docs: sync from docs/wiki/ at commit 093bc6ea

2026-04-09 02:23:02 +00:00 · 2026-04-09 02:23:02 +00:00 · fe7ac7943a
commit fe7ac7943a
parent 26b3e61128
4 changed files with 71 additions and 25 deletions
--- a/Architecture.md
+++ b/Architecture.md
@ -29,8 +29,7 @@ TFTSR uses a Tauri 2.x architecture: a Rust backend runs natively, and a React/T
 pub struct AppState {
    pub db: Arc<Mutex<rusqlite::Connection>>,
    pub settings: Arc<Mutex<AppSettings>>,
-    pub app_data_dir: PathBuf,   // ~/.local/share/trcaa on Linux
+    pub app_data_dir: PathBuf,   // ~/.local/share/tftsr on Linux
    pub integration_webviews: Arc<Mutex<HashMap<String, String>>>,
 }
 ```
@ -47,10 +46,11 @@ All command handlers receive `State<'_, AppState>` as a Tauri-injected parameter
 | `commands/analysis.rs` | Log file upload, PII detection, redaction |
 | `commands/docs.rs` | RCA and post-mortem generation, document export |
 | `commands/system.rs` | Ollama management, hardware probe, settings, audit log |
-| `commands/integrations.rs` | Confluence / ServiceNow / ADO — OAuth2, WebView auth, tool calling |
+| `commands/image.rs` | Image attachment upload, list, delete, paste |
 | `commands/integrations.rs` | Confluence / ServiceNow / ADO — v0.2 stubs |
 | `ai/provider.rs` | `Provider` trait + `create_provider()` factory |
 | `pii/detector.rs` | Multi-pattern PII scanner with overlap resolution |
-| `db/migrations.rs` | Versioned schema (14 migrations tracked in `_migrations` table) |
+| `db/migrations.rs` | Versioned schema (12 migrations in `_migrations` table) |
 | `db/models.rs` | All DB types — see `IssueDetail` note below |
 | `docs/rca.rs` + `docs/postmortem.rs` | Markdown template builders |
 | `audit/log.rs` | `write_audit_event()` — called before every external send |
@ -75,6 +75,7 @@ src-tauri/src/
 │   ├── analysis.rs
 │   ├── docs.rs
 │   ├── system.rs
 │   ├── image.rs
 │   └── integrations.rs
 ├── pii/
 │   ├── patterns.rs
@ -179,30 +180,22 @@ Use `detail.issue.title`, **not** `detail.title`.
 ```
 1. Initialize tracing (RUST_LOG controls level)
-2. Determine data directory (state::get_app_data_dir() or TFTSR_DATA_DIR)
+2. Determine data directory (~/.local/share/tftsr or TFTSR_DATA_DIR)
-3. Auto-generate or load .dbkey / .enckey (mode 0600) — see ADR-005
+3. Open / create SQLite database (run migrations)
-4. Open / create SQLCipher encrypted database
+4. Create AppState (db + settings + app_data_dir)
-   - If plain SQLite detected (debug→release upgrade): auto-migrate + backup
+5. Register Tauri plugins (stronghold, dialog, fs, shell, http, cli, updater)
-5. Run DB migrations (14 schema versions)
+6. Register all 39 IPC command handlers
-6. Create AppState (db + settings + app_data_dir + integration_webviews)
+7. Start WebView with React app
 7. Register Tauri plugins (stronghold, dialog, fs, shell, http)
 8. Register all IPC command handlers via generate_handler![]
 9. Start WebView with React app
 ```
-## Architecture Documentation
+## Image Attachments
-Full architecture documentation with C4 diagrams, data flow diagrams, and Architecture Decision Records (ADRs) is available in [`docs/architecture/`](../architecture/README.md):
+The app supports uploading and managing image files (screenshots, diagrams) as attachments:
-| Document | Contents |
+1. **Upload** via `upload_image_attachmentCmd()` or `upload_paste_imageCmd()` (clipboard paste)
-|----------|----------|
+2. **PII detection** runs automatically on upload
-| [Architecture Overview](../architecture/README.md) | C4 diagrams, data flows, security model |
+3. **User approval** required before image is stored
-| [ADR-001](../architecture/adrs/ADR-001-tauri-desktop-framework.md) | Why Tauri over Electron |
+4. **Database storage** in `image_attachments` table with SHA-256 hash
 | [ADR-002](../architecture/adrs/ADR-002-sqlcipher-encrypted-database.md) | SQLCipher encryption choices |
 | [ADR-003](../architecture/adrs/ADR-003-provider-trait-pattern.md) | AI provider trait design |
 | [ADR-004](../architecture/adrs/ADR-004-pii-regex-aho-corasick.md) | PII detection implementation |
 | [ADR-005](../architecture/adrs/ADR-005-auto-generate-encryption-keys.md) | Key auto-generation design |
 | [ADR-006](../architecture/adrs/ADR-006-zustand-state-management.md) | Frontend state management |
 ## Data Flow
--- a/Database.md
+++ b/Database.md
@ -2,7 +2,7 @@
 ## Overview
-TFTSR uses **SQLite** via `rusqlite` with the `bundled-sqlcipher` feature for AES-256 encryption in production. 11 versioned migrations are tracked in the `_migrations` table.
+TFTSR uses **SQLite** via `rusqlite` with the `bundled-sqlcipher` feature for AES-256 encryption in production. 12 versioned migrations are tracked in the `_migrations` table.
 **DB file location:** `{app_data_dir}/tftsr.db`
@ -211,6 +211,29 @@ CREATE TABLE integration_config (
 );
 ```
 ### 012 — image_attachments (v0.2.7+)
 ```sql
 CREATE TABLE image_attachments (
    id TEXT PRIMARY KEY,
    issue_id TEXT NOT NULL REFERENCES issues(id) ON DELETE CASCADE,
    file_name TEXT NOT NULL,
    file_path TEXT NOT NULL DEFAULT '',
    file_size INTEGER NOT NULL DEFAULT 0,
    mime_type TEXT NOT NULL DEFAULT 'image/png',
    upload_hash TEXT NOT NULL DEFAULT '',
    uploaded_at TEXT NOT NULL DEFAULT (datetime('now')),
    pii_warning_acknowledged INTEGER NOT NULL DEFAULT 1,
    is_paste INTEGER NOT NULL DEFAULT 0
 );
 ```
 **Features:**
 - Image file metadata stored in database
 - `upload_hash`: SHA-256 hash of file content (for deduplication)
 - `pii_warning_acknowledged`: User confirmation that PII may be present
 - `is_paste`: Flag for screenshots copied from clipboard
 **Encryption:**
 - OAuth2 tokens encrypted with AES-256-GCM
 - Key derived from `TFTSR_DB_KEY` environment variable
--- a/Home.md
+++ b/Home.md
@ -32,12 +32,14 @@
 - **Ollama Management** — Hardware detection, model recommendations, in-app model management
 - **Audit Trail** — Every external data send logged with SHA-256 hash
 - **Domain-Specific Prompts** — 8 IT domains: Linux, Windows, Network, Kubernetes, Databases, Virtualization, Hardware, Observability
 - **Image Attachments** — Upload and manage image files with PII detection and mandatory user approval
 ## Releases
 | Version | Status | Highlights |
 |---------|--------|-----------|
 | v0.2.6 | 🚀 Latest | Custom REST AI gateway support, OAuth2 shell permissions, user ID tracking |
 | v0.2.5 | Released | Image attachments with PII detection and approval workflow |
 | v0.2.3 | Released | Confluence/ServiceNow/ADO REST API clients (19 TDD tests) |
 | v0.1.1 | Released | Core application with PII detection, RCA generation |
--- a/IPC-Commands.md
+++ b/IPC-Commands.md
@ -99,6 +99,34 @@ Rewrites file content with approved redactions. Records SHA-256 in audit log. Re
 ---
 ## Image Attachment Commands
 ### `upload_image_attachment`
 ```typescript
 uploadImageAttachmentCmd(issueId: string, filePath: string, piiWarningAcknowledged: boolean) → ImageAttachment
 ```
 Uploads an image file. Computes SHA-256, stores metadata in DB. Returns `ImageAttachment` record.
 ### `list_image_attachments`
 ```typescript
 listImageAttachmentsCmd(issueId: string) → ImageAttachment[]
 ```
 Lists all image attachments for an issue.
 ### `delete_image_attachment`
 ```typescript
 deleteImageAttachmentCmd(imageId: string) → void
 ```
 Deletes an image attachment from disk and database.
 ### `upload_paste_image`
 ```typescript
 uploadPasteImageCmd(issueId: string, base64Data: string, fileName: string, piiWarningAcknowledged: boolean) → ImageAttachment
 ```
 Uploads an image from clipboard paste (base64). Returns `ImageAttachment` record.
 ---
 ## AI Commands
 ### `analyze_logs`