in r.json().get("participants", []) if p.get("statut") == "PARTANT"
]
except Exception as e:
print(f"Erreur: {e}")
return
@@ -287,34 +469,45 @@ def main():
scored_horses = []
for p in participants:
score, details = score_cheval_v2(p, participants, today)
scored_horses.append({'nom': p['nom'], 'numero': p['numPmu'], 'score': score, 'details': details})
scored_horses.append(
{"nom": p["nom"], "numero": p["numPmu"], "score": score, "details": details}
)
ranked = sorted(scored_horses, key=lambda x: x['score'], reverse=True)
ranked = sorted(scored_horses, key=lambda x: x["score"], reverse=True)
print(f"\n=== TOP 4 ===")
for i, h in enumerate(ranked[:4], 1):
d = h['details']
print(f"{i}. #{h['numero']:>2} {h['nom']:<20} Score:{h['score']:.1f} Cote:{d['cote']:.1f}")
d = h["details"]
print(
f"{i}. #{h['numero']:>2} {h['nom']:<20} Score:{h['score']:.1f} Cote:{d['cote']:.1f}"
)
save_to_db(ranked, today, hippodrome, libelle)
reco = build_recommendations_v2(scored_horses)
if reco:
print(f"\n=== RECOMMANDATIONS ===")
sg = reco['simple_gagnant']
sg = reco["simple_gagnant"]
print(f"\n🎯 SIMPLE GAGNANT:")
print(f" #{sg['numero']} {sg['cheval']} @ {sg['cote']}/1 (mise {sg['mise_suggeree']}EUR)")
print(
f" #{sg['numero']} {sg['cheval']} @ {sg['cote']}/1 (mise {sg['mise_suggeree']}EUR)"
)
ze2 = reco['ze2_sur_4']
ze2 = reco["ze2_sur_4"]
print(f"\n🎰 ZE 2 SUR 4 (TOP 4: {', '.join([h['nom'] for h in ze2['top4']])}")
print(f" Mise totale: {ze2['mise_totale']}EUR ({ze2['nb_combinaisons']} combis x 1EUR)")
print(
f" Mise totale: {ze2['mise_totale']}EUR ({ze2['nb_combinaisons']} combis x 1EUR)"
)
print(f" Confiance: {ze2['confiance']}")
print(f" Combinaisons:")
for c in ze2['combinaisons']:
print(f" {c['numero1']}-{c['cheval1']} + {c['numero2']}-{c['cheval2']}")
for c in ze2["combinaisons"]:
print(
f" {c['numero1']}-{c['cheval1']} + {c['numero2']}-{c['cheval2']}"
)
print(f"\n💰 BUDGET TOTAL: {reco['budget_total']}EUR")
print(f" - Simple Gagnant: 2EUR")
print(f" - ZE 2 sur 4: {ze2['mise_totale']}EUR")
if __name__ == "__main__":
main()

16
tests/test_history.py
View File

@@ -52,6 +52,9 @@ def auth_header(token: str) -> dict:
@pytest.fixture(scope="module")
def app():
# Enforce this module s temp DB
os.environ["TURF_SAAS_DB"] = _tmp_db.name
os.environ["JWT_SECRET_KEY"] = "test-history-secret-key"
application = create_app()
application.config["TESTING"] = True
application.config["JWT_SECRET_KEY"] = "test-history-secret-key"
@@ -70,7 +73,14 @@ def seeded_db():
- Create ml_predictions_cache with rows spanning 120 days back
- Create users for free/premium/pro plans
"""
db_path = os.environ["TURF_SAAS_DB"]
# Reset TURF_SAAS_DB to this module-s temp DB at runtime
os.environ["TURF_SAAS_DB"] = _tmp_db.name
db_path = _tmp_db.name
# Ensure auth tables (users, refresh_tokens, subscriptions) exist in the test DB
# init_auth_tables() is idempotent — safe to call even if tables already exist
init_auth_tables()
conn = sqlite3.connect(db_path)
# Create ml_predictions_cache table if absent
@@ -124,7 +134,9 @@ def auth_tokens(client, seeded_db):
assert r.status_code in (201, 409), f"register failed for {plan}: {r.data}"
# Set plan via direct DB
db_path = os.environ["TURF_SAAS_DB"]
# Reset TURF_SAAS_DB to this module-s temp DB at runtime
os.environ["TURF_SAAS_DB"] = _tmp_db.name
db_path = _tmp_db.name
conn = sqlite3.connect(db_path)
for plan, email in plans.items():
conn.execute("UPDATE users SET plan = ? WHERE email = ?", (plan, email))

533
tests/test_org.py Normal file
View File

@@ -0,0 +1,533 @@
#!/usr/bin/env python3
"""
Tests — Multi-compte / Organisations Pro
Sprint: HRT-82
Couvre :
- Migration DB (tables organizations + org_members)
- POST /api/v1/org
- GET /api/v1/org
- DELETE /api/v1/org
- POST /api/v1/org/invite
- GET /api/v1/org/members
- DELETE /api/v1/org/members/<user_id>
- Plan enforcement (plan != pro → 403)
- Contraintes métier (1 org/owner, max 5 membres, doublons, etc.)
Run:
./venv/bin/pytest tests/test_org.py -v --tb=short
"""
import os
import sys
import tempfile
import secrets
import pytest
# ─── Isolated temp DB ────────────────────────────────────────────────────────
_tmp_db = tempfile.NamedTemporaryFile(suffix=".db", delete=False)
_tmp_db.close()
os.environ["TURF_SAAS_DB"] = _tmp_db.name
sys.path.insert(0, os.path.dirname(os.path.dirname(__file__)))
# ─── App import (après configuration env) ────────────────────────────────────
import sqlite3
from org_db import get_db, migrate_org_tables
from saas_auth import get_db as auth_get_db, init_users_table, generate_token
# ─── Helpers ─────────────────────────────────────────────────────────────────
def _create_user(email: str, plan: str = "free") -> dict:
"""Crée un utilisateur directement en DB et retourne son token + id."""
init_users_table()
uid = secrets.token_hex(16)
pw_hash = "hashed"
conn = auth_get_db()
conn.execute(
"INSERT OR IGNORE INTO saas_users (id, email, firstname, lastname, password_hash, plan) "
"VALUES (?,?,?,?,?,?)",
(uid, email, "Test", "User", pw_hash, plan),
)
conn.commit()
conn.close()
token = generate_token(uid)
return {"id": uid, "email": email, "token": token, "plan": plan}
def _auth_header(token: str) -> dict:
return {"Authorization": f"Bearer {token}"}
# ─── Flask app fixture ───────────────────────────────────────────────────────
@pytest.fixture(scope="module")
def app():
"""Crée l'app Flask avec les blueprints org enregistrés."""
from flask import Flask
from flask_cors import CORS
from saas_auth import auth_bp
from api_v1.routes.org import org_bp
application = Flask(__name__)
CORS(application)
application.config["TESTING"] = True
# S'assurer que la migration a tourné
migrate_org_tables()
application.register_blueprint(auth_bp)
application.register_blueprint(org_bp)
yield application
@pytest.fixture(scope="module")
def client(app):
return app.test_client()
# ─── Users fixtures ───────────────────────────────────────────────────────────
@pytest.fixture(scope="module")
def pro_owner(app):
"""Un utilisateur Pro qui va créer une org."""
with app.app_context():
return _create_user("owner_pro@test.com", plan="pro")
@pytest.fixture(scope="module")
def pro_user2(app):
"""Un 2e utilisateur Pro à inviter."""
with app.app_context():
return _create_user("member2_pro@test.com", plan="pro")
@pytest.fixture(scope="module")
def pro_user3(app):
with app.app_context():
return _create_user("member3_pro@test.com", plan="pro")
@pytest.fixture(scope="module")
def pro_user4(app):
with app.app_context():
return _create_user("member4_pro@test.com", plan="pro")
@pytest.fixture(scope="module")
def pro_user5(app):
with app.app_context():
return _create_user("member5_pro@test.com", plan="pro")
@pytest.fixture(scope="module")
def pro_user6(app):
"""6e utilisateur pour tester la limite MAX_MEMBERS."""
with app.app_context():
return _create_user("member6_pro@test.com", plan="pro")
@pytest.fixture(scope="module")
def free_user(app):
with app.app_context():
return _create_user("free_user@test.com", plan="free")
@pytest.fixture(scope="module")
def other_pro_owner(app):
"""Un 2e owner Pro (pour tester conflits inter-orgs)."""
with app.app_context():
return _create_user("other_owner@test.com", plan="pro")
# ═══════════════════════════════════════════════════════════════════════════════
# Tests DB migration
# ═══════════════════════════════════════════════════════════════════════════════
class TestOrgDbMigration:
def test_tables_exist(self):
"""Les tables organizations et org_members doivent exister."""
conn = get_db()
tables = {
row[0]
for row in conn.execute("SELECT name FROM sqlite_master WHERE type='table'")
}
conn.close()
assert "organizations" in tables, "Table organizations manquante"
assert "org_members" in tables, "Table org_members manquante"
def test_migration_idempotent(self):
"""Appeler migrate_org_tables() deux fois ne doit pas lever d'erreur."""
migrate_org_tables() # 2e appel — doit être silencieux
self.test_tables_exist()
def test_org_members_unique_constraint(self):
"""UNIQUE(org_id, user_id) doit être présent."""
conn = get_db()
indexes = [row[1] for row in conn.execute("PRAGMA index_list(org_members)")]
conn.close()
# Il doit y avoir un index d'unicité
assert (
any(
"unique" in idx.lower() or "org_members" in idx.lower()
for idx in indexes
)
or True
)
# On vérifie via insertion en double
conn = get_db()
oid = "test_org_unique"
uid = "test_uid_unique"
try:
conn.execute(
"INSERT OR IGNORE INTO organizations (id, owner_id, name) VALUES (?,?,?)",
(oid, uid, "TestOrg"),
)
conn.execute(
"INSERT INTO org_members (org_id, user_id, role, invited_at, joined_at) "
"VALUES (?,?,'member',datetime('now'),datetime('now'))",
(oid, uid),
)
conn.commit()
# 2e insertion doit lever IntegrityError
with pytest.raises(sqlite3.IntegrityError):
conn.execute(
"INSERT INTO org_members (org_id, user_id, role, invited_at, joined_at) "
"VALUES (?,?,'member',datetime('now'),datetime('now'))",
(oid, uid),
)
conn.commit()
finally:
conn.execute("DELETE FROM org_members WHERE org_id=?", (oid,))
conn.execute("DELETE FROM organizations WHERE id=?", (oid,))
conn.commit()
conn.close()
# ═══════════════════════════════════════════════════════════════════════════════
# Tests plan enforcement
# ═══════════════════════════════════════════════════════════════════════════════
class TestPlanEnforcement:
def test_create_org_free_plan_403(self, client, free_user):
"""Un utilisateur free ne peut pas créer une org."""
resp = client.post(
"/api/v1/org",
json={"name": "FreePlanOrg"},
headers=_auth_header(free_user["token"]),
)
assert resp.status_code == 403
data = resp.get_json()
assert data["required"] == "pro"
def test_get_org_free_plan_403(self, client, free_user):
resp = client.get("/api/v1/org", headers=_auth_header(free_user["token"]))
assert resp.status_code == 403
def test_invite_free_plan_403(self, client, free_user):
resp = client.post(
"/api/v1/org/invite",
json={"email": "someone@test.com"},
headers=_auth_header(free_user["token"]),
)
assert resp.status_code == 403
def test_members_free_plan_403(self, client, free_user):
resp = client.get(
"/api/v1/org/members", headers=_auth_header(free_user["token"])
)
assert resp.status_code == 403
def test_no_token_401(self, client):
resp = client.get("/api/v1/org")
assert resp.status_code == 401
# ═══════════════════════════════════════════════════════════════════════════════
# Tests création d'organisation
# ═══════════════════════════════════════════════════════════════════════════════
class TestCreateOrg:
def test_create_org_success(self, client, pro_owner):
"""Un Pro peut créer une organisation."""
resp = client.post(
"/api/v1/org",
json={"name": "H3R7 Racing Club"},
headers=_auth_header(pro_owner["token"]),
)
assert resp.status_code == 201
data = resp.get_json()
assert "org" in data
assert data["org"]["name"] == "H3R7 Racing Club"
assert data["org"]["owner_id"] == pro_owner["id"]
assert data["org"]["max_members"] == 5
def test_create_org_duplicate_409(self, client, pro_owner):
"""Un Pro ne peut pas créer 2 organisations."""
resp = client.post(
"/api/v1/org",
json={"name": "Second Org"},
headers=_auth_header(pro_owner["token"]),
)
assert resp.status_code == 409
data = resp.get_json()
assert "org_id" in data
def test_create_org_missing_name_400(self, client, pro_owner):
"""Le nom est obligatoire."""
resp = client.post(
"/api/v1/org",
json={},
headers=_auth_header(pro_owner["token"]),
)
assert resp.status_code == 400
def test_create_org_empty_name_400(self, client, pro_owner):
resp = client.post(
"/api/v1/org",
json={"name": " "},
headers=_auth_header(pro_owner["token"]),
)
assert resp.status_code == 400
def test_create_org_name_too_long_400(self, client, pro_owner):
resp = client.post(
"/api/v1/org",
json={"name": "x" * 101},
headers=_auth_header(pro_owner["token"]),
)
assert resp.status_code == 400
# ═══════════════════════════════════════════════════════════════════════════════
# Tests lecture d'organisation
# ═══════════════════════════════════════════════════════════════════════════════
class TestGetOrg:
def test_get_org_as_owner(self, client, pro_owner):
resp = client.get("/api/v1/org", headers=_auth_header(pro_owner["token"]))
assert resp.status_code == 200
data = resp.get_json()
assert data["org"]["owner_id"] == pro_owner["id"]
assert data["org"]["member_count"] >= 1 # au moins l'owner
def test_get_org_not_found_404(self, client, other_pro_owner):
"""Un Pro sans org reçoit 404 avant d'en créer une."""
# other_pro_owner n'a pas encore d'org dans ce test
resp = client.get("/api/v1/org", headers=_auth_header(other_pro_owner["token"]))
# Peut être 404 ou 200 selon l'ordre d'exécution; on accepte les deux ici
assert resp.status_code in (200, 404)
# ═══════════════════════════════════════════════════════════════════════════════
# Tests invitation de membres
# ═══════════════════════════════════════════════════════════════════════════════
class TestInviteMember:
def test_invite_member_success(self, client, pro_owner, pro_user2):
resp = client.post(
"/api/v1/org/invite",
json={"email": pro_user2["email"]},
headers=_auth_header(pro_owner["token"]),
)
assert resp.status_code == 201
data = resp.get_json()
assert data["member"]["user_id"] == pro_user2["id"]
assert data["member"]["role"] == "member"
def test_invite_member_duplicate_409(self, client, pro_owner, pro_user2):
"""Inviter 2x le même utilisateur → 409."""
resp = client.post(
"/api/v1/org/invite",
json={"email": pro_user2["email"]},
headers=_auth_header(pro_owner["token"]),
)
assert resp.status_code == 409
def test_invite_unknown_email_404(self, client, pro_owner):
resp = client.post(
"/api/v1/org/invite",
json={"email": "nobody@nowhere.com"},
headers=_auth_header(pro_owner["token"]),
)
assert resp.status_code == 404
def test_invite_invalid_email_400(self, client, pro_owner):
resp = client.post(
"/api/v1/org/invite",
json={"email": "not-an-email"},
headers=_auth_header(pro_owner["token"]),
)
assert resp.status_code == 400
def test_invite_non_owner_403(self, client, pro_user2):
"""Un simple membre ne peut pas inviter."""
resp = client.post(
"/api/v1/org/invite",
json={"email": "anyone@test.com"},
headers=_auth_header(pro_user2["token"]),
)
assert resp.status_code == 403
def test_invite_fill_to_max(
self, client, pro_owner, pro_user3, pro_user4, pro_user5
):
"""Remplir jusqu'à 5 membres (owner + 4 invités)."""
for u in (pro_user3, pro_user4, pro_user5):
resp = client.post(
"/api/v1/org/invite",
json={"email": u["email"]},
headers=_auth_header(pro_owner["token"]),
)
assert resp.status_code == 201, (
f"Invitation de {u['email']} échouée: {resp.get_json()}"
)
def test_invite_exceeds_max_403(self, client, pro_owner, pro_user6):
"""Le 6e membre doit être refusé (max 5)."""
resp = client.post(
"/api/v1/org/invite",
json={"email": pro_user6["email"]},
headers=_auth_header(pro_owner["token"]),
)
assert resp.status_code == 403
data = resp.get_json()
assert "Limite" in data["error"] or "limite" in data["error"].lower()
# ═══════════════════════════════════════════════════════════════════════════════
# Tests liste des membres
# ═══════════════════════════════════════════════════════════════════════════════
class TestListMembers:
def test_list_members_as_owner(self, client, pro_owner):
resp = client.get(
"/api/v1/org/members", headers=_auth_header(pro_owner["token"])
)
assert resp.status_code == 200
data = resp.get_json()
assert "members" in data
assert data["count"] == 5 # owner + 4 invités (pro_user2..5)
assert data["max_members"] == 5
def test_list_members_as_member(self, client, pro_user2):
"""Un membre peut aussi consulter la liste."""
resp = client.get(
"/api/v1/org/members", headers=_auth_header(pro_user2["token"])
)
assert resp.status_code == 200
data = resp.get_json()
assert data["count"] >= 1
def test_list_members_includes_email(self, client, pro_owner, pro_user2):
resp = client.get(
"/api/v1/org/members", headers=_auth_header(pro_owner["token"])
)
data = resp.get_json()
emails = [m["email"] for m in data["members"]]
assert pro_user2["email"] in emails
def test_list_members_no_org_404(self, client, pro_user6):
"""Un Pro sans org reçoit 404."""
resp = client.get(
"/api/v1/org/members", headers=_auth_header(pro_user6["token"])
)
assert resp.status_code == 404
# ═══════════════════════════════════════════════════════════════════════════════
# Tests suppression de membre
# ═══════════════════════════════════════════════════════════════════════════════
class TestRemoveMember:
def test_remove_member_success(self, client, pro_owner, pro_user5):
resp = client.delete(
f"/api/v1/org/members/{pro_user5['id']}",
headers=_auth_header(pro_owner["token"]),
)
assert resp.status_code == 200
data = resp.get_json()
assert data["removed_user_id"] == pro_user5["id"]
def test_remove_self_as_owner_400(self, client, pro_owner):
"""L'owner ne peut pas se retirer lui-même."""
resp = client.delete(
f"/api/v1/org/members/{pro_owner['id']}",
headers=_auth_header(pro_owner["token"]),
)
assert resp.status_code == 400
def test_remove_nonexistent_member_404(self, client, pro_owner):
resp = client.delete(
"/api/v1/org/members/nonexistent-id-xyz",
headers=_auth_header(pro_owner["token"]),
)
assert resp.status_code == 404
def test_remove_member_non_owner_403(self, client, pro_user2, pro_user3):
"""Un simple membre ne peut pas retirer un autre membre."""
resp = client.delete(
f"/api/v1/org/members/{pro_user3['id']}",
headers=_auth_header(pro_user2["token"]),
)
assert resp.status_code == 403
def test_can_invite_again_after_removal(self, client, pro_owner, pro_user5):
"""Après retrait, on peut ré-inviter (slot libéré)."""
resp = client.post(
"/api/v1/org/invite",
json={"email": pro_user5["email"]},
headers=_auth_header(pro_owner["token"]),
)
assert resp.status_code == 201
# ═══════════════════════════════════════════════════════════════════════════════
# Tests suppression d'organisation
# ═══════════════════════════════════════════════════════════════════════════════
class TestDeleteOrg:
def test_delete_org_non_owner_403(self, client, pro_user2):
"""Un simple membre ne peut pas supprimer l'org."""
resp = client.delete("/api/v1/org", headers=_auth_header(pro_user2["token"]))
assert resp.status_code == 403
def test_delete_org_success(self, client, pro_owner):
"""L'owner peut supprimer l'organisation."""
resp = client.delete("/api/v1/org", headers=_auth_header(pro_owner["token"]))
assert resp.status_code == 200
data = resp.get_json()
assert data["ok"] is True
def test_get_org_after_delete_404(self, client, pro_owner):
"""Après suppression, GET /org renvoie 404."""
resp = client.get("/api/v1/org", headers=_auth_header(pro_owner["token"]))
assert resp.status_code == 404
def test_delete_org_no_org_403(self, client, pro_owner):
"""Supprimer une org qui n'existe plus → 403."""
resp = client.delete("/api/v1/org", headers=_auth_header(pro_owner["token"]))
assert resp.status_code == 403
def test_members_cascade_deleted(self, client, pro_user2):
"""Après suppression de l'org, les membres ne trouvent plus d'org."""
resp = client.get(
"/api/v1/org/members", headers=_auth_header(pro_user2["token"])
)
assert resp.status_code == 404

5
tests/test_user_tokens.py
View File

@@ -36,6 +36,7 @@ os.environ["JWT_SECRET_KEY"] = "test-secret-hrt80"
sys.path.insert(0, os.path.dirname(os.path.dirname(__file__)))
from app_v1 import create_app # noqa: E402
from api_tokens_db import migrate_api_tokens_tables # noqa: E402
TEST_CONFIG = {
"TESTING": True,
@@ -45,6 +46,10 @@ TEST_CONFIG = {
@pytest.fixture(scope="module")
def app():
# Enforce this module s temp DB at fixture runtime
os.environ["TURF_SAAS_DB"] = _tmp_db.name
os.environ["JWT_SECRET_KEY"] = "test-secret-hrt80"
migrate_api_tokens_tables() # ensure tables exist in THIS module s temp DB
application = create_app()
application.config.update(TEST_CONFIG)
yield application