# /home/Autopartes/pos/blueprints/config_bp.py """Config blueprint: tenant configuration, branches, theming.""" from flask import Blueprint, request, jsonify, g from middleware import require_auth, has_permission from tenant_db import get_tenant_conn config_bp = Blueprint('config', __name__, url_prefix='/pos/api/config') @config_bp.route('/branches', methods=['GET']) @require_auth() def list_branches(): conn = get_tenant_conn(g.tenant_id) cur = conn.cursor() cur.execute(""" SELECT id, name, address, phone, is_active, is_main, rfc, razon_social, regimen_fiscal, cp, direccion_fiscal, serie_cfdi, folio_inicio, folio_actual, email FROM branches ORDER BY id """) branches = [] for r in cur.fetchall(): branches.append({ 'id': r[0], 'name': r[1], 'address': r[2], 'phone': r[3], 'is_active': r[4], 'is_main': r[5], 'rfc': r[6], 'razon_social': r[7], 'regimen_fiscal': r[8], 'cp': r[9], 'direccion_fiscal': r[10], 'serie_cfdi': r[11], 'folio_inicio': r[12], 'folio_actual': r[13], 'email': r[14], }) cur.close() conn.close() return jsonify({'data': branches}) @config_bp.route('/branches/', methods=['GET']) @require_auth('config.view') def get_branch(branch_id): conn = get_tenant_conn(g.tenant_id) cur = conn.cursor() cur.execute(""" SELECT id, name, address, phone, is_active, is_main, rfc, razon_social, regimen_fiscal, cp, direccion_fiscal, serie_cfdi, folio_inicio, folio_actual, email FROM branches WHERE id = %s """, (branch_id,)) r = cur.fetchone() cur.close() conn.close() if not r: return jsonify({'error': 'Branch not found'}), 404 return jsonify({ 'id': r[0], 'name': r[1], 'address': r[2], 'phone': r[3], 'is_active': r[4], 'is_main': r[5], 'rfc': r[6], 'razon_social': r[7], 'regimen_fiscal': r[8], 'cp': r[9], 'direccion_fiscal': r[10], 'serie_cfdi': r[11], 'folio_inicio': r[12], 'folio_actual': r[13], 'email': r[14], }) @config_bp.route('/branches', methods=['POST']) @require_auth('config.edit') def create_branch(): data = request.get_json() or {} if not data.get('name'): return jsonify({'error': 'name required'}), 400 # Plan limit check from services.billing import check_limit, next_plan, PLANS, get_plan conn_chk = get_tenant_conn(g.tenant_id) cur_chk = conn_chk.cursor() cur_chk.execute("SELECT count(*) FROM branches WHERE is_active = true") current_branches = cur_chk.fetchone()[0] cur_chk.close() conn_chk.close() allowed, limit, current = check_limit(g.tenant_id, 'max_branches', current_branches) if not allowed: plan_key = get_plan(g.tenant_id) nxt = next_plan(plan_key) nxt_name = PLANS[nxt]['name'] if nxt else 'Enterprise' return jsonify({'error': f'Plan limit reached ({limit} branches). Upgrade to {nxt_name}.'}), 403 conn = get_tenant_conn(g.tenant_id) cur = conn.cursor() # If setting as main, clear any existing main if data.get('is_main'): cur.execute("UPDATE branches SET is_main = false WHERE is_main = true") cur.execute(""" INSERT INTO branches ( name, address, phone, is_main, rfc, razon_social, regimen_fiscal, cp, direccion_fiscal, serie_cfdi, folio_inicio, folio_actual, email ) VALUES (%s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s) RETURNING id """, ( data['name'], data.get('address'), data.get('phone'), bool(data.get('is_main')), data.get('rfc'), data.get('razon_social'), data.get('regimen_fiscal'), data.get('cp'), data.get('direccion_fiscal'), data.get('serie_cfdi'), data.get('folio_inicio'), data.get('folio_actual'), data.get('email'), )) branch_id = cur.fetchone()[0] conn.commit() cur.close() conn.close() return jsonify({'id': branch_id, 'message': 'Branch created'}), 201 @config_bp.route('/branches/', methods=['PUT']) @require_auth('config.edit') def update_branch(branch_id): data = request.get_json() or {} conn = get_tenant_conn(g.tenant_id) cur = conn.cursor() cur.execute("SELECT id FROM branches WHERE id = %s", (branch_id,)) if not cur.fetchone(): cur.close(); conn.close() return jsonify({'error': 'Branch not found'}), 404 # If setting as main, clear any existing main if data.get('is_main'): cur.execute("UPDATE branches SET is_main = false WHERE is_main = true AND id <> %s", (branch_id,)) updates = [] params = [] field_map = { 'name': 'name', 'address': 'address', 'phone': 'phone', 'is_active': 'is_active', 'is_main': 'is_main', 'rfc': 'rfc', 'razon_social': 'razon_social', 'regimen_fiscal': 'regimen_fiscal', 'cp': 'cp', 'direccion_fiscal': 'direccion_fiscal', 'serie_cfdi': 'serie_cfdi', 'folio_inicio': 'folio_inicio', 'folio_actual': 'folio_actual', 'email': 'email', } for json_key, col in field_map.items(): if json_key in data: updates.append(f"{col} = %s") params.append(data[json_key]) if not updates: cur.close(); conn.close() return jsonify({'error': 'Nothing to update'}), 400 params.append(branch_id) cur.execute(f"UPDATE branches SET {', '.join(updates)} WHERE id = %s", params) conn.commit() cur.close() conn.close() return jsonify({'ok': True, 'message': 'Branch updated'}) @config_bp.route('/employees', methods=['GET']) @require_auth('config.view') def list_employees(): conn = get_tenant_conn(g.tenant_id) cur = conn.cursor() cur.execute(""" SELECT e.id, e.name, e.email, e.phone, e.role, e.branch_id, b.name as branch_name, e.max_discount_pct, e.is_active FROM employees e LEFT JOIN branches b ON e.branch_id = b.id ORDER BY e.id """) employees = [] for r in cur.fetchall(): employees.append({ 'id': r[0], 'name': r[1], 'email': r[2], 'phone': r[3], 'role': r[4], 'branch_id': r[5], 'branch_name': r[6], 'max_discount_pct': float(r[7]) if r[7] else 0, 'is_active': r[8] }) cur.close() conn.close() return jsonify({'data': employees}) @config_bp.route('/employees', methods=['POST']) @require_auth('config.edit') def create_employee(): import bcrypt data = request.get_json() or {} required = ['name', 'role', 'pin'] for f in required: if not data.get(f): return jsonify({'error': f'{f} required'}), 400 # Plan limit check from services.billing import check_limit, next_plan, PLANS, get_plan conn_chk = get_tenant_conn(g.tenant_id) cur_chk = conn_chk.cursor() cur_chk.execute("SELECT count(*) FROM employees WHERE is_active = true") current_employees = cur_chk.fetchone()[0] cur_chk.close() conn_chk.close() allowed, limit, current = check_limit(g.tenant_id, 'max_employees', current_employees) if not allowed: plan_key = get_plan(g.tenant_id) nxt = next_plan(plan_key) nxt_name = PLANS[nxt]['name'] if nxt else 'Enterprise' return jsonify({'error': f'Plan limit reached ({limit} employees). Upgrade to {nxt_name}.'}), 403 valid_roles = ['admin', 'cashier', 'warehouse', 'accountant'] if data['role'] not in valid_roles: return jsonify({'error': f'role must be one of: {", ".join(valid_roles)}'}), 400 pin_hash = bcrypt.hashpw(data['pin'].encode(), bcrypt.gensalt()).decode() conn = get_tenant_conn(g.tenant_id) cur = conn.cursor() cur.execute(""" INSERT INTO employees (name, email, phone, pin, role, branch_id, max_discount_pct, is_active) VALUES (%s, %s, %s, %s, %s, %s, %s, true) RETURNING id """, (data['name'], data.get('email'), data.get('phone'), pin_hash, data['role'], data.get('branch_id'), data.get('max_discount_pct', 0))) emp_id = cur.fetchone()[0] # Set default permissions by role role_permissions = { 'admin': ['pos.sell', 'pos.discount', 'pos.cancel', 'pos.view_cost', 'inventory.view', 'inventory.create', 'inventory.edit', 'inventory.adjust', 'inventory.transfer', 'catalog.view', 'catalog.edit', 'customers.view', 'customers.create', 'customers.edit', 'customers.edit_credit', 'invoicing.view', 'invoicing.create', 'reports.view', 'reports.financial', 'config.view', 'config.edit', 'config.edit_prices'], 'cashier': ['pos.sell', 'pos.discount', 'pos.cancel', 'catalog.view', 'customers.view', 'customers.create'], 'warehouse': ['inventory.view', 'inventory.create', 'inventory.edit', 'inventory.adjust', 'inventory.transfer', 'catalog.view'], 'accountant': ['accounting.view', 'accounting.create', 'invoicing.view', 'invoicing.create', 'invoicing.cancel', 'reports.view', 'reports.financial', 'customers.view'], } for perm in role_permissions.get(data['role'], []): cur.execute( "INSERT INTO employee_permissions (employee_id, permission) VALUES (%s, %s) ON CONFLICT DO NOTHING", (emp_id, perm) ) from services.audit import log_action log_action(conn, 'EMPLOYEE_CREATE', 'employee', emp_id, new_value={'name': data['name'], 'role': data['role']}) conn.commit() cur.close() conn.close() return jsonify({'id': emp_id, 'message': 'Employee created'}), 201 @config_bp.route('/employees/', methods=['PUT']) @require_auth('config.edit') def update_employee(emp_id): """Update an existing employee's name, email, role, branch, discount, active status. If PIN is provided, it gets re-hashed. Otherwise PIN stays unchanged.""" import bcrypt data = request.get_json() or {} conn = get_tenant_conn(g.tenant_id) cur = conn.cursor() # Check employee exists cur.execute("SELECT id FROM employees WHERE id = %s", (emp_id,)) if not cur.fetchone(): cur.close(); conn.close() return jsonify({'error': 'Employee not found'}), 404 # Build SET clause dynamically — only update provided fields updates = [] params = [] field_map = { 'name': 'name', 'email': 'email', 'phone': 'phone', 'role': 'role', 'branch_id': 'branch_id', 'max_discount_pct': 'max_discount_pct', 'is_active': 'is_active', } for json_key, col in field_map.items(): if json_key in data: updates.append(f"{col} = %s") params.append(data[json_key]) # PIN update (only if provided and non-empty) if data.get('pin') and len(str(data['pin'])) >= 4: pin_hash = bcrypt.hashpw(str(data['pin']).encode(), bcrypt.gensalt()).decode() updates.append("pin = %s") params.append(pin_hash) updates.append("password_hash = %s") params.append(pin_hash) if not updates: cur.close(); conn.close() return jsonify({'error': 'Nothing to update'}), 400 params.append(emp_id) cur.execute(f"UPDATE employees SET {', '.join(updates)} WHERE id = %s", params) from services.audit import log_action log_action(conn, 'EMPLOYEE_UPDATE', 'employee', emp_id, new_value={k: v for k, v in data.items() if k != 'pin'}) conn.commit() cur.close() conn.close() return jsonify({'ok': True, 'message': 'Employee updated'}) @config_bp.route('/currency', methods=['GET']) @require_auth() def get_currency(): """Get currency config for this tenant.""" conn = get_tenant_conn(g.tenant_id) cur = conn.cursor() cur.execute("SELECT key, value FROM tenant_config WHERE key IN ('currency', 'exchange_rate_usd_mxn')") cfg = {} for row in cur.fetchall(): cfg[row[0]] = row[1] cur.close() conn.close() from config import DEFAULT_CURRENCY, EXCHANGE_RATE_USD_MXN return jsonify({ 'currency': cfg.get('currency', DEFAULT_CURRENCY), 'exchange_rate': float(cfg.get('exchange_rate_usd_mxn', str(EXCHANGE_RATE_USD_MXN))), 'currencies': { 'MXN': {'symbol': '$', 'name': 'Peso Mexicano'}, 'USD': {'symbol': 'US$', 'name': 'US Dollar'}, } }) @config_bp.route('/currency', methods=['PUT']) @require_auth('config.edit') def update_currency(): """Update currency config for this tenant.""" data = request.get_json() or {} currency = data.get('currency', 'MXN') rate = data.get('exchange_rate') if currency not in ('MXN', 'USD'): return jsonify({'error': 'currency must be MXN or USD'}), 400 if rate is not None: try: rate = float(rate) if rate <= 0: raise ValueError except (TypeError, ValueError): return jsonify({'error': 'exchange_rate must be a positive number'}), 400 conn = get_tenant_conn(g.tenant_id) cur = conn.cursor() cur.execute(""" INSERT INTO tenant_config (key, value) VALUES ('currency', %s) ON CONFLICT (key) DO UPDATE SET value = EXCLUDED.value """, (currency,)) if rate is not None: cur.execute(""" INSERT INTO tenant_config (key, value) VALUES ('exchange_rate_usd_mxn', %s) ON CONFLICT (key) DO UPDATE SET value = EXCLUDED.value """, (str(rate),)) conn.commit() cur.close() conn.close() # Invalidate cached exchange rate so next sale picks up the new value from services.currency import invalidate_rate_cache invalidate_rate_cache() return jsonify({'message': 'Currency config updated', 'currency': currency}) @config_bp.route('/business', methods=['GET']) @require_auth() def get_business(): """Read-only tenant business info from tenant_config.""" conn = get_tenant_conn(g.tenant_id) cur = conn.cursor() cur.execute("SELECT key, value FROM tenant_config WHERE key LIKE 'tenant_%'") cfg = {} for row in cur.fetchall(): cfg[row[0]] = row[1] cur.close() conn.close() return jsonify({ 'razon_social': cfg.get('tenant_razon_social', ''), 'nombre': cfg.get('tenant_nombre', cfg.get('tenant_razon_social', '')), 'rfc': cfg.get('tenant_rfc', ''), 'regimen_fiscal': cfg.get('tenant_regimen_fiscal', ''), 'direccion': cfg.get('tenant_direccion', ''), 'telefono': cfg.get('tenant_telefono', ''), 'email': cfg.get('tenant_email', ''), }) @config_bp.route('/business', methods=['PUT']) @require_auth('config.edit') def update_business(): """Save tenant business info to tenant_config.""" data = request.get_json() or {} field_map = { 'razon_social': 'tenant_razon_social', 'nombre': 'tenant_nombre', 'rfc': 'tenant_rfc', 'regimen_fiscal': 'tenant_regimen_fiscal', 'direccion': 'tenant_direccion', 'telefono': 'tenant_telefono', 'email': 'tenant_email', # Tax params 'tax_iva': 'tax_iva', 'tax_ieps': 'tax_ieps', 'invoice_serie': 'invoice_serie', 'invoice_folio': 'invoice_folio', 'default_currency': 'default_currency', 'default_payment_method': 'default_payment_method', } conn = get_tenant_conn(g.tenant_id) cur = conn.cursor() for field, key in field_map.items(): val = data.get(field) if val is not None: cur.execute(""" INSERT INTO tenant_config (key, value) VALUES (%s, %s) ON CONFLICT (key) DO UPDATE SET value = EXCLUDED.value """, (key, str(val).strip())) conn.commit() cur.close() conn.close() return jsonify({'ok': True}) @config_bp.route('/theme', methods=['GET']) @require_auth() def get_theme(): """Get current theme for this tenant. Returns CSS variables.""" # For v1, return a default theme. The design team will add more. return jsonify({ 'theme': 'default', 'variables': { '--color-primary': '#1a73e8', '--color-secondary': '#5f6368', '--color-accent': '#ff6b35', '--color-bg': '#ffffff', '--color-surface': '#f8f9fa', '--color-text': '#202124', '--color-border': '#dadce0', '--font-display': "'Sora', sans-serif", '--font-body': "'Plus Jakarta Sans', sans-serif", '--font-mono': "'JetBrains Mono', monospace", '--radius': '8px', } }) # ─── Billing / Subscription ────────────────────────── @config_bp.route('/billing', methods=['GET']) @require_auth() def get_billing(): """Get current plan, usage stats, and available plans.""" from services.billing import get_plan_details, PLANS, PLAN_ORDER plan = get_plan_details(g.tenant_id) # Get current usage counts conn = get_tenant_conn(g.tenant_id) cur = conn.cursor() cur.execute("SELECT count(*) FROM inventory WHERE is_active = true") products = cur.fetchone()[0] cur.execute("SELECT count(*) FROM employees WHERE is_active = true") employees = cur.fetchone()[0] cur.execute("SELECT count(*) FROM branches WHERE is_active = true") branches = cur.fetchone()[0] cur.close() conn.close() return jsonify({ 'current_plan': plan, 'usage': { 'products': products, 'employees': employees, 'branches': branches, }, 'plans': {k: {**v, 'key': k} for k, v in PLANS.items()}, 'plan_order': PLAN_ORDER, }) @config_bp.route('/billing/upgrade', methods=['POST']) @require_auth('config.edit') def upgrade_billing(): """Upgrade tenant plan.""" from services.billing import upgrade_plan data = request.get_json() or {} new_plan = data.get('plan') if not new_plan: return jsonify({'error': 'plan required'}), 400 result = upgrade_plan(g.tenant_id, new_plan) if 'error' in result: return jsonify(result), 400 return jsonify(result) # ─── Vehicle Compatibility Source ──────────────────── @config_bp.route('/vehicle-compat-source', methods=['GET']) @require_auth() def get_vehicle_compat_source(): """Get the configured vehicle compatibility source. Returns: {'source': 'tecdoc' | 'qwen' | 'both'} """ conn = get_tenant_conn(g.tenant_id) cur = conn.cursor() cur.execute("SELECT value FROM tenant_config WHERE key = 'vehicle_compat_source'") row = cur.fetchone() cur.close() conn.close() source = row[0] if row else 'both' if source not in ('tecdoc', 'qwen', 'both'): source = 'both' return jsonify({'source': source}) @config_bp.route('/vehicle-compat-source', methods=['PUT']) @require_auth('config.edit') def update_vehicle_compat_source(): """Set the vehicle compatibility source.""" data = request.get_json() or {} source = data.get('source', 'both') if source not in ('tecdoc', 'qwen', 'both'): return jsonify({'error': 'source must be tecdoc, qwen, or both'}), 400 conn = get_tenant_conn(g.tenant_id) cur = conn.cursor() cur.execute(""" INSERT INTO tenant_config (key, value) VALUES ('vehicle_compat_source', %s) ON CONFLICT (key) DO UPDATE SET value = EXCLUDED.value """, (source,)) conn.commit() cur.close() conn.close() return jsonify({'message': 'Vehicle compatibility source updated', 'source': source}) # ─── Allowed Part Brands ───────────────────────────────────────────────────── # Whitelist of part manufacturers shown in the allowed-brands selector _ALLOWED_PART_BRANDS = [ 'Luk', 'Motocraft', 'Euzcadi', 'Gates', 'Injetech', 'Bilstein', 'Monroe', 'Yokomitzu', 'Ecom', 'Lth', 'Dynamik', 'Wagner', 'Bosch', 'Brembo', 'Champion', 'Dorman', 'Kyb', 'Handkook', 'Tomco', 'Mann Filter', 'Total Parts', 'Kanadian', 'Pirelli', 'NGK', 'Moresa', 'Fritec', 'Acdelco', 'Dash4', 'Moog', 'SYD', 'FRAM', 'AUTOLITE' ] @config_bp.route('/available-brands', methods=['GET']) @require_auth() def get_available_brands(): """Return the whitelisted part manufacturer names. The master DB manufacturers/aftermarket_parts tables were removed with TecDoc, so we return the curated whitelist directly. """ brands = sorted({b.strip() for b in _ALLOWED_PART_BRANDS if b and b.strip()}) return jsonify({'brands': brands}) @config_bp.route('/allowed-brands', methods=['GET']) @require_auth() def get_allowed_brands(): """Return the tenant's allowed part brands from tenant_config.""" import json conn = get_tenant_conn(g.tenant_id) cur = conn.cursor() cur.execute("SELECT value FROM tenant_config WHERE key = 'allowed_part_brands'") row = cur.fetchone() cur.close() conn.close() if row and row[0]: try: brands = json.loads(row[0]) if isinstance(brands, list): return jsonify({'brands': brands}) except (json.JSONDecodeError, ValueError): pass return jsonify({'brands': []}) @config_bp.route('/allowed-brands', methods=['PUT']) @require_auth('config.edit') def update_allowed_brands(): """Save the tenant's allowed part brands to tenant_config.""" import json data = request.get_json() or {} brands = data.get('brands', []) if not isinstance(brands, list): return jsonify({'error': 'brands must be an array'}), 400 conn = get_tenant_conn(g.tenant_id) cur = conn.cursor() cur.execute(""" INSERT INTO tenant_config (key, value) VALUES ('allowed_part_brands', %s) ON CONFLICT (key) DO UPDATE SET value = EXCLUDED.value """, (json.dumps(brands),)) conn.commit() cur.close() conn.close() return jsonify({'message': 'Allowed brands updated', 'brands': brands}) # ─── WhatsApp Configuration ──────────────────────────────────────────────── @config_bp.route('/whatsapp', methods=['GET']) @require_auth('config.view') def get_whatsapp_config(): """Get WhatsApp bridge configuration for this tenant.""" conn = get_tenant_conn(g.tenant_id) cur = conn.cursor() cur.execute("SELECT key, value FROM tenant_config WHERE key LIKE 'whatsapp_%'") rows = {row[0]: row[1] for row in cur.fetchall()} cur.close() conn.close() return jsonify({ 'bridge_url': rows.get('whatsapp_bridge_url', ''), 'bridge_key': rows.get('whatsapp_bridge_key', ''), 'enabled': rows.get('whatsapp_enabled', 'false').lower() == 'true', 'phone_number': rows.get('whatsapp_phone_number', ''), }) @config_bp.route('/whatsapp', methods=['PUT']) @require_auth('config.edit') def update_whatsapp_config(): """Update WhatsApp bridge configuration for this tenant.""" data = request.get_json() or {} conn = get_tenant_conn(g.tenant_id) cur = conn.cursor() settings = { 'whatsapp_bridge_url': data.get('bridge_url', ''), 'whatsapp_bridge_key': data.get('bridge_key', ''), 'whatsapp_enabled': 'true' if data.get('enabled') else 'false', 'whatsapp_phone_number': data.get('phone_number', ''), } for key, value in settings.items(): cur.execute(""" INSERT INTO tenant_config (key, value) VALUES (%s, %s) ON CONFLICT (key) DO UPDATE SET value = EXCLUDED.value """, (key, value)) conn.commit() cur.close() conn.close() return jsonify({'message': 'WhatsApp configuration updated'}) @config_bp.route('/modules', methods=['GET']) @require_auth('config.view') def get_modules(): """Get enabled modules for this tenant.""" conn = get_tenant_conn(g.tenant_id) cur = conn.cursor() cur.execute("SELECT key, value FROM tenant_config WHERE key LIKE 'module_%'") rows = {row[0]: row[1] for row in cur.fetchall()} cur.close() conn.close() def _bool(key): return rows.get(key, 'true').lower() == 'true' return jsonify({ 'whatsapp': _bool('module_whatsapp'), 'marketplace': _bool('module_marketplace'), 'meli': _bool('module_meli'), 'catalog': _bool('module_catalog'), }) @config_bp.route('/modules', methods=['PUT']) @require_auth('config.edit') def update_modules(): """Update enabled modules for this tenant.""" data = request.get_json() or {} conn = get_tenant_conn(g.tenant_id) cur = conn.cursor() settings = { 'module_whatsapp': 'true' if data.get('whatsapp') else 'false', 'module_marketplace': 'true' if data.get('marketplace') else 'false', 'module_meli': 'true' if data.get('meli') else 'false', 'module_catalog': 'true' if data.get('catalog') else 'false', } for key, value in settings.items(): cur.execute(""" INSERT INTO tenant_config (key, value) VALUES (%s, %s) ON CONFLICT (key) DO UPDATE SET value = EXCLUDED.value """, (key, value)) conn.commit() cur.close() conn.close() return jsonify({'message': 'Modules updated', 'modules': { 'whatsapp': data.get('whatsapp'), 'marketplace': data.get('marketplace'), 'meli': data.get('meli'), }}) @config_bp.route('/onboarding-status', methods=['GET']) @require_auth('pos.view') def get_onboarding_status(): """Check if tenant onboarding wizard has been completed.""" conn = get_tenant_conn(g.tenant_id) cur = conn.cursor() cur.execute("SELECT value FROM tenant_config WHERE key = 'onboarding_completed'") row = cur.fetchone() cur.close() conn.close() return jsonify({'completed': row[0] == 'true' if row else False}) @config_bp.route('/onboarding-status', methods=['POST']) @require_auth('pos.view') def set_onboarding_status(): """Mark tenant onboarding wizard as completed.""" data = request.get_json() or {} completed = 'true' if data.get('completed') else 'false' conn = get_tenant_conn(g.tenant_id) cur = conn.cursor() cur.execute(""" INSERT INTO tenant_config (key, value) VALUES (%s, %s) ON CONFLICT (key) DO UPDATE SET value = EXCLUDED.value """, ('onboarding_completed', completed)) conn.commit() cur.close() conn.close() return jsonify({'completed': completed == 'true'})