diff --git a/01 Projects/oliver-sales-ops-platform/Oliver Sales Ops Platform.md b/01 Projects/oliver-sales-ops-platform/Oliver Sales Ops Platform.md index 16eb777..2de8cc9 100644 --- a/01 Projects/oliver-sales-ops-platform/Oliver Sales Ops Platform.md +++ b/01 Projects/oliver-sales-ops-platform/Oliver Sales Ops Platform.md @@ -24,6 +24,10 @@ created: 2026-04-28 - **Local path:** `/Volumes/SSD/Projects/Oliver/oliver-sales-ops-platform` ## Sessions +### 2026-04-28 – How should SSO access control be +**Asked:** How should SSO access control be implemented — separate Azure environment or backend allowlist via allowed_users.yaml? +**Done:** Configured SSO with backend-based user allowlist validation; pushed initial commit and set redirect URI to https://optical-dev.oliver.solutions/oliver-sales-ops-platform/ + ### 2026-04-28 – How should SSO user restriction be **Asked:** How should SSO user restriction be implemented — separate Azure environment or backend alloweduser.yaml file with email checks? **Done:** Confirmed redirect URI is correctly configured in MSAL; instructed to add https://optical-dev.oliver.solutions/oliver-sales-ops-platform/ to Azure AD app registration as SPA redirect URI. @@ -40,6 +44,7 @@ created: 2026-04-28 ## Change Log | Date | Requested | Changed | Files | |------|-----------|---------|-------| +| 2026-04-28 | SSO user allowlist | Added allowed_users.yaml validation, configured redirect URI, set DEV_AUTH_BYPASS flags | config/allowed_users.yaml, .env, deploy/deploy.sh | | 2026-04-28 | SSO configuration with user allowlist | redirectUri verification, Azure AD SPA redirect URI registration | MSAL config, app registration 9079054c-9620-4757-a256-23413042f1ef | | 2026-04-28 | SSO access control | Created allowlist service, added auth middleware with email verification, configured redirect URL | config/allowed_users.yaml, backend/app/services/allowlist.py, backend/app/middleware/auth.py | | 2026-04-28 | SSO user restrictions | AuthProvider logic review, _upsert_app_user docstring update | AuthProvider.tsx, _upsert_app_user | diff --git a/01 Projects/sandbox-notebookllamalm-nextjs/Sandbox NotebookLM.md b/01 Projects/sandbox-notebookllamalm-nextjs/Sandbox NotebookLM.md index d5a48e1..f50ec41 100644 --- a/01 Projects/sandbox-notebookllamalm-nextjs/Sandbox NotebookLM.md +++ b/01 Projects/sandbox-notebookllamalm-nextjs/Sandbox NotebookLM.md @@ -83,6 +83,10 @@ docker compose logs frontend --tail=50 | 2026-03-15 | Pin python-pptx to 0.6.23 | ## Sessions +### 2026-04-28 – Asked | Done | Log +**Asked:** Asked | Done | Log +**Done:** --- | --- | --- + ### 2026-04-28 – Check why a document uploaded at **Asked:** Check why a document uploaded at 8am isn't processing in the notebook. **Done:** Fixed file path configuration issue (changed user path from `/Users/aimpress/` to `/Users/ai_leed/`) and created Tunnelblick package. @@ -206,6 +210,7 @@ docker compose logs frontend --tail=50 ## Change Log | Date | Requested | Changed | Files | |------|-----------|---------|-------| +| 2026-04-28 | Check why uploaded document isn't processing in notebook | Identified stuck task (notebook 181 in IN_PROGRESS since yesterday 16:09 UTC) and queued old PENDING tasks | Server logs | | 2026-04-28 | Document processing bug | File paths in config, Tunnelblick package creation | config file, Tunnelblick.tblk | | 2026-04-28 | VPN server diagnosis | Confirmed packet loss to 10.220.168.x, identified server down/port blocked/stale config as root causes | none | | 2026-04-28 | VPN troubleshooting | OpenVPN Connect configuration, socket protect() error diagnosis | None | diff --git a/99 Daily/2026-04-28.md b/99 Daily/2026-04-28.md index ac26164..bd14359 100644 --- a/99 Daily/2026-04-28.md +++ b/99 Daily/2026-04-28.md @@ -119,3 +119,9 @@ tags: [daily] - 19:28 | `sandbox-notebookllamalm-nextjs` - **Asked:** Check why a document uploaded at 8am isn't processing in the notebook. - **Done:** Fixed file path configuration issue (changed user path from `/Users/aimpress/` to `/Users/ai_leed/`) and created Tunnelblick package. +- 19:31 | `oliver-sales-ops-platform` + - **Asked:** How should SSO access control be implemented — separate Azure environment or backend allowlist via allowed_users.yaml? + - **Done:** Configured SSO with backend-based user allowlist validation; pushed initial commit and set redirect URI to https://optical-dev.oliver.solutions/oliver-sales-ops-platform/ +- 19:32 | `sandbox-notebookllamalm-nextjs` + - **Asked:** Asked | Done | Log + - **Done:** --- | --- | ---