Hamza/musadeq
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

🚀 Phase 4: AI Usage Tracking, Security Hardening, and Risk Monitor Dashboard

Browse Source
This commit is contained in:
Hamza-Ayed
2026-04-22 17:32:22 +03:00
parent 7e0e271be2
commit 6c1d67c695
11 changed files with 361 additions and 13 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
backend/src/modules/auth/auth.controller.ts
View File

@@ -20,6 +20,7 @@ import { LoginDto } from './dto/login.dto';
import { JwtAuthGuard } from '../../common/guards/jwt-auth.guard';
import { AuthGuard } from '@nestjs/passport';
import { CurrentUser } from '../../common/decorators/current-user.decorator';
import { Throttle } from '@nestjs/throttler';
@Controller('auth')
export class AuthController {
@@ -36,7 +37,9 @@ export class AuthController {
/**
* تسجيل الدخول
* Rate limiting: 5 requests per minute
*/
@Throttle({ default: { limit: 5, ttl: 60000 } })
@Post('login')
@HttpCode(HttpStatus.OK)
async login(@Body() dto: LoginDto) {

5
backend/src/modules/dashboard/dashboard.controller.ts
View File

@@ -17,4 +17,9 @@ export class DashboardController {
async getMultiEntityStats(@CurrentUser() user: any) {
return this.dashboardService.getMultiEntityStats(user.tenantId);
}
@Get('risk-invoices')
async getRiskInvoices(@CurrentUser() user: any) {
return this.dashboardService.getRiskInvoices(user.tenantId);
}
}

22
backend/src/modules/dashboard/dashboard.service.ts
View File

@@ -93,6 +93,9 @@ export class DashboardService {
.select('COUNT(*)', 'total')
.addSelect('SUM(CASE WHEN status = :approved THEN tax_amount ELSE 0 END)', 'totalTax')
.addSelect('COUNT(CASE WHEN status = :failed THEN 1 END)', 'failedCount')
.addSelect('SUM(ai_prompt_tokens)', 'totalPromptTokens')
.addSelect('SUM(ai_completion_tokens)', 'totalCompletionTokens')
.addSelect('SUM(ai_total_cost)', 'totalAiCost')
.where('invoice.company_id = :companyId', {
companyId: company.id,
approved: InvoiceStatus.APPROVED,
@@ -107,6 +110,10 @@ export class DashboardService {
totalInvoices: parseInt(stats.total) || 0,
totalTax: parseFloat(stats.totalTax) || 0,
failedCount: parseInt(stats.failedCount) || 0,
aiStats: {
totalTokens: (parseInt(stats.totalPromptTokens) || 0) + (parseInt(stats.totalCompletionTokens) || 0),
totalCost: parseFloat(stats.totalAiCost) || 0,
},
riskScore: this.calculateMockRiskScore(stats), // Placeholder for AI Risk Score
};
}),
@@ -122,4 +129,19 @@ export class DashboardService {
if (failedRatio > 0.05) return 45; // Medium Risk
return 12; // Low Risk
}
/**
* جلب الفواتير التي بها مخاطر (فشل التحقق أو مرفوضة) عبر كافة الشركات
*/
async getRiskInvoices(tenantId: string) {
return this.invoiceRepository.find({
where: [
{ tenant_id: tenantId, status: InvoiceStatus.VALIDATION_FAILED },
{ tenant_id: tenantId, status: InvoiceStatus.REJECTED },
],
relations: ['company'],
order: { updated_at: 'DESC' },
take: 50,
});
}
}

9
backend/src/modules/invoices/entities/invoice.entity.ts
View File

@@ -119,6 +119,15 @@ export class Invoice {
@Column({ type: 'decimal', precision: 4, scale: 3, nullable: true })
ai_confidence_score?: number;
@Column({ type: 'int', default: 0 })
ai_prompt_tokens!: number;
@Column({ type: 'int', default: 0 })
ai_completion_tokens!: number;
@Column({ type: 'decimal', precision: 10, scale: 6, default: 0 })
ai_total_cost!: number;
@CreateDateColumn({ type: 'timestamp' })
created_at!: Date;

17
backend/src/modules/invoices/gemini-extractor.service.ts
View File

@@ -120,7 +120,22 @@ export class GeminiExtractorService {
const cleanedJson = responseText.replace(/```json|```/g, '').trim();
const data = JSON.parse(cleanedJson);
return data.invoices || [];
// Get usage metadata for token tracking
const usage = result.response.usageMetadata || {
promptTokenCount: 0,
candidatesTokenCount: 0,
totalTokenCount: 0,
};
return {
invoices: data.invoices || [],
usage: {
promptTokens: usage.promptTokenCount,
completionTokens: usage.candidatesTokenCount,
totalTokens: usage.totalTokenCount,
},
};
} catch (error: any) {
this.logger.error(`AI Extraction failed: ${error.message}`);
throw new InternalServerErrorException('AI Extraction failed');

39
backend/src/modules/invoices/invoice.processor.ts
View File

@@ -63,15 +63,24 @@ export class InvoiceProcessor {
// 1. Update status to EXTRACTING
await this.invoiceRepository.update(invoiceId, { status: InvoiceStatus.EXTRACTING });
// 2. Extract data via Gemini (Now returns an array)
const invoicesData = await this.geminiExtractor.extractInvoiceData(filePath, storageRoot);
// 2. Extract data via Gemini (Now returns an object with invoices and usage)
const { invoices: invoicesData, usage } = await this.geminiExtractor.extractInvoiceData(filePath, storageRoot);
if (!invoicesData || invoicesData.length === 0) {
throw new Error('No invoices found in file');
}
// Calculate cost per invoice (pro-rated if multiple invoices in one file)
const costPerInvoice = this.calculateCost(usage) / invoicesData.length;
const promptTokensPerInvoice = Math.floor(usage.promptTokens / invoicesData.length);
const completionTokensPerInvoice = Math.floor(usage.completionTokens / invoicesData.length);
// 3. Process the first invoice (updates the current record)
await this.saveExtractedData(invoiceId, invoicesData[0]);
await this.saveExtractedData(invoiceId, invoicesData[0], {
promptTokens: promptTokensPerInvoice,
completionTokens: completionTokensPerInvoice,
totalCost: costPerInvoice,
});
// 4. If multiple invoices found, create new records for others
if (invoicesData.length > 1) {
@@ -85,7 +94,11 @@ export class InvoiceProcessor {
status: InvoiceStatus.EXTRACTING,
});
const savedNew = await this.invoiceRepository.save(newInvoice);
await this.saveExtractedData(savedNew.id, invoicesData[i]);
await this.saveExtractedData(savedNew.id, invoicesData[i], {
promptTokens: promptTokensPerInvoice,
completionTokens: completionTokensPerInvoice,
totalCost: costPerInvoice,
});
}
}
@@ -98,11 +111,23 @@ export class InvoiceProcessor {
}
}
/**
* حساب تكلفة استخدام Gemini بناءً على التسعيرة الحالية
*/
private calculateCost(usage: any): number {
// Gemini 1.5 Flash Pricing (as of late 2024):
// Prompt: $0.075 / 1M tokens
// Completion: $0.30 / 1M tokens
const promptCost = (usage.promptTokens / 1000000) * 0.075;
const completionCost = (usage.completionTokens / 1000000) * 0.30;
return promptCost + completionCost;
}
/**
* حفظ البيانات المستخرجة في قاعدة البيانات
* Save the JSON data extracted by AI into the SQL database
*/
private async saveExtractedData(invoiceId: string, data: any) {
private async saveExtractedData(invoiceId: string, data: any, usage?: any) {
const queryRunner = this.dataSource.createQueryRunner();
await queryRunner.connect();
await queryRunner.startTransaction();
@@ -127,6 +152,10 @@ export class InvoiceProcessor {
grand_total: data.grand_total,
currency_code: data.currency_code || 'JOD',
status: InvoiceStatus.EXTRACTED,
// Save AI Usage Metadata
ai_prompt_tokens: usage?.promptTokens || 0,
ai_completion_tokens: usage?.completionTokens || 0,
ai_total_cost: usage?.totalCost || 0,
});
// 2. Clear old lines if any (shouldn't happen on first extract)

10
backend/src/modules/users/user.service.ts
View File

@@ -86,6 +86,14 @@ export class UsersService {
}
Object.assign(user, dto);
return this.userRepository.save(user);
try {
return await this.userRepository.save(user);
} catch (error: any) {
if (error.code === '23505') { // Postgres unique violation code
throw new ConflictException('البريد الإلكتروني مسجل مسبقاً لمستخدم آخر');
}
throw error;
}
}
}

2
frontend/src/App.tsx
View File

@@ -10,6 +10,7 @@ import { CompaniesPage } from './pages/companies/CompaniesPage';
import { StaffPage } from './pages/staff/StaffPage';
import { SettingsPage } from './pages/settings/SettingsPage';
import { MultiEntityDashboard } from './pages/dashboard/MultiEntityDashboard';
import { RiskMonitorPage } from './pages/dashboard/RiskMonitorPage';
import { TrojanHorseConverter } from './pages/Public/TrojanHorseConverter';
@@ -33,6 +34,7 @@ export default function App() {
<Route index element={<Navigate to="/dashboard" replace />} />
<Route path="dashboard" element={<DashboardPage />} />
<Route path="elite-dashboard" element={<MultiEntityDashboard />} />
<Route path="risk-monitor" element={<RiskMonitorPage />} />
<Route path="invoices" element={<InvoicesPage />} />
<Route path="companies" element={<CompaniesPage />} />
<Route path="staff" element={<StaffPage />} />

4
frontend/src/components/layout/Sidebar.tsx
View File

@@ -12,13 +12,15 @@ import {
Users,
Settings,
LogOut,
Crown
Crown,
AlertTriangle
} from 'lucide-react';
import { useAuthStore } from '../../store/authStore';
const menuItems = [
{ icon: LayoutDashboard, label: 'الرئيسية', path: '/dashboard' },
{ icon: Crown, label: 'المركز الضريبي الموحد', path: '/elite-dashboard' },
{ icon: AlertTriangle, label: 'مراقبة المخاطر', path: '/risk-monitor' },
{ icon: FileText, label: 'الفواتير', path: '/invoices' },
{ icon: Building2, label: 'الشركات', path: '/companies' },
{ icon: Users, label: 'الموظفون', path: '/staff' },

54
frontend/src/pages/dashboard/MultiEntityDashboard.tsx
View File

@@ -11,6 +11,10 @@ interface CompanyStats {
totalTax: number;
failedCount: number;
riskScore: number;
aiStats: {
totalTokens: number;
totalCost: number;
};
}
const getRiskStatus = (score: number) => {
@@ -62,6 +66,31 @@ const RiskGauge = ({ score }: { score: number }) => {
);
};
const Cpu = ({ className }: { className?: string }) => (
<svg
xmlns="http://www.w3.org/2000/svg"
width="24" height="24"
viewBox="0 0 24 24"
fill="none"
stroke="currentColor"
strokeWidth="2"
strokeLinecap="round"
strokeLinejoin="round"
className={className}
>
<rect x="4" y="4" width="16" height="16" rx="2" ry="2"/>
<rect x="9" y="9" width="6" height="6"/>
<line x1="9" y1="1" x2="9" y2="4"/>
<line x1="15" y1="1" x2="15" y2="4"/>
<line x1="9" y1="20" x2="9" y2="23"/>
<line x1="15" y1="20" x2="15" y2="23"/>
<line x1="20" y1="9" x2="23" y2="9"/>
<line x1="20" y1="15" x2="23" y2="15"/>
<line x1="1" y1="9" x2="4" y2="9"/>
<line x1="1" y1="15" x2="4" y2="15"/>
</svg>
);
export const MultiEntityDashboard = () => {
const [companies, setCompanies] = useState<CompanyStats[]>([]);
const [isLoading, setIsLoading] = useState(true);
@@ -158,6 +187,14 @@ export const MultiEntityDashboard = () => {
key={company.id}
className="card-premium p-6 relative overflow-hidden group"
>
{/* AI Usage Badge */}
<div className="absolute top-0 right-0 p-2">
<div className="flex items-center gap-1 bg-slate-100 dark:bg-slate-800 px-2 py-1 rounded-md text-[10px] font-bold text-slate-500 dark:text-slate-400 border border-slate-200 dark:border-slate-700">
<Cpu className="w-3 h-3 text-purple-400" />
<span>{company.aiStats?.totalTokens > 1000 ? `${(company.aiStats.totalTokens / 1000).toFixed(1)}k` : company.aiStats?.totalTokens || 0} tokens</span>
</div>
</div>
{/* Ambient glow */}
<div className={`absolute -inset-20 opacity-0 group-hover:opacity-10 blur-3xl transition-opacity duration-500 rounded-full
${status === 'High' ? 'bg-red-500' : status === 'Medium' ? 'bg-orange-500' : 'bg-emerald-500'}
@@ -197,11 +234,18 @@ export const MultiEntityDashboard = () => {
<div className="pt-4 border-t border-slate-100 dark:border-slate-800/50">
<div className="flex justify-between items-center mb-2">
<p className="text-sm text-slate-600 dark:text-slate-300">{company.totalInvoices} فاتورة</p>
{company.failedCount > 0 && (
<span className="text-xs text-red-400 flex items-center gap-1">
<AlertTriangle className="w-3 h-3" /> {company.failedCount} مرفوضة
</span>
)}
<div className="flex items-center gap-2">
{company.aiStats?.totalCost > 0 && (
<span className="text-[10px] font-black text-purple-400 bg-purple-500/10 px-2 py-0.5 rounded border border-purple-500/20">
${company.aiStats.totalCost.toFixed(3)}
</span>
)}
{company.failedCount > 0 && (
<span className="text-xs text-red-400 flex items-center gap-1">
<AlertTriangle className="w-3 h-3" /> {company.failedCount} مرفوضة
</span>
)}
</div>
</div>
{/* Progress Bar */}

209
frontend/src/pages/dashboard/RiskMonitorPage.tsx Normal file
View File

@@ -0,0 +1,209 @@
import { useState, useEffect } from 'react';
import {
AlertTriangle,
ShieldAlert,
FileWarning,
ChevronRight,
Search,
Filter,
Loader2,
Building2,
Calendar,
ArrowRight
} from 'lucide-react';
import { motion, AnimatePresence } from 'framer-motion';
import apiClient from '../../api/client';
import { Link } from 'react-router-dom';
interface RiskInvoice {
id: string;
invoice_number: string;
invoice_date: string;
status: string;
validation_errors: string[];
grand_total: number;
company: {
name: string;
};
updated_at: string;
}
export const RiskMonitorPage = () => {
const [invoices, setInvoices] = useState<RiskInvoice[]>([]);
const [isLoading, setIsLoading] = useState(true);
const [searchTerm, setSearchTerm] = useState('');
useEffect(() => {
const fetchRisks = async () => {
try {
const { data } = await apiClient.get('/dashboard/risk-invoices');
setInvoices(data);
} catch (err) {
console.error('Failed to fetch risk invoices', err);
} finally {
setIsLoading(false);
}
};
fetchRisks();
}, []);
const filteredInvoices = invoices.filter(inv =>
inv.invoice_number?.toLowerCase().includes(searchTerm.toLowerCase()) ||
inv.company?.name.toLowerCase().includes(searchTerm.toLowerCase())
);
if (isLoading) {
return (
<div className="flex-1 flex flex-col justify-center items-center py-32">
<Loader2 className="w-12 h-12 text-emerald-400 animate-spin mb-4" />
<p className="text-slate-400">جاري تحليل المخاطر الضريبية...</p>
</div>
);
}
return (
<div className="space-y-10 animate-in fade-in duration-700">
{/* Header Section */}
<header className="relative p-10 rounded-[2.5rem] bg-slate-900 border border-slate-800 overflow-hidden">
<div className="absolute top-0 right-0 w-1/3 h-full bg-gradient-to-l from-red-500/10 to-transparent pointer-events-none" />
<div className="relative z-10">
<div className="flex items-center gap-4 mb-6">
<div className="w-14 h-14 rounded-2xl bg-red-500/20 flex items-center justify-center border border-red-500/30">
<ShieldAlert className="w-8 h-8 text-red-500" />
</div>
<div>
<h1 className="text-4xl font-black text-white">مراقبة المخاطر</h1>
<p className="text-slate-400 mt-1 font-medium italic">Risk & Anomaly Monitoring Center</p>
</div>
</div>
<div className="grid grid-cols-1 md:grid-cols-3 gap-6 mt-10">
<div className="bg-slate-800/40 p-6 rounded-3xl border border-slate-700/50">
<p className="text-slate-500 text-sm font-bold uppercase tracking-widest mb-2">إجمالي المخاطر</p>
<p className="text-4xl font-black text-white">{invoices.length}</p>
<div className="h-1 w-full bg-red-500/20 rounded-full mt-4">
<div className="h-full bg-red-500 rounded-full" style={{ width: '100%' }} />
</div>
</div>
<div className="bg-slate-800/40 p-6 rounded-3xl border border-slate-700/50">
<p className="text-slate-500 text-sm font-bold uppercase tracking-widest mb-2">فشل التحقق (Validation)</p>
<p className="text-4xl font-black text-white">
{invoices.filter(i => i.status === 'validation_failed').length}
</p>
<div className="h-1 w-full bg-orange-500/20 rounded-full mt-4">
<div className="h-full bg-orange-500 rounded-full" style={{ width: '60%' }} />
</div>
</div>
<div className="bg-slate-800/40 p-6 rounded-3xl border border-slate-700/50">
<p className="text-slate-500 text-sm font-bold uppercase tracking-widest mb-2">مرفوضة من JoFotara</p>
<p className="text-4xl font-black text-white">
{invoices.filter(i => i.status === 'rejected').length}
</p>
<div className="h-1 w-full bg-slate-700 rounded-full mt-4">
<div className="h-full bg-slate-500 rounded-full" style={{ width: '20%' }} />
</div>
</div>
</div>
</div>
</header>
{/* Main Content Card */}
<div className="bg-slate-900/50 border border-slate-800 rounded-[2.5rem] overflow-hidden backdrop-blur-xl">
<div className="p-8 border-b border-slate-800 flex flex-col md:flex-row justify-between items-center gap-6">
<div className="relative w-full md:w-96">
<Search className="absolute left-4 top-1/2 -translate-y-1/2 w-5 h-5 text-slate-500" />
<input
type="text"
placeholder="البحث عن شركة أو رقم فاتورة..."
className="w-full bg-slate-800/50 border border-slate-700 rounded-2xl py-3 pl-12 pr-6 text-white placeholder-slate-500 focus:outline-none focus:ring-2 focus:ring-red-500/50 transition-all font-medium"
value={searchTerm}
onChange={(e) => setSearchTerm(e.target.value)}
/>
</div>
<div className="flex gap-4">
<button className="px-6 py-3 bg-slate-800 text-slate-300 rounded-2xl border border-slate-700 flex items-center gap-2 hover:bg-slate-700 transition-all font-bold">
<Filter className="w-5 h-5" /> تصفية النتائج
</button>
</div>
</div>
<div className="overflow-x-auto">
<table className="w-full">
<thead>
<tr className="text-right border-b border-slate-800">
<th className="px-8 py-6 text-slate-500 font-bold uppercase tracking-tighter text-xs">الشركة والفاتورة</th>
<th className="px-8 py-6 text-slate-500 font-bold uppercase tracking-tighter text-xs">نوع الخطر</th>
<th className="px-8 py-6 text-slate-500 font-bold uppercase tracking-tighter text-xs">التاريخ والقيمة</th>
<th className="px-8 py-6 text-slate-500 font-bold uppercase tracking-tighter text-xs text-left">الإجراء</th>
</tr>
</thead>
<tbody>
<AnimatePresence>
{filteredInvoices.map((inv, index) => (
<motion.tr
key={inv.id}
initial={{ opacity: 0 }}
animate={{ opacity: 1 }}
transition={{ delay: index * 0.05 }}
className="border-b border-slate-800/50 hover:bg-slate-800/20 transition-colors group"
>
<td className="px-8 py-6">
<div className="flex items-center gap-4">
<div className="w-12 h-12 rounded-xl bg-slate-800 flex items-center justify-center border border-slate-700">
<Building2 className="w-6 h-6 text-slate-400" />
</div>
<div>
<p className="text-white font-black">{inv.company?.name}</p>
<p className="text-slate-500 text-sm font-bold">#{inv.invoice_number || 'بدون رقم'}</p>
</div>
</div>
</td>
<td className="px-8 py-6">
<div className="space-y-2">
<div className={`inline-flex items-center gap-2 px-3 py-1 rounded-full text-[10px] font-black uppercase tracking-widest ${
inv.status === 'validation_failed' ? 'bg-orange-500/10 text-orange-500 border border-orange-500/20' : 'bg-red-500/10 text-red-500 border border-red-500/20'
}`}>
<AlertTriangle className="w-3 h-3" />
{inv.status === 'validation_failed' ? 'فشل المطابقة' : 'مرفوضة ضريبياً'}
</div>
{inv.validation_errors && inv.validation_errors.length > 0 && (
<p className="text-xs text-slate-400 max-w-xs line-clamp-1 italic">
{inv.validation_errors[0]}
</p>
)}
</div>
</td>
<td className="px-8 py-6">
<div className="flex flex-col">
<span className="text-white font-black">{Number(inv.grand_total).toFixed(3)} JOD</span>
<span className="text-slate-500 text-xs flex items-center gap-1 font-bold">
<Calendar className="w-3 h-3" /> {new Date(inv.invoice_date).toLocaleDateString('ar-JO')}
</span>
</div>
</td>
<td className="px-8 py-6 text-left">
<Link
to={`/invoices`}
className="inline-flex items-center gap-2 text-emerald-500 font-black hover:text-emerald-400 transition-colors group/btn"
>
<span>مراجعة وتعديل</span>
<ArrowRight className="w-4 h-4 transform group-hover/btn:translate-x-1 transition-transform" />
</Link>
</td>
</motion.tr>
))}
</AnimatePresence>
</tbody>
</table>
{filteredInvoices.length === 0 && (
<div className="py-20 text-center">
<FileWarning className="w-16 h-16 text-slate-700 mx-auto mb-4" />
<p className="text-slate-500 font-bold">لا توجد مخاطر مكتشفة حالياً في هذا النطاق.</p>
</div>
)}
</div>
</div>
</div>
);
};