pplate/cannamanage
1
0
Fork 0
Code Issues 9 Pull Requests Actions Packages Projects Releases Wiki Activity
Page: Home
Pages
01 Charter 02 UserStories 03 Architecture 04 Flowcharts 05 API 06 Wireframes 07 CodingStandards 08 TestPlan 09 Deployment 10 Retrospective 11 Features CannaManage 01 Charter CannaManage 02 UserStories CannaManage 03 Architecture CannaManage 04 Flowcharts CannaManage 05 API CannaManage 06 Wireframes CannaManage 07 CodingStandards CannaManage 08 TestPlan CannaManage 09 Deployment CannaManage 10 Retrospective CannaManage 11 Features CannaManage Home Charter Home
Clone
6
Home
Patrick Plate edited this page 2026-06-19 16:43:56 +02:00
Unescape Escape
Table of Contents
This file contains ambiguous Unicode characters
This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

🌿 CannaManage

Multi-tenant compliance platform for German Cannabis Social Clubs (Anbauvereinigungen)

Status: Sprint 14 Complete | Stack: Java 21 + Spring Boot 4.0.6 + Next.js 15 | Tests: 500+ automated tests | Legal: CanG §19 compliant | Live: cannamanage.plate-software.de

🚀 Sprint History

Sprint Theme Key Deliverables
1 — Domain Foundation Backend core 8 JPA entities, ComplianceService (CanG §19), Flyway V1
2 — REST API API layer 5 controllers, JWT auth, Spring Security 7, OpenAPI
3 — Staff & Portal Auth & reports Staff permissions (JSONB), token revocation, PDF/CSV reports, member portal
4 — Frontend MVP UI foundation Next.js 15, React 19, admin dashboard + member portal, shadcn/ui, i18n (de/en)
5 — API Integration Full-stack wiring React Query, Docker Compose full-stack, Staff CRUD, system tests
6 — Production Readiness Launch features DSGVO consent, Stripe (SEPA/PayPal/Card), audit log, grow calendar, notifications, PWA
7 — Communication Community Info Board, Club Events Calendar, Club-Internal Forum, Notification system
8 — Vereinsverwaltung Club governance Club Treasury, General Assembly (votes), Document Archive, Board Management
9 — Berichtszentrale Reporting Report Center with authority-ready exports, generated compliance reports
10 — Smart Payment Import Finance automation Bank statement import (MT940/CAMT053/CSV), auto-matching for member payments
11 — Test Coverage Quality JaCoCo 80% target, ~250 new tests, Testcontainers, coverage gates
12 — Golden Test Standard Polish Documents page integration, UX improvements, integration test hardening
13 — Production Hardening Security & CI Security fixes, CI/CD quality gates, repo cleanup, Gitea Actions
14 — Marketing & Monetization Growth Landing page, login redesign, pricing page, storage quotas

📋 Documentation

# Document Description
01 Project Charter Vision, scope, legal framework (CanG), risk register
02 User Stories 60+ stories with MoSCoW priorities + acceptance criteria
03 Architecture System diagram, ERD (57 entities), multi-tenancy, dual SecurityFilterChain
04 Flow Charts Business logic flows: distribution, recall, compliance check
05 API Spec REST API: 33 controllers, JWT + session auth, role-based access
06 Wireframes & Mockups UI mockups for admin dashboard, distribution, quota views
07 Coding Standards Java 21 standards, compliance patterns, Git strategy
08 Test Plan Test strategy, 500+ automated tests, JaCoCo 80% target
09 Deployment Guide TrueNAS Docker, Gitea Actions CI/CD, Nginx reverse proxy
10 Retrospective Sprint retrospectives and decisions log (sprints 114)
11 Features Comprehensive feature catalog by navigation group

🏗️ Tech Stack

Layer Technology
Language Java 21 (Temurin)
Framework Spring Boot 4.0.6
Security Spring Security 7.0 + JWT (stateless) + Session (portal) · JJWT 0.12.6
ORM Hibernate 7 / JPA
Database PostgreSQL 16 (prod) · Testcontainers (integration tests)
Migrations Flyway 10 (V1V36)
Multi-tenancy Hibernate @Filter + TenantFilterAspect (AOP)
PDF Generation OpenPDF (iText fork — LGPL, no license cost)
Payments Stripe (SEPA, PayPal, Credit Card)
Caching Caffeine (in-memory token revocation cache)
Email Spring Mail (SMTP — notifications, invites)
Testing (Backend) JUnit 5 + Mockito + Testcontainers + JaCoCo (80% gate)
Frontend Next.js 15 + React 19 + TypeScript
UI Components shadcn/ui (Radix primitives) + Tailwind CSS 4
Data Fetching @tanstack/react-query (stale-while-revalidate)
Charts Recharts
Tables TanStack Table v8
Frontend Auth NextAuth v5 (Auth.js)
Frontend i18n next-intl (de/en)
Frontend Testing Vitest + MSW (unit) · Playwright (E2E + system)
Container Stack Docker Compose (backend + frontend + PostgreSQL + Nginx)
API Docs SpringDoc OpenAPI 2.8.6 · Swagger UI
Build Maven multi-module (backend) · pnpm (frontend)
CI/CD Gitea Actions (PostgreSQL 16 service container)
Hosting TrueNAS Docker → https://cannamanage.plate-software.de

📦 Module Layout

cannamanage/
├── cannamanage-domain/      → 57 JPA entities, 30+ enums, TenantContext
├── cannamanage-service/     → 40+ services, repositories, business logic
├── cannamanage-api/         → Spring Boot app, 33 controllers, security config, DTOs, 36 Flyway migrations
├── cannamanage-frontend/    → Next.js 15 app, 18 dashboard sections + portal + marketing
├── deploy/                  → Production Docker configs, Nginx, deploy scripts
└── docs/                    → Sprint plans, security reviews, design docs

🔒 Security Model

  • Dual SecurityFilterChain — JWT chain for admin/staff API + session-based chain for member portal
  • Roles: ADMIN (full access) · STAFF (configurable permissions) · MEMBER (self-service portal) · PREVENTION_OFFICER (under-21 reports)
  • Staff permissions: 8 granular permissions stored as JSONB, enforced via @StaffPermissionChecker
  • Token revocation: Caffeine in-memory cache with DB backing (revoked_tokens table), automatic cleanup scheduler
  • Multi-tenant isolation: Hibernate @Filter activated per-request via AOP
  • Token rotation: refresh tokens SHA-256 hashed, rotated on each use
  • DSGVO compliance: Full consent management, data export, right-to-erasure via schema drop
  • Audit logging: Immutable audit trail for all compliance-relevant actions
  • Frontend auth: NextAuth v5 with CredentialsProvider → backend JWT (server-side only)

📊 Quick Facts

Metric Value
Target Market 5003,000 German Anbauvereinigungen
Legal Basis Konsumcannabisgesetz (CanG) §§2, 1526
Revenue Model B2B SaaS subscription (Stripe)
Entities 57 (Members, Distributions, Stock, Grow, Finance, Assemblies, Documents, Forum, Events, Reports, Compliance, …)
API Endpoints 100+ across 33 controllers
Flyway Migrations V1V36
Frontend Sections 18 dashboard + portal + marketing
Test Coverage 500+ automated tests (unit + integration + E2E + system)
JaCoCo Target 80% line coverage
Frontend Pages 25+ routes (dashboard, portal, marketing)
Security Scan SAST + SCA clean (Snyk Code, SonarQube)
Deployment TrueNAS Docker → cannamanage.plate-software.de
CI/CD Gitea Actions with PostgreSQL service container

🖥️ Frontend Navigation

Admin Dashboard (18 sections)

Group Sections
Betrieb (Operations) Dashboard, Mitglieder, Ausgabe, Lager, Anbau
Kommunikation (Communication) Schwarzes Brett, Kalender, Forum
Verwaltung (Administration) Finanzen (Übersicht + Import), Versammlungen, Dokumente, Vorstand, Personal
Compliance Compliance-Status, Berichtszentrale, Protokoll, Berichte

Member Portal

  • Self-service dashboard with quota visualization
  • Distribution history
  • Profile management
  • Event RSVP

Marketing (Public)

  • Landing page with feature showcase
  • Pricing page with tier comparison
  • Login / registration

🌿 CannaManage

📋 Planning

🏗️ Architecture

🎨 Design

💻 Development

🌟 Product

📊 Sprint Status

Sprint Theme Status
1 Domain Foundation
2 REST API
3 Staff & Portal
4 Frontend MVP
5 API Integration
6 Production Readiness
7 Communication
8 Vereinsverwaltung
9 Berichtszentrale
10 Payment Import
11 Test Coverage
12 Golden Tests
13 Prod Hardening
14 Marketing

📈 Metrics

Metric Value
Entities 57
Controllers 33
Migrations V1V36
Tests 500+
Coverage 80%