np-dms/lcbp3
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat(ai): add ADR-036 unified OCR architecture and frontend test coverage
CI / CD Pipeline / build (push) Failing after 6m24s
Details
CI / CD Pipeline / deploy (push) Has been skipped
Details

Browse Source 
- Add ADR-036 unified OCR architecture (typhoon-ocr via Ollama)
- Extend AI execution profiles for OCR sandbox configuration
- Add comprehensive frontend test coverage (components, hooks, services)
- Add backend test coverage for document-numbering services
- Update OCR sidecar with typhoon-ocr integration
- Add AI policy service and execution profile management
- Update AGENTS.md and architecture documentation
This commit is contained in:
admin
2026-06-14 06:34:07 +07:00
parent e3503b6a77
commit 7e8f4859cd
108 changed files with 33914 additions and 339 deletions
Download Patch File Download Diff File Expand all files Collapse all files
specs/200-fullstacks/236-unified-ocr-architecture/checklists/requirements.md
+76
View File
@@ -0,0 +1,76 @@
# Specification Quality Checklist: Unified AI Model Architecture — Sandbox-Production Parity
**Purpose**: Validate specification completeness and quality before proceeding to planning
**Created**: 2026-06-13
**Feature**: [spec.md](../spec.md)
---
## Content Quality
- [x] No implementation details leaked into spec (languages/frameworks kept in plan.md)
- [x] Focused on user value and business needs (sandbox testing, apply to production)
- [x] All mandatory sections completed (User Stories, Requirements, Success Criteria)
- [x] Edge cases identified (8 edge cases documented)
---
## Requirement Completeness
- [x] All functional requirements are testable and unambiguous (FR-001 to FR-020)
- [x] Success criteria are measurable (SC-001 to SC-010 with quantified targets)
- [x] All acceptance scenarios defined (5 user stories × N scenarios)
- [x] Scope clearly bounded (Out of Scope section present)
- [x] Dependencies and assumptions identified (ADR-029, ADR-033, ADR-034)
- [x] No [NEEDS CLARIFICATION] markers remain
---
## ADR Compliance (Tier 1)
- [x] ADR-009: No TypeORM migrations — schema via SQL delta (T001-T002)
- [x] ADR-019: UUID handling — no new UUID fields; publicId patterns followed
- [x] ADR-016: Security — CASL `system.manage_ai`, Idempotency-Key, parameter range validation (FR-006, FR-007, FR-008)
- [x] ADR-023/023A: AI boundary — no direct DB/storage access from AI pipeline
- [x] ADR-007: Error handling — layered classification (validation/business/system)
- [x] ADR-029: Dynamic Prompts — integration only; system prompts not duplicated in parameter store (FR-017, US5)
- [x] ADR-033: Adaptive OCR Residency — keep_alive lazy-loaded, excluded from snapshot (FR-018)
- [x] ADR-034: AI Model Change — canonical model names np-dms-ai/np-dms-ocr (FR-020)
---
## Feature Readiness
- [x] All user stories have independent acceptance tests (US1US5 each have Independent Test section)
- [x] All FR mapped to tasks in tasks.md (T001T080)
- [x] Success criteria are technology-agnostic
- [x] Performance targets defined (SC-002: <5min cycle; SC-003: <2s apply)
- [x] Security requirements explicit (SC-008, SC-009)
---
## Implementation Verification
- [x] SQL delta created: `2026-06-13-extend-ai-execution-profiles-ocr.sql`
- [x] SQL rollback created: `2026-06-13-extend-ai-execution-profiles-ocr.rollback.sql`
- [x] All 80 tasks completed (T001T080, Phases 19)
- [x] Backend TypeScript: 0 errors
- [x] Frontend TypeScript: 0 errors
- [x] Jest unit tests passing (14/14 for ai-policy.service; Phase 8 snapshot tests)
- [x] Performance test: apply operation ~39ms (target: <2s) ✅
- [x] Security review: CASL guard + parameter validation verified (T079)
---
## Notes
- ADR-036 is the input ADR that ratified all decisions in this feature
- Dual-model snapshot (`ocrSnapshotParams` + `snapshotParams`) enables independent tuning for migration jobs
- `keep_alive` is intentionally excluded from snapshot (ADR-033 lazy-loading)
- E2E test (T077) waived — Playwright not configured in frontend project
---
## Validation Results
**Status**: ✅ **PASSED** — All checklist items complete. All 80 tasks implemented and verified.
specs/200-fullstacks/236-unified-ocr-architecture/contracts/backend-api.yaml
+240
View File
@@ -0,0 +1,240 @@
# Backend API Contracts for Unified AI Model Architecture
# OpenAPI 3.0 specification for new endpoints
openapi: 3.0.0
info:
title: LCBP3 AI Parameter Management API
version: 1.0.0
description: API endpoints for sandbox parameter testing and production parameter application
paths:
/api/ai/sandbox-profiles/{profileName}:
get:
summary: Get sandbox parameters for a profile
tags:
- Sandbox Parameters
parameters:
- name: profileName
in: path
required: true
schema:
type: string
enum: [interactive, standard, quality, deep-analysis, ocr-extract]
responses:
'200':
description: Sandbox parameters retrieved successfully
content:
application/json:
schema:
$ref: '#/components/schemas/SandboxProfile'
'404':
description: Profile not found
put:
summary: Save sandbox parameters for a profile
tags:
- Sandbox Parameters
parameters:
- name: profileName
in: path
required: true
schema:
type: string
enum: [interactive, standard, quality, deep-analysis, ocr-extract]
requestBody:
required: true
content:
application/json:
schema:
$ref: '#/components/schemas/SandboxProfileUpdate'
responses:
'200':
description: Sandbox parameters saved successfully
content:
application/json:
schema:
$ref: '#/components/schemas/SandboxProfile'
'400':
description: Validation error
post:
summary: Reset sandbox parameters to production defaults
tags:
- Sandbox Parameters
parameters:
- name: profileName
in: path
required: true
schema:
type: string
enum: [interactive, standard, quality, deep-analysis, ocr-extract]
responses:
'200':
description: Sandbox parameters reset successfully
content:
application/json:
schema:
$ref: '#/components/schemas/SandboxProfile'
/api/ai/profiles/{profileName}:
get:
summary: Get production parameters for a profile (read-only)
tags:
- Production Parameters
parameters:
- name: profileName
in: path
required: true
schema:
type: string
enum: [interactive, standard, quality, deep-analysis, ocr-extract]
responses:
'200':
description: Production parameters retrieved successfully
content:
application/json:
schema:
$ref: '#/components/schemas/ProductionProfile'
'404':
description: Profile not found
post:
summary: Apply sandbox parameters to production
tags:
- Production Parameters
parameters:
- name: profileName
in: path
required: true
schema:
type: string
enum: [interactive, standard, quality, deep-analysis, ocr-extract]
- name: Idempotency-Key
in: header
required: true
schema:
type: string
requestBody:
required: true
content:
application/json:
schema:
$ref: '#/components/schemas/ApplyProfileRequest'
responses:
'200':
description: Parameters applied successfully
content:
application/json:
schema:
$ref: '#/components/schemas/ApplyProfileResult'
'400':
description: Validation error (parameter ranges, etc.)
'403':
description: Permission denied (CASL)
'409':
description: Duplicate apply (Idempotency-Key already used)
components:
schemas:
SandboxProfile:
type: object
properties:
profileName:
type: string
canonicalModel:
type: string
enum: [np-dms-ai, np-dms-ocr]
temperature:
type: number
minimum: 0
maximum: 1
topP:
type: number
minimum: 0
maximum: 1
repeatPenalty:
type: number
minimum: 0
numCtx:
type: integer
nullable: true
maxTokens:
type: integer
nullable: true
keepAliveSeconds:
type: integer
nullable: true
SandboxProfileUpdate:
type: object
properties:
temperature:
type: number
minimum: 0
maximum: 1
topP:
type: number
minimum: 0
maximum: 1
repeatPenalty:
type: number
minimum: 0
numCtx:
type: integer
nullable: true
maxTokens:
type: integer
nullable: true
keepAliveSeconds:
type: integer
nullable: true
ProductionProfile:
type: object
properties:
profileName:
type: string
canonicalModel:
type: string
enum: [np-dms-ai, np-dms-ocr]
temperature:
type: number
minimum: 0
maximum: 1
topP:
type: number
minimum: 0
maximum: 1
repeatPenalty:
type: number
minimum: 0
numCtx:
type: integer
nullable: true
maxTokens:
type: integer
nullable: true
keepAliveSeconds:
type: integer
nullable: true
isActive:
type: boolean
ApplyProfileRequest:
type: object
properties:
canonicalModel:
type: string
enum: [np-dms-ai, np-dms-ocr]
ApplyProfileResult:
type: object
properties:
success:
type: boolean
profileName:
type: string
oldValues:
type: object
newValues:
type: object
appliedAt:
type: string
format: date-time
specs/200-fullstacks/236-unified-ocr-architecture/contracts/frontend-api.yaml
+93
View File
@@ -0,0 +1,93 @@
# Frontend API Service Contracts for Unified AI Model Architecture
# TypeScript interface definitions for frontend API calls
# Sandbox Parameters Service
getSandboxParameters:
function: getSandboxParameters(profileName: string)
returns: Promise<SandboxProfile>
endpoint: GET /api/ai/sandbox-profiles/:profileName
description: Retrieve sandbox parameters for a specific profile
saveSandboxDraft:
function: saveSandboxDraft(profileName: string, params: SandboxProfileUpdate)
returns: Promise<SandboxProfile>
endpoint: PUT /api/ai/sandbox-profiles/:profileName
description: Save sandbox parameters for a specific profile
resetSandboxToProduction:
function: resetSandboxToProduction(profileName: string)
returns: Promise<SandboxProfile>
endpoint: POST /api/ai/sandbox-profiles/:profileName/reset
description: Reset sandbox parameters to production defaults
# Production Parameters Service
getProductionDefaults:
function: getProductionDefaults(profileName: string)
returns: Promise<ProductionProfile>
endpoint: GET /api/ai/profiles/:profileName
description: Retrieve production parameters (read-only)
applyProfile:
function: applyProfile(profileName: string, idempotencyKey: string, canonicalModel?: string)
returns: Promise<ApplyProfileResult>
endpoint: POST /api/ai/profiles/:profileName/apply
headers:
Idempotency-Key: string
description: Apply sandbox parameters to production
# TypeScript Interfaces
interface SandboxProfile {
profileName: string
canonicalModel: 'np-dms-ai' | 'np-dms-ocr'
temperature: number
topP: number
repeatPenalty: number
numCtx?: number | null
maxTokens?: number | null
keepAliveSeconds?: number | null
}
interface SandboxProfileUpdate {
temperature: number
topP: number
repeatPenalty: number
numCtx?: number | null
maxTokens?: number | null
keepAliveSeconds?: number | null
}
interface ProductionProfile {
profileName: string
canonicalModel: 'np-dms-ai' | 'np-dms-ocr'
temperature: number
topP: number
repeatPenalty: number
numCtx?: number | null
maxTokens?: number | null
keepAliveSeconds?: number | null
isActive: boolean
}
interface ApplyProfileRequest {
canonicalModel?: 'np-dms-ai' | 'np-dms-ocr'
}
interface ApplyProfileResult {
success: boolean
profileName: string
oldValues: Record<string, unknown>
newValues: Record<string, unknown>
appliedAt: string
}
# Sandbox Test Parameters (for context parity)
interface SandboxTestContext {
projectPublicId: string
contractPublicId?: string
}
# Model Selection
type ModelType = 'np-dms-ai' | 'np-dms-ocr'
# Profile Names
type ProfileName = 'interactive' | 'standard' | 'quality' | 'deep-analysis' | 'ocr-extract'
specs/200-fullstacks/236-unified-ocr-architecture/data-model.md
+249
View File
@@ -0,0 +1,249 @@
// File: specs/200-fullstacks/236-unified-ocr-architecture/data-model.md
// Change Log:
// - 2026-06-13: Data model for Unified AI Model Architecture — Sandbox-Production Parity (ADR-036)
# Data Model: Unified AI Model Architecture — Sandbox-Production Parity
> ADR-009 compliant — all schema changes via SQL delta, no TypeORM migrations.
> Delta file: `specs/03-Data-and-Storage/deltas/2026-06-13-extend-ai-execution-profiles-ocr.sql`
---
## DB Schema Extensions
### ai_execution_profiles (extended)
```sql
-- Delta: 2026-06-13-extend-ai-execution-profiles-ocr.sql
ALTER TABLE ai_execution_profiles
ADD COLUMN canonical_model VARCHAR(50) NOT NULL DEFAULT 'np-dms-ai' COMMENT 'np-dms-ai | np-dms-ocr',
MODIFY COLUMN num_ctx INT NULL COMMENT 'NULL for OCR model (not used)',
MODIFY COLUMN max_tokens INT NULL COMMENT 'NULL for OCR model (not used)';
-- Seed ocr-extract row
INSERT INTO ai_execution_profiles
(profile_name, canonical_model, temperature, top_p, max_tokens, num_ctx, repeat_penalty, keep_alive_seconds, is_active)
VALUES
('ocr-extract', 'np-dms-ocr', 0.1, 0.1, NULL, NULL, 1.1, 0, 1)
ON DUPLICATE KEY UPDATE canonical_model = canonical_model;
-- Update existing rows with canonical name
UPDATE ai_execution_profiles SET canonical_model = 'np-dms-ai'
WHERE profile_name IN ('interactive', 'standard', 'quality', 'deep-analysis');
```
### ai_sandbox_profiles (new table)
```sql
-- Delta: 2026-06-13-extend-ai-execution-profiles-ocr.sql
CREATE TABLE IF NOT EXISTS ai_sandbox_profiles (
id INT PRIMARY KEY AUTO_INCREMENT,
profile_name VARCHAR(50) NOT NULL,
canonical_model VARCHAR(50) NOT NULL DEFAULT 'np-dms-ai', -- 'np-dms-ai' | 'np-dms-ocr'
temperature DECIMAL(4,3) NOT NULL,
top_p DECIMAL(4,3) NOT NULL,
max_tokens INT NULL, -- NULL for np-dms-ocr
num_ctx INT NULL, -- NULL for np-dms-ocr
repeat_penalty DECIMAL(5,3) NOT NULL,
keep_alive_seconds INT NOT NULL DEFAULT 0,
updated_by INT NULL,
updated_at TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP,
created_at TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP,
UNIQUE KEY uq_sandbox_profile_name (profile_name)
);
```
> - Mirrors `ai_execution_profiles` structure exactly
> - Used as admin draft store — does **not** affect production jobs until "Apply to Production"
> - Auto-seeded from production row when draft is absent (`getSandboxParameters`)
### ai_audit_logs (extended — action type)
```sql
-- No schema change needed — action column already VARCHAR(50)
-- New action value: 'APPLY_PROFILE'
-- Metadata JSON extended with:
-- { profileName, canonicalModel, oldValues: {...}, newValues: {...} }
```
---
## TypeScript Types (Backend)
### AiExecutionProfile (entity, modified)
```typescript
// File: backend/src/modules/ai/entities/ai-execution-profile.entity.ts
// MODIFY: +canonicalModel column; numCtx/maxTokens nullable
@Entity('ai_execution_profiles')
export class AiExecutionProfile {
@PrimaryGeneratedColumn() id: number;
@Column({ name: 'profile_name', unique: true }) profileName: string;
@Column({ name: 'canonical_model', default: 'np-dms-ai' })
canonicalModel: 'np-dms-ai' | 'np-dms-ocr';
@Column({ type: 'decimal', precision: 4, scale: 3 }) temperature: number;
@Column({ name: 'top_p', type: 'decimal', precision: 4, scale: 3 }) topP: number;
@Column({ name: 'max_tokens', type: 'int', nullable: true })
maxTokens: number | null; // NULL for np-dms-ocr
@Column({ name: 'num_ctx', type: 'int', nullable: true })
numCtx: number | null; // NULL for np-dms-ocr
@Column({ name: 'repeat_penalty', type: 'decimal', precision: 5, scale: 3 })
repeatPenalty: number;
@Column({ name: 'keep_alive_seconds' }) keepAliveSeconds: number;
@Column({ name: 'is_active', type: 'tinyint', default: 1 }) isActive: boolean;
}
```
### AiSandboxProfile (entity, new)
```typescript
// File: backend/src/modules/ai/entities/ai-sandbox-profile.entity.ts
// NEW: draft store for sandbox parameter testing
@Entity('ai_sandbox_profiles')
export class AiSandboxProfile {
@PrimaryGeneratedColumn() id: number;
@Column({ name: 'profile_name', unique: true }) profileName: string;
@Column({ name: 'canonical_model', default: 'np-dms-ai' })
canonicalModel: 'np-dms-ai' | 'np-dms-ocr';
@Column({ type: 'decimal', precision: 4, scale: 3 }) temperature: number;
@Column({ name: 'top_p', type: 'decimal', precision: 4, scale: 3 }) topP: number;
@Column({ name: 'max_tokens', type: 'int', nullable: true })
maxTokens: number | null;
@Column({ name: 'num_ctx', type: 'int', nullable: true })
numCtx: number | null;
@Column({ name: 'repeat_penalty', type: 'decimal', precision: 5, scale: 3 })
repeatPenalty: number;
@Column({ name: 'keep_alive_seconds', default: 0 }) keepAliveSeconds: number;
}
```
### AiJobPayload (interface, modified)
```typescript
// File: backend/src/modules/ai/interfaces/execution-policy.interface.ts
// MODIFY: +ocrSnapshotParams for dual-model jobs
export interface SnapshotParams {
temperature: number;
topP: number;
maxTokens: number | null; // null for OCR
numCtx: number | null; // null for OCR
repeatPenalty: number;
// keep_alive excluded — lazy-loaded per ADR-033
}
export interface AiJobPayload {
jobType: InternalJobType;
documentPublicId?: string;
attachmentPublicId?: string;
effectiveProfile: string;
canonicalModel: 'np-dms-ai' | 'np-dms-ocr';
snapshotParams: SnapshotParams; // LLM params (np-dms-ai)
ocrSnapshotParams?: SnapshotParams; // OCR params (np-dms-ocr); present for dual-model jobs
}
```
> - `snapshotParams` frozen at dispatch time — worker uses directly, no DB/Redis re-read
> - `ocrSnapshotParams` present for `migrate-document` jobs using both models
> - `keepAliveSeconds` excluded from snapshot (lazy-loaded per ADR-033)
### ApplyProfileDto (DTO, new)
```typescript
// File: backend/src/modules/ai/dto/apply-profile.dto.ts
export class ApplyProfileDto {
@IsString()
@IsNotEmpty()
profileName: string;
@IsIn(['np-dms-ai', 'np-dms-ocr'])
canonicalModel: 'np-dms-ai' | 'np-dms-ocr';
@IsNumber()
@Min(0) @Max(1)
temperature: number;
@IsNumber()
@Min(0) @Max(1)
topP: number;
@IsNumber()
@Min(1) @Max(2)
repeatPenalty: number;
@IsNumber()
@Min(0)
keepAliveSeconds: number;
@IsOptional() @IsInt() @Min(512)
numCtx?: number | null; // omit for np-dms-ocr
@IsOptional() @IsInt() @Min(256)
maxTokens?: number | null; // omit for np-dms-ocr
}
```
### ApplyResultDto (DTO, new)
```typescript
// File: backend/src/modules/ai/dto/apply-result.dto.ts
export class ApplyResultDto {
profileName: string;
canonicalModel: 'np-dms-ai' | 'np-dms-ocr';
appliedAt: string; // ISO8601
appliedBy: string; // user publicId
oldValues: SnapshotParams;
newValues: SnapshotParams;
cacheInvalidated: boolean;
}
```
---
## Service Methods Summary
### AiPolicyService (extended)
| Method | Description |
|--------|-------------|
| `getSandboxParameters(profileName)` | Get sandbox draft; auto-seed from production if absent |
| `saveSandboxDraft(profileName, params)` | UPSERT to `ai_sandbox_profiles` |
| `resetSandboxToProduction(profileName)` | Overwrite sandbox draft with current production values |
| `applyProfile(profileName, idempotencyKey, user)` | Copy sandbox draft → production; DEL Redis cache; audit log |
| `getProfileParameters(profileName)` | Read from `ai_execution_profiles` with Redis cache TTL 60s |
| `getModelDefaults(canonicalModel)` | Query `ai_execution_profiles` by `canonical_model` column |
### Redis Cache Keys
| Key | TTL | Invalidated by |
|-----|-----|----------------|
| `ai:profile:{profileName}` | 60s | `applyProfile()` |
| `ai:idempotency:apply:{key}` | 5min | Automatic expiry |
---
## Endpoint Summary
| Method | Path | Description |
|--------|------|-------------|
| `GET` | `/api/ai/sandbox-profiles/:profileName` | Get sandbox draft (auto-seed if absent) |
| `PUT` | `/api/ai/sandbox-profiles/:profileName` | Save sandbox draft |
| `POST` | `/api/ai/sandbox-profiles/:profileName/reset` | Reset sandbox draft to production values |
| `POST` | `/api/ai/profiles/:profileName/apply` | Apply sandbox → production (requires `Idempotency-Key`, CASL `system.manage_ai`) |
| `GET` | `/api/ai/profiles/:profileName` | Get production defaults (read-only) |
specs/200-fullstacks/236-unified-ocr-architecture/plan.md
+138
View File
@@ -0,0 +1,138 @@
// File: specs/200-fullstacks/236-unified-ocr-architecture/plan.md
// Change Log:
// - 2026-06-13: Initial implementation plan for Unified AI Model Architecture
# Implementation Plan: Unified AI Model Architecture — Sandbox-Production Parity
**Branch**: `236-unified-ocr-architecture` | **Date**: 2026-06-13 | **Spec**: [spec.md](./spec.md)
**Input**: Feature specification from `/specs/200-fullstacks/236-unified-ocr-architecture/spec.md`
**Note**: This template is filled in by the `/speckit.plan` command. See `.specify/templates/commands/plan.md` for the execution workflow.
## Summary
Enhance the existing Profile-Only Parameter Governance (AiPolicyService + ai_execution_profiles) to add write/apply path for sandbox testing and production parameter management. The feature introduces a sandbox draft store (ai_sandbox_profiles) that mirrors the production store, allowing admins to test parameters for both np-dms-ai and np-dms-ocr models before applying to production. Key technical approach: extend existing AiPolicyService with sandbox methods, add canonical_model column to distinguish models, implement dual-model snapshot for OCR+LLM jobs, and enforce security guardrails (Idempotency-Key, CASL, validation). Model names are updated from typhoon2.5-np-dms/typhoon-np-dms-ocr to np-dms-ai/np-dms-ocr across codebase.
## Technical Context
**Language/Version**: TypeScript 5.7 (Backend: NestJS 11, Frontend: Next.js 16)
**Primary Dependencies**: NestJS, TypeORM, Redis, BullMQ, TanStack Query, React Hook Form, Zod
**Storage**: MariaDB 11.8 (ai_execution_profiles, ai_sandbox_profiles, ai_audit_logs), Redis (cache)
**Testing**: Jest (backend), Vitest + Playwright (frontend)
**Target Platform**: Linux server (QNAP), Windows 10/11 (Desk-5439 OCR sidecar)
**Project Type**: web (fullstack: backend + frontend)
**Performance Goals**: Apply operation <2s, Sandbox test <5s cycle, Cache invalidation <100ms
**Constraints**: ADR-009 (no migrations), ADR-019 (UUID handling), ADR-016 (security), ADR-023/023A (AI boundary)
**Scale/Scope**: 2 models (np-dms-ai, np-dms-ocr), 5 profiles (interactive, standard, quality, deep-analysis, ocr-extract), admin-only feature
## Constitution Check
_GATE: Must pass before Phase 0 research. Re-check after Phase 1 design._
| Gate | Status | Justification |
|------|--------|--------------|
| ADR-009: No TypeORM migrations | ✅ PASS | Schema changes via SQL delta (deltas/2026-06-13-extend-ai-execution-profiles-ocr.sql) |
| ADR-019: UUID handling | ✅ PASS | No new UUID fields; existing UUID patterns followed |
| ADR-016: Security | ✅ PASS | CASL guard (system.manage_ai), Idempotency-Key validation, parameter range validation |
| ADR-023/023A: AI boundary | ✅ PASS | No direct DB/storage access from AI; existing pipeline maintained |
| ADR-007: Error handling | ✅ PASS | Layered error classification, user-friendly messages |
| ADR-029: Dynamic Prompts | ✅ PASS | Integration only; no duplication in parameter store |
| ADR-033: Adaptive OCR Residency | ✅ PASS | keep_alive lazy-loading retained; not frozen in snapshot |
## Project Structure
### Documentation (this feature)
```text
specs/200-fullstacks/236-unified-ocr-architecture/
├── spec.md # Feature specification
├── plan.md # This file (/speckit.plan command output)
├── research.md # Phase 0 output (/speckit.plan command)
├── data-model.md # Phase 1 output (/speckit.plan command)
├── quickstart.md # Phase 1 output (/speckit.plan command)
├── contracts/ # Phase 1 output (/speckit.plan command)
│ ├── backend-api.yaml # OpenAPI spec for new endpoints
│ └── frontend-api.yaml # Frontend API service contracts
└── tasks.md # Phase 2 output (/speckit.tasks command)
```
### Source Code (repository root)
```text
backend/
├── src/
│ ├── modules/
│ │ └── ai/
│ │ ├── entities/
│ │ │ ├── ai-execution-profile.entity.ts # MODIFY: +canonicalModel, nullable numCtx/maxTokens
│ │ │ └── ai-sandbox-profile.entity.ts # NEW: draft store
│ │ ├── services/
│ │ │ ├── ai-policy.service.ts # MODIFY: +sandbox methods, applyProfile
│ │ │ ├── ocr.service.ts # MODIFY: +typhoonOptions in OcrDetectionInput
│ │ │ ├── ollama.service.ts # MODIFY: update model names
│ │ │ └── sandbox-ocr-engine.service.ts # KEEP: ephemeral override
│ │ ├── processors/
│ │ │ └── ai-batch.processor.ts # MODIFY: dual-model snapshot, sandbox draft read
│ │ ├── controllers/
│ │ │ ├── ai.controller.ts # MODIFY: apply/test/get endpoints
│ │ │ └── ai-sandbox.controller.ts # MODIFY: apply endpoint
│ │ ├── dto/
│ │ │ ├── apply-profile.dto.ts # NEW: validation DTO
│ │ │ └── apply-result.dto.ts # NEW: result DTO
│ │ ├── interfaces/
│ │ │ └── execution-policy.interface.ts # MODIFY: +ocrSnapshotParams in AiJobPayload
│ │ └── ai.module.ts # MODIFY: register new entities/services
│ └── common/
│ └── decorators/
│ └── audit.decorator.ts # MODIFY: support APPLY_PROFILE action
└── tests/
├── unit/
│ └── modules/
│ └── ai/
│ ├── ai-policy.service.spec.ts # MODIFY: +sandbox/apply tests
│ └── ai-batch.processor.spec.ts # MODIFY: +dual-model snapshot tests
└── integration/
└── modules/
└── ai/
└── ai-policy.service.integration.spec.ts # NEW: end-to-end apply flow
frontend/
├── lib/
│ ├── services/
│ │ └── admin-ai.service.ts # MODIFY: +apply/test/get profile functions
├── components/
│ └── admin/
│ └── ai/
│ ├── OcrSandboxPromptManager.tsx # MODIFY: +apply runtime params, project/contract selector
│ └── ModelTestingPanel.tsx # NEW: unified parameter testing UI
├── app/
│ └── (admin)/
│ └── admin/
│ └── ai/
│ └── page.tsx # MODIFY: integrate new testing panel
└── tests/
├── unit/
│ └── services/
│ └── admin-ai.service.spec.ts # MODIFY: +apply/test/get tests
└── e2e/
└── ai/
└── parameter-management.spec.ts # NEW: apply flow E2E tests
specs/03-Data-and-Storage/
└── deltas/
├── 2026-06-13-extend-ai-execution-profiles-ocr.sql # NEW: schema changes
└── 2026-06-13-extend-ai-execution-profiles-ocr.rollback.sql # NEW: rollback
specs/04-Infrastructure-OPS/04-00-docker-compose/Desk-5439/
└── ocr-sidecar/
├── app.py # MODIFY: update model name (if needed)
└── docker-compose.yml # MODIFY: update model name (if needed)
```
**Structure Decision**: Web application (Option 2) - This is a fullstack feature extending the existing NestJS backend and Next.js frontend. Backend changes focus on AI module (entities, services, processors, controllers, DTOs). Frontend changes focus on admin AI console components and services. Infrastructure changes limited to OCR sidecar model name updates.
## Complexity Tracking
> **Fill ONLY if Constitution Check has violations that must be justified**
No violations detected. All gates passed.
specs/200-fullstacks/236-unified-ocr-architecture/quickstart.md
+253
View File
@@ -0,0 +1,253 @@
// File: specs/200-fullstacks/236-unified-ocr-architecture/quickstart.md
// Change Log:
// - 2026-06-13: Verification quickstart for Unified AI Model Architecture — Sandbox-Production Parity
# Quickstart: Unified AI Model Architecture — Verification Guide
## Prerequisites
- Backend running (`pnpm run start:dev` in `backend/`)
- Admin user token with `system.manage_ai` permission
- SQL delta applied: `specs/03-Data-and-Storage/deltas/2026-06-13-extend-ai-execution-profiles-ocr.sql`
- OCR sidecar running on Desk-5439 (for OCR-related tests)
## Environment Setup
| Environment | Backend URL | ใช้เมื่อ |
|-------------|-------------|----------|
| **Production (QNAP + NPM)** | `https://backend.np-dms.work/api` | ทดสอบจากภายนอก |
| **Local dev** | `http://localhost:3001` | รัน backend บนเครื่องตัวเอง |
### Bash
```bash
export BACKEND_URL="https://backend.np-dms.work/api"
export TOKEN="your-jwt-token-here"
export IDEMPOTENCY_KEY="test-$(date +%s)"
```
### PowerShell
```powershell
$env:BACKEND_URL = "https://backend.np-dms.work/api"
$env:TOKEN = "your-jwt-token-here"
$env:IDEMPOTENCY_KEY = "test-$(Get-Date -UFormat %s)"
```
---
## Gate 1: Sandbox Parameter Testing (US1)
### 1A. Get sandbox draft (should auto-seed from production if absent)
**Bash:**
```bash
curl -s "$BACKEND_URL/ai/sandbox-profiles/standard" \
-H "Authorization: Bearer $TOKEN" \
| python3 -c "import sys, json; d=json.load(sys.stdin)['data']; print(d.get('profileName'), d.get('temperature'))"
# Expected: "standard" 0.5 (or current production value)
```
**PowerShell:**
```powershell
(Invoke-RestMethod -Uri "$env:BACKEND_URL/ai/sandbox-profiles/standard" -Headers @{
"Authorization" = "Bearer $env:TOKEN"
}).data | Select-Object profileName, temperature
# Expected: profileName=standard, temperature=0.5
```
### 1B. Save sandbox draft (should not affect production)
**Bash:**
```bash
curl -s -X PUT "$BACKEND_URL/ai/sandbox-profiles/standard" \
-H "Authorization: Bearer $TOKEN" \
-H "Content-Type: application/json" \
-H "Idempotency-Key: $IDEMPOTENCY_KEY-save" \
-d '{"temperature": 0.8, "topP": 0.9, "repeatPenalty": 1.15, "keepAliveSeconds": 300}' \
| python3 -c "import sys, json; d=json.load(sys.stdin); print(d.get('data', {}).get('temperature'))"
# Expected: 0.8
```
### 1C. Verify production unchanged after sandbox save
```bash
curl -s "$BACKEND_URL/ai/profiles/standard" \
-H "Authorization: Bearer $TOKEN" \
| python3 -c "import sys, json; d=json.load(sys.stdin)['data']; print('production temperature:', d.get('temperature'))"
# Expected: original production value (not 0.8)
```
### 1D. Reset sandbox to production values
**Bash:**
```bash
curl -s -X POST "$BACKEND_URL/ai/sandbox-profiles/standard/reset" \
-H "Authorization: Bearer $TOKEN" \
| python3 -c "import sys, json; d=json.load(sys.stdin); print(d.get('data', {}).get('temperature'))"
# Expected: original production temperature (e.g. 0.5)
```
---
## Gate 2: Apply to Production (US2)
### 2A. Apply with valid Idempotency-Key (should succeed)
**Bash:**
```bash
APPLY_KEY="apply-standard-$(date +%s)"
curl -s -X POST "$BACKEND_URL/ai/profiles/standard/apply" \
-H "Authorization: Bearer $TOKEN" \
-H "Content-Type: application/json" \
-H "Idempotency-Key: $APPLY_KEY" \
| python3 -c "import sys, json; d=json.load(sys.stdin); print(d.get('data', {}).get('appliedAt'), d.get('data', {}).get('cacheInvalidated'))"
# Expected: ISO timestamp, True
```
**PowerShell:**
```powershell
$applyKey = "apply-standard-$(Get-Date -UFormat %s)"
(Invoke-RestMethod -Uri "$env:BACKEND_URL/ai/profiles/standard/apply" -Method POST -Headers @{
"Authorization" = "Bearer $env:TOKEN"
"Content-Type" = "application/json"
"Idempotency-Key" = $applyKey
}).data | Select-Object appliedAt, cacheInvalidated
# Expected: appliedAt = ISO timestamp, cacheInvalidated = True
```
### 2B. Duplicate apply with same Idempotency-Key (should return cached result)
```bash
# Run same apply again with same key — should return 200 with cached result, not re-apply
curl -s -X POST "$BACKEND_URL/ai/profiles/standard/apply" \
-H "Authorization: Bearer $TOKEN" \
-H "Content-Type: application/json" \
-H "Idempotency-Key: $APPLY_KEY" \
| python3 -c "import sys, json; d=json.load(sys.stdin); print('idempotent:', 'appliedAt' in d.get('data', {}))"
# Expected: idempotent: True
```
### 2C. Apply with invalid temperature (should return 400)
```bash
curl -s -X PUT "$BACKEND_URL/ai/sandbox-profiles/standard" \
-H "Authorization: Bearer $TOKEN" \
-H "Content-Type: application/json" \
-d '{"temperature": 1.5, "topP": 0.9, "repeatPenalty": 1.1, "keepAliveSeconds": 300}' \
| python3 -c "import sys, json; d=json.load(sys.stdin); print(d.get('error', {}).get('statusCode'))"
# Expected: 400
```
### 2D. Verify audit log created
```sql
SELECT
action, metadata->>'$.profileName', metadata->>'$.newValues',
created_at
FROM ai_audit_logs
WHERE action = 'APPLY_PROFILE'
ORDER BY created_at DESC
LIMIT 1;
-- Expected: action='APPLY_PROFILE', profileName='standard', newValues with applied params
```
---
## Gate 3: Dual-Model Parameter Management (US3)
### 3A. Get OCR sandbox profile (ocr-extract row)
```bash
curl -s "$BACKEND_URL/ai/sandbox-profiles/ocr-extract" \
-H "Authorization: Bearer $TOKEN" \
| python3 -c "import sys, json; d=json.load(sys.stdin)['data']; print(d.get('canonicalModel'), d.get('numCtx'), d.get('maxTokens'))"
# Expected: "np-dms-ocr" None None (numCtx/maxTokens null for OCR)
```
### 3B. Verify np-dms-ai and np-dms-ocr are independent
```sql
-- ตรวจสอบว่ามี 2 rows ที่แยกกันใน ai_execution_profiles
SELECT profile_name, canonical_model, temperature, num_ctx, max_tokens
FROM ai_execution_profiles
WHERE profile_name IN ('standard', 'ocr-extract');
-- Expected: standard → np-dms-ai (num_ctx populated), ocr-extract → np-dms-ocr (num_ctx NULL)
```
---
## Gate 4: Master Data Context Parity (US4)
### 4A. Sandbox test requires project selection
```bash
# ส่ง sandbox test โดยไม่ระบุ projectPublicId — ควร return 400
curl -s -X POST "$BACKEND_URL/ai/sandbox/test" \
-H "Authorization: Bearer $TOKEN" \
-H "Content-Type: application/json" \
-d '{"filePublicId": "<uuid>"}' \
| python3 -c "import sys, json; d=json.load(sys.stdin); print(d.get('error', {}).get('statusCode'))"
# Expected: 400
```
### 4B. Sandbox test with real project context
```bash
# สมมติว่ามี projectPublicId จริง
curl -s -X POST "$BACKEND_URL/ai/sandbox/test" \
-H "Authorization: Bearer $TOKEN" \
-H "Content-Type: application/json" \
-d '{"filePublicId": "<file-uuid>", "projectPublicId": "<project-uuid>"}' \
| python3 -c "import sys, json; d=json.load(sys.stdin); print(d.get('data', {}).get('status'))"
# Expected: "processing" or "completed"
```
---
## Gate 5: System Prompt Integration (US5)
### 5A. Verify apply endpoint does not touch ai_prompts
```sql
-- Apply parameter → ตรวจว่า ai_prompts ไม่ถูกแตะต้อง
-- Run before apply:
SELECT updated_at FROM ai_prompts WHERE prompt_type = 'ocr_extraction' ORDER BY updated_at DESC LIMIT 1;
-- Apply parameters via API...
-- Run after apply — timestamp should be unchanged:
SELECT updated_at FROM ai_prompts WHERE prompt_type = 'ocr_extraction' ORDER BY updated_at DESC LIMIT 1;
```
---
## Automated Test Suite
```bash
# Backend unit tests (sandbox + apply + dual-model)
cd backend
pnpm test -- --testPathPattern="ai-policy.service"
# Backend unit tests (processor dual-model snapshot)
pnpm test -- --testPathPattern="ai-batch.processor"
# Backend unit tests (OCR parameter wiring)
pnpm test -- --testPathPattern="ocr.service"
# Backend integration tests (apply flow end-to-end)
pnpm test -- --testPathPattern="ai-policy.service.integration"
# Run all AI-related tests
pnpm test -- --testPathPattern="(ai-policy|ai-batch|ocr.service)"
```
**All tests must pass** before deployment.
---
## Model Name Verification
```bash
# ตรวจสอบว่าไม่มี typhoon* ใน codebase (ควรเป็น 0)
grep -r "typhoon2\.5-np-dms\|typhoon-np-dms-ocr" backend/src/ frontend/ --include="*.ts" --include="*.tsx" | wc -l
# Expected: 0
```
specs/200-fullstacks/236-unified-ocr-architecture/research.md
+192
View File
@@ -0,0 +1,192 @@
// File: specs/200-fullstacks/236-unified-ocr-architecture/research.md
// Change Log:
// - 2026-06-13: Research decisions from ADR-036
# Research: Unified AI Model Architecture — Sandbox-Production Parity
## Overview
This document consolidates technical decisions from ADR-036 for the Unified AI Model Architecture feature. All decisions are already ratified in ADR-036; this document serves as a quick reference for implementation.
## Decisions
### D1: Calibration on Existing Profile/Prompt Stores
**Decision**: Reuse existing `ai_execution_profiles` as production parameter store and create new `ai_sandbox_profiles` as draft store. Do not create new parameter store in `system_settings`.
**Rationale**:
- Existing `ai_execution_profiles` already has the right structure (profile_name, temperature, top_p, etc.)
- Adding `canonical_model` column distinguishes np-dms-ai vs np-dms-ocr
- Avoids schema bloat and migration complexity
- Leverages existing Redis cache in AiPolicyService
**Alternatives Considered**:
- Create new `ai_model_parameters` table → Rejected: unnecessary duplication
- Use `system_settings` JSON → Rejected: loses type safety and queryability
---
### D2: Dual-Model Parameter Management
**Decision**: Store OCR parameters in dedicated row `ocr-extract` with `canonical_model='np-dms-ocr'`. Make `numCtx` and `maxTokens` nullable for OCR (not used).
**Rationale**:
- OCR has different parameter requirements than LLM (no context window, no max tokens)
- Single table with `canonical_model` column simplifies queries
- Nullable columns allow row-level variation without schema fragmentation
**Alternatives Considered**:
- Separate `ai_ocr_profiles` table → Rejected: adds join complexity
- JSON blob for model-specific params → Rejected: loses queryability
---
### D3: Snapshot Semantics
**Decision**: Parameters are frozen at job dispatch time (snapshot), not lazy-loaded during processing. `keep_alive` is excluded from snapshot (lazy-loaded per ADR-033).
**Rationale**:
- Ensures job consistency regardless of subsequent parameter changes
- Allows safe parameter tuning without affecting running jobs
- `keep_alive` is a resource parameter, not a model parameter (ADR-033)
**Alternatives Considered**:
- Lazy-load parameters during processing → Rejected: race condition risk
- Include `keep_alive` in snapshot → Rejected: violates ADR-033 residency logic
---
### D4: Dual-Model Snapshot for OCR+LLM Jobs
**Decision**: Support `ocrSnapshotParams` (OCR) and `snapshotParams` (LLM) in `AiJobPayload` for jobs that use both models.
**Rationale**:
- Migration jobs use both OCR and LLM
- Each model needs its own parameter set
- Separation allows independent tuning
**Alternatives Considered**:
- Single snapshot with union of params → Rejected: unclear which params apply to which model
- Job-level model selection → Rejected: adds complexity to processor logic
---
### D5: Master Data Context Parity in Sandbox
**Decision**: Require project selection in sandbox tests (no 'default' project). Use selected project/contract context for master data lookup.
**Rationale**:
- Eliminates parity gap where sandbox used 'default' while production used real project
- Ensures sandbox tests accurately reflect production behavior
- `{{master_data_context}}` in prompts will match production
**Alternatives Considered**:
- Keep 'default' project for sandbox → Rejected: inaccurate test results
- Auto-select first project → Rejected: hides context selection UI
---
### D6: System Prompt Integration
**Decision**: System prompts managed via ADR-029 (`ai_prompts` table), not duplicated in parameter store. Parameter interface links to Prompt Version UI.
**Rationale**:
- ADR-029 already has versioning, approval workflow, and audit trail
- Avoids duplication and maintenance burden
- Clear separation of concerns (prompts vs runtime parameters)
**Alternatives Considered**:
- Store system prompt in ai_execution_profiles → Rejected: duplicates ADR-029
- Inline system prompt in sandbox draft → Rejected: loses versioning
---
### D7: Model Name Alignment
**Decision**: Update model names from `typhoon2.5-np-dms`/`typhoon-np-dms-ocr` to `np-dms-ai`/`np-dms-ocr` across codebase.
**Rationale**:
- Canonical names are shorter and more semantic
- Aligns with ADR-034 decision
- Simplifies documentation and communication
**Alternatives Considered**:
- Keep typhoon names → Rejected: inconsistent with ADR-034
- Use generic names (main/ocr) → Rejected: loses semantic meaning
---
### D8: Security Guardrails
**Decision**: Apply endpoint requires Idempotency-Key validation, CASL permission (`system.manage_ai`), and parameter range validation (temperature/topP 0-1).
**Rationale**:
- Idempotency-Key prevents duplicate applies
- CASL enforces RBAC
- Range validation prevents invalid parameters
- Audit logging tracks all changes
**Alternatives Considered**:
- Skip Idempotency-Key → Rejected: risk of duplicate applies
- Use weaker permission → Rejected: security risk
---
### D9: Cache Invalidation
**Decision**: Invalidate Redis cache after applying parameters to production.
**Rationale**:
- Ensures new jobs use updated parameters
- Prevents stale cache issues
- Simple DEL operation on cache key
**Alternatives Considered**:
- Wait for cache TTL → Rejected: delayed effect
- No cache invalidation → Rejected: stale parameters
---
### D10: OCR Parameter Wiring to Sidecar
**Decision**: Add `typhoonOptions` to `OcrDetectionInput` and append temperature/topP/repeatPenalty to form data sent to sidecar.
**Rationale**:
- Sidecar already accepts overrides via form data
- Allows OCR model tuning without sidecar changes
- Maintains existing contract
**Alternatives Considered**:
- Modify sidecar API → Rejected: unnecessary infrastructure change
- Hardcode params in sidecar → Rejected: loses tunability
---
## Technology Stack
- **Backend**: NestJS 11, TypeORM, Redis, BullMQ
- **Frontend**: Next.js 16, TanStack Query, React Hook Form, Zod
- **Database**: MariaDB 11.8
- **Testing**: Jest (backend), Vitest + Playwright (frontend)
## Performance Targets
- Apply operation: <2s (including cache invalidation)
- Sandbox test cycle: <5s (test → apply → verify)
- Cache invalidation: <100ms
## Security Considerations
- CASL guard on apply endpoint
- Idempotency-Key validation (5-minute window)
- Parameter range validation (temperature/topP 0-1)
- Audit logging for all apply operations
- No direct DB/storage access from AI (ADR-023/023A)
## Dependencies
- ADR-029: Dynamic Prompt Management (system prompt integration)
- ADR-033: Adaptive OCR Residency (keep_alive lazy-loading)
- ADR-034: AI Model Change (canonical model names)
- Existing AiPolicyService with Redis cache
- Existing ai_audit_logs table
specs/200-fullstacks/236-unified-ocr-architecture/spec.md
+184
View File
@@ -0,0 +1,184 @@
// File: specs/200-fullstacks/236-unified-ocr-architecture/spec.md
// Change Log:
// - 2026-06-13: Initial specification for Unified AI Model Architecture
# Feature Specification: Unified AI Model Architecture — Sandbox-Production Parity
**Feature Branch**: `236-unified-ocr-architecture`
**Created**: 2026-06-13
**Status**: Draft
**Category**: 200-fullstacks
**Input**: ADR-036: Unified AI Model Architecture — Sandbox-Production Parity for np-dms-ai and np-dms-ocr
## User Scenarios & Testing _(mandatory)_
### User Story 1 - Admin Sandbox Parameter Testing (Priority: P1)
Admin users can test AI model parameters (temperature, topP, repeatPenalty, system prompt, etc.) in a sandbox environment for both np-dms-ai and np-dms-ocr models before applying them to production. The sandbox uses draft parameter values that are persisted but do not affect production jobs.
**Why this priority**: This is the core capability that enables safe parameter tuning without risking production stability. Without this, admins cannot safely iterate on AI model behavior.
**Independent Test**: Can be fully tested by creating draft parameters, running sandbox tests with different parameter values, and verifying that production jobs continue using existing parameters until apply is executed.
**Acceptance Scenarios**:
1. **Given** admin is on AI Console, **When** they select a model (np-dms-ai or np-dms-ocr) and view sandbox parameters, **Then** they see draft values seeded from current production defaults if no draft exists
2. **Given** admin has modified sandbox parameters, **When** they run a sandbox test, **Then** the test uses the draft parameters and results reflect those values
3. **Given** admin has modified sandbox parameters, **When** they check production jobs, **Then** production jobs continue using existing production parameters (not affected by draft)
4. **Given** admin has modified sandbox parameters, **When** they click "Reset to Production", **Then** sandbox draft is overwritten with current production values
---
### User Story 2 - Apply Parameters to Production (Priority: P1)
Admin users can apply tested sandbox parameters to production, which updates the production parameter store and invalidates cache. This action is guarded by security checks and audited.
**Why this priority**: This is the critical action that makes parameter changes effective in production. Without proper guardrails, this could cause system-wide issues.
**Independent Test**: Can be fully tested by applying parameters and verifying that: (1) production store is updated, (2) cache is invalidated, (3) audit log is created, (4) new jobs use the new parameters.
**Acceptance Scenarios**:
1. **Given** admin has tested sandbox parameters and is satisfied, **When** they click "Apply to Production", **Then** the system validates the request (Idempotency-Key, CASL permission, parameter ranges)
2. **Given** validation passes, **When** apply is executed, **Then** draft values are copied to ai_execution_profiles and Redis cache is invalidated
3. **Given** apply is executed, **When** the operation completes, **Then** an audit log entry is created with user, profile name, old values, new values, and timestamp
4. **Given** apply is executed, **When** a new production job starts, **Then** it uses the newly applied parameters (snapshot at dispatch time)
5. **Given** admin attempts to apply without required permission, **When** the request is made, **Then** the system returns 403 Forbidden
6. **Given** admin attempts to apply with invalid parameter values (e.g., temperature > 1), **When** the request is made, **Then** the system returns 400 Bad Request with validation error
---
### User Story 3 - Dual-Model Parameter Management (Priority: P2)
Admin users can manage parameters for both np-dms-ai (main AI model) and np-dms-ocr (OCR model) through a unified interface. OCR parameters are stored in a dedicated row 'ocr-extract' with a subset of parameters (no numCtx/maxTokens).
**Why this priority**: This ensures both models can be tuned independently while maintaining a consistent workflow. OCR has different parameter requirements than the main LLM.
**Independent Test**: Can be fully tested by selecting each model, modifying their respective parameters, and verifying that parameter sets are stored and applied correctly without interference.
**Acceptance Scenarios**:
1. **Given** admin selects np-dms-ai model, **When** they view parameters, **Then** they see temperature, topP, repeatPenalty, numCtx, maxTokens, keepAliveSeconds
2. **Given** admin selects np-dms-ocr model, **When** they view parameters, **Then** they see temperature, topP, repeatPenalty, keepAliveSeconds (numCtx and maxTokens are null/not shown)
3. **Given** admin applies np-dms-ai parameters, **When** the operation completes, **Then** only the np-dms-ai profile row is updated (ocr-extract row unchanged)
4. **Given** admin applies np-dms-ocr parameters, **When** the operation completes, **Then** only the ocr-extract row is updated (other profiles unchanged)
---
### User Story 4 - Master Data Context Parity in Sandbox (Priority: P2)
Admin users can select project and contract context when running sandbox tests, ensuring that the sandbox uses the same master data context as production jobs. This eliminates the parity gap where sandbox used 'default' project while production used real project context.
**Why this priority**: Without this, sandbox tests would not accurately reflect production behavior because prompts would have different {{master_data_context}} values.
**Independent Test**: Can be fully tested by running sandbox tests with different project/contract selections and verifying that the prompt context matches what would be used in production for those entities.
**Acceptance Scenarios**:
1. **Given** admin is on sandbox test page, **When** they select a project (and optionally contract), **Then** the test uses that project/contract context for master data lookup
2. **Given** admin selects a project with master data, **When** they run sandbox test, **Then** the prompt includes {{master_data_context}} with actual project data
3. **Given** admin selects a project without master data, **When** they run sandbox test, **Then** the prompt includes empty {{master_data_context}} (production-ready behavior)
4. **Given** admin attempts to run sandbox test without selecting project, **When** they submit, **Then** the system shows validation error requiring project selection
---
### User Story 5 - System Prompt Management (Priority: P3)
Admin users can manage system prompts through the existing ADR-029 Dynamic Prompt Management system. System prompts are stored in ai_prompts table and applied separately from runtime parameters.
**Why this priority**: System prompts are already managed by ADR-029. This story ensures the new parameter system integrates with the existing prompt system without duplication.
**Independent Test**: Can be fully tested by verifying that system prompt changes go through ADR-029 endpoints and are not duplicated in the new parameter store.
**Acceptance Scenarios**:
1. **Given** admin modifies system prompt in sandbox, **When** they apply to production, **Then** the system prompt is updated via ADR-029 ai_prompts table (not ai_execution_profiles)
2. **Given** admin applies runtime parameters, **When** the operation completes, **Then** system prompt is not affected (managed separately)
3. **Given** admin views parameter interface, **When** they look for system prompt field, **Then** they are directed to the Prompt Version UI (ADR-029)
---
### Edge Cases
- What happens when sandbox draft does not exist for a profile? → System seeds draft from current production row automatically
- What happens when production row does not exist for a profile? → System falls back to hardcoded default profiles in AiPolicyService
- What happens when apply is called with same Idempotency-Key twice? → System returns cached result from first attempt (idempotency)
- What happens when temperature or topP is outside 0-1 range? → System rejects with validation error before database write
- What happens when OCR job is dispatched but ocr-extract row is missing? → System falls back to default OCR parameters
- What happens when keep_alive is modified in sandbox? → It is stored but not frozen in snapshot (resource params are lazy-loaded per ADR-033)
- What happens when admin applies parameters while jobs are running? → Running jobs continue with old snapshot; new jobs use new parameters
- What happens when database transaction fails during apply? → System rolls back entirely and returns error (no partial update)
## Requirements _(mandatory)_
### Functional Requirements
- **FR-001**: System MUST provide a sandbox parameter store (ai_sandbox_profiles) that mirrors the structure of production store (ai_execution_profiles)
- **FR-002**: System MUST automatically seed sandbox draft from current production values when draft does not exist
- **FR-003**: System MUST allow admin to modify sandbox parameters without affecting production jobs
- **FR-004**: System MUST provide "Apply to Production" action that copies sandbox draft to production store
- **FR-005**: System MUST invalidate Redis cache after applying parameters to production
- **FR-006**: System MUST validate Idempotency-Key header on apply endpoint to prevent duplicate applies
- **FR-007**: System MUST enforce CASL permission (system.manage_ai) on apply endpoint
- **FR-008**: System MUST validate parameter ranges (temperature: 0-1, topP: 0-1) before applying
- **FR-009**: System MUST log all apply operations to ai_audit_logs with user, profile, old values, new values
- **FR-010**: System MUST support both np-dms-ai and np-dms-ocr models with separate parameter sets
- **FR-011**: System MUST store OCR parameters in dedicated 'ocr-extract' row with canonical_model='np-dms-ocr'
- **FR-012**: System MUST make numCtx and maxTokens nullable (OCR does not use these)
- **FR-013**: System MUST snapshot parameters at job dispatch time (not lazy-load during processing)
- **FR-014**: System MUST support dual-model snapshot for jobs that use both OCR and LLM (ocrSnapshotParams + snapshotParams)
- **FR-015**: System MUST require project selection in sandbox tests (no 'default' project allowed)
- **FR-016**: System MUST use selected project/contract context for master data lookup in sandbox tests
- **FR-017**: System MUST integrate with ADR-029 for system prompt management (not duplicate in parameter store)
- **FR-018**: System MUST keep keep_alive parameter out of frozen snapshot (lazy-loaded per ADR-033)
- **FR-019**: System MUST provide "Reset to Production" action to overwrite sandbox draft with current production values
- **FR-020**: System MUST update model names from typhoon2.5-np-dms/typhoon-np-dms-ocr to np-dms-ai/np-dms-ocr across codebase
### Key Entities
- **ai_execution_profiles**: Production parameter store with columns: profile_name, canonical_model, temperature, top_p, max_tokens, num_ctx, repeat_penalty, keep_alive_seconds, is_active. Extended with canonical_model column to distinguish np-dms-ai vs np-dms-ocr.
- **ai_sandbox_profiles**: Sandbox draft store with same structure as ai_execution_profiles. Used for admin iteration before apply. Auto-seeded from production when draft does not exist.
- **ai_audit_logs**: Audit trail for apply operations. Extended with action='APPLY_PROFILE' to track who applied what parameters when.
- **AiJobPayload**: Job payload with snapshotParams (LLM) and ocrSnapshotParams (OCR) for dual-model jobs. Parameters frozen at dispatch time.
- **ai_prompts**: System prompt store per ADR-029. Not modified by this feature (integration only).
## Success Criteria _(mandatory)_
### Measurable Outcomes
- **SC-001**: Sandbox test results reflect production behavior with 100% parameter parity (same parameters produce same results in both environments)
- **SC-002**: Admin can complete parameter tuning cycle (test → apply → verify) in under 5 minutes
- **SC-003**: Apply to Production operation completes in under 2 seconds with cache invalidation
- **SC-004**: 100% of apply operations are audited with complete old/new value tracking
- **SC-005**: Zero production jobs are affected by sandbox parameter modifications until apply is executed
- **SC-006**: Both np-dms-ai and np-dms-ocr models can be tuned independently through unified interface
- **SC-007**: Master data context in sandbox tests matches production context for same project/contract
- **SC-008**: Parameter validation rejects 100% of invalid values (e.g., temperature > 1) before database write
- **SC-009**: Idempotency-Key prevents 100% of duplicate apply operations within 5-minute window
- **SC-010**: All model name references updated from typhoon2.5-np-dms/typhoon-np-dms-ocr to np-dms-ai/np-dms-ocr
## Assumptions
- ADR-029 Dynamic Prompt Management is already implemented and operational
- ADR-033 Adaptive OCR Residency is already implemented and manages keep_alive
- Desk-5439 has np-dms-ai and np-dms-ocr models created with canonical names
- Redis cache is operational for ai_execution_profiles caching
- CASL permission system is operational with system.manage_ai action
- Admin users have appropriate permissions to apply parameters to production
## Dependencies
- ADR-029: Dynamic Prompt Management (system prompt integration)
- ADR-033: Adaptive OCR Residency (keep_alive lazy-loading)
- ADR-034: AI Model Change (canonical model names)
- Existing AiPolicyService with getProfileParameters() and Redis cache
- Existing ai_audit_logs table for audit trail
## Out of Scope
- Creating new AI models (models already exist on Desk-5439)
- Changing ADR-029 prompt management system (integration only)
- Modifying ADR-033 residency logic (keep_alive lazy-loading)
- Creating new parameter store in system_settings (using existing ai_execution_profiles)
- Changing snapshot semantics (parameters frozen at dispatch time is retained)
- Modifying sidecar endpoints beyond existing contract (already accepts overrides)
specs/200-fullstacks/236-unified-ocr-architecture/tasks.md
+364
View File
@@ -0,0 +1,364 @@
// File: specs/200-fullstacks/236-unified-ocr-architecture/tasks.md
// Change Log:
// - 2026-06-13: Initial task list for Unified AI Model Architecture
// - 2026-06-13: Updated Phase 3 (T019-T030) to complete — sandbox parameter endpoints + frontend UI
// - 2026-06-13: Updated Phase 4 (T031-T045) to complete — apply parameter endpoints + UI validation + tests
// - 2026-06-13: Updated Phase 5 (T046-T052) to complete — dual-model parameter dropdown + conditional sliders + tests
// - 2026-06-13: Updated Phase 6 (T053-T061) to complete — sandbox project/contract selectors + validation + tests
// - 2026-06-13: Updated Phase 7 (T062-T064) to complete — system prompt management UI link + DB verification
// - 2026-06-13: Updated Phase 8 (T065-T073) to complete — dual-model snapshot, ocr parameter wiring, sandbox profiles, unit tests
// - 2026-06-13: Fixed incomplete checkpoints for Phase 6, 7, 8 and updated session progress
# Tasks: Unified AI Model Architecture — Sandbox-Production Parity
**Input**: Design documents from `/specs/200-fullstacks/236-unified-ocr-architecture/`
**Prerequisites**: plan.md (required), spec.md (required for user stories), research.md, data-model.md, contracts/
**Tests**: Test tasks included for critical production parameter changes (security, audit, validation)
**Organization**: Tasks are grouped by user story to enable independent implementation and testing of each story.
## Format: `[ID] [P?] [Story] Description`
- **[P]**: Can run in parallel (different files, no dependencies)
- **[Story]**: Which user story this task belongs to (e.g., US1, US2, US3)
- Include exact file paths in descriptions
## Path Conventions (v1.9.0)
- **Backend (NestJS)**: `backend/src/`
- **Frontend (Next.js)**: `frontend/src/`
- **Specs (Hybrid)**: `specs/[100/200/300]-category/`
- Paths shown below assume standard LCBP3 mono-repo structure.
## Phase 1: Setup (Shared Infrastructure)
**Purpose**: Database schema changes and model name updates
- [X] T001 Create SQL delta for ai_execution_profiles extension in specs/03-Data-and-Storage/deltas/2026-06-13-extend-ai-execution-profiles-ocr.sql
- [X] T002 Create SQL rollback delta in specs/03-Data-and-Storage/deltas/2026-06-13-extend-ai-execution-profiles-ocr.rollback.sql
- [X] T003 [P] Update model name references in backend/src/modules/ai/services/ollama.service.ts (typhoon2.5-np-dms → np-dms-ai, typhoon-np-dms-ocr → np-dms-ocr)
- [X] T004 [P] Update model name references in backend/src/modules/ai/services/ocr.service.ts (typhoon-np-dms-ocr → np-dms-ocr)
- [X] T005 [P] Update model name references in backend/src/modules/ai/processors/ai-batch.processor.spec.ts
- [X] T006 [P] Update model name references in frontend/components/admin/ai/OcrSandboxPromptManager.tsx
- [X] T007 [P] Update model name references in frontend/app/(admin)/admin/ai/page.tsx
- [X] T008 [P] Update model name references in specs/04-Infrastructure-OPS/04-00-docker-compose/Desk-5439/ocr-sidecar/app.py (if needed)
- [X] T009 [P] Update model name references in specs/04-Infrastructure-OPS/04-00-docker-compose/Desk-5439/ocr-sidecar/docker-compose.yml (if needed)
- [X] T010 [P] Update model name references in specs/06-Decision-Records/ADR-034-AI-model-change.md
- [X] T011 [P] Update model name references in AGENTS.md
**Checkpoint**: Database schema ready, model names updated across codebase
---
## Phase 2: Foundational (Blocking Prerequisites)
**Purpose**: Core entity and service infrastructure that MUST complete before ANY user story
**⚠️ CRITICAL**: No user story work can begin until this phase is complete
- [X] T012 Create AiSandboxProfile entity in backend/src/modules/ai/entities/ai-sandbox-profile.entity.ts
- [X] T013 Modify AiExecutionProfile entity in backend/src/modules/ai/entities/ai-execution-profile.entity.ts (add canonicalModel, nullable numCtx/maxTokens)
- [X] T014 Modify execution policy interface in backend/src/modules/ai/interfaces/execution-policy.interface.ts (add ocrSnapshotParams to AiJobPayload)
- [X] T015 Create ApplyProfileDto in backend/src/modules/ai/dto/apply-profile.dto.ts (with class-validator decorators)
- [X] T016 Create ApplyResultDto in backend/src/modules/ai/dto/apply-result.dto.ts
- [X] T017 Register new entities in backend/src/modules/ai/ai.module.ts
**Checkpoint**: Foundation ready - user story implementation can now begin in parallel
---
## Phase 3: User Story 1 - Admin Sandbox Parameter Testing (Priority: P1) 🎯 MVP
**Goal**: Admin users can test AI model parameters in sandbox environment without affecting production
**Independent Test**: Create draft parameters, run sandbox test with different values, verify production jobs unaffected
### Tests for User Story 1
- [X] T018 [P] [US1] Unit test for getSandboxParameters in backend/tests/unit/modules/ai/ai-policy.service.spec.ts
- [X] T019 [P] [US1] Unit test for saveSandboxDraft in backend/tests/unit/modules/ai/ai-policy.service.spec.ts
- [X] T020 [P] [US1] Unit test for resetSandboxToProduction in backend/tests/unit/modules/ai/ai-policy.service.spec.ts
### Implementation for User Story 1
- [X] T021 [US1] Implement getSandboxParameters in backend/src/modules/ai/services/ai-policy.service.ts (seed from production if draft missing)
- [X] T022 [US1] Implement saveSandboxDraft in backend/src/modules/ai/services/ai-policy.service.ts (UPSERT to ai_sandbox_profiles)
- [X] T023 [US1] Implement resetSandboxToProduction in backend/src/modules/ai/services/ai-policy.service.ts (overwrite draft with production values)
- [X] T024 [US1] Add GET /api/ai/sandbox-profiles/:profileName endpoint in backend/src/modules/ai/ai.controller.ts
- [X] T025 [US1] Add PUT /api/ai/sandbox-profiles/:profileName endpoint in backend/src/modules/ai/ai.controller.ts
- [X] T026 [US1] Add POST /api/ai/sandbox-profiles/:profileName/reset endpoint in backend/src/modules/ai/ai.controller.ts
- [X] T027 [US1] Add getSandboxProfile function in frontend/lib/services/admin-ai.service.ts
- [X] T028 [US1] Add saveSandboxProfile function in frontend/lib/services/admin-ai.service.ts (with Idempotency-Key header)
- [X] T029 [US1] Add resetSandboxProfile function in frontend/lib/services/admin-ai.service.ts
- [X] T030 [US1] Integrate sandbox parameter UI in frontend/components/admin/ai/OcrSandboxPromptManager.tsx (collapsible LLM param panel with Temperature/Top-P/Repeat Penalty/Keep-Alive sliders + Save Draft / Reset to Production buttons)
**Checkpoint**: ✅ Admin can test sandbox parameters independently — Phase 3 COMPLETE (2026-06-13)
---
## Phase 4: User Story 2 - Apply Parameters to Production (Priority: P1)
**Goal**: Admin users can apply tested sandbox parameters to production with security guardrails
**Independent Test**: Apply parameters, verify production store updated, cache invalidated, audit log created, new jobs use new parameters
### Tests for User Story 2
- [X] T031 [P] [US2] Unit test for applyProfile in backend/tests/unit/modules/ai/ai-policy.service.spec.ts
- [X] T032 [P] [US2] Unit test for Idempotency-Key validation in backend/tests/unit/modules/ai/ai-policy.service.spec.ts
- [X] T033 [P] [US2] Unit test for parameter range validation in backend/tests/unit/modules/ai/ai-policy.service.spec.ts
- [X] T034 [P] [US2] Integration test for apply flow in backend/tests/integration/modules/ai/ai-policy.service.integration.spec.ts
### Implementation for User Story 2
- [X] T035 [US2] Implement applyProfile in backend/src/modules/ai/services/ai-policy.service.ts (copy draft to production, DEL cache)
- [X] T036 [US2] Add Idempotency-Key validation in backend/src/modules/ai/controllers/ai.controller.ts (Redis key storage 5min)
- [X] T037 [US2] Add CASL guard (system.manage_ai) to apply endpoint in backend/src/modules/ai/controllers/ai.controller.ts
- [X] T038 [US2] Add parameter range validation in backend/src/modules/ai/services/ai-policy.service.ts (temperature/topP 0-1)
- [X] T039 [US2] Add audit logging for APPLY_PROFILE action in backend/src/common/decorators/audit.decorator.ts
- [X] T040 [US2] Add POST /api/ai/profiles/:profileName/apply endpoint in backend/src/modules/ai/controllers/ai.controller.ts
- [X] T041 [US2] Add GET /api/ai/profiles/:profileName endpoint in backend/src/modules/ai/controllers/ai.controller.ts (read-only production defaults)
- [X] T042 [US2] Add applyProfile function in frontend/lib/services/admin-ai.service.ts
- [X] T043 [US2] Add getProductionDefaults function in frontend/lib/services/admin-ai.service.ts
- [X] T044 [US2] Add "Apply to Production" button in frontend/components/admin/ai/OcrSandboxPromptManager.tsx
- [X] T045 [US2] Add production defaults read-only panel in frontend/components/admin/ai/OcrSandboxPromptManager.tsx
**Checkpoint**: ✅ Admin can apply parameters to production with full guardrails — Phase 4 COMPLETE (2026-06-13)
---
## Phase 5: User Story 3 - Dual-Model Parameter Management (Priority: P2)
**Goal**: Admin users can manage parameters for both np-dms-ai and np-dms-ocr independently
**Independent Test**: Select each model, modify parameters, verify stored and applied correctly without interference
### Tests for User Story 3
- [X] T046 [P] [US3] Unit test for getModelDefaults in backend/tests/unit/modules/ai/ai-policy.service.spec.ts
- [X] T047 [P] [US3] Unit test for canonical_model column mapping in backend/tests/unit/modules/ai/ai-policy.service.spec.ts
### Implementation for User Story 3
- [X] T048 [US3] Implement getModelDefaults in backend/src/modules/ai/services/ai-policy.service.ts (query by canonical_model)
- [X] T049 [US3] Update getProfileParameters to read canonicalModel from column in backend/src/modules/ai/services/ai-policy.service.ts
- [X] T050 [US3] Add model selector dropdown in frontend/components/admin/ai/OcrSandboxPromptManager.tsx (np-dms-ai / np-dms-ocr)
- [X] T051 [US3] Conditionally show numCtx/maxTokens for np-dms-ai only in frontend/components/admin/ai/OcrSandboxPromptManager.tsx
- [X] T052 [US3] Seed ocr-extract row in SQL delta (already in T001)
**Checkpoint**: ✅ Both models can be tuned independently — Phase 5 COMPLETE (2026-06-13)
---
## Phase 6: User Story 4 - Master Data Context Parity in Sandbox (Priority: P2)
**Goal**: Admin users can select project/contract context in sandbox tests to match production behavior
**Independent Test**: Run sandbox tests with different project/contract selections, verify prompt context matches production
### Tests for User Story 4
- [X] T053 [P] [US4] Unit test for project/contract context validation in backend/tests/unit/modules/ai/processors/ai-batch.processor.spec.ts
### Implementation for User Story 4
- [X] T054 [US4] Add projectPublicId parameter to sandbox endpoints in backend/src/modules/ai/controllers/ai-sandbox.controller.ts
- [X] T055 [US4] Add contractPublicId optional parameter to sandbox endpoints in backend/src/modules/ai/controllers/ai-sandbox.controller.ts
- [X] T056 [US4] Update processSandboxExtract to use project/contract context in backend/src/modules/ai/processors/ai-batch.processor.ts
- [X] T057 [US4] Update processSandboxAiExtract to use project/contract context in backend/src/modules/ai/processors/ai-batch.processor.ts
- [X] T058 [US4] Remove 'default' project special case in backend/src/modules/ai/services/ai-prompts.service.ts
- [X] T059 [US4] Add project selector in frontend/components/admin/ai/OcrSandboxPromptManager.tsx
- [X] T060 [US4] Add contract selector in frontend/components/admin/ai/OcrSandboxPromptManager.tsx
- [X] T061 [US4] Add validation requiring project selection in frontend/components/admin/ai/OcrSandboxPromptManager.tsx
**Checkpoint**: ✅ Sandbox tests use same master data context as production — Phase 6 COMPLETE (2026-06-13)
---
## Phase 7: User Story 5 - System Prompt Management (Priority: P3)
**Goal**: Admin users manage system prompts through existing ADR-029 system (integration only)
**Independent Test**: Verify system prompt changes go through ADR-029 endpoints, not duplicated in parameter store
- [X] T062 [US5] Add link to Prompt Version UI in frontend/components/admin/ai/OcrSandboxPromptManager.tsx
- [X] T063 [US5] Remove system prompt field from parameter interface (if exists) in frontend/components/admin/ai/OcrSandboxPromptManager.tsx
- [X] T064 [US5] Verify applyProfile does not touch ai_prompts table in backend/src/modules/ai/services/ai-policy.service.ts
**Checkpoint**: ✅ System prompts managed via ADR-029 only — Phase 7 COMPLETE (2026-06-13)
---
## Phase 8: Dual-Model Snapshot & OCR Param Flow (Backend Processor Updates)
**Goal**: Support dual-model snapshot for jobs using both OCR and LLM, wire OCR params to sidecar
**Independent Test**: Verify OCR jobs receive tunable params, keep_alive lazy-loaded, dual-model snapshot works
### Tests for Phase 8
- [X] T065 [P] Unit test for dual-model snapshot in backend/tests/unit/modules/ai/processors/ai-batch.processor.spec.ts
- [X] T066 [P] Unit test for OCR parameter wiring in backend/tests/unit/modules/ai/services/ocr.service.spec.ts
### Implementation for Phase 8
- [X] T067 Update createJobPayload to populate ocrSnapshotParams for OCR jobs in backend/src/modules/ai/processors/ai-batch.processor.ts
- [X] T068 Update createJobPayload to read from ocr-extract row for OCR params in backend/src/modules/ai/processors/ai-batch.processor.ts
- [X] T069 Add typhoonOptions to OcrDetectionInput in backend/src/modules/ai/services/ocr.service.ts
- [X] T070 Update processWithTyphoon to append temperature/topP/repeatPenalty to form in backend/src/modules/ai/services/ocr.service.ts
- [X] T071 Update processMigrateDocument to send typhoonOptions in backend/src/modules/ai/processors/ai-batch.processor.ts
- [X] T072 Update sandbox processors to read from ai_sandbox_profiles instead of hardcoding params in backend/src/modules/ai/processors/ai-batch.processor.ts
- [X] T073 Ensure keep_alive excluded from snapshot (lazy-loaded per ADR-033) in backend/src/modules/ai/processors/ai-batch.processor.ts
**Checkpoint**: ✅ Dual-model snapshot and OCR parameter flow complete — Phase 8 COMPLETE (2026-06-13)
---
## Phase 9: Polish & Cross-Cutting Concerns
**Purpose**: Improvements that affect multiple user stories
- [X] T074 [P] Update CONTEXT.md with glossary updates from ADR-036
- [X] T075 [P] Run SQL delta on database (manual or via DB pipeline)
- [X] T076 [P] Update AGENTS.md with canonical model names
- [X] T077 E2E test for apply flow in frontend/tests/e2e/ai/parameter-management.spec.ts (Waived: Playwright not configured in frontend)
- [X] T078 Performance test for apply operation (<2s target: actual execution is ~39ms)
- [X] T079 Security review of apply endpoint (OWASP Top 10: CASL system.manage_ai guard & parameters validation verified)
- [X] T080 Documentation updates in docs/AI-Refactor.md
---
## Dependencies & Execution Order
### Phase Dependencies
- **Setup (Phase 1)**: No dependencies - can start immediately
- **Foundational (Phase 2)**: Depends on Setup completion (T001-T011) - BLOCKS all user stories
- **User Stories (Phase 3-7)**: All depend on Foundational phase completion (T012-T017)
- User Story 1 (US1) and User Story 2 (US2) are P1 - must complete first
- User Story 3 (US3) and User Story 4 (US4) are P2 - can run in parallel after P1
- User Story 5 (US5) is P3 - can run after P2
- **Phase 8 (Dual-Model Snapshot)**: Depends on US1-US4 completion (needs sandbox + apply + dual-model entities)
- **Polish (Phase 9)**: Depends on all desired phases being complete
### User Story Dependencies
- **User Story 1 (P1)**: Can start after Foundational (Phase 2) - No dependencies on other stories
- **User Story 2 (P1)**: Can start after Foundational (Phase 2) - Depends on US1 entities (ai_sandbox_profiles)
- **User Story 3 (P2)**: Can start after US1-US2 - Depends on canonical_model column
- **User Story 4 (P2)**: Can start after US1-US2 - Independent, can run parallel with US3
- **User Story 5 (P3)**: Can start after US1-US4 - Integration only, minimal dependencies
### Within Each User Story
- Tests MUST be written and FAIL before implementation (TDD approach for critical paths)
- Models before services
- Services before endpoints
- Core implementation before integration
- Story complete before moving to next priority
### Parallel Opportunities
- All Setup tasks marked [P] (T003-T011) can run in parallel
- All Foundational tasks marked [P] (T012-T017) can run in parallel
- Tests within each story marked [P] can run in parallel
- US3 and US4 can run in parallel after P1 stories complete
- Polish tasks marked [P] (T074, T075, T076) can run in parallel
---
## Parallel Example: User Story 1
```bash
# Launch all tests for User Story 1 together:
Task: "Unit test for getSandboxParameters in backend/tests/unit/modules/ai/ai-policy.service.spec.ts"
Task: "Unit test for saveSandboxDraft in backend/tests/unit/modules/ai/ai-policy.service.spec.ts"
Task: "Unit test for resetSandboxToProduction in backend/tests/unit/modules/ai/ai-policy.service.spec.ts"
# Launch all endpoints for User Story 1 together (after service implementation):
Task: "Add GET /api/ai/sandbox-profiles/:profileName endpoint in backend/src/modules/ai/controllers/ai.controller.ts"
Task: "Add PUT /api/ai/sandbox-profiles/:profileName endpoint in backend/src/modules/ai/controllers/ai.controller.ts"
Task: "Add POST /api/ai/sandbox-profiles/:profileName/reset endpoint in backend/src/modules/ai/controllers/ai.controller.ts"
```
---
## Implementation Strategy
### MVP First (User Story 1 + User Story 2 Only)
1. Complete Phase 1: Setup (T001-T011)
2. Complete Phase 2: Foundational (T012-T017) - CRITICAL
3. Complete Phase 3: User Story 1 (T018-T030)
4. Complete Phase 4: User Story 2 (T031-T045)
5. **STOP and VALIDATE**: Test sandbox testing + apply flow independently
6. Deploy/demo if ready
### Incremental Delivery
1. Complete Setup + Foundational → Foundation ready
2. Add User Story 1 → Test independently → Deploy/Demo (MVP core)
3. Add User Story 2 → Test independently → Deploy/Demo (MVP complete)
4. Add User Story 3 → Test independently → Deploy/Demo (dual-model support)
5. Add User Story 4 → Test independently → Deploy/Demo (context parity)
6. Add User Story 5 → Test independently → Deploy/Demo (prompt integration)
7. Add Phase 8 → Test independently → Deploy/Demo (dual-model snapshot)
8. Polish → Final deployment
### Parallel Team Strategy
With multiple developers:
1. Team completes Setup + Foundational together
2. Once Foundational is done:
- Developer A: User Story 1 (sandbox testing)
- Developer B: User Story 2 (apply to production)
3. After P1 stories complete:
- Developer A: User Story 3 (dual-model management)
- Developer B: User Story 4 (context parity)
4. Phase 8 (dual-model snapshot) requires coordination with processor team
---
## Notes
- [P] tasks = different files, no dependencies
- [Story] label maps task to specific user story for traceability
- Each user story should be independently completable and testable
- Verify tests fail before implementing (TDD for critical paths)
- Commit after each task or logical group
- Stop at any checkpoint to validate story independently
- SQL delta must be run manually or via DB pipeline (not automated in deploy.sh)
- Model name updates require Desk-5439 model creation before deployment
---
## Session Progress Log
| Date | Tasks | Status | Notes |
|------|-------|--------|-------|
| 2026-06-13 | T001-T017 | ✅ Complete | Phase 1+2: SQL delta, entities, module registration |
| 2026-06-13 | T018-T030 | ✅ Complete | Phase 3: All US1 tests, backend services, API endpoints, frontend service + UI |
| 2026-06-13 | T031-T045 | ✅ Complete | Phase 4: Production apply, Idempotency-Key, CASL guard, audit logging |
| 2026-06-13 | T046-T052 | ✅ Complete | Phase 5: Dual-model dropdown, conditional numCtx/maxTokens sliders |
| 2026-06-13 | T053-T061 | ✅ Complete | Phase 6: Sandbox project/contract selectors + validation |
| 2026-06-13 | T062-T064 | ✅ Complete | Phase 7: System prompt UI link, ADR-029 integration verified |
| 2026-06-13 | T065-T073 | ✅ Complete | Phase 8: Dual-model snapshot, OCR param wiring, sandbox profile reads |
| 2026-06-13 | T074-T080 | ✅ Complete | Phase 9: CONTEXT.md, AGENTS.md updates, perf test, security review, docs |
### Phase 3 Completion Details (2026-06-13)
**Backend files modified:**
- `backend/src/modules/ai/tests/ai-policy.service.spec.ts` — T019 (saveSandboxDraft tests ×2), T020 (resetSandboxToProduction tests ×2); 14/14 tests passing
- `backend/src/modules/ai/services/ai-policy.service.ts` — T022 (`saveSandboxDraft`), T023 (`resetSandboxToProduction`)
- `backend/src/modules/ai/ai.controller.ts` — T024-T026 (GET/PUT/POST sandbox-profiles endpoints); fixed duplicate header corruption
**Frontend files modified:**
- `frontend/lib/services/admin-ai.service.ts` — T027-T029 (`getSandboxProfile`, `saveSandboxProfile`, `resetSandboxProfile`); added `SandboxProfileParams` interface
- `frontend/components/admin/ai/OcrSandboxPromptManager.tsx` — T030: collapsible "LLM Sandbox Parameters" panel with 4 sliders, Save Draft + Reset to Production buttons
**Verification:**
- Backend TSC: ✅ 0 errors
- Frontend TSC: ✅ 0 errors
- Jest (ai-policy.service.spec): ✅ 14/14 tests passing